xref: /AOO41X/main/sal/rtl/source/cipher.c (revision cdf0e10c4e3984b49a9502b011690b615761d4a3) 
1*cdf0e10cSrcweir /*************************************************************************
2*cdf0e10cSrcweir  *
3*cdf0e10cSrcweir  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4*cdf0e10cSrcweir  *
5*cdf0e10cSrcweir  * Copyright 2000, 2010 Oracle and/or its affiliates.
6*cdf0e10cSrcweir  *
7*cdf0e10cSrcweir  * OpenOffice.org - a multi-platform office productivity suite
8*cdf0e10cSrcweir  *
9*cdf0e10cSrcweir  * This file is part of OpenOffice.org.
10*cdf0e10cSrcweir  *
11*cdf0e10cSrcweir  * OpenOffice.org is free software: you can redistribute it and/or modify
12*cdf0e10cSrcweir  * it under the terms of the GNU Lesser General Public License version 3
13*cdf0e10cSrcweir  * only, as published by the Free Software Foundation.
14*cdf0e10cSrcweir  *
15*cdf0e10cSrcweir  * OpenOffice.org is distributed in the hope that it will be useful,
16*cdf0e10cSrcweir  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17*cdf0e10cSrcweir  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18*cdf0e10cSrcweir  * GNU Lesser General Public License version 3 for more details
19*cdf0e10cSrcweir  * (a copy is included in the LICENSE file that accompanied this code).
20*cdf0e10cSrcweir  *
21*cdf0e10cSrcweir  * You should have received a copy of the GNU Lesser General Public License
22*cdf0e10cSrcweir  * version 3 along with OpenOffice.org.  If not, see
23*cdf0e10cSrcweir  * <http://www.openoffice.org/license.html>
24*cdf0e10cSrcweir  * for a copy of the LGPLv3 License.
25*cdf0e10cSrcweir  *
26*cdf0e10cSrcweir  ************************************************************************/
27*cdf0e10cSrcweir 
28*cdf0e10cSrcweir #define _RTL_CIPHER_C_ "$Revision: 1.5 $"
29*cdf0e10cSrcweir 
30*cdf0e10cSrcweir #include <sal/types.h>
31*cdf0e10cSrcweir #include <rtl/alloc.h>
32*cdf0e10cSrcweir #include <rtl/memory.h>
33*cdf0e10cSrcweir #include <rtl/cipher.h>
34*cdf0e10cSrcweir 
35*cdf0e10cSrcweir /*========================================================================
36*cdf0e10cSrcweir  *
37*cdf0e10cSrcweir  * rtlCipher internals.
38*cdf0e10cSrcweir  *
39*cdf0e10cSrcweir  *======================================================================*/
40*cdf0e10cSrcweir #define RTL_CIPHER_NTOHL(c, l) \
41*cdf0e10cSrcweir 	((l)  = ((sal_uInt32)(*((c)++))) << 24L, \
42*cdf0e10cSrcweir 	 (l) |= ((sal_uInt32)(*((c)++))) << 16L, \
43*cdf0e10cSrcweir 	 (l) |= ((sal_uInt32)(*((c)++))) <<  8L, \
44*cdf0e10cSrcweir 	 (l) |= ((sal_uInt32)(*((c)++))))
45*cdf0e10cSrcweir 
46*cdf0e10cSrcweir #define RTL_CIPHER_HTONL(l, c) \
47*cdf0e10cSrcweir 	(*((c)++) = (sal_uInt8)(((l) >> 24L) & 0xff), \
48*cdf0e10cSrcweir 	 *((c)++) = (sal_uInt8)(((l) >> 16L) & 0xff), \
49*cdf0e10cSrcweir 	 *((c)++) = (sal_uInt8)(((l) >>  8L) & 0xff), \
50*cdf0e10cSrcweir 	 *((c)++) = (sal_uInt8)(((l)       ) & 0xff))
51*cdf0e10cSrcweir 
52*cdf0e10cSrcweir #define RTL_CIPHER_NTOHL64(c, xl, xr, n) \
53*cdf0e10cSrcweir { \
54*cdf0e10cSrcweir 	(xl) = (xr) = 0; \
55*cdf0e10cSrcweir 	(c) += (n);  \
56*cdf0e10cSrcweir 	switch ((n)) \
57*cdf0e10cSrcweir 	{ \
58*cdf0e10cSrcweir 		case 8: (xr)  = ((sal_uInt32)(*(--(c)))); \
59*cdf0e10cSrcweir 		case 7: (xr) |= ((sal_uInt32)(*(--(c)))) <<  8L; \
60*cdf0e10cSrcweir 		case 6: (xr) |= ((sal_uInt32)(*(--(c)))) << 16L; \
61*cdf0e10cSrcweir 		case 5: (xr) |= ((sal_uInt32)(*(--(c)))) << 24L; \
62*cdf0e10cSrcweir 		case 4: (xl)  = ((sal_uInt32)(*(--(c)))); \
63*cdf0e10cSrcweir 		case 3: (xl) |= ((sal_uInt32)(*(--(c)))) <<  8L; \
64*cdf0e10cSrcweir 		case 2: (xl) |= ((sal_uInt32)(*(--(c)))) << 16L; \
65*cdf0e10cSrcweir 		case 1: (xl) |= ((sal_uInt32)(*(--(c)))) << 24L; \
66*cdf0e10cSrcweir 	} \
67*cdf0e10cSrcweir }
68*cdf0e10cSrcweir 
69*cdf0e10cSrcweir #define RTL_CIPHER_HTONL64(xl, xr, c, n) \
70*cdf0e10cSrcweir { \
71*cdf0e10cSrcweir 	(c) += (n);  \
72*cdf0e10cSrcweir 	switch ((n)) \
73*cdf0e10cSrcweir 	{ \
74*cdf0e10cSrcweir 		case 8: *(--(c)) = (sal_uInt8)(((xr)       ) & 0xff); \
75*cdf0e10cSrcweir 		case 7: *(--(c)) = (sal_uInt8)(((xr) >>  8L) & 0xff); \
76*cdf0e10cSrcweir 		case 6: *(--(c)) = (sal_uInt8)(((xr) >> 16L) & 0xff); \
77*cdf0e10cSrcweir 		case 5: *(--(c)) = (sal_uInt8)(((xr) >> 24L) & 0xff); \
78*cdf0e10cSrcweir 		case 4: *(--(c)) = (sal_uInt8)(((xl)       ) & 0xff); \
79*cdf0e10cSrcweir 		case 3: *(--(c)) = (sal_uInt8)(((xl) >>  8L) & 0xff); \
80*cdf0e10cSrcweir 		case 2: *(--(c)) = (sal_uInt8)(((xl) >> 16L) & 0xff); \
81*cdf0e10cSrcweir 		case 1: *(--(c)) = (sal_uInt8)(((xl) >> 24L) & 0xff); \
82*cdf0e10cSrcweir 	} \
83*cdf0e10cSrcweir }
84*cdf0e10cSrcweir 
85*cdf0e10cSrcweir typedef rtlCipherError (SAL_CALL cipher_init_t) (
86*cdf0e10cSrcweir 	rtlCipher          Cipher,
87*cdf0e10cSrcweir 	rtlCipherDirection Direction,
88*cdf0e10cSrcweir 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
89*cdf0e10cSrcweir 	const sal_uInt8 *pArgData, sal_Size nArgLen);
90*cdf0e10cSrcweir 
91*cdf0e10cSrcweir typedef rtlCipherError (SAL_CALL cipher_update_t) (
92*cdf0e10cSrcweir 	rtlCipher   Cipher,
93*cdf0e10cSrcweir 	const void *pData,   sal_Size nDatLen,
94*cdf0e10cSrcweir 	sal_uInt8  *pBuffer, sal_Size nBufLen);
95*cdf0e10cSrcweir 
96*cdf0e10cSrcweir typedef void (SAL_CALL cipher_delete_t) (rtlCipher Cipher);
97*cdf0e10cSrcweir 
98*cdf0e10cSrcweir /** Cipher_Impl.
99*cdf0e10cSrcweir  */
100*cdf0e10cSrcweir typedef struct cipher_impl_st
101*cdf0e10cSrcweir {
102*cdf0e10cSrcweir 	rtlCipherAlgorithm  m_algorithm;
103*cdf0e10cSrcweir 	rtlCipherDirection  m_direction;
104*cdf0e10cSrcweir 	rtlCipherMode       m_mode;
105*cdf0e10cSrcweir 
106*cdf0e10cSrcweir 	cipher_init_t      *m_init;
107*cdf0e10cSrcweir 	cipher_update_t    *m_encode;
108*cdf0e10cSrcweir 	cipher_update_t    *m_decode;
109*cdf0e10cSrcweir 	cipher_delete_t    *m_delete;
110*cdf0e10cSrcweir } Cipher_Impl;
111*cdf0e10cSrcweir 
112*cdf0e10cSrcweir /*========================================================================
113*cdf0e10cSrcweir  *
114*cdf0e10cSrcweir  * rtlCipher implementation.
115*cdf0e10cSrcweir  *
116*cdf0e10cSrcweir  *======================================================================*/
117*cdf0e10cSrcweir /*
118*cdf0e10cSrcweir  * rtl_cipher_create.
119*cdf0e10cSrcweir  */
120*cdf0e10cSrcweir rtlCipher SAL_CALL rtl_cipher_create (
121*cdf0e10cSrcweir 	rtlCipherAlgorithm Algorithm,
122*cdf0e10cSrcweir 	rtlCipherMode      Mode)
123*cdf0e10cSrcweir {
124*cdf0e10cSrcweir 	rtlCipher Cipher = (rtlCipher)NULL;
125*cdf0e10cSrcweir 	switch (Algorithm)
126*cdf0e10cSrcweir 	{
127*cdf0e10cSrcweir 		case rtl_Cipher_AlgorithmBF:
128*cdf0e10cSrcweir 			Cipher = rtl_cipher_createBF (Mode);
129*cdf0e10cSrcweir 			break;
130*cdf0e10cSrcweir 
131*cdf0e10cSrcweir 		case rtl_Cipher_AlgorithmARCFOUR:
132*cdf0e10cSrcweir 			Cipher = rtl_cipher_createARCFOUR (Mode);
133*cdf0e10cSrcweir 			break;
134*cdf0e10cSrcweir 
135*cdf0e10cSrcweir 		default: /* rtl_Cipher_AlgorithmInvalid */
136*cdf0e10cSrcweir 			break;
137*cdf0e10cSrcweir 	}
138*cdf0e10cSrcweir 	return Cipher;
139*cdf0e10cSrcweir }
140*cdf0e10cSrcweir 
141*cdf0e10cSrcweir /*
142*cdf0e10cSrcweir  * rtl_cipher_init.
143*cdf0e10cSrcweir  */
144*cdf0e10cSrcweir rtlCipherError SAL_CALL rtl_cipher_init (
145*cdf0e10cSrcweir 	rtlCipher          Cipher,
146*cdf0e10cSrcweir 	rtlCipherDirection Direction,
147*cdf0e10cSrcweir 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
148*cdf0e10cSrcweir 	const sal_uInt8 *pArgData, sal_Size nArgLen)
149*cdf0e10cSrcweir {
150*cdf0e10cSrcweir 	Cipher_Impl *pImpl = (Cipher_Impl*)Cipher;
151*cdf0e10cSrcweir 	if (pImpl == NULL)
152*cdf0e10cSrcweir 		return rtl_Cipher_E_Argument;
153*cdf0e10cSrcweir 	if (pImpl->m_init == NULL)
154*cdf0e10cSrcweir 		return rtl_Cipher_E_Unknown;
155*cdf0e10cSrcweir 
156*cdf0e10cSrcweir 	return (pImpl->m_init)(
157*cdf0e10cSrcweir 		Cipher, Direction, pKeyData, nKeyLen, pArgData, nArgLen);
158*cdf0e10cSrcweir }
159*cdf0e10cSrcweir 
160*cdf0e10cSrcweir /*
161*cdf0e10cSrcweir  * rtl_cipher_encode.
162*cdf0e10cSrcweir  */
163*cdf0e10cSrcweir rtlCipherError SAL_CALL rtl_cipher_encode (
164*cdf0e10cSrcweir 	rtlCipher   Cipher,
165*cdf0e10cSrcweir 	const void *pData,   sal_Size nDatLen,
166*cdf0e10cSrcweir 	sal_uInt8  *pBuffer, sal_Size nBufLen)
167*cdf0e10cSrcweir {
168*cdf0e10cSrcweir 	Cipher_Impl *pImpl = (Cipher_Impl*)Cipher;
169*cdf0e10cSrcweir 	if (pImpl == NULL)
170*cdf0e10cSrcweir 		return rtl_Cipher_E_Argument;
171*cdf0e10cSrcweir 	if (pImpl->m_encode == NULL)
172*cdf0e10cSrcweir 		return rtl_Cipher_E_Unknown;
173*cdf0e10cSrcweir 
174*cdf0e10cSrcweir 	return (pImpl->m_encode)(Cipher, pData, nDatLen, pBuffer, nBufLen);
175*cdf0e10cSrcweir }
176*cdf0e10cSrcweir 
177*cdf0e10cSrcweir /*
178*cdf0e10cSrcweir  * rtl_cipher_decode.
179*cdf0e10cSrcweir  */
180*cdf0e10cSrcweir rtlCipherError SAL_CALL rtl_cipher_decode (
181*cdf0e10cSrcweir 	rtlCipher   Cipher,
182*cdf0e10cSrcweir 	const void *pData,   sal_Size nDatLen,
183*cdf0e10cSrcweir 	sal_uInt8  *pBuffer, sal_Size nBufLen)
184*cdf0e10cSrcweir {
185*cdf0e10cSrcweir 	Cipher_Impl *pImpl = (Cipher_Impl*)Cipher;
186*cdf0e10cSrcweir 	if (pImpl == NULL)
187*cdf0e10cSrcweir 		return rtl_Cipher_E_Argument;
188*cdf0e10cSrcweir 	if (pImpl->m_decode == NULL)
189*cdf0e10cSrcweir 		return rtl_Cipher_E_Unknown;
190*cdf0e10cSrcweir 
191*cdf0e10cSrcweir 	return (pImpl->m_decode)(Cipher, pData, nDatLen, pBuffer, nBufLen);
192*cdf0e10cSrcweir }
193*cdf0e10cSrcweir 
194*cdf0e10cSrcweir /*
195*cdf0e10cSrcweir  * rtl_cipher_destroy.
196*cdf0e10cSrcweir  */
197*cdf0e10cSrcweir void SAL_CALL rtl_cipher_destroy (rtlCipher Cipher)
198*cdf0e10cSrcweir {
199*cdf0e10cSrcweir 	Cipher_Impl *pImpl = (Cipher_Impl*)Cipher;
200*cdf0e10cSrcweir 	if (pImpl && pImpl->m_delete)
201*cdf0e10cSrcweir 		pImpl->m_delete (Cipher);
202*cdf0e10cSrcweir }
203*cdf0e10cSrcweir 
204*cdf0e10cSrcweir /*========================================================================
205*cdf0e10cSrcweir  *
206*cdf0e10cSrcweir  * rtl_cipherBF (Blowfish) internals.
207*cdf0e10cSrcweir  *
208*cdf0e10cSrcweir  *======================================================================*/
209*cdf0e10cSrcweir #define CIPHER_ROUNDS_BF 16
210*cdf0e10cSrcweir 
211*cdf0e10cSrcweir typedef struct cipherBF_key_st
212*cdf0e10cSrcweir {
213*cdf0e10cSrcweir 	sal_uInt32 m_S[4][256];
214*cdf0e10cSrcweir 	sal_uInt32 m_P[CIPHER_ROUNDS_BF + 2];
215*cdf0e10cSrcweir } CipherKeyBF;
216*cdf0e10cSrcweir 
217*cdf0e10cSrcweir typedef struct cipherBF_context_st
218*cdf0e10cSrcweir {
219*cdf0e10cSrcweir 	CipherKeyBF    m_key;
220*cdf0e10cSrcweir 	union
221*cdf0e10cSrcweir 	{
222*cdf0e10cSrcweir 		sal_uInt32 m_long[2];
223*cdf0e10cSrcweir 		sal_uInt8  m_byte[8];
224*cdf0e10cSrcweir 	} m_iv;
225*cdf0e10cSrcweir 	sal_uInt32     m_offset;
226*cdf0e10cSrcweir } CipherContextBF;
227*cdf0e10cSrcweir 
228*cdf0e10cSrcweir typedef struct cipherBF_impl_st
229*cdf0e10cSrcweir {
230*cdf0e10cSrcweir 	Cipher_Impl     m_cipher;
231*cdf0e10cSrcweir 	CipherContextBF m_context;
232*cdf0e10cSrcweir } CipherBF_Impl;
233*cdf0e10cSrcweir 
234*cdf0e10cSrcweir /** __rtl_cipherBF_init.
235*cdf0e10cSrcweir  */
236*cdf0e10cSrcweir static rtlCipherError __rtl_cipherBF_init (
237*cdf0e10cSrcweir 	CipherContextBF *ctx,
238*cdf0e10cSrcweir 	rtlCipherMode    eMode,
239*cdf0e10cSrcweir 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
240*cdf0e10cSrcweir 	const sal_uInt8 *pArgData, sal_Size nArgLen);
241*cdf0e10cSrcweir 
242*cdf0e10cSrcweir /** __rtl_cipherBF_update.
243*cdf0e10cSrcweir  */
244*cdf0e10cSrcweir static rtlCipherError __rtl_cipherBF_update (
245*cdf0e10cSrcweir 	CipherContextBF    *ctx,
246*cdf0e10cSrcweir 	rtlCipherMode       eMode,
247*cdf0e10cSrcweir 	rtlCipherDirection  eDirection,
248*cdf0e10cSrcweir 	const sal_uInt8    *pData,   sal_Size nDatLen,
249*cdf0e10cSrcweir 	sal_uInt8          *pBuffer, sal_Size nBufLen);
250*cdf0e10cSrcweir 
251*cdf0e10cSrcweir /** __rtl_cipherBF_updateECB.
252*cdf0e10cSrcweir  */
253*cdf0e10cSrcweir static void __rtl_cipherBF_updateECB (
254*cdf0e10cSrcweir 	CipherContextBF    *ctx,
255*cdf0e10cSrcweir 	rtlCipherDirection  direction,
256*cdf0e10cSrcweir 	const sal_uInt8    *pData,
257*cdf0e10cSrcweir 	sal_uInt8          *pBuffer,
258*cdf0e10cSrcweir 	sal_Size            nLength);
259*cdf0e10cSrcweir 
260*cdf0e10cSrcweir /** __rtl_cipherBF_updateCBC.
261*cdf0e10cSrcweir  */
262*cdf0e10cSrcweir static void __rtl_cipherBF_updateCBC (
263*cdf0e10cSrcweir 	CipherContextBF    *ctx,
264*cdf0e10cSrcweir 	rtlCipherDirection  direction,
265*cdf0e10cSrcweir 	const sal_uInt8    *pData,
266*cdf0e10cSrcweir 	sal_uInt8          *pBuffer,
267*cdf0e10cSrcweir 	sal_Size          nLength);
268*cdf0e10cSrcweir 
269*cdf0e10cSrcweir /** __rtl_cipherBF_updateCFB.
270*cdf0e10cSrcweir  */
271*cdf0e10cSrcweir static void __rtl_cipherBF_updateCFB (
272*cdf0e10cSrcweir 	CipherContextBF    *ctx,
273*cdf0e10cSrcweir 	rtlCipherDirection  direction,
274*cdf0e10cSrcweir 	const sal_uInt8    *pData,
275*cdf0e10cSrcweir 	sal_uInt8          *pBuffer);
276*cdf0e10cSrcweir 
277*cdf0e10cSrcweir /** __rtl_cipher_encode.
278*cdf0e10cSrcweir  */
279*cdf0e10cSrcweir static void __rtl_cipherBF_encode (
280*cdf0e10cSrcweir 	CipherKeyBF *key, sal_uInt32 *xl, sal_uInt32 *xr);
281*cdf0e10cSrcweir 
282*cdf0e10cSrcweir /** __rtl_cipherBF_decode.
283*cdf0e10cSrcweir  */
284*cdf0e10cSrcweir static void __rtl_cipherBF_decode (
285*cdf0e10cSrcweir 	CipherKeyBF *key, sal_uInt32 *xl, sal_uInt32 *xr);
286*cdf0e10cSrcweir 
287*cdf0e10cSrcweir /** __rtl_cipherBF.
288*cdf0e10cSrcweir  */
289*cdf0e10cSrcweir static sal_uInt32 __rtl_cipherBF (
290*cdf0e10cSrcweir 	CipherKeyBF *key, sal_uInt32 x);
291*cdf0e10cSrcweir 
292*cdf0e10cSrcweir /** __rtl_cipherBF_key.
293*cdf0e10cSrcweir  */
294*cdf0e10cSrcweir static const CipherKeyBF __rtl_cipherBF_key =
295*cdf0e10cSrcweir {
296*cdf0e10cSrcweir 	/* S */
297*cdf0e10cSrcweir 	{
298*cdf0e10cSrcweir 		/* S[0] */
299*cdf0e10cSrcweir 		{
300*cdf0e10cSrcweir 			/* 0 */
301*cdf0e10cSrcweir 			0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L,
302*cdf0e10cSrcweir 			0xB8E1AFEDL, 0x6A267E96L, 0xBA7C9045L, 0xF12C7F99L,
303*cdf0e10cSrcweir 			0x24A19947L, 0xB3916CF7L, 0x0801F2E2L, 0x858EFC16L,
304*cdf0e10cSrcweir 			0x636920D8L, 0x71574E69L, 0xA458FEA3L, 0xF4933D7EL,
305*cdf0e10cSrcweir 
306*cdf0e10cSrcweir 			/* 1 */
307*cdf0e10cSrcweir 			0x0D95748FL, 0x728EB658L, 0x718BCD58L, 0x82154AEEL,
308*cdf0e10cSrcweir 			0x7B54A41DL, 0xC25A59B5L, 0x9C30D539L, 0x2AF26013L,
309*cdf0e10cSrcweir 			0xC5D1B023L, 0x286085F0L, 0xCA417918L, 0xB8DB38EFL,
310*cdf0e10cSrcweir 			0x8E79DCB0L, 0x603A180EL, 0x6C9E0E8BL, 0xB01E8A3EL,
311*cdf0e10cSrcweir 
312*cdf0e10cSrcweir 			/* 2 */
313*cdf0e10cSrcweir 			0xD71577C1L, 0xBD314B27L, 0x78AF2FDAL, 0x55605C60L,
314*cdf0e10cSrcweir 			0xE65525F3L, 0xAA55AB94L, 0x57489862L, 0x63E81440L,
315*cdf0e10cSrcweir 			0x55CA396AL, 0x2AAB10B6L, 0xB4CC5C34L, 0x1141E8CEL,
316*cdf0e10cSrcweir 			0xA15486AFL, 0x7C72E993L, 0xB3EE1411L, 0x636FBC2AL,
317*cdf0e10cSrcweir 
318*cdf0e10cSrcweir 			/* 3 */
319*cdf0e10cSrcweir 			0x2BA9C55DL, 0x741831F6L, 0xCE5C3E16L, 0x9B87931EL,
320*cdf0e10cSrcweir 			0xAFD6BA33L, 0x6C24CF5CL, 0x7A325381L, 0x28958677L,
321*cdf0e10cSrcweir 			0x3B8F4898L, 0x6B4BB9AFL, 0xC4BFE81BL, 0x66282193L,
322*cdf0e10cSrcweir 			0x61D809CCL, 0xFB21A991L, 0x487CAC60L, 0x5DEC8032L,
323*cdf0e10cSrcweir 
324*cdf0e10cSrcweir 			/* 4 */
325*cdf0e10cSrcweir 			0xEF845D5DL, 0xE98575B1L, 0xDC262302L, 0xEB651B88L,
326*cdf0e10cSrcweir 			0x23893E81L, 0xD396ACC5L, 0x0F6D6FF3L, 0x83F44239L,
327*cdf0e10cSrcweir 			0x2E0B4482L, 0xA4842004L, 0x69C8F04AL, 0x9E1F9B5EL,
328*cdf0e10cSrcweir 			0x21C66842L, 0xF6E96C9AL, 0x670C9C61L, 0xABD388F0L,
329*cdf0e10cSrcweir 
330*cdf0e10cSrcweir 			/* 5 */
331*cdf0e10cSrcweir 			0x6A51A0D2L, 0xD8542F68L, 0x960FA728L, 0xAB5133A3L,
332*cdf0e10cSrcweir 			0x6EEF0B6CL, 0x137A3BE4L, 0xBA3BF050L, 0x7EFB2A98L,
333*cdf0e10cSrcweir 			0xA1F1651DL, 0x39AF0176L, 0x66CA593EL, 0x82430E88L,
334*cdf0e10cSrcweir 			0x8CEE8619L, 0x456F9FB4L, 0x7D84A5C3L, 0x3B8B5EBEL,
335*cdf0e10cSrcweir 
336*cdf0e10cSrcweir 			/* 6 */
337*cdf0e10cSrcweir 			0xE06F75D8L, 0x85C12073L, 0x401A449FL, 0x56C16AA6L,
338*cdf0e10cSrcweir 			0x4ED3AA62L, 0x363F7706L, 0x1BFEDF72L, 0x429B023DL,
339*cdf0e10cSrcweir 			0x37D0D724L, 0xD00A1248L, 0xDB0FEAD3L, 0x49F1C09BL,
340*cdf0e10cSrcweir 			0x075372C9L, 0x80991B7BL, 0x25D479D8L, 0xF6E8DEF7L,
341*cdf0e10cSrcweir 
342*cdf0e10cSrcweir 			/* 7 */
343*cdf0e10cSrcweir 			0xE3FE501AL, 0xB6794C3BL, 0x976CE0BDL, 0x04C006BAL,
344*cdf0e10cSrcweir 			0xC1A94FB6L, 0x409F60C4L, 0x5E5C9EC2L, 0x196A2463L,
345*cdf0e10cSrcweir 			0x68FB6FAFL, 0x3E6C53B5L, 0x1339B2EBL, 0x3B52EC6FL,
346*cdf0e10cSrcweir 			0x6DFC511FL, 0x9B30952CL, 0xCC814544L, 0xAF5EBD09L,
347*cdf0e10cSrcweir 
348*cdf0e10cSrcweir 			/* 8 */
349*cdf0e10cSrcweir 			0xBEE3D004L, 0xDE334AFDL, 0x660F2807L, 0x192E4BB3L,
350*cdf0e10cSrcweir 			0xC0CBA857L, 0x45C8740FL, 0xD20B5F39L, 0xB9D3FBDBL,
351*cdf0e10cSrcweir 			0x5579C0BDL, 0x1A60320AL, 0xD6A100C6L, 0x402C7279L,
352*cdf0e10cSrcweir 			0x679F25FEL, 0xFB1FA3CCL, 0x8EA5E9F8L, 0xDB3222F8L,
353*cdf0e10cSrcweir 
354*cdf0e10cSrcweir 			/* 9 */
355*cdf0e10cSrcweir 			0x3C7516DFL, 0xFD616B15L, 0x2F501EC8L, 0xAD0552ABL,
356*cdf0e10cSrcweir 			0x323DB5FAL, 0xFD238760L, 0x53317B48L, 0x3E00DF82L,
357*cdf0e10cSrcweir 			0x9E5C57BBL, 0xCA6F8CA0L, 0x1A87562EL, 0xDF1769DBL,
358*cdf0e10cSrcweir 			0xD542A8F6L, 0x287EFFC3L, 0xAC6732C6L, 0x8C4F5573L,
359*cdf0e10cSrcweir 
360*cdf0e10cSrcweir 			/* A */
361*cdf0e10cSrcweir 			0x695B27B0L, 0xBBCA58C8L, 0xE1FFA35DL, 0xB8F011A0L,
362*cdf0e10cSrcweir 			0x10FA3D98L, 0xFD2183B8L, 0x4AFCB56CL, 0x2DD1D35BL,
363*cdf0e10cSrcweir 			0x9A53E479L, 0xB6F84565L, 0xD28E49BCL, 0x4BFB9790L,
364*cdf0e10cSrcweir 			0xE1DDF2DAL, 0xA4CB7E33L, 0x62FB1341L, 0xCEE4C6E8L,
365*cdf0e10cSrcweir 
366*cdf0e10cSrcweir 			/* B */
367*cdf0e10cSrcweir 			0xEF20CADAL, 0x36774C01L, 0xD07E9EFEL, 0x2BF11FB4L,
368*cdf0e10cSrcweir 			0x95DBDA4DL, 0xAE909198L, 0xEAAD8E71L, 0x6B93D5A0L,
369*cdf0e10cSrcweir 			0xD08ED1D0L, 0xAFC725E0L, 0x8E3C5B2FL, 0x8E7594B7L,
370*cdf0e10cSrcweir 			0x8FF6E2FBL, 0xF2122B64L, 0x8888B812L, 0x900DF01CL,
371*cdf0e10cSrcweir 
372*cdf0e10cSrcweir 			/* C */
373*cdf0e10cSrcweir 			0x4FAD5EA0L, 0x688FC31CL, 0xD1CFF191L, 0xB3A8C1ADL,
374*cdf0e10cSrcweir 			0x2F2F2218L, 0xBE0E1777L, 0xEA752DFEL, 0x8B021FA1L,
375*cdf0e10cSrcweir 			0xE5A0CC0FL, 0xB56F74E8L, 0x18ACF3D6L, 0xCE89E299L,
376*cdf0e10cSrcweir 			0xB4A84FE0L, 0xFD13E0B7L, 0x7CC43B81L, 0xD2ADA8D9L,
377*cdf0e10cSrcweir 
378*cdf0e10cSrcweir 			/* D */
379*cdf0e10cSrcweir 			0x165FA266L, 0x80957705L, 0x93CC7314L, 0x211A1477L,
380*cdf0e10cSrcweir 			0xE6AD2065L, 0x77B5FA86L, 0xC75442F5L, 0xFB9D35CFL,
381*cdf0e10cSrcweir 			0xEBCDAF0CL, 0x7B3E89A0L, 0xD6411BD3L, 0xAE1E7E49L,
382*cdf0e10cSrcweir 			0x00250E2DL, 0x2071B35EL, 0x226800BBL, 0x57B8E0AFL,
383*cdf0e10cSrcweir 
384*cdf0e10cSrcweir 			/* E */
385*cdf0e10cSrcweir 			0x2464369BL, 0xF009B91EL, 0x5563911DL, 0x59DFA6AAL,
386*cdf0e10cSrcweir 			0x78C14389L, 0xD95A537FL, 0x207D5BA2L, 0x02E5B9C5L,
387*cdf0e10cSrcweir 			0x83260376L, 0x6295CFA9L, 0x11C81968L, 0x4E734A41L,
388*cdf0e10cSrcweir 			0xB3472DCAL, 0x7B14A94AL, 0x1B510052L, 0x9A532915L,
389*cdf0e10cSrcweir 
390*cdf0e10cSrcweir 			/* F */
391*cdf0e10cSrcweir 			0xD60F573FL, 0xBC9BC6E4L, 0x2B60A476L, 0x81E67400L,
392*cdf0e10cSrcweir 			0x08BA6FB5L, 0x571BE91FL, 0xF296EC6BL, 0x2A0DD915L,
393*cdf0e10cSrcweir 			0xB6636521L, 0xE7B9F9B6L, 0xFF34052EL, 0xC5855664L,
394*cdf0e10cSrcweir 			0x53B02D5DL, 0xA99F8FA1L, 0x08BA4799L, 0x6E85076AL
395*cdf0e10cSrcweir 		},
396*cdf0e10cSrcweir 
397*cdf0e10cSrcweir 		/* S[1] */
398*cdf0e10cSrcweir 		{
399*cdf0e10cSrcweir 			0x4B7A70E9L, 0xB5B32944L, 0xDB75092EL, 0xC4192623L,
400*cdf0e10cSrcweir 			0xAD6EA6B0L, 0x49A7DF7DL, 0x9CEE60B8L, 0x8FEDB266L,
401*cdf0e10cSrcweir 			0xECAA8C71L, 0x699A17FFL, 0x5664526CL, 0xC2B19EE1L,
402*cdf0e10cSrcweir 			0x193602A5L, 0x75094C29L, 0xA0591340L, 0xE4183A3EL,
403*cdf0e10cSrcweir 
404*cdf0e10cSrcweir 			0x3F54989AL, 0x5B429D65L, 0x6B8FE4D6L, 0x99F73FD6L,
405*cdf0e10cSrcweir 			0xA1D29C07L, 0xEFE830F5L, 0x4D2D38E6L, 0xF0255DC1L,
406*cdf0e10cSrcweir 			0x4CDD2086L, 0x8470EB26L, 0x6382E9C6L, 0x021ECC5EL,
407*cdf0e10cSrcweir 			0x09686B3FL, 0x3EBAEFC9L, 0x3C971814L, 0x6B6A70A1L,
408*cdf0e10cSrcweir 
409*cdf0e10cSrcweir 			0x687F3584L, 0x52A0E286L, 0xB79C5305L, 0xAA500737L,
410*cdf0e10cSrcweir 			0x3E07841CL, 0x7FDEAE5CL, 0x8E7D44ECL, 0x5716F2B8L,
411*cdf0e10cSrcweir 			0xB03ADA37L, 0xF0500C0DL, 0xF01C1F04L, 0x0200B3FFL,
412*cdf0e10cSrcweir 			0xAE0CF51AL, 0x3CB574B2L, 0x25837A58L, 0xDC0921BDL,
413*cdf0e10cSrcweir 
414*cdf0e10cSrcweir 			0xD19113F9L, 0x7CA92FF6L, 0x94324773L, 0x22F54701L,
415*cdf0e10cSrcweir 			0x3AE5E581L, 0x37C2DADCL, 0xC8B57634L, 0x9AF3DDA7L,
416*cdf0e10cSrcweir 			0xA9446146L, 0x0FD0030EL, 0xECC8C73EL, 0xA4751E41L,
417*cdf0e10cSrcweir 			0xE238CD99L, 0x3BEA0E2FL, 0x3280BBA1L, 0x183EB331L,
418*cdf0e10cSrcweir 
419*cdf0e10cSrcweir 			0x4E548B38L, 0x4F6DB908L, 0x6F420D03L, 0xF60A04BFL,
420*cdf0e10cSrcweir 			0x2CB81290L, 0x24977C79L, 0x5679B072L, 0xBCAF89AFL,
421*cdf0e10cSrcweir 			0xDE9A771FL, 0xD9930810L, 0xB38BAE12L, 0xDCCF3F2EL,
422*cdf0e10cSrcweir 			0x5512721FL, 0x2E6B7124L, 0x501ADDE6L, 0x9F84CD87L,
423*cdf0e10cSrcweir 
424*cdf0e10cSrcweir 			0x7A584718L, 0x7408DA17L, 0xBC9F9ABCL, 0xE94B7D8CL,
425*cdf0e10cSrcweir 			0xEC7AEC3AL, 0xDB851DFAL, 0x63094366L, 0xC464C3D2L,
426*cdf0e10cSrcweir 			0xEF1C1847L, 0x3215D908L, 0xDD433B37L, 0x24C2BA16L,
427*cdf0e10cSrcweir 			0x12A14D43L, 0x2A65C451L, 0x50940002L, 0x133AE4DDL,
428*cdf0e10cSrcweir 
429*cdf0e10cSrcweir 			0x71DFF89EL, 0x10314E55L, 0x81AC77D6L, 0x5F11199BL,
430*cdf0e10cSrcweir 			0x043556F1L, 0xD7A3C76BL, 0x3C11183BL, 0x5924A509L,
431*cdf0e10cSrcweir 			0xF28FE6EDL, 0x97F1FBFAL, 0x9EBABF2CL, 0x1E153C6EL,
432*cdf0e10cSrcweir 			0x86E34570L, 0xEAE96FB1L, 0x860E5E0AL, 0x5A3E2AB3L,
433*cdf0e10cSrcweir 
434*cdf0e10cSrcweir 			0x771FE71CL, 0x4E3D06FAL, 0x2965DCB9L, 0x99E71D0FL,
435*cdf0e10cSrcweir 			0x803E89D6L, 0x5266C825L, 0x2E4CC978L, 0x9C10B36AL,
436*cdf0e10cSrcweir 			0xC6150EBAL, 0x94E2EA78L, 0xA5FC3C53L, 0x1E0A2DF4L,
437*cdf0e10cSrcweir 			0xF2F74EA7L, 0x361D2B3DL, 0x1939260FL, 0x19C27960L,
438*cdf0e10cSrcweir 
439*cdf0e10cSrcweir 			0x5223A708L, 0xF71312B6L, 0xEBADFE6EL, 0xEAC31F66L,
440*cdf0e10cSrcweir 			0xE3BC4595L, 0xA67BC883L, 0xB17F37D1L, 0x018CFF28L,
441*cdf0e10cSrcweir 			0xC332DDEFL, 0xBE6C5AA5L, 0x65582185L, 0x68AB9802L,
442*cdf0e10cSrcweir 			0xEECEA50FL, 0xDB2F953BL, 0x2AEF7DADL, 0x5B6E2F84L,
443*cdf0e10cSrcweir 
444*cdf0e10cSrcweir 			0x1521B628L, 0x29076170L, 0xECDD4775L, 0x619F1510L,
445*cdf0e10cSrcweir 			0x13CCA830L, 0xEB61BD96L, 0x0334FE1EL, 0xAA0363CFL,
446*cdf0e10cSrcweir 			0xB5735C90L, 0x4C70A239L, 0xD59E9E0BL, 0xCBAADE14L,
447*cdf0e10cSrcweir 			0xEECC86BCL, 0x60622CA7L, 0x9CAB5CABL, 0xB2F3846EL,
448*cdf0e10cSrcweir 
449*cdf0e10cSrcweir 			0x648B1EAFL, 0x19BDF0CAL, 0xA02369B9L, 0x655ABB50L,
450*cdf0e10cSrcweir 			0x40685A32L, 0x3C2AB4B3L, 0x319EE9D5L, 0xC021B8F7L,
451*cdf0e10cSrcweir 			0x9B540B19L, 0x875FA099L, 0x95F7997EL, 0x623D7DA8L,
452*cdf0e10cSrcweir 			0xF837889AL, 0x97E32D77L, 0x11ED935FL, 0x16681281L,
453*cdf0e10cSrcweir 
454*cdf0e10cSrcweir 			0x0E358829L, 0xC7E61FD6L, 0x96DEDFA1L, 0x7858BA99L,
455*cdf0e10cSrcweir 			0x57F584A5L, 0x1B227263L, 0x9B83C3FFL, 0x1AC24696L,
456*cdf0e10cSrcweir 			0xCDB30AEBL, 0x532E3054L, 0x8FD948E4L, 0x6DBC3128L,
457*cdf0e10cSrcweir 			0x58EBF2EFL, 0x34C6FFEAL, 0xFE28ED61L, 0xEE7C3C73L,
458*cdf0e10cSrcweir 
459*cdf0e10cSrcweir 			0x5D4A14D9L, 0xE864B7E3L, 0x42105D14L, 0x203E13E0L,
460*cdf0e10cSrcweir 			0x45EEE2B6L, 0xA3AAABEAL, 0xDB6C4F15L, 0xFACB4FD0L,
461*cdf0e10cSrcweir 			0xC742F442L, 0xEF6ABBB5L, 0x654F3B1DL, 0x41CD2105L,
462*cdf0e10cSrcweir 			0xD81E799EL, 0x86854DC7L, 0xE44B476AL, 0x3D816250L,
463*cdf0e10cSrcweir 
464*cdf0e10cSrcweir 			0xCF62A1F2L, 0x5B8D2646L, 0xFC8883A0L, 0xC1C7B6A3L,
465*cdf0e10cSrcweir 			0x7F1524C3L, 0x69CB7492L, 0x47848A0BL, 0x5692B285L,
466*cdf0e10cSrcweir 			0x095BBF00L, 0xAD19489DL, 0x1462B174L, 0x23820E00L,
467*cdf0e10cSrcweir 			0x58428D2AL, 0x0C55F5EAL, 0x1DADF43EL, 0x233F7061L,
468*cdf0e10cSrcweir 
469*cdf0e10cSrcweir 			0x3372F092L, 0x8D937E41L, 0xD65FECF1L, 0x6C223BDBL,
470*cdf0e10cSrcweir 			0x7CDE3759L, 0xCBEE7460L, 0x4085F2A7L, 0xCE77326EL,
471*cdf0e10cSrcweir 			0xA6078084L, 0x19F8509EL, 0xE8EFD855L, 0x61D99735L,
472*cdf0e10cSrcweir 			0xA969A7AAL, 0xC50C06C2L, 0x5A04ABFCL, 0x800BCADCL,
473*cdf0e10cSrcweir 
474*cdf0e10cSrcweir 			0x9E447A2EL, 0xC3453484L, 0xFDD56705L, 0x0E1E9EC9L,
475*cdf0e10cSrcweir 			0xDB73DBD3L, 0x105588CDL, 0x675FDA79L, 0xE3674340L,
476*cdf0e10cSrcweir 			0xC5C43465L, 0x713E38D8L, 0x3D28F89EL, 0xF16DFF20L,
477*cdf0e10cSrcweir 			0x153E21E7L, 0x8FB03D4AL, 0xE6E39F2BL, 0xDB83ADF7L
478*cdf0e10cSrcweir 		},
479*cdf0e10cSrcweir 
480*cdf0e10cSrcweir 		/* S[2] */
481*cdf0e10cSrcweir 		{
482*cdf0e10cSrcweir 			0xE93D5A68L, 0x948140F7L, 0xF64C261CL, 0x94692934L,
483*cdf0e10cSrcweir 			0x411520F7L, 0x7602D4F7L, 0xBCF46B2EL, 0xD4A20068L,
484*cdf0e10cSrcweir 			0xD4082471L, 0x3320F46AL, 0x43B7D4B7L, 0x500061AFL,
485*cdf0e10cSrcweir 			0x1E39F62EL, 0x97244546L, 0x14214F74L, 0xBF8B8840L,
486*cdf0e10cSrcweir 
487*cdf0e10cSrcweir 			0x4D95FC1DL, 0x96B591AFL, 0x70F4DDD3L, 0x66A02F45L,
488*cdf0e10cSrcweir 			0xBFBC09ECL, 0x03BD9785L, 0x7FAC6DD0L, 0x31CB8504L,
489*cdf0e10cSrcweir 			0x96EB27B3L, 0x55FD3941L, 0xDA2547E6L, 0xABCA0A9AL,
490*cdf0e10cSrcweir 			0x28507825L, 0x530429F4L, 0x0A2C86DAL, 0xE9B66DFBL,
491*cdf0e10cSrcweir 
492*cdf0e10cSrcweir 			0x68DC1462L, 0xD7486900L, 0x680EC0A4L, 0x27A18DEEL,
493*cdf0e10cSrcweir 			0x4F3FFEA2L, 0xE887AD8CL, 0xB58CE006L, 0x7AF4D6B6L,
494*cdf0e10cSrcweir 			0xAACE1E7CL, 0xD3375FECL, 0xCE78A399L, 0x406B2A42L,
495*cdf0e10cSrcweir 			0x20FE9E35L, 0xD9F385B9L, 0xEE39D7ABL, 0x3B124E8BL,
496*cdf0e10cSrcweir 
497*cdf0e10cSrcweir 			0x1DC9FAF7L, 0x4B6D1856L, 0x26A36631L, 0xEAE397B2L,
498*cdf0e10cSrcweir 			0x3A6EFA74L, 0xDD5B4332L, 0x6841E7F7L, 0xCA7820FBL,
499*cdf0e10cSrcweir 			0xFB0AF54EL, 0xD8FEB397L, 0x454056ACL, 0xBA489527L,
500*cdf0e10cSrcweir 			0x55533A3AL, 0x20838D87L, 0xFE6BA9B7L, 0xD096954BL,
501*cdf0e10cSrcweir 
502*cdf0e10cSrcweir 			0x55A867BCL, 0xA1159A58L, 0xCCA92963L, 0x99E1DB33L,
503*cdf0e10cSrcweir 			0xA62A4A56L, 0x3F3125F9L, 0x5EF47E1CL, 0x9029317CL,
504*cdf0e10cSrcweir 			0xFDF8E802L, 0x04272F70L, 0x80BB155CL, 0x05282CE3L,
505*cdf0e10cSrcweir 			0x95C11548L, 0xE4C66D22L, 0x48C1133FL, 0xC70F86DCL,
506*cdf0e10cSrcweir 
507*cdf0e10cSrcweir 			0x07F9C9EEL, 0x41041F0FL, 0x404779A4L, 0x5D886E17L,
508*cdf0e10cSrcweir 			0x325F51EBL, 0xD59BC0D1L, 0xF2BCC18FL, 0x41113564L,
509*cdf0e10cSrcweir 			0x257B7834L, 0x602A9C60L, 0xDFF8E8A3L, 0x1F636C1BL,
510*cdf0e10cSrcweir 			0x0E12B4C2L, 0x02E1329EL, 0xAF664FD1L, 0xCAD18115L,
511*cdf0e10cSrcweir 
512*cdf0e10cSrcweir 			0x6B2395E0L, 0x333E92E1L, 0x3B240B62L, 0xEEBEB922L,
513*cdf0e10cSrcweir 			0x85B2A20EL, 0xE6BA0D99L, 0xDE720C8CL, 0x2DA2F728L,
514*cdf0e10cSrcweir 			0xD0127845L, 0x95B794FDL, 0x647D0862L, 0xE7CCF5F0L,
515*cdf0e10cSrcweir 			0x5449A36FL, 0x877D48FAL, 0xC39DFD27L, 0xF33E8D1EL,
516*cdf0e10cSrcweir 
517*cdf0e10cSrcweir 			0x0A476341L, 0x992EFF74L, 0x3A6F6EABL, 0xF4F8FD37L,
518*cdf0e10cSrcweir 			0xA812DC60L, 0xA1EBDDF8L, 0x991BE14CL, 0xDB6E6B0DL,
519*cdf0e10cSrcweir 			0xC67B5510L, 0x6D672C37L, 0x2765D43BL, 0xDCD0E804L,
520*cdf0e10cSrcweir 			0xF1290DC7L, 0xCC00FFA3L, 0xB5390F92L, 0x690FED0BL,
521*cdf0e10cSrcweir 
522*cdf0e10cSrcweir 			0x667B9FFBL, 0xCEDB7D9CL, 0xA091CF0BL, 0xD9155EA3L,
523*cdf0e10cSrcweir 			0xBB132F88L, 0x515BAD24L, 0x7B9479BFL, 0x763BD6EBL,
524*cdf0e10cSrcweir 			0x37392EB3L, 0xCC115979L, 0x8026E297L, 0xF42E312DL,
525*cdf0e10cSrcweir 			0x6842ADA7L, 0xC66A2B3BL, 0x12754CCCL, 0x782EF11CL,
526*cdf0e10cSrcweir 
527*cdf0e10cSrcweir 			0x6A124237L, 0xB79251E7L, 0x06A1BBE6L, 0x4BFB6350L,
528*cdf0e10cSrcweir 			0x1A6B1018L, 0x11CAEDFAL, 0x3D25BDD8L, 0xE2E1C3C9L,
529*cdf0e10cSrcweir 			0x44421659L, 0x0A121386L, 0xD90CEC6EL, 0xD5ABEA2AL,
530*cdf0e10cSrcweir 			0x64AF674EL, 0xDA86A85FL, 0xBEBFE988L, 0x64E4C3FEL,
531*cdf0e10cSrcweir 
532*cdf0e10cSrcweir 			0x9DBC8057L, 0xF0F7C086L, 0x60787BF8L, 0x6003604DL,
533*cdf0e10cSrcweir 			0xD1FD8346L, 0xF6381FB0L, 0x7745AE04L, 0xD736FCCCL,
534*cdf0e10cSrcweir 			0x83426B33L, 0xF01EAB71L, 0xB0804187L, 0x3C005E5FL,
535*cdf0e10cSrcweir 			0x77A057BEL, 0xBDE8AE24L, 0x55464299L, 0xBF582E61L,
536*cdf0e10cSrcweir 
537*cdf0e10cSrcweir 			0x4E58F48FL, 0xF2DDFDA2L, 0xF474EF38L, 0x8789BDC2L,
538*cdf0e10cSrcweir 			0x5366F9C3L, 0xC8B38E74L, 0xB475F255L, 0x46FCD9B9L,
539*cdf0e10cSrcweir 			0x7AEB2661L, 0x8B1DDF84L, 0x846A0E79L, 0x915F95E2L,
540*cdf0e10cSrcweir 			0x466E598EL, 0x20B45770L, 0x8CD55591L, 0xC902DE4CL,
541*cdf0e10cSrcweir 
542*cdf0e10cSrcweir 			0xB90BACE1L, 0xBB8205D0L, 0x11A86248L, 0x7574A99EL,
543*cdf0e10cSrcweir 			0xB77F19B6L, 0xE0A9DC09L, 0x662D09A1L, 0xC4324633L,
544*cdf0e10cSrcweir 			0xE85A1F02L, 0x09F0BE8CL, 0x4A99A025L, 0x1D6EFE10L,
545*cdf0e10cSrcweir 			0x1AB93D1DL, 0x0BA5A4DFL, 0xA186F20FL, 0x2868F169L,
546*cdf0e10cSrcweir 
547*cdf0e10cSrcweir 			0xDCB7DA83L, 0x573906FEL, 0xA1E2CE9BL, 0x4FCD7F52L,
548*cdf0e10cSrcweir 			0x50115E01L, 0xA70683FAL, 0xA002B5C4L, 0x0DE6D027L,
549*cdf0e10cSrcweir 			0x9AF88C27L, 0x773F8641L, 0xC3604C06L, 0x61A806B5L,
550*cdf0e10cSrcweir 			0xF0177A28L, 0xC0F586E0L, 0x006058AAL, 0x30DC7D62L,
551*cdf0e10cSrcweir 
552*cdf0e10cSrcweir 			0x11E69ED7L, 0x2338EA63L, 0x53C2DD94L, 0xC2C21634L,
553*cdf0e10cSrcweir 			0xBBCBEE56L, 0x90BCB6DEL, 0xEBFC7DA1L, 0xCE591D76L,
554*cdf0e10cSrcweir 			0x6F05E409L, 0x4B7C0188L, 0x39720A3DL, 0x7C927C24L,
555*cdf0e10cSrcweir 			0x86E3725FL, 0x724D9DB9L, 0x1AC15BB4L, 0xD39EB8FCL,
556*cdf0e10cSrcweir 
557*cdf0e10cSrcweir 			0xED545578L, 0x08FCA5B5L, 0xD83D7CD3L, 0x4DAD0FC4L,
558*cdf0e10cSrcweir 			0x1E50EF5EL, 0xB161E6F8L, 0xA28514D9L, 0x6C51133CL,
559*cdf0e10cSrcweir 			0x6FD5C7E7L, 0x56E14EC4L, 0x362ABFCEL, 0xDDC6C837L,
560*cdf0e10cSrcweir 			0xD79A3234L, 0x92638212L, 0x670EFA8EL, 0x406000E0L
561*cdf0e10cSrcweir 		},
562*cdf0e10cSrcweir 
563*cdf0e10cSrcweir 		/* S[3] */
564*cdf0e10cSrcweir 		{
565*cdf0e10cSrcweir 			0x3A39CE37L, 0xD3FAF5CFL, 0xABC27737L, 0x5AC52D1BL,
566*cdf0e10cSrcweir 			0x5CB0679EL, 0x4FA33742L, 0xD3822740L, 0x99BC9BBEL,
567*cdf0e10cSrcweir 			0xD5118E9DL, 0xBF0F7315L, 0xD62D1C7EL, 0xC700C47BL,
568*cdf0e10cSrcweir 			0xB78C1B6BL, 0x21A19045L, 0xB26EB1BEL, 0x6A366EB4L,
569*cdf0e10cSrcweir 
570*cdf0e10cSrcweir 			0x5748AB2FL, 0xBC946E79L, 0xC6A376D2L, 0x6549C2C8L,
571*cdf0e10cSrcweir 			0x530FF8EEL, 0x468DDE7DL, 0xD5730A1DL, 0x4CD04DC6L,
572*cdf0e10cSrcweir 			0x2939BBDBL, 0xA9BA4650L, 0xAC9526E8L, 0xBE5EE304L,
573*cdf0e10cSrcweir 			0xA1FAD5F0L, 0x6A2D519AL, 0x63EF8CE2L, 0x9A86EE22L,
574*cdf0e10cSrcweir 
575*cdf0e10cSrcweir 			0xC089C2B8L, 0x43242EF6L, 0xA51E03AAL, 0x9CF2D0A4L,
576*cdf0e10cSrcweir 			0x83C061BAL, 0x9BE96A4DL, 0x8FE51550L, 0xBA645BD6L,
577*cdf0e10cSrcweir 			0x2826A2F9L, 0xA73A3AE1L, 0x4BA99586L, 0xEF5562E9L,
578*cdf0e10cSrcweir 			0xC72FEFD3L, 0xF752F7DAL, 0x3F046F69L, 0x77FA0A59L,
579*cdf0e10cSrcweir 
580*cdf0e10cSrcweir 			0x80E4A915L, 0x87B08601L, 0x9B09E6ADL, 0x3B3EE593L,
581*cdf0e10cSrcweir 			0xE990FD5AL, 0x9E34D797L, 0x2CF0B7D9L, 0x022B8B51L,
582*cdf0e10cSrcweir 			0x96D5AC3AL, 0x017DA67DL, 0xD1CF3ED6L, 0x7C7D2D28L,
583*cdf0e10cSrcweir 			0x1F9F25CFL, 0xADF2B89BL, 0x5AD6B472L, 0x5A88F54CL,
584*cdf0e10cSrcweir 
585*cdf0e10cSrcweir 			0xE029AC71L, 0xE019A5E6L, 0x47B0ACFDL, 0xED93FA9BL,
586*cdf0e10cSrcweir 			0xE8D3C48DL, 0x283B57CCL, 0xF8D56629L, 0x79132E28L,
587*cdf0e10cSrcweir 			0x785F0191L, 0xED756055L, 0xF7960E44L, 0xE3D35E8CL,
588*cdf0e10cSrcweir 			0x15056DD4L, 0x88F46DBAL, 0x03A16125L, 0x0564F0BDL,
589*cdf0e10cSrcweir 
590*cdf0e10cSrcweir 			0xC3EB9E15L, 0x3C9057A2L, 0x97271AECL, 0xA93A072AL,
591*cdf0e10cSrcweir 			0x1B3F6D9BL, 0x1E6321F5L, 0xF59C66FBL, 0x26DCF319L,
592*cdf0e10cSrcweir 			0x7533D928L, 0xB155FDF5L, 0x03563482L, 0x8ABA3CBBL,
593*cdf0e10cSrcweir 			0x28517711L, 0xC20AD9F8L, 0xABCC5167L, 0xCCAD925FL,
594*cdf0e10cSrcweir 
595*cdf0e10cSrcweir 			0x4DE81751L, 0x3830DC8EL, 0x379D5862L, 0x9320F991L,
596*cdf0e10cSrcweir 			0xEA7A90C2L, 0xFB3E7BCEL, 0x5121CE64L, 0x774FBE32L,
597*cdf0e10cSrcweir 			0xA8B6E37EL, 0xC3293D46L, 0x48DE5369L, 0x6413E680L,
598*cdf0e10cSrcweir 			0xA2AE0810L, 0xDD6DB224L, 0x69852DFDL, 0x09072166L,
599*cdf0e10cSrcweir 
600*cdf0e10cSrcweir 			0xB39A460AL, 0x6445C0DDL, 0x586CDECFL, 0x1C20C8AEL,
601*cdf0e10cSrcweir 			0x5BBEF7DDL, 0x1B588D40L, 0xCCD2017FL, 0x6BB4E3BBL,
602*cdf0e10cSrcweir 			0xDDA26A7EL, 0x3A59FF45L, 0x3E350A44L, 0xBCB4CDD5L,
603*cdf0e10cSrcweir 			0x72EACEA8L, 0xFA6484BBL, 0x8D6612AEL, 0xBF3C6F47L,
604*cdf0e10cSrcweir 
605*cdf0e10cSrcweir 			0xD29BE463L, 0x542F5D9EL, 0xAEC2771BL, 0xF64E6370L,
606*cdf0e10cSrcweir 			0x740E0D8DL, 0xE75B1357L, 0xF8721671L, 0xAF537D5DL,
607*cdf0e10cSrcweir 			0x4040CB08L, 0x4EB4E2CCL, 0x34D2466AL, 0x0115AF84L,
608*cdf0e10cSrcweir 			0xE1B00428L, 0x95983A1DL, 0x06B89FB4L, 0xCE6EA048L,
609*cdf0e10cSrcweir 
610*cdf0e10cSrcweir 			0x6F3F3B82L, 0x3520AB82L, 0x011A1D4BL, 0x277227F8L,
611*cdf0e10cSrcweir 			0x611560B1L, 0xE7933FDCL, 0xBB3A792BL, 0x344525BDL,
612*cdf0e10cSrcweir 			0xA08839E1L, 0x51CE794BL, 0x2F32C9B7L, 0xA01FBAC9L,
613*cdf0e10cSrcweir 			0xE01CC87EL, 0xBCC7D1F6L, 0xCF0111C3L, 0xA1E8AAC7L,
614*cdf0e10cSrcweir 
615*cdf0e10cSrcweir 			0x1A908749L, 0xD44FBD9AL, 0xD0DADECBL, 0xD50ADA38L,
616*cdf0e10cSrcweir 			0x0339C32AL, 0xC6913667L, 0x8DF9317CL, 0xE0B12B4FL,
617*cdf0e10cSrcweir 			0xF79E59B7L, 0x43F5BB3AL, 0xF2D519FFL, 0x27D9459CL,
618*cdf0e10cSrcweir 			0xBF97222CL, 0x15E6FC2AL, 0x0F91FC71L, 0x9B941525L,
619*cdf0e10cSrcweir 
620*cdf0e10cSrcweir 			0xFAE59361L, 0xCEB69CEBL, 0xC2A86459L, 0x12BAA8D1L,
621*cdf0e10cSrcweir 			0xB6C1075EL, 0xE3056A0CL, 0x10D25065L, 0xCB03A442L,
622*cdf0e10cSrcweir 			0xE0EC6E0EL, 0x1698DB3BL, 0x4C98A0BEL, 0x3278E964L,
623*cdf0e10cSrcweir 			0x9F1F9532L, 0xE0D392DFL, 0xD3A0342BL, 0x8971F21EL,
624*cdf0e10cSrcweir 
625*cdf0e10cSrcweir 			0x1B0A7441L, 0x4BA3348CL, 0xC5BE7120L, 0xC37632D8L,
626*cdf0e10cSrcweir 			0xDF359F8DL, 0x9B992F2EL, 0xE60B6F47L, 0x0FE3F11DL,
627*cdf0e10cSrcweir 			0xE54CDA54L, 0x1EDAD891L, 0xCE6279CFL, 0xCD3E7E6FL,
628*cdf0e10cSrcweir 			0x1618B166L, 0xFD2C1D05L, 0x848FD2C5L, 0xF6FB2299L,
629*cdf0e10cSrcweir 
630*cdf0e10cSrcweir 			0xF523F357L, 0xA6327623L, 0x93A83531L, 0x56CCCD02L,
631*cdf0e10cSrcweir 			0xACF08162L, 0x5A75EBB5L, 0x6E163697L, 0x88D273CCL,
632*cdf0e10cSrcweir 			0xDE966292L, 0x81B949D0L, 0x4C50901BL, 0x71C65614L,
633*cdf0e10cSrcweir 			0xE6C6C7BDL, 0x327A140AL, 0x45E1D006L, 0xC3F27B9AL,
634*cdf0e10cSrcweir 
635*cdf0e10cSrcweir 			0xC9AA53FDL, 0x62A80F00L, 0xBB25BFE2L, 0x35BDD2F6L,
636*cdf0e10cSrcweir 			0x71126905L, 0xB2040222L, 0xB6CBCF7CL, 0xCD769C2BL,
637*cdf0e10cSrcweir 			0x53113EC0L, 0x1640E3D3L, 0x38ABBD60L, 0x2547ADF0L,
638*cdf0e10cSrcweir 			0xBA38209CL, 0xF746CE76L, 0x77AFA1C5L, 0x20756060L,
639*cdf0e10cSrcweir 
640*cdf0e10cSrcweir 			0x85CBFE4EL, 0x8AE88DD8L, 0x7AAAF9B0L, 0x4CF9AA7EL,
641*cdf0e10cSrcweir 			0x1948C25CL, 0x02FB8A8CL, 0x01C36AE4L, 0xD6EBE1F9L,
642*cdf0e10cSrcweir 			0x90D4F869L, 0xA65CDEA0L, 0x3F09252DL, 0xC208E69FL,
643*cdf0e10cSrcweir 			0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L
644*cdf0e10cSrcweir 		}
645*cdf0e10cSrcweir 	},
646*cdf0e10cSrcweir 
647*cdf0e10cSrcweir 	/* P */
648*cdf0e10cSrcweir 	{
649*cdf0e10cSrcweir 		0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
650*cdf0e10cSrcweir 		0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
651*cdf0e10cSrcweir 		0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
652*cdf0e10cSrcweir 		0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L,
653*cdf0e10cSrcweir 		0x9216D5D9L, 0x8979FB1BL
654*cdf0e10cSrcweir 	}
655*cdf0e10cSrcweir };
656*cdf0e10cSrcweir 
657*cdf0e10cSrcweir /*
658*cdf0e10cSrcweir  * __rtl_cipherBF_init.
659*cdf0e10cSrcweir  */
660*cdf0e10cSrcweir static rtlCipherError __rtl_cipherBF_init (
661*cdf0e10cSrcweir 	CipherContextBF *ctx,
662*cdf0e10cSrcweir 	rtlCipherMode    eMode,
663*cdf0e10cSrcweir 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
664*cdf0e10cSrcweir 	const sal_uInt8 *pArgData, sal_Size nArgLen)
665*cdf0e10cSrcweir {
666*cdf0e10cSrcweir 	CipherKeyBF *key;
667*cdf0e10cSrcweir 	sal_uInt32   D, DL, DR;
668*cdf0e10cSrcweir 	sal_uInt16   i, j, k;
669*cdf0e10cSrcweir 
670*cdf0e10cSrcweir 	key = &(ctx->m_key);
671*cdf0e10cSrcweir 
672*cdf0e10cSrcweir 	rtl_copyMemory (key, &__rtl_cipherBF_key, sizeof (CipherKeyBF));
673*cdf0e10cSrcweir 	rtl_zeroMemory (&(ctx->m_iv), sizeof(ctx->m_iv));
674*cdf0e10cSrcweir 	ctx->m_offset = 0;
675*cdf0e10cSrcweir 
676*cdf0e10cSrcweir 	for (i = 0, k = 0; i < CIPHER_ROUNDS_BF + 2; ++i)
677*cdf0e10cSrcweir 	{
678*cdf0e10cSrcweir 		D = 0;
679*cdf0e10cSrcweir 		for (j = 0; j < 4; ++j)
680*cdf0e10cSrcweir 		{
681*cdf0e10cSrcweir 			D = ((D << 8) | pKeyData[k]);
682*cdf0e10cSrcweir 			k++;
683*cdf0e10cSrcweir 			if (k >= nKeyLen)
684*cdf0e10cSrcweir 				k = 0;
685*cdf0e10cSrcweir 		}
686*cdf0e10cSrcweir 		key->m_P[i] ^= D;
687*cdf0e10cSrcweir 	}
688*cdf0e10cSrcweir 
689*cdf0e10cSrcweir 	DL = 0;
690*cdf0e10cSrcweir 	DR = 0;
691*cdf0e10cSrcweir 
692*cdf0e10cSrcweir 	for (i = 0; i < CIPHER_ROUNDS_BF + 2; i += 2)
693*cdf0e10cSrcweir 	{
694*cdf0e10cSrcweir 		__rtl_cipherBF_encode (key, &DL, &DR);
695*cdf0e10cSrcweir 		key->m_P[i    ] = DL;
696*cdf0e10cSrcweir 		key->m_P[i + 1] = DR;
697*cdf0e10cSrcweir 	}
698*cdf0e10cSrcweir 
699*cdf0e10cSrcweir 	for (i = 0; i < 4; ++i)
700*cdf0e10cSrcweir 	{
701*cdf0e10cSrcweir 		for (k = 0; k < 256; k += 2)
702*cdf0e10cSrcweir 		{
703*cdf0e10cSrcweir 			__rtl_cipherBF_encode (key, &DL, &DR);
704*cdf0e10cSrcweir 			key->m_S[i][k    ] = DL;
705*cdf0e10cSrcweir 			key->m_S[i][k + 1] = DR;
706*cdf0e10cSrcweir 		}
707*cdf0e10cSrcweir 	}
708*cdf0e10cSrcweir 
709*cdf0e10cSrcweir 	if (pArgData && nArgLen)
710*cdf0e10cSrcweir 	{
711*cdf0e10cSrcweir 		nArgLen = ((nArgLen < 8) ? nArgLen : 8);
712*cdf0e10cSrcweir 		if (eMode == rtl_Cipher_ModeStream)
713*cdf0e10cSrcweir 		{
714*cdf0e10cSrcweir 			rtl_copyMemory (ctx->m_iv.m_byte, pArgData, nArgLen);
715*cdf0e10cSrcweir 		}
716*cdf0e10cSrcweir 		else
717*cdf0e10cSrcweir 		{
718*cdf0e10cSrcweir 			RTL_CIPHER_NTOHL64 (pArgData, DL, DR, nArgLen);
719*cdf0e10cSrcweir 			ctx->m_iv.m_long[0] = DL;
720*cdf0e10cSrcweir 			ctx->m_iv.m_long[1] = DR;
721*cdf0e10cSrcweir 		}
722*cdf0e10cSrcweir 	}
723*cdf0e10cSrcweir 
724*cdf0e10cSrcweir 	D = DL = DR = 0;
725*cdf0e10cSrcweir 	return rtl_Cipher_E_None;
726*cdf0e10cSrcweir }
727*cdf0e10cSrcweir 
728*cdf0e10cSrcweir /*
729*cdf0e10cSrcweir  * __rtl_cipherBF_update.
730*cdf0e10cSrcweir  */
731*cdf0e10cSrcweir static rtlCipherError __rtl_cipherBF_update (
732*cdf0e10cSrcweir 	CipherContextBF    *ctx,
733*cdf0e10cSrcweir 	rtlCipherMode       eMode,
734*cdf0e10cSrcweir 	rtlCipherDirection  eDirection,
735*cdf0e10cSrcweir 	const sal_uInt8    *pData,   sal_Size nDatLen,
736*cdf0e10cSrcweir 	sal_uInt8          *pBuffer, sal_Size nBufLen)
737*cdf0e10cSrcweir {
738*cdf0e10cSrcweir 	/* Check arguments. */
739*cdf0e10cSrcweir 	if ((pData == NULL) || (pBuffer == NULL))
740*cdf0e10cSrcweir 		return rtl_Cipher_E_Argument;
741*cdf0e10cSrcweir 
742*cdf0e10cSrcweir 	if (!((0 < nDatLen) && (nDatLen <= nBufLen)))
743*cdf0e10cSrcweir 		return rtl_Cipher_E_BufferSize;
744*cdf0e10cSrcweir 
745*cdf0e10cSrcweir 	/* Update. */
746*cdf0e10cSrcweir 	if (eMode == rtl_Cipher_ModeECB)
747*cdf0e10cSrcweir 	{
748*cdf0e10cSrcweir 		/* Block mode. */
749*cdf0e10cSrcweir 		while (nDatLen > 8)
750*cdf0e10cSrcweir 		{
751*cdf0e10cSrcweir 			__rtl_cipherBF_updateECB (ctx, eDirection, pData, pBuffer, 8);
752*cdf0e10cSrcweir 			nDatLen -= 8;
753*cdf0e10cSrcweir 			pData   += 8;
754*cdf0e10cSrcweir 			pBuffer += 8;
755*cdf0e10cSrcweir 		}
756*cdf0e10cSrcweir 		__rtl_cipherBF_updateECB (ctx, eDirection, pData, pBuffer, nDatLen);
757*cdf0e10cSrcweir 	}
758*cdf0e10cSrcweir 	else if (eMode == rtl_Cipher_ModeCBC)
759*cdf0e10cSrcweir 	{
760*cdf0e10cSrcweir 		/* Block mode. */
761*cdf0e10cSrcweir 		while (nDatLen > 8)
762*cdf0e10cSrcweir 		{
763*cdf0e10cSrcweir 			__rtl_cipherBF_updateCBC (ctx, eDirection, pData, pBuffer, 8);
764*cdf0e10cSrcweir 			nDatLen -= 8;
765*cdf0e10cSrcweir 			pData   += 8;
766*cdf0e10cSrcweir 			pBuffer += 8;
767*cdf0e10cSrcweir 		}
768*cdf0e10cSrcweir 		__rtl_cipherBF_updateCBC (ctx, eDirection, pData, pBuffer, nDatLen);
769*cdf0e10cSrcweir 	}
770*cdf0e10cSrcweir 	else
771*cdf0e10cSrcweir 	{
772*cdf0e10cSrcweir 		/* Stream mode. */
773*cdf0e10cSrcweir 		while (nDatLen > 0)
774*cdf0e10cSrcweir 		{
775*cdf0e10cSrcweir 			__rtl_cipherBF_updateCFB (ctx, eDirection, pData, pBuffer);
776*cdf0e10cSrcweir 			nDatLen -= 1;
777*cdf0e10cSrcweir 			pData   += 1;
778*cdf0e10cSrcweir 			pBuffer += 1;
779*cdf0e10cSrcweir 		}
780*cdf0e10cSrcweir 	}
781*cdf0e10cSrcweir 	return rtl_Cipher_E_None;
782*cdf0e10cSrcweir }
783*cdf0e10cSrcweir 
784*cdf0e10cSrcweir /*
785*cdf0e10cSrcweir  * __rtl_cipherBF_updateECB.
786*cdf0e10cSrcweir  */
787*cdf0e10cSrcweir static void __rtl_cipherBF_updateECB (
788*cdf0e10cSrcweir 	CipherContextBF    *ctx,
789*cdf0e10cSrcweir 	rtlCipherDirection  direction,
790*cdf0e10cSrcweir 	const sal_uInt8    *pData,
791*cdf0e10cSrcweir 	sal_uInt8          *pBuffer,
792*cdf0e10cSrcweir 	sal_Size            nLength)
793*cdf0e10cSrcweir {
794*cdf0e10cSrcweir 	CipherKeyBF *key;
795*cdf0e10cSrcweir 	sal_uInt32   DL, DR;
796*cdf0e10cSrcweir 
797*cdf0e10cSrcweir 	key = &(ctx->m_key);
798*cdf0e10cSrcweir 	if (direction == rtl_Cipher_DirectionEncode)
799*cdf0e10cSrcweir 	{
800*cdf0e10cSrcweir 		RTL_CIPHER_NTOHL64(pData, DL, DR, nLength);
801*cdf0e10cSrcweir 
802*cdf0e10cSrcweir 		__rtl_cipherBF_encode (key, &DL, &DR);
803*cdf0e10cSrcweir 
804*cdf0e10cSrcweir 		RTL_CIPHER_HTONL(DL, pBuffer);
805*cdf0e10cSrcweir 		RTL_CIPHER_HTONL(DR, pBuffer);
806*cdf0e10cSrcweir 	}
807*cdf0e10cSrcweir 	else
808*cdf0e10cSrcweir 	{
809*cdf0e10cSrcweir 		RTL_CIPHER_NTOHL(pData, DL);
810*cdf0e10cSrcweir 		RTL_CIPHER_NTOHL(pData, DR);
811*cdf0e10cSrcweir 
812*cdf0e10cSrcweir 		__rtl_cipherBF_decode (key, &DL, &DR);
813*cdf0e10cSrcweir 
814*cdf0e10cSrcweir 		RTL_CIPHER_HTONL64(DL, DR, pBuffer, nLength);
815*cdf0e10cSrcweir 	}
816*cdf0e10cSrcweir 	DL = DR = 0;
817*cdf0e10cSrcweir }
818*cdf0e10cSrcweir 
819*cdf0e10cSrcweir /*
820*cdf0e10cSrcweir  * __rtl_cipherBF_updateCBC.
821*cdf0e10cSrcweir  */
822*cdf0e10cSrcweir static void __rtl_cipherBF_updateCBC (
823*cdf0e10cSrcweir 	CipherContextBF    *ctx,
824*cdf0e10cSrcweir 	rtlCipherDirection  direction,
825*cdf0e10cSrcweir 	const sal_uInt8    *pData,
826*cdf0e10cSrcweir 	sal_uInt8          *pBuffer,
827*cdf0e10cSrcweir 	sal_Size            nLength)
828*cdf0e10cSrcweir {
829*cdf0e10cSrcweir 	CipherKeyBF *key;
830*cdf0e10cSrcweir 	sal_uInt32   DL, DR;
831*cdf0e10cSrcweir 
832*cdf0e10cSrcweir 	key = &(ctx->m_key);
833*cdf0e10cSrcweir 	if (direction == rtl_Cipher_DirectionEncode)
834*cdf0e10cSrcweir 	{
835*cdf0e10cSrcweir 		RTL_CIPHER_NTOHL64(pData, DL, DR, nLength);
836*cdf0e10cSrcweir 
837*cdf0e10cSrcweir 		DL ^= ctx->m_iv.m_long[0];
838*cdf0e10cSrcweir 		DR ^= ctx->m_iv.m_long[1];
839*cdf0e10cSrcweir 
840*cdf0e10cSrcweir 		__rtl_cipherBF_encode (key, &DL, &DR);
841*cdf0e10cSrcweir 
842*cdf0e10cSrcweir 		ctx->m_iv.m_long[0] = DL;
843*cdf0e10cSrcweir 		ctx->m_iv.m_long[1] = DR;
844*cdf0e10cSrcweir 
845*cdf0e10cSrcweir 		RTL_CIPHER_HTONL(DL, pBuffer);
846*cdf0e10cSrcweir 		RTL_CIPHER_HTONL(DR, pBuffer);
847*cdf0e10cSrcweir 	}
848*cdf0e10cSrcweir 	else
849*cdf0e10cSrcweir 	{
850*cdf0e10cSrcweir 		sal_uInt32 IVL, IVR;
851*cdf0e10cSrcweir 
852*cdf0e10cSrcweir 		RTL_CIPHER_NTOHL(pData, DL);
853*cdf0e10cSrcweir 		RTL_CIPHER_NTOHL(pData, DR);
854*cdf0e10cSrcweir 
855*cdf0e10cSrcweir 		IVL = DL;
856*cdf0e10cSrcweir 		IVR = DR;
857*cdf0e10cSrcweir 
858*cdf0e10cSrcweir 		__rtl_cipherBF_decode (key, &DL, &DR);
859*cdf0e10cSrcweir 
860*cdf0e10cSrcweir 		DL ^= ctx->m_iv.m_long[0];
861*cdf0e10cSrcweir 		DR ^= ctx->m_iv.m_long[1];
862*cdf0e10cSrcweir 
863*cdf0e10cSrcweir 		ctx->m_iv.m_long[0] = IVL;
864*cdf0e10cSrcweir 		ctx->m_iv.m_long[1] = IVR;
865*cdf0e10cSrcweir 
866*cdf0e10cSrcweir 		RTL_CIPHER_HTONL64(DL, DR, pBuffer, nLength);
867*cdf0e10cSrcweir 		IVL = IVR = 0;
868*cdf0e10cSrcweir 	}
869*cdf0e10cSrcweir 	DL = DR = 0;
870*cdf0e10cSrcweir }
871*cdf0e10cSrcweir 
872*cdf0e10cSrcweir /*
873*cdf0e10cSrcweir  * __rtl_cipherBF_updateCFB.
874*cdf0e10cSrcweir  */
875*cdf0e10cSrcweir static void __rtl_cipherBF_updateCFB (
876*cdf0e10cSrcweir 	CipherContextBF    *ctx,
877*cdf0e10cSrcweir 	rtlCipherDirection  direction,
878*cdf0e10cSrcweir 	const sal_uInt8    *pData,
879*cdf0e10cSrcweir 	sal_uInt8          *pBuffer)
880*cdf0e10cSrcweir {
881*cdf0e10cSrcweir 	sal_uInt8  *iv;
882*cdf0e10cSrcweir 	sal_uInt32  k;
883*cdf0e10cSrcweir 
884*cdf0e10cSrcweir 	iv = ctx->m_iv.m_byte;
885*cdf0e10cSrcweir 	k  = ctx->m_offset;
886*cdf0e10cSrcweir 
887*cdf0e10cSrcweir 	if (k == 0)
888*cdf0e10cSrcweir 	{
889*cdf0e10cSrcweir 		sal_uInt32 IVL, IVR;
890*cdf0e10cSrcweir 
891*cdf0e10cSrcweir 		RTL_CIPHER_NTOHL64(iv, IVL, IVR, 8);
892*cdf0e10cSrcweir 		__rtl_cipherBF_encode (&(ctx->m_key), &IVL, &IVR);
893*cdf0e10cSrcweir 		RTL_CIPHER_HTONL64(IVL, IVR, iv, 8);
894*cdf0e10cSrcweir 
895*cdf0e10cSrcweir 		IVL = IVR = 0;
896*cdf0e10cSrcweir 	}
897*cdf0e10cSrcweir 
898*cdf0e10cSrcweir 	if (direction == rtl_Cipher_DirectionEncode)
899*cdf0e10cSrcweir 	{
900*cdf0e10cSrcweir 		iv[k] ^= *pData;
901*cdf0e10cSrcweir 		*pBuffer = iv[k];
902*cdf0e10cSrcweir 	}
903*cdf0e10cSrcweir 	else
904*cdf0e10cSrcweir 	{
905*cdf0e10cSrcweir 		sal_uInt8 c = iv[k];
906*cdf0e10cSrcweir 		iv[k] = *pData;
907*cdf0e10cSrcweir 		*pBuffer = *pData ^ c;
908*cdf0e10cSrcweir 		c = 0;
909*cdf0e10cSrcweir 	}
910*cdf0e10cSrcweir 
911*cdf0e10cSrcweir 	ctx->m_offset = ((k + 1) & 0x07);
912*cdf0e10cSrcweir 	iv = NULL;
913*cdf0e10cSrcweir }
914*cdf0e10cSrcweir 
915*cdf0e10cSrcweir /*
916*cdf0e10cSrcweir  * __rtl_cipherBF_encode.
917*cdf0e10cSrcweir  */
918*cdf0e10cSrcweir static void __rtl_cipherBF_encode (
919*cdf0e10cSrcweir 	CipherKeyBF *key, sal_uInt32 *xl, sal_uInt32 *xr)
920*cdf0e10cSrcweir {
921*cdf0e10cSrcweir 	sal_uInt32  t, XL, XR;
922*cdf0e10cSrcweir 	sal_uInt16  i;
923*cdf0e10cSrcweir 
924*cdf0e10cSrcweir 	XL = *xl;
925*cdf0e10cSrcweir 	XR = *xr;
926*cdf0e10cSrcweir 
927*cdf0e10cSrcweir 	for (i = 0; i < CIPHER_ROUNDS_BF; ++i)
928*cdf0e10cSrcweir 	{
929*cdf0e10cSrcweir 		XL ^= key->m_P[i];
930*cdf0e10cSrcweir 		XR ^= __rtl_cipherBF (key, XL);
931*cdf0e10cSrcweir 
932*cdf0e10cSrcweir 		t  = XL;
933*cdf0e10cSrcweir 		XL = XR;
934*cdf0e10cSrcweir 		XR = t;
935*cdf0e10cSrcweir 	}
936*cdf0e10cSrcweir 
937*cdf0e10cSrcweir 	t  = XL;
938*cdf0e10cSrcweir 	XL = XR;
939*cdf0e10cSrcweir 	XR = t;
940*cdf0e10cSrcweir 
941*cdf0e10cSrcweir 	XR ^= key->m_P[CIPHER_ROUNDS_BF    ];
942*cdf0e10cSrcweir 	XL ^= key->m_P[CIPHER_ROUNDS_BF + 1];
943*cdf0e10cSrcweir 
944*cdf0e10cSrcweir 	*xl = XL;
945*cdf0e10cSrcweir 	*xr = XR;
946*cdf0e10cSrcweir 
947*cdf0e10cSrcweir 	t = XL = XR = 0;
948*cdf0e10cSrcweir }
949*cdf0e10cSrcweir 
950*cdf0e10cSrcweir /*
951*cdf0e10cSrcweir  * __rtl_cipherBF_decode.
952*cdf0e10cSrcweir  */
953*cdf0e10cSrcweir static void __rtl_cipherBF_decode (
954*cdf0e10cSrcweir 	CipherKeyBF *key, sal_uInt32 *xl, sal_uInt32 *xr)
955*cdf0e10cSrcweir {
956*cdf0e10cSrcweir 	sal_uInt32  t, XL, XR;
957*cdf0e10cSrcweir 	sal_uInt16  i;
958*cdf0e10cSrcweir 
959*cdf0e10cSrcweir 	XL = *xl;
960*cdf0e10cSrcweir 	XR = *xr;
961*cdf0e10cSrcweir 
962*cdf0e10cSrcweir 	for (i = CIPHER_ROUNDS_BF + 1; i > 1; --i)
963*cdf0e10cSrcweir 	{
964*cdf0e10cSrcweir 		XL ^= key->m_P[i];
965*cdf0e10cSrcweir 		XR ^= __rtl_cipherBF (key, XL);
966*cdf0e10cSrcweir 
967*cdf0e10cSrcweir 		t  = XL;
968*cdf0e10cSrcweir 		XL = XR;
969*cdf0e10cSrcweir 		XR = t;
970*cdf0e10cSrcweir 	}
971*cdf0e10cSrcweir 
972*cdf0e10cSrcweir 	t  = XL;
973*cdf0e10cSrcweir 	XL = XR;
974*cdf0e10cSrcweir 	XR = t;
975*cdf0e10cSrcweir 
976*cdf0e10cSrcweir 	XR ^= key->m_P[1];
977*cdf0e10cSrcweir 	XL ^= key->m_P[0];
978*cdf0e10cSrcweir 
979*cdf0e10cSrcweir 	*xl = XL;
980*cdf0e10cSrcweir 	*xr = XR;
981*cdf0e10cSrcweir 
982*cdf0e10cSrcweir 	t = XL = XR = 0;
983*cdf0e10cSrcweir }
984*cdf0e10cSrcweir 
985*cdf0e10cSrcweir /*
986*cdf0e10cSrcweir  * __rtl_cipherBF.
987*cdf0e10cSrcweir  */
988*cdf0e10cSrcweir static sal_uInt32 __rtl_cipherBF (CipherKeyBF *key, sal_uInt32 x)
989*cdf0e10cSrcweir {
990*cdf0e10cSrcweir 	sal_uInt16 a, b, c, d;
991*cdf0e10cSrcweir 	sal_uInt32 y;
992*cdf0e10cSrcweir 
993*cdf0e10cSrcweir 	d = (sal_uInt16)(x & 0x00ff);
994*cdf0e10cSrcweir 	x >>= 8;
995*cdf0e10cSrcweir 	c = (sal_uInt16)(x & 0x00ff);
996*cdf0e10cSrcweir 	x >>= 8;
997*cdf0e10cSrcweir 	b = (sal_uInt16)(x & 0x00ff);
998*cdf0e10cSrcweir 	x >>= 8;
999*cdf0e10cSrcweir 	a = (sal_uInt16)(x & 0x00ff);
1000*cdf0e10cSrcweir 
1001*cdf0e10cSrcweir 	y  = key->m_S[0][a];
1002*cdf0e10cSrcweir 	y += key->m_S[1][b];
1003*cdf0e10cSrcweir 	y ^= key->m_S[2][c];
1004*cdf0e10cSrcweir 	y += key->m_S[3][d];
1005*cdf0e10cSrcweir 
1006*cdf0e10cSrcweir 	return y;
1007*cdf0e10cSrcweir }
1008*cdf0e10cSrcweir 
1009*cdf0e10cSrcweir /*========================================================================
1010*cdf0e10cSrcweir  *
1011*cdf0e10cSrcweir  * rtl_cipherBF (Blowfish) implementation.
1012*cdf0e10cSrcweir  *
1013*cdf0e10cSrcweir  * Reference:
1014*cdf0e10cSrcweir  *   Bruce Schneier: Applied Cryptography, 2nd edition, ch. 14.3
1015*cdf0e10cSrcweir  *
1016*cdf0e10cSrcweir  *======================================================================*/
1017*cdf0e10cSrcweir /*
1018*cdf0e10cSrcweir  * rtl_cipher_createBF.
1019*cdf0e10cSrcweir  */
1020*cdf0e10cSrcweir rtlCipher SAL_CALL rtl_cipher_createBF (rtlCipherMode Mode)
1021*cdf0e10cSrcweir {
1022*cdf0e10cSrcweir 	CipherBF_Impl *pImpl = (CipherBF_Impl*)NULL;
1023*cdf0e10cSrcweir 
1024*cdf0e10cSrcweir 	if (Mode == rtl_Cipher_ModeInvalid)
1025*cdf0e10cSrcweir 		return ((rtlCipher)NULL);
1026*cdf0e10cSrcweir 
1027*cdf0e10cSrcweir 	pImpl = ((CipherBF_Impl*)rtl_allocateZeroMemory (sizeof (CipherBF_Impl)));
1028*cdf0e10cSrcweir 	if (pImpl)
1029*cdf0e10cSrcweir 	{
1030*cdf0e10cSrcweir 		pImpl->m_cipher.m_algorithm = rtl_Cipher_AlgorithmBF;
1031*cdf0e10cSrcweir 		pImpl->m_cipher.m_direction = rtl_Cipher_DirectionInvalid;
1032*cdf0e10cSrcweir 		pImpl->m_cipher.m_mode      = Mode;
1033*cdf0e10cSrcweir 
1034*cdf0e10cSrcweir 		pImpl->m_cipher.m_init      = rtl_cipher_initBF;
1035*cdf0e10cSrcweir 		pImpl->m_cipher.m_encode    = rtl_cipher_encodeBF;
1036*cdf0e10cSrcweir 		pImpl->m_cipher.m_decode    = rtl_cipher_decodeBF;
1037*cdf0e10cSrcweir 		pImpl->m_cipher.m_delete    = rtl_cipher_destroyBF;
1038*cdf0e10cSrcweir 	}
1039*cdf0e10cSrcweir 	return ((rtlCipher)pImpl);
1040*cdf0e10cSrcweir }
1041*cdf0e10cSrcweir 
1042*cdf0e10cSrcweir /*
1043*cdf0e10cSrcweir  * rtl_cipher_initBF.
1044*cdf0e10cSrcweir  */
1045*cdf0e10cSrcweir rtlCipherError SAL_CALL rtl_cipher_initBF (
1046*cdf0e10cSrcweir 	rtlCipher          Cipher,
1047*cdf0e10cSrcweir 	rtlCipherDirection Direction,
1048*cdf0e10cSrcweir 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
1049*cdf0e10cSrcweir 	const sal_uInt8 *pArgData, sal_Size nArgLen)
1050*cdf0e10cSrcweir {
1051*cdf0e10cSrcweir 	CipherBF_Impl *pImpl = (CipherBF_Impl*)Cipher;
1052*cdf0e10cSrcweir 
1053*cdf0e10cSrcweir 	if ((pImpl == NULL) || (pKeyData == NULL))
1054*cdf0e10cSrcweir 		return rtl_Cipher_E_Argument;
1055*cdf0e10cSrcweir 
1056*cdf0e10cSrcweir 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmBF))
1057*cdf0e10cSrcweir 		return rtl_Cipher_E_Algorithm;
1058*cdf0e10cSrcweir 
1059*cdf0e10cSrcweir 	if (!(Direction == rtl_Cipher_DirectionInvalid))
1060*cdf0e10cSrcweir 		pImpl->m_cipher.m_direction = Direction;
1061*cdf0e10cSrcweir 	else
1062*cdf0e10cSrcweir 		return rtl_Cipher_E_Direction;
1063*cdf0e10cSrcweir 
1064*cdf0e10cSrcweir 	return __rtl_cipherBF_init (
1065*cdf0e10cSrcweir 		&(pImpl->m_context), pImpl->m_cipher.m_mode,
1066*cdf0e10cSrcweir 		pKeyData, nKeyLen, pArgData, nArgLen);
1067*cdf0e10cSrcweir }
1068*cdf0e10cSrcweir 
1069*cdf0e10cSrcweir /*
1070*cdf0e10cSrcweir  * rtl_cipher_encodeBF.
1071*cdf0e10cSrcweir  */
1072*cdf0e10cSrcweir rtlCipherError SAL_CALL rtl_cipher_encodeBF (
1073*cdf0e10cSrcweir 	rtlCipher   Cipher,
1074*cdf0e10cSrcweir 	const void *pData,   sal_Size nDatLen,
1075*cdf0e10cSrcweir 	sal_uInt8  *pBuffer, sal_Size nBufLen)
1076*cdf0e10cSrcweir {
1077*cdf0e10cSrcweir 	CipherBF_Impl *pImpl = (CipherBF_Impl*)Cipher;
1078*cdf0e10cSrcweir 	if (pImpl == NULL)
1079*cdf0e10cSrcweir 		return rtl_Cipher_E_Argument;
1080*cdf0e10cSrcweir 
1081*cdf0e10cSrcweir 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmBF))
1082*cdf0e10cSrcweir 		return rtl_Cipher_E_Algorithm;
1083*cdf0e10cSrcweir 
1084*cdf0e10cSrcweir 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionInvalid)
1085*cdf0e10cSrcweir 		return rtl_Cipher_E_Direction;
1086*cdf0e10cSrcweir 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionDecode)
1087*cdf0e10cSrcweir 		return rtl_Cipher_E_Direction;
1088*cdf0e10cSrcweir 
1089*cdf0e10cSrcweir 	return __rtl_cipherBF_update (
1090*cdf0e10cSrcweir 		&(pImpl->m_context), pImpl->m_cipher.m_mode,
1091*cdf0e10cSrcweir 		rtl_Cipher_DirectionEncode,
1092*cdf0e10cSrcweir 		(const sal_uInt8*)pData, nDatLen, pBuffer, nBufLen);
1093*cdf0e10cSrcweir }
1094*cdf0e10cSrcweir 
1095*cdf0e10cSrcweir /*
1096*cdf0e10cSrcweir  * rtl_cipher_decodeBF.
1097*cdf0e10cSrcweir  */
1098*cdf0e10cSrcweir rtlCipherError SAL_CALL rtl_cipher_decodeBF (
1099*cdf0e10cSrcweir 	rtlCipher   Cipher,
1100*cdf0e10cSrcweir 	const void *pData,   sal_Size nDatLen,
1101*cdf0e10cSrcweir 	sal_uInt8  *pBuffer, sal_Size nBufLen)
1102*cdf0e10cSrcweir {
1103*cdf0e10cSrcweir 	CipherBF_Impl *pImpl = (CipherBF_Impl*)Cipher;
1104*cdf0e10cSrcweir 	if (pImpl == NULL)
1105*cdf0e10cSrcweir 		return rtl_Cipher_E_Argument;
1106*cdf0e10cSrcweir 
1107*cdf0e10cSrcweir 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmBF))
1108*cdf0e10cSrcweir 		return rtl_Cipher_E_Algorithm;
1109*cdf0e10cSrcweir 
1110*cdf0e10cSrcweir 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionInvalid)
1111*cdf0e10cSrcweir 		return rtl_Cipher_E_Direction;
1112*cdf0e10cSrcweir 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionEncode)
1113*cdf0e10cSrcweir 		return rtl_Cipher_E_Direction;
1114*cdf0e10cSrcweir 
1115*cdf0e10cSrcweir 	return __rtl_cipherBF_update (
1116*cdf0e10cSrcweir 		&(pImpl->m_context), pImpl->m_cipher.m_mode,
1117*cdf0e10cSrcweir 		rtl_Cipher_DirectionDecode,
1118*cdf0e10cSrcweir 		(const sal_uInt8*)pData, nDatLen, pBuffer, nBufLen);
1119*cdf0e10cSrcweir }
1120*cdf0e10cSrcweir 
1121*cdf0e10cSrcweir /*
1122*cdf0e10cSrcweir  * rtl_cipher_destroyBF.
1123*cdf0e10cSrcweir  */
1124*cdf0e10cSrcweir void SAL_CALL rtl_cipher_destroyBF (rtlCipher Cipher)
1125*cdf0e10cSrcweir {
1126*cdf0e10cSrcweir 	CipherBF_Impl *pImpl = (CipherBF_Impl*)Cipher;
1127*cdf0e10cSrcweir 	if (pImpl)
1128*cdf0e10cSrcweir 	{
1129*cdf0e10cSrcweir 		if (pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmBF)
1130*cdf0e10cSrcweir 			rtl_freeZeroMemory (pImpl, sizeof (CipherBF_Impl));
1131*cdf0e10cSrcweir 		else
1132*cdf0e10cSrcweir 			rtl_freeMemory (pImpl);
1133*cdf0e10cSrcweir 	}
1134*cdf0e10cSrcweir }
1135*cdf0e10cSrcweir 
1136*cdf0e10cSrcweir /*========================================================================
1137*cdf0e10cSrcweir  *
1138*cdf0e10cSrcweir  * rtl_cipher_ARCFOUR (RC4) internals.
1139*cdf0e10cSrcweir  *
1140*cdf0e10cSrcweir  *======================================================================*/
1141*cdf0e10cSrcweir #define CIPHER_CBLOCK_ARCFOUR 256
1142*cdf0e10cSrcweir 
1143*cdf0e10cSrcweir typedef struct cipherARCFOUR_context_st
1144*cdf0e10cSrcweir {
1145*cdf0e10cSrcweir 	unsigned int m_S[CIPHER_CBLOCK_ARCFOUR];
1146*cdf0e10cSrcweir 	unsigned int m_X, m_Y;
1147*cdf0e10cSrcweir } ContextARCFOUR_Impl;
1148*cdf0e10cSrcweir 
1149*cdf0e10cSrcweir typedef struct cipherARCFOUR_impl_st
1150*cdf0e10cSrcweir {
1151*cdf0e10cSrcweir 	Cipher_Impl         m_cipher;
1152*cdf0e10cSrcweir 	ContextARCFOUR_Impl m_context;
1153*cdf0e10cSrcweir } CipherARCFOUR_Impl;
1154*cdf0e10cSrcweir 
1155*cdf0e10cSrcweir /** rtl_cipherARCFOUR_update_Impl.
1156*cdf0e10cSrcweir  */
1157*cdf0e10cSrcweir static rtlCipherError rtl_cipherARCFOUR_update_Impl (
1158*cdf0e10cSrcweir 	ContextARCFOUR_Impl *ctx,
1159*cdf0e10cSrcweir 	const sal_uInt8     *pData,   sal_Size nDatLen,
1160*cdf0e10cSrcweir 	sal_uInt8           *pBuffer, sal_Size nBufLen);
1161*cdf0e10cSrcweir 
1162*cdf0e10cSrcweir /*
1163*cdf0e10cSrcweir  * rtl_cipherARCFOUR_init_Impl.
1164*cdf0e10cSrcweir  */
1165*cdf0e10cSrcweir static rtlCipherError rtl_cipherARCFOUR_init_Impl (
1166*cdf0e10cSrcweir 	ContextARCFOUR_Impl *ctx,
1167*cdf0e10cSrcweir 	const sal_uInt8     *pKeyData, sal_Size nKeyLen)
1168*cdf0e10cSrcweir {
1169*cdf0e10cSrcweir 	unsigned int  K[CIPHER_CBLOCK_ARCFOUR];
1170*cdf0e10cSrcweir 	unsigned int *L, *S;
1171*cdf0e10cSrcweir 	unsigned int  x, y, t;
1172*cdf0e10cSrcweir 	sal_Size      n, k;
1173*cdf0e10cSrcweir 
1174*cdf0e10cSrcweir 	S = &(ctx->m_S[0]);
1175*cdf0e10cSrcweir 
1176*cdf0e10cSrcweir 	/* Initialize S linearly. */
1177*cdf0e10cSrcweir 	for (x = 0; x < CIPHER_CBLOCK_ARCFOUR; x++)
1178*cdf0e10cSrcweir 		S[x] = x;
1179*cdf0e10cSrcweir 
1180*cdf0e10cSrcweir 	/* Initialize K with key, repeat key as necessary. */
1181*cdf0e10cSrcweir 	for (L = K, n = CIPHER_CBLOCK_ARCFOUR; n > nKeyLen; n -= nKeyLen)
1182*cdf0e10cSrcweir 	{
1183*cdf0e10cSrcweir 		for (k = 0; k < nKeyLen; k++) L[k] = pKeyData[k];
1184*cdf0e10cSrcweir 		L += nKeyLen;
1185*cdf0e10cSrcweir 	}
1186*cdf0e10cSrcweir 	for (k = 0; k < n; k++) L[k] = pKeyData[k];
1187*cdf0e10cSrcweir 
1188*cdf0e10cSrcweir 	/* Initialize S with K. */
1189*cdf0e10cSrcweir 	for (x = 0, y = 0; x < CIPHER_CBLOCK_ARCFOUR; x++)
1190*cdf0e10cSrcweir 	{
1191*cdf0e10cSrcweir 		y = (y + S[x] + K[x]) % CIPHER_CBLOCK_ARCFOUR;
1192*cdf0e10cSrcweir 		t = S[x], S[x] = S[y], S[y] = t; /* swap S[x] and S[y] */
1193*cdf0e10cSrcweir 	}
1194*cdf0e10cSrcweir 
1195*cdf0e10cSrcweir 	/* Initialize counters X and Y. */
1196*cdf0e10cSrcweir 	ctx->m_X = 0;
1197*cdf0e10cSrcweir 	ctx->m_Y = 0;
1198*cdf0e10cSrcweir 
1199*cdf0e10cSrcweir 	return rtl_Cipher_E_None;
1200*cdf0e10cSrcweir }
1201*cdf0e10cSrcweir 
1202*cdf0e10cSrcweir /*
1203*cdf0e10cSrcweir  * rtl_cipherARCFOUR_update_Impl.
1204*cdf0e10cSrcweir  */
1205*cdf0e10cSrcweir static rtlCipherError rtl_cipherARCFOUR_update_Impl (
1206*cdf0e10cSrcweir 	ContextARCFOUR_Impl *ctx,
1207*cdf0e10cSrcweir 	const sal_uInt8     *pData,   sal_Size nDatLen,
1208*cdf0e10cSrcweir 	sal_uInt8           *pBuffer, sal_Size nBufLen)
1209*cdf0e10cSrcweir {
1210*cdf0e10cSrcweir 	register unsigned int *S;
1211*cdf0e10cSrcweir 	register unsigned int  x, y, t;
1212*cdf0e10cSrcweir 	sal_Size               k;
1213*cdf0e10cSrcweir 
1214*cdf0e10cSrcweir 	/* Check arguments. */
1215*cdf0e10cSrcweir 	if ((pData == NULL) || (pBuffer == NULL))
1216*cdf0e10cSrcweir 		return rtl_Cipher_E_Argument;
1217*cdf0e10cSrcweir 
1218*cdf0e10cSrcweir 	if (!((0 < nDatLen) && (nDatLen <= nBufLen)))
1219*cdf0e10cSrcweir 		return rtl_Cipher_E_BufferSize;
1220*cdf0e10cSrcweir 
1221*cdf0e10cSrcweir 	/* Update. */
1222*cdf0e10cSrcweir 	S = &(ctx->m_S[0]);
1223*cdf0e10cSrcweir 	for (k = 0; k < nDatLen; k++)
1224*cdf0e10cSrcweir 	{
1225*cdf0e10cSrcweir 		/* Update counters X and Y. */
1226*cdf0e10cSrcweir 		x = ctx->m_X;
1227*cdf0e10cSrcweir 		y = ctx->m_Y;
1228*cdf0e10cSrcweir 		x = (x + 1   ) % CIPHER_CBLOCK_ARCFOUR;
1229*cdf0e10cSrcweir 		y = (y + S[x]) % CIPHER_CBLOCK_ARCFOUR;
1230*cdf0e10cSrcweir 		ctx->m_X = x;
1231*cdf0e10cSrcweir 		ctx->m_Y = y;
1232*cdf0e10cSrcweir 
1233*cdf0e10cSrcweir 		/* Swap S[x] and S[y]. */
1234*cdf0e10cSrcweir 		t = S[x], S[x] = S[y], S[y] = t;
1235*cdf0e10cSrcweir 
1236*cdf0e10cSrcweir 		/* Evaluate next key byte S[t]. */
1237*cdf0e10cSrcweir 		t = (S[x] + S[y]) % CIPHER_CBLOCK_ARCFOUR;
1238*cdf0e10cSrcweir 		pBuffer[k] = pData[k] ^ ((sal_uInt8)(S[t] & 0xff));
1239*cdf0e10cSrcweir 	}
1240*cdf0e10cSrcweir 
1241*cdf0e10cSrcweir 	return rtl_Cipher_E_None;
1242*cdf0e10cSrcweir }
1243*cdf0e10cSrcweir 
1244*cdf0e10cSrcweir /*========================================================================
1245*cdf0e10cSrcweir  *
1246*cdf0e10cSrcweir  * rtl_cipher_ARCFOUR (RC4) implementation.
1247*cdf0e10cSrcweir  *
1248*cdf0e10cSrcweir  * Reference:
1249*cdf0e10cSrcweir  *   Bruce Schneier: Applied Cryptography, 2nd edition, ch. 17.1
1250*cdf0e10cSrcweir  *
1251*cdf0e10cSrcweir  *======================================================================*/
1252*cdf0e10cSrcweir /*
1253*cdf0e10cSrcweir  * rtl_cipher_createARCFOUR.
1254*cdf0e10cSrcweir  */
1255*cdf0e10cSrcweir rtlCipher SAL_CALL rtl_cipher_createARCFOUR (rtlCipherMode Mode)
1256*cdf0e10cSrcweir {
1257*cdf0e10cSrcweir 	CipherARCFOUR_Impl *pImpl = (CipherARCFOUR_Impl*)NULL;
1258*cdf0e10cSrcweir 
1259*cdf0e10cSrcweir 	if (!(Mode == rtl_Cipher_ModeStream))
1260*cdf0e10cSrcweir 		return ((rtlCipher)NULL);
1261*cdf0e10cSrcweir 
1262*cdf0e10cSrcweir 	pImpl = ((CipherARCFOUR_Impl*)rtl_allocateZeroMemory (sizeof (CipherARCFOUR_Impl)));
1263*cdf0e10cSrcweir 	if (pImpl)
1264*cdf0e10cSrcweir 	{
1265*cdf0e10cSrcweir 		pImpl->m_cipher.m_algorithm = rtl_Cipher_AlgorithmARCFOUR;
1266*cdf0e10cSrcweir 		pImpl->m_cipher.m_direction = rtl_Cipher_DirectionInvalid;
1267*cdf0e10cSrcweir 		pImpl->m_cipher.m_mode      = rtl_Cipher_ModeStream;
1268*cdf0e10cSrcweir 
1269*cdf0e10cSrcweir 		pImpl->m_cipher.m_init      = rtl_cipher_initARCFOUR;
1270*cdf0e10cSrcweir 		pImpl->m_cipher.m_encode    = rtl_cipher_encodeARCFOUR;
1271*cdf0e10cSrcweir 		pImpl->m_cipher.m_decode    = rtl_cipher_decodeARCFOUR;
1272*cdf0e10cSrcweir 		pImpl->m_cipher.m_delete    = rtl_cipher_destroyARCFOUR;
1273*cdf0e10cSrcweir 	}
1274*cdf0e10cSrcweir 	return ((rtlCipher)pImpl);
1275*cdf0e10cSrcweir }
1276*cdf0e10cSrcweir 
1277*cdf0e10cSrcweir /*
1278*cdf0e10cSrcweir  * rtl_cipher_initARCFOUR.
1279*cdf0e10cSrcweir  */
1280*cdf0e10cSrcweir rtlCipherError SAL_CALL rtl_cipher_initARCFOUR (
1281*cdf0e10cSrcweir 	rtlCipher          Cipher,
1282*cdf0e10cSrcweir 	rtlCipherDirection Direction,
1283*cdf0e10cSrcweir 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
1284*cdf0e10cSrcweir 	const sal_uInt8 *pArgData, sal_Size nArgLen)
1285*cdf0e10cSrcweir {
1286*cdf0e10cSrcweir 	CipherARCFOUR_Impl *pImpl = (CipherARCFOUR_Impl*)Cipher;
1287*cdf0e10cSrcweir     (void) pArgData; // avoid warning
1288*cdf0e10cSrcweir     (void) nArgLen; // avoid warning
1289*cdf0e10cSrcweir 
1290*cdf0e10cSrcweir 	if ((pImpl == NULL) || (pKeyData == NULL))
1291*cdf0e10cSrcweir 		return rtl_Cipher_E_Argument;
1292*cdf0e10cSrcweir 
1293*cdf0e10cSrcweir 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmARCFOUR))
1294*cdf0e10cSrcweir 		return rtl_Cipher_E_Algorithm;
1295*cdf0e10cSrcweir 
1296*cdf0e10cSrcweir 	if (!(Direction == rtl_Cipher_DirectionInvalid))
1297*cdf0e10cSrcweir 		pImpl->m_cipher.m_direction = Direction;
1298*cdf0e10cSrcweir 	else
1299*cdf0e10cSrcweir 		return rtl_Cipher_E_Direction;
1300*cdf0e10cSrcweir 
1301*cdf0e10cSrcweir 	return rtl_cipherARCFOUR_init_Impl (&(pImpl->m_context), pKeyData, nKeyLen);
1302*cdf0e10cSrcweir }
1303*cdf0e10cSrcweir 
1304*cdf0e10cSrcweir /*
1305*cdf0e10cSrcweir  * rtl_cipher_encodeARCFOUR.
1306*cdf0e10cSrcweir  */
1307*cdf0e10cSrcweir rtlCipherError SAL_CALL rtl_cipher_encodeARCFOUR (
1308*cdf0e10cSrcweir 	rtlCipher   Cipher,
1309*cdf0e10cSrcweir 	const void *pData,   sal_Size nDatLen,
1310*cdf0e10cSrcweir 	sal_uInt8  *pBuffer, sal_Size nBufLen)
1311*cdf0e10cSrcweir {
1312*cdf0e10cSrcweir 	CipherARCFOUR_Impl *pImpl = (CipherARCFOUR_Impl*)Cipher;
1313*cdf0e10cSrcweir 	if (pImpl == NULL)
1314*cdf0e10cSrcweir 		return rtl_Cipher_E_Argument;
1315*cdf0e10cSrcweir 
1316*cdf0e10cSrcweir 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmARCFOUR))
1317*cdf0e10cSrcweir 		return rtl_Cipher_E_Algorithm;
1318*cdf0e10cSrcweir 
1319*cdf0e10cSrcweir 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionInvalid)
1320*cdf0e10cSrcweir 		return rtl_Cipher_E_Direction;
1321*cdf0e10cSrcweir 
1322*cdf0e10cSrcweir 	return rtl_cipherARCFOUR_update_Impl (
1323*cdf0e10cSrcweir 		&(pImpl->m_context),
1324*cdf0e10cSrcweir 		(const sal_uInt8*)pData, nDatLen, pBuffer, nBufLen);
1325*cdf0e10cSrcweir }
1326*cdf0e10cSrcweir 
1327*cdf0e10cSrcweir /*
1328*cdf0e10cSrcweir  * rtl_cipher_decodeARCFOUR.
1329*cdf0e10cSrcweir  */
1330*cdf0e10cSrcweir rtlCipherError SAL_CALL rtl_cipher_decodeARCFOUR (
1331*cdf0e10cSrcweir 	rtlCipher   Cipher,
1332*cdf0e10cSrcweir 	const void *pData,   sal_Size nDatLen,
1333*cdf0e10cSrcweir 	sal_uInt8  *pBuffer, sal_Size nBufLen)
1334*cdf0e10cSrcweir {
1335*cdf0e10cSrcweir 	CipherARCFOUR_Impl *pImpl = (CipherARCFOUR_Impl*)Cipher;
1336*cdf0e10cSrcweir 	if (pImpl == NULL)
1337*cdf0e10cSrcweir 		return rtl_Cipher_E_Argument;
1338*cdf0e10cSrcweir 
1339*cdf0e10cSrcweir 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmARCFOUR))
1340*cdf0e10cSrcweir 		return rtl_Cipher_E_Algorithm;
1341*cdf0e10cSrcweir 
1342*cdf0e10cSrcweir 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionInvalid)
1343*cdf0e10cSrcweir 		return rtl_Cipher_E_Direction;
1344*cdf0e10cSrcweir 
1345*cdf0e10cSrcweir 	return rtl_cipherARCFOUR_update_Impl (
1346*cdf0e10cSrcweir 		&(pImpl->m_context),
1347*cdf0e10cSrcweir 		(const sal_uInt8*)pData, nDatLen, pBuffer, nBufLen);
1348*cdf0e10cSrcweir }
1349*cdf0e10cSrcweir 
1350*cdf0e10cSrcweir /*
1351*cdf0e10cSrcweir  * rtl_cipher_destroyARCFOUR.
1352*cdf0e10cSrcweir  */
1353*cdf0e10cSrcweir void SAL_CALL rtl_cipher_destroyARCFOUR (rtlCipher Cipher)
1354*cdf0e10cSrcweir {
1355*cdf0e10cSrcweir 	CipherARCFOUR_Impl *pImpl = (CipherARCFOUR_Impl*)Cipher;
1356*cdf0e10cSrcweir 	if (pImpl)
1357*cdf0e10cSrcweir 	{
1358*cdf0e10cSrcweir 		if (pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmARCFOUR)
1359*cdf0e10cSrcweir 			rtl_freeZeroMemory (pImpl, sizeof (CipherARCFOUR_Impl));
1360*cdf0e10cSrcweir 		else
1361*cdf0e10cSrcweir 			rtl_freeMemory (pImpl);
1362*cdf0e10cSrcweir 	}
1363*cdf0e10cSrcweir }
1364