summaryrefslogtreecommitdiffhomepage
path: root/libtomcrypt/src/stream
diff options
context:
space:
mode:
authorMatt Johnston <matt@ucc.asn.au>2018-02-09 21:44:05 +0800
committerMatt Johnston <matt@ucc.asn.au>2018-02-09 21:44:05 +0800
commit4f2eb1914bdac3ed3ee504ad86061281dbe0d074 (patch)
tree078293375c3f3ee2d485cf9559a08d65d460786a /libtomcrypt/src/stream
parentd72f50ff3284e15124a0f233c26339229fe305ac (diff)
Update to libtomcrypt 1.18.1, merged with Dropbear changes
Diffstat (limited to 'libtomcrypt/src/stream')
-rw-r--r--libtomcrypt/src/stream/chacha/chacha_crypt.c101
-rw-r--r--libtomcrypt/src/stream/chacha/chacha_done.c30
-rw-r--r--libtomcrypt/src/stream/chacha/chacha_ivctr32.c47
-rw-r--r--libtomcrypt/src/stream/chacha/chacha_ivctr64.c47
-rw-r--r--libtomcrypt/src/stream/chacha/chacha_keystream.c38
-rw-r--r--libtomcrypt/src/stream/chacha/chacha_setup.c67
-rw-r--r--libtomcrypt/src/stream/chacha/chacha_test.c71
-rw-r--r--libtomcrypt/src/stream/rc4/rc4_stream.c111
-rw-r--r--libtomcrypt/src/stream/rc4/rc4_test.c39
-rw-r--r--libtomcrypt/src/stream/sober128/sober128_stream.c346
-rw-r--r--libtomcrypt/src/stream/sober128/sober128_test.c45
-rw-r--r--libtomcrypt/src/stream/sober128/sober128tab.c176
12 files changed, 1118 insertions, 0 deletions
diff --git a/libtomcrypt/src/stream/chacha/chacha_crypt.c b/libtomcrypt/src/stream/chacha/chacha_crypt.c
new file mode 100644
index 0000000..6814058
--- /dev/null
+++ b/libtomcrypt/src/stream/chacha/chacha_crypt.c
@@ -0,0 +1,101 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+/* The implementation is based on:
+ * chacha-ref.c version 20080118
+ * Public domain from D. J. Bernstein
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_CHACHA
+
+#define QUARTERROUND(a,b,c,d) \
+ x[a] += x[b]; x[d] = ROL(x[d] ^ x[a], 16); \
+ x[c] += x[d]; x[b] = ROL(x[b] ^ x[c], 12); \
+ x[a] += x[b]; x[d] = ROL(x[d] ^ x[a], 8); \
+ x[c] += x[d]; x[b] = ROL(x[b] ^ x[c], 7);
+
+static void _chacha_block(unsigned char *output, const ulong32 *input, int rounds)
+{
+ ulong32 x[16];
+ int i;
+ XMEMCPY(x, input, sizeof(x));
+ for (i = rounds; i > 0; i -= 2) {
+ QUARTERROUND(0, 4, 8,12)
+ QUARTERROUND(1, 5, 9,13)
+ QUARTERROUND(2, 6,10,14)
+ QUARTERROUND(3, 7,11,15)
+ QUARTERROUND(0, 5,10,15)
+ QUARTERROUND(1, 6,11,12)
+ QUARTERROUND(2, 7, 8,13)
+ QUARTERROUND(3, 4, 9,14)
+ }
+ for (i = 0; i < 16; ++i) {
+ x[i] += input[i];
+ STORE32L(x[i], output + 4 * i);
+ }
+}
+
+/**
+ Encrypt (or decrypt) bytes of ciphertext (or plaintext) with ChaCha
+ @param st The ChaCha state
+ @param in The plaintext (or ciphertext)
+ @param inlen The length of the input (octets)
+ @param out [out] The ciphertext (or plaintext), length inlen
+ @return CRYPT_OK if successful
+*/
+int chacha_crypt(chacha_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out)
+{
+ unsigned char buf[64];
+ unsigned long i, j;
+
+ if (inlen == 0) return CRYPT_OK; /* nothing to do */
+
+ LTC_ARGCHK(st != NULL);
+ LTC_ARGCHK(in != NULL);
+ LTC_ARGCHK(out != NULL);
+ LTC_ARGCHK(st->ivlen != 0);
+
+ if (st->ksleft > 0) {
+ j = MIN(st->ksleft, inlen);
+ for (i = 0; i < j; ++i, st->ksleft--) out[i] = in[i] ^ st->kstream[64 - st->ksleft];
+ inlen -= j;
+ if (inlen == 0) return CRYPT_OK;
+ out += j;
+ in += j;
+ }
+ for (;;) {
+ _chacha_block(buf, st->input, st->rounds);
+ if (st->ivlen == 8) {
+ /* IV-64bit, increment 64bit counter */
+ if (0 == ++st->input[12] && 0 == ++st->input[13]) return CRYPT_OVERFLOW;
+ }
+ else {
+ /* IV-96bit, increment 32bit counter */
+ if (0 == ++st->input[12]) return CRYPT_OVERFLOW;
+ }
+ if (inlen <= 64) {
+ for (i = 0; i < inlen; ++i) out[i] = in[i] ^ buf[i];
+ st->ksleft = 64 - inlen;
+ for (i = inlen; i < 64; ++i) st->kstream[i] = buf[i];
+ return CRYPT_OK;
+ }
+ for (i = 0; i < 64; ++i) out[i] = in[i] ^ buf[i];
+ inlen -= 64;
+ out += 64;
+ in += 64;
+ }
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/libtomcrypt/src/stream/chacha/chacha_done.c b/libtomcrypt/src/stream/chacha/chacha_done.c
new file mode 100644
index 0000000..9f0196e
--- /dev/null
+++ b/libtomcrypt/src/stream/chacha/chacha_done.c
@@ -0,0 +1,30 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_CHACHA
+
+/**
+ Terminate and clear ChaCha state
+ @param st The ChaCha state
+ @return CRYPT_OK on success
+*/
+int chacha_done(chacha_state *st)
+{
+ LTC_ARGCHK(st != NULL);
+ XMEMSET(st, 0, sizeof(chacha_state));
+ return CRYPT_OK;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/libtomcrypt/src/stream/chacha/chacha_ivctr32.c b/libtomcrypt/src/stream/chacha/chacha_ivctr32.c
new file mode 100644
index 0000000..c9a6dbb
--- /dev/null
+++ b/libtomcrypt/src/stream/chacha/chacha_ivctr32.c
@@ -0,0 +1,47 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+/* The implementation is based on:
+ * chacha-ref.c version 20080118
+ * Public domain from D. J. Bernstein
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_CHACHA
+
+/**
+ Set IV + counter data to the ChaCha state
+ @param st The ChaCha20 state
+ @param iv The IV data to add
+ @param ivlen The length of the IV (must be 12)
+ @param counter 32bit (unsigned) initial counter value
+ @return CRYPT_OK on success
+ */
+int chacha_ivctr32(chacha_state *st, const unsigned char *iv, unsigned long ivlen, ulong32 counter)
+{
+ LTC_ARGCHK(st != NULL);
+ LTC_ARGCHK(iv != NULL);
+ /* 96bit IV + 32bit counter */
+ LTC_ARGCHK(ivlen == 12);
+
+ st->input[12] = counter;
+ LOAD32L(st->input[13], iv + 0);
+ LOAD32L(st->input[14], iv + 4);
+ LOAD32L(st->input[15], iv + 8);
+ st->ksleft = 0;
+ st->ivlen = ivlen;
+ return CRYPT_OK;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/libtomcrypt/src/stream/chacha/chacha_ivctr64.c b/libtomcrypt/src/stream/chacha/chacha_ivctr64.c
new file mode 100644
index 0000000..643d11f
--- /dev/null
+++ b/libtomcrypt/src/stream/chacha/chacha_ivctr64.c
@@ -0,0 +1,47 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+/* The implementation is based on:
+ * chacha-ref.c version 20080118
+ * Public domain from D. J. Bernstein
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_CHACHA
+
+/**
+ Set IV + counter data to the ChaCha state
+ @param st The ChaCha20 state
+ @param iv The IV data to add
+ @param ivlen The length of the IV (must be 8)
+ @param counter 64bit (unsigned) initial counter value
+ @return CRYPT_OK on success
+ */
+int chacha_ivctr64(chacha_state *st, const unsigned char *iv, unsigned long ivlen, ulong64 counter)
+{
+ LTC_ARGCHK(st != NULL);
+ LTC_ARGCHK(iv != NULL);
+ /* 64bit IV + 64bit counter */
+ LTC_ARGCHK(ivlen == 8);
+
+ st->input[12] = (ulong32)(counter & 0xFFFFFFFF);
+ st->input[13] = (ulong32)(counter >> 32);
+ LOAD32L(st->input[14], iv + 0);
+ LOAD32L(st->input[15], iv + 4);
+ st->ksleft = 0;
+ st->ivlen = ivlen;
+ return CRYPT_OK;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/libtomcrypt/src/stream/chacha/chacha_keystream.c b/libtomcrypt/src/stream/chacha/chacha_keystream.c
new file mode 100644
index 0000000..25eb63a
--- /dev/null
+++ b/libtomcrypt/src/stream/chacha/chacha_keystream.c
@@ -0,0 +1,38 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+/* The implementation is based on:
+ * chacha-ref.c version 20080118
+ * Public domain from D. J. Bernstein
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_CHACHA
+
+/**
+ Generate a stream of random bytes via ChaCha
+ @param st The ChaCha20 state
+ @param out [out] The output buffer
+ @param outlen The output length
+ @return CRYPT_OK on success
+ */
+int chacha_keystream(chacha_state *st, unsigned char *out, unsigned long outlen)
+{
+ if (outlen == 0) return CRYPT_OK; /* nothing to do */
+ LTC_ARGCHK(out != NULL);
+ XMEMSET(out, 0, outlen);
+ return chacha_crypt(st, out, outlen, out);
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/libtomcrypt/src/stream/chacha/chacha_setup.c b/libtomcrypt/src/stream/chacha/chacha_setup.c
new file mode 100644
index 0000000..e34370b
--- /dev/null
+++ b/libtomcrypt/src/stream/chacha/chacha_setup.c
@@ -0,0 +1,67 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+/* The implementation is based on:
+ * chacha-ref.c version 20080118
+ * Public domain from D. J. Bernstein
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_CHACHA
+
+static const char * const sigma = "expand 32-byte k";
+static const char * const tau = "expand 16-byte k";
+
+/**
+ Initialize an ChaCha context (only the key)
+ @param st [out] The destination of the ChaCha state
+ @param key The secret key
+ @param keylen The length of the secret key (octets)
+ @param rounds Number of rounds (e.g. 20 for ChaCha20)
+ @return CRYPT_OK if successful
+*/
+int chacha_setup(chacha_state *st, const unsigned char *key, unsigned long keylen, int rounds)
+{
+ const char *constants;
+
+ LTC_ARGCHK(st != NULL);
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(keylen == 32 || keylen == 16);
+
+ if (rounds == 0) rounds = 20;
+
+ LOAD32L(st->input[4], key + 0);
+ LOAD32L(st->input[5], key + 4);
+ LOAD32L(st->input[6], key + 8);
+ LOAD32L(st->input[7], key + 12);
+ if (keylen == 32) { /* 256bit */
+ key += 16;
+ constants = sigma;
+ } else { /* 128bit */
+ constants = tau;
+ }
+ LOAD32L(st->input[8], key + 0);
+ LOAD32L(st->input[9], key + 4);
+ LOAD32L(st->input[10], key + 8);
+ LOAD32L(st->input[11], key + 12);
+ LOAD32L(st->input[0], constants + 0);
+ LOAD32L(st->input[1], constants + 4);
+ LOAD32L(st->input[2], constants + 8);
+ LOAD32L(st->input[3], constants + 12);
+ st->rounds = rounds; /* e.g. 20 for chacha20 */
+ st->ivlen = 0; /* will be set later by chacha_ivctr(32|64) */
+ return CRYPT_OK;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/libtomcrypt/src/stream/chacha/chacha_test.c b/libtomcrypt/src/stream/chacha/chacha_test.c
new file mode 100644
index 0000000..649ebf9
--- /dev/null
+++ b/libtomcrypt/src/stream/chacha/chacha_test.c
@@ -0,0 +1,71 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+/* The implementation is based on:
+ * chacha-ref.c version 20080118
+ * Public domain from D. J. Bernstein
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_CHACHA
+
+int chacha_test(void)
+{
+#ifndef LTC_TEST
+ return CRYPT_NOP;
+#else
+ unsigned long len;
+ unsigned char out[1000];
+ /* https://tools.ietf.org/html/rfc7539#section-2.4.2 */
+ unsigned char k[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f };
+ unsigned char n[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4a, 0x00, 0x00, 0x00, 0x00 };
+ unsigned char ct[] = { 0x6E, 0x2E, 0x35, 0x9A, 0x25, 0x68, 0xF9, 0x80, 0x41, 0xBA, 0x07, 0x28, 0xDD, 0x0D, 0x69, 0x81,
+ 0xE9, 0x7E, 0x7A, 0xEC, 0x1D, 0x43, 0x60, 0xC2, 0x0A, 0x27, 0xAF, 0xCC, 0xFD, 0x9F, 0xAE, 0x0B,
+ 0xF9, 0x1B, 0x65, 0xC5, 0x52, 0x47, 0x33, 0xAB, 0x8F, 0x59, 0x3D, 0xAB, 0xCD, 0x62, 0xB3, 0x57,
+ 0x16, 0x39, 0xD6, 0x24, 0xE6, 0x51, 0x52, 0xAB, 0x8F, 0x53, 0x0C, 0x35, 0x9F, 0x08, 0x61, 0xD8,
+ 0x07, 0xCA, 0x0D, 0xBF, 0x50, 0x0D, 0x6A, 0x61, 0x56, 0xA3, 0x8E, 0x08, 0x8A, 0x22, 0xB6, 0x5E,
+ 0x52, 0xBC, 0x51, 0x4D, 0x16, 0xCC, 0xF8, 0x06, 0x81, 0x8C, 0xE9, 0x1A, 0xB7, 0x79, 0x37, 0x36,
+ 0x5A, 0xF9, 0x0B, 0xBF, 0x74, 0xA3, 0x5B, 0xE6, 0xB4, 0x0B, 0x8E, 0xED, 0xF2, 0x78, 0x5E, 0x42,
+ 0x87, 0x4D };
+ char pt[] = "Ladies and Gentlemen of the class of '99: If I could offer you only one tip for the future, sunscreen would be it.";
+ chacha_state st;
+ int err;
+
+ len = strlen(pt);
+ /* crypt piece by piece */
+ if ((err = chacha_setup(&st, k, sizeof(k), 20)) != CRYPT_OK) return err;
+ if ((err = chacha_ivctr32(&st, n, sizeof(n), 1)) != CRYPT_OK) return err;
+ if ((err = chacha_crypt(&st, (unsigned char*)pt, 35, out)) != CRYPT_OK) return err;
+ if ((err = chacha_crypt(&st, (unsigned char*)pt + 35, 35, out + 35)) != CRYPT_OK) return err;
+ if ((err = chacha_crypt(&st, (unsigned char*)pt + 70, 5, out + 70)) != CRYPT_OK) return err;
+ if ((err = chacha_crypt(&st, (unsigned char*)pt + 75, 5, out + 75)) != CRYPT_OK) return err;
+ if ((err = chacha_crypt(&st, (unsigned char*)pt + 80, len - 80, out + 80)) != CRYPT_OK) return err;
+ if (compare_testvector(out, len, ct, sizeof(ct), "CHACHA-TV1", 1)) return CRYPT_FAIL_TESTVECTOR;
+ /* crypt in one go */
+ if ((err = chacha_setup(&st, k, sizeof(k), 20)) != CRYPT_OK) return err;
+ if ((err = chacha_ivctr32(&st, n, sizeof(n), 1)) != CRYPT_OK) return err;
+ if ((err = chacha_crypt(&st, (unsigned char*)pt, len, out)) != CRYPT_OK) return err;
+ if (compare_testvector(out, len, ct, sizeof(ct), "CHACHA-TV2", 1)) return CRYPT_FAIL_TESTVECTOR;
+ /* crypt in one go - using chacha_ivctr64() */
+ if ((err = chacha_setup(&st, k, sizeof(k), 20)) != CRYPT_OK) return err;
+ if ((err = chacha_ivctr64(&st, n + 4, sizeof(n) - 4, 1)) != CRYPT_OK) return err;
+ if ((err = chacha_crypt(&st, (unsigned char*)pt, len, out)) != CRYPT_OK) return err;
+ if (compare_testvector(out, len, ct, sizeof(ct), "CHACHA-TV3", 1)) return CRYPT_FAIL_TESTVECTOR;
+
+ return CRYPT_OK;
+#endif
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/libtomcrypt/src/stream/rc4/rc4_stream.c b/libtomcrypt/src/stream/rc4/rc4_stream.c
new file mode 100644
index 0000000..178489d
--- /dev/null
+++ b/libtomcrypt/src/stream/rc4/rc4_stream.c
@@ -0,0 +1,111 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_RC4_STREAM
+
+/**
+ Initialize an RC4 context (only the key)
+ @param st [out] The destination of the RC4 state
+ @param key The secret key
+ @param keylen The length of the secret key (8 - 256 bytes)
+ @return CRYPT_OK if successful
+*/
+int rc4_stream_setup(rc4_state *st, const unsigned char *key, unsigned long keylen)
+{
+ unsigned char tmp, *s;
+ int x, y;
+ unsigned long j;
+
+ LTC_ARGCHK(st != NULL);
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(keylen >= 5); /* 40-2048 bits */
+
+ s = st->buf;
+ for (x = 0; x < 256; x++) {
+ s[x] = x;
+ }
+
+ for (j = x = y = 0; x < 256; x++) {
+ y = (y + s[x] + key[j++]) & 255;
+ if (j == keylen) {
+ j = 0;
+ }
+ tmp = s[x]; s[x] = s[y]; s[y] = tmp;
+ }
+ st->x = 0;
+ st->y = 0;
+
+ return CRYPT_OK;
+}
+
+/**
+ Encrypt (or decrypt) bytes of ciphertext (or plaintext) with RC4
+ @param st The RC4 state
+ @param in The plaintext (or ciphertext)
+ @param inlen The length of the input (octets)
+ @param out [out] The ciphertext (or plaintext), length inlen
+ @return CRYPT_OK if successful
+*/
+int rc4_stream_crypt(rc4_state *st, const unsigned char *in, unsigned long inlen, unsigned char *out)
+{
+ unsigned char x, y, *s, tmp;
+
+ LTC_ARGCHK(st != NULL);
+ LTC_ARGCHK(in != NULL);
+ LTC_ARGCHK(out != NULL);
+
+ x = st->x;
+ y = st->y;
+ s = st->buf;
+ while (inlen--) {
+ x = (x + 1) & 255;
+ y = (y + s[x]) & 255;
+ tmp = s[x]; s[x] = s[y]; s[y] = tmp;
+ tmp = (s[x] + s[y]) & 255;
+ *out++ = *in++ ^ s[tmp];
+ }
+ st->x = x;
+ st->y = y;
+ return CRYPT_OK;
+}
+
+/**
+ Generate a stream of random bytes via RC4
+ @param st The RC420 state
+ @param out [out] The output buffer
+ @param outlen The output length
+ @return CRYPT_OK on success
+ */
+int rc4_stream_keystream(rc4_state *st, unsigned char *out, unsigned long outlen)
+{
+ if (outlen == 0) return CRYPT_OK; /* nothing to do */
+ LTC_ARGCHK(out != NULL);
+ XMEMSET(out, 0, outlen);
+ return rc4_stream_crypt(st, out, outlen, out);
+}
+
+/**
+ Terminate and clear RC4 state
+ @param st The RC4 state
+ @return CRYPT_OK on success
+*/
+int rc4_stream_done(rc4_state *st)
+{
+ LTC_ARGCHK(st != NULL);
+ XMEMSET(st, 0, sizeof(rc4_state));
+ return CRYPT_OK;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/libtomcrypt/src/stream/rc4/rc4_test.c b/libtomcrypt/src/stream/rc4/rc4_test.c
new file mode 100644
index 0000000..a7e4887
--- /dev/null
+++ b/libtomcrypt/src/stream/rc4/rc4_test.c
@@ -0,0 +1,39 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_RC4_STREAM
+
+int rc4_stream_test(void)
+{
+#ifndef LTC_TEST
+ return CRYPT_NOP;
+#else
+ rc4_state st;
+ int err;
+ const unsigned char key[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
+ const unsigned char pt[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
+ const unsigned char ct[] = { 0x75, 0xb7, 0x87, 0x80, 0x99, 0xe0, 0xc5, 0x96 };
+ unsigned char buf[10];
+
+ if ((err = rc4_stream_setup(&st, key, sizeof(key))) != CRYPT_OK) return err;
+ if ((err = rc4_stream_crypt(&st, pt, sizeof(pt), buf)) != CRYPT_OK) return err;
+ if (compare_testvector(buf, sizeof(ct), ct, sizeof(ct), "RC4", 0)) return CRYPT_FAIL_TESTVECTOR;
+ if ((err = rc4_stream_done(&st)) != CRYPT_OK) return err;
+
+ return CRYPT_OK;
+#endif
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/libtomcrypt/src/stream/sober128/sober128_stream.c b/libtomcrypt/src/stream/sober128/sober128_stream.c
new file mode 100644
index 0000000..5c35eda
--- /dev/null
+++ b/libtomcrypt/src/stream/sober128/sober128_stream.c
@@ -0,0 +1,346 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt.h"
+
+/**
+ @file sober128_stream.c
+ Implementation of SOBER-128 by Tom St Denis.
+ Based on s128fast.c reference code supplied by Greg Rose of QUALCOMM.
+*/
+
+#ifdef LTC_SOBER128
+
+#define __LTC_SOBER128TAB_C__
+#include "sober128tab.c"
+
+/* don't change these... */
+#define N 17
+#define FOLD N /* how many iterations of folding to do */
+#define INITKONST 0x6996c53a /* value of KONST to use during key loading */
+#define KEYP 15 /* where to insert key words */
+#define FOLDP 4 /* where to insert non-linear feedback */
+
+#define B(x,i) ((unsigned char)(((x) >> (8*i)) & 0xFF))
+
+static ulong32 BYTE2WORD(unsigned char *b)
+{
+ ulong32 t;
+ LOAD32L(t, b);
+ return t;
+}
+
+static void XORWORD(ulong32 w, const unsigned char *in, unsigned char *out)
+{
+ ulong32 t;
+ LOAD32L(t, in);
+ t ^= w;
+ STORE32L(t, out);
+}
+
+/* give correct offset for the current position of the register,
+ * where logically R[0] is at position "zero".
+ */
+#define OFF(zero, i) (((zero)+(i)) % N)
+
+/* step the LFSR */
+/* After stepping, "zero" moves right one place */
+#define STEP(R,z) \
+ R[OFF(z,0)] = R[OFF(z,15)] ^ R[OFF(z,4)] ^ (R[OFF(z,0)] << 8) ^ Multab[(R[OFF(z,0)] >> 24) & 0xFF];
+
+static void cycle(ulong32 *R)
+{
+ ulong32 t;
+ int i;
+
+ STEP(R,0);
+ t = R[0];
+ for (i = 1; i < N; ++i) {
+ R[i-1] = R[i];
+ }
+ R[N-1] = t;
+}
+
+/* Return a non-linear function of some parts of the register.
+ */
+#define NLFUNC(c,z) \
+{ \
+ t = c->R[OFF(z,0)] + c->R[OFF(z,16)]; \
+ t ^= Sbox[(t >> 24) & 0xFF]; \
+ t = RORc(t, 8); \
+ t = ((t + c->R[OFF(z,1)]) ^ c->konst) + c->R[OFF(z,6)]; \
+ t ^= Sbox[(t >> 24) & 0xFF]; \
+ t = t + c->R[OFF(z,13)]; \
+}
+
+static ulong32 nltap(sober128_state *c)
+{
+ ulong32 t;
+ NLFUNC(c, 0);
+ return t;
+}
+
+/* Save the current register state
+ */
+static void s128_savestate(sober128_state *c)
+{
+ int i;
+ for (i = 0; i < N; ++i) {
+ c->initR[i] = c->R[i];
+ }
+}
+
+/* initialise to previously saved register state
+ */
+static void s128_reloadstate(sober128_state *c)
+{
+ int i;
+
+ for (i = 0; i < N; ++i) {
+ c->R[i] = c->initR[i];
+ }
+}
+
+/* Initialise "konst"
+ */
+static void s128_genkonst(sober128_state *c)
+{
+ ulong32 newkonst;
+
+ do {
+ cycle(c->R);
+ newkonst = nltap(c);
+ } while ((newkonst & 0xFF000000) == 0);
+ c->konst = newkonst;
+}
+
+/* Load key material into the register
+ */
+#define ADDKEY(k) \
+ c->R[KEYP] += (k);
+
+#define XORNL(nl) \
+ c->R[FOLDP] ^= (nl);
+
+/* nonlinear diffusion of register for key */
+#define DROUND(z) STEP(c->R,z); NLFUNC(c,(z+1)); c->R[OFF((z+1),FOLDP)] ^= t;
+static void s128_diffuse(sober128_state *c)
+{
+ ulong32 t;
+ /* relies on FOLD == N == 17! */
+ DROUND(0);
+ DROUND(1);
+ DROUND(2);
+ DROUND(3);
+ DROUND(4);
+ DROUND(5);
+ DROUND(6);
+ DROUND(7);
+ DROUND(8);
+ DROUND(9);
+ DROUND(10);
+ DROUND(11);
+ DROUND(12);
+ DROUND(13);
+ DROUND(14);
+ DROUND(15);
+ DROUND(16);
+}
+
+/**
+ Initialize an Sober128 context (only the key)
+ @param c [out] The destination of the Sober128 state
+ @param key The secret key
+ @param keylen The length of the secret key (octets)
+ @return CRYPT_OK if successful
+*/
+int sober128_stream_setup(sober128_state *c, const unsigned char *key, unsigned long keylen)
+{
+ ulong32 i, k;
+
+ LTC_ARGCHK(c != NULL);
+ LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(keylen > 0);
+
+ /* keylen must be multiple of 4 bytes */
+ if ((keylen & 3) != 0) {
+ return CRYPT_INVALID_KEYSIZE;
+ }
+
+ /* Register initialised to Fibonacci numbers */
+ c->R[0] = 1;
+ c->R[1] = 1;
+ for (i = 2; i < N; ++i) {
+ c->R[i] = c->R[i-1] + c->R[i-2];
+ }
+ c->konst = INITKONST;
+
+ for (i = 0; i < keylen; i += 4) {
+ k = BYTE2WORD((unsigned char *)&key[i]);
+ ADDKEY(k);
+ cycle(c->R);
+ XORNL(nltap(c));
+ }
+
+ /* also fold in the length of the key */
+ ADDKEY(keylen);
+
+ /* now diffuse */
+ s128_diffuse(c);
+ s128_genkonst(c);
+ s128_savestate(c);
+ c->nbuf = 0;
+
+ return CRYPT_OK;
+}
+
+/**
+ Set IV to the Sober128 state
+ @param c The Sober12820 state
+ @param iv The IV data to add
+ @param ivlen The length of the IV (must be 12)
+ @return CRYPT_OK on success
+ */
+int sober128_stream_setiv(sober128_state *c, const unsigned char *iv, unsigned long ivlen)
+{
+ ulong32 i, k;
+
+ LTC_ARGCHK(c != NULL);
+ LTC_ARGCHK(iv != NULL);
+ LTC_ARGCHK(ivlen > 0);
+
+ /* ok we are adding an IV then... */
+ s128_reloadstate(c);
+
+ /* ivlen must be multiple of 4 bytes */
+ if ((ivlen & 3) != 0) {
+ return CRYPT_INVALID_KEYSIZE;
+ }
+
+ for (i = 0; i < ivlen; i += 4) {
+ k = BYTE2WORD((unsigned char *)&iv[i]);
+ ADDKEY(k);
+ cycle(c->R);
+ XORNL(nltap(c));
+ }
+
+ /* also fold in the length of the key */
+ ADDKEY(ivlen);
+
+ /* now diffuse */
+ s128_diffuse(c);
+ c->nbuf = 0;
+
+ return CRYPT_OK;
+}
+
+/* XOR pseudo-random bytes into buffer
+ */
+#define SROUND(z) STEP(c->R,z); NLFUNC(c,(z+1)); XORWORD(t, in+(z*4), out+(z*4));
+
+/**
+ Encrypt (or decrypt) bytes of ciphertext (or plaintext) with Sober128
+ @param c The Sober128 state
+ @param in The plaintext (or ciphertext)
+ @param inlen The length of the input (octets)
+ @param out [out] The ciphertext (or plaintext), length inlen
+ @return CRYPT_OK if successful
+*/
+int sober128_stream_crypt(sober128_state *c, const unsigned char *in, unsigned long inlen, unsigned char *out)
+{
+ ulong32 t;
+
+ if (inlen == 0) return CRYPT_OK; /* nothing to do */
+ LTC_ARGCHK(out != NULL);
+ LTC_ARGCHK(c != NULL);
+
+ /* handle any previously buffered bytes */
+ while (c->nbuf != 0 && inlen != 0) {
+ *out++ = *in++ ^ (unsigned char)(c->sbuf & 0xFF);
+ c->sbuf >>= 8;
+ c->nbuf -= 8;
+ --inlen;
+ }
+
+#ifndef LTC_SMALL_CODE
+ /* do lots at a time, if there's enough to do */
+ while (inlen >= N*4) {
+ SROUND(0);
+ SROUND(1);
+ SROUND(2);
+ SROUND(3);
+ SROUND(4);
+ SROUND(5);
+ SROUND(6);
+ SROUND(7);
+ SROUND(8);
+ SROUND(9);
+ SROUND(10);
+ SROUND(11);
+ SROUND(12);
+ SROUND(13);
+ SROUND(14);
+ SROUND(15);
+ SROUND(16);
+ out += 4*N;
+ in += 4*N;
+ inlen -= 4*N;
+ }
+#endif
+
+ /* do small or odd size buffers the slow way */
+ while (4 <= inlen) {
+ cycle(c->R);
+ t = nltap(c);
+ XORWORD(t, in, out);
+ out += 4;
+ in += 4;
+ inlen -= 4;
+ }
+
+ /* handle any trailing bytes */
+ if (inlen != 0) {
+ cycle(c->R);
+ c->sbuf = nltap(c);
+ c->nbuf = 32;
+ while (c->nbuf != 0 && inlen != 0) {
+ *out++ = *in++ ^ (unsigned char)(c->sbuf & 0xFF);
+ c->sbuf >>= 8;
+ c->nbuf -= 8;
+ --inlen;
+ }
+ }
+
+ return CRYPT_OK;
+}
+
+int sober128_stream_keystream(sober128_state *c, unsigned char *out, unsigned long outlen)
+{
+ if (outlen == 0) return CRYPT_OK; /* nothing to do */
+ LTC_ARGCHK(out != NULL);
+ XMEMSET(out, 0, outlen);
+ return sober128_stream_crypt(c, out, outlen, out);
+}
+
+/**
+ Terminate and clear Sober128 state
+ @param c The Sober128 state
+ @return CRYPT_OK on success
+*/
+int sober128_stream_done(sober128_state *c)
+{
+ LTC_ARGCHK(c != NULL);
+ XMEMSET(c, 0, sizeof(sober128_state));
+ return CRYPT_OK;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/libtomcrypt/src/stream/sober128/sober128_test.c b/libtomcrypt/src/stream/sober128/sober128_test.c
new file mode 100644
index 0000000..32ea461
--- /dev/null
+++ b/libtomcrypt/src/stream/sober128/sober128_test.c
@@ -0,0 +1,45 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt.h"
+
+#ifdef LTC_SOBER128
+
+int sober128_stream_test(void)
+{
+#ifndef LTC_TEST
+ return CRYPT_NOP;
+#else
+ unsigned char key[16] = { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6b, 0x65, 0x79,
+ 0x20, 0x31, 0x32, 0x38, 0x62, 0x69, 0x74, 0x73 };
+ unsigned char iv[4] = { 0x00, 0x00, 0x00, 0x00 };
+ unsigned char out[20] = { 0x43, 0x50, 0x0c, 0xcf, 0x89, 0x91, 0x9f, 0x1d,
+ 0xaa, 0x37, 0x74, 0x95, 0xf4, 0xb4, 0x58, 0xc2,
+ 0x40, 0x37, 0x8b, 0xbb };
+ int err, len = 20;
+ unsigned char src[20], dst[20];
+ sober128_state st;
+
+ XMEMSET(src, 0, len); /* input */
+ if ((err = sober128_stream_setup(&st, key, sizeof(key))) != CRYPT_OK) return err;
+ if ((err = sober128_stream_setiv(&st, iv, sizeof(iv))) != CRYPT_OK) return err;
+ if ((err = sober128_stream_crypt(&st, src, len, dst)) != CRYPT_OK) return err;
+ if ((err = sober128_stream_done(&st)) != CRYPT_OK) return err;
+ if (compare_testvector(dst, len, out, len, "SOBER-128", 0)) {
+ return CRYPT_FAIL_TESTVECTOR;
+ }
+ return CRYPT_OK;
+#endif
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/libtomcrypt/src/stream/sober128/sober128tab.c b/libtomcrypt/src/stream/sober128/sober128tab.c
new file mode 100644
index 0000000..e02ff23
--- /dev/null
+++ b/libtomcrypt/src/stream/sober128/sober128tab.c
@@ -0,0 +1,176 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+/**
+ @file sober128tab.c
+ SOBER-128 Tables
+*/
+
+#ifdef __LTC_SOBER128TAB_C__
+
+/* $ID$ */
+/* @(#)TuringMultab.h 1.3 (QUALCOMM) 02/09/03 */
+/* Multiplication table for Turing using 0xD02B4367 */
+static const ulong32 Multab[256] = {
+ 0x00000000, 0xD02B4367, 0xED5686CE, 0x3D7DC5A9,
+ 0x97AC41D1, 0x478702B6, 0x7AFAC71F, 0xAAD18478,
+ 0x631582EF, 0xB33EC188, 0x8E430421, 0x5E684746,
+ 0xF4B9C33E, 0x24928059, 0x19EF45F0, 0xC9C40697,
+ 0xC62A4993, 0x16010AF4, 0x2B7CCF5D, 0xFB578C3A,
+ 0x51860842, 0x81AD4B25, 0xBCD08E8C, 0x6CFBCDEB,
+ 0xA53FCB7C, 0x7514881B, 0x48694DB2, 0x98420ED5,
+ 0x32938AAD, 0xE2B8C9CA, 0xDFC50C63, 0x0FEE4F04,
+ 0xC154926B, 0x117FD10C, 0x2C0214A5, 0xFC2957C2,
+ 0x56F8D3BA, 0x86D390DD, 0xBBAE5574, 0x6B851613,
+ 0xA2411084, 0x726A53E3, 0x4F17964A, 0x9F3CD52D,
+ 0x35ED5155, 0xE5C61232, 0xD8BBD79B, 0x089094FC,
+ 0x077EDBF8, 0xD755989F, 0xEA285D36, 0x3A031E51,
+ 0x90D29A29, 0x40F9D94E, 0x7D841CE7, 0xADAF5F80,
+ 0x646B5917, 0xB4401A70, 0x893DDFD9, 0x59169CBE,
+ 0xF3C718C6, 0x23EC5BA1, 0x1E919E08, 0xCEBADD6F,
+ 0xCFA869D6, 0x1F832AB1, 0x22FEEF18, 0xF2D5AC7F,
+ 0x58042807, 0x882F6B60, 0xB552AEC9, 0x6579EDAE,
+ 0xACBDEB39, 0x7C96A85E, 0x41EB6DF7, 0x91C02E90,
+ 0x3B11AAE8, 0xEB3AE98F, 0xD6472C26, 0x066C6F41,
+ 0x09822045, 0xD9A96322, 0xE4D4A68B, 0x34FFE5EC,
+ 0x9E2E6194, 0x4E0522F3, 0x7378E75A, 0xA353A43D,
+ 0x6A97A2AA, 0xBABCE1CD, 0x87C12464, 0x57EA6703,
+ 0xFD3BE37B, 0x2D10A01C, 0x106D65B5, 0xC04626D2,
+ 0x0EFCFBBD, 0xDED7B8DA, 0xE3AA7D73, 0x33813E14,
+ 0x9950BA6C, 0x497BF90B, 0x74063CA2, 0xA42D7FC5,
+ 0x6DE97952, 0xBDC23A35, 0x80BFFF9C, 0x5094BCFB,
+ 0xFA453883, 0x2A6E7BE4, 0x1713BE4D, 0xC738FD2A,
+ 0xC8D6B22E, 0x18FDF149, 0x258034E0, 0xF5AB7787,
+ 0x5F7AF3FF, 0x8F51B098, 0xB22C7531, 0x62073656,
+ 0xABC330C1, 0x7BE873A6, 0x4695B60F, 0x96BEF568,
+ 0x3C6F7110, 0xEC443277, 0xD139F7DE, 0x0112B4B9,
+ 0xD31DD2E1, 0x03369186, 0x3E4B542F, 0xEE601748,
+ 0x44B19330, 0x949AD057, 0xA9E715FE, 0x79CC5699,
+ 0xB008500E, 0x60231369, 0x5D5ED6C0, 0x8D7595A7,
+ 0x27A411DF, 0xF78F52B8, 0xCAF29711, 0x1AD9D476,
+ 0x15379B72, 0xC51CD815, 0xF8611DBC, 0x284A5EDB,
+ 0x829BDAA3, 0x52B099C4, 0x6FCD5C6D, 0xBFE61F0A,
+ 0x7622199D, 0xA6095AFA, 0x9B749F53, 0x4B5FDC34,
+ 0xE18E584C, 0x31A51B2B, 0x0CD8DE82, 0xDCF39DE5,
+ 0x1249408A, 0xC26203ED, 0xFF1FC644, 0x2F348523,
+ 0x85E5015B, 0x55CE423C, 0x68B38795, 0xB898C4F2,
+ 0x715CC265, 0xA1778102, 0x9C0A44AB, 0x4C2107CC,
+ 0xE6F083B4, 0x36DBC0D3, 0x0BA6057A, 0xDB8D461D,
+ 0xD4630919, 0x04484A7E, 0x39358FD7, 0xE91ECCB0,
+ 0x43CF48C8, 0x93E40BAF, 0xAE99CE06, 0x7EB28D61,
+ 0xB7768BF6, 0x675DC891, 0x5A200D38, 0x8A0B4E5F,
+ 0x20DACA27, 0xF0F18940, 0xCD8C4CE9, 0x1DA70F8E,
+ 0x1CB5BB37, 0xCC9EF850, 0xF1E33DF9, 0x21C87E9E,
+ 0x8B19FAE6, 0x5B32B981, 0x664F7C28, 0xB6643F4F,
+ 0x7FA039D8, 0xAF8B7ABF, 0x92F6BF16, 0x42DDFC71,
+ 0xE80C7809, 0x38273B6E, 0x055AFEC7, 0xD571BDA0,
+ 0xDA9FF2A4, 0x0AB4B1C3, 0x37C9746A, 0xE7E2370D,
+ 0x4D33B375, 0x9D18F012, 0xA06535BB, 0x704E76DC,
+ 0xB98A704B, 0x69A1332C, 0x54DCF685, 0x84F7B5E2,
+ 0x2E26319A, 0xFE0D72FD, 0xC370B754, 0x135BF433,
+ 0xDDE1295C, 0x0DCA6A3B, 0x30B7AF92, 0xE09CECF5,
+ 0x4A4D688D, 0x9A662BEA, 0xA71BEE43, 0x7730AD24,
+ 0xBEF4ABB3, 0x6EDFE8D4, 0x53A22D7D, 0x83896E1A,
+ 0x2958EA62, 0xF973A905, 0xC40E6CAC, 0x14252FCB,
+ 0x1BCB60CF, 0xCBE023A8, 0xF69DE601, 0x26B6A566,
+ 0x8C67211E, 0x5C4C6279, 0x6131A7D0, 0xB11AE4B7,
+ 0x78DEE220, 0xA8F5A147, 0x958864EE, 0x45A32789,
+ 0xEF72A3F1, 0x3F59E096, 0x0224253F, 0xD20F6658,
+};
+
+/* $ID$ */
+/* Sbox for SOBER-128 */
+/*
+ * This is really the combination of two SBoxes; the least significant
+ * 24 bits comes from:
+ * 8->32 Sbox generated by Millan et. al. at Queensland University of
+ * Technology. See: E. Dawson, W. Millan, L. Burnett, G. Carter,
+ * "On the Design of 8*32 S-boxes". Unpublished report, by the
+ * Information Systems Research Centre,
+ * Queensland University of Technology, 1999.
+ *
+ * The most significant 8 bits are the Skipjack "F table", which can be
+ * found at http://csrc.nist.gov/CryptoToolkit/skipjack/skipjack.pdf .
+ * In this optimised table, though, the intent is to XOR the word from
+ * the table selected by the high byte with the input word. Thus, the
+ * high byte is actually the Skipjack F-table entry XORED with its
+ * table index.
+ */
+static const ulong32 Sbox[256] = {
+ 0xa3aa1887, 0xd65e435c, 0x0b65c042, 0x800e6ef4,
+ 0xfc57ee20, 0x4d84fed3, 0xf066c502, 0xf354e8ae,
+ 0xbb2ee9d9, 0x281f38d4, 0x1f829b5d, 0x735cdf3c,
+ 0x95864249, 0xbc2e3963, 0xa1f4429f, 0xf6432c35,
+ 0xf7f40325, 0x3cc0dd70, 0x5f973ded, 0x9902dc5e,
+ 0xda175b42, 0x590012bf, 0xdc94d78c, 0x39aab26b,
+ 0x4ac11b9a, 0x8c168146, 0xc3ea8ec5, 0x058ac28f,
+ 0x52ed5c0f, 0x25b4101c, 0x5a2db082, 0x370929e1,
+ 0x2a1843de, 0xfe8299fc, 0x202fbc4b, 0x833915dd,
+ 0x33a803fa, 0xd446b2de, 0x46233342, 0x4fcee7c3,
+ 0x3ad607ef, 0x9e97ebab, 0x507f859b, 0xe81f2e2f,
+ 0xc55b71da, 0xd7e2269a, 0x1339c3d1, 0x7ca56b36,
+ 0xa6c9def2, 0xb5c9fc5f, 0x5927b3a3, 0x89a56ddf,
+ 0xc625b510, 0x560f85a7, 0xace82e71, 0x2ecb8816,
+ 0x44951e2a, 0x97f5f6af, 0xdfcbc2b3, 0xce4ff55d,
+ 0xcb6b6214, 0x2b0b83e3, 0x549ea6f5, 0x9de041af,
+ 0x792f1f17, 0xf73b99ee, 0x39a65ec0, 0x4c7016c6,
+ 0x857709a4, 0xd6326e01, 0xc7b280d9, 0x5cfb1418,
+ 0xa6aff227, 0xfd548203, 0x506b9d96, 0xa117a8c0,
+ 0x9cd5bf6e, 0xdcee7888, 0x61fcfe64, 0xf7a193cd,
+ 0x050d0184, 0xe8ae4930, 0x88014f36, 0xd6a87088,
+ 0x6bad6c2a, 0x1422c678, 0xe9204de7, 0xb7c2e759,
+ 0x0200248e, 0x013b446b, 0xda0d9fc2, 0x0414a895,
+ 0x3a6cc3a1, 0x56fef170, 0x86c19155, 0xcf7b8a66,
+ 0x551b5e69, 0xb4a8623e, 0xa2bdfa35, 0xc4f068cc,
+ 0x573a6acd, 0x6355e936, 0x03602db9, 0x0edf13c1,
+ 0x2d0bb16d, 0x6980b83c, 0xfeb23763, 0x3dd8a911,
+ 0x01b6bc13, 0xf55579d7, 0xf55c2fa8, 0x19f4196e,
+ 0xe7db5476, 0x8d64a866, 0xc06e16ad, 0xb17fc515,
+ 0xc46feb3c, 0x8bc8a306, 0xad6799d9, 0x571a9133,
+ 0x992466dd, 0x92eb5dcd, 0xac118f50, 0x9fafb226,
+ 0xa1b9cef3, 0x3ab36189, 0x347a19b1, 0x62c73084,
+ 0xc27ded5c, 0x6c8bc58f, 0x1cdde421, 0xed1e47fb,
+ 0xcdcc715e, 0xb9c0ff99, 0x4b122f0f, 0xc4d25184,
+ 0xaf7a5e6c, 0x5bbf18bc, 0x8dd7c6e0, 0x5fb7e420,
+ 0x521f523f, 0x4ad9b8a2, 0xe9da1a6b, 0x97888c02,
+ 0x19d1e354, 0x5aba7d79, 0xa2cc7753, 0x8c2d9655,
+ 0x19829da1, 0x531590a7, 0x19c1c149, 0x3d537f1c,
+ 0x50779b69, 0xed71f2b7, 0x463c58fa, 0x52dc4418,
+ 0xc18c8c76, 0xc120d9f0, 0xafa80d4d, 0x3b74c473,
+ 0xd09410e9, 0x290e4211, 0xc3c8082b, 0x8f6b334a,
+ 0x3bf68ed2, 0xa843cc1b, 0x8d3c0ff3, 0x20e564a0,
+ 0xf8f55a4f, 0x2b40f8e7, 0xfea7f15f, 0xcf00fe21,
+ 0x8a6d37d6, 0xd0d506f1, 0xade00973, 0xefbbde36,
+ 0x84670fa8, 0xfa31ab9e, 0xaedab618, 0xc01f52f5,
+ 0x6558eb4f, 0x71b9e343, 0x4b8d77dd, 0x8cb93da6,
+ 0x740fd52d, 0x425412f8, 0xc5a63360, 0x10e53ad0,
+ 0x5a700f1c, 0x8324ed0b, 0xe53dc1ec, 0x1a366795,
+ 0x6d549d15, 0xc5ce46d7, 0xe17abe76, 0x5f48e0a0,
+ 0xd0f07c02, 0x941249b7, 0xe49ed6ba, 0x37a47f78,
+ 0xe1cfffbd, 0xb007ca84, 0xbb65f4da, 0xb59f35da,
+ 0x33d2aa44, 0x417452ac, 0xc0d674a7, 0x2d61a46a,
+ 0xdc63152a, 0x3e12b7aa, 0x6e615927, 0xa14fb118,
+ 0xa151758d, 0xba81687b, 0xe152f0b3, 0x764254ed,
+ 0x34c77271, 0x0a31acab, 0x54f94aec, 0xb9e994cd,
+ 0x574d9e81, 0x5b623730, 0xce8a21e8, 0x37917f0b,
+ 0xe8a9b5d6, 0x9697adf8, 0xf3d30431, 0x5dcac921,
+ 0x76b35d46, 0xaa430a36, 0xc2194022, 0x22bca65e,
+ 0xdaec70ba, 0xdfaea8cc, 0x777bae8b, 0x242924d5,
+ 0x1f098a5a, 0x4b396b81, 0x55de2522, 0x435c1cb8,
+ 0xaeb8fe1d, 0x9db3c697, 0x5b164f83, 0xe0c16376,
+ 0xa319224c, 0xd0203b35, 0x433ac0fe, 0x1466a19a,
+ 0x45f0b24f, 0x51fda998, 0xc0d52d71, 0xfa0896a8,
+ 0xf9e6053f, 0xa4b0d300, 0xd499cbcc, 0xb95e3d40,
+};
+
+#endif /* __LTC_SOBER128TAB_C__ */
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */