« Alcuin
Alcuin 9997: Gossip Support »

Encryption for alcuin

Alcuin 9998 is available as a patch to the genesis, or as a tarball.

This release includes the following changes:

  • Packet encryption using a pure Python implementation of Serpent1
  • Digest now includes the peer secret in order to allow easy dropping of garbage packets
  • Updated config file format - all peer information including port number is now specified in the config file. The --peers command line option has been removed.
1 diff --git a/README.txt b/README.txt
2 index 2d5ff88..5228ab4 100644
3 --- a/README.txt
4 +++ b/README.txt
5 @@ -5,17 +5,13 @@ yet to be completed including but not limited to:
6
7 - gossip style message forwarding
8 - message deduplication
9 -- symmetric encryption of messages
10 -- support for broadcasting several important IRC commands
11 - over the gossip net.
12 - mitigation of hash length extension attacks
13
14 GETTING STARTED
15
16 -1. Copy config.py.example to config.py (nothing in the config file is
17 -used yet, but alcuin will crash if it doesn't exist).
18 +1. Copy config.py.example to config.py and update it appropriately.
19 2. Launch alcuin with something like the following command:
20 -./alcuin --verbose --port=6668 --peers=206.189.163.145
21 +./alcuin --port=6668
22
23 NOTES FOR DIFF/PATCH N00B5
24
25 diff --git a/lib/server.py b/lib/server.py
26 index f2c6206..a609aaf 100644
27 --- a/lib/server.py
28 +++ b/lib/server.py
29 @@ -1,4 +1,4 @@
30 -VERSION = "9999"
31 +VERSION = "9998"
32
33 import os
34 import select
35
36 diff --git a/lib/infosec.py b/lib/infosec.py
37 index 0807633..255d201 100644
38 --- a/lib/infosec.py
39 +++ b/lib/infosec.py
40 @@ -16,7 +16,7 @@ class Infosec(object):
41 serpent = Serpent(self._pad(config.secret, MAX_SECRET_SIZE))
42 padded_message = self._pad(message, MAX_MESSAGE_SIZE)
43 ciphertext = binascii.hexlify(serpent.encrypt(padded_message.encode("ascii")))
44 - digest = hashlib.sha512(ciphertext).hexdigest()
45 + digest = hashlib.sha512(config.secret + ciphertext).hexdigest()
46 print("packing message: %s" % message)
47 print("pack digest: %s" % digest)
48 print("pack digest length: %d" % len(digest))
49 @@ -32,7 +32,7 @@ class Infosec(object):
50 print("received package: %s" % package)
51 received_digest = package[0:128]
52 ciphertext = package[128:1152]
53 - digest = hashlib.sha512(ciphertext).hexdigest()
54 + digest = hashlib.sha512(peer_secret + ciphertext).hexdigest()
55 print("unpack package length: %d" % len(package))
56 print("unpack sender digest: %s" % received_digest)
57 print("unpack sender digest length: %d" % len(received_digest))
58
59 diff --git a/alcuin b/alcuin
60 index bbf9ed4..44efc5d 100755
61 --- a/alcuin
62 +++ b/alcuin
63 @@ -13,7 +13,6 @@ from lib.server import Server
64 from lib.peer import Peer
65 from datetime import datetime
66 from optparse import OptionParser
67 -import config as cfg
68
69
70 def main(argv):
71 @@ -59,10 +58,6 @@ def main(argv):
72 help="listen for UDP packets on X;"
73 " default: 7778")
74 op.add_option(
75 - "--peers",
76 - metavar="X",
77 - help="Broadcast to X (a list of IP addresses separated by comma or whitespace)")
78 - op.add_option(
79 "--statedir",
80 metavar="X",
81 help="save persistent channel state (topic, key) in directory X")
82 @@ -90,8 +85,6 @@ def main(argv):
83 options.ports = "6667"
84 else:
85 options.ports = "6697"
86 - if options.peers is None:
87 - options.peers = ""
88 if options.udp_port is None:
89 options.udp_port = 7778
90 else:
91 @@ -127,13 +120,6 @@ def main(argv):
92 except ValueError:
93 op.error("bad port: %r" % port)
94 options.ports = ports
95 - peers = []
96 - for peer in re.split(r"[,\s]+", options.peers):
97 - try:
98 - peers.append(Peer(peer))
99 - except ValueError:
100 - op.error("bad peer ip: %r" % peer)
101 - options.peers = peers
102 server = Server(options)
103 if options.daemon:
104 server.daemonize()
105 diff --git a/config.py.example b/config.py.example
106 index f9adc62..611913e 100644
107 --- a/config.py.example
108 +++ b/config.py.example
109 @@ -1,4 +1,9 @@
110 secret = "SEEKRIT"
111 -peer_secrets = {
112 - "10.0.0.1":"K33P-0U7!"
113 -}
114 +peers = [
115 + {
116 + "name":"schellenberg",
117 + "secret":"K33P-0U7!",
118 + "address":"10.0.0.1",
119 + "port":7778
120 + }
121 +]
122 diff --git a/lib/client.py b/lib/client.py
123 index 97d8a7f..30eb5ed 100644
124 --- a/lib/client.py
125 +++ b/lib/client.py
126 @@ -446,9 +446,13 @@ class Client(object):
127
128 def udp_data_received(self, address, data):
129 if data:
130 - message = self.infosec.unpack(address, data)
131 - if(message != None):
132 - self.message(message)
133 + for peer in self.server.peers:
134 + if(address == peer.address):
135 + message = self.infosec.unpack(peer, data)
136 + if(message != None):
137 + self.message(message)
138 + return
139 + print("Unknown peer address: " % address)
140
141 def socket_readable_notification(self):
142 try:
143 diff --git a/lib/infosec.py b/lib/infosec.py
144 index f11b992..0807633 100644
145 --- a/lib/infosec.py
146 +++ b/lib/infosec.py
147 @@ -26,28 +26,25 @@ class Infosec(object):
148 print("pack package length: %d" % len(package))
149 return package
150
151 - def unpack(self, address, package):
152 - peer_secret = config.peer_secrets[address]
153 - if(None != peer_secret):
154 - serpent = Serpent(self._pad(peer_secret, MAX_SECRET_SIZE))
155 - print("received package: %s" % package)
156 - received_digest = package[0:128]
157 - ciphertext = package[128:1152]
158 - digest = hashlib.sha512(ciphertext).hexdigest()
159 - print("unpack package length: %d" % len(package))
160 - print("unpack sender digest: %s" % received_digest)
161 - print("unpack sender digest length: %d" % len(received_digest))
162 - print("unpack local digest: %s" % digest)
163 - print("unpack local digest length: %d" % len(digest))
164 - print("unpack ciphertext: %s") % ciphertext
165 - print("unpack ciphertext length: %d") % len(ciphertext)
166 - if(received_digest == digest):
167 - return serpent.decrypt(binascii.unhexlify(ciphertext))
168 - else:
169 - print("unable to validate package: %s" % package)
170 - return None
171 + def unpack(self, peer, package):
172 + peer_secret = peer.secret
173 + serpent = Serpent(self._pad(peer_secret, MAX_SECRET_SIZE))
174 + print("received package: %s" % package)
175 + received_digest = package[0:128]
176 + ciphertext = package[128:1152]
177 + digest = hashlib.sha512(ciphertext).hexdigest()
178 + print("unpack package length: %d" % len(package))
179 + print("unpack sender digest: %s" % received_digest)
180 + print("unpack sender digest length: %d" % len(received_digest))
181 + print("unpack local digest: %s" % digest)
182 + print("unpack local digest length: %d" % len(digest))
183 + print("unpack ciphertext: %s") % ciphertext
184 + print("unpack ciphertext length: %d") % len(ciphertext)
185 + if(received_digest == digest):
186 + return serpent.decrypt(binascii.unhexlify(ciphertext))
187 else:
188 - print("received message from unknown peer: %s" % address)
189 + print("unable to validate package: %s" % package)
190 + return None
191
192 def _pad(self, text, size):
193 return text.ljust(size)
194 diff --git a/lib/peer.py b/lib/peer.py
195 index 4a64ed7..fcb0f0c 100644
196 --- a/lib/peer.py
197 +++ b/lib/peer.py
198 @@ -1,13 +1,16 @@
199 import socket
200 from infosec import Infosec
201
202 -class Peer(object):
203 - def __init__(self, address):
204 - self.address = address
205 - self.socket = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)
206 - self.infosec = Infosec()
207 +class Peer(object):
208 + def __init__(self, peer_entry):
209 + self.name = peer_entry["name"]
210 + self.address = peer_entry["address"]
211 + self.secret = peer_entry["secret"]
212 + self.port = peer_entry["port"]
213 + self.socket = socket.socket(family=socket.AF_INET, type=socket.SOCK_DGRAM)
214 + self.infosec = Infosec()
215
216 - def send(self, client, msg):
217 - full_message = str.encode(":%s %s" % (client.nickname, msg))
218 - print("sending formatted_msg: %s" % full_message)
219 - self.socket.sendto(self.infosec.pack(full_message), (self.address, 7778))
220 + def send(self, client, msg):
221 + full_message = str.encode(":%s %s" % (client.nickname, msg))
222 + print("sending formatted_msg: %s" % full_message)
223 + self.socket.sendto(self.infosec.pack(full_message), (self.address, self.port))
224 diff --git a/lib/server.py b/lib/server.py
225 index a248f1a..f2c6206 100644
226 --- a/lib/server.py
227 +++ b/lib/server.py
228 @@ -15,11 +15,11 @@ from lib.infosec import PACKET_SIZE
229 from lib.infosec import Infosec
230 from lib.peer import Peer
231 from funcs import *
232 +import config as cfg
233
234 class Server(object):
235 def __init__(self, options):
236 self.ports = options.ports
237 - self.peers = options.peers
238 self.udp_port = options.udp_port
239 self.password = options.password
240 self.ssl_pem_file = options.ssl_pem_file
241 @@ -41,6 +41,9 @@ class Server(object):
242 self.channels = {} # irc_lower(Channel name) --> Channel instance.
243 self.clients = {} # Socket --> Client instance..peers = ""
244 self.nicknames = {} # irc_lower(Nickname) --> Client instance.
245 + self.peers = []
246 + for peer_entry in cfg.peers:
247 + self.peers.append(Peer(peer_entry))
248 if self.logdir:
249 create_directory(self.logdir)
250 if self.statedir:
251
252 diff --git a/lib/client.py b/lib/client.py
253 index cfc5331..97d8a7f 100644
254 --- a/lib/client.py
255 +++ b/lib/client.py
256 @@ -444,9 +444,9 @@ class Client(object):
257 except KeyError:
258 self.reply("421 %s %s :Unknown command" % (self.nickname, command))
259
260 - def udp_data_received(self, data):
261 + def udp_data_received(self, address, data):
262 if data:
263 - message = self.infosec.unpack(data)
264 + message = self.infosec.unpack(address, data)
265 if(message != None):
266 self.message(message)
267
268 diff --git a/lib/infosec.py b/lib/infosec.py
269 index 6e87ca6..f11b992 100644
270 --- a/lib/infosec.py
271 +++ b/lib/infosec.py
272 @@ -1,29 +1,54 @@
273 import hashlib
274 -PACKET_SIZE = 1024
275 +import lib.serpent
276 +
277 +from lib.serpent import Serpent
278 +import config
279 +import binascii
280 +PACKET_SIZE = 1152
281 MAX_MESSAGE_SIZE = 512
282 +MAX_SECRET_SIZE = 24
283
284 class Infosec(object):
285 #def __init__(self):
286 # do nothing
287
288 def pack(self, message):
289 - digest = hashlib.sha512(self._pad(message)).hexdigest()
290 - return digest + message
291 + serpent = Serpent(self._pad(config.secret, MAX_SECRET_SIZE))
292 + padded_message = self._pad(message, MAX_MESSAGE_SIZE)
293 + ciphertext = binascii.hexlify(serpent.encrypt(padded_message.encode("ascii")))
294 + digest = hashlib.sha512(ciphertext).hexdigest()
295 + print("packing message: %s" % message)
296 + print("pack digest: %s" % digest)
297 + print("pack digest length: %d" % len(digest))
298 + print("pack ciphertext: %s" % ciphertext)
299 + print("pack ciphertext length: %d" % len(ciphertext))
300 + package = digest + ciphertext
301 + print("pack package length: %d" % len(package))
302 + return package
303
304 - def unpack(self, package):
305 - print("received package: %s" % package)
306 - received_digest = package[0:128]
307 - message = package[128:1023]
308 - digest = hashlib.sha512(self._pad(message)).hexdigest()
309 - print("received_digest: %s" % received_digest)
310 - print("digest: %s" % digest)
311 - print("message: %s") % message
312 - if(received_digest == digest):
313 - return message
314 + def unpack(self, address, package):
315 + peer_secret = config.peer_secrets[address]
316 + if(None != peer_secret):
317 + serpent = Serpent(self._pad(peer_secret, MAX_SECRET_SIZE))
318 + print("received package: %s" % package)
319 + received_digest = package[0:128]
320 + ciphertext = package[128:1152]
321 + digest = hashlib.sha512(ciphertext).hexdigest()
322 + print("unpack package length: %d" % len(package))
323 + print("unpack sender digest: %s" % received_digest)
324 + print("unpack sender digest length: %d" % len(received_digest))
325 + print("unpack local digest: %s" % digest)
326 + print("unpack local digest length: %d" % len(digest))
327 + print("unpack ciphertext: %s") % ciphertext
328 + print("unpack ciphertext length: %d") % len(ciphertext)
329 + if(received_digest == digest):
330 + return serpent.decrypt(binascii.unhexlify(ciphertext))
331 + else:
332 + print("unable to validate package: %s" % package)
333 + return None
334 else:
335 - print("unable to validate package: %s" % package)
336 - return None
337 + print("received message from unknown peer: %s" % address)
338
339 - def _pad(self, text):
340 - return str(text.ljust(MAX_MESSAGE_SIZE)).encode("ascii")
341 + def _pad(self, text, size):
342 + return text.ljust(size)
343
344 diff --git a/lib/serpent.py b/lib/serpent.py
345 new file mode 100644
346 index 0000000..c7c9f83
347 --- /dev/null
348 +++ b/lib/serpent.py
349 @@ -0,0 +1,2998 @@
350 +## serpent.py - pure Python implementation of the Serpent algorithm.
351 +## Bjorn Edstrom <be@bjrn.se> 13 december 2007.
352 +##
353 +## Copyrights
354 +## ==========
355 +##
356 +## This code is a derived from an implementation by Dr Brian Gladman
357 +## (gladman@seven77.demon.co.uk) which is subject to the following license.
358 +## This Python implementation is not subject to any other license.
359 +##
360 +##/* This is an independent implementation of the encryption algorithm:
361 +## *
362 +## * Serpent by Ross Anderson, Eli Biham and Lars Knudsen
363 +## *
364 +## * which is a candidate algorithm in the Advanced Encryption Standard
365 +## * programme of the US National Institute of Standards and Technology
366 +## *
367 +## * Copyright in this implementation is held by Dr B R Gladman but I
368 +## * hereby give permission for its free direct or derivative use subject
369 +## * to acknowledgment of its origin and compliance with any conditions
370 +## * that the originators of the algorithm place on its exploitation.
371 +## *
372 +## * Dr Brian Gladman (gladman@seven77.demon.co.uk) 14th January 1999
373 +## */
374 +##
375 +## The above copyright notice must not be removed.
376 +##
377 +## Information
378 +## ===========
379 +##
380 +## Anyone thinking of using this code should reconsider. It's slow.
381 +## Try python-mcrypt instead. In case a faster library is not installed
382 +## on the target system, this code can be used as a portable fallback.
383 +
384 +import binascii
385 +import base64
386 +
387 +block_size = 16
388 +key_size = 32
389 +
390 +class Serpent:
391 +
392 + def __init__(self, key=None):
393 + """Serpent."""
394 +
395 + if key:
396 + self.set_key(key)
397 +
398 +
399 + def set_key(self, key):
400 + """Init."""
401 +
402 + key_len = len(key)
403 + if key_len % 4:
404 + # XXX: add padding?
405 + raise KeyError, "key not a multiple of 4"
406 + if key_len > 32:
407 + # XXX: prune?
408 + raise KeyError, "key_len > 32"
409 +
410 + self.key_context = [0] * 140
411 +
412 + key_word32 = [0] * 32
413 + i = 0
414 + while key:
415 + key_word32[i] = struct.unpack("<L", key[0:4])[0]
416 + key = key[4:]
417 + i += 1
418 +
419 + set_key(self.key_context, key_word32, key_len)
420 + #print(map(hex,self.key_context))
421 +
422 +
423 + def decrypt(self, block):
424 + """Decrypt blocks."""
425 +
426 + if len(block) % 16:
427 + raise ValueError, "block size must be a multiple of 16"
428 +
429 + plaintext = ''
430 +
431 + while block:
432 + a, b, c, d = struct.unpack("<4L", block[:16])
433 + temp = [a, b, c, d]
434 + decrypt(self.key_context, temp)
435 + plaintext += struct.pack("<4L", *temp)
436 + block = block[16:]
437 +
438 + return plaintext
439 +
440 +
441 + def encrypt(self, block):
442 + """Encrypt blocks."""
443 +
444 + if len(block) % 16:
445 + raise ValueError, "block size must be a multiple of 16"
446 +
447 + ciphertext = ''
448 +
449 + while block:
450 + a, b, c, d = struct.unpack("<4L", block[0:16])
451 + temp = [a, b, c, d]
452 + encrypt(self.key_context, temp)
453 + ciphertext += struct.pack("<4L", *temp)
454 + block = block[16:]
455 +
456 + return ciphertext
457 +
458 +
459 + def get_name(self):
460 + """Return the name of the cipher."""
461 +
462 + return "Serpent"
463 +
464 +
465 + def get_block_size(self):
466 + """Get cipher block size in bytes."""
467 +
468 + return 16
469 +
470 +
471 + def get_key_size(self):
472 + """Get cipher key size in bytes."""
473 +
474 + return 32
475 +
476 +
477 +#
478 +# Private.
479 +#
480 +
481 +import struct
482 +import sys
483 +
484 +WORD_BIGENDIAN = 0
485 +if sys.byteorder == 'big':
486 + WORD_BIGENDIAN = 1
487 +
488 +def rotr32(x, n):
489 + return (x >> n) | ((x << (32 - n)) & 0xFFFFFFFF)
490 +
491 +def rotl32(x, n):
492 + return ((x << n) & 0xFFFFFFFF) | (x >> (32 - n))
493 +
494 +def byteswap32(x):
495 + return ((x & 0xff) << 24) | (((x >> 8) & 0xff) << 16) | \
496 + (((x >> 16) & 0xff) << 8) | ((x >> 24) & 0xff)
497 +
498 +def set_key(l_key, key, key_len):
499 + key_len *= 8
500 + if key_len > 256:
501 + return False
502 +
503 + i = 0
504 + lk = (key_len + 31) / 32
505 + while i < lk:
506 + l_key[i] = key[i]
507 + if WORD_BIGENDIAN:
508 + l_key[i] = byteswap32(key[i])
509 + i += 1
510 +
511 + if key_len < 256:
512 + while i < 8:
513 + l_key[i] = 0
514 + i += 1
515 + i = key_len / 32
516 + lk = 1 << (key_len % 32)
517 + l_key[i] = (l_key[i] & (lk - 1)) | lk
518 + for i in xrange(132):
519 + lk = l_key[i] ^ l_key[i + 3] ^ l_key[i + 5] ^ l_key[i + 7] ^ 0x9e3779b9 ^ i
520 + l_key[i + 8] = ((lk << 11) & 0xFFFFFFFF) | (lk >> 21)
521 +
522 + key = l_key
523 + # serpent_generate.py
524 + a = key[4 * 0 + 8]
525 + b = key[4 * 0 + 9]
526 + c = key[4 * 0 + 10]
527 + d = key[4 * 0 + 11]
528 + e = 0
529 + f = 0
530 + g = 0
531 + h = 0
532 + t1 = 0
533 + t2 = 0
534 + t3 = 0
535 + t4 = 0
536 + t5 = 0
537 + t6 = 0
538 + t7 = 0
539 + t8 = 0
540 + t9 = 0
541 + t10 = 0
542 + t11 = 0
543 + t12 = 0
544 + t13 = 0
545 + t14 = 0
546 + t15 = 0
547 + t16 = 0
548 + t1 = a ^ c;
549 + t2 = d ^ t1;
550 + t3 = a & t2;
551 + t4 = d ^ t3;
552 + t5 = b & t4;
553 + g = t2 ^ t5;
554 + t7 = a | g;
555 + t8 = b | d;
556 + t11 = a | d;
557 + t9 = t4 & t7;
558 + f = t8 ^ t9;
559 + t12 = b ^ t11;
560 + t13 = g ^ t9;
561 + t15 = t3 ^ t8;
562 + h = t12 ^ t13;
563 + t16 = c & t15;
564 + e = t12 ^ t16
565 + key[4 * 0 + 8] = e
566 + key[4 * 0 + 9] = f
567 + key[4 * 0 + 10] = g
568 + key[4 * 0 + 11] = h
569 + a = key[4 * 1 + 8]
570 + b = key[4 * 1 + 9]
571 + c = key[4 * 1 + 10]
572 + d = key[4 * 1 + 11]
573 + t1 = (~a) % 0x100000000;
574 + t2 = b ^ d;
575 + t3 = c & t1;
576 + t13 = d | t1;
577 + e = t2 ^ t3;
578 + t5 = c ^ t1;
579 + t6 = c ^ e;
580 + t7 = b & t6;
581 + t10 = e | t5;
582 + h = t5 ^ t7;
583 + t9 = d | t7;
584 + t11 = t9 & t10;
585 + t14 = t2 ^ h;
586 + g = a ^ t11;
587 + t15 = g ^ t13;
588 + f = t14 ^ t15
589 + key[4 * 1 + 8] = e
590 + key[4 * 1 + 9] = f
591 + key[4 * 1 + 10] = g
592 + key[4 * 1 + 11] = h
593 + a = key[4 * 2 + 8]
594 + b = key[4 * 2 + 9]
595 + c = key[4 * 2 + 10]
596 + d = key[4 * 2 + 11]
597 + t1 = (~a) % 0x100000000;
598 + t2 = b ^ t1;
599 + t3 = a | t2;
600 + t4 = d | t2;
601 + t5 = c ^ t3;
602 + g = d ^ t5;
603 + t7 = b ^ t4;
604 + t8 = t2 ^ g;
605 + t9 = t5 & t7;
606 + h = t8 ^ t9;
607 + t11 = t5 ^ t7;
608 + f = h ^ t11;
609 + t13 = t8 & t11;
610 + e = t5 ^ t13
611 + key[4 * 2 + 8] = e
612 + key[4 * 2 + 9] = f
613 + key[4 * 2 + 10] = g
614 + key[4 * 2 + 11] = h
615 + a = key[4 * 3 + 8]
616 + b = key[4 * 3 + 9]
617 + c = key[4 * 3 + 10]
618 + d = key[4 * 3 + 11]
619 + t1 = a ^ d;
620 + t2 = a & d;
621 + t3 = c ^ t1;
622 + t6 = b & t1;
623 + t4 = b ^ t3;
624 + t10 = (~t3) % 0x100000000;
625 + h = t2 ^ t4;
626 + t7 = a ^ t6;
627 + t14 = (~t7) % 0x100000000;
628 + t8 = c | t7;
629 + t11 = t3 ^ t7;
630 + g = t4 ^ t8;
631 + t12 = h & t11;
632 + f = t10 ^ t12;
633 + e = t12 ^ t14
634 + key[4 * 3 + 8] = e
635 + key[4 * 3 + 9] = f
636 + key[4 * 3 + 10] = g
637 + key[4 * 3 + 11] = h
638 + a = key[4 * 4 + 8]
639 + b = key[4 * 4 + 9]
640 + c = key[4 * 4 + 10]
641 + d = key[4 * 4 + 11]
642 + t1 = (~c) % 0x100000000;
643 + t2 = b ^ c;
644 + t3 = b | t1;
645 + t4 = d ^ t3;
646 + t5 = a & t4;
647 + t7 = a ^ d;
648 + h = t2 ^ t5;
649 + t8 = b ^ t5;
650 + t9 = t2 | t8;
651 + t11 = d & t3;
652 + f = t7 ^ t9;
653 + t12 = t5 ^ f;
654 + t15 = t1 | t4;
655 + t13 = h & t12;
656 + g = t11 ^ t13;
657 + t16 = t12 ^ g;
658 + e = t15 ^ t16
659 + key[4 * 4 + 8] = e
660 + key[4 * 4 + 9] = f
661 + key[4 * 4 + 10] = g
662 + key[4 * 4 + 11] = h
663 + a = key[4 * 5 + 8]
664 + b = key[4 * 5 + 9]
665 + c = key[4 * 5 + 10]
666 + d = key[4 * 5 + 11]
667 + t1 = (~a) % 0x100000000;
668 + t2 = a ^ d;
669 + t3 = b ^ t2;
670 + t4 = t1 | t2;
671 + t5 = c ^ t4;
672 + f = b ^ t5;
673 + t13 = (~t5) % 0x100000000;
674 + t7 = t2 | f;
675 + t8 = d ^ t7;
676 + t9 = t5 & t8;
677 + g = t3 ^ t9;
678 + t11 = t5 ^ t8;
679 + e = g ^ t11;
680 + t14 = t3 & t11;
681 + h = t13 ^ t14
682 + key[4 * 5 + 8] = e
683 + key[4 * 5 + 9] = f
684 + key[4 * 5 + 10] = g
685 + key[4 * 5 + 11] = h
686 + a = key[4 * 6 + 8]
687 + b = key[4 * 6 + 9]
688 + c = key[4 * 6 + 10]
689 + d = key[4 * 6 + 11]
690 + t1 = (~a) % 0x100000000;
691 + t2 = a ^ b;
692 + t3 = a ^ d;
693 + t4 = c ^ t1;
694 + t5 = t2 | t3;
695 + e = t4 ^ t5;
696 + t7 = d & e;
697 + t8 = t2 ^ e;
698 + t10 = t1 | e;
699 + f = t7 ^ t8;
700 + t11 = t2 | t7;
701 + t12 = t3 ^ t10;
702 + t14 = b ^ t7;
703 + g = t11 ^ t12;
704 + t15 = f & t12;
705 + h = t14 ^ t15
706 + key[4 * 6 + 8] = e
707 + key[4 * 6 + 9] = f
708 + key[4 * 6 + 10] = g
709 + key[4 * 6 + 11] = h
710 + a = key[4 * 7 + 8]
711 + b = key[4 * 7 + 9]
712 + c = key[4 * 7 + 10]
713 + d = key[4 * 7 + 11]
714 + t1 = a ^ d;
715 + t2 = d & t1;
716 + t3 = c ^ t2;
717 + t4 = b | t3;
718 + h = t1 ^ t4;
719 + t6 = (~b) % 0x100000000;
720 + t7 = t1 | t6;
721 + e = t3 ^ t7;
722 + t9 = a & e;
723 + t10 = t1 ^ t6;
724 + t11 = t4 & t10;
725 + g = t9 ^ t11;
726 + t13 = a ^ t3;
727 + t14 = t10 & g;
728 + f = t13 ^ t14
729 + key[4 * 7 + 8] = e
730 + key[4 * 7 + 9] = f
731 + key[4 * 7 + 10] = g
732 + key[4 * 7 + 11] = h
733 + a = key[4 * 8 + 8]
734 + b = key[4 * 8 + 9]
735 + c = key[4 * 8 + 10]
736 + d = key[4 * 8 + 11]
737 + t1 = a ^ c;
738 + t2 = d ^ t1;
739 + t3 = a & t2;
740 + t4 = d ^ t3;
741 + t5 = b & t4;
742 + g = t2 ^ t5;
743 + t7 = a | g;
744 + t8 = b | d;
745 + t11 = a | d;
746 + t9 = t4 & t7;
747 + f = t8 ^ t9;
748 + t12 = b ^ t11;
749 + t13 = g ^ t9;
750 + t15 = t3 ^ t8;
751 + h = t12 ^ t13;
752 + t16 = c & t15;
753 + e = t12 ^ t16
754 + key[4 * 8 + 8] = e
755 + key[4 * 8 + 9] = f
756 + key[4 * 8 + 10] = g
757 + key[4 * 8 + 11] = h
758 + a = key[4 * 9 + 8]
759 + b = key[4 * 9 + 9]
760 + c = key[4 * 9 + 10]
761 + d = key[4 * 9 + 11]
762 + t1 = (~a) % 0x100000000;
763 + t2 = b ^ d;
764 + t3 = c & t1;
765 + t13 = d | t1;
766 + e = t2 ^ t3;
767 + t5 = c ^ t1;
768 + t6 = c ^ e;
769 + t7 = b & t6;
770 + t10 = e | t5;
771 + h = t5 ^ t7;
772 + t9 = d | t7;
773 + t11 = t9 & t10;
774 + t14 = t2 ^ h;
775 + g = a ^ t11;
776 + t15 = g ^ t13;
777 + f = t14 ^ t15
778 + key[4 * 9 + 8] = e
779 + key[4 * 9 + 9] = f
780 + key[4 * 9 + 10] = g
781 + key[4 * 9 + 11] = h
782 + a = key[4 * 10 + 8]
783 + b = key[4 * 10 + 9]
784 + c = key[4 * 10 + 10]
785 + d = key[4 * 10 + 11]
786 + t1 = (~a) % 0x100000000;
787 + t2 = b ^ t1;
788 + t3 = a | t2;
789 + t4 = d | t2;
790 + t5 = c ^ t3;
791 + g = d ^ t5;
792 + t7 = b ^ t4;
793 + t8 = t2 ^ g;
794 + t9 = t5 & t7;
795 + h = t8 ^ t9;
796 + t11 = t5 ^ t7;
797 + f = h ^ t11;
798 + t13 = t8 & t11;
799 + e = t5 ^ t13
800 + key[4 * 10 + 8] = e
801 + key[4 * 10 + 9] = f
802 + key[4 * 10 + 10] = g
803 + key[4 * 10 + 11] = h
804 + a = key[4 * 11 + 8]
805 + b = key[4 * 11 + 9]
806 + c = key[4 * 11 + 10]
807 + d = key[4 * 11 + 11]
808 + t1 = a ^ d;
809 + t2 = a & d;
810 + t3 = c ^ t1;
811 + t6 = b & t1;
812 + t4 = b ^ t3;
813 + t10 = (~t3) % 0x100000000;
814 + h = t2 ^ t4;
815 + t7 = a ^ t6;
816 + t14 = (~t7) % 0x100000000;
817 + t8 = c | t7;
818 + t11 = t3 ^ t7;
819 + g = t4 ^ t8;
820 + t12 = h & t11;
821 + f = t10 ^ t12;
822 + e = t12 ^ t14
823 + key[4 * 11 + 8] = e
824 + key[4 * 11 + 9] = f
825 + key[4 * 11 + 10] = g
826 + key[4 * 11 + 11] = h
827 + a = key[4 * 12 + 8]
828 + b = key[4 * 12 + 9]
829 + c = key[4 * 12 + 10]
830 + d = key[4 * 12 + 11]
831 + t1 = (~c) % 0x100000000;
832 + t2 = b ^ c;
833 + t3 = b | t1;
834 + t4 = d ^ t3;
835 + t5 = a & t4;
836 + t7 = a ^ d;
837 + h = t2 ^ t5;
838 + t8 = b ^ t5;
839 + t9 = t2 | t8;
840 + t11 = d & t3;
841 + f = t7 ^ t9;
842 + t12 = t5 ^ f;
843 + t15 = t1 | t4;
844 + t13 = h & t12;
845 + g = t11 ^ t13;
846 + t16 = t12 ^ g;
847 + e = t15 ^ t16
848 + key[4 * 12 + 8] = e
849 + key[4 * 12 + 9] = f
850 + key[4 * 12 + 10] = g
851 + key[4 * 12 + 11] = h
852 + a = key[4 * 13 + 8]
853 + b = key[4 * 13 + 9]
854 + c = key[4 * 13 + 10]
855 + d = key[4 * 13 + 11]
856 + t1 = (~a) % 0x100000000;
857 + t2 = a ^ d;
858 + t3 = b ^ t2;
859 + t4 = t1 | t2;
860 + t5 = c ^ t4;
861 + f = b ^ t5;
862 + t13 = (~t5) % 0x100000000;
863 + t7 = t2 | f;
864 + t8 = d ^ t7;
865 + t9 = t5 & t8;
866 + g = t3 ^ t9;
867 + t11 = t5 ^ t8;
868 + e = g ^ t11;
869 + t14 = t3 & t11;
870 + h = t13 ^ t14
871 + key[4 * 13 + 8] = e
872 + key[4 * 13 + 9] = f
873 + key[4 * 13 + 10] = g
874 + key[4 * 13 + 11] = h
875 + a = key[4 * 14 + 8]
876 + b = key[4 * 14 + 9]
877 + c = key[4 * 14 + 10]
878 + d = key[4 * 14 + 11]
879 + t1 = (~a) % 0x100000000;
880 + t2 = a ^ b;
881 + t3 = a ^ d;
882 + t4 = c ^ t1;
883 + t5 = t2 | t3;
884 + e = t4 ^ t5;
885 + t7 = d & e;
886 + t8 = t2 ^ e;
887 + t10 = t1 | e;
888 + f = t7 ^ t8;
889 + t11 = t2 | t7;
890 + t12 = t3 ^ t10;
891 + t14 = b ^ t7;
892 + g = t11 ^ t12;
893 + t15 = f & t12;
894 + h = t14 ^ t15
895 + key[4 * 14 + 8] = e
896 + key[4 * 14 + 9] = f
897 + key[4 * 14 + 10] = g
898 + key[4 * 14 + 11] = h
899 + a = key[4 * 15 + 8]
900 + b = key[4 * 15 + 9]
901 + c = key[4 * 15 + 10]
902 + d = key[4 * 15 + 11]
903 + t1 = a ^ d;
904 + t2 = d & t1;
905 + t3 = c ^ t2;
906 + t4 = b | t3;
907 + h = t1 ^ t4;
908 + t6 = (~b) % 0x100000000;
909 + t7 = t1 | t6;
910 + e = t3 ^ t7;
911 + t9 = a & e;
912 + t10 = t1 ^ t6;
913 + t11 = t4 & t10;
914 + g = t9 ^ t11;
915 + t13 = a ^ t3;
916 + t14 = t10 & g;
917 + f = t13 ^ t14
918 + key[4 * 15 + 8] = e
919 + key[4 * 15 + 9] = f
920 + key[4 * 15 + 10] = g
921 + key[4 * 15 + 11] = h
922 + a = key[4 * 16 + 8]
923 + b = key[4 * 16 + 9]
924 + c = key[4 * 16 + 10]
925 + d = key[4 * 16 + 11]
926 + t1 = a ^ c;
927 + t2 = d ^ t1;
928 + t3 = a & t2;
929 + t4 = d ^ t3;
930 + t5 = b & t4;
931 + g = t2 ^ t5;
932 + t7 = a | g;
933 + t8 = b | d;
934 + t11 = a | d;
935 + t9 = t4 & t7;
936 + f = t8 ^ t9;
937 + t12 = b ^ t11;
938 + t13 = g ^ t9;
939 + t15 = t3 ^ t8;
940 + h = t12 ^ t13;
941 + t16 = c & t15;
942 + e = t12 ^ t16
943 + key[4 * 16 + 8] = e
944 + key[4 * 16 + 9] = f
945 + key[4 * 16 + 10] = g
946 + key[4 * 16 + 11] = h
947 + a = key[4 * 17 + 8]
948 + b = key[4 * 17 + 9]
949 + c = key[4 * 17 + 10]
950 + d = key[4 * 17 + 11]
951 + t1 = (~a) % 0x100000000;
952 + t2 = b ^ d;
953 + t3 = c & t1;
954 + t13 = d | t1;
955 + e = t2 ^ t3;
956 + t5 = c ^ t1;
957 + t6 = c ^ e;
958 + t7 = b & t6;
959 + t10 = e | t5;
960 + h = t5 ^ t7;
961 + t9 = d | t7;
962 + t11 = t9 & t10;
963 + t14 = t2 ^ h;
964 + g = a ^ t11;
965 + t15 = g ^ t13;
966 + f = t14 ^ t15
967 + key[4 * 17 + 8] = e
968 + key[4 * 17 + 9] = f
969 + key[4 * 17 + 10] = g
970 + key[4 * 17 + 11] = h
971 + a = key[4 * 18 + 8]
972 + b = key[4 * 18 + 9]
973 + c = key[4 * 18 + 10]
974 + d = key[4 * 18 + 11]
975 + t1 = (~a) % 0x100000000;
976 + t2 = b ^ t1;
977 + t3 = a | t2;
978 + t4 = d | t2;
979 + t5 = c ^ t3;
980 + g = d ^ t5;
981 + t7 = b ^ t4;
982 + t8 = t2 ^ g;
983 + t9 = t5 & t7;
984 + h = t8 ^ t9;
985 + t11 = t5 ^ t7;
986 + f = h ^ t11;
987 + t13 = t8 & t11;
988 + e = t5 ^ t13
989 + key[4 * 18 + 8] = e
990 + key[4 * 18 + 9] = f
991 + key[4 * 18 + 10] = g
992 + key[4 * 18 + 11] = h
993 + a = key[4 * 19 + 8]
994 + b = key[4 * 19 + 9]
995 + c = key[4 * 19 + 10]
996 + d = key[4 * 19 + 11]
997 + t1 = a ^ d;
998 + t2 = a & d;
999 + t3 = c ^ t1;
1000 + t6 = b & t1;
1001 + t4 = b ^ t3;
1002 + t10 = (~t3) % 0x100000000;
1003 + h = t2 ^ t4;
1004 + t7 = a ^ t6;
1005 + t14 = (~t7) % 0x100000000;
1006 + t8 = c | t7;
1007 + t11 = t3 ^ t7;
1008 + g = t4 ^ t8;
1009 + t12 = h & t11;
1010 + f = t10 ^ t12;
1011 + e = t12 ^ t14
1012 + key[4 * 19 + 8] = e
1013 + key[4 * 19 + 9] = f
1014 + key[4 * 19 + 10] = g
1015 + key[4 * 19 + 11] = h
1016 + a = key[4 * 20 + 8]
1017 + b = key[4 * 20 + 9]
1018 + c = key[4 * 20 + 10]
1019 + d = key[4 * 20 + 11]
1020 + t1 = (~c) % 0x100000000;
1021 + t2 = b ^ c;
1022 + t3 = b | t1;
1023 + t4 = d ^ t3;
1024 + t5 = a & t4;
1025 + t7 = a ^ d;
1026 + h = t2 ^ t5;
1027 + t8 = b ^ t5;
1028 + t9 = t2 | t8;
1029 + t11 = d & t3;
1030 + f = t7 ^ t9;
1031 + t12 = t5 ^ f;
1032 + t15 = t1 | t4;
1033 + t13 = h & t12;
1034 + g = t11 ^ t13;
1035 + t16 = t12 ^ g;
1036 + e = t15 ^ t16
1037 + key[4 * 20 + 8] = e
1038 + key[4 * 20 + 9] = f
1039 + key[4 * 20 + 10] = g
1040 + key[4 * 20 + 11] = h
1041 + a = key[4 * 21 + 8]
1042 + b = key[4 * 21 + 9]
1043 + c = key[4 * 21 + 10]
1044 + d = key[4 * 21 + 11]
1045 + t1 = (~a) % 0x100000000;
1046 + t2 = a ^ d;
1047 + t3 = b ^ t2;
1048 + t4 = t1 | t2;
1049 + t5 = c ^ t4;
1050 + f = b ^ t5;
1051 + t13 = (~t5) % 0x100000000;
1052 + t7 = t2 | f;
1053 + t8 = d ^ t7;
1054 + t9 = t5 & t8;
1055 + g = t3 ^ t9;
1056 + t11 = t5 ^ t8;
1057 + e = g ^ t11;
1058 + t14 = t3 & t11;
1059 + h = t13 ^ t14
1060 + key[4 * 21 + 8] = e
1061 + key[4 * 21 + 9] = f
1062 + key[4 * 21 + 10] = g
1063 + key[4 * 21 + 11] = h
1064 + a = key[4 * 22 + 8]
1065 + b = key[4 * 22 + 9]
1066 + c = key[4 * 22 + 10]
1067 + d = key[4 * 22 + 11]
1068 + t1 = (~a) % 0x100000000;
1069 + t2 = a ^ b;
1070 + t3 = a ^ d;
1071 + t4 = c ^ t1;
1072 + t5 = t2 | t3;
1073 + e = t4 ^ t5;
1074 + t7 = d & e;
1075 + t8 = t2 ^ e;
1076 + t10 = t1 | e;
1077 + f = t7 ^ t8;
1078 + t11 = t2 | t7;
1079 + t12 = t3 ^ t10;
1080 + t14 = b ^ t7;
1081 + g = t11 ^ t12;
1082 + t15 = f & t12;
1083 + h = t14 ^ t15
1084 + key[4 * 22 + 8] = e
1085 + key[4 * 22 + 9] = f
1086 + key[4 * 22 + 10] = g
1087 + key[4 * 22 + 11] = h
1088 + a = key[4 * 23 + 8]
1089 + b = key[4 * 23 + 9]
1090 + c = key[4 * 23 + 10]
1091 + d = key[4 * 23 + 11]
1092 + t1 = a ^ d;
1093 + t2 = d & t1;
1094 + t3 = c ^ t2;
1095 + t4 = b | t3;
1096 + h = t1 ^ t4;
1097 + t6 = (~b) % 0x100000000;
1098 + t7 = t1 | t6;
1099 + e = t3 ^ t7;
1100 + t9 = a & e;
1101 + t10 = t1 ^ t6;
1102 + t11 = t4 & t10;
1103 + g = t9 ^ t11;
1104 + t13 = a ^ t3;
1105 + t14 = t10 & g;
1106 + f = t13 ^ t14
1107 + key[4 * 23 + 8] = e
1108 + key[4 * 23 + 9] = f
1109 + key[4 * 23 + 10] = g
1110 + key[4 * 23 + 11] = h
1111 + a = key[4 * 24 + 8]
1112 + b = key[4 * 24 + 9]
1113 + c = key[4 * 24 + 10]
1114 + d = key[4 * 24 + 11]
1115 + t1 = a ^ c;
1116 + t2 = d ^ t1;
1117 + t3 = a & t2;
1118 + t4 = d ^ t3;
1119 + t5 = b & t4;
1120 + g = t2 ^ t5;
1121 + t7 = a | g;
1122 + t8 = b | d;
1123 + t11 = a | d;
1124 + t9 = t4 & t7;
1125 + f = t8 ^ t9;
1126 + t12 = b ^ t11;
1127 + t13 = g ^ t9;
1128 + t15 = t3 ^ t8;
1129 + h = t12 ^ t13;
1130 + t16 = c & t15;
1131 + e = t12 ^ t16
1132 + key[4 * 24 + 8] = e
1133 + key[4 * 24 + 9] = f
1134 + key[4 * 24 + 10] = g
1135 + key[4 * 24 + 11] = h
1136 + a = key[4 * 25 + 8]
1137 + b = key[4 * 25 + 9]
1138 + c = key[4 * 25 + 10]
1139 + d = key[4 * 25 + 11]
1140 + t1 = (~a) % 0x100000000;
1141 + t2 = b ^ d;
1142 + t3 = c & t1;
1143 + t13 = d | t1;
1144 + e = t2 ^ t3;
1145 + t5 = c ^ t1;
1146 + t6 = c ^ e;
1147 + t7 = b & t6;
1148 + t10 = e | t5;
1149 + h = t5 ^ t7;
1150 + t9 = d | t7;
1151 + t11 = t9 & t10;
1152 + t14 = t2 ^ h;
1153 + g = a ^ t11;
1154 + t15 = g ^ t13;
1155 + f = t14 ^ t15
1156 + key[4 * 25 + 8] = e
1157 + key[4 * 25 + 9] = f
1158 + key[4 * 25 + 10] = g
1159 + key[4 * 25 + 11] = h
1160 + a = key[4 * 26 + 8]
1161 + b = key[4 * 26 + 9]
1162 + c = key[4 * 26 + 10]
1163 + d = key[4 * 26 + 11]
1164 + t1 = (~a) % 0x100000000;
1165 + t2 = b ^ t1;
1166 + t3 = a | t2;
1167 + t4 = d | t2;
1168 + t5 = c ^ t3;
1169 + g = d ^ t5;
1170 + t7 = b ^ t4;
1171 + t8 = t2 ^ g;
1172 + t9 = t5 & t7;
1173 + h = t8 ^ t9;
1174 + t11 = t5 ^ t7;
1175 + f = h ^ t11;
1176 + t13 = t8 & t11;
1177 + e = t5 ^ t13
1178 + key[4 * 26 + 8] = e
1179 + key[4 * 26 + 9] = f
1180 + key[4 * 26 + 10] = g
1181 + key[4 * 26 + 11] = h
1182 + a = key[4 * 27 + 8]
1183 + b = key[4 * 27 + 9]
1184 + c = key[4 * 27 + 10]
1185 + d = key[4 * 27 + 11]
1186 + t1 = a ^ d;
1187 + t2 = a & d;
1188 + t3 = c ^ t1;
1189 + t6 = b & t1;
1190 + t4 = b ^ t3;
1191 + t10 = (~t3) % 0x100000000;
1192 + h = t2 ^ t4;
1193 + t7 = a ^ t6;
1194 + t14 = (~t7) % 0x100000000;
1195 + t8 = c | t7;
1196 + t11 = t3 ^ t7;
1197 + g = t4 ^ t8;
1198 + t12 = h & t11;
1199 + f = t10 ^ t12;
1200 + e = t12 ^ t14
1201 + key[4 * 27 + 8] = e
1202 + key[4 * 27 + 9] = f
1203 + key[4 * 27 + 10] = g
1204 + key[4 * 27 + 11] = h
1205 + a = key[4 * 28 + 8]
1206 + b = key[4 * 28 + 9]
1207 + c = key[4 * 28 + 10]
1208 + d = key[4 * 28 + 11]
1209 + t1 = (~c) % 0x100000000;
1210 + t2 = b ^ c;
1211 + t3 = b | t1;
1212 + t4 = d ^ t3;
1213 + t5 = a & t4;
1214 + t7 = a ^ d;
1215 + h = t2 ^ t5;
1216 + t8 = b ^ t5;
1217 + t9 = t2 | t8;
1218 + t11 = d & t3;
1219 + f = t7 ^ t9;
1220 + t12 = t5 ^ f;
1221 + t15 = t1 | t4;
1222 + t13 = h & t12;
1223 + g = t11 ^ t13;
1224 + t16 = t12 ^ g;
1225 + e = t15 ^ t16
1226 + key[4 * 28 + 8] = e
1227 + key[4 * 28 + 9] = f
1228 + key[4 * 28 + 10] = g
1229 + key[4 * 28 + 11] = h
1230 + a = key[4 * 29 + 8]
1231 + b = key[4 * 29 + 9]
1232 + c = key[4 * 29 + 10]
1233 + d = key[4 * 29 + 11]
1234 + t1 = (~a) % 0x100000000;
1235 + t2 = a ^ d;
1236 + t3 = b ^ t2;
1237 + t4 = t1 | t2;
1238 + t5 = c ^ t4;
1239 + f = b ^ t5;
1240 + t13 = (~t5) % 0x100000000;
1241 + t7 = t2 | f;
1242 + t8 = d ^ t7;
1243 + t9 = t5 & t8;
1244 + g = t3 ^ t9;
1245 + t11 = t5 ^ t8;
1246 + e = g ^ t11;
1247 + t14 = t3 & t11;
1248 + h = t13 ^ t14
1249 + key[4 * 29 + 8] = e
1250 + key[4 * 29 + 9] = f
1251 + key[4 * 29 + 10] = g
1252 + key[4 * 29 + 11] = h
1253 + a = key[4 * 30 + 8]
1254 + b = key[4 * 30 + 9]
1255 + c = key[4 * 30 + 10]
1256 + d = key[4 * 30 + 11]
1257 + t1 = (~a) % 0x100000000;
1258 + t2 = a ^ b;
1259 + t3 = a ^ d;
1260 + t4 = c ^ t1;
1261 + t5 = t2 | t3;
1262 + e = t4 ^ t5;
1263 + t7 = d & e;
1264 + t8 = t2 ^ e;
1265 + t10 = t1 | e;
1266 + f = t7 ^ t8;
1267 + t11 = t2 | t7;
1268 + t12 = t3 ^ t10;
1269 + t14 = b ^ t7;
1270 + g = t11 ^ t12;
1271 + t15 = f & t12;
1272 + h = t14 ^ t15
1273 + key[4 * 30 + 8] = e
1274 + key[4 * 30 + 9] = f
1275 + key[4 * 30 + 10] = g
1276 + key[4 * 30 + 11] = h
1277 + a = key[4 * 31 + 8]
1278 + b = key[4 * 31 + 9]
1279 + c = key[4 * 31 + 10]
1280 + d = key[4 * 31 + 11]
1281 + t1 = a ^ d;
1282 + t2 = d & t1;
1283 + t3 = c ^ t2;
1284 + t4 = b | t3;
1285 + h = t1 ^ t4;
1286 + t6 = (~b) % 0x100000000;
1287 + t7 = t1 | t6;
1288 + e = t3 ^ t7;
1289 + t9 = a & e;
1290 + t10 = t1 ^ t6;
1291 + t11 = t4 & t10;
1292 + g = t9 ^ t11;
1293 + t13 = a ^ t3;
1294 + t14 = t10 & g;
1295 + f = t13 ^ t14
1296 + key[4 * 31 + 8] = e
1297 + key[4 * 31 + 9] = f
1298 + key[4 * 31 + 10] = g
1299 + key[4 * 31 + 11] = h
1300 + a = key[4 * 32 + 8]
1301 + b = key[4 * 32 + 9]
1302 + c = key[4 * 32 + 10]
1303 + d = key[4 * 32 + 11]
1304 + t1 = a ^ c;
1305 + t2 = d ^ t1;
1306 + t3 = a & t2;
1307 + t4 = d ^ t3;
1308 + t5 = b & t4;
1309 + g = t2 ^ t5;
1310 + t7 = a | g;
1311 + t8 = b | d;
1312 + t11 = a | d;
1313 + t9 = t4 & t7;
1314 + f = t8 ^ t9;
1315 + t12 = b ^ t11;
1316 + t13 = g ^ t9;
1317 + t15 = t3 ^ t8;
1318 + h = t12 ^ t13;
1319 + t16 = c & t15;
1320 + e = t12 ^ t16
1321 + key[4 * 32 + 8] = e
1322 + key[4 * 32 + 9] = f
1323 + key[4 * 32 + 10] = g
1324 + key[4 * 32 + 11] = h
1325 +
1326 +def encrypt(key, in_blk):
1327 + # serpent_generate.py
1328 + a = in_blk[0]
1329 + b = in_blk[1]
1330 + c = in_blk[2]
1331 + d = in_blk[3]
1332 + if WORD_BIGENDIAN:
1333 + a = byteswap32(a)
1334 + b = byteswap32(b)
1335 + c = byteswap32(c)
1336 + d = byteswap32(d)
1337 + e = 0
1338 + f = 0
1339 + g = 0
1340 + h = 0
1341 + t1 = 0
1342 + t2 = 0
1343 + t3 = 0
1344 + t4 = 0
1345 + t5 = 0
1346 + t6 = 0
1347 + t7 = 0
1348 + t8 = 0
1349 + t9 = 0
1350 + t10 = 0
1351 + t11 = 0
1352 + t12 = 0
1353 + t13 = 0
1354 + t14 = 0
1355 + t15 = 0
1356 + t16 = 0
1357 + a ^= key[4 * 0 + 8]
1358 + b ^= key[4 * 0 + 9]
1359 + c ^= key[4 * 0 + 10]
1360 + d ^= key[4 * 0 + 11]
1361 + t1 = a ^ d;
1362 + t2 = a & d;
1363 + t3 = c ^ t1;
1364 + t6 = b & t1;
1365 + t4 = b ^ t3;
1366 + t10 = (~t3) % 0x100000000;
1367 + h = t2 ^ t4;
1368 + t7 = a ^ t6;
1369 + t14 = (~t7) % 0x100000000;
1370 + t8 = c | t7;
1371 + t11 = t3 ^ t7;
1372 + g = t4 ^ t8;
1373 + t12 = h & t11;
1374 + f = t10 ^ t12;
1375 + e = t12 ^ t14
1376 + e = rotl32(e, 13)
1377 + g = rotl32(g, 3)
1378 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
1379 + f ^= e ^ g
1380 + h = rotl32(h, 7)
1381 + f = rotl32(f, 1)
1382 + e ^= f ^ h
1383 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
1384 + e = rotl32(e, 5)
1385 + g = rotl32(g, 22)
1386 + e ^= key[4 * 1 + 8]
1387 + f ^= key[4 * 1 + 9]
1388 + g ^= key[4 * 1 + 10]
1389 + h ^= key[4 * 1 + 11]
1390 + t1 = (~e) % 0x100000000;
1391 + t2 = f ^ t1;
1392 + t3 = e | t2;
1393 + t4 = h | t2;
1394 + t5 = g ^ t3;
1395 + c = h ^ t5;
1396 + t7 = f ^ t4;
1397 + t8 = t2 ^ c;
1398 + t9 = t5 & t7;
1399 + d = t8 ^ t9;
1400 + t11 = t5 ^ t7;
1401 + b = d ^ t11;
1402 + t13 = t8 & t11;
1403 + a = t5 ^ t13
1404 + a = rotl32(a, 13)
1405 + c = rotl32(c, 3)
1406 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
1407 + b ^= a ^ c
1408 + d = rotl32(d, 7)
1409 + b = rotl32(b, 1)
1410 + a ^= b ^ d
1411 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
1412 + a = rotl32(a, 5)
1413 + c = rotl32(c, 22)
1414 + a ^= key[4 * 2 + 8]
1415 + b ^= key[4 * 2 + 9]
1416 + c ^= key[4 * 2 + 10]
1417 + d ^= key[4 * 2 + 11]
1418 + t1 = (~a) % 0x100000000;
1419 + t2 = b ^ d;
1420 + t3 = c & t1;
1421 + t13 = d | t1;
1422 + e = t2 ^ t3;
1423 + t5 = c ^ t1;
1424 + t6 = c ^ e;
1425 + t7 = b & t6;
1426 + t10 = e | t5;
1427 + h = t5 ^ t7;
1428 + t9 = d | t7;
1429 + t11 = t9 & t10;
1430 + t14 = t2 ^ h;
1431 + g = a ^ t11;
1432 + t15 = g ^ t13;
1433 + f = t14 ^ t15
1434 + e = rotl32(e, 13)
1435 + g = rotl32(g, 3)
1436 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
1437 + f ^= e ^ g
1438 + h = rotl32(h, 7)
1439 + f = rotl32(f, 1)
1440 + e ^= f ^ h
1441 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
1442 + e = rotl32(e, 5)
1443 + g = rotl32(g, 22)
1444 + e ^= key[4 * 3 + 8]
1445 + f ^= key[4 * 3 + 9]
1446 + g ^= key[4 * 3 + 10]
1447 + h ^= key[4 * 3 + 11]
1448 + t1 = e ^ g;
1449 + t2 = h ^ t1;
1450 + t3 = e & t2;
1451 + t4 = h ^ t3;
1452 + t5 = f & t4;
1453 + c = t2 ^ t5;
1454 + t7 = e | c;
1455 + t8 = f | h;
1456 + t11 = e | h;
1457 + t9 = t4 & t7;
1458 + b = t8 ^ t9;
1459 + t12 = f ^ t11;
1460 + t13 = c ^ t9;
1461 + t15 = t3 ^ t8;
1462 + d = t12 ^ t13;
1463 + t16 = g & t15;
1464 + a = t12 ^ t16
1465 + a = rotl32(a, 13)
1466 + c = rotl32(c, 3)
1467 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
1468 + b ^= a ^ c
1469 + d = rotl32(d, 7)
1470 + b = rotl32(b, 1)
1471 + a ^= b ^ d
1472 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
1473 + a = rotl32(a, 5)
1474 + c = rotl32(c, 22)
1475 + a ^= key[4 * 4 + 8]
1476 + b ^= key[4 * 4 + 9]
1477 + c ^= key[4 * 4 + 10]
1478 + d ^= key[4 * 4 + 11]
1479 + t1 = a ^ d;
1480 + t2 = d & t1;
1481 + t3 = c ^ t2;
1482 + t4 = b | t3;
1483 + h = t1 ^ t4;
1484 + t6 = (~b) % 0x100000000;
1485 + t7 = t1 | t6;
1486 + e = t3 ^ t7;
1487 + t9 = a & e;
1488 + t10 = t1 ^ t6;
1489 + t11 = t4 & t10;
1490 + g = t9 ^ t11;
1491 + t13 = a ^ t3;
1492 + t14 = t10 & g;
1493 + f = t13 ^ t14
1494 + e = rotl32(e, 13)
1495 + g = rotl32(g, 3)
1496 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
1497 + f ^= e ^ g
1498 + h = rotl32(h, 7)
1499 + f = rotl32(f, 1)
1500 + e ^= f ^ h
1501 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
1502 + e = rotl32(e, 5)
1503 + g = rotl32(g, 22)
1504 + e ^= key[4 * 5 + 8]
1505 + f ^= key[4 * 5 + 9]
1506 + g ^= key[4 * 5 + 10]
1507 + h ^= key[4 * 5 + 11]
1508 + t1 = (~e) % 0x100000000;
1509 + t2 = e ^ f;
1510 + t3 = e ^ h;
1511 + t4 = g ^ t1;
1512 + t5 = t2 | t3;
1513 + a = t4 ^ t5;
1514 + t7 = h & a;
1515 + t8 = t2 ^ a;
1516 + t10 = t1 | a;
1517 + b = t7 ^ t8;
1518 + t11 = t2 | t7;
1519 + t12 = t3 ^ t10;
1520 + t14 = f ^ t7;
1521 + c = t11 ^ t12;
1522 + t15 = b & t12;
1523 + d = t14 ^ t15
1524 + a = rotl32(a, 13)
1525 + c = rotl32(c, 3)
1526 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
1527 + b ^= a ^ c
1528 + d = rotl32(d, 7)
1529 + b = rotl32(b, 1)
1530 + a ^= b ^ d
1531 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
1532 + a = rotl32(a, 5)
1533 + c = rotl32(c, 22)
1534 + a ^= key[4 * 6 + 8]
1535 + b ^= key[4 * 6 + 9]
1536 + c ^= key[4 * 6 + 10]
1537 + d ^= key[4 * 6 + 11]
1538 + t1 = (~a) % 0x100000000;
1539 + t2 = a ^ d;
1540 + t3 = b ^ t2;
1541 + t4 = t1 | t2;
1542 + t5 = c ^ t4;
1543 + f = b ^ t5;
1544 + t13 = (~t5) % 0x100000000;
1545 + t7 = t2 | f;
1546 + t8 = d ^ t7;
1547 + t9 = t5 & t8;
1548 + g = t3 ^ t9;
1549 + t11 = t5 ^ t8;
1550 + e = g ^ t11;
1551 + t14 = t3 & t11;
1552 + h = t13 ^ t14
1553 + e = rotl32(e, 13)
1554 + g = rotl32(g, 3)
1555 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
1556 + f ^= e ^ g
1557 + h = rotl32(h, 7)
1558 + f = rotl32(f, 1)
1559 + e ^= f ^ h
1560 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
1561 + e = rotl32(e, 5)
1562 + g = rotl32(g, 22)
1563 + e ^= key[4 * 7 + 8]
1564 + f ^= key[4 * 7 + 9]
1565 + g ^= key[4 * 7 + 10]
1566 + h ^= key[4 * 7 + 11]
1567 + t1 = (~g) % 0x100000000;
1568 + t2 = f ^ g;
1569 + t3 = f | t1;
1570 + t4 = h ^ t3;
1571 + t5 = e & t4;
1572 + t7 = e ^ h;
1573 + d = t2 ^ t5;
1574 + t8 = f ^ t5;
1575 + t9 = t2 | t8;
1576 + t11 = h & t3;
1577 + b = t7 ^ t9;
1578 + t12 = t5 ^ b;
1579 + t15 = t1 | t4;
1580 + t13 = d & t12;
1581 + c = t11 ^ t13;
1582 + t16 = t12 ^ c;
1583 + a = t15 ^ t16
1584 + a = rotl32(a, 13)
1585 + c = rotl32(c, 3)
1586 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
1587 + b ^= a ^ c
1588 + d = rotl32(d, 7)
1589 + b = rotl32(b, 1)
1590 + a ^= b ^ d
1591 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
1592 + a = rotl32(a, 5)
1593 + c = rotl32(c, 22)
1594 + a ^= key[4 * 8 + 8]
1595 + b ^= key[4 * 8 + 9]
1596 + c ^= key[4 * 8 + 10]
1597 + d ^= key[4 * 8 + 11]
1598 + t1 = a ^ d;
1599 + t2 = a & d;
1600 + t3 = c ^ t1;
1601 + t6 = b & t1;
1602 + t4 = b ^ t3;
1603 + t10 = (~t3) % 0x100000000;
1604 + h = t2 ^ t4;
1605 + t7 = a ^ t6;
1606 + t14 = (~t7) % 0x100000000;
1607 + t8 = c | t7;
1608 + t11 = t3 ^ t7;
1609 + g = t4 ^ t8;
1610 + t12 = h & t11;
1611 + f = t10 ^ t12;
1612 + e = t12 ^ t14
1613 + e = rotl32(e, 13)
1614 + g = rotl32(g, 3)
1615 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
1616 + f ^= e ^ g
1617 + h = rotl32(h, 7)
1618 + f = rotl32(f, 1)
1619 + e ^= f ^ h
1620 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
1621 + e = rotl32(e, 5)
1622 + g = rotl32(g, 22)
1623 + e ^= key[4 * 9 + 8]
1624 + f ^= key[4 * 9 + 9]
1625 + g ^= key[4 * 9 + 10]
1626 + h ^= key[4 * 9 + 11]
1627 + t1 = (~e) % 0x100000000;
1628 + t2 = f ^ t1;
1629 + t3 = e | t2;
1630 + t4 = h | t2;
1631 + t5 = g ^ t3;
1632 + c = h ^ t5;
1633 + t7 = f ^ t4;
1634 + t8 = t2 ^ c;
1635 + t9 = t5 & t7;
1636 + d = t8 ^ t9;
1637 + t11 = t5 ^ t7;
1638 + b = d ^ t11;
1639 + t13 = t8 & t11;
1640 + a = t5 ^ t13
1641 + a = rotl32(a, 13)
1642 + c = rotl32(c, 3)
1643 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
1644 + b ^= a ^ c
1645 + d = rotl32(d, 7)
1646 + b = rotl32(b, 1)
1647 + a ^= b ^ d
1648 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
1649 + a = rotl32(a, 5)
1650 + c = rotl32(c, 22)
1651 + a ^= key[4 * 10 + 8]
1652 + b ^= key[4 * 10 + 9]
1653 + c ^= key[4 * 10 + 10]
1654 + d ^= key[4 * 10 + 11]
1655 + t1 = (~a) % 0x100000000;
1656 + t2 = b ^ d;
1657 + t3 = c & t1;
1658 + t13 = d | t1;
1659 + e = t2 ^ t3;
1660 + t5 = c ^ t1;
1661 + t6 = c ^ e;
1662 + t7 = b & t6;
1663 + t10 = e | t5;
1664 + h = t5 ^ t7;
1665 + t9 = d | t7;
1666 + t11 = t9 & t10;
1667 + t14 = t2 ^ h;
1668 + g = a ^ t11;
1669 + t15 = g ^ t13;
1670 + f = t14 ^ t15
1671 + e = rotl32(e, 13)
1672 + g = rotl32(g, 3)
1673 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
1674 + f ^= e ^ g
1675 + h = rotl32(h, 7)
1676 + f = rotl32(f, 1)
1677 + e ^= f ^ h
1678 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
1679 + e = rotl32(e, 5)
1680 + g = rotl32(g, 22)
1681 + e ^= key[4 * 11 + 8]
1682 + f ^= key[4 * 11 + 9]
1683 + g ^= key[4 * 11 + 10]
1684 + h ^= key[4 * 11 + 11]
1685 + t1 = e ^ g;
1686 + t2 = h ^ t1;
1687 + t3 = e & t2;
1688 + t4 = h ^ t3;
1689 + t5 = f & t4;
1690 + c = t2 ^ t5;
1691 + t7 = e | c;
1692 + t8 = f | h;
1693 + t11 = e | h;
1694 + t9 = t4 & t7;
1695 + b = t8 ^ t9;
1696 + t12 = f ^ t11;
1697 + t13 = c ^ t9;
1698 + t15 = t3 ^ t8;
1699 + d = t12 ^ t13;
1700 + t16 = g & t15;
1701 + a = t12 ^ t16
1702 + a = rotl32(a, 13)
1703 + c = rotl32(c, 3)
1704 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
1705 + b ^= a ^ c
1706 + d = rotl32(d, 7)
1707 + b = rotl32(b, 1)
1708 + a ^= b ^ d
1709 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
1710 + a = rotl32(a, 5)
1711 + c = rotl32(c, 22)
1712 + a ^= key[4 * 12 + 8]
1713 + b ^= key[4 * 12 + 9]
1714 + c ^= key[4 * 12 + 10]
1715 + d ^= key[4 * 12 + 11]
1716 + t1 = a ^ d;
1717 + t2 = d & t1;
1718 + t3 = c ^ t2;
1719 + t4 = b | t3;
1720 + h = t1 ^ t4;
1721 + t6 = (~b) % 0x100000000;
1722 + t7 = t1 | t6;
1723 + e = t3 ^ t7;
1724 + t9 = a & e;
1725 + t10 = t1 ^ t6;
1726 + t11 = t4 & t10;
1727 + g = t9 ^ t11;
1728 + t13 = a ^ t3;
1729 + t14 = t10 & g;
1730 + f = t13 ^ t14
1731 + e = rotl32(e, 13)
1732 + g = rotl32(g, 3)
1733 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
1734 + f ^= e ^ g
1735 + h = rotl32(h, 7)
1736 + f = rotl32(f, 1)
1737 + e ^= f ^ h
1738 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
1739 + e = rotl32(e, 5)
1740 + g = rotl32(g, 22)
1741 + e ^= key[4 * 13 + 8]
1742 + f ^= key[4 * 13 + 9]
1743 + g ^= key[4 * 13 + 10]
1744 + h ^= key[4 * 13 + 11]
1745 + t1 = (~e) % 0x100000000;
1746 + t2 = e ^ f;
1747 + t3 = e ^ h;
1748 + t4 = g ^ t1;
1749 + t5 = t2 | t3;
1750 + a = t4 ^ t5;
1751 + t7 = h & a;
1752 + t8 = t2 ^ a;
1753 + t10 = t1 | a;
1754 + b = t7 ^ t8;
1755 + t11 = t2 | t7;
1756 + t12 = t3 ^ t10;
1757 + t14 = f ^ t7;
1758 + c = t11 ^ t12;
1759 + t15 = b & t12;
1760 + d = t14 ^ t15
1761 + a = rotl32(a, 13)
1762 + c = rotl32(c, 3)
1763 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
1764 + b ^= a ^ c
1765 + d = rotl32(d, 7)
1766 + b = rotl32(b, 1)
1767 + a ^= b ^ d
1768 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
1769 + a = rotl32(a, 5)
1770 + c = rotl32(c, 22)
1771 + a ^= key[4 * 14 + 8]
1772 + b ^= key[4 * 14 + 9]
1773 + c ^= key[4 * 14 + 10]
1774 + d ^= key[4 * 14 + 11]
1775 + t1 = (~a) % 0x100000000;
1776 + t2 = a ^ d;
1777 + t3 = b ^ t2;
1778 + t4 = t1 | t2;
1779 + t5 = c ^ t4;
1780 + f = b ^ t5;
1781 + t13 = (~t5) % 0x100000000;
1782 + t7 = t2 | f;
1783 + t8 = d ^ t7;
1784 + t9 = t5 & t8;
1785 + g = t3 ^ t9;
1786 + t11 = t5 ^ t8;
1787 + e = g ^ t11;
1788 + t14 = t3 & t11;
1789 + h = t13 ^ t14
1790 + e = rotl32(e, 13)
1791 + g = rotl32(g, 3)
1792 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
1793 + f ^= e ^ g
1794 + h = rotl32(h, 7)
1795 + f = rotl32(f, 1)
1796 + e ^= f ^ h
1797 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
1798 + e = rotl32(e, 5)
1799 + g = rotl32(g, 22)
1800 + e ^= key[4 * 15 + 8]
1801 + f ^= key[4 * 15 + 9]
1802 + g ^= key[4 * 15 + 10]
1803 + h ^= key[4 * 15 + 11]
1804 + t1 = (~g) % 0x100000000;
1805 + t2 = f ^ g;
1806 + t3 = f | t1;
1807 + t4 = h ^ t3;
1808 + t5 = e & t4;
1809 + t7 = e ^ h;
1810 + d = t2 ^ t5;
1811 + t8 = f ^ t5;
1812 + t9 = t2 | t8;
1813 + t11 = h & t3;
1814 + b = t7 ^ t9;
1815 + t12 = t5 ^ b;
1816 + t15 = t1 | t4;
1817 + t13 = d & t12;
1818 + c = t11 ^ t13;
1819 + t16 = t12 ^ c;
1820 + a = t15 ^ t16
1821 + a = rotl32(a, 13)
1822 + c = rotl32(c, 3)
1823 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
1824 + b ^= a ^ c
1825 + d = rotl32(d, 7)
1826 + b = rotl32(b, 1)
1827 + a ^= b ^ d
1828 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
1829 + a = rotl32(a, 5)
1830 + c = rotl32(c, 22)
1831 + a ^= key[4 * 16 + 8]
1832 + b ^= key[4 * 16 + 9]
1833 + c ^= key[4 * 16 + 10]
1834 + d ^= key[4 * 16 + 11]
1835 + t1 = a ^ d;
1836 + t2 = a & d;
1837 + t3 = c ^ t1;
1838 + t6 = b & t1;
1839 + t4 = b ^ t3;
1840 + t10 = (~t3) % 0x100000000;
1841 + h = t2 ^ t4;
1842 + t7 = a ^ t6;
1843 + t14 = (~t7) % 0x100000000;
1844 + t8 = c | t7;
1845 + t11 = t3 ^ t7;
1846 + g = t4 ^ t8;
1847 + t12 = h & t11;
1848 + f = t10 ^ t12;
1849 + e = t12 ^ t14
1850 + e = rotl32(e, 13)
1851 + g = rotl32(g, 3)
1852 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
1853 + f ^= e ^ g
1854 + h = rotl32(h, 7)
1855 + f = rotl32(f, 1)
1856 + e ^= f ^ h
1857 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
1858 + e = rotl32(e, 5)
1859 + g = rotl32(g, 22)
1860 + e ^= key[4 * 17 + 8]
1861 + f ^= key[4 * 17 + 9]
1862 + g ^= key[4 * 17 + 10]
1863 + h ^= key[4 * 17 + 11]
1864 + t1 = (~e) % 0x100000000;
1865 + t2 = f ^ t1;
1866 + t3 = e | t2;
1867 + t4 = h | t2;
1868 + t5 = g ^ t3;
1869 + c = h ^ t5;
1870 + t7 = f ^ t4;
1871 + t8 = t2 ^ c;
1872 + t9 = t5 & t7;
1873 + d = t8 ^ t9;
1874 + t11 = t5 ^ t7;
1875 + b = d ^ t11;
1876 + t13 = t8 & t11;
1877 + a = t5 ^ t13
1878 + a = rotl32(a, 13)
1879 + c = rotl32(c, 3)
1880 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
1881 + b ^= a ^ c
1882 + d = rotl32(d, 7)
1883 + b = rotl32(b, 1)
1884 + a ^= b ^ d
1885 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
1886 + a = rotl32(a, 5)
1887 + c = rotl32(c, 22)
1888 + a ^= key[4 * 18 + 8]
1889 + b ^= key[4 * 18 + 9]
1890 + c ^= key[4 * 18 + 10]
1891 + d ^= key[4 * 18 + 11]
1892 + t1 = (~a) % 0x100000000;
1893 + t2 = b ^ d;
1894 + t3 = c & t1;
1895 + t13 = d | t1;
1896 + e = t2 ^ t3;
1897 + t5 = c ^ t1;
1898 + t6 = c ^ e;
1899 + t7 = b & t6;
1900 + t10 = e | t5;
1901 + h = t5 ^ t7;
1902 + t9 = d | t7;
1903 + t11 = t9 & t10;
1904 + t14 = t2 ^ h;
1905 + g = a ^ t11;
1906 + t15 = g ^ t13;
1907 + f = t14 ^ t15
1908 + e = rotl32(e, 13)
1909 + g = rotl32(g, 3)
1910 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
1911 + f ^= e ^ g
1912 + h = rotl32(h, 7)
1913 + f = rotl32(f, 1)
1914 + e ^= f ^ h
1915 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
1916 + e = rotl32(e, 5)
1917 + g = rotl32(g, 22)
1918 + e ^= key[4 * 19 + 8]
1919 + f ^= key[4 * 19 + 9]
1920 + g ^= key[4 * 19 + 10]
1921 + h ^= key[4 * 19 + 11]
1922 + t1 = e ^ g;
1923 + t2 = h ^ t1;
1924 + t3 = e & t2;
1925 + t4 = h ^ t3;
1926 + t5 = f & t4;
1927 + c = t2 ^ t5;
1928 + t7 = e | c;
1929 + t8 = f | h;
1930 + t11 = e | h;
1931 + t9 = t4 & t7;
1932 + b = t8 ^ t9;
1933 + t12 = f ^ t11;
1934 + t13 = c ^ t9;
1935 + t15 = t3 ^ t8;
1936 + d = t12 ^ t13;
1937 + t16 = g & t15;
1938 + a = t12 ^ t16
1939 + a = rotl32(a, 13)
1940 + c = rotl32(c, 3)
1941 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
1942 + b ^= a ^ c
1943 + d = rotl32(d, 7)
1944 + b = rotl32(b, 1)
1945 + a ^= b ^ d
1946 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
1947 + a = rotl32(a, 5)
1948 + c = rotl32(c, 22)
1949 + a ^= key[4 * 20 + 8]
1950 + b ^= key[4 * 20 + 9]
1951 + c ^= key[4 * 20 + 10]
1952 + d ^= key[4 * 20 + 11]
1953 + t1 = a ^ d;
1954 + t2 = d & t1;
1955 + t3 = c ^ t2;
1956 + t4 = b | t3;
1957 + h = t1 ^ t4;
1958 + t6 = (~b) % 0x100000000;
1959 + t7 = t1 | t6;
1960 + e = t3 ^ t7;
1961 + t9 = a & e;
1962 + t10 = t1 ^ t6;
1963 + t11 = t4 & t10;
1964 + g = t9 ^ t11;
1965 + t13 = a ^ t3;
1966 + t14 = t10 & g;
1967 + f = t13 ^ t14
1968 + e = rotl32(e, 13)
1969 + g = rotl32(g, 3)
1970 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
1971 + f ^= e ^ g
1972 + h = rotl32(h, 7)
1973 + f = rotl32(f, 1)
1974 + e ^= f ^ h
1975 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
1976 + e = rotl32(e, 5)
1977 + g = rotl32(g, 22)
1978 + e ^= key[4 * 21 + 8]
1979 + f ^= key[4 * 21 + 9]
1980 + g ^= key[4 * 21 + 10]
1981 + h ^= key[4 * 21 + 11]
1982 + t1 = (~e) % 0x100000000;
1983 + t2 = e ^ f;
1984 + t3 = e ^ h;
1985 + t4 = g ^ t1;
1986 + t5 = t2 | t3;
1987 + a = t4 ^ t5;
1988 + t7 = h & a;
1989 + t8 = t2 ^ a;
1990 + t10 = t1 | a;
1991 + b = t7 ^ t8;
1992 + t11 = t2 | t7;
1993 + t12 = t3 ^ t10;
1994 + t14 = f ^ t7;
1995 + c = t11 ^ t12;
1996 + t15 = b & t12;
1997 + d = t14 ^ t15
1998 + a = rotl32(a, 13)
1999 + c = rotl32(c, 3)
2000 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2001 + b ^= a ^ c
2002 + d = rotl32(d, 7)
2003 + b = rotl32(b, 1)
2004 + a ^= b ^ d
2005 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2006 + a = rotl32(a, 5)
2007 + c = rotl32(c, 22)
2008 + a ^= key[4 * 22 + 8]
2009 + b ^= key[4 * 22 + 9]
2010 + c ^= key[4 * 22 + 10]
2011 + d ^= key[4 * 22 + 11]
2012 + t1 = (~a) % 0x100000000;
2013 + t2 = a ^ d;
2014 + t3 = b ^ t2;
2015 + t4 = t1 | t2;
2016 + t5 = c ^ t4;
2017 + f = b ^ t5;
2018 + t13 = (~t5) % 0x100000000;
2019 + t7 = t2 | f;
2020 + t8 = d ^ t7;
2021 + t9 = t5 & t8;
2022 + g = t3 ^ t9;
2023 + t11 = t5 ^ t8;
2024 + e = g ^ t11;
2025 + t14 = t3 & t11;
2026 + h = t13 ^ t14
2027 + e = rotl32(e, 13)
2028 + g = rotl32(g, 3)
2029 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2030 + f ^= e ^ g
2031 + h = rotl32(h, 7)
2032 + f = rotl32(f, 1)
2033 + e ^= f ^ h
2034 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2035 + e = rotl32(e, 5)
2036 + g = rotl32(g, 22)
2037 + e ^= key[4 * 23 + 8]
2038 + f ^= key[4 * 23 + 9]
2039 + g ^= key[4 * 23 + 10]
2040 + h ^= key[4 * 23 + 11]
2041 + t1 = (~g) % 0x100000000;
2042 + t2 = f ^ g;
2043 + t3 = f | t1;
2044 + t4 = h ^ t3;
2045 + t5 = e & t4;
2046 + t7 = e ^ h;
2047 + d = t2 ^ t5;
2048 + t8 = f ^ t5;
2049 + t9 = t2 | t8;
2050 + t11 = h & t3;
2051 + b = t7 ^ t9;
2052 + t12 = t5 ^ b;
2053 + t15 = t1 | t4;
2054 + t13 = d & t12;
2055 + c = t11 ^ t13;
2056 + t16 = t12 ^ c;
2057 + a = t15 ^ t16
2058 + a = rotl32(a, 13)
2059 + c = rotl32(c, 3)
2060 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2061 + b ^= a ^ c
2062 + d = rotl32(d, 7)
2063 + b = rotl32(b, 1)
2064 + a ^= b ^ d
2065 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2066 + a = rotl32(a, 5)
2067 + c = rotl32(c, 22)
2068 + a ^= key[4 * 24 + 8]
2069 + b ^= key[4 * 24 + 9]
2070 + c ^= key[4 * 24 + 10]
2071 + d ^= key[4 * 24 + 11]
2072 + t1 = a ^ d;
2073 + t2 = a & d;
2074 + t3 = c ^ t1;
2075 + t6 = b & t1;
2076 + t4 = b ^ t3;
2077 + t10 = (~t3) % 0x100000000;
2078 + h = t2 ^ t4;
2079 + t7 = a ^ t6;
2080 + t14 = (~t7) % 0x100000000;
2081 + t8 = c | t7;
2082 + t11 = t3 ^ t7;
2083 + g = t4 ^ t8;
2084 + t12 = h & t11;
2085 + f = t10 ^ t12;
2086 + e = t12 ^ t14
2087 + e = rotl32(e, 13)
2088 + g = rotl32(g, 3)
2089 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2090 + f ^= e ^ g
2091 + h = rotl32(h, 7)
2092 + f = rotl32(f, 1)
2093 + e ^= f ^ h
2094 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2095 + e = rotl32(e, 5)
2096 + g = rotl32(g, 22)
2097 + e ^= key[4 * 25 + 8]
2098 + f ^= key[4 * 25 + 9]
2099 + g ^= key[4 * 25 + 10]
2100 + h ^= key[4 * 25 + 11]
2101 + t1 = (~e) % 0x100000000;
2102 + t2 = f ^ t1;
2103 + t3 = e | t2;
2104 + t4 = h | t2;
2105 + t5 = g ^ t3;
2106 + c = h ^ t5;
2107 + t7 = f ^ t4;
2108 + t8 = t2 ^ c;
2109 + t9 = t5 & t7;
2110 + d = t8 ^ t9;
2111 + t11 = t5 ^ t7;
2112 + b = d ^ t11;
2113 + t13 = t8 & t11;
2114 + a = t5 ^ t13
2115 + a = rotl32(a, 13)
2116 + c = rotl32(c, 3)
2117 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2118 + b ^= a ^ c
2119 + d = rotl32(d, 7)
2120 + b = rotl32(b, 1)
2121 + a ^= b ^ d
2122 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2123 + a = rotl32(a, 5)
2124 + c = rotl32(c, 22)
2125 + a ^= key[4 * 26 + 8]
2126 + b ^= key[4 * 26 + 9]
2127 + c ^= key[4 * 26 + 10]
2128 + d ^= key[4 * 26 + 11]
2129 + t1 = (~a) % 0x100000000;
2130 + t2 = b ^ d;
2131 + t3 = c & t1;
2132 + t13 = d | t1;
2133 + e = t2 ^ t3;
2134 + t5 = c ^ t1;
2135 + t6 = c ^ e;
2136 + t7 = b & t6;
2137 + t10 = e | t5;
2138 + h = t5 ^ t7;
2139 + t9 = d | t7;
2140 + t11 = t9 & t10;
2141 + t14 = t2 ^ h;
2142 + g = a ^ t11;
2143 + t15 = g ^ t13;
2144 + f = t14 ^ t15
2145 + e = rotl32(e, 13)
2146 + g = rotl32(g, 3)
2147 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2148 + f ^= e ^ g
2149 + h = rotl32(h, 7)
2150 + f = rotl32(f, 1)
2151 + e ^= f ^ h
2152 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2153 + e = rotl32(e, 5)
2154 + g = rotl32(g, 22)
2155 + e ^= key[4 * 27 + 8]
2156 + f ^= key[4 * 27 + 9]
2157 + g ^= key[4 * 27 + 10]
2158 + h ^= key[4 * 27 + 11]
2159 + t1 = e ^ g;
2160 + t2 = h ^ t1;
2161 + t3 = e & t2;
2162 + t4 = h ^ t3;
2163 + t5 = f & t4;
2164 + c = t2 ^ t5;
2165 + t7 = e | c;
2166 + t8 = f | h;
2167 + t11 = e | h;
2168 + t9 = t4 & t7;
2169 + b = t8 ^ t9;
2170 + t12 = f ^ t11;
2171 + t13 = c ^ t9;
2172 + t15 = t3 ^ t8;
2173 + d = t12 ^ t13;
2174 + t16 = g & t15;
2175 + a = t12 ^ t16
2176 + a = rotl32(a, 13)
2177 + c = rotl32(c, 3)
2178 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2179 + b ^= a ^ c
2180 + d = rotl32(d, 7)
2181 + b = rotl32(b, 1)
2182 + a ^= b ^ d
2183 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2184 + a = rotl32(a, 5)
2185 + c = rotl32(c, 22)
2186 + a ^= key[4 * 28 + 8]
2187 + b ^= key[4 * 28 + 9]
2188 + c ^= key[4 * 28 + 10]
2189 + d ^= key[4 * 28 + 11]
2190 + t1 = a ^ d;
2191 + t2 = d & t1;
2192 + t3 = c ^ t2;
2193 + t4 = b | t3;
2194 + h = t1 ^ t4;
2195 + t6 = (~b) % 0x100000000;
2196 + t7 = t1 | t6;
2197 + e = t3 ^ t7;
2198 + t9 = a & e;
2199 + t10 = t1 ^ t6;
2200 + t11 = t4 & t10;
2201 + g = t9 ^ t11;
2202 + t13 = a ^ t3;
2203 + t14 = t10 & g;
2204 + f = t13 ^ t14
2205 + e = rotl32(e, 13)
2206 + g = rotl32(g, 3)
2207 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2208 + f ^= e ^ g
2209 + h = rotl32(h, 7)
2210 + f = rotl32(f, 1)
2211 + e ^= f ^ h
2212 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2213 + e = rotl32(e, 5)
2214 + g = rotl32(g, 22)
2215 + e ^= key[4 * 29 + 8]
2216 + f ^= key[4 * 29 + 9]
2217 + g ^= key[4 * 29 + 10]
2218 + h ^= key[4 * 29 + 11]
2219 + t1 = (~e) % 0x100000000;
2220 + t2 = e ^ f;
2221 + t3 = e ^ h;
2222 + t4 = g ^ t1;
2223 + t5 = t2 | t3;
2224 + a = t4 ^ t5;
2225 + t7 = h & a;
2226 + t8 = t2 ^ a;
2227 + t10 = t1 | a;
2228 + b = t7 ^ t8;
2229 + t11 = t2 | t7;
2230 + t12 = t3 ^ t10;
2231 + t14 = f ^ t7;
2232 + c = t11 ^ t12;
2233 + t15 = b & t12;
2234 + d = t14 ^ t15
2235 + a = rotl32(a, 13)
2236 + c = rotl32(c, 3)
2237 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2238 + b ^= a ^ c
2239 + d = rotl32(d, 7)
2240 + b = rotl32(b, 1)
2241 + a ^= b ^ d
2242 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2243 + a = rotl32(a, 5)
2244 + c = rotl32(c, 22)
2245 + a ^= key[4 * 30 + 8]
2246 + b ^= key[4 * 30 + 9]
2247 + c ^= key[4 * 30 + 10]
2248 + d ^= key[4 * 30 + 11]
2249 + t1 = (~a) % 0x100000000;
2250 + t2 = a ^ d;
2251 + t3 = b ^ t2;
2252 + t4 = t1 | t2;
2253 + t5 = c ^ t4;
2254 + f = b ^ t5;
2255 + t13 = (~t5) % 0x100000000;
2256 + t7 = t2 | f;
2257 + t8 = d ^ t7;
2258 + t9 = t5 & t8;
2259 + g = t3 ^ t9;
2260 + t11 = t5 ^ t8;
2261 + e = g ^ t11;
2262 + t14 = t3 & t11;
2263 + h = t13 ^ t14
2264 + e = rotl32(e, 13)
2265 + g = rotl32(g, 3)
2266 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2267 + f ^= e ^ g
2268 + h = rotl32(h, 7)
2269 + f = rotl32(f, 1)
2270 + e ^= f ^ h
2271 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2272 + e = rotl32(e, 5)
2273 + g = rotl32(g, 22)
2274 + e ^= key[4 * 31 + 8]
2275 + f ^= key[4 * 31 + 9]
2276 + g ^= key[4 * 31 + 10]
2277 + h ^= key[4 * 31 + 11]
2278 + t1 = (~g) % 0x100000000;
2279 + t2 = f ^ g;
2280 + t3 = f | t1;
2281 + t4 = h ^ t3;
2282 + t5 = e & t4;
2283 + t7 = e ^ h;
2284 + d = t2 ^ t5;
2285 + t8 = f ^ t5;
2286 + t9 = t2 | t8;
2287 + t11 = h & t3;
2288 + b = t7 ^ t9;
2289 + t12 = t5 ^ b;
2290 + t15 = t1 | t4;
2291 + t13 = d & t12;
2292 + c = t11 ^ t13;
2293 + t16 = t12 ^ c;
2294 + a = t15 ^ t16
2295 + a ^= key[4 * 32 + 8]
2296 + b ^= key[4 * 32 + 9]
2297 + c ^= key[4 * 32 + 10]
2298 + d ^= key[4 * 32 + 11]
2299 + if WORD_BIGENDIAN:
2300 + a = byteswap32(a)
2301 + b = byteswap32(b)
2302 + c = byteswap32(c)
2303 + d = byteswap32(d)
2304 + in_blk[0] = a
2305 + in_blk[1] = b
2306 + in_blk[2] = c
2307 + in_blk[3] = d
2308 +
2309 +def decrypt(key, in_blk):
2310 + # serpent_generate.py
2311 + a = in_blk[0]
2312 + b = in_blk[1]
2313 + c = in_blk[2]
2314 + d = in_blk[3]
2315 + if WORD_BIGENDIAN:
2316 + a = byteswap32(a)
2317 + b = byteswap32(b)
2318 + c = byteswap32(c)
2319 + d = byteswap32(d)
2320 + e = 0
2321 + f = 0
2322 + g = 0
2323 + h = 0
2324 + t1 = 0
2325 + t2 = 0
2326 + t3 = 0
2327 + t4 = 0
2328 + t5 = 0
2329 + t6 = 0
2330 + t7 = 0
2331 + t8 = 0
2332 + t9 = 0
2333 + t10 = 0
2334 + t11 = 0
2335 + t12 = 0
2336 + t13 = 0
2337 + t14 = 0
2338 + t15 = 0
2339 + t16 = 0
2340 + a ^= key[4 * 32 + 8]
2341 + b ^= key[4 * 32 + 9]
2342 + c ^= key[4 * 32 + 10]
2343 + d ^= key[4 * 32 + 11]
2344 + t1 = a & b;
2345 + t2 = a | b;
2346 + t3 = c | t1;
2347 + t4 = d & t2;
2348 + h = t3 ^ t4;
2349 + t6 = (~d) % 0x100000000;
2350 + t7 = b ^ t4;
2351 + t8 = h ^ t6;
2352 + t11 = c ^ t7;
2353 + t9 = t7 | t8;
2354 + f = a ^ t9;
2355 + t12 = d | f;
2356 + e = t11 ^ t12;
2357 + t14 = a & h;
2358 + t15 = t3 ^ f;
2359 + t16 = e ^ t14;
2360 + g = t15 ^ t16
2361 + e ^= key[4 * 31 + 8]
2362 + f ^= key[4 * 31 + 9]
2363 + g ^= key[4 * 31 + 10]
2364 + h ^= key[4 * 31 + 11]
2365 + g = rotr32(g, 22)
2366 + e = rotr32(e, 5)
2367 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2368 + e ^= f ^ h
2369 + h = rotr32(h, 7)
2370 + f = rotr32(f, 1)
2371 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2372 + f ^= e ^ g
2373 + g = rotr32(g, 3)
2374 + e = rotr32(e, 13)
2375 + t1 = (~e) % 0x100000000;
2376 + t2 = e ^ f;
2377 + t3 = g ^ t2;
2378 + t4 = g | t1;
2379 + t5 = h ^ t4;
2380 + t13 = h & t1;
2381 + b = t3 ^ t5;
2382 + t7 = t3 & t5;
2383 + t8 = t2 ^ t7;
2384 + t9 = f | t8;
2385 + d = t5 ^ t9;
2386 + t11 = f | d;
2387 + a = t8 ^ t11;
2388 + t14 = t3 ^ t11;
2389 + c = t13 ^ t14
2390 + a ^= key[4 * 30 + 8]
2391 + b ^= key[4 * 30 + 9]
2392 + c ^= key[4 * 30 + 10]
2393 + d ^= key[4 * 30 + 11]
2394 + c = rotr32(c, 22)
2395 + a = rotr32(a, 5)
2396 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2397 + a ^= b ^ d
2398 + d = rotr32(d, 7)
2399 + b = rotr32(b, 1)
2400 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2401 + b ^= a ^ c
2402 + c = rotr32(c, 3)
2403 + a = rotr32(a, 13)
2404 + t1 = (~c) % 0x100000000;
2405 + t2 = b & t1;
2406 + t3 = d ^ t2;
2407 + t4 = a & t3;
2408 + t5 = b ^ t1;
2409 + h = t4 ^ t5;
2410 + t7 = b | h;
2411 + t8 = a & t7;
2412 + f = t3 ^ t8;
2413 + t10 = a | d;
2414 + t11 = t1 ^ t7;
2415 + e = t10 ^ t11;
2416 + t13 = a ^ c;
2417 + t14 = b & t10;
2418 + t15 = t4 | t13;
2419 + g = t14 ^ t15
2420 + e ^= key[4 * 29 + 8]
2421 + f ^= key[4 * 29 + 9]
2422 + g ^= key[4 * 29 + 10]
2423 + h ^= key[4 * 29 + 11]
2424 + g = rotr32(g, 22)
2425 + e = rotr32(e, 5)
2426 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2427 + e ^= f ^ h
2428 + h = rotr32(h, 7)
2429 + f = rotr32(f, 1)
2430 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2431 + f ^= e ^ g
2432 + g = rotr32(g, 3)
2433 + e = rotr32(e, 13)
2434 + t1 = g ^ h;
2435 + t2 = g | h;
2436 + t3 = f ^ t2;
2437 + t4 = e & t3;
2438 + b = t1 ^ t4;
2439 + t6 = e ^ h;
2440 + t7 = f | h;
2441 + t8 = t6 & t7;
2442 + d = t3 ^ t8;
2443 + t10 = (~e) % 0x100000000;
2444 + t11 = g ^ d;
2445 + t12 = t10 | t11;
2446 + a = t3 ^ t12;
2447 + t14 = g | t4;
2448 + t15 = t7 ^ t14;
2449 + t16 = d | t10;
2450 + c = t15 ^ t16
2451 + a ^= key[4 * 28 + 8]
2452 + b ^= key[4 * 28 + 9]
2453 + c ^= key[4 * 28 + 10]
2454 + d ^= key[4 * 28 + 11]
2455 + c = rotr32(c, 22)
2456 + a = rotr32(a, 5)
2457 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2458 + a ^= b ^ d
2459 + d = rotr32(d, 7)
2460 + b = rotr32(b, 1)
2461 +
2462 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2463 + b ^= a ^ c
2464 + c = rotr32(c, 3)
2465 + a = rotr32(a, 13)
2466 + t1 = b ^ c;
2467 + t2 = b | c;
2468 + t3 = a ^ c;
2469 + t7 = a ^ d;
2470 + t4 = t2 ^ t3;
2471 + t5 = d | t4;
2472 + t9 = t2 ^ t7;
2473 + e = t1 ^ t5;
2474 + t8 = t1 | t5;
2475 + t11 = a & t4;
2476 + g = t8 ^ t9;
2477 + t12 = e | t9;
2478 + f = t11 ^ t12;
2479 + t14 = a & g;
2480 + t15 = t2 ^ t14;
2481 + t16 = e & t15;
2482 + h = t4 ^ t16
2483 + e ^= key[4 * 27 + 8]
2484 + f ^= key[4 * 27 + 9]
2485 + g ^= key[4 * 27 + 10]
2486 + h ^= key[4 * 27 + 11]
2487 + g = rotr32(g, 22)
2488 + e = rotr32(e, 5)
2489 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2490 + e ^= f ^ h
2491 + h = rotr32(h, 7)
2492 + f = rotr32(f, 1)
2493 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2494 + f ^= e ^ g
2495 + g = rotr32(g, 3)
2496 + e = rotr32(e, 13)
2497 + t1 = f ^ h;
2498 + t2 = (~t1) % 0x100000000;
2499 + t3 = e ^ g;
2500 + t4 = g ^ t1;
2501 + t7 = e | t2;
2502 + t5 = f & t4;
2503 + t8 = h ^ t7;
2504 + t11 = (~t4) % 0x100000000;
2505 + a = t3 ^ t5;
2506 + t9 = t3 | t8;
2507 + t14 = h & t11;
2508 + d = t1 ^ t9;
2509 + t12 = a | d;
2510 + b = t11 ^ t12;
2511 + t15 = t3 ^ t12;
2512 + c = t14 ^ t15
2513 + a ^= key[4 * 26 + 8]
2514 + b ^= key[4 * 26 + 9]
2515 + c ^= key[4 * 26 + 10]
2516 + d ^= key[4 * 26 + 11]
2517 + c = rotr32(c, 22)
2518 + a = rotr32(a, 5)
2519 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2520 + a ^= b ^ d
2521 + d = rotr32(d, 7)
2522 + b = rotr32(b, 1)
2523 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2524 + b ^= a ^ c
2525 + c = rotr32(c, 3)
2526 + a = rotr32(a, 13)
2527 + t1 = a ^ d;
2528 + t2 = a & b;
2529 + t3 = b ^ c;
2530 + t4 = a ^ t3;
2531 + t5 = b | d;
2532 + t7 = c | t1;
2533 + h = t4 ^ t5;
2534 + t8 = b ^ t7;
2535 + t11 = (~t2) % 0x100000000;
2536 + t9 = t4 & t8;
2537 + f = t1 ^ t9;
2538 + t13 = t9 ^ t11;
2539 + t12 = h & f;
2540 + g = t12 ^ t13;
2541 + t15 = a & d;
2542 + t16 = c ^ t13;
2543 + e = t15 ^ t16
2544 + e ^= key[4 * 25 + 8]
2545 + f ^= key[4 * 25 + 9]
2546 + g ^= key[4 * 25 + 10]
2547 + h ^= key[4 * 25 + 11]
2548 + g = rotr32(g, 22)
2549 + e = rotr32(e, 5)
2550 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2551 + e ^= f ^ h
2552 + h = rotr32(h, 7)
2553 + f = rotr32(f, 1)
2554 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2555 + f ^= e ^ g
2556 + g = rotr32(g, 3)
2557 + e = rotr32(e, 13)
2558 + t1 = (~e) % 0x100000000
2559 + t2 = e ^ f
2560 + t3 = t1 | t2
2561 + t4 = h ^ t3
2562 + t7 = h & t2
2563 + t5 = g ^ t4
2564 + t8 = t1 ^ t7
2565 + c = t2 ^ t5
2566 + t11 = e & t4
2567 + t9 = c & t8
2568 + t14 = t5 ^ t8
2569 + b = t4 ^ t9
2570 + t12 = t5 | b
2571 + d = t11 ^ t12
2572 + a = d ^ t14
2573 + a ^= key[4 * 24 + 8]
2574 + b ^= key[4 * 24 + 9]
2575 + c ^= key[4 * 24 + 10]
2576 + d ^= key[4 * 24 + 11]
2577 + c = rotr32(c, 22)
2578 + a = rotr32(a, 5)
2579 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2580 + a ^= b ^ d
2581 + d = rotr32(d, 7)
2582 + b = rotr32(b, 1)
2583 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2584 + b ^= a ^ c
2585 + c = rotr32(c, 3)
2586 + a = rotr32(a, 13)
2587 + t1 = a & b;
2588 + t2 = a | b;
2589 + t3 = c | t1;
2590 + t4 = d & t2;
2591 + h = t3 ^ t4;
2592 + t6 = (~d) % 0x100000000;
2593 + t7 = b ^ t4;
2594 + t8 = h ^ t6;
2595 + t11 = c ^ t7;
2596 + t9 = t7 | t8;
2597 + f = a ^ t9;
2598 + t12 = d | f;
2599 + e = t11 ^ t12;
2600 + t14 = a & h;
2601 + t15 = t3 ^ f;
2602 + t16 = e ^ t14;
2603 + g = t15 ^ t16
2604 + e ^= key[4 * 23 + 8]
2605 + f ^= key[4 * 23 + 9]
2606 + g ^= key[4 * 23 + 10]
2607 + h ^= key[4 * 23 + 11]
2608 + g = rotr32(g, 22)
2609 + e = rotr32(e, 5)
2610 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2611 + e ^= f ^ h
2612 + h = rotr32(h, 7)
2613 + f = rotr32(f, 1)
2614 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2615 + f ^= e ^ g
2616 + g = rotr32(g, 3)
2617 + e = rotr32(e, 13)
2618 + t1 = (~e) % 0x100000000;
2619 + t2 = e ^ f;
2620 + t3 = g ^ t2;
2621 + t4 = g | t1;
2622 + t5 = h ^ t4;
2623 + t13 = h & t1;
2624 + b = t3 ^ t5;
2625 + t7 = t3 & t5;
2626 + t8 = t2 ^ t7;
2627 + t9 = f | t8;
2628 + d = t5 ^ t9;
2629 + t11 = f | d;
2630 + a = t8 ^ t11;
2631 + t14 = t3 ^ t11;
2632 + c = t13 ^ t14
2633 + a ^= key[4 * 22 + 8]
2634 + b ^= key[4 * 22 + 9]
2635 + c ^= key[4 * 22 + 10]
2636 + d ^= key[4 * 22 + 11]
2637 + c = rotr32(c, 22)
2638 + a = rotr32(a, 5)
2639 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2640 + a ^= b ^ d
2641 + d = rotr32(d, 7)
2642 + b = rotr32(b, 1)
2643 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2644 + b ^= a ^ c
2645 + c = rotr32(c, 3)
2646 + a = rotr32(a, 13)
2647 + t1 = (~c) % 0x100000000;
2648 + t2 = b & t1;
2649 + t3 = d ^ t2;
2650 + t4 = a & t3;
2651 + t5 = b ^ t1;
2652 + h = t4 ^ t5;
2653 + t7 = b | h;
2654 + t8 = a & t7;
2655 + f = t3 ^ t8;
2656 + t10 = a | d;
2657 + t11 = t1 ^ t7;
2658 + e = t10 ^ t11;
2659 + t13 = a ^ c;
2660 + t14 = b & t10;
2661 + t15 = t4 | t13;
2662 + g = t14 ^ t15
2663 + e ^= key[4 * 21 + 8]
2664 + f ^= key[4 * 21 + 9]
2665 + g ^= key[4 * 21 + 10]
2666 + h ^= key[4 * 21 + 11]
2667 + g = rotr32(g, 22)
2668 + e = rotr32(e, 5)
2669 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2670 + e ^= f ^ h
2671 + h = rotr32(h, 7)
2672 + f = rotr32(f, 1)
2673 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2674 + f ^= e ^ g
2675 + g = rotr32(g, 3)
2676 + e = rotr32(e, 13)
2677 + t1 = g ^ h;
2678 + t2 = g | h;
2679 + t3 = f ^ t2;
2680 + t4 = e & t3;
2681 + b = t1 ^ t4;
2682 + t6 = e ^ h;
2683 + t7 = f | h;
2684 + t8 = t6 & t7;
2685 + d = t3 ^ t8;
2686 + t10 = (~e) % 0x100000000;
2687 + t11 = g ^ d;
2688 + t12 = t10 | t11;
2689 + a = t3 ^ t12;
2690 + t14 = g | t4;
2691 + t15 = t7 ^ t14;
2692 + t16 = d | t10;
2693 + c = t15 ^ t16
2694 + a ^= key[4 * 20 + 8]
2695 + b ^= key[4 * 20 + 9]
2696 + c ^= key[4 * 20 + 10]
2697 + d ^= key[4 * 20 + 11]
2698 + c = rotr32(c, 22)
2699 + a = rotr32(a, 5)
2700 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2701 + a ^= b ^ d
2702 + d = rotr32(d, 7)
2703 + b = rotr32(b, 1)
2704 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2705 + b ^= a ^ c
2706 + c = rotr32(c, 3)
2707 + a = rotr32(a, 13)
2708 + t1 = b ^ c;
2709 + t2 = b | c;
2710 + t3 = a ^ c;
2711 + t7 = a ^ d;
2712 + t4 = t2 ^ t3;
2713 + t5 = d | t4;
2714 + t9 = t2 ^ t7;
2715 + e = t1 ^ t5;
2716 + t8 = t1 | t5;
2717 + t11 = a & t4;
2718 + g = t8 ^ t9;
2719 + t12 = e | t9;
2720 + f = t11 ^ t12;
2721 + t14 = a & g;
2722 + t15 = t2 ^ t14;
2723 + t16 = e & t15;
2724 + h = t4 ^ t16
2725 + e ^= key[4 * 19 + 8]
2726 + f ^= key[4 * 19 + 9]
2727 + g ^= key[4 * 19 + 10]
2728 + h ^= key[4 * 19 + 11]
2729 + g = rotr32(g, 22)
2730 + e = rotr32(e, 5)
2731 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2732 + e ^= f ^ h
2733 + h = rotr32(h, 7)
2734 + f = rotr32(f, 1)
2735 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2736 + f ^= e ^ g
2737 + g = rotr32(g, 3)
2738 + e = rotr32(e, 13)
2739 + t1 = f ^ h;
2740 + t2 = (~t1) % 0x100000000;
2741 + t3 = e ^ g;
2742 + t4 = g ^ t1;
2743 + t7 = e | t2;
2744 + t5 = f & t4;
2745 + t8 = h ^ t7;
2746 + t11 = (~t4) % 0x100000000;
2747 + a = t3 ^ t5;
2748 + t9 = t3 | t8;
2749 + t14 = h & t11;
2750 + d = t1 ^ t9;
2751 + t12 = a | d;
2752 + b = t11 ^ t12;
2753 + t15 = t3 ^ t12;
2754 + c = t14 ^ t15
2755 + a ^= key[4 * 18 + 8]
2756 + b ^= key[4 * 18 + 9]
2757 + c ^= key[4 * 18 + 10]
2758 + d ^= key[4 * 18 + 11]
2759 + c = rotr32(c, 22)
2760 + a = rotr32(a, 5)
2761 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2762 + a ^= b ^ d
2763 + d = rotr32(d, 7)
2764 + b = rotr32(b, 1)
2765 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2766 + b ^= a ^ c
2767 + c = rotr32(c, 3)
2768 + a = rotr32(a, 13)
2769 + t1 = a ^ d;
2770 + t2 = a & b;
2771 + t3 = b ^ c;
2772 + t4 = a ^ t3;
2773 + t5 = b | d;
2774 + t7 = c | t1;
2775 + h = t4 ^ t5;
2776 + t8 = b ^ t7;
2777 + t11 = (~t2) % 0x100000000;
2778 + t9 = t4 & t8;
2779 + f = t1 ^ t9;
2780 + t13 = t9 ^ t11;
2781 + t12 = h & f;
2782 + g = t12 ^ t13;
2783 + t15 = a & d;
2784 + t16 = c ^ t13;
2785 + e = t15 ^ t16
2786 + e ^= key[4 * 17 + 8]
2787 + f ^= key[4 * 17 + 9]
2788 + g ^= key[4 * 17 + 10]
2789 + h ^= key[4 * 17 + 11]
2790 + g = rotr32(g, 22)
2791 + e = rotr32(e, 5)
2792 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2793 + e ^= f ^ h
2794 + h = rotr32(h, 7)
2795 + f = rotr32(f, 1)
2796 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2797 + f ^= e ^ g
2798 + g = rotr32(g, 3)
2799 + e = rotr32(e, 13)
2800 + t1 = (~e) % 0x100000000
2801 + t2 = e ^ f
2802 + t3 = t1 | t2
2803 + t4 = h ^ t3
2804 + t7 = h & t2
2805 + t5 = g ^ t4
2806 + t8 = t1 ^ t7
2807 + c = t2 ^ t5
2808 + t11 = e & t4
2809 + t9 = c & t8
2810 + t14 = t5 ^ t8
2811 + b = t4 ^ t9
2812 + t12 = t5 | b
2813 + d = t11 ^ t12
2814 + a = d ^ t14
2815 + a ^= key[4 * 16 + 8]
2816 + b ^= key[4 * 16 + 9]
2817 + c ^= key[4 * 16 + 10]
2818 + d ^= key[4 * 16 + 11]
2819 + c = rotr32(c, 22)
2820 + a = rotr32(a, 5)
2821 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2822 + a ^= b ^ d
2823 + d = rotr32(d, 7)
2824 + b = rotr32(b, 1)
2825 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2826 + b ^= a ^ c
2827 + c = rotr32(c, 3)
2828 + a = rotr32(a, 13)
2829 + t1 = a & b;
2830 + t2 = a | b;
2831 + t3 = c | t1;
2832 + t4 = d & t2;
2833 + h = t3 ^ t4;
2834 + t6 = (~d) % 0x100000000;
2835 + t7 = b ^ t4;
2836 + t8 = h ^ t6;
2837 + t11 = c ^ t7;
2838 + t9 = t7 | t8;
2839 + f = a ^ t9;
2840 + t12 = d | f;
2841 + e = t11 ^ t12;
2842 + t14 = a & h;
2843 + t15 = t3 ^ f;
2844 + t16 = e ^ t14;
2845 + g = t15 ^ t16
2846 + e ^= key[4 * 15 + 8]
2847 + f ^= key[4 * 15 + 9]
2848 + g ^= key[4 * 15 + 10]
2849 + h ^= key[4 * 15 + 11]
2850 + g = rotr32(g, 22)
2851 + e = rotr32(e, 5)
2852 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2853 + e ^= f ^ h
2854 + h = rotr32(h, 7)
2855 + f = rotr32(f, 1)
2856 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2857 + f ^= e ^ g
2858 + g = rotr32(g, 3)
2859 + e = rotr32(e, 13)
2860 + t1 = (~e) % 0x100000000;
2861 + t2 = e ^ f;
2862 + t3 = g ^ t2;
2863 + t4 = g | t1;
2864 + t5 = h ^ t4;
2865 + t13 = h & t1;
2866 + b = t3 ^ t5;
2867 + t7 = t3 & t5;
2868 + t8 = t2 ^ t7;
2869 + t9 = f | t8;
2870 + d = t5 ^ t9;
2871 + t11 = f | d;
2872 + a = t8 ^ t11;
2873 + t14 = t3 ^ t11;
2874 + c = t13 ^ t14
2875 + a ^= key[4 * 14 + 8]
2876 + b ^= key[4 * 14 + 9]
2877 + c ^= key[4 * 14 + 10]
2878 + d ^= key[4 * 14 + 11]
2879 + c = rotr32(c, 22)
2880 + a = rotr32(a, 5)
2881 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2882 + a ^= b ^ d
2883 + d = rotr32(d, 7)
2884 + b = rotr32(b, 1)
2885 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2886 + b ^= a ^ c
2887 + c = rotr32(c, 3)
2888 + a = rotr32(a, 13)
2889 + t1 = (~c) % 0x100000000;
2890 + t2 = b & t1;
2891 + t3 = d ^ t2;
2892 + t4 = a & t3;
2893 + t5 = b ^ t1;
2894 + h = t4 ^ t5;
2895 + t7 = b | h;
2896 + t8 = a & t7;
2897 + f = t3 ^ t8;
2898 + t10 = a | d;
2899 + t11 = t1 ^ t7;
2900 + e = t10 ^ t11;
2901 + t13 = a ^ c;
2902 + t14 = b & t10;
2903 + t15 = t4 | t13;
2904 + g = t14 ^ t15
2905 + e ^= key[4 * 13 + 8]
2906 + f ^= key[4 * 13 + 9]
2907 + g ^= key[4 * 13 + 10]
2908 + h ^= key[4 * 13 + 11]
2909 + g = rotr32(g, 22)
2910 + e = rotr32(e, 5)
2911 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2912 + e ^= f ^ h
2913 + h = rotr32(h, 7)
2914 + f = rotr32(f, 1)
2915 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2916 + f ^= e ^ g
2917 + g = rotr32(g, 3)
2918 + e = rotr32(e, 13)
2919 + t1 = g ^ h;
2920 + t2 = g | h;
2921 + t3 = f ^ t2;
2922 + t4 = e & t3;
2923 + b = t1 ^ t4;
2924 + t6 = e ^ h;
2925 + t7 = f | h;
2926 + t8 = t6 & t7;
2927 + d = t3 ^ t8;
2928 + t10 = (~e) % 0x100000000;
2929 + t11 = g ^ d;
2930 + t12 = t10 | t11;
2931 + a = t3 ^ t12;
2932 + t14 = g | t4;
2933 + t15 = t7 ^ t14;
2934 + t16 = d | t10;
2935 + c = t15 ^ t16
2936 + a ^= key[4 * 12 + 8]
2937 + b ^= key[4 * 12 + 9]
2938 + c ^= key[4 * 12 + 10]
2939 + d ^= key[4 * 12 + 11]
2940 + c = rotr32(c, 22)
2941 + a = rotr32(a, 5)
2942 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
2943 + a ^= b ^ d
2944 + d = rotr32(d, 7)
2945 + b = rotr32(b, 1)
2946 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
2947 + b ^= a ^ c
2948 + c = rotr32(c, 3)
2949 + a = rotr32(a, 13)
2950 + t1 = b ^ c;
2951 + t2 = b | c;
2952 + t3 = a ^ c;
2953 + t7 = a ^ d;
2954 + t4 = t2 ^ t3;
2955 + t5 = d | t4;
2956 + t9 = t2 ^ t7;
2957 + e = t1 ^ t5;
2958 + t8 = t1 | t5;
2959 + t11 = a & t4;
2960 + g = t8 ^ t9;
2961 + t12 = e | t9;
2962 + f = t11 ^ t12;
2963 + t14 = a & g;
2964 + t15 = t2 ^ t14;
2965 + t16 = e & t15;
2966 + h = t4 ^ t16
2967 + e ^= key[4 * 11 + 8]
2968 + f ^= key[4 * 11 + 9]
2969 + g ^= key[4 * 11 + 10]
2970 + h ^= key[4 * 11 + 11]
2971 + g = rotr32(g, 22)
2972 + e = rotr32(e, 5)
2973 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
2974 + e ^= f ^ h
2975 + h = rotr32(h, 7)
2976 + f = rotr32(f, 1)
2977 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
2978 + f ^= e ^ g
2979 + g = rotr32(g, 3)
2980 + e = rotr32(e, 13)
2981 + t1 = f ^ h;
2982 + t2 = (~t1) % 0x100000000;
2983 + t3 = e ^ g;
2984 + t4 = g ^ t1;
2985 + t7 = e | t2;
2986 + t5 = f & t4;
2987 + t8 = h ^ t7;
2988 + t11 = (~t4) % 0x100000000;
2989 + a = t3 ^ t5;
2990 + t9 = t3 | t8;
2991 + t14 = h & t11;
2992 + d = t1 ^ t9;
2993 + t12 = a | d;
2994 + b = t11 ^ t12;
2995 + t15 = t3 ^ t12;
2996 + c = t14 ^ t15
2997 + a ^= key[4 * 10 + 8]
2998 + b ^= key[4 * 10 + 9]
2999 + c ^= key[4 * 10 + 10]
3000 + d ^= key[4 * 10 + 11]
3001 + c = rotr32(c, 22)
3002 + a = rotr32(a, 5)
3003 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
3004 + a ^= b ^ d
3005 + d = rotr32(d, 7)
3006 + b = rotr32(b, 1)
3007 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
3008 + b ^= a ^ c
3009 + c = rotr32(c, 3)
3010 + a = rotr32(a, 13)
3011 + t1 = a ^ d;
3012 + t2 = a & b;
3013 + t3 = b ^ c;
3014 + t4 = a ^ t3;
3015 + t5 = b | d;
3016 + t7 = c | t1;
3017 + h = t4 ^ t5;
3018 + t8 = b ^ t7;
3019 + t11 = (~t2) % 0x100000000;
3020 + t9 = t4 & t8;
3021 + f = t1 ^ t9;
3022 + t13 = t9 ^ t11;
3023 + t12 = h & f;
3024 + g = t12 ^ t13;
3025 + t15 = a & d;
3026 + t16 = c ^ t13;
3027 + e = t15 ^ t16
3028 + e ^= key[4 * 9 + 8]
3029 + f ^= key[4 * 9 + 9]
3030 + g ^= key[4 * 9 + 10]
3031 + h ^= key[4 * 9 + 11]
3032 + g = rotr32(g, 22)
3033 + e = rotr32(e, 5)
3034 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
3035 + e ^= f ^ h
3036 + h = rotr32(h, 7)
3037 + f = rotr32(f, 1)
3038 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
3039 + f ^= e ^ g
3040 + g = rotr32(g, 3)
3041 + e = rotr32(e, 13)
3042 + t1 = (~e) % 0x100000000
3043 + t2 = e ^ f
3044 + t3 = t1 | t2
3045 + t4 = h ^ t3
3046 + t7 = h & t2
3047 + t5 = g ^ t4
3048 + t8 = t1 ^ t7
3049 + c = t2 ^ t5
3050 + t11 = e & t4
3051 + t9 = c & t8
3052 + t14 = t5 ^ t8
3053 + b = t4 ^ t9
3054 + t12 = t5 | b
3055 + d = t11 ^ t12
3056 + a = d ^ t14
3057 + a ^= key[4 * 8 + 8]
3058 + b ^= key[4 * 8 + 9]
3059 + c ^= key[4 * 8 + 10]
3060 + d ^= key[4 * 8 + 11]
3061 + c = rotr32(c, 22)
3062 + a = rotr32(a, 5)
3063 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
3064 + a ^= b ^ d
3065 + d = rotr32(d, 7)
3066 + b = rotr32(b, 1)
3067 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
3068 + b ^= a ^ c
3069 + c = rotr32(c, 3)
3070 + a = rotr32(a, 13)
3071 + t1 = a & b;
3072 + t2 = a | b;
3073 + t3 = c | t1;
3074 + t4 = d & t2;
3075 + h = t3 ^ t4;
3076 + t6 = (~d) % 0x100000000;
3077 + t7 = b ^ t4;
3078 + t8 = h ^ t6;
3079 + t11 = c ^ t7;
3080 + t9 = t7 | t8;
3081 + f = a ^ t9;
3082 + t12 = d | f;
3083 + e = t11 ^ t12;
3084 + t14 = a & h;
3085 + t15 = t3 ^ f;
3086 + t16 = e ^ t14;
3087 + g = t15 ^ t16
3088 + e ^= key[4 * 7 + 8]
3089 + f ^= key[4 * 7 + 9]
3090 + g ^= key[4 * 7 + 10]
3091 + h ^= key[4 * 7 + 11]
3092 + g = rotr32(g, 22)
3093 + e = rotr32(e, 5)
3094 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
3095 + e ^= f ^ h
3096 + h = rotr32(h, 7)
3097 + f = rotr32(f, 1)
3098 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
3099 + f ^= e ^ g
3100 + g = rotr32(g, 3)
3101 + e = rotr32(e, 13)
3102 + t1 = (~e) % 0x100000000;
3103 + t2 = e ^ f;
3104 + t3 = g ^ t2;
3105 + t4 = g | t1;
3106 + t5 = h ^ t4;
3107 + t13 = h & t1;
3108 + b = t3 ^ t5;
3109 + t7 = t3 & t5;
3110 + t8 = t2 ^ t7;
3111 + t9 = f | t8;
3112 + d = t5 ^ t9;
3113 + t11 = f | d;
3114 + a = t8 ^ t11;
3115 + t14 = t3 ^ t11;
3116 + c = t13 ^ t14
3117 + a ^= key[4 * 6 + 8]
3118 + b ^= key[4 * 6 + 9]
3119 + c ^= key[4 * 6 + 10]
3120 + d ^= key[4 * 6 + 11]
3121 + c = rotr32(c, 22)
3122 + a = rotr32(a, 5)
3123 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
3124 + a ^= b ^ d
3125 + d = rotr32(d, 7)
3126 + b = rotr32(b, 1)
3127 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
3128 + b ^= a ^ c
3129 + c = rotr32(c, 3)
3130 + a = rotr32(a, 13)
3131 + t1 = (~c) % 0x100000000;
3132 + t2 = b & t1;
3133 + t3 = d ^ t2;
3134 + t4 = a & t3;
3135 + t5 = b ^ t1;
3136 + h = t4 ^ t5;
3137 + t7 = b | h;
3138 + t8 = a & t7;
3139 + f = t3 ^ t8;
3140 + t10 = a | d;
3141 + t11 = t1 ^ t7;
3142 + e = t10 ^ t11;
3143 + t13 = a ^ c;
3144 + t14 = b & t10;
3145 + t15 = t4 | t13;
3146 + g = t14 ^ t15
3147 + e ^= key[4 * 5 + 8]
3148 + f ^= key[4 * 5 + 9]
3149 + g ^= key[4 * 5 + 10]
3150 + h ^= key[4 * 5 + 11]
3151 + g = rotr32(g, 22)
3152 + e = rotr32(e, 5)
3153 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
3154 + e ^= f ^ h
3155 + h = rotr32(h, 7)
3156 + f = rotr32(f, 1)
3157 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
3158 + f ^= e ^ g
3159 + g = rotr32(g, 3)
3160 + e = rotr32(e, 13)
3161 + t1 = g ^ h;
3162 + t2 = g | h;
3163 + t3 = f ^ t2;
3164 + t4 = e & t3;
3165 + b = t1 ^ t4;
3166 + t6 = e ^ h;
3167 + t7 = f | h;
3168 + t8 = t6 & t7;
3169 + d = t3 ^ t8;
3170 + t10 = (~e) % 0x100000000;
3171 + t11 = g ^ d;
3172 + t12 = t10 | t11;
3173 + a = t3 ^ t12;
3174 + t14 = g | t4;
3175 + t15 = t7 ^ t14;
3176 + t16 = d | t10;
3177 + c = t15 ^ t16
3178 + a ^= key[4 * 4 + 8]
3179 + b ^= key[4 * 4 + 9]
3180 + c ^= key[4 * 4 + 10]
3181 + d ^= key[4 * 4 + 11]
3182 + c = rotr32(c, 22)
3183 + a = rotr32(a, 5)
3184 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
3185 + a ^= b ^ d
3186 + d = rotr32(d, 7)
3187 + b = rotr32(b, 1)
3188 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
3189 + b ^= a ^ c
3190 + c = rotr32(c, 3)
3191 + a = rotr32(a, 13)
3192 + t1 = b ^ c;
3193 + t2 = b | c;
3194 + t3 = a ^ c;
3195 + t7 = a ^ d;
3196 + t4 = t2 ^ t3;
3197 + t5 = d | t4;
3198 + t9 = t2 ^ t7;
3199 + e = t1 ^ t5;
3200 + t8 = t1 | t5;
3201 + t11 = a & t4;
3202 + g = t8 ^ t9;
3203 + t12 = e | t9;
3204 + f = t11 ^ t12;
3205 + t14 = a & g;
3206 + t15 = t2 ^ t14;
3207 + t16 = e & t15;
3208 + h = t4 ^ t16
3209 + e ^= key[4 * 3 + 8]
3210 + f ^= key[4 * 3 + 9]
3211 + g ^= key[4 * 3 + 10]
3212 + h ^= key[4 * 3 + 11]
3213 + g = rotr32(g, 22)
3214 + e = rotr32(e, 5)
3215 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
3216 + e ^= f ^ h
3217 + h = rotr32(h, 7)
3218 + f = rotr32(f, 1)
3219 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
3220 + f ^= e ^ g
3221 + g = rotr32(g, 3)
3222 + e = rotr32(e, 13)
3223 + t1 = f ^ h;
3224 + t2 = (~t1) % 0x100000000;
3225 + t3 = e ^ g;
3226 + t4 = g ^ t1;
3227 + t7 = e | t2;
3228 + t5 = f & t4;
3229 + t8 = h ^ t7;
3230 + t11 = (~t4) % 0x100000000;
3231 + a = t3 ^ t5;
3232 + t9 = t3 | t8;
3233 + t14 = h & t11;
3234 + d = t1 ^ t9;
3235 + t12 = a | d;
3236 + b = t11 ^ t12;
3237 + t15 = t3 ^ t12;
3238 + c = t14 ^ t15
3239 + a ^= key[4 * 2 + 8]
3240 + b ^= key[4 * 2 + 9]
3241 + c ^= key[4 * 2 + 10]
3242 + d ^= key[4 * 2 + 11]
3243 + c = rotr32(c, 22)
3244 + a = rotr32(a, 5)
3245 + c ^= d ^ ((b << 7) & 0xFFFFFFFF)
3246 + a ^= b ^ d
3247 + d = rotr32(d, 7)
3248 + b = rotr32(b, 1)
3249 + d ^= c ^ ((a << 3) & 0xFFFFFFFF)
3250 + b ^= a ^ c
3251 + c = rotr32(c, 3)
3252 + a = rotr32(a, 13)
3253 + t1 = a ^ d;
3254 + t2 = a & b;
3255 + t3 = b ^ c;
3256 + t4 = a ^ t3;
3257 + t5 = b | d;
3258 + t7 = c | t1;
3259 + h = t4 ^ t5;
3260 + t8 = b ^ t7;
3261 + t11 = (~t2) % 0x100000000;
3262 + t9 = t4 & t8;
3263 + f = t1 ^ t9;
3264 + t13 = t9 ^ t11;
3265 + t12 = h & f;
3266 + g = t12 ^ t13;
3267 + t15 = a & d;
3268 + t16 = c ^ t13;
3269 + e = t15 ^ t16
3270 + e ^= key[4 * 1 + 8]
3271 + f ^= key[4 * 1 + 9]
3272 + g ^= key[4 * 1 + 10]
3273 + h ^= key[4 * 1 + 11]
3274 + g = rotr32(g, 22)
3275 + e = rotr32(e, 5)
3276 + g ^= h ^ ((f << 7) & 0xFFFFFFFF)
3277 + e ^= f ^ h
3278 + h = rotr32(h, 7)
3279 + f = rotr32(f, 1)
3280 + h ^= g ^ ((e << 3) & 0xFFFFFFFF)
3281 + f ^= e ^ g
3282 + g = rotr32(g, 3)
3283 + e = rotr32(e, 13)
3284 + t1 = (~e) % 0x100000000
3285 + t2 = e ^ f
3286 + t3 = t1 | t2
3287 + t4 = h ^ t3
3288 + t7 = h & t2
3289 + t5 = g ^ t4
3290 + t8 = t1 ^ t7
3291 + c = t2 ^ t5
3292 + t11 = e & t4
3293 + t9 = c & t8
3294 + t14 = t5 ^ t8
3295 + b = t4 ^ t9
3296 + t12 = t5 | b
3297 + d = t11 ^ t12
3298 + a = d ^ t14
3299 + a ^= key[4 * 0 + 8]
3300 + b ^= key[4 * 0 + 9]
3301 + c ^= key[4 * 0 + 10]
3302 + d ^= key[4 * 0 + 11]
3303 + if WORD_BIGENDIAN:
3304 + a = byteswap32(a)
3305 + b = byteswap32(b)
3306 + c = byteswap32(c)
3307 + d = byteswap32(d)
3308 + in_blk[0] = a
3309 + in_blk[1] = b
3310 + in_blk[2] = c
3311 + in_blk[3] = d
3312 +
3313 +__testkey = '\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f'
3314 +__testdat = '\x00\x01\x02\x03\x04\x05\x06\x07\x08\t\n\x0b\x0c\r\x0e\x0f'
3315 +assert '\xde&\x9f\xf83\xe42\xb8[.\x88\xd2p\x1c\xe7\\' == Serpent(__testkey).encrypt(__testdat)
3316 +assert __testdat == Serpent(__testkey).decrypt('\xde&\x9f\xf83\xe42\xb8[.\x88\xd2p\x1c\xe7\\')
3317 +
3318 +#CBC Encrypt - Jason Reaves
3319 +def serpent_cbc_encrypt(key, data, iv='\x00'*16):
3320 + out = ""
3321 + last = iv
3322 + for i in range((len(data)/16)):
3323 + temp = data[i*16:(i+1)*16]
3324 + to_encode = ""
3325 + for j in range(4):
3326 + temp1 = struct.unpack_from('<I', temp[j*4:])[0]
3327 + temp2 = struct.unpack_from('<I', last[j*4:])[0]
3328 + to_encode += struct.pack('<I',((temp1 ^ temp2) & 0xffffffff))
3329 + last= Serpent(key).encrypt(to_encode)
3330 + out += last
3331 + #print(binascii.hexlify(Serpent(key).encrypt(data)))
3332 + return out
3333 +
3334 +#CBC Decrypt - Jason Reaves
3335 +def serpent_cbc_decrypt(key,data,iv='\x00'*16):
3336 + out2 = ""
3337 + last = iv
3338 + for i in range((len(data)/16)):
3339 + temp = Serpent(key).decrypt(data[i*16:(i+1)*16])
3340 + to_decode = ""
3341 + for j in range(4):
3342 + temp1 = struct.unpack_from('<I', temp[j*4:])[0]
3343 + temp2 = struct.unpack_from('<I', last[j*4:])[0]
3344 + to_decode += struct.pack('<I',((temp1 ^ temp2) & 0xffffffff))
3345 + out2 += to_decode
3346 + last = data[i*16:(i+1)*16]
3347 + return out2
3348 diff --git a/lib/server.py b/lib/server.py
3349 index 38bf514..a248f1a 100644
3350 --- a/lib/server.py
3351 +++ b/lib/server.py
3352 @@ -167,10 +167,9 @@ class Server(object):
3353 if x == udp_server_socket:
3354 bytes_address_pair = udp_server_socket.recvfrom(PACKET_SIZE)
3355 message = bytes_address_pair[0]
3356 - address = bytes_address_pair[1]
3357 - print message
3358 + address = bytes_address_pair[1][0]
3359 for c in self.clients:
3360 - self.clients[c].udp_data_received(message)
3361 + self.clients[c].udp_data_received(address, message)
3362 for x in iwtd:
3363 if x in self.clients:
3364 self.clients[x].socket_readable_notification()
3365
  1. I haven't thoroughly read through this library. It has many many lines of single letter variables. I don't know if this is the standard in implementation of encryption algos but it looks like it will be very difficult to properly fit in head. In addition, the purported authors insist that the implementation is very slow. I don't know how important that is since nothing gets decrypted until the hash is validated, which should be much faster. []

This entry was posted on Sunday, August 1st, 2021 at 6:29 p.m. and is filed under WoT, blatta, irc. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply