Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- C:\Users\Administrator>cd ..
- C:\Users
- C:\Users>git diff c:\1\sumokoin c:\1\2\sumokoin
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/HEAD.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/HEAD.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/config.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/config.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/description.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/description.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/hooks/applypatch-msg.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/hooks/applypatch-msg.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/hooks/commit-msg.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/hooks/commit-msg.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/hooks/fsmonitor-watchman.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/hooks/fsmonitor-watchman.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/hooks/post-update.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/hooks/post-update.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/hooks/pre-applypatch.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/hooks/pre-applypatch.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/hooks/pre-commit.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/hooks/pre-commit.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/hooks/pre-push.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/hooks/pre-push.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/hooks/pre-rebase.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/hooks/pre-rebase.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/hooks/pre-receive.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/hooks/pre-receive.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/hooks/prepare-commit-msg.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/hooks/prepare-commit-msg.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/hooks/update.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/hooks/update.sample.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/info/exclude.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/info/exclude.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/logs/HEAD.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/logs/HEAD.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/logs/refs/remotes/origin/HEAD.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/logs/refs/remotes/origin/HEAD.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/packed-refs.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/packed-refs.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/refs/remotes/origin/HEAD.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/refs/remotes/origin/HEAD.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/contrib/epee/include/console_handler.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/contrib/epee/include/console_handler.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/contrib/epee/include/serialization/keyvalue_serialization_overloads.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/contrib/epee/include/serialization/keyvalue_serialization_overloads.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/external/unbound/contrib/warmup.cmd.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/external/unbound/contrib/warmup.cmd.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/crypto/crypto.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/crypto/crypto.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/crypto/crypto.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/crypto/crypto.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/cryptonote_core/cryptonote_basic.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/cryptonote_core/cryptonote_basic.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/cryptonote_core/cryptonote_basic_impl.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/cryptonote_core/cryptonote_basic_impl.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/cryptonote_core/cryptonote_format_utils.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/cryptonote_core/cryptonote_format_utils.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/cryptonote_core/miner.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/daemon/command_parser_executor.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/daemon/command_parser_executor.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/mnemonics/german.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/mnemonics/german.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/mnemonics/italian.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/mnemonics/italian.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/mnemonics/russian.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/mnemonics/russian.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/rpc/core_rpc_server.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/rpc/core_rpc_server.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/wallet/api/pending_transaction.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/wallet/api/pending_transaction.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/wallet/api/wallet.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/wallet/api/wallet.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/wallet/wallet2.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/wallet/wallet2.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/wallet/wallet2.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/wallet/wallet2.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/wallet/wallet_rpc_server.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/wallet/wallet_rpc_server.cpp.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/src/wallet/wallet_rpc_server_error_codes.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/src/wallet/wallet_rpc_server_error_codes.h.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/refs/heads/master.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/logs/refs/heads/master.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/logs/refs/heads/pow-change.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/refs/heads/pow-change.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/refs/heads/master.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/refs/heads/pow-change.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/logs/refs/heads/master.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/logs/refs/heads/pow-change.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\sumokoin/.git/refs/heads/master.
- The file will have its original line endings in your working directory.
- warning: LF will be replaced by CRLF in c:\1\2\sumokoin/.git/refs/heads/pow-change.
- The file will have its original line endings in your working directory.
- diff --git "a/c:\\1\\sumokoin/.git/HEAD" "b/c:\\1\\2\\sumokoin/.git/HEAD"
- index cb089cd..277049a 100644
- --- "a/c:\\1\\sumokoin/.git/HEAD"
- +++ "b/c:\\1\\2\\sumokoin/.git/HEAD"
- @@ -1 +1 @@
- -ref: refs/heads/master
- +ref: refs/heads/pow-change
- diff --git "a/c:\\1\\sumokoin/.git/config" "b/c:\\1\\2\\sumokoin/.git/config"
- index 67a4572..5b239db 100644
- --- "a/c:\\1\\sumokoin/.git/config"
- +++ "b/c:\\1\\2\\sumokoin/.git/config"
- @@ -8,6 +8,6 @@
- [remote "origin"]
- url = https://github.com/curie-kief/sumokoin
- fetch = +refs/heads/*:refs/remotes/origin/*
- -[branch "master"]
- +[branch "pow-change"]
- remote = origin
- - merge = refs/heads/master
- + merge = refs/heads/pow-change
- diff --git "a/c:\\1\\sumokoin/.git/index" "b/c:\\1\\2\\sumokoin/.git/index"
- index 181cbb8..df06eea 100644
- Binary files "a/c:\\1\\sumokoin/.git/index" and "b/c:\\1\\2\\sumokoin/.git/index" differ
- diff --git "a/c:\\1\\sumokoin/.git/logs/HEAD" "b/c:\\1\\2\\sumokoin/.git/logs/HEAD"
- index 6c7ac38..e91a8ea 100644
- --- "a/c:\\1\\sumokoin/.git/logs/HEAD"
- +++ "b/c:\\1\\2\\sumokoin/.git/logs/HEAD"
- @@ -1 +1 @@
- -0000000000000000000000000000000000000000 5e990642905cef9d75931f202f9d400d3a1e94b0 Administrator <Administrator@EC2AMAZ-S6LBKHP.(none)> 1521577517 +0000 clone: from https://github.com/curie-kief/sumokoin
- +0000000000000000000000000000000000000000 2561bd3170736c82c2d15a920fecb469d7207645 Administrator <Administrator@EC2AMAZ-S6LBKHP.(none)> 1521577569 +0000 clone: from https://github.com/curie-kief/sumokoin
- diff --git "a/c:\\1\\sumokoin/.git/logs/refs/heads/master" "b/c:\\1\\sumokoin/.git/logs/refs/heads/master"
- deleted file mode 100644
- index 6c7ac38..0000000
- --- "a/c:\\1\\sumokoin/.git/logs/refs/heads/master"
- +++ /dev/null
- @@ -1 +0,0 @@
- -0000000000000000000000000000000000000000 5e990642905cef9d75931f202f9d400d3a1e94b0 Administrator <Administrator@EC2AMAZ-S6LBKHP.(none)> 1521577517 +0000 clone: from https://github.com/curie-kief/sumokoin
- diff --git "a/c:\\1\\2\\sumokoin/.git/logs/refs/heads/pow-change" "b/c:\\1\\2\\sumokoin/.git/logs/refs/heads/pow-change"new file mode 100644
- index 0000000..e91a8ea
- --- /dev/null
- +++ "b/c:\\1\\2\\sumokoin/.git/logs/refs/heads/pow-change"
- @@ -0,0 +1 @@
- +0000000000000000000000000000000000000000 2561bd3170736c82c2d15a920fecb469d7207645 Administrator <Administrator@EC2AMAZ-S6LBKHP.(none)> 1521577569 +0000 clone: from https://github.com/curie-kief/sumokoin
- diff --git "a/c:\\1\\sumokoin/.git/logs/refs/remotes/origin/HEAD" "b/c:\\1\\2\\sumokoin/.git/logs/refs/remotes/origin/HEAD"
- index 6c7ac38..8ed1bb8 100644
- --- "a/c:\\1\\sumokoin/.git/logs/refs/remotes/origin/HEAD"
- +++ "b/c:\\1\\2\\sumokoin/.git/logs/refs/remotes/origin/HEAD"
- @@ -1 +1 @@
- -0000000000000000000000000000000000000000 5e990642905cef9d75931f202f9d400d3a1e94b0 Administrator <Administrator@EC2AMAZ-S6LBKHP.(none)> 1521577517 +0000 clone: from https://github.com/curie-kief/sumokoin
- +0000000000000000000000000000000000000000 5e990642905cef9d75931f202f9d400d3a1e94b0 Administrator <Administrator@EC2AMAZ-S6LBKHP.(none)> 1521577569 +0000 clone: from https://github.com/curie-kief/sumokoin
- diff --git "a/c:\\1\\sumokoin/.git/refs/heads/master" "b/c:\\1\\sumokoin/.git/refs/heads/master"
- deleted file mode 100644
- index f2e26d7..0000000
- --- "a/c:\\1\\sumokoin/.git/refs/heads/master"
- +++ /dev/null
- @@ -1 +0,0 @@
- -5e990642905cef9d75931f202f9d400d3a1e94b0
- diff --git "a/c:\\1\\2\\sumokoin/.git/refs/heads/pow-change" "b/c:\\1\\2\\sumokoin/.git/refs/heads/pow-change"
- new file mode 100644
- index 0000000..74512f5
- --- /dev/null
- +++ "b/c:\\1\\2\\sumokoin/.git/refs/heads/pow-change"
- @@ -0,0 +1 @@
- +2561bd3170736c82c2d15a920fecb469d7207645
- diff --git "a/c:\\1\\sumokoin/CMakeLists.txt" "b/c:\\1\\2\\sumokoin/CMakeLists.txt"
- index 6075c3e..e3d7a76 100644
- --- "a/c:\\1\\sumokoin/CMakeLists.txt"
- +++ "b/c:\\1\\2\\sumokoin/CMakeLists.txt"
- @@ -568,6 +568,8 @@ else()
- set(CMAKE_AR "gcc-ar")
- set(CMAKE_RANLIB "gcc-ranlib")
- endif()
- + # Default ubuntu 16.04 LTS ld.bfd refuses to cooperate with LTO'ed ar libs for some reason, gold linker works, go figure
- + set(RELEASE_FLAGS "${RELEASE_FLAGS} -fuse-ld=gold")
- endif()
- endif()
- diff --git "a/c:\\1\\sumokoin/src/crypto/CMakeLists.txt" "b/c:\\1\\2\\sumokoin/src/crypto/CMakeLists.txt"
- index 5f3e878..e8eec00 100644
- --- "a/c:\\1\\sumokoin/src/crypto/CMakeLists.txt"
- +++ "b/c:\\1\\2\\sumokoin/src/crypto/CMakeLists.txt"
- @@ -34,18 +34,14 @@ set(crypto_sources
- crypto-ops.c
- crypto.cpp
- groestl.c
- - hash-extra-blake.c
- - hash-extra-groestl.c
- - hash-extra-jh.c
- - hash-extra-skein.c
- hash.c
- jh.c
- keccak.c
- - oaes_lib.c
- random.c
- skein.c
- - slow-hash.c
- - tree-hash.c)
- + tree-hash.c
- + cn_slow_hash_soft.cpp
- + cn_slow_hash_hard_intel.cpp)
- set(crypto_headers)
- @@ -62,11 +58,10 @@ set(crypto_private_headers
- initializer.h
- jh.h
- keccak.h
- - oaes_config.h
- - oaes_lib.h
- random.h
- skein.h
- - skein_port.h)
- + skein_port.h
- + cn_slow_hash.hpp)
- sumokoin_private_headers(crypto
- ${crypto_private_headers})
- @@ -79,23 +74,3 @@ target_link_libraries(crypto
- ${Boost_SYSTEM_LIBRARY}
- PRIVATE
- ${EXTRA_LIBRARIES})
- -
- -if (ARM)
- - option(NO_OPTIMIZED_MULTIPLY_ON_ARM
- - "Compute multiply using generic C implementation instead of ARM ASM" OFF)
- - if(NO_OPTIMIZED_MULTIPLY_ON_ARM)
- - message(STATUS "Using generic C implementation for multiply")
- - set_property(SOURCE slow-hash.c
- - PROPERTY COMPILE_DEFINITIONS "NO_OPTIMIZED_MULTIPLY_ON_ARM")
- - endif()
- -endif()
- -
- -# Because of the way Qt works on android with JNI, the code does not live in the
- -# main android thread
- -# So this code runs with a 1 MB default stack size.
- -# This will force the use of the heap for the allocation of the scratchpad
- -if (ANDROID OR IOS)
- - if( BUILD_GUI_DEPS )
- - add_definitions(-DFORCE_USE_HEAP=1)
- - endif()
- -endif()
- diff --git "a/c:\\1\\sumokoin/src/crypto/chacha8.h" "b/c:\\1\\2\\sumokoin/src/crypto/chacha8.h"
- index 94c0ba7..ded7914 100644
- --- "a/c:\\1\\sumokoin/src/crypto/chacha8.h"
- +++ "b/c:\\1\\2\\sumokoin/src/crypto/chacha8.h"
- @@ -40,6 +40,7 @@
- #include <memory.h>
- #include "hash.h"
- +#include "cn_slow_hash.hpp"
- namespace crypto {
- extern "C" {
- @@ -72,8 +73,9 @@ namespace crypto {
- inline void generate_chacha8_key(const void *data, size_t size, chacha8_key& key) {
- static_assert(sizeof(chacha8_key) <= sizeof(hash), "Size of hash must be at least that of chacha8_key");
- - char pwd_hash[HASH_SIZE];
- - crypto::cn_slow_hash(data, size, pwd_hash);
- + uint8_t pwd_hash[HASH_SIZE];
- + cn_pow_hash_v1 kdf_hash;
- + kdf_hash.hash(data, size, pwd_hash);
- memcpy(&key, pwd_hash, sizeof(key));
- memset(pwd_hash, 0, sizeof(pwd_hash));
- }
- diff --git "a/c:\\1\\2\\sumokoin/src/crypto/cn_slow_hash.hpp" "b/c:\\1\\2\\sumokoin/src/crypto/cn_slow_hash.hpp"
- new file mode 100644
- index 0000000..d35782e
- --- /dev/null
- +++ "b/c:\\1\\2\\sumokoin/src/crypto/cn_slow_hash.hpp"
- @@ -0,0 +1,230 @@
- +// Copyright (c) 2017, SUMOKOIN
- +//
- +// All rights reserved.
- +//
- +// Redistribution and use in source and binary forms, with or without modification, are
- +// permitted provided that the following conditions are met:
- +//
- +// 1. Redistributions of source code must retain the above copyright notice, this list of
- +// conditions and the following disclaimer.
- +//
- +// 2. Redistributions in binary form must reproduce the above copyright notice, this list
- +// of conditions and the following disclaimer in the documentation and/or other
- +// materials provided with the distribution.
- +//
- +// 3. Neither the name of the copyright holder nor the names of its contributors may be
- +// used to endorse or promote products derived from this software without specific
- +// prior written permission.
- +//
- +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
- +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
- +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
- +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- +//
- +// Parts of this file are originally copyright (c) 2014-2017, The Monero Project
- +// Parts of this file are originally copyright (c) 2012-2013, The Cryptonote developers
- +
- +#pragma once
- +
- +#include <inttypes.h>
- +#include <stddef.h>
- +#include <stdlib.h>
- +#include <assert.h>
- +#include <string.h>
- +
- +// Note HAS_INTEL_HW and future HAS_ARM_HW only mean we can emit the AES instructions
- +// check CPU support for the hardware AES encryption has to be done at runtime
- +#if defined(__x86_64__) || defined(__i386__) || defined(_M_X86) || defined(_M_X64)
- +#ifdef __GNUC__
- +#include <x86intrin.h>
- +#include <cpuid.h>
- +#pragma GCC target ("aes")
- +#define HAS_INTEL_HW
- +#endif
- +#if defined(_MSC_VER) && !defined(__MINGW32__) && !defined(__MINGW64__)
- +#include <intrin.h>
- +#define HAS_INTEL_HW
- +#endif
- +#endif
- +
- +#if defined(_WIN32) || defined(_WIN64)
- +#include <malloc.h>
- +#define WIN_MEM_ALIGN
- +#endif
- +
- +#ifdef HAS_INTEL_HW
- +inline void cpuid(uint32_t eax, int32_t ecx, int32_t val[4])
- +{
- + val[0] = 0;
- + val[1] = 0;
- + val[2] = 0;
- + val[3] = 0;
- +
- +#if defined(_MSC_VER) && !defined(__MINGW32__) && !defined(__MINGW64__)
- + __cpuidex(val, eax, ecx);
- +#else
- + __cpuid_count(eax, ecx, val[0], val[1], val[2], val[3]);
- +#endif
- +}
- +
- +inline bool hw_check_aes()
- +{
- + int32_t cpu_info[4];
- + cpuid(1, 0, cpu_info);
- + return (cpu_info[2] & (1 << 25)) != 0;
- +}
- +#endif
- +
- +#ifdef HAS_ARM_HW
- +inline bool hw_check_aes()
- +{
- + return false;
- +}
- +#endif
- +
- +#if !defined(HAS_INTEL_HW) && !defined(HAS_ARM_HW)
- +inline bool hw_check_aes()
- +{
- + return false;
- +}
- +#endif
- +
- +// This cruft avoids casting-galore and allows us not to worry about sizeof(void*)
- +union cn_sptr
- +{
- + cn_sptr() : as_void(nullptr) {}
- + cn_sptr(uint64_t* ptr) { as_uqword = ptr; }
- + cn_sptr(uint32_t* ptr) { as_udword = ptr; }
- + cn_sptr(uint8_t* ptr) { as_byte = ptr; }
- +#ifdef HAS_INTEL_HW
- + cn_sptr(__m128i* ptr) { as_xmm = ptr; }
- +#endif
- +
- + void* as_void;
- + uint8_t* as_byte;
- + uint64_t* as_uqword;
- + int32_t* as_dword;
- + uint32_t* as_udword;
- +#ifdef HAS_INTEL_HW
- + __m128i* as_xmm;
- +#endif
- +};
- +
- +#include <stdio.h>
- +#include <signal.h>
- +template<size_t MEMORY, size_t ITER>
- +class cn_slow_hash
- +{
- +public:
- + cn_slow_hash()
- + {
- +#if !defined(WIN_MEM_ALIGN)
- + lpad.as_void = aligned_alloc(4096, MEMORY);
- + spad.as_void = aligned_alloc(4096, 4096);
- +#else
- + lpad.as_void = _aligned_malloc(MEMORY, 4096);
- + spad.as_void = _aligned_malloc(4096, 4096);
- +#endif
- + }
- +
- + cn_slow_hash (cn_slow_hash&& other) noexcept : lpad(other.lpad.as_byte), spad(other.spad.as_byte)
- + {
- + other.lpad.as_byte = nullptr;
- + other.spad.as_byte = nullptr;
- + }
- +
- + cn_slow_hash& operator= (cn_slow_hash&& other) noexcept
- + {
- + if(this == &other)
- + return *this;
- +
- + free_mem();
- + lpad.as_byte = other.lpad.as_byte;
- + spad.as_byte = spad.as_byte;
- + return *this;
- + }
- +
- + // Copying is going to be really inefficient
- + cn_slow_hash(const cn_slow_hash& other) = delete;
- + cn_slow_hash& operator= (const cn_slow_hash& other) = delete;
- +
- + ~cn_slow_hash()
- + {
- + free_mem();
- + }
- +
- + void hash(const void* in, size_t len, void* out)
- + {
- + if(hw_check_aes() && !check_override())
- + hardware_hash(in, len, out);
- + else
- + software_hash(in, len, out);
- + }
- +
- + void software_hash(const void* in, size_t len, void* out);
- +
- +#if !defined(HAS_INTEL_HW) && !defined(HAS_ARM_HW)
- + inline void hardware_hash(const void* in, size_t len, void* out) { assert(false); }
- +#else
- + void hardware_hash(const void* in, size_t len, void* out);
- +#endif
- +
- +private:
- + static constexpr size_t MASK = ((MEMORY-1) >> 4) << 4;
- +
- + inline bool check_override()
- + {
- + const char *env = getenv("SUMO_USE_SOFTWARE_AES");
- + if (!env) {
- + return false;
- + }
- + else if (!strcmp(env, "0") || !strcmp(env, "no")) {
- + return false;
- + }
- + else {
- + return true;
- + }
- + }
- +
- + inline void free_mem()
- + {
- +#if !defined(WIN_MEM_ALIGN)
- + if(lpad.as_void != nullptr)
- + free(lpad.as_void);
- + if(lpad.as_void != nullptr)
- + free(spad.as_void);
- +#else
- + if(lpad.as_void != nullptr)
- + _aligned_free(lpad.as_void);
- + if(lpad.as_void != nullptr)
- + _aligned_free(spad.as_void);
- +#endif
- + lpad.as_void = nullptr;
- + spad.as_void = nullptr;
- + }
- +
- + inline cn_sptr scratchpad_ptr(uint32_t idx) { return lpad.as_byte + (idx & MASK); }
- +
- +#if !defined(HAS_INTEL_HW) && !defined(HAS_ARM_HW)
- + inline void explode_scratchpad_hard() { assert(false); }
- + inline void implode_scratchpad_hard() { assert(false); }
- +#else
- + void explode_scratchpad_hard();
- + void implode_scratchpad_hard();
- +#endif
- +
- + void explode_scratchpad_soft();
- + void implode_scratchpad_soft();
- +
- + cn_sptr lpad;
- + cn_sptr spad;
- +};
- +
- +using cn_pow_hash_v1 = cn_slow_hash<2*1024*1024, 0x80000>;
- +
- +extern template class cn_slow_hash<2*1024*1024, 0x80000>;
- diff --git "a/c:\\1\\2\\sumokoin/src/crypto/cn_slow_hash_hard_intel.cpp" "b/c:\\1\\2\\sumokoin/src/crypto/cn_slow_hash_hard_intel.cpp"
- new file mode 100644
- index 0000000..f19fdd8
- --- /dev/null
- +++ "b/c:\\1\\2\\sumokoin/src/crypto/cn_slow_hash_hard_intel.cpp"
- @@ -0,0 +1,314 @@
- +// Copyright (c) 2017, SUMOKOIN
- +//
- +// All rights reserved.
- +//
- +// Redistribution and use in source and binary forms, with or without modification, are
- +// permitted provided that the following conditions are met:
- +//
- +// 1. Redistributions of source code must retain the above copyright notice, this list of
- +// conditions and the following disclaimer.
- +//
- +// 2. Redistributions in binary form must reproduce the above copyright notice, this list
- +// of conditions and the following disclaimer in the documentation and/or other
- +// materials provided with the distribution.
- +//
- +// 3. Neither the name of the copyright holder nor the names of its contributors may be
- +// used to endorse or promote products derived from this software without specific
- +// prior written permission.
- +//
- +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
- +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
- +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
- +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- +//
- +// Parts of this file are originally copyright (c) 2014-2017, The Monero Project
- +// Parts of this file are originally copyright (c) 2012-2013, The Cryptonote developers
- +
- +#include "cn_slow_hash.hpp"
- +#include "keccak.h"
- +
- +#ifdef HAS_INTEL_HW
- +
- +#if !defined(_LP64) && !defined(_WIN64)
- +#define BUILD32
- +#endif
- +
- +// sl_xor(a1 a2 a3 a4) = a1 (a2^a1) (a3^a2^a1) (a4^a3^a2^a1)
- +inline __m128i sl_xor(__m128i tmp1)
- +{
- + __m128i tmp4;
- + tmp4 = _mm_slli_si128(tmp1, 0x04);
- + tmp1 = _mm_xor_si128(tmp1, tmp4);
- + tmp4 = _mm_slli_si128(tmp4, 0x04);
- + tmp1 = _mm_xor_si128(tmp1, tmp4);
- + tmp4 = _mm_slli_si128(tmp4, 0x04);
- + tmp1 = _mm_xor_si128(tmp1, tmp4);
- + return tmp1;
- +}
- +
- +template<uint8_t rcon>
- +inline void aes_genkey_sub(__m128i& xout0, __m128i& xout2)
- +{
- + __m128i xout1 = _mm_aeskeygenassist_si128(xout2, rcon);
- + xout1 = _mm_shuffle_epi32(xout1, 0xFF);
- + xout0 = sl_xor(xout0);
- + xout0 = _mm_xor_si128(xout0, xout1);
- + xout1 = _mm_aeskeygenassist_si128(xout0, 0x00);
- + xout1 = _mm_shuffle_epi32(xout1, 0xAA);
- + xout2 = sl_xor(xout2);
- + xout2 = _mm_xor_si128(xout2, xout1);
- +}
- +
- +inline void aes_genkey(const __m128i* memory, __m128i& k0, __m128i& k1, __m128i& k2, __m128i& k3, __m128i& k4,
- + __m128i& k5, __m128i& k6, __m128i& k7, __m128i& k8, __m128i& k9)
- +{
- + __m128i xout0, xout2;
- +
- + xout0 = _mm_load_si128(memory);
- + xout2 = _mm_load_si128(memory + 1);
- + k0 = xout0;
- + k1 = xout2;
- +
- + aes_genkey_sub<0x01>(xout0, xout2);
- + k2 = xout0;
- + k3 = xout2;
- +
- + aes_genkey_sub<0x02>(xout0, xout2);
- + k4 = xout0;
- + k5 = xout2;
- +
- + aes_genkey_sub<0x04>(xout0, xout2);
- + k6 = xout0;
- + k7 = xout2;
- +
- + aes_genkey_sub<0x08>(xout0, xout2);
- + k8 = xout0;
- + k9 = xout2;
- +}
- +
- +inline void aes_round8(const __m128i& key, __m128i& x0, __m128i& x1, __m128i& x2, __m128i& x3, __m128i& x4, __m128i& x5, __m128i& x6, __m128i& x7)
- +{
- + x0 = _mm_aesenc_si128(x0, key);
- + x1 = _mm_aesenc_si128(x1, key);
- + x2 = _mm_aesenc_si128(x2, key);
- + x3 = _mm_aesenc_si128(x3, key);
- + x4 = _mm_aesenc_si128(x4, key);
- + x5 = _mm_aesenc_si128(x5, key);
- + x6 = _mm_aesenc_si128(x6, key);
- + x7 = _mm_aesenc_si128(x7, key);
- +}
- +
- +template<size_t MEMORY, size_t ITER>
- +void cn_slow_hash<MEMORY,ITER>::implode_scratchpad_hard()
- +{
- + __m128i x0, x1, x2, x3, x4, x5, x6, x7;
- + __m128i k0, k1, k2, k3, k4, k5, k6, k7, k8, k9;
- +
- + aes_genkey(spad.as_xmm + 2, k0, k1, k2, k3, k4, k5, k6, k7, k8, k9);
- +
- + x0 = _mm_load_si128(spad.as_xmm + 4);
- + x1 = _mm_load_si128(spad.as_xmm + 5);
- + x2 = _mm_load_si128(spad.as_xmm + 6);
- + x3 = _mm_load_si128(spad.as_xmm + 7);
- + x4 = _mm_load_si128(spad.as_xmm + 8);
- + x5 = _mm_load_si128(spad.as_xmm + 9);
- + x6 = _mm_load_si128(spad.as_xmm + 10);
- + x7 = _mm_load_si128(spad.as_xmm + 11);
- +
- + for (size_t i = 0; i < MEMORY / sizeof(__m128i); i +=8)
- + {
- + x0 = _mm_xor_si128(_mm_load_si128(lpad.as_xmm + i + 0), x0);
- + x1 = _mm_xor_si128(_mm_load_si128(lpad.as_xmm + i + 1), x1);
- + x2 = _mm_xor_si128(_mm_load_si128(lpad.as_xmm + i + 2), x2);
- + x3 = _mm_xor_si128(_mm_load_si128(lpad.as_xmm + i + 3), x3);
- + x4 = _mm_xor_si128(_mm_load_si128(lpad.as_xmm + i + 4), x4);
- + x5 = _mm_xor_si128(_mm_load_si128(lpad.as_xmm + i + 5), x5);
- + x6 = _mm_xor_si128(_mm_load_si128(lpad.as_xmm + i + 6), x6);
- + x7 = _mm_xor_si128(_mm_load_si128(lpad.as_xmm + i + 7), x7);
- +
- + aes_round8(k0, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k1, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k2, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k3, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k4, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k5, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k6, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k7, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k8, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k9, x0, x1, x2, x3, x4, x5, x6, x7);
- + }
- +
- + _mm_store_si128(spad.as_xmm + 4, x0);
- + _mm_store_si128(spad.as_xmm + 5, x1);
- + _mm_store_si128(spad.as_xmm + 6, x2);
- + _mm_store_si128(spad.as_xmm + 7, x3);
- + _mm_store_si128(spad.as_xmm + 8, x4);
- + _mm_store_si128(spad.as_xmm + 9, x5);
- + _mm_store_si128(spad.as_xmm + 10, x6);
- + _mm_store_si128(spad.as_xmm + 11, x7);
- +}
- +
- +template<size_t MEMORY, size_t ITER>
- +void cn_slow_hash<MEMORY,ITER>::explode_scratchpad_hard()
- +{
- + __m128i x0, x1, x2, x3, x4, x5, x6, x7;
- + __m128i k0, k1, k2, k3, k4, k5, k6, k7, k8, k9;
- +
- + aes_genkey(spad.as_xmm, k0, k1, k2, k3, k4, k5, k6, k7, k8, k9);
- +
- + x0 = _mm_load_si128(spad.as_xmm + 4);
- + x1 = _mm_load_si128(spad.as_xmm + 5);
- + x2 = _mm_load_si128(spad.as_xmm + 6);
- + x3 = _mm_load_si128(spad.as_xmm + 7);
- + x4 = _mm_load_si128(spad.as_xmm + 8);
- + x5 = _mm_load_si128(spad.as_xmm + 9);
- + x6 = _mm_load_si128(spad.as_xmm + 10);
- + x7 = _mm_load_si128(spad.as_xmm + 11);
- +
- + for(size_t i = 0; i < MEMORY / sizeof(__m128i); i += 8)
- + {
- + aes_round8(k0, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k1, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k2, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k3, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k4, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k5, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k6, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k7, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k8, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k9, x0, x1, x2, x3, x4, x5, x6, x7);
- +
- + _mm_store_si128(lpad.as_xmm + i + 0, x0);
- + _mm_store_si128(lpad.as_xmm + i + 1, x1);
- + _mm_store_si128(lpad.as_xmm + i + 2, x2);
- + _mm_store_si128(lpad.as_xmm + i + 3, x3);
- + _mm_store_si128(lpad.as_xmm + i + 4, x4);
- + _mm_store_si128(lpad.as_xmm + i + 5, x5);
- + _mm_store_si128(lpad.as_xmm + i + 6, x6);
- + _mm_store_si128(lpad.as_xmm + i + 7, x7);
- + }
- +}
- +
- +#ifdef BUILD32
- +inline uint64_t _umul128(uint64_t multiplier, uint64_t multiplicand, uint64_t* product_hi)
- +{
- + // multiplier = ab = a * 2^32 + b
- + // multiplicand = cd = c * 2^32 + d
- + // ab * cd = a * c * 2^64 + (a * d + b * c) * 2^32 + b * d
- + uint64_t a = multiplier >> 32;
- + uint64_t b = multiplier & 0xFFFFFFFF;
- + uint64_t c = multiplicand >> 32;
- + uint64_t d = multiplicand & 0xFFFFFFFF;
- +
- + uint64_t ac = a * c;
- + uint64_t ad = a * d;
- + uint64_t bc = b * c;
- + uint64_t bd = b * d;
- +
- + uint64_t adbc = ad + bc;
- + uint64_t adbc_carry = adbc < ad ? 1 : 0;
- +
- + // multiplier * multiplicand = product_hi * 2^64 + product_lo
- + uint64_t product_lo = bd + (adbc << 32);
- + uint64_t product_lo_carry = product_lo < bd ? 1 : 0;
- + *product_hi = ac + (adbc >> 32) + (adbc_carry << 32) + product_lo_carry;
- +
- + return product_lo;
- +}
- +#else
- +inline uint64_t _umul128(uint64_t a, uint64_t b, uint64_t* hi)
- +{
- + unsigned __int128 r = (unsigned __int128)a * (unsigned __int128)b;
- + *hi = r >> 64;
- + return (uint64_t)r;
- +}
- +#endif
- +
- +extern "C" void blake256_hash(uint8_t*, const uint8_t*, uint64_t);
- +extern "C" void groestl(const uint8_t*, uint64_t, uint8_t*);
- +extern "C" size_t jh_hash(int, const uint8_t*, size_t databitlen, uint8_t*);
- +extern "C" size_t skein_hash(int, const uint8_t*, size_t, uint8_t*);
- +
- +inline uint64_t xmm_extract_64(__m128i x)
- +{
- +#ifdef BUILD32
- + uint64_t r = uint32_t(_mm_cvtsi128_si32(_mm_shuffle_epi32(x, _MM_SHUFFLE(1,1,1,1))));
- + r <<= 32;
- + r |= uint32_t(_mm_cvtsi128_si32(x));
- + return r;
- +#else
- + return _mm_cvtsi128_si64(x);
- +#endif
- +}
- +
- +template<size_t MEMORY, size_t ITER>
- +void cn_slow_hash<MEMORY,ITER>::hardware_hash(const void* in, size_t len, void* out)
- +{
- + keccak((const uint8_t *)in, len, spad.as_byte, 200);
- +
- + explode_scratchpad_hard();
- +
- + uint64_t* h0 = spad.as_uqword;
- +
- + uint64_t al0 = h0[0] ^ h0[4];
- + uint64_t ah0 = h0[1] ^ h0[5];
- + __m128i bx0 = _mm_set_epi64x(h0[3] ^ h0[7], h0[2] ^ h0[6]);
- +
- + uint64_t idx0 = h0[0] ^ h0[4];
- +
- + // Optim - 90% time boundary
- + for(size_t i = 0; i < ITER; i++)
- + {
- + __m128i cx;
- + cx = _mm_load_si128(scratchpad_ptr(idx0).as_xmm);
- +
- + cx = _mm_aesenc_si128(cx, _mm_set_epi64x(ah0, al0));
- +
- + _mm_store_si128(scratchpad_ptr(idx0).as_xmm, _mm_xor_si128(bx0, cx));
- + idx0 = xmm_extract_64(cx);
- + bx0 = cx;
- +
- + uint64_t hi, lo, cl, ch;
- + cl = scratchpad_ptr(idx0).as_uqword[0];
- + ch = scratchpad_ptr(idx0).as_uqword[1];
- +
- + lo = _umul128(idx0, cl, &hi);
- +
- + al0 += hi;
- + ah0 += lo;
- + scratchpad_ptr(idx0).as_uqword[0] = al0;
- + scratchpad_ptr(idx0).as_uqword[1] = ah0;
- + ah0 ^= ch;
- + al0 ^= cl;
- + idx0 = al0;
- + }
- +
- + implode_scratchpad_hard();
- +
- + keccakf(spad.as_uqword, 24);
- +
- + switch(spad.as_byte[0] & 3)
- + {
- + case 0:
- + blake256_hash((uint8_t*)out, spad.as_byte, 200);
- + break;
- + case 1:
- + groestl(spad.as_byte, 200 * 8, (uint8_t*)out);
- + break;
- + case 2:
- + jh_hash(32 * 8, spad.as_byte, 8 * 200, (uint8_t*)out);
- + break;
- + case 3:
- + skein_hash(8 * 32, spad.as_byte, 8 * 200, (uint8_t*)out);
- + break;
- + }
- +}
- +
- +template class cn_slow_hash<2*1024*1024, 0x80000>;
- +
- +#endif
- diff --git "a/c:\\1\\2\\sumokoin/src/crypto/cn_slow_hash_soft.cpp" "b/c:\\1\\2\\sumokoin/src/crypto/cn_slow_hash_soft.cpp"
- new file mode 100644
- index 0000000..f48e7fe
- --- /dev/null
- +++ "b/c:\\1\\2\\sumokoin/src/crypto/cn_slow_hash_soft.cpp"
- @@ -0,0 +1,487 @@
- +// Copyright (c) 2017, SUMOKOIN
- +//
- +// All rights reserved.
- +//
- +// Redistribution and use in source and binary forms, with or without modification, are
- +// permitted provided that the following conditions are met:
- +//
- +// 1. Redistributions of source code must retain the above copyright notice, this list of
- +// conditions and the following disclaimer.
- +//
- +// 2. Redistributions in binary form must reproduce the above copyright notice, this list
- +// of conditions and the following disclaimer in the documentation and/or other
- +// materials provided with the distribution.
- +//
- +// 3. Neither the name of the copyright holder nor the names of its contributors may be
- +// used to endorse or promote products derived from this software without specific
- +// prior written permission.
- +//
- +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
- +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
- +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
- +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- +//
- +// Parts of this file are originally copyright (c) 2012-2013, The Cryptonote developers
- +
- +#include "cn_slow_hash.hpp"
- +#include "keccak.h"
- +
- +/*
- +AES Tables Implementation is
- +---------------------------------------------------------------------------
- +Copyright (c) 1998-2013, Brian Gladman, Worcester, UK. All rights reserved.
- +
- +The redistribution and use of this software (with or without changes)
- +is allowed without the payment of fees or royalties provided that:
- +
- + source code distributions include the above copyright notice, this
- + list of conditions and the following disclaimer;
- +
- + binary distributions include the above copyright notice, this list
- + of conditions and the following disclaimer in their documentation.
- +
- +This software is provided 'as is' with no explicit or implied warranties
- +in respect of its operation, including, but not limited to, correctness
- +and fitness for purpose.
- +---------------------------------------------------------------------------
- +*/
- +
- +#if !defined(_LP64) && !defined(_WIN64)
- +#define BUILD32
- +#endif
- +
- +#define saes_data(w) {\
- + w(0x63), w(0x7c), w(0x77), w(0x7b), w(0xf2), w(0x6b), w(0x6f), w(0xc5),\
- + w(0x30), w(0x01), w(0x67), w(0x2b), w(0xfe), w(0xd7), w(0xab), w(0x76),\
- + w(0xca), w(0x82), w(0xc9), w(0x7d), w(0xfa), w(0x59), w(0x47), w(0xf0),\
- + w(0xad), w(0xd4), w(0xa2), w(0xaf), w(0x9c), w(0xa4), w(0x72), w(0xc0),\
- + w(0xb7), w(0xfd), w(0x93), w(0x26), w(0x36), w(0x3f), w(0xf7), w(0xcc),\
- + w(0x34), w(0xa5), w(0xe5), w(0xf1), w(0x71), w(0xd8), w(0x31), w(0x15),\
- + w(0x04), w(0xc7), w(0x23), w(0xc3), w(0x18), w(0x96), w(0x05), w(0x9a),\
- + w(0x07), w(0x12), w(0x80), w(0xe2), w(0xeb), w(0x27), w(0xb2), w(0x75),\
- + w(0x09), w(0x83), w(0x2c), w(0x1a), w(0x1b), w(0x6e), w(0x5a), w(0xa0),\
- + w(0x52), w(0x3b), w(0xd6), w(0xb3), w(0x29), w(0xe3), w(0x2f), w(0x84),\
- + w(0x53), w(0xd1), w(0x00), w(0xed), w(0x20), w(0xfc), w(0xb1), w(0x5b),\
- + w(0x6a), w(0xcb), w(0xbe), w(0x39), w(0x4a), w(0x4c), w(0x58), w(0xcf),\
- + w(0xd0), w(0xef), w(0xaa), w(0xfb), w(0x43), w(0x4d), w(0x33), w(0x85),\
- + w(0x45), w(0xf9), w(0x02), w(0x7f), w(0x50), w(0x3c), w(0x9f), w(0xa8),\
- + w(0x51), w(0xa3), w(0x40), w(0x8f), w(0x92), w(0x9d), w(0x38), w(0xf5),\
- + w(0xbc), w(0xb6), w(0xda), w(0x21), w(0x10), w(0xff), w(0xf3), w(0xd2),\
- + w(0xcd), w(0x0c), w(0x13), w(0xec), w(0x5f), w(0x97), w(0x44), w(0x17),\
- + w(0xc4), w(0xa7), w(0x7e), w(0x3d), w(0x64), w(0x5d), w(0x19), w(0x73),\
- + w(0x60), w(0x81), w(0x4f), w(0xdc), w(0x22), w(0x2a), w(0x90), w(0x88),\
- + w(0x46), w(0xee), w(0xb8), w(0x14), w(0xde), w(0x5e), w(0x0b), w(0xdb),\
- + w(0xe0), w(0x32), w(0x3a), w(0x0a), w(0x49), w(0x06), w(0x24), w(0x5c),\
- + w(0xc2), w(0xd3), w(0xac), w(0x62), w(0x91), w(0x95), w(0xe4), w(0x79),\
- + w(0xe7), w(0xc8), w(0x37), w(0x6d), w(0x8d), w(0xd5), w(0x4e), w(0xa9),\
- + w(0x6c), w(0x56), w(0xf4), w(0xea), w(0x65), w(0x7a), w(0xae), w(0x08),\
- + w(0xba), w(0x78), w(0x25), w(0x2e), w(0x1c), w(0xa6), w(0xb4), w(0xc6),\
- + w(0xe8), w(0xdd), w(0x74), w(0x1f), w(0x4b), w(0xbd), w(0x8b), w(0x8a),\
- + w(0x70), w(0x3e), w(0xb5), w(0x66), w(0x48), w(0x03), w(0xf6), w(0x0e),\
- + w(0x61), w(0x35), w(0x57), w(0xb9), w(0x86), w(0xc1), w(0x1d), w(0x9e),\
- + w(0xe1), w(0xf8), w(0x98), w(0x11), w(0x69), w(0xd9), w(0x8e), w(0x94),\
- + w(0x9b), w(0x1e), w(0x87), w(0xe9), w(0xce), w(0x55), w(0x28), w(0xdf),\
- + w(0x8c), w(0xa1), w(0x89), w(0x0d), w(0xbf), w(0xe6), w(0x42), w(0x68),\
- + w(0x41), w(0x99), w(0x2d), w(0x0f), w(0xb0), w(0x54), w(0xbb), w(0x16) }
- +
- +#define SAES_WPOLY 0x011b
- +
- +#define saes_b2w(b0, b1, b2, b3) (((uint32_t)(b3) << 24) | \
- + ((uint32_t)(b2) << 16) | ((uint32_t)(b1) << 8) | (b0))
- +
- +#define saes_f2(x) ((x<<1) ^ (((x>>7) & 1) * SAES_WPOLY))
- +#define saes_f3(x) (saes_f2(x) ^ x)
- +#define saes_h0(x) (x)
- +
- +#define saes_u0(p) saes_b2w(saes_f2(p), p, p, saes_f3(p))
- +#define saes_u1(p) saes_b2w(saes_f3(p), saes_f2(p), p, p)
- +#define saes_u2(p) saes_b2w( p, saes_f3(p), saes_f2(p), p)
- +#define saes_u3(p) saes_b2w( p, p, saes_f3(p), saes_f2(p))
- +
- +alignas(16) const uint32_t saes_table[4][256] = { saes_data(saes_u0), saes_data(saes_u1), saes_data(saes_u2), saes_data(saes_u3) };
- +alignas(16) const uint8_t saes_sbox[256] = saes_data(saes_h0);
- +
- +struct u32
- +{
- + uint32_t x0;
- + uint32_t x1;
- + uint32_t x2;
- + uint32_t x3;
- +};
- +
- +struct u64
- +{
- + uint64_t x0;
- + uint64_t x1;
- +};
- +
- +struct aesdata
- +{
- + union
- + {
- + u32 v32;
- + u64 v64;
- + };
- +
- + inline void load(const cn_sptr mem)
- + {
- +#ifdef BUILD32
- + v32.x0 = mem.as_udword[0];
- + v32.x1 = mem.as_udword[1];
- + v32.x2 = mem.as_udword[2];
- + v32.x3 = mem.as_udword[3];
- +#else
- + v64.x0 = mem.as_uqword[0];
- + v64.x1 = mem.as_uqword[1];
- +#endif
- + }
- +
- + inline void xor_load(const cn_sptr mem)
- + {
- +#ifdef BUILD32
- + v32.x0 ^= mem.as_udword[0];
- + v32.x1 ^= mem.as_udword[1];
- + v32.x2 ^= mem.as_udword[2];
- + v32.x3 ^= mem.as_udword[3];
- +#else
- + v64.x0 ^= mem.as_uqword[0];
- + v64.x1 ^= mem.as_uqword[1];
- +#endif
- + }
- +
- + inline void write(cn_sptr mem)
- + {
- +#ifdef BUILD32
- + mem.as_udword[0] = v32.x0;
- + mem.as_udword[1] = v32.x1;
- + mem.as_udword[2] = v32.x2;
- + mem.as_udword[3] = v32.x3;
- +#else
- + mem.as_uqword[0] = v64.x0;
- + mem.as_uqword[1] = v64.x1;
- +#endif
- + }
- +
- + inline aesdata& operator^=(const aesdata& rhs) noexcept
- + {
- +#ifdef BUILD32
- + v32.x0 ^= rhs.v32.x0;
- + v32.x1 ^= rhs.v32.x1;
- + v32.x2 ^= rhs.v32.x2;
- + v32.x3 ^= rhs.v32.x3;
- +#else
- + v64.x0 ^= rhs.v64.x0;
- + v64.x1 ^= rhs.v64.x1;
- +#endif
- + return *this;
- + }
- +
- + inline aesdata& operator^=(uint32_t rhs) noexcept
- + {
- + v32.x0 ^= rhs;
- + v32.x1 ^= rhs;
- + v32.x2 ^= rhs;
- + v32.x3 ^= rhs;
- + return *this;
- + }
- +};
- +
- +inline uint32_t sub_word(uint32_t key)
- +{
- + return (saes_sbox[key >> 24 ] << 24) | (saes_sbox[(key >> 16) & 0xff] << 16 ) |
- + (saes_sbox[(key >> 8) & 0xff] << 8 ) | saes_sbox[key & 0xff];
- +}
- +
- +#if defined(__clang__) || defined(__arm__) || defined(__aarch64__)
- +inline uint32_t rotr(uint32_t value, uint32_t amount)
- +{
- + return (value >> amount) | (value << ((32 - amount) & 31));
- +}
- +#else
- +inline uint32_t rotr(uint32_t value, uint32_t amount)
- +{
- + return _rotr(value, amount);
- +}
- +#endif
- +
- +// sl_xor(a1 a2 a3 a4) = a1 (a2^a1) (a3^a2^a1) (a4^a3^a2^a1)
- +inline void sl_xor(aesdata& x)
- +{
- + x.v32.x1 ^= x.v32.x0;
- + x.v32.x2 ^= x.v32.x1;
- + x.v32.x3 ^= x.v32.x2;
- +}
- +
- +template<uint8_t rcon>
- +inline void soft_aes_genkey_sub(aesdata& xout0, aesdata& xout2)
- +{
- + sl_xor(xout0);
- + xout0 ^= rotr(sub_word(xout2.v32.x3), 8) ^ rcon;
- + sl_xor(xout2);
- + xout2 ^= sub_word(xout0.v32.x3);
- +}
- +
- +inline void aes_genkey(const cn_sptr memory, aesdata& k0, aesdata& k1, aesdata& k2, aesdata& k3, aesdata& k4, aesdata& k5, aesdata& k6, aesdata& k7, aesdata& k8, aesdata& k9)
- +{
- + aesdata xout0, xout2;
- +
- + xout0.load(memory.as_uqword);
- + xout2.load(memory.as_uqword+2);
- + k0 = xout0;
- + k1 = xout2;
- +
- + soft_aes_genkey_sub<0x01>(xout0, xout2);
- + k2 = xout0;
- + k3 = xout2;
- +
- + soft_aes_genkey_sub<0x02>(xout0, xout2);
- + k4 = xout0;
- + k5 = xout2;
- +
- + soft_aes_genkey_sub<0x04>(xout0, xout2);
- + k6 = xout0;
- + k7 = xout2;
- +
- + soft_aes_genkey_sub<0x08>(xout0, xout2);
- + k8 = xout0;
- + k9 = xout2;
- +}
- +
- +inline void aes_round(aesdata& val, const aesdata& key)
- +{
- + u32 v = val.v32;
- + val.v32.x3 = saes_table[0][v.x3 & 0xff] ^ saes_table[1][(v.x0 >> 8) & 0xff] ^ saes_table[2][(v.x1 >> 16) & 0xff] ^ saes_table[3][v.x2 >> 24];
- + val.v32.x2 = saes_table[0][v.x2 & 0xff] ^ saes_table[1][(v.x3 >> 8) & 0xff] ^ saes_table[2][(v.x0 >> 16) & 0xff] ^ saes_table[3][v.x1 >> 24];
- + val.v32.x1 = saes_table[0][v.x1 & 0xff] ^ saes_table[1][(v.x2 >> 8) & 0xff] ^ saes_table[2][(v.x3 >> 16) & 0xff] ^ saes_table[3][v.x0 >> 24];
- + val.v32.x0 = saes_table[0][v.x0 & 0xff] ^ saes_table[1][(v.x1 >> 8) & 0xff] ^ saes_table[2][(v.x2 >> 16) & 0xff] ^ saes_table[3][v.x3 >> 24];
- + val ^= key;
- +}
- +
- +inline void aes_round8(const aesdata& key, aesdata& x0, aesdata& x1, aesdata& x2, aesdata& x3, aesdata& x4, aesdata& x5, aesdata& x6, aesdata& x7)
- +{
- + aes_round(x0, key);
- + aes_round(x1, key);
- + aes_round(x2, key);
- + aes_round(x3, key);
- + aes_round(x4, key);
- + aes_round(x5, key);
- + aes_round(x6, key);
- + aes_round(x7, key);
- +}
- +
- +template<size_t MEMORY, size_t ITER>
- +void cn_slow_hash<MEMORY,ITER>::implode_scratchpad_soft()
- +{
- + aesdata x0, x1, x2, x3, x4, x5, x6, x7;
- + aesdata k0, k1, k2, k3, k4, k5, k6, k7, k8, k9;
- +
- + aes_genkey(spad.as_uqword + 4, k0, k1, k2, k3, k4, k5, k6, k7, k8, k9);
- +
- + x0.load(spad.as_uqword + 8);
- + x1.load(spad.as_uqword + 10);
- + x2.load(spad.as_uqword + 12);
- + x3.load(spad.as_uqword + 14);
- + x4.load(spad.as_uqword + 16);
- + x5.load(spad.as_uqword + 18);
- + x6.load(spad.as_uqword + 20);
- + x7.load(spad.as_uqword + 22);
- +
- + for (size_t i = 0; i < MEMORY / sizeof(uint64_t); i += 16)
- + {
- + x0.xor_load(lpad.as_uqword + i + 0);
- + x1.xor_load(lpad.as_uqword + i + 2);
- + x2.xor_load(lpad.as_uqword + i + 4);
- + x3.xor_load(lpad.as_uqword + i + 6);
- + x4.xor_load(lpad.as_uqword + i + 8);
- + x5.xor_load(lpad.as_uqword + i + 10);
- + x6.xor_load(lpad.as_uqword + i + 12);
- + x7.xor_load(lpad.as_uqword + i + 14);
- +
- + aes_round8(k0, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k1, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k2, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k3, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k4, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k5, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k6, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k7, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k8, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k9, x0, x1, x2, x3, x4, x5, x6, x7);
- + }
- +
- + x0.write(spad.as_uqword + 8);
- + x1.write(spad.as_uqword + 10);
- + x2.write(spad.as_uqword + 12);
- + x3.write(spad.as_uqword + 14);
- + x4.write(spad.as_uqword + 16);
- + x5.write(spad.as_uqword + 18);
- + x6.write(spad.as_uqword + 20);
- + x7.write(spad.as_uqword + 22);
- +}
- +
- +template<size_t MEMORY, size_t ITER>
- +void cn_slow_hash<MEMORY,ITER>::explode_scratchpad_soft()
- +{
- + aesdata x0, x1, x2, x3, x4, x5, x6, x7;
- + aesdata k0, k1, k2, k3, k4, k5, k6, k7, k8, k9;
- +
- + aes_genkey(spad.as_uqword, k0, k1, k2, k3, k4, k5, k6, k7, k8, k9);
- +
- + x0.load(spad.as_uqword + 8);
- + x1.load(spad.as_uqword + 10);
- + x2.load(spad.as_uqword + 12);
- + x3.load(spad.as_uqword + 14);
- + x4.load(spad.as_uqword + 16);
- + x5.load(spad.as_uqword + 18);
- + x6.load(spad.as_uqword + 20);
- + x7.load(spad.as_uqword + 22);
- +
- + for (size_t i = 0; i < MEMORY / sizeof(uint64_t); i += 16)
- + {
- + aes_round8(k0, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k1, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k2, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k3, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k4, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k5, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k6, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k7, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k8, x0, x1, x2, x3, x4, x5, x6, x7);
- + aes_round8(k9, x0, x1, x2, x3, x4, x5, x6, x7);
- +
- + x0.write(lpad.as_uqword + i + 0);
- + x1.write(lpad.as_uqword + i + 2);
- + x2.write(lpad.as_uqword + i + 4);
- + x3.write(lpad.as_uqword + i + 6);
- + x4.write(lpad.as_uqword + i + 8);
- + x5.write(lpad.as_uqword + i + 10);
- + x6.write(lpad.as_uqword + i + 12);
- + x7.write(lpad.as_uqword + i + 14);
- + }
- +}
- +
- +#ifdef BUILD32
- +inline uint64_t _umul128(uint64_t multiplier, uint64_t multiplicand, uint64_t* product_hi)
- +{
- + // multiplier = ab = a * 2^32 + b
- + // multiplicand = cd = c * 2^32 + d
- + // ab * cd = a * c * 2^64 + (a * d + b * c) * 2^32 + b * d
- + uint64_t a = multiplier >> 32;
- + uint64_t b = multiplier & 0xFFFFFFFF;
- + uint64_t c = multiplicand >> 32;
- + uint64_t d = multiplicand & 0xFFFFFFFF;
- +
- + uint64_t ac = a * c;
- + uint64_t ad = a * d;
- + uint64_t bc = b * c;
- + uint64_t bd = b * d;
- +
- + uint64_t adbc = ad + bc;
- + uint64_t adbc_carry = adbc < ad ? 1 : 0;
- +
- + // multiplier * multiplicand = product_hi * 2^64 + product_lo
- + uint64_t product_lo = bd + (adbc << 32);
- + uint64_t product_lo_carry = product_lo < bd ? 1 : 0;
- + *product_hi = ac + (adbc >> 32) + (adbc_carry << 32) + product_lo_carry;
- +
- + return product_lo;
- +}
- +#else
- +inline uint64_t _umul128(uint64_t a, uint64_t b, uint64_t* hi)
- +{
- + unsigned __int128 r = (unsigned __int128)a * (unsigned __int128)b;
- + *hi = r >> 64;
- + return (uint64_t)r;
- +}
- +#endif
- +
- +extern "C" void blake256_hash(uint8_t*, const uint8_t*, uint64_t);
- +extern "C" void groestl(const uint8_t*, uint64_t, uint8_t*);
- +extern "C" size_t jh_hash(int, const uint8_t*, size_t databitlen, uint8_t*);
- +extern "C" size_t skein_hash(int, const uint8_t*, size_t, uint8_t*);
- +
- +template<size_t MEMORY, size_t ITER>
- +void cn_slow_hash<MEMORY,ITER>::software_hash(const void* in, size_t len, void* out)
- +{
- + keccak((const uint8_t *)in, len, spad.as_byte, 200);
- +
- + explode_scratchpad_soft();
- +
- + uint64_t* h0 = spad.as_uqword;
- +
- + aesdata ax;
- + ax.v64.x0 = h0[0] ^ h0[4];
- + ax.v64.x1 = h0[1] ^ h0[5];
- +
- + aesdata bx;
- + bx.v64.x0 = h0[2] ^ h0[6];
- + bx.v64.x1 = h0[3] ^ h0[7];
- +
- + aesdata cx;
- + cx.v64.x0 = 0;
- + cx.v64.x1 = 0;
- +
- + for(size_t i = 0; i < ITER/2; i++)
- + {
- + uint64_t hi, lo;
- +
- + ax ^= cx;
- + cx.load(scratchpad_ptr(ax.v64.x0));
- +
- + aes_round(cx, ax);
- +
- + bx ^= cx;
- + bx.write(scratchpad_ptr(ax.v64.x0));
- +
- + bx.load(scratchpad_ptr(cx.v64.x0));
- +
- + lo = _umul128(cx.v64.x0, bx.v64.x0, &hi);
- +
- + ax.v64.x0 += hi;
- + ax.v64.x1 += lo;
- + ax.write(scratchpad_ptr(cx.v64.x0));
- +
- + ax ^= bx;
- + bx.load(scratchpad_ptr(ax.v64.x0));
- +
- + aes_round(bx, ax);
- +
- + cx ^= bx;
- + cx.write(scratchpad_ptr(ax.v64.x0));
- +
- + cx.load(scratchpad_ptr(bx.v64.x0));
- +
- + lo = _umul128(bx.v64.x0, cx.v64.x0, &hi);
- +
- + ax.v64.x0 += hi;
- + ax.v64.x1 += lo;
- + ax.write(scratchpad_ptr(bx.v64.x0));
- + }
- +
- + implode_scratchpad_soft();
- +
- + keccakf(spad.as_uqword, 24);
- +
- + switch(spad.as_byte[0] & 3)
- + {
- + case 0:
- + blake256_hash((uint8_t*)out, spad.as_byte, 200);
- + break;
- + case 1:
- + groestl(spad.as_byte, 200 * 8, (uint8_t*)out);
- + break;
- + case 2:
- + jh_hash(32 * 8, spad.as_byte, 8 * 200, (uint8_t*)out);
- + break;
- + case 3:
- + skein_hash(8 * 32, spad.as_byte, 8 * 200, (uint8_t*)out);
- + break;
- + }
- +}
- +
- +template class cn_slow_hash<2*1024*1024, 0x80000>;
- diff --git "a/c:\\1\\sumokoin/src/crypto/hash-extra-blake.c" "b/c:\\1\\sumokoin/src/crypto/hash-extra-blake.c"
- deleted file mode 100644
- index 15357dc..0000000
- --- "a/c:\\1\\sumokoin/src/crypto/hash-extra-blake.c"
- +++ /dev/null
- @@ -1,38 +0,0 @@
- -// Copyright (c) 2014-2016, The Monero Project
- -//
- -// All rights reserved.
- -//
- -// Redistribution and use in source and binary forms, with or without modification, are
- -// permitted provided that the following conditions are met:
- -//
- -// 1. Redistributions of source code must retain the above copyright notice, this list of
- -// conditions and the following disclaimer.
- -//
- -// 2. Redistributions in binary form must reproduce the above copyright notice, this list
- -// of conditions and the following disclaimer in the documentation and/or other
- -// materials provided with the distribution.
- -//
- -// 3. Neither the name of the copyright holder nor the names of its contributors may be
- -// used to endorse or promote products derived from this software without specific
- -// prior written permission.
- -//
- -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
- -// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- -// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
- -// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- -// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
- -// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- -//
- -// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
- -
- -#include <stddef.h>
- -#include <stdint.h>
- -
- -#include "blake256.h"
- -
- -void hash_extra_blake(const void *data, size_t length, char *hash) {
- - blake256_hash((uint8_t*)hash, data, length);
- -}
- diff --git "a/c:\\1\\sumokoin/src/crypto/hash-extra-groestl.c" "b/c:\\1\\sumokoin/src/crypto/hash-extra-groestl.c"
- deleted file mode 100644
- index 69546ee..0000000
- --- "a/c:\\1\\sumokoin/src/crypto/hash-extra-groestl.c"
- +++ /dev/null
- @@ -1,38 +0,0 @@
- -// Copyright (c) 2014-2016, The Monero Project
- -//
- -// All rights reserved.
- -//
- -// Redistribution and use in source and binary forms, with or without modification, are
- -// permitted provided that the following conditions are met:
- -//
- -// 1. Redistributions of source code must retain the above copyright notice, this list of
- -// conditions and the following disclaimer.
- -//
- -// 2. Redistributions in binary form must reproduce the above copyright notice, this list
- -// of conditions and the following disclaimer in the documentation and/or other
- -// materials provided with the distribution.
- -//
- -// 3. Neither the name of the copyright holder nor the names of its contributors may be
- -// used to endorse or promote products derived from this software without specific
- -// prior written permission.
- -//
- -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
- -// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- -// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
- -// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- -// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
- -// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- -//
- -// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
- -
- -#include <stddef.h>
- -#include <stdint.h>
- -
- -#include "groestl.h"
- -
- -void hash_extra_groestl(const void *data, size_t length, char *hash) {
- - groestl(data, length * 8, (uint8_t*)hash);
- -}
- diff --git "a/c:\\1\\sumokoin/src/crypto/hash-extra-jh.c" "b/c:\\1\\sumokoin/src/crypto/hash-extra-jh.c"
- deleted file mode 100644
- index 5da0894..0000000
- --- "a/c:\\1\\sumokoin/src/crypto/hash-extra-jh.c"
- +++ /dev/null
- @@ -1,42 +0,0 @@
- -// Copyright (c) 2014-2016, The Monero Project
- -//
- -// All rights reserved.
- -//
- -// Redistribution and use in source and binary forms, with or without modification, are
- -// permitted provided that the following conditions are met:
- -//
- -// 1. Redistributions of source code must retain the above copyright notice, this list of
- -// conditions and the following disclaimer.
- -//
- -// 2. Redistributions in binary form must reproduce the above copyright notice, this list
- -// of conditions and the following disclaimer in the documentation and/or other
- -// materials provided with the distribution.
- -//
- -// 3. Neither the name of the copyright holder nor the names of its contributors may be
- -// used to endorse or promote products derived from this software without specific
- -// prior written permission.
- -//
- -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
- -// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- -// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
- -// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- -// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
- -// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- -//
- -// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
- -
- -#include <assert.h>
- -#include <stddef.h>
- -#include <stdint.h>
- -#include <string.h>
- -
- -#include "jh.h"
- -#include "hash-ops.h"
- -
- -void hash_extra_jh(const void *data, size_t length, char *hash) {
- - int r = jh_hash(HASH_SIZE * 8, data, 8 * length, (uint8_t*)hash);
- - assert(SUCCESS == r);
- -}
- diff --git "a/c:\\1\\sumokoin/src/crypto/hash-extra-skein.c" "b/c:\\1\\sumokoin/src/crypto/hash-extra-skein.c"
- deleted file mode 100644
- index babf500..0000000
- --- "a/c:\\1\\sumokoin/src/crypto/hash-extra-skein.c"
- +++ /dev/null
- @@ -1,40 +0,0 @@
- -// Copyright (c) 2014-2016, The Monero Project
- -//
- -// All rights reserved.
- -//
- -// Redistribution and use in source and binary forms, with or without modification, are
- -// permitted provided that the following conditions are met:
- -//
- -// 1. Redistributions of source code must retain the above copyright notice, this list of
- -// conditions and the following disclaimer.
- -//
- -// 2. Redistributions in binary form must reproduce the above copyright notice, this list
- -// of conditions and the following disclaimer in the documentation and/or other
- -// materials provided with the distribution.
- -//
- -// 3. Neither the name of the copyright holder nor the names of its contributors may be
- -// used to endorse or promote products derived from this software without specific
- -// prior written permission.
- -//
- -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
- -// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- -// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
- -// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- -// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
- -// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- -//
- -// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
- -
- -#include <stddef.h>
- -#include <stdint.h>
- -
- -#include "hash-ops.h"
- -#include "skein.h"
- -
- -void hash_extra_skein(const void *data, size_t length, char *hash) {
- - int r = skein_hash(8 * HASH_SIZE, data, 8 * length, (uint8_t*)hash);
- - assert(SKEIN_SUCCESS == r);
- -}
- diff --git "a/c:\\1\\sumokoin/src/crypto/hash-ops.h" "b/c:\\1\\2\\sumokoin/src/crypto/hash-ops.h"
- index 612d94e..9443bdb 100644
- --- "a/c:\\1\\sumokoin/src/crypto/hash-ops.h"
- +++ "b/c:\\1\\2\\sumokoin/src/crypto/hash-ops.h"
- @@ -79,11 +79,4 @@ enum {
- };
- void cn_fast_hash(const void *data, size_t length, char *hash);
- -void cn_slow_hash(const void *data, size_t length, char *hash);
- -
- -void hash_extra_blake(const void *data, size_t length, char *hash);
- -void hash_extra_groestl(const void *data, size_t length, char *hash);
- -void hash_extra_jh(const void *data, size_t length, char *hash);
- -void hash_extra_skein(const void *data, size_t length, char *hash);
- -
- void tree_hash(const char (*hashes)[HASH_SIZE], size_t count, char *root_hash);
- diff --git "a/c:\\1\\sumokoin/src/crypto/hash.h" "b/c:\\1\\2\\sumokoin/src/crypto/hash.h"
- index 8039920..e591b6b 100644
- --- "a/c:\\1\\sumokoin/src/crypto/hash.h"
- +++ "b/c:\\1\\2\\sumokoin/src/crypto/hash.h"
- @@ -67,10 +67,6 @@ namespace crypto {
- return h;
- }
- - inline void cn_slow_hash(const void *data, std::size_t length, hash &hash) {
- - cn_slow_hash(data, length, reinterpret_cast<char *>(&hash));
- - }
- -
- inline void tree_hash(const hash *hashes, std::size_t count, hash &root_hash) {
- tree_hash(reinterpret_cast<const char (*)[HASH_SIZE]>(hashes), count, reinterpret_cast<char *>(&root_hash));
- }
- diff --git "a/c:\\1\\sumokoin/src/crypto/keccak.h" "b/c:\\1\\2\\sumokoin/src/crypto/keccak.h"
- index fbd8e19..ae39231 100644
- --- "a/c:\\1\\sumokoin/src/crypto/keccak.h"
- +++ "b/c:\\1\\2\\sumokoin/src/crypto/keccak.h"
- @@ -7,6 +7,10 @@
- #include <stdint.h>
- #include <string.h>
- +#ifdef __cplusplus
- +extern "C" {
- +#endif
- +
- #ifndef KECCAK_ROUNDS
- #define KECCAK_ROUNDS 24
- #endif
- @@ -23,4 +27,8 @@ void keccakf(uint64_t st[25], int norounds);
- void keccak1600(const uint8_t *in, size_t inlen, uint8_t *md);
- +#ifdef __cplusplus
- +}
- +#endif
- +
- #endif
- diff --git "a/c:\\1\\sumokoin/src/crypto/oaes_config.h" "b/c:\\1\\sumokoin/src/crypto/oaes_config.h"
- deleted file mode 100644
- index 3fc0e1b..0000000
- --- "a/c:\\1\\sumokoin/src/crypto/oaes_config.h"
- +++ /dev/null
- @@ -1,50 +0,0 @@
- -/*
- - * ---------------------------------------------------------------------------
- - * OpenAES License
- - * ---------------------------------------------------------------------------
- - * Copyright (c) 2012, Nabil S. Al Ramli, www.nalramli.com
- - * All rights reserved.
- - *
- - * Redistribution and use in source and binary forms, with or without
- - * modification, are permitted provided that the following conditions are met:
- - *
- - * - Redistributions of source code must retain the above copyright notice,
- - * this list of conditions and the following disclaimer.
- - * - Redistributions in binary form must reproduce the above copyright
- - * notice, this list of conditions and the following disclaimer in the
- - * documentation and/or other materials provided with the distribution.
- - *
- - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
- - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- - * POSSIBILITY OF SUCH DAMAGE.
- - * ---------------------------------------------------------------------------
- - */
- -
- -#ifndef _OAES_CONFIG_H
- -#define _OAES_CONFIG_H
- -
- -#ifdef __cplusplus
- -extern "C" {
- -#endif
- -
- -//#ifndef OAES_HAVE_ISAAC
- -//#define OAES_HAVE_ISAAC 1
- -//#endif // OAES_HAVE_ISAAC
- -
- -//#ifndef OAES_DEBUG
- -//#define OAES_DEBUG 0
- -//#endif // OAES_DEBUG
- -
- -#ifdef __cplusplus
- -}
- -#endif
- -
- -#endif // _OAES_CONFIG_H
- diff --git "a/c:\\1\\sumokoin/src/crypto/oaes_lib.c" "b/c:\\1\\sumokoin/src/crypto/oaes_lib.c"
- deleted file mode 100644
- index e7226de..0000000
- --- "a/c:\\1\\sumokoin/src/crypto/oaes_lib.c"
- +++ /dev/null
- @@ -1,1499 +0,0 @@
- -/*
- - * ---------------------------------------------------------------------------
- - * OpenAES License
- - * ---------------------------------------------------------------------------
- - * Copyright (c) 2012, Nabil S. Al Ramli, www.nalramli.com
- - * All rights reserved.
- - *
- - * Redistribution and use in source and binary forms, with or without
- - * modification, are permitted provided that the following conditions are met:
- - *
- - * - Redistributions of source code must retain the above copyright notice,
- - * this list of conditions and the following disclaimer.
- - * - Redistributions in binary form must reproduce the above copyright
- - * notice, this list of conditions and the following disclaimer in the
- - * documentation and/or other materials provided with the distribution.
- - *
- - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
- - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- - * POSSIBILITY OF SUCH DAMAGE.
- - * ---------------------------------------------------------------------------
- - */
- -#include <stddef.h>
- -#include <time.h>
- -#include <string.h>
- -#include <stdlib.h>
- -#include <stdio.h>
- -
- -// OS X, FreeBSD, and OpenBSD don't need malloc.h
- -#if !defined(__APPLE__) && !defined(__FreeBSD__) && !defined(__OpenBSD__)
- - #include <malloc.h>
- -#endif
- -
- -// FreeBSD, OpenBSD and Android also don't need timeb.h
- -#if !defined(__FreeBSD__) && !defined(__OpenBSD__) && !defined(__ANDROID__)
- - #include <sys/timeb.h>
- -#else
- - #include <sys/time.h>
- -#endif
- -
- -#ifdef WIN32
- -#include <process.h>
- -#else
- -#include <sys/types.h>
- -#include <unistd.h>
- -#endif
- -
- -#include "oaes_config.h"
- -#include "oaes_lib.h"
- -
- -#ifdef OAES_HAVE_ISAAC
- -#include "rand.h"
- -#endif // OAES_HAVE_ISAAC
- -
- -#define OAES_RKEY_LEN 4
- -#define OAES_COL_LEN 4
- -#define OAES_ROUND_BASE 7
- -
- -// the block is padded
- -#define OAES_FLAG_PAD 0x01
- -
- -#ifndef min
- -# define min(a,b) (((a)<(b)) ? (a) : (b))
- -#endif /* min */
- -
- -// "OAES<8-bit header version><8-bit type><16-bit options><8-bit flags><56-bit reserved>"
- -static uint8_t oaes_header[OAES_BLOCK_SIZE] = {
- - // 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f,
- - /*0*/ 0x4f, 0x41, 0x45, 0x53, 0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- -};
- -static uint8_t oaes_gf_8[] = {
- - 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36 };
- -
- -static uint8_t oaes_sub_byte_value[16][16] = {
- - // 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f,
- - /*0*/ { 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76 },
- - /*1*/ { 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0 },
- - /*2*/ { 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15 },
- - /*3*/ { 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75 },
- - /*4*/ { 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84 },
- - /*5*/ { 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf },
- - /*6*/ { 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8 },
- - /*7*/ { 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2 },
- - /*8*/ { 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73 },
- - /*9*/ { 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb },
- - /*a*/ { 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79 },
- - /*b*/ { 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08 },
- - /*c*/ { 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a },
- - /*d*/ { 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e },
- - /*e*/ { 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf },
- - /*f*/ { 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 },
- -};
- -
- -static uint8_t oaes_inv_sub_byte_value[16][16] = {
- - // 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f,
- - /*0*/ { 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb },
- - /*1*/ { 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb },
- - /*2*/ { 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e },
- - /*3*/ { 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 },
- - /*4*/ { 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 },
- - /*5*/ { 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 },
- - /*6*/ { 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 },
- - /*7*/ { 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b },
- - /*8*/ { 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 },
- - /*9*/ { 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e },
- - /*a*/ { 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b },
- - /*b*/ { 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 },
- - /*c*/ { 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f },
- - /*d*/ { 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef },
- - /*e*/ { 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 },
- - /*f*/ { 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d },
- -};
- -
- -static uint8_t oaes_gf_mul_2[16][16] = {
- - // 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f,
- - /*0*/ { 0x00, 0x02, 0x04, 0x06, 0x08, 0x0a, 0x0c, 0x0e, 0x10, 0x12, 0x14, 0x16, 0x18, 0x1a, 0x1c, 0x1e },
- - /*1*/ { 0x20, 0x22, 0x24, 0x26, 0x28, 0x2a, 0x2c, 0x2e, 0x30, 0x32, 0x34, 0x36, 0x38, 0x3a, 0x3c, 0x3e },
- - /*2*/ { 0x40, 0x42, 0x44, 0x46, 0x48, 0x4a, 0x4c, 0x4e, 0x50, 0x52, 0x54, 0x56, 0x58, 0x5a, 0x5c, 0x5e },
- - /*3*/ { 0x60, 0x62, 0x64, 0x66, 0x68, 0x6a, 0x6c, 0x6e, 0x70, 0x72, 0x74, 0x76, 0x78, 0x7a, 0x7c, 0x7e },
- - /*4*/ { 0x80, 0x82, 0x84, 0x86, 0x88, 0x8a, 0x8c, 0x8e, 0x90, 0x92, 0x94, 0x96, 0x98, 0x9a, 0x9c, 0x9e },
- - /*5*/ { 0xa0, 0xa2, 0xa4, 0xa6, 0xa8, 0xaa, 0xac, 0xae, 0xb0, 0xb2, 0xb4, 0xb6, 0xb8, 0xba, 0xbc, 0xbe },
- - /*6*/ { 0xc0, 0xc2, 0xc4, 0xc6, 0xc8, 0xca, 0xcc, 0xce, 0xd0, 0xd2, 0xd4, 0xd6, 0xd8, 0xda, 0xdc, 0xde },
- - /*7*/ { 0xe0, 0xe2, 0xe4, 0xe6, 0xe8, 0xea, 0xec, 0xee, 0xf0, 0xf2, 0xf4, 0xf6, 0xf8, 0xfa, 0xfc, 0xfe },
- - /*8*/ { 0x1b, 0x19, 0x1f, 0x1d, 0x13, 0x11, 0x17, 0x15, 0x0b, 0x09, 0x0f, 0x0d, 0x03, 0x01, 0x07, 0x05 },
- - /*9*/ { 0x3b, 0x39, 0x3f, 0x3d, 0x33, 0x31, 0x37, 0x35, 0x2b, 0x29, 0x2f, 0x2d, 0x23, 0x21, 0x27, 0x25 },
- - /*a*/ { 0x5b, 0x59, 0x5f, 0x5d, 0x53, 0x51, 0x57, 0x55, 0x4b, 0x49, 0x4f, 0x4d, 0x43, 0x41, 0x47, 0x45 },
- - /*b*/ { 0x7b, 0x79, 0x7f, 0x7d, 0x73, 0x71, 0x77, 0x75, 0x6b, 0x69, 0x6f, 0x6d, 0x63, 0x61, 0x67, 0x65 },
- - /*c*/ { 0x9b, 0x99, 0x9f, 0x9d, 0x93, 0x91, 0x97, 0x95, 0x8b, 0x89, 0x8f, 0x8d, 0x83, 0x81, 0x87, 0x85 },
- - /*d*/ { 0xbb, 0xb9, 0xbf, 0xbd, 0xb3, 0xb1, 0xb7, 0xb5, 0xab, 0xa9, 0xaf, 0xad, 0xa3, 0xa1, 0xa7, 0xa5 },
- - /*e*/ { 0xdb, 0xd9, 0xdf, 0xdd, 0xd3, 0xd1, 0xd7, 0xd5, 0xcb, 0xc9, 0xcf, 0xcd, 0xc3, 0xc1, 0xc7, 0xc5 },
- - /*f*/ { 0xfb, 0xf9, 0xff, 0xfd, 0xf3, 0xf1, 0xf7, 0xf5, 0xeb, 0xe9, 0xef, 0xed, 0xe3, 0xe1, 0xe7, 0xe5 },
- -};
- -
- -static uint8_t oaes_gf_mul_3[16][16] = {
- - // 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f,
- - /*0*/ { 0x00, 0x03, 0x06, 0x05, 0x0c, 0x0f, 0x0a, 0x09, 0x18, 0x1b, 0x1e, 0x1d, 0x14, 0x17, 0x12, 0x11 },
- - /*1*/ { 0x30, 0x33, 0x36, 0x35, 0x3c, 0x3f, 0x3a, 0x39, 0x28, 0x2b, 0x2e, 0x2d, 0x24, 0x27, 0x22, 0x21 },
- - /*2*/ { 0x60, 0x63, 0x66, 0x65, 0x6c, 0x6f, 0x6a, 0x69, 0x78, 0x7b, 0x7e, 0x7d, 0x74, 0x77, 0x72, 0x71 },
- - /*3*/ { 0x50, 0x53, 0x56, 0x55, 0x5c, 0x5f, 0x5a, 0x59, 0x48, 0x4b, 0x4e, 0x4d, 0x44, 0x47, 0x42, 0x41 },
- - /*4*/ { 0xc0, 0xc3, 0xc6, 0xc5, 0xcc, 0xcf, 0xca, 0xc9, 0xd8, 0xdb, 0xde, 0xdd, 0xd4, 0xd7, 0xd2, 0xd1 },
- - /*5*/ { 0xf0, 0xf3, 0xf6, 0xf5, 0xfc, 0xff, 0xfa, 0xf9, 0xe8, 0xeb, 0xee, 0xed, 0xe4, 0xe7, 0xe2, 0xe1 },
- - /*6*/ { 0xa0, 0xa3, 0xa6, 0xa5, 0xac, 0xaf, 0xaa, 0xa9, 0xb8, 0xbb, 0xbe, 0xbd, 0xb4, 0xb7, 0xb2, 0xb1 },
- - /*7*/ { 0x90, 0x93, 0x96, 0x95, 0x9c, 0x9f, 0x9a, 0x99, 0x88, 0x8b, 0x8e, 0x8d, 0x84, 0x87, 0x82, 0x81 },
- - /*8*/ { 0x9b, 0x98, 0x9d, 0x9e, 0x97, 0x94, 0x91, 0x92, 0x83, 0x80, 0x85, 0x86, 0x8f, 0x8c, 0x89, 0x8a },
- - /*9*/ { 0xab, 0xa8, 0xad, 0xae, 0xa7, 0xa4, 0xa1, 0xa2, 0xb3, 0xb0, 0xb5, 0xb6, 0xbf, 0xbc, 0xb9, 0xba },
- - /*a*/ { 0xfb, 0xf8, 0xfd, 0xfe, 0xf7, 0xf4, 0xf1, 0xf2, 0xe3, 0xe0, 0xe5, 0xe6, 0xef, 0xec, 0xe9, 0xea },
- - /*b*/ { 0xcb, 0xc8, 0xcd, 0xce, 0xc7, 0xc4, 0xc1, 0xc2, 0xd3, 0xd0, 0xd5, 0xd6, 0xdf, 0xdc, 0xd9, 0xda },
- - /*c*/ { 0x5b, 0x58, 0x5d, 0x5e, 0x57, 0x54, 0x51, 0x52, 0x43, 0x40, 0x45, 0x46, 0x4f, 0x4c, 0x49, 0x4a },
- - /*d*/ { 0x6b, 0x68, 0x6d, 0x6e, 0x67, 0x64, 0x61, 0x62, 0x73, 0x70, 0x75, 0x76, 0x7f, 0x7c, 0x79, 0x7a },
- - /*e*/ { 0x3b, 0x38, 0x3d, 0x3e, 0x37, 0x34, 0x31, 0x32, 0x23, 0x20, 0x25, 0x26, 0x2f, 0x2c, 0x29, 0x2a },
- - /*f*/ { 0x0b, 0x08, 0x0d, 0x0e, 0x07, 0x04, 0x01, 0x02, 0x13, 0x10, 0x15, 0x16, 0x1f, 0x1c, 0x19, 0x1a },
- -};
- -
- -static uint8_t oaes_gf_mul_9[16][16] = {
- - // 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f,
- - /*0*/ { 0x00, 0x09, 0x12, 0x1b, 0x24, 0x2d, 0x36, 0x3f, 0x48, 0x41, 0x5a, 0x53, 0x6c, 0x65, 0x7e, 0x77 },
- - /*1*/ { 0x90, 0x99, 0x82, 0x8b, 0xb4, 0xbd, 0xa6, 0xaf, 0xd8, 0xd1, 0xca, 0xc3, 0xfc, 0xf5, 0xee, 0xe7 },
- - /*2*/ { 0x3b, 0x32, 0x29, 0x20, 0x1f, 0x16, 0x0d, 0x04, 0x73, 0x7a, 0x61, 0x68, 0x57, 0x5e, 0x45, 0x4c },
- - /*3*/ { 0xab, 0xa2, 0xb9, 0xb0, 0x8f, 0x86, 0x9d, 0x94, 0xe3, 0xea, 0xf1, 0xf8, 0xc7, 0xce, 0xd5, 0xdc },
- - /*4*/ { 0x76, 0x7f, 0x64, 0x6d, 0x52, 0x5b, 0x40, 0x49, 0x3e, 0x37, 0x2c, 0x25, 0x1a, 0x13, 0x08, 0x01 },
- - /*5*/ { 0xe6, 0xef, 0xf4, 0xfd, 0xc2, 0xcb, 0xd0, 0xd9, 0xae, 0xa7, 0xbc, 0xb5, 0x8a, 0x83, 0x98, 0x91 },
- - /*6*/ { 0x4d, 0x44, 0x5f, 0x56, 0x69, 0x60, 0x7b, 0x72, 0x05, 0x0c, 0x17, 0x1e, 0x21, 0x28, 0x33, 0x3a },
- - /*7*/ { 0xdd, 0xd4, 0xcf, 0xc6, 0xf9, 0xf0, 0xeb, 0xe2, 0x95, 0x9c, 0x87, 0x8e, 0xb1, 0xb8, 0xa3, 0xaa },
- - /*8*/ { 0xec, 0xe5, 0xfe, 0xf7, 0xc8, 0xc1, 0xda, 0xd3, 0xa4, 0xad, 0xb6, 0xbf, 0x80, 0x89, 0x92, 0x9b },
- - /*9*/ { 0x7c, 0x75, 0x6e, 0x67, 0x58, 0x51, 0x4a, 0x43, 0x34, 0x3d, 0x26, 0x2f, 0x10, 0x19, 0x02, 0x0b },
- - /*a*/ { 0xd7, 0xde, 0xc5, 0xcc, 0xf3, 0xfa, 0xe1, 0xe8, 0x9f, 0x96, 0x8d, 0x84, 0xbb, 0xb2, 0xa9, 0xa0 },
- - /*b*/ { 0x47, 0x4e, 0x55, 0x5c, 0x63, 0x6a, 0x71, 0x78, 0x0f, 0x06, 0x1d, 0x14, 0x2b, 0x22, 0x39, 0x30 },
- - /*c*/ { 0x9a, 0x93, 0x88, 0x81, 0xbe, 0xb7, 0xac, 0xa5, 0xd2, 0xdb, 0xc0, 0xc9, 0xf6, 0xff, 0xe4, 0xed },
- - /*d*/ { 0x0a, 0x03, 0x18, 0x11, 0x2e, 0x27, 0x3c, 0x35, 0x42, 0x4b, 0x50, 0x59, 0x66, 0x6f, 0x74, 0x7d },
- - /*e*/ { 0xa1, 0xa8, 0xb3, 0xba, 0x85, 0x8c, 0x97, 0x9e, 0xe9, 0xe0, 0xfb, 0xf2, 0xcd, 0xc4, 0xdf, 0xd6 },
- - /*f*/ { 0x31, 0x38, 0x23, 0x2a, 0x15, 0x1c, 0x07, 0x0e, 0x79, 0x70, 0x6b, 0x62, 0x5d, 0x54, 0x4f, 0x46 },
- -};
- -
- -static uint8_t oaes_gf_mul_b[16][16] = {
- - // 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f,
- - /*0*/ { 0x00, 0x0b, 0x16, 0x1d, 0x2c, 0x27, 0x3a, 0x31, 0x58, 0x53, 0x4e, 0x45, 0x74, 0x7f, 0x62, 0x69 },
- - /*1*/ { 0xb0, 0xbb, 0xa6, 0xad, 0x9c, 0x97, 0x8a, 0x81, 0xe8, 0xe3, 0xfe, 0xf5, 0xc4, 0xcf, 0xd2, 0xd9 },
- - /*2*/ { 0x7b, 0x70, 0x6d, 0x66, 0x57, 0x5c, 0x41, 0x4a, 0x23, 0x28, 0x35, 0x3e, 0x0f, 0x04, 0x19, 0x12 },
- - /*3*/ { 0xcb, 0xc0, 0xdd, 0xd6, 0xe7, 0xec, 0xf1, 0xfa, 0x93, 0x98, 0x85, 0x8e, 0xbf, 0xb4, 0xa9, 0xa2 },
- - /*4*/ { 0xf6, 0xfd, 0xe0, 0xeb, 0xda, 0xd1, 0xcc, 0xc7, 0xae, 0xa5, 0xb8, 0xb3, 0x82, 0x89, 0x94, 0x9f },
- - /*5*/ { 0x46, 0x4d, 0x50, 0x5b, 0x6a, 0x61, 0x7c, 0x77, 0x1e, 0x15, 0x08, 0x03, 0x32, 0x39, 0x24, 0x2f },
- - /*6*/ { 0x8d, 0x86, 0x9b, 0x90, 0xa1, 0xaa, 0xb7, 0xbc, 0xd5, 0xde, 0xc3, 0xc8, 0xf9, 0xf2, 0xef, 0xe4 },
- - /*7*/ { 0x3d, 0x36, 0x2b, 0x20, 0x11, 0x1a, 0x07, 0x0c, 0x65, 0x6e, 0x73, 0x78, 0x49, 0x42, 0x5f, 0x54 },
- - /*8*/ { 0xf7, 0xfc, 0xe1, 0xea, 0xdb, 0xd0, 0xcd, 0xc6, 0xaf, 0xa4, 0xb9, 0xb2, 0x83, 0x88, 0x95, 0x9e },
- - /*9*/ { 0x47, 0x4c, 0x51, 0x5a, 0x6b, 0x60, 0x7d, 0x76, 0x1f, 0x14, 0x09, 0x02, 0x33, 0x38, 0x25, 0x2e },
- - /*a*/ { 0x8c, 0x87, 0x9a, 0x91, 0xa0, 0xab, 0xb6, 0xbd, 0xd4, 0xdf, 0xc2, 0xc9, 0xf8, 0xf3, 0xee, 0xe5 },
- - /*b*/ { 0x3c, 0x37, 0x2a, 0x21, 0x10, 0x1b, 0x06, 0x0d, 0x64, 0x6f, 0x72, 0x79, 0x48, 0x43, 0x5e, 0x55 },
- - /*c*/ { 0x01, 0x0a, 0x17, 0x1c, 0x2d, 0x26, 0x3b, 0x30, 0x59, 0x52, 0x4f, 0x44, 0x75, 0x7e, 0x63, 0x68 },
- - /*d*/ { 0xb1, 0xba, 0xa7, 0xac, 0x9d, 0x96, 0x8b, 0x80, 0xe9, 0xe2, 0xff, 0xf4, 0xc5, 0xce, 0xd3, 0xd8 },
- - /*e*/ { 0x7a, 0x71, 0x6c, 0x67, 0x56, 0x5d, 0x40, 0x4b, 0x22, 0x29, 0x34, 0x3f, 0x0e, 0x05, 0x18, 0x13 },
- - /*f*/ { 0xca, 0xc1, 0xdc, 0xd7, 0xe6, 0xed, 0xf0, 0xfb, 0x92, 0x99, 0x84, 0x8f, 0xbe, 0xb5, 0xa8, 0xa3 },
- -};
- -
- -static uint8_t oaes_gf_mul_d[16][16] = {
- - // 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f,
- - /*0*/ { 0x00, 0x0d, 0x1a, 0x17, 0x34, 0x39, 0x2e, 0x23, 0x68, 0x65, 0x72, 0x7f, 0x5c, 0x51, 0x46, 0x4b },
- - /*1*/ { 0xd0, 0xdd, 0xca, 0xc7, 0xe4, 0xe9, 0xfe, 0xf3, 0xb8, 0xb5, 0xa2, 0xaf, 0x8c, 0x81, 0x96, 0x9b },
- - /*2*/ { 0xbb, 0xb6, 0xa1, 0xac, 0x8f, 0x82, 0x95, 0x98, 0xd3, 0xde, 0xc9, 0xc4, 0xe7, 0xea, 0xfd, 0xf0 },
- - /*3*/ { 0x6b, 0x66, 0x71, 0x7c, 0x5f, 0x52, 0x45, 0x48, 0x03, 0x0e, 0x19, 0x14, 0x37, 0x3a, 0x2d, 0x20 },
- - /*4*/ { 0x6d, 0x60, 0x77, 0x7a, 0x59, 0x54, 0x43, 0x4e, 0x05, 0x08, 0x1f, 0x12, 0x31, 0x3c, 0x2b, 0x26 },
- - /*5*/ { 0xbd, 0xb0, 0xa7, 0xaa, 0x89, 0x84, 0x93, 0x9e, 0xd5, 0xd8, 0xcf, 0xc2, 0xe1, 0xec, 0xfb, 0xf6 },
- - /*6*/ { 0xd6, 0xdb, 0xcc, 0xc1, 0xe2, 0xef, 0xf8, 0xf5, 0xbe, 0xb3, 0xa4, 0xa9, 0x8a, 0x87, 0x90, 0x9d },
- - /*7*/ { 0x06, 0x0b, 0x1c, 0x11, 0x32, 0x3f, 0x28, 0x25, 0x6e, 0x63, 0x74, 0x79, 0x5a, 0x57, 0x40, 0x4d },
- - /*8*/ { 0xda, 0xd7, 0xc0, 0xcd, 0xee, 0xe3, 0xf4, 0xf9, 0xb2, 0xbf, 0xa8, 0xa5, 0x86, 0x8b, 0x9c, 0x91 },
- - /*9*/ { 0x0a, 0x07, 0x10, 0x1d, 0x3e, 0x33, 0x24, 0x29, 0x62, 0x6f, 0x78, 0x75, 0x56, 0x5b, 0x4c, 0x41 },
- - /*a*/ { 0x61, 0x6c, 0x7b, 0x76, 0x55, 0x58, 0x4f, 0x42, 0x09, 0x04, 0x13, 0x1e, 0x3d, 0x30, 0x27, 0x2a },
- - /*b*/ { 0xb1, 0xbc, 0xab, 0xa6, 0x85, 0x88, 0x9f, 0x92, 0xd9, 0xd4, 0xc3, 0xce, 0xed, 0xe0, 0xf7, 0xfa },
- - /*c*/ { 0xb7, 0xba, 0xad, 0xa0, 0x83, 0x8e, 0x99, 0x94, 0xdf, 0xd2, 0xc5, 0xc8, 0xeb, 0xe6, 0xf1, 0xfc },
- - /*d*/ { 0x67, 0x6a, 0x7d, 0x70, 0x53, 0x5e, 0x49, 0x44, 0x0f, 0x02, 0x15, 0x18, 0x3b, 0x36, 0x21, 0x2c },
- - /*e*/ { 0x0c, 0x01, 0x16, 0x1b, 0x38, 0x35, 0x22, 0x2f, 0x64, 0x69, 0x7e, 0x73, 0x50, 0x5d, 0x4a, 0x47 },
- - /*f*/ { 0xdc, 0xd1, 0xc6, 0xcb, 0xe8, 0xe5, 0xf2, 0xff, 0xb4, 0xb9, 0xae, 0xa3, 0x80, 0x8d, 0x9a, 0x97 },
- -};
- -
- -static uint8_t oaes_gf_mul_e[16][16] = {
- - // 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f,
- - /*0*/ { 0x00, 0x0e, 0x1c, 0x12, 0x38, 0x36, 0x24, 0x2a, 0x70, 0x7e, 0x6c, 0x62, 0x48, 0x46, 0x54, 0x5a },
- - /*1*/ { 0xe0, 0xee, 0xfc, 0xf2, 0xd8, 0xd6, 0xc4, 0xca, 0x90, 0x9e, 0x8c, 0x82, 0xa8, 0xa6, 0xb4, 0xba },
- - /*2*/ { 0xdb, 0xd5, 0xc7, 0xc9, 0xe3, 0xed, 0xff, 0xf1, 0xab, 0xa5, 0xb7, 0xb9, 0x93, 0x9d, 0x8f, 0x81 },
- - /*3*/ { 0x3b, 0x35, 0x27, 0x29, 0x03, 0x0d, 0x1f, 0x11, 0x4b, 0x45, 0x57, 0x59, 0x73, 0x7d, 0x6f, 0x61 },
- - /*4*/ { 0xad, 0xa3, 0xb1, 0xbf, 0x95, 0x9b, 0x89, 0x87, 0xdd, 0xd3, 0xc1, 0xcf, 0xe5, 0xeb, 0xf9, 0xf7 },
- - /*5*/ { 0x4d, 0x43, 0x51, 0x5f, 0x75, 0x7b, 0x69, 0x67, 0x3d, 0x33, 0x21, 0x2f, 0x05, 0x0b, 0x19, 0x17 },
- - /*6*/ { 0x76, 0x78, 0x6a, 0x64, 0x4e, 0x40, 0x52, 0x5c, 0x06, 0x08, 0x1a, 0x14, 0x3e, 0x30, 0x22, 0x2c },
- - /*7*/ { 0x96, 0x98, 0x8a, 0x84, 0xae, 0xa0, 0xb2, 0xbc, 0xe6, 0xe8, 0xfa, 0xf4, 0xde, 0xd0, 0xc2, 0xcc },
- - /*8*/ { 0x41, 0x4f, 0x5d, 0x53, 0x79, 0x77, 0x65, 0x6b, 0x31, 0x3f, 0x2d, 0x23, 0x09, 0x07, 0x15, 0x1b },
- - /*9*/ { 0xa1, 0xaf, 0xbd, 0xb3, 0x99, 0x97, 0x85, 0x8b, 0xd1, 0xdf, 0xcd, 0xc3, 0xe9, 0xe7, 0xf5, 0xfb },
- - /*a*/ { 0x9a, 0x94, 0x86, 0x88, 0xa2, 0xac, 0xbe, 0xb0, 0xea, 0xe4, 0xf6, 0xf8, 0xd2, 0xdc, 0xce, 0xc0 },
- - /*b*/ { 0x7a, 0x74, 0x66, 0x68, 0x42, 0x4c, 0x5e, 0x50, 0x0a, 0x04, 0x16, 0x18, 0x32, 0x3c, 0x2e, 0x20 },
- - /*c*/ { 0xec, 0xe2, 0xf0, 0xfe, 0xd4, 0xda, 0xc8, 0xc6, 0x9c, 0x92, 0x80, 0x8e, 0xa4, 0xaa, 0xb8, 0xb6 },
- - /*d*/ { 0x0c, 0x02, 0x10, 0x1e, 0x34, 0x3a, 0x28, 0x26, 0x7c, 0x72, 0x60, 0x6e, 0x44, 0x4a, 0x58, 0x56 },
- - /*e*/ { 0x37, 0x39, 0x2b, 0x25, 0x0f, 0x01, 0x13, 0x1d, 0x47, 0x49, 0x5b, 0x55, 0x7f, 0x71, 0x63, 0x6d },
- - /*f*/ { 0xd7, 0xd9, 0xcb, 0xc5, 0xef, 0xe1, 0xf3, 0xfd, 0xa7, 0xa9, 0xbb, 0xb5, 0x9f, 0x91, 0x83, 0x8d },
- -};
- -
- -static OAES_RET oaes_sub_byte( uint8_t * byte )
- -{
- - size_t _x, _y;
- -
- - if( NULL == byte )
- - return OAES_RET_ARG1;
- -
- - _x = _y = *byte;
- - _x &= 0x0f;
- - _y &= 0xf0;
- - _y >>= 4;
- - *byte = oaes_sub_byte_value[_y][_x];
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -static OAES_RET oaes_inv_sub_byte( uint8_t * byte )
- -{
- - size_t _x, _y;
- -
- - if( NULL == byte )
- - return OAES_RET_ARG1;
- -
- - _x = _y = *byte;
- - _x &= 0x0f;
- - _y &= 0xf0;
- - _y >>= 4;
- - *byte = oaes_inv_sub_byte_value[_y][_x];
- -
- - return OAES_RET_SUCCESS;
- -}
- -/*
- -static OAES_RET oaes_word_rot_right( uint8_t word[OAES_COL_LEN] )
- -{
- - uint8_t _temp[OAES_COL_LEN];
- -
- - if( NULL == word )
- - return OAES_RET_ARG1;
- -
- - memcpy( _temp + 1, word, OAES_COL_LEN - 1 );
- - _temp[0] = word[OAES_COL_LEN - 1];
- - memcpy( word, _temp, OAES_COL_LEN );
- -
- - return OAES_RET_SUCCESS;
- -}
- -*/
- -static OAES_RET oaes_word_rot_left( uint8_t word[OAES_COL_LEN] )
- -{
- - uint8_t _temp[OAES_COL_LEN];
- -
- - if( NULL == word )
- - return OAES_RET_ARG1;
- -
- - memcpy( _temp, word + 1, OAES_COL_LEN - 1 );
- - _temp[OAES_COL_LEN - 1] = word[0];
- - memcpy( word, _temp, OAES_COL_LEN );
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -static OAES_RET oaes_shift_rows( uint8_t block[OAES_BLOCK_SIZE] )
- -{
- - uint8_t _temp[OAES_BLOCK_SIZE];
- -
- - if( NULL == block )
- - return OAES_RET_ARG1;
- -
- - _temp[0x00] = block[0x00];
- - _temp[0x01] = block[0x05];
- - _temp[0x02] = block[0x0a];
- - _temp[0x03] = block[0x0f];
- - _temp[0x04] = block[0x04];
- - _temp[0x05] = block[0x09];
- - _temp[0x06] = block[0x0e];
- - _temp[0x07] = block[0x03];
- - _temp[0x08] = block[0x08];
- - _temp[0x09] = block[0x0d];
- - _temp[0x0a] = block[0x02];
- - _temp[0x0b] = block[0x07];
- - _temp[0x0c] = block[0x0c];
- - _temp[0x0d] = block[0x01];
- - _temp[0x0e] = block[0x06];
- - _temp[0x0f] = block[0x0b];
- - memcpy( block, _temp, OAES_BLOCK_SIZE );
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -static OAES_RET oaes_inv_shift_rows( uint8_t block[OAES_BLOCK_SIZE] )
- -{
- - uint8_t _temp[OAES_BLOCK_SIZE];
- -
- - if( NULL == block )
- - return OAES_RET_ARG1;
- -
- - _temp[0x00] = block[0x00];
- - _temp[0x01] = block[0x0d];
- - _temp[0x02] = block[0x0a];
- - _temp[0x03] = block[0x07];
- - _temp[0x04] = block[0x04];
- - _temp[0x05] = block[0x01];
- - _temp[0x06] = block[0x0e];
- - _temp[0x07] = block[0x0b];
- - _temp[0x08] = block[0x08];
- - _temp[0x09] = block[0x05];
- - _temp[0x0a] = block[0x02];
- - _temp[0x0b] = block[0x0f];
- - _temp[0x0c] = block[0x0c];
- - _temp[0x0d] = block[0x09];
- - _temp[0x0e] = block[0x06];
- - _temp[0x0f] = block[0x03];
- - memcpy( block, _temp, OAES_BLOCK_SIZE );
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -static uint8_t oaes_gf_mul(uint8_t left, uint8_t right)
- -{
- - size_t _x, _y;
- -
- - _x = _y = left;
- - _x &= 0x0f;
- - _y &= 0xf0;
- - _y >>= 4;
- -
- - switch( right )
- - {
- - case 0x02:
- - return oaes_gf_mul_2[_y][_x];
- - break;
- - case 0x03:
- - return oaes_gf_mul_3[_y][_x];
- - break;
- - case 0x09:
- - return oaes_gf_mul_9[_y][_x];
- - break;
- - case 0x0b:
- - return oaes_gf_mul_b[_y][_x];
- - break;
- - case 0x0d:
- - return oaes_gf_mul_d[_y][_x];
- - break;
- - case 0x0e:
- - return oaes_gf_mul_e[_y][_x];
- - break;
- - default:
- - return left;
- - break;
- - }
- -}
- -
- -static OAES_RET oaes_mix_cols( uint8_t word[OAES_COL_LEN] )
- -{
- - uint8_t _temp[OAES_COL_LEN];
- -
- - if( NULL == word )
- - return OAES_RET_ARG1;
- -
- - _temp[0] = oaes_gf_mul(word[0], 0x02) ^ oaes_gf_mul( word[1], 0x03 ) ^
- - word[2] ^ word[3];
- - _temp[1] = word[0] ^ oaes_gf_mul( word[1], 0x02 ) ^
- - oaes_gf_mul( word[2], 0x03 ) ^ word[3];
- - _temp[2] = word[0] ^ word[1] ^
- - oaes_gf_mul( word[2], 0x02 ) ^ oaes_gf_mul( word[3], 0x03 );
- - _temp[3] = oaes_gf_mul( word[0], 0x03 ) ^ word[1] ^
- - word[2] ^ oaes_gf_mul( word[3], 0x02 );
- - memcpy( word, _temp, OAES_COL_LEN );
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -static OAES_RET oaes_inv_mix_cols( uint8_t word[OAES_COL_LEN] )
- -{
- - uint8_t _temp[OAES_COL_LEN];
- -
- - if( NULL == word )
- - return OAES_RET_ARG1;
- -
- - _temp[0] = oaes_gf_mul( word[0], 0x0e ) ^ oaes_gf_mul( word[1], 0x0b ) ^
- - oaes_gf_mul( word[2], 0x0d ) ^ oaes_gf_mul( word[3], 0x09 );
- - _temp[1] = oaes_gf_mul( word[0], 0x09 ) ^ oaes_gf_mul( word[1], 0x0e ) ^
- - oaes_gf_mul( word[2], 0x0b ) ^ oaes_gf_mul( word[3], 0x0d );
- - _temp[2] = oaes_gf_mul( word[0], 0x0d ) ^ oaes_gf_mul( word[1], 0x09 ) ^
- - oaes_gf_mul( word[2], 0x0e ) ^ oaes_gf_mul( word[3], 0x0b );
- - _temp[3] = oaes_gf_mul( word[0], 0x0b ) ^ oaes_gf_mul( word[1], 0x0d ) ^
- - oaes_gf_mul( word[2], 0x09 ) ^ oaes_gf_mul( word[3], 0x0e );
- - memcpy( word, _temp, OAES_COL_LEN );
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -OAES_RET oaes_sprintf(
- - char * buf, size_t * buf_len, const uint8_t * data, size_t data_len )
- -{
- - size_t _i, _buf_len_in;
- - char _temp[4];
- -
- - if( NULL == buf_len )
- - return OAES_RET_ARG2;
- -
- - _buf_len_in = *buf_len;
- - *buf_len = data_len * 3 + data_len / OAES_BLOCK_SIZE + 1;
- -
- - if( NULL == buf )
- - return OAES_RET_SUCCESS;
- -
- - if( *buf_len > _buf_len_in )
- - return OAES_RET_BUF;
- -
- - if( NULL == data )
- - return OAES_RET_ARG3;
- -
- - strcpy( buf, "" );
- -
- - for( _i = 0; _i < data_len; _i++ )
- - {
- - sprintf( _temp, "%02x ", data[_i] );
- - strcat( buf, _temp );
- - if( _i && 0 == ( _i + 1 ) % OAES_BLOCK_SIZE )
- - strcat( buf, "\n" );
- - }
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -#ifdef OAES_HAVE_ISAAC
- -static void oaes_get_seed( char buf[RANDSIZ + 1] )
- -{
- - #if !defined(__FreeBSD__) && !defined(__OpenBSD__)
- - struct timeb timer;
- - struct tm *gmTimer;
- - char * _test = NULL;
- -
- - ftime (&timer);
- - gmTimer = gmtime( &timer.time );
- - _test = (char *) calloc( sizeof( char ), timer.millitm );
- - sprintf( buf, "%04d%02d%02d%02d%02d%02d%03d%p%d",
- - gmTimer->tm_year + 1900, gmTimer->tm_mon + 1, gmTimer->tm_mday,
- - gmTimer->tm_hour, gmTimer->tm_min, gmTimer->tm_sec, timer.millitm,
- - _test + timer.millitm, getpid() );
- - #else
- - struct timeval timer;
- - struct tm *gmTimer;
- - char * _test = NULL;
- -
- - gettimeofday(&timer, NULL);
- - gmTimer = gmtime( &timer.tv_sec );
- - _test = (char *) calloc( sizeof( char ), timer.tv_usec/1000 );
- - sprintf( buf, "%04d%02d%02d%02d%02d%02d%03d%p%d",
- - gmTimer->tm_year + 1900, gmTimer->tm_mon + 1, gmTimer->tm_mday,
- - gmTimer->tm_hour, gmTimer->tm_min, gmTimer->tm_sec, timer.tv_usec/1000,
- - _test + timer.tv_usec/1000, getpid() );
- - #endif
- -
- - if( _test )
- - free( _test );
- -}
- -#else
- -static uint32_t oaes_get_seed(void)
- -{
- - #if !defined(__FreeBSD__) && !defined(__OpenBSD__) && !defined(__ANDROID__)
- - struct timeb timer;
- - struct tm *gmTimer;
- - char * _test = NULL;
- - uint32_t _ret = 0;
- -
- - ftime (&timer);
- - gmTimer = gmtime( &timer.time );
- - _test = (char *) calloc( sizeof( char ), timer.millitm );
- - _ret = gmTimer->tm_year + 1900 + gmTimer->tm_mon + 1 + gmTimer->tm_mday +
- - gmTimer->tm_hour + gmTimer->tm_min + gmTimer->tm_sec + timer.millitm +
- - (uintptr_t) ( _test + timer.millitm ) + getpid();
- - #else
- - struct timeval timer;
- - struct tm *gmTimer;
- - char * _test = NULL;
- - uint32_t _ret = 0;
- -
- - gettimeofday(&timer, NULL);
- - gmTimer = gmtime( &timer.tv_sec );
- - _test = (char *) calloc( sizeof( char ), timer.tv_usec/1000 );
- - _ret = gmTimer->tm_year + 1900 + gmTimer->tm_mon + 1 + gmTimer->tm_mday +
- - gmTimer->tm_hour + gmTimer->tm_min + gmTimer->tm_sec + timer.tv_usec/1000 +
- - (uintptr_t) ( _test + timer.tv_usec/1000 ) + getpid();
- - #endif
- -
- - if( _test )
- - free( _test );
- -
- - return _ret;
- -}
- -#endif // OAES_HAVE_ISAAC
- -
- -static OAES_RET oaes_key_destroy( oaes_key ** key )
- -{
- - if( NULL == *key )
- - return OAES_RET_SUCCESS;
- -
- - if( (*key)->data )
- - {
- - free( (*key)->data );
- - (*key)->data = NULL;
- - }
- -
- - if( (*key)->exp_data )
- - {
- - free( (*key)->exp_data );
- - (*key)->exp_data = NULL;
- - }
- -
- - (*key)->data_len = 0;
- - (*key)->exp_data_len = 0;
- - (*key)->num_keys = 0;
- - (*key)->key_base = 0;
- - free( *key );
- - *key = NULL;
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -static OAES_RET oaes_key_expand( OAES_CTX * ctx )
- -{
- - size_t _i, _j;
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - if( NULL == _ctx->key )
- - return OAES_RET_NOKEY;
- -
- - _ctx->key->key_base = _ctx->key->data_len / OAES_RKEY_LEN;
- - _ctx->key->num_keys = _ctx->key->key_base + OAES_ROUND_BASE;
- -
- - _ctx->key->exp_data_len = _ctx->key->num_keys * OAES_RKEY_LEN * OAES_COL_LEN;
- - _ctx->key->exp_data = (uint8_t *)
- - calloc( _ctx->key->exp_data_len, sizeof( uint8_t ));
- -
- - if( NULL == _ctx->key->exp_data )
- - return OAES_RET_MEM;
- -
- - // the first _ctx->key->data_len are a direct copy
- - memcpy( _ctx->key->exp_data, _ctx->key->data, _ctx->key->data_len );
- -
- - // apply ExpandKey algorithm for remainder
- - for( _i = _ctx->key->key_base; _i < _ctx->key->num_keys * OAES_RKEY_LEN; _i++ )
- - {
- - uint8_t _temp[OAES_COL_LEN];
- -
- - memcpy( _temp,
- - _ctx->key->exp_data + ( _i - 1 ) * OAES_RKEY_LEN, OAES_COL_LEN );
- -
- - // transform key column
- - if( 0 == _i % _ctx->key->key_base )
- - {
- - oaes_word_rot_left( _temp );
- -
- - for( _j = 0; _j < OAES_COL_LEN; _j++ )
- - oaes_sub_byte( _temp + _j );
- -
- - _temp[0] = _temp[0] ^ oaes_gf_8[ _i / _ctx->key->key_base - 1 ];
- - }
- - else if( _ctx->key->key_base > 6 && 4 == _i % _ctx->key->key_base )
- - {
- - for( _j = 0; _j < OAES_COL_LEN; _j++ )
- - oaes_sub_byte( _temp + _j );
- - }
- -
- - for( _j = 0; _j < OAES_COL_LEN; _j++ )
- - {
- - _ctx->key->exp_data[ _i * OAES_RKEY_LEN + _j ] =
- - _ctx->key->exp_data[ ( _i - _ctx->key->key_base ) *
- - OAES_RKEY_LEN + _j ] ^ _temp[_j];
- - }
- - }
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -static OAES_RET oaes_key_gen( OAES_CTX * ctx, size_t key_size )
- -{
- - size_t _i;
- - oaes_key * _key = NULL;
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- - OAES_RET _rc = OAES_RET_SUCCESS;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - _key = (oaes_key *) calloc( sizeof( oaes_key ), 1 );
- -
- - if( NULL == _key )
- - return OAES_RET_MEM;
- -
- - if( _ctx->key )
- - oaes_key_destroy( &(_ctx->key) );
- -
- - _key->data_len = key_size;
- - _key->data = (uint8_t *) calloc( key_size, sizeof( uint8_t ));
- -
- - if( NULL == _key->data )
- - {
- - free( _key );
- - return OAES_RET_MEM;
- - }
- -
- - for( _i = 0; _i < key_size; _i++ )
- -#ifdef OAES_HAVE_ISAAC
- - _key->data[_i] = (uint8_t) rand( _ctx->rctx );
- -#else
- - _key->data[_i] = (uint8_t) rand();
- -#endif // OAES_HAVE_ISAAC
- -
- - _ctx->key = _key;
- - _rc = _rc || oaes_key_expand( ctx );
- -
- - if( _rc != OAES_RET_SUCCESS )
- - {
- - oaes_key_destroy( &(_ctx->key) );
- - return _rc;
- - }
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -OAES_RET oaes_key_gen_128( OAES_CTX * ctx )
- -{
- - return oaes_key_gen( ctx, 16 );
- -}
- -
- -OAES_RET oaes_key_gen_192( OAES_CTX * ctx )
- -{
- - return oaes_key_gen( ctx, 24 );
- -}
- -
- -OAES_RET oaes_key_gen_256( OAES_CTX * ctx )
- -{
- - return oaes_key_gen( ctx, 32 );
- -}
- -
- -OAES_RET oaes_key_export( OAES_CTX * ctx,
- - uint8_t * data, size_t * data_len )
- -{
- - size_t _data_len_in;
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - if( NULL == _ctx->key )
- - return OAES_RET_NOKEY;
- -
- - if( NULL == data_len )
- - return OAES_RET_ARG3;
- -
- - _data_len_in = *data_len;
- - // data + header
- - *data_len = _ctx->key->data_len + OAES_BLOCK_SIZE;
- -
- - if( NULL == data )
- - return OAES_RET_SUCCESS;
- -
- - if( _data_len_in < *data_len )
- - return OAES_RET_BUF;
- -
- - // header
- - memcpy( data, oaes_header, OAES_BLOCK_SIZE );
- - data[5] = 0x01;
- - data[7] = _ctx->key->data_len;
- - memcpy( data + OAES_BLOCK_SIZE, _ctx->key->data, _ctx->key->data_len );
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -OAES_RET oaes_key_export_data( OAES_CTX * ctx,
- - uint8_t * data, size_t * data_len )
- -{
- - size_t _data_len_in;
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - if( NULL == _ctx->key )
- - return OAES_RET_NOKEY;
- -
- - if( NULL == data_len )
- - return OAES_RET_ARG3;
- -
- - _data_len_in = *data_len;
- - *data_len = _ctx->key->data_len;
- -
- - if( NULL == data )
- - return OAES_RET_SUCCESS;
- -
- - if( _data_len_in < *data_len )
- - return OAES_RET_BUF;
- -
- - memcpy( data, _ctx->key->data, *data_len );
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -OAES_RET oaes_key_import( OAES_CTX * ctx,
- - const uint8_t * data, size_t data_len )
- -{
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- - OAES_RET _rc = OAES_RET_SUCCESS;
- - int _key_length;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - if( NULL == data )
- - return OAES_RET_ARG2;
- -
- - switch( data_len )
- - {
- - case 16 + OAES_BLOCK_SIZE:
- - case 24 + OAES_BLOCK_SIZE:
- - case 32 + OAES_BLOCK_SIZE:
- - break;
- - default:
- - return OAES_RET_ARG3;
- - }
- -
- - // header
- - if( 0 != memcmp( data, oaes_header, 4 ) )
- - return OAES_RET_HEADER;
- -
- - // header version
- - switch( data[4] )
- - {
- - case 0x01:
- - break;
- - default:
- - return OAES_RET_HEADER;
- - }
- -
- - // header type
- - switch( data[5] )
- - {
- - case 0x01:
- - break;
- - default:
- - return OAES_RET_HEADER;
- - }
- -
- - // options
- - _key_length = data[7];
- - switch( _key_length )
- - {
- - case 16:
- - case 24:
- - case 32:
- - break;
- - default:
- - return OAES_RET_HEADER;
- - }
- -
- - if( (int)data_len != _key_length + OAES_BLOCK_SIZE )
- - return OAES_RET_ARG3;
- -
- - if( _ctx->key )
- - oaes_key_destroy( &(_ctx->key) );
- -
- - _ctx->key = (oaes_key *) calloc( sizeof( oaes_key ), 1 );
- -
- - if( NULL == _ctx->key )
- - return OAES_RET_MEM;
- -
- - _ctx->key->data_len = _key_length;
- - _ctx->key->data = (uint8_t *)
- - calloc( _key_length, sizeof( uint8_t ));
- -
- - if( NULL == _ctx->key->data )
- - {
- - oaes_key_destroy( &(_ctx->key) );
- - return OAES_RET_MEM;
- - }
- -
- - memcpy( _ctx->key->data, data + OAES_BLOCK_SIZE, _key_length );
- - _rc = _rc || oaes_key_expand( ctx );
- -
- - if( _rc != OAES_RET_SUCCESS )
- - {
- - oaes_key_destroy( &(_ctx->key) );
- - return _rc;
- - }
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -OAES_RET oaes_key_import_data( OAES_CTX * ctx,
- - const uint8_t * data, size_t data_len )
- -{
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- - OAES_RET _rc = OAES_RET_SUCCESS;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - if( NULL == data )
- - return OAES_RET_ARG2;
- -
- - switch( data_len )
- - {
- - case 16:
- - case 24:
- - case 32:
- - break;
- - default:
- - return OAES_RET_ARG3;
- - }
- -
- - if( _ctx->key )
- - oaes_key_destroy( &(_ctx->key) );
- -
- - _ctx->key = (oaes_key *) calloc( sizeof( oaes_key ), 1 );
- -
- - if( NULL == _ctx->key )
- - return OAES_RET_MEM;
- -
- - _ctx->key->data_len = data_len;
- - _ctx->key->data = (uint8_t *)
- - calloc( data_len, sizeof( uint8_t ));
- -
- - if( NULL == _ctx->key->data )
- - {
- - oaes_key_destroy( &(_ctx->key) );
- - return OAES_RET_MEM;
- - }
- -
- - memcpy( _ctx->key->data, data, data_len );
- - _rc = _rc || oaes_key_expand( ctx );
- -
- - if( _rc != OAES_RET_SUCCESS )
- - {
- - oaes_key_destroy( &(_ctx->key) );
- - return _rc;
- - }
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -OAES_CTX * oaes_alloc(void)
- -{
- - oaes_ctx * _ctx = (oaes_ctx *) calloc( sizeof( oaes_ctx ), 1 );
- -
- - if( NULL == _ctx )
- - return NULL;
- -
- -#ifdef OAES_HAVE_ISAAC
- - {
- - ub4 _i = 0;
- - char _seed[RANDSIZ + 1];
- -
- - _ctx->rctx = (randctx *) calloc( sizeof( randctx ), 1 );
- -
- - if( NULL == _ctx->rctx )
- - {
- - free( _ctx );
- - return NULL;
- - }
- -
- - oaes_get_seed( _seed );
- - memset( _ctx->rctx->randrsl, 0, RANDSIZ );
- - memcpy( _ctx->rctx->randrsl, _seed, RANDSIZ );
- - randinit( _ctx->rctx, TRUE);
- - }
- -#else
- - srand( oaes_get_seed() );
- -#endif // OAES_HAVE_ISAAC
- -
- - _ctx->key = NULL;
- - oaes_set_option( _ctx, OAES_OPTION_CBC, NULL );
- -
- -#ifdef OAES_DEBUG
- - _ctx->step_cb = NULL;
- - oaes_set_option( _ctx, OAES_OPTION_STEP_OFF, NULL );
- -#endif // OAES_DEBUG
- -
- - return (OAES_CTX *) _ctx;
- -}
- -
- -OAES_RET oaes_free( OAES_CTX ** ctx )
- -{
- - oaes_ctx ** _ctx = (oaes_ctx **) ctx;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - if( NULL == *_ctx )
- - return OAES_RET_SUCCESS;
- -
- - if( (*_ctx)->key )
- - oaes_key_destroy( &((*_ctx)->key) );
- -
- -#ifdef OAES_HAVE_ISAAC
- - if( (*_ctx)->rctx )
- - {
- - free( (*_ctx)->rctx );
- - (*_ctx)->rctx = NULL;
- - }
- -#endif // OAES_HAVE_ISAAC
- -
- - free( *_ctx );
- - *_ctx = NULL;
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -OAES_RET oaes_set_option( OAES_CTX * ctx,
- - OAES_OPTION option, const void * value )
- -{
- - size_t _i;
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - switch( option )
- - {
- - case OAES_OPTION_ECB:
- - _ctx->options &= ~OAES_OPTION_CBC;
- - memset( _ctx->iv, 0, OAES_BLOCK_SIZE );
- - break;
- -
- - case OAES_OPTION_CBC:
- - _ctx->options &= ~OAES_OPTION_ECB;
- - if( value )
- - memcpy( _ctx->iv, value, OAES_BLOCK_SIZE );
- - else
- - {
- - for( _i = 0; _i < OAES_BLOCK_SIZE; _i++ )
- -#ifdef OAES_HAVE_ISAAC
- - _ctx->iv[_i] = (uint8_t) rand( _ctx->rctx );
- -#else
- - _ctx->iv[_i] = (uint8_t) rand();
- -#endif // OAES_HAVE_ISAAC
- - }
- - break;
- -
- -#ifdef OAES_DEBUG
- -
- - case OAES_OPTION_STEP_ON:
- - if( value )
- - {
- - _ctx->options &= ~OAES_OPTION_STEP_OFF;
- - _ctx->step_cb = value;
- - }
- - else
- - {
- - _ctx->options &= ~OAES_OPTION_STEP_ON;
- - _ctx->options |= OAES_OPTION_STEP_OFF;
- - _ctx->step_cb = NULL;
- - return OAES_RET_ARG3;
- - }
- - break;
- -
- - case OAES_OPTION_STEP_OFF:
- - _ctx->options &= ~OAES_OPTION_STEP_ON;
- - _ctx->step_cb = NULL;
- - break;
- -
- -#endif // OAES_DEBUG
- -
- - default:
- - return OAES_RET_ARG2;
- - }
- -
- - _ctx->options |= option;
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -static OAES_RET oaes_encrypt_block(
- - OAES_CTX * ctx, uint8_t * c, size_t c_len )
- -{
- - size_t _i, _j;
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - if( NULL == c )
- - return OAES_RET_ARG2;
- -
- - if( c_len != OAES_BLOCK_SIZE )
- - return OAES_RET_ARG3;
- -
- - if( NULL == _ctx->key )
- - return OAES_RET_NOKEY;
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "input", 1, NULL );
- -#endif // OAES_DEBUG
- -
- - // AddRoundKey(State, K0)
- - for( _i = 0; _i < c_len; _i++ )
- - c[_i] = c[_i] ^ _ctx->key->exp_data[_i];
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - {
- - _ctx->step_cb( _ctx->key->exp_data, "k_sch", 1, NULL );
- - _ctx->step_cb( c, "k_add", 1, NULL );
- - }
- -#endif // OAES_DEBUG
- -
- - // for round = 1 step 1 to Nr<E2><80><93>1
- - for( _i = 1; _i < _ctx->key->num_keys - 1; _i++ )
- - {
- - // SubBytes(state)
- - for( _j = 0; _j < c_len; _j++ )
- - oaes_sub_byte( c + _j );
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "s_box", _i, NULL );
- -#endif // OAES_DEBUG
- -
- - // ShiftRows(state)
- - oaes_shift_rows( c );
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "s_row", _i, NULL );
- -#endif // OAES_DEBUG
- -
- - // MixColumns(state)
- - oaes_mix_cols( c );
- - oaes_mix_cols( c + 4 );
- - oaes_mix_cols( c + 8 );
- - oaes_mix_cols( c + 12 );
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "m_col", _i, NULL );
- -#endif // OAES_DEBUG
- -
- - // AddRoundKey(state, w[round*Nb, (round+1)*Nb-1])
- - for( _j = 0; _j < c_len; _j++ )
- - c[_j] = c[_j] ^
- - _ctx->key->exp_data[_i * OAES_RKEY_LEN * OAES_COL_LEN + _j];
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - {
- - _ctx->step_cb( _ctx->key->exp_data + _i * OAES_RKEY_LEN * OAES_COL_LEN,
- - "k_sch", _i, NULL );
- - _ctx->step_cb( c, "k_add", _i, NULL );
- - }
- -#endif // OAES_DEBUG
- -
- - }
- -
- - // SubBytes(state)
- - for( _i = 0; _i < c_len; _i++ )
- - oaes_sub_byte( c + _i );
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "s_box", _ctx->key->num_keys - 1, NULL );
- -#endif // OAES_DEBUG
- -
- - // ShiftRows(state)
- - oaes_shift_rows( c );
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "s_row", _ctx->key->num_keys - 1, NULL );
- -#endif // OAES_DEBUG
- -
- - // AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1])
- - for( _i = 0; _i < c_len; _i++ )
- - c[_i] = c[_i] ^ _ctx->key->exp_data[
- - ( _ctx->key->num_keys - 1 ) * OAES_RKEY_LEN * OAES_COL_LEN + _i ];
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - {
- - _ctx->step_cb( _ctx->key->exp_data +
- - ( _ctx->key->num_keys - 1 ) * OAES_RKEY_LEN * OAES_COL_LEN,
- - "k_sch", _ctx->key->num_keys - 1, NULL );
- - _ctx->step_cb( c, "output", _ctx->key->num_keys - 1, NULL );
- - }
- -#endif // OAES_DEBUG
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -static OAES_RET oaes_decrypt_block(
- - OAES_CTX * ctx, uint8_t * c, size_t c_len )
- -{
- - size_t _i, _j;
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - if( NULL == c )
- - return OAES_RET_ARG2;
- -
- - if( c_len != OAES_BLOCK_SIZE )
- - return OAES_RET_ARG3;
- -
- - if( NULL == _ctx->key )
- - return OAES_RET_NOKEY;
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "iinput", _ctx->key->num_keys - 1, NULL );
- -#endif // OAES_DEBUG
- -
- - // AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1])
- - for( _i = 0; _i < c_len; _i++ )
- - c[_i] = c[_i] ^ _ctx->key->exp_data[
- - ( _ctx->key->num_keys - 1 ) * OAES_RKEY_LEN * OAES_COL_LEN + _i ];
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - {
- - _ctx->step_cb( _ctx->key->exp_data +
- - ( _ctx->key->num_keys - 1 ) * OAES_RKEY_LEN * OAES_COL_LEN,
- - "ik_sch", _ctx->key->num_keys - 1, NULL );
- - _ctx->step_cb( c, "ik_add", _ctx->key->num_keys - 1, NULL );
- - }
- -#endif // OAES_DEBUG
- -
- - for( _i = _ctx->key->num_keys - 2; _i > 0; _i-- )
- - {
- - // InvShiftRows(state)
- - oaes_inv_shift_rows( c );
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "is_row", _i, NULL );
- -#endif // OAES_DEBUG
- -
- - // InvSubBytes(state)
- - for( _j = 0; _j < c_len; _j++ )
- - oaes_inv_sub_byte( c + _j );
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "is_box", _i, NULL );
- -#endif // OAES_DEBUG
- -
- - // AddRoundKey(state, w[round*Nb, (round+1)*Nb-1])
- - for( _j = 0; _j < c_len; _j++ )
- - c[_j] = c[_j] ^
- - _ctx->key->exp_data[_i * OAES_RKEY_LEN * OAES_COL_LEN + _j];
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - {
- - _ctx->step_cb( _ctx->key->exp_data + _i * OAES_RKEY_LEN * OAES_COL_LEN,
- - "ik_sch", _i, NULL );
- - _ctx->step_cb( c, "ik_add", _i, NULL );
- - }
- -#endif // OAES_DEBUG
- -
- - // InvMixColums(state)
- - oaes_inv_mix_cols( c );
- - oaes_inv_mix_cols( c + 4 );
- - oaes_inv_mix_cols( c + 8 );
- - oaes_inv_mix_cols( c + 12 );
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "im_col", _i, NULL );
- -#endif // OAES_DEBUG
- -
- - }
- -
- - // InvShiftRows(state)
- - oaes_inv_shift_rows( c );
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "is_row", 1, NULL );
- -#endif // OAES_DEBUG
- -
- - // InvSubBytes(state)
- - for( _i = 0; _i < c_len; _i++ )
- - oaes_inv_sub_byte( c + _i );
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - _ctx->step_cb( c, "is_box", 1, NULL );
- -#endif // OAES_DEBUG
- -
- - // AddRoundKey(state, w[0, Nb-1])
- - for( _i = 0; _i < c_len; _i++ )
- - c[_i] = c[_i] ^ _ctx->key->exp_data[_i];
- -
- -#ifdef OAES_DEBUG
- - if( _ctx->step_cb )
- - {
- - _ctx->step_cb( _ctx->key->exp_data, "ik_sch", 1, NULL );
- - _ctx->step_cb( c, "ioutput", 1, NULL );
- - }
- -#endif // OAES_DEBUG
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -OAES_RET oaes_encrypt( OAES_CTX * ctx,
- - const uint8_t * m, size_t m_len, uint8_t * c, size_t * c_len )
- -{
- - size_t _i, _j, _c_len_in, _c_data_len;
- - size_t _pad_len = m_len % OAES_BLOCK_SIZE == 0 ?
- - 0 : OAES_BLOCK_SIZE - m_len % OAES_BLOCK_SIZE;
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- - OAES_RET _rc = OAES_RET_SUCCESS;
- - uint8_t _flags = _pad_len ? OAES_FLAG_PAD : 0;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - if( NULL == m )
- - return OAES_RET_ARG2;
- -
- - if( NULL == c_len )
- - return OAES_RET_ARG5;
- -
- - _c_len_in = *c_len;
- - // data + pad
- - _c_data_len = m_len + _pad_len;
- - // header + iv + data + pad
- - *c_len = 2 * OAES_BLOCK_SIZE + m_len + _pad_len;
- -
- - if( NULL == c )
- - return OAES_RET_SUCCESS;
- -
- - if( _c_len_in < *c_len )
- - return OAES_RET_BUF;
- -
- - if( NULL == _ctx->key )
- - return OAES_RET_NOKEY;
- -
- - // header
- - memcpy(c, oaes_header, OAES_BLOCK_SIZE );
- - memcpy(c + 6, &_ctx->options, sizeof(_ctx->options));
- - memcpy(c + 8, &_flags, sizeof(_flags));
- - // iv
- - memcpy(c + OAES_BLOCK_SIZE, _ctx->iv, OAES_BLOCK_SIZE );
- - // data
- - memcpy(c + 2 * OAES_BLOCK_SIZE, m, m_len );
- -
- - for( _i = 0; _i < _c_data_len; _i += OAES_BLOCK_SIZE )
- - {
- - uint8_t _block[OAES_BLOCK_SIZE];
- - size_t _block_size = min( m_len - _i, OAES_BLOCK_SIZE );
- -
- - memcpy( _block, c + 2 * OAES_BLOCK_SIZE + _i, _block_size );
- -
- - // insert pad
- - for( _j = 0; _j < OAES_BLOCK_SIZE - _block_size; _j++ )
- - _block[ _block_size + _j ] = _j + 1;
- -
- - // CBC
- - if( _ctx->options & OAES_OPTION_CBC )
- - {
- - for( _j = 0; _j < OAES_BLOCK_SIZE; _j++ )
- - _block[_j] = _block[_j] ^ _ctx->iv[_j];
- - }
- -
- - _rc = _rc ||
- - oaes_encrypt_block( ctx, _block, OAES_BLOCK_SIZE );
- - memcpy( c + 2 * OAES_BLOCK_SIZE + _i, _block, OAES_BLOCK_SIZE );
- -
- - if( _ctx->options & OAES_OPTION_CBC )
- - memcpy( _ctx->iv, _block, OAES_BLOCK_SIZE );
- - }
- -
- - return _rc;
- -}
- -
- -OAES_RET oaes_decrypt( OAES_CTX * ctx,
- - const uint8_t * c, size_t c_len, uint8_t * m, size_t * m_len )
- -{
- - size_t _i, _j, _m_len_in;
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- - OAES_RET _rc = OAES_RET_SUCCESS;
- - uint8_t _iv[OAES_BLOCK_SIZE];
- - uint8_t _flags;
- - OAES_OPTION _options;
- -
- - if( NULL == ctx )
- - return OAES_RET_ARG1;
- -
- - if( NULL == c )
- - return OAES_RET_ARG2;
- -
- - if( c_len % OAES_BLOCK_SIZE )
- - return OAES_RET_ARG3;
- -
- - if( NULL == m_len )
- - return OAES_RET_ARG5;
- -
- - _m_len_in = *m_len;
- - *m_len = c_len - 2 * OAES_BLOCK_SIZE;
- -
- - if( NULL == m )
- - return OAES_RET_SUCCESS;
- -
- - if( _m_len_in < *m_len )
- - return OAES_RET_BUF;
- -
- - if( NULL == _ctx->key )
- - return OAES_RET_NOKEY;
- -
- - // header
- - if( 0 != memcmp( c, oaes_header, 4 ) )
- - return OAES_RET_HEADER;
- -
- - // header version
- - switch( c[4] )
- - {
- - case 0x01:
- - break;
- - default:
- - return OAES_RET_HEADER;
- - }
- -
- - // header type
- - switch( c[5] )
- - {
- - case 0x02:
- - break;
- - default:
- - return OAES_RET_HEADER;
- - }
- -
- - // options
- - memcpy(&_options, c + 6, sizeof(_options));
- - // validate that all options are valid
- - if( _options & ~(
- - OAES_OPTION_ECB
- - | OAES_OPTION_CBC
- -#ifdef OAES_DEBUG
- - | OAES_OPTION_STEP_ON
- - | OAES_OPTION_STEP_OFF
- -#endif // OAES_DEBUG
- - ) )
- - return OAES_RET_HEADER;
- - if( ( _options & OAES_OPTION_ECB ) &&
- - ( _options & OAES_OPTION_CBC ) )
- - return OAES_RET_HEADER;
- - if( _options == OAES_OPTION_NONE )
- - return OAES_RET_HEADER;
- -
- - // flags
- - memcpy(&_flags, c + 8, sizeof(_flags));
- - // validate that all flags are valid
- - if( _flags & ~(
- - OAES_FLAG_PAD
- - ) )
- - return OAES_RET_HEADER;
- -
- - // iv
- - memcpy( _iv, c + OAES_BLOCK_SIZE, OAES_BLOCK_SIZE);
- - // data + pad
- - memcpy( m, c + 2 * OAES_BLOCK_SIZE, *m_len );
- -
- - for( _i = 0; _i < *m_len; _i += OAES_BLOCK_SIZE )
- - {
- - if( ( _options & OAES_OPTION_CBC ) && _i > 0 )
- - memcpy( _iv, c + OAES_BLOCK_SIZE + _i, OAES_BLOCK_SIZE );
- -
- - _rc = _rc ||
- - oaes_decrypt_block( ctx, m + _i, min( *m_len - _i, OAES_BLOCK_SIZE ) );
- -
- - // CBC
- - if( _options & OAES_OPTION_CBC )
- - {
- - for( _j = 0; _j < OAES_BLOCK_SIZE; _j++ )
- - m[ _i + _j ] = m[ _i + _j ] ^ _iv[_j];
- - }
- - }
- -
- - // remove pad
- - if( _flags & OAES_FLAG_PAD )
- - {
- - int _is_pad = 1;
- - size_t _temp = (size_t) m[*m_len - 1];
- -
- - if( _temp <= 0x00 || _temp > 0x0f )
- - return OAES_RET_HEADER;
- - for( _i = 0; _i < _temp; _i++ )
- - if( m[*m_len - 1 - _i] != _temp - _i )
- - _is_pad = 0;
- - if( _is_pad )
- - {
- - memset( m + *m_len - _temp, 0, _temp );
- - *m_len -= _temp;
- - }
- - else
- - return OAES_RET_HEADER;
- - }
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -
- -OAES_API OAES_RET oaes_encryption_round( const uint8_t * key, uint8_t * c )
- -{
- - size_t _i;
- -
- - if( NULL == key )
- - return OAES_RET_ARG1;
- -
- - if( NULL == c )
- - return OAES_RET_ARG2;
- -
- - // SubBytes(state)
- - for( _i = 0; _i < OAES_BLOCK_SIZE; _i++ )
- - oaes_sub_byte( c + _i );
- -
- - // ShiftRows(state)
- - oaes_shift_rows( c );
- -
- - // MixColumns(state)
- - oaes_mix_cols( c );
- - oaes_mix_cols( c + 4 );
- - oaes_mix_cols( c + 8 );
- - oaes_mix_cols( c + 12 );
- -
- - // AddRoundKey(State, key)
- - for( _i = 0; _i < OAES_BLOCK_SIZE; _i++ )
- - c[_i] ^= key[_i];
- -
- - return OAES_RET_SUCCESS;
- -}
- -
- -OAES_API OAES_RET oaes_pseudo_encrypt_ecb( OAES_CTX * ctx, uint8_t * c )
- -{
- - size_t _i;
- - oaes_ctx * _ctx = (oaes_ctx *) ctx;
- -
- - if( NULL == _ctx )
- - return OAES_RET_ARG1;
- -
- - if( NULL == c )
- - return OAES_RET_ARG2;
- -
- - if( NULL == _ctx->key )
- - return OAES_RET_NOKEY;
- -
- - for ( _i = 0; _i < 10; ++_i )
- - {
- - oaes_encryption_round( &_ctx->key->exp_data[_i * OAES_RKEY_LEN * OAES_COL_LEN], c );
- - }
- -
- - return OAES_RET_SUCCESS;
- -}
- diff --git "a/c:\\1\\sumokoin/src/crypto/oaes_lib.h" "b/c:\\1\\sumokoin/src/crypto/oaes_lib.h"
- deleted file mode 100644
- index fd19428..0000000
- --- "a/c:\\1\\sumokoin/src/crypto/oaes_lib.h"
- +++ /dev/null
- @@ -1,215 +0,0 @@
- -/*
- - * ---------------------------------------------------------------------------
- - * OpenAES License
- - * ---------------------------------------------------------------------------
- - * Copyright (c) 2012, Nabil S. Al Ramli, www.nalramli.com
- - * All rights reserved.
- - *
- - * Redistribution and use in source and binary forms, with or without
- - * modification, are permitted provided that the following conditions are met:
- - *
- - * - Redistributions of source code must retain the above copyright notice,
- - * this list of conditions and the following disclaimer.
- - * - Redistributions in binary form must reproduce the above copyright
- - * notice, this list of conditions and the following disclaimer in the
- - * documentation and/or other materials provided with the distribution.
- - *
- - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
- - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- - * POSSIBILITY OF SUCH DAMAGE.
- - * ---------------------------------------------------------------------------
- - */
- -
- -#ifndef _OAES_LIB_H
- -#define _OAES_LIB_H
- -
- -#include <stdint.h>
- -#include <stdlib.h>
- -
- -#ifdef __cplusplus
- -extern "C" {
- -#endif
- -
- -#ifdef _WIN32
- -# ifdef OAES_SHARED
- -# ifdef oaes_lib_EXPORTS
- -# define OAES_API __declspec(dllexport)
- -# else
- -# define OAES_API __declspec(dllimport)
- -# endif
- -# else
- -# define OAES_API
- -# endif
- -#else
- -# define OAES_API
- -#endif // WIN32
- -
- -#define OAES_VERSION "0.8.1"
- -#define OAES_BLOCK_SIZE 16
- -
- -typedef void OAES_CTX;
- -
- -typedef enum
- -{
- - OAES_RET_FIRST = 0,
- - OAES_RET_SUCCESS = 0,
- - OAES_RET_UNKNOWN,
- - OAES_RET_ARG1,
- - OAES_RET_ARG2,
- - OAES_RET_ARG3,
- - OAES_RET_ARG4,
- - OAES_RET_ARG5,
- - OAES_RET_NOKEY,
- - OAES_RET_MEM,
- - OAES_RET_BUF,
- - OAES_RET_HEADER,
- - OAES_RET_COUNT
- -} OAES_RET;
- -
- -/*
- - * oaes_set_option() takes one of these values for its [option] parameter
- - * some options accept either an optional or a required [value] parameter
- - */
- -// no option
- -#define OAES_OPTION_NONE 0
- -// enable ECB mode, disable CBC mode
- -#define OAES_OPTION_ECB 1
- -// enable CBC mode, disable ECB mode
- -// value is optional, may pass uint8_t iv[OAES_BLOCK_SIZE] to specify
- -// the value of the initialization vector, iv
- -#define OAES_OPTION_CBC 2
- -
- -#ifdef OAES_DEBUG
- -typedef int ( * oaes_step_cb ) (
- - const uint8_t state[OAES_BLOCK_SIZE],
- - const char * step_name,
- - int step_count,
- - void * user_data );
- -// enable state stepping mode
- -// value is required, must pass oaes_step_cb to receive the state at each step
- -#define OAES_OPTION_STEP_ON 4
- -// disable state stepping mode
- -#define OAES_OPTION_STEP_OFF 8
- -#endif // OAES_DEBUG
- -
- -typedef uint16_t OAES_OPTION;
- -
- -typedef struct _oaes_key
- -{
- - size_t data_len;
- - uint8_t *data;
- - size_t exp_data_len;
- - uint8_t *exp_data;
- - size_t num_keys;
- - size_t key_base;
- -} oaes_key;
- -
- -typedef struct _oaes_ctx
- -{
- -#ifdef OAES_HAVE_ISAAC
- - randctx * rctx;
- -#endif // OAES_HAVE_ISAAC
- -
- -#ifdef OAES_DEBUG
- - oaes_step_cb step_cb;
- -#endif // OAES_DEBUG
- -
- - oaes_key * key;
- - OAES_OPTION options;
- - uint8_t iv[OAES_BLOCK_SIZE];
- -} oaes_ctx;
- -/*
- - * // usage:
- - *
- - * OAES_CTX * ctx = oaes_alloc();
- - * .
- - * .
- - * .
- - * {
- - * oaes_gen_key_xxx( ctx );
- - * {
- - * oaes_key_export( ctx, _buf, &_buf_len );
- - * // or
- - * oaes_key_export_data( ctx, _buf, &_buf_len );\
- - * }
- - * }
- - * // or
- - * {
- - * oaes_key_import( ctx, _buf, _buf_len );
- - * // or
- - * oaes_key_import_data( ctx, _buf, _buf_len );
- - * }
- - * .
- - * .
- - * .
- - * oaes_encrypt( ctx, m, m_len, c, &c_len );
- - * .
- - * .
- - * .
- - * oaes_decrypt( ctx, c, c_len, m, &m_len );
- - * .
- - * .
- - * .
- - * oaes_free( &ctx );
- - */
- -
- -OAES_API OAES_CTX * oaes_alloc(void);
- -
- -OAES_API OAES_RET oaes_free( OAES_CTX ** ctx );
- -
- -OAES_API OAES_RET oaes_set_option( OAES_CTX * ctx,
- - OAES_OPTION option, const void * value );
- -
- -OAES_API OAES_RET oaes_key_gen_128( OAES_CTX * ctx );
- -
- -OAES_API OAES_RET oaes_key_gen_192( OAES_CTX * ctx );
- -
- -OAES_API OAES_RET oaes_key_gen_256( OAES_CTX * ctx );
- -
- -// export key with header information
- -// set data == NULL to get the required data_len
- -OAES_API OAES_RET oaes_key_export( OAES_CTX * ctx,
- - uint8_t * data, size_t * data_len );
- -
- -// directly export the data from key
- -// set data == NULL to get the required data_len
- -OAES_API OAES_RET oaes_key_export_data( OAES_CTX * ctx,
- - uint8_t * data, size_t * data_len );
- -
- -// import key with header information
- -OAES_API OAES_RET oaes_key_import( OAES_CTX * ctx,
- - const uint8_t * data, size_t data_len );
- -
- -// directly import data into key
- -OAES_API OAES_RET oaes_key_import_data( OAES_CTX * ctx,
- - const uint8_t * data, size_t data_len );
- -
- -// set c == NULL to get the required c_len
- -OAES_API OAES_RET oaes_encrypt( OAES_CTX * ctx,
- - const uint8_t * m, size_t m_len, uint8_t * c, size_t * c_len );
- -
- -// set m == NULL to get the required m_len
- -OAES_API OAES_RET oaes_decrypt( OAES_CTX * ctx,
- - const uint8_t * c, size_t c_len, uint8_t * m, size_t * m_len );
- -
- -// set buf == NULL to get the required buf_len
- -OAES_API OAES_RET oaes_sprintf(
- - char * buf, size_t * buf_len, const uint8_t * data, size_t data_len );
- -
- -OAES_API OAES_RET oaes_encryption_round( const uint8_t * key, uint8_t * c );
- -
- -OAES_API OAES_RET oaes_pseudo_encrypt_ecb( OAES_CTX * ctx, uint8_t * c );
- -
- -#ifdef __cplusplus
- -}
- -#endif
- -
- -#endif // _OAES_LIB_H
- diff --git "a/c:\\1\\sumokoin/src/crypto/slow-hash.c" "b/c:\\1\\sumokoin/src/crypto/slow-hash.c"
- deleted file mode 100644
- index 61f6922..0000000
- --- "a/c:\\1\\sumokoin/src/crypto/slow-hash.c"
- +++ /dev/null
- @@ -1,1283 +0,0 @@
- -// Copyright (c) 2014-2017, The Monero Project
- -//
- -// All rights reserved.
- -//
- -// Redistribution and use in source and binary forms, with or without modification, are
- -// permitted provided that the following conditions are met:
- -//
- -// 1. Redistributions of source code must retain the above copyright notice, this list of
- -// conditions and the following disclaimer.
- -//
- -// 2. Redistributions in binary form must reproduce the above copyright notice, this list
- -// of conditions and the following disclaimer in the documentation and/or other
- -// materials provided with the distribution.
- -//
- -// 3. Neither the name of the copyright holder nor the names of its contributors may be
- -// used to endorse or promote products derived from this software without specific
- -// prior written permission.
- -//
- -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
- -// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- -// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
- -// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- -// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- -// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- -// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
- -// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- -//
- -// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
- -
- -#include <assert.h>
- -#include <stddef.h>
- -#include <stdint.h>
- -#include <string.h>
- -
- -#include "common/int-util.h"
- -#include "hash-ops.h"
- -#include "oaes_lib.h"
- -
- -#define MEMORY (1 << 21) // 2MB scratchpad
- -#define ITER (1 << 20)
- -#define AES_BLOCK_SIZE 16
- -#define AES_KEY_SIZE 32
- -#define INIT_SIZE_BLK 8
- -#define INIT_SIZE_BYTE (INIT_SIZE_BLK * AES_BLOCK_SIZE)
- -
- -#if defined(__x86_64__) || (defined(_MSC_VER) && defined(_WIN64))
- -// Optimised code below, uses x86-specific intrinsics, SSE2, AES-NI
- -// Fall back to more portable code is down at the bottom
- -
- -#include <emmintrin.h>
- -
- -#if defined(_MSC_VER)
- -#include <intrin.h>
- -#include <windows.h>
- -#define STATIC
- -#define INLINE __inline
- -#if !defined(RDATA_ALIGN16)
- -#define RDATA_ALIGN16 __declspec(align(16))
- -#endif
- -#elif defined(__MINGW32__)
- -#include <intrin.h>
- -#include <windows.h>
- -#define STATIC static
- -#define INLINE inline
- -#if !defined(RDATA_ALIGN16)
- -#define RDATA_ALIGN16 __attribute__ ((aligned(16)))
- -#endif
- -#else
- -#include <wmmintrin.h>
- -#include <sys/mman.h>
- -#define STATIC static
- -#define INLINE inline
- -#if !defined(RDATA_ALIGN16)
- -#define RDATA_ALIGN16 __attribute__ ((aligned(16)))
- -#endif
- -#endif
- -
- -#if defined(__INTEL_COMPILER)
- -#define ASM __asm__
- -#elif !defined(_MSC_VER)
- -#define ASM __asm__
- -#else
- -#define ASM __asm
- -#endif
- -
- -#define TOTALBLOCKS (MEMORY / AES_BLOCK_SIZE)
- -
- -#define U64(x) ((uint64_t *) (x))
- -#define R128(x) ((__m128i *) (x))
- -
- -#define state_index(x) (((*((uint64_t *)x) >> 4) & (TOTALBLOCKS - 1)) << 4)
- -#if defined(_MSC_VER)
- -#if !defined(_WIN64)
- -#define __mul() lo = mul128(c[0], b[0], &hi);
- -#else
- -#define __mul() lo = _umul128(c[0], b[0], &hi);
- -#endif
- -#else
- -#if defined(__x86_64__)
- -#define __mul() ASM("mulq %3\n\t" : "=d"(hi), "=a"(lo) : "%a" (c[0]), "rm" (b[0]) : "cc");
- -#else
- -#define __mul() lo = mul128(c[0], b[0], &hi);
- -#endif
- -#endif
- -
- -#define pre_aes() \
- - j = state_index(a); \
- - _c = _mm_load_si128(R128(&hp_state[j])); \
- - _a = _mm_load_si128(R128(a)); \
- -
- -/*
- - * An SSE-optimized implementation of the second half of CryptoNight step 3.
- - * After using AES to mix a scratchpad value into _c (done by the caller),
- - * this macro xors it with _b and stores the result back to the same index (j) that it
- - * loaded the scratchpad value from. It then performs a second random memory
- - * read/write from the scratchpad, but this time mixes the values using a 64
- - * bit multiply.
- - * This code is based upon an optimized implementation by dga.
- - */
- -#define post_aes() \
- - _mm_store_si128(R128(c), _c); \
- - _b = _mm_xor_si128(_b, _c); \
- - _mm_store_si128(R128(&hp_state[j]), _b); \
- - j = state_index(c); \
- - p = U64(&hp_state[j]); \
- - b[0] = p[0]; b[1] = p[1]; \
- - __mul(); \
- - a[0] += hi; a[1] += lo; \
- - p = U64(&hp_state[j]); \
- - p[0] = a[0]; p[1] = a[1]; \
- - a[0] ^= b[0]; a[1] ^= b[1]; \
- - _b = _c; \
- -
- -#if defined(_MSC_VER)
- -#define THREADV __declspec(thread)
- -#else
- -#define THREADV __thread
- -#endif
- -
- -extern int aesb_single_round(const uint8_t *in, uint8_t*out, const uint8_t *expandedKey);
- -extern int aesb_pseudo_round(const uint8_t *in, uint8_t *out, const uint8_t *expandedKey);
- -
- -#pragma pack(push, 1)
- -union cn_slow_hash_state
- -{
- - union hash_state hs;
- - struct
- - {
- - uint8_t k[64];
- - uint8_t init[INIT_SIZE_BYTE];
- - };
- -};
- -#pragma pack(pop)
- -
- -THREADV uint8_t *hp_state = NULL;
- -THREADV int hp_allocated = 0;
- -
- -#if defined(_MSC_VER)
- -#define cpuid(info,x) __cpuidex(info,x,0)
- -#else
- -void cpuid(int CPUInfo[4], int InfoType)
- -{
- - ASM __volatile__
- - (
- - "cpuid":
- - "=a" (CPUInfo[0]),
- - "=b" (CPUInfo[1]),
- - "=c" (CPUInfo[2]),
- - "=d" (CPUInfo[3]) :
- - "a" (InfoType), "c" (0)
- - );
- -}
- -#endif
- -
- -/**
- - * @brief a = (a xor b), where a and b point to 128 bit values
- - */
- -
- -STATIC INLINE void xor_blocks(uint8_t *a, const uint8_t *b)
- -{
- - U64(a)[0] ^= U64(b)[0];
- - U64(a)[1] ^= U64(b)[1];
- -}
- -
- -/**
- - * @brief uses cpuid to determine if the CPU supports the AES instructions
- - * @return true if the CPU supports AES, false otherwise
- - */
- -
- -STATIC INLINE int force_software_aes(void)
- -{
- - static int use = -1;
- -
- - if (use != -1)
- - return use;
- -
- - const char *env = getenv("MONERO_USE_SOFTWARE_AES");
- - if (!env) {
- - use = 0;
- - }
- - else if (!strcmp(env, "0") || !strcmp(env, "no")) {
- - use = 0;
- - }
- - else {
- - use = 1;
- - }
- - return use;
- -}
- -
- -STATIC INLINE int check_aes_hw(void)
- -{
- - int cpuid_results[4];
- - static int supported = -1;
- -
- - if(supported >= 0)
- - return supported;
- -
- - cpuid(cpuid_results,1);
- - return supported = cpuid_results[2] & (1 << 25);
- -}
- -
- -STATIC INLINE void aes_256_assist1(__m128i* t1, __m128i * t2)
- -{
- - __m128i t4;
- - *t2 = _mm_shuffle_epi32(*t2, 0xff);
- - t4 = _mm_slli_si128(*t1, 0x04);
- - *t1 = _mm_xor_si128(*t1, t4);
- - t4 = _mm_slli_si128(t4, 0x04);
- - *t1 = _mm_xor_si128(*t1, t4);
- - t4 = _mm_slli_si128(t4, 0x04);
- - *t1 = _mm_xor_si128(*t1, t4);
- - *t1 = _mm_xor_si128(*t1, *t2);
- -}
- -
- -STATIC INLINE void aes_256_assist2(__m128i* t1, __m128i * t3)
- -{
- - __m128i t2, t4;
- - t4 = _mm_aeskeygenassist_si128(*t1, 0x00);
- - t2 = _mm_shuffle_epi32(t4, 0xaa);
- - t4 = _mm_slli_si128(*t3, 0x04);
- - *t3 = _mm_xor_si128(*t3, t4);
- - t4 = _mm_slli_si128(t4, 0x04);
- - *t3 = _mm_xor_si128(*t3, t4);
- - t4 = _mm_slli_si128(t4, 0x04);
- - *t3 = _mm_xor_si128(*t3, t4);
- - *t3 = _mm_xor_si128(*t3, t2);
- -}
- -
- -/**
- - * @brief expands 'key' into a form it can be used for AES encryption.
- - *
- - * This is an SSE-optimized implementation of AES key schedule generation. It
- - * expands the key into multiple round keys, each of which is used in one round
- - * of the AES encryption used to fill (and later, extract randomness from)
- - * the large 2MB buffer. Note that CryptoNight does not use a completely
- - * standard AES encryption for its buffer expansion, so do not copy this
- - * function outside of Monero without caution! This version uses the hardware
- - * AESKEYGENASSIST instruction to speed key generation, and thus requires
- - * CPU AES support.
- - * For more information about these functions, see page 19 of Intel's AES instructions
- - * white paper:
- - * http://www.intel.com/content/dam/www/public/us/en/documents/white-papers/aes-instructions-set-white-paper.pdf
- - *
- - * @param key the input 128 bit key
- - * @param expandedKey An output buffer to hold the generated key schedule
- - */
- -
- -STATIC INLINE void aes_expand_key(const uint8_t *key, uint8_t *expandedKey)
- -{
- - __m128i *ek = R128(expandedKey);
- - __m128i t1, t2, t3;
- -
- - t1 = _mm_loadu_si128(R128(key));
- - t3 = _mm_loadu_si128(R128(key + 16));
- -
- - ek[0] = t1;
- - ek[1] = t3;
- -
- - t2 = _mm_aeskeygenassist_si128(t3, 0x01);
- - aes_256_assist1(&t1, &t2);
- - ek[2] = t1;
- - aes_256_assist2(&t1, &t3);
- - ek[3] = t3;
- -
- - t2 = _mm_aeskeygenassist_si128(t3, 0x02);
- - aes_256_assist1(&t1, &t2);
- - ek[4] = t1;
- - aes_256_assist2(&t1, &t3);
- - ek[5] = t3;
- -
- - t2 = _mm_aeskeygenassist_si128(t3, 0x04);
- - aes_256_assist1(&t1, &t2);
- - ek[6] = t1;
- - aes_256_assist2(&t1, &t3);
- - ek[7] = t3;
- -
- - t2 = _mm_aeskeygenassist_si128(t3, 0x08);
- - aes_256_assist1(&t1, &t2);
- - ek[8] = t1;
- - aes_256_assist2(&t1, &t3);
- - ek[9] = t3;
- -
- - t2 = _mm_aeskeygenassist_si128(t3, 0x10);
- - aes_256_assist1(&t1, &t2);
- - ek[10] = t1;
- -}
- -
- -/**
- - * @brief a "pseudo" round of AES (similar to but slightly different from normal AES encryption)
- - *
- - * To fill its 2MB scratch buffer, CryptoNight uses a nonstandard implementation
- - * of AES encryption: It applies 10 rounds of the basic AES encryption operation
- - * to an input 128 bit chunk of data <in>. Unlike normal AES, however, this is
- - * all it does; it does not perform the initial AddRoundKey step (this is done
- - * in subsequent steps by aesenc_si128), and it does not use the simpler final round.
- - * Hence, this is a "pseudo" round - though the function actually implements 10 rounds together.
- - *
- - * Note that unlike aesb_pseudo_round, this function works on multiple data chunks.
- - *
- - * @param in a pointer to nblocks * 128 bits of data to be encrypted
- - * @param out a pointer to an nblocks * 128 bit buffer where the output will be stored
- - * @param expandedKey the expanded AES key
- - * @param nblocks the number of 128 blocks of data to be encrypted
- - */
- -
- -STATIC INLINE void aes_pseudo_round(const uint8_t *in, uint8_t *out,
- - const uint8_t *expandedKey, int nblocks)
- -{
- - __m128i *k = R128(expandedKey);
- - __m128i d;
- - int i;
- -
- - for(i = 0; i < nblocks; i++)
- - {
- - d = _mm_loadu_si128(R128(in + i * AES_BLOCK_SIZE));
- - d = _mm_aesenc_si128(d, *R128(&k[0]));
- - d = _mm_aesenc_si128(d, *R128(&k[1]));
- - d = _mm_aesenc_si128(d, *R128(&k[2]));
- - d = _mm_aesenc_si128(d, *R128(&k[3]));
- - d = _mm_aesenc_si128(d, *R128(&k[4]));
- - d = _mm_aesenc_si128(d, *R128(&k[5]));
- - d = _mm_aesenc_si128(d, *R128(&k[6]));
- - d = _mm_aesenc_si128(d, *R128(&k[7]));
- - d = _mm_aesenc_si128(d, *R128(&k[8]));
- - d = _mm_aesenc_si128(d, *R128(&k[9]));
- - _mm_storeu_si128((R128(out + i * AES_BLOCK_SIZE)), d);
- - }
- -}
- -
- -/**
- - * @brief aes_pseudo_round that loads data from *in and xors it with *xor first
- - *
- - * This function performs the same operations as aes_pseudo_round, but before
- - * performing the encryption of each 128 bit block from <in>, it xors
- - * it with the corresponding block from <xor>.
- - *
- - * @param in a pointer to nblocks * 128 bits of data to be encrypted
- - * @param out a pointer to an nblocks * 128 bit buffer where the output will be stored
- - * @param expandedKey the expanded AES key
- - * @param xor a pointer to an nblocks * 128 bit buffer that is xored into in before encryption (in is left unmodified)
- - * @param nblocks the number of 128 blocks of data to be encrypted
- - */
- -
- -STATIC INLINE void aes_pseudo_round_xor(const uint8_t *in, uint8_t *out,
- - const uint8_t *expandedKey, const uint8_t *xor, int nblocks)
- -{
- - __m128i *k = R128(expandedKey);
- - __m128i *x = R128(xor);
- - __m128i d;
- - int i;
- -
- - for(i = 0; i < nblocks; i++)
- - {
- - d = _mm_loadu_si128(R128(in + i * AES_BLOCK_SIZE));
- - d = _mm_xor_si128(d, *R128(x++));
- - d = _mm_aesenc_si128(d, *R128(&k[0]));
- - d = _mm_aesenc_si128(d, *R128(&k[1]));
- - d = _mm_aesenc_si128(d, *R128(&k[2]));
- - d = _mm_aesenc_si128(d, *R128(&k[3]));
- - d = _mm_aesenc_si128(d, *R128(&k[4]));
- - d = _mm_aesenc_si128(d, *R128(&k[5]));
- - d = _mm_aesenc_si128(d, *R128(&k[6]));
- - d = _mm_aesenc_si128(d, *R128(&k[7]));
- - d = _mm_aesenc_si128(d, *R128(&k[8]));
- - d = _mm_aesenc_si128(d, *R128(&k[9]));
- - _mm_storeu_si128((R128(out + i * AES_BLOCK_SIZE)), d);
- - }
- -}
- -
- -#if defined(_MSC_VER) || defined(__MINGW32__)
- -BOOL SetLockPagesPrivilege(HANDLE hProcess, BOOL bEnable)
- -{
- - struct
- - {
- - DWORD count;
- - LUID_AND_ATTRIBUTES privilege[1];
- - } info;
- -
- - HANDLE token;
- - if(!OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES, &token))
- - return FALSE;
- -
- - info.count = 1;
- - info.privilege[0].Attributes = bEnable ? SE_PRIVILEGE_ENABLED : 0;
- -
- - if(!LookupPrivilegeValue(NULL, SE_LOCK_MEMORY_NAME, &(info.privilege[0].Luid)))
- - return FALSE;
- -
- - if(!AdjustTokenPrivileges(token, FALSE, (PTOKEN_PRIVILEGES) &info, 0, NULL, NULL))
- - return FALSE;
- -
- - if (GetLastError() != ERROR_SUCCESS)
- - return FALSE;
- -
- - CloseHandle(token);
- -
- - return TRUE;
- -
- -}
- -#endif
- -
- -/**
- - * @brief allocate the 2MB scratch buffer using OS support for huge pages, if available
- - *
- - * This function tries to allocate the 2MB scratch buffer using a single
- - * 2MB "huge page" (instead of the usual 4KB page sizes) to reduce TLB misses
- - * during the random accesses to the scratch buffer. This is one of the
- - * important speed optimizations needed to make CryptoNight faster.
- - *
- - * No parameters. Updates a thread-local pointer, hp_state, to point to
- - * the allocated buffer.
- - */
- -
- -void slow_hash_allocate_state(void)
- -{
- - if(hp_state != NULL)
- - return;
- -
- -#if defined(_MSC_VER) || defined(__MINGW32__)
- - SetLockPagesPrivilege(GetCurrentProcess(), TRUE);
- - hp_state = (uint8_t *) VirtualAlloc(hp_state, MEMORY, MEM_LARGE_PAGES |
- - MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
- -#else
- -#if defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__)
- - hp_state = mmap(0, MEMORY, PROT_READ | PROT_WRITE,
- - MAP_PRIVATE | MAP_ANON, 0, 0);
- -#else
- - hp_state = mmap(0, MEMORY, PROT_READ | PROT_WRITE,
- - MAP_PRIVATE | MAP_ANONYMOUS | MAP_HUGETLB, 0, 0);
- -#endif
- - if(hp_state == MAP_FAILED)
- - hp_state = NULL;
- -#endif
- - hp_allocated = 1;
- - if(hp_state == NULL)
- - {
- - hp_allocated = 0;
- - hp_state = (uint8_t *) malloc(MEMORY);
- - }
- -}
- -
- -/**
- - *@brief frees the state allocated by slow_hash_allocate_state
- - */
- -
- -void slow_hash_free_state(void)
- -{
- - if(hp_state == NULL)
- - return;
- -
- - if(!hp_allocated)
- - free(hp_state);
- - else
- - {
- -#if defined(_MSC_VER) || defined(__MINGW32__)
- - VirtualFree(hp_state, MEMORY, MEM_RELEASE);
- -#else
- - munmap(hp_state, MEMORY);
- -#endif
- - }
- -
- - hp_state = NULL;
- - hp_allocated = 0;
- -}
- -
- -/**
- - * @brief the hash function implementing CryptoNight, used for the Monero proof-of-work
- - *
- - * Computes the hash of <data> (which consists of <length> bytes), returning the
- - * hash in <hash>. The CryptoNight hash operates by first using Keccak 1600,
- - * the 1600 bit variant of the Keccak hash used in SHA-3, to create a 200 byte
- - * buffer of pseudorandom data by hashing the supplied data. It then uses this
- - * random data to fill a large 2MB buffer with pseudorandom data by iteratively
- - * encrypting it using 10 rounds of AES per entry. After this initialization,
- - * it executes 500,000 rounds of mixing through the random 2MB buffer using
- - * AES (typically provided in hardware on modern CPUs) and a 64 bit multiply.
- - * Finally, it re-mixes this large buffer back into
- - * the 200 byte "text" buffer, and then hashes this buffer using one of four
- - * pseudorandomly selected hash functions (Blake, Groestl, JH, or Skein)
- - * to populate the output.
- - *
- - * The 2MB buffer and choice of functions for mixing are designed to make the
- - * algorithm "CPU-friendly" (and thus, reduce the advantage of GPU, FPGA,
- - * or ASIC-based implementations): the functions used are fast on modern
- - * CPUs, and the 2MB size matches the typical amount of L3 cache available per
- - * core on 2013-era CPUs. When available, this implementation will use hardware
- - * AES support on x86 CPUs.
- - *
- - * A diagram of the inner loop of this function can be found at
- - * http://www.cs.cmu.edu/~dga/crypto/xmr/cryptonight.png
- - *
- - * @param data the data to hash
- - * @param length the length in bytes of the data
- - * @param hash a pointer to a buffer in which the final 256 bit hash will be stored
- - */
- -
- -void cn_slow_hash(const void *data, size_t length, char *hash)
- -{
- - RDATA_ALIGN16 uint8_t expandedKey[240]; /* These buffers are aligned to use later with SSE functions */
- -
- - uint8_t text[INIT_SIZE_BYTE];
- - RDATA_ALIGN16 uint64_t a[2];
- - RDATA_ALIGN16 uint64_t b[2];
- - RDATA_ALIGN16 uint64_t c[2];
- - union cn_slow_hash_state state;
- - __m128i _a, _b, _c;
- - uint64_t hi, lo;
- -
- - size_t i, j;
- - uint64_t *p = NULL;
- - oaes_ctx *aes_ctx = NULL;
- - int useAes = !force_software_aes() && check_aes_hw();
- -
- - static void (*const extra_hashes[4])(const void *, size_t, char *) =
- - {
- - hash_extra_blake, hash_extra_groestl, hash_extra_jh, hash_extra_skein
- - };
- -
- - // this isn't supposed to happen, but guard against it for now.
- - if(hp_state == NULL)
- - slow_hash_allocate_state();
- -
- - /* CryptoNight Step 1: Use Keccak1600 to initialize the 'state' (and 'text') buffers from the data. */
- -
- - hash_process(&state.hs, data, length);
- - memcpy(text, state.init, INIT_SIZE_BYTE);
- -
- - /* CryptoNight Step 2: Iteratively encrypt the results from Keccak to fill
- - * the 2MB large random access buffer.
- - */
- -
- - if(useAes)
- - {
- - aes_expand_key(state.hs.b, expandedKey);
- - for(i = 0; i < MEMORY / INIT_SIZE_BYTE; i++)
- - {
- - aes_pseudo_round(text, text, expandedKey, INIT_SIZE_BLK);
- - memcpy(&hp_state[i * INIT_SIZE_BYTE], text, INIT_SIZE_BYTE);
- - }
- - }
- - else
- - {
- - aes_ctx = (oaes_ctx *) oaes_alloc();
- - oaes_key_import_data(aes_ctx, state.hs.b, AES_KEY_SIZE);
- - for(i = 0; i < MEMORY / INIT_SIZE_BYTE; i++)
- - {
- - for(j = 0; j < INIT_SIZE_BLK; j++)
- - aesb_pseudo_round(&text[AES_BLOCK_SIZE * j], &text[AES_BLOCK_SIZE * j], aes_ctx->key->exp_data);
- -
- - memcpy(&hp_state[i * INIT_SIZE_BYTE], text, INIT_SIZE_BYTE);
- - }
- - }
- -
- - U64(a)[0] = U64(&state.k[0])[0] ^ U64(&state.k[32])[0];
- - U64(a)[1] = U64(&state.k[0])[1] ^ U64(&state.k[32])[1];
- - U64(b)[0] = U64(&state.k[16])[0] ^ U64(&state.k[48])[0];
- - U64(b)[1] = U64(&state.k[16])[1] ^ U64(&state.k[48])[1];
- -
- - /* CryptoNight Step 3: Bounce randomly 1 million times through the mixing buffer,
- - * using 500,000 iterations of the following mixing function. Each execution
- - * performs two reads and writes from the mixing buffer.
- - */
- -
- - _b = _mm_load_si128(R128(b));
- - // Two independent versions, one with AES, one without, to ensure that
- - // the useAes test is only performed once, not every iteration.
- - if(useAes)
- - {
- - for(i = 0; i < ITER / 2; i++)
- - {
- - pre_aes();
- - _c = _mm_aesenc_si128(_c, _a);
- - post_aes();
- - }
- - }
- - else
- - {
- - for(i = 0; i < ITER / 2; i++)
- - {
- - pre_aes();
- - aesb_single_round((uint8_t *) &_c, (uint8_t *) &_c, (uint8_t *) &_a);
- - post_aes();
- - }
- - }
- -
- - /* CryptoNight Step 4: Sequentially pass through the mixing buffer and use 10 rounds
- - * of AES encryption to mix the random data back into the 'text' buffer. 'text'
- - * was originally created with the output of Keccak1600. */
- -
- - memcpy(text, state.init, INIT_SIZE_BYTE);
- - if(useAes)
- - {
- - aes_expand_key(&state.hs.b[32], expandedKey);
- - for(i = 0; i < MEMORY / INIT_SIZE_BYTE; i++)
- - {
- - // add the xor to the pseudo round
- - aes_pseudo_round_xor(text, text, expandedKey, &hp_state[i * INIT_SIZE_BYTE], INIT_SIZE_BLK);
- - }
- - }
- - else
- - {
- - oaes_key_import_data(aes_ctx, &state.hs.b[32], AES_KEY_SIZE);
- - for(i = 0; i < MEMORY / INIT_SIZE_BYTE; i++)
- - {
- - for(j = 0; j < INIT_SIZE_BLK; j++)
- - {
- - xor_blocks(&text[j * AES_BLOCK_SIZE], &hp_state[i * INIT_SIZE_BYTE + j * AES_BLOCK_SIZE]);
- - aesb_pseudo_round(&text[AES_BLOCK_SIZE * j], &text[AES_BLOCK_SIZE * j], aes_ctx->key->exp_data);
- - }
- - }
- - oaes_free((OAES_CTX **) &aes_ctx);
- - }
- -
- - /* CryptoNight Step 5: Apply Keccak to the state again, and then
- - * use the resulting data to select which of four finalizer
- - * hash functions to apply to the data (Blake, Groestl, JH, or Skein).
- - * Use this hash to squeeze the state array down
- - * to the final 256 bit hash output.
- - */
- -
- - memcpy(state.init, text, INIT_SIZE_BYTE);
- - hash_permutation(&state.hs);
- - extra_hashes[state.hs.b[0] & 3](&state, 200, hash);
- -}
- -
- -#elif defined(__arm__) || defined(__aarch64__)
- -void slow_hash_allocate_state(void)
- -{
- - // Do nothing, this is just to maintain compatibility with the upgraded slow-hash.c
- - return;
- -}
- -
- -void slow_hash_free_state(void)
- -{
- - // As above
- - return;
- -}
- -
- -#if defined(__GNUC__)
- -#define RDATA_ALIGN16 __attribute__ ((aligned(16)))
- -#define STATIC static
- -#define INLINE inline
- -#else
- -#define RDATA_ALIGN16
- -#define STATIC static
- -#define INLINE
- -#endif
- -
- -#define U64(x) ((uint64_t *) (x))
- -
- -#pragma pack(push, 1)
- -union cn_slow_hash_state
- -{
- - union hash_state hs;
- - struct
- - {
- - uint8_t k[64];
- - uint8_t init[INIT_SIZE_BYTE];
- - };
- -};
- -#pragma pack(pop)
- -
- -#if defined(__aarch64__) && defined(__ARM_FEATURE_CRYPTO)
- -
- -/* ARMv8-A optimized with NEON and AES instructions.
- - * Copied from the x86-64 AES-NI implementation. It has much the same
- - * characteristics as x86-64: there's no 64x64=128 multiplier for vectors,
- - * and moving between vector and regular registers stalls the pipeline.
- - */
- -#include <arm_neon.h>
- -
- -#define TOTALBLOCKS (MEMORY / AES_BLOCK_SIZE)
- -
- -#define state_index(x) (((*((uint64_t *)x) >> 4) & (TOTALBLOCKS - 1)) << 4)
- -#define __mul() __asm__("mul %0, %1, %2\n\t" : "=r"(lo) : "r"(c[0]), "r"(b[0]) ); \
- - __asm__("umulh %0, %1, %2\n\t" : "=r"(hi) : "r"(c[0]), "r"(b[0]) );
- -
- -#define pre_aes() \
- - j = state_index(a); \
- - _c = vld1q_u8(&hp_state[j]); \
- - _a = vld1q_u8((const uint8_t *)a); \
- -
- -#define post_aes() \
- - vst1q_u8((uint8_t *)c, _c); \
- - _b = veorq_u8(_b, _c); \
- - vst1q_u8(&hp_state[j], _b); \
- - j = state_index(c); \
- - p = U64(&hp_state[j]); \
- - b[0] = p[0]; b[1] = p[1]; \
- - __mul(); \
- - a[0] += hi; a[1] += lo; \
- - p = U64(&hp_state[j]); \
- - p[0] = a[0]; p[1] = a[1]; \
- - a[0] ^= b[0]; a[1] ^= b[1]; \
- - _b = _c; \
- -
- -
- -/* Note: this was based on a standard 256bit key schedule but
- - * it's been shortened since Cryptonight doesn't use the full
- - * key schedule. Don't try to use this for vanilla AES.
- -*/
- -static void aes_expand_key(const uint8_t *key, uint8_t *expandedKey) {
- -__asm__("mov x2, %1\n\t" : : "r"(key), "r"(expandedKey));
- -__asm__(
- -" adr x3,Lrcon\n"
- -"\n"
- -" eor v0.16b,v0.16b,v0.16b\n"
- -" ld1 {v3.16b},[x0],#16\n"
- -" ld1 {v1.4s,v2.4s},[x3],#32\n"
- -" b L256\n"
- -".align 5\n"
- -"Lrcon:\n"
- -".long 0x01,0x01,0x01,0x01\n"
- -".long 0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d // rotate-n-splat\n"
- -".long 0x1b,0x1b,0x1b,0x1b\n"
- -"\n"
- -".align 4\n"
- -"L256:\n"
- -" ld1 {v4.16b},[x0]\n"
- -" mov w1,#5\n"
- -" st1 {v3.4s},[x2],#16\n"
- -"\n"
- -"Loop256:\n"
- -" tbl v6.16b,{v4.16b},v2.16b\n"
- -" ext v5.16b,v0.16b,v3.16b,#12\n"
- -" st1 {v4.4s},[x2],#16\n"
- -" aese v6.16b,v0.16b\n"
- -" subs w1,w1,#1\n"
- -"\n"
- -" eor v3.16b,v3.16b,v5.16b\n"
- -" ext v5.16b,v0.16b,v5.16b,#12\n"
- -" eor v3.16b,v3.16b,v5.16b\n"
- -" ext v5.16b,v0.16b,v5.16b,#12\n"
- -" eor v6.16b,v6.16b,v1.16b\n"
- -" eor v3.16b,v3.16b,v5.16b\n"
- -" shl v1.16b,v1.16b,#1\n"
- -" eor v3.16b,v3.16b,v6.16b\n"
- -" st1 {v3.4s},[x2],#16\n"
- -" b.eq Ldone\n"
- -"\n"
- -" dup v6.4s,v3.s[3] // just splat\n"
- -" ext v5.16b,v0.16b,v4.16b,#12\n"
- -" aese v6.16b,v0.16b\n"
- -"\n"
- -" eor v4.16b,v4.16b,v5.16b\n"
- -" ext v5.16b,v0.16b,v5.16b,#12\n"
- -" eor v4.16b,v4.16b,v5.16b\n"
- -" ext v5.16b,v0.16b,v5.16b,#12\n"
- -" eor v4.16b,v4.16b,v5.16b\n"
- -"\n"
- -" eor v4.16b,v4.16b,v6.16b\n"
- -" b Loop256\n"
- -"\n"
- -"Ldone:\n");
- -}
- -
- -/* An ordinary AES round is a sequence of SubBytes, ShiftRows, MixColumns, AddRoundKey. There
- - * is also an InitialRound which consists solely of AddRoundKey. The ARM instructions slice
- - * this sequence differently; the aese instruction performs AddRoundKey, SubBytes, ShiftRows.
- - * The aesmc instruction does the MixColumns. Since the aese instruction moves the AddRoundKey
- - * up front, and Cryptonight's hash skips the InitialRound step, we have to kludge it here by
- - * feeding in a vector of zeros for our first step. Also we have to do our own Xor explicitly
- - * at the last step, to provide the AddRoundKey that the ARM instructions omit.
- - */
- -STATIC INLINE void aes_pseudo_round(const uint8_t *in, uint8_t *out, const uint8_t *expandedKey, int nblocks)
- -{
- - const uint8x16_t *k = (const uint8x16_t *)expandedKey, zero = {0};
- - uint8x16_t tmp;
- - int i;
- -
- - for (i=0; i<nblocks; i++)
- - {
- - uint8x16_t tmp = vld1q_u8(in + i * AES_BLOCK_SIZE);
- - tmp = vaeseq_u8(tmp, zero);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[0]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[1]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[2]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[3]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[4]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[5]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[6]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[7]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[8]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = veorq_u8(tmp, k[9]);
- - vst1q_u8(out + i * AES_BLOCK_SIZE, tmp);
- - }
- -}
- -
- -STATIC INLINE void aes_pseudo_round_xor(const uint8_t *in, uint8_t *out, const uint8_t *expandedKey, const uint8_t *xor, int nblocks)
- -{
- - const uint8x16_t *k = (const uint8x16_t *)expandedKey;
- - const uint8x16_t *x = (const uint8x16_t *)xor;
- - uint8x16_t tmp;
- - int i;
- -
- - for (i=0; i<nblocks; i++)
- - {
- - uint8x16_t tmp = vld1q_u8(in + i * AES_BLOCK_SIZE);
- - tmp = vaeseq_u8(tmp, x[i]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[0]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[1]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[2]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[3]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[4]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[5]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[6]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[7]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = vaeseq_u8(tmp, k[8]);
- - tmp = vaesmcq_u8(tmp);
- - tmp = veorq_u8(tmp, k[9]);
- - vst1q_u8(out + i * AES_BLOCK_SIZE, tmp);
- - }
- -}
- -
- -void cn_slow_hash(const void *data, size_t length, char *hash)
- -{
- - RDATA_ALIGN16 uint8_t expandedKey[240];
- - RDATA_ALIGN16 uint8_t hp_state[MEMORY];
- -
- - uint8_t text[INIT_SIZE_BYTE];
- - RDATA_ALIGN16 uint64_t a[2];
- - RDATA_ALIGN16 uint64_t b[2];
- - RDATA_ALIGN16 uint64_t c[2];
- - union cn_slow_hash_state state;
- - uint8x16_t _a, _b, _c, zero = {0};
- - uint64_t hi, lo;
- -
- - size_t i, j;
- - uint64_t *p = NULL;
- -
- - static void (*const extra_hashes[4])(const void *, size_t, char *) =
- - {
- - hash_extra_blake, hash_extra_groestl, hash_extra_jh, hash_extra_skein
- - };
- -
- - /* CryptoNight Step 1: Use Keccak1600 to initialize the 'state' (and 'text') buffers from the data. */
- -
- - hash_process(&state.hs, data, length);
- - memcpy(text, state.init, INIT_SIZE_BYTE);
- -
- - /* CryptoNight Step 2: Iteratively encrypt the results from Keccak to fill
- - * the 2MB large random access buffer.
- - */
- -
- - aes_expand_key(state.hs.b, expandedKey);
- - for(i = 0; i < MEMORY / INIT_SIZE_BYTE; i++)
- - {
- - aes_pseudo_round(text, text, expandedKey, INIT_SIZE_BLK);
- - memcpy(&hp_state[i * INIT_SIZE_BYTE], text, INIT_SIZE_BYTE);
- - }
- -
- - U64(a)[0] = U64(&state.k[0])[0] ^ U64(&state.k[32])[0];
- - U64(a)[1] = U64(&state.k[0])[1] ^ U64(&state.k[32])[1];
- - U64(b)[0] = U64(&state.k[16])[0] ^ U64(&state.k[48])[0];
- - U64(b)[1] = U64(&state.k[16])[1] ^ U64(&state.k[48])[1];
- -
- - /* CryptoNight Step 3: Bounce randomly 1 million times through the mixing buffer,
- - * using 500,000 iterations of the following mixing function. Each execution
- - * performs two reads and writes from the mixing buffer.
- - */
- -
- - _b = vld1q_u8((const uint8_t *)b);
- -
- -
- - for(i = 0; i < ITER / 2; i++)
- - {
- - pre_aes();
- - _c = vaeseq_u8(_c, zero);
- - _c = vaesmcq_u8(_c);
- - _c = veorq_u8(_c, _a);
- - post_aes();
- - }
- -
- - /* CryptoNight Step 4: Sequentially pass through the mixing buffer and use 10 rounds
- - * of AES encryption to mix the random data back into the 'text' buffer. 'text'
- - * was originally created with the output of Keccak1600. */
- -
- - memcpy(text, state.init, INIT_SIZE_BYTE);
- -
- - aes_expand_key(&state.hs.b[32], expandedKey);
- - for(i = 0; i < MEMORY / INIT_SIZE_BYTE; i++)
- - {
- - // add the xor to the pseudo round
- - aes_pseudo_round_xor(text, text, expandedKey, &hp_state[i * INIT_SIZE_BYTE], INIT_SIZE_BLK);
- - }
- -
- - /* CryptoNight Step 5: Apply Keccak to the state again, and then
- - * use the resulting data to select which of four finalizer
- - * hash functions to apply to the data (Blake, Groestl, JH, or Skein).
- - * Use this hash to squeeze the state array down
- - * to the final 256 bit hash output.
- - */
- -
- - memcpy(state.init, text, INIT_SIZE_BYTE);
- - hash_permutation(&state.hs);
- - extra_hashes[state.hs.b[0] & 3](&state, 200, hash);
- -}
- -#else /* aarch64 && crypto */
- -
- -// ND: Some minor optimizations for ARMv7 (raspberrry pi 2), effect seems to be ~40-50% faster.
- -// Needs more work.
- -
- -#ifdef NO_OPTIMIZED_MULTIPLY_ON_ARM
- -/* The asm corresponds to this C code */
- -#define SHORT uint32_t
- -#define LONG uint64_t
- -
- -void mul(const uint8_t *ca, const uint8_t *cb, uint8_t *cres) {
- - const SHORT *aa = (SHORT *)ca;
- - const SHORT *bb = (SHORT *)cb;
- - SHORT *res = (SHORT *)cres;
- - union {
- - SHORT tmp[8];
- - LONG ltmp[4];
- - } t;
- - LONG A = aa[1];
- - LONG a = aa[0];
- - LONG B = bb[1];
- - LONG b = bb[0];
- -
- - // Aa * Bb = ab + aB_ + Ab_ + AB__
- - t.ltmp[0] = a * b;
- - t.ltmp[1] = a * B;
- - t.ltmp[2] = A * b;
- - t.ltmp[3] = A * B;
- -
- - res[2] = t.tmp[0];
- - t.ltmp[1] += t.tmp[1];
- - t.ltmp[1] += t.tmp[4];
- - t.ltmp[3] += t.tmp[3];
- - t.ltmp[3] += t.tmp[5];
- - res[3] = t.tmp[2];
- - res[0] = t.tmp[6];
- - res[1] = t.tmp[7];
- -}
- -#else // !NO_OPTIMIZED_MULTIPLY_ON_ARM
- -
- -#ifdef __aarch64__ /* ARM64, no crypto */
- -#define mul(a, b, c) cn_mul128((const uint64_t *)a, (const uint64_t *)b, (uint64_t *)c)
- -STATIC void cn_mul128(const uint64_t *a, const uint64_t *b, uint64_t *r)
- -{
- - uint64_t lo, hi;
- - __asm__("mul %0, %1, %2\n\t" : "=r"(lo) : "r"(a[0]), "r"(b[0]) );
- - __asm__("umulh %0, %1, %2\n\t" : "=r"(hi) : "r"(a[0]), "r"(b[0]) );
- - r[0] = hi;
- - r[1] = lo;
- -}
- -#else /* ARM32 */
- -/* Can work as inline, but actually runs slower. Keep it separate */
- -#define mul(a, b, c) cn_mul128((const uint32_t *)a, (const uint32_t *)b, (uint32_t *)c)
- -STATIC void cn_mul128(const uint32_t *aa, const uint32_t *bb, uint32_t *r)
- -{
- - uint32_t t0, t1, t2=0, t3=0;
- -__asm__ __volatile__(
- - "umull %[t0], %[t1], %[a], %[b]\n\t"
- - "str %[t0], %[ll]\n\t"
- -
- - // accumulating with 0 can never overflow/carry
- - "eor %[t0], %[t0]\n\t"
- - "umlal %[t1], %[t0], %[a], %[B]\n\t"
- -
- - "umlal %[t1], %[t2], %[A], %[b]\n\t"
- - "str %[t1], %[lh]\n\t"
- -
- - "umlal %[t0], %[t3], %[A], %[B]\n\t"
- -
- - // final add may have a carry
- - "adds %[t0], %[t0], %[t2]\n\t"
- - "adc %[t1], %[t3], #0\n\t"
- -
- - "str %[t0], %[hl]\n\t"
- - "str %[t1], %[hh]\n\t"
- - : [t0]"=&r"(t0), [t1]"=&r"(t1), [t2]"+r"(t2), [t3]"+r"(t3), [hl]"=m"(r[0]), [hh]"=m"(r[1]), [ll]"=m"(r[2]), [lh]"=m"(r[3])
- - : [A]"r"(aa[1]), [a]"r"(aa[0]), [B]"r"(bb[1]), [b]"r"(bb[0])
- - : "cc");
- -}
- -#endif /* !aarch64 */
- -#endif // NO_OPTIMIZED_MULTIPLY_ON_ARM
- -
- -STATIC INLINE void sum_half_blocks(uint8_t* a, const uint8_t* b)
- -{
- - uint64_t a0, a1, b0, b1;
- - a0 = U64(a)[0];
- - a1 = U64(a)[1];
- - b0 = U64(b)[0];
- - b1 = U64(b)[1];
- - a0 += b0;
- - a1 += b1;
- - U64(a)[0] = a0;
- - U64(a)[1] = a1;
- -}
- -
- -STATIC INLINE void swap_blocks(uint8_t *a, uint8_t *b)
- -{
- - uint64_t t[2];
- - U64(t)[0] = U64(a)[0];
- - U64(t)[1] = U64(a)[1];
- - U64(a)[0] = U64(b)[0];
- - U64(a)[1] = U64(b)[1];
- - U64(b)[0] = U64(t)[0];
- - U64(b)[1] = U64(t)[1];
- -}
- -
- -STATIC INLINE void xor_blocks(uint8_t* a, const uint8_t* b)
- -{
- - U64(a)[0] ^= U64(b)[0];
- - U64(a)[1] ^= U64(b)[1];
- -}
- -
- -void cn_slow_hash(const void *data, size_t length, char *hash)
- -{
- - uint8_t long_state[MEMORY];
- - uint8_t text[INIT_SIZE_BYTE];
- - uint8_t a[AES_BLOCK_SIZE];
- - uint8_t b[AES_BLOCK_SIZE];
- - uint8_t d[AES_BLOCK_SIZE];
- - uint8_t aes_key[AES_KEY_SIZE];
- - RDATA_ALIGN16 uint8_t expandedKey[256];
- -
- - union cn_slow_hash_state state;
- -
- - size_t i, j;
- - uint8_t *p = NULL;
- - oaes_ctx *aes_ctx;
- - static void (*const extra_hashes[4])(const void *, size_t, char *) =
- - {
- - hash_extra_blake, hash_extra_groestl, hash_extra_jh, hash_extra_skein
- - };
- -
- - hash_process(&state.hs, data, length);
- - memcpy(text, state.init, INIT_SIZE_BYTE);
- -
- - aes_ctx = (oaes_ctx *) oaes_alloc();
- - oaes_key_import_data(aes_ctx, state.hs.b, AES_KEY_SIZE);
- -
- - // use aligned data
- - memcpy(expandedKey, aes_ctx->key->exp_data, aes_ctx->key->exp_data_len);
- - for(i = 0; i < MEMORY / INIT_SIZE_BYTE; i++)
- - {
- - for(j = 0; j < INIT_SIZE_BLK; j++)
- - aesb_pseudo_round(&text[AES_BLOCK_SIZE * j], &text[AES_BLOCK_SIZE * j], expandedKey);
- - memcpy(&long_state[i * INIT_SIZE_BYTE], text, INIT_SIZE_BYTE);
- - }
- -
- - U64(a)[0] = U64(&state.k[0])[0] ^ U64(&state.k[32])[0];
- - U64(a)[1] = U64(&state.k[0])[1] ^ U64(&state.k[32])[1];
- - U64(b)[0] = U64(&state.k[16])[0] ^ U64(&state.k[48])[0];
- - U64(b)[1] = U64(&state.k[16])[1] ^ U64(&state.k[48])[1];
- -
- - for(i = 0; i < ITER / 2; i++)
- - {
- - #define MASK ((uint32_t)(((MEMORY / AES_BLOCK_SIZE) - 1) << 4))
- - #define state_index(x) ((*(uint32_t *) x) & MASK)
- -
- - // Iteration 1
- - p = &long_state[state_index(a)];
- - aesb_single_round(p, p, a);
- -
- - xor_blocks(b, p);
- - swap_blocks(b, p);
- - swap_blocks(a, b);
- -
- - // Iteration 2
- - p = &long_state[state_index(a)];
- -
- - mul(a, p, d);
- - sum_half_blocks(b, d);
- - swap_blocks(b, p);
- - xor_blocks(b, p);
- - swap_blocks(a, b);
- - }
- -
- - memcpy(text, state.init, INIT_SIZE_BYTE);
- - oaes_key_import_data(aes_ctx, &state.hs.b[32], AES_KEY_SIZE);
- - memcpy(expandedKey, aes_ctx->key->exp_data, aes_ctx->key->exp_data_len);
- - for(i = 0; i < MEMORY / INIT_SIZE_BYTE; i++)
- - {
- - for(j = 0; j < INIT_SIZE_BLK; j++)
- - {
- - xor_blocks(&text[j * AES_BLOCK_SIZE], &long_state[i * INIT_SIZE_BYTE + j * AES_BLOCK_SIZE]);
- - aesb_pseudo_round(&text[AES_BLOCK_SIZE * j], &text[AES_BLOCK_SIZE * j], expandedKey);
- - }
- - }
- -
- - oaes_free((OAES_CTX **) &aes_ctx);
- - memcpy(state.init, text, INIT_SIZE_BYTE);
- - hash_permutation(&state.hs);
- - extra_hashes[state.hs.b[0] & 3](&state, 200, hash);
- -}
- -#endif /* !aarch64 || !crypto */
- -
- -#else
- -// Portable implementation as a fallback
- -
- -void slow_hash_allocate_state(void)
- -{
- - // Do nothing, this is just to maintain compatibility with the upgraded slow-hash.c
- - return;
- -}
- -
- -void slow_hash_free_state(void)
- -{
- - // As above
- - return;
- -}
- -
- -static void (*const extra_hashes[4])(const void *, size_t, char *) = {
- - hash_extra_blake, hash_extra_groestl, hash_extra_jh, hash_extra_skein
- -};
- -
- -extern int aesb_single_round(const uint8_t *in, uint8_t*out, const uint8_t *expandedKey);
- -extern int aesb_pseudo_round(const uint8_t *in, uint8_t *out, const uint8_t *expandedKey);
- -
- -static size_t e2i(const uint8_t* a, size_t count) { return (*((uint64_t*)a) / AES_BLOCK_SIZE) & (count - 1); }
- -
- -static void mul(const uint8_t* a, const uint8_t* b, uint8_t* res) {
- - uint64_t a0, b0;
- - uint64_t hi, lo;
- -
- - a0 = SWAP64LE(((uint64_t*)a)[0]);
- - b0 = SWAP64LE(((uint64_t*)b)[0]);
- - lo = mul128(a0, b0, &hi);
- - ((uint64_t*)res)[0] = SWAP64LE(hi);
- - ((uint64_t*)res)[1] = SWAP64LE(lo);
- -}
- -
- -static void sum_half_blocks(uint8_t* a, const uint8_t* b) {
- - uint64_t a0, a1, b0, b1;
- -
- - a0 = SWAP64LE(((uint64_t*)a)[0]);
- - a1 = SWAP64LE(((uint64_t*)a)[1]);
- - b0 = SWAP64LE(((uint64_t*)b)[0]);
- - b1 = SWAP64LE(((uint64_t*)b)[1]);
- - a0 += b0;
- - a1 += b1;
- - ((uint64_t*)a)[0] = SWAP64LE(a0);
- - ((uint64_t*)a)[1] = SWAP64LE(a1);
- -}
- -#define U64(x) ((uint64_t *) (x))
- -
- -static void copy_block(uint8_t* dst, const uint8_t* src) {
- - memcpy(dst, src, AES_BLOCK_SIZE);
- -}
- -
- -static void swap_blocks(uint8_t *a, uint8_t *b){
- - uint64_t t[2];
- - U64(t)[0] = U64(a)[0];
- - U64(t)[1] = U64(a)[1];
- - U64(a)[0] = U64(b)[0];
- - U64(a)[1] = U64(b)[1];
- - U64(b)[0] = U64(t)[0];
- - U64(b)[1] = U64(t)[1];
- -}
- -
- -static void xor_blocks(uint8_t* a, const uint8_t* b) {
- - size_t i;
- - for (i = 0; i < AES_BLOCK_SIZE; i++) {
- - a[i] ^= b[i];
- - }
- -}
- -
- -#pragma pack(push, 1)
- -union cn_slow_hash_state {
- - union hash_state hs;
- - struct {
- - uint8_t k[64];
- - uint8_t init[INIT_SIZE_BYTE];
- - };
- -};
- -#pragma pack(pop)
- -
- -void cn_slow_hash(const void *data, size_t length, char *hash) {
- - uint8_t long_state[MEMORY];
- - union cn_slow_hash_state state;
- - uint8_t text[INIT_SIZE_BYTE];
- - uint8_t a[AES_BLOCK_SIZE];
- - uint8_t b[AES_BLOCK_SIZE];
- - uint8_t c[AES_BLOCK_SIZE];
- - uint8_t d[AES_BLOCK_SIZE];
- - size_t i, j;
- - uint8_t aes_key[AES_KEY_SIZE];
- - oaes_ctx *aes_ctx;
- -
- - hash_process(&state.hs, data, length);
- - memcpy(text, state.init, INIT_SIZE_BYTE);
- - memcpy(aes_key, state.hs.b, AES_KEY_SIZE);
- - aes_ctx = (oaes_ctx *) oaes_alloc();
- -
- - oaes_key_import_data(aes_ctx, aes_key, AES_KEY_SIZE);
- - for (i = 0; i < MEMORY / INIT_SIZE_BYTE; i++) {
- - for (j = 0; j < INIT_SIZE_BLK; j++) {
- - aesb_pseudo_round(&text[AES_BLOCK_SIZE * j], &text[AES_BLOCK_SIZE * j], aes_ctx->key->exp_data);
- - }
- - memcpy(&long_state[i * INIT_SIZE_BYTE], text, INIT_SIZE_BYTE);
- - }
- -
- - for (i = 0; i < 16; i++) {
- - a[i] = state.k[ i] ^ state.k[32 + i];
- - b[i] = state.k[16 + i] ^ state.k[48 + i];
- - }
- -
- - for (i = 0; i < ITER / 2; i++) {
- - /* Dependency chain: address -> read value ------+
- - * written value <-+ hard function (AES or MUL) <+
- - * next address <-+
- - */
- - /* Iteration 1 */
- - j = e2i(a, MEMORY / AES_BLOCK_SIZE);
- - copy_block(c, &long_state[j * AES_BLOCK_SIZE]);
- - aesb_single_round(c, c, a);
- - xor_blocks(b, c);
- - swap_blocks(b, c);
- - copy_block(&long_state[j * AES_BLOCK_SIZE], c);
- - assert(j == e2i(a, MEMORY / AES_BLOCK_SIZE));
- - swap_blocks(a, b);
- - /* Iteration 2 */
- - j = e2i(a, MEMORY / AES_BLOCK_SIZE);
- - copy_block(c, &long_state[j * AES_BLOCK_SIZE]);
- - mul(a, c, d);
- - sum_half_blocks(b, d);
- - swap_blocks(b, c);
- - xor_blocks(b, c);
- - copy_block(&long_state[j * AES_BLOCK_SIZE], c);
- - assert(j == e2i(a, MEMORY / AES_BLOCK_SIZE));
- - swap_blocks(a, b);
- - }
- -
- - memcpy(text, state.init, INIT_SIZE_BYTE);
- - oaes_key_import_data(aes_ctx, &state.hs.b[32], AES_KEY_SIZE);
- - for (i = 0; i < MEMORY / INIT_SIZE_BYTE; i++) {
- - for (j = 0; j < INIT_SIZE_BLK; j++) {
- - xor_blocks(&text[j * AES_BLOCK_SIZE], &long_state[i * INIT_SIZE_BYTE + j * AES_BLOCK_SIZE]);
- - aesb_pseudo_round(&text[AES_BLOCK_SIZE * j], &text[AES_BLOCK_SIZE * j], aes_ctx->key->exp_data);
- - }
- - }
- - memcpy(state.init, text, INIT_SIZE_BYTE);
- - hash_permutation(&state.hs);
- - /*memcpy(hash, &state, 32);*/
- - extra_hashes[state.hs.b[0] & 3](&state, 200, hash);
- - oaes_free((OAES_CTX **) &aes_ctx);
- -}
- -
- -#endif
- diff --git "a/c:\\1\\sumokoin/src/cryptonote_core/blockchain.cpp" "b/c:\\1\\2\\sumokoin/src/cryptonote_core/blockchain.cpp"
- index d7302df..c1d9b28 100644
- --- "a/c:\\1\\sumokoin/src/cryptonote_core/blockchain.cpp"
- +++ "b/c:\\1\\2\\sumokoin/src/cryptonote_core/blockchain.cpp"
- @@ -69,8 +69,6 @@
- using namespace cryptonote;
- using epee::string_tools::pod_to_hex;
- -extern "C" void slow_hash_allocate_state();
- -extern "C" void slow_hash_free_state();
- DISABLE_VS_WARNINGS(4267)
- @@ -1310,7 +1308,7 @@ bool Blockchain::handle_alternative_block(const block& b, const crypto::hash& id
- difficulty_type current_diff = get_next_difficulty_for_alternative_chain(alt_chain, bei);
- CHECK_AND_ASSERT_MES(current_diff, false, "!!!!!!! DIFFICULTY OVERHEAD !!!!!!!");
- crypto::hash proof_of_work = null_hash;
- - get_block_longhash(bei.bl, proof_of_work, bei.height);
- + get_block_longhash_v1(bei.bl, m_pow_ctx_v1, proof_of_work);
- if(!check_hash(proof_of_work, current_diff))
- {
- LOG_PRINT_RED_L1("Block with id: " << id << std::endl << " for alternative chain, does not have enough proof of work: " << proof_of_work << std::endl << " expected difficulty: " << current_diff);
- @@ -3003,7 +3001,9 @@ leave:
- proof_of_work = it->second;
- }
- else
- - proof_of_work = get_block_longhash(bl, m_db->height());
- + {
- + get_block_longhash_v1(bl, m_pow_ctx_v1, proof_of_work);
- + }
- // validate proof_of_work versus difficulty target
- if(!check_hash(proof_of_work, current_diffic))
- @@ -3368,10 +3368,9 @@ void Blockchain::set_enforce_dns_checkpoints(bool enforce_checkpoints)
- }
- //------------------------------------------------------------------
- -void Blockchain::block_longhash_worker(const uint64_t height, const std::vector<block> &blocks, std::unordered_map<crypto::hash, crypto::hash> &map) const
- +void Blockchain::block_longhash_worker(cn_pow_hash_v1& hash_ctx, const std::vector<block> &blocks, std::unordered_map<crypto::hash, crypto::hash> &map)
- {
- TIME_MEASURE_START(t);
- - slow_hash_allocate_state();
- //FIXME: height should be changing here, as get_block_longhash expects
- // the height of the block passed to it
- @@ -3380,11 +3379,11 @@ void Blockchain::block_longhash_worker(const uint64_t height, const std::vector<
- if (m_cancel)
- return;
- crypto::hash id = get_block_hash(block);
- - crypto::hash pow = get_block_longhash(block, height);
- + crypto::hash pow;
- + get_block_longhash_v1(block, hash_ctx, pow);
- map.emplace(id, pow);
- }
- - slow_hash_free_state();
- TIME_MEASURE_FINISH(t);
- }
- @@ -3541,9 +3540,13 @@ bool Blockchain::prepare_handle_incoming_blocks(const std::list<block_complete_e
- if (!blocks_exist)
- {
- m_blocks_longhash_table.clear();
- +
- + if(m_hash_ctxes_multi.size() < threads)
- + m_hash_ctxes_multi.resize(threads);
- +
- for (uint64_t i = 0; i < threads; i++)
- {
- - thread_list.push_back(new boost::thread(&Blockchain::block_longhash_worker, this, height + (i * batches), std::cref(blocks[i]), std::ref(maps[i])));
- + thread_list.push_back(new boost::thread(&Blockchain::block_longhash_worker, this, std::ref(m_hash_ctxes_multi[i]), std::cref(blocks[i]), std::ref(maps[i])));
- }
- for (size_t j = 0; j < thread_list.size(); j++)
- diff --git "a/c:\\1\\sumokoin/src/cryptonote_core/blockchain.h" "b/c:\\1\\2\\sumokoin/src/cryptonote_core/blockchain.h"
- index 48590bf..58584b0 100644
- --- "a/c:\\1\\sumokoin/src/cryptonote_core/blockchain.h"
- +++ "b/c:\\1\\2\\sumokoin/src/cryptonote_core/blockchain.h"
- @@ -837,12 +837,11 @@ namespace cryptonote
- /**
- * @brief computes the "short" and "long" hashes for a set of blocks
- *
- - * @param height the height of the first block
- + * @param hash_ctx pow hash ctx
- * @param blocks the blocks to be hashed
- * @param map return-by-reference the hashes for each block
- */
- - void block_longhash_worker(const uint64_t height, const std::vector<block> &blocks,
- - std::unordered_map<crypto::hash, crypto::hash> &map) const;
- + void block_longhash_worker(cn_pow_hash_v1& hash_ctx, const std::vector<block> &blocks, std::unordered_map<crypto::hash, crypto::hash> &map);
- void cancel();
- @@ -905,6 +904,8 @@ namespace cryptonote
- // some invalid blocks
- blocks_ext_by_hash m_invalid_blocks; // crypto::hash -> block_extended_info
- + cn_pow_hash_v1 m_pow_ctx_v1;
- + std::vector<cn_pow_hash_v1> m_hash_ctxes_multi;
- checkpoints m_checkpoints;
- std::atomic<bool> m_is_in_checkpoint_zone;
- diff --git "a/c:\\1\\sumokoin/src/cryptonote_core/cryptonote_format_utils.cpp" "b/c:\\1\\2\\sumokoin/src/cryptonote_core/cryptonote_format_utils.cpp"
- index 2bf5175..4f633d0 100644
- --- "a/c:\\1\\sumokoin/src/cryptonote_core/cryptonote_format_utils.cpp"
- +++ "b/c:\\1\\2\\sumokoin/src/cryptonote_core/cryptonote_format_utils.cpp"
- @@ -1238,11 +1238,12 @@ namespace cryptonote
- return true;
- }
- //---------------------------------------------------------------
- - bool get_block_longhash(const block& b, crypto::hash& res, uint64_t height)
- + bool get_block_longhash_v1(const block& b, cn_pow_hash_v1 &ctx, crypto::hash& res)
- {
- block b_local = b; //workaround to avoid const errors with do_serialize
- blobdata bd = get_block_hashing_blob(b);
- - crypto::cn_slow_hash(bd.data(), bd.size(), res);
- + ctx.hash(bd.data(), bd.size(), res.data);
- + // crypto::cn_slow_hash(bd.data(), bd.size(), res);
- return true;
- }
- //---------------------------------------------------------------
- @@ -1266,13 +1267,6 @@ namespace cryptonote
- return res;
- }
- //---------------------------------------------------------------
- - crypto::hash get_block_longhash(const block& b, uint64_t height)
- - {
- - crypto::hash p = null_hash;
- - get_block_longhash(b, p, height);
- - return p;
- - }
- - //---------------------------------------------------------------
- bool parse_and_validate_block_from_blob(const blobdata& b_blob, block& b)
- {
- std::stringstream ss;
- diff --git "a/c:\\1\\sumokoin/src/cryptonote_core/cryptonote_format_utils.h" "b/c:\\1\\2\\sumokoin/src/cryptonote_core/cryptonote_format_utils.h"
- index 7b271f5..d21b964 100644
- --- "a/c:\\1\\sumokoin/src/cryptonote_core/cryptonote_format_utils.h"
- +++ "b/c:\\1\\2\\sumokoin/src/cryptonote_core/cryptonote_format_utils.h"
- @@ -36,6 +36,7 @@
- #include "include_base_utils.h"
- #include "crypto/crypto.h"
- #include "crypto/hash.h"
- +#include "crypto/cn_slow_hash.hpp"
- #include "ringct/rctOps.h"
- #include <unordered_map>
- @@ -149,8 +150,7 @@ namespace cryptonote
- blobdata get_block_hashing_blob(const block& b);
- bool get_block_hash(const block& b, crypto::hash& res);
- crypto::hash get_block_hash(const block& b);
- - bool get_block_longhash(const block& b, crypto::hash& res, uint64_t height);
- - crypto::hash get_block_longhash(const block& b, uint64_t height);
- + bool get_block_longhash_v1(const block& b, cn_pow_hash_v1 &ctx, crypto::hash& res);
- bool generate_genesis_block(
- block& bl
- , std::string const & genesis_tx
- diff --git "a/c:\\1\\sumokoin/src/cryptonote_core/miner.cpp" "b/c:\\1\\2\\sumokoin/src/cryptonote_core/miner.cpp"
- index 37986f0..070460d 100644
- --- "a/c:\\1\\sumokoin/src/cryptonote_core/miner.cpp"
- +++ "b/c:\\1\\2\\sumokoin/src/cryptonote_core/miner.cpp"
- @@ -47,9 +47,6 @@ using namespace epee;
- #include "miner.h"
- -
- -extern "C" void slow_hash_allocate_state();
- -extern "C" void slow_hash_free_state();
- namespace cryptonote
- {
- @@ -301,10 +298,11 @@ namespace cryptonote
- //-----------------------------------------------------------------------------------------------------
- bool miner::find_nonce_for_given_block(block& bl, const difficulty_type& diffic, uint64_t height)
- {
- + cn_pow_hash_v1 hash_ctx;
- for(; bl.nonce != std::numeric_limits<uint32_t>::max(); bl.nonce++)
- {
- crypto::hash h;
- - get_block_longhash(bl, h, height);
- + get_block_longhash_v1(bl, hash_ctx, h);
- if(check_hash(h, diffic))
- {
- @@ -352,11 +350,11 @@ namespace cryptonote
- LOG_PRINT_L0("Miner thread was started ["<< th_local_index << "]");
- log_space::log_singletone::set_thread_log_prefix(std::string("[miner ") + std::to_string(th_local_index) + "]");
- uint32_t nonce = m_starter_nonce + th_local_index;
- - uint64_t height = 0;
- difficulty_type local_diff = 0;
- uint32_t local_template_ver = 0;
- block b;
- - slow_hash_allocate_state();
- + cn_pow_hash_v1 hash_ctx;
- +
- while(!m_stop)
- {
- if(m_pausers_count)//anti split workaround
- @@ -370,7 +368,6 @@ namespace cryptonote
- CRITICAL_REGION_BEGIN(m_template_lock);
- b = m_template;
- local_diff = m_diffic;
- - height = m_height;
- CRITICAL_REGION_END();
- local_template_ver = m_template_no;
- nonce = m_starter_nonce + th_local_index;
- @@ -385,7 +382,7 @@ namespace cryptonote
- b.nonce = nonce;
- crypto::hash h;
- - get_block_longhash(b, h, height);
- + get_block_longhash_v1(b, hash_ctx, h);
- if(check_hash(h, local_diff))
- {
- @@ -405,7 +402,6 @@ namespace cryptonote
- nonce+=m_threads_total;
- ++m_hashes;
- }
- - slow_hash_free_state();
- LOG_PRINT_L0("Miner thread stopped ["<< th_local_index << "]");
- return true;
- }
- (END)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement