1 /*
2 Copyright (c) 2005, 2012, Oracle and/or its affiliates
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; version 2 of the License.
7
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
12
13 You should have received a copy of the GNU General Public License
14 along with this program; see the file COPYING. If not, write to the
15 Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
16 MA 02110-1335 USA.
17 */
18
19 /* C++ based on Wei Dai's aes.cpp from CryptoPP */
20 /* x86 asm original */
21
22 #if defined(TAOCRYPT_KERNEL_MODE)
23 #define DO_TAOCRYPT_KERNEL_MODE
24 #endif // only some modules now support this
25
26 #include "runtime.hpp"
27 #include "aes.hpp"
28
29
30 namespace TaoCrypt {
31
32
33 #if defined(DO_AES_ASM)
34
35 // ia32 optimized version
Process(byte * out,const byte * in,word32 sz)36 void AES::Process(byte* out, const byte* in, word32 sz)
37 {
38 if (!isMMX) {
39 Mode_BASE::Process(out, in, sz);
40 return;
41 }
42
43 word32 blocks = sz / BLOCK_SIZE;
44
45 if (mode_ == ECB)
46 while (blocks--) {
47 if (dir_ == ENCRYPTION)
48 AsmEncrypt(in, out, (void*)Te0);
49 else
50 AsmDecrypt(in, out, (void*)Td0);
51 out += BLOCK_SIZE;
52 in += BLOCK_SIZE;
53 }
54 else if (mode_ == CBC) {
55 if (dir_ == ENCRYPTION) {
56 while (blocks--) {
57 r_[0] ^= *(word32*)in;
58 r_[1] ^= *(word32*)(in + 4);
59 r_[2] ^= *(word32*)(in + 8);
60 r_[3] ^= *(word32*)(in + 12);
61
62 AsmEncrypt((byte*)r_, (byte*)r_, (void*)Te0);
63
64 memcpy(out, r_, BLOCK_SIZE);
65 out += BLOCK_SIZE;
66 in += BLOCK_SIZE;
67 }
68 }
69 else {
70 while (blocks--) {
71 AsmDecrypt(in, out, (void*)Td0);
72
73 *(word32*)out ^= r_[0];
74 *(word32*)(out + 4) ^= r_[1];
75 *(word32*)(out + 8) ^= r_[2];
76 *(word32*)(out + 12) ^= r_[3];
77
78 memcpy(r_, in, BLOCK_SIZE);
79 out += BLOCK_SIZE;
80 in += BLOCK_SIZE;
81 }
82 }
83 }
84 }
85
86 #endif // DO_AES_ASM
87
88
SetKey(const byte * userKey,word32 keylen,CipherDir)89 void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
90 {
91 if (keylen <= 16)
92 keylen = 16;
93 else if (keylen >= 32)
94 keylen = 32;
95 else if (keylen != 24)
96 keylen = 24;
97
98 rounds_ = keylen/4 + 6;
99
100 word32 temp, *rk = key_;
101 unsigned int i=0;
102
103 GetUserKey(BigEndianOrder, rk, keylen/4, userKey, keylen);
104
105 switch(keylen)
106 {
107 case 16:
108 while (true)
109 {
110 temp = rk[3];
111 rk[4] = rk[0] ^
112 (Te2[GETBYTE(temp, 2)] & 0xff000000) ^
113 (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^
114 (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^
115 (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^
116 rcon_[i];
117 rk[5] = rk[1] ^ rk[4];
118 rk[6] = rk[2] ^ rk[5];
119 rk[7] = rk[3] ^ rk[6];
120 if (++i == 10)
121 break;
122 rk += 4;
123 }
124 break;
125
126 case 24:
127 while (true) // for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack
128 {
129 temp = rk[ 5];
130 rk[ 6] = rk[ 0] ^
131 (Te2[GETBYTE(temp, 2)] & 0xff000000) ^
132 (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^
133 (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^
134 (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^
135 rcon_[i];
136 rk[ 7] = rk[ 1] ^ rk[ 6];
137 rk[ 8] = rk[ 2] ^ rk[ 7];
138 rk[ 9] = rk[ 3] ^ rk[ 8];
139 if (++i == 8)
140 break;
141 rk[10] = rk[ 4] ^ rk[ 9];
142 rk[11] = rk[ 5] ^ rk[10];
143 rk += 6;
144 }
145 break;
146
147 case 32:
148 while (true)
149 {
150 temp = rk[ 7];
151 rk[ 8] = rk[ 0] ^
152 (Te2[GETBYTE(temp, 2)] & 0xff000000) ^
153 (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^
154 (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^
155 (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^
156 rcon_[i];
157 rk[ 9] = rk[ 1] ^ rk[ 8];
158 rk[10] = rk[ 2] ^ rk[ 9];
159 rk[11] = rk[ 3] ^ rk[10];
160 if (++i == 7)
161 break;
162 temp = rk[11];
163 rk[12] = rk[ 4] ^
164 (Te2[GETBYTE(temp, 3)] & 0xff000000) ^
165 (Te3[GETBYTE(temp, 2)] & 0x00ff0000) ^
166 (Te0[GETBYTE(temp, 1)] & 0x0000ff00) ^
167 (Te1[GETBYTE(temp, 0)] & 0x000000ff);
168 rk[13] = rk[ 5] ^ rk[12];
169 rk[14] = rk[ 6] ^ rk[13];
170 rk[15] = rk[ 7] ^ rk[14];
171
172 rk += 8;
173 }
174 break;
175 }
176
177 if (dir_ == DECRYPTION)
178 {
179 unsigned int i, j;
180 rk = key_;
181
182 /* invert the order of the round keys: */
183 for (i = 0, j = 4*rounds_; i < j; i += 4, j -= 4) {
184 temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
185 temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
186 temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
187 temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
188 }
189 // apply the inverse MixColumn transform to all round keys but the
190 // first and the last:
191 for (i = 1; i < rounds_; i++) {
192 rk += 4;
193 rk[0] =
194 Td0[Te1[GETBYTE(rk[0], 3)] & 0xff] ^
195 Td1[Te1[GETBYTE(rk[0], 2)] & 0xff] ^
196 Td2[Te1[GETBYTE(rk[0], 1)] & 0xff] ^
197 Td3[Te1[GETBYTE(rk[0], 0)] & 0xff];
198 rk[1] =
199 Td0[Te1[GETBYTE(rk[1], 3)] & 0xff] ^
200 Td1[Te1[GETBYTE(rk[1], 2)] & 0xff] ^
201 Td2[Te1[GETBYTE(rk[1], 1)] & 0xff] ^
202 Td3[Te1[GETBYTE(rk[1], 0)] & 0xff];
203 rk[2] =
204 Td0[Te1[GETBYTE(rk[2], 3)] & 0xff] ^
205 Td1[Te1[GETBYTE(rk[2], 2)] & 0xff] ^
206 Td2[Te1[GETBYTE(rk[2], 1)] & 0xff] ^
207 Td3[Te1[GETBYTE(rk[2], 0)] & 0xff];
208 rk[3] =
209 Td0[Te1[GETBYTE(rk[3], 3)] & 0xff] ^
210 Td1[Te1[GETBYTE(rk[3], 2)] & 0xff] ^
211 Td2[Te1[GETBYTE(rk[3], 1)] & 0xff] ^
212 Td3[Te1[GETBYTE(rk[3], 0)] & 0xff];
213 }
214 }
215 }
216
217
ProcessAndXorBlock(const byte * in,const byte * xOr,byte * out) const218 void AES::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out) const
219 {
220 if (dir_ == ENCRYPTION)
221 encrypt(in, xOr, out);
222 else
223 decrypt(in, xOr, out);
224 }
225
226
227 typedef BlockGetAndPut<word32, BigEndian> gpBlock;
228
229
encrypt(const byte * inBlock,const byte * xorBlock,byte * outBlock) const230 void AES::encrypt(const byte* inBlock, const byte* xorBlock,
231 byte* outBlock) const
232 {
233 word32 s0, s1, s2, s3;
234 word32 t0, t1, t2, t3;
235
236 const word32 *rk = key_;
237 /*
238 * map byte array block to cipher state
239 * and add initial round key:
240 */
241 gpBlock::Get(inBlock)(s0)(s1)(s2)(s3);
242 s0 ^= rk[0];
243 s1 ^= rk[1];
244 s2 ^= rk[2];
245 s3 ^= rk[3];
246
247 s0 |= PreFetchTe();
248 /*
249 * Nr - 1 full rounds:
250 */
251
252 unsigned int r = rounds_ >> 1;
253 for (;;) {
254 t0 =
255 Te0[GETBYTE(s0, 3)] ^
256 Te1[GETBYTE(s1, 2)] ^
257 Te2[GETBYTE(s2, 1)] ^
258 Te3[GETBYTE(s3, 0)] ^
259 rk[4];
260 t1 =
261 Te0[GETBYTE(s1, 3)] ^
262 Te1[GETBYTE(s2, 2)] ^
263 Te2[GETBYTE(s3, 1)] ^
264 Te3[GETBYTE(s0, 0)] ^
265 rk[5];
266 t2 =
267 Te0[GETBYTE(s2, 3)] ^
268 Te1[GETBYTE(s3, 2)] ^
269 Te2[GETBYTE(s0, 1)] ^
270 Te3[GETBYTE(s1, 0)] ^
271 rk[6];
272 t3 =
273 Te0[GETBYTE(s3, 3)] ^
274 Te1[GETBYTE(s0, 2)] ^
275 Te2[GETBYTE(s1, 1)] ^
276 Te3[GETBYTE(s2, 0)] ^
277 rk[7];
278
279 rk += 8;
280 if (--r == 0) {
281 break;
282 }
283
284 s0 =
285 Te0[GETBYTE(t0, 3)] ^
286 Te1[GETBYTE(t1, 2)] ^
287 Te2[GETBYTE(t2, 1)] ^
288 Te3[GETBYTE(t3, 0)] ^
289 rk[0];
290 s1 =
291 Te0[GETBYTE(t1, 3)] ^
292 Te1[GETBYTE(t2, 2)] ^
293 Te2[GETBYTE(t3, 1)] ^
294 Te3[GETBYTE(t0, 0)] ^
295 rk[1];
296 s2 =
297 Te0[GETBYTE(t2, 3)] ^
298 Te1[GETBYTE(t3, 2)] ^
299 Te2[GETBYTE(t0, 1)] ^
300 Te3[GETBYTE(t1, 0)] ^
301 rk[2];
302 s3 =
303 Te0[GETBYTE(t3, 3)] ^
304 Te1[GETBYTE(t0, 2)] ^
305 Te2[GETBYTE(t1, 1)] ^
306 Te3[GETBYTE(t2, 0)] ^
307 rk[3];
308 }
309
310 /*
311 * apply last round and
312 * map cipher state to byte array block:
313 */
314
315 s0 =
316 (Te2[GETBYTE(t0, 3)] & 0xff000000) ^
317 (Te3[GETBYTE(t1, 2)] & 0x00ff0000) ^
318 (Te0[GETBYTE(t2, 1)] & 0x0000ff00) ^
319 (Te1[GETBYTE(t3, 0)] & 0x000000ff) ^
320 rk[0];
321 s1 =
322 (Te2[GETBYTE(t1, 3)] & 0xff000000) ^
323 (Te3[GETBYTE(t2, 2)] & 0x00ff0000) ^
324 (Te0[GETBYTE(t3, 1)] & 0x0000ff00) ^
325 (Te1[GETBYTE(t0, 0)] & 0x000000ff) ^
326 rk[1];
327 s2 =
328 (Te2[GETBYTE(t2, 3)] & 0xff000000) ^
329 (Te3[GETBYTE(t3, 2)] & 0x00ff0000) ^
330 (Te0[GETBYTE(t0, 1)] & 0x0000ff00) ^
331 (Te1[GETBYTE(t1, 0)] & 0x000000ff) ^
332 rk[2];
333 s3 =
334 (Te2[GETBYTE(t3, 3)] & 0xff000000) ^
335 (Te3[GETBYTE(t0, 2)] & 0x00ff0000) ^
336 (Te0[GETBYTE(t1, 1)] & 0x0000ff00) ^
337 (Te1[GETBYTE(t2, 0)] & 0x000000ff) ^
338 rk[3];
339
340
341 gpBlock::Put(xorBlock, outBlock)(s0)(s1)(s2)(s3);
342 }
343
344
decrypt(const byte * inBlock,const byte * xorBlock,byte * outBlock) const345 void AES::decrypt(const byte* inBlock, const byte* xorBlock,
346 byte* outBlock) const
347 {
348 word32 s0, s1, s2, s3;
349 word32 t0, t1, t2, t3;
350 const word32* rk = key_;
351
352 /*
353 * map byte array block to cipher state
354 * and add initial round key:
355 */
356 gpBlock::Get(inBlock)(s0)(s1)(s2)(s3);
357 s0 ^= rk[0];
358 s1 ^= rk[1];
359 s2 ^= rk[2];
360 s3 ^= rk[3];
361
362 s0 |= PreFetchTd();
363
364 /*
365 * Nr - 1 full rounds:
366 */
367
368 unsigned int r = rounds_ >> 1;
369 for (;;) {
370 t0 =
371 Td0[GETBYTE(s0, 3)] ^
372 Td1[GETBYTE(s3, 2)] ^
373 Td2[GETBYTE(s2, 1)] ^
374 Td3[GETBYTE(s1, 0)] ^
375 rk[4];
376 t1 =
377 Td0[GETBYTE(s1, 3)] ^
378 Td1[GETBYTE(s0, 2)] ^
379 Td2[GETBYTE(s3, 1)] ^
380 Td3[GETBYTE(s2, 0)] ^
381 rk[5];
382 t2 =
383 Td0[GETBYTE(s2, 3)] ^
384 Td1[GETBYTE(s1, 2)] ^
385 Td2[GETBYTE(s0, 1)] ^
386 Td3[GETBYTE(s3, 0)] ^
387 rk[6];
388 t3 =
389 Td0[GETBYTE(s3, 3)] ^
390 Td1[GETBYTE(s2, 2)] ^
391 Td2[GETBYTE(s1, 1)] ^
392 Td3[GETBYTE(s0, 0)] ^
393 rk[7];
394
395 rk += 8;
396 if (--r == 0) {
397 break;
398 }
399
400 s0 =
401 Td0[GETBYTE(t0, 3)] ^
402 Td1[GETBYTE(t3, 2)] ^
403 Td2[GETBYTE(t2, 1)] ^
404 Td3[GETBYTE(t1, 0)] ^
405 rk[0];
406 s1 =
407 Td0[GETBYTE(t1, 3)] ^
408 Td1[GETBYTE(t0, 2)] ^
409 Td2[GETBYTE(t3, 1)] ^
410 Td3[GETBYTE(t2, 0)] ^
411 rk[1];
412 s2 =
413 Td0[GETBYTE(t2, 3)] ^
414 Td1[GETBYTE(t1, 2)] ^
415 Td2[GETBYTE(t0, 1)] ^
416 Td3[GETBYTE(t3, 0)] ^
417 rk[2];
418 s3 =
419 Td0[GETBYTE(t3, 3)] ^
420 Td1[GETBYTE(t2, 2)] ^
421 Td2[GETBYTE(t1, 1)] ^
422 Td3[GETBYTE(t0, 0)] ^
423 rk[3];
424 }
425 /*
426 * apply last round and
427 * map cipher state to byte array block:
428 */
429
430 t0 |= PreFetchCTd4();
431
432 s0 =
433 ((word32)CTd4[GETBYTE(t0, 3)] << 24) ^
434 ((word32)CTd4[GETBYTE(t3, 2)] << 16) ^
435 ((word32)CTd4[GETBYTE(t2, 1)] << 8) ^
436 ((word32)CTd4[GETBYTE(t1, 0)]) ^
437 rk[0];
438 s1 =
439 ((word32)CTd4[GETBYTE(t1, 3)] << 24) ^
440 ((word32)CTd4[GETBYTE(t0, 2)] << 16) ^
441 ((word32)CTd4[GETBYTE(t3, 1)] << 8) ^
442 ((word32)CTd4[GETBYTE(t2, 0)]) ^
443 rk[1];
444 s2 =
445 ((word32)CTd4[GETBYTE(t2, 3)] << 24 ) ^
446 ((word32)CTd4[GETBYTE(t1, 2)] << 16 ) ^
447 ((word32)CTd4[GETBYTE(t0, 1)] << 8 ) ^
448 ((word32)CTd4[GETBYTE(t3, 0)]) ^
449 rk[2];
450 s3 =
451 ((word32)CTd4[GETBYTE(t3, 3)] << 24) ^
452 ((word32)CTd4[GETBYTE(t2, 2)] << 16) ^
453 ((word32)CTd4[GETBYTE(t1, 1)] << 8) ^
454 ((word32)CTd4[GETBYTE(t0, 0)]) ^
455 rk[3];
456
457 gpBlock::Put(xorBlock, outBlock)(s0)(s1)(s2)(s3);
458 }
459
460
461 #if defined(DO_AES_ASM)
462 #ifdef __GNUC__
463 #define AS1(x) #x ";"
464 #define AS2(x, y) #x ", " #y ";"
465
466 #define PROLOG() \
467 __asm__ __volatile__ \
468 ( \
469 ".intel_syntax noprefix;" \
470 "push ebx;" \
471 "push ebp;" \
472 "movd mm7, ebp;" \
473 "movd mm4, eax;" \
474 "mov ebp, edx;" \
475 "sub esp, 4;"
476 #define EPILOG() \
477 "add esp, 4;" \
478 "pop ebp;" \
479 "pop ebx;" \
480 "emms;" \
481 ".att_syntax;" \
482 : \
483 : "c" (this), "S" (inBlock), "d" (boxes), "a" (outBlock) \
484 : "%edi", "memory", "cc" \
485 );
486
487 #else
488 #define AS1(x) __asm x
489 #define AS2(x, y) __asm x, y
490
491 #define PROLOG() \
492 AS1( push ebp ) \
493 AS2( mov ebp, esp ) \
494 AS2( movd mm3, edi ) \
495 AS2( movd mm4, ebx ) \
496 AS2( sub esp, 4 ) \
497 AS2( movd mm7, ebp ) \
498 AS2( mov [ebp - 4], esi ) \
499 AS2( mov esi, DWORD PTR [ebp + 8] ) \
500 AS2( mov ebp, DWORD PTR [ebp + 16] )
501
502 // ebp is restored at end
503 #define EPILOG() \
504 AS2( mov esi, [ebp - 4] ) \
505 AS2( movd ebx, mm4 ) \
506 AS2( movd edi, mm3 ) \
507 AS2( mov esp, ebp ) \
508 AS1( pop ebp ) \
509 AS1( emms ) \
510 AS1( ret 12 )
511
512
513 #endif
514
515
516 #ifdef _MSC_VER
517 __declspec(naked)
518 #else
519 __attribute__ ((noinline))
520 #endif
AsmEncrypt(const byte * inBlock,byte * outBlock,void * boxes) const521 void AES::AsmEncrypt(const byte* inBlock, byte* outBlock, void* boxes) const
522 {
523
524 PROLOG()
525
526 #ifdef OLD_GCC_OFFSET
527 AS2( mov edx, DWORD PTR [ecx + 60] ) // rounds
528 AS2( lea edi, [ecx + 64] ) // rk
529 #else
530 AS2( mov edx, DWORD PTR [ecx + 56] ) // rounds
531 AS2( lea edi, [ecx + 60] ) // rk
532 #endif
533
534 AS1( dec edx )
535 AS2( movd mm6, edi ) // save rk
536 AS2( movd mm5, edx ) // save rounds
537
538 AS2( mov eax, DWORD PTR [esi] )
539 AS2( mov ebx, DWORD PTR [esi + 4] )
540 AS2( mov ecx, DWORD PTR [esi + 8] )
541 AS2( mov edx, DWORD PTR [esi + 12] )
542
543 AS1( bswap eax )
544 AS1( bswap ebx )
545 AS1( bswap ecx )
546 AS1( bswap edx )
547
548 AS2( xor eax, DWORD PTR [edi] ) // s0
549 AS2( xor ebx, DWORD PTR [edi + 4] ) // s1
550 AS2( xor ecx, DWORD PTR [edi + 8] ) // s2
551 AS2( xor edx, DWORD PTR [edi + 12] ) // s3
552
553 #ifdef _MSC_VER
554 AS1( loop1: ) // loop1
555 #else
556 AS1(1: ) // loop1
557 #endif
558 /* Put0 (mm0) =
559 Te0[get0,rs 24] ^
560 Te1[get1,rs 16] ^
561 Te2[get2,rs 8] ^
562 Te3[get3,rs 0]
563 */
564
565 AS2( mov esi, eax )
566 AS2( shr esi, 24 )
567 AS2( mov esi, DWORD PTR [ebp + esi*4] )
568
569 AS2( mov edi, ebx )
570 AS2( shr edi, 16 )
571 AS2( and edi, 255 )
572 AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] )
573
574 AS2( movzx edi, ch )
575 AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] )
576
577 AS2( movzx edi, dl )
578 AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] )
579
580 AS2( movd mm0, esi )
581
582 /* Put1 (mm1) =
583 Te0[get1,rs 24] ^
584 Te1[get2,rs 16] ^
585 Te2[get3,rs 8] ^
586 Te3[get0,rs 0]
587 */
588
589 AS2( mov esi, ebx )
590 AS2( shr esi, 24 )
591 AS2( mov esi, DWORD PTR [ebp + esi*4] )
592
593 AS2( mov edi, ecx )
594 AS2( shr edi, 16 )
595 AS2( and edi, 255 )
596 AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] )
597
598 AS2( movzx edi, dh )
599 AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] )
600
601 AS2( movzx edi, al )
602 AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] )
603
604 AS2( movd mm1, esi )
605
606
607 /* Put2 (mm2) =
608 Te0[get2,rs 24] ^
609 Te1[get3,rs 16] ^
610 Te2[get0,rs 8] ^
611 Te3[get1,rs 0]
612 */
613
614 AS2( mov esi, ecx )
615 AS2( shr esi, 24 )
616 AS2( mov esi, DWORD PTR [ebp + esi*4] )
617
618 AS2( mov edi, edx )
619 AS2( shr edi, 16 )
620 AS2( and edi, 255 )
621 AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] )
622
623 AS2( movzx edi, ah )
624 AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] )
625
626 AS2( movzx edi, bl )
627 AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] )
628
629 AS2( movd mm2, esi )
630
631 /* Put3 (edx) =
632 Te0[get3,rs 24] ^
633 Te1[get0,rs 16] ^
634 Te2[get1,rs 8] ^
635 Te3[get2,rs 0]
636 */
637
638 AS2( mov esi, edx )
639 AS2( shr esi, 24 )
640 AS2( mov edx, DWORD PTR [ebp + esi*4] )
641
642 AS2( mov edi, eax )
643 AS2( shr edi, 16 )
644 AS2( and edi, 255 )
645 AS2( xor edx, DWORD PTR [ebp + 1024 + edi*4] )
646
647 AS2( movzx esi, bh )
648 AS2( xor edx, DWORD PTR [ebp + 2048 + esi*4] )
649
650 AS2( movzx edi, cl )
651 AS2( xor edx, DWORD PTR [ebp + 3072 + edi*4] )
652
653 // xOr
654
655 AS2( movd esi, mm6 ) // rk
656
657 AS2( movd eax, mm0 )
658 AS2( add esi, 16 )
659 AS2( movd ebx, mm1 )
660 AS2( movd mm6, esi ) // save back
661 AS2( movd ecx, mm2 )
662
663 AS2( xor eax, DWORD PTR [esi] )
664 AS2( xor ebx, DWORD PTR [esi + 4] )
665 AS2( movd edi, mm5 )
666 AS2( xor ecx, DWORD PTR [esi + 8] )
667 AS2( xor edx, DWORD PTR [esi + 12] )
668
669 AS1( dec edi )
670 AS2( movd mm5, edi )
671
672 #ifdef _MSC_VER
673 AS1( jnz loop1) // loop1
674 #else
675 AS1( jnz 1b ) // loop1
676 #endif
677
678 // last round
679 /*
680 Put0 (mm0) =
681 (Te4[get0, rs24] & 0xff000000) ^ h = 4278190080
682 (Te4[get1, rs16] & 0x00ff0000) ^ h = 16711680
683 (Te4[get2, rs 8] & 0x0000ff00) ^ h = 65280
684 (Te4[get3, rs 0] & 0x000000ff) h = 255
685 */
686 AS2( mov esi, eax )
687 AS2( shr esi, 24 )
688 AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] )
689 AS2( and esi, 4278190080 )
690
691 AS2( mov edi, ebx )
692 AS2( shr edi, 16 )
693 AS2( and edi, 255 )
694 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
695 AS2( and edi, 16711680 )
696 AS2( xor esi, edi )
697
698 AS2( movzx edi, ch )
699 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
700 AS2( and edi, 65280 )
701 AS2( xor esi, edi )
702
703 AS2( movzx edi, dl )
704 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
705 AS2( and edi, 255 )
706 AS2( xor esi, edi )
707
708 AS2( movd mm0, esi )
709
710 /*
711 Put1 (mm1) =
712 (Te4[get1, rs24] & 0xff000000) ^ h = 4278190080
713 (Te4[get2, rs16] & 0x00ff0000) ^ h = 16711680
714 (Te4[get3, rs 8] & 0x0000ff00) ^ h = 65280
715 (Te4[get0, rs 0] & 0x000000ff) h = 255
716 */
717 AS2( mov esi, ebx )
718 AS2( shr esi, 24 )
719 AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] )
720 AS2( and esi, 4278190080 )
721
722 AS2( mov edi, ecx )
723 AS2( shr edi, 16 )
724 AS2( and edi, 255 )
725 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
726 AS2( and edi, 16711680 )
727 AS2( xor esi, edi )
728
729 AS2( movzx edi, dh )
730 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
731 AS2( and edi, 65280 )
732 AS2( xor esi, edi )
733
734 AS2( movzx edi, al )
735 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
736 AS2( and edi, 255 )
737 AS2( xor esi, edi )
738
739 AS2( movd mm1, esi )
740
741 /*
742 Put2 (mm2) =
743 (Te4[get2, rs24] & 0xff000000) ^ h = 4278190080
744 (Te4[get3, rs16] & 0x00ff0000) ^ h = 16711680
745 (Te4[get0, rs 8] & 0x0000ff00) ^ h = 65280
746 (Te4[get1, rs 0] & 0x000000ff) h = 255
747 */
748 AS2( mov esi, ecx )
749 AS2( shr esi, 24 )
750 AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] )
751 AS2( and esi, 4278190080 )
752
753 AS2( mov edi, edx )
754 AS2( shr edi, 16 )
755 AS2( and edi, 255 )
756 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
757 AS2( and edi, 16711680 )
758 AS2( xor esi, edi )
759
760 AS2( movzx edi, ah )
761 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
762 AS2( and edi, 65280 )
763 AS2( xor esi, edi )
764
765 AS2( movzx edi, bl )
766 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
767 AS2( and edi, 255 )
768 AS2( xor esi, edi )
769
770 AS2( movd mm2, esi )
771
772 /*
773 Put3 (edx) =
774 (Te4[get3, rs24] & 0xff000000) ^ h = 4278190080
775 (Te4[get0, rs16] & 0x00ff0000) ^ h = 16711680
776 (Te4[get1, rs 8] & 0x0000ff00) ^ h = 65280
777 (Te4[get2, rs 0] & 0x000000ff) h = 255
778 */
779 AS2( mov esi, edx )
780 AS2( shr esi, 24 )
781 AS2( mov edx, DWORD PTR [ebp + 4096 + esi*4] )
782 AS2( and edx, 4278190080 )
783
784 AS2( mov edi, eax )
785 AS2( shr edi, 16 )
786 AS2( and edi, 255 )
787 AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] )
788 AS2( and esi, 16711680 )
789 AS2( xor edx, esi )
790
791 AS2( movzx esi, bh )
792 AS2( mov edi, DWORD PTR [ebp + 4096 + esi*4] )
793 AS2( and edi, 65280 )
794 AS2( xor edx, edi )
795
796 AS2( movzx edi, cl )
797 AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] )
798 AS2( and esi, 255 )
799 AS2( xor edx, esi )
800
801
802 // xOr
803 AS2( movd eax, mm0 )
804 AS2( movd esi, mm6 ) // rk
805 AS2( movd ebx, mm1 )
806 AS2( add esi, 16 )
807 AS2( movd ecx, mm2 )
808
809 AS2( xor eax, DWORD PTR [esi] )
810 AS2( xor ebx, DWORD PTR [esi + 4] )
811 AS2( xor ecx, DWORD PTR [esi + 8] )
812 AS2( xor edx, DWORD PTR [esi + 12] )
813
814 // end
815 AS2( movd ebp, mm7 )
816
817 // swap
818 AS1( bswap eax )
819 AS1( bswap ebx )
820
821 // store
822 #ifdef __GNUC__
823 AS2( movd esi, mm4 ) // outBlock
824 #else
825 AS2( mov esi, DWORD PTR [ebp + 12] ) // outBlock
826 #endif
827
828 AS1( bswap ecx )
829 AS1( bswap edx )
830
831 AS2( mov DWORD PTR [esi], eax )
832 AS2( mov DWORD PTR [esi + 4], ebx )
833 AS2( mov DWORD PTR [esi + 8], ecx )
834 AS2( mov DWORD PTR [esi + 12], edx )
835
836
837 EPILOG()
838 }
839
840
841 #ifdef _MSC_VER
842 __declspec(naked)
843 #else
844 __attribute__ ((noinline))
845 #endif
AsmDecrypt(const byte * inBlock,byte * outBlock,void * boxes) const846 void AES::AsmDecrypt(const byte* inBlock, byte* outBlock, void* boxes) const
847 {
848
849 PROLOG()
850
851 #ifdef OLD_GCC_OFFSET
852 AS2( mov edx, DWORD PTR [ecx + 60] ) // rounds
853 AS2( lea edi, [ecx + 64] ) // rk
854 #else
855 AS2( mov edx, DWORD PTR [ecx + 56] ) // rounds
856 AS2( lea edi, [ecx + 60] ) // rk
857 #endif
858
859 AS1( dec edx )
860 AS2( movd mm6, edi ) // save rk
861 AS2( movd mm5, edx ) // save rounds
862
863 AS2( mov eax, DWORD PTR [esi] )
864 AS2( mov ebx, DWORD PTR [esi + 4] )
865 AS2( mov ecx, DWORD PTR [esi + 8] )
866 AS2( mov edx, DWORD PTR [esi + 12] )
867
868 AS1( bswap eax )
869 AS1( bswap ebx )
870 AS1( bswap ecx )
871 AS1( bswap edx )
872
873 AS2( xor eax, DWORD PTR [edi] ) // s0
874 AS2( xor ebx, DWORD PTR [edi + 4] ) // s1
875 AS2( xor ecx, DWORD PTR [edi + 8] ) // s2
876 AS2( xor edx, DWORD PTR [edi + 12] ) // s3
877
878
879 #ifdef _MSC_VER
880 AS1( loop2: ) // loop2
881 #else
882 AS1(2: ) // loop2
883 #endif
884 /* Put0 (mm0) =
885 Td0[GETBYTE(get0, rs24)] ^
886 Td1[GETBYTE(get3, rs16)] ^
887 Td2[GETBYTE(get2, rs 8)] ^
888 Td3[GETBYTE(tet1, )]
889 */
890 AS2( mov esi, eax )
891 AS2( shr esi, 24 )
892 AS2( mov esi, DWORD PTR [ebp + esi*4] )
893
894 AS2( mov edi, edx )
895 AS2( shr edi, 16 )
896 AS2( and edi, 255 )
897 AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] )
898
899 AS2( movzx edi, ch )
900 AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] )
901
902 AS2( movzx edi, bl )
903 AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] )
904
905 AS2( movd mm0, esi )
906
907 /* Put1 (mm1) =
908 Td0[GETBYTE(get1, rs24)] ^
909 Td1[GETBYTE(get0, rs16)] ^
910 Td2[GETBYTE(get3, rs 8)] ^
911 Td3[GETBYTE(tet2, )]
912 */
913 AS2( mov esi, ebx )
914 AS2( shr esi, 24 )
915 AS2( mov esi, DWORD PTR [ebp + esi*4] )
916
917 AS2( mov edi, eax )
918 AS2( shr edi, 16 )
919 AS2( and edi, 255 )
920 AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] )
921
922 AS2( movzx edi, dh )
923 AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] )
924
925 AS2( movzx edi, cl )
926 AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] )
927
928 AS2( movd mm1, esi )
929
930 /* Put2 (mm2) =
931 Td0[GETBYTE(get2, rs24)] ^
932 Td1[GETBYTE(get1, rs16)] ^
933 Td2[GETBYTE(get0, rs 8)] ^
934 Td3[GETBYTE(tet3, )]
935 */
936 AS2( mov esi, ecx )
937 AS2( shr esi, 24 )
938 AS2( mov esi, DWORD PTR [ebp + esi*4] )
939
940 AS2( mov edi, ebx )
941 AS2( shr edi, 16 )
942 AS2( and edi, 255 )
943 AS2( xor esi, DWORD PTR [ebp + 1024 + edi*4] )
944
945 AS2( movzx edi, ah )
946 AS2( xor esi, DWORD PTR [ebp + 2048 + edi*4] )
947
948 AS2( movzx edi, dl )
949 AS2( xor esi, DWORD PTR [ebp + 3072 + edi*4] )
950
951 AS2( movd mm2, esi )
952
953 /* Put3 (edx) =
954 Td0[GETBYTE(get3, rs24)] ^
955 Td1[GETBYTE(get2, rs16)] ^
956 Td2[GETBYTE(get1, rs 8)] ^
957 Td3[GETBYTE(tet0, )]
958 */
959 AS2( mov esi, edx )
960 AS2( shr esi, 24 )
961 AS2( mov edx, DWORD PTR [ebp + esi*4] )
962
963 AS2( mov edi, ecx )
964 AS2( shr edi, 16 )
965 AS2( and edi, 255 )
966 AS2( xor edx, DWORD PTR [ebp + 1024 + edi*4] )
967
968 AS2( movzx esi, bh )
969 AS2( xor edx, DWORD PTR [ebp + 2048 + esi*4] )
970
971 AS2( movzx edi, al )
972 AS2( xor edx, DWORD PTR [ebp + 3072 + edi*4] )
973
974
975 // xOr
976
977 AS2( movd esi, mm6 ) // rk
978 AS2( add esi, 16 )
979 AS2( movd mm6, esi ) // save back
980
981 AS2( movd eax, mm0 )
982 AS2( movd ebx, mm1 )
983 AS2( movd ecx, mm2 )
984
985 AS2( xor eax, DWORD PTR [esi] )
986 AS2( xor ebx, DWORD PTR [esi + 4] )
987 AS2( xor ecx, DWORD PTR [esi + 8] )
988 AS2( xor edx, DWORD PTR [esi + 12] )
989
990 AS2( movd edi, mm5 )
991 AS1( dec edi )
992 AS2( movd mm5, edi )
993
994 #ifdef _MSC_VER
995 AS1( jnz loop2) // loop2
996 #else
997 AS1( jnz 2b ) // loop2
998 #endif
999
1000 // last round
1001 /*
1002 Put0 (mm0) =
1003 (Td4[get0, rs24] & 0xff000000) ^ h = 4278190080
1004 (Td4[get3, rs16] & 0x00ff0000) ^ h = 16711680
1005 (Td4[get2, rs 8] & 0x0000ff00) ^ h = 65280
1006 (Td4[get1, rs 0] & 0x000000ff) h = 255
1007 */
1008 AS2( mov esi, eax )
1009 AS2( shr esi, 24 )
1010 AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] )
1011 AS2( and esi, 4278190080 )
1012
1013 AS2( mov edi, edx )
1014 AS2( shr edi, 16 )
1015 AS2( and edi, 255 )
1016 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
1017 AS2( and edi, 16711680 )
1018 AS2( xor esi, edi )
1019
1020 AS2( movzx edi, ch )
1021 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
1022 AS2( and edi, 65280 )
1023 AS2( xor esi, edi )
1024
1025 AS2( movzx edi, bl )
1026 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
1027 AS2( and edi, 255 )
1028 AS2( xor esi, edi )
1029
1030 AS2( movd mm0, esi )
1031
1032 /*
1033 Put1 (mm1) =
1034 (Td4[get1, rs24] & 0xff000000) ^ h = 4278190080
1035 (Td4[get0, rs16] & 0x00ff0000) ^ h = 16711680
1036 (Td4[get3, rs 8] & 0x0000ff00) ^ h = 65280
1037 (Td4[get2, rs 0] & 0x000000ff) h = 255
1038 */
1039 AS2( mov esi, ebx )
1040 AS2( shr esi, 24 )
1041 AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] )
1042 AS2( and esi, 4278190080 )
1043
1044 AS2( mov edi, eax )
1045 AS2( shr edi, 16 )
1046 AS2( and edi, 255 )
1047 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
1048 AS2( and edi, 16711680 )
1049 AS2( xor esi, edi )
1050
1051 AS2( movzx edi, dh )
1052 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
1053 AS2( and edi, 65280 )
1054 AS2( xor esi, edi )
1055
1056 AS2( movzx edi, cl )
1057 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
1058 AS2( and edi, 255 )
1059 AS2( xor esi, edi )
1060
1061 AS2( movd mm1, esi )
1062
1063 /*
1064 Put2 (mm2) =
1065 (Td4[get2, rs24] & 0xff000000) ^ h = 4278190080
1066 (Td4[get1, rs16] & 0x00ff0000) ^ h = 16711680
1067 (Td4[get0, rs 8] & 0x0000ff00) ^ h = 65280
1068 (Td4[get3, rs 0] & 0x000000ff) h = 255
1069 */
1070 AS2( mov esi, ecx )
1071 AS2( shr esi, 24 )
1072 AS2( mov esi, DWORD PTR [ebp + 4096 + esi*4] )
1073 AS2( and esi, 4278190080 )
1074
1075 AS2( mov edi, ebx )
1076 AS2( shr edi, 16 )
1077 AS2( and edi, 255 )
1078 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
1079 AS2( and edi, 16711680 )
1080 AS2( xor esi, edi )
1081
1082 AS2( movzx edi, ah )
1083 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
1084 AS2( and edi, 65280 )
1085 AS2( xor esi, edi )
1086
1087 AS2( movzx edi, dl )
1088 AS2( mov edi, DWORD PTR [ebp + 4096 + edi*4] )
1089 AS2( and edi, 255 )
1090 AS2( xor esi, edi )
1091
1092 AS2( movd mm2, esi )
1093
1094 /*
1095 Put3 (edx) =
1096 (Td4[get3, rs24] & 0xff000000) ^ h = 4278190080
1097 (Td4[get2, rs16] & 0x00ff0000) ^ h = 16711680
1098 (Td4[get1, rs 8] & 0x0000ff00) ^ h = 65280
1099 (Td4[get0, rs 0] & 0x000000ff) h = 255
1100 */
1101 AS2( mov esi, edx )
1102 AS2( shr esi, 24 )
1103 AS2( mov edx, DWORD PTR [ebp + 4096 + esi*4] )
1104 AS2( and edx, 4278190080 )
1105
1106 AS2( mov edi, ecx )
1107 AS2( shr edi, 16 )
1108 AS2( and edi, 255 )
1109 AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] )
1110 AS2( and esi, 16711680 )
1111 AS2( xor edx, esi )
1112
1113 AS2( movzx esi, bh )
1114 AS2( mov edi, DWORD PTR [ebp + 4096 + esi*4] )
1115 AS2( and edi, 65280 )
1116 AS2( xor edx, edi )
1117
1118 AS2( movzx edi, al )
1119 AS2( mov esi, DWORD PTR [ebp + 4096 + edi*4] )
1120 AS2( and esi, 255 )
1121 AS2( xor edx, esi )
1122
1123
1124 // xOr
1125 AS2( movd esi, mm6 ) // rk
1126 AS2( add esi, 16 )
1127
1128 AS2( movd eax, mm0 )
1129 AS2( movd ebx, mm1 )
1130 AS2( movd ecx, mm2 )
1131
1132 AS2( xor eax, DWORD PTR [esi] )
1133 AS2( xor ebx, DWORD PTR [esi + 4] )
1134 AS2( xor ecx, DWORD PTR [esi + 8] )
1135 AS2( xor edx, DWORD PTR [esi + 12] )
1136
1137 // end
1138 AS2( movd ebp, mm7 )
1139
1140 // swap
1141 AS1( bswap eax )
1142 AS1( bswap ebx )
1143 AS1( bswap ecx )
1144 AS1( bswap edx )
1145
1146 // store
1147 #ifdef __GNUC__
1148 AS2( movd esi, mm4 ) // outBlock
1149 #else
1150 AS2( mov esi, DWORD PTR [ebp + 12] ) // outBlock
1151 #endif
1152 AS2( mov DWORD PTR [esi], eax )
1153 AS2( mov DWORD PTR [esi + 4], ebx )
1154 AS2( mov DWORD PTR [esi + 8], ecx )
1155 AS2( mov DWORD PTR [esi + 12], edx )
1156
1157
1158 EPILOG()
1159 }
1160
1161
1162
1163 #endif // defined(DO_AES_ASM)
1164
1165
1166
1167 const word32 AES::Te[5][256] = {
1168 {
1169 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
1170 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
1171 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
1172 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
1173 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
1174 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
1175 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
1176 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
1177 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
1178 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
1179 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
1180 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
1181 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
1182 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
1183 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
1184 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
1185 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
1186 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
1187 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
1188 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
1189 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
1190 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
1191 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
1192 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
1193 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
1194 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
1195 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
1196 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
1197 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
1198 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
1199 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
1200 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
1201 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
1202 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
1203 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
1204 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
1205 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
1206 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
1207 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
1208 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
1209 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
1210 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
1211 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
1212 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
1213 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
1214 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
1215 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
1216 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
1217 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
1218 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
1219 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
1220 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
1221 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
1222 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
1223 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
1224 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
1225 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
1226 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
1227 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
1228 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
1229 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
1230 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
1231 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
1232 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
1233 },
1234 {
1235 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
1236 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
1237 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
1238 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
1239 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
1240 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
1241 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
1242 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
1243 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
1244 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
1245 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
1246 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
1247 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
1248 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
1249 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
1250 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
1251 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
1252 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
1253 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
1254 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
1255 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
1256 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
1257 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
1258 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
1259 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
1260 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
1261 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
1262 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
1263 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
1264 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
1265 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
1266 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
1267 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
1268 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
1269 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
1270 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
1271 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
1272 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
1273 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
1274 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
1275 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
1276 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
1277 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
1278 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
1279 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
1280 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
1281 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
1282 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
1283 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
1284 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
1285 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
1286 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
1287 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
1288 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
1289 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
1290 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
1291 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
1292 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
1293 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
1294 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
1295 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
1296 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
1297 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
1298 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
1299 },
1300 {
1301 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
1302 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
1303 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
1304 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
1305 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
1306 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
1307 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
1308 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
1309 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
1310 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
1311 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
1312 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
1313 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
1314 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
1315 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
1316 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
1317 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
1318 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
1319 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
1320 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
1321 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
1322 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
1323 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
1324 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
1325 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
1326 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
1327 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
1328 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
1329 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
1330 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
1331 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
1332 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
1333 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
1334 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
1335 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
1336 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
1337 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
1338 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
1339 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
1340 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
1341 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
1342 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
1343 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
1344 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
1345 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
1346 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
1347 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
1348 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
1349 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
1350 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
1351 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
1352 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
1353 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
1354 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
1355 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
1356 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
1357 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
1358 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
1359 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
1360 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
1361 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
1362 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
1363 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
1364 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
1365 },
1366 {
1367 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
1368 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
1369 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
1370 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
1371 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
1372 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
1373 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
1374 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
1375 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
1376 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
1377 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
1378 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
1379 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
1380 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
1381 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
1382 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
1383 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
1384 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
1385 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
1386 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
1387 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
1388 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
1389 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
1390 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
1391 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
1392 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
1393 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
1394 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
1395 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
1396 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
1397 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
1398 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
1399 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
1400 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
1401 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
1402 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
1403 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
1404 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
1405 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
1406 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
1407 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
1408 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
1409 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
1410 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
1411 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
1412 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
1413 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
1414 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
1415 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
1416 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
1417 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
1418 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
1419 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
1420 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
1421 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
1422 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
1423 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
1424 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
1425 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
1426 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
1427 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
1428 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
1429 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
1430 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
1431 },
1432 {
1433 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
1434 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
1435 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
1436 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
1437 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
1438 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
1439 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
1440 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
1441 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
1442 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
1443 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
1444 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
1445 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
1446 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
1447 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
1448 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
1449 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
1450 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
1451 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
1452 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
1453 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
1454 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
1455 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
1456 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
1457 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
1458 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
1459 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
1460 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
1461 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
1462 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
1463 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
1464 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
1465 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
1466 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
1467 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
1468 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
1469 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
1470 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
1471 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
1472 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
1473 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
1474 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
1475 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
1476 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
1477 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
1478 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
1479 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
1480 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
1481 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
1482 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
1483 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
1484 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
1485 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
1486 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
1487 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
1488 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
1489 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
1490 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
1491 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
1492 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
1493 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
1494 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
1495 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
1496 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
1497 }
1498 };
1499
1500
1501 const word32 AES::Td[5][256] = {
1502 {
1503 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
1504 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
1505 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
1506 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
1507 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
1508 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
1509 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
1510 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
1511 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
1512 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
1513 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
1514 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
1515 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
1516 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
1517 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
1518 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
1519 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
1520 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
1521 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
1522 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
1523 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
1524 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
1525 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
1526 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
1527 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
1528 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
1529 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
1530 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
1531 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
1532 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
1533 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
1534 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
1535 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
1536 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
1537 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
1538 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
1539 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
1540 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
1541 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
1542 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
1543 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
1544 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
1545 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
1546 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
1547 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
1548 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
1549 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
1550 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
1551 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
1552 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
1553 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
1554 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
1555 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
1556 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
1557 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
1558 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
1559 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
1560 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
1561 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
1562 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
1563 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
1564 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
1565 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
1566 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
1567 },
1568 {
1569 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
1570 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
1571 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
1572 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
1573 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
1574 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
1575 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
1576 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
1577 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
1578 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
1579 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
1580 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
1581 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
1582 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
1583 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
1584 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
1585 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
1586 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
1587 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
1588 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
1589 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
1590 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
1591 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
1592 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
1593 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
1594 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
1595 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
1596 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
1597 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
1598 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
1599 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
1600 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
1601 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
1602 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
1603 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
1604 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
1605 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
1606 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
1607 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
1608 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
1609 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
1610 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
1611 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
1612 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
1613 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
1614 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
1615 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
1616 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
1617 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
1618 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
1619 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
1620 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
1621 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
1622 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
1623 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
1624 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
1625 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
1626 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
1627 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
1628 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
1629 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
1630 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
1631 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
1632 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
1633 },
1634 {
1635 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
1636 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
1637 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
1638 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
1639 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
1640 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
1641 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
1642 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
1643 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
1644 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
1645 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
1646 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
1647 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
1648 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
1649 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
1650 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
1651 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
1652 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
1653 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
1654 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
1655
1656 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
1657 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
1658 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
1659 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
1660 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
1661 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
1662 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
1663 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
1664 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
1665 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
1666 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
1667 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
1668 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
1669 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
1670 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
1671 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
1672 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
1673 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
1674 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
1675 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
1676 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
1677 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
1678 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
1679 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
1680 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
1681 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
1682 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
1683 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
1684 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
1685 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
1686 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
1687 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
1688 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
1689 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
1690 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
1691 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
1692 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
1693 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
1694 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
1695 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
1696 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
1697 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
1698 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
1699 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
1700 },
1701 {
1702 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
1703 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
1704 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
1705 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
1706 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
1707 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
1708 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
1709 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
1710 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
1711 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
1712 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
1713 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
1714 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
1715 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
1716 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
1717 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
1718 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
1719 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
1720 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
1721 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
1722 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
1723 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
1724 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
1725 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
1726 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
1727 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
1728 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
1729 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
1730 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
1731 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
1732 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
1733 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
1734 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
1735 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
1736 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
1737 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
1738 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
1739 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
1740 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
1741 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
1742 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
1743 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
1744 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
1745 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
1746 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
1747 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
1748 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
1749 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
1750 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
1751 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
1752 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
1753 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
1754 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
1755 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
1756 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
1757 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
1758 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
1759 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
1760 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
1761 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
1762 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
1763 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
1764 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
1765 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
1766 },
1767 {
1768 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
1769 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
1770 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
1771 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
1772 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
1773 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
1774 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
1775 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
1776 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
1777 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
1778 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
1779 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
1780 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
1781 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
1782 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
1783 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
1784 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
1785 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
1786 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
1787 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
1788 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
1789 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
1790 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
1791 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
1792 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
1793 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
1794 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
1795 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
1796 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
1797 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
1798 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
1799 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
1800 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
1801 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
1802 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
1803 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
1804 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
1805 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
1806 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
1807 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
1808 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
1809 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
1810 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
1811 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
1812 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
1813 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
1814 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
1815 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
1816 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
1817 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
1818 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
1819 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
1820 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
1821 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
1822 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
1823 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
1824 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
1825 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
1826 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
1827 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
1828 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
1829 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
1830 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
1831 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
1832 }
1833 };
1834
1835 const byte AES::CTd4[256] =
1836 {
1837 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
1838 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
1839 0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
1840 0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
1841 0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
1842 0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
1843 0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
1844 0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
1845 0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
1846 0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
1847 0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
1848 0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
1849 0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
1850 0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
1851 0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
1852 0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
1853 0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
1854 0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
1855 0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
1856 0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
1857 0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
1858 0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
1859 0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
1860 0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
1861 0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
1862 0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
1863 0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
1864 0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
1865 0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
1866 0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
1867 0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
1868 0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
1869 };
1870
1871
1872 const word32* AES::Te0 = AES::Te[0];
1873 const word32* AES::Te1 = AES::Te[1];
1874 const word32* AES::Te2 = AES::Te[2];
1875 const word32* AES::Te3 = AES::Te[3];
1876
1877 const word32* AES::Td0 = AES::Td[0];
1878 const word32* AES::Td1 = AES::Td[1];
1879 const word32* AES::Td2 = AES::Td[2];
1880 const word32* AES::Td3 = AES::Td[3];
1881
1882
1883
1884 } // namespace
1885
1886