Commit e08ce40b authored by hark's avatar hark

nacl avr

parent 0f837758
......@@ -10,6 +10,10 @@ base-tx: base-tx.c
test: test.c ../libs/pagerlib/pagerlib.c ../libs/pagerlib/things.c ../libs/pagerlib/pagerlib.h ../libs/pagerlib/packets.h
$(CC) -std=c99 -g -o test test.c ../libs/micro-ecc/uECC.c ../libs/pagerlib/pagerlib.c ../libs/pagerlib/things.c -lmbedtls -lmbedx509 -lsodium -lmbedcrypto $(LIBS) $(CFLAGS)
putstest: putstest.c ../libs/pagerlib/pagerlib.c ../libs/pagerlib/things.c ../libs/pagerlib/pagerlib.h ../libs/pagerlib/packets.h
$(CC) -std=c99 -g -o putstest putstest.c ../libs/micro-ecc/uECC.c ../libs/pagerlib/pagerlib.c ../libs/pagerlib/things.c -lmbedtls -lmbedx509 -lsodium -lmbedcrypto $(LIBS) $(CFLAGS)
rx-test: rx-test.c ../libs/pagerlib/pagerlib.c ../libs/pagerlib/things.c
$(CC) -std=c99 -g -o rx-test rx-test.c ../libs/micro-ecc/uECC.c ../libs/pagerlib/pagerlib.c ../libs/pagerlib/things.c -lmbedtls -lmbedx509 -lmbedcrypto $(LIBS) $(CFLAGS)
......
all: fast \
small \
8bitc
.PHONY: small fast clean
small:
cd avrnacl_small && $(MAKE)
fast:
cd avrnacl_fast && $(MAKE)
8bitc:
cd avrnacl_8bitc && $(MAKE)
clean:
-cd avrnacl_small && $(MAKE) clean
-cd avrnacl_fast && $(MAKE) clean
-cd avrnacl_8bitc && $(MAKE) clean
crypto_stream_salsa20
crypto_stream_xsalsa20
crypto_core_salsa20
crypto_core_hsalsa20
crypto_verify_16
crypto_verify_32
crypto_scalarmult_curve25519
crypto_hashblocks_sha512
crypto_hash_sha512
crypto_onetimeauth_poly1305
crypto_secretbox_xsalsa20poly1305
crypto_box_curve25519xsalsa20poly1305
crypto_dh_curve25519
crypto_auth_hmacsha512256
crypto_sign_ed25519
/*
* File: avrnacl.h
* Author: Michael Hutter, Peter Schwabe
* Version: Tue Aug 12 08:23:16 2014 +0200
* Public Domain
*/
#ifndef AVRNACL_H
#define AVRNACL_H
#define AVRNACL_VERSION "2014-07-XXX"
typedef char crypto_int8;
typedef unsigned char crypto_uint8;
typedef int crypto_int16;
typedef unsigned int crypto_uint16;
typedef long crypto_int32;
typedef unsigned long crypto_uint32;
typedef long long crypto_int64;
typedef unsigned long long crypto_uint64;
#define crypto_auth_PRIMITIVE "hmacsha512256"
#define crypto_auth crypto_auth_hmacsha512256
#define crypto_auth_verify crypto_auth_hmacsha512256_verify
#define crypto_auth_BYTES crypto_auth_hmacsha512256_BYTES
#define crypto_auth_KEYBYTES crypto_auth_hmacsha512256_KEYBYTES
#define crypto_auth_hmacsha512256_BYTES 32
#define crypto_auth_hmacsha512256_KEYBYTES 32
extern int crypto_auth_hmacsha512256(unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *);
extern int crypto_auth_hmacsha512256_verify(const unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *);
#define crypto_box_PRIMITIVE "curve25519xsalsa20poly1305"
#define crypto_box crypto_box_curve25519xsalsa20poly1305
#define crypto_box_open crypto_box_curve25519xsalsa20poly1305_open
#define crypto_box_keypair crypto_box_curve25519xsalsa20poly1305_keypair
#define crypto_box_beforenm crypto_box_curve25519xsalsa20poly1305_beforenm
#define crypto_box_afternm crypto_box_curve25519xsalsa20poly1305_afternm
#define crypto_box_open_afternm crypto_box_curve25519xsalsa20poly1305_open_afternm
#define crypto_box_PUBLICKEYBYTES crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES
#define crypto_box_SECRETKEYBYTES crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES
#define crypto_box_BEFORENMBYTES crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES
#define crypto_box_NONCEBYTES crypto_box_curve25519xsalsa20poly1305_NONCEBYTES
#define crypto_box_ZEROBYTES crypto_box_curve25519xsalsa20poly1305_ZEROBYTES
#define crypto_box_BOXZEROBYTES crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES
#define crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES 32
#define crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES 32
#define crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES 32
#define crypto_box_curve25519xsalsa20poly1305_NONCEBYTES 24
#define crypto_box_curve25519xsalsa20poly1305_ZEROBYTES 32
#define crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES 16
extern int crypto_box_curve25519xsalsa20poly1305(unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *,const unsigned char *,const unsigned char *);
extern int crypto_box_curve25519xsalsa20poly1305_open(unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *,const unsigned char *,const unsigned char *);
extern int crypto_box_curve25519xsalsa20poly1305_keypair(unsigned char *,unsigned char *);
extern int crypto_box_curve25519xsalsa20poly1305_beforenm(unsigned char *,const unsigned char *,const unsigned char *);
extern int crypto_box_curve25519xsalsa20poly1305_afternm(unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *,const unsigned char *);
extern int crypto_box_curve25519xsalsa20poly1305_open_afternm(unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *,const unsigned char *);
#define crypto_core_PRIMITIVE "salsa20"
#define crypto_core crypto_core_salsa20
#define crypto_core_OUTPUTBYTES crypto_core_salsa20_OUTPUTBYTES
#define crypto_core_INPUTBYTES crypto_core_salsa20_INPUTBYTES
#define crypto_core_KEYBYTES crypto_core_salsa20_KEYBYTES
#define crypto_core_CONSTBYTES crypto_core_salsa20_CONSTBYTES
#define crypto_core_salsa20_OUTPUTBYTES 64
#define crypto_core_salsa20_INPUTBYTES 16
#define crypto_core_salsa20_KEYBYTES 32
#define crypto_core_salsa20_CONSTBYTES 16
extern int crypto_core_salsa20(unsigned char *,const unsigned char *,const unsigned char *,const unsigned char *);
#define crypto_core_hsalsa20_OUTPUTBYTES 32
#define crypto_core_hsalsa20_INPUTBYTES 16
#define crypto_core_hsalsa20_KEYBYTES 32
#define crypto_core_hsalsa20_CONSTBYTES 16
extern int crypto_core_hsalsa20(unsigned char *,const unsigned char *,const unsigned char *,const unsigned char *);
#define crypto_hashblocks_PRIMITIVE "sha512"
#define crypto_hashblocks crypto_hashblocks_sha512
#define crypto_hashblocks_STATEBYTES crypto_hashblocks_sha512_STATEBYTES
#define crypto_hashblocks_BLOCKBYTES crypto_hashblocks_sha512_BLOCKBYTES
#define crypto_hashblocks_sha512_STATEBYTES 64
#define crypto_hashblocks_sha512_BLOCKBYTES 128
extern int crypto_hashblocks_sha512(unsigned char *,const unsigned char *,crypto_uint16);
#define crypto_hash_PRIMITIVE "sha512"
#define crypto_hash crypto_hash_sha512
#define crypto_hash_BYTES crypto_hash_sha512_BYTES
#define crypto_hash_sha512_BYTES 64
extern int crypto_hash_sha512(unsigned char *,const unsigned char *,crypto_uint16);
#define crypto_onetimeauth_PRIMITIVE "poly1305"
#define crypto_onetimeauth crypto_onetimeauth_poly1305
#define crypto_onetimeauth_verify crypto_onetimeauth_poly1305_verify
#define crypto_onetimeauth_BYTES crypto_onetimeauth_poly1305_BYTES
#define crypto_onetimeauth_KEYBYTES crypto_onetimeauth_poly1305_KEYBYTES
#define crypto_onetimeauth_poly1305_BYTES 16
#define crypto_onetimeauth_poly1305_KEYBYTES 32
extern int crypto_onetimeauth_poly1305(unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *);
extern int crypto_onetimeauth_poly1305_verify(const unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *);
#define crypto_scalarmult_PRIMITIVE "curve25519"
#define crypto_scalarmult crypto_scalarmult_curve25519
#define crypto_scalarmult_base crypto_scalarmult_curve25519_base
#define crypto_scalarmult_BYTES crypto_scalarmult_curve25519_BYTES
#define crypto_scalarmult_SCALARBYTES crypto_scalarmult_curve25519_SCALARBYTES
#define crypto_scalarmult_curve25519_BYTES 32
#define crypto_scalarmult_curve25519_SCALARBYTES 32
extern int crypto_scalarmult_curve25519(unsigned char *,const unsigned char *,const unsigned char *);
extern int crypto_scalarmult_curve25519_base(unsigned char *,const unsigned char *);
#define crypto_dh_PRIMITIVE "curve25519"
#define crypto_dh crypto_dh_curve25519
#define crypto_dh_keypair crypto_dh_curve25519_keypair
#define crypto_dh_BYTES crypto_dh_curve25519_BYTES
#define crypto_dh_SECRETKEYBYTES crypto_dh_curve25519_SECRETKEYBYTES
#define crypto_dh_PUBLICKEYBYTES crypto_dh_curve25519_PUBLICKEYBYTES
#define crypto_dh_BYTES crypto_dh_curve25519_BYTES
#define crypto_dh_curve25519_SECRETKEYBYTES 32
#define crypto_dh_curve25519_PUBLICKEYBYTES 32
#define crypto_dh_curve25519_BYTES 32
extern int crypto_dh_curve25519(unsigned char *,const unsigned char *,const unsigned char *);
extern int crypto_dh_curve25519_keypair(unsigned char *,unsigned char *);
#define crypto_secretbox_PRIMITIVE "xsalsa20poly1305"
#define crypto_secretbox crypto_secretbox_xsalsa20poly1305
#define crypto_secretbox_open crypto_secretbox_xsalsa20poly1305_open
#define crypto_secretbox_KEYBYTES crypto_secretbox_xsalsa20poly1305_KEYBYTES
#define crypto_secretbox_NONCEBYTES crypto_secretbox_xsalsa20poly1305_NONCEBYTES
#define crypto_secretbox_ZEROBYTES crypto_secretbox_xsalsa20poly1305_ZEROBYTES
#define crypto_secretbox_BOXZEROBYTES crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES
#define crypto_secretbox_xsalsa20poly1305_KEYBYTES 32
#define crypto_secretbox_xsalsa20poly1305_NONCEBYTES 24
#define crypto_secretbox_xsalsa20poly1305_ZEROBYTES 32
#define crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES 16
extern int crypto_secretbox_xsalsa20poly1305(unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *,const unsigned char *);
extern int crypto_secretbox_xsalsa20poly1305_open(unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *,const unsigned char *);
#define crypto_sign_PRIMITIVE "ed25519"
#define crypto_sign crypto_sign_ed25519
#define crypto_sign_open crypto_sign_ed25519_open
#define crypto_sign_keypair crypto_sign_ed25519_keypair
#define crypto_sign_BYTES crypto_sign_ed25519_BYTES
#define crypto_sign_PUBLICKEYBYTES crypto_sign_ed25519_PUBLICKEYBYTES
#define crypto_sign_SECRETKEYBYTES crypto_sign_ed25519_SECRETKEYBYTES
#define crypto_sign_ed25519_BYTES 64
#define crypto_sign_ed25519_PUBLICKEYBYTES 32
#define crypto_sign_ed25519_SECRETKEYBYTES 64
extern int crypto_sign_ed25519(unsigned char *,crypto_uint16 *,const unsigned char *,crypto_uint16,const unsigned char *);
extern int crypto_sign_ed25519_open(unsigned char *,crypto_uint16 *,const unsigned char *,crypto_uint16,const unsigned char *);
extern int crypto_sign_ed25519_keypair(unsigned char *,unsigned char *);
#define crypto_stream_PRIMITIVE "xsalsa20"
#define crypto_stream crypto_stream_xsalsa20
#define crypto_stream_xor crypto_stream_xsalsa20_xor
#define crypto_stream_KEYBYTES crypto_stream_xsalsa20_KEYBYTES
#define crypto_stream_NONCEBYTES crypto_stream_xsalsa20_NONCEBYTES
#define crypto_stream_xsalsa20_KEYBYTES 32
#define crypto_stream_xsalsa20_NONCEBYTES 24
extern int crypto_stream_xsalsa20(unsigned char *,crypto_uint16,const unsigned char *,const unsigned char *);
extern int crypto_stream_xsalsa20_xor(unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *,const unsigned char *);
#define crypto_stream_salsa20_KEYBYTES 32
#define crypto_stream_salsa20_NONCEBYTES 8
extern int crypto_stream_salsa20(unsigned char *,crypto_uint16,const unsigned char *,const unsigned char *);
extern int crypto_stream_salsa20_xor(unsigned char *,const unsigned char *,crypto_uint16,const unsigned char *,const unsigned char *);
#define crypto_verify_PRIMITIVE "16"
#define crypto_verify crypto_verify_16
#define crypto_verify_BYTES crypto_verify_16_BYTES
#define crypto_verify_16_BYTES 16
extern int crypto_verify_16(const unsigned char *,const unsigned char *);
#define crypto_verify_32_BYTES 32
extern int crypto_verify_32(const unsigned char *,const unsigned char *);
#endif
include ../config
CFLAGS = -g -Wall -Wextra -Werror -mmcu=$(TARGET_DEVICE) -O3 -I../randombytes/ -I.. -I./include/ -DF_CPU=$(CPUFREQ) -mcall-prologues
CFLAGS_SMALL = -g -Wall -Wextra -Werror -mmcu=$(TARGET_DEVICE) -Os -I../randombytes/ -I.. -I./include/ -DF_CPU=$(CPUFREQ) -mcall-prologues
all: test speed stack
include ../test.mk
include ../speed.mk
include ../stack.mk
obj/libnacl.a: obj/crypto_stream/salsa20.o \
obj/crypto_stream/xsalsa20.o \
obj/crypto_core/hsalsa20.o \
obj/crypto_core/salsa20.o \
obj/crypto_verify/verify.o \
obj/crypto_hashblocks/sha512.o \
obj/crypto_hash/sha512.o \
obj/crypto_auth/hmac.o \
obj/crypto_onetimeauth/poly1305.o \
obj/shared/consts.o \
obj/shared/fe25519.o \
obj/shared/bigint.o \
obj/crypto_scalarmult/curve25519.o \
obj/crypto_dh/curve25519.o \
obj/crypto_secretbox/xsalsa20poly1305.o \
obj/crypto_box/curve25519xsalsa20poly1305.o \
obj/crypto_sign/ed25519.o \
obj/crypto_sign/ge25519.o \
obj/crypto_sign/sc25519.o
$(AR) -ar cr obj/libnacl.a $^
$(STRIP) -g --strip-unneeded obj/libnacl.a $^
obj/crypto_stream/%.o: crypto_stream/%.[cS]
mkdir -p obj/crypto_stream
$(CC) $(CFLAGS) -c $^ -o $@
obj/crypto_core/%.o: crypto_core/%.[cS]
mkdir -p obj/crypto_core
$(CC) $(CFLAGS) -c $^ -o $@
obj/crypto_verify/%.o: crypto_verify/%.[cS]
mkdir -p obj/crypto_verify
$(CC) $(CFLAGS) -c $^ -o $@
obj/crypto_hashblocks/%.o: crypto_hashblocks/%.[cS]
mkdir -p obj/crypto_hashblocks
$(CC) $(CFLAGS_SMALL) -c $^ -o $@
obj/crypto_hash/%.o: crypto_hash/%.[cS]
mkdir -p obj/crypto_hash
$(CC) $(CFLAGS_SMALL) -c $^ -o $@
obj/crypto_auth/%.o: crypto_auth/%.[cS]
mkdir -p obj/crypto_auth
$(CC) $(CFLAGS) -c $^ -o $@
obj/crypto_onetimeauth/%.o: crypto_onetimeauth/%.[cS]
mkdir -p obj/crypto_onetimeauth
$(CC) $(CFLAGS) -c $^ -o $@
obj/crypto_scalarmult/%.o: crypto_scalarmult/%.[cS]
mkdir -p obj/crypto_scalarmult
$(CC) $(CFLAGS) -c $^ -o $@
obj/crypto_dh/%.o: crypto_dh/%.[cS]
mkdir -p obj/crypto_dh
$(CC) $(CFLAGS) -c $^ -o $@
obj/crypto_secretbox/%.o: crypto_secretbox/%.[cS]
mkdir -p obj/crypto_secretbox
$(CC) $(CFLAGS) -c $^ -o $@
obj/crypto_box/%.o: crypto_box/%.[cS]
mkdir -p obj/crypto_box
$(CC) $(CFLAGS) -c $^ -o $@
obj/crypto_sign/%.o: crypto_sign/%.[cS]
mkdir -p obj/crypto_sign
$(CC) $(CFLAGS) -c $^ -o $@
obj/shared/invert.o: shared/invert.c
mkdir -p obj/shared
$(CC) $(CFLAGS_SMALL) -c $^ -o $@
obj/shared/pow2523.o: shared/pow2523.c
mkdir -p obj/shared
$(CC) $(CFLAGS_SMALL) -c $^ -o $@
obj/shared/%.o: shared/%.[cS]
mkdir -p obj/shared
$(CC) $(CFLAGS) -c $^ -o $@
obj/randombytes.o: ../randombytes/randombytes.c
mkdir -p obj/
$(CC) $(CFLAGS) -c $^ -o $@
.PHONY: clean
clean:
-rm -r obj/*
-rm -r test/*
/*
* File: avrnacl_8bitc/crypto_auth/hmac.c
* Author: Michael Hutter, Peter Schwabe
* Version: Tue Aug 12 08:23:16 2014 +0200
* Public Domain
*/
/*
* Based on crypto_auth/hmacsha512256/ref, version 20080913
* by D. J. Bernstein (Public domain).
* */
#include "avrnacl.h"
#define blocks crypto_hashblocks_sha512
typedef unsigned long long uint64;
extern const unsigned char avrnacl_sha512_iv[64];
int crypto_auth_hmacsha512256(
unsigned char *out,
const unsigned char *in, crypto_uint16 inlen,
const unsigned char *k
)
{
unsigned char h[64];
unsigned char padded[256];
unsigned int i;
unsigned int bytes = 128 + inlen;
for (i = 0;i < 64;++i) h[i] = avrnacl_sha512_iv[i];
for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x36;
for (i = 32;i < 128;++i) padded[i] = 0x36;
blocks(h,padded,128);
blocks(h,in,inlen);
in += inlen;
inlen &= 127;
in -= inlen;
for (i = 0;i < inlen;++i) padded[i] = in[i];
padded[inlen] = 0x80;
if (inlen < 112) {
for (i = inlen + 1;i < 125;++i) padded[i] = 0;
padded[125] = bytes >> 13;
padded[126] = bytes >> 5;
padded[127] = bytes << 3;
blocks(h,padded,128);
} else {
for (i = inlen + 1;i < 253;++i) padded[i] = 0;
padded[253] = bytes >> 13;
padded[254] = bytes >> 5;
padded[255] = bytes << 3;
blocks(h,padded,256);
}
for (i = 0;i < 32;++i) padded[i] = k[i] ^ 0x5c;
for (i = 32;i < 128;++i) padded[i] = 0x5c;
for (i = 0;i < 64;++i) padded[128 + i] = h[i];
for (i = 0;i < 64;++i) h[i] = avrnacl_sha512_iv[i];
for (i = 64;i < 128;++i) padded[128 + i] = 0;
padded[128 + 64] = 0x80;
padded[128 + 126] = 6;
blocks(h,padded,256);
for (i = 0;i < 32;++i) out[i] = h[i];
return 0;
}
int crypto_auth_hmacsha512256_verify(
const unsigned char *h,
const unsigned char *in,crypto_uint16 inlen,
const unsigned char *k
)
{
unsigned char correct[32];
crypto_auth_hmacsha512256(correct,in,inlen,k);
return crypto_verify_32(h,correct);
}
/*
* File: avrnacl_8bitc/crypto_box/curve25519xsalsa20poly1305.c
* Author: Michael Hutter, Peter Schwabe
* Version: Wed Aug 6 13:19:40 2014 +0200
* Public Domain
*/
#include "avrnacl.h"
#include "randombytes.h"
static const unsigned char _0[16];
static const unsigned char sigma[16] = "expand 32-byte k";
int crypto_box_curve25519xsalsa20poly1305_keypair(
unsigned char *pk,
unsigned char *sk
)
{
randombytes(sk,32);
return crypto_scalarmult_curve25519_base(pk,sk);
}
int crypto_box_curve25519xsalsa20poly1305_beforenm(
unsigned char *k,
const unsigned char *pk,
const unsigned char *sk
)
{
unsigned char s[32];
crypto_scalarmult_curve25519(s,sk,pk);
return crypto_core_hsalsa20(k,_0,s,sigma);
}
int crypto_box_curve25519xsalsa20poly1305_afternm(
unsigned char *c,
const unsigned char *m,crypto_uint16 mlen,
const unsigned char *n,
const unsigned char *k
)
{
return crypto_secretbox_xsalsa20poly1305(c,m,mlen,n,k);
}
int crypto_box_curve25519xsalsa20poly1305_open_afternm(
unsigned char *m,
const unsigned char *c,crypto_uint16 clen,
const unsigned char *n,
const unsigned char *k
)
{
return crypto_secretbox_xsalsa20poly1305_open(m,c,clen,n,k);
}
int crypto_box_curve25519xsalsa20poly1305(
unsigned char *c,
const unsigned char *m,crypto_uint16 mlen,
const unsigned char *n,
const unsigned char *pk,
const unsigned char *sk
)
{
unsigned char k[32];
crypto_box_curve25519xsalsa20poly1305_beforenm(k,pk,sk);
return crypto_box_curve25519xsalsa20poly1305_afternm(c,m,mlen,n,k);
}
int crypto_box_curve25519xsalsa20poly1305_open(
unsigned char *m,
const unsigned char *c,crypto_uint16 clen,
const unsigned char *n,
const unsigned char *pk,
const unsigned char *sk
)
{
unsigned char k[32];
crypto_box_curve25519xsalsa20poly1305_beforenm(k,pk,sk);
return crypto_box_curve25519xsalsa20poly1305_open_afternm(m,c,clen,n,k);
}
/*
* File: avrnacl_8bitc/crypto_core/hsalsa20.c
* Author: Michael Hutter, Peter Schwabe
* Version: Wed Aug 13 04:15:13 2014 +0200
* Public Domain
*/
/*
* Based on tweetnacl.c version 20140427.
* by Daniel J. Bernstein, Wesley Janssen, Tanja Lange, and Peter Schwabe
*/
#include "avrnacl.h"
static crypto_uint32 L32(crypto_uint32 x,int c)
{
return (x << c) | (x >> (32 - c));
}
static crypto_uint32 ld32(const unsigned char *x)
{
crypto_uint32 u = x[3];
u = (u<<8)|x[2];
u = (u<<8)|x[1];
return (u<<8)|x[0];
}
static void st32(unsigned char *x,crypto_uint32 u)
{
int i;
for(i=0;i<4;i++)
{
x[i] = u;
u >>= 8;
}
}
static void core(unsigned char *out,const unsigned char *in,const unsigned char *k,const unsigned char *c)
{
crypto_uint32 w[16],x[16],y[16],t[4];
int i,j,m;
for(i=0;i<4;i++)
{
x[5*i] = ld32(c+4*i);
x[1+i] = ld32(k+4*i);
x[6+i] = ld32(in+4*i);
x[11+i] = ld32(k+16+4*i);
}
for(i=0;i<16;i++)
y[i] = x[i];
for(i=0;i<20;i++)
{
for(j=0;j<4;j++)
{
for(m=0;m<4;m++)
t[m] = x[(5*j+4*m)%16];
t[1] ^= L32(t[0]+t[3], 7);
t[2] ^= L32(t[1]+t[0], 9);
t[3] ^= L32(t[2]+t[1],13);
t[0] ^= L32(t[3]+t[2],18);
for(m=0;m<4;m++)
w[4*j+(j+m)%4] = t[m];
}
for(m=0;m<16