diff --git a/lib/freetiger/C/README b/lib/freetiger/C/README new file mode 100644 index 0000000..f02a567 --- /dev/null +++ b/lib/freetiger/C/README @@ -0,0 +1,76 @@ +These are some implementations of tiger made without looking at the original +reference code to ensure the resulting code can be published under a free +license. The paper was looked though to know how did tiger work. + +When compiling the following define flags can be added to enable some features: +* USE_BIG_ENDIAN compile for big endian machines +* FORCE_ALIGNMENT force 8-byte alignment of inoput data on little endian code to + prevent issues caused by unaligned acceses. + Please bear in mind that currently we expect properly aligned output buffers + for result output and that t_res type takes care of that. + +The code should detect automatically when a x64 processor and when SSE2 is used +from the compiler predefined macros. When using MSVC please read +http://msdn.microsoft.com/en-us/library/7t5yh4fd.aspx to know how to enable +SSE2 support. In other compilers you may needed to set the __SSE2__ and HASX64 +macros by hand. + +The API offered currently is the following: +/** This one is provided as a commodity for people wanting an easy way to + declare result variables **/ +typedef t_word t_res[3]; + +/** Partial calculation as used by tigerp1 and tigerp2 **/ +typedef struct { + t_res h; // Hash status + char r[128]; // SALT + t_word n; // Number of characters of r used + t_word hs; // Amount of total data hashed +} t_pres; + +/** Standard tiger calculation, put your string in str and the string length on + length and get the result on res **/ +void tiger(const char *str, t_word length, t_res res); + +/** Similar to tiger but interleaving accesses to both equally sized strings to + reduce overhead and pipeline stalls you get the result of str1 on res1 and + the one of str2 on res2 **/ +void tiger_2(const char *str1, const char *str2, t_word length, t_res res1, + t_res res2); + +/** This is equivalent to tiger_2 but uses SSE2 for the key schduling making + it faster **/ +void tiger_sse2(const char *str1, const char *str2, t_word length, t_res res1, + t_res res2); + +/** This function is optimized for use on TTHs just send the two concatenated + hashes and you will get back the hash with a prepended 0x01 **/ +void tiger_49(const char *str, t_res res); + +/** This function is optimized for use on TTHs just send the 1024 sized block + and you will get back the hash with a prepended 0x00 **/ +void tiger_1025(const char *str, t_res res); + +/** Interleaved version of tiger_49 you insert two hashes and get back two + results **/ +void tiger_2_49(const char *str1, const char *str2, t_res res1, t_res res2); + +/** Interleaved version of tiger_1025 you insert two hashes and get back two + results **/ +void tiger_2_1025(const char *str1, const char *str2, t_res res1, t_res res2); + +/** SSE2 version of tiger_49 you insert two hashes and get back two results **/ +void tiger_sse2_49(const char *str1, const char *str2, t_res res1, t_res res2); + +/** SSE2 version of tiger_1025 you insert two hashes and get back two results + **/ +void tiger_sse2_1025(const char *str1, const char *str2, t_res res1, t_res res2 + ); + +/** First stage of partial tiger calculation to improve password security during + storage **/ +void tigerp1(const char *password, t_word length, const char *salt, t_pres *pres + ); + +/** Second stage of partial tiger calculation **/ +void tigerp2(const t_pres *pres, const char *salt, t_word length, t_res res); diff --git a/lib/freetiger/C/TODO b/lib/freetiger/C/TODO new file mode 100644 index 0000000..7379966 --- /dev/null +++ b/lib/freetiger/C/TODO @@ -0,0 +1,9 @@ +tiger.c: + * Refactor the tiger_49 family so it receives 2 input pointers one for each hash. + * Add a parallelized TTH implementation with a multiple worker approach using + gomp + * Allow to choose between sse2, serialized or interleaved calls to tiger in + tiger_2 for speed purpouses + * Check the speed of each implementation on startup to choose the best. + * Add better big endian emulation for debuging purposes + * Optimize big endian code. diff --git a/lib/freetiger/C/tiger.c b/lib/freetiger/C/tiger.c new file mode 100644 index 0000000..72f624b --- /dev/null +++ b/lib/freetiger/C/tiger.c @@ -0,0 +1,1297 @@ +/** + * Copyright (c) 2012 Francisco Blas Izquierdo Riera (klondike) + * The Tiger algorithm was written by Eli Biham and Ross Anderson and is + * available on the official Tiger algorithm page. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * the algorithm authorsip notice, this list of conditions and the following + * disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * 4. If this license is not appropriate for you please write me at + * klondike ( a t ) klondike ( d o t ) es to negotiate another license. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO + * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + **/ + +/** + * These are some implementations of tiger made without looking at the original + * reference code to ensure the resulting code can be published under a free + * license. The paper was looked though to know how did tiger work. + */ + +#include +#include "tiger.h" +#ifdef __SSE2__ +#include +#if defined(_WIN64) && defined(_MSC_VER) +#include +#endif +#endif + +/* Fortunately the only code that is endian dependent is found on the tiger code + * space + */ + +static const t_word table[4*256] = {0x02AAB17CF7E90C5EULL, 0xAC424B03E243A8ECULL, +0x72CD5BE30DD5FCD3ULL, 0x6D019B93F6F97F3AULL, 0xCD9978FFD21F9193ULL, 0x7573A1C9708029E2ULL, +0xB164326B922A83C3ULL, 0x46883EEE04915870ULL, 0xEAACE3057103ECE6ULL, 0xC54169B808A3535CULL, +0x4CE754918DDEC47CULL, 0x0AA2F4DFDC0DF40CULL, 0x10B76F18A74DBEFAULL, 0xC6CCB6235AD1AB6AULL, +0x13726121572FE2FFULL, 0x1A488C6F199D921EULL, 0x4BC9F9F4DA0007CAULL, 0x26F5E6F6E85241C7ULL, +0x859079DBEA5947B6ULL, 0x4F1885C5C99E8C92ULL, 0xD78E761EA96F864BULL, 0x8E36428C52B5C17DULL, +0x69CF6827373063C1ULL, 0xB607C93D9BB4C56EULL, 0x7D820E760E76B5EAULL, 0x645C9CC6F07FDC42ULL, +0xBF38A078243342E0ULL, 0x5F6B343C9D2E7D04ULL, 0xF2C28AEB600B0EC6ULL, 0x6C0ED85F7254BCACULL, +0x71592281A4DB4FE5ULL, 0x1967FA69CE0FED9FULL, 0xFD5293F8B96545DBULL, 0xC879E9D7F2A7600BULL, +0x860248920193194EULL, 0xA4F9533B2D9CC0B3ULL, 0x9053836C15957613ULL, 0xDB6DCF8AFC357BF1ULL, +0x18BEEA7A7A370F57ULL, 0x037117CA50B99066ULL, 0x6AB30A9774424A35ULL, 0xF4E92F02E325249BULL, +0x7739DB07061CCAE1ULL, 0xD8F3B49CECA42A05ULL, 0xBD56BE3F51382F73ULL, 0x45FAED5843B0BB28ULL, +0x1C813D5C11BF1F83ULL, 0x8AF0E4B6D75FA169ULL, 0x33EE18A487AD9999ULL, 0x3C26E8EAB1C94410ULL, +0xB510102BC0A822F9ULL, 0x141EEF310CE6123BULL, 0xFC65B90059DDB154ULL, 0xE0158640C5E0E607ULL, +0x884E079826C3A3CFULL, 0x930D0D9523C535FDULL, 0x35638D754E9A2B00ULL, 0x4085FCCF40469DD5ULL, +0xC4B17AD28BE23A4CULL, 0xCAB2F0FC6A3E6A2EULL, 0x2860971A6B943FCDULL, 0x3DDE6EE212E30446ULL, +0x6222F32AE01765AEULL, 0x5D550BB5478308FEULL, 0xA9EFA98DA0EDA22AULL, 0xC351A71686C40DA7ULL, +0x1105586D9C867C84ULL, 0xDCFFEE85FDA22853ULL, 0xCCFBD0262C5EEF76ULL, 0xBAF294CB8990D201ULL, +0xE69464F52AFAD975ULL, 0x94B013AFDF133E14ULL, 0x06A7D1A32823C958ULL, 0x6F95FE5130F61119ULL, +0xD92AB34E462C06C0ULL, 0xED7BDE33887C71D2ULL, 0x79746D6E6518393EULL, 0x5BA419385D713329ULL, +0x7C1BA6B948A97564ULL, 0x31987C197BFDAC67ULL, 0xDE6C23C44B053D02ULL, 0x581C49FED002D64DULL, +0xDD474D6338261571ULL, 0xAA4546C3E473D062ULL, 0x928FCE349455F860ULL, 0x48161BBACAAB94D9ULL, +0x63912430770E6F68ULL, 0x6EC8A5E602C6641CULL, 0x87282515337DDD2BULL, 0x2CDA6B42034B701BULL, +0xB03D37C181CB096DULL, 0xE108438266C71C6FULL, 0x2B3180C7EB51B255ULL, 0xDF92B82F96C08BBCULL, +0x5C68C8C0A632F3BAULL, 0x5504CC861C3D0556ULL, 0xABBFA4E55FB26B8FULL, 0x41848B0AB3BACEB4ULL, +0xB334A273AA445D32ULL, 0xBCA696F0A85AD881ULL, 0x24F6EC65B528D56CULL, 0x0CE1512E90F4524AULL, +0x4E9DD79D5506D35AULL, 0x258905FAC6CE9779ULL, 0x2019295B3E109B33ULL, 0xF8A9478B73A054CCULL, +0x2924F2F934417EB0ULL, 0x3993357D536D1BC4ULL, 0x38A81AC21DB6FF8BULL, 0x47C4FBF17D6016BFULL, +0x1E0FAADD7667E3F5ULL, 0x7ABCFF62938BEB96ULL, 0xA78DAD948FC179C9ULL, 0x8F1F98B72911E50DULL, +0x61E48EAE27121A91ULL, 0x4D62F7AD31859808ULL, 0xECEBA345EF5CEAEBULL, 0xF5CEB25EBC9684CEULL, +0xF633E20CB7F76221ULL, 0xA32CDF06AB8293E4ULL, 0x985A202CA5EE2CA4ULL, 0xCF0B8447CC8A8FB1ULL, +0x9F765244979859A3ULL, 0xA8D516B1A1240017ULL, 0x0BD7BA3EBB5DC726ULL, 0xE54BCA55B86ADB39ULL, +0x1D7A3AFD6C478063ULL, 0x519EC608E7669EDDULL, 0x0E5715A2D149AA23ULL, 0x177D4571848FF194ULL, +0xEEB55F3241014C22ULL, 0x0F5E5CA13A6E2EC2ULL, 0x8029927B75F5C361ULL, 0xAD139FABC3D6E436ULL, +0x0D5DF1A94CCF402FULL, 0x3E8BD948BEA5DFC8ULL, 0xA5A0D357BD3FF77EULL, 0xA2D12E251F74F645ULL, +0x66FD9E525E81A082ULL, 0x2E0C90CE7F687A49ULL, 0xC2E8BCBEBA973BC5ULL, 0x000001BCE509745FULL, +0x423777BBE6DAB3D6ULL, 0xD1661C7EAEF06EB5ULL, 0xA1781F354DAACFD8ULL, 0x2D11284A2B16AFFCULL, +0xF1FC4F67FA891D1FULL, 0x73ECC25DCB920ADAULL, 0xAE610C22C2A12651ULL, 0x96E0A810D356B78AULL, +0x5A9A381F2FE7870FULL, 0xD5AD62EDE94E5530ULL, 0xD225E5E8368D1427ULL, 0x65977B70C7AF4631ULL, +0x99F889B2DE39D74FULL, 0x233F30BF54E1D143ULL, 0x9A9675D3D9A63C97ULL, 0x5470554FF334F9A8ULL, +0x166ACB744A4F5688ULL, 0x70C74CAAB2E4AEADULL, 0xF0D091646F294D12ULL, 0x57B82A89684031D1ULL, +0xEFD95A5A61BE0B6BULL, 0x2FBD12E969F2F29AULL, 0x9BD37013FEFF9FE8ULL, 0x3F9B0404D6085A06ULL, +0x4940C1F3166CFE15ULL, 0x09542C4DCDF3DEFBULL, 0xB4C5218385CD5CE3ULL, 0xC935B7DC4462A641ULL, +0x3417F8A68ED3B63FULL, 0xB80959295B215B40ULL, 0xF99CDAEF3B8C8572ULL, 0x018C0614F8FCB95DULL, +0x1B14ACCD1A3ACDF3ULL, 0x84D471F200BB732DULL, 0xC1A3110E95E8DA16ULL, 0x430A7220BF1A82B8ULL, +0xB77E090D39DF210EULL, 0x5EF4BD9F3CD05E9DULL, 0x9D4FF6DA7E57A444ULL, 0xDA1D60E183D4A5F8ULL, +0xB287C38417998E47ULL, 0xFE3EDC121BB31886ULL, 0xC7FE3CCC980CCBEFULL, 0xE46FB590189BFD03ULL, +0x3732FD469A4C57DCULL, 0x7EF700A07CF1AD65ULL, 0x59C64468A31D8859ULL, 0x762FB0B4D45B61F6ULL, +0x155BAED099047718ULL, 0x68755E4C3D50BAA6ULL, 0xE9214E7F22D8B4DFULL, 0x2ADDBF532EAC95F4ULL, +0x32AE3909B4BD0109ULL, 0x834DF537B08E3450ULL, 0xFA209DA84220728DULL, 0x9E691D9B9EFE23F7ULL, +0x0446D288C4AE8D7FULL, 0x7B4CC524E169785BULL, 0x21D87F0135CA1385ULL, 0xCEBB400F137B8AA5ULL, +0x272E2B66580796BEULL, 0x3612264125C2B0DEULL, 0x057702BDAD1EFBB2ULL, 0xD4BABB8EACF84BE9ULL, +0x91583139641BC67BULL, 0x8BDC2DE08036E024ULL, 0x603C8156F49F68EDULL, 0xF7D236F7DBEF5111ULL, +0x9727C4598AD21E80ULL, 0xA08A0896670A5FD7ULL, 0xCB4A8F4309EBA9CBULL, 0x81AF564B0F7036A1ULL, +0xC0B99AA778199ABDULL, 0x959F1EC83FC8E952ULL, 0x8C505077794A81B9ULL, 0x3ACAAF8F056338F0ULL, +0x07B43F50627A6778ULL, 0x4A44AB49F5ECCC77ULL, 0x3BC3D6E4B679EE98ULL, 0x9CC0D4D1CF14108CULL, +0x4406C00B206BC8A0ULL, 0x82A18854C8D72D89ULL, 0x67E366B35C3C432CULL, 0xB923DD61102B37F2ULL, +0x56AB2779D884271DULL, 0xBE83E1B0FF1525AFULL, 0xFB7C65D4217E49A9ULL, 0x6BDBE0E76D48E7D4ULL, +0x08DF828745D9179EULL, 0x22EA6A9ADD53BD34ULL, 0xE36E141C5622200AULL, 0x7F805D1B8CB750EEULL, +0xAFE5C7A59F58E837ULL, 0xE27F996A4FB1C23CULL, 0xD3867DFB0775F0D0ULL, 0xD0E673DE6E88891AULL, +0x123AEB9EAFB86C25ULL, 0x30F1D5D5C145B895ULL, 0xBB434A2DEE7269E7ULL, 0x78CB67ECF931FA38ULL, +0xF33B0372323BBF9CULL, 0x52D66336FB279C74ULL, 0x505F33AC0AFB4EAAULL, 0xE8A5CD99A2CCE187ULL, +0x534974801E2D30BBULL, 0x8D2D5711D5876D90ULL, 0x1F1A412891BC038EULL, 0xD6E2E71D82E56648ULL, +0x74036C3A497732B7ULL, 0x89B67ED96361F5ABULL, 0xFFED95D8F1EA02A2ULL, 0xE72B3BD61464D43DULL, +0xA6300F170BDC4820ULL, 0xEBC18760ED78A77AULL, 0xE6A6BE5A05A12138ULL, 0xB5A122A5B4F87C98ULL, +0x563C6089140B6990ULL, 0x4C46CB2E391F5DD5ULL, 0xD932ADDBC9B79434ULL, 0x08EA70E42015AFF5ULL, +0xD765A6673E478CF1ULL, 0xC4FB757EAB278D99ULL, 0xDF11C6862D6E0692ULL, 0xDDEB84F10D7F3B16ULL, +0x6F2EF604A665EA04ULL, 0x4A8E0F0FF0E0DFB3ULL, 0xA5EDEEF83DBCBA51ULL, 0xFC4F0A2A0EA4371EULL, +0xE83E1DA85CB38429ULL, 0xDC8FF882BA1B1CE2ULL, 0xCD45505E8353E80DULL, 0x18D19A00D4DB0717ULL, +0x34A0CFEDA5F38101ULL, 0x0BE77E518887CAF2ULL, 0x1E341438B3C45136ULL, 0xE05797F49089CCF9ULL, +0xFFD23F9DF2591D14ULL, 0x543DDA228595C5CDULL, 0x661F81FD99052A33ULL, 0x8736E641DB0F7B76ULL, +0x15227725418E5307ULL, 0xE25F7F46162EB2FAULL, 0x48A8B2126C13D9FEULL, 0xAFDC541792E76EEAULL, +0x03D912BFC6D1898FULL, 0x31B1AAFA1B83F51BULL, 0xF1AC2796E42AB7D9ULL, 0x40A3A7D7FCD2EBACULL, +0x1056136D0AFBBCC5ULL, 0x7889E1DD9A6D0C85ULL, 0xD33525782A7974AAULL, 0xA7E25D09078AC09BULL, +0xBD4138B3EAC6EDD0ULL, 0x920ABFBE71EB9E70ULL, 0xA2A5D0F54FC2625CULL, 0xC054E36B0B1290A3ULL, +0xF6DD59FF62FE932BULL, 0x3537354511A8AC7DULL, 0xCA845E9172FADCD4ULL, 0x84F82B60329D20DCULL, +0x79C62CE1CD672F18ULL, 0x8B09A2ADD124642CULL, 0xD0C1E96A19D9E726ULL, 0x5A786A9B4BA9500CULL, +0x0E020336634C43F3ULL, 0xC17B474AEB66D822ULL, 0x6A731AE3EC9BAAC2ULL, 0x8226667AE0840258ULL, +0x67D4567691CAECA5ULL, 0x1D94155C4875ADB5ULL, 0x6D00FD985B813FDFULL, 0x51286EFCB774CD06ULL, +0x5E8834471FA744AFULL, 0xF72CA0AEE761AE2EULL, 0xBE40E4CDAEE8E09AULL, 0xE9970BBB5118F665ULL, +0x726E4BEB33DF1964ULL, 0x703B000729199762ULL, 0x4631D816F5EF30A7ULL, 0xB880B5B51504A6BEULL, +0x641793C37ED84B6CULL, 0x7B21ED77F6E97D96ULL, 0x776306312EF96B73ULL, 0xAE528948E86FF3F4ULL, +0x53DBD7F286A3F8F8ULL, 0x16CADCE74CFC1063ULL, 0x005C19BDFA52C6DDULL, 0x68868F5D64D46AD3ULL, +0x3A9D512CCF1E186AULL, 0x367E62C2385660AEULL, 0xE359E7EA77DCB1D7ULL, 0x526C0773749ABE6EULL, +0x735AE5F9D09F734BULL, 0x493FC7CC8A558BA8ULL, 0xB0B9C1533041AB45ULL, 0x321958BA470A59BDULL, +0x852DB00B5F46C393ULL, 0x91209B2BD336B0E5ULL, 0x6E604F7D659EF19FULL, 0xB99A8AE2782CCB24ULL, +0xCCF52AB6C814C4C7ULL, 0x4727D9AFBE11727BULL, 0x7E950D0C0121B34DULL, 0x756F435670AD471FULL, +0xF5ADD442615A6849ULL, 0x4E87E09980B9957AULL, 0x2ACFA1DF50AEE355ULL, 0xD898263AFD2FD556ULL, +0xC8F4924DD80C8FD6ULL, 0xCF99CA3D754A173AULL, 0xFE477BACAF91BF3CULL, 0xED5371F6D690C12DULL, +0x831A5C285E687094ULL, 0xC5D3C90A3708A0A4ULL, 0x0F7F903717D06580ULL, 0x19F9BB13B8FDF27FULL, +0xB1BD6F1B4D502843ULL, 0x1C761BA38FFF4012ULL, 0x0D1530C4E2E21F3BULL, 0x8943CE69A7372C8AULL, +0xE5184E11FEB5CE66ULL, 0x618BDB80BD736621ULL, 0x7D29BAD68B574D0BULL, 0x81BB613E25E6FE5BULL, +0x071C9C10BC07913FULL, 0xC7BEEB7909AC2D97ULL, 0xC3E58D353BC5D757ULL, 0xEB017892F38F61E8ULL, +0xD4EFFB9C9B1CC21AULL, 0x99727D26F494F7ABULL, 0xA3E063A2956B3E03ULL, 0x9D4A8B9A4AA09C30ULL, +0x3F6AB7D500090FB4ULL, 0x9CC0F2A057268AC0ULL, 0x3DEE9D2DEDBF42D1ULL, 0x330F49C87960A972ULL, +0xC6B2720287421B41ULL, 0x0AC59EC07C00369CULL, 0xEF4EAC49CB353425ULL, 0xF450244EEF0129D8ULL, +0x8ACC46E5CAF4DEB6ULL, 0x2FFEAB63989263F7ULL, 0x8F7CB9FE5D7A4578ULL, 0x5BD8F7644E634635ULL, +0x427A7315BF2DC900ULL, 0x17D0C4AA2125261CULL, 0x3992486C93518E50ULL, 0xB4CBFEE0A2D7D4C3ULL, +0x7C75D6202C5DDD8DULL, 0xDBC295D8E35B6C61ULL, 0x60B369D302032B19ULL, 0xCE42685FDCE44132ULL, +0x06F3DDB9DDF65610ULL, 0x8EA4D21DB5E148F0ULL, 0x20B0FCE62FCD496FULL, 0x2C1B912358B0EE31ULL, +0xB28317B818F5A308ULL, 0xA89C1E189CA6D2CFULL, 0x0C6B18576AAADBC8ULL, 0xB65DEAA91299FAE3ULL, +0xFB2B794B7F1027E7ULL, 0x04E4317F443B5BEBULL, 0x4B852D325939D0A6ULL, 0xD5AE6BEEFB207FFCULL, +0x309682B281C7D374ULL, 0xBAE309A194C3B475ULL, 0x8CC3F97B13B49F05ULL, 0x98A9422FF8293967ULL, +0x244B16B01076FF7CULL, 0xF8BF571C663D67EEULL, 0x1F0D6758EEE30DA1ULL, 0xC9B611D97ADEB9B7ULL, +0xB7AFD5887B6C57A2ULL, 0x6290AE846B984FE1ULL, 0x94DF4CDEACC1A5FDULL, 0x058A5BD1C5483AFFULL, +0x63166CC142BA3C37ULL, 0x8DB8526EB2F76F40ULL, 0xE10880036F0D6D4EULL, 0x9E0523C9971D311DULL, +0x45EC2824CC7CD691ULL, 0x575B8359E62382C9ULL, 0xFA9E400DC4889995ULL, 0xD1823ECB45721568ULL, +0xDAFD983B8206082FULL, 0xAA7D29082386A8CBULL, 0x269FCD4403B87588ULL, 0x1B91F5F728BDD1E0ULL, +0xE4669F39040201F6ULL, 0x7A1D7C218CF04ADEULL, 0x65623C29D79CE5CEULL, 0x2368449096C00BB1ULL, +0xAB9BF1879DA503BAULL, 0xBC23ECB1A458058EULL, 0x9A58DF01BB401ECCULL, 0xA070E868A85F143DULL, +0x4FF188307DF2239EULL, 0x14D565B41A641183ULL, 0xEE13337452701602ULL, 0x950E3DCF3F285E09ULL, +0x59930254B9C80953ULL, 0x3BF299408930DA6DULL, 0xA955943F53691387ULL, 0xA15EDECAA9CB8784ULL, +0x29142127352BE9A0ULL, 0x76F0371FFF4E7AFBULL, 0x0239F450274F2228ULL, 0xBB073AF01D5E868BULL, +0xBFC80571C10E96C1ULL, 0xD267088568222E23ULL, 0x9671A3D48E80B5B0ULL, 0x55B5D38AE193BB81ULL, +0x693AE2D0A18B04B8ULL, 0x5C48B4ECADD5335FULL, 0xFD743B194916A1CAULL, 0x2577018134BE98C4ULL, +0xE77987E83C54A4ADULL, 0x28E11014DA33E1B9ULL, 0x270CC59E226AA213ULL, 0x71495F756D1A5F60ULL, +0x9BE853FB60AFEF77ULL, 0xADC786A7F7443DBFULL, 0x0904456173B29A82ULL, 0x58BC7A66C232BD5EULL, +0xF306558C673AC8B2ULL, 0x41F639C6B6C9772AULL, 0x216DEFE99FDA35DAULL, 0x11640CC71C7BE615ULL, +0x93C43694565C5527ULL, 0xEA038E6246777839ULL, 0xF9ABF3CE5A3E2469ULL, 0x741E768D0FD312D2ULL, +0x0144B883CED652C6ULL, 0xC20B5A5BA33F8552ULL, 0x1AE69633C3435A9DULL, 0x97A28CA4088CFDECULL, +0x8824A43C1E96F420ULL, 0x37612FA66EEEA746ULL, 0x6B4CB165F9CF0E5AULL, 0x43AA1C06A0ABFB4AULL, +0x7F4DC26FF162796BULL, 0x6CBACC8E54ED9B0FULL, 0xA6B7FFEFD2BB253EULL, 0x2E25BC95B0A29D4FULL, +0x86D6A58BDEF1388CULL, 0xDED74AC576B6F054ULL, 0x8030BDBC2B45805DULL, 0x3C81AF70E94D9289ULL, +0x3EFF6DDA9E3100DBULL, 0xB38DC39FDFCC8847ULL, 0x123885528D17B87EULL, 0xF2DA0ED240B1B642ULL, +0x44CEFADCD54BF9A9ULL, 0x1312200E433C7EE6ULL, 0x9FFCC84F3A78C748ULL, 0xF0CD1F72248576BBULL, +0xEC6974053638CFE4ULL, 0x2BA7B67C0CEC4E4CULL, 0xAC2F4DF3E5CE32EDULL, 0xCB33D14326EA4C11ULL, +0xA4E9044CC77E58BCULL, 0x5F513293D934FCEFULL, 0x5DC9645506E55444ULL, 0x50DE418F317DE40AULL, +0x388CB31A69DDE259ULL, 0x2DB4A83455820A86ULL, 0x9010A91E84711AE9ULL, 0x4DF7F0B7B1498371ULL, +0xD62A2EABC0977179ULL, 0x22FAC097AA8D5C0EULL, 0xF49FCC2FF1DAF39BULL, 0x487FD5C66FF29281ULL, +0xE8A30667FCDCA83FULL, 0x2C9B4BE3D2FCCE63ULL, 0xDA3FF74B93FBBBC2ULL, 0x2FA165D2FE70BA66ULL, +0xA103E279970E93D4ULL, 0xBECDEC77B0E45E71ULL, 0xCFB41E723985E497ULL, 0xB70AAA025EF75017ULL, +0xD42309F03840B8E0ULL, 0x8EFC1AD035898579ULL, 0x96C6920BE2B2ABC5ULL, 0x66AF4163375A9172ULL, +0x2174ABDCCA7127FBULL, 0xB33CCEA64A72FF41ULL, 0xF04A4933083066A5ULL, 0x8D970ACDD7289AF5ULL, +0x8F96E8E031C8C25EULL, 0xF3FEC02276875D47ULL, 0xEC7BF310056190DDULL, 0xF5ADB0AEBB0F1491ULL, +0x9B50F8850FD58892ULL, 0x4975488358B74DE8ULL, 0xA3354FF691531C61ULL, 0x0702BBE481D2C6EEULL, +0x89FB24057DEDED98ULL, 0xAC3075138596E902ULL, 0x1D2D3580172772EDULL, 0xEB738FC28E6BC30DULL, +0x5854EF8F63044326ULL, 0x9E5C52325ADD3BBEULL, 0x90AA53CF325C4623ULL, 0xC1D24D51349DD067ULL, +0x2051CFEEA69EA624ULL, 0x13220F0A862E7E4FULL, 0xCE39399404E04864ULL, 0xD9C42CA47086FCB7ULL, +0x685AD2238A03E7CCULL, 0x066484B2AB2FF1DBULL, 0xFE9D5D70EFBF79ECULL, 0x5B13B9DD9C481854ULL, +0x15F0D475ED1509ADULL, 0x0BEBCD060EC79851ULL, 0xD58C6791183AB7F8ULL, 0xD1187C5052F3EEE4ULL, +0xC95D1192E54E82FFULL, 0x86EEA14CB9AC6CA2ULL, 0x3485BEB153677D5DULL, 0xDD191D781F8C492AULL, +0xF60866BAA784EBF9ULL, 0x518F643BA2D08C74ULL, 0x8852E956E1087C22ULL, 0xA768CB8DC410AE8DULL, +0x38047726BFEC8E1AULL, 0xA67738B4CD3B45AAULL, 0xAD16691CEC0DDE19ULL, 0xC6D4319380462E07ULL, +0xC5A5876D0BA61938ULL, 0x16B9FA1FA58FD840ULL, 0x188AB1173CA74F18ULL, 0xABDA2F98C99C021FULL, +0x3E0580AB134AE816ULL, 0x5F3B05B773645ABBULL, 0x2501A2BE5575F2F6ULL, 0x1B2F74004E7E8BA9ULL, +0x1CD7580371E8D953ULL, 0x7F6ED89562764E30ULL, 0xB15926FF596F003DULL, 0x9F65293DA8C5D6B9ULL, +0x6ECEF04DD690F84CULL, 0x4782275FFF33AF88ULL, 0xE41433083F820801ULL, 0xFD0DFE409A1AF9B5ULL, +0x4325A3342CDB396BULL, 0x8AE77E62B301B252ULL, 0xC36F9E9F6655615AULL, 0x85455A2D92D32C09ULL, +0xF2C7DEA949477485ULL, 0x63CFB4C133A39EBAULL, 0x83B040CC6EBC5462ULL, 0x3B9454C8FDB326B0ULL, +0x56F56A9E87FFD78CULL, 0x2DC2940D99F42BC6ULL, 0x98F7DF096B096E2DULL, 0x19A6E01E3AD852BFULL, +0x42A99CCBDBD4B40BULL, 0xA59998AF45E9C559ULL, 0x366295E807D93186ULL, 0x6B48181BFAA1F773ULL, +0x1FEC57E2157A0A1DULL, 0x4667446AF6201AD5ULL, 0xE615EBCACFB0F075ULL, 0xB8F31F4F68290778ULL, +0x22713ED6CE22D11EULL, 0x3057C1A72EC3C93BULL, 0xCB46ACC37C3F1F2FULL, 0xDBB893FD02AAF50EULL, +0x331FD92E600B9FCFULL, 0xA498F96148EA3AD6ULL, 0xA8D8426E8B6A83EAULL, 0xA089B274B7735CDCULL, +0x87F6B3731E524A11ULL, 0x118808E5CBC96749ULL, 0x9906E4C7B19BD394ULL, 0xAFED7F7E9B24A20CULL, +0x6509EADEEB3644A7ULL, 0x6C1EF1D3E8EF0EDEULL, 0xB9C97D43E9798FB4ULL, 0xA2F2D784740C28A3ULL, +0x7B8496476197566FULL, 0x7A5BE3E6B65F069DULL, 0xF96330ED78BE6F10ULL, 0xEEE60DE77A076A15ULL, +0x2B4BEE4AA08B9BD0ULL, 0x6A56A63EC7B8894EULL, 0x02121359BA34FEF4ULL, 0x4CBF99F8283703FCULL, +0x398071350CAF30C8ULL, 0xD0A77A89F017687AULL, 0xF1C1A9EB9E423569ULL, 0x8C7976282DEE8199ULL, +0x5D1737A5DD1F7ABDULL, 0x4F53433C09A9FA80ULL, 0xFA8B0C53DF7CA1D9ULL, 0x3FD9DCBC886CCB77ULL, +0xC040917CA91B4720ULL, 0x7DD00142F9D1DCDFULL, 0x8476FC1D4F387B58ULL, 0x23F8E7C5F3316503ULL, +0x032A2244E7E37339ULL, 0x5C87A5D750F5A74BULL, 0x082B4CC43698992EULL, 0xDF917BECB858F63CULL, +0x3270B8FC5BF86DDAULL, 0x10AE72BB29B5DD76ULL, 0x576AC94E7700362BULL, 0x1AD112DAC61EFB8FULL, +0x691BC30EC5FAA427ULL, 0xFF246311CC327143ULL, 0x3142368E30E53206ULL, 0x71380E31E02CA396ULL, +0x958D5C960AAD76F1ULL, 0xF8D6F430C16DA536ULL, 0xC8FFD13F1BE7E1D2ULL, 0x7578AE66004DDBE1ULL, +0x05833F01067BE646ULL, 0xBB34B5AD3BFE586DULL, 0x095F34C9A12B97F0ULL, 0x247AB64525D60CA8ULL, +0xDCDBC6F3017477D1ULL, 0x4A2E14D4DECAD24DULL, 0xBDB5E6D9BE0A1EEBULL, 0x2A7E70F7794301ABULL, +0xDEF42D8A270540FDULL, 0x01078EC0A34C22C1ULL, 0xE5DE511AF4C16387ULL, 0x7EBB3A52BD9A330AULL, +0x77697857AA7D6435ULL, 0x004E831603AE4C32ULL, 0xE7A21020AD78E312ULL, 0x9D41A70C6AB420F2ULL, +0x28E06C18EA1141E6ULL, 0xD2B28CBD984F6B28ULL, 0x26B75F6C446E9D83ULL, 0xBA47568C4D418D7FULL, +0xD80BADBFE6183D8EULL, 0x0E206D7F5F166044ULL, 0xE258A43911CBCA3EULL, 0x723A1746B21DC0BCULL, +0xC7CAA854F5D7CDD3ULL, 0x7CAC32883D261D9CULL, 0x7690C26423BA942CULL, 0x17E55524478042B8ULL, +0xE0BE477656A2389FULL, 0x4D289B5E67AB2DA0ULL, 0x44862B9C8FBBFD31ULL, 0xB47CC8049D141365ULL, +0x822C1B362B91C793ULL, 0x4EB14655FB13DFD8ULL, 0x1ECBBA0714E2A97BULL, 0x6143459D5CDE5F14ULL, +0x53A8FBF1D5F0AC89ULL, 0x97EA04D81C5E5B00ULL, 0x622181A8D4FDB3F3ULL, 0xE9BCD341572A1208ULL, +0x1411258643CCE58AULL, 0x9144C5FEA4C6E0A4ULL, 0x0D33D06565CF620FULL, 0x54A48D489F219CA1ULL, +0xC43E5EAC6D63C821ULL, 0xA9728B3A72770DAFULL, 0xD7934E7B20DF87EFULL, 0xE35503B61A3E86E5ULL, +0xCAE321FBC819D504ULL, 0x129A50B3AC60BFA6ULL, 0xCD5E68EA7E9FB6C3ULL, 0xB01C90199483B1C7ULL, +0x3DE93CD5C295376CULL, 0xAED52EDF2AB9AD13ULL, 0x2E60F512C0A07884ULL, 0xBC3D86A3E36210C9ULL, +0x35269D9B163951CEULL, 0x0C7D6E2AD0CDB5FAULL, 0x59E86297D87F5733ULL, 0x298EF221898DB0E7ULL, +0x55000029D1A5AA7EULL, 0x8BC08AE1B5061B45ULL, 0xC2C31C2B6C92703AULL, 0x94CC596BAF25EF42ULL, +0x0A1D73DB22540456ULL, 0x04B6A0F9D9C4179AULL, 0xEFFDAFA2AE3D3C60ULL, 0xF7C8075BB49496C4ULL, +0x9CC5C7141D1CD4E3ULL, 0x78BD1638218E5534ULL, 0xB2F11568F850246AULL, 0xEDFABCFA9502BC29ULL, +0x796CE5F2DA23051BULL, 0xAAE128B0DC93537CULL, 0x3A493DA0EE4B29AEULL, 0xB5DF6B2C416895D7ULL, +0xFCABBD25122D7F37ULL, 0x70810B58105DC4B1ULL, 0xE10FDD37F7882A90ULL, 0x524DCAB5518A3F5CULL, +0x3C9E85878451255BULL, 0x4029828119BD34E2ULL, 0x74A05B6F5D3CECCBULL, 0xB610021542E13ECAULL, +0x0FF979D12F59E2ACULL, 0x6037DA27E4F9CC50ULL, 0x5E92975A0DF1847DULL, 0xD66DE190D3E623FEULL, +0x5032D6B87B568048ULL, 0x9A36B7CE8235216EULL, 0x80272A7A24F64B4AULL, 0x93EFED8B8C6916F7ULL, +0x37DDBFF44CCE1555ULL, 0x4B95DB5D4B99BD25ULL, 0x92D3FDA169812FC0ULL, 0xFB1A4A9A90660BB6ULL, +0x730C196946A4B9B2ULL, 0x81E289AA7F49DA68ULL, 0x64669A0F83B1A05FULL, 0x27B3FF7D9644F48BULL, +0xCC6B615C8DB675B3ULL, 0x674F20B9BCEBBE95ULL, 0x6F31238275655982ULL, 0x5AE488713E45CF05ULL, +0xBF619F9954C21157ULL, 0xEABAC46040A8EAE9ULL, 0x454C6FE9F2C0C1CDULL, 0x419CF6496412691CULL, +0xD3DC3BEF265B0F70ULL, 0x6D0E60F5C3578A9EULL, 0x5B0E608526323C55ULL, 0x1A46C1A9FA1B59F5ULL, +0xA9E245A17C4C8FFAULL, 0x65CA5159DB2955D7ULL, 0x05DB0A76CE35AFC2ULL, 0x81EAC77EA9113D45ULL, +0x528EF88AB6AC0A0DULL, 0xA09EA253597BE3FFULL, 0x430DDFB3AC48CD56ULL, 0xC4B3A67AF45CE46FULL, +0x4ECECFD8FBE2D05EULL, 0x3EF56F10B39935F0ULL, 0x0B22D6829CD619C6ULL, 0x17FD460A74DF2069ULL, +0x6CF8CC8E8510ED40ULL, 0xD6C824BF3A6ECAA7ULL, 0x61243D581A817049ULL, 0x048BACB6BBC163A2ULL, +0xD9A38AC27D44CC32ULL, 0x7FDDFF5BAAF410ABULL, 0xAD6D495AA804824BULL, 0xE1A6A74F2D8C9F94ULL, +0xD4F7851235DEE8E3ULL, 0xFD4B7F886540D893ULL, 0x247C20042AA4BFDAULL, 0x096EA1C517D1327CULL, +0xD56966B4361A6685ULL, 0x277DA5C31221057DULL, 0x94D59893A43ACFF7ULL, 0x64F0C51CCDC02281ULL, +0x3D33BCC4FF6189DBULL, 0xE005CB184CE66AF1ULL, 0xFF5CCD1D1DB99BEAULL, 0xB0B854A7FE42980FULL, +0x7BD46A6A718D4B9FULL, 0xD10FA8CC22A5FD8CULL, 0xD31484952BE4BD31ULL, 0xC7FA975FCB243847ULL, +0x4886ED1E5846C407ULL, 0x28CDDB791EB70B04ULL, 0xC2B00BE2F573417FULL, 0x5C9590452180F877ULL, +0x7A6BDDFFF370EB00ULL, 0xCE509E38D6D9D6A4ULL, 0xEBEB0F00647FA702ULL, 0x1DCC06CF76606F06ULL, +0xE4D9F28BA286FF0AULL, 0xD85A305DC918C262ULL, 0x475B1D8732225F54ULL, 0x2D4FB51668CCB5FEULL, +0xA679B9D9D72BBA20ULL, 0x53841C0D912D43A5ULL, 0x3B7EAA48BF12A4E8ULL, 0x781E0E47F22F1DDFULL, +0xEFF20CE60AB50973ULL, 0x20D261D19DFFB742ULL, 0x16A12B03062A2E39ULL, 0x1960EB2239650495ULL, +0x251C16FED50EB8B8ULL, 0x9AC0C330F826016EULL, 0xED152665953E7671ULL, 0x02D63194A6369570ULL, +0x5074F08394B1C987ULL, 0x70BA598C90B25CE1ULL, 0x794A15810B9742F6ULL, 0x0D5925E9FCAF8C6CULL, +0x3067716CD868744EULL, 0x910AB077E8D7731BULL, 0x6A61BBDB5AC42F61ULL, 0x93513EFBF0851567ULL, +0xF494724B9E83E9D5ULL, 0xE887E1985C09648DULL, 0x34B1D3C675370CFDULL, 0xDC35E433BC0D255DULL, +0xD0AAB84234131BE0ULL, 0x08042A50B48B7EAFULL, 0x9997C4EE44A3AB35ULL, 0x829A7B49201799D0ULL, +0x263B8307B7C54441ULL, 0x752F95F4FD6A6CA6ULL, 0x927217402C08C6E5ULL, 0x2A8AB754A795D9EEULL, +0xA442F7552F72943DULL, 0x2C31334E19781208ULL, 0x4FA98D7CEAEE6291ULL, 0x55C3862F665DB309ULL, +0xBD0610175D53B1F3ULL, 0x46FE6CB840413F27ULL, 0x3FE03792DF0CFA59ULL, 0xCFE700372EB85E8FULL, +0xA7BE29E7ADBCE118ULL, 0xE544EE5CDE8431DDULL, 0x8A781B1B41F1873EULL, 0xA5C94C78A0D2F0E7ULL, +0x39412E2877B60728ULL, 0xA1265EF3AFC9A62CULL, 0xBCC2770C6A2506C5ULL, 0x3AB66DD5DCE1CE12ULL, +0xE65499D04A675B37ULL, 0x7D8F523481BFD216ULL, 0x0F6F64FCEC15F389ULL, 0x74EFBE618B5B13C8ULL, +0xACDC82B714273E1DULL, 0xDD40BFE003199D17ULL, 0x37E99257E7E061F8ULL, 0xFA52626904775AAAULL, +0x8BBBF63A463D56F9ULL, 0xF0013F1543A26E64ULL, 0xA8307E9F879EC898ULL, 0xCC4C27A4150177CCULL, +0x1B432F2CCA1D3348ULL, 0xDE1D1F8F9F6FA013ULL, 0x606602A047A7DDD6ULL, 0xD237AB64CC1CB2C7ULL, +0x9B938E7225FCD1D3ULL, 0xEC4E03708E0FF476ULL, 0xFEB2FBDA3D03C12DULL, 0xAE0BCED2EE43889AULL, +0x22CB8923EBFB4F43ULL, 0x69360D013CF7396DULL, 0x855E3602D2D4E022ULL, 0x073805BAD01F784CULL, +0x33E17A133852F546ULL, 0xDF4874058AC7B638ULL, 0xBA92B29C678AA14AULL, 0x0CE89FC76CFAADCDULL, +0x5F9D4E0908339E34ULL, 0xF1AFE9291F5923B9ULL, 0x6E3480F60F4A265FULL, 0xEEBF3A2AB29B841CULL, +0xE21938A88F91B4ADULL, 0x57DFEFF845C6D3C3ULL, 0x2F006B0BF62CAAF2ULL, 0x62F479EF6F75EE78ULL, +0x11A55AD41C8916A9ULL, 0xF229D29084FED453ULL, 0x42F1C27B16B000E6ULL, 0x2B1F76749823C074ULL, +0x4B76ECA3C2745360ULL, 0x8C98F463B91691BDULL, 0x14BCC93CF1ADE66AULL, 0x8885213E6D458397ULL, +0x8E177DF0274D4711ULL, 0xB49B73B5503F2951ULL, 0x10168168C3F96B6BULL, 0x0E3D963B63CAB0AEULL, +0x8DFC4B5655A1DB14ULL, 0xF789F1356E14DE5CULL, 0x683E68AF4E51DAC1ULL, 0xC9A84F9D8D4B0FD9ULL, +0x3691E03F52A0F9D1ULL, 0x5ED86E46E1878E80ULL, 0x3C711A0E99D07150ULL, 0x5A0865B20C4E9310ULL, +0x56FBFC1FE4F0682EULL, 0xEA8D5DE3105EDF9BULL, 0x71ABFDB12379187AULL, 0x2EB99DE1BEE77B9CULL, +0x21ECC0EA33CF4523ULL, 0x59A4D7521805C7A1ULL, 0x3896F5EB56AE7C72ULL, 0xAA638F3DB18F75DCULL, +0x9F39358DABE9808EULL, 0xB7DEFA91C00B72ACULL, 0x6B5541FD62492D92ULL, 0x6DC6DEE8F92E4D5BULL, +0x353F57ABC4BEEA7EULL, 0x735769D6DA5690CEULL, 0x0A234AA642391484ULL, 0xF6F9508028F80D9DULL, +0xB8E319A27AB3F215ULL, 0x31AD9C1151341A4DULL, 0x773C22A57BEF5805ULL, 0x45C7561A07968633ULL, +0xF913DA9E249DBE36ULL, 0xDA652D9B78A64C68ULL, 0x4C27A97F3BC334EFULL, 0x76621220E66B17F4ULL, +0x967743899ACD7D0BULL, 0xF3EE5BCAE0ED6782ULL, 0x409F753600C879FCULL, 0x06D09A39B5926DB6ULL, +0x6F83AEB0317AC588ULL, 0x01E6CA4A86381F21ULL, 0x66FF3462D19F3025ULL, 0x72207C24DDFD3BFBULL, +0x4AF6B6D3E2ECE2EBULL, 0x9C994DBEC7EA08DEULL, 0x49ACE597B09A8BC4ULL, 0xB38C4766CF0797BAULL, +0x131B9373C57C2A75ULL, 0xB1822CCE61931E58ULL, 0x9D7555B909BA1C0CULL, 0x127FAFDD937D11D2ULL, +0x29DA3BADC66D92E4ULL, 0xA2C1D57154C2ECBCULL, 0x58C5134D82F6FE24ULL, 0x1C3AE3515B62274FULL, +0xE907C82E01CB8126ULL, 0xF8ED091913E37FCBULL, 0x3249D8F9C80046C9ULL, 0x80CF9BEDE388FB63ULL, +0x1881539A116CF19EULL, 0x5103F3F76BD52457ULL, 0x15B7E6F5AE47F7A8ULL, 0xDBD7C6DED47E9CCFULL, +0x44E55C410228BB1AULL, 0xB647D4255EDB4E99ULL, 0x5D11882BB8AAFC30ULL, 0xF5098BBB29D3212AULL, +0x8FB5EA14E90296B3ULL, 0x677B942157DD025AULL, 0xFB58E7C0A390ACB5ULL, 0x89D3674C83BD4A01ULL, +0x9E2DA4DF4BF3B93BULL, 0xFCC41E328CAB4829ULL, 0x03F38C96BA582C52ULL, 0xCAD1BDBD7FD85DB2ULL, +0xBBB442C16082AE83ULL, 0xB95FE86BA5DA9AB0ULL, 0xB22E04673771A93FULL, 0x845358C9493152D8ULL, +0xBE2A488697B4541EULL, 0x95A2DC2DD38E6966ULL, 0xC02C11AC923C852BULL, 0x2388B1990DF2A87BULL, +0x7C8008FA1B4F37BEULL, 0x1F70D0C84D54E503ULL, 0x5490ADEC7ECE57D4ULL, 0x002B3C27D9063A3AULL, +0x7EAEA3848030A2BFULL, 0xC602326DED2003C0ULL, 0x83A7287D69A94086ULL, 0xC57A5FCB30F57A8AULL, +0xB56844E479EBE779ULL, 0xA373B40F05DCBCE9ULL, 0xD71A786E88570EE2ULL, 0x879CBACDBDE8F6A0ULL, +0x976AD1BCC164A32FULL, 0xAB21E25E9666D78BULL, 0x901063AAE5E5C33CULL, 0x9818B34448698D90ULL, +0xE36487AE3E1E8ABBULL, 0xAFBDF931893BDCB4ULL, 0x6345A0DC5FBBD519ULL, 0x8628FE269B9465CAULL, +0x1E5D01603F9C51ECULL, 0x4DE44006A15049B7ULL, 0xBF6C70E5F776CBB1ULL, 0x411218F2EF552BEDULL, +0xCB0C0708705A36A3ULL, 0xE74D14754F986044ULL, 0xCD56D9430EA8280EULL, 0xC12591D7535F5065ULL, +0xC83223F1720AEF96ULL, 0xC3A0396F7363A51FULL }; + +#define t1 (table) +#define t2 (table+256) +#define t3 (table+512) +#define t4 (table+768) + +#define gb(r,a) ((r>>(a*8))&0xff) +#define tround(mul,a,b,c,x) {\ +r##c ^= i##x;\ +r##a -= t1[gb(r##c,0)] ^ t2[gb(r##c,2)] ^ t3[gb(r##c,4)] ^ t4[gb(r##c,6)] ;\ +r##b += t4[gb(r##c,1)] ^ t3[gb(r##c,3)] ^ t2[gb(r##c,5)] ^ t1[gb(r##c,7)] ;\ +r##b *= mul;\ +} + +#define pass(a,b,c,mul) {\ +tround(mul,a,b,c,0);\ +tround(mul,b,c,a,1);\ +tround(mul,c,a,b,2);\ +tround(mul,a,b,c,3);\ +tround(mul,b,c,a,4);\ +tround(mul,c,a,b,5);\ +tround(mul,a,b,c,6);\ +tround(mul,b,c,a,7);\ +} + +#define key_sched() {\ +i0 -= i7 ^ 0xA5A5A5A5A5A5A5A5ULL;\ +i1 ^= i0;\ +i2 += i1;\ +i3 -= i2 ^ ((~(i1))<<19);\ +i4 ^= i3;\ +i5 += i4;\ +i6 -= i5 ^ ((~(i4))>>23);\ +i7 ^= i6;\ +i0 += i7;\ +i1 -= i0 ^ ((~(i7))<<19);\ +i2 ^= i1;\ +i3 += i2;\ +i4 -= i3 ^ ((~(i2))>>23);\ +i5 ^= i4;\ +i6 += i5;\ +i7 -= i6 ^ 0x0123456789ABCDEFULL;\ +} + +static void tiger_block(const t_block in, t_res res) { + register t_word i0 = *in++; + register t_word i1 = *in++; + register t_word i2 = *in++; + register t_word i3 = *in++; + register t_word i4 = *in++; + register t_word i5 = *in++; + register t_word i6 = *in++; + register t_word i7 = *in++; + register t_word r0 = res[0]; + register t_word r1 = res[1]; + register t_word r2 = res[2]; + pass(0,1,2,5); + key_sched(); + pass(2,0,1,7); + key_sched(); + pass(1,2,0,9); + res[0] = r0 ^ res[0]; + res[1] = r1 - res[1]; + res[2] = r2 + res[2]; +} + +#define tround_2(mul,a,b,c,x) {\ +r1##c ^= i1##x;\ +r2##c ^= i2##x;\ +r1##a -= t1[gb(r1##c,0)] ^ t2[gb(r1##c,2)] ^ t3[gb(r1##c,4)] ^ t4[gb(r1##c,6)] ;\ +r2##a -= t1[gb(r2##c,0)] ^ t2[gb(r2##c,2)] ^ t3[gb(r2##c,4)] ^ t4[gb(r2##c,6)] ;\ +r1##b += t4[gb(r1##c,1)] ^ t3[gb(r1##c,3)] ^ t2[gb(r1##c,5)] ^ t1[gb(r1##c,7)] ;\ +r2##b += t4[gb(r2##c,1)] ^ t3[gb(r2##c,3)] ^ t2[gb(r2##c,5)] ^ t1[gb(r2##c,7)] ;\ +r1##b *= mul;\ +r2##b *= mul;\ +} + +#define pass_2(a,b,c,mul) {\ +tround_2(mul,a,b,c,0);\ +tround_2(mul,b,c,a,1);\ +tround_2(mul,c,a,b,2);\ +tround_2(mul,a,b,c,3);\ +tround_2(mul,b,c,a,4);\ +tround_2(mul,c,a,b,5);\ +tround_2(mul,a,b,c,6);\ +tround_2(mul,b,c,a,7);\ +} + +#define key_sched_2() {\ +i10 -= i17 ^ 0xA5A5A5A5A5A5A5A5ULL;\ +i20 -= i27 ^ 0xA5A5A5A5A5A5A5A5ULL;\ +i11 ^= i10;\ +i21 ^= i20;\ +i12 += i11;\ +i22 += i21;\ +i13 -= i12 ^ ((~(i11))<<19);\ +i23 -= i22 ^ ((~(i21))<<19);\ +i14 ^= i13;\ +i24 ^= i23;\ +i15 += i14;\ +i25 += i24;\ +i16 -= i15 ^ ((~(i14))>>23);\ +i26 -= i25 ^ ((~(i24))>>23);\ +i17 ^= i16;\ +i27 ^= i26;\ +i10 += i17;\ +i20 += i27;\ +i11 -= i10 ^ ((~(i17))<<19);\ +i21 -= i20 ^ ((~(i27))<<19);\ +i12 ^= i11;\ +i22 ^= i21;\ +i13 += i12;\ +i23 += i22;\ +i14 -= i13 ^ ((~(i12))>>23);\ +i24 -= i23 ^ ((~(i22))>>23);\ +i15 ^= i14;\ +i25 ^= i24;\ +i16 += i15;\ +i26 += i25;\ +i17 -= i16 ^ 0x0123456789ABCDEFULL;\ +i27 -= i26 ^ 0x0123456789ABCDEFULL;\ +} + +static void tiger_block_2(const t_block in1, const t_block in2, t_res res1, t_res res2) { + register t_word i10 = *in1++; + register t_word i20 = *in2++; + register t_word i11 = *in1++; + register t_word i21 = *in2++; + register t_word i12 = *in1++; + register t_word i22 = *in2++; + register t_word i13 = *in1++; + register t_word i23 = *in2++; + register t_word i14 = *in1++; + register t_word i24 = *in2++; + register t_word i15 = *in1++; + register t_word i25 = *in2++; + register t_word i16 = *in1++; + register t_word i26 = *in2++; + register t_word i17 = *in1++; + register t_word i27 = *in2++; + register t_word r10 = res1[0]; + register t_word r20 = res2[0]; + register t_word r11 = res1[1]; + register t_word r21 = res2[1]; + register t_word r12 = res1[2]; + register t_word r22 = res2[2]; + pass_2(0,1,2,5); + key_sched_2(); + pass_2(2,0,1,7); + key_sched_2(); + pass_2(1,2,0,9); + res1[0] = r10 ^ res1[0]; + res2[0] = r20 ^ res2[0]; + res1[1] = r11 - res1[1]; + res2[1] = r21 - res2[1]; + res1[2] = r12 + res1[2]; + res2[2] = r22 + res2[2]; +} + +#ifdef __SSE2__ +#ifdef HASX64 +#define tround_sse2(mul,a,b,c,x) {\ +r1##c ^= _mm_cvtsi128_si64(i##x);\ +r2##c ^= _mm_cvtsi128_si64(_mm_srli_si128(i##x,8));\ +r1##a -= t1[gb(r1##c,0)] ^ t2[gb(r1##c,2)] ^ t3[gb(r1##c,4)] ^ t4[gb(r1##c,6)] ;\ +r2##a -= t1[gb(r2##c,0)] ^ t2[gb(r2##c,2)] ^ t3[gb(r2##c,4)] ^ t4[gb(r2##c,6)] ;\ +r1##b += t4[gb(r1##c,1)] ^ t3[gb(r1##c,3)] ^ t2[gb(r1##c,5)] ^ t1[gb(r1##c,7)] ;\ +r2##b += t4[gb(r2##c,1)] ^ t3[gb(r2##c,3)] ^ t2[gb(r2##c,5)] ^ t1[gb(r2##c,7)] ;\ +r1##b *= mul;\ +r2##b *= mul;\ +} +#elif defined(_MSC_VER) +#define tround_sse2(mul,a,b,c,x) {\ +t_word tmpw;\ +_mm_storel_epi64(((__m128i*)&tmpw),i##x);\ +r1##c ^= tmpw;\ +_mm_storel_epi64(((__m128i*)&tmpw),_mm_srli_si128(i##x,8));\ +r2##c ^= tmpw;\ +r1##a -= t1[gb(r1##c,0)] ^ t2[gb(r1##c,2)] ^ t3[gb(r1##c,4)] ^ t4[gb(r1##c,6)] ;\ +r2##a -= t1[gb(r2##c,0)] ^ t2[gb(r2##c,2)] ^ t3[gb(r2##c,4)] ^ t4[gb(r2##c,6)] ;\ +r1##b += t4[gb(r1##c,1)] ^ t3[gb(r1##c,3)] ^ t2[gb(r1##c,5)] ^ t1[gb(r1##c,7)] ;\ +r2##b += t4[gb(r2##c,1)] ^ t3[gb(r2##c,3)] ^ t2[gb(r2##c,5)] ^ t1[gb(r2##c,7)] ;\ +r1##b *= mul;\ +r2##b *= mul;\ +} +#else +#define tround_sse2(mul,a,b,c,x) {\ +r1##c ^= (t_word)_mm_movepi64_pi64(i##x);\ +r2##c ^= (t_word)_mm_movepi64_pi64(_mm_srli_si128(i##x,8));\ +r1##a -= t1[gb(r1##c,0)] ^ t2[gb(r1##c,2)] ^ t3[gb(r1##c,4)] ^ t4[gb(r1##c,6)] ;\ +r2##a -= t1[gb(r2##c,0)] ^ t2[gb(r2##c,2)] ^ t3[gb(r2##c,4)] ^ t4[gb(r2##c,6)] ;\ +r1##b += t4[gb(r1##c,1)] ^ t3[gb(r1##c,3)] ^ t2[gb(r1##c,5)] ^ t1[gb(r1##c,7)] ;\ +r2##b += t4[gb(r2##c,1)] ^ t3[gb(r2##c,3)] ^ t2[gb(r2##c,5)] ^ t1[gb(r2##c,7)] ;\ +r1##b *= mul;\ +r2##b *= mul;\ +} +#endif + +#ifdef _MSC_VER +#define c11 0xA5A5A5A5 +#define c12 0xA5A5A5A5 +#define c21 0xFFFFFFFF +#define c22 0xFFFFFFFF +#define c31 0x01234567 +#define c32 0x89ABCDEF +#define mm_set1(a) _mm_set_epi32(a##1,a##2,a##1,a##2) +#define mm_set(a,b) _mm_set_epi64(*(__m64 *)(a),*(__m64 *)(b)) +#else +#ifdef HASX64 +#define c1 0xA5A5A5A5A5A5A5A5ULL +#define c2 0xFFFFFFFFFFFFFFFFULL +#define c3 0x0123456789ABCDEFULL +#define mm_set1(a) _mm_set1_epi64x(a) +#define mm_set(a,b) _mm_set_epi64x(*(a),*(b)) +#else +#define c1 0xA5A5A5A5A5A5A5A5ULL +#define c2 0xFFFFFFFFFFFFFFFFULL +#define c3 0x0123456789ABCDEFULL +#define mm_set1(a) _mm_set1_epi64((__m64)(a)) +#define mm_set(a,b) _mm_set_epi64(*(__m64 *)(a),*(__m64 *)(b)) +#endif +#endif + +#define pass_sse2(a,b,c,mul) {\ +tround_sse2(mul,a,b,c,0);\ +tround_sse2(mul,b,c,a,1);\ +tround_sse2(mul,c,a,b,2);\ +tround_sse2(mul,a,b,c,3);\ +tround_sse2(mul,b,c,a,4);\ +tround_sse2(mul,c,a,b,5);\ +tround_sse2(mul,a,b,c,6);\ +tround_sse2(mul,b,c,a,7);\ +} +#define key_sched_sse2() {\ +i0 = _mm_sub_epi64(i0,_mm_xor_si128(i7,mm_set1(c1)));\ +i1 = _mm_xor_si128(i1,i0);\ +i2 = _mm_add_epi64(i2,i1);\ +i3 = _mm_sub_epi64(i3,_mm_xor_si128(i2,_mm_slli_epi64(_mm_xor_si128(i1,mm_set1(c2)),19)));\ +i4 = _mm_xor_si128(i4,i3);\ +i5 = _mm_add_epi64(i5,i4);\ +i6 = _mm_sub_epi64(i6,_mm_xor_si128(i5,_mm_srli_epi64(_mm_xor_si128(i4,mm_set1(c2)),23)));\ +i7 = _mm_xor_si128(i7,i6);\ +i0 = _mm_add_epi64(i0,i7);\ +i1 = _mm_sub_epi64(i1,_mm_xor_si128(i0,_mm_slli_epi64(_mm_xor_si128(i7,mm_set1(c2)),19)));\ +i2 = _mm_xor_si128(i2,i1);\ +i3 = _mm_add_epi64(i3,i2);\ +i4 = _mm_sub_epi64(i4,_mm_xor_si128(i3,_mm_srli_epi64(_mm_xor_si128(i2,mm_set1(c2)),23)));\ +i5 = _mm_xor_si128(i5,i4);\ +i6 = _mm_add_epi64(i6,i5);\ +i7 = _mm_sub_epi64(i7,_mm_xor_si128(i6,mm_set1(c3)));\ +} + + +static void tiger_block_sse2(const t_block in1, const t_block in2, t_res res1, t_res res2) { + //TODO: think about prefetching the in1 data using _MM_HINT_NTA + register __m128i i0 = mm_set(in2++,in1++); + register __m128i i1 = mm_set(in2++,in1++); + register __m128i i2 = mm_set(in2++,in1++); + register __m128i i3 = mm_set(in2++,in1++); + register __m128i i4 = mm_set(in2++,in1++); + register __m128i i5 = mm_set(in2++,in1++); + register __m128i i6 = mm_set(in2++,in1++); + register __m128i i7 = mm_set(in2++,in1++); + register t_word r10 = res1[0]; + register t_word r20 = res2[0]; + register t_word r11 = res1[1]; + register t_word r21 = res2[1]; + register t_word r12 = res1[2]; + register t_word r22 = res2[2]; + pass_sse2(0,1,2,5); + key_sched_sse2(); + pass_sse2(2,0,1,7); + key_sched_sse2(); + pass_sse2(1,2,0,9); + res1[0] = r10 ^ res1[0]; + res2[0] = r20 ^ res2[0]; + res1[1] = r11 - res1[1]; + res2[1] = r21 - res2[1]; + res1[2] = r12 + res1[2]; + res2[2] = r22 + res2[2]; +} +#endif + +#define uc(x) ((unsigned char *)(x)) +#ifdef USE_BIG_ENDIAN\ + +#define endianvars \ +int j,k;\ +unsigned char swp; + +#define endianvars_2 \ +int j,k;\ +unsigned char swp1, swp2; + + +#define fixresendian \ +for (j = 0; j < 3; j++) {\ + for (k = 0; k < 4; k++) {\ + swp = uc(res+j)[k];\ + uc(res+j)[k] = uc(res+j)[7-k];\ + uc(res+j)[7-k] = swp;\ + }\ +} + +#define fixresendian_2 \ +for (j = 0; j < 3; j++) {\ + for (k = 0; k < 4; k++) {\ + swp1 = uc(res1+j)[k];\ + swp2 = uc(res2+j)[k];\ + uc(res1+j)[k] = uc(res1+j)[7-k];\ + uc(res2+j)[k] = uc(res2+j)[7-k];\ + uc(res1+j)[7-k] = swp1;\ + uc(res2+j)[7-k] = swp2;\ + }\ +} + +#else +#define endianvars +#define endianvars_2 +#define fixresendian +#define fixresendian_2 +#endif + + +void tiger(const char *str, t_word length, t_res res) +{ + t_block tmp; + const char * end = str + (length&(-64)); + t_word i; + endianvars; + res[0]=0x0123456789ABCDEFULL; + res[1]=0xFEDCBA9876543210ULL; + res[2]=0xF096A5B4C3B2E187ULL; + + while(strh; + res[0]=0x0123456789ABCDEFULL; + res[1]=0xFEDCBA9876543210ULL; + res[2]=0xF096A5B4C3B2E187ULL; + + //Initialize the presult salt + memcpy(pres->r,salt,128); + pres->n = 0; + pres->hs = length; + + while(passwordn = 64-((size_t)i); + memcpy(uc(tmp)+i,salt,pres->n); + #ifdef USE_BIG_ENDIAN + for (j = 0; j < 8; j++) { + for (k = 0; k < 4; k++) { + swp = uc(tmp+j)[k]; + uc(tmp+j)[k] = uc(tmp+j)[7-k]; + uc(tmp+j)[7-k] = swp; + } + } + #endif + tiger_block(tmp, res); + //Process the extra 64 SALT bits + salt+=pres->n; + pres->n+=64; + #ifdef USE_BIG_ENDIAN + for (j = 0; j < 8; j++) { + for (k = 0; k < 8; k++) { + uc(tmp+j)[7-k] = *salt++; + } + } + tiger_block(tmp, res); + #else + #ifdef FORCE_ALIGNMENT + memcpy(tmp,salt,64); + salt+=64; + tiger_block(tmp, res); + #else + tiger_block((const t_word *)salt, res); + salt+=64; + #endif + #endif + pres->hs += pres->n; + //Finally we reorder the result so it is shown in little endian + fixresendian; +} + +void tigerp2(const t_pres *pres, const char *salt, t_word length, t_res res) +{ + t_block tmp; + const char * end = salt + length; + t_word i; + endianvars; + + memcpy(res, pres->h, 24); + //Reorder the result so it is shown in propper endian + fixresendian; + + //Append any remaining psalt character + i=128 - pres->n; + memcpy(tmp,pres->r+pres->n,i); + while (i != 64 && salt != end) { + uc(tmp)[i++] = *salt++; + } + + if ( i == 64) { + #ifdef USE_BIG_ENDIAN + for (j = 0; j < 8; j++) { + for (k = 0; k < 4; k++) { + swp = uc(tmp+j)[k]; + uc(tmp+j)[k] = uc(tmp+j)[7-k]; + uc(tmp+j)[7-k] = swp; + } + } + #endif + tiger_block(tmp, res); + i = length+64-pres->n; + end = salt + (i&(-64)); + while(salths+length+(128 - pres->n))<<(t_word)3; + tiger_block(tmp, res); + //Finally we reorder the result so it is shown in little endian + fixresendian; +} \ No newline at end of file diff --git a/lib/freetiger/C/tiger.h b/lib/freetiger/C/tiger.h new file mode 100644 index 0000000..dffa9e8 --- /dev/null +++ b/lib/freetiger/C/tiger.h @@ -0,0 +1,125 @@ +/** + * Copyright (c) 2012 Francisco Blas Izquierdo Riera (klondike) + * The Tiger algorithm was written by Eli Biham and Ross Anderson and is + * available on the official Tiger algorithm page. + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * the algorithm authorsip notice, this list of conditions and the following + * disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * 4. If this license is not appropriate for you please write me at + * klondike ( a t ) klondike ( d o t ) es to negotiate another license. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO + * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + **/ + +/** + * These are some implementations of tiger made without looking at the original + * reference code to ensure the resulting code can be published under a free + * license. The paper was looked though to know how did tiger work. + */ + +/** Implementation details: + * * Here we assume char and unsigned char have size 1. If thats not the case in + * your compiler you may want to replace them by a type that does + */ + +#ifndef TIGER_H +#define TIGER_H 1 +#if !defined(_MSC_VER) || (_MSC_VER >= 1600) +#include +#else + +typedef __int32 int32_t; +typedef unsigned __int32 uint32_t; +typedef __int64 int64_t; +typedef unsigned __int64 uint64_t; + +#endif + +#if _M_IX86_FP >= 2 +#define __SSE2__ +#endif + +#ifdef __linux +#include +#if __BYTE_ORDER == __LITTLE_ENDIAN +#define IS_LITTLE_ENDIAN +#elif __BYTE_ORDER == __BIG_ENDIAN +#define USE_BIG_ENDIAN +#elif __BYTE_ORDER == __PDP_ENDIAN +#error "If you feel like writting code for PDP endianess go ahead, I'm not doing that" +#else +#error "Unknown endianess" +#endif +#else +//Assume little endian if you know how to detect endianism well on other compilers state it. +#define IS_LITTLE_ENDIAN +#endif + +#if defined(_WIN64) || defined(__x86_64__) || defined(__amd64__) +#define HASX64 +#endif + + +/** A word in the tiger hash, 64 bits **/ +typedef uint64_t t_word; + +/** This one is provided as a commodity for people wanting an easy way to declare result variables **/ +typedef t_word t_res[3]; + +/** Partial calculation as used by tigerp1 and tigerp2 **/ +typedef struct { + t_res h; // Hash status + char r[128]; // SALT + t_word n; // Number of characters of r used + t_word hs; // Amount of total data hashed +} t_pres; + +/** This one is provided as a commodity for people wanting an easy way to declare block variables **/ +typedef t_word t_block[8]; + +/** Standard tiger calculation, put your string in str and the string length on length and get the result on res **/ +void tiger(const char *str, t_word length, t_res res); +/** Similar to tiger but interleaving accesses to both equally sized strings to reduce overhead and pipeline stalls you get the result of str1 on res1 and the one of str2 on res2 **/ +void tiger_2(const char *str1, const char *str2, t_word length, t_res res1, t_res res2); +#ifdef __SSE2__ +/** This is equivalent to tiger_2 but uses SSE2 for the key schduling making it faster **/ +void tiger_sse2(const char *str1, const char *str2, t_word length, t_res res1, t_res res2); +#endif +/** This function is optimized for use on TTHs just send the two concatenated hashes and you will get back the hash with a prepended 0x01 **/ +void tiger_49(const char *str, t_res res); +/** This function is optimized for use on TTHs just send the 1024 sized block and you will get back the hash with a prepended 0x00 **/ +void tiger_1025(const char *str, t_res res); +/** Interleaved version of tiger_49 you insert two hashes and get back two results **/ +void tiger_2_49(const char *str1, const char *str2, t_res res1, t_res res2); +/** Interleaved version of tiger_1025 you insert two hashes and get back two results **/ +void tiger_2_1025(const char *str1, const char *str2, t_res res1, t_res res2); +#ifdef __SSE2__ +/** SSE2 version of tiger_49 you insert two hashes and get back two results **/ +void tiger_sse2_49(const char *str1, const char *str2, t_res res1, t_res res2); +/** SSE2 version of tiger_1025 you insert two hashes and get back two results **/ +void tiger_sse2_1025(const char *str1, const char *str2, t_res res1, t_res res2); +#endif +/** First stage of partial tiger calculation to improve password security during storage **/ +void tigerp1(const char *password, t_word length, const char *salt, t_pres *pres); +/** Second stage of partial tiger calculation **/ +void tigerp2(const t_pres *pres, const char *salt, t_word length, t_res res); + + +#endif diff --git a/lib/freetiger/C/tigermain.c b/lib/freetiger/C/tigermain.c new file mode 100644 index 0000000..de00771 --- /dev/null +++ b/lib/freetiger/C/tigermain.c @@ -0,0 +1,332 @@ +/* + * The Tiger algorithm was written by Eli Biham and Ross Anderson and + * is available on the official Tiger algorithm page . + * The below Tiger implementation is a C++ version of their original C code. + * Permission was granted by Eli Biham to use with the following conditions; + * a) This note must be retained. + * b) The algorithm must correctly compute Tiger. + * c) The algorithm’s use must be legal. + * d) The algorithm may not be exported to countries banned by law. + * e) The authors of the C code are not responsible of this use of the code, + * the software or anything else. + */ + +/* This was extracted from the original reference implementation to check + * this one. + */ + +#include +#include +#include +#include +#include +#include "tiger.h" + +#ifndef ITERATIONS +#ifdef i386 +#define ITERATIONS 50000 +#else +#define ITERATIONS 50000 +#endif +#endif + +#undef t1 +#undef t2 +#undef t3 +#undef t4 +typedef unsigned long long int word64; +typedef uint32_t word32; +typedef unsigned char byte; + +void check_partialh (char *str, t_word length) { + char psalt[128]; + char ssalt[128]; + unsigned int ssalts; + int i,j,k,l; + t_pres tres; + t_res res1; + t_res res2; + char *allocd = malloc((length+256)*sizeof(char)); + srandom(time(NULL)); + memcpy(allocd,str,length); + for ( i = 0; i < 10; i++) { + for ( j = 0; j < 128; j++) + allocd[length+j] = psalt[j] = random(); + tigerp1(str, length, psalt, &tres); + for ( k = 0; k < 256; k++) { + l = (k & 127) + 1; + for ( j = 0; j < l; j++) + allocd[length+128+j] = ssalt[j] = random(); + tigerp2(&tres, ssalt, l, res1); + tiger(allocd,length+128+l, res2); + if( res1[0] != res2[0] || res1[1] != res2[1] || res1[2] != res2[2] ) + puts("Partial error!"); + } + } + free(allocd); +} + +#ifndef bufsize +#define bufsize 65536 +#endif +int main() +{ + byte buffer[bufsize]; + byte buffer_[bufsize]; + byte buffer2[bufsize]; + byte buffer2_[bufsize]; + byte buffer3[1025]; + byte buffer3_[1025]; + long t1; + long t2; + double rate; + int i; + + t_res res; + t_res res2; + t_res res3; + unsigned char prepend; +#define show_hash for ( i = 0; i < 24; i++) {\ +printf("%02X",((unsigned char*)res)[i]);\ +} +#define hash(str) \ +check_partialh(str, strlen(str));\ +tiger((byte*)str, strlen(str), res); \ +printf("Hash of \"%s\":\n\t", str); \ +show_hash; \ +puts(""); + +/* Hash of short strings */ +hash(""); +hash("abc"); +hash("Tiger"); +/* Hash of 512-bit strings */ +hash("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-"); +hash("ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdefghijklmnopqrstuvwxyz+0123456789"); +hash("Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham"); +/* Hash of two-block strings strings */ +hash("Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge."); +hash("Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge, 1996."); +hash("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-"); + +/* Hash of a 64K byte string */ +for (i=0;i> (int)$n) & ((PHP_INT_MAX >> (int)$n) | (1 << (((PHP_INT_SIZE * 8) - 1) - (int)$n))); +} + +//This class is the responsible off doing overflow aware unsigned airthmethic +if (PHP_INT_SIZE == 8) { + class Uint64 { + private $val; + + static private function mask($n) { + return (((int)$n) & 0xffffffff); + } + + private function glh() { + return self::mask($this->val >> 32); + } + + private function grh() { + return self::mask($this->val); + } + + private function joinhalves($hl, $hr) { + return ($hl << 32 | self::mask($hr)); + } + + private function notp(&$rv) { + $rv = ~($this->val); + } + + private function xorp(Uint64 $n, &$rv) { + $rv = ($this->val ^ $n->val); + } + + private function andp(Uint64 $n, &$rv) { + $rv = ($this->val & $n->val); + } + + private function orp(Uint64 $n, &$rv) { + $rv = ($this->val | $n->val); + } + + private function shrp(Uint64 $n, &$rv) { + if ($n->val > 63 || $n->val < 0) { + $rvl = 0; + $rvr = 0; + } else { + $this->shrip($n->val,$rvl,$rvr); + } + } + + private function shlp(Uint64 $n, &$rv) { + if ($n->val > 63 || $n->val < 0) { + $rvl = 0; + $rvr = 0; + } else { + $this->shlip($n->val,$rvl,$rvr); + } + } + + //Comodity for ints + private function shrip($n, &$rv) { + $rv = lsr($this->val,$n); + } + + private function shlip($n, &$rv) { + $rv = ($this->val << $n); + } + + private function addp(Uint64 $n, &$rv) { + $vr = $this->grh() + $n->grh(); // Never overflows xD + $vl = $this->glh() + $n->glh() + ($vr >> 32); // Add with overflow + //The constructor takes care of masking + $rv = self::joinhalves($vl,$vr); + } + + private function subp(Uint64 $n, &$rv) { + $vr = $this->grh() - $n->grh(); // Never overflows xD + $vl = $this->glh() - $n->glh() - (($vr >> 32) & 1); // Add with overflow + //The constructor takes care of masking + $rv = self::joinhalves($vl,$vr); + } + +// private function mulp(Uint64 $n, &$rv) { +// // We divide in three parts of around 22 bits each +// $mask = 0x3fffff; // 22 ones +// $tvr = ($this->val & $mask); +// $tvm = (($this->val >> 22) & $mask); +// $tvl = (($this->val >> 44) & $mask); +// $nvr = ($n->val & $mask); +// $nvm = (($n->val >> 22) & $mask); +// $nvl = (($n->val >> 44) & $mask); +// //We multiply them, the results we get will be of double the size (44 bits < 63) thus overflows are impossible +// $v0 = $nvr * $tvr; // The lsb is at pos 0 +// $o01 = $nvm * $tvr; // The lsb is at pos 22 +// $o02 = $nvl * $tvr; // The lsb is at pos 44 +// $o10 = $nvr * $tvm; // The lsb is at pos 22 +// $o11 = $nvm * $tvm; // The lsb is at pos 44 +// $o20 = $nvr * $tvl; // The lsb is at pos 44 +// //We now add the shifted results (propagating the up to 24 bit carries) +// $v1 = $o01 + $o10 + ($v0 >> 22); // The lsb is at pos 22 +// $v2 = $o02 + $o11 + $o20 + ($v1 >> 22); // The lsb is at pos 44 +// //Mask extra bits +// $v0 &= mask; +// $v1 &= mask; +// //Build the value +// $rv = ($v0 | ($v1 << 22) | ($v2 << 44)); +// } + + + + public function gb($n) { + return (($this->val>>($n*8))&0xff); + } + + //Standard operations, return a new copy of the object + public function not_() { + $this->notp($ni); + return new Uint64 ($ni); + } + + public function xor_(Uint64 $n) { + $this->xorp($n,$ni); + return new Uint64 ($ni); + } + + public function and_(Uint64 $n) { + $this->andp($n,$ni); + return new Uint64 ($ni); + } + + public function or_(Uint64 $n) { + $this->orp($n,$ni); + return new Uint64 ($ni); + } + + public function shr_(Uint64 $n) { + $this->shrp($n,$ni); + return new Uint64 ($ni); + } + + public function shl_(Uint64 $n) { + $this->shlp($n,$ni); + return new Uint64 ($ni); + } + + //Comodity for ints + public function shri($n) { + $this->shrip($n,$ni); + return new Uint64 ($ni); + } + + public function shli($n) { + $this->shlip($n,$ni); + return new Uint64 ($ni); + } + + public function add_(Uint64 $n) { + $this->addp($n,$ni); + return new Uint64 ($ni); + } + + public function sub_(Uint64 $n) { + $this->subp($n,$ni); + return new Uint64 ($ni); + } + +// public function mul_(Uint64 $n) { +// $this->mulp($n,$ni); +// return new Uint64 ($ni); +// } + + //Assignment operations, assign the result to this object + public function xore(Uint64 $n) { + $this->xorp($n,$this->val); + return $this; + } + + public function ande(Uint64 $n) { + $this->andp($n,$this->val); + return $this; + } + + public function ore(Uint64 $n) { + $this->orp($n,$this->val); + return $this; + } + + public function shre(Uint64 $n) { + $this->shrp($n,$this->val); + return $this; + } + + public function shle(Uint64 $n) { + $this->shlp($n,$this->val); + return $this; + } + + //Comodity for ints + public function shrie($n) { + $this->shrip($n,$this->val); + return $this; + } + + public function shlie($n) { + $this->shlip($n,$this->val); + return $this; + } + + public function adde(Uint64 $n) { + $this->addp($n,$this->val); + return $this; + } + + public function sube(Uint64 $n) { + $this->subp($n,$this->val); + return $this; + } + +// public function mule(Uint64 $n) { +// $this->mulp($n,$this->val); +// return $this; +// } +// +// //Other useful operations +// //Use when the overflow bit is needed +// public function addo(Uint64 $n, &$of) { +// $vr = $this->grh() + $n->grh(); // Never overflows xD +// $vl = $this->glh() + $n->glh() + ($vr >> 32); // Add with overflow +// //The constructor takes care of masking +// return new Uint64 ($vl,$vr); +// } +// +// //Use when the overflow bit is needed +// public function subo(Uint64 $n, &$of) { +// $vr = $this->grh() - $n->grh(); // Never overflows xD +// $vl = $this->glh() - $n->glh() - (($vr >> 32) & 1); // Add with overflow +// $of = (($vl >> 32)&1); +// //The constructor takes care of masking +// return new Uint64 ($vl,$vr); +// } +// +// // Returns two Uint64 the first one is the least significative the right one is the most +// public function mul2_(Uint64 $n) { +// // We divide in three parts of around 22 bits each +// $mask = 0x3fffff; // 22 ones +// $tvr = ($this->val & $mask); +// $tvm = (($this->val >> 22) & $mask); +// $tvl = (($this->val >> 44) & $mask); +// $nvr = ($n->val & $mask); +// $nvm = (($n->val >> 22) & $mask); +// $nvl = (($n->val >> 44) & $mask); +// //We multiply them, the results we get will be of double the size (44 bits < 63) thus overflows are impossible +// $v0 = $nvr * $tvr; // The lsb is at pos 0 +// $o01 = $nvm * $tvr; // The lsb is at pos 22 +// $o02 = $nvl * $tvr; // The lsb is at pos 44 +// $o10 = $nvr * $tvm; // The lsb is at pos 22 +// $o11 = $nvm * $tvm; // The lsb is at pos 44 +// $o12 = $nvl * $tvm; // The lsb is at pos 66 +// $o20 = $nvr * $tvl; // The lsb is at pos 44 +// $o21 = $nvm * $tvl; // The lsb is at pos 66 +// $o22 = $nvl * $tvl; // The lsb is at pos 88 +// //We now add the shifted results (propagating the up to 24 bit carries) +// $v1 = $o01 + $o10 + ($v0 >> 22); // The lsb is at pos 22 +// $v2 = $o02 + $o11 + $o20 + ($v1 >> 22); // The lsb is at pos 44 +// $v3 = $o01 + $o10 + ($v2 >> 22); // The lsb is at pos 66 +// $v4 = $o00 + ($v3 >> 22); // The lsb is at pos 88 +// //Mask extra bits +// $v0 &= mask; +// $v1 &= mask; +// $v2 &= mask; +// $v3 &= mask; +// //Build the two values now +// $rr = $v0 | ($v1 << 22) | ($v2 << 44); +// $rl = ($v2 >> 20) | ($v2 << 2) | ($v3 << 24); +// return array (new Uint64 ($rr), new Uint64 ($rl)); +// } + + private function __construct($a) { + $this->val = (int)$a; + } + + static public function from_hex($a) { + $hc=array_filter(str_split($a),"ctype_xdigit"); + $reduce = function (array $a) { + return array_reduce($a,function($v, $w) { + return (($v << 4) | hexdec($w)); + },0); + }; + return new Uint64 ($reduce(array_slice($hc,-16,16))); + } + + //Little endian string read the bytes with the lsB first + static public function from_les($a) { + return self::from_bes(strrev($a)); + } + + //Big endian string read the bytes with the msB first + static public function from_bes($a) { + $hc=str_split($a); + $reduce = function (array $a) { + return array_reduce($a,function($v, $w) { + return (($v << 8) | ord($w)); + },0); + }; + return new Uint64 ($reduce($hc)); + } + + //Similar to from_les but it assumes each 8 bytes form a different number + static public function arr_from_les($a) { + return array_map('self::from_les',str_split($a,8)); + } + + //Similar to from_bes but it assumes each 8 bytes form a different number + static public function arr_from_bes($a) { + return array_map('self::from_les',str_split($a,8)); + } + + //This creates a new Uint64 from an integer setting any unused bits to zero + static public function from_int($a) { + return new Uint64 ($a); + } + } +} else if (PHP_INT_SIZE == 4) { + class Uint64 { + private $vall; + private $valr; + + static private function mask($n) { + return (((int)$n) & 0xffff); + } + + //Get the MS 16 bits + private function g0() { + return self::mask($this->vall >> 16); + } + + //Get the next 16 bits + private function g1() { + return self::mask($this->vall); + } + + //Get the next 16 bits + private function g2() { + return self::mask($this->valr >> 16); + } + + //Get the LS 16 bits + private function g3() { + return self::mask($this->valr); + } + + private function joinhalves($hl, $hr) { + return ($hl << 16 | self::mask($hr)); + } + + private function notp(&$rvl, &$rvr) { + $rvl = ~($this->vall); + $rvr = ~($this->valr); + } + + private function xorp(Uint64 $n, &$rvl, &$rvr) { + $rvl = ($this->vall ^ $n->vall); + $rvr = ($this->valr ^ $n->valr); + } + + private function andp(Uint64 $n, &$rvl, &$rvr) { + $rvl = ($this->vall & $n->vall); + $rvr = ($this->valr & $n->valr); + } + + private function orp(Uint64 $n, &$rvl, &$rvr) { + $rvl = ($this->vall | $n->vall); + $rvr = ($this->valr | $n->valr); + } + + private function shrp(Uint64 $n, &$rvl, &$rvr) { + if ($n->vall || $n->valr > 63 || $n->valr < 0) { + $rvl = 0; + $rvr = 0; + } else { + $this->shrip($n->valr,$rvl,$rvr); + } + } + + private function shlp(Uint64 $n, &$rvl, &$rvr) { + if ($n->vall || $n->valr > 63 || $n->valr < 0) { + $rvl = 0; + $rvr = 0; + } else { + $this->shlip($n->valr,$rvl,$rvr); + } + } + + //HACK: order here is quite important since we could overwrite our inputs + //Comodity for ints + private function shrip($n, &$rvl, &$rvr) { + $rvr = lsr($this->valr,$n) | ($this->vall << (32 - $n)); + $rvl = lsr($this->vall,$n); + } + + private function shlip($n, &$rvl, &$rvr) { + $rvl = ($this->vall << $n) | lsr($this->valr,32 - $n); + $rvr = ($this->valr << $n); + } + + private function addp(Uint64 $n, &$rvl, &$rvr) { + $v3 = $this->g3() + $n->g3(); // Never overflows xD + $v2 = $this->g2() + $n->g2() + ($v3 >> 16); // Add with overflow + $v1 = $this->g1() + $n->g1() + ($v2 >> 16); // Add with overflow + $v0 = $this->g0() + $n->g0() + ($v1 >> 16); // Add with overflow + //The constructor takes care of masking + $rvl = self::joinhalves($v0,$v1); + $rvr = self::joinhalves($v2,$v3); + } + + private function subp(Uint64 $n, &$rvl, &$rvr) { + $v3 = $this->g3() - $n->g3(); // Never overflows xD + $v2 = $this->g2() - $n->g2() - (($v3 >> 16) & 1); // Add with overflow + $v1 = $this->g1() - $n->g1() - (($v2 >> 16) & 1); // Add with overflow + $v0 = $this->g0() - $n->g0() - (($v1 >> 16) & 1); // Add with overflow + //The constructor takes care of masking + $rvl = self::joinhalves($v0,$v1); + $rvr = self::joinhalves($v2,$v3); + } + +// private function mulp(Uint64 $n, &$rvl, &$rvr) { +// // We divide in three parts of around 22 bits each +// $mask = 0x3fffff; // 22 ones +// $tvr = ($this->val & $mask); +// $tvm = (($this->val >> 22) & $mask); +// $tvl = (($this->val >> 44) & $mask); +// $nvr = ($n->val & $mask); +// $nvm = (($n->val >> 22) & $mask); +// $nvl = (($n->val >> 44) & $mask); +// //We multiply them, the results we get will be of double the size (44 bits < 63) thus overflows are impossible +// $v0 = $nvr * $tvr; // The lsb is at pos 0 +// $o01 = $nvm * $tvr; // The lsb is at pos 22 +// $o02 = $nvl * $tvr; // The lsb is at pos 44 +// $o10 = $nvr * $tvm; // The lsb is at pos 22 +// $o11 = $nvm * $tvm; // The lsb is at pos 44 +// $o20 = $nvr * $tvl; // The lsb is at pos 44 +// //We now add the shifted results (propagating the up to 24 bit carries) +// $v1 = $o01 + $o10 + ($v0 >> 22); // The lsb is at pos 22 +// $v2 = $o02 + $o11 + $o20 + ($v1 >> 22); // The lsb is at pos 44 +// //Mask extra bits +// $v0 &= mask; +// $v1 &= mask; +// //Build the value +// $rv = ($v0 | ($v1 << 22) | ($v2 << 44)); +// } + + + + public function gb($n) { + if ($n > 3) + return (($this->vall>>(($n-4)*8))&0xff); + else + return (($this->valr>>($n*8))&0xff); + } + + //Standard operations, return a new copy of the object + public function not_() { + $this->notp($ni1, $ni2); + return new Uint64 ($ni1, $ni2); + } + + public function xor_(Uint64 $n) { + $this->xorp($n,$ni1, $ni2); + return new Uint64 ($ni1, $ni2); + } + + public function and_(Uint64 $n) { + $this->andp($n,$ni1, $ni2); + return new Uint64 ($ni1, $ni2); + } + + public function or_(Uint64 $n) { + $this->orp($n,$ni1, $ni2); + return new Uint64 ($ni1, $ni2); + } + + public function shr_(Uint64 $n) { + $this->shrp($n,$ni1, $ni2); + return new Uint64 ($ni1, $ni2); + } + + public function shl_(Uint64 $n) { + $this->shlp($n,$ni1, $ni2); + return new Uint64 ($ni1, $ni2); + } + + //Comodity for ints + public function shri($n) { + $this->shrip($n,$ni1, $ni2); + return new Uint64 ($ni1, $ni2); + } + + public function shli($n) { + $this->shlip($n,$ni1, $ni2); + return new Uint64 ($ni1, $ni2); + } + + public function add_(Uint64 $n) { + $this->addp($n,$ni1, $ni2); + return new Uint64 ($ni1, $ni2); + } + + public function sub_(Uint64 $n) { + $this->subp($n,$ni1, $ni2); + return new Uint64 ($ni1, $ni2); + } + +// public function mul_(Uint64 $n) { +// $this->mulp($n,$ni1, $ni2); +// return new Uint64 ($ni1, $ni2); +// } + + //Assignment operations, assign the result to this object + public function xore(Uint64 $n) { + $this->xorp($n,$this->vall, $this->valr); + return $this; + } + + public function ande(Uint64 $n) { + $this->andp($n,$this->vall, $this->valr); + return $this; + } + + public function ore(Uint64 $n) { + $this->orp($n,$this->vall, $this->valr); + return $this; + } + + public function shre(Uint64 $n) { + $this->shrp($n,$this->vall, $this->valr); + return $this; + } + + public function shle(Uint64 $n) { + $this->shlp($n,$this->vall, $this->valr); + return $this; + } + + //Comodity for ints + public function shrie($n) { + $this->shrip($n,$this->vall, $this->valr); + return $this; + } + + public function shlie($n) { + $this->shlip($n,$this->vall, $this->valr); + return $this; + } + + public function adde(Uint64 $n) { + $this->addp($n,$this->vall, $this->valr); + return $this; + } + + public function sube(Uint64 $n) { + $this->subp($n,$this->vall, $this->valr); + return $this; + } + +// public function mule(Uint64 $n) { +// $this->mulp($n,$this->vall, $this->valr); +// return $this; +// } + +// //Other useful operations +// //Use when the overflow bit is needed +// public function addo(Uint64 $n, &$of) { +// $vr = $this->grh() + $n->grh(); // Never overflows xD +// $vl = $this->glh() + $n->glh() + ($vr >> 32); // Add with overflow +// //The constructor takes care of masking +// return new Uint64 ($vl,$vr); +// } +// +// //Use when the overflow bit is needed +// public function subo(Uint64 $n, &$of) { +// $vr = $this->grh() - $n->grh(); // Never overflows xD +// $vl = $this->glh() - $n->glh() - (($vr >> 32) & 1); // Add with overflow +// $of = (($vl >> 32)&1); +// //The constructor takes care of masking +// return new Uint64 ($vl,$vr); +// } +// +// // Returns two Uint64 the first one is the least significative the right one is the most +// public function mul2_(Uint64 $n) { +// // We divide in three parts of around 22 bits each +// $mask = 0x3fffff; // 22 ones +// $tvr = ($this->val & $mask); +// $tvm = (($this->val >> 22) & $mask); +// $tvl = (($this->val >> 44) & $mask); +// $nvr = ($n->val & $mask); +// $nvm = (($n->val >> 22) & $mask); +// $nvl = (($n->val >> 44) & $mask); +// //We multiply them, the results we get will be of double the size (44 bits < 63) thus overflows are impossible +// $v0 = $nvr * $tvr; // The lsb is at pos 0 +// $o01 = $nvm * $tvr; // The lsb is at pos 22 +// $o02 = $nvl * $tvr; // The lsb is at pos 44 +// $o10 = $nvr * $tvm; // The lsb is at pos 22 +// $o11 = $nvm * $tvm; // The lsb is at pos 44 +// $o12 = $nvl * $tvm; // The lsb is at pos 66 +// $o20 = $nvr * $tvl; // The lsb is at pos 44 +// $o21 = $nvm * $tvl; // The lsb is at pos 66 +// $o22 = $nvl * $tvl; // The lsb is at pos 88 +// //We now add the shifted results (propagating the up to 24 bit carries) +// $v1 = $o01 + $o10 + ($v0 >> 22); // The lsb is at pos 22 +// $v2 = $o02 + $o11 + $o20 + ($v1 >> 22); // The lsb is at pos 44 +// $v3 = $o01 + $o10 + ($v2 >> 22); // The lsb is at pos 66 +// $v4 = $o00 + ($v3 >> 22); // The lsb is at pos 88 +// //Mask extra bits +// $v0 &= mask; +// $v1 &= mask; +// $v2 &= mask; +// $v3 &= mask; +// //Build the two values now +// $rr = $v0 | ($v1 << 22) | ($v2 << 44); +// $rl = ($v2 >> 20) | ($v2 << 2) | ($v3 << 24); +// return array (new Uint64 ($rr), new Uint64 ($rl)); +// } + + private function __construct($lv, $rv) { + $this->vall = (int)$lv; + $this->valr = (int)$rv; + } + + static public function from_hex($a) { + $hc=array_filter(str_split($a),"ctype_xdigit"); + $reduce = function (array $a) { + return array_reduce($a,function($v, $w) { + return (($v << 4) | hexdec($w)); + },0); + }; + return new Uint64 ($reduce(array_slice($hc,-16,8)),$reduce(array_slice($hc,-8,8))); + } + + //Little endian string read the bytes with the lsB first + static public function from_les($a) { + return self::from_bes(strrev($a)); + } + + //Big endian string read the bytes with the msB first + static public function from_bes($a) { + $hc=str_split($a); + $reduce = function (array $a) { + return array_reduce($a,function($v, $w) { + return (($v << 8) | ord($w)); + },0); + }; + return new Uint64 ($reduce(array_slice($hc,-8,4)),$reduce(array_slice($hc,-4,4))); + } + + //Similar to from_les but it assumes each 8 bytes form a different number + static public function arr_from_les($a) { + return array_map('self::from_les',str_split($a,8)); + } + + //Similar to from_bes but it assumes each 8 bytes form a different number + static public function arr_from_bes($a) { + return array_map('self::from_les',str_split($a,8)); + } + + //This creates a new Uint64 from an integer setting any unused bits to zero + static public function from_int($a) { + return new Uint64 (0,$a); + } + } +} + +?> diff --git a/lib/freetiger/php/tiger.php b/lib/freetiger/php/tiger.php new file mode 100644 index 0000000..fd8285c --- /dev/null +++ b/lib/freetiger/php/tiger.php @@ -0,0 +1,768 @@ +xore($ix); + $t = $tiger_t1[$c->gb(0)]->xor_($tiger_t2[$c->gb(2)]); + $t->xore($tiger_t3[$c->gb(4)]); + $t->xore($tiger_t4[$c->gb(6)]); + $a->sube($t); + $t = $tiger_t4[$c->gb(1)]->xor_($tiger_t3[$c->gb(3)]); + $t->xore($tiger_t2[$c->gb(5)]); + $t->xore($tiger_t1[$c->gb(7)]); + $b->adde($t); + $mulf($b); +} + +function tiger_pass(Uint64 &$a,Uint64 &$b,Uint64 &$c, array $is, $mulf) { + tiger_round($a,$b,$c,$is[0], $mulf); + tiger_round($b,$c,$a,$is[1], $mulf); + tiger_round($c,$a,$b,$is[2], $mulf); + tiger_round($a,$b,$c,$is[3], $mulf); + tiger_round($b,$c,$a,$is[4], $mulf); + tiger_round($c,$a,$b,$is[5], $mulf); + tiger_round($a,$b,$c,$is[6], $mulf); + tiger_round($b,$c,$a,$is[7], $mulf); +} + + +$tiger_c1 = Uint64::from_hex("A5A5A5A5A5A5A5A5"); +$tiger_c2 = Uint64::from_hex("0123456789ABCDEF"); + +function tiger_key_sched(array $is) { + global $tiger_c1, $tiger_c2; + $is[0]->sube($is[7]->xor_($tiger_c1)); + $is[1]->xore($is[0]); + $is[2]->adde($is[1]); + $is[3]->sube($is[1]->not_()->shlie(19)->xore($is[2])); + $is[4]->xore($is[3]); + $is[5]->adde($is[4]); + $is[6]->sube($is[4]->not_()->shrie(23)->xore($is[5])); + $is[7]->xore($is[6]); + $is[0]->adde($is[7]); + $is[1]->sube($is[7]->not_()->shlie(19)->xore($is[0])); + $is[2]->xore($is[1]); + $is[3]->adde($is[2]); + $is[4]->sube($is[2]->not_()->shrie(23)->xore($is[3])); + $is[5]->xore($is[4]); + $is[6]->adde($is[5]); + $is[7]->sube($is[6]->xor_($tiger_c2)); + return $is; +} + +function tiger_block(array $is, array $res) { + $mulf5 = function(Uint64 &$m) { + $m=$m->shli(2)->adde($m); + }; + $mulf7 = function(Uint64 &$m) { + $m=$m->shli(3)->sube($m); + }; + $mulf9 = function(Uint64 &$m) { + $m=$m->shli(3)->adde($m); + }; + + $r0 = clone $res[0]; + $r1 = clone $res[1]; + $r2 = clone $res[2]; + tiger_pass($r0,$r1,$r2,$is,$mulf5); + $is = tiger_key_sched($is); + tiger_pass($r2,$r0,$r1,$is,$mulf7); + $is = tiger_key_sched($is); + tiger_pass($r1,$r2,$r0,$is,$mulf9); + $r0->xore($res[0]); + $r1->sube($res[1]); + $r2->adde($res[2]); + return array($r0,$r1,$r2); +} + +//strlen($is) must be <= 63 +function tiger_end($is, Uint64 $tlen, array $res) { + $length = strlen($is); + $is .= "\001"; + while (strlen($is) % 8) + $is .= "\000"; + if(strlen($is) == 64) { + $res = tiger_block(Uint64::arr_from_les($is), $res); + $is = ""; + } + while (strlen($is) < 56) + $is .= "\000"; + $arr = Uint64::arr_from_les($is); + $arr[7] = $tlen->shli(3); + $res = tiger_block($arr, $res); + return $res; +} + +/** Return the hash of the desired string as 3 Uint64s **/ +function tiger($str) +{ + $length=strlen($str); + //Process the data + $bs=str_split($str,64); + $lb=array_pop($bs); + if(strlen($lb) == 64) { + array_push($bs,$lb); + $lb=""; + } + return tiger_end($lb, Uint64::from_int($length),array_reduce($bs, + function($v, $w) { + return tiger_block(Uint64::arr_from_les($w),$v); + }, + array(Uint64::from_hex("0123456789ABCDEF"), + Uint64::from_hex("FEDCBA9876543210"), + Uint64::from_hex("F096A5B4C3B2E187") + ) + )); +} + +/** Return the data that needs to be stored to call tigerp2 **/ +function tigerp1($password, $salt) +{ + $hs = strlen($password); + $n = 128-($hs%64); + $data = $password . substr($salt,0,$n); + $hs = $hs + $n; + //Process the data + $bs=str_split($data,64); + $h = array_reduce($bs, + function($v, $w) { + return tiger_block(Uint64::arr_from_les($w),$v); + }, + array(Uint64::from_hex("0123456789ABCDEF"), + Uint64::from_hex("FEDCBA9876543210"), + Uint64::from_hex("F096A5B4C3B2E187") + ) + ); + return array( 'h' => $h, 'r' => $salt, 'n' => $n, 'hs' => $hs); +} + +/** end processing the request started in tigerp1, adding any extra data**/ +function tigerp2($h, $r, $n, $hs, $s) +{ + $data = substr($r,$n) . $s; + $thd = $hs + strlen($data); + + //Process the data + $bs=str_split($data,64); + $lb=array_pop($bs); + if(strlen($lb) == 64) { + array_push($bs,$lb); + $lb=""; + } + return tiger_end($lb, Uint64::from_int($thd),array_reduce($bs, + function($v, $w) { + return tiger_block(Uint64::arr_from_les($w),$v); + },$h)); +} + + +// /*Example code*/ +// function t_hash($str) { +// foreach (tiger($str) as $v) +// for ($i= 0; $i <8; $i++) +// printf("%02X",$v->gb($i)); +// echo "\n"; +// t_hash2($str); +// } +// +// //Example using tigerp1 and tigerp2 +// function t_hash2($str) { +// $psalt=openssl_random_pseudo_bytes (128, $strong); +// //You should assure strong is true here +// $s1 = tigerp1($str,$psalt); +// //s1 contains all the data we need to store +// //tsalt is the salt used once for protocol run +// for ($i= 0; $i < 100; $i++) { +// $tsalt=openssl_random_pseudo_bytes (32, $strong); +// //You should assure strong is true here +// $ress = tigerp2($s1['h'],$s1['r'],$s1['n'],$s1['hs'],$tsalt); +// $resc = tiger($str . $psalt . $tsalt); +// if ($ress != $resc) { +// echo "Error calculating partial hashes!\n"; +// } +// } +// } +// +// t_hash(""); +// t_hash("abc"); +// t_hash("Tiger"); +// /* Hash of 512-bit strings */ +// t_hash("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-"); +// t_hash("ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdefghijklmnopqrstuvwxyz+0123456789"); +// t_hash("Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham"); +// /* Hash of two-block strings strings */ +// t_hash("Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge."); +// t_hash("Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge, 1996."); +// t_hash("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-"); + +?>