d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import Skein 1.3

Browse Source 
Bruce Schneier's hashing algorithm

Used by newer versions of ZFS
This commit is contained in:
Allan Jude 2016-05-27 02:42:46 +00:00
commit 92f76dc624
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/vendor-sys/skein/dist/; revision=300819
svn path=/vendor-sys/skein/1.3/; revision=300820; tag=vendor/skein/1.3
69 changed files with 31494 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
Additional_Implementations/Atmel_AVR.c Normal file
View File

@ -0,0 +1,77 @@
#include <stdio.h>
#include "skein.h"
#define SKEIN_CODE_SIZE (1) /* instantiate code size routines */
#define SKEIN_LOOP (111) /* unroll only 8 rounds */
#define SKEIN_USE_ASM (512+1024) /* what to exclude here */
#include "skein.c"
#include "skein_block.c"
/* for code size limitations, make "dummy" versions of unused block functions */
#if SKEIN_USE_ASM & 256
void Skein_256_Process_Block(Skein_256_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd) { }
#endif
#if SKEIN_USE_ASM & 512
void Skein_512_Process_Block(Skein_512_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd) { }
#endif
#if SKEIN_USE_ASM & 1024
void Skein1024_Process_Block(Skein1024_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd) { }
#endif
const u08b_t msg[1] =
{
0
};
int main(int argc,char *argv[])
{
u08b_t hash[1024/8];
u08b_t i,x;
static size_t aBytes,bBytes,uCount;
#if !(SKEIN_USE_ASM & 256)
Skein_256_Ctxt_t ctx;
aBytes = 2*Skein_256_API_CodeSize();
bBytes = 2*Skein_256_Process_Block_CodeSize();
uCount = Skein_256_Unroll_Cnt();
Skein_256_Init (&ctx,256);
Skein_256_Update(&ctx,msg,sizeof(msg));
Skein_256_Final (&ctx,hash);
Skein_256_Process_Block(&ctx,msg,1,256);
#endif
#if !(SKEIN_USE_ASM & 512)
Skein_512_Ctxt_t ctx;
aBytes = 2*Skein_512_API_CodeSize();
bBytes = 2*Skein_512_Process_Block_CodeSize();
uCount = Skein_512_Unroll_Cnt();
Skein_512_Init (&ctx,512);
Skein_512_Update(&ctx,msg,sizeof(msg));
Skein_512_Final (&ctx,hash);
Skein_512_Process_Block(&ctx,msg,1,512);
#endif
#if !(SKEIN_USE_ASM & 1024)
Skein1024_Ctxt_t ctx;
aBytes = 2*Skein1024_API_CodeSize();
bBytes = 2*Skein1024_Process_Block_CodeSize();
uCount = Skein1024_Unroll_Cnt();
Skein1024_Init (&ctx,1024);
Skein1024_Update(&ctx,msg,sizeof(msg));
Skein1024_Final (&ctx,hash);
Skein1024_Process_Block(&ctx,msg,1,1024);
#endif
printf("API size = %4d bytes. Block size = %4d bytes. Unroll=%d\n",
aBytes,bBytes,uCount);
for (i=x=0;i<5;i++)
printf("hash[%d] = %02X [%02X]\n",i,hash[i],x ^= hash[i]);
}

BIN
Additional_Implementations/skein_8bit_estimates.xls Normal file
View File

Binary file not shown.

129
Additional_Implementations/skein_MSC_v9_perf.txt Normal file
View File

@ -0,0 +1,129 @@
File STDIN:
1_ || 2802.00 2814.00 | 5952.00 5952.00 | 30606.00 30606.00 | //: 32-bit, MSC_v9.00 [ C =...]
10_ || 278.40 278.40 | 593.40 593.40 | 3063.00 3063.00 | //: 32-bit, MSC_v9.00 [ C =...]
100_ || 65.52 65.58 | 88.02 88.08 | 306.30 306.30 | //: 32-bit, MSC_v9.00 [ C =...]
1000_ || 41.26 41.41 | 47.96 47.96 | 135.28 135.29 | //: 32-bit, MSC_v9.00 [ C =...]
10000_ || 38.86 39.08 | 44.13 44.21 | 119.88 120.11 | //: 32-bit, MSC_v9.00 [ C =...]
100000_ || 38.85 39.09 | 43.56 43.77 | 105.79 114.18 | //: 32-bit, MSC_v9.00 [ C =...]
API || 864 bytes | 704 bytes | 720 bytes | //: 32-bit, MSC_v9.00 [ C =...]
Block || 10192 bytes | 22960 bytes | 53072 bytes | //: 32-bit, MSC_v9.00 [ C =...]
1_ || 780.00 786.00 | 1110.00 1110.00 | 3288.00 3318.00 | //: 64-bit, MSC_v9.00 [ C =...]
10_ || 78.60 79.80 | 109.80 109.80 | 331.20 331.80 | //: 64-bit, MSC_v9.00 [ C =...]
100_ || 16.74 16.80 | 15.54 15.54 | 33.30 33.30 | //: 64-bit, MSC_v9.00 [ C =...]
1000_ || 9.88 10.67 | 7.38 7.38 | 14.16 14.17 | //: 64-bit, MSC_v9.00 [ C =...]
10000_ || 9.21 9.22 | 6.60 6.60 | 12.27 12.39 | //: 64-bit, MSC_v9.00 [ C =...]
100000_ || 9.98 10.01 | 7.04 7.08 | 12.36 13.14 | //: 64-bit, MSC_v9.00 [ C =...]
API || 992 bytes | 1312 bytes | 864 bytes | //: 64-bit, MSC_v9.00 [ C =...]
Block || 2272 bytes | 4944 bytes | 15264 bytes | //: 64-bit, MSC_v9.00 [ C =...]
1_ || 2484.00 2490.00 | 4830.00 4836.00 | 22182.00 22188.00 | //: 32-bit, MSC_v9.00 [asm=...]
10_ || 250.20 252.00 | 485.40 488.40 | 1936.80 1959.00 | //: 32-bit, MSC_v9.00 [asm=...]
100_ || 58.62 58.68 | 70.74 70.80 | 221.76 221.76 | //: 32-bit, MSC_v9.00 [asm=...]
1000_ || 34.12 34.16 | 35.44 35.44 | 85.27 85.31 | //: 32-bit, MSC_v9.00 [asm=...]
10000_ || 34.78 34.98 | 35.36 35.36 | 86.31 86.35 | //: 32-bit, MSC_v9.00 [asm=...]
100000_ || 32.96 33.40 | 33.29 33.60 | 75.79 76.81 | //: 32-bit, MSC_v9.00 [asm=...]
API || 864 bytes | 704 bytes | 720 bytes | //: 32-bit, MSC_v9.00 [asm=...]
Block || 7588 bytes | 16636 bytes | 38262 bytes | //: 32-bit, MSC_v9.00 [asm=...]
1_ || 672.00 672.00 | 1068.00 1068.00 | 1920.00 1926.00 | //: 64-bit, MSC_v9.00 [asm=...]
10_ || 64.80 65.40 | 107.40 108.00 | 192.00 192.60 | //: 64-bit, MSC_v9.00 [asm=...]
100_ || 15.54 15.60 | 16.20 16.26 | 21.06 21.06 | //: 64-bit, MSC_v9.00 [asm=...]
1000_ || 8.18 8.18 | 6.97 6.97 | 7.77 7.78 | //: 64-bit, MSC_v9.00 [asm=...]
10000_ || 7.59 7.59 | 6.23 6.23 | 6.69 6.69 | //: 64-bit, MSC_v9.00 [asm=...]
100000_ || 7.55 7.71 | 6.14 6.38 | 6.56 6.86 | //: 64-bit, MSC_v9.00 [asm=...]
API || 992 bytes | 1312 bytes | 864 bytes | //: 64-bit, MSC_v9.00 [asm=...]
Block || 2323 bytes | 4733 bytes | 11817 bytes | //: 64-bit, MSC_v9.00 [asm=...]
1_ || 2952.00 2958.00 | 6030.00 6036.00 | 13668.00 13674.00 | //: 32-bit, MSC_v9.00 [ C =111]
10_ || 295.80 295.80 | 603.00 603.60 | 1366.80 1366.80 | //: 32-bit, MSC_v9.00 [ C =111]
100_ || 69.96 70.02 | 88.98 89.04 | 136.92 137.52 | //: 32-bit, MSC_v9.00 [ C =111]
1000_ || 43.90 43.96 | 48.78 48.85 | 60.08 60.11 | //: 32-bit, MSC_v9.00 [ C =111]
10000_ || 41.53 41.59 | 44.76 44.80 | 53.01 53.01 | //: 32-bit, MSC_v9.00 [ C =111]
100000_ || 41.32 41.60 | 44.52 44.62 | 51.75 51.92 | //: 32-bit, MSC_v9.00 [ C =111]
API || 864 bytes | 704 bytes | 720 bytes | //: 32-bit, MSC_v9.00 [ C =111]
Block || 1712 bytes | 3664 bytes | 7200 bytes | //: 32-bit, MSC_v9.00 [ C =111]
1_ || 780.00 786.00 | 1422.00 1434.00 | 3810.00 3816.00 | //: 64-bit, MSC_v9.00 [ C =111]
10_ || 75.60 76.20 | 140.40 140.40 | 380.40 381.00 | //: 64-bit, MSC_v9.00 [ C =111]
100_ || 17.16 17.22 | 20.52 21.00 | 38.22 38.28 | //: 64-bit, MSC_v9.00 [ C =111]
1000_ || 9.69 9.69 | 10.42 10.42 | 16.51 16.51 | //: 64-bit, MSC_v9.00 [ C =111]
10000_ || 8.97 8.97 | 9.38 9.38 | 14.38 14.40 | //: 64-bit, MSC_v9.00 [ C =111]
100000_ || 9.18 9.71 | 9.35 9.49 | 14.79 14.99 | //: 64-bit, MSC_v9.00 [ C =111]
API || 992 bytes | 1312 bytes | 864 bytes | //: 64-bit, MSC_v9.00 [ C =111]
Block || 704 bytes | 1456 bytes | 2976 bytes | //: 64-bit, MSC_v9.00 [ C =111]
1_ || 2580.00 2598.00 | 4842.00 4848.00 | 10578.00 10602.00 | //: 32-bit, MSC_v9.00 [asm=111]
10_ || 259.80 259.80 | 484.20 484.20 | 1059.60 1060.20 | //: 32-bit, MSC_v9.00 [asm=111]
100_ || 57.18 57.24 | 66.42 66.48 | 98.40 98.46 | //: 32-bit, MSC_v9.00 [asm=111]
1000_ || 35.56 35.59 | 35.96 35.96 | 42.79 42.80 | //: 32-bit, MSC_v9.00 [asm=111]
10000_ || 33.69 36.50 | 33.29 33.42 | 37.98 41.34 | //: 32-bit, MSC_v9.00 [asm=111]
100000_ || 33.96 34.57 | 33.93 35.69 | 38.04 38.20 | //: 32-bit, MSC_v9.00 [asm=111]
API || 864 bytes | 704 bytes | 720 bytes | //: 32-bit, MSC_v9.00 [asm=111]
Block || 1276 bytes | 2532 bytes | 4983 bytes | //: 32-bit, MSC_v9.00 [asm=111]
1_ || 678.00 678.00 | 1098.00 1098.00 | 2034.00 2040.00 | //: 64-bit, MSC_v9.00 [asm=111]
10_ || 66.60 66.60 | 109.80 109.80 | 204.00 204.00 | //: 64-bit, MSC_v9.00 [asm=111]
100_ || 15.48 16.68 | 16.98 16.98 | 22.38 22.38 | //: 64-bit, MSC_v9.00 [asm=111]
1000_ || 8.45 8.45 | 7.93 7.93 | 8.39 8.39 | //: 64-bit, MSC_v9.00 [asm=111]
10000_ || 7.81 7.81 | 6.50 6.50 | 7.18 7.18 | //: 64-bit, MSC_v9.00 [asm=111]
100000_ || 8.08 8.09 | 6.40 6.71 | 6.98 7.21 | //: 64-bit, MSC_v9.00 [asm=111]
API || 992 bytes | 1312 bytes | 864 bytes | //: 64-bit, MSC_v9.00 [asm=111]
Block || 664 bytes | 1074 bytes | 2221 bytes | //: 64-bit, MSC_v9.00 [asm=111]
1_ || 2988.00 2994.00 | 6240.00 6246.00 | 13794.00 13800.00 | //: 32-bit, MSC_v9.00 [ C =332]
10_ || 297.60 299.40 | 623.40 624.00 | 1379.40 1380.00 | //: 32-bit, MSC_v9.00 [ C =332]
100_ || 70.26 70.32 | 91.92 91.92 | 138.00 138.06 | //: 32-bit, MSC_v9.00 [ C =332]
1000_ || 44.88 44.89 | 50.20 50.20 | 60.44 60.45 | //: 32-bit, MSC_v9.00 [ C =332]
10000_ || 42.42 42.42 | 46.30 46.31 | 53.29 53.31 | //: 32-bit, MSC_v9.00 [ C =332]
100000_ || 42.21 42.50 | 43.60 45.77 | 49.55 50.03 | //: 32-bit, MSC_v9.00 [ C =332]
API || 864 bytes | 704 bytes | 720 bytes | //: 32-bit, MSC_v9.00 [ C =332]
Block || 4560 bytes | 9232 bytes | 12560 bytes | //: 32-bit, MSC_v9.00 [ C =332]
1_ || 780.00 798.00 | 1920.00 1920.00 | 3732.00 3732.00 | //: 64-bit, MSC_v9.00 [ C =332]
10_ || 76.80 76.80 | 189.00 191.40 | 402.60 402.60 | //: 64-bit, MSC_v9.00 [ C =332]
100_ || 17.10 17.16 | 27.66 27.90 | 37.62 37.62 | //: 64-bit, MSC_v9.00 [ C =332]
1000_ || 9.98 10.12 | 14.23 14.25 | 16.13 16.13 | //: 64-bit, MSC_v9.00 [ C =332]
10000_ || 9.27 9.28 | 12.89 12.99 | 13.98 13.98 | //: 64-bit, MSC_v9.00 [ C =332]
100000_ || 9.32 9.56 | 13.12 13.19 | 14.15 14.23 | //: 64-bit, MSC_v9.00 [ C =332]
API || 992 bytes | 1312 bytes | 864 bytes | //: 64-bit, MSC_v9.00 [ C =332]
Block || 1200 bytes | 2928 bytes | 5008 bytes | //: 64-bit, MSC_v9.00 [ C =332]
1_ || 2598.00 2604.00 | 4866.00 4878.00 | 10614.00 10632.00 | //: 32-bit, MSC_v9.00 [asm=332]
10_ || 260.40 261.00 | 490.20 490.20 | 1067.40 1067.40 | //: 32-bit, MSC_v9.00 [asm=332]
100_ || 60.78 60.78 | 72.00 72.00 | 106.86 106.92 | //: 32-bit, MSC_v9.00 [asm=332]
1000_ || 38.38 38.42 | 39.17 39.19 | 46.49 46.61 | //: 32-bit, MSC_v9.00 [asm=332]
10000_ || 40.98 47.69 | 35.81 35.86 | 40.96 43.93 | //: 32-bit, MSC_v9.00 [asm=332]
100000_ || 34.46 36.34 | 34.07 37.16 | 39.60 43.18 | //: 32-bit, MSC_v9.00 [asm=332]
API || 864 bytes | 704 bytes | 720 bytes | //: 32-bit, MSC_v9.00 [asm=332]
Block || 3060 bytes | 6300 bytes | 8835 bytes | //: 32-bit, MSC_v9.00 [asm=332]
1_ || 684.00 690.00 | 1104.00 1104.00 | 2028.00 2034.00 | //: 64-bit, MSC_v9.00 [asm=332]
10_ || 70.80 70.80 | 120.00 120.00 | 219.00 219.00 | //: 64-bit, MSC_v9.00 [asm=332]
100_ || 15.72 15.72 | 16.74 16.74 | 22.20 22.20 | //: 64-bit, MSC_v9.00 [asm=332]
1000_ || 8.42 8.42 | 7.22 7.22 | 8.30 8.30 | //: 64-bit, MSC_v9.00 [asm=332]
10000_ || 7.85 8.51 | 6.58 6.58 | 7.11 7.12 | //: 64-bit, MSC_v9.00 [asm=332]
100000_ || 7.80 9.43 | 6.90 7.71 | 7.18 8.48 | //: 64-bit, MSC_v9.00 [asm=332]
API || 992 bytes | 1312 bytes | 864 bytes | //: 64-bit, MSC_v9.00 [asm=332]
Block || 1288 bytes | 2182 bytes | 3449 bytes | //: 64-bit, MSC_v9.00 [asm=332]
1_ || 2994.00 2994.00 | 6240.00 6240.00 | 14598.00 14604.00 | //: 32-bit, MSC_v9.00 [ C =335]
10_ || 300.60 301.20 | 624.00 624.60 | 1459.20 1461.00 | //: 32-bit, MSC_v9.00 [ C =335]
100_ || 70.62 70.68 | 91.86 91.92 | 146.10 146.16 | //: 32-bit, MSC_v9.00 [ C =335]
1000_ || 44.65 44.65 | 50.20 50.20 | 62.74 62.76 | //: 32-bit, MSC_v9.00 [ C =335]
10000_ || 42.16 42.42 | 46.31 46.73 | 55.11 55.13 | //: 32-bit, MSC_v9.00 [ C =335]
100000_ || 40.09 40.55 | 45.76 45.97 | 51.00 53.08 | //: 32-bit, MSC_v9.00 [ C =335]
API || 864 bytes | 704 bytes | 720 bytes | //: 32-bit, MSC_v9.00 [ C =335]
Block || 4560 bytes | 9232 bytes | 29280 bytes | //: 32-bit, MSC_v9.00 [ C =335]
1_ || 780.00 798.00 | 1890.00 1920.00 | 3498.00 3498.00 | //: 64-bit, MSC_v9.00 [ C =335]
10_ || 77.40 78.00 | 190.80 195.00 | 350.40 379.20 | //: 64-bit, MSC_v9.00 [ C =335]
100_ || 17.10 17.10 | 27.72 28.08 | 35.28 35.28 | //: 64-bit, MSC_v9.00 [ C =335]
1000_ || 9.95 10.00 | 14.23 14.24 | 15.09 15.10 | //: 64-bit, MSC_v9.00 [ C =335]
10000_ || 9.30 10.06 | 12.94 14.10 | 13.07 14.36 | //: 64-bit, MSC_v9.00 [ C =335]
100000_ || 9.33 9.58 | 13.94 13.95 | 13.24 13.92 | //: 64-bit, MSC_v9.00 [ C =335]
API || 992 bytes | 1312 bytes | 864 bytes | //: 64-bit, MSC_v9.00 [ C =335]
Block || 1200 bytes | 2928 bytes | 10880 bytes | //: 64-bit, MSC_v9.00 [ C =335]
1_ || 2586.00 2592.00 | 4896.00 4902.00 | 10668.00 10668.00 | //: 32-bit, MSC_v9.00 [asm=335]
10_ || 263.40 263.40 | 489.60 489.60 | 1069.20 1069.80 | //: 32-bit, MSC_v9.00 [asm=335]
100_ || 61.08 61.14 | 72.30 72.36 | 107.04 107.10 | //: 32-bit, MSC_v9.00 [asm=335]
1000_ || 35.57 35.57 | 36.11 36.12 | 43.07 43.12 | //: 32-bit, MSC_v9.00 [asm=335]
10000_ || 33.68 34.51 | 33.29 36.32 | 37.91 39.80 | //: 32-bit, MSC_v9.00 [asm=335]
100000_ || 36.32 36.43 | 35.91 35.98 | 38.02 38.19 | //: 32-bit, MSC_v9.00 [asm=335]
API || 864 bytes | 704 bytes | 720 bytes | //: 32-bit, MSC_v9.00 [asm=335]
Block || 3060 bytes | 6300 bytes | 20391 bytes | //: 32-bit, MSC_v9.00 [asm=335]
1_ || 684.00 690.00 | 1104.00 1104.00 | 2022.00 2022.00 | //: 64-bit, MSC_v9.00 [asm=335]
10_ || 65.40 65.40 | 109.80 109.80 | 201.60 202.20 | //: 64-bit, MSC_v9.00 [asm=335]
100_ || 15.78 15.78 | 16.80 16.80 | 22.02 22.08 | //: 64-bit, MSC_v9.00 [asm=335]
1000_ || 8.41 8.42 | 7.21 7.22 | 8.24 8.26 | //: 64-bit, MSC_v9.00 [asm=335]
10000_ || 7.84 7.84 | 6.45 6.50 | 7.12 7.12 | //: 64-bit, MSC_v9.00 [asm=335]
100000_ || 8.11 8.11 | 6.49 6.74 | 6.95 7.26 | //: 64-bit, MSC_v9.00 [asm=335]
API || 992 bytes | 1312 bytes | 864 bytes | //: 64-bit, MSC_v9.00 [asm=335]
Block || 1288 bytes | 2182 bytes | 7133 bytes | //: 64-bit, MSC_v9.00 [asm=335]

1335
Additional_Implementations/skein_block_x64.asm Normal file
View File

File diff suppressed because it is too large Load Diff

1328
Additional_Implementations/skein_block_x64.s Normal file
View File

File diff suppressed because it is too large Load Diff

1180
Additional_Implementations/skein_block_x86.asm Normal file
View File

File diff suppressed because it is too large Load Diff

1167
Additional_Implementations/skein_block_xmm32.asm Normal file
View File

File diff suppressed because it is too large Load Diff

1110
Additional_Implementations/skein_block_xmm32.s Normal file
View File

File diff suppressed because it is too large Load Diff

1440
Additional_Implementations/skein_perf_core2.txt Normal file
View File

File diff suppressed because it is too large Load Diff

2538
Additional_Implementations/skein_rot_search2.c Normal file
View File

File diff suppressed because it is too large Load Diff

1380
Additional_Implementations/skein_test.c Normal file
View File

File diff suppressed because it is too large Load Diff

115
Optimized_32bit/SHA3api_ref.c Normal file
View File

@ -0,0 +1,115 @@
/***********************************************************************
**
** Implementation of the AHS API using the Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#include <string.h> /* get the memcpy/memset functions */
#include "skein.h" /* get the Skein API definitions */
#include "SHA3api_ref.h"/* get the AHS API definitions */
/******************************************************************/
/* AHS API code */
/******************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* select the context size and init the context */
HashReturn Init(hashState *state, int hashbitlen)
{
#if SKEIN_256_NIST_MAX_HASH_BITS
if (hashbitlen <= SKEIN_256_NIST_MAX_HASHBITS)
{
Skein_Assert(hashbitlen > 0,BAD_HASHLEN);
state->statebits = 64*SKEIN_256_STATE_WORDS;
return Skein_256_Init(&state->u.ctx_256,(size_t) hashbitlen);
}
#endif
if (hashbitlen <= SKEIN_512_NIST_MAX_HASHBITS)
{
state->statebits = 64*SKEIN_512_STATE_WORDS;
return Skein_512_Init(&state->u.ctx_512,(size_t) hashbitlen);
}
else
{
state->statebits = 64*SKEIN1024_STATE_WORDS;
return Skein1024_Init(&state->u.ctx1024,(size_t) hashbitlen);
}
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process data to be hashed */
HashReturn Update(hashState *state, const BitSequence *data, DataLength databitlen)
{
/* only the final Update() call is allowed do partial bytes, else assert an error */
Skein_Assert((state->u.h.T[1] & SKEIN_T1_FLAG_BIT_PAD) == 0 || databitlen == 0, FAIL);
Skein_Assert(state->statebits % 256 == 0 && (state->statebits-256) < 1024,FAIL);
if ((databitlen & 7) == 0) /* partial bytes? */
{
switch ((state->statebits >> 8) & 3)
{
case 2: return Skein_512_Update(&state->u.ctx_512,data,databitlen >> 3);
case 1: return Skein_256_Update(&state->u.ctx_256,data,databitlen >> 3);
case 0: return Skein1024_Update(&state->u.ctx1024,data,databitlen >> 3);
default: return FAIL;
}
}
else
{ /* handle partial final byte */
size_t bCnt = (databitlen >> 3) + 1; /* number of bytes to handle (nonzero here!) */
u08b_t b,mask;
mask = (u08b_t) (1u << (7 - (databitlen & 7))); /* partial byte bit mask */
b = (u08b_t) ((data[bCnt-1] & (0-mask)) | mask); /* apply bit padding on final byte */
switch ((state->statebits >> 8) & 3)
{
case 2: Skein_512_Update(&state->u.ctx_512,data,bCnt-1); /* process all but the final byte */
Skein_512_Update(&state->u.ctx_512,&b , 1 ); /* process the (masked) partial byte */
break;
case 1: Skein_256_Update(&state->u.ctx_256,data,bCnt-1); /* process all but the final byte */
Skein_256_Update(&state->u.ctx_256,&b , 1 ); /* process the (masked) partial byte */
break;
case 0: Skein1024_Update(&state->u.ctx1024,data,bCnt-1); /* process all but the final byte */
Skein1024_Update(&state->u.ctx1024,&b , 1 ); /* process the (masked) partial byte */
break;
default: return FAIL;
}
Skein_Set_Bit_Pad_Flag(state->u.h); /* set tweak flag for the final call */
return SUCCESS;
}
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize hash computation and output the result (hashbitlen bits) */
HashReturn Final(hashState *state, BitSequence *hashval)
{
Skein_Assert(state->statebits % 256 == 0 && (state->statebits-256) < 1024,FAIL);
switch ((state->statebits >> 8) & 3)
{
case 2: return Skein_512_Final(&state->u.ctx_512,hashval);
case 1: return Skein_256_Final(&state->u.ctx_256,hashval);
case 0: return Skein1024_Final(&state->u.ctx1024,hashval);
default: return FAIL;
}
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* all-in-one hash function */
HashReturn Hash(int hashbitlen, const BitSequence *data, /* all-in-one call */
DataLength databitlen,BitSequence *hashval)
{
hashState state;
HashReturn r = Init(&state,hashbitlen);
if (r == SUCCESS)
{ /* these calls do not fail when called properly */
r = Update(&state,data,databitlen);
Final(&state,hashval);
}
return r;
}

66
Optimized_32bit/SHA3api_ref.h Normal file
View File

@ -0,0 +1,66 @@
#ifndef _AHS_API_H_
#define _AHS_API_H_
/***********************************************************************
**
** Interface declarations of the AHS API using the Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#include "skein.h"
typedef enum
{
SUCCESS = SKEIN_SUCCESS,
FAIL = SKEIN_FAIL,
BAD_HASHLEN = SKEIN_BAD_HASHLEN
}
HashReturn;
typedef size_t DataLength; /* bit count type */
typedef u08b_t BitSequence; /* bit stream type */
typedef struct
{
uint_t statebits; /* 256, 512, or 1024 */
union
{
Skein_Ctxt_Hdr_t h; /* common header "overlay" */
Skein_256_Ctxt_t ctx_256;
Skein_512_Ctxt_t ctx_512;
Skein1024_Ctxt_t ctx1024;
} u;
}
hashState;
/* "incremental" hashing API */
HashReturn Init (hashState *state, int hashbitlen);
HashReturn Update(hashState *state, const BitSequence *data, DataLength databitlen);
HashReturn Final (hashState *state, BitSequence *hashval);
/* "all-in-one" call */
HashReturn Hash (int hashbitlen, const BitSequence *data,
DataLength databitlen, BitSequence *hashval);
/*
** Re-define the compile-time constants below to change the selection
** of the Skein state size in the Init() function in SHA3api_ref.c.
**
** That is, the NIST API does not allow for explicit selection of the
** Skein block size, so it must be done implicitly in the Init() function.
** The selection is controlled by these constants.
*/
#ifndef SKEIN_256_NIST_MAX_HASHBITS
#define SKEIN_256_NIST_MAX_HASHBITS (0)
#endif
#ifndef SKEIN_512_NIST_MAX_HASHBITS
#define SKEIN_512_NIST_MAX_HASHBITS (512)
#endif
#endif /* ifdef _AHS_API_H_ */

148
Optimized_32bit/brg_endian.h Normal file
View File

@ -0,0 +1,148 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue 20/10/2006
*/
#ifndef BRG_ENDIAN_H
#define BRG_ENDIAN_H
#define IS_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */
#define IS_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */
/* Include files where endian defines and byteswap functions may reside */
#if defined( __FreeBSD__ ) || defined( __OpenBSD__ ) || defined( __NetBSD__ )
# include <sys/endian.h>
#elif defined( BSD ) && ( BSD >= 199103 ) || defined( __APPLE__ ) || \
defined( __CYGWIN32__ ) || defined( __DJGPP__ ) || defined( __osf__ )
# include <machine/endian.h>
#elif defined( __linux__ ) || defined( __GNUC__ ) || defined( __GNU_LIBRARY__ )
# if !defined( __MINGW32__ ) && !defined(AVR)
# include <endian.h>
# if !defined( __BEOS__ )
# include <byteswap.h>
# endif
# endif
#endif
/* Now attempt to set the define for platform byte order using any */
/* of the four forms SYMBOL, _SYMBOL, __SYMBOL & __SYMBOL__, which */
/* seem to encompass most endian symbol definitions */
#if defined( BIG_ENDIAN ) && defined( LITTLE_ENDIAN )
# if defined( BYTE_ORDER ) && BYTE_ORDER == BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( BYTE_ORDER ) && BYTE_ORDER == LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( _BIG_ENDIAN ) && defined( _LITTLE_ENDIAN )
# if defined( _BYTE_ORDER ) && _BYTE_ORDER == _BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( _BYTE_ORDER ) && _BYTE_ORDER == _LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( _BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( _LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( __BIG_ENDIAN ) && defined( __LITTLE_ENDIAN )
# if defined( __BYTE_ORDER ) && __BYTE_ORDER == __BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( __BYTE_ORDER ) && __BYTE_ORDER == __LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( __BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( __LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( __BIG_ENDIAN__ ) && defined( __LITTLE_ENDIAN__ )
# if defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __BIG_ENDIAN__
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __LITTLE_ENDIAN__
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( __BIG_ENDIAN__ )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( __LITTLE_ENDIAN__ )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
/* if the platform byte order could not be determined, then try to */
/* set this define using common machine defines */
#if !defined(PLATFORM_BYTE_ORDER)
#if defined( __alpha__ ) || defined( __alpha ) || defined( i386 ) || \
defined( __i386__ ) || defined( _M_I86 ) || defined( _M_IX86 ) || \
defined( __OS2__ ) || defined( sun386 ) || defined( __TURBOC__ ) || \
defined( vax ) || defined( vms ) || defined( VMS ) || \
defined( __VMS ) || defined( _M_X64 ) || defined( AVR )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#elif defined( AMIGA ) || defined( applec ) || defined( __AS400__ ) || \
defined( _CRAY ) || defined( __hppa ) || defined( __hp9000 ) || \
defined( ibm370 ) || defined( mc68000 ) || defined( m68k ) || \
defined( __MRC__ ) || defined( __MVS__ ) || defined( __MWERKS__ ) || \
defined( sparc ) || defined( __sparc) || defined( SYMANTEC_C ) || \
defined( __VOS__ ) || defined( __TIGCC__ ) || defined( __TANDEM ) || \
defined( THINK_C ) || defined( __VMCMS__ )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif 0 /* **** EDIT HERE IF NECESSARY **** */
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#elif 0 /* **** EDIT HERE IF NECESSARY **** */
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#else
# error Please edit lines 126 or 128 in brg_endian.h to set the platform byte order
#endif
#endif
/* special handler for IA64, which may be either endianness (?) */
/* here we assume little-endian, but this may need to be changed */
#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
# define PLATFORM_MUST_ALIGN (1)
#ifndef PLATFORM_BYTE_ORDER
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#endif
#ifndef PLATFORM_MUST_ALIGN
# define PLATFORM_MUST_ALIGN (0)
#endif
#endif /* ifndef BRG_ENDIAN_H */

188
Optimized_32bit/brg_types.h Normal file
View File

@ -0,0 +1,188 @@
/*
---------------------------------------------------------------------------
Copyright (c) 1998-2006, Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue 09/09/2006
The unsigned integer types defined here are of the form uint_<nn>t where
<nn> is the length of the type; for example, the unsigned 32-bit type is
'uint_32t'. These are NOT the same as the 'C99 integer types' that are
defined in the inttypes.h and stdint.h headers since attempts to use these
types have shown that support for them is still highly variable. However,
since the latter are of the form uint<nn>_t, a regular expression search
and replace (in VC++ search on 'uint_{:z}t' and replace with 'uint\1_t')
can be used to convert the types used here to the C99 standard types.
*/
#ifndef BRG_TYPES_H
#define BRG_TYPES_H
#if defined(__cplusplus)
extern "C" {
#endif
#include <limits.h>
#ifndef BRG_UI8
# define BRG_UI8
# if UCHAR_MAX == 255u
typedef unsigned char uint_8t;
# else
# error Please define uint_8t as an 8-bit unsigned integer type in brg_types.h
# endif
#endif
#ifndef BRG_UI16
# define BRG_UI16
# if USHRT_MAX == 65535u
typedef unsigned short uint_16t;
# else
# error Please define uint_16t as a 16-bit unsigned short type in brg_types.h
# endif
#endif
#ifndef BRG_UI32
# define BRG_UI32
# if UINT_MAX == 4294967295u
# define li_32(h) 0x##h##u
typedef unsigned int uint_32t;
# elif ULONG_MAX == 4294967295u
# define li_32(h) 0x##h##ul
typedef unsigned long uint_32t;
# elif defined( _CRAY )
# error This code needs 32-bit data types, which Cray machines do not provide
# else
# error Please define uint_32t as a 32-bit unsigned integer type in brg_types.h
# endif
#endif
#ifndef BRG_UI64
# if defined( __BORLANDC__ ) && !defined( __MSDOS__ )
# define BRG_UI64
# define li_64(h) 0x##h##ui64
typedef unsigned __int64 uint_64t;
# elif defined( _MSC_VER ) && ( _MSC_VER < 1300 ) /* 1300 == VC++ 7.0 */
# define BRG_UI64
# define li_64(h) 0x##h##ui64
typedef unsigned __int64 uint_64t;
# elif defined( __sun ) && defined(ULONG_MAX) && ULONG_MAX == 0xfffffffful
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# elif defined( UINT_MAX ) && UINT_MAX > 4294967295u
# if UINT_MAX == 18446744073709551615u
# define BRG_UI64
# define li_64(h) 0x##h##u
typedef unsigned int uint_64t;
# endif
# elif defined( ULONG_MAX ) && ULONG_MAX > 4294967295u
# if ULONG_MAX == 18446744073709551615ul
# define BRG_UI64
# define li_64(h) 0x##h##ul
typedef unsigned long uint_64t;
# endif
# elif defined( ULLONG_MAX ) && ULLONG_MAX > 4294967295u
# if ULLONG_MAX == 18446744073709551615ull
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# endif
# elif defined( ULONG_LONG_MAX ) && ULONG_LONG_MAX > 4294967295u
# if ULONG_LONG_MAX == 18446744073709551615ull
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# endif
# elif defined(__GNUC__) /* DLW: avoid mingw problem with -ansi */
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# endif
#endif
#if defined( NEED_UINT_64T ) && !defined( BRG_UI64 )
# error Please define uint_64t as an unsigned 64 bit type in brg_types.h
#endif
#ifndef RETURN_VALUES
# define RETURN_VALUES
# if defined( DLL_EXPORT )
# if defined( _MSC_VER ) || defined ( __INTEL_COMPILER )
# define VOID_RETURN __declspec( dllexport ) void __stdcall
# define INT_RETURN __declspec( dllexport ) int __stdcall
# elif defined( __GNUC__ )
# define VOID_RETURN __declspec( __dllexport__ ) void
# define INT_RETURN __declspec( __dllexport__ ) int
# else
# error Use of the DLL is only available on the Microsoft, Intel and GCC compilers
# endif
# elif defined( DLL_IMPORT )
# if defined( _MSC_VER ) || defined ( __INTEL_COMPILER )
# define VOID_RETURN __declspec( dllimport ) void __stdcall
# define INT_RETURN __declspec( dllimport ) int __stdcall
# elif defined( __GNUC__ )
# define VOID_RETURN __declspec( __dllimport__ ) void
# define INT_RETURN __declspec( __dllimport__ ) int
# else
# error Use of the DLL is only available on the Microsoft, Intel and GCC compilers
# endif
# elif defined( __WATCOMC__ )
# define VOID_RETURN void __cdecl
# define INT_RETURN int __cdecl
# else
# define VOID_RETURN void
# define INT_RETURN int
# endif
#endif
/* These defines are used to declare buffers in a way that allows
faster operations on longer variables to be used. In all these
defines 'size' must be a power of 2 and >= 8
dec_unit_type(size,x) declares a variable 'x' of length
'size' bits
dec_bufr_type(size,bsize,x) declares a buffer 'x' of length 'bsize'
bytes defined as an array of variables
each of 'size' bits (bsize must be a
multiple of size / 8)
ptr_cast(x,size) casts a pointer to a pointer to a
varaiable of length 'size' bits
*/
#define ui_type(size) uint_##size##t
#define dec_unit_type(size,x) typedef ui_type(size) x
#define dec_bufr_type(size,bsize,x) typedef ui_type(size) x[bsize / (size >> 3)]
#define ptr_cast(x,size) ((ui_type(size)*)(x))
#if defined(__cplusplus)
}
#endif
#endif

753
Optimized_32bit/skein.c Normal file
View File

@ -0,0 +1,753 @@
/***********************************************************************
**
** Implementation of the Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#define SKEIN_PORT_CODE /* instantiate any code in skein_port.h */
#include <string.h> /* get the memcpy/memset functions */
#include "skein.h" /* get the Skein API definitions */
#include "skein_iv.h" /* get precomputed IVs */
/*****************************************************************/
/* External function to process blkCnt (nonzero) full block(s) of data. */
void Skein_256_Process_Block(Skein_256_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd);
void Skein_512_Process_Block(Skein_512_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd);
void Skein1024_Process_Block(Skein1024_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd);
/*****************************************************************/
/* 256-bit Skein */
/*****************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a straight hashing operation */
int Skein_256_Init(Skein_256_Ctxt_t *ctx, size_t hashBitLen)
{
union
{
u08b_t b[SKEIN_256_STATE_BYTES];
u64b_t w[SKEIN_256_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
switch (hashBitLen)
{ /* use pre-computed values, where available */
#ifndef SKEIN_NO_PRECOMP
case 256: memcpy(ctx->X,SKEIN_256_IV_256,sizeof(ctx->X)); break;
case 224: memcpy(ctx->X,SKEIN_256_IV_224,sizeof(ctx->X)); break;
case 160: memcpy(ctx->X,SKEIN_256_IV_160,sizeof(ctx->X)); break;
case 128: memcpy(ctx->X,SKEIN_256_IV_128,sizeof(ctx->X)); break;
#endif
default:
/* here if there is no precomputed IV value available */
/* build/process the config block, type == CONFIG (could be precomputed) */
Skein_Start_New_Type(ctx,CFG_FINAL); /* set tweaks: T0=0; T1=CFG | FINAL */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER); /* set the schema, version */
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(SKEIN_CFG_TREE_INFO_SEQUENTIAL);
memset(&cfg.w[3],0,sizeof(cfg) - 3*sizeof(cfg.w[0])); /* zero pad config block */
/* compute the initial chaining values from config block */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the chaining variables */
Skein_256_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
break;
}
/* The chaining vars ctx->X are now initialized for the given hashBitLen. */
/* Set up to process the data message portion of the hash (default) */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a MAC and/or tree hash operation */
/* [identical to Skein_256_Init() when keyBytes == 0 && treeInfo == SKEIN_CFG_TREE_INFO_SEQUENTIAL] */
int Skein_256_InitExt(Skein_256_Ctxt_t *ctx,size_t hashBitLen,u64b_t treeInfo, const u08b_t *key, size_t keyBytes)
{
union
{
u08b_t b[SKEIN_256_STATE_BYTES];
u64b_t w[SKEIN_256_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
Skein_Assert(keyBytes == 0 || key != NULL,SKEIN_FAIL);
/* compute the initial chaining values ctx->X[], based on key */
if (keyBytes == 0) /* is there a key? */
{
memset(ctx->X,0,sizeof(ctx->X)); /* no key: use all zeroes as key for config block */
}
else /* here to pre-process a key */
{
Skein_assert(sizeof(cfg.b) >= sizeof(ctx->X));
/* do a mini-Init right here */
ctx->h.hashBitLen=8*sizeof(ctx->X); /* set output hash bit count = state size */
Skein_Start_New_Type(ctx,KEY); /* set tweaks: T0 = 0; T1 = KEY type */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the initial chaining variables */
Skein_256_Update(ctx,key,keyBytes); /* hash the key */
Skein_256_Final_Pad(ctx,cfg.b); /* put result into cfg.b[] */
memcpy(ctx->X,cfg.b,sizeof(cfg.b)); /* copy over into ctx->X[] */
#if SKEIN_NEED_SWAP
{
uint_t i;
for (i=0;i<SKEIN_256_STATE_WORDS;i++) /* convert key bytes to context words */
ctx->X[i] = Skein_Swap64(ctx->X[i]);
}
#endif
}
/* build/process the config block, type == CONFIG (could be precomputed for each key) */
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
Skein_Start_New_Type(ctx,CFG_FINAL);
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER);
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(treeInfo); /* tree hash config info (or SKEIN_CFG_TREE_INFO_SEQUENTIAL) */
Skein_Show_Key(256,&ctx->h,key,keyBytes);
/* compute the initial chaining values from config block */
Skein_256_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized */
/* Set up to process the data message portion of the hash (default) */
ctx->h.bCnt = 0; /* buffer b[] starts out empty */
Skein_Start_New_Type(ctx,MSG);
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process the input bytes */
int Skein_256_Update(Skein_256_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt)
{
size_t n;
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* process full blocks, if any */
if (msgByteCnt + ctx->h.bCnt > SKEIN_256_BLOCK_BYTES)
{
if (ctx->h.bCnt) /* finish up any buffered message data */
{
n = SKEIN_256_BLOCK_BYTES - ctx->h.bCnt; /* # bytes free in buffer b[] */
if (n)
{
Skein_assert(n < msgByteCnt); /* check on our logic here */
memcpy(&ctx->b[ctx->h.bCnt],msg,n);
msgByteCnt -= n;
msg += n;
ctx->h.bCnt += n;
}
Skein_assert(ctx->h.bCnt == SKEIN_256_BLOCK_BYTES);
Skein_256_Process_Block(ctx,ctx->b,1,SKEIN_256_BLOCK_BYTES);
ctx->h.bCnt = 0;
}
/* now process any remaining full blocks, directly from input message data */
if (msgByteCnt > SKEIN_256_BLOCK_BYTES)
{
n = (msgByteCnt-1) / SKEIN_256_BLOCK_BYTES; /* number of full blocks to process */
Skein_256_Process_Block(ctx,msg,n,SKEIN_256_BLOCK_BYTES);
msgByteCnt -= n * SKEIN_256_BLOCK_BYTES;
msg += n * SKEIN_256_BLOCK_BYTES;
}
Skein_assert(ctx->h.bCnt == 0);
}
/* copy any remaining source message data bytes into b[] */
if (msgByteCnt)
{
Skein_assert(msgByteCnt + ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES);
memcpy(&ctx->b[ctx->h.bCnt],msg,msgByteCnt);
ctx->h.bCnt += msgByteCnt;
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the result */
int Skein_256_Final(Skein_256_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_256_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_256_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_256_BLOCK_BYTES - ctx->h.bCnt);
Skein_256_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_256_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_256_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_256_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_256_BLOCK_BYTES)
n = SKEIN_256_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_256_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN_256_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_256_API_CodeSize(void)
{
return ((u08b_t *) Skein_256_API_CodeSize) -
((u08b_t *) Skein_256_Init);
}
#endif
/*****************************************************************/
/* 512-bit Skein */
/*****************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a straight hashing operation */
int Skein_512_Init(Skein_512_Ctxt_t *ctx, size_t hashBitLen)
{
union
{
u08b_t b[SKEIN_512_STATE_BYTES];
u64b_t w[SKEIN_512_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
switch (hashBitLen)
{ /* use pre-computed values, where available */
#ifndef SKEIN_NO_PRECOMP
case 512: memcpy(ctx->X,SKEIN_512_IV_512,sizeof(ctx->X)); break;
case 384: memcpy(ctx->X,SKEIN_512_IV_384,sizeof(ctx->X)); break;
case 256: memcpy(ctx->X,SKEIN_512_IV_256,sizeof(ctx->X)); break;
case 224: memcpy(ctx->X,SKEIN_512_IV_224,sizeof(ctx->X)); break;
#endif
default:
/* here if there is no precomputed IV value available */
/* build/process the config block, type == CONFIG (could be precomputed) */
Skein_Start_New_Type(ctx,CFG_FINAL); /* set tweaks: T0=0; T1=CFG | FINAL */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER); /* set the schema, version */
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(SKEIN_CFG_TREE_INFO_SEQUENTIAL);
memset(&cfg.w[3],0,sizeof(cfg) - 3*sizeof(cfg.w[0])); /* zero pad config block */
/* compute the initial chaining values from config block */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the chaining variables */
Skein_512_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
break;
}
/* The chaining vars ctx->X are now initialized for the given hashBitLen. */
/* Set up to process the data message portion of the hash (default) */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a MAC and/or tree hash operation */
/* [identical to Skein_512_Init() when keyBytes == 0 && treeInfo == SKEIN_CFG_TREE_INFO_SEQUENTIAL] */
int Skein_512_InitExt(Skein_512_Ctxt_t *ctx,size_t hashBitLen,u64b_t treeInfo, const u08b_t *key, size_t keyBytes)
{
union
{
u08b_t b[SKEIN_512_STATE_BYTES];
u64b_t w[SKEIN_512_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
Skein_Assert(keyBytes == 0 || key != NULL,SKEIN_FAIL);
/* compute the initial chaining values ctx->X[], based on key */
if (keyBytes == 0) /* is there a key? */
{
memset(ctx->X,0,sizeof(ctx->X)); /* no key: use all zeroes as key for config block */
}
else /* here to pre-process a key */
{
Skein_assert(sizeof(cfg.b) >= sizeof(ctx->X));
/* do a mini-Init right here */
ctx->h.hashBitLen=8*sizeof(ctx->X); /* set output hash bit count = state size */
Skein_Start_New_Type(ctx,KEY); /* set tweaks: T0 = 0; T1 = KEY type */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the initial chaining variables */
Skein_512_Update(ctx,key,keyBytes); /* hash the key */
Skein_512_Final_Pad(ctx,cfg.b); /* put result into cfg.b[] */
memcpy(ctx->X,cfg.b,sizeof(cfg.b)); /* copy over into ctx->X[] */
#if SKEIN_NEED_SWAP
{
uint_t i;
for (i=0;i<SKEIN_512_STATE_WORDS;i++) /* convert key bytes to context words */
ctx->X[i] = Skein_Swap64(ctx->X[i]);
}
#endif
}
/* build/process the config block, type == CONFIG (could be precomputed for each key) */
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
Skein_Start_New_Type(ctx,CFG_FINAL);
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER);
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(treeInfo); /* tree hash config info (or SKEIN_CFG_TREE_INFO_SEQUENTIAL) */
Skein_Show_Key(512,&ctx->h,key,keyBytes);
/* compute the initial chaining values from config block */
Skein_512_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized */
/* Set up to process the data message portion of the hash (default) */
ctx->h.bCnt = 0; /* buffer b[] starts out empty */
Skein_Start_New_Type(ctx,MSG);
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process the input bytes */
int Skein_512_Update(Skein_512_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt)
{
size_t n;
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* process full blocks, if any */
if (msgByteCnt + ctx->h.bCnt > SKEIN_512_BLOCK_BYTES)
{
if (ctx->h.bCnt) /* finish up any buffered message data */
{
n = SKEIN_512_BLOCK_BYTES - ctx->h.bCnt; /* # bytes free in buffer b[] */
if (n)
{
Skein_assert(n < msgByteCnt); /* check on our logic here */
memcpy(&ctx->b[ctx->h.bCnt],msg,n);
msgByteCnt -= n;
msg += n;
ctx->h.bCnt += n;
}
Skein_assert(ctx->h.bCnt == SKEIN_512_BLOCK_BYTES);
Skein_512_Process_Block(ctx,ctx->b,1,SKEIN_512_BLOCK_BYTES);
ctx->h.bCnt = 0;
}
/* now process any remaining full blocks, directly from input message data */
if (msgByteCnt > SKEIN_512_BLOCK_BYTES)
{
n = (msgByteCnt-1) / SKEIN_512_BLOCK_BYTES; /* number of full blocks to process */
Skein_512_Process_Block(ctx,msg,n,SKEIN_512_BLOCK_BYTES);
msgByteCnt -= n * SKEIN_512_BLOCK_BYTES;
msg += n * SKEIN_512_BLOCK_BYTES;
}
Skein_assert(ctx->h.bCnt == 0);
}
/* copy any remaining source message data bytes into b[] */
if (msgByteCnt)
{
Skein_assert(msgByteCnt + ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES);
memcpy(&ctx->b[ctx->h.bCnt],msg,msgByteCnt);
ctx->h.bCnt += msgByteCnt;
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the result */
int Skein_512_Final(Skein_512_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_512_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_512_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_512_BLOCK_BYTES - ctx->h.bCnt);
Skein_512_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_512_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_512_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_512_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_512_BLOCK_BYTES)
n = SKEIN_512_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_512_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(512,&ctx->h,n,hashVal+i*SKEIN_512_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_512_API_CodeSize(void)
{
return ((u08b_t *) Skein_512_API_CodeSize) -
((u08b_t *) Skein_512_Init);
}
#endif
/*****************************************************************/
/* 1024-bit Skein */
/*****************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a straight hashing operation */
int Skein1024_Init(Skein1024_Ctxt_t *ctx, size_t hashBitLen)
{
union
{
u08b_t b[SKEIN1024_STATE_BYTES];
u64b_t w[SKEIN1024_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
switch (hashBitLen)
{ /* use pre-computed values, where available */
#ifndef SKEIN_NO_PRECOMP
case 512: memcpy(ctx->X,SKEIN1024_IV_512 ,sizeof(ctx->X)); break;
case 384: memcpy(ctx->X,SKEIN1024_IV_384 ,sizeof(ctx->X)); break;
case 1024: memcpy(ctx->X,SKEIN1024_IV_1024,sizeof(ctx->X)); break;
#endif
default:
/* here if there is no precomputed IV value available */
/* build/process the config block, type == CONFIG (could be precomputed) */
Skein_Start_New_Type(ctx,CFG_FINAL); /* set tweaks: T0=0; T1=CFG | FINAL */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER); /* set the schema, version */
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(SKEIN_CFG_TREE_INFO_SEQUENTIAL);
memset(&cfg.w[3],0,sizeof(cfg) - 3*sizeof(cfg.w[0])); /* zero pad config block */
/* compute the initial chaining values from config block */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the chaining variables */
Skein1024_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
break;
}
/* The chaining vars ctx->X are now initialized for the given hashBitLen. */
/* Set up to process the data message portion of the hash (default) */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a MAC and/or tree hash operation */
/* [identical to Skein1024_Init() when keyBytes == 0 && treeInfo == SKEIN_CFG_TREE_INFO_SEQUENTIAL] */
int Skein1024_InitExt(Skein1024_Ctxt_t *ctx,size_t hashBitLen,u64b_t treeInfo, const u08b_t *key, size_t keyBytes)
{
union
{
u08b_t b[SKEIN1024_STATE_BYTES];
u64b_t w[SKEIN1024_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
Skein_Assert(keyBytes == 0 || key != NULL,SKEIN_FAIL);
/* compute the initial chaining values ctx->X[], based on key */
if (keyBytes == 0) /* is there a key? */
{
memset(ctx->X,0,sizeof(ctx->X)); /* no key: use all zeroes as key for config block */
}
else /* here to pre-process a key */
{
Skein_assert(sizeof(cfg.b) >= sizeof(ctx->X));
/* do a mini-Init right here */
ctx->h.hashBitLen=8*sizeof(ctx->X); /* set output hash bit count = state size */
Skein_Start_New_Type(ctx,KEY); /* set tweaks: T0 = 0; T1 = KEY type */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the initial chaining variables */
Skein1024_Update(ctx,key,keyBytes); /* hash the key */
Skein1024_Final_Pad(ctx,cfg.b); /* put result into cfg.b[] */
memcpy(ctx->X,cfg.b,sizeof(cfg.b)); /* copy over into ctx->X[] */
#if SKEIN_NEED_SWAP
{
uint_t i;
for (i=0;i<SKEIN1024_STATE_WORDS;i++) /* convert key bytes to context words */
ctx->X[i] = Skein_Swap64(ctx->X[i]);
}
#endif
}
/* build/process the config block, type == CONFIG (could be precomputed for each key) */
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
Skein_Start_New_Type(ctx,CFG_FINAL);
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER);
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(treeInfo); /* tree hash config info (or SKEIN_CFG_TREE_INFO_SEQUENTIAL) */
Skein_Show_Key(1024,&ctx->h,key,keyBytes);
/* compute the initial chaining values from config block */
Skein1024_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized */
/* Set up to process the data message portion of the hash (default) */
ctx->h.bCnt = 0; /* buffer b[] starts out empty */
Skein_Start_New_Type(ctx,MSG);
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process the input bytes */
int Skein1024_Update(Skein1024_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt)
{
size_t n;
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* process full blocks, if any */
if (msgByteCnt + ctx->h.bCnt > SKEIN1024_BLOCK_BYTES)
{
if (ctx->h.bCnt) /* finish up any buffered message data */
{
n = SKEIN1024_BLOCK_BYTES - ctx->h.bCnt; /* # bytes free in buffer b[] */
if (n)
{
Skein_assert(n < msgByteCnt); /* check on our logic here */
memcpy(&ctx->b[ctx->h.bCnt],msg,n);
msgByteCnt -= n;
msg += n;
ctx->h.bCnt += n;
}
Skein_assert(ctx->h.bCnt == SKEIN1024_BLOCK_BYTES);
Skein1024_Process_Block(ctx,ctx->b,1,SKEIN1024_BLOCK_BYTES);
ctx->h.bCnt = 0;
}
/* now process any remaining full blocks, directly from input message data */
if (msgByteCnt > SKEIN1024_BLOCK_BYTES)
{
n = (msgByteCnt-1) / SKEIN1024_BLOCK_BYTES; /* number of full blocks to process */
Skein1024_Process_Block(ctx,msg,n,SKEIN1024_BLOCK_BYTES);
msgByteCnt -= n * SKEIN1024_BLOCK_BYTES;
msg += n * SKEIN1024_BLOCK_BYTES;
}
Skein_assert(ctx->h.bCnt == 0);
}
/* copy any remaining source message data bytes into b[] */
if (msgByteCnt)
{
Skein_assert(msgByteCnt + ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES);
memcpy(&ctx->b[ctx->h.bCnt],msg,msgByteCnt);
ctx->h.bCnt += msgByteCnt;
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the result */
int Skein1024_Final(Skein1024_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN1024_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN1024_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN1024_BLOCK_BYTES - ctx->h.bCnt);
Skein1024_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN1024_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein1024_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN1024_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN1024_BLOCK_BYTES)
n = SKEIN1024_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN1024_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(1024,&ctx->h,n,hashVal+i*SKEIN1024_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein1024_API_CodeSize(void)
{
return ((u08b_t *) Skein1024_API_CodeSize) -
((u08b_t *) Skein1024_Init);
}
#endif
/**************** Functions to support MAC/tree hashing ***************/
/* (this code is identical for Optimized and Reference versions) */
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the block, no OUTPUT stage */
int Skein_256_Final_Pad(Skein_256_Ctxt_t *ctx, u08b_t *hashVal)
{
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_256_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_256_BLOCK_BYTES - ctx->h.bCnt);
Skein_256_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
Skein_Put64_LSB_First(hashVal,ctx->X,SKEIN_256_BLOCK_BYTES); /* "output" the state bytes */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the block, no OUTPUT stage */
int Skein_512_Final_Pad(Skein_512_Ctxt_t *ctx, u08b_t *hashVal)
{
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_512_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_512_BLOCK_BYTES - ctx->h.bCnt);
Skein_512_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
Skein_Put64_LSB_First(hashVal,ctx->X,SKEIN_512_BLOCK_BYTES); /* "output" the state bytes */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the block, no OUTPUT stage */
int Skein1024_Final_Pad(Skein1024_Ctxt_t *ctx, u08b_t *hashVal)
{
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN1024_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN1024_BLOCK_BYTES - ctx->h.bCnt);
Skein1024_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
Skein_Put64_LSB_First(hashVal,ctx->X,SKEIN1024_BLOCK_BYTES); /* "output" the state bytes */
return SKEIN_SUCCESS;
}
#if SKEIN_TREE_HASH
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* just do the OUTPUT stage */
int Skein_256_Output(Skein_256_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_256_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_256_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_256_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_256_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_256_BLOCK_BYTES)
n = SKEIN_256_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_256_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN_256_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* just do the OUTPUT stage */
int Skein_512_Output(Skein_512_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_512_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_512_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_512_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_512_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_512_BLOCK_BYTES)
n = SKEIN_512_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_512_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN_512_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* just do the OUTPUT stage */
int Skein1024_Output(Skein1024_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN1024_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN1024_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein1024_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN1024_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN1024_BLOCK_BYTES)
n = SKEIN1024_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN1024_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN1024_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#endif

327
Optimized_32bit/skein.h Normal file
View File

@ -0,0 +1,327 @@
#ifndef _SKEIN_H_
#define _SKEIN_H_ 1
/**************************************************************************
**
** Interface declarations and internal definitions for Skein hashing.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
***************************************************************************
**
** The following compile-time switches may be defined to control some
** tradeoffs between speed, code size, error checking, and security.
**
** The "default" note explains what happens when the switch is not defined.
**
** SKEIN_DEBUG -- make callouts from inside Skein code
** to examine/display intermediate values.
** [default: no callouts (no overhead)]
**
** SKEIN_ERR_CHECK -- how error checking is handled inside Skein
** code. If not defined, most error checking
** is disabled (for performance). Otherwise,
** the switch value is interpreted as:
** 0: use assert() to flag errors
** 1: return SKEIN_FAIL to flag errors
**
***************************************************************************/
#ifdef __cplusplus
extern "C"
{
#endif
#include <stddef.h> /* get size_t definition */
#include "skein_port.h" /* get platform-specific definitions */
enum
{
SKEIN_SUCCESS = 0, /* return codes from Skein calls */
SKEIN_FAIL = 1,
SKEIN_BAD_HASHLEN = 2
};
#define SKEIN_MODIFIER_WORDS ( 2) /* number of modifier (tweak) words */
#define SKEIN_256_STATE_WORDS ( 4)
#define SKEIN_512_STATE_WORDS ( 8)
#define SKEIN1024_STATE_WORDS (16)
#define SKEIN_MAX_STATE_WORDS (16)
#define SKEIN_256_STATE_BYTES ( 8*SKEIN_256_STATE_WORDS)
#define SKEIN_512_STATE_BYTES ( 8*SKEIN_512_STATE_WORDS)
#define SKEIN1024_STATE_BYTES ( 8*SKEIN1024_STATE_WORDS)
#define SKEIN_256_STATE_BITS (64*SKEIN_256_STATE_WORDS)
#define SKEIN_512_STATE_BITS (64*SKEIN_512_STATE_WORDS)
#define SKEIN1024_STATE_BITS (64*SKEIN1024_STATE_WORDS)
#define SKEIN_256_BLOCK_BYTES ( 8*SKEIN_256_STATE_WORDS)
#define SKEIN_512_BLOCK_BYTES ( 8*SKEIN_512_STATE_WORDS)
#define SKEIN1024_BLOCK_BYTES ( 8*SKEIN1024_STATE_WORDS)
typedef struct
{
size_t hashBitLen; /* size of hash result, in bits */
size_t bCnt; /* current byte count in buffer b[] */
u64b_t T[SKEIN_MODIFIER_WORDS]; /* tweak words: T[0]=byte cnt, T[1]=flags */
} Skein_Ctxt_Hdr_t;
typedef struct /* 256-bit Skein hash context structure */
{
Skein_Ctxt_Hdr_t h; /* common header context variables */
u64b_t X[SKEIN_256_STATE_WORDS]; /* chaining variables */
u08b_t b[SKEIN_256_BLOCK_BYTES]; /* partial block buffer (8-byte aligned) */
} Skein_256_Ctxt_t;
typedef struct /* 512-bit Skein hash context structure */
{
Skein_Ctxt_Hdr_t h; /* common header context variables */
u64b_t X[SKEIN_512_STATE_WORDS]; /* chaining variables */
u08b_t b[SKEIN_512_BLOCK_BYTES]; /* partial block buffer (8-byte aligned) */
} Skein_512_Ctxt_t;
typedef struct /* 1024-bit Skein hash context structure */
{
Skein_Ctxt_Hdr_t h; /* common header context variables */
u64b_t X[SKEIN1024_STATE_WORDS]; /* chaining variables */
u08b_t b[SKEIN1024_BLOCK_BYTES]; /* partial block buffer (8-byte aligned) */
} Skein1024_Ctxt_t;
/* Skein APIs for (incremental) "straight hashing" */
int Skein_256_Init (Skein_256_Ctxt_t *ctx, size_t hashBitLen);
int Skein_512_Init (Skein_512_Ctxt_t *ctx, size_t hashBitLen);
int Skein1024_Init (Skein1024_Ctxt_t *ctx, size_t hashBitLen);
int Skein_256_Update(Skein_256_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt);
int Skein_512_Update(Skein_512_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt);
int Skein1024_Update(Skein1024_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt);
int Skein_256_Final (Skein_256_Ctxt_t *ctx, u08b_t * hashVal);
int Skein_512_Final (Skein_512_Ctxt_t *ctx, u08b_t * hashVal);
int Skein1024_Final (Skein1024_Ctxt_t *ctx, u08b_t * hashVal);
/*
** Skein APIs for "extended" initialization: MAC keys, tree hashing.
** After an InitExt() call, just use Update/Final calls as with Init().
**
** Notes: Same parameters as _Init() calls, plus treeInfo/key/keyBytes.
** When keyBytes == 0 and treeInfo == SKEIN_SEQUENTIAL,
** the results of InitExt() are identical to calling Init().
** The function Init() may be called once to "precompute" the IV for
** a given hashBitLen value, then by saving a copy of the context
** the IV computation may be avoided in later calls.
** Similarly, the function InitExt() may be called once per MAC key
** to precompute the MAC IV, then a copy of the context saved and
** reused for each new MAC computation.
**/
int Skein_256_InitExt(Skein_256_Ctxt_t *ctx, size_t hashBitLen, u64b_t treeInfo, const u08b_t *key, size_t keyBytes);
int Skein_512_InitExt(Skein_512_Ctxt_t *ctx, size_t hashBitLen, u64b_t treeInfo, const u08b_t *key, size_t keyBytes);
int Skein1024_InitExt(Skein1024_Ctxt_t *ctx, size_t hashBitLen, u64b_t treeInfo, const u08b_t *key, size_t keyBytes);
/*
** Skein APIs for MAC and tree hash:
** Final_Pad: pad, do final block, but no OUTPUT type
** Output: do just the output stage
*/
int Skein_256_Final_Pad(Skein_256_Ctxt_t *ctx, u08b_t * hashVal);
int Skein_512_Final_Pad(Skein_512_Ctxt_t *ctx, u08b_t * hashVal);
int Skein1024_Final_Pad(Skein1024_Ctxt_t *ctx, u08b_t * hashVal);
#ifndef SKEIN_TREE_HASH
#define SKEIN_TREE_HASH (1)
#endif
#if SKEIN_TREE_HASH
int Skein_256_Output (Skein_256_Ctxt_t *ctx, u08b_t * hashVal);
int Skein_512_Output (Skein_512_Ctxt_t *ctx, u08b_t * hashVal);
int Skein1024_Output (Skein1024_Ctxt_t *ctx, u08b_t * hashVal);
#endif
/*****************************************************************
** "Internal" Skein definitions
** -- not needed for sequential hashing API, but will be
** helpful for other uses of Skein (e.g., tree hash mode).
** -- included here so that they can be shared between
** reference and optimized code.
******************************************************************/
/* tweak word T[1]: bit field starting positions */
#define SKEIN_T1_BIT(BIT) ((BIT) - 64) /* offset 64 because it's the second word */
#define SKEIN_T1_POS_TREE_LVL SKEIN_T1_BIT(112) /* bits 112..118: level in hash tree */
#define SKEIN_T1_POS_BIT_PAD SKEIN_T1_BIT(119) /* bit 119 : partial final input byte */
#define SKEIN_T1_POS_BLK_TYPE SKEIN_T1_BIT(120) /* bits 120..125: type field */
#define SKEIN_T1_POS_FIRST SKEIN_T1_BIT(126) /* bits 126 : first block flag */
#define SKEIN_T1_POS_FINAL SKEIN_T1_BIT(127) /* bit 127 : final block flag */
/* tweak word T[1]: flag bit definition(s) */
#define SKEIN_T1_FLAG_FIRST (((u64b_t) 1 ) << SKEIN_T1_POS_FIRST)
#define SKEIN_T1_FLAG_FINAL (((u64b_t) 1 ) << SKEIN_T1_POS_FINAL)
#define SKEIN_T1_FLAG_BIT_PAD (((u64b_t) 1 ) << SKEIN_T1_POS_BIT_PAD)
/* tweak word T[1]: tree level bit field mask */
#define SKEIN_T1_TREE_LVL_MASK (((u64b_t)0x7F) << SKEIN_T1_POS_TREE_LVL)
#define SKEIN_T1_TREE_LEVEL(n) (((u64b_t) (n)) << SKEIN_T1_POS_TREE_LVL)
/* tweak word T[1]: block type field */
#define SKEIN_BLK_TYPE_KEY ( 0) /* key, for MAC and KDF */
#define SKEIN_BLK_TYPE_CFG ( 4) /* configuration block */
#define SKEIN_BLK_TYPE_PERS ( 8) /* personalization string */
#define SKEIN_BLK_TYPE_PK (12) /* public key (for digital signature hashing) */
#define SKEIN_BLK_TYPE_KDF (16) /* key identifier for KDF */
#define SKEIN_BLK_TYPE_NONCE (20) /* nonce for PRNG */
#define SKEIN_BLK_TYPE_MSG (48) /* message processing */
#define SKEIN_BLK_TYPE_OUT (63) /* output stage */
#define SKEIN_BLK_TYPE_MASK (63) /* bit field mask */
#define SKEIN_T1_BLK_TYPE(T) (((u64b_t) (SKEIN_BLK_TYPE_##T)) << SKEIN_T1_POS_BLK_TYPE)
#define SKEIN_T1_BLK_TYPE_KEY SKEIN_T1_BLK_TYPE(KEY) /* key, for MAC and KDF */
#define SKEIN_T1_BLK_TYPE_CFG SKEIN_T1_BLK_TYPE(CFG) /* configuration block */
#define SKEIN_T1_BLK_TYPE_PERS SKEIN_T1_BLK_TYPE(PERS) /* personalization string */
#define SKEIN_T1_BLK_TYPE_PK SKEIN_T1_BLK_TYPE(PK) /* public key (for digital signature hashing) */
#define SKEIN_T1_BLK_TYPE_KDF SKEIN_T1_BLK_TYPE(KDF) /* key identifier for KDF */
#define SKEIN_T1_BLK_TYPE_NONCE SKEIN_T1_BLK_TYPE(NONCE)/* nonce for PRNG */
#define SKEIN_T1_BLK_TYPE_MSG SKEIN_T1_BLK_TYPE(MSG) /* message processing */
#define SKEIN_T1_BLK_TYPE_OUT SKEIN_T1_BLK_TYPE(OUT) /* output stage */
#define SKEIN_T1_BLK_TYPE_MASK SKEIN_T1_BLK_TYPE(MASK) /* field bit mask */
#define SKEIN_T1_BLK_TYPE_CFG_FINAL (SKEIN_T1_BLK_TYPE_CFG | SKEIN_T1_FLAG_FINAL)
#define SKEIN_T1_BLK_TYPE_OUT_FINAL (SKEIN_T1_BLK_TYPE_OUT | SKEIN_T1_FLAG_FINAL)
#define SKEIN_VERSION (1)
#ifndef SKEIN_ID_STRING_LE /* allow compile-time personalization */
#define SKEIN_ID_STRING_LE (0x33414853) /* "SHA3" (little-endian)*/
#endif
#define SKEIN_MK_64(hi32,lo32) ((lo32) + (((u64b_t) (hi32)) << 32))
#define SKEIN_SCHEMA_VER SKEIN_MK_64(SKEIN_VERSION,SKEIN_ID_STRING_LE)
#define SKEIN_KS_PARITY SKEIN_MK_64(0x1BD11BDA,0xA9FC1A22)
#define SKEIN_CFG_STR_LEN (4*8)
/* bit field definitions in config block treeInfo word */
#define SKEIN_CFG_TREE_LEAF_SIZE_POS ( 0)
#define SKEIN_CFG_TREE_NODE_SIZE_POS ( 8)
#define SKEIN_CFG_TREE_MAX_LEVEL_POS (16)
#define SKEIN_CFG_TREE_LEAF_SIZE_MSK (((u64b_t) 0xFF) << SKEIN_CFG_TREE_LEAF_SIZE_POS)
#define SKEIN_CFG_TREE_NODE_SIZE_MSK (((u64b_t) 0xFF) << SKEIN_CFG_TREE_NODE_SIZE_POS)
#define SKEIN_CFG_TREE_MAX_LEVEL_MSK (((u64b_t) 0xFF) << SKEIN_CFG_TREE_MAX_LEVEL_POS)
#define SKEIN_CFG_TREE_INFO(leaf,node,maxLvl) \
( (((u64b_t)(leaf )) << SKEIN_CFG_TREE_LEAF_SIZE_POS) | \
(((u64b_t)(node )) << SKEIN_CFG_TREE_NODE_SIZE_POS) | \
(((u64b_t)(maxLvl)) << SKEIN_CFG_TREE_MAX_LEVEL_POS) )
#define SKEIN_CFG_TREE_INFO_SEQUENTIAL SKEIN_CFG_TREE_INFO(0,0,0) /* use as treeInfo in InitExt() call for sequential processing */
/*
** Skein macros for getting/setting tweak words, etc.
** These are useful for partial input bytes, hash tree init/update, etc.
**/
#define Skein_Get_Tweak(ctxPtr,TWK_NUM) ((ctxPtr)->h.T[TWK_NUM])
#define Skein_Set_Tweak(ctxPtr,TWK_NUM,tVal) {(ctxPtr)->h.T[TWK_NUM] = (tVal);}
#define Skein_Get_T0(ctxPtr) Skein_Get_Tweak(ctxPtr,0)
#define Skein_Get_T1(ctxPtr) Skein_Get_Tweak(ctxPtr,1)
#define Skein_Set_T0(ctxPtr,T0) Skein_Set_Tweak(ctxPtr,0,T0)
#define Skein_Set_T1(ctxPtr,T1) Skein_Set_Tweak(ctxPtr,1,T1)
/* set both tweak words at once */
#define Skein_Set_T0_T1(ctxPtr,T0,T1) \
{ \
Skein_Set_T0(ctxPtr,(T0)); \
Skein_Set_T1(ctxPtr,(T1)); \
}
#define Skein_Set_Type(ctxPtr,BLK_TYPE) \
Skein_Set_T1(ctxPtr,SKEIN_T1_BLK_TYPE_##BLK_TYPE)
/* set up for starting with a new type: h.T[0]=0; h.T[1] = NEW_TYPE; h.bCnt=0; */
#define Skein_Start_New_Type(ctxPtr,BLK_TYPE) \
{ Skein_Set_T0_T1(ctxPtr,0,SKEIN_T1_FLAG_FIRST | SKEIN_T1_BLK_TYPE_##BLK_TYPE); (ctxPtr)->h.bCnt=0; }
#define Skein_Clear_First_Flag(hdr) { (hdr).T[1] &= ~SKEIN_T1_FLAG_FIRST; }
#define Skein_Set_Bit_Pad_Flag(hdr) { (hdr).T[1] |= SKEIN_T1_FLAG_BIT_PAD; }
#define Skein_Set_Tree_Level(hdr,height) { (hdr).T[1] |= SKEIN_T1_TREE_LEVEL(height);}
/*****************************************************************
** "Internal" Skein definitions for debugging and error checking
******************************************************************/
#ifdef SKEIN_DEBUG /* examine/display intermediate values? */
#include "skein_debug.h"
#else /* default is no callouts */
#define Skein_Show_Block(bits,ctx,X,blkPtr,wPtr,ksEvenPtr,ksOddPtr)
#define Skein_Show_Round(bits,ctx,r,X)
#define Skein_Show_R_Ptr(bits,ctx,r,X_ptr)
#define Skein_Show_Final(bits,ctx,cnt,outPtr)
#define Skein_Show_Key(bits,ctx,key,keyBytes)
#endif
#ifndef SKEIN_ERR_CHECK /* run-time checks (e.g., bad params, uninitialized context)? */
#define Skein_Assert(x,retCode)/* default: ignore all Asserts, for performance */
#define Skein_assert(x)
#elif defined(SKEIN_ASSERT)
#include <assert.h>
#define Skein_Assert(x,retCode) assert(x)
#define Skein_assert(x) assert(x)
#else
#include <assert.h>
#define Skein_Assert(x,retCode) { if (!(x)) return retCode; } /* caller error */
#define Skein_assert(x) assert(x) /* internal error */
#endif
/*****************************************************************
** Skein block function constants (shared across Ref and Opt code)
******************************************************************/
enum
{
/* Skein_256 round rotation constants */
R_256_0_0=14, R_256_0_1=16,
R_256_1_0=52, R_256_1_1=57,
R_256_2_0=23, R_256_2_1=40,
R_256_3_0= 5, R_256_3_1=37,
R_256_4_0=25, R_256_4_1=33,
R_256_5_0=46, R_256_5_1=12,
R_256_6_0=58, R_256_6_1=22,
R_256_7_0=32, R_256_7_1=32,
/* Skein_512 round rotation constants */
R_512_0_0=46, R_512_0_1=36, R_512_0_2=19, R_512_0_3=37,
R_512_1_0=33, R_512_1_1=27, R_512_1_2=14, R_512_1_3=42,
R_512_2_0=17, R_512_2_1=49, R_512_2_2=36, R_512_2_3=39,
R_512_3_0=44, R_512_3_1= 9, R_512_3_2=54, R_512_3_3=56,
R_512_4_0=39, R_512_4_1=30, R_512_4_2=34, R_512_4_3=24,
R_512_5_0=13, R_512_5_1=50, R_512_5_2=10, R_512_5_3=17,
R_512_6_0=25, R_512_6_1=29, R_512_6_2=39, R_512_6_3=43,
R_512_7_0= 8, R_512_7_1=35, R_512_7_2=56, R_512_7_3=22,
/* Skein1024 round rotation constants */
R1024_0_0=24, R1024_0_1=13, R1024_0_2= 8, R1024_0_3=47, R1024_0_4= 8, R1024_0_5=17, R1024_0_6=22, R1024_0_7=37,
R1024_1_0=38, R1024_1_1=19, R1024_1_2=10, R1024_1_3=55, R1024_1_4=49, R1024_1_5=18, R1024_1_6=23, R1024_1_7=52,
R1024_2_0=33, R1024_2_1= 4, R1024_2_2=51, R1024_2_3=13, R1024_2_4=34, R1024_2_5=41, R1024_2_6=59, R1024_2_7=17,
R1024_3_0= 5, R1024_3_1=20, R1024_3_2=48, R1024_3_3=41, R1024_3_4=47, R1024_3_5=28, R1024_3_6=16, R1024_3_7=25,
R1024_4_0=41, R1024_4_1= 9, R1024_4_2=37, R1024_4_3=31, R1024_4_4=12, R1024_4_5=47, R1024_4_6=44, R1024_4_7=30,
R1024_5_0=16, R1024_5_1=34, R1024_5_2=56, R1024_5_3=51, R1024_5_4= 4, R1024_5_5=53, R1024_5_6=42, R1024_5_7=41,
R1024_6_0=31, R1024_6_1=44, R1024_6_2=47, R1024_6_3=46, R1024_6_4=19, R1024_6_5=42, R1024_6_6=44, R1024_6_7=25,
R1024_7_0= 9, R1024_7_1=48, R1024_7_2=35, R1024_7_3=52, R1024_7_4=23, R1024_7_5=31, R1024_7_6=37, R1024_7_7=20
};
#ifndef SKEIN_ROUNDS
#define SKEIN_256_ROUNDS_TOTAL (72) /* number of rounds for the different block sizes */
#define SKEIN_512_ROUNDS_TOTAL (72)
#define SKEIN1024_ROUNDS_TOTAL (80)
#else /* allow command-line define in range 8*(5..14) */
#define SKEIN_256_ROUNDS_TOTAL (8*((((SKEIN_ROUNDS/100) + 5) % 10) + 5))
#define SKEIN_512_ROUNDS_TOTAL (8*((((SKEIN_ROUNDS/ 10) + 5) % 10) + 5))
#define SKEIN1024_ROUNDS_TOTAL (8*((((SKEIN_ROUNDS ) + 5) % 10) + 5))
#endif
#ifdef __cplusplus
}
#endif
#endif /* ifndef _SKEIN_H_ */

689
Optimized_32bit/skein_block.c Normal file
View File

@ -0,0 +1,689 @@
/***********************************************************************
**
** Implementation of the Skein block functions.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
** Compile-time switches:
**
** SKEIN_USE_ASM -- set bits (256/512/1024) to select which
** versions use ASM code for block processing
** [default: use C for all block sizes]
**
************************************************************************/
#include <string.h>
#include "skein.h"
#ifndef SKEIN_USE_ASM
#define SKEIN_USE_ASM (0) /* default is all C code (no ASM) */
#endif
#ifndef SKEIN_LOOP
#define SKEIN_LOOP 001 /* default: unroll 256 and 512, but not 1024 */
#endif
#define BLK_BITS (WCNT*64) /* some useful definitions for code here */
#define KW_TWK_BASE (0)
#define KW_KEY_BASE (3)
#define ks (kw + KW_KEY_BASE)
#define ts (kw + KW_TWK_BASE)
#ifdef SKEIN_DEBUG
#define DebugSaveTweak(ctx) { ctx->h.T[0] = ts[0]; ctx->h.T[1] = ts[1]; }
#else
#define DebugSaveTweak(ctx)
#endif
/***************************** Skein_256 ******************************/
#if !(SKEIN_USE_ASM & 256)
void Skein_256_Process_Block(Skein_256_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd)
{ /* do it in C */
enum
{
WCNT = SKEIN_256_STATE_WORDS
};
#undef RCNT
#define RCNT (SKEIN_256_ROUNDS_TOTAL/8)
#ifdef SKEIN_LOOP /* configure how much to unroll the loop */
#define SKEIN_UNROLL_256 (((SKEIN_LOOP)/100)%10)
#else
#define SKEIN_UNROLL_256 (0)
#endif
#if SKEIN_UNROLL_256
#if (RCNT % SKEIN_UNROLL_256)
#error "Invalid SKEIN_UNROLL_256" /* sanity check on unroll count */
#endif
size_t r;
u64b_t kw[WCNT+4+RCNT*2]; /* key schedule words : chaining vars + tweak + "rotation"*/
#else
u64b_t kw[WCNT+4]; /* key schedule words : chaining vars + tweak */
#endif
u64b_t X0,X1,X2,X3; /* local copy of context vars, for speed */
u64b_t w [WCNT]; /* local copy of input block */
#ifdef SKEIN_DEBUG
const u64b_t *Xptr[4]; /* use for debugging (help compiler put Xn in registers) */
Xptr[0] = &X0; Xptr[1] = &X1; Xptr[2] = &X2; Xptr[3] = &X3;
#endif
Skein_assert(blkCnt != 0); /* never call with blkCnt == 0! */
ts[0] = ctx->h.T[0];
ts[1] = ctx->h.T[1];
do {
/* this implementation only supports 2**64 input bytes (no carry out here) */
ts[0] += byteCntAdd; /* update processed length */
/* precompute the key schedule for this block */
ks[0] = ctx->X[0];
ks[1] = ctx->X[1];
ks[2] = ctx->X[2];
ks[3] = ctx->X[3];
ks[4] = ks[0] ^ ks[1] ^ ks[2] ^ ks[3] ^ SKEIN_KS_PARITY;
ts[2] = ts[0] ^ ts[1];
Skein_Get64_LSB_First(w,blkPtr,WCNT); /* get input block in little-endian format */
DebugSaveTweak(ctx);
Skein_Show_Block(BLK_BITS,&ctx->h,ctx->X,blkPtr,w,ks,ts);
X0 = w[0] + ks[0]; /* do the first full key injection */
X1 = w[1] + ks[1] + ts[0];
X2 = w[2] + ks[2] + ts[1];
X3 = w[3] + ks[3];
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INITIAL,Xptr); /* show starting state values */
blkPtr += SKEIN_256_BLOCK_BYTES;
/* run the rounds */
#define Round256(p0,p1,p2,p3,ROT,rNum) \
X##p0 += X##p1; X##p1 = RotL_64(X##p1,ROT##_0); X##p1 ^= X##p0; \
X##p2 += X##p3; X##p3 = RotL_64(X##p3,ROT##_1); X##p3 ^= X##p2; \
#if SKEIN_UNROLL_256 == 0
#define R256(p0,p1,p2,p3,ROT,rNum) /* fully unrolled */ \
Round256(p0,p1,p2,p3,ROT,rNum) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,rNum,Xptr);
#define I256(R) \
X0 += ks[((R)+1) % 5]; /* inject the key schedule value */ \
X1 += ks[((R)+2) % 5] + ts[((R)+1) % 3]; \
X2 += ks[((R)+3) % 5] + ts[((R)+2) % 3]; \
X3 += ks[((R)+4) % 5] + (R)+1; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
#else /* looping version */
#define R256(p0,p1,p2,p3,ROT,rNum) \
Round256(p0,p1,p2,p3,ROT,rNum) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,4*(r-1)+rNum,Xptr);
#define I256(R) \
X0 += ks[r+(R)+0]; /* inject the key schedule value */ \
X1 += ks[r+(R)+1] + ts[r+(R)+0]; \
X2 += ks[r+(R)+2] + ts[r+(R)+1]; \
X3 += ks[r+(R)+3] + r+(R) ; \
ks[r + (R)+4 ] = ks[r+(R)-1]; /* rotate key schedule */\
ts[r + (R)+2 ] = ts[r+(R)-1]; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
for (r=1;r < 2*RCNT;r+=2*SKEIN_UNROLL_256) /* loop thru it */
#endif
{
#define R256_8_rounds(R) \
R256(0,1,2,3,R_256_0,8*(R) + 1); \
R256(0,3,2,1,R_256_1,8*(R) + 2); \
R256(0,1,2,3,R_256_2,8*(R) + 3); \
R256(0,3,2,1,R_256_3,8*(R) + 4); \
I256(2*(R)); \
R256(0,1,2,3,R_256_4,8*(R) + 5); \
R256(0,3,2,1,R_256_5,8*(R) + 6); \
R256(0,1,2,3,R_256_6,8*(R) + 7); \
R256(0,3,2,1,R_256_7,8*(R) + 8); \
I256(2*(R)+1);
R256_8_rounds( 0);
#define R256_Unroll_R(NN) ((SKEIN_UNROLL_256 == 0 && SKEIN_256_ROUNDS_TOTAL/8 > (NN)) || (SKEIN_UNROLL_256 > (NN)))
#if R256_Unroll_R( 1)
R256_8_rounds( 1);
#endif
#if R256_Unroll_R( 2)
R256_8_rounds( 2);
#endif
#if R256_Unroll_R( 3)
R256_8_rounds( 3);
#endif
#if R256_Unroll_R( 4)
R256_8_rounds( 4);
#endif
#if R256_Unroll_R( 5)
R256_8_rounds( 5);
#endif
#if R256_Unroll_R( 6)
R256_8_rounds( 6);
#endif
#if R256_Unroll_R( 7)
R256_8_rounds( 7);
#endif
#if R256_Unroll_R( 8)
R256_8_rounds( 8);
#endif
#if R256_Unroll_R( 9)
R256_8_rounds( 9);
#endif
#if R256_Unroll_R(10)
R256_8_rounds(10);
#endif
#if R256_Unroll_R(11)
R256_8_rounds(11);
#endif
#if R256_Unroll_R(12)
R256_8_rounds(12);
#endif
#if R256_Unroll_R(13)
R256_8_rounds(13);
#endif
#if R256_Unroll_R(14)
R256_8_rounds(14);
#endif
#if (SKEIN_UNROLL_256 > 14)
#error "need more unrolling in Skein_256_Process_Block"
#endif
}
/* do the final "feedforward" xor, update context chaining vars */
ctx->X[0] = X0 ^ w[0];
ctx->X[1] = X1 ^ w[1];
ctx->X[2] = X2 ^ w[2];
ctx->X[3] = X3 ^ w[3];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_FEED_FWD,ctx->X);
ts[1] &= ~SKEIN_T1_FLAG_FIRST;
}
while (--blkCnt);
ctx->h.T[0] = ts[0];
ctx->h.T[1] = ts[1];
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_256_Process_Block_CodeSize(void)
{
return ((u08b_t *) Skein_256_Process_Block_CodeSize) -
((u08b_t *) Skein_256_Process_Block);
}
uint_t Skein_256_Unroll_Cnt(void)
{
return SKEIN_UNROLL_256;
}
#endif
#endif
/***************************** Skein_512 ******************************/
#if !(SKEIN_USE_ASM & 512)
void Skein_512_Process_Block(Skein_512_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd)
{ /* do it in C */
enum
{
WCNT = SKEIN_512_STATE_WORDS
};
#undef RCNT
#define RCNT (SKEIN_512_ROUNDS_TOTAL/8)
#ifdef SKEIN_LOOP /* configure how much to unroll the loop */
#define SKEIN_UNROLL_512 (((SKEIN_LOOP)/10)%10)
#else
#define SKEIN_UNROLL_512 (0)
#endif
#if SKEIN_UNROLL_512
#if (RCNT % SKEIN_UNROLL_512)
#error "Invalid SKEIN_UNROLL_512" /* sanity check on unroll count */
#endif
size_t r;
u64b_t kw[WCNT+4+RCNT*2]; /* key schedule words : chaining vars + tweak + "rotation"*/
#else
u64b_t kw[WCNT+4]; /* key schedule words : chaining vars + tweak */
#endif
u64b_t X0,X1,X2,X3,X4,X5,X6,X7; /* local copy of vars, for speed */
u64b_t w [WCNT]; /* local copy of input block */
#ifdef SKEIN_DEBUG
const u64b_t *Xptr[8]; /* use for debugging (help compiler put Xn in registers) */
Xptr[0] = &X0; Xptr[1] = &X1; Xptr[2] = &X2; Xptr[3] = &X3;
Xptr[4] = &X4; Xptr[5] = &X5; Xptr[6] = &X6; Xptr[7] = &X7;
#endif
Skein_assert(blkCnt != 0); /* never call with blkCnt == 0! */
ts[0] = ctx->h.T[0];
ts[1] = ctx->h.T[1];
do {
/* this implementation only supports 2**64 input bytes (no carry out here) */
ts[0] += byteCntAdd; /* update processed length */
/* precompute the key schedule for this block */
ks[0] = ctx->X[0];
ks[1] = ctx->X[1];
ks[2] = ctx->X[2];
ks[3] = ctx->X[3];
ks[4] = ctx->X[4];
ks[5] = ctx->X[5];
ks[6] = ctx->X[6];
ks[7] = ctx->X[7];
ks[8] = ks[0] ^ ks[1] ^ ks[2] ^ ks[3] ^
ks[4] ^ ks[5] ^ ks[6] ^ ks[7] ^ SKEIN_KS_PARITY;
ts[2] = ts[0] ^ ts[1];
Skein_Get64_LSB_First(w,blkPtr,WCNT); /* get input block in little-endian format */
DebugSaveTweak(ctx);
Skein_Show_Block(BLK_BITS,&ctx->h,ctx->X,blkPtr,w,ks,ts);
X0 = w[0] + ks[0]; /* do the first full key injection */
X1 = w[1] + ks[1];
X2 = w[2] + ks[2];
X3 = w[3] + ks[3];
X4 = w[4] + ks[4];
X5 = w[5] + ks[5] + ts[0];
X6 = w[6] + ks[6] + ts[1];
X7 = w[7] + ks[7];
blkPtr += SKEIN_512_BLOCK_BYTES;
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INITIAL,Xptr);
/* run the rounds */
#define Round512(p0,p1,p2,p3,p4,p5,p6,p7,ROT,rNum) \
X##p0 += X##p1; X##p1 = RotL_64(X##p1,ROT##_0); X##p1 ^= X##p0; \
X##p2 += X##p3; X##p3 = RotL_64(X##p3,ROT##_1); X##p3 ^= X##p2; \
X##p4 += X##p5; X##p5 = RotL_64(X##p5,ROT##_2); X##p5 ^= X##p4; \
X##p6 += X##p7; X##p7 = RotL_64(X##p7,ROT##_3); X##p7 ^= X##p6; \
#if SKEIN_UNROLL_512 == 0
#define R512(p0,p1,p2,p3,p4,p5,p6,p7,ROT,rNum) /* unrolled */ \
Round512(p0,p1,p2,p3,p4,p5,p6,p7,ROT,rNum) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,rNum,Xptr);
#define I512(R) \
X0 += ks[((R)+1) % 9]; /* inject the key schedule value */ \
X1 += ks[((R)+2) % 9]; \
X2 += ks[((R)+3) % 9]; \
X3 += ks[((R)+4) % 9]; \
X4 += ks[((R)+5) % 9]; \
X5 += ks[((R)+6) % 9] + ts[((R)+1) % 3]; \
X6 += ks[((R)+7) % 9] + ts[((R)+2) % 3]; \
X7 += ks[((R)+8) % 9] + (R)+1; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
#else /* looping version */
#define R512(p0,p1,p2,p3,p4,p5,p6,p7,ROT,rNum) \
Round512(p0,p1,p2,p3,p4,p5,p6,p7,ROT,rNum) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,4*(r-1)+rNum,Xptr);
#define I512(R) \
X0 += ks[r+(R)+0]; /* inject the key schedule value */ \
X1 += ks[r+(R)+1]; \
X2 += ks[r+(R)+2]; \
X3 += ks[r+(R)+3]; \
X4 += ks[r+(R)+4]; \
X5 += ks[r+(R)+5] + ts[r+(R)+0]; \
X6 += ks[r+(R)+6] + ts[r+(R)+1]; \
X7 += ks[r+(R)+7] + r+(R) ; \
ks[r + (R)+8] = ks[r+(R)-1]; /* rotate key schedule */ \
ts[r + (R)+2] = ts[r+(R)-1]; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
for (r=1;r < 2*RCNT;r+=2*SKEIN_UNROLL_512) /* loop thru it */
#endif /* end of looped code definitions */
{
#define R512_8_rounds(R) /* do 8 full rounds */ \
R512(0,1,2,3,4,5,6,7,R_512_0,8*(R)+ 1); \
R512(2,1,4,7,6,5,0,3,R_512_1,8*(R)+ 2); \
R512(4,1,6,3,0,5,2,7,R_512_2,8*(R)+ 3); \
R512(6,1,0,7,2,5,4,3,R_512_3,8*(R)+ 4); \
I512(2*(R)); \
R512(0,1,2,3,4,5,6,7,R_512_4,8*(R)+ 5); \
R512(2,1,4,7,6,5,0,3,R_512_5,8*(R)+ 6); \
R512(4,1,6,3,0,5,2,7,R_512_6,8*(R)+ 7); \
R512(6,1,0,7,2,5,4,3,R_512_7,8*(R)+ 8); \
I512(2*(R)+1); /* and key injection */
R512_8_rounds( 0);
#define R512_Unroll_R(NN) ((SKEIN_UNROLL_512 == 0 && SKEIN_512_ROUNDS_TOTAL/8 > (NN)) || (SKEIN_UNROLL_512 > (NN)))
#if R512_Unroll_R( 1)
R512_8_rounds( 1);
#endif
#if R512_Unroll_R( 2)
R512_8_rounds( 2);
#endif
#if R512_Unroll_R( 3)
R512_8_rounds( 3);
#endif
#if R512_Unroll_R( 4)
R512_8_rounds( 4);
#endif
#if R512_Unroll_R( 5)
R512_8_rounds( 5);
#endif
#if R512_Unroll_R( 6)
R512_8_rounds( 6);
#endif
#if R512_Unroll_R( 7)
R512_8_rounds( 7);
#endif
#if R512_Unroll_R( 8)
R512_8_rounds( 8);
#endif
#if R512_Unroll_R( 9)
R512_8_rounds( 9);
#endif
#if R512_Unroll_R(10)
R512_8_rounds(10);
#endif
#if R512_Unroll_R(11)
R512_8_rounds(11);
#endif
#if R512_Unroll_R(12)
R512_8_rounds(12);
#endif
#if R512_Unroll_R(13)
R512_8_rounds(13);
#endif
#if R512_Unroll_R(14)
R512_8_rounds(14);
#endif
#if (SKEIN_UNROLL_512 > 14)
#error "need more unrolling in Skein_512_Process_Block"
#endif
}
/* do the final "feedforward" xor, update context chaining vars */
ctx->X[0] = X0 ^ w[0];
ctx->X[1] = X1 ^ w[1];
ctx->X[2] = X2 ^ w[2];
ctx->X[3] = X3 ^ w[3];
ctx->X[4] = X4 ^ w[4];
ctx->X[5] = X5 ^ w[5];
ctx->X[6] = X6 ^ w[6];
ctx->X[7] = X7 ^ w[7];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_FEED_FWD,ctx->X);
ts[1] &= ~SKEIN_T1_FLAG_FIRST;
}
while (--blkCnt);
ctx->h.T[0] = ts[0];
ctx->h.T[1] = ts[1];
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_512_Process_Block_CodeSize(void)
{
return ((u08b_t *) Skein_512_Process_Block_CodeSize) -
((u08b_t *) Skein_512_Process_Block);
}
uint_t Skein_512_Unroll_Cnt(void)
{
return SKEIN_UNROLL_512;
}
#endif
#endif
/***************************** Skein1024 ******************************/
#if !(SKEIN_USE_ASM & 1024)
void Skein1024_Process_Block(Skein1024_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd)
{ /* do it in C, always looping (unrolled is bigger AND slower!) */
enum
{
WCNT = SKEIN1024_STATE_WORDS
};
#undef RCNT
#define RCNT (SKEIN1024_ROUNDS_TOTAL/8)
#ifdef SKEIN_LOOP /* configure how much to unroll the loop */
#define SKEIN_UNROLL_1024 ((SKEIN_LOOP)%10)
#else
#define SKEIN_UNROLL_1024 (0)
#endif
#if (SKEIN_UNROLL_1024 != 0)
#if (RCNT % SKEIN_UNROLL_1024)
#error "Invalid SKEIN_UNROLL_1024" /* sanity check on unroll count */
#endif
size_t r;
u64b_t kw[WCNT+4+RCNT*2]; /* key schedule words : chaining vars + tweak + "rotation"*/
#else
u64b_t kw[WCNT+4]; /* key schedule words : chaining vars + tweak */
#endif
u64b_t X00,X01,X02,X03,X04,X05,X06,X07, /* local copy of vars, for speed */
X08,X09,X10,X11,X12,X13,X14,X15;
u64b_t w [WCNT]; /* local copy of input block */
#ifdef SKEIN_DEBUG
const u64b_t *Xptr[16]; /* use for debugging (help compiler put Xn in registers) */
Xptr[ 0] = &X00; Xptr[ 1] = &X01; Xptr[ 2] = &X02; Xptr[ 3] = &X03;
Xptr[ 4] = &X04; Xptr[ 5] = &X05; Xptr[ 6] = &X06; Xptr[ 7] = &X07;
Xptr[ 8] = &X08; Xptr[ 9] = &X09; Xptr[10] = &X10; Xptr[11] = &X11;
Xptr[12] = &X12; Xptr[13] = &X13; Xptr[14] = &X14; Xptr[15] = &X15;
#endif
Skein_assert(blkCnt != 0); /* never call with blkCnt == 0! */
ts[0] = ctx->h.T[0];
ts[1] = ctx->h.T[1];
do {
/* this implementation only supports 2**64 input bytes (no carry out here) */
ts[0] += byteCntAdd; /* update processed length */
/* precompute the key schedule for this block */
ks[ 0] = ctx->X[ 0];
ks[ 1] = ctx->X[ 1];
ks[ 2] = ctx->X[ 2];
ks[ 3] = ctx->X[ 3];
ks[ 4] = ctx->X[ 4];
ks[ 5] = ctx->X[ 5];
ks[ 6] = ctx->X[ 6];
ks[ 7] = ctx->X[ 7];
ks[ 8] = ctx->X[ 8];
ks[ 9] = ctx->X[ 9];
ks[10] = ctx->X[10];
ks[11] = ctx->X[11];
ks[12] = ctx->X[12];
ks[13] = ctx->X[13];
ks[14] = ctx->X[14];
ks[15] = ctx->X[15];
ks[16] = ks[ 0] ^ ks[ 1] ^ ks[ 2] ^ ks[ 3] ^
ks[ 4] ^ ks[ 5] ^ ks[ 6] ^ ks[ 7] ^
ks[ 8] ^ ks[ 9] ^ ks[10] ^ ks[11] ^
ks[12] ^ ks[13] ^ ks[14] ^ ks[15] ^ SKEIN_KS_PARITY;
ts[2] = ts[0] ^ ts[1];
Skein_Get64_LSB_First(w,blkPtr,WCNT); /* get input block in little-endian format */
DebugSaveTweak(ctx);
Skein_Show_Block(BLK_BITS,&ctx->h,ctx->X,blkPtr,w,ks,ts);
X00 = w[ 0] + ks[ 0]; /* do the first full key injection */
X01 = w[ 1] + ks[ 1];
X02 = w[ 2] + ks[ 2];
X03 = w[ 3] + ks[ 3];
X04 = w[ 4] + ks[ 4];
X05 = w[ 5] + ks[ 5];
X06 = w[ 6] + ks[ 6];
X07 = w[ 7] + ks[ 7];
X08 = w[ 8] + ks[ 8];
X09 = w[ 9] + ks[ 9];
X10 = w[10] + ks[10];
X11 = w[11] + ks[11];
X12 = w[12] + ks[12];
X13 = w[13] + ks[13] + ts[0];
X14 = w[14] + ks[14] + ts[1];
X15 = w[15] + ks[15];
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INITIAL,Xptr);
#define Round1024(p0,p1,p2,p3,p4,p5,p6,p7,p8,p9,pA,pB,pC,pD,pE,pF,ROT,rNum) \
X##p0 += X##p1; X##p1 = RotL_64(X##p1,ROT##_0); X##p1 ^= X##p0; \
X##p2 += X##p3; X##p3 = RotL_64(X##p3,ROT##_1); X##p3 ^= X##p2; \
X##p4 += X##p5; X##p5 = RotL_64(X##p5,ROT##_2); X##p5 ^= X##p4; \
X##p6 += X##p7; X##p7 = RotL_64(X##p7,ROT##_3); X##p7 ^= X##p6; \
X##p8 += X##p9; X##p9 = RotL_64(X##p9,ROT##_4); X##p9 ^= X##p8; \
X##pA += X##pB; X##pB = RotL_64(X##pB,ROT##_5); X##pB ^= X##pA; \
X##pC += X##pD; X##pD = RotL_64(X##pD,ROT##_6); X##pD ^= X##pC; \
X##pE += X##pF; X##pF = RotL_64(X##pF,ROT##_7); X##pF ^= X##pE; \
#if SKEIN_UNROLL_1024 == 0
#define R1024(p0,p1,p2,p3,p4,p5,p6,p7,p8,p9,pA,pB,pC,pD,pE,pF,ROT,rn) \
Round1024(p0,p1,p2,p3,p4,p5,p6,p7,p8,p9,pA,pB,pC,pD,pE,pF,ROT,rn) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,rn,Xptr);
#define I1024(R) \
X00 += ks[((R)+ 1) % 17]; /* inject the key schedule value */ \
X01 += ks[((R)+ 2) % 17]; \
X02 += ks[((R)+ 3) % 17]; \
X03 += ks[((R)+ 4) % 17]; \
X04 += ks[((R)+ 5) % 17]; \
X05 += ks[((R)+ 6) % 17]; \
X06 += ks[((R)+ 7) % 17]; \
X07 += ks[((R)+ 8) % 17]; \
X08 += ks[((R)+ 9) % 17]; \
X09 += ks[((R)+10) % 17]; \
X10 += ks[((R)+11) % 17]; \
X11 += ks[((R)+12) % 17]; \
X12 += ks[((R)+13) % 17]; \
X13 += ks[((R)+14) % 17] + ts[((R)+1) % 3]; \
X14 += ks[((R)+15) % 17] + ts[((R)+2) % 3]; \
X15 += ks[((R)+16) % 17] + (R)+1; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
#else /* looping version */
#define R1024(p0,p1,p2,p3,p4,p5,p6,p7,p8,p9,pA,pB,pC,pD,pE,pF,ROT,rn) \
Round1024(p0,p1,p2,p3,p4,p5,p6,p7,p8,p9,pA,pB,pC,pD,pE,pF,ROT,rn) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,4*(r-1)+rn,Xptr);
#define I1024(R) \
X00 += ks[r+(R)+ 0]; /* inject the key schedule value */ \
X01 += ks[r+(R)+ 1]; \
X02 += ks[r+(R)+ 2]; \
X03 += ks[r+(R)+ 3]; \
X04 += ks[r+(R)+ 4]; \
X05 += ks[r+(R)+ 5]; \
X06 += ks[r+(R)+ 6]; \
X07 += ks[r+(R)+ 7]; \
X08 += ks[r+(R)+ 8]; \
X09 += ks[r+(R)+ 9]; \
X10 += ks[r+(R)+10]; \
X11 += ks[r+(R)+11]; \
X12 += ks[r+(R)+12]; \
X13 += ks[r+(R)+13] + ts[r+(R)+0]; \
X14 += ks[r+(R)+14] + ts[r+(R)+1]; \
X15 += ks[r+(R)+15] + r+(R) ; \
ks[r + (R)+16] = ks[r+(R)-1]; /* rotate key schedule */ \
ts[r + (R)+ 2] = ts[r+(R)-1]; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
for (r=1;r <= 2*RCNT;r+=2*SKEIN_UNROLL_1024) /* loop thru it */
#endif
{
#define R1024_8_rounds(R) /* do 8 full rounds */ \
R1024(00,01,02,03,04,05,06,07,08,09,10,11,12,13,14,15,R1024_0,8*(R) + 1); \
R1024(00,09,02,13,06,11,04,15,10,07,12,03,14,05,08,01,R1024_1,8*(R) + 2); \
R1024(00,07,02,05,04,03,06,01,12,15,14,13,08,11,10,09,R1024_2,8*(R) + 3); \
R1024(00,15,02,11,06,13,04,09,14,01,08,05,10,03,12,07,R1024_3,8*(R) + 4); \
I1024(2*(R)); \
R1024(00,01,02,03,04,05,06,07,08,09,10,11,12,13,14,15,R1024_4,8*(R) + 5); \
R1024(00,09,02,13,06,11,04,15,10,07,12,03,14,05,08,01,R1024_5,8*(R) + 6); \
R1024(00,07,02,05,04,03,06,01,12,15,14,13,08,11,10,09,R1024_6,8*(R) + 7); \
R1024(00,15,02,11,06,13,04,09,14,01,08,05,10,03,12,07,R1024_7,8*(R) + 8); \
I1024(2*(R)+1);
R1024_8_rounds( 0);
#define R1024_Unroll_R(NN) ((SKEIN_UNROLL_1024 == 0 && SKEIN1024_ROUNDS_TOTAL/8 > (NN)) || (SKEIN_UNROLL_1024 > (NN)))
#if R1024_Unroll_R( 1)
R1024_8_rounds( 1);
#endif
#if R1024_Unroll_R( 2)
R1024_8_rounds( 2);
#endif
#if R1024_Unroll_R( 3)
R1024_8_rounds( 3);
#endif
#if R1024_Unroll_R( 4)
R1024_8_rounds( 4);
#endif
#if R1024_Unroll_R( 5)
R1024_8_rounds( 5);
#endif
#if R1024_Unroll_R( 6)
R1024_8_rounds( 6);
#endif
#if R1024_Unroll_R( 7)
R1024_8_rounds( 7);
#endif
#if R1024_Unroll_R( 8)
R1024_8_rounds( 8);
#endif
#if R1024_Unroll_R( 9)
R1024_8_rounds( 9);
#endif
#if R1024_Unroll_R(10)
R1024_8_rounds(10);
#endif
#if R1024_Unroll_R(11)
R1024_8_rounds(11);
#endif
#if R1024_Unroll_R(12)
R1024_8_rounds(12);
#endif
#if R1024_Unroll_R(13)
R1024_8_rounds(13);
#endif
#if R1024_Unroll_R(14)
R1024_8_rounds(14);
#endif
#if (SKEIN_UNROLL_1024 > 14)
#error "need more unrolling in Skein_1024_Process_Block"
#endif
}
/* do the final "feedforward" xor, update context chaining vars */
ctx->X[ 0] = X00 ^ w[ 0];
ctx->X[ 1] = X01 ^ w[ 1];
ctx->X[ 2] = X02 ^ w[ 2];
ctx->X[ 3] = X03 ^ w[ 3];
ctx->X[ 4] = X04 ^ w[ 4];
ctx->X[ 5] = X05 ^ w[ 5];
ctx->X[ 6] = X06 ^ w[ 6];
ctx->X[ 7] = X07 ^ w[ 7];
ctx->X[ 8] = X08 ^ w[ 8];
ctx->X[ 9] = X09 ^ w[ 9];
ctx->X[10] = X10 ^ w[10];
ctx->X[11] = X11 ^ w[11];
ctx->X[12] = X12 ^ w[12];
ctx->X[13] = X13 ^ w[13];
ctx->X[14] = X14 ^ w[14];
ctx->X[15] = X15 ^ w[15];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_FEED_FWD,ctx->X);
ts[1] &= ~SKEIN_T1_FLAG_FIRST;
blkPtr += SKEIN1024_BLOCK_BYTES;
}
while (--blkCnt);
ctx->h.T[0] = ts[0];
ctx->h.T[1] = ts[1];
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein1024_Process_Block_CodeSize(void)
{
return ((u08b_t *) Skein1024_Process_Block_CodeSize) -
((u08b_t *) Skein1024_Process_Block);
}
uint_t Skein1024_Unroll_Cnt(void)
{
return SKEIN_UNROLL_1024;
}
#endif
#endif

247
Optimized_32bit/skein_debug.c Normal file
View File

@ -0,0 +1,247 @@
/***********************************************************************
**
** Debug output functions for Skein hashing.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#include <stdio.h>
#ifdef SKEIN_DEBUG /* only instantiate this code if SKEIN_DEBUG is on */
#include "skein.h"
static const char INDENT[] = " "; /* how much to indent on new line */
uint_t skein_DebugFlag = 0; /* off by default. Must be set externally */
static void Show64_step(size_t cnt,const u64b_t *X,size_t step)
{
size_t i,j;
for (i=j=0;i < cnt;i++,j+=step)
{
if (i % 4 == 0) printf(INDENT);
printf(" %08X.%08X ",(uint_32t)(X[j] >> 32),(uint_32t)X[j]);
if (i % 4 == 3 || i==cnt-1) printf("\n");
fflush(stdout);
}
}
#define Show64(cnt,X) Show64_step(cnt,X,1)
static void Show64_flag(size_t cnt,const u64b_t *X)
{
size_t xptr = (size_t) X;
size_t step = (xptr & 1) ? 2 : 1;
if (step != 1)
{
X = (const u64b_t *) (xptr & ~1);
}
Show64_step(cnt,X,step);
}
static void Show08(size_t cnt,const u08b_t *b)
{
size_t i;
for (i=0;i < cnt;i++)
{
if (i %16 == 0) printf(INDENT);
else if (i % 4 == 0) printf(" ");
printf(" %02X",b[i]);
if (i %16 == 15 || i==cnt-1) printf("\n");
fflush(stdout);
}
}
static const char *AlgoHeader(uint_t bits)
{
if (skein_DebugFlag & SKEIN_DEBUG_THREEFISH)
switch (bits)
{
case 256: return ":Threefish-256: ";
case 512: return ":Threefish-512: ";
case 1024: return ":Threefish-1024:";
}
else
switch (bits)
{
case 256: return ":Skein-256: ";
case 512: return ":Skein-512: ";
case 1024: return ":Skein-1024:";
}
return NULL;
}
void Skein_Show_Final(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t cnt,const u08b_t *outPtr)
{
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag & SKEIN_DEBUG_FINAL)
{
printf("\n%s Final output=\n",AlgoHeader(bits));
Show08(cnt,outPtr);
printf(" ++++++++++\n");
fflush(stdout);
}
}
/* show state after a round (or "pseudo-round") */
void Skein_Show_Round(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X)
{
static uint_t injectNum=0; /* not multi-thread safe! */
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag)
{
if (r >= SKEIN_RND_SPECIAL)
{ /* a key injection (or feedforward) point */
injectNum = (r == SKEIN_RND_KEY_INITIAL) ? 0 : injectNum+1;
if ( skein_DebugFlag & SKEIN_DEBUG_INJECT ||
((skein_DebugFlag & SKEIN_DEBUG_FINAL) && r == SKEIN_RND_FEED_FWD))
{
printf("\n%s",AlgoHeader(bits));
switch (r)
{
case SKEIN_RND_KEY_INITIAL:
printf(" [state after initial key injection]");
break;
case SKEIN_RND_KEY_INJECT:
printf(" [state after key injection #%02d]",injectNum);
break;
case SKEIN_RND_FEED_FWD:
printf(" [state after plaintext feedforward]");
injectNum = 0;
break;
}
printf("=\n");
Show64(bits/64,X);
if (r== SKEIN_RND_FEED_FWD)
printf(" ----------\n");
}
}
else if (skein_DebugFlag & SKEIN_DEBUG_ROUNDS)
{
uint_t j;
u64b_t p[SKEIN_MAX_STATE_WORDS];
const u08b_t *perm;
const static u08b_t PERM_256 [4][ 4] = { { 0,1,2,3 }, { 0,3,2,1 }, { 0,1,2,3 }, { 0,3,2,1 } };
const static u08b_t PERM_512 [4][ 8] = { { 0,1,2,3,4,5,6,7 },
{ 2,1,4,7,6,5,0,3 },
{ 4,1,6,3,0,5,2,7 },
{ 6,1,0,7,2,5,4,3 }
};
const static u08b_t PERM_1024[4][16] = { { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15 },
{ 0, 9, 2,13, 6,11, 4,15,10, 7,12, 3,14, 5, 8, 1 },
{ 0, 7, 2, 5, 4, 3, 6, 1,12,15,14,13, 8,11,10, 9 },
{ 0,15, 2,11, 6,13, 4, 9,14, 1, 8, 5,10, 3,12, 7 }
};
if ((skein_DebugFlag & SKEIN_DEBUG_PERMUTE) && (r & 3))
{
printf("\n%s [state after round %2d (permuted)]=\n",AlgoHeader(bits),(int)r);
switch (bits)
{
case 256: perm = PERM_256 [r&3]; break;
case 512: perm = PERM_512 [r&3]; break;
default: perm = PERM_1024[r&3]; break;
}
for (j=0;j<bits/64;j++)
p[j] = X[perm[j]];
Show64(bits/64,p);
}
else
{
printf("\n%s [state after round %2d]=\n",AlgoHeader(bits),(int)r);
Show64(bits/64,X);
}
}
}
}
/* show state after a round (or "pseudo-round"), given a list of pointers */
void Skein_Show_R_Ptr(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X_ptr[])
{
uint_t i;
u64b_t X[SKEIN_MAX_STATE_WORDS];
for (i=0;i<bits/64;i++) /* copy over the words */
X[i] = X_ptr[i][0];
Skein_Show_Round(bits,h,r,X);
}
/* show the state at the start of a block */
void Skein_Show_Block(uint_t bits,const Skein_Ctxt_Hdr_t *h,const u64b_t *X,const u08b_t *blkPtr,
const u64b_t *wPtr, const u64b_t *ksPtr, const u64b_t *tsPtr)
{
uint_t n;
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag)
{
if (skein_DebugFlag & SKEIN_DEBUG_HDR)
{
printf("\n%s Block: outBits=%4d. T0=%06X.",AlgoHeader(bits),(uint_t) h->hashBitLen,(uint_t)h->T[0]);
printf(" Type=");
n = (uint_t) ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) >> SKEIN_T1_POS_BLK_TYPE);
switch (n)
{
case SKEIN_BLK_TYPE_KEY: printf("KEY. "); break;
case SKEIN_BLK_TYPE_CFG: printf("CFG. "); break;
case SKEIN_BLK_TYPE_PERS: printf("PERS."); break;
case SKEIN_BLK_TYPE_PK : printf("PK. "); break;
case SKEIN_BLK_TYPE_KDF: printf("KDF. "); break;
case SKEIN_BLK_TYPE_MSG: printf("MSG. "); break;
case SKEIN_BLK_TYPE_OUT: printf("OUT. "); break;
default: printf("0x%02X.",n); break;
}
printf(" Flags=");
printf((h->T[1] & SKEIN_T1_FLAG_FIRST) ? " First":" ");
printf((h->T[1] & SKEIN_T1_FLAG_FINAL) ? " Final":" ");
printf((h->T[1] & SKEIN_T1_FLAG_BIT_PAD) ? " Pad" :" ");
n = (uint_t) ((h->T[1] & SKEIN_T1_TREE_LVL_MASK) >> SKEIN_T1_POS_TREE_LVL);
if (n)
printf(" TreeLevel = %02X",n);
printf("\n");
fflush(stdout);
}
if (skein_DebugFlag & SKEIN_DEBUG_TWEAK)
{
printf(" Tweak:\n");
Show64(2,h->T);
}
if (skein_DebugFlag & SKEIN_DEBUG_STATE)
{
printf(" %s words:\n",(skein_DebugFlag & SKEIN_DEBUG_THREEFISH)?"Key":"State");
Show64(bits/64,X);
}
if (skein_DebugFlag & SKEIN_DEBUG_KEYSCHED)
{
printf(" Tweak schedule:\n");
Show64_flag(3,tsPtr);
printf(" Key schedule:\n");
Show64_flag((bits/64)+1,ksPtr);
}
if (skein_DebugFlag & SKEIN_DEBUG_INPUT_64)
{
printf(" Input block (words):\n");
Show64(bits/64,wPtr);
}
if (skein_DebugFlag & SKEIN_DEBUG_INPUT_08)
{
printf(" Input block (bytes):\n");
Show08(bits/8,blkPtr);
}
}
}
void Skein_Show_Key(uint_t bits,const Skein_Ctxt_Hdr_t *h,const u08b_t *key,size_t keyBytes)
{
if (keyBytes)
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag & SKEIN_DEBUG_KEY)
{
printf("\n%s MAC key = %4u bytes\n",AlgoHeader(bits),(unsigned) keyBytes);
Show08(keyBytes,key);
}
}
#endif

48
Optimized_32bit/skein_debug.h Normal file
View File

@ -0,0 +1,48 @@
#ifndef _SKEIN_DEBUG_H_
#define _SKEIN_DEBUG_H_
/***********************************************************************
**
** Interface definitions for Skein hashing debug output.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#ifdef SKEIN_DEBUG
/* callout functions used inside Skein code */
void Skein_Show_Block(uint_t bits,const Skein_Ctxt_Hdr_t *h,const u64b_t *X,const u08b_t *blkPtr,
const u64b_t *wPtr,const u64b_t *ksPtr,const u64b_t *tsPtr);
void Skein_Show_Round(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X);
void Skein_Show_R_Ptr(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X_ptr[]);
void Skein_Show_Final(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t cnt,const u08b_t *outPtr);
void Skein_Show_Key (uint_t bits,const Skein_Ctxt_Hdr_t *h,const u08b_t *key,size_t keyBytes);
extern uint_t skein_DebugFlag; /* flags to control debug output (0 --> none) */
#define SKEIN_RND_SPECIAL (1000u)
#define SKEIN_RND_KEY_INITIAL (SKEIN_RND_SPECIAL+0u)
#define SKEIN_RND_KEY_INJECT (SKEIN_RND_SPECIAL+1u)
#define SKEIN_RND_FEED_FWD (SKEIN_RND_SPECIAL+2u)
/* flag bits: skein_DebugFlag */
#define SKEIN_DEBUG_KEY (1u << 1) /* show MAC key */
#define SKEIN_DEBUG_CONFIG (1u << 2) /* show config block processing */
#define SKEIN_DEBUG_STATE (1u << 3) /* show input state during Show_Block() */
#define SKEIN_DEBUG_TWEAK (1u << 4) /* show input state during Show_Block() */
#define SKEIN_DEBUG_KEYSCHED (1u << 5) /* show expanded key schedule */
#define SKEIN_DEBUG_INPUT_64 (1u << 6) /* show input block as 64-bit words */
#define SKEIN_DEBUG_INPUT_08 (1u << 7) /* show input block as 8-bit bytes */
#define SKEIN_DEBUG_INJECT (1u << 8) /* show state after key injection & feedforward points */
#define SKEIN_DEBUG_ROUNDS (1u << 9) /* show state after all rounds */
#define SKEIN_DEBUG_FINAL (1u <<10) /* show final output of Skein */
#define SKEIN_DEBUG_HDR (1u <<11) /* show block header */
#define SKEIN_DEBUG_THREEFISH (1u <<12) /* use Threefish name instead of Skein */
#define SKEIN_DEBUG_PERMUTE (1u <<13) /* use word permutations */
#define SKEIN_DEBUG_ALL ((~0u) & ~(SKEIN_DEBUG_THREEFISH | SKEIN_DEBUG_PERMUTE))
#define THREEFISH_DEBUG_ALL (SKEIN_DEBUG_ALL | SKEIN_DEBUG_THREEFISH)
#endif /* SKEIN_DEBUG */
#endif /* _SKEIN_DEBUG_H_ */

199
Optimized_32bit/skein_iv.h Normal file
View File

@ -0,0 +1,199 @@
#ifndef _SKEIN_IV_H_
#define _SKEIN_IV_H_
#include "skein.h" /* get Skein macros and types */
/*
***************** Pre-computed Skein IVs *******************
**
** NOTE: these values are not "magic" constants, but
** are generated using the Threefish block function.
** They are pre-computed here only for speed; i.e., to
** avoid the need for a Threefish call during Init().
**
** The IV for any fixed hash length may be pre-computed.
** Only the most common values are included here.
**
************************************************************
**/
#define MK_64 SKEIN_MK_64
/* blkSize = 256 bits. hashSize = 128 bits */
const u64b_t SKEIN_256_IV_128[] =
{
MK_64(0xE1111906,0x964D7260),
MK_64(0x883DAAA7,0x7C8D811C),
MK_64(0x10080DF4,0x91960F7A),
MK_64(0xCCF7DDE5,0xB45BC1C2)
};
/* blkSize = 256 bits. hashSize = 160 bits */
const u64b_t SKEIN_256_IV_160[] =
{
MK_64(0x14202314,0x72825E98),
MK_64(0x2AC4E9A2,0x5A77E590),
MK_64(0xD47A5856,0x8838D63E),
MK_64(0x2DD2E496,0x8586AB7D)
};
/* blkSize = 256 bits. hashSize = 224 bits */
const u64b_t SKEIN_256_IV_224[] =
{
MK_64(0xC6098A8C,0x9AE5EA0B),
MK_64(0x876D5686,0x08C5191C),
MK_64(0x99CB88D7,0xD7F53884),
MK_64(0x384BDDB1,0xAEDDB5DE)
};
/* blkSize = 256 bits. hashSize = 256 bits */
const u64b_t SKEIN_256_IV_256[] =
{
MK_64(0xFC9DA860,0xD048B449),
MK_64(0x2FCA6647,0x9FA7D833),
MK_64(0xB33BC389,0x6656840F),
MK_64(0x6A54E920,0xFDE8DA69)
};
/* blkSize = 512 bits. hashSize = 128 bits */
const u64b_t SKEIN_512_IV_128[] =
{
MK_64(0xA8BC7BF3,0x6FBF9F52),
MK_64(0x1E9872CE,0xBD1AF0AA),
MK_64(0x309B1790,0xB32190D3),
MK_64(0xBCFBB854,0x3F94805C),
MK_64(0x0DA61BCD,0x6E31B11B),
MK_64(0x1A18EBEA,0xD46A32E3),
MK_64(0xA2CC5B18,0xCE84AA82),
MK_64(0x6982AB28,0x9D46982D)
};
/* blkSize = 512 bits. hashSize = 160 bits */
const u64b_t SKEIN_512_IV_160[] =
{
MK_64(0x28B81A2A,0xE013BD91),
MK_64(0xC2F11668,0xB5BDF78F),
MK_64(0x1760D8F3,0xF6A56F12),
MK_64(0x4FB74758,0x8239904F),
MK_64(0x21EDE07F,0x7EAF5056),
MK_64(0xD908922E,0x63ED70B8),
MK_64(0xB8EC76FF,0xECCB52FA),
MK_64(0x01A47BB8,0xA3F27A6E)
};
/* blkSize = 512 bits. hashSize = 224 bits */
const u64b_t SKEIN_512_IV_224[] =
{
MK_64(0xCCD06162,0x48677224),
MK_64(0xCBA65CF3,0xA92339EF),
MK_64(0x8CCD69D6,0x52FF4B64),
MK_64(0x398AED7B,0x3AB890B4),
MK_64(0x0F59D1B1,0x457D2BD0),
MK_64(0x6776FE65,0x75D4EB3D),
MK_64(0x99FBC70E,0x997413E9),
MK_64(0x9E2CFCCF,0xE1C41EF7)
};
/* blkSize = 512 bits. hashSize = 256 bits */
const u64b_t SKEIN_512_IV_256[] =
{
MK_64(0xCCD044A1,0x2FDB3E13),
MK_64(0xE8359030,0x1A79A9EB),
MK_64(0x55AEA061,0x4F816E6F),
MK_64(0x2A2767A4,0xAE9B94DB),
MK_64(0xEC06025E,0x74DD7683),
MK_64(0xE7A436CD,0xC4746251),
MK_64(0xC36FBAF9,0x393AD185),
MK_64(0x3EEDBA18,0x33EDFC13)
};
/* blkSize = 512 bits. hashSize = 384 bits */
const u64b_t SKEIN_512_IV_384[] =
{
MK_64(0xA3F6C6BF,0x3A75EF5F),
MK_64(0xB0FEF9CC,0xFD84FAA4),
MK_64(0x9D77DD66,0x3D770CFE),
MK_64(0xD798CBF3,0xB468FDDA),
MK_64(0x1BC4A666,0x8A0E4465),
MK_64(0x7ED7D434,0xE5807407),
MK_64(0x548FC1AC,0xD4EC44D6),
MK_64(0x266E1754,0x6AA18FF8)
};
/* blkSize = 512 bits. hashSize = 512 bits */
const u64b_t SKEIN_512_IV_512[] =
{
MK_64(0x4903ADFF,0x749C51CE),
MK_64(0x0D95DE39,0x9746DF03),
MK_64(0x8FD19341,0x27C79BCE),
MK_64(0x9A255629,0xFF352CB1),
MK_64(0x5DB62599,0xDF6CA7B0),
MK_64(0xEABE394C,0xA9D5C3F4),
MK_64(0x991112C7,0x1A75B523),
MK_64(0xAE18A40B,0x660FCC33)
};
/* blkSize = 1024 bits. hashSize = 384 bits */
const u64b_t SKEIN1024_IV_384[] =
{
MK_64(0x5102B6B8,0xC1894A35),
MK_64(0xFEEBC9E3,0xFE8AF11A),
MK_64(0x0C807F06,0xE32BED71),
MK_64(0x60C13A52,0xB41A91F6),
MK_64(0x9716D35D,0xD4917C38),
MK_64(0xE780DF12,0x6FD31D3A),
MK_64(0x797846B6,0xC898303A),
MK_64(0xB172C2A8,0xB3572A3B),
MK_64(0xC9BC8203,0xA6104A6C),
MK_64(0x65909338,0xD75624F4),
MK_64(0x94BCC568,0x4B3F81A0),
MK_64(0x3EBBF51E,0x10ECFD46),
MK_64(0x2DF50F0B,0xEEB08542),
MK_64(0x3B5A6530,0x0DBC6516),
MK_64(0x484B9CD2,0x167BBCE1),
MK_64(0x2D136947,0xD4CBAFEA)
};
/* blkSize = 1024 bits. hashSize = 512 bits */
const u64b_t SKEIN1024_IV_512[] =
{
MK_64(0xCAEC0E5D,0x7C1B1B18),
MK_64(0xA01B0E04,0x5F03E802),
MK_64(0x33840451,0xED912885),
MK_64(0x374AFB04,0xEAEC2E1C),
MK_64(0xDF25A0E2,0x813581F7),
MK_64(0xE4004093,0x8B12F9D2),
MK_64(0xA662D539,0xC2ED39B6),
MK_64(0xFA8B85CF,0x45D8C75A),
MK_64(0x8316ED8E,0x29EDE796),
MK_64(0x053289C0,0x2E9F91B8),
MK_64(0xC3F8EF1D,0x6D518B73),
MK_64(0xBDCEC3C4,0xD5EF332E),
MK_64(0x549A7E52,0x22974487),
MK_64(0x67070872,0x5B749816),
MK_64(0xB9CD28FB,0xF0581BD1),
MK_64(0x0E2940B8,0x15804974)
};
/* blkSize = 1024 bits. hashSize = 1024 bits */
const u64b_t SKEIN1024_IV_1024[] =
{
MK_64(0xD593DA07,0x41E72355),
MK_64(0x15B5E511,0xAC73E00C),
MK_64(0x5180E5AE,0xBAF2C4F0),
MK_64(0x03BD41D3,0xFCBCAFAF),
MK_64(0x1CAEC6FD,0x1983A898),
MK_64(0x6E510B8B,0xCDD0589F),
MK_64(0x77E2BDFD,0xC6394ADA),
MK_64(0xC11E1DB5,0x24DCB0A3),
MK_64(0xD6D14AF9,0xC6329AB5),
MK_64(0x6A9B0BFC,0x6EB67E0D),
MK_64(0x9243C60D,0xCCFF1332),
MK_64(0x1A1F1DDE,0x743F02D4),
MK_64(0x0996753C,0x10ED0BB8),
MK_64(0x6572DD22,0xF2B4969A),
MK_64(0x61FD3062,0xD00A579A),
MK_64(0x1DE0536E,0x8682E539)
};
#endif /* _SKEIN_IV_H_ */

124
Optimized_32bit/skein_port.h Normal file
View File

@ -0,0 +1,124 @@
#ifndef _SKEIN_PORT_H_
#define _SKEIN_PORT_H_
/*******************************************************************
**
** Platform-specific definitions for Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
** Many thanks to Brian Gladman for his portable header files.
**
** To port Skein to an "unsupported" platform, change the definitions
** in this file appropriately.
**
********************************************************************/
#include "brg_types.h" /* get integer type definitions */
typedef unsigned int uint_t; /* native unsigned integer */
typedef uint_8t u08b_t; /* 8-bit unsigned integer */
typedef uint_64t u64b_t; /* 64-bit unsigned integer */
#ifndef RotL_64
#define RotL_64(x,N) (((x) << (N)) | ((x) >> (64-(N))))
#endif
/*
* Skein is "natively" little-endian (unlike SHA-xxx), for optimal
* performance on x86 CPUs. The Skein code requires the following
* definitions for dealing with endianness:
*
* SKEIN_NEED_SWAP: 0 for little-endian, 1 for big-endian
* Skein_Put64_LSB_First
* Skein_Get64_LSB_First
* Skein_Swap64
*
* If SKEIN_NEED_SWAP is defined at compile time, it is used here
* along with the portable versions of Put64/Get64/Swap64, which
* are slow in general.
*
* Otherwise, an "auto-detect" of endianness is attempted below.
* If the default handling doesn't work well, the user may insert
* platform-specific code instead (e.g., for big-endian CPUs).
*
*/
#ifndef SKEIN_NEED_SWAP /* compile-time "override" for endianness? */
#include "brg_endian.h" /* get endianness selection */
#if PLATFORM_BYTE_ORDER == IS_BIG_ENDIAN
/* here for big-endian CPUs */
#define SKEIN_NEED_SWAP (1)
#elif PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN
/* here for x86 and x86-64 CPUs (and other detected little-endian CPUs) */
#define SKEIN_NEED_SWAP (0)
#if PLATFORM_MUST_ALIGN == 0 /* ok to use "fast" versions? */
#define Skein_Put64_LSB_First(dst08,src64,bCnt) memcpy(dst08,src64,bCnt)
#define Skein_Get64_LSB_First(dst64,src08,wCnt) memcpy(dst64,src08,8*(wCnt))
#endif
#else
#error "Skein needs endianness setting!"
#endif
#endif /* ifndef SKEIN_NEED_SWAP */
/*
******************************************************************
* Provide any definitions still needed.
******************************************************************
*/
#ifndef Skein_Swap64 /* swap for big-endian, nop for little-endian */
#if SKEIN_NEED_SWAP
#define Skein_Swap64(w64) \
( (( ((u64b_t)(w64)) & 0xFF) << 56) | \
(((((u64b_t)(w64)) >> 8) & 0xFF) << 48) | \
(((((u64b_t)(w64)) >>16) & 0xFF) << 40) | \
(((((u64b_t)(w64)) >>24) & 0xFF) << 32) | \
(((((u64b_t)(w64)) >>32) & 0xFF) << 24) | \
(((((u64b_t)(w64)) >>40) & 0xFF) << 16) | \
(((((u64b_t)(w64)) >>48) & 0xFF) << 8) | \
(((((u64b_t)(w64)) >>56) & 0xFF) ) )
#else
#define Skein_Swap64(w64) (w64)
#endif
#endif /* ifndef Skein_Swap64 */
#ifndef Skein_Put64_LSB_First
void Skein_Put64_LSB_First(u08b_t *dst,const u64b_t *src,size_t bCnt)
#ifdef SKEIN_PORT_CODE /* instantiate the function code here? */
{ /* this version is fully portable (big-endian or little-endian), but slow */
size_t n;
for (n=0;n<bCnt;n++)
dst[n] = (u08b_t) (src[n>>3] >> (8*(n&7)));
}
#else
; /* output only the function prototype */
#endif
#endif /* ifndef Skein_Put64_LSB_First */
#ifndef Skein_Get64_LSB_First
void Skein_Get64_LSB_First(u64b_t *dst,const u08b_t *src,size_t wCnt)
#ifdef SKEIN_PORT_CODE /* instantiate the function code here? */
{ /* this version is fully portable (big-endian or little-endian), but slow */
size_t n;
for (n=0;n<8*wCnt;n+=8)
dst[n/8] = (((u64b_t) src[n ]) ) +
(((u64b_t) src[n+1]) << 8) +
(((u64b_t) src[n+2]) << 16) +
(((u64b_t) src[n+3]) << 24) +
(((u64b_t) src[n+4]) << 32) +
(((u64b_t) src[n+5]) << 40) +
(((u64b_t) src[n+6]) << 48) +
(((u64b_t) src[n+7]) << 56) ;
}
#else
; /* output only the function prototype */
#endif
#endif /* ifndef Skein_Get64_LSB_First */
#endif /* ifndef _SKEIN_PORT_H_ */

115
Optimized_64bit/SHA3api_ref.c Normal file
View File

@ -0,0 +1,115 @@
/***********************************************************************
**
** Implementation of the AHS API using the Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#include <string.h> /* get the memcpy/memset functions */
#include "skein.h" /* get the Skein API definitions */
#include "SHA3api_ref.h"/* get the AHS API definitions */
/******************************************************************/
/* AHS API code */
/******************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* select the context size and init the context */
HashReturn Init(hashState *state, int hashbitlen)
{
#if SKEIN_256_NIST_MAX_HASH_BITS
if (hashbitlen <= SKEIN_256_NIST_MAX_HASHBITS)
{
Skein_Assert(hashbitlen > 0,BAD_HASHLEN);
state->statebits = 64*SKEIN_256_STATE_WORDS;
return Skein_256_Init(&state->u.ctx_256,(size_t) hashbitlen);
}
#endif
if (hashbitlen <= SKEIN_512_NIST_MAX_HASHBITS)
{
state->statebits = 64*SKEIN_512_STATE_WORDS;
return Skein_512_Init(&state->u.ctx_512,(size_t) hashbitlen);
}
else
{
state->statebits = 64*SKEIN1024_STATE_WORDS;
return Skein1024_Init(&state->u.ctx1024,(size_t) hashbitlen);
}
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process data to be hashed */
HashReturn Update(hashState *state, const BitSequence *data, DataLength databitlen)
{
/* only the final Update() call is allowed do partial bytes, else assert an error */
Skein_Assert((state->u.h.T[1] & SKEIN_T1_FLAG_BIT_PAD) == 0 || databitlen == 0, FAIL);
Skein_Assert(state->statebits % 256 == 0 && (state->statebits-256) < 1024,FAIL);
if ((databitlen & 7) == 0) /* partial bytes? */
{
switch ((state->statebits >> 8) & 3)
{
case 2: return Skein_512_Update(&state->u.ctx_512,data,databitlen >> 3);
case 1: return Skein_256_Update(&state->u.ctx_256,data,databitlen >> 3);
case 0: return Skein1024_Update(&state->u.ctx1024,data,databitlen >> 3);
default: return FAIL;
}
}
else
{ /* handle partial final byte */
size_t bCnt = (databitlen >> 3) + 1; /* number of bytes to handle (nonzero here!) */
u08b_t b,mask;
mask = (u08b_t) (1u << (7 - (databitlen & 7))); /* partial byte bit mask */
b = (u08b_t) ((data[bCnt-1] & (0-mask)) | mask); /* apply bit padding on final byte */
switch ((state->statebits >> 8) & 3)
{
case 2: Skein_512_Update(&state->u.ctx_512,data,bCnt-1); /* process all but the final byte */
Skein_512_Update(&state->u.ctx_512,&b , 1 ); /* process the (masked) partial byte */
break;
case 1: Skein_256_Update(&state->u.ctx_256,data,bCnt-1); /* process all but the final byte */
Skein_256_Update(&state->u.ctx_256,&b , 1 ); /* process the (masked) partial byte */
break;
case 0: Skein1024_Update(&state->u.ctx1024,data,bCnt-1); /* process all but the final byte */
Skein1024_Update(&state->u.ctx1024,&b , 1 ); /* process the (masked) partial byte */
break;
default: return FAIL;
}
Skein_Set_Bit_Pad_Flag(state->u.h); /* set tweak flag for the final call */
return SUCCESS;
}
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize hash computation and output the result (hashbitlen bits) */
HashReturn Final(hashState *state, BitSequence *hashval)
{
Skein_Assert(state->statebits % 256 == 0 && (state->statebits-256) < 1024,FAIL);
switch ((state->statebits >> 8) & 3)
{
case 2: return Skein_512_Final(&state->u.ctx_512,hashval);
case 1: return Skein_256_Final(&state->u.ctx_256,hashval);
case 0: return Skein1024_Final(&state->u.ctx1024,hashval);
default: return FAIL;
}
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* all-in-one hash function */
HashReturn Hash(int hashbitlen, const BitSequence *data, /* all-in-one call */
DataLength databitlen,BitSequence *hashval)
{
hashState state;
HashReturn r = Init(&state,hashbitlen);
if (r == SUCCESS)
{ /* these calls do not fail when called properly */
r = Update(&state,data,databitlen);
Final(&state,hashval);
}
return r;
}

66
Optimized_64bit/SHA3api_ref.h Normal file
View File

@ -0,0 +1,66 @@
#ifndef _AHS_API_H_
#define _AHS_API_H_
/***********************************************************************
**
** Interface declarations of the AHS API using the Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#include "skein.h"
typedef enum
{
SUCCESS = SKEIN_SUCCESS,
FAIL = SKEIN_FAIL,
BAD_HASHLEN = SKEIN_BAD_HASHLEN
}
HashReturn;
typedef size_t DataLength; /* bit count type */
typedef u08b_t BitSequence; /* bit stream type */
typedef struct
{
uint_t statebits; /* 256, 512, or 1024 */
union
{
Skein_Ctxt_Hdr_t h; /* common header "overlay" */
Skein_256_Ctxt_t ctx_256;
Skein_512_Ctxt_t ctx_512;
Skein1024_Ctxt_t ctx1024;
} u;
}
hashState;
/* "incremental" hashing API */
HashReturn Init (hashState *state, int hashbitlen);
HashReturn Update(hashState *state, const BitSequence *data, DataLength databitlen);
HashReturn Final (hashState *state, BitSequence *hashval);
/* "all-in-one" call */
HashReturn Hash (int hashbitlen, const BitSequence *data,
DataLength databitlen, BitSequence *hashval);
/*
** Re-define the compile-time constants below to change the selection
** of the Skein state size in the Init() function in SHA3api_ref.c.
**
** That is, the NIST API does not allow for explicit selection of the
** Skein block size, so it must be done implicitly in the Init() function.
** The selection is controlled by these constants.
*/
#ifndef SKEIN_256_NIST_MAX_HASHBITS
#define SKEIN_256_NIST_MAX_HASHBITS (0)
#endif
#ifndef SKEIN_512_NIST_MAX_HASHBITS
#define SKEIN_512_NIST_MAX_HASHBITS (512)
#endif
#endif /* ifdef _AHS_API_H_ */

148
Optimized_64bit/brg_endian.h Normal file
View File

@ -0,0 +1,148 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue 20/10/2006
*/
#ifndef BRG_ENDIAN_H
#define BRG_ENDIAN_H
#define IS_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */
#define IS_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */
/* Include files where endian defines and byteswap functions may reside */
#if defined( __FreeBSD__ ) || defined( __OpenBSD__ ) || defined( __NetBSD__ )
# include <sys/endian.h>
#elif defined( BSD ) && ( BSD >= 199103 ) || defined( __APPLE__ ) || \
defined( __CYGWIN32__ ) || defined( __DJGPP__ ) || defined( __osf__ )
# include <machine/endian.h>
#elif defined( __linux__ ) || defined( __GNUC__ ) || defined( __GNU_LIBRARY__ )
# if !defined( __MINGW32__ ) && !defined(AVR)
# include <endian.h>
# if !defined( __BEOS__ )
# include <byteswap.h>
# endif
# endif
#endif
/* Now attempt to set the define for platform byte order using any */
/* of the four forms SYMBOL, _SYMBOL, __SYMBOL & __SYMBOL__, which */
/* seem to encompass most endian symbol definitions */
#if defined( BIG_ENDIAN ) && defined( LITTLE_ENDIAN )
# if defined( BYTE_ORDER ) && BYTE_ORDER == BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( BYTE_ORDER ) && BYTE_ORDER == LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( _BIG_ENDIAN ) && defined( _LITTLE_ENDIAN )
# if defined( _BYTE_ORDER ) && _BYTE_ORDER == _BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( _BYTE_ORDER ) && _BYTE_ORDER == _LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( _BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( _LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( __BIG_ENDIAN ) && defined( __LITTLE_ENDIAN )
# if defined( __BYTE_ORDER ) && __BYTE_ORDER == __BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( __BYTE_ORDER ) && __BYTE_ORDER == __LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( __BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( __LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( __BIG_ENDIAN__ ) && defined( __LITTLE_ENDIAN__ )
# if defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __BIG_ENDIAN__
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __LITTLE_ENDIAN__
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( __BIG_ENDIAN__ )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( __LITTLE_ENDIAN__ )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
/* if the platform byte order could not be determined, then try to */
/* set this define using common machine defines */
#if !defined(PLATFORM_BYTE_ORDER)
#if defined( __alpha__ ) || defined( __alpha ) || defined( i386 ) || \
defined( __i386__ ) || defined( _M_I86 ) || defined( _M_IX86 ) || \
defined( __OS2__ ) || defined( sun386 ) || defined( __TURBOC__ ) || \
defined( vax ) || defined( vms ) || defined( VMS ) || \
defined( __VMS ) || defined( _M_X64 ) || defined( AVR )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#elif defined( AMIGA ) || defined( applec ) || defined( __AS400__ ) || \
defined( _CRAY ) || defined( __hppa ) || defined( __hp9000 ) || \
defined( ibm370 ) || defined( mc68000 ) || defined( m68k ) || \
defined( __MRC__ ) || defined( __MVS__ ) || defined( __MWERKS__ ) || \
defined( sparc ) || defined( __sparc) || defined( SYMANTEC_C ) || \
defined( __VOS__ ) || defined( __TIGCC__ ) || defined( __TANDEM ) || \
defined( THINK_C ) || defined( __VMCMS__ )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif 0 /* **** EDIT HERE IF NECESSARY **** */
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#elif 0 /* **** EDIT HERE IF NECESSARY **** */
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#else
# error Please edit lines 126 or 128 in brg_endian.h to set the platform byte order
#endif
#endif
/* special handler for IA64, which may be either endianness (?) */
/* here we assume little-endian, but this may need to be changed */
#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
# define PLATFORM_MUST_ALIGN (1)
#ifndef PLATFORM_BYTE_ORDER
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#endif
#ifndef PLATFORM_MUST_ALIGN
# define PLATFORM_MUST_ALIGN (0)
#endif
#endif /* ifndef BRG_ENDIAN_H */

188
Optimized_64bit/brg_types.h Normal file
View File

@ -0,0 +1,188 @@
/*
---------------------------------------------------------------------------
Copyright (c) 1998-2006, Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue 09/09/2006
The unsigned integer types defined here are of the form uint_<nn>t where
<nn> is the length of the type; for example, the unsigned 32-bit type is
'uint_32t'. These are NOT the same as the 'C99 integer types' that are
defined in the inttypes.h and stdint.h headers since attempts to use these
types have shown that support for them is still highly variable. However,
since the latter are of the form uint<nn>_t, a regular expression search
and replace (in VC++ search on 'uint_{:z}t' and replace with 'uint\1_t')
can be used to convert the types used here to the C99 standard types.
*/
#ifndef BRG_TYPES_H
#define BRG_TYPES_H
#if defined(__cplusplus)
extern "C" {
#endif
#include <limits.h>
#ifndef BRG_UI8
# define BRG_UI8
# if UCHAR_MAX == 255u
typedef unsigned char uint_8t;
# else
# error Please define uint_8t as an 8-bit unsigned integer type in brg_types.h
# endif
#endif
#ifndef BRG_UI16
# define BRG_UI16
# if USHRT_MAX == 65535u
typedef unsigned short uint_16t;
# else
# error Please define uint_16t as a 16-bit unsigned short type in brg_types.h
# endif
#endif
#ifndef BRG_UI32
# define BRG_UI32
# if UINT_MAX == 4294967295u
# define li_32(h) 0x##h##u
typedef unsigned int uint_32t;
# elif ULONG_MAX == 4294967295u
# define li_32(h) 0x##h##ul
typedef unsigned long uint_32t;
# elif defined( _CRAY )
# error This code needs 32-bit data types, which Cray machines do not provide
# else
# error Please define uint_32t as a 32-bit unsigned integer type in brg_types.h
# endif
#endif
#ifndef BRG_UI64
# if defined( __BORLANDC__ ) && !defined( __MSDOS__ )
# define BRG_UI64
# define li_64(h) 0x##h##ui64
typedef unsigned __int64 uint_64t;
# elif defined( _MSC_VER ) && ( _MSC_VER < 1300 ) /* 1300 == VC++ 7.0 */
# define BRG_UI64
# define li_64(h) 0x##h##ui64
typedef unsigned __int64 uint_64t;
# elif defined( __sun ) && defined(ULONG_MAX) && ULONG_MAX == 0xfffffffful
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# elif defined( UINT_MAX ) && UINT_MAX > 4294967295u
# if UINT_MAX == 18446744073709551615u
# define BRG_UI64
# define li_64(h) 0x##h##u
typedef unsigned int uint_64t;
# endif
# elif defined( ULONG_MAX ) && ULONG_MAX > 4294967295u
# if ULONG_MAX == 18446744073709551615ul
# define BRG_UI64
# define li_64(h) 0x##h##ul
typedef unsigned long uint_64t;
# endif
# elif defined( ULLONG_MAX ) && ULLONG_MAX > 4294967295u
# if ULLONG_MAX == 18446744073709551615ull
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# endif
# elif defined( ULONG_LONG_MAX ) && ULONG_LONG_MAX > 4294967295u
# if ULONG_LONG_MAX == 18446744073709551615ull
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# endif
# elif defined(__GNUC__) /* DLW: avoid mingw problem with -ansi */
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# endif
#endif
#if defined( NEED_UINT_64T ) && !defined( BRG_UI64 )
# error Please define uint_64t as an unsigned 64 bit type in brg_types.h
#endif
#ifndef RETURN_VALUES
# define RETURN_VALUES
# if defined( DLL_EXPORT )
# if defined( _MSC_VER ) || defined ( __INTEL_COMPILER )
# define VOID_RETURN __declspec( dllexport ) void __stdcall
# define INT_RETURN __declspec( dllexport ) int __stdcall
# elif defined( __GNUC__ )
# define VOID_RETURN __declspec( __dllexport__ ) void
# define INT_RETURN __declspec( __dllexport__ ) int
# else
# error Use of the DLL is only available on the Microsoft, Intel and GCC compilers
# endif
# elif defined( DLL_IMPORT )
# if defined( _MSC_VER ) || defined ( __INTEL_COMPILER )
# define VOID_RETURN __declspec( dllimport ) void __stdcall
# define INT_RETURN __declspec( dllimport ) int __stdcall
# elif defined( __GNUC__ )
# define VOID_RETURN __declspec( __dllimport__ ) void
# define INT_RETURN __declspec( __dllimport__ ) int
# else
# error Use of the DLL is only available on the Microsoft, Intel and GCC compilers
# endif
# elif defined( __WATCOMC__ )
# define VOID_RETURN void __cdecl
# define INT_RETURN int __cdecl
# else
# define VOID_RETURN void
# define INT_RETURN int
# endif
#endif
/* These defines are used to declare buffers in a way that allows
faster operations on longer variables to be used. In all these
defines 'size' must be a power of 2 and >= 8
dec_unit_type(size,x) declares a variable 'x' of length
'size' bits
dec_bufr_type(size,bsize,x) declares a buffer 'x' of length 'bsize'
bytes defined as an array of variables
each of 'size' bits (bsize must be a
multiple of size / 8)
ptr_cast(x,size) casts a pointer to a pointer to a
varaiable of length 'size' bits
*/
#define ui_type(size) uint_##size##t
#define dec_unit_type(size,x) typedef ui_type(size) x
#define dec_bufr_type(size,bsize,x) typedef ui_type(size) x[bsize / (size >> 3)]
#define ptr_cast(x,size) ((ui_type(size)*)(x))
#if defined(__cplusplus)
}
#endif
#endif

753
Optimized_64bit/skein.c Normal file
View File

@ -0,0 +1,753 @@
/***********************************************************************
**
** Implementation of the Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#define SKEIN_PORT_CODE /* instantiate any code in skein_port.h */
#include <string.h> /* get the memcpy/memset functions */
#include "skein.h" /* get the Skein API definitions */
#include "skein_iv.h" /* get precomputed IVs */
/*****************************************************************/
/* External function to process blkCnt (nonzero) full block(s) of data. */
void Skein_256_Process_Block(Skein_256_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd);
void Skein_512_Process_Block(Skein_512_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd);
void Skein1024_Process_Block(Skein1024_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd);
/*****************************************************************/
/* 256-bit Skein */
/*****************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a straight hashing operation */
int Skein_256_Init(Skein_256_Ctxt_t *ctx, size_t hashBitLen)
{
union
{
u08b_t b[SKEIN_256_STATE_BYTES];
u64b_t w[SKEIN_256_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
switch (hashBitLen)
{ /* use pre-computed values, where available */
#ifndef SKEIN_NO_PRECOMP
case 256: memcpy(ctx->X,SKEIN_256_IV_256,sizeof(ctx->X)); break;
case 224: memcpy(ctx->X,SKEIN_256_IV_224,sizeof(ctx->X)); break;
case 160: memcpy(ctx->X,SKEIN_256_IV_160,sizeof(ctx->X)); break;
case 128: memcpy(ctx->X,SKEIN_256_IV_128,sizeof(ctx->X)); break;
#endif
default:
/* here if there is no precomputed IV value available */
/* build/process the config block, type == CONFIG (could be precomputed) */
Skein_Start_New_Type(ctx,CFG_FINAL); /* set tweaks: T0=0; T1=CFG | FINAL */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER); /* set the schema, version */
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(SKEIN_CFG_TREE_INFO_SEQUENTIAL);
memset(&cfg.w[3],0,sizeof(cfg) - 3*sizeof(cfg.w[0])); /* zero pad config block */
/* compute the initial chaining values from config block */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the chaining variables */
Skein_256_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
break;
}
/* The chaining vars ctx->X are now initialized for the given hashBitLen. */
/* Set up to process the data message portion of the hash (default) */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a MAC and/or tree hash operation */
/* [identical to Skein_256_Init() when keyBytes == 0 && treeInfo == SKEIN_CFG_TREE_INFO_SEQUENTIAL] */
int Skein_256_InitExt(Skein_256_Ctxt_t *ctx,size_t hashBitLen,u64b_t treeInfo, const u08b_t *key, size_t keyBytes)
{
union
{
u08b_t b[SKEIN_256_STATE_BYTES];
u64b_t w[SKEIN_256_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
Skein_Assert(keyBytes == 0 || key != NULL,SKEIN_FAIL);
/* compute the initial chaining values ctx->X[], based on key */
if (keyBytes == 0) /* is there a key? */
{
memset(ctx->X,0,sizeof(ctx->X)); /* no key: use all zeroes as key for config block */
}
else /* here to pre-process a key */
{
Skein_assert(sizeof(cfg.b) >= sizeof(ctx->X));
/* do a mini-Init right here */
ctx->h.hashBitLen=8*sizeof(ctx->X); /* set output hash bit count = state size */
Skein_Start_New_Type(ctx,KEY); /* set tweaks: T0 = 0; T1 = KEY type */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the initial chaining variables */
Skein_256_Update(ctx,key,keyBytes); /* hash the key */
Skein_256_Final_Pad(ctx,cfg.b); /* put result into cfg.b[] */
memcpy(ctx->X,cfg.b,sizeof(cfg.b)); /* copy over into ctx->X[] */
#if SKEIN_NEED_SWAP
{
uint_t i;
for (i=0;i<SKEIN_256_STATE_WORDS;i++) /* convert key bytes to context words */
ctx->X[i] = Skein_Swap64(ctx->X[i]);
}
#endif
}
/* build/process the config block, type == CONFIG (could be precomputed for each key) */
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
Skein_Start_New_Type(ctx,CFG_FINAL);
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER);
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(treeInfo); /* tree hash config info (or SKEIN_CFG_TREE_INFO_SEQUENTIAL) */
Skein_Show_Key(256,&ctx->h,key,keyBytes);
/* compute the initial chaining values from config block */
Skein_256_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized */
/* Set up to process the data message portion of the hash (default) */
ctx->h.bCnt = 0; /* buffer b[] starts out empty */
Skein_Start_New_Type(ctx,MSG);
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process the input bytes */
int Skein_256_Update(Skein_256_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt)
{
size_t n;
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* process full blocks, if any */
if (msgByteCnt + ctx->h.bCnt > SKEIN_256_BLOCK_BYTES)
{
if (ctx->h.bCnt) /* finish up any buffered message data */
{
n = SKEIN_256_BLOCK_BYTES - ctx->h.bCnt; /* # bytes free in buffer b[] */
if (n)
{
Skein_assert(n < msgByteCnt); /* check on our logic here */
memcpy(&ctx->b[ctx->h.bCnt],msg,n);
msgByteCnt -= n;
msg += n;
ctx->h.bCnt += n;
}
Skein_assert(ctx->h.bCnt == SKEIN_256_BLOCK_BYTES);
Skein_256_Process_Block(ctx,ctx->b,1,SKEIN_256_BLOCK_BYTES);
ctx->h.bCnt = 0;
}
/* now process any remaining full blocks, directly from input message data */
if (msgByteCnt > SKEIN_256_BLOCK_BYTES)
{
n = (msgByteCnt-1) / SKEIN_256_BLOCK_BYTES; /* number of full blocks to process */
Skein_256_Process_Block(ctx,msg,n,SKEIN_256_BLOCK_BYTES);
msgByteCnt -= n * SKEIN_256_BLOCK_BYTES;
msg += n * SKEIN_256_BLOCK_BYTES;
}
Skein_assert(ctx->h.bCnt == 0);
}
/* copy any remaining source message data bytes into b[] */
if (msgByteCnt)
{
Skein_assert(msgByteCnt + ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES);
memcpy(&ctx->b[ctx->h.bCnt],msg,msgByteCnt);
ctx->h.bCnt += msgByteCnt;
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the result */
int Skein_256_Final(Skein_256_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_256_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_256_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_256_BLOCK_BYTES - ctx->h.bCnt);
Skein_256_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_256_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_256_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_256_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_256_BLOCK_BYTES)
n = SKEIN_256_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_256_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN_256_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_256_API_CodeSize(void)
{
return ((u08b_t *) Skein_256_API_CodeSize) -
((u08b_t *) Skein_256_Init);
}
#endif
/*****************************************************************/
/* 512-bit Skein */
/*****************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a straight hashing operation */
int Skein_512_Init(Skein_512_Ctxt_t *ctx, size_t hashBitLen)
{
union
{
u08b_t b[SKEIN_512_STATE_BYTES];
u64b_t w[SKEIN_512_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
switch (hashBitLen)
{ /* use pre-computed values, where available */
#ifndef SKEIN_NO_PRECOMP
case 512: memcpy(ctx->X,SKEIN_512_IV_512,sizeof(ctx->X)); break;
case 384: memcpy(ctx->X,SKEIN_512_IV_384,sizeof(ctx->X)); break;
case 256: memcpy(ctx->X,SKEIN_512_IV_256,sizeof(ctx->X)); break;
case 224: memcpy(ctx->X,SKEIN_512_IV_224,sizeof(ctx->X)); break;
#endif
default:
/* here if there is no precomputed IV value available */
/* build/process the config block, type == CONFIG (could be precomputed) */
Skein_Start_New_Type(ctx,CFG_FINAL); /* set tweaks: T0=0; T1=CFG | FINAL */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER); /* set the schema, version */
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(SKEIN_CFG_TREE_INFO_SEQUENTIAL);
memset(&cfg.w[3],0,sizeof(cfg) - 3*sizeof(cfg.w[0])); /* zero pad config block */
/* compute the initial chaining values from config block */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the chaining variables */
Skein_512_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
break;
}
/* The chaining vars ctx->X are now initialized for the given hashBitLen. */
/* Set up to process the data message portion of the hash (default) */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a MAC and/or tree hash operation */
/* [identical to Skein_512_Init() when keyBytes == 0 && treeInfo == SKEIN_CFG_TREE_INFO_SEQUENTIAL] */
int Skein_512_InitExt(Skein_512_Ctxt_t *ctx,size_t hashBitLen,u64b_t treeInfo, const u08b_t *key, size_t keyBytes)
{
union
{
u08b_t b[SKEIN_512_STATE_BYTES];
u64b_t w[SKEIN_512_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
Skein_Assert(keyBytes == 0 || key != NULL,SKEIN_FAIL);
/* compute the initial chaining values ctx->X[], based on key */
if (keyBytes == 0) /* is there a key? */
{
memset(ctx->X,0,sizeof(ctx->X)); /* no key: use all zeroes as key for config block */
}
else /* here to pre-process a key */
{
Skein_assert(sizeof(cfg.b) >= sizeof(ctx->X));
/* do a mini-Init right here */
ctx->h.hashBitLen=8*sizeof(ctx->X); /* set output hash bit count = state size */
Skein_Start_New_Type(ctx,KEY); /* set tweaks: T0 = 0; T1 = KEY type */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the initial chaining variables */
Skein_512_Update(ctx,key,keyBytes); /* hash the key */
Skein_512_Final_Pad(ctx,cfg.b); /* put result into cfg.b[] */
memcpy(ctx->X,cfg.b,sizeof(cfg.b)); /* copy over into ctx->X[] */
#if SKEIN_NEED_SWAP
{
uint_t i;
for (i=0;i<SKEIN_512_STATE_WORDS;i++) /* convert key bytes to context words */
ctx->X[i] = Skein_Swap64(ctx->X[i]);
}
#endif
}
/* build/process the config block, type == CONFIG (could be precomputed for each key) */
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
Skein_Start_New_Type(ctx,CFG_FINAL);
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER);
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(treeInfo); /* tree hash config info (or SKEIN_CFG_TREE_INFO_SEQUENTIAL) */
Skein_Show_Key(512,&ctx->h,key,keyBytes);
/* compute the initial chaining values from config block */
Skein_512_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized */
/* Set up to process the data message portion of the hash (default) */
ctx->h.bCnt = 0; /* buffer b[] starts out empty */
Skein_Start_New_Type(ctx,MSG);
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process the input bytes */
int Skein_512_Update(Skein_512_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt)
{
size_t n;
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* process full blocks, if any */
if (msgByteCnt + ctx->h.bCnt > SKEIN_512_BLOCK_BYTES)
{
if (ctx->h.bCnt) /* finish up any buffered message data */
{
n = SKEIN_512_BLOCK_BYTES - ctx->h.bCnt; /* # bytes free in buffer b[] */
if (n)
{
Skein_assert(n < msgByteCnt); /* check on our logic here */
memcpy(&ctx->b[ctx->h.bCnt],msg,n);
msgByteCnt -= n;
msg += n;
ctx->h.bCnt += n;
}
Skein_assert(ctx->h.bCnt == SKEIN_512_BLOCK_BYTES);
Skein_512_Process_Block(ctx,ctx->b,1,SKEIN_512_BLOCK_BYTES);
ctx->h.bCnt = 0;
}
/* now process any remaining full blocks, directly from input message data */
if (msgByteCnt > SKEIN_512_BLOCK_BYTES)
{
n = (msgByteCnt-1) / SKEIN_512_BLOCK_BYTES; /* number of full blocks to process */
Skein_512_Process_Block(ctx,msg,n,SKEIN_512_BLOCK_BYTES);
msgByteCnt -= n * SKEIN_512_BLOCK_BYTES;
msg += n * SKEIN_512_BLOCK_BYTES;
}
Skein_assert(ctx->h.bCnt == 0);
}
/* copy any remaining source message data bytes into b[] */
if (msgByteCnt)
{
Skein_assert(msgByteCnt + ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES);
memcpy(&ctx->b[ctx->h.bCnt],msg,msgByteCnt);
ctx->h.bCnt += msgByteCnt;
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the result */
int Skein_512_Final(Skein_512_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_512_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_512_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_512_BLOCK_BYTES - ctx->h.bCnt);
Skein_512_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_512_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_512_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_512_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_512_BLOCK_BYTES)
n = SKEIN_512_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_512_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(512,&ctx->h,n,hashVal+i*SKEIN_512_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_512_API_CodeSize(void)
{
return ((u08b_t *) Skein_512_API_CodeSize) -
((u08b_t *) Skein_512_Init);
}
#endif
/*****************************************************************/
/* 1024-bit Skein */
/*****************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a straight hashing operation */
int Skein1024_Init(Skein1024_Ctxt_t *ctx, size_t hashBitLen)
{
union
{
u08b_t b[SKEIN1024_STATE_BYTES];
u64b_t w[SKEIN1024_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
switch (hashBitLen)
{ /* use pre-computed values, where available */
#ifndef SKEIN_NO_PRECOMP
case 512: memcpy(ctx->X,SKEIN1024_IV_512 ,sizeof(ctx->X)); break;
case 384: memcpy(ctx->X,SKEIN1024_IV_384 ,sizeof(ctx->X)); break;
case 1024: memcpy(ctx->X,SKEIN1024_IV_1024,sizeof(ctx->X)); break;
#endif
default:
/* here if there is no precomputed IV value available */
/* build/process the config block, type == CONFIG (could be precomputed) */
Skein_Start_New_Type(ctx,CFG_FINAL); /* set tweaks: T0=0; T1=CFG | FINAL */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER); /* set the schema, version */
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(SKEIN_CFG_TREE_INFO_SEQUENTIAL);
memset(&cfg.w[3],0,sizeof(cfg) - 3*sizeof(cfg.w[0])); /* zero pad config block */
/* compute the initial chaining values from config block */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the chaining variables */
Skein1024_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
break;
}
/* The chaining vars ctx->X are now initialized for the given hashBitLen. */
/* Set up to process the data message portion of the hash (default) */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a MAC and/or tree hash operation */
/* [identical to Skein1024_Init() when keyBytes == 0 && treeInfo == SKEIN_CFG_TREE_INFO_SEQUENTIAL] */
int Skein1024_InitExt(Skein1024_Ctxt_t *ctx,size_t hashBitLen,u64b_t treeInfo, const u08b_t *key, size_t keyBytes)
{
union
{
u08b_t b[SKEIN1024_STATE_BYTES];
u64b_t w[SKEIN1024_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
Skein_Assert(keyBytes == 0 || key != NULL,SKEIN_FAIL);
/* compute the initial chaining values ctx->X[], based on key */
if (keyBytes == 0) /* is there a key? */
{
memset(ctx->X,0,sizeof(ctx->X)); /* no key: use all zeroes as key for config block */
}
else /* here to pre-process a key */
{
Skein_assert(sizeof(cfg.b) >= sizeof(ctx->X));
/* do a mini-Init right here */
ctx->h.hashBitLen=8*sizeof(ctx->X); /* set output hash bit count = state size */
Skein_Start_New_Type(ctx,KEY); /* set tweaks: T0 = 0; T1 = KEY type */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the initial chaining variables */
Skein1024_Update(ctx,key,keyBytes); /* hash the key */
Skein1024_Final_Pad(ctx,cfg.b); /* put result into cfg.b[] */
memcpy(ctx->X,cfg.b,sizeof(cfg.b)); /* copy over into ctx->X[] */
#if SKEIN_NEED_SWAP
{
uint_t i;
for (i=0;i<SKEIN1024_STATE_WORDS;i++) /* convert key bytes to context words */
ctx->X[i] = Skein_Swap64(ctx->X[i]);
}
#endif
}
/* build/process the config block, type == CONFIG (could be precomputed for each key) */
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
Skein_Start_New_Type(ctx,CFG_FINAL);
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER);
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(treeInfo); /* tree hash config info (or SKEIN_CFG_TREE_INFO_SEQUENTIAL) */
Skein_Show_Key(1024,&ctx->h,key,keyBytes);
/* compute the initial chaining values from config block */
Skein1024_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized */
/* Set up to process the data message portion of the hash (default) */
ctx->h.bCnt = 0; /* buffer b[] starts out empty */
Skein_Start_New_Type(ctx,MSG);
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process the input bytes */
int Skein1024_Update(Skein1024_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt)
{
size_t n;
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* process full blocks, if any */
if (msgByteCnt + ctx->h.bCnt > SKEIN1024_BLOCK_BYTES)
{
if (ctx->h.bCnt) /* finish up any buffered message data */
{
n = SKEIN1024_BLOCK_BYTES - ctx->h.bCnt; /* # bytes free in buffer b[] */
if (n)
{
Skein_assert(n < msgByteCnt); /* check on our logic here */
memcpy(&ctx->b[ctx->h.bCnt],msg,n);
msgByteCnt -= n;
msg += n;
ctx->h.bCnt += n;
}
Skein_assert(ctx->h.bCnt == SKEIN1024_BLOCK_BYTES);
Skein1024_Process_Block(ctx,ctx->b,1,SKEIN1024_BLOCK_BYTES);
ctx->h.bCnt = 0;
}
/* now process any remaining full blocks, directly from input message data */
if (msgByteCnt > SKEIN1024_BLOCK_BYTES)
{
n = (msgByteCnt-1) / SKEIN1024_BLOCK_BYTES; /* number of full blocks to process */
Skein1024_Process_Block(ctx,msg,n,SKEIN1024_BLOCK_BYTES);
msgByteCnt -= n * SKEIN1024_BLOCK_BYTES;
msg += n * SKEIN1024_BLOCK_BYTES;
}
Skein_assert(ctx->h.bCnt == 0);
}
/* copy any remaining source message data bytes into b[] */
if (msgByteCnt)
{
Skein_assert(msgByteCnt + ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES);
memcpy(&ctx->b[ctx->h.bCnt],msg,msgByteCnt);
ctx->h.bCnt += msgByteCnt;
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the result */
int Skein1024_Final(Skein1024_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN1024_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN1024_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN1024_BLOCK_BYTES - ctx->h.bCnt);
Skein1024_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN1024_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein1024_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN1024_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN1024_BLOCK_BYTES)
n = SKEIN1024_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN1024_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(1024,&ctx->h,n,hashVal+i*SKEIN1024_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein1024_API_CodeSize(void)
{
return ((u08b_t *) Skein1024_API_CodeSize) -
((u08b_t *) Skein1024_Init);
}
#endif
/**************** Functions to support MAC/tree hashing ***************/
/* (this code is identical for Optimized and Reference versions) */
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the block, no OUTPUT stage */
int Skein_256_Final_Pad(Skein_256_Ctxt_t *ctx, u08b_t *hashVal)
{
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_256_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_256_BLOCK_BYTES - ctx->h.bCnt);
Skein_256_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
Skein_Put64_LSB_First(hashVal,ctx->X,SKEIN_256_BLOCK_BYTES); /* "output" the state bytes */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the block, no OUTPUT stage */
int Skein_512_Final_Pad(Skein_512_Ctxt_t *ctx, u08b_t *hashVal)
{
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_512_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_512_BLOCK_BYTES - ctx->h.bCnt);
Skein_512_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
Skein_Put64_LSB_First(hashVal,ctx->X,SKEIN_512_BLOCK_BYTES); /* "output" the state bytes */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the block, no OUTPUT stage */
int Skein1024_Final_Pad(Skein1024_Ctxt_t *ctx, u08b_t *hashVal)
{
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN1024_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN1024_BLOCK_BYTES - ctx->h.bCnt);
Skein1024_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
Skein_Put64_LSB_First(hashVal,ctx->X,SKEIN1024_BLOCK_BYTES); /* "output" the state bytes */
return SKEIN_SUCCESS;
}
#if SKEIN_TREE_HASH
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* just do the OUTPUT stage */
int Skein_256_Output(Skein_256_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_256_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_256_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_256_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_256_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_256_BLOCK_BYTES)
n = SKEIN_256_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_256_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN_256_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* just do the OUTPUT stage */
int Skein_512_Output(Skein_512_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_512_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_512_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_512_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_512_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_512_BLOCK_BYTES)
n = SKEIN_512_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_512_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN_512_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* just do the OUTPUT stage */
int Skein1024_Output(Skein1024_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN1024_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN1024_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein1024_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN1024_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN1024_BLOCK_BYTES)
n = SKEIN1024_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN1024_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN1024_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#endif

327
Optimized_64bit/skein.h Normal file
View File

@ -0,0 +1,327 @@
#ifndef _SKEIN_H_
#define _SKEIN_H_ 1
/**************************************************************************
**
** Interface declarations and internal definitions for Skein hashing.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
***************************************************************************
**
** The following compile-time switches may be defined to control some
** tradeoffs between speed, code size, error checking, and security.
**
** The "default" note explains what happens when the switch is not defined.
**
** SKEIN_DEBUG -- make callouts from inside Skein code
** to examine/display intermediate values.
** [default: no callouts (no overhead)]
**
** SKEIN_ERR_CHECK -- how error checking is handled inside Skein
** code. If not defined, most error checking
** is disabled (for performance). Otherwise,
** the switch value is interpreted as:
** 0: use assert() to flag errors
** 1: return SKEIN_FAIL to flag errors
**
***************************************************************************/
#ifdef __cplusplus
extern "C"
{
#endif
#include <stddef.h> /* get size_t definition */
#include "skein_port.h" /* get platform-specific definitions */
enum
{
SKEIN_SUCCESS = 0, /* return codes from Skein calls */
SKEIN_FAIL = 1,
SKEIN_BAD_HASHLEN = 2
};
#define SKEIN_MODIFIER_WORDS ( 2) /* number of modifier (tweak) words */
#define SKEIN_256_STATE_WORDS ( 4)
#define SKEIN_512_STATE_WORDS ( 8)
#define SKEIN1024_STATE_WORDS (16)
#define SKEIN_MAX_STATE_WORDS (16)
#define SKEIN_256_STATE_BYTES ( 8*SKEIN_256_STATE_WORDS)
#define SKEIN_512_STATE_BYTES ( 8*SKEIN_512_STATE_WORDS)
#define SKEIN1024_STATE_BYTES ( 8*SKEIN1024_STATE_WORDS)
#define SKEIN_256_STATE_BITS (64*SKEIN_256_STATE_WORDS)
#define SKEIN_512_STATE_BITS (64*SKEIN_512_STATE_WORDS)
#define SKEIN1024_STATE_BITS (64*SKEIN1024_STATE_WORDS)
#define SKEIN_256_BLOCK_BYTES ( 8*SKEIN_256_STATE_WORDS)
#define SKEIN_512_BLOCK_BYTES ( 8*SKEIN_512_STATE_WORDS)
#define SKEIN1024_BLOCK_BYTES ( 8*SKEIN1024_STATE_WORDS)
typedef struct
{
size_t hashBitLen; /* size of hash result, in bits */
size_t bCnt; /* current byte count in buffer b[] */
u64b_t T[SKEIN_MODIFIER_WORDS]; /* tweak words: T[0]=byte cnt, T[1]=flags */
} Skein_Ctxt_Hdr_t;
typedef struct /* 256-bit Skein hash context structure */
{
Skein_Ctxt_Hdr_t h; /* common header context variables */
u64b_t X[SKEIN_256_STATE_WORDS]; /* chaining variables */
u08b_t b[SKEIN_256_BLOCK_BYTES]; /* partial block buffer (8-byte aligned) */
} Skein_256_Ctxt_t;
typedef struct /* 512-bit Skein hash context structure */
{
Skein_Ctxt_Hdr_t h; /* common header context variables */
u64b_t X[SKEIN_512_STATE_WORDS]; /* chaining variables */
u08b_t b[SKEIN_512_BLOCK_BYTES]; /* partial block buffer (8-byte aligned) */
} Skein_512_Ctxt_t;
typedef struct /* 1024-bit Skein hash context structure */
{
Skein_Ctxt_Hdr_t h; /* common header context variables */
u64b_t X[SKEIN1024_STATE_WORDS]; /* chaining variables */
u08b_t b[SKEIN1024_BLOCK_BYTES]; /* partial block buffer (8-byte aligned) */
} Skein1024_Ctxt_t;
/* Skein APIs for (incremental) "straight hashing" */
int Skein_256_Init (Skein_256_Ctxt_t *ctx, size_t hashBitLen);
int Skein_512_Init (Skein_512_Ctxt_t *ctx, size_t hashBitLen);
int Skein1024_Init (Skein1024_Ctxt_t *ctx, size_t hashBitLen);
int Skein_256_Update(Skein_256_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt);
int Skein_512_Update(Skein_512_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt);
int Skein1024_Update(Skein1024_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt);
int Skein_256_Final (Skein_256_Ctxt_t *ctx, u08b_t * hashVal);
int Skein_512_Final (Skein_512_Ctxt_t *ctx, u08b_t * hashVal);
int Skein1024_Final (Skein1024_Ctxt_t *ctx, u08b_t * hashVal);
/*
** Skein APIs for "extended" initialization: MAC keys, tree hashing.
** After an InitExt() call, just use Update/Final calls as with Init().
**
** Notes: Same parameters as _Init() calls, plus treeInfo/key/keyBytes.
** When keyBytes == 0 and treeInfo == SKEIN_SEQUENTIAL,
** the results of InitExt() are identical to calling Init().
** The function Init() may be called once to "precompute" the IV for
** a given hashBitLen value, then by saving a copy of the context
** the IV computation may be avoided in later calls.
** Similarly, the function InitExt() may be called once per MAC key
** to precompute the MAC IV, then a copy of the context saved and
** reused for each new MAC computation.
**/
int Skein_256_InitExt(Skein_256_Ctxt_t *ctx, size_t hashBitLen, u64b_t treeInfo, const u08b_t *key, size_t keyBytes);
int Skein_512_InitExt(Skein_512_Ctxt_t *ctx, size_t hashBitLen, u64b_t treeInfo, const u08b_t *key, size_t keyBytes);
int Skein1024_InitExt(Skein1024_Ctxt_t *ctx, size_t hashBitLen, u64b_t treeInfo, const u08b_t *key, size_t keyBytes);
/*
** Skein APIs for MAC and tree hash:
** Final_Pad: pad, do final block, but no OUTPUT type
** Output: do just the output stage
*/
int Skein_256_Final_Pad(Skein_256_Ctxt_t *ctx, u08b_t * hashVal);
int Skein_512_Final_Pad(Skein_512_Ctxt_t *ctx, u08b_t * hashVal);
int Skein1024_Final_Pad(Skein1024_Ctxt_t *ctx, u08b_t * hashVal);
#ifndef SKEIN_TREE_HASH
#define SKEIN_TREE_HASH (1)
#endif
#if SKEIN_TREE_HASH
int Skein_256_Output (Skein_256_Ctxt_t *ctx, u08b_t * hashVal);
int Skein_512_Output (Skein_512_Ctxt_t *ctx, u08b_t * hashVal);
int Skein1024_Output (Skein1024_Ctxt_t *ctx, u08b_t * hashVal);
#endif
/*****************************************************************
** "Internal" Skein definitions
** -- not needed for sequential hashing API, but will be
** helpful for other uses of Skein (e.g., tree hash mode).
** -- included here so that they can be shared between
** reference and optimized code.
******************************************************************/
/* tweak word T[1]: bit field starting positions */
#define SKEIN_T1_BIT(BIT) ((BIT) - 64) /* offset 64 because it's the second word */
#define SKEIN_T1_POS_TREE_LVL SKEIN_T1_BIT(112) /* bits 112..118: level in hash tree */
#define SKEIN_T1_POS_BIT_PAD SKEIN_T1_BIT(119) /* bit 119 : partial final input byte */
#define SKEIN_T1_POS_BLK_TYPE SKEIN_T1_BIT(120) /* bits 120..125: type field */
#define SKEIN_T1_POS_FIRST SKEIN_T1_BIT(126) /* bits 126 : first block flag */
#define SKEIN_T1_POS_FINAL SKEIN_T1_BIT(127) /* bit 127 : final block flag */
/* tweak word T[1]: flag bit definition(s) */
#define SKEIN_T1_FLAG_FIRST (((u64b_t) 1 ) << SKEIN_T1_POS_FIRST)
#define SKEIN_T1_FLAG_FINAL (((u64b_t) 1 ) << SKEIN_T1_POS_FINAL)
#define SKEIN_T1_FLAG_BIT_PAD (((u64b_t) 1 ) << SKEIN_T1_POS_BIT_PAD)
/* tweak word T[1]: tree level bit field mask */
#define SKEIN_T1_TREE_LVL_MASK (((u64b_t)0x7F) << SKEIN_T1_POS_TREE_LVL)
#define SKEIN_T1_TREE_LEVEL(n) (((u64b_t) (n)) << SKEIN_T1_POS_TREE_LVL)
/* tweak word T[1]: block type field */
#define SKEIN_BLK_TYPE_KEY ( 0) /* key, for MAC and KDF */
#define SKEIN_BLK_TYPE_CFG ( 4) /* configuration block */
#define SKEIN_BLK_TYPE_PERS ( 8) /* personalization string */
#define SKEIN_BLK_TYPE_PK (12) /* public key (for digital signature hashing) */
#define SKEIN_BLK_TYPE_KDF (16) /* key identifier for KDF */
#define SKEIN_BLK_TYPE_NONCE (20) /* nonce for PRNG */
#define SKEIN_BLK_TYPE_MSG (48) /* message processing */
#define SKEIN_BLK_TYPE_OUT (63) /* output stage */
#define SKEIN_BLK_TYPE_MASK (63) /* bit field mask */
#define SKEIN_T1_BLK_TYPE(T) (((u64b_t) (SKEIN_BLK_TYPE_##T)) << SKEIN_T1_POS_BLK_TYPE)
#define SKEIN_T1_BLK_TYPE_KEY SKEIN_T1_BLK_TYPE(KEY) /* key, for MAC and KDF */
#define SKEIN_T1_BLK_TYPE_CFG SKEIN_T1_BLK_TYPE(CFG) /* configuration block */
#define SKEIN_T1_BLK_TYPE_PERS SKEIN_T1_BLK_TYPE(PERS) /* personalization string */
#define SKEIN_T1_BLK_TYPE_PK SKEIN_T1_BLK_TYPE(PK) /* public key (for digital signature hashing) */
#define SKEIN_T1_BLK_TYPE_KDF SKEIN_T1_BLK_TYPE(KDF) /* key identifier for KDF */
#define SKEIN_T1_BLK_TYPE_NONCE SKEIN_T1_BLK_TYPE(NONCE)/* nonce for PRNG */
#define SKEIN_T1_BLK_TYPE_MSG SKEIN_T1_BLK_TYPE(MSG) /* message processing */
#define SKEIN_T1_BLK_TYPE_OUT SKEIN_T1_BLK_TYPE(OUT) /* output stage */
#define SKEIN_T1_BLK_TYPE_MASK SKEIN_T1_BLK_TYPE(MASK) /* field bit mask */
#define SKEIN_T1_BLK_TYPE_CFG_FINAL (SKEIN_T1_BLK_TYPE_CFG | SKEIN_T1_FLAG_FINAL)
#define SKEIN_T1_BLK_TYPE_OUT_FINAL (SKEIN_T1_BLK_TYPE_OUT | SKEIN_T1_FLAG_FINAL)
#define SKEIN_VERSION (1)
#ifndef SKEIN_ID_STRING_LE /* allow compile-time personalization */
#define SKEIN_ID_STRING_LE (0x33414853) /* "SHA3" (little-endian)*/
#endif
#define SKEIN_MK_64(hi32,lo32) ((lo32) + (((u64b_t) (hi32)) << 32))
#define SKEIN_SCHEMA_VER SKEIN_MK_64(SKEIN_VERSION,SKEIN_ID_STRING_LE)
#define SKEIN_KS_PARITY SKEIN_MK_64(0x1BD11BDA,0xA9FC1A22)
#define SKEIN_CFG_STR_LEN (4*8)
/* bit field definitions in config block treeInfo word */
#define SKEIN_CFG_TREE_LEAF_SIZE_POS ( 0)
#define SKEIN_CFG_TREE_NODE_SIZE_POS ( 8)
#define SKEIN_CFG_TREE_MAX_LEVEL_POS (16)
#define SKEIN_CFG_TREE_LEAF_SIZE_MSK (((u64b_t) 0xFF) << SKEIN_CFG_TREE_LEAF_SIZE_POS)
#define SKEIN_CFG_TREE_NODE_SIZE_MSK (((u64b_t) 0xFF) << SKEIN_CFG_TREE_NODE_SIZE_POS)
#define SKEIN_CFG_TREE_MAX_LEVEL_MSK (((u64b_t) 0xFF) << SKEIN_CFG_TREE_MAX_LEVEL_POS)
#define SKEIN_CFG_TREE_INFO(leaf,node,maxLvl) \
( (((u64b_t)(leaf )) << SKEIN_CFG_TREE_LEAF_SIZE_POS) | \
(((u64b_t)(node )) << SKEIN_CFG_TREE_NODE_SIZE_POS) | \
(((u64b_t)(maxLvl)) << SKEIN_CFG_TREE_MAX_LEVEL_POS) )
#define SKEIN_CFG_TREE_INFO_SEQUENTIAL SKEIN_CFG_TREE_INFO(0,0,0) /* use as treeInfo in InitExt() call for sequential processing */
/*
** Skein macros for getting/setting tweak words, etc.
** These are useful for partial input bytes, hash tree init/update, etc.
**/
#define Skein_Get_Tweak(ctxPtr,TWK_NUM) ((ctxPtr)->h.T[TWK_NUM])
#define Skein_Set_Tweak(ctxPtr,TWK_NUM,tVal) {(ctxPtr)->h.T[TWK_NUM] = (tVal);}
#define Skein_Get_T0(ctxPtr) Skein_Get_Tweak(ctxPtr,0)
#define Skein_Get_T1(ctxPtr) Skein_Get_Tweak(ctxPtr,1)
#define Skein_Set_T0(ctxPtr,T0) Skein_Set_Tweak(ctxPtr,0,T0)
#define Skein_Set_T1(ctxPtr,T1) Skein_Set_Tweak(ctxPtr,1,T1)
/* set both tweak words at once */
#define Skein_Set_T0_T1(ctxPtr,T0,T1) \
{ \
Skein_Set_T0(ctxPtr,(T0)); \
Skein_Set_T1(ctxPtr,(T1)); \
}
#define Skein_Set_Type(ctxPtr,BLK_TYPE) \
Skein_Set_T1(ctxPtr,SKEIN_T1_BLK_TYPE_##BLK_TYPE)
/* set up for starting with a new type: h.T[0]=0; h.T[1] = NEW_TYPE; h.bCnt=0; */
#define Skein_Start_New_Type(ctxPtr,BLK_TYPE) \
{ Skein_Set_T0_T1(ctxPtr,0,SKEIN_T1_FLAG_FIRST | SKEIN_T1_BLK_TYPE_##BLK_TYPE); (ctxPtr)->h.bCnt=0; }
#define Skein_Clear_First_Flag(hdr) { (hdr).T[1] &= ~SKEIN_T1_FLAG_FIRST; }
#define Skein_Set_Bit_Pad_Flag(hdr) { (hdr).T[1] |= SKEIN_T1_FLAG_BIT_PAD; }
#define Skein_Set_Tree_Level(hdr,height) { (hdr).T[1] |= SKEIN_T1_TREE_LEVEL(height);}
/*****************************************************************
** "Internal" Skein definitions for debugging and error checking
******************************************************************/
#ifdef SKEIN_DEBUG /* examine/display intermediate values? */
#include "skein_debug.h"
#else /* default is no callouts */
#define Skein_Show_Block(bits,ctx,X,blkPtr,wPtr,ksEvenPtr,ksOddPtr)
#define Skein_Show_Round(bits,ctx,r,X)
#define Skein_Show_R_Ptr(bits,ctx,r,X_ptr)
#define Skein_Show_Final(bits,ctx,cnt,outPtr)
#define Skein_Show_Key(bits,ctx,key,keyBytes)
#endif
#ifndef SKEIN_ERR_CHECK /* run-time checks (e.g., bad params, uninitialized context)? */
#define Skein_Assert(x,retCode)/* default: ignore all Asserts, for performance */
#define Skein_assert(x)
#elif defined(SKEIN_ASSERT)
#include <assert.h>
#define Skein_Assert(x,retCode) assert(x)
#define Skein_assert(x) assert(x)
#else
#include <assert.h>
#define Skein_Assert(x,retCode) { if (!(x)) return retCode; } /* caller error */
#define Skein_assert(x) assert(x) /* internal error */
#endif
/*****************************************************************
** Skein block function constants (shared across Ref and Opt code)
******************************************************************/
enum
{
/* Skein_256 round rotation constants */
R_256_0_0=14, R_256_0_1=16,
R_256_1_0=52, R_256_1_1=57,
R_256_2_0=23, R_256_2_1=40,
R_256_3_0= 5, R_256_3_1=37,
R_256_4_0=25, R_256_4_1=33,
R_256_5_0=46, R_256_5_1=12,
R_256_6_0=58, R_256_6_1=22,
R_256_7_0=32, R_256_7_1=32,
/* Skein_512 round rotation constants */
R_512_0_0=46, R_512_0_1=36, R_512_0_2=19, R_512_0_3=37,
R_512_1_0=33, R_512_1_1=27, R_512_1_2=14, R_512_1_3=42,
R_512_2_0=17, R_512_2_1=49, R_512_2_2=36, R_512_2_3=39,
R_512_3_0=44, R_512_3_1= 9, R_512_3_2=54, R_512_3_3=56,
R_512_4_0=39, R_512_4_1=30, R_512_4_2=34, R_512_4_3=24,
R_512_5_0=13, R_512_5_1=50, R_512_5_2=10, R_512_5_3=17,
R_512_6_0=25, R_512_6_1=29, R_512_6_2=39, R_512_6_3=43,
R_512_7_0= 8, R_512_7_1=35, R_512_7_2=56, R_512_7_3=22,
/* Skein1024 round rotation constants */
R1024_0_0=24, R1024_0_1=13, R1024_0_2= 8, R1024_0_3=47, R1024_0_4= 8, R1024_0_5=17, R1024_0_6=22, R1024_0_7=37,
R1024_1_0=38, R1024_1_1=19, R1024_1_2=10, R1024_1_3=55, R1024_1_4=49, R1024_1_5=18, R1024_1_6=23, R1024_1_7=52,
R1024_2_0=33, R1024_2_1= 4, R1024_2_2=51, R1024_2_3=13, R1024_2_4=34, R1024_2_5=41, R1024_2_6=59, R1024_2_7=17,
R1024_3_0= 5, R1024_3_1=20, R1024_3_2=48, R1024_3_3=41, R1024_3_4=47, R1024_3_5=28, R1024_3_6=16, R1024_3_7=25,
R1024_4_0=41, R1024_4_1= 9, R1024_4_2=37, R1024_4_3=31, R1024_4_4=12, R1024_4_5=47, R1024_4_6=44, R1024_4_7=30,
R1024_5_0=16, R1024_5_1=34, R1024_5_2=56, R1024_5_3=51, R1024_5_4= 4, R1024_5_5=53, R1024_5_6=42, R1024_5_7=41,
R1024_6_0=31, R1024_6_1=44, R1024_6_2=47, R1024_6_3=46, R1024_6_4=19, R1024_6_5=42, R1024_6_6=44, R1024_6_7=25,
R1024_7_0= 9, R1024_7_1=48, R1024_7_2=35, R1024_7_3=52, R1024_7_4=23, R1024_7_5=31, R1024_7_6=37, R1024_7_7=20
};
#ifndef SKEIN_ROUNDS
#define SKEIN_256_ROUNDS_TOTAL (72) /* number of rounds for the different block sizes */
#define SKEIN_512_ROUNDS_TOTAL (72)
#define SKEIN1024_ROUNDS_TOTAL (80)
#else /* allow command-line define in range 8*(5..14) */
#define SKEIN_256_ROUNDS_TOTAL (8*((((SKEIN_ROUNDS/100) + 5) % 10) + 5))
#define SKEIN_512_ROUNDS_TOTAL (8*((((SKEIN_ROUNDS/ 10) + 5) % 10) + 5))
#define SKEIN1024_ROUNDS_TOTAL (8*((((SKEIN_ROUNDS ) + 5) % 10) + 5))
#endif
#ifdef __cplusplus
}
#endif
#endif /* ifndef _SKEIN_H_ */

689
Optimized_64bit/skein_block.c Normal file
View File

@ -0,0 +1,689 @@
/***********************************************************************
**
** Implementation of the Skein block functions.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
** Compile-time switches:
**
** SKEIN_USE_ASM -- set bits (256/512/1024) to select which
** versions use ASM code for block processing
** [default: use C for all block sizes]
**
************************************************************************/
#include <string.h>
#include "skein.h"
#ifndef SKEIN_USE_ASM
#define SKEIN_USE_ASM (0) /* default is all C code (no ASM) */
#endif
#ifndef SKEIN_LOOP
#define SKEIN_LOOP 001 /* default: unroll 256 and 512, but not 1024 */
#endif
#define BLK_BITS (WCNT*64) /* some useful definitions for code here */
#define KW_TWK_BASE (0)
#define KW_KEY_BASE (3)
#define ks (kw + KW_KEY_BASE)
#define ts (kw + KW_TWK_BASE)
#ifdef SKEIN_DEBUG
#define DebugSaveTweak(ctx) { ctx->h.T[0] = ts[0]; ctx->h.T[1] = ts[1]; }
#else
#define DebugSaveTweak(ctx)
#endif
/***************************** Skein_256 ******************************/
#if !(SKEIN_USE_ASM & 256)
void Skein_256_Process_Block(Skein_256_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd)
{ /* do it in C */
enum
{
WCNT = SKEIN_256_STATE_WORDS
};
#undef RCNT
#define RCNT (SKEIN_256_ROUNDS_TOTAL/8)
#ifdef SKEIN_LOOP /* configure how much to unroll the loop */
#define SKEIN_UNROLL_256 (((SKEIN_LOOP)/100)%10)
#else
#define SKEIN_UNROLL_256 (0)
#endif
#if SKEIN_UNROLL_256
#if (RCNT % SKEIN_UNROLL_256)
#error "Invalid SKEIN_UNROLL_256" /* sanity check on unroll count */
#endif
size_t r;
u64b_t kw[WCNT+4+RCNT*2]; /* key schedule words : chaining vars + tweak + "rotation"*/
#else
u64b_t kw[WCNT+4]; /* key schedule words : chaining vars + tweak */
#endif
u64b_t X0,X1,X2,X3; /* local copy of context vars, for speed */
u64b_t w [WCNT]; /* local copy of input block */
#ifdef SKEIN_DEBUG
const u64b_t *Xptr[4]; /* use for debugging (help compiler put Xn in registers) */
Xptr[0] = &X0; Xptr[1] = &X1; Xptr[2] = &X2; Xptr[3] = &X3;
#endif
Skein_assert(blkCnt != 0); /* never call with blkCnt == 0! */
ts[0] = ctx->h.T[0];
ts[1] = ctx->h.T[1];
do {
/* this implementation only supports 2**64 input bytes (no carry out here) */
ts[0] += byteCntAdd; /* update processed length */
/* precompute the key schedule for this block */
ks[0] = ctx->X[0];
ks[1] = ctx->X[1];
ks[2] = ctx->X[2];
ks[3] = ctx->X[3];
ks[4] = ks[0] ^ ks[1] ^ ks[2] ^ ks[3] ^ SKEIN_KS_PARITY;
ts[2] = ts[0] ^ ts[1];
Skein_Get64_LSB_First(w,blkPtr,WCNT); /* get input block in little-endian format */
DebugSaveTweak(ctx);
Skein_Show_Block(BLK_BITS,&ctx->h,ctx->X,blkPtr,w,ks,ts);
X0 = w[0] + ks[0]; /* do the first full key injection */
X1 = w[1] + ks[1] + ts[0];
X2 = w[2] + ks[2] + ts[1];
X3 = w[3] + ks[3];
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INITIAL,Xptr); /* show starting state values */
blkPtr += SKEIN_256_BLOCK_BYTES;
/* run the rounds */
#define Round256(p0,p1,p2,p3,ROT,rNum) \
X##p0 += X##p1; X##p1 = RotL_64(X##p1,ROT##_0); X##p1 ^= X##p0; \
X##p2 += X##p3; X##p3 = RotL_64(X##p3,ROT##_1); X##p3 ^= X##p2; \
#if SKEIN_UNROLL_256 == 0
#define R256(p0,p1,p2,p3,ROT,rNum) /* fully unrolled */ \
Round256(p0,p1,p2,p3,ROT,rNum) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,rNum,Xptr);
#define I256(R) \
X0 += ks[((R)+1) % 5]; /* inject the key schedule value */ \
X1 += ks[((R)+2) % 5] + ts[((R)+1) % 3]; \
X2 += ks[((R)+3) % 5] + ts[((R)+2) % 3]; \
X3 += ks[((R)+4) % 5] + (R)+1; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
#else /* looping version */
#define R256(p0,p1,p2,p3,ROT,rNum) \
Round256(p0,p1,p2,p3,ROT,rNum) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,4*(r-1)+rNum,Xptr);
#define I256(R) \
X0 += ks[r+(R)+0]; /* inject the key schedule value */ \
X1 += ks[r+(R)+1] + ts[r+(R)+0]; \
X2 += ks[r+(R)+2] + ts[r+(R)+1]; \
X3 += ks[r+(R)+3] + r+(R) ; \
ks[r + (R)+4 ] = ks[r+(R)-1]; /* rotate key schedule */\
ts[r + (R)+2 ] = ts[r+(R)-1]; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
for (r=1;r < 2*RCNT;r+=2*SKEIN_UNROLL_256) /* loop thru it */
#endif
{
#define R256_8_rounds(R) \
R256(0,1,2,3,R_256_0,8*(R) + 1); \
R256(0,3,2,1,R_256_1,8*(R) + 2); \
R256(0,1,2,3,R_256_2,8*(R) + 3); \
R256(0,3,2,1,R_256_3,8*(R) + 4); \
I256(2*(R)); \
R256(0,1,2,3,R_256_4,8*(R) + 5); \
R256(0,3,2,1,R_256_5,8*(R) + 6); \
R256(0,1,2,3,R_256_6,8*(R) + 7); \
R256(0,3,2,1,R_256_7,8*(R) + 8); \
I256(2*(R)+1);
R256_8_rounds( 0);
#define R256_Unroll_R(NN) ((SKEIN_UNROLL_256 == 0 && SKEIN_256_ROUNDS_TOTAL/8 > (NN)) || (SKEIN_UNROLL_256 > (NN)))
#if R256_Unroll_R( 1)
R256_8_rounds( 1);
#endif
#if R256_Unroll_R( 2)
R256_8_rounds( 2);
#endif
#if R256_Unroll_R( 3)
R256_8_rounds( 3);
#endif
#if R256_Unroll_R( 4)
R256_8_rounds( 4);
#endif
#if R256_Unroll_R( 5)
R256_8_rounds( 5);
#endif
#if R256_Unroll_R( 6)
R256_8_rounds( 6);
#endif
#if R256_Unroll_R( 7)
R256_8_rounds( 7);
#endif
#if R256_Unroll_R( 8)
R256_8_rounds( 8);
#endif
#if R256_Unroll_R( 9)
R256_8_rounds( 9);
#endif
#if R256_Unroll_R(10)
R256_8_rounds(10);
#endif
#if R256_Unroll_R(11)
R256_8_rounds(11);
#endif
#if R256_Unroll_R(12)
R256_8_rounds(12);
#endif
#if R256_Unroll_R(13)
R256_8_rounds(13);
#endif
#if R256_Unroll_R(14)
R256_8_rounds(14);
#endif
#if (SKEIN_UNROLL_256 > 14)
#error "need more unrolling in Skein_256_Process_Block"
#endif
}
/* do the final "feedforward" xor, update context chaining vars */
ctx->X[0] = X0 ^ w[0];
ctx->X[1] = X1 ^ w[1];
ctx->X[2] = X2 ^ w[2];
ctx->X[3] = X3 ^ w[3];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_FEED_FWD,ctx->X);
ts[1] &= ~SKEIN_T1_FLAG_FIRST;
}
while (--blkCnt);
ctx->h.T[0] = ts[0];
ctx->h.T[1] = ts[1];
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_256_Process_Block_CodeSize(void)
{
return ((u08b_t *) Skein_256_Process_Block_CodeSize) -
((u08b_t *) Skein_256_Process_Block);
}
uint_t Skein_256_Unroll_Cnt(void)
{
return SKEIN_UNROLL_256;
}
#endif
#endif
/***************************** Skein_512 ******************************/
#if !(SKEIN_USE_ASM & 512)
void Skein_512_Process_Block(Skein_512_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd)
{ /* do it in C */
enum
{
WCNT = SKEIN_512_STATE_WORDS
};
#undef RCNT
#define RCNT (SKEIN_512_ROUNDS_TOTAL/8)
#ifdef SKEIN_LOOP /* configure how much to unroll the loop */
#define SKEIN_UNROLL_512 (((SKEIN_LOOP)/10)%10)
#else
#define SKEIN_UNROLL_512 (0)
#endif
#if SKEIN_UNROLL_512
#if (RCNT % SKEIN_UNROLL_512)
#error "Invalid SKEIN_UNROLL_512" /* sanity check on unroll count */
#endif
size_t r;
u64b_t kw[WCNT+4+RCNT*2]; /* key schedule words : chaining vars + tweak + "rotation"*/
#else
u64b_t kw[WCNT+4]; /* key schedule words : chaining vars + tweak */
#endif
u64b_t X0,X1,X2,X3,X4,X5,X6,X7; /* local copy of vars, for speed */
u64b_t w [WCNT]; /* local copy of input block */
#ifdef SKEIN_DEBUG
const u64b_t *Xptr[8]; /* use for debugging (help compiler put Xn in registers) */
Xptr[0] = &X0; Xptr[1] = &X1; Xptr[2] = &X2; Xptr[3] = &X3;
Xptr[4] = &X4; Xptr[5] = &X5; Xptr[6] = &X6; Xptr[7] = &X7;
#endif
Skein_assert(blkCnt != 0); /* never call with blkCnt == 0! */
ts[0] = ctx->h.T[0];
ts[1] = ctx->h.T[1];
do {
/* this implementation only supports 2**64 input bytes (no carry out here) */
ts[0] += byteCntAdd; /* update processed length */
/* precompute the key schedule for this block */
ks[0] = ctx->X[0];
ks[1] = ctx->X[1];
ks[2] = ctx->X[2];
ks[3] = ctx->X[3];
ks[4] = ctx->X[4];
ks[5] = ctx->X[5];
ks[6] = ctx->X[6];
ks[7] = ctx->X[7];
ks[8] = ks[0] ^ ks[1] ^ ks[2] ^ ks[3] ^
ks[4] ^ ks[5] ^ ks[6] ^ ks[7] ^ SKEIN_KS_PARITY;
ts[2] = ts[0] ^ ts[1];
Skein_Get64_LSB_First(w,blkPtr,WCNT); /* get input block in little-endian format */
DebugSaveTweak(ctx);
Skein_Show_Block(BLK_BITS,&ctx->h,ctx->X,blkPtr,w,ks,ts);
X0 = w[0] + ks[0]; /* do the first full key injection */
X1 = w[1] + ks[1];
X2 = w[2] + ks[2];
X3 = w[3] + ks[3];
X4 = w[4] + ks[4];
X5 = w[5] + ks[5] + ts[0];
X6 = w[6] + ks[6] + ts[1];
X7 = w[7] + ks[7];
blkPtr += SKEIN_512_BLOCK_BYTES;
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INITIAL,Xptr);
/* run the rounds */
#define Round512(p0,p1,p2,p3,p4,p5,p6,p7,ROT,rNum) \
X##p0 += X##p1; X##p1 = RotL_64(X##p1,ROT##_0); X##p1 ^= X##p0; \
X##p2 += X##p3; X##p3 = RotL_64(X##p3,ROT##_1); X##p3 ^= X##p2; \
X##p4 += X##p5; X##p5 = RotL_64(X##p5,ROT##_2); X##p5 ^= X##p4; \
X##p6 += X##p7; X##p7 = RotL_64(X##p7,ROT##_3); X##p7 ^= X##p6; \
#if SKEIN_UNROLL_512 == 0
#define R512(p0,p1,p2,p3,p4,p5,p6,p7,ROT,rNum) /* unrolled */ \
Round512(p0,p1,p2,p3,p4,p5,p6,p7,ROT,rNum) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,rNum,Xptr);
#define I512(R) \
X0 += ks[((R)+1) % 9]; /* inject the key schedule value */ \
X1 += ks[((R)+2) % 9]; \
X2 += ks[((R)+3) % 9]; \
X3 += ks[((R)+4) % 9]; \
X4 += ks[((R)+5) % 9]; \
X5 += ks[((R)+6) % 9] + ts[((R)+1) % 3]; \
X6 += ks[((R)+7) % 9] + ts[((R)+2) % 3]; \
X7 += ks[((R)+8) % 9] + (R)+1; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
#else /* looping version */
#define R512(p0,p1,p2,p3,p4,p5,p6,p7,ROT,rNum) \
Round512(p0,p1,p2,p3,p4,p5,p6,p7,ROT,rNum) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,4*(r-1)+rNum,Xptr);
#define I512(R) \
X0 += ks[r+(R)+0]; /* inject the key schedule value */ \
X1 += ks[r+(R)+1]; \
X2 += ks[r+(R)+2]; \
X3 += ks[r+(R)+3]; \
X4 += ks[r+(R)+4]; \
X5 += ks[r+(R)+5] + ts[r+(R)+0]; \
X6 += ks[r+(R)+6] + ts[r+(R)+1]; \
X7 += ks[r+(R)+7] + r+(R) ; \
ks[r + (R)+8] = ks[r+(R)-1]; /* rotate key schedule */ \
ts[r + (R)+2] = ts[r+(R)-1]; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
for (r=1;r < 2*RCNT;r+=2*SKEIN_UNROLL_512) /* loop thru it */
#endif /* end of looped code definitions */
{
#define R512_8_rounds(R) /* do 8 full rounds */ \
R512(0,1,2,3,4,5,6,7,R_512_0,8*(R)+ 1); \
R512(2,1,4,7,6,5,0,3,R_512_1,8*(R)+ 2); \
R512(4,1,6,3,0,5,2,7,R_512_2,8*(R)+ 3); \
R512(6,1,0,7,2,5,4,3,R_512_3,8*(R)+ 4); \
I512(2*(R)); \
R512(0,1,2,3,4,5,6,7,R_512_4,8*(R)+ 5); \
R512(2,1,4,7,6,5,0,3,R_512_5,8*(R)+ 6); \
R512(4,1,6,3,0,5,2,7,R_512_6,8*(R)+ 7); \
R512(6,1,0,7,2,5,4,3,R_512_7,8*(R)+ 8); \
I512(2*(R)+1); /* and key injection */
R512_8_rounds( 0);
#define R512_Unroll_R(NN) ((SKEIN_UNROLL_512 == 0 && SKEIN_512_ROUNDS_TOTAL/8 > (NN)) || (SKEIN_UNROLL_512 > (NN)))
#if R512_Unroll_R( 1)
R512_8_rounds( 1);
#endif
#if R512_Unroll_R( 2)
R512_8_rounds( 2);
#endif
#if R512_Unroll_R( 3)
R512_8_rounds( 3);
#endif
#if R512_Unroll_R( 4)
R512_8_rounds( 4);
#endif
#if R512_Unroll_R( 5)
R512_8_rounds( 5);
#endif
#if R512_Unroll_R( 6)
R512_8_rounds( 6);
#endif
#if R512_Unroll_R( 7)
R512_8_rounds( 7);
#endif
#if R512_Unroll_R( 8)
R512_8_rounds( 8);
#endif
#if R512_Unroll_R( 9)
R512_8_rounds( 9);
#endif
#if R512_Unroll_R(10)
R512_8_rounds(10);
#endif
#if R512_Unroll_R(11)
R512_8_rounds(11);
#endif
#if R512_Unroll_R(12)
R512_8_rounds(12);
#endif
#if R512_Unroll_R(13)
R512_8_rounds(13);
#endif
#if R512_Unroll_R(14)
R512_8_rounds(14);
#endif
#if (SKEIN_UNROLL_512 > 14)
#error "need more unrolling in Skein_512_Process_Block"
#endif
}
/* do the final "feedforward" xor, update context chaining vars */
ctx->X[0] = X0 ^ w[0];
ctx->X[1] = X1 ^ w[1];
ctx->X[2] = X2 ^ w[2];
ctx->X[3] = X3 ^ w[3];
ctx->X[4] = X4 ^ w[4];
ctx->X[5] = X5 ^ w[5];
ctx->X[6] = X6 ^ w[6];
ctx->X[7] = X7 ^ w[7];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_FEED_FWD,ctx->X);
ts[1] &= ~SKEIN_T1_FLAG_FIRST;
}
while (--blkCnt);
ctx->h.T[0] = ts[0];
ctx->h.T[1] = ts[1];
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_512_Process_Block_CodeSize(void)
{
return ((u08b_t *) Skein_512_Process_Block_CodeSize) -
((u08b_t *) Skein_512_Process_Block);
}
uint_t Skein_512_Unroll_Cnt(void)
{
return SKEIN_UNROLL_512;
}
#endif
#endif
/***************************** Skein1024 ******************************/
#if !(SKEIN_USE_ASM & 1024)
void Skein1024_Process_Block(Skein1024_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd)
{ /* do it in C, always looping (unrolled is bigger AND slower!) */
enum
{
WCNT = SKEIN1024_STATE_WORDS
};
#undef RCNT
#define RCNT (SKEIN1024_ROUNDS_TOTAL/8)
#ifdef SKEIN_LOOP /* configure how much to unroll the loop */
#define SKEIN_UNROLL_1024 ((SKEIN_LOOP)%10)
#else
#define SKEIN_UNROLL_1024 (0)
#endif
#if (SKEIN_UNROLL_1024 != 0)
#if (RCNT % SKEIN_UNROLL_1024)
#error "Invalid SKEIN_UNROLL_1024" /* sanity check on unroll count */
#endif
size_t r;
u64b_t kw[WCNT+4+RCNT*2]; /* key schedule words : chaining vars + tweak + "rotation"*/
#else
u64b_t kw[WCNT+4]; /* key schedule words : chaining vars + tweak */
#endif
u64b_t X00,X01,X02,X03,X04,X05,X06,X07, /* local copy of vars, for speed */
X08,X09,X10,X11,X12,X13,X14,X15;
u64b_t w [WCNT]; /* local copy of input block */
#ifdef SKEIN_DEBUG
const u64b_t *Xptr[16]; /* use for debugging (help compiler put Xn in registers) */
Xptr[ 0] = &X00; Xptr[ 1] = &X01; Xptr[ 2] = &X02; Xptr[ 3] = &X03;
Xptr[ 4] = &X04; Xptr[ 5] = &X05; Xptr[ 6] = &X06; Xptr[ 7] = &X07;
Xptr[ 8] = &X08; Xptr[ 9] = &X09; Xptr[10] = &X10; Xptr[11] = &X11;
Xptr[12] = &X12; Xptr[13] = &X13; Xptr[14] = &X14; Xptr[15] = &X15;
#endif
Skein_assert(blkCnt != 0); /* never call with blkCnt == 0! */
ts[0] = ctx->h.T[0];
ts[1] = ctx->h.T[1];
do {
/* this implementation only supports 2**64 input bytes (no carry out here) */
ts[0] += byteCntAdd; /* update processed length */
/* precompute the key schedule for this block */
ks[ 0] = ctx->X[ 0];
ks[ 1] = ctx->X[ 1];
ks[ 2] = ctx->X[ 2];
ks[ 3] = ctx->X[ 3];
ks[ 4] = ctx->X[ 4];
ks[ 5] = ctx->X[ 5];
ks[ 6] = ctx->X[ 6];
ks[ 7] = ctx->X[ 7];
ks[ 8] = ctx->X[ 8];
ks[ 9] = ctx->X[ 9];
ks[10] = ctx->X[10];
ks[11] = ctx->X[11];
ks[12] = ctx->X[12];
ks[13] = ctx->X[13];
ks[14] = ctx->X[14];
ks[15] = ctx->X[15];
ks[16] = ks[ 0] ^ ks[ 1] ^ ks[ 2] ^ ks[ 3] ^
ks[ 4] ^ ks[ 5] ^ ks[ 6] ^ ks[ 7] ^
ks[ 8] ^ ks[ 9] ^ ks[10] ^ ks[11] ^
ks[12] ^ ks[13] ^ ks[14] ^ ks[15] ^ SKEIN_KS_PARITY;
ts[2] = ts[0] ^ ts[1];
Skein_Get64_LSB_First(w,blkPtr,WCNT); /* get input block in little-endian format */
DebugSaveTweak(ctx);
Skein_Show_Block(BLK_BITS,&ctx->h,ctx->X,blkPtr,w,ks,ts);
X00 = w[ 0] + ks[ 0]; /* do the first full key injection */
X01 = w[ 1] + ks[ 1];
X02 = w[ 2] + ks[ 2];
X03 = w[ 3] + ks[ 3];
X04 = w[ 4] + ks[ 4];
X05 = w[ 5] + ks[ 5];
X06 = w[ 6] + ks[ 6];
X07 = w[ 7] + ks[ 7];
X08 = w[ 8] + ks[ 8];
X09 = w[ 9] + ks[ 9];
X10 = w[10] + ks[10];
X11 = w[11] + ks[11];
X12 = w[12] + ks[12];
X13 = w[13] + ks[13] + ts[0];
X14 = w[14] + ks[14] + ts[1];
X15 = w[15] + ks[15];
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INITIAL,Xptr);
#define Round1024(p0,p1,p2,p3,p4,p5,p6,p7,p8,p9,pA,pB,pC,pD,pE,pF,ROT,rNum) \
X##p0 += X##p1; X##p1 = RotL_64(X##p1,ROT##_0); X##p1 ^= X##p0; \
X##p2 += X##p3; X##p3 = RotL_64(X##p3,ROT##_1); X##p3 ^= X##p2; \
X##p4 += X##p5; X##p5 = RotL_64(X##p5,ROT##_2); X##p5 ^= X##p4; \
X##p6 += X##p7; X##p7 = RotL_64(X##p7,ROT##_3); X##p7 ^= X##p6; \
X##p8 += X##p9; X##p9 = RotL_64(X##p9,ROT##_4); X##p9 ^= X##p8; \
X##pA += X##pB; X##pB = RotL_64(X##pB,ROT##_5); X##pB ^= X##pA; \
X##pC += X##pD; X##pD = RotL_64(X##pD,ROT##_6); X##pD ^= X##pC; \
X##pE += X##pF; X##pF = RotL_64(X##pF,ROT##_7); X##pF ^= X##pE; \
#if SKEIN_UNROLL_1024 == 0
#define R1024(p0,p1,p2,p3,p4,p5,p6,p7,p8,p9,pA,pB,pC,pD,pE,pF,ROT,rn) \
Round1024(p0,p1,p2,p3,p4,p5,p6,p7,p8,p9,pA,pB,pC,pD,pE,pF,ROT,rn) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,rn,Xptr);
#define I1024(R) \
X00 += ks[((R)+ 1) % 17]; /* inject the key schedule value */ \
X01 += ks[((R)+ 2) % 17]; \
X02 += ks[((R)+ 3) % 17]; \
X03 += ks[((R)+ 4) % 17]; \
X04 += ks[((R)+ 5) % 17]; \
X05 += ks[((R)+ 6) % 17]; \
X06 += ks[((R)+ 7) % 17]; \
X07 += ks[((R)+ 8) % 17]; \
X08 += ks[((R)+ 9) % 17]; \
X09 += ks[((R)+10) % 17]; \
X10 += ks[((R)+11) % 17]; \
X11 += ks[((R)+12) % 17]; \
X12 += ks[((R)+13) % 17]; \
X13 += ks[((R)+14) % 17] + ts[((R)+1) % 3]; \
X14 += ks[((R)+15) % 17] + ts[((R)+2) % 3]; \
X15 += ks[((R)+16) % 17] + (R)+1; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
#else /* looping version */
#define R1024(p0,p1,p2,p3,p4,p5,p6,p7,p8,p9,pA,pB,pC,pD,pE,pF,ROT,rn) \
Round1024(p0,p1,p2,p3,p4,p5,p6,p7,p8,p9,pA,pB,pC,pD,pE,pF,ROT,rn) \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,4*(r-1)+rn,Xptr);
#define I1024(R) \
X00 += ks[r+(R)+ 0]; /* inject the key schedule value */ \
X01 += ks[r+(R)+ 1]; \
X02 += ks[r+(R)+ 2]; \
X03 += ks[r+(R)+ 3]; \
X04 += ks[r+(R)+ 4]; \
X05 += ks[r+(R)+ 5]; \
X06 += ks[r+(R)+ 6]; \
X07 += ks[r+(R)+ 7]; \
X08 += ks[r+(R)+ 8]; \
X09 += ks[r+(R)+ 9]; \
X10 += ks[r+(R)+10]; \
X11 += ks[r+(R)+11]; \
X12 += ks[r+(R)+12]; \
X13 += ks[r+(R)+13] + ts[r+(R)+0]; \
X14 += ks[r+(R)+14] + ts[r+(R)+1]; \
X15 += ks[r+(R)+15] + r+(R) ; \
ks[r + (R)+16] = ks[r+(R)-1]; /* rotate key schedule */ \
ts[r + (R)+ 2] = ts[r+(R)-1]; \
Skein_Show_R_Ptr(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,Xptr);
for (r=1;r <= 2*RCNT;r+=2*SKEIN_UNROLL_1024) /* loop thru it */
#endif
{
#define R1024_8_rounds(R) /* do 8 full rounds */ \
R1024(00,01,02,03,04,05,06,07,08,09,10,11,12,13,14,15,R1024_0,8*(R) + 1); \
R1024(00,09,02,13,06,11,04,15,10,07,12,03,14,05,08,01,R1024_1,8*(R) + 2); \
R1024(00,07,02,05,04,03,06,01,12,15,14,13,08,11,10,09,R1024_2,8*(R) + 3); \
R1024(00,15,02,11,06,13,04,09,14,01,08,05,10,03,12,07,R1024_3,8*(R) + 4); \
I1024(2*(R)); \
R1024(00,01,02,03,04,05,06,07,08,09,10,11,12,13,14,15,R1024_4,8*(R) + 5); \
R1024(00,09,02,13,06,11,04,15,10,07,12,03,14,05,08,01,R1024_5,8*(R) + 6); \
R1024(00,07,02,05,04,03,06,01,12,15,14,13,08,11,10,09,R1024_6,8*(R) + 7); \
R1024(00,15,02,11,06,13,04,09,14,01,08,05,10,03,12,07,R1024_7,8*(R) + 8); \
I1024(2*(R)+1);
R1024_8_rounds( 0);
#define R1024_Unroll_R(NN) ((SKEIN_UNROLL_1024 == 0 && SKEIN1024_ROUNDS_TOTAL/8 > (NN)) || (SKEIN_UNROLL_1024 > (NN)))
#if R1024_Unroll_R( 1)
R1024_8_rounds( 1);
#endif
#if R1024_Unroll_R( 2)
R1024_8_rounds( 2);
#endif
#if R1024_Unroll_R( 3)
R1024_8_rounds( 3);
#endif
#if R1024_Unroll_R( 4)
R1024_8_rounds( 4);
#endif
#if R1024_Unroll_R( 5)
R1024_8_rounds( 5);
#endif
#if R1024_Unroll_R( 6)
R1024_8_rounds( 6);
#endif
#if R1024_Unroll_R( 7)
R1024_8_rounds( 7);
#endif
#if R1024_Unroll_R( 8)
R1024_8_rounds( 8);
#endif
#if R1024_Unroll_R( 9)
R1024_8_rounds( 9);
#endif
#if R1024_Unroll_R(10)
R1024_8_rounds(10);
#endif
#if R1024_Unroll_R(11)
R1024_8_rounds(11);
#endif
#if R1024_Unroll_R(12)
R1024_8_rounds(12);
#endif
#if R1024_Unroll_R(13)
R1024_8_rounds(13);
#endif
#if R1024_Unroll_R(14)
R1024_8_rounds(14);
#endif
#if (SKEIN_UNROLL_1024 > 14)
#error "need more unrolling in Skein_1024_Process_Block"
#endif
}
/* do the final "feedforward" xor, update context chaining vars */
ctx->X[ 0] = X00 ^ w[ 0];
ctx->X[ 1] = X01 ^ w[ 1];
ctx->X[ 2] = X02 ^ w[ 2];
ctx->X[ 3] = X03 ^ w[ 3];
ctx->X[ 4] = X04 ^ w[ 4];
ctx->X[ 5] = X05 ^ w[ 5];
ctx->X[ 6] = X06 ^ w[ 6];
ctx->X[ 7] = X07 ^ w[ 7];
ctx->X[ 8] = X08 ^ w[ 8];
ctx->X[ 9] = X09 ^ w[ 9];
ctx->X[10] = X10 ^ w[10];
ctx->X[11] = X11 ^ w[11];
ctx->X[12] = X12 ^ w[12];
ctx->X[13] = X13 ^ w[13];
ctx->X[14] = X14 ^ w[14];
ctx->X[15] = X15 ^ w[15];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_FEED_FWD,ctx->X);
ts[1] &= ~SKEIN_T1_FLAG_FIRST;
blkPtr += SKEIN1024_BLOCK_BYTES;
}
while (--blkCnt);
ctx->h.T[0] = ts[0];
ctx->h.T[1] = ts[1];
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein1024_Process_Block_CodeSize(void)
{
return ((u08b_t *) Skein1024_Process_Block_CodeSize) -
((u08b_t *) Skein1024_Process_Block);
}
uint_t Skein1024_Unroll_Cnt(void)
{
return SKEIN_UNROLL_1024;
}
#endif
#endif

247
Optimized_64bit/skein_debug.c Normal file
View File

@ -0,0 +1,247 @@
/***********************************************************************
**
** Debug output functions for Skein hashing.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#include <stdio.h>
#ifdef SKEIN_DEBUG /* only instantiate this code if SKEIN_DEBUG is on */
#include "skein.h"
static const char INDENT[] = " "; /* how much to indent on new line */
uint_t skein_DebugFlag = 0; /* off by default. Must be set externally */
static void Show64_step(size_t cnt,const u64b_t *X,size_t step)
{
size_t i,j;
for (i=j=0;i < cnt;i++,j+=step)
{
if (i % 4 == 0) printf(INDENT);
printf(" %08X.%08X ",(uint_32t)(X[j] >> 32),(uint_32t)X[j]);
if (i % 4 == 3 || i==cnt-1) printf("\n");
fflush(stdout);
}
}
#define Show64(cnt,X) Show64_step(cnt,X,1)
static void Show64_flag(size_t cnt,const u64b_t *X)
{
size_t xptr = (size_t) X;
size_t step = (xptr & 1) ? 2 : 1;
if (step != 1)
{
X = (const u64b_t *) (xptr & ~1);
}
Show64_step(cnt,X,step);
}
static void Show08(size_t cnt,const u08b_t *b)
{
size_t i;
for (i=0;i < cnt;i++)
{
if (i %16 == 0) printf(INDENT);
else if (i % 4 == 0) printf(" ");
printf(" %02X",b[i]);
if (i %16 == 15 || i==cnt-1) printf("\n");
fflush(stdout);
}
}
static const char *AlgoHeader(uint_t bits)
{
if (skein_DebugFlag & SKEIN_DEBUG_THREEFISH)
switch (bits)
{
case 256: return ":Threefish-256: ";
case 512: return ":Threefish-512: ";
case 1024: return ":Threefish-1024:";
}
else
switch (bits)
{
case 256: return ":Skein-256: ";
case 512: return ":Skein-512: ";
case 1024: return ":Skein-1024:";
}
return NULL;
}
void Skein_Show_Final(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t cnt,const u08b_t *outPtr)
{
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag & SKEIN_DEBUG_FINAL)
{
printf("\n%s Final output=\n",AlgoHeader(bits));
Show08(cnt,outPtr);
printf(" ++++++++++\n");
fflush(stdout);
}
}
/* show state after a round (or "pseudo-round") */
void Skein_Show_Round(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X)
{
static uint_t injectNum=0; /* not multi-thread safe! */
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag)
{
if (r >= SKEIN_RND_SPECIAL)
{ /* a key injection (or feedforward) point */
injectNum = (r == SKEIN_RND_KEY_INITIAL) ? 0 : injectNum+1;
if ( skein_DebugFlag & SKEIN_DEBUG_INJECT ||
((skein_DebugFlag & SKEIN_DEBUG_FINAL) && r == SKEIN_RND_FEED_FWD))
{
printf("\n%s",AlgoHeader(bits));
switch (r)
{
case SKEIN_RND_KEY_INITIAL:
printf(" [state after initial key injection]");
break;
case SKEIN_RND_KEY_INJECT:
printf(" [state after key injection #%02d]",injectNum);
break;
case SKEIN_RND_FEED_FWD:
printf(" [state after plaintext feedforward]");
injectNum = 0;
break;
}
printf("=\n");
Show64(bits/64,X);
if (r== SKEIN_RND_FEED_FWD)
printf(" ----------\n");
}
}
else if (skein_DebugFlag & SKEIN_DEBUG_ROUNDS)
{
uint_t j;
u64b_t p[SKEIN_MAX_STATE_WORDS];
const u08b_t *perm;
const static u08b_t PERM_256 [4][ 4] = { { 0,1,2,3 }, { 0,3,2,1 }, { 0,1,2,3 }, { 0,3,2,1 } };
const static u08b_t PERM_512 [4][ 8] = { { 0,1,2,3,4,5,6,7 },
{ 2,1,4,7,6,5,0,3 },
{ 4,1,6,3,0,5,2,7 },
{ 6,1,0,7,2,5,4,3 }
};
const static u08b_t PERM_1024[4][16] = { { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15 },
{ 0, 9, 2,13, 6,11, 4,15,10, 7,12, 3,14, 5, 8, 1 },
{ 0, 7, 2, 5, 4, 3, 6, 1,12,15,14,13, 8,11,10, 9 },
{ 0,15, 2,11, 6,13, 4, 9,14, 1, 8, 5,10, 3,12, 7 }
};
if ((skein_DebugFlag & SKEIN_DEBUG_PERMUTE) && (r & 3))
{
printf("\n%s [state after round %2d (permuted)]=\n",AlgoHeader(bits),(int)r);
switch (bits)
{
case 256: perm = PERM_256 [r&3]; break;
case 512: perm = PERM_512 [r&3]; break;
default: perm = PERM_1024[r&3]; break;
}
for (j=0;j<bits/64;j++)
p[j] = X[perm[j]];
Show64(bits/64,p);
}
else
{
printf("\n%s [state after round %2d]=\n",AlgoHeader(bits),(int)r);
Show64(bits/64,X);
}
}
}
}
/* show state after a round (or "pseudo-round"), given a list of pointers */
void Skein_Show_R_Ptr(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X_ptr[])
{
uint_t i;
u64b_t X[SKEIN_MAX_STATE_WORDS];
for (i=0;i<bits/64;i++) /* copy over the words */
X[i] = X_ptr[i][0];
Skein_Show_Round(bits,h,r,X);
}
/* show the state at the start of a block */
void Skein_Show_Block(uint_t bits,const Skein_Ctxt_Hdr_t *h,const u64b_t *X,const u08b_t *blkPtr,
const u64b_t *wPtr, const u64b_t *ksPtr, const u64b_t *tsPtr)
{
uint_t n;
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag)
{
if (skein_DebugFlag & SKEIN_DEBUG_HDR)
{
printf("\n%s Block: outBits=%4d. T0=%06X.",AlgoHeader(bits),(uint_t) h->hashBitLen,(uint_t)h->T[0]);
printf(" Type=");
n = (uint_t) ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) >> SKEIN_T1_POS_BLK_TYPE);
switch (n)
{
case SKEIN_BLK_TYPE_KEY: printf("KEY. "); break;
case SKEIN_BLK_TYPE_CFG: printf("CFG. "); break;
case SKEIN_BLK_TYPE_PERS: printf("PERS."); break;
case SKEIN_BLK_TYPE_PK : printf("PK. "); break;
case SKEIN_BLK_TYPE_KDF: printf("KDF. "); break;
case SKEIN_BLK_TYPE_MSG: printf("MSG. "); break;
case SKEIN_BLK_TYPE_OUT: printf("OUT. "); break;
default: printf("0x%02X.",n); break;
}
printf(" Flags=");
printf((h->T[1] & SKEIN_T1_FLAG_FIRST) ? " First":" ");
printf((h->T[1] & SKEIN_T1_FLAG_FINAL) ? " Final":" ");
printf((h->T[1] & SKEIN_T1_FLAG_BIT_PAD) ? " Pad" :" ");
n = (uint_t) ((h->T[1] & SKEIN_T1_TREE_LVL_MASK) >> SKEIN_T1_POS_TREE_LVL);
if (n)
printf(" TreeLevel = %02X",n);
printf("\n");
fflush(stdout);
}
if (skein_DebugFlag & SKEIN_DEBUG_TWEAK)
{
printf(" Tweak:\n");
Show64(2,h->T);
}
if (skein_DebugFlag & SKEIN_DEBUG_STATE)
{
printf(" %s words:\n",(skein_DebugFlag & SKEIN_DEBUG_THREEFISH)?"Key":"State");
Show64(bits/64,X);
}
if (skein_DebugFlag & SKEIN_DEBUG_KEYSCHED)
{
printf(" Tweak schedule:\n");
Show64_flag(3,tsPtr);
printf(" Key schedule:\n");
Show64_flag((bits/64)+1,ksPtr);
}
if (skein_DebugFlag & SKEIN_DEBUG_INPUT_64)
{
printf(" Input block (words):\n");
Show64(bits/64,wPtr);
}
if (skein_DebugFlag & SKEIN_DEBUG_INPUT_08)
{
printf(" Input block (bytes):\n");
Show08(bits/8,blkPtr);
}
}
}
void Skein_Show_Key(uint_t bits,const Skein_Ctxt_Hdr_t *h,const u08b_t *key,size_t keyBytes)
{
if (keyBytes)
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag & SKEIN_DEBUG_KEY)
{
printf("\n%s MAC key = %4u bytes\n",AlgoHeader(bits),(unsigned) keyBytes);
Show08(keyBytes,key);
}
}
#endif

48
Optimized_64bit/skein_debug.h Normal file
View File

@ -0,0 +1,48 @@
#ifndef _SKEIN_DEBUG_H_
#define _SKEIN_DEBUG_H_
/***********************************************************************
**
** Interface definitions for Skein hashing debug output.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#ifdef SKEIN_DEBUG
/* callout functions used inside Skein code */
void Skein_Show_Block(uint_t bits,const Skein_Ctxt_Hdr_t *h,const u64b_t *X,const u08b_t *blkPtr,
const u64b_t *wPtr,const u64b_t *ksPtr,const u64b_t *tsPtr);
void Skein_Show_Round(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X);
void Skein_Show_R_Ptr(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X_ptr[]);
void Skein_Show_Final(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t cnt,const u08b_t *outPtr);
void Skein_Show_Key (uint_t bits,const Skein_Ctxt_Hdr_t *h,const u08b_t *key,size_t keyBytes);
extern uint_t skein_DebugFlag; /* flags to control debug output (0 --> none) */
#define SKEIN_RND_SPECIAL (1000u)
#define SKEIN_RND_KEY_INITIAL (SKEIN_RND_SPECIAL+0u)
#define SKEIN_RND_KEY_INJECT (SKEIN_RND_SPECIAL+1u)
#define SKEIN_RND_FEED_FWD (SKEIN_RND_SPECIAL+2u)
/* flag bits: skein_DebugFlag */
#define SKEIN_DEBUG_KEY (1u << 1) /* show MAC key */
#define SKEIN_DEBUG_CONFIG (1u << 2) /* show config block processing */
#define SKEIN_DEBUG_STATE (1u << 3) /* show input state during Show_Block() */
#define SKEIN_DEBUG_TWEAK (1u << 4) /* show input state during Show_Block() */
#define SKEIN_DEBUG_KEYSCHED (1u << 5) /* show expanded key schedule */
#define SKEIN_DEBUG_INPUT_64 (1u << 6) /* show input block as 64-bit words */
#define SKEIN_DEBUG_INPUT_08 (1u << 7) /* show input block as 8-bit bytes */
#define SKEIN_DEBUG_INJECT (1u << 8) /* show state after key injection & feedforward points */
#define SKEIN_DEBUG_ROUNDS (1u << 9) /* show state after all rounds */
#define SKEIN_DEBUG_FINAL (1u <<10) /* show final output of Skein */
#define SKEIN_DEBUG_HDR (1u <<11) /* show block header */
#define SKEIN_DEBUG_THREEFISH (1u <<12) /* use Threefish name instead of Skein */
#define SKEIN_DEBUG_PERMUTE (1u <<13) /* use word permutations */
#define SKEIN_DEBUG_ALL ((~0u) & ~(SKEIN_DEBUG_THREEFISH | SKEIN_DEBUG_PERMUTE))
#define THREEFISH_DEBUG_ALL (SKEIN_DEBUG_ALL | SKEIN_DEBUG_THREEFISH)
#endif /* SKEIN_DEBUG */
#endif /* _SKEIN_DEBUG_H_ */

199
Optimized_64bit/skein_iv.h Normal file
View File

@ -0,0 +1,199 @@
#ifndef _SKEIN_IV_H_
#define _SKEIN_IV_H_
#include "skein.h" /* get Skein macros and types */
/*
***************** Pre-computed Skein IVs *******************
**
** NOTE: these values are not "magic" constants, but
** are generated using the Threefish block function.
** They are pre-computed here only for speed; i.e., to
** avoid the need for a Threefish call during Init().
**
** The IV for any fixed hash length may be pre-computed.
** Only the most common values are included here.
**
************************************************************
**/
#define MK_64 SKEIN_MK_64
/* blkSize = 256 bits. hashSize = 128 bits */
const u64b_t SKEIN_256_IV_128[] =
{
MK_64(0xE1111906,0x964D7260),
MK_64(0x883DAAA7,0x7C8D811C),
MK_64(0x10080DF4,0x91960F7A),
MK_64(0xCCF7DDE5,0xB45BC1C2)
};
/* blkSize = 256 bits. hashSize = 160 bits */
const u64b_t SKEIN_256_IV_160[] =
{
MK_64(0x14202314,0x72825E98),
MK_64(0x2AC4E9A2,0x5A77E590),
MK_64(0xD47A5856,0x8838D63E),
MK_64(0x2DD2E496,0x8586AB7D)
};
/* blkSize = 256 bits. hashSize = 224 bits */
const u64b_t SKEIN_256_IV_224[] =
{
MK_64(0xC6098A8C,0x9AE5EA0B),
MK_64(0x876D5686,0x08C5191C),
MK_64(0x99CB88D7,0xD7F53884),
MK_64(0x384BDDB1,0xAEDDB5DE)
};
/* blkSize = 256 bits. hashSize = 256 bits */
const u64b_t SKEIN_256_IV_256[] =
{
MK_64(0xFC9DA860,0xD048B449),
MK_64(0x2FCA6647,0x9FA7D833),
MK_64(0xB33BC389,0x6656840F),
MK_64(0x6A54E920,0xFDE8DA69)
};
/* blkSize = 512 bits. hashSize = 128 bits */
const u64b_t SKEIN_512_IV_128[] =
{
MK_64(0xA8BC7BF3,0x6FBF9F52),
MK_64(0x1E9872CE,0xBD1AF0AA),
MK_64(0x309B1790,0xB32190D3),
MK_64(0xBCFBB854,0x3F94805C),
MK_64(0x0DA61BCD,0x6E31B11B),
MK_64(0x1A18EBEA,0xD46A32E3),
MK_64(0xA2CC5B18,0xCE84AA82),
MK_64(0x6982AB28,0x9D46982D)
};
/* blkSize = 512 bits. hashSize = 160 bits */
const u64b_t SKEIN_512_IV_160[] =
{
MK_64(0x28B81A2A,0xE013BD91),
MK_64(0xC2F11668,0xB5BDF78F),
MK_64(0x1760D8F3,0xF6A56F12),
MK_64(0x4FB74758,0x8239904F),
MK_64(0x21EDE07F,0x7EAF5056),
MK_64(0xD908922E,0x63ED70B8),
MK_64(0xB8EC76FF,0xECCB52FA),
MK_64(0x01A47BB8,0xA3F27A6E)
};
/* blkSize = 512 bits. hashSize = 224 bits */
const u64b_t SKEIN_512_IV_224[] =
{
MK_64(0xCCD06162,0x48677224),
MK_64(0xCBA65CF3,0xA92339EF),
MK_64(0x8CCD69D6,0x52FF4B64),
MK_64(0x398AED7B,0x3AB890B4),
MK_64(0x0F59D1B1,0x457D2BD0),
MK_64(0x6776FE65,0x75D4EB3D),
MK_64(0x99FBC70E,0x997413E9),
MK_64(0x9E2CFCCF,0xE1C41EF7)
};
/* blkSize = 512 bits. hashSize = 256 bits */
const u64b_t SKEIN_512_IV_256[] =
{
MK_64(0xCCD044A1,0x2FDB3E13),
MK_64(0xE8359030,0x1A79A9EB),
MK_64(0x55AEA061,0x4F816E6F),
MK_64(0x2A2767A4,0xAE9B94DB),
MK_64(0xEC06025E,0x74DD7683),
MK_64(0xE7A436CD,0xC4746251),
MK_64(0xC36FBAF9,0x393AD185),
MK_64(0x3EEDBA18,0x33EDFC13)
};
/* blkSize = 512 bits. hashSize = 384 bits */
const u64b_t SKEIN_512_IV_384[] =
{
MK_64(0xA3F6C6BF,0x3A75EF5F),
MK_64(0xB0FEF9CC,0xFD84FAA4),
MK_64(0x9D77DD66,0x3D770CFE),
MK_64(0xD798CBF3,0xB468FDDA),
MK_64(0x1BC4A666,0x8A0E4465),
MK_64(0x7ED7D434,0xE5807407),
MK_64(0x548FC1AC,0xD4EC44D6),
MK_64(0x266E1754,0x6AA18FF8)
};
/* blkSize = 512 bits. hashSize = 512 bits */
const u64b_t SKEIN_512_IV_512[] =
{
MK_64(0x4903ADFF,0x749C51CE),
MK_64(0x0D95DE39,0x9746DF03),
MK_64(0x8FD19341,0x27C79BCE),
MK_64(0x9A255629,0xFF352CB1),
MK_64(0x5DB62599,0xDF6CA7B0),
MK_64(0xEABE394C,0xA9D5C3F4),
MK_64(0x991112C7,0x1A75B523),
MK_64(0xAE18A40B,0x660FCC33)
};
/* blkSize = 1024 bits. hashSize = 384 bits */
const u64b_t SKEIN1024_IV_384[] =
{
MK_64(0x5102B6B8,0xC1894A35),
MK_64(0xFEEBC9E3,0xFE8AF11A),
MK_64(0x0C807F06,0xE32BED71),
MK_64(0x60C13A52,0xB41A91F6),
MK_64(0x9716D35D,0xD4917C38),
MK_64(0xE780DF12,0x6FD31D3A),
MK_64(0x797846B6,0xC898303A),
MK_64(0xB172C2A8,0xB3572A3B),
MK_64(0xC9BC8203,0xA6104A6C),
MK_64(0x65909338,0xD75624F4),
MK_64(0x94BCC568,0x4B3F81A0),
MK_64(0x3EBBF51E,0x10ECFD46),
MK_64(0x2DF50F0B,0xEEB08542),
MK_64(0x3B5A6530,0x0DBC6516),
MK_64(0x484B9CD2,0x167BBCE1),
MK_64(0x2D136947,0xD4CBAFEA)
};
/* blkSize = 1024 bits. hashSize = 512 bits */
const u64b_t SKEIN1024_IV_512[] =
{
MK_64(0xCAEC0E5D,0x7C1B1B18),
MK_64(0xA01B0E04,0x5F03E802),
MK_64(0x33840451,0xED912885),
MK_64(0x374AFB04,0xEAEC2E1C),
MK_64(0xDF25A0E2,0x813581F7),
MK_64(0xE4004093,0x8B12F9D2),
MK_64(0xA662D539,0xC2ED39B6),
MK_64(0xFA8B85CF,0x45D8C75A),
MK_64(0x8316ED8E,0x29EDE796),
MK_64(0x053289C0,0x2E9F91B8),
MK_64(0xC3F8EF1D,0x6D518B73),
MK_64(0xBDCEC3C4,0xD5EF332E),
MK_64(0x549A7E52,0x22974487),
MK_64(0x67070872,0x5B749816),
MK_64(0xB9CD28FB,0xF0581BD1),
MK_64(0x0E2940B8,0x15804974)
};
/* blkSize = 1024 bits. hashSize = 1024 bits */
const u64b_t SKEIN1024_IV_1024[] =
{
MK_64(0xD593DA07,0x41E72355),
MK_64(0x15B5E511,0xAC73E00C),
MK_64(0x5180E5AE,0xBAF2C4F0),
MK_64(0x03BD41D3,0xFCBCAFAF),
MK_64(0x1CAEC6FD,0x1983A898),
MK_64(0x6E510B8B,0xCDD0589F),
MK_64(0x77E2BDFD,0xC6394ADA),
MK_64(0xC11E1DB5,0x24DCB0A3),
MK_64(0xD6D14AF9,0xC6329AB5),
MK_64(0x6A9B0BFC,0x6EB67E0D),
MK_64(0x9243C60D,0xCCFF1332),
MK_64(0x1A1F1DDE,0x743F02D4),
MK_64(0x0996753C,0x10ED0BB8),
MK_64(0x6572DD22,0xF2B4969A),
MK_64(0x61FD3062,0xD00A579A),
MK_64(0x1DE0536E,0x8682E539)
};
#endif /* _SKEIN_IV_H_ */

124
Optimized_64bit/skein_port.h Normal file
View File

@ -0,0 +1,124 @@
#ifndef _SKEIN_PORT_H_
#define _SKEIN_PORT_H_
/*******************************************************************
**
** Platform-specific definitions for Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
** Many thanks to Brian Gladman for his portable header files.
**
** To port Skein to an "unsupported" platform, change the definitions
** in this file appropriately.
**
********************************************************************/
#include "brg_types.h" /* get integer type definitions */
typedef unsigned int uint_t; /* native unsigned integer */
typedef uint_8t u08b_t; /* 8-bit unsigned integer */
typedef uint_64t u64b_t; /* 64-bit unsigned integer */
#ifndef RotL_64
#define RotL_64(x,N) (((x) << (N)) | ((x) >> (64-(N))))
#endif
/*
* Skein is "natively" little-endian (unlike SHA-xxx), for optimal
* performance on x86 CPUs. The Skein code requires the following
* definitions for dealing with endianness:
*
* SKEIN_NEED_SWAP: 0 for little-endian, 1 for big-endian
* Skein_Put64_LSB_First
* Skein_Get64_LSB_First
* Skein_Swap64
*
* If SKEIN_NEED_SWAP is defined at compile time, it is used here
* along with the portable versions of Put64/Get64/Swap64, which
* are slow in general.
*
* Otherwise, an "auto-detect" of endianness is attempted below.
* If the default handling doesn't work well, the user may insert
* platform-specific code instead (e.g., for big-endian CPUs).
*
*/
#ifndef SKEIN_NEED_SWAP /* compile-time "override" for endianness? */
#include "brg_endian.h" /* get endianness selection */
#if PLATFORM_BYTE_ORDER == IS_BIG_ENDIAN
/* here for big-endian CPUs */
#define SKEIN_NEED_SWAP (1)
#elif PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN
/* here for x86 and x86-64 CPUs (and other detected little-endian CPUs) */
#define SKEIN_NEED_SWAP (0)
#if PLATFORM_MUST_ALIGN == 0 /* ok to use "fast" versions? */
#define Skein_Put64_LSB_First(dst08,src64,bCnt) memcpy(dst08,src64,bCnt)
#define Skein_Get64_LSB_First(dst64,src08,wCnt) memcpy(dst64,src08,8*(wCnt))
#endif
#else
#error "Skein needs endianness setting!"
#endif
#endif /* ifndef SKEIN_NEED_SWAP */
/*
******************************************************************
* Provide any definitions still needed.
******************************************************************
*/
#ifndef Skein_Swap64 /* swap for big-endian, nop for little-endian */
#if SKEIN_NEED_SWAP
#define Skein_Swap64(w64) \
( (( ((u64b_t)(w64)) & 0xFF) << 56) | \
(((((u64b_t)(w64)) >> 8) & 0xFF) << 48) | \
(((((u64b_t)(w64)) >>16) & 0xFF) << 40) | \
(((((u64b_t)(w64)) >>24) & 0xFF) << 32) | \
(((((u64b_t)(w64)) >>32) & 0xFF) << 24) | \
(((((u64b_t)(w64)) >>40) & 0xFF) << 16) | \
(((((u64b_t)(w64)) >>48) & 0xFF) << 8) | \
(((((u64b_t)(w64)) >>56) & 0xFF) ) )
#else
#define Skein_Swap64(w64) (w64)
#endif
#endif /* ifndef Skein_Swap64 */
#ifndef Skein_Put64_LSB_First
void Skein_Put64_LSB_First(u08b_t *dst,const u64b_t *src,size_t bCnt)
#ifdef SKEIN_PORT_CODE /* instantiate the function code here? */
{ /* this version is fully portable (big-endian or little-endian), but slow */
size_t n;
for (n=0;n<bCnt;n++)
dst[n] = (u08b_t) (src[n>>3] >> (8*(n&7)));
}
#else
; /* output only the function prototype */
#endif
#endif /* ifndef Skein_Put64_LSB_First */
#ifndef Skein_Get64_LSB_First
void Skein_Get64_LSB_First(u64b_t *dst,const u08b_t *src,size_t wCnt)
#ifdef SKEIN_PORT_CODE /* instantiate the function code here? */
{ /* this version is fully portable (big-endian or little-endian), but slow */
size_t n;
for (n=0;n<8*wCnt;n+=8)
dst[n/8] = (((u64b_t) src[n ]) ) +
(((u64b_t) src[n+1]) << 8) +
(((u64b_t) src[n+2]) << 16) +
(((u64b_t) src[n+3]) << 24) +
(((u64b_t) src[n+4]) << 32) +
(((u64b_t) src[n+5]) << 40) +
(((u64b_t) src[n+6]) << 48) +
(((u64b_t) src[n+7]) << 56) ;
}
#else
; /* output only the function prototype */
#endif
#endif /* ifndef Skein_Get64_LSB_First */
#endif /* ifndef _SKEIN_PORT_H_ */

166
README/readme.txt Normal file
View File

@ -0,0 +1,166 @@
Below is a list of Skein files included on the NIST submission CD, along
with a very brief description of each file. In both the reference and
optimized directories, all C files should be compiled to generate a
SHA3 NIST API "library" for Skein.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
The following files are identical and common between the reference and optimized
versions of the code:
File Name Description
--------------------------------------------------------------------------------
brg_endian.h Brian Gladman's header file to auto-detect CPU endianness
(with a few extensions for handling various platforms/compilers)
brg_types.h Brian Gladman's header file to auto-detect integer types
(with a few extensions for handling various platforms/compilers)
SHA3api_ref.h API definitions for SHA3 API, implemented in SHA3api_ref.c
SHA3api_ref.c "Wrapper" code that implements the NIST SHA3 API on top of the
Skein API.
skein_debug.h Header for with routines used internally by Skein routines for
generating debug i/o (e.g., round-by-round intermediate values)
If SKEIN_DEBUG is not defined at compile time, these interface
declarations instead become "dummy" macros so that there is
no performance impact.
skein_debug.c Debug i/o routines called by Skein functions.
skein.h Function prototypes, data structures, and constant definitions
for Skein. The Skein API is more general than the NIST API
(e.g., MAC functions).
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
The following files are different for the reference and optimized versions
of the code. Note that the source files in Optimized_32bit and Optimized_64bit
directories are identical.
File Name Description
--------------------------------------------------------------------------------
skein_port.h Definitions that might need to be changed to port Skein to
a different CPU platform (e.g., big-endian). The Skein code
should run on most CPU platforms, but the macros/functions here
may be helpful in making the code run more efficiently
skein.c The main Skein interface functions: Init, Update, and Final, for
all three Skein block sizes. Additionally, the InitExt() function
allows for MAC and other extended functionality.
skein_block.c The Skein block processing function, based on the Threefish block
cipher. This module contains the most performance-sensitive code
and can be replaced by the assembly modules for slight speedups
on some platforms. The functions here are only for internal use
inside "skein.c" and are not intended for external APIs.
skein_iv.h Initial values for various Skein hash functions. Note that these
values are NOT "magic constants", as they are computed using
the initial Skein "configuration" block. These values are used
only by the optimized code, in order to speed up the hash
computations.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
The following files are included in the Additional_Implementations directory:
File Name Description
--------------------------------------------------------------------------------
skein_test.c The Skein test module, used to measure performance and generate
KAT vectors for testing. This module should be compiled together
with the Skein source files (i.e., from the Reference or the
Optimized directories) to generate an executable, skein_test.exe.
This program is used internally to test/validate/compare different
implementations (e.g., Reference, Optimized, Assembly).
skein_block_x64.asm This is the 64-bit assembly language version of skein_block.c.
It may be used to replace that file in the Optimized_64bit
directory to improve performance on 64-bit Intel/AMD systems.
It should be assembled with ml64.exe.
skein_block_x86.asm This is the 32-bit assembly language version of skein_block.c.
It may be used to replace that file in the Optimized_32bit
directory to improve performance on 32-bit Intel/AMD systems.
It should be assembled with ml.exe.
skein_rot_search.c This is the program that searches for the Threefish rotation
constants. It has many different command-line switches, but by
default it generates the constants used in the Skein paper.
This file is a stand-alone C file. To run it, simply re-direct
the output to a test file: "skein_rot_search > srs_log.txt".
Note that it takes nearly 3 DAYS on a Core 2 Duo to complete
program execution in this case. Alternately, to generate individual
files, run the following command lines:
skein_rot_search -b256 > srs_256.txt
skein_rot_search -b512 > srs_512.txt
skein_rot_search -b1024 > srs_1024.txt
srs_256.txt These three files contain the results of running skein_rot_search.exe
srs_512.txt for the three different Skein block sizes. They are rather large.
srs_1024.txt At the end of each file, the "finalists" are re-graded with different
number of random samples.
Atmel_AVR.c This file was used to compile on the Atmel AVR 8-bit CPU.
It includes the optimized versions of skein.c and skein_block.c
with compile-time settings to only implement one at time.
This was compiled with the free AVR tool set from Atmel
and simulated to give the 8-bit C performance numbers.
skein_8bit_estimates.xls
This file is a spreadsheet used to generate the estimates for
code size and speed of assembly versions of Skein on the Atmel
8-bit CPU family. Note that this is MUCH faster than the C
versions, since it uses static variables, with optimized loading
and rotations. No attempt is made here to minimize code size by
sharing code using calls, although the code size could be shrunk
significantly using calls, at some cost in performance.
skein_perf_core2.txt
This file contains code size and performance data running on
an Intel Core 2 Duo CPU under Windows Vista 64-bit, using the
Microsoft and other compilers and assemblers. It includes
results for both 32-bit and 64-bit code.
skein_MSC_v9_perf.txt
This file contains a subset of the skein_perf_core2.txt file,
including only results from the MSVC 2008 compiler, with message
sizes that are powers of 10.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
The following files are included in the KAT_MCT directory, in addition to the
KAT/MCT files required by NIST:
genKAT.c NIST-supplied source file for generating KAT_MCT vectors.
This module should be compiled together with the Skein source
files (i.e., from the Reference or the Optimized directories)
to generate an executable genKAT.exe, which can generate the
KAT_MCT vectors.
[FWIW, compiling this source file under gcc gives several nasty compiler warnings!]
skein_golden_kat.txt
The "golden" KAT file generated using "skein_test.exe -k". This
file tries to cover various block sizes, message sizes, and output
sizes, as well as MAC modes. It is used for testing compliance of
a Skein implementation, using skein_test.c
skein_golden_kat_internals.txt
The KAT file generated using "skein_test.exe -k -dc". It covers
the same test as "skein_golden_kat.txt" , but also prints out
intermediate (round-by-round) values. The file is very large, but
it is quite useful in debugging when porting Skein to a new
CPU platform and/or programming language.
skein_golden_kat_short.txt
This is a shorter version (subset) of skein_golden_kat.txt
skein_golden_kat_short_internals.txt
This is a shorter version (subset) of skein_golden_kat_internals.txt

115
Reference_Implementation/SHA3api_ref.c Normal file
View File

@ -0,0 +1,115 @@
/***********************************************************************
**
** Implementation of the AHS API using the Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#include <string.h> /* get the memcpy/memset functions */
#include "skein.h" /* get the Skein API definitions */
#include "SHA3api_ref.h"/* get the AHS API definitions */
/******************************************************************/
/* AHS API code */
/******************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* select the context size and init the context */
HashReturn Init(hashState *state, int hashbitlen)
{
#if SKEIN_256_NIST_MAX_HASH_BITS
if (hashbitlen <= SKEIN_256_NIST_MAX_HASHBITS)
{
Skein_Assert(hashbitlen > 0,BAD_HASHLEN);
state->statebits = 64*SKEIN_256_STATE_WORDS;
return Skein_256_Init(&state->u.ctx_256,(size_t) hashbitlen);
}
#endif
if (hashbitlen <= SKEIN_512_NIST_MAX_HASHBITS)
{
state->statebits = 64*SKEIN_512_STATE_WORDS;
return Skein_512_Init(&state->u.ctx_512,(size_t) hashbitlen);
}
else
{
state->statebits = 64*SKEIN1024_STATE_WORDS;
return Skein1024_Init(&state->u.ctx1024,(size_t) hashbitlen);
}
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process data to be hashed */
HashReturn Update(hashState *state, const BitSequence *data, DataLength databitlen)
{
/* only the final Update() call is allowed do partial bytes, else assert an error */
Skein_Assert((state->u.h.T[1] & SKEIN_T1_FLAG_BIT_PAD) == 0 || databitlen == 0, FAIL);
Skein_Assert(state->statebits % 256 == 0 && (state->statebits-256) < 1024,FAIL);
if ((databitlen & 7) == 0) /* partial bytes? */
{
switch ((state->statebits >> 8) & 3)
{
case 2: return Skein_512_Update(&state->u.ctx_512,data,databitlen >> 3);
case 1: return Skein_256_Update(&state->u.ctx_256,data,databitlen >> 3);
case 0: return Skein1024_Update(&state->u.ctx1024,data,databitlen >> 3);
default: return FAIL;
}
}
else
{ /* handle partial final byte */
size_t bCnt = (databitlen >> 3) + 1; /* number of bytes to handle (nonzero here!) */
u08b_t b,mask;
mask = (u08b_t) (1u << (7 - (databitlen & 7))); /* partial byte bit mask */
b = (u08b_t) ((data[bCnt-1] & (0-mask)) | mask); /* apply bit padding on final byte */
switch ((state->statebits >> 8) & 3)
{
case 2: Skein_512_Update(&state->u.ctx_512,data,bCnt-1); /* process all but the final byte */
Skein_512_Update(&state->u.ctx_512,&b , 1 ); /* process the (masked) partial byte */
break;
case 1: Skein_256_Update(&state->u.ctx_256,data,bCnt-1); /* process all but the final byte */
Skein_256_Update(&state->u.ctx_256,&b , 1 ); /* process the (masked) partial byte */
break;
case 0: Skein1024_Update(&state->u.ctx1024,data,bCnt-1); /* process all but the final byte */
Skein1024_Update(&state->u.ctx1024,&b , 1 ); /* process the (masked) partial byte */
break;
default: return FAIL;
}
Skein_Set_Bit_Pad_Flag(state->u.h); /* set tweak flag for the final call */
return SUCCESS;
}
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize hash computation and output the result (hashbitlen bits) */
HashReturn Final(hashState *state, BitSequence *hashval)
{
Skein_Assert(state->statebits % 256 == 0 && (state->statebits-256) < 1024,FAIL);
switch ((state->statebits >> 8) & 3)
{
case 2: return Skein_512_Final(&state->u.ctx_512,hashval);
case 1: return Skein_256_Final(&state->u.ctx_256,hashval);
case 0: return Skein1024_Final(&state->u.ctx1024,hashval);
default: return FAIL;
}
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* all-in-one hash function */
HashReturn Hash(int hashbitlen, const BitSequence *data, /* all-in-one call */
DataLength databitlen,BitSequence *hashval)
{
hashState state;
HashReturn r = Init(&state,hashbitlen);
if (r == SUCCESS)
{ /* these calls do not fail when called properly */
r = Update(&state,data,databitlen);
Final(&state,hashval);
}
return r;
}

66
Reference_Implementation/SHA3api_ref.h Normal file
View File

@ -0,0 +1,66 @@
#ifndef _AHS_API_H_
#define _AHS_API_H_
/***********************************************************************
**
** Interface declarations of the AHS API using the Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#include "skein.h"
typedef enum
{
SUCCESS = SKEIN_SUCCESS,
FAIL = SKEIN_FAIL,
BAD_HASHLEN = SKEIN_BAD_HASHLEN
}
HashReturn;
typedef size_t DataLength; /* bit count type */
typedef u08b_t BitSequence; /* bit stream type */
typedef struct
{
uint_t statebits; /* 256, 512, or 1024 */
union
{
Skein_Ctxt_Hdr_t h; /* common header "overlay" */
Skein_256_Ctxt_t ctx_256;
Skein_512_Ctxt_t ctx_512;
Skein1024_Ctxt_t ctx1024;
} u;
}
hashState;
/* "incremental" hashing API */
HashReturn Init (hashState *state, int hashbitlen);
HashReturn Update(hashState *state, const BitSequence *data, DataLength databitlen);
HashReturn Final (hashState *state, BitSequence *hashval);
/* "all-in-one" call */
HashReturn Hash (int hashbitlen, const BitSequence *data,
DataLength databitlen, BitSequence *hashval);
/*
** Re-define the compile-time constants below to change the selection
** of the Skein state size in the Init() function in SHA3api_ref.c.
**
** That is, the NIST API does not allow for explicit selection of the
** Skein block size, so it must be done implicitly in the Init() function.
** The selection is controlled by these constants.
*/
#ifndef SKEIN_256_NIST_MAX_HASHBITS
#define SKEIN_256_NIST_MAX_HASHBITS (0)
#endif
#ifndef SKEIN_512_NIST_MAX_HASHBITS
#define SKEIN_512_NIST_MAX_HASHBITS (512)
#endif
#endif /* ifdef _AHS_API_H_ */

148
Reference_Implementation/brg_endian.h Normal file
View File

@ -0,0 +1,148 @@
/*
---------------------------------------------------------------------------
Copyright (c) 2003, Dr Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue 20/10/2006
*/
#ifndef BRG_ENDIAN_H
#define BRG_ENDIAN_H
#define IS_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */
#define IS_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */
/* Include files where endian defines and byteswap functions may reside */
#if defined( __FreeBSD__ ) || defined( __OpenBSD__ ) || defined( __NetBSD__ )
# include <sys/endian.h>
#elif defined( BSD ) && ( BSD >= 199103 ) || defined( __APPLE__ ) || \
defined( __CYGWIN32__ ) || defined( __DJGPP__ ) || defined( __osf__ )
# include <machine/endian.h>
#elif defined( __linux__ ) || defined( __GNUC__ ) || defined( __GNU_LIBRARY__ )
# if !defined( __MINGW32__ ) && !defined(AVR)
# include <endian.h>
# if !defined( __BEOS__ )
# include <byteswap.h>
# endif
# endif
#endif
/* Now attempt to set the define for platform byte order using any */
/* of the four forms SYMBOL, _SYMBOL, __SYMBOL & __SYMBOL__, which */
/* seem to encompass most endian symbol definitions */
#if defined( BIG_ENDIAN ) && defined( LITTLE_ENDIAN )
# if defined( BYTE_ORDER ) && BYTE_ORDER == BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( BYTE_ORDER ) && BYTE_ORDER == LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( _BIG_ENDIAN ) && defined( _LITTLE_ENDIAN )
# if defined( _BYTE_ORDER ) && _BYTE_ORDER == _BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( _BYTE_ORDER ) && _BYTE_ORDER == _LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( _BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( _LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( __BIG_ENDIAN ) && defined( __LITTLE_ENDIAN )
# if defined( __BYTE_ORDER ) && __BYTE_ORDER == __BIG_ENDIAN
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( __BYTE_ORDER ) && __BYTE_ORDER == __LITTLE_ENDIAN
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( __BIG_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( __LITTLE_ENDIAN )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#if defined( __BIG_ENDIAN__ ) && defined( __LITTLE_ENDIAN__ )
# if defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __BIG_ENDIAN__
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
# elif defined( __BYTE_ORDER__ ) && __BYTE_ORDER__ == __LITTLE_ENDIAN__
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
# endif
#elif defined( __BIG_ENDIAN__ )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif defined( __LITTLE_ENDIAN__ )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
/* if the platform byte order could not be determined, then try to */
/* set this define using common machine defines */
#if !defined(PLATFORM_BYTE_ORDER)
#if defined( __alpha__ ) || defined( __alpha ) || defined( i386 ) || \
defined( __i386__ ) || defined( _M_I86 ) || defined( _M_IX86 ) || \
defined( __OS2__ ) || defined( sun386 ) || defined( __TURBOC__ ) || \
defined( vax ) || defined( vms ) || defined( VMS ) || \
defined( __VMS ) || defined( _M_X64 ) || defined( AVR )
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#elif defined( AMIGA ) || defined( applec ) || defined( __AS400__ ) || \
defined( _CRAY ) || defined( __hppa ) || defined( __hp9000 ) || \
defined( ibm370 ) || defined( mc68000 ) || defined( m68k ) || \
defined( __MRC__ ) || defined( __MVS__ ) || defined( __MWERKS__ ) || \
defined( sparc ) || defined( __sparc) || defined( SYMANTEC_C ) || \
defined( __VOS__ ) || defined( __TIGCC__ ) || defined( __TANDEM ) || \
defined( THINK_C ) || defined( __VMCMS__ )
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#elif 0 /* **** EDIT HERE IF NECESSARY **** */
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#elif 0 /* **** EDIT HERE IF NECESSARY **** */
# define PLATFORM_BYTE_ORDER IS_BIG_ENDIAN
#else
# error Please edit lines 126 or 128 in brg_endian.h to set the platform byte order
#endif
#endif
/* special handler for IA64, which may be either endianness (?) */
/* here we assume little-endian, but this may need to be changed */
#if defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
# define PLATFORM_MUST_ALIGN (1)
#ifndef PLATFORM_BYTE_ORDER
# define PLATFORM_BYTE_ORDER IS_LITTLE_ENDIAN
#endif
#endif
#ifndef PLATFORM_MUST_ALIGN
# define PLATFORM_MUST_ALIGN (0)
#endif
#endif /* ifndef BRG_ENDIAN_H */

188
Reference_Implementation/brg_types.h Normal file
View File

@ -0,0 +1,188 @@
/*
---------------------------------------------------------------------------
Copyright (c) 1998-2006, Brian Gladman, Worcester, UK. All rights reserved.
LICENSE TERMS
The free distribution and use of this software in both source and binary
form is allowed (with or without changes) provided that:
1. distributions of this source code include the above copyright
notice, this list of conditions and the following disclaimer;
2. distributions in binary form include the above copyright
notice, this list of conditions and the following disclaimer
in the documentation and/or other associated materials;
3. the copyright holder's name is not used to endorse products
built using this software without specific written permission.
ALTERNATIVELY, provided that this notice is retained in full, this product
may be distributed under the terms of the GNU General Public License (GPL),
in which case the provisions of the GPL apply INSTEAD OF those given above.
DISCLAIMER
This software is provided 'as is' with no explicit or implied warranties
in respect of its properties, including, but not limited to, correctness
and/or fitness for purpose.
---------------------------------------------------------------------------
Issue 09/09/2006
The unsigned integer types defined here are of the form uint_<nn>t where
<nn> is the length of the type; for example, the unsigned 32-bit type is
'uint_32t'. These are NOT the same as the 'C99 integer types' that are
defined in the inttypes.h and stdint.h headers since attempts to use these
types have shown that support for them is still highly variable. However,
since the latter are of the form uint<nn>_t, a regular expression search
and replace (in VC++ search on 'uint_{:z}t' and replace with 'uint\1_t')
can be used to convert the types used here to the C99 standard types.
*/
#ifndef BRG_TYPES_H
#define BRG_TYPES_H
#if defined(__cplusplus)
extern "C" {
#endif
#include <limits.h>
#ifndef BRG_UI8
# define BRG_UI8
# if UCHAR_MAX == 255u
typedef unsigned char uint_8t;
# else
# error Please define uint_8t as an 8-bit unsigned integer type in brg_types.h
# endif
#endif
#ifndef BRG_UI16
# define BRG_UI16
# if USHRT_MAX == 65535u
typedef unsigned short uint_16t;
# else
# error Please define uint_16t as a 16-bit unsigned short type in brg_types.h
# endif
#endif
#ifndef BRG_UI32
# define BRG_UI32
# if UINT_MAX == 4294967295u
# define li_32(h) 0x##h##u
typedef unsigned int uint_32t;
# elif ULONG_MAX == 4294967295u
# define li_32(h) 0x##h##ul
typedef unsigned long uint_32t;
# elif defined( _CRAY )
# error This code needs 32-bit data types, which Cray machines do not provide
# else
# error Please define uint_32t as a 32-bit unsigned integer type in brg_types.h
# endif
#endif
#ifndef BRG_UI64
# if defined( __BORLANDC__ ) && !defined( __MSDOS__ )
# define BRG_UI64
# define li_64(h) 0x##h##ui64
typedef unsigned __int64 uint_64t;
# elif defined( _MSC_VER ) && ( _MSC_VER < 1300 ) /* 1300 == VC++ 7.0 */
# define BRG_UI64
# define li_64(h) 0x##h##ui64
typedef unsigned __int64 uint_64t;
# elif defined( __sun ) && defined(ULONG_MAX) && ULONG_MAX == 0xfffffffful
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# elif defined( UINT_MAX ) && UINT_MAX > 4294967295u
# if UINT_MAX == 18446744073709551615u
# define BRG_UI64
# define li_64(h) 0x##h##u
typedef unsigned int uint_64t;
# endif
# elif defined( ULONG_MAX ) && ULONG_MAX > 4294967295u
# if ULONG_MAX == 18446744073709551615ul
# define BRG_UI64
# define li_64(h) 0x##h##ul
typedef unsigned long uint_64t;
# endif
# elif defined( ULLONG_MAX ) && ULLONG_MAX > 4294967295u
# if ULLONG_MAX == 18446744073709551615ull
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# endif
# elif defined( ULONG_LONG_MAX ) && ULONG_LONG_MAX > 4294967295u
# if ULONG_LONG_MAX == 18446744073709551615ull
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# endif
# elif defined(__GNUC__) /* DLW: avoid mingw problem with -ansi */
# define BRG_UI64
# define li_64(h) 0x##h##ull
typedef unsigned long long uint_64t;
# endif
#endif
#if defined( NEED_UINT_64T ) && !defined( BRG_UI64 )
# error Please define uint_64t as an unsigned 64 bit type in brg_types.h
#endif
#ifndef RETURN_VALUES
# define RETURN_VALUES
# if defined( DLL_EXPORT )
# if defined( _MSC_VER ) || defined ( __INTEL_COMPILER )
# define VOID_RETURN __declspec( dllexport ) void __stdcall
# define INT_RETURN __declspec( dllexport ) int __stdcall
# elif defined( __GNUC__ )
# define VOID_RETURN __declspec( __dllexport__ ) void
# define INT_RETURN __declspec( __dllexport__ ) int
# else
# error Use of the DLL is only available on the Microsoft, Intel and GCC compilers
# endif
# elif defined( DLL_IMPORT )
# if defined( _MSC_VER ) || defined ( __INTEL_COMPILER )
# define VOID_RETURN __declspec( dllimport ) void __stdcall
# define INT_RETURN __declspec( dllimport ) int __stdcall
# elif defined( __GNUC__ )
# define VOID_RETURN __declspec( __dllimport__ ) void
# define INT_RETURN __declspec( __dllimport__ ) int
# else
# error Use of the DLL is only available on the Microsoft, Intel and GCC compilers
# endif
# elif defined( __WATCOMC__ )
# define VOID_RETURN void __cdecl
# define INT_RETURN int __cdecl
# else
# define VOID_RETURN void
# define INT_RETURN int
# endif
#endif
/* These defines are used to declare buffers in a way that allows
faster operations on longer variables to be used. In all these
defines 'size' must be a power of 2 and >= 8
dec_unit_type(size,x) declares a variable 'x' of length
'size' bits
dec_bufr_type(size,bsize,x) declares a buffer 'x' of length 'bsize'
bytes defined as an array of variables
each of 'size' bits (bsize must be a
multiple of size / 8)
ptr_cast(x,size) casts a pointer to a pointer to a
varaiable of length 'size' bits
*/
#define ui_type(size) uint_##size##t
#define dec_unit_type(size,x) typedef ui_type(size) x
#define dec_bufr_type(size,bsize,x) typedef ui_type(size) x[bsize / (size >> 3)]
#define ptr_cast(x,size) ((ui_type(size)*)(x))
#if defined(__cplusplus)
}
#endif
#endif

747
Reference_Implementation/skein.c Normal file
View File

@ -0,0 +1,747 @@
/***********************************************************************
**
** Implementation of the Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#include <string.h> /* get the memcpy/memset functions */
#include "skein.h" /* get the Skein API definitions */
/*****************************************************************/
/* External function to process blkCnt (nonzero) full block(s) of data. */
void Skein_256_Process_Block(Skein_256_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd);
void Skein_512_Process_Block(Skein_512_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd);
void Skein1024_Process_Block(Skein1024_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd);
/*****************************************************************/
/* Portable (i.e., slow) endianness conversion functions */
u64b_t Skein_Swap64(u64b_t w64)
{ /* instantiate the function body here */
static const u64b_t ONE = 1; /* use this to check endianness */
/* figure out endianness "on-the-fly" */
if (1 == ((u08b_t *) & ONE)[0])
return w64; /* little-endian is fast */
else
return (( w64 & 0xFF) << 56) | /* big-endian is slow */
(((w64 >> 8) & 0xFF) << 48) |
(((w64 >>16) & 0xFF) << 40) |
(((w64 >>24) & 0xFF) << 32) |
(((w64 >>32) & 0xFF) << 24) |
(((w64 >>40) & 0xFF) << 16) |
(((w64 >>48) & 0xFF) << 8) |
(((w64 >>56) & 0xFF) ) ;
}
void Skein_Put64_LSB_First(u08b_t *dst,const u64b_t *src,size_t bCnt)
{ /* this version is fully portable (big-endian or little-endian), but slow */
size_t n;
for (n=0;n<bCnt;n++)
dst[n] = (u08b_t) (src[n>>3] >> (8*(n&7)));
}
void Skein_Get64_LSB_First(u64b_t *dst,const u08b_t *src,size_t wCnt)
{ /* this version is fully portable (big-endian or little-endian), but slow */
size_t n;
for (n=0;n<8*wCnt;n+=8)
dst[n/8] = (((u64b_t) src[n ]) ) +
(((u64b_t) src[n+1]) << 8) +
(((u64b_t) src[n+2]) << 16) +
(((u64b_t) src[n+3]) << 24) +
(((u64b_t) src[n+4]) << 32) +
(((u64b_t) src[n+5]) << 40) +
(((u64b_t) src[n+6]) << 48) +
(((u64b_t) src[n+7]) << 56) ;
}
/*****************************************************************/
/* 256-bit Skein */
/*****************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a straight hashing operation */
int Skein_256_Init(Skein_256_Ctxt_t *ctx, size_t hashBitLen)
{
union
{
u08b_t b[SKEIN_256_STATE_BYTES];
u64b_t w[SKEIN_256_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
/* build/process config block for hashing */
ctx->h.hashBitLen = hashBitLen; /* output hash byte count */
Skein_Start_New_Type(ctx,CFG_FINAL); /* set tweaks: T0=0; T1=CFG | FINAL */
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER); /* set the schema, version */
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(SKEIN_CFG_TREE_INFO_SEQUENTIAL);
/* compute the initial chaining values from config block */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the chaining variables */
Skein_256_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized for the given hashBitLen. */
/* Set up to process the data message portion of the hash (default) */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type, h.bCnt=0 */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a MAC and/or tree hash operation */
/* [identical to Skein_256_Init() when keyBytes == 0 && treeInfo == SKEIN_CFG_TREE_INFO_SEQUENTIAL] */
int Skein_256_InitExt(Skein_256_Ctxt_t *ctx,size_t hashBitLen,u64b_t treeInfo, const u08b_t *key, size_t keyBytes)
{
uint_t i;
union
{
u08b_t b[SKEIN_256_STATE_BYTES];
u64b_t w[SKEIN_256_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
Skein_Assert(keyBytes == 0 || key != NULL,SKEIN_FAIL);
/* compute the initial chaining values ctx->X[], based on key */
if (keyBytes == 0) /* is there a key? */
{
memset(ctx->X,0,sizeof(ctx->X)); /* no key: use all zeroes as key for config block */
}
else /* here to pre-process a key */
{
Skein_assert(sizeof(cfg.b) >= sizeof(ctx->X));
/* do a mini-Init right here */
ctx->h.hashBitLen=8*sizeof(ctx->X); /* set output hash bit count = state size */
Skein_Start_New_Type(ctx,KEY); /* set tweaks: T0 = 0; T1 = KEY type */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the initial chaining variables */
Skein_256_Update(ctx,key,keyBytes); /* hash the key */
Skein_256_Final_Pad(ctx,cfg.b); /* put result into cfg.b[] */
memcpy(ctx->X,cfg.b,sizeof(cfg.b)); /* copy over into ctx->X[] */
for (i=0;i<SKEIN_256_STATE_WORDS;i++) /* convert key bytes to context words */
ctx->X[i] = Skein_Swap64(ctx->X[i]);
}
/* build/process the config block, type == CONFIG (could be precomputed for each key) */
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
Skein_Start_New_Type(ctx,CFG_FINAL);
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER);
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(treeInfo); /* tree hash config info (or SKEIN_CFG_TREE_INFO_SEQUENTIAL) */
Skein_Show_Key(256,&ctx->h,key,keyBytes);
/* compute the initial chaining values from config block */
Skein_256_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized */
/* Set up to process the data message portion of the hash */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type, h.bCnt=0 */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process the input bytes */
int Skein_256_Update(Skein_256_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt)
{
size_t n;
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* process full blocks, if any */
if (msgByteCnt + ctx->h.bCnt > SKEIN_256_BLOCK_BYTES)
{
if (ctx->h.bCnt) /* finish up any buffered message data */
{
n = SKEIN_256_BLOCK_BYTES - ctx->h.bCnt; /* # bytes free in buffer b[] */
if (n)
{
Skein_assert(n < msgByteCnt); /* check on our logic here */
memcpy(&ctx->b[ctx->h.bCnt],msg,n);
msgByteCnt -= n;
msg += n;
ctx->h.bCnt += n;
}
Skein_assert(ctx->h.bCnt == SKEIN_256_BLOCK_BYTES);
Skein_256_Process_Block(ctx,ctx->b,1,SKEIN_256_BLOCK_BYTES);
ctx->h.bCnt = 0;
}
/* now process any remaining full blocks, directly from input message data */
if (msgByteCnt > SKEIN_256_BLOCK_BYTES)
{
n = (msgByteCnt-1) / SKEIN_256_BLOCK_BYTES; /* number of full blocks to process */
Skein_256_Process_Block(ctx,msg,n,SKEIN_256_BLOCK_BYTES);
msgByteCnt -= n * SKEIN_256_BLOCK_BYTES;
msg += n * SKEIN_256_BLOCK_BYTES;
}
Skein_assert(ctx->h.bCnt == 0);
}
/* copy any remaining source message data bytes into b[] */
if (msgByteCnt)
{
Skein_assert(msgByteCnt + ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES);
memcpy(&ctx->b[ctx->h.bCnt],msg,msgByteCnt);
ctx->h.bCnt += msgByteCnt;
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the result */
int Skein_256_Final(Skein_256_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_256_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_256_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_256_BLOCK_BYTES - ctx->h.bCnt);
Skein_256_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_256_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_256_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_256_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_256_BLOCK_BYTES)
n = SKEIN_256_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_256_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN_256_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_256_API_CodeSize(void)
{
return ((u08b_t *) Skein_256_API_CodeSize) -
((u08b_t *) Skein_256_Init);
}
#endif
/*****************************************************************/
/* 512-bit Skein */
/*****************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a straight hashing operation */
int Skein_512_Init(Skein_512_Ctxt_t *ctx, size_t hashBitLen)
{
union
{
u08b_t b[SKEIN_512_STATE_BYTES];
u64b_t w[SKEIN_512_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
/* build/process config block for hashing */
ctx->h.hashBitLen = hashBitLen; /* output hash byte count */
Skein_Start_New_Type(ctx,CFG_FINAL); /* set tweaks: T0=0; T1=CFG | FINAL */
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER); /* set the schema, version */
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(SKEIN_CFG_TREE_INFO_SEQUENTIAL);
/* compute the initial chaining values from config block */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the chaining variables */
Skein_512_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized for the given hashBitLen. */
/* Set up to process the data message portion of the hash (default) */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type, h.bCnt=0 */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a MAC and/or tree hash operation */
/* [identical to Skein_512_Init() when keyBytes == 0 && treeInfo == SKEIN_CFG_TREE_INFO_SEQUENTIAL] */
int Skein_512_InitExt(Skein_512_Ctxt_t *ctx,size_t hashBitLen,u64b_t treeInfo, const u08b_t *key, size_t keyBytes)
{
uint_t i;
union
{
u08b_t b[SKEIN_512_STATE_BYTES];
u64b_t w[SKEIN_512_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
Skein_Assert(keyBytes == 0 || key != NULL,SKEIN_FAIL);
/* compute the initial chaining values ctx->X[], based on key */
if (keyBytes == 0) /* is there a key? */
{
memset(ctx->X,0,sizeof(ctx->X)); /* no key: use all zeroes as key for config block */
}
else /* here to pre-process a key */
{
Skein_assert(sizeof(cfg.b) >= sizeof(ctx->X));
/* do a mini-Init right here */
ctx->h.hashBitLen=8*sizeof(ctx->X); /* set output hash bit count = state size */
Skein_Start_New_Type(ctx,KEY); /* set tweaks: T0 = 0; T1 = KEY type */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the initial chaining variables */
Skein_512_Update(ctx,key,keyBytes); /* hash the key */
Skein_512_Final_Pad(ctx,cfg.b); /* put result into cfg.b[] */
memcpy(ctx->X,cfg.b,sizeof(cfg.b)); /* copy over into ctx->X[] */
for (i=0;i<SKEIN_512_STATE_WORDS;i++) /* convert key bytes to context words */
ctx->X[i] = Skein_Swap64(ctx->X[i]);
}
/* build/process the config block, type == CONFIG (could be precomputed for each key) */
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
Skein_Start_New_Type(ctx,CFG_FINAL);
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER);
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(treeInfo); /* tree hash config info (or SKEIN_CFG_TREE_INFO_SEQUENTIAL) */
Skein_Show_Key(512,&ctx->h,key,keyBytes);
/* compute the initial chaining values from config block */
Skein_512_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized */
/* Set up to process the data message portion of the hash */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type, h.bCnt=0 */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process the input bytes */
int Skein_512_Update(Skein_512_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt)
{
size_t n;
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* process full blocks, if any */
if (msgByteCnt + ctx->h.bCnt > SKEIN_512_BLOCK_BYTES)
{
if (ctx->h.bCnt) /* finish up any buffered message data */
{
n = SKEIN_512_BLOCK_BYTES - ctx->h.bCnt; /* # bytes free in buffer b[] */
if (n)
{
Skein_assert(n < msgByteCnt); /* check on our logic here */
memcpy(&ctx->b[ctx->h.bCnt],msg,n);
msgByteCnt -= n;
msg += n;
ctx->h.bCnt += n;
}
Skein_assert(ctx->h.bCnt == SKEIN_512_BLOCK_BYTES);
Skein_512_Process_Block(ctx,ctx->b,1,SKEIN_512_BLOCK_BYTES);
ctx->h.bCnt = 0;
}
/* now process any remaining full blocks, directly from input message data */
if (msgByteCnt > SKEIN_512_BLOCK_BYTES)
{
n = (msgByteCnt-1) / SKEIN_512_BLOCK_BYTES; /* number of full blocks to process */
Skein_512_Process_Block(ctx,msg,n,SKEIN_512_BLOCK_BYTES);
msgByteCnt -= n * SKEIN_512_BLOCK_BYTES;
msg += n * SKEIN_512_BLOCK_BYTES;
}
Skein_assert(ctx->h.bCnt == 0);
}
/* copy any remaining source message data bytes into b[] */
if (msgByteCnt)
{
Skein_assert(msgByteCnt + ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES);
memcpy(&ctx->b[ctx->h.bCnt],msg,msgByteCnt);
ctx->h.bCnt += msgByteCnt;
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the result */
int Skein_512_Final(Skein_512_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_512_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_512_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_512_BLOCK_BYTES - ctx->h.bCnt);
Skein_512_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate more output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_512_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_512_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_512_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_512_BLOCK_BYTES)
n = SKEIN_512_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_512_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(512,&ctx->h,n,hashVal+i*SKEIN_512_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_512_API_CodeSize(void)
{
return ((u08b_t *) Skein_512_API_CodeSize) -
((u08b_t *) Skein_512_Init);
}
#endif
/*****************************************************************/
/* 1024-bit Skein */
/*****************************************************************/
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a straight hashing operation */
int Skein1024_Init(Skein1024_Ctxt_t *ctx, size_t hashBitLen)
{
union
{
u08b_t b[SKEIN1024_STATE_BYTES];
u64b_t w[SKEIN1024_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
/* build/process config block for hashing */
ctx->h.hashBitLen = hashBitLen; /* output hash byte count */
Skein_Start_New_Type(ctx,CFG_FINAL); /* set tweaks: T0=0; T1=CFG | FINAL */
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER); /* set the schema, version */
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(SKEIN_CFG_TREE_INFO_SEQUENTIAL);
/* compute the initial chaining values from config block */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the chaining variables */
Skein1024_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized for the given hashBitLen. */
/* Set up to process the data message portion of the hash (default) */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type, h.bCnt=0 */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* init the context for a MAC and/or tree hash operation */
/* [identical to Skein1024_Init() when keyBytes == 0 && treeInfo == SKEIN_CFG_TREE_INFO_SEQUENTIAL] */
int Skein1024_InitExt(Skein1024_Ctxt_t *ctx,size_t hashBitLen,u64b_t treeInfo, const u08b_t *key, size_t keyBytes)
{
uint_t i;
union
{
u08b_t b[SKEIN1024_STATE_BYTES];
u64b_t w[SKEIN1024_STATE_WORDS];
} cfg; /* config block */
Skein_Assert(hashBitLen > 0,SKEIN_BAD_HASHLEN);
Skein_Assert(keyBytes == 0 || key != NULL,SKEIN_FAIL);
/* compute the initial chaining values ctx->X[], based on key */
if (keyBytes == 0) /* is there a key? */
{
memset(ctx->X,0,sizeof(ctx->X)); /* no key: use all zeroes as key for config block */
}
else /* here to pre-process a key */
{
Skein_assert(sizeof(cfg.b) >= sizeof(ctx->X));
/* do a mini-Init right here */
ctx->h.hashBitLen=8*sizeof(ctx->X); /* set output hash bit count = state size */
Skein_Start_New_Type(ctx,KEY); /* set tweaks: T0 = 0; T1 = KEY type */
memset(ctx->X,0,sizeof(ctx->X)); /* zero the initial chaining variables */
Skein1024_Update(ctx,key,keyBytes); /* hash the key */
Skein1024_Final_Pad(ctx,cfg.b); /* put result into cfg.b[] */
memcpy(ctx->X,cfg.b,sizeof(cfg.b)); /* copy over into ctx->X[] */
for (i=0;i<SKEIN1024_STATE_WORDS;i++) /* convert key bytes to context words */
ctx->X[i] = Skein_Swap64(ctx->X[i]);
}
/* build/process the config block, type == CONFIG (could be precomputed for each key) */
ctx->h.hashBitLen = hashBitLen; /* output hash bit count */
Skein_Start_New_Type(ctx,CFG_FINAL);
memset(&cfg.w,0,sizeof(cfg.w)); /* pre-pad cfg.w[] with zeroes */
cfg.w[0] = Skein_Swap64(SKEIN_SCHEMA_VER);
cfg.w[1] = Skein_Swap64(hashBitLen); /* hash result length in bits */
cfg.w[2] = Skein_Swap64(treeInfo); /* tree hash config info (or SKEIN_CFG_TREE_INFO_SEQUENTIAL) */
Skein_Show_Key(1024,&ctx->h,key,keyBytes);
/* compute the initial chaining values from config block */
Skein1024_Process_Block(ctx,cfg.b,1,SKEIN_CFG_STR_LEN);
/* The chaining vars ctx->X are now initialized */
/* Set up to process the data message portion of the hash */
Skein_Start_New_Type(ctx,MSG); /* T0=0, T1= MSG type, h.bCnt=0 */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* process the input bytes */
int Skein1024_Update(Skein1024_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt)
{
size_t n;
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* process full blocks, if any */
if (msgByteCnt + ctx->h.bCnt > SKEIN1024_BLOCK_BYTES)
{
if (ctx->h.bCnt) /* finish up any buffered message data */
{
n = SKEIN1024_BLOCK_BYTES - ctx->h.bCnt; /* # bytes free in buffer b[] */
if (n)
{
Skein_assert(n < msgByteCnt); /* check on our logic here */
memcpy(&ctx->b[ctx->h.bCnt],msg,n);
msgByteCnt -= n;
msg += n;
ctx->h.bCnt += n;
}
Skein_assert(ctx->h.bCnt == SKEIN1024_BLOCK_BYTES);
Skein1024_Process_Block(ctx,ctx->b,1,SKEIN1024_BLOCK_BYTES);
ctx->h.bCnt = 0;
}
/* now process any remaining full blocks, directly from input message data */
if (msgByteCnt > SKEIN1024_BLOCK_BYTES)
{
n = (msgByteCnt-1) / SKEIN1024_BLOCK_BYTES; /* number of full blocks to process */
Skein1024_Process_Block(ctx,msg,n,SKEIN1024_BLOCK_BYTES);
msgByteCnt -= n * SKEIN1024_BLOCK_BYTES;
msg += n * SKEIN1024_BLOCK_BYTES;
}
Skein_assert(ctx->h.bCnt == 0);
}
/* copy any remaining source message data bytes into b[] */
if (msgByteCnt)
{
Skein_assert(msgByteCnt + ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES);
memcpy(&ctx->b[ctx->h.bCnt],msg,msgByteCnt);
ctx->h.bCnt += msgByteCnt;
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the result */
int Skein1024_Final(Skein1024_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN1024_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN1024_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN1024_BLOCK_BYTES - ctx->h.bCnt);
Skein1024_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN1024_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein1024_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN1024_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN1024_BLOCK_BYTES)
n = SKEIN1024_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN1024_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(1024,&ctx->h,n,hashVal+i*SKEIN1024_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein1024_API_CodeSize(void)
{
return ((u08b_t *) Skein1024_API_CodeSize) -
((u08b_t *) Skein1024_Init);
}
#endif
/**************** Functions to support MAC/tree hashing ***************/
/* (this code is identical for Optimized and Reference versions) */
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the block, no OUTPUT stage */
int Skein_256_Final_Pad(Skein_256_Ctxt_t *ctx, u08b_t *hashVal)
{
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_256_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_256_BLOCK_BYTES - ctx->h.bCnt);
Skein_256_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
Skein_Put64_LSB_First(hashVal,ctx->X,SKEIN_256_BLOCK_BYTES); /* "output" the state bytes */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the block, no OUTPUT stage */
int Skein_512_Final_Pad(Skein_512_Ctxt_t *ctx, u08b_t *hashVal)
{
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN_512_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN_512_BLOCK_BYTES - ctx->h.bCnt);
Skein_512_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
Skein_Put64_LSB_First(hashVal,ctx->X,SKEIN_512_BLOCK_BYTES); /* "output" the state bytes */
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* finalize the hash computation and output the block, no OUTPUT stage */
int Skein1024_Final_Pad(Skein1024_Ctxt_t *ctx, u08b_t *hashVal)
{
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
ctx->h.T[1] |= SKEIN_T1_FLAG_FINAL; /* tag as the final block */
if (ctx->h.bCnt < SKEIN1024_BLOCK_BYTES) /* zero pad b[] if necessary */
memset(&ctx->b[ctx->h.bCnt],0,SKEIN1024_BLOCK_BYTES - ctx->h.bCnt);
Skein1024_Process_Block(ctx,ctx->b,1,ctx->h.bCnt); /* process the final block */
Skein_Put64_LSB_First(hashVal,ctx->X,SKEIN1024_BLOCK_BYTES); /* "output" the state bytes */
return SKEIN_SUCCESS;
}
#if SKEIN_TREE_HASH
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* just do the OUTPUT stage */
int Skein_256_Output(Skein_256_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_256_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_256_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_256_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_256_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_256_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_256_BLOCK_BYTES)
n = SKEIN_256_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_256_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN_256_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* just do the OUTPUT stage */
int Skein_512_Output(Skein_512_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN_512_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN_512_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN_512_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein_512_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN_512_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN_512_BLOCK_BYTES)
n = SKEIN_512_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN_512_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN_512_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
/*++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
/* just do the OUTPUT stage */
int Skein1024_Output(Skein1024_Ctxt_t *ctx, u08b_t *hashVal)
{
size_t i,n,byteCnt;
u64b_t X[SKEIN1024_STATE_WORDS];
Skein_Assert(ctx->h.bCnt <= SKEIN1024_BLOCK_BYTES,SKEIN_FAIL); /* catch uninitialized context */
/* now output the result */
byteCnt = (ctx->h.hashBitLen + 7) >> 3; /* total number of output bytes */
/* run Threefish in "counter mode" to generate output */
memset(ctx->b,0,sizeof(ctx->b)); /* zero out b[], so it can hold the counter */
memcpy(X,ctx->X,sizeof(X)); /* keep a local copy of counter mode "key" */
for (i=0;i*SKEIN1024_BLOCK_BYTES < byteCnt;i++)
{
((u64b_t *)ctx->b)[0]= Skein_Swap64((u64b_t) i); /* build the counter block */
Skein_Start_New_Type(ctx,OUT_FINAL);
Skein1024_Process_Block(ctx,ctx->b,1,sizeof(u64b_t)); /* run "counter mode" */
n = byteCnt - i*SKEIN1024_BLOCK_BYTES; /* number of output bytes left to go */
if (n >= SKEIN1024_BLOCK_BYTES)
n = SKEIN1024_BLOCK_BYTES;
Skein_Put64_LSB_First(hashVal+i*SKEIN1024_BLOCK_BYTES,ctx->X,n); /* "output" the ctr mode bytes */
Skein_Show_Final(256,&ctx->h,n,hashVal+i*SKEIN1024_BLOCK_BYTES);
memcpy(ctx->X,X,sizeof(X)); /* restore the counter mode key for next time */
}
return SKEIN_SUCCESS;
}
#endif

327
Reference_Implementation/skein.h Normal file
View File

@ -0,0 +1,327 @@
#ifndef _SKEIN_H_
#define _SKEIN_H_ 1
/**************************************************************************
**
** Interface declarations and internal definitions for Skein hashing.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
***************************************************************************
**
** The following compile-time switches may be defined to control some
** tradeoffs between speed, code size, error checking, and security.
**
** The "default" note explains what happens when the switch is not defined.
**
** SKEIN_DEBUG -- make callouts from inside Skein code
** to examine/display intermediate values.
** [default: no callouts (no overhead)]
**
** SKEIN_ERR_CHECK -- how error checking is handled inside Skein
** code. If not defined, most error checking
** is disabled (for performance). Otherwise,
** the switch value is interpreted as:
** 0: use assert() to flag errors
** 1: return SKEIN_FAIL to flag errors
**
***************************************************************************/
#ifdef __cplusplus
extern "C"
{
#endif
#include <stddef.h> /* get size_t definition */
#include "skein_port.h" /* get platform-specific definitions */
enum
{
SKEIN_SUCCESS = 0, /* return codes from Skein calls */
SKEIN_FAIL = 1,
SKEIN_BAD_HASHLEN = 2
};
#define SKEIN_MODIFIER_WORDS ( 2) /* number of modifier (tweak) words */
#define SKEIN_256_STATE_WORDS ( 4)
#define SKEIN_512_STATE_WORDS ( 8)
#define SKEIN1024_STATE_WORDS (16)
#define SKEIN_MAX_STATE_WORDS (16)
#define SKEIN_256_STATE_BYTES ( 8*SKEIN_256_STATE_WORDS)
#define SKEIN_512_STATE_BYTES ( 8*SKEIN_512_STATE_WORDS)
#define SKEIN1024_STATE_BYTES ( 8*SKEIN1024_STATE_WORDS)
#define SKEIN_256_STATE_BITS (64*SKEIN_256_STATE_WORDS)
#define SKEIN_512_STATE_BITS (64*SKEIN_512_STATE_WORDS)
#define SKEIN1024_STATE_BITS (64*SKEIN1024_STATE_WORDS)
#define SKEIN_256_BLOCK_BYTES ( 8*SKEIN_256_STATE_WORDS)
#define SKEIN_512_BLOCK_BYTES ( 8*SKEIN_512_STATE_WORDS)
#define SKEIN1024_BLOCK_BYTES ( 8*SKEIN1024_STATE_WORDS)
typedef struct
{
size_t hashBitLen; /* size of hash result, in bits */
size_t bCnt; /* current byte count in buffer b[] */
u64b_t T[SKEIN_MODIFIER_WORDS]; /* tweak words: T[0]=byte cnt, T[1]=flags */
} Skein_Ctxt_Hdr_t;
typedef struct /* 256-bit Skein hash context structure */
{
Skein_Ctxt_Hdr_t h; /* common header context variables */
u64b_t X[SKEIN_256_STATE_WORDS]; /* chaining variables */
u08b_t b[SKEIN_256_BLOCK_BYTES]; /* partial block buffer (8-byte aligned) */
} Skein_256_Ctxt_t;
typedef struct /* 512-bit Skein hash context structure */
{
Skein_Ctxt_Hdr_t h; /* common header context variables */
u64b_t X[SKEIN_512_STATE_WORDS]; /* chaining variables */
u08b_t b[SKEIN_512_BLOCK_BYTES]; /* partial block buffer (8-byte aligned) */
} Skein_512_Ctxt_t;
typedef struct /* 1024-bit Skein hash context structure */
{
Skein_Ctxt_Hdr_t h; /* common header context variables */
u64b_t X[SKEIN1024_STATE_WORDS]; /* chaining variables */
u08b_t b[SKEIN1024_BLOCK_BYTES]; /* partial block buffer (8-byte aligned) */
} Skein1024_Ctxt_t;
/* Skein APIs for (incremental) "straight hashing" */
int Skein_256_Init (Skein_256_Ctxt_t *ctx, size_t hashBitLen);
int Skein_512_Init (Skein_512_Ctxt_t *ctx, size_t hashBitLen);
int Skein1024_Init (Skein1024_Ctxt_t *ctx, size_t hashBitLen);
int Skein_256_Update(Skein_256_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt);
int Skein_512_Update(Skein_512_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt);
int Skein1024_Update(Skein1024_Ctxt_t *ctx, const u08b_t *msg, size_t msgByteCnt);
int Skein_256_Final (Skein_256_Ctxt_t *ctx, u08b_t * hashVal);
int Skein_512_Final (Skein_512_Ctxt_t *ctx, u08b_t * hashVal);
int Skein1024_Final (Skein1024_Ctxt_t *ctx, u08b_t * hashVal);
/*
** Skein APIs for "extended" initialization: MAC keys, tree hashing.
** After an InitExt() call, just use Update/Final calls as with Init().
**
** Notes: Same parameters as _Init() calls, plus treeInfo/key/keyBytes.
** When keyBytes == 0 and treeInfo == SKEIN_SEQUENTIAL,
** the results of InitExt() are identical to calling Init().
** The function Init() may be called once to "precompute" the IV for
** a given hashBitLen value, then by saving a copy of the context
** the IV computation may be avoided in later calls.
** Similarly, the function InitExt() may be called once per MAC key
** to precompute the MAC IV, then a copy of the context saved and
** reused for each new MAC computation.
**/
int Skein_256_InitExt(Skein_256_Ctxt_t *ctx, size_t hashBitLen, u64b_t treeInfo, const u08b_t *key, size_t keyBytes);
int Skein_512_InitExt(Skein_512_Ctxt_t *ctx, size_t hashBitLen, u64b_t treeInfo, const u08b_t *key, size_t keyBytes);
int Skein1024_InitExt(Skein1024_Ctxt_t *ctx, size_t hashBitLen, u64b_t treeInfo, const u08b_t *key, size_t keyBytes);
/*
** Skein APIs for MAC and tree hash:
** Final_Pad: pad, do final block, but no OUTPUT type
** Output: do just the output stage
*/
int Skein_256_Final_Pad(Skein_256_Ctxt_t *ctx, u08b_t * hashVal);
int Skein_512_Final_Pad(Skein_512_Ctxt_t *ctx, u08b_t * hashVal);
int Skein1024_Final_Pad(Skein1024_Ctxt_t *ctx, u08b_t * hashVal);
#ifndef SKEIN_TREE_HASH
#define SKEIN_TREE_HASH (1)
#endif
#if SKEIN_TREE_HASH
int Skein_256_Output (Skein_256_Ctxt_t *ctx, u08b_t * hashVal);
int Skein_512_Output (Skein_512_Ctxt_t *ctx, u08b_t * hashVal);
int Skein1024_Output (Skein1024_Ctxt_t *ctx, u08b_t * hashVal);
#endif
/*****************************************************************
** "Internal" Skein definitions
** -- not needed for sequential hashing API, but will be
** helpful for other uses of Skein (e.g., tree hash mode).
** -- included here so that they can be shared between
** reference and optimized code.
******************************************************************/
/* tweak word T[1]: bit field starting positions */
#define SKEIN_T1_BIT(BIT) ((BIT) - 64) /* offset 64 because it's the second word */
#define SKEIN_T1_POS_TREE_LVL SKEIN_T1_BIT(112) /* bits 112..118: level in hash tree */
#define SKEIN_T1_POS_BIT_PAD SKEIN_T1_BIT(119) /* bit 119 : partial final input byte */
#define SKEIN_T1_POS_BLK_TYPE SKEIN_T1_BIT(120) /* bits 120..125: type field */
#define SKEIN_T1_POS_FIRST SKEIN_T1_BIT(126) /* bits 126 : first block flag */
#define SKEIN_T1_POS_FINAL SKEIN_T1_BIT(127) /* bit 127 : final block flag */
/* tweak word T[1]: flag bit definition(s) */
#define SKEIN_T1_FLAG_FIRST (((u64b_t) 1 ) << SKEIN_T1_POS_FIRST)
#define SKEIN_T1_FLAG_FINAL (((u64b_t) 1 ) << SKEIN_T1_POS_FINAL)
#define SKEIN_T1_FLAG_BIT_PAD (((u64b_t) 1 ) << SKEIN_T1_POS_BIT_PAD)
/* tweak word T[1]: tree level bit field mask */
#define SKEIN_T1_TREE_LVL_MASK (((u64b_t)0x7F) << SKEIN_T1_POS_TREE_LVL)
#define SKEIN_T1_TREE_LEVEL(n) (((u64b_t) (n)) << SKEIN_T1_POS_TREE_LVL)
/* tweak word T[1]: block type field */
#define SKEIN_BLK_TYPE_KEY ( 0) /* key, for MAC and KDF */
#define SKEIN_BLK_TYPE_CFG ( 4) /* configuration block */
#define SKEIN_BLK_TYPE_PERS ( 8) /* personalization string */
#define SKEIN_BLK_TYPE_PK (12) /* public key (for digital signature hashing) */
#define SKEIN_BLK_TYPE_KDF (16) /* key identifier for KDF */
#define SKEIN_BLK_TYPE_NONCE (20) /* nonce for PRNG */
#define SKEIN_BLK_TYPE_MSG (48) /* message processing */
#define SKEIN_BLK_TYPE_OUT (63) /* output stage */
#define SKEIN_BLK_TYPE_MASK (63) /* bit field mask */
#define SKEIN_T1_BLK_TYPE(T) (((u64b_t) (SKEIN_BLK_TYPE_##T)) << SKEIN_T1_POS_BLK_TYPE)
#define SKEIN_T1_BLK_TYPE_KEY SKEIN_T1_BLK_TYPE(KEY) /* key, for MAC and KDF */
#define SKEIN_T1_BLK_TYPE_CFG SKEIN_T1_BLK_TYPE(CFG) /* configuration block */
#define SKEIN_T1_BLK_TYPE_PERS SKEIN_T1_BLK_TYPE(PERS) /* personalization string */
#define SKEIN_T1_BLK_TYPE_PK SKEIN_T1_BLK_TYPE(PK) /* public key (for digital signature hashing) */
#define SKEIN_T1_BLK_TYPE_KDF SKEIN_T1_BLK_TYPE(KDF) /* key identifier for KDF */
#define SKEIN_T1_BLK_TYPE_NONCE SKEIN_T1_BLK_TYPE(NONCE)/* nonce for PRNG */
#define SKEIN_T1_BLK_TYPE_MSG SKEIN_T1_BLK_TYPE(MSG) /* message processing */
#define SKEIN_T1_BLK_TYPE_OUT SKEIN_T1_BLK_TYPE(OUT) /* output stage */
#define SKEIN_T1_BLK_TYPE_MASK SKEIN_T1_BLK_TYPE(MASK) /* field bit mask */
#define SKEIN_T1_BLK_TYPE_CFG_FINAL (SKEIN_T1_BLK_TYPE_CFG | SKEIN_T1_FLAG_FINAL)
#define SKEIN_T1_BLK_TYPE_OUT_FINAL (SKEIN_T1_BLK_TYPE_OUT | SKEIN_T1_FLAG_FINAL)
#define SKEIN_VERSION (1)
#ifndef SKEIN_ID_STRING_LE /* allow compile-time personalization */
#define SKEIN_ID_STRING_LE (0x33414853) /* "SHA3" (little-endian)*/
#endif
#define SKEIN_MK_64(hi32,lo32) ((lo32) + (((u64b_t) (hi32)) << 32))
#define SKEIN_SCHEMA_VER SKEIN_MK_64(SKEIN_VERSION,SKEIN_ID_STRING_LE)
#define SKEIN_KS_PARITY SKEIN_MK_64(0x1BD11BDA,0xA9FC1A22)
#define SKEIN_CFG_STR_LEN (4*8)
/* bit field definitions in config block treeInfo word */
#define SKEIN_CFG_TREE_LEAF_SIZE_POS ( 0)
#define SKEIN_CFG_TREE_NODE_SIZE_POS ( 8)
#define SKEIN_CFG_TREE_MAX_LEVEL_POS (16)
#define SKEIN_CFG_TREE_LEAF_SIZE_MSK (((u64b_t) 0xFF) << SKEIN_CFG_TREE_LEAF_SIZE_POS)
#define SKEIN_CFG_TREE_NODE_SIZE_MSK (((u64b_t) 0xFF) << SKEIN_CFG_TREE_NODE_SIZE_POS)
#define SKEIN_CFG_TREE_MAX_LEVEL_MSK (((u64b_t) 0xFF) << SKEIN_CFG_TREE_MAX_LEVEL_POS)
#define SKEIN_CFG_TREE_INFO(leaf,node,maxLvl) \
( (((u64b_t)(leaf )) << SKEIN_CFG_TREE_LEAF_SIZE_POS) | \
(((u64b_t)(node )) << SKEIN_CFG_TREE_NODE_SIZE_POS) | \
(((u64b_t)(maxLvl)) << SKEIN_CFG_TREE_MAX_LEVEL_POS) )
#define SKEIN_CFG_TREE_INFO_SEQUENTIAL SKEIN_CFG_TREE_INFO(0,0,0) /* use as treeInfo in InitExt() call for sequential processing */
/*
** Skein macros for getting/setting tweak words, etc.
** These are useful for partial input bytes, hash tree init/update, etc.
**/
#define Skein_Get_Tweak(ctxPtr,TWK_NUM) ((ctxPtr)->h.T[TWK_NUM])
#define Skein_Set_Tweak(ctxPtr,TWK_NUM,tVal) {(ctxPtr)->h.T[TWK_NUM] = (tVal);}
#define Skein_Get_T0(ctxPtr) Skein_Get_Tweak(ctxPtr,0)
#define Skein_Get_T1(ctxPtr) Skein_Get_Tweak(ctxPtr,1)
#define Skein_Set_T0(ctxPtr,T0) Skein_Set_Tweak(ctxPtr,0,T0)
#define Skein_Set_T1(ctxPtr,T1) Skein_Set_Tweak(ctxPtr,1,T1)
/* set both tweak words at once */
#define Skein_Set_T0_T1(ctxPtr,T0,T1) \
{ \
Skein_Set_T0(ctxPtr,(T0)); \
Skein_Set_T1(ctxPtr,(T1)); \
}
#define Skein_Set_Type(ctxPtr,BLK_TYPE) \
Skein_Set_T1(ctxPtr,SKEIN_T1_BLK_TYPE_##BLK_TYPE)
/* set up for starting with a new type: h.T[0]=0; h.T[1] = NEW_TYPE; h.bCnt=0; */
#define Skein_Start_New_Type(ctxPtr,BLK_TYPE) \
{ Skein_Set_T0_T1(ctxPtr,0,SKEIN_T1_FLAG_FIRST | SKEIN_T1_BLK_TYPE_##BLK_TYPE); (ctxPtr)->h.bCnt=0; }
#define Skein_Clear_First_Flag(hdr) { (hdr).T[1] &= ~SKEIN_T1_FLAG_FIRST; }
#define Skein_Set_Bit_Pad_Flag(hdr) { (hdr).T[1] |= SKEIN_T1_FLAG_BIT_PAD; }
#define Skein_Set_Tree_Level(hdr,height) { (hdr).T[1] |= SKEIN_T1_TREE_LEVEL(height);}
/*****************************************************************
** "Internal" Skein definitions for debugging and error checking
******************************************************************/
#ifdef SKEIN_DEBUG /* examine/display intermediate values? */
#include "skein_debug.h"
#else /* default is no callouts */
#define Skein_Show_Block(bits,ctx,X,blkPtr,wPtr,ksEvenPtr,ksOddPtr)
#define Skein_Show_Round(bits,ctx,r,X)
#define Skein_Show_R_Ptr(bits,ctx,r,X_ptr)
#define Skein_Show_Final(bits,ctx,cnt,outPtr)
#define Skein_Show_Key(bits,ctx,key,keyBytes)
#endif
#ifndef SKEIN_ERR_CHECK /* run-time checks (e.g., bad params, uninitialized context)? */
#define Skein_Assert(x,retCode)/* default: ignore all Asserts, for performance */
#define Skein_assert(x)
#elif defined(SKEIN_ASSERT)
#include <assert.h>
#define Skein_Assert(x,retCode) assert(x)
#define Skein_assert(x) assert(x)
#else
#include <assert.h>
#define Skein_Assert(x,retCode) { if (!(x)) return retCode; } /* caller error */
#define Skein_assert(x) assert(x) /* internal error */
#endif
/*****************************************************************
** Skein block function constants (shared across Ref and Opt code)
******************************************************************/
enum
{
/* Skein_256 round rotation constants */
R_256_0_0=14, R_256_0_1=16,
R_256_1_0=52, R_256_1_1=57,
R_256_2_0=23, R_256_2_1=40,
R_256_3_0= 5, R_256_3_1=37,
R_256_4_0=25, R_256_4_1=33,
R_256_5_0=46, R_256_5_1=12,
R_256_6_0=58, R_256_6_1=22,
R_256_7_0=32, R_256_7_1=32,
/* Skein_512 round rotation constants */
R_512_0_0=46, R_512_0_1=36, R_512_0_2=19, R_512_0_3=37,
R_512_1_0=33, R_512_1_1=27, R_512_1_2=14, R_512_1_3=42,
R_512_2_0=17, R_512_2_1=49, R_512_2_2=36, R_512_2_3=39,
R_512_3_0=44, R_512_3_1= 9, R_512_3_2=54, R_512_3_3=56,
R_512_4_0=39, R_512_4_1=30, R_512_4_2=34, R_512_4_3=24,
R_512_5_0=13, R_512_5_1=50, R_512_5_2=10, R_512_5_3=17,
R_512_6_0=25, R_512_6_1=29, R_512_6_2=39, R_512_6_3=43,
R_512_7_0= 8, R_512_7_1=35, R_512_7_2=56, R_512_7_3=22,
/* Skein1024 round rotation constants */
R1024_0_0=24, R1024_0_1=13, R1024_0_2= 8, R1024_0_3=47, R1024_0_4= 8, R1024_0_5=17, R1024_0_6=22, R1024_0_7=37,
R1024_1_0=38, R1024_1_1=19, R1024_1_2=10, R1024_1_3=55, R1024_1_4=49, R1024_1_5=18, R1024_1_6=23, R1024_1_7=52,
R1024_2_0=33, R1024_2_1= 4, R1024_2_2=51, R1024_2_3=13, R1024_2_4=34, R1024_2_5=41, R1024_2_6=59, R1024_2_7=17,
R1024_3_0= 5, R1024_3_1=20, R1024_3_2=48, R1024_3_3=41, R1024_3_4=47, R1024_3_5=28, R1024_3_6=16, R1024_3_7=25,
R1024_4_0=41, R1024_4_1= 9, R1024_4_2=37, R1024_4_3=31, R1024_4_4=12, R1024_4_5=47, R1024_4_6=44, R1024_4_7=30,
R1024_5_0=16, R1024_5_1=34, R1024_5_2=56, R1024_5_3=51, R1024_5_4= 4, R1024_5_5=53, R1024_5_6=42, R1024_5_7=41,
R1024_6_0=31, R1024_6_1=44, R1024_6_2=47, R1024_6_3=46, R1024_6_4=19, R1024_6_5=42, R1024_6_6=44, R1024_6_7=25,
R1024_7_0= 9, R1024_7_1=48, R1024_7_2=35, R1024_7_3=52, R1024_7_4=23, R1024_7_5=31, R1024_7_6=37, R1024_7_7=20
};
#ifndef SKEIN_ROUNDS
#define SKEIN_256_ROUNDS_TOTAL (72) /* number of rounds for the different block sizes */
#define SKEIN_512_ROUNDS_TOTAL (72)
#define SKEIN1024_ROUNDS_TOTAL (80)
#else /* allow command-line define in range 8*(5..14) */
#define SKEIN_256_ROUNDS_TOTAL (8*((((SKEIN_ROUNDS/100) + 5) % 10) + 5))
#define SKEIN_512_ROUNDS_TOTAL (8*((((SKEIN_ROUNDS/ 10) + 5) % 10) + 5))
#define SKEIN1024_ROUNDS_TOTAL (8*((((SKEIN_ROUNDS ) + 5) % 10) + 5))
#endif
#ifdef __cplusplus
}
#endif
#endif /* ifndef _SKEIN_H_ */

369
Reference_Implementation/skein_block.c Normal file
View File

@ -0,0 +1,369 @@
/***********************************************************************
**
** Implementation of the Skein block functions.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
** Compile-time switches:
**
** SKEIN_USE_ASM -- set bits (256/512/1024) to select which
** versions use ASM code for block processing
** [default: use C for all block sizes]
**
************************************************************************/
#include <string.h>
#include "skein.h"
/* 64-bit rotate left */
u64b_t RotL_64(u64b_t x,uint_t N)
{
return (x << (N & 63)) | (x >> ((64-N) & 63));
}
#define BLK_BITS (WCNT*64)
/* macro to perform a key injection (same for all block sizes) */
#define InjectKey(r) \
for (i=0;i < WCNT;i++) \
X[i] += ks[((r)+i) % (WCNT+1)]; \
X[WCNT-3] += ts[((r)+0) % 3]; \
X[WCNT-2] += ts[((r)+1) % 3]; \
X[WCNT-1] += (r); /* avoid slide attacks */ \
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INJECT,X);
void Skein_256_Process_Block(Skein_256_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd)
{ /* do it in C */
enum
{
WCNT = SKEIN_256_STATE_WORDS
};
size_t i,r;
u64b_t ts[3]; /* key schedule: tweak */
u64b_t ks[WCNT+1]; /* key schedule: chaining vars */
u64b_t X [WCNT]; /* local copy of context vars */
u64b_t w [WCNT]; /* local copy of input block */
Skein_assert(blkCnt != 0); /* never call with blkCnt == 0! */
do {
/* this implementation only supports 2**64 input bytes (no carry out here) */
ctx->h.T[0] += byteCntAdd; /* update processed length */
/* precompute the key schedule for this block */
ks[WCNT] = SKEIN_KS_PARITY;
for (i=0;i < WCNT; i++)
{
ks[i] = ctx->X[i];
ks[WCNT] ^= ctx->X[i]; /* compute overall parity */
}
ts[0] = ctx->h.T[0];
ts[1] = ctx->h.T[1];
ts[2] = ts[0] ^ ts[1];
Skein_Get64_LSB_First(w,blkPtr,WCNT); /* get input block in little-endian format */
Skein_Show_Block(BLK_BITS,&ctx->h,ctx->X,blkPtr,w,ks,ts);
for (i=0;i < WCNT; i++) /* do the first full key injection */
{
X[i] = w[i] + ks[i];
}
X[WCNT-3] += ts[0];
X[WCNT-2] += ts[1];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INITIAL,X); /* show starting state values */
for (r=1;r <= SKEIN_256_ROUNDS_TOTAL/8; r++)
{ /* unroll 8 rounds */
X[0] += X[1]; X[1] = RotL_64(X[1],R_256_0_0); X[1] ^= X[0];
X[2] += X[3]; X[3] = RotL_64(X[3],R_256_0_1); X[3] ^= X[2]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-7,X);
X[0] += X[3]; X[3] = RotL_64(X[3],R_256_1_0); X[3] ^= X[0];
X[2] += X[1]; X[1] = RotL_64(X[1],R_256_1_1); X[1] ^= X[2]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-6,X);
X[0] += X[1]; X[1] = RotL_64(X[1],R_256_2_0); X[1] ^= X[0];
X[2] += X[3]; X[3] = RotL_64(X[3],R_256_2_1); X[3] ^= X[2]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-5,X);
X[0] += X[3]; X[3] = RotL_64(X[3],R_256_3_0); X[3] ^= X[0];
X[2] += X[1]; X[1] = RotL_64(X[1],R_256_3_1); X[1] ^= X[2]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-4,X);
InjectKey(2*r-1);
X[0] += X[1]; X[1] = RotL_64(X[1],R_256_4_0); X[1] ^= X[0];
X[2] += X[3]; X[3] = RotL_64(X[3],R_256_4_1); X[3] ^= X[2]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-3,X);
X[0] += X[3]; X[3] = RotL_64(X[3],R_256_5_0); X[3] ^= X[0];
X[2] += X[1]; X[1] = RotL_64(X[1],R_256_5_1); X[1] ^= X[2]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-2,X);
X[0] += X[1]; X[1] = RotL_64(X[1],R_256_6_0); X[1] ^= X[0];
X[2] += X[3]; X[3] = RotL_64(X[3],R_256_6_1); X[3] ^= X[2]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-1,X);
X[0] += X[3]; X[3] = RotL_64(X[3],R_256_7_0); X[3] ^= X[0];
X[2] += X[1]; X[1] = RotL_64(X[1],R_256_7_1); X[1] ^= X[2]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r ,X);
InjectKey(2*r);
}
/* do the final "feedforward" xor, update context chaining vars */
for (i=0;i < WCNT;i++)
ctx->X[i] = X[i] ^ w[i];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_FEED_FWD,ctx->X);
Skein_Clear_First_Flag(ctx->h); /* clear the start bit */
blkPtr += SKEIN_256_BLOCK_BYTES;
}
while (--blkCnt);
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_256_Process_Block_CodeSize(void)
{
return ((u08b_t *) Skein_256_Process_Block_CodeSize) -
((u08b_t *) Skein_256_Process_Block);
}
uint_t Skein_256_Unroll_Cnt(void)
{
return 1;
}
#endif
void Skein_512_Process_Block(Skein_512_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd)
{ /* do it in C */
enum
{
WCNT = SKEIN_512_STATE_WORDS
};
size_t i,r;
u64b_t ts[3]; /* key schedule: tweak */
u64b_t ks[WCNT+1]; /* key schedule: chaining vars */
u64b_t X [WCNT]; /* local copy of vars */
u64b_t w [WCNT]; /* local copy of input block */
Skein_assert(blkCnt != 0); /* never call with blkCnt == 0! */
do {
/* this implementation only supports 2**64 input bytes (no carry out here) */
ctx->h.T[0] += byteCntAdd; /* update processed length */
/* precompute the key schedule for this block */
ks[WCNT] = SKEIN_KS_PARITY;
for (i=0;i < WCNT; i++)
{
ks[i] = ctx->X[i];
ks[WCNT] ^= ctx->X[i]; /* compute overall parity */
}
ts[0] = ctx->h.T[0];
ts[1] = ctx->h.T[1];
ts[2] = ts[0] ^ ts[1];
Skein_Get64_LSB_First(w,blkPtr,WCNT); /* get input block in little-endian format */
Skein_Show_Block(BLK_BITS,&ctx->h,ctx->X,blkPtr,w,ks,ts);
for (i=0;i < WCNT; i++) /* do the first full key injection */
{
X[i] = w[i] + ks[i];
}
X[WCNT-3] += ts[0];
X[WCNT-2] += ts[1];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INITIAL,X);
for (r=1;r <= SKEIN_512_ROUNDS_TOTAL/8; r++)
{ /* unroll 8 rounds */
X[0] += X[1]; X[1] = RotL_64(X[1],R_512_0_0); X[1] ^= X[0];
X[2] += X[3]; X[3] = RotL_64(X[3],R_512_0_1); X[3] ^= X[2];
X[4] += X[5]; X[5] = RotL_64(X[5],R_512_0_2); X[5] ^= X[4];
X[6] += X[7]; X[7] = RotL_64(X[7],R_512_0_3); X[7] ^= X[6]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-7,X);
X[2] += X[1]; X[1] = RotL_64(X[1],R_512_1_0); X[1] ^= X[2];
X[4] += X[7]; X[7] = RotL_64(X[7],R_512_1_1); X[7] ^= X[4];
X[6] += X[5]; X[5] = RotL_64(X[5],R_512_1_2); X[5] ^= X[6];
X[0] += X[3]; X[3] = RotL_64(X[3],R_512_1_3); X[3] ^= X[0]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-6,X);
X[4] += X[1]; X[1] = RotL_64(X[1],R_512_2_0); X[1] ^= X[4];
X[6] += X[3]; X[3] = RotL_64(X[3],R_512_2_1); X[3] ^= X[6];
X[0] += X[5]; X[5] = RotL_64(X[5],R_512_2_2); X[5] ^= X[0];
X[2] += X[7]; X[7] = RotL_64(X[7],R_512_2_3); X[7] ^= X[2]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-5,X);
X[6] += X[1]; X[1] = RotL_64(X[1],R_512_3_0); X[1] ^= X[6];
X[0] += X[7]; X[7] = RotL_64(X[7],R_512_3_1); X[7] ^= X[0];
X[2] += X[5]; X[5] = RotL_64(X[5],R_512_3_2); X[5] ^= X[2];
X[4] += X[3]; X[3] = RotL_64(X[3],R_512_3_3); X[3] ^= X[4]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-4,X);
InjectKey(2*r-1);
X[0] += X[1]; X[1] = RotL_64(X[1],R_512_4_0); X[1] ^= X[0];
X[2] += X[3]; X[3] = RotL_64(X[3],R_512_4_1); X[3] ^= X[2];
X[4] += X[5]; X[5] = RotL_64(X[5],R_512_4_2); X[5] ^= X[4];
X[6] += X[7]; X[7] = RotL_64(X[7],R_512_4_3); X[7] ^= X[6]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-3,X);
X[2] += X[1]; X[1] = RotL_64(X[1],R_512_5_0); X[1] ^= X[2];
X[4] += X[7]; X[7] = RotL_64(X[7],R_512_5_1); X[7] ^= X[4];
X[6] += X[5]; X[5] = RotL_64(X[5],R_512_5_2); X[5] ^= X[6];
X[0] += X[3]; X[3] = RotL_64(X[3],R_512_5_3); X[3] ^= X[0]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-2,X);
X[4] += X[1]; X[1] = RotL_64(X[1],R_512_6_0); X[1] ^= X[4];
X[6] += X[3]; X[3] = RotL_64(X[3],R_512_6_1); X[3] ^= X[6];
X[0] += X[5]; X[5] = RotL_64(X[5],R_512_6_2); X[5] ^= X[0];
X[2] += X[7]; X[7] = RotL_64(X[7],R_512_6_3); X[7] ^= X[2]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-1,X);
X[6] += X[1]; X[1] = RotL_64(X[1],R_512_7_0); X[1] ^= X[6];
X[0] += X[7]; X[7] = RotL_64(X[7],R_512_7_1); X[7] ^= X[0];
X[2] += X[5]; X[5] = RotL_64(X[5],R_512_7_2); X[5] ^= X[2];
X[4] += X[3]; X[3] = RotL_64(X[3],R_512_7_3); X[3] ^= X[4]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r ,X);
InjectKey(2*r);
}
/* do the final "feedforward" xor, update context chaining vars */
for (i=0;i < WCNT;i++)
ctx->X[i] = X[i] ^ w[i];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_FEED_FWD,ctx->X);
Skein_Clear_First_Flag(ctx->h); /* clear the start bit */
blkPtr += SKEIN_512_BLOCK_BYTES;
}
while (--blkCnt);
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein_512_Process_Block_CodeSize(void)
{
return ((u08b_t *) Skein_512_Process_Block_CodeSize) -
((u08b_t *) Skein_512_Process_Block);
}
uint_t Skein_512_Unroll_Cnt(void)
{
return 1;
}
#endif
void Skein1024_Process_Block(Skein1024_Ctxt_t *ctx,const u08b_t *blkPtr,size_t blkCnt,size_t byteCntAdd)
{ /* do it in C */
enum
{
WCNT = SKEIN1024_STATE_WORDS
};
size_t i,r;
u64b_t ts[3]; /* key schedule: tweak */
u64b_t ks[WCNT+1]; /* key schedule: chaining vars */
u64b_t X [WCNT]; /* local copy of vars */
u64b_t w [WCNT]; /* local copy of input block */
Skein_assert(blkCnt != 0); /* never call with blkCnt == 0! */
do {
/* this implementation only supports 2**64 input bytes (no carry out here) */
ctx->h.T[0] += byteCntAdd; /* update processed length */
/* precompute the key schedule for this block */
ks[WCNT] = SKEIN_KS_PARITY;
for (i=0;i < WCNT; i++)
{
ks[i] = ctx->X[i];
ks[WCNT] ^= ctx->X[i]; /* compute overall parity */
}
ts[0] = ctx->h.T[0];
ts[1] = ctx->h.T[1];
ts[2] = ts[0] ^ ts[1];
Skein_Get64_LSB_First(w,blkPtr,WCNT); /* get input block in little-endian format */
Skein_Show_Block(BLK_BITS,&ctx->h,ctx->X,blkPtr,w,ks,ts);
for (i=0;i < WCNT; i++) /* do the first full key injection */
{
X[i] = w[i] + ks[i];
}
X[WCNT-3] += ts[0];
X[WCNT-2] += ts[1];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_KEY_INITIAL,X); /* show starting state values */
for (r=1;r <= SKEIN1024_ROUNDS_TOTAL/8; r++)
{ /* unroll 8 rounds */
X[ 0] += X[ 1]; X[ 1] = RotL_64(X[ 1],R1024_0_0); X[ 1] ^= X[ 0];
X[ 2] += X[ 3]; X[ 3] = RotL_64(X[ 3],R1024_0_1); X[ 3] ^= X[ 2];
X[ 4] += X[ 5]; X[ 5] = RotL_64(X[ 5],R1024_0_2); X[ 5] ^= X[ 4];
X[ 6] += X[ 7]; X[ 7] = RotL_64(X[ 7],R1024_0_3); X[ 7] ^= X[ 6];
X[ 8] += X[ 9]; X[ 9] = RotL_64(X[ 9],R1024_0_4); X[ 9] ^= X[ 8];
X[10] += X[11]; X[11] = RotL_64(X[11],R1024_0_5); X[11] ^= X[10];
X[12] += X[13]; X[13] = RotL_64(X[13],R1024_0_6); X[13] ^= X[12];
X[14] += X[15]; X[15] = RotL_64(X[15],R1024_0_7); X[15] ^= X[14]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-7,X);
X[ 0] += X[ 9]; X[ 9] = RotL_64(X[ 9],R1024_1_0); X[ 9] ^= X[ 0];
X[ 2] += X[13]; X[13] = RotL_64(X[13],R1024_1_1); X[13] ^= X[ 2];
X[ 6] += X[11]; X[11] = RotL_64(X[11],R1024_1_2); X[11] ^= X[ 6];
X[ 4] += X[15]; X[15] = RotL_64(X[15],R1024_1_3); X[15] ^= X[ 4];
X[10] += X[ 7]; X[ 7] = RotL_64(X[ 7],R1024_1_4); X[ 7] ^= X[10];
X[12] += X[ 3]; X[ 3] = RotL_64(X[ 3],R1024_1_5); X[ 3] ^= X[12];
X[14] += X[ 5]; X[ 5] = RotL_64(X[ 5],R1024_1_6); X[ 5] ^= X[14];
X[ 8] += X[ 1]; X[ 1] = RotL_64(X[ 1],R1024_1_7); X[ 1] ^= X[ 8]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-6,X);
X[ 0] += X[ 7]; X[ 7] = RotL_64(X[ 7],R1024_2_0); X[ 7] ^= X[ 0];
X[ 2] += X[ 5]; X[ 5] = RotL_64(X[ 5],R1024_2_1); X[ 5] ^= X[ 2];
X[ 4] += X[ 3]; X[ 3] = RotL_64(X[ 3],R1024_2_2); X[ 3] ^= X[ 4];
X[ 6] += X[ 1]; X[ 1] = RotL_64(X[ 1],R1024_2_3); X[ 1] ^= X[ 6];
X[12] += X[15]; X[15] = RotL_64(X[15],R1024_2_4); X[15] ^= X[12];
X[14] += X[13]; X[13] = RotL_64(X[13],R1024_2_5); X[13] ^= X[14];
X[ 8] += X[11]; X[11] = RotL_64(X[11],R1024_2_6); X[11] ^= X[ 8];
X[10] += X[ 9]; X[ 9] = RotL_64(X[ 9],R1024_2_7); X[ 9] ^= X[10]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-5,X);
X[ 0] += X[15]; X[15] = RotL_64(X[15],R1024_3_0); X[15] ^= X[ 0];
X[ 2] += X[11]; X[11] = RotL_64(X[11],R1024_3_1); X[11] ^= X[ 2];
X[ 6] += X[13]; X[13] = RotL_64(X[13],R1024_3_2); X[13] ^= X[ 6];
X[ 4] += X[ 9]; X[ 9] = RotL_64(X[ 9],R1024_3_3); X[ 9] ^= X[ 4];
X[14] += X[ 1]; X[ 1] = RotL_64(X[ 1],R1024_3_4); X[ 1] ^= X[14];
X[ 8] += X[ 5]; X[ 5] = RotL_64(X[ 5],R1024_3_5); X[ 5] ^= X[ 8];
X[10] += X[ 3]; X[ 3] = RotL_64(X[ 3],R1024_3_6); X[ 3] ^= X[10];
X[12] += X[ 7]; X[ 7] = RotL_64(X[ 7],R1024_3_7); X[ 7] ^= X[12]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-4,X);
InjectKey(2*r-1);
X[ 0] += X[ 1]; X[ 1] = RotL_64(X[ 1],R1024_4_0); X[ 1] ^= X[ 0];
X[ 2] += X[ 3]; X[ 3] = RotL_64(X[ 3],R1024_4_1); X[ 3] ^= X[ 2];
X[ 4] += X[ 5]; X[ 5] = RotL_64(X[ 5],R1024_4_2); X[ 5] ^= X[ 4];
X[ 6] += X[ 7]; X[ 7] = RotL_64(X[ 7],R1024_4_3); X[ 7] ^= X[ 6];
X[ 8] += X[ 9]; X[ 9] = RotL_64(X[ 9],R1024_4_4); X[ 9] ^= X[ 8];
X[10] += X[11]; X[11] = RotL_64(X[11],R1024_4_5); X[11] ^= X[10];
X[12] += X[13]; X[13] = RotL_64(X[13],R1024_4_6); X[13] ^= X[12];
X[14] += X[15]; X[15] = RotL_64(X[15],R1024_4_7); X[15] ^= X[14]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-3,X);
X[ 0] += X[ 9]; X[ 9] = RotL_64(X[ 9],R1024_5_0); X[ 9] ^= X[ 0];
X[ 2] += X[13]; X[13] = RotL_64(X[13],R1024_5_1); X[13] ^= X[ 2];
X[ 6] += X[11]; X[11] = RotL_64(X[11],R1024_5_2); X[11] ^= X[ 6];
X[ 4] += X[15]; X[15] = RotL_64(X[15],R1024_5_3); X[15] ^= X[ 4];
X[10] += X[ 7]; X[ 7] = RotL_64(X[ 7],R1024_5_4); X[ 7] ^= X[10];
X[12] += X[ 3]; X[ 3] = RotL_64(X[ 3],R1024_5_5); X[ 3] ^= X[12];
X[14] += X[ 5]; X[ 5] = RotL_64(X[ 5],R1024_5_6); X[ 5] ^= X[14];
X[ 8] += X[ 1]; X[ 1] = RotL_64(X[ 1],R1024_5_7); X[ 1] ^= X[ 8]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-2,X);
X[ 0] += X[ 7]; X[ 7] = RotL_64(X[ 7],R1024_6_0); X[ 7] ^= X[ 0];
X[ 2] += X[ 5]; X[ 5] = RotL_64(X[ 5],R1024_6_1); X[ 5] ^= X[ 2];
X[ 4] += X[ 3]; X[ 3] = RotL_64(X[ 3],R1024_6_2); X[ 3] ^= X[ 4];
X[ 6] += X[ 1]; X[ 1] = RotL_64(X[ 1],R1024_6_3); X[ 1] ^= X[ 6];
X[12] += X[15]; X[15] = RotL_64(X[15],R1024_6_4); X[15] ^= X[12];
X[14] += X[13]; X[13] = RotL_64(X[13],R1024_6_5); X[13] ^= X[14];
X[ 8] += X[11]; X[11] = RotL_64(X[11],R1024_6_6); X[11] ^= X[ 8];
X[10] += X[ 9]; X[ 9] = RotL_64(X[ 9],R1024_6_7); X[ 9] ^= X[10]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r-1,X);
X[ 0] += X[15]; X[15] = RotL_64(X[15],R1024_7_0); X[15] ^= X[ 0];
X[ 2] += X[11]; X[11] = RotL_64(X[11],R1024_7_1); X[11] ^= X[ 2];
X[ 6] += X[13]; X[13] = RotL_64(X[13],R1024_7_2); X[13] ^= X[ 6];
X[ 4] += X[ 9]; X[ 9] = RotL_64(X[ 9],R1024_7_3); X[ 9] ^= X[ 4];
X[14] += X[ 1]; X[ 1] = RotL_64(X[ 1],R1024_7_4); X[ 1] ^= X[14];
X[ 8] += X[ 5]; X[ 5] = RotL_64(X[ 5],R1024_7_5); X[ 5] ^= X[ 8];
X[10] += X[ 3]; X[ 3] = RotL_64(X[ 3],R1024_7_6); X[ 3] ^= X[10];
X[12] += X[ 7]; X[ 7] = RotL_64(X[ 7],R1024_7_7); X[ 7] ^= X[12]; Skein_Show_Round(BLK_BITS,&ctx->h,8*r ,X);
InjectKey(2*r);
}
/* do the final "feedforward" xor, update context chaining vars */
for (i=0;i<WCNT;i++)
ctx->X[i] = X[i] ^ w[i];
Skein_Show_Round(BLK_BITS,&ctx->h,SKEIN_RND_FEED_FWD,ctx->X);
Skein_Clear_First_Flag(ctx->h); /* clear the start bit */
blkPtr += SKEIN1024_BLOCK_BYTES;
}
while (--blkCnt);
}
#if defined(SKEIN_CODE_SIZE) || defined(SKEIN_PERF)
size_t Skein1024_Process_Block_CodeSize(void)
{
return ((u08b_t *) Skein1024_Process_Block_CodeSize) -
((u08b_t *) Skein1024_Process_Block);
}
uint_t Skein1024_Unroll_Cnt(void)
{
return 1;
}
#endif

247
Reference_Implementation/skein_debug.c Normal file
View File

@ -0,0 +1,247 @@
/***********************************************************************
**
** Debug output functions for Skein hashing.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#include <stdio.h>
#ifdef SKEIN_DEBUG /* only instantiate this code if SKEIN_DEBUG is on */
#include "skein.h"
static const char INDENT[] = " "; /* how much to indent on new line */
uint_t skein_DebugFlag = 0; /* off by default. Must be set externally */
static void Show64_step(size_t cnt,const u64b_t *X,size_t step)
{
size_t i,j;
for (i=j=0;i < cnt;i++,j+=step)
{
if (i % 4 == 0) printf(INDENT);
printf(" %08X.%08X ",(uint_32t)(X[j] >> 32),(uint_32t)X[j]);
if (i % 4 == 3 || i==cnt-1) printf("\n");
fflush(stdout);
}
}
#define Show64(cnt,X) Show64_step(cnt,X,1)
static void Show64_flag(size_t cnt,const u64b_t *X)
{
size_t xptr = (size_t) X;
size_t step = (xptr & 1) ? 2 : 1;
if (step != 1)
{
X = (const u64b_t *) (xptr & ~1);
}
Show64_step(cnt,X,step);
}
static void Show08(size_t cnt,const u08b_t *b)
{
size_t i;
for (i=0;i < cnt;i++)
{
if (i %16 == 0) printf(INDENT);
else if (i % 4 == 0) printf(" ");
printf(" %02X",b[i]);
if (i %16 == 15 || i==cnt-1) printf("\n");
fflush(stdout);
}
}
static const char *AlgoHeader(uint_t bits)
{
if (skein_DebugFlag & SKEIN_DEBUG_THREEFISH)
switch (bits)
{
case 256: return ":Threefish-256: ";
case 512: return ":Threefish-512: ";
case 1024: return ":Threefish-1024:";
}
else
switch (bits)
{
case 256: return ":Skein-256: ";
case 512: return ":Skein-512: ";
case 1024: return ":Skein-1024:";
}
return NULL;
}
void Skein_Show_Final(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t cnt,const u08b_t *outPtr)
{
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag & SKEIN_DEBUG_FINAL)
{
printf("\n%s Final output=\n",AlgoHeader(bits));
Show08(cnt,outPtr);
printf(" ++++++++++\n");
fflush(stdout);
}
}
/* show state after a round (or "pseudo-round") */
void Skein_Show_Round(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X)
{
static uint_t injectNum=0; /* not multi-thread safe! */
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag)
{
if (r >= SKEIN_RND_SPECIAL)
{ /* a key injection (or feedforward) point */
injectNum = (r == SKEIN_RND_KEY_INITIAL) ? 0 : injectNum+1;
if ( skein_DebugFlag & SKEIN_DEBUG_INJECT ||
((skein_DebugFlag & SKEIN_DEBUG_FINAL) && r == SKEIN_RND_FEED_FWD))
{
printf("\n%s",AlgoHeader(bits));
switch (r)
{
case SKEIN_RND_KEY_INITIAL:
printf(" [state after initial key injection]");
break;
case SKEIN_RND_KEY_INJECT:
printf(" [state after key injection #%02d]",injectNum);
break;
case SKEIN_RND_FEED_FWD:
printf(" [state after plaintext feedforward]");
injectNum = 0;
break;
}
printf("=\n");
Show64(bits/64,X);
if (r== SKEIN_RND_FEED_FWD)
printf(" ----------\n");
}
}
else if (skein_DebugFlag & SKEIN_DEBUG_ROUNDS)
{
uint_t j;
u64b_t p[SKEIN_MAX_STATE_WORDS];
const u08b_t *perm;
const static u08b_t PERM_256 [4][ 4] = { { 0,1,2,3 }, { 0,3,2,1 }, { 0,1,2,3 }, { 0,3,2,1 } };
const static u08b_t PERM_512 [4][ 8] = { { 0,1,2,3,4,5,6,7 },
{ 2,1,4,7,6,5,0,3 },
{ 4,1,6,3,0,5,2,7 },
{ 6,1,0,7,2,5,4,3 }
};
const static u08b_t PERM_1024[4][16] = { { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15 },
{ 0, 9, 2,13, 6,11, 4,15,10, 7,12, 3,14, 5, 8, 1 },
{ 0, 7, 2, 5, 4, 3, 6, 1,12,15,14,13, 8,11,10, 9 },
{ 0,15, 2,11, 6,13, 4, 9,14, 1, 8, 5,10, 3,12, 7 }
};
if ((skein_DebugFlag & SKEIN_DEBUG_PERMUTE) && (r & 3))
{
printf("\n%s [state after round %2d (permuted)]=\n",AlgoHeader(bits),(int)r);
switch (bits)
{
case 256: perm = PERM_256 [r&3]; break;
case 512: perm = PERM_512 [r&3]; break;
default: perm = PERM_1024[r&3]; break;
}
for (j=0;j<bits/64;j++)
p[j] = X[perm[j]];
Show64(bits/64,p);
}
else
{
printf("\n%s [state after round %2d]=\n",AlgoHeader(bits),(int)r);
Show64(bits/64,X);
}
}
}
}
/* show state after a round (or "pseudo-round"), given a list of pointers */
void Skein_Show_R_Ptr(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X_ptr[])
{
uint_t i;
u64b_t X[SKEIN_MAX_STATE_WORDS];
for (i=0;i<bits/64;i++) /* copy over the words */
X[i] = X_ptr[i][0];
Skein_Show_Round(bits,h,r,X);
}
/* show the state at the start of a block */
void Skein_Show_Block(uint_t bits,const Skein_Ctxt_Hdr_t *h,const u64b_t *X,const u08b_t *blkPtr,
const u64b_t *wPtr, const u64b_t *ksPtr, const u64b_t *tsPtr)
{
uint_t n;
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag)
{
if (skein_DebugFlag & SKEIN_DEBUG_HDR)
{
printf("\n%s Block: outBits=%4d. T0=%06X.",AlgoHeader(bits),(uint_t) h->hashBitLen,(uint_t)h->T[0]);
printf(" Type=");
n = (uint_t) ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) >> SKEIN_T1_POS_BLK_TYPE);
switch (n)
{
case SKEIN_BLK_TYPE_KEY: printf("KEY. "); break;
case SKEIN_BLK_TYPE_CFG: printf("CFG. "); break;
case SKEIN_BLK_TYPE_PERS: printf("PERS."); break;
case SKEIN_BLK_TYPE_PK : printf("PK. "); break;
case SKEIN_BLK_TYPE_KDF: printf("KDF. "); break;
case SKEIN_BLK_TYPE_MSG: printf("MSG. "); break;
case SKEIN_BLK_TYPE_OUT: printf("OUT. "); break;
default: printf("0x%02X.",n); break;
}
printf(" Flags=");
printf((h->T[1] & SKEIN_T1_FLAG_FIRST) ? " First":" ");
printf((h->T[1] & SKEIN_T1_FLAG_FINAL) ? " Final":" ");
printf((h->T[1] & SKEIN_T1_FLAG_BIT_PAD) ? " Pad" :" ");
n = (uint_t) ((h->T[1] & SKEIN_T1_TREE_LVL_MASK) >> SKEIN_T1_POS_TREE_LVL);
if (n)
printf(" TreeLevel = %02X",n);
printf("\n");
fflush(stdout);
}
if (skein_DebugFlag & SKEIN_DEBUG_TWEAK)
{
printf(" Tweak:\n");
Show64(2,h->T);
}
if (skein_DebugFlag & SKEIN_DEBUG_STATE)
{
printf(" %s words:\n",(skein_DebugFlag & SKEIN_DEBUG_THREEFISH)?"Key":"State");
Show64(bits/64,X);
}
if (skein_DebugFlag & SKEIN_DEBUG_KEYSCHED)
{
printf(" Tweak schedule:\n");
Show64_flag(3,tsPtr);
printf(" Key schedule:\n");
Show64_flag((bits/64)+1,ksPtr);
}
if (skein_DebugFlag & SKEIN_DEBUG_INPUT_64)
{
printf(" Input block (words):\n");
Show64(bits/64,wPtr);
}
if (skein_DebugFlag & SKEIN_DEBUG_INPUT_08)
{
printf(" Input block (bytes):\n");
Show08(bits/8,blkPtr);
}
}
}
void Skein_Show_Key(uint_t bits,const Skein_Ctxt_Hdr_t *h,const u08b_t *key,size_t keyBytes)
{
if (keyBytes)
if (skein_DebugFlag & SKEIN_DEBUG_CONFIG || ((h->T[1] & SKEIN_T1_BLK_TYPE_MASK) != SKEIN_T1_BLK_TYPE_CFG))
if (skein_DebugFlag & SKEIN_DEBUG_KEY)
{
printf("\n%s MAC key = %4u bytes\n",AlgoHeader(bits),(unsigned) keyBytes);
Show08(keyBytes,key);
}
}
#endif

48
Reference_Implementation/skein_debug.h Normal file
View File

@ -0,0 +1,48 @@
#ifndef _SKEIN_DEBUG_H_
#define _SKEIN_DEBUG_H_
/***********************************************************************
**
** Interface definitions for Skein hashing debug output.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
************************************************************************/
#ifdef SKEIN_DEBUG
/* callout functions used inside Skein code */
void Skein_Show_Block(uint_t bits,const Skein_Ctxt_Hdr_t *h,const u64b_t *X,const u08b_t *blkPtr,
const u64b_t *wPtr,const u64b_t *ksPtr,const u64b_t *tsPtr);
void Skein_Show_Round(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X);
void Skein_Show_R_Ptr(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t r,const u64b_t *X_ptr[]);
void Skein_Show_Final(uint_t bits,const Skein_Ctxt_Hdr_t *h,size_t cnt,const u08b_t *outPtr);
void Skein_Show_Key (uint_t bits,const Skein_Ctxt_Hdr_t *h,const u08b_t *key,size_t keyBytes);
extern uint_t skein_DebugFlag; /* flags to control debug output (0 --> none) */
#define SKEIN_RND_SPECIAL (1000u)
#define SKEIN_RND_KEY_INITIAL (SKEIN_RND_SPECIAL+0u)
#define SKEIN_RND_KEY_INJECT (SKEIN_RND_SPECIAL+1u)
#define SKEIN_RND_FEED_FWD (SKEIN_RND_SPECIAL+2u)
/* flag bits: skein_DebugFlag */
#define SKEIN_DEBUG_KEY (1u << 1) /* show MAC key */
#define SKEIN_DEBUG_CONFIG (1u << 2) /* show config block processing */
#define SKEIN_DEBUG_STATE (1u << 3) /* show input state during Show_Block() */
#define SKEIN_DEBUG_TWEAK (1u << 4) /* show input state during Show_Block() */
#define SKEIN_DEBUG_KEYSCHED (1u << 5) /* show expanded key schedule */
#define SKEIN_DEBUG_INPUT_64 (1u << 6) /* show input block as 64-bit words */
#define SKEIN_DEBUG_INPUT_08 (1u << 7) /* show input block as 8-bit bytes */
#define SKEIN_DEBUG_INJECT (1u << 8) /* show state after key injection & feedforward points */
#define SKEIN_DEBUG_ROUNDS (1u << 9) /* show state after all rounds */
#define SKEIN_DEBUG_FINAL (1u <<10) /* show final output of Skein */
#define SKEIN_DEBUG_HDR (1u <<11) /* show block header */
#define SKEIN_DEBUG_THREEFISH (1u <<12) /* use Threefish name instead of Skein */
#define SKEIN_DEBUG_PERMUTE (1u <<13) /* use word permutations */
#define SKEIN_DEBUG_ALL ((~0u) & ~(SKEIN_DEBUG_THREEFISH | SKEIN_DEBUG_PERMUTE))
#define THREEFISH_DEBUG_ALL (SKEIN_DEBUG_ALL | SKEIN_DEBUG_THREEFISH)
#endif /* SKEIN_DEBUG */
#endif /* _SKEIN_DEBUG_H_ */

44
Reference_Implementation/skein_port.h Normal file
View File

@ -0,0 +1,44 @@
#ifndef _SKEIN_PORT_H_
#define _SKEIN_PORT_H_
/*******************************************************************
**
** Platform-specific definitions for Skein hash function.
**
** Source code author: Doug Whiting, 2008.
**
** This algorithm and source code is released to the public domain.
**
** Many thanks to Brian Gladman for his portable header files, which
** have been modified slightly here, to handle a few more platforms.
**
** To port Skein to an "unsupported" platform, change the definitions
** in this file appropriately.
**
********************************************************************/
#include "brg_types.h" /* get integer type definitions */
typedef unsigned int uint_t; /* native unsigned integer */
typedef uint_8t u08b_t; /* 8-bit unsigned integer */
typedef uint_64t u64b_t; /* 64-bit unsigned integer */
/*
* Skein is "natively" little-endian (unlike SHA-xxx), for optimal
* performance on x86 CPUs. The Skein code requires the following
* definitions for dealing with endianness:
*
* Skein_Put64_LSB_First
* Skein_Get64_LSB_First
* Skein_Swap64
*
* In the reference code, these functions are implemented in a
* very portable (and thus slow) fashion, for clarity. See the file
* "skein_port.h" in the Optimized_Code directory for ways to make
* these functions fast(er) on x86 platforms.
*/
u64b_t Skein_Swap64(u64b_t w64);
void Skein_Put64_LSB_First(u08b_t *dst,const u64b_t *src,size_t bCnt);
void Skein_Get64_LSB_First(u64b_t *dst,const u08b_t *src,size_t wCnt);
#endif /* ifndef _SKEIN_PORT_H_ */

BIN
Supporting_Documentation/Skein Cover Sheet.pdf Normal file
View File

Binary file not shown.

BIN
Supporting_Documentation/Skein_Implementation_Statement.pdf Normal file
View File

Binary file not shown.

BIN
Supporting_Documentation/Skein_Submitter_Statement.pdf Normal file
View File

Binary file not shown.

BIN
Supporting_Documentation/skein1.3.pdf Normal file
View File

Binary file not shown.

BIN
Supporting_Documentation/skeinround3Mods.pdf Normal file
View File

Binary file not shown.

BIN
Supporting_Documentation/tex/key_recover.pdf Normal file
View File

Binary file not shown.

BIN
Supporting_Documentation/tex/reverserounds256.pdf Normal file
View File

Binary file not shown.

161
Supporting_Documentation/tex/skein-21.mps Normal file
View File

@ -0,0 +1,161 @@
%!PS
%%BoundingBox: -46 -68 85 19
%%HiResBoundingBox: -45.20761 -67.94917 84.85632 18.1732
%%Creator: MetaPost 1.000
%%CreationDate: 2008.08.28:0231
%%Pages: 1
%*Font: cmmi10 9.96265 9.96265 3c:800002
%*Font: cmmi7 6.97385 6.97385 3b:80000000000201
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 4 4 moveto
4 4 lineto
4 -4 lineto
4 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -4 4 moveto
-4 4 lineto
4 4 lineto
4 4 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -4 4 moveto
-4 4 lineto
-4 -4 lineto
-4 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -4 -4 moveto
-4 -4 lineto
4 -4 lineto
4 -4 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 4 moveto
0 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 4 0 moveto
-4 0 lineto stroke
31.3464 -25.37865 moveto
(<) cmmi10 9.96265 fshow
35.7743 -25.37865 moveto
(<) cmmi10 9.96265 fshow
40.2023 -25.37865 moveto
(<) cmmi10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 50.95102 -17.00784 moveto
50.95102 -17.00784 lineto
50.95102 -28.76813 lineto
50.95102 -28.76813 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 28.3464 -17.00784 moveto
28.3464 -17.00784 lineto
50.95102 -17.00784 lineto
50.95102 -17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 28.3464 -17.00784 moveto
28.3464 -17.00784 lineto
28.3464 -28.76813 lineto
28.3464 -28.76813 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 28.3464 -28.76813 moveto
28.3464 -28.76813 lineto
50.95102 -28.76813 lineto
50.95102 -28.76813 lineto stroke
newpath 42.47728 -46.9474 moveto
43.20105 -47.67117 43.64871 -48.67105 43.64871 -49.77548 curveto
43.64871 -49.77646 lineto
43.64871 -50.88089 43.20105 -51.88077 42.47728 -52.60454 curveto stroke
newpath 36.82014 -46.9474 moveto
37.54391 -46.22363 38.5438 -45.77597 39.64822 -45.77597 curveto
39.6492 -45.77597 lineto
40.75363 -45.77597 41.75351 -46.22363 42.47728 -46.9474 curveto stroke
newpath 36.82014 -46.9474 moveto
36.09637 -47.67117 35.64871 -48.67105 35.64871 -49.77548 curveto
35.64871 -49.77646 lineto
35.64871 -50.88089 36.09637 -51.88077 36.82014 -52.60454 curveto stroke
newpath 36.82014 -52.60454 moveto
37.54391 -53.32831 38.5438 -53.77597 39.64822 -53.77597 curveto
39.6492 -53.77597 lineto
40.75363 -53.77597 41.75351 -53.32831 42.47728 -52.60454 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 39.64871 -45.77597 moveto
39.64871 -53.77597 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 43.64871 -49.77597 moveto
35.64871 -49.77597 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 18.1732 moveto
0 4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -1.53078 7.69554 moveto
0 4 lineto
1.53078 7.69554 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 39.64871 18.1732 moveto
39.64871 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 38.11801 -13.31248 moveto
39.64871 -17.00784 lineto
41.17941 -13.31248 lineto
closepath
gsave fill grestore stroke
newpath 39.64871 0 moveto
4 0 lineto stroke
newpath 7.69574 1.53087 moveto
4 0 lineto
7.69574 -1.53087 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 -4 moveto
0 -67.94917 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -1.53067 -64.2539 moveto
0 -67.94917 lineto
1.53067 -64.2539 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 39.64871 -28.76813 moveto
39.64871 -45.77597 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 38.11795 -42.08049 moveto
39.64871 -45.77597 lineto
41.17947 -42.08049 lineto
closepath
gsave fill grestore stroke
newpath 0 -49.77597 moveto
35.64871 -49.77597 lineto stroke
newpath 31.95297 -51.30684 moveto
35.64871 -49.77597 lineto
31.95297 -48.2451 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 39.64871 -53.77597 moveto
39.64871 -67.94917 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 38.11794 -64.25363 moveto
39.64871 -67.94917 lineto
41.17949 -64.25363 lineto
closepath
gsave fill grestore stroke
newpath 65.12422 -22.88799 moveto
50.95102 -22.88799 lineto stroke
newpath 54.64656 -21.35721 moveto
50.95102 -22.88799 lineto
54.64656 -24.41876 lineto
closepath
gsave fill grestore stroke
68.12422 -24.86668 moveto
(R) cmmi10 9.96265 fshow
75.68872 -26.36108 moveto
(r) cmmi7 6.97385 fshow
79.17342 -26.36108 moveto
(;i) cmmi7 6.97385 fshow
showpage
%%EOF

832
Supporting_Documentation/tex/skein-22.mps Normal file
View File

@ -0,0 +1,832 @@
%!PS
%%BoundingBox: -59 -315 229 30
%%HiResBoundingBox: -58.56683 -314.45247 228.6453 29.76099
%%Creator: MetaPost 1.000
%%CreationDate: 2008.08.28:0231
%%Pages: 1
%*Font: cmr10 9.96265 9.96265 30:c400000490006c5f3cc
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 170.07843 0 moveto
170.07843 0 lineto
170.07843 -16 lineto
170.07843 -16 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 0 0 moveto
0 0 lineto
170.07843 0 lineto
170.07843 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 0 moveto
0 0 lineto
0 -16 lineto
0 -16 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 0 -16 moveto
0 -16 lineto
170.07843 -16 lineto
170.07843 -16 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 89.03922 -4 moveto
89.03922 -4 lineto
89.03922 -12 lineto
89.03922 -12 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 81.03922 -4 moveto
81.03922 -4 lineto
89.03922 -4 lineto
89.03922 -4 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 81.03922 -4 moveto
81.03922 -4 lineto
81.03922 -12 lineto
81.03922 -12 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 81.03922 -12 moveto
81.03922 -12 lineto
89.03922 -12 lineto
89.03922 -12 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 85.03922 -4 moveto
85.03922 -12 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 89.03922 -8 moveto
81.03922 -8 lineto stroke
newpath -14.1732 -8 moveto
0 -8 lineto stroke
newpath -3.69554 -9.53078 moveto
0 -8 lineto
-3.69554 -6.46922 lineto
closepath
gsave fill grestore stroke
-56.7471 -10.49066 moveto
(Subk) cmr10 9.96265 fshow
-35.1613 -10.49066 moveto
(ey) cmr10 9.96265 fshow
-22.1545 -10.49066 moveto
(0) cmr10 9.96265 fshow
33.94067 -43.49834 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 77.95241 -30.1732 moveto
77.95241 -30.1732 lineto
77.95241 -50.01569 lineto
77.95241 -50.01569 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -30.1732 moveto
7.08684 -30.1732 lineto
77.95241 -30.1732 lineto
77.95241 -30.1732 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -30.1732 moveto
7.08684 -30.1732 lineto
7.08684 -50.01569 lineto
7.08684 -50.01569 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -50.01569 moveto
7.08684 -50.01569 lineto
77.95241 -50.01569 lineto
77.95241 -50.01569 lineto stroke
118.97946 -43.49834 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -30.1732 moveto
162.9912 -30.1732 lineto
162.9912 -50.01569 lineto
162.9912 -50.01569 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12563 -30.1732 moveto
92.12563 -30.1732 lineto
162.9912 -30.1732 lineto
162.9912 -30.1732 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 92.12563 -30.1732 moveto
92.12563 -30.1732 lineto
92.12563 -50.01569 lineto
92.12563 -50.01569 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12563 -50.01569 moveto
92.12563 -50.01569 lineto
162.9912 -50.01569 lineto
162.9912 -50.01569 lineto stroke
66.69112 -73.99669 moveto
(P) cmr10 9.96265 fshow
73.19452 -73.99669 moveto
(erm) cmr10 9.96265 fshow
89.54991 -73.99669 moveto
(ute) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -64.18889 moveto
162.9912 -64.18889 lineto
162.9912 -76.99669 lineto
162.9912 -76.99669 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -64.18889 moveto
7.08684 -64.18889 lineto
162.9912 -64.18889 lineto
162.9912 -64.18889 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -64.18889 moveto
7.08684 -64.18889 lineto
7.08684 -76.99669 lineto
7.08684 -76.99669 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -76.99669 moveto
7.08684 -76.99669 lineto
162.9912 -76.99669 lineto
162.9912 -76.99669 lineto stroke
33.94067 -104.49503 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 77.95241 -91.16989 moveto
77.95241 -91.16989 lineto
77.95241 -111.01237 lineto
77.95241 -111.01237 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -91.16989 moveto
7.08684 -91.16989 lineto
77.95241 -91.16989 lineto
77.95241 -91.16989 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -91.16989 moveto
7.08684 -91.16989 lineto
7.08684 -111.01237 lineto
7.08684 -111.01237 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -111.01237 moveto
7.08684 -111.01237 lineto
77.95241 -111.01237 lineto
77.95241 -111.01237 lineto stroke
118.97945 -104.49503 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -91.16989 moveto
162.9912 -91.16989 lineto
162.9912 -111.01237 lineto
162.9912 -111.01237 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12561 -91.16989 moveto
92.12561 -91.16989 lineto
162.9912 -91.16989 lineto
162.9912 -91.16989 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 92.12561 -91.16989 moveto
92.12561 -91.16989 lineto
92.12561 -111.01237 lineto
92.12561 -111.01237 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12561 -111.01237 moveto
92.12561 -111.01237 lineto
162.9912 -111.01237 lineto
162.9912 -111.01237 lineto stroke
66.69112 -134.99338 moveto
(P) cmr10 9.96265 fshow
73.19452 -134.99338 moveto
(erm) cmr10 9.96265 fshow
89.54991 -134.99338 moveto
(ute) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -125.18558 moveto
162.9912 -125.18558 lineto
162.9912 -137.99338 lineto
162.9912 -137.99338 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -125.18558 moveto
7.08684 -125.18558 lineto
162.9912 -125.18558 lineto
162.9912 -125.18558 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -125.18558 moveto
7.08684 -125.18558 lineto
7.08684 -137.99338 lineto
7.08684 -137.99338 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -137.99338 moveto
7.08684 -137.99338 lineto
162.9912 -137.99338 lineto
162.9912 -137.99338 lineto stroke
33.94067 -236.35773 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 77.95241 -223.0326 moveto
77.95241 -223.0326 lineto
77.95241 -242.87508 lineto
77.95241 -242.87508 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -223.0326 moveto
7.08684 -223.0326 lineto
77.95241 -223.0326 lineto
77.95241 -223.0326 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -223.0326 moveto
7.08684 -223.0326 lineto
7.08684 -242.87508 lineto
7.08684 -242.87508 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -242.87508 moveto
7.08684 -242.87508 lineto
77.95241 -242.87508 lineto
77.95241 -242.87508 lineto stroke
118.97945 -236.35773 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -223.0326 moveto
162.9912 -223.0326 lineto
162.9912 -242.87508 lineto
162.9912 -242.87508 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12561 -223.0326 moveto
92.12561 -223.0326 lineto
162.9912 -223.0326 lineto
162.9912 -223.0326 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 92.12561 -223.0326 moveto
92.12561 -223.0326 lineto
92.12561 -242.87508 lineto
92.12561 -242.87508 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12561 -242.87508 moveto
92.12561 -242.87508 lineto
162.9912 -242.87508 lineto
162.9912 -242.87508 lineto stroke
66.69112 -266.85608 moveto
(P) cmr10 9.96265 fshow
73.19452 -266.85608 moveto
(erm) cmr10 9.96265 fshow
89.54991 -266.85608 moveto
(ute) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -257.04828 moveto
162.9912 -257.04828 lineto
162.9912 -269.85606 lineto
162.9912 -269.85606 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -257.04828 moveto
7.08684 -257.04828 lineto
162.9912 -257.04828 lineto
162.9912 -257.04828 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -257.04828 moveto
7.08684 -257.04828 lineto
7.08684 -269.85606 lineto
7.08684 -269.85606 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -269.85606 moveto
7.08684 -269.85606 lineto
162.9912 -269.85606 lineto
162.9912 -269.85606 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 170.07843 -284.02927 moveto
170.07843 -284.02927 lineto
170.07843 -300.02927 lineto
170.07843 -300.02927 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 0 -284.02927 moveto
0 -284.02927 lineto
170.07843 -284.02927 lineto
170.07843 -284.02927 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 -284.02927 moveto
0 -284.02927 lineto
0 -300.02927 lineto
0 -300.02927 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 0 -300.02927 moveto
0 -300.02927 lineto
170.07843 -300.02927 lineto
170.07843 -300.02927 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 89.03922 -288.02927 moveto
89.03922 -288.02927 lineto
89.03922 -296.02927 lineto
89.03922 -296.02927 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 81.03922 -288.02927 moveto
81.03922 -288.02927 lineto
89.03922 -288.02927 lineto
89.03922 -288.02927 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 81.03922 -288.02927 moveto
81.03922 -288.02927 lineto
81.03922 -296.02927 lineto
81.03922 -296.02927 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 81.03922 -296.02927 moveto
81.03922 -296.02927 lineto
89.03922 -296.02927 lineto
89.03922 -296.02927 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 85.03922 -288.02927 moveto
85.03922 -296.02927 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 89.03922 -292.02927 moveto
81.03922 -292.02927 lineto stroke
newpath -14.1732 -292.02927 moveto
0 -292.02927 lineto stroke
newpath -3.69554 -293.56004 moveto
0 -292.02927 lineto
-3.69554 -290.49849 lineto
closepath
gsave fill grestore stroke
-56.7471 -294.51993 moveto
(Subk) cmr10 9.96265 fshow
-35.1613 -294.51993 moveto
(ey) cmr10 9.96265 fshow
-22.1545 -294.51993 moveto
(1) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 14.1732 moveto
21.25981 0 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 3.69554 moveto
21.25981 0 lineto
22.79059 3.69554 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -16 moveto
21.25981 -30.1732 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 -26.47766 moveto
21.25981 -30.1732 lineto
22.79059 -26.47766 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -50.01569 moveto
21.25981 -64.18889 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 -60.49335 moveto
21.25981 -64.18889 lineto
22.79059 -60.49335 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -76.99669 moveto
21.25981 -91.16989 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 -87.47435 moveto
21.25981 -91.16989 lineto
22.79059 -87.47435 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -111.01237 moveto
21.25981 -125.18558 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 -121.49004 moveto
21.25981 -125.18558 lineto
22.79059 -121.49004 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -137.99338 moveto
21.25981 -152.16658 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 -148.47104 moveto
21.25981 -152.16658 lineto
22.79059 -148.47104 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -208.85939 moveto
21.25981 -223.0326 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 -219.33705 moveto
21.25981 -223.0326 lineto
22.79059 -219.33705 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -242.87508 moveto
21.25981 -257.04828 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 -253.35274 moveto
21.25981 -257.04828 lineto
22.79059 -253.35274 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -269.85606 moveto
21.25981 -284.02927 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 -280.33372 moveto
21.25981 -284.02927 lineto
22.79059 -280.33372 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -300.02927 moveto
21.25981 -314.20247 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 -310.50693 moveto
21.25981 -314.20247 lineto
22.79059 -310.50693 lineto
closepath
gsave fill grestore stroke
newpath 22.75421 -166.33978 moveto
22.75421 -165.94345 22.59677 -165.56334 22.31651 -165.28308 curveto
22.03625 -165.00282 21.65614 -164.84538 21.25981 -164.84538 curveto
20.86348 -164.84538 20.48337 -165.00282 20.20311 -165.28308 curveto
19.92285 -165.56334 19.76541 -165.94345 19.76541 -166.33978 curveto
19.76541 -166.73611 19.92285 -167.11623 20.20311 -167.39648 curveto
20.48337 -167.67674 20.86348 -167.83418 21.25981 -167.83418 curveto
21.65614 -167.83418 22.03625 -167.67674 22.31651 -167.39648 curveto
22.59677 -167.11623 22.75421 -166.73611 22.75421 -166.33978 curveto closepath
fill
newpath 22.75421 -180.51299 moveto
22.75421 -180.11665 22.59677 -179.73654 22.31651 -179.45628 curveto
22.03625 -179.17603 21.65614 -179.01859 21.25981 -179.01859 curveto
20.86348 -179.01859 20.48337 -179.17603 20.20311 -179.45628 curveto
19.92285 -179.73654 19.76541 -180.11665 19.76541 -180.51299 curveto
19.76541 -180.90932 19.92285 -181.28943 20.20311 -181.56969 curveto
20.48337 -181.84995 20.86348 -182.00739 21.25981 -182.00739 curveto
21.65614 -182.00739 22.03625 -181.84995 22.31651 -181.56969 curveto
22.59677 -181.28943 22.75421 -180.90932 22.75421 -180.51299 curveto closepath
fill
newpath 22.75421 -194.68619 moveto
22.75421 -194.28986 22.59677 -193.90974 22.31651 -193.62949 curveto
22.03625 -193.34923 21.65614 -193.19179 21.25981 -193.19179 curveto
20.86348 -193.19179 20.48337 -193.34923 20.20311 -193.62949 curveto
19.92285 -193.90974 19.76541 -194.28986 19.76541 -194.68619 curveto
19.76541 -195.08252 19.92285 -195.46263 20.20311 -195.74289 curveto
20.48337 -196.02315 20.86348 -196.18059 21.25981 -196.18059 curveto
21.65614 -196.18059 22.03625 -196.02315 22.31651 -195.74289 curveto
22.59677 -195.46263 22.75421 -195.08252 22.75421 -194.68619 curveto closepath
fill
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 14.1732 moveto
63.77942 0 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 3.69554 moveto
63.77942 0 lineto
65.3102 3.69554 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -16 moveto
63.77942 -30.1732 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 -26.47766 moveto
63.77942 -30.1732 lineto
65.3102 -26.47766 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -50.01569 moveto
63.77942 -64.18889 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 -60.49335 moveto
63.77942 -64.18889 lineto
65.3102 -60.49335 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -76.99669 moveto
63.77942 -91.16989 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 -87.47435 moveto
63.77942 -91.16989 lineto
65.3102 -87.47435 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -111.01237 moveto
63.77942 -125.18558 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 -121.49004 moveto
63.77942 -125.18558 lineto
65.3102 -121.49004 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -137.99338 moveto
63.77942 -152.16658 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 -148.47104 moveto
63.77942 -152.16658 lineto
65.3102 -148.47104 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -208.85939 moveto
63.77942 -223.0326 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 -219.33705 moveto
63.77942 -223.0326 lineto
65.3102 -219.33705 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -242.87508 moveto
63.77942 -257.04828 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 -253.35274 moveto
63.77942 -257.04828 lineto
65.3102 -253.35274 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -269.85606 moveto
63.77942 -284.02927 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 -280.33372 moveto
63.77942 -284.02927 lineto
65.3102 -280.33372 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -300.02927 moveto
63.77942 -314.20247 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 -310.50693 moveto
63.77942 -314.20247 lineto
65.3102 -310.50693 lineto
closepath
gsave fill grestore stroke
newpath 65.27382 -166.33978 moveto
65.27382 -165.94345 65.11638 -165.56334 64.83612 -165.28308 curveto
64.55586 -165.00282 64.17575 -164.84538 63.77942 -164.84538 curveto
63.38309 -164.84538 63.00298 -165.00282 62.72272 -165.28308 curveto
62.44246 -165.56334 62.28502 -165.94345 62.28502 -166.33978 curveto
62.28502 -166.73611 62.44246 -167.11623 62.72272 -167.39648 curveto
63.00298 -167.67674 63.38309 -167.83418 63.77942 -167.83418 curveto
64.17575 -167.83418 64.55586 -167.67674 64.83612 -167.39648 curveto
65.11638 -167.11623 65.27382 -166.73611 65.27382 -166.33978 curveto closepath
fill
newpath 65.27382 -180.51299 moveto
65.27382 -180.11665 65.11638 -179.73654 64.83612 -179.45628 curveto
64.55586 -179.17603 64.17575 -179.01859 63.77942 -179.01859 curveto
63.38309 -179.01859 63.00298 -179.17603 62.72272 -179.45628 curveto
62.44246 -179.73654 62.28502 -180.11665 62.28502 -180.51299 curveto
62.28502 -180.90932 62.44246 -181.28943 62.72272 -181.56969 curveto
63.00298 -181.84995 63.38309 -182.00739 63.77942 -182.00739 curveto
64.17575 -182.00739 64.55586 -181.84995 64.83612 -181.56969 curveto
65.11638 -181.28943 65.27382 -180.90932 65.27382 -180.51299 curveto closepath
fill
newpath 65.27382 -194.68619 moveto
65.27382 -194.28986 65.11638 -193.90974 64.83612 -193.62949 curveto
64.55586 -193.34923 64.17575 -193.19179 63.77942 -193.19179 curveto
63.38309 -193.19179 63.00298 -193.34923 62.72272 -193.62949 curveto
62.44246 -193.90974 62.28502 -194.28986 62.28502 -194.68619 curveto
62.28502 -195.08252 62.44246 -195.46263 62.72272 -195.74289 curveto
63.00298 -196.02315 63.38309 -196.18059 63.77942 -196.18059 curveto
64.17575 -196.18059 64.55586 -196.02315 64.83612 -195.74289 curveto
65.11638 -195.46263 65.27382 -195.08252 65.27382 -194.68619 curveto closepath
fill
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 14.1732 moveto
106.29903 0 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 3.69554 moveto
106.29903 0 lineto
107.8298 3.69554 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -16 moveto
106.29903 -30.1732 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 -26.47766 moveto
106.29903 -30.1732 lineto
107.8298 -26.47766 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -50.01569 moveto
106.29903 -64.18889 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 -60.49335 moveto
106.29903 -64.18889 lineto
107.8298 -60.49335 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -76.99669 moveto
106.29903 -91.16989 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 -87.47435 moveto
106.29903 -91.16989 lineto
107.8298 -87.47435 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -111.01237 moveto
106.29903 -125.18558 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 -121.49004 moveto
106.29903 -125.18558 lineto
107.8298 -121.49004 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -137.99338 moveto
106.29903 -152.16658 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 -148.47104 moveto
106.29903 -152.16658 lineto
107.8298 -148.47104 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -208.85939 moveto
106.29903 -223.0326 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 -219.33705 moveto
106.29903 -223.0326 lineto
107.8298 -219.33705 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -242.87508 moveto
106.29903 -257.04828 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 -253.35274 moveto
106.29903 -257.04828 lineto
107.8298 -253.35274 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -269.85606 moveto
106.29903 -284.02927 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 -280.33372 moveto
106.29903 -284.02927 lineto
107.8298 -280.33372 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -300.02927 moveto
106.29903 -314.20247 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 -310.50693 moveto
106.29903 -314.20247 lineto
107.8298 -310.50693 lineto
closepath
gsave fill grestore stroke
newpath 107.79343 -166.33978 moveto
107.79343 -165.94345 107.63599 -165.56334 107.35573 -165.28308 curveto
107.07547 -165.00282 106.69536 -164.84538 106.29903 -164.84538 curveto
105.9027 -164.84538 105.52258 -165.00282 105.24232 -165.28308 curveto
104.96207 -165.56334 104.80463 -165.94345 104.80463 -166.33978 curveto
104.80463 -166.73611 104.96207 -167.11623 105.24232 -167.39648 curveto
105.52258 -167.67674 105.9027 -167.83418 106.29903 -167.83418 curveto
106.69536 -167.83418 107.07547 -167.67674 107.35573 -167.39648 curveto
107.63599 -167.11623 107.79343 -166.73611 107.79343 -166.33978 curveto
closepath fill
newpath 107.79343 -180.51299 moveto
107.79343 -180.11665 107.63599 -179.73654 107.35573 -179.45628 curveto
107.07547 -179.17603 106.69536 -179.01859 106.29903 -179.01859 curveto
105.9027 -179.01859 105.52258 -179.17603 105.24232 -179.45628 curveto
104.96207 -179.73654 104.80463 -180.11665 104.80463 -180.51299 curveto
104.80463 -180.90932 104.96207 -181.28943 105.24232 -181.56969 curveto
105.52258 -181.84995 105.9027 -182.00739 106.29903 -182.00739 curveto
106.69536 -182.00739 107.07547 -181.84995 107.35573 -181.56969 curveto
107.63599 -181.28943 107.79343 -180.90932 107.79343 -180.51299 curveto
closepath fill
newpath 107.79343 -194.68619 moveto
107.79343 -194.28986 107.63599 -193.90974 107.35573 -193.62949 curveto
107.07547 -193.34923 106.69536 -193.19179 106.29903 -193.19179 curveto
105.9027 -193.19179 105.52258 -193.34923 105.24232 -193.62949 curveto
104.96207 -193.90974 104.80463 -194.28986 104.80463 -194.68619 curveto
104.80463 -195.08252 104.96207 -195.46263 105.24232 -195.74289 curveto
105.52258 -196.02315 105.9027 -196.18059 106.29903 -196.18059 curveto
106.69536 -196.18059 107.07547 -196.02315 107.35573 -195.74289 curveto
107.63599 -195.46263 107.79343 -195.08252 107.79343 -194.68619 curveto
closepath fill
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 14.1732 moveto
148.81863 0 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 3.69554 moveto
148.81863 0 lineto
150.34941 3.69554 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -16 moveto
148.81863 -30.1732 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 -26.47766 moveto
148.81863 -30.1732 lineto
150.34941 -26.47766 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -50.01569 moveto
148.81863 -64.18889 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 -60.49335 moveto
148.81863 -64.18889 lineto
150.34941 -60.49335 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -76.99669 moveto
148.81863 -91.16989 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 -87.47435 moveto
148.81863 -91.16989 lineto
150.34941 -87.47435 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -111.01237 moveto
148.81863 -125.18558 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 -121.49004 moveto
148.81863 -125.18558 lineto
150.34941 -121.49004 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -137.99338 moveto
148.81863 -152.16658 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 -148.47104 moveto
148.81863 -152.16658 lineto
150.34941 -148.47104 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -208.85939 moveto
148.81863 -223.0326 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 -219.33705 moveto
148.81863 -223.0326 lineto
150.34941 -219.33705 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -242.87508 moveto
148.81863 -257.04828 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 -253.35274 moveto
148.81863 -257.04828 lineto
150.34941 -253.35274 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -269.85606 moveto
148.81863 -284.02927 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 -280.33372 moveto
148.81863 -284.02927 lineto
150.34941 -280.33372 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -300.02927 moveto
148.81863 -314.20247 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 -310.50693 moveto
148.81863 -314.20247 lineto
150.34941 -310.50693 lineto
closepath
gsave fill grestore stroke
newpath 150.31303 -166.33978 moveto
150.31303 -165.94345 150.1556 -165.56334 149.87534 -165.28308 curveto
149.59508 -165.00282 149.21497 -164.84538 148.81863 -164.84538 curveto
148.4223 -164.84538 148.04219 -165.00282 147.76193 -165.28308 curveto
147.48167 -165.56334 147.32423 -165.94345 147.32423 -166.33978 curveto
147.32423 -166.73611 147.48167 -167.11623 147.76193 -167.39648 curveto
148.04219 -167.67674 148.4223 -167.83418 148.81863 -167.83418 curveto
149.21497 -167.83418 149.59508 -167.67674 149.87534 -167.39648 curveto
150.1556 -167.11623 150.31303 -166.73611 150.31303 -166.33978 curveto closepath
fill
newpath 150.31303 -180.51299 moveto
150.31303 -180.11665 150.1556 -179.73654 149.87534 -179.45628 curveto
149.59508 -179.17603 149.21497 -179.01859 148.81863 -179.01859 curveto
148.4223 -179.01859 148.04219 -179.17603 147.76193 -179.45628 curveto
147.48167 -179.73654 147.32423 -180.11665 147.32423 -180.51299 curveto
147.32423 -180.90932 147.48167 -181.28943 147.76193 -181.56969 curveto
148.04219 -181.84995 148.4223 -182.00739 148.81863 -182.00739 curveto
149.21497 -182.00739 149.59508 -181.84995 149.87534 -181.56969 curveto
150.1556 -181.28943 150.31303 -180.90932 150.31303 -180.51299 curveto closepath
fill
newpath 150.31303 -194.68619 moveto
150.31303 -194.28986 150.1556 -193.90974 149.87534 -193.62949 curveto
149.59508 -193.34923 149.21497 -193.19179 148.81863 -193.19179 curveto
148.4223 -193.19179 148.04219 -193.34923 147.76193 -193.62949 curveto
147.48167 -193.90974 147.32423 -194.28986 147.32423 -194.68619 curveto
147.32423 -195.08252 147.48167 -195.46263 147.76193 -195.74289 curveto
148.04219 -196.02315 148.4223 -196.18059 148.81863 -196.18059 curveto
149.21497 -196.18059 149.59508 -196.02315 149.87534 -195.74289 curveto
150.1556 -195.46263 150.31303 -195.08252 150.31303 -194.68619 curveto closepath
fill
65.04471 22.84248 moveto
(Plain) cmr10 9.96265 fshow
87.5991 22.84248 moveto
(text) cmr10 9.96265 fshow
165.9912 -183.97226 moveto
(5) cmr10 9.96265 fshow
174.2934 -183.97226 moveto
(more) cmr10 9.96265 fshow
199.22769 -183.97226 moveto
(rounds) cmr10 9.96265 fshow
showpage
%%EOF

327
Supporting_Documentation/tex/skein-23.mps Normal file
View File

@ -0,0 +1,327 @@
%!PS
%%BoundingBox: -54 -61 145 46
%%HiResBoundingBox: -53.12164 -60.92598 144.97418 45.3179
%%Creator: MetaPost 1.000
%%CreationDate: 2008.08.28:0231
%%Pages: 1
%*Font: cmmi10 9.96265 9.96265 48:84
%*Font: cmr10 9.96265 9.96265 0c:800000000fca000000000440a
%*Font: cmr7 6.97385 6.97385 30:e
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 1.66928 17.00784 moveto
1.66928 17.00784 lineto
1.66928 -17.00784 lineto
1.66928 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -18.1732 17.00784 moveto
-18.1732 17.00784 lineto
1.66928 17.00784 lineto
1.66928 17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -18.1732 17.00784 moveto
-18.1732 17.00784 lineto
-18.1732 -17.00784 lineto
-18.1732 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -18.1732 -17.00784 moveto
-18.1732 -17.00784 lineto
1.66928 -17.00784 lineto
1.66928 -17.00784 lineto stroke
newpath 17.00177 2.82857 moveto
17.72554 2.1048 18.1732 1.10492 18.1732 0.00049 curveto
18.1732 -0.00049 lineto
18.1732 -1.10492 17.72554 -2.1048 17.00177 -2.82857 curveto stroke
newpath 11.34464 2.82857 moveto
12.0684 3.55234 13.06828 4 14.17271 4 curveto
14.17369 4 lineto
15.27812 4 16.278 3.55234 17.00177 2.82857 curveto stroke
newpath 11.34464 2.82857 moveto
10.62086 2.1048 10.1732 1.10492 10.1732 0.00049 curveto
10.1732 -0.00049 lineto
10.1732 -1.10492 10.62086 -2.1048 11.34464 -2.82857 curveto stroke
newpath 11.34464 -2.82857 moveto
12.0684 -3.55234 13.06828 -4 14.17271 -4 curveto
14.17369 -4 lineto
15.27812 -4 16.278 -3.55234 17.00177 -2.82857 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 14.1732 4 moveto
14.1732 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 18.1732 0 moveto
10.1732 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -8.25197 34.01569 moveto
-8.25197 17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -9.78273 20.70332 moveto
-8.25197 17.00784 lineto
-6.7212 20.70332 lineto
closepath
gsave fill grestore stroke
newpath -8.25197 25.51176 moveto
14.1732 25.51176 lineto
14.1732 4 lineto stroke
newpath 12.64244 7.69548 moveto
14.1732 4 lineto
15.70396 7.69548 lineto
closepath
gsave fill grestore stroke
newpath 1.66928 0 moveto
10.1732 0 lineto stroke
newpath 6.47772 -1.53076 moveto
10.1732 0 lineto
6.47772 1.53076 lineto
closepath
gsave fill grestore stroke
newpath -23.84248 -34.01569 moveto
-23.84248 -2.83464 lineto
-18.1732 -2.83464 lineto stroke
newpath -21.86865 -4.36539 moveto
-18.1732 -2.83464 lineto
-21.86865 -1.3039 lineto
closepath
gsave fill grestore stroke
newpath -18.1732 5.66928 moveto
-12.50392 0 lineto
-18.1732 -5.66928 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 57.85817 17.00784 moveto
57.85817 17.00784 lineto
57.85817 -17.00784 lineto
57.85817 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 38.01569 17.00784 moveto
38.01569 17.00784 lineto
57.85817 17.00784 lineto
57.85817 17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 38.01569 17.00784 moveto
38.01569 17.00784 lineto
38.01569 -17.00784 lineto
38.01569 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 38.01569 -17.00784 moveto
38.01569 -17.00784 lineto
57.85817 -17.00784 lineto
57.85817 -17.00784 lineto stroke
newpath 73.19066 2.82857 moveto
73.91443 2.1048 74.36209 1.10492 74.36209 0.00049 curveto
74.36209 -0.00049 lineto
74.36209 -1.10492 73.91443 -2.1048 73.19066 -2.82857 curveto stroke
newpath 67.53352 2.82857 moveto
68.2573 3.55234 69.25717 4 70.3616 4 curveto
70.36258 4 lineto
71.46701 4 72.46689 3.55234 73.19066 2.82857 curveto stroke
newpath 67.53352 2.82857 moveto
66.80975 2.1048 66.36209 1.10492 66.36209 0.00049 curveto
66.36209 -0.00049 lineto
66.36209 -1.10492 66.80975 -2.1048 67.53352 -2.82857 curveto stroke
newpath 67.53352 -2.82857 moveto
68.2573 -3.55234 69.25717 -4 70.3616 -4 curveto
70.36258 -4 lineto
71.46701 -4 72.46689 -3.55234 73.19066 -2.82857 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 70.36209 4 moveto
70.36209 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 74.36209 0 moveto
66.36209 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 47.93692 34.01569 moveto
47.93692 17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 46.40616 20.70332 moveto
47.93692 17.00784 lineto
49.46768 20.70332 lineto
closepath
gsave fill grestore stroke
newpath 47.93692 25.51176 moveto
70.36209 25.51176 lineto
70.36209 4 lineto stroke
newpath 68.83133 7.69548 moveto
70.36209 4 lineto
71.89285 7.69548 lineto
closepath
gsave fill grestore stroke
newpath 57.85817 0 moveto
66.36209 0 lineto stroke
newpath 62.66661 -1.53076 moveto
66.36209 0 lineto
62.66661 1.53076 lineto
closepath
gsave fill grestore stroke
newpath 32.3464 -34.01569 moveto
32.3464 -2.83464 lineto
38.01569 -2.83464 lineto stroke
newpath 34.32024 -4.36539 moveto
38.01569 -2.83464 lineto
34.32024 -1.3039 lineto
closepath
gsave fill grestore stroke
newpath 38.01569 5.66928 moveto
43.68497 0 lineto
38.01569 -5.66928 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 114.04706 17.00784 moveto
114.04706 17.00784 lineto
114.04706 -17.00784 lineto
114.04706 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 94.20457 17.00784 moveto
94.20457 17.00784 lineto
114.04706 17.00784 lineto
114.04706 17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 94.20457 17.00784 moveto
94.20457 17.00784 lineto
94.20457 -17.00784 lineto
94.20457 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 94.20457 -17.00784 moveto
94.20457 -17.00784 lineto
114.04706 -17.00784 lineto
114.04706 -17.00784 lineto stroke
newpath 129.37955 2.82857 moveto
130.10332 2.1048 130.55098 1.10492 130.55098 0.00049 curveto
130.55098 -0.00049 lineto
130.55098 -1.10492 130.10332 -2.1048 129.37955 -2.82857 curveto stroke
newpath 123.72241 2.82857 moveto
124.44618 3.55234 125.44606 4 126.55049 4 curveto
126.55147 4 lineto
127.6559 4 128.65578 3.55234 129.37955 2.82857 curveto stroke
newpath 123.72241 2.82857 moveto
122.99864 2.1048 122.55098 1.10492 122.55098 0.00049 curveto
122.55098 -0.00049 lineto
122.55098 -1.10492 122.99864 -2.1048 123.72241 -2.82857 curveto stroke
newpath 123.72241 -2.82857 moveto
124.44618 -3.55234 125.44606 -4 126.55049 -4 curveto
126.55147 -4 lineto
127.6559 -4 128.65578 -3.55234 129.37955 -2.82857 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 126.55098 4 moveto
126.55098 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 130.55098 0 moveto
122.55098 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 104.12581 34.01569 moveto
104.12581 17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 102.59505 20.70332 moveto
104.12581 17.00784 lineto
105.65657 20.70332 lineto
closepath
gsave fill grestore stroke
newpath 104.12581 25.51176 moveto
126.55098 25.51176 lineto
126.55098 4 lineto stroke
newpath 125.02022 7.69548 moveto
126.55098 4 lineto
128.08174 7.69548 lineto
closepath
gsave fill grestore stroke
newpath 114.04706 0 moveto
122.55098 0 lineto stroke
newpath 118.8555 -1.53076 moveto
122.55098 0 lineto
118.8555 1.53076 lineto
closepath
gsave fill grestore stroke
newpath 88.5353 -34.01569 moveto
88.5353 -2.83464 lineto
94.20457 -2.83464 lineto stroke
newpath 90.50912 -4.36539 moveto
94.20457 -2.83464 lineto
90.50912 -1.3039 lineto
closepath
gsave fill grestore stroke
newpath 94.20457 5.66928 moveto
99.87386 0 lineto
94.20457 -5.66928 lineto stroke
newpath 18.1732 0 moveto
38.01569 0 lineto stroke
newpath 34.32025 -1.53073 moveto
38.01569 0 lineto
34.32025 1.53073 lineto
closepath
gsave fill grestore stroke
newpath 74.36209 0 moveto
94.20457 0 lineto stroke
newpath 90.50914 -1.53073 moveto
94.20457 0 lineto
90.50914 1.53073 lineto
closepath
gsave fill grestore stroke
newpath 130.55098 0 moveto
144.72418 0 lineto stroke
newpath 141.02864 -1.53078 moveto
144.72418 0 lineto
141.02864 1.53078 lineto
closepath
gsave fill grestore stroke
newpath -32.3464 0 moveto
-18.1732 0 lineto stroke
newpath -21.86874 -1.53078 moveto
-18.1732 0 lineto
-21.86874 1.53078 lineto
closepath
gsave fill grestore stroke
-48.0972 -2.65671 moveto
(H) cmmi10 9.96265 fshow
-39.8158 -4.15111 moveto
(0) cmr7 6.97385 fshow
-15.31923 38.5101 moveto
(M) cmmi10 9.96265 fshow
-5.65402 37.0157 moveto
(0) cmr7 6.97385 fshow
40.86966 38.5101 moveto
(M) cmmi10 9.96265 fshow
50.53487 37.0157 moveto
(1) cmr7 6.97385 fshow
97.05855 38.5101 moveto
(M) cmmi10 9.96265 fshow
106.72375 37.0157 moveto
(2) cmr7 6.97385 fshow
-38.95255 -45.48389 moveto
(len) cmr10 9.96265 fshow
-25.22615 -45.48389 moveto
(:) cmr10 9.96265 fshow
-21.46245 -45.48389 moveto
(512) cmr10 9.96265 fshow
-45.04085 -57.43909 moveto
(\014nal) cmr10 9.96265 fshow
-25.22615 -57.43909 moveto
(:) cmr10 9.96265 fshow
-21.46245 -57.43909 moveto
(0) cmr10 9.96265 fshow
17.23634 -45.48389 moveto
(len) cmr10 9.96265 fshow
30.96274 -45.48389 moveto
(:) cmr10 9.96265 fshow
34.72644 -45.48389 moveto
(1024) cmr10 9.96265 fshow
11.14804 -57.43909 moveto
(\014nal) cmr10 9.96265 fshow
30.96274 -57.43909 moveto
(:) cmr10 9.96265 fshow
34.72644 -57.43909 moveto
(0) cmr10 9.96265 fshow
73.42523 -45.48389 moveto
(len) cmr10 9.96265 fshow
87.15163 -45.48389 moveto
(:) cmr10 9.96265 fshow
90.91533 -45.48389 moveto
(1328) cmr10 9.96265 fshow
67.33693 -57.43909 moveto
(\014nal) cmr10 9.96265 fshow
87.15163 -57.43909 moveto
(:) cmr10 9.96265 fshow
90.91533 -57.43909 moveto
(1) cmr10 9.96265 fshow
showpage
%%EOF

398
Supporting_Documentation/tex/skein-24.mps Normal file
View File

@ -0,0 +1,398 @@
%!PS
%%BoundingBox: -25 -35 244 35
%%HiResBoundingBox: -24.09248 -34.26569 243.17876 34.26569
%%Creator: MetaPost 1.000
%%CreationDate: 2008.08.28:0231
%%Pages: 1
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 1.66928 17.00784 moveto
1.66928 17.00784 lineto
1.66928 -17.00784 lineto
1.66928 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -18.1732 17.00784 moveto
-18.1732 17.00784 lineto
1.66928 17.00784 lineto
1.66928 17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -18.1732 17.00784 moveto
-18.1732 17.00784 lineto
-18.1732 -17.00784 lineto
-18.1732 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -18.1732 -17.00784 moveto
-18.1732 -17.00784 lineto
1.66928 -17.00784 lineto
1.66928 -17.00784 lineto stroke
newpath 17.00177 2.82857 moveto
17.72554 2.1048 18.1732 1.10492 18.1732 0.00049 curveto
18.1732 -0.00049 lineto
18.1732 -1.10492 17.72554 -2.1048 17.00177 -2.82857 curveto stroke
newpath 11.34464 2.82857 moveto
12.0684 3.55234 13.06828 4 14.17271 4 curveto
14.17369 4 lineto
15.27812 4 16.278 3.55234 17.00177 2.82857 curveto stroke
newpath 11.34464 2.82857 moveto
10.62086 2.1048 10.1732 1.10492 10.1732 0.00049 curveto
10.1732 -0.00049 lineto
10.1732 -1.10492 10.62086 -2.1048 11.34464 -2.82857 curveto stroke
newpath 11.34464 -2.82857 moveto
12.0684 -3.55234 13.06828 -4 14.17271 -4 curveto
14.17369 -4 lineto
15.27812 -4 16.278 -3.55234 17.00177 -2.82857 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 14.1732 4 moveto
14.1732 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 18.1732 0 moveto
10.1732 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -8.25197 34.01569 moveto
-8.25197 17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -9.78273 20.70332 moveto
-8.25197 17.00784 lineto
-6.7212 20.70332 lineto
closepath
gsave fill grestore stroke
newpath -8.25197 25.51176 moveto
14.1732 25.51176 lineto
14.1732 4 lineto stroke
newpath 12.64244 7.69548 moveto
14.1732 4 lineto
15.70396 7.69548 lineto
closepath
gsave fill grestore stroke
newpath 1.66928 0 moveto
10.1732 0 lineto stroke
newpath 6.47772 -1.53076 moveto
10.1732 0 lineto
6.47772 1.53076 lineto
closepath
gsave fill grestore stroke
newpath -23.84248 -34.01569 moveto
-23.84248 -2.83464 lineto
-18.1732 -2.83464 lineto stroke
newpath -21.86865 -4.36539 moveto
-18.1732 -2.83464 lineto
-21.86865 -1.3039 lineto
closepath
gsave fill grestore stroke
newpath -18.1732 5.66928 moveto
-12.50392 0 lineto
-18.1732 -5.66928 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 57.85817 17.00784 moveto
57.85817 17.00784 lineto
57.85817 -17.00784 lineto
57.85817 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 38.01569 17.00784 moveto
38.01569 17.00784 lineto
57.85817 17.00784 lineto
57.85817 17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 38.01569 17.00784 moveto
38.01569 17.00784 lineto
38.01569 -17.00784 lineto
38.01569 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 38.01569 -17.00784 moveto
38.01569 -17.00784 lineto
57.85817 -17.00784 lineto
57.85817 -17.00784 lineto stroke
newpath 73.19066 2.82857 moveto
73.91443 2.1048 74.36209 1.10492 74.36209 0.00049 curveto
74.36209 -0.00049 lineto
74.36209 -1.10492 73.91443 -2.1048 73.19066 -2.82857 curveto stroke
newpath 67.53352 2.82857 moveto
68.2573 3.55234 69.25717 4 70.3616 4 curveto
70.36258 4 lineto
71.46701 4 72.46689 3.55234 73.19066 2.82857 curveto stroke
newpath 67.53352 2.82857 moveto
66.80975 2.1048 66.36209 1.10492 66.36209 0.00049 curveto
66.36209 -0.00049 lineto
66.36209 -1.10492 66.80975 -2.1048 67.53352 -2.82857 curveto stroke
newpath 67.53352 -2.82857 moveto
68.2573 -3.55234 69.25717 -4 70.3616 -4 curveto
70.36258 -4 lineto
71.46701 -4 72.46689 -3.55234 73.19066 -2.82857 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 70.36209 4 moveto
70.36209 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 74.36209 0 moveto
66.36209 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 47.93692 34.01569 moveto
47.93692 17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 46.40616 20.70332 moveto
47.93692 17.00784 lineto
49.46768 20.70332 lineto
closepath
gsave fill grestore stroke
newpath 47.93692 25.51176 moveto
70.36209 25.51176 lineto
70.36209 4 lineto stroke
newpath 68.83133 7.69548 moveto
70.36209 4 lineto
71.89285 7.69548 lineto
closepath
gsave fill grestore stroke
newpath 57.85817 0 moveto
66.36209 0 lineto stroke
newpath 62.66661 -1.53076 moveto
66.36209 0 lineto
62.66661 1.53076 lineto
closepath
gsave fill grestore stroke
newpath 32.3464 -34.01569 moveto
32.3464 -2.83464 lineto
38.01569 -2.83464 lineto stroke
newpath 34.32024 -4.36539 moveto
38.01569 -2.83464 lineto
34.32024 -1.3039 lineto
closepath
gsave fill grestore stroke
newpath 38.01569 5.66928 moveto
43.68497 0 lineto
38.01569 -5.66928 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 114.04706 17.00784 moveto
114.04706 17.00784 lineto
114.04706 -17.00784 lineto
114.04706 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 94.20457 17.00784 moveto
94.20457 17.00784 lineto
114.04706 17.00784 lineto
114.04706 17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 94.20457 17.00784 moveto
94.20457 17.00784 lineto
94.20457 -17.00784 lineto
94.20457 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 94.20457 -17.00784 moveto
94.20457 -17.00784 lineto
114.04706 -17.00784 lineto
114.04706 -17.00784 lineto stroke
newpath 129.37955 2.82857 moveto
130.10332 2.1048 130.55098 1.10492 130.55098 0.00049 curveto
130.55098 -0.00049 lineto
130.55098 -1.10492 130.10332 -2.1048 129.37955 -2.82857 curveto stroke
newpath 123.72241 2.82857 moveto
124.44618 3.55234 125.44606 4 126.55049 4 curveto
126.55147 4 lineto
127.6559 4 128.65578 3.55234 129.37955 2.82857 curveto stroke
newpath 123.72241 2.82857 moveto
122.99864 2.1048 122.55098 1.10492 122.55098 0.00049 curveto
122.55098 -0.00049 lineto
122.55098 -1.10492 122.99864 -2.1048 123.72241 -2.82857 curveto stroke
newpath 123.72241 -2.82857 moveto
124.44618 -3.55234 125.44606 -4 126.55049 -4 curveto
126.55147 -4 lineto
127.6559 -4 128.65578 -3.55234 129.37955 -2.82857 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 126.55098 4 moveto
126.55098 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 130.55098 0 moveto
122.55098 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 104.12581 34.01569 moveto
104.12581 17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 102.59505 20.70332 moveto
104.12581 17.00784 lineto
105.65657 20.70332 lineto
closepath
gsave fill grestore stroke
newpath 104.12581 25.51176 moveto
126.55098 25.51176 lineto
126.55098 4 lineto stroke
newpath 125.02022 7.69548 moveto
126.55098 4 lineto
128.08174 7.69548 lineto
closepath
gsave fill grestore stroke
newpath 114.04706 0 moveto
122.55098 0 lineto stroke
newpath 118.8555 -1.53076 moveto
122.55098 0 lineto
118.8555 1.53076 lineto
closepath
gsave fill grestore stroke
newpath 88.5353 -34.01569 moveto
88.5353 -2.83464 lineto
94.20457 -2.83464 lineto stroke
newpath 90.50912 -4.36539 moveto
94.20457 -2.83464 lineto
90.50912 -1.3039 lineto
closepath
gsave fill grestore stroke
newpath 94.20457 5.66928 moveto
99.87386 0 lineto
94.20457 -5.66928 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 170.23595 17.00784 moveto
170.23595 17.00784 lineto
170.23595 -17.00784 lineto
170.23595 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 150.39346 17.00784 moveto
150.39346 17.00784 lineto
170.23595 17.00784 lineto
170.23595 17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 150.39346 17.00784 moveto
150.39346 17.00784 lineto
150.39346 -17.00784 lineto
150.39346 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 150.39346 -17.00784 moveto
150.39346 -17.00784 lineto
170.23595 -17.00784 lineto
170.23595 -17.00784 lineto stroke
newpath 185.56844 2.82857 moveto
186.2922 2.1048 186.73987 1.10492 186.73987 0.00049 curveto
186.73987 -0.00049 lineto
186.73987 -1.10492 186.2922 -2.1048 185.56844 -2.82857 curveto stroke
newpath 179.9113 2.82857 moveto
180.63507 3.55234 181.63495 4 182.73938 4 curveto
182.74036 4 lineto
183.84479 4 184.84467 3.55234 185.56844 2.82857 curveto stroke
newpath 179.9113 2.82857 moveto
179.18753 2.1048 178.73987 1.10492 178.73987 0.00049 curveto
178.73987 -0.00049 lineto
178.73987 -1.10492 179.18753 -2.1048 179.9113 -2.82857 curveto stroke
newpath 179.9113 -2.82857 moveto
180.63507 -3.55234 181.63495 -4 182.73938 -4 curveto
182.74036 -4 lineto
183.84479 -4 184.84467 -3.55234 185.56844 -2.82857 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 182.73987 4 moveto
182.73987 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 186.73987 0 moveto
178.73987 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 160.3147 34.01569 moveto
160.3147 17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 158.78394 20.70332 moveto
160.3147 17.00784 lineto
161.84546 20.70332 lineto
closepath
gsave fill grestore stroke
newpath 160.3147 25.51176 moveto
182.73987 25.51176 lineto
182.73987 4 lineto stroke
newpath 181.2091 7.69548 moveto
182.73987 4 lineto
184.27063 7.69548 lineto
closepath
gsave fill grestore stroke
newpath 170.23595 0 moveto
178.73987 0 lineto stroke
newpath 175.04439 -1.53076 moveto
178.73987 0 lineto
175.04439 1.53076 lineto
closepath
gsave fill grestore stroke
newpath 144.72418 -34.01569 moveto
144.72418 -2.83464 lineto
150.39346 -2.83464 lineto stroke
newpath 146.69801 -4.36539 moveto
150.39346 -2.83464 lineto
146.69801 -1.3039 lineto
closepath
gsave fill grestore stroke
newpath 150.39346 5.66928 moveto
156.06274 0 lineto
150.39346 -5.66928 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 226.42484 17.00784 moveto
226.42484 17.00784 lineto
226.42484 -17.00784 lineto
226.42484 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 206.58235 17.00784 moveto
206.58235 17.00784 lineto
226.42484 17.00784 lineto
226.42484 17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 206.58235 17.00784 moveto
206.58235 17.00784 lineto
206.58235 -17.00784 lineto
206.58235 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 206.58235 -17.00784 moveto
206.58235 -17.00784 lineto
226.42484 -17.00784 lineto
226.42484 -17.00784 lineto stroke
newpath 241.75732 2.82857 moveto
242.4811 2.1048 242.92876 1.10492 242.92876 0.00049 curveto
242.92876 -0.00049 lineto
242.92876 -1.10492 242.4811 -2.1048 241.75732 -2.82857 curveto stroke
newpath 236.10019 2.82857 moveto
236.82396 3.55234 237.82384 4 238.92827 4 curveto
238.92924 4 lineto
240.03368 4 241.03355 3.55234 241.75732 2.82857 curveto stroke
newpath 236.10019 2.82857 moveto
235.37642 2.1048 234.92876 1.10492 234.92876 0.00049 curveto
234.92876 -0.00049 lineto
234.92876 -1.10492 235.37642 -2.1048 236.10019 -2.82857 curveto stroke
newpath 236.10019 -2.82857 moveto
236.82396 -3.55234 237.82384 -4 238.92827 -4 curveto
238.92924 -4 lineto
240.03368 -4 241.03355 -3.55234 241.75732 -2.82857 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 238.92876 4 moveto
238.92876 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 242.92876 0 moveto
234.92876 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 216.50359 34.01569 moveto
216.50359 17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 214.97282 20.70332 moveto
216.50359 17.00784 lineto
218.03435 20.70332 lineto
closepath
gsave fill grestore stroke
newpath 216.50359 25.51176 moveto
238.92876 25.51176 lineto
238.92876 4 lineto stroke
newpath 237.398 7.69548 moveto
238.92876 4 lineto
240.45952 7.69548 lineto
closepath
gsave fill grestore stroke
newpath 226.42484 0 moveto
234.92876 0 lineto stroke
newpath 231.23328 -1.53076 moveto
234.92876 0 lineto
231.23328 1.53076 lineto
closepath
gsave fill grestore stroke
newpath 200.91307 -34.01569 moveto
200.91307 -2.83464 lineto
206.58235 -2.83464 lineto stroke
newpath 202.8869 -4.36539 moveto
206.58235 -2.83464 lineto
202.8869 -1.3039 lineto
closepath
gsave fill grestore stroke
newpath 206.58235 5.66928 moveto
212.25163 0 lineto
206.58235 -5.66928 lineto stroke
showpage
%%EOF

1440
Supporting_Documentation/tex/skein-25.mps Normal file
View File

File diff suppressed because it is too large Load Diff

161
Supporting_Documentation/tex/skein-31.mps Normal file
View File

@ -0,0 +1,161 @@
%!PS
%%BoundingBox: -46 -68 85 19
%%HiResBoundingBox: -45.20761 -67.94917 84.85632 18.1732
%%Creator: MetaPost 1.000
%%CreationDate: 2008.10.19:0139
%%Pages: 1
%*Font: cmmi10 9.96265 9.96265 3c:800002
%*Font: cmmi7 6.97385 6.97385 3b:80000000000201
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 4 4 moveto
4 4 lineto
4 -4 lineto
4 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -4 4 moveto
-4 4 lineto
4 4 lineto
4 4 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -4 4 moveto
-4 4 lineto
-4 -4 lineto
-4 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -4 -4 moveto
-4 -4 lineto
4 -4 lineto
4 -4 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 4 moveto
0 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 4 0 moveto
-4 0 lineto stroke
31.3464 -25.37865 moveto
(<) cmmi10 9.96265 fshow
35.7743 -25.37865 moveto
(<) cmmi10 9.96265 fshow
40.2023 -25.37865 moveto
(<) cmmi10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 50.95102 -17.00784 moveto
50.95102 -17.00784 lineto
50.95102 -28.76813 lineto
50.95102 -28.76813 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 28.3464 -17.00784 moveto
28.3464 -17.00784 lineto
50.95102 -17.00784 lineto
50.95102 -17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 28.3464 -17.00784 moveto
28.3464 -17.00784 lineto
28.3464 -28.76813 lineto
28.3464 -28.76813 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 28.3464 -28.76813 moveto
28.3464 -28.76813 lineto
50.95102 -28.76813 lineto
50.95102 -28.76813 lineto stroke
newpath 42.47728 -46.9474 moveto
43.20105 -47.67117 43.64871 -48.67105 43.64871 -49.77548 curveto
43.64871 -49.77646 lineto
43.64871 -50.88089 43.20105 -51.88077 42.47728 -52.60454 curveto stroke
newpath 36.82014 -46.9474 moveto
37.54391 -46.22363 38.5438 -45.77597 39.64822 -45.77597 curveto
39.6492 -45.77597 lineto
40.75363 -45.77597 41.75351 -46.22363 42.47728 -46.9474 curveto stroke
newpath 36.82014 -46.9474 moveto
36.09637 -47.67117 35.64871 -48.67105 35.64871 -49.77548 curveto
35.64871 -49.77646 lineto
35.64871 -50.88089 36.09637 -51.88077 36.82014 -52.60454 curveto stroke
newpath 36.82014 -52.60454 moveto
37.54391 -53.32831 38.5438 -53.77597 39.64822 -53.77597 curveto
39.6492 -53.77597 lineto
40.75363 -53.77597 41.75351 -53.32831 42.47728 -52.60454 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 39.64871 -45.77597 moveto
39.64871 -53.77597 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 43.64871 -49.77597 moveto
35.64871 -49.77597 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 18.1732 moveto
0 4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -1.53078 7.69554 moveto
0 4 lineto
1.53078 7.69554 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 39.64871 18.1732 moveto
39.64871 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 38.11801 -13.31248 moveto
39.64871 -17.00784 lineto
41.17941 -13.31248 lineto
closepath
gsave fill grestore stroke
newpath 39.64871 0 moveto
4 0 lineto stroke
newpath 7.69574 1.53087 moveto
4 0 lineto
7.69574 -1.53087 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 -4 moveto
0 -67.94917 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -1.53067 -64.2539 moveto
0 -67.94917 lineto
1.53067 -64.2539 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 39.64871 -28.76813 moveto
39.64871 -45.77597 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 38.11795 -42.08049 moveto
39.64871 -45.77597 lineto
41.17947 -42.08049 lineto
closepath
gsave fill grestore stroke
newpath 0 -49.77597 moveto
35.64871 -49.77597 lineto stroke
newpath 31.95297 -51.30684 moveto
35.64871 -49.77597 lineto
31.95297 -48.2451 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 39.64871 -53.77597 moveto
39.64871 -67.94917 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 38.11794 -64.25363 moveto
39.64871 -67.94917 lineto
41.17949 -64.25363 lineto
closepath
gsave fill grestore stroke
newpath 65.12422 -22.88799 moveto
50.95102 -22.88799 lineto stroke
newpath 54.64656 -21.35721 moveto
50.95102 -22.88799 lineto
54.64656 -24.41876 lineto
closepath
gsave fill grestore stroke
68.12422 -24.86668 moveto
(R) cmmi10 9.96265 fshow
75.68872 -26.36108 moveto
(r) cmmi7 6.97385 fshow
79.17342 -26.36108 moveto
(;i) cmmi7 6.97385 fshow
showpage
%%EOF

812
Supporting_Documentation/tex/skein-32.mps Normal file
View File

@ -0,0 +1,812 @@
%!PS
%%BoundingBox: -57 -231 227 30
%%HiResBoundingBox: -56.7471 -230.88246 226.82556 29.76099
%%Creator: MetaPost 1.000
%%CreationDate: 2008.10.19:0139
%%Pages: 1
%*Font: cmr10 9.96265 9.96265 30:c00000049000645e2cc
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 170.07843 0 moveto
170.07843 0 lineto
170.07843 -16 lineto
170.07843 -16 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 0 0 moveto
0 0 lineto
170.07843 0 lineto
170.07843 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 0 moveto
0 0 lineto
0 -16 lineto
0 -16 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 0 -16 moveto
0 -16 lineto
170.07843 -16 lineto
170.07843 -16 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 89.03922 -4 moveto
89.03922 -4 lineto
89.03922 -12 lineto
89.03922 -12 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 81.03922 -4 moveto
81.03922 -4 lineto
89.03922 -4 lineto
89.03922 -4 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 81.03922 -4 moveto
81.03922 -4 lineto
81.03922 -12 lineto
81.03922 -12 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 81.03922 -12 moveto
81.03922 -12 lineto
89.03922 -12 lineto
89.03922 -12 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 85.03922 -4 moveto
85.03922 -12 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 89.03922 -8 moveto
81.03922 -8 lineto stroke
newpath -14.1732 -8 moveto
0 -8 lineto stroke
newpath -3.69554 -9.53078 moveto
0 -8 lineto
-3.69554 -6.46922 lineto
closepath
gsave fill grestore stroke
-56.7471 -10.49066 moveto
(Subk) cmr10 9.96265 fshow
-35.1613 -10.49066 moveto
(ey) cmr10 9.96265 fshow
-22.1545 -10.49066 moveto
(0) cmr10 9.96265 fshow
33.94067 -34.99442 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 77.95241 -24.50392 moveto
77.95241 -24.50392 lineto
77.95241 -38.67712 lineto
77.95241 -38.67712 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -24.50392 moveto
7.08684 -24.50392 lineto
77.95241 -24.50392 lineto
77.95241 -24.50392 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -24.50392 moveto
7.08684 -24.50392 lineto
7.08684 -38.67712 lineto
7.08684 -38.67712 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -38.67712 moveto
7.08684 -38.67712 lineto
77.95241 -38.67712 lineto
77.95241 -38.67712 lineto stroke
118.97946 -34.99442 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -24.50392 moveto
162.9912 -24.50392 lineto
162.9912 -38.67712 lineto
162.9912 -38.67712 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12563 -24.50392 moveto
92.12563 -24.50392 lineto
162.9912 -24.50392 lineto
162.9912 -24.50392 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 92.12563 -24.50392 moveto
92.12563 -24.50392 lineto
92.12563 -38.67712 lineto
92.12563 -38.67712 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12563 -38.67712 moveto
92.12563 -38.67712 lineto
162.9912 -38.67712 lineto
162.9912 -38.67712 lineto stroke
66.69112 -56.98885 moveto
(P) cmr10 9.96265 fshow
73.19452 -56.98885 moveto
(erm) cmr10 9.96265 fshow
89.54991 -56.98885 moveto
(ute) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -47.18105 moveto
162.9912 -47.18105 lineto
162.9912 -59.98885 lineto
162.9912 -59.98885 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -47.18105 moveto
7.08684 -47.18105 lineto
162.9912 -47.18105 lineto
162.9912 -47.18105 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -47.18105 moveto
7.08684 -47.18105 lineto
7.08684 -59.98885 lineto
7.08684 -59.98885 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -59.98885 moveto
7.08684 -59.98885 lineto
162.9912 -59.98885 lineto
162.9912 -59.98885 lineto stroke
33.94067 -78.98326 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 77.95241 -68.49277 moveto
77.95241 -68.49277 lineto
77.95241 -82.66597 lineto
77.95241 -82.66597 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -68.49277 moveto
7.08684 -68.49277 lineto
77.95241 -68.49277 lineto
77.95241 -68.49277 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -68.49277 moveto
7.08684 -68.49277 lineto
7.08684 -82.66597 lineto
7.08684 -82.66597 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -82.66597 moveto
7.08684 -82.66597 lineto
77.95241 -82.66597 lineto
77.95241 -82.66597 lineto stroke
118.97945 -78.98326 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -68.49277 moveto
162.9912 -68.49277 lineto
162.9912 -82.66597 lineto
162.9912 -82.66597 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12561 -68.49277 moveto
92.12561 -68.49277 lineto
162.9912 -68.49277 lineto
162.9912 -68.49277 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 92.12561 -68.49277 moveto
92.12561 -68.49277 lineto
92.12561 -82.66597 lineto
92.12561 -82.66597 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12561 -82.66597 moveto
92.12561 -82.66597 lineto
162.9912 -82.66597 lineto
162.9912 -82.66597 lineto stroke
66.69112 -100.97769 moveto
(P) cmr10 9.96265 fshow
73.19452 -100.97769 moveto
(erm) cmr10 9.96265 fshow
89.54991 -100.97769 moveto
(ute) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -91.16989 moveto
162.9912 -91.16989 lineto
162.9912 -103.97768 lineto
162.9912 -103.97768 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -91.16989 moveto
7.08684 -91.16989 lineto
162.9912 -91.16989 lineto
162.9912 -91.16989 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -91.16989 moveto
7.08684 -91.16989 lineto
7.08684 -103.97768 lineto
7.08684 -103.97768 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -103.97768 moveto
7.08684 -103.97768 lineto
162.9912 -103.97768 lineto
162.9912 -103.97768 lineto stroke
33.94067 -122.97209 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 77.95241 -112.4816 moveto
77.95241 -112.4816 lineto
77.95241 -126.6548 lineto
77.95241 -126.6548 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -112.4816 moveto
7.08684 -112.4816 lineto
77.95241 -112.4816 lineto
77.95241 -112.4816 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -112.4816 moveto
7.08684 -112.4816 lineto
7.08684 -126.6548 lineto
7.08684 -126.6548 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -126.6548 moveto
7.08684 -126.6548 lineto
77.95241 -126.6548 lineto
77.95241 -126.6548 lineto stroke
118.97945 -122.97209 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -112.4816 moveto
162.9912 -112.4816 lineto
162.9912 -126.6548 lineto
162.9912 -126.6548 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12561 -112.4816 moveto
92.12561 -112.4816 lineto
162.9912 -112.4816 lineto
162.9912 -112.4816 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 92.12561 -112.4816 moveto
92.12561 -112.4816 lineto
92.12561 -126.6548 lineto
92.12561 -126.6548 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12561 -126.6548 moveto
92.12561 -126.6548 lineto
162.9912 -126.6548 lineto
162.9912 -126.6548 lineto stroke
66.69112 -144.96652 moveto
(P) cmr10 9.96265 fshow
73.19452 -144.96652 moveto
(erm) cmr10 9.96265 fshow
89.54991 -144.96652 moveto
(ute) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -135.15872 moveto
162.9912 -135.15872 lineto
162.9912 -147.9665 lineto
162.9912 -147.9665 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -135.15872 moveto
7.08684 -135.15872 lineto
162.9912 -135.15872 lineto
162.9912 -135.15872 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -135.15872 moveto
7.08684 -135.15872 lineto
7.08684 -147.9665 lineto
7.08684 -147.9665 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -147.9665 moveto
7.08684 -147.9665 lineto
162.9912 -147.9665 lineto
162.9912 -147.9665 lineto stroke
33.94067 -166.96092 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 77.95241 -156.47043 moveto
77.95241 -156.47043 lineto
77.95241 -170.64363 lineto
77.95241 -170.64363 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -156.47043 moveto
7.08684 -156.47043 lineto
77.95241 -156.47043 lineto
77.95241 -156.47043 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -156.47043 moveto
7.08684 -156.47043 lineto
7.08684 -170.64363 lineto
7.08684 -170.64363 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -170.64363 moveto
7.08684 -170.64363 lineto
77.95241 -170.64363 lineto
77.95241 -170.64363 lineto stroke
118.97945 -166.96092 moveto
(Mix) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -156.47043 moveto
162.9912 -156.47043 lineto
162.9912 -170.64363 lineto
162.9912 -170.64363 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12561 -156.47043 moveto
92.12561 -156.47043 lineto
162.9912 -156.47043 lineto
162.9912 -156.47043 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 92.12561 -156.47043 moveto
92.12561 -156.47043 lineto
92.12561 -170.64363 lineto
92.12561 -170.64363 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.12561 -170.64363 moveto
92.12561 -170.64363 lineto
162.9912 -170.64363 lineto
162.9912 -170.64363 lineto stroke
66.69112 -188.95535 moveto
(P) cmr10 9.96265 fshow
73.19452 -188.95535 moveto
(erm) cmr10 9.96265 fshow
89.54991 -188.95535 moveto
(ute) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 162.9912 -179.14755 moveto
162.9912 -179.14755 lineto
162.9912 -191.95534 lineto
162.9912 -191.95534 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -179.14755 moveto
7.08684 -179.14755 lineto
162.9912 -179.14755 lineto
162.9912 -179.14755 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 7.08684 -179.14755 moveto
7.08684 -179.14755 lineto
7.08684 -191.95534 lineto
7.08684 -191.95534 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 7.08684 -191.95534 moveto
7.08684 -191.95534 lineto
162.9912 -191.95534 lineto
162.9912 -191.95534 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 170.07843 -200.45926 moveto
170.07843 -200.45926 lineto
170.07843 -216.45926 lineto
170.07843 -216.45926 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 0 -200.45926 moveto
0 -200.45926 lineto
170.07843 -200.45926 lineto
170.07843 -200.45926 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 -200.45926 moveto
0 -200.45926 lineto
0 -216.45926 lineto
0 -216.45926 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 0 -216.45926 moveto
0 -216.45926 lineto
170.07843 -216.45926 lineto
170.07843 -216.45926 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 89.03922 -204.45926 moveto
89.03922 -204.45926 lineto
89.03922 -212.45926 lineto
89.03922 -212.45926 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 81.03922 -204.45926 moveto
81.03922 -204.45926 lineto
89.03922 -204.45926 lineto
89.03922 -204.45926 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 81.03922 -204.45926 moveto
81.03922 -204.45926 lineto
81.03922 -212.45926 lineto
81.03922 -212.45926 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 81.03922 -212.45926 moveto
81.03922 -212.45926 lineto
89.03922 -212.45926 lineto
89.03922 -212.45926 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 85.03922 -204.45926 moveto
85.03922 -212.45926 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 89.03922 -208.45926 moveto
81.03922 -208.45926 lineto stroke
newpath -14.1732 -208.45926 moveto
0 -208.45926 lineto stroke
newpath -3.69554 -209.99004 moveto
0 -208.45926 lineto
-3.69554 -206.92848 lineto
closepath
gsave fill grestore stroke
-56.7471 -210.94992 moveto
(Subk) cmr10 9.96265 fshow
-35.1613 -210.94992 moveto
(ey) cmr10 9.96265 fshow
-22.1545 -210.94992 moveto
(1) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 14.1732 moveto
21.25981 0 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 3.69554 moveto
21.25981 0 lineto
22.79059 3.69554 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -16 moveto
21.25981 -24.50392 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72905 -20.80844 moveto
21.25981 -24.50392 lineto
22.79057 -20.80844 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -38.67712 moveto
21.25981 -47.18105 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72905 -43.48557 moveto
21.25981 -47.18105 lineto
22.79057 -43.48557 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -59.98885 moveto
21.25981 -68.49277 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72905 -64.79729 moveto
21.25981 -68.49277 lineto
22.79057 -64.79729 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -82.66597 moveto
21.25981 -91.16989 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72905 -87.47441 moveto
21.25981 -91.16989 lineto
22.79057 -87.47441 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -103.97768 moveto
21.25981 -112.4816 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72905 -108.78612 moveto
21.25981 -112.4816 lineto
22.79057 -108.78612 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -126.6548 moveto
21.25981 -135.15872 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72905 -131.46324 moveto
21.25981 -135.15872 lineto
22.79057 -131.46324 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -147.9665 moveto
21.25981 -156.47043 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72905 -152.77495 moveto
21.25981 -156.47043 lineto
22.79057 -152.77495 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -170.64363 moveto
21.25981 -179.14755 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72905 -175.45207 moveto
21.25981 -179.14755 lineto
22.79057 -175.45207 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -191.95534 moveto
21.25981 -200.45926 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72905 -196.76378 moveto
21.25981 -200.45926 lineto
22.79057 -196.76378 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 21.25981 -216.45926 moveto
21.25981 -230.63246 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 19.72903 -226.93692 moveto
21.25981 -230.63246 lineto
22.79059 -226.93692 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 14.1732 moveto
63.77942 0 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 3.69554 moveto
63.77942 0 lineto
65.3102 3.69554 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -16 moveto
63.77942 -24.50392 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24866 -20.80844 moveto
63.77942 -24.50392 lineto
65.31018 -20.80844 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -38.67712 moveto
63.77942 -47.18105 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24866 -43.48557 moveto
63.77942 -47.18105 lineto
65.31018 -43.48557 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -59.98885 moveto
63.77942 -68.49277 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24866 -64.79729 moveto
63.77942 -68.49277 lineto
65.31018 -64.79729 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -82.66597 moveto
63.77942 -91.16989 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24866 -87.47441 moveto
63.77942 -91.16989 lineto
65.31018 -87.47441 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -103.97768 moveto
63.77942 -112.4816 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24866 -108.78612 moveto
63.77942 -112.4816 lineto
65.31018 -108.78612 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -126.6548 moveto
63.77942 -135.15872 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24866 -131.46324 moveto
63.77942 -135.15872 lineto
65.31018 -131.46324 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -147.9665 moveto
63.77942 -156.47043 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24866 -152.77495 moveto
63.77942 -156.47043 lineto
65.31018 -152.77495 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -170.64363 moveto
63.77942 -179.14755 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24866 -175.45207 moveto
63.77942 -179.14755 lineto
65.31018 -175.45207 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -191.95534 moveto
63.77942 -200.45926 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24866 -196.76378 moveto
63.77942 -200.45926 lineto
65.31018 -196.76378 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 63.77942 -216.45926 moveto
63.77942 -230.63246 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 62.24864 -226.93692 moveto
63.77942 -230.63246 lineto
65.3102 -226.93692 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 14.1732 moveto
106.29903 0 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 3.69554 moveto
106.29903 0 lineto
107.8298 3.69554 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -16 moveto
106.29903 -24.50392 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76826 -20.80844 moveto
106.29903 -24.50392 lineto
107.82979 -20.80844 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -38.67712 moveto
106.29903 -47.18105 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76826 -43.48557 moveto
106.29903 -47.18105 lineto
107.82979 -43.48557 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -59.98885 moveto
106.29903 -68.49277 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76826 -64.79729 moveto
106.29903 -68.49277 lineto
107.82979 -64.79729 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -82.66597 moveto
106.29903 -91.16989 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76826 -87.47441 moveto
106.29903 -91.16989 lineto
107.82979 -87.47441 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -103.97768 moveto
106.29903 -112.4816 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76826 -108.78612 moveto
106.29903 -112.4816 lineto
107.82979 -108.78612 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -126.6548 moveto
106.29903 -135.15872 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76826 -131.46324 moveto
106.29903 -135.15872 lineto
107.82979 -131.46324 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -147.9665 moveto
106.29903 -156.47043 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76826 -152.77495 moveto
106.29903 -156.47043 lineto
107.82979 -152.77495 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -170.64363 moveto
106.29903 -179.14755 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76826 -175.45207 moveto
106.29903 -179.14755 lineto
107.82979 -175.45207 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -191.95534 moveto
106.29903 -200.45926 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76826 -196.76378 moveto
106.29903 -200.45926 lineto
107.82979 -196.76378 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.29903 -216.45926 moveto
106.29903 -230.63246 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 104.76825 -226.93692 moveto
106.29903 -230.63246 lineto
107.8298 -226.93692 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 14.1732 moveto
148.81863 0 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 3.69554 moveto
148.81863 0 lineto
150.34941 3.69554 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -16 moveto
148.81863 -24.50392 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28787 -20.80844 moveto
148.81863 -24.50392 lineto
150.3494 -20.80844 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -38.67712 moveto
148.81863 -47.18105 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28787 -43.48557 moveto
148.81863 -47.18105 lineto
150.3494 -43.48557 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -59.98885 moveto
148.81863 -68.49277 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28787 -64.79729 moveto
148.81863 -68.49277 lineto
150.3494 -64.79729 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -82.66597 moveto
148.81863 -91.16989 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28787 -87.47441 moveto
148.81863 -91.16989 lineto
150.3494 -87.47441 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -103.97768 moveto
148.81863 -112.4816 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28787 -108.78612 moveto
148.81863 -112.4816 lineto
150.3494 -108.78612 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -126.6548 moveto
148.81863 -135.15872 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28787 -131.46324 moveto
148.81863 -135.15872 lineto
150.3494 -131.46324 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -147.9665 moveto
148.81863 -156.47043 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28787 -152.77495 moveto
148.81863 -156.47043 lineto
150.3494 -152.77495 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -170.64363 moveto
148.81863 -179.14755 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28787 -175.45207 moveto
148.81863 -179.14755 lineto
150.3494 -175.45207 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -191.95534 moveto
148.81863 -200.45926 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28787 -196.76378 moveto
148.81863 -200.45926 lineto
150.3494 -196.76378 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 148.81863 -216.45926 moveto
148.81863 -230.63246 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 147.28786 -226.93692 moveto
148.81863 -230.63246 lineto
150.34941 -226.93692 lineto
closepath
gsave fill grestore stroke
65.04471 22.84248 moveto
(Plain) cmr10 9.96265 fshow
87.5991 22.84248 moveto
(text) cmr10 9.96265 fshow
showpage
%%EOF

1384
Supporting_Documentation/tex/skein-33.mps Normal file
View File

File diff suppressed because it is too large Load Diff

349
Supporting_Documentation/tex/skein-41.mps Normal file
View File

@ -0,0 +1,349 @@
%!PS
%%BoundingBox: -52 -73 184 46
%%HiResBoundingBox: -51.70432 -72.88118 183.24184 45.3179
%%Creator: MetaPost 1.000
%%CreationDate: 2008.10.19:0139
%%Pages: 1
%*Font: cmmi10 9.96265 9.96265 47:82
%*Font: cmr10 9.96265 9.96265 0c:800000000eaa000000000440a38
%*Font: cmr7 6.97385 6.97385 30:e
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 3.08661 17.00784 moveto
3.08661 17.00784 lineto
3.08661 -17.00784 lineto
3.08661 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -16.75587 17.00784 moveto
-16.75587 17.00784 lineto
3.08661 17.00784 lineto
3.08661 17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -16.75587 17.00784 moveto
-16.75587 17.00784 lineto
-16.75587 -17.00784 lineto
-16.75587 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -16.75587 -17.00784 moveto
-16.75587 -17.00784 lineto
3.08661 -17.00784 lineto
3.08661 -17.00784 lineto stroke
newpath 15.58446 2.82857 moveto
16.30823 2.1048 16.75589 1.10492 16.75589 0.00049 curveto
16.75589 -0.00049 lineto
16.75589 -1.10492 16.30823 -2.1048 15.58446 -2.82857 curveto stroke
newpath 9.92732 2.82857 moveto
10.6511 3.55234 11.65097 4 12.7554 4 curveto
12.75638 4 lineto
13.86081 4 14.86069 3.55234 15.58446 2.82857 curveto stroke
newpath 9.92732 2.82857 moveto
9.20355 2.1048 8.75589 1.10492 8.75589 0.00049 curveto
8.75589 -0.00049 lineto
8.75589 -1.10492 9.20355 -2.1048 9.92732 -2.82857 curveto stroke
newpath 9.92732 -2.82857 moveto
10.6511 -3.55234 11.65097 -4 12.7554 -4 curveto
12.75638 -4 lineto
13.86081 -4 14.86069 -3.55234 15.58446 -2.82857 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 12.75589 4 moveto
12.75589 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 16.75589 0 moveto
8.75589 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -6.83464 34.01569 moveto
-6.83464 17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -8.3654 20.70332 moveto
-6.83464 17.00784 lineto
-5.30388 20.70332 lineto
closepath
gsave fill grestore stroke
newpath -6.83464 22.67712 moveto
12.75589 22.67712 lineto
12.75589 4 lineto stroke
newpath 11.22508 7.6956 moveto
12.75589 4 lineto
14.2867 7.6956 lineto
closepath
gsave fill grestore stroke
newpath -6.83464 -17.00784 moveto
-6.83464 -22.67712 lineto
12.75589 -22.67712 lineto
12.75589 -4 lineto stroke
newpath 14.2867 -7.6956 moveto
12.75589 -4 lineto
11.22508 -7.6956 lineto
closepath
gsave fill grestore stroke
newpath -22.42516 -34.01569 moveto
-22.42516 -2.83464 lineto
-16.75587 -2.83464 lineto stroke
newpath -20.45132 -4.36539 moveto
-16.75587 -2.83464 lineto
-20.45132 -1.3039 lineto
closepath
gsave fill grestore stroke
newpath -16.75587 5.66928 moveto
-11.0866 0 lineto
-16.75587 -5.66928 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 79.11798 17.00784 moveto
79.11798 17.00784 lineto
79.11798 -17.00784 lineto
79.11798 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 59.2755 17.00784 moveto
59.2755 17.00784 lineto
79.11798 17.00784 lineto
79.11798 17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 59.2755 17.00784 moveto
59.2755 17.00784 lineto
59.2755 -17.00784 lineto
59.2755 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 59.2755 -17.00784 moveto
59.2755 -17.00784 lineto
79.11798 -17.00784 lineto
79.11798 -17.00784 lineto stroke
newpath 91.61583 2.82857 moveto
92.3396 2.1048 92.78726 1.10492 92.78726 0.00049 curveto
92.78726 -0.00049 lineto
92.78726 -1.10492 92.3396 -2.1048 91.61583 -2.82857 curveto stroke
newpath 85.9587 2.82857 moveto
86.68246 3.55234 87.68234 4 88.78677 4 curveto
88.78775 4 lineto
89.89218 4 90.89206 3.55234 91.61583 2.82857 curveto stroke
newpath 85.9587 2.82857 moveto
85.23492 2.1048 84.78726 1.10492 84.78726 0.00049 curveto
84.78726 -0.00049 lineto
84.78726 -1.10492 85.23492 -2.1048 85.9587 -2.82857 curveto stroke
newpath 85.9587 -2.82857 moveto
86.68246 -3.55234 87.68234 -4 88.78677 -4 curveto
88.78775 -4 lineto
89.89218 -4 90.89206 -3.55234 91.61583 -2.82857 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 88.78726 4 moveto
88.78726 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 92.78726 0 moveto
84.78726 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 69.19673 34.01569 moveto
69.19673 17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 67.66597 20.70332 moveto
69.19673 17.00784 lineto
70.7275 20.70332 lineto
closepath
gsave fill grestore stroke
newpath 69.19673 22.67712 moveto
88.78726 22.67712 lineto
88.78726 4 lineto stroke
newpath 87.25645 7.6956 moveto
88.78726 4 lineto
90.31807 7.6956 lineto
closepath
gsave fill grestore stroke
newpath 69.19673 -17.00784 moveto
69.19673 -22.67712 lineto
88.78726 -22.67712 lineto
88.78726 -4 lineto stroke
newpath 90.31807 -7.6956 moveto
88.78726 -4 lineto
87.25645 -7.6956 lineto
closepath
gsave fill grestore stroke
newpath 53.60622 -34.01569 moveto
53.60622 -2.83464 lineto
59.2755 -2.83464 lineto stroke
newpath 55.58005 -4.36539 moveto
59.2755 -2.83464 lineto
55.58005 -1.3039 lineto
closepath
gsave fill grestore stroke
newpath 59.2755 5.66928 moveto
64.94478 0 lineto
59.2755 -5.66928 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 155.14935 17.00784 moveto
155.14935 17.00784 lineto
155.14935 -17.00784 lineto
155.14935 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 135.30687 17.00784 moveto
135.30687 17.00784 lineto
155.14935 17.00784 lineto
155.14935 17.00784 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 135.30687 17.00784 moveto
135.30687 17.00784 lineto
135.30687 -17.00784 lineto
135.30687 -17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 135.30687 -17.00784 moveto
135.30687 -17.00784 lineto
155.14935 -17.00784 lineto
155.14935 -17.00784 lineto stroke
newpath 167.6472 2.82857 moveto
168.37097 2.1048 168.81863 1.10492 168.81863 0.00049 curveto
168.81863 -0.00049 lineto
168.81863 -1.10492 168.37097 -2.1048 167.6472 -2.82857 curveto stroke
newpath 161.99007 2.82857 moveto
162.71384 3.55234 163.71371 4 164.81815 4 curveto
164.81912 4 lineto
165.92355 4 166.92343 3.55234 167.6472 2.82857 curveto stroke
newpath 161.99007 2.82857 moveto
161.2663 2.1048 160.81863 1.10492 160.81863 0.00049 curveto
160.81863 -0.00049 lineto
160.81863 -1.10492 161.2663 -2.1048 161.99007 -2.82857 curveto stroke
newpath 161.99007 -2.82857 moveto
162.71384 -3.55234 163.71371 -4 164.81815 -4 curveto
164.81912 -4 lineto
165.92355 -4 166.92343 -3.55234 167.6472 -2.82857 curveto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 164.81863 4 moveto
164.81863 -4 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 168.81863 0 moveto
160.81863 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 145.2281 34.01569 moveto
145.2281 17.00784 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 143.69734 20.70332 moveto
145.2281 17.00784 lineto
146.75887 20.70332 lineto
closepath
gsave fill grestore stroke
newpath 145.2281 22.67712 moveto
164.81863 22.67712 lineto
164.81863 4 lineto stroke
newpath 163.28783 7.6956 moveto
164.81863 4 lineto
166.34944 7.6956 lineto
closepath
gsave fill grestore stroke
newpath 145.2281 -17.00784 moveto
145.2281 -22.67712 lineto
164.81863 -22.67712 lineto
164.81863 -4 lineto stroke
newpath 166.34944 -7.6956 moveto
164.81863 -4 lineto
163.28783 -7.6956 lineto
closepath
gsave fill grestore stroke
newpath 129.63759 -34.01569 moveto
129.63759 -2.83464 lineto
135.30687 -2.83464 lineto stroke
newpath 131.61142 -4.36539 moveto
135.30687 -2.83464 lineto
131.61142 -1.3039 lineto
closepath
gsave fill grestore stroke
newpath 135.30687 5.66928 moveto
140.97615 0 lineto
135.30687 -5.66928 lineto stroke
newpath 16.75589 0 moveto
59.2755 0 lineto stroke
newpath 55.58014 -1.5307 moveto
59.2755 0 lineto
55.58014 1.5307 lineto
closepath
gsave fill grestore stroke
newpath 92.78726 0 moveto
135.30687 0 lineto stroke
newpath 131.61151 -1.5307 moveto
135.30687 0 lineto
131.61151 1.5307 lineto
closepath
gsave fill grestore stroke
newpath 168.81863 0 moveto
182.99184 0 lineto stroke
newpath 179.2963 -1.53078 moveto
182.99184 0 lineto
179.2963 1.53078 lineto
closepath
gsave fill grestore stroke
newpath -30.92908 0 moveto
-16.75587 0 lineto stroke
newpath -20.45142 -1.53078 moveto
-16.75587 0 lineto
-20.45142 1.53078 lineto
closepath
gsave fill grestore stroke
-41.76218 -3.4039 moveto
(G) cmmi10 9.96265 fshow
-13.9019 38.5101 moveto
(M) cmmi10 9.96265 fshow
-4.2367 37.0157 moveto
(0) cmr7 6.97385 fshow
62.12947 38.5101 moveto
(M) cmmi10 9.96265 fshow
71.79468 37.0157 moveto
(1) cmr7 6.97385 fshow
138.16084 38.5101 moveto
(M) cmmi10 9.96265 fshow
147.82605 37.0157 moveto
(2) cmr7 6.97385 fshow
-37.53522 -45.484 moveto
(len) cmr10 9.96265 fshow
-23.80882 -45.484 moveto
(:) cmr10 9.96265 fshow
-20.04512 -45.484 moveto
(64) cmr10 9.96265 fshow
-42.04611 -57.43909 moveto
(\014rst) cmr10 9.96265 fshow
-23.80882 -57.43909 moveto
(:) cmr10 9.96265 fshow
-20.04512 -57.43909 moveto
(1) cmr10 9.96265 fshow
-43.62352 -69.39429 moveto
(\014nal) cmr10 9.96265 fshow
-23.80882 -69.39429 moveto
(:) cmr10 9.96265 fshow
-20.04512 -69.39429 moveto
(0) cmr10 9.96265 fshow
38.49615 -45.484 moveto
(len) cmr10 9.96265 fshow
52.22255 -45.484 moveto
(:) cmr10 9.96265 fshow
55.98625 -45.484 moveto
(128) cmr10 9.96265 fshow
33.98526 -57.43909 moveto
(\014rst) cmr10 9.96265 fshow
52.22255 -57.43909 moveto
(:) cmr10 9.96265 fshow
55.98625 -57.43909 moveto
(0) cmr10 9.96265 fshow
32.40785 -69.39429 moveto
(\014nal) cmr10 9.96265 fshow
52.22255 -69.39429 moveto
(:) cmr10 9.96265 fshow
55.98625 -69.39429 moveto
(0) cmr10 9.96265 fshow
114.52753 -45.484 moveto
(len) cmr10 9.96265 fshow
128.25392 -45.484 moveto
(:) cmr10 9.96265 fshow
132.01762 -45.484 moveto
(166) cmr10 9.96265 fshow
110.01663 -57.43909 moveto
(\014rst) cmr10 9.96265 fshow
128.25392 -57.43909 moveto
(:) cmr10 9.96265 fshow
132.01762 -57.43909 moveto
(0) cmr10 9.96265 fshow
108.43922 -69.39429 moveto
(\014nal) cmr10 9.96265 fshow
128.25392 -69.39429 moveto
(:) cmr10 9.96265 fshow
132.01762 -69.39429 moveto
(1) cmr10 9.96265 fshow
showpage
%%EOF

163
Supporting_Documentation/tex/skein-42.mps Normal file
View File

@ -0,0 +1,163 @@
%!PS
%%BoundingBox: -192 -64 192 15
%%HiResBoundingBox: -191.58823 -63.9553 191.58824 14.4232
%%Creator: MetaPost 1.000
%%CreationDate: 2008.10.19:0139
%%Pages: 1
%*Font: cmr10 9.96265 9.96265 0d:800000001c24044022000fbb77ca
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 191.33824 14.1732 moveto
191.33824 14.1732 lineto
191.33824 -14.1732 lineto
191.33824 -14.1732 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -191.33823 14.1732 moveto
-191.33823 14.1732 lineto
191.33824 14.1732 lineto
191.33824 14.1732 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -191.33823 14.1732 moveto
-191.33823 14.1732 lineto
-191.33823 -14.1732 lineto
-191.33823 -14.1732 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -191.33823 -14.1732 moveto
-191.33823 -14.1732 lineto
191.33824 -14.1732 lineto
191.33824 -14.1732 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -167.42094 14.1732 moveto
-167.42094 11.3384 lineto stroke
newpath -167.42094 -14.1732 moveto
-167.42094 -11.3384 lineto stroke
newpath -143.50366 14.1732 moveto
-143.50366 11.3384 lineto stroke
newpath -143.50366 -14.1732 moveto
-143.50366 -11.3384 lineto stroke
newpath -119.5864 14.1732 moveto
-119.5864 11.3384 lineto stroke
newpath -119.5864 -14.1732 moveto
-119.5864 -11.3384 lineto stroke
newpath -95.66911 14.1732 moveto
-95.66911 11.3384 lineto stroke
newpath -95.66911 -14.1732 moveto
-95.66911 -11.3384 lineto stroke
newpath -71.75183 14.1732 moveto
-71.75183 11.3384 lineto stroke
newpath -71.75183 -14.1732 moveto
-71.75183 -11.3384 lineto stroke
newpath -47.83455 14.1732 moveto
-47.83455 11.3384 lineto stroke
newpath -47.83455 -14.1732 moveto
-47.83455 -11.3384 lineto stroke
newpath -23.91727 14.1732 moveto
-23.91727 11.3384 lineto stroke
newpath -23.91727 -14.1732 moveto
-23.91727 -11.3384 lineto stroke
newpath 0.00002 14.1732 moveto
0.00002 11.3384 lineto stroke
newpath 0.00002 -14.1732 moveto
0.00002 -11.3384 lineto stroke
newpath 23.91728 14.1732 moveto
23.91728 11.3384 lineto stroke
newpath 23.91728 -14.1732 moveto
23.91728 -11.3384 lineto stroke
newpath 47.83456 14.1732 moveto
47.83456 11.3384 lineto stroke
newpath 47.83456 -14.1732 moveto
47.83456 -11.3384 lineto stroke
newpath 71.75185 14.1732 moveto
71.75185 11.3384 lineto stroke
newpath 71.75185 -14.1732 moveto
71.75185 -11.3384 lineto stroke
newpath 95.66913 14.1732 moveto
95.66913 11.3384 lineto stroke
newpath 95.66913 -14.1732 moveto
95.66913 -11.3384 lineto stroke
newpath 119.58641 14.1732 moveto
119.58641 11.3384 lineto stroke
newpath 119.58641 -14.1732 moveto
119.58641 -11.3384 lineto stroke
newpath 143.50368 14.1732 moveto
143.50368 11.3384 lineto stroke
newpath 143.50368 -14.1732 moveto
143.50368 -11.3384 lineto stroke
newpath 167.42096 14.1732 moveto
167.42096 11.3384 lineto stroke
newpath 167.42096 -14.1732 moveto
167.42096 -11.3384 lineto stroke
newpath 95.66913 14.1732 moveto
95.66913 -14.1732 lineto stroke
newpath 143.50368 14.1732 moveto
143.50368 -14.1732 lineto stroke
newpath 167.42096 14.1732 moveto
167.42096 -14.1732 lineto stroke
-54.1996 -3.45926 moveto
(len) cmr10 9.96265 fshow
101.81966 -3.45926 moveto
(reserv) cmr10 9.96265 fshow
127.39046 -3.45926 moveto
(ed) cmr10 9.96265 fshow
newpath 155.46233 0 moveto
155.46233 -48.18889 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 152.62769 -48.18889 moveto
155.46233 -48.18889 lineto stroke
newpath 152.62769 -36.85033 moveto
155.46233 -36.85033 lineto stroke
newpath 152.62769 -25.51176 moveto
155.46233 -25.51176 lineto stroke
newpath 179.37961 0 moveto
179.37961 -59.52745 lineto
176.54497 -59.52745 lineto stroke
80.58089 -28.00243 moveto
(Final) cmr10 9.96265 fshow
106.45619 -28.00243 moveto
(\015ag:) cmr10 9.96265 fshow
129.14888 -28.00243 moveto
(bit) cmr10 9.96265 fshow
144.6464 -28.00243 moveto
(0) cmr10 9.96265 fshow
38.37799 -39.34099 moveto
(Odd) cmr10 9.96265 fshow
60.51729 -39.34099 moveto
(bit) cmr10 9.96265 fshow
76.0147 -39.34099 moveto
(length) cmr10 9.96265 fshow
106.45619 -39.34099 moveto
(\015ag:) cmr10 9.96265 fshow
129.1489 -39.34099 moveto
(bit) cmr10 9.96265 fshow
144.6464 -39.34099 moveto
(1) cmr10 9.96265 fshow
65.08339 -50.67955 moveto
(Blo) cmr10 9.96265 fshow
80.16579 -50.67955 moveto
(c) cmr10 9.96265 fshow
84.3169 -50.67955 moveto
(k) cmr10 9.96265 fshow
92.89578 -50.67955 moveto
(t) cmr10 9.96265 fshow
96.49348 -50.67955 moveto
(yp) cmr10 9.96265 fshow
107.5631 -50.67955 moveto
(e:) cmr10 9.96265 fshow
119.18619 -50.67955 moveto
(bit) cmr10 9.96265 fshow
134.68369 -50.67955 moveto
(2{7) cmr10 9.96265 fshow
106.54607 -62.01811 moveto
(Subk) cmr10 9.96265 fshow
128.13187 -62.01811 moveto
(ey) cmr10 9.96265 fshow
141.13867 -62.01811 moveto
(coun) cmr10 9.96265 fshow
161.34067 -62.01811 moveto
(ter) cmr10 9.96265 fshow
showpage
%%EOF

200
Supporting_Documentation/tex/skein-51.mps Normal file
View File

@ -0,0 +1,200 @@
%!PS
%%BoundingBox: -37 -41 143 38
%%HiResBoundingBox: -36.3277 -40.46686 142.66476 37.36746
%%Creator: MetaPost 1.000
%%CreationDate: 2008.10.19:0139
%%Pages: 1
%*Font: cmr10 9.96265 9.96265 0c:80000000080203045040047039c4
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
-9.06326 -3.4039 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 14.1732 11.33856 moveto
14.1732 11.33856 lineto
14.1732 -11.33856 lineto
14.1732 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -14.1732 11.33856 moveto
-14.1732 11.33856 lineto
14.1732 11.33856 lineto
14.1732 11.33856 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -14.1732 11.33856 moveto
-14.1732 11.33856 lineto
-14.1732 -11.33856 lineto
-14.1732 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -14.1732 -11.33856 moveto
-14.1732 -11.33856 lineto
14.1732 -11.33856 lineto
14.1732 -11.33856 lineto stroke
47.62955 -3.4039 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 70.86601 11.33856 moveto
70.86601 11.33856 lineto
70.86601 -11.33856 lineto
70.86601 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 42.5196 11.33856 moveto
42.5196 11.33856 lineto
70.86601 11.33856 lineto
70.86601 11.33856 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 42.5196 11.33856 moveto
42.5196 11.33856 lineto
42.5196 -11.33856 lineto
42.5196 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 42.5196 -11.33856 moveto
42.5196 -11.33856 lineto
70.86601 -11.33856 lineto
70.86601 -11.33856 lineto stroke
104.32236 -3.4039 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 127.55882 11.33856 moveto
127.55882 11.33856 lineto
127.55882 -11.33856 lineto
127.55882 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 99.21242 11.33856 moveto
99.21242 11.33856 lineto
127.55882 11.33856 lineto
127.55882 11.33856 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 99.21242 11.33856 moveto
99.21242 11.33856 lineto
99.21242 -11.33856 lineto
99.21242 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 99.21242 -11.33856 moveto
99.21242 -11.33856 lineto
127.55882 -11.33856 lineto
127.55882 -11.33856 lineto stroke
newpath -28.3464 0 moveto
-14.1732 0 lineto stroke
newpath -17.86874 -1.53078 moveto
-14.1732 0 lineto
-17.86874 1.53078 lineto
closepath
gsave fill grestore stroke
newpath 14.1732 0 moveto
42.5196 0 lineto stroke
newpath 38.82405 -1.53079 moveto
42.5196 0 lineto
38.82405 1.53079 lineto
closepath
gsave fill grestore stroke
newpath 70.86601 0 moveto
99.21242 0 lineto stroke
newpath 95.51686 -1.53079 moveto
99.21242 0 lineto
95.51686 1.53079 lineto
closepath
gsave fill grestore stroke
newpath 127.55882 0 moveto
141.73203 0 lineto stroke
newpath 138.03648 -1.53078 moveto
141.73203 0 lineto
138.03648 1.53078 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 25.51176 moveto
0 11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -1.53078 15.0341 moveto
0 11.33856 lineto
1.53078 15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 56.69281 25.51176 moveto
56.69281 11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 55.16203 15.0341 moveto
56.69281 11.33856 lineto
58.22359 15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 113.38562 25.51176 moveto
113.38562 11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 111.85484 15.0341 moveto
113.38562 11.33856 lineto
114.9164 15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 -25.51176 moveto
0 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 1.53078 -15.0341 moveto
0 -11.33856 lineto
-1.53078 -15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 56.69281 -25.51176 moveto
56.69281 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 58.22359 -15.0341 moveto
56.69281 -11.33856 lineto
55.16203 -15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 113.38562 -25.51176 moveto
113.38562 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 114.9164 -15.0341 moveto
113.38562 -11.33856 lineto
111.85484 -15.0341 lineto
closepath
gsave fill grestore stroke
-36.3277 -3.2102 moveto
(0) cmr10 9.96265 fshow
-14.1138 30.44896 moveto
(Con\014g) cmr10 9.96265 fshow
38.7877 30.44896 moveto
(Message) cmr10 9.96265 fshow
110.89497 28.51176 moveto
(0) cmr10 9.96265 fshow
-21.47516 -36.97997 moveto
(t) cmr10 9.96265 fshow
-17.87756 -36.97997 moveto
(yp) cmr10 9.96265 fshow
-6.80786 -36.97997 moveto
(e) cmr10 9.96265 fshow
-1.38367 -36.97997 moveto
(:) cmr10 9.96265 fshow
2.38004 -36.97997 moveto
(Cfg) cmr10 9.96265 fshow
35.21765 -36.97997 moveto
(t) cmr10 9.96265 fshow
38.81525 -36.97997 moveto
(yp) cmr10 9.96265 fshow
49.88495 -36.97997 moveto
(e) cmr10 9.96265 fshow
55.30914 -36.97997 moveto
(:) cmr10 9.96265 fshow
59.07285 -36.97997 moveto
(Msg) cmr10 9.96265 fshow
91.91046 -36.97997 moveto
(t) cmr10 9.96265 fshow
95.50806 -36.97997 moveto
(yp) cmr10 9.96265 fshow
106.57776 -36.97997 moveto
(e) cmr10 9.96265 fshow
112.00195 -36.97997 moveto
(:) cmr10 9.96265 fshow
115.76566 -36.97997 moveto
(Out) cmr10 9.96265 fshow
showpage
%%EOF

334
Supporting_Documentation/tex/skein-52.mps Normal file
View File

@ -0,0 +1,334 @@
%!PS
%%BoundingBox: -37 -205 143 38
%%HiResBoundingBox: -36.3277 -204.876 142.66476 37.36746
%%Creator: MetaPost 1.000
%%CreationDate: 2008.10.19:0139
%%Pages: 1
%*Font: cmr10 9.96265 9.96265 0c:800000000e0203045040047039c4
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
-9.06326 -3.4039 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 14.1732 11.33856 moveto
14.1732 11.33856 lineto
14.1732 -11.33856 lineto
14.1732 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -14.1732 11.33856 moveto
-14.1732 11.33856 lineto
14.1732 11.33856 lineto
14.1732 11.33856 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -14.1732 11.33856 moveto
-14.1732 11.33856 lineto
-14.1732 -11.33856 lineto
-14.1732 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -14.1732 -11.33856 moveto
-14.1732 -11.33856 lineto
14.1732 -11.33856 lineto
14.1732 -11.33856 lineto stroke
47.62955 -3.4039 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 70.86601 11.33856 moveto
70.86601 11.33856 lineto
70.86601 -11.33856 lineto
70.86601 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 42.5196 11.33856 moveto
42.5196 11.33856 lineto
70.86601 11.33856 lineto
70.86601 11.33856 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 42.5196 11.33856 moveto
42.5196 11.33856 lineto
42.5196 -11.33856 lineto
42.5196 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 42.5196 -11.33856 moveto
42.5196 -11.33856 lineto
70.86601 -11.33856 lineto
70.86601 -11.33856 lineto stroke
104.32236 -3.4039 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 127.55882 11.33856 moveto
127.55882 11.33856 lineto
127.55882 -11.33856 lineto
127.55882 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 99.21242 11.33856 moveto
99.21242 11.33856 lineto
127.55882 11.33856 lineto
127.55882 11.33856 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 99.21242 11.33856 moveto
99.21242 11.33856 lineto
99.21242 -11.33856 lineto
99.21242 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 99.21242 -11.33856 moveto
99.21242 -11.33856 lineto
127.55882 -11.33856 lineto
127.55882 -11.33856 lineto stroke
104.32236 -85.60847 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 127.55882 -70.86601 moveto
127.55882 -70.86601 lineto
127.55882 -93.54314 lineto
127.55882 -93.54314 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 99.21242 -70.86601 moveto
99.21242 -70.86601 lineto
127.55882 -70.86601 lineto
127.55882 -70.86601 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 99.21242 -70.86601 moveto
99.21242 -70.86601 lineto
99.21242 -93.54314 lineto
99.21242 -93.54314 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 99.21242 -93.54314 moveto
99.21242 -93.54314 lineto
127.55882 -93.54314 lineto
127.55882 -93.54314 lineto stroke
104.32236 -167.81305 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 127.55882 -153.07059 moveto
127.55882 -153.07059 lineto
127.55882 -175.74771 lineto
127.55882 -175.74771 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 99.21242 -153.07059 moveto
99.21242 -153.07059 lineto
127.55882 -153.07059 lineto
127.55882 -153.07059 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 99.21242 -153.07059 moveto
99.21242 -153.07059 lineto
99.21242 -175.74771 lineto
99.21242 -175.74771 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 99.21242 -175.74771 moveto
99.21242 -175.74771 lineto
127.55882 -175.74771 lineto
127.55882 -175.74771 lineto stroke
newpath -28.3464 0 moveto
-14.1732 0 lineto stroke
newpath -17.86874 -1.53078 moveto
-14.1732 0 lineto
-17.86874 1.53078 lineto
closepath
gsave fill grestore stroke
newpath 14.1732 0 moveto
42.5196 0 lineto stroke
newpath 38.82405 -1.53079 moveto
42.5196 0 lineto
38.82405 1.53079 lineto
closepath
gsave fill grestore stroke
newpath 70.86601 0 moveto
99.21242 0 lineto stroke
newpath 95.51686 -1.53079 moveto
99.21242 0 lineto
95.51686 1.53079 lineto
closepath
gsave fill grestore stroke
newpath 127.55882 0 moveto
141.73203 0 lineto stroke
newpath 138.03648 -1.53078 moveto
141.73203 0 lineto
138.03648 1.53078 lineto
closepath
gsave fill grestore stroke
newpath 127.55882 -82.20457 moveto
141.73203 -82.20457 lineto stroke
newpath 138.03648 -83.73535 moveto
141.73203 -82.20457 lineto
138.03648 -80.6738 lineto
closepath
gsave fill grestore stroke
newpath 127.55882 -164.40915 moveto
141.73203 -164.40915 lineto stroke
newpath 138.03648 -165.93993 moveto
141.73203 -164.40915 lineto
138.03648 -162.87837 lineto
closepath
gsave fill grestore stroke
newpath 85.03922 0 moveto
85.03922 -82.20457 lineto
99.21242 -82.20457 lineto stroke
newpath 95.51688 -83.73535 moveto
99.21242 -82.20457 lineto
95.51688 -80.6738 lineto
closepath
gsave fill grestore stroke
newpath 85.03922 0 moveto
85.03922 -164.40915 lineto
99.21242 -164.40915 lineto stroke
newpath 95.51688 -165.93993 moveto
99.21242 -164.40915 lineto
95.51688 -162.87837 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 25.51176 moveto
0 11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -1.53078 15.0341 moveto
0 11.33856 lineto
1.53078 15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 56.69281 25.51176 moveto
56.69281 11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 55.16203 15.0341 moveto
56.69281 11.33856 lineto
58.22359 15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 113.38562 25.51176 moveto
113.38562 11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 111.85484 15.0341 moveto
113.38562 11.33856 lineto
114.9164 15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 113.38562 -56.69281 moveto
113.38562 -70.86601 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 111.85484 -67.17047 moveto
113.38562 -70.86601 lineto
114.9164 -67.17047 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 113.38562 -138.89738 moveto
113.38562 -153.07059 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 111.85484 -149.37505 moveto
113.38562 -153.07059 lineto
114.9164 -149.37505 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 -25.51176 moveto
0 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 1.53078 -15.0341 moveto
0 -11.33856 lineto
-1.53078 -15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 56.69281 -25.51176 moveto
56.69281 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 58.22359 -15.0341 moveto
56.69281 -11.33856 lineto
55.16203 -15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 113.38562 -25.51176 moveto
113.38562 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 114.9164 -15.0341 moveto
113.38562 -11.33856 lineto
111.85484 -15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 113.38562 -107.71634 moveto
113.38562 -93.54314 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 114.9164 -97.23868 moveto
113.38562 -93.54314 lineto
111.85484 -97.23868 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 113.38562 -189.92091 moveto
113.38562 -175.74771 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 114.9164 -179.44325 moveto
113.38562 -175.74771 lineto
111.85484 -179.44325 lineto
closepath
gsave fill grestore stroke
-36.3277 -3.2102 moveto
(0) cmr10 9.96265 fshow
-14.1138 30.44896 moveto
(Con\014g) cmr10 9.96265 fshow
38.7877 30.44896 moveto
(Message) cmr10 9.96265 fshow
110.89497 28.51176 moveto
(0) cmr10 9.96265 fshow
110.89497 -53.69281 moveto
(1) cmr10 9.96265 fshow
110.89497 -135.89738 moveto
(2) cmr10 9.96265 fshow
-21.47516 -36.97997 moveto
(t) cmr10 9.96265 fshow
-17.87756 -36.97997 moveto
(yp) cmr10 9.96265 fshow
-6.80786 -36.97997 moveto
(e) cmr10 9.96265 fshow
-1.38367 -36.97997 moveto
(:) cmr10 9.96265 fshow
2.38004 -36.97997 moveto
(Cfg) cmr10 9.96265 fshow
35.21765 -36.97997 moveto
(t) cmr10 9.96265 fshow
38.81525 -36.97997 moveto
(yp) cmr10 9.96265 fshow
49.88495 -36.97997 moveto
(e) cmr10 9.96265 fshow
55.30914 -36.97997 moveto
(:) cmr10 9.96265 fshow
59.07285 -36.97997 moveto
(Msg) cmr10 9.96265 fshow
91.91046 -36.97997 moveto
(t) cmr10 9.96265 fshow
95.50806 -36.97997 moveto
(yp) cmr10 9.96265 fshow
106.57776 -36.97997 moveto
(e) cmr10 9.96265 fshow
112.00195 -36.97997 moveto
(:) cmr10 9.96265 fshow
115.76566 -36.97997 moveto
(Out) cmr10 9.96265 fshow
91.91046 -119.18454 moveto
(t) cmr10 9.96265 fshow
95.50806 -119.18454 moveto
(yp) cmr10 9.96265 fshow
106.57776 -119.18454 moveto
(e) cmr10 9.96265 fshow
112.00195 -119.18454 moveto
(:) cmr10 9.96265 fshow
115.76566 -119.18454 moveto
(Out) cmr10 9.96265 fshow
91.91046 -201.38911 moveto
(t) cmr10 9.96265 fshow
95.50806 -201.38911 moveto
(yp) cmr10 9.96265 fshow
106.57776 -201.38911 moveto
(e) cmr10 9.96265 fshow
112.00195 -201.38911 moveto
(:) cmr10 9.96265 fshow
115.76566 -201.38911 moveto
(Out) cmr10 9.96265 fshow
showpage
%%EOF

259
Supporting_Documentation/tex/skein-53.mps Normal file
View File

@ -0,0 +1,259 @@
%!PS
%%BoundingBox: -37 -41 200 38
%%HiResBoundingBox: -36.3277 -40.46686 199.35757 37.36746
%%Creator: MetaPost 1.000
%%CreationDate: 2008.10.19:0139
%%Pages: 1
%*Font: cmr10 9.96265 9.96265 0c:80000000080203055040047039c4
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
-9.06326 -3.4039 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 14.1732 11.33856 moveto
14.1732 11.33856 lineto
14.1732 -11.33856 lineto
14.1732 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -14.1732 11.33856 moveto
-14.1732 11.33856 lineto
14.1732 11.33856 lineto
14.1732 11.33856 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath -14.1732 11.33856 moveto
-14.1732 11.33856 lineto
-14.1732 -11.33856 lineto
-14.1732 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -14.1732 -11.33856 moveto
-14.1732 -11.33856 lineto
14.1732 -11.33856 lineto
14.1732 -11.33856 lineto stroke
47.62955 -3.4039 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 70.86601 11.33856 moveto
70.86601 11.33856 lineto
70.86601 -11.33856 lineto
70.86601 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 42.5196 11.33856 moveto
42.5196 11.33856 lineto
70.86601 11.33856 lineto
70.86601 11.33856 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 42.5196 11.33856 moveto
42.5196 11.33856 lineto
42.5196 -11.33856 lineto
42.5196 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 42.5196 -11.33856 moveto
42.5196 -11.33856 lineto
70.86601 -11.33856 lineto
70.86601 -11.33856 lineto stroke
104.32236 -3.4039 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 127.55882 11.33856 moveto
127.55882 11.33856 lineto
127.55882 -11.33856 lineto
127.55882 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 99.21242 11.33856 moveto
99.21242 11.33856 lineto
127.55882 11.33856 lineto
127.55882 11.33856 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 99.21242 11.33856 moveto
99.21242 11.33856 lineto
99.21242 -11.33856 lineto
99.21242 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 99.21242 -11.33856 moveto
99.21242 -11.33856 lineto
127.55882 -11.33856 lineto
127.55882 -11.33856 lineto stroke
161.01517 -3.4039 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 184.25163 11.33856 moveto
184.25163 11.33856 lineto
184.25163 -11.33856 lineto
184.25163 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 155.90523 11.33856 moveto
155.90523 11.33856 lineto
184.25163 11.33856 lineto
184.25163 11.33856 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 155.90523 11.33856 moveto
155.90523 11.33856 lineto
155.90523 -11.33856 lineto
155.90523 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 155.90523 -11.33856 moveto
155.90523 -11.33856 lineto
184.25163 -11.33856 lineto
184.25163 -11.33856 lineto stroke
newpath -28.3464 0 moveto
-14.1732 0 lineto stroke
newpath -17.86874 -1.53078 moveto
-14.1732 0 lineto
-17.86874 1.53078 lineto
closepath
gsave fill grestore stroke
newpath 14.1732 0 moveto
42.5196 0 lineto stroke
newpath 38.82405 -1.53079 moveto
42.5196 0 lineto
38.82405 1.53079 lineto
closepath
gsave fill grestore stroke
newpath 70.86601 0 moveto
99.21242 0 lineto stroke
newpath 95.51686 -1.53079 moveto
99.21242 0 lineto
95.51686 1.53079 lineto
closepath
gsave fill grestore stroke
newpath 127.55882 0 moveto
155.90523 0 lineto stroke
newpath 152.20967 -1.53079 moveto
155.90523 0 lineto
152.20967 1.53079 lineto
closepath
gsave fill grestore stroke
newpath 184.25163 0 moveto
198.42484 0 lineto stroke
newpath 194.7293 -1.53078 moveto
198.42484 0 lineto
194.7293 1.53078 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 25.51176 moveto
0 11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -1.53078 15.0341 moveto
0 11.33856 lineto
1.53078 15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 56.69281 25.51176 moveto
56.69281 11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 55.16203 15.0341 moveto
56.69281 11.33856 lineto
58.22359 15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 113.38562 25.51176 moveto
113.38562 11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 111.85484 15.0341 moveto
113.38562 11.33856 lineto
114.9164 15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 170.07843 25.51176 moveto
170.07843 11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 168.54765 15.0341 moveto
170.07843 11.33856 lineto
171.6092 15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 -25.51176 moveto
0 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 1.53078 -15.0341 moveto
0 -11.33856 lineto
-1.53078 -15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 56.69281 -25.51176 moveto
56.69281 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 58.22359 -15.0341 moveto
56.69281 -11.33856 lineto
55.16203 -15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 113.38562 -25.51176 moveto
113.38562 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 114.9164 -15.0341 moveto
113.38562 -11.33856 lineto
111.85484 -15.0341 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 170.07843 -25.51176 moveto
170.07843 -11.33856 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 171.6092 -15.0341 moveto
170.07843 -11.33856 lineto
168.54765 -15.0341 lineto
closepath
gsave fill grestore stroke
-36.3277 -3.2102 moveto
(0) cmr10 9.96265 fshow
-8.71735 30.44896 moveto
(Key) cmr10 9.96265 fshow
42.57901 30.44896 moveto
(Con\014g) cmr10 9.96265 fshow
95.48051 30.44896 moveto
(Message) cmr10 9.96265 fshow
167.58778 28.51176 moveto
(0) cmr10 9.96265 fshow
-21.47516 -36.97997 moveto
(t) cmr10 9.96265 fshow
-17.87756 -36.97997 moveto
(yp) cmr10 9.96265 fshow
-6.80786 -36.97997 moveto
(e) cmr10 9.96265 fshow
-1.38367 -36.97997 moveto
(:) cmr10 9.96265 fshow
2.38004 -36.97997 moveto
(Key) cmr10 9.96265 fshow
35.21765 -36.97997 moveto
(t) cmr10 9.96265 fshow
38.81525 -36.97997 moveto
(yp) cmr10 9.96265 fshow
49.88495 -36.97997 moveto
(e) cmr10 9.96265 fshow
55.30914 -36.97997 moveto
(:) cmr10 9.96265 fshow
59.07285 -36.97997 moveto
(Cfg) cmr10 9.96265 fshow
91.91046 -36.97997 moveto
(t) cmr10 9.96265 fshow
95.50806 -36.97997 moveto
(yp) cmr10 9.96265 fshow
106.57776 -36.97997 moveto
(e) cmr10 9.96265 fshow
112.00195 -36.97997 moveto
(:) cmr10 9.96265 fshow
115.76566 -36.97997 moveto
(Msg) cmr10 9.96265 fshow
148.60327 -36.97997 moveto
(t) cmr10 9.96265 fshow
152.20087 -36.97997 moveto
(yp) cmr10 9.96265 fshow
163.27057 -36.97997 moveto
(e) cmr10 9.96265 fshow
168.69476 -36.97997 moveto
(:) cmr10 9.96265 fshow
172.45847 -36.97997 moveto
(Out) cmr10 9.96265 fshow
showpage
%%EOF

247
Supporting_Documentation/tex/skein-61.mps Normal file
View File

@ -0,0 +1,247 @@
%!PS
%%BoundingBox: -2 -62 317 12
%%HiResBoundingBox: -1.7809 -61.60425 316.41519 11.8557
%%Creator: MetaPost 1.000
%%CreationDate: 2008.10.19:0139
%%Pages: 1
%*Font: cmmi10 9.96265 9.96265 6e:8
%*Font: cmr10 9.96265 9.96265 23:80010000000000036099ee
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 72.03137 -14.1732 moveto
72.03137 -14.1732 lineto
72.03137 -22.1732 lineto
72.03137 -22.1732 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 64.03137 -14.1732 moveto
64.03137 -14.1732 lineto
72.03137 -14.1732 lineto
72.03137 -14.1732 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 64.03137 -14.1732 moveto
64.03137 -14.1732 lineto
64.03137 -22.1732 lineto
64.03137 -22.1732 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 64.03137 -22.1732 moveto
64.03137 -22.1732 lineto
72.03137 -22.1732 lineto
72.03137 -22.1732 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 68.03137 -14.1732 moveto
68.03137 -22.1732 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 72.03137 -18.1732 moveto
64.03137 -18.1732 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 106.04706 -26.67712 moveto
106.04706 -26.67712 lineto
106.04706 -34.67712 lineto
106.04706 -34.67712 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 98.04706 -26.67712 moveto
98.04706 -26.67712 lineto
106.04706 -26.67712 lineto
106.04706 -26.67712 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 98.04706 -26.67712 moveto
98.04706 -26.67712 lineto
98.04706 -34.67712 lineto
98.04706 -34.67712 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 98.04706 -34.67712 moveto
98.04706 -34.67712 lineto
106.04706 -34.67712 lineto
106.04706 -34.67712 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 102.04706 -26.67712 moveto
102.04706 -34.67712 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 106.04706 -30.67712 moveto
98.04706 -30.67712 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 140.06274 -39.18105 moveto
140.06274 -39.18105 lineto
140.06274 -47.18105 lineto
140.06274 -47.18105 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 132.06274 -39.18105 moveto
132.06274 -39.18105 lineto
140.06274 -39.18105 lineto
140.06274 -39.18105 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 132.06274 -39.18105 moveto
132.06274 -39.18105 lineto
132.06274 -47.18105 lineto
132.06274 -47.18105 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 132.06274 -47.18105 moveto
132.06274 -47.18105 lineto
140.06274 -47.18105 lineto
140.06274 -47.18105 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 136.06274 -39.18105 moveto
136.06274 -47.18105 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 140.06274 -43.18105 moveto
132.06274 -43.18105 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 0 moveto
0 -61.35425 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -1.5309 -57.65843 moveto
0 -61.35425 lineto
1.5309 -57.65843 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 68.03137 0 moveto
68.03137 -14.1732 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 66.5006 -10.47766 moveto
68.03137 -14.1732 lineto
69.56215 -10.47766 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 102.04706 0 moveto
102.04706 -26.67712 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 100.51624 -22.98148 moveto
102.04706 -26.67712 lineto
103.57788 -22.98148 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 136.06274 0 moveto
136.06274 -39.18105 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 134.53188 -35.4853 moveto
136.06274 -39.18105 lineto
137.59361 -35.4853 lineto
closepath
gsave fill grestore stroke
newpath 204.09412 0 moveto
204.09412 -18.1732 lineto
72.03137 -18.1732 lineto stroke
newpath 75.72688 -16.64244 moveto
72.03137 -18.1732 lineto
75.72688 -19.70396 lineto
closepath
gsave fill grestore stroke
newpath 238.1098 0 moveto
238.1098 -30.67712 lineto
106.04706 -30.67712 lineto stroke
newpath 109.74257 -29.14636 moveto
106.04706 -30.67712 lineto
109.74257 -32.20789 lineto
closepath
gsave fill grestore stroke
newpath 272.12549 -43.18105 moveto
140.06274 -43.18105 lineto stroke
newpath 143.75826 -41.65028 moveto
140.06274 -43.18105 lineto
143.75826 -44.7118 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 68.03137 -22.1732 moveto
68.03137 -61.35425 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 66.5005 -57.65851 moveto
68.03137 -61.35425 lineto
69.56224 -57.65851 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 102.04706 -34.67712 moveto
102.04706 -61.35425 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 100.51624 -57.6586 moveto
102.04706 -61.35425 lineto
103.57788 -57.6586 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 136.06274 -47.18105 moveto
136.06274 -61.35425 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 134.53197 -57.6587 moveto
136.06274 -61.35425 lineto
137.59352 -57.6587 lineto
closepath
gsave fill grestore stroke
newpath 14.60233 -30.67712 moveto
14.60233 -30.4129 14.49736 -30.15948 14.31053 -29.97266 curveto
14.1237 -29.78583 13.87029 -29.68086 13.60606 -29.68086 curveto
13.34184 -29.68086 13.08842 -29.78583 12.9016 -29.97266 curveto
12.71477 -30.15948 12.6098 -30.4129 12.6098 -30.67712 curveto
12.6098 -30.94135 12.71477 -31.19476 12.9016 -31.38159 curveto
13.08842 -31.56842 13.34184 -31.67339 13.60606 -31.67339 curveto
13.87029 -31.67339 14.1237 -31.56842 14.31053 -31.38159 curveto
14.49736 -31.19476 14.60233 -30.94135 14.60233 -30.67712 curveto closepath fill
newpath 28.20839 -30.67712 moveto
28.20839 -30.4129 28.10342 -30.15948 27.9166 -29.97266 curveto
27.72977 -29.78583 27.47635 -29.68086 27.21213 -29.68086 curveto
26.9479 -29.68086 26.69449 -29.78583 26.50766 -29.97266 curveto
26.32083 -30.15948 26.21587 -30.4129 26.21587 -30.67712 curveto
26.21587 -30.94135 26.32083 -31.19476 26.50766 -31.38159 curveto
26.69449 -31.56842 26.9479 -31.67339 27.21213 -31.67339 curveto
27.47635 -31.67339 27.72977 -31.56842 27.9166 -31.38159 curveto
28.10342 -31.19476 28.20839 -30.94135 28.20839 -30.67712 curveto closepath fill
newpath 41.8155 -30.67712 moveto
41.8155 -30.4129 41.71054 -30.15948 41.52371 -29.97266 curveto
41.33688 -29.78583 41.08347 -29.68086 40.81924 -29.68086 curveto
40.55502 -29.68086 40.3016 -29.78583 40.11478 -29.97266 curveto
39.92795 -30.15948 39.82298 -30.4129 39.82298 -30.67712 curveto
39.82298 -30.94135 39.92795 -31.19476 40.11478 -31.38159 curveto
40.3016 -31.56842 40.55502 -31.67339 40.81924 -31.67339 curveto
41.08347 -31.67339 41.33688 -31.56842 41.52371 -31.38159 curveto
41.71054 -31.19476 41.8155 -30.94135 41.8155 -30.67712 curveto closepath fill
newpath 55.42157 -30.67712 moveto
55.42157 -30.4129 55.3166 -30.15948 55.12978 -29.97266 curveto
54.94295 -29.78583 54.68953 -29.68086 54.42531 -29.68086 curveto
54.16109 -29.68086 53.90767 -29.78583 53.72084 -29.97266 curveto
53.53401 -30.15948 53.42905 -30.4129 53.42905 -30.67712 curveto
53.42905 -30.94135 53.53401 -31.19476 53.72084 -31.38159 curveto
53.90767 -31.56842 54.16109 -31.67339 54.42531 -31.67339 curveto
54.68953 -31.67339 54.94295 -31.56842 55.12978 -31.38159 curveto
55.3166 -31.19476 55.42157 -30.94135 55.42157 -30.67712 curveto closepath fill
20.58307 4.9372 moveto
(n) cmmi10 9.96265 fshow
29.88387 4.9372 moveto
(extended) cmr10 9.96265 fshow
72.22517 4.9372 moveto
(k) cmr10 9.96265 fshow
77.20647 4.9372 moveto
(ey) cmr10 9.96265 fshow
90.21327 4.9372 moveto
(w) cmr10 9.96265 fshow
97.13177 4.9372 moveto
(ords) cmr10 9.96265 fshow
168.89485 3 moveto
(2) cmr10 9.96265 fshow
177.19705 3 moveto
(extended) cmr10 9.96265 fshow
219.53835 3 moveto
(t) cmr10 9.96265 fshow
223.13596 3 moveto
(w) cmr10 9.96265 fshow
230.05446 3 moveto
(eak) cmr10 9.96265 fshow
248.04265 3 moveto
(w) cmr10 9.96265 fshow
254.96115 3 moveto
(ords) cmr10 9.96265 fshow
275.12549 -45.6717 moveto
(subk) cmr10 9.96265 fshow
295.10619 -45.6717 moveto
(ey) cmr10 9.96265 fshow
308.11299 -45.6717 moveto
(#) cmr10 9.96265 fshow
showpage
%%EOF

90
Supporting_Documentation/tex/skein-71.mps Normal file
View File

@ -0,0 +1,90 @@
%!PS
%%BoundingBox: -218 -38 215 22
%%HiResBoundingBox: -217.82841 -37.47495 214.34148 21.66747
%%Creator: MetaPost 1.000
%%CreationDate: 2008.10.19:0139
%%Pages: 1
%*Font: cmr10 9.96265 9.96265 42:88222001312ee9
%*Font: cmr10 6.97382 9.96265 30:e2c
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor 0.29887
0 dtransform exch truncate exch idtransform pop setlinewidth [] 0 setdash
1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 0 -14.1732 moveto
0 14.1732 lineto stroke
newpath -106.29903 -14.1732 moveto
-106.29903 14.1732 lineto stroke
newpath -152.80482 -14.1732 moveto
-152.80482 14.1732 lineto stroke
newpath -159.44853 -14.1732 moveto
-159.44853 14.1732 lineto stroke
newpath -199.31065 -14.1732 moveto
-199.31065 14.1732 lineto stroke
newpath -205.95436 -14.1732 moveto
-205.95436 14.1732 lineto stroke
88.62912 -3.4039 moveto
(P) cmr10 9.96265 fshow
95.13252 -3.4039 moveto
(osition) cmr10 9.96265 fshow
-70.91628 -3.45926 moveto
(reserv) cmr10 9.96265 fshow
-45.34547 -3.45926 moveto
(ed) cmr10 9.96265 fshow
-150.52882 -3.45926 moveto
(T) cmr10 9.96265 fshow
-144.16382 -3.45926 moveto
(reeLev) cmr10 9.96265 fshow
-115.77022 -3.45926 moveto
(el) cmr10 9.96265 fshow
0 0.29887 dtransform truncate idtransform setlinewidth pop
newpath -156.12668 0 moveto
-156.12668 -22.67712 lineto
-146.16115 -22.67712 lineto stroke
-143.16115 -26.13638 moveto
(BitP) cmr10 9.96265 fshow
-122.95905 -26.13638 moveto
(ad) cmr10 9.96265 fshow
-190.5876 -2.4353 moveto
(T) cmr10 9.96265 fshow
-183.6691 -2.4353 moveto
(yp) cmr10 9.96265 fshow
-172.5995 -2.4353 moveto
(e) cmr10 9.96265 fshow
newpath -202.6325 0 moveto
-202.6325 -22.67712 lineto
-192.66698 -22.67712 lineto stroke
-189.66698 -26.08102 moveto
(First) cmr10 9.96265 fshow
newpath -209.2762 0 moveto
-209.2762 -34.01569 lineto
-199.31065 -34.01569 lineto stroke
-196.31065 -37.47495 moveto
(Final) cmr10 9.96265 fshow
210.85458 17.1732 moveto
(0) cmr10 6.97382 fshow
-3.48694 17.1732 moveto
(96) cmr10 6.97382 fshow
-111.5294 17.1732 moveto
(112) cmr10 6.97382 fshow
-164.67891 17.1732 moveto
(120) cmr10 6.97382 fshow
-217.82841 17.1732 moveto
(128) cmr10 6.97382 fshow
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath -212.59804 14.1732 moveto
204.53703 14.1732 lineto
205.95436 19.84248 lineto
205.95436 8.50392 lineto
207.37169 14.1732 lineto
212.59804 14.1732 lineto
212.59804 -14.1732 lineto
207.37169 -14.1732 lineto
205.95436 -19.84248 lineto
205.95436 -8.50392 lineto
204.53703 -14.1732 lineto
-212.59804 -14.1732 lineto
-212.59804 14.1732 lineto stroke
showpage
%%EOF

279
Supporting_Documentation/tex/skein-81.mps Normal file
View File

@ -0,0 +1,279 @@
%!PS
%%BoundingBox: -1 -15 310 161
%%HiResBoundingBox: -0.25 -14.89598 309.95052 160.56291
%%Creator: MetaPost 1.000
%%CreationDate: 2008.10.19:0139
%%Pages: 1
%*Font: cmr10 9.96265 9.96265 42:8100100114104
%%BeginProlog
%%EndProlog
%%Page: 1 1
0 0 0 setrgbcolor 0 0.5 dtransform truncate idtransform setlinewidth pop
[] 0 setdash 1 setlinecap 1 setlinejoin 10 setmiterlimit
newpath 0 0 moveto
276.37746 0 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 0 2.83464 moveto
0 -2.83464 lineto stroke
newpath 85.03922 2.83464 moveto
85.03922 -2.83464 lineto stroke
newpath 170.07843 2.83464 moveto
170.07843 -2.83464 lineto stroke
newpath 255.11765 2.83464 moveto
255.11765 -2.83464 lineto stroke
newpath 276.37746 2.83464 moveto
276.37746 -2.83464 lineto stroke
33.45634 31.3464 moveto
(UBI) cmr10 9.96265 fshow
newpath 54.58287 41.1542 moveto
54.58287 41.1542 lineto
54.58287 28.3464 lineto
54.58287 28.3464 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 30.45634 41.1542 moveto
30.45634 41.1542 lineto
54.58287 41.1542 lineto
54.58287 41.1542 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 30.45634 41.1542 moveto
30.45634 41.1542 lineto
30.45634 28.3464 lineto
30.45634 28.3464 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 30.45634 28.3464 moveto
30.45634 28.3464 lineto
54.58287 28.3464 lineto
54.58287 28.3464 lineto stroke
118.49556 31.3464 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 139.62209 41.1542 moveto
139.62209 41.1542 lineto
139.62209 28.3464 lineto
139.62209 28.3464 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 115.49556 41.1542 moveto
115.49556 41.1542 lineto
139.62209 41.1542 lineto
139.62209 41.1542 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 115.49556 41.1542 moveto
115.49556 41.1542 lineto
115.49556 28.3464 lineto
115.49556 28.3464 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 115.49556 28.3464 moveto
115.49556 28.3464 lineto
139.62209 28.3464 lineto
139.62209 28.3464 lineto stroke
203.53477 31.3464 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 224.6613 41.1542 moveto
224.6613 41.1542 lineto
224.6613 28.3464 lineto
224.6613 28.3464 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 200.53477 41.1542 moveto
200.53477 41.1542 lineto
224.6613 41.1542 lineto
224.6613 41.1542 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 200.53477 41.1542 moveto
200.53477 41.1542 lineto
200.53477 28.3464 lineto
200.53477 28.3464 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 200.53477 28.3464 moveto
200.53477 28.3464 lineto
224.6613 28.3464 lineto
224.6613 28.3464 lineto stroke
288.57399 31.3464 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 309.70052 41.1542 moveto
309.70052 41.1542 lineto
309.70052 28.3464 lineto
309.70052 28.3464 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 285.57399 41.1542 moveto
285.57399 41.1542 lineto
309.70052 41.1542 lineto
309.70052 41.1542 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 285.57399 41.1542 moveto
285.57399 41.1542 lineto
285.57399 28.3464 lineto
285.57399 28.3464 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 285.57399 28.3464 moveto
285.57399 28.3464 lineto
309.70052 28.3464 lineto
309.70052 28.3464 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 42.5196 2.83464 moveto
42.5196 28.3464 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 44.05031 24.65105 moveto
42.5196 28.3464 lineto
40.9889 24.65105 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 127.55882 2.83464 moveto
127.55882 28.3464 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 129.08952 24.65105 moveto
127.55882 28.3464 lineto
126.02812 24.65105 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 212.59804 2.83464 moveto
212.59804 28.3464 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 214.12874 24.65105 moveto
212.59804 28.3464 lineto
211.06734 24.65105 lineto
closepath
gsave fill grestore stroke
newpath 265.74754 2.83464 moveto
297.63725 28.3464 lineto stroke
newpath 295.70784 24.84251 moveto
297.63725 28.3464 lineto
293.7953 27.23314 lineto
closepath
gsave fill grestore stroke
75.97595 86.6738 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 97.10248 96.4816 moveto
97.10248 96.4816 lineto
97.10248 83.67381 lineto
97.10248 83.67381 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 72.97595 96.4816 moveto
72.97595 96.4816 lineto
97.10248 96.4816 lineto
97.10248 96.4816 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 72.97595 96.4816 moveto
72.97595 96.4816 lineto
72.97595 83.67381 lineto
72.97595 83.67381 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 72.97595 83.67381 moveto
72.97595 83.67381 lineto
97.10248 83.67381 lineto
97.10248 83.67381 lineto stroke
246.05438 86.6738 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 267.18091 96.4816 moveto
267.18091 96.4816 lineto
267.18091 83.67381 lineto
267.18091 83.67381 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 243.05438 96.4816 moveto
243.05438 96.4816 lineto
267.18091 96.4816 lineto
267.18091 96.4816 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 243.05438 96.4816 moveto
243.05438 96.4816 lineto
243.05438 83.67381 lineto
243.05438 83.67381 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 243.05438 83.67381 moveto
243.05438 83.67381 lineto
267.18091 83.67381 lineto
267.18091 83.67381 lineto stroke
newpath 42.5196 41.1542 moveto
42.5196 43.98885 lineto
83.62189 78.00453 lineto
83.62189 83.67381 lineto stroke
newpath 85.15263 79.97836 moveto
83.62189 83.67381 lineto
82.09114 79.97836 lineto
closepath
gsave fill grestore stroke
newpath 127.55882 41.1542 moveto
127.55882 43.98885 lineto
86.45654 78.00453 lineto
86.45654 83.67381 lineto stroke
newpath 87.98729 79.97836 moveto
86.45654 83.67381 lineto
84.9258 79.97836 lineto
closepath
gsave fill grestore stroke
newpath 212.59804 41.1542 moveto
212.59804 43.98885 lineto
253.70032 78.00453 lineto
253.70032 83.67381 lineto stroke
newpath 255.23106 79.97836 moveto
253.70032 83.67381 lineto
252.16957 79.97836 lineto
closepath
gsave fill grestore stroke
newpath 297.63725 41.1542 moveto
297.63725 43.98885 lineto
256.53497 78.00453 lineto
256.53497 83.67381 lineto stroke
newpath 258.06572 79.97836 moveto
256.53497 83.67381 lineto
255.00423 79.97836 lineto
closepath
gsave fill grestore stroke
161.01517 142.00119 moveto
(UBI) cmr10 9.96265 fshow
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 182.1417 151.80899 moveto
182.1417 151.80899 lineto
182.1417 139.0012 lineto
182.1417 139.0012 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 158.01517 151.80899 moveto
158.01517 151.80899 lineto
182.1417 151.80899 lineto
182.1417 151.80899 lineto stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 158.01517 151.80899 moveto
158.01517 151.80899 lineto
158.01517 139.0012 lineto
158.01517 139.0012 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 158.01517 139.0012 moveto
158.01517 139.0012 lineto
182.1417 139.0012 lineto
182.1417 139.0012 lineto stroke
newpath 85.03922 96.4816 moveto
85.03922 99.31624 lineto
168.6611 133.33192 lineto
168.6611 139.0012 lineto stroke
newpath 170.19185 135.30576 moveto
168.6611 139.0012 lineto
167.13036 135.30576 lineto
closepath
gsave fill grestore stroke
newpath 255.11765 96.4816 moveto
255.11765 99.31624 lineto
171.49576 133.33192 lineto
171.49576 139.0012 lineto stroke
newpath 173.0265 135.30576 moveto
171.49576 139.0012 lineto
169.96501 135.30576 lineto
closepath
gsave fill grestore stroke
0.5 0 dtransform exch truncate exch idtransform pop setlinewidth
newpath 170.07843 151.80899 moveto
170.07843 160.31291 lineto stroke
0 0.5 dtransform truncate idtransform setlinewidth pop
newpath 171.60919 156.61743 moveto
170.07843 160.31291 lineto
168.54767 156.61743 lineto
closepath
gsave fill grestore stroke
120.69873 -12.95879 moveto
(message) cmr10 9.96265 fshow
showpage
%%EOF

4025
Supporting_Documentation/tex/skein1.3.tex Normal file
View File

File diff suppressed because it is too large Load Diff

76
Supporting_Documentation/tex/skeinround3Mods.tex Normal file
View File

@ -0,0 +1,76 @@
\documentclass[11pt,twoside]{article}
\usepackage{amsmath}
\usepackage{amssymb}
\usepackage{xspace}
\usepackage{url}
\usepackage{graphicx}
\usepackage{tabularx}
\hyphenation{three-fish}
\renewcommand{\topfraction}{0.8} % max fraction of floating figures at the top of a page
\renewcommand{\bottomfraction}{0.8} % idem for bottom
\setcounter{topnumber}{4} % max figures at top of page
\setcounter{bottomnumber}{4}
\setcounter{totalnumber}{4}
\renewcommand{\textfraction}{0.2} % minimum fraction of page that is text
\renewcommand{\floatpagefraction}{0.5}
\setlength{\textheight}{9in}
\setlength{\textwidth}{6.5in}
\setlength{\topmargin}{0.0in}
\setlength{\oddsidemargin}{0in}
\setlength{\evensidemargin}{0in}
\setlength{\footskip}{0.5in}
\setlength{\headheight}{0in}
\setlength{\headsep}{0in}
\renewcommand{\baselinestretch}{1}
\newcommand{\purl}{\protect\url}
\newcommand{\comment}[1]{}
\parindent 0pt
\parskip 1ex
\begin{document}
\thispagestyle{empty}
\begin{center}
{\Large\bf The Skein Hash Function Family} \\
\vspace*{.2in}
{\Large\bf NIST Round 3 Tweak Description} \\
\vspace*{.2in}
{\small 25 Oct 2010}
\end{center}
\section*{Description of Changes}
The only change to the Skein hash function is in the key schedule
parity constant, found in Section~3.3.2 of the newly submitted
(``tweak'') version 1.3 of the Skein specification document. The
old constant was the value
$$C_5\ \ = \texttt{0x5555555555555555}.$$
The new constant is
$$C_{240} = \texttt{0x1BD11BDAA9FC1A22}.$$
Further details and discussion of the tweak and its implications are found in
version 1.2 of the Skein specification document, as follows:
\begin{itemize}
\item Section~8.3 (``Key Schedule Constant,'')
\item Section ~9.3 (``Related-Key Attacks for the Threefish Block Cipher'')
\item Section ~9.5.2 (``Rotational Cryptanalysis'')
\item Section ~9.6 (``Empirical Observations for Threefish with Random Rotation Constants'')
\item Section ~9.7 (``Cryptanalysis Summary'')
\item Appendix~B (``Initial Chaining Values'')
\item Appendix~C (``Test Vectors'')
\item Appendix~E (``Empirical data for tweaking the key schedule constant'')
\end{itemize}
In addition, the following items have been updated in the Skein tweak submission package:
\begin{itemize}
\item Reference C source code
\item Optimized C source code (32-bit and 64-bit)
\item Assembly source code (32-bit and 64-bit)
\item Test vectors (KAT\_MCT directory)
\end{itemize}
\end{document}