xref: /third_party/openssl/crypto/seed/seed.c (revision e1051a39) 
1/*
2 * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License").  You may not use
5 * this file except in compliance with the License.  You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10/*
11 * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
12 *
13 * Redistribution and use in source and binary forms, with or without
14 * modification, are permitted provided that the following conditions
15 * are met:
16 * 1. Redistributions of source code must retain the above copyright
17 *    notice, this list of conditions and the following disclaimer.
18 * 2. Neither the name of author nor the names of its contributors may
19 *    be used to endorse or promote products derived from this software
20 *    without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 *
34 */
35#ifndef OPENSSL_NO_SEED
36
37/*
38 * SEED low level APIs are deprecated for public use, but still ok for
39 * internal use.
40 */
41#include "internal/deprecated.h"
42
43# include <stdio.h>
44# include <stdlib.h>
45# include <string.h>
46# ifdef _WIN32
47#  include <memory.h>
48# endif
49
50# include <openssl/seed.h>
51# include "seed_local.h"
52
53# ifdef SS                      /* can get defined on Solaris by inclusion of
54                                 * <stdlib.h> */
55#  undef SS
56# endif
57
58# if !defined(OPENSSL_SMALL_FOOTPRINT)
59
60#  define G_FUNC(v)       \
61        SS[0][(unsigned char)      (v) & 0xff] ^ \
62        SS[1][(unsigned char) ((v)>>8) & 0xff] ^ \
63        SS[2][(unsigned char)((v)>>16) & 0xff] ^ \
64        SS[3][(unsigned char)((v)>>24) & 0xff]
65
66static const seed_word SS[4][256] = {
67    { 0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0,
68      0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
69      0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c,
70      0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
71      0x28082028, 0x04444044, 0x20002020, 0x1d8d919c,
72      0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314,
73      0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378,
74      0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec,
75      0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8,
76      0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074,
77      0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354,
78      0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100,
79      0x24042024, 0x1c0c101c, 0x33437370, 0x18889098,
80      0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8,
81      0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380,
82      0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8,
83      0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8,
84      0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c,
85      0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078,
86      0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4,
87      0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140,
88      0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008,
89      0x1f0f131c, 0x19899198, 0x00000000, 0x19091118,
90      0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0,
91      0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324,
92      0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8,
93      0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c,
94      0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208,
95      0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4,
96      0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064,
97      0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218,
98      0x06060204, 0x21012120, 0x2b4b6368, 0x26466264,
99      0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288,
100      0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0,
101      0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4,
102      0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc,
103      0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac,
104      0x36063234, 0x15051114, 0x22022220, 0x38083038,
105      0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c,
106      0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394,
107      0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c,
108      0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188,
109      0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8,
110      0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4,
111      0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364,
112      0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8,
113      0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320,
114      0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4,
115      0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0,
116      0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040,
117      0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0,
118      0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154,
119      0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c,
120      0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254,
121      0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244,
122      0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8,
123      0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c,
124      0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0,
125      0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c,
126      0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088,
127      0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4,
128      0x22426260, 0x29092128, 0x07070304, 0x33033330,
129      0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178,
130      0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298
131    },
132    { 0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2,
133      0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0,
134      0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3,
135      0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53,
136      0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1,
137      0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3,
138      0xd013c3d3, 0x90118191, 0x10110111, 0x04060602,
139      0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43,
140      0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0,
141      0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0,
142      0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2,
143      0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890,
144      0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32,
145      0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3,
146      0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72,
147      0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272,
148      0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0,
149      0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83,
150      0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13,
151      0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430,
152      0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1,
153      0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0,
154      0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1,
155      0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1,
156      0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131,
157      0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1,
158      0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202,
159      0x20220222, 0x04040400, 0x68284860, 0x70314171,
160      0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991,
161      0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951,
162      0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0,
163      0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0,
164      0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12,
165      0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3,
166      0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2,
167      0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41,
168      0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32,
169      0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62,
170      0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292,
171      0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0,
172      0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571,
173      0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303,
174      0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470,
175      0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901,
176      0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040,
177      0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501,
178      0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22,
179      0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343,
180      0x84058581, 0x14140410, 0x88098981, 0x981b8b93,
181      0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971,
182      0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282,
183      0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53,
184      0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11,
185      0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642,
186      0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3,
187      0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1,
188      0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30,
189      0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70,
190      0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622,
191      0x30320232, 0x84048480, 0x68294961, 0x90138393,
192      0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0,
193      0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783,
194      0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83,
195      0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3
196    },
197    { 0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3,
198      0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505,
199      0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e,
200      0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343,
201      0x20282808, 0x40440444, 0x20202000, 0x919c1d8d,
202      0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707,
203      0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b,
204      0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece,
205      0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888,
206      0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444,
207      0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747,
208      0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101,
209      0x20242404, 0x101c1c0c, 0x73703343, 0x90981888,
210      0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9,
211      0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383,
212      0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9,
213      0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb,
214      0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f,
215      0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848,
216      0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5,
217      0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141,
218      0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808,
219      0x131c1f0f, 0x91981989, 0x00000000, 0x11181909,
220      0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1,
221      0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707,
222      0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b,
223      0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d,
224      0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a,
225      0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5,
226      0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444,
227      0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a,
228      0x02040606, 0x21202101, 0x63682b4b, 0x62642646,
229      0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a,
230      0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0,
231      0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5,
232      0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf,
233      0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e,
234      0x32343606, 0x11141505, 0x22202202, 0x30383808,
235      0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c,
236      0x81800181, 0xe1e829c9, 0x80840484, 0x93941787,
237      0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c,
238      0x71703141, 0x11101101, 0xc3c407c7, 0x81880989,
239      0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8,
240      0x90941484, 0x51581949, 0x82800282, 0xc0c404c4,
241      0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747,
242      0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888,
243      0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303,
244      0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484,
245      0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2,
246      0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040,
247      0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1,
248      0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545,
249      0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f,
250      0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646,
251      0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646,
252      0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca,
253      0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f,
254      0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282,
255      0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f,
256      0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888,
257      0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4,
258      0x62602242, 0x21282909, 0x03040707, 0x33303303,
259      0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949,
260      0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a
261    },
262    { 0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426,
263      0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
264      0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407,
265      0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
266      0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435,
267      0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
268      0xc3d3d013, 0x81919011, 0x01111011, 0x06020406,
269      0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
270      0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828,
271      0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
272      0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416,
273      0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
274      0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e,
275      0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
276      0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a,
277      0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
278      0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000,
279      0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
280      0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f,
281      0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
282      0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829,
283      0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
284      0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405,
285      0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
286      0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031,
287      0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
288      0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002,
289      0x02222022, 0x04000404, 0x48606828, 0x41717031,
290      0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819,
291      0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
292      0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c,
293      0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
294      0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a,
295      0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
296      0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022,
297      0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
298      0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a,
299      0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
300      0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012,
301      0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
302      0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435,
303      0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
304      0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434,
305      0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
306      0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000,
307      0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
308      0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a,
309      0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
310      0x85818405, 0x04101414, 0x89818809, 0x8b93981b,
311      0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
312      0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002,
313      0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
314      0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d,
315      0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
316      0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b,
317      0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
318      0x00303030, 0x85919415, 0x45616425, 0x0c303c3c,
319      0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
320      0x0e020c0e, 0x40505010, 0x09313839, 0x06222426,
321      0x02323032, 0x84808404, 0x49616829, 0x83939013,
322      0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424,
323      0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
324      0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f,
325      0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437
326    }
327};
328
329#else
330
331/* on x86_64 >5x size reduction at 40% performance penalty */
332static const unsigned char SEED_Sbox[2][256] = {
333{
334      0xA9, 0x85, 0xD6, 0xD3, 0x54, 0x1D, 0xAC, 0x25,
335      0x5D, 0x43, 0x18, 0x1E, 0x51, 0xFC, 0xCA, 0x63,
336      0x28, 0x44, 0x20, 0x9D, 0xE0, 0xE2, 0xC8, 0x17,
337      0xA5, 0x8F, 0x03, 0x7B, 0xBB, 0x13, 0xD2, 0xEE,
338      0x70, 0x8C, 0x3F, 0xA8, 0x32, 0xDD, 0xF6, 0x74,
339      0xEC, 0x95, 0x0B, 0x57, 0x5C, 0x5B, 0xBD, 0x01,
340      0x24, 0x1C, 0x73, 0x98, 0x10, 0xCC, 0xF2, 0xD9,
341      0x2C, 0xE7, 0x72, 0x83, 0x9B, 0xD1, 0x86, 0xC9,
342      0x60, 0x50, 0xA3, 0xEB, 0x0D, 0xB6, 0x9E, 0x4F,
343      0xB7, 0x5A, 0xC6, 0x78, 0xA6, 0x12, 0xAF, 0xD5,
344      0x61, 0xC3, 0xB4, 0x41, 0x52, 0x7D, 0x8D, 0x08,
345      0x1F, 0x99, 0x00, 0x19, 0x04, 0x53, 0xF7, 0xE1,
346      0xFD, 0x76, 0x2F, 0x27, 0xB0, 0x8B, 0x0E, 0xAB,
347      0xA2, 0x6E, 0x93, 0x4D, 0x69, 0x7C, 0x09, 0x0A,
348      0xBF, 0xEF, 0xF3, 0xC5, 0x87, 0x14, 0xFE, 0x64,
349      0xDE, 0x2E, 0x4B, 0x1A, 0x06, 0x21, 0x6B, 0x66,
350      0x02, 0xF5, 0x92, 0x8A, 0x0C, 0xB3, 0x7E, 0xD0,
351      0x7A, 0x47, 0x96, 0xE5, 0x26, 0x80, 0xAD, 0xDF,
352      0xA1, 0x30, 0x37, 0xAE, 0x36, 0x15, 0x22, 0x38,
353      0xF4, 0xA7, 0x45, 0x4C, 0x81, 0xE9, 0x84, 0x97,
354      0x35, 0xCB, 0xCE, 0x3C, 0x71, 0x11, 0xC7, 0x89,
355      0x75, 0xFB, 0xDA, 0xF8, 0x94, 0x59, 0x82, 0xC4,
356      0xFF, 0x49, 0x39, 0x67, 0xC0, 0xCF, 0xD7, 0xB8,
357      0x0F, 0x8E, 0x42, 0x23, 0x91, 0x6C, 0xDB, 0xA4,
358      0x34, 0xF1, 0x48, 0xC2, 0x6F, 0x3D, 0x2D, 0x40,
359      0xBE, 0x3E, 0xBC, 0xC1, 0xAA, 0xBA, 0x4E, 0x55,
360      0x3B, 0xDC, 0x68, 0x7F, 0x9C, 0xD8, 0x4A, 0x56,
361      0x77, 0xA0, 0xED, 0x46, 0xB5, 0x2B, 0x65, 0xFA,
362      0xE3, 0xB9, 0xB1, 0x9F, 0x5E, 0xF9, 0xE6, 0xB2,
363      0x31, 0xEA, 0x6D, 0x5F, 0xE4, 0xF0, 0xCD, 0x88,
364      0x16, 0x3A, 0x58, 0xD4, 0x62, 0x29, 0x07, 0x33,
365      0xE8, 0x1B, 0x05, 0x79, 0x90, 0x6A, 0x2A, 0x9A
366    },
367    {
368      0x38, 0xE8, 0x2D, 0xA6, 0xCF, 0xDE, 0xB3, 0xB8,
369      0xAF, 0x60, 0x55, 0xC7, 0x44, 0x6F, 0x6B, 0x5B,
370      0xC3, 0x62, 0x33, 0xB5, 0x29, 0xA0, 0xE2, 0xA7,
371      0xD3, 0x91, 0x11, 0x06, 0x1C, 0xBC, 0x36, 0x4B,
372      0xEF, 0x88, 0x6C, 0xA8, 0x17, 0xC4, 0x16, 0xF4,
373      0xC2, 0x45, 0xE1, 0xD6, 0x3F, 0x3D, 0x8E, 0x98,
374      0x28, 0x4E, 0xF6, 0x3E, 0xA5, 0xF9, 0x0D, 0xDF,
375      0xD8, 0x2B, 0x66, 0x7A, 0x27, 0x2F, 0xF1, 0x72,
376      0x42, 0xD4, 0x41, 0xC0, 0x73, 0x67, 0xAC, 0x8B,
377      0xF7, 0xAD, 0x80, 0x1F, 0xCA, 0x2C, 0xAA, 0x34,
378      0xD2, 0x0B, 0xEE, 0xE9, 0x5D, 0x94, 0x18, 0xF8,
379      0x57, 0xAE, 0x08, 0xC5, 0x13, 0xCD, 0x86, 0xB9,
380      0xFF, 0x7D, 0xC1, 0x31, 0xF5, 0x8A, 0x6A, 0xB1,
381      0xD1, 0x20, 0xD7, 0x02, 0x22, 0x04, 0x68, 0x71,
382      0x07, 0xDB, 0x9D, 0x99, 0x61, 0xBE, 0xE6, 0x59,
383      0xDD, 0x51, 0x90, 0xDC, 0x9A, 0xA3, 0xAB, 0xD0,
384      0x81, 0x0F, 0x47, 0x1A, 0xE3, 0xEC, 0x8D, 0xBF,
385      0x96, 0x7B, 0x5C, 0xA2, 0xA1, 0x63, 0x23, 0x4D,
386      0xC8, 0x9E, 0x9C, 0x3A, 0x0C, 0x2E, 0xBA, 0x6E,
387      0x9F, 0x5A, 0xF2, 0x92, 0xF3, 0x49, 0x78, 0xCC,
388      0x15, 0xFB, 0x70, 0x75, 0x7F, 0x35, 0x10, 0x03,
389      0x64, 0x6D, 0xC6, 0x74, 0xD5, 0xB4, 0xEA, 0x09,
390      0x76, 0x19, 0xFE, 0x40, 0x12, 0xE0, 0xBD, 0x05,
391      0xFA, 0x01, 0xF0, 0x2A, 0x5E, 0xA9, 0x56, 0x43,
392      0x85, 0x14, 0x89, 0x9B, 0xB0, 0xE5, 0x48, 0x79,
393      0x97, 0xFC, 0x1E, 0x82, 0x21, 0x8C, 0x1B, 0x5F,
394      0x77, 0x54, 0xB2, 0x1D, 0x25, 0x4F, 0x00, 0x46,
395      0xED, 0x58, 0x52, 0xEB, 0x7E, 0xDA, 0xC9, 0xFD,
396      0x30, 0x95, 0x65, 0x3C, 0xB6, 0xE4, 0xBB, 0x7C,
397      0x0E, 0x50, 0x39, 0x26, 0x32, 0x84, 0x69, 0x93,
398      0x37, 0xE7, 0x24, 0xA4, 0xCB, 0x53, 0x0A, 0x87,
399      0xD9, 0x4C, 0x83, 0x8F, 0xCE, 0x3B, 0x4A, 0xB7
400    }
401};
402
403static unsigned int G_FUNC(unsigned int v)
404{
405    unsigned int s0, s1, s2, s3, ret;
406
407    s0 = SEED_Sbox[0][(unsigned char)      (v) & 0xff];
408    s1 = SEED_Sbox[1][(unsigned char)((v)>> 8) & 0xff];
409    s2 = SEED_Sbox[0][(unsigned char)((v)>>16) & 0xff];
410    s3 = SEED_Sbox[1][(unsigned char)((v)>>24) & 0xff];
411
412    ret  = ((s0 & 0xFC) ^ (s1 & 0xF3) ^ (s2 & 0xCF) ^ (s3 & 0x3F));
413    ret |= ((s0 & 0xF3) ^ (s1 & 0xCF) ^ (s2 & 0x3F) ^ (s3 & 0xFC)) << 8;
414    ret |= ((s0 & 0xCF) ^ (s1 & 0x3F) ^ (s2 & 0xFC) ^ (s3 & 0xF3)) << 16;
415    ret |= ((s0 & 0x3F) ^ (s1 & 0xFC) ^ (s2 & 0xF3) ^ (s3 & 0xCF)) << 24;
416
417    return ret;
418}
419# endif
420
421/* key schedule constants - golden ratio */
422# define KC0     0x9e3779b9
423# define KC1     0x3c6ef373
424# define KC2     0x78dde6e6
425# define KC3     0xf1bbcdcc
426# define KC4     0xe3779b99
427# define KC5     0xc6ef3733
428# define KC6     0x8dde6e67
429# define KC7     0x1bbcdccf
430# define KC8     0x3779b99e
431# define KC9     0x6ef3733c
432# define KC10    0xdde6e678
433# define KC11    0xbbcdccf1
434# define KC12    0x779b99e3
435# define KC13    0xef3733c6
436# define KC14    0xde6e678d
437# define KC15    0xbcdccf1b
438
439# if defined(OPENSSL_SMALL_FOOTPRINT)
440static const seed_word KC[] = {
441    KC0, KC1, KC2, KC3, KC4, KC5, KC6, KC7,
442    KC8, KC9, KC10, KC11, KC12, KC13, KC14, KC15
443};
444# endif
445
446void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
447                  SEED_KEY_SCHEDULE *ks)
448{
449    seed_word x1, x2, x3, x4;
450    seed_word t0, t1;
451
452    char2word(rawkey, x1);
453    char2word(rawkey + 4, x2);
454    char2word(rawkey + 8, x3);
455    char2word(rawkey + 12, x4);
456
457    t0 = (x1 + x3 - KC0) & 0xffffffff;
458    t1 = (x2 - x4 + KC0) & 0xffffffff;
459    KEYUPDATE_TEMP(t0, t1, &ks->data[0]);
460    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC1);
461    KEYUPDATE_TEMP(t0, t1, &ks->data[2]);
462
463# if !defined(OPENSSL_SMALL_FOOTPRINT)
464    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC2);
465    KEYUPDATE_TEMP(t0, t1, &ks->data[4]);
466    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC3);
467    KEYUPDATE_TEMP(t0, t1, &ks->data[6]);
468    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC4);
469    KEYUPDATE_TEMP(t0, t1, &ks->data[8]);
470    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC5);
471    KEYUPDATE_TEMP(t0, t1, &ks->data[10]);
472    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC6);
473    KEYUPDATE_TEMP(t0, t1, &ks->data[12]);
474    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC7);
475    KEYUPDATE_TEMP(t0, t1, &ks->data[14]);
476    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC8);
477    KEYUPDATE_TEMP(t0, t1, &ks->data[16]);
478    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC9);
479    KEYUPDATE_TEMP(t0, t1, &ks->data[18]);
480    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC10);
481    KEYUPDATE_TEMP(t0, t1, &ks->data[20]);
482    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC11);
483    KEYUPDATE_TEMP(t0, t1, &ks->data[22]);
484    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC12);
485    KEYUPDATE_TEMP(t0, t1, &ks->data[24]);
486    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC13);
487    KEYUPDATE_TEMP(t0, t1, &ks->data[26]);
488    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC14);
489    KEYUPDATE_TEMP(t0, t1, &ks->data[28]);
490    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC15);
491    KEYUPDATE_TEMP(t0, t1, &ks->data[30]);
492# else
493    {
494        int i;
495        for (i = 2; i < 16; i += 2) {
496            KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC[i]);
497            KEYUPDATE_TEMP(t0, t1, &ks->data[i * 2]);
498            KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC[i + 1]);
499            KEYUPDATE_TEMP(t0, t1, &ks->data[i * 2 + 2]);
500        }
501    }
502# endif
503}
504
505void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
506                  unsigned char d[SEED_BLOCK_SIZE],
507                  const SEED_KEY_SCHEDULE *ks)
508{
509    seed_word x1, x2, x3, x4;
510    seed_word t0, t1;
511
512    char2word(s, x1);
513    char2word(s + 4, x2);
514    char2word(s + 8, x3);
515    char2word(s + 12, x4);
516
517# if !defined(OPENSSL_SMALL_FOOTPRINT)
518    E_SEED(t0, t1, x1, x2, x3, x4, 0);
519    E_SEED(t0, t1, x3, x4, x1, x2, 2);
520    E_SEED(t0, t1, x1, x2, x3, x4, 4);
521    E_SEED(t0, t1, x3, x4, x1, x2, 6);
522    E_SEED(t0, t1, x1, x2, x3, x4, 8);
523    E_SEED(t0, t1, x3, x4, x1, x2, 10);
524    E_SEED(t0, t1, x1, x2, x3, x4, 12);
525    E_SEED(t0, t1, x3, x4, x1, x2, 14);
526    E_SEED(t0, t1, x1, x2, x3, x4, 16);
527    E_SEED(t0, t1, x3, x4, x1, x2, 18);
528    E_SEED(t0, t1, x1, x2, x3, x4, 20);
529    E_SEED(t0, t1, x3, x4, x1, x2, 22);
530    E_SEED(t0, t1, x1, x2, x3, x4, 24);
531    E_SEED(t0, t1, x3, x4, x1, x2, 26);
532    E_SEED(t0, t1, x1, x2, x3, x4, 28);
533    E_SEED(t0, t1, x3, x4, x1, x2, 30);
534# else
535    {
536        int i;
537        for (i = 0; i < 30; i += 4) {
538            E_SEED(t0, t1, x1, x2, x3, x4, i);
539            E_SEED(t0, t1, x3, x4, x1, x2, i + 2);
540        }
541    }
542# endif
543
544    word2char(x3, d);
545    word2char(x4, d + 4);
546    word2char(x1, d + 8);
547    word2char(x2, d + 12);
548}
549
550void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
551                  unsigned char d[SEED_BLOCK_SIZE],
552                  const SEED_KEY_SCHEDULE *ks)
553{
554    seed_word x1, x2, x3, x4;
555    seed_word t0, t1;
556
557    char2word(s, x1);
558    char2word(s + 4, x2);
559    char2word(s + 8, x3);
560    char2word(s + 12, x4);
561
562# if !defined(OPENSSL_SMALL_FOOTPRINT)
563    E_SEED(t0, t1, x1, x2, x3, x4, 30);
564    E_SEED(t0, t1, x3, x4, x1, x2, 28);
565    E_SEED(t0, t1, x1, x2, x3, x4, 26);
566    E_SEED(t0, t1, x3, x4, x1, x2, 24);
567    E_SEED(t0, t1, x1, x2, x3, x4, 22);
568    E_SEED(t0, t1, x3, x4, x1, x2, 20);
569    E_SEED(t0, t1, x1, x2, x3, x4, 18);
570    E_SEED(t0, t1, x3, x4, x1, x2, 16);
571    E_SEED(t0, t1, x1, x2, x3, x4, 14);
572    E_SEED(t0, t1, x3, x4, x1, x2, 12);
573    E_SEED(t0, t1, x1, x2, x3, x4, 10);
574    E_SEED(t0, t1, x3, x4, x1, x2, 8);
575    E_SEED(t0, t1, x1, x2, x3, x4, 6);
576    E_SEED(t0, t1, x3, x4, x1, x2, 4);
577    E_SEED(t0, t1, x1, x2, x3, x4, 2);
578    E_SEED(t0, t1, x3, x4, x1, x2, 0);
579# else
580    {
581        int i;
582        for (i = 30; i > 0; i -= 4) {
583            E_SEED(t0, t1, x1, x2, x3, x4, i);
584            E_SEED(t0, t1, x3, x4, x1, x2, i - 2);
585
586        }
587    }
588# endif
589
590    word2char(x3, d);
591    word2char(x4, d + 4);
592    word2char(x1, d + 8);
593    word2char(x2, d + 12);
594}
595
596#endif                          /* OPENSSL_NO_SEED */
597