@@ -1,4 +1,2 @@

 *.o

 re

-keccak/*.o

-keccak/*.a

@@ -2,20 +2,17 @@ CC=gcc

 CFLAGS=-g -Wall -Ideps -I/usr/include/SDL2

 LDFLAGS=-lSDL2 -lSDL2_image

-KECCAKOPTS=-Ikeccak -DKeccakP200_excluded -DKeccakP400_excluded -DKeccakP800_excluded -DKeccakOpt=32

-

 all: re

 recenteditor_data.o: recenteditor_data.c recenteditor_data.h

-	$(CC) $(CFLAGS) $(KECCAKOPTS) -c -o recenteditor_data.o recenteditor_data.c

 recenteditor.o: recenteditor.c recenteditor_data.h

-keccak/keccak.a:

-	sh -c "cd keccak && make keccak.a"

+sha3.o: sha3/sha3.c sha3/sha3.h

+	$(CC) $(CFLAGS) -Isha3 -c -o sha3.o sha3/sha3.c

-re: recenteditor.o recenteditor_data.o keccak/keccak.a

-	$(CC) $(LDFLAGS) -o re recenteditor.o recenteditor_data.o keccak/keccak.a

+re: recenteditor.o recenteditor_data.o sha3.o

+	$(CC) $(LDFLAGS) -o re recenteditor.o recenteditor_data.o sha3.o

 clean:

-	rm -f recenteditor.o recenteditor_data.o re

+	rm -f recenteditor.o recenteditor_data.o sha3.o re

deleted file mode 100644

@@ -1,82 +0,0 @@

-/*

-Implementation by the Keccak, Keyak and Ketje Teams, namely, Guido Bertoni,

-Joan Daemen, Michaël Peeters, Gilles Van Assche and Ronny Van Keer, hereby

-denoted as "the implementer".

-

-For more information, feedback or questions, please refer to our websites:

-http://keccak.noekeon.org/

-http://keyak.noekeon.org/

-http://ketje.noekeon.org/

-

-To the extent possible under law, the implementer has waived all copyright

-and related or neighboring rights to the source code in this file.

-http://creativecommons.org/publicdomain/zero/1.0/

-*/

-

-#include <string.h>

-#include "KeccakHash.h"

-

-/* ---------------------------------------------------------------- */

-

-HashReturn Keccak_HashInitialize(Keccak_HashInstance *instance, unsigned int rate, unsigned int capacity, unsigned int hashbitlen, unsigned char delimitedSuffix)

-{

-    HashReturn result;

-

-    if (delimitedSuffix == 0)

-        return FAIL;

-    result = (HashReturn)KeccakWidth1600_SpongeInitialize(&instance->sponge, rate, capacity);

-    if (result != SUCCESS)

-        return result;

-    instance->fixedOutputLength = hashbitlen;

-    instance->delimitedSuffix = delimitedSuffix;

-    return SUCCESS;

-}

-

-/* ---------------------------------------------------------------- */

-

-HashReturn Keccak_HashUpdate(Keccak_HashInstance *instance, const BitSequence *data, DataLength databitlen)

-{

-    if ((databitlen % 8) == 0)

-        return (HashReturn)KeccakWidth1600_SpongeAbsorb(&instance->sponge, data, databitlen/8);

-    else {

-        HashReturn ret = (HashReturn)KeccakWidth1600_SpongeAbsorb(&instance->sponge, data, databitlen/8);

-        if (ret == SUCCESS) {

-            /* The last partial byte is assumed to be aligned on the least significant bits */

-

-            unsigned char lastByte = data[databitlen/8];

-            /* Concatenate the last few bits provided here with those of the suffix */

-

-            unsigned short delimitedLastBytes = (unsigned short)((unsigned short)lastByte | ((unsigned short)instance->delimitedSuffix << (databitlen % 8)));

-            if ((delimitedLastBytes & 0xFF00) == 0x0000) {

-                instance->delimitedSuffix = delimitedLastBytes & 0xFF;

-            }

-            else {

-                unsigned char oneByte[1];

-                oneByte[0] = delimitedLastBytes & 0xFF;

-                ret = (HashReturn)KeccakWidth1600_SpongeAbsorb(&instance->sponge, oneByte, 1);

-                instance->delimitedSuffix = (delimitedLastBytes >> 8) & 0xFF;

-            }

-        }

-        return ret;

-    }

-}

-

-/* ---------------------------------------------------------------- */

-

-HashReturn Keccak_HashFinal(Keccak_HashInstance *instance, BitSequence *hashval)

-{

-    HashReturn ret = (HashReturn)KeccakWidth1600_SpongeAbsorbLastFewBits(&instance->sponge, instance->delimitedSuffix);

-    if (ret == SUCCESS)

-        return (HashReturn)KeccakWidth1600_SpongeSqueeze(&instance->sponge, hashval, instance->fixedOutputLength/8);

-    else

-        return ret;

-}

-

-/* ---------------------------------------------------------------- */

-

-HashReturn Keccak_HashSqueeze(Keccak_HashInstance *instance, BitSequence *data, DataLength databitlen)

-{

-    if ((databitlen % 8) != 0)

-        return FAIL;

-    return (HashReturn)KeccakWidth1600_SpongeSqueeze(&instance->sponge, data, databitlen/8);

-}

deleted file mode 100644

@@ -1,114 +0,0 @@

-/*

-Implementation by the Keccak, Keyak and Ketje Teams, namely, Guido Bertoni,

-Joan Daemen, Michaël Peeters, Gilles Van Assche and Ronny Van Keer, hereby

-denoted as "the implementer".

-

-For more information, feedback or questions, please refer to our websites:

-http://keccak.noekeon.org/

-http://keyak.noekeon.org/

-http://ketje.noekeon.org/

-

-To the extent possible under law, the implementer has waived all copyright

-and related or neighboring rights to the source code in this file.

-http://creativecommons.org/publicdomain/zero/1.0/

-*/

-

-#ifndef _KeccakHashInterface_h_

-#define _KeccakHashInterface_h_

-

-#ifndef KeccakP1600_excluded

-

-#include "KeccakSponge.h"

-#include <string.h>

-

-typedef unsigned char BitSequence;

-typedef size_t DataLength;

-typedef enum { SUCCESS = 0, FAIL = 1, BAD_HASHLEN = 2 } HashReturn;

-

-typedef struct {

-    KeccakWidth1600_SpongeInstance sponge;

-    unsigned int fixedOutputLength;

-    unsigned char delimitedSuffix;

-} Keccak_HashInstance;

-

-/**

-  * Function to initialize the Keccak[r, c] sponge function instance used in sequential hashing mode.

-  * @param  hashInstance    Pointer to the hash instance to be initialized.

-  * @param  rate        The value of the rate r.

-  * @param  capacity    The value of the capacity c.

-  * @param  hashbitlen  The desired number of output bits,

-  *                     or 0 for an arbitrarily-long output.

-  * @param  delimitedSuffix Bits that will be automatically appended to the end

-  *                         of the input message, as in domain separation.

-  *                         This is a byte containing from 0 to 7 bits

-  *                         formatted like the @a delimitedData parameter of

-  *                         the Keccak_SpongeAbsorbLastFewBits() function.

-  * @pre    One must have r+c=1600 and the rate a multiple of 8 bits in this implementation.

-  * @return SUCCESS if successful, FAIL otherwise.

-  */

-HashReturn Keccak_HashInitialize(Keccak_HashInstance *hashInstance, unsigned int rate, unsigned int capacity, unsigned int hashbitlen, unsigned char delimitedSuffix);

-

-/** Macro to initialize a SHAKE128 instance as specified in the FIPS 202 standard.

-  */

-#define Keccak_HashInitialize_SHAKE128(hashInstance)        Keccak_HashInitialize(hashInstance, 1344,  256,   0, 0x1F)

-

-/** Macro to initialize a SHAKE256 instance as specified in the FIPS 202 standard.

-  */

-#define Keccak_HashInitialize_SHAKE256(hashInstance)        Keccak_HashInitialize(hashInstance, 1088,  512,   0, 0x1F)

-

-/** Macro to initialize a SHA3-224 instance as specified in the FIPS 202 standard.

-  */

-#define Keccak_HashInitialize_SHA3_224(hashInstance)        Keccak_HashInitialize(hashInstance, 1152,  448, 224, 0x06)

-

-/** Macro to initialize a SHA3-256 instance as specified in the FIPS 202 standard.

-  */

-#define Keccak_HashInitialize_SHA3_256(hashInstance)        Keccak_HashInitialize(hashInstance, 1088,  512, 256, 0x06)

-

-/** Macro to initialize a SHA3-384 instance as specified in the FIPS 202 standard.

-  */

-#define Keccak_HashInitialize_SHA3_384(hashInstance)        Keccak_HashInitialize(hashInstance,  832,  768, 384, 0x06)

-

-/** Macro to initialize a SHA3-512 instance as specified in the FIPS 202 standard.

-  */

-#define Keccak_HashInitialize_SHA3_512(hashInstance)        Keccak_HashInitialize(hashInstance,  576, 1024, 512, 0x06)

-

-/**

-  * Function to give input data to be absorbed.

-  * @param  hashInstance    Pointer to the hash instance initialized by Keccak_HashInitialize().

-  * @param  data        Pointer to the input data.

-  *                     When @a databitLen is not a multiple of 8, the last bits of data must be

-  *                     in the least significant bits of the last byte (little-endian convention).

-  * @param  databitLen  The number of input bits provided in the input data.

-  * @pre    In the previous call to Keccak_HashUpdate(), databitlen was a multiple of 8.

-  * @return SUCCESS if successful, FAIL otherwise.

-  */

-HashReturn Keccak_HashUpdate(Keccak_HashInstance *hashInstance, const BitSequence *data, DataLength databitlen);

-

-/**

-  * Function to call after all input blocks have been input and to get

-  * output bits if the length was specified when calling Keccak_HashInitialize().

-  * @param  hashInstance    Pointer to the hash instance initialized by Keccak_HashInitialize().

-  * If @a hashbitlen was not 0 in the call to Keccak_HashInitialize(), the number of

-  *     output bits is equal to @a hashbitlen.

-  * If @a hashbitlen was 0 in the call to Keccak_HashInitialize(), the output bits

-  *     must be extracted using the Keccak_HashSqueeze() function.

-  * @param  state       Pointer to the state of the sponge function initialized by Init().

-  * @param  hashval     Pointer to the buffer where to store the output data.

-  * @return SUCCESS if successful, FAIL otherwise.

-  */

-HashReturn Keccak_HashFinal(Keccak_HashInstance *hashInstance, BitSequence *hashval);

-

- /**

-  * Function to squeeze output data.

-  * @param  hashInstance    Pointer to the hash instance initialized by Keccak_HashInitialize().

-  * @param  data        Pointer to the buffer where to store the output data.

-  * @param  databitlen  The number of output bits desired (must be a multiple of 8).

-  * @pre    Keccak_HashFinal() must have been already called.

-  * @pre    @a databitlen is a multiple of 8.

-  * @return SUCCESS if successful, FAIL otherwise.

-  */

-HashReturn Keccak_HashSqueeze(Keccak_HashInstance *hashInstance, BitSequence *data, DataLength databitlen);

-

-#endif

-

-#endif

deleted file mode 100644

@@ -1,37 +0,0 @@

-/*

-Implementation by the Keccak, Keyak and Ketje Teams, namely, Guido Bertoni,

-Joan Daemen, Michaël Peeters, Gilles Van Assche and Ronny Van Keer, hereby

-denoted as "the implementer".

-

-For more information, feedback or questions, please refer to our websites:

-http://keccak.noekeon.org/

-http://keyak.noekeon.org/

-http://ketje.noekeon.org/

-

-To the extent possible under law, the implementer has waived all copyright

-and related or neighboring rights to the source code in this file.

-http://creativecommons.org/publicdomain/zero/1.0/

-*/

-

-#ifndef _KeccakP_1600_SnP_h_

-#define _KeccakP_1600_SnP_h_

-

-/** For the documentation, see SnP-documentation.h.

- */

-

-#define KeccakP1600_implementation      "in-place 32-bit optimized implementation"

-#define KeccakP1600_stateSizeInBytes    200

-#define KeccakP1600_stateAlignment      8

-

-#define KeccakP1600_StaticInitialize()

-void KeccakP1600_Initialize(void *state);

-void KeccakP1600_AddByte(void *state, unsigned char data, unsigned int offset);

-void KeccakP1600_AddBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length);

-void KeccakP1600_OverwriteBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length);

-void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount);

-void KeccakP1600_Permute_12rounds(void *state);

-void KeccakP1600_Permute_24rounds(void *state);

-void KeccakP1600_ExtractBytes(const void *state, unsigned char *data, unsigned int offset, unsigned int length);

-void KeccakP1600_ExtractAndAddBytes(const void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length);

-

-#endif

deleted file mode 100644

@@ -1,49 +0,0 @@

-/*

-Implementation by the Keccak, Keyak and Ketje Teams, namely, Guido Bertoni,

-Joan Daemen, Michaël Peeters, Gilles Van Assche and Ronny Van Keer, hereby

-denoted as "the implementer".

-

-For more information, feedback or questions, please refer to our websites:

-http://keccak.noekeon.org/

-http://keyak.noekeon.org/

-http://ketje.noekeon.org/

-

-To the extent possible under law, the implementer has waived all copyright

-and related or neighboring rights to the source code in this file.

-http://creativecommons.org/publicdomain/zero/1.0/

-*/

-

-#ifndef _KeccakP_1600_SnP_h_

-#define _KeccakP_1600_SnP_h_

-

-/** For the documentation, see SnP-documentation.h.

- */

-

-/* #include "brg_endian.h" */

-#include "KeccakP-1600-opt64-config.h"

-

-#define KeccakP1600_implementation      "generic 64-bit optimized implementation (" KeccakP1600_implementation_config ")"

-#define KeccakP1600_stateSizeInBytes    200

-#define KeccakP1600_stateAlignment      8

-#define KeccakF1600_FastLoop_supported

-

-#include <stddef.h>

-

-#define KeccakP1600_StaticInitialize()

-void KeccakP1600_Initialize(void *state);

-#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)

-#define KeccakP1600_AddByte(state, byte, offset) \

-    ((unsigned char*)(state))[(offset)] ^= (byte)

-#else

-void KeccakP1600_AddByte(void *state, unsigned char data, unsigned int offset);

-#endif

-void KeccakP1600_AddBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length);

-void KeccakP1600_OverwriteBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length);

-void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount);

-void KeccakP1600_Permute_12rounds(void *state);

-void KeccakP1600_Permute_24rounds(void *state);

-void KeccakP1600_ExtractBytes(const void *state, unsigned char *data, unsigned int offset, unsigned int length);

-void KeccakP1600_ExtractAndAddBytes(const void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length);

-size_t KeccakF1600_FastLoop_Absorb(void *state, unsigned int laneCount, const unsigned char *data, size_t dataByteLen);

-

-#endif

deleted file mode 100644

@@ -1,7 +0,0 @@

-#if KeccakOpt == 64

-  #include "KeccakP-1600-SnP-opt64.h"

-#elif KeccakOpt == 32

-  #include "KeccakP-1600-SnP-opt32.h"

-#else

-  #error "No KeccakOpt"

-#endif

deleted file mode 100644

@@ -1,1162 +0,0 @@

-/*

-Implementation by the Keccak, Keyak and Ketje Teams, namely, Guido Bertoni,

-Joan Daemen, Michaël Peeters, Gilles Van Assche and Ronny Van Keer, hereby

-denoted as "the implementer".

-

-For more information, feedback or questions, please refer to our websites:

-http://keccak.noekeon.org/

-http://keyak.noekeon.org/

-http://ketje.noekeon.org/

-

-To the extent possible under law, the implementer has waived all copyright

-and related or neighboring rights to the source code in this file.

-http://creativecommons.org/publicdomain/zero/1.0/

-*/

-

-#include    <string.h>

-/* #include "brg_endian.h" */

-#include "KeccakP-1600-SnP.h"

-#include "SnP-Relaned.h"

-

-typedef unsigned char UINT8;

-typedef unsigned int UINT32;

-/* WARNING: on 8-bit and 16-bit platforms, this should be replaced by: */

-

-/*typedef unsigned long       UINT32; */

-

-

-#define ROL32(a, offset) ((((UINT32)a) << (offset)) ^ (((UINT32)a) >> (32-(offset))))

-

-/* Credit to Henry S. Warren, Hacker's Delight, Addison-Wesley, 2002 */

-

-#define prepareToBitInterleaving(low, high, temp, temp0, temp1) \

-        temp0 = (low); \

-        temp = (temp0 ^ (temp0 >>  1)) & 0x22222222UL;  temp0 = temp0 ^ temp ^ (temp <<  1); \

-        temp = (temp0 ^ (temp0 >>  2)) & 0x0C0C0C0CUL;  temp0 = temp0 ^ temp ^ (temp <<  2); \

-        temp = (temp0 ^ (temp0 >>  4)) & 0x00F000F0UL;  temp0 = temp0 ^ temp ^ (temp <<  4); \

-        temp = (temp0 ^ (temp0 >>  8)) & 0x0000FF00UL;  temp0 = temp0 ^ temp ^ (temp <<  8); \

-        temp1 = (high); \

-        temp = (temp1 ^ (temp1 >>  1)) & 0x22222222UL;  temp1 = temp1 ^ temp ^ (temp <<  1); \

-        temp = (temp1 ^ (temp1 >>  2)) & 0x0C0C0C0CUL;  temp1 = temp1 ^ temp ^ (temp <<  2); \

-        temp = (temp1 ^ (temp1 >>  4)) & 0x00F000F0UL;  temp1 = temp1 ^ temp ^ (temp <<  4); \

-        temp = (temp1 ^ (temp1 >>  8)) & 0x0000FF00UL;  temp1 = temp1 ^ temp ^ (temp <<  8);

-

-#define toBitInterleavingAndXOR(low, high, even, odd, temp, temp0, temp1) \

-        prepareToBitInterleaving(low, high, temp, temp0, temp1) \

-        even ^= (temp0 & 0x0000FFFF) | (temp1 << 16); \

-        odd ^= (temp0 >> 16) | (temp1 & 0xFFFF0000);

-

-#define toBitInterleavingAndAND(low, high, even, odd, temp, temp0, temp1) \

-        prepareToBitInterleaving(low, high, temp, temp0, temp1) \

-        even &= (temp0 & 0x0000FFFF) | (temp1 << 16); \

-        odd &= (temp0 >> 16) | (temp1 & 0xFFFF0000);

-

-#define toBitInterleavingAndSet(low, high, even, odd, temp, temp0, temp1) \

-        prepareToBitInterleaving(low, high, temp, temp0, temp1) \

-        even = (temp0 & 0x0000FFFF) | (temp1 << 16); \

-        odd = (temp0 >> 16) | (temp1 & 0xFFFF0000);

-

-/* Credit to Henry S. Warren, Hacker's Delight, Addison-Wesley, 2002 */

-

-#define prepareFromBitInterleaving(even, odd, temp, temp0, temp1) \

-        temp0 = (even); \

-        temp1 = (odd); \

-        temp = (temp0 & 0x0000FFFF) | (temp1 << 16); \

-        temp1 = (temp0 >> 16) | (temp1 & 0xFFFF0000); \

-        temp0 = temp; \

-        temp = (temp0 ^ (temp0 >>  8)) & 0x0000FF00UL;  temp0 = temp0 ^ temp ^ (temp <<  8); \

-        temp = (temp0 ^ (temp0 >>  4)) & 0x00F000F0UL;  temp0 = temp0 ^ temp ^ (temp <<  4); \

-        temp = (temp0 ^ (temp0 >>  2)) & 0x0C0C0C0CUL;  temp0 = temp0 ^ temp ^ (temp <<  2); \

-        temp = (temp0 ^ (temp0 >>  1)) & 0x22222222UL;  temp0 = temp0 ^ temp ^ (temp <<  1); \

-        temp = (temp1 ^ (temp1 >>  8)) & 0x0000FF00UL;  temp1 = temp1 ^ temp ^ (temp <<  8); \

-        temp = (temp1 ^ (temp1 >>  4)) & 0x00F000F0UL;  temp1 = temp1 ^ temp ^ (temp <<  4); \

-        temp = (temp1 ^ (temp1 >>  2)) & 0x0C0C0C0CUL;  temp1 = temp1 ^ temp ^ (temp <<  2); \

-        temp = (temp1 ^ (temp1 >>  1)) & 0x22222222UL;  temp1 = temp1 ^ temp ^ (temp <<  1);

-

-#define fromBitInterleaving(even, odd, low, high, temp, temp0, temp1) \

-        prepareFromBitInterleaving(even, odd, temp, temp0, temp1) \

-        low = temp0; \

-        high = temp1;

-

-#define fromBitInterleavingAndXOR(even, odd, lowIn, highIn, lowOut, highOut, temp, temp0, temp1) \

-        prepareFromBitInterleaving(even, odd, temp, temp0, temp1) \

-        lowOut = lowIn ^ temp0; \

-        highOut = highIn ^ temp1;

-

-void KeccakP1600_SetBytesInLaneToZero(void *state, unsigned int lanePosition, unsigned int offset, unsigned int length)

-{

-    UINT8 laneAsBytes[8];

-    UINT32 low, high;

-    UINT32 temp, temp0, temp1;

-    UINT32 *stateAsHalfLanes = (UINT32*)state;

-

-    memset(laneAsBytes, 0xFF, offset);

-    memset(laneAsBytes+offset, 0x00, length);

-    memset(laneAsBytes+offset+length, 0xFF, 8-offset-length);

-#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)

-    low = *((UINT32*)(laneAsBytes+0));

-    high = *((UINT32*)(laneAsBytes+4));

-#else

-    low = laneAsBytes[0]

-        | ((UINT32)(laneAsBytes[1]) << 8)

-        | ((UINT32)(laneAsBytes[2]) << 16)

-        | ((UINT32)(laneAsBytes[3]) << 24);

-    high = laneAsBytes[4]

-        | ((UINT32)(laneAsBytes[5]) << 8)

-        | ((UINT32)(laneAsBytes[6]) << 16)

-        | ((UINT32)(laneAsBytes[7]) << 24);

-#endif

-    toBitInterleavingAndAND(low, high, stateAsHalfLanes[lanePosition*2+0], stateAsHalfLanes[lanePosition*2+1], temp, temp0, temp1);

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_Initialize(void *state)

-{

-    memset(state, 0, 200);

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_AddByte(void *state, unsigned char byte, unsigned int offset)

-{

-    unsigned int lanePosition = offset/8;

-    unsigned int offsetInLane = offset%8;

-    UINT32 low, high;

-    UINT32 temp, temp0, temp1;

-    UINT32 *stateAsHalfLanes = (UINT32*)state;

-

-    if (offsetInLane < 4) {

-        low = (UINT32)byte << (offsetInLane*8);

-        high = 0;

-    }

-    else {

-        low = 0;

-        high = (UINT32)byte << ((offsetInLane-4)*8);

-    }

-    toBitInterleavingAndXOR(low, high, stateAsHalfLanes[lanePosition*2+0], stateAsHalfLanes[lanePosition*2+1], temp, temp0, temp1);

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_AddBytesInLane(void *state, unsigned int lanePosition, const unsigned char *data, unsigned int offset, unsigned int length)

-{

-    UINT8 laneAsBytes[8];

-    UINT32 low, high;

-    UINT32 temp, temp0, temp1;

-    UINT32 *stateAsHalfLanes = (UINT32*)state;

-

-    memset(laneAsBytes, 0, 8);

-    memcpy(laneAsBytes+offset, data, length);

-#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)

-    low = *((UINT32*)(laneAsBytes+0));

-    high = *((UINT32*)(laneAsBytes+4));

-#else

-    low = laneAsBytes[0]

-        | ((UINT32)(laneAsBytes[1]) << 8)

-        | ((UINT32)(laneAsBytes[2]) << 16)

-        | ((UINT32)(laneAsBytes[3]) << 24);

-    high = laneAsBytes[4]

-        | ((UINT32)(laneAsBytes[5]) << 8)

-        | ((UINT32)(laneAsBytes[6]) << 16)

-        | ((UINT32)(laneAsBytes[7]) << 24);

-#endif

-    toBitInterleavingAndXOR(low, high, stateAsHalfLanes[lanePosition*2+0], stateAsHalfLanes[lanePosition*2+1], temp, temp0, temp1);

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_AddLanes(void *state, const unsigned char *data, unsigned int laneCount)

-{

-#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)

-    const UINT32 * pI = (const UINT32 *)data;

-    UINT32 * pS = (UINT32*)state;

-    UINT32 t, x0, x1;

-    int i;

-    for (i = laneCount-1; i >= 0; --i) {

-#ifdef NO_MISALIGNED_ACCESSES

-        UINT32 low;

-        UINT32 high;

-        memcpy(&low, pI++, 4);

-        memcpy(&high, pI++, 4);

-        toBitInterleavingAndXOR(low, high, *(pS++), *(pS++), t, x0, x1);

-#else

-        toBitInterleavingAndXOR(*(pI++), *(pI++), *(pS++), *(pS++), t, x0, x1)

-#endif

-    }

-#else

-    unsigned int lanePosition;

-    for(lanePosition=0; lanePosition<laneCount; lanePosition++) {

-        UINT8 laneAsBytes[8];

-        UINT32 low, high, temp, temp0, temp1;

-        UINT32 *stateAsHalfLanes;

-        memcpy(laneAsBytes, data+lanePosition*8, 8);

-        low = laneAsBytes[0]

-            | ((UINT32)(laneAsBytes[1]) << 8)

-            | ((UINT32)(laneAsBytes[2]) << 16)

-            | ((UINT32)(laneAsBytes[3]) << 24);

-        high = laneAsBytes[4]

-            | ((UINT32)(laneAsBytes[5]) << 8)

-            | ((UINT32)(laneAsBytes[6]) << 16)

-            | ((UINT32)(laneAsBytes[7]) << 24);

-        stateAsHalfLanes = (UINT32*)state;

-        toBitInterleavingAndXOR(low, high, stateAsHalfLanes[lanePosition*2+0], stateAsHalfLanes[lanePosition*2+1], temp, temp0, temp1);

-    }

-#endif

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_AddBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)

-{

-    SnP_AddBytes(state, data, offset, length, KeccakP1600_AddLanes, KeccakP1600_AddBytesInLane, 8);

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_OverwriteBytesInLane(void *state, unsigned int lanePosition, const unsigned char *data, unsigned int offset, unsigned int length)

-{

-    KeccakP1600_SetBytesInLaneToZero(state, lanePosition, offset, length);

-    KeccakP1600_AddBytesInLane(state, lanePosition, data, offset, length);

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_OverwriteLanes(void *state, const unsigned char *data, unsigned int laneCount)

-{

-#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)

-    const UINT32 * pI = (const UINT32 *)data;

-    UINT32 * pS = (UINT32 *)state;

-    UINT32 t, x0, x1;

-    int i;

-    for (i = laneCount-1; i >= 0; --i) {

-#ifdef NO_MISALIGNED_ACCESSES

-        UINT32 low;

-        UINT32 high;

-        memcpy(&low, pI++, 4);

-        memcpy(&high, pI++, 4);

-        toBitInterleavingAndSet(low, high, *(pS++), *(pS++), t, x0, x1);

-#else

-        toBitInterleavingAndSet(*(pI++), *(pI++), *(pS++), *(pS++), t, x0, x1)

-#endif

-    }

-#else

-    unsigned int lanePosition;

-    for(lanePosition=0; lanePosition<laneCount; lanePosition++) {

-        UINT8 laneAsBytes[8];

-        UINT32 low, high, temp, temp0, temp1;

-        UINT32 *stateAsHalfLanes;

-        memcpy(laneAsBytes, data+lanePosition*8, 8);

-        low = laneAsBytes[0]

-            | ((UINT32)(laneAsBytes[1]) << 8)

-            | ((UINT32)(laneAsBytes[2]) << 16)

-            | ((UINT32)(laneAsBytes[3]) << 24);

-        high = laneAsBytes[4]

-            | ((UINT32)(laneAsBytes[5]) << 8)

-            | ((UINT32)(laneAsBytes[6]) << 16)

-            | ((UINT32)(laneAsBytes[7]) << 24);

-        stateAsHalfLanes = (UINT32*)state;

-        toBitInterleavingAndSet(low, high, stateAsHalfLanes[lanePosition*2+0], stateAsHalfLanes[lanePosition*2+1], temp, temp0, temp1);

-    }

-#endif

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_OverwriteBytes(void *state, const unsigned char *data, unsigned int offset, unsigned int length)

-{

-    SnP_OverwriteBytes(state, data, offset, length, KeccakP1600_OverwriteLanes, KeccakP1600_OverwriteBytesInLane, 8);

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount)

-{

-    UINT32 *stateAsHalfLanes = (UINT32*)state;

-    unsigned int i;

-

-    for(i=0; i<byteCount/8; i++) {

-        stateAsHalfLanes[i*2+0] = 0;

-        stateAsHalfLanes[i*2+1] = 0;

-    }

-    if (byteCount%8 != 0)

-        KeccakP1600_SetBytesInLaneToZero(state, byteCount/8, 0, byteCount%8);

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_ExtractBytesInLane(const void *state, unsigned int lanePosition, unsigned char *data, unsigned int offset, unsigned int length)

-{

-    UINT32 *stateAsHalfLanes = (UINT32*)state;

-    UINT32 low, high, temp, temp0, temp1;

-    UINT8 laneAsBytes[8];

-

-    fromBitInterleaving(stateAsHalfLanes[lanePosition*2], stateAsHalfLanes[lanePosition*2+1], low, high, temp, temp0, temp1);

-#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)

-    *((UINT32*)(laneAsBytes+0)) = low;

-    *((UINT32*)(laneAsBytes+4)) = high;

-#else

-    laneAsBytes[0] = low & 0xFF;

-    laneAsBytes[1] = (low >> 8) & 0xFF;

-    laneAsBytes[2] = (low >> 16) & 0xFF;

-    laneAsBytes[3] = (low >> 24) & 0xFF;

-    laneAsBytes[4] = high & 0xFF;

-    laneAsBytes[5] = (high >> 8) & 0xFF;

-    laneAsBytes[6] = (high >> 16) & 0xFF;

-    laneAsBytes[7] = (high >> 24) & 0xFF;

-#endif

-    memcpy(data, laneAsBytes+offset, length);

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_ExtractLanes(const void *state, unsigned char *data, unsigned int laneCount)

-{

-#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)

-    UINT32 * pI = (UINT32 *)data;

-    const UINT32 * pS = ( const UINT32 *)state;

-    UINT32 t, x0, x1;

-    int i;

-    for (i = laneCount-1; i >= 0; --i) {

-#ifdef NO_MISALIGNED_ACCESSES

-        UINT32 low;

-        UINT32 high;

-        fromBitInterleaving(*(pS++), *(pS++), low, high, t, x0, x1);

-        memcpy(pI++, &low, 4);

-        memcpy(pI++, &high, 4);

-#else

-        fromBitInterleaving(*(pS++), *(pS++), *(pI++), *(pI++), t, x0, x1)

-#endif

-    }

-#else

-    unsigned int lanePosition;

-    for(lanePosition=0; lanePosition<laneCount; lanePosition++) {

-        UINT32 *stateAsHalfLanes = (UINT32*)state;

-        UINT32 low, high, temp, temp0, temp1;

-        UINT8 laneAsBytes[8];

-        fromBitInterleaving(stateAsHalfLanes[lanePosition*2], stateAsHalfLanes[lanePosition*2+1], low, high, temp, temp0, temp1);

-        laneAsBytes[0] = low & 0xFF;

-        laneAsBytes[1] = (low >> 8) & 0xFF;

-        laneAsBytes[2] = (low >> 16) & 0xFF;

-        laneAsBytes[3] = (low >> 24) & 0xFF;

-        laneAsBytes[4] = high & 0xFF;

-        laneAsBytes[5] = (high >> 8) & 0xFF;

-        laneAsBytes[6] = (high >> 16) & 0xFF;

-        laneAsBytes[7] = (high >> 24) & 0xFF;

-        memcpy(data+lanePosition*8, laneAsBytes, 8);

-    }

-#endif

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_ExtractBytes(const void *state, unsigned char *data, unsigned int offset, unsigned int length)

-{

-    SnP_ExtractBytes(state, data, offset, length, KeccakP1600_ExtractLanes, KeccakP1600_ExtractBytesInLane, 8);

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_ExtractAndAddBytesInLane(const void *state, unsigned int lanePosition, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length)

-{

-    UINT32 *stateAsHalfLanes = (UINT32*)state;

-    UINT32 low, high, temp, temp0, temp1;

-    UINT8 laneAsBytes[8];

-    unsigned int i;

-

-    fromBitInterleaving(stateAsHalfLanes[lanePosition*2], stateAsHalfLanes[lanePosition*2+1], low, high, temp, temp0, temp1);

-#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)

-    *((UINT32*)(laneAsBytes+0)) = low;

-    *((UINT32*)(laneAsBytes+4)) = high;

-#else

-    laneAsBytes[0] = low & 0xFF;

-    laneAsBytes[1] = (low >> 8) & 0xFF;

-    laneAsBytes[2] = (low >> 16) & 0xFF;

-    laneAsBytes[3] = (low >> 24) & 0xFF;

-    laneAsBytes[4] = high & 0xFF;

-    laneAsBytes[5] = (high >> 8) & 0xFF;

-    laneAsBytes[6] = (high >> 16) & 0xFF;

-    laneAsBytes[7] = (high >> 24) & 0xFF;

-#endif

-    for(i=0; i<length; i++)

-        output[i] = input[i] ^ laneAsBytes[offset+i];

-}

-

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_ExtractAndAddLanes(const void *state, const unsigned char *input, unsigned char *output, unsigned int laneCount)

-{

-#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)

-    const UINT32 * pI = (const UINT32 *)input;

-    UINT32 * pO = (UINT32 *)output;

-    const UINT32 * pS = (const UINT32 *)state;

-    UINT32 t, x0, x1;

-    int i;

-    for (i = laneCount-1; i >= 0; --i) {

-#ifdef NO_MISALIGNED_ACCESSES

-        UINT32 low;

-        UINT32 high;

-        fromBitInterleaving(*(pS++), *(pS++), low, high, t, x0, x1);

-        *(pO++) = *(pI++) ^ low;

-        *(pO++) = *(pI++) ^ high;

-#else

-        fromBitInterleavingAndXOR(*(pS++), *(pS++), *(pI++), *(pI++), *(pO++), *(pO++), t, x0, x1)

-#endif

-    }

-#else

-    unsigned int lanePosition;

-    for(lanePosition=0; lanePosition<laneCount; lanePosition++) {

-        UINT32 *stateAsHalfLanes = (UINT32*)state;

-        UINT32 low, high, temp, temp0, temp1;

-        UINT8 laneAsBytes[8];

-        fromBitInterleaving(stateAsHalfLanes[lanePosition*2], stateAsHalfLanes[lanePosition*2+1], low, high, temp, temp0, temp1);

-        laneAsBytes[0] = low & 0xFF;

-        laneAsBytes[1] = (low >> 8) & 0xFF;

-        laneAsBytes[2] = (low >> 16) & 0xFF;

-        laneAsBytes[3] = (low >> 24) & 0xFF;

-        laneAsBytes[4] = high & 0xFF;

-        laneAsBytes[5] = (high >> 8) & 0xFF;

-        laneAsBytes[6] = (high >> 16) & 0xFF;

-        laneAsBytes[7] = (high >> 24) & 0xFF;

-        ((UINT32*)(output+lanePosition*8))[0] = ((UINT32*)(input+lanePosition*8))[0] ^ (*(const UINT32*)(laneAsBytes+0));

-        ((UINT32*)(output+lanePosition*8))[1] = ((UINT32*)(input+lanePosition*8))[0] ^ (*(const UINT32*)(laneAsBytes+4));

-    }

-#endif

-}

-/* ---------------------------------------------------------------- */

-

-void KeccakP1600_ExtractAndAddBytes(const void *state, const unsigned char *input, unsigned char *output, unsigned int offset, unsigned int length)

-{

-    SnP_ExtractAndAddBytes(state, input, output, offset, length, KeccakP1600_ExtractAndAddLanes, KeccakP1600_ExtractAndAddBytesInLane, 8);

-}

-

-/* ---------------------------------------------------------------- */

-

-static const UINT32 KeccakF1600RoundConstants_int2[2*24+1] =

-{

-    0x00000001UL,    0x00000000UL,

-    0x00000000UL,    0x00000089UL,

-    0x00000000UL,    0x8000008bUL,

-    0x00000000UL,    0x80008080UL,

-    0x00000001UL,    0x0000008bUL,

-    0x00000001UL,    0x00008000UL,

-    0x00000001UL,    0x80008088UL,

-    0x00000001UL,    0x80000082UL,

-    0x00000000UL,    0x0000000bUL,

-    0x00000000UL,    0x0000000aUL,

-    0x00000001UL,    0x00008082UL,

-    0x00000000UL,    0x00008003UL,

-    0x00000001UL,    0x0000808bUL,

-    0x00000001UL,    0x8000000bUL,

-    0x00000001UL,    0x8000008aUL,

-    0x00000001UL,    0x80000081UL,

-    0x00000000UL,    0x80000081UL,

-    0x00000000UL,    0x80000008UL,

-    0x00000000UL,    0x00000083UL,

-    0x00000000UL,    0x80008003UL,

-    0x00000001UL,    0x80008088UL,

-    0x00000000UL,    0x80000088UL,

-    0x00000001UL,    0x00008000UL,

-    0x00000000UL,    0x80008082UL,

-    0x000000FFUL

-};

-

-#define KeccakAtoD_round0() \

-        Cx = Abu0^Agu0^Aku0^Amu0^Asu0; \

-        Du1 = Abe1^Age1^Ake1^Ame1^Ase1; \

-        Da0 = Cx^ROL32(Du1, 1); \

-        Cz = Abu1^Agu1^Aku1^Amu1^Asu1; \

-        Du0 = Abe0^Age0^Ake0^Ame0^Ase0; \

-        Da1 = Cz^Du0; \

-\

-        Cw = Abi0^Agi0^Aki0^Ami0^Asi0; \

-        Do0 = Cw^ROL32(Cz, 1); \

-        Cy = Abi1^Agi1^Aki1^Ami1^Asi1; \

-        Do1 = Cy^Cx; \

-\

-        Cx = Aba0^Aga0^Aka0^Ama0^Asa0; \

-        De0 = Cx^ROL32(Cy, 1); \

-        Cz = Aba1^Aga1^Aka1^Ama1^Asa1; \

-        De1 = Cz^Cw; \

-\

-        Cy = Abo1^Ago1^Ako1^Amo1^Aso1; \

-        Di0 = Du0^ROL32(Cy, 1); \

-        Cw = Abo0^Ago0^Ako0^Amo0^Aso0; \

-        Di1 = Du1^Cw; \

-\

-        Du0 = Cw^ROL32(Cz, 1); \

-        Du1 = Cy^Cx; \

-

-#define KeccakAtoD_round1() \

-        Cx = Asu0^Agu0^Amu0^Abu1^Aku1; \

-        Du1 = Age1^Ame0^Abe0^Ake1^Ase1; \

-        Da0 = Cx^ROL32(Du1, 1); \

-        Cz = Asu1^Agu1^Amu1^Abu0^Aku0; \

-        Du0 = Age0^Ame1^Abe1^Ake0^Ase0; \

-        Da1 = Cz^Du0; \

-\

-        Cw = Aki1^Asi1^Agi0^Ami1^Abi0; \

-        Do0 = Cw^ROL32(Cz, 1); \

-        Cy = Aki0^Asi0^Agi1^Ami0^Abi1; \

-        Do1 = Cy^Cx; \

-\

-        Cx = Aba0^Aka1^Asa0^Aga0^Ama1; \

-        De0 = Cx^ROL32(Cy, 1); \

-        Cz = Aba1^Aka0^Asa1^Aga1^Ama0; \

-        De1 = Cz^Cw; \

-\

-        Cy = Amo0^Abo1^Ako0^Aso1^Ago0; \

-        Di0 = Du0^ROL32(Cy, 1); \

-        Cw = Amo1^Abo0^Ako1^Aso0^Ago1; \

-        Di1 = Du1^Cw; \

-\

-        Du0 = Cw^ROL32(Cz, 1); \

-        Du1 = Cy^Cx; \

-

-#define KeccakAtoD_round2() \

-        Cx = Aku1^Agu0^Abu1^Asu1^Amu1; \

-        Du1 = Ame0^Ake0^Age0^Abe0^Ase1; \

-        Da0 = Cx^ROL32(Du1, 1); \

-        Cz = Aku0^Agu1^Abu0^Asu0^Amu0; \

-        Du0 = Ame1^Ake1^Age1^Abe1^Ase0; \

-        Da1 = Cz^Du0; \

-\

-        Cw = Agi1^Abi1^Asi1^Ami0^Aki1; \

-        Do0 = Cw^ROL32(Cz, 1); \

-        Cy = Agi0^Abi0^Asi0^Ami1^Aki0; \

-        Do1 = Cy^Cx; \

-\

-        Cx = Aba0^Asa1^Ama1^Aka1^Aga1; \

-        De0 = Cx^ROL32(Cy, 1); \

-        Cz = Aba1^Asa0^Ama0^Aka0^Aga0; \

-        De1 = Cz^Cw; \