static void speck64_decrypt
(
const kripto_block *s,
const void *ct,
void *pt
)
{
uint32_t a;
uint32_t b;
unsigned int i;
a = LOAD32B(CU8(ct));
b = LOAD32B(CU8(ct) + 4);
for(i = s->rounds; i--;)
IR(a, b, s->k[i]);
STORE32B(a, U8(pt));
STORE32B(b, U8(pt) + 4);
}
/* compress 512-bits */
static int sha256_compress(struct sha256_state *md, const unsigned char *buf)
{
__u32 S[8], W[64], t0, t1;
__u32 t;
int i;
/* copy state into S */
for (i = 0; i < 8; i++)
S[i] = md->state[i];
/* copy the state into 512-bits into W[0..15] */
for (i = 0; i < 16; i++)
W[i] = LOAD32B(buf + (4 * i));
/* fill W[16..63] */
for (i = 16; i < 64; i++)
W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) + W[i - 16];
/* Compress */
#define RND(a, b, c, d, e, f, g, h, i) \
t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \
t1 = Sigma0(a) + Maj(a, b, c); \
d += t0; \
h = t0 + t1;
for (i = 0; i < 64; ++i) {
RND(S[0], S[1], S[2], S[3], S[4], S[5], S[6], S[7], i);
t = S[7]; S[7] = S[6]; S[6] = S[5]; S[5] = S[4];
S[4] = S[3]; S[3] = S[2]; S[2] = S[1]; S[1] = S[0]; S[0] = t;
}
/* feedback */
for (i = 0; i < 8; i++)
md->state[i] = md->state[i] + S[i];
return 0;
}
