From fcdf293356dc62e44d974a27e5fd39148cf2e14d Mon Sep 17 00:00:00 2001
From: "jan-dominik.blome" <jan-dominik.blome@teamviewer.com>
Date: Wed, 15 Mar 2017 12:19:31 +0100
Subject: [PATCH 001/200] Remove unnecessary static from reference to singleton

---
 osrng.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/osrng.cpp b/osrng.cpp
index 0619b34d..6d36aaea 100644
--- a/osrng.cpp
+++ b/osrng.cpp
@@ -146,7 +146,7 @@ void NonblockingRng::GenerateBlock(byte *output, size_t size)
 {
 #ifdef CRYPTOPP_WIN32_AVAILABLE
 	// Acquiring a provider is expensive. Do it once and retain the reference.
-	static const MicrosoftCryptoProvider &hProvider = Singleton<MicrosoftCryptoProvider>().Ref();
+	const MicrosoftCryptoProvider &hProvider = Singleton<MicrosoftCryptoProvider>().Ref();
 # if defined(USE_MS_CRYPTOAPI)
 	if (!CryptGenRandom(hProvider.GetProviderHandle(), (DWORD)size, output))
 		throw OS_RNG_Err("CryptGenRandom");

From 30263ee4978e350b449549d7b71f7bacede5c7de Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 23 Mar 2017 15:39:43 -0400
Subject: [PATCH 002/200] Rename rdrand.S to rdrand.s

The file is not preprocessed
---
 rdrand.S => rdrand.s | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename rdrand.S => rdrand.s (100%)

diff --git a/rdrand.S b/rdrand.s
similarity index 100%
rename from rdrand.S
rename to rdrand.s

From 6381faf2774f88c037b29f47b99bbbab353c48df Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 23 Mar 2017 16:05:30 -0400
Subject: [PATCH 003/200] Rename rdrand.S to rdrand.s

---
 Doxyfile       |  2 +-
 Filelist.txt   |  2 +-
 GNUmakefile    | 10 +++++-----
 rdrand-nasm.sh | 26 +++++++++++++-------------
 rdrand.s       |  6 +++---
 5 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/Doxyfile b/Doxyfile
index b77de55d..344c077f 100644
--- a/Doxyfile
+++ b/Doxyfile
@@ -767,7 +767,7 @@ INPUT                  = . \
                          GNUmakefile \
                          GNUmakefile-cross \
                          rdrand.asm \
-                         rdrand.S
+                         rdrand.s
 
 # This tag can be used to specify the character encoding of the source files
 # that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses
diff --git a/Filelist.txt b/Filelist.txt
index 0d4d1bcf..b4f9735a 100644
--- a/Filelist.txt
+++ b/Filelist.txt
@@ -210,7 +210,7 @@ rc6.cpp
 rc6.h
 rdrand-masm.cmd
 rdrand-nasm.sh
-rdrand.S
+rdrand.s
 rdrand.asm
 rdrand.cpp
 rdrand.h
diff --git a/GNUmakefile b/GNUmakefile
index a666c357..d26434d6 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -704,21 +704,21 @@ endif
 .PHONY: trim
 trim:
 ifneq ($(IS_DARWIN),0)
-	sed -i '' -e's/[[:space:]]*$$//' *.sh *.h *.cpp *.asm *.S *.sln *.vcxproj *.filters GNUmakefile GNUmakefile-cross
+	sed -i '' -e's/[[:space:]]*$$//' *.sh *.h *.cpp *.asm *.s *.sln *.vcxproj *.filters GNUmakefile GNUmakefile-cross
 	make convert
 else
-	sed -i -e's/[[:space:]]*$$//' *.sh *.h *.cpp *.asm *.S *.sln *.vcxproj *.filters GNUmakefile GNUmakefile-cross
+	sed -i -e's/[[:space:]]*$$//' *.sh *.h *.cpp *.asm *.s *.sln *.vcxproj *.filters GNUmakefile GNUmakefile-cross
 	make convert
 endif
 
 .PHONY: convert
 convert:
 	@-$(CHMOD) 0700 TestVectors/ TestData/ TestScripts/
-	@-$(CHMOD) 0600 $(TEXT_FILES) *.asm *.S *.zip *.cmake TestVectors/*.txt TestData/*.dat
+	@-$(CHMOD) 0600 $(TEXT_FILES) *.asm *.s *.zip *.cmake TestVectors/*.txt TestData/*.dat
 	@-$(CHMOD) 0700 $(EXEC_FILES) *.sh *.cmd TestScripts/*.sh TestScripts/*.pl TestScripts/*.cmd
 	@-$(CHMOD) 0700 *.cmd *.sh GNUmakefile GNUmakefile-cross TestScripts/*.sh TestScripts/*.pl
 	-unix2dos --keepdate --quiet $(TEXT_FILES) *.asm *.cmd *.cmake TestScripts/*.pl TestScripts/*.cmd
-	-dos2unix --keepdate --quiet GNUmakefile GNUmakefile-cross *.S *.sh TestScripts/*.sh
+	-dos2unix --keepdate --quiet GNUmakefile GNUmakefile-cross *.s *.sh TestScripts/*.sh
 ifneq ($(IS_DARWIN),0)
 	@-xattr -c *
 endif
@@ -764,7 +764,7 @@ endif # Dependencies
 
 # Run rdrand-nasm.sh to create the object files
 ifeq ($(USE_NASM),1)
-rdrand.o: rdrand.h rdrand.cpp rdrand.S
+rdrand.o: rdrand.h rdrand.cpp rdrand.s
 	$(CXX) $(strip $(CXXFLAGS)) -DNASM_RDRAND_ASM_AVAILABLE=1 -DNASM_RDSEED_ASM_AVAILABLE=1 -c rdrand.cpp
 rdrand-%.o:
 	./rdrand-nasm.sh
diff --git a/rdrand-nasm.sh b/rdrand-nasm.sh
index 8fb68597..0cdf1c04 100755
--- a/rdrand-nasm.sh
+++ b/rdrand-nasm.sh
@@ -20,39 +20,39 @@ fi
 
 if [ "$IS_LINUX" -eq "1" ]; then
     echo "Building rdrand and rdseed modules for Linux"
-    nasm -f elf32 rdrand.S -DX86 -g -o rdrand-x86.o
-    nasm -f elfx32 rdrand.S -DX32 -g -o rdrand-x32.o
-    nasm -f elf64 rdrand.S -DX64 -g -o rdrand-x64.o
+    nasm -f elf32 rdrand.s -DX86 -g -o rdrand-x86.o
+    nasm -f elfx32 rdrand.s -DX32 -g -o rdrand-x32.o
+    nasm -f elf64 rdrand.s -DX64 -g -o rdrand-x64.o
     SUCCESS=1
 fi
 
 if [ "$IS_OPENBSD" -eq "1" ] || [ "$IS_NETBSD" -eq "1" ] || [ "$IS_FREEBSD" -eq "1" ] || [ "$IS_DRAGONFLY" -eq "1" ]; then
     echo "Building rdrand and rdseed modules for BSD"
-    nasm -f elf32 rdrand.S -DX86 -g -o rdrand-x86.o
-    nasm -f elfx32 rdrand.S -DX32 -g -o rdrand-x32.o
-    nasm -f elf64 rdrand.S -DX64 -g -o rdrand-x64.o
+    nasm -f elf32 rdrand.s -DX86 -g -o rdrand-x86.o
+    nasm -f elfx32 rdrand.s -DX32 -g -o rdrand-x32.o
+    nasm -f elf64 rdrand.s -DX64 -g -o rdrand-x64.o
     SUCCESS=1
 fi
 
 if [ "$IS_SOLARIS" -eq "1" ]; then
     echo "Building rdrand and rdseed modules for Solaris"
-    nasm -f elf32 rdrand.S -DX86 -o rdrand-x86.o
-    nasm -f elfx32 rdrand.S -DX32 -o rdrand-x32.o
-    nasm -f elf64 rdrand.S -DX64 -o rdrand-x64.o
+    nasm -f elf32 rdrand.s -DX86 -o rdrand-x86.o
+    nasm -f elfx32 rdrand.s -DX32 -o rdrand-x32.o
+    nasm -f elf64 rdrand.s -DX64 -o rdrand-x64.o
     SUCCESS=1
 fi
 
 if [ "$IS_DARWIN" -eq "1" ]; then
     echo "Building rdrand and rdseed modules for Darwin"
-    nasm -f macho32 rdrand.S -DDARWIN -DX86 -g -o rdrand-x86.o
-    nasm -f macho64 rdrand.S -DDARWIN -DX64 -g -o rdrand-x64.o
+    nasm -f macho32 rdrand.s -DDARWIN -DX86 -g -o rdrand-x86.o
+    nasm -f macho64 rdrand.s -DDARWIN -DX64 -g -o rdrand-x64.o
     SUCCESS=1
 fi
 
 if [ "$IS_CYGWIN" -eq "1" ]; then
     echo "Building rdrand and rdseed modules for Cygwin"
-    nasm -f win32 rdrand.S -DCYGWIN -DX86 -g -o rdrand-x86.o
-    nasm -f win64 rdrand.S -DCYGWIN -DX64 -g -o rdrand-x64.o
+    nasm -f win32 rdrand.s -DCYGWIN -DX86 -g -o rdrand-x86.o
+    nasm -f win64 rdrand.s -DCYGWIN -DX64 -g -o rdrand-x64.o
     SUCCESS=1
 fi
 
diff --git a/rdrand.s b/rdrand.s
index 474a6832..d46d2c8e 100644
--- a/rdrand.s
+++ b/rdrand.s
@@ -6,9 +6,9 @@
 ;; of intrinsics. The routines below run a little faster than the intrinsic
 ;; based routines.
 
-;; nasm -f elf32 rdrand.S -DX86 -g -o rdrand-x86.o
-;; nasm -f elfx32 rdrand.S -DX32 -g -o rdrand-x32.o
-;; nasm -f elf64 rdrand.S -DX64 -g -o rdrand-x64.o
+;; nasm -f elf32 rdrand.s -DX86 -g -o rdrand-x86.o
+;; nasm -f elfx32 rdrand.s -DX32 -g -o rdrand-x32.o
+;; nasm -f elf64 rdrand.s -DX64 -g -o rdrand-x64.o
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

From 661ddad1f24ab03b44ee77c1f79bf938a8c47687 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 24 Mar 2017 23:24:46 -0400
Subject: [PATCH 004/200] Fix Solaris compile due to StreamState "validate.h",
 line 155: Error: Overloading ambiguity between
 "std::ios::basic_ios(std::streambuf *)" and "std::ios::basic_ios(int)".

---
 validate.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/validate.h b/validate.h
index ad690c28..b6fc1eca 100644
--- a/validate.h
+++ b/validate.h
@@ -121,7 +121,7 @@ bool TestHuffmanCodes();
 bool TestASN1Parse();
 #endif
 
-#if 0
+#if 1
 // Coverity findings in benchmark and validation routines
 class StreamState
 {
@@ -148,6 +148,7 @@ private:
 };
 #endif
 
+#if 0
 class StreamState
 {
 public:
@@ -166,6 +167,7 @@ private:
 	std::ostream& m_out;
 	std::ios m_state;
 };
+#endif
 
 // Safer functions on Windows for C&A, https://github.com/weidai11/cryptopp/issues/55
 static std::string TimeToString(const time_t& t)

From 6c50a99254bcb76fb9b2b476b392bbfe2259f409 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 25 Mar 2017 01:42:23 -0400
Subject: [PATCH 005/200] Fix GNUmakefile to keep *.s files The distclean
 recipe deleted ASM files (*.s) rather than preprocessed ASM files (*.S).
 Leave them both now.

---
 GNUmakefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/GNUmakefile b/GNUmakefile
index d26434d6..fc4b756c 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -589,7 +589,7 @@ clean:
 distclean: clean
 	-$(RM) adhoc.cpp adhoc.cpp.copied GNUmakefile.deps benchmarks.html cryptest.txt cryptest-*.txt
 	@-$(RM) CMakeCache.txt Makefile CTestTestfile.cmake cmake_install.cmake cryptopp-config-version.cmake
-	@-$(RM) cryptopp.tgz *.o *.bc *.ii *.s *~
+	@-$(RM) cryptopp.tgz *.o *.bc *.ii *~
 	@-$(RM) -r $(SRCS:.cpp=.obj) *.suo *.sdf *.pdb Win32/ x64/ ipch/
 	@-$(RM) -r CMakeFiles/
 	@-$(RM) -r $(DOCUMENT_DIRECTORY)/

From 0e55f5ac7d98f3c852ace7b4622f40cfa60b629f Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 25 Mar 2017 16:38:42 -0400
Subject: [PATCH 006/200] Remove g_pAssignIntToInteger pointer, add
 CRYPTOPP_NO_ASSIGN_TO_INTEGER (Issue 389) This effectively decouples Integer
 and Public Key from the rest of the library. The change means a compile time
 define is used rather than a runtime pointer. It avoids the race with Issue
 389. The Public Key algorithms will fail if you use them. For example,
 running the self tests with CRYPTOPP_NO_ASSIGN_TO_INTEGER in effect results
 in "CryptoPP::Exception caught: NameValuePairs: type mismatch for
 'EquivalentTo', stored 'i', trying to retrieve 'N8CryptoPP7IntegerE'". The
 exception is expected, and the same happend when g_pAssignIntToInteger was
 present.

---
 algparam.cpp |  2 --
 algparam.h   | 14 +++++++-----
 config.h     |  7 ++++++
 integer.cpp  | 60 ++++++++++++++++++++++++++++------------------------
 integer.h    |  7 +++++-
 5 files changed, 54 insertions(+), 36 deletions(-)

diff --git a/algparam.cpp b/algparam.cpp
index b6b0b34e..ff394f21 100644
--- a/algparam.cpp
+++ b/algparam.cpp
@@ -9,8 +9,6 @@
 
 NAMESPACE_BEGIN(CryptoPP)
 
-PAssignIntToInteger g_pAssignIntToInteger = NULLPTR;
-
 bool CombinedNameValuePairs::GetVoidValue(const char *name, const std::type_info &valueType, void *pValue) const
 {
 	if (strcmp(name, "ValueNames") == 0)
diff --git a/algparam.h b/algparam.h
index 9e274f49..c66fe984 100644
--- a/algparam.h
+++ b/algparam.h
@@ -298,9 +298,11 @@ AssignFromHelperClass<T, T> AssignFromHelper(T *pObject, const NameValuePairs &s
 
 // ********************************************************
 
-// to allow the linker to discard Integer code if not needed.
-typedef bool (CRYPTOPP_API * PAssignIntToInteger)(const std::type_info &valueType, void *pInteger, const void *pInt);
-CRYPTOPP_DLL extern PAssignIntToInteger g_pAssignIntToInteger;
+#ifndef CRYPTOPP_NO_ASSIGN_TO_INTEGER
+// Allow the linker to discard Integer code if not needed.
+// Also see http://github.com/weidai11/cryptopp/issues/389.
+bool AssignIntToInteger(const std::type_info &valueType, void *pInteger, const void *pInt);
+#endif
 
 CRYPTOPP_DLL const std::type_info & CRYPTOPP_API IntegerTypeId();
 
@@ -386,8 +388,10 @@ public:
 
 	void AssignValue(const char *name, const std::type_info &valueType, void *pValue) const
 	{
-		// special case for retrieving an Integer parameter when an int was passed in
-		if (!(g_pAssignIntToInteger != NULLPTR && typeid(T) == typeid(int) && g_pAssignIntToInteger(valueType, pValue, &m_value)))
+#ifndef CRYPTOPP_NO_ASSIGN_TO_INTEGER
+		// Special case for retrieving an Integer parameter when an int was passed in
+		if (!(typeid(T) == typeid(int) && AssignIntToInteger(valueType, pValue, &m_value)))
+#endif
 		{
 			NameValuePairs::ThrowIfTypeMismatch(name, typeid(T), valueType);
 			*reinterpret_cast<T *>(pValue) = m_value;
diff --git a/config.h b/config.h
index cfa3a9b6..f3f37d3e 100644
--- a/config.h
+++ b/config.h
@@ -103,6 +103,13 @@
 // of 'b', 'o', 'h' or '.' (the last for decimal).
 // #define CRYPTOPP_USE_STD_SHOWBASE
 
+// Define this if you want to decouple AlgorithmParameters and Integer
+// The decoupling should make it easier for the linker to remove Integer
+// related code for those who do not need Integer, and avoid a potential
+// race during AssignIntToInteger pointer initialization. Also
+// see http://github.com/weidai11/cryptopp/issues/389.
+// #define CRYPTOPP_NO_ASSIGN_TO_INTEGER
+
 // choose which style of sockets to wrap (mostly useful for MinGW which has both)
 #if !defined(NO_BERKELEY_STYLE_SOCKETS) && !defined(PREFER_BERKELEY_STYLE_SOCKETS)
 # define PREFER_BERKELEY_STYLE_SOCKETS
diff --git a/integer.cpp b/integer.cpp
index 700e8902..8df0b567 100644
--- a/integer.cpp
+++ b/integer.cpp
@@ -72,6 +72,12 @@
 // ***************** C++ Static Initialization ********************
 
 NAMESPACE_BEGIN(CryptoPP)
+static void SetFunctionPointers();
+InitializeInteger::InitializeInteger()
+{
+	SetFunctionPointers();
+}
+
 template <long i>
 struct NewInteger
 {
@@ -80,54 +86,28 @@ struct NewInteger
 		return new Integer(i);
 	}
 };
-
-static void SetFunctionPointers();
-bool AssignIntToInteger(const std::type_info &valueType, void *pInteger, const void *pInt);
 NAMESPACE_END
 
 ANONYMOUS_NAMESPACE_BEGIN
-struct InitializeInteger
-{
-	InitializeInteger()
-	{
-		CryptoPP::SetFunctionPointers();
-		CryptoPP::g_pAssignIntToInteger = (CryptoPP::PAssignIntToInteger)CryptoPP::AssignIntToInteger;
-	}
-};
-
 #if HAVE_GCC_INIT_PRIORITY
-const InitializeInteger s_init __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 30))) = InitializeInteger();
+const CryptoPP::InitializeInteger s_init __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 30))) = CryptoPP::InitializeInteger();
 const CryptoPP::Integer s_zero __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 31))) = CryptoPP::Integer(0L);
 const CryptoPP::Integer  s_one __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 32))) = CryptoPP::Integer(1L);
 const CryptoPP::Integer  s_two __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 33))) = CryptoPP::Integer(2L);
 #elif HAVE_MSC_INIT_PRIORITY
 #pragma warning(disable: 4075)
 #pragma init_seg(".CRT$XCU-030")
-const InitializeInteger s_init;
+const CryptoPP::InitializeInteger s_init;
 const CryptoPP::Integer s_zero(0L);
 const CryptoPP::Integer  s_one(1L);
 const CryptoPP::Integer  s_two(2L);
 #pragma warning(default: 4075)
-#else
-const InitializeInteger& s_init = CryptoPP::Singleton<InitializeInteger>().Ref();
-const CryptoPP::Integer& s_zero = CryptoPP::Singleton<CryptoPP::Integer, CryptoPP::NewInteger<0L> >().Ref();
-const CryptoPP::Integer&  s_one = CryptoPP::Singleton<CryptoPP::Integer, CryptoPP::NewInteger<1L> >().Ref();
-const CryptoPP::Integer&  s_two = CryptoPP::Singleton<CryptoPP::Integer, CryptoPP::NewInteger<2L> >().Ref();
 #endif
 ANONYMOUS_NAMESPACE_END
 
 // ***************** Library code ********************
 
 NAMESPACE_BEGIN(CryptoPP)
-
-bool AssignIntToInteger(const std::type_info &valueType, void *pInteger, const void *pInt)
-{
-	if (valueType != typeid(Integer))
-		return false;
-	*reinterpret_cast<Integer *>(pInteger) = *reinterpret_cast<const int *>(pInt);
-	return true;
-}
-
 inline static int Compare(const word *A, const word *B, size_t N)
 {
 	while (N--)
@@ -3045,17 +3025,29 @@ Integer Integer::Power2(size_t e)
 
 const Integer &Integer::Zero()
 {
+#if HAVE_GCC_INIT_PRIORITY || HAVE_MSC_INIT_PRIORITY
 	return s_zero;
+#else
+	return Singleton<Integer, NewInteger<0L> >().Ref();
+#endif
 }
 
 const Integer &Integer::One()
 {
+#if HAVE_GCC_INIT_PRIORITY || HAVE_MSC_INIT_PRIORITY
 	return s_one;
+#else
+	return Singleton<Integer, NewInteger<1L> >().Ref();
+#endif
 }
 
 const Integer &Integer::Two()
 {
+#if HAVE_GCC_INIT_PRIORITY || HAVE_MSC_INIT_PRIORITY
 	return s_two;
+#else
+	return Singleton<Integer, NewInteger<2L> >().Ref();
+#endif
 }
 
 bool Integer::operator!() const
@@ -4749,6 +4741,18 @@ std::string IntToString<word64>(word64 value, unsigned int base)
 	return result;
 }
 
+#ifndef CRYPTOPP_NO_ASSIGN_TO_INTEGER
+// Allow the linker to discard Integer code if not needed.
+// Also see http://github.com/weidai11/cryptopp/issues/389.
+bool AssignIntToInteger(const std::type_info &valueType, void *pInteger, const void *pInt)
+{
+	if (valueType != typeid(Integer))
+		return false;
+	*reinterpret_cast<Integer *>(pInteger) = *reinterpret_cast<const int *>(pInt);
+	return true;
+}
+#endif
+
 NAMESPACE_END
 
 #endif
diff --git a/integer.h b/integer.h
index 1ab5e98c..6e639b2b 100644
--- a/integer.h
+++ b/integer.h
@@ -40,7 +40,12 @@ typedef SecBlock<word, AllocatorWithCleanup<word, true> > IntegerSecBlock;
 //!   used to track the sign of the Integer.
 //! \since Crypto++ 1.0
 //! \nosubgrouping
-class CRYPTOPP_DLL Integer : public ASN1Object
+class CRYPTOPP_DLL Integer
+#if HAVE_GCC_INIT_PRIORITY || HAVE_MSC_INIT_PRIORITY
+		: private InitializeInteger, public ASN1Object
+#else
+		: public ASN1Object
+#endif
 {
 public:
 	//! \name ENUMS, EXCEPTIONS, and TYPEDEFS

From c305e8812772582edeb6e373b6e34feb59f3799f Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 27 Mar 2017 06:06:12 -0400
Subject: [PATCH 007/200] Fix runtime crash when CRYPTOPP_INIT_PRIORITY=0
 Couple use of initialization priorities to no NO_OS_DEPENDENCE Add comments
 explaining what integer does, how it does it, and why we want to inprove on
 the Singleton pattern as a resource manager. Update documentation.

---
 config.h    |  5 ++--
 integer.cpp | 79 +++++++++++++++++++++++++++++++++++++++++++++++------
 integer.h   | 13 +++++----
 3 files changed, 80 insertions(+), 17 deletions(-)

diff --git a/config.h b/config.h
index f3f37d3e..1d96fbd4 100644
--- a/config.h
+++ b/config.h
@@ -596,13 +596,14 @@ NAMESPACE_END
 # define CRYPTOPP_USER_PRIORITY 350
 #endif
 
-#if (CRYPTOPP_INIT_PRIORITY > 0) && !(defined(__APPLE__) || defined(__sun__))
+// Most platforms allow us to specify when to create C++ objects. Apple and Sun do not.
+#if (CRYPTOPP_INIT_PRIORITY > 0) && !(defined(NO_OS_DEPENDENCE) || defined(__APPLE__) || defined(__sun__))
 # if (CRYPTOPP_GCC_VERSION >= 30000) || (CRYPTOPP_LLVM_CLANG_VERSION >= 20900) || (_INTEL_COMPILER >= 800)
 #  define HAVE_GCC_INIT_PRIORITY 1
 # elif (CRYPTOPP_MSC_VERSION >= 1310)
 #  define HAVE_MSC_INIT_PRIORITY 1
 # endif
-#endif  // CRYPTOPP_INIT_PRIORITY, Sun, Darwin
+#endif  // CRYPTOPP_INIT_PRIORITY, NO_OS_DEPENDENCE, Apple, Sun
 
 // ***************** determine availability of OS features ********************
 
diff --git a/integer.cpp b/integer.cpp
index 8df0b567..317ad89f 100644
--- a/integer.cpp
+++ b/integer.cpp
@@ -1,6 +1,37 @@
 // integer.cpp - originally written and placed in the public domain by Wei Dai
 // contains public domain code contributed by Alister Lee and Leonard Janke
 
+// Notes by JW: The Integer class needs to do two things. First, it needs to set function
+//  pointers on some platforms, like X86 and X64. The function pointers select a fast multiply
+//  and addition based on the cpu. Second, it wants to create Integer::Zero(), Integer::One()
+//  and Integer::Two(). The function pointers are initialized in the class InitializeInteger.
+// Wei's original code was much simpler. It uses the Singleton pattern, but it always produced
+//  memory findings. The Singleton generates memory findings because it used for a Create on
+//  First Use pattern. Resource destruction effectivley requires running resource acquisition
+//  with dependencies in reverse. For resources provided through the Singletons, there is no way
+//  to express the dependency order to safely destroy resources.
+// The difference in the changes below is we use platform and language specific remediations
+//  if they are available. If not available, then we fall back to Wei's original code. If
+//  NO_OS_DEPENDENCE is defined, then the library uses Wei's original code.
+// Under all versions of C++ on Linux and Microsoft platforms, we can use GCC's init_priority
+//  or MSVC's init_seg(lib) to initialize the function pointers and create the Integers 0, 1 and 2
+//  after CRT startup. This avoids the Singletons and clears over half the reports of memory
+//  leaks. However, it does not apply to Apple or Sun platforms.
+// C++11 allows us to use call_once to set the function pointers, and Integer does so when
+//  init_priority and init_seg(lib) are not available. The class also uses the Singleton pattern
+//  to ensure integers 0, 1 and 2 are available. The Singleton will produce memory findings, but
+//  we don't have anything else to use in this case.
+// C++03 on platforms like Apple and Sun, we use a boolean flag to track when the function pointers
+//  have been set based on the cpu. Its just a Nifty Counter in disguise, and its similar to using
+//  the g_pAssignToInteger to track initialization. It has concurrency issues, but a race is not a
+//  problem. It does not matter if two threads both set the same pointers. The Singleton pattern
+//  is also used to ensure integers 0, 1 and 2 are available. The Singleton will produce memory
+//  findings, but we don't have anything else to use in this case.
+// While not readily apparent, Integer does not need to inherit from InitializeInteger when
+//  init_priority and init_seg(lib) are available. They just create an InitializePointers object
+//  at the right time after CRT initialization. The additional class avoids the small runtime
+//  overhead associated with checking the flags, and hides the detail from the interface.
+
 #include "pch.h"
 #include "config.h"
 
@@ -28,6 +59,7 @@
 #include "smartptr.h"
 #include "algparam.h"
 #include "filters.h"
+#include "stdcpp.h"
 #include "asn.h"
 #include "oids.h"
 #include "words.h"
@@ -73,11 +105,40 @@
 
 NAMESPACE_BEGIN(CryptoPP)
 static void SetFunctionPointers();
+#if defined(HAVE_GCC_INIT_PRIORITY) || defined(HAVE_MSC_INIT_PRIORITY)
+// Add InitializePointers to perform the work of setting pointers once.
+struct InitializePointers
+{
+	InitializePointers()
+	{
+		SetFunctionPointers();
+	}
+};
+// Leave InitializeInteger empty so no work is done.
 InitializeInteger::InitializeInteger()
 {
-	SetFunctionPointers();
 }
-
+#elif defined(CRYPTOPP_CXX11_SYNCHRONIZATION) && defined(CRYPTOPP_CXX11_DYNAMIC_INIT)
+std::once_flag s_flag;
+InitializeInteger::InitializeInteger()
+{
+	std::call_once(s_flag, []() {
+		SetFunctionPointers();
+	});
+}
+#else
+static bool s_flag;
+InitializeInteger::InitializeInteger()
+{
+	MEMORY_BARRIER();
+	if (s_flag == false)
+	{
+		SetFunctionPointers();
+		s_flag = true;
+		MEMORY_BARRIER();
+	}
+}
+#endif
 template <long i>
 struct NewInteger
 {
@@ -89,15 +150,15 @@ struct NewInteger
 NAMESPACE_END
 
 ANONYMOUS_NAMESPACE_BEGIN
-#if HAVE_GCC_INIT_PRIORITY
-const CryptoPP::InitializeInteger s_init __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 30))) = CryptoPP::InitializeInteger();
+#if defined(HAVE_GCC_INIT_PRIORITY)
+const CryptoPP::InitializePointers s_init __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 30))) = CryptoPP::InitializePointers();
 const CryptoPP::Integer s_zero __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 31))) = CryptoPP::Integer(0L);
 const CryptoPP::Integer  s_one __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 32))) = CryptoPP::Integer(1L);
 const CryptoPP::Integer  s_two __attribute__ ((init_priority (CRYPTOPP_INIT_PRIORITY + 33))) = CryptoPP::Integer(2L);
-#elif HAVE_MSC_INIT_PRIORITY
+#elif defined(HAVE_MSC_INIT_PRIORITY)
 #pragma warning(disable: 4075)
 #pragma init_seg(".CRT$XCU-030")
-const CryptoPP::InitializeInteger s_init;
+const CryptoPP::InitializePointers s_init;
 const CryptoPP::Integer s_zero(0L);
 const CryptoPP::Integer  s_one(1L);
 const CryptoPP::Integer  s_two(2L);
@@ -3025,7 +3086,7 @@ Integer Integer::Power2(size_t e)
 
 const Integer &Integer::Zero()
 {
-#if HAVE_GCC_INIT_PRIORITY || HAVE_MSC_INIT_PRIORITY
+#if defined(HAVE_GCC_INIT_PRIORITY) || defined(HAVE_MSC_INIT_PRIORITY)
 	return s_zero;
 #else
 	return Singleton<Integer, NewInteger<0L> >().Ref();
@@ -3034,7 +3095,7 @@ const Integer &Integer::Zero()
 
 const Integer &Integer::One()
 {
-#if HAVE_GCC_INIT_PRIORITY || HAVE_MSC_INIT_PRIORITY
+#if defined(HAVE_GCC_INIT_PRIORITY) || defined(HAVE_MSC_INIT_PRIORITY)
 	return s_one;
 #else
 	return Singleton<Integer, NewInteger<1L> >().Ref();
@@ -3043,7 +3104,7 @@ const Integer &Integer::One()
 
 const Integer &Integer::Two()
 {
-#if HAVE_GCC_INIT_PRIORITY || HAVE_MSC_INIT_PRIORITY
+#if defined(HAVE_GCC_INIT_PRIORITY) || defined(HAVE_MSC_INIT_PRIORITY)
 	return s_two;
 #else
 	return Singleton<Integer, NewInteger<2L> >().Ref();
diff --git a/integer.h b/integer.h
index 6e639b2b..41700447 100644
--- a/integer.h
+++ b/integer.h
@@ -8,6 +8,9 @@
 //!   has two data members. The first is a IntegerSecBlock (a SecBlock<word>) and it is
 //!   used to hold the representation. The second is a Sign (an enumeration), and it is
 //!   used to track the sign of the Integer.
+//! \details For details on how the Integer class initializes its function pointers using
+//!   InitializeInteger and how it creates Integer::Zero(), Integer::One(), and
+//!   Integer::Two(), then see the comments at the top of <tt>integer.cpp</tt>.
 //! \since Crypto++ 1.0
 
 #ifndef CRYPTOPP_INTEGER_H
@@ -38,14 +41,12 @@ typedef SecBlock<word, AllocatorWithCleanup<word, true> > IntegerSecBlock;
 //!   has two data members. The first is a IntegerSecBlock (a SecBlock<word>) and it is
 //!   used to hold the representation. The second is a Sign (an enumeration), and it is
 //!   used to track the sign of the Integer.
+//! \details For details on how the Integer class initializes its function pointers using
+//!   InitializeInteger and how it creates Integer::Zero(), Integer::One(), and
+//!   Integer::Two(), then see the comments at the top of <tt>integer.cpp</tt>.
 //! \since Crypto++ 1.0
 //! \nosubgrouping
-class CRYPTOPP_DLL Integer
-#if HAVE_GCC_INIT_PRIORITY || HAVE_MSC_INIT_PRIORITY
-		: private InitializeInteger, public ASN1Object
-#else
-		: public ASN1Object
-#endif
+class CRYPTOPP_DLL Integer : private InitializeInteger, public ASN1Object
 {
 public:
 	//! \name ENUMS, EXCEPTIONS, and TYPEDEFS

From c21023e2dc69232c13f119ab0584b960a55e8754 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 28 Mar 2017 23:49:58 -0400
Subject: [PATCH 008/200] Removed 'aligned' makefile target. It was made
 default in 5.6.5

---
 GNUmakefile | 11 ++---------
 blake2.cpp  |  3 +--
 2 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/GNUmakefile b/GNUmakefile
index fc4b756c..31b4fcdb 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -391,13 +391,6 @@ endif # ELF/ELF64
 endif # CXXFLAGS
 endif # Gold
 
-# Aligned access testing. Issue 'make aligned'.
-ifneq ($(filter align aligned,$(MAKECMDGOALS)),)
-ifeq ($(findstring -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS,$(CXXFLAGS)),)
-CXXFLAGS += -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS
-endif # CXXFLAGS
-endif # Aligned access
-
 # GCC code coverage. Issue 'make coverage'.
 ifneq ($(filter coverage,$(MAKECMDGOALS)),)
 ifeq ($(findstring -coverage,$(CXXFLAGS)),)
@@ -522,8 +515,8 @@ deps GNUmakefile.deps:
 	$(CXX) $(strip $(CXXFLAGS)) -MM *.cpp > GNUmakefile.deps
 
 # CXXFLAGS are tuned earlier.
-.PHONY: asan ubsan align aligned
-asan ubsan align aligned: libcryptopp.a cryptest.exe
+.PHONY: asan ubsan
+asan ubsan: libcryptopp.a cryptest.exe
 
 # CXXFLAGS are tuned earlier. Applications must use linker flags
 #  -Wl,--gc-sections (Linux and Unix) or -Wl,-dead_strip (OS X)
diff --git a/blake2.cpp b/blake2.cpp
index dd9de2e5..5d3154fb 100644
--- a/blake2.cpp
+++ b/blake2.cpp
@@ -28,7 +28,7 @@ NAMESPACE_BEGIN(CryptoPP)
 inline __m128i MM_SET_EPI64X(const word64 a, const word64 b)
 {
     const word64 t[2] = {b,a}; __m128i r;
-    memcpy(&r, &t, sizeof(r));
+    memcpy(&r, &t, sizeof(t));
     return r;
 }
 #else
@@ -3905,7 +3905,6 @@ static void BLAKE2_NEON_Compress64(const byte* input, BLAKE2_State<word64, true>
     #define BLAKE2B_LOAD_MSG_9_4(b0, b1) \
     do { b0 = vextq_u64(m5, m7, 1); b1 = vcombine_u64(vget_low_u64(m6), vget_low_u64(m0)); } while(0)
 
-    #undef BLAKE2B_LOAD_MSG_10_1
     #define BLAKE2B_LOAD_MSG_10_1(b0, b1) \
     do { b0 = vcombine_u64(vget_low_u64(m0), vget_low_u64(m1)); b1 = vcombine_u64(vget_low_u64(m2), vget_low_u64(m3)); } while(0)
 

From a9f2518a2c373d2ce0af49f0098cc18b4c13467e Mon Sep 17 00:00:00 2001
From: anonimal <anonimal@i2pmail.org>
Date: Wed, 29 Mar 2017 07:01:04 +0000
Subject: [PATCH 009/200] Build: apply patch for GNU assembler errors to CMake

References weidai11/cryptopp#395
---
 CMakeLists.txt | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 00a9de03..4468df18 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -105,6 +105,57 @@ if(NOT CRYPTOPP_DATA_DIR STREQUAL "")
 	add_definitions(-DCRYPTOPP_DATA_DIR="${CRYPTOPP_DATA_DIR}")
 endif()
 
+if (CMAKE_CXX_COMPILER_ID MATCHES "GNU")
+	# TODO(unassigned): should we avoid these (for cross-platform compatability)?
+	set(SHELL_CMD sh -c)
+	set(GREP_CMD egrep -c)
+
+	execute_process(COMMAND ${SHELL_CMD} "${CMAKE_CXX_COMPILER} --version 2>&1"
+		COMMAND ${GREP_CMD} -i macports
+		OUTPUT_VARIABLE MACPORTS
+		OUTPUT_STRIP_TRAILING_WHITESPACE)
+
+	if (MACPORTS EQUAL 0)
+		# Get GAS version, add defs + set as appropriate
+		set(GAS_CMD ${SHELL_CMD} "${CMAKE_CXX_COMPILER} -xc -c /dev/null -Wa,-v -o/dev/null 2>&1")
+
+		execute_process(COMMAND ${GAS_CMD}
+			OUTPUT_VARIABLE GAS_STRING
+			OUTPUT_STRIP_TRAILING_WHITESPACE)
+		string(FIND ${GAS_STRING} "GNU assumbler" GAS_OUTPUT)
+
+		if (GAS_OUTPUT)
+			#.intel_syntax wasn't supported until GNU assembler 2.10
+			# No DISABLE_NATIVE_ARCH with CRYPTOPP_DISABLE_ASM for now
+			# See http://github.com/weidai11/cryptopp/issues/395
+
+			# TODO(unassigned): string() REGEX was not cooperating at time of writing. Re-implement as needed.
+			execute_process(COMMAND echo ${GAS_STRING}
+				COMMAND ${GREP_CMD} "GNU assembler version (2\\.[1-9][0-9]|[3-9])"
+				OUTPUT_VARIABLE GAS210_OR_LATER)
+			if (GAS210_OR_LATER EQUAL 0)
+				add_definitions(-DCRYPTOPP_DISABLE_ASM)
+			endif()
+
+			execute_process(COMMAND echo ${GAS_STRING}
+				COMMAND ${GREP_CMD} "GNU assembler version (2\\.1[7-9]|2\\.[2-9]|[3-9])"
+				OUTPUT_VARIABLE GAS217_OR_LATER)
+			if (GAS217_OR_LATER EQUAL 0)
+				add_definitions(-DCRYPTOPP_DISABLE_SSSE3)
+				set(DISABLE_NATIVE_ARCH 1)
+			endif()
+
+			execute_process(COMMAND echo ${GAS_STRING}
+				COMMAND ${GREP_CMD} "GNU assembler version (2\\.19|2\\.[2-9]|[3-9])"
+				OUTPUT_VARIABLE GAS219_OR_LATER)
+			if (GAS219_OR_LATER EQUAL 0)
+				add_definitions(-DCRYPTOPP_DISABLE_AESNI)
+				set(DISABLE_NATIVE_ARCH 1)
+			endif()
+		endif()
+	endif()
+endif()
+
 # We need the output 'uname -s' for Unix and Linux system detection
 if (NOT CRYPTOPP_CROSS_COMPILE)
 	set (UNAME_CMD "uname")

From 8c7408bcd56ab3177ee61fe68ff07cc16d13cdd4 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 3 Apr 2017 20:27:49 -0400
Subject: [PATCH 010/200] Fix typo

---
 camellia.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/camellia.h b/camellia.h
index 1e6e39c5..88d6b659 100644
--- a/camellia.h
+++ b/camellia.h
@@ -1,7 +1,7 @@
 // camellia.h - originally written and placed in the public domain by Wei Dai
 
 //! \file camellia.h
-//! \brief Classes for the Cameliia block cipher
+//! \brief Classes for the Camellia block cipher
 
 #ifndef CRYPTOPP_CAMELLIA_H
 #define CRYPTOPP_CAMELLIA_H

From 8ca0f479391c54ee454e9cddfcbe1657da240f85 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 10 Apr 2017 10:52:40 -0400
Subject: [PATCH 011/200] Add ARIA block cipher This is the reference
 implementation, test data and test vectors from the ARIA.zip package on the
 KISA website. The website is located at
 http://seed.kisa.or.kr/iwt/ko/bbs/EgovReferenceList.do?bbsId=BBSMSTR_000000000002.

We have optimized routines that improve Key Setup and Bulk Encryption performance, but they are not being checked-in at the moment. The ARIA team is updating its implementation for contemporary hardware and we would like to use it as a starting point before we wander too far away from the KISA implementation.
---
 Filelist.txt             |   4 +
 TestData/aria.dat        |  45 +++++++
 TestVectors/all.txt      |   1 +
 TestVectors/aria.txt     | 233 +++++++++++++++++++++++++++++++++
 aria.cpp                 | 270 +++++++++++++++++++++++++++++++++++++++
 aria.h                   |  59 +++++++++
 bench1.cpp               |   2 +
 cryptdll.vcxproj         |   2 +-
 cryptdll.vcxproj.filters |   2 +-
 cryptest.vcxproj         |   6 +-
 cryptest.vcxproj.filters |   6 +
 cryptlib.vcxproj         |  11 +-
 cryptlib.vcxproj.filters |   8 +-
 dlltest.vcxproj          |   2 +-
 regtest.cpp              |   4 +
 test.cpp                 |  34 ++---
 validat1.cpp             |  35 +++++
 validate.h               |   1 +
 18 files changed, 697 insertions(+), 28 deletions(-)
 create mode 100644 TestData/aria.dat
 create mode 100644 TestVectors/aria.txt
 create mode 100644 aria.cpp
 create mode 100644 aria.h

diff --git a/Filelist.txt b/Filelist.txt
index b4f9735a..03d7ebdb 100644
--- a/Filelist.txt
+++ b/Filelist.txt
@@ -10,6 +10,8 @@ algparam.cpp
 algparam.h
 arc4.cpp
 arc4.h
+aria.cpp
+aria.h
 argnames.h
 asn.cpp
 asn.h
@@ -318,6 +320,7 @@ Install.txt
 Filelist.txt
 TestData/3desval.dat
 TestData/3wayval.dat
+TestData/aria.dat
 TestData/camellia.dat
 TestData/cast128v.dat
 TestData/cast256v.dat
@@ -385,6 +388,7 @@ TestVectors/all.txt
 TestVectors/blake2.txt
 TestVectors/blake2b.txt
 TestVectors/blake2s.txt
+TestVectors/aria.txt
 TestVectors/camellia.txt
 TestVectors/ccm.txt
 TestVectors/chacha.txt
diff --git a/TestData/aria.dat b/TestData/aria.dat
new file mode 100644
index 00000000..3b814f34
--- /dev/null
+++ b/TestData/aria.dat
@@ -0,0 +1,45 @@
+0123456789ABCDEFFEDCBA9876543210 0123456789ABCDEFFEDCBA9876543210 7DC1917AE0D38FAE8D4A7D1959AEF27C
+80000000000000000000000000000000 00000000000000000000000000000000 4ABA3055788204D82F4539D81BC9384B
+00000000000000000000000000000001 00000000000000000000000000000000 5FA57C3B2E71144C3E5E1E9BE4F0FE7E
+00000000000000000000000000000000 80000000000000000000000000000000 92E51E737DABB6BFD0EABC8D32224F77
+00000000000000000000000000000000 00000000000000000000000000000001 B426E1A441F6DBFC2B2D2412D0066D20
+00000000000000000000000000000000 00000000000000000000000000000000 4B40A63C7F0171EE3CDDA4363FBFAE75
+01010101010101010101010101010101 01010101010101010101010101010101 CCE5D964A71D7A5E93986BCA572BB050
+02020202020202020202020202020202 02020202020202020202020202020202 A04100328F459F6AAE8EBAB3B5FE90A8
+04040404040404040404040404040404 04040404040404040404040404040404 BFE5C38FE204ADC614A321786CDCA08E
+08080808080808080808080808080808 08080808080808080808080808080808 95A3371D4879057FAEB2E573CCE8A7F5
+10101010101010101010101010101010 10101010101010101010101010101010 80AF7861CA5855FBED523345D36619EC
+20202020202020202020202020202020 20202020202020202020202020202020 82E9D82550AECD0E0BB1B63E4B30CEC3
+40404040404040404040404040404040 40404040404040404040404040404040 C80C04BA36ED0DA52B3E6CB430617FAC
+80808080808080808080808080808080 80808080808080808080808080808080 41305D0632AC493419B04F3BCDBA6AE4
+FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF B99D80EF798362ACEB9E960AAE7EECC2
+0123456789ABCDEFFEDCBA98765432100011223344556677 0123456789ABCDEFFEDCBA9876543210 6DC2DBDAC3C563E522F5A75942B8AFAC
+800000000000000000000000000000000000000000000000 00000000000000000000000000000000 F9BA9C6E7E3C86FAE4BEB607F387548E
+000000000000000000000000000000000000000000000001 00000000000000000000000000000000 5BC2C08F01C0CDC2F983073CBE9194D2
+000000000000000000000000000000000000000000000000 80000000000000000000000000000000 AE56BF59874ED4DBD7B905878894ADEE
+000000000000000000000000000000000000000000000000 00000000000000000000000000000001 D53236B0CDE20C26F57675A7405A9F98
+000000000000000000000000000000000000000000000000 00000000000000000000000000000000 D5526B5E6A1E3DF23AD8ECAF20F281D0
+010101010101010101010101010101010101010101010101 01010101010101010101010101010101 6E4C91AB71707075F375FFB7B3D27328
+020202020202020202020202020202020202020202020202 02020202020202020202020202020202 D686D2A6F3BBBC5E703528FD4B1DBA8F
+040404040404040404040404040404040404040404040404 04040404040404040404040404040404 ADE1730DA6F15693FD9F063DFC8EC4D1
+080808080808080808080808080808080808080808080808 08080808080808080808080808080808 6A3FCA9070151FF14142B1700BE075EB
+101010101010101010101010101010101010101010101010 10101010101010101010101010101010 773EC2820CCD29CA650DEA05E04CEB80
+202020202020202020202020202020202020202020202020 20202020202020202020202020202020 531A8B8F5F1228E16B57E5365A1FB02B
+404040404040404040404040404040404040404040404040 40404040404040404040404040404040 C0166DB2A70DF611921E7F0AB0E0F15D
+808080808080808080808080808080808080808080808080 80808080808080808080808080808080 70F3361D505A220B1C2328EBE32ED731
+FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF F275975CCC163ED53AA0510443239638
+0123456789ABCDEFFEDCBA987654321000112233445566778899AABBCCDDEEFF 0123456789ABCDEFFEDCBA9876543210 2F4792014AE2D9B812ADBAC663DC762B
+8000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000 9250C9771F5A5A8612400AA917491263
+0000000000000000000000000000000000000000000000000000000000000001 00000000000000000000000000000000 1A6AED07EC57E4373E988BFBB396406F
+0000000000000000000000000000000000000000000000000000000000000000 80000000000000000000000000000000 209ACF63CE6DFB56B1F9821DDBFE86E3
+0000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000001 678FFFFDCE3177605F9320FEC4D30B5E
+0000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000 C20857DD9106DDDE286EC59FA98D77CC
+0101010101010101010101010101010101010101010101010101010101010101 01010101010101010101010101010101 15C28D4EC27D8BEDDD8E6B3745A9A261
+0202020202020202020202020202020202020202020202020202020202020202 02020202020202020202020202020202 5279DA1773C078835D506B25FED6513E
+0404040404040404040404040404040404040404040404040404040404040404 04040404040404040404040404040404 7AED38F56F62FC75F7DB88F7E59D0B02
+0808080808080808080808080808080808080808080808080808080808080808 08080808080808080808080808080808 6EB3C2BC1AC20926E860E688786DB872
+1010101010101010101010101010101010101010101010101010101010101010 10101010101010101010101010101010 54A8718B4DD1A03B1A4ED06C30B9E6AB
+2020202020202020202020202020202020202020202020202020202020202020 20202020202020202020202020202020 A876FA5538F926B373702DABF33025B6
+4040404040404040404040404040404040404040404040404040404040404040 40404040404040404040404040404040 B71AB43F56E09592E69E315E7CD06E8A
+8080808080808080808080808080808080808080808080808080808080808080 80808080808080808080808080808080 E975FB1435D92A0CF3E1A2487774D699
+FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 6C833E3962286C0DE0395446ED30F646
diff --git a/TestVectors/all.txt b/TestVectors/all.txt
index a80ba4ed..1646f0e9 100644
--- a/TestVectors/all.txt
+++ b/TestVectors/all.txt
@@ -2,6 +2,7 @@ AlgorithmType: FileList
 Name: all.txt collection
 Test: TestVectors/tea.txt
 Test: TestVectors/wake.txt
+Test: TestVectors/aria.txt
 Test: TestVectors/camellia.txt
 Test: TestVectors/shacal2.txt
 Test: TestVectors/ttmac.txt
diff --git a/TestVectors/aria.txt b/TestVectors/aria.txt
new file mode 100644
index 00000000..f54441d3
--- /dev/null
+++ b/TestVectors/aria.txt
@@ -0,0 +1,233 @@
+AlgorithmType: SymmetricCipher
+Name: ARIA/ECB
+Source: ARIA Test Vectors PDF (05.05.2004)
+Comment: Tests using ECB mode
+Comment:    Section 1, 128-bit (p.3)
+Key:        00112233445566778899aabbccddeeff
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
+            11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb \
+            22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb \
+            33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb \
+            44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb \
+            55555555cccccccc55555555dddddddd
+Ciphertext: c6ecd08e22c30abdb215cf74e2075e6e \
+            29ccaac63448708d331b2f816c51b17d \
+            9e133d1528dbf0af5787c7f3a3f5c2bf \
+            6b6f345907a3055612ce072ff54de7d7 \
+            88424da6e8ccfe8172b391be49935416 \
+            5665ba7864917000a6eeb2ecb4a698ed \
+            fc7887e7f556377614ab0a282293e6d8 \
+            84dbb84206cdb16ed1754e77a1f243fd \
+            086953f752cc1e46c7c794ae85537dca \
+            ec8dd721f55c93b6edfe2adea43873e8
+Test: Encrypt
+Comment:    Section 2, 192-bit (p.6)
+Key:        00112233445566778899aabbccddeeff \
+            0011223344556677
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
+            11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb \
+            22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb \
+            33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb \
+            44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb \
+            55555555cccccccc55555555dddddddd
+Ciphertext: 8d1470625f59ebacb0e55b534b3e462b \
+            5f23d33bff78f46c3c15911f4a21809a \
+            accad80b4bda915aa9dae6bcebe06a6c \
+            83f77fd5391acfe61de2f646b5d447ed \
+            bfd5bb49b12fbb9145b227895a757b2a \
+            f1f7188734863d7b8b6ede5a5b2f06a0 \
+            a233c8523d2db778fb31b0e311f32700 \
+            152f33861e9d040c83b5eb40cd88ea49 \
+            975709dc629365a189f78a3ec40345fc \
+            6a5a307a8f9a4413091e007eca5645a0
+Test: Encrypt
+Comment:    Section 3, 256-bit (p.11)
+Key:        00112233445566778899aabbccddeeff \
+            00112233445566778899aabbccddeeff
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
+            11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb \
+            22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb \
+            33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb \
+            44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb \
+            55555555cccccccc55555555dddddddd
+Ciphertext: 58a875e6044ad7fffa4f58420f7f442d \
+            8e191016f28e79aefc01e204773280d7 \
+            018e5f7a938ec30711719953bae86542 \
+            cd7ebc752474c1a5f6eaaace2a7e2946 \
+            2ee7dfa5afdb84177ead95ccd4b4bb6e \
+            1ed17b9534cff0a5fc2941429cfee2ee \
+            49c7adbeb7e9d1b0d2a8531d94207959 \
+            6a27ed79f5b1dd13ecd604b07a48885a \
+            3afa0627a0e4e60a3c703af292f1baa7 \
+            7b702f16c54aa74bc727ea95c7468b00
+Test: Encrypt
+
+AlgorithmType: SymmetricCipher
+Name: ARIA/CBC
+Source: ARIA Test Vectors PDF (05.05.2004)
+Comment: Tests using CBC mode
+Comment:    Section 1, 128-bit (p.3)
+Key:        00112233445566778899aabbccddeeff
+IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
+            11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb \
+            22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb \
+            33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb \
+            44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb \
+            55555555cccccccc55555555dddddddd
+Ciphertext: 49d61860b14909109cef0d22a9268134 \
+            fadf9fb23151e9645fba75018bdb1538 \
+            b53334634bbf7d4cd4b5377033060c15 \
+            5fe3948ca75de1031e1d85619e0ad61e \
+            b419a866b3c2dbfd10a4ed18b22149f7 \
+            5897f0b8668b0c1c542c687778835fb7 \
+            cd46e45f85eaa7072437dd9fa6793d6f \
+            8d4ccefc4eb1ac641ac1bd30b18c6d64 \
+            c49bca137eb21c2e04da62712ca2b4f5 \
+            40c57112c38791852cfac7a5d19ed83a
+Test: Encrypt
+Comment:    Section 1, 192-bit (p.6)
+Key:        00112233445566778899aabbccddeeff \
+            0011223344556677
+IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
+            11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb \
+            22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb \
+            33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb \
+            44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb \
+            55555555cccccccc55555555dddddddd
+Ciphertext: afe6cf23974b533c672a826264ea785f \
+            4e4f7f780dc7f3f1e0962b80902386d5 \
+            14e9c3e77259de92dd1102ffab086c1e \
+            a52a71260db5920a83295c25320e4211 \
+            47ca45d532f327b856ea947cd2196ae2 \
+            e040826548b4c891b0ed0ca6e714dbc4 \
+            631998d548110d666b3d54c2a091955c \
+            6f05beb4f62309368696c9791fc4c551 \
+            564a2637f194346ec45fbca6c72a5b46 \
+            12e208d531d6c34cc5c64eac6bd0cf8c
+Test: Encrypt
+Comment:    Section 1, 256-bit (p.11)
+Key:        00112233445566778899aabbccddeeff \
+            00112233445566778899aabbccddeeff
+IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
+            11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb \
+            22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb \
+            33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb \
+            44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb \
+            55555555cccccccc55555555dddddddd
+Ciphertext: 523a8a806ae621f155fdd28dbc34e1ab \
+            7b9b42432ad8b2efb96e23b13f0a6e52 \
+            f36185d50ad002c5f601bee5493f118b \
+            243ee2e313642bffc3902e7b2efd9a12 \
+            fa682edd2d23c8b9c5f043c18b17c1ec \
+            4b5867918270fbec1027c19ed6af833d \
+            a5d620994668ca22f599791d292dd627 \
+            3b2959082aafb7a996167cce1eec5f0c \
+            fd15f610d87e2dda9ba68ce1260ca54b \
+            222491418374294e7909b1e8551cd8de
+Test: Encrypt
+
+AlgorithmType: SymmetricCipher
+Name: ARIA/CTR
+Source: ARIA Test Vectors PDF (05.05.2004)
+Comment: Tests using CTR mode
+Comment:    Section 1, 128-bit (p.3)
+Key:        00112233445566778899aabbccddeeff
+IV:         00000000000000000000000000000000
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
+            11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb \
+            22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb \
+            33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb \
+            44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb \
+            55555555cccccccc55555555dddddddd
+Ciphertext: ac5d7de805a0bf1c57c854501af60fa1 \
+            1497e2a34519dea1569e91e5b5ccae2f \
+            f3bfa1bf975f4571f48be191613546c3 \
+            911163c085f871f0e7ae5f2a085b8185 \
+            1c2a3ddf20ecb8fa51901aec8ee4ba32 \
+            a35dab67bb72cd9140ad188a967ac0fb \
+            bdfa94ea6cce47dcf8525ab5a814cfeb \
+            2bb60ee2b126e2d9d847c1a9e96f9019 \
+            e3e6a7fe40d3829afb73db1cc245646a \
+            ddb62d9b907baaafbe46a73dbc131d3d
+Test: Encrypt
+Comment:    Section 2, 192-bit (p.6)
+Key:        00112233445566778899aabbccddeeff \
+            0011223344556677
+IV:         00000000000000000000000000000000
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
+            11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb \
+            22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb \
+            33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb \
+            44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb \
+            55555555cccccccc55555555dddddddd
+Ciphertext: 08625ca8fe569c19ba7af3760a6ed1ce \
+            f4d199263e999dde14082dbba7560b79 \
+            a4c6b456b8707dce751f9854f18893df \
+            db3f4e5afa539733e6f1e70b98ba3789 \
+            1f8f81e95df8efc26c7ce043504cb189 \
+            58b865e4e316cd2aa1c97f31bf23dc04 \
+            6ef326b95a692a191ba0f2a41c5fe9ae \
+            070f236ff7078e703b42666caafbdd20 \
+            bad74ac4c20c0f46c7ca24c151716575 \
+            c947da16c90cfe1bf217a41cfebe7531
+Test: Encrypt
+Comment:    Section 3, 256-bit (p.11)
+Key:        00112233445566778899aabbccddeeff \
+            00112233445566778899aabbccddeeff
+IV:         00000000000000000000000000000000
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
+            11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb \
+            22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb \
+            33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb \
+            44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb \
+            55555555cccccccc55555555dddddddd
+Ciphertext: 30026c329666141721178b99c0a1f1b2 \
+            f06940253f7b3089e2a30ea86aa3c88f \
+            5940f05ad7ee41d71347bb7261e348f1 \
+            8360473fdf7d4e7723bffb4411cc13f6 \
+            cdd89f3bc7b9c768145022c7a74f14d7 \
+            c305cd012a10f16050c23f1ae5c23f45 \
+            998d13fbaa041e51619577e077276489 \
+            6a5d4516d8ffceb3bf7e05f613edd9a6 \
+            0cdcedaff9cfcaf4e00d445a54334f73 \
+            ab2cad944e51d266548e61c6eb0aa1cd
+Test: Encrypt
\ No newline at end of file
diff --git a/aria.cpp b/aria.cpp
new file mode 100644
index 00000000..75cd1d39
--- /dev/null
+++ b/aria.cpp
@@ -0,0 +1,270 @@
+// aria.cpp - written and placed in the public domain by Jeffrey Walton
+
+#include "pch.h"
+#include "config.h"
+
+#if CRYPTOPP_MSC_VERSION
+# pragma warning(disable: 4456)
+# if (CRYPTOPP_MSC_VERSION >= 1400)
+#  pragma warning(disable: 6246)
+# endif
+#endif
+
+#include "aria.h"
+#include "misc.h"
+#include "cpu.h"
+
+#include <iostream>
+#include "files.h"
+#include "hex.h"
+
+NAMESPACE_BEGIN(CryptoPP)
+
+// The ARIA s-boxes
+CRYPTOPP_ALIGN_DATA(16)
+const byte ARIA::Base::S[4][256] = {
+	// S-box type 1
+{
+  0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
+  0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
+  0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
+  0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
+  0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
+  0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
+  0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
+  0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
+  0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
+  0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
+  0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
+  0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
+  0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
+  0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
+  0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
+  0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16},
+  // S-box type 2
+{
+  0xe2, 0x4e, 0x54, 0xfc, 0x94, 0xc2, 0x4a, 0xcc, 0x62, 0x0d, 0x6a, 0x46, 0x3c, 0x4d, 0x8b, 0xd1,
+  0x5e, 0xfa, 0x64, 0xcb, 0xb4, 0x97, 0xbe, 0x2b, 0xbc, 0x77, 0x2e, 0x03, 0xd3, 0x19, 0x59, 0xc1,
+  0x1d, 0x06, 0x41, 0x6b, 0x55, 0xf0, 0x99, 0x69, 0xea, 0x9c, 0x18, 0xae, 0x63, 0xdf, 0xe7, 0xbb,
+  0x00, 0x73, 0x66, 0xfb, 0x96, 0x4c, 0x85, 0xe4, 0x3a, 0x09, 0x45, 0xaa, 0x0f, 0xee, 0x10, 0xeb,
+  0x2d, 0x7f, 0xf4, 0x29, 0xac, 0xcf, 0xad, 0x91, 0x8d, 0x78, 0xc8, 0x95, 0xf9, 0x2f, 0xce, 0xcd,
+  0x08, 0x7a, 0x88, 0x38, 0x5c, 0x83, 0x2a, 0x28, 0x47, 0xdb, 0xb8, 0xc7, 0x93, 0xa4, 0x12, 0x53,
+  0xff, 0x87, 0x0e, 0x31, 0x36, 0x21, 0x58, 0x48, 0x01, 0x8e, 0x37, 0x74, 0x32, 0xca, 0xe9, 0xb1,
+  0xb7, 0xab, 0x0c, 0xd7, 0xc4, 0x56, 0x42, 0x26, 0x07, 0x98, 0x60, 0xd9, 0xb6, 0xb9, 0x11, 0x40,
+  0xec, 0x20, 0x8c, 0xbd, 0xa0, 0xc9, 0x84, 0x04, 0x49, 0x23, 0xf1, 0x4f, 0x50, 0x1f, 0x13, 0xdc,
+  0xd8, 0xc0, 0x9e, 0x57, 0xe3, 0xc3, 0x7b, 0x65, 0x3b, 0x02, 0x8f, 0x3e, 0xe8, 0x25, 0x92, 0xe5,
+  0x15, 0xdd, 0xfd, 0x17, 0xa9, 0xbf, 0xd4, 0x9a, 0x7e, 0xc5, 0x39, 0x67, 0xfe, 0x76, 0x9d, 0x43,
+  0xa7, 0xe1, 0xd0, 0xf5, 0x68, 0xf2, 0x1b, 0x34, 0x70, 0x05, 0xa3, 0x8a, 0xd5, 0x79, 0x86, 0xa8,
+  0x30, 0xc6, 0x51, 0x4b, 0x1e, 0xa6, 0x27, 0xf6, 0x35, 0xd2, 0x6e, 0x24, 0x16, 0x82, 0x5f, 0xda,
+  0xe6, 0x75, 0xa2, 0xef, 0x2c, 0xb2, 0x1c, 0x9f, 0x5d, 0x6f, 0x80, 0x0a, 0x72, 0x44, 0x9b, 0x6c,
+  0x90, 0x0b, 0x5b, 0x33, 0x7d, 0x5a, 0x52, 0xf3, 0x61, 0xa1, 0xf7, 0xb0, 0xd6, 0x3f, 0x7c, 0x6d,
+  0xed, 0x14, 0xe0, 0xa5, 0x3d, 0x22, 0xb3, 0xf8, 0x89, 0xde, 0x71, 0x1a, 0xaf, 0xba, 0xb5, 0x81},
+  // inverse of S-box type 1
+{
+  0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
+  0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
+  0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
+  0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
+  0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
+  0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
+  0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
+  0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
+  0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
+  0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
+  0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
+  0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
+  0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
+  0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
+  0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
+  0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d},
+  // inverse of S-box type 2
+{
+  0x30, 0x68, 0x99, 0x1b, 0x87, 0xb9, 0x21, 0x78, 0x50, 0x39, 0xdb, 0xe1, 0x72, 0x09, 0x62, 0x3c,
+  0x3e, 0x7e, 0x5e, 0x8e, 0xf1, 0xa0, 0xcc, 0xa3, 0x2a, 0x1d, 0xfb, 0xb6, 0xd6, 0x20, 0xc4, 0x8d,
+  0x81, 0x65, 0xf5, 0x89, 0xcb, 0x9d, 0x77, 0xc6, 0x57, 0x43, 0x56, 0x17, 0xd4, 0x40, 0x1a, 0x4d,
+  0xc0, 0x63, 0x6c, 0xe3, 0xb7, 0xc8, 0x64, 0x6a, 0x53, 0xaa, 0x38, 0x98, 0x0c, 0xf4, 0x9b, 0xed,
+  0x7f, 0x22, 0x76, 0xaf, 0xdd, 0x3a, 0x0b, 0x58, 0x67, 0x88, 0x06, 0xc3, 0x35, 0x0d, 0x01, 0x8b,
+  0x8c, 0xc2, 0xe6, 0x5f, 0x02, 0x24, 0x75, 0x93, 0x66, 0x1e, 0xe5, 0xe2, 0x54, 0xd8, 0x10, 0xce,
+  0x7a, 0xe8, 0x08, 0x2c, 0x12, 0x97, 0x32, 0xab, 0xb4, 0x27, 0x0a, 0x23, 0xdf, 0xef, 0xca, 0xd9,
+  0xb8, 0xfa, 0xdc, 0x31, 0x6b, 0xd1, 0xad, 0x19, 0x49, 0xbd, 0x51, 0x96, 0xee, 0xe4, 0xa8, 0x41,
+  0xda, 0xff, 0xcd, 0x55, 0x86, 0x36, 0xbe, 0x61, 0x52, 0xf8, 0xbb, 0x0e, 0x82, 0x48, 0x69, 0x9a,
+  0xe0, 0x47, 0x9e, 0x5c, 0x04, 0x4b, 0x34, 0x15, 0x79, 0x26, 0xa7, 0xde, 0x29, 0xae, 0x92, 0xd7,
+  0x84, 0xe9, 0xd2, 0xba, 0x5d, 0xf3, 0xc5, 0xb0, 0xbf, 0xa4, 0x3b, 0x71, 0x44, 0x46, 0x2b, 0xfc,
+  0xeb, 0x6f, 0xd5, 0xf6, 0x14, 0xfe, 0x7c, 0x70, 0x5a, 0x7d, 0xfd, 0x2f, 0x18, 0x83, 0x16, 0xa5,
+  0x91, 0x1f, 0x05, 0x95, 0x74, 0xa9, 0xc1, 0x5b, 0x4a, 0x85, 0x6d, 0x13, 0x07, 0x4f, 0x4e, 0x45,
+  0xb2, 0x0f, 0xc9, 0x1c, 0xa6, 0xbc, 0xec, 0x73, 0x90, 0x7b, 0xcf, 0x59, 0x8f, 0xa1, 0xf9, 0x2d,
+  0xf2, 0xb1, 0x00, 0x94, 0x37, 0x9f, 0xd0, 0x2e, 0x9c, 0x6e, 0x28, 0x3f, 0x80, 0xf0, 0x3d, 0xd3,
+  0x25, 0x8a, 0xb5, 0xe7, 0x42, 0xb3, 0xc7, 0xea, 0xf7, 0x4c, 0x11, 0x33, 0x03, 0xa2, 0xac, 0x60}
+};
+
+// constants used in the round key generation
+CRYPTOPP_ALIGN_DATA(16)
+const byte ARIA::Base::KRK[3][16] = {
+  {0x51, 0x7c, 0xc1, 0xb7, 0x27, 0x22, 0x0a, 0x94, 0xfe, 0x13, 0xab, 0xe8, 0xfa, 0x9a, 0x6e, 0xe0},
+  {0x6d, 0xb1, 0x4a, 0xcc, 0x9e, 0x21, 0xc8, 0x20, 0xff, 0x28, 0xb1, 0xd5, 0xef, 0x5d, 0xe2, 0xb0},
+  {0xdb, 0x92, 0x37, 0x1d, 0x21, 0x26, 0xe9, 0x70, 0x03, 0x24, 0x97, 0x75, 0x04, 0xe8, 0xc9, 0x0e}
+};
+
+// Diffusion Layer
+inline void DL (const byte *i, byte *o)
+{
+	byte T;
+	T = i[ 3] ^ i[ 4] ^ i[ 9] ^ i[14];
+	o[ 0] = i[ 6] ^ i[ 8] ^ i[13] ^ T;
+	o[ 5] = i[ 1] ^ i[10] ^ i[15] ^ T;
+	o[11] = i[ 2] ^ i[ 7] ^ i[12] ^ T;
+	o[14] = i[ 0] ^ i[ 5] ^ i[11] ^ T;
+	T = i[ 2] ^ i[ 5] ^ i[ 8] ^ i[15];
+	o[ 1] = i[ 7] ^ i[ 9] ^ i[12] ^ T;
+	o[ 4] = i[ 0] ^ i[11] ^ i[14] ^ T;
+	o[10] = i[ 3] ^ i[ 6] ^ i[13] ^ T;
+	o[15] = i[ 1] ^ i[ 4] ^ i[10] ^ T;
+	T = i[ 1] ^ i[ 6] ^ i[11] ^ i[12];
+	o[ 2] = i[ 4] ^ i[10] ^ i[15] ^ T;
+	o[ 7] = i[ 3] ^ i[ 8] ^ i[13] ^ T;
+	o[ 9] = i[ 0] ^ i[ 5] ^ i[14] ^ T;
+	o[12] = i[ 2] ^ i[ 7] ^ i[ 9] ^ T;
+	T = i[ 0] ^ i[ 7] ^ i[10] ^ i[13];
+	o[ 3] = i[ 5] ^ i[11] ^ i[14] ^ T;
+	o[ 6] = i[ 2] ^ i[ 9] ^ i[12] ^ T;
+	o[ 8] = i[ 1] ^ i[ 4] ^ i[15] ^ T;
+	o[13] = i[ 3] ^ i[ 6] ^ i[ 8] ^ T;
+}
+
+// Right-rotate 128 bit source string s by n bits and XOR it to target string t.
+// Three implementations are provided. First is the CXX implementation. Second is the Intel
+// implementations (one with MOVBE, one without MOVBE). Third is the ARM implementations.
+// The specializations for 0 and non-0 rotate help save about 100 insns per subkey round.
+template <unsigned int N>
+inline void RotateAndXOR(const byte s[16], byte t[16])
+{
+	// From the reference implementation
+	int i, n, q;
+
+	n = N; q = n/8; n %= 8;
+	for (i = 0; i < 16; i++) {
+		t[(q+i) % 16] ^= (s[i] >> n);
+		if (n != 0) t[(q+i+1) % 16] ^= (s[i] << (8-n));
+	}
+}
+
+template<>
+inline void RotateAndXOR<0>(const byte s[16], byte t[16])
+{
+	for (int i=0; i<16; ++i)
+		t[i] ^= s[i];
+}
+
+void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params)
+{
+	CRYPTOPP_ASSERT(key && keylen);
+	CRYPTOPP_UNUSED(params);
+
+	// w0 makes room for a 32-byte key. w1, w2 and w3 uses 16-byte blocks
+	int  i, R = (keylen+32)/4, q = (keylen - 16) / 8;
+	byte *w0 = m_w.data(), *w1 = m_w.data()+32, *w2 = m_w.data()+48, *w3 = m_w.data()+64, *t = m_w.data()+80;
+
+	byte* rk = m_rkey.data();
+	m_rounds = R;
+
+	memcpy(w0, key, keylen);
+	for (i = 0; i < 16; i++)
+		t[i] = S[i % 4][KRK[q][i] ^ w0[i]];
+
+	DL (t, w1);
+	if (m_rounds == 14)
+		for (i = 0; i <  8; i++)
+			w1[i] ^= w0[16+i];
+	else if (m_rounds==16)
+		for (i = 0; i < 16; i++)
+			w1[i] ^= w0[16+i];
+
+	q = (q==2) ? 0 : (q+1);
+	for (i = 0; i < 16; i++)
+		t[i] = S[(2 + i) % 4][KRK[q][i] ^ w1[i]];
+
+	DL (t, w2);
+	for (i = 0; i < 16; i++)
+		w2[i] ^= w0[i];
+
+	q = (q==2) ? 0 : (q+1);
+	for (i = 0; i < 16; i++)
+		t[i] = S[i % 4][KRK[q][i] ^ w2[i]];
+
+	DL (t, w3);
+	for (i = 0; i < 16; i++)
+		w3[i] ^= w1[i];
+
+	for (i = 0; i < 16*(R+1); i++)
+		rk[i] = 0;
+
+	RotateAndXOR<0>(w0, rk +   0); RotateAndXOR<19>(w1, rk +   0);
+	RotateAndXOR<0>(w1, rk +  16); RotateAndXOR<19>(w2, rk +  16);
+	RotateAndXOR<0>(w2, rk +  32); RotateAndXOR<19>(w3, rk +  32);
+	RotateAndXOR<0>(w3, rk +  48); RotateAndXOR<19>(w0, rk +  48);
+	RotateAndXOR<0>(w0, rk +  64); RotateAndXOR<31>(w1, rk +  64);
+	RotateAndXOR<0>(w1, rk +  80); RotateAndXOR<31>(w2, rk +  80);
+	RotateAndXOR<0>(w2, rk +  96); RotateAndXOR<31>(w3, rk +  96);
+	RotateAndXOR<0>(w3, rk + 112); RotateAndXOR<31>(w0, rk + 112);
+	RotateAndXOR<0>(w0, rk + 128); RotateAndXOR<67>(w1, rk + 128);
+	RotateAndXOR<0>(w1, rk + 144); RotateAndXOR<67>(w2, rk + 144);
+	RotateAndXOR<0>(w2, rk + 160); RotateAndXOR<67>(w3, rk + 160);
+	RotateAndXOR<0>(w3, rk + 176); RotateAndXOR<67>(w0, rk + 176);
+	RotateAndXOR<0>(w0, rk + 192); RotateAndXOR<97>(w1, rk + 192);
+
+	if (m_rounds > 12) {
+		RotateAndXOR<0>(w1, rk + 208); RotateAndXOR<97>(w2, rk + 208);
+		RotateAndXOR<0>(w2, rk + 224); RotateAndXOR<97>(w3, rk + 224);
+	}
+
+	if (m_rounds > 14) {
+		RotateAndXOR<0>(w3, rk + 240); RotateAndXOR< 97>(w0, rk + 240);
+		RotateAndXOR<0>(w0, rk + 256); RotateAndXOR<109>(w1, rk + 256);
+	}
+
+	if (!IsForwardTransformation())
+	{
+		int  i, j;
+		for (j = 0; j < 16; j++)
+		{
+			t[j] = rk[j];
+			rk[j] = rk[16*R + j];
+			rk[16*R + j] = t[j];
+		}
+		for (i = 1; i <= R/2; i++)
+		{
+			DL (rk + i*16, t);
+			DL (rk + (R-i)*16, rk + i*16);
+			for (j = 0; j < 16; j++)
+				rk[(R-i)*16 + j] = t[j];
+		}
+	}
+}
+
+void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+{
+	// t is a workspace; cast away const for this method
+	byte* t = const_cast<byte*>(m_w.data()+80);
+	int i, j, R = m_rounds;
+
+	const byte *p = inBlock;
+	const byte *e = m_rkey.data();
+	byte *c = outBlock;
+
+	for (j = 0; j < 16; j++) c[j] = p[j];
+	for (i = 0; i < R/2; i++)
+	{
+		for (j = 0; j < 16; j++) t[j] = S[     j  % 4][e[j] ^ c[j]];
+		DL(t, c); e += 16;
+		for (j = 0; j < 16; j++) t[j] = S[(2 + j) % 4][e[j] ^ c[j]];
+		DL(t, c); e += 16;
+	}
+	DL(c, t);
+	for (j = 0; j < 16; j++) c[j] = e[j] ^ t[j];
+
+	if (xorBlock)
+		for (i = 0; i < 16; ++i)
+			outBlock[i] ^= xorBlock[i];
+}
+
+NAMESPACE_END
diff --git a/aria.h b/aria.h
new file mode 100644
index 00000000..de041f96
--- /dev/null
+++ b/aria.h
@@ -0,0 +1,59 @@
+// aria.h - written and placed in the public domain by Jeffrey Walton
+
+//! \file aria.h
+//! \brief Classes for the ARIA block cipher
+//! \sa <A HREF="http://tools.ietf.org/html/rfc5794">RFC 5794, A Description of the ARIA Encryption Algorithm</A>,
+//!   <A HREF="http://seed.kisa.or.kr/iwt/ko/bbs/EgovReferenceList.do?bbsId=BBSMSTR_000000000002">Korea
+//!   Internet & Security Agency homepage</A>
+
+#ifndef CRYPTOPP_ARIA_H
+#define CRYPTOPP_ARIA_H
+
+#include "config.h"
+#include "seckey.h"
+#include "secblock.h"
+
+NAMESPACE_BEGIN(CryptoPP)
+
+//! \class ARIA_Info
+//! \brief ARIA block cipher information
+struct ARIA_Info : public FixedBlockSize<16>, public VariableKeyLength<16, 16, 32, 8>
+{
+	CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() {return "ARIA";}
+};
+
+//! \class ARIA
+//! \brief ARIA block cipher
+//! \sa <a href="http://www.weidai.com/scan-mirror/cs.html#ARIA">ARIA</a>
+class ARIA : public ARIA_Info, public BlockCipherDocumentation
+{
+public:
+	class CRYPTOPP_NO_VTABLE Base : public BlockCipherImpl<ARIA_Info>
+	{
+	public:
+		void UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params);
+		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+
+	protected:
+		CRYPTOPP_ALIGN_DATA(16)
+		static const byte S[4][256];
+
+		CRYPTOPP_ALIGN_DATA(16)
+		static const byte KRK[3][16];
+
+		FixedSizeAlignedSecBlock<byte, 16*17> m_rkey;  // round keys
+		FixedSizeAlignedSecBlock<byte, 16*6>  m_w;     // scratch, w0, w1, w2, w3 and t
+		unsigned int m_rounds;
+	};
+
+public:
+	typedef BlockCipherFinal<ENCRYPTION, Base> Encryption;
+	typedef BlockCipherFinal<DECRYPTION, Base> Decryption;
+};
+
+typedef ARIA::Encryption ARIAEncryption;
+typedef ARIA::Decryption ARIADecryption;
+
+NAMESPACE_END
+
+#endif
diff --git a/bench1.cpp b/bench1.cpp
index 58d2be8b..ba99a4a2 100644
--- a/bench1.cpp
+++ b/bench1.cpp
@@ -531,6 +531,8 @@ void Benchmark2(double t, double hertz)
 		BenchMarkByName<SymmetricCipher>("AES/OFB", 16);
 		BenchMarkByName<SymmetricCipher>("AES/CFB", 16);
 		BenchMarkByName<SymmetricCipher>("AES/ECB", 16);
+		BenchMarkByName<SymmetricCipher>("ARIA/CTR", 16);
+		BenchMarkByName<SymmetricCipher>("ARIA/CTR", 32);
 		BenchMarkByName<SymmetricCipher>("Camellia/CTR", 16);
 		BenchMarkByName<SymmetricCipher>("Camellia/CTR", 32);
 		BenchMarkByName<SymmetricCipher>("Twofish/CTR");
diff --git a/cryptdll.vcxproj b/cryptdll.vcxproj
index 7800e35b..9553cd14 100644
--- a/cryptdll.vcxproj
+++ b/cryptdll.vcxproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
diff --git a/cryptdll.vcxproj.filters b/cryptdll.vcxproj.filters
index 56d3db68..b1039401 100644
--- a/cryptdll.vcxproj.filters
+++ b/cryptdll.vcxproj.filters
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup>
     <Filter Include="Source Files">
diff --git a/cryptest.vcxproj b/cryptest.vcxproj
index e7948d76..1c1d2504 100644
--- a/cryptest.vcxproj
+++ b/cryptest.vcxproj
@@ -180,7 +180,7 @@
   <!-- FIPS Validated Warning -->
   <ItemDefinitionGroup Label="FIPS Warning">
     <PreBuildEvent Condition="'$(Configuration)'=='DLL-Import Debug' Or '$(Configuration)'=='DLL-Import Release'">
-	  <Command>
+      <Command>
         echo *************************************************************************
         echo This configuration requires cryptopp.dll. You can build it yourself using
         echo the cryptdll project, or obtain a pre-built, FIPS 140-2 validated DLL. If
@@ -221,6 +221,7 @@
     <None Include="TestVectors\blake2.txt" />
     <None Include="TestVectors\blake2b.txt" />
     <None Include="TestVectors\blake2s.txt" />
+    <None Include="TestVectors\aria.txt" />
     <None Include="TestVectors\camellia.txt" />
     <None Include="TestVectors\ccm.txt" />
     <None Include="TestVectors\chacha.txt" />
@@ -257,6 +258,7 @@
     <None Include="TestVectors\whrlpool.txt" />
     <None Include="TestData\3desval.dat" />
     <None Include="TestData\3wayval.dat" />
+    <None Include="TestData\aria.dat" />
     <None Include="TestData\camellia.dat" />
     <None Include="TestData\cast128v.dat" />
     <None Include="TestData\cast256v.dat" />
@@ -322,4 +324,4 @@
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
   <ImportGroup Label="ExtensionTargets">
   </ImportGroup>
-</Project>
+</Project>
\ No newline at end of file
diff --git a/cryptest.vcxproj.filters b/cryptest.vcxproj.filters
index ed87291e..f4e800ec 100644
--- a/cryptest.vcxproj.filters
+++ b/cryptest.vcxproj.filters
@@ -33,6 +33,9 @@
     <None Include="TestVectors\blake2s.txt">
       <Filter>TestVectors</Filter>
     </None>
+    <None Include="TestVectors\aria.txt">
+      <Filter>TestVectors</Filter>
+    </None>
     <None Include="TestVectors\camellia.txt">
       <Filter>TestVectors</Filter>
     </None>
@@ -141,6 +144,9 @@
     <None Include="TestData\3wayval.dat">
       <Filter>TestData</Filter>
     </None>
+    <None Include="TestData\aria.dat">
+      <Filter>TestData</Filter>
+    </None>
     <None Include="TestData\camellia.dat">
       <Filter>TestData</Filter>
     </None>
diff --git a/cryptlib.vcxproj b/cryptlib.vcxproj
index d337244e..fb756a07 100644
--- a/cryptlib.vcxproj
+++ b/cryptlib.vcxproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
@@ -34,17 +34,14 @@
       <Platform>x64</Platform>
     </ProjectConfiguration>
   </ItemGroup>
-
   <PropertyGroup Label="Globals">
     <ProjectGuid>{c39f4b46-6e89-4074-902e-ca57073044d2}</ProjectGuid>
     <RootNamespace>cryptlib</RootNamespace>
     <PlatformToolset>v100</PlatformToolset>
-	<ConfigurationType>StaticLibrary</ConfigurationType>
+    <ConfigurationType>StaticLibrary</ConfigurationType>
   </PropertyGroup>
-
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-
   <ImportGroup Label="ExtensionSettings">
     <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.props" />
   </ImportGroup>
@@ -173,6 +170,7 @@
     <ClCompile Include="algebra.cpp" />
     <ClCompile Include="algparam.cpp" />
     <ClCompile Include="arc4.cpp" />
+    <ClCompile Include="aria.cpp" />
     <ClCompile Include="asn.cpp" />
     <ClCompile Include="authenc.cpp" />
     <ClCompile Include="base32.cpp" />
@@ -345,6 +343,7 @@
     <ClInclude Include="algebra.h" />
     <ClInclude Include="algparam.h" />
     <ClInclude Include="arc4.h" />
+    <ClInclude Include="aria.h" />
     <ClInclude Include="argnames.h" />
     <ClInclude Include="asn.h" />
     <ClInclude Include="authenc.h" />
@@ -485,4 +484,4 @@
   <ImportGroup Label="ExtensionTargets">
     <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.targets" />
   </ImportGroup>
-</Project>
+</Project>
\ No newline at end of file
diff --git a/cryptlib.vcxproj.filters b/cryptlib.vcxproj.filters
index dd4f5179..a864550c 100644
--- a/cryptlib.vcxproj.filters
+++ b/cryptlib.vcxproj.filters
@@ -29,6 +29,9 @@
     <ClCompile Include="arc4.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
+    <ClCompile Include="aria.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
     <ClCompile Include="asn.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
@@ -429,6 +432,9 @@
     <ClInclude Include="arc4.h">
       <Filter>Header Files</Filter>
     </ClInclude>
+    <ClInclude Include="aria.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
     <ClInclude Include="argnames.h">
       <Filter>Header Files</Filter>
     </ClInclude>
@@ -849,4 +855,4 @@
       <Filter>Source Files</Filter>
     </CustomBuild>
   </ItemGroup>
-</Project>
+</Project>
\ No newline at end of file
diff --git a/dlltest.vcxproj b/dlltest.vcxproj
index 66b075ec..f008456c 100644
--- a/dlltest.vcxproj
+++ b/dlltest.vcxproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
diff --git a/regtest.cpp b/regtest.cpp
index 704bc2e0..95b72790 100644
--- a/regtest.cpp
+++ b/regtest.cpp
@@ -17,6 +17,7 @@
 #include "seal.h"
 #include "whrlpool.h"
 #include "ttmac.h"
+#include "aria.h"
 #include "camellia.h"
 #include "shacal2.h"
 #include "tea.h"
@@ -145,6 +146,7 @@ void RegisterFactories()
 	RegisterSignatureSchemeDefaultFactories<RSASS<PSS, SHA1> >("RSA/PSS-MGF1(SHA-1)");
 	RegisterSymmetricCipherDefaultFactories<SEAL<> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SHACAL2> >();
+	RegisterSymmetricCipherDefaultFactories<ECB_Mode<ARIA> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<Camellia> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<TEA> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<XTEA> >();
@@ -168,6 +170,8 @@ void RegisterFactories()
 	RegisterAuthenticatedSymmetricCipherDefaultFactories<CCM<AES> >();
 	RegisterAuthenticatedSymmetricCipherDefaultFactories<GCM<AES> >();
 	RegisterAuthenticatedSymmetricCipherDefaultFactories<EAX<AES> >();
+	RegisterSymmetricCipherDefaultFactories<CBC_Mode<ARIA> >();  // For test vectors
+	RegisterSymmetricCipherDefaultFactories<CTR_Mode<ARIA> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Camellia> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Twofish> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Serpent> >();
diff --git a/test.cpp b/test.cpp
index ba2e0480..45e3ed4d 100644
--- a/test.cpp
+++ b/test.cpp
@@ -25,6 +25,7 @@
 #include "stdcpp.h"
 #include "ossig.h"
 #include "trap.h"
+#include "aria.h"
 
 #include "validate.h"
 #include "bench.h"
@@ -971,22 +972,23 @@ bool Validate(int alg, bool thorough, const char *seedInput)
 	case 60: result = Test::ValidateDLIES(); break;
 	case 61: result = Test::ValidateBaseCode(); break;
 	case 62: result = Test::ValidateSHACAL2(); break;
-	case 63: result = Test::ValidateCamellia(); break;
-	case 64: result = Test::ValidateWhirlpool(); break;
-	case 65: result = Test::ValidateTTMAC(); break;
-	case 66: result = Test::ValidateSalsa(); break;
-	case 67: result = Test::ValidateSosemanuk(); break;
-	case 68: result = Test::ValidateVMAC(); break;
-	case 69: result = Test::ValidateCCM(); break;
-	case 70: result = Test::ValidateGCM(); break;
-	case 71: result = Test::ValidateCMAC(); break;
-	case 72: result = Test::ValidateHKDF(); break;
-	case 73: result = Test::ValidateBLAKE2s(); break;
-	case 74: result = Test::ValidateBLAKE2b(); break;
-	case 75: result = Test::ValidatePoly1305(); break;
-	case 76: result = Test::ValidateSipHash(); break;
-	case 77: result = Test::ValidateHashDRBG(); break;
-	case 78: result = Test::ValidateHmacDRBG(); break;
+	case 63: result = Test::ValidateARIA(); break;
+	case 64: result = Test::ValidateCamellia(); break;
+	case 65: result = Test::ValidateWhirlpool(); break;
+	case 66: result = Test::ValidateTTMAC(); break;
+	case 67: result = Test::ValidateSalsa(); break;
+	case 68: result = Test::ValidateSosemanuk(); break;
+	case 69: result = Test::ValidateVMAC(); break;
+	case 70: result = Test::ValidateCCM(); break;
+	case 71: result = Test::ValidateGCM(); break;
+	case 72: result = Test::ValidateCMAC(); break;
+	case 73: result = Test::ValidateHKDF(); break;
+	case 74: result = Test::ValidateBLAKE2s(); break;
+	case 75: result = Test::ValidateBLAKE2b(); break;
+	case 76: result = Test::ValidatePoly1305(); break;
+	case 77: result = Test::ValidateSipHash(); break;
+	case 78: result = Test::ValidateHashDRBG(); break;
+	case 79: result = Test::ValidateHmacDRBG(); break;
 
 #if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_IMPORTS)
 	// http://github.com/weidai11/cryptopp/issues/92
diff --git a/validat1.cpp b/validat1.cpp
index 9844776e..5b6c5bc0 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -41,6 +41,7 @@
 #include "skipjack.h"
 #include "shacal2.h"
 #include "camellia.h"
+#include "aria.h"
 #include "osrng.h"
 #include "drbg.h"
 #include "rdrand.h"
@@ -144,6 +145,7 @@ bool ValidateAll(bool thorough)
 	pass=ValidateTwofish() && pass;
 	pass=ValidateSerpent() && pass;
 	pass=ValidateSHACAL2() && pass;
+	pass=ValidateARIA() && pass;
 	pass=ValidateCamellia() && pass;
 	pass=ValidateSalsa() && pass;
 	pass=ValidateSosemanuk() && pass;
@@ -2545,6 +2547,39 @@ bool ValidateSHACAL2()
 	return pass1 && pass2 && pass3;
 }
 
+bool ValidateARIA()
+{
+	std::cout << "\nARIA validation suite running...\n\n";
+	bool pass1 = true, pass2 = true, pass3 = true;
+
+	ARIAEncryption enc;
+	pass1 = enc.StaticGetValidKeyLength(8) == 16 && pass1;
+	pass1 = enc.StaticGetValidKeyLength(16) == 16 && pass1;
+	pass1 = enc.StaticGetValidKeyLength(24) == 24 && pass1;
+	pass1 = enc.StaticGetValidKeyLength(32) == 32 && pass1;
+	pass1 = enc.StaticGetValidKeyLength(64) == 32 && pass1;
+	pass1 = enc.StaticGetValidKeyLength(128) == 32 && pass1;
+	pass1 = enc.StaticGetValidKeyLength(0) == enc.MinKeyLength() && pass1;
+	pass1 = enc.StaticGetValidKeyLength(SIZE_MAX) == enc.MaxKeyLength() && pass1;
+
+	ARIADecryption dec;
+	pass2 = dec.StaticGetValidKeyLength(8) == 16 && pass2;
+	pass2 = dec.StaticGetValidKeyLength(16) == 16 && pass2;
+	pass2 = dec.StaticGetValidKeyLength(24) == 24 && pass2;
+	pass2 = dec.StaticGetValidKeyLength(32) == 32 && pass2;
+	pass2 = dec.StaticGetValidKeyLength(64) == 32 && pass2;
+	pass2 = dec.StaticGetValidKeyLength(128) == 32 && pass2;
+	pass2 = dec.StaticGetValidKeyLength(0) == dec.MinKeyLength() && pass2;
+	pass2 = dec.StaticGetValidKeyLength(SIZE_MAX) == dec.MaxKeyLength() && pass2;
+	std::cout << (pass1 && pass2 ? "passed:" : "FAILED:") << "  Algorithm key lengths\n";
+
+	FileSource valdata(CRYPTOPP_DATA_DIR "TestData/aria.dat", true, new HexDecoder);
+	pass3 = BlockTransformationTest(FixedRoundsCipherFactory<ARIAEncryption, ARIADecryption>(16), valdata, 15) && pass3;
+	pass3 = BlockTransformationTest(FixedRoundsCipherFactory<ARIAEncryption, ARIADecryption>(24), valdata, 15) && pass3;
+	pass3 = BlockTransformationTest(FixedRoundsCipherFactory<ARIAEncryption, ARIADecryption>(32), valdata, 15) && pass3;
+	return pass1 && pass2 && pass3;
+}
+
 bool ValidateCamellia()
 {
 	std::cout << "\nCamellia validation suite running...\n\n";
diff --git a/validate.h b/validate.h
index b6fc1eca..b9e8a029 100644
--- a/validate.h
+++ b/validate.h
@@ -73,6 +73,7 @@ bool ValidateRijndael();
 bool ValidateTwofish();
 bool ValidateSerpent();
 bool ValidateSHACAL2();
+bool ValidateARIA();
 bool ValidateCamellia();
 bool ValidateSalsa();
 bool ValidateSosemanuk();

From 7990da2c02933dc31cdd41c4ec603ee310c4e87a Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 11 Apr 2017 06:53:44 -0400
Subject: [PATCH 012/200] Reformat aria.txt test vectors

---
 TestVectors/aria.txt | 311 +++++++++++++++----------------------------
 1 file changed, 106 insertions(+), 205 deletions(-)

diff --git a/TestVectors/aria.txt b/TestVectors/aria.txt
index f54441d3..f1138f56 100644
--- a/TestVectors/aria.txt
+++ b/TestVectors/aria.txt
@@ -1,233 +1,134 @@
 AlgorithmType: SymmetricCipher
 Name: ARIA/ECB
 Source: ARIA Test Vectors PDF (05.05.2004)
-Comment: Tests using ECB mode
-Comment:    Section 1, 128-bit (p.3)
+Comment:    Section 1, ARIA/ECB 128-bit (p.3)
 Key:        00112233445566778899aabbccddeeff
-Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
-            11111111cccccccc11111111dddddddd \
-            22222222aaaaaaaa22222222bbbbbbbb \
-            22222222cccccccc22222222dddddddd \
-            33333333aaaaaaaa33333333bbbbbbbb \
-            33333333cccccccc33333333dddddddd \
-            44444444aaaaaaaa44444444bbbbbbbb \
-            44444444cccccccc44444444dddddddd \
-            55555555aaaaaaaa55555555bbbbbbbb \
-            55555555cccccccc55555555dddddddd
-Ciphertext: c6ecd08e22c30abdb215cf74e2075e6e \
-            29ccaac63448708d331b2f816c51b17d \
-            9e133d1528dbf0af5787c7f3a3f5c2bf \
-            6b6f345907a3055612ce072ff54de7d7 \
-            88424da6e8ccfe8172b391be49935416 \
-            5665ba7864917000a6eeb2ecb4a698ed \
-            fc7887e7f556377614ab0a282293e6d8 \
-            84dbb84206cdb16ed1754e77a1f243fd \
-            086953f752cc1e46c7c794ae85537dca \
-            ec8dd721f55c93b6edfe2adea43873e8
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
+Ciphertext: c6ecd08e22c30abdb215cf74e2075e6e 29ccaac63448708d331b2f816c51b17d \
+            9e133d1528dbf0af5787c7f3a3f5c2bf 6b6f345907a3055612ce072ff54de7d7 \
+            88424da6e8ccfe8172b391be49935416 5665ba7864917000a6eeb2ecb4a698ed \
+            fc7887e7f556377614ab0a282293e6d8 84dbb84206cdb16ed1754e77a1f243fd \
+            086953f752cc1e46c7c794ae85537dca ec8dd721f55c93b6edfe2adea43873e8
 Test: Encrypt
-Comment:    Section 2, 192-bit (p.6)
-Key:        00112233445566778899aabbccddeeff \
-            0011223344556677
-Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
-            11111111cccccccc11111111dddddddd \
-            22222222aaaaaaaa22222222bbbbbbbb \
-            22222222cccccccc22222222dddddddd \
-            33333333aaaaaaaa33333333bbbbbbbb \
-            33333333cccccccc33333333dddddddd \
-            44444444aaaaaaaa44444444bbbbbbbb \
-            44444444cccccccc44444444dddddddd \
-            55555555aaaaaaaa55555555bbbbbbbb \
-            55555555cccccccc55555555dddddddd
-Ciphertext: 8d1470625f59ebacb0e55b534b3e462b \
-            5f23d33bff78f46c3c15911f4a21809a \
-            accad80b4bda915aa9dae6bcebe06a6c \
-            83f77fd5391acfe61de2f646b5d447ed \
-            bfd5bb49b12fbb9145b227895a757b2a \
-            f1f7188734863d7b8b6ede5a5b2f06a0 \
-            a233c8523d2db778fb31b0e311f32700 \
-            152f33861e9d040c83b5eb40cd88ea49 \
-            975709dc629365a189f78a3ec40345fc \
-            6a5a307a8f9a4413091e007eca5645a0
+Comment:    Section 2, ARIA/ECB 192-bit (p.6)
+Key:        00112233445566778899aabbccddeeff 0011223344556677
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
+Ciphertext: 8d1470625f59ebacb0e55b534b3e462b 5f23d33bff78f46c3c15911f4a21809a \
+            accad80b4bda915aa9dae6bcebe06a6c 83f77fd5391acfe61de2f646b5d447ed \
+            bfd5bb49b12fbb9145b227895a757b2a f1f7188734863d7b8b6ede5a5b2f06a0 \
+            a233c8523d2db778fb31b0e311f32700 152f33861e9d040c83b5eb40cd88ea49 \
+            975709dc629365a189f78a3ec40345fc 6a5a307a8f9a4413091e007eca5645a0
 Test: Encrypt
-Comment:    Section 3, 256-bit (p.11)
-Key:        00112233445566778899aabbccddeeff \
-            00112233445566778899aabbccddeeff
-Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
-            11111111cccccccc11111111dddddddd \
-            22222222aaaaaaaa22222222bbbbbbbb \
-            22222222cccccccc22222222dddddddd \
-            33333333aaaaaaaa33333333bbbbbbbb \
-            33333333cccccccc33333333dddddddd \
-            44444444aaaaaaaa44444444bbbbbbbb \
-            44444444cccccccc44444444dddddddd \
-            55555555aaaaaaaa55555555bbbbbbbb \
-            55555555cccccccc55555555dddddddd
-Ciphertext: 58a875e6044ad7fffa4f58420f7f442d \
-            8e191016f28e79aefc01e204773280d7 \
-            018e5f7a938ec30711719953bae86542 \
-            cd7ebc752474c1a5f6eaaace2a7e2946 \
-            2ee7dfa5afdb84177ead95ccd4b4bb6e \
-            1ed17b9534cff0a5fc2941429cfee2ee \
-            49c7adbeb7e9d1b0d2a8531d94207959 \
-            6a27ed79f5b1dd13ecd604b07a48885a \
-            3afa0627a0e4e60a3c703af292f1baa7 \
-            7b702f16c54aa74bc727ea95c7468b00
+Comment:    Section 3, ARIA/ECB 256-bit (p.11)
+Key:        00112233445566778899aabbccddeeff 00112233445566778899aabbccddeeff
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
+Ciphertext: 58a875e6044ad7fffa4f58420f7f442d 8e191016f28e79aefc01e204773280d7 \
+            018e5f7a938ec30711719953bae86542 cd7ebc752474c1a5f6eaaace2a7e2946 \
+            2ee7dfa5afdb84177ead95ccd4b4bb6e 1ed17b9534cff0a5fc2941429cfee2ee \
+            49c7adbeb7e9d1b0d2a8531d94207959 6a27ed79f5b1dd13ecd604b07a48885a \
+            3afa0627a0e4e60a3c703af292f1baa7 7b702f16c54aa74bc727ea95c7468b00
 Test: Encrypt
 
 AlgorithmType: SymmetricCipher
 Name: ARIA/CBC
 Source: ARIA Test Vectors PDF (05.05.2004)
-Comment: Tests using CBC mode
-Comment:    Section 1, 128-bit (p.3)
+Comment:    Section 1, ARIA/CBC 128-bit (p.3)
 Key:        00112233445566778899aabbccddeeff
 IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
-            11111111cccccccc11111111dddddddd \
-            22222222aaaaaaaa22222222bbbbbbbb \
-            22222222cccccccc22222222dddddddd \
-            33333333aaaaaaaa33333333bbbbbbbb \
-            33333333cccccccc33333333dddddddd \
-            44444444aaaaaaaa44444444bbbbbbbb \
-            44444444cccccccc44444444dddddddd \
-            55555555aaaaaaaa55555555bbbbbbbb \
-            55555555cccccccc55555555dddddddd
-Ciphertext: 49d61860b14909109cef0d22a9268134 \
-            fadf9fb23151e9645fba75018bdb1538 \
-            b53334634bbf7d4cd4b5377033060c15 \
-            5fe3948ca75de1031e1d85619e0ad61e \
-            b419a866b3c2dbfd10a4ed18b22149f7 \
-            5897f0b8668b0c1c542c687778835fb7 \
-            cd46e45f85eaa7072437dd9fa6793d6f \
-            8d4ccefc4eb1ac641ac1bd30b18c6d64 \
-            c49bca137eb21c2e04da62712ca2b4f5 \
-            40c57112c38791852cfac7a5d19ed83a
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
+Ciphertext: 49d61860b14909109cef0d22a9268134 fadf9fb23151e9645fba75018bdb1538 \
+            b53334634bbf7d4cd4b5377033060c15 5fe3948ca75de1031e1d85619e0ad61e \
+            b419a866b3c2dbfd10a4ed18b22149f7 5897f0b8668b0c1c542c687778835fb7 \
+            cd46e45f85eaa7072437dd9fa6793d6f 8d4ccefc4eb1ac641ac1bd30b18c6d64 \
+            c49bca137eb21c2e04da62712ca2b4f5 40c57112c38791852cfac7a5d19ed83a
 Test: Encrypt
-Comment:    Section 1, 192-bit (p.6)
-Key:        00112233445566778899aabbccddeeff \
-            0011223344556677
+Comment:    Section 1, ARIA/CBC 192-bit (p.6)
+Key:        00112233445566778899aabbccddeeff 0011223344556677
 IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
-            11111111cccccccc11111111dddddddd \
-            22222222aaaaaaaa22222222bbbbbbbb \
-            22222222cccccccc22222222dddddddd \
-            33333333aaaaaaaa33333333bbbbbbbb \
-            33333333cccccccc33333333dddddddd \
-            44444444aaaaaaaa44444444bbbbbbbb \
-            44444444cccccccc44444444dddddddd \
-            55555555aaaaaaaa55555555bbbbbbbb \
-            55555555cccccccc55555555dddddddd
-Ciphertext: afe6cf23974b533c672a826264ea785f \
-            4e4f7f780dc7f3f1e0962b80902386d5 \
-            14e9c3e77259de92dd1102ffab086c1e \
-            a52a71260db5920a83295c25320e4211 \
-            47ca45d532f327b856ea947cd2196ae2 \
-            e040826548b4c891b0ed0ca6e714dbc4 \
-            631998d548110d666b3d54c2a091955c \
-            6f05beb4f62309368696c9791fc4c551 \
-            564a2637f194346ec45fbca6c72a5b46 \
-            12e208d531d6c34cc5c64eac6bd0cf8c
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
+Ciphertext: afe6cf23974b533c672a826264ea785f 4e4f7f780dc7f3f1e0962b80902386d5 \
+            14e9c3e77259de92dd1102ffab086c1e a52a71260db5920a83295c25320e4211 \
+            47ca45d532f327b856ea947cd2196ae2 e040826548b4c891b0ed0ca6e714dbc4 \
+            631998d548110d666b3d54c2a091955c 6f05beb4f62309368696c9791fc4c551 \
+            564a2637f194346ec45fbca6c72a5b46 12e208d531d6c34cc5c64eac6bd0cf8c
 Test: Encrypt
-Comment:    Section 1, 256-bit (p.11)
-Key:        00112233445566778899aabbccddeeff \
-            00112233445566778899aabbccddeeff
+Comment:    Section 1, ARIA/CBC 256-bit (p.11)
+Key:        00112233445566778899aabbccddeeff 00112233445566778899aabbccddeeff
 IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
-Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
-            11111111cccccccc11111111dddddddd \
-            22222222aaaaaaaa22222222bbbbbbbb \
-            22222222cccccccc22222222dddddddd \
-            33333333aaaaaaaa33333333bbbbbbbb \
-            33333333cccccccc33333333dddddddd \
-            44444444aaaaaaaa44444444bbbbbbbb \
-            44444444cccccccc44444444dddddddd \
-            55555555aaaaaaaa55555555bbbbbbbb \
-            55555555cccccccc55555555dddddddd
-Ciphertext: 523a8a806ae621f155fdd28dbc34e1ab \
-            7b9b42432ad8b2efb96e23b13f0a6e52 \
-            f36185d50ad002c5f601bee5493f118b \
-            243ee2e313642bffc3902e7b2efd9a12 \
-            fa682edd2d23c8b9c5f043c18b17c1ec \
-            4b5867918270fbec1027c19ed6af833d \
-            a5d620994668ca22f599791d292dd627 \
-            3b2959082aafb7a996167cce1eec5f0c \
-            fd15f610d87e2dda9ba68ce1260ca54b \
-            222491418374294e7909b1e8551cd8de
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
+Ciphertext: 523a8a806ae621f155fdd28dbc34e1ab 7b9b42432ad8b2efb96e23b13f0a6e52 \
+            f36185d50ad002c5f601bee5493f118b 243ee2e313642bffc3902e7b2efd9a12 \
+            fa682edd2d23c8b9c5f043c18b17c1ec 4b5867918270fbec1027c19ed6af833d \
+            a5d620994668ca22f599791d292dd627 3b2959082aafb7a996167cce1eec5f0c \
+            fd15f610d87e2dda9ba68ce1260ca54b 222491418374294e7909b1e8551cd8de
 Test: Encrypt
 
 AlgorithmType: SymmetricCipher
 Name: ARIA/CTR
 Source: ARIA Test Vectors PDF (05.05.2004)
-Comment: Tests using CTR mode
-Comment:    Section 1, 128-bit (p.3)
+Comment:    Section 1, ARIA/CTR 128-bit (p.3)
 Key:        00112233445566778899aabbccddeeff
 IV:         00000000000000000000000000000000
-Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
-            11111111cccccccc11111111dddddddd \
-            22222222aaaaaaaa22222222bbbbbbbb \
-            22222222cccccccc22222222dddddddd \
-            33333333aaaaaaaa33333333bbbbbbbb \
-            33333333cccccccc33333333dddddddd \
-            44444444aaaaaaaa44444444bbbbbbbb \
-            44444444cccccccc44444444dddddddd \
-            55555555aaaaaaaa55555555bbbbbbbb \
-            55555555cccccccc55555555dddddddd
-Ciphertext: ac5d7de805a0bf1c57c854501af60fa1 \
-            1497e2a34519dea1569e91e5b5ccae2f \
-            f3bfa1bf975f4571f48be191613546c3 \
-            911163c085f871f0e7ae5f2a085b8185 \
-            1c2a3ddf20ecb8fa51901aec8ee4ba32 \
-            a35dab67bb72cd9140ad188a967ac0fb \
-            bdfa94ea6cce47dcf8525ab5a814cfeb \
-            2bb60ee2b126e2d9d847c1a9e96f9019 \
-            e3e6a7fe40d3829afb73db1cc245646a \
-            ddb62d9b907baaafbe46a73dbc131d3d
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
+Ciphertext: ac5d7de805a0bf1c57c854501af60fa1 1497e2a34519dea1569e91e5b5ccae2f \
+            f3bfa1bf975f4571f48be191613546c3 911163c085f871f0e7ae5f2a085b8185 \
+            1c2a3ddf20ecb8fa51901aec8ee4ba32 a35dab67bb72cd9140ad188a967ac0fb \
+            bdfa94ea6cce47dcf8525ab5a814cfeb 2bb60ee2b126e2d9d847c1a9e96f9019 \
+            e3e6a7fe40d3829afb73db1cc245646a ddb62d9b907baaafbe46a73dbc131d3d
 Test: Encrypt
-Comment:    Section 2, 192-bit (p.6)
-Key:        00112233445566778899aabbccddeeff \
-            0011223344556677
+Comment:    Section 2, ARIA/CTR 192-bit (p.6)
+Key:        00112233445566778899aabbccddeeff 0011223344556677
 IV:         00000000000000000000000000000000
-Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
-            11111111cccccccc11111111dddddddd \
-            22222222aaaaaaaa22222222bbbbbbbb \
-            22222222cccccccc22222222dddddddd \
-            33333333aaaaaaaa33333333bbbbbbbb \
-            33333333cccccccc33333333dddddddd \
-            44444444aaaaaaaa44444444bbbbbbbb \
-            44444444cccccccc44444444dddddddd \
-            55555555aaaaaaaa55555555bbbbbbbb \
-            55555555cccccccc55555555dddddddd
-Ciphertext: 08625ca8fe569c19ba7af3760a6ed1ce \
-            f4d199263e999dde14082dbba7560b79 \
-            a4c6b456b8707dce751f9854f18893df \
-            db3f4e5afa539733e6f1e70b98ba3789 \
-            1f8f81e95df8efc26c7ce043504cb189 \
-            58b865e4e316cd2aa1c97f31bf23dc04 \
-            6ef326b95a692a191ba0f2a41c5fe9ae \
-            070f236ff7078e703b42666caafbdd20 \
-            bad74ac4c20c0f46c7ca24c151716575 \
-            c947da16c90cfe1bf217a41cfebe7531
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
+Ciphertext: 08625ca8fe569c19ba7af3760a6ed1ce f4d199263e999dde14082dbba7560b79 \
+            a4c6b456b8707dce751f9854f18893df db3f4e5afa539733e6f1e70b98ba3789 \
+            1f8f81e95df8efc26c7ce043504cb189 58b865e4e316cd2aa1c97f31bf23dc04 \
+            6ef326b95a692a191ba0f2a41c5fe9ae 070f236ff7078e703b42666caafbdd20 \
+            bad74ac4c20c0f46c7ca24c151716575 c947da16c90cfe1bf217a41cfebe7531
 Test: Encrypt
-Comment:    Section 3, 256-bit (p.11)
-Key:        00112233445566778899aabbccddeeff \
-            00112233445566778899aabbccddeeff
+Comment:    Section 3, ARIA/CTR 256-bit (p.11)
+Key:        00112233445566778899aabbccddeeff 00112233445566778899aabbccddeeff
 IV:         00000000000000000000000000000000
-Plaintext:  11111111aaaaaaaa11111111bbbbbbbb \
-            11111111cccccccc11111111dddddddd \
-            22222222aaaaaaaa22222222bbbbbbbb \
-            22222222cccccccc22222222dddddddd \
-            33333333aaaaaaaa33333333bbbbbbbb \
-            33333333cccccccc33333333dddddddd \
-            44444444aaaaaaaa44444444bbbbbbbb \
-            44444444cccccccc44444444dddddddd \
-            55555555aaaaaaaa55555555bbbbbbbb \
-            55555555cccccccc55555555dddddddd
-Ciphertext: 30026c329666141721178b99c0a1f1b2 \
-            f06940253f7b3089e2a30ea86aa3c88f \
-            5940f05ad7ee41d71347bb7261e348f1 \
-            8360473fdf7d4e7723bffb4411cc13f6 \
-            cdd89f3bc7b9c768145022c7a74f14d7 \
-            c305cd012a10f16050c23f1ae5c23f45 \
-            998d13fbaa041e51619577e077276489 \
-            6a5d4516d8ffceb3bf7e05f613edd9a6 \
-            0cdcedaff9cfcaf4e00d445a54334f73 \
-            ab2cad944e51d266548e61c6eb0aa1cd
-Test: Encrypt
\ No newline at end of file
+Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
+            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
+            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
+            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
+            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
+Ciphertext: 30026c329666141721178b99c0a1f1b2 f06940253f7b3089e2a30ea86aa3c88f \
+            5940f05ad7ee41d71347bb7261e348f1 8360473fdf7d4e7723bffb4411cc13f6 \
+            cdd89f3bc7b9c768145022c7a74f14d7 c305cd012a10f16050c23f1ae5c23f45 \
+            998d13fbaa041e51619577e077276489 6a5d4516d8ffceb3bf7e05f613edd9a6 \
+            0cdcedaff9cfcaf4e00d445a54334f73 ab2cad944e51d266548e61c6eb0aa1cd
+Test: Encrypt

From 0d742591e06904ed885c82ccd27e478b2b43d7eb Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 11 Apr 2017 11:39:45 -0400
Subject: [PATCH 013/200] Switch to code based on 32-bit implementation The
 32-bit code is based on Aaram Yun's code. Yun's code combined with a few
 library specific tweaks improves performance to roughly Camellia.

---
 aria.cpp | 610 +++++++++++++++++++++++++++++++++++--------------------
 aria.h   |  17 +-
 2 files changed, 402 insertions(+), 225 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index 75cd1d39..f8edfeb9 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -18,253 +18,431 @@
 #include "files.h"
 #include "hex.h"
 
+ANONYMOUS_NAMESPACE_BEGIN
+
+CRYPTOPP_ALIGN_DATA(16)
+const CryptoPP::word32 S1[256]={
+	0x00636363,0x007c7c7c,0x00777777,0x007b7b7b,0x00f2f2f2,0x006b6b6b,0x006f6f6f,0x00c5c5c5,
+	0x00303030,0x00010101,0x00676767,0x002b2b2b,0x00fefefe,0x00d7d7d7,0x00ababab,0x00767676,
+	0x00cacaca,0x00828282,0x00c9c9c9,0x007d7d7d,0x00fafafa,0x00595959,0x00474747,0x00f0f0f0,
+	0x00adadad,0x00d4d4d4,0x00a2a2a2,0x00afafaf,0x009c9c9c,0x00a4a4a4,0x00727272,0x00c0c0c0,
+	0x00b7b7b7,0x00fdfdfd,0x00939393,0x00262626,0x00363636,0x003f3f3f,0x00f7f7f7,0x00cccccc,
+	0x00343434,0x00a5a5a5,0x00e5e5e5,0x00f1f1f1,0x00717171,0x00d8d8d8,0x00313131,0x00151515,
+	0x00040404,0x00c7c7c7,0x00232323,0x00c3c3c3,0x00181818,0x00969696,0x00050505,0x009a9a9a,
+	0x00070707,0x00121212,0x00808080,0x00e2e2e2,0x00ebebeb,0x00272727,0x00b2b2b2,0x00757575,
+	0x00090909,0x00838383,0x002c2c2c,0x001a1a1a,0x001b1b1b,0x006e6e6e,0x005a5a5a,0x00a0a0a0,
+	0x00525252,0x003b3b3b,0x00d6d6d6,0x00b3b3b3,0x00292929,0x00e3e3e3,0x002f2f2f,0x00848484,
+	0x00535353,0x00d1d1d1,0x00000000,0x00ededed,0x00202020,0x00fcfcfc,0x00b1b1b1,0x005b5b5b,
+	0x006a6a6a,0x00cbcbcb,0x00bebebe,0x00393939,0x004a4a4a,0x004c4c4c,0x00585858,0x00cfcfcf,
+	0x00d0d0d0,0x00efefef,0x00aaaaaa,0x00fbfbfb,0x00434343,0x004d4d4d,0x00333333,0x00858585,
+	0x00454545,0x00f9f9f9,0x00020202,0x007f7f7f,0x00505050,0x003c3c3c,0x009f9f9f,0x00a8a8a8,
+	0x00515151,0x00a3a3a3,0x00404040,0x008f8f8f,0x00929292,0x009d9d9d,0x00383838,0x00f5f5f5,
+	0x00bcbcbc,0x00b6b6b6,0x00dadada,0x00212121,0x00101010,0x00ffffff,0x00f3f3f3,0x00d2d2d2,
+	0x00cdcdcd,0x000c0c0c,0x00131313,0x00ececec,0x005f5f5f,0x00979797,0x00444444,0x00171717,
+	0x00c4c4c4,0x00a7a7a7,0x007e7e7e,0x003d3d3d,0x00646464,0x005d5d5d,0x00191919,0x00737373,
+	0x00606060,0x00818181,0x004f4f4f,0x00dcdcdc,0x00222222,0x002a2a2a,0x00909090,0x00888888,
+	0x00464646,0x00eeeeee,0x00b8b8b8,0x00141414,0x00dedede,0x005e5e5e,0x000b0b0b,0x00dbdbdb,
+	0x00e0e0e0,0x00323232,0x003a3a3a,0x000a0a0a,0x00494949,0x00060606,0x00242424,0x005c5c5c,
+	0x00c2c2c2,0x00d3d3d3,0x00acacac,0x00626262,0x00919191,0x00959595,0x00e4e4e4,0x00797979,
+	0x00e7e7e7,0x00c8c8c8,0x00373737,0x006d6d6d,0x008d8d8d,0x00d5d5d5,0x004e4e4e,0x00a9a9a9,
+	0x006c6c6c,0x00565656,0x00f4f4f4,0x00eaeaea,0x00656565,0x007a7a7a,0x00aeaeae,0x00080808,
+	0x00bababa,0x00787878,0x00252525,0x002e2e2e,0x001c1c1c,0x00a6a6a6,0x00b4b4b4,0x00c6c6c6,
+	0x00e8e8e8,0x00dddddd,0x00747474,0x001f1f1f,0x004b4b4b,0x00bdbdbd,0x008b8b8b,0x008a8a8a,
+	0x00707070,0x003e3e3e,0x00b5b5b5,0x00666666,0x00484848,0x00030303,0x00f6f6f6,0x000e0e0e,
+	0x00616161,0x00353535,0x00575757,0x00b9b9b9,0x00868686,0x00c1c1c1,0x001d1d1d,0x009e9e9e,
+	0x00e1e1e1,0x00f8f8f8,0x00989898,0x00111111,0x00696969,0x00d9d9d9,0x008e8e8e,0x00949494,
+	0x009b9b9b,0x001e1e1e,0x00878787,0x00e9e9e9,0x00cecece,0x00555555,0x00282828,0x00dfdfdf,
+	0x008c8c8c,0x00a1a1a1,0x00898989,0x000d0d0d,0x00bfbfbf,0x00e6e6e6,0x00424242,0x00686868,
+	0x00414141,0x00999999,0x002d2d2d,0x000f0f0f,0x00b0b0b0,0x00545454,0x00bbbbbb,0x00161616
+};
+
+CRYPTOPP_ALIGN_DATA(16)
+const CryptoPP::word32 S2[256]={
+	0xe200e2e2,0x4e004e4e,0x54005454,0xfc00fcfc,0x94009494,0xc200c2c2,0x4a004a4a,0xcc00cccc,
+	0x62006262,0x0d000d0d,0x6a006a6a,0x46004646,0x3c003c3c,0x4d004d4d,0x8b008b8b,0xd100d1d1,
+	0x5e005e5e,0xfa00fafa,0x64006464,0xcb00cbcb,0xb400b4b4,0x97009797,0xbe00bebe,0x2b002b2b,
+	0xbc00bcbc,0x77007777,0x2e002e2e,0x03000303,0xd300d3d3,0x19001919,0x59005959,0xc100c1c1,
+	0x1d001d1d,0x06000606,0x41004141,0x6b006b6b,0x55005555,0xf000f0f0,0x99009999,0x69006969,
+	0xea00eaea,0x9c009c9c,0x18001818,0xae00aeae,0x63006363,0xdf00dfdf,0xe700e7e7,0xbb00bbbb,
+	0x00000000,0x73007373,0x66006666,0xfb00fbfb,0x96009696,0x4c004c4c,0x85008585,0xe400e4e4,
+	0x3a003a3a,0x09000909,0x45004545,0xaa00aaaa,0x0f000f0f,0xee00eeee,0x10001010,0xeb00ebeb,
+	0x2d002d2d,0x7f007f7f,0xf400f4f4,0x29002929,0xac00acac,0xcf00cfcf,0xad00adad,0x91009191,
+	0x8d008d8d,0x78007878,0xc800c8c8,0x95009595,0xf900f9f9,0x2f002f2f,0xce00cece,0xcd00cdcd,
+	0x08000808,0x7a007a7a,0x88008888,0x38003838,0x5c005c5c,0x83008383,0x2a002a2a,0x28002828,
+	0x47004747,0xdb00dbdb,0xb800b8b8,0xc700c7c7,0x93009393,0xa400a4a4,0x12001212,0x53005353,
+	0xff00ffff,0x87008787,0x0e000e0e,0x31003131,0x36003636,0x21002121,0x58005858,0x48004848,
+	0x01000101,0x8e008e8e,0x37003737,0x74007474,0x32003232,0xca00caca,0xe900e9e9,0xb100b1b1,
+	0xb700b7b7,0xab00abab,0x0c000c0c,0xd700d7d7,0xc400c4c4,0x56005656,0x42004242,0x26002626,
+	0x07000707,0x98009898,0x60006060,0xd900d9d9,0xb600b6b6,0xb900b9b9,0x11001111,0x40004040,
+	0xec00ecec,0x20002020,0x8c008c8c,0xbd00bdbd,0xa000a0a0,0xc900c9c9,0x84008484,0x04000404,
+	0x49004949,0x23002323,0xf100f1f1,0x4f004f4f,0x50005050,0x1f001f1f,0x13001313,0xdc00dcdc,
+	0xd800d8d8,0xc000c0c0,0x9e009e9e,0x57005757,0xe300e3e3,0xc300c3c3,0x7b007b7b,0x65006565,
+	0x3b003b3b,0x02000202,0x8f008f8f,0x3e003e3e,0xe800e8e8,0x25002525,0x92009292,0xe500e5e5,
+	0x15001515,0xdd00dddd,0xfd00fdfd,0x17001717,0xa900a9a9,0xbf00bfbf,0xd400d4d4,0x9a009a9a,
+	0x7e007e7e,0xc500c5c5,0x39003939,0x67006767,0xfe00fefe,0x76007676,0x9d009d9d,0x43004343,
+	0xa700a7a7,0xe100e1e1,0xd000d0d0,0xf500f5f5,0x68006868,0xf200f2f2,0x1b001b1b,0x34003434,
+	0x70007070,0x05000505,0xa300a3a3,0x8a008a8a,0xd500d5d5,0x79007979,0x86008686,0xa800a8a8,
+	0x30003030,0xc600c6c6,0x51005151,0x4b004b4b,0x1e001e1e,0xa600a6a6,0x27002727,0xf600f6f6,
+	0x35003535,0xd200d2d2,0x6e006e6e,0x24002424,0x16001616,0x82008282,0x5f005f5f,0xda00dada,
+	0xe600e6e6,0x75007575,0xa200a2a2,0xef00efef,0x2c002c2c,0xb200b2b2,0x1c001c1c,0x9f009f9f,
+	0x5d005d5d,0x6f006f6f,0x80008080,0x0a000a0a,0x72007272,0x44004444,0x9b009b9b,0x6c006c6c,
+	0x90009090,0x0b000b0b,0x5b005b5b,0x33003333,0x7d007d7d,0x5a005a5a,0x52005252,0xf300f3f3,
+	0x61006161,0xa100a1a1,0xf700f7f7,0xb000b0b0,0xd600d6d6,0x3f003f3f,0x7c007c7c,0x6d006d6d,
+	0xed00eded,0x14001414,0xe000e0e0,0xa500a5a5,0x3d003d3d,0x22002222,0xb300b3b3,0xf800f8f8,
+	0x89008989,0xde00dede,0x71007171,0x1a001a1a,0xaf00afaf,0xba00baba,0xb500b5b5,0x81008181
+};
+
+CRYPTOPP_ALIGN_DATA(16)
+const CryptoPP::word32 X1[256]={
+	0x52520052,0x09090009,0x6a6a006a,0xd5d500d5,0x30300030,0x36360036,0xa5a500a5,0x38380038,
+	0xbfbf00bf,0x40400040,0xa3a300a3,0x9e9e009e,0x81810081,0xf3f300f3,0xd7d700d7,0xfbfb00fb,
+	0x7c7c007c,0xe3e300e3,0x39390039,0x82820082,0x9b9b009b,0x2f2f002f,0xffff00ff,0x87870087,
+	0x34340034,0x8e8e008e,0x43430043,0x44440044,0xc4c400c4,0xdede00de,0xe9e900e9,0xcbcb00cb,
+	0x54540054,0x7b7b007b,0x94940094,0x32320032,0xa6a600a6,0xc2c200c2,0x23230023,0x3d3d003d,
+	0xeeee00ee,0x4c4c004c,0x95950095,0x0b0b000b,0x42420042,0xfafa00fa,0xc3c300c3,0x4e4e004e,
+	0x08080008,0x2e2e002e,0xa1a100a1,0x66660066,0x28280028,0xd9d900d9,0x24240024,0xb2b200b2,
+	0x76760076,0x5b5b005b,0xa2a200a2,0x49490049,0x6d6d006d,0x8b8b008b,0xd1d100d1,0x25250025,
+	0x72720072,0xf8f800f8,0xf6f600f6,0x64640064,0x86860086,0x68680068,0x98980098,0x16160016,
+	0xd4d400d4,0xa4a400a4,0x5c5c005c,0xcccc00cc,0x5d5d005d,0x65650065,0xb6b600b6,0x92920092,
+	0x6c6c006c,0x70700070,0x48480048,0x50500050,0xfdfd00fd,0xeded00ed,0xb9b900b9,0xdada00da,
+	0x5e5e005e,0x15150015,0x46460046,0x57570057,0xa7a700a7,0x8d8d008d,0x9d9d009d,0x84840084,
+	0x90900090,0xd8d800d8,0xabab00ab,0x00000000,0x8c8c008c,0xbcbc00bc,0xd3d300d3,0x0a0a000a,
+	0xf7f700f7,0xe4e400e4,0x58580058,0x05050005,0xb8b800b8,0xb3b300b3,0x45450045,0x06060006,
+	0xd0d000d0,0x2c2c002c,0x1e1e001e,0x8f8f008f,0xcaca00ca,0x3f3f003f,0x0f0f000f,0x02020002,
+	0xc1c100c1,0xafaf00af,0xbdbd00bd,0x03030003,0x01010001,0x13130013,0x8a8a008a,0x6b6b006b,
+	0x3a3a003a,0x91910091,0x11110011,0x41410041,0x4f4f004f,0x67670067,0xdcdc00dc,0xeaea00ea,
+	0x97970097,0xf2f200f2,0xcfcf00cf,0xcece00ce,0xf0f000f0,0xb4b400b4,0xe6e600e6,0x73730073,
+	0x96960096,0xacac00ac,0x74740074,0x22220022,0xe7e700e7,0xadad00ad,0x35350035,0x85850085,
+	0xe2e200e2,0xf9f900f9,0x37370037,0xe8e800e8,0x1c1c001c,0x75750075,0xdfdf00df,0x6e6e006e,
+	0x47470047,0xf1f100f1,0x1a1a001a,0x71710071,0x1d1d001d,0x29290029,0xc5c500c5,0x89890089,
+	0x6f6f006f,0xb7b700b7,0x62620062,0x0e0e000e,0xaaaa00aa,0x18180018,0xbebe00be,0x1b1b001b,
+	0xfcfc00fc,0x56560056,0x3e3e003e,0x4b4b004b,0xc6c600c6,0xd2d200d2,0x79790079,0x20200020,
+	0x9a9a009a,0xdbdb00db,0xc0c000c0,0xfefe00fe,0x78780078,0xcdcd00cd,0x5a5a005a,0xf4f400f4,
+	0x1f1f001f,0xdddd00dd,0xa8a800a8,0x33330033,0x88880088,0x07070007,0xc7c700c7,0x31310031,
+	0xb1b100b1,0x12120012,0x10100010,0x59590059,0x27270027,0x80800080,0xecec00ec,0x5f5f005f,
+	0x60600060,0x51510051,0x7f7f007f,0xa9a900a9,0x19190019,0xb5b500b5,0x4a4a004a,0x0d0d000d,
+	0x2d2d002d,0xe5e500e5,0x7a7a007a,0x9f9f009f,0x93930093,0xc9c900c9,0x9c9c009c,0xefef00ef,
+	0xa0a000a0,0xe0e000e0,0x3b3b003b,0x4d4d004d,0xaeae00ae,0x2a2a002a,0xf5f500f5,0xb0b000b0,
+	0xc8c800c8,0xebeb00eb,0xbbbb00bb,0x3c3c003c,0x83830083,0x53530053,0x99990099,0x61610061,
+	0x17170017,0x2b2b002b,0x04040004,0x7e7e007e,0xbaba00ba,0x77770077,0xd6d600d6,0x26260026,
+	0xe1e100e1,0x69690069,0x14140014,0x63630063,0x55550055,0x21210021,0x0c0c000c,0x7d7d007d
+};
+
+CRYPTOPP_ALIGN_DATA(16)
+const CryptoPP::word32 X2[256]={
+	0x30303000,0x68686800,0x99999900,0x1b1b1b00,0x87878700,0xb9b9b900,0x21212100,0x78787800,
+	0x50505000,0x39393900,0xdbdbdb00,0xe1e1e100,0x72727200,0x09090900,0x62626200,0x3c3c3c00,
+	0x3e3e3e00,0x7e7e7e00,0x5e5e5e00,0x8e8e8e00,0xf1f1f100,0xa0a0a000,0xcccccc00,0xa3a3a300,
+	0x2a2a2a00,0x1d1d1d00,0xfbfbfb00,0xb6b6b600,0xd6d6d600,0x20202000,0xc4c4c400,0x8d8d8d00,
+	0x81818100,0x65656500,0xf5f5f500,0x89898900,0xcbcbcb00,0x9d9d9d00,0x77777700,0xc6c6c600,
+	0x57575700,0x43434300,0x56565600,0x17171700,0xd4d4d400,0x40404000,0x1a1a1a00,0x4d4d4d00,
+	0xc0c0c000,0x63636300,0x6c6c6c00,0xe3e3e300,0xb7b7b700,0xc8c8c800,0x64646400,0x6a6a6a00,
+	0x53535300,0xaaaaaa00,0x38383800,0x98989800,0x0c0c0c00,0xf4f4f400,0x9b9b9b00,0xededed00,
+	0x7f7f7f00,0x22222200,0x76767600,0xafafaf00,0xdddddd00,0x3a3a3a00,0x0b0b0b00,0x58585800,
+	0x67676700,0x88888800,0x06060600,0xc3c3c300,0x35353500,0x0d0d0d00,0x01010100,0x8b8b8b00,
+	0x8c8c8c00,0xc2c2c200,0xe6e6e600,0x5f5f5f00,0x02020200,0x24242400,0x75757500,0x93939300,
+	0x66666600,0x1e1e1e00,0xe5e5e500,0xe2e2e200,0x54545400,0xd8d8d800,0x10101000,0xcecece00,
+	0x7a7a7a00,0xe8e8e800,0x08080800,0x2c2c2c00,0x12121200,0x97979700,0x32323200,0xababab00,
+	0xb4b4b400,0x27272700,0x0a0a0a00,0x23232300,0xdfdfdf00,0xefefef00,0xcacaca00,0xd9d9d900,
+	0xb8b8b800,0xfafafa00,0xdcdcdc00,0x31313100,0x6b6b6b00,0xd1d1d100,0xadadad00,0x19191900,
+	0x49494900,0xbdbdbd00,0x51515100,0x96969600,0xeeeeee00,0xe4e4e400,0xa8a8a800,0x41414100,
+	0xdadada00,0xffffff00,0xcdcdcd00,0x55555500,0x86868600,0x36363600,0xbebebe00,0x61616100,
+	0x52525200,0xf8f8f800,0xbbbbbb00,0x0e0e0e00,0x82828200,0x48484800,0x69696900,0x9a9a9a00,
+	0xe0e0e000,0x47474700,0x9e9e9e00,0x5c5c5c00,0x04040400,0x4b4b4b00,0x34343400,0x15151500,
+	0x79797900,0x26262600,0xa7a7a700,0xdedede00,0x29292900,0xaeaeae00,0x92929200,0xd7d7d700,
+	0x84848400,0xe9e9e900,0xd2d2d200,0xbababa00,0x5d5d5d00,0xf3f3f300,0xc5c5c500,0xb0b0b000,
+	0xbfbfbf00,0xa4a4a400,0x3b3b3b00,0x71717100,0x44444400,0x46464600,0x2b2b2b00,0xfcfcfc00,
+	0xebebeb00,0x6f6f6f00,0xd5d5d500,0xf6f6f600,0x14141400,0xfefefe00,0x7c7c7c00,0x70707000,
+	0x5a5a5a00,0x7d7d7d00,0xfdfdfd00,0x2f2f2f00,0x18181800,0x83838300,0x16161600,0xa5a5a500,
+	0x91919100,0x1f1f1f00,0x05050500,0x95959500,0x74747400,0xa9a9a900,0xc1c1c100,0x5b5b5b00,
+	0x4a4a4a00,0x85858500,0x6d6d6d00,0x13131300,0x07070700,0x4f4f4f00,0x4e4e4e00,0x45454500,
+	0xb2b2b200,0x0f0f0f00,0xc9c9c900,0x1c1c1c00,0xa6a6a600,0xbcbcbc00,0xececec00,0x73737300,
+	0x90909000,0x7b7b7b00,0xcfcfcf00,0x59595900,0x8f8f8f00,0xa1a1a100,0xf9f9f900,0x2d2d2d00,
+	0xf2f2f200,0xb1b1b100,0x00000000,0x94949400,0x37373700,0x9f9f9f00,0xd0d0d000,0x2e2e2e00,
+	0x9c9c9c00,0x6e6e6e00,0x28282800,0x3f3f3f00,0x80808000,0xf0f0f000,0x3d3d3d00,0xd3d3d300,
+	0x25252500,0x8a8a8a00,0xb5b5b500,0xe7e7e700,0x42424200,0xb3b3b300,0xc7c7c700,0xeaeaea00,
+	0xf7f7f700,0x4c4c4c00,0x11111100,0x33333300,0x03030300,0xa2a2a200,0xacacac00,0x60606000
+};
+
+CRYPTOPP_ALIGN_DATA(16)
+const CryptoPP::word32 KRK[3][4] = {
+  {0x517cc1b7, 0x27220a94, 0xfe13abe8, 0xfa9a6ee0},
+  {0x6db14acc, 0x9e21c820, 0xff28b1d5, 0xef5de2b0},
+  {0xdb92371d, 0x2126e970, 0x03249775, 0x04e8c90e}
+};
+
+ANONYMOUS_NAMESPACE_END
+
 NAMESPACE_BEGIN(CryptoPP)
 
-// The ARIA s-boxes
-CRYPTOPP_ALIGN_DATA(16)
-const byte ARIA::Base::S[4][256] = {
-	// S-box type 1
-{
-  0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
-  0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
-  0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
-  0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
-  0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
-  0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
-  0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
-  0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
-  0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
-  0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
-  0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
-  0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
-  0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
-  0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
-  0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
-  0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16},
-  // S-box type 2
-{
-  0xe2, 0x4e, 0x54, 0xfc, 0x94, 0xc2, 0x4a, 0xcc, 0x62, 0x0d, 0x6a, 0x46, 0x3c, 0x4d, 0x8b, 0xd1,
-  0x5e, 0xfa, 0x64, 0xcb, 0xb4, 0x97, 0xbe, 0x2b, 0xbc, 0x77, 0x2e, 0x03, 0xd3, 0x19, 0x59, 0xc1,
-  0x1d, 0x06, 0x41, 0x6b, 0x55, 0xf0, 0x99, 0x69, 0xea, 0x9c, 0x18, 0xae, 0x63, 0xdf, 0xe7, 0xbb,
-  0x00, 0x73, 0x66, 0xfb, 0x96, 0x4c, 0x85, 0xe4, 0x3a, 0x09, 0x45, 0xaa, 0x0f, 0xee, 0x10, 0xeb,
-  0x2d, 0x7f, 0xf4, 0x29, 0xac, 0xcf, 0xad, 0x91, 0x8d, 0x78, 0xc8, 0x95, 0xf9, 0x2f, 0xce, 0xcd,
-  0x08, 0x7a, 0x88, 0x38, 0x5c, 0x83, 0x2a, 0x28, 0x47, 0xdb, 0xb8, 0xc7, 0x93, 0xa4, 0x12, 0x53,
-  0xff, 0x87, 0x0e, 0x31, 0x36, 0x21, 0x58, 0x48, 0x01, 0x8e, 0x37, 0x74, 0x32, 0xca, 0xe9, 0xb1,
-  0xb7, 0xab, 0x0c, 0xd7, 0xc4, 0x56, 0x42, 0x26, 0x07, 0x98, 0x60, 0xd9, 0xb6, 0xb9, 0x11, 0x40,
-  0xec, 0x20, 0x8c, 0xbd, 0xa0, 0xc9, 0x84, 0x04, 0x49, 0x23, 0xf1, 0x4f, 0x50, 0x1f, 0x13, 0xdc,
-  0xd8, 0xc0, 0x9e, 0x57, 0xe3, 0xc3, 0x7b, 0x65, 0x3b, 0x02, 0x8f, 0x3e, 0xe8, 0x25, 0x92, 0xe5,
-  0x15, 0xdd, 0xfd, 0x17, 0xa9, 0xbf, 0xd4, 0x9a, 0x7e, 0xc5, 0x39, 0x67, 0xfe, 0x76, 0x9d, 0x43,
-  0xa7, 0xe1, 0xd0, 0xf5, 0x68, 0xf2, 0x1b, 0x34, 0x70, 0x05, 0xa3, 0x8a, 0xd5, 0x79, 0x86, 0xa8,
-  0x30, 0xc6, 0x51, 0x4b, 0x1e, 0xa6, 0x27, 0xf6, 0x35, 0xd2, 0x6e, 0x24, 0x16, 0x82, 0x5f, 0xda,
-  0xe6, 0x75, 0xa2, 0xef, 0x2c, 0xb2, 0x1c, 0x9f, 0x5d, 0x6f, 0x80, 0x0a, 0x72, 0x44, 0x9b, 0x6c,
-  0x90, 0x0b, 0x5b, 0x33, 0x7d, 0x5a, 0x52, 0xf3, 0x61, 0xa1, 0xf7, 0xb0, 0xd6, 0x3f, 0x7c, 0x6d,
-  0xed, 0x14, 0xe0, 0xa5, 0x3d, 0x22, 0xb3, 0xf8, 0x89, 0xde, 0x71, 0x1a, 0xaf, 0xba, 0xb5, 0x81},
-  // inverse of S-box type 1
-{
-  0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
-  0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
-  0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
-  0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
-  0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
-  0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
-  0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
-  0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
-  0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
-  0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
-  0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
-  0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
-  0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
-  0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
-  0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
-  0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d},
-  // inverse of S-box type 2
-{
-  0x30, 0x68, 0x99, 0x1b, 0x87, 0xb9, 0x21, 0x78, 0x50, 0x39, 0xdb, 0xe1, 0x72, 0x09, 0x62, 0x3c,
-  0x3e, 0x7e, 0x5e, 0x8e, 0xf1, 0xa0, 0xcc, 0xa3, 0x2a, 0x1d, 0xfb, 0xb6, 0xd6, 0x20, 0xc4, 0x8d,
-  0x81, 0x65, 0xf5, 0x89, 0xcb, 0x9d, 0x77, 0xc6, 0x57, 0x43, 0x56, 0x17, 0xd4, 0x40, 0x1a, 0x4d,
-  0xc0, 0x63, 0x6c, 0xe3, 0xb7, 0xc8, 0x64, 0x6a, 0x53, 0xaa, 0x38, 0x98, 0x0c, 0xf4, 0x9b, 0xed,
-  0x7f, 0x22, 0x76, 0xaf, 0xdd, 0x3a, 0x0b, 0x58, 0x67, 0x88, 0x06, 0xc3, 0x35, 0x0d, 0x01, 0x8b,
-  0x8c, 0xc2, 0xe6, 0x5f, 0x02, 0x24, 0x75, 0x93, 0x66, 0x1e, 0xe5, 0xe2, 0x54, 0xd8, 0x10, 0xce,
-  0x7a, 0xe8, 0x08, 0x2c, 0x12, 0x97, 0x32, 0xab, 0xb4, 0x27, 0x0a, 0x23, 0xdf, 0xef, 0xca, 0xd9,
-  0xb8, 0xfa, 0xdc, 0x31, 0x6b, 0xd1, 0xad, 0x19, 0x49, 0xbd, 0x51, 0x96, 0xee, 0xe4, 0xa8, 0x41,
-  0xda, 0xff, 0xcd, 0x55, 0x86, 0x36, 0xbe, 0x61, 0x52, 0xf8, 0xbb, 0x0e, 0x82, 0x48, 0x69, 0x9a,
-  0xe0, 0x47, 0x9e, 0x5c, 0x04, 0x4b, 0x34, 0x15, 0x79, 0x26, 0xa7, 0xde, 0x29, 0xae, 0x92, 0xd7,
-  0x84, 0xe9, 0xd2, 0xba, 0x5d, 0xf3, 0xc5, 0xb0, 0xbf, 0xa4, 0x3b, 0x71, 0x44, 0x46, 0x2b, 0xfc,
-  0xeb, 0x6f, 0xd5, 0xf6, 0x14, 0xfe, 0x7c, 0x70, 0x5a, 0x7d, 0xfd, 0x2f, 0x18, 0x83, 0x16, 0xa5,
-  0x91, 0x1f, 0x05, 0x95, 0x74, 0xa9, 0xc1, 0x5b, 0x4a, 0x85, 0x6d, 0x13, 0x07, 0x4f, 0x4e, 0x45,
-  0xb2, 0x0f, 0xc9, 0x1c, 0xa6, 0xbc, 0xec, 0x73, 0x90, 0x7b, 0xcf, 0x59, 0x8f, 0xa1, 0xf9, 0x2d,
-  0xf2, 0xb1, 0x00, 0x94, 0x37, 0x9f, 0xd0, 0x2e, 0x9c, 0x6e, 0x28, 0x3f, 0x80, 0xf0, 0x3d, 0xd3,
-  0x25, 0x8a, 0xb5, 0xe7, 0x42, 0xb3, 0xc7, 0xea, 0xf7, 0x4c, 0x11, 0x33, 0x03, 0xa2, 0xac, 0x60}
-};
+#define ARIA_BY(X,Y) (((byte *)(&X))[Y])
+#define ARIA_BRF(T,R) ((byte)((T)>>(R)))
+#define ARIA_WO(X,Y) (((word32 *)(X))[Y])
 
-// constants used in the round key generation
-CRYPTOPP_ALIGN_DATA(16)
-const byte ARIA::Base::KRK[3][16] = {
-  {0x51, 0x7c, 0xc1, 0xb7, 0x27, 0x22, 0x0a, 0x94, 0xfe, 0x13, 0xab, 0xe8, 0xfa, 0x9a, 0x6e, 0xe0},
-  {0x6d, 0xb1, 0x4a, 0xcc, 0x9e, 0x21, 0xc8, 0x20, 0xff, 0x28, 0xb1, 0xd5, 0xef, 0x5d, 0xe2, 0xb0},
-  {0xdb, 0x92, 0x37, 0x1d, 0x21, 0x26, 0xe9, 0x70, 0x03, 0x24, 0x97, 0x75, 0x04, 0xe8, 0xc9, 0x0e}
-};
-
-// Diffusion Layer
-inline void DL (const byte *i, byte *o)
-{
-	byte T;
-	T = i[ 3] ^ i[ 4] ^ i[ 9] ^ i[14];
-	o[ 0] = i[ 6] ^ i[ 8] ^ i[13] ^ T;
-	o[ 5] = i[ 1] ^ i[10] ^ i[15] ^ T;
-	o[11] = i[ 2] ^ i[ 7] ^ i[12] ^ T;
-	o[14] = i[ 0] ^ i[ 5] ^ i[11] ^ T;
-	T = i[ 2] ^ i[ 5] ^ i[ 8] ^ i[15];
-	o[ 1] = i[ 7] ^ i[ 9] ^ i[12] ^ T;
-	o[ 4] = i[ 0] ^ i[11] ^ i[14] ^ T;
-	o[10] = i[ 3] ^ i[ 6] ^ i[13] ^ T;
-	o[15] = i[ 1] ^ i[ 4] ^ i[10] ^ T;
-	T = i[ 1] ^ i[ 6] ^ i[11] ^ i[12];
-	o[ 2] = i[ 4] ^ i[10] ^ i[15] ^ T;
-	o[ 7] = i[ 3] ^ i[ 8] ^ i[13] ^ T;
-	o[ 9] = i[ 0] ^ i[ 5] ^ i[14] ^ T;
-	o[12] = i[ 2] ^ i[ 7] ^ i[ 9] ^ T;
-	T = i[ 0] ^ i[ 7] ^ i[10] ^ i[13];
-	o[ 3] = i[ 5] ^ i[11] ^ i[14] ^ T;
-	o[ 6] = i[ 2] ^ i[ 9] ^ i[12] ^ T;
-	o[ 8] = i[ 1] ^ i[ 4] ^ i[15] ^ T;
-	o[13] = i[ 3] ^ i[ 6] ^ i[ 8] ^ T;
+inline word32 ReverseWord(const word32 w) {
+    return ByteReverse(w);
 }
 
-// Right-rotate 128 bit source string s by n bits and XOR it to target string t.
-// Three implementations are provided. First is the CXX implementation. Second is the Intel
-// implementations (one with MOVBE, one without MOVBE). Third is the ARM implementations.
-// The specializations for 0 and non-0 rotate help save about 100 insns per subkey round.
-template <unsigned int N>
-inline void RotateAndXOR(const byte s[16], byte t[16])
-{
-	// From the reference implementation
-	int i, n, q;
-
-	n = N; q = n/8; n %= 8;
-	for (i = 0; i < 16; i++) {
-		t[(q+i) % 16] ^= (s[i] >> n);
-		if (n != 0) t[(q+i+1) % 16] ^= (s[i] << (8-n));
-	}
+inline word32 LoadWord(const word32 x) {
+	return ConditionalByteReverse(BIG_ENDIAN_ORDER, x);
 }
 
-template<>
-inline void RotateAndXOR<0>(const byte s[16], byte t[16])
-{
-	for (int i=0; i<16; ++i)
-		t[i] ^= s[i];
-}
+// Key XOR Layer
+#define ARIA_KXL {  \
+    t[0]^=ARIA_WO(rk,0); t[1]^=ARIA_WO(rk,1); t[2]^=ARIA_WO(rk,2); t[3]^=ARIA_WO(rk,3);  \
+    rk += 16;  \
+  }
+
+// S-Box Layer 1 + M
+#define SBL1_M(T0,T1,T2,T3) {  \
+    T0=S1[ARIA_BRF(T0,24)]^S2[ARIA_BRF(T0,16)]^X1[ARIA_BRF(T0,8)]^X2[ARIA_BRF(T0,0)];  \
+    T1=S1[ARIA_BRF(T1,24)]^S2[ARIA_BRF(T1,16)]^X1[ARIA_BRF(T1,8)]^X2[ARIA_BRF(T1,0)];  \
+    T2=S1[ARIA_BRF(T2,24)]^S2[ARIA_BRF(T2,16)]^X1[ARIA_BRF(T2,8)]^X2[ARIA_BRF(T2,0)];  \
+    T3=S1[ARIA_BRF(T3,24)]^S2[ARIA_BRF(T3,16)]^X1[ARIA_BRF(T3,8)]^X2[ARIA_BRF(T3,0)];  \
+  }
+
+// S-Box Layer 2 + M
+#define SBL2_M(T0,T1,T2,T3) {  \
+    T0=X1[ARIA_BRF(T0,24)]^X2[ARIA_BRF(T0,16)]^S1[ARIA_BRF(T0,8)]^S2[ARIA_BRF(T0,0)];  \
+    T1=X1[ARIA_BRF(T1,24)]^X2[ARIA_BRF(T1,16)]^S1[ARIA_BRF(T1,8)]^S2[ARIA_BRF(T1,0)];  \
+    T2=X1[ARIA_BRF(T2,24)]^X2[ARIA_BRF(T2,16)]^S1[ARIA_BRF(T2,8)]^S2[ARIA_BRF(T2,0)];  \
+    T3=X1[ARIA_BRF(T3,24)]^X2[ARIA_BRF(T3,16)]^S1[ARIA_BRF(T3,8)]^S2[ARIA_BRF(T3,0)];  \
+  }
+
+#define ARIA_MM(T0,T1,T2,T3) {           \
+    (T1)^=(T2); (T2)^=(T3); (T0)^=(T1);  \
+    (T3)^=(T1); (T2)^=(T0); (T1)^=(T2);  \
+  }
+
+#define ARIA_P(T0,T1,T2,T3) {                                  \
+    (T1) = (((T1)<< 8)&0xff00ff00) ^ (((T1)>> 8)&0x00ff00ff);  \
+    (T2) = rotrFixed((T2),16);                                 \
+    (T3) = ReverseWord((T3));                                  \
+  }
+
+#define ARIA_FO {SBL1_M(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3])}
+#define ARIA_FE {SBL2_M(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[2],t[3],t[0],t[1]) ARIA_MM(t[0],t[1],t[2],t[3])}
+
+// n-bit right shift of Y XORed to X
+#define ARIA_GSRK(X, Y, n) { \
+    q = 4-((n)/32);          \
+    r = (n) % 32;            \
+    ARIA_WO(rk,0) = ((X)[0]) ^ (((Y)[(q  )%4])>>r) ^ (((Y)[(q+3)%4])<<(32-r));  \
+    ARIA_WO(rk,1) = ((X)[1]) ^ (((Y)[(q+1)%4])>>r) ^ (((Y)[(q  )%4])<<(32-r));  \
+    ARIA_WO(rk,2) = ((X)[2]) ^ (((Y)[(q+2)%4])>>r) ^ (((Y)[(q+1)%4])<<(32-r));  \
+    ARIA_WO(rk,3) = ((X)[3]) ^ (((Y)[(q+3)%4])>>r) ^ (((Y)[(q+2)%4])<<(32-r));  \
+    rk += 16;                \
+  }
+
+#if defined(_MSC_VER)
+#define ARIA_M1(X,Y) {        \
+    w=_lrotr((X), 8);         \
+    (Y)=w^_lrotr((X)^w, 16);  \
+  }
+#else
+#define ARIA_M1(X,Y) {						\
+    Y=(X)<<8 ^ (X)>>8 ^ (X)<<16 ^ (X)>>16 ^ (X)<<24 ^ (X)>>24;	\
+  }
+#endif
 
 void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params)
 {
 	CRYPTOPP_ASSERT(key && keylen);
 	CRYPTOPP_UNUSED(params);
 
-	// w0 makes room for a 32-byte key. w1, w2 and w3 uses 16-byte blocks
-	int  i, R = (keylen+32)/4, q = (keylen - 16) / 8;
-	byte *w0 = m_w.data(), *w1 = m_w.data()+32, *w2 = m_w.data()+48, *w3 = m_w.data()+64, *t = m_w.data()+80;
+	const byte *mk = key;
+	byte *rk = m_rk.data();
+	int keyBits, Q, q, R, r;
 
-	byte* rk = m_rkey.data();
-	m_rounds = R;
-
-	memcpy(w0, key, keylen);
-	for (i = 0; i < 16; i++)
-		t[i] = S[i % 4][KRK[q][i] ^ w0[i]];
-
-	DL (t, w1);
-	if (m_rounds == 14)
-		for (i = 0; i <  8; i++)
-			w1[i] ^= w0[16+i];
-	else if (m_rounds==16)
-		for (i = 0; i < 16; i++)
-			w1[i] ^= w0[16+i];
-
-	q = (q==2) ? 0 : (q+1);
-	for (i = 0; i < 16; i++)
-		t[i] = S[(2 + i) % 4][KRK[q][i] ^ w1[i]];
-
-	DL (t, w2);
-	for (i = 0; i < 16; i++)
-		w2[i] ^= w0[i];
-
-	q = (q==2) ? 0 : (q+1);
-	for (i = 0; i < 16; i++)
-		t[i] = S[i % 4][KRK[q][i] ^ w2[i]];
-
-	DL (t, w3);
-	for (i = 0; i < 16; i++)
-		w3[i] ^= w1[i];
-
-	for (i = 0; i < 16*(R+1); i++)
-		rk[i] = 0;
-
-	RotateAndXOR<0>(w0, rk +   0); RotateAndXOR<19>(w1, rk +   0);
-	RotateAndXOR<0>(w1, rk +  16); RotateAndXOR<19>(w2, rk +  16);
-	RotateAndXOR<0>(w2, rk +  32); RotateAndXOR<19>(w3, rk +  32);
-	RotateAndXOR<0>(w3, rk +  48); RotateAndXOR<19>(w0, rk +  48);
-	RotateAndXOR<0>(w0, rk +  64); RotateAndXOR<31>(w1, rk +  64);
-	RotateAndXOR<0>(w1, rk +  80); RotateAndXOR<31>(w2, rk +  80);
-	RotateAndXOR<0>(w2, rk +  96); RotateAndXOR<31>(w3, rk +  96);
-	RotateAndXOR<0>(w3, rk + 112); RotateAndXOR<31>(w0, rk + 112);
-	RotateAndXOR<0>(w0, rk + 128); RotateAndXOR<67>(w1, rk + 128);
-	RotateAndXOR<0>(w1, rk + 144); RotateAndXOR<67>(w2, rk + 144);
-	RotateAndXOR<0>(w2, rk + 160); RotateAndXOR<67>(w3, rk + 160);
-	RotateAndXOR<0>(w3, rk + 176); RotateAndXOR<67>(w0, rk + 176);
-	RotateAndXOR<0>(w0, rk + 192); RotateAndXOR<97>(w1, rk + 192);
-
-	if (m_rounds > 12) {
-		RotateAndXOR<0>(w1, rk + 208); RotateAndXOR<97>(w2, rk + 208);
-		RotateAndXOR<0>(w2, rk + 224); RotateAndXOR<97>(w3, rk + 224);
+	switch (keylen)
+	{
+	case 16:
+		R = r = m_rounds = 12;
+		keyBits = 128;
+		Q = q = 0;
+		break;
+	case 32:
+		R = r = m_rounds = 16;
+		keyBits = 256;
+		Q = q = 2;
+		break;
+	case 24:
+		R = r = m_rounds = 14;
+		keyBits = 192;
+		Q = q = 1;
+		break;
+	default:
+		Q = q = R = r = keyBits = m_rounds = 0;
+		CRYPTOPP_ASSERT(0);
 	}
 
-	if (m_rounds > 14) {
-		RotateAndXOR<0>(w3, rk + 240); RotateAndXOR< 97>(w0, rk + 240);
-		RotateAndXOR<0>(w0, rk + 256); RotateAndXOR<109>(w1, rk + 256);
+	// w0 has room for 32 bytes. w1-w3 each has room for 16 bytes. t is a 16 byte temp area.
+	word32 *w0 = m_w.data(), *w1 = m_w.data()+8, *w2 = m_w.data()+12, *w3 = m_w.data()+16, *t = m_w.data()+20;
+
+	w0[0] = LoadWord(ARIA_WO(mk,0)); w0[1] = LoadWord(ARIA_WO(mk,1));
+	w0[0] = LoadWord(ARIA_WO(mk,0)); w0[1] = LoadWord(ARIA_WO(mk,1));
+	w0[2] = LoadWord(ARIA_WO(mk,2)); w0[3] = LoadWord(ARIA_WO(mk,3));
+
+	t[0]=w0[0]^KRK[q][0]; t[1]=w0[1]^KRK[q][1];
+	t[2]=w0[2]^KRK[q][2]; t[3]=w0[3]^KRK[q][3];
+	ARIA_FO;
+
+	if (keyBits > 128)
+	{
+		w1[0] = LoadWord(ARIA_WO(mk,4));
+		w1[1] = LoadWord(ARIA_WO(mk,5));
+
+		if (keyBits > 192)
+		{
+			w1[2] = LoadWord(ARIA_WO(mk,6));
+			w1[3] = LoadWord(ARIA_WO(mk,7));
+		}
+		else
+		{
+			w1[2]=w1[3]=0;
+		}
+	}
+	else
+	{
+		w1[0]=w1[1]=w1[2]=w1[3]=0;
 	}
 
+	w1[0]^=t[0]; w1[1]^=t[1]; w1[2]^=t[2]; w1[3]^=t[3];
+	t[0]=w1[0];  t[1]=w1[1];  t[2]=w1[2];  t[3]=w1[3];
+
+	q = (q==2) ? 0 : (q+1);
+	t[0]^=KRK[q][0]; t[1]^=KRK[q][1]; t[2]^=KRK[q][2]; t[3]^=KRK[q][3];
+	ARIA_FE;
+	t[0]^=w0[0]; t[1]^=w0[1]; t[2]^=w0[2]; t[3]^=w0[3];
+	w2[0]=t[0]; w2[1]=t[1]; w2[2]=t[2]; w2[3]=t[3];
+
+	q = (q==2) ? 0 : (q+1);
+	t[0]^=KRK[q][0]; t[1]^=KRK[q][1]; t[2]^=KRK[q][2]; t[3]^=KRK[q][3];
+	ARIA_FO;
+	w3[0]=t[0]^w1[0]; w3[1]=t[1]^w1[1]; w3[2]=t[2]^w1[2]; w3[3]=t[3]^w1[3];
+
+	ARIA_GSRK(w0, w1, 19);
+	ARIA_GSRK(w1, w2, 19);
+	ARIA_GSRK(w2, w3, 19);
+	ARIA_GSRK(w3, w0, 19);
+	ARIA_GSRK(w0, w1, 31);
+	ARIA_GSRK(w1, w2, 31);
+	ARIA_GSRK(w2, w3, 31);
+	ARIA_GSRK(w3, w0, 31);
+	ARIA_GSRK(w0, w1, 67);
+	ARIA_GSRK(w1, w2, 67);
+	ARIA_GSRK(w2, w3, 67);
+	ARIA_GSRK(w3, w0, 67);
+	ARIA_GSRK(w0, w1, 97);
+
+	if (keyBits > 128)
+	{
+		ARIA_GSRK(w1, w2, 97);
+		ARIA_GSRK(w2, w3, 97);
+
+		if (keyBits > 192)
+		{
+			ARIA_GSRK(w3, w0,  97);
+			ARIA_GSRK(w0, w1, 109);
+		}
+	}
+
+	// Decryption operation
 	if (!IsForwardTransformation())
 	{
-		int  i, j;
-		for (j = 0; j < 16; j++)
+		word32 *a, *z, w;
+		word32 s0, s1, s2, s3;
+
+		mk = key;
+		rk = m_rk.data();
+		r = R; q = Q;
+
+		a=reinterpret_cast<word32*>(rk);  z=a+r*4;
+		t[0]=a[0]; t[1]=a[1]; t[2]=a[2]; t[3]=a[3];
+		a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
+		z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
+		a+=4; z-=4;
+
+		for (; a<z; a+=4, z-=4)
 		{
-			t[j] = rk[j];
-			rk[j] = rk[16*R + j];
-			rk[16*R + j] = t[j];
-		}
-		for (i = 1; i <= R/2; i++)
-		{
-			DL (rk + i*16, t);
-			DL (rk + (R-i)*16, rk + i*16);
-			for (j = 0; j < 16; j++)
-				rk[(R-i)*16 + j] = t[j];
+			ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
+			ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3])
+			s0=t[0]; s1=t[1]; s2=t[2]; s3=t[3];
+			ARIA_M1(z[0],t[0]); ARIA_M1(z[1],t[1]); ARIA_M1(z[2],t[2]); ARIA_M1(z[3],t[3]);
+			ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3])
+			a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
+			z[0]=s0; z[1]=s1; z[2]=s2; z[3]=s3;
 		}
+		ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
+		ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3])
+		z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
 	}
 }
 
 void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
-	// t is a workspace; cast away const for this method
-	byte* t = const_cast<byte*>(m_w.data()+80);
-	int i, j, R = m_rounds;
+	const byte *i=inBlock, *x=xorBlock;
+	byte *o = outBlock;
 
-	const byte *p = inBlock;
-	const byte *e = m_rkey.data();
-	byte *c = outBlock;
+	const byte *rk = reinterpret_cast<const byte*>(m_rk.data());
+	word32 *t = const_cast<word32*>(m_w.data()+20);
 
-	for (j = 0; j < 16; j++) c[j] = p[j];
-	for (i = 0; i < R/2; i++)
-	{
-		for (j = 0; j < 16; j++) t[j] = S[     j  % 4][e[j] ^ c[j]];
-		DL(t, c); e += 16;
-		for (j = 0; j < 16; j++) t[j] = S[(2 + j) % 4][e[j] ^ c[j]];
-		DL(t, c); e += 16;
+	t[0] = LoadWord(ARIA_WO(i,0)); t[1] = LoadWord(ARIA_WO(i,1));
+	t[2] = LoadWord(ARIA_WO(i,2)); t[3] = LoadWord(ARIA_WO(i,3));
+
+	if (m_rounds > 12) {
+		ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE
 	}
-	DL(c, t);
-	for (j = 0; j < 16; j++) c[j] = e[j] ^ t[j];
 
-	if (xorBlock)
-		for (i = 0; i < 16; ++i)
-			outBlock[i] ^= xorBlock[i];
+	if (m_rounds > 14) {
+		ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE
+	}
+
+	ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE
+	ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE
+	ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE ARIA_KXL ARIA_FO ARIA_KXL
+
+#ifdef IS_LITTLE_ENDIAN
+	o[ 0] = (byte)(X1[ARIA_BRF(t[0],24)]   ) ^ rk[ 3];
+	o[ 1] = (byte)(X2[ARIA_BRF(t[0],16)]>>8) ^ rk[ 2];
+	o[ 2] = (byte)(S1[ARIA_BRF(t[0], 8)]   ) ^ rk[ 1];
+	o[ 3] = (byte)(S2[ARIA_BRF(t[0], 0)]   ) ^ rk[ 0];
+	o[ 4] = (byte)(X1[ARIA_BRF(t[1],24)]   ) ^ rk[ 7];
+	o[ 5] = (byte)(X2[ARIA_BRF(t[1],16)]>>8) ^ rk[ 6];
+	o[ 6] = (byte)(S1[ARIA_BRF(t[1], 8)]   ) ^ rk[ 5];
+	o[ 7] = (byte)(S2[ARIA_BRF(t[1], 0)]   ) ^ rk[ 4];
+	o[ 8] = (byte)(X1[ARIA_BRF(t[2],24)]   ) ^ rk[11];
+	o[ 9] = (byte)(X2[ARIA_BRF(t[2],16)]>>8) ^ rk[10];
+	o[10] = (byte)(S1[ARIA_BRF(t[2], 8)]   ) ^ rk[ 9];
+	o[11] = (byte)(S2[ARIA_BRF(t[2], 0)]   ) ^ rk[ 8];
+	o[12] = (byte)(X1[ARIA_BRF(t[3],24)]   ) ^ rk[15];
+	o[13] = (byte)(X2[ARIA_BRF(t[3],16)]>>8) ^ rk[14];
+	o[14] = (byte)(S1[ARIA_BRF(t[3], 8)]   ) ^ rk[13];
+	o[15] = (byte)(S2[ARIA_BRF(t[3], 0)]   ) ^ rk[12];
+#else
+	o[ 0] = (byte)(X1[ARIA_BRF(t[0],24)]   );
+	o[ 1] = (byte)(X2[ARIA_BRF(t[0],16)]>>8);
+	o[ 2] = (byte)(S1[ARIA_BRF(t[0], 8)]   );
+	o[ 3] = (byte)(S2[ARIA_BRF(t[0], 0)]   );
+	o[ 4] = (byte)(X1[ARIA_BRF(t[1],24)]   );
+	o[ 5] = (byte)(X2[ARIA_BRF(t[1],16)]>>8);
+	o[ 6] = (byte)(S1[ARIA_BRF(t[1], 8)]   );
+	o[ 7] = (byte)(S2[ARIA_BRF(t[1], 0)]   );
+	o[ 8] = (byte)(X1[ARIA_BRF(t[2],24)]   );
+	o[ 9] = (byte)(X2[ARIA_BRF(t[2],16)]>>8);
+	o[10] = (byte)(S1[ARIA_BRF(t[2], 8)]   );
+	o[11] = (byte)(S2[ARIA_BRF(t[2], 0)]   );
+	o[12] = (byte)(X1[ARIA_BRF(t[3],24)]   );
+	o[13] = (byte)(X2[ARIA_BRF(t[3],16)]>>8);
+	o[14] = (byte)(S1[ARIA_BRF(t[3], 8)]   );
+	o[15] = (byte)(S2[ARIA_BRF(t[3], 0)]   );
+	ARIA_WO(o,0)^=ARIA_WO(rk,0); ARIA_WO(o,1)^=ARIA_WO(rk,1);
+	ARIA_WO(o,2)^=ARIA_WO(rk,2); ARIA_WO(o,3)^=ARIA_WO(rk,3);
+#endif
+
+	if (x)
+		for (size_t n=0; n<16; ++n)
+			o[n] ^= x[n];
 }
 
 NAMESPACE_END
diff --git a/aria.h b/aria.h
index de041f96..3c81e24f 100644
--- a/aria.h
+++ b/aria.h
@@ -2,6 +2,10 @@
 
 //! \file aria.h
 //! \brief Classes for the ARIA block cipher
+//! \details The Crypto++ ARIA implementation is based on the 32-bit implementation by Aaram Yun
+//!   from the National Security Research Institute, KOREA. Aaram Yun's implementation is based on
+//!   the 8-bit implementation provided by Jin Hong. The source files are available in ARIA.zip
+//!   from the Korea Internet & Security Agency website.
 //! \sa <A HREF="http://tools.ietf.org/html/rfc5794">RFC 5794, A Description of the ARIA Encryption Algorithm</A>,
 //!   <A HREF="http://seed.kisa.or.kr/iwt/ko/bbs/EgovReferenceList.do?bbsId=BBSMSTR_000000000002">Korea
 //!   Internet & Security Agency homepage</A>
@@ -34,15 +38,10 @@ public:
 		void UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params);
 		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 
-	protected:
-		CRYPTOPP_ALIGN_DATA(16)
-		static const byte S[4][256];
-
-		CRYPTOPP_ALIGN_DATA(16)
-		static const byte KRK[3][16];
-
-		FixedSizeAlignedSecBlock<byte, 16*17> m_rkey;  // round keys
-		FixedSizeAlignedSecBlock<byte, 16*6>  m_w;     // scratch, w0, w1, w2, w3 and t
+	private:
+		// Reference implementation allocates a table for 17 sub-keys
+		FixedSizeAlignedSecBlock<byte, 16*17> m_rk;  // round keys
+		FixedSizeAlignedSecBlock<word32, 4*6> m_w;   // w0, w1, w2, w3 and t
 		unsigned int m_rounds;
 	};
 

From d6b295203b75306bad49d006befe3af7ee561a61 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 11 Apr 2017 16:19:36 -0400
Subject: [PATCH 014/200] Additional library integration for ARIA

---
 aria.cpp | 159 ++++++++++++++++++++++++++++---------------------------
 1 file changed, 80 insertions(+), 79 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index f8edfeb9..fabc7ae6 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -14,10 +14,6 @@
 #include "misc.h"
 #include "cpu.h"
 
-#include <iostream>
-#include "files.h"
-#include "hex.h"
-
 ANONYMOUS_NAMESPACE_BEGIN
 
 CRYPTOPP_ALIGN_DATA(16)
@@ -175,12 +171,14 @@ ANONYMOUS_NAMESPACE_END
 
 NAMESPACE_BEGIN(CryptoPP)
 
-#define ARIA_BY(X,Y) (((byte *)(&X))[Y])
-#define ARIA_BRF(T,R) ((byte)((T)>>(R)))
 #define ARIA_WO(X,Y) (((word32 *)(X))[Y])
 
+inline byte ARIA_BRF(const word32 x, int y) {
+	return GETBYTE(x, y);
+}
+
 inline word32 ReverseWord(const word32 w) {
-    return ByteReverse(w);
+	return ByteReverse(w);
 }
 
 inline word32 LoadWord(const word32 x) {
@@ -190,23 +188,22 @@ inline word32 LoadWord(const word32 x) {
 // Key XOR Layer
 #define ARIA_KXL {  \
     t[0]^=ARIA_WO(rk,0); t[1]^=ARIA_WO(rk,1); t[2]^=ARIA_WO(rk,2); t[3]^=ARIA_WO(rk,3);  \
-    rk += 16;  \
   }
 
 // S-Box Layer 1 + M
 #define SBL1_M(T0,T1,T2,T3) {  \
-    T0=S1[ARIA_BRF(T0,24)]^S2[ARIA_BRF(T0,16)]^X1[ARIA_BRF(T0,8)]^X2[ARIA_BRF(T0,0)];  \
-    T1=S1[ARIA_BRF(T1,24)]^S2[ARIA_BRF(T1,16)]^X1[ARIA_BRF(T1,8)]^X2[ARIA_BRF(T1,0)];  \
-    T2=S1[ARIA_BRF(T2,24)]^S2[ARIA_BRF(T2,16)]^X1[ARIA_BRF(T2,8)]^X2[ARIA_BRF(T2,0)];  \
-    T3=S1[ARIA_BRF(T3,24)]^S2[ARIA_BRF(T3,16)]^X1[ARIA_BRF(T3,8)]^X2[ARIA_BRF(T3,0)];  \
+    T0=S1[ARIA_BRF(T0,3)]^S2[ARIA_BRF(T0,2)]^X1[ARIA_BRF(T0,1)]^X2[ARIA_BRF(T0,0)];  \
+    T1=S1[ARIA_BRF(T1,3)]^S2[ARIA_BRF(T1,2)]^X1[ARIA_BRF(T1,1)]^X2[ARIA_BRF(T1,0)];  \
+    T2=S1[ARIA_BRF(T2,3)]^S2[ARIA_BRF(T2,2)]^X1[ARIA_BRF(T2,1)]^X2[ARIA_BRF(T2,0)];  \
+    T3=S1[ARIA_BRF(T3,3)]^S2[ARIA_BRF(T3,2)]^X1[ARIA_BRF(T3,1)]^X2[ARIA_BRF(T3,0)];  \
   }
 
 // S-Box Layer 2 + M
 #define SBL2_M(T0,T1,T2,T3) {  \
-    T0=X1[ARIA_BRF(T0,24)]^X2[ARIA_BRF(T0,16)]^S1[ARIA_BRF(T0,8)]^S2[ARIA_BRF(T0,0)];  \
-    T1=X1[ARIA_BRF(T1,24)]^X2[ARIA_BRF(T1,16)]^S1[ARIA_BRF(T1,8)]^S2[ARIA_BRF(T1,0)];  \
-    T2=X1[ARIA_BRF(T2,24)]^X2[ARIA_BRF(T2,16)]^S1[ARIA_BRF(T2,8)]^S2[ARIA_BRF(T2,0)];  \
-    T3=X1[ARIA_BRF(T3,24)]^X2[ARIA_BRF(T3,16)]^S1[ARIA_BRF(T3,8)]^S2[ARIA_BRF(T3,0)];  \
+    T0=X1[ARIA_BRF(T0,3)]^X2[ARIA_BRF(T0,2)]^S1[ARIA_BRF(T0,1)]^S2[ARIA_BRF(T0,0)];  \
+    T1=X1[ARIA_BRF(T1,3)]^X2[ARIA_BRF(T1,2)]^S1[ARIA_BRF(T1,1)]^S2[ARIA_BRF(T1,0)];  \
+    T2=X1[ARIA_BRF(T2,3)]^X2[ARIA_BRF(T2,2)]^S1[ARIA_BRF(T2,1)]^S2[ARIA_BRF(T2,0)];  \
+    T3=X1[ARIA_BRF(T3,3)]^X2[ARIA_BRF(T3,2)]^S1[ARIA_BRF(T3,1)]^S2[ARIA_BRF(T3,0)];  \
   }
 
 #define ARIA_MM(T0,T1,T2,T3) {           \
@@ -224,20 +221,19 @@ inline word32 LoadWord(const word32 x) {
 #define ARIA_FE {SBL2_M(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[2],t[3],t[0],t[1]) ARIA_MM(t[0],t[1],t[2],t[3])}
 
 // n-bit right shift of Y XORed to X
-#define ARIA_GSRK(X, Y, n) { \
+#define ARIA_GSRK(RK, X, Y, n) { \
     q = 4-((n)/32);          \
     r = (n) % 32;            \
-    ARIA_WO(rk,0) = ((X)[0]) ^ (((Y)[(q  )%4])>>r) ^ (((Y)[(q+3)%4])<<(32-r));  \
-    ARIA_WO(rk,1) = ((X)[1]) ^ (((Y)[(q+1)%4])>>r) ^ (((Y)[(q  )%4])<<(32-r));  \
-    ARIA_WO(rk,2) = ((X)[2]) ^ (((Y)[(q+2)%4])>>r) ^ (((Y)[(q+1)%4])<<(32-r));  \
-    ARIA_WO(rk,3) = ((X)[3]) ^ (((Y)[(q+3)%4])>>r) ^ (((Y)[(q+2)%4])<<(32-r));  \
-    rk += 16;                \
+    ARIA_WO((RK),0) = ((X)[0]) ^ (((Y)[(q  )%4])>>r) ^ (((Y)[(q+3)%4])<<(32-r));  \
+    ARIA_WO((RK),1) = ((X)[1]) ^ (((Y)[(q+1)%4])>>r) ^ (((Y)[(q  )%4])<<(32-r));  \
+    ARIA_WO((RK),2) = ((X)[2]) ^ (((Y)[(q+2)%4])>>r) ^ (((Y)[(q+1)%4])<<(32-r));  \
+    ARIA_WO((RK),3) = ((X)[3]) ^ (((Y)[(q+3)%4])>>r) ^ (((Y)[(q+2)%4])<<(32-r));  \
   }
 
 #if defined(_MSC_VER)
-#define ARIA_M1(X,Y) {        \
-    w=_lrotr((X), 8);         \
-    (Y)=w^_lrotr((X)^w, 16);  \
+#define ARIA_M1(X,Y) {           \
+    w=rotrFixed((X), 8);         \
+    (Y)=w^rotrFixed((X)^w, 16);  \
   }
 #else
 #define ARIA_M1(X,Y) {						\
@@ -321,29 +317,29 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	ARIA_FO;
 	w3[0]=t[0]^w1[0]; w3[1]=t[1]^w1[1]; w3[2]=t[2]^w1[2]; w3[3]=t[3]^w1[3];
 
-	ARIA_GSRK(w0, w1, 19);
-	ARIA_GSRK(w1, w2, 19);
-	ARIA_GSRK(w2, w3, 19);
-	ARIA_GSRK(w3, w0, 19);
-	ARIA_GSRK(w0, w1, 31);
-	ARIA_GSRK(w1, w2, 31);
-	ARIA_GSRK(w2, w3, 31);
-	ARIA_GSRK(w3, w0, 31);
-	ARIA_GSRK(w0, w1, 67);
-	ARIA_GSRK(w1, w2, 67);
-	ARIA_GSRK(w2, w3, 67);
-	ARIA_GSRK(w3, w0, 67);
-	ARIA_GSRK(w0, w1, 97);
+	ARIA_GSRK(rk +   0, w0, w1, 19);
+	ARIA_GSRK(rk +  16, w1, w2, 19);
+	ARIA_GSRK(rk +  32, w2, w3, 19);
+	ARIA_GSRK(rk +  48, w3, w0, 19);
+	ARIA_GSRK(rk +  64, w0, w1, 31);
+	ARIA_GSRK(rk +  80, w1, w2, 31);
+	ARIA_GSRK(rk +  96, w2, w3, 31);
+	ARIA_GSRK(rk + 112, w3, w0, 31);
+	ARIA_GSRK(rk + 128, w0, w1, 67);
+	ARIA_GSRK(rk + 144, w1, w2, 67);
+	ARIA_GSRK(rk + 160, w2, w3, 67);
+	ARIA_GSRK(rk + 176, w3, w0, 67);
+	ARIA_GSRK(rk + 192, w0, w1, 97);
 
 	if (keyBits > 128)
 	{
-		ARIA_GSRK(w1, w2, 97);
-		ARIA_GSRK(w2, w3, 97);
+		ARIA_GSRK(rk + 208, w1, w2, 97);
+		ARIA_GSRK(rk + 224, w2, w3, 97);
 
 		if (keyBits > 192)
 		{
-			ARIA_GSRK(w3, w0,  97);
-			ARIA_GSRK(w0, w1, 109);
+			ARIA_GSRK(rk + 240, w3, w0,  97);
+			ARIA_GSRK(rk + 256, w0, w1, 109);
 		}
 	}
 
@@ -391,51 +387,56 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	t[2] = LoadWord(ARIA_WO(i,2)); t[3] = LoadWord(ARIA_WO(i,3));
 
 	if (m_rounds > 12) {
-		ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE
+		ARIA_KXL rk+= 16; ARIA_FO
+		ARIA_KXL rk+= 16; ARIA_FE
 	}
 
 	if (m_rounds > 14) {
-		ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE
+		ARIA_KXL rk+= 16; ARIA_FO
+		ARIA_KXL rk+= 16; ARIA_FE
 	}
 
-	ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE
-	ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE
-	ARIA_KXL ARIA_FO ARIA_KXL ARIA_FE ARIA_KXL ARIA_FO ARIA_KXL
+	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16; ARIA_FE
+	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16; ARIA_FE
+	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16; ARIA_FE
+	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16; ARIA_FE
+	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16; ARIA_FE
+	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16;
 
 #ifdef IS_LITTLE_ENDIAN
-	o[ 0] = (byte)(X1[ARIA_BRF(t[0],24)]   ) ^ rk[ 3];
-	o[ 1] = (byte)(X2[ARIA_BRF(t[0],16)]>>8) ^ rk[ 2];
-	o[ 2] = (byte)(S1[ARIA_BRF(t[0], 8)]   ) ^ rk[ 1];
-	o[ 3] = (byte)(S2[ARIA_BRF(t[0], 0)]   ) ^ rk[ 0];
-	o[ 4] = (byte)(X1[ARIA_BRF(t[1],24)]   ) ^ rk[ 7];
-	o[ 5] = (byte)(X2[ARIA_BRF(t[1],16)]>>8) ^ rk[ 6];
-	o[ 6] = (byte)(S1[ARIA_BRF(t[1], 8)]   ) ^ rk[ 5];
-	o[ 7] = (byte)(S2[ARIA_BRF(t[1], 0)]   ) ^ rk[ 4];
-	o[ 8] = (byte)(X1[ARIA_BRF(t[2],24)]   ) ^ rk[11];
-	o[ 9] = (byte)(X2[ARIA_BRF(t[2],16)]>>8) ^ rk[10];
-	o[10] = (byte)(S1[ARIA_BRF(t[2], 8)]   ) ^ rk[ 9];
-	o[11] = (byte)(S2[ARIA_BRF(t[2], 0)]   ) ^ rk[ 8];
-	o[12] = (byte)(X1[ARIA_BRF(t[3],24)]   ) ^ rk[15];
-	o[13] = (byte)(X2[ARIA_BRF(t[3],16)]>>8) ^ rk[14];
-	o[14] = (byte)(S1[ARIA_BRF(t[3], 8)]   ) ^ rk[13];
-	o[15] = (byte)(S2[ARIA_BRF(t[3], 0)]   ) ^ rk[12];
+	o[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   ) ^ rk[ 3];
+	o[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8) ^ rk[ 2];
+	o[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   ) ^ rk[ 1];
+	o[ 3] = (byte)(S2[ARIA_BRF(t[0],0)]   ) ^ rk[ 0];
+	o[ 4] = (byte)(X1[ARIA_BRF(t[1],3)]   ) ^ rk[ 7];
+	o[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8) ^ rk[ 6];
+	o[ 6] = (byte)(S1[ARIA_BRF(t[1],1)]   ) ^ rk[ 5];
+	o[ 7] = (byte)(S2[ARIA_BRF(t[1],0)]   ) ^ rk[ 4];
+	o[ 8] = (byte)(X1[ARIA_BRF(t[2],3)]   ) ^ rk[11];
+	o[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8) ^ rk[10];
+	o[10] = (byte)(S1[ARIA_BRF(t[2],1)]   ) ^ rk[ 9];
+	o[11] = (byte)(S2[ARIA_BRF(t[2],0)]   ) ^ rk[ 8];
+	o[12] = (byte)(X1[ARIA_BRF(t[3],3)]   ) ^ rk[15];
+	o[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8) ^ rk[14];
+	o[14] = (byte)(S1[ARIA_BRF(t[3],1)]   ) ^ rk[13];
+	o[15] = (byte)(S2[ARIA_BRF(t[3],0)]   ) ^ rk[12];
 #else
-	o[ 0] = (byte)(X1[ARIA_BRF(t[0],24)]   );
-	o[ 1] = (byte)(X2[ARIA_BRF(t[0],16)]>>8);
-	o[ 2] = (byte)(S1[ARIA_BRF(t[0], 8)]   );
-	o[ 3] = (byte)(S2[ARIA_BRF(t[0], 0)]   );
-	o[ 4] = (byte)(X1[ARIA_BRF(t[1],24)]   );
-	o[ 5] = (byte)(X2[ARIA_BRF(t[1],16)]>>8);
-	o[ 6] = (byte)(S1[ARIA_BRF(t[1], 8)]   );
-	o[ 7] = (byte)(S2[ARIA_BRF(t[1], 0)]   );
-	o[ 8] = (byte)(X1[ARIA_BRF(t[2],24)]   );
-	o[ 9] = (byte)(X2[ARIA_BRF(t[2],16)]>>8);
-	o[10] = (byte)(S1[ARIA_BRF(t[2], 8)]   );
-	o[11] = (byte)(S2[ARIA_BRF(t[2], 0)]   );
-	o[12] = (byte)(X1[ARIA_BRF(t[3],24)]   );
-	o[13] = (byte)(X2[ARIA_BRF(t[3],16)]>>8);
-	o[14] = (byte)(S1[ARIA_BRF(t[3], 8)]   );
-	o[15] = (byte)(S2[ARIA_BRF(t[3], 0)]   );
+	o[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   );
+	o[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8);
+	o[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   );
+	o[ 3] = (byte)(S2[ARIA_BRF(t[0],0)]   );
+	o[ 4] = (byte)(X1[ARIA_BRF(t[1],3)]   );
+	o[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8);
+	o[ 6] = (byte)(S1[ARIA_BRF(t[1],1)]   );
+	o[ 7] = (byte)(S2[ARIA_BRF(t[1],0)]   );
+	o[ 8] = (byte)(X1[ARIA_BRF(t[2],3)]   );
+	o[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8);
+	o[10] = (byte)(S1[ARIA_BRF(t[2],1)]   );
+	o[11] = (byte)(S2[ARIA_BRF(t[2],0)]   );
+	o[12] = (byte)(X1[ARIA_BRF(t[3],3)]   );
+	o[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8);
+	o[14] = (byte)(S1[ARIA_BRF(t[3],1)]   );
+	o[15] = (byte)(S2[ARIA_BRF(t[3],0)]   );
 	ARIA_WO(o,0)^=ARIA_WO(rk,0); ARIA_WO(o,1)^=ARIA_WO(rk,1);
 	ARIA_WO(o,2)^=ARIA_WO(rk,2); ARIA_WO(o,3)^=ARIA_WO(rk,3);
 #endif

From af561758dfbd96c373ae3e4539516031f1b7055c Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 11 Apr 2017 20:47:54 -0400
Subject: [PATCH 015/200] Rework ARIA_GSRK to have MSVC generate "rotate imm"
 rather than "rot reg" The immediate version of rotate can be 4 to 6 times
 faster than the register version

---
 aria.cpp | 112 +++++++++++++++++++++++++++++++------------------------
 1 file changed, 64 insertions(+), 48 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index fabc7ae6..a2629320 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -171,9 +171,7 @@ ANONYMOUS_NAMESPACE_END
 
 NAMESPACE_BEGIN(CryptoPP)
 
-#define ARIA_WO(X,Y) (((word32 *)(X))[Y])
-
-inline byte ARIA_BRF(const word32 x, int y) {
+inline byte ARIA_BRF(const word32 x, const int y) {
 	return GETBYTE(x, y);
 }
 
@@ -181,13 +179,28 @@ inline word32 ReverseWord(const word32 w) {
 	return ByteReverse(w);
 }
 
-inline word32 LoadWord(const word32 x) {
-	return ConditionalByteReverse(BIG_ENDIAN_ORDER, x);
+// Retireve the i-th word, optionally in Big Endian
+template <bool big_endian>
+inline word32 LoadWord(const word32 x[4], const unsigned int i) {
+	if (big_endian)
+		return ConditionalByteReverse(BIG_ENDIAN_ORDER, x[i]);
+	else
+		return x[i];
+}
+
+// Reinterpret x as a word32[], and retireve the i-th word, optionally in Big Endian
+template <bool big_endian>
+inline word32 LoadWord(const byte x[16], const unsigned int i) {
+	if (big_endian)
+		return ConditionalByteReverse(BIG_ENDIAN_ORDER, reinterpret_cast<const word32*>(x)[i]);
+	else
+		return reinterpret_cast<const word32*>(x)[i];
 }
 
 // Key XOR Layer
 #define ARIA_KXL {  \
-    t[0]^=ARIA_WO(rk,0); t[1]^=ARIA_WO(rk,1); t[2]^=ARIA_WO(rk,2); t[3]^=ARIA_WO(rk,3);  \
+    t[0]^=LoadWord<false>(rk,0); t[1]^=LoadWord<false>(rk,1);  \
+	t[2]^=LoadWord<false>(rk,2); t[3]^=LoadWord<false>(rk,3);  \
   }
 
 // S-Box Layer 1 + M
@@ -217,19 +230,6 @@ inline word32 LoadWord(const word32 x) {
     (T3) = ReverseWord((T3));                                  \
   }
 
-#define ARIA_FO {SBL1_M(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3])}
-#define ARIA_FE {SBL2_M(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[2],t[3],t[0],t[1]) ARIA_MM(t[0],t[1],t[2],t[3])}
-
-// n-bit right shift of Y XORed to X
-#define ARIA_GSRK(RK, X, Y, n) { \
-    q = 4-((n)/32);          \
-    r = (n) % 32;            \
-    ARIA_WO((RK),0) = ((X)[0]) ^ (((Y)[(q  )%4])>>r) ^ (((Y)[(q+3)%4])<<(32-r));  \
-    ARIA_WO((RK),1) = ((X)[1]) ^ (((Y)[(q+1)%4])>>r) ^ (((Y)[(q  )%4])<<(32-r));  \
-    ARIA_WO((RK),2) = ((X)[2]) ^ (((Y)[(q+2)%4])>>r) ^ (((Y)[(q+1)%4])<<(32-r));  \
-    ARIA_WO((RK),3) = ((X)[3]) ^ (((Y)[(q+3)%4])>>r) ^ (((Y)[(q+2)%4])<<(32-r));  \
-  }
-
 #if defined(_MSC_VER)
 #define ARIA_M1(X,Y) {           \
     w=rotrFixed((X), 8);         \
@@ -241,6 +241,22 @@ inline word32 LoadWord(const word32 x) {
   }
 #endif
 
+#define ARIA_FO {SBL1_M(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3])}
+#define ARIA_FE {SBL2_M(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[2],t[3],t[0],t[1]) ARIA_MM(t[0],t[1],t[2],t[3])}
+
+// n-bit right shift of Y XORed to X
+template <unsigned int N>
+inline void ARIA_GSRK(const word32 X[4], const word32 Y[4], byte RK[16])
+{
+	// MSVC is not generating a "rotate immediate". Unroll and constify to help it along.
+    static const unsigned int Q = 4-(N/32);
+    static const unsigned int R = N % 32;
+    reinterpret_cast<word32*>(RK)[0] = (X[0]) ^ ((Y[(Q  )%4])>>R) ^ ((Y[(Q+3)%4])<<(32-R));
+    reinterpret_cast<word32*>(RK)[1] = (X[1]) ^ ((Y[(Q+1)%4])>>R) ^ ((Y[(Q  )%4])<<(32-R));
+    reinterpret_cast<word32*>(RK)[2] = (X[2]) ^ ((Y[(Q+2)%4])>>R) ^ ((Y[(Q+1)%4])<<(32-R));
+    reinterpret_cast<word32*>(RK)[3] = (X[3]) ^ ((Y[(Q+3)%4])>>R) ^ ((Y[(Q+2)%4])<<(32-R));
+  }
+
 void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params)
 {
 	CRYPTOPP_ASSERT(key && keylen);
@@ -275,9 +291,8 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	// w0 has room for 32 bytes. w1-w3 each has room for 16 bytes. t is a 16 byte temp area.
 	word32 *w0 = m_w.data(), *w1 = m_w.data()+8, *w2 = m_w.data()+12, *w3 = m_w.data()+16, *t = m_w.data()+20;
 
-	w0[0] = LoadWord(ARIA_WO(mk,0)); w0[1] = LoadWord(ARIA_WO(mk,1));
-	w0[0] = LoadWord(ARIA_WO(mk,0)); w0[1] = LoadWord(ARIA_WO(mk,1));
-	w0[2] = LoadWord(ARIA_WO(mk,2)); w0[3] = LoadWord(ARIA_WO(mk,3));
+	w0[0] = LoadWord<true>(mk,0); w0[1] = LoadWord<true>(mk,1);
+	w0[2] = LoadWord<true>(mk,2); w0[3] = LoadWord<true>(mk,3);
 
 	t[0]=w0[0]^KRK[q][0]; t[1]=w0[1]^KRK[q][1];
 	t[2]=w0[2]^KRK[q][2]; t[3]=w0[3]^KRK[q][3];
@@ -285,13 +300,13 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 
 	if (keyBits > 128)
 	{
-		w1[0] = LoadWord(ARIA_WO(mk,4));
-		w1[1] = LoadWord(ARIA_WO(mk,5));
+		w1[0] = LoadWord<true>(mk,4);
+		w1[1] = LoadWord<true>(mk,5);
 
 		if (keyBits > 192)
 		{
-			w1[2] = LoadWord(ARIA_WO(mk,6));
-			w1[3] = LoadWord(ARIA_WO(mk,7));
+			w1[2] = LoadWord<true>(mk,6);
+			w1[3] = LoadWord<true>(mk,7);
 		}
 		else
 		{
@@ -317,29 +332,29 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	ARIA_FO;
 	w3[0]=t[0]^w1[0]; w3[1]=t[1]^w1[1]; w3[2]=t[2]^w1[2]; w3[3]=t[3]^w1[3];
 
-	ARIA_GSRK(rk +   0, w0, w1, 19);
-	ARIA_GSRK(rk +  16, w1, w2, 19);
-	ARIA_GSRK(rk +  32, w2, w3, 19);
-	ARIA_GSRK(rk +  48, w3, w0, 19);
-	ARIA_GSRK(rk +  64, w0, w1, 31);
-	ARIA_GSRK(rk +  80, w1, w2, 31);
-	ARIA_GSRK(rk +  96, w2, w3, 31);
-	ARIA_GSRK(rk + 112, w3, w0, 31);
-	ARIA_GSRK(rk + 128, w0, w1, 67);
-	ARIA_GSRK(rk + 144, w1, w2, 67);
-	ARIA_GSRK(rk + 160, w2, w3, 67);
-	ARIA_GSRK(rk + 176, w3, w0, 67);
-	ARIA_GSRK(rk + 192, w0, w1, 97);
+	ARIA_GSRK<19>(w0, w1, rk +   0);
+	ARIA_GSRK<19>(w1, w2, rk +  16);
+	ARIA_GSRK<19>(w2, w3, rk +  32);
+	ARIA_GSRK<19>(w3, w0, rk +  48);
+	ARIA_GSRK<31>(w0, w1, rk +  64);
+	ARIA_GSRK<31>(w1, w2, rk +  80);
+	ARIA_GSRK<31>(w2, w3, rk +  96);
+	ARIA_GSRK<31>(w3, w0, rk + 112);
+	ARIA_GSRK<67>(w0, w1, rk + 128);
+	ARIA_GSRK<67>(w1, w2, rk + 144);
+	ARIA_GSRK<67>(w2, w3, rk + 160);
+	ARIA_GSRK<67>(w3, w0, rk + 176);
+	ARIA_GSRK<97>(w0, w1, rk + 192);
 
 	if (keyBits > 128)
 	{
-		ARIA_GSRK(rk + 208, w1, w2, 97);
-		ARIA_GSRK(rk + 224, w2, w3, 97);
+		ARIA_GSRK<97>(w1, w2, rk + 208);
+		ARIA_GSRK<97>(w2, w3, rk + 224);
 
 		if (keyBits > 192)
 		{
-			ARIA_GSRK(rk + 240, w3, w0,  97);
-			ARIA_GSRK(rk + 256, w0, w1, 109);
+			ARIA_GSRK< 97>(w3, w0, rk + 240);
+			ARIA_GSRK<109>(w0, w1, rk + 256);
 		}
 	}
 
@@ -383,8 +398,8 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	const byte *rk = reinterpret_cast<const byte*>(m_rk.data());
 	word32 *t = const_cast<word32*>(m_w.data()+20);
 
-	t[0] = LoadWord(ARIA_WO(i,0)); t[1] = LoadWord(ARIA_WO(i,1));
-	t[2] = LoadWord(ARIA_WO(i,2)); t[3] = LoadWord(ARIA_WO(i,3));
+	t[0] = LoadWord<true>(i,0); t[1] = LoadWord<true>(i,1);
+	t[2] = LoadWord<true>(i,2); t[3] = LoadWord<true>(i,3);
 
 	if (m_rounds > 12) {
 		ARIA_KXL rk+= 16; ARIA_FO
@@ -421,6 +436,7 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	o[14] = (byte)(S1[ARIA_BRF(t[3],1)]   ) ^ rk[13];
 	o[15] = (byte)(S2[ARIA_BRF(t[3],0)]   ) ^ rk[12];
 #else
+	#define ARIA_WORD(X,Y) (((word32 *)(X))[Y])
 	o[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   );
 	o[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8);
 	o[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   );
@@ -437,12 +453,12 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	o[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8);
 	o[14] = (byte)(S1[ARIA_BRF(t[3],1)]   );
 	o[15] = (byte)(S2[ARIA_BRF(t[3],0)]   );
-	ARIA_WO(o,0)^=ARIA_WO(rk,0); ARIA_WO(o,1)^=ARIA_WO(rk,1);
-	ARIA_WO(o,2)^=ARIA_WO(rk,2); ARIA_WO(o,3)^=ARIA_WO(rk,3);
+	ARIA_WORD(o,0)^=LoadWord<true>(rk,0); ARIA_WORD(o,1)^=LoadWord<true>(rk,1);
+	ARIA_WORD(o,2)^=LoadWord<true>(rk,2); ARIA_WORD(o,3)^=LoadWord<true>(rk,3);
 #endif
 
 	if (x)
-		for (size_t n=0; n<16; ++n)
+		for (unsigned int n=0; n<16; ++n)
 			o[n] ^= x[n];
 }
 

From f44e705c16265f89264491756677758866e165dc Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 12 Apr 2017 12:15:32 -0400
Subject: [PATCH 016/200] Add NEON intrinsics for ARIA_GSRK_NEON Update
 documentation

---
 aria.cpp | 117 ++++++++++++++++++++++++++++++++++++++++---------------
 aria.h   |  13 ++++++-
 2 files changed, 97 insertions(+), 33 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index a2629320..53b39a9f 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -14,6 +14,8 @@
 #include "misc.h"
 #include "cpu.h"
 
+#include <stdio.h>
+
 ANONYMOUS_NAMESPACE_BEGIN
 
 CRYPTOPP_ALIGN_DATA(16)
@@ -162,9 +164,9 @@ const CryptoPP::word32 X2[256]={
 
 CRYPTOPP_ALIGN_DATA(16)
 const CryptoPP::word32 KRK[3][4] = {
-  {0x517cc1b7, 0x27220a94, 0xfe13abe8, 0xfa9a6ee0},
-  {0x6db14acc, 0x9e21c820, 0xff28b1d5, 0xef5de2b0},
-  {0xdb92371d, 0x2126e970, 0x03249775, 0x04e8c90e}
+	{0x517cc1b7, 0x27220a94, 0xfe13abe8, 0xfa9a6ee0},
+	{0x6db14acc, 0x9e21c820, 0xff28b1d5, 0xef5de2b0},
+	{0xdb92371d, 0x2126e970, 0x03249775, 0x04e8c90e}
 };
 
 ANONYMOUS_NAMESPACE_END
@@ -248,14 +250,34 @@ inline word32 LoadWord(const byte x[16], const unsigned int i) {
 template <unsigned int N>
 inline void ARIA_GSRK(const word32 X[4], const word32 Y[4], byte RK[16])
 {
-	// MSVC is not generating a "rotate immediate". Unroll and constify to help it along.
-    static const unsigned int Q = 4-(N/32);
-    static const unsigned int R = N % 32;
-    reinterpret_cast<word32*>(RK)[0] = (X[0]) ^ ((Y[(Q  )%4])>>R) ^ ((Y[(Q+3)%4])<<(32-R));
-    reinterpret_cast<word32*>(RK)[1] = (X[1]) ^ ((Y[(Q+1)%4])>>R) ^ ((Y[(Q  )%4])<<(32-R));
-    reinterpret_cast<word32*>(RK)[2] = (X[2]) ^ ((Y[(Q+2)%4])>>R) ^ ((Y[(Q+1)%4])<<(32-R));
-    reinterpret_cast<word32*>(RK)[3] = (X[3]) ^ ((Y[(Q+3)%4])>>R) ^ ((Y[(Q+2)%4])<<(32-R));
-  }
+	// MSVC is not generating a "rotate immediate". Constify to help it along.
+	static const unsigned int Q = 4-(N/32);
+	static const unsigned int R = N % 32;
+	reinterpret_cast<word32*>(RK)[0] = (X[0]) ^ ((Y[(Q  )%4])>>R) ^ ((Y[(Q+3)%4])<<(32-R));
+	reinterpret_cast<word32*>(RK)[1] = (X[1]) ^ ((Y[(Q+1)%4])>>R) ^ ((Y[(Q  )%4])<<(32-R));
+	reinterpret_cast<word32*>(RK)[2] = (X[2]) ^ ((Y[(Q+2)%4])>>R) ^ ((Y[(Q+1)%4])<<(32-R));
+	reinterpret_cast<word32*>(RK)[3] = (X[3]) ^ ((Y[(Q+3)%4])>>R) ^ ((Y[(Q+2)%4])<<(32-R));
+}
+
+#if CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE
+template <unsigned int N>
+inline void ARIA_GSRK_NEON(const word32 X[4], const word32 Y[4], byte RK[16])
+{
+	static const unsigned int Q1 = (4-(N/32)) % 4;
+	static const unsigned int Q2 = (3-(N/32)) % 4;
+	static const unsigned int R = N % 32;
+
+	const uint32x4_t a = vld1q_u32((const uint32_t*)X);
+	const uint32x4_t t = vld1q_u32((const uint32_t*)Y);
+	const uint32x4_t b = vextq_u32(t, t, Q1);
+	const uint32x4_t c = vextq_u32(t, t, Q2);
+
+	vst1q_u32(reinterpret_cast<word32*>(RK),
+		veorq_u32(a, veorq_u32(
+			vshrq_n_u32(b, R),
+			vshlq_n_u32(c, 32-R))));
+}
+#endif
 
 void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params)
 {
@@ -332,29 +354,62 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	ARIA_FO;
 	w3[0]=t[0]^w1[0]; w3[1]=t[1]^w1[1]; w3[2]=t[2]^w1[2]; w3[3]=t[3]^w1[3];
 
-	ARIA_GSRK<19>(w0, w1, rk +   0);
-	ARIA_GSRK<19>(w1, w2, rk +  16);
-	ARIA_GSRK<19>(w2, w3, rk +  32);
-	ARIA_GSRK<19>(w3, w0, rk +  48);
-	ARIA_GSRK<31>(w0, w1, rk +  64);
-	ARIA_GSRK<31>(w1, w2, rk +  80);
-	ARIA_GSRK<31>(w2, w3, rk +  96);
-	ARIA_GSRK<31>(w3, w0, rk + 112);
-	ARIA_GSRK<67>(w0, w1, rk + 128);
-	ARIA_GSRK<67>(w1, w2, rk + 144);
-	ARIA_GSRK<67>(w2, w3, rk + 160);
-	ARIA_GSRK<67>(w3, w0, rk + 176);
-	ARIA_GSRK<97>(w0, w1, rk + 192);
-
-	if (keyBits > 128)
+#if CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE
+	if (HasNEON())
 	{
-		ARIA_GSRK<97>(w1, w2, rk + 208);
-		ARIA_GSRK<97>(w2, w3, rk + 224);
+		ARIA_GSRK_NEON<19>(w0, w1, rk +   0);
+		ARIA_GSRK_NEON<19>(w1, w2, rk +  16);
+		ARIA_GSRK_NEON<19>(w2, w3, rk +  32);
+		ARIA_GSRK_NEON<19>(w3, w0, rk +  48);
+		ARIA_GSRK_NEON<31>(w0, w1, rk +  64);
+		ARIA_GSRK_NEON<31>(w1, w2, rk +  80);
+		ARIA_GSRK_NEON<31>(w2, w3, rk +  96);
+		ARIA_GSRK_NEON<31>(w3, w0, rk + 112);
+		ARIA_GSRK_NEON<67>(w0, w1, rk + 128);
+		ARIA_GSRK_NEON<67>(w1, w2, rk + 144);
+		ARIA_GSRK_NEON<67>(w2, w3, rk + 160);
+		ARIA_GSRK_NEON<67>(w3, w0, rk + 176);
+		ARIA_GSRK_NEON<97>(w0, w1, rk + 192);
 
-		if (keyBits > 192)
+		if (keyBits > 128)
 		{
-			ARIA_GSRK< 97>(w3, w0, rk + 240);
-			ARIA_GSRK<109>(w0, w1, rk + 256);
+			ARIA_GSRK_NEON<97>(w1, w2, rk + 208);
+			ARIA_GSRK_NEON<97>(w2, w3, rk + 224);
+
+			if (keyBits > 192)
+			{
+				ARIA_GSRK_NEON< 97>(w3, w0, rk + 240);
+				ARIA_GSRK_NEON<109>(w0, w1, rk + 256);
+			}
+		}
+	}
+	else
+#endif
+	{
+		ARIA_GSRK<19>(w0, w1, rk +   0);
+		ARIA_GSRK<19>(w1, w2, rk +  16);
+		ARIA_GSRK<19>(w2, w3, rk +  32);
+		ARIA_GSRK<19>(w3, w0, rk +  48);
+		ARIA_GSRK<31>(w0, w1, rk +  64);
+		ARIA_GSRK<31>(w1, w2, rk +  80);
+		ARIA_GSRK<31>(w2, w3, rk +  96);
+		ARIA_GSRK<31>(w3, w0, rk + 112);
+		ARIA_GSRK<67>(w0, w1, rk + 128);
+		ARIA_GSRK<67>(w1, w2, rk + 144);
+		ARIA_GSRK<67>(w2, w3, rk + 160);
+		ARIA_GSRK<67>(w3, w0, rk + 176);
+		ARIA_GSRK<97>(w0, w1, rk + 192);
+
+		if (keyBits > 128)
+		{
+			ARIA_GSRK<97>(w1, w2, rk + 208);
+			ARIA_GSRK<97>(w2, w3, rk + 224);
+
+			if (keyBits > 192)
+			{
+				ARIA_GSRK< 97>(w3, w0, rk + 240);
+				ARIA_GSRK<109>(w0, w1, rk + 256);
+			}
 		}
 	}
 
diff --git a/aria.h b/aria.h
index 3c81e24f..434998ae 100644
--- a/aria.h
+++ b/aria.h
@@ -4,8 +4,8 @@
 //! \brief Classes for the ARIA block cipher
 //! \details The Crypto++ ARIA implementation is based on the 32-bit implementation by Aaram Yun
 //!   from the National Security Research Institute, KOREA. Aaram Yun's implementation is based on
-//!   the 8-bit implementation provided by Jin Hong. The source files are available in ARIA.zip
-//!   from the Korea Internet & Security Agency website.
+//!   the 8-bit implementation by Jin Hong. The source files are available in ARIA.zip from the Korea
+//!   Internet & Security Agency website.
 //! \sa <A HREF="http://tools.ietf.org/html/rfc5794">RFC 5794, A Description of the ARIA Encryption Algorithm</A>,
 //!   <A HREF="http://seed.kisa.or.kr/iwt/ko/bbs/EgovReferenceList.do?bbsId=BBSMSTR_000000000002">Korea
 //!   Internet & Security Agency homepage</A>
@@ -21,6 +21,7 @@ NAMESPACE_BEGIN(CryptoPP)
 
 //! \class ARIA_Info
 //! \brief ARIA block cipher information
+//! \since Crypto++ 6.0
 struct ARIA_Info : public FixedBlockSize<16>, public VariableKeyLength<16, 16, 32, 8>
 {
 	CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() {return "ARIA";}
@@ -28,7 +29,15 @@ struct ARIA_Info : public FixedBlockSize<16>, public VariableKeyLength<16, 16, 3
 
 //! \class ARIA
 //! \brief ARIA block cipher
+//! \details The Crypto++ ARIA implementation is based on the 32-bit implementation by Aaram Yun
+//!   from the National Security Research Institute, KOREA. Aaram Yun's implementation is based on
+//!   the 8-bit implementation by Jin Hong. The source files are available in ARIA.zip from the Korea
+//!   Internet & Security Agency website.
+//! \sa <A HREF="http://tools.ietf.org/html/rfc5794">RFC 5794, A Description of the ARIA Encryption Algorithm</A>,
+//!   <A HREF="http://seed.kisa.or.kr/iwt/ko/bbs/EgovReferenceList.do?bbsId=BBSMSTR_000000000002">Korea
+//!   Internet & Security Agency homepage</A>
 //! \sa <a href="http://www.weidai.com/scan-mirror/cs.html#ARIA">ARIA</a>
+//! \since Crypto++ 6.0
 class ARIA : public ARIA_Info, public BlockCipherDocumentation
 {
 public:

From 59767be52e2537bf8460f211f57b4739c9b02dcb Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 12 Apr 2017 23:28:41 -0400
Subject: [PATCH 017/200] Add Intel and ARM intrinsics

Win32 and Win64 benefited from the Intel intrinsics. A32 and Aarch64 benefited from the ARM intrinsics. The intrinsics shaved 150 to 350 cycles from key setup.

The intrinsics slowed modern GCC down a small bit, and did not appear to affect old GCC. As such, Intel intrinsics were only enabled for Microsoft compilers.

We were not able to improve encryption and decryption. In fact, some of the attempted macro conversions and intrinsics attempts slowed things down considerably. For example, GCC 5.4 on x86_64 went from 120 MB/s to about 70 MB/s when we tried to improve code around the Key XOR Layer (ARIA_KXL).
---
 aria.cpp | 268 +++++++++++++++++++++++++++++++++++++++----------------
 config.h |   8 +-
 2 files changed, 196 insertions(+), 80 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index 53b39a9f..764cfea7 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -14,7 +14,11 @@
 #include "misc.h"
 #include "cpu.h"
 
-#include <stdio.h>
+// Enable SSE intrinsics for Visual Studio. It reduces key schedule setup by 150
+// to 200 cycles. GCC does fine on its own, and it slows things down a small bit.
+#if CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE && _MSC_VER
+# define CRYPTOPP_ENABLE_ARIA_INTRINSICS 1
+#endif
 
 ANONYMOUS_NAMESPACE_BEGIN
 
@@ -313,46 +317,148 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	// w0 has room for 32 bytes. w1-w3 each has room for 16 bytes. t is a 16 byte temp area.
 	word32 *w0 = m_w.data(), *w1 = m_w.data()+8, *w2 = m_w.data()+12, *w3 = m_w.data()+16, *t = m_w.data()+20;
 
-	w0[0] = LoadWord<true>(mk,0); w0[1] = LoadWord<true>(mk,1);
-	w0[2] = LoadWord<true>(mk,2); w0[3] = LoadWord<true>(mk,3);
+#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	if (HasSSSE3())
+	{
+		// 7 SSE instructions
+		const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
+		const __m128i w = _mm_shuffle_epi8(_mm_load_si128((const __m128i*)mk), m);
+		_mm_store_si128((__m128i*)w0, w);
 
-	t[0]=w0[0]^KRK[q][0]; t[1]=w0[1]^KRK[q][1];
-	t[2]=w0[2]^KRK[q][2]; t[3]=w0[3]^KRK[q][3];
+		_mm_store_si128((__m128i*)t, _mm_xor_si128(w,
+				_mm_load_si128((const __m128i*)KRK[q])));
+	}
+	else
+#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	{
+		// 27 integer instructions
+		w0[0] = LoadWord<true>(mk,0); w0[1] = LoadWord<true>(mk,1);
+		w0[2] = LoadWord<true>(mk,2); w0[3] = LoadWord<true>(mk,3);
+
+		t[0]=w0[0]^KRK[q][0]; t[1]=w0[1]^KRK[q][1];
+		t[2]=w0[2]^KRK[q][2]; t[3]=w0[3]^KRK[q][3];
+	}
+
+	// 24 integer instructions
 	ARIA_FO;
 
-	if (keyBits > 128)
+	if (keyBits == 256)
 	{
-		w1[0] = LoadWord<true>(mk,4);
-		w1[1] = LoadWord<true>(mk,5);
-
-		if (keyBits > 192)
+#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+		if (HasSSSE3())
 		{
+			// 3 SSE instructions
+			const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
+			_mm_store_si128(reinterpret_cast<__m128i*>(w1),
+				_mm_shuffle_epi8(_mm_load_si128((const __m128i*)(mk+16)), m));
+		}
+#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+		{
+			// 14 integer instructions
+			w1[0] = LoadWord<true>(mk,4);
+			w1[1] = LoadWord<true>(mk,5);
 			w1[2] = LoadWord<true>(mk,6);
 			w1[3] = LoadWord<true>(mk,7);
 		}
-		else
-		{
-			w1[2]=w1[3]=0;
-		}
+	}
+	else if (keyBits == 192)
+	{
+		w1[0] = LoadWord<true>(mk,4);
+		w1[1] = LoadWord<true>(mk,5);
+		w1[2] = w1[3] = 0;
 	}
 	else
 	{
-		w1[0]=w1[1]=w1[2]=w1[3]=0;
+#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE
+		if (HasSSE2())
+		{
+			_mm_store_si128(reinterpret_cast<__m128i*>(w1), _mm_setzero_si128());
+		}
+		else
+#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+		{
+			w1[0]=w1[1]=w1[2]=w1[3]=0;
+		}
 	}
 
-	w1[0]^=t[0]; w1[1]^=t[1]; w1[2]^=t[2]; w1[3]^=t[3];
-	t[0]=w1[0];  t[1]=w1[1];  t[2]=w1[2];  t[3]=w1[3];
+#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	if (HasSSSE3())
+	{
+		// 4 integer, 7 SSE instructions
+		const __m128i x = _mm_xor_si128(
+			_mm_load_si128((const __m128i*)(w1)),
+			_mm_load_si128((const __m128i*)(t)));
+
+		_mm_store_si128((__m128i*)(w1), x);
+		_mm_store_si128((__m128i*)(t), x);
+
+		q = (q==2) ? 0 : (q+1);
+		const __m128i y = _mm_xor_si128(
+			_mm_load_si128((const __m128i*)(t)),
+			_mm_load_si128((const __m128i*)(KRK[q])));
+
+		_mm_store_si128((__m128i*)(t), y);
+	}
+	else
+#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	{
+		// 23 integer instructions
+		w1[0]^=t[0]; w1[1]^=t[1]; w1[2]^=t[2]; w1[3]^=t[3];
+		t[0]=w1[0];  t[1]=w1[1];  t[2]=w1[2];  t[3]=w1[3];
+
+		q = (q==2) ? 0 : (q+1);
+		t[0]^=KRK[q][0]; t[1]^=KRK[q][1]; t[2]^=KRK[q][2]; t[3]^=KRK[q][3];
+	}
 
-	q = (q==2) ? 0 : (q+1);
-	t[0]^=KRK[q][0]; t[1]^=KRK[q][1]; t[2]^=KRK[q][2]; t[3]^=KRK[q][3];
 	ARIA_FE;
-	t[0]^=w0[0]; t[1]^=w0[1]; t[2]^=w0[2]; t[3]^=w0[3];
-	w2[0]=t[0]; w2[1]=t[1]; w2[2]=t[2]; w2[3]=t[3];
 
-	q = (q==2) ? 0 : (q+1);
-	t[0]^=KRK[q][0]; t[1]^=KRK[q][1]; t[2]^=KRK[q][2]; t[3]^=KRK[q][3];
+#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	if (HasSSSE3())
+	{
+		// 4 integer, 7 SSE instructions
+		const __m128i x = _mm_xor_si128(
+			_mm_load_si128((const __m128i*)(w0)),
+			_mm_load_si128((const __m128i*)(t)));
+
+		_mm_store_si128((__m128i*)(w2), x);
+		_mm_store_si128((__m128i*)(t), x);
+
+		q = (q==2) ? 0 : (q+1);
+		const __m128i y = _mm_xor_si128(
+			_mm_load_si128((const __m128i*)(t)),
+			_mm_load_si128((const __m128i*)(KRK[q])));
+
+		_mm_store_si128((__m128i*)(t), y);
+	}
+	else
+#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	{
+		// 23 integer instructions
+		t[0]^=w0[0]; t[1]^=w0[1]; t[2]^=w0[2]; t[3]^=w0[3];
+		w2[0]=t[0]; w2[1]=t[1]; w2[2]=t[2]; w2[3]=t[3];
+
+		q = (q==2) ? 0 : (q+1);
+		t[0]^=KRK[q][0]; t[1]^=KRK[q][1]; t[2]^=KRK[q][2]; t[3]^=KRK[q][3];
+	}
+
 	ARIA_FO;
-	w3[0]=t[0]^w1[0]; w3[1]=t[1]^w1[1]; w3[2]=t[2]^w1[2]; w3[3]=t[3]^w1[3];
+
+#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	if (HasSSSE3())
+	{
+		// 3 SSE instructions
+		const __m128i x = _mm_xor_si128(
+			_mm_load_si128((const __m128i*)(w1)),
+			_mm_load_si128((const __m128i*)(t)));
+
+		_mm_store_si128((__m128i*)(w3), x);
+	}
+	else
+#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	{
+		// 14 integer instructions
+		w3[0]=t[0]^w1[0]; w3[1]=t[1]^w1[1]; w3[2]=t[2]^w1[2]; w3[3]=t[3]^w1[3];
+	}
 
 #if CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE
 	if (HasNEON())
@@ -384,7 +490,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		}
 	}
 	else
-#endif
+#endif  // CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE
 	{
 		ARIA_GSRK<19>(w0, w1, rk +   0);
 		ARIA_GSRK<19>(w1, w2, rk +  16);
@@ -423,6 +529,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		rk = m_rk.data();
 		r = R; q = Q;
 
+		// 32 integer intructions
 		a=reinterpret_cast<word32*>(rk);  z=a+r*4;
 		t[0]=a[0]; t[1]=a[1]; t[2]=a[2]; t[3]=a[3];
 		a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
@@ -432,89 +539,92 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		for (; a<z; a+=4, z-=4)
 		{
 			ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
-			ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3])
+			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
 			s0=t[0]; s1=t[1]; s2=t[2]; s3=t[3];
 			ARIA_M1(z[0],t[0]); ARIA_M1(z[1],t[1]); ARIA_M1(z[2],t[2]); ARIA_M1(z[3],t[3]);
-			ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3])
+			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
 			a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
 			z[0]=s0; z[1]=s1; z[2]=s2; z[3]=s3;
 		}
 		ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
-		ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3])
+		ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
 		z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
 	}
 }
 
 void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
-	const byte *i=inBlock, *x=xorBlock;
-	byte *o = outBlock;
-
 	const byte *rk = reinterpret_cast<const byte*>(m_rk.data());
 	word32 *t = const_cast<word32*>(m_w.data()+20);
 
-	t[0] = LoadWord<true>(i,0); t[1] = LoadWord<true>(i,1);
-	t[2] = LoadWord<true>(i,2); t[3] = LoadWord<true>(i,3);
+	// Visual Studio is generating bad code within the SSSE3 code block. It is
+	//   providing a NULL pointer or a pointer set to a constant like 0x1000.
+	//   It looks like some leftover garbage in the XMM register rather than
+	//   the pointer loaded into the integer register for the non-SSE code path.
+	t[0] = LoadWord<true>(inBlock,0); t[1] = LoadWord<true>(inBlock,1);
+	t[2] = LoadWord<true>(inBlock,2); t[3] = LoadWord<true>(inBlock,3);
 
 	if (m_rounds > 12) {
-		ARIA_KXL rk+= 16; ARIA_FO
-		ARIA_KXL rk+= 16; ARIA_FE
+		ARIA_KXL; rk+= 16; ARIA_FO;
+		ARIA_KXL; rk+= 16; ARIA_FE;
 	}
 
 	if (m_rounds > 14) {
-		ARIA_KXL rk+= 16; ARIA_FO
-		ARIA_KXL rk+= 16; ARIA_FE
+		ARIA_KXL; rk+= 16; ARIA_FO;
+		ARIA_KXL; rk+= 16; ARIA_FE;
 	}
 
-	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16; ARIA_FE
-	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16; ARIA_FE
-	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16; ARIA_FE
-	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16; ARIA_FE
-	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16; ARIA_FE
-	ARIA_KXL rk+= 16; ARIA_FO ARIA_KXL rk+= 16;
+	ARIA_KXL; rk+= 16; ARIA_FO; ARIA_KXL; rk+= 16; ARIA_FE;
+	ARIA_KXL; rk+= 16; ARIA_FO; ARIA_KXL; rk+= 16; ARIA_FE;
+	ARIA_KXL; rk+= 16; ARIA_FO; ARIA_KXL; rk+= 16; ARIA_FE;
+	ARIA_KXL; rk+= 16; ARIA_FO; ARIA_KXL; rk+= 16; ARIA_FE;
+	ARIA_KXL; rk+= 16; ARIA_FO; ARIA_KXL; rk+= 16; ARIA_FE;
+	ARIA_KXL; rk+= 16; ARIA_FO; ARIA_KXL; rk+= 16;
 
 #ifdef IS_LITTLE_ENDIAN
-	o[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   ) ^ rk[ 3];
-	o[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8) ^ rk[ 2];
-	o[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   ) ^ rk[ 1];
-	o[ 3] = (byte)(S2[ARIA_BRF(t[0],0)]   ) ^ rk[ 0];
-	o[ 4] = (byte)(X1[ARIA_BRF(t[1],3)]   ) ^ rk[ 7];
-	o[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8) ^ rk[ 6];
-	o[ 6] = (byte)(S1[ARIA_BRF(t[1],1)]   ) ^ rk[ 5];
-	o[ 7] = (byte)(S2[ARIA_BRF(t[1],0)]   ) ^ rk[ 4];
-	o[ 8] = (byte)(X1[ARIA_BRF(t[2],3)]   ) ^ rk[11];
-	o[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8) ^ rk[10];
-	o[10] = (byte)(S1[ARIA_BRF(t[2],1)]   ) ^ rk[ 9];
-	o[11] = (byte)(S2[ARIA_BRF(t[2],0)]   ) ^ rk[ 8];
-	o[12] = (byte)(X1[ARIA_BRF(t[3],3)]   ) ^ rk[15];
-	o[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8) ^ rk[14];
-	o[14] = (byte)(S1[ARIA_BRF(t[3],1)]   ) ^ rk[13];
-	o[15] = (byte)(S2[ARIA_BRF(t[3],0)]   ) ^ rk[12];
+	outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   ) ^ rk[ 3];
+	outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8) ^ rk[ 2];
+	outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   ) ^ rk[ 1];
+	outBlock[ 3] = (byte)(S2[ARIA_BRF(t[0],0)]   ) ^ rk[ 0];
+	outBlock[ 4] = (byte)(X1[ARIA_BRF(t[1],3)]   ) ^ rk[ 7];
+	outBlock[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8) ^ rk[ 6];
+	outBlock[ 6] = (byte)(S1[ARIA_BRF(t[1],1)]   ) ^ rk[ 5];
+	outBlock[ 7] = (byte)(S2[ARIA_BRF(t[1],0)]   ) ^ rk[ 4];
+	outBlock[ 8] = (byte)(X1[ARIA_BRF(t[2],3)]   ) ^ rk[11];
+	outBlock[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8) ^ rk[10];
+	outBlock[10] = (byte)(S1[ARIA_BRF(t[2],1)]   ) ^ rk[ 9];
+	outBlock[11] = (byte)(S2[ARIA_BRF(t[2],0)]   ) ^ rk[ 8];
+	outBlock[12] = (byte)(X1[ARIA_BRF(t[3],3)]   ) ^ rk[15];
+	outBlock[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8) ^ rk[14];
+	outBlock[14] = (byte)(S1[ARIA_BRF(t[3],1)]   ) ^ rk[13];
+	outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)]   ) ^ rk[12];
 #else
 	#define ARIA_WORD(X,Y) (((word32 *)(X))[Y])
-	o[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   );
-	o[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8);
-	o[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   );
-	o[ 3] = (byte)(S2[ARIA_BRF(t[0],0)]   );
-	o[ 4] = (byte)(X1[ARIA_BRF(t[1],3)]   );
-	o[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8);
-	o[ 6] = (byte)(S1[ARIA_BRF(t[1],1)]   );
-	o[ 7] = (byte)(S2[ARIA_BRF(t[1],0)]   );
-	o[ 8] = (byte)(X1[ARIA_BRF(t[2],3)]   );
-	o[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8);
-	o[10] = (byte)(S1[ARIA_BRF(t[2],1)]   );
-	o[11] = (byte)(S2[ARIA_BRF(t[2],0)]   );
-	o[12] = (byte)(X1[ARIA_BRF(t[3],3)]   );
-	o[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8);
-	o[14] = (byte)(S1[ARIA_BRF(t[3],1)]   );
-	o[15] = (byte)(S2[ARIA_BRF(t[3],0)]   );
-	ARIA_WORD(o,0)^=LoadWord<true>(rk,0); ARIA_WORD(o,1)^=LoadWord<true>(rk,1);
-	ARIA_WORD(o,2)^=LoadWord<true>(rk,2); ARIA_WORD(o,3)^=LoadWord<true>(rk,3);
+	outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   );
+	outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8);
+	outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   );
+	outBlock[ 3] = (byte)(S2[ARIA_BRF(t[0],0)]   );
+	outBlock[ 4] = (byte)(X1[ARIA_BRF(t[1],3)]   );
+	outBlock[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8);
+	outBlock[ 6] = (byte)(S1[ARIA_BRF(t[1],1)]   );
+	outBlock[ 7] = (byte)(S2[ARIA_BRF(t[1],0)]   );
+	outBlock[ 8] = (byte)(X1[ARIA_BRF(t[2],3)]   );
+	outBlock[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8);
+	outBlock[10] = (byte)(S1[ARIA_BRF(t[2],1)]   );
+	outBlock[11] = (byte)(S2[ARIA_BRF(t[2],0)]   );
+	outBlock[12] = (byte)(X1[ARIA_BRF(t[3],3)]   );
+	outBlock[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8);
+	outBlock[14] = (byte)(S1[ARIA_BRF(t[3],1)]   );
+	outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)]   );
+	ARIA_WORD(outBlock,0)^=LoadWord<true>(rk,0);
+	ARIA_WORD(outBlock,1)^=LoadWord<true>(rk,1);
+	ARIA_WORD(outBlock,2)^=LoadWord<true>(rk,2);
+	ARIA_WORD(outBlock,3)^=LoadWord<true>(rk,3);
 #endif
 
-	if (x)
+	if (xorBlock)
 		for (unsigned int n=0; n<16; ++n)
-			o[n] ^= x[n];
+			outBlock[n] ^= xorBlock[n];
 }
 
 NAMESPACE_END
diff --git a/config.h b/config.h
index 1d96fbd4..3109d56c 100644
--- a/config.h
+++ b/config.h
@@ -402,7 +402,7 @@ NAMESPACE_END
 		#define CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE 0
 	#endif
 
-	#if !defined(CRYPTOPP_DISABLE_SSE3) && (_MSC_VER >= 1500 || (defined(__SSE3__) && defined(__SSSE3__)))
+	#if !defined(CRYPTOPP_DISABLE_SSSE3) && (_MSC_VER >= 1500 || (defined(__SSSE3__) && defined(__SSSE3__)))
 		#define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 1
 	#else
 		#define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 0
@@ -423,6 +423,12 @@ NAMESPACE_END
 	#define CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE 0
 #endif
 
+#if !defined(CRYPTOPP_DISABLE_SSSE3) && (_MSC_VER >= 1500 || defined(__GNUC__) || (defined(__SSSE3__) && defined(__SSSE3__)))
+	#define CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE 1
+#else
+	#define CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE 0
+#endif
+
 // Intrinsics availible in GCC 4.3 (http://gcc.gnu.org/gcc-4.3/changes.html) and
 //   MSVC 2008 (http://msdn.microsoft.com/en-us/library/bb892950%28v=vs.90%29.aspx)
 //   SunCC could generate SSE4 at 12.1, but the intrinsics are missing until 12.4.

From 35f95fb739877791355622d5e730ad5f30145807 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 13 Apr 2017 04:28:02 -0400
Subject: [PATCH 018/200] Fix unaligned pointer crash on Win32 due to
 _mm_load_si128

The SSSE3 intrinsics were performing aligned loads using _mm_load_si128 using user supplied pointers. The pointers are only a byte pointer, so its alignment can drop to 1 or 2. Switching to _mm_loadu_si128 will sidestep potential problems. The crash surfaced under Win32 testing.

Switch to memcpy's when performing bulk assignment x[0]=y[0] ... x[3]=y[3]. I believe Yun used the pattern to promote vectorization. Some compilers appear to be braindead and issue integer move's one word at a time. Non-braindead compiler will still take the optimization when advantageous, and slower compilers will benefit from the bulk move. We also cherry picked vectorization opportunities, like in ARIA_GSRK_NEON.

Remove keyBits variable. We now use UncheckedSetKey's keylen throughout.

Also fix a typo in CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE. __SSSE3__ was listed twice.
---
 aria.cpp | 108 +++++++++++++++++++++++++++++++++++--------------------
 aria.h   |   4 +--
 config.h |   2 +-
 3 files changed, 73 insertions(+), 41 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index 764cfea7..f82126c9 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -14,6 +14,8 @@
 #include "misc.h"
 #include "cpu.h"
 
+#include <iostream>
+
 // Enable SSE intrinsics for Visual Studio. It reduces key schedule setup by 150
 // to 200 cycles. GCC does fine on its own, and it slows things down a small bit.
 #if CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE && _MSC_VER
@@ -206,7 +208,7 @@ inline word32 LoadWord(const byte x[16], const unsigned int i) {
 // Key XOR Layer
 #define ARIA_KXL {  \
     t[0]^=LoadWord<false>(rk,0); t[1]^=LoadWord<false>(rk,1);  \
-	t[2]^=LoadWord<false>(rk,2); t[3]^=LoadWord<false>(rk,3);  \
+    t[2]^=LoadWord<false>(rk,2); t[3]^=LoadWord<false>(rk,3);  \
   }
 
 // S-Box Layer 1 + M
@@ -290,43 +292,40 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 
 	const byte *mk = key;
 	byte *rk = m_rk.data();
-	int keyBits, Q, q, R, r;
+	int Q, q, R, r;
 
 	switch (keylen)
 	{
 	case 16:
 		R = r = m_rounds = 12;
-		keyBits = 128;
 		Q = q = 0;
 		break;
 	case 32:
 		R = r = m_rounds = 16;
-		keyBits = 256;
 		Q = q = 2;
 		break;
 	case 24:
 		R = r = m_rounds = 14;
-		keyBits = 192;
 		Q = q = 1;
 		break;
 	default:
-		Q = q = R = r = keyBits = m_rounds = 0;
+		Q = q = R = r = m_rounds = 0;
 		CRYPTOPP_ASSERT(0);
 	}
 
-	// w0 has room for 32 bytes. w1-w3 each has room for 16 bytes. t is a 16 byte temp area.
+	// w0 has room for 32 bytes. w1-w3 each has room for 16 bytes. t and u are 16 byte temp areas.
 	word32 *w0 = m_w.data(), *w1 = m_w.data()+8, *w2 = m_w.data()+12, *w3 = m_w.data()+16, *t = m_w.data()+20;
 
 #if CRYPTOPP_ENABLE_ARIA_INTRINSICS
 	if (HasSSSE3())
 	{
-		// 7 SSE instructions
+		// 7 SSE instructions. 'mk' may be unaligned.
 		const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
-		const __m128i w = _mm_shuffle_epi8(_mm_load_si128((const __m128i*)mk), m);
+		const __m128i w = _mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(mk)), m);
 		_mm_store_si128((__m128i*)w0, w);
 
 		_mm_store_si128((__m128i*)t, _mm_xor_si128(w,
-				_mm_load_si128((const __m128i*)KRK[q])));
+				_mm_load_si128((const __m128i*)(KRK[q]))));
 	}
 	else
 #endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
@@ -342,15 +341,15 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	// 24 integer instructions
 	ARIA_FO;
 
-	if (keyBits == 256)
+	if (keylen == 32)
 	{
 #if CRYPTOPP_ENABLE_ARIA_INTRINSICS
 		if (HasSSSE3())
 		{
-			// 3 SSE instructions
+			// 3 SSE instructions. 'mk' may be unaligned.
 			const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
 			_mm_store_si128(reinterpret_cast<__m128i*>(w1),
-				_mm_shuffle_epi8(_mm_load_si128((const __m128i*)(mk+16)), m));
+				_mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(mk+16)), m));
 		}
 #endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
 		{
@@ -361,7 +360,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 			w1[3] = LoadWord<true>(mk,7);
 		}
 	}
-	else if (keyBits == 192)
+	else if (keylen == 24)
 	{
 		w1[0] = LoadWord<true>(mk,4);
 		w1[1] = LoadWord<true>(mk,5);
@@ -404,7 +403,8 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	{
 		// 23 integer instructions
 		w1[0]^=t[0]; w1[1]^=t[1]; w1[2]^=t[2]; w1[3]^=t[3];
-		t[0]=w1[0];  t[1]=w1[1];  t[2]=w1[2];  t[3]=w1[3];
+		// t[0]=w1[0];  t[1]=w1[1];  t[2]=w1[2];  t[3]=w1[3];
+		memcpy(t, w1, 16);
 
 		q = (q==2) ? 0 : (q+1);
 		t[0]^=KRK[q][0]; t[1]^=KRK[q][1]; t[2]^=KRK[q][2]; t[3]^=KRK[q][3];
@@ -435,7 +435,8 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	{
 		// 23 integer instructions
 		t[0]^=w0[0]; t[1]^=w0[1]; t[2]^=w0[2]; t[3]^=w0[3];
-		w2[0]=t[0]; w2[1]=t[1]; w2[2]=t[2]; w2[3]=t[3];
+		// w2[0]=t[0]; w2[1]=t[1]; w2[2]=t[2]; w2[3]=t[3];
+		memcpy(w2, t, 16);
 
 		q = (q==2) ? 0 : (q+1);
 		t[0]^=KRK[q][0]; t[1]^=KRK[q][1]; t[2]^=KRK[q][2]; t[3]^=KRK[q][3];
@@ -506,12 +507,12 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		ARIA_GSRK<67>(w3, w0, rk + 176);
 		ARIA_GSRK<97>(w0, w1, rk + 192);
 
-		if (keyBits > 128)
+		if (keylen > 16)
 		{
 			ARIA_GSRK<97>(w1, w2, rk + 208);
 			ARIA_GSRK<97>(w2, w3, rk + 224);
 
-			if (keyBits > 192)
+			if (keylen > 24)
 			{
 				ARIA_GSRK< 97>(w3, w0, rk + 240);
 				ARIA_GSRK<109>(w0, w1, rk + 256);
@@ -522,33 +523,40 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	// Decryption operation
 	if (!IsForwardTransformation())
 	{
-		word32 *a, *z, w;
-		word32 s0, s1, s2, s3;
+		word32 *a, *z, *s, w;
 
 		mk = key;
 		rk = m_rk.data();
 		r = R; q = Q;
 
-		// 32 integer intructions
-		a=reinterpret_cast<word32*>(rk);  z=a+r*4;
-		t[0]=a[0]; t[1]=a[1]; t[2]=a[2]; t[3]=a[3];
-		a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
-		z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
+		// 32 integer intructions. Memcpy is faster
+		a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
+		// t[0]=a[0]; t[1]=a[1]; t[2]=a[2]; t[3]=a[3];
+		// a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
+		// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
+		memcpy(t, a, 16);
+		memcpy(a, z, 16);
+		memcpy(z, t, 16);
 		a+=4; z-=4;
 
 		for (; a<z; a+=4, z-=4)
 		{
 			ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
 			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-			s0=t[0]; s1=t[1]; s2=t[2]; s3=t[3];
+			// s[0]=t[0]; s[1]=t[1]; s[2]=t[2]; s[3]=t[3];
+			memcpy(s, t, 16);
+
 			ARIA_M1(z[0],t[0]); ARIA_M1(z[1],t[1]); ARIA_M1(z[2],t[2]); ARIA_M1(z[3],t[3]);
 			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-			a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
-			z[0]=s0; z[1]=s1; z[2]=s2; z[3]=s3;
+			// a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
+			// z[0]=s[0]; z[1]=s[1]; z[2]=s[2]; z[3]=s[3];
+			memcpy(a, t, 16);
+			memcpy(z, s, 16);
 		}
 		ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
 		ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-		z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
+		// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
+		memcpy(z, t, 16);
 	}
 }
 
@@ -557,12 +565,21 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	const byte *rk = reinterpret_cast<const byte*>(m_rk.data());
 	word32 *t = const_cast<word32*>(m_w.data()+20);
 
-	// Visual Studio is generating bad code within the SSSE3 code block. It is
-	//   providing a NULL pointer or a pointer set to a constant like 0x1000.
-	//   It looks like some leftover garbage in the XMM register rather than
-	//   the pointer loaded into the integer register for the non-SSE code path.
-	t[0] = LoadWord<true>(inBlock,0); t[1] = LoadWord<true>(inBlock,1);
-	t[2] = LoadWord<true>(inBlock,2); t[3] = LoadWord<true>(inBlock,3);
+#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	if (HasSSSE3())
+	{
+		// 3 SSE instructions. 'inBlock' may be unaligned.
+		const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
+		const __m128i w = _mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(inBlock)), m);
+		_mm_store_si128((__m128i*)t, w);
+	}
+	else
+#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	{
+		// 13 integer instructions
+		t[0] = LoadWord<true>(inBlock,0); t[1] = LoadWord<true>(inBlock,1);
+		t[2] = LoadWord<true>(inBlock,2); t[3] = LoadWord<true>(inBlock,3);
+	}
 
 	if (m_rounds > 12) {
 		ARIA_KXL; rk+= 16; ARIA_FO;
@@ -622,9 +639,24 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	ARIA_WORD(outBlock,3)^=LoadWord<true>(rk,3);
 #endif
 
-	if (xorBlock)
-		for (unsigned int n=0; n<16; ++n)
-			outBlock[n] ^= xorBlock[n];
+#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	if (xorBlock != NULLPTR && HasSSSE3())
+	{
+		// 3 SSE instructions
+		_mm_storeu_si128((__m128i*)(outBlock),
+			_mm_xor_si128(
+				// 'outBlock' and 'xorBlock' may be unaligned.
+				_mm_loadu_si128((const __m128i*)(outBlock)),
+				_mm_loadu_si128((const __m128i*)(xorBlock))));
+	}
+	else
+#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	{
+		// 15 integer instructions
+		if (xorBlock)
+			for (unsigned int n=0; n<16; ++n)
+				outBlock[n] ^= xorBlock[n];
+	}
 }
 
 NAMESPACE_END
diff --git a/aria.h b/aria.h
index 434998ae..1102509e 100644
--- a/aria.h
+++ b/aria.h
@@ -48,9 +48,9 @@ public:
 		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 
 	private:
-		// Reference implementation allocates a table for 17 sub-keys
+		// Reference implementation allocates a table of 17 sub-keys.
 		FixedSizeAlignedSecBlock<byte, 16*17> m_rk;  // round keys
-		FixedSizeAlignedSecBlock<word32, 4*6> m_w;   // w0, w1, w2, w3 and t
+		FixedSizeAlignedSecBlock<word32, 4*7> m_w;   // w0, w1, w2, w3, t and u
 		unsigned int m_rounds;
 	};
 
diff --git a/config.h b/config.h
index 3109d56c..9251c92c 100644
--- a/config.h
+++ b/config.h
@@ -402,7 +402,7 @@ NAMESPACE_END
 		#define CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE 0
 	#endif
 
-	#if !defined(CRYPTOPP_DISABLE_SSSE3) && (_MSC_VER >= 1500 || (defined(__SSSE3__) && defined(__SSSE3__)))
+	#if !defined(CRYPTOPP_DISABLE_SSSE3) && (_MSC_VER >= 1500 || (defined(__SSE3__) && defined(__SSSE3__)))
 		#define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 1
 	#else
 		#define CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE 0

From 04908cca4871fc4e58299f0b51be7824393a6d72 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 13 Apr 2017 06:52:56 -0400
Subject: [PATCH 019/200] Improve x86 and x64 ARIA performance The changes were
 meant to improve Windows, but GCC benefited more. Windows gained 0.3 cpb,
 while GCC gained 1.2 cpb

---
 aria.cpp | 137 ++++++++++++++++++++++++++++++++++++-------------------
 1 file changed, 89 insertions(+), 48 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index f82126c9..adc40bba 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -529,16 +529,28 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		rk = m_rk.data();
 		r = R; q = Q;
 
-		// 32 integer intructions. Memcpy is faster
-		a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
-		// t[0]=a[0]; t[1]=a[1]; t[2]=a[2]; t[3]=a[3];
-		// a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
-		// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
-		memcpy(t, a, 16);
-		memcpy(a, z, 16);
-		memcpy(z, t, 16);
-		a+=4; z-=4;
+		// 32 integer intructions. memcpy is faster for some compilers.
+#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+		if (HasSSE2())
+		{
+			// 6 SSE instructions
+			a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
+			_mm_store_si128((__m128i*)t, _mm_load_si128((const __m128i*)a));
+			_mm_store_si128((__m128i*)a, _mm_load_si128((const __m128i*)z));
+			_mm_store_si128((__m128i*)z, _mm_load_si128((const __m128i*)t));
+		}
+		else
+#endif
+		{
+			// 32 integer instructions
+			a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
+			// t[0]=a[0]; t[1]=a[1]; t[2]=a[2]; t[3]=a[3];
+			// a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
+			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
+			memcpy(t, a, 16); memcpy(a, z, 16); memcpy(z, t, 16);
+		}
 
+		a+=4; z-=4;
 		for (; a<z; a+=4, z-=4)
 		{
 			ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
@@ -550,8 +562,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
 			// a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
 			// z[0]=s[0]; z[1]=s[1]; z[2]=s[2]; z[3]=s[3];
-			memcpy(a, t, 16);
-			memcpy(z, s, 16);
+			memcpy(a, t, 16); memcpy(z, s, 16);
 		}
 		ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
 		ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
@@ -570,8 +581,7 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	{
 		// 3 SSE instructions. 'inBlock' may be unaligned.
 		const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
-		const __m128i w = _mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(inBlock)), m);
-		_mm_store_si128((__m128i*)t, w);
+		_mm_store_si128((__m128i*)t, _mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(inBlock)), m));
 	}
 	else
 #endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
@@ -599,24 +609,67 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	ARIA_KXL; rk+= 16; ARIA_FO; ARIA_KXL; rk+= 16;
 
 #ifdef IS_LITTLE_ENDIAN
-	outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   ) ^ rk[ 3];
-	outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8) ^ rk[ 2];
-	outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   ) ^ rk[ 1];
-	outBlock[ 3] = (byte)(S2[ARIA_BRF(t[0],0)]   ) ^ rk[ 0];
-	outBlock[ 4] = (byte)(X1[ARIA_BRF(t[1],3)]   ) ^ rk[ 7];
-	outBlock[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8) ^ rk[ 6];
-	outBlock[ 6] = (byte)(S1[ARIA_BRF(t[1],1)]   ) ^ rk[ 5];
-	outBlock[ 7] = (byte)(S2[ARIA_BRF(t[1],0)]   ) ^ rk[ 4];
-	outBlock[ 8] = (byte)(X1[ARIA_BRF(t[2],3)]   ) ^ rk[11];
-	outBlock[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8) ^ rk[10];
-	outBlock[10] = (byte)(S1[ARIA_BRF(t[2],1)]   ) ^ rk[ 9];
-	outBlock[11] = (byte)(S2[ARIA_BRF(t[2],0)]   ) ^ rk[ 8];
-	outBlock[12] = (byte)(X1[ARIA_BRF(t[3],3)]   ) ^ rk[15];
-	outBlock[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8) ^ rk[14];
-	outBlock[14] = (byte)(S1[ARIA_BRF(t[3],1)]   ) ^ rk[13];
-	outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)]   ) ^ rk[12];
+# if CRYPTOPP_ENABLE_ARIA_INTRINSICS || defined(__SSSE3__)
+	if (HasSSSE3())  // Include GCC and Clang in this code path
+	{
+		// This code path saves about 30 instructions
+		outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   );
+		outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8);
+		outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   );
+		outBlock[ 3] = (byte)(S2[ARIA_BRF(t[0],0)]   );
+		outBlock[ 4] = (byte)(X1[ARIA_BRF(t[1],3)]   );
+		outBlock[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8);
+		outBlock[ 6] = (byte)(S1[ARIA_BRF(t[1],1)]   );
+		outBlock[ 7] = (byte)(S2[ARIA_BRF(t[1],0)]   );
+		outBlock[ 8] = (byte)(X1[ARIA_BRF(t[2],3)]   );
+		outBlock[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8);
+		outBlock[10] = (byte)(S1[ARIA_BRF(t[2],1)]   );
+		outBlock[11] = (byte)(S2[ARIA_BRF(t[2],0)]   );
+		outBlock[12] = (byte)(X1[ARIA_BRF(t[3],3)]   );
+		outBlock[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8);
+		outBlock[14] = (byte)(S1[ARIA_BRF(t[3],1)]   );
+		outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)]   );
+
+		// 4 SSE instructions. 'outBlock' may be unaligned.
+		const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
+		_mm_storeu_si128(reinterpret_cast<__m128i*>(outBlock),
+			_mm_xor_si128(_mm_loadu_si128((const __m128i*)(outBlock)),
+				_mm_shuffle_epi8(_mm_load_si128((const __m128i*)(rk)), m)));
+
+		if (xorBlock != NULLPTR)
+		{
+			// 3 SSE instructions
+			_mm_storeu_si128((__m128i*)(outBlock),
+				_mm_xor_si128(
+					// 'outBlock' and 'xorBlock' may be unaligned.
+					_mm_loadu_si128((const __m128i*)(outBlock)),
+					_mm_loadu_si128((const __m128i*)(xorBlock))));
+		}
+
+		return;
+	}
+	else
+# endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+	{
+		// 13 additional integer instructions
+		outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   ) ^ rk[ 3];
+		outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8) ^ rk[ 2];
+		outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   ) ^ rk[ 1];
+		outBlock[ 3] = (byte)(S2[ARIA_BRF(t[0],0)]   ) ^ rk[ 0];
+		outBlock[ 4] = (byte)(X1[ARIA_BRF(t[1],3)]   ) ^ rk[ 7];
+		outBlock[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8) ^ rk[ 6];
+		outBlock[ 6] = (byte)(S1[ARIA_BRF(t[1],1)]   ) ^ rk[ 5];
+		outBlock[ 7] = (byte)(S2[ARIA_BRF(t[1],0)]   ) ^ rk[ 4];
+		outBlock[ 8] = (byte)(X1[ARIA_BRF(t[2],3)]   ) ^ rk[11];
+		outBlock[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8) ^ rk[10];
+		outBlock[10] = (byte)(S1[ARIA_BRF(t[2],1)]   ) ^ rk[ 9];
+		outBlock[11] = (byte)(S2[ARIA_BRF(t[2],0)]   ) ^ rk[ 8];
+		outBlock[12] = (byte)(X1[ARIA_BRF(t[3],3)]   ) ^ rk[15];
+		outBlock[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8) ^ rk[14];
+		outBlock[14] = (byte)(S1[ARIA_BRF(t[3],1)]   ) ^ rk[13];
+		outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)]   ) ^ rk[12];
+	}
 #else
-	#define ARIA_WORD(X,Y) (((word32 *)(X))[Y])
 	outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   );
 	outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8);
 	outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   );
@@ -633,30 +686,18 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	outBlock[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8);
 	outBlock[14] = (byte)(S1[ARIA_BRF(t[3],1)]   );
 	outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)]   );
+
+	#define ARIA_WORD(X,Y) (((word32 *)(X))[Y])
 	ARIA_WORD(outBlock,0)^=LoadWord<true>(rk,0);
 	ARIA_WORD(outBlock,1)^=LoadWord<true>(rk,1);
 	ARIA_WORD(outBlock,2)^=LoadWord<true>(rk,2);
 	ARIA_WORD(outBlock,3)^=LoadWord<true>(rk,3);
 #endif
 
-#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
-	if (xorBlock != NULLPTR && HasSSSE3())
-	{
-		// 3 SSE instructions
-		_mm_storeu_si128((__m128i*)(outBlock),
-			_mm_xor_si128(
-				// 'outBlock' and 'xorBlock' may be unaligned.
-				_mm_loadu_si128((const __m128i*)(outBlock)),
-				_mm_loadu_si128((const __m128i*)(xorBlock))));
-	}
-	else
-#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
-	{
-		// 15 integer instructions
-		if (xorBlock)
-			for (unsigned int n=0; n<16; ++n)
-				outBlock[n] ^= xorBlock[n];
-	}
+	// 15 integer instructions
+	if (xorBlock != NULLPTR)
+		for (unsigned int n=0; n<16; ++n)
+			outBlock[n] ^= xorBlock[n];
 }
 
 NAMESPACE_END

From 2bb36c790e7cbe6fc7aeef2998d1b9a49935762b Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 13 Apr 2017 16:00:59 -0400
Subject: [PATCH 020/200] Add ARIA test vectors from RFC 5794

---
 TestVectors/aria.txt | 30 +++++++++++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

diff --git a/TestVectors/aria.txt b/TestVectors/aria.txt
index f1138f56..574d6139 100644
--- a/TestVectors/aria.txt
+++ b/TestVectors/aria.txt
@@ -1,6 +1,6 @@
 AlgorithmType: SymmetricCipher
 Name: ARIA/ECB
-Source: ARIA Test Vectors PDF (05.05.2004)
+Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 1, ARIA/ECB 128-bit (p.3)
 Key:        00112233445566778899aabbccddeeff
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
@@ -14,6 +14,13 @@ Ciphertext: c6ecd08e22c30abdb215cf74e2075e6e 29ccaac63448708d331b2f816c51b17d \
             fc7887e7f556377614ab0a282293e6d8 84dbb84206cdb16ed1754e77a1f243fd \
             086953f752cc1e46c7c794ae85537dca ec8dd721f55c93b6edfe2adea43873e8
 Test: Encrypt
+Source:     RFC 5794, The ARIA Encryption Algorithm
+Comment:    A.1, 128-Bit Key (p. 10)
+Key:        000102030405060708090a0b0c0d0e0f
+Plaintext:  00112233445566778899aabbccddeeff
+Ciphertext: d718fbd6ab644c739da95f3be6451778
+Test: Encrypt
+Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 2, ARIA/ECB 192-bit (p.6)
 Key:        00112233445566778899aabbccddeeff 0011223344556677
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
@@ -27,6 +34,13 @@ Ciphertext: 8d1470625f59ebacb0e55b534b3e462b 5f23d33bff78f46c3c15911f4a21809a \
             a233c8523d2db778fb31b0e311f32700 152f33861e9d040c83b5eb40cd88ea49 \
             975709dc629365a189f78a3ec40345fc 6a5a307a8f9a4413091e007eca5645a0
 Test: Encrypt
+Source:     RFC 5794, The ARIA Encryption Algorithm
+Comment:    A.2, 192-Bit Key (p. 11)
+Key:        000102030405060708090a0b0c0d0e0f 1011121314151617
+Plaintext:  00112233445566778899aabbccddeeff
+Ciphertext: 26449c1805dbe7aa25a468ce263a9e79
+Test: Encrypt
+Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 3, ARIA/ECB 256-bit (p.11)
 Key:        00112233445566778899aabbccddeeff 00112233445566778899aabbccddeeff
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
@@ -40,10 +54,16 @@ Ciphertext: 58a875e6044ad7fffa4f58420f7f442d 8e191016f28e79aefc01e204773280d7 \
             49c7adbeb7e9d1b0d2a8531d94207959 6a27ed79f5b1dd13ecd604b07a48885a \
             3afa0627a0e4e60a3c703af292f1baa7 7b702f16c54aa74bc727ea95c7468b00
 Test: Encrypt
+Source:     RFC 5794, The ARIA Encryption Algorithm
+Comment:    A.3, 256-Bit Key (p. 11)
+Key:        000102030405060708090a0b0c0d0e0f 101112131415161718191a1b1c1d1e1f
+Plaintext:  00112233445566778899aabbccddeeff
+Ciphertext: f92bd7c79fb72e2f2b8f80c1972d24fc
+Test: Encrypt
 
 AlgorithmType: SymmetricCipher
 Name: ARIA/CBC
-Source: ARIA Test Vectors PDF (05.05.2004)
+Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 1, ARIA/CBC 128-bit (p.3)
 Key:        00112233445566778899aabbccddeeff
 IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
@@ -58,6 +78,7 @@ Ciphertext: 49d61860b14909109cef0d22a9268134 fadf9fb23151e9645fba75018bdb1538 \
             cd46e45f85eaa7072437dd9fa6793d6f 8d4ccefc4eb1ac641ac1bd30b18c6d64 \
             c49bca137eb21c2e04da62712ca2b4f5 40c57112c38791852cfac7a5d19ed83a
 Test: Encrypt
+Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 1, ARIA/CBC 192-bit (p.6)
 Key:        00112233445566778899aabbccddeeff 0011223344556677
 IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
@@ -72,6 +93,7 @@ Ciphertext: afe6cf23974b533c672a826264ea785f 4e4f7f780dc7f3f1e0962b80902386d5 \
             631998d548110d666b3d54c2a091955c 6f05beb4f62309368696c9791fc4c551 \
             564a2637f194346ec45fbca6c72a5b46 12e208d531d6c34cc5c64eac6bd0cf8c
 Test: Encrypt
+Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 1, ARIA/CBC 256-bit (p.11)
 Key:        00112233445566778899aabbccddeeff 00112233445566778899aabbccddeeff
 IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
@@ -89,7 +111,7 @@ Test: Encrypt
 
 AlgorithmType: SymmetricCipher
 Name: ARIA/CTR
-Source: ARIA Test Vectors PDF (05.05.2004)
+Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 1, ARIA/CTR 128-bit (p.3)
 Key:        00112233445566778899aabbccddeeff
 IV:         00000000000000000000000000000000
@@ -104,6 +126,7 @@ Ciphertext: ac5d7de805a0bf1c57c854501af60fa1 1497e2a34519dea1569e91e5b5ccae2f \
             bdfa94ea6cce47dcf8525ab5a814cfeb 2bb60ee2b126e2d9d847c1a9e96f9019 \
             e3e6a7fe40d3829afb73db1cc245646a ddb62d9b907baaafbe46a73dbc131d3d
 Test: Encrypt
+Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 2, ARIA/CTR 192-bit (p.6)
 Key:        00112233445566778899aabbccddeeff 0011223344556677
 IV:         00000000000000000000000000000000
@@ -118,6 +141,7 @@ Ciphertext: 08625ca8fe569c19ba7af3760a6ed1ce f4d199263e999dde14082dbba7560b79 \
             6ef326b95a692a191ba0f2a41c5fe9ae 070f236ff7078e703b42666caafbdd20 \
             bad74ac4c20c0f46c7ca24c151716575 c947da16c90cfe1bf217a41cfebe7531
 Test: Encrypt
+Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 3, ARIA/CTR 256-bit (p.11)
 Key:        00112233445566778899aabbccddeeff 00112233445566778899aabbccddeeff
 IV:         00000000000000000000000000000000

From 471e2f0d913850648843570520f58e7d31cd5a2c Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 13 Apr 2017 16:53:53 -0400
Subject: [PATCH 021/200] Remove unneeded assert from Camellia

---
 camellia.cpp | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/camellia.cpp b/camellia.cpp
index 13880393..da48caa6 100644
--- a/camellia.cpp
+++ b/camellia.cpp
@@ -216,13 +216,12 @@ void Camellia::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBloc
 	rh ^= KS(0,2);
 	rl ^= KS(0,3);
 
-	// timing attack countermeasure. see comments at top for more details
+	// Timing attack countermeasure. see comments in Rijndael for more details
 	const int cacheLineSize = GetCacheLineSize();
 	unsigned int i;
 	volatile word32 _u = 0;
 	word32 u = _u;
 
-	CRYPTOPP_ASSERT(IsAlignedOn(s1,GetAlignmentOf<word32>()));
 	for (i=0; i<256; i+=cacheLineSize)
 		u &= *(const word32 *)(void*)(s1+i);
 	u &= *(const word32 *)(void*)(s1+252);

From 65c3c63b521bdda5b08f28830ac677b35800f6bf Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 13 Apr 2017 17:45:58 -0400
Subject: [PATCH 022/200] Breakout and cleanup macros. Add
 CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS, CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
 and CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS.

Tune CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS and CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS macro for older GCC and Clang. Clang needs some more tuning on Aarch64 becuase performance is off by about 15%.

Add additional NEON code paths.

Remove keyBits from Aarch64 code paths.
---
 aria.cpp | 197 +++++++++++++++++++++++++++++++++++++++----------------
 config.h |   2 +-
 2 files changed, 140 insertions(+), 59 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index adc40bba..56b7b6d6 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -14,14 +14,22 @@
 #include "misc.h"
 #include "cpu.h"
 
-#include <iostream>
-
-// Enable SSE intrinsics for Visual Studio. It reduces key schedule setup by 150
-// to 200 cycles. GCC does fine on its own, and it slows things down a small bit.
-#if CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE && _MSC_VER
-# define CRYPTOPP_ENABLE_ARIA_INTRINSICS 1
+// Enable SSE2 and NEON for all platforms which have the intrinsics. Enable SSSE3 intrinsics
+// for Visual Studio and older GCCs. It reduces key schedule setup by 150 to 250 cycles.
+// Modern GCC does fine on its own, and it slows things down a small bit.
+#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE
+# define CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS 1
 #endif
 
+#if CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE
+# define CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS 1
+#endif
+
+#if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS && (CRYPTOPP_MSC_VERSION || (defined(CRYPTOPP_GCC_VERSION) && CRYPTOPP_GCC_VERSION < 50000))
+# define CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS 1
+#endif
+
+
 ANONYMOUS_NAMESPACE_BEGIN
 
 CRYPTOPP_ALIGN_DATA(16)
@@ -265,7 +273,7 @@ inline void ARIA_GSRK(const word32 X[4], const word32 Y[4], byte RK[16])
 	reinterpret_cast<word32*>(RK)[3] = (X[3]) ^ ((Y[(Q+3)%4])>>R) ^ ((Y[(Q+2)%4])<<(32-R));
 }
 
-#if CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE
+#if CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
 template <unsigned int N>
 inline void ARIA_GSRK_NEON(const word32 X[4], const word32 Y[4], byte RK[16])
 {
@@ -278,7 +286,7 @@ inline void ARIA_GSRK_NEON(const word32 X[4], const word32 Y[4], byte RK[16])
 	const uint32x4_t b = vextq_u32(t, t, Q1);
 	const uint32x4_t c = vextq_u32(t, t, Q2);
 
-	vst1q_u32(reinterpret_cast<word32*>(RK),
+	vst1q_u32(reinterpret_cast<uint32_t*>(RK),
 		veorq_u32(a, veorq_u32(
 			vshrq_n_u32(b, R),
 			vshlq_n_u32(c, 32-R))));
@@ -316,19 +324,17 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	// w0 has room for 32 bytes. w1-w3 each has room for 16 bytes. t and u are 16 byte temp areas.
 	word32 *w0 = m_w.data(), *w1 = m_w.data()+8, *w2 = m_w.data()+12, *w3 = m_w.data()+16, *t = m_w.data()+20;
 
-#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+#if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
 	if (HasSSSE3())
 	{
 		// 7 SSE instructions. 'mk' may be unaligned.
 		const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
 		const __m128i w = _mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(mk)), m);
 		_mm_store_si128((__m128i*)w0, w);
-
-		_mm_store_si128((__m128i*)t, _mm_xor_si128(w,
-				_mm_load_si128((const __m128i*)(KRK[q]))));
+		_mm_store_si128((__m128i*)t, _mm_xor_si128(w, _mm_load_si128((const __m128i*)(KRK[q]))));
 	}
 	else
-#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+#endif  // CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
 	{
 		// 27 integer instructions
 		w0[0] = LoadWord<true>(mk,0); w0[1] = LoadWord<true>(mk,1);
@@ -343,7 +349,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 
 	if (keylen == 32)
 	{
-#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+#if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
 		if (HasSSSE3())
 		{
 			// 3 SSE instructions. 'mk' may be unaligned.
@@ -351,7 +357,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 			_mm_store_si128(reinterpret_cast<__m128i*>(w1),
 				_mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(mk+16)), m));
 		}
-#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+#endif  // CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
 		{
 			// 14 integer instructions
 			w1[0] = LoadWord<true>(mk,4);
@@ -368,20 +374,20 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	}
 	else
 	{
-#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE
+#if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 		if (HasSSE2())
 		{
 			_mm_store_si128(reinterpret_cast<__m128i*>(w1), _mm_setzero_si128());
 		}
 		else
-#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+#endif  // CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 		{
 			w1[0]=w1[1]=w1[2]=w1[3]=0;
 		}
 	}
 
-#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
-	if (HasSSSE3())
+#if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
+	if (HasSSE2())
 	{
 		// 4 integer, 7 SSE instructions
 		const __m128i x = _mm_xor_si128(
@@ -399,7 +405,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		_mm_store_si128((__m128i*)(t), y);
 	}
 	else
-#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+#endif  // CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 	{
 		// 23 integer instructions
 		w1[0]^=t[0]; w1[1]^=t[1]; w1[2]^=t[2]; w1[3]^=t[3];
@@ -412,8 +418,8 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 
 	ARIA_FE;
 
-#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
-	if (HasSSSE3())
+#if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
+	if (HasSSE2())
 	{
 		// 4 integer, 7 SSE instructions
 		const __m128i x = _mm_xor_si128(
@@ -431,7 +437,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		_mm_store_si128((__m128i*)(t), y);
 	}
 	else
-#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+#endif  // CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 	{
 		// 23 integer instructions
 		t[0]^=w0[0]; t[1]^=w0[1]; t[2]^=w0[2]; t[3]^=w0[3];
@@ -444,8 +450,8 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 
 	ARIA_FO;
 
-#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
-	if (HasSSSE3())
+#if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
+	if (HasSSE2())
 	{
 		// 3 SSE instructions
 		const __m128i x = _mm_xor_si128(
@@ -455,13 +461,13 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		_mm_store_si128((__m128i*)(w3), x);
 	}
 	else
-#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+#endif  // CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 	{
 		// 14 integer instructions
 		w3[0]=t[0]^w1[0]; w3[1]=t[1]^w1[1]; w3[2]=t[2]^w1[2]; w3[3]=t[3]^w1[3];
 	}
 
-#if CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE
+#if CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
 	if (HasNEON())
 	{
 		ARIA_GSRK_NEON<19>(w0, w1, rk +   0);
@@ -478,12 +484,12 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		ARIA_GSRK_NEON<67>(w3, w0, rk + 176);
 		ARIA_GSRK_NEON<97>(w0, w1, rk + 192);
 
-		if (keyBits > 128)
+		if (keylen > 16)
 		{
 			ARIA_GSRK_NEON<97>(w1, w2, rk + 208);
 			ARIA_GSRK_NEON<97>(w2, w3, rk + 224);
 
-			if (keyBits > 192)
+			if (keylen > 24)
 			{
 				ARIA_GSRK_NEON< 97>(w3, w0, rk + 240);
 				ARIA_GSRK_NEON<109>(w0, w1, rk + 256);
@@ -491,7 +497,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		}
 	}
 	else
-#endif  // CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE
+#endif  // CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
 	{
 		ARIA_GSRK<19>(w0, w1, rk +   0);
 		ARIA_GSRK<19>(w1, w2, rk +  16);
@@ -529,18 +535,75 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		rk = m_rk.data();
 		r = R; q = Q;
 
-		// 32 integer intructions. memcpy is faster for some compilers.
-#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+#if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 		if (HasSSE2())
 		{
 			// 6 SSE instructions
 			a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
+			// t[0]=a[0]; t[1]=a[1]; t[2]=a[2]; t[3]=a[3];
+			// a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
+			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
 			_mm_store_si128((__m128i*)t, _mm_load_si128((const __m128i*)a));
 			_mm_store_si128((__m128i*)a, _mm_load_si128((const __m128i*)z));
 			_mm_store_si128((__m128i*)z, _mm_load_si128((const __m128i*)t));
+
+			a+=4; z-=4;
+			for (; a<z; a+=4, z-=4)
+			{
+				ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
+				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
+				// s[0]=t[0]; s[1]=t[1]; s[2]=t[2]; s[3]=t[3];
+				_mm_store_si128((__m128i*)s, _mm_load_si128((const __m128i*)t));
+
+				ARIA_M1(z[0],t[0]); ARIA_M1(z[1],t[1]); ARIA_M1(z[2],t[2]); ARIA_M1(z[3],t[3]);
+				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
+				// a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
+				// z[0]=s[0]; z[1]=s[1]; z[2]=s[2]; z[3]=s[3];
+				_mm_store_si128((__m128i*)a, _mm_load_si128((const __m128i*)t));
+				_mm_store_si128((__m128i*)z, _mm_load_si128((const __m128i*)s));
+			}
+
+			ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
+			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
+			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
+			_mm_store_si128((__m128i*)z, _mm_load_si128((const __m128i*)t));
 		}
 		else
-#endif
+#elif CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
+		if (HasNEON())
+		{
+			// 6 NEON instructions
+			a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
+			// t[0]=a[0]; t[1]=a[1]; t[2]=a[2]; t[3]=a[3];
+			// a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
+			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
+			vst1q_u32(reinterpret_cast<uint32_t*>(t), vld1q_u32(reinterpret_cast<uint32_t*>(a)));
+			vst1q_u32(reinterpret_cast<uint32_t*>(a), vld1q_u32(reinterpret_cast<uint32_t*>(z)));
+			vst1q_u32(reinterpret_cast<uint32_t*>(z), vld1q_u32(reinterpret_cast<uint32_t*>(t)));
+
+			a+=4; z-=4;
+			for (; a<z; a+=4, z-=4)
+			{
+				ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
+				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
+				// s[0]=t[0]; s[1]=t[1]; s[2]=t[2]; s[3]=t[3];
+				vst1q_u32(reinterpret_cast<uint32_t*>(s), vld1q_u32(reinterpret_cast<uint32_t*>(t)));
+
+				ARIA_M1(z[0],t[0]); ARIA_M1(z[1],t[1]); ARIA_M1(z[2],t[2]); ARIA_M1(z[3],t[3]);
+				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
+				// a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
+				// z[0]=s[0]; z[1]=s[1]; z[2]=s[2]; z[3]=s[3];
+				vst1q_u32(reinterpret_cast<uint32_t*>(a), vld1q_u32(reinterpret_cast<uint32_t*>(t)));
+				vst1q_u32(reinterpret_cast<uint32_t*>(z), vld1q_u32(reinterpret_cast<uint32_t*>(s)));
+			}
+
+			ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
+			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
+			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
+			vst1q_u32(reinterpret_cast<uint32_t*>(z), vld1q_u32(reinterpret_cast<uint32_t*>(t)));
+		}
+		else
+#endif  // CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 		{
 			// 32 integer instructions
 			a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
@@ -548,26 +611,27 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 			// a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
 			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
 			memcpy(t, a, 16); memcpy(a, z, 16); memcpy(z, t, 16);
-		}
 
-		a+=4; z-=4;
-		for (; a<z; a+=4, z-=4)
-		{
+			a+=4; z-=4;
+			for (; a<z; a+=4, z-=4)
+			{
+				ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
+				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
+				// s[0]=t[0]; s[1]=t[1]; s[2]=t[2]; s[3]=t[3];
+				memcpy(s, t, 16);
+
+				ARIA_M1(z[0],t[0]); ARIA_M1(z[1],t[1]); ARIA_M1(z[2],t[2]); ARIA_M1(z[3],t[3]);
+				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
+				// a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
+				// z[0]=s[0]; z[1]=s[1]; z[2]=s[2]; z[3]=s[3];
+				memcpy(a, t, 16); memcpy(z, s, 16);
+			}
+
 			ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
 			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-			// s[0]=t[0]; s[1]=t[1]; s[2]=t[2]; s[3]=t[3];
-			memcpy(s, t, 16);
-
-			ARIA_M1(z[0],t[0]); ARIA_M1(z[1],t[1]); ARIA_M1(z[2],t[2]); ARIA_M1(z[3],t[3]);
-			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-			// a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
-			// z[0]=s[0]; z[1]=s[1]; z[2]=s[2]; z[3]=s[3];
-			memcpy(a, t, 16); memcpy(z, s, 16);
+			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
+			memcpy(z, t, 16);
 		}
-		ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
-		ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-		// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
-		memcpy(z, t, 16);
 	}
 }
 
@@ -576,7 +640,7 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	const byte *rk = reinterpret_cast<const byte*>(m_rk.data());
 	word32 *t = const_cast<word32*>(m_w.data()+20);
 
-#if CRYPTOPP_ENABLE_ARIA_INTRINSICS
+#if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
 	if (HasSSSE3())
 	{
 		// 3 SSE instructions. 'inBlock' may be unaligned.
@@ -584,7 +648,7 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 		_mm_store_si128((__m128i*)t, _mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(inBlock)), m));
 	}
 	else
-#endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+#endif  // CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
 	{
 		// 13 integer instructions
 		t[0] = LoadWord<true>(inBlock,0); t[1] = LoadWord<true>(inBlock,1);
@@ -609,7 +673,7 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	ARIA_KXL; rk+= 16; ARIA_FO; ARIA_KXL; rk+= 16;
 
 #ifdef IS_LITTLE_ENDIAN
-# if CRYPTOPP_ENABLE_ARIA_INTRINSICS || defined(__SSSE3__)
+# if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS || defined(__SSSE3__)
 	if (HasSSSE3())  // Include GCC and Clang in this code path
 	{
 		// This code path saves about 30 instructions
@@ -636,12 +700,12 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 			_mm_xor_si128(_mm_loadu_si128((const __m128i*)(outBlock)),
 				_mm_shuffle_epi8(_mm_load_si128((const __m128i*)(rk)), m)));
 
+		// 'outBlock' and 'xorBlock' may be unaligned.
 		if (xorBlock != NULLPTR)
 		{
 			// 3 SSE instructions
 			_mm_storeu_si128((__m128i*)(outBlock),
 				_mm_xor_si128(
-					// 'outBlock' and 'xorBlock' may be unaligned.
 					_mm_loadu_si128((const __m128i*)(outBlock)),
 					_mm_loadu_si128((const __m128i*)(xorBlock))));
 		}
@@ -649,7 +713,7 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 		return;
 	}
 	else
-# endif  // CRYPTOPP_ENABLE_ARIA_INTRINSICS
+# endif  // CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
 	{
 		// 13 additional integer instructions
 		outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   ) ^ rk[ 3];
@@ -694,10 +758,27 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	ARIA_WORD(outBlock,3)^=LoadWord<true>(rk,3);
 #endif
 
-	// 15 integer instructions
-	if (xorBlock != NULLPTR)
-		for (unsigned int n=0; n<16; ++n)
-			outBlock[n] ^= xorBlock[n];
+#if CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
+	if (HasNEON())
+	{
+		if (xorBlock != NULLPTR)
+		{
+			// 4 NEON instructions
+			vst1q_u32(reinterpret_cast<uint32_t*>(outBlock),
+				veorq_u32(
+					vld1q_u32((const uint32_t*)outBlock),
+					vld1q_u32((const uint32_t*)xorBlock)));
+		}
+
+	}
+	else
+#endif  // CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
+	{
+		// 15 integer instructions
+		if (xorBlock != NULLPTR)
+			for (unsigned int n=0; n<16; ++n)
+				outBlock[n] ^= xorBlock[n];
+	}
 }
 
 NAMESPACE_END
diff --git a/config.h b/config.h
index 9251c92c..cfdb6410 100644
--- a/config.h
+++ b/config.h
@@ -423,7 +423,7 @@ NAMESPACE_END
 	#define CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE 0
 #endif
 
-#if !defined(CRYPTOPP_DISABLE_SSSE3) && (_MSC_VER >= 1500 || defined(__GNUC__) || (defined(__SSSE3__) && defined(__SSSE3__)))
+#if !defined(CRYPTOPP_DISABLE_ASM) && !defined(CRYPTOPP_DISABLE_SSSE3) && !defined(_M_ARM) && (_MSC_VER >= 1500 || (CRYPTOPP_GCC_VERSION >= 50000) || (CRYPTOPP_LLVM_CLANG_VERSION >= 30500) || (defined(__SSSE3__) && defined(__SSSE3__)))
 	#define CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE 1
 #else
 	#define CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE 0

From 70cf88f2308ac03a7ee064f43f1cc2f6fe9fa536 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 13 Apr 2017 17:46:51 -0400
Subject: [PATCH 023/200] Apply S-box timing attack counter measures to ARIA

The ARIA S-boxes could leak timining information. This commit applies the counter measures present in Rijndael and Camellia to ARIA. We take a penalty of about 0.05 to 0.1 cpb. It equates to about 0 MiB/s on an ARM device, and about 2 MiB/s on a modern Skylake.

We recently gained some performance though use of SSE and NEON in ProcessAndXorBlock, so the net result is an improvement.
---
 aria.cpp | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/aria.cpp b/aria.cpp
index 56b7b6d6..24865b8f 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -640,6 +640,20 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	const byte *rk = reinterpret_cast<const byte*>(m_rk.data());
 	word32 *t = const_cast<word32*>(m_w.data()+20);
 
+	// Timing attack countermeasure. See comments in Rijndael for more details.
+	// We used Yun's 32-bit implementation, so we don't want to walk elements.
+	// In this case, we still want the byte oriented pointer to induce the flush.
+	const int cacheLineSize = GetCacheLineSize();
+	const byte *p = reinterpret_cast<const byte*>(S1);
+	unsigned int i;
+	volatile word32 _u = 0;
+	word32 u = _u;
+
+	for (i=0; i<256; i+=cacheLineSize)
+		u &= *(const word32 *)(void*)(p+i);
+	u &= *(const word32 *)(void*)(p+252);
+	t[0] |= u; t[1] |= u;
+
 #if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
 	if (HasSSSE3())
 	{

From bae30d6767ffd2da1271e50387614340371591df Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 13 Apr 2017 18:44:20 -0400
Subject: [PATCH 024/200] Add ARIA to nmake makefile for Windows

---
 cryptest.nmake | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cryptest.nmake b/cryptest.nmake
index d072e91e..142b8a0e 100644
--- a/cryptest.nmake
+++ b/cryptest.nmake
@@ -48,9 +48,9 @@
 # If you use 'make sources' from Linux makefile, then add 'winpipes.cpp'. Platform specific
 #  classes, like 'rdrand.cpp', should not be included. Add them under the X86 and X64 rules.
 
-LIB_SRCS = cryptlib.cpp cpu.cpp integer.cpp shacal2.cpp md5.cpp shark.cpp zinflate.cpp gf2n.cpp salsa.cpp xtr.cpp oaep.cpp rc2.cpp default.cpp wait.cpp wake.cpp twofish.cpp iterhash.cpp adler32.cpp algparam.cpp marss.cpp blowfish.cpp ecp.cpp strciphr.cpp camellia.cpp dh2.cpp ida.cpp zlib.cpp elgamal.cpp crc.cpp dessp.cpp tea.cpp eax.cpp network.cpp sha.cpp emsa2.cpp pkcspad.cpp squaretb.cpp idea.cpp authenc.cpp hmac.cpp xtrcrypt.cpp queue.cpp mars.cpp rc5.cpp md2.cpp hrtimer.cpp vmac.cpp eprecomp.cpp hex.cpp dsa.cpp fips140.cpp gzip.cpp seal.cpp blake2.cpp files.cpp base32.cpp sharkbox.cpp safer.cpp randpool.cpp sosemanuk.cpp arc4.cpp osrng.cpp skipjack.cpp seed.cpp sha3.cpp filters.cpp bfinit.cpp rabin.cpp 3way.cpp rw.cpp rdtables.cpp rsa.cpp tftables.cpp gost.cpp socketft.cpp nbtheory.cpp panama.cpp modes.cpp rijndael.cpp casts.cpp algebra.cpp esign.cpp gfpcrypt.cpp dll.cpp ec2n.cpp poly1305.cpp polynomi.cpp blumshub.cpp des.cpp basecode.cpp zdeflate.cpp base64.cpp rc6.cpp gf256.cpp mqueue.cpp misc.cpp pssr.cpp channels.cpp rng.cpp tiger.cpp cast.cpp square.cpp asn.cpp chacha.cpp whrlpool.cpp md4.cpp dh.cpp ccm.cpp mqv.cpp tigertab.cpp gf2_32.cpp cbcmac.cpp ttmac.cpp luc.cpp trdlocal.cpp pubkey.cpp gcm.cpp ripemd.cpp keccak.cpp eccrypto.cpp serpent.cpp cmac.cpp winpipes.cpp
+LIB_SRCS = cryptlib.cpp cpu.cpp integer.cpp shacal2.cpp md5.cpp shark.cpp zinflate.cpp gf2n.cpp salsa.cpp xtr.cpp oaep.cpp rc2.cpp default.cpp wait.cpp wake.cpp twofish.cpp iterhash.cpp adler32.cpp algparam.cpp marss.cpp blowfish.cpp ecp.cpp strciphr.cpp aria.cpp camellia.cpp dh2.cpp ida.cpp zlib.cpp elgamal.cpp crc.cpp dessp.cpp tea.cpp eax.cpp network.cpp sha.cpp emsa2.cpp pkcspad.cpp squaretb.cpp idea.cpp authenc.cpp hmac.cpp xtrcrypt.cpp queue.cpp mars.cpp rc5.cpp md2.cpp hrtimer.cpp vmac.cpp eprecomp.cpp hex.cpp dsa.cpp fips140.cpp gzip.cpp seal.cpp blake2.cpp files.cpp base32.cpp sharkbox.cpp safer.cpp randpool.cpp sosemanuk.cpp arc4.cpp osrng.cpp skipjack.cpp seed.cpp sha3.cpp filters.cpp bfinit.cpp rabin.cpp 3way.cpp rw.cpp rdtables.cpp rsa.cpp tftables.cpp gost.cpp socketft.cpp nbtheory.cpp panama.cpp modes.cpp rijndael.cpp casts.cpp algebra.cpp esign.cpp gfpcrypt.cpp dll.cpp ec2n.cpp poly1305.cpp polynomi.cpp blumshub.cpp des.cpp basecode.cpp zdeflate.cpp base64.cpp rc6.cpp gf256.cpp mqueue.cpp misc.cpp pssr.cpp channels.cpp rng.cpp tiger.cpp cast.cpp square.cpp asn.cpp chacha.cpp whrlpool.cpp md4.cpp dh.cpp ccm.cpp mqv.cpp tigertab.cpp gf2_32.cpp cbcmac.cpp ttmac.cpp luc.cpp trdlocal.cpp pubkey.cpp gcm.cpp ripemd.cpp keccak.cpp eccrypto.cpp serpent.cpp cmac.cpp winpipes.cpp
 
-LIB_OBJS = cryptlib.obj cpu.obj integer.obj shacal2.obj md5.obj shark.obj zinflate.obj gf2n.obj salsa.obj xtr.obj oaep.obj rc2.obj default.obj wait.obj wake.obj twofish.obj iterhash.obj adler32.obj algparam.obj marss.obj blowfish.obj ecp.obj strciphr.obj camellia.obj dh2.obj ida.obj zlib.obj elgamal.obj crc.obj dessp.obj tea.obj eax.obj network.obj sha.obj emsa2.obj pkcspad.obj squaretb.obj idea.obj authenc.obj hmac.obj xtrcrypt.obj queue.obj mars.obj rc5.obj md2.obj hrtimer.obj vmac.obj eprecomp.obj hex.obj dsa.obj fips140.obj gzip.obj seal.obj blake2.obj files.obj base32.obj sharkbox.obj safer.obj randpool.obj sosemanuk.obj arc4.obj osrng.obj skipjack.obj seed.obj sha3.obj filters.obj bfinit.obj rabin.obj 3way.obj rw.obj rdtables.obj rsa.obj tftables.obj gost.obj socketft.obj nbtheory.obj panama.obj modes.obj rijndael.obj casts.obj algebra.obj esign.obj gfpcrypt.obj dll.obj ec2n.obj poly1305.obj polynomi.obj blumshub.obj des.obj basecode.obj zdeflate.obj base64.obj rc6.obj gf256.obj mqueue.obj misc.obj pssr.obj channels.obj rng.obj tiger.obj cast.obj square.obj asn.obj chacha.obj whrlpool.obj md4.obj dh.obj ccm.obj mqv.obj tigertab.obj gf2_32.obj cbcmac.obj ttmac.obj luc.obj trdlocal.obj pubkey.obj gcm.obj ripemd.obj keccak.obj eccrypto.obj serpent.obj cmac.obj winpipes.obj
+LIB_OBJS = cryptlib.obj cpu.obj integer.obj shacal2.obj md5.obj shark.obj zinflate.obj gf2n.obj salsa.obj xtr.obj oaep.obj rc2.obj default.obj wait.obj wake.obj twofish.obj iterhash.obj adler32.obj algparam.obj marss.obj blowfish.obj ecp.obj strciphr.obj aria.obj camellia.obj dh2.obj ida.obj zlib.obj elgamal.obj crc.obj dessp.obj tea.obj eax.obj network.obj sha.obj emsa2.obj pkcspad.obj squaretb.obj idea.obj authenc.obj hmac.obj xtrcrypt.obj queue.obj mars.obj rc5.obj md2.obj hrtimer.obj vmac.obj eprecomp.obj hex.obj dsa.obj fips140.obj gzip.obj seal.obj blake2.obj files.obj base32.obj sharkbox.obj safer.obj randpool.obj sosemanuk.obj arc4.obj osrng.obj skipjack.obj seed.obj sha3.obj filters.obj bfinit.obj rabin.obj 3way.obj rw.obj rdtables.obj rsa.obj tftables.obj gost.obj socketft.obj nbtheory.obj panama.obj modes.obj rijndael.obj casts.obj algebra.obj esign.obj gfpcrypt.obj dll.obj ec2n.obj poly1305.obj polynomi.obj blumshub.obj des.obj basecode.obj zdeflate.obj base64.obj rc6.obj gf256.obj mqueue.obj misc.obj pssr.obj channels.obj rng.obj tiger.obj cast.obj square.obj asn.obj chacha.obj whrlpool.obj md4.obj dh.obj ccm.obj mqv.obj tigertab.obj gf2_32.obj cbcmac.obj ttmac.obj luc.obj trdlocal.obj pubkey.obj gcm.obj ripemd.obj keccak.obj eccrypto.obj serpent.obj cmac.obj winpipes.obj
 
 TEST_SRCS = bench1.cpp bench2.cpp test.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp datatest.cpp regtest.cpp fipsalgt.cpp dlltest.cpp fipstest.cpp
 

From bf92cb00395b71a942e4b785c6848f038a961c3a Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 13 Apr 2017 21:45:21 -0400
Subject: [PATCH 025/200] Split regtest.cpp into regtest{1|2|3}.cpp regtest.cpp
 is where ciphers register by name. The library has added a number of ciphers
 over the last couple of years and the source file has experienced bloat. Most
 of the ARM and MIPS test borads were suffering Out of Memory (OOM) kills as
 the compiler processed the source fille and the included header files. This
 won't stop the OOM kills, but it will help the situation. An early
 BeagleBoard with 512 MB of RAM is still going to have trouble, but it can be
 worked around by building with 1 make job as opposed to 2 or 4.

---
 CMakeLists.txt              |   3 +-
 Filelist.txt                |   5 +-
 GNUmakefile                 |   2 +-
 GNUmakefile-cross           |   2 +-
 bench.h                     |   4 +-
 bench1.cpp                  |  20 +++---
 cryptest.nmake              |   4 +-
 cryptest.vcxproj            |   4 +-
 cryptest.vcxproj.filters    |   8 ++-
 regtest1.cpp                | 117 ++++++++++++++++++++++++++++++++++++
 regtest.cpp => regtest2.cpp | 114 +++++------------------------------
 regtest3.cpp                |  53 ++++++++++++++++
 test.cpp                    |  12 ++--
 13 files changed, 225 insertions(+), 123 deletions(-)
 create mode 100644 regtest1.cpp
 rename regtest.cpp => regtest2.cpp (54%)
 create mode 100644 regtest3.cpp

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 00a9de03..70c63f87 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,4 +1,5 @@
 # Please ensure your changes or patch meets minimum requirements.
+# Please ensure your changes or patch meets minimum requirements.
 #   The minimum requirements are 2.8.5. They roughly equate to Ubuntu 12.04 LTS
 #   Please do not check in something for 2.8.12 or 3.5.0. To test your changes,
 #   please set up a Ubuntu 12.04 LTS system. Then, manually install Cmake 2.8.5
@@ -201,7 +202,7 @@ endif()
 file(GLOB cryptopp_HEADERS *.h)
 
 # Test sources. You can use the GNUmakefile to generate the list: `make sources`.
-file(GLOB cryptopp_SOURCES_TEST test.cpp bench1.cpp bench2.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp adhoc.cpp datatest.cpp regtest.cpp fipsalgt.cpp dlltest.cpp fipstest.cpp)
+file(GLOB cryptopp_SOURCES_TEST test.cpp bench1.cpp bench2.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp adhoc.cpp datatest.cpp regtest1.cpp regtest2.cpp regtest3.cpp fipsalgt.cpp dlltest.cpp fipstest.cpp)
 
 # Library sources. You can use the GNUmakefile to generate the list: `make sources`.
 file(GLOB cryptopp_SOURCES *.cpp)
diff --git a/Filelist.txt b/Filelist.txt
index 03d7ebdb..a279262a 100644
--- a/Filelist.txt
+++ b/Filelist.txt
@@ -217,7 +217,9 @@ rdrand.asm
 rdrand.cpp
 rdrand.h
 rdtables.cpp
-regtest.cpp
+regtest1.cpp
+regtest2.cpp
+regtest3.cpp
 resource.h
 rijndael.cpp
 rijndael.h
@@ -385,6 +387,7 @@ TestData/xtrdh342.dat
 TestVectors/Readme.txt
 TestVectors/aes.txt
 TestVectors/all.txt
+TestVectors/aria.txt
 TestVectors/blake2.txt
 TestVectors/blake2b.txt
 TestVectors/blake2s.txt
diff --git a/GNUmakefile b/GNUmakefile
index 31b4fcdb..bdfdaf0f 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -482,7 +482,7 @@ endif
 endif # Nasm
 
 # List test.cpp first to tame C++ static initialization problems.
-TESTSRCS := adhoc.cpp test.cpp bench1.cpp bench2.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp datatest.cpp regtest.cpp fipsalgt.cpp dlltest.cpp
+TESTSRCS := adhoc.cpp test.cpp bench1.cpp bench2.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp datatest.cpp regtest1.cpp regtest2.cpp regtest3.cpp fipsalgt.cpp dlltest.cpp
 TESTOBJS := $(TESTSRCS:.cpp=.o)
 LIBOBJS := $(filter-out $(TESTOBJS),$(OBJS))
 
diff --git a/GNUmakefile-cross b/GNUmakefile-cross
index 60c500a3..31b47559 100755
--- a/GNUmakefile-cross
+++ b/GNUmakefile-cross
@@ -117,7 +117,7 @@ SRCS := cryptlib.cpp cpu.cpp integer.cpp $(filter-out cryptlib.cpp cpu.cpp integ
 OBJS := $(SRCS:.cpp=.o)
 
 # List test.cpp first to tame C++ static initialization problems.
-TESTSRCS := adhoc.cpp test.cpp bench1.cpp bench2.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp datatest.cpp regtest.cpp fipsalgt.cpp dlltest.cpp
+TESTSRCS := adhoc.cpp test.cpp bench1.cpp bench2.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp datatest.cpp regtest1.cpp regtest2.cpp regtest3.cpp fipsalgt.cpp dlltest.cpp
 TESTOBJS := $(TESTSRCS:.cpp=.o)
 LIBOBJS := $(filter-out $(TESTOBJS),$(OBJS))
 
diff --git a/bench.h b/bench.h
index 4924d778..a30b22ef 100644
--- a/bench.h
+++ b/bench.h
@@ -14,6 +14,8 @@
 NAMESPACE_BEGIN(CryptoPP)
 NAMESPACE_BEGIN(Test)
 
+enum TestClass {Unkeyed=1,SharedKey=2,PublicKey=4, All=Unkeyed|SharedKey|PublicKey};
+
 extern const double CLOCK_TICKS_PER_SECOND;
 extern double g_allocatedTime;
 extern double g_hertz;
@@ -26,7 +28,7 @@ extern time_t g_testBegin;
 extern time_t g_testEnd;
 
 // Top level, prints preamble and postamble
-void Benchmark(int suites, double t, double hertz);
+void Benchmark(Test::TestClass suites, double t, double hertz);
 // Unkeyed systems
 void Benchmark1(double t, double hertz);
 // Shared key systems
diff --git a/bench1.cpp b/bench1.cpp
index ba99a4a2..f9e0f0b8 100644
--- a/bench1.cpp
+++ b/bench1.cpp
@@ -339,34 +339,34 @@ void AddHtmlFooter()
 	std::cout << "\n</HTML>" << std::endl;
 }
 
-void Benchmark(int suites, double t, double hertz)
+void Benchmark(Test::TestClass suites, double t, double hertz)
 {
 	g_allocatedTime = t;
 	g_hertz = hertz;
 
-	g_testBegin = std::time(NULLPTR);
-
 	AddHtmlHeader();
 
-	if (suites > 7)
-		suites = 7;
+	g_testBegin = std::time(NULLPTR);
+
+	if (static_cast<int>(suites) > 7 || static_cast<int>(suites) == 0)
+		suites = Test::All;
 
 	// Unkeyed algorithms
-	if (suites & 1)
+	if (suites & Test::Unkeyed)
 		Benchmark1(t, hertz);
 
-	if (suites > 1)
+	if (static_cast<int>(suites) > 1)
 		std::cout << "\n<BR>";
 
 	// Shared key algorithms
-	if (suites & 2)
+	if (suites & Test::SharedKey)
 		Benchmark2(t, hertz);
 
-	if (suites > 2)
+	if (static_cast<int>(suites) > 2)
 		std::cout << "\n<BR>";
 
 	// Public key algorithms
-	if (suites & 4)
+	if (suites & Test::PublicKey)
 		Benchmark3(t, hertz);
 
 	g_testEnd = std::time(NULLPTR);
diff --git a/cryptest.nmake b/cryptest.nmake
index 142b8a0e..f932a7c0 100644
--- a/cryptest.nmake
+++ b/cryptest.nmake
@@ -52,9 +52,9 @@ LIB_SRCS = cryptlib.cpp cpu.cpp integer.cpp shacal2.cpp md5.cpp shark.cpp zinfla
 
 LIB_OBJS = cryptlib.obj cpu.obj integer.obj shacal2.obj md5.obj shark.obj zinflate.obj gf2n.obj salsa.obj xtr.obj oaep.obj rc2.obj default.obj wait.obj wake.obj twofish.obj iterhash.obj adler32.obj algparam.obj marss.obj blowfish.obj ecp.obj strciphr.obj aria.obj camellia.obj dh2.obj ida.obj zlib.obj elgamal.obj crc.obj dessp.obj tea.obj eax.obj network.obj sha.obj emsa2.obj pkcspad.obj squaretb.obj idea.obj authenc.obj hmac.obj xtrcrypt.obj queue.obj mars.obj rc5.obj md2.obj hrtimer.obj vmac.obj eprecomp.obj hex.obj dsa.obj fips140.obj gzip.obj seal.obj blake2.obj files.obj base32.obj sharkbox.obj safer.obj randpool.obj sosemanuk.obj arc4.obj osrng.obj skipjack.obj seed.obj sha3.obj filters.obj bfinit.obj rabin.obj 3way.obj rw.obj rdtables.obj rsa.obj tftables.obj gost.obj socketft.obj nbtheory.obj panama.obj modes.obj rijndael.obj casts.obj algebra.obj esign.obj gfpcrypt.obj dll.obj ec2n.obj poly1305.obj polynomi.obj blumshub.obj des.obj basecode.obj zdeflate.obj base64.obj rc6.obj gf256.obj mqueue.obj misc.obj pssr.obj channels.obj rng.obj tiger.obj cast.obj square.obj asn.obj chacha.obj whrlpool.obj md4.obj dh.obj ccm.obj mqv.obj tigertab.obj gf2_32.obj cbcmac.obj ttmac.obj luc.obj trdlocal.obj pubkey.obj gcm.obj ripemd.obj keccak.obj eccrypto.obj serpent.obj cmac.obj winpipes.obj
 
-TEST_SRCS = bench1.cpp bench2.cpp test.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp datatest.cpp regtest.cpp fipsalgt.cpp dlltest.cpp fipstest.cpp
+TEST_SRCS = bench1.cpp bench2.cpp test.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp datatest.cpp regtest1.cpp regtest2.cpp regtest3.cpp fipsalgt.cpp dlltest.cpp fipstest.cpp
 
-TEST_OBJS = bench1.obj bench2.obj test.obj validat0.obj validat1.obj validat2.obj validat3.obj datatest.obj regtest.obj fipsalgt.obj dlltest.obj fipstest.obj
+TEST_OBJS = bench1.obj bench2.obj test.obj validat0.obj validat1.obj validat2.obj validat3.obj datatest.obj regtest1.obj regtest2.obj regtest3.obj fipsalgt.obj dlltest.obj fipstest.obj
 
 CXX = cl.exe
 LD = link.exe
diff --git a/cryptest.vcxproj b/cryptest.vcxproj
index 1c1d2504..39e0b4e4 100644
--- a/cryptest.vcxproj
+++ b/cryptest.vcxproj
@@ -199,7 +199,9 @@
     <ClCompile Include="datatest.cpp" />
     <ClCompile Include="dlltest.cpp" />
     <ClCompile Include="fipsalgt.cpp" />
-    <ClCompile Include="regtest.cpp" />
+    <ClCompile Include="regtest1.cpp" />
+    <ClCompile Include="regtest2.cpp" />
+    <ClCompile Include="regtest3.cpp" />
     <ClCompile Include="test.cpp" />
     <ClCompile Include="validat0.cpp" />
     <ClCompile Include="validat1.cpp" />
diff --git a/cryptest.vcxproj.filters b/cryptest.vcxproj.filters
index f4e800ec..1241089d 100644
--- a/cryptest.vcxproj.filters
+++ b/cryptest.vcxproj.filters
@@ -347,7 +347,13 @@
     <ClCompile Include="dlltest.cpp">
       <Filter>Source Code</Filter>
     </ClCompile>
-    <ClCompile Include="regtest.cpp">
+    <ClCompile Include="regtest1.cpp">
+      <Filter>Source Code</Filter>
+    </ClCompile>
+    <ClCompile Include="regtest2.cpp">
+      <Filter>Source Code</Filter>
+    </ClCompile>
+    <ClCompile Include="regtest3.cpp">
       <Filter>Source Code</Filter>
     </ClCompile>
     <ClCompile Include="test.cpp">
diff --git a/regtest1.cpp b/regtest1.cpp
new file mode 100644
index 00000000..e30ff353
--- /dev/null
+++ b/regtest1.cpp
@@ -0,0 +1,117 @@
+// regtest1.cpp - originally written and placed in the public domain by Wei Dai
+//                regtest.cpp split into 3 files due to OOM kills by JW in April 2017
+
+#define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1
+
+#include "cryptlib.h"
+#include "factory.h"
+#include "bench.h"
+#include "cpu.h"
+
+#include "crc.h"
+#include "adler32.h"
+#include "md2.h"
+#include "md5.h"
+#include "keccak.h"
+#include "sha3.h"
+#include "blake2.h"
+#include "sha.h"
+#include "tiger.h"
+#include "ripemd.h"
+#include "panama.h"
+#include "whrlpool.h"
+
+#include "osrng.h"
+#include "drbg.h"
+#include "mersenne.h"
+#include "rdrand.h"
+
+#include "modes.h"
+#include "aes.h"
+
+// Aggressive stack checking with VS2005 SP1 and above.
+#if (CRYPTOPP_MSC_VERSION >= 1410)
+# pragma strict_gs_check (on)
+#endif
+
+USING_NAMESPACE(CryptoPP)
+
+// Unkeyed ciphers
+void RegisterFactories1();
+// Shared key ciphers
+void RegisterFactories2();
+// Public key ciphers
+void RegisterFactories3();
+
+void RegisterFactories(Test::TestClass suites)
+{
+	static bool s_registered = false;
+	if (s_registered)
+		return;
+
+	if ((suites & Test::Unkeyed) == Test::Unkeyed)
+		RegisterFactories1();
+
+	if ((suites & Test::SharedKey) == Test::SharedKey)
+		RegisterFactories2();
+
+	if ((suites & Test::PublicKey) == Test::PublicKey)
+		RegisterFactories3();
+
+	s_registered = true;
+}
+
+// Unkeyed ciphers
+void RegisterFactories1()
+{
+	RegisterDefaultFactoryFor<HashTransformation, CRC32>();
+	RegisterDefaultFactoryFor<HashTransformation, CRC32C>();
+	RegisterDefaultFactoryFor<HashTransformation, Adler32>();
+	RegisterDefaultFactoryFor<HashTransformation, Weak::MD5>();
+	RegisterDefaultFactoryFor<HashTransformation, SHA1>();
+	RegisterDefaultFactoryFor<HashTransformation, SHA224>();
+	RegisterDefaultFactoryFor<HashTransformation, SHA256>();
+	RegisterDefaultFactoryFor<HashTransformation, SHA384>();
+	RegisterDefaultFactoryFor<HashTransformation, SHA512>();
+	RegisterDefaultFactoryFor<HashTransformation, Whirlpool>();
+	RegisterDefaultFactoryFor<HashTransformation, Tiger>();
+	RegisterDefaultFactoryFor<HashTransformation, RIPEMD160>();
+	RegisterDefaultFactoryFor<HashTransformation, RIPEMD320>();
+	RegisterDefaultFactoryFor<HashTransformation, RIPEMD128>();
+	RegisterDefaultFactoryFor<HashTransformation, RIPEMD256>();
+	RegisterDefaultFactoryFor<HashTransformation, Weak::PanamaHash<LittleEndian> >();
+	RegisterDefaultFactoryFor<HashTransformation, Weak::PanamaHash<BigEndian> >();
+	RegisterDefaultFactoryFor<HashTransformation, Keccak_224>();
+	RegisterDefaultFactoryFor<HashTransformation, Keccak_256>();
+	RegisterDefaultFactoryFor<HashTransformation, Keccak_384>();
+	RegisterDefaultFactoryFor<HashTransformation, Keccak_512>();
+	RegisterDefaultFactoryFor<HashTransformation, SHA3_224>();
+	RegisterDefaultFactoryFor<HashTransformation, SHA3_256>();
+	RegisterDefaultFactoryFor<HashTransformation, SHA3_384>();
+	RegisterDefaultFactoryFor<HashTransformation, SHA3_512>();
+	RegisterDefaultFactoryFor<HashTransformation, BLAKE2s>();
+	RegisterDefaultFactoryFor<HashTransformation, BLAKE2b>();
+
+#ifdef BLOCKING_RNG_AVAILABLE
+	RegisterDefaultFactoryFor<RandomNumberGenerator, BlockingRng>();
+#endif
+#ifdef NONBLOCKING_RNG_AVAILABLE
+	RegisterDefaultFactoryFor<RandomNumberGenerator, NonblockingRng>();
+#endif
+#ifdef OS_RNG_AVAILABLE
+	RegisterDefaultFactoryFor<RandomNumberGenerator, AutoSeededRandomPool>();
+	RegisterDefaultFactoryFor<RandomNumberGenerator, AutoSeededX917RNG<AES> >();
+#endif
+	RegisterDefaultFactoryFor<RandomNumberGenerator, MT19937>();
+#if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
+	if (HasRDRAND())
+		RegisterDefaultFactoryFor<RandomNumberGenerator, RDRAND>();
+	if (HasRDSEED())
+		RegisterDefaultFactoryFor<RandomNumberGenerator, RDSEED>();
+#endif
+	RegisterDefaultFactoryFor<RandomNumberGenerator, OFB_Mode<AES>::Encryption >("AES/OFB RNG");
+	RegisterDefaultFactoryFor<NIST_DRBG, Hash_DRBG<SHA1> >("Hash_DRBG(SHA1)");
+	RegisterDefaultFactoryFor<NIST_DRBG, Hash_DRBG<SHA256> >("Hash_DRBG(SHA256)");
+	RegisterDefaultFactoryFor<NIST_DRBG, HMAC_DRBG<SHA1> >("HMAC_DRBG(SHA1)");
+	RegisterDefaultFactoryFor<NIST_DRBG, HMAC_DRBG<SHA256> >("HMAC_DRBG(SHA256)");
+}
diff --git a/regtest.cpp b/regtest2.cpp
similarity index 54%
rename from regtest.cpp
rename to regtest2.cpp
index 95b72790..d2550141 100644
--- a/regtest.cpp
+++ b/regtest2.cpp
@@ -1,34 +1,25 @@
-// regtest.cpp - originally written and placed in the public domain by Wei Dai
+// regtest1.cpp - originally written and placed in the public domain by Wei Dai
+//                regtest.cpp split into 3 files due to OOM kills by JW in April 2017
 
 #define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1
 
 #include "cryptlib.h"
 #include "factory.h"
+#include "bench.h"
 #include "cpu.h"
+
 #include "modes.h"
-#include "dh.h"
-#include "esign.h"
-#include "md2.h"
-#include "rw.h"
-#include "md5.h"
-#include "rsa.h"
-#include "ripemd.h"
-#include "dsa.h"
 #include "seal.h"
-#include "whrlpool.h"
 #include "ttmac.h"
 #include "aria.h"
 #include "camellia.h"
 #include "shacal2.h"
 #include "tea.h"
-#include "panama.h"
-#include "pssr.h"
 #include "aes.h"
 #include "salsa.h"
 #include "chacha.h"
 #include "vmac.h"
 #include "tiger.h"
-#include "md5.h"
 #include "sosemanuk.h"
 #include "arc4.h"
 #include "ccm.h"
@@ -50,19 +41,19 @@
 #include "seed.h"
 #include "wake.h"
 #include "seal.h"
-#include "crc.h"
-#include "adler32.h"
+#include "hkdf.h"
+
+// For HMAC's
+#include "md5.h"
 #include "keccak.h"
+#include "sha.h"
 #include "sha3.h"
 #include "blake2.h"
+#include "ripemd.h"
 #include "poly1305.h"
-#include "hkdf.h"
 #include "siphash.h"
-
-#include "osrng.h"
-#include "drbg.h"
-#include "mersenne.h"
-#include "rdrand.h"
+#include "whrlpool.h"
+#include "panama.h"
 
 // Aggressive stack checking with VS2005 SP1 and above.
 #if (CRYPTOPP_MSC_VERSION >= 1410)
@@ -71,40 +62,9 @@
 
 USING_NAMESPACE(CryptoPP)
 
-void RegisterFactories()
+// Shared key ciphers
+void RegisterFactories2()
 {
-	static bool s_registered = false;
-	if (s_registered)
-		return;
-
-	RegisterDefaultFactoryFor<SimpleKeyAgreementDomain, DH>();
-	RegisterDefaultFactoryFor<HashTransformation, CRC32>();
-	RegisterDefaultFactoryFor<HashTransformation, CRC32C>();
-	RegisterDefaultFactoryFor<HashTransformation, Adler32>();
-	RegisterDefaultFactoryFor<HashTransformation, Weak::MD5>();
-	RegisterDefaultFactoryFor<HashTransformation, SHA1>();
-	RegisterDefaultFactoryFor<HashTransformation, SHA224>();
-	RegisterDefaultFactoryFor<HashTransformation, SHA256>();
-	RegisterDefaultFactoryFor<HashTransformation, SHA384>();
-	RegisterDefaultFactoryFor<HashTransformation, SHA512>();
-	RegisterDefaultFactoryFor<HashTransformation, Whirlpool>();
-	RegisterDefaultFactoryFor<HashTransformation, Tiger>();
-	RegisterDefaultFactoryFor<HashTransformation, RIPEMD160>();
-	RegisterDefaultFactoryFor<HashTransformation, RIPEMD320>();
-	RegisterDefaultFactoryFor<HashTransformation, RIPEMD128>();
-	RegisterDefaultFactoryFor<HashTransformation, RIPEMD256>();
-	RegisterDefaultFactoryFor<HashTransformation, Weak::PanamaHash<LittleEndian> >();
-	RegisterDefaultFactoryFor<HashTransformation, Weak::PanamaHash<BigEndian> >();
-	RegisterDefaultFactoryFor<HashTransformation, Keccak_224>();
-	RegisterDefaultFactoryFor<HashTransformation, Keccak_256>();
-	RegisterDefaultFactoryFor<HashTransformation, Keccak_384>();
-	RegisterDefaultFactoryFor<HashTransformation, Keccak_512>();
-	RegisterDefaultFactoryFor<HashTransformation, SHA3_224>();
-	RegisterDefaultFactoryFor<HashTransformation, SHA3_256>();
-	RegisterDefaultFactoryFor<HashTransformation, SHA3_384>();
-	RegisterDefaultFactoryFor<HashTransformation, SHA3_512>();
-	RegisterDefaultFactoryFor<HashTransformation, BLAKE2s>();
-	RegisterDefaultFactoryFor<HashTransformation, BLAKE2b>();
 	RegisterDefaultFactoryFor<MessageAuthenticationCode, HMAC<Weak::MD5> >();
 	RegisterDefaultFactoryFor<MessageAuthenticationCode, HMAC<SHA1> >();
 	RegisterDefaultFactoryFor<MessageAuthenticationCode, HMAC<RIPEMD160> >();
@@ -125,25 +85,7 @@ void RegisterFactories()
 	RegisterDefaultFactoryFor<MessageAuthenticationCode, BLAKE2b>();
 	RegisterDefaultFactoryFor<MessageAuthenticationCode, SipHash<2,4> >();
 	RegisterDefaultFactoryFor<MessageAuthenticationCode, SipHash<4,8> >();
-	RegisterAsymmetricCipherDefaultFactories<RSAES<OAEP<SHA1> > >("RSA/OAEP-MGF1(SHA-1)");
-	RegisterAsymmetricCipherDefaultFactories<DLIES<> >("DLIES(NoCofactorMultiplication, KDF2(SHA-1), XOR, HMAC(SHA-1), DHAES)");
-	RegisterSignatureSchemeDefaultFactories<DSA>();
-	RegisterSignatureSchemeDefaultFactories<DSA2<SHA224> >();
-	RegisterSignatureSchemeDefaultFactories<DSA2<SHA256> >();
-	RegisterSignatureSchemeDefaultFactories<DSA2<SHA384> >();
-	RegisterSignatureSchemeDefaultFactories<DSA2<SHA512> >();
-	RegisterSignatureSchemeDefaultFactories<DSA_RFC6979<SHA1> >();
-	RegisterSignatureSchemeDefaultFactories<DSA_RFC6979<SHA224> >();
-	RegisterSignatureSchemeDefaultFactories<DSA_RFC6979<SHA256> >();
-	RegisterSignatureSchemeDefaultFactories<DSA_RFC6979<SHA384> >();
-	RegisterSignatureSchemeDefaultFactories<DSA_RFC6979<SHA512> >();
-	RegisterSignatureSchemeDefaultFactories<NR<SHA1> >("NR(1363)/EMSA1(SHA-1)");
-	RegisterSignatureSchemeDefaultFactories<GDSA<SHA1> >("DSA-1363/EMSA1(SHA-1)");
-	RegisterSignatureSchemeDefaultFactories<RSASS<PKCS1v15, Weak::MD2> >("RSA/PKCS1-1.5(MD2)");
-	RegisterSignatureSchemeDefaultFactories<RSASS<PKCS1v15, SHA1> >("RSA/PKCS1-1.5(SHA-1)");
-	RegisterSignatureSchemeDefaultFactories<ESIGN<SHA1> >("ESIGN/EMSA5-MGF1(SHA-1)");
-	RegisterSignatureSchemeDefaultFactories<RWSS<P1363_EMSA2, SHA1> >("RW/EMSA2(SHA-1)");
-	RegisterSignatureSchemeDefaultFactories<RSASS<PSS, SHA1> >("RSA/PSS-MGF1(SHA-1)");
+
 	RegisterSymmetricCipherDefaultFactories<SEAL<> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SHACAL2> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<ARIA> >();
@@ -192,33 +134,9 @@ void RegisterFactories()
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Blowfish> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SEED> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<SEED> >();
+
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA1> >();
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA256> >();
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA512> >();
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<Whirlpool> >();
-
-#ifdef BLOCKING_RNG_AVAILABLE
-	RegisterDefaultFactoryFor<RandomNumberGenerator, BlockingRng>();
-#endif
-#ifdef NONBLOCKING_RNG_AVAILABLE
-	RegisterDefaultFactoryFor<RandomNumberGenerator, NonblockingRng>();
-#endif
-#ifdef OS_RNG_AVAILABLE
-	RegisterDefaultFactoryFor<RandomNumberGenerator, AutoSeededRandomPool>();
-	RegisterDefaultFactoryFor<RandomNumberGenerator, AutoSeededX917RNG<AES> >();
-#endif
-	RegisterDefaultFactoryFor<RandomNumberGenerator, MT19937>();
-#if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
-	if (HasRDRAND())
-		RegisterDefaultFactoryFor<RandomNumberGenerator, RDRAND>();
-	if (HasRDSEED())
-		RegisterDefaultFactoryFor<RandomNumberGenerator, RDSEED>();
-#endif
-	RegisterDefaultFactoryFor<RandomNumberGenerator, OFB_Mode<AES>::Encryption >("AES/OFB RNG");
-	RegisterDefaultFactoryFor<NIST_DRBG, Hash_DRBG<SHA1> >("Hash_DRBG(SHA1)");
-	RegisterDefaultFactoryFor<NIST_DRBG, Hash_DRBG<SHA256> >("Hash_DRBG(SHA256)");
-	RegisterDefaultFactoryFor<NIST_DRBG, HMAC_DRBG<SHA1> >("HMAC_DRBG(SHA1)");
-	RegisterDefaultFactoryFor<NIST_DRBG, HMAC_DRBG<SHA256> >("HMAC_DRBG(SHA256)");
-
-	s_registered = true;
 }
diff --git a/regtest3.cpp b/regtest3.cpp
new file mode 100644
index 00000000..5e66f3bb
--- /dev/null
+++ b/regtest3.cpp
@@ -0,0 +1,53 @@
+// regtest.cpp - originally written and placed in the public domain by Wei Dai
+//                regtest.cpp split into 3 files due to OOM kills by JW in April 2017
+
+#define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1
+
+#include "cryptlib.h"
+#include "factory.h"
+#include "bench.h"
+#include "cpu.h"
+
+#include "dh.h"
+#include "nr.h"
+#include "rw.h"
+#include "rsa.h"
+#include "dsa.h"
+#include "pssr.h"
+#include "esign.h"
+
+// Hashes
+#include "md2.h"
+#include "md5.h"
+#include "sha.h"
+
+// Aggressive stack checking with VS2005 SP1 and above.
+#if (CRYPTOPP_MSC_VERSION >= 1410)
+# pragma strict_gs_check (on)
+#endif
+
+USING_NAMESPACE(CryptoPP)
+
+void RegisterFactories3()
+{
+	RegisterDefaultFactoryFor<SimpleKeyAgreementDomain, DH>();
+	RegisterAsymmetricCipherDefaultFactories<RSAES<OAEP<SHA1> > >("RSA/OAEP-MGF1(SHA-1)");
+	RegisterAsymmetricCipherDefaultFactories<DLIES<> >("DLIES(NoCofactorMultiplication, KDF2(SHA-1), XOR, HMAC(SHA-1), DHAES)");
+	RegisterSignatureSchemeDefaultFactories<DSA>();
+	RegisterSignatureSchemeDefaultFactories<DSA2<SHA224> >();
+	RegisterSignatureSchemeDefaultFactories<DSA2<SHA256> >();
+	RegisterSignatureSchemeDefaultFactories<DSA2<SHA384> >();
+	RegisterSignatureSchemeDefaultFactories<DSA2<SHA512> >();
+	RegisterSignatureSchemeDefaultFactories<DSA_RFC6979<SHA1> >();
+	RegisterSignatureSchemeDefaultFactories<DSA_RFC6979<SHA224> >();
+	RegisterSignatureSchemeDefaultFactories<DSA_RFC6979<SHA256> >();
+	RegisterSignatureSchemeDefaultFactories<DSA_RFC6979<SHA384> >();
+	RegisterSignatureSchemeDefaultFactories<DSA_RFC6979<SHA512> >();
+	RegisterSignatureSchemeDefaultFactories<NR<SHA1> >("NR(1363)/EMSA1(SHA-1)");
+	RegisterSignatureSchemeDefaultFactories<GDSA<SHA1> >("DSA-1363/EMSA1(SHA-1)");
+	RegisterSignatureSchemeDefaultFactories<RSASS<PKCS1v15, Weak::MD2> >("RSA/PKCS1-1.5(MD2)");
+	RegisterSignatureSchemeDefaultFactories<RSASS<PKCS1v15, SHA1> >("RSA/PKCS1-1.5(SHA-1)");
+	RegisterSignatureSchemeDefaultFactories<ESIGN<SHA1> >("ESIGN/EMSA5-MGF1(SHA-1)");
+	RegisterSignatureSchemeDefaultFactories<RWSS<P1363_EMSA2, SHA1> >("RW/EMSA2(SHA-1)");
+	RegisterSignatureSchemeDefaultFactories<RSASS<PSS, SHA1> >("RSA/PSS-MGF1(SHA-1)");
+}
diff --git a/test.cpp b/test.cpp
index 45e3ed4d..02753371 100644
--- a/test.cpp
+++ b/test.cpp
@@ -71,7 +71,7 @@ USING_NAMESPACE(CryptoPP)
 
 const int MAX_PHRASE_LENGTH=250;
 
-void RegisterFactories();
+void RegisterFactories(Test::TestClass suites);
 void PrintSeedAndThreads(const std::string& seed);
 
 void GenerateRSAKey(unsigned int keyLength, const char *privFilename, const char *pubFilename, const char *seed);
@@ -187,7 +187,7 @@ int CRYPTOPP_API main(int argc, char *argv[])
 
 	try
 	{
-		RegisterFactories();
+		RegisterFactories(Test::All);
 
 		// Some editors have problems with the '\0' character when redirecting output.
 		std::string seed = IntToString(time(NULLPTR));
@@ -405,13 +405,13 @@ int CRYPTOPP_API main(int argc, char *argv[])
 		else if (command == "v" || command == "vv")
 			return !Validate(argc>2 ? Test::StringToValue<int, true>(argv[2]) : 0, argv[1][1] == 'v', argc>3 ? argv[3] : NULLPTR);
 		else if (command == "b")  // All benchmarks
-			Test::Benchmark(7, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
+			Test::Benchmark(Test::All, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
 		else if (command == "b3")  // Public key algorithms
-			Test::Benchmark(4, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
+			Test::Benchmark(Test::PublicKey, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
 		else if (command == "b2")  // Shared key algorithms
-			Test::Benchmark(2, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
+			Test::Benchmark(Test::SharedKey, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
 		else if (command == "b1")  // Unkeyed algorithms
-			Test::Benchmark(1, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
+			Test::Benchmark(Test::Unkeyed, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
 		else if (command == "z")
 			GzipFile(argv[3], argv[4], argv[2][0]-'0');
 		else if (command == "u")

From cf160e91c4e919d9a7af9f5e666ecc3187db85ff Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 13 Apr 2017 23:13:07 -0400
Subject: [PATCH 026/200] Added comments on using InformationDisperseFile and
 SecretShareFile This is based on feedback from
 https://groups.google.com/forum/#\!topic/cryptopp-users/XEKKLCEFH3Y

---
 test.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/test.cpp b/test.cpp
index 02753371..e41a49e3 100644
--- a/test.cpp
+++ b/test.cpp
@@ -666,6 +666,8 @@ void SecretShareFile(int threshold, int nShares, const char *filename, const cha
 	ChannelSwitch *channelSwitch = NULLPTR;
 	FileSource source(filename, false, new SecretSharing(rng, threshold, nShares, channelSwitch = new ChannelSwitch));
 
+	// Be careful of the type of Sink used. An ArraySink will stop writing data once the array
+	//    is full. Also see http://groups.google.com/forum/#!topic/cryptopp-users/XEKKLCEFH3Y.
 	vector_member_ptrs<FileSink> fileSinks(nShares);
 	std::string channel;
 	for (int i=0; i<nShares; i++)
@@ -720,6 +722,8 @@ void InformationDisperseFile(int threshold, int nShares, const char *filename)
 	ChannelSwitch *channelSwitch = NULLPTR;
 	FileSource source(filename, false, new InformationDispersal(threshold, nShares, channelSwitch = new ChannelSwitch));
 
+	// Be careful of the type of Sink used. An ArraySink will stop writing data once the array
+	//    is full. Also see http://groups.google.com/forum/#!topic/cryptopp-users/XEKKLCEFH3Y.
 	vector_member_ptrs<FileSink> fileSinks(nShares);
 	std::string channel;
 	for (int i=0; i<nShares; i++)

From b081f7c634f831dbfba7256bcb997f2afb9885b9 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 14 Apr 2017 06:24:54 -0400
Subject: [PATCH 027/200] Use full S1 table for timing attack counter measures
 Change stride to cache line size divided by word size based on Yun's 32-bit
 word implementation

---
 aria.cpp | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index 24865b8f..052225da 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -25,11 +25,10 @@
 # define CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS 1
 #endif
 
-#if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS && (CRYPTOPP_MSC_VERSION || (defined(CRYPTOPP_GCC_VERSION) && CRYPTOPP_GCC_VERSION < 50000))
+#if CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE && (CRYPTOPP_MSC_VERSION || (defined(CRYPTOPP_GCC_VERSION) && CRYPTOPP_GCC_VERSION < 50000))
 # define CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS 1
 #endif
 
-
 ANONYMOUS_NAMESPACE_BEGIN
 
 CRYPTOPP_ALIGN_DATA(16)
@@ -195,7 +194,7 @@ inline word32 ReverseWord(const word32 w) {
 	return ByteReverse(w);
 }
 
-// Retireve the i-th word, optionally in Big Endian
+// Retrieve the i-th word, optionally in Big Endian
 template <bool big_endian>
 inline word32 LoadWord(const word32 x[4], const unsigned int i) {
 	if (big_endian)
@@ -204,7 +203,7 @@ inline word32 LoadWord(const word32 x[4], const unsigned int i) {
 		return x[i];
 }
 
-// Reinterpret x as a word32[], and retireve the i-th word, optionally in Big Endian
+// Reinterpret x as a word32[], and retrieve the i-th word, optionally in Big Endian
 template <bool big_endian>
 inline word32 LoadWord(const byte x[16], const unsigned int i) {
 	if (big_endian)
@@ -641,18 +640,15 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	word32 *t = const_cast<word32*>(m_w.data()+20);
 
 	// Timing attack countermeasure. See comments in Rijndael for more details.
-	// We used Yun's 32-bit implementation, so we don't want to walk elements.
-	// In this case, we still want the byte oriented pointer to induce the flush.
+	// We used Yun's 32-bit implementation, so we use words rather than bytes.
 	const int cacheLineSize = GetCacheLineSize();
-	const byte *p = reinterpret_cast<const byte*>(S1);
 	unsigned int i;
 	volatile word32 _u = 0;
 	word32 u = _u;
 
-	for (i=0; i<256; i+=cacheLineSize)
-		u &= *(const word32 *)(void*)(p+i);
-	u &= *(const word32 *)(void*)(p+252);
-	t[0] |= u; t[1] |= u;
+	for (i=0; i<COUNTOF(S1); i+=cacheLineSize/(sizeof(S1[0])))
+		u |= *(S1+i);
+	t[0] |= u;
 
 #if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
 	if (HasSSSE3())

From 163f8febe6742f289d9cd1e2aaeb11f06a541dd4 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 14 Apr 2017 07:19:04 -0400
Subject: [PATCH 028/200] Fix comment

---
 regtest2.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/regtest2.cpp b/regtest2.cpp
index d2550141..72cbe909 100644
--- a/regtest2.cpp
+++ b/regtest2.cpp
@@ -1,4 +1,4 @@
-// regtest1.cpp - originally written and placed in the public domain by Wei Dai
+// regtest2.cpp - originally written and placed in the public domain by Wei Dai
 //                regtest.cpp split into 3 files due to OOM kills by JW in April 2017
 
 #define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1

From 556e3610e875c985da34308c7886ca850f51a909 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 15 Apr 2017 02:36:03 -0400
Subject: [PATCH 029/200] Add CopyCryptestToRoot target Also see
 https://www.cryptopp.com/wiki/MSBuild_(Command_Line)#CopyCryptestToRoot

---
 cryptest.vcxproj | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/cryptest.vcxproj b/cryptest.vcxproj
index 39e0b4e4..33e1a553 100644
--- a/cryptest.vcxproj
+++ b/cryptest.vcxproj
@@ -191,6 +191,13 @@
     </PreBuildEvent>
   </ItemDefinitionGroup>
 
+  <!-- Target for Appvoyer                           -->
+  <!-- The rule copies cryptest.exe to the project   -->
+  <!-- root directory so it can be executed in place -->
+  <Target Name="CopyCryptestToRoot">
+    <Exec Command="copy $(Platform)\Output\$(Configuration)\cryptest.exe ."/>
+  </Target>
+
   <!-- Source Files -->
   <ItemGroup>
     <ClCompile Include="adhoc.cpp" />

From c0d6f3882b15667b7f79b6ae7633a58def022321 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 15 Apr 2017 02:54:35 -0400
Subject: [PATCH 030/200] Add Appveyor configuration file

---
 .appveyor.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 .appveyor.yml

diff --git a/.appveyor.yml b/.appveyor.yml
new file mode 100644
index 00000000..4d430eda
--- /dev/null
+++ b/.appveyor.yml
@@ -0,0 +1,18 @@
+# Appveyor's documentation is at https://www.appveyor.com/docs/build-phase/,
+#  and a sample configuration file is at https://www.appveyor.com/docs/appveyor-yml/.
+#  I have to admit its a bit complex and I don't fully understand it.
+
+version: 1.0.{build}
+
+build:
+
+  project: cryptest.sln
+  verbosity: minimal
+
+test_script:
+
+- cmd: >-
+
+    msbuild /t:CopyCryptestToRoot cryptest.vcxproj
+    cryptest.exe v
+    cryptest.exe tv all

From 1ace49049a7ae820fd0752eed1ac34f4f6cc9942 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 15 Apr 2017 03:12:08 -0400
Subject: [PATCH 031/200] Add clone depth to Appveyor

---
 .appveyor.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.appveyor.yml b/.appveyor.yml
index 4d430eda..01e8ae97 100644
--- a/.appveyor.yml
+++ b/.appveyor.yml
@@ -3,6 +3,7 @@
 #  I have to admit its a bit complex and I don't fully understand it.
 
 version: 1.0.{build}
+clone_depth: 3
 
 build:
 

From 424bd710acf4806102b6bf6048ea6d693ee78447 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 15 Apr 2017 04:15:06 -0400
Subject: [PATCH 032/200] Add Configuration and Platform information

---
 .appveyor.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.appveyor.yml b/.appveyor.yml
index 01e8ae97..95c8a597 100644
--- a/.appveyor.yml
+++ b/.appveyor.yml
@@ -5,6 +5,16 @@
 version: 1.0.{build}
 clone_depth: 3
 
+configuration:
+
+- Debug
+- Release
+
+platform:
+
+- Win32
+- Win64
+
 build:
 
   project: cryptest.sln

From 2fba69fb16898760a45b96e65d3f344229f4187b Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 15 Apr 2017 04:22:26 -0400
Subject: [PATCH 033/200] Add whitespace to test_script cmd Without the
 additional CRLF, Appveyor dies with on the command . The odd thing is, YAML
 validated OK.

---
 .appveyor.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.appveyor.yml b/.appveyor.yml
index 95c8a597..03013cd3 100644
--- a/.appveyor.yml
+++ b/.appveyor.yml
@@ -25,5 +25,7 @@ test_script:
 - cmd: >-
 
     msbuild /t:CopyCryptestToRoot cryptest.vcxproj
+	
     cryptest.exe v
+	
     cryptest.exe tv all

From 922568864e65c671b0f572a1434c85576a6e7be8 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 15 Apr 2017 04:26:19 -0400
Subject: [PATCH 034/200] Convert tab to space for .appveyor.yml The
 configuration validated but the test build died

---
 .appveyor.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.appveyor.yml b/.appveyor.yml
index 03013cd3..8d6acf19 100644
--- a/.appveyor.yml
+++ b/.appveyor.yml
@@ -25,7 +25,7 @@ test_script:
 - cmd: >-
 
     msbuild /t:CopyCryptestToRoot cryptest.vcxproj
-	
+    
     cryptest.exe v
-	
+    
     cryptest.exe tv all

From 5e27404a156893678870a0844e09dc421d5e31ed Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 15 Apr 2017 08:49:00 -0400
Subject: [PATCH 035/200] Add missing sha2 and sha3 test file names sha2.txt
 and sha3.txt are just collections of other files, so they don't take up much
 space.

This commit stens from and exception when running 'cryptest.exe tv sha2' and  'cryptest.exe tv sha3'. Its not obvious the name of the file to be run sha2_224_fips_180.txt. Users should not have to hunt for the reason sha2 and sha3 do not work.
---
 TestVectors/sha2.txt     | 6 ++++++
 TestVectors/sha3.txt     | 6 ++++++
 cryptest.vcxproj         | 1 +
 cryptest.vcxproj.filters | 6 ++++++
 4 files changed, 19 insertions(+)
 create mode 100644 TestVectors/sha2.txt
 create mode 100644 TestVectors/sha3.txt

diff --git a/TestVectors/sha2.txt b/TestVectors/sha2.txt
new file mode 100644
index 00000000..0348265d
--- /dev/null
+++ b/TestVectors/sha2.txt
@@ -0,0 +1,6 @@
+AlgorithmType: FileList
+Name: SHA2 FIPS 180 collection
+Test: TestVectors/sha2_224_fips_180.txt
+Test: TestVectors/sha2_256_fips_180.txt
+Test: TestVectors/sha2_384_fips_180.txt
+Test: TestVectors/sha2_512_fips_180.txt
diff --git a/TestVectors/sha3.txt b/TestVectors/sha3.txt
new file mode 100644
index 00000000..fa6259bb
--- /dev/null
+++ b/TestVectors/sha3.txt
@@ -0,0 +1,6 @@
+AlgorithmType: FileList
+Name: SHA3 FIPS 202 collection
+Test: TestVectors/sha3_224_fips_202.txt
+Test: TestVectors/sha3_256_fips_202.txt
+Test: TestVectors/sha3_384_fips_202.txt
+Test: TestVectors/sha3_512_fips_202.txt
diff --git a/cryptest.vcxproj b/cryptest.vcxproj
index 33e1a553..adc836df 100644
--- a/cryptest.vcxproj
+++ b/cryptest.vcxproj
@@ -256,6 +256,7 @@
     <None Include="TestVectors\seal.txt" />
     <None Include="TestVectors\seed.txt" />
     <None Include="TestVectors\sha.txt" />
+    <None Include="TestVectors\sha2.txt" />
     <None Include="TestVectors\sha3.txt" />
     <None Include="TestVectors\shacal2.txt" />
     <None Include="TestVectors\siphash.txt" />
diff --git a/cryptest.vcxproj.filters b/cryptest.vcxproj.filters
index 1241089d..5adb263b 100644
--- a/cryptest.vcxproj.filters
+++ b/cryptest.vcxproj.filters
@@ -111,6 +111,12 @@
     <None Include="TestVectors\sha.txt">
       <Filter>TestVectors</Filter>
     </None>
+    <None Include="TestVectors\sha2.txt">
+      <Filter>TestVectors</Filter>
+    </None>
+    <None Include="TestVectors\sha3.txt">
+      <Filter>TestVectors</Filter>
+    </None>
     <None Include="TestVectors\sha3.txt">
       <Filter>TestVectors</Filter>
     </None>

From 106106813a40048abd59c321f543769183295510 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 15 Apr 2017 08:50:03 -0400
Subject: [PATCH 036/200] Add missing sha2 and sha3 test file names sha2.txt
 and sha3.txt are just collections of other files, so they don't take up much
 space.

This commit stens from and exception when running 'cryptest.exe tv sha2' and  'cryptest.exe tv sha3'. Its not obvious the name of the file to be run sha2_224_fips_180.txt. Users should not have to hunt for the reason sha2 and sha3 do not work.
---
 Filelist.txt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Filelist.txt b/Filelist.txt
index a279262a..51545c04 100644
--- a/Filelist.txt
+++ b/Filelist.txt
@@ -417,6 +417,8 @@ TestVectors/salsa.txt
 TestVectors/seal.txt
 TestVectors/seed.txt
 TestVectors/sha.txt
+TestVectors/sha2.txt
+TestVectors/sha3.txt
 TestVectors/sha1_fips_180.txt
 TestVectors/sha1_160_fips_180.txt
 TestVectors/sha2_fips_180.txt

From 83a87cb4df8edf9c608a5c4e6ffdddb1167b8f54 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 15 Apr 2017 09:03:22 -0400
Subject: [PATCH 037/200] Group DSA-RFC6979 tests together by hash value

Previously, all 1024-bit tests were run, and then 2048-bit tests were run. Splitting them meant there were two entries for DSA-RFC6979/SHA-1, two entries for DSA-RFC6979/SHA-256 and so on. Now there will be one entry output during testing.
---
 TestVectors/dsa_rfc6979.txt | 409 ++++++++++++++++++------------------
 cryptest.vcxproj.filters    |   3 -
 2 files changed, 205 insertions(+), 207 deletions(-)

diff --git a/TestVectors/dsa_rfc6979.txt b/TestVectors/dsa_rfc6979.txt
index ed9ac8ac..d6de771a 100644
--- a/TestVectors/dsa_rfc6979.txt
+++ b/TestVectors/dsa_rfc6979.txt
@@ -51,210 +51,6 @@ Message: 74657374
 Signature: 42AB2052FD43E123F0607F115052A67DCD9C5C77183916B0230D45B9931491D4C6B0BD2FB4AAF088
 Test: DeterministicSign
 
-AlgorithmType: Signature
-Name: DSA-RFC6979/SHA-224
-Source: RFC 6979
-Comment: Section A.2.1. DSA, 1024 Bits, SHA-224
-KeyFormat: Component
-Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
-         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
-         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
-         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
-SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
-SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
-                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
-                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
-                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
-PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
-               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
-               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
-               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
-Message: 73616D706C65
-Signature: 4BC3B686AEA70145856814A6F1BB53346F02101E410697B92295D994D21EDD2F4ADA85566F6F94C1
-Test: Verify
-Message: 74657374
-Signature: 6868E9964E36C1689F6037F91F28D5F2C30610F249CEC3ACDC83018C5BD2674ECAAD35B8CD22940F
-Test: Verify
-
-AlgorithmType: Signature
-Name: DSA-RFC6979/SHA-224
-Source: RFC 6979
-Comment: Section A.2.1. DSA, 1024 Bits, SHA-224
-KeyFormat: Component
-Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
-         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
-         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
-         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
-SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
-SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
-                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
-                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
-                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
-PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
-               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
-               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
-               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
-PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
-Message: 73616D706C65
-Signature: 4BC3B686AEA70145856814A6F1BB53346F02101E410697B92295D994D21EDD2F4ADA85566F6F94C1
-Test: DeterministicSign
-Message: 74657374
-Signature: 6868E9964E36C1689F6037F91F28D5F2C30610F249CEC3ACDC83018C5BD2674ECAAD35B8CD22940F
-Test: DeterministicSign
-
-AlgorithmType: Signature
-Name: DSA-RFC6979/SHA-256
-Source: RFC 6979
-Comment: Section A.2.1. DSA, 1024 Bits, SHA-256
-KeyFormat: Component
-Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
-         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
-         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
-         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
-SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
-SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
-                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
-                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
-                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
-PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
-               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
-               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
-               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
-Message: 73616D706C65
-Signature: 81F2F5850BE5BC123C43F71A3033E9384611C5454CDD914B65EB6C66A8AAAD27299BEE6B035F5E89
-Test: Verify
-Message: 74657374
-Signature: 22518C127299B0F6FDC9872B282B9E70D07908126837EC18F150D55DE95B5E29BE7AF5D01E4FE160
-Test: Verify
-
-AlgorithmType: Signature
-Name: DSA-RFC6979/SHA-256
-Source: RFC 6979
-Comment: Section A.2.1. DSA, 1024 Bits, SHA-256
-KeyFormat: Component
-Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
-         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
-         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
-         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
-SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
-SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
-                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
-                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
-                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
-PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
-               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
-               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
-               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
-PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
-Message: 73616D706C65
-Signature: 81F2F5850BE5BC123C43F71A3033E9384611C5454CDD914B65EB6C66A8AAAD27299BEE6B035F5E89
-Test: DeterministicSign
-Message: 74657374
-Signature: 22518C127299B0F6FDC9872B282B9E70D07908126837EC18F150D55DE95B5E29BE7AF5D01E4FE160
-Test: DeterministicSign
-
-AlgorithmType: Signature
-Name: DSA-RFC6979/SHA-384
-Source: RFC 6979
-Comment: Section A.2.1. DSA, 1024 Bits, SHA-384
-KeyFormat: Component
-Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
-         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
-         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
-         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
-SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
-SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
-                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
-                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
-                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
-PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
-               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
-               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
-               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
-Message: 73616D706C65
-Signature: 07F2108557EE0E3921BC1774F1CA9B410B4CE65A54DF70456C86FAC10FAB47C1949AB83F2C6F7595
-Test: Verify
-Message: 74657374
-Signature: 854CF929B58D73C3CBFDC421E8D5430CD6DB5E6691D0E0F53E22F898D158380676A871A157CDA622
-Test: Verify
-
-AlgorithmType: Signature
-Name: DSA-RFC6979/SHA-384
-Source: RFC 6979
-Comment: Section A.2.1. DSA, 1024 Bits, SHA-384
-KeyFormat: Component
-Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
-         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
-         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
-         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
-SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
-SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
-                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
-                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
-                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
-PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
-               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
-               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
-               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
-PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
-Message: 73616D706C65
-Signature: 07F2108557EE0E3921BC1774F1CA9B410B4CE65A54DF70456C86FAC10FAB47C1949AB83F2C6F7595
-Test: DeterministicSign
-Message: 74657374
-Signature: 854CF929B58D73C3CBFDC421E8D5430CD6DB5E6691D0E0F53E22F898D158380676A871A157CDA622
-Test: DeterministicSign
-
-AlgorithmType: Signature
-Name: DSA-RFC6979/SHA-512
-Source: RFC 6979
-Comment: Section A.2.1. DSA, 1024 Bits, SHA-512
-KeyFormat: Component
-Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
-         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
-         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
-         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
-SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
-SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
-                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
-                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
-                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
-PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
-               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
-               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
-               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
-Message: 73616D706C65
-Signature: 16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B02C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C
-Test: Verify
-Message: 74657374
-Signature: 8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A07C670C7AD72B6C050C109E1790008097125433E8
-Test: Verify
-
-AlgorithmType: Signature
-Name: DSA-RFC6979/SHA-512
-Source: RFC 6979
-Comment: Section A.2.1. DSA, 1024 Bits, SHA-512
-KeyFormat: Component
-Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
-         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
-         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
-         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
-SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
-SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
-                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
-                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
-                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
-PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
-               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
-               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
-               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
-PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
-Message: 73616D706C65
-Signature: 16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B02C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C
-Test: DeterministicSign
-Message: 74657374
-Signature: 8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A07C670C7AD72B6C050C109E1790008097125433E8
-Test: DeterministicSign
-
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-1
 Source: RFC 6979
@@ -336,6 +132,57 @@ Signature: C18270A93CFC6063F57A4DFA86024F700D980E4CF4E2CB65A504397273D98EA0\
            414F22E5F31A8B6D33295C7539C1C1BA3A6160D7D68D50AC0D3A5BEAC2884FAA
 Test: DeterministicSign
 
+AlgorithmType: Signature
+Name: DSA-RFC6979/SHA-224
+Source: RFC 6979
+Comment: Section A.2.1. DSA, 1024 Bits, SHA-224
+KeyFormat: Component
+Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
+         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
+         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
+         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
+SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
+SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
+                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
+                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
+                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
+PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
+               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
+               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
+               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
+Message: 73616D706C65
+Signature: 4BC3B686AEA70145856814A6F1BB53346F02101E410697B92295D994D21EDD2F4ADA85566F6F94C1
+Test: Verify
+Message: 74657374
+Signature: 6868E9964E36C1689F6037F91F28D5F2C30610F249CEC3ACDC83018C5BD2674ECAAD35B8CD22940F
+Test: Verify
+
+AlgorithmType: Signature
+Name: DSA-RFC6979/SHA-224
+Source: RFC 6979
+Comment: Section A.2.1. DSA, 1024 Bits, SHA-224
+KeyFormat: Component
+Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
+         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
+         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
+         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
+SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
+SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
+                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
+                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
+                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
+PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
+               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
+               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
+               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
+PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
+Message: 73616D706C65
+Signature: 4BC3B686AEA70145856814A6F1BB53346F02101E410697B92295D994D21EDD2F4ADA85566F6F94C1
+Test: DeterministicSign
+Message: 74657374
+Signature: 6868E9964E36C1689F6037F91F28D5F2C30610F249CEC3ACDC83018C5BD2674ECAAD35B8CD22940F
+Test: DeterministicSign
+
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-224
 Source: RFC 6979
@@ -417,6 +264,58 @@ Signature: 272ABA31572F6CC55E30BF616B7A265312018DD325BE031BE0CC82AA17870EA3\
            E9CC286A52CCE201586722D36D1E917EB96A4EBDB47932F9576AC645B3A60806
 Test: DeterministicSign
 
+AlgorithmType: Signature
+Name: DSA-RFC6979/SHA-256
+Source: RFC 6979
+Comment: Section A.2.1. DSA, 1024 Bits, SHA-256
+KeyFormat: Component
+Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
+         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
+         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
+         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
+SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
+SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
+                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
+                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
+                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
+PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
+               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
+               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
+               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
+Message: 73616D706C65
+Signature: 81F2F5850BE5BC123C43F71A3033E9384611C5454CDD914B65EB6C66A8AAAD27299BEE6B035F5E89
+Test: Verify
+Message: 74657374
+Signature: 22518C127299B0F6FDC9872B282B9E70D07908126837EC18F150D55DE95B5E29BE7AF5D01E4FE160
+Test: Verify
+
+AlgorithmType: Signature
+Name: DSA-RFC6979/SHA-256
+Source: RFC 6979
+Comment: Section A.2.1. DSA, 1024 Bits, SHA-256
+KeyFormat: Component
+Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
+         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
+         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
+         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
+SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
+SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
+                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
+                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
+                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
+PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
+               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
+               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
+               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
+PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
+Message: 73616D706C65
+Signature: 81F2F5850BE5BC123C43F71A3033E9384611C5454CDD914B65EB6C66A8AAAD27299BEE6B035F5E89
+Test: DeterministicSign
+Message: 74657374
+Signature: 22518C127299B0F6FDC9872B282B9E70D07908126837EC18F150D55DE95B5E29BE7AF5D01E4FE160
+Test: DeterministicSign
+
+
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-256
 Source: RFC 6979
@@ -498,6 +397,57 @@ Signature: 8190012A1969F9957D56FCCAAD223186F423398D58EF5B3CEFD5A4146A4476F0\
            7452A53F7075D417B4B013B278D1BB8BBD21863F5E7B1CEE679CF2188E1AB19E
 Test: DeterministicSign
 
+AlgorithmType: Signature
+Name: DSA-RFC6979/SHA-384
+Source: RFC 6979
+Comment: Section A.2.1. DSA, 1024 Bits, SHA-384
+KeyFormat: Component
+Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
+         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
+         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
+         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
+SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
+SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
+                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
+                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
+                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
+PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
+               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
+               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
+               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
+Message: 73616D706C65
+Signature: 07F2108557EE0E3921BC1774F1CA9B410B4CE65A54DF70456C86FAC10FAB47C1949AB83F2C6F7595
+Test: Verify
+Message: 74657374
+Signature: 854CF929B58D73C3CBFDC421E8D5430CD6DB5E6691D0E0F53E22F898D158380676A871A157CDA622
+Test: Verify
+
+AlgorithmType: Signature
+Name: DSA-RFC6979/SHA-384
+Source: RFC 6979
+Comment: Section A.2.1. DSA, 1024 Bits, SHA-384
+KeyFormat: Component
+Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
+         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
+         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
+         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
+SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
+SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
+                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
+                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
+                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
+PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
+               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
+               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
+               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
+PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
+Message: 73616D706C65
+Signature: 07F2108557EE0E3921BC1774F1CA9B410B4CE65A54DF70456C86FAC10FAB47C1949AB83F2C6F7595
+Test: DeterministicSign
+Message: 74657374
+Signature: 854CF929B58D73C3CBFDC421E8D5430CD6DB5E6691D0E0F53E22F898D158380676A871A157CDA622
+Test: DeterministicSign
+
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-384
 Source: RFC 6979
@@ -579,6 +529,57 @@ Signature: 239E66DDBE8F8C230A3D071D601B6FFBDFB5901F94D444C6AF56F732BEB954BE\
            6BD737513D5E72FE85D1C750E0F73921FE299B945AAD1C802F15C26A43D34961
 Test: DeterministicSign
 
+AlgorithmType: Signature
+Name: DSA-RFC6979/SHA-512
+Source: RFC 6979
+Comment: Section A.2.1. DSA, 1024 Bits, SHA-512
+KeyFormat: Component
+Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
+         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
+         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
+         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
+SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
+SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
+                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
+                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
+                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
+PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
+               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
+               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
+               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
+Message: 73616D706C65
+Signature: 16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B02C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C
+Test: Verify
+Message: 74657374
+Signature: 8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A07C670C7AD72B6C050C109E1790008097125433E8
+Test: Verify
+
+AlgorithmType: Signature
+Name: DSA-RFC6979/SHA-512
+Source: RFC 6979
+Comment: Section A.2.1. DSA, 1024 Bits, SHA-512
+KeyFormat: Component
+Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
+         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
+         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
+         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
+SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
+SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
+                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
+                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
+                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
+PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
+               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
+               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
+               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
+PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
+Message: 73616D706C65
+Signature: 16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B02C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C
+Test: DeterministicSign
+Message: 74657374
+Signature: 8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A07C670C7AD72B6C050C109E1790008097125433E8
+Test: DeterministicSign
+
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-512
 Source: RFC 6979
diff --git a/cryptest.vcxproj.filters b/cryptest.vcxproj.filters
index 5adb263b..d37d2866 100644
--- a/cryptest.vcxproj.filters
+++ b/cryptest.vcxproj.filters
@@ -117,9 +117,6 @@
     <None Include="TestVectors\sha3.txt">
       <Filter>TestVectors</Filter>
     </None>
-    <None Include="TestVectors\sha3.txt">
-      <Filter>TestVectors</Filter>
-    </None>
     <None Include="TestVectors\shacal2.txt">
       <Filter>TestVectors</Filter>
     </None>

From ddc0f3a899ff235794108dc9289b689a4508112e Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 16 Apr 2017 08:06:20 -0400
Subject: [PATCH 038/200] Switch to Put and Get blocks. Remove unneeded macros

---
 aria.cpp | 377 ++++++++++++++++++-------------------------------------
 1 file changed, 119 insertions(+), 258 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index 052225da..10bbb2e5 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -3,30 +3,22 @@
 #include "pch.h"
 #include "config.h"
 
-#if CRYPTOPP_MSC_VERSION
-# pragma warning(disable: 4456)
-# if (CRYPTOPP_MSC_VERSION >= 1400)
-#  pragma warning(disable: 6246)
-# endif
-#endif
-
 #include "aria.h"
 #include "misc.h"
 #include "cpu.h"
 
-// Enable SSE2 and NEON for all platforms which have the intrinsics. Enable SSSE3 intrinsics
-// for Visual Studio and older GCCs. It reduces key schedule setup by 150 to 250 cycles.
-// Modern GCC does fine on its own, and it slows things down a small bit.
+#include <stdio.h>
+
 #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE
 # define CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS 1
 #endif
 
-#if CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE
-# define CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS 1
+#if CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE
+# define CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS 1
 #endif
 
-#if CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE && (CRYPTOPP_MSC_VERSION || (defined(CRYPTOPP_GCC_VERSION) && CRYPTOPP_GCC_VERSION < 50000))
-# define CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS 1
+#if CRYPTOPP_BOOL_NEON_INTRINSICS_AVAILABLE
+# define CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS 1
 #endif
 
 ANONYMOUS_NAMESPACE_BEGIN
@@ -186,36 +178,25 @@ ANONYMOUS_NAMESPACE_END
 
 NAMESPACE_BEGIN(CryptoPP)
 
+#if defined(IS_LITTLE_ENDIAN)
+typedef BlockGetAndPut<word32, BigEndian, true, true> AlignedBigEndianBlock;
+typedef BlockGetAndPut<word32, BigEndian, false, false> BigEndianBlock;
+typedef BlockGetAndPut<word32, LittleEndian, true, true>  AlignedNativeEndianBlock;
+typedef BlockGetAndPut<word32, LittleEndian, false, false> NativeEndianBlock;
+#else
+typedef BlockGetAndPut<word32, BigEndian, true, true> AlignedBigEndianBlock;
+typedef BlockGetAndPut<word32, BigEndian, false, false> BigEndianBlock;
+typedef BlockGetAndPut<word32, BigEndian, true, true> AlignedNativeEndianBlock;
+typedef BlockGetAndPut<word32, BigEndian, false, false> NativeEndianBlock;
+#endif
+
 inline byte ARIA_BRF(const word32 x, const int y) {
 	return GETBYTE(x, y);
 }
 
-inline word32 ReverseWord(const word32 w) {
-	return ByteReverse(w);
-}
-
-// Retrieve the i-th word, optionally in Big Endian
-template <bool big_endian>
-inline word32 LoadWord(const word32 x[4], const unsigned int i) {
-	if (big_endian)
-		return ConditionalByteReverse(BIG_ENDIAN_ORDER, x[i]);
-	else
-		return x[i];
-}
-
-// Reinterpret x as a word32[], and retrieve the i-th word, optionally in Big Endian
-template <bool big_endian>
-inline word32 LoadWord(const byte x[16], const unsigned int i) {
-	if (big_endian)
-		return ConditionalByteReverse(BIG_ENDIAN_ORDER, reinterpret_cast<const word32*>(x)[i]);
-	else
-		return reinterpret_cast<const word32*>(x)[i];
-}
-
 // Key XOR Layer
 #define ARIA_KXL {  \
-    t[0]^=LoadWord<false>(rk,0); t[1]^=LoadWord<false>(rk,1);  \
-    t[2]^=LoadWord<false>(rk,2); t[3]^=LoadWord<false>(rk,3);  \
+    AlignedNativeEndianBlock::Put(rk, t)(t[0])(t[1])(t[2])(t[3]); \
   }
 
 // S-Box Layer 1 + M
@@ -234,28 +215,21 @@ inline word32 LoadWord(const byte x[16], const unsigned int i) {
     T3=X1[ARIA_BRF(T3,3)]^X2[ARIA_BRF(T3,2)]^S1[ARIA_BRF(T3,1)]^S2[ARIA_BRF(T3,0)];  \
   }
 
+#define ARIA_P(T0,T1,T2,T3) {                                  \
+    (T1) = (((T1)<< 8)&0xff00ff00) ^ (((T1)>> 8)&0x00ff00ff);  \
+    (T2) = rotrFixed((T2),16);                                 \
+    (T3) = ByteReverse((T3));                                  \
+  }
+
+#define ARIA_M(X,Y) {						\
+    Y=(X)<<8 ^ (X)>>8 ^ (X)<<16 ^ (X)>>16 ^ (X)<<24 ^ (X)>>24;	\
+  }
+
 #define ARIA_MM(T0,T1,T2,T3) {           \
     (T1)^=(T2); (T2)^=(T3); (T0)^=(T1);  \
     (T3)^=(T1); (T2)^=(T0); (T1)^=(T2);  \
   }
 
-#define ARIA_P(T0,T1,T2,T3) {                                  \
-    (T1) = (((T1)<< 8)&0xff00ff00) ^ (((T1)>> 8)&0x00ff00ff);  \
-    (T2) = rotrFixed((T2),16);                                 \
-    (T3) = ReverseWord((T3));                                  \
-  }
-
-#if defined(_MSC_VER)
-#define ARIA_M1(X,Y) {           \
-    w=rotrFixed((X), 8);         \
-    (Y)=w^rotrFixed((X)^w, 16);  \
-  }
-#else
-#define ARIA_M1(X,Y) {						\
-    Y=(X)<<8 ^ (X)>>8 ^ (X)<<16 ^ (X)>>16 ^ (X)<<24 ^ (X)>>24;	\
-  }
-#endif
-
 #define ARIA_FO {SBL1_M(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3])}
 #define ARIA_FE {SBL2_M(t[0],t[1],t[2],t[3]) ARIA_MM(t[0],t[1],t[2],t[3]) ARIA_P(t[2],t[3],t[0],t[1]) ARIA_MM(t[0],t[1],t[2],t[3])}
 
@@ -294,7 +268,6 @@ inline void ARIA_GSRK_NEON(const word32 X[4], const word32 Y[4], byte RK[16])
 
 void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params)
 {
-	CRYPTOPP_ASSERT(key && keylen);
 	CRYPTOPP_UNUSED(params);
 
 	const byte *mk = key;
@@ -324,62 +297,51 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	word32 *w0 = m_w.data(), *w1 = m_w.data()+8, *w2 = m_w.data()+12, *w3 = m_w.data()+16, *t = m_w.data()+20;
 
 #if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
+	const __m128i MASK = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
 	if (HasSSSE3())
 	{
-		// 7 SSE instructions. 'mk' may be unaligned.
-		const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
-		const __m128i w = _mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(mk)), m);
+		// 'mk' may be unaligned.
+		const __m128i w = _mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(mk)), MASK);
 		_mm_store_si128((__m128i*)w0, w);
 		_mm_store_si128((__m128i*)t, _mm_xor_si128(w, _mm_load_si128((const __m128i*)(KRK[q]))));
-	}
-	else
-#endif  // CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
-	{
-		// 27 integer instructions
-		w0[0] = LoadWord<true>(mk,0); w0[1] = LoadWord<true>(mk,1);
-		w0[2] = LoadWord<true>(mk,2); w0[3] = LoadWord<true>(mk,3);
 
-		t[0]=w0[0]^KRK[q][0]; t[1]=w0[1]^KRK[q][1];
-		t[2]=w0[2]^KRK[q][2]; t[3]=w0[3]^KRK[q][3];
-	}
+		ARIA_FO;
 
-	// 24 integer instructions
-	ARIA_FO;
-
-	if (keylen == 32)
-	{
-#if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
-		if (HasSSSE3())
+		if (keylen == 32)
 		{
-			// 3 SSE instructions. 'mk' may be unaligned.
-			const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
+			// 'mk' may be unaligned.
 			_mm_store_si128(reinterpret_cast<__m128i*>(w1),
-				_mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(mk+16)), m));
+				_mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(mk+16)), MASK));
 		}
-#endif  // CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
+		else if (keylen == 24)
 		{
-			// 14 integer instructions
-			w1[0] = LoadWord<true>(mk,4);
-			w1[1] = LoadWord<true>(mk,5);
-			w1[2] = LoadWord<true>(mk,6);
-			w1[3] = LoadWord<true>(mk,7);
+			BigEndianBlock::Get(mk+16)(w1[0])(w1[1]);
+			w1[2] = w1[3] = 0;
 		}
-	}
-	else if (keylen == 24)
-	{
-		w1[0] = LoadWord<true>(mk,4);
-		w1[1] = LoadWord<true>(mk,5);
-		w1[2] = w1[3] = 0;
-	}
-	else
-	{
-#if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
-		if (HasSSE2())
+		else
 		{
 			_mm_store_si128(reinterpret_cast<__m128i*>(w1), _mm_setzero_si128());
 		}
+	}
+	else
+#endif  // CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
+	{
+		BigEndianBlock::Get(mk)(w0[0])(w0[1])(w0[2])(w0[3]);
+		t[0]=w0[0]^KRK[q][0]; t[1]=w0[1]^KRK[q][1];
+		t[2]=w0[2]^KRK[q][2]; t[3]=w0[3]^KRK[q][3];
+
+		ARIA_FO;
+
+		if (keylen == 32)
+		{
+			BigEndianBlock::Get(mk+16)(w1[0])(w1[1])(w1[2])(w1[3]);
+		}
+		else if (keylen == 24)
+		{
+			BigEndianBlock::Get(mk+16)(w1[0])(w1[1]);
+			w1[2] = w1[3] = 0;
+		}
 		else
-#endif  // CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 		{
 			w1[0]=w1[1]=w1[2]=w1[3]=0;
 		}
@@ -388,81 +350,51 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 #if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 	if (HasSSE2())
 	{
-		// 4 integer, 7 SSE instructions
 		const __m128i x = _mm_xor_si128(
 			_mm_load_si128((const __m128i*)(w1)),
 			_mm_load_si128((const __m128i*)(t)));
-
 		_mm_store_si128((__m128i*)(w1), x);
-		_mm_store_si128((__m128i*)(t), x);
 
 		q = (q==2) ? 0 : (q+1);
+		_mm_store_si128((__m128i*)(t), _mm_xor_si128(x,
+			_mm_load_si128((const __m128i*)(KRK[q]))));
+
+		ARIA_FE;
+
 		const __m128i y = _mm_xor_si128(
-			_mm_load_si128((const __m128i*)(t)),
-			_mm_load_si128((const __m128i*)(KRK[q])));
-
-		_mm_store_si128((__m128i*)(t), y);
-	}
-	else
-#endif  // CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
-	{
-		// 23 integer instructions
-		w1[0]^=t[0]; w1[1]^=t[1]; w1[2]^=t[2]; w1[3]^=t[3];
-		// t[0]=w1[0];  t[1]=w1[1];  t[2]=w1[2];  t[3]=w1[3];
-		memcpy(t, w1, 16);
-
-		q = (q==2) ? 0 : (q+1);
-		t[0]^=KRK[q][0]; t[1]^=KRK[q][1]; t[2]^=KRK[q][2]; t[3]^=KRK[q][3];
-	}
-
-	ARIA_FE;
-
-#if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
-	if (HasSSE2())
-	{
-		// 4 integer, 7 SSE instructions
-		const __m128i x = _mm_xor_si128(
 			_mm_load_si128((const __m128i*)(w0)),
 			_mm_load_si128((const __m128i*)(t)));
-
-		_mm_store_si128((__m128i*)(w2), x);
-		_mm_store_si128((__m128i*)(t), x);
+		_mm_store_si128((__m128i*)(w2), y);
 
 		q = (q==2) ? 0 : (q+1);
-		const __m128i y = _mm_xor_si128(
-			_mm_load_si128((const __m128i*)(t)),
-			_mm_load_si128((const __m128i*)(KRK[q])));
+		_mm_store_si128((__m128i*)(t), _mm_xor_si128(y,
+			_mm_load_si128((const __m128i*)(KRK[q]))));
 
-		_mm_store_si128((__m128i*)(t), y);
+		ARIA_FO;
+
+		_mm_store_si128((__m128i*)(w3), _mm_xor_si128(
+			_mm_load_si128((const __m128i*)(w1)),
+			_mm_load_si128((const __m128i*)(t))));
 	}
 	else
 #endif  // CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 	{
-		// 23 integer instructions
-		t[0]^=w0[0]; t[1]^=w0[1]; t[2]^=w0[2]; t[3]^=w0[3];
-		// w2[0]=t[0]; w2[1]=t[1]; w2[2]=t[2]; w2[3]=t[3];
-		memcpy(w2, t, 16);
+		w1[0]^=t[0]; w1[1]^=t[1]; w1[2]^=t[2]; w1[3]^=t[3];
+		::memcpy(t, w1, 16);
 
 		q = (q==2) ? 0 : (q+1);
 		t[0]^=KRK[q][0]; t[1]^=KRK[q][1]; t[2]^=KRK[q][2]; t[3]^=KRK[q][3];
-	}
 
-	ARIA_FO;
+		ARIA_FE;
 
-#if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
-	if (HasSSE2())
-	{
-		// 3 SSE instructions
-		const __m128i x = _mm_xor_si128(
-			_mm_load_si128((const __m128i*)(w1)),
-			_mm_load_si128((const __m128i*)(t)));
+		t[0]^=w0[0]; t[1]^=w0[1]; t[2]^=w0[2]; t[3]^=w0[3];
+		::memcpy(w2, t, 16);
+
+		q = (q==2) ? 0 : (q+1);
+		t[0]^=KRK[q][0]; t[1]^=KRK[q][1]; t[2]^=KRK[q][2]; t[3]^=KRK[q][3];
+
+		ARIA_FO;
 
-		_mm_store_si128((__m128i*)(w3), x);
-	}
-	else
-#endif  // CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
-	{
-		// 14 integer instructions
 		w3[0]=t[0]^w1[0]; w3[1]=t[1]^w1[1]; w3[2]=t[2]^w1[2]; w3[3]=t[3]^w1[3];
 	}
 
@@ -528,20 +460,14 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 	// Decryption operation
 	if (!IsForwardTransformation())
 	{
-		word32 *a, *z, *s, w;
-
-		mk = key;
+		word32 *a, *z, *s;
 		rk = m_rk.data();
 		r = R; q = Q;
 
 #if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 		if (HasSSE2())
 		{
-			// 6 SSE instructions
 			a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
-			// t[0]=a[0]; t[1]=a[1]; t[2]=a[2]; t[3]=a[3];
-			// a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
-			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
 			_mm_store_si128((__m128i*)t, _mm_load_si128((const __m128i*)a));
 			_mm_store_si128((__m128i*)a, _mm_load_si128((const __m128i*)z));
 			_mm_store_si128((__m128i*)z, _mm_load_si128((const __m128i*)t));
@@ -549,87 +475,41 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 			a+=4; z-=4;
 			for (; a<z; a+=4, z-=4)
 			{
-				ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
+				ARIA_M(a[0],t[0]); ARIA_M(a[1],t[1]); ARIA_M(a[2],t[2]); ARIA_M(a[3],t[3]);
 				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-				// s[0]=t[0]; s[1]=t[1]; s[2]=t[2]; s[3]=t[3];
 				_mm_store_si128((__m128i*)s, _mm_load_si128((const __m128i*)t));
 
-				ARIA_M1(z[0],t[0]); ARIA_M1(z[1],t[1]); ARIA_M1(z[2],t[2]); ARIA_M1(z[3],t[3]);
+				ARIA_M(z[0],t[0]); ARIA_M(z[1],t[1]); ARIA_M(z[2],t[2]); ARIA_M(z[3],t[3]);
 				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-				// a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
-				// z[0]=s[0]; z[1]=s[1]; z[2]=s[2]; z[3]=s[3];
 				_mm_store_si128((__m128i*)a, _mm_load_si128((const __m128i*)t));
 				_mm_store_si128((__m128i*)z, _mm_load_si128((const __m128i*)s));
 			}
 
-			ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
+			ARIA_M(a[0],t[0]); ARIA_M(a[1],t[1]); ARIA_M(a[2],t[2]); ARIA_M(a[3],t[3]);
 			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
 			_mm_store_si128((__m128i*)z, _mm_load_si128((const __m128i*)t));
 		}
 		else
-#elif CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
-		if (HasNEON())
+#endif
 		{
-			// 6 NEON instructions
 			a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
-			// t[0]=a[0]; t[1]=a[1]; t[2]=a[2]; t[3]=a[3];
-			// a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
-			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
-			vst1q_u32(reinterpret_cast<uint32_t*>(t), vld1q_u32(reinterpret_cast<uint32_t*>(a)));
-			vst1q_u32(reinterpret_cast<uint32_t*>(a), vld1q_u32(reinterpret_cast<uint32_t*>(z)));
-			vst1q_u32(reinterpret_cast<uint32_t*>(z), vld1q_u32(reinterpret_cast<uint32_t*>(t)));
+			::memcpy(t, a, 16); ::memcpy(a, z, 16); ::memcpy(z, t, 16);
 
 			a+=4; z-=4;
 			for (; a<z; a+=4, z-=4)
 			{
-				ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
+				ARIA_M(a[0],t[0]); ARIA_M(a[1],t[1]); ARIA_M(a[2],t[2]); ARIA_M(a[3],t[3]);
 				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-				// s[0]=t[0]; s[1]=t[1]; s[2]=t[2]; s[3]=t[3];
-				vst1q_u32(reinterpret_cast<uint32_t*>(s), vld1q_u32(reinterpret_cast<uint32_t*>(t)));
+				::memcpy(s, t, 16);
 
-				ARIA_M1(z[0],t[0]); ARIA_M1(z[1],t[1]); ARIA_M1(z[2],t[2]); ARIA_M1(z[3],t[3]);
+				ARIA_M(z[0],t[0]); ARIA_M(z[1],t[1]); ARIA_M(z[2],t[2]); ARIA_M(z[3],t[3]);
 				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-				// a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
-				// z[0]=s[0]; z[1]=s[1]; z[2]=s[2]; z[3]=s[3];
-				vst1q_u32(reinterpret_cast<uint32_t*>(a), vld1q_u32(reinterpret_cast<uint32_t*>(t)));
-				vst1q_u32(reinterpret_cast<uint32_t*>(z), vld1q_u32(reinterpret_cast<uint32_t*>(s)));
+				::memcpy(a, t, 16); ::memcpy(z, s, 16);
 			}
 
-			ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
+			ARIA_M(a[0],t[0]); ARIA_M(a[1],t[1]); ARIA_M(a[2],t[2]); ARIA_M(a[3],t[3]);
 			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
-			vst1q_u32(reinterpret_cast<uint32_t*>(z), vld1q_u32(reinterpret_cast<uint32_t*>(t)));
-		}
-		else
-#endif  // CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
-		{
-			// 32 integer instructions
-			a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
-			// t[0]=a[0]; t[1]=a[1]; t[2]=a[2]; t[3]=a[3];
-			// a[0]=z[0]; a[1]=z[1]; a[2]=z[2]; a[3]=z[3];
-			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
-			memcpy(t, a, 16); memcpy(a, z, 16); memcpy(z, t, 16);
-
-			a+=4; z-=4;
-			for (; a<z; a+=4, z-=4)
-			{
-				ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
-				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-				// s[0]=t[0]; s[1]=t[1]; s[2]=t[2]; s[3]=t[3];
-				memcpy(s, t, 16);
-
-				ARIA_M1(z[0],t[0]); ARIA_M1(z[1],t[1]); ARIA_M1(z[2],t[2]); ARIA_M1(z[3],t[3]);
-				ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-				// a[0]=t[0]; a[1]=t[1]; a[2]=t[2]; a[3]=t[3];
-				// z[0]=s[0]; z[1]=s[1]; z[2]=s[2]; z[3]=s[3];
-				memcpy(a, t, 16); memcpy(z, s, 16);
-			}
-
-			ARIA_M1(a[0],t[0]); ARIA_M1(a[1],t[1]); ARIA_M1(a[2],t[2]); ARIA_M1(a[3],t[3]);
-			ARIA_MM(t[0],t[1],t[2],t[3]); ARIA_P(t[0],t[1],t[2],t[3]); ARIA_MM(t[0],t[1],t[2],t[3]);
-			// z[0]=t[0]; z[1]=t[1]; z[2]=t[2]; z[3]=t[3];
-			memcpy(z, t, 16);
+			::memcpy(z, t, 16);
 		}
 	}
 }
@@ -650,20 +530,7 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 		u |= *(S1+i);
 	t[0] |= u;
 
-#if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
-	if (HasSSSE3())
-	{
-		// 3 SSE instructions. 'inBlock' may be unaligned.
-		const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
-		_mm_store_si128((__m128i*)t, _mm_shuffle_epi8(_mm_loadu_si128((const __m128i*)(inBlock)), m));
-	}
-	else
-#endif  // CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
-	{
-		// 13 integer instructions
-		t[0] = LoadWord<true>(inBlock,0); t[1] = LoadWord<true>(inBlock,1);
-		t[2] = LoadWord<true>(inBlock,2); t[3] = LoadWord<true>(inBlock,3);
-	}
+	BigEndianBlock::Get(inBlock)(t[0])(t[1])(t[2])(t[3]);
 
 	if (m_rounds > 12) {
 		ARIA_KXL; rk+= 16; ARIA_FO;
@@ -683,10 +550,10 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	ARIA_KXL; rk+= 16; ARIA_FO; ARIA_KXL; rk+= 16;
 
 #ifdef IS_LITTLE_ENDIAN
-# if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS || defined(__SSSE3__)
-	if (HasSSSE3())  // Include GCC and Clang in this code path
+# if CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
+	const __m128i MASK = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
+	if (HasSSSE3())
 	{
-		// This code path saves about 30 instructions
 		outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   );
 		outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8);
 		outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   );
@@ -704,11 +571,10 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 		outBlock[14] = (byte)(S1[ARIA_BRF(t[3],1)]   );
 		outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)]   );
 
-		// 4 SSE instructions. 'outBlock' may be unaligned.
-		const __m128i m = _mm_set_epi8(12,13,14,15, 8,9,10,11, 4,5,6,7, 0,1,2,3);
+		// 'outBlock' may be unaligned.
 		_mm_storeu_si128(reinterpret_cast<__m128i*>(outBlock),
 			_mm_xor_si128(_mm_loadu_si128((const __m128i*)(outBlock)),
-				_mm_shuffle_epi8(_mm_load_si128((const __m128i*)(rk)), m)));
+				_mm_shuffle_epi8(_mm_load_si128((const __m128i*)(rk)), MASK)));
 
 		// 'outBlock' and 'xorBlock' may be unaligned.
 		if (xorBlock != NULLPTR)
@@ -725,7 +591,6 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	else
 # endif  // CRYPTOPP_ENABLE_ARIA_SSSE3_INTRINSICS
 	{
-		// 13 additional integer instructions
 		outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   ) ^ rk[ 3];
 		outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8) ^ rk[ 2];
 		outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   ) ^ rk[ 1];
@@ -744,28 +609,25 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 		outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)]   ) ^ rk[12];
 	}
 #else
-	outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   );
-	outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8);
-	outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   );
-	outBlock[ 3] = (byte)(S2[ARIA_BRF(t[0],0)]   );
-	outBlock[ 4] = (byte)(X1[ARIA_BRF(t[1],3)]   );
-	outBlock[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8);
-	outBlock[ 6] = (byte)(S1[ARIA_BRF(t[1],1)]   );
-	outBlock[ 7] = (byte)(S2[ARIA_BRF(t[1],0)]   );
-	outBlock[ 8] = (byte)(X1[ARIA_BRF(t[2],3)]   );
-	outBlock[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8);
-	outBlock[10] = (byte)(S1[ARIA_BRF(t[2],1)]   );
-	outBlock[11] = (byte)(S2[ARIA_BRF(t[2],0)]   );
-	outBlock[12] = (byte)(X1[ARIA_BRF(t[3],3)]   );
-	outBlock[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8);
-	outBlock[14] = (byte)(S1[ARIA_BRF(t[3],1)]   );
-	outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)]   );
+		outBlock[ 0] = (byte)(X1[ARIA_BRF(t[0],3)]   );
+		outBlock[ 1] = (byte)(X2[ARIA_BRF(t[0],2)]>>8);
+		outBlock[ 2] = (byte)(S1[ARIA_BRF(t[0],1)]   );
+		outBlock[ 3] = (byte)(S2[ARIA_BRF(t[0],0)]   );
+		outBlock[ 4] = (byte)(X1[ARIA_BRF(t[1],3)]   );
+		outBlock[ 5] = (byte)(X2[ARIA_BRF(t[1],2)]>>8);
+		outBlock[ 6] = (byte)(S1[ARIA_BRF(t[1],1)]   );
+		outBlock[ 7] = (byte)(S2[ARIA_BRF(t[1],0)]   );
+		outBlock[ 8] = (byte)(X1[ARIA_BRF(t[2],3)]   );
+		outBlock[ 9] = (byte)(X2[ARIA_BRF(t[2],2)]>>8);
+		outBlock[10] = (byte)(S1[ARIA_BRF(t[2],1)]   );
+		outBlock[11] = (byte)(S2[ARIA_BRF(t[2],0)]   );
+		outBlock[12] = (byte)(X1[ARIA_BRF(t[3],3)]   );
+		outBlock[13] = (byte)(X2[ARIA_BRF(t[3],2)]>>8);
+		outBlock[14] = (byte)(S1[ARIA_BRF(t[3],1)]   );
+		outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)]   );
 
-	#define ARIA_WORD(X,Y) (((word32 *)(X))[Y])
-	ARIA_WORD(outBlock,0)^=LoadWord<true>(rk,0);
-	ARIA_WORD(outBlock,1)^=LoadWord<true>(rk,1);
-	ARIA_WORD(outBlock,2)^=LoadWord<true>(rk,2);
-	ARIA_WORD(outBlock,3)^=LoadWord<true>(rk,3);
+		t = reinterpret_cast<word32*>(outBlock);
+		AlignedBigEndianBlock::Put(rk, t)(t[0])(t[1])(t[2])(t[3]);
 #endif
 
 #if CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
@@ -779,12 +641,11 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 					vld1q_u32((const uint32_t*)outBlock),
 					vld1q_u32((const uint32_t*)xorBlock)));
 		}
-
+		return;
 	}
 	else
 #endif  // CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
 	{
-		// 15 integer instructions
 		if (xorBlock != NULLPTR)
 			for (unsigned int n=0; n<16; ++n)
 				outBlock[n] ^= xorBlock[n];

From 1d1a1507372b7be7cbccdfec818a9f9985be03c6 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 16 Apr 2017 13:00:45 -0400
Subject: [PATCH 039/200] Avoid extra loads of workspace variables

---
 aria.cpp | 24 +++++++++++-------------
 aria.h   |  2 +-
 2 files changed, 12 insertions(+), 14 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index 10bbb2e5..3f5b9058 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -248,21 +248,16 @@ inline void ARIA_GSRK(const word32 X[4], const word32 Y[4], byte RK[16])
 
 #if CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
 template <unsigned int N>
-inline void ARIA_GSRK_NEON(const word32 X[4], const word32 Y[4], byte RK[16])
+inline void ARIA_GSRK_NEON(const uint32x4_t X, const uint32x4_t Y, byte RK[16])
 {
 	static const unsigned int Q1 = (4-(N/32)) % 4;
 	static const unsigned int Q2 = (3-(N/32)) % 4;
 	static const unsigned int R = N % 32;
 
-	const uint32x4_t a = vld1q_u32((const uint32_t*)X);
-	const uint32x4_t t = vld1q_u32((const uint32_t*)Y);
-	const uint32x4_t b = vextq_u32(t, t, Q1);
-	const uint32x4_t c = vextq_u32(t, t, Q2);
-
 	vst1q_u32(reinterpret_cast<uint32_t*>(RK),
-		veorq_u32(a, veorq_u32(
-			vshrq_n_u32(b, R),
-			vshlq_n_u32(c, 32-R))));
+		veorq_u32(X, veorq_u32(
+			vshrq_n_u32(vextq_u32(Y, Y, Q1), R),
+			vshlq_n_u32(vextq_u32(Y, Y, Q2), 32-R))));
 }
 #endif
 
@@ -401,6 +396,11 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 #if CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
 	if (HasNEON())
 	{
+		const uint32x4_t w0 = vld1q_u32((const uint32_t*)(m_w.data()+0));
+		const uint32x4_t w1 = vld1q_u32((const uint32_t*)(m_w.data()+8));
+		const uint32x4_t w2 = vld1q_u32((const uint32_t*)(m_w.data()+12));
+		const uint32x4_t w3 = vld1q_u32((const uint32_t*)(m_w.data()+16));
+
 		ARIA_GSRK_NEON<19>(w0, w1, rk +   0);
 		ARIA_GSRK_NEON<19>(w1, w2, rk +  16);
 		ARIA_GSRK_NEON<19>(w2, w3, rk +  32);
@@ -467,7 +467,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 #if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
 		if (HasSSE2())
 		{
-			a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
+			a=reinterpret_cast<word32*>(rk); s=m_w.data()+24; z=a+r*4;
 			_mm_store_si128((__m128i*)t, _mm_load_si128((const __m128i*)a));
 			_mm_store_si128((__m128i*)a, _mm_load_si128((const __m128i*)z));
 			_mm_store_si128((__m128i*)z, _mm_load_si128((const __m128i*)t));
@@ -492,7 +492,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		else
 #endif
 		{
-			a=reinterpret_cast<word32*>(rk);  s=m_w.data()+24; z=a+r*4;
+			a=reinterpret_cast<word32*>(rk); s=m_w.data()+24; z=a+r*4;
 			::memcpy(t, a, 16); ::memcpy(a, z, 16); ::memcpy(z, t, 16);
 
 			a+=4; z-=4;
@@ -585,7 +585,6 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 					_mm_loadu_si128((const __m128i*)(outBlock)),
 					_mm_loadu_si128((const __m128i*)(xorBlock))));
 		}
-
 		return;
 	}
 	else
@@ -641,7 +640,6 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 					vld1q_u32((const uint32_t*)outBlock),
 					vld1q_u32((const uint32_t*)xorBlock)));
 		}
-		return;
 	}
 	else
 #endif  // CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
diff --git a/aria.h b/aria.h
index 1102509e..86ccf6c9 100644
--- a/aria.h
+++ b/aria.h
@@ -48,7 +48,7 @@ public:
 		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 
 	private:
-		// Reference implementation allocates a table of 17 sub-keys.
+		// Reference implementation allocates a table of 17 round keys.
 		FixedSizeAlignedSecBlock<byte, 16*17> m_rk;  // round keys
 		FixedSizeAlignedSecBlock<word32, 4*7> m_w;   // w0, w1, w2, w3, t and u
 		unsigned int m_rounds;

From dad532cb4b610206dda46ccb03b6b7c0d75214fd Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 16 Apr 2017 13:23:27 -0400
Subject: [PATCH 040/200] Remove stdio.h header

---
 aria.cpp | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index 3f5b9058..041be215 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -7,8 +7,6 @@
 #include "misc.h"
 #include "cpu.h"
 
-#include <stdio.h>
-
 #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE
 # define CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS 1
 #endif
@@ -579,7 +577,6 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 		// 'outBlock' and 'xorBlock' may be unaligned.
 		if (xorBlock != NULLPTR)
 		{
-			// 3 SSE instructions
 			_mm_storeu_si128((__m128i*)(outBlock),
 				_mm_xor_si128(
 					_mm_loadu_si128((const __m128i*)(outBlock)),
@@ -626,7 +623,7 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 		outBlock[15] = (byte)(S2[ARIA_BRF(t[3],0)]   );
 
 		t = reinterpret_cast<word32*>(outBlock);
-		AlignedBigEndianBlock::Put(rk, t)(t[0])(t[1])(t[2])(t[3]);
+		BigEndianBlock::Put(rk, t)(t[0])(t[1])(t[2])(t[3]);
 #endif
 
 #if CRYPTOPP_ENABLE_ARIA_NEON_INTRINSICS
@@ -634,7 +631,6 @@ void ARIA::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, b
 	{
 		if (xorBlock != NULLPTR)
 		{
-			// 4 NEON instructions
 			vst1q_u32(reinterpret_cast<uint32_t*>(outBlock),
 				veorq_u32(
 					vld1q_u32((const uint32_t*)outBlock),

From 3504f1da2591d8b84e356527ed41dc6209eafa06 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 16 Apr 2017 15:10:20 -0400
Subject: [PATCH 041/200] Add VS2010 - VS2017 images to appveyor.yml

---
 .appveyor.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.appveyor.yml b/.appveyor.yml
index 8d6acf19..1fb10ea3 100644
--- a/.appveyor.yml
+++ b/.appveyor.yml
@@ -15,6 +15,14 @@ platform:
 - Win32
 - Win64
 
+image:
+
+- Visual Studio 2017
+- Visual Studio 2015
+- Visual Studio 2013
+- Visual Studio 2012
+- Visual Studio 2010
+
 build:
 
   project: cryptest.sln

From 7df4418258198d49a24b797143313d2031b2b913 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 16 Apr 2017 15:57:46 -0400
Subject: [PATCH 042/200] Add allow_failures to appveyor.yml until we sort out
 some of the issues

---
 .appveyor.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/.appveyor.yml b/.appveyor.yml
index 1fb10ea3..6d35ae3f 100644
--- a/.appveyor.yml
+++ b/.appveyor.yml
@@ -27,6 +27,7 @@ build:
 
   project: cryptest.sln
   verbosity: minimal
+  parallel: true
 
 test_script:
 
@@ -37,3 +38,16 @@ test_script:
     cryptest.exe v
     
     cryptest.exe tv all
+
+# Right now, we have a few failures that we don't know how to workaround.
+#  - https://stackoverflow.com/questions/43441273/how-to-run-vcupgrade-before-appveyor-build
+#  - https://stackoverflow.com/questions/43423761/cant-perform-64-bit-testing-under-appveyor
+# Appveyor also complains that it can't find VS2010 tools even though the docs state they are there.
+matrix:
+  allow_failures:
+    - platform: Win64
+      configuration: Debug
+    - platform: Win64
+      configuration: Release
+    - image: Visual Studio 2010
+    - image: Visual Studio 2017

From b784852998810c50d86bbe6f1bff95f65ebcdbbe Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 17 Apr 2017 00:20:22 -0400
Subject: [PATCH 043/200] Add no-asm target to ease testing of
 -DCRYPTOPP_DISABLE_ASM This is intended to be used on Travis CI

---
 GNUmakefile | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/GNUmakefile b/GNUmakefile
index bdfdaf0f..db1713f6 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -360,6 +360,13 @@ ARFLAGS = -xar -o
 RANLIB = true
 endif
 
+# No ASM for Travis testing
+ifeq ($(findstring no-asm,$(MAKECMDGOALS)),no-asm)
+ifeq ($(findstring -DCRYPTOPP_DISABLE_ASM,$(CXXFLAGS)),)
+CXXFLAGS += -DCRYPTOPP_DISABLE_ASM
+endif # CXXFLAGS
+endif # No ASM
+
 # Undefined Behavior Sanitizer (UBsan) testing. There's no sense in
 #   allowing unaligned data access. There will too many findings.
 ifeq ($(findstring ubsan,$(MAKECMDGOALS)),ubsan)
@@ -515,8 +522,8 @@ deps GNUmakefile.deps:
 	$(CXX) $(strip $(CXXFLAGS)) -MM *.cpp > GNUmakefile.deps
 
 # CXXFLAGS are tuned earlier.
-.PHONY: asan ubsan
-asan ubsan: libcryptopp.a cryptest.exe
+.PHONY: asan ubsan no-asm
+no-asm asan ubsan: libcryptopp.a cryptest.exe
 
 # CXXFLAGS are tuned earlier. Applications must use linker flags
 #  -Wl,--gc-sections (Linux and Unix) or -Wl,-dead_strip (OS X)

From 3d9ac8f66f6bcedb6d21d43c840374e19fcd9fd2 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 17 Apr 2017 00:25:57 -0400
Subject: [PATCH 044/200] Add Travis configuration file

---
 .travis.yml | 60 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)
 create mode 100644 .travis.yml

diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 00000000..0f68a4ba
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,60 @@
+language: cpp
+
+os:
+  - linux
+  - osx
+
+dist: trusty
+sudo: false
+
+osx_image:
+  - xcode6.4
+  - xcode7.3
+  - xcode8.2
+
+git:
+  depth: 3
+
+compiler:
+  - clang
+  - gcc
+
+env:
+  global:
+    - BUILD_JOBS=2
+
+  matrix:
+    - BUILD_MODE="shared"
+    - BUILD_MODE="static"
+    - BUILD_MODE="no-asm"
+    - BUILD_MODE="asan"
+    - BUILD_MODE="ubsan"
+    - BUILD_MODE="valgrind"
+
+#matrix:
+#  allow_failures:
+#    - os: linux
+#      env: BUILD_MODE="lint"
+
+  exclude:
+    # Skip GCC on OS X entirely
+    - os: osx
+      compiler: gcc
+
+    # The sanitizer builds under Clang run the tests very
+    # slowly and cause CI timeouts.
+
+    - compiler: clang
+      env: BUILD_MODE="asan"
+    - compiler: clang
+      env: BUILD_MODE="ubsan"
+    - compiler: clang
+      env: BUILD_MODE="valgrind"
+
+# whitelist branches to avoid testing feature branches twice
+branches:
+  only:
+    - master
+
+#notifications:
+#  email: jdoe@example.com

From cfa98a32c0e5231ce2c37f2618ae67c31330500a Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 17 Apr 2017 01:06:27 -0400
Subject: [PATCH 045/200] Add Win64 to exclude until the issues are sorted out

---
 .appveyor.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.appveyor.yml b/.appveyor.yml
index 6d35ae3f..67a71b8a 100644
--- a/.appveyor.yml
+++ b/.appveyor.yml
@@ -44,7 +44,9 @@ test_script:
 #  - https://stackoverflow.com/questions/43423761/cant-perform-64-bit-testing-under-appveyor
 # Appveyor also complains that it can't find VS2010 tools even though the docs state they are there.
 matrix:
-  allow_failures:
+#  allow_failures:
+
+  exclude:
     - platform: Win64
       configuration: Debug
     - platform: Win64

From f69504f6b45a172616d0397ac2e9e38407a8aba3 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 17 Apr 2017 01:15:55 -0400
Subject: [PATCH 046/200] Cleanup travis.yml file

---
 .travis.yml | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 0f68a4ba..9efb17f6 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -7,10 +7,11 @@ os:
 dist: trusty
 sudo: false
 
+# OS X only supports one image. Us the latest.
 osx_image:
-  - xcode6.4
-  - xcode7.3
   - xcode8.2
+#  - xcode7.3
+#  - xcode6.4
 
 git:
   depth: 3
@@ -31,11 +32,6 @@ env:
     - BUILD_MODE="ubsan"
     - BUILD_MODE="valgrind"
 
-#matrix:
-#  allow_failures:
-#    - os: linux
-#      env: BUILD_MODE="lint"
-
   exclude:
     # Skip GCC on OS X entirely
     - os: osx

From ba904cc9da17107b29685cd8726c6e4c003a9012 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 17 Apr 2017 02:39:22 -0400
Subject: [PATCH 047/200] Update algorithm list in cryptlib.h

---
 cryptlib.h | 36 +++++++++++++++++++++++-------------
 1 file changed, 23 insertions(+), 13 deletions(-)

diff --git a/cryptlib.h b/cryptlib.h
index 43e3fc39..fb5473dd 100644
--- a/cryptlib.h
+++ b/cryptlib.h
@@ -10,29 +10,35 @@
 <dt>Authenticated Encryption Modes<dd>
 	CCM, EAX, \ref GCM "GCM (2K tables)", \ref GCM "GCM (64K tables)"
 <dt>Block Ciphers<dd>
-	\ref Rijndael "AES", Weak::ARC4, Blowfish, BTEA, Camellia, CAST128, CAST256, DES, \ref DES_EDE2 "2-key Triple-DES", \ref DES_EDE3 "3-key Triple-DES",
-	\ref DES_XEX3 "DESX", GOST, IDEA, \ref LR "Luby-Rackoff", MARS, RC2, RC5, RC6, \ref SAFER_K "SAFER-K", \ref SAFER_SK "SAFER-SK", SEED, Serpent,
-	\ref SHACAL2 "SHACAL-2", SHARK, SKIPJACK,
-Square, TEA, \ref ThreeWay "3-Way", Twofish, XTEA
+	\ref Rijndael "AES", ARIA, Weak::ARC4, Blowfish, BTEA, Camellia, CAST128, CAST256, DES,
+	\ref DES_EDE2 "2-key Triple-DES", \ref DES_EDE3 "3-key Triple-DES",	\ref DES_XEX3 "DESX",
+	GOST, IDEA, \ref LR "Luby-Rackoff", MARS, RC2, RC5, RC6, \ref SAFER_K "SAFER-K",
+	\ref SAFER_SK "SAFER-SK", SEED, Serpent, \ref SHACAL2 "SHACAL-2", SHARK, SKIPJACK,
+Square, TEA, \ref ThreeWay "3-Way", Threefish, Twofish, XTEA
 <dt>Stream Ciphers<dd>
-	ChaCha8, ChaCha12, ChaCha20, \ref Panama "Panama-LE", \ref Panama "Panama-BE", Salsa20, \ref SEAL "SEAL-LE", \ref SEAL "SEAL-BE", WAKE, XSalsa20
+	ChaCha8, ChaCha12, ChaCha20, \ref Panama "Panama-LE", \ref Panama "Panama-BE", Salsa20,
+	\ref SEAL "SEAL-LE", \ref SEAL "SEAL-BE", WAKE, XSalsa20
 <dt>Hash Functions<dd>
-	BLAKE2s, BLAKE2b, \ref Keccak "Keccak (F1600)", SHA1, SHA224, SHA256, SHA384, SHA512, \ref SHA3 "SHA-3", Tiger, Whirlpool, RIPEMD160, RIPEMD320, RIPEMD128, RIPEMD256, Weak::MD2, Weak::MD4, Weak::MD5
+	BLAKE2s, BLAKE2b, \ref Keccak "Keccak (F1600)", SHA1, SHA224, SHA256, SHA384, SHA512,
+	\ref SHA3 "SHA-3", Tiger, Whirlpool, RIPEMD160, RIPEMD320, RIPEMD128, RIPEMD256, SipHash,
+	Weak::MD2, Weak::MD4, Weak::MD5
 <dt>Non-Cryptographic Checksums<dd>
 	CRC32, Adler32
 <dt>Message Authentication Codes<dd>
 	VMAC, HMAC, CBC_MAC, CMAC, DMAC, TTMAC, \ref GCM "GCM (GMAC)", BLAKE2 (BLAKE2b and BLAKE2s), Poly1305
 <dt>Random Number Generators<dd>
 	NullRNG(), LC_RNG, RandomPool, BlockingRng, NonblockingRng, AutoSeededRandomPool, AutoSeededX917RNG,
-	\ref MersenneTwister "MersenneTwister (MT19937 and MT19937-AR)", RDRAND, RDSEED
+	NIST Hash_DRBG and HMAC_DRBG, \ref MersenneTwister "MersenneTwister (MT19937 and MT19937-AR)", RDRAND, RDSEED
 <dt>Key Derivation and Password-based Cryptography<dd>
-	HKDF, \ref PKCS12_PBKDF "PBKDF (PKCS #12)", \ref PKCS5_PBKDF1 "PBKDF-1 (PKCS #5)", \ref PKCS5_PBKDF2_HMAC "PBKDF-2/HMAC (PKCS #5)"
+	HKDF, \ref PKCS12_PBKDF "PBKDF (PKCS #12)", \ref PKCS5_PBKDF1 "PBKDF-1 (PKCS #5)",
+	\ref PKCS5_PBKDF2_HMAC "PBKDF-2/HMAC (PKCS #5)"
 <dt>Public Key Cryptosystems<dd>
 	DLIES, ECIES, LUCES, RSAES, RabinES, LUC_IES
 <dt>Public Key Signature Schemes<dd>
 	DSA2, GDSA, ECDSA, NR, ECNR, LUCSS, RSASS, RSASS_ISO, RabinSS, RWSS, ESIGN
 <dt>Key Agreement<dd>
-	DH, DH2, \ref MQV_Domain "MQV", \ref HMQV_Domain "HMQV", \ref FHMQV_Domain "FHMQV", ECDH, ECMQV, ECHMQV, ECFHMQV, XTR_DH
+	DH, DH2, \ref MQV_Domain "MQV", \ref HMQV_Domain "HMQV", \ref FHMQV_Domain "FHMQV", ECDH, ECMQV, ECHMQV,
+	ECFHMQV, XTR_DH
 <dt>Algebraic Structures<dd>
 	Integer, PolynomialMod2, PolynomialOver, RingOfPolynomialsOver,
 	ModularArithmetic, MontgomeryRepresentation, GFP2_ONB, GF2NP, GF256, GF2_32, EC2N, ECP
@@ -45,9 +51,11 @@ Square, TEA, \ref ThreeWay "3-Way", Twofish, XTEA
 <dt>Output Sink Classes<dd>
 	StringSinkTemplate, StringSink, ArraySink, FileSink, SocketSink, WindowsPipeSink, RandomNumberSink
 <dt>Filter Wrappers<dd>
-	StreamTransformationFilter, AuthenticatedEncryptionFilter, AuthenticatedDecryptionFilter, HashFilter, HashVerificationFilter, SignerFilter, SignatureVerificationFilter
+	StreamTransformationFilter, AuthenticatedEncryptionFilter, AuthenticatedDecryptionFilter, HashFilter,
+	HashVerificationFilter, SignerFilter, SignatureVerificationFilter
 <dt>Binary to Text Encoders and Decoders<dd>
-	HexEncoder, HexDecoder, Base64Encoder, Base64Decoder, Base64URLEncoder, Base64URLDecoder, Base32Encoder, Base32Decoder
+	HexEncoder, HexDecoder, Base64Encoder, Base64Decoder, Base64URLEncoder, Base64URLDecoder, Base32Encoder,
+	Base32Decoder
 <dt>Wrappers for OS features<dd>
 	Timer, Socket, WindowsHandle, ThreadLocalStorage, ThreadUserTimer
 <dt>FIPS 140 validated cryptography<dd>
@@ -59,11 +67,13 @@ In the DLL version of Crypto++, only the following implementation class are avai
 <dt>Block Ciphers<dd>
 	AES, \ref DES_EDE2 "2-key Triple-DES", \ref DES_EDE3 "3-key Triple-DES", SKIPJACK
 <dt>Cipher Modes (replace template parameter BC with one of the block ciphers above)<dd>
-	\ref ECB_Mode "ECB_Mode<BC>", \ref CTR_Mode "CTR_Mode<BC>", \ref CBC_Mode "CBC_Mode<BC>", \ref CFB_FIPS_Mode "CFB_FIPS_Mode<BC>", \ref OFB_Mode "OFB_Mode<BC>", \ref GCM "GCM<AES>"
+	\ref ECB_Mode "ECB_Mode<BC>", \ref CTR_Mode "CTR_Mode<BC>", \ref CBC_Mode "CBC_Mode<BC>",
+	\ref CFB_FIPS_Mode "CFB_FIPS_Mode<BC>", \ref OFB_Mode "OFB_Mode<BC>", \ref GCM "GCM<AES>"
 <dt>Hash Functions<dd>
 	SHA1, SHA224, SHA256, SHA384, SHA512
 <dt>Public Key Signature Schemes (replace template parameter H with one of the hash functions above)<dd>
-	RSASS\<PKCS1v15, H\>, RSASS\<PSS, H\>, RSASS_ISO\<H\>, RWSS\<P1363_EMSA2, H\>, DSA, ECDSA\<ECP, H\>, ECDSA\<EC2N, H\>
+	RSASS\<PKCS1v15, H\>, RSASS\<PSS, H\>, RSASS_ISO\<H\>, RWSS\<P1363_EMSA2, H\>, DSA, ECDSA\<ECP, H\>,
+	ECDSA\<EC2N, H\>
 <dt>Message Authentication Codes (replace template parameter H with one of the hash functions above)<dd>
 	HMAC\<H\>, CBC_MAC\<DES_EDE2\>, CBC_MAC\<DES_EDE3\>, GCM\<AES\>
 <dt>Random Number Generators<dd>

From ceecf3faf5caef2d762617249bcf7fe4b9f649ba Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 17 Apr 2017 04:23:50 -0400
Subject: [PATCH 048/200] Fix table whitespace

---
 bench1.cpp | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/bench1.cpp b/bench1.cpp
index f9e0f0b8..4c5de739 100644
--- a/bench1.cpp
+++ b/bench1.cpp
@@ -353,21 +353,24 @@ void Benchmark(Test::TestClass suites, double t, double hertz)
 
 	// Unkeyed algorithms
 	if (suites & Test::Unkeyed)
-		Benchmark1(t, hertz);
-
-	if (static_cast<int>(suites) > 1)
+	{
 		std::cout << "\n<BR>";
+		Benchmark1(t, hertz);
+	}
 
 	// Shared key algorithms
 	if (suites & Test::SharedKey)
-		Benchmark2(t, hertz);
-
-	if (static_cast<int>(suites) > 2)
+	{
 		std::cout << "\n<BR>";
+		Benchmark2(t, hertz);
+	}
 
 	// Public key algorithms
 	if (suites & Test::PublicKey)
+	{
+		std::cout << "\n<BR>";
 		Benchmark3(t, hertz);
+	}
 
 	g_testEnd = std::time(NULLPTR);
 
@@ -536,6 +539,9 @@ void Benchmark2(double t, double hertz)
 		BenchMarkByName<SymmetricCipher>("Camellia/CTR", 16);
 		BenchMarkByName<SymmetricCipher>("Camellia/CTR", 32);
 		BenchMarkByName<SymmetricCipher>("Twofish/CTR");
+//		BenchMarkByName<SymmetricCipher>("Threefish256/CTR");
+//		BenchMarkByName<SymmetricCipher>("Threefish512/CTR");
+//		BenchMarkByName<SymmetricCipher>("Threefish1024/CTR");
 		BenchMarkByName<SymmetricCipher>("Serpent/CTR");
 		BenchMarkByName<SymmetricCipher>("CAST-256/CTR");
 		BenchMarkByName<SymmetricCipher>("RC6/CTR");

From cede0f3fb147e1fed37a914c37d2d31a4e1f99a9 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 18 Apr 2017 02:57:38 -0400
Subject: [PATCH 049/200] Whitespace

---
 CMakeLists.txt | 102 ++++++++++++++++++++++++-------------------------
 1 file changed, 51 insertions(+), 51 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 7d8bff6c..327395a1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -106,57 +106,57 @@ if(NOT CRYPTOPP_DATA_DIR STREQUAL "")
 	add_definitions(-DCRYPTOPP_DATA_DIR="${CRYPTOPP_DATA_DIR}")
 endif()
 
-if (CMAKE_CXX_COMPILER_ID MATCHES "GNU")
-	# TODO(unassigned): should we avoid these (for cross-platform compatability)?
-	set(SHELL_CMD sh -c)
-	set(GREP_CMD egrep -c)
-
-	execute_process(COMMAND ${SHELL_CMD} "${CMAKE_CXX_COMPILER} --version 2>&1"
-		COMMAND ${GREP_CMD} -i macports
-		OUTPUT_VARIABLE MACPORTS
-		OUTPUT_STRIP_TRAILING_WHITESPACE)
-
-	if (MACPORTS EQUAL 0)
-		# Get GAS version, add defs + set as appropriate
-		set(GAS_CMD ${SHELL_CMD} "${CMAKE_CXX_COMPILER} -xc -c /dev/null -Wa,-v -o/dev/null 2>&1")
-
-		execute_process(COMMAND ${GAS_CMD}
-			OUTPUT_VARIABLE GAS_STRING
-			OUTPUT_STRIP_TRAILING_WHITESPACE)
-		string(FIND ${GAS_STRING} "GNU assumbler" GAS_OUTPUT)
-
-		if (GAS_OUTPUT)
-			#.intel_syntax wasn't supported until GNU assembler 2.10
-			# No DISABLE_NATIVE_ARCH with CRYPTOPP_DISABLE_ASM for now
-			# See http://github.com/weidai11/cryptopp/issues/395
-
-			# TODO(unassigned): string() REGEX was not cooperating at time of writing. Re-implement as needed.
-			execute_process(COMMAND echo ${GAS_STRING}
-				COMMAND ${GREP_CMD} "GNU assembler version (2\\.[1-9][0-9]|[3-9])"
-				OUTPUT_VARIABLE GAS210_OR_LATER)
-			if (GAS210_OR_LATER EQUAL 0)
-				add_definitions(-DCRYPTOPP_DISABLE_ASM)
-			endif()
-
-			execute_process(COMMAND echo ${GAS_STRING}
-				COMMAND ${GREP_CMD} "GNU assembler version (2\\.1[7-9]|2\\.[2-9]|[3-9])"
-				OUTPUT_VARIABLE GAS217_OR_LATER)
-			if (GAS217_OR_LATER EQUAL 0)
-				add_definitions(-DCRYPTOPP_DISABLE_SSSE3)
-				set(DISABLE_NATIVE_ARCH 1)
-			endif()
-
-			execute_process(COMMAND echo ${GAS_STRING}
-				COMMAND ${GREP_CMD} "GNU assembler version (2\\.19|2\\.[2-9]|[3-9])"
-				OUTPUT_VARIABLE GAS219_OR_LATER)
-			if (GAS219_OR_LATER EQUAL 0)
-				add_definitions(-DCRYPTOPP_DISABLE_AESNI)
-				set(DISABLE_NATIVE_ARCH 1)
-			endif()
-		endif()
-	endif()
-endif()
-
+if (CMAKE_CXX_COMPILER_ID MATCHES "GNU")
+	# TODO(unassigned): should we avoid these (for cross-platform compatability)?
+	set(SHELL_CMD sh -c)
+	set(GREP_CMD egrep -c)
+
+	execute_process(COMMAND ${SHELL_CMD} "${CMAKE_CXX_COMPILER} --version 2>&1"
+		COMMAND ${GREP_CMD} -i macports
+		OUTPUT_VARIABLE MACPORTS
+		OUTPUT_STRIP_TRAILING_WHITESPACE)
+
+	if (MACPORTS EQUAL 0)
+		# Get GAS version, add defs + set as appropriate
+		set(GAS_CMD ${SHELL_CMD} "${CMAKE_CXX_COMPILER} -xc -c /dev/null -Wa,-v -o/dev/null 2>&1")
+
+		execute_process(COMMAND ${GAS_CMD}
+			OUTPUT_VARIABLE GAS_STRING
+			OUTPUT_STRIP_TRAILING_WHITESPACE)
+		string(FIND ${GAS_STRING} "GNU assumbler" GAS_OUTPUT)
+
+		if (GAS_OUTPUT)
+			#.intel_syntax wasn't supported until GNU assembler 2.10
+			# No DISABLE_NATIVE_ARCH with CRYPTOPP_DISABLE_ASM for now
+			# See http://github.com/weidai11/cryptopp/issues/395
+
+			# TODO(unassigned): string() REGEX was not cooperating at time of writing. Re-implement as needed.
+			execute_process(COMMAND echo ${GAS_STRING}
+				COMMAND ${GREP_CMD} "GNU assembler version (2\\.[1-9][0-9]|[3-9])"
+				OUTPUT_VARIABLE GAS210_OR_LATER)
+			if (GAS210_OR_LATER EQUAL 0)
+				add_definitions(-DCRYPTOPP_DISABLE_ASM)
+			endif()
+
+			execute_process(COMMAND echo ${GAS_STRING}
+				COMMAND ${GREP_CMD} "GNU assembler version (2\\.1[7-9]|2\\.[2-9]|[3-9])"
+				OUTPUT_VARIABLE GAS217_OR_LATER)
+			if (GAS217_OR_LATER EQUAL 0)
+				add_definitions(-DCRYPTOPP_DISABLE_SSSE3)
+				set(DISABLE_NATIVE_ARCH 1)
+			endif()
+
+			execute_process(COMMAND echo ${GAS_STRING}
+				COMMAND ${GREP_CMD} "GNU assembler version (2\\.19|2\\.[2-9]|[3-9])"
+				OUTPUT_VARIABLE GAS219_OR_LATER)
+			if (GAS219_OR_LATER EQUAL 0)
+				add_definitions(-DCRYPTOPP_DISABLE_AESNI)
+				set(DISABLE_NATIVE_ARCH 1)
+			endif()
+		endif()
+	endif()
+endif()
+
 # We need the output 'uname -s' for Unix and Linux system detection
 if (NOT CRYPTOPP_CROSS_COMPILE)
 	set (UNAME_CMD "uname")

From 72d8cbe9177bade320b51c149aac1c67c4dd13ec Mon Sep 17 00:00:00 2001
From: Anton Gorev <kvirund@gmail.com>
Date: Fri, 21 Apr 2017 15:26:16 -0500
Subject: [PATCH 050/200] Some fixes related to SunCC compiler bugs.

Fixes for "invalid address alignment" errors. See https://groups.google.com/d/topic/cryptopp-users/OYaByDEbSI0/discussion for details.
Changed config.h in accordance to Jeffrey Walton's request;
---
 config.h     |  2 +-
 sha.cpp      | 16 +++++++++++++++-
 vmac.cpp     | 18 ++++++++++++++++--
 whrlpool.cpp |  8 ++++++++
 4 files changed, 40 insertions(+), 4 deletions(-)

diff --git a/config.h b/config.h
index cfdb6410..0f1310ba 100644
--- a/config.h
+++ b/config.h
@@ -204,7 +204,7 @@ typedef unsigned int word32;
 #if defined(_MSC_VER) || defined(__BORLANDC__)
 	typedef unsigned __int64 word64;
 	#define W64LIT(x) x##ui64
-#elif (_LP64 || __LP64__)
+#elif (_LP64 || __LP64__) && !defined(__SUNPRO_CC)
 	typedef unsigned long word64;
 	#define W64LIT(x) x##UL
 #else
diff --git a/sha.cpp b/sha.cpp
index d97c404b..8344ffc5 100644
--- a/sha.cpp
+++ b/sha.cpp
@@ -40,7 +40,21 @@ typedef void (CRYPTOPP_FASTCALL *pfnSHAHashBlocks)(word32 *state, const word32 *
 // start of Steve Reid's code //
 ////////////////////////////////
 
-#define blk0(i) (W[i] = data[i])
+
+template <typename T>
+inline T BLK0_TEMPLATE(const T* y, const int i)
+{
+    T t;
+    memcpy(&t, y+i, sizeof(t));
+    return t;
+}
+
+#if defined(__SUNPRO_CC)
+#  define blk0(i) (W[i] = BLK0_TEMPLATE(data,i))
+#else
+#  define blk0(i) (W[i] = data[i])
+#endif
+
 #define blk1(i) (W[i&15] = rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1))
 
 #define f1(x,y,z) (z^(x&(y^z)))
diff --git a/vmac.cpp b/vmac.cpp
index 30eee34d..82b4bf12 100644
--- a/vmac.cpp
+++ b/vmac.cpp
@@ -546,9 +546,23 @@ void VMAC_Base::VHASH_Update_Template(const word64 *data, size_t blocksRemaining
 	CRYPTOPP_ASSERT(IsAlignedOn(m_polyState(),GetAlignmentOf<word64>()));
 	CRYPTOPP_ASSERT(IsAlignedOn(m_nhKey(),GetAlignmentOf<word64>()));
 
-	#define INNER_LOOP_ITERATION(j)	{\
+#if defined(__SUNPRO_CC)
+	#define PREPARE_D0_D1(j) \
+		word64 d0_original = 0;\
+		memcpy(&d0_original, data + i + 2*j + 0, sizeof(d0_original));\
+		word64 d1_original = 0;\
+		memcpy(&d1_original, data + i + 2*j + 1, sizeof(d1_original));\
+		\
+		word64 d0 = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, d0_original);\
+		word64 d1 = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, d1_original)
+#else
+	#define PREPARE_D0_D1(j) \
 		word64 d0 = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, data[i+2*j+0]);\
-		word64 d1 = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, data[i+2*j+1]);\
+		word64 d1 = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, data[i+2*j+1])
+#endif
+
+	#define INNER_LOOP_ITERATION(j)	{\
+		PREPARE_D0_D1(j);\
 		AccumulateNH(nhA, d0+nhK[i+2*j+0], d1+nhK[i+2*j+1]);\
 		if (T_128BitTag)\
 			AccumulateNH(nhB, d0+nhK[i+2*j+2], d1+nhK[i+2*j+3]);\
diff --git a/whrlpool.cpp b/whrlpool.cpp
index 1278ad8a..8d065b30 100644
--- a/whrlpool.cpp
+++ b/whrlpool.cpp
@@ -609,7 +609,15 @@ void Whirlpool::Transform(word64 *digest, const word64 *block)
 	// Compute and apply K^0 to the cipher state
 	// Also apply part of the Miyaguchi-Preneel compression function
 	for (int i=0; i<8; i++)
+	{
+#if defined (__SUNPRO_CC)
+		word64 block_i = 0;
+		memcpy(&block_i, &block[i], sizeof(block_i));
+		digest[i] = s[i] = block_i ^ (k[i] = digest[i]);
+#else
 		digest[i] = s[i] = block[i] ^ (k[i] = digest[i]);
+#endif
+	}
 
 #define KSL(op, i, a, b, c, d)	\
 	t = (word32)k[i];\

From 63cc633be788498d3cbbad986068f95591916965 Mon Sep 17 00:00:00 2001
From: Anton Gorev <kvirund@gmail.com>
Date: Fri, 21 Apr 2017 21:23:08 -0500
Subject: [PATCH 051/200] Reverted change in config.h as it does not fix
 anything.

---
 config.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config.h b/config.h
index 0f1310ba..cfdb6410 100644
--- a/config.h
+++ b/config.h
@@ -204,7 +204,7 @@ typedef unsigned int word32;
 #if defined(_MSC_VER) || defined(__BORLANDC__)
 	typedef unsigned __int64 word64;
 	#define W64LIT(x) x##ui64
-#elif (_LP64 || __LP64__) && !defined(__SUNPRO_CC)
+#elif (_LP64 || __LP64__)
 	typedef unsigned long word64;
 	#define W64LIT(x) x##UL
 #else

From 8ded8bc38d2f50956806dee147281c0819d73507 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 21 Apr 2017 23:52:43 -0400
Subject: [PATCH 052/200] Clear SunCC anachronism warning "Attempt to redefine
 IS_BIG_ENDIAN without using #undef"

---
 config.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config.h b/config.h
index cfdb6410..de93eadb 100644
--- a/config.h
+++ b/config.h
@@ -9,13 +9,13 @@
 // ***************** Important Settings ********************
 
 // define this if running on a big-endian CPU
-#if !defined(IS_LITTLE_ENDIAN) && (defined(__BIG_ENDIAN__) || (defined(__s390__) || defined(__s390x__) || defined(__zarch__)) || (defined(__m68k__) || defined(__MC68K__)) || defined(__sparc) || defined(__sparc__) || defined(__hppa__) || defined(__MIPSEB__) || defined(__ARMEB__) || (defined(__MWERKS__) && !defined(__INTEL__)))
+#if !defined(IS_LITTLE_ENDIAN) && !defined(IS_BIG_ENDIAN) && (defined(__BIG_ENDIAN__) || (defined(__s390__) || defined(__s390x__) || defined(__zarch__)) || (defined(__m68k__) || defined(__MC68K__)) || defined(__sparc) || defined(__sparc__) || defined(__hppa__) || defined(__MIPSEB__) || defined(__ARMEB__) || (defined(__MWERKS__) && !defined(__INTEL__)))
 #	define IS_BIG_ENDIAN
 #endif
 
 // define this if running on a little-endian CPU
 // big endian will be assumed if IS_LITTLE_ENDIAN is not defined
-#ifndef IS_BIG_ENDIAN
+#if !defined(IS_BIG_ENDIAN) && !defined(IS_LITTLE_ENDIAN)
 #	define IS_LITTLE_ENDIAN
 #endif
 

From c25edcaff36fee6e6990d8ea8953a46e16cd31ae Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 22 Apr 2017 00:05:55 -0400
Subject: [PATCH 053/200] Add potential workaround for Solaris SIGBUS

---
 CMakeLists.txt | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 327395a1..02b53a27 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -237,6 +237,11 @@ if ((NOT CRYPTOPP_CROSS_COMPILE) AND "${UNAME_SYSTEM}" STREQUAL "SunOS")
 	if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "SunPro")
 		SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -template=no%extdef")
 	endif()
+
+	# Try this if you are encountering unexplained SIGBUS'es
+	# even when DBX reports the memory is aligned.
+	# SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -xmemalign=8i")
+
 endif()
 
 # Link is driven through the compiler, but CXXFLAGS are not used. Also see

From 12b5074c723e29c03ca902d39e19369dc1ef1dcc Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 22 Apr 2017 00:17:45 -0400
Subject: [PATCH 054/200] Fix SunCC and "_mm_set_epi8 must have prototype"

---
 cpu.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cpu.h b/cpu.h
index 7c27c145..8d1db36e 100644
--- a/cpu.h
+++ b/cpu.h
@@ -47,7 +47,7 @@
 #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE
 #  include <emmintrin.h>    // __m64, __m128i, _mm_set_epi64x
 #endif
-#if CRYPTOPP_BOOL_SSSE3_ASM_AVAILABLE
+#if CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE
 #  include <tmmintrin.h>    // _mm_shuffle_pi8, _mm_shuffle_epi8
 #endif // tmmintrin.h
 #if CRYPTOPP_BOOL_SSE4_INTRINSICS_AVAILABLE

From cd65ce873a1d8b74582c572d3b81fa09d378026c Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 22 Apr 2017 01:15:17 -0400
Subject: [PATCH 055/200] Add -xmemalign=4i for Sun SPARC (Issue 403)

---
 GNUmakefile | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/GNUmakefile b/GNUmakefile
index db1713f6..dc987bce 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -21,6 +21,8 @@ IS_X64 := $(shell uname -m | $(EGREP) -i -c "(_64|d64)")
 IS_PPC := $(shell uname -m | $(EGREP) -i -c "ppc|power")
 IS_ARM32 := $(shell uname -m | $(EGREP) -i -c "arm")
 IS_ARM64 := $(shell uname -m | $(EGREP) -i -c "aarch64")
+IS_SPARC := $(shell uname -m | $(EGREP) -i -c "sparc")
+IS_SPARC64 := $(shell uname -m | $(EGREP) -i -c "sparc64")
 
 IS_SUN := $(shell uname | $(EGREP) -i -c "SunOS")
 IS_LINUX := $(shell $(CXX) -dumpmachine 2>&1 | $(EGREP) -i -c "Linux")
@@ -346,6 +348,10 @@ CXXFLAGS += -KPIC
 endif
 # Add to all Solaris
 CXXFLAGS += -template=no%extdef
+# http://github.com/weidai11/cryptopp/issues/403
+ifneq ($(IS_SPARC)$(IS_SPARC64),00)
+CXXFLAGS += -xmemalign=4i
+endif
 SUN_CC10_BUGGY := $(shell $(CXX) -V 2>&1 | $(EGREP) -c "CC: Sun .* 5\.10 .* (2009|2010/0[1-4])")
 ifneq ($(SUN_CC10_BUGGY),0)
 # -DCRYPTOPP_INCLUDE_VECTOR_CC is needed for Sun Studio 12u1 Sun C++ 5.10 SunOS_i386 128229-02 2009/09/21 and was fixed in May 2010

From b9abd7141e0fc262ad336833cf77f75f283c0e84 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 22 Apr 2017 12:19:55 -0400
Subject: [PATCH 056/200] Fix endian-reversal and loading of MSG0-MSG3

Initially we performed a 32-bit word-size ByteReverse() on the entire 64-byte buffer being hashed. Then we performed another fix-up when loading each 16-byte portion of the buffer into the SSE2 registers for SHA processing. The [undesired] consequence was byte swapping and reversals happened twice. Worse, the call to ByteReverse() produced 16 bswaps instead of 1 call pshufb, so it was orders of magnitude slower than it needed to be.

This check-in takes the sane approach to byte reversals and swapping. It performs it once when the message is loaded for SSE processing. The result is SHA1 calculations drop from about 3.0 cpb to about 2.5 cpb.
---
 sha.cpp | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/sha.cpp b/sha.cpp
index 8344ffc5..843b7233 100644
--- a/sha.cpp
+++ b/sha.cpp
@@ -122,17 +122,11 @@ static void SHA1_SSE_SHA_Transform(word32 *state, const word32 *data)
     __m128i ABCD, ABCD_SAVE, E0, E0_SAVE, E1;
     __m128i MASK, MSG0, MSG1, MSG2, MSG3;
 
-    // IteratedHashBase<T> has code to perform this step before HashEndianCorrectedBlock()
-    //  is called, but the design does not lend itself to optional hardware components
-    //  where SHA1 needs reversing, but SHA256 does not.
-    word32* dataBuf = const_cast<word32*>(data);
-    ByteReverse(dataBuf, dataBuf, 64);
-
     // Load initial values
     ABCD = _mm_loadu_si128((__m128i*) state);
     E0 = _mm_set_epi32(state[4], 0, 0, 0);
     ABCD = _mm_shuffle_epi32(ABCD, 0x1B);
-    MASK = _mm_set_epi64x(W64LIT(0x0001020304050607), W64LIT(0x08090a0b0c0d0e0f));
+    MASK = _mm_set_epi8(3,2,1,0, 7,6,5,4, 11,10,9,8, 15,14,13,12);
 
     // Save current hash
     ABCD_SAVE = ABCD;

From f818d4e50fea71c58baef7b29318a58ab1f349ce Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 22 Apr 2017 16:27:37 -0400
Subject: [PATCH 057/200] Updated code generation tests

---
 TestScripts/cryptest.sh | 49 ++++++++++++++++++++++++++++++-----------
 cryptest.sh             | 49 ++++++++++++++++++++++++++++++-----------
 2 files changed, 72 insertions(+), 26 deletions(-)

diff --git a/TestScripts/cryptest.sh b/TestScripts/cryptest.sh
index dedc2111..6a039ce4 100755
--- a/TestScripts/cryptest.sh
+++ b/TestScripts/cryptest.sh
@@ -1194,7 +1194,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=sha.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		DISASS_TEXT=$("$DISASS" "${DISASSARGS[@]}" "$OBJFILE" 2>/dev/null)
 
@@ -1231,7 +1231,11 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 	############################################
 	# Test AES-NI code generation
 
-	X86_AESNI=$(echo -n "$X86_CPU_FLAGS" | "$GREP" -i -c aes)
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -maes adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_AESNI=1
+	fi
+
 	if [[ ("$X86_AESNI" -ne "0") ]]; then
 		echo
 		echo "************************************" | tee -a "$TEST_RESULTS"
@@ -1239,7 +1243,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=rijndael.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1293,7 +1297,11 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 	############################################
 	# X86 carryless multiply code generation
 
-	X86_PCLMUL=$(echo -n "$X86_CPU_FLAGS" | "$GREP" -i -c pclmulq)
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mpclmul adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_PCLMUL=1
+	fi
+
 	if [[ ("$X86_PCLMUL" -ne "0") ]]; then
 		echo
 		echo "************************************" | tee -a "$TEST_RESULTS"
@@ -1301,7 +1309,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=gcm.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1331,8 +1339,15 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 	############################################
 	# Test RDRAND and RDSEED code generation
 
-	X86_RDRAND=$(echo -n "$X86_CPU_FLAGS" | "$GREP" -i -c rdrand)
-	X86_RDSEED=$(echo -n "$X86_CPU_FLAGS" | "$GREP" -i -c rdseed)
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mrdrnd adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_RDRAND=1
+	fi
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mrdseed adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_RDSEED=1
+	fi
+
 	if [[ ("$X86_RDRAND" -ne "0" || "$X86_RDSEED" -ne "0") ]]; then
 		echo
 		echo "************************************" | tee -a "$TEST_RESULTS"
@@ -1340,7 +1355,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=rdrand.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1374,7 +1389,11 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 	############################################
 	# X86 CRC32 code generation
 
-	X86_CRC32=$(echo -n "$X86_CPU_FLAGS" | "$EGREP" -i -c '(sse4.2|sse4_2)')
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -msse4.2 adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_CRC32=1
+	fi
+
 	if [[ ("$X86_CRC32" -ne "0") ]]; then
 		echo
 		echo "************************************" | tee -a "$TEST_RESULTS"
@@ -1382,7 +1401,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=crc.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1412,7 +1431,11 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 	############################################
 	# X86 SHA code generation
 
-	X86_SHA=$(echo -n "$X86_CPU_FLAGS" | "$EGREP" -i -c '(sha_ni)')
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -msha adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_SHA=1
+	fi
+
 	if [[ ("$X86_SHA" -ne "0") ]]; then
 		echo
 		echo "************************************" | tee -a "$TEST_RESULTS"
@@ -1420,7 +1443,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=sha.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1580,7 +1603,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_ARM32" -ne "0" || "$IS_ARM64" -ne "0")) ]
 		echo
 
 		OBJFILE=crc.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
diff --git a/cryptest.sh b/cryptest.sh
index dedc2111..6a039ce4 100755
--- a/cryptest.sh
+++ b/cryptest.sh
@@ -1194,7 +1194,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=sha.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		DISASS_TEXT=$("$DISASS" "${DISASSARGS[@]}" "$OBJFILE" 2>/dev/null)
 
@@ -1231,7 +1231,11 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 	############################################
 	# Test AES-NI code generation
 
-	X86_AESNI=$(echo -n "$X86_CPU_FLAGS" | "$GREP" -i -c aes)
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -maes adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_AESNI=1
+	fi
+
 	if [[ ("$X86_AESNI" -ne "0") ]]; then
 		echo
 		echo "************************************" | tee -a "$TEST_RESULTS"
@@ -1239,7 +1243,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=rijndael.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1293,7 +1297,11 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 	############################################
 	# X86 carryless multiply code generation
 
-	X86_PCLMUL=$(echo -n "$X86_CPU_FLAGS" | "$GREP" -i -c pclmulq)
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mpclmul adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_PCLMUL=1
+	fi
+
 	if [[ ("$X86_PCLMUL" -ne "0") ]]; then
 		echo
 		echo "************************************" | tee -a "$TEST_RESULTS"
@@ -1301,7 +1309,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=gcm.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1331,8 +1339,15 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 	############################################
 	# Test RDRAND and RDSEED code generation
 
-	X86_RDRAND=$(echo -n "$X86_CPU_FLAGS" | "$GREP" -i -c rdrand)
-	X86_RDSEED=$(echo -n "$X86_CPU_FLAGS" | "$GREP" -i -c rdseed)
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mrdrnd adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_RDRAND=1
+	fi
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mrdseed adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_RDSEED=1
+	fi
+
 	if [[ ("$X86_RDRAND" -ne "0" || "$X86_RDSEED" -ne "0") ]]; then
 		echo
 		echo "************************************" | tee -a "$TEST_RESULTS"
@@ -1340,7 +1355,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=rdrand.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1374,7 +1389,11 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 	############################################
 	# X86 CRC32 code generation
 
-	X86_CRC32=$(echo -n "$X86_CPU_FLAGS" | "$EGREP" -i -c '(sse4.2|sse4_2)')
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -msse4.2 adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_CRC32=1
+	fi
+
 	if [[ ("$X86_CRC32" -ne "0") ]]; then
 		echo
 		echo "************************************" | tee -a "$TEST_RESULTS"
@@ -1382,7 +1401,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=crc.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1412,7 +1431,11 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 	############################################
 	# X86 SHA code generation
 
-	X86_SHA=$(echo -n "$X86_CPU_FLAGS" | "$EGREP" -i -c '(sha_ni)')
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -msha adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_SHA=1
+	fi
+
 	if [[ ("$X86_SHA" -ne "0") ]]; then
 		echo
 		echo "************************************" | tee -a "$TEST_RESULTS"
@@ -1420,7 +1443,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=sha.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1580,7 +1603,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_ARM32" -ne "0" || "$IS_ARM64" -ne "0")) ]
 		echo
 
 		OBJFILE=crc.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0

From 7562e38ad6704810d8ed7eef58f9a5d92c24dce3 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 22 Apr 2017 19:46:13 -0400
Subject: [PATCH 058/200] Add safety for SHA intructions It looks like SHA
 support appeared in the GCC compiler around 4.8 or 4.9. It looks like SHA
 support appeared in the GNU assembler around 2.23

---
 CMakeLists.txt | 18 +++++++++++++++---
 GNUmakefile    |  6 ++++++
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 02b53a27..f213131c 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -46,6 +46,7 @@ endif()
 option(DISABLE_ASM "Disable ASM" OFF)
 option(DISABLE_SSSE3 "Disable SSSE3" OFF)
 option(DISABLE_AESNI "Disable AES-NI" OFF)
+option(DISABLE_SHA "Disable SHA" OFF)
 option(DISABLE_NATIVE_ARCH "Disable the addition of -march=native" OFF)
 set(CRYPTOPP_DATA_DIR "" CACHE PATH "Crypto++ test data directory")
 
@@ -102,6 +103,10 @@ if(DISABLE_AESNI)
 	add_definitions(-DCRYPTOPP_DISABLE_AESNI)
 	set(DISABLE_NATIVE_ARCH 1)
 endif()
+if(DISABLE_SHA)
+	add_definitions(-DCRYPTOPP_DISABLE_SHA)
+	set(DISABLE_NATIVE_ARCH 1)
+endif()
 if(NOT CRYPTOPP_DATA_DIR STREQUAL "")
 	add_definitions(-DCRYPTOPP_DATA_DIR="${CRYPTOPP_DATA_DIR}")
 endif()
@@ -153,6 +158,14 @@ if (CMAKE_CXX_COMPILER_ID MATCHES "GNU")
 				add_definitions(-DCRYPTOPP_DISABLE_AESNI)
 				set(DISABLE_NATIVE_ARCH 1)
 			endif()
+
+			execute_process(COMMAND echo ${GAS_STRING}
+				COMMAND ${GREP_CMD} "GNU assembler version (2\\.2[3-9]|2\\.[3-9]|[3-9])"
+				OUTPUT_VARIABLE GAS223_OR_LATER)
+			if (GAS223_OR_LATER EQUAL 0)
+				add_definitions(-DCRYPTOPP_DISABLE_SHA)
+				set(DISABLE_NATIVE_ARCH 1)
+			endif()
 		endif()
 	endif()
 endif()
@@ -238,9 +251,8 @@ if ((NOT CRYPTOPP_CROSS_COMPILE) AND "${UNAME_SYSTEM}" STREQUAL "SunOS")
 		SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -template=no%extdef")
 	endif()
 
-	# Try this if you are encountering unexplained SIGBUS'es
-	# even when DBX reports the memory is aligned.
-	# SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -xmemalign=8i")
+	# Try this if you are encountering unexplained SIGBUS'es on SPARC
+	# SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -xmemalign=4i")
 
 endif()
 
diff --git a/GNUmakefile b/GNUmakefile
index dc987bce..b0b57c2e 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -148,6 +148,7 @@ ifneq ($(HAVE_GAS),0)
   GAS210_OR_LATER := $(shell $(CXX) -xc -c /dev/null -Wa,-v -o/dev/null 2>&1 | $(EGREP) -c "GNU assembler version (2\.[1-9][0-9]|[3-9])")
   GAS217_OR_LATER := $(shell $(CXX) -xc -c /dev/null -Wa,-v -o/dev/null 2>&1 | $(EGREP) -c "GNU assembler version (2\.1[7-9]|2\.[2-9]|[3-9])")
   GAS219_OR_LATER := $(shell $(CXX) -xc -c /dev/null -Wa,-v -o/dev/null 2>&1 | $(EGREP) -c "GNU assembler version (2\.19|2\.[2-9]|[3-9])")
+  GAS223_OR_LATER := $(shell $(CXX) -xc -c /dev/null -Wa,-v -o/dev/null 2>&1 | $(EGREP) -c "GNU assembler version (2\.2[3-9]|2\.[3-9]|[3-9])")
 endif
 
 ICC111_OR_LATER := $(shell $(CXX) --version 2>&1 | $(EGREP) -c "\(ICC\) ([2-9][0-9]|1[2-9]|11\.[1-9])")
@@ -172,6 +173,11 @@ else
 ifeq ($(HAVE_GAS)$(GAS219_OR_LATER),10)
 CXXFLAGS += -DCRYPTOPP_DISABLE_AESNI
 DISABLE_NATIVE_ARCH := 1
+else
+ifeq ($(HAVE_GAS)$(GAS223_OR_LATER),10)
+CXXFLAGS += -DCRYPTOPP_DISABLE_SHA
+DISABLE_NATIVE_ARCH := 1
+endif
 endif
 endif
 endif

From 4478e4cf39c1db269ee2ed22488ef8f2b3e4e721 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 22 Apr 2017 21:22:32 -0400
Subject: [PATCH 059/200] Removed Unified ASM and Modern Compiler tests Unified
 adds no value, and modern compilers are already tested

---
 TestScripts/cryptest.sh | 273 +---------------------------------------
 cryptest.sh             | 273 +---------------------------------------
 2 files changed, 4 insertions(+), 542 deletions(-)

diff --git a/TestScripts/cryptest.sh b/TestScripts/cryptest.sh
index 6a039ce4..6c46f45a 100755
--- a/TestScripts/cryptest.sh
+++ b/TestScripts/cryptest.sh
@@ -397,7 +397,7 @@ if [[ (-z "$HAVE_O3") ]]; then
 fi
 
 # Hit or miss, mostly hit
-if [[ (-z "$HAVE_O5") ]]; then
+if [[ ( (-z "$HAVE_O5") && ("$CLANG_COMPILER" -eq "0") ) ]]; then
 	HAVE_O5=0
 	OPT_O5=
 	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
@@ -581,37 +581,6 @@ if [[ (-z "$HAVE_X32") ]]; then
 	fi
 fi
 
-# "Modern compiler, old hardware" combinations
-HAVE_X86_AES=0
-HAVE_X86_RDRAND=0
-HAVE_X86_RDSEED=0
-HAVE_X86_PCLMUL=0
-if [[ ("$IS_X86" -ne "0" || "$IS_X64" -ne "0") && ("$SUN_COMPILER" -eq "0") ]]; then
-	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
-	"$CXX" -DCRYPTOPP_ADHOC_MAIN -maes adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
-	if [[ "$?" -eq "0" ]]; then
-		HAVE_X86_AES=1
-	fi
-
-	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
-	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mrdrnd adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
-	if [[ "$?" -eq "0" ]]; then
-		HAVE_X86_RDRAND=1
-	fi
-
-	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
-	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mrdseed adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
-	if [[ "$?" -eq "0" ]]; then
-		HAVE_X86_RDSEED=1
-	fi
-
-	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
-	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mpclmul adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
-	if [[ "$?" -eq "0" ]]; then
-		HAVE_X86_PCLMUL=1
-	fi
-fi
-
 # ld-gold linker testing
 if [[ (-z "$HAVE_LDGOLD") ]]; then
 	HAVE_LDGOLD=0
@@ -628,16 +597,6 @@ if [[ (-z "$HAVE_LDGOLD") ]]; then
 	fi
 fi
 
-# GCC unified syntax for ASM. Divided syntax is being deprecated
-if [[ (-z "$HAVE_UNIFIED_ASM") ]]; then
-	HAVE_UNIFIED_ASM=0
-	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
-	"$CXX" -DCRYPTOPP_ADHOC_MAIN -masm-syntax-unified adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
-	if [[ "$?" -eq "0" ]]; then
-		HAVE_UNIFIED_ASM=1
-	fi
-fi
-
 # ARMv7 and ARMv8, including NEON, CRC32 and Crypto extensions
 if [[ ("$IS_ARM32" -ne "0" || "$IS_ARM64" -ne "0") ]]; then
 
@@ -1869,133 +1828,7 @@ if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER"
 fi
 
 ############################################
-# Minimum arch with AESNI, RDRAND and RDSEED
-if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER" -ne "0") ]]; then
-
-	X86_OPTS=()
-	if [[ "$HAVE_X86_AES" -ne "0" ]]; then
-		X86_OPTS+=("-maes")
-	fi
-	if [[ "$HAVE_X86_RDRAND" -ne "0" ]]; then
-		X86_OPTS+=("-mrdrnd")
-	fi
-	if [[ "$HAVE_X86_RDSEED" -ne "0" ]]; then
-		X86_OPTS+=("-mrdseed")
-	fi
-
-	# i586 (lacks MMX, SSE and SSE2; enables X86 hardware)
-	if [[ "$IS_X86" -ne "0" ]]; then
-		############################################
-		# Debug build
-		echo
-		echo "************************************" | tee -a "$TEST_RESULTS"
-		echo "Testing: Debug, i586, AESNI, RDRAND and RDSEED" | tee -a "$TEST_RESULTS"
-		echo
-
-		"$MAKE" clean > /dev/null 2>&1
-		rm -f adhoc.cpp > /dev/null 2>&1
-
-		CXXFLAGS="$DEBUG_CXXFLAGS -march=i586 ${X86_OPTS[@]} $OPT_PIC"
-		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-		else
-			./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-			fi
-			./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-			fi
-		fi
-
-		############################################
-		# Release build
-		echo
-		echo "************************************" | tee -a "$TEST_RESULTS"
-		echo "Testing: Release, i586, AESNI, RDRAND and RDSEED" | tee -a "$TEST_RESULTS"
-		echo
-
-		"$MAKE" clean > /dev/null 2>&1
-		rm -f adhoc.cpp > /dev/null 2>&1
-
-		CXXFLAGS="$RELEASE_CXXFLAGS -march=i586 ${X86_OPTS[@]} $OPT_PIC"
-		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-		else
-			./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-			fi
-			./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-			fi
-		fi
-	fi
-
-	# x86-64
-	if [[ "$IS_X64" -ne "0" ]]; then
-		############################################
-		# Debug build
-		echo
-		echo "************************************" | tee -a "$TEST_RESULTS"
-		echo "Testing: Debug, SSE2, AESNI, RDRAND and RDSEED" | tee -a "$TEST_RESULTS"
-		echo
-
-		"$MAKE" clean > /dev/null 2>&1
-		rm -f adhoc.cpp > /dev/null 2>&1
-
-		CXXFLAGS="$DEBUG_CXXFLAGS -march=x86-64 ${X86_OPTS[@]} $OPT_PIC"
-		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-		else
-			./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-			fi
-			./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-			fi
-		fi
-
-		############################################
-		# Release build
-		echo
-		echo "************************************" | tee -a "$TEST_RESULTS"
-		echo "Testing: Release, SSE2, AESNI, RDRAND and RDSEED" | tee -a "$TEST_RESULTS"
-		echo
-
-		"$MAKE" clean > /dev/null 2>&1
-		rm -f adhoc.cpp > /dev/null 2>&1
-
-		CXXFLAGS="$RELEASE_CXXFLAGS -march=x86-64 ${X86_OPTS[@]} $OPT_PIC"
-		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-		else
-			./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-			fi
-			./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-			fi
-		fi
-	fi
-fi
-
-############################################
-# mismatched arch capabilities
+# Mismatched arch capabilities
 if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER" -ne "0") ]]; then
 
 	# i586 (lacks MMX, SSE and SSE2)
@@ -2862,63 +2695,6 @@ if [[ "$HAVE_LDGOLD" -ne "0" ]]; then
 	fi
 fi
 
-############################################
-# Build with Unified ASM
-if [[ "$HAVE_UNIFIED_ASM" -ne "0" ]]; then
-
-	############################################
-	# Debug build
-	echo
-	echo "************************************" | tee -a "$TEST_RESULTS"
-	echo "Testing: Debug, unified asm syntax" | tee -a "$TEST_RESULTS"
-	echo
-
-	"$MAKE" clean > /dev/null 2>&1
-	rm -f adhoc.cpp > /dev/null 2>&1
-
-	CXXFLAGS="$DEBUG_CXXFLAGS ${PLATFORM_CXXFLAGS[@]} -masm-syntax-unified $USER_CXXFLAGS"
-	CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-	if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-		echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-	else
-		./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-		fi
-		./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-		fi
-	fi
-
-	############################################
-	# Release build
-	echo
-	echo "************************************" | tee -a "$TEST_RESULTS"
-	echo "Testing: Release, unified asm syntax" | tee -a "$TEST_RESULTS"
-	echo
-
-	"$MAKE" clean > /dev/null 2>&1
-	rm -f adhoc.cpp > /dev/null 2>&1
-
-	CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]} -masm-syntax-unified $USER_CXXFLAGS"
-	CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-	if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-		echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-	else
-		./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-		fi
-		./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-		fi
-	fi
-fi
-
 ############################################
 # Build at -O3
 if [[ "$HAVE_O3" -ne "0" ]]; then
@@ -4763,51 +4539,6 @@ if [[ ("$IS_DARWIN" -ne "0" && "$HAVE_CXX17" -ne "0") ]]; then
 	fi
 fi
 
-############################################
-# Modern compiler and old hardware, like PII, PIII or Core2
-if [[ ("$HAVE_X86_AES" -ne "0" || "$HAVE_X86_RDRAND" -ne "0" || "$HAVE_X86_RDSEED" -ne "0") ]]; then
-
-	echo
-	echo "************************************" | tee -a "$TEST_RESULTS"
-	echo "Testing: AES, RDRAND and RDSEED" | tee -a "$TEST_RESULTS"
-	echo
-
-	OPTS=()
-	if [[ ("$GCC_COMPILER" -ne "0") ]]; then
-		OPTS=("-march=native")
-	fi
-	if [[ "$HAVE_X86_AES" -ne "0" ]]; then
-		OPTS+=("-maes")
-	fi
-	if [[ "$HAVE_X86_RDRAND" -ne "0" ]]; then
-		OPTS+=("-mrdrnd")
-	fi
-	if [[ "$HAVE_X86_RDSEED" -ne "0" ]]; then
-		OPTS+=("-mrdseed")
-	fi
-	if [[ "$HAVE_X86_PCLMUL" -ne "0" ]]; then
-		OPTS+=("-mpclmul")
-	fi
-
-	"$MAKE" clean > /dev/null 2>&1
-	rm -f adhoc.cpp > /dev/null 2>&1
-
-	CXXFLAGS="$RELEASE_CXXFLAGS ${OPTS[@]} ${PLATFORM_CXXFLAGS[@]} $USER_CXXFLAGS"
-	CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-	if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-		echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-	else
-		./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-		fi
-		./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-		fi
-	fi
-fi
-
 ############################################
 # Benchmarks
 if [[ "$WANT_BENCHMARKS" -ne "0" ]]; then
diff --git a/cryptest.sh b/cryptest.sh
index 6a039ce4..6c46f45a 100755
--- a/cryptest.sh
+++ b/cryptest.sh
@@ -397,7 +397,7 @@ if [[ (-z "$HAVE_O3") ]]; then
 fi
 
 # Hit or miss, mostly hit
-if [[ (-z "$HAVE_O5") ]]; then
+if [[ ( (-z "$HAVE_O5") && ("$CLANG_COMPILER" -eq "0") ) ]]; then
 	HAVE_O5=0
 	OPT_O5=
 	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
@@ -581,37 +581,6 @@ if [[ (-z "$HAVE_X32") ]]; then
 	fi
 fi
 
-# "Modern compiler, old hardware" combinations
-HAVE_X86_AES=0
-HAVE_X86_RDRAND=0
-HAVE_X86_RDSEED=0
-HAVE_X86_PCLMUL=0
-if [[ ("$IS_X86" -ne "0" || "$IS_X64" -ne "0") && ("$SUN_COMPILER" -eq "0") ]]; then
-	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
-	"$CXX" -DCRYPTOPP_ADHOC_MAIN -maes adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
-	if [[ "$?" -eq "0" ]]; then
-		HAVE_X86_AES=1
-	fi
-
-	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
-	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mrdrnd adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
-	if [[ "$?" -eq "0" ]]; then
-		HAVE_X86_RDRAND=1
-	fi
-
-	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
-	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mrdseed adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
-	if [[ "$?" -eq "0" ]]; then
-		HAVE_X86_RDSEED=1
-	fi
-
-	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
-	"$CXX" -DCRYPTOPP_ADHOC_MAIN -mpclmul adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
-	if [[ "$?" -eq "0" ]]; then
-		HAVE_X86_PCLMUL=1
-	fi
-fi
-
 # ld-gold linker testing
 if [[ (-z "$HAVE_LDGOLD") ]]; then
 	HAVE_LDGOLD=0
@@ -628,16 +597,6 @@ if [[ (-z "$HAVE_LDGOLD") ]]; then
 	fi
 fi
 
-# GCC unified syntax for ASM. Divided syntax is being deprecated
-if [[ (-z "$HAVE_UNIFIED_ASM") ]]; then
-	HAVE_UNIFIED_ASM=0
-	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
-	"$CXX" -DCRYPTOPP_ADHOC_MAIN -masm-syntax-unified adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
-	if [[ "$?" -eq "0" ]]; then
-		HAVE_UNIFIED_ASM=1
-	fi
-fi
-
 # ARMv7 and ARMv8, including NEON, CRC32 and Crypto extensions
 if [[ ("$IS_ARM32" -ne "0" || "$IS_ARM64" -ne "0") ]]; then
 
@@ -1869,133 +1828,7 @@ if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER"
 fi
 
 ############################################
-# Minimum arch with AESNI, RDRAND and RDSEED
-if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER" -ne "0") ]]; then
-
-	X86_OPTS=()
-	if [[ "$HAVE_X86_AES" -ne "0" ]]; then
-		X86_OPTS+=("-maes")
-	fi
-	if [[ "$HAVE_X86_RDRAND" -ne "0" ]]; then
-		X86_OPTS+=("-mrdrnd")
-	fi
-	if [[ "$HAVE_X86_RDSEED" -ne "0" ]]; then
-		X86_OPTS+=("-mrdseed")
-	fi
-
-	# i586 (lacks MMX, SSE and SSE2; enables X86 hardware)
-	if [[ "$IS_X86" -ne "0" ]]; then
-		############################################
-		# Debug build
-		echo
-		echo "************************************" | tee -a "$TEST_RESULTS"
-		echo "Testing: Debug, i586, AESNI, RDRAND and RDSEED" | tee -a "$TEST_RESULTS"
-		echo
-
-		"$MAKE" clean > /dev/null 2>&1
-		rm -f adhoc.cpp > /dev/null 2>&1
-
-		CXXFLAGS="$DEBUG_CXXFLAGS -march=i586 ${X86_OPTS[@]} $OPT_PIC"
-		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-		else
-			./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-			fi
-			./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-			fi
-		fi
-
-		############################################
-		# Release build
-		echo
-		echo "************************************" | tee -a "$TEST_RESULTS"
-		echo "Testing: Release, i586, AESNI, RDRAND and RDSEED" | tee -a "$TEST_RESULTS"
-		echo
-
-		"$MAKE" clean > /dev/null 2>&1
-		rm -f adhoc.cpp > /dev/null 2>&1
-
-		CXXFLAGS="$RELEASE_CXXFLAGS -march=i586 ${X86_OPTS[@]} $OPT_PIC"
-		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-		else
-			./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-			fi
-			./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-			fi
-		fi
-	fi
-
-	# x86-64
-	if [[ "$IS_X64" -ne "0" ]]; then
-		############################################
-		# Debug build
-		echo
-		echo "************************************" | tee -a "$TEST_RESULTS"
-		echo "Testing: Debug, SSE2, AESNI, RDRAND and RDSEED" | tee -a "$TEST_RESULTS"
-		echo
-
-		"$MAKE" clean > /dev/null 2>&1
-		rm -f adhoc.cpp > /dev/null 2>&1
-
-		CXXFLAGS="$DEBUG_CXXFLAGS -march=x86-64 ${X86_OPTS[@]} $OPT_PIC"
-		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-		else
-			./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-			fi
-			./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-			fi
-		fi
-
-		############################################
-		# Release build
-		echo
-		echo "************************************" | tee -a "$TEST_RESULTS"
-		echo "Testing: Release, SSE2, AESNI, RDRAND and RDSEED" | tee -a "$TEST_RESULTS"
-		echo
-
-		"$MAKE" clean > /dev/null 2>&1
-		rm -f adhoc.cpp > /dev/null 2>&1
-
-		CXXFLAGS="$RELEASE_CXXFLAGS -march=x86-64 ${X86_OPTS[@]} $OPT_PIC"
-		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-		else
-			./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-			fi
-			./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-			if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-				echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-			fi
-		fi
-	fi
-fi
-
-############################################
-# mismatched arch capabilities
+# Mismatched arch capabilities
 if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER" -ne "0") ]]; then
 
 	# i586 (lacks MMX, SSE and SSE2)
@@ -2862,63 +2695,6 @@ if [[ "$HAVE_LDGOLD" -ne "0" ]]; then
 	fi
 fi
 
-############################################
-# Build with Unified ASM
-if [[ "$HAVE_UNIFIED_ASM" -ne "0" ]]; then
-
-	############################################
-	# Debug build
-	echo
-	echo "************************************" | tee -a "$TEST_RESULTS"
-	echo "Testing: Debug, unified asm syntax" | tee -a "$TEST_RESULTS"
-	echo
-
-	"$MAKE" clean > /dev/null 2>&1
-	rm -f adhoc.cpp > /dev/null 2>&1
-
-	CXXFLAGS="$DEBUG_CXXFLAGS ${PLATFORM_CXXFLAGS[@]} -masm-syntax-unified $USER_CXXFLAGS"
-	CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-	if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-		echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-	else
-		./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-		fi
-		./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-		fi
-	fi
-
-	############################################
-	# Release build
-	echo
-	echo "************************************" | tee -a "$TEST_RESULTS"
-	echo "Testing: Release, unified asm syntax" | tee -a "$TEST_RESULTS"
-	echo
-
-	"$MAKE" clean > /dev/null 2>&1
-	rm -f adhoc.cpp > /dev/null 2>&1
-
-	CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]} -masm-syntax-unified $USER_CXXFLAGS"
-	CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static dynamic cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-
-	if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-		echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-	else
-		./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-		fi
-		./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-		fi
-	fi
-fi
-
 ############################################
 # Build at -O3
 if [[ "$HAVE_O3" -ne "0" ]]; then
@@ -4763,51 +4539,6 @@ if [[ ("$IS_DARWIN" -ne "0" && "$HAVE_CXX17" -ne "0") ]]; then
 	fi
 fi
 
-############################################
-# Modern compiler and old hardware, like PII, PIII or Core2
-if [[ ("$HAVE_X86_AES" -ne "0" || "$HAVE_X86_RDRAND" -ne "0" || "$HAVE_X86_RDSEED" -ne "0") ]]; then
-
-	echo
-	echo "************************************" | tee -a "$TEST_RESULTS"
-	echo "Testing: AES, RDRAND and RDSEED" | tee -a "$TEST_RESULTS"
-	echo
-
-	OPTS=()
-	if [[ ("$GCC_COMPILER" -ne "0") ]]; then
-		OPTS=("-march=native")
-	fi
-	if [[ "$HAVE_X86_AES" -ne "0" ]]; then
-		OPTS+=("-maes")
-	fi
-	if [[ "$HAVE_X86_RDRAND" -ne "0" ]]; then
-		OPTS+=("-mrdrnd")
-	fi
-	if [[ "$HAVE_X86_RDSEED" -ne "0" ]]; then
-		OPTS+=("-mrdseed")
-	fi
-	if [[ "$HAVE_X86_PCLMUL" -ne "0" ]]; then
-		OPTS+=("-mpclmul")
-	fi
-
-	"$MAKE" clean > /dev/null 2>&1
-	rm -f adhoc.cpp > /dev/null 2>&1
-
-	CXXFLAGS="$RELEASE_CXXFLAGS ${OPTS[@]} ${PLATFORM_CXXFLAGS[@]} $USER_CXXFLAGS"
-	CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
-	if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-		echo "ERROR: failed to make cryptest.exe" | tee -a "$TEST_RESULTS"
-	else
-		./cryptest.exe v 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute validation suite" | tee -a "$TEST_RESULTS"
-		fi
-		./cryptest.exe tv all 2>&1 | tee -a "$TEST_RESULTS"
-		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
-			echo "ERROR: failed to execute test vectors" | tee -a "$TEST_RESULTS"
-		fi
-	fi
-fi
-
 ############################################
 # Benchmarks
 if [[ "$WANT_BENCHMARKS" -ne "0" ]]; then

From 96cc3522ce9d212c49ce0fc6c79883edcc6fc1da Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 22 Apr 2017 23:37:13 -0400
Subject: [PATCH 060/200] Add test for '-march=native'

---
 cryptest.sh | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/cryptest.sh b/cryptest.sh
index 6c46f45a..8415607d 100755
--- a/cryptest.sh
+++ b/cryptest.sh
@@ -581,6 +581,16 @@ if [[ (-z "$HAVE_X32") ]]; then
 	fi
 fi
 
+# Hit or miss, mostly hit
+if [[ (-z "$HAVE_NATIVE_ARCH") ]]; then
+	HAVE_NATIVE_ARCH=0
+	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -march=native adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ ("$?" -eq "0") ]]; then
+		HAVE_NATIVE_ARCH=1
+	fi
+fi
+
 # ld-gold linker testing
 if [[ (-z "$HAVE_LDGOLD") ]]; then
 	HAVE_LDGOLD=0
@@ -1829,7 +1839,7 @@ fi
 
 ############################################
 # Mismatched arch capabilities
-if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER" -ne "0") ]]; then
+if [[ ( ("$IS_X86" -ne "0" || "$IS_X32" -ne "0" || "$IS_X64" -ne "0") && "$HAVE_NATIVE_ARCH" -ne "0") ]]; then
 
 	# i586 (lacks MMX, SSE and SSE2)
 	if [[ "$IS_X86" -ne "0" ]]; then

From 89176e51cd4c9e26fbb8000a05e0494a3b1d3cfc Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 23 Apr 2017 06:37:03 -0400
Subject: [PATCH 061/200] Add safety for SSSE4.1 and SSE4.2 intructions They
 are giving ARIA and BLAKE2 trouble. It looks like SSE4  support appeared in
 the GCC compiler around 4.1 or 4.2. It looks like SHA support appeared in the
 GNU assembler around 2.18

---
 CMakeLists.txt | 11 +++++++++++
 GNUmakefile    | 23 ++++++++++++++++-------
 2 files changed, 27 insertions(+), 7 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index f213131c..30c7071f 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -45,6 +45,7 @@ endif()
 
 option(DISABLE_ASM "Disable ASM" OFF)
 option(DISABLE_SSSE3 "Disable SSSE3" OFF)
+option(DISABLE_SSE4 "Disable SSE4" OFF)
 option(DISABLE_AESNI "Disable AES-NI" OFF)
 option(DISABLE_SHA "Disable SHA" OFF)
 option(DISABLE_NATIVE_ARCH "Disable the addition of -march=native" OFF)
@@ -151,6 +152,15 @@ if (CMAKE_CXX_COMPILER_ID MATCHES "GNU")
 				set(DISABLE_NATIVE_ARCH 1)
 			endif()
 
+			# OpenBSD, CentOS 5 needed this one due to ARIA and BLAKE2
+			execute_process(COMMAND echo ${GAS_STRING}
+				COMMAND ${GREP_CMD} "GNU assembler version (2\\.1[8-9]|2\\.[2-9]|[3-9])"
+				OUTPUT_VARIABLE GAS218_OR_LATER)
+			if (GAS218_OR_LATER EQUAL 0)
+				add_definitions(-DCRYPTOPP_DISABLE_SSE4)
+				set(DISABLE_NATIVE_ARCH 1)
+			endif()
+
 			execute_process(COMMAND echo ${GAS_STRING}
 				COMMAND ${GREP_CMD} "GNU assembler version (2\\.19|2\\.[2-9]|[3-9])"
 				OUTPUT_VARIABLE GAS219_OR_LATER)
@@ -159,6 +169,7 @@ if (CMAKE_CXX_COMPILER_ID MATCHES "GNU")
 				set(DISABLE_NATIVE_ARCH 1)
 			endif()
 
+			# Ubuntu 10 and Ubuntu 12 needed this one
 			execute_process(COMMAND echo ${GAS_STRING}
 				COMMAND ${GREP_CMD} "GNU assembler version (2\\.2[3-9]|2\\.[3-9]|[3-9])"
 				OUTPUT_VARIABLE GAS223_OR_LATER)
diff --git a/GNUmakefile b/GNUmakefile
index b0b57c2e..21d76e37 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -147,6 +147,7 @@ endif
 ifneq ($(HAVE_GAS),0)
   GAS210_OR_LATER := $(shell $(CXX) -xc -c /dev/null -Wa,-v -o/dev/null 2>&1 | $(EGREP) -c "GNU assembler version (2\.[1-9][0-9]|[3-9])")
   GAS217_OR_LATER := $(shell $(CXX) -xc -c /dev/null -Wa,-v -o/dev/null 2>&1 | $(EGREP) -c "GNU assembler version (2\.1[7-9]|2\.[2-9]|[3-9])")
+  GAS218_OR_LATER := $(shell $(CXX) -xc -c /dev/null -Wa,-v -o/dev/null 2>&1 | $(EGREP) -c "GNU assembler version (2\.1[8-9]|2\.[2-9]|[3-9])")
   GAS219_OR_LATER := $(shell $(CXX) -xc -c /dev/null -Wa,-v -o/dev/null 2>&1 | $(EGREP) -c "GNU assembler version (2\.19|2\.[2-9]|[3-9])")
   GAS223_OR_LATER := $(shell $(CXX) -xc -c /dev/null -Wa,-v -o/dev/null 2>&1 | $(EGREP) -c "GNU assembler version (2\.2[3-9]|2\.[3-9]|[3-9])")
 endif
@@ -163,13 +164,19 @@ endif
 # .intel_syntax wasn't supported until GNU assembler 2.10
 # No DISABLE_NATIVE_ARCH with CRYPTOPP_DISABLE_ASM for now
 #  See http://github.com/weidai11/cryptopp/issues/395
+ifeq ($(findstring -DCRYPTOPP_DISABLE_ASM,$(CXXFLAGS)),)
 ifeq ($(HAVE_GAS)$(GAS210_OR_LATER),10)
 CXXFLAGS += -DCRYPTOPP_DISABLE_ASM
+DISABLE_NATIVE_ARCH := 1
 else
 ifeq ($(HAVE_GAS)$(GAS217_OR_LATER),10)
 CXXFLAGS += -DCRYPTOPP_DISABLE_SSSE3
 DISABLE_NATIVE_ARCH := 1
 else
+ifeq ($(HAVE_GAS)$(GAS218_OR_LATER),10)
+CXXFLAGS += -DCRYPTOPP_DISABLE_SSE4
+DISABLE_NATIVE_ARCH := 1
+else
 ifeq ($(HAVE_GAS)$(GAS219_OR_LATER),10)
 CXXFLAGS += -DCRYPTOPP_DISABLE_AESNI
 DISABLE_NATIVE_ARCH := 1
@@ -177,15 +184,17 @@ else
 ifeq ($(HAVE_GAS)$(GAS223_OR_LATER),10)
 CXXFLAGS += -DCRYPTOPP_DISABLE_SHA
 DISABLE_NATIVE_ARCH := 1
-endif
-endif
-endif
-endif
+endif  # -DCRYPTOPP_DISABLE_SHA
+endif  # -DCRYPTOPP_DISABLE_AESNI
+endif  # -DCRYPTOPP_DISABLE_SSE4
+endif  # -DCRYPTOPP_DISABLE_SSSE3
+endif  # -DCRYPTOPP_DISABLE_ASM
+endif  # CXXFLAGS
 
-# BEGIN NATIVE_ARCH
+# BEGIN_NATIVE_ARCH
 # Guard use of -march=native (or -m{32|64} on some platforms)
 # Don't add anything if -march=XXX or -mtune=XXX is specified
-ifneq ($(DISABLE_NATIVE_ARCH),1)
+ifeq ($(DISABLE_NATIVE_ARCH),0)
 ifeq ($(findstring -march,$(CXXFLAGS)),)
 ifeq ($(findstring -mtune,$(CXXFLAGS)),)
    ifeq ($(GCC42_OR_LATER)$(IS_NETBSD),10)
@@ -206,7 +215,7 @@ ifeq ($(findstring -mtune,$(CXXFLAGS)),)
 endif  # -mtune
 endif  # -march
 endif  # DISABLE_NATIVE_ARCH
-# END NATIVE_ARCH
+# END_NATIVE_ARCH
 
 # Aligned access required for -O3 and above due to vectorization
 UNALIGNED_ACCESS := $(shell $(EGREP) -c "^[[:space:]]*//[[:space:]]*\#[[:space:]]*define[[:space:]]*CRYPTOPP_NO_UNALIGNED_DATA_ACCESS" config.h)

From 422600c5b8b96e31ac45ac22b4b6190128506332 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 23 Apr 2017 07:38:25 -0400
Subject: [PATCH 062/200] Update scripts for testing

---
 CMakeLists.txt          |  2 +-
 TestScripts/cryptest.sh | 24 +++++++++++++++++++-----
 cryptest.sh             | 12 ++++++++----
 3 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 30c7071f..70e59b8f 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -152,7 +152,7 @@ if (CMAKE_CXX_COMPILER_ID MATCHES "GNU")
 				set(DISABLE_NATIVE_ARCH 1)
 			endif()
 
-			# OpenBSD, CentOS 5 needed this one due to ARIA and BLAKE2
+			# OpenBSD and CentOS 5 needed this one due to ARIA and BLAKE2
 			execute_process(COMMAND echo ${GAS_STRING}
 				COMMAND ${GREP_CMD} "GNU assembler version (2\\.1[8-9]|2\\.[2-9]|[3-9])"
 				OUTPUT_VARIABLE GAS218_OR_LATER)
diff --git a/TestScripts/cryptest.sh b/TestScripts/cryptest.sh
index 6c46f45a..7b5efd99 100755
--- a/TestScripts/cryptest.sh
+++ b/TestScripts/cryptest.sh
@@ -581,6 +581,16 @@ if [[ (-z "$HAVE_X32") ]]; then
 	fi
 fi
 
+# Hit or miss, mostly hit
+if [[ (-z "$HAVE_NATIVE_ARCH") ]]; then
+	HAVE_NATIVE_ARCH=0
+	rm -f "$TMP/adhoc.exe" > /dev/null 2>&1
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -march=native adhoc.cpp -o "$TMP/adhoc.exe" > /dev/null 2>&1
+	if [[ ("$?" -eq "0") ]]; then
+		HAVE_NATIVE_ARCH=1
+	fi
+fi
+
 # ld-gold linker testing
 if [[ (-z "$HAVE_LDGOLD") ]]; then
 	HAVE_LDGOLD=0
@@ -1829,7 +1839,7 @@ fi
 
 ############################################
 # Mismatched arch capabilities
-if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER" -ne "0") ]]; then
+if [[ ( ("$IS_X86" -ne "0" || "$IS_X32" -ne "0" || "$IS_X64" -ne "0") && "$HAVE_NATIVE_ARCH" -ne "0") ]]; then
 
 	# i586 (lacks MMX, SSE and SSE2)
 	if [[ "$IS_X86" -ne "0" ]]; then
@@ -1846,7 +1856,8 @@ if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER"
 		CXXFLAGS="$DEBUG_CXXFLAGS -march=i586 $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static 2>&1 | tee -a "$TEST_RESULTS"
 
-		CXXFLAGS="$DEBUG_CXXFLAGS -march=native $OPT_PIC"
+		# The makefile may add -DCRYPTOPP_DISABLE_XXX, so we can't add -march=native
+		CXXFLAGS="$DEBUG_CXXFLAGS $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
 
 		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
@@ -1875,7 +1886,8 @@ if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER"
 		CXXFLAGS="$RELEASE_CXXFLAGS -march=i586 $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static 2>&1 | tee -a "$TEST_RESULTS"
 
-		CXXFLAGS="$RELEASE_CXXFLAGS -march=native $OPT_PIC"
+		# The makefile may add -DCRYPTOPP_DISABLE_XXX, so we can't add -march=native
+		CXXFLAGS="$RELEASE_CXXFLAGS $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
 
 		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
@@ -1907,7 +1919,8 @@ if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER"
 		CXXFLAGS="$DEBUG_CXXFLAGS -march=x86-64 $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static 2>&1 | tee -a "$TEST_RESULTS"
 
-		CXXFLAGS="$DEBUG_CXXFLAGS -march=native $OPT_PIC"
+		# The makefile may add -DCRYPTOPP_DISABLE_XXX, so we can't add -march=native
+		CXXFLAGS="$DEBUG_CXXFLAGS $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
 
 		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
@@ -1936,7 +1949,8 @@ if [[ ("$GCC_COMPILER" -ne "0" || "$CLANG_COMPILER" -ne "0" || "$INTEL_COMPILER"
 		CXXFLAGS="$RELEASE_CXXFLAGS -march=x86-64 $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static 2>&1 | tee -a "$TEST_RESULTS"
 
-		CXXFLAGS="$RELEASE_CXXFLAGS -march=native $OPT_PIC"
+		# The makefile may add -DCRYPTOPP_DISABLE_XXX, so we can't add -march=native
+		CXXFLAGS="$RELEASE_CXXFLAGS $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
 
 		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
diff --git a/cryptest.sh b/cryptest.sh
index 8415607d..7b5efd99 100755
--- a/cryptest.sh
+++ b/cryptest.sh
@@ -1856,7 +1856,8 @@ if [[ ( ("$IS_X86" -ne "0" || "$IS_X32" -ne "0" || "$IS_X64" -ne "0") && "$HAVE_
 		CXXFLAGS="$DEBUG_CXXFLAGS -march=i586 $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static 2>&1 | tee -a "$TEST_RESULTS"
 
-		CXXFLAGS="$DEBUG_CXXFLAGS -march=native $OPT_PIC"
+		# The makefile may add -DCRYPTOPP_DISABLE_XXX, so we can't add -march=native
+		CXXFLAGS="$DEBUG_CXXFLAGS $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
 
 		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
@@ -1885,7 +1886,8 @@ if [[ ( ("$IS_X86" -ne "0" || "$IS_X32" -ne "0" || "$IS_X64" -ne "0") && "$HAVE_
 		CXXFLAGS="$RELEASE_CXXFLAGS -march=i586 $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static 2>&1 | tee -a "$TEST_RESULTS"
 
-		CXXFLAGS="$RELEASE_CXXFLAGS -march=native $OPT_PIC"
+		# The makefile may add -DCRYPTOPP_DISABLE_XXX, so we can't add -march=native
+		CXXFLAGS="$RELEASE_CXXFLAGS $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
 
 		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
@@ -1917,7 +1919,8 @@ if [[ ( ("$IS_X86" -ne "0" || "$IS_X32" -ne "0" || "$IS_X64" -ne "0") && "$HAVE_
 		CXXFLAGS="$DEBUG_CXXFLAGS -march=x86-64 $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static 2>&1 | tee -a "$TEST_RESULTS"
 
-		CXXFLAGS="$DEBUG_CXXFLAGS -march=native $OPT_PIC"
+		# The makefile may add -DCRYPTOPP_DISABLE_XXX, so we can't add -march=native
+		CXXFLAGS="$DEBUG_CXXFLAGS $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
 
 		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then
@@ -1946,7 +1949,8 @@ if [[ ( ("$IS_X86" -ne "0" || "$IS_X32" -ne "0" || "$IS_X64" -ne "0") && "$HAVE_
 		CXXFLAGS="$RELEASE_CXXFLAGS -march=x86-64 $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" static 2>&1 | tee -a "$TEST_RESULTS"
 
-		CXXFLAGS="$RELEASE_CXXFLAGS -march=native $OPT_PIC"
+		# The makefile may add -DCRYPTOPP_DISABLE_XXX, so we can't add -march=native
+		CXXFLAGS="$RELEASE_CXXFLAGS $OPT_PIC"
 		CXX="$CXX" CXXFLAGS="$CXXFLAGS" "$MAKE" "${MAKEARGS[@]}" cryptest.exe 2>&1 | tee -a "$TEST_RESULTS"
 
 		if [[ ("${PIPESTATUS[0]}" -ne "0") ]]; then

From e2f5da337ea422bc6f00d99678a84b0040089dc8 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 23 Apr 2017 12:11:08 -0400
Subject: [PATCH 063/200] Add mapfile to allow additional capability bits Also
 see
 http://www.oracle.com/technetwork/server-storage/solaris/hwcap-modification-139536.html

---
 GNUmakefile | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/GNUmakefile b/GNUmakefile
index 21d76e37..a7986bd5 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -318,6 +318,21 @@ endif	# IS_X86
 #####                      Common                     #####
 ###########################################################
 
+# For SunOS, create a Mapfile that allows our object files
+# to cantain additional bits (like SSE4 and AES on old Xeon)
+# http://www.oracle.com/technetwork/server-storage/solaris/hwcap-modification-139536.html
+ifeq ($(IS_SUN)$(SUN_COMPILER),11)
+ifneq ($(IS_X86)$(IS_X32)$(IS_X64),000)
+ifeq ($(findstring -DCRYPTOPP_DISABLE_ASM,$(CXXFLAGS)),)
+ifeq ($(wildcard cryptopp.mapfile),)
+$(shell echo "hwcap_1 = SSE SSE2 OVERRIDE;" > cryptopp.mapfile)
+$(shell echo "" >> cryptopp.mapfile)
+endif  # Write mapfile
+LDFLAGS += -M cryptopp.mapfile
+endif  # No CRYPTOPP_DISABLE_ASM
+endif  # X86/X32/X64
+endif  # SunOS
+
 ifneq ($(IS_MINGW),0)
 LDLIBS += -lws2_32
 endif
@@ -608,7 +623,7 @@ clean:
 
 .PHONY: distclean
 distclean: clean
-	-$(RM) adhoc.cpp adhoc.cpp.copied GNUmakefile.deps benchmarks.html cryptest.txt cryptest-*.txt
+	-$(RM) adhoc.cpp adhoc.cpp.copied cryptopp.mapfile GNUmakefile.deps benchmarks.html cryptest.txt cryptest-*.txt
 	@-$(RM) CMakeCache.txt Makefile CTestTestfile.cmake cmake_install.cmake cryptopp-config-version.cmake
 	@-$(RM) cryptopp.tgz *.o *.bc *.ii *~
 	@-$(RM) -r $(SRCS:.cpp=.obj) *.suo *.sdf *.pdb Win32/ x64/ ipch/

From 64f1b50b7fc5cf887becd70b3e35ded6d98bf639 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 24 Apr 2017 03:05:37 -0400
Subject: [PATCH 064/200] Add pclmulqdq for OS X disassembly tests

---
 TestScripts/cryptest.sh | 27 ++-------------------------
 cryptest.sh             | 27 ++-------------------------
 2 files changed, 4 insertions(+), 50 deletions(-)

diff --git a/TestScripts/cryptest.sh b/TestScripts/cryptest.sh
index 7b5efd99..a39efa8c 100755
--- a/TestScripts/cryptest.sh
+++ b/TestScripts/cryptest.sh
@@ -1185,9 +1185,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$X86_SSE2" -ne "0" && "$X86_SHA256_HASH_BLOCKS" -eq "0") ]]; then
 			echo "ERROR: failed to use X86_SHA256_HashBlocks" | tee -a "$TEST_RESULTS"
-			if [[ ("$CLANG_COMPILER" -ne "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for Intel assembly syntax in some versions of the compiler"
-			fi
 		fi
 
 		if [[ ("$FAILED" -eq "0" && "$X86_SHA256_HASH_BLOCKS" -ne "0") ]]; then
@@ -1256,10 +1253,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$FAILED" -eq "0") ]]; then
 			echo "Verified aesenc, aesenclast, aesdec, aesdeclast, aesimc, aeskeygenassist machine instructions" | tee -a "$TEST_RESULTS"
-		else
-			if [[ ("$CLANG_COMPILER" -ne "0" && "$CLANG_37_OR_ABOVE" -eq "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for SSSE3 (and above) in some versions of the compiler. If so, try Clang 3.7 or above"
-			fi
 		fi
 	fi
 
@@ -1284,13 +1277,13 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		FAILED=0
 		DISASS_TEXT=$("$DISASS" "${DISASSARGS[@]}" "$OBJFILE" 2>/dev/null)
 
-		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c '(pclmullqhq|vpclmulqdq)')
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c '(pclmulqdq|pclmullqhq|vpclmulqdq)')
 		if [[ ("$COUNT" -eq "0") ]]; then
 			FAILED=1
 			echo "ERROR: failed to generate pclmullqhq instruction" | tee -a "$TEST_RESULTS"
 		fi
 
-		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c '(pclmullqlq|vpclmulqdq)')
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c '(pclmulqdq|pclmullqlq|vpclmulqdq)')
 		if [[ ("$COUNT" -eq "0") ]]; then
 			FAILED=1
 			echo "ERROR: failed to generate pclmullqlq instruction" | tee -a "$TEST_RESULTS"
@@ -1298,10 +1291,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$FAILED" -eq "0") ]]; then
 			echo "Verified pclmullqhq and pclmullqlq machine instructions" | tee -a "$TEST_RESULTS"
-		else
-			if [[ ("$CLANG_COMPILER" -ne "0" && "$CLANG_37_OR_ABOVE" -eq "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for SSSE3 (and above) in some versions of the compiler. If so, try Clang 3.7 or above"
-			fi
 		fi
 	fi
 
@@ -1348,10 +1337,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$FAILED" -eq "0") ]]; then
 			echo "Verified rdrand and rdseed machine instructions" | tee -a "$TEST_RESULTS"
-		else
-			if [[ ("$CLANG_COMPILER" -ne "0" && "$CLANG_37_OR_ABOVE" -eq "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for SSSE3 (and above) in some versions of the compiler. If so, try Clang 3.7 or above"
-			fi
 		fi
 	fi
 
@@ -1390,10 +1375,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$FAILED" -eq "0") ]]; then
 			echo "Verified crc32l and crc32b machine instructions" | tee -a "$TEST_RESULTS"
-		else
-			if [[ ("$CLANG_COMPILER" -ne "0" && "$CLANG_37_OR_ABOVE" -eq "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for SSSE3 (and above) in some versions of the compiler. If so, try Clang 3.7 or above"
-			fi
 		fi
 	fi
 
@@ -1462,10 +1443,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$FAILED" -eq "0") ]]; then
 			echo "Verified sha1rnds4, sha1nexte, sha1msg1, sha1msg2, sha256rnds2, sha256msg1 and sha256msg2 machine instructions" | tee -a "$TEST_RESULTS"
-		else
-			if [[ ("$CLANG_COMPILER" -ne "0" && "$CLANG_37_OR_ABOVE" -eq "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for SSSE3 (and above) in some versions of the compiler. If so, try Clang 3.7 or above"
-			fi
 		fi
 	fi
 fi
diff --git a/cryptest.sh b/cryptest.sh
index 7b5efd99..a39efa8c 100755
--- a/cryptest.sh
+++ b/cryptest.sh
@@ -1185,9 +1185,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$X86_SSE2" -ne "0" && "$X86_SHA256_HASH_BLOCKS" -eq "0") ]]; then
 			echo "ERROR: failed to use X86_SHA256_HashBlocks" | tee -a "$TEST_RESULTS"
-			if [[ ("$CLANG_COMPILER" -ne "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for Intel assembly syntax in some versions of the compiler"
-			fi
 		fi
 
 		if [[ ("$FAILED" -eq "0" && "$X86_SHA256_HASH_BLOCKS" -ne "0") ]]; then
@@ -1256,10 +1253,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$FAILED" -eq "0") ]]; then
 			echo "Verified aesenc, aesenclast, aesdec, aesdeclast, aesimc, aeskeygenassist machine instructions" | tee -a "$TEST_RESULTS"
-		else
-			if [[ ("$CLANG_COMPILER" -ne "0" && "$CLANG_37_OR_ABOVE" -eq "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for SSSE3 (and above) in some versions of the compiler. If so, try Clang 3.7 or above"
-			fi
 		fi
 	fi
 
@@ -1284,13 +1277,13 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		FAILED=0
 		DISASS_TEXT=$("$DISASS" "${DISASSARGS[@]}" "$OBJFILE" 2>/dev/null)
 
-		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c '(pclmullqhq|vpclmulqdq)')
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c '(pclmulqdq|pclmullqhq|vpclmulqdq)')
 		if [[ ("$COUNT" -eq "0") ]]; then
 			FAILED=1
 			echo "ERROR: failed to generate pclmullqhq instruction" | tee -a "$TEST_RESULTS"
 		fi
 
-		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c '(pclmullqlq|vpclmulqdq)')
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c '(pclmulqdq|pclmullqlq|vpclmulqdq)')
 		if [[ ("$COUNT" -eq "0") ]]; then
 			FAILED=1
 			echo "ERROR: failed to generate pclmullqlq instruction" | tee -a "$TEST_RESULTS"
@@ -1298,10 +1291,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$FAILED" -eq "0") ]]; then
 			echo "Verified pclmullqhq and pclmullqlq machine instructions" | tee -a "$TEST_RESULTS"
-		else
-			if [[ ("$CLANG_COMPILER" -ne "0" && "$CLANG_37_OR_ABOVE" -eq "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for SSSE3 (and above) in some versions of the compiler. If so, try Clang 3.7 or above"
-			fi
 		fi
 	fi
 
@@ -1348,10 +1337,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$FAILED" -eq "0") ]]; then
 			echo "Verified rdrand and rdseed machine instructions" | tee -a "$TEST_RESULTS"
-		else
-			if [[ ("$CLANG_COMPILER" -ne "0" && "$CLANG_37_OR_ABOVE" -eq "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for SSSE3 (and above) in some versions of the compiler. If so, try Clang 3.7 or above"
-			fi
 		fi
 	fi
 
@@ -1390,10 +1375,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$FAILED" -eq "0") ]]; then
 			echo "Verified crc32l and crc32b machine instructions" | tee -a "$TEST_RESULTS"
-		else
-			if [[ ("$CLANG_COMPILER" -ne "0" && "$CLANG_37_OR_ABOVE" -eq "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for SSSE3 (and above) in some versions of the compiler. If so, try Clang 3.7 or above"
-			fi
 		fi
 	fi
 
@@ -1462,10 +1443,6 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 
 		if [[ ("$FAILED" -eq "0") ]]; then
 			echo "Verified sha1rnds4, sha1nexte, sha1msg1, sha1msg2, sha256rnds2, sha256msg1 and sha256msg2 machine instructions" | tee -a "$TEST_RESULTS"
-		else
-			if [[ ("$CLANG_COMPILER" -ne "0" && "$CLANG_37_OR_ABOVE" -eq "0") ]]; then
-				echo "This could be due to Clang and lack of expected support for SSSE3 (and above) in some versions of the compiler. If so, try Clang 3.7 or above"
-			fi
 		fi
 	fi
 fi

From 2297dd000a7cf2831095ba59be2ed653ea3bd884 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 24 Apr 2017 05:05:14 -0400
Subject: [PATCH 065/200] Removed "typedef SHA1 SHA" (Issue 369) This should
 have happened when we removed most of MAINTAIN_BACKWARDS_COMPATIBILITY
 artifacts. Its not practical move SHA1 into Weak:: namespace or "typedef
 SHA256 SHA" because SHA1 is too intertwined at the moment.

In the interim, maybe we can place SHA1 in both CryptoPP:: and Weak:: namespaces. This will allow us to transition into Weak::SHA1 over time, and signal to users SHA1 should be avoided.
---
 bench2.cpp   | 58 ++++++++++++++++++++++++++--------------------------
 default.h    |  2 +-
 eccrypto.h   |  2 +-
 esign.cpp    | 14 ++++++-------
 fipsalgt.cpp |  2 +-
 gfpcrypt.cpp |  8 ++++----
 gfpcrypt.h   |  4 ++--
 luc.cpp      |  2 +-
 luc.h        |  8 ++++----
 oaep.h       |  2 +-
 randpool.h   |  4 ++--
 rsa.cpp      | 22 ++++++++++----------
 rsa.h        | 20 +++++++++---------
 seal.cpp     |  2 +-
 sha.h        |  2 --
 test.cpp     |  4 ++--
 validat2.cpp | 44 +++++++++++++++++++--------------------
 17 files changed, 99 insertions(+), 101 deletions(-)

diff --git a/bench2.cpp b/bench2.cpp
index b83c4192..e0853c4a 100644
--- a/bench2.cpp
+++ b/bench2.cpp
@@ -246,40 +246,40 @@ void Benchmark3(double t, double hertz)
 
 	std::cout << "\n<TBODY style=\"background: white;\">";
 	{
-		BenchMarkCrypto<RSAES<OAEP<SHA> > >(CRYPTOPP_DATA_DIR "TestData/rsa1024.dat", "RSA 1024", t);
-		BenchMarkCrypto<LUCES<OAEP<SHA> > >(CRYPTOPP_DATA_DIR "TestData/luc1024.dat", "LUC 1024", t);
+		BenchMarkCrypto<RSAES<OAEP<SHA1> > >(CRYPTOPP_DATA_DIR "TestData/rsa1024.dat", "RSA 1024", t);
+		BenchMarkCrypto<LUCES<OAEP<SHA1> > >(CRYPTOPP_DATA_DIR "TestData/luc1024.dat", "LUC 1024", t);
 		BenchMarkCrypto<DLIES<> >(CRYPTOPP_DATA_DIR "TestData/dlie1024.dat", "DLIES 1024", t);
 		BenchMarkCrypto<LUC_IES<> >(CRYPTOPP_DATA_DIR "TestData/lucc512.dat", "LUCELG 512", t);
 	}
 
 	std::cout << "\n<TBODY style=\"background: yellow;\">";
 	{
-		BenchMarkCrypto<RSAES<OAEP<SHA> > >(CRYPTOPP_DATA_DIR "TestData/rsa2048.dat", "RSA 2048", t);
-		BenchMarkCrypto<LUCES<OAEP<SHA> > >(CRYPTOPP_DATA_DIR "TestData/luc2048.dat", "LUC 2048", t);
+		BenchMarkCrypto<RSAES<OAEP<SHA1> > >(CRYPTOPP_DATA_DIR "TestData/rsa2048.dat", "RSA 2048", t);
+		BenchMarkCrypto<LUCES<OAEP<SHA1> > >(CRYPTOPP_DATA_DIR "TestData/luc2048.dat", "LUC 2048", t);
 		BenchMarkCrypto<DLIES<> >(CRYPTOPP_DATA_DIR "TestData/dlie2048.dat", "DLIES 2048", t);
 		BenchMarkCrypto<LUC_IES<> >(CRYPTOPP_DATA_DIR "TestData/lucc1024.dat", "LUCELG 1024", t);
 	}
 
 	std::cout << "\n<TBODY style=\"background: white;\">";
 	{
-		BenchMarkSignature<RSASS<PSSR, SHA> >(CRYPTOPP_DATA_DIR "TestData/rsa1024.dat", "RSA 1024", t);
-		BenchMarkSignature<RWSS<PSSR, SHA> >(CRYPTOPP_DATA_DIR "TestData/rw1024.dat", "RW 1024", t);
-		BenchMarkSignature<LUCSS<PSSR, SHA> >(CRYPTOPP_DATA_DIR "TestData/luc1024.dat", "LUC 1024", t);
-		BenchMarkSignature<NR<SHA> >(CRYPTOPP_DATA_DIR "TestData/nr1024.dat", "NR 1024", t);
+		BenchMarkSignature<RSASS<PSSR, SHA1> >(CRYPTOPP_DATA_DIR "TestData/rsa1024.dat", "RSA 1024", t);
+		BenchMarkSignature<RWSS<PSSR, SHA1> >(CRYPTOPP_DATA_DIR "TestData/rw1024.dat", "RW 1024", t);
+		BenchMarkSignature<LUCSS<PSSR, SHA1> >(CRYPTOPP_DATA_DIR "TestData/luc1024.dat", "LUC 1024", t);
+		BenchMarkSignature<NR<SHA1> >(CRYPTOPP_DATA_DIR "TestData/nr1024.dat", "NR 1024", t);
 		BenchMarkSignature<DSA>(CRYPTOPP_DATA_DIR "TestData/dsa1024.dat", "DSA 1024", t);
-		BenchMarkSignature<LUC_HMP<SHA> >(CRYPTOPP_DATA_DIR "TestData/lucs512.dat", "LUC-HMP 512", t);
-		BenchMarkSignature<ESIGN<SHA> >(CRYPTOPP_DATA_DIR "TestData/esig1023.dat", "ESIGN 1023", t);
-		BenchMarkSignature<ESIGN<SHA> >(CRYPTOPP_DATA_DIR "TestData/esig1536.dat", "ESIGN 1536", t);
+		BenchMarkSignature<LUC_HMP<SHA1> >(CRYPTOPP_DATA_DIR "TestData/lucs512.dat", "LUC-HMP 512", t);
+		BenchMarkSignature<ESIGN<SHA1> >(CRYPTOPP_DATA_DIR "TestData/esig1023.dat", "ESIGN 1023", t);
+		BenchMarkSignature<ESIGN<SHA1> >(CRYPTOPP_DATA_DIR "TestData/esig1536.dat", "ESIGN 1536", t);
 	}
 
 	std::cout << "\n<TBODY style=\"background: yellow;\">";
 	{
-		BenchMarkSignature<RSASS<PSSR, SHA> >(CRYPTOPP_DATA_DIR "TestData/rsa2048.dat", "RSA 2048", t);
-		BenchMarkSignature<RWSS<PSSR, SHA> >(CRYPTOPP_DATA_DIR "TestData/rw2048.dat", "RW 2048", t);
-		BenchMarkSignature<LUCSS<PSSR, SHA> >(CRYPTOPP_DATA_DIR "TestData/luc2048.dat", "LUC 2048", t);
-		BenchMarkSignature<NR<SHA> >(CRYPTOPP_DATA_DIR "TestData/nr2048.dat", "NR 2048", t);
-		BenchMarkSignature<LUC_HMP<SHA> >(CRYPTOPP_DATA_DIR "TestData/lucs1024.dat", "LUC-HMP 1024", t);
-		BenchMarkSignature<ESIGN<SHA> >(CRYPTOPP_DATA_DIR "TestData/esig2046.dat", "ESIGN 2046", t);
+		BenchMarkSignature<RSASS<PSSR, SHA1> >(CRYPTOPP_DATA_DIR "TestData/rsa2048.dat", "RSA 2048", t);
+		BenchMarkSignature<RWSS<PSSR, SHA1> >(CRYPTOPP_DATA_DIR "TestData/rw2048.dat", "RW 2048", t);
+		BenchMarkSignature<LUCSS<PSSR, SHA1> >(CRYPTOPP_DATA_DIR "TestData/luc2048.dat", "LUC 2048", t);
+		BenchMarkSignature<NR<SHA1> >(CRYPTOPP_DATA_DIR "TestData/nr2048.dat", "NR 2048", t);
+		BenchMarkSignature<LUC_HMP<SHA1> >(CRYPTOPP_DATA_DIR "TestData/lucs1024.dat", "LUC-HMP 1024", t);
+		BenchMarkSignature<ESIGN<SHA1> >(CRYPTOPP_DATA_DIR "TestData/esig2046.dat", "ESIGN 2046", t);
 	}
 
 	std::cout << "\n<TBODY style=\"background: white;\">";
@@ -310,12 +310,12 @@ void Benchmark3(double t, double hertz)
 	{
 		ECIES<ECP>::Decryptor cpriv(Test::GlobalRNG(), ASN1::secp256k1());
 		ECIES<ECP>::Encryptor cpub(cpriv);
-		ECDSA<ECP, SHA>::Signer spriv(cpriv);
-		ECDSA<ECP, SHA>::Verifier spub(spriv);
-		ECDSA_RFC6979<ECP, SHA>::Signer spriv2(cpriv);
-		ECDSA_RFC6979<ECP, SHA>::Verifier spub2(spriv);
-		ECGDSA<ECP, SHA>::Signer spriv3(Test::GlobalRNG(), ASN1::secp256k1());
-		ECGDSA<ECP, SHA>::Verifier spub3(spriv3);
+		ECDSA<ECP, SHA1>::Signer spriv(cpriv);
+		ECDSA<ECP, SHA1>::Verifier spub(spriv);
+		ECDSA_RFC6979<ECP, SHA1>::Signer spriv2(cpriv);
+		ECDSA_RFC6979<ECP, SHA1>::Verifier spub2(spriv);
+		ECGDSA<ECP, SHA1>::Signer spriv3(Test::GlobalRNG(), ASN1::secp256k1());
+		ECGDSA<ECP, SHA1>::Verifier spub3(spriv3);
 		ECDH<ECP>::Domain ecdhc(ASN1::secp256k1());
 		ECMQV<ECP>::Domain ecmqvc(ASN1::secp256k1());
 
@@ -337,12 +337,12 @@ void Benchmark3(double t, double hertz)
 	{
 		ECIES<EC2N>::Decryptor cpriv(Test::GlobalRNG(), ASN1::sect233r1());
 		ECIES<EC2N>::Encryptor cpub(cpriv);
-		ECDSA<EC2N, SHA>::Signer spriv(cpriv);
-		ECDSA<EC2N, SHA>::Verifier spub(spriv);
-		ECDSA_RFC6979<EC2N, SHA>::Signer spriv2(cpriv);
-		ECDSA_RFC6979<EC2N, SHA>::Verifier spub2(spriv);
-		ECGDSA<EC2N, SHA>::Signer spriv3(Test::GlobalRNG(), ASN1::sect233r1());
-		ECGDSA<EC2N, SHA>::Verifier spub3(spriv3);
+		ECDSA<EC2N, SHA1>::Signer spriv(cpriv);
+		ECDSA<EC2N, SHA1>::Verifier spub(spriv);
+		ECDSA_RFC6979<EC2N, SHA1>::Signer spriv2(cpriv);
+		ECDSA_RFC6979<EC2N, SHA1>::Verifier spub2(spriv);
+		ECGDSA<EC2N, SHA1>::Signer spriv3(Test::GlobalRNG(), ASN1::sect233r1());
+		ECGDSA<EC2N, SHA1>::Verifier spub3(spriv3);
 		ECDH<EC2N>::Domain ecdhc(ASN1::sect233r1());
 		ECMQV<EC2N>::Domain ecmqvc(ASN1::sect233r1());
 
diff --git a/default.h b/default.h
index 78bc0d19..691cbbb3 100644
--- a/default.h
+++ b/default.h
@@ -19,7 +19,7 @@ NAMESPACE_BEGIN(CryptoPP)
 //! \brief Legacy block cipher for LegacyEncryptor, LegacyDecryptor, LegacyEncryptorWithMAC and LegacyDecryptorWithMAC
 typedef DES_EDE2 LegacyBlockCipher;
 //! \brief Legacy hash for use with LegacyEncryptorWithMAC and LegacyDecryptorWithMAC
-typedef SHA LegacyHashModule;
+typedef SHA1 LegacyHashModule;
 //! \brief Legacy HMAC for use withLegacyEncryptorWithMAC and LegacyDecryptorWithMAC
 typedef HMAC<LegacyHashModule> LegacyMAC;
 
diff --git a/eccrypto.h b/eccrypto.h
index df1dbe81..2a1836c2 100644
--- a/eccrypto.h
+++ b/eccrypto.h
@@ -398,7 +398,7 @@ struct ECDSA_RFC6979 : public DL_SS<
 //! \brief Elliptic Curve NR (ECNR) signature scheme
 //! \tparam EC elliptic curve field
 //! \tparam H HashTransformation derived class
-template <class EC, class H = SHA>
+template <class EC, class H = SHA1>
 struct ECNR : public DL_SS<DL_Keys_EC<EC>, DL_Algorithm_ECNR<EC>, DL_SignatureMessageEncodingMethod_NR, H>
 {
 };
diff --git a/esign.cpp b/esign.cpp
index 77137d66..7c69a684 100644
--- a/esign.cpp
+++ b/esign.cpp
@@ -21,15 +21,15 @@ NAMESPACE_BEGIN(CryptoPP)
 #if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_DOXYGEN_PROCESSING)
 void ESIGN_TestInstantiations()
 {
-	ESIGN<SHA>::Verifier x1(1, 1);
-	ESIGN<SHA>::Signer x2(NullRNG(), 1);
-	ESIGN<SHA>::Verifier x3(x2);
-	ESIGN<SHA>::Verifier x4(x2.GetKey());
-	ESIGN<SHA>::Verifier x5(x3);
-	ESIGN<SHA>::Signer x6 = x2;
+	ESIGN<SHA1>::Verifier x1(1, 1);
+	ESIGN<SHA1>::Signer x2(NullRNG(), 1);
+	ESIGN<SHA1>::Verifier x3(x2);
+	ESIGN<SHA1>::Verifier x4(x2.GetKey());
+	ESIGN<SHA1>::Verifier x5(x3);
+	ESIGN<SHA1>::Signer x6 = x2;
 
 	x6 = x2;
-	x3 = ESIGN<SHA>::Verifier(x2);
+	x3 = ESIGN<SHA1>::Verifier(x2);
 	x4 = x2.GetKey();
 }
 #endif
diff --git a/fipsalgt.cpp b/fipsalgt.cpp
index 26ce6477..ccba9940 100644
--- a/fipsalgt.cpp
+++ b/fipsalgt.cpp
@@ -457,7 +457,7 @@ protected:
 					Integer p, q, h, g;
 					int counter;
 
-					SecByteBlock seed(SHA::DIGESTSIZE);
+					SecByteBlock seed(SHA1::DIGESTSIZE);
 					do
 					{
 						m_rng.GenerateBlock(seed, seed.size());
diff --git a/gfpcrypt.cpp b/gfpcrypt.cpp
index 9e821c91..6494b084 100644
--- a/gfpcrypt.cpp
+++ b/gfpcrypt.cpp
@@ -23,12 +23,12 @@ NAMESPACE_BEGIN(CryptoPP)
 #if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_DOXYGEN_PROCESSING)
 void TestInstantiations_gfpcrypt()
 {
-	GDSA<SHA>::Signer test;
-	GDSA<SHA>::Verifier test1;
+	GDSA<SHA1>::Signer test;
+	GDSA<SHA1>::Verifier test1;
 	DSA::Signer test5(NullRNG(), 100);
 	DSA::Signer test2(test5);
-	NR<SHA>::Signer test3;
-	NR<SHA>::Verifier test4;
+	NR<SHA1>::Signer test3;
+	NR<SHA1>::Verifier test4;
 	DLIES<>::Encryptor test6;
 	DLIES<>::Decryptor test7;
 }
diff --git a/gfpcrypt.h b/gfpcrypt.h
index 75e99705..974886fa 100644
--- a/gfpcrypt.h
+++ b/gfpcrypt.h
@@ -737,7 +737,7 @@ class DSA2;
 struct DL_Keys_DSA
 {
     typedef DL_PublicKey_GFP<DL_GroupParameters_DSA> PublicKey;
-    typedef DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_GFP<DL_GroupParameters_DSA>, DSA2<SHA> > PrivateKey;
+    typedef DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_GFP<DL_GroupParameters_DSA>, DSA2<SHA1> > PrivateKey;
 };
 
 //! \class DSA2
@@ -779,7 +779,7 @@ typedef DSA2<SHA1> DSA;
 
 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PublicKey_GFP<DL_GroupParameters_DSA>;
 CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_GFP<DL_GroupParameters_DSA>;
-CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_GFP<DL_GroupParameters_DSA>, DSA2<SHA> >;
+CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_WithSignaturePairwiseConsistencyTest<DL_PrivateKey_GFP<DL_GroupParameters_DSA>, DSA2<SHA1> >;
 
 //! \class DL_EncryptionAlgorithm_Xor
 //! \brief P1363 based XOR Encryption Method
diff --git a/luc.cpp b/luc.cpp
index c9faca62..702fc9f6 100644
--- a/luc.cpp
+++ b/luc.cpp
@@ -13,7 +13,7 @@ NAMESPACE_BEGIN(CryptoPP)
 #if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_DOXYGEN_PROCESSING)
 void LUC_TestInstantiations()
 {
-	LUC_HMP<SHA>::Signer t1;
+	LUC_HMP<SHA1>::Signer t1;
 	LUCFunction t2;
 	InvertibleLUCFunction t3;
 }
diff --git a/luc.h b/luc.h
index 49032a13..7b31edfe 100644
--- a/luc.h
+++ b/luc.h
@@ -152,11 +152,11 @@ struct LUCSS : public TF_SS<LUC, STANDARD, H>
 };
 
 // analogous to the RSA schemes defined in PKCS #1 v2.0
-typedef LUCES<OAEP<SHA> >::Decryptor LUCES_OAEP_SHA_Decryptor;
-typedef LUCES<OAEP<SHA> >::Encryptor LUCES_OAEP_SHA_Encryptor;
+typedef LUCES<OAEP<SHA1> >::Decryptor LUCES_OAEP_SHA_Decryptor;
+typedef LUCES<OAEP<SHA1> >::Encryptor LUCES_OAEP_SHA_Encryptor;
 
-typedef LUCSS<PKCS1v15, SHA>::Signer LUCSSA_PKCS1v15_SHA_Signer;
-typedef LUCSS<PKCS1v15, SHA>::Verifier LUCSSA_PKCS1v15_SHA_Verifier;
+typedef LUCSS<PKCS1v15, SHA1>::Signer LUCSSA_PKCS1v15_SHA_Signer;
+typedef LUCSS<PKCS1v15, SHA1>::Verifier LUCSSA_PKCS1v15_SHA_Verifier;
 
 // ********************************************************
 
diff --git a/oaep.h b/oaep.h
index b299f71f..1809af43 100644
--- a/oaep.h
+++ b/oaep.h
@@ -37,7 +37,7 @@ protected:
 	MaskGeneratingFunction * NewMGF() const {return new MGF;}
 };
 
-CRYPTOPP_DLL_TEMPLATE_CLASS OAEP<SHA>;
+CRYPTOPP_DLL_TEMPLATE_CLASS OAEP<SHA1>;
 
 NAMESPACE_END
 
diff --git a/randpool.h b/randpool.h
index c356dca6..3214e3c0 100644
--- a/randpool.h
+++ b/randpool.h
@@ -20,8 +20,8 @@
 //!    # Go back one more
 //!    git checkout HEAD~1
 //!
-//!    $ grep 'MDC<SHA>' *.h *.cpp
-//!    randpool.cpp:typedef MDC<SHA> RandomPoolCipher;
+//!    $ grep 'MDC<SHA1>' *.h *.cpp
+//!    randpool.cpp:typedef MDC<SHA1> RandomPoolCipher;
 //! </pre>
 //! \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
 
diff --git a/rsa.cpp b/rsa.cpp
index c730ac39..6853d22d 100644
--- a/rsa.cpp
+++ b/rsa.cpp
@@ -15,13 +15,13 @@
 NAMESPACE_BEGIN(CryptoPP)
 void RSA_TestInstantiations()
 {
-	RSASS<PKCS1v15, SHA>::Verifier x1(1, 1);
-	RSASS<PKCS1v15, SHA>::Signer x2(NullRNG(), 1);
-	RSASS<PKCS1v15, SHA>::Verifier x3(x2);
-	RSASS<PKCS1v15, SHA>::Verifier x4(x2.GetKey());
-	RSASS<PSS, SHA>::Verifier x5(x3);
+	RSASS<PKCS1v15, SHA1>::Verifier x1(1, 1);
+	RSASS<PKCS1v15, SHA1>::Signer x2(NullRNG(), 1);
+	RSASS<PKCS1v15, SHA1>::Verifier x3(x2);
+	RSASS<PKCS1v15, SHA1>::Verifier x4(x2.GetKey());
+	RSASS<PSS, SHA1>::Verifier x5(x3);
 #ifndef __MWERKS__
-	RSASS<PSSR, SHA>::Signer x6 = x2;
+	RSASS<PSSR, SHA1>::Signer x6 = x2;
 	x3 = x2;
 	x6 = x2;
 #endif
@@ -29,7 +29,7 @@ void RSA_TestInstantiations()
 #ifndef __GNUC__
 	RSAES<PKCS1v15>::Encryptor x8(x3);
 #endif
-	RSAES<OAEP<SHA> >::Encryptor x9(x2);
+	RSAES<OAEP<SHA1> >::Encryptor x9(x2);
 
 	x4 = x2.GetKey();
 }
@@ -136,12 +136,12 @@ void InvertibleRSAFunction::GenerateRandom(RandomNumberGenerator &rng, const Nam
 
 	if (FIPS_140_2_ComplianceEnabled())
 	{
-		RSASS<PKCS1v15, SHA>::Signer signer(*this);
-		RSASS<PKCS1v15, SHA>::Verifier verifier(signer);
+		RSASS<PKCS1v15, SHA1>::Signer signer(*this);
+		RSASS<PKCS1v15, SHA1>::Verifier verifier(signer);
 		SignaturePairwiseConsistencyTest_FIPS_140_Only(signer, verifier);
 
-		RSAES<OAEP<SHA> >::Decryptor decryptor(*this);
-		RSAES<OAEP<SHA> >::Encryptor encryptor(decryptor);
+		RSAES<OAEP<SHA1> >::Decryptor decryptor(*this);
+		RSAES<OAEP<SHA1> >::Encryptor encryptor(decryptor);
 		EncryptionPairwiseConsistencyTest_FIPS_140_Only(encryptor, decryptor);
 	}
 }
diff --git a/rsa.h b/rsa.h
index 6f195a64..f4c8fe20 100644
--- a/rsa.h
+++ b/rsa.h
@@ -217,22 +217,22 @@ DOCUMENTED_TYPEDEF(RSAES<PKCS1v15>::Decryptor, RSAES_PKCS1v15_Decryptor);
 //! \details RSA encryption scheme defined in PKCS #1 v2.0
 DOCUMENTED_TYPEDEF(RSAES<PKCS1v15>::Encryptor, RSAES_PKCS1v15_Encryptor);
 
-//! \brief \ref RSAES<STANDARD> "RSAES<OAEP<SHA>>::Decryptor" typedef
+//! \brief \ref RSAES<STANDARD> "RSAES<OAEP<SHA1>>::Decryptor" typedef
 //! \details RSA encryption scheme defined in PKCS #1 v2.0
-DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA> >::Decryptor, RSAES_OAEP_SHA_Decryptor);
-//! \brief \ref RSAES<STANDARD> "RSAES<OAEP<SHA>>::Encryptor" typedef
+DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA1> >::Decryptor, RSAES_OAEP_SHA_Decryptor);
+//! \brief \ref RSAES<STANDARD> "RSAES<OAEP<SHA1>>::Encryptor" typedef
 //! \details RSA encryption scheme defined in PKCS #1 v2.0
-DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA> >::Encryptor, RSAES_OAEP_SHA_Encryptor);
+DOCUMENTED_TYPEDEF(RSAES<OAEP<SHA1> >::Encryptor, RSAES_OAEP_SHA_Encryptor);
 
 #ifdef CRYPTOPP_DOXYGEN_PROCESSING
-//! \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15,SHA>::Signer" typedef
+//! \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15,SHA1>::Signer" typedef
 //! \details RSA signature schemes defined in PKCS #1 v2.0
 //! \since Crypto++ 1.0
-class RSASSA_PKCS1v15_SHA_Signer : public RSASS<PKCS1v15,SHA>::Signer {};
-//! \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15,SHA>::Verifier" typedef
+class RSASSA_PKCS1v15_SHA_Signer : public RSASS<PKCS1v15,SHA1>::Signer {};
+//! \brief \ref RSASS<STANDARD,HASH> "RSASS<PKCS1v15,SHA1>::Verifier" typedef
 //! \details RSA signature schemes defined in PKCS #1 v2.0
 //! \since Crypto++ 1.0
-class RSASSA_PKCS1v15_SHA_Verifier : public RSASS<PKCS1v15,SHA>::Verifier {};
+class RSASSA_PKCS1v15_SHA_Verifier : public RSASS<PKCS1v15,SHA1>::Verifier {};
 
 namespace Weak {
 
@@ -256,8 +256,8 @@ class RSASSA_PKCS1v15_MD5_Verifier : public RSASS<PKCS1v15, Weak1::MD5>::Verifie
 }
 
 #else
-typedef RSASS<PKCS1v15,SHA>::Signer RSASSA_PKCS1v15_SHA_Signer;
-typedef RSASS<PKCS1v15,SHA>::Verifier RSASSA_PKCS1v15_SHA_Verifier;
+typedef RSASS<PKCS1v15,SHA1>::Signer RSASSA_PKCS1v15_SHA_Signer;
+typedef RSASS<PKCS1v15,SHA1>::Verifier RSASSA_PKCS1v15_SHA_Verifier;
 
 namespace Weak {
 	typedef RSASS<PKCS1v15, Weak1::MD2>::Signer RSASSA_PKCS1v15_MD2_Signer;
diff --git a/seal.cpp b/seal.cpp
index d0ba4fce..acc4e4e5 100644
--- a/seal.cpp
+++ b/seal.cpp
@@ -39,7 +39,7 @@ word32 SEAL_Gamma::Apply(word32 i)
 	{
 		memcpy(Z, H, 20);
 		D[0] = shaIndex;
-		SHA::Transform(Z, D);
+		SHA1::Transform(Z, D);
 		lastIndex = shaIndex;
 	}
 	return Z[i%5];
diff --git a/sha.h b/sha.h
index ce2ff06e..806317d4 100644
--- a/sha.h
+++ b/sha.h
@@ -30,8 +30,6 @@ public:
 	CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-1";}
 };
 
-typedef SHA1 SHA;	// for backwards compatibility
-
 //! \class SHA256
 //! \brief SHA-256 message digest
 //! \sa <a href="http://www.weidai.com/scan-mirror/md.html#SHA-256">SHA-256</a>
diff --git a/test.cpp b/test.cpp
index e41a49e3..72fda0d7 100644
--- a/test.cpp
+++ b/test.cpp
@@ -543,14 +543,14 @@ std::string RSADecryptString(const char *privFilename, const char *ciphertext)
 void RSASignFile(const char *privFilename, const char *messageFilename, const char *signatureFilename)
 {
 	FileSource privFile(privFilename, true, new HexDecoder);
-	RSASS<PKCS1v15, SHA>::Signer priv(privFile);
+	RSASS<PKCS1v15, SHA1>::Signer priv(privFile);
 	FileSource f(messageFilename, true, new SignerFilter(Test::GlobalRNG(), priv, new HexEncoder(new FileSink(signatureFilename))));
 }
 
 bool RSAVerifyFile(const char *pubFilename, const char *messageFilename, const char *signatureFilename)
 {
 	FileSource pubFile(pubFilename, true, new HexDecoder);
-	RSASS<PKCS1v15, SHA>::Verifier pub(pubFile);
+	RSASS<PKCS1v15, SHA1>::Verifier pub(pubFile);
 
 	FileSource signatureFile(signatureFilename, true, new HexDecoder);
 	if (signatureFile.MaxRetrievable() != pub.SignatureLength())
diff --git a/validat2.cpp b/validat2.cpp
index 3e1eb8d8..1c039001 100644
--- a/validat2.cpp
+++ b/validat2.cpp
@@ -322,8 +322,8 @@ bool ValidateRSA()
 		pass = CryptoSystemValidate(rsaPriv, rsaPub) && pass;
 	}
 	{
-		RSAES<OAEP<SHA> >::Decryptor rsaPriv(GlobalRNG(), 512);
-		RSAES<OAEP<SHA> >::Encryptor rsaPub(rsaPriv);
+		RSAES<OAEP<SHA1> >::Decryptor rsaPriv(GlobalRNG(), 512);
+		RSAES<OAEP<SHA1> >::Encryptor rsaPub(rsaPriv);
 
 		pass = CryptoSystemValidate(rsaPriv, rsaPub) && pass;
 	}
@@ -679,16 +679,16 @@ bool ValidateNR()
 	bool pass = true;
 	{
 		FileSource f(CRYPTOPP_DATA_DIR "TestData/nr2048.dat", true, new HexDecoder);
-		NR<SHA>::Signer privS(f);
+		NR<SHA1>::Signer privS(f);
 		privS.AccessKey().Precompute();
-		NR<SHA>::Verifier pubS(privS);
+		NR<SHA1>::Verifier pubS(privS);
 
 		pass = SignatureValidate(privS, pubS) && pass;
 	}
 	{
 		std::cout << "Generating new signature key..." << std::endl;
-		NR<SHA>::Signer privS(GlobalRNG(), 256);
-		NR<SHA>::Verifier pubS(privS);
+		NR<SHA1>::Signer privS(GlobalRNG(), 256);
+		NR<SHA1>::Verifier pubS(privS);
 
 		pass = SignatureValidate(privS, pubS) && pass;
 	}
@@ -736,8 +736,8 @@ bool ValidateLUC_DL()
 	std::cout << "\nLUC-HMP validation suite running...\n\n";
 
 	FileSource f(CRYPTOPP_DATA_DIR "TestData/lucs512.dat", true, new HexDecoder);
-	LUC_HMP<SHA>::Signer privS(f);
-	LUC_HMP<SHA>::Verifier pubS(privS);
+	LUC_HMP<SHA1>::Signer privS(f);
+	LUC_HMP<SHA1>::Verifier pubS(privS);
 	bool pass = SignatureValidate(privS, pubS);
 
 	std::cout << "\nLUC-IES validation suite running...\n\n";
@@ -757,13 +757,13 @@ bool ValidateRabin()
 
 	{
 		FileSource f(CRYPTOPP_DATA_DIR "TestData/rabi1024.dat", true, new HexDecoder);
-		RabinSS<PSSR, SHA>::Signer priv(f);
-		RabinSS<PSSR, SHA>::Verifier pub(priv);
+		RabinSS<PSSR, SHA1>::Signer priv(f);
+		RabinSS<PSSR, SHA1>::Verifier pub(priv);
 		pass = SignatureValidate(priv, pub) && pass;
 	}
 	{
-		RabinES<OAEP<SHA> >::Decryptor priv(GlobalRNG(), 512);
-		RabinES<OAEP<SHA> >::Encryptor pub(priv);
+		RabinES<OAEP<SHA1> >::Decryptor priv(GlobalRNG(), 512);
+		RabinES<OAEP<SHA1> >::Encryptor pub(priv);
 		pass = CryptoSystemValidate(priv, pub) && pass;
 	}
 	return pass;
@@ -774,8 +774,8 @@ bool ValidateRW()
 	std::cout << "\nRW validation suite running...\n\n";
 
 	FileSource f(CRYPTOPP_DATA_DIR "TestData/rw1024.dat", true, new HexDecoder);
-	RWSS<PSSR, SHA>::Signer priv(f);
-	RWSS<PSSR, SHA>::Verifier pub(priv);
+	RWSS<PSSR, SHA1>::Signer priv(f);
+	RWSS<PSSR, SHA1>::Verifier pub(priv);
 
 	return SignatureValidate(priv, pub);
 }
@@ -917,8 +917,8 @@ bool ValidateECP()
 	cpriv.GetKey().DEREncode(bq);
 	cpub.AccessKey().AccessGroupParameters().SetEncodeAsOID(true);
 	cpub.GetKey().DEREncode(bq);
-	ECDSA<ECP, SHA>::Signer spriv(bq);
-	ECDSA<ECP, SHA>::Verifier spub(bq);
+	ECDSA<ECP, SHA1>::Signer spriv(bq);
+	ECDSA<ECP, SHA1>::Verifier spub(bq);
 	ECDH<ECP>::Domain ecdhc(ASN1::secp192r1());
 	ECMQV<ECP>::Domain ecmqvc(ASN1::secp192r1());
 
@@ -966,8 +966,8 @@ bool ValidateEC2N()
 	cpriv.DEREncode(bq);
 	cpub.AccessKey().AccessGroupParameters().SetEncodeAsOID(true);
 	cpub.DEREncode(bq);
-	ECDSA<EC2N, SHA>::Signer spriv(bq);
-	ECDSA<EC2N, SHA>::Verifier spub(bq);
+	ECDSA<EC2N, SHA1>::Signer spriv(bq);
+	ECDSA<EC2N, SHA1>::Verifier spub(bq);
 	ECDH<EC2N>::Domain ecdhc(ASN1::sect193r1());
 	ECMQV<EC2N>::Domain ecmqvc(ASN1::sect193r1());
 
@@ -1023,8 +1023,8 @@ bool ValidateECDSA()
 	Integer n("40000000000000000000000004a20e90c39067c893bbb9a5H");
 	Integer d("340562e1dda332f9d2aec168249b5696ee39d0ed4d03760fH");
 	EC2N::Point Q(ec.Multiply(d, P));
-	ECDSA<EC2N, SHA>::Signer priv(ec, P, n, d);
-	ECDSA<EC2N, SHA>::Verifier pub(priv);
+	ECDSA<EC2N, SHA1>::Signer priv(ec, P, n, d);
+	ECDSA<EC2N, SHA1>::Verifier pub(priv);
 
 	Integer h("A9993E364706816ABA3E25717850C26C9CD0D89DH");
 	Integer k("3eeace72b4919d991738d521879f787cb590aff8189d2b69H");
@@ -1416,8 +1416,8 @@ bool ValidateESIGN()
 		"\x79\xA2\xE5\x52\x20\x5D\x97\x5E\xFE\x39\xAE\x21\x10\xFB\x35\xF4\x80\x81\x41\x13\xDD\xE8\x5F\xCA\x1E\x4F\xF8\x9B\xB2\x68\xFB\x28";
 
 	FileSource keys(CRYPTOPP_DATA_DIR "TestData/esig1536.dat", true, new HexDecoder);
-	ESIGN<SHA>::Signer signer(keys);
-	ESIGN<SHA>::Verifier verifier(signer);
+	ESIGN<SHA1>::Signer signer(keys);
+	ESIGN<SHA1>::Verifier verifier(signer);
 
 	fail = !SignatureValidate(signer, verifier);
 	pass = pass && !fail;

From 1df5fc1e2188b5f154295dc84d12ac7eeec1d08c Mon Sep 17 00:00:00 2001
From: Anton Gorev <kvirund@gmail.com>
Date: Thu, 27 Apr 2017 13:50:47 -0500
Subject: [PATCH 066/200] Revert "Some fixes related to SunCC compiler bugs."

This reverts commit 72d8cbe9177bade320b51c149aac1c67c4dd13ec.
---
 sha.cpp      | 16 +---------------
 vmac.cpp     | 18 ++----------------
 whrlpool.cpp |  8 --------
 3 files changed, 3 insertions(+), 39 deletions(-)

diff --git a/sha.cpp b/sha.cpp
index 843b7233..f64ff33d 100644
--- a/sha.cpp
+++ b/sha.cpp
@@ -40,21 +40,7 @@ typedef void (CRYPTOPP_FASTCALL *pfnSHAHashBlocks)(word32 *state, const word32 *
 // start of Steve Reid's code //
 ////////////////////////////////
 
-
-template <typename T>
-inline T BLK0_TEMPLATE(const T* y, const int i)
-{
-    T t;
-    memcpy(&t, y+i, sizeof(t));
-    return t;
-}
-
-#if defined(__SUNPRO_CC)
-#  define blk0(i) (W[i] = BLK0_TEMPLATE(data,i))
-#else
-#  define blk0(i) (W[i] = data[i])
-#endif
-
+#define blk0(i) (W[i] = data[i])
 #define blk1(i) (W[i&15] = rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1))
 
 #define f1(x,y,z) (z^(x&(y^z)))
diff --git a/vmac.cpp b/vmac.cpp
index 82b4bf12..30eee34d 100644
--- a/vmac.cpp
+++ b/vmac.cpp
@@ -546,23 +546,9 @@ void VMAC_Base::VHASH_Update_Template(const word64 *data, size_t blocksRemaining
 	CRYPTOPP_ASSERT(IsAlignedOn(m_polyState(),GetAlignmentOf<word64>()));
 	CRYPTOPP_ASSERT(IsAlignedOn(m_nhKey(),GetAlignmentOf<word64>()));
 
-#if defined(__SUNPRO_CC)
-	#define PREPARE_D0_D1(j) \
-		word64 d0_original = 0;\
-		memcpy(&d0_original, data + i + 2*j + 0, sizeof(d0_original));\
-		word64 d1_original = 0;\
-		memcpy(&d1_original, data + i + 2*j + 1, sizeof(d1_original));\
-		\
-		word64 d0 = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, d0_original);\
-		word64 d1 = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, d1_original)
-#else
-	#define PREPARE_D0_D1(j) \
-		word64 d0 = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, data[i+2*j+0]);\
-		word64 d1 = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, data[i+2*j+1])
-#endif
-
 	#define INNER_LOOP_ITERATION(j)	{\
-		PREPARE_D0_D1(j);\
+		word64 d0 = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, data[i+2*j+0]);\
+		word64 d1 = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, data[i+2*j+1]);\
 		AccumulateNH(nhA, d0+nhK[i+2*j+0], d1+nhK[i+2*j+1]);\
 		if (T_128BitTag)\
 			AccumulateNH(nhB, d0+nhK[i+2*j+2], d1+nhK[i+2*j+3]);\
diff --git a/whrlpool.cpp b/whrlpool.cpp
index 8d065b30..1278ad8a 100644
--- a/whrlpool.cpp
+++ b/whrlpool.cpp
@@ -609,15 +609,7 @@ void Whirlpool::Transform(word64 *digest, const word64 *block)
 	// Compute and apply K^0 to the cipher state
 	// Also apply part of the Miyaguchi-Preneel compression function
 	for (int i=0; i<8; i++)
-	{
-#if defined (__SUNPRO_CC)
-		word64 block_i = 0;
-		memcpy(&block_i, &block[i], sizeof(block_i));
-		digest[i] = s[i] = block_i ^ (k[i] = digest[i]);
-#else
 		digest[i] = s[i] = block[i] ^ (k[i] = digest[i]);
-#endif
-	}
 
 #define KSL(op, i, a, b, c, d)	\
 	t = (word32)k[i];\

From 7eeab3d0bf8128eaece2c758ac753ddc40b9be50 Mon Sep 17 00:00:00 2001
From: Anton Gorev <kvirund@gmail.com>
Date: Thu, 27 Apr 2017 14:15:12 -0500
Subject: [PATCH 067/200] Added -xmemalign=4i compiler option for Sparc's.

---
 CMakeLists.txt | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 70e59b8f..841fdab4 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -262,9 +262,12 @@ if ((NOT CRYPTOPP_CROSS_COMPILE) AND "${UNAME_SYSTEM}" STREQUAL "SunOS")
 		SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -template=no%extdef")
 	endif()
 
-	# Try this if you are encountering unexplained SIGBUS'es on SPARC
-	# SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -xmemalign=4i")
-
+	execute_process(COMMAND "uname" "-p" OUTPUT_VARIABLE PLATFORM_SUNOS_ARCH OUTPUT_STRIP_TRAILING_WHITESPACE)
+	string(TOUPPER "${PLATFORM_SUNOS_ARCH}" PLATFORM_SUNOS_ARCH)
+	message(STATUS "SunOS platform arch: ${PLATFORM_SUNOS_ARCH}")
+	if (${PLATFORM_SUNOS_ARCH} MATCHES SPARC)
+		set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -xmemalign=4i")
+	endif ()
 endif()
 
 # Link is driven through the compiler, but CXXFLAGS are not used. Also see

From 1543649ead50f2c1a0cdb2a3a8134d0cbcc81098 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 28 Apr 2017 21:35:55 -0400
Subject: [PATCH 068/200] Cleanup ARIA typedefs

---
 aria.cpp | 15 +++------------
 1 file changed, 3 insertions(+), 12 deletions(-)

diff --git a/aria.cpp b/aria.cpp
index 041be215..8e2a561b 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -176,17 +176,8 @@ ANONYMOUS_NAMESPACE_END
 
 NAMESPACE_BEGIN(CryptoPP)
 
-#if defined(IS_LITTLE_ENDIAN)
-typedef BlockGetAndPut<word32, BigEndian, true, true> AlignedBigEndianBlock;
 typedef BlockGetAndPut<word32, BigEndian, false, false> BigEndianBlock;
-typedef BlockGetAndPut<word32, LittleEndian, true, true>  AlignedNativeEndianBlock;
-typedef BlockGetAndPut<word32, LittleEndian, false, false> NativeEndianBlock;
-#else
-typedef BlockGetAndPut<word32, BigEndian, true, true> AlignedBigEndianBlock;
-typedef BlockGetAndPut<word32, BigEndian, false, false> BigEndianBlock;
-typedef BlockGetAndPut<word32, BigEndian, true, true> AlignedNativeEndianBlock;
-typedef BlockGetAndPut<word32, BigEndian, false, false> NativeEndianBlock;
-#endif
+typedef BlockGetAndPut<word32, NativeByteOrder, true, true>  NativeEndianBlock;
 
 inline byte ARIA_BRF(const word32 x, const int y) {
 	return GETBYTE(x, y);
@@ -194,7 +185,7 @@ inline byte ARIA_BRF(const word32 x, const int y) {
 
 // Key XOR Layer
 #define ARIA_KXL {  \
-    AlignedNativeEndianBlock::Put(rk, t)(t[0])(t[1])(t[2])(t[3]); \
+    NativeEndianBlock::Put(rk, t)(t[0])(t[1])(t[2])(t[3]); \
   }
 
 // S-Box Layer 1 + M
@@ -313,7 +304,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		}
 		else
 		{
-			_mm_store_si128(reinterpret_cast<__m128i*>(w1), _mm_setzero_si128());
+			w1[0]=w1[1]=w1[2]=w1[3]=0;
 		}
 	}
 	else

From bd8edfa87b579073ead850f6ed19973381620cd3 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 1 May 2017 16:23:57 -0400
Subject: [PATCH 069/200] Add variable block size support for block ciphers

This should lead the way for more modern block ciphers like Threefish and Kalyna. It tested well with both regular cipher modes (the mode has an instance of the cipher) and external cipher modes (the cipher and mode are distinct objects, and the mode holds a reference to the cipher).

We still have to work out the details of naming a cipher. For example, Kalyna with a 128-bit key can use a 128-bit or 256-bit block size. Kalyna-128 is not enough to describe the algorithm and locate it in the object registry. Kalyna-128-128 looks kind of weird; maybe Kalyna-128(128) or Kalyna-128(256) would be better.

Here are the initial test cases to verify functionality:

byte key[64] = {}, iv[32] = {};

ECB_Mode<Kalyna>::Encryption enc1;
enc1.SetKey(key, 16);

CBC_Mode<Kalyna>::Encryption enc2;
enc2.SetKeyWithIV(key, 16, iv);

AlgorithmParameters params = MakeParameters
                        (Name::BlockSize(), 32)
                        (Name::IV(), ConstByteArrayParameter(iv, 32));

CTR_Mode<Kalyna>::Encryption enc3;
enc3.SetKey(key, 16, params);

CBC_Mode<Kalyna>::Encryption enc4;
enc4.SetKey(key, 32, params);

Kalyna::Encryption enc5;
ECB_Mode_ExternalCipher::Encryption ecb(enc5);
ecb.SetKey(key, 16, params);

Kalyna::Encryption enc6;
ECB_Mode_ExternalCipher::Encryption cbc(enc6);
cbc.SetKey(key, 32, params);
---
 cryptlib.cpp |   4 +-
 modes.cpp    |   6 +--
 modes.h      |   9 ++--
 seckey.h     | 145 ++++++++++++++++++++++++++++++++++++++++++++++++++-
 simple.h     |   8 +++
 5 files changed, 163 insertions(+), 9 deletions(-)

diff --git a/cryptlib.cpp b/cryptlib.cpp
index 19ea1c6a..8920d356 100644
--- a/cryptlib.cpp
+++ b/cryptlib.cpp
@@ -71,7 +71,7 @@ Algorithm::Algorithm(bool checkSelfTestStatus)
 void SimpleKeyingInterface::SetKey(const byte *key, size_t length, const NameValuePairs &params)
 {
 	this->ThrowIfInvalidKeyLength(length);
-	this->UncheckedSetKey(key, (unsigned int)length, params);
+	this->UncheckedSetKey(key, static_cast<unsigned int>(length), params);
 }
 
 void SimpleKeyingInterface::SetKeyWithRounds(const byte *key, size_t length, int rounds)
@@ -127,7 +127,7 @@ const byte * SimpleKeyingInterface::GetIVAndThrowIfInvalid(const NameValuePairs
 	{
 		iv = ivWithLength.begin();
 		ThrowIfInvalidIV(iv);
-		size = ThrowIfInvalidIVLength((int)ivWithLength.size());
+		size = ThrowIfInvalidIVLength(static_cast<int>(ivWithLength.size()));
 		return iv;
 	}
 	else if (params.GetValue(Name::IV(), iv))
diff --git a/modes.cpp b/modes.cpp
index 6b8e81ae..0d9849ce 100644
--- a/modes.cpp
+++ b/modes.cpp
@@ -67,7 +67,7 @@ void CFB_ModePolicy::TransformRegister()
 void CFB_ModePolicy::CipherResynchronize(const byte *iv, size_t length)
 {
 	CRYPTOPP_ASSERT(length == BlockSize());
-	CopyOrZero(m_register, iv, length);
+	CopyOrZero(m_register, m_register.size(), iv, length);
 	TransformRegister();
 }
 
@@ -99,7 +99,7 @@ void OFB_ModePolicy::CipherResynchronize(byte *keystreamBuffer, const byte *iv,
 	CRYPTOPP_UNUSED(keystreamBuffer), CRYPTOPP_UNUSED(length);
 	CRYPTOPP_ASSERT(length == BlockSize());
 
-	CopyOrZero(m_register, iv, length);
+	CopyOrZero(m_register, m_register.size(), iv, length);
 }
 
 void CTR_ModePolicy::SeekToIteration(lword iterationCount)
@@ -144,7 +144,7 @@ void CTR_ModePolicy::CipherResynchronize(byte *keystreamBuffer, const byte *iv,
 	CRYPTOPP_UNUSED(keystreamBuffer), CRYPTOPP_UNUSED(length);
 	CRYPTOPP_ASSERT(length == BlockSize());
 
-	CopyOrZero(m_register, iv, length);
+	CopyOrZero(m_register, m_register.size(), iv, length);
 	m_counterArray = m_register;
 }
 
diff --git a/modes.h b/modes.h
index 78f2cd97..0955c3bd 100644
--- a/modes.h
+++ b/modes.h
@@ -130,12 +130,15 @@ protected:
 	unsigned int m_feedbackSize;
 };
 
-inline void CopyOrZero(void *dest, const void *src, size_t s)
+inline void CopyOrZero(void *dest, size_t d, const void *src, size_t s)
 {
+	CRYPTOPP_ASSERT(dest);
+	CRYPTOPP_ASSERT(d >= s);
+
 	if (src)
-		memcpy_s(dest, s, src, s);
+		memcpy_s(dest, d, src, s);
 	else
-		memset(dest, 0, s);
+		memset(dest, 0, d);
 }
 
 //! \class OFB_ModePolicy
diff --git a/seckey.h b/seckey.h
index 0cba30e3..c8bbfc90 100644
--- a/seckey.h
+++ b/seckey.h
@@ -111,10 +111,121 @@ protected:
 	{
 		int rounds = param.GetIntValueWithDefault("Rounds", DEFAULT_ROUNDS);
 		ThrowIfInvalidRounds(rounds, alg);
-		return (unsigned int)rounds;
+		return static_cast<unsigned int>(rounds);
 	}
 };
 
+//! \class VariableBlockSize
+//! \brief Inherited by algorithms with variable blocksize
+//! \tparam D Default blocksize
+//! \tparam N Minimum blocksize
+//! \tparam M Maximum blocksize
+template <unsigned int D, unsigned int N=1, unsigned int M=INT_MAX>		// use INT_MAX here because enums are treated as signed ints
+class VariableBlockSize
+{
+public:
+	//! \brief The default blocksize for the algorithm provided as a constant.
+	CRYPTOPP_CONSTANT(BLOCKSIZE = D)
+	//! \brief The default blocksize for the algorithm provided as a constant.
+	CRYPTOPP_CONSTANT(DEFAULT_BLOCKSIZE = D)
+	//! \brief The minimum blocksize for the algorithm provided as a constant.
+	CRYPTOPP_CONSTANT(MIN_BLOCKSIZE = N)
+	//! \brief The maximum blocksize for the algorithm provided as a constant.
+	CRYPTOPP_CONSTANT(MAX_BLOCKSIZE = M)
+	//! \brief The default blocksize for the algorithm based on key length
+	//!   provided by a static function.
+	//! \param keylength the size of the key, in bytes
+	//! \details keylength is unused in the default implementation.
+	CRYPTOPP_STATIC_CONSTEXPR unsigned int StaticGetDefaultBlockSize(size_t keylength)
+	{
+		return (keylength >= 64) ? 64 :
+			(keylength >= 32) ? 32 : 16;
+	}
+
+protected:
+	//! \brief Validates the blocksize for an algorithm.
+	//! \param blocksize the candidate blocksize
+	//! \param alg an Algorithm object used if the blocksize is invalid
+	//! \throws InvalidBlockSize if the blocksize is invalid
+	//! \details ThrowIfInvalidBlockSize() validates the blocksize and throws if invalid.
+	inline void ThrowIfInvalidBlockSize(int blocksize, const Algorithm *alg)
+	{
+		if (M == INT_MAX) // Coverity and result_independent_of_operands
+		{
+			if (blocksize < MIN_BLOCKSIZE)
+				throw InvalidBlockSize(alg ? alg->AlgorithmName() : std::string("VariableBlockSize"), blocksize);
+		}
+		else
+		{
+			if (blocksize < MIN_BLOCKSIZE || blocksize > MAX_BLOCKSIZE)
+				throw InvalidBlockSize(alg ? alg->AlgorithmName() : std::string("VariableBlockSize"), blocksize);
+		}
+	}
+
+	//! \brief Validates the blocksize for an algorithm
+	//! \param param the candidate blocksize
+	//! \param alg an Algorithm object used if the blocksize is invalid
+	//! \returns the blocksize for the algorithm
+	//! \throws InvalidBlockSize if the blocksize is invalid
+	//! \details GetBlockSizeAndThrowIfInvalid() validates the blocksize and throws if invalid.
+	inline unsigned int GetBlockSizeAndThrowIfInvalid(const NameValuePairs &param, const Algorithm *alg)
+	{
+		int keylength = param.GetIntValueWithDefault("KeySize", 0);
+		int blocksize = param.GetIntValueWithDefault("BlockSize", DEFAULT_BLOCKSIZE);
+		if (keylength > 0)
+			ThrowIfInvalidBlockSize(keylength, blocksize, alg);
+		else
+			ThrowIfInvalidBlockSize(blocksize, alg);
+		return static_cast<unsigned int>(blocksize);
+	}
+
+	//! Provides the block size of the cipher
+	//! \return the block size, in bytes
+	//! \details The sematics of BlockSize() is return DEFAULT_BLOCKSIZE if the default blocksize
+	//!   is in effect. If the blocksize has changed, then the value returned is the BlockSize()
+	//!   parameter used during SetKey().
+	//! \details DEFAULT_BLOCKSIZE should be paired with DEFAULT_KEYLENGTH, and it is the same as
+	//!    BLOCKSIZE in a FixedBlockSize cipher.
+	virtual unsigned int BlockSize() const =0;
+
+	//! Provides the minimum block size of the cipher
+	//! \return the minimum block size, in bytes
+	//! \details MinBlockSize() returns the smallest blocksize a cipher can use. The size can
+	//!   be affected by the key length. For example, Threefish has key sizes of 256, 512 and 1024 bits,
+	//!   and the blocksize follows the key length. If a 512-bit key is used, then the block size is 512
+	//!   bits. Once keyed, the minimum block size of 256 is not accurate, nor is a block size of 1024 bit.
+	virtual unsigned int MinBlockSize() const
+		{ return MIN_BLOCKSIZE; }
+
+	//! Provides the maximum block size of the cipher
+	//! \return the maximum block size, in bytes
+	//! \details MaxBlockSize() returns the largest blocksize a cipher can use. The size can
+	//!   be affected by the key length. For example, Threefish has key sizes of 256, 512 and 1024 bits,
+	//!   and the blocksize follows the key length. If a 512-bit key is used, then the block size is 512
+	//!   bits. Once keyed, the minimum block size of 256 is not accurate, nor is a block size of 1024 bit.
+	virtual unsigned int MaxBlockSize() const
+		{ return MAX_BLOCKSIZE; }
+
+	//! Provides the initialization vector length of the cipher
+	//! \return the initialization vector length, in bytes
+	//! \details The sematics of IVSize() is return IV_LENGTH if the default blocksize is
+	//!   in effect. If the blocksize has changed, then the default implentation returns the value of
+	//!   the BlockSize() parameter used during SetKey().
+	//! \details Derived classes may override the behavior such that a different value is returned.
+	//!   This may happen with a cipher that requires an IV that is twice the block size.
+	virtual unsigned int IVSize() const =0;
+
+	//! \brief Provides the minimum size of an IV
+	//! \return minimal length of IVs accepted by this cipher, in bytes
+	virtual unsigned int MinIVLength() const
+		{ return MIN_BLOCKSIZE; }
+
+	//! \brief Provides the maximum size of an IV
+	//! \return maximal length of IVs accepted by this cipher, in bytes
+	virtual unsigned int MaxIVLength() const
+		{ return MAX_BLOCKSIZE; }
+};
+
 // ************** key length ***************
 
 //! \class FixedKeyLength
@@ -316,6 +427,38 @@ public:
 	unsigned int BlockSize() const {return this->BLOCKSIZE;}
 };
 
+//! \class VariableBlockCipherImpl
+//! \brief Provides a base implementation of Algorithm and SimpleKeyingInterface for block ciphers with varibale block sizes
+//! \tparam INFO a SimpleKeyingInterface derived class
+//! \tparam BASE a SimpleKeyingInterface derived class
+//! \details VariableBlockCipherImpl() provides a default implementation for block ciphers with varibale block sizes using AlgorithmImpl()
+//!   and SimpleKeyingInterfaceImpl().
+//! \sa Algorithm(), SimpleKeyingInterface(), AlgorithmImpl(), SimpleKeyingInterfaceImpl()
+template <class INFO, class BASE = BlockCipher>
+class CRYPTOPP_NO_VTABLE VariableBlockCipherImpl : public AlgorithmImpl<SimpleKeyingInterfaceImpl<TwoBases<BASE, INFO> > >
+{
+public:
+	VariableBlockCipherImpl() : m_blocksize(0) {}
+	VariableBlockCipherImpl(unsigned int blocksize) : m_blocksize(blocksize) {}
+
+	//! Provides the block size of the algorithm
+	//! \returns the block size, in bytes
+	unsigned int BlockSize() const {
+		return m_blocksize ? m_blocksize : this->BLOCKSIZE;
+	}
+
+	//! Provides the initialization vector length of the algorithm
+	//! \returns the initialization vector length, in bytes
+	unsigned int IVSize() const {
+		if (!this->IsResynchronizable())
+			throw NotImplemented(GetAlgorithm().AlgorithmName() + ": this object doesn't support resynchronization");
+		return m_blocksize ? m_blocksize : this->IV_LENGTH;
+	}
+
+protected:
+	unsigned int m_blocksize;
+};
+
 //! \class BlockCipherFinal
 //! \brief Provides class member functions to key a block cipher
 //! \tparam DIR a CipherDir
diff --git a/simple.h b/simple.h
index 2b92d343..8be4d422 100644
--- a/simple.h
+++ b/simple.h
@@ -58,6 +58,14 @@ public:
 	explicit InvalidRounds(const std::string &algorithm, unsigned int rounds) : InvalidArgument(algorithm + ": " + IntToString(rounds) + " is not a valid number of rounds") {}
 };
 
+//! \class InvalidBlockSize
+//! \brief Exception thrown when an invalid block size is encountered
+class CRYPTOPP_DLL InvalidBlockSize : public InvalidArgument
+{
+public:
+	explicit InvalidBlockSize(const std::string &algorithm, size_t length) : InvalidArgument(algorithm + ": " + IntToString(length) + " is not a valid block size") {}
+};
+
 //! \class InvalidPersonalizationLength
 //! \brief Exception thrown when an invalid personalization string length is encountered
 class CRYPTOPP_DLL InvalidPersonalizationLength : public InvalidArgument

From 9db82ed793159ced2143969828ac27d1f198e825 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 1 May 2017 16:40:32 -0400
Subject: [PATCH 070/200] Use symbolic defines StaticGetDefaultBlockSize

---
 seckey.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/seckey.h b/seckey.h
index c8bbfc90..b400a229 100644
--- a/seckey.h
+++ b/seckey.h
@@ -138,8 +138,8 @@ public:
 	//! \details keylength is unused in the default implementation.
 	CRYPTOPP_STATIC_CONSTEXPR unsigned int StaticGetDefaultBlockSize(size_t keylength)
 	{
-		return (keylength >= 64) ? 64 :
-			(keylength >= 32) ? 32 : 16;
+		return (keylength >= MAX_BLOCKSIZE) ? MAX_BLOCKSIZE :
+			(keylength >= DEFAULT_BLOCKSIZE) ? DEFAULT_BLOCKSIZE : MIN_BLOCKSIZE;
 	}
 
 protected:

From a33a3435f405a13d7c18911f2ce323e6807dea80 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 1 May 2017 16:41:43 -0400
Subject: [PATCH 071/200] Remove HashFunction typedef (Issue 369) This should
 have happened when we removed most of MAINTAIN_BACKWARDS_COMPATIBILITY
 artifacts.

---
 cryptlib.h | 2 --
 1 file changed, 2 deletions(-)

diff --git a/cryptlib.h b/cryptlib.h
index fb5473dd..840c3a45 100644
--- a/cryptlib.h
+++ b/cryptlib.h
@@ -1094,8 +1094,6 @@ protected:
 	void ThrowIfInvalidTruncatedSize(size_t size) const;
 };
 
-typedef HashTransformation HashFunction;
-
 //! \brief Interface for one direction (encryption or decryption) of a block cipher
 //! \details These objects usually should not be used directly. See BlockTransformation for more details.
 class CRYPTOPP_DLL CRYPTOPP_NO_VTABLE BlockCipher : public SimpleKeyingInterface, public BlockTransformation

From f8c1348667efdc0dfc23f3fddbe3265e0abc7feb Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 1 May 2017 16:56:21 -0400
Subject: [PATCH 072/200] =?UTF-8?q?Fix=20"There=20are=20no=20arguments=20t?=
 =?UTF-8?q?o=20=E2=80=98GetAlgorithm=E2=80=99=20that=20depend=20on=20a=20t?=
 =?UTF-8?q?emplate=20parameter"?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 seckey.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/seckey.h b/seckey.h
index b400a229..dcf28fbe 100644
--- a/seckey.h
+++ b/seckey.h
@@ -451,7 +451,7 @@ public:
 	//! \returns the initialization vector length, in bytes
 	unsigned int IVSize() const {
 		if (!this->IsResynchronizable())
-			throw NotImplemented(GetAlgorithm().AlgorithmName() + ": this object doesn't support resynchronization");
+			throw NotImplemented(this->GetAlgorithm().AlgorithmName() + ": this object doesn't support resynchronization");
 		return m_blocksize ? m_blocksize : this->IV_LENGTH;
 	}
 

From 554b7a2747178c4c6cff621c7093d1b24bf29a5c Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 1 May 2017 17:54:05 -0400
Subject: [PATCH 073/200] Fix "error: inlining failed ... target specific
 option mismatch (Issue 407)

---
 config.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config.h b/config.h
index de93eadb..00e580d0 100644
--- a/config.h
+++ b/config.h
@@ -423,7 +423,7 @@ NAMESPACE_END
 	#define CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE 0
 #endif
 
-#if !defined(CRYPTOPP_DISABLE_ASM) && !defined(CRYPTOPP_DISABLE_SSSE3) && !defined(_M_ARM) && (_MSC_VER >= 1500 || (CRYPTOPP_GCC_VERSION >= 50000) || (CRYPTOPP_LLVM_CLANG_VERSION >= 30500) || (defined(__SSSE3__) && defined(__SSSE3__)))
+#if !defined(CRYPTOPP_DISABLE_ASM) && !defined(CRYPTOPP_DISABLE_SSSE3) && !defined(_M_ARM) && (_MSC_VER >= 1500 || (defined(__SSSE3__) && defined(__SSSE3__)))
 	#define CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE 1
 #else
 	#define CRYPTOPP_BOOL_SSSE3_INTRINSICS_AVAILABLE 0

From ca9e788fbfada9c47cb1933c10ddf8d4c8b746c9 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 2 May 2017 18:25:58 -0400
Subject: [PATCH 074/200] Add const GetStream() member function

---
 files.h | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/files.h b/files.h
index 9670a19e..a2bf54b9 100644
--- a/files.h
+++ b/files.h
@@ -59,6 +59,10 @@ public:
 	//! \returns the internal stream pointer
 	std::istream* GetStream() {return m_stream;}
 
+	//! \brief Retrieves the internal stream
+	//! \returns the internal stream pointer
+	const std::istream* GetStream() const {return m_stream;}
+
 	lword MaxRetrievable() const;
 	size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=DEFAULT_CHANNEL, bool blocking=true);
 	size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=DEFAULT_CHANNEL, bool blocking=true) const;

From 2d9678fa6db28598eb9c7f978491327383aa2d3d Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 3 May 2017 21:06:49 -0400
Subject: [PATCH 075/200] Remove BLOCKSIZE from VariableBlockSize (Issue 408)
 VariableBlockSize and VariableBlockCipherImpl were added at Commit
 bd8edfa87b579073. Reflecting on FixedKeyLength and VariableKeyLength, the
 const KEYLENGTH is only provided by FixedKeyLength. VariableKeyLength
 provides DEFAULT_KEYLENGTH. This check-in makes VariableBlockSize follow
 VariableKeyLength. This check-in also splits block size and iv length. Its
 conceivable we will encounter a cipher with a block size of 128-bits with an
 iv of 256-bits. The bd8edfa87b579073 check-in could not handle the
 difference, so we fix it now.

---
 seckey.h | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/seckey.h b/seckey.h
index dcf28fbe..323f4d3e 100644
--- a/seckey.h
+++ b/seckey.h
@@ -125,7 +125,7 @@ class VariableBlockSize
 {
 public:
 	//! \brief The default blocksize for the algorithm provided as a constant.
-	CRYPTOPP_CONSTANT(BLOCKSIZE = D)
+	// CRYPTOPP_CONSTANT(BLOCKSIZE = D)
 	//! \brief The default blocksize for the algorithm provided as a constant.
 	CRYPTOPP_CONSTANT(DEFAULT_BLOCKSIZE = D)
 	//! \brief The minimum blocksize for the algorithm provided as a constant.
@@ -438,13 +438,14 @@ template <class INFO, class BASE = BlockCipher>
 class CRYPTOPP_NO_VTABLE VariableBlockCipherImpl : public AlgorithmImpl<SimpleKeyingInterfaceImpl<TwoBases<BASE, INFO> > >
 {
 public:
-	VariableBlockCipherImpl() : m_blocksize(0) {}
-	VariableBlockCipherImpl(unsigned int blocksize) : m_blocksize(blocksize) {}
+	VariableBlockCipherImpl() : m_blocksize(0), m_ivlength(0) {}
+	VariableBlockCipherImpl(unsigned int blockSize) : m_blocksize(blockSize), m_ivlength(blockSize) {}
+	VariableBlockCipherImpl(unsigned int blockSize, unsigned int ivLength) : m_blocksize(blocksize), m_ivlength(ivLength) {}
 
 	//! Provides the block size of the algorithm
 	//! \returns the block size, in bytes
 	unsigned int BlockSize() const {
-		return m_blocksize ? m_blocksize : this->BLOCKSIZE;
+		return m_blocksize ? m_blocksize : this->DEFAULT_BLOCKSIZE;
 	}
 
 	//! Provides the initialization vector length of the algorithm
@@ -452,11 +453,11 @@ public:
 	unsigned int IVSize() const {
 		if (!this->IsResynchronizable())
 			throw NotImplemented(this->GetAlgorithm().AlgorithmName() + ": this object doesn't support resynchronization");
-		return m_blocksize ? m_blocksize : this->IV_LENGTH;
+		return m_ivlength ? m_ivlength : this->IV_LENGTH;
 	}
 
 protected:
-	unsigned int m_blocksize;
+	unsigned int m_blocksize, m_ivlength;
 };
 
 //! \class BlockCipherFinal

From 7131a0fbb827878a3895bddbde75dc866c6ae0f1 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 3 May 2017 22:34:37 -0400
Subject: [PATCH 076/200] Add VariableBlockSize constants to FixedBlockSize
 This also follows the pattern set forth by FxiedKeyLength and
 VariableKeyLength

---
 seckey.h | 49 +++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 39 insertions(+), 10 deletions(-)

diff --git a/seckey.h b/seckey.h
index 323f4d3e..76d73605 100644
--- a/seckey.h
+++ b/seckey.h
@@ -42,6 +42,29 @@ class FixedBlockSize
 public:
 	//! \brief The block size of the algorithm provided as a constant.
 	CRYPTOPP_CONSTANT(BLOCKSIZE = N)
+	//! \brief The default blocksize for the algorithm provided as a constant.
+	CRYPTOPP_CONSTANT(DEFAULT_BLOCKSIZE = N)
+	//! \brief The minimum blocksize for the algorithm provided as a constant.
+	CRYPTOPP_CONSTANT(MIN_BLOCKSIZE = N)
+	//! \brief The maximum blocksize for the algorithm provided as a constant.
+	CRYPTOPP_CONSTANT(MAX_BLOCKSIZE = N)
+	//! \brief The default block size for the algorithm provided by a static function.
+	//! \param blocksize the block size, in bytes
+	//! \details The default implementation returns BLOCKSIZE. blocksize is unused
+	//!   in the default implementation.
+	CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidBlockSize(size_t blocksize)
+	{
+		return CRYPTOPP_UNUSED(blocksize), static_cast<size_t>(BLOCKSIZE);
+	}
+	//! \brief The default block size under a key provided by a static function.
+	//! \param keylength the size of the key, in bytes
+	//! \param blocksize the block size, in bytes
+	//! \details The default implementation returns BLOCKSIZE. blocksize is unused
+	//!   in the default implementation.
+	CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidBlockSize(size_t keylength, size_t blocksize)
+	{
+		return CRYPTOPP_UNUSED(keylength), CRYPTOPP_UNUSED(blocksize), static_cast<size_t>(BLOCKSIZE);
+	}
 };
 
 // ************** rounds ***************
@@ -124,22 +147,28 @@ template <unsigned int D, unsigned int N=1, unsigned int M=INT_MAX>		// use INT_
 class VariableBlockSize
 {
 public:
-	//! \brief The default blocksize for the algorithm provided as a constant.
-	// CRYPTOPP_CONSTANT(BLOCKSIZE = D)
 	//! \brief The default blocksize for the algorithm provided as a constant.
 	CRYPTOPP_CONSTANT(DEFAULT_BLOCKSIZE = D)
 	//! \brief The minimum blocksize for the algorithm provided as a constant.
 	CRYPTOPP_CONSTANT(MIN_BLOCKSIZE = N)
 	//! \brief The maximum blocksize for the algorithm provided as a constant.
 	CRYPTOPP_CONSTANT(MAX_BLOCKSIZE = M)
-	//! \brief The default blocksize for the algorithm based on key length
-	//!   provided by a static function.
-	//! \param keylength the size of the key, in bytes
-	//! \details keylength is unused in the default implementation.
-	CRYPTOPP_STATIC_CONSTEXPR unsigned int StaticGetDefaultBlockSize(size_t keylength)
+	//! \brief The default block size for the algorithm provided by a static function.
+	//! \param blocksize the block size, in bytes
+	//! \details The default implementation returns BLOCKSIZE. blocksize is unused
+	//!   in the default implementation.
+	CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidBlockSize(size_t blocksize)
 	{
-		return (keylength >= MAX_BLOCKSIZE) ? MAX_BLOCKSIZE :
-			(keylength >= DEFAULT_BLOCKSIZE) ? DEFAULT_BLOCKSIZE : MIN_BLOCKSIZE;
+		return CRYPTOPP_UNUSED(blocksize), static_cast<size_t>(DEFAULT_BLOCKSIZE);
+	}
+	//! \brief The default block size under a key provided by a static function.
+	//! \param keylength the size of the key, in bytes
+	//! \param blocksize the block size, in bytes
+	//! \details The default implementation returns BLOCKSIZE. blocksize is unused
+	//!   in the default implementation.
+	CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidBlockSize(size_t keylength, size_t blocksize)
+	{
+		return CRYPTOPP_UNUSED(keylength), CRYPTOPP_UNUSED(blocksize), static_cast<size_t>(DEFAULT_BLOCKSIZE);
 	}
 
 protected:
@@ -440,7 +469,7 @@ class CRYPTOPP_NO_VTABLE VariableBlockCipherImpl : public AlgorithmImpl<SimpleKe
 public:
 	VariableBlockCipherImpl() : m_blocksize(0), m_ivlength(0) {}
 	VariableBlockCipherImpl(unsigned int blockSize) : m_blocksize(blockSize), m_ivlength(blockSize) {}
-	VariableBlockCipherImpl(unsigned int blockSize, unsigned int ivLength) : m_blocksize(blocksize), m_ivlength(ivLength) {}
+	VariableBlockCipherImpl(unsigned int blockSize, unsigned int ivLength) : m_blocksize(blockSize), m_ivlength(ivLength) {}
 
 	//! Provides the block size of the algorithm
 	//! \returns the block size, in bytes

From 9614307ab7f4a4a420b665ac6c798d80c96cdaad Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 4 May 2017 03:01:07 -0400
Subject: [PATCH 077/200] Add CRYPTOPP_COVERAGE define for 'make coverage'
 recipe

---
 GNUmakefile | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/GNUmakefile b/GNUmakefile
index a7986bd5..5c73b7b7 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -436,6 +436,9 @@ endif # Gold
 
 # GCC code coverage. Issue 'make coverage'.
 ifneq ($(filter coverage,$(MAKECMDGOALS)),)
+ifeq ($(findstring -DCRYPTOPP_COVERAGE,$(CXXFLAGS)),)
+CXXFLAGS += -DCRYPTOPP_COVERAGE
+endif # -coverage
 ifeq ($(findstring -coverage,$(CXXFLAGS)),)
 CXXFLAGS += -coverage
 endif # -coverage
@@ -574,7 +577,7 @@ coverage: libcryptopp.a cryptest.exe
 	./cryptest.exe v
 	./cryptest.exe tv all
 	lcov --base-directory . --directory . -c -o cryptest.info
-	lcov --remove cryptest.info "*test.*" "bench*.cpp" "validat*.*" "/usr/*" -o cryptest.info
+	lcov --remove cryptest.info "fips140.*" "*test.*" "bench*.cpp" "validat*.*" "/usr/*" -o cryptest.info
 	genhtml -o ./TestCoverage/ -t "cryptest.exe test coverage" --num-spaces 4 cryptest.info
 
 .PHONY: test check

From 5c1de7b5a5676a136e00eb2c2a8fcc18aded5bb9 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 4 May 2017 19:11:24 -0400
Subject: [PATCH 078/200] Add variable block size support to test and
 benchmarks CRYPTOPP_COVERAGE was added at 9614307ab7f4a4a4 to increase code
 coverage support. This commit enables additional validation routines when 
 CRYPTOPP_COVERAGE is in effect.

---
 TestVectors/Readme.txt |  6 ++++--
 bench1.cpp             | 11 ++++++++---
 datatest.cpp           | 26 +++++++++++++++-----------
 regtest2.cpp           |  2 ++
 test.cpp               |  9 ++-------
 validat0.cpp           | 10 +++++-----
 validat1.cpp           |  4 ++--
 validat2.cpp           |  2 +-
 validate.h             |  2 +-
 9 files changed, 40 insertions(+), 32 deletions(-)

diff --git a/TestVectors/Readme.txt b/TestVectors/Readme.txt
index 281055f8..df33ee84 100644
--- a/TestVectors/Readme.txt
+++ b/TestVectors/Readme.txt
@@ -57,6 +57,7 @@ PublicElement - the public element when KeyFormat=Component
 PrivateExponent - the private exponent when KeyFormat=Component
 Message - encoded string, message to be signed or verified
 Signature - encoded string, signature to be verified or compared with
+BlockSize - encoded string, block size for vaiable block ciphers
 Plaintext - encoded string
 Ciphertext - encoded string
 Header - encoded string
@@ -79,7 +80,8 @@ Verify - signature/digest/MAC verification should pass
 VerifyTruncated - truncated digest/MAC verification should pass
 NotVerify - signature/digest/MAC verification should not pass
 DeterministicSign - sign message using given seed, and the resulting
-    signature should be equal to the given signature
+    signature should equal the given signature
+Encrypt - plaintext encrypts to ciphertext
+EncryptBlockSize - plaintext encrypts to ciphertext under a key and blocksize
 DecryptMatch - ciphertext decrypts to plaintext
-
 (more to come here)
diff --git a/bench1.cpp b/bench1.cpp
index 4c5de739..f360dad8 100644
--- a/bench1.cpp
+++ b/bench1.cpp
@@ -271,7 +271,6 @@ void BenchMarkKeying(SimpleKeyingInterface &c, size_t keyLength, const NameValue
 template <class T_FactoryOutput, class T_Interface>
 void BenchMarkByName2(const char *factoryName, size_t keyLength = 0, const char *displayName=NULLPTR, const NameValuePairs &params = g_nullNameValuePairs)
 {
-	CRYPTOPP_UNUSED(params);
 	std::string name(factoryName ? factoryName : "");
 	member_ptr<T_FactoryOutput> obj(ObjectFactoryRegistry<T_FactoryOutput>::Registry().CreateObject(name.c_str()));
 
@@ -283,9 +282,10 @@ void BenchMarkByName2(const char *factoryName, size_t keyLength = 0, const char
 	else if (keyLength)
 		name += " (" + IntToString(keyLength * 8) + "-bit key)";
 
-	obj->SetKey(defaultKey, keyLength, CombinedNameValuePairs(params, MakeParameters(Name::IV(), ConstByteArrayParameter(defaultKey, obj->IVSize()), false)));
+	const int blockSize = params.GetIntValueWithDefault(Name::BlockSize(), 0);
+	obj->SetKey(defaultKey, keyLength, CombinedNameValuePairs(params, MakeParameters(Name::IV(), ConstByteArrayParameter(defaultKey, blockSize ? blockSize : obj->IVSize()), false)));
 	BenchMark(name.c_str(), *static_cast<T_Interface *>(obj.get()), g_allocatedTime);
-	BenchMarkKeying(*obj, keyLength, CombinedNameValuePairs(params, MakeParameters(Name::IV(), ConstByteArrayParameter(defaultKey, obj->IVSize()), false)));
+	BenchMarkKeying(*obj, keyLength, CombinedNameValuePairs(params, MakeParameters(Name::IV(), ConstByteArrayParameter(defaultKey, blockSize ? blockSize : obj->IVSize()), false)));
 }
 
 template <class T_FactoryOutput>
@@ -559,6 +559,11 @@ void Benchmark2(double t, double hertz)
 		BenchMarkByName<SymmetricCipher>("CAST-128/CTR");
 		BenchMarkByName<SymmetricCipher>("SKIPJACK/CTR");
 		BenchMarkByName<SymmetricCipher>("SEED/CTR", 0, "SEED/CTR (1/2 K table)");
+//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 16, "Kalyna-128(128)", MakeParameters(Name::BlockSize(), 16));
+//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-256(128)", MakeParameters(Name::BlockSize(), 16));
+//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-256(256)", MakeParameters(Name::BlockSize(), 32));
+//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-512(256)", MakeParameters(Name::BlockSize(), 32));
+//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-512(512)", MakeParameters(Name::BlockSize(), 64));
 	}
 
 	std::cout << "\n<TBODY style=\"background: yellow;\">";
diff --git a/datatest.cpp b/datatest.cpp
index 90c6a1df..94a45149 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -363,7 +363,7 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 	TestDataNameValuePairs testDataPairs(v);
 	CombinedNameValuePairs pairs(overrideParameters, testDataPairs);
 
-	if (test == "Encrypt" || test == "EncryptXorDigest" || test == "Resync" || test == "EncryptionMCT" || test == "DecryptionMCT")
+	if (test == "Encrypt" || test == "EncryptBlockSize" || test == "EncryptXorDigest" || test == "Resync" || test == "EncryptionMCT" || test == "DecryptionMCT")
 	{
 		static member_ptr<SymmetricCipher> encryptor, decryptor;
 		static std::string lastName;
@@ -375,8 +375,12 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 			lastName = name;
 		}
 
+		int blockSize = 0;
+		if (test == "EncryptBlockSize" && !pairs.GetValue(Name::BlockSize(), blockSize))
+			SignalTestFailure();
+
 		ConstByteArrayParameter iv;
-		if (pairs.GetValue(Name::IV(), iv) && iv.size() != encryptor->IVSize())
+		if (pairs.GetValue(Name::IV(), iv) && iv.size() != encryptor->IVSize() && iv.size() != blockSize)
 			SignalTestFailure();
 
 		if (test == "Resync")
@@ -427,7 +431,7 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 			ciphertext = GetDecodedDatum(v, test == "EncryptionMCT" ? "Ciphertext" : "Plaintext");
 			if (encrypted != ciphertext)
 			{
-				std::cout << "incorrectly encrypted: ";
+				std::cout << "\nincorrectly encrypted: ";
 				StringSource xx(encrypted, false, new HexEncoder(new FileSink(std::cout)));
 				xx.Pump(256); xx.Flush(false);
 				std::cout << "\n";
@@ -459,7 +463,7 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 		}
 		if (test != "EncryptXorDigest" ? encrypted != ciphertext : xorDigest != ciphertextXorDigest)
 		{
-			std::cout << "incorrectly encrypted: ";
+			std::cout << "\nincorrectly encrypted: ";
 			StringSource xx(encrypted, false, new HexEncoder(new FileSink(std::cout)));
 			xx.Pump(2048); xx.Flush(false);
 			std::cout << "\n";
@@ -471,7 +475,7 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 		decFilter.MessageEnd();
 		if (decrypted != plaintext)
 		{
-			std::cout << "incorrectly decrypted: ";
+			std::cout << "\nincorrectly decrypted: ";
 			StringSource xx(decrypted, false, new HexEncoder(new FileSink(std::cout)));
 			xx.Pump(256); xx.Flush(false);
 			std::cout << "\n";
@@ -480,7 +484,7 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 	}
 	else
 	{
-		std::cout << "unexpected test name\n";
+		std::cout << "\nunexpected test name\n";
 		SignalTestError();
 	}
 }
@@ -538,7 +542,7 @@ void TestAuthenticatedSymmetricCipher(TestData &v, const NameValuePairs &overrid
 
 		if (test == "Encrypt" && encrypted != ciphertext+mac)
 		{
-			std::cout << "incorrectly encrypted: ";
+			std::cout << "\nincorrectly encrypted: ";
 			StringSource xx(encrypted, false, new HexEncoder(new FileSink(std::cout)));
 			xx.Pump(2048); xx.Flush(false);
 			std::cout << "\n";
@@ -546,7 +550,7 @@ void TestAuthenticatedSymmetricCipher(TestData &v, const NameValuePairs &overrid
 		}
 		if (test == "Encrypt" && decrypted != plaintext)
 		{
-			std::cout << "incorrectly decrypted: ";
+			std::cout << "\nincorrectly decrypted: ";
 			StringSource xx(decrypted, false, new HexEncoder(new FileSink(std::cout)));
 			xx.Pump(256); xx.Flush(false);
 			std::cout << "\n";
@@ -555,18 +559,18 @@ void TestAuthenticatedSymmetricCipher(TestData &v, const NameValuePairs &overrid
 
 		if (ciphertext.size()+mac.size()-plaintext.size() != asc1->DigestSize())
 		{
-			std::cout << "bad MAC size\n";
+			std::cout << "\nbad MAC size\n";
 			SignalTestFailure();
 		}
 		if (df.GetLastResult() != (test == "Encrypt"))
 		{
-			std::cout << "MAC incorrectly verified\n";
+			std::cout << "\nMAC incorrectly verified\n";
 			SignalTestFailure();
 		}
 	}
 	else
 	{
-		std::cout << "unexpected test name\n";
+		std::cout << "\nunexpected test name\n";
 		SignalTestError();
 	}
 }
diff --git a/regtest2.cpp b/regtest2.cpp
index 72cbe909..6a37226e 100644
--- a/regtest2.cpp
+++ b/regtest2.cpp
@@ -134,6 +134,8 @@ void RegisterFactories2()
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Blowfish> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SEED> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<SEED> >();
+//	RegisterSymmetricCipherDefaultFactories<ECB_Mode<Kalyna> >();  // Test Vectors
+//	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Kalyna> >();  // Benchmarks
 
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA1> >();
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA256> >();
diff --git a/test.cpp b/test.cpp
index 72fda0d7..714f70c6 100644
--- a/test.cpp
+++ b/test.cpp
@@ -25,7 +25,6 @@
 #include "stdcpp.h"
 #include "ossig.h"
 #include "trap.h"
-#include "aria.h"
 
 #include "validate.h"
 #include "bench.h"
@@ -181,10 +180,6 @@ int CRYPTOPP_API main(int argc, char *argv[])
 	_CrtSetDbgFlag( tempflag );
 #endif
 
-#if defined(__MWERKS__) && defined(macintosh)
-	argc = ccommand(&argv);
-#endif
-
 	try
 	{
 		RegisterFactories(Test::All);
@@ -462,7 +457,7 @@ int CRYPTOPP_API main(int argc, char *argv[])
 		std::cout << "\nstd::exception caught: " << e.what() << std::endl;
 		return -2;
 	}
-} // End main()
+} // main()
 
 void FIPS140_GenerateRandomFiles()
 {
@@ -994,7 +989,7 @@ bool Validate(int alg, bool thorough, const char *seedInput)
 	case 78: result = Test::ValidateHashDRBG(); break;
 	case 79: result = Test::ValidateHmacDRBG(); break;
 
-#if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_IMPORTS)
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 	// http://github.com/weidai11/cryptopp/issues/92
 	case 9999: result = Test::TestSecBlock(); break;
 	// http://github.com/weidai11/cryptopp/issues/64
diff --git a/validat0.cpp b/validat0.cpp
index 933f78ef..fd533df7 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -24,7 +24,7 @@
 NAMESPACE_BEGIN(CryptoPP)
 NAMESPACE_BEGIN(Test)
 
-#if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_IMPORTS)
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 bool TestRounding()
 {
 	std::cout << "\nTesting RoundUpToMultipleOf/RoundDownToMultipleOf...\n\n";
@@ -470,7 +470,7 @@ bool TestRounding()
 }
 #endif
 
-#if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_IMPORTS)
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 struct ASN1_TestTuple
 {
 	int disposition;
@@ -721,7 +721,7 @@ bool TestASN1Parse()
 }
 #endif
 
-#if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_IMPORTS)
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 bool TestSecBlock()
 {
 	std::cout << "\nTesting SecBlock...\n\n";
@@ -1685,7 +1685,7 @@ bool TestSecBlock()
 }
 #endif
 
-#if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_IMPORTS)
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 bool TestHuffmanCodes()
 {
     std::cout << "\nTesting Huffman codes...\n\n";
@@ -1723,7 +1723,7 @@ bool TestHuffmanCodes()
 }
 #endif
 
-#if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_IMPORTS)
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 bool TestIntegerBitops()
 {
     std::cout << "\nTesting Integer bitops...\n\n";
diff --git a/validat1.cpp b/validat1.cpp
index 5b6c5bc0..be82172b 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -78,7 +78,7 @@ bool ValidateAll(bool thorough)
 	pass=TestRDSEED() && pass;
 #endif
 
-#if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_IMPORTS)
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 	// http://github.com/weidai11/cryptopp/issues/92
 	pass=TestSecBlock() && pass;
 	// http://github.com/weidai11/cryptopp/issues/336
@@ -229,7 +229,7 @@ bool TestSettings()
 		pass = false;
 	}
 
-#if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_IMPORTS)
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 	// App and library versions, http://github.com/weidai11/cryptopp/issues/371
 	const int v1 = LibraryVersion();
 	const int v2 = HeaderVersion();
diff --git a/validat2.cpp b/validat2.cpp
index 1c039001..287d9b0f 100644
--- a/validat2.cpp
+++ b/validat2.cpp
@@ -793,7 +793,7 @@ bool ValidateBlumGoldwasser()
 }
 */
 
-#if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_IMPORTS)
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 // Issue 64: "PolynomialMod2::operator<<=", http://github.com/weidai11/cryptopp/issues/64
 bool TestPolynomialMod2()
 {
diff --git a/validate.h b/validate.h
index b9e8a029..094aaf96 100644
--- a/validate.h
+++ b/validate.h
@@ -107,7 +107,7 @@ bool ValidateESIGN();
 bool ValidateHashDRBG();
 bool ValidateHmacDRBG();
 
-#if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_IMPORTS)
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 // http://github.com/weidai11/cryptopp/issues/92
 bool TestSecBlock();
 // http://github.com/weidai11/cryptopp/issues/64

From c1377b29550ddd336dde7285c82aff86bec8e7fa Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 5 May 2017 17:21:08 -0400
Subject: [PATCH 079/200] Add additional self tests under debug builds

---
 GNUmakefile  |    2 +-
 validat0.cpp | 4064 ++++++++++++++++++++++++++------------------------
 validat1.cpp |    8 +
 validate.h   |    8 +
 4 files changed, 2166 insertions(+), 1916 deletions(-)

diff --git a/GNUmakefile b/GNUmakefile
index 5c73b7b7..cc1d466c 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -577,7 +577,7 @@ coverage: libcryptopp.a cryptest.exe
 	./cryptest.exe v
 	./cryptest.exe tv all
 	lcov --base-directory . --directory . -c -o cryptest.info
-	lcov --remove cryptest.info "fips140.*" "*test.*" "bench*.cpp" "validat*.*" "/usr/*" -o cryptest.info
+	lcov --remove cryptest.info "adhoc.cpp" "wait.*" "network.*" "socketft.*" "fips140.*" "*test.*" "bench*.cpp" "validat*.*" "/usr/*" -o cryptest.info
 	genhtml -o ./TestCoverage/ -t "cryptest.exe test coverage" --num-spaces 4 cryptest.info
 
 .PHONY: test check
diff --git a/validat0.cpp b/validat0.cpp
index fd533df7..ae8c8fc7 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -8,6 +8,9 @@
 #include "zdeflate.h"
 #include "filters.h"
 #include "stdcpp.h"
+#include "default.h"
+#include "zinflate.h"
+#include "gzip.h"
 #include "hex.h"
 #include "asn.h"
 
@@ -25,1663 +28,1894 @@ NAMESPACE_BEGIN(CryptoPP)
 NAMESPACE_BEGIN(Test)
 
 #if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+bool TestGzip()
+{
+    std::cout << "\nTesting Gzip and Gunzip...\n\n";
+    bool fail = false;
+
+    try
+    {
+        for (unsigned int i=0; i<128; ++i)
+        {
+            std::string src, dest, rec;
+            unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+
+            src.resize(len);
+            GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+            StringSource(src, true, new Gzip(new StringSink(dest)));
+            StringSource(dest, true, new Gunzip(new StringSink(rec)));
+            if (src != rec)
+                throw Exception(Exception::OTHER_ERROR, "Gzip failed a self test");
+        }
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
+
+    if (!fail)
+       std::cout << "passed:   ";
+    else
+       std::cout << "FAILED:   ";
+    std::cout << "128 zip and unzip" << std::endl;
+
+    return !fail;
+}
+
+bool TestZinflate()
+{
+    std::cout << "\nTesting Deflate and Inflate...\n\n";
+    bool fail = false;
+
+    try
+    {
+        for (unsigned int i=0; i<128; ++i)
+        {
+            std::string src, dest, rec;
+            unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+
+            src.resize(len);
+            GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+            StringSource(src, true, new Deflator(new StringSink(dest)));
+            StringSource(dest, true, new Inflator(new StringSink(rec)));
+            if (src != rec)
+                throw Exception(Exception::OTHER_ERROR, "Inflate failed a self test");
+        }
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
+
+    if (!fail)
+       std::cout << "passed:   ";
+    else
+       std::cout << "FAILED:   ";
+    std::cout << "128 deflate and inflate" << std::endl;
+
+    return !fail;
+}
+
+bool TestMersenne()
+{
+    return true;
+}
+
+bool TestDefaultEncryptor()
+{
+    std::cout << "\nTesting DefaultEncryptor...\n\n";
+    bool fail = false;
+
+    try
+    {
+        for (unsigned int i=0; i<128; ++i)
+        {
+            std::string pwd, src, dest, rec;
+            unsigned int len = (GlobalRNG().GenerateWord32() & 0xffff) + 8;
+
+            src.resize(len);
+            GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+            HexEncoder encoder(new StringSink(pwd));
+            encoder.Put(reinterpret_cast<byte*>(&src[0]), src.length()/4);
+            encoder.MessageEnd();
+
+            StringSource(src, true, new DefaultEncryptor(pwd.c_str(), new StringSink(dest)));
+            StringSource(dest, true, new DefaultDecryptor(pwd.c_str(), new StringSink(rec)));
+            if (src != rec)
+                throw Exception(Exception::OTHER_ERROR, "DefaultEncryptor failed a self test");
+        }
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
+
+    if (!fail)
+       std::cout << "passed:   ";
+    else
+       std::cout << "FAILED:   ";
+    std::cout << "128 default encryptions and decryptions" << std::endl;
+
+    return !fail;
+}
+
+bool TestDefaultEncryptorWithMAC()
+{
+    std::cout << "\nTesting DefaultEncryptorWithMAC...\n\n";
+    bool fail = false;
+
+    try
+    {
+        for (unsigned int i=0; i<128; ++i)
+        {
+            std::string pwd, src, dest, rec;
+            unsigned int len = (GlobalRNG().GenerateWord32() & 0xffff) + 8;
+
+            src.resize(len);
+            GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+            HexEncoder encoder(new StringSink(pwd));
+            encoder.Put(reinterpret_cast<byte*>(&src[0]), src.length()/4);
+            encoder.MessageEnd();
+
+            StringSource(src, true, new DefaultEncryptorWithMAC(pwd.c_str(),new StringSink(dest)));
+            StringSource(dest, true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
+            if (src != rec)
+                throw Exception(Exception::OTHER_ERROR, "DefaultEncryptorWithMAC failed a self test");
+        }
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
+
+    if (!fail)
+       std::cout << "passed:   ";
+    else
+       std::cout << "FAILED:   ";
+    std::cout << "128 default encryptions and decryptions with MAC" << std::endl;
+
+    return !fail;
+}
+
+bool TestLegacyEncryptor()
+{
+    std::cout << "\nTesting LegacyEncryptor...\n\n";
+    bool fail = false;
+
+    try
+    {
+        for (unsigned int i=0; i<128; ++i)
+        {
+            std::string pwd, src, dest, rec;
+            unsigned int len = (GlobalRNG().GenerateWord32() & 0xffff) + 8;
+
+            src.resize(len);
+            GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+            HexEncoder encoder(new StringSink(pwd));
+            encoder.Put(reinterpret_cast<byte*>(&src[0]), src.length()/4);
+            encoder.MessageEnd();
+
+            StringSource(src, true, new LegacyEncryptor(pwd.c_str(),new StringSink(dest)));
+            StringSource(dest, true, new LegacyDecryptor(pwd.c_str(),new StringSink(rec)));
+            if (src != rec)
+                throw Exception(Exception::OTHER_ERROR, "LegacyEncryptor failed a self test");
+        }
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
+
+    if (!fail)
+       std::cout << "passed:   ";
+    else
+       std::cout << "FAILED:   ";
+    std::cout << "128 legacy encryptions and decryptions" << std::endl;
+
+    return !fail;
+}
+
+bool TestLegacyEncryptorWithMAC()
+{
+    std::cout << "\nTesting LegacyEncryptorWithMAC...\n\n";
+    bool fail = false;
+
+    try
+    {
+        for (unsigned int i=0; i<128; ++i)
+        {
+            std::string pwd, src, dest, rec;
+            unsigned int len = (GlobalRNG().GenerateWord32() & 0xffff) + 8;
+
+            src.resize(len);
+            GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+            HexEncoder encoder(new StringSink(pwd));
+            encoder.Put(reinterpret_cast<byte*>(&src[0]), src.length()/4);
+            encoder.MessageEnd();
+
+            StringSource(src, true, new LegacyEncryptorWithMAC(pwd.c_str(), new StringSink(dest)));
+            StringSource(dest, true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
+            if (src != rec)
+                throw Exception(Exception::OTHER_ERROR, "LegacyEncryptorWithMAC failed a self test");
+        }
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
+
+    if (!fail)
+       std::cout << "passed:   ";
+    else
+       std::cout << "FAILED:   ";
+    std::cout << "128 legacy encryptions and decryptions with MAC" << std::endl;
+
+    return !fail;
+}
+
 bool TestRounding()
 {
-	std::cout << "\nTesting RoundUpToMultipleOf/RoundDownToMultipleOf...\n\n";
-	bool pass=true, fail;
+    std::cout << "\nTesting RoundUpToMultipleOf/RoundDownToMultipleOf...\n\n";
+    bool pass=true, fail;
 
-	// ********** byte **********//
-	try
-	{
-		const byte v=0, b=0x08;
-		byte r=RoundUpToMultipleOf(v, b);
-		fail = (r != v);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    // ********** byte **********//
+    try
+    {
+        const byte v=0, b=0x08;
+        byte r=RoundUpToMultipleOf(v, b);
+        fail = (r != v);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
 
-	try
-	{
-		const byte v=1, b=0x08;
-		byte r=RoundUpToMultipleOf(v, b);
-		fail = (r != b);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const byte v=1, b=0x08;
+        byte r=RoundUpToMultipleOf(v, b);
+        fail = (r != b);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
 
-	try
-	{
-		const byte v=0x08, b=0x08;
-		byte r=RoundUpToMultipleOf(v, b);
-		fail = (r != v);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const byte v=0x08, b=0x08;
+        byte r=RoundUpToMultipleOf(v, b);
+        fail = (r != v);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
 
-	try
-	{
-		const byte v=0xf7, b=0x08;
-		byte r=RoundUpToMultipleOf(v, b);
-		fail = (r != 0xf8);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const byte v=0xf7, b=0x08;
+        byte r=RoundUpToMultipleOf(v, b);
+        fail = (r != 0xf8);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
 
-	try
-	{
-		const byte v=0xf8, b=0x08;
-		byte r=RoundUpToMultipleOf(v, b);
-		fail = (r != 0xf8);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const byte v=0xf8, b=0x08;
+        byte r=RoundUpToMultipleOf(v, b);
+        fail = (r != 0xf8);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
 
-	try
-	{
-		const byte v=0xf9, b=0x08;
-		byte r=RoundUpToMultipleOf(v, b);
-		CRYPTOPP_UNUSED(r);
-		fail = true;
-	}
-	catch(const Exception&)
-	{
-		fail = false;
-	}
+    try
+    {
+        const byte v=0xf9, b=0x08;
+        byte r=RoundUpToMultipleOf(v, b);
+        CRYPTOPP_UNUSED(r);
+        fail = true;
+    }
+    catch(const Exception&)
+    {
+        fail = false;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, overflow\n";
 
-	// ********** word16 **********//
-	try
-	{
-		const word16 v=0, b=0x08;
-		word16 r=RoundUpToMultipleOf(v, b);
-		fail = (r != v);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    // ********** word16 **********//
+    try
+    {
+        const word16 v=0, b=0x08;
+        word16 r=RoundUpToMultipleOf(v, b);
+        fail = (r != v);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
 
-	try
-	{
-		const word16 v=1, b=0x08;
-		word16 r=RoundUpToMultipleOf(v, b);
-		fail = (r != b);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word16 v=1, b=0x08;
+        word16 r=RoundUpToMultipleOf(v, b);
+        fail = (r != b);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
 
-	try
-	{
-		const word16 v=0x08, b=0x08;
-		word16 r=RoundUpToMultipleOf(v, b);
-		fail = (r != v);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word16 v=0x08, b=0x08;
+        word16 r=RoundUpToMultipleOf(v, b);
+        fail = (r != v);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
 
-	try
-	{
-		const word16 v=0xfff7, b=0x08;
-		word16 r=RoundUpToMultipleOf(v, b);
-		fail = (r != 0xfff8);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word16 v=0xfff7, b=0x08;
+        word16 r=RoundUpToMultipleOf(v, b);
+        fail = (r != 0xfff8);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
 
-	try
-	{
-		const word16 v=0xfff8, b=0x08;
-		word16 r=RoundUpToMultipleOf(v, b);
-		fail = (r != 0xfff8);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word16 v=0xfff8, b=0x08;
+        word16 r=RoundUpToMultipleOf(v, b);
+        fail = (r != 0xfff8);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
 
-	try
-	{
-		const word16 v=0xfff9, b=0x08;
-		word16 r=RoundUpToMultipleOf(v, b);
-		CRYPTOPP_UNUSED(r);
-		fail = true;
-	}
-	catch(const Exception&)
-	{
-		fail = false;
-	}
+    try
+    {
+        const word16 v=0xfff9, b=0x08;
+        word16 r=RoundUpToMultipleOf(v, b);
+        CRYPTOPP_UNUSED(r);
+        fail = true;
+    }
+    catch(const Exception&)
+    {
+        fail = false;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, overflow\n";
 
-	// ********** word32 **********//
-	try
-	{
-		const word32 v=0, b=0x08;
-		word32 r=RoundUpToMultipleOf(v, b);
-		fail = (r != v);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    // ********** word32 **********//
+    try
+    {
+        const word32 v=0, b=0x08;
+        word32 r=RoundUpToMultipleOf(v, b);
+        fail = (r != v);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
 
-	try
-	{
-		const word32 v=1, b=0x08;
-		word32 r=RoundUpToMultipleOf(v, b);
-		fail = (r != b);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word32 v=1, b=0x08;
+        word32 r=RoundUpToMultipleOf(v, b);
+        fail = (r != b);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
 
-	try
-	{
-		const word32 v=0x08, b=0x08;
-		word32 r=RoundUpToMultipleOf(v, b);
-		fail = (r != v);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word32 v=0x08, b=0x08;
+        word32 r=RoundUpToMultipleOf(v, b);
+        fail = (r != v);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
 
-	try
-	{
-		const word32 v=0xfffffff7, b=0x08;
-		word32 r=RoundUpToMultipleOf(v, b);
-		fail = (r != 0xfffffff8);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word32 v=0xfffffff7, b=0x08;
+        word32 r=RoundUpToMultipleOf(v, b);
+        fail = (r != 0xfffffff8);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
 
-	try
-	{
-		const word32 v=0xfffffff8, b=0x08;
-		word32 r=RoundUpToMultipleOf(v, b);
-		fail = (r != 0xfffffff8);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word32 v=0xfffffff8, b=0x08;
+        word32 r=RoundUpToMultipleOf(v, b);
+        fail = (r != 0xfffffff8);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
 
-	try
-	{
-		const word32 v=0xfffffff9, b=0x08;
-		word32 r=RoundUpToMultipleOf(v, b);
-		CRYPTOPP_UNUSED(r);
-		fail = true;
-	}
-	catch(const Exception&)
-	{
-		fail = false;
-	}
+    try
+    {
+        const word32 v=0xfffffff9, b=0x08;
+        word32 r=RoundUpToMultipleOf(v, b);
+        CRYPTOPP_UNUSED(r);
+        fail = true;
+    }
+    catch(const Exception&)
+    {
+        fail = false;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, overflow\n";
 
-	// ********** word64 **********//
-	try
-	{
-		const word64 v=0, b=0x08;
-		word64 r=RoundUpToMultipleOf(v, b);
-		fail = (r != v);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    // ********** word64 **********//
+    try
+    {
+        const word64 v=0, b=0x08;
+        word64 r=RoundUpToMultipleOf(v, b);
+        fail = (r != v);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
 
-	try
-	{
-		const word64 v=1, b=0x08;
-		word64 r=RoundUpToMultipleOf(v, b);
-		fail = (r != b);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word64 v=1, b=0x08;
+        word64 r=RoundUpToMultipleOf(v, b);
+        fail = (r != b);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
 
-	try
-	{
-		const word64 v=0x08, b=0x08;
-		word64 r=RoundUpToMultipleOf(v, b);
-		fail = (r != v);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word64 v=0x08, b=0x08;
+        word64 r=RoundUpToMultipleOf(v, b);
+        fail = (r != v);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
 
-	try
-	{
-		const word64 v=W64LIT(0xffffffffffffff7), b=0x08;
-		word64 r=RoundUpToMultipleOf(v, b);
-		fail = (r != W64LIT(0xffffffffffffff8));
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word64 v=W64LIT(0xffffffffffffff7), b=0x08;
+        word64 r=RoundUpToMultipleOf(v, b);
+        fail = (r != W64LIT(0xffffffffffffff8));
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
 
-	try
-	{
-		const word64 v=W64LIT(0xffffffffffffff8), b=0x08;
-		word64 r=RoundUpToMultipleOf(v, b);
-		fail = (r != W64LIT(0xffffffffffffff8));
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word64 v=W64LIT(0xffffffffffffff8), b=0x08;
+        word64 r=RoundUpToMultipleOf(v, b);
+        fail = (r != W64LIT(0xffffffffffffff8));
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
 
-	try
-	{
-		const word64 v=W64LIT(0xfffffffffffffff9), b=0x08;
-		word64 r=RoundUpToMultipleOf(v, b);
-		CRYPTOPP_UNUSED(r);
-		fail = true;
-	}
-	catch(const Exception&)
-	{
-		fail = false;
-	}
+    try
+    {
+        const word64 v=W64LIT(0xfffffffffffffff9), b=0x08;
+        word64 r=RoundUpToMultipleOf(v, b);
+        CRYPTOPP_UNUSED(r);
+        fail = true;
+    }
+    catch(const Exception&)
+    {
+        fail = false;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, overflow\n";
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
-	// ********** word128 **********//
-	try
-	{
-		const word128 v=0, b=0x08;
-		word128 r=RoundUpToMultipleOf(v, b);
-		fail = (r != v);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    // ********** word128 **********//
+    try
+    {
+        const word128 v=0, b=0x08;
+        word128 r=RoundUpToMultipleOf(v, b);
+        fail = (r != v);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
 
-	try
-	{
-		const word128 v=1, b=0x08;
-		word128 r=RoundUpToMultipleOf(v, b);
-		fail = (r != b);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word128 v=1, b=0x08;
+        word128 r=RoundUpToMultipleOf(v, b);
+        fail = (r != b);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
 
-	try
-	{
-		const word128 v=0x08, b=0x08;
-		word128 r=RoundUpToMultipleOf(v, b);
-		fail = (r != v);
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word128 v=0x08, b=0x08;
+        word128 r=RoundUpToMultipleOf(v, b);
+        fail = (r != v);
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
 
-	try
-	{
-		// http://stackoverflow.com/q/31461318/608639
-		const word128 h = ((word128)W64LIT(0xffffffffffffffff)) << 64U;
-		const word128 v = h | (word128)W64LIT(0xfffffffffffffff7), b=0x08;
-		word128 r=RoundUpToMultipleOf(v, b);
-		fail = (r != (h | (word128)W64LIT(0xfffffffffffffff8)));
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        // http://stackoverflow.com/q/31461318/608639
+        const word128 h = ((word128)W64LIT(0xffffffffffffffff)) << 64U;
+        const word128 v = h | (word128)W64LIT(0xfffffffffffffff7), b=0x08;
+        word128 r=RoundUpToMultipleOf(v, b);
+        fail = (r != (h | (word128)W64LIT(0xfffffffffffffff8)));
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
 
-	try
-	{
-		const word128 h = ((word128)W64LIT(0xffffffffffffffff)) << 64U;
-		const word128 v = h | (word128)W64LIT(0xfffffffffffffff8), b=0x08;
-		word128 r=RoundUpToMultipleOf(v, b);
-		fail = (r != (h | (word128)W64LIT(0xfffffffffffffff8)));
-	}
-	catch(const Exception&)
-	{
-		fail = true;
-	}
+    try
+    {
+        const word128 h = ((word128)W64LIT(0xffffffffffffffff)) << 64U;
+        const word128 v = h | (word128)W64LIT(0xfffffffffffffff8), b=0x08;
+        word128 r=RoundUpToMultipleOf(v, b);
+        fail = (r != (h | (word128)W64LIT(0xfffffffffffffff8)));
+    }
+    catch(const Exception&)
+    {
+        fail = true;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
 
-	try
-	{
-		const word128 h = ((word128)W64LIT(0xffffffffffffffff)) << 64U;
-		const word128 v = h | (word128)W64LIT(0xfffffffffffffff9), b=0x08;
-		word128 r=RoundUpToMultipleOf(v, b);
-		CRYPTOPP_UNUSED(r);
-		fail = true;
-	}
-	catch(const Exception&)
-	{
-		fail = false;
-	}
+    try
+    {
+        const word128 h = ((word128)W64LIT(0xffffffffffffffff)) << 64U;
+        const word128 v = h | (word128)W64LIT(0xfffffffffffffff9), b=0x08;
+        word128 r=RoundUpToMultipleOf(v, b);
+        CRYPTOPP_UNUSED(r);
+        fail = true;
+    }
+    catch(const Exception&)
+    {
+        fail = false;
+    }
 
-	pass = !fail && pass;
-	std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, overflow\n";
+    pass = !fail && pass;
+    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, overflow\n";
 #endif
 
-	return pass;
+    return pass;
 }
 #endif
 
 #if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 struct ASN1_TestTuple
 {
-	int disposition;
-	int identifier;
-	const char* name;
-	const char* data;
-	size_t len;
+    int disposition;
+    int identifier;
+    const char* name;
+    const char* data;
+    size_t len;
 };
 
 bool RunASN1TestSet(const ASN1_TestTuple asnTuples[], size_t count)
 {
-	bool pass=true, fail;
+    bool pass=true, fail;
 
-	// Disposition
-	enum {REJECT=3, ACCEPT=4};
+    // Disposition
+    enum {REJECT=3, ACCEPT=4};
 
-	for(size_t i=0; i<count; i++)
-	{
-		const ASN1_TestTuple & thisTest = asnTuples[i];
-		ArraySource as1((const byte*)thisTest.data, thisTest.len, true);
-		ArraySource as2((const byte*)thisTest.data, thisTest.len, true);
+    for(size_t i=0; i<count; i++)
+    {
+        const ASN1_TestTuple & thisTest = asnTuples[i];
+        ArraySource as1((const byte*)thisTest.data, thisTest.len, true);
+        ArraySource as2((const byte*)thisTest.data, thisTest.len, true);
 
-		SecByteBlock unused1;
-		std::string unused2;
-		unsigned int unused3;
-		word32 unused4;
-		word64 unused5;
+        SecByteBlock unused1;
+        std::string unused2;
+        unsigned int unused3;
+        word32 unused4;
+        word64 unused5;
 
-		// Reporting
-		std::string val;
-		HexEncoder encoder(new StringSink(val));
-		encoder.Put((const byte*)thisTest.data, thisTest.len);
-		encoder.MessageEnd();
+        // Reporting
+        std::string val;
+        HexEncoder encoder(new StringSink(val));
+        encoder.Put((const byte*)thisTest.data, thisTest.len);
+        encoder.MessageEnd();
 
-		try
-		{
-			int tag = thisTest.identifier;
-			switch (tag)
-			{
-				case BIT_STRING:
-					BERDecodeBitString(as1, unused1, unused3);
-					break;
+        try
+        {
+            int tag = thisTest.identifier;
+            switch (tag)
+            {
+                case BIT_STRING:
+                    BERDecodeBitString(as1, unused1, unused3);
+                    break;
 
-				case OCTET_STRING:
-					BERDecodeOctetString(as1, unused1);
-					break;
+                case OCTET_STRING:
+                    BERDecodeOctetString(as1, unused1);
+                    break;
 
-				case INTEGER:
-					BERDecodeUnsigned(as1, unused4);
-					BERDecodeUnsigned<word64>(as2, unused5, byte(INTEGER), 0, W64LIT(0xffffffffffffffff));
-					break;
+                case INTEGER:
+                    BERDecodeUnsigned(as1, unused4);
+                    BERDecodeUnsigned<word64>(as2, unused5, byte(INTEGER), 0, W64LIT(0xffffffffffffffff));
+                    break;
 
-				case UTF8_STRING: case PRINTABLE_STRING: case IA5_STRING:
-					BERDecodeTextString(as1, unused2, (byte)tag);
-					break;
+                case UTF8_STRING: case PRINTABLE_STRING: case IA5_STRING:
+                    BERDecodeTextString(as1, unused2, (byte)tag);
+                    break;
 
-				default:
-					BERGeneralDecoder(as1, (byte)tag);
-					break;
-			}
+                default:
+                    BERGeneralDecoder(as1, (byte)tag);
+                    break;
+            }
 
-			fail = !(thisTest.disposition == ACCEPT);
-		}
-		catch(const Exception&)
-		{
-			fail = !(thisTest.disposition == REJECT);
-		}
+            fail = !(thisTest.disposition == ACCEPT);
+        }
+        catch(const Exception&)
+        {
+            fail = !(thisTest.disposition == REJECT);
+        }
 
-		std::cout << (fail ? "FAILED:   " : "passed:   ") << (thisTest.disposition == ACCEPT ? "accept " : "reject ");
-		std::cout << asnTuples[i].name << " " << val << "\n";
-		pass = !fail && pass;
-	}
+        std::cout << (fail ? "FAILED:   " : "passed:   ") << (thisTest.disposition == ACCEPT ? "accept " : "reject ");
+        std::cout << asnTuples[i].name << " " << val << "\n";
+        pass = !fail && pass;
+    }
 
-	return pass;
+    return pass;
 }
 
 bool TestASN1Parse()
 {
-	std::cout << "\nTesting ASN.1 parser...\n\n";
+    std::cout << "\nTesting ASN.1 parser...\n\n";
 
-	bool pass = true;
+    bool pass = true;
 
-	// Disposition
-	enum {REJECT=3, ACCEPT=4};
+    // Disposition
+    enum {REJECT=3, ACCEPT=4};
 
-	// All the types Crypto++ recognizes.
-	//   "C" is one content octet with value 0x43.
-	static const ASN1_TestTuple bitStrings[] =
-	{
-		// The first "\x00" content octet is the "initial octet" representing unused bits. In the
-		//   primitive encoding form, there may be zero, one or more contents after the initial octet.
-		{ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x01" "\x00", 3},  // definite length, short form, initial octet, zero subsequent octets
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x01" "\x08", 3},  // definite length, short form, initial octet, zero subsequent octets
-		{ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x02" "\x00" "C", 4},  // definite length, short form, expected subsequent octets
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x02" "\x08" "C", 4},  // too many unused bits
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x7F" "\x00" "C", 4},  // runt or underrun
-		{ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x81\x01" "\x00", 4},  // definite length, long form, initial octet, zero subsequent octets
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x81\x01" "\x08", 4},  // definite length, long form, initial octet, zero subsequent octets
-		{ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x81\x02" "\x00" "C", 5},  // definite length, long form
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x81\x02" "\x08" "C", 5},  // too many unused bits
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x81\xff" "\x00" "C", 5},  // runt or underrun
-		{ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x82\x00\x02" "\x00" "C", 6},  // definite length, long form
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x82\x00\x02" "\x08" "C", 6},  // too many unused bits
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x82\xff\xff" "\x00" "C", 6},  // runt or underrun
-		{ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x83\x00\x00\x02" "\x00" "C", 7},  // definite length, long form
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x83\x00\x00\x02" "\x08" "C", 7},  // too many unused bits
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x83\xff\xff\xff" "\x00" "C", 7},  // runt or underrun
-		{ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x84\x00\x00\x00\x02" "\x00" "C", 8},  // definite length, long form
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x84\x00\x00\x00\x02" "\x08" "C", 8},  // too many unused bits
-		{REJECT, BIT_STRING, "BIT_STRING", "\x03\x84\xff\xff\xff\xff" "\x00" "C", 8},  // <== Issue 346; requires large allocation
-	};
+    // All the types Crypto++ recognizes.
+    //   "C" is one content octet with value 0x43.
+    static const ASN1_TestTuple bitStrings[] =
+    {
+        // The first "\x00" content octet is the "initial octet" representing unused bits. In the
+        //   primitive encoding form, there may be zero, one or more contents after the initial octet.
+        {ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x01" "\x00", 3},  // definite length, short form, initial octet, zero subsequent octets
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x01" "\x08", 3},  // definite length, short form, initial octet, zero subsequent octets
+        {ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x02" "\x00" "C", 4},  // definite length, short form, expected subsequent octets
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x02" "\x08" "C", 4},  // too many unused bits
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x7F" "\x00" "C", 4},  // runt or underrun
+        {ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x81\x01" "\x00", 4},  // definite length, long form, initial octet, zero subsequent octets
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x81\x01" "\x08", 4},  // definite length, long form, initial octet, zero subsequent octets
+        {ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x81\x02" "\x00" "C", 5},  // definite length, long form
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x81\x02" "\x08" "C", 5},  // too many unused bits
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x81\xff" "\x00" "C", 5},  // runt or underrun
+        {ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x82\x00\x02" "\x00" "C", 6},  // definite length, long form
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x82\x00\x02" "\x08" "C", 6},  // too many unused bits
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x82\xff\xff" "\x00" "C", 6},  // runt or underrun
+        {ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x83\x00\x00\x02" "\x00" "C", 7},  // definite length, long form
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x83\x00\x00\x02" "\x08" "C", 7},  // too many unused bits
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x83\xff\xff\xff" "\x00" "C", 7},  // runt or underrun
+        {ACCEPT, BIT_STRING, "BIT_STRING", "\x03\x84\x00\x00\x00\x02" "\x00" "C", 8},  // definite length, long form
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x84\x00\x00\x00\x02" "\x08" "C", 8},  // too many unused bits
+        {REJECT, BIT_STRING, "BIT_STRING", "\x03\x84\xff\xff\xff\xff" "\x00" "C", 8},  // <== Issue 346; requires large allocation
+    };
 
-	pass = RunASN1TestSet(bitStrings, COUNTOF(bitStrings)) && pass;
+    pass = RunASN1TestSet(bitStrings, COUNTOF(bitStrings)) && pass;
 
-	static const ASN1_TestTuple octetStrings[] =
-	{
-		// In the primitive encoding form, there may be zero, one or more contents.
-		{ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x00", 2},  // definite length, short form, zero content octets
-		{ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x01" "C", 3},  // definite length, short form, expected content octets
-		{REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x02" "C", 3},  // runt or underrun
-		{REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x7F" "C", 3},  // runt or underrun
-		{ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x81\x00", 3},  // definite length, long form, zero content octets
-		{ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x81\x01" "C", 4},  // definite length, long form, expected content octets
-		{REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x81\x02" "C", 4},  // runt or underrun
-		{REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x81\xff" "C", 4},  // runt or underrun
-		{ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x82\x00\x00", 4},  // definite length, long form, zero content octets
-		{ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x82\x00\x01" "C", 5},  // definite length, long form, expected content octets
-		{REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x82\x00\x02" "C", 5},  // runt or underrun
-		{REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x82\xff\xff" "C", 5},  // runt or underrun
-		{ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x83\x00\x00\x00", 5},  // definite length, long form, zero content octets
-		{ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x83\x00\x00\x01" "C", 6},  // definite length, long form, expected content octets
-		{REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x83\x00\x00\x02" "C", 6},  // runt or underrun
-		{REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x83\xff\xff\xff" "C", 6},  // runt or underrun
-		{ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x84\x00\x00\x00\x00", 6},  // definite length, long form, zero content octets
-		{ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x84\x00\x00\x00\x01" "C", 7},  // definite length, long form, expected content octets
-		{REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x84\x00\x00\x00\x02" "C", 7},  // runt or underrun
-		{REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x84\xff\xff\xff\xff" "C", 7},  // <== Issue 346; requires large allocation
-	};
+    static const ASN1_TestTuple octetStrings[] =
+    {
+        // In the primitive encoding form, there may be zero, one or more contents.
+        {ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x00", 2},  // definite length, short form, zero content octets
+        {ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x01" "C", 3},  // definite length, short form, expected content octets
+        {REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x02" "C", 3},  // runt or underrun
+        {REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x7F" "C", 3},  // runt or underrun
+        {ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x81\x00", 3},  // definite length, long form, zero content octets
+        {ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x81\x01" "C", 4},  // definite length, long form, expected content octets
+        {REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x81\x02" "C", 4},  // runt or underrun
+        {REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x81\xff" "C", 4},  // runt or underrun
+        {ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x82\x00\x00", 4},  // definite length, long form, zero content octets
+        {ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x82\x00\x01" "C", 5},  // definite length, long form, expected content octets
+        {REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x82\x00\x02" "C", 5},  // runt or underrun
+        {REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x82\xff\xff" "C", 5},  // runt or underrun
+        {ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x83\x00\x00\x00", 5},  // definite length, long form, zero content octets
+        {ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x83\x00\x00\x01" "C", 6},  // definite length, long form, expected content octets
+        {REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x83\x00\x00\x02" "C", 6},  // runt or underrun
+        {REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x83\xff\xff\xff" "C", 6},  // runt or underrun
+        {ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x84\x00\x00\x00\x00", 6},  // definite length, long form, zero content octets
+        {ACCEPT, OCTET_STRING, "OCTET_STRING", "\x04\x84\x00\x00\x00\x01" "C", 7},  // definite length, long form, expected content octets
+        {REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x84\x00\x00\x00\x02" "C", 7},  // runt or underrun
+        {REJECT, OCTET_STRING, "OCTET_STRING", "\x04\x84\xff\xff\xff\xff" "C", 7},  // <== Issue 346; requires large allocation
+    };
 
-	pass = RunASN1TestSet(octetStrings, COUNTOF(octetStrings)) && pass;
+    pass = RunASN1TestSet(octetStrings, COUNTOF(octetStrings)) && pass;
 
-	static const ASN1_TestTuple utf8Strings[] =
-	{
-		{ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x00", 2},  // definite length, short form, zero content octets
-		{ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x01" "C", 3},  // definite length, short form, expected content octets
-		{REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x02" "C", 3},  // runt or underrun
-		{REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x7F" "C", 3},  // runt or underrun
-		{ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x81\x00", 3},  // definite length, long form, zero content octets
-		{ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x81\x01" "C", 4},  // definite length, long form, expected content octets
-		{REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x81\x02" "C", 4},  // runt or underrun
-		{REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x81\xff" "C", 4},  // runt or underrun
-		{ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x82\x00\x00", 4},  // definite length, long form, zero content octets
-		{ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x82\x00\x01" "C", 5},  // definite length, long form, expected content octets
-		{REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x82\x00\x02" "C", 5},  // runt or underrun
-		{REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x82\xff\xff" "C", 5},  // runt or underrun
-		{ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x83\x00\x00\x00", 5},  // definite length, long form, zero content octets
-		{ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x83\x00\x00\x01" "C", 6},  // definite length, long form, expected content octets
-		{REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x83\x00\x00\x02" "C", 6},  // runt or underrun
-		{REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x83\xff\xff\xff" "C", 6},  // runt or underrun
-		{ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x84\x00\x00\x00\x00", 6},  // definite length, long form, zero content octets
-		{ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x84\x00\x00\x00\x01" "C", 7},  // definite length, long form, expected content octets
-		{REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x84\x00\x00\x00\x02" "C", 7},  // runt or underrun
-		{REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x84\xff\xff\xff\xff" "C", 7},  // <== Issue 346; requires large allocation
-	};
+    static const ASN1_TestTuple utf8Strings[] =
+    {
+        {ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x00", 2},  // definite length, short form, zero content octets
+        {ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x01" "C", 3},  // definite length, short form, expected content octets
+        {REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x02" "C", 3},  // runt or underrun
+        {REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x7F" "C", 3},  // runt or underrun
+        {ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x81\x00", 3},  // definite length, long form, zero content octets
+        {ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x81\x01" "C", 4},  // definite length, long form, expected content octets
+        {REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x81\x02" "C", 4},  // runt or underrun
+        {REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x81\xff" "C", 4},  // runt or underrun
+        {ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x82\x00\x00", 4},  // definite length, long form, zero content octets
+        {ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x82\x00\x01" "C", 5},  // definite length, long form, expected content octets
+        {REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x82\x00\x02" "C", 5},  // runt or underrun
+        {REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x82\xff\xff" "C", 5},  // runt or underrun
+        {ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x83\x00\x00\x00", 5},  // definite length, long form, zero content octets
+        {ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x83\x00\x00\x01" "C", 6},  // definite length, long form, expected content octets
+        {REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x83\x00\x00\x02" "C", 6},  // runt or underrun
+        {REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x83\xff\xff\xff" "C", 6},  // runt or underrun
+        {ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x84\x00\x00\x00\x00", 6},  // definite length, long form, zero content octets
+        {ACCEPT, UTF8_STRING, "UTF8_STRING", "\x0c\x84\x00\x00\x00\x01" "C", 7},  // definite length, long form, expected content octets
+        {REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x84\x00\x00\x00\x02" "C", 7},  // runt or underrun
+        {REJECT, UTF8_STRING, "UTF8_STRING", "\x0c\x84\xff\xff\xff\xff" "C", 7},  // <== Issue 346; requires large allocation
+    };
 
-	pass = RunASN1TestSet(utf8Strings, COUNTOF(utf8Strings)) && pass;
+    pass = RunASN1TestSet(utf8Strings, COUNTOF(utf8Strings)) && pass;
 
-	static const ASN1_TestTuple printableStrings[] =
-	{
-		{ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x00", 2},  // definite length, short form, zero content octets
-		{ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x01" "C", 3},  // definite length, short form, expected content octets
-		{REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x02" "C", 3},  // runt or underrun
-		{REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x7F" "C", 3},  // runt or underrun
-		{ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x81\x00", 3},  // definite length, long form, zero content octets
-		{ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x81\x01" "C", 4},  // definite length, long form, expected content octets
-		{REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x81\x02" "C", 4},  // runt or underrun
-		{REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x81\xff" "C", 4},  // runt or underrun
-		{ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x82\x00\x00", 4},  // definite length, long form, zero content octets
-		{ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x82\x00\x01" "C", 5},  // definite length, long form, expected content octets
-		{REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x82\x00\x02" "C", 5},  // runt or underrun
-		{REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x82\xff\xff" "C", 5},  // runt or underrun
-		{ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x83\x00\x00\x00", 5},  // definite length, long form, zero content octets
-		{ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x83\x00\x00\x01" "C", 6},  // definite length, long form, expected content octets
-		{REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x83\x00\x00\x02" "C", 6},  // runt or underrun
-		{REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x83\xff\xff\xff" "C", 6},  // runt or underrun
-		{ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x84\x00\x00\x00\x00", 6},  // definite length, long form, zero content octets
-		{ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x84\x00\x00\x00\x01" "C", 7},  // definite length, long form, expected content octets
-		{REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x84\x00\x00\x00\x02" "C", 7},  // runt or underrun
-		{REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x84\xff\xff\xff\xff" "C", 7},  // <== Issue 346; requires large allocation
-	};
+    static const ASN1_TestTuple printableStrings[] =
+    {
+        {ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x00", 2},  // definite length, short form, zero content octets
+        {ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x01" "C", 3},  // definite length, short form, expected content octets
+        {REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x02" "C", 3},  // runt or underrun
+        {REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x7F" "C", 3},  // runt or underrun
+        {ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x81\x00", 3},  // definite length, long form, zero content octets
+        {ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x81\x01" "C", 4},  // definite length, long form, expected content octets
+        {REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x81\x02" "C", 4},  // runt or underrun
+        {REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x81\xff" "C", 4},  // runt or underrun
+        {ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x82\x00\x00", 4},  // definite length, long form, zero content octets
+        {ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x82\x00\x01" "C", 5},  // definite length, long form, expected content octets
+        {REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x82\x00\x02" "C", 5},  // runt or underrun
+        {REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x82\xff\xff" "C", 5},  // runt or underrun
+        {ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x83\x00\x00\x00", 5},  // definite length, long form, zero content octets
+        {ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x83\x00\x00\x01" "C", 6},  // definite length, long form, expected content octets
+        {REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x83\x00\x00\x02" "C", 6},  // runt or underrun
+        {REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x83\xff\xff\xff" "C", 6},  // runt or underrun
+        {ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x84\x00\x00\x00\x00", 6},  // definite length, long form, zero content octets
+        {ACCEPT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x84\x00\x00\x00\x01" "C", 7},  // definite length, long form, expected content octets
+        {REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x84\x00\x00\x00\x02" "C", 7},  // runt or underrun
+        {REJECT, PRINTABLE_STRING, "PRINTABLE_STRING", "\x13\x84\xff\xff\xff\xff" "C", 7},  // <== Issue 346; requires large allocation
+    };
 
-	pass = RunASN1TestSet(printableStrings, COUNTOF(printableStrings)) && pass;
+    pass = RunASN1TestSet(printableStrings, COUNTOF(printableStrings)) && pass;
 
-	static const ASN1_TestTuple ia5Strings[] =
-	{
-		{ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x00", 2},  // definite length, short form, zero content octets
-		{ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x01" "C", 3},  // definite length, short form, expected content octets
-		{REJECT, IA5_STRING, "IA5_STRING", "\x16\x02" "C", 3},  // runt or underrun
-		{REJECT, IA5_STRING, "IA5_STRING", "\x16\x7F" "C", 3},  // runt or underrun
-		{ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x81\x00", 3},  // definite length, long form, zero content octets
-		{ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x81\x01" "C", 4},  // definite length, long form, expected content octets
-		{REJECT, IA5_STRING, "IA5_STRING", "\x16\x81\x02" "C", 4},  // runt or underrun
-		{REJECT, IA5_STRING, "IA5_STRING", "\x16\x81\xff" "C", 4},  // runt or underrun
-		{ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x82\x00\x00", 4},  // definite length, long form, zero content octets
-		{ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x82\x00\x01" "C", 5},  // definite length, long form, expected content octets
-		{REJECT, IA5_STRING, "IA5_STRING", "\x16\x82\x00\x02" "C", 5},  // runt or underrun
-		{REJECT, IA5_STRING, "IA5_STRING", "\x16\x82\xff\xff" "C", 5},  // runt or underrun
-		{ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x83\x00\x00\x00", 5},  // definite length, long form, zero content octets
-		{ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x83\x00\x00\x01" "C", 6},  // definite length, long form, expected content octets
-		{REJECT, IA5_STRING, "IA5_STRING", "\x16\x83\x00\x00\x02" "C", 6},  // runt or underrun
-		{REJECT, IA5_STRING, "IA5_STRING", "\x16\x83\xff\xff\xff" "C", 6},  // runt or underrun
-		{ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x84\x00\x00\x00\x00", 6},  // definite length, long form, zero content octets
-		{ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x84\x00\x00\x00\x01" "C", 7},  // definite length, long form, expected content octets
-		{REJECT, IA5_STRING, "IA5_STRING", "\x16\x84\x00\x00\x00\x02" "C", 7},  // runt or underrun
-		{REJECT, IA5_STRING, "IA5_STRING", "\x16\x84\xff\xff\xff\xff" "C", 7},  // <== Issue 346; requires large allocation
-	};
+    static const ASN1_TestTuple ia5Strings[] =
+    {
+        {ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x00", 2},  // definite length, short form, zero content octets
+        {ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x01" "C", 3},  // definite length, short form, expected content octets
+        {REJECT, IA5_STRING, "IA5_STRING", "\x16\x02" "C", 3},  // runt or underrun
+        {REJECT, IA5_STRING, "IA5_STRING", "\x16\x7F" "C", 3},  // runt or underrun
+        {ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x81\x00", 3},  // definite length, long form, zero content octets
+        {ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x81\x01" "C", 4},  // definite length, long form, expected content octets
+        {REJECT, IA5_STRING, "IA5_STRING", "\x16\x81\x02" "C", 4},  // runt or underrun
+        {REJECT, IA5_STRING, "IA5_STRING", "\x16\x81\xff" "C", 4},  // runt or underrun
+        {ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x82\x00\x00", 4},  // definite length, long form, zero content octets
+        {ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x82\x00\x01" "C", 5},  // definite length, long form, expected content octets
+        {REJECT, IA5_STRING, "IA5_STRING", "\x16\x82\x00\x02" "C", 5},  // runt or underrun
+        {REJECT, IA5_STRING, "IA5_STRING", "\x16\x82\xff\xff" "C", 5},  // runt or underrun
+        {ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x83\x00\x00\x00", 5},  // definite length, long form, zero content octets
+        {ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x83\x00\x00\x01" "C", 6},  // definite length, long form, expected content octets
+        {REJECT, IA5_STRING, "IA5_STRING", "\x16\x83\x00\x00\x02" "C", 6},  // runt or underrun
+        {REJECT, IA5_STRING, "IA5_STRING", "\x16\x83\xff\xff\xff" "C", 6},  // runt or underrun
+        {ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x84\x00\x00\x00\x00", 6},  // definite length, long form, zero content octets
+        {ACCEPT, IA5_STRING, "IA5_STRING", "\x16\x84\x00\x00\x00\x01" "C", 7},  // definite length, long form, expected content octets
+        {REJECT, IA5_STRING, "IA5_STRING", "\x16\x84\x00\x00\x00\x02" "C", 7},  // runt or underrun
+        {REJECT, IA5_STRING, "IA5_STRING", "\x16\x84\xff\xff\xff\xff" "C", 7},  // <== Issue 346; requires large allocation
+    };
 
-	pass = RunASN1TestSet(ia5Strings, COUNTOF(ia5Strings)) && pass;
+    pass = RunASN1TestSet(ia5Strings, COUNTOF(ia5Strings)) && pass;
 
-	static const ASN1_TestTuple integerValues[] =
-	{
-		// 8.3.1 The encoding of an integer value shall be primitive. The contents octets shall consist of one or more octets.
-		{REJECT, INTEGER, "INTEGER", "\x02\x00", 2},  // definite length, short form, zero content octets
-		{ACCEPT, INTEGER, "INTEGER", "\x02\x01" "C", 3},  // definite length, short form, expected content octets
-		{REJECT, INTEGER, "INTEGER", "\x02\x02" "C", 3},  // runt or underrun
-		{REJECT, INTEGER, "INTEGER", "\x02\x7F" "C", 3},  // runt or underrun
-		{REJECT, INTEGER, "INTEGER", "\x02\x81\x00", 3},  // definite length, long form, zero content octets
-		{ACCEPT, INTEGER, "INTEGER", "\x02\x81\x01" "C", 4},  // definite length, long form, expected content octets
-		{REJECT, INTEGER, "INTEGER", "\x02\x81\x02" "C", 4},  // runt or underrun
-		{REJECT, INTEGER, "INTEGER", "\x02\x81\xff" "C", 4},  // runt or underrun
-		{REJECT, INTEGER, "INTEGER", "\x02\x82\x00\x00", 4},  // definite length, long form, zero content octets
-		{ACCEPT, INTEGER, "INTEGER", "\x02\x82\x00\x01" "C", 5},  // definite length, long form, expected content octets
-		{REJECT, INTEGER, "INTEGER", "\x02\x82\x00\x02" "C", 5},  // runt or underrun
-		{REJECT, INTEGER, "INTEGER", "\x02\x82\xff\xff" "C", 5},  // runt or underrun
-		{REJECT, INTEGER, "INTEGER", "\x02\x83\x00\x00\x00", 5},  // definite length, long form, zero content octets
-		{ACCEPT, INTEGER, "INTEGER", "\x02\x83\x00\x00\x01" "C", 6},  // definite length, long form, expected content octets
-		{REJECT, INTEGER, "INTEGER", "\x02\x83\x00\x00\x02" "C", 6},  // runt or underrun
-		{REJECT, INTEGER, "INTEGER", "\x02\x83\xff\xff\xff" "C", 6},  // runt or underrun
-		{REJECT, INTEGER, "INTEGER", "\x02\x84\x00\x00\x00\x00", 6},  // definite length, long form, zero content octets
-		{ACCEPT, INTEGER, "INTEGER", "\x02\x84\x00\x00\x00\x01" "C", 7},  // definite length, long form, expected content octets
-		{REJECT, INTEGER, "INTEGER", "\x02\x84\x00\x00\x00\x02" "C", 7},  // runt or underrun
-		{REJECT, INTEGER, "INTEGER", "\x02\x84\xff\xff\xff\xff" "C", 7},  // <== Issue 346; requires large allocation
-	};
+    static const ASN1_TestTuple integerValues[] =
+    {
+        // 8.3.1 The encoding of an integer value shall be primitive. The contents octets shall consist of one or more octets.
+        {REJECT, INTEGER, "INTEGER", "\x02\x00", 2},  // definite length, short form, zero content octets
+        {ACCEPT, INTEGER, "INTEGER", "\x02\x01" "C", 3},  // definite length, short form, expected content octets
+        {REJECT, INTEGER, "INTEGER", "\x02\x02" "C", 3},  // runt or underrun
+        {REJECT, INTEGER, "INTEGER", "\x02\x7F" "C", 3},  // runt or underrun
+        {REJECT, INTEGER, "INTEGER", "\x02\x81\x00", 3},  // definite length, long form, zero content octets
+        {ACCEPT, INTEGER, "INTEGER", "\x02\x81\x01" "C", 4},  // definite length, long form, expected content octets
+        {REJECT, INTEGER, "INTEGER", "\x02\x81\x02" "C", 4},  // runt or underrun
+        {REJECT, INTEGER, "INTEGER", "\x02\x81\xff" "C", 4},  // runt or underrun
+        {REJECT, INTEGER, "INTEGER", "\x02\x82\x00\x00", 4},  // definite length, long form, zero content octets
+        {ACCEPT, INTEGER, "INTEGER", "\x02\x82\x00\x01" "C", 5},  // definite length, long form, expected content octets
+        {REJECT, INTEGER, "INTEGER", "\x02\x82\x00\x02" "C", 5},  // runt or underrun
+        {REJECT, INTEGER, "INTEGER", "\x02\x82\xff\xff" "C", 5},  // runt or underrun
+        {REJECT, INTEGER, "INTEGER", "\x02\x83\x00\x00\x00", 5},  // definite length, long form, zero content octets
+        {ACCEPT, INTEGER, "INTEGER", "\x02\x83\x00\x00\x01" "C", 6},  // definite length, long form, expected content octets
+        {REJECT, INTEGER, "INTEGER", "\x02\x83\x00\x00\x02" "C", 6},  // runt or underrun
+        {REJECT, INTEGER, "INTEGER", "\x02\x83\xff\xff\xff" "C", 6},  // runt or underrun
+        {REJECT, INTEGER, "INTEGER", "\x02\x84\x00\x00\x00\x00", 6},  // definite length, long form, zero content octets
+        {ACCEPT, INTEGER, "INTEGER", "\x02\x84\x00\x00\x00\x01" "C", 7},  // definite length, long form, expected content octets
+        {REJECT, INTEGER, "INTEGER", "\x02\x84\x00\x00\x00\x02" "C", 7},  // runt or underrun
+        {REJECT, INTEGER, "INTEGER", "\x02\x84\xff\xff\xff\xff" "C", 7},  // <== Issue 346; requires large allocation
+    };
 
-	pass = RunASN1TestSet(integerValues, COUNTOF(integerValues)) && pass;
+    pass = RunASN1TestSet(integerValues, COUNTOF(integerValues)) && pass;
 
-	return pass;
+    return pass;
 }
 #endif
 
 #if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
 bool TestSecBlock()
 {
-	std::cout << "\nTesting SecBlock...\n\n";
+    std::cout << "\nTesting SecBlock...\n\n";
 
-	bool pass1=true, pass2=true, pass3=true, pass4=true, pass5=true, pass6=true, pass7=true, temp=false;
+    bool pass1=true, pass2=true, pass3=true, pass4=true, pass5=true, pass6=true, pass7=true, temp=false;
 
-	//************ Allocators ************//
+    //************ Allocators ************//
 
-	{
-		std::basic_string<char, std::char_traits<char>, AllocatorWithCleanup<char, false> > s1;
-		std::basic_string<char, std::char_traits<char>, AllocatorWithCleanup<char,  true> > s2;
-		s1.resize(1024); s2.resize(1024);
+    {
+        std::basic_string<char, std::char_traits<char>, AllocatorWithCleanup<char, false> > s1;
+        std::basic_string<char, std::char_traits<char>, AllocatorWithCleanup<char,  true> > s2;
+        s1.resize(1024); s2.resize(1024);
 
-		std::vector<byte, AllocatorWithCleanup<byte, false> > v1;
-		std::vector<byte, AllocatorWithCleanup<byte,  true> > v2;
-		v1.resize(1024); v2.resize(1024);
-	}
+        std::vector<byte, AllocatorWithCleanup<byte, false> > v1;
+        std::vector<byte, AllocatorWithCleanup<byte,  true> > v2;
+        v1.resize(1024); v2.resize(1024);
+    }
 
-	//********** Zeroized block **********//
+    //********** Zeroized block **********//
 
-	{
-		// NULL ptr with a size means to create a new SecBlock with all elements zero'd
-		SecByteBlock z1(NULLPTR, 256);
-		temp = true;
+    {
+        // NULL ptr with a size means to create a new SecBlock with all elements zero'd
+        SecByteBlock z1(NULLPTR, 256);
+        temp = true;
 
-		for (size_t i = 0; i < z1.size(); i++)
-			temp &= (z1[i] == 0);
+        for (size_t i = 0; i < z1.size(); i++)
+            temp &= (z1[i] == 0);
 
-		pass1 &= temp;
-		if (!temp)
-			std::cout << "FAILED:  ";
-		else
-			std::cout << "passed:  ";
-		std::cout << "Zeroized byte array" << std::endl;
+        pass1 &= temp;
+        if (!temp)
+            std::cout << "FAILED:   ";
+        else
+            std::cout << "passed:   ";
+        std::cout << "Zeroized byte array" << std::endl;
 
-		SecBlock<word32> z2(NULLPTR, 256);
-		temp = true;
+        SecBlock<word32> z2(NULLPTR, 256);
+        temp = true;
 
-		for (size_t i = 0; i < z2.size(); i++)
-			temp &= (z2[i] == 0);
+        for (size_t i = 0; i < z2.size(); i++)
+            temp &= (z2[i] == 0);
 
-		pass1 &= temp;
-		if (!temp)
-			std::cout << "FAILED:  ";
-		else
-			std::cout << "passed:  ";
-		std::cout << "Zeroized word32 array" << std::endl;
+        pass1 &= temp;
+        if (!temp)
+            std::cout << "FAILED:   ";
+        else
+            std::cout << "passed:   ";
+        std::cout << "Zeroized word32 array" << std::endl;
 
-		SecBlock<word64> z3(NULLPTR, 256);
-		temp = true;
+        SecBlock<word64> z3(NULLPTR, 256);
+        temp = true;
 
-		for (size_t i = 0; i < z3.size(); i++)
-			temp &= (z3[i] == 0);
+        for (size_t i = 0; i < z3.size(); i++)
+            temp &= (z3[i] == 0);
 
-		pass1 &= temp;
-		if (!temp)
-			std::cout << "FAILED:  ";
-		else
-			std::cout << "passed:  ";
-		std::cout << "Zeroized word64 array" << std::endl;
+        pass1 &= temp;
+        if (!temp)
+            std::cout << "FAILED:   ";
+        else
+            std::cout << "passed:   ";
+        std::cout << "Zeroized word64 array" << std::endl;
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
-		SecBlock<word128> z4(NULLPTR, 256);
-		temp = true;
+        SecBlock<word128> z4(NULLPTR, 256);
+        temp = true;
 
-		for (size_t i = 0; i < z4.size(); i++)
-			temp &= (z4[i] == 0);
+        for (size_t i = 0; i < z4.size(); i++)
+            temp &= (z4[i] == 0);
 
-		pass1 &= temp;
-		if (!temp)
-			std::cout << "FAILED:  ";
-		else
-			std::cout << "passed:  ";
-		std::cout << "Zeroized word128 array" << std::endl;
+        pass1 &= temp;
+        if (!temp)
+            std::cout << "FAILED:   ";
+        else
+            std::cout << "passed:   ";
+        std::cout << "Zeroized word128 array" << std::endl;
 #endif
-	}
+    }
 
-	//********** Non-zero'd block **********//
+    //********** Non-zero'd block **********//
 
-	{
-		SecByteBlock z1(NULLPTR, 256);
-		z1.SetMark(0);
+    {
+        SecByteBlock z1(NULLPTR, 256);
+        z1.SetMark(0);
 
-		SecBlock<word32> z2(NULLPTR, 256);
-		z2.SetMark(0);
+        SecBlock<word32> z2(NULLPTR, 256);
+        z2.SetMark(0);
 
-		SecBlock<word64> z3(NULLPTR, 256);
-		z3.SetMark(0);
+        SecBlock<word64> z3(NULLPTR, 256);
+        z3.SetMark(0);
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
-		SecBlock<word128> z4(NULLPTR, 256);
-		z4.SetMark(0);
+        SecBlock<word128> z4(NULLPTR, 256);
+        z4.SetMark(0);
 #endif
-	}
+    }
 
-	//********** Assign **********//
+    //********** Assign **********//
 
-	try
-	{
-		SecByteBlock a, b;
-		temp = true;
+    try
+    {
+        SecByteBlock a, b;
+        temp = true;
 
-		a.Assign((const byte*)"a", 1);
-		b.Assign((const byte*)"b", 1);
+        a.Assign((const byte*)"a", 1);
+        b.Assign((const byte*)"b", 1);
 
-		temp &= (a.SizeInBytes() == 1);
-		temp &= (b.SizeInBytes() == 1);
-		temp &= (a[0] == 'a');
-		temp &= (b[0] == 'b');
+        temp &= (a.SizeInBytes() == 1);
+        temp &= (b.SizeInBytes() == 1);
+        temp &= (a[0] == 'a');
+        temp &= (b[0] == 'b');
 
-		a.Assign((const byte*)"ab", 2);
-		b.Assign((const byte*)"cd", 2);
+        a.Assign((const byte*)"ab", 2);
+        b.Assign((const byte*)"cd", 2);
 
-		temp &= (a.SizeInBytes() == 2);
-		temp &= (b.SizeInBytes() == 2);
-		temp &= (a[0] == 'a' && a[1] == 'b');
-		temp &= (b[0] == 'c' && b[1] == 'd');
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        temp &= (a.SizeInBytes() == 2);
+        temp &= (b.SizeInBytes() == 2);
+        temp &= (a[0] == 'a' && a[1] == 'b');
+        temp &= (b[0] == 'c' && b[1] == 'd');
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass2 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Assign byte" << std::endl;
+    pass2 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Assign byte" << std::endl;
 
-	try
-	{
-		SecBlock<word32> a, b;
-		temp = true;
+    try
+    {
+        SecBlock<word32> a, b;
+        temp = true;
 
-		word32 one[1] = {1}, two[1] = {2};
-		a.Assign(one, 1);
-		b.Assign(two, 1);
+        word32 one[1] = {1}, two[1] = {2};
+        a.Assign(one, 1);
+        b.Assign(two, 1);
 
-		temp &= (a.SizeInBytes() == 4);
-		temp &= (b.SizeInBytes() == 4);
-		temp &= (a[0] == 1);
-		temp &= (b[0] == 2);
+        temp &= (a.SizeInBytes() == 4);
+        temp &= (b.SizeInBytes() == 4);
+        temp &= (a[0] == 1);
+        temp &= (b[0] == 2);
 
-		word32 three[2] = {1,2}, four[2] = {3,4};
-		a.Assign(three, 2);
-		b.Assign(four, 2);
+        word32 three[2] = {1,2}, four[2] = {3,4};
+        a.Assign(three, 2);
+        b.Assign(four, 2);
 
-		temp &= (a.SizeInBytes() == 8);
-		temp &= (b.SizeInBytes() == 8);
-		temp &= (a[0] == 1 && a[1] == 2);
-		temp &= (b[0] == 3 && b[1] == 4);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        temp &= (a.SizeInBytes() == 8);
+        temp &= (b.SizeInBytes() == 8);
+        temp &= (a[0] == 1 && a[1] == 2);
+        temp &= (b[0] == 3 && b[1] == 4);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass2 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Assign word32" << std::endl;
+    pass2 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Assign word32" << std::endl;
 
-	try
-	{
-		SecBlock<word64> a, b;
-		temp = true;
+    try
+    {
+        SecBlock<word64> a, b;
+        temp = true;
 
-		word64 one[1] = {1}, two[1] = {2};
-		a.Assign(one, 1);
-		b.Assign(two, 1);
+        word64 one[1] = {1}, two[1] = {2};
+        a.Assign(one, 1);
+        b.Assign(two, 1);
 
-		temp &= (a.SizeInBytes() == 8);
-		temp &= (b.SizeInBytes() == 8);
-		temp &= (a[0] == 1);
-		temp &= (b[0] == 2);
+        temp &= (a.SizeInBytes() == 8);
+        temp &= (b.SizeInBytes() == 8);
+        temp &= (a[0] == 1);
+        temp &= (b[0] == 2);
 
-		word64 three[2] = {1,2}, four[2] = {3,4};
-		a.Assign(three, 2);
-		b.Assign(four, 2);
+        word64 three[2] = {1,2}, four[2] = {3,4};
+        a.Assign(three, 2);
+        b.Assign(four, 2);
 
-		temp &= (a.SizeInBytes() == 16);
-		temp &= (b.SizeInBytes() == 16);
-		temp &= (a[0] == 1 && a[1] == 2);
-		temp &= (b[0] == 3 && b[1] == 4);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        temp &= (a.SizeInBytes() == 16);
+        temp &= (b.SizeInBytes() == 16);
+        temp &= (a[0] == 1 && a[1] == 2);
+        temp &= (b[0] == 3 && b[1] == 4);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass2 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Assign word64" << std::endl;
+    pass2 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Assign word64" << std::endl;
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
-	try
-	{
-		SecBlock<word128> a, b;
-		temp = true;
+    try
+    {
+        SecBlock<word128> a, b;
+        temp = true;
 
-		word128 one[1] = {1}, two[1] = {2};
-		a.Assign(one, 1);
-		b.Assign(two, 1);
+        word128 one[1] = {1}, two[1] = {2};
+        a.Assign(one, 1);
+        b.Assign(two, 1);
 
-		temp &= (a.SizeInBytes() == 16);
-		temp &= (b.SizeInBytes() == 16);
-		temp &= (a[0] == 1);
-		temp &= (b[0] == 2);
+        temp &= (a.SizeInBytes() == 16);
+        temp &= (b.SizeInBytes() == 16);
+        temp &= (a[0] == 1);
+        temp &= (b[0] == 2);
 
-		word128 three[2] = {1,2}, four[2] = {3,4};
-		a.Assign(three, 2);
-		b.Assign(four, 2);
+        word128 three[2] = {1,2}, four[2] = {3,4};
+        a.Assign(three, 2);
+        b.Assign(four, 2);
 
-		temp &= (a.SizeInBytes() == 32);
-		temp &= (b.SizeInBytes() == 32);
-		temp &= (a[0] == 1 && a[1] == 2);
-		temp &= (b[0] == 3 && b[1] == 4);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        temp &= (a.SizeInBytes() == 32);
+        temp &= (b.SizeInBytes() == 32);
+        temp &= (a[0] == 1 && a[1] == 2);
+        temp &= (b[0] == 3 && b[1] == 4);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass2 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Assign word128" << std::endl;
+    pass2 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Assign word128" << std::endl;
 #endif
 
-	//********** Append **********//
+    //********** Append **********//
 
-	try
-	{
-		SecByteBlock a, b;
-		temp = true;
+    try
+    {
+        SecByteBlock a, b;
+        temp = true;
 
-		a.Assign((const byte*)"a", 1);
-		b.Assign((const byte*)"b", 1);
+        a.Assign((const byte*)"a", 1);
+        b.Assign((const byte*)"b", 1);
 
-		a += b;
-		temp &= (a.SizeInBytes() == 2);
-		temp &= (a[0] == 'a' && a[1] == 'b');
+        a += b;
+        temp &= (a.SizeInBytes() == 2);
+        temp &= (a[0] == 'a' && a[1] == 'b');
 
-		a.Assign((const byte*)"ab", 2);
-		b.Assign((const byte*)"cd", 2);
+        a.Assign((const byte*)"ab", 2);
+        b.Assign((const byte*)"cd", 2);
 
-		a += b;
-		temp &= (a.SizeInBytes() == 4);
-		temp &= (a[0] == 'a' && a[1] == 'b' && a[2] == 'c' && a[3] == 'd');
+        a += b;
+        temp &= (a.SizeInBytes() == 4);
+        temp &= (a[0] == 'a' && a[1] == 'b' && a[2] == 'c' && a[3] == 'd');
 
-		a.Assign((const byte*)"a", 1);
+        a.Assign((const byte*)"a", 1);
 
-		a += a;
-		temp &= (a.SizeInBytes() == 2);
-		temp &= (a[0] == 'a' && a[1] == 'a');
+        a += a;
+        temp &= (a.SizeInBytes() == 2);
+        temp &= (a[0] == 'a' && a[1] == 'a');
 
-		a.Assign((const byte*)"ab", 2);
+        a.Assign((const byte*)"ab", 2);
 
-		a += a;
-		temp &= (a.SizeInBytes() == 4);
-		temp &= (a[0] == 'a' && a[1] == 'b' && a[2] == 'a' && a[3] == 'b');
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        a += a;
+        temp &= (a.SizeInBytes() == 4);
+        temp &= (a[0] == 'a' && a[1] == 'b' && a[2] == 'a' && a[3] == 'b');
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass3 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Append byte" << std::endl;
+    pass3 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Append byte" << std::endl;
 
-	try
-	{
-		SecBlock<word32> a, b;
-		temp = true;
+    try
+    {
+        SecBlock<word32> a, b;
+        temp = true;
 
-		const word32 one[1] = {1}, two[1] = {2};
-		a.Assign(one, 1);
-		b.Assign(two, 1);
+        const word32 one[1] = {1}, two[1] = {2};
+        a.Assign(one, 1);
+        b.Assign(two, 1);
 
-		a += b;
-		temp &= (a.SizeInBytes() == 8);
-		temp &= (a[0] == 1 && a[1] == 2);
+        a += b;
+        temp &= (a.SizeInBytes() == 8);
+        temp &= (a[0] == 1 && a[1] == 2);
 
-		const word32 three[2] = {1,2}, four[2] = {3,4};
-		a.Assign(three, 2);
-		b.Assign(four, 2);
+        const word32 three[2] = {1,2}, four[2] = {3,4};
+        a.Assign(three, 2);
+        b.Assign(four, 2);
 
-		a += b;
-		temp &= (a.SizeInBytes() == 16);
-		temp &= (a[0] == 1 && a[1] == 2 && a[2] == 3 && a[3] == 4);
+        a += b;
+        temp &= (a.SizeInBytes() == 16);
+        temp &= (a[0] == 1 && a[1] == 2 && a[2] == 3 && a[3] == 4);
 
-		a.Assign(one, 1);
+        a.Assign(one, 1);
 
-		a += a;
-		temp &= (a.SizeInBytes() == 8);
-		temp &= (a[0] == 1 && a[1] == 1);
+        a += a;
+        temp &= (a.SizeInBytes() == 8);
+        temp &= (a[0] == 1 && a[1] == 1);
 
-		a.Assign(three, 2);
+        a.Assign(three, 2);
 
-		a += a;
-		temp &= (a.SizeInBytes() == 16);
-		temp &= (a[0] == 1 && a[1] == 2 && a[2] == 1 && a[3] == 2);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        a += a;
+        temp &= (a.SizeInBytes() == 16);
+        temp &= (a[0] == 1 && a[1] == 2 && a[2] == 1 && a[3] == 2);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass3 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Append word32" << std::endl;
+    pass3 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Append word32" << std::endl;
 
-	try
-	{
-		SecBlock<word64> a, b;
-		temp = true;
+    try
+    {
+        SecBlock<word64> a, b;
+        temp = true;
 
-		const word64 one[1] = {1}, two[1] = {2};
-		a.Assign(one, 1);
-		b.Assign(two, 1);
+        const word64 one[1] = {1}, two[1] = {2};
+        a.Assign(one, 1);
+        b.Assign(two, 1);
 
-		a += b;
-		temp &= (a.SizeInBytes() == 16);
-		temp &= (a[0] == 1 && a[1] == 2);
+        a += b;
+        temp &= (a.SizeInBytes() == 16);
+        temp &= (a[0] == 1 && a[1] == 2);
 
-		const word64 three[2] = {1,2}, four[2] = {3,4};
-		a.Assign(three, 2);
-		b.Assign(four, 2);
+        const word64 three[2] = {1,2}, four[2] = {3,4};
+        a.Assign(three, 2);
+        b.Assign(four, 2);
 
-		a += b;
-		temp &= (a.SizeInBytes() == 32);
-		temp &= (a[0] == 1 && a[1] == 2 && a[2] == 3 && a[3] == 4);
+        a += b;
+        temp &= (a.SizeInBytes() == 32);
+        temp &= (a[0] == 1 && a[1] == 2 && a[2] == 3 && a[3] == 4);
 
-		a.Assign(one, 1);
+        a.Assign(one, 1);
 
-		a += a;
-		temp &= (a.SizeInBytes() == 16);
-		temp &= (a[0] == 1 && a[1] == 1);
+        a += a;
+        temp &= (a.SizeInBytes() == 16);
+        temp &= (a[0] == 1 && a[1] == 1);
 
-		a.Assign(three, 2);
+        a.Assign(three, 2);
 
-		a += a;
-		temp &= (a.SizeInBytes() == 32);
-		temp &= (a[0] == 1 && a[1] == 2 && a[2] == 1 && a[3] == 2);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        a += a;
+        temp &= (a.SizeInBytes() == 32);
+        temp &= (a[0] == 1 && a[1] == 2 && a[2] == 1 && a[3] == 2);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass3 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Append word64" << std::endl;
+    pass3 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Append word64" << std::endl;
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
-	try
-	{
-		SecBlock<word128> a, b;
-		temp = true;
+    try
+    {
+        SecBlock<word128> a, b;
+        temp = true;
 
-		const word128 one[1] = {1}, two[1] = {2};
-		a.Assign(one, 1);
-		b.Assign(two, 1);
+        const word128 one[1] = {1}, two[1] = {2};
+        a.Assign(one, 1);
+        b.Assign(two, 1);
 
-		a += b;
-		temp &= (a.SizeInBytes() == 32);
-		temp &= (a[0] == 1 && a[1] == 2);
+        a += b;
+        temp &= (a.SizeInBytes() == 32);
+        temp &= (a[0] == 1 && a[1] == 2);
 
-		const word128 three[2] = {1,2}, four[2] = {3,4};
-		a.Assign(three, 2);
-		b.Assign(four, 2);
+        const word128 three[2] = {1,2}, four[2] = {3,4};
+        a.Assign(three, 2);
+        b.Assign(four, 2);
 
-		a += b;
-		temp &= (a.SizeInBytes() == 64);
-		temp &= (a[0] == 1 && a[1] == 2 && a[2] == 3 && a[3] == 4);
+        a += b;
+        temp &= (a.SizeInBytes() == 64);
+        temp &= (a[0] == 1 && a[1] == 2 && a[2] == 3 && a[3] == 4);
 
-		a.Assign(one, 1);
+        a.Assign(one, 1);
 
-		a += a;
-		temp &= (a.SizeInBytes() == 32);
-		temp &= (a[0] == 1 && a[1] == 1);
+        a += a;
+        temp &= (a.SizeInBytes() == 32);
+        temp &= (a[0] == 1 && a[1] == 1);
 
-		a.Assign(three, 2);
+        a.Assign(three, 2);
 
-		a += a;
-		temp &= (a.SizeInBytes() == 64);
-		temp &= (a[0] == 1 && a[1] == 2 && a[2] == 1 && a[3] == 2);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        a += a;
+        temp &= (a.SizeInBytes() == 64);
+        temp &= (a[0] == 1 && a[1] == 2 && a[2] == 1 && a[3] == 2);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass3 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Append word128" << std::endl;
+    pass3 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Append word128" << std::endl;
 #endif
 
-	//********** Concatenate **********//
+    //********** Concatenate **********//
 
-	// byte
-	try
-	{
-		SecByteBlock a, b, c;
-		temp = true;
+    // byte
+    try
+    {
+        SecByteBlock a, b, c;
+        temp = true;
 
-		a.Assign((const byte*)"a", 1);
-		b.Assign((const byte*)"b", 1);
+        a.Assign((const byte*)"a", 1);
+        b.Assign((const byte*)"b", 1);
 
-		c = a + b;
-		temp &= (a[0] == 'a');
-		temp &= (b[0] == 'b');
-		temp &= (c.SizeInBytes() == 2);
-		temp &= (c[0] == 'a' && c[1] == 'b');
+        c = a + b;
+        temp &= (a[0] == 'a');
+        temp &= (b[0] == 'b');
+        temp &= (c.SizeInBytes() == 2);
+        temp &= (c[0] == 'a' && c[1] == 'b');
 
-		a.Assign((const byte*)"ab", 2);
-		b.Assign((const byte*)"cd", 2);
+        a.Assign((const byte*)"ab", 2);
+        b.Assign((const byte*)"cd", 2);
 
-		c = a + b;
-		temp &= (a[0] == 'a' && a[1] == 'b');
-		temp &= (b[0] == 'c' && b[1] == 'd');
-		temp &= (c.SizeInBytes() == 4);
-		temp &= (c[0] == 'a' && c[1] == 'b' && c[2] == 'c' && c[3] == 'd');
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        c = a + b;
+        temp &= (a[0] == 'a' && a[1] == 'b');
+        temp &= (b[0] == 'c' && b[1] == 'd');
+        temp &= (c.SizeInBytes() == 4);
+        temp &= (c[0] == 'a' && c[1] == 'b' && c[2] == 'c' && c[3] == 'd');
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass4 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Concatenate byte" << std::endl;
+    pass4 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Concatenate byte" << std::endl;
 
-	// word32
-	try
-	{
-		SecBlock<word32> a, b, c;
-		temp = true;
+    // word32
+    try
+    {
+        SecBlock<word32> a, b, c;
+        temp = true;
 
-		const word32 one[1] = {1}, two[1] = {2};
-		a.Assign(one, 1);
-		b.Assign(two, 1);
+        const word32 one[1] = {1}, two[1] = {2};
+        a.Assign(one, 1);
+        b.Assign(two, 1);
 
-		c = a + b;
-		temp &= (a[0] == 1);
-		temp &= (b[0] == 2);
-		temp &= (c.SizeInBytes() == 8);
-		temp &= (c[0] == 1 && c[1] == 2);
+        c = a + b;
+        temp &= (a[0] == 1);
+        temp &= (b[0] == 2);
+        temp &= (c.SizeInBytes() == 8);
+        temp &= (c[0] == 1 && c[1] == 2);
 
-		const word32 three[2] = {1,2}, four[2] = {3,4};
-		a.Assign(three, 2);
-		b.Assign(four, 2);
+        const word32 three[2] = {1,2}, four[2] = {3,4};
+        a.Assign(three, 2);
+        b.Assign(four, 2);
 
-		c = a + b;
-		temp &= (a[0] == 1 && a[1] == 2);
-		temp &= (b[0] == 3 && b[1] == 4);
-		temp &= (c.SizeInBytes() == 16);
-		temp &= (c[0] == 1 && c[1] == 2 && c[2] == 3 && c[3] == 4);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        c = a + b;
+        temp &= (a[0] == 1 && a[1] == 2);
+        temp &= (b[0] == 3 && b[1] == 4);
+        temp &= (c.SizeInBytes() == 16);
+        temp &= (c[0] == 1 && c[1] == 2 && c[2] == 3 && c[3] == 4);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass4 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Concatenate word32" << std::endl;
+    pass4 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Concatenate word32" << std::endl;
 
-	// word64
-	try
-	{
-		SecBlock<word64> a, b, c;
-		temp = true;
+    // word64
+    try
+    {
+        SecBlock<word64> a, b, c;
+        temp = true;
 
-		const word64 one[1] = {1}, two[1] = {2};
-		a.Assign(one, 1);
-		b.Assign(two, 1);
+        const word64 one[1] = {1}, two[1] = {2};
+        a.Assign(one, 1);
+        b.Assign(two, 1);
 
-		c = a + b;
-		temp &= (a[0] == 1);
-		temp &= (b[0] == 2);
-		temp &= (c.SizeInBytes() == 16);
-		temp &= (c[0] == 1 && c[1] == 2);
+        c = a + b;
+        temp &= (a[0] == 1);
+        temp &= (b[0] == 2);
+        temp &= (c.SizeInBytes() == 16);
+        temp &= (c[0] == 1 && c[1] == 2);
 
-		const word64 three[2] = {1,2}, four[2] = {3,4};
-		a.Assign(three, 2);
-		b.Assign(four, 2);
+        const word64 three[2] = {1,2}, four[2] = {3,4};
+        a.Assign(three, 2);
+        b.Assign(four, 2);
 
-		c = a + b;
-		temp &= (a[0] == 1 && a[1] == 2);
-		temp &= (b[0] == 3 && b[1] == 4);
-		temp &= (c.SizeInBytes() == 32);
-		temp &= (c[0] == 1 && c[1] == 2 && c[2] == 3 && c[3] == 4);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        c = a + b;
+        temp &= (a[0] == 1 && a[1] == 2);
+        temp &= (b[0] == 3 && b[1] == 4);
+        temp &= (c.SizeInBytes() == 32);
+        temp &= (c[0] == 1 && c[1] == 2 && c[2] == 3 && c[3] == 4);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass4 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Concatenate word64" << std::endl;
+    pass4 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Concatenate word64" << std::endl;
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
-	try
-	{
-		SecBlock<word128> a, b, c;
-		temp = true;
+    try
+    {
+        SecBlock<word128> a, b, c;
+        temp = true;
 
-		const word128 one[1] = {1}, two[1] = {2};
-		a.Assign(one, 1);
-		b.Assign(two, 1);
+        const word128 one[1] = {1}, two[1] = {2};
+        a.Assign(one, 1);
+        b.Assign(two, 1);
 
-		c = a + b;
-		temp &= (a[0] == 1);
-		temp &= (b[0] == 2);
-		temp &= (c.SizeInBytes() == 32);
-		temp &= (c[0] == 1 && c[1] == 2);
+        c = a + b;
+        temp &= (a[0] == 1);
+        temp &= (b[0] == 2);
+        temp &= (c.SizeInBytes() == 32);
+        temp &= (c[0] == 1 && c[1] == 2);
 
-		const word128 three[2] = {1,2}, four[2] = {3,4};
-		a.Assign(three, 2);
-		b.Assign(four, 2);
+        const word128 three[2] = {1,2}, four[2] = {3,4};
+        a.Assign(three, 2);
+        b.Assign(four, 2);
 
-		c = a + b;
-		temp &= (a[0] == 1 && a[1] == 2);
-		temp &= (b[0] == 3 && b[1] == 4);
-		temp &= (c.SizeInBytes() == 64);
-		temp &= (c[0] == 1 && c[1] == 2 && c[2] == 3 && c[3] == 4);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        c = a + b;
+        temp &= (a[0] == 1 && a[1] == 2);
+        temp &= (b[0] == 3 && b[1] == 4);
+        temp &= (c.SizeInBytes() == 64);
+        temp &= (c[0] == 1 && c[1] == 2 && c[2] == 3 && c[3] == 4);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass4 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Concatenate word128" << std::endl;
+    pass4 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Concatenate word128" << std::endl;
 #endif
 
-	//********** Equality **********//
+    //********** Equality **********//
 
-	// byte
-	try
-	{
-		static const byte str1[] = "abcdefghijklmnopqrstuvwxyz";
-		static const byte str2[] = "zyxwvutsrqponmlkjihgfedcba";
-		static const byte str3[] = "0123456789";
+    // byte
+    try
+    {
+        static const byte str1[] = "abcdefghijklmnopqrstuvwxyz";
+        static const byte str2[] = "zyxwvutsrqponmlkjihgfedcba";
+        static const byte str3[] = "0123456789";
 
-		temp = true;
-		SecByteBlock a,b;
+        temp = true;
+        SecByteBlock a,b;
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str1, COUNTOF(str1));
-		temp &= (a.operator==(b));
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str1, COUNTOF(str1));
+        temp &= (a.operator==(b));
 
-		a.Assign(str3, COUNTOF(str3));
-		b.Assign(str3, COUNTOF(str3));
-		temp &= (a == b);
+        a.Assign(str3, COUNTOF(str3));
+        b.Assign(str3, COUNTOF(str3));
+        temp &= (a == b);
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str2, COUNTOF(str2));
-		temp &= (a.operator!=(b));
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str2, COUNTOF(str2));
+        temp &= (a.operator!=(b));
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str3, COUNTOF(str3));
-		temp &= (a != b);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str3, COUNTOF(str3));
+        temp &= (a != b);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass5 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Equality byte" << std::endl;
+    pass5 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Equality byte" << std::endl;
 
-	// word32
-	try
-	{
-		static const word32 str1[] = {2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97};
-		static const word32 str2[] = {97,89,83,79,73,71,67,61,59,53,47,43,41,37,31,29,23,19,17,13,11,7,5,3,2};
-		static const word32 str3[] = {0,1,2,3,4,5,6,7,8,9};
+    // word32
+    try
+    {
+        static const word32 str1[] = {2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97};
+        static const word32 str2[] = {97,89,83,79,73,71,67,61,59,53,47,43,41,37,31,29,23,19,17,13,11,7,5,3,2};
+        static const word32 str3[] = {0,1,2,3,4,5,6,7,8,9};
 
-		temp = true;
-		SecBlock<word32> a,b;
+        temp = true;
+        SecBlock<word32> a,b;
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str1, COUNTOF(str1));
-		temp &= (a.operator==(b));
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str1, COUNTOF(str1));
+        temp &= (a.operator==(b));
 
-		a.Assign(str3, COUNTOF(str3));
-		b.Assign(str3, COUNTOF(str3));
-		temp &= (a == b);
+        a.Assign(str3, COUNTOF(str3));
+        b.Assign(str3, COUNTOF(str3));
+        temp &= (a == b);
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str2, COUNTOF(str2));
-		temp &= (a.operator!=(b));
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str2, COUNTOF(str2));
+        temp &= (a.operator!=(b));
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str3, COUNTOF(str3));
-		temp &= (a != b);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str3, COUNTOF(str3));
+        temp &= (a != b);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass5 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Equality word32" << std::endl;
+    pass5 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Equality word32" << std::endl;
 
-	// word64
-	try
-	{
-		static const word64 str1[] = {2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97};
-		static const word64 str2[] = {97,89,83,79,73,71,67,61,59,53,47,43,41,37,31,29,23,19,17,13,11,7,5,3,2};
-		static const word64 str3[] = {0,1,2,3,4,5,6,7,8,9};
+    // word64
+    try
+    {
+        static const word64 str1[] = {2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97};
+        static const word64 str2[] = {97,89,83,79,73,71,67,61,59,53,47,43,41,37,31,29,23,19,17,13,11,7,5,3,2};
+        static const word64 str3[] = {0,1,2,3,4,5,6,7,8,9};
 
-		temp = true;
-		SecBlock<word64> a,b;
+        temp = true;
+        SecBlock<word64> a,b;
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str1, COUNTOF(str1));
-		temp &= (a.operator==(b));
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str1, COUNTOF(str1));
+        temp &= (a.operator==(b));
 
-		a.Assign(str3, COUNTOF(str3));
-		b.Assign(str3, COUNTOF(str3));
-		temp &= (a == b);
+        a.Assign(str3, COUNTOF(str3));
+        b.Assign(str3, COUNTOF(str3));
+        temp &= (a == b);
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str2, COUNTOF(str2));
-		temp &= (a.operator!=(b));
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str2, COUNTOF(str2));
+        temp &= (a.operator!=(b));
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str3, COUNTOF(str3));
-		temp &= (a != b);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str3, COUNTOF(str3));
+        temp &= (a != b);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass5 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Equality word64" << std::endl;
+    pass5 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Equality word64" << std::endl;
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
-	// word128
-	try
-	{
-		static const word128 str1[] = {2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97};
-		static const word128 str2[] = {97,89,83,79,73,71,67,61,59,53,47,43,41,37,31,29,23,19,17,13,11,7,5,3,2};
-		static const word128 str3[] = {0,1,2,3,4,5,6,7,8,9};
+    // word128
+    try
+    {
+        static const word128 str1[] = {2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97};
+        static const word128 str2[] = {97,89,83,79,73,71,67,61,59,53,47,43,41,37,31,29,23,19,17,13,11,7,5,3,2};
+        static const word128 str3[] = {0,1,2,3,4,5,6,7,8,9};
 
-		temp = true;
-		SecBlock<word128> a,b;
+        temp = true;
+        SecBlock<word128> a,b;
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str1, COUNTOF(str1));
-		temp &= (a.operator==(b));
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str1, COUNTOF(str1));
+        temp &= (a.operator==(b));
 
-		a.Assign(str3, COUNTOF(str3));
-		b.Assign(str3, COUNTOF(str3));
-		temp &= (a == b);
+        a.Assign(str3, COUNTOF(str3));
+        b.Assign(str3, COUNTOF(str3));
+        temp &= (a == b);
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str2, COUNTOF(str2));
-		temp &= (a.operator!=(b));
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str2, COUNTOF(str2));
+        temp &= (a.operator!=(b));
 
-		a.Assign(str1, COUNTOF(str1));
-		b.Assign(str3, COUNTOF(str3));
-		temp &= (a != b);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
+        a.Assign(str1, COUNTOF(str1));
+        b.Assign(str3, COUNTOF(str3));
+        temp &= (a != b);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass5 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Equality word128" << std::endl;
+    pass5 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Equality word128" << std::endl;
 #endif
 
-	//********** Allocator Size/Overflow **********//
+    //********** Allocator Size/Overflow **********//
 
-	try
-	{
-		temp = false;
+    try
+    {
+        temp = false;
 
-		AllocatorBase<word32> A;
-		const size_t max = A.max_size();
-		SecBlock<word32> t(max+1);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = true;
-	}
-	catch(const std::exception& /*ex*/)
-	{
-		temp = true;
-	}
+        AllocatorBase<word32> A;
+        const size_t max = A.max_size();
+        SecBlock<word32> t(max+1);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = true;
+    }
+    catch(const std::exception& /*ex*/)
+    {
+        temp = true;
+    }
 
-	pass6 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Overflow word32" << std::endl;
+    pass6 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Overflow word32" << std::endl;
 
-	try
-	{
-		temp = false;
+    try
+    {
+        temp = false;
 
-		AllocatorBase<word64> A;
-		const size_t max = A.max_size();
-		SecBlock<word64> t(max+1);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = true;
-	}
-	catch(const std::exception& /*ex*/)
-	{
-		temp = true;
-	}
+        AllocatorBase<word64> A;
+        const size_t max = A.max_size();
+        SecBlock<word64> t(max+1);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = true;
+    }
+    catch(const std::exception& /*ex*/)
+    {
+        temp = true;
+    }
 
-	pass6 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Overflow word64" << std::endl;
+    pass6 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Overflow word64" << std::endl;
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
-	try
-	{
-		temp = false;
+    try
+    {
+        temp = false;
 
-		AllocatorBase<word128> A;
-		const size_t max = A.max_size();
-		SecBlock<word128> t(max+1);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = true;
-	}
-	catch(const std::exception& /*ex*/)
-	{
-		temp = true;
-	}
+        AllocatorBase<word128> A;
+        const size_t max = A.max_size();
+        SecBlock<word128> t(max+1);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = true;
+    }
+    catch(const std::exception& /*ex*/)
+    {
+        temp = true;
+    }
 
-	pass6 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "Overflow word128" << std::endl;
+    pass6 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "Overflow word128" << std::endl;
 #endif
 
-	//********** FixedSizeAllocatorWithCleanup and Grow **********//
+    //********** FixedSizeAllocatorWithCleanup and Grow **********//
 
-	// byte
-	try
-	{
-		static const unsigned int SIZE = 8;
-		SecBlockWithHint<byte, SIZE> block(SIZE);
-		memset(block, 0xaa, block.SizeInBytes());
+    // byte
+    try
+    {
+        static const unsigned int SIZE = 8;
+        SecBlockWithHint<byte, SIZE> block(SIZE);
+        memset(block, 0xaa, block.SizeInBytes());
 
-		temp = true;
-		block.CleanGrow(SIZE*2);
-		temp &= (block.size() == SIZE*2);
+        temp = true;
+        block.CleanGrow(SIZE*2);
+        temp &= (block.size() == SIZE*2);
 
-		for (size_t i = 0; i < block.size()/2; i++)
-			temp &= (block[i] == 0xaa);
-		for (size_t i = block.size()/2; i < block.size(); i++)
-			temp &= (block[i] == 0);
+        for (size_t i = 0; i < block.size()/2; i++)
+            temp &= (block[i] == 0xaa);
+        for (size_t i = block.size()/2; i < block.size(); i++)
+            temp &= (block[i] == 0);
 
-		block.CleanNew(SIZE*4);
-		temp &= (block.size() == SIZE*4);
-		for (size_t i = 0; i < block.size(); i++)
-			temp &= (block[i] == 0);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
-	catch(const std::exception& /*ex*/)
-	{
-		temp = false;
-	}
+        block.CleanNew(SIZE*4);
+        temp &= (block.size() == SIZE*4);
+        for (size_t i = 0; i < block.size(); i++)
+            temp &= (block[i] == 0);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
+    catch(const std::exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass7 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "FixedSizeAllocator Grow with byte" << std::endl;
+    pass7 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "FixedSizeAllocator Grow with byte" << std::endl;
 
-	// word32
-	try
-	{
-		static const unsigned int SIZE = 8;
-		SecBlockWithHint<word32, SIZE> block(SIZE);
-		memset(block, 0xaa, block.SizeInBytes());
+    // word32
+    try
+    {
+        static const unsigned int SIZE = 8;
+        SecBlockWithHint<word32, SIZE> block(SIZE);
+        memset(block, 0xaa, block.SizeInBytes());
 
-		temp = true;
-		block.CleanGrow(SIZE*2);
-		temp &= (block.size() == SIZE*2);
+        temp = true;
+        block.CleanGrow(SIZE*2);
+        temp &= (block.size() == SIZE*2);
 
-		for (size_t i = 0; i < block.size()/2; i++)
-			temp &= (block[i] == 0xaaaaaaaa);
+        for (size_t i = 0; i < block.size()/2; i++)
+            temp &= (block[i] == 0xaaaaaaaa);
 
-		for (size_t i = block.size()/2; i < block.size(); i++)
-			temp &= (block[i] == 0);
+        for (size_t i = block.size()/2; i < block.size(); i++)
+            temp &= (block[i] == 0);
 
-		block.CleanNew(SIZE*4);
-		temp &= (block.size() == SIZE*4);
-		for (size_t i = 0; i < block.size(); i++)
-			temp &= (block[i] == 0);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
-	catch(const std::exception& /*ex*/)
-	{
-		temp = false;
-	}
+        block.CleanNew(SIZE*4);
+        temp &= (block.size() == SIZE*4);
+        for (size_t i = 0; i < block.size(); i++)
+            temp &= (block[i] == 0);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
+    catch(const std::exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass7 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "FixedSizeAllocator Grow with word32" << std::endl;
+    pass7 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "FixedSizeAllocator Grow with word32" << std::endl;
 
-	// word64
-	try
-	{
-		static const unsigned int SIZE = 8;
-		SecBlockWithHint<word64, SIZE> block(SIZE);
-		memset(block, 0xaa, block.SizeInBytes());
+    // word64
+    try
+    {
+        static const unsigned int SIZE = 8;
+        SecBlockWithHint<word64, SIZE> block(SIZE);
+        memset(block, 0xaa, block.SizeInBytes());
 
-		temp = true;
-		block.CleanGrow(SIZE*2);
-		temp &= (block.size() == SIZE*2);
+        temp = true;
+        block.CleanGrow(SIZE*2);
+        temp &= (block.size() == SIZE*2);
 
-		for (size_t i = 0; i < block.size()/2; i++)
-			temp &= (block[i] == W64LIT(0xaaaaaaaaaaaaaaaa));
+        for (size_t i = 0; i < block.size()/2; i++)
+            temp &= (block[i] == W64LIT(0xaaaaaaaaaaaaaaaa));
 
-		for (size_t i = block.size()/2; i < block.size(); i++)
-			temp &= (block[i] == 0);
+        for (size_t i = block.size()/2; i < block.size(); i++)
+            temp &= (block[i] == 0);
 
-		block.CleanNew(SIZE*4);
-		temp &= (block.size() == SIZE*4);
-		for (size_t i = 0; i < block.size(); i++)
-			temp &= (block[i] == 0);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
-	catch(const std::exception& /*ex*/)
-	{
-		temp = false;
-	}
+        block.CleanNew(SIZE*4);
+        temp &= (block.size() == SIZE*4);
+        for (size_t i = 0; i < block.size(); i++)
+            temp &= (block[i] == 0);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
+    catch(const std::exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass7 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "FixedSizeAllocator Grow with word64" << std::endl;
+    pass7 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "FixedSizeAllocator Grow with word64" << std::endl;
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
-	// word128
-	try
-	{
-		static const unsigned int SIZE = 8;
-		SecBlock<word128, AllocatorWithCleanup<word128, true> > block(SIZE);
-		memset(block, 0xaa, block.SizeInBytes());
+    // word128
+    try
+    {
+        static const unsigned int SIZE = 8;
+        SecBlock<word128, AllocatorWithCleanup<word128, true> > block(SIZE);
+        memset(block, 0xaa, block.SizeInBytes());
 
-		temp = true;
-		block.CleanGrow(SIZE*2);
-		temp &= (block.size() == SIZE*2);
+        temp = true;
+        block.CleanGrow(SIZE*2);
+        temp &= (block.size() == SIZE*2);
 
-		for (size_t i = 0; i < block.size()/2; i++)
-			temp &= (block[i] == (((word128)W64LIT(0xaaaaaaaaaaaaaaaa) << 64U) | W64LIT(0xaaaaaaaaaaaaaaaa)));
+        for (size_t i = 0; i < block.size()/2; i++)
+            temp &= (block[i] == (((word128)W64LIT(0xaaaaaaaaaaaaaaaa) << 64U) | W64LIT(0xaaaaaaaaaaaaaaaa)));
 
-		for (size_t i = block.size()/2; i < block.size(); i++)
-			temp &= (block[i] == 0);
+        for (size_t i = block.size()/2; i < block.size(); i++)
+            temp &= (block[i] == 0);
 
-		block.CleanNew(SIZE*4);
-		temp &= (block.size() == SIZE*4);
-		for (size_t i = 0; i < block.size(); i++)
-			temp &= (block[i] == 0);
-	}
-	catch(const Exception& /*ex*/)
-	{
-		temp = false;
-	}
-	catch(const std::exception& /*ex*/)
-	{
-		temp = false;
-	}
+        block.CleanNew(SIZE*4);
+        temp &= (block.size() == SIZE*4);
+        for (size_t i = 0; i < block.size(); i++)
+            temp &= (block[i] == 0);
+    }
+    catch(const Exception& /*ex*/)
+    {
+        temp = false;
+    }
+    catch(const std::exception& /*ex*/)
+    {
+        temp = false;
+    }
 
-	pass7 &= temp;
-	if (!temp)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "FixedSizeAllocator Grow with word128" << std::endl;
+    pass7 &= temp;
+    if (!temp)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "FixedSizeAllocator Grow with word128" << std::endl;
 #endif
 
-	return pass1 && pass2 && pass3 && pass4 && pass5 && pass6 && pass7;
+    return pass1 && pass2 && pass3 && pass4 && pass5 && pass6 && pass7;
 }
 #endif
 
@@ -1689,7 +1923,7 @@ bool TestSecBlock()
 bool TestHuffmanCodes()
 {
     std::cout << "\nTesting Huffman codes...\n\n";
-	bool pass=true;
+    bool pass=true;
 
     static const size_t nCodes = 30;
     const unsigned int codeCounts[nCodes] = {
@@ -1713,11 +1947,11 @@ bool TestHuffmanCodes()
         pass=false;
     }
 
-	if (!pass)
-		std::cout << "FAILED:  ";
-	else
-		std::cout << "passed:  ";
-	std::cout << "GenerateCodeLengths" << std::endl;
+    if (!pass)
+        std::cout << "FAILED:   ";
+    else
+        std::cout << "passed:   ";
+    std::cout << "GenerateCodeLengths" << std::endl;
 
     return pass;
 }
@@ -1728,557 +1962,557 @@ bool TestIntegerBitops()
 {
     std::cout << "\nTesting Integer bitops...\n\n";
 
-	struct Bitops_TestTuple
-	{
-	    // m,n are operands; a,o,x are and,or,xor results
-	    const char *m, *n, *a, *o, *x;
-	};
-	static const Bitops_TestTuple tests[] = {
-	    {
-	        "0xc2cea8a4", "0xb36e5794", "0x824e0084", "0xf3eeffb4", "0x71a0ff30"
-	    },
-	    {
-	        "0x436eb828", "0x1b375cb4", "0x3261820", "0x5b7ffcbc", "0x5859e49c"
-	    },
-	    {
-	        "0x1e5c0b28", "0x4fded465", "0xe5c0020", "0x5fdedf6d", "0x5182df4d"
-	    },
-	    {
-	        "0xeb71fde7", "0xf7bb47cf", "0xe33145c7", "0xfffbffef", "0x1ccaba28"
-	    },
-	    {
-	        "0xa6b0f01f", "0x8a8ca98", "0xa0c018", "0xaeb8fa9f", "0xae183a87"
-	    },
-	    {
-	        "0xa70bd8b7", "0x5c758cf5", "0x40188b5", "0xff7fdcf7", "0xfb7e5442"
-	    },
-	    {
-	        "0xf91af382", "0x718a9995", "0x710a9180", "0xf99afb97", "0x88906a17"
-	    },
-	    {
-	        "0xbd2a76ad", "0xddd8dfeb", "0x9d0856a9", "0xfdfaffef", "0x60f2a946"
-	    },
-	    {
-	        "0xd4b559cc", "0x91a53295", "0x90a51084", "0xd5b57bdd", "0x45106b59"
-	    },
-	    {
-	        "0x89434e9e", "0xa42fdaf9", "0x80034a98", "0xad6fdeff", "0x2d6c9467"
-	    },
-	    {
-	        "0xb947ac04", "0xd4201e52", "0x90000c00", "0xfd67be56", "0x6d67b256"
-	    },
-	    {
-	        "0xa83945c1", "0x3a9c5dba", "0x28184580", "0xbabd5dfb", "0x92a5187b"
-	    },
-	    {
-	        "0xbca38ffa", "0x881ba9fd", "0x880389f8", "0xbcbbafff", "0x34b82607"
-	    },
-	    {
-	        "0xfcd0b92", "0xeaad8534", "0xa8d0110", "0xefed8fb6", "0xe5608ea6"
-	    },
-	    {
-	        "0x50d160d0", "0x64646f75", "0x40406050", "0x74f56ff5", "0x34b50fa5"
-	    },
-	    {
-	        "0x165ccff8", "0x67d49127", "0x6548120", "0x77dcdfff", "0x71885edf"
-	    },
-	    {
-	        "0x8c4f4bbb7adaacb5", "0x2566b7a909b24aa9", "0x44603a9089208a1", "0xad6fffbb7bfaeebd", "0xa929fc127368e61c"
-	    },
-	    {
-	        "0x6f9ef50aafb31e8d", "0x7a93b2ccd1bbbff2", "0x6a92b00881b31e80", "0x7f9ff7ceffbbbfff", "0x150d47c67e08a17f"
-	    },
-	    {
-	        "0x4c99e967f8de5294", "0x1f4699e0c14e6974", "0xc008960c04e4014", "0x5fdff9e7f9de7bf4", "0x53df708739903be0"
-	    },
-	    {
-	        "0xcc55f5d6d3ea45c", "0x6805b4ddb6390c2f", "0x805145d2438040c", "0x6cc5ffddff3fac7f", "0x64c0eb80db07a873"
-	    },
-	    {
-	        "0x90620d1a012459e7", "0x89d31098ce3fed42", "0x8042001800244942", "0x99f31d9acf3ffde7", "0x19b11d82cf1bb4a5"
-	    },
-	    {
-	        "0xb87d1674e90a935a", "0x75ea466cbb782ac4", "0x30680664a9080240", "0xfdff567cfb7abbde", "0xcd9750185272b99e"
-	    },
-	    {
-	        "0x1f135732240701f0", "0x6aa09a1614bf4dd4", "0xa001212040701d0", "0x7fb3df3634bf4df4", "0x75b3cd2430b84c24"
-	    },
-	    {
-	        "0xc9a88d8300099a31", "0xdc8e91df745169ee", "0xc888818300010820", "0xddae9ddf7459fbff", "0x15261c5c7458f3df"
-	    },
-	    {
-	        "0xc8c828d15228b562", "0x43f86cffa3d15d80", "0x40c828d102001500", "0xcbf86cfff3f9fde2", "0x8b30442ef1f9e8e2"
-	    },
-	    {
-	        "0x41fdc0bc2009563f", "0x59dd1c417e3c07bc", "0x41dd00002008063c", "0x59fddcfd7e3d57bf", "0x1820dcfd5e355183"
-	    },
-	    {
-	        "0x9e2f78600c3a84e7", "0xac69a0e1fe7887b0", "0x8c2920600c3884a0", "0xbe6ff8e1fe7a87f7", "0x3246d881f2420357"
-	    },
-	    {
-	        "0xd424d1d9a955f617", "0x9608f5bde1c4d893", "0x9400d199a144d013", "0xd62cf5fde9d5fe97", "0x422c246448912e84"
-	    },
-	    {
-	        "0x1aa8b60a0627719a", "0x5b26e6aca95f5f60", "0x1a20a60800075100", "0x5baef6aeaf7f7ffa", "0x418e50a6af782efa"
-	    },
-	    {
-	        "0xcf5db499233fac00", "0xf33e7a29c3c33da8", "0xc31c300903032c00", "0xff7ffeb9e3ffbda8", "0x3c63ceb0e0fc91a8"
-	    },
-	    {
-	        "0x6b47c03d576e878d", "0x2032d13574d67da4", "0x2002c03554460584", "0x6b77d13d77feffad", "0x4b75110823b8fa29"
-	    },
-	    {
-	        "0xd47eeb3aefebf074", "0x6d7ba17a42c66b89", "0x447aa13a42c26000", "0xfd7feb7aefeffbfd", "0xb9054a40ad2d9bfd"
-	    },
-	    {
-	        "0x33ad9c5d20b03f5c05535f20a2941c8f4ae0f1f19500759151060dce39e5dfed41ec4f",
-	        "0x277401dc000fde7eda4d60a5698935f7febd8fbe49e5d6f56ca2e7f6118380d3cd655da392df3ba6c1b13dc0119af34cfa1d18a65",
-	        "0x10a9841c002016480453410020041c8640c0312191006411110401082924cfa1418845",
-	        "0x277401dc000fde7eda4d60a5698935f7febfbfffcdf7dff7fde2f7f7f38ba9d3cdf5ffaf9fdf7ba7d9b53de0ddfbff5dfedd1ee6f",
-	        "0x277401dc000fde7eda4d60a5698935f7febeb5678c37ddf69962b2c3e389a9920591f3ac8dc66ba198a42da0cd796d1104c90662a"
-	    },
-	    {
-	        "0xb6ea335c13111216862e370d12fb9c761a6266617f62a1904b0d7944ab3cddc71f11752ad9424b0",
-	        "0xa6b380f048a9cbe45ff4ea824064c831eb03ff875e1e3e",
-	        "0xa62200104028090410d480020044c831e1035285140430",
-	        "0xb6ea335c13111216862e370d12fb9c761a6b7e6f7feabdbe4fff7fecaf3eddc71fb17ffafde3ebe",
-	        "0xb6ea335c13111216862e370d12fb9c7610095e6e7be83d2e0ef237ec8f3a914401a14ad2aca3a8e"
-	    },
-	    {
-	        "0x8fb9486ad1f89ca5b3f6da9f0d5ef9ec328b8cc3e5122afbd8a67bd1b2b4ab5c548b90cf9fe1933a0362922f1e84ef0",
-	        "0x10615f963dffc13718ed1ecdb9cfbef33148befeb91b190dc7e7d28d8821ff248ab26a34e1b89885c643e447c72",
-	        "0x6051901ca58136188d0c4cb9cc32830040a412281b180443c192848800540080820a208138000082030404c70",
-	        "0x8fb9586bdffebdfff3f7daff1fdff9efbefbbdcbfffebbfbd9affff7f2bdab7dffaf9afffff5f3ba9be7d66ffec7ef2",
-	        "0x8fb9580b8e6ea15a72c1c272139340238c78bd8b5bec93e0c1abbc366039237dabaf1a7df5d572829be7546cfac3282"
-	    },
-	    {
-	        "0x10af96443b186faf790279bf3bbe0517d56ffc01e7fec8c88e765d48cc32333390224f4d762d1ba788c50801cba02524cb49",
-	        "0x95d44e7344fb1701bace3ae83affbb6290bf282f7565b9a82c386823f5f213a53eccb2cfe5deb4dd040067a64ada8c1b6828599b96cc70647e7d19dc7dfba393addabe689ffbe1a36642bc9844b81c6c4c2e178",
-	        "0x2c96442b084000000260ad288004028509b800c70640c080144548883032118022094d3608122408c1000181800400c148",
-	        "0x95d44e7344fb1701bace3ae83affbb6290bf282f7565b9a82c386823f5f213a53ecdbaffe5dfb5dffef7f7a7dbfbbffb797d5fffd6de7fecfefdfffdfdffe3b3bffbbe6cffffe3f3fe7abcd8c4bcbe6e5e6eb79",
-	        "0x95d44e7344fb1701bace3ae83affbb6290bf282f7565b9a82c386823f5f213a53ecdb836819d055bfef7f781d12937fb39550f6456d20f88f2f5feb9a97760b09ee3bc4c6b2c8372dc3a30c8c4a4a66e1e62a31"
-	    },
-	    {
-	        "0x5fc77dab8cd9c1da8c91eb7ba9c23ce85375b61bf3b9a8c4e4df7bc917aa8a14e747888c9756a2be2fd2e256e44194ce093a0185594de0dcf8340c45b6af7dbdc7682fbef6313f9f1cb234689d9f1ff603e1273faad89d0fe1ab57fbc7c32d29dce125fafc973754464b55ae5de58a8a5661c2065b95c2c94d7ec34",
-	        "0xd4a9158961d4c11258cd047eda13d6804c16c3a374b7f4115bd835bde0b5",
-	        "0x1080158800548100504504649012c480480081221420641158081495e034",
-	        "0x5fc77dab8cd9c1da8c91eb7ba9c23ce85375b61bf3b9a8c4e4df7bc917aa8a14e747888c9756a2be2fd2e256e44194ce093a0185594de0dcf8340c45b6af7dbdc7682fbef6313f9f1cb234689d9f1ff603e1273faad89d0fe1ab57fbc7cf6fb9dcf73dfefdb7bfd447eff5bf7de5cbee7e77cb7f5b95ffcb5ffecb5",
-	        "0x5fc77dab8cd9c1da8c91eb7ba9c23ce85375b61bf3b9a8c4e4df7bc917aa8a14e747888c9756a2be2fd2e256e44194ce093a0185594de0dcf8340c45b6af7dbdc7682fbef6313f9f1cb234689d9f1ff603e1273faad89d0fe1ab57fbc7ce67b8847738b6edb2bb8401a6f49335e14be66c5689791a807f4a16a0c81"
-	    },
-	    {
-	        "0x52cbea1f4d78445fb8f9267203f0f04bddf65b69b1acb0877143e77317f2d9679cb",
-	        "0x331e156a1e1daa0039926a08ec80c2d7c1500bc435a53ebfc32fa398a3304fcd79d90725528e320add050da666b9de42b8307b",
-	        "0x88421a41684412b839023200f0d00990725128a120a0805042666315e0090304b",
-	        "0x331e156a1e1daa0039926a08ec80c2d7c1552ffeb5f5ffbfc7ffaf9ae7307fcf7dfddf65f69f3acbdd771dbe77b9ff6fbe79fb",
-	        "0x331e156a1e1daa0039926a08ec80c2d7c155277a9451e93b86d42c0ac41070c27d64d840e41528c1d57219981188a16f2e49b0"
-	    },
-	    {
-	        "0xbde7e20f37c3ed822555d36050240dcfb5a9a3867d149cffe78e92b95573cbdde33a8c9495148e04cafa1325aae058b4a98c50f7019de1345de6dce12436bed4b86eca2d",
-	        "0xee480b4096f0c1ac565d623dd53b62dba81c507d3c8e15372396fa49de0ecf074fb0ed1785f00f8094022ff50fc436a7cbd18de8ff317c33ea9bdbd8814a7658fcd1fd10b2ed10eaf7e4c2b8f409df3c36f1f0c986a49805a9ed08bbcd603e2eec9e18",
-	        "0x547a00d1781e0020014022050040406a58981846814107c238a929950014a544038809410108c00caf20000a8e00894280450f00184a01005a0cc0020042014286c8a08",
-	        "0xee480b4096f0c1ac565d623dd53b62dba81c507d3c8e15372396fa49de0ecfbfeff2ef37c7fd8fa5d5d36ff52fcdffb7ebf38ffdffbdfff7ee9bfbddf3cbfffbfeddfd95b6ef14eafff7e7baf459ffbdbef1f7c99fe5bc5deffde9bffffefebeeede3d",
-	        "0xee480b4096f0c1ac565d623dd53b62dba81c507d3c8e15372396fa49de0ecfbaa852e220461d8da5c1d14fa52bc9f91262720b95ebad83d46409628df281abbbc65d6985a66314200df7e71214516b95baa107c81b45ac584f31e99ffbdeea96825435"
-	    },
-	    {
-	        "0x17ed0a1aa80542396e82ab79f6d4dda731d10f9487467fcfa5c8b501fa86488fbe268605c01beb257c9e301a42833d22965ea2ff0eda5f18427481a300a8f9aa81e76d774ea1dbed40268eca094bef627d2c206f6885fc12f71557bfda836",
-	        "0x422340e8ff3b4177efa5f58111fe306aa602d8020164fa34c12acdb3de81e",
-	        "0x2340604e21416540248480014a2062240000020004f810c10045b3da816",
-	        "0x17ed0a1aa80542396e82ab79f6d4dda731d10f9487467fcfa5c8b501fa86488fbe268605c01beb257c9e301a42833d22965ea2ff0eda5f18427481a300a8f9aac3e76dffffbbdbffefa7ffcb19ffff6aff2ef86f69e5fe36f73fdfbfde83e",
-	        "0x17ed0a1aa80542396e82ab79f6d4dda731d10f9487467fcfa5c8b501fa86488fbe268605c01beb257c9e301a42833d22965ea2ff0eda5f18427481a300a8f9aac3c42d9fb19a9a9aaf837b4b18b5df08db2ef86d69e10626363f9a0c04028"
-	    },
-	    {
-	        "0x290796408a0b8baa742b9d466afc4958528f7976fdce50caa83ed63285f58d200e4c65842ea24c3d4a3850a1824b61d25af9d3b41b9e64407a5262a75d9efd08481cfbc339ae26b0755438894b9e2298a35ed9",
-	        "0x4cb6f7935f5cc586320c6ce957f82cff774cde7d4201735a5acd22190fcb1c9c16d1887a",
-	        "0x4012f193141884040008406007580cfd00481c794201220210450018094b1c0010810858",
-	        "0x290796408a0b8baa742b9d466afc4958528f7976fdce50caa83ed63285f58d200e4c65842ea24c3d4a3850a1824b61defeffd3ff5fdfe6727e7eebf7fdbeff7f4cdeffc339ff7efafd76398fcb9ebe9ef3defb",
-	        "0x290796408a0b8baa742b9d466afc4958528f7976fdce50caa83ed63285f58d200e4c65842ea24c3d4a3850a1824b619eec0e40eb475be272763e8bf0a5b2027f04c2868138dd7ceab87621868082be8e72d6a3"
-	    },
-	    {
-	        "0x14e55ecb09d8c6827022df7c713c05a5d882e25782",
-	        "0x2dbdb54cb6341fcea6f67cfaa5186aa0a91b9782e362cbb0dd0ef3cbc130ce0cb2ce7232c0562",
-	        "0x10600e020898048060209c1000200124c002200502",
-	        "0x2dbdb54cb6341fcea6f67cfaa5186aa0a91bdfd7eff2dfbcfd2ff3eff7f7dfccfadffa3ee57e2",
-	        "0x2dbdb54cb6341fcea6f67cfaa5186aa0a91ad9d70fd2563cb529f1e636f7ddcce893fa1ce52e0"
-	    },
-	    {
-	        "0x2b0dfd23fc740e1759697bcba800aa1be7df28c59fe72b9869766ac34ecb4e5d0dbc74c2cbb5f734bb8d38dab59c3f22cdc706c657839580c2793c4c7660606548c048a697db3dfbad82e695c605",
-	        "0x33080f6fd52aeca572f24a98ff19b9e7327c3b951ccfd8c9a6b9bd6f7c940079e4be88178a2a6d5a2b17",
-	        "0x30007249108288030900a00cd0100c612001180004918482620206548800020849a0813880264100205",
-	        "0x2b0dfd23fc740e1759697bcba800aa1be7df28c59fe72b9869766ac34ecb4e5d0dbc74c2fbbdff7fffaffcfff7fe7fbaffdfbfe777ffbf95defffccdf6f9fd6f7cd448fff7ffbdffafaaefdfef17",
-	        "0x2b0dfd23fc740e1759697bcba800aa1be7df28c59fe72b9869766ac34ecb4e5d0dbc74c2f8bdf85b6ea7d47fc76e75ba32debf2165ffae15deb6e485d0d9dd0a345448df7365b5ec27a88bcfed12"
-	    },
-	    {
-	        "0xc0cc21922748d7626df1ab92b4ad4df1861050ca7de74adb92a140",
-	        "0x3531a6880ccc47bc3826056efe912f3db02df9c0b6931e253ab9248f472359fe59218690f6781f35da89b8f1ff45cd5a1db9a414c9d7ec62ff5859a1572b1c1880a99aa74ebe8b12c68e791c11dd6cc0e5ed5",
-	        "0xc40192054091400800898234a948b104004080410542c8020040",
-	        "0x3531a6880ccc47bc3826056efe912f3db02df9c0b6931e253ab9248f472359fe59218690f6781f35da89b8f1ff45cd5a1db9a414c9d7ec6effda59a377af7e3edfbbbbaf4efedf1ae78f7dbfdffdedf9effd5",
-	        "0x3531a6880ccc47bc3826056efe912f3db02df9c0b6931e253ab9248f472359fe59218690f6781f35da89b8f1ff45cd5a1db9a414c9d7ec6ef39a408323a66a3e5fb3238c046a540aa78b75bbcfa9c179cff95"
-	    },
-	    {
-	        "0x68cbb0a526d1fa61003e12401db51090fa4649b00b7be7465d0eb18f74c86157a919",
-	        "0x1ca7d6f9bc3e11d3c365af63bf9499b6c7e9c569da7361f0214b8d",
-	        "0x1610001c111080600641b00019a6464904218a704060010909",
-	        "0x68cbb0a526d1fa7da7fefbfc3fb5d3d3ffef6bbf9ffbf7c7fdcff9df77e9f177eb9d",
-	        "0x68cbb0a526d1fa7da7e8ebfc23a4c3539fe92a0f9fe25181b4cbd85507a99176e294"
-	    },
-	    {
-	        "0x210bef18d384992c5eb72e2b362c7296d9810f5ba9fd25e2d5648989d65095e45d1478f2a83140a0f68033a08fa3d7c392a3dc77e8e6aeba9ed76038e9e7825255fac990bf1098e6f9cba0",
-	        "0xdb48641b3f63e5f1f41ff3b1578c4b190de42379d45cba03c4c6f34b1b14ea930fdff90dca53116710228e45b081fbddc9273a542e6f689642453adb91086bdb99681342113262d67f5517f2691024fe367459b01872549211067798063cc00b16c883b8cd2ffaa6d6116863f204bb23ce26c5bcdaf3e1b816dcf65ca",
-	        "0x21014200d280002452a52800062c309681000113202d25e051640081024081644510008220010000660000208c00914080238c52e8a22c201686202049a20042445ac9803e108064c94180",
-	        "0xdb48641b3f63e5f1f41ff3b1578c4b190de42379d45cba03c4c6f34b1b14ea930fdff90dca53116710228e45b081fbddc9273afeffef78dfd2c5fbfbf3bb6bdfb96d9b52f5baffd67f7d57faf99d65ff7e75d9f79f7ad7961b0f7f9b3e3cfa3f7ef9abbdcf7ffeeeffb9ed77f38ebf7bef27dfbcdbfbf1b99efffefea",
-	        "0xdb48641b3f63e5f1f41ff3b1578c4b190de42379d45cba03c4c6f34b1b14ea930fdff90dca53116710228e45b081fbddc9252aeadfe250dfd080d1a973bb091cb0058b52e488fd04217841baf18d41f7683188f79758d7861b091f9b3c343a366af1a9850a5174cc3db88515f18a255beb039a1043f810b198b36ae6a"
-	    },
-	    {
-	        "0x143143205d76a7287d48be24db8fbfe37c291d82e103aa05cfc172fb920f0e8cc15c47de948b964e39be34a5b8a2610198c0c5b98543e6e727be153cfff0338f229cc22f029e04f766c62988634fee1a0a16880c93e5b10bada4018b6765b54c08f5710344dbfb9e9ad5dd7914cab496b22a6",
-	        "0x2d58b8b513f4bceb8300f8b978e31c163f36155e9678bb0f221ee7cbcf7262b9d53c7a395ea916218fa2478baada74f3e69df63a7be0c9554c07004f9e4d869642bbd63a9fe07138a6aef7ad14c74231cf6401c597f9b6d15c266c42c28613838609bd4f4522c9eb65fc8456acc339c641ac7d7b7bc2c48c8f2",
-	        "0x100201970a308140836045a8638a30c201c82c103220089c1307a100e0804010c0246808a924431a614a4382260011040050005024486060211143a902001208482270014044220c620004107e8120014000c02c080038184018947452048086570004488c31882418c79104a8084800a2",
-	        "0x2d58b8b513f4bcffb343f8fd7ee73c7f7fbe35df9ffffb7f2b1fe7ebcffa67ffd57efbbb5faf9ee1dfe7df9fabde7efbfebdf7bafbe1c9ddccc7b9cfdfefe7b7febffefffff3ff3abeeeffaf9ec7f777cf6d89e7dfffbedb5eae6cd3e7b71bafa609bf6f65b7cdebf5fd8756fffbbfded5fd7d7ffbf6d6beaf6",
-	        "0x2d58b8b513f4bcffb243d8e40e44346b7788318519c758730b03652accd86776144e81ab51a79ae0d3e5991f214c3aca58a95382d981c8cd8cc2b9caddab61b1fcaeeac56fd3fe1a3a6cd8af8ac3b557094d89a6d817acdb4aae60d12737182e22083628209785e3908d87127738a75c9471046fb176523ea54"
-	    },
-	    {
-	        "0x258e988b847b06b73462629161e28517f7b9ad7b5c19a9ad2c07f9a66f33fb2220fddb5a33b9cd5c2d63fd543efa1bef16e26b95484d70d0d7cfce28491ace0a608fb6cf9e97cb88d73c96c9150f9ef53c5e75bd68805fdce891e5935e9428ca67eba1e345148fcf2",
-	        "0x1857c0e26e0476169cf804c8d5a431022cce0da75d7642a2414a900370f201f5073c7e700ff6626fbd8a104182954fa9f23a45474af5456a00e36f6a6c8162afdf7492d387a455dd8506167d5cc24e6861d7b480b1458230",
-	        "0x1812c0a04000121280780040d12430020ccc05a319144082400a900360a000f10624385004d6000d3c880000808440a0003a44414874000800c16c0040816203c56412d2800455cc8106103548420c206092140011408030",
-	        "0x258e988b847b06b73462629161e28517f7bdfd7f7ef9efed6dcff9eeef7bfb3222fdfbda77ffed7e2d77fd543fff3bff56f3eff748ff76f6ffdfef2c593bdefaffafb6dffebfdfdef73eb6ffb7cf9efffdff7dbd78fa5fddf8d1e5f7dfdc2ceee7fffbeb4f14dfef2",
-	        "0x258e988b847b06b73462629161e28517f63cd1757af9eecc45c879eae269b83202313b80466ea9760977545409f53bf04691ac7248b216f62c176f2c51339af0ffac129bea389fde7732a03fb3c788dfc1a93c9050fa1a8130c184f48b580c2ce1f6daab4e00d7ec2"
-	    },
-	    {
-	        "0x328edc02c67d84bf095ac048e50c2dc29cffc08184b11e4da02904be14eccd317e9f6bdd6fe2b8233e8928d65d4ad434ef8a629cae6013bfb3c54be167e16371dc6412b62c2b1213424dfb7d391cea8a7494a28576ce823d8e111994182909efba7dd3533dbbe510dab4ac5ef",
-	        "0x61a1365a1226597896c514f5bb16a064f6ff6982ac91ea568daa43e473aa63867bdb628e92e97ebd4f2091",
-	        "0x4121224210201020968510918a00a04042284100a801c84001884180108a63865911228a92410ca94a0081",
-	        "0x328edc02c67d84bf095ac048e50c2dc29cffc08184b11e4da02904be14eccd317e9f6bdd6fe2b8233e8928d65d4ad434ef8a629cae6013bfb3c54be167e16371dc661ab76dab3277d7cdff7d7f5ffbea76dfeff7feeecb3faf79dbb43e6f3befba7ffff73dfbef97fbf4fe5ff",
-	        "0x328edc02c67d84bf095ac048e50c2dc29cffc08184b11e4da02904be14eccd317e9f6bdd6fe2b8233e8928d65d4ad434ef8a629cae6013bfb3c54be167e16371dc6208a5498a3076d5c4972c76475be072dbcd73eee44b232b79c330266e3349821a6ee51552cb8731605e57e"
-	    },
-	    {
-	        "0x37a92944b67fae733d201c024838975531bc3f748d98089eed38faed40c9463441cf48ac40e98097ce75db2bf0120ef69087a176d31d562cc99137c67e4a659cbb1298ba150aa191ced4089deee7048511de602414936af93cb2cef1b7ee801d9b75d961d33bb2958669b16193abf7b55ccfebac3a490415128dac92",
-	        "0x6fb8d83d986c4604db1b9396493a0a68270806cdbcc3299a049ebe77bd6891258e6313c720fb1b30ae9c4387ba51db3325e15033d9e01d499707c138b4cf4b85032da65e9ce3aabc5effbf7003771476ff71e86f665d2d3e7578dfcbb8f08c1619f609ec147f0",
-	        "0x88c811882c440490030014400a0008000804c51c822900008e2800380001218462008100780320a6184381280181102001102140801c4810004118a4024101022d824a0ce30a3c4801993001161432bb2148660214093a357855c8b8b080041040012810490",
-	        "0x37a92944b67fae733d201c024838975531bc3f748d9efb9feff9feed60cdf7bd79efdbace6ebf097eeffdf3bf9b24ffff7fff7ffd35df63dfdf33ff7ff4aeddcbb7bbdbfb73aff95cffd9e9dfeff74fd13df6cf4bcd37afb7dfbcefbbfefefffff75ff71d77ff79f86fff5f3d3eff7bdfcffefacfb699f759ecdeff2",
-	        "0x37a92944b67fae733d201c024838975531bc3f748d9ef3136ee17c292084f78d78abdb0ce66bf017a2ae171969b2471d77fc77ffc145b01df5e33877cd408c5883693da7a638ff84cde9969c3a7e74f902552cd0acc35823595b00cb1c2b6fe66c75ee109454458b009fd4b3404ca038a07464a4fb289b758c4ceb62"
-	    },
-	    {
-	        "0x1ab020d8beb54c354411f3a5658b5e5e87a896d7049c5eab20a302b6e35ca98364d7edd00eb3e209dcb035fe4b6eeace4e525229bf790c67bae63821e1282712d7c624efa64b3e5ad1a73aeb1033d4cd5949d63183173632445c9f488e74cd",
-	        "0x4d706a200a7a70e0b6eeef2dbdb88779dd50af16e6405c17fd2c2efb5493cf13b730207a009a14ca150042af3e6b7f05230161a10073f87a56afede3c2cfd09857f78d7913cdd966e9a2e6e6e3",
-	        "0x45000000a2a20a002a6e30ca9800451cd500e12e2005c10352c0a6a40824e1212202078000210c21000402826025704200120010052d02212ab0023c0cd5008563181111200404489008664c1",
-	        "0x1ab020d8beb54c354411f3a5658b5e5e87a8dff76ebc5efb70e3b6feef7dbdbbe7fffdd0afb7e649dcb7fdfe6ffffedfcf53f739bf7b0cffbeee3d21e3af3f7bffc727efe7eb3e7bf9ff7eeffdf3d6cfd9d9d7f78f7f37ffdd7effeaeef6ef",
-	        "0x1ab020d8beb54c354411f3a5658b5e5e87a8dba76ebc54d15043b4580c71143be3ae3080a1a5044980a7c8d26595be5d8141e5199f030cfdae2c2d21a3871979a8c307eec7ea3e2929dd6c44fdd0160289d181c60e6e25ff9d3a76ea68922e"
-	    },
-	    {
-	        "0x85993ec08ac960d46bcba87136f24042485c6d3e0a9973e828df60e537860d6bc83dafa7fb292beef466d0a939ab9da2b",
-	        "0x4c9a310b11d6e4b4d29d7ede30fb42161fd6a58792440f416abda6df55913a8a26c35140524de5dd9519c30f19641f4f0863bfefc2ae6c89333dd77d6f688cffcbde281772cee0dac9bb0dd16b6c1d33fa7e39b2e781896dcc2b0aba3abedf1381f9f38eb210f5bd2001ea8453ceb136dc3915fabdc30709db0b1a07ec40be",
-	        "0x811926c08a08601002c8803022a2004040180d1e0889210808d2000420040c6b002d83815b290820700490a1202a8402a",
-	        "0x4c9a310b11d6e4b4d29d7ede30fb42161fd6a58792440f416abda6df55913a8a26c35140524de5dd9519c30f19641f4f0863bfefc2ae6c89333dd77d6f688cffcbde281772cee0dac9bb0dd16b6c1d7bfbfe39bef78dcffdfeaf1bff3ebeff97c7fbf3afb73ef7bdf60ffbfc73debdb7defb7ffabfffef4fff0b9b9ffddabf",
-	        "0x4c9a310b11d6e4b4d29d7ede30fb42161fd6a58792440f416abda6df55913a8a26c35140524de5dd9519c30f19641f4f0863bfefc2ae6c89333dd77d6f688cffcbde281772cee0dac9bb0dd16b6c156a6992311e718ccfd176ac19d51ebafb96472a1327252e7730d60fb9fc33180db506c36a482f7de84fb601899d559a95"
-	    },
-	    {
-	        "0x4d9f3e8aae22123e382e7835d3d9d7e944a5c81cab3415fda40d0ec8fde8a50d8b21b2298f83a65bbdb10d120d302d8db4e9807715be0e",
-	        "0x4dacc1a6f2cecd4179556cbbdfe1cedbc952de5232ff1fe1ae9c0c3bbfcd9087e4ed5bcd1f8c289b1456ef032d888",
-	        "0xa48104308c4c004854008a93414eda4050cc02128a10c0a2180018b8080083c00051001300089b0410070109808",
-	        "0x4d9f3e8aae22123e3cfefc3ffffdfffd57b5dedfbffe1dfdbc9d2fedffeff5ff9be9f2ebbfffff5bffffddbeddf8ef8db5edeef737fe8e",
-	        "0x4d9f3e8aae22123e3cf4b42fbcf53b3d53309ed716ca09101898232ddec754f391c872ea347f7f53c3ffd8aedcc8ef0405acee87276686"
-	    },
-	    {
-	        "0x28d61d5ca1f56b4d3134009f478b17ac208a5b559d9c3726a7a16919e3b12ec6d61a142dc04d834141a9a4",
-	        "0xb444947aba00d50e10326ebea7a2618a10144dde07c15c685d4785eae16d232eb741bc2a09b7cf794a33ed3598803ad61af",
-	        "0xc00104a1e06a041020000445801404008050501c8c160222a16019c2a00a44d610002cc04980010121a4",
-	        "0xb444947aba00d78f71f7eebff7b6f39b501dfdfeb7fbde68fdf7ddfbe37f6b7eb7d1be3b1bffef79eb73fd35d8b43ede9af",
-	        "0xb444947aba00d78371e7a4a1f116b299501db9a6b6bb9e60f8f2dc33221f4954a1d022111b5ba218eb71313140b42ecc80b"
-	    },
-	    {
-	        "0x1b9a0b9c87fa234d05d06e18171cce3f8fc4adf7f75a402c4c5a281f46e714b96badab2184546aa11a7be482616cbb973da00e329628d3e692b69b43d34391884d87fcd64e2339fbb30044a370fffde97a128d1e5",
-	        "0x7d641e556550c3ddb89ee553cbc0d8d92cdaec6519a2ff3bd792e0b309c24cb49056fb219ef4dfb2a72e76ac7df3407a44e55af5689e9c85c87e74d542dfb445f56a0a518c",
-	        "0x78640a55655080008084a001c0405049049ac8201800462a1182a000000248b01052002108608d32212a60a43d30001804c05ac56082108588300440020fb4449520085184",
-	        "0x1b9a0b9c87fa234d05d06e18171cce3fdfc5edf7f75e7dffcdfe7d3ffeef9dbbefafef719e7ffbbd7b7fefb2fd6cfbdf3defbe3bff6dfbeef2f7fbc7df7797ac4fd7ffd6cfebf9ffb7e74df77dfffdff7eb2ad1ed",
-	        "0x1b9a0b9c87fa234d05d06e18171cce38598548a1a2567df7c5b47d23faea992ba6036d701e7b991c6355efb2fd4870de38cfbc2b796528cce051f1840c77962c03d25380c7caf1a734e709f75d04b9b62cb228069"
-	    },
-	    {
-	        "0x142cd4c71f04927a526ca430e542cd9432860",
-	        "0x1337869f6c145daf15b226485ef3c48b8037bf7cb2cc9834153b90f55d4217a5e4a9ea133",
-	        "0x142c90c41804103a106404000500c48022020",
-	        "0x1337869f6c145daf15b226485ef3c48b8037bf7cf6cf9f34977bd2fdfd72f7e7edbdfa973",
-	        "0x1337869f6c145daf15b226485ef3c48b8037ab50660b87308741c299f972f2e7293dd8953"
-	    },
-	    {
-	        "0x4f517f63e95a08284faaf4d4a290c334fc5d039e386727ddbb5d0a6d5fbb5540e97767023d60bedd158ed25051a6c56",
-	        "0x9e2c9c6d2e3be2ad25733871aeba4ba64081294478f936f9c4fc45ada6bb2c098c98f21e709a88995cc3b0cf7e693f8e73f58f8f4735c81e8421182fc15426174f3b6da7b493135c",
-	        "0x4f405a4269120008498a20c400808114cc190096200320c53b5808645318014040110200154020541186d2504120054",
-	        "0x9e2c9c6d2e3be2ad25733871aeba4ba64081294478f936f9c4fd57ffbebfac8b8cfaff5f7abb8cbb5fc7f0ffffef7ffffbf5dfafd7fffd5e8eb77e7fe3d62fffdf7beda7b59b7f5e",
-	        "0x9e2c9c6d2e3be2ad25733871aeba4ba64081294478f936f9c009525b982e8c8b08625d533ab384aa130660f69def4df3a8405f2992ce7d4a8ab66e5fe2822dfa9e638082b1897f0a"
-	    },
-	    {
-	        "0x1713f8f439c07e35b741ec9b0bca80149a7ef129c73c23c34b4515d29dc7dec711007fa395ced70f3bebc6d229edb75bf04231f2414e0a826f3edae4edcf770d59650cc252c6a2eff07fda9baa70938085d1e15144a451d26304d8f3df2406b8eb40f4fae3666780d2e54cd93a5f17439a4d3656dc5d48",
-	        "0x328df4b64b0bd0fbea359666904ea4aa215b03727a70bda853b6cf612b12c3d56ee93b003bd00a7b9c1d6755f580b467deba33bf7f33da4c37fffe79e73e4381ad4bf1306d1b58f5eb276cae813d6f9153d1294c51098d37b3b80154da",
-	        "0x108094864a0310006a219446900e20aa005201603250b00011b241400a0243144ae02900330008610c004244a080b067da9a22301300804021514420411243008843d12004184840e02260260100428140d1284c110188053210005448",
-	        "0x1713f8f439c07e35b741ec9b0bca80149a7ef129c73c23c34b4537dffdf7dfcfd1fbffb797eed74fbfebe7db2bffff7bfdea73f6cf6f2b92effffeedffcf7fdd5b7f9cdf77d7f7eff47fdebbbbffffb3dfddf7fffefdf7fe6385fdfbff346fbbfbf5ffffefeee7bdfff55fd93b5f574b9f7fb7fedd5dda",
-	        "0x1713f8f439c07e35b741ec9b0bca80149a7ef129c73c23c34b45275f697195ccc1fb959603a847419f41e7892a9fcd2b4dea62448e2f2190acebb40dd6cf4cdd531e90df3593576f4418042199cfecb35f9dd6aebaddb6ec208575b82e146ba3b3b51fdd8fc8e6bdbd741f081313464a177a85eedd0992"
-	    },
-	    {
-	        "0x68bc9c8f8257c6c88c0b2d46defc4539748fb906140acbf1a68820d1748bfc13ec84619f2b495d1ce74e0ca441a246497",
-	        "0x2d30db90794c4b611858b19c973ea865904346738291751ba5fccc5cbf02c09876aca6bf23289174f545ad8039e0fbcefe359521dfc9681a7715e672fdc23cc446c7900851d2ed09568729c88bf9653c63f7e229893f31059e8b51924a54968d44e5bb26decae3159ce786d9b3a1454c6d6cb8108d22bd5111d2cc7eddb",
-	        "0x68241c03824200880c0105068a50000854868904040a02d0828000906482d813a004400d2808100c220c0000408046493",
-	        "0x2d30db90794c4b611858b19c973ea865904346738291751ba5fccc5cbf02c09876aca6bf23289174f545ad8039e0fbcefe359521dfc9681a7715e672fdc23cc446c7900851d2ed09568729c88bf9fdbceff7f7efc9bf3b2ddedffdd77b749fbd46f5bbefffeeeb35ddf78ffdb3edc56dff6ff95d9de7ff5db5d3ee7eddf",
-	        "0x2d30db90794c4b611858b19c973ea865904346738291751ba5fccc5cbf02c09876aca6bf23289174f545ad8039e0fbcefe359521dfc9681a7715e672fdc23cc446c7900851d2ed09568729c88b91d9a0ec75b5ef41b33a28d855add77320193442f1b1ed2f6c6b354d930d25a04dc12df247f14d91c5f35db5936e3894c"
-	    },
-	    {
-	        "0x6eef644a36b1e052a413160909a537f81d46b2d330981f507d84737065541b5bb5faebfa8491dcd0347fbe498a501e254b91f6d82d6771a69d0aee5a490e2a44a8ba4f5da963d70b486f36f4a65f372a6a60522cac6e6a01d1a2da8743d5381",
-	        "0x391d108a0ba169bb746b3d5816fa985288c230bdde7e3b8433f8d595b63f08a90448923f30926960cf736be42e377b087e68848af89d80d95122b942b0162153d9d665c0e3508d8a25c8862c0bb7ad4f00e4b1213326f5ce32433df12cb9",
-	        "0x3004000a0a01280130601018127a8050080030098074038003300415003508090408800910800140cb6008a4002250081e688082701800d00020a000a004000380d4408021508482214802240332a406002080002220150a200034310081",
-	        "0x6eeff5db3eb1fa56bfb756bbdda57ff99d6ebef33bddfff3fdc77ffd7d5f7bfbbffaeffba7f3ddf6b67fff7fbe52ff77fb97f6d86deff9fe9d9ffe7bdd2f2b66bdbfdf7ffd6ff70bd8ef7efce6dfbf7afef05e6fbe7f7a6fdde3feb7dfd7fb9",
-	        "0x6eecf59b3e115a443fa450badc245851986e3ef03b45f8b3c5c74cfd3c0f78ab3f6aaf73a762d5f6a273497f3412fd52fb16105065c8f87e909ffc71dd252b26bd87d23bf56de20390cd6a7cc49f8c50be905c67be7d586e8d41feb49cc7f38"
-	    },
-	    {
-	        "0xa210334e6ffbec2fcfa42021075f84222c7",
-	        "0x181b940df674ffa93b3346264fed88e40b8d8f252487bc1f2cb4c3284fa17145d2cd0c77102fc177898e53fb12c40525aeb017a57661a80a268f27b4c78cbb4bae0e96ed0065e32bc7dcb01be9cc4e6bd5db5e453e94855cb2d1d3f86e8218fe55035102fc10901add0eb539089af",
-	        "0x821032440351002c0080000106150000087",
-	        "0x181b940df674ffa93b3346264fed88e40b8d8f252487bc1f2cb4c3284fa17145d2cd0c77102fc177898e53fb12c40525aeb017a57661a80a268f27b4c78cbb4bae0e96ed0065e32bc7dcb01be9cc4e6bd5db5e453e94855cb2d1d3f86ea218ff5f6ffbeeffdfb43afd0fffbd2abef",
-	        "0x181b940df674ffa93b3346264fed88e40b8d8f252487bc1f2cb4c3284fa17145d2cd0c77102fc177898e53fb12c40525aeb017a57661a80a268f27b4c78cbb4bae0e96ed0065e32bc7dcb01be9cc4e6bd5db5e453e94855cb2d1d3f86e2008cd1b6caaeed3df343afc09eabd2ab68"
-	    },
-	    {
-	        "0x2db0666cd0edeeab9e46e5b729521be3ece0714ffeefe18cd1b8b0f17e04c51b0d79fc6d428c22b9af63756",
-	        "0x1c1d5f18453c10d365065465c676fb8b58cb436b88660a0e19c350feb1f6954caf029a43a3e59bb35ce0bdbf80a7b8ff4b4f5d7d133bd244df8813e9695b1a6af9cea293e5da9ce4f8e1035fc8ce4ca62ecbec89e89fe25053e4153899415f61c41fcb412f13b58ac70fb84077831497f",
-	        "0x8906468c0014e888e44a426094009e08ce05043e4052088411820c01e00410b01318845028800318300156",
-	        "0x1c1d5f18453c10d365065465c676fb8b58cb436b88660a0e19c350feb1f6954caf029a43a3e59bb35ce0bdbf80a7b8ff4b4f5d7d133bd244df8813e9695b1a6af9cea293e5ffbce6fcf1efffebde4ee7bfebfe9bebffe2715ffefff99dd1fff1f57fcfc53f1ffdfeef4fbc62ffaf77f7f",
-	        "0x1c1d5f18453c10d365065465c676fb8b58cb436b88660a0e19c350feb1f6954caf029a43a3e59bb35ce0bdbf80a7b8ff4b4f5d7d133bd244df8813e9695b1a6af9cea293e5f72c829431eeb163500a4399e2be920b7302211c1afad91590e7d13561cf84341ecc76aa4d3462ce2c77e29"
-	    },
-	    {
-	        "0x33de1dc3fc5d6eeb5cbca27cc816a3727d1f9188400ea6b2c2799a40f7e611770b45cac7ed49fc0b66a46fcaf2393c0e03741bd08d26308fce62b0c56fbe44cb0949990bc3d4e5919ee1706dce518d6a06e865bdc26e761ef6723241b33583262bc4365103ba49dd17c0",
-	        "0x148a80223564208532d09dd94cf189921325cad8f2a6a32568e36b2007f00866ce0c8e59034cac999f915817492737af76413832e2c4e840627b91b54766a1555e91b87b2692df16c41161184ac9a124d59aad5c06b1a61892cf5c0cd6cc628f764a161f1bdd6546cb51a1510eef5ddfbd",
-	        "0x1121081d84c608910102048c812a222250881080006a00042480800510200240905804005492403262441083220040800601b9085062081444290806b2600cb004011010040c18104c1102d4c0081220080451c00464402867202001311812402c01001010a495d1780",
-	        "0x148a8022356420b7fedddffd5dffebdebfa7fed8f6a7f37d7ff3eb600ff6bae6ff9eceffe75dff9bdfdbdfff49ff3feff66ffaf2fbfcee43767bd1bd6776afdf7eb1fd7fbed6df1fcd996bdbdeedb1bef5faedde57bdee1efaeffdcefefe7eff767a57bf3fdf676fcf77f153beefdddffd",
-	        "0x148a8022356420b6eccd5e25119f62ceaf87b610e405d1587772e3600956baa4b796ceaee55ddb92da5b9ffa00db3cc9d22ef2c0dbf8e6431660413861562e9b3c217d1498d6141f8d886adb9e2c30ba34eac092573ccc1e7aaae1ceb8ba7c79047857ac2e5e436d0f67f052b4a680c87d"
-	    },
-	    {
-	        "0x683d881de1820ee9fbb71ccd74fd10e3a9ce71bd132955b9e9840d9259275498d2fae81b112416f37e9af907c319657d5d81623462b98d93818a23751a2196de6dd7c18e05960",
-	        "0xa9a2ae43423e6c78cc59ceba6601f6d85397527c462767dceeb1ebc6ad425fb2810a2b7525",
-	        "0xa880a002402e24688c104c300601d4d81203422800012018a2314182094046900008205120",
-	        "0x683d881de1820ee9fbb71ccd74fd10e3a9ce71bd132955b9e9840d9259275498d2fafa3bf53437f7ff9efd9febbf657f7d857b7567fdeff7fdceeb7fbe6bd6ffffffd1aeb7d65",
-	        "0x683d881de1820ee9fbb71ccd74fd10e3a9ce71bd132955b9e9840d9259275498d2f07231f5103515b9163c9b28bf056230045b41457defe5fc44c86ba64b42fb96ffd12cb2c45"
-	    },
-	    {
-	        "0xa827c5e2bd4293ed726065b32cac5c18d9df68b18300848f23f98c22fecd6b9fe7ed38a5adedd78f8dfe975d85c171f62b766947d7cd3d2ed3be52b50b792c0d6bb2701e28f22674a092e5ee0ec89bcd52680c6ae673a",
-	        "0x1deac63a0a7ae71db949662f05aafcefed47a6c6dd5819dc82d250d978001903a1f19e1b8b44e76bd5899884bb97121fa13a63c33822314a486d29b59b66f141fd64af3414a3ea6bdca9b4362e704c744e8a12c1ab736636ca3aa9da4b75795f1a",
-	        "0x202040a28c429068606045810c880c00099700018000040921b88402768d48998049382121e813860c328201048000d20b502047140d140ad30042340239080943226004004020202012a52602488388102004428471a",
-	        "0x1deac63a0a7ae71db9496eaf7dfeffffed7ff7e6df5b3bdec7d3ddddfe8b1933a9f9fe3f9bc6efefd7b9fefefb9f5adffd7afbdff977f95e5f7f6bb7fff6fd7dfff6ef3ff5abfaffdee9f6bf2f71eeff6eef5ac9af7fe6fecbbefdfecbf7ff7f3a",
-	        "0x1deac63a0a7ae71db9496cad79f4d73bc47971e0db032b164713dd448e8b0133a9b96c241386c887033066fa681d48c17c429b1cd157e9165f724b02fdf28c3d2eb6420ff188badc4e69628d0971aefb6ced58c8852d86da43867cfccbb3d73820"
-	    },
-	    {
-	        "0x1cc981657c8a20f5c777fc1df0e3cde0b23d434e043732dcaaa0758e009a8d1bf8591ff8db693d676eff2c39645b79c06b510ac22b1b47551eb728aa9404c24f2a6dee6bbdf2276759786f4116d21f4009dd6fb8e277976668bd021effecc797ca23682b97dbdffb93333834b8bb8fb68e922f42e3c00111",
-	        "0x1e52f1e05fbedda88873e9984a7a19bfbfbe9ea43e30588f46317b5cadc8eb02d255875f1dde872476d05dec1164e46c7fcf3fd718fff34a80d4c6e951d10f6ae0225d00e3953e99e",
-	        "0x61010a002b094200063608808400824b2a69ea43a10000644110254014821000015865b0c060124668050200164c4687c823682187db14a801002814181086a60200000221400110",
-	        "0x1cc981657c8a20f5c777fc1df0e3cde0b23d434e043732dcaaa0758e009a8d1bf8591ff8db693d676eff2c39645b79c1ef7f1ec7fbffdfdd9fbfb9aeb7a5dbfffbedee6bfff7aff77b7fffcbdedebf6d2ddd7ff9fffff7676dbddedfffeec7d7fef3fd7b9ffffffb9f7f7eb5bdbbffbe8eb7ff4efbd3e99f",
-	        "0x1cc981657c8a20f5c777fc1df0e3cde0b23d434e043732dcaaa0758e009a8d1bf8591ff8db693d676eff2c39645b79c18e7e14c7d0f69ddd9989b12e33a559b4d18404285ef7af933a6fda8bca5caf6d2c851a493f9fe52105b8dcdfe9a2815036d0955a1824eb539e7f56a1a5ab79188cb7ff4cda93e88f"
-	    },
-	    {
-	        "0xb77c8e0971a4f32bc9539c14b542ed2fa08e87560981cbdca4ccf4f7cc04fe7546a4a7eebe2592d131329fd591f66728a4179e",
-	        "0x2fb77bc1694a8265e74ee9f41672fc681d72ea8eb65ef5807bcba4bc52ef9e381a4e4315a771497e506b734def1ca93dd519fe9e6944dd782380dff70b72798c",
-	        "0x327c080970a08222485180108100ac02a08e0012080101842048745048004c6504a025c4182492410010180180d6670820118c",
-	        "0x2fb77bc1694a8265e74ee9f416f7fcee1d73eeffbfdff79c7fffe6fd7fef9ebf5e4fc3dffff5cdfef7ef77ffff5eadbfffbfff9ef975fffff791fff72bf67f9e",
-	        "0x2fb77bc1694a8265e74ee9f416c580e614034e7d9d97a61c6f7ee6517d4f10bf4c47c2de7bd5858aa7a777b39a5a0d9a3ba7db0cb875efe7f611299023d66e12"
-	    },
-	    {
-	        "0x89a0fbe80f4c622f45f4f7a15d8dc23bff17d939349f39cffa643af024db78243fc46c7948ab14ea12595e8a6cf2196ed4f353d9b1b8834b96fb61073301b99af019f042b2215e8cd5f31cf65123dab47d6b697a",
-	        "0xc2b6f7a999af54a94c156f771b995b528",
-	        "0x22215a8890f108944102d23039012128",
-	        "0x89a0fbe80f4c622f45f4f7a15d8dc23bff17d939349f39cffa643af024db78243fc46c7948ab14ea12595e8a6cf2196ed4f353d9b1b8834b96fb61073301b99af019f04ebb6f7e9ddff75ef6d177fff5fdfffd7a",
-	        "0x89a0fbe80f4c622f45f4f7a15d8dc23bff17d939349f39cffa643af024db78243fc46c7948ab14ea12595e8a6cf2196ed4f353d9b1b8834b96fb61073301b99af019f04e994e24154f06566290752dc5c4fedc52"
-	    },
-	    {
-	        "0x61cc2de53fe06a0381ce0dc4999795469453324c9036484632c257f02dddee71188198ed649bbe9ddae347178970bfbd3f1f28a787ee407a433f8473ba4fb77940227b769c9d555a8a70917ecfd038f80da4c6d5dc7211cc468c69a2275cfc119f145d2887543bbeb24",
-	        "0x117135d192a9645062d1be59a1f8b151692159285e5877a0ae304521ad800f51fbba812d038e053cb79578c70cd34248a2b4026533bb961add83d9362893b74ce01695861c82b6f94f181feb4a957875c74cf1e7fe48dcc5196bf1214cc564f599168bf2fee1a07e617cfac992443fcdb28247",
-	        "0x1c408050b000202018205c4811200420452124800340802200250302051ca71108010cd24008a09402243138960ad983d13208103644000411800402a4f947100223020148554508a1011648dc010900d0004c454421180408c29a20204e4118f04192003541b28204",
-	        "0x117135d192a9645062d7bedbfffbff57e9395de8de59fff9fe794533adc90f75fffbad2d7f8eddfef795f8df8ed74bfbebfdae7573fb971bffd3f9f6aafbffece7b6b7fe5fbbb6fb7f9c1feffffdf9f5d7ecf7efffecfdc79febfb6d6ddde7f59dd6ebf6fee3f5ffe17dfbcdd2cc7fcfbbeb67",
-	        "0x117135d192a9645062d7a29b7fab4f57c91945c88211eed9fa59001289490c357fd9ad087c8cd8e25084f0de82050bf34b69ac5142c30111265028c4a2ebc9a8e7b2a67e5bb91202388c1dccfdfcb1a092e456eee9a421c696eb2b6d2198a3d485d2e33464c3d5b1a0650b8c40cc4a8e096963"
-	    },
-	    {
-	        "0x1af3ce2ba6101f661c52430ae7280e3491d8d044a6621c3ef348c4e6e45fc6dfc91ec46b27214a9ebff52a0922fdebf1e895cd7cc4f428c64b7b3c4711b53f1f04f25b2f63ba70f281f52cb8149509f1ad38156397556eedf9e5c72388364cdba9112913",
-	        "0x5c5811bd255dad9049ec956e6eeaa95895e56e1c5c03cbfe24ae065ac3f528fda51a966771d288dfe3aab7611232e6f6bde10cf0d97620ebde6370ab24dbdecd4d7783c05cc8579517951049f16b26cf1612f6344a669d93ac990a997dfb5180a07a75f6a20dc110fd5547e744cfe0b348cc1786d8c7f587dc83fd9e8fdb9",
-	        "0xa00e02861011200452010885280a201010000426621c10c3088462041dc61708124429240042183c050801205169510095043044f02006434024411130091000925b25000a00a201602098100501502c30046203140cc1786584230834481b89002911",
-	        "0x5c5811bd255dad9049ec956e6eeaa95895e56e1c5c03cbfe24ae07fffff7bafda5fef7e775f2aeffe3ebff7d9f36eef6bde3eff4dd7e6eeffe6ffcbbecdffeff5dffebff5ee8d7bfdfbf1ec9fdffeecf569ef6b7fbe6fd9bfff9fadf7dfbf7bba77f7dfff2cfc159fddf5ff7c5dff9f75eeedf9edcf7fd87fccfff9f9fdbb",
-	        "0x5c5811bd255dad9049ec956e6eeaa95895e56e1c5c03cbfe24ae07f5ff17929ca4ecf7a255e226ad6349fe7c9f36ac909c22e3c455384eae220e8c3ac89d6cbf59de683f0e68c5bac92a0ec0adbcea80549e9283f9a2ec88ff68fad65849a7bb07755de9f0c64059adca5d34c599d9c61e22c81884b5cd04b84e470f9d4aa"
-	    },
-	    {
-	        "0xcd10bb69c381582eff7391a446db73312e738c6978564b350ca88e09cad650ef89dfb4cb00831c41d4739e957fdac00124348c91183da60b8f12dd3e349cad8b8d752fd9ea5613b1a41818032e0a2f2030790009a4fe9cdca54f96402b143e",
-	        "0x7c4f944973a8882522976043833419c2c15b1531af1207b40092dd1e3c123a4cf06370c3111b",
-	        "0x104d140010a888052007404202101180001801200a020030000009043c10180440024003101a",
-	        "0xcd10bb69c381582eff7391a446db73312e738c6978564b350ca88e09cad650ef89dfb4cb00831c41d4739e957fdac00124348c91183da60b8f7edfbe7dffad8bad77bff9ebd737b9e6d95b173faf3f27b47992ddbefe9efeedfff770eb153f",
-	        "0xcd10bb69c381582eff7391a446db73312e738c6978564b350ca88e09cad650ef89dfb4cb00831c41d4739e957fdac00124348c91183da60b8f6e92aa7def0503a857b8b9a9d527a866d943161fa53d27847992d4bac28ee6e9bff530e80525"
-	    },
-	    {
-	        "0x1cdc2579b3f1727c03a0f733c6a1a50025c8b51640ed21fb0e700f873d35c83797a14",
-	        "0xe3e7298d39a9c7cd225125b1a01505e3d9ca63f8b494e4d7218b10e8bddc06984bbbe43e263f30f6a92a9d7",
-	        "0x10042120110162580220f03084a085000100a0144004004b0a600e063d30c02102814",
-	        "0xe3e7298d39a9c7cd225dfdb5f9b7f5f3fdcbe3ffb7d6e5f721afd8fdbfdcefb9fbbff43fa73f35febfbfbd7",
-	        "0xe3e7298d39a9c7cd224df994d9a6f491a5c9c30f8752457221aed85dab9cebb9b0b59431a102053e9ebd3c3"
-	    },
-	    {
-	        "0x3ac7a7062a50d421ec7b732acfeafd988b5fe95661d371a7f2fdb5b9c1d37e304dd3a0dfcb995e9f99e1b86696b54df83fcd4e87764ffe27fbbd785875c31993f20f4628df79cbaeb50c3dfd132e20935f33ee0276c23f445dff5a075a8198907c1e248787fb28c44495d2e2ed677832432eeda5026afb91467cef4b8",
-	        "0x12659e0b26181845981459681797ab57a50c5b4a34882e973f884d99c1e89c0457b99c9445be077039c60cffa057c608594d38423730d3eae76e8a8db6f946877e90bfecde4aaa320128ef3811cd31c3834e66fa7a61d1454778bf82781c091ae5fd348fd903d85116f83f331d84edaa925d1d65b0b30c1b7c6c69da380",
-	        "0x20860306081044000459600287aa5580085b481400021127804d9181c0900410099080458a0150198000b820168408580d0842073043ea276a88081071420112900f44084a280200200c3811012000834e22ea0260c0054458bf0200180118807c14048103d800044015120084652812410c65a002081b104468ca080",
-	        "0x127fdfaf263a58d5b9fc7b7b3fdfebffbd8f5feb76e9fff7bffafdbdf9e9df7e77fddfb4dfff9f7ebfdfedffe6d7f74df97ffd4eb776dffee7ffbffdfefdc79ffff2bfeefedffbfbafbdef3dfddf3fe3935f77fe7a77d37f477dffda7f5e899af5fd3eafdf87fb79d6fcbff3ffedeffab25f3fedb5b36efbfd6e7dff7b8",
-	        "0x125f59ac20324891b9f8221b3d5841aa3d8704a362e9fde6987ab02c78294f7a67f44f349a759e2ea65fed47c6c17345a172f50cb0469c14c09537f5ee8c859eed62b0aaf695d3f9af9de305ecde1fe3101155147817137a032540d87f46888275812aab5e842379d2bcaae1ff698ad2a01e338815b166e0ed2a1535738"
-	    },
-	    {
-	        "0x39d2210d760b098917fd1293f0708ed6ffcd7686a4041e774a0f52e808524d686429da6774dd45dcf69abb4a7a48116d71f8e38074196cddf128b041a28cdc1e12cf755c7",
-	        "0x59d65c9b948dab08f5c3604fb8b4d15085e4ae6ea8e762bbcceb904b3d9b5837977c4c9f2b9e9f3f8c6babd3b5e846ed8bdad898648bc4f8ccbea95d7a9cf5fd694e6b1a176058fbb30257aafa296741ab7181398c43a264a94972c08b4a5c56807a5f06b5b88eb420df822b43c43b400d0",
-	        "0x284221095208080003c41080b0200c529cc5740004001a17400852a000520868202140237081018c42822008484000094058428070190495b008b00082800802000b400c0",
-	        "0x59d65c9b948dab08f5c3604fb8b4d15085e4ae6ea8e762bbcceb904b3d9b5837977c4c9f2b9e9f3f8c6babd3b5f9d6ed8ffedb99ed9ffdfadffef9dffefffdffefee6f1e776a5ffbfb0a57effa6d6fdbef75dd7ddcf7baffeb7b7ad1ef7bfcf7807e5f6efdf9aeb461ff8eff5fd6ff755d7",
-	        "0x59d65c9b948dab08f5c3604fb8b4d15085e4ae6ea8e762bbcceb904b3d9b5837977c4c9f2b9e9f3f8c6babd3b5d194cc86acd391ed9c39ea5f4ed9d3ac63388befea6f04602a57a95b0a05e7924d4e9bcc055c7c50b538dfe3333ad1e63ba4b5000e466a6849a604617d0ef75dd6f435517"
-	    },
-	    {
-	        "0xcf08fe64414998cc59938913e660f0f9b221f459cd8e04126cf902d0b6cea0edc26164b9d84e9ce7dfe058c1fe0fb452848616368c3",
-	        "0x234286d14c1098ea9fd7f83508641ef3288da679fce09dd1359514ebf0dbcdc73b8f7f6171762d3d5df6492591c9386",
-	        "0x4000910810806090d1b02100400c820000247900c094c0208500616099c84618875f6050402c0d145200041000082",
-	        "0xcf08fe644149bbcedfd3cd13feeafffffa35fc7ddfff2c9feef9fef0bfdfb5fdd6ebf4fbddcfbfefffe179f7ff3ffdf6cda797ffbc7",
-	        "0xcf08fe644149bb8edf42c5037e8a6f2e4a14fc3dd37d2c9fca80fe302b1f9578d68a94621589a768a08129b7d332e9a4cda387ffb45"
-	    },
-	    {
-	        "0x343e32e61b86c0c7cc895cf233ea3d5b5ad65435c1f87e034b59788a9af14ffae9249f1f3cfe0789abbe8edc8ce",
-	        "0x63f7afb1dcebc9d65f9d468754ea558119988cb7d85e427003f2c1d9b360d2c75b97c1308ee3a7b5901044c6353e14f3e6b54a2ead64acdf914c6f7b6d4ed3205abdc78aa7bb47d548607b4ffe1db7331aac39c8bc7fcfd62238467352656a3ad04a423",
-	        "0x241e10440b024046c00058b0038a251b42d4402041487e010311188818c00c7ac9040218047202012a3a8048002",
-	        "0x63f7afb1dcebc9d65f9d468754ea558119988cb7d85e427003f2c1d9b360d2c75b97c1308ee3a7b5901044c6353e14f3e6b54a2ead64bcffb3ee7fffedcfdfa95efff7eabffb5fd75c75fbfffe1fff7b7aaebbf9ffffeff6bf3f7eff57edebbededecef",
-	        "0x63f7afb1dcebc9d65f9d468754ea558119988cb7d85e427003f2c1d9b360d2c75b97c1308ee3a7b5901044c6353e14f3e6b54a2ead6498e1a3aa74fdad891fa9064ff4609ae01d031c55bab7801efc6a6226a339f38526f2bd277a8d55ecc1845e96ced"
-	    },
-	    {
-	        "0x981ba5db1da1fe952887e32cd21d51ba024022c8d837ec00f9772a111f87644012cee4a01f66d09ef168ebdfb91232e9e8f65d63ee7e6e050ae9707e7b15df4f8037b0d8d427f32429a45312a24081ed5a9c8ec22358f3621c961349638f30e049d00d513901fe065d5364f4cfca93f14a2b1b",
-	        "0x1ba08accd8474ea8d9dc2f10d3c2c2edcbf9c3a909ab45",
-	        "0x38000c048400c0019002e00514240e4cbc883a1082b01",
-	        "0x981ba5db1da1fe952887e32cd21d51ba024022c8d837ec00f9772a111f87644012cee4a01f66d09ef168ebdfb91232e9e8f65d63ee7e6e050ae9707e7b15df4f8037b0d8d427f32429a45312a24081ed5a9c8ec22358f3621c9613497bafbaecd9d74ff9f9ddff16dfd3e6fdcffbd3f94bab5f",
-	        "0x981ba5db1da1fe952887e32cd21d51ba024022c8d837ec00f9772a111f87644012cee4a01f66d09ef168ebdfb91232e9e8f65d63ee7e6e050ae9707e7b15df4f8037b0d8d427f32429a45312a24081ed5a9c8ec22358f3621c961349782fba2c919743f9e0ddd1168e91a6190433505843805e"
-	    },
-	    {
-	        "0x1d9992a4fce731fe937e70ec9efba437b1efa9e5459e3145f8c9142c6988eca9a61273750bcc1f00a64b32bab5a3a4c89858231f4fedce7a73bcc7285bbd18b328ccc298919f5511e973cd124f7e1c3912d52f4593c676f1c3f87a521",
-	        "0x6e195204da93bdade43f0622217647326502417d70305d050d988",
-	        "0x421810045011a921c412062200300210250001447030410008100",
-	        "0x1d9992a4fce731fe937e70ec9efba437b1efa9e5459e3145f8c9142c6988eca9a61273750bcc1f00a64b32bab5a3a4c89858231f4fedce7a73bcc7285bbd18b328ccee99d39fdf93fdffed3f4f7e3d7f57f76f47d3ff76f1dffd7fda9",
-	        "0x1d9992a4fce731fe937e70ec9efba437b1efa9e5459e3145f8c9142c6988eca9a61273750bcc1f00a64b32bab5a3a4c89858231f4fedce7a73bcc7285bbd18b328ccac81c39b8f8254de292d495c3d4f55e74a47d2bb06c19efd77ca9"
-	    },
-	    {
-	        "0x123b8aaf5660144d596f10574b4c232f267222596831",
-	        "0x10ab460448ce805f18a3c1d64fc8cc0c02b2cd5f860d462e33602f09fd131e5468c86997e5a033729b2a03d3c284ee0111488ea",
-	        "0x1021028c0600144801270012000c2028066000100820",
-	        "0x10ab460448ce805f18a3c1d64fc8cc0c02b2cd5f860d462e33602f09fd133ffceafd6f97e5f5b7f39f7eb7d3f2f6ef2335de8fb",
-	        "0x10ab460448ce805f18a3c1d64fc8cc0c02b2cd5f860d462e33602f09fd123decc23d0f96a175a5839e5eb711f076892334de0db"
-	    },
-	    {
-	        "0x17529608c59c36277d9e89f9b275032e62ab42b4dc006f1943e12b088c36657b02937109db797e2fbb83c984f507841be083c5e36dd04a8b7d3",
-	        "0x1d556659e3b765044e08b1f7879bf057ef",
-	        "0x1814004940304104080810368500a017c3",
-	        "0x17529608c59c36277d9e89f9b275032e62ab42b4dc006f1943e12b088c36657b02937109db797e2fbbd7dfe5ff3ff65be4e3cfff7df9ff8f7ff",
-	        "0x17529608c59c36277d9e89f9b275032e62ab42b4dc006f1943e12b088c36657b02937109db797e2fba569fe16b3cf24ba4634efc15a9f58e03c"
-	    },
-	    {
-	        "0x23ed0547893da2de2673832f9e6d988ce38c44a47495c1e0a714eb2f18ec455157cc20ea9da75cdcb0c4e9afa546efb3650b7e5cb7e659359d17fe79d2d5116bcd6c5cca45e0719d063e7df33f6788e5c6bd77c114340748cf553c5aa4992076953c4904181e24bb7c26a6e895d8b808c70133b52c9ca4a2266c2e2302bf777",
-	        "0x3eaf5dd3cbba83558163fd16469a3d64905ff28ee65c15ff01f4d720b1ad669a893671bb614382f2331985333b0af52cbc0af22e50e4cb39d4ab3ad58127b3c481e692bb22dc0b497690e57e6fc84a87c2e1eb85e6c8bfc253fd497fc88",
-	        "0x20aa1d83489880448123a50646922500105cb286401415170070d20011294408080241a061010232311105230800c42c340010240040cb11140a2091002691040104101a20980800268085582808420102a12884a48026400221003f400",
-	        "0x23ed0547893da2de2673832f9e6d988ce38c44a47495c1e0a714eb2f18ec455157cc3eefddf7dffeb3d5e9effd56efbb7d6ffe5ff7eeff7d9dfffffdd7f5b1efeffeddfe75fb71df86fe7ffbbf77bbeff7bdffcbf63e57eccf7dfcfbbedda177b7fcc9e69abf26ff7f6ff6f8f5feffc8cf87f3f5ef9de6eabfee7fff4bfffff",
-	        "0x23ed0547893da2de2673832f9e6d988ce38c44a47495c1e0a714eb2f18ec455157cc1e45c0749766339168cc5850a929586fee034568bf6988e8ff8d05f5a0c6abf6d5fc345b10de84cc4eeaba54b3ef3391cbcbe61a57ac046ce8f19e4ca15126f8c8e28aa50667776fd07870a6d7c08d86f154c719426a99ae7dde4bc0bff"
-	    },
-	    {
-	        "0x4881b1172db56487aa0b4362479871a57",
-	        "0xd40bc374f241c2bb638ed6dea08d7885135052619d2f58523b3218b57371993a62bea6cfc8abf4abb8e4a96b0a38bbffffdd0bc5e5a6514f0db",
-	        "0x4081210228b16487880b4160061041053",
-	        "0xd40bc374f241c2bb638ed6dea08d7885135052619d2f58523b3218b57371993a62bea6cfc8abf4abb8eca9fb1f3dbfffffff0bc7e7e7d97fadf",
-	        "0xd40bc374f241c2bb638ed6dea08d7885135052619d2f58523b3218b57371993a62bea6cfc8abf4abb8ac28da1d150e9b7877008687e1c93ea8c"
-	    },
-	    {
-	        "0x1e0e22b43b6de9f7ee3000e87eef492f84ee1bcd3f490cdbf35171b174335fe53afa9b752d9b1e1b0bd58d71d35687cb7b74",
-	        "0xac57c7cfa532414e1182c7c499ffa996f7a28187f7f5d7586f0fd6b64e566bff1ff68daa60d7b650cfece99b8e2551941008aaa5ab966c526d584251600baf9f48d6b573e2779363363cea427961c0ac63d9c9abcc30976c3755b739dcbcccfbb7ae06b5deed54c59a5271caaa26134877898f75b065f3c72a8429ab5",
-	        "0x40602140a4429948a30000876c3410b008c0bcc0f0908c0635160914411052518aa82612483181803510451105280421a34",
-	        "0xac57c7cfa532414e1182c7c499ffa996f7a28187f7f5d7586f0fd6b64e566bff1ff68daa60d7b650cfece99b8e2551941008aaa5ab966c526d584251600baf9f48d6b573e2779363363cebe2fb6bc3beffdfffebcc3e97eef7d7ff7ffdbcdfffb7efbfb5dfff57c7bffe73efabb753d9f7e9bffdf8f7fff76afcbfbf5",
-	        "0xac57c7cfa532414e1182c7c499ffa996f7a28187f7f5d7586f0fd6b64e566bff1ff68daa60d7b650cfece99b8e2551941008aaa5ab966c526d584251600baf9f48d6b573e2779363363ceba29b4a831abd46b748cc3e1082c3c74f773d001f0f2763b980c9f64386afac226503914191c6683fc8e8b2eef242f89e1c1"
-	    },
-	    {
-	        "0x46529c1d4b03b4a0efd29ce200ce9564cdc4fa4b53b9b6725e3fffe3454d6e53848fa573858f0bdbcf846d790a5bfc7470d0b8ac1d494804fa7048b869d5e016e389bf93cb959469dca3f4c5e93f8bcb7dbb64bcec19c8d9dbc5f2cecb285d81f5fefe99ff4564662c7cc275a40f0ea519adb2",
-	        "0x1b10fed79bfd5e52ba14eea13cf223bfbeb5f42bd781083545c4306ed5f69250efc19707288aadf9df45b4056a293da0cfae076ee9b08e7a7058ef0a58e67149980cdc60a75825607ec4e531e9d036e71e3df52048853e3",
-	        "0x1010d6c518485a523810e0a13cf0029790a5b4034701080041c4100045a6000086811601280889f91c01100408083d004e82002ca190864a40408c0818a4510888008440075825601ec4440060c004271a00f02040801a2",
-	        "0x46529c1d4b03b4a0efd29ce200ce9564cdc4fa4b53b9b6725e3fffe3f54fef7bbfdfe57ba5cfebdbcfa67ffbeb5ffefd78d0bbfc5d4b4eedff796dbefdddf076ebabff9fffdfd47ffeb3fecdfbffffefffbbe7bfed9ff8fddfe7f6dfcbeddf8bf5fefe9fff4f777ebd7fee75e7df5ea599fff3",
-	        "0x46529c1d4b03b4a0efd29ce200ce9564cdc4fa4b53b9b6725e3fffe2f442832a3b5a405824c1e1c800a65682e104bec908c03bf8410a4ee9a5196db695cc90646b23600e3fced43f7e302ec913dffd25e6b3831be997387c55a2e6574be59b8b807ca89e130b3778b17fac0447d05ca191fe51"
-	    },
-	    {
-	        "0x1c61ea1ba6135d29a669cc258f24a09ce0c6af1fa717",
-	        "0x277557a8f45578e7730c64350cd3fd389bf96320fb3079402e9949062868fda63a6c371adf34952bd8fbf8a361671041556548ecabc7561f3febfcf26290dc819caa54b8eb26a7fb3a593202b2eb9a87fa214342ea4d639c3487882c7b6a03401d0715171c8ec44d45eff0c2571ca3f556d0d986fbeb5ff",
-	        "0x10416008a4005408a60804218a24000c00802f1ea517",
-	        "0x277557a8f45578e7730c64350cd3fd389bf96320fb3079402e9949062868fda63a6c371adf34952bd8fbf8a361671041556548ecabc7561f3febfcf26290dc819caa54b8eb26a7fb3a593202b2eb9a87fa214342ea4d639c3487882c7b6a03401d07d71fbdbee57dd7fff6ded75cf3ff5fdeddeefbfb7ff",
-	        "0x277557a8f45578e7730c64350cd3fd389bf96320fb3079402e9949062868fda63a6c371adf34952bd8fbf8a361671041556548ecabc7561f3febfcf26290dc819caa54b8eb26a7fb3a593202b2eb9a87fa214342ea4d639c3487882c7b6a03401d06d309bd34a5789775965e954451bf5f1ed5ec0a112e8"
-	    },
-	    {
-	        "0x259856f9c56582b4f8056fdbd37332ff6684ad104683782087ef2b965fa2d22153ca880d735c116878afac5b2477b7f",
-	        "0x1518494828299164e2ee455afe73cd24484df0def1e24c01926bdb2566d44e483a04bbdd5aeab159678305b6ade08cb5bc83e0e63a7bd9e2bb016c355f0fd9e94044e8e9dd380c64ea2f83d239d0987a6864dd1a07c9d742",
-	        "0x20105268c4008210c8040e438331122b2004811040811800044e0a945380c20002c8080111080120000d80002415342",
-	        "0x1518494828299164e2ee455afe73cd24484df0def1e24c01926bdb2566d44e483a04bbdd5aeab15967db85ffbdf6dcbfff83f6ffbf7ffbefff696ef55f6fffeb487efaf9fdfa2d66ff3fabd2fff5d97eefeeffdfb7cfff7f",
-	        "0x1518494828299164e2ee455afe73cd24484df0def1e24c01926bdb2566d44e483a04bbdd5aeab15965da80d931b6d49ef303b61b874ceacd4d6926e45b67ee6b483a1a50b8c22146ff132b52eee5596cefee27dfb58eac3d"
-	    },
-	    {
-	        "0xd8526c4a399bb415b422ab254fb7c9a053c1507e3260aac195366c5fed9ff583053547f1b8f54561838e8d5fff273e25",
-	        "0xdc8169197ca1b7f60394685c3438a5b9ff07c0deafe3d68064567be3d9ad3c577600e0d98c4bda37a6ed8175d437cded052bdf221c4c3d76221331061",
-	        "0x4002480a30180400b42028044527882012c14076200008808434205a6c981501013446d010b540218082854221231021",
-	        "0xdc8169197ca1b7f60394685c3dbda7fdff9ffbdfffe3feb274ff7ffbddbd3d57f726eafd9d5bfef7fefdff7df477ddff1fafdf761c7cfdf7fff373e65",
-	        "0xdc8169197ca1b7f60394685c39bd837d5c9e7b9ff4a1fc3230ad0779dc9129509526ea759518bcf258347e2de46499921ea48b740474d5a3dde142e44"
-	    },
-	    {
-	        "0x47ac96c78ee0c7a9906ce5af63d0ad1b0420e1ca783cc6904ee84",
-	        "0x630297e0f122e36f0c5f2f34efbb078c2f4c00e7c16f96cb054",
-	        "0x20028780e002a1000c452f20c0a90304204000600046904a004",
-	        "0x47ef96d7eef1e7ebff6cffaf77ffbf1f8c2fedcafffdef96cfed4",
-	        "0x47cf94506e11e54aff60ba80573f161c880fadca9ffda90685ed0"
-	    },
-	    {
-	        "0x432a40ea48fcb8b8161bc19a26b544f54833bf5e005c7d1c19e8405c5464c8c139fdd9b627865e596c513fc68454827f070310dd7efe80306693ce441c89a74d91db5e27d6ba966aa1e109cc8385bd86a23d127cf609eea4118e0e1d9be83b561dcffb0ec3844d22",
-	        "0x70d78d38ebcadb77733fc709a6d3b76576ca71acd7e3196640d6adc00225142070b943d5624a3a3d4e77a787d8221848ab06c5135",
-	        "0x50c7880002481864410882008011b560744a212482021004401009c002211020402002c0400820214836838540001800a80044120",
-	        "0x432a40ea48fcb8b8161bc19a26b544f54833bf5e005c7d1c19e8405c5464c8c139fdd9b627865e596c513fc68454827f070310df7ffed3befebfff773ffdf7dffdfb7e77febf9eeffff19fec8feffd86a27d527fff9dfff635afafddfffa7b7f9fefff8ef3ec5d37",
-	        "0x432a40ea48fcb8b8161bc19a26b544f54833bf5e005c7d1c19e8405c5464c8c139fdd9b627865e596c513fc68454827f070310da738653beda3e79332f75d7d7fce02870ba1d8ca7dfd09fa88eef6186806c507bfd9dd3f2352dadc97c92432b9fee7f8473e81c17"
-	    },
-	    {
-	        "0x7c4c2d104ca2a5c080fbf1e717e47f848ff9be3555bcff60c07907ade9e334a556157dcd28ebbfd73367defdc4d8f5de60815360394e4de6e7535d356ccb8a2d896157ba65a7e8541a06e604454aef3e8cebfc7aedb48466eb65039cf17c13fcdb1b",
-	        "0x2a73b2854f05d043d4e28e0b2634fd7023aaf3e57e58f213dd0693769",
-	        "0x2a0100804e00404084e2880a2604ac50000262a45018c213c10681309",
-	        "0x7c4c2d104ca2a5c080fbf1e717e47f848ff9be3555bcff60c07907ade9e334a556157dcd28ebbfd73367defdc4d8f5de60815360394e4de6e7535d356ccb8a2d896157ba65a7ef7f3a56f65d457fef3eecfbff7fffb6beefff77e79ff17dd3fdff7b",
-	        "0x7c4c2d104ca2a5c080fbf1e717e47f848ff9be3555bcff60c07907ade9e334a556157dcd28ebbfd73367defdc4d8f5de60815360394e4de6e7535d356ccb8a2d896157ba65a54f6f325216594177a1166c599f353ab6bec9d532e613d041c395ec72"
-	    },
-	    {
-	        "0x3ee957090c3ab10e1c8af669f2093bba430a4322a741522d2ce1d20b07558298627de3dbbbef8828abc64195bad0f9f6acbb734a420d0d8dd330e90d23ab633826a612060eb95070758199006b547b24792d59f97c3191b2dee7a96e",
-	        "0x7e30cfb7abf89648583c2f705f30abb997ded579a0de3172e2b546c920f92fbdf3bf5ffbd5d73620da518e7b4964a44505817d16c7028f4da494135d2589deffbfdb19f6a454f0431cda1884e51f48c67605f9f044e955a4f23da9dfa92af8dfba09ea6adf0390c",
-	        "0x4e102090838a1061808e20122091028020a02228701502d2c415202050500802014424010480000284000949a4041348018114a420d018d42004904218921080600100406205010040091004b005a0478000989782090a28ce0290c",
-	        "0x7e30cfb7abf89648583c2f73ffb5fbb9d7ffd5f9e8ff77ffe2b7ffed30fd3fbff7bf7ffbdfdf36b0ff59afff6ffebdffbff9ff9eff669f5fad9f9f7fefbffeffbfdbd9ffb75ef0d33efe3b86ef7f68e6ff95fff75cf9d5a6f77fbbdfbbffffdffb19fb6fff7b96e",
-	        "0x7e30cfb7abf89648583c2f73b1a5db295475c598687157edc226fd6d105d1d9787aa7d291bca1690af09a7fd6eba99febb79ff9c7b669616099b8c37ee3eea5b9f0bc12b975a6091266c2b068f7e68a69d90fef71cf0c5a2477a1b983bff67487910f1473179062"
-	    },
-	    {
-	        "0x20265b43c9319cd56eac6a02cbf7913ba44b",
-	        "0x995b92e854a8e0d548bfc02e18529b37790f0e4d9aaf36e7abc4a0f1e6d69489215aaa61b5863b1c86b3536b443dc639d1eb3db7789c2cb2f8cad1a74e5168ef33948c81a06fbad3b9ab0b7c84045cd1f77620ef43c7f2088d2901917bec5346a44f679be9491d273dbe5bf6e39095bb411cac63e38626013d671445c",
-	        "0x20261901493010c0462c2802401390310448",
-	        "0x995b92e854a8e0d548bfc02e18529b37790f0e4d9aaf36e7abc4a0f1e6d69489215aaa61b5863b1c86b3536b443dc639d1eb3db7789c2cb2f8cad1a74e5168ef33948c81a06fbad3b9ab0b7c84045cd1f77620ef43c7f2088d2901917bec5346a44f679be9491d273dbe5bf6e7b4bdbb59ddfeebe7a62ebf7d77be45f",
-	        "0x995b92e854a8e0d548bfc02e18529b37790f0e4d9aaf36e7abc4a0f1e6d69489215aaa61b5863b1c86b3536b443dc639d1eb3db7789c2cb2f8cad1a74e5168ef33948c81a06fbad3b9ab0b7c84045cd1f77620ef43c7f2088d2901917bec5346a44f679be9491d273dbe59f48624a92858d1fa8925260abe4474ae017"
-	    },
-	    {
-	        "0x20a92c71c161a786989694109718416d7a291b8f9c71a5a71ee827e003a5a19cf2aa8faeecbfa231c330e2d4c747b75ccc4d43d8c37472b60",
-	        "0xc2ba3ef844b62f020cd6e4b010499c2c28ab3c15ed2ef3114e5b806244e57be1a7d999a21399c1e950977f021c82a906bed39caeec6aa077628421f9d5dfed01b24fe857000e259537fbe07d6a83080080ae927512d4518f9a56f0a40376234855377d8ef40dcb6055bd8d351",
-	        "0x20282071400021809096840092084045000801851471a0250a80000000a480141280018e8816a020033022404507350cc40d4340413400340",
-	        "0xc2ba3ef844b62f020cd6e4b010499c2c28ab3c15ed2ef3114e5b806244e57be1a7d999a21399c1e950977f021c82a906bed39caeecebac77e3e5a7ffdddffd11b75fe97f7a2f3f9fbffbe5ff7eeb2fe083afb3fdf2fedfaffefff2b5c376e3dcd777ffdefc4dcbf8d7fdffb71",
-	        "0xc2ba3ef844b62f020cd6e4b010499c2c28ab3c15ed2ef3114e5b806244e57be1a7d999a21399c1e950977f021c82a906bed39caeccc38c06a3e5867f4d4979112557a93a7a273e1aab8a45da746b2fe0830b33e9e07ede2176e95295c046c19c9270cad2384088b896c9ff831"
-	    },
-	    {
-	        "0xf6b7f399370d10b097b17e514f044d77a8f170148f4837033bb5d425f73a4079e1c7a9c3e69246f902d8c9fd27caad1e93d83578d4af8d3b7b1c02041c44917a22ed56f2562ac1426a356f8d31965e8e367b8929f3907b1dc6e73a8f3a566ca5c4e113e9d2c53770b110df51cf504701ff3fcea5b819b9bfc49f",
-	        "0x61989df2b7097a6a84dc016aec2716d9cac359d2d799d90ec006a66efe3f1fd0851978c4cfe2f64b307b852e23f5dfdc2f63196e1076782a228a46f5f7d4e54afc1ad7abf1f8fef46edaad1706956f95eb95953bd4",
-	        "0x990290097822808c0002c82510d08a8119521400000c40002222ec1612500001404005628401105a8426238109d0006319460032082a020804c4e110e142c41250a110d850c440420117068425900991950094",
-	        "0xf6b7f399370d10b097b17e514f044d77a8f170148f4837033bb5d425f73a4079e1c7a9c3e6f3defdf2ffc9ff6fcefd1ffbfc377eddefcf7bfbdf9bdd1ec497fe6eff7fffd6afd97aeeffefff7bb67f8f3e7bfdffffbf7b1deef77eff3a76eee7f5f7d7eddafd3ff7bbf1ffffff7edfadff3fdfefbdfbbdbfffdf",
-	        "0xf6b7f399370d10b097b17e514f044d77a8f170148f4837033bb5d425f73a4079e1c7a9c3e6f3de64f06fc0874d4e711ff934126e0d654e62a9cb9bdd128497dc4c1369ed86afd83aaefa8d7b7aa6250b18587cf62fbf1804a8f74cf71074e6e33116c70c98392da71ae127af3b3e9dace8395bca2df22c2aff4b"
-	    },
-	    {
-	        "0x31d126e874580b754389fad8b64aaa61cabb4f8eb6904fe7e504341ed903f7daa3e74d4da3afca80b2415672a",
-	        "0x16fb17a0468c0afa6bad456efa4f9baf26860eda9d7c00c2520c8c9b6026fb50df59b8cb74f6d9be861052c5e831158e7ffd98746328ce11f91d9ea22f0803a8b059aea22d1715ca1abeae53a8bc6b8bfb9b6c9d24ae714767",
-	        "0x11100e0745803440288e0189048aa20c0800a8a04904a22c10014008902e51a83c6080da1a6c880024114722",
-	        "0x16fb17a0468c0afa6bad456efa4f9baf26860eda9d7c00c2520c8c9b6026fb50df59b8cb74f6d9be861052c5eb3d17eefffd98f77738dfbdfb7dbea63fabb7f8fb79aefe7f5757cbffbebf7faabe7fdffbbbfcbd2fae75676f",
-	        "0x16fb17a0468c0afa6bad456efa4f9baf26860eda9d7c00c2520c8c9b6026fb50df59b8cb74f6d9be861052c5eb2c07e0f8b818c3371051bc7279340433a3b7505b30aa5c5347568bf72e912e02821f5f21a190352f8a64204d"
-	    },
-	    {
-	        "0xbf1a14e469c234b72d56324d100e016bc38cdf7158e35f230c047585e7b107acc8e222e7f19552541e59316affd90e96ca657b6112f5e8c786dfcff342fc46252fcdab10c632578540dbf6235f164bc5711924c7c6ba9da85ab",
-	        "0x5dd3fb9a3de26cd89eb9517af6bb25678f149f906e8751a0c20d7646d21c17191237022a990e0156541e376986fd6a680c60228e5955df08bae5789c81751cdcafe5a2e72d45b09",
-	        "0x5d5158821d220c001481413006a800620204919042041000000876400214020112210220880600564412026806252a480800020251054008b22158140145101824c582a20d00109",
-	        "0xbf1a14e469c234b72d56324d100e016bc38cdff3fbfb7fe36cdcffbdf7fbf7bfede7aff7ff957ed75ff9f36fffdfde9edf7d7b7712fff9cf87dfdfff77fdc6fd6fedaf70e6be5fd5dfdbfee77f9ecbf57dddafe7e6ffbdedfab",
-	        "0xbf1a14e469c234b72d56324d100e016bc38c82a2a37962c160dceb3cb6cbf117ed85adf36e053cd34ff9f367899fdc8add7c695610df71c987899bed7595c0d845a5a770e4bc0ed09fd34cc6278acab06dc58b22645db0edea2"
-	    },
-	};
+    struct Bitops_TestTuple
+    {
+        // m,n are operands; a,o,x are and,or,xor results
+        const char *m, *n, *a, *o, *x;
+    };
+    static const Bitops_TestTuple tests[] = {
+        {
+            "0xc2cea8a4", "0xb36e5794", "0x824e0084", "0xf3eeffb4", "0x71a0ff30"
+        },
+        {
+            "0x436eb828", "0x1b375cb4", "0x3261820", "0x5b7ffcbc", "0x5859e49c"
+        },
+        {
+            "0x1e5c0b28", "0x4fded465", "0xe5c0020", "0x5fdedf6d", "0x5182df4d"
+        },
+        {
+            "0xeb71fde7", "0xf7bb47cf", "0xe33145c7", "0xfffbffef", "0x1ccaba28"
+        },
+        {
+            "0xa6b0f01f", "0x8a8ca98", "0xa0c018", "0xaeb8fa9f", "0xae183a87"
+        },
+        {
+            "0xa70bd8b7", "0x5c758cf5", "0x40188b5", "0xff7fdcf7", "0xfb7e5442"
+        },
+        {
+            "0xf91af382", "0x718a9995", "0x710a9180", "0xf99afb97", "0x88906a17"
+        },
+        {
+            "0xbd2a76ad", "0xddd8dfeb", "0x9d0856a9", "0xfdfaffef", "0x60f2a946"
+        },
+        {
+            "0xd4b559cc", "0x91a53295", "0x90a51084", "0xd5b57bdd", "0x45106b59"
+        },
+        {
+            "0x89434e9e", "0xa42fdaf9", "0x80034a98", "0xad6fdeff", "0x2d6c9467"
+        },
+        {
+            "0xb947ac04", "0xd4201e52", "0x90000c00", "0xfd67be56", "0x6d67b256"
+        },
+        {
+            "0xa83945c1", "0x3a9c5dba", "0x28184580", "0xbabd5dfb", "0x92a5187b"
+        },
+        {
+            "0xbca38ffa", "0x881ba9fd", "0x880389f8", "0xbcbbafff", "0x34b82607"
+        },
+        {
+            "0xfcd0b92", "0xeaad8534", "0xa8d0110", "0xefed8fb6", "0xe5608ea6"
+        },
+        {
+            "0x50d160d0", "0x64646f75", "0x40406050", "0x74f56ff5", "0x34b50fa5"
+        },
+        {
+            "0x165ccff8", "0x67d49127", "0x6548120", "0x77dcdfff", "0x71885edf"
+        },
+        {
+            "0x8c4f4bbb7adaacb5", "0x2566b7a909b24aa9", "0x44603a9089208a1", "0xad6fffbb7bfaeebd", "0xa929fc127368e61c"
+        },
+        {
+            "0x6f9ef50aafb31e8d", "0x7a93b2ccd1bbbff2", "0x6a92b00881b31e80", "0x7f9ff7ceffbbbfff", "0x150d47c67e08a17f"
+        },
+        {
+            "0x4c99e967f8de5294", "0x1f4699e0c14e6974", "0xc008960c04e4014", "0x5fdff9e7f9de7bf4", "0x53df708739903be0"
+        },
+        {
+            "0xcc55f5d6d3ea45c", "0x6805b4ddb6390c2f", "0x805145d2438040c", "0x6cc5ffddff3fac7f", "0x64c0eb80db07a873"
+        },
+        {
+            "0x90620d1a012459e7", "0x89d31098ce3fed42", "0x8042001800244942", "0x99f31d9acf3ffde7", "0x19b11d82cf1bb4a5"
+        },
+        {
+            "0xb87d1674e90a935a", "0x75ea466cbb782ac4", "0x30680664a9080240", "0xfdff567cfb7abbde", "0xcd9750185272b99e"
+        },
+        {
+            "0x1f135732240701f0", "0x6aa09a1614bf4dd4", "0xa001212040701d0", "0x7fb3df3634bf4df4", "0x75b3cd2430b84c24"
+        },
+        {
+            "0xc9a88d8300099a31", "0xdc8e91df745169ee", "0xc888818300010820", "0xddae9ddf7459fbff", "0x15261c5c7458f3df"
+        },
+        {
+            "0xc8c828d15228b562", "0x43f86cffa3d15d80", "0x40c828d102001500", "0xcbf86cfff3f9fde2", "0x8b30442ef1f9e8e2"
+        },
+        {
+            "0x41fdc0bc2009563f", "0x59dd1c417e3c07bc", "0x41dd00002008063c", "0x59fddcfd7e3d57bf", "0x1820dcfd5e355183"
+        },
+        {
+            "0x9e2f78600c3a84e7", "0xac69a0e1fe7887b0", "0x8c2920600c3884a0", "0xbe6ff8e1fe7a87f7", "0x3246d881f2420357"
+        },
+        {
+            "0xd424d1d9a955f617", "0x9608f5bde1c4d893", "0x9400d199a144d013", "0xd62cf5fde9d5fe97", "0x422c246448912e84"
+        },
+        {
+            "0x1aa8b60a0627719a", "0x5b26e6aca95f5f60", "0x1a20a60800075100", "0x5baef6aeaf7f7ffa", "0x418e50a6af782efa"
+        },
+        {
+            "0xcf5db499233fac00", "0xf33e7a29c3c33da8", "0xc31c300903032c00", "0xff7ffeb9e3ffbda8", "0x3c63ceb0e0fc91a8"
+        },
+        {
+            "0x6b47c03d576e878d", "0x2032d13574d67da4", "0x2002c03554460584", "0x6b77d13d77feffad", "0x4b75110823b8fa29"
+        },
+        {
+            "0xd47eeb3aefebf074", "0x6d7ba17a42c66b89", "0x447aa13a42c26000", "0xfd7feb7aefeffbfd", "0xb9054a40ad2d9bfd"
+        },
+        {
+            "0x33ad9c5d20b03f5c05535f20a2941c8f4ae0f1f19500759151060dce39e5dfed41ec4f",
+            "0x277401dc000fde7eda4d60a5698935f7febd8fbe49e5d6f56ca2e7f6118380d3cd655da392df3ba6c1b13dc0119af34cfa1d18a65",
+            "0x10a9841c002016480453410020041c8640c0312191006411110401082924cfa1418845",
+            "0x277401dc000fde7eda4d60a5698935f7febfbfffcdf7dff7fde2f7f7f38ba9d3cdf5ffaf9fdf7ba7d9b53de0ddfbff5dfedd1ee6f",
+            "0x277401dc000fde7eda4d60a5698935f7febeb5678c37ddf69962b2c3e389a9920591f3ac8dc66ba198a42da0cd796d1104c90662a"
+        },
+        {
+            "0xb6ea335c13111216862e370d12fb9c761a6266617f62a1904b0d7944ab3cddc71f11752ad9424b0",
+            "0xa6b380f048a9cbe45ff4ea824064c831eb03ff875e1e3e",
+            "0xa62200104028090410d480020044c831e1035285140430",
+            "0xb6ea335c13111216862e370d12fb9c761a6b7e6f7feabdbe4fff7fecaf3eddc71fb17ffafde3ebe",
+            "0xb6ea335c13111216862e370d12fb9c7610095e6e7be83d2e0ef237ec8f3a914401a14ad2aca3a8e"
+        },
+        {
+            "0x8fb9486ad1f89ca5b3f6da9f0d5ef9ec328b8cc3e5122afbd8a67bd1b2b4ab5c548b90cf9fe1933a0362922f1e84ef0",
+            "0x10615f963dffc13718ed1ecdb9cfbef33148befeb91b190dc7e7d28d8821ff248ab26a34e1b89885c643e447c72",
+            "0x6051901ca58136188d0c4cb9cc32830040a412281b180443c192848800540080820a208138000082030404c70",
+            "0x8fb9586bdffebdfff3f7daff1fdff9efbefbbdcbfffebbfbd9affff7f2bdab7dffaf9afffff5f3ba9be7d66ffec7ef2",
+            "0x8fb9580b8e6ea15a72c1c272139340238c78bd8b5bec93e0c1abbc366039237dabaf1a7df5d572829be7546cfac3282"
+        },
+        {
+            "0x10af96443b186faf790279bf3bbe0517d56ffc01e7fec8c88e765d48cc32333390224f4d762d1ba788c50801cba02524cb49",
+            "0x95d44e7344fb1701bace3ae83affbb6290bf282f7565b9a82c386823f5f213a53eccb2cfe5deb4dd040067a64ada8c1b6828599b96cc70647e7d19dc7dfba393addabe689ffbe1a36642bc9844b81c6c4c2e178",
+            "0x2c96442b084000000260ad288004028509b800c70640c080144548883032118022094d3608122408c1000181800400c148",
+            "0x95d44e7344fb1701bace3ae83affbb6290bf282f7565b9a82c386823f5f213a53ecdbaffe5dfb5dffef7f7a7dbfbbffb797d5fffd6de7fecfefdfffdfdffe3b3bffbbe6cffffe3f3fe7abcd8c4bcbe6e5e6eb79",
+            "0x95d44e7344fb1701bace3ae83affbb6290bf282f7565b9a82c386823f5f213a53ecdb836819d055bfef7f781d12937fb39550f6456d20f88f2f5feb9a97760b09ee3bc4c6b2c8372dc3a30c8c4a4a66e1e62a31"
+        },
+        {
+            "0x5fc77dab8cd9c1da8c91eb7ba9c23ce85375b61bf3b9a8c4e4df7bc917aa8a14e747888c9756a2be2fd2e256e44194ce093a0185594de0dcf8340c45b6af7dbdc7682fbef6313f9f1cb234689d9f1ff603e1273faad89d0fe1ab57fbc7c32d29dce125fafc973754464b55ae5de58a8a5661c2065b95c2c94d7ec34",
+            "0xd4a9158961d4c11258cd047eda13d6804c16c3a374b7f4115bd835bde0b5",
+            "0x1080158800548100504504649012c480480081221420641158081495e034",
+            "0x5fc77dab8cd9c1da8c91eb7ba9c23ce85375b61bf3b9a8c4e4df7bc917aa8a14e747888c9756a2be2fd2e256e44194ce093a0185594de0dcf8340c45b6af7dbdc7682fbef6313f9f1cb234689d9f1ff603e1273faad89d0fe1ab57fbc7cf6fb9dcf73dfefdb7bfd447eff5bf7de5cbee7e77cb7f5b95ffcb5ffecb5",
+            "0x5fc77dab8cd9c1da8c91eb7ba9c23ce85375b61bf3b9a8c4e4df7bc917aa8a14e747888c9756a2be2fd2e256e44194ce093a0185594de0dcf8340c45b6af7dbdc7682fbef6313f9f1cb234689d9f1ff603e1273faad89d0fe1ab57fbc7ce67b8847738b6edb2bb8401a6f49335e14be66c5689791a807f4a16a0c81"
+        },
+        {
+            "0x52cbea1f4d78445fb8f9267203f0f04bddf65b69b1acb0877143e77317f2d9679cb",
+            "0x331e156a1e1daa0039926a08ec80c2d7c1500bc435a53ebfc32fa398a3304fcd79d90725528e320add050da666b9de42b8307b",
+            "0x88421a41684412b839023200f0d00990725128a120a0805042666315e0090304b",
+            "0x331e156a1e1daa0039926a08ec80c2d7c1552ffeb5f5ffbfc7ffaf9ae7307fcf7dfddf65f69f3acbdd771dbe77b9ff6fbe79fb",
+            "0x331e156a1e1daa0039926a08ec80c2d7c155277a9451e93b86d42c0ac41070c27d64d840e41528c1d57219981188a16f2e49b0"
+        },
+        {
+            "0xbde7e20f37c3ed822555d36050240dcfb5a9a3867d149cffe78e92b95573cbdde33a8c9495148e04cafa1325aae058b4a98c50f7019de1345de6dce12436bed4b86eca2d",
+            "0xee480b4096f0c1ac565d623dd53b62dba81c507d3c8e15372396fa49de0ecf074fb0ed1785f00f8094022ff50fc436a7cbd18de8ff317c33ea9bdbd8814a7658fcd1fd10b2ed10eaf7e4c2b8f409df3c36f1f0c986a49805a9ed08bbcd603e2eec9e18",
+            "0x547a00d1781e0020014022050040406a58981846814107c238a929950014a544038809410108c00caf20000a8e00894280450f00184a01005a0cc0020042014286c8a08",
+            "0xee480b4096f0c1ac565d623dd53b62dba81c507d3c8e15372396fa49de0ecfbfeff2ef37c7fd8fa5d5d36ff52fcdffb7ebf38ffdffbdfff7ee9bfbddf3cbfffbfeddfd95b6ef14eafff7e7baf459ffbdbef1f7c99fe5bc5deffde9bffffefebeeede3d",
+            "0xee480b4096f0c1ac565d623dd53b62dba81c507d3c8e15372396fa49de0ecfbaa852e220461d8da5c1d14fa52bc9f91262720b95ebad83d46409628df281abbbc65d6985a66314200df7e71214516b95baa107c81b45ac584f31e99ffbdeea96825435"
+        },
+        {
+            "0x17ed0a1aa80542396e82ab79f6d4dda731d10f9487467fcfa5c8b501fa86488fbe268605c01beb257c9e301a42833d22965ea2ff0eda5f18427481a300a8f9aa81e76d774ea1dbed40268eca094bef627d2c206f6885fc12f71557bfda836",
+            "0x422340e8ff3b4177efa5f58111fe306aa602d8020164fa34c12acdb3de81e",
+            "0x2340604e21416540248480014a2062240000020004f810c10045b3da816",
+            "0x17ed0a1aa80542396e82ab79f6d4dda731d10f9487467fcfa5c8b501fa86488fbe268605c01beb257c9e301a42833d22965ea2ff0eda5f18427481a300a8f9aac3e76dffffbbdbffefa7ffcb19ffff6aff2ef86f69e5fe36f73fdfbfde83e",
+            "0x17ed0a1aa80542396e82ab79f6d4dda731d10f9487467fcfa5c8b501fa86488fbe268605c01beb257c9e301a42833d22965ea2ff0eda5f18427481a300a8f9aac3c42d9fb19a9a9aaf837b4b18b5df08db2ef86d69e10626363f9a0c04028"
+        },
+        {
+            "0x290796408a0b8baa742b9d466afc4958528f7976fdce50caa83ed63285f58d200e4c65842ea24c3d4a3850a1824b61d25af9d3b41b9e64407a5262a75d9efd08481cfbc339ae26b0755438894b9e2298a35ed9",
+            "0x4cb6f7935f5cc586320c6ce957f82cff774cde7d4201735a5acd22190fcb1c9c16d1887a",
+            "0x4012f193141884040008406007580cfd00481c794201220210450018094b1c0010810858",
+            "0x290796408a0b8baa742b9d466afc4958528f7976fdce50caa83ed63285f58d200e4c65842ea24c3d4a3850a1824b61defeffd3ff5fdfe6727e7eebf7fdbeff7f4cdeffc339ff7efafd76398fcb9ebe9ef3defb",
+            "0x290796408a0b8baa742b9d466afc4958528f7976fdce50caa83ed63285f58d200e4c65842ea24c3d4a3850a1824b619eec0e40eb475be272763e8bf0a5b2027f04c2868138dd7ceab87621868082be8e72d6a3"
+        },
+        {
+            "0x14e55ecb09d8c6827022df7c713c05a5d882e25782",
+            "0x2dbdb54cb6341fcea6f67cfaa5186aa0a91b9782e362cbb0dd0ef3cbc130ce0cb2ce7232c0562",
+            "0x10600e020898048060209c1000200124c002200502",
+            "0x2dbdb54cb6341fcea6f67cfaa5186aa0a91bdfd7eff2dfbcfd2ff3eff7f7dfccfadffa3ee57e2",
+            "0x2dbdb54cb6341fcea6f67cfaa5186aa0a91ad9d70fd2563cb529f1e636f7ddcce893fa1ce52e0"
+        },
+        {
+            "0x2b0dfd23fc740e1759697bcba800aa1be7df28c59fe72b9869766ac34ecb4e5d0dbc74c2cbb5f734bb8d38dab59c3f22cdc706c657839580c2793c4c7660606548c048a697db3dfbad82e695c605",
+            "0x33080f6fd52aeca572f24a98ff19b9e7327c3b951ccfd8c9a6b9bd6f7c940079e4be88178a2a6d5a2b17",
+            "0x30007249108288030900a00cd0100c612001180004918482620206548800020849a0813880264100205",
+            "0x2b0dfd23fc740e1759697bcba800aa1be7df28c59fe72b9869766ac34ecb4e5d0dbc74c2fbbdff7fffaffcfff7fe7fbaffdfbfe777ffbf95defffccdf6f9fd6f7cd448fff7ffbdffafaaefdfef17",
+            "0x2b0dfd23fc740e1759697bcba800aa1be7df28c59fe72b9869766ac34ecb4e5d0dbc74c2f8bdf85b6ea7d47fc76e75ba32debf2165ffae15deb6e485d0d9dd0a345448df7365b5ec27a88bcfed12"
+        },
+        {
+            "0xc0cc21922748d7626df1ab92b4ad4df1861050ca7de74adb92a140",
+            "0x3531a6880ccc47bc3826056efe912f3db02df9c0b6931e253ab9248f472359fe59218690f6781f35da89b8f1ff45cd5a1db9a414c9d7ec62ff5859a1572b1c1880a99aa74ebe8b12c68e791c11dd6cc0e5ed5",
+            "0xc40192054091400800898234a948b104004080410542c8020040",
+            "0x3531a6880ccc47bc3826056efe912f3db02df9c0b6931e253ab9248f472359fe59218690f6781f35da89b8f1ff45cd5a1db9a414c9d7ec6effda59a377af7e3edfbbbbaf4efedf1ae78f7dbfdffdedf9effd5",
+            "0x3531a6880ccc47bc3826056efe912f3db02df9c0b6931e253ab9248f472359fe59218690f6781f35da89b8f1ff45cd5a1db9a414c9d7ec6ef39a408323a66a3e5fb3238c046a540aa78b75bbcfa9c179cff95"
+        },
+        {
+            "0x68cbb0a526d1fa61003e12401db51090fa4649b00b7be7465d0eb18f74c86157a919",
+            "0x1ca7d6f9bc3e11d3c365af63bf9499b6c7e9c569da7361f0214b8d",
+            "0x1610001c111080600641b00019a6464904218a704060010909",
+            "0x68cbb0a526d1fa7da7fefbfc3fb5d3d3ffef6bbf9ffbf7c7fdcff9df77e9f177eb9d",
+            "0x68cbb0a526d1fa7da7e8ebfc23a4c3539fe92a0f9fe25181b4cbd85507a99176e294"
+        },
+        {
+            "0x210bef18d384992c5eb72e2b362c7296d9810f5ba9fd25e2d5648989d65095e45d1478f2a83140a0f68033a08fa3d7c392a3dc77e8e6aeba9ed76038e9e7825255fac990bf1098e6f9cba0",
+            "0xdb48641b3f63e5f1f41ff3b1578c4b190de42379d45cba03c4c6f34b1b14ea930fdff90dca53116710228e45b081fbddc9273a542e6f689642453adb91086bdb99681342113262d67f5517f2691024fe367459b01872549211067798063cc00b16c883b8cd2ffaa6d6116863f204bb23ce26c5bcdaf3e1b816dcf65ca",
+            "0x21014200d280002452a52800062c309681000113202d25e051640081024081644510008220010000660000208c00914080238c52e8a22c201686202049a20042445ac9803e108064c94180",
+            "0xdb48641b3f63e5f1f41ff3b1578c4b190de42379d45cba03c4c6f34b1b14ea930fdff90dca53116710228e45b081fbddc9273afeffef78dfd2c5fbfbf3bb6bdfb96d9b52f5baffd67f7d57faf99d65ff7e75d9f79f7ad7961b0f7f9b3e3cfa3f7ef9abbdcf7ffeeeffb9ed77f38ebf7bef27dfbcdbfbf1b99efffefea",
+            "0xdb48641b3f63e5f1f41ff3b1578c4b190de42379d45cba03c4c6f34b1b14ea930fdff90dca53116710228e45b081fbddc9252aeadfe250dfd080d1a973bb091cb0058b52e488fd04217841baf18d41f7683188f79758d7861b091f9b3c343a366af1a9850a5174cc3db88515f18a255beb039a1043f810b198b36ae6a"
+        },
+        {
+            "0x143143205d76a7287d48be24db8fbfe37c291d82e103aa05cfc172fb920f0e8cc15c47de948b964e39be34a5b8a2610198c0c5b98543e6e727be153cfff0338f229cc22f029e04f766c62988634fee1a0a16880c93e5b10bada4018b6765b54c08f5710344dbfb9e9ad5dd7914cab496b22a6",
+            "0x2d58b8b513f4bceb8300f8b978e31c163f36155e9678bb0f221ee7cbcf7262b9d53c7a395ea916218fa2478baada74f3e69df63a7be0c9554c07004f9e4d869642bbd63a9fe07138a6aef7ad14c74231cf6401c597f9b6d15c266c42c28613838609bd4f4522c9eb65fc8456acc339c641ac7d7b7bc2c48c8f2",
+            "0x100201970a308140836045a8638a30c201c82c103220089c1307a100e0804010c0246808a924431a614a4382260011040050005024486060211143a902001208482270014044220c620004107e8120014000c02c080038184018947452048086570004488c31882418c79104a8084800a2",
+            "0x2d58b8b513f4bcffb343f8fd7ee73c7f7fbe35df9ffffb7f2b1fe7ebcffa67ffd57efbbb5faf9ee1dfe7df9fabde7efbfebdf7bafbe1c9ddccc7b9cfdfefe7b7febffefffff3ff3abeeeffaf9ec7f777cf6d89e7dfffbedb5eae6cd3e7b71bafa609bf6f65b7cdebf5fd8756fffbbfded5fd7d7ffbf6d6beaf6",
+            "0x2d58b8b513f4bcffb243d8e40e44346b7788318519c758730b03652accd86776144e81ab51a79ae0d3e5991f214c3aca58a95382d981c8cd8cc2b9caddab61b1fcaeeac56fd3fe1a3a6cd8af8ac3b557094d89a6d817acdb4aae60d12737182e22083628209785e3908d87127738a75c9471046fb176523ea54"
+        },
+        {
+            "0x258e988b847b06b73462629161e28517f7b9ad7b5c19a9ad2c07f9a66f33fb2220fddb5a33b9cd5c2d63fd543efa1bef16e26b95484d70d0d7cfce28491ace0a608fb6cf9e97cb88d73c96c9150f9ef53c5e75bd68805fdce891e5935e9428ca67eba1e345148fcf2",
+            "0x1857c0e26e0476169cf804c8d5a431022cce0da75d7642a2414a900370f201f5073c7e700ff6626fbd8a104182954fa9f23a45474af5456a00e36f6a6c8162afdf7492d387a455dd8506167d5cc24e6861d7b480b1458230",
+            "0x1812c0a04000121280780040d12430020ccc05a319144082400a900360a000f10624385004d6000d3c880000808440a0003a44414874000800c16c0040816203c56412d2800455cc8106103548420c206092140011408030",
+            "0x258e988b847b06b73462629161e28517f7bdfd7f7ef9efed6dcff9eeef7bfb3222fdfbda77ffed7e2d77fd543fff3bff56f3eff748ff76f6ffdfef2c593bdefaffafb6dffebfdfdef73eb6ffb7cf9efffdff7dbd78fa5fddf8d1e5f7dfdc2ceee7fffbeb4f14dfef2",
+            "0x258e988b847b06b73462629161e28517f63cd1757af9eecc45c879eae269b83202313b80466ea9760977545409f53bf04691ac7248b216f62c176f2c51339af0ffac129bea389fde7732a03fb3c788dfc1a93c9050fa1a8130c184f48b580c2ce1f6daab4e00d7ec2"
+        },
+        {
+            "0x328edc02c67d84bf095ac048e50c2dc29cffc08184b11e4da02904be14eccd317e9f6bdd6fe2b8233e8928d65d4ad434ef8a629cae6013bfb3c54be167e16371dc6412b62c2b1213424dfb7d391cea8a7494a28576ce823d8e111994182909efba7dd3533dbbe510dab4ac5ef",
+            "0x61a1365a1226597896c514f5bb16a064f6ff6982ac91ea568daa43e473aa63867bdb628e92e97ebd4f2091",
+            "0x4121224210201020968510918a00a04042284100a801c84001884180108a63865911228a92410ca94a0081",
+            "0x328edc02c67d84bf095ac048e50c2dc29cffc08184b11e4da02904be14eccd317e9f6bdd6fe2b8233e8928d65d4ad434ef8a629cae6013bfb3c54be167e16371dc661ab76dab3277d7cdff7d7f5ffbea76dfeff7feeecb3faf79dbb43e6f3befba7ffff73dfbef97fbf4fe5ff",
+            "0x328edc02c67d84bf095ac048e50c2dc29cffc08184b11e4da02904be14eccd317e9f6bdd6fe2b8233e8928d65d4ad434ef8a629cae6013bfb3c54be167e16371dc6208a5498a3076d5c4972c76475be072dbcd73eee44b232b79c330266e3349821a6ee51552cb8731605e57e"
+        },
+        {
+            "0x37a92944b67fae733d201c024838975531bc3f748d98089eed38faed40c9463441cf48ac40e98097ce75db2bf0120ef69087a176d31d562cc99137c67e4a659cbb1298ba150aa191ced4089deee7048511de602414936af93cb2cef1b7ee801d9b75d961d33bb2958669b16193abf7b55ccfebac3a490415128dac92",
+            "0x6fb8d83d986c4604db1b9396493a0a68270806cdbcc3299a049ebe77bd6891258e6313c720fb1b30ae9c4387ba51db3325e15033d9e01d499707c138b4cf4b85032da65e9ce3aabc5effbf7003771476ff71e86f665d2d3e7578dfcbb8f08c1619f609ec147f0",
+            "0x88c811882c440490030014400a0008000804c51c822900008e2800380001218462008100780320a6184381280181102001102140801c4810004118a4024101022d824a0ce30a3c4801993001161432bb2148660214093a357855c8b8b080041040012810490",
+            "0x37a92944b67fae733d201c024838975531bc3f748d9efb9feff9feed60cdf7bd79efdbace6ebf097eeffdf3bf9b24ffff7fff7ffd35df63dfdf33ff7ff4aeddcbb7bbdbfb73aff95cffd9e9dfeff74fd13df6cf4bcd37afb7dfbcefbbfefefffff75ff71d77ff79f86fff5f3d3eff7bdfcffefacfb699f759ecdeff2",
+            "0x37a92944b67fae733d201c024838975531bc3f748d9ef3136ee17c292084f78d78abdb0ce66bf017a2ae171969b2471d77fc77ffc145b01df5e33877cd408c5883693da7a638ff84cde9969c3a7e74f902552cd0acc35823595b00cb1c2b6fe66c75ee109454458b009fd4b3404ca038a07464a4fb289b758c4ceb62"
+        },
+        {
+            "0x1ab020d8beb54c354411f3a5658b5e5e87a896d7049c5eab20a302b6e35ca98364d7edd00eb3e209dcb035fe4b6eeace4e525229bf790c67bae63821e1282712d7c624efa64b3e5ad1a73aeb1033d4cd5949d63183173632445c9f488e74cd",
+            "0x4d706a200a7a70e0b6eeef2dbdb88779dd50af16e6405c17fd2c2efb5493cf13b730207a009a14ca150042af3e6b7f05230161a10073f87a56afede3c2cfd09857f78d7913cdd966e9a2e6e6e3",
+            "0x45000000a2a20a002a6e30ca9800451cd500e12e2005c10352c0a6a40824e1212202078000210c21000402826025704200120010052d02212ab0023c0cd5008563181111200404489008664c1",
+            "0x1ab020d8beb54c354411f3a5658b5e5e87a8dff76ebc5efb70e3b6feef7dbdbbe7fffdd0afb7e649dcb7fdfe6ffffedfcf53f739bf7b0cffbeee3d21e3af3f7bffc727efe7eb3e7bf9ff7eeffdf3d6cfd9d9d7f78f7f37ffdd7effeaeef6ef",
+            "0x1ab020d8beb54c354411f3a5658b5e5e87a8dba76ebc54d15043b4580c71143be3ae3080a1a5044980a7c8d26595be5d8141e5199f030cfdae2c2d21a3871979a8c307eec7ea3e2929dd6c44fdd0160289d181c60e6e25ff9d3a76ea68922e"
+        },
+        {
+            "0x85993ec08ac960d46bcba87136f24042485c6d3e0a9973e828df60e537860d6bc83dafa7fb292beef466d0a939ab9da2b",
+            "0x4c9a310b11d6e4b4d29d7ede30fb42161fd6a58792440f416abda6df55913a8a26c35140524de5dd9519c30f19641f4f0863bfefc2ae6c89333dd77d6f688cffcbde281772cee0dac9bb0dd16b6c1d33fa7e39b2e781896dcc2b0aba3abedf1381f9f38eb210f5bd2001ea8453ceb136dc3915fabdc30709db0b1a07ec40be",
+            "0x811926c08a08601002c8803022a2004040180d1e0889210808d2000420040c6b002d83815b290820700490a1202a8402a",
+            "0x4c9a310b11d6e4b4d29d7ede30fb42161fd6a58792440f416abda6df55913a8a26c35140524de5dd9519c30f19641f4f0863bfefc2ae6c89333dd77d6f688cffcbde281772cee0dac9bb0dd16b6c1d7bfbfe39bef78dcffdfeaf1bff3ebeff97c7fbf3afb73ef7bdf60ffbfc73debdb7defb7ffabfffef4fff0b9b9ffddabf",
+            "0x4c9a310b11d6e4b4d29d7ede30fb42161fd6a58792440f416abda6df55913a8a26c35140524de5dd9519c30f19641f4f0863bfefc2ae6c89333dd77d6f688cffcbde281772cee0dac9bb0dd16b6c156a6992311e718ccfd176ac19d51ebafb96472a1327252e7730d60fb9fc33180db506c36a482f7de84fb601899d559a95"
+        },
+        {
+            "0x4d9f3e8aae22123e382e7835d3d9d7e944a5c81cab3415fda40d0ec8fde8a50d8b21b2298f83a65bbdb10d120d302d8db4e9807715be0e",
+            "0x4dacc1a6f2cecd4179556cbbdfe1cedbc952de5232ff1fe1ae9c0c3bbfcd9087e4ed5bcd1f8c289b1456ef032d888",
+            "0xa48104308c4c004854008a93414eda4050cc02128a10c0a2180018b8080083c00051001300089b0410070109808",
+            "0x4d9f3e8aae22123e3cfefc3ffffdfffd57b5dedfbffe1dfdbc9d2fedffeff5ff9be9f2ebbfffff5bffffddbeddf8ef8db5edeef737fe8e",
+            "0x4d9f3e8aae22123e3cf4b42fbcf53b3d53309ed716ca09101898232ddec754f391c872ea347f7f53c3ffd8aedcc8ef0405acee87276686"
+        },
+        {
+            "0x28d61d5ca1f56b4d3134009f478b17ac208a5b559d9c3726a7a16919e3b12ec6d61a142dc04d834141a9a4",
+            "0xb444947aba00d50e10326ebea7a2618a10144dde07c15c685d4785eae16d232eb741bc2a09b7cf794a33ed3598803ad61af",
+            "0xc00104a1e06a041020000445801404008050501c8c160222a16019c2a00a44d610002cc04980010121a4",
+            "0xb444947aba00d78f71f7eebff7b6f39b501dfdfeb7fbde68fdf7ddfbe37f6b7eb7d1be3b1bffef79eb73fd35d8b43ede9af",
+            "0xb444947aba00d78371e7a4a1f116b299501db9a6b6bb9e60f8f2dc33221f4954a1d022111b5ba218eb71313140b42ecc80b"
+        },
+        {
+            "0x1b9a0b9c87fa234d05d06e18171cce3f8fc4adf7f75a402c4c5a281f46e714b96badab2184546aa11a7be482616cbb973da00e329628d3e692b69b43d34391884d87fcd64e2339fbb30044a370fffde97a128d1e5",
+            "0x7d641e556550c3ddb89ee553cbc0d8d92cdaec6519a2ff3bd792e0b309c24cb49056fb219ef4dfb2a72e76ac7df3407a44e55af5689e9c85c87e74d542dfb445f56a0a518c",
+            "0x78640a55655080008084a001c0405049049ac8201800462a1182a000000248b01052002108608d32212a60a43d30001804c05ac56082108588300440020fb4449520085184",
+            "0x1b9a0b9c87fa234d05d06e18171cce3fdfc5edf7f75e7dffcdfe7d3ffeef9dbbefafef719e7ffbbd7b7fefb2fd6cfbdf3defbe3bff6dfbeef2f7fbc7df7797ac4fd7ffd6cfebf9ffb7e74df77dfffdff7eb2ad1ed",
+            "0x1b9a0b9c87fa234d05d06e18171cce38598548a1a2567df7c5b47d23faea992ba6036d701e7b991c6355efb2fd4870de38cfbc2b796528cce051f1840c77962c03d25380c7caf1a734e709f75d04b9b62cb228069"
+        },
+        {
+            "0x142cd4c71f04927a526ca430e542cd9432860",
+            "0x1337869f6c145daf15b226485ef3c48b8037bf7cb2cc9834153b90f55d4217a5e4a9ea133",
+            "0x142c90c41804103a106404000500c48022020",
+            "0x1337869f6c145daf15b226485ef3c48b8037bf7cf6cf9f34977bd2fdfd72f7e7edbdfa973",
+            "0x1337869f6c145daf15b226485ef3c48b8037ab50660b87308741c299f972f2e7293dd8953"
+        },
+        {
+            "0x4f517f63e95a08284faaf4d4a290c334fc5d039e386727ddbb5d0a6d5fbb5540e97767023d60bedd158ed25051a6c56",
+            "0x9e2c9c6d2e3be2ad25733871aeba4ba64081294478f936f9c4fc45ada6bb2c098c98f21e709a88995cc3b0cf7e693f8e73f58f8f4735c81e8421182fc15426174f3b6da7b493135c",
+            "0x4f405a4269120008498a20c400808114cc190096200320c53b5808645318014040110200154020541186d2504120054",
+            "0x9e2c9c6d2e3be2ad25733871aeba4ba64081294478f936f9c4fd57ffbebfac8b8cfaff5f7abb8cbb5fc7f0ffffef7ffffbf5dfafd7fffd5e8eb77e7fe3d62fffdf7beda7b59b7f5e",
+            "0x9e2c9c6d2e3be2ad25733871aeba4ba64081294478f936f9c009525b982e8c8b08625d533ab384aa130660f69def4df3a8405f2992ce7d4a8ab66e5fe2822dfa9e638082b1897f0a"
+        },
+        {
+            "0x1713f8f439c07e35b741ec9b0bca80149a7ef129c73c23c34b4515d29dc7dec711007fa395ced70f3bebc6d229edb75bf04231f2414e0a826f3edae4edcf770d59650cc252c6a2eff07fda9baa70938085d1e15144a451d26304d8f3df2406b8eb40f4fae3666780d2e54cd93a5f17439a4d3656dc5d48",
+            "0x328df4b64b0bd0fbea359666904ea4aa215b03727a70bda853b6cf612b12c3d56ee93b003bd00a7b9c1d6755f580b467deba33bf7f33da4c37fffe79e73e4381ad4bf1306d1b58f5eb276cae813d6f9153d1294c51098d37b3b80154da",
+            "0x108094864a0310006a219446900e20aa005201603250b00011b241400a0243144ae02900330008610c004244a080b067da9a22301300804021514420411243008843d12004184840e02260260100428140d1284c110188053210005448",
+            "0x1713f8f439c07e35b741ec9b0bca80149a7ef129c73c23c34b4537dffdf7dfcfd1fbffb797eed74fbfebe7db2bffff7bfdea73f6cf6f2b92effffeedffcf7fdd5b7f9cdf77d7f7eff47fdebbbbffffb3dfddf7fffefdf7fe6385fdfbff346fbbfbf5ffffefeee7bdfff55fd93b5f574b9f7fb7fedd5dda",
+            "0x1713f8f439c07e35b741ec9b0bca80149a7ef129c73c23c34b45275f697195ccc1fb959603a847419f41e7892a9fcd2b4dea62448e2f2190acebb40dd6cf4cdd531e90df3593576f4418042199cfecb35f9dd6aebaddb6ec208575b82e146ba3b3b51fdd8fc8e6bdbd741f081313464a177a85eedd0992"
+        },
+        {
+            "0x68bc9c8f8257c6c88c0b2d46defc4539748fb906140acbf1a68820d1748bfc13ec84619f2b495d1ce74e0ca441a246497",
+            "0x2d30db90794c4b611858b19c973ea865904346738291751ba5fccc5cbf02c09876aca6bf23289174f545ad8039e0fbcefe359521dfc9681a7715e672fdc23cc446c7900851d2ed09568729c88bf9653c63f7e229893f31059e8b51924a54968d44e5bb26decae3159ce786d9b3a1454c6d6cb8108d22bd5111d2cc7eddb",
+            "0x68241c03824200880c0105068a50000854868904040a02d0828000906482d813a004400d2808100c220c0000408046493",
+            "0x2d30db90794c4b611858b19c973ea865904346738291751ba5fccc5cbf02c09876aca6bf23289174f545ad8039e0fbcefe359521dfc9681a7715e672fdc23cc446c7900851d2ed09568729c88bf9fdbceff7f7efc9bf3b2ddedffdd77b749fbd46f5bbefffeeeb35ddf78ffdb3edc56dff6ff95d9de7ff5db5d3ee7eddf",
+            "0x2d30db90794c4b611858b19c973ea865904346738291751ba5fccc5cbf02c09876aca6bf23289174f545ad8039e0fbcefe359521dfc9681a7715e672fdc23cc446c7900851d2ed09568729c88b91d9a0ec75b5ef41b33a28d855add77320193442f1b1ed2f6c6b354d930d25a04dc12df247f14d91c5f35db5936e3894c"
+        },
+        {
+            "0x6eef644a36b1e052a413160909a537f81d46b2d330981f507d84737065541b5bb5faebfa8491dcd0347fbe498a501e254b91f6d82d6771a69d0aee5a490e2a44a8ba4f5da963d70b486f36f4a65f372a6a60522cac6e6a01d1a2da8743d5381",
+            "0x391d108a0ba169bb746b3d5816fa985288c230bdde7e3b8433f8d595b63f08a90448923f30926960cf736be42e377b087e68848af89d80d95122b942b0162153d9d665c0e3508d8a25c8862c0bb7ad4f00e4b1213326f5ce32433df12cb9",
+            "0x3004000a0a01280130601018127a8050080030098074038003300415003508090408800910800140cb6008a4002250081e688082701800d00020a000a004000380d4408021508482214802240332a406002080002220150a200034310081",
+            "0x6eeff5db3eb1fa56bfb756bbdda57ff99d6ebef33bddfff3fdc77ffd7d5f7bfbbffaeffba7f3ddf6b67fff7fbe52ff77fb97f6d86deff9fe9d9ffe7bdd2f2b66bdbfdf7ffd6ff70bd8ef7efce6dfbf7afef05e6fbe7f7a6fdde3feb7dfd7fb9",
+            "0x6eecf59b3e115a443fa450badc245851986e3ef03b45f8b3c5c74cfd3c0f78ab3f6aaf73a762d5f6a273497f3412fd52fb16105065c8f87e909ffc71dd252b26bd87d23bf56de20390cd6a7cc49f8c50be905c67be7d586e8d41feb49cc7f38"
+        },
+        {
+            "0xa210334e6ffbec2fcfa42021075f84222c7",
+            "0x181b940df674ffa93b3346264fed88e40b8d8f252487bc1f2cb4c3284fa17145d2cd0c77102fc177898e53fb12c40525aeb017a57661a80a268f27b4c78cbb4bae0e96ed0065e32bc7dcb01be9cc4e6bd5db5e453e94855cb2d1d3f86e8218fe55035102fc10901add0eb539089af",
+            "0x821032440351002c0080000106150000087",
+            "0x181b940df674ffa93b3346264fed88e40b8d8f252487bc1f2cb4c3284fa17145d2cd0c77102fc177898e53fb12c40525aeb017a57661a80a268f27b4c78cbb4bae0e96ed0065e32bc7dcb01be9cc4e6bd5db5e453e94855cb2d1d3f86ea218ff5f6ffbeeffdfb43afd0fffbd2abef",
+            "0x181b940df674ffa93b3346264fed88e40b8d8f252487bc1f2cb4c3284fa17145d2cd0c77102fc177898e53fb12c40525aeb017a57661a80a268f27b4c78cbb4bae0e96ed0065e32bc7dcb01be9cc4e6bd5db5e453e94855cb2d1d3f86e2008cd1b6caaeed3df343afc09eabd2ab68"
+        },
+        {
+            "0x2db0666cd0edeeab9e46e5b729521be3ece0714ffeefe18cd1b8b0f17e04c51b0d79fc6d428c22b9af63756",
+            "0x1c1d5f18453c10d365065465c676fb8b58cb436b88660a0e19c350feb1f6954caf029a43a3e59bb35ce0bdbf80a7b8ff4b4f5d7d133bd244df8813e9695b1a6af9cea293e5da9ce4f8e1035fc8ce4ca62ecbec89e89fe25053e4153899415f61c41fcb412f13b58ac70fb84077831497f",
+            "0x8906468c0014e888e44a426094009e08ce05043e4052088411820c01e00410b01318845028800318300156",
+            "0x1c1d5f18453c10d365065465c676fb8b58cb436b88660a0e19c350feb1f6954caf029a43a3e59bb35ce0bdbf80a7b8ff4b4f5d7d133bd244df8813e9695b1a6af9cea293e5ffbce6fcf1efffebde4ee7bfebfe9bebffe2715ffefff99dd1fff1f57fcfc53f1ffdfeef4fbc62ffaf77f7f",
+            "0x1c1d5f18453c10d365065465c676fb8b58cb436b88660a0e19c350feb1f6954caf029a43a3e59bb35ce0bdbf80a7b8ff4b4f5d7d133bd244df8813e9695b1a6af9cea293e5f72c829431eeb163500a4399e2be920b7302211c1afad91590e7d13561cf84341ecc76aa4d3462ce2c77e29"
+        },
+        {
+            "0x33de1dc3fc5d6eeb5cbca27cc816a3727d1f9188400ea6b2c2799a40f7e611770b45cac7ed49fc0b66a46fcaf2393c0e03741bd08d26308fce62b0c56fbe44cb0949990bc3d4e5919ee1706dce518d6a06e865bdc26e761ef6723241b33583262bc4365103ba49dd17c0",
+            "0x148a80223564208532d09dd94cf189921325cad8f2a6a32568e36b2007f00866ce0c8e59034cac999f915817492737af76413832e2c4e840627b91b54766a1555e91b87b2692df16c41161184ac9a124d59aad5c06b1a61892cf5c0cd6cc628f764a161f1bdd6546cb51a1510eef5ddfbd",
+            "0x1121081d84c608910102048c812a222250881080006a00042480800510200240905804005492403262441083220040800601b9085062081444290806b2600cb004011010040c18104c1102d4c0081220080451c00464402867202001311812402c01001010a495d1780",
+            "0x148a8022356420b7fedddffd5dffebdebfa7fed8f6a7f37d7ff3eb600ff6bae6ff9eceffe75dff9bdfdbdfff49ff3feff66ffaf2fbfcee43767bd1bd6776afdf7eb1fd7fbed6df1fcd996bdbdeedb1bef5faedde57bdee1efaeffdcefefe7eff767a57bf3fdf676fcf77f153beefdddffd",
+            "0x148a8022356420b6eccd5e25119f62ceaf87b610e405d1587772e3600956baa4b796ceaee55ddb92da5b9ffa00db3cc9d22ef2c0dbf8e6431660413861562e9b3c217d1498d6141f8d886adb9e2c30ba34eac092573ccc1e7aaae1ceb8ba7c79047857ac2e5e436d0f67f052b4a680c87d"
+        },
+        {
+            "0x683d881de1820ee9fbb71ccd74fd10e3a9ce71bd132955b9e9840d9259275498d2fae81b112416f37e9af907c319657d5d81623462b98d93818a23751a2196de6dd7c18e05960",
+            "0xa9a2ae43423e6c78cc59ceba6601f6d85397527c462767dceeb1ebc6ad425fb2810a2b7525",
+            "0xa880a002402e24688c104c300601d4d81203422800012018a2314182094046900008205120",
+            "0x683d881de1820ee9fbb71ccd74fd10e3a9ce71bd132955b9e9840d9259275498d2fafa3bf53437f7ff9efd9febbf657f7d857b7567fdeff7fdceeb7fbe6bd6ffffffd1aeb7d65",
+            "0x683d881de1820ee9fbb71ccd74fd10e3a9ce71bd132955b9e9840d9259275498d2f07231f5103515b9163c9b28bf056230045b41457defe5fc44c86ba64b42fb96ffd12cb2c45"
+        },
+        {
+            "0xa827c5e2bd4293ed726065b32cac5c18d9df68b18300848f23f98c22fecd6b9fe7ed38a5adedd78f8dfe975d85c171f62b766947d7cd3d2ed3be52b50b792c0d6bb2701e28f22674a092e5ee0ec89bcd52680c6ae673a",
+            "0x1deac63a0a7ae71db949662f05aafcefed47a6c6dd5819dc82d250d978001903a1f19e1b8b44e76bd5899884bb97121fa13a63c33822314a486d29b59b66f141fd64af3414a3ea6bdca9b4362e704c744e8a12c1ab736636ca3aa9da4b75795f1a",
+            "0x202040a28c429068606045810c880c00099700018000040921b88402768d48998049382121e813860c328201048000d20b502047140d140ad30042340239080943226004004020202012a52602488388102004428471a",
+            "0x1deac63a0a7ae71db9496eaf7dfeffffed7ff7e6df5b3bdec7d3ddddfe8b1933a9f9fe3f9bc6efefd7b9fefefb9f5adffd7afbdff977f95e5f7f6bb7fff6fd7dfff6ef3ff5abfaffdee9f6bf2f71eeff6eef5ac9af7fe6fecbbefdfecbf7ff7f3a",
+            "0x1deac63a0a7ae71db9496cad79f4d73bc47971e0db032b164713dd448e8b0133a9b96c241386c887033066fa681d48c17c429b1cd157e9165f724b02fdf28c3d2eb6420ff188badc4e69628d0971aefb6ced58c8852d86da43867cfccbb3d73820"
+        },
+        {
+            "0x1cc981657c8a20f5c777fc1df0e3cde0b23d434e043732dcaaa0758e009a8d1bf8591ff8db693d676eff2c39645b79c06b510ac22b1b47551eb728aa9404c24f2a6dee6bbdf2276759786f4116d21f4009dd6fb8e277976668bd021effecc797ca23682b97dbdffb93333834b8bb8fb68e922f42e3c00111",
+            "0x1e52f1e05fbedda88873e9984a7a19bfbfbe9ea43e30588f46317b5cadc8eb02d255875f1dde872476d05dec1164e46c7fcf3fd718fff34a80d4c6e951d10f6ae0225d00e3953e99e",
+            "0x61010a002b094200063608808400824b2a69ea43a10000644110254014821000015865b0c060124668050200164c4687c823682187db14a801002814181086a60200000221400110",
+            "0x1cc981657c8a20f5c777fc1df0e3cde0b23d434e043732dcaaa0758e009a8d1bf8591ff8db693d676eff2c39645b79c1ef7f1ec7fbffdfdd9fbfb9aeb7a5dbfffbedee6bfff7aff77b7fffcbdedebf6d2ddd7ff9fffff7676dbddedfffeec7d7fef3fd7b9ffffffb9f7f7eb5bdbbffbe8eb7ff4efbd3e99f",
+            "0x1cc981657c8a20f5c777fc1df0e3cde0b23d434e043732dcaaa0758e009a8d1bf8591ff8db693d676eff2c39645b79c18e7e14c7d0f69ddd9989b12e33a559b4d18404285ef7af933a6fda8bca5caf6d2c851a493f9fe52105b8dcdfe9a2815036d0955a1824eb539e7f56a1a5ab79188cb7ff4cda93e88f"
+        },
+        {
+            "0xb77c8e0971a4f32bc9539c14b542ed2fa08e87560981cbdca4ccf4f7cc04fe7546a4a7eebe2592d131329fd591f66728a4179e",
+            "0x2fb77bc1694a8265e74ee9f41672fc681d72ea8eb65ef5807bcba4bc52ef9e381a4e4315a771497e506b734def1ca93dd519fe9e6944dd782380dff70b72798c",
+            "0x327c080970a08222485180108100ac02a08e0012080101842048745048004c6504a025c4182492410010180180d6670820118c",
+            "0x2fb77bc1694a8265e74ee9f416f7fcee1d73eeffbfdff79c7fffe6fd7fef9ebf5e4fc3dffff5cdfef7ef77ffff5eadbfffbfff9ef975fffff791fff72bf67f9e",
+            "0x2fb77bc1694a8265e74ee9f416c580e614034e7d9d97a61c6f7ee6517d4f10bf4c47c2de7bd5858aa7a777b39a5a0d9a3ba7db0cb875efe7f611299023d66e12"
+        },
+        {
+            "0x89a0fbe80f4c622f45f4f7a15d8dc23bff17d939349f39cffa643af024db78243fc46c7948ab14ea12595e8a6cf2196ed4f353d9b1b8834b96fb61073301b99af019f042b2215e8cd5f31cf65123dab47d6b697a",
+            "0xc2b6f7a999af54a94c156f771b995b528",
+            "0x22215a8890f108944102d23039012128",
+            "0x89a0fbe80f4c622f45f4f7a15d8dc23bff17d939349f39cffa643af024db78243fc46c7948ab14ea12595e8a6cf2196ed4f353d9b1b8834b96fb61073301b99af019f04ebb6f7e9ddff75ef6d177fff5fdfffd7a",
+            "0x89a0fbe80f4c622f45f4f7a15d8dc23bff17d939349f39cffa643af024db78243fc46c7948ab14ea12595e8a6cf2196ed4f353d9b1b8834b96fb61073301b99af019f04e994e24154f06566290752dc5c4fedc52"
+        },
+        {
+            "0x61cc2de53fe06a0381ce0dc4999795469453324c9036484632c257f02dddee71188198ed649bbe9ddae347178970bfbd3f1f28a787ee407a433f8473ba4fb77940227b769c9d555a8a70917ecfd038f80da4c6d5dc7211cc468c69a2275cfc119f145d2887543bbeb24",
+            "0x117135d192a9645062d1be59a1f8b151692159285e5877a0ae304521ad800f51fbba812d038e053cb79578c70cd34248a2b4026533bb961add83d9362893b74ce01695861c82b6f94f181feb4a957875c74cf1e7fe48dcc5196bf1214cc564f599168bf2fee1a07e617cfac992443fcdb28247",
+            "0x1c408050b000202018205c4811200420452124800340802200250302051ca71108010cd24008a09402243138960ad983d13208103644000411800402a4f947100223020148554508a1011648dc010900d0004c454421180408c29a20204e4118f04192003541b28204",
+            "0x117135d192a9645062d7bedbfffbff57e9395de8de59fff9fe794533adc90f75fffbad2d7f8eddfef795f8df8ed74bfbebfdae7573fb971bffd3f9f6aafbffece7b6b7fe5fbbb6fb7f9c1feffffdf9f5d7ecf7efffecfdc79febfb6d6ddde7f59dd6ebf6fee3f5ffe17dfbcdd2cc7fcfbbeb67",
+            "0x117135d192a9645062d7a29b7fab4f57c91945c88211eed9fa59001289490c357fd9ad087c8cd8e25084f0de82050bf34b69ac5142c30111265028c4a2ebc9a8e7b2a67e5bb91202388c1dccfdfcb1a092e456eee9a421c696eb2b6d2198a3d485d2e33464c3d5b1a0650b8c40cc4a8e096963"
+        },
+        {
+            "0x1af3ce2ba6101f661c52430ae7280e3491d8d044a6621c3ef348c4e6e45fc6dfc91ec46b27214a9ebff52a0922fdebf1e895cd7cc4f428c64b7b3c4711b53f1f04f25b2f63ba70f281f52cb8149509f1ad38156397556eedf9e5c72388364cdba9112913",
+            "0x5c5811bd255dad9049ec956e6eeaa95895e56e1c5c03cbfe24ae065ac3f528fda51a966771d288dfe3aab7611232e6f6bde10cf0d97620ebde6370ab24dbdecd4d7783c05cc8579517951049f16b26cf1612f6344a669d93ac990a997dfb5180a07a75f6a20dc110fd5547e744cfe0b348cc1786d8c7f587dc83fd9e8fdb9",
+            "0xa00e02861011200452010885280a201010000426621c10c3088462041dc61708124429240042183c050801205169510095043044f02006434024411130091000925b25000a00a201602098100501502c30046203140cc1786584230834481b89002911",
+            "0x5c5811bd255dad9049ec956e6eeaa95895e56e1c5c03cbfe24ae07fffff7bafda5fef7e775f2aeffe3ebff7d9f36eef6bde3eff4dd7e6eeffe6ffcbbecdffeff5dffebff5ee8d7bfdfbf1ec9fdffeecf569ef6b7fbe6fd9bfff9fadf7dfbf7bba77f7dfff2cfc159fddf5ff7c5dff9f75eeedf9edcf7fd87fccfff9f9fdbb",
+            "0x5c5811bd255dad9049ec956e6eeaa95895e56e1c5c03cbfe24ae07f5ff17929ca4ecf7a255e226ad6349fe7c9f36ac909c22e3c455384eae220e8c3ac89d6cbf59de683f0e68c5bac92a0ec0adbcea80549e9283f9a2ec88ff68fad65849a7bb07755de9f0c64059adca5d34c599d9c61e22c81884b5cd04b84e470f9d4aa"
+        },
+        {
+            "0xcd10bb69c381582eff7391a446db73312e738c6978564b350ca88e09cad650ef89dfb4cb00831c41d4739e957fdac00124348c91183da60b8f12dd3e349cad8b8d752fd9ea5613b1a41818032e0a2f2030790009a4fe9cdca54f96402b143e",
+            "0x7c4f944973a8882522976043833419c2c15b1531af1207b40092dd1e3c123a4cf06370c3111b",
+            "0x104d140010a888052007404202101180001801200a020030000009043c10180440024003101a",
+            "0xcd10bb69c381582eff7391a446db73312e738c6978564b350ca88e09cad650ef89dfb4cb00831c41d4739e957fdac00124348c91183da60b8f7edfbe7dffad8bad77bff9ebd737b9e6d95b173faf3f27b47992ddbefe9efeedfff770eb153f",
+            "0xcd10bb69c381582eff7391a446db73312e738c6978564b350ca88e09cad650ef89dfb4cb00831c41d4739e957fdac00124348c91183da60b8f6e92aa7def0503a857b8b9a9d527a866d943161fa53d27847992d4bac28ee6e9bff530e80525"
+        },
+        {
+            "0x1cdc2579b3f1727c03a0f733c6a1a50025c8b51640ed21fb0e700f873d35c83797a14",
+            "0xe3e7298d39a9c7cd225125b1a01505e3d9ca63f8b494e4d7218b10e8bddc06984bbbe43e263f30f6a92a9d7",
+            "0x10042120110162580220f03084a085000100a0144004004b0a600e063d30c02102814",
+            "0xe3e7298d39a9c7cd225dfdb5f9b7f5f3fdcbe3ffb7d6e5f721afd8fdbfdcefb9fbbff43fa73f35febfbfbd7",
+            "0xe3e7298d39a9c7cd224df994d9a6f491a5c9c30f8752457221aed85dab9cebb9b0b59431a102053e9ebd3c3"
+        },
+        {
+            "0x3ac7a7062a50d421ec7b732acfeafd988b5fe95661d371a7f2fdb5b9c1d37e304dd3a0dfcb995e9f99e1b86696b54df83fcd4e87764ffe27fbbd785875c31993f20f4628df79cbaeb50c3dfd132e20935f33ee0276c23f445dff5a075a8198907c1e248787fb28c44495d2e2ed677832432eeda5026afb91467cef4b8",
+            "0x12659e0b26181845981459681797ab57a50c5b4a34882e973f884d99c1e89c0457b99c9445be077039c60cffa057c608594d38423730d3eae76e8a8db6f946877e90bfecde4aaa320128ef3811cd31c3834e66fa7a61d1454778bf82781c091ae5fd348fd903d85116f83f331d84edaa925d1d65b0b30c1b7c6c69da380",
+            "0x20860306081044000459600287aa5580085b481400021127804d9181c0900410099080458a0150198000b820168408580d0842073043ea276a88081071420112900f44084a280200200c3811012000834e22ea0260c0054458bf0200180118807c14048103d800044015120084652812410c65a002081b104468ca080",
+            "0x127fdfaf263a58d5b9fc7b7b3fdfebffbd8f5feb76e9fff7bffafdbdf9e9df7e77fddfb4dfff9f7ebfdfedffe6d7f74df97ffd4eb776dffee7ffbffdfefdc79ffff2bfeefedffbfbafbdef3dfddf3fe3935f77fe7a77d37f477dffda7f5e899af5fd3eafdf87fb79d6fcbff3ffedeffab25f3fedb5b36efbfd6e7dff7b8",
+            "0x125f59ac20324891b9f8221b3d5841aa3d8704a362e9fde6987ab02c78294f7a67f44f349a759e2ea65fed47c6c17345a172f50cb0469c14c09537f5ee8c859eed62b0aaf695d3f9af9de305ecde1fe3101155147817137a032540d87f46888275812aab5e842379d2bcaae1ff698ad2a01e338815b166e0ed2a1535738"
+        },
+        {
+            "0x39d2210d760b098917fd1293f0708ed6ffcd7686a4041e774a0f52e808524d686429da6774dd45dcf69abb4a7a48116d71f8e38074196cddf128b041a28cdc1e12cf755c7",
+            "0x59d65c9b948dab08f5c3604fb8b4d15085e4ae6ea8e762bbcceb904b3d9b5837977c4c9f2b9e9f3f8c6babd3b5e846ed8bdad898648bc4f8ccbea95d7a9cf5fd694e6b1a176058fbb30257aafa296741ab7181398c43a264a94972c08b4a5c56807a5f06b5b88eb420df822b43c43b400d0",
+            "0x284221095208080003c41080b0200c529cc5740004001a17400852a000520868202140237081018c42822008484000094058428070190495b008b00082800802000b400c0",
+            "0x59d65c9b948dab08f5c3604fb8b4d15085e4ae6ea8e762bbcceb904b3d9b5837977c4c9f2b9e9f3f8c6babd3b5f9d6ed8ffedb99ed9ffdfadffef9dffefffdffefee6f1e776a5ffbfb0a57effa6d6fdbef75dd7ddcf7baffeb7b7ad1ef7bfcf7807e5f6efdf9aeb461ff8eff5fd6ff755d7",
+            "0x59d65c9b948dab08f5c3604fb8b4d15085e4ae6ea8e762bbcceb904b3d9b5837977c4c9f2b9e9f3f8c6babd3b5d194cc86acd391ed9c39ea5f4ed9d3ac63388befea6f04602a57a95b0a05e7924d4e9bcc055c7c50b538dfe3333ad1e63ba4b5000e466a6849a604617d0ef75dd6f435517"
+        },
+        {
+            "0xcf08fe64414998cc59938913e660f0f9b221f459cd8e04126cf902d0b6cea0edc26164b9d84e9ce7dfe058c1fe0fb452848616368c3",
+            "0x234286d14c1098ea9fd7f83508641ef3288da679fce09dd1359514ebf0dbcdc73b8f7f6171762d3d5df6492591c9386",
+            "0x4000910810806090d1b02100400c820000247900c094c0208500616099c84618875f6050402c0d145200041000082",
+            "0xcf08fe644149bbcedfd3cd13feeafffffa35fc7ddfff2c9feef9fef0bfdfb5fdd6ebf4fbddcfbfefffe179f7ff3ffdf6cda797ffbc7",
+            "0xcf08fe644149bb8edf42c5037e8a6f2e4a14fc3dd37d2c9fca80fe302b1f9578d68a94621589a768a08129b7d332e9a4cda387ffb45"
+        },
+        {
+            "0x343e32e61b86c0c7cc895cf233ea3d5b5ad65435c1f87e034b59788a9af14ffae9249f1f3cfe0789abbe8edc8ce",
+            "0x63f7afb1dcebc9d65f9d468754ea558119988cb7d85e427003f2c1d9b360d2c75b97c1308ee3a7b5901044c6353e14f3e6b54a2ead64acdf914c6f7b6d4ed3205abdc78aa7bb47d548607b4ffe1db7331aac39c8bc7fcfd62238467352656a3ad04a423",
+            "0x241e10440b024046c00058b0038a251b42d4402041487e010311188818c00c7ac9040218047202012a3a8048002",
+            "0x63f7afb1dcebc9d65f9d468754ea558119988cb7d85e427003f2c1d9b360d2c75b97c1308ee3a7b5901044c6353e14f3e6b54a2ead64bcffb3ee7fffedcfdfa95efff7eabffb5fd75c75fbfffe1fff7b7aaebbf9ffffeff6bf3f7eff57edebbededecef",
+            "0x63f7afb1dcebc9d65f9d468754ea558119988cb7d85e427003f2c1d9b360d2c75b97c1308ee3a7b5901044c6353e14f3e6b54a2ead6498e1a3aa74fdad891fa9064ff4609ae01d031c55bab7801efc6a6226a339f38526f2bd277a8d55ecc1845e96ced"
+        },
+        {
+            "0x981ba5db1da1fe952887e32cd21d51ba024022c8d837ec00f9772a111f87644012cee4a01f66d09ef168ebdfb91232e9e8f65d63ee7e6e050ae9707e7b15df4f8037b0d8d427f32429a45312a24081ed5a9c8ec22358f3621c961349638f30e049d00d513901fe065d5364f4cfca93f14a2b1b",
+            "0x1ba08accd8474ea8d9dc2f10d3c2c2edcbf9c3a909ab45",
+            "0x38000c048400c0019002e00514240e4cbc883a1082b01",
+            "0x981ba5db1da1fe952887e32cd21d51ba024022c8d837ec00f9772a111f87644012cee4a01f66d09ef168ebdfb91232e9e8f65d63ee7e6e050ae9707e7b15df4f8037b0d8d427f32429a45312a24081ed5a9c8ec22358f3621c9613497bafbaecd9d74ff9f9ddff16dfd3e6fdcffbd3f94bab5f",
+            "0x981ba5db1da1fe952887e32cd21d51ba024022c8d837ec00f9772a111f87644012cee4a01f66d09ef168ebdfb91232e9e8f65d63ee7e6e050ae9707e7b15df4f8037b0d8d427f32429a45312a24081ed5a9c8ec22358f3621c961349782fba2c919743f9e0ddd1168e91a6190433505843805e"
+        },
+        {
+            "0x1d9992a4fce731fe937e70ec9efba437b1efa9e5459e3145f8c9142c6988eca9a61273750bcc1f00a64b32bab5a3a4c89858231f4fedce7a73bcc7285bbd18b328ccc298919f5511e973cd124f7e1c3912d52f4593c676f1c3f87a521",
+            "0x6e195204da93bdade43f0622217647326502417d70305d050d988",
+            "0x421810045011a921c412062200300210250001447030410008100",
+            "0x1d9992a4fce731fe937e70ec9efba437b1efa9e5459e3145f8c9142c6988eca9a61273750bcc1f00a64b32bab5a3a4c89858231f4fedce7a73bcc7285bbd18b328ccee99d39fdf93fdffed3f4f7e3d7f57f76f47d3ff76f1dffd7fda9",
+            "0x1d9992a4fce731fe937e70ec9efba437b1efa9e5459e3145f8c9142c6988eca9a61273750bcc1f00a64b32bab5a3a4c89858231f4fedce7a73bcc7285bbd18b328ccac81c39b8f8254de292d495c3d4f55e74a47d2bb06c19efd77ca9"
+        },
+        {
+            "0x123b8aaf5660144d596f10574b4c232f267222596831",
+            "0x10ab460448ce805f18a3c1d64fc8cc0c02b2cd5f860d462e33602f09fd131e5468c86997e5a033729b2a03d3c284ee0111488ea",
+            "0x1021028c0600144801270012000c2028066000100820",
+            "0x10ab460448ce805f18a3c1d64fc8cc0c02b2cd5f860d462e33602f09fd133ffceafd6f97e5f5b7f39f7eb7d3f2f6ef2335de8fb",
+            "0x10ab460448ce805f18a3c1d64fc8cc0c02b2cd5f860d462e33602f09fd123decc23d0f96a175a5839e5eb711f076892334de0db"
+        },
+        {
+            "0x17529608c59c36277d9e89f9b275032e62ab42b4dc006f1943e12b088c36657b02937109db797e2fbb83c984f507841be083c5e36dd04a8b7d3",
+            "0x1d556659e3b765044e08b1f7879bf057ef",
+            "0x1814004940304104080810368500a017c3",
+            "0x17529608c59c36277d9e89f9b275032e62ab42b4dc006f1943e12b088c36657b02937109db797e2fbbd7dfe5ff3ff65be4e3cfff7df9ff8f7ff",
+            "0x17529608c59c36277d9e89f9b275032e62ab42b4dc006f1943e12b088c36657b02937109db797e2fba569fe16b3cf24ba4634efc15a9f58e03c"
+        },
+        {
+            "0x23ed0547893da2de2673832f9e6d988ce38c44a47495c1e0a714eb2f18ec455157cc20ea9da75cdcb0c4e9afa546efb3650b7e5cb7e659359d17fe79d2d5116bcd6c5cca45e0719d063e7df33f6788e5c6bd77c114340748cf553c5aa4992076953c4904181e24bb7c26a6e895d8b808c70133b52c9ca4a2266c2e2302bf777",
+            "0x3eaf5dd3cbba83558163fd16469a3d64905ff28ee65c15ff01f4d720b1ad669a893671bb614382f2331985333b0af52cbc0af22e50e4cb39d4ab3ad58127b3c481e692bb22dc0b497690e57e6fc84a87c2e1eb85e6c8bfc253fd497fc88",
+            "0x20aa1d83489880448123a50646922500105cb286401415170070d20011294408080241a061010232311105230800c42c340010240040cb11140a2091002691040104101a20980800268085582808420102a12884a48026400221003f400",
+            "0x23ed0547893da2de2673832f9e6d988ce38c44a47495c1e0a714eb2f18ec455157cc3eefddf7dffeb3d5e9effd56efbb7d6ffe5ff7eeff7d9dfffffdd7f5b1efeffeddfe75fb71df86fe7ffbbf77bbeff7bdffcbf63e57eccf7dfcfbbedda177b7fcc9e69abf26ff7f6ff6f8f5feffc8cf87f3f5ef9de6eabfee7fff4bfffff",
+            "0x23ed0547893da2de2673832f9e6d988ce38c44a47495c1e0a714eb2f18ec455157cc1e45c0749766339168cc5850a929586fee034568bf6988e8ff8d05f5a0c6abf6d5fc345b10de84cc4eeaba54b3ef3391cbcbe61a57ac046ce8f19e4ca15126f8c8e28aa50667776fd07870a6d7c08d86f154c719426a99ae7dde4bc0bff"
+        },
+        {
+            "0x4881b1172db56487aa0b4362479871a57",
+            "0xd40bc374f241c2bb638ed6dea08d7885135052619d2f58523b3218b57371993a62bea6cfc8abf4abb8e4a96b0a38bbffffdd0bc5e5a6514f0db",
+            "0x4081210228b16487880b4160061041053",
+            "0xd40bc374f241c2bb638ed6dea08d7885135052619d2f58523b3218b57371993a62bea6cfc8abf4abb8eca9fb1f3dbfffffff0bc7e7e7d97fadf",
+            "0xd40bc374f241c2bb638ed6dea08d7885135052619d2f58523b3218b57371993a62bea6cfc8abf4abb8ac28da1d150e9b7877008687e1c93ea8c"
+        },
+        {
+            "0x1e0e22b43b6de9f7ee3000e87eef492f84ee1bcd3f490cdbf35171b174335fe53afa9b752d9b1e1b0bd58d71d35687cb7b74",
+            "0xac57c7cfa532414e1182c7c499ffa996f7a28187f7f5d7586f0fd6b64e566bff1ff68daa60d7b650cfece99b8e2551941008aaa5ab966c526d584251600baf9f48d6b573e2779363363cea427961c0ac63d9c9abcc30976c3755b739dcbcccfbb7ae06b5deed54c59a5271caaa26134877898f75b065f3c72a8429ab5",
+            "0x40602140a4429948a30000876c3410b008c0bcc0f0908c0635160914411052518aa82612483181803510451105280421a34",
+            "0xac57c7cfa532414e1182c7c499ffa996f7a28187f7f5d7586f0fd6b64e566bff1ff68daa60d7b650cfece99b8e2551941008aaa5ab966c526d584251600baf9f48d6b573e2779363363cebe2fb6bc3beffdfffebcc3e97eef7d7ff7ffdbcdfffb7efbfb5dfff57c7bffe73efabb753d9f7e9bffdf8f7fff76afcbfbf5",
+            "0xac57c7cfa532414e1182c7c499ffa996f7a28187f7f5d7586f0fd6b64e566bff1ff68daa60d7b650cfece99b8e2551941008aaa5ab966c526d584251600baf9f48d6b573e2779363363ceba29b4a831abd46b748cc3e1082c3c74f773d001f0f2763b980c9f64386afac226503914191c6683fc8e8b2eef242f89e1c1"
+        },
+        {
+            "0x46529c1d4b03b4a0efd29ce200ce9564cdc4fa4b53b9b6725e3fffe3454d6e53848fa573858f0bdbcf846d790a5bfc7470d0b8ac1d494804fa7048b869d5e016e389bf93cb959469dca3f4c5e93f8bcb7dbb64bcec19c8d9dbc5f2cecb285d81f5fefe99ff4564662c7cc275a40f0ea519adb2",
+            "0x1b10fed79bfd5e52ba14eea13cf223bfbeb5f42bd781083545c4306ed5f69250efc19707288aadf9df45b4056a293da0cfae076ee9b08e7a7058ef0a58e67149980cdc60a75825607ec4e531e9d036e71e3df52048853e3",
+            "0x1010d6c518485a523810e0a13cf0029790a5b4034701080041c4100045a6000086811601280889f91c01100408083d004e82002ca190864a40408c0818a4510888008440075825601ec4440060c004271a00f02040801a2",
+            "0x46529c1d4b03b4a0efd29ce200ce9564cdc4fa4b53b9b6725e3fffe3f54fef7bbfdfe57ba5cfebdbcfa67ffbeb5ffefd78d0bbfc5d4b4eedff796dbefdddf076ebabff9fffdfd47ffeb3fecdfbffffefffbbe7bfed9ff8fddfe7f6dfcbeddf8bf5fefe9fff4f777ebd7fee75e7df5ea599fff3",
+            "0x46529c1d4b03b4a0efd29ce200ce9564cdc4fa4b53b9b6725e3fffe2f442832a3b5a405824c1e1c800a65682e104bec908c03bf8410a4ee9a5196db695cc90646b23600e3fced43f7e302ec913dffd25e6b3831be997387c55a2e6574be59b8b807ca89e130b3778b17fac0447d05ca191fe51"
+        },
+        {
+            "0x1c61ea1ba6135d29a669cc258f24a09ce0c6af1fa717",
+            "0x277557a8f45578e7730c64350cd3fd389bf96320fb3079402e9949062868fda63a6c371adf34952bd8fbf8a361671041556548ecabc7561f3febfcf26290dc819caa54b8eb26a7fb3a593202b2eb9a87fa214342ea4d639c3487882c7b6a03401d0715171c8ec44d45eff0c2571ca3f556d0d986fbeb5ff",
+            "0x10416008a4005408a60804218a24000c00802f1ea517",
+            "0x277557a8f45578e7730c64350cd3fd389bf96320fb3079402e9949062868fda63a6c371adf34952bd8fbf8a361671041556548ecabc7561f3febfcf26290dc819caa54b8eb26a7fb3a593202b2eb9a87fa214342ea4d639c3487882c7b6a03401d07d71fbdbee57dd7fff6ded75cf3ff5fdeddeefbfb7ff",
+            "0x277557a8f45578e7730c64350cd3fd389bf96320fb3079402e9949062868fda63a6c371adf34952bd8fbf8a361671041556548ecabc7561f3febfcf26290dc819caa54b8eb26a7fb3a593202b2eb9a87fa214342ea4d639c3487882c7b6a03401d06d309bd34a5789775965e954451bf5f1ed5ec0a112e8"
+        },
+        {
+            "0x259856f9c56582b4f8056fdbd37332ff6684ad104683782087ef2b965fa2d22153ca880d735c116878afac5b2477b7f",
+            "0x1518494828299164e2ee455afe73cd24484df0def1e24c01926bdb2566d44e483a04bbdd5aeab159678305b6ade08cb5bc83e0e63a7bd9e2bb016c355f0fd9e94044e8e9dd380c64ea2f83d239d0987a6864dd1a07c9d742",
+            "0x20105268c4008210c8040e438331122b2004811040811800044e0a945380c20002c8080111080120000d80002415342",
+            "0x1518494828299164e2ee455afe73cd24484df0def1e24c01926bdb2566d44e483a04bbdd5aeab15967db85ffbdf6dcbfff83f6ffbf7ffbefff696ef55f6fffeb487efaf9fdfa2d66ff3fabd2fff5d97eefeeffdfb7cfff7f",
+            "0x1518494828299164e2ee455afe73cd24484df0def1e24c01926bdb2566d44e483a04bbdd5aeab15965da80d931b6d49ef303b61b874ceacd4d6926e45b67ee6b483a1a50b8c22146ff132b52eee5596cefee27dfb58eac3d"
+        },
+        {
+            "0xd8526c4a399bb415b422ab254fb7c9a053c1507e3260aac195366c5fed9ff583053547f1b8f54561838e8d5fff273e25",
+            "0xdc8169197ca1b7f60394685c3438a5b9ff07c0deafe3d68064567be3d9ad3c577600e0d98c4bda37a6ed8175d437cded052bdf221c4c3d76221331061",
+            "0x4002480a30180400b42028044527882012c14076200008808434205a6c981501013446d010b540218082854221231021",
+            "0xdc8169197ca1b7f60394685c3dbda7fdff9ffbdfffe3feb274ff7ffbddbd3d57f726eafd9d5bfef7fefdff7df477ddff1fafdf761c7cfdf7fff373e65",
+            "0xdc8169197ca1b7f60394685c39bd837d5c9e7b9ff4a1fc3230ad0779dc9129509526ea759518bcf258347e2de46499921ea48b740474d5a3dde142e44"
+        },
+        {
+            "0x47ac96c78ee0c7a9906ce5af63d0ad1b0420e1ca783cc6904ee84",
+            "0x630297e0f122e36f0c5f2f34efbb078c2f4c00e7c16f96cb054",
+            "0x20028780e002a1000c452f20c0a90304204000600046904a004",
+            "0x47ef96d7eef1e7ebff6cffaf77ffbf1f8c2fedcafffdef96cfed4",
+            "0x47cf94506e11e54aff60ba80573f161c880fadca9ffda90685ed0"
+        },
+        {
+            "0x432a40ea48fcb8b8161bc19a26b544f54833bf5e005c7d1c19e8405c5464c8c139fdd9b627865e596c513fc68454827f070310dd7efe80306693ce441c89a74d91db5e27d6ba966aa1e109cc8385bd86a23d127cf609eea4118e0e1d9be83b561dcffb0ec3844d22",
+            "0x70d78d38ebcadb77733fc709a6d3b76576ca71acd7e3196640d6adc00225142070b943d5624a3a3d4e77a787d8221848ab06c5135",
+            "0x50c7880002481864410882008011b560744a212482021004401009c002211020402002c0400820214836838540001800a80044120",
+            "0x432a40ea48fcb8b8161bc19a26b544f54833bf5e005c7d1c19e8405c5464c8c139fdd9b627865e596c513fc68454827f070310df7ffed3befebfff773ffdf7dffdfb7e77febf9eeffff19fec8feffd86a27d527fff9dfff635afafddfffa7b7f9fefff8ef3ec5d37",
+            "0x432a40ea48fcb8b8161bc19a26b544f54833bf5e005c7d1c19e8405c5464c8c139fdd9b627865e596c513fc68454827f070310da738653beda3e79332f75d7d7fce02870ba1d8ca7dfd09fa88eef6186806c507bfd9dd3f2352dadc97c92432b9fee7f8473e81c17"
+        },
+        {
+            "0x7c4c2d104ca2a5c080fbf1e717e47f848ff9be3555bcff60c07907ade9e334a556157dcd28ebbfd73367defdc4d8f5de60815360394e4de6e7535d356ccb8a2d896157ba65a7e8541a06e604454aef3e8cebfc7aedb48466eb65039cf17c13fcdb1b",
+            "0x2a73b2854f05d043d4e28e0b2634fd7023aaf3e57e58f213dd0693769",
+            "0x2a0100804e00404084e2880a2604ac50000262a45018c213c10681309",
+            "0x7c4c2d104ca2a5c080fbf1e717e47f848ff9be3555bcff60c07907ade9e334a556157dcd28ebbfd73367defdc4d8f5de60815360394e4de6e7535d356ccb8a2d896157ba65a7ef7f3a56f65d457fef3eecfbff7fffb6beefff77e79ff17dd3fdff7b",
+            "0x7c4c2d104ca2a5c080fbf1e717e47f848ff9be3555bcff60c07907ade9e334a556157dcd28ebbfd73367defdc4d8f5de60815360394e4de6e7535d356ccb8a2d896157ba65a54f6f325216594177a1166c599f353ab6bec9d532e613d041c395ec72"
+        },
+        {
+            "0x3ee957090c3ab10e1c8af669f2093bba430a4322a741522d2ce1d20b07558298627de3dbbbef8828abc64195bad0f9f6acbb734a420d0d8dd330e90d23ab633826a612060eb95070758199006b547b24792d59f97c3191b2dee7a96e",
+            "0x7e30cfb7abf89648583c2f705f30abb997ded579a0de3172e2b546c920f92fbdf3bf5ffbd5d73620da518e7b4964a44505817d16c7028f4da494135d2589deffbfdb19f6a454f0431cda1884e51f48c67605f9f044e955a4f23da9dfa92af8dfba09ea6adf0390c",
+            "0x4e102090838a1061808e20122091028020a02228701502d2c415202050500802014424010480000284000949a4041348018114a420d018d42004904218921080600100406205010040091004b005a0478000989782090a28ce0290c",
+            "0x7e30cfb7abf89648583c2f73ffb5fbb9d7ffd5f9e8ff77ffe2b7ffed30fd3fbff7bf7ffbdfdf36b0ff59afff6ffebdffbff9ff9eff669f5fad9f9f7fefbffeffbfdbd9ffb75ef0d33efe3b86ef7f68e6ff95fff75cf9d5a6f77fbbdfbbffffdffb19fb6fff7b96e",
+            "0x7e30cfb7abf89648583c2f73b1a5db295475c598687157edc226fd6d105d1d9787aa7d291bca1690af09a7fd6eba99febb79ff9c7b669616099b8c37ee3eea5b9f0bc12b975a6091266c2b068f7e68a69d90fef71cf0c5a2477a1b983bff67487910f1473179062"
+        },
+        {
+            "0x20265b43c9319cd56eac6a02cbf7913ba44b",
+            "0x995b92e854a8e0d548bfc02e18529b37790f0e4d9aaf36e7abc4a0f1e6d69489215aaa61b5863b1c86b3536b443dc639d1eb3db7789c2cb2f8cad1a74e5168ef33948c81a06fbad3b9ab0b7c84045cd1f77620ef43c7f2088d2901917bec5346a44f679be9491d273dbe5bf6e39095bb411cac63e38626013d671445c",
+            "0x20261901493010c0462c2802401390310448",
+            "0x995b92e854a8e0d548bfc02e18529b37790f0e4d9aaf36e7abc4a0f1e6d69489215aaa61b5863b1c86b3536b443dc639d1eb3db7789c2cb2f8cad1a74e5168ef33948c81a06fbad3b9ab0b7c84045cd1f77620ef43c7f2088d2901917bec5346a44f679be9491d273dbe5bf6e7b4bdbb59ddfeebe7a62ebf7d77be45f",
+            "0x995b92e854a8e0d548bfc02e18529b37790f0e4d9aaf36e7abc4a0f1e6d69489215aaa61b5863b1c86b3536b443dc639d1eb3db7789c2cb2f8cad1a74e5168ef33948c81a06fbad3b9ab0b7c84045cd1f77620ef43c7f2088d2901917bec5346a44f679be9491d273dbe59f48624a92858d1fa8925260abe4474ae017"
+        },
+        {
+            "0x20a92c71c161a786989694109718416d7a291b8f9c71a5a71ee827e003a5a19cf2aa8faeecbfa231c330e2d4c747b75ccc4d43d8c37472b60",
+            "0xc2ba3ef844b62f020cd6e4b010499c2c28ab3c15ed2ef3114e5b806244e57be1a7d999a21399c1e950977f021c82a906bed39caeec6aa077628421f9d5dfed01b24fe857000e259537fbe07d6a83080080ae927512d4518f9a56f0a40376234855377d8ef40dcb6055bd8d351",
+            "0x20282071400021809096840092084045000801851471a0250a80000000a480141280018e8816a020033022404507350cc40d4340413400340",
+            "0xc2ba3ef844b62f020cd6e4b010499c2c28ab3c15ed2ef3114e5b806244e57be1a7d999a21399c1e950977f021c82a906bed39caeecebac77e3e5a7ffdddffd11b75fe97f7a2f3f9fbffbe5ff7eeb2fe083afb3fdf2fedfaffefff2b5c376e3dcd777ffdefc4dcbf8d7fdffb71",
+            "0xc2ba3ef844b62f020cd6e4b010499c2c28ab3c15ed2ef3114e5b806244e57be1a7d999a21399c1e950977f021c82a906bed39caeccc38c06a3e5867f4d4979112557a93a7a273e1aab8a45da746b2fe0830b33e9e07ede2176e95295c046c19c9270cad2384088b896c9ff831"
+        },
+        {
+            "0xf6b7f399370d10b097b17e514f044d77a8f170148f4837033bb5d425f73a4079e1c7a9c3e69246f902d8c9fd27caad1e93d83578d4af8d3b7b1c02041c44917a22ed56f2562ac1426a356f8d31965e8e367b8929f3907b1dc6e73a8f3a566ca5c4e113e9d2c53770b110df51cf504701ff3fcea5b819b9bfc49f",
+            "0x61989df2b7097a6a84dc016aec2716d9cac359d2d799d90ec006a66efe3f1fd0851978c4cfe2f64b307b852e23f5dfdc2f63196e1076782a228a46f5f7d4e54afc1ad7abf1f8fef46edaad1706956f95eb95953bd4",
+            "0x990290097822808c0002c82510d08a8119521400000c40002222ec1612500001404005628401105a8426238109d0006319460032082a020804c4e110e142c41250a110d850c440420117068425900991950094",
+            "0xf6b7f399370d10b097b17e514f044d77a8f170148f4837033bb5d425f73a4079e1c7a9c3e6f3defdf2ffc9ff6fcefd1ffbfc377eddefcf7bfbdf9bdd1ec497fe6eff7fffd6afd97aeeffefff7bb67f8f3e7bfdffffbf7b1deef77eff3a76eee7f5f7d7eddafd3ff7bbf1ffffff7edfadff3fdfefbdfbbdbfffdf",
+            "0xf6b7f399370d10b097b17e514f044d77a8f170148f4837033bb5d425f73a4079e1c7a9c3e6f3de64f06fc0874d4e711ff934126e0d654e62a9cb9bdd128497dc4c1369ed86afd83aaefa8d7b7aa6250b18587cf62fbf1804a8f74cf71074e6e33116c70c98392da71ae127af3b3e9dace8395bca2df22c2aff4b"
+        },
+        {
+            "0x31d126e874580b754389fad8b64aaa61cabb4f8eb6904fe7e504341ed903f7daa3e74d4da3afca80b2415672a",
+            "0x16fb17a0468c0afa6bad456efa4f9baf26860eda9d7c00c2520c8c9b6026fb50df59b8cb74f6d9be861052c5e831158e7ffd98746328ce11f91d9ea22f0803a8b059aea22d1715ca1abeae53a8bc6b8bfb9b6c9d24ae714767",
+            "0x11100e0745803440288e0189048aa20c0800a8a04904a22c10014008902e51a83c6080da1a6c880024114722",
+            "0x16fb17a0468c0afa6bad456efa4f9baf26860eda9d7c00c2520c8c9b6026fb50df59b8cb74f6d9be861052c5eb3d17eefffd98f77738dfbdfb7dbea63fabb7f8fb79aefe7f5757cbffbebf7faabe7fdffbbbfcbd2fae75676f",
+            "0x16fb17a0468c0afa6bad456efa4f9baf26860eda9d7c00c2520c8c9b6026fb50df59b8cb74f6d9be861052c5eb2c07e0f8b818c3371051bc7279340433a3b7505b30aa5c5347568bf72e912e02821f5f21a190352f8a64204d"
+        },
+        {
+            "0xbf1a14e469c234b72d56324d100e016bc38cdf7158e35f230c047585e7b107acc8e222e7f19552541e59316affd90e96ca657b6112f5e8c786dfcff342fc46252fcdab10c632578540dbf6235f164bc5711924c7c6ba9da85ab",
+            "0x5dd3fb9a3de26cd89eb9517af6bb25678f149f906e8751a0c20d7646d21c17191237022a990e0156541e376986fd6a680c60228e5955df08bae5789c81751cdcafe5a2e72d45b09",
+            "0x5d5158821d220c001481413006a800620204919042041000000876400214020112210220880600564412026806252a480800020251054008b22158140145101824c582a20d00109",
+            "0xbf1a14e469c234b72d56324d100e016bc38cdff3fbfb7fe36cdcffbdf7fbf7bfede7aff7ff957ed75ff9f36fffdfde9edf7d7b7712fff9cf87dfdfff77fdc6fd6fedaf70e6be5fd5dfdbfee77f9ecbf57dddafe7e6ffbdedfab",
+            "0xbf1a14e469c234b72d56324d100e016bc38c82a2a37962c160dceb3cb6cbf117ed85adf36e053cd34ff9f367899fdc8add7c695610df71c987899bed7595c0d845a5a770e4bc0ed09fd34cc6278acab06dc58b22645db0edea2"
+        },
+    };
 
     bool opa=true, opo=true, opx=true;
 
@@ -2303,9 +2537,9 @@ bool TestIntegerBitops()
     }
 
     if (opa)
-       std::cout << "passed:  ";
+       std::cout << "passed:   ";
     else
-       std::cout << "FAILED:  ";
+       std::cout << "FAILED:   ";
     std::cout << "Bitwise AND over 32-bits to 1024-bits" << std::endl;
 
     //////////////////// OR ////////////////////
@@ -2329,9 +2563,9 @@ bool TestIntegerBitops()
     }
 
     if (opo)
-       std::cout << "passed:  ";
+       std::cout << "passed:   ";
     else
-       std::cout << "FAILED:  ";
+       std::cout << "FAILED:   ";
     std::cout << "Bitwise OR over 32-bits to 1024-bits" << std::endl;
 
     //////////////////// XOR ////////////////////
@@ -2355,9 +2589,9 @@ bool TestIntegerBitops()
     }
 
     if (opx)
-       std::cout << "passed:  ";
+       std::cout << "passed:   ";
     else
-       std::cout << "FAILED:  ";
+       std::cout << "FAILED:   ";
     std::cout << "Bitwise XOR over 32-bits to 1024-bits" << std::endl;
 
     return opa && opo && opx;
diff --git a/validat1.cpp b/validat1.cpp
index be82172b..15743f12 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -93,6 +93,14 @@ bool ValidateAll(bool thorough)
 	pass=TestASN1Parse() && pass;
 	// Enable during debug for code coverage
 	pass=ValidateBaseCode() && pass;
+    // Additional tests due to no coverage
+	pass=TestGzip() && pass;
+	pass=TestZinflate() && pass;
+	pass=TestMersenne() && pass;
+	pass=TestDefaultEncryptor() && pass;
+	pass=TestDefaultEncryptorWithMAC() && pass;
+	pass=TestLegacyEncryptor() && pass;
+	pass=TestLegacyEncryptorWithMAC() && pass;
 #endif
 
 	pass=ValidateCRC32() && pass;
diff --git a/validate.h b/validate.h
index 094aaf96..75d5610c 100644
--- a/validate.h
+++ b/validate.h
@@ -120,6 +120,14 @@ bool TestRounding();
 bool TestHuffmanCodes();
 // http://github.com/weidai11/cryptopp/issues/346
 bool TestASN1Parse();
+// Additional tests due to no coverage
+bool TestGzip();
+bool TestZinflate();
+bool TestMersenne();
+bool TestDefaultEncryptor();
+bool TestDefaultEncryptorWithMAC();
+bool TestLegacyEncryptor();
+bool TestLegacyEncryptorWithMAC();
 #endif
 
 #if 1

From 9225ca09cb33711278cfb9d5cf8d87fdb2c1c460 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 5 May 2017 19:00:17 -0400
Subject: [PATCH 080/200] Updated MersenneTwister tests The tests now include
 the first 10 elements of the sequence to ensure a properly implemented
 algorithm and endianess correctness.

---
 mersenne.h   |  58 ++++++++++++++++++----------
 validat0.cpp |   5 ---
 validat1.cpp | 106 ++++++++++++++++++++++++++++++++++++++++++++-------
 3 files changed, 130 insertions(+), 39 deletions(-)

diff --git a/mersenne.h b/mersenne.h
index 4937d9d0..d5bd039b 100644
--- a/mersenne.h
+++ b/mersenne.h
@@ -26,7 +26,7 @@ NAMESPACE_BEGIN(CryptoPP)
 //!   required quickly. It should not be used for cryptographic purposes.
 //! \sa MT19937, MT19937ar
 //! \since Crypto++ 5.6.3
-template <unsigned int K, unsigned int M, unsigned int N, unsigned int F, unsigned long S>
+template <unsigned int K, unsigned int M, unsigned int N, unsigned int F, word32 S>
 class MersenneTwister : public RandomNumberGenerator
 {
 public:
@@ -38,11 +38,26 @@ public:
 	//! \param seed 32-bit seed
 	//! \details Defaults to template parameter S due to changing algorithm
 	//!   parameters over time
-	MersenneTwister(unsigned long seed = S) : m_seed(seed), m_idx(N)
+	MersenneTwister(word32 seed = S) : m_seed(seed), m_idx(N)
 	{
-		m_state[0] = seed;
-		for (unsigned int i = 1; i < N+1; i++)
-			m_state[i] = word32(F * (m_state[i-1] ^ (m_state[i-1] >> 30)) + i);
+		Reset(seed);
+	}
+
+	bool CanIncorporateEntropy() const {return true;}
+
+	//! \brief Update RNG state with additional unpredictable values
+	//! \param input the entropy to add to the generator
+	//! \param length the size of the input buffer
+	//! \details MersenneTwister uses the first 32-bits of <tt>input</tt> to reseed the
+    //!   generator. If fewer bytes are provided, then the seed is padded with 0's.
+	void IncorporateEntropy(const byte *input, size_t length)
+	{
+		word32 temp = 0;
+		::memcpy(&temp, input, STDMIN(sizeof(temp), length));
+		Reset(temp);
+
+		// Wipe temp
+		SecureWipeArray(&temp, 1);
 	}
 
 	//! \brief Generate random array of bytes
@@ -58,24 +73,15 @@ public:
 		word32 temp;
 		for (size_t i=0; i < size/4; i++, output += 4)
 		{
-#if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) && defined(IS_LITTLE_ENDIAN)
-			*((word32*)output) = ByteReverse(NextMersenneWord());
-#elif defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS)
-			*((word32*)output) = NextMersenneWord();
-#else
 			temp = NextMersenneWord();
-			output[3] = CRYPTOPP_GET_BYTE_AS_BYTE(temp, 0);
-			output[2] = CRYPTOPP_GET_BYTE_AS_BYTE(temp, 1);
-			output[1] = CRYPTOPP_GET_BYTE_AS_BYTE(temp, 2);
-			output[0] = CRYPTOPP_GET_BYTE_AS_BYTE(temp, 3);
-#endif
+			PutWord<word32>(false, LITTLE_ENDIAN_ORDER, output, temp);
 		}
 
 		// No tail bytes
 		if (size%4 == 0)
 		{
 			// Wipe temp
-			*((volatile word32*)&temp) = 0;
+			SecureWipeArray(&temp, 1);
 			return;
 		}
 
@@ -91,7 +97,7 @@ public:
 		}
 
 		// Wipe temp
-		*((volatile word32*)&temp) = 0;
+		SecureWipeArray(&temp, 1);
 	}
 
 	//! \brief Generate a random 32-bit word in the range min to max, inclusive
@@ -128,6 +134,16 @@ public:
 
 protected:
 
+	void Reset(word32 seed)
+	{
+		m_seed = seed;
+		m_idx = N;
+
+		m_state[0] = seed;
+		for (unsigned int i = 1; i < N+1; i++)
+			m_state[i] = word32(F * (m_state[i-1] ^ (m_state[i-1] >> 30)) + i);
+	}
+
 	//! \brief Returns the next 32-bit word from the state array
 	//! \returns the next 32-bit word from the state array
 	//! \details fetches the next word frm the state array, performs bit operations on
@@ -148,7 +164,7 @@ protected:
 	//! \brief Performs the twist operaton on the state array
 	void Twist()
 	{
-		static const unsigned long magic[2]={0x0UL, K};
+		static const word32 magic[2]={0x0UL, K};
 		word32 kk, temp;
 
 		CRYPTOPP_ASSERT(N >= M);
@@ -171,7 +187,7 @@ protected:
 		m_idx = 0;
 
 		// Wipe temp
-		*((volatile word32*)&temp) = 0;
+		SecureWipeArray(&temp, 1);
 	}
 
 private:
@@ -179,9 +195,9 @@ private:
 	//! \brief 32-bit word state array of size N
 	FixedSizeSecBlock<word32, N+1> m_state;
 	//! \brief the value used to seed the generator
-	unsigned int m_seed;
+	word32 m_seed;
 	//! \brief the current index into the state array
-	unsigned int m_idx;
+	word32 m_idx;
 };
 
 //! \class MT19937
diff --git a/validat0.cpp b/validat0.cpp
index ae8c8fc7..8fd86932 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -98,11 +98,6 @@ bool TestZinflate()
     return !fail;
 }
 
-bool TestMersenne()
-{
-    return true;
-}
-
 bool TestDefaultEncryptor()
 {
     std::cout << "\nTesting DefaultEncryptor...\n\n";
diff --git a/validat1.cpp b/validat1.cpp
index 15743f12..2dc48572 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -45,6 +45,7 @@
 #include "osrng.h"
 #include "drbg.h"
 #include "rdrand.h"
+#include "mersenne.h"
 #include "zdeflate.h"
 #include "smartptr.h"
 #include "channels.h"
@@ -72,7 +73,9 @@ bool ValidateAll(bool thorough)
 	pass=TestAutoSeeded() && pass;
 	pass=TestAutoSeededX917() && pass;
 	// pass=TestSecRandom() && pass;
-
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+	pass=TestMersenne() && pass;
+#endif
 #if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
 	pass=TestRDRAND() && pass;
 	pass=TestRDSEED() && pass;
@@ -96,7 +99,6 @@ bool ValidateAll(bool thorough)
     // Additional tests due to no coverage
 	pass=TestGzip() && pass;
 	pass=TestZinflate() && pass;
-	pass=TestMersenne() && pass;
 	pass=TestDefaultEncryptor() && pass;
 	pass=TestDefaultEncryptorWithMAC() && pass;
 	pass=TestLegacyEncryptor() && pass;
@@ -449,7 +451,7 @@ bool TestOS_RNG()
 		}
 		else
 			std::cout << "passed:";
-		std::cout << "  " << total << " generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE" << std::endl;
+		std::cout << "  " << total << " generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
 	}
 	else
 		std::cout << "\nNo operating system provided blocking random number generator, skipping test." << std::endl;
@@ -474,7 +476,7 @@ bool TestOS_RNG()
 		}
 		else
 			std::cout << "passed:";
-		std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE" << std::endl;
+		std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
 	}
 	else
 		std::cout << "\nNo operating system provided nonblocking random number generator, skipping test." << std::endl;
@@ -511,7 +513,7 @@ bool TestAutoSeeded()
 	}
 	else
 		std::cout << "passed:";
-	std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE" << std::endl;
+	std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
 
 	try
 	{
@@ -575,7 +577,7 @@ bool TestAutoSeededX917()
 	}
 	else
 		std::cout << "passed:";
-	std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE" << std::endl;
+	std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
 
 	try
 	{
@@ -621,6 +623,90 @@ bool TestAutoSeededX917()
 }
 #endif // NO_OS_DEPENDENCE
 
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+bool TestMersenne()
+{
+	std::cout << "\nTesting Mersenne Twister...\n\n";
+
+	static const unsigned int ENTROPY_SIZE = 32;
+	bool equal = true, generate = true, discard = true, incorporate = false;
+
+    // First 10; http://create.stephan-brumme.com/mersenne-twister/
+	word32 result[10], expected[10] = {0xD091BB5C, 0x22AE9EF6,
+		0xE7E1FAEE, 0xD5C31F79, 0x2082352C, 0xF807B7DF, 0xE9D30005,
+		0x3895AFE1, 0xA1E24BBA, 0x4EE4092B};
+
+	MT19937ar prng;
+	prng.GenerateBlock(reinterpret_cast<byte*>(result), sizeof(result));
+    equal = (0 == ::memcmp(result, expected, sizeof(expected)));
+
+	if (equal)
+	{
+		std::cout << "passed:";
+	}
+	else
+	{
+		std::cout << "FAILED:";
+        equal = false;
+	}
+    std::cout << "  Expected sequence from MT19937ar (2002 version)\n";
+
+	MeterFilter meter(new Redirector(TheBitBucket()));
+	RandomNumberSource test(prng, 100000, true, new Deflator(new Redirector(meter)));
+
+	if (meter.GetTotalBytes() < 100000)
+	{
+		std::cout << "FAILED:";
+		generate = false;
+	}
+	else
+		std::cout << "passed:";
+	std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
+
+	try
+	{
+		prng.DiscardBytes(100000);
+	}
+	catch(const Exception&)
+	{
+		discard = false;
+	}
+
+	if (!discard)
+		std::cout << "FAILED:";
+	else
+		std::cout << "passed:";
+	std::cout << "  discarded 10000 bytes\n";
+
+	try
+	{
+		if(prng.CanIncorporateEntropy())
+		{
+			SecByteBlock entropy(ENTROPY_SIZE);
+			OS_GenerateRandomBlock(false, entropy, entropy.SizeInBytes());
+
+			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+
+			incorporate = true;
+		}
+	}
+	catch(const Exception& /*ex*/)
+	{
+	}
+
+	if (!incorporate)
+		std::cout << "FAILED:";
+	else
+		std::cout << "passed:";
+	std::cout << "  IncorporateEntropy with " << 4*ENTROPY_SIZE << " bytes" << std::endl;
+
+	return equal && generate && discard && incorporate;
+}
+#endif
+
 #if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
 bool TestRDRAND()
 {
@@ -657,7 +743,7 @@ bool TestRDRAND()
 		// Coverity finding, also see http://stackoverflow.com/a/34509163/608639.
 		StreamState ss(std::cout);
 		std::cout << std::setiosflags(std::ios::fixed) << std::setprecision(6);
-		std::cout << "  Maurer Randomness Test returned value " << mv << std::endl;
+		std::cout << "  Maurer Randomness Test returned value " << mv << "\n";
 
 		if (meter.GetTotalBytes() < SIZE)
 		{
@@ -691,9 +777,6 @@ bool TestRDRAND()
 	(void)rdrand.CanIncorporateEntropy();
 	rdrand.IncorporateEntropy(NULLPTR, 0);
 
-	if (!(entropy && compress && discard))
-		std::cout.flush();
-
 	return entropy && compress && discard;
 }
 #endif
@@ -769,9 +852,6 @@ bool TestRDSEED()
 	(void)rdseed.CanIncorporateEntropy();
 	rdseed.IncorporateEntropy(NULLPTR, 0);
 
-	if (!(entropy && compress && discard))
-		std::cout.flush();
-
 	return entropy && compress && discard;
 }
 #endif

From ac930b084dfb5b67113d622a785bbfe84325c3c1 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 5 May 2017 20:34:43 -0400
Subject: [PATCH 081/200] Add additional tests Whitespace check-in

---
 validat0.cpp | 358 ++++++++++++++++++++++++++++++---------------------
 1 file changed, 213 insertions(+), 145 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index 8fd86932..32a85a0d 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -54,11 +54,35 @@ bool TestGzip()
         fail = true;
     }
 
+    // Unzip random data. See if we can induce a crash
+    for (unsigned int i=0; i<128; i++)
+    {
+        std::string src, dest;
+        unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+
+        src.resize(len);
+        GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+        src[0] = 0x1f; src[1] = 0x8b;  // magic Header
+        src[2] = 0x00;  // extra flags
+        src[3] = src[3] & (2|4|8|16|32);  // flags
+
+        // Don't allow ENCRYPTED|CONTINUED to over-run tests
+        if (src[3] & (2|32)) {
+            if (i%3 == 0) {src[3] &= ~2;}
+            if (i%3 == 1) {src[3] &= ~32;}
+        }
+        // The remainder are extra headers and the payload
+
+        try {
+            StringSource(src, true, new Gunzip(new StringSink(dest)));
+        } catch(const Exception&) {    }
+    }
+
     if (!fail)
-       std::cout << "passed:   ";
+       std::cout << "passed:";
     else
-       std::cout << "FAILED:   ";
-    std::cout << "128 zip and unzip" << std::endl;
+       std::cout << "FAILED:";
+    std::cout << "  256 zips and unzips" << std::endl;
 
     return !fail;
 }
@@ -81,7 +105,7 @@ bool TestZinflate()
             StringSource(src, true, new Deflator(new StringSink(dest)));
             StringSource(dest, true, new Inflator(new StringSink(rec)));
             if (src != rec)
-                throw Exception(Exception::OTHER_ERROR, "Inflate failed a self test");
+                throw Exception(Exception::OTHER_ERROR, "Deflate failed a self test");
         }
     }
     catch(const Exception&)
@@ -89,12 +113,51 @@ bool TestZinflate()
         fail = true;
     }
 
-    if (!fail)
-       std::cout << "passed:   ";
-    else
-       std::cout << "FAILED:   ";
-    std::cout << "128 deflate and inflate" << std::endl;
+    for (unsigned int i=0; i<128; i++)
+    {
+        // See if we can induce a crash
+        std::string src, dest;
+        unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
 
+        src.resize(len);
+        GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+        try {
+            StringSource(src, true, new Inflator(new StringSink(dest)));
+        } catch(const Exception&) {    }
+    }
+
+    // Unzip random data. See if we can induce a crash
+    for (unsigned int i=0; i<128; i++)
+    {
+        std::string src, dest;
+        unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+
+        src.resize(len);
+        GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+        src[0] = 0x1f; src[1] = 0x8b;  // magic Header
+        src[2] = 0x00;  // extra flags
+        src[3] = src[3] & (2|4|8|16|32);  // flags
+
+        // Don't allow ENCRYPTED|CONTINUED to over-run tests
+        if (src[3] & (2|32)) {
+            if (i%3 == 0) {src[3] &= ~2;}
+            if (i%3 == 1) {src[3] &= ~32;}
+        }
+        // The remainder are extra headers and the payload
+
+        try {
+            StringSource(src, true, new Inflator(new StringSink(dest)));
+        } catch(const Exception&) {    }
+    }
+
+    if (!fail)
+       std::cout << "passed:";
+    else
+       std::cout << "FAILED:";
+    std::cout << "  256 deflates and inflates\n";
+
+    std::cout.flush();
     return !fail;
 }
 
@@ -129,10 +192,10 @@ bool TestDefaultEncryptor()
     }
 
     if (!fail)
-       std::cout << "passed:   ";
+       std::cout << "passed:";
     else
-       std::cout << "FAILED:   ";
-    std::cout << "128 default encryptions and decryptions" << std::endl;
+       std::cout << "FAILED:";
+    std::cout << "  128 default encryptions and decryptions" << std::endl;
 
     return !fail;
 }
@@ -168,10 +231,10 @@ bool TestDefaultEncryptorWithMAC()
     }
 
     if (!fail)
-       std::cout << "passed:   ";
+       std::cout << "passed:";
     else
-       std::cout << "FAILED:   ";
-    std::cout << "128 default encryptions and decryptions with MAC" << std::endl;
+       std::cout << "FAILED:";
+    std::cout << "  128 default encryptions and decryptions with MAC" << std::endl;
 
     return !fail;
 }
@@ -207,10 +270,10 @@ bool TestLegacyEncryptor()
     }
 
     if (!fail)
-       std::cout << "passed:   ";
+       std::cout << "passed:";
     else
-       std::cout << "FAILED:   ";
-    std::cout << "128 legacy encryptions and decryptions" << std::endl;
+       std::cout << "FAILED:";
+    std::cout << "  128 legacy encryptions and decryptions" << std::endl;
 
     return !fail;
 }
@@ -246,10 +309,10 @@ bool TestLegacyEncryptorWithMAC()
     }
 
     if (!fail)
-       std::cout << "passed:   ";
+       std::cout << "passed:";
     else
-       std::cout << "FAILED:   ";
-    std::cout << "128 legacy encryptions and decryptions with MAC" << std::endl;
+       std::cout << "FAILED:";
+    std::cout << "  128 legacy encryptions and decryptions with MAC" << std::endl;
 
     return !fail;
 }
@@ -272,7 +335,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, byte, no overflow\n";
 
     try
     {
@@ -286,7 +349,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, byte, no overflow\n";
 
     try
     {
@@ -300,7 +363,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, byte, no overflow\n";
 
     try
     {
@@ -314,7 +377,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, byte, no overflow\n";
 
     try
     {
@@ -328,7 +391,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, byte, no overflow\n";
 
     try
     {
@@ -343,7 +406,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, byte, overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, byte, overflow\n";
 
     // ********** word16 **********//
     try
@@ -358,7 +421,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word16, no overflow\n";
 
     try
     {
@@ -372,7 +435,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word16, no overflow\n";
 
     try
     {
@@ -386,7 +449,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word16, no overflow\n";
 
     try
     {
@@ -400,7 +463,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word16, no overflow\n";
 
     try
     {
@@ -414,7 +477,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word16, no overflow\n";
 
     try
     {
@@ -429,7 +492,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word16, overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word16, overflow\n";
 
     // ********** word32 **********//
     try
@@ -444,7 +507,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word32, no overflow\n";
 
     try
     {
@@ -458,7 +521,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word32, no overflow\n";
 
     try
     {
@@ -472,7 +535,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word32, no overflow\n";
 
     try
     {
@@ -486,7 +549,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word32, no overflow\n";
 
     try
     {
@@ -500,7 +563,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word32, no overflow\n";
 
     try
     {
@@ -515,7 +578,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word32, overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word32, overflow\n";
 
     // ********** word64 **********//
     try
@@ -530,7 +593,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word64, no overflow\n";
 
     try
     {
@@ -544,7 +607,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word64, no overflow\n";
 
     try
     {
@@ -558,7 +621,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word64, no overflow\n";
 
     try
     {
@@ -572,7 +635,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word64, no overflow\n";
 
     try
     {
@@ -586,7 +649,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word64, no overflow\n";
 
     try
     {
@@ -601,7 +664,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word64, overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word64, overflow\n";
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
     // ********** word128 **********//
@@ -617,7 +680,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word128, no overflow\n";
 
     try
     {
@@ -631,7 +694,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word128, no overflow\n";
 
     try
     {
@@ -645,7 +708,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word128, no overflow\n";
 
     try
     {
@@ -661,7 +724,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word128, no overflow\n";
 
     try
     {
@@ -676,7 +739,7 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, no overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word128, no overflow\n";
 
     try
     {
@@ -692,9 +755,10 @@ bool TestRounding()
     }
 
     pass = !fail && pass;
-    std::cout << (fail ? "FAILED:  " : "passed:  ") << "RoundUpToMultipleOf, word128, overflow\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  RoundUpToMultipleOf, word128, overflow\n";
 #endif
 
+    std::cout.flush();
     return pass;
 }
 #endif
@@ -768,11 +832,12 @@ bool RunASN1TestSet(const ASN1_TestTuple asnTuples[], size_t count)
             fail = !(thisTest.disposition == REJECT);
         }
 
-        std::cout << (fail ? "FAILED:   " : "passed:   ") << (thisTest.disposition == ACCEPT ? "accept " : "reject ");
+        std::cout << (fail ? "FAILED:" : "passed:") << (thisTest.disposition == ACCEPT ? "  accept " : "  reject ");
         std::cout << asnTuples[i].name << " " << val << "\n";
         pass = !fail && pass;
     }
 
+    std::cout.flush();
     return pass;
 }
 
@@ -946,6 +1011,7 @@ bool TestASN1Parse()
 
     pass = RunASN1TestSet(integerValues, COUNTOF(integerValues)) && pass;
 
+    std::cout.flush();
     return pass;
 }
 #endif
@@ -981,10 +1047,10 @@ bool TestSecBlock()
 
         pass1 &= temp;
         if (!temp)
-            std::cout << "FAILED:   ";
+            std::cout << "FAILED:";
         else
-            std::cout << "passed:   ";
-        std::cout << "Zeroized byte array" << std::endl;
+            std::cout << "passed:";
+        std::cout << "  Zeroized byte array\n";
 
         SecBlock<word32> z2(NULLPTR, 256);
         temp = true;
@@ -994,10 +1060,10 @@ bool TestSecBlock()
 
         pass1 &= temp;
         if (!temp)
-            std::cout << "FAILED:   ";
+            std::cout << "FAILED:";
         else
-            std::cout << "passed:   ";
-        std::cout << "Zeroized word32 array" << std::endl;
+            std::cout << "passed:";
+        std::cout << "  Zeroized word32 array\n";
 
         SecBlock<word64> z3(NULLPTR, 256);
         temp = true;
@@ -1007,10 +1073,10 @@ bool TestSecBlock()
 
         pass1 &= temp;
         if (!temp)
-            std::cout << "FAILED:   ";
+            std::cout << "FAILED:";
         else
-            std::cout << "passed:   ";
-        std::cout << "Zeroized word64 array" << std::endl;
+            std::cout << "passed:";
+        std::cout << "  Zeroized word64 array\n";
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
         SecBlock<word128> z4(NULLPTR, 256);
@@ -1021,10 +1087,10 @@ bool TestSecBlock()
 
         pass1 &= temp;
         if (!temp)
-            std::cout << "FAILED:   ";
+            std::cout << "FAILED:";
         else
-            std::cout << "passed:   ";
-        std::cout << "Zeroized word128 array" << std::endl;
+            std::cout << "passed:";
+        std::cout << "  Zeroized word128 array\n";
 #endif
     }
 
@@ -1076,10 +1142,10 @@ bool TestSecBlock()
 
     pass2 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Assign byte" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Assign byte\n";
 
     try
     {
@@ -1111,10 +1177,10 @@ bool TestSecBlock()
 
     pass2 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Assign word32" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Assign word32\n";
 
     try
     {
@@ -1146,10 +1212,10 @@ bool TestSecBlock()
 
     pass2 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Assign word64" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Assign word64\n";
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
     try
@@ -1182,10 +1248,10 @@ bool TestSecBlock()
 
     pass2 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Assign word128" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Assign word128\n";
 #endif
 
     //********** Append **********//
@@ -1228,10 +1294,10 @@ bool TestSecBlock()
 
     pass3 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Append byte" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Append byte\n";
 
     try
     {
@@ -1273,10 +1339,10 @@ bool TestSecBlock()
 
     pass3 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Append word32" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Append word32\n";
 
     try
     {
@@ -1318,10 +1384,10 @@ bool TestSecBlock()
 
     pass3 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Append word64" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Append word64\n";
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
     try
@@ -1364,10 +1430,10 @@ bool TestSecBlock()
 
     pass3 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Append word128" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Append word128\n";
 #endif
 
     //********** Concatenate **********//
@@ -1403,10 +1469,10 @@ bool TestSecBlock()
 
     pass4 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Concatenate byte" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Concatenate byte\n";
 
     // word32
     try
@@ -1441,10 +1507,10 @@ bool TestSecBlock()
 
     pass4 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Concatenate word32" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Concatenate word32\n";
 
     // word64
     try
@@ -1479,10 +1545,10 @@ bool TestSecBlock()
 
     pass4 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Concatenate word64" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Concatenate word64\n";
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
     try
@@ -1517,10 +1583,10 @@ bool TestSecBlock()
 
     pass4 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Concatenate word128" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Concatenate word128\n";
 #endif
 
     //********** Equality **********//
@@ -1558,10 +1624,10 @@ bool TestSecBlock()
 
     pass5 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Equality byte" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Equality byte\n";
 
     // word32
     try
@@ -1596,10 +1662,10 @@ bool TestSecBlock()
 
     pass5 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Equality word32" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Equality word32\n";
 
     // word64
     try
@@ -1634,10 +1700,10 @@ bool TestSecBlock()
 
     pass5 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Equality word64" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Equality word64\n";
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
     // word128
@@ -1673,10 +1739,10 @@ bool TestSecBlock()
 
     pass5 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Equality word128" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Equality word128\n";
 #endif
 
     //********** Allocator Size/Overflow **********//
@@ -1700,10 +1766,10 @@ bool TestSecBlock()
 
     pass6 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Overflow word32" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Overflow word32\n";
 
     try
     {
@@ -1724,10 +1790,10 @@ bool TestSecBlock()
 
     pass6 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Overflow word64" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Overflow word64\n";
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
     try
@@ -1749,10 +1815,10 @@ bool TestSecBlock()
 
     pass6 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "Overflow word128" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  Overflow word128\n";
 #endif
 
     //********** FixedSizeAllocatorWithCleanup and Grow **********//
@@ -1789,10 +1855,10 @@ bool TestSecBlock()
 
     pass7 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "FixedSizeAllocator Grow with byte" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  FixedSizeAllocator Grow with byte\n";
 
     // word32
     try
@@ -1827,10 +1893,10 @@ bool TestSecBlock()
 
     pass7 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "FixedSizeAllocator Grow with word32" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  FixedSizeAllocator Grow with word32\n";
 
     // word64
     try
@@ -1865,10 +1931,10 @@ bool TestSecBlock()
 
     pass7 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "FixedSizeAllocator Grow with word64" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  FixedSizeAllocator Grow with word64\n";
 
 #if defined(CRYPTOPP_WORD128_AVAILABLE)
     // word128
@@ -1904,12 +1970,13 @@ bool TestSecBlock()
 
     pass7 &= temp;
     if (!temp)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "FixedSizeAllocator Grow with word128" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  FixedSizeAllocator Grow with word128\n";
 #endif
 
+    std::cout.flush();
     return pass1 && pass2 && pass3 && pass4 && pass5 && pass6 && pass7;
 }
 #endif
@@ -1943,10 +2010,10 @@ bool TestHuffmanCodes()
     }
 
     if (!pass)
-        std::cout << "FAILED:   ";
+        std::cout << "FAILED:";
     else
-        std::cout << "passed:   ";
-    std::cout << "GenerateCodeLengths" << std::endl;
+        std::cout << "passed:";
+    std::cout << "  GenerateCodeLengths" << std::endl;
 
     return pass;
 }
@@ -2532,10 +2599,10 @@ bool TestIntegerBitops()
     }
 
     if (opa)
-       std::cout << "passed:   ";
+       std::cout << "passed:";
     else
-       std::cout << "FAILED:   ";
-    std::cout << "Bitwise AND over 32-bits to 1024-bits" << std::endl;
+       std::cout << "FAILED:";
+    std::cout << "  Bitwise AND over 32-bits to 1024-bits\n";
 
     //////////////////// OR ////////////////////
 
@@ -2558,10 +2625,10 @@ bool TestIntegerBitops()
     }
 
     if (opo)
-       std::cout << "passed:   ";
+       std::cout << "passed:";
     else
-       std::cout << "FAILED:   ";
-    std::cout << "Bitwise OR over 32-bits to 1024-bits" << std::endl;
+       std::cout << "FAILED:";
+    std::cout << "  Bitwise OR over 32-bits to 1024-bits\n";
 
     //////////////////// XOR ////////////////////
 
@@ -2584,11 +2651,12 @@ bool TestIntegerBitops()
     }
 
     if (opx)
-       std::cout << "passed:   ";
+       std::cout << "passed:";
     else
-       std::cout << "FAILED:   ";
-    std::cout << "Bitwise XOR over 32-bits to 1024-bits" << std::endl;
+       std::cout << "FAILED:";
+    std::cout << "  Bitwise XOR over 32-bits to 1024-bits\n";
 
+    std::cout.flush();
     return opa && opo && opx;
 }
 #endif

From 02df6ea8475531609a377c85e8b6da60110dec10 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 5 May 2017 23:16:28 -0400
Subject: [PATCH 082/200] Add additional self tests under debug builds

---
 validat0.cpp | 117 ++++++++++++++++++++++++++++++++++++++++++++++-----
 validat1.cpp |  11 ++---
 validat2.cpp |   2 +-
 validate.h   |   5 +++
 4 files changed, 119 insertions(+), 16 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index 32a85a0d..e1b082a1 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -27,7 +27,7 @@
 NAMESPACE_BEGIN(CryptoPP)
 NAMESPACE_BEGIN(Test)
 
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 bool TestGzip()
 {
     std::cout << "\nTesting Gzip and Gunzip...\n\n";
@@ -46,7 +46,13 @@ bool TestGzip()
             StringSource(src, true, new Gzip(new StringSink(dest)));
             StringSource(dest, true, new Gunzip(new StringSink(rec)));
             if (src != rec)
-                throw Exception(Exception::OTHER_ERROR, "Gzip failed a self test");
+                throw Exception(Exception::OTHER_ERROR, "Gzip failed to decompress stream");
+
+            // Tamper
+            try {
+                StringSource(dest.substr(0, len-2), true, new Gunzip(new StringSink(rec)));
+                throw Exception(Exception::OTHER_ERROR, "Gzip failed to detect a truncated stream");
+            } catch(const Exception&) {}
         }
     }
     catch(const Exception&)
@@ -105,7 +111,13 @@ bool TestZinflate()
             StringSource(src, true, new Deflator(new StringSink(dest)));
             StringSource(dest, true, new Inflator(new StringSink(rec)));
             if (src != rec)
-                throw Exception(Exception::OTHER_ERROR, "Deflate failed a self test");
+                throw Exception(Exception::OTHER_ERROR, "Deflate failed to decompress stream");
+
+            // Tamper
+            try {
+                StringSource(dest.substr(0, len-2), true, new Inflator(new StringSink(rec)));
+                throw Exception(Exception::OTHER_ERROR, "Deflate failed to detect a truncated stream");
+            } catch(const Exception&) {}
         }
     }
     catch(const Exception&)
@@ -127,7 +139,7 @@ bool TestZinflate()
         } catch(const Exception&) {    }
     }
 
-    // Unzip random data. See if we can induce a crash
+    // Inflate random data. See if we can induce a crash
     for (unsigned int i=0; i<128; i++)
     {
         std::string src, dest;
@@ -223,6 +235,27 @@ bool TestDefaultEncryptorWithMAC()
             StringSource(dest, true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
             if (src != rec)
                 throw Exception(Exception::OTHER_ERROR, "DefaultEncryptorWithMAC failed a self test");
+
+            // Tamper. Data format is [SALT][KEYCHECK][ENCRYPTED DATA].
+            try {
+                StringSource(dest.substr(0, len-2), true, new Inflator(new StringSink(rec)));
+                throw Exception(Exception::OTHER_ERROR, "DefaultEncryptorWithMAC failed to detect a truncated stream");
+            } catch(const Exception&) {}
+            try {
+                dest[4] ^= 0x01;
+                StringSource(dest, true, new Inflator(new StringSink(rec)));
+                throw Exception(Exception::OTHER_ERROR, "DefaultEncryptorWithMAC failed to detect a tampered salt");
+            } catch(const Exception&) {}
+            try {
+                dest[4] ^= 0x01; dest[20] ^= 0x01;  // undo previous tamper
+                StringSource(dest, true, new Inflator(new StringSink(rec)));
+                throw Exception(Exception::OTHER_ERROR, "DefaultEncryptorWithMAC failed to detect a tampered keycheck");
+            } catch(const Exception&) {}
+            try {
+                dest[20] ^= 0x01; dest[dest.length()-2] ^= 0x01;  // undo previous tamper
+                StringSource(dest, true, new Inflator(new StringSink(rec)));
+                throw Exception(Exception::OTHER_ERROR, "DefaultEncryptorWithMAC failed to detect a tampered data");
+            } catch(const Exception&) {}
         }
     }
     catch(const Exception&)
@@ -234,7 +267,7 @@ bool TestDefaultEncryptorWithMAC()
        std::cout << "passed:";
     else
        std::cout << "FAILED:";
-    std::cout << "  128 default encryptions and decryptions with MAC" << std::endl;
+    std::cout << "  256 default encryptions and decryptions with MAC" << std::endl;
 
     return !fail;
 }
@@ -301,6 +334,27 @@ bool TestLegacyEncryptorWithMAC()
             StringSource(dest, true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
             if (src != rec)
                 throw Exception(Exception::OTHER_ERROR, "LegacyEncryptorWithMAC failed a self test");
+
+            // Tamper. Data format is [SALT][KEYCHECK][ENCRYPTED DATA].
+            try {
+                StringSource(dest.substr(0, len-2), true, new Inflator(new StringSink(rec)));
+                throw Exception(Exception::OTHER_ERROR, "LegacyEncryptorWithMAC failed to detect a truncated stream");
+            } catch(const Exception&) {}
+            try {
+                dest[4] ^= 0x01;
+                StringSource(dest, true, new Inflator(new StringSink(rec)));
+                throw Exception(Exception::OTHER_ERROR, "LegacyEncryptorWithMAC failed to detect a tampered salt");
+            } catch(const Exception&) {}
+            try {
+                dest[4] ^= 0x01; dest[20] ^= 0x01;  // undo previous tamper
+                StringSource(dest, true, new Inflator(new StringSink(rec)));
+                throw Exception(Exception::OTHER_ERROR, "LegacyEncryptorWithMAC failed to detect a tampered keycheck");
+            } catch(const Exception&) {}
+            try {
+                dest[20] ^= 0x01; dest[dest.length()-2] ^= 0x01;  // undo previous tamper
+                StringSource(dest, true, new Inflator(new StringSink(rec)));
+                throw Exception(Exception::OTHER_ERROR, "LegacyEncryptorWithMAC failed to detect a tampered data");
+            } catch(const Exception&) {}
         }
     }
     catch(const Exception&)
@@ -763,7 +817,7 @@ bool TestRounding()
 }
 #endif
 
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 struct ASN1_TestTuple
 {
     int disposition;
@@ -1016,7 +1070,7 @@ bool TestASN1Parse()
 }
 #endif
 
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 bool TestSecBlock()
 {
     std::cout << "\nTesting SecBlock...\n\n";
@@ -1981,7 +2035,7 @@ bool TestSecBlock()
 }
 #endif
 
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 bool TestHuffmanCodes()
 {
     std::cout << "\nTesting Huffman codes...\n\n";
@@ -2019,11 +2073,54 @@ bool TestHuffmanCodes()
 }
 #endif
 
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 bool TestIntegerBitops()
 {
-    std::cout << "\nTesting Integer bitops...\n\n";
+    std::cout << "\nTesting Integer operations...\n\n";
+    bool pass;
 
+    // Integer is missing a couple of tests...
+    try {
+        Integer x = Integer::Two().Power2(128) / Integer::Zero();
+        pass=false;
+    } catch (const Exception&) {
+        pass=true;
+    }
+
+    if (pass)
+        std::cout << "passed:";
+    else
+        std::cout << "FAILED:";
+    std::cout << "  Integer DivideByZero\n";
+
+    // Integer is missing a couple of tests...
+    try {
+        // All in range [90, 96] are composite
+        Integer x = Integer(GlobalRNG(), 90, 96, Integer::PRIME);
+        pass=false;
+    } catch (const Exception&) {
+        pass=true;
+    }
+
+    if (pass)
+        std::cout << "passed:";
+    else
+        std::cout << "FAILED:";
+    std::cout << "  Integer RandomNumberNotFound\n";
+
+    // Integer is missing a couple of tests...
+    try {
+        // All in range [90, 96] are composite
+        Integer x = Integer::One().Doubled();
+        pass=(x == Integer::Two());
+    } catch (const Exception&) {
+        pass=false;
+    }
+
+    if (!pass)
+        std::cout << "FAILED:  Integer Doubled\n";
+
+    // Now onto the meat and potatoes...
     struct Bitops_TestTuple
     {
         // m,n are operands; a,o,x are and,or,xor results
diff --git a/validat1.cpp b/validat1.cpp
index 2dc48572..6ff27693 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -73,7 +73,7 @@ bool ValidateAll(bool thorough)
 	pass=TestAutoSeeded() && pass;
 	pass=TestAutoSeededX917() && pass;
 	// pass=TestSecRandom() && pass;
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 	pass=TestMersenne() && pass;
 #endif
 #if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
@@ -81,7 +81,7 @@ bool ValidateAll(bool thorough)
 	pass=TestRDSEED() && pass;
 #endif
 
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 	// http://github.com/weidai11/cryptopp/issues/92
 	pass=TestSecBlock() && pass;
 	// http://github.com/weidai11/cryptopp/issues/336
@@ -159,12 +159,13 @@ bool ValidateAll(bool thorough)
 	pass=ValidateCamellia() && pass;
 	pass=ValidateSalsa() && pass;
 	pass=ValidateSosemanuk() && pass;
+	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/seed.txt") && pass;
+	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/kalyna.txt") && pass;
 	pass=ValidateVMAC() && pass;
 	pass=ValidateCCM() && pass;
 	pass=ValidateGCM() && pass;
 	pass=ValidateCMAC() && pass;
 	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/eax.txt") && pass;
-	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/seed.txt") && pass;
 
 	pass=ValidateBBS() && pass;
 	pass=ValidateDH() && pass;
@@ -239,7 +240,7 @@ bool TestSettings()
 		pass = false;
 	}
 
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 	// App and library versions, http://github.com/weidai11/cryptopp/issues/371
 	const int v1 = LibraryVersion();
 	const int v2 = HeaderVersion();
@@ -623,7 +624,7 @@ bool TestAutoSeededX917()
 }
 #endif // NO_OS_DEPENDENCE
 
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 bool TestMersenne()
 {
 	std::cout << "\nTesting Mersenne Twister...\n\n";
diff --git a/validat2.cpp b/validat2.cpp
index 287d9b0f..ecb17556 100644
--- a/validat2.cpp
+++ b/validat2.cpp
@@ -793,7 +793,7 @@ bool ValidateBlumGoldwasser()
 }
 */
 
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 // Issue 64: "PolynomialMod2::operator<<=", http://github.com/weidai11/cryptopp/issues/64
 bool TestPolynomialMod2()
 {
diff --git a/validate.h b/validate.h
index 75d5610c..ebf21830 100644
--- a/validate.h
+++ b/validate.h
@@ -107,7 +107,12 @@ bool ValidateESIGN();
 bool ValidateHashDRBG();
 bool ValidateHmacDRBG();
 
+// If CRYPTOPP_DEBUG or CRYPTOPP_COVERAGE is in effect, then perform additional tests
 #if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+# define CRYPTOPP_EXTENDED_VALIDATION 1
+#endif
+
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 // http://github.com/weidai11/cryptopp/issues/92
 bool TestSecBlock();
 // http://github.com/weidai11/cryptopp/issues/64

From 06092259c2f6d9afa7a6d8457d078d1e83435c00 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 6 May 2017 00:21:24 -0400
Subject: [PATCH 083/200] Make UncheckedKeySet and ProcessXorBlocks protected

---
 aria.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aria.h b/aria.h
index 86ccf6c9..88811b49 100644
--- a/aria.h
+++ b/aria.h
@@ -43,7 +43,7 @@ class ARIA : public ARIA_Info, public BlockCipherDocumentation
 public:
 	class CRYPTOPP_NO_VTABLE Base : public BlockCipherImpl<ARIA_Info>
 	{
-	public:
+	protected:
 		void UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params);
 		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 

From a5c67cfdd6ad7eeb6e5414044ab3a992d3ce74b9 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 6 May 2017 00:24:35 -0400
Subject: [PATCH 084/200] Add Kalyna block cipher (Issue 411) Thanks to Roman
 Oliynykov and Oleksandr Kazymyrov for their assistance. Thanks to Keru Kuro
 for the reference implementation.

---
 Filelist.txt             |    4 +
 TestVectors/all.txt      |    1 +
 TestVectors/kalyna.txt   |   41 ++
 bench1.cpp               |   10 +-
 cryptest.nmake           |    4 +-
 cryptest.vcxproj         |    2 +-
 cryptest.vcxproj.filters |    3 +
 cryptlib.vcxproj         |    3 +
 cryptlib.vcxproj.filters |    9 +
 datatest.cpp             |    2 +-
 kalyna.cpp               | 1255 ++++++++++++++++++++++++++++++++++++++
 kalyna.h                 |  149 +++++
 kalynatab.cpp            | 1239 +++++++++++++++++++++++++++++++++++++
 regtest2.cpp             |    6 +-
 test.cpp                 |    2 +-
 15 files changed, 2717 insertions(+), 13 deletions(-)
 create mode 100644 TestVectors/kalyna.txt
 create mode 100644 kalyna.cpp
 create mode 100644 kalyna.h
 create mode 100644 kalynatab.cpp

diff --git a/Filelist.txt b/Filelist.txt
index 51545c04..4df8cdb6 100644
--- a/Filelist.txt
+++ b/Filelist.txt
@@ -146,6 +146,9 @@ integer.cpp
 integer.h
 iterhash.cpp
 iterhash.h
+kalynatab.cpp
+kalyna.cpp
+kalyna.h
 keccak.cpp
 keccak.h
 lubyrack.h
@@ -404,6 +407,7 @@ TestVectors/esign.txt
 TestVectors/gcm.txt
 TestVectors/hkdf.txt
 TestVectors/hmac.txt
+TestVectors/kalyna.txt
 TestVectors/keccak.txt
 TestVectors/mars.txt
 TestVectors/nr.txt
diff --git a/TestVectors/all.txt b/TestVectors/all.txt
index 1646f0e9..c6fb6b7d 100644
--- a/TestVectors/all.txt
+++ b/TestVectors/all.txt
@@ -26,6 +26,7 @@ Test: TestVectors/sha2_fips_180.txt
 Test: TestVectors/sha3_fips_202.txt
 Test: TestVectors/panama.txt
 Test: TestVectors/aes.txt
+Test: TestVectors/kalyna.txt
 Test: TestVectors/salsa.txt
 Test: TestVectors/chacha.txt
 #Test: TestVectors/tls_chacha.txt
diff --git a/TestVectors/kalyna.txt b/TestVectors/kalyna.txt
new file mode 100644
index 00000000..59ae2b8c
--- /dev/null
+++ b/TestVectors/kalyna.txt
@@ -0,0 +1,41 @@
+AlgorithmType: SymmetricCipher
+Name: Kalyna/ECB
+Source: Kalyna reference implementation
+Comment: Kalyna 128-bit key, 128-bit block
+Key: 000102030405060708090A0B0C0D0E0F
+BlockSize: 16
+Plaintext: 101112131415161718191A1B1C1D1E1F
+Ciphertext: 81BF1C7D779BAC20E1C9EA39B4D2AD06
+Test: EncryptBlockSize
+Name: Kalyna/ECB
+Source: Kalyna reference implementation
+Comment: Kalyna 256-bit key, 128-bit block
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+BlockSize: 16
+Plaintext: 202122232425262728292A2B2C2D2E2F
+Ciphertext: 58EC3E091000158A1148F7166F334F14
+Test: EncryptBlockSize
+Name: Kalyna/ECB
+Source: Kalyna reference implementation
+Comment: Kalyna 256-bit key, 256-bit block
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+BlockSize: 32
+Plaintext: 202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+Ciphertext: F66E3D570EC92135AEDAE323DCBD2A8CA03963EC206A0D5A88385C24617FD92C
+Test: EncryptBlockSize
+Name: Kalyna/ECB
+Source: Kalyna reference implementation
+Comment: Kalyna 512-bit key, 256-bit block
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+BlockSize: 32
+Plaintext: 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Ciphertext: 606990E9E6B7B67A4BD6D893D72268B78E02C83C3CD7E102FD2E74A8FDFE5DD9
+Test: EncryptBlockSize
+Name: Kalyna/ECB
+Source: Kalyna reference implementation
+Comment: Kalyna 512-bit key, 512-bit block
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+BlockSize: 64
+Plaintext: 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+Ciphertext: 4A26E31B811C356AA61DD6CA0596231A67BA8354AA47F3A13E1DEEC320EB56B895D0F417175BAB662FD6F134BB15C86CCB906A26856EFEB7C5BC6472940DD9D9
+Test: EncryptBlockSize
diff --git a/bench1.cpp b/bench1.cpp
index f360dad8..eff2bf31 100644
--- a/bench1.cpp
+++ b/bench1.cpp
@@ -559,11 +559,11 @@ void Benchmark2(double t, double hertz)
 		BenchMarkByName<SymmetricCipher>("CAST-128/CTR");
 		BenchMarkByName<SymmetricCipher>("SKIPJACK/CTR");
 		BenchMarkByName<SymmetricCipher>("SEED/CTR", 0, "SEED/CTR (1/2 K table)");
-//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 16, "Kalyna-128(128)", MakeParameters(Name::BlockSize(), 16));
-//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-256(128)", MakeParameters(Name::BlockSize(), 16));
-//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-256(256)", MakeParameters(Name::BlockSize(), 32));
-//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-512(256)", MakeParameters(Name::BlockSize(), 32));
-//		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-512(512)", MakeParameters(Name::BlockSize(), 64));
+		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 16, "Kalyna-128(128) (128-bit key)", MakeParameters(Name::BlockSize(), 16));
+		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-128(256) (256-bit key)", MakeParameters(Name::BlockSize(), 16));
+		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 32, "Kalyna-256(256) (256-bit key)", MakeParameters(Name::BlockSize(), 32));
+		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-256(512) (512-bit key)", MakeParameters(Name::BlockSize(), 32));
+		BenchMarkByName<SymmetricCipher>("Kalyna/CTR", 64, "Kalyna-512(512) (512-bit key)", MakeParameters(Name::BlockSize(), 64));
 	}
 
 	std::cout << "\n<TBODY style=\"background: yellow;\">";
diff --git a/cryptest.nmake b/cryptest.nmake
index f932a7c0..4d561200 100644
--- a/cryptest.nmake
+++ b/cryptest.nmake
@@ -48,9 +48,9 @@
 # If you use 'make sources' from Linux makefile, then add 'winpipes.cpp'. Platform specific
 #  classes, like 'rdrand.cpp', should not be included. Add them under the X86 and X64 rules.
 
-LIB_SRCS = cryptlib.cpp cpu.cpp integer.cpp shacal2.cpp md5.cpp shark.cpp zinflate.cpp gf2n.cpp salsa.cpp xtr.cpp oaep.cpp rc2.cpp default.cpp wait.cpp wake.cpp twofish.cpp iterhash.cpp adler32.cpp algparam.cpp marss.cpp blowfish.cpp ecp.cpp strciphr.cpp aria.cpp camellia.cpp dh2.cpp ida.cpp zlib.cpp elgamal.cpp crc.cpp dessp.cpp tea.cpp eax.cpp network.cpp sha.cpp emsa2.cpp pkcspad.cpp squaretb.cpp idea.cpp authenc.cpp hmac.cpp xtrcrypt.cpp queue.cpp mars.cpp rc5.cpp md2.cpp hrtimer.cpp vmac.cpp eprecomp.cpp hex.cpp dsa.cpp fips140.cpp gzip.cpp seal.cpp blake2.cpp files.cpp base32.cpp sharkbox.cpp safer.cpp randpool.cpp sosemanuk.cpp arc4.cpp osrng.cpp skipjack.cpp seed.cpp sha3.cpp filters.cpp bfinit.cpp rabin.cpp 3way.cpp rw.cpp rdtables.cpp rsa.cpp tftables.cpp gost.cpp socketft.cpp nbtheory.cpp panama.cpp modes.cpp rijndael.cpp casts.cpp algebra.cpp esign.cpp gfpcrypt.cpp dll.cpp ec2n.cpp poly1305.cpp polynomi.cpp blumshub.cpp des.cpp basecode.cpp zdeflate.cpp base64.cpp rc6.cpp gf256.cpp mqueue.cpp misc.cpp pssr.cpp channels.cpp rng.cpp tiger.cpp cast.cpp square.cpp asn.cpp chacha.cpp whrlpool.cpp md4.cpp dh.cpp ccm.cpp mqv.cpp tigertab.cpp gf2_32.cpp cbcmac.cpp ttmac.cpp luc.cpp trdlocal.cpp pubkey.cpp gcm.cpp ripemd.cpp keccak.cpp eccrypto.cpp serpent.cpp cmac.cpp winpipes.cpp
+LIB_SRCS = cryptlib.cpp cpu.cpp integer.cpp shacal2.cpp md5.cpp shark.cpp zinflate.cpp gf2n.cpp salsa.cpp xtr.cpp oaep.cpp rc2.cpp default.cpp wait.cpp wake.cpp twofish.cpp iterhash.cpp adler32.cpp algparam.cpp marss.cpp blowfish.cpp ecp.cpp strciphr.cpp aria.cpp camellia.cpp dh2.cpp ida.cpp zlib.cpp elgamal.cpp crc.cpp dessp.cpp tea.cpp eax.cpp network.cpp sha.cpp emsa2.cpp pkcspad.cpp squaretb.cpp idea.cpp authenc.cpp hmac.cpp xtrcrypt.cpp queue.cpp mars.cpp rc5.cpp md2.cpp hrtimer.cpp vmac.cpp eprecomp.cpp hex.cpp dsa.cpp fips140.cpp gzip.cpp seal.cpp blake2.cpp files.cpp base32.cpp sharkbox.cpp safer.cpp randpool.cpp sosemanuk.cpp arc4.cpp osrng.cpp skipjack.cpp seed.cpp sha3.cpp filters.cpp bfinit.cpp rabin.cpp 3way.cpp rw.cpp rdtables.cpp rsa.cpp tftables.cpp gost.cpp socketft.cpp nbtheory.cpp panama.cpp modes.cpp rijndael.cpp casts.cpp algebra.cpp esign.cpp gfpcrypt.cpp dll.cpp ec2n.cpp poly1305.cpp polynomi.cpp blumshub.cpp des.cpp basecode.cpp zdeflate.cpp base64.cpp rc6.cpp gf256.cpp mqueue.cpp misc.cpp pssr.cpp channels.cpp rng.cpp tiger.cpp cast.cpp square.cpp asn.cpp chacha.cpp whrlpool.cpp md4.cpp dh.cpp ccm.cpp mqv.cpp tigertab.cpp gf2_32.cpp cbcmac.cpp ttmac.cpp luc.cpp trdlocal.cpp pubkey.cpp gcm.cpp ripemd.cpp kalyna.cpp kalynatab.cpp keccak.cpp eccrypto.cpp serpent.cpp cmac.cpp winpipes.cpp
 
-LIB_OBJS = cryptlib.obj cpu.obj integer.obj shacal2.obj md5.obj shark.obj zinflate.obj gf2n.obj salsa.obj xtr.obj oaep.obj rc2.obj default.obj wait.obj wake.obj twofish.obj iterhash.obj adler32.obj algparam.obj marss.obj blowfish.obj ecp.obj strciphr.obj aria.obj camellia.obj dh2.obj ida.obj zlib.obj elgamal.obj crc.obj dessp.obj tea.obj eax.obj network.obj sha.obj emsa2.obj pkcspad.obj squaretb.obj idea.obj authenc.obj hmac.obj xtrcrypt.obj queue.obj mars.obj rc5.obj md2.obj hrtimer.obj vmac.obj eprecomp.obj hex.obj dsa.obj fips140.obj gzip.obj seal.obj blake2.obj files.obj base32.obj sharkbox.obj safer.obj randpool.obj sosemanuk.obj arc4.obj osrng.obj skipjack.obj seed.obj sha3.obj filters.obj bfinit.obj rabin.obj 3way.obj rw.obj rdtables.obj rsa.obj tftables.obj gost.obj socketft.obj nbtheory.obj panama.obj modes.obj rijndael.obj casts.obj algebra.obj esign.obj gfpcrypt.obj dll.obj ec2n.obj poly1305.obj polynomi.obj blumshub.obj des.obj basecode.obj zdeflate.obj base64.obj rc6.obj gf256.obj mqueue.obj misc.obj pssr.obj channels.obj rng.obj tiger.obj cast.obj square.obj asn.obj chacha.obj whrlpool.obj md4.obj dh.obj ccm.obj mqv.obj tigertab.obj gf2_32.obj cbcmac.obj ttmac.obj luc.obj trdlocal.obj pubkey.obj gcm.obj ripemd.obj keccak.obj eccrypto.obj serpent.obj cmac.obj winpipes.obj
+LIB_OBJS = cryptlib.obj cpu.obj integer.obj shacal2.obj md5.obj shark.obj zinflate.obj gf2n.obj salsa.obj xtr.obj oaep.obj rc2.obj default.obj wait.obj wake.obj twofish.obj iterhash.obj adler32.obj algparam.obj marss.obj blowfish.obj ecp.obj strciphr.obj aria.obj camellia.obj dh2.obj ida.obj zlib.obj elgamal.obj crc.obj dessp.obj tea.obj eax.obj network.obj sha.obj emsa2.obj pkcspad.obj squaretb.obj idea.obj authenc.obj hmac.obj xtrcrypt.obj queue.obj mars.obj rc5.obj md2.obj hrtimer.obj vmac.obj eprecomp.obj hex.obj dsa.obj fips140.obj gzip.obj seal.obj blake2.obj files.obj base32.obj sharkbox.obj safer.obj randpool.obj sosemanuk.obj arc4.obj osrng.obj skipjack.obj seed.obj sha3.obj filters.obj bfinit.obj rabin.obj 3way.obj rw.obj rdtables.obj rsa.obj tftables.obj gost.obj socketft.obj nbtheory.obj panama.obj modes.obj rijndael.obj casts.obj algebra.obj esign.obj gfpcrypt.obj dll.obj ec2n.obj poly1305.obj polynomi.obj blumshub.obj des.obj basecode.obj zdeflate.obj base64.obj rc6.obj gf256.obj mqueue.obj misc.obj pssr.obj channels.obj rng.obj tiger.obj cast.obj square.obj asn.obj chacha.obj whrlpool.obj md4.obj dh.obj ccm.obj mqv.obj tigertab.obj gf2_32.obj cbcmac.obj ttmac.obj luc.obj trdlocal.obj pubkey.obj gcm.obj ripemd.obj kalyna.obj kalynatab.obj keccak.obj eccrypto.obj serpent.obj cmac.obj winpipes.obj
 
 TEST_SRCS = bench1.cpp bench2.cpp test.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp datatest.cpp regtest1.cpp regtest2.cpp regtest3.cpp fipsalgt.cpp dlltest.cpp fipstest.cpp
 
diff --git a/cryptest.vcxproj b/cryptest.vcxproj
index adc836df..c857b673 100644
--- a/cryptest.vcxproj
+++ b/cryptest.vcxproj
@@ -195,7 +195,7 @@
   <!-- The rule copies cryptest.exe to the project   -->
   <!-- root directory so it can be executed in place -->
   <Target Name="CopyCryptestToRoot">
-    <Exec Command="copy $(Platform)\Output\$(Configuration)\cryptest.exe ."/>
+    <Exec Command="copy $(Platform)\Output\$(Configuration)\cryptest.exe $(SolutionDir)" />
   </Target>
 
   <!-- Source Files -->
diff --git a/cryptest.vcxproj.filters b/cryptest.vcxproj.filters
index d37d2866..2d2177b0 100644
--- a/cryptest.vcxproj.filters
+++ b/cryptest.vcxproj.filters
@@ -75,6 +75,9 @@
     <None Include="TestVectors\hmac.txt">
       <Filter>TestVectors</Filter>
     </None>
+    <None Include="TestVectors\kalyna.txt">
+      <Filter>TestVectors</Filter>
+    </None>
     <None Include="TestVectors\mars.txt">
       <Filter>TestVectors</Filter>
     </None>
diff --git a/cryptlib.vcxproj b/cryptlib.vcxproj
index fb756a07..22d3e4d7 100644
--- a/cryptlib.vcxproj
+++ b/cryptlib.vcxproj
@@ -229,6 +229,8 @@
     <ClCompile Include="iterhash.cpp">
       <PrecompiledHeader />
     </ClCompile>
+    <ClCompile Include="kalyna.cpp" />
+    <ClCompile Include="kalynatab.cpp" />
     <ClCompile Include="keccak.cpp" />
     <ClCompile Include="luc.cpp" />
     <ClCompile Include="mars.cpp" />
@@ -401,6 +403,7 @@
     <ClInclude Include="idea.h" />
     <ClInclude Include="integer.h" />
     <ClInclude Include="iterhash.h" />
+    <ClInclude Include="kalyna.h" />
     <ClInclude Include="keccak.h" />
     <ClInclude Include="lubyrack.h" />
     <ClInclude Include="luc.h" />
diff --git a/cryptlib.vcxproj.filters b/cryptlib.vcxproj.filters
index a864550c..c423ab33 100644
--- a/cryptlib.vcxproj.filters
+++ b/cryptlib.vcxproj.filters
@@ -191,6 +191,12 @@
     <ClCompile Include="iterhash.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
+    <ClCompile Include="kalyna.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="kalynatab.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
     <ClCompile Include="keccak.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
@@ -603,6 +609,9 @@
     <ClInclude Include="iterhash.h">
       <Filter>Header Files</Filter>
     </ClInclude>
+    <ClInclude Include="kalyna.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
     <ClInclude Include="keccak.h">
       <Filter>Header Files</Filter>
     </ClInclude>
diff --git a/datatest.cpp b/datatest.cpp
index 94a45149..95f7da3b 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -380,7 +380,7 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 			SignalTestFailure();
 
 		ConstByteArrayParameter iv;
-		if (pairs.GetValue(Name::IV(), iv) && iv.size() != encryptor->IVSize() && iv.size() != blockSize)
+		if (pairs.GetValue(Name::IV(), iv) && iv.size() != encryptor->IVSize() && (int)iv.size() != blockSize)
 			SignalTestFailure();
 
 		if (test == "Resync")
diff --git a/kalyna.cpp b/kalyna.cpp
new file mode 100644
index 00000000..ad0ccd41
--- /dev/null
+++ b/kalyna.cpp
@@ -0,0 +1,1255 @@
+// kalyna.cpp - written and placed in the public domain by Jeffrey Walton
+//              This code relied upon three sources. First was Oliynykov, Gorbenko, Kazymyrov, Ruzhentsev,
+//              Kuznetsov, Gorbenko, Dyrda, Dolgov, Pushkaryov, Mordvinov and Kaidalov's "A New Encryption
+//              Standard of Ukraine: The Kalyna Block Cipher" (http://eprint.iacr.org/2015/650.pdf). Second
+//              was Roman Oliynykov and Oleksandr Kazymyrov's GitHub with the reference implementation
+//              (http://github.com/Roman-Oliynykov/Kalyna-reference). The third and most utilized resource
+//              was Keru Kuro's implementation of Kalyna in CppCrypto (http://sourceforge.net/projects/cppcrypto/).
+//              Kuro has an outstanding implementation that performed better than the reference implementation
+//              and out intial attempts.
+
+#include "pch.h"
+#include "config.h"
+
+#include "kalyna.h"
+#include "argnames.h"
+#include "misc.h"
+#include "cpu.h"
+
+NAMESPACE_BEGIN(CryptoPP)
+NAMESPACE_BEGIN(KalynaTab)
+
+// T can be shared between Kupyna and Kalyna; IT, S and IS are Kalyna specific
+extern const word64 T[8][256];  // Substitution
+extern const word64 IT[8][256]; // Inverse
+extern const byte S[4][256];    // Substitution
+extern const byte IS[4][256];   // Inverse
+
+NAMESPACE_END
+NAMESPACE_END
+
+ANONYMOUS_NAMESPACE_BEGIN
+
+using CryptoPP::word64;
+using CryptoPP::KalynaTab::S;
+using CryptoPP::KalynaTab::T;
+using CryptoPP::KalynaTab::IS;
+using CryptoPP::KalynaTab::IT;
+
+template <unsigned int NB>
+inline void SwapBlocks(word64 k[NB])
+{
+    const word64 t = k[0];
+    k[0] = k[1];
+
+    if (NB > 2)
+    {
+        k[1] = k[2];
+        k[2] = k[3];
+    }
+
+    if (NB > 4)
+    {
+        k[3] = k[4];
+        k[4] = k[5];
+        k[5] = k[6];
+        k[6] = k[7];
+    }
+
+    k[NB - 1] = t;
+}
+
+template <unsigned int NB>
+inline void AddKey(const word64 x[NB], word64 y[NB], const word64 k[NB])
+{
+    y[0] = x[0] + k[0];
+    y[1] = x[1] + k[1];
+
+    if (NB > 2)
+    {
+        y[2] = x[2] + k[2];
+        y[3] = x[3] + k[3];
+    }
+
+    if (NB > 4)
+    {
+        y[4] = x[4] + k[4];
+        y[5] = x[5] + k[5];
+        y[6] = x[6] + k[6];
+        y[7] = x[7] + k[7];
+    }
+}
+
+template <unsigned int NB>
+inline void SubKey(const word64 x[NB], word64 y[NB], const word64 k[NB])
+{
+    y[0] = x[0] - k[0];
+    y[1] = x[1] - k[1];
+
+    if (NB > 2)
+    {
+        y[2] = x[2] - k[2];
+        y[3] = x[3] - k[3];
+    }
+
+    if (NB > 4)
+    {
+        y[4] = x[4] - k[4];
+        y[5] = x[5] - k[5];
+        y[6] = x[6] - k[6];
+        y[7] = x[7] - k[7];
+    }
+}
+
+template <unsigned int NB>
+static inline void AddConstant(word64 src[NB], word64 dst[NB], word64 constant)
+{
+    dst[0] = src[0] + constant;
+    dst[1] = src[1] + constant;
+
+    if (NB > 2)
+    {
+        dst[2] = src[2] + constant;
+        dst[3] = src[3] + constant;
+    }
+
+    if (NB > 4)
+    {
+        dst[4] = src[4] + constant;
+        dst[5] = src[5] + constant;
+        dst[6] = src[6] + constant;
+        dst[7] = src[7] + constant;
+    }
+}
+
+inline void G0128(const word64 x[2], word64 y[2])
+{
+    y[0] = T[0][(byte)x[0]] ^ T[1][(byte)(x[0] >> 8)] ^ T[2][(byte)(x[0] >> 16)] ^ T[3][(byte)(x[0] >> 24)] ^
+        T[4][(byte)(x[1] >> 32)] ^ T[5][(byte)(x[1] >> 40)] ^ T[6][(byte)(x[1] >> 48)] ^ T[7][(byte)(x[1] >> 56)];
+    y[1] = T[0][(byte)x[1]] ^ T[1][(byte)(x[1] >> 8)] ^ T[2][(byte)(x[1] >> 16)] ^ T[3][(byte)(x[1] >> 24)] ^
+        T[4][(byte)(x[0] >> 32)] ^ T[5][(byte)(x[0] >> 40)] ^ T[6][(byte)(x[0] >> 48)] ^ T[7][(byte)(x[0] >> 56)];
+}
+
+inline void G0256(const word64 x[4], word64 y[4])
+{
+    y[0] = T[0][(byte)x[0]] ^ T[1][(byte)(x[0] >> 8)] ^ T[2][(byte)(x[3] >> 16)] ^ T[3][(byte)(x[3] >> 24)] ^
+        T[4][(byte)(x[2] >> 32)] ^ T[5][(byte)(x[2] >> 40)] ^ T[6][(byte)(x[1] >> 48)] ^ T[7][(byte)(x[1] >> 56)];
+    y[1] = T[0][(byte)x[1]] ^ T[1][(byte)(x[1] >> 8)] ^ T[2][(byte)(x[0] >> 16)] ^ T[3][(byte)(x[0] >> 24)] ^
+        T[4][(byte)(x[3] >> 32)] ^ T[5][(byte)(x[3] >> 40)] ^ T[6][(byte)(x[2] >> 48)] ^ T[7][(byte)(x[2] >> 56)];
+    y[2] = T[0][(byte)x[2]] ^ T[1][(byte)(x[2] >> 8)] ^ T[2][(byte)(x[1] >> 16)] ^ T[3][(byte)(x[1] >> 24)] ^
+        T[4][(byte)(x[0] >> 32)] ^ T[5][(byte)(x[0] >> 40)] ^ T[6][(byte)(x[3] >> 48)] ^ T[7][(byte)(x[3] >> 56)];
+    y[3] = T[0][(byte)x[3]] ^ T[1][(byte)(x[3] >> 8)] ^ T[2][(byte)(x[2] >> 16)] ^ T[3][(byte)(x[2] >> 24)] ^
+        T[4][(byte)(x[1] >> 32)] ^ T[5][(byte)(x[1] >> 40)] ^ T[6][(byte)(x[0] >> 48)] ^ T[7][(byte)(x[0] >> 56)];
+}
+
+inline void G0512(const word64 x[8], word64 y[8])
+{
+    y[0] = T[0][(byte)x[0]] ^ T[1][(byte)(x[7] >> 8)] ^ T[2][(byte)(x[6] >> 16)] ^ T[3][(byte)(x[5] >> 24)] ^
+        T[4][(byte)(x[4] >> 32)] ^ T[5][(byte)(x[3] >> 40)] ^ T[6][(byte)(x[2] >> 48)] ^ T[7][(byte)(x[1] >> 56)];
+    y[1] = T[0][(byte)x[1]] ^ T[1][(byte)(x[0] >> 8)] ^ T[2][(byte)(x[7] >> 16)] ^ T[3][(byte)(x[6] >> 24)] ^
+        T[4][(byte)(x[5] >> 32)] ^ T[5][(byte)(x[4] >> 40)] ^ T[6][(byte)(x[3] >> 48)] ^ T[7][(byte)(x[2] >> 56)];
+    y[2] = T[0][(byte)x[2]] ^ T[1][(byte)(x[1] >> 8)] ^ T[2][(byte)(x[0] >> 16)] ^ T[3][(byte)(x[7] >> 24)] ^
+        T[4][(byte)(x[6] >> 32)] ^ T[5][(byte)(x[5] >> 40)] ^ T[6][(byte)(x[4] >> 48)] ^ T[7][(byte)(x[3] >> 56)];
+    y[3] = T[0][(byte)x[3]] ^ T[1][(byte)(x[2] >> 8)] ^ T[2][(byte)(x[1] >> 16)] ^ T[3][(byte)(x[0] >> 24)] ^
+        T[4][(byte)(x[7] >> 32)] ^ T[5][(byte)(x[6] >> 40)] ^ T[6][(byte)(x[5] >> 48)] ^ T[7][(byte)(x[4] >> 56)];
+    y[4] = T[0][(byte)x[4]] ^ T[1][(byte)(x[3] >> 8)] ^ T[2][(byte)(x[2] >> 16)] ^ T[3][(byte)(x[1] >> 24)] ^
+        T[4][(byte)(x[0] >> 32)] ^ T[5][(byte)(x[7] >> 40)] ^ T[6][(byte)(x[6] >> 48)] ^ T[7][(byte)(x[5] >> 56)];
+    y[5] = T[0][(byte)x[5]] ^ T[1][(byte)(x[4] >> 8)] ^ T[2][(byte)(x[3] >> 16)] ^ T[3][(byte)(x[2] >> 24)] ^
+        T[4][(byte)(x[1] >> 32)] ^ T[5][(byte)(x[0] >> 40)] ^ T[6][(byte)(x[7] >> 48)] ^ T[7][(byte)(x[6] >> 56)];
+    y[6] = T[0][(byte)x[6]] ^ T[1][(byte)(x[5] >> 8)] ^ T[2][(byte)(x[4] >> 16)] ^ T[3][(byte)(x[3] >> 24)] ^
+        T[4][(byte)(x[2] >> 32)] ^ T[5][(byte)(x[1] >> 40)] ^ T[6][(byte)(x[0] >> 48)] ^ T[7][(byte)(x[7] >> 56)];
+    y[7] = T[0][(byte)x[7]] ^ T[1][(byte)(x[6] >> 8)] ^ T[2][(byte)(x[5] >> 16)] ^ T[3][(byte)(x[4] >> 24)] ^
+        T[4][(byte)(x[3] >> 32)] ^ T[5][(byte)(x[2] >> 40)] ^ T[6][(byte)(x[1] >> 48)] ^ T[7][(byte)(x[0] >> 56)];
+}
+
+inline void GL128(const word64 x[2], word64 y[2], const word64 k[2])
+{
+    y[0] = k[0] + (T[0][(byte)x[0]] ^ T[1][(byte)(x[0] >> 8)] ^ T[2][(byte)(x[0] >> 16)] ^ T[3][(byte)(x[0] >> 24)] ^
+        T[4][(byte)(x[1] >> 32)] ^ T[5][(byte)(x[1] >> 40)] ^ T[6][(byte)(x[1] >> 48)] ^ T[7][(byte)(x[1] >> 56)]);
+    y[1] = k[1] + (T[0][(byte)x[1]] ^ T[1][(byte)(x[1] >> 8)] ^ T[2][(byte)(x[1] >> 16)] ^ T[3][(byte)(x[1] >> 24)] ^
+        T[4][(byte)(x[0] >> 32)] ^ T[5][(byte)(x[0] >> 40)] ^ T[6][(byte)(x[0] >> 48)] ^ T[7][(byte)(x[0] >> 56)]);
+}
+
+inline void GL256(const word64 x[4], word64 y[4], const word64 k[4])
+{
+    y[0] = k[0] + (T[0][(byte)x[0]] ^ T[1][(byte)(x[0] >> 8)] ^ T[2][(byte)(x[3] >> 16)] ^ T[3][(byte)(x[3] >> 24)] ^
+        T[4][(byte)(x[2] >> 32)] ^ T[5][(byte)(x[2] >> 40)] ^ T[6][(byte)(x[1] >> 48)] ^ T[7][(byte)(x[1] >> 56)]);
+    y[1] = k[1] + (T[0][(byte)x[1]] ^ T[1][(byte)(x[1] >> 8)] ^ T[2][(byte)(x[0] >> 16)] ^ T[3][(byte)(x[0] >> 24)] ^
+        T[4][(byte)(x[3] >> 32)] ^ T[5][(byte)(x[3] >> 40)] ^ T[6][(byte)(x[2] >> 48)] ^ T[7][(byte)(x[2] >> 56)]);
+    y[2] = k[2] + (T[0][(byte)x[2]] ^ T[1][(byte)(x[2] >> 8)] ^ T[2][(byte)(x[1] >> 16)] ^ T[3][(byte)(x[1] >> 24)] ^
+        T[4][(byte)(x[0] >> 32)] ^ T[5][(byte)(x[0] >> 40)] ^ T[6][(byte)(x[3] >> 48)] ^ T[7][(byte)(x[3] >> 56)]);
+    y[3] = k[3] + (T[0][(byte)x[3]] ^ T[1][(byte)(x[3] >> 8)] ^ T[2][(byte)(x[2] >> 16)] ^ T[3][(byte)(x[2] >> 24)] ^
+        T[4][(byte)(x[1] >> 32)] ^ T[5][(byte)(x[1] >> 40)] ^ T[6][(byte)(x[0] >> 48)] ^ T[7][(byte)(x[0] >> 56)]);
+}
+
+inline void GL512(const word64 x[8], word64 y[8], const word64 k[8])
+{
+    y[0] = k[0] + (T[0][(byte)x[0]] ^ T[1][(byte)(x[7] >> 8)] ^ T[2][(byte)(x[6] >> 16)] ^ T[3][(byte)(x[5] >> 24)] ^
+        T[4][(byte)(x[4] >> 32)] ^ T[5][(byte)(x[3] >> 40)] ^ T[6][(byte)(x[2] >> 48)] ^ T[7][(byte)(x[1] >> 56)]);
+    y[1] = k[1] + (T[0][(byte)x[1]] ^ T[1][(byte)(x[0] >> 8)] ^ T[2][(byte)(x[7] >> 16)] ^ T[3][(byte)(x[6] >> 24)] ^
+        T[4][(byte)(x[5] >> 32)] ^ T[5][(byte)(x[4] >> 40)] ^ T[6][(byte)(x[3] >> 48)] ^ T[7][(byte)(x[2] >> 56)]);
+    y[2] = k[2] + (T[0][(byte)x[2]] ^ T[1][(byte)(x[1] >> 8)] ^ T[2][(byte)(x[0] >> 16)] ^ T[3][(byte)(x[7] >> 24)] ^
+        T[4][(byte)(x[6] >> 32)] ^ T[5][(byte)(x[5] >> 40)] ^ T[6][(byte)(x[4] >> 48)] ^ T[7][(byte)(x[3] >> 56)]);
+    y[3] = k[3] + (T[0][(byte)x[3]] ^ T[1][(byte)(x[2] >> 8)] ^ T[2][(byte)(x[1] >> 16)] ^ T[3][(byte)(x[0] >> 24)] ^
+        T[4][(byte)(x[7] >> 32)] ^ T[5][(byte)(x[6] >> 40)] ^ T[6][(byte)(x[5] >> 48)] ^ T[7][(byte)(x[4] >> 56)]);
+    y[4] = k[4] + (T[0][(byte)x[4]] ^ T[1][(byte)(x[3] >> 8)] ^ T[2][(byte)(x[2] >> 16)] ^ T[3][(byte)(x[1] >> 24)] ^
+        T[4][(byte)(x[0] >> 32)] ^ T[5][(byte)(x[7] >> 40)] ^ T[6][(byte)(x[6] >> 48)] ^ T[7][(byte)(x[5] >> 56)]);
+    y[5] = k[5] + (T[0][(byte)x[5]] ^ T[1][(byte)(x[4] >> 8)] ^ T[2][(byte)(x[3] >> 16)] ^ T[3][(byte)(x[2] >> 24)] ^
+        T[4][(byte)(x[1] >> 32)] ^ T[5][(byte)(x[0] >> 40)] ^ T[6][(byte)(x[7] >> 48)] ^ T[7][(byte)(x[6] >> 56)]);
+    y[6] = k[6] + (T[0][(byte)x[6]] ^ T[1][(byte)(x[5] >> 8)] ^ T[2][(byte)(x[4] >> 16)] ^ T[3][(byte)(x[3] >> 24)] ^
+        T[4][(byte)(x[2] >> 32)] ^ T[5][(byte)(x[1] >> 40)] ^ T[6][(byte)(x[0] >> 48)] ^ T[7][(byte)(x[7] >> 56)]);
+    y[7] = k[7] + (T[0][(byte)x[7]] ^ T[1][(byte)(x[6] >> 8)] ^ T[2][(byte)(x[5] >> 16)] ^ T[3][(byte)(x[4] >> 24)] ^
+        T[4][(byte)(x[3] >> 32)] ^ T[5][(byte)(x[2] >> 40)] ^ T[6][(byte)(x[1] >> 48)] ^ T[7][(byte)(x[0] >> 56)]);
+}
+
+inline void IMC128(word64 x[2])
+{
+    x[0] = IT[0][S[0][(byte)x[0]]] ^ IT[1][S[1][(byte)(x[0] >> 8)]] ^ IT[2][S[2][(byte)(x[0] >> 16)]] ^ IT[3][S[3][(byte)(x[0] >> 24)]] ^
+        IT[4][S[0][(byte)(x[0] >> 32)]] ^ IT[5][S[1][(byte)(x[0] >> 40)]] ^ IT[6][S[2][(byte)(x[0] >> 48)]] ^ IT[7][S[3][(byte)(x[0] >> 56)]];
+    x[1] = IT[0][S[0][(byte)x[1]]] ^ IT[1][S[1][(byte)(x[1] >> 8)]] ^ IT[2][S[2][(byte)(x[1] >> 16)]] ^ IT[3][S[3][(byte)(x[1] >> 24)]] ^
+        IT[4][S[0][(byte)(x[1] >> 32)]] ^ IT[5][S[1][(byte)(x[1] >> 40)]] ^ IT[6][S[2][(byte)(x[1] >> 48)]] ^ IT[7][S[3][(byte)(x[1] >> 56)]];
+}
+
+inline void IMC256(word64 x[4])
+{
+    x[0] = IT[0][S[0][(byte)x[0]]] ^ IT[1][S[1][(byte)(x[0] >> 8)]] ^ IT[2][S[2][(byte)(x[0] >> 16)]] ^ IT[3][S[3][(byte)(x[0] >> 24)]] ^
+        IT[4][S[0][(byte)(x[0] >> 32)]] ^ IT[5][S[1][(byte)(x[0] >> 40)]] ^ IT[6][S[2][(byte)(x[0] >> 48)]] ^ IT[7][S[3][(byte)(x[0] >> 56)]];
+    x[1] = IT[0][S[0][(byte)x[1]]] ^ IT[1][S[1][(byte)(x[1] >> 8)]] ^ IT[2][S[2][(byte)(x[1] >> 16)]] ^ IT[3][S[3][(byte)(x[1] >> 24)]] ^
+        IT[4][S[0][(byte)(x[1] >> 32)]] ^ IT[5][S[1][(byte)(x[1] >> 40)]] ^ IT[6][S[2][(byte)(x[1] >> 48)]] ^ IT[7][S[3][(byte)(x[1] >> 56)]];
+    x[2] = IT[0][S[0][(byte)x[2]]] ^ IT[1][S[1][(byte)(x[2] >> 8)]] ^ IT[2][S[2][(byte)(x[2] >> 16)]] ^ IT[3][S[3][(byte)(x[2] >> 24)]] ^
+        IT[4][S[0][(byte)(x[2] >> 32)]] ^ IT[5][S[1][(byte)(x[2] >> 40)]] ^ IT[6][S[2][(byte)(x[2] >> 48)]] ^ IT[7][S[3][(byte)(x[2] >> 56)]];
+    x[3] = IT[0][S[0][(byte)x[3]]] ^ IT[1][S[1][(byte)(x[3] >> 8)]] ^ IT[2][S[2][(byte)(x[3] >> 16)]] ^ IT[3][S[3][(byte)(x[3] >> 24)]] ^
+        IT[4][S[0][(byte)(x[3] >> 32)]] ^ IT[5][S[1][(byte)(x[3] >> 40)]] ^ IT[6][S[2][(byte)(x[3] >> 48)]] ^ IT[7][S[3][(byte)(x[3] >> 56)]];
+}
+
+inline void IMC512(word64 x[8])
+{
+    x[0] = IT[0][S[0][(byte)x[0]]] ^ IT[1][S[1][(byte)(x[0] >> 8)]] ^ IT[2][S[2][(byte)(x[0] >> 16)]] ^ IT[3][S[3][(byte)(x[0] >> 24)]] ^
+        IT[4][S[0][(byte)(x[0] >> 32)]] ^ IT[5][S[1][(byte)(x[0] >> 40)]] ^ IT[6][S[2][(byte)(x[0] >> 48)]] ^ IT[7][S[3][(byte)(x[0] >> 56)]];
+    x[1] = IT[0][S[0][(byte)x[1]]] ^ IT[1][S[1][(byte)(x[1] >> 8)]] ^ IT[2][S[2][(byte)(x[1] >> 16)]] ^ IT[3][S[3][(byte)(x[1] >> 24)]] ^
+        IT[4][S[0][(byte)(x[1] >> 32)]] ^ IT[5][S[1][(byte)(x[1] >> 40)]] ^ IT[6][S[2][(byte)(x[1] >> 48)]] ^ IT[7][S[3][(byte)(x[1] >> 56)]];
+    x[2] = IT[0][S[0][(byte)x[2]]] ^ IT[1][S[1][(byte)(x[2] >> 8)]] ^ IT[2][S[2][(byte)(x[2] >> 16)]] ^ IT[3][S[3][(byte)(x[2] >> 24)]] ^
+        IT[4][S[0][(byte)(x[2] >> 32)]] ^ IT[5][S[1][(byte)(x[2] >> 40)]] ^ IT[6][S[2][(byte)(x[2] >> 48)]] ^ IT[7][S[3][(byte)(x[2] >> 56)]];
+    x[3] = IT[0][S[0][(byte)x[3]]] ^ IT[1][S[1][(byte)(x[3] >> 8)]] ^ IT[2][S[2][(byte)(x[3] >> 16)]] ^ IT[3][S[3][(byte)(x[3] >> 24)]] ^
+        IT[4][S[0][(byte)(x[3] >> 32)]] ^ IT[5][S[1][(byte)(x[3] >> 40)]] ^ IT[6][S[2][(byte)(x[3] >> 48)]] ^ IT[7][S[3][(byte)(x[3] >> 56)]];
+    x[4] = IT[0][S[0][(byte)x[4]]] ^ IT[1][S[1][(byte)(x[4] >> 8)]] ^ IT[2][S[2][(byte)(x[4] >> 16)]] ^ IT[3][S[3][(byte)(x[4] >> 24)]] ^
+        IT[4][S[0][(byte)(x[4] >> 32)]] ^ IT[5][S[1][(byte)(x[4] >> 40)]] ^ IT[6][S[2][(byte)(x[4] >> 48)]] ^ IT[7][S[3][(byte)(x[4] >> 56)]];
+    x[5] = IT[0][S[0][(byte)x[5]]] ^ IT[1][S[1][(byte)(x[5] >> 8)]] ^ IT[2][S[2][(byte)(x[5] >> 16)]] ^ IT[3][S[3][(byte)(x[5] >> 24)]] ^
+        IT[4][S[0][(byte)(x[5] >> 32)]] ^ IT[5][S[1][(byte)(x[5] >> 40)]] ^ IT[6][S[2][(byte)(x[5] >> 48)]] ^ IT[7][S[3][(byte)(x[5] >> 56)]];
+    x[6] = IT[0][S[0][(byte)x[6]]] ^ IT[1][S[1][(byte)(x[6] >> 8)]] ^ IT[2][S[2][(byte)(x[6] >> 16)]] ^ IT[3][S[3][(byte)(x[6] >> 24)]] ^
+        IT[4][S[0][(byte)(x[6] >> 32)]] ^ IT[5][S[1][(byte)(x[6] >> 40)]] ^ IT[6][S[2][(byte)(x[6] >> 48)]] ^ IT[7][S[3][(byte)(x[6] >> 56)]];
+    x[7] = IT[0][S[0][(byte)x[7]]] ^ IT[1][S[1][(byte)(x[7] >> 8)]] ^ IT[2][S[2][(byte)(x[7] >> 16)]] ^ IT[3][S[3][(byte)(x[7] >> 24)]] ^
+        IT[4][S[0][(byte)(x[7] >> 32)]] ^ IT[5][S[1][(byte)(x[7] >> 40)]] ^ IT[6][S[2][(byte)(x[7] >> 48)]] ^ IT[7][S[3][(byte)(x[7] >> 56)]];
+}
+
+inline void IG128(const word64 x[2], word64 y[2], const word64 k[2])
+{
+    y[0] = k[0] ^ IT[0][(byte)x[0]] ^ IT[1][(byte)(x[0] >> 8)] ^ IT[2][(byte)(x[0] >> 16)] ^ IT[3][(byte)(x[0] >> 24)] ^
+        IT[4][(byte)(x[1] >> 32)] ^ IT[5][(byte)(x[1] >> 40)] ^ IT[6][(byte)(x[1] >> 48)] ^ IT[7][(byte)(x[1] >> 56)];
+    y[1] = k[1] ^ IT[0][(byte)x[1]] ^ IT[1][(byte)(x[1] >> 8)] ^ IT[2][(byte)(x[1] >> 16)] ^ IT[3][(byte)(x[1] >> 24)] ^
+        IT[4][(byte)(x[0] >> 32)] ^ IT[5][(byte)(x[0] >> 40)] ^ IT[6][(byte)(x[0] >> 48)] ^ IT[7][(byte)(x[0] >> 56)];
+}
+
+inline void IG256(const word64 x[4], word64 y[4], const word64 k[4])
+{
+    y[0] = k[0] ^ IT[0][(byte)x[0]] ^ IT[1][(byte)(x[0] >> 8)] ^ IT[2][(byte)(x[1] >> 16)] ^ IT[3][(byte)(x[1] >> 24)] ^
+        IT[4][(byte)(x[2] >> 32)] ^ IT[5][(byte)(x[2] >> 40)] ^ IT[6][(byte)(x[3] >> 48)] ^ IT[7][(byte)(x[3] >> 56)];
+    y[1] = k[1] ^ IT[0][(byte)x[1]] ^ IT[1][(byte)(x[1] >> 8)] ^ IT[2][(byte)(x[2] >> 16)] ^ IT[3][(byte)(x[2] >> 24)] ^
+        IT[4][(byte)(x[3] >> 32)] ^ IT[5][(byte)(x[3] >> 40)] ^ IT[6][(byte)(x[0] >> 48)] ^ IT[7][(byte)(x[0] >> 56)];
+    y[2] = k[2] ^ IT[0][(byte)x[2]] ^ IT[1][(byte)(x[2] >> 8)] ^ IT[2][(byte)(x[3] >> 16)] ^ IT[3][(byte)(x[3] >> 24)] ^
+        IT[4][(byte)(x[0] >> 32)] ^ IT[5][(byte)(x[0] >> 40)] ^ IT[6][(byte)(x[1] >> 48)] ^ IT[7][(byte)(x[1] >> 56)];
+    y[3] = k[3] ^ IT[0][(byte)x[3]] ^ IT[1][(byte)(x[3] >> 8)] ^ IT[2][(byte)(x[0] >> 16)] ^ IT[3][(byte)(x[0] >> 24)] ^
+        IT[4][(byte)(x[1] >> 32)] ^ IT[5][(byte)(x[1] >> 40)] ^ IT[6][(byte)(x[2] >> 48)] ^ IT[7][(byte)(x[2] >> 56)];
+}
+
+inline void IG512(const word64 x[8], word64 y[8], const word64 k[8])
+{
+    y[0] = k[0] ^ IT[0][(byte)x[0]] ^ IT[1][(byte)(x[1] >> 8)] ^ IT[2][(byte)(x[2] >> 16)] ^ IT[3][(byte)(x[3] >> 24)] ^
+        IT[4][(byte)(x[4] >> 32)] ^ IT[5][(byte)(x[5] >> 40)] ^ IT[6][(byte)(x[6] >> 48)] ^ IT[7][(byte)(x[7] >> 56)];
+    y[1] = k[1] ^ IT[0][(byte)x[1]] ^ IT[1][(byte)(x[2] >> 8)] ^ IT[2][(byte)(x[3] >> 16)] ^ IT[3][(byte)(x[4] >> 24)] ^
+        IT[4][(byte)(x[5] >> 32)] ^ IT[5][(byte)(x[6] >> 40)] ^ IT[6][(byte)(x[7] >> 48)] ^ IT[7][(byte)(x[0] >> 56)];
+    y[2] = k[2] ^ IT[0][(byte)x[2]] ^ IT[1][(byte)(x[3] >> 8)] ^ IT[2][(byte)(x[4] >> 16)] ^ IT[3][(byte)(x[5] >> 24)] ^
+        IT[4][(byte)(x[6] >> 32)] ^ IT[5][(byte)(x[7] >> 40)] ^ IT[6][(byte)(x[0] >> 48)] ^ IT[7][(byte)(x[1] >> 56)];
+    y[3] = k[3] ^ IT[0][(byte)x[3]] ^ IT[1][(byte)(x[4] >> 8)] ^ IT[2][(byte)(x[5] >> 16)] ^ IT[3][(byte)(x[6] >> 24)] ^
+        IT[4][(byte)(x[7] >> 32)] ^ IT[5][(byte)(x[0] >> 40)] ^ IT[6][(byte)(x[1] >> 48)] ^ IT[7][(byte)(x[2] >> 56)];
+    y[4] = k[4] ^ IT[0][(byte)x[4]] ^ IT[1][(byte)(x[5] >> 8)] ^ IT[2][(byte)(x[6] >> 16)] ^ IT[3][(byte)(x[7] >> 24)] ^
+        IT[4][(byte)(x[0] >> 32)] ^ IT[5][(byte)(x[1] >> 40)] ^ IT[6][(byte)(x[2] >> 48)] ^ IT[7][(byte)(x[3] >> 56)];
+    y[5] = k[5] ^ IT[0][(byte)x[5]] ^ IT[1][(byte)(x[6] >> 8)] ^ IT[2][(byte)(x[7] >> 16)] ^ IT[3][(byte)(x[0] >> 24)] ^
+        IT[4][(byte)(x[1] >> 32)] ^ IT[5][(byte)(x[2] >> 40)] ^ IT[6][(byte)(x[3] >> 48)] ^ IT[7][(byte)(x[4] >> 56)];
+    y[6] = k[6] ^ IT[0][(byte)x[6]] ^ IT[1][(byte)(x[7] >> 8)] ^ IT[2][(byte)(x[0] >> 16)] ^ IT[3][(byte)(x[1] >> 24)] ^
+        IT[4][(byte)(x[2] >> 32)] ^ IT[5][(byte)(x[3] >> 40)] ^ IT[6][(byte)(x[4] >> 48)] ^ IT[7][(byte)(x[5] >> 56)];
+    y[7] = k[7] ^ IT[0][(byte)x[7]] ^ IT[1][(byte)(x[0] >> 8)] ^ IT[2][(byte)(x[1] >> 16)] ^ IT[3][(byte)(x[2] >> 24)] ^
+        IT[4][(byte)(x[3] >> 32)] ^ IT[5][(byte)(x[4] >> 40)] ^ IT[6][(byte)(x[5] >> 48)] ^ IT[7][(byte)(x[6] >> 56)];
+}
+
+inline void IGL128(const word64 x[2], word64 y[2], const word64 k[2])
+{
+    y[0] = (word64(IS[0][(byte)x[0]]) ^ word64(IS[1][(byte)(x[0] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[0] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[0] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[1] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[1] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[1] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[1] >> 56)]) << 56) - k[0];
+    y[1] = (word64(IS[0][(byte)x[1]]) ^ word64(IS[1][(byte)(x[1] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[1] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[1] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[0] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[0] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[0] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[0] >> 56)]) << 56) - k[1];
+}
+
+inline void IGL256(const word64 x[4], word64 y[4], const word64 k[4])
+{
+    y[0] = (word64(IS[0][(byte)x[0]]) ^ word64(IS[1][(byte)(x[0] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[1] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[1] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[2] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[2] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[3] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[3] >> 56)]) << 56) - k[0];
+    y[1] = (word64(IS[0][(byte)x[1]]) ^ word64(IS[1][(byte)(x[1] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[2] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[2] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[3] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[3] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[0] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[0] >> 56)]) << 56) - k[1];
+    y[2] = (word64(IS[0][(byte)x[2]]) ^ word64(IS[1][(byte)(x[2] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[3] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[3] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[0] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[0] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[1] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[1] >> 56)]) << 56) - k[2];
+    y[3] = (word64(IS[0][(byte)x[3]]) ^ word64(IS[1][(byte)(x[3] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[0] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[0] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[1] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[1] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[2] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[2] >> 56)]) << 56) - k[3];
+}
+
+inline void IGL512(const word64 x[8], word64 y[8], const word64 k[8])
+{
+    y[0] = (word64(IS[0][(byte)x[0]]) ^ word64(IS[1][(byte)(x[1] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[2] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[3] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[4] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[5] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[6] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[7] >> 56)]) << 56) - k[0];
+    y[1] = (word64(IS[0][(byte)x[1]]) ^ word64(IS[1][(byte)(x[2] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[3] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[4] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[5] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[6] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[7] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[0] >> 56)]) << 56) - k[1];
+    y[2] = (word64(IS[0][(byte)x[2]]) ^ word64(IS[1][(byte)(x[3] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[4] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[5] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[6] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[7] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[0] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[1] >> 56)]) << 56) - k[2];
+    y[3] = (word64(IS[0][(byte)x[3]]) ^ word64(IS[1][(byte)(x[4] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[5] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[6] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[7] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[0] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[1] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[2] >> 56)]) << 56) - k[3];
+    y[4] = (word64(IS[0][(byte)x[4]]) ^ word64(IS[1][(byte)(x[5] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[6] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[7] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[0] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[1] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[2] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[3] >> 56)]) << 56) - k[4];
+    y[5] = (word64(IS[0][(byte)x[5]]) ^ word64(IS[1][(byte)(x[6] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[7] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[0] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[1] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[2] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[3] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[4] >> 56)]) << 56) - k[5];
+    y[6] = (word64(IS[0][(byte)x[6]]) ^ word64(IS[1][(byte)(x[7] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[0] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[1] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[2] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[3] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[4] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[5] >> 56)]) << 56) - k[6];
+    y[7] = (word64(IS[0][(byte)x[7]]) ^ word64(IS[1][(byte)(x[0] >> 8)]) << 8 ^ word64(IS[2][(byte)(x[1] >> 16)]) << 16 ^ word64(IS[3][(byte)(x[2] >> 24)]) << 24 ^
+        word64(IS[0][(byte)(x[3] >> 32)]) << 32 ^ word64(IS[1][(byte)(x[4] >> 40)]) << 40 ^ word64(IS[2][(byte)(x[5] >> 48)]) << 48 ^ word64(IS[3][(byte)(x[6] >> 56)]) << 56) - k[7];
+}
+
+inline void G128(const word64 x[2], word64 y[2], const word64 k[2])
+{
+    y[0] = k[0] ^ T[0][(byte)x[0]] ^ T[1][(byte)(x[0] >> 8)] ^ T[2][(byte)(x[0] >> 16)] ^ T[3][(byte)(x[0] >> 24)] ^
+        T[4][(byte)(x[1] >> 32)] ^ T[5][(byte)(x[1] >> 40)] ^ T[6][(byte)(x[1] >> 48)] ^ T[7][(byte)(x[1] >> 56)];
+    y[1] = k[1] ^ T[0][(byte)x[1]] ^ T[1][(byte)(x[1] >> 8)] ^ T[2][(byte)(x[1] >> 16)] ^ T[3][(byte)(x[1] >> 24)] ^
+        T[4][(byte)(x[0] >> 32)] ^ T[5][(byte)(x[0] >> 40)] ^ T[6][(byte)(x[0] >> 48)] ^ T[7][(byte)(x[0] >> 56)];
+}
+
+inline void G256(const word64 x[4], word64 y[4], const word64 k[4])
+{
+    y[0] = k[0] ^ T[0][(byte)x[0]] ^ T[1][(byte)(x[0] >> 8)] ^ T[2][(byte)(x[3] >> 16)] ^ T[3][(byte)(x[3] >> 24)] ^
+        T[4][(byte)(x[2] >> 32)] ^ T[5][(byte)(x[2] >> 40)] ^ T[6][(byte)(x[1] >> 48)] ^ T[7][(byte)(x[1] >> 56)];
+    y[1] = k[1] ^ T[0][(byte)x[1]] ^ T[1][(byte)(x[1] >> 8)] ^ T[2][(byte)(x[0] >> 16)] ^ T[3][(byte)(x[0] >> 24)] ^
+        T[4][(byte)(x[3] >> 32)] ^ T[5][(byte)(x[3] >> 40)] ^ T[6][(byte)(x[2] >> 48)] ^ T[7][(byte)(x[2] >> 56)];
+    y[2] = k[2] ^ T[0][(byte)x[2]] ^ T[1][(byte)(x[2] >> 8)] ^ T[2][(byte)(x[1] >> 16)] ^ T[3][(byte)(x[1] >> 24)] ^
+        T[4][(byte)(x[0] >> 32)] ^ T[5][(byte)(x[0] >> 40)] ^ T[6][(byte)(x[3] >> 48)] ^ T[7][(byte)(x[3] >> 56)];
+    y[3] = k[3] ^ T[0][(byte)x[3]] ^ T[1][(byte)(x[3] >> 8)] ^ T[2][(byte)(x[2] >> 16)] ^ T[3][(byte)(x[2] >> 24)] ^
+        T[4][(byte)(x[1] >> 32)] ^ T[5][(byte)(x[1] >> 40)] ^ T[6][(byte)(x[0] >> 48)] ^ T[7][(byte)(x[0] >> 56)];
+}
+
+inline void G512(const word64 x[8], word64 y[8], const word64 k[8])
+{
+    y[0] = k[0] ^ T[0][(byte)x[0]] ^ T[1][(byte)(x[7] >> 8)] ^ T[2][(byte)(x[6] >> 16)] ^ T[3][(byte)(x[5] >> 24)] ^
+        T[4][(byte)(x[4] >> 32)] ^ T[5][(byte)(x[3] >> 40)] ^ T[6][(byte)(x[2] >> 48)] ^ T[7][(byte)(x[1] >> 56)];
+    y[1] = k[1] ^ T[0][(byte)x[1]] ^ T[1][(byte)(x[0] >> 8)] ^ T[2][(byte)(x[7] >> 16)] ^ T[3][(byte)(x[6] >> 24)] ^
+        T[4][(byte)(x[5] >> 32)] ^ T[5][(byte)(x[4] >> 40)] ^ T[6][(byte)(x[3] >> 48)] ^ T[7][(byte)(x[2] >> 56)];
+    y[2] = k[2] ^ T[0][(byte)x[2]] ^ T[1][(byte)(x[1] >> 8)] ^ T[2][(byte)(x[0] >> 16)] ^ T[3][(byte)(x[7] >> 24)] ^
+        T[4][(byte)(x[6] >> 32)] ^ T[5][(byte)(x[5] >> 40)] ^ T[6][(byte)(x[4] >> 48)] ^ T[7][(byte)(x[3] >> 56)];
+    y[3] = k[3] ^ T[0][(byte)x[3]] ^ T[1][(byte)(x[2] >> 8)] ^ T[2][(byte)(x[1] >> 16)] ^ T[3][(byte)(x[0] >> 24)] ^
+        T[4][(byte)(x[7] >> 32)] ^ T[5][(byte)(x[6] >> 40)] ^ T[6][(byte)(x[5] >> 48)] ^ T[7][(byte)(x[4] >> 56)];
+    y[4] = k[4] ^ T[0][(byte)x[4]] ^ T[1][(byte)(x[3] >> 8)] ^ T[2][(byte)(x[2] >> 16)] ^ T[3][(byte)(x[1] >> 24)] ^
+        T[4][(byte)(x[0] >> 32)] ^ T[5][(byte)(x[7] >> 40)] ^ T[6][(byte)(x[6] >> 48)] ^ T[7][(byte)(x[5] >> 56)];
+    y[5] = k[5] ^ T[0][(byte)x[5]] ^ T[1][(byte)(x[4] >> 8)] ^ T[2][(byte)(x[3] >> 16)] ^ T[3][(byte)(x[2] >> 24)] ^
+        T[4][(byte)(x[1] >> 32)] ^ T[5][(byte)(x[0] >> 40)] ^ T[6][(byte)(x[7] >> 48)] ^ T[7][(byte)(x[6] >> 56)];
+    y[6] = k[6] ^ T[0][(byte)x[6]] ^ T[1][(byte)(x[5] >> 8)] ^ T[2][(byte)(x[4] >> 16)] ^ T[3][(byte)(x[3] >> 24)] ^
+        T[4][(byte)(x[2] >> 32)] ^ T[5][(byte)(x[1] >> 40)] ^ T[6][(byte)(x[0] >> 48)] ^ T[7][(byte)(x[7] >> 56)];
+    y[7] = k[7] ^ T[0][(byte)x[7]] ^ T[1][(byte)(x[6] >> 8)] ^ T[2][(byte)(x[5] >> 16)] ^ T[3][(byte)(x[4] >> 24)] ^
+        T[4][(byte)(x[3] >> 32)] ^ T[5][(byte)(x[2] >> 40)] ^ T[6][(byte)(x[1] >> 48)] ^ T[7][(byte)(x[0] >> 56)];
+}
+
+inline void make_odd_key128(const word64 evenkey[2], word64 oddkey[2])
+{
+    const byte* even = reinterpret_cast<const byte*>(evenkey);
+    byte* odd = reinterpret_cast<byte*>(oddkey);
+
+    memcpy(odd, even + 7, 16 - 7);
+    memcpy(odd + 16 - 7, even, 7);
+}
+
+inline void make_odd_key256(const word64 evenkey[4], word64 oddkey[4])
+{
+    const byte* even = reinterpret_cast<const byte*>(evenkey);
+    byte* odd = reinterpret_cast<byte*>(oddkey);
+
+    memcpy(odd, even + 11, 32 - 11);
+    memcpy(odd + 32 - 11, even, 11);
+}
+
+inline void make_odd_key(const word64 evenkey[8], word64 oddkey[8])
+{
+    const byte* even = reinterpret_cast<const byte*>(evenkey);
+    byte* odd = reinterpret_cast<byte*>(oddkey);
+
+    memcpy(odd, even + 19, 64 - 19);
+    memcpy(odd + 64 - 19, even, 19);
+}
+
+ANONYMOUS_NAMESPACE_END
+
+NAMESPACE_BEGIN(CryptoPP)
+
+// *********************** UncheckedSetKey specializations *********************** //
+
+void Kalyna::Base::SetKey_22(const word64 key[2])
+{
+    word64 *ks = m_wspace+0, *ksc = m_wspace+2, *t1 = m_wspace+4;
+    word64 *t2 = m_wspace+6, *k = m_wspace+8, *kswapped = m_wspace+10;
+
+    memset(t1, 0, 2*8);
+    t1[0] = (128 + 128 + 64) / 64;
+
+    AddKey<2>(t1, t2, key);
+    G128(t2, t1, key);
+    GL128(t1, t2, key);
+    G0128(t2, ks);
+
+    word64 constant = 0x0001000100010001;
+
+    // round 0
+    memcpy(k, key, 16);
+    kswapped[1] = k[0];
+    kswapped[0] = k[1];
+
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(k, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[0], ksc);
+    make_odd_key128(&m_rkeys[0], &m_rkeys[2]);
+
+    // round 2
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(kswapped, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[4], ksc);
+    make_odd_key128(&m_rkeys[4], &m_rkeys[6]);
+
+    // round 4
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(k, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[8], ksc);
+    make_odd_key128(&m_rkeys[8], &m_rkeys[10]);
+
+    // round 6
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(kswapped, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[12], ksc);
+    make_odd_key128(&m_rkeys[12], &m_rkeys[14]);
+
+    // round 8
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(k, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[16], ksc);
+    make_odd_key128(&m_rkeys[16], &m_rkeys[18]);
+
+    // round 10
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(kswapped, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[20], ksc);
+
+    if (!IsForwardTransformation())
+    {
+        IMC128(&m_rkeys[18]); IMC128(&m_rkeys[16]);
+        IMC128(&m_rkeys[14]); IMC128(&m_rkeys[12]);
+        IMC128(&m_rkeys[10]); IMC128(&m_rkeys[ 8]);
+        IMC128(&m_rkeys[ 6]); IMC128(&m_rkeys[ 4]);
+        IMC128(&m_rkeys[ 2]);
+    }
+}
+
+void Kalyna::Base::SetKey_24(const word64 key[4])
+{
+    word64 *ks = m_wspace+0, *ksc = m_wspace+2, *t1 = m_wspace+4, *t2 = m_wspace+6;
+    word64 *k = m_wspace+8, *ka = m_wspace+12, *ko = m_wspace+14;
+
+    memset(t1, 0, 2*8);
+    t1[0] = (128 + 256 + 64) / 64;
+    memcpy(ka, key, 16);
+    memcpy(ko, key + 2, 16);
+
+    AddKey<2>(t1, t2, ka);
+    G128(t2, t1, ko);
+    GL128(t1, t2, ka);
+    G0128(t2, ks);
+
+    word64 constant = 0x0001000100010001;
+
+    // round 0
+    memcpy(k, key, 256 / 8);
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(k, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[0], ksc);
+    make_odd_key128(&m_rkeys[0], &m_rkeys[2]);
+
+    // round 2
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(k + 2, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[4], ksc);
+    make_odd_key128(&m_rkeys[4], &m_rkeys[6]);
+
+    // round 4
+    SwapBlocks<4>(k);
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(k, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[8], ksc);
+    make_odd_key128(&m_rkeys[8], &m_rkeys[10]);
+
+    // round 6
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(k + 2, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[12], ksc);
+    make_odd_key128(&m_rkeys[12], &m_rkeys[14]);
+
+    // round 8
+    SwapBlocks<4>(k);
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(k, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[16], ksc);
+    make_odd_key128(&m_rkeys[16], &m_rkeys[18]);
+
+    // round 10
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(k + 2, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[20], ksc);
+    make_odd_key128(&m_rkeys[20], &m_rkeys[22]);
+
+    // round 12
+    SwapBlocks<4>(k);
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(k, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[24], ksc);
+    make_odd_key128(&m_rkeys[24], &m_rkeys[26]);
+
+    // round 14
+    constant <<= 1;
+    AddConstant<2>(ks, ksc, constant);
+    AddKey<2>(k + 2, t2, ksc);
+    G128(t2, t1, ksc);
+    GL128(t1, &m_rkeys[28], ksc);
+
+    if (!IsForwardTransformation())
+    {
+        IMC128(&m_rkeys[26]);
+        IMC128(&m_rkeys[24]);
+        IMC128(&m_rkeys[22]);
+        IMC128(&m_rkeys[20]);
+        IMC128(&m_rkeys[18]);
+        IMC128(&m_rkeys[16]);
+        IMC128(&m_rkeys[14]);
+        IMC128(&m_rkeys[12]);
+        IMC128(&m_rkeys[10]);
+        IMC128(&m_rkeys[8]);
+        IMC128(&m_rkeys[6]);
+        IMC128(&m_rkeys[4]);
+        IMC128(&m_rkeys[2]);
+    }
+}
+
+void Kalyna::Base::SetKey_44(const word64 key[4])
+{
+    word64 *ks = m_wspace+0, *ksc = m_wspace+4, *t1 = m_wspace+8;
+    word64 *t2 = m_wspace+12, *k = m_wspace+16;
+
+    memset(t1, 0, 4*8);
+    t1[0] = (256 + 256 + 64) / 64;
+
+    AddKey<4>(t1, t2, key);
+    G256(t2, t1, key);
+    GL256(t1, t2, key);
+    G0256(t2, ks);
+
+    word64 constant = 0x0001000100010001;
+
+    // round 0
+    memcpy(k, key, 32);
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[0], ksc);
+    make_odd_key256(&m_rkeys[0], &m_rkeys[4]);
+
+    // round 2
+    SwapBlocks<4>(k);
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[8], ksc);
+    make_odd_key256(&m_rkeys[8], &m_rkeys[12]);
+
+    // round 4
+    SwapBlocks<4>(k);
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[16], ksc);
+    make_odd_key256(&m_rkeys[16], &m_rkeys[20]);
+
+    // round 6
+    SwapBlocks<4>(k);
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[24], ksc);
+    make_odd_key256(&m_rkeys[24], &m_rkeys[28]);
+
+    // round 8
+    SwapBlocks<4>(k);
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[32], ksc);
+    make_odd_key256(&m_rkeys[32], &m_rkeys[36]);
+
+    // round 10
+    SwapBlocks<4>(k);
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[40], ksc);
+    make_odd_key256(&m_rkeys[40], &m_rkeys[44]);
+
+    // round 12
+    SwapBlocks<4>(k);
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[48], ksc);
+    make_odd_key256(&m_rkeys[48], &m_rkeys[52]);
+
+    // round 14
+    SwapBlocks<4>(k);
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[56], ksc);
+
+    if (!IsForwardTransformation())
+    {
+        IMC256(&m_rkeys[52]);
+        IMC256(&m_rkeys[48]);
+        IMC256(&m_rkeys[44]);
+        IMC256(&m_rkeys[40]);
+        IMC256(&m_rkeys[36]);
+        IMC256(&m_rkeys[32]);
+        IMC256(&m_rkeys[28]);
+        IMC256(&m_rkeys[24]);
+        IMC256(&m_rkeys[20]);
+        IMC256(&m_rkeys[16]);
+        IMC256(&m_rkeys[12]);
+        IMC256(&m_rkeys[8]);
+        IMC256(&m_rkeys[4]);
+    }
+}
+
+void Kalyna::Base::SetKey_48(const word64 key[8])
+{
+    word64 *ks = m_wspace+0, *ksc = m_wspace+4, *t1 = m_wspace+8, *t2 = m_wspace+12;
+    word64 *k = m_wspace+16, *ka = m_wspace+24, *ko = m_wspace+28;
+
+    memset(t1, 0, 4*8);
+    t1[0] = (512 + 256 + 64) / 64;
+    memcpy(ka, key, 32);
+    memcpy(ko, key+4, 32);
+
+    AddKey<4>(t1, t2, ka);
+    G256(t2, t1, ko);
+    GL256(t1, t2, ka);
+    G0256(t2, ks);
+
+    word64 constant = 0x0001000100010001;
+
+    // round 0
+    memcpy(k, key, 512 / 8);
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[0], ksc);
+    make_odd_key256(&m_rkeys[0], &m_rkeys[4]);
+
+    // round 2
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k+4, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[8], ksc);
+    make_odd_key256(&m_rkeys[8], &m_rkeys[12]);
+
+    // round 4
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[16], ksc);
+    make_odd_key256(&m_rkeys[16], &m_rkeys[20]);
+
+    // round 6
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k+4, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[24], ksc);
+    make_odd_key256(&m_rkeys[24], &m_rkeys[28]);
+
+    // round 8
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[32], ksc);
+    make_odd_key256(&m_rkeys[32], &m_rkeys[36]);
+
+    // round 10
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k+4, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[40], ksc);
+    make_odd_key256(&m_rkeys[40], &m_rkeys[44]);
+
+    // round 12
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[48], ksc);
+    make_odd_key256(&m_rkeys[48], &m_rkeys[52]);
+
+    // round 14
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k+4, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[56], ksc);
+    make_odd_key256(&m_rkeys[56], &m_rkeys[60]);
+
+    // round 16
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[64], ksc);
+    make_odd_key256(&m_rkeys[64], &m_rkeys[68]);
+
+    // round 18
+    constant <<= 1;
+    AddConstant<4>(ks, ksc, constant);
+    AddKey<4>(k+4, t2, ksc);
+    G256(t2, t1, ksc);
+    GL256(t1, &m_rkeys[72], ksc);
+
+    if (!IsForwardTransformation())
+    {
+        IMC256(&m_rkeys[68]);
+        IMC256(&m_rkeys[64]);
+        IMC256(&m_rkeys[60]);
+        IMC256(&m_rkeys[56]);
+        IMC256(&m_rkeys[52]);
+        IMC256(&m_rkeys[48]);
+        IMC256(&m_rkeys[44]);
+        IMC256(&m_rkeys[40]);
+        IMC256(&m_rkeys[36]);
+        IMC256(&m_rkeys[32]);
+        IMC256(&m_rkeys[28]);
+        IMC256(&m_rkeys[24]);
+        IMC256(&m_rkeys[20]);
+        IMC256(&m_rkeys[16]);
+        IMC256(&m_rkeys[12]);
+        IMC256(&m_rkeys[8]);
+        IMC256(&m_rkeys[4]);
+    }
+}
+
+void Kalyna::Base::SetKey_88(const word64 key[8])
+{
+    word64 *ks = m_wspace+0, *ksc = m_wspace+8, *t1 = m_wspace+16;
+    word64 *t2 = m_wspace+24, *k = m_wspace+32;
+
+    memset(t1, 0, 8*8);
+    t1[0] = (512 + 512 + 64) / 64;
+
+    AddKey<8>(t1, t2, key);
+    G512(t2, t1, key);
+    GL512(t1, t2, key);
+    G0512(t2, ks);
+
+    word64 constant = 0x0001000100010001;
+
+    // round 0
+    memcpy(k, key, 512 / 8);
+    AddConstant<8>(ks, ksc, constant);
+    AddKey<8>(k, t2, ksc);
+    G512(t2, t1, ksc);
+    GL512(t1, &m_rkeys[0], ksc);
+    make_odd_key(&m_rkeys[0], &m_rkeys[8]);
+
+    // round 2
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<8>(ks, ksc, constant);
+    AddKey<8>(k, t2, ksc);
+    G512(t2, t1, ksc);
+    GL512(t1, &m_rkeys[16], ksc);
+    make_odd_key(&m_rkeys[16], &m_rkeys[24]);
+
+    // round 4
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<8>(ks, ksc, constant);
+    AddKey<8>(k, t2, ksc);
+    G512(t2, t1, ksc);
+    GL512(t1, &m_rkeys[32], ksc);
+    make_odd_key(&m_rkeys[32], &m_rkeys[40]);
+
+    // round 6
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<8>(ks, ksc, constant);
+    AddKey<8>(k, t2, ksc);
+    G512(t2, t1, ksc);
+    GL512(t1, &m_rkeys[48], ksc);
+    make_odd_key(&m_rkeys[48], &m_rkeys[56]);
+
+    // round 8
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<8>(ks, ksc, constant);
+    AddKey<8>(k, t2, ksc);
+    G512(t2, t1, ksc);
+    GL512(t1, &m_rkeys[64], ksc);
+    make_odd_key(&m_rkeys[64], &m_rkeys[72]);
+
+    // round 10
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<8>(ks, ksc, constant);
+    AddKey<8>(k, t2, ksc);
+    G512(t2, t1, ksc);
+    GL512(t1, &m_rkeys[80], ksc);
+    make_odd_key(&m_rkeys[80], &m_rkeys[88]);
+
+    // round 12
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<8>(ks, ksc, constant);
+    AddKey<8>(k, t2, ksc);
+    G512(t2, t1, ksc);
+    GL512(t1, &m_rkeys[96], ksc);
+    make_odd_key(&m_rkeys[96], &m_rkeys[104]);
+
+    // round 14
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<8>(ks, ksc, constant);
+    AddKey<8>(k, t2, ksc);
+    G512(t2, t1, ksc);
+    GL512(t1, &m_rkeys[112], ksc);
+    make_odd_key(&m_rkeys[112], &m_rkeys[120]);
+
+    // round 16
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<8>(ks, ksc, constant);
+    AddKey<8>(k, t2, ksc);
+    G512(t2, t1, ksc);
+    GL512(t1, &m_rkeys[128], ksc);
+    make_odd_key(&m_rkeys[128], &m_rkeys[136]);
+
+    // round 18
+    SwapBlocks<8>(k);
+    constant <<= 1;
+    AddConstant<8>(ks, ksc, constant);
+    AddKey<8>(k, t2, ksc);
+    G512(t2, t1, ksc);
+    GL512(t1, &m_rkeys[144], ksc);
+
+    if (!IsForwardTransformation())
+    {
+        IMC512(&m_rkeys[136]); IMC512(&m_rkeys[128]); IMC512(&m_rkeys[120]); IMC512(&m_rkeys[112]);
+        IMC512(&m_rkeys[104]); IMC512(&m_rkeys[ 96]); IMC512(&m_rkeys[ 88]); IMC512(&m_rkeys[ 80]);
+        IMC512(&m_rkeys[ 72]); IMC512(&m_rkeys[ 64]); IMC512(&m_rkeys[ 56]); IMC512(&m_rkeys[ 48]);
+        IMC512(&m_rkeys[ 40]); IMC512(&m_rkeys[ 32]); IMC512(&m_rkeys[ 24]); IMC512(&m_rkeys[ 16]);
+        IMC512(&m_rkeys[  8]);
+    }
+}
+
+//template <unsigned int NB, unsigned int NK>
+//void Kalyna::Base::SetKey_Template(const word64 key[NK])
+//{
+//}
+
+// *********************** ProcessAndXorBlock specializations *********************** //
+
+void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2]) const
+{
+    word64 *t1 = m_wspace+0, *t2 = m_wspace+2;
+    if (IsForwardTransformation())
+    {
+        AddKey<2>(inBlock, t1, m_rkeys);
+        G128(t1, t2, &m_rkeys[2]);   // 1
+        G128(t2, t1, &m_rkeys[4]);   // 2
+        G128(t1, t2, &m_rkeys[6]);   // 3
+        G128(t2, t1, &m_rkeys[8]);   // 4
+        G128(t1, t2, &m_rkeys[10]);  // 5
+        G128(t2, t1, &m_rkeys[12]);  // 6
+        G128(t1, t2, &m_rkeys[14]);  // 7
+        G128(t2, t1, &m_rkeys[16]);  // 8
+        G128(t1, t2, &m_rkeys[18]);  // 9
+        GL128(t2, t1, &m_rkeys[20]); // 10
+    }
+    else
+    {
+        SubKey<2>(inBlock, t1, &m_rkeys[20]);
+        IMC128(t1);
+        IG128(t1, t2, &m_rkeys[18]);
+        IG128(t2, t1, &m_rkeys[16]);
+        IG128(t1, t2, &m_rkeys[14]);
+        IG128(t2, t1, &m_rkeys[12]);
+        IG128(t1, t2, &m_rkeys[10]);
+        IG128(t2, t1, &m_rkeys[8]);
+        IG128(t1, t2, &m_rkeys[6]);
+        IG128(t2, t1, &m_rkeys[4]);
+        IG128(t1, t2, &m_rkeys[2]);
+        IGL128(t2, t1, &m_rkeys[0]);
+    }
+
+    memcpy(outBlock, t1, 16);
+}
+
+void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2]) const
+{
+    word64 *t1 = m_wspace+0, *t2 = m_wspace+2;
+    if (IsForwardTransformation())
+    {
+        AddKey<2>(inBlock, t1, m_rkeys);
+        G128(t1, t2, &m_rkeys[ 2]); // 1
+        G128(t2, t1, &m_rkeys[ 4]); // 2
+        G128(t1, t2, &m_rkeys[ 6]); // 3
+        G128(t2, t1, &m_rkeys[ 8]); // 4
+        G128(t1, t2, &m_rkeys[10]); // 5
+        G128(t2, t1, &m_rkeys[12]); // 6
+        G128(t1, t2, &m_rkeys[14]); // 7
+        G128(t2, t1, &m_rkeys[16]); // 8
+        G128(t1, t2, &m_rkeys[18]); // 9
+        G128(t2, t1, &m_rkeys[20]); // 10
+        G128(t1, t2, &m_rkeys[22]); // 11
+        G128(t2, t1, &m_rkeys[24]); // 12
+        G128(t1, t2, &m_rkeys[26]); // 13
+        GL128(t2, t1, &m_rkeys[28]); // 14
+    }
+    else
+    {
+        SubKey<2>(inBlock, t1, &m_rkeys[28]);
+        IMC128(t1);
+        IG128(t1, t2, &m_rkeys[26]);
+        IG128(t2, t1, &m_rkeys[24]);
+        IG128(t1, t2, &m_rkeys[22]);
+        IG128(t2, t1, &m_rkeys[20]);
+        IG128(t1, t2, &m_rkeys[18]);
+        IG128(t2, t1, &m_rkeys[16]);
+        IG128(t1, t2, &m_rkeys[14]);
+        IG128(t2, t1, &m_rkeys[12]);
+        IG128(t1, t2, &m_rkeys[10]);
+        IG128(t2, t1, &m_rkeys[8]);
+        IG128(t1, t2, &m_rkeys[6]);
+        IG128(t2, t1, &m_rkeys[4]);
+        IG128(t1, t2, &m_rkeys[2]);
+        IGL128(t2, t1, &m_rkeys[0]);
+    }
+
+    memcpy(outBlock, t1, 16);
+}
+
+void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4]) const
+{
+    word64 *t1 = m_wspace+0, *t2 = m_wspace+4;
+    if (IsForwardTransformation())
+    {
+        AddKey<4>(inBlock, t1, m_rkeys);
+        G256(t1, t2, &m_rkeys[4]); // 1
+        G256(t2, t1, &m_rkeys[8]); // 2
+        G256(t1, t2, &m_rkeys[12]); // 3
+        G256(t2, t1, &m_rkeys[16]); // 4
+        G256(t1, t2, &m_rkeys[20]); // 5
+        G256(t2, t1, &m_rkeys[24]); // 6
+        G256(t1, t2, &m_rkeys[28]); // 7
+        G256(t2, t1, &m_rkeys[32]); // 8
+        G256(t1, t2, &m_rkeys[36]); // 9
+        G256(t2, t1, &m_rkeys[40]); // 10
+        G256(t1, t2, &m_rkeys[44]); // 11
+        G256(t2, t1, &m_rkeys[48]); // 12
+        G256(t1, t2, &m_rkeys[52]); // 13
+        GL256(t2, t1, &m_rkeys[56]); // 14
+    }
+    else
+    {
+        SubKey<4>(inBlock, t1, &m_rkeys[56]);
+        IMC256(t1);
+        IG256(t1, t2, &m_rkeys[52]);
+        IG256(t2, t1, &m_rkeys[48]);
+        IG256(t1, t2, &m_rkeys[44]);
+        IG256(t2, t1, &m_rkeys[40]);
+        IG256(t1, t2, &m_rkeys[36]);
+        IG256(t2, t1, &m_rkeys[32]);
+        IG256(t1, t2, &m_rkeys[28]);
+        IG256(t2, t1, &m_rkeys[24]);
+        IG256(t1, t2, &m_rkeys[20]);
+        IG256(t2, t1, &m_rkeys[16]);
+        IG256(t1, t2, &m_rkeys[12]);
+        IG256(t2, t1, &m_rkeys[8]);
+        IG256(t1, t2, &m_rkeys[4]);
+        IGL256(t2, t1, &m_rkeys[0]);
+    }
+
+    memcpy(outBlock, t1, 32);
+}
+
+void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4]) const
+{
+    // word64 t1[4], t2[4];
+    word64 *t1 = m_wspace+0, *t2 = m_wspace+4;
+
+    if (IsForwardTransformation())
+    {
+        AddKey<4>((const word64*)inBlock, t1, m_rkeys);
+        G256(t1, t2, &m_rkeys[4]); // 1
+        G256(t2, t1, &m_rkeys[8]); // 2
+        G256(t1, t2, &m_rkeys[12]); // 3
+        G256(t2, t1, &m_rkeys[16]); // 4
+        G256(t1, t2, &m_rkeys[20]); // 5
+        G256(t2, t1, &m_rkeys[24]); // 6
+        G256(t1, t2, &m_rkeys[28]); // 7
+        G256(t2, t1, &m_rkeys[32]); // 8
+        G256(t1, t2, &m_rkeys[36]); // 9
+        G256(t2, t1, &m_rkeys[40]); // 10
+        G256(t1, t2, &m_rkeys[44]); // 11
+        G256(t2, t1, &m_rkeys[48]); // 12
+        G256(t1, t2, &m_rkeys[52]); // 13
+        G256(t2, t1, &m_rkeys[56]); // 14
+        G256(t1, t2, &m_rkeys[60]); // 15
+        G256(t2, t1, &m_rkeys[64]); // 16
+        G256(t1, t2, &m_rkeys[68]); // 17
+        GL256(t2, t1, &m_rkeys[72]); // 18
+    }
+    else
+    {
+        SubKey<4>(inBlock, t1, &m_rkeys[72]);
+        IMC256(t1);
+        IG256(t1, t2, &m_rkeys[68]);
+        IG256(t2, t1, &m_rkeys[64]);
+        IG256(t1, t2, &m_rkeys[60]);
+        IG256(t2, t1, &m_rkeys[56]);
+        IG256(t1, t2, &m_rkeys[52]);
+        IG256(t2, t1, &m_rkeys[48]);
+        IG256(t1, t2, &m_rkeys[44]);
+        IG256(t2, t1, &m_rkeys[40]);
+        IG256(t1, t2, &m_rkeys[36]);
+        IG256(t2, t1, &m_rkeys[32]);
+        IG256(t1, t2, &m_rkeys[28]);
+        IG256(t2, t1, &m_rkeys[24]);
+        IG256(t1, t2, &m_rkeys[20]);
+        IG256(t2, t1, &m_rkeys[16]);
+        IG256(t1, t2, &m_rkeys[12]);
+        IG256(t2, t1, &m_rkeys[8]);
+        IG256(t1, t2, &m_rkeys[4]);
+        IGL256(t2, t1, &m_rkeys[0]);
+    }
+
+    memcpy(outBlock, t1, 32);
+}
+
+void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8]) const
+{
+    // word64 t1[8], t2[8];
+    word64 *t1 = m_wspace+0, *t2 = m_wspace+8;
+
+    if (IsForwardTransformation())
+    {
+        AddKey<8>(inBlock, t1, m_rkeys);
+        G512(t1, t2, &m_rkeys[8]); // 1
+        G512(t2, t1, &m_rkeys[16]); // 2
+        G512(t1, t2, &m_rkeys[24]); // 3
+        G512(t2, t1, &m_rkeys[32]); // 4
+        G512(t1, t2, &m_rkeys[40]); // 5
+        G512(t2, t1, &m_rkeys[48]); // 6
+        G512(t1, t2, &m_rkeys[56]); // 7
+        G512(t2, t1, &m_rkeys[64]); // 8
+        G512(t1, t2, &m_rkeys[72]); // 9
+        G512(t2, t1, &m_rkeys[80]); // 10
+        G512(t1, t2, &m_rkeys[88]); // 11
+        G512(t2, t1, &m_rkeys[96]); // 12
+        G512(t1, t2, &m_rkeys[104]); // 13
+        G512(t2, t1, &m_rkeys[112]); // 14
+        G512(t1, t2, &m_rkeys[120]); // 15
+        G512(t2, t1, &m_rkeys[128]); // 16
+        G512(t1, t2, &m_rkeys[136]); // 17
+        GL512(t2, t1, &m_rkeys[144]); // 18
+    }
+    else
+    {
+        SubKey<8>(inBlock, t1, &m_rkeys[144]);
+        IMC512(t1);
+        IG512(t1, t2, &m_rkeys[136]);
+        IG512(t2, t1, &m_rkeys[128]);
+        IG512(t1, t2, &m_rkeys[120]);
+        IG512(t2, t1, &m_rkeys[112]);
+        IG512(t1, t2, &m_rkeys[104]);
+        IG512(t2, t1, &m_rkeys[96]);
+        IG512(t1, t2, &m_rkeys[88]);
+        IG512(t2, t1, &m_rkeys[80]);
+        IG512(t1, t2, &m_rkeys[72]);
+        IG512(t2, t1, &m_rkeys[64]);
+        IG512(t1, t2, &m_rkeys[56]);
+        IG512(t2, t1, &m_rkeys[48]);
+        IG512(t1, t2, &m_rkeys[40]);
+        IG512(t2, t1, &m_rkeys[32]);
+        IG512(t1, t2, &m_rkeys[24]);
+        IG512(t2, t1, &m_rkeys[16]);
+        IG512(t1, t2, &m_rkeys[8]);
+        IGL512(t2, t1, &m_rkeys[0]);
+    }
+
+    memcpy(outBlock, t1, 64);
+}
+
+// *********************** Library routines *********************** //
+
+void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params)
+{
+    typedef GetBlock<word64, LittleEndian, false> Block;
+    Block userkey(key);
+
+    switch (keylen)
+    {
+    case 16:  // 128
+        m_kl = 16;
+        m_blocksize = params.GetIntValueWithDefault(Name::BlockSize(), 16);
+        break;
+    case 32:  // 256
+        m_kl = 32;
+        m_blocksize = params.GetIntValueWithDefault(Name::BlockSize(), 32);
+        break;
+    case 64:  // 512
+        m_kl = 64;
+        m_blocksize = params.GetIntValueWithDefault(Name::BlockSize(), 64);
+        break;
+    default:
+        CRYPTOPP_ASSERT(0);
+    }
+
+    m_nb = static_cast<unsigned int>(m_blocksize / sizeof(word64));
+    m_nk = static_cast<unsigned int>(keylen / sizeof(word64));
+
+    switch ((m_nb << 8) | m_nk)
+    {
+    case (2 << 8) | 2:  // 128 key, 128 block
+        m_mkey.New(2);
+        m_rkeys.New(11*2);
+        m_wspace.New(2*6);
+
+        userkey(m_mkey[0])(m_mkey[1]);
+        SetKey_22(m_mkey.data());
+        break;
+    case (2 << 8) | 4:  // 256 key, 128 block
+        m_mkey.New(4);
+        m_rkeys.New(15*2);
+        m_wspace.New(6*2+4);
+
+        userkey(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3]);
+        SetKey_24(m_mkey.data());
+        break;
+    case (4 << 8) | 4:  // 256 key, 256 block
+        m_mkey.New(4);
+        m_rkeys.New(15*4);
+        m_wspace.New(5*4);
+
+        userkey(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3]);
+        SetKey_44(m_mkey.data());
+        break;
+    case (4 << 8) | 8:  // 512 key, 256 block
+        m_mkey.New(8);
+        m_rkeys.New(19*4);
+        m_wspace.New(6*4+8);
+
+        userkey(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3])
+               (m_mkey[4])(m_mkey[5])(m_mkey[6])(m_mkey[7]);
+        SetKey_48(m_mkey.data());
+        break;
+    case (8 << 8) | 8:  // 512 key, 512 block
+        m_mkey.New(8);
+        m_rkeys.New(19*8);
+        m_wspace.New(5*8);
+
+        userkey(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3])
+               (m_mkey[4])(m_mkey[5])(m_mkey[6])(m_mkey[7]);
+        SetKey_88(m_mkey.data());
+        break;
+    default:
+        CRYPTOPP_ASSERT(0);
+    }
+}
+
+void Kalyna::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+{
+    switch ((m_nb << 8) | m_nk)
+    {
+    case (2 << 8) | 2:
+        ProcessBlock_22(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        break;
+    case (2 << 8) | 4:
+        ProcessBlock_24(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        break;
+    case (4 << 8) | 4:
+        ProcessBlock_44(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        break;
+    case (4 << 8) | 8:
+        ProcessBlock_48(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        break;
+    case (8 << 8) | 8:
+        ProcessBlock_88(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        break;
+    default:
+        CRYPTOPP_ASSERT(0);
+    }
+
+    for (size_t i=0; xorBlock && i<m_nb; ++i)
+        outBlock[i] ^= xorBlock[i];
+}
+
+NAMESPACE_END
diff --git a/kalyna.h b/kalyna.h
new file mode 100644
index 00000000..79ec39b3
--- /dev/null
+++ b/kalyna.h
@@ -0,0 +1,149 @@
+// kalyna.h - written and placed in the public domain by Jeffrey Walton
+
+//! \file kalyna.h
+//! \brief Classes for the Kalyna block cipher
+//! \details The Crypto++ implementation relied upon three sources. First was Oliynykov, Gorbenko, Kazymyrov,
+//!   Ruzhentsev, Kuznetsov, Gorbenko, Dyrda, Dolgov, Pushkaryov, Mordvinov and Kaidalov's "A New Encryption
+//!   Standard of Ukraine: The Kalyna Block Cipher" (http://eprint.iacr.org/2015/650.pdf). Second was Roman
+//!   Oliynykov and Oleksandr Kazymyrov's GitHub with the reference implementation
+//!  (http://github.com/Roman-Oliynykov/Kalyna-reference). The third resource was Keru Kuro's implementation
+//!   of Kalyna in CppCrypto (http://sourceforge.net/projects/cppcrypto/). Kuro has an outstanding
+//!   implementation that performed better than the reference implementation and out intial attempts.
+
+#ifndef CRYPTOPP_KALYNA_H
+#define CRYPTOPP_KALYNA_H
+
+#include "config.h"
+#include "seckey.h"
+#include "secblock.h"
+
+NAMESPACE_BEGIN(CryptoPP)
+
+//! \class Kalyna_Info
+//! \brief Kalyna block cipher information
+//! \details Kalyna key sizes and block sizes do not fit well into the library. Rather
+//!   than using VariableKeyLength (which is wrong) or using a GeometricKeyLength
+//!   (a new class), we just unroll it here. Note that the step size, Q, is still
+//!   wrong for this implementation.
+//! \since Crypto++ 6.0
+struct Kalyna_Info : public VariableBlockSize<16, 16, 64>
+{
+    CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() {return "Kalyna";}
+
+    //! \brief The minimum key length used by the algorithm provided as a constant
+    //! \details MIN_KEYLENGTH is provided in bytes, not bits
+    CRYPTOPP_CONSTANT(MIN_KEYLENGTH=16)
+    //! \brief The maximum key length used by the algorithm provided as a constant
+    //! \details MIN_KEYLENGTH is provided in bytes, not bits
+    CRYPTOPP_CONSTANT(MAX_KEYLENGTH=64)
+    //! \brief The default key length used by the algorithm provided as a constant
+    //! \details MIN_KEYLENGTH is provided in bytes, not bits
+    CRYPTOPP_CONSTANT(DEFAULT_KEYLENGTH=16)
+    //! \brief The default IV requirements for the algorithm provided as a constant
+    //! \details The default value is NOT_RESYNCHRONIZABLE. See IV_Requirement
+    //!  in cryptlib.h for allowed values.
+    CRYPTOPP_CONSTANT(IV_REQUIREMENT=SimpleKeyingInterface::UNIQUE_IV)
+    //! \brief The default initialization vector length for the algorithm provided as a constant
+    //! \details IV_LENGTH is provided in bytes, not bits. Kalyna has two different block sizes for
+    //!   each key length. This function returns the default block size for the defult key length.
+    CRYPTOPP_CONSTANT(IV_LENGTH=16)
+    //! \brief Provides a valid key length for the algorithm provided by a static function.
+    //! \param keylength the size of the key, in bytes
+    //! \details The key length depends on the block size. For each block size, 128, 256 and 512,
+    //!   the key length can be either the block size or twice the block size. That means the
+    //!   valid key lengths are 126, 256, 512 and 1024. Additionally, it means a key length of,
+    //!   say, 32 could be used with either 128-block size or 256-block size.
+    CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidKeyLength(size_t keylength)
+    {
+        return (keylength >= 64) ? 64 :
+            (keylength >= 32) ? 32 : 16;
+    }
+
+    //! \brief Validates the blocksize for Kalyna.
+    //! \param keylength the key length of the cipher
+    //! \param blocksize the candidate blocksize
+    //! \param alg an Algorithm object used if the blocksize is invalid
+    //! \throws InvalidBlockSize if the blocksize is invalid
+    //! \details ThrowIfInvalidBlockSize() validates the blocksize and throws if invalid.
+    inline void ThrowIfInvalidBlockSize(int blocksize, const Algorithm *alg)
+    {
+        if ( blocksize != 16 &&  blocksize != 32 && blocksize != 64)
+            throw InvalidBlockSize(alg ? alg->AlgorithmName() : std::string("VariableBlockSize"), blocksize);
+    }
+
+    //! \brief Validates the blocksize for Kalyna.
+    //! \param keylength the key length of the cipher
+    //! \param blocksize the candidate blocksize
+    //! \param alg an Algorithm object used if the blocksize is invalid
+    //! \throws InvalidBlockSize if the blocksize is invalid
+    //! \details ThrowIfInvalidBlockSize() validates the blocksize under a key and throws if invalid.
+    inline void ThrowIfInvalidBlockSize(int keylength, int blocksize, const Algorithm *alg)
+    {
+        if ( ((keylength == 16) && (blocksize != 16)) ||
+                ((keylength == 32) && (blocksize != 32 && blocksize != 64)) ||
+                ((keylength == 64) && (blocksize != 32 && blocksize != 64)) )
+        {
+            throw InvalidBlockSize(alg ? alg->AlgorithmName() : std::string("VariableBlockSize"), blocksize);
+        }
+    }
+};
+
+//! \class Kalyna
+//! \brief Kalyna block cipher
+//! \since Crypto++ 6.0
+class Kalyna : public Kalyna_Info, public BlockCipherDocumentation
+{
+public:
+    class CRYPTOPP_NO_VTABLE Base : public VariableBlockCipherImpl<Kalyna_Info>
+    {
+    public:
+        // Naming follows DSTU 7624:2014, where blocksize is specified first and then key length.
+        // DSTU is a little more complex with more parameters, dashes, underscores. (Thanks RO).
+        std::string AlgorithmName() const {return !BlockSize() ? StaticAlgorithmName() :
+            "Kalyna-" + IntToString(BlockSize())+"("+IntToString(m_kl*8)+")";}
+
+        unsigned int OptimalDataAlignment() const {
+            return GetAlignmentOf<word64>();
+        }
+
+    protected:
+        void UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params);
+        void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+
+    protected:
+        // Visual Studio and C2910: 'Kalyna::Base::SetKey_Template': cannot be explicitly specialized
+        //template <unsigned int NB, unsigned int NK>
+        //  void SetKey_Template(const word64 key[NK]);
+        void SetKey_22(const word64 key[2]);
+        void SetKey_24(const word64 key[4]);
+        void SetKey_44(const word64 key[4]);
+        void SetKey_48(const word64 key[8]);
+        void SetKey_88(const word64 key[8]);
+
+        // Visual Studio and C2910: 'Kalyna::Base::ProcessBlock_Template': cannot be explicitly specialized
+        //template <unsigned int NB, unsigned int NK>
+        //  void ProcessBlock_Template(const word64 inBlock[NB], const word64 outBlock[NB]) const;
+        void ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2]) const;
+        void ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2]) const;
+        void ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4]) const;
+        void ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4]) const;
+        void ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8]) const;
+
+    private:
+        typedef SecBlock<word64, AllocatorWithCleanup<word64, true> > AlignedSecBlock64;
+        mutable AlignedSecBlock64 m_wspace;  // work space
+        AlignedSecBlock64         m_mkey;    // master key
+        AlignedSecBlock64         m_rkeys;   // round keys
+        unsigned int     m_kl, m_nb, m_nk;   // key length, number 64-bit blocks and keys
+    };
+
+    typedef BlockCipherFinal<ENCRYPTION, Base> Encryption;
+    typedef BlockCipherFinal<DECRYPTION, Base> Decryption;
+};
+
+typedef Kalyna::Encryption KalynaEncryption;
+typedef Kalyna::Decryption KalynaDecryption;
+
+NAMESPACE_END
+
+#endif  // CRYPTOPP_KALYNA_H
diff --git a/kalynatab.cpp b/kalynatab.cpp
new file mode 100644
index 00000000..0b777f51
--- /dev/null
+++ b/kalynatab.cpp
@@ -0,0 +1,1239 @@
+// kalynatab.cpp - written and placed in the public domain by Jeffrey Walton
+
+#include "pch.h"
+#include "config.h"
+#include "kalyna.h"
+
+NAMESPACE_BEGIN(CryptoPP)
+NAMESPACE_BEGIN(KalynaTab)
+
+#define EXPORT_TABLE extern
+
+#if defined(IS_LITTLE_ENDIAN)
+
+EXPORT_TABLE
+const word64 T[8][256] =
+{
+    {
+        0xa832a829d77f9aa8, 0x4352432297d41143, 0x5f3e5fc2df80615f, 0x061e063014121806,
+        0x6bda6b7f670cb16b, 0x75bc758f2356c975, 0x6cc16c477519ad6c, 0x592059f2cb927959,
+        0x71a871af3b4ad971, 0xdf84dfb6f8275bdf, 0x87a1874c35b22687, 0x95fb95dc59cc6e95,
+        0x174b17b872655c17, 0xf017f0d31aeae7f0, 0xd89fd88eea3247d8, 0x092d0948363f2409,
+        0x6dc46d4f731ea96d, 0xf318f3cb10e3ebf3, 0x1d691de84e53741d, 0xcbc0cb16804b0bcb,
+        0xc9cac9068c4503c9, 0x4d644d52b3fe294d, 0x2c9c2c7de8c4b02c, 0xaf29af11c56a86af,
+        0x798079ef0b72f979, 0xe047e0537a9aa7e0, 0x97f197cc55c26697, 0xfd2efdbb34c9d3fd,
+        0x6fce6f5f7f10a16f, 0x4b7a4b62a7ec314b, 0x454c451283c60945, 0x39dd39d596afe439,
+        0x3ec63eed84baf83e, 0xdd8edda6f42953dd, 0xa315a371ed4eb6a3, 0x4f6e4f42bff0214f,
+        0xb45eb4c99f2beab4, 0xb654b6d99325e2b6, 0x9ac89aa47be1529a, 0x0e360e70242a380e,
+        0x1f631ff8425d7c1f, 0xbf79bf91a51ac6bf, 0x154115a87e6b5415, 0xe142e15b7c9da3e1,
+        0x49704972abe23949, 0xd2bdd2ded6046fd2, 0x93e593ec4dde7693, 0xc6f9c67eae683fc6,
+        0x92e092e44bd97292, 0x72a772b73143d572, 0x9edc9e8463fd429e, 0x61f8612f5b3a9961,
+        0xd1b2d1c6dc0d63d1, 0x63f2633f57349163, 0xfa35fa8326dccffa, 0xee71ee235eb09fee,
+        0xf403f4f302f6f7f4, 0x197d19c8564f6419, 0xd5a6d5e6c41173d5, 0xad23ad01c9648ead,
+        0x582558facd957d58, 0xa40ea449ff5baaa4, 0xbb6dbbb1bd06d6bb, 0xa11fa161e140bea1,
+        0xdc8bdcaef22e57dc, 0xf21df2c316e4eff2, 0x83b5836c2dae3683, 0x37eb37a5b285dc37,
+        0x4257422a91d31542, 0xe453e4736286b7e4, 0x7a8f7af7017bf57a, 0x32fa328dac9ec832,
+        0x9cd69c946ff34a9c, 0xccdbcc2e925e17cc, 0xab3dab31dd7696ab, 0x4a7f4a6aa1eb354a,
+        0x8f898f0c058a068f, 0x6ecb6e577917a56e, 0x04140420181c1004, 0x27bb2725d2f59c27,
+        0x2e962e6de4cab82e, 0xe75ce76b688fbbe7, 0xe24de2437694afe2, 0x5a2f5aeac19b755a,
+        0x96f496c453c56296, 0x164e16b074625816, 0x23af2305cae98c23, 0x2b872b45fad1ac2b,
+        0xc2edc25eb6742fc2, 0x65ec650f43268965, 0x66e36617492f8566, 0x0f330f78222d3c0f,
+        0xbc76bc89af13cabc, 0xa937a921d1789ea9, 0x474647028fc80147, 0x415841329bda1941,
+        0x34e434bdb88cd034, 0x4875487aade53d48, 0xfc2bfcb332ced7fc, 0xb751b7d19522e6b7,
+        0x6adf6a77610bb56a, 0x88928834179f1a88, 0xa50ba541f95caea5, 0x530253a2f7a45153,
+        0x86a4864433b52286, 0xf93af99b2cd5c3f9, 0x5b2a5be2c79c715b, 0xdb90db96e03b4bdb,
+        0x38d838dd90a8e038, 0x7b8a7bff077cf17b, 0xc3e8c356b0732bc3, 0x1e661ef0445a781e,
+        0x22aa220dccee8822, 0x33ff3385aa99cc33, 0x24b4243dd8fc9024, 0x2888285df0d8a028,
+        0x36ee36adb482d836, 0xc7fcc776a86f3bc7, 0xb240b2f98b39f2b2, 0x3bd73bc59aa1ec3b,
+        0x8e8c8e04038d028e, 0x77b6779f2f58c177, 0xba68bab9bb01d2ba, 0xf506f5fb04f1f3f5,
+        0x144414a0786c5014, 0x9fd99f8c65fa469f, 0x0828084030382008, 0x551c5592e3b64955,
+        0x9bcd9bac7de6569b, 0x4c614c5ab5f92d4c, 0xfe21fea33ec0dffe, 0x60fd60275d3d9d60,
+        0x5c315cdad5896d5c, 0xda95da9ee63c4fda, 0x187818c050486018, 0x4643460a89cf0546,
+        0xcddecd26945913cd, 0x7d947dcf136ee97d, 0x21a52115c6e78421, 0xb04ab0e98737fab0,
+        0x3fc33fe582bdfc3f, 0x1b771bd85a416c1b, 0x8997893c11981e89, 0xff24ffab38c7dbff,
+        0xeb60eb0b40ab8beb, 0x84ae84543fbb2a84, 0x69d0696f6b02b969, 0x3ad23acd9ca6e83a,
+        0x9dd39d9c69f44e9d, 0xd7acd7f6c81f7bd7, 0xd3b8d3d6d0036bd3, 0x70ad70a73d4ddd70,
+        0x67e6671f4f288167, 0x405d403a9ddd1d40, 0xb55bb5c1992ceeb5, 0xde81debefe205fde,
+        0x5d345dd2d38e695d, 0x30f0309da090c030, 0x91ef91fc41d07e91, 0xb14fb1e18130feb1,
+        0x788578e70d75fd78, 0x1155118866774411, 0x0105010806070401, 0xe556e57b6481b3e5,
+        0x0000000000000000, 0x68d568676d05bd68, 0x98c298b477ef5a98, 0xa01aa069e747baa0,
+        0xc5f6c566a46133c5, 0x020a02100c0e0802, 0xa604a659f355a2a6, 0x74b974872551cd74,
+        0x2d992d75eec3b42d, 0x0b270b583a312c0b, 0xa210a279eb49b2a2, 0x76b37697295fc576,
+        0xb345b3f18d3ef6b3, 0xbe7cbe99a31dc2be, 0xced1ce3e9e501fce, 0xbd73bd81a914cebd,
+        0xae2cae19c36d82ae, 0xe96ae91b4ca583e9, 0x8a988a241b91128a, 0x31f53195a697c431,
+        0x1c6c1ce04854701c, 0xec7bec3352be97ec, 0xf112f1db1cede3f1, 0x99c799bc71e85e99,
+        0x94fe94d45fcb6a94, 0xaa38aa39db7192aa, 0xf609f6e30ef8fff6, 0x26be262dd4f29826,
+        0x2f932f65e2cdbc2f, 0xef74ef2b58b79bef, 0xe86fe8134aa287e8, 0x8c868c140f830a8c,
+        0x35e135b5be8bd435, 0x030f03180a090c03, 0xd4a3d4eec21677d4, 0x7f9e7fdf1f60e17f,
+        0xfb30fb8b20dbcbfb, 0x051105281e1b1405, 0xc1e2c146bc7d23c1, 0x5e3b5ecad987655e,
+        0x90ea90f447d77a90, 0x20a0201dc0e08020, 0x3dc93df58eb3f43d, 0x82b082642ba93282,
+        0xf70cf7eb08fffbf7, 0xea65ea0346ac8fea, 0x0a220a503c36280a, 0x0d390d682e23340d,
+        0x7e9b7ed71967e57e, 0xf83ff8932ad2c7f8, 0x500d50bafdad5d50, 0x1a721ad05c46681a,
+        0xc4f3c46ea26637c4, 0x071b073812151c07, 0x57165782efb84157, 0xb862b8a9b70fdab8,
+        0x3ccc3cfd88b4f03c, 0x62f7623751339562, 0xe348e34b7093abe3, 0xc8cfc80e8a4207c8,
+        0xac26ac09cf638aac, 0x520752aaf1a35552, 0x64e9640745218d64, 0x1050108060704010,
+        0xd0b7d0ceda0a67d0, 0xd99ad986ec3543d9, 0x135f13986a794c13, 0x0c3c0c602824300c,
+        0x125a12906c7e4812, 0x298d2955f6dfa429, 0x510851b2fbaa5951, 0xb967b9a1b108deb9,
+        0xcfd4cf3698571bcf, 0xd6a9d6fece187fd6, 0x73a273bf3744d173, 0x8d838d1c09840e8d,
+        0x81bf817c21a03e81, 0x5419549ae5b14d54, 0xc0e7c04eba7a27c0, 0xed7eed3b54b993ed,
+        0x4e6b4e4ab9f7254e, 0x4449441a85c10d44, 0xa701a751f552a6a7, 0x2a822a4dfcd6a82a,
+        0x85ab855c39bc2e85, 0x25b12535defb9425, 0xe659e6636e88bfe6, 0xcac5ca1e864c0fca,
+        0x7c917cc71569ed7c, 0x8b9d8b2c1d96168b, 0x5613568ae9bf4556, 0x80ba807427a73a80
+    },
+    {
+        0xd1ce3e9e501fcece, 0x6dbbb1bd06d6bbbb, 0x60eb0b40ab8bebeb, 0xe092e44bd9729292,
+        0x65ea0346ac8feaea, 0xc0cb16804b0bcbcb, 0x5f13986a794c1313, 0xe2c146bc7d23c1c1,
+        0x6ae91b4ca583e9e9, 0xd23acd9ca6e83a3a, 0xa9d6fece187fd6d6, 0x40b2f98b39f2b2b2,
+        0xbdd2ded6046fd2d2, 0xea90f447d77a9090, 0x4b17b872655c1717, 0x3ff8932ad2c7f8f8,
+        0x57422a91d3154242, 0x4115a87e6b541515, 0x13568ae9bf455656, 0x5eb4c99f2beab4b4,
+        0xec650f4326896565, 0x6c1ce04854701c1c, 0x928834179f1a8888, 0x52432297d4114343,
+        0xf6c566a46133c5c5, 0x315cdad5896d5c5c, 0xee36adb482d83636, 0x68bab9bb01d2baba,
+        0x06f5fb04f1f3f5f5, 0x165782efb8415757, 0xe6671f4f28816767, 0x838d1c09840e8d8d,
+        0xf53195a697c43131, 0x09f6e30ef8fff6f6, 0xe9640745218d6464, 0x2558facd957d5858,
+        0xdc9e8463fd429e9e, 0x03f4f302f6f7f4f4, 0xaa220dccee882222, 0x38aa39db7192aaaa,
+        0xbc758f2356c97575, 0x330f78222d3c0f0f, 0x0a02100c0e080202, 0x4fb1e18130feb1b1,
+        0x84dfb6f8275bdfdf, 0xc46d4f731ea96d6d, 0xa273bf3744d17373, 0x644d52b3fe294d4d,
+        0x917cc71569ed7c7c, 0xbe262dd4f2982626, 0x962e6de4cab82e2e, 0x0cf7eb08fffbf7f7,
+        0x2808403038200808, 0x345dd2d38e695d5d, 0x49441a85c10d4444, 0xc63eed84baf83e3e,
+        0xd99f8c65fa469f9f, 0x4414a0786c501414, 0xcfc80e8a4207c8c8, 0x2cae19c36d82aeae,
+        0x19549ae5b14d5454, 0x5010806070401010, 0x9fd88eea3247d8d8, 0x76bc89af13cabcbc,
+        0x721ad05c46681a1a, 0xda6b7f670cb16b6b, 0xd0696f6b02b96969, 0x18f3cb10e3ebf3f3,
+        0x73bd81a914cebdbd, 0xff3385aa99cc3333, 0x3dab31dd7696abab, 0x35fa8326dccffafa,
+        0xb2d1c6dc0d63d1d1, 0xcd9bac7de6569b9b, 0xd568676d05bd6868, 0x6b4e4ab9f7254e4e,
+        0x4e16b07462581616, 0xfb95dc59cc6e9595, 0xef91fc41d07e9191, 0x71ee235eb09feeee,
+        0x614c5ab5f92d4c4c, 0xf2633f5734916363, 0x8c8e04038d028e8e, 0x2a5be2c79c715b5b,
+        0xdbcc2e925e17cccc, 0xcc3cfd88b4f03c3c, 0x7d19c8564f641919, 0x1fa161e140bea1a1,
+        0xbf817c21a03e8181, 0x704972abe2394949, 0x8a7bff077cf17b7b, 0x9ad986ec3543d9d9,
+        0xce6f5f7f10a16f6f, 0xeb37a5b285dc3737, 0xfd60275d3d9d6060, 0xc5ca1e864c0fcaca,
+        0x5ce76b688fbbe7e7, 0x872b45fad1ac2b2b, 0x75487aade53d4848, 0x2efdbb34c9d3fdfd,
+        0xf496c453c5629696, 0x4c451283c6094545, 0x2bfcb332ced7fcfc, 0x5841329bda194141,
+        0x5a12906c7e481212, 0x390d682e23340d0d, 0x8079ef0b72f97979, 0x56e57b6481b3e5e5,
+        0x97893c11981e8989, 0x868c140f830a8c8c, 0x48e34b7093abe3e3, 0xa0201dc0e0802020,
+        0xf0309da090c03030, 0x8bdcaef22e57dcdc, 0x51b7d19522e6b7b7, 0xc16c477519ad6c6c,
+        0x7f4a6aa1eb354a4a, 0x5bb5c1992ceeb5b5, 0xc33fe582bdfc3f3f, 0xf197cc55c2669797,
+        0xa3d4eec21677d4d4, 0xf762375133956262, 0x992d75eec3b42d2d, 0x1e06301412180606,
+        0x0ea449ff5baaa4a4, 0x0ba541f95caea5a5, 0xb5836c2dae368383, 0x3e5fc2df80615f5f,
+        0x822a4dfcd6a82a2a, 0x95da9ee63c4fdada, 0xcac9068c4503c9c9, 0x0000000000000000,
+        0x9b7ed71967e57e7e, 0x10a279eb49b2a2a2, 0x1c5592e3b6495555, 0x79bf91a51ac6bfbf,
+        0x5511886677441111, 0xa6d5e6c41173d5d5, 0xd69c946ff34a9c9c, 0xd4cf3698571bcfcf,
+        0x360e70242a380e0e, 0x220a503c36280a0a, 0xc93df58eb3f43d3d, 0x0851b2fbaa595151,
+        0x947dcf136ee97d7d, 0xe593ec4dde769393, 0x771bd85a416c1b1b, 0x21fea33ec0dffefe,
+        0xf3c46ea26637c4c4, 0x4647028fc8014747, 0x2d0948363f240909, 0xa4864433b5228686,
+        0x270b583a312c0b0b, 0x898f0c058a068f8f, 0xd39d9c69f44e9d9d, 0xdf6a77610bb56a6a,
+        0x1b073812151c0707, 0x67b9a1b108deb9b9, 0x4ab0e98737fab0b0, 0xc298b477ef5a9898,
+        0x7818c05048601818, 0xfa328dac9ec83232, 0xa871af3b4ad97171, 0x7a4b62a7ec314b4b,
+        0x74ef2b58b79befef, 0xd73bc59aa1ec3b3b, 0xad70a73d4ddd7070, 0x1aa069e747baa0a0,
+        0x53e4736286b7e4e4, 0x5d403a9ddd1d4040, 0x24ffab38c7dbffff, 0xe8c356b0732bc3c3,
+        0x37a921d1789ea9a9, 0x59e6636e88bfe6e6, 0x8578e70d75fd7878, 0x3af99b2cd5c3f9f9,
+        0x9d8b2c1d96168b8b, 0x43460a89cf054646, 0xba807427a73a8080, 0x661ef0445a781e1e,
+        0xd838dd90a8e03838, 0x42e15b7c9da3e1e1, 0x62b8a9b70fdab8b8, 0x32a829d77f9aa8a8,
+        0x47e0537a9aa7e0e0, 0x3c0c602824300c0c, 0xaf2305cae98c2323, 0xb37697295fc57676,
+        0x691de84e53741d1d, 0xb12535defb942525, 0xb4243dd8fc902424, 0x1105281e1b140505,
+        0x12f1db1cede3f1f1, 0xcb6e577917a56e6e, 0xfe94d45fcb6a9494, 0x88285df0d8a02828,
+        0xc89aa47be1529a9a, 0xae84543fbb2a8484, 0x6fe8134aa287e8e8, 0x15a371ed4eb6a3a3,
+        0x6e4f42bff0214f4f, 0xb6779f2f58c17777, 0xb8d3d6d0036bd3d3, 0xab855c39bc2e8585,
+        0x4de2437694afe2e2, 0x0752aaf1a3555252, 0x1df2c316e4eff2f2, 0xb082642ba9328282,
+        0x0d50bafdad5d5050, 0x8f7af7017bf57a7a, 0x932f65e2cdbc2f2f, 0xb974872551cd7474,
+        0x0253a2f7a4515353, 0x45b3f18d3ef6b3b3, 0xf8612f5b3a996161, 0x29af11c56a86afaf,
+        0xdd39d596afe43939, 0xe135b5be8bd43535, 0x81debefe205fdede, 0xdecd26945913cdcd,
+        0x631ff8425d7c1f1f, 0xc799bc71e85e9999, 0x26ac09cf638aacac, 0x23ad01c9648eadad,
+        0xa772b73143d57272, 0x9c2c7de8c4b02c2c, 0x8edda6f42953dddd, 0xb7d0ceda0a67d0d0,
+        0xa1874c35b2268787, 0x7cbe99a31dc2bebe, 0x3b5ecad987655e5e, 0x04a659f355a2a6a6,
+        0x7bec3352be97ecec, 0x140420181c100404, 0xf9c67eae683fc6c6, 0x0f03180a090c0303,
+        0xe434bdb88cd03434, 0x30fb8b20dbcbfbfb, 0x90db96e03b4bdbdb, 0x2059f2cb92795959,
+        0x54b6d99325e2b6b6, 0xedc25eb6742fc2c2, 0x0501080607040101, 0x17f0d31aeae7f0f0,
+        0x2f5aeac19b755a5a, 0x7eed3b54b993eded, 0x01a751f552a6a7a7, 0xe36617492f856666,
+        0xa52115c6e7842121, 0x9e7fdf1f60e17f7f, 0x988a241b91128a8a, 0xbb2725d2f59c2727,
+        0xfcc776a86f3bc7c7, 0xe7c04eba7a27c0c0, 0x8d2955f6dfa42929, 0xacd7f6c81f7bd7d7
+    },
+    {
+        0x93ec4dde769393e5, 0xd986ec3543d9d99a, 0x9aa47be1529a9ac8, 0xb5c1992ceeb5b55b,
+        0x98b477ef5a9898c2, 0x220dccee882222aa, 0x451283c60945454c, 0xfcb332ced7fcfc2b,
+        0xbab9bb01d2baba68, 0x6a77610bb56a6adf, 0xdfb6f8275bdfdf84, 0x02100c0e0802020a,
+        0x9f8c65fa469f9fd9, 0xdcaef22e57dcdc8b, 0x51b2fbaa59515108, 0x59f2cb9279595920,
+        0x4a6aa1eb354a4a7f, 0x17b872655c17174b, 0x2b45fad1ac2b2b87, 0xc25eb6742fc2c2ed,
+        0x94d45fcb6a9494fe, 0xf4f302f6f7f4f403, 0xbbb1bd06d6bbbb6d, 0xa371ed4eb6a3a315,
+        0x62375133956262f7, 0xe4736286b7e4e453, 0x71af3b4ad97171a8, 0xd4eec21677d4d4a3,
+        0xcd26945913cdcdde, 0x70a73d4ddd7070ad, 0x16b074625816164e, 0xe15b7c9da3e1e142,
+        0x4972abe239494970, 0x3cfd88b4f03c3ccc, 0xc04eba7a27c0c0e7, 0xd88eea3247d8d89f,
+        0x5cdad5896d5c5c31, 0x9bac7de6569b9bcd, 0xad01c9648eadad23, 0x855c39bc2e8585ab,
+        0x53a2f7a451535302, 0xa161e140bea1a11f, 0x7af7017bf57a7a8f, 0xc80e8a4207c8c8cf,
+        0x2d75eec3b42d2d99, 0xe0537a9aa7e0e047, 0xd1c6dc0d63d1d1b2, 0x72b73143d57272a7,
+        0xa659f355a2a6a604, 0x2c7de8c4b02c2c9c, 0xc46ea26637c4c4f3, 0xe34b7093abe3e348,
+        0x7697295fc57676b3, 0x78e70d75fd787885, 0xb7d19522e6b7b751, 0xb4c99f2beab4b45e,
+        0x0948363f2409092d, 0x3bc59aa1ec3b3bd7, 0x0e70242a380e0e36, 0x41329bda19414158,
+        0x4c5ab5f92d4c4c61, 0xdebefe205fdede81, 0xb2f98b39f2b2b240, 0x90f447d77a9090ea,
+        0x2535defb942525b1, 0xa541f95caea5a50b, 0xd7f6c81f7bd7d7ac, 0x03180a090c03030f,
+        0x1188667744111155, 0x0000000000000000, 0xc356b0732bc3c3e8, 0x2e6de4cab82e2e96,
+        0x92e44bd9729292e0, 0xef2b58b79befef74, 0x4e4ab9f7254e4e6b, 0x12906c7e4812125a,
+        0x9d9c69f44e9d9dd3, 0x7dcf136ee97d7d94, 0xcb16804b0bcbcbc0, 0x35b5be8bd43535e1,
+        0x1080607040101050, 0xd5e6c41173d5d5a6, 0x4f42bff0214f4f6e, 0x9e8463fd429e9edc,
+        0x4d52b3fe294d4d64, 0xa921d1789ea9a937, 0x5592e3b64955551c, 0xc67eae683fc6c6f9,
+        0xd0ceda0a67d0d0b7, 0x7bff077cf17b7b8a, 0x18c0504860181878, 0x97cc55c2669797f1,
+        0xd3d6d0036bd3d3b8, 0x36adb482d83636ee, 0xe6636e88bfe6e659, 0x487aade53d484875,
+        0x568ae9bf45565613, 0x817c21a03e8181bf, 0x8f0c058a068f8f89, 0x779f2f58c17777b6,
+        0xcc2e925e17ccccdb, 0x9c946ff34a9c9cd6, 0xb9a1b108deb9b967, 0xe2437694afe2e24d,
+        0xac09cf638aacac26, 0xb8a9b70fdab8b862, 0x2f65e2cdbc2f2f93, 0x15a87e6b54151541,
+        0xa449ff5baaa4a40e, 0x7cc71569ed7c7c91, 0xda9ee63c4fdada95, 0x38dd90a8e03838d8,
+        0x1ef0445a781e1e66, 0x0b583a312c0b0b27, 0x05281e1b14050511, 0xd6fece187fd6d6a9,
+        0x14a0786c50141444, 0x6e577917a56e6ecb, 0x6c477519ad6c6cc1, 0x7ed71967e57e7e9b,
+        0x6617492f856666e3, 0xfdbb34c9d3fdfd2e, 0xb1e18130feb1b14f, 0xe57b6481b3e5e556,
+        0x60275d3d9d6060fd, 0xaf11c56a86afaf29, 0x5ecad987655e5e3b, 0x3385aa99cc3333ff,
+        0x874c35b2268787a1, 0xc9068c4503c9c9ca, 0xf0d31aeae7f0f017, 0x5dd2d38e695d5d34,
+        0x6d4f731ea96d6dc4, 0x3fe582bdfc3f3fc3, 0x8834179f1a888892, 0x8d1c09840e8d8d83,
+        0xc776a86f3bc7c7fc, 0xf7eb08fffbf7f70c, 0x1de84e53741d1d69, 0xe91b4ca583e9e96a,
+        0xec3352be97ecec7b, 0xed3b54b993eded7e, 0x807427a73a8080ba, 0x2955f6dfa429298d,
+        0x2725d2f59c2727bb, 0xcf3698571bcfcfd4, 0x99bc71e85e9999c7, 0xa829d77f9aa8a832,
+        0x50bafdad5d50500d, 0x0f78222d3c0f0f33, 0x37a5b285dc3737eb, 0x243dd8fc902424b4,
+        0x285df0d8a0282888, 0x309da090c03030f0, 0x95dc59cc6e9595fb, 0xd2ded6046fd2d2bd,
+        0x3eed84baf83e3ec6, 0x5be2c79c715b5b2a, 0x403a9ddd1d40405d, 0x836c2dae368383b5,
+        0xb3f18d3ef6b3b345, 0x696f6b02b96969d0, 0x5782efb841575716, 0x1ff8425d7c1f1f63,
+        0x073812151c07071b, 0x1ce04854701c1c6c, 0x8a241b91128a8a98, 0xbc89af13cabcbc76,
+        0x201dc0e0802020a0, 0xeb0b40ab8bebeb60, 0xce3e9e501fceced1, 0x8e04038d028e8e8c,
+        0xab31dd7696abab3d, 0xee235eb09feeee71, 0x3195a697c43131f5, 0xa279eb49b2a2a210,
+        0x73bf3744d17373a2, 0xf99b2cd5c3f9f93a, 0xca1e864c0fcacac5, 0x3acd9ca6e83a3ad2,
+        0x1ad05c46681a1a72, 0xfb8b20dbcbfbfb30, 0x0d682e23340d0d39, 0xc146bc7d23c1c1e2,
+        0xfea33ec0dffefe21, 0xfa8326dccffafa35, 0xf2c316e4eff2f21d, 0x6f5f7f10a16f6fce,
+        0xbd81a914cebdbd73, 0x96c453c5629696f4, 0xdda6f42953dddd8e, 0x432297d411434352,
+        0x52aaf1a355525207, 0xb6d99325e2b6b654, 0x0840303820080828, 0xf3cb10e3ebf3f318,
+        0xae19c36d82aeae2c, 0xbe99a31dc2bebe7c, 0x19c8564f6419197d, 0x893c11981e898997,
+        0x328dac9ec83232fa, 0x262dd4f2982626be, 0xb0e98737fab0b04a, 0xea0346ac8feaea65,
+        0x4b62a7ec314b4b7a, 0x640745218d6464e9, 0x84543fbb2a8484ae, 0x82642ba9328282b0,
+        0x6b7f670cb16b6bda, 0xf5fb04f1f3f5f506, 0x79ef0b72f9797980, 0xbf91a51ac6bfbf79,
+        0x0108060704010105, 0x5fc2df80615f5f3e, 0x758f2356c97575bc, 0x633f5734916363f2,
+        0x1bd85a416c1b1b77, 0x2305cae98c2323af, 0x3df58eb3f43d3dc9, 0x68676d05bd6868d5,
+        0x2a4dfcd6a82a2a82, 0x650f4326896565ec, 0xe8134aa287e8e86f, 0x91fc41d07e9191ef,
+        0xf6e30ef8fff6f609, 0xffab38c7dbffff24, 0x13986a794c13135f, 0x58facd957d585825,
+        0xf1db1cede3f1f112, 0x47028fc801474746, 0x0a503c36280a0a22, 0x7fdf1f60e17f7f9e,
+        0xc566a46133c5c5f6, 0xa751f552a6a7a701, 0xe76b688fbbe7e75c, 0x612f5b3a996161f8,
+        0x5aeac19b755a5a2f, 0x063014121806061e, 0x460a89cf05464643, 0x441a85c10d444449,
+        0x422a91d315424257, 0x0420181c10040414, 0xa069e747baa0a01a, 0xdb96e03b4bdbdb90,
+        0x39d596afe43939dd, 0x864433b5228686a4, 0x549ae5b14d545419, 0xaa39db7192aaaa38,
+        0x8c140f830a8c8c86, 0x34bdb88cd03434e4, 0x2115c6e7842121a5, 0x8b2c1d96168b8b9d,
+        0xf8932ad2c7f8f83f, 0x0c602824300c0c3c, 0x74872551cd7474b9, 0x671f4f28816767e6
+    },
+    {
+        0x676d05bd6868d568, 0x1c09840e8d8d838d, 0x1e864c0fcacac5ca, 0x52b3fe294d4d644d,
+        0xbf3744d17373a273, 0x62a7ec314b4b7a4b, 0x4ab9f7254e4e6b4e, 0x4dfcd6a82a2a822a,
+        0xeec21677d4d4a3d4, 0xaaf1a35552520752, 0x2dd4f2982626be26, 0xf18d3ef6b3b345b3,
+        0x9ae5b14d54541954, 0xf0445a781e1e661e, 0xc8564f6419197d19, 0xf8425d7c1f1f631f,
+        0x0dccee882222aa22, 0x180a090c03030f03, 0x0a89cf0546464346, 0xf58eb3f43d3dc93d,
+        0x75eec3b42d2d992d, 0x6aa1eb354a4a7f4a, 0xa2f7a45153530253, 0x6c2dae368383b583,
+        0x986a794c13135f13, 0x241b91128a8a988a, 0xd19522e6b7b751b7, 0xe6c41173d5d5a6d5,
+        0x35defb942525b125, 0xef0b72f979798079, 0xfb04f1f3f5f506f5, 0x81a914cebdbd73bd,
+        0xfacd957d58582558, 0x65e2cdbc2f2f932f, 0x682e23340d0d390d, 0x100c0e0802020a02,
+        0x3b54b993eded7eed, 0xb2fbaa5951510851, 0x8463fd429e9edc9e, 0x8866774411115511,
+        0xc316e4eff2f21df2, 0xed84baf83e3ec63e, 0x92e3b64955551c55, 0xcad987655e5e3b5e,
+        0xc6dc0d63d1d1b2d1, 0xb074625816164e16, 0xfd88b4f03c3ccc3c, 0x17492f856666e366,
+        0xa73d4ddd7070ad70, 0xd2d38e695d5d345d, 0xcb10e3ebf3f318f3, 0x1283c60945454c45,
+        0x3a9ddd1d40405d40, 0x2e925e17ccccdbcc, 0x134aa287e8e86fe8, 0xd45fcb6a9494fe94,
+        0x8ae9bf4556561356, 0x4030382008082808, 0x3e9e501fceced1ce, 0xd05c46681a1a721a,
+        0xcd9ca6e83a3ad23a, 0xded6046fd2d2bdd2, 0x5b7c9da3e1e142e1, 0xb6f8275bdfdf84df,
+        0xc1992ceeb5b55bb5, 0xdd90a8e03838d838, 0x577917a56e6ecb6e, 0x70242a380e0e360e,
+        0x7b6481b3e5e556e5, 0xf302f6f7f4f403f4, 0x9b2cd5c3f9f93af9, 0x4433b5228686a486,
+        0x1b4ca583e9e96ae9, 0x42bff0214f4f6e4f, 0xfece187fd6d6a9d6, 0x5c39bc2e8585ab85,
+        0x05cae98c2323af23, 0x3698571bcfcfd4cf, 0x8dac9ec83232fa32, 0xbc71e85e9999c799,
+        0x95a697c43131f531, 0xa0786c5014144414, 0x19c36d82aeae2cae, 0x235eb09feeee71ee,
+        0x0e8a4207c8c8cfc8, 0x7aade53d48487548, 0xd6d0036bd3d3b8d3, 0x9da090c03030f030,
+        0x61e140bea1a11fa1, 0xe44bd9729292e092, 0x329bda1941415841, 0xe18130feb1b14fb1,
+        0xc050486018187818, 0x6ea26637c4c4f3c4, 0x7de8c4b02c2c9c2c, 0xaf3b4ad97171a871,
+        0xb73143d57272a772, 0x1a85c10d44444944, 0xa87e6b5415154115, 0xbb34c9d3fdfd2efd,
+        0xa5b285dc3737eb37, 0x99a31dc2bebe7cbe, 0xc2df80615f5f3e5f, 0x39db7192aaaa38aa,
+        0xac7de6569b9bcd9b, 0x34179f1a88889288, 0x8eea3247d8d89fd8, 0x31dd7696abab3dab,
+        0x3c11981e89899789, 0x946ff34a9c9cd69c, 0x8326dccffafa35fa, 0x275d3d9d6060fd60,
+        0x0346ac8feaea65ea, 0x89af13cabcbc76bc, 0x375133956262f762, 0x602824300c0c3c0c,
+        0x3dd8fc902424b424, 0x59f355a2a6a604a6, 0x29d77f9aa8a832a8, 0x3352be97ecec7bec,
+        0x1f4f28816767e667, 0x1dc0e0802020a020, 0x96e03b4bdbdb90db, 0xc71569ed7c7c917c,
+        0x5df0d8a028288828, 0xa6f42953dddd8edd, 0x09cf638aacac26ac, 0xe2c79c715b5b2a5b,
+        0xbdb88cd03434e434, 0xd71967e57e7e9b7e, 0x8060704010105010, 0xdb1cede3f1f112f1,
+        0xff077cf17b7b8a7b, 0x0c058a068f8f898f, 0x3f5734916363f263, 0x69e747baa0a01aa0,
+        0x281e1b1405051105, 0xa47be1529a9ac89a, 0x2297d41143435243, 0x9f2f58c17777b677,
+        0x15c6e7842121a521, 0x91a51ac6bfbf79bf, 0x25d2f59c2727bb27, 0x48363f2409092d09,
+        0x56b0732bc3c3e8c3, 0x8c65fa469f9fd99f, 0xd99325e2b6b654b6, 0xf6c81f7bd7d7acd7,
+        0x55f6dfa429298d29, 0x5eb6742fc2c2edc2, 0x0b40ab8bebeb60eb, 0x4eba7a27c0c0e7c0,
+        0x49ff5baaa4a40ea4, 0x2c1d96168b8b9d8b, 0x140f830a8c8c868c, 0xe84e53741d1d691d,
+        0x8b20dbcbfbfb30fb, 0xab38c7dbffff24ff, 0x46bc7d23c1c1e2c1, 0xf98b39f2b2b240b2,
+        0xcc55c2669797f197, 0x6de4cab82e2e962e, 0x932ad2c7f8f83ff8, 0x0f4326896565ec65,
+        0xe30ef8fff6f609f6, 0x8f2356c97575bc75, 0x3812151c07071b07, 0x20181c1004041404,
+        0x72abe23949497049, 0x85aa99cc3333ff33, 0x736286b7e4e453e4, 0x86ec3543d9d99ad9,
+        0xa1b108deb9b967b9, 0xceda0a67d0d0b7d0, 0x2a91d31542425742, 0x76a86f3bc7c7fcc7,
+        0x477519ad6c6cc16c, 0xf447d77a9090ea90, 0x0000000000000000, 0x04038d028e8e8c8e,
+        0x5f7f10a16f6fce6f, 0xbafdad5d50500d50, 0x0806070401010501, 0x66a46133c5c5f6c5,
+        0x9ee63c4fdada95da, 0x028fc80147474647, 0xe582bdfc3f3fc33f, 0x26945913cdcddecd,
+        0x6f6b02b96969d069, 0x79eb49b2a2a210a2, 0x437694afe2e24de2, 0xf7017bf57a7a8f7a,
+        0x51f552a6a7a701a7, 0x7eae683fc6c6f9c6, 0xec4dde769393e593, 0x78222d3c0f0f330f,
+        0x503c36280a0a220a, 0x3014121806061e06, 0x636e88bfe6e659e6, 0x45fad1ac2b2b872b,
+        0xc453c5629696f496, 0x71ed4eb6a3a315a3, 0xe04854701c1c6c1c, 0x11c56a86afaf29af,
+        0x77610bb56a6adf6a, 0x906c7e4812125a12, 0x543fbb2a8484ae84, 0xd596afe43939dd39,
+        0x6b688fbbe7e75ce7, 0xe98737fab0b04ab0, 0x642ba9328282b082, 0xeb08fffbf7f70cf7,
+        0xa33ec0dffefe21fe, 0x9c69f44e9d9dd39d, 0x4c35b2268787a187, 0xdad5896d5c5c315c,
+        0x7c21a03e8181bf81, 0xb5be8bd43535e135, 0xbefe205fdede81de, 0xc99f2beab4b45eb4,
+        0x41f95caea5a50ba5, 0xb332ced7fcfc2bfc, 0x7427a73a8080ba80, 0x2b58b79befef74ef,
+        0x16804b0bcbcbc0cb, 0xb1bd06d6bbbb6dbb, 0x7f670cb16b6bda6b, 0x97295fc57676b376,
+        0xb9bb01d2baba68ba, 0xeac19b755a5a2f5a, 0xcf136ee97d7d947d, 0xe70d75fd78788578,
+        0x583a312c0b0b270b, 0xdc59cc6e9595fb95, 0x4b7093abe3e348e3, 0x01c9648eadad23ad,
+        0x872551cd7474b974, 0xb477ef5a9898c298, 0xc59aa1ec3b3bd73b, 0xadb482d83636ee36,
+        0x0745218d6464e964, 0x4f731ea96d6dc46d, 0xaef22e57dcdc8bdc, 0xd31aeae7f0f017f0,
+        0xf2cb927959592059, 0x21d1789ea9a937a9, 0x5ab5f92d4c4c614c, 0xb872655c17174b17,
+        0xdf1f60e17f7f9e7f, 0xfc41d07e9191ef91, 0xa9b70fdab8b862b8, 0x068c4503c9c9cac9,
+        0x82efb84157571657, 0xd85a416c1b1b771b, 0x537a9aa7e0e047e0, 0x2f5b3a996161f861
+    },
+    {
+        0xd77f9aa8a832a829, 0x97d4114343524322, 0xdf80615f5f3e5fc2, 0x14121806061e0630,
+        0x670cb16b6bda6b7f, 0x2356c97575bc758f, 0x7519ad6c6cc16c47, 0xcb927959592059f2,
+        0x3b4ad97171a871af, 0xf8275bdfdf84dfb6, 0x35b2268787a1874c, 0x59cc6e9595fb95dc,
+        0x72655c17174b17b8, 0x1aeae7f0f017f0d3, 0xea3247d8d89fd88e, 0x363f2409092d0948,
+        0x731ea96d6dc46d4f, 0x10e3ebf3f318f3cb, 0x4e53741d1d691de8, 0x804b0bcbcbc0cb16,
+        0x8c4503c9c9cac906, 0xb3fe294d4d644d52, 0xe8c4b02c2c9c2c7d, 0xc56a86afaf29af11,
+        0x0b72f979798079ef, 0x7a9aa7e0e047e053, 0x55c2669797f197cc, 0x34c9d3fdfd2efdbb,
+        0x7f10a16f6fce6f5f, 0xa7ec314b4b7a4b62, 0x83c60945454c4512, 0x96afe43939dd39d5,
+        0x84baf83e3ec63eed, 0xf42953dddd8edda6, 0xed4eb6a3a315a371, 0xbff0214f4f6e4f42,
+        0x9f2beab4b45eb4c9, 0x9325e2b6b654b6d9, 0x7be1529a9ac89aa4, 0x242a380e0e360e70,
+        0x425d7c1f1f631ff8, 0xa51ac6bfbf79bf91, 0x7e6b5415154115a8, 0x7c9da3e1e142e15b,
+        0xabe2394949704972, 0xd6046fd2d2bdd2de, 0x4dde769393e593ec, 0xae683fc6c6f9c67e,
+        0x4bd9729292e092e4, 0x3143d57272a772b7, 0x63fd429e9edc9e84, 0x5b3a996161f8612f,
+        0xdc0d63d1d1b2d1c6, 0x5734916363f2633f, 0x26dccffafa35fa83, 0x5eb09feeee71ee23,
+        0x02f6f7f4f403f4f3, 0x564f6419197d19c8, 0xc41173d5d5a6d5e6, 0xc9648eadad23ad01,
+        0xcd957d58582558fa, 0xff5baaa4a40ea449, 0xbd06d6bbbb6dbbb1, 0xe140bea1a11fa161,
+        0xf22e57dcdc8bdcae, 0x16e4eff2f21df2c3, 0x2dae368383b5836c, 0xb285dc3737eb37a5,
+        0x91d315424257422a, 0x6286b7e4e453e473, 0x017bf57a7a8f7af7, 0xac9ec83232fa328d,
+        0x6ff34a9c9cd69c94, 0x925e17ccccdbcc2e, 0xdd7696abab3dab31, 0xa1eb354a4a7f4a6a,
+        0x058a068f8f898f0c, 0x7917a56e6ecb6e57, 0x181c100404140420, 0xd2f59c2727bb2725,
+        0xe4cab82e2e962e6d, 0x688fbbe7e75ce76b, 0x7694afe2e24de243, 0xc19b755a5a2f5aea,
+        0x53c5629696f496c4, 0x74625816164e16b0, 0xcae98c2323af2305, 0xfad1ac2b2b872b45,
+        0xb6742fc2c2edc25e, 0x4326896565ec650f, 0x492f856666e36617, 0x222d3c0f0f330f78,
+        0xaf13cabcbc76bc89, 0xd1789ea9a937a921, 0x8fc8014747464702, 0x9bda194141584132,
+        0xb88cd03434e434bd, 0xade53d484875487a, 0x32ced7fcfc2bfcb3, 0x9522e6b7b751b7d1,
+        0x610bb56a6adf6a77, 0x179f1a8888928834, 0xf95caea5a50ba541, 0xf7a45153530253a2,
+        0x33b5228686a48644, 0x2cd5c3f9f93af99b, 0xc79c715b5b2a5be2, 0xe03b4bdbdb90db96,
+        0x90a8e03838d838dd, 0x077cf17b7b8a7bff, 0xb0732bc3c3e8c356, 0x445a781e1e661ef0,
+        0xccee882222aa220d, 0xaa99cc3333ff3385, 0xd8fc902424b4243d, 0xf0d8a0282888285d,
+        0xb482d83636ee36ad, 0xa86f3bc7c7fcc776, 0x8b39f2b2b240b2f9, 0x9aa1ec3b3bd73bc5,
+        0x038d028e8e8c8e04, 0x2f58c17777b6779f, 0xbb01d2baba68bab9, 0x04f1f3f5f506f5fb,
+        0x786c5014144414a0, 0x65fa469f9fd99f8c, 0x3038200808280840, 0xe3b64955551c5592,
+        0x7de6569b9bcd9bac, 0xb5f92d4c4c614c5a, 0x3ec0dffefe21fea3, 0x5d3d9d6060fd6027,
+        0xd5896d5c5c315cda, 0xe63c4fdada95da9e, 0x50486018187818c0, 0x89cf05464643460a,
+        0x945913cdcddecd26, 0x136ee97d7d947dcf, 0xc6e7842121a52115, 0x8737fab0b04ab0e9,
+        0x82bdfc3f3fc33fe5, 0x5a416c1b1b771bd8, 0x11981e898997893c, 0x38c7dbffff24ffab,
+        0x40ab8bebeb60eb0b, 0x3fbb2a8484ae8454, 0x6b02b96969d0696f, 0x9ca6e83a3ad23acd,
+        0x69f44e9d9dd39d9c, 0xc81f7bd7d7acd7f6, 0xd0036bd3d3b8d3d6, 0x3d4ddd7070ad70a7,
+        0x4f28816767e6671f, 0x9ddd1d40405d403a, 0x992ceeb5b55bb5c1, 0xfe205fdede81debe,
+        0xd38e695d5d345dd2, 0xa090c03030f0309d, 0x41d07e9191ef91fc, 0x8130feb1b14fb1e1,
+        0x0d75fd78788578e7, 0x6677441111551188, 0x0607040101050108, 0x6481b3e5e556e57b,
+        0x0000000000000000, 0x6d05bd6868d56867, 0x77ef5a9898c298b4, 0xe747baa0a01aa069,
+        0xa46133c5c5f6c566, 0x0c0e0802020a0210, 0xf355a2a6a604a659, 0x2551cd7474b97487,
+        0xeec3b42d2d992d75, 0x3a312c0b0b270b58, 0xeb49b2a2a210a279, 0x295fc57676b37697,
+        0x8d3ef6b3b345b3f1, 0xa31dc2bebe7cbe99, 0x9e501fceced1ce3e, 0xa914cebdbd73bd81,
+        0xc36d82aeae2cae19, 0x4ca583e9e96ae91b, 0x1b91128a8a988a24, 0xa697c43131f53195,
+        0x4854701c1c6c1ce0, 0x52be97ecec7bec33, 0x1cede3f1f112f1db, 0x71e85e9999c799bc,
+        0x5fcb6a9494fe94d4, 0xdb7192aaaa38aa39, 0x0ef8fff6f609f6e3, 0xd4f2982626be262d,
+        0xe2cdbc2f2f932f65, 0x58b79befef74ef2b, 0x4aa287e8e86fe813, 0x0f830a8c8c868c14,
+        0xbe8bd43535e135b5, 0x0a090c03030f0318, 0xc21677d4d4a3d4ee, 0x1f60e17f7f9e7fdf,
+        0x20dbcbfbfb30fb8b, 0x1e1b140505110528, 0xbc7d23c1c1e2c146, 0xd987655e5e3b5eca,
+        0x47d77a9090ea90f4, 0xc0e0802020a0201d, 0x8eb3f43d3dc93df5, 0x2ba9328282b08264,
+        0x08fffbf7f70cf7eb, 0x46ac8feaea65ea03, 0x3c36280a0a220a50, 0x2e23340d0d390d68,
+        0x1967e57e7e9b7ed7, 0x2ad2c7f8f83ff893, 0xfdad5d50500d50ba, 0x5c46681a1a721ad0,
+        0xa26637c4c4f3c46e, 0x12151c07071b0738, 0xefb8415757165782, 0xb70fdab8b862b8a9,
+        0x88b4f03c3ccc3cfd, 0x5133956262f76237, 0x7093abe3e348e34b, 0x8a4207c8c8cfc80e,
+        0xcf638aacac26ac09, 0xf1a35552520752aa, 0x45218d6464e96407, 0x6070401010501080,
+        0xda0a67d0d0b7d0ce, 0xec3543d9d99ad986, 0x6a794c13135f1398, 0x2824300c0c3c0c60,
+        0x6c7e4812125a1290, 0xf6dfa429298d2955, 0xfbaa5951510851b2, 0xb108deb9b967b9a1,
+        0x98571bcfcfd4cf36, 0xce187fd6d6a9d6fe, 0x3744d17373a273bf, 0x09840e8d8d838d1c,
+        0x21a03e8181bf817c, 0xe5b14d545419549a, 0xba7a27c0c0e7c04e, 0x54b993eded7eed3b,
+        0xb9f7254e4e6b4e4a, 0x85c10d444449441a, 0xf552a6a7a701a751, 0xfcd6a82a2a822a4d,
+        0x39bc2e8585ab855c, 0xdefb942525b12535, 0x6e88bfe6e659e663, 0x864c0fcacac5ca1e,
+        0x1569ed7c7c917cc7, 0x1d96168b8b9d8b2c, 0xe9bf45565613568a, 0x27a73a8080ba8074
+    },
+    {
+        0x501fceced1ce3e9e, 0x06d6bbbb6dbbb1bd, 0xab8bebeb60eb0b40, 0xd9729292e092e44b,
+        0xac8feaea65ea0346, 0x4b0bcbcbc0cb1680, 0x794c13135f13986a, 0x7d23c1c1e2c146bc,
+        0xa583e9e96ae91b4c, 0xa6e83a3ad23acd9c, 0x187fd6d6a9d6fece, 0x39f2b2b240b2f98b,
+        0x046fd2d2bdd2ded6, 0xd77a9090ea90f447, 0x655c17174b17b872, 0xd2c7f8f83ff8932a,
+        0xd315424257422a91, 0x6b5415154115a87e, 0xbf45565613568ae9, 0x2beab4b45eb4c99f,
+        0x26896565ec650f43, 0x54701c1c6c1ce048, 0x9f1a888892883417, 0xd411434352432297,
+        0x6133c5c5f6c566a4, 0x896d5c5c315cdad5, 0x82d83636ee36adb4, 0x01d2baba68bab9bb,
+        0xf1f3f5f506f5fb04, 0xb8415757165782ef, 0x28816767e6671f4f, 0x840e8d8d838d1c09,
+        0x97c43131f53195a6, 0xf8fff6f609f6e30e, 0x218d6464e9640745, 0x957d58582558facd,
+        0xfd429e9edc9e8463, 0xf6f7f4f403f4f302, 0xee882222aa220dcc, 0x7192aaaa38aa39db,
+        0x56c97575bc758f23, 0x2d3c0f0f330f7822, 0x0e0802020a02100c, 0x30feb1b14fb1e181,
+        0x275bdfdf84dfb6f8, 0x1ea96d6dc46d4f73, 0x44d17373a273bf37, 0xfe294d4d644d52b3,
+        0x69ed7c7c917cc715, 0xf2982626be262dd4, 0xcab82e2e962e6de4, 0xfffbf7f70cf7eb08,
+        0x3820080828084030, 0x8e695d5d345dd2d3, 0xc10d444449441a85, 0xbaf83e3ec63eed84,
+        0xfa469f9fd99f8c65, 0x6c5014144414a078, 0x4207c8c8cfc80e8a, 0x6d82aeae2cae19c3,
+        0xb14d545419549ae5, 0x7040101050108060, 0x3247d8d89fd88eea, 0x13cabcbc76bc89af,
+        0x46681a1a721ad05c, 0x0cb16b6bda6b7f67, 0x02b96969d0696f6b, 0xe3ebf3f318f3cb10,
+        0x14cebdbd73bd81a9, 0x99cc3333ff3385aa, 0x7696abab3dab31dd, 0xdccffafa35fa8326,
+        0x0d63d1d1b2d1c6dc, 0xe6569b9bcd9bac7d, 0x05bd6868d568676d, 0xf7254e4e6b4e4ab9,
+        0x625816164e16b074, 0xcc6e9595fb95dc59, 0xd07e9191ef91fc41, 0xb09feeee71ee235e,
+        0xf92d4c4c614c5ab5, 0x34916363f2633f57, 0x8d028e8e8c8e0403, 0x9c715b5b2a5be2c7,
+        0x5e17ccccdbcc2e92, 0xb4f03c3ccc3cfd88, 0x4f6419197d19c856, 0x40bea1a11fa161e1,
+        0xa03e8181bf817c21, 0xe2394949704972ab, 0x7cf17b7b8a7bff07, 0x3543d9d99ad986ec,
+        0x10a16f6fce6f5f7f, 0x85dc3737eb37a5b2, 0x3d9d6060fd60275d, 0x4c0fcacac5ca1e86,
+        0x8fbbe7e75ce76b68, 0xd1ac2b2b872b45fa, 0xe53d484875487aad, 0xc9d3fdfd2efdbb34,
+        0xc5629696f496c453, 0xc60945454c451283, 0xced7fcfc2bfcb332, 0xda1941415841329b,
+        0x7e4812125a12906c, 0x23340d0d390d682e, 0x72f979798079ef0b, 0x81b3e5e556e57b64,
+        0x981e898997893c11, 0x830a8c8c868c140f, 0x93abe3e348e34b70, 0xe0802020a0201dc0,
+        0x90c03030f0309da0, 0x2e57dcdc8bdcaef2, 0x22e6b7b751b7d195, 0x19ad6c6cc16c4775,
+        0xeb354a4a7f4a6aa1, 0x2ceeb5b55bb5c199, 0xbdfc3f3fc33fe582, 0xc2669797f197cc55,
+        0x1677d4d4a3d4eec2, 0x33956262f7623751, 0xc3b42d2d992d75ee, 0x121806061e063014,
+        0x5baaa4a40ea449ff, 0x5caea5a50ba541f9, 0xae368383b5836c2d, 0x80615f5f3e5fc2df,
+        0xd6a82a2a822a4dfc, 0x3c4fdada95da9ee6, 0x4503c9c9cac9068c, 0x0000000000000000,
+        0x67e57e7e9b7ed719, 0x49b2a2a210a279eb, 0xb64955551c5592e3, 0x1ac6bfbf79bf91a5,
+        0x7744111155118866, 0x1173d5d5a6d5e6c4, 0xf34a9c9cd69c946f, 0x571bcfcfd4cf3698,
+        0x2a380e0e360e7024, 0x36280a0a220a503c, 0xb3f43d3dc93df58e, 0xaa5951510851b2fb,
+        0x6ee97d7d947dcf13, 0xde769393e593ec4d, 0x416c1b1b771bd85a, 0xc0dffefe21fea33e,
+        0x6637c4c4f3c46ea2, 0xc80147474647028f, 0x3f2409092d094836, 0xb5228686a4864433,
+        0x312c0b0b270b583a, 0x8a068f8f898f0c05, 0xf44e9d9dd39d9c69, 0x0bb56a6adf6a7761,
+        0x151c07071b073812, 0x08deb9b967b9a1b1, 0x37fab0b04ab0e987, 0xef5a9898c298b477,
+        0x486018187818c050, 0x9ec83232fa328dac, 0x4ad97171a871af3b, 0xec314b4b7a4b62a7,
+        0xb79befef74ef2b58, 0xa1ec3b3bd73bc59a, 0x4ddd7070ad70a73d, 0x47baa0a01aa069e7,
+        0x86b7e4e453e47362, 0xdd1d40405d403a9d, 0xc7dbffff24ffab38, 0x732bc3c3e8c356b0,
+        0x789ea9a937a921d1, 0x88bfe6e659e6636e, 0x75fd78788578e70d, 0xd5c3f9f93af99b2c,
+        0x96168b8b9d8b2c1d, 0xcf05464643460a89, 0xa73a8080ba807427, 0x5a781e1e661ef044,
+        0xa8e03838d838dd90, 0x9da3e1e142e15b7c, 0x0fdab8b862b8a9b7, 0x7f9aa8a832a829d7,
+        0x9aa7e0e047e0537a, 0x24300c0c3c0c6028, 0xe98c2323af2305ca, 0x5fc57676b3769729,
+        0x53741d1d691de84e, 0xfb942525b12535de, 0xfc902424b4243dd8, 0x1b1405051105281e,
+        0xede3f1f112f1db1c, 0x17a56e6ecb6e5779, 0xcb6a9494fe94d45f, 0xd8a0282888285df0,
+        0xe1529a9ac89aa47b, 0xbb2a8484ae84543f, 0xa287e8e86fe8134a, 0x4eb6a3a315a371ed,
+        0xf0214f4f6e4f42bf, 0x58c17777b6779f2f, 0x036bd3d3b8d3d6d0, 0xbc2e8585ab855c39,
+        0x94afe2e24de24376, 0xa35552520752aaf1, 0xe4eff2f21df2c316, 0xa9328282b082642b,
+        0xad5d50500d50bafd, 0x7bf57a7a8f7af701, 0xcdbc2f2f932f65e2, 0x51cd7474b9748725,
+        0xa45153530253a2f7, 0x3ef6b3b345b3f18d, 0x3a996161f8612f5b, 0x6a86afaf29af11c5,
+        0xafe43939dd39d596, 0x8bd43535e135b5be, 0x205fdede81debefe, 0x5913cdcddecd2694,
+        0x5d7c1f1f631ff842, 0xe85e9999c799bc71, 0x638aacac26ac09cf, 0x648eadad23ad01c9,
+        0x43d57272a772b731, 0xc4b02c2c9c2c7de8, 0x2953dddd8edda6f4, 0x0a67d0d0b7d0ceda,
+        0xb2268787a1874c35, 0x1dc2bebe7cbe99a3, 0x87655e5e3b5ecad9, 0x55a2a6a604a659f3,
+        0xbe97ecec7bec3352, 0x1c10040414042018, 0x683fc6c6f9c67eae, 0x090c03030f03180a,
+        0x8cd03434e434bdb8, 0xdbcbfbfb30fb8b20, 0x3b4bdbdb90db96e0, 0x927959592059f2cb,
+        0x25e2b6b654b6d993, 0x742fc2c2edc25eb6, 0x0704010105010806, 0xeae7f0f017f0d31a,
+        0x9b755a5a2f5aeac1, 0xb993eded7eed3b54, 0x52a6a7a701a751f5, 0x2f856666e3661749,
+        0xe7842121a52115c6, 0x60e17f7f9e7fdf1f, 0x91128a8a988a241b, 0xf59c2727bb2725d2,
+        0x6f3bc7c7fcc776a8, 0x7a27c0c0e7c04eba, 0xdfa429298d2955f6, 0x1f7bd7d7acd7f6c8
+    },
+    {
+        0x769393e593ec4dde, 0x43d9d99ad986ec35, 0x529a9ac89aa47be1, 0xeeb5b55bb5c1992c,
+        0x5a9898c298b477ef, 0x882222aa220dccee, 0x0945454c451283c6, 0xd7fcfc2bfcb332ce,
+        0xd2baba68bab9bb01, 0xb56a6adf6a77610b, 0x5bdfdf84dfb6f827, 0x0802020a02100c0e,
+        0x469f9fd99f8c65fa, 0x57dcdc8bdcaef22e, 0x5951510851b2fbaa, 0x7959592059f2cb92,
+        0x354a4a7f4a6aa1eb, 0x5c17174b17b87265, 0xac2b2b872b45fad1, 0x2fc2c2edc25eb674,
+        0x6a9494fe94d45fcb, 0xf7f4f403f4f302f6, 0xd6bbbb6dbbb1bd06, 0xb6a3a315a371ed4e,
+        0x956262f762375133, 0xb7e4e453e4736286, 0xd97171a871af3b4a, 0x77d4d4a3d4eec216,
+        0x13cdcddecd269459, 0xdd7070ad70a73d4d, 0x5816164e16b07462, 0xa3e1e142e15b7c9d,
+        0x394949704972abe2, 0xf03c3ccc3cfd88b4, 0x27c0c0e7c04eba7a, 0x47d8d89fd88eea32,
+        0x6d5c5c315cdad589, 0x569b9bcd9bac7de6, 0x8eadad23ad01c964, 0x2e8585ab855c39bc,
+        0x5153530253a2f7a4, 0xbea1a11fa161e140, 0xf57a7a8f7af7017b, 0x07c8c8cfc80e8a42,
+        0xb42d2d992d75eec3, 0xa7e0e047e0537a9a, 0x63d1d1b2d1c6dc0d, 0xd57272a772b73143,
+        0xa2a6a604a659f355, 0xb02c2c9c2c7de8c4, 0x37c4c4f3c46ea266, 0xabe3e348e34b7093,
+        0xc57676b37697295f, 0xfd78788578e70d75, 0xe6b7b751b7d19522, 0xeab4b45eb4c99f2b,
+        0x2409092d0948363f, 0xec3b3bd73bc59aa1, 0x380e0e360e70242a, 0x1941415841329bda,
+        0x2d4c4c614c5ab5f9, 0x5fdede81debefe20, 0xf2b2b240b2f98b39, 0x7a9090ea90f447d7,
+        0x942525b12535defb, 0xaea5a50ba541f95c, 0x7bd7d7acd7f6c81f, 0x0c03030f03180a09,
+        0x4411115511886677, 0x0000000000000000, 0x2bc3c3e8c356b073, 0xb82e2e962e6de4ca,
+        0x729292e092e44bd9, 0x9befef74ef2b58b7, 0x254e4e6b4e4ab9f7, 0x4812125a12906c7e,
+        0x4e9d9dd39d9c69f4, 0xe97d7d947dcf136e, 0x0bcbcbc0cb16804b, 0xd43535e135b5be8b,
+        0x4010105010806070, 0x73d5d5a6d5e6c411, 0x214f4f6e4f42bff0, 0x429e9edc9e8463fd,
+        0x294d4d644d52b3fe, 0x9ea9a937a921d178, 0x4955551c5592e3b6, 0x3fc6c6f9c67eae68,
+        0x67d0d0b7d0ceda0a, 0xf17b7b8a7bff077c, 0x6018187818c05048, 0x669797f197cc55c2,
+        0x6bd3d3b8d3d6d003, 0xd83636ee36adb482, 0xbfe6e659e6636e88, 0x3d484875487aade5,
+        0x45565613568ae9bf, 0x3e8181bf817c21a0, 0x068f8f898f0c058a, 0xc17777b6779f2f58,
+        0x17ccccdbcc2e925e, 0x4a9c9cd69c946ff3, 0xdeb9b967b9a1b108, 0xafe2e24de2437694,
+        0x8aacac26ac09cf63, 0xdab8b862b8a9b70f, 0xbc2f2f932f65e2cd, 0x5415154115a87e6b,
+        0xaaa4a40ea449ff5b, 0xed7c7c917cc71569, 0x4fdada95da9ee63c, 0xe03838d838dd90a8,
+        0x781e1e661ef0445a, 0x2c0b0b270b583a31, 0x1405051105281e1b, 0x7fd6d6a9d6fece18,
+        0x5014144414a0786c, 0xa56e6ecb6e577917, 0xad6c6cc16c477519, 0xe57e7e9b7ed71967,
+        0x856666e36617492f, 0xd3fdfd2efdbb34c9, 0xfeb1b14fb1e18130, 0xb3e5e556e57b6481,
+        0x9d6060fd60275d3d, 0x86afaf29af11c56a, 0x655e5e3b5ecad987, 0xcc3333ff3385aa99,
+        0x268787a1874c35b2, 0x03c9c9cac9068c45, 0xe7f0f017f0d31aea, 0x695d5d345dd2d38e,
+        0xa96d6dc46d4f731e, 0xfc3f3fc33fe582bd, 0x1a8888928834179f, 0x0e8d8d838d1c0984,
+        0x3bc7c7fcc776a86f, 0xfbf7f70cf7eb08ff, 0x741d1d691de84e53, 0x83e9e96ae91b4ca5,
+        0x97ecec7bec3352be, 0x93eded7eed3b54b9, 0x3a8080ba807427a7, 0xa429298d2955f6df,
+        0x9c2727bb2725d2f5, 0x1bcfcfd4cf369857, 0x5e9999c799bc71e8, 0x9aa8a832a829d77f,
+        0x5d50500d50bafdad, 0x3c0f0f330f78222d, 0xdc3737eb37a5b285, 0x902424b4243dd8fc,
+        0xa0282888285df0d8, 0xc03030f0309da090, 0x6e9595fb95dc59cc, 0x6fd2d2bdd2ded604,
+        0xf83e3ec63eed84ba, 0x715b5b2a5be2c79c, 0x1d40405d403a9ddd, 0x368383b5836c2dae,
+        0xf6b3b345b3f18d3e, 0xb96969d0696f6b02, 0x415757165782efb8, 0x7c1f1f631ff8425d,
+        0x1c07071b07381215, 0x701c1c6c1ce04854, 0x128a8a988a241b91, 0xcabcbc76bc89af13,
+        0x802020a0201dc0e0, 0x8bebeb60eb0b40ab, 0x1fceced1ce3e9e50, 0x028e8e8c8e04038d,
+        0x96abab3dab31dd76, 0x9feeee71ee235eb0, 0xc43131f53195a697, 0xb2a2a210a279eb49,
+        0xd17373a273bf3744, 0xc3f9f93af99b2cd5, 0x0fcacac5ca1e864c, 0xe83a3ad23acd9ca6,
+        0x681a1a721ad05c46, 0xcbfbfb30fb8b20db, 0x340d0d390d682e23, 0x23c1c1e2c146bc7d,
+        0xdffefe21fea33ec0, 0xcffafa35fa8326dc, 0xeff2f21df2c316e4, 0xa16f6fce6f5f7f10,
+        0xcebdbd73bd81a914, 0x629696f496c453c5, 0x53dddd8edda6f429, 0x11434352432297d4,
+        0x5552520752aaf1a3, 0xe2b6b654b6d99325, 0x2008082808403038, 0xebf3f318f3cb10e3,
+        0x82aeae2cae19c36d, 0xc2bebe7cbe99a31d, 0x6419197d19c8564f, 0x1e898997893c1198,
+        0xc83232fa328dac9e, 0x982626be262dd4f2, 0xfab0b04ab0e98737, 0x8feaea65ea0346ac,
+        0x314b4b7a4b62a7ec, 0x8d6464e964074521, 0x2a8484ae84543fbb, 0x328282b082642ba9,
+        0xb16b6bda6b7f670c, 0xf3f5f506f5fb04f1, 0xf979798079ef0b72, 0xc6bfbf79bf91a51a,
+        0x0401010501080607, 0x615f5f3e5fc2df80, 0xc97575bc758f2356, 0x916363f2633f5734,
+        0x6c1b1b771bd85a41, 0x8c2323af2305cae9, 0xf43d3dc93df58eb3, 0xbd6868d568676d05,
+        0xa82a2a822a4dfcd6, 0x896565ec650f4326, 0x87e8e86fe8134aa2, 0x7e9191ef91fc41d0,
+        0xfff6f609f6e30ef8, 0xdbffff24ffab38c7, 0x4c13135f13986a79, 0x7d58582558facd95,
+        0xe3f1f112f1db1ced, 0x0147474647028fc8, 0x280a0a220a503c36, 0xe17f7f9e7fdf1f60,
+        0x33c5c5f6c566a461, 0xa6a7a701a751f552, 0xbbe7e75ce76b688f, 0x996161f8612f5b3a,
+        0x755a5a2f5aeac19b, 0x1806061e06301412, 0x05464643460a89cf, 0x0d444449441a85c1,
+        0x15424257422a91d3, 0x100404140420181c, 0xbaa0a01aa069e747, 0x4bdbdb90db96e03b,
+        0xe43939dd39d596af, 0x228686a4864433b5, 0x4d545419549ae5b1, 0x92aaaa38aa39db71,
+        0x0a8c8c868c140f83, 0xd03434e434bdb88c, 0x842121a52115c6e7, 0x168b8b9d8b2c1d96,
+        0xc7f8f83ff8932ad2, 0x300c0c3c0c602824, 0xcd7474b974872551, 0x816767e6671f4f28
+    },
+    {
+        0x6868d568676d05bd, 0x8d8d838d1c09840e, 0xcacac5ca1e864c0f, 0x4d4d644d52b3fe29,
+        0x7373a273bf3744d1, 0x4b4b7a4b62a7ec31, 0x4e4e6b4e4ab9f725, 0x2a2a822a4dfcd6a8,
+        0xd4d4a3d4eec21677, 0x52520752aaf1a355, 0x2626be262dd4f298, 0xb3b345b3f18d3ef6,
+        0x545419549ae5b14d, 0x1e1e661ef0445a78, 0x19197d19c8564f64, 0x1f1f631ff8425d7c,
+        0x2222aa220dccee88, 0x03030f03180a090c, 0x464643460a89cf05, 0x3d3dc93df58eb3f4,
+        0x2d2d992d75eec3b4, 0x4a4a7f4a6aa1eb35, 0x53530253a2f7a451, 0x8383b5836c2dae36,
+        0x13135f13986a794c, 0x8a8a988a241b9112, 0xb7b751b7d19522e6, 0xd5d5a6d5e6c41173,
+        0x2525b12535defb94, 0x79798079ef0b72f9, 0xf5f506f5fb04f1f3, 0xbdbd73bd81a914ce,
+        0x58582558facd957d, 0x2f2f932f65e2cdbc, 0x0d0d390d682e2334, 0x02020a02100c0e08,
+        0xeded7eed3b54b993, 0x51510851b2fbaa59, 0x9e9edc9e8463fd42, 0x1111551188667744,
+        0xf2f21df2c316e4ef, 0x3e3ec63eed84baf8, 0x55551c5592e3b649, 0x5e5e3b5ecad98765,
+        0xd1d1b2d1c6dc0d63, 0x16164e16b0746258, 0x3c3ccc3cfd88b4f0, 0x6666e36617492f85,
+        0x7070ad70a73d4ddd, 0x5d5d345dd2d38e69, 0xf3f318f3cb10e3eb, 0x45454c451283c609,
+        0x40405d403a9ddd1d, 0xccccdbcc2e925e17, 0xe8e86fe8134aa287, 0x9494fe94d45fcb6a,
+        0x565613568ae9bf45, 0x0808280840303820, 0xceced1ce3e9e501f, 0x1a1a721ad05c4668,
+        0x3a3ad23acd9ca6e8, 0xd2d2bdd2ded6046f, 0xe1e142e15b7c9da3, 0xdfdf84dfb6f8275b,
+        0xb5b55bb5c1992cee, 0x3838d838dd90a8e0, 0x6e6ecb6e577917a5, 0x0e0e360e70242a38,
+        0xe5e556e57b6481b3, 0xf4f403f4f302f6f7, 0xf9f93af99b2cd5c3, 0x8686a4864433b522,
+        0xe9e96ae91b4ca583, 0x4f4f6e4f42bff021, 0xd6d6a9d6fece187f, 0x8585ab855c39bc2e,
+        0x2323af2305cae98c, 0xcfcfd4cf3698571b, 0x3232fa328dac9ec8, 0x9999c799bc71e85e,
+        0x3131f53195a697c4, 0x14144414a0786c50, 0xaeae2cae19c36d82, 0xeeee71ee235eb09f,
+        0xc8c8cfc80e8a4207, 0x484875487aade53d, 0xd3d3b8d3d6d0036b, 0x3030f0309da090c0,
+        0xa1a11fa161e140be, 0x9292e092e44bd972, 0x41415841329bda19, 0xb1b14fb1e18130fe,
+        0x18187818c0504860, 0xc4c4f3c46ea26637, 0x2c2c9c2c7de8c4b0, 0x7171a871af3b4ad9,
+        0x7272a772b73143d5, 0x444449441a85c10d, 0x15154115a87e6b54, 0xfdfd2efdbb34c9d3,
+        0x3737eb37a5b285dc, 0xbebe7cbe99a31dc2, 0x5f5f3e5fc2df8061, 0xaaaa38aa39db7192,
+        0x9b9bcd9bac7de656, 0x8888928834179f1a, 0xd8d89fd88eea3247, 0xabab3dab31dd7696,
+        0x898997893c11981e, 0x9c9cd69c946ff34a, 0xfafa35fa8326dccf, 0x6060fd60275d3d9d,
+        0xeaea65ea0346ac8f, 0xbcbc76bc89af13ca, 0x6262f76237513395, 0x0c0c3c0c60282430,
+        0x2424b4243dd8fc90, 0xa6a604a659f355a2, 0xa8a832a829d77f9a, 0xecec7bec3352be97,
+        0x6767e6671f4f2881, 0x2020a0201dc0e080, 0xdbdb90db96e03b4b, 0x7c7c917cc71569ed,
+        0x282888285df0d8a0, 0xdddd8edda6f42953, 0xacac26ac09cf638a, 0x5b5b2a5be2c79c71,
+        0x3434e434bdb88cd0, 0x7e7e9b7ed71967e5, 0x1010501080607040, 0xf1f112f1db1cede3,
+        0x7b7b8a7bff077cf1, 0x8f8f898f0c058a06, 0x6363f2633f573491, 0xa0a01aa069e747ba,
+        0x05051105281e1b14, 0x9a9ac89aa47be152, 0x434352432297d411, 0x7777b6779f2f58c1,
+        0x2121a52115c6e784, 0xbfbf79bf91a51ac6, 0x2727bb2725d2f59c, 0x09092d0948363f24,
+        0xc3c3e8c356b0732b, 0x9f9fd99f8c65fa46, 0xb6b654b6d99325e2, 0xd7d7acd7f6c81f7b,
+        0x29298d2955f6dfa4, 0xc2c2edc25eb6742f, 0xebeb60eb0b40ab8b, 0xc0c0e7c04eba7a27,
+        0xa4a40ea449ff5baa, 0x8b8b9d8b2c1d9616, 0x8c8c868c140f830a, 0x1d1d691de84e5374,
+        0xfbfb30fb8b20dbcb, 0xffff24ffab38c7db, 0xc1c1e2c146bc7d23, 0xb2b240b2f98b39f2,
+        0x9797f197cc55c266, 0x2e2e962e6de4cab8, 0xf8f83ff8932ad2c7, 0x6565ec650f432689,
+        0xf6f609f6e30ef8ff, 0x7575bc758f2356c9, 0x07071b073812151c, 0x0404140420181c10,
+        0x4949704972abe239, 0x3333ff3385aa99cc, 0xe4e453e4736286b7, 0xd9d99ad986ec3543,
+        0xb9b967b9a1b108de, 0xd0d0b7d0ceda0a67, 0x424257422a91d315, 0xc7c7fcc776a86f3b,
+        0x6c6cc16c477519ad, 0x9090ea90f447d77a, 0x0000000000000000, 0x8e8e8c8e04038d02,
+        0x6f6fce6f5f7f10a1, 0x50500d50bafdad5d, 0x0101050108060704, 0xc5c5f6c566a46133,
+        0xdada95da9ee63c4f, 0x47474647028fc801, 0x3f3fc33fe582bdfc, 0xcdcddecd26945913,
+        0x6969d0696f6b02b9, 0xa2a210a279eb49b2, 0xe2e24de2437694af, 0x7a7a8f7af7017bf5,
+        0xa7a701a751f552a6, 0xc6c6f9c67eae683f, 0x9393e593ec4dde76, 0x0f0f330f78222d3c,
+        0x0a0a220a503c3628, 0x06061e0630141218, 0xe6e659e6636e88bf, 0x2b2b872b45fad1ac,
+        0x9696f496c453c562, 0xa3a315a371ed4eb6, 0x1c1c6c1ce0485470, 0xafaf29af11c56a86,
+        0x6a6adf6a77610bb5, 0x12125a12906c7e48, 0x8484ae84543fbb2a, 0x3939dd39d596afe4,
+        0xe7e75ce76b688fbb, 0xb0b04ab0e98737fa, 0x8282b082642ba932, 0xf7f70cf7eb08fffb,
+        0xfefe21fea33ec0df, 0x9d9dd39d9c69f44e, 0x8787a1874c35b226, 0x5c5c315cdad5896d,
+        0x8181bf817c21a03e, 0x3535e135b5be8bd4, 0xdede81debefe205f, 0xb4b45eb4c99f2bea,
+        0xa5a50ba541f95cae, 0xfcfc2bfcb332ced7, 0x8080ba807427a73a, 0xefef74ef2b58b79b,
+        0xcbcbc0cb16804b0b, 0xbbbb6dbbb1bd06d6, 0x6b6bda6b7f670cb1, 0x7676b37697295fc5,
+        0xbaba68bab9bb01d2, 0x5a5a2f5aeac19b75, 0x7d7d947dcf136ee9, 0x78788578e70d75fd,
+        0x0b0b270b583a312c, 0x9595fb95dc59cc6e, 0xe3e348e34b7093ab, 0xadad23ad01c9648e,
+        0x7474b974872551cd, 0x9898c298b477ef5a, 0x3b3bd73bc59aa1ec, 0x3636ee36adb482d8,
+        0x6464e9640745218d, 0x6d6dc46d4f731ea9, 0xdcdc8bdcaef22e57, 0xf0f017f0d31aeae7,
+        0x59592059f2cb9279, 0xa9a937a921d1789e, 0x4c4c614c5ab5f92d, 0x17174b17b872655c,
+        0x7f7f9e7fdf1f60e1, 0x9191ef91fc41d07e, 0xb8b862b8a9b70fda, 0xc9c9cac9068c4503,
+        0x5757165782efb841, 0x1b1b771bd85a416c, 0xe0e047e0537a9aa7, 0x6161f8612f5b3a99
+    }
+};
+
+EXPORT_TABLE
+const word64 IT[8][256] =
+{
+    {
+        0x7826942b9f5f8a9a, 0x210f43c934970c53, 0x5f028fdd9d0551b8, 0x14facd82b494c83b,
+        0x2b72ab886edd68c0, 0xa6a87e5bff19d9b4, 0xa29ae571db6443ea, 0x039b2c911be8e5b6,
+        0xd9275dcb5fd32cc6, 0x10c856a890e95265, 0x7d96e085b27ab85d, 0x31c71561a47e5e36,
+        0x74702455f3d83978, 0xe8e048aafbad72f0, 0x9b39db4437e03460, 0x75f2cbd1fa8091e1,
+        0x1ab5bee9caa336f6, 0x8395a6b8eff34fb9, 0x64b872fd63316b1d, 0xe1068c7aba0ff3d5,
+        0xeecb1095cd60a581, 0xbc1dc0b235baef42, 0xf04c355623be0929, 0xb252b3d94b8d118f,
+        0x18ac7dfcd8137bd9, 0xbbb477090a2f90aa, 0x8625d216c2d67d7e, 0x66a1b1e871812632,
+        0x6f4775383023a717, 0x92df1f947642b545, 0xe962a72ef2f5da69, 0x8bf18deca7096605,
+        0xc86de4e7c662d63a, 0xaafece25939e6a56, 0x5c99a34c86edb40e, 0x52d6d027f8da4ac3,
+        0x6b75ee12145e3d49, 0x54fd8818ce179db2, 0xa3180af5d23ceb73, 0xbe0403a7270aa26d,
+        0xfe03463d5d89f7e4, 0xf1cedad22ae6a1b0, 0xd143769f1729057a, 0xc7a07808b10d806e,
+        0xfc1a85284f39bacb, 0xa4b1bd4eeda9949b, 0x0bff07c55312cc0a, 0xef49ff11c4380d18,
+        0xc392e32295701a30, 0x7f8f2390a0caf572, 0x62932ac255fcbc6c, 0xc9ef0b63cf3a7ea3,
+        0xf9aaf186621c880c, 0x818c65adfd430296, 0x325c39f0bf96bb80, 0x0c56b07e6c87b3e2,
+        0x4bf8425f29919983, 0xb5fb046274186e67, 0x462c1da54c4e82f8, 0x90c6dc8164f2f86a,
+        0xf8281e026b442095, 0x6af701961d0695d0, 0x5766a489d5ff7804, 0xf3d719c73856ec9f,
+        0xad57799eac0b15be, 0x1b37516dc3fb9e6f, 0xc009cfb38e98ff86, 0x9576a82f49d7caad,
+        0xe6af3bc1859a8c3d, 0x208dac4d3dcfa4ca, 0x8ddad5d391c4b174, 0x8e41f9428a2c54c2,
+        0x6cdc59a92bcb42a1, 0xe53417509e72698b, 0xd0c1991b1e71ade3, 0x8217493ce6abe720,
+        0xd4f302313a0c37bd, 0x5e806059945df921, 0x73d993eecc4d4690, 0xf5fc41f80e9b3bee,
+        0x13537a398b01b7d3, 0x53543fa3f182e25a, 0x2d59f3b75810bfb1, 0x35f58e4b8003c468,
+        0x886aa17dbce183b3, 0x4c51f5e41604e66b, 0x98a2f7d52c08d1d6, 0xa101c9e0c08ca65c,
+        0x4007459a7a835589, 0xcc5f7fcde21f4c64, 0xa965e2b488768fe0, 0x12d195bd82591f4a,
+        0x2f4030a24aa0f29e, 0x56e44b0ddca7d09d, 0x914433056daa50f3, 0x37ec4d5e92b38947,
+        0xe31f4f6fa8bfbefa, 0x50cf1332ea6a07ec, 0x6d5eb62d2293ea38, 0x09e6c4d041a28125,
+        0x8fc316c68374fc5b, 0x421e868f683318a6, 0xe08463feb3575b4c, 0x3821d1b1e5dcdf13,
+        0xed503c04d6884037, 0xd35ab58a05994855, 0x976f6b3a5b678782, 0x6ec59abc397b0f8e,
+        0x5929d7e2abc886c9, 0xa53352cae4f13c02, 0x89e84ef9b5b92b2a, 0x1761e113af7c2d8d,
+        0x28e9871975358d76, 0xdc97296572f61e01, 0x67235e6c78d98eab, 0x3d91a51fc8f9edd4,
+        0x68eec2830fb6d8ff, 0xfbb3329370acc523, 0x062b583f36cdd771, 0x15782206bdcc60a2,
+        0x16e30e97a6248514, 0x79a47baf96072203, 0xf7e582ed1c2b76c1, 0xde8eea706046532e,
+        0xaf4eba8bbebb5891, 0x08642b5448fa29bc, 0x24bf376719b23e94, 0x231680dc2627417c,
+        0x0dd45ffa65df1b7b, 0x1d1c0952f536491e, 0xff81a9b954d15f7d, 0x992018512550794f,
+        0x71c050fbdefd0bbf, 0xc18b203787c0571f, 0x253dd8e310ea960d, 0xeb7b643be0459746,
+        0x0219c31512b04d2f, 0xc43b5499aae565d8, 0xeaf98bbfe91d3fdf, 0x3a3812a4f76c923c,
+        0x4dd31a601f5c4ef2, 0xa8e70d30812e2779, 0x800e8a29f41baa0f, 0x1c9ee6d6fc6ee187,
+        0x5d1b4cc88fb51c97, 0x610806534e1459da, 0xf255f643310e4406, 0xd2d85a0e0cc1e0cc,
+        0x0182ef840958a899, 0x7e0dcc14a9925deb, 0x653a9d796a69c384, 0x4e4836f104b4ab44,
+        0x4fcad9750dec03dd, 0xcddd9049eb47e4fd, 0x0e4f736b7e37fecd, 0x4185aa1e73dbfd10,
+        0x725b7c6ac515ee09, 0x8a736268ae51ce9c, 0xc5b9bb1da3bdcd41, 0x7bbdb8ba84b76f2c,
+        0xdabc715a443bc970, 0xe29da0eba1e71663, 0x935df0107f1a1ddc, 0x608ae9d7474cf143,
+        0xd571edb533549f24, 0xa0832664c9d40ec5, 0xfd986aac46611252, 0x4435deb05efecfd7,
+        0x0000000000000000, 0x2cdb1c3351481728, 0x94f447ab408f6234, 0x45b7313457a6674e,
+        0xb82f5b9811c7751c, 0x8c583a57989c19ed, 0xdd15c6e17baeb698, 0x696c2d0706ee7066,
+        0x3f88660ada49a0fb, 0xf47eae7c07c39377, 0x05b074ae2d2532c7, 0xb3d05c5d42d5b916,
+        0x39a33e35ec84778a, 0x0fcd9cef776f5654, 0xacd5961aa553bd27, 0x5b3014f7b978cbe6,
+        0x347761cf895b6cf1, 0xc622978cb85528f7, 0xb7e2c77766a82348, 0x77eb08c4e830dcce,
+        0xb9adb41c189fdd85, 0x114ab92c99b1fafc, 0x26a6f4720b0273bb, 0x1e8725c3eedeaca8,
+        0x2af0440c6785c059, 0x04329b2a247d9a5e, 0xd7682ea021e4d20b, 0x7c140f01bb2210c4,
+        0x96ed84be523f2f1b, 0xca7427f2d4d29b15, 0x47aef22145162a61, 0xa72a91dff641712d,
+        0x5ab2fb73b020637f, 0xcbf6c876dd8a338c, 0x6311c5465ca414f5, 0x07a9b7bb3f957fe8,
+        0xe72dd4458cc224a4, 0x9d12837b012de311, 0x843c1103d0663051, 0x0a7de8415a4a6493,
+        0xd6eac12428bc7a92, 0x9c906cff08754b88, 0x7042bf7fd7a5a326, 0xbd9f2f363ce247db,
+        0xb66028f36ff08bd1, 0x192e9278d14bd340, 0x9f0b406e139dae3e, 0x1f05ca47e7860431,
+        0x85befe87d93e98c8, 0x439c690b616bb03f, 0xba36988d03773833, 0x87a73d92cb8ed5e7,
+        0xaecc550fb7e3f008, 0xc2100ca69c28b2a9, 0x9abb34c03eb89cf9, 0x49e1814a3b21d4ac,
+        0xecd2d380dfd0e8ae, 0x296b689d7c6d25ef, 0x3c134a9bc1a1454d, 0xcfc4535cf9f7a9d2,
+        0x557f679cc74f352b, 0xb479ebe67d40c6fe, 0xf6676d691573de58, 0x9e89afea1ac506a7,
+        0xd8a5b24f568b845f, 0x48636ece32797c35, 0xdf0c05f4691efbb7, 0xe4b6f8d4972ac112,
+        0xfa31dd1779f46dba, 0xbf86ec232e520af4, 0x3e0a898ed3110862, 0x7a3f573e8defc7b5,
+        0x27241bf6025adb22, 0x58ab3866a2902e50, 0x3bbafd20fe343aa5, 0x3045fae5ad26f6af,
+        0x2ec2df2643f85a07, 0x22946f582f7fe9e5, 0x366ea2da9beb21de, 0x4a7aaddb20c9311a,
+        0xb1c99f485065f439, 0xb04b70cc593d5ca0, 0xab7c21a19ac6c2cf, 0x33ded674b6ce1319,
+        0xce46bcd8f0af014b, 0xdb3e9ede4d6361e9, 0x7669e740e1687457, 0x514dfcb6e332af75
+    },
+    {
+        0x1f4f6fa8bfbefae3, 0xf0440c6785c0592a, 0x1dc0b235baef42bc, 0x22978cb85528f7c6,
+        0xcedad22ae6a1b0f1, 0x180af5d23ceb73a3, 0x946f582f7fe9e522, 0xe44b0ddca7d09d56,
+        0x906cff08754b889c, 0x9f2f363ce247dbbd, 0xa1b1e87181263266, 0x21d1b1e5dcdf1338,
+        0x31dd1779f46dbafa, 0x4b70cc593d5ca0b0, 0xd719c73856ec9ff3, 0x8725c3eedeaca81e,
+        0x71edb533549f24d5, 0x12837b012de3119d, 0x3dd8e310ea960d25, 0x29d7e2abc886c959,
+        0xb477090a2f90aabb, 0x45fae5ad26f6af30, 0x9ee6d6fc6ee1871c, 0xbefe87d93e98c885,
+        0xe30e97a624851416, 0xd6d027f8da4ac352, 0xcc550fb7e3f008ae, 0x5ab58a05994855d3,
+        0x806059945df9215e, 0x82ef840958a89901, 0x4ab92c99b1fafc11, 0x281e026b442095f8,
+        0x62a72ef2f5da69e9, 0x8b203787c0571fc1, 0x4f736b7e37fecd0e, 0xab3866a2902e5058,
+        0x6ea2da9beb21de36, 0xf447ab408f623494, 0x235e6c78d98eab67, 0x11c5465ca414f563,
+        0xd31a601f5c4ef24d, 0xa2f7d52c08d1d698, 0x85aa1e73dbfd1041, 0xdc59a92bcb42a16c,
+        0x59f3b75810bfb12d, 0xe2c77766a82348b7, 0xb9bb1da3bdcd41c5, 0x96e085b27ab85d7d,
+        0x99a34c86edb40e5c, 0x66a489d5ff780457, 0x95a6b8eff34fb983, 0x7f679cc74f352b55,
+        0x7de8415a4a64930a, 0x9b2c911be8e5b603, 0x4836f104b4ab444e, 0xdb1c33514817282c,
+        0x15c6e17baeb698dd, 0xed84be523f2f1b96, 0xe1814a3b21d4ac49, 0x503c04d6884037ed,
+        0x4c355623be0929f0, 0x3b5499aae565d8c4, 0x0a898ed31108623e, 0xb074ae2d2532c705,
+        0x028fdd9d0551b85f, 0xf58e4b8003c46835, 0x3352cae4f13c02a5, 0x6c2d0706ee706669,
+        0x7c21a19ac6c2cfab, 0x19c31512b04d2f02, 0xa6f4720b0273bb26, 0x05ca47e78604311f,
+        0x46bcd8f0af014bce, 0x1e868f683318a642, 0x5c39f0bf96bb8032, 0x79ebe67d40c6feb4,
+        0xff07c55312cc0a0b, 0xaef22145162a6147, 0xc1991b1e71ade3d0, 0xded674b6ce131933,
+        0x7aaddb20c9311a4a, 0x4dfcb6e332af7551, 0x6de4e7c662d63ac8, 0xbf376719b23e9424,
+        0x07459a7a83558940, 0xac7dfcd8137bd918, 0xdf1f947642b54592, 0x17493ce6abe72082,
+        0xfc41f80e9b3beef5, 0xe70d30812e2779a8, 0xd993eecc4d469073, 0x65e2b488768fe0a9,
+        0xd2d380dfd0e8aeec, 0xe6c4d041a2812509, 0x068c7aba0ff3d5e1, 0x51f5e41604e66b4c,
+        0x41f9428a2c54c28e, 0x537a398b01b7d313, 0x782206bdcc60a215, 0x89afea1ac506a79e,
+        0x8ae9d7474cf14360, 0xf6c876dd8a338ccb, 0x43769f1729057ad1, 0x8dac4d3dcfa4ca20,
+        0xb7313457a6674e45, 0x2018512550794f99, 0xbb34c03eb89cf99a, 0xbafd20fe343aa53b,
+        0x03463d5d89f7e4fe, 0x42bf7fd7a5a32670, 0x3f573e8defc7b57a, 0xadb41c189fdd85b9,
+        0xcad9750dec03dd4f, 0x0f43c934970c5321, 0x2f5b9811c7751cb8, 0xd85a0e0cc1e0ccd2,
+        0xe048aafbad72f0e8, 0xf18deca70966058b, 0xdd9049eb47e4fdcd, 0xa87e5bff19d9b4a6,
+        0x5df0107f1a1ddc93, 0xd195bd82591f4a12, 0x0c05f4691efbb7df, 0x8463feb3575b4ce0,
+        0x55f643310e4406f2, 0xb6f8d4972ac112e4, 0x4030a24aa0f29e2f, 0xfd8818ce179db254,
+        0x3c1103d066305184, 0x682ea021e4d20bd7, 0x81a9b954d15f7dff, 0x275dcb5fd32cc6d9,
+        0xfacd82b494c83b14, 0x4433056daa50f391, 0xe9871975358d7628, 0xeac12428bc7a92d6,
+        0x1a85284f39bacbfc, 0xf8425f299199834b, 0x676d691573de58f6, 0xd05c5d42d5b916b3,
+        0x8eea706046532ede, 0xfb046274186e67b5, 0x134a9bc1a1454d3c, 0x57799eac0b15bead,
+        0x241bf6025adb2227, 0x72ab886edd68c02b, 0x9ae571db6443eaa2, 0xc050fbdefd0bbf71,
+        0xa5b24f568b845fd8, 0xe84ef9b5b92b2a89, 0x6f6b3a5b67878297, 0xc6dc8164f2f86a90,
+        0x7eae7c07c39377f4, 0x5eb62d2293ea386d, 0x8c65adfd43029681, 0x2dd4458cc224a4e7,
+        0xfece25939e6a56aa, 0xcd9cef776f56540f, 0xa33e35ec84778a39, 0xc2df2643f85a072e,
+        0xbc715a443bc970da, 0xa07808b10d806ec7, 0x36988d03773833ba, 0x1680dc2627417c23,
+        0xcb1095cd60a581ee, 0xbdb8ba84b76f2c7b, 0x702455f3d8397874, 0x35deb05efecfd744,
+        0x8f2390a0caf5727f, 0xb1bd4eeda9949ba4, 0x39db4437e034609b, 0xe582ed1c2b76c1f7,
+        0xc4535cf9f7a9d2cf, 0xb2fb73b020637f5a, 0x583a57989c19ed8c, 0x25d216c2d67d7e86,
+        0x0806534e1459da61, 0x6b689d7c6d25ef29, 0x0dcc14a9925deb7e, 0xc99f485065f439b1,
+        0xa9b7bb3f957fe807, 0x2a91dff641712da7, 0x1c0952f536491e1d, 0x75ee12145e3d496b,
+        0xf98bbfe91d3fdfea, 0x92e32295701a30c3, 0x3e9ede4d6361e9db, 0x76a82f49d7caad95,
+        0x9da0eba1e71663e2, 0x09cfb38e98ff86c0, 0x9c690b616bb03f43, 0xdad5d391c4b1748d,
+        0x3812a4f76c923c3a, 0x5f7fcde21f4c64cc, 0x6aa17dbce183b388, 0xeec2830fb6d8ff68,
+        0x736268ae51ce9c8a, 0xa47baf9607220379, 0x543fa3f182e25a53, 0x4eba8bbebb5891af,
+        0x2e9278d14bd34019, 0x69e740e168745776, 0x37516dc3fb9e6f1b, 0xb3329370acc523fb,
+        0x3a9d796a69c38465, 0x7761cf895b6cf134, 0x0000000000000000, 0x88660ada49a0fb3f,
+        0xb5bee9caa336f61a, 0x5b7c6ac515ee0972, 0x52b3d94b8d118fb2, 0x329b2a247d9a5e04,
+        0x0e8a29f41baa0f80, 0x642b5448fa29bc08, 0x7b643be0459746eb, 0xd45ffa65df1b7b0d,
+        0xeb08c4e830dcce77, 0xf2cbd1fa8091e175, 0xf302313a0c37bdd4, 0x91a51fc8f9edd43d,
+        0xef0b63cf3a7ea3c9, 0xc316c68374fc5b8f, 0x01c9e0c08ca65ca1, 0x3417509e72698be5,
+        0x4775383023a7176f, 0x636ece32797c3548, 0x1b4cc88fb51c975d, 0x140f01bb2210c47c,
+        0x7427f2d4d29b15ca, 0xa73d92cb8ed5e787, 0xc71561a47e5e3631, 0xaaf186621c880cf9,
+        0x6028f36ff08bd1b6, 0x97296572f61e01dc, 0xc59abc397b0f8e6e, 0xec4d5e92b3894737,
+        0xb872fd63316b1d64, 0xaf3bc1859a8c3de6, 0x0403a7270aa26dbe, 0x26942b9f5f8a9a78,
+        0x86ec232e520af4bf, 0x49ff11c4380d18ef, 0xf701961d0695d06a, 0x56b07e6c87b3e20c,
+        0xd5961aa553bd27ac, 0x61e113af7c2d8d17, 0x100ca69c28b2a9c2, 0xcf1332ea6a07ec50,
+        0xc856a890e9526510, 0x2b583f36cdd77106, 0x932ac255fcbc6c62, 0x0b406e139dae3e9f,
+        0x832664c9d40ec5a0, 0x3014f7b978cbe65b, 0x2c1da54c4e82f846, 0x986aac46611252fd
+    },
+    {
+        0x679cc74f352b557f, 0x376719b23e9424bf, 0xcc14a9925deb7e0d, 0xb07e6c87b3e20c56,
+        0xa17dbce183b3886a, 0xee12145e3d496b75, 0x406e139dae3e9f0b, 0x942b9f5f8a9a7826,
+        0xb24f568b845fd8a5, 0xdf2643f85a072ec2, 0x8c7aba0ff3d5e106, 0x0b63cf3a7ea3c9ef,
+        0x12a4f76c923c3a38, 0x8bbfe91d3fdfeaf9, 0x9278d14bd340192e, 0xca47e78604311f05,
+        0x07c55312cc0a0bff, 0xcfb38e98ff86c009, 0x991b1e71ade3d0c1, 0x16c68374fc5b8fc3,
+        0x39f0bf96bb80325c, 0x3d92cb8ed5e787a7, 0xac4d3dcfa4ca208d, 0xfae5ad26f6af3045,
+        0x63feb3575b4ce084, 0x28f36ff08bd1b660, 0xc6e17baeb698dd15, 0x84be523f2f1b96ed,
+        0x3c04d6884037ed50, 0xce25939e6a56aafe, 0xa34c86edb40e5c99, 0xebe67d40c6feb479,
+        0x27f2d4d29b15ca74, 0x6d691573de58f667, 0x329370acc523fbb3, 0x2c911be8e5b6039b,
+        0x871975358d7628e9, 0x550fb7e3f008aecc, 0x7e5bff19d9b4a6a8, 0xf8d4972ac112e4b6,
+        0xd1b1e5dcdf133821, 0xfcb6e332af75514d, 0x1e026b442095f828, 0x1f947642b54592df,
+        0x5e6c78d98eab6723, 0x17509e72698be534, 0x2ac255fcbc6c6293, 0x95bd82591f4a12d1,
+        0x799eac0b15bead57, 0xf0107f1a1ddc935d, 0xd674b6ce131933de, 0xf5e41604e66b4c51,
+        0x8818ce179db254fd, 0x03a7270aa26dbe04, 0x1c33514817282cdb, 0x2f363ce247dbbd9f,
+        0xa72ef2f5da69e962, 0x93eecc4d469073d9, 0xb92c99b1fafc114a, 0x77090a2f90aabbb4,
+        0x0ca69c28b2a9c210, 0xc9e0c08ca65ca101, 0x4b0ddca7d09d56e4, 0x988d03773833ba36,
+        0x06534e1459da6108, 0x3a57989c19ed8c58, 0x0952f536491e1d1c, 0x0af5d23ceb73a318,
+        0x0d30812e2779a8e7, 0xd7e2abc886c95929, 0xa51fc8f9edd43d91, 0x690b616bb03f439c,
+        0x516dc3fb9e6f1b37, 0xa489d5ff78045766, 0x52cae4f13c02a533, 0x4cc88fb51c975d1b,
+        0x459a7a8355894007, 0x9d796a69c384653a, 0x313457a6674e45b7, 0x4a9bc1a1454d3c13,
+        0x6268ae51ce9c8a73, 0xfe87d93e98c885be, 0xff11c4380d18ef49, 0x8deca70966058bf1,
+        0xdeb05efecfd74435, 0xd027f8da4ac352d6, 0xf186621c880cf9aa, 0x43c934970c53210f,
+        0xbee9caa336f61ab5, 0x56a890e9526510c8, 0xe8415a4a64930a7d, 0xe32295701a30c392,
+        0x3e35ec84778a39a3, 0x4f6fa8bfbefae31f, 0x5dcb5fd32cc6d927, 0x9f485065f439b1c9,
+        0x1095cd60a581eecb, 0x978cb85528f7c622, 0x7baf9607220379a4, 0xd216c2d67d7e8625,
+        0xe4e7c662d63ac86d, 0xb62d2293ea386d5e, 0x8a29f41baa0f800e, 0x5ffa65df1b7b0dd4,
+        0x61cf895b6cf13477, 0xa6b8eff34fb98395, 0x814a3b21d4ac49e1, 0xaddb20c9311a4a7a,
+        0x74ae2d2532c705b0, 0x30a24aa0f29e2f40, 0x91dff641712da72a, 0x9049eb47e4fdcddd,
+        0x493ce6abe7208217, 0x36f104b4ab444e48, 0xf22145162a6147ae, 0x5c5d42d5b916b3d0,
+        0xf7d52c08d1d698a2, 0x7a398b01b7d31353, 0x6cff08754b889c90, 0x14f7b978cbe65b30,
+        0xc4d041a2812509e6, 0xe085b27ab85d7d96, 0xc0b235baef42bc1d, 0x868f683318a6421e,
+        0xea706046532ede8e, 0x4ef9b5b92b2a89e8, 0xdc8164f2f86a90c6, 0x2455f3d839787470,
+        0x5499aae565d8c43b, 0x59a92bcb42a16cdc, 0xa9b954d15f7dff81, 0xae7c07c39377f47e,
+        0x01961d0695d06af7, 0xdb4437e034609b39, 0x3bc1859a8c3de6af, 0xaa1e73dbfd104185,
+        0x7dfcd8137bd918ac, 0x80dc2627417c2316, 0xd9750dec03dd4fca, 0xc5465ca414f56311,
+        0x203787c0571fc18b, 0xd5d391c4b1748dda, 0xc2830fb6d8ff68ee, 0xbcd8f0af014bce46,
+        0xa0eba1e71663e29d, 0xfb73b020637f5ab2, 0x7c6ac515ee09725b, 0x0000000000000000,
+        0xc876dd8a338ccbf6, 0x9cef776f56540fcd, 0x47ab408f623494f4, 0xcbd1fa8091e175f2,
+        0x9abc397b0f8e6ec5, 0xb58a05994855d35a, 0x4d5e92b3894737ec, 0x961aa553bd27acd5,
+        0xc31512b04d2f0219, 0xe6d6fc6ee1871c9e, 0xe2b488768fe0a965, 0xb3d94b8d118fb252,
+        0x440c6785c0592af0, 0x25c3eedeaca81e87, 0x583f36cdd771062b, 0x2d0706ee7066696c,
+        0x425f299199834bf8, 0xfd20fe343aa53bba, 0xf643310e4406f255, 0xdad22ae6a1b0f1ce,
+        0x1da54c4e82f8462c, 0x355623be0929f04c, 0x769f1729057ad143, 0xbd4eeda9949ba4b1,
+        0xd8e310ea960d253d, 0x736b7e37fecd0e4f, 0x65adfd430296818c, 0xb8ba84b76f2c7bbd,
+        0x9b2a247d9a5e0432, 0xc77766a82348b7e2, 0x08c4e830dcce77eb, 0x0e97a624851416e3,
+        0x898ed31108623e0a, 0xe571db6443eaa29a, 0x573e8defc7b57a3f, 0x21a19ac6c2cfab7c,
+        0x70cc593d5ca0b04b, 0x2664c9d40ec5a083, 0x296572f61e01dc97, 0x85284f39bacbfc1a,
+        0x715a443bc970dabc, 0xef840958a8990182, 0xcd82b494c83b14fa, 0x48aafbad72f0e8e0,
+        0xe9d7474cf143608a, 0x2390a0caf5727f8f, 0xb7bb3f957fe807a9, 0x82ed1c2b76c1f7e5,
+        0xbb1da3bdcd41c5b9, 0x72fd63316b1d64b8, 0x7808b10d806ec7a0, 0x837b012de3119d12,
+        0x689d7c6d25ef296b, 0x02313a0c37bdd4f3, 0x1103d0663051843c, 0xab886edd68c02b72,
+        0x6b3a5b678782976f, 0xe113af7c2d8d1761, 0x6aac46611252fd98, 0x50fbdefd0bbf71c0,
+        0x2ea021e4d20bd768, 0x5a0e0cc1e0ccd2d8, 0x34c03eb89cf99abb, 0xb41c189fdd85b9ad,
+        0x9ede4d6361e9db3e, 0xafea1ac506a79e89, 0x463d5d89f7e4fe03, 0x18512550794f9920,
+        0x41f80e9b3beef5fc, 0xa82f49d7caad9576, 0x0f01bb2210c47c14, 0xec232e520af4bf86,
+        0x1bf6025adb222724, 0xa2da9beb21de366e, 0xedb533549f24d571, 0x643be0459746eb7b,
+        0xbf7fd7a5a3267042, 0x046274186e67b5fb, 0x8e4b8003c46835f5, 0x1332ea6a07ec50cf,
+        0xd380dfd0e8aeecd2, 0x6f582f7fe9e52294, 0xf9428a2c54c28e41, 0x3fa3f182e25a5354,
+        0x535cf9f7a9d2cfc4, 0x660ada49a0fb3f88, 0x33056daa50f39144, 0x8fdd9d0551b85f02,
+        0x19c73856ec9ff3d7, 0xb1e87181263266a1, 0x1561a47e5e3631c7, 0xd4458cc224a4e72d,
+        0xe740e16874577669, 0xc12428bc7a92d6ea, 0x3866a2902e5058ab, 0x1a601f5c4ef24dd3,
+        0x6059945df9215e80, 0x05f4691efbb7df0c, 0x5b9811c7751cb82f, 0x2b5448fa29bc0864,
+        0xba8bbebb5891af4e, 0xf4720b0273bb26a6, 0xdd1779f46dbafa31, 0x6ece32797c354863,
+        0x7fcde21f4c64cc5f, 0x2206bdcc60a21578, 0x75383023a7176f47, 0xf3b75810bfb12d59
+    },
+    {
+        0x03d0663051843c11, 0xbfe91d3fdfeaf98b, 0xf80e9b3beef5fc41, 0xe5ad26f6af3045fa,
+        0x5a443bc970dabc71, 0x7b012de3119d1283, 0x82b494c83b14facd, 0x750dec03dd4fcad9,
+        0x090a2f90aabbb477, 0xb6e332af75514dfc, 0xadfd430296818c65, 0xfd63316b1d64b872,
+        0x3d5d89f7e4fe0346, 0xd7474cf143608ae9, 0x7e6c87b3e20c56b0, 0x601f5c4ef24dd31a,
+        0x40e16874577669e7, 0x4437e034609b39db, 0xe7c662d63ac86de4, 0xaf9607220379a47b,
+        0xea1ac506a79e89af, 0xd8f0af014bce46bc, 0x7fd7a5a3267042bf, 0x9f1729057ad14376,
+        0x1c189fdd85b9adb4, 0x87d93e98c885befe, 0x57989c19ed8c583a, 0xa4f76c923c3a3812,
+        0x2a247d9a5e04329b, 0xc03eb89cf99abb34, 0xf6025adb2227241b, 0xa890e9526510c856,
+        0x06bdcc60a2157822, 0xc73856ec9ff3d719, 0xcae4f13c02a53352, 0xd6fc6ee1871c9ee6,
+        0xf0bf96bb80325c39, 0x13af7c2d8d1761e1, 0x3be0459746eb7b64, 0x99aae565d8c43b54,
+        0x95cd60a581eecb10, 0x68ae51ce9c8a7362, 0xcde21f4c64cc5f7f, 0xdc2627417c231680,
+        0x428a2c54c28e41f9, 0x76dd8a338ccbf6c8, 0xb8eff34fb98395a6, 0xa69c28b2a9c2100c,
+        0x08b10d806ec7a078, 0xc55312cc0a0bff07, 0x886edd68c02b72ab, 0xdd9d0551b85f028f,
+        0x1e73dbfd104185aa, 0x911be8e5b6039b2c, 0x30812e2779a8e70d, 0x3a5b678782976f6b,
+        0x20fe343aa53bbafd, 0xb954d15f7dff81a9, 0x9a7a835589400745, 0x1fc8f9edd43d91a5,
+        0x0e0cc1e0ccd2d85a, 0xbb3f957fe807a9b7, 0xc3eedeaca81e8725, 0x66a2902e5058ab38,
+        0xff08754b889c906c, 0xfeb3575b4ce08463, 0x107f1a1ddc935df0, 0x25939e6a56aafece,
+        0xa92bcb42a16cdc59, 0x32ea6a07ec50cf13, 0x947642b54592df1f, 0x1779f46dbafa31dd,
+        0x5623be0929f04c35, 0xf2d4d29b15ca7427, 0x59945df9215e8060, 0x9370acc523fbb332,
+        0xb05efecfd74435de, 0x71db6443eaa29ae5, 0xe2abc886c95929d7, 0x458cc224a4e72dd4,
+        0xce32797c3548636e, 0x1aa553bd27acd596, 0x4a3b21d4ac49e181, 0x284f39bacbfc1a85,
+        0xd94b8d118fb252b3, 0xb235baef42bc1dc0, 0x2643f85a072ec2df, 0x8bbebb5891af4eba,
+        0x89d5ff78045766a4, 0xeecc4d469073d993, 0x0b616bb03f439c69, 0xe41604e66b4c51f5,
+        0x16c2d67d7e8625d2, 0x6c78d98eab67235e, 0x9d7c6d25ef296b68, 0x64c9d40ec5a08326,
+        0x2ef2f5da69e962a7, 0xfa65df1b7b0dd45f, 0x12145e3d496b75ee, 0xfcd8137bd918ac7d,
+        0x52f536491e1d1c09, 0xe67d40c6feb479eb, 0x2145162a6147aef2, 0x29f41baa0f800e8a,
+        0x0000000000000000, 0x840958a8990182ef, 0xc88fb51c975d1b4c, 0xc68374fc5b8fc316,
+        0x5d42d5b916b3d05c, 0x7dbce183b3886aa1, 0x512550794f992018, 0xe17baeb698dd15c6,
+        0x43310e4406f255f6, 0x6dc3fb9e6f1b3751, 0x86621c880cf9aaf1, 0xbc397b0f8e6ec59a,
+        0x415a4a64930a7de8, 0x04d6884037ed503c, 0xe9caa336f61ab5be, 0x0ada49a0fb3f8866,
+        0x55f3d83978747024, 0x3ce6abe720821749, 0xf5d23ceb73a3180a, 0xa24aa0f29e2f4030,
+        0x582f7fe9e522946f, 0x7aba0ff3d5e1068c, 0x313a0c37bdd4f302, 0x3787c0571fc18b20,
+        0x5cf9f7a9d2cfc453, 0xbe523f2f1b96ed84, 0x85b27ab85d7d96e0, 0x0706ee7066696c2d,
+        0x961d0695d06af701, 0x1b1e71ade3d0c199, 0xc255fcbc6c62932a, 0x398b01b7d313537a,
+        0xcc593d5ca0b04b70, 0x5f299199834bf842, 0x80dfd0e8aeecd2d3, 0x9eac0b15bead5779,
+        0xef776f56540fcd9c, 0x2f49d7caad9576a8, 0x2c99b1fafc114ab9, 0x8d03773833ba3698,
+        0x720b0273bb26a6f4, 0x18ce179db254fd88, 0x8f683318a6421e86, 0x4f568b845fd8a5b2,
+        0x8ed31108623e0a89, 0xd22ae6a1b0f1ceda, 0x74b6ce131933ded6, 0x97a624851416e30e,
+        0x6e139dae3e9f0b40, 0xa7270aa26dbe0403, 0x5448fa29bc08642b, 0xe310ea960d253dd8,
+        0x706046532ede8eea, 0x485065f439b1c99f, 0x6b7e37fecd0e4f73, 0xfbdefd0bbf71c050,
+        0xd391c4b1748ddad5, 0xa021e4d20bd7682e, 0xab408f623494f447, 0x5bff19d9b4a6a87e,
+        0xb1e5dcdf133821d1, 0x026b442095f8281e, 0xdff641712da72a91, 0x11c4380d18ef49ff,
+        0xae2d2532c705b074, 0xc1859a8c3de6af3b, 0x4b8003c46835f58e, 0x92cb8ed5e787a73d,
+        0xcb5fd32cc6d9275d, 0x8cb85528f7c62297, 0x9bc1a1454d3c134a, 0x056daa50f3914433,
+        0xf4691efbb7df0c05, 0xd1fa8091e175f2cb, 0x7c07c39377f47eae, 0x14a9925deb7e0dcc,
+        0xcf895b6cf1347761, 0x0fb7e3f008aecc55, 0x8a05994855d35ab5, 0xf104b4ab444e4836,
+        0x691573de58f6676d, 0x4eeda9949ba4b1bd, 0x2428bc7a92d6eac1, 0xb75810bfb12d59f3,
+        0x63cf3a7ea3c9ef0b, 0x6274186e67b5fb04, 0x1512b04d2f0219c3, 0xe87181263266a1b1,
+        0x1975358d7628e987, 0x534e1459da610806, 0x47e78604311f05ca, 0xd4972ac112e4b6f8,
+        0x33514817282cdb1c, 0x90a0caf5727f8f23, 0x3e8defc7b57a3f57, 0x3f36cdd771062b58,
+        0x796a69c384653a9d, 0x465ca414f56311c5, 0x5e92b3894737ec4d, 0x9811c7751cb82f5b,
+        0xd041a2812509e6c4, 0x49eb47e4fdcddd90, 0x78d14bd340192e92, 0xf9b5b92b2a89e84e,
+        0x61a47e5e3631c715, 0x509e72698be53417, 0xb533549f24d571ed, 0x27f8da4ac352d6d0,
+        0x6572f61e01dc9729, 0xde4d6361e9db3e9e, 0x3457a6674e45b731, 0xa54c4e82f8462c1d,
+        0xbd82591f4a12d195, 0x830fb6d8ff68eec2, 0x383023a7176f4775, 0x7766a82348b7e2c7,
+        0x0c6785c0592af044, 0xba84b76f2c7bbdb8, 0xe0c08ca65ca101c9, 0xeba1e71663e29da0,
+        0xd52c08d1d698a2f7, 0xc4e830dcce77eb08, 0xda9beb21de366ea2, 0xa3f182e25a53543f,
+        0xac46611252fd986a, 0xb38e98ff86c009cf, 0xf36ff08bd1b66028, 0xdb20c9311a4a7aad,
+        0xa19ac6c2cfab7c21, 0x6ac515ee09725b7c, 0x4c86edb40e5c99a3, 0x363ce247dbbd9f2f,
+        0x8164f2f86a90c6dc, 0x35ec84778a39a33e, 0xb488768fe0a965e2, 0x73b020637f5ab2fb,
+        0x232e520af4bf86ec, 0x6fa8bfbefae31f4f, 0xeca70966058bf18d, 0x1da3bdcd41c5b9bb,
+        0x9cc74f352b557f67, 0x4d3dcfa4ca208dac, 0x2b9f5f8a9a782694, 0xaafbad72f0e8e048,
+        0xc934970c53210f43, 0xed1c2b76c1f7e582, 0x01bb2210c47c140f, 0x0ddca7d09d56e44b,
+        0x2d2293ea386d5eb6, 0xf7b978cbe65b3014, 0x6719b23e9424bf37, 0x2295701a30c392e3
+    },
+    {
+        0x9f5f8a9a7826942b, 0x34970c53210f43c9, 0x9d0551b85f028fdd, 0xb494c83b14facd82,
+        0x6edd68c02b72ab88, 0xff19d9b4a6a87e5b, 0xdb6443eaa29ae571, 0x1be8e5b6039b2c91,
+        0x5fd32cc6d9275dcb, 0x90e9526510c856a8, 0xb27ab85d7d96e085, 0xa47e5e3631c71561,
+        0xf3d8397874702455, 0xfbad72f0e8e048aa, 0x37e034609b39db44, 0xfa8091e175f2cbd1,
+        0xcaa336f61ab5bee9, 0xeff34fb98395a6b8, 0x63316b1d64b872fd, 0xba0ff3d5e1068c7a,
+        0xcd60a581eecb1095, 0x35baef42bc1dc0b2, 0x23be0929f04c3556, 0x4b8d118fb252b3d9,
+        0xd8137bd918ac7dfc, 0x0a2f90aabbb47709, 0xc2d67d7e8625d216, 0x7181263266a1b1e8,
+        0x3023a7176f477538, 0x7642b54592df1f94, 0xf2f5da69e962a72e, 0xa70966058bf18dec,
+        0xc662d63ac86de4e7, 0x939e6a56aafece25, 0x86edb40e5c99a34c, 0xf8da4ac352d6d027,
+        0x145e3d496b75ee12, 0xce179db254fd8818, 0xd23ceb73a3180af5, 0x270aa26dbe0403a7,
+        0x5d89f7e4fe03463d, 0x2ae6a1b0f1cedad2, 0x1729057ad143769f, 0xb10d806ec7a07808,
+        0x4f39bacbfc1a8528, 0xeda9949ba4b1bd4e, 0x5312cc0a0bff07c5, 0xc4380d18ef49ff11,
+        0x95701a30c392e322, 0xa0caf5727f8f2390, 0x55fcbc6c62932ac2, 0xcf3a7ea3c9ef0b63,
+        0x621c880cf9aaf186, 0xfd430296818c65ad, 0xbf96bb80325c39f0, 0x6c87b3e20c56b07e,
+        0x299199834bf8425f, 0x74186e67b5fb0462, 0x4c4e82f8462c1da5, 0x64f2f86a90c6dc81,
+        0x6b442095f8281e02, 0x1d0695d06af70196, 0xd5ff78045766a489, 0x3856ec9ff3d719c7,
+        0xac0b15bead57799e, 0xc3fb9e6f1b37516d, 0x8e98ff86c009cfb3, 0x49d7caad9576a82f,
+        0x859a8c3de6af3bc1, 0x3dcfa4ca208dac4d, 0x91c4b1748ddad5d3, 0x8a2c54c28e41f942,
+        0x2bcb42a16cdc59a9, 0x9e72698be5341750, 0x1e71ade3d0c1991b, 0xe6abe7208217493c,
+        0x3a0c37bdd4f30231, 0x945df9215e806059, 0xcc4d469073d993ee, 0x0e9b3beef5fc41f8,
+        0x8b01b7d313537a39, 0xf182e25a53543fa3, 0x5810bfb12d59f3b7, 0x8003c46835f58e4b,
+        0xbce183b3886aa17d, 0x1604e66b4c51f5e4, 0x2c08d1d698a2f7d5, 0xc08ca65ca101c9e0,
+        0x7a8355894007459a, 0xe21f4c64cc5f7fcd, 0x88768fe0a965e2b4, 0x82591f4a12d195bd,
+        0x4aa0f29e2f4030a2, 0xdca7d09d56e44b0d, 0x6daa50f391443305, 0x92b3894737ec4d5e,
+        0xa8bfbefae31f4f6f, 0xea6a07ec50cf1332, 0x2293ea386d5eb62d, 0x41a2812509e6c4d0,
+        0x8374fc5b8fc316c6, 0x683318a6421e868f, 0xb3575b4ce08463fe, 0xe5dcdf133821d1b1,
+        0xd6884037ed503c04, 0x05994855d35ab58a, 0x5b678782976f6b3a, 0x397b0f8e6ec59abc,
+        0xabc886c95929d7e2, 0xe4f13c02a53352ca, 0xb5b92b2a89e84ef9, 0xaf7c2d8d1761e113,
+        0x75358d7628e98719, 0x72f61e01dc972965, 0x78d98eab67235e6c, 0xc8f9edd43d91a51f,
+        0x0fb6d8ff68eec283, 0x70acc523fbb33293, 0x36cdd771062b583f, 0xbdcc60a215782206,
+        0xa624851416e30e97, 0x9607220379a47baf, 0x1c2b76c1f7e582ed, 0x6046532ede8eea70,
+        0xbebb5891af4eba8b, 0x48fa29bc08642b54, 0x19b23e9424bf3767, 0x2627417c231680dc,
+        0x65df1b7b0dd45ffa, 0xf536491e1d1c0952, 0x54d15f7dff81a9b9, 0x2550794f99201851,
+        0xdefd0bbf71c050fb, 0x87c0571fc18b2037, 0x10ea960d253dd8e3, 0xe0459746eb7b643b,
+        0x12b04d2f0219c315, 0xaae565d8c43b5499, 0xe91d3fdfeaf98bbf, 0xf76c923c3a3812a4,
+        0x1f5c4ef24dd31a60, 0x812e2779a8e70d30, 0xf41baa0f800e8a29, 0xfc6ee1871c9ee6d6,
+        0x8fb51c975d1b4cc8, 0x4e1459da61080653, 0x310e4406f255f643, 0x0cc1e0ccd2d85a0e,
+        0x0958a8990182ef84, 0xa9925deb7e0dcc14, 0x6a69c384653a9d79, 0x04b4ab444e4836f1,
+        0x0dec03dd4fcad975, 0xeb47e4fdcddd9049, 0x7e37fecd0e4f736b, 0x73dbfd104185aa1e,
+        0xc515ee09725b7c6a, 0xae51ce9c8a736268, 0xa3bdcd41c5b9bb1d, 0x84b76f2c7bbdb8ba,
+        0x443bc970dabc715a, 0xa1e71663e29da0eb, 0x7f1a1ddc935df010, 0x474cf143608ae9d7,
+        0x33549f24d571edb5, 0xc9d40ec5a0832664, 0x46611252fd986aac, 0x5efecfd74435deb0,
+        0x0000000000000000, 0x514817282cdb1c33, 0x408f623494f447ab, 0x57a6674e45b73134,
+        0x11c7751cb82f5b98, 0x989c19ed8c583a57, 0x7baeb698dd15c6e1, 0x06ee7066696c2d07,
+        0xda49a0fb3f88660a, 0x07c39377f47eae7c, 0x2d2532c705b074ae, 0x42d5b916b3d05c5d,
+        0xec84778a39a33e35, 0x776f56540fcd9cef, 0xa553bd27acd5961a, 0xb978cbe65b3014f7,
+        0x895b6cf1347761cf, 0xb85528f7c622978c, 0x66a82348b7e2c777, 0xe830dcce77eb08c4,
+        0x189fdd85b9adb41c, 0x99b1fafc114ab92c, 0x0b0273bb26a6f472, 0xeedeaca81e8725c3,
+        0x6785c0592af0440c, 0x247d9a5e04329b2a, 0x21e4d20bd7682ea0, 0xbb2210c47c140f01,
+        0x523f2f1b96ed84be, 0xd4d29b15ca7427f2, 0x45162a6147aef221, 0xf641712da72a91df,
+        0xb020637f5ab2fb73, 0xdd8a338ccbf6c876, 0x5ca414f56311c546, 0x3f957fe807a9b7bb,
+        0x8cc224a4e72dd445, 0x012de3119d12837b, 0xd0663051843c1103, 0x5a4a64930a7de841,
+        0x28bc7a92d6eac124, 0x08754b889c906cff, 0xd7a5a3267042bf7f, 0x3ce247dbbd9f2f36,
+        0x6ff08bd1b66028f3, 0xd14bd340192e9278, 0x139dae3e9f0b406e, 0xe78604311f05ca47,
+        0xd93e98c885befe87, 0x616bb03f439c690b, 0x03773833ba36988d, 0xcb8ed5e787a73d92,
+        0xb7e3f008aecc550f, 0x9c28b2a9c2100ca6, 0x3eb89cf99abb34c0, 0x3b21d4ac49e1814a,
+        0xdfd0e8aeecd2d380, 0x7c6d25ef296b689d, 0xc1a1454d3c134a9b, 0xf9f7a9d2cfc4535c,
+        0xc74f352b557f679c, 0x7d40c6feb479ebe6, 0x1573de58f6676d69, 0x1ac506a79e89afea,
+        0x568b845fd8a5b24f, 0x32797c3548636ece, 0x691efbb7df0c05f4, 0x972ac112e4b6f8d4,
+        0x79f46dbafa31dd17, 0x2e520af4bf86ec23, 0xd31108623e0a898e, 0x8defc7b57a3f573e,
+        0x025adb2227241bf6, 0xa2902e5058ab3866, 0xfe343aa53bbafd20, 0xad26f6af3045fae5,
+        0x43f85a072ec2df26, 0x2f7fe9e522946f58, 0x9beb21de366ea2da, 0x20c9311a4a7aaddb,
+        0x5065f439b1c99f48, 0x593d5ca0b04b70cc, 0x9ac6c2cfab7c21a1, 0xb6ce131933ded674,
+        0xf0af014bce46bcd8, 0x4d6361e9db3e9ede, 0xe16874577669e740, 0xe332af75514dfcb6
+    },
+    {
+        0xbfbefae31f4f6fa8, 0x85c0592af0440c67, 0xbaef42bc1dc0b235, 0x5528f7c622978cb8,
+        0xe6a1b0f1cedad22a, 0x3ceb73a3180af5d2, 0x7fe9e522946f582f, 0xa7d09d56e44b0ddc,
+        0x754b889c906cff08, 0xe247dbbd9f2f363c, 0x81263266a1b1e871, 0xdcdf133821d1b1e5,
+        0xf46dbafa31dd1779, 0x3d5ca0b04b70cc59, 0x56ec9ff3d719c738, 0xdeaca81e8725c3ee,
+        0x549f24d571edb533, 0x2de3119d12837b01, 0xea960d253dd8e310, 0xc886c95929d7e2ab,
+        0x2f90aabbb477090a, 0x26f6af3045fae5ad, 0x6ee1871c9ee6d6fc, 0x3e98c885befe87d9,
+        0x24851416e30e97a6, 0xda4ac352d6d027f8, 0xe3f008aecc550fb7, 0x994855d35ab58a05,
+        0x5df9215e80605994, 0x58a8990182ef8409, 0xb1fafc114ab92c99, 0x442095f8281e026b,
+        0xf5da69e962a72ef2, 0xc0571fc18b203787, 0x37fecd0e4f736b7e, 0x902e5058ab3866a2,
+        0xeb21de366ea2da9b, 0x8f623494f447ab40, 0xd98eab67235e6c78, 0xa414f56311c5465c,
+        0x5c4ef24dd31a601f, 0x08d1d698a2f7d52c, 0xdbfd104185aa1e73, 0xcb42a16cdc59a92b,
+        0x10bfb12d59f3b758, 0xa82348b7e2c77766, 0xbdcd41c5b9bb1da3, 0x7ab85d7d96e085b2,
+        0xedb40e5c99a34c86, 0xff78045766a489d5, 0xf34fb98395a6b8ef, 0x4f352b557f679cc7,
+        0x4a64930a7de8415a, 0xe8e5b6039b2c911b, 0xb4ab444e4836f104, 0x4817282cdb1c3351,
+        0xaeb698dd15c6e17b, 0x3f2f1b96ed84be52, 0x21d4ac49e1814a3b, 0x884037ed503c04d6,
+        0xbe0929f04c355623, 0xe565d8c43b5499aa, 0x1108623e0a898ed3, 0x2532c705b074ae2d,
+        0x0551b85f028fdd9d, 0x03c46835f58e4b80, 0xf13c02a53352cae4, 0xee7066696c2d0706,
+        0xc6c2cfab7c21a19a, 0xb04d2f0219c31512, 0x0273bb26a6f4720b, 0x8604311f05ca47e7,
+        0xaf014bce46bcd8f0, 0x3318a6421e868f68, 0x96bb80325c39f0bf, 0x40c6feb479ebe67d,
+        0x12cc0a0bff07c553, 0x162a6147aef22145, 0x71ade3d0c1991b1e, 0xce131933ded674b6,
+        0xc9311a4a7aaddb20, 0x32af75514dfcb6e3, 0x62d63ac86de4e7c6, 0xb23e9424bf376719,
+        0x8355894007459a7a, 0x137bd918ac7dfcd8, 0x42b54592df1f9476, 0xabe7208217493ce6,
+        0x9b3beef5fc41f80e, 0x2e2779a8e70d3081, 0x4d469073d993eecc, 0x768fe0a965e2b488,
+        0xd0e8aeecd2d380df, 0xa2812509e6c4d041, 0x0ff3d5e1068c7aba, 0x04e66b4c51f5e416,
+        0x2c54c28e41f9428a, 0x01b7d313537a398b, 0xcc60a215782206bd, 0xc506a79e89afea1a,
+        0x4cf143608ae9d747, 0x8a338ccbf6c876dd, 0x29057ad143769f17, 0xcfa4ca208dac4d3d,
+        0xa6674e45b7313457, 0x50794f9920185125, 0xb89cf99abb34c03e, 0x343aa53bbafd20fe,
+        0x89f7e4fe03463d5d, 0xa5a3267042bf7fd7, 0xefc7b57a3f573e8d, 0x9fdd85b9adb41c18,
+        0xec03dd4fcad9750d, 0x970c53210f43c934, 0xc7751cb82f5b9811, 0xc1e0ccd2d85a0e0c,
+        0xad72f0e8e048aafb, 0x0966058bf18deca7, 0x47e4fdcddd9049eb, 0x19d9b4a6a87e5bff,
+        0x1a1ddc935df0107f, 0x591f4a12d195bd82, 0x1efbb7df0c05f469, 0x575b4ce08463feb3,
+        0x0e4406f255f64331, 0x2ac112e4b6f8d497, 0xa0f29e2f4030a24a, 0x179db254fd8818ce,
+        0x663051843c1103d0, 0xe4d20bd7682ea021, 0xd15f7dff81a9b954, 0xd32cc6d9275dcb5f,
+        0x94c83b14facd82b4, 0xaa50f3914433056d, 0x358d7628e9871975, 0xbc7a92d6eac12428,
+        0x39bacbfc1a85284f, 0x9199834bf8425f29, 0x73de58f6676d6915, 0xd5b916b3d05c5d42,
+        0x46532ede8eea7060, 0x186e67b5fb046274, 0xa1454d3c134a9bc1, 0x0b15bead57799eac,
+        0x5adb2227241bf602, 0xdd68c02b72ab886e, 0x6443eaa29ae571db, 0xfd0bbf71c050fbde,
+        0x8b845fd8a5b24f56, 0xb92b2a89e84ef9b5, 0x678782976f6b3a5b, 0xf2f86a90c6dc8164,
+        0xc39377f47eae7c07, 0x93ea386d5eb62d22, 0x430296818c65adfd, 0xc224a4e72dd4458c,
+        0x9e6a56aafece2593, 0x6f56540fcd9cef77, 0x84778a39a33e35ec, 0xf85a072ec2df2643,
+        0x3bc970dabc715a44, 0x0d806ec7a07808b1, 0x773833ba36988d03, 0x27417c231680dc26,
+        0x60a581eecb1095cd, 0xb76f2c7bbdb8ba84, 0xd8397874702455f3, 0xfecfd74435deb05e,
+        0xcaf5727f8f2390a0, 0xa9949ba4b1bd4eed, 0xe034609b39db4437, 0x2b76c1f7e582ed1c,
+        0xf7a9d2cfc4535cf9, 0x20637f5ab2fb73b0, 0x9c19ed8c583a5798, 0xd67d7e8625d216c2,
+        0x1459da610806534e, 0x6d25ef296b689d7c, 0x925deb7e0dcc14a9, 0x65f439b1c99f4850,
+        0x957fe807a9b7bb3f, 0x41712da72a91dff6, 0x36491e1d1c0952f5, 0x5e3d496b75ee1214,
+        0x1d3fdfeaf98bbfe9, 0x701a30c392e32295, 0x6361e9db3e9ede4d, 0xd7caad9576a82f49,
+        0xe71663e29da0eba1, 0x98ff86c009cfb38e, 0x6bb03f439c690b61, 0xc4b1748ddad5d391,
+        0x6c923c3a3812a4f7, 0x1f4c64cc5f7fcde2, 0xe183b3886aa17dbc, 0xb6d8ff68eec2830f,
+        0x51ce9c8a736268ae, 0x07220379a47baf96, 0x82e25a53543fa3f1, 0xbb5891af4eba8bbe,
+        0x4bd340192e9278d1, 0x6874577669e740e1, 0xfb9e6f1b37516dc3, 0xacc523fbb3329370,
+        0x69c384653a9d796a, 0x5b6cf1347761cf89, 0x0000000000000000, 0x49a0fb3f88660ada,
+        0xa336f61ab5bee9ca, 0x15ee09725b7c6ac5, 0x8d118fb252b3d94b, 0x7d9a5e04329b2a24,
+        0x1baa0f800e8a29f4, 0xfa29bc08642b5448, 0x459746eb7b643be0, 0xdf1b7b0dd45ffa65,
+        0x30dcce77eb08c4e8, 0x8091e175f2cbd1fa, 0x0c37bdd4f302313a, 0xf9edd43d91a51fc8,
+        0x3a7ea3c9ef0b63cf, 0x74fc5b8fc316c683, 0x8ca65ca101c9e0c0, 0x72698be53417509e,
+        0x23a7176f47753830, 0x797c3548636ece32, 0xb51c975d1b4cc88f, 0x2210c47c140f01bb,
+        0xd29b15ca7427f2d4, 0x8ed5e787a73d92cb, 0x7e5e3631c71561a4, 0x1c880cf9aaf18662,
+        0xf08bd1b66028f36f, 0xf61e01dc97296572, 0x7b0f8e6ec59abc39, 0xb3894737ec4d5e92,
+        0x316b1d64b872fd63, 0x9a8c3de6af3bc185, 0x0aa26dbe0403a727, 0x5f8a9a7826942b9f,
+        0x520af4bf86ec232e, 0x380d18ef49ff11c4, 0x0695d06af701961d, 0x87b3e20c56b07e6c,
+        0x53bd27acd5961aa5, 0x7c2d8d1761e113af, 0x28b2a9c2100ca69c, 0x6a07ec50cf1332ea,
+        0xe9526510c856a890, 0xcdd771062b583f36, 0xfcbc6c62932ac255, 0x9dae3e9f0b406e13,
+        0xd40ec5a0832664c9, 0x78cbe65b3014f7b9, 0x4e82f8462c1da54c, 0x611252fd986aac46
+    },
+    {
+        0x352b557f679cc74f, 0x3e9424bf376719b2, 0x5deb7e0dcc14a992, 0xb3e20c56b07e6c87,
+            0x83b3886aa17dbce1, 0x3d496b75ee12145e, 0xae3e9f0b406e139d, 0x8a9a7826942b9f5f,
+        0x845fd8a5b24f568b, 0x5a072ec2df2643f8, 0xf3d5e1068c7aba0f, 0x7ea3c9ef0b63cf3a,
+        0x923c3a3812a4f76c, 0x3fdfeaf98bbfe91d, 0xd340192e9278d14b, 0x04311f05ca47e786,
+        0xcc0a0bff07c55312, 0xff86c009cfb38e98, 0xade3d0c1991b1e71, 0xfc5b8fc316c68374,
+        0xbb80325c39f0bf96, 0xd5e787a73d92cb8e, 0xa4ca208dac4d3dcf, 0xf6af3045fae5ad26,
+        0x5b4ce08463feb357, 0x8bd1b66028f36ff0, 0xb698dd15c6e17bae, 0x2f1b96ed84be523f,
+        0x4037ed503c04d688, 0x6a56aafece25939e, 0xb40e5c99a34c86ed, 0xc6feb479ebe67d40,
+        0x9b15ca7427f2d4d2, 0xde58f6676d691573, 0xc523fbb3329370ac, 0xe5b6039b2c911be8,
+        0x8d7628e987197535, 0xf008aecc550fb7e3, 0xd9b4a6a87e5bff19, 0xc112e4b6f8d4972a,
+        0xdf133821d1b1e5dc, 0xaf75514dfcb6e332, 0x2095f8281e026b44, 0xb54592df1f947642,
+        0x8eab67235e6c78d9, 0x698be53417509e72, 0xbc6c62932ac255fc, 0x1f4a12d195bd8259,
+        0x15bead57799eac0b, 0x1ddc935df0107f1a, 0x131933ded674b6ce, 0xe66b4c51f5e41604,
+        0x9db254fd8818ce17, 0xa26dbe0403a7270a, 0x17282cdb1c335148, 0x47dbbd9f2f363ce2,
+        0xda69e962a72ef2f5, 0x469073d993eecc4d, 0xfafc114ab92c99b1, 0x90aabbb477090a2f,
+        0xb2a9c2100ca69c28, 0xa65ca101c9e0c08c, 0xd09d56e44b0ddca7, 0x3833ba36988d0377,
+        0x59da610806534e14, 0x19ed8c583a57989c, 0x491e1d1c0952f536, 0xeb73a3180af5d23c,
+        0x2779a8e70d30812e, 0x86c95929d7e2abc8, 0xedd43d91a51fc8f9, 0xb03f439c690b616b,
+        0x9e6f1b37516dc3fb, 0x78045766a489d5ff, 0x3c02a53352cae4f1, 0x1c975d1b4cc88fb5,
+        0x55894007459a7a83, 0xc384653a9d796a69, 0x674e45b7313457a6, 0x454d3c134a9bc1a1,
+        0xce9c8a736268ae51, 0x98c885befe87d93e, 0x0d18ef49ff11c438, 0x66058bf18deca709,
+        0xcfd74435deb05efe, 0x4ac352d6d027f8da, 0x880cf9aaf186621c, 0x0c53210f43c93497,
+        0x36f61ab5bee9caa3, 0x526510c856a890e9, 0x64930a7de8415a4a, 0x1a30c392e3229570,
+        0x778a39a33e35ec84, 0xbefae31f4f6fa8bf, 0x2cc6d9275dcb5fd3, 0xf439b1c99f485065,
+        0xa581eecb1095cd60, 0x28f7c622978cb855, 0x220379a47baf9607, 0x7d7e8625d216c2d6,
+        0xd63ac86de4e7c662, 0xea386d5eb62d2293, 0xaa0f800e8a29f41b, 0x1b7b0dd45ffa65df,
+        0x6cf1347761cf895b, 0x4fb98395a6b8eff3, 0xd4ac49e1814a3b21, 0x311a4a7aaddb20c9,
+        0x32c705b074ae2d25, 0xf29e2f4030a24aa0, 0x712da72a91dff641, 0xe4fdcddd9049eb47,
+        0xe7208217493ce6ab, 0xab444e4836f104b4, 0x2a6147aef2214516, 0xb916b3d05c5d42d5,
+        0xd1d698a2f7d52c08, 0xb7d313537a398b01, 0x4b889c906cff0875, 0xcbe65b3014f7b978,
+        0x812509e6c4d041a2, 0xb85d7d96e085b27a, 0xef42bc1dc0b235ba, 0x18a6421e868f6833,
+        0x532ede8eea706046, 0x2b2a89e84ef9b5b9, 0xf86a90c6dc8164f2, 0x397874702455f3d8,
+        0x65d8c43b5499aae5, 0x42a16cdc59a92bcb, 0x5f7dff81a9b954d1, 0x9377f47eae7c07c3,
+        0x95d06af701961d06, 0x34609b39db4437e0, 0x8c3de6af3bc1859a, 0xfd104185aa1e73db,
+        0x7bd918ac7dfcd813, 0x417c231680dc2627, 0x03dd4fcad9750dec, 0x14f56311c5465ca4,
+        0x571fc18b203787c0, 0xb1748ddad5d391c4, 0xd8ff68eec2830fb6, 0x014bce46bcd8f0af,
+        0x1663e29da0eba1e7, 0x637f5ab2fb73b020, 0xee09725b7c6ac515, 0x0000000000000000,
+        0x338ccbf6c876dd8a, 0x56540fcd9cef776f, 0x623494f447ab408f, 0x91e175f2cbd1fa80,
+        0x0f8e6ec59abc397b, 0x4855d35ab58a0599, 0x894737ec4d5e92b3, 0xbd27acd5961aa553,
+        0x4d2f0219c31512b0, 0xe1871c9ee6d6fc6e, 0x8fe0a965e2b48876, 0x118fb252b3d94b8d,
+        0xc0592af0440c6785, 0xaca81e8725c3eede, 0xd771062b583f36cd, 0x7066696c2d0706ee,
+        0x99834bf8425f2991, 0x3aa53bbafd20fe34, 0x4406f255f643310e, 0xa1b0f1cedad22ae6,
+        0x82f8462c1da54c4e, 0x0929f04c355623be, 0x057ad143769f1729, 0x949ba4b1bd4eeda9,
+        0x960d253dd8e310ea, 0xfecd0e4f736b7e37, 0x0296818c65adfd43, 0x6f2c7bbdb8ba84b7,
+        0x9a5e04329b2a247d, 0x2348b7e2c77766a8, 0xdcce77eb08c4e830, 0x851416e30e97a624,
+        0x08623e0a898ed311, 0x43eaa29ae571db64, 0xc7b57a3f573e8def, 0xc2cfab7c21a19ac6,
+        0x5ca0b04b70cc593d, 0x0ec5a0832664c9d4, 0x1e01dc97296572f6, 0xbacbfc1a85284f39,
+        0xc970dabc715a443b, 0xa8990182ef840958, 0xc83b14facd82b494, 0x72f0e8e048aafbad,
+        0xf143608ae9d7474c, 0xf5727f8f2390a0ca, 0x7fe807a9b7bb3f95, 0x76c1f7e582ed1c2b,
+        0xcd41c5b9bb1da3bd, 0x6b1d64b872fd6331, 0x806ec7a07808b10d, 0xe3119d12837b012d,
+        0x25ef296b689d7c6d, 0x37bdd4f302313a0c, 0x3051843c1103d066, 0x68c02b72ab886edd,
+        0x8782976f6b3a5b67, 0x2d8d1761e113af7c, 0x1252fd986aac4661, 0x0bbf71c050fbdefd,
+        0xd20bd7682ea021e4, 0xe0ccd2d85a0e0cc1, 0x9cf99abb34c03eb8, 0xdd85b9adb41c189f,
+        0x61e9db3e9ede4d63, 0x06a79e89afea1ac5, 0xf7e4fe03463d5d89, 0x794f992018512550,
+        0x3beef5fc41f80e9b, 0xcaad9576a82f49d7, 0x10c47c140f01bb22, 0x0af4bf86ec232e52,
+        0xdb2227241bf6025a, 0x21de366ea2da9beb, 0x9f24d571edb53354, 0x9746eb7b643be045,
+        0xa3267042bf7fd7a5, 0x6e67b5fb04627418, 0xc46835f58e4b8003, 0x07ec50cf1332ea6a,
+        0xe8aeecd2d380dfd0, 0xe9e522946f582f7f, 0x54c28e41f9428a2c, 0xe25a53543fa3f182,
+        0xa9d2cfc4535cf9f7, 0xa0fb3f88660ada49, 0x50f3914433056daa, 0x51b85f028fdd9d05,
+        0xec9ff3d719c73856, 0x263266a1b1e87181, 0x5e3631c71561a47e, 0x24a4e72dd4458cc2,
+        0x74577669e740e168, 0x7a92d6eac12428bc, 0x2e5058ab3866a290, 0x4ef24dd31a601f5c,
+        0xf9215e806059945d, 0xfbb7df0c05f4691e, 0x751cb82f5b9811c7, 0x29bc08642b5448fa,
+        0x5891af4eba8bbebb, 0x73bb26a6f4720b02, 0x6dbafa31dd1779f4, 0x7c3548636ece3279,
+        0x4c64cc5f7fcde21f, 0x60a215782206bdcc, 0xa7176f4775383023, 0xbfb12d59f3b75810
+    },
+    {
+        0x51843c1103d06630, 0xdfeaf98bbfe91d3f, 0xeef5fc41f80e9b3b, 0xaf3045fae5ad26f6,
+            0x70dabc715a443bc9, 0x119d12837b012de3, 0x3b14facd82b494c8, 0xdd4fcad9750dec03,
+        0xaabbb477090a2f90, 0x75514dfcb6e332af, 0x96818c65adfd4302, 0x1d64b872fd63316b,
+        0xe4fe03463d5d89f7, 0x43608ae9d7474cf1, 0xe20c56b07e6c87b3, 0xf24dd31a601f5c4e,
+        0x577669e740e16874, 0x609b39db4437e034, 0x3ac86de4e7c662d6, 0x0379a47baf960722,
+        0xa79e89afea1ac506, 0x4bce46bcd8f0af01, 0x267042bf7fd7a5a3, 0x7ad143769f172905,
+        0x85b9adb41c189fdd, 0xc885befe87d93e98, 0xed8c583a57989c19, 0x3c3a3812a4f76c92,
+        0x5e04329b2a247d9a, 0xf99abb34c03eb89c, 0x2227241bf6025adb, 0x6510c856a890e952,
+        0xa215782206bdcc60, 0x9ff3d719c73856ec, 0x02a53352cae4f13c, 0x871c9ee6d6fc6ee1,
+        0x80325c39f0bf96bb, 0x8d1761e113af7c2d, 0x46eb7b643be04597, 0xd8c43b5499aae565,
+        0x81eecb1095cd60a5, 0x9c8a736268ae51ce, 0x64cc5f7fcde21f4c, 0x7c231680dc262741,
+        0xc28e41f9428a2c54, 0x8ccbf6c876dd8a33, 0xb98395a6b8eff34f, 0xa9c2100ca69c28b2,
+        0x6ec7a07808b10d80, 0x0a0bff07c55312cc, 0xc02b72ab886edd68, 0xb85f028fdd9d0551,
+        0x104185aa1e73dbfd, 0xb6039b2c911be8e5, 0x79a8e70d30812e27, 0x82976f6b3a5b6787,
+        0xa53bbafd20fe343a, 0x7dff81a9b954d15f, 0x894007459a7a8355, 0xd43d91a51fc8f9ed,
+        0xccd2d85a0e0cc1e0, 0xe807a9b7bb3f957f, 0xa81e8725c3eedeac, 0x5058ab3866a2902e,
+        0x889c906cff08754b, 0x4ce08463feb3575b, 0xdc935df0107f1a1d, 0x56aafece25939e6a,
+        0xa16cdc59a92bcb42, 0xec50cf1332ea6a07, 0x4592df1f947642b5, 0xbafa31dd1779f46d,
+        0x29f04c355623be09, 0x15ca7427f2d4d29b, 0x215e806059945df9, 0x23fbb3329370acc5,
+        0xd74435deb05efecf, 0xeaa29ae571db6443, 0xc95929d7e2abc886, 0xa4e72dd4458cc224,
+        0x3548636ece32797c, 0x27acd5961aa553bd, 0xac49e1814a3b21d4, 0xcbfc1a85284f39ba,
+        0x8fb252b3d94b8d11, 0x42bc1dc0b235baef, 0x072ec2df2643f85a, 0x91af4eba8bbebb58,
+        0x045766a489d5ff78, 0x9073d993eecc4d46, 0x3f439c690b616bb0, 0x6b4c51f5e41604e6,
+        0x7e8625d216c2d67d, 0xab67235e6c78d98e, 0xef296b689d7c6d25, 0xc5a0832664c9d40e,
+        0x69e962a72ef2f5da, 0x7b0dd45ffa65df1b, 0x496b75ee12145e3d, 0xd918ac7dfcd8137b,
+        0x1e1d1c0952f53649, 0xfeb479ebe67d40c6, 0x6147aef22145162a, 0x0f800e8a29f41baa,
+        0x0000000000000000, 0x990182ef840958a8, 0x975d1b4cc88fb51c, 0x5b8fc316c68374fc,
+        0x16b3d05c5d42d5b9, 0xb3886aa17dbce183, 0x4f99201851255079, 0x98dd15c6e17baeb6,
+        0x06f255f643310e44, 0x6f1b37516dc3fb9e, 0x0cf9aaf186621c88, 0x8e6ec59abc397b0f,
+        0x930a7de8415a4a64, 0x37ed503c04d68840, 0xf61ab5bee9caa336, 0xfb3f88660ada49a0,
+        0x7874702455f3d839, 0x208217493ce6abe7, 0x73a3180af5d23ceb, 0x9e2f4030a24aa0f2,
+        0xe522946f582f7fe9, 0xd5e1068c7aba0ff3, 0xbdd4f302313a0c37, 0x1fc18b203787c057,
+        0xd2cfc4535cf9f7a9, 0x1b96ed84be523f2f, 0x5d7d96e085b27ab8, 0x66696c2d0706ee70,
+        0xd06af701961d0695, 0xe3d0c1991b1e71ad, 0x6c62932ac255fcbc, 0xd313537a398b01b7,
+        0xa0b04b70cc593d5c, 0x834bf8425f299199, 0xaeecd2d380dfd0e8, 0xbead57799eac0b15,
+        0x540fcd9cef776f56, 0xad9576a82f49d7ca, 0xfc114ab92c99b1fa, 0x33ba36988d037738,
+        0xbb26a6f4720b0273, 0xb254fd8818ce179d, 0xa6421e868f683318, 0x5fd8a5b24f568b84,
+        0x623e0a898ed31108, 0xb0f1cedad22ae6a1, 0x1933ded674b6ce13, 0x1416e30e97a62485,
+        0x3e9f0b406e139dae, 0x6dbe0403a7270aa2, 0xbc08642b5448fa29, 0x0d253dd8e310ea96,
+        0x2ede8eea70604653, 0x39b1c99f485065f4, 0xcd0e4f736b7e37fe, 0xbf71c050fbdefd0b,
+        0x748ddad5d391c4b1, 0x0bd7682ea021e4d2, 0x3494f447ab408f62, 0xb4a6a87e5bff19d9,
+        0x133821d1b1e5dcdf, 0x95f8281e026b4420, 0x2da72a91dff64171, 0x18ef49ff11c4380d,
+        0xc705b074ae2d2532, 0x3de6af3bc1859a8c, 0x6835f58e4b8003c4, 0xe787a73d92cb8ed5,
+        0xc6d9275dcb5fd32c, 0xf7c622978cb85528, 0x4d3c134a9bc1a145, 0xf3914433056daa50,
+        0xb7df0c05f4691efb, 0xe175f2cbd1fa8091, 0x77f47eae7c07c393, 0xeb7e0dcc14a9925d,
+        0xf1347761cf895b6c, 0x08aecc550fb7e3f0, 0x55d35ab58a059948, 0x444e4836f104b4ab,
+        0x58f6676d691573de, 0x9ba4b1bd4eeda994, 0x92d6eac12428bc7a, 0xb12d59f3b75810bf,
+        0xa3c9ef0b63cf3a7e, 0x67b5fb046274186e, 0x2f0219c31512b04d, 0x3266a1b1e8718126,
+        0x7628e9871975358d, 0xda610806534e1459, 0x311f05ca47e78604, 0x12e4b6f8d4972ac1,
+        0x282cdb1c33514817, 0x727f8f2390a0caf5, 0xb57a3f573e8defc7, 0x71062b583f36cdd7,
+        0x84653a9d796a69c3, 0xf56311c5465ca414, 0x4737ec4d5e92b389, 0x1cb82f5b9811c775,
+        0x2509e6c4d041a281, 0xfdcddd9049eb47e4, 0x40192e9278d14bd3, 0x2a89e84ef9b5b92b,
+        0x3631c71561a47e5e, 0x8be53417509e7269, 0x24d571edb533549f, 0xc352d6d027f8da4a,
+        0x01dc97296572f61e, 0xe9db3e9ede4d6361, 0x4e45b7313457a667, 0xf8462c1da54c4e82,
+        0x4a12d195bd82591f, 0xff68eec2830fb6d8, 0x176f4775383023a7, 0x48b7e2c77766a823,
+        0x592af0440c6785c0, 0x2c7bbdb8ba84b76f, 0x5ca101c9e0c08ca6, 0x63e29da0eba1e716,
+        0xd698a2f7d52c08d1, 0xce77eb08c4e830dc, 0xde366ea2da9beb21, 0x5a53543fa3f182e2,
+        0x52fd986aac466112, 0x86c009cfb38e98ff, 0xd1b66028f36ff08b, 0x1a4a7aaddb20c931,
+        0xcfab7c21a19ac6c2, 0x09725b7c6ac515ee, 0x0e5c99a34c86edb4, 0xdbbd9f2f363ce247,
+        0x6a90c6dc8164f2f8, 0x8a39a33e35ec8477, 0xe0a965e2b488768f, 0x7f5ab2fb73b02063,
+        0xf4bf86ec232e520a, 0xfae31f4f6fa8bfbe, 0x058bf18deca70966, 0x41c5b9bb1da3bdcd,
+        0x2b557f679cc74f35, 0xca208dac4d3dcfa4, 0x9a7826942b9f5f8a, 0xf0e8e048aafbad72,
+        0x53210f43c934970c, 0xc1f7e582ed1c2b76, 0xc47c140f01bb2210, 0x9d56e44b0ddca7d0,
+        0x386d5eb62d2293ea, 0xe65b3014f7b978cb, 0x9424bf376719b23e, 0x30c392e32295701a
+    }
+};
+
+#else
+# error "Only little endian is supported at the moment"
+#endif
+
+EXPORT_TABLE
+const byte S[4][256] =
+{
+    {
+        0xA8, 0x43, 0x5F, 0x06, 0x6B, 0x75, 0x6C, 0x59, 0x71, 0xDF, 0x87, 0x95, 0x17, 0xF0, 0xD8, 0x09,
+        0x6D, 0xF3, 0x1D, 0xCB, 0xC9, 0x4D, 0x2C, 0xAF, 0x79, 0xE0, 0x97, 0xFD, 0x6F, 0x4B, 0x45, 0x39,
+        0x3E, 0xDD, 0xA3, 0x4F, 0xB4, 0xB6, 0x9A, 0x0E, 0x1F, 0xBF, 0x15, 0xE1, 0x49, 0xD2, 0x93, 0xC6,
+        0x92, 0x72, 0x9E, 0x61, 0xD1, 0x63, 0xFA, 0xEE, 0xF4, 0x19, 0xD5, 0xAD, 0x58, 0xA4, 0xBB, 0xA1,
+        0xDC, 0xF2, 0x83, 0x37, 0x42, 0xE4, 0x7A, 0x32, 0x9C, 0xCC, 0xAB, 0x4A, 0x8F, 0x6E, 0x04, 0x27,
+        0x2E, 0xE7, 0xE2, 0x5A, 0x96, 0x16, 0x23, 0x2B, 0xC2, 0x65, 0x66, 0x0F, 0xBC, 0xA9, 0x47, 0x41,
+        0x34, 0x48, 0xFC, 0xB7, 0x6A, 0x88, 0xA5, 0x53, 0x86, 0xF9, 0x5B, 0xDB, 0x38, 0x7B, 0xC3, 0x1E,
+        0x22, 0x33, 0x24, 0x28, 0x36, 0xC7, 0xB2, 0x3B, 0x8E, 0x77, 0xBA, 0xF5, 0x14, 0x9F, 0x08, 0x55,
+        0x9B, 0x4C, 0xFE, 0x60, 0x5C, 0xDA, 0x18, 0x46, 0xCD, 0x7D, 0x21, 0xB0, 0x3F, 0x1B, 0x89, 0xFF,
+        0xEB, 0x84, 0x69, 0x3A, 0x9D, 0xD7, 0xD3, 0x70, 0x67, 0x40, 0xB5, 0xDE, 0x5D, 0x30, 0x91, 0xB1,
+        0x78, 0x11, 0x01, 0xE5, 0x00, 0x68, 0x98, 0xA0, 0xC5, 0x02, 0xA6, 0x74, 0x2D, 0x0B, 0xA2, 0x76,
+        0xB3, 0xBE, 0xCE, 0xBD, 0xAE, 0xE9, 0x8A, 0x31, 0x1C, 0xEC, 0xF1, 0x99, 0x94, 0xAA, 0xF6, 0x26,
+        0x2F, 0xEF, 0xE8, 0x8C, 0x35, 0x03, 0xD4, 0x7F, 0xFB, 0x05, 0xC1, 0x5E, 0x90, 0x20, 0x3D, 0x82,
+        0xF7, 0xEA, 0x0A, 0x0D, 0x7E, 0xF8, 0x50, 0x1A, 0xC4, 0x07, 0x57, 0xB8, 0x3C, 0x62, 0xE3, 0xC8,
+        0xAC, 0x52, 0x64, 0x10, 0xD0, 0xD9, 0x13, 0x0C, 0x12, 0x29, 0x51, 0xB9, 0xCF, 0xD6, 0x73, 0x8D,
+        0x81, 0x54, 0xC0, 0xED, 0x4E, 0x44, 0xA7, 0x2A, 0x85, 0x25, 0xE6, 0xCA, 0x7C, 0x8B, 0x56, 0x80
+    },
+    {
+        0xCE, 0xBB, 0xEB, 0x92, 0xEA, 0xCB, 0x13, 0xC1, 0xE9, 0x3A, 0xD6, 0xB2, 0xD2, 0x90, 0x17, 0xF8,
+        0x42, 0x15, 0x56, 0xB4, 0x65, 0x1C, 0x88, 0x43, 0xC5, 0x5C, 0x36, 0xBA, 0xF5, 0x57, 0x67, 0x8D,
+        0x31, 0xF6, 0x64, 0x58, 0x9E, 0xF4, 0x22, 0xAA, 0x75, 0x0F, 0x02, 0xB1, 0xDF, 0x6D, 0x73, 0x4D,
+        0x7C, 0x26, 0x2E, 0xF7, 0x08, 0x5D, 0x44, 0x3E, 0x9F, 0x14, 0xC8, 0xAE, 0x54, 0x10, 0xD8, 0xBC,
+        0x1A, 0x6B, 0x69, 0xF3, 0xBD, 0x33, 0xAB, 0xFA, 0xD1, 0x9B, 0x68, 0x4E, 0x16, 0x95, 0x91, 0xEE,
+        0x4C, 0x63, 0x8E, 0x5B, 0xCC, 0x3C, 0x19, 0xA1, 0x81, 0x49, 0x7B, 0xD9, 0x6F, 0x37, 0x60, 0xCA,
+        0xE7, 0x2B, 0x48, 0xFD, 0x96, 0x45, 0xFC, 0x41, 0x12, 0x0D, 0x79, 0xE5, 0x89, 0x8C, 0xE3, 0x20,
+        0x30, 0xDC, 0xB7, 0x6C, 0x4A, 0xB5, 0x3F, 0x97, 0xD4, 0x62, 0x2D, 0x06, 0xA4, 0xA5, 0x83, 0x5F,
+        0x2A, 0xDA, 0xC9, 0x00, 0x7E, 0xA2, 0x55, 0xBF, 0x11, 0xD5, 0x9C, 0xCF, 0x0E, 0x0A, 0x3D, 0x51,
+        0x7D, 0x93, 0x1B, 0xFE, 0xC4, 0x47, 0x09, 0x86, 0x0B, 0x8F, 0x9D, 0x6A, 0x07, 0xB9, 0xB0, 0x98,
+        0x18, 0x32, 0x71, 0x4B, 0xEF, 0x3B, 0x70, 0xA0, 0xE4, 0x40, 0xFF, 0xC3, 0xA9, 0xE6, 0x78, 0xF9,
+        0x8B, 0x46, 0x80, 0x1E, 0x38, 0xE1, 0xB8, 0xA8, 0xE0, 0x0C, 0x23, 0x76, 0x1D, 0x25, 0x24, 0x05,
+        0xF1, 0x6E, 0x94, 0x28, 0x9A, 0x84, 0xE8, 0xA3, 0x4F, 0x77, 0xD3, 0x85, 0xE2, 0x52, 0xF2, 0x82,
+        0x50, 0x7A, 0x2F, 0x74, 0x53, 0xB3, 0x61, 0xAF, 0x39, 0x35, 0xDE, 0xCD, 0x1F, 0x99, 0xAC, 0xAD,
+        0x72, 0x2C, 0xDD, 0xD0, 0x87, 0xBE, 0x5E, 0xA6, 0xEC, 0x04, 0xC6, 0x03, 0x34, 0xFB, 0xDB, 0x59,
+        0xB6, 0xC2, 0x01, 0xF0, 0x5A, 0xED, 0xA7, 0x66, 0x21, 0x7F, 0x8A, 0x27, 0xC7, 0xC0, 0x29, 0xD7
+    },
+    {
+        0x93, 0xD9, 0x9A, 0xB5, 0x98, 0x22, 0x45, 0xFC, 0xBA, 0x6A, 0xDF, 0x02, 0x9F, 0xDC, 0x51, 0x59,
+        0x4A, 0x17, 0x2B, 0xC2, 0x94, 0xF4, 0xBB, 0xA3, 0x62, 0xE4, 0x71, 0xD4, 0xCD, 0x70, 0x16, 0xE1,
+        0x49, 0x3C, 0xC0, 0xD8, 0x5C, 0x9B, 0xAD, 0x85, 0x53, 0xA1, 0x7A, 0xC8, 0x2D, 0xE0, 0xD1, 0x72,
+        0xA6, 0x2C, 0xC4, 0xE3, 0x76, 0x78, 0xB7, 0xB4, 0x09, 0x3B, 0x0E, 0x41, 0x4C, 0xDE, 0xB2, 0x90,
+        0x25, 0xA5, 0xD7, 0x03, 0x11, 0x00, 0xC3, 0x2E, 0x92, 0xEF, 0x4E, 0x12, 0x9D, 0x7D, 0xCB, 0x35,
+        0x10, 0xD5, 0x4F, 0x9E, 0x4D, 0xA9, 0x55, 0xC6, 0xD0, 0x7B, 0x18, 0x97, 0xD3, 0x36, 0xE6, 0x48,
+        0x56, 0x81, 0x8F, 0x77, 0xCC, 0x9C, 0xB9, 0xE2, 0xAC, 0xB8, 0x2F, 0x15, 0xA4, 0x7C, 0xDA, 0x38,
+        0x1E, 0x0B, 0x05, 0xD6, 0x14, 0x6E, 0x6C, 0x7E, 0x66, 0xFD, 0xB1, 0xE5, 0x60, 0xAF, 0x5E, 0x33,
+        0x87, 0xC9, 0xF0, 0x5D, 0x6D, 0x3F, 0x88, 0x8D, 0xC7, 0xF7, 0x1D, 0xE9, 0xEC, 0xED, 0x80, 0x29,
+        0x27, 0xCF, 0x99, 0xA8, 0x50, 0x0F, 0x37, 0x24, 0x28, 0x30, 0x95, 0xD2, 0x3E, 0x5B, 0x40, 0x83,
+        0xB3, 0x69, 0x57, 0x1F, 0x07, 0x1C, 0x8A, 0xBC, 0x20, 0xEB, 0xCE, 0x8E, 0xAB, 0xEE, 0x31, 0xA2,
+        0x73, 0xF9, 0xCA, 0x3A, 0x1A, 0xFB, 0x0D, 0xC1, 0xFE, 0xFA, 0xF2, 0x6F, 0xBD, 0x96, 0xDD, 0x43,
+        0x52, 0xB6, 0x08, 0xF3, 0xAE, 0xBE, 0x19, 0x89, 0x32, 0x26, 0xB0, 0xEA, 0x4B, 0x64, 0x84, 0x82,
+        0x6B, 0xF5, 0x79, 0xBF, 0x01, 0x5F, 0x75, 0x63, 0x1B, 0x23, 0x3D, 0x68, 0x2A, 0x65, 0xE8, 0x91,
+        0xF6, 0xFF, 0x13, 0x58, 0xF1, 0x47, 0x0A, 0x7F, 0xC5, 0xA7, 0xE7, 0x61, 0x5A, 0x06, 0x46, 0x44,
+        0x42, 0x04, 0xA0, 0xDB, 0x39, 0x86, 0x54, 0xAA, 0x8C, 0x34, 0x21, 0x8B, 0xF8, 0x0C, 0x74, 0x67
+    },
+    {
+        0x68, 0x8D, 0xCA, 0x4D, 0x73, 0x4B, 0x4E, 0x2A, 0xD4, 0x52, 0x26, 0xB3, 0x54, 0x1E, 0x19, 0x1F,
+        0x22, 0x03, 0x46, 0x3D, 0x2D, 0x4A, 0x53, 0x83, 0x13, 0x8A, 0xB7, 0xD5, 0x25, 0x79, 0xF5, 0xBD,
+        0x58, 0x2F, 0x0D, 0x02, 0xED, 0x51, 0x9E, 0x11, 0xF2, 0x3E, 0x55, 0x5E, 0xD1, 0x16, 0x3C, 0x66,
+        0x70, 0x5D, 0xF3, 0x45, 0x40, 0xCC, 0xE8, 0x94, 0x56, 0x08, 0xCE, 0x1A, 0x3A, 0xD2, 0xE1, 0xDF,
+        0xB5, 0x38, 0x6E, 0x0E, 0xE5, 0xF4, 0xF9, 0x86, 0xE9, 0x4F, 0xD6, 0x85, 0x23, 0xCF, 0x32, 0x99,
+        0x31, 0x14, 0xAE, 0xEE, 0xC8, 0x48, 0xD3, 0x30, 0xA1, 0x92, 0x41, 0xB1, 0x18, 0xC4, 0x2C, 0x71,
+        0x72, 0x44, 0x15, 0xFD, 0x37, 0xBE, 0x5F, 0xAA, 0x9B, 0x88, 0xD8, 0xAB, 0x89, 0x9C, 0xFA, 0x60,
+        0xEA, 0xBC, 0x62, 0x0C, 0x24, 0xA6, 0xA8, 0xEC, 0x67, 0x20, 0xDB, 0x7C, 0x28, 0xDD, 0xAC, 0x5B,
+        0x34, 0x7E, 0x10, 0xF1, 0x7B, 0x8F, 0x63, 0xA0, 0x05, 0x9A, 0x43, 0x77, 0x21, 0xBF, 0x27, 0x09,
+        0xC3, 0x9F, 0xB6, 0xD7, 0x29, 0xC2, 0xEB, 0xC0, 0xA4, 0x8B, 0x8C, 0x1D, 0xFB, 0xFF, 0xC1, 0xB2,
+        0x97, 0x2E, 0xF8, 0x65, 0xF6, 0x75, 0x07, 0x04, 0x49, 0x33, 0xE4, 0xD9, 0xB9, 0xD0, 0x42, 0xC7,
+        0x6C, 0x90, 0x00, 0x8E, 0x6F, 0x50, 0x01, 0xC5, 0xDA, 0x47, 0x3F, 0xCD, 0x69, 0xA2, 0xE2, 0x7A,
+        0xA7, 0xC6, 0x93, 0x0F, 0x0A, 0x06, 0xE6, 0x2B, 0x96, 0xA3, 0x1C, 0xAF, 0x6A, 0x12, 0x84, 0x39,
+        0xE7, 0xB0, 0x82, 0xF7, 0xFE, 0x9D, 0x87, 0x5C, 0x81, 0x35, 0xDE, 0xB4, 0xA5, 0xFC, 0x80, 0xEF,
+        0xCB, 0xBB, 0x6B, 0x76, 0xBA, 0x5A, 0x7D, 0x78, 0x0B, 0x95, 0xE3, 0xAD, 0x74, 0x98, 0x3B, 0x36,
+        0x64, 0x6D, 0xDC, 0xF0, 0x59, 0xA9, 0x4C, 0x17, 0x7F, 0x91, 0xB8, 0xC9, 0x57, 0x1B, 0xE0, 0x61
+    }
+};
+
+EXPORT_TABLE
+const byte IS[4][256] =
+{
+    {
+        0xA4, 0xA2, 0xA9, 0xC5, 0x4E, 0xC9, 0x03, 0xD9, 0x7E, 0x0F, 0xD2, 0xAD, 0xE7, 0xD3, 0x27, 0x5B,
+        0xE3, 0xA1, 0xE8, 0xE6, 0x7C, 0x2A, 0x55, 0x0C, 0x86, 0x39, 0xD7, 0x8D, 0xB8, 0x12, 0x6F, 0x28,
+        0xCD, 0x8A, 0x70, 0x56, 0x72, 0xF9, 0xBF, 0x4F, 0x73, 0xE9, 0xF7, 0x57, 0x16, 0xAC, 0x50, 0xC0,
+        0x9D, 0xB7, 0x47, 0x71, 0x60, 0xC4, 0x74, 0x43, 0x6C, 0x1F, 0x93, 0x77, 0xDC, 0xCE, 0x20, 0x8C,
+        0x99, 0x5F, 0x44, 0x01, 0xF5, 0x1E, 0x87, 0x5E, 0x61, 0x2C, 0x4B, 0x1D, 0x81, 0x15, 0xF4, 0x23,
+        0xD6, 0xEA, 0xE1, 0x67, 0xF1, 0x7F, 0xFE, 0xDA, 0x3C, 0x07, 0x53, 0x6A, 0x84, 0x9C, 0xCB, 0x02,
+        0x83, 0x33, 0xDD, 0x35, 0xE2, 0x59, 0x5A, 0x98, 0xA5, 0x92, 0x64, 0x04, 0x06, 0x10, 0x4D, 0x1C,
+        0x97, 0x08, 0x31, 0xEE, 0xAB, 0x05, 0xAF, 0x79, 0xA0, 0x18, 0x46, 0x6D, 0xFC, 0x89, 0xD4, 0xC7,
+        0xFF, 0xF0, 0xCF, 0x42, 0x91, 0xF8, 0x68, 0x0A, 0x65, 0x8E, 0xB6, 0xFD, 0xC3, 0xEF, 0x78, 0x4C,
+        0xCC, 0x9E, 0x30, 0x2E, 0xBC, 0x0B, 0x54, 0x1A, 0xA6, 0xBB, 0x26, 0x80, 0x48, 0x94, 0x32, 0x7D,
+        0xA7, 0x3F, 0xAE, 0x22, 0x3D, 0x66, 0xAA, 0xF6, 0x00, 0x5D, 0xBD, 0x4A, 0xE0, 0x3B, 0xB4, 0x17,
+        0x8B, 0x9F, 0x76, 0xB0, 0x24, 0x9A, 0x25, 0x63, 0xDB, 0xEB, 0x7A, 0x3E, 0x5C, 0xB3, 0xB1, 0x29,
+        0xF2, 0xCA, 0x58, 0x6E, 0xD8, 0xA8, 0x2F, 0x75, 0xDF, 0x14, 0xFB, 0x13, 0x49, 0x88, 0xB2, 0xEC,
+        0xE4, 0x34, 0x2D, 0x96, 0xC6, 0x3A, 0xED, 0x95, 0x0E, 0xE5, 0x85, 0x6B, 0x40, 0x21, 0x9B, 0x09,
+        0x19, 0x2B, 0x52, 0xDE, 0x45, 0xA3, 0xFA, 0x51, 0xC2, 0xB5, 0xD1, 0x90, 0xB9, 0xF3, 0x37, 0xC1,
+        0x0D, 0xBA, 0x41, 0x11, 0x38, 0x7B, 0xBE, 0xD0, 0xD5, 0x69, 0x36, 0xC8, 0x62, 0x1B, 0x82, 0x8F
+    },
+    {
+        0x83, 0xF2, 0x2A, 0xEB, 0xE9, 0xBF, 0x7B, 0x9C, 0x34, 0x96, 0x8D, 0x98, 0xB9, 0x69, 0x8C, 0x29,
+        0x3D, 0x88, 0x68, 0x06, 0x39, 0x11, 0x4C, 0x0E, 0xA0, 0x56, 0x40, 0x92, 0x15, 0xBC, 0xB3, 0xDC,
+        0x6F, 0xF8, 0x26, 0xBA, 0xBE, 0xBD, 0x31, 0xFB, 0xC3, 0xFE, 0x80, 0x61, 0xE1, 0x7A, 0x32, 0xD2,
+        0x70, 0x20, 0xA1, 0x45, 0xEC, 0xD9, 0x1A, 0x5D, 0xB4, 0xD8, 0x09, 0xA5, 0x55, 0x8E, 0x37, 0x76,
+        0xA9, 0x67, 0x10, 0x17, 0x36, 0x65, 0xB1, 0x95, 0x62, 0x59, 0x74, 0xA3, 0x50, 0x2F, 0x4B, 0xC8,
+        0xD0, 0x8F, 0xCD, 0xD4, 0x3C, 0x86, 0x12, 0x1D, 0x23, 0xEF, 0xF4, 0x53, 0x19, 0x35, 0xE6, 0x7F,
+        0x5E, 0xD6, 0x79, 0x51, 0x22, 0x14, 0xF7, 0x1E, 0x4A, 0x42, 0x9B, 0x41, 0x73, 0x2D, 0xC1, 0x5C,
+        0xA6, 0xA2, 0xE0, 0x2E, 0xD3, 0x28, 0xBB, 0xC9, 0xAE, 0x6A, 0xD1, 0x5A, 0x30, 0x90, 0x84, 0xF9,
+        0xB2, 0x58, 0xCF, 0x7E, 0xC5, 0xCB, 0x97, 0xE4, 0x16, 0x6C, 0xFA, 0xB0, 0x6D, 0x1F, 0x52, 0x99,
+        0x0D, 0x4E, 0x03, 0x91, 0xC2, 0x4D, 0x64, 0x77, 0x9F, 0xDD, 0xC4, 0x49, 0x8A, 0x9A, 0x24, 0x38,
+        0xA7, 0x57, 0x85, 0xC7, 0x7C, 0x7D, 0xE7, 0xF6, 0xB7, 0xAC, 0x27, 0x46, 0xDE, 0xDF, 0x3B, 0xD7,
+        0x9E, 0x2B, 0x0B, 0xD5, 0x13, 0x75, 0xF0, 0x72, 0xB6, 0x9D, 0x1B, 0x01, 0x3F, 0x44, 0xE5, 0x87,
+        0xFD, 0x07, 0xF1, 0xAB, 0x94, 0x18, 0xEA, 0xFC, 0x3A, 0x82, 0x5F, 0x05, 0x54, 0xDB, 0x00, 0x8B,
+        0xE3, 0x48, 0x0C, 0xCA, 0x78, 0x89, 0x0A, 0xFF, 0x3E, 0x5B, 0x81, 0xEE, 0x71, 0xE2, 0xDA, 0x2C,
+        0xB8, 0xB5, 0xCC, 0x6E, 0xA8, 0x6B, 0xAD, 0x60, 0xC6, 0x08, 0x04, 0x02, 0xE8, 0xF5, 0x4F, 0xA4,
+        0xF3, 0xC0, 0xCE, 0x43, 0x25, 0x1C, 0x21, 0x33, 0x0F, 0xAF, 0x47, 0xED, 0x66, 0x63, 0x93, 0xAA
+    },
+    {
+        0x45, 0xD4, 0x0B, 0x43, 0xF1, 0x72, 0xED, 0xA4, 0xC2, 0x38, 0xE6, 0x71, 0xFD, 0xB6, 0x3A, 0x95,
+        0x50, 0x44, 0x4B, 0xE2, 0x74, 0x6B, 0x1E, 0x11, 0x5A, 0xC6, 0xB4, 0xD8, 0xA5, 0x8A, 0x70, 0xA3,
+        0xA8, 0xFA, 0x05, 0xD9, 0x97, 0x40, 0xC9, 0x90, 0x98, 0x8F, 0xDC, 0x12, 0x31, 0x2C, 0x47, 0x6A,
+        0x99, 0xAE, 0xC8, 0x7F, 0xF9, 0x4F, 0x5D, 0x96, 0x6F, 0xF4, 0xB3, 0x39, 0x21, 0xDA, 0x9C, 0x85,
+        0x9E, 0x3B, 0xF0, 0xBF, 0xEF, 0x06, 0xEE, 0xE5, 0x5F, 0x20, 0x10, 0xCC, 0x3C, 0x54, 0x4A, 0x52,
+        0x94, 0x0E, 0xC0, 0x28, 0xF6, 0x56, 0x60, 0xA2, 0xE3, 0x0F, 0xEC, 0x9D, 0x24, 0x83, 0x7E, 0xD5,
+        0x7C, 0xEB, 0x18, 0xD7, 0xCD, 0xDD, 0x78, 0xFF, 0xDB, 0xA1, 0x09, 0xD0, 0x76, 0x84, 0x75, 0xBB,
+        0x1D, 0x1A, 0x2F, 0xB0, 0xFE, 0xD6, 0x34, 0x63, 0x35, 0xD2, 0x2A, 0x59, 0x6D, 0x4D, 0x77, 0xE7,
+        0x8E, 0x61, 0xCF, 0x9F, 0xCE, 0x27, 0xF5, 0x80, 0x86, 0xC7, 0xA6, 0xFB, 0xF8, 0x87, 0xAB, 0x62,
+        0x3F, 0xDF, 0x48, 0x00, 0x14, 0x9A, 0xBD, 0x5B, 0x04, 0x92, 0x02, 0x25, 0x65, 0x4C, 0x53, 0x0C,
+        0xF2, 0x29, 0xAF, 0x17, 0x6C, 0x41, 0x30, 0xE9, 0x93, 0x55, 0xF7, 0xAC, 0x68, 0x26, 0xC4, 0x7D,
+        0xCA, 0x7A, 0x3E, 0xA0, 0x37, 0x03, 0xC1, 0x36, 0x69, 0x66, 0x08, 0x16, 0xA7, 0xBC, 0xC5, 0xD3,
+        0x22, 0xB7, 0x13, 0x46, 0x32, 0xE8, 0x57, 0x88, 0x2B, 0x81, 0xB2, 0x4E, 0x64, 0x1C, 0xAA, 0x91,
+        0x58, 0x2E, 0x9B, 0x5C, 0x1B, 0x51, 0x73, 0x42, 0x23, 0x01, 0x6E, 0xF3, 0x0D, 0xBE, 0x3D, 0x0A,
+        0x2D, 0x1F, 0x67, 0x33, 0x19, 0x7B, 0x5E, 0xEA, 0xDE, 0x8B, 0xCB, 0xA9, 0x8C, 0x8D, 0xAD, 0x49,
+        0x82, 0xE4, 0xBA, 0xC3, 0x15, 0xD1, 0xE0, 0x89, 0xFC, 0xB1, 0xB9, 0xB5, 0x07, 0x79, 0xB8, 0xE1
+    },
+    {
+        0xB2, 0xB6, 0x23, 0x11, 0xA7, 0x88, 0xC5, 0xA6, 0x39, 0x8F, 0xC4, 0xE8, 0x73, 0x22, 0x43, 0xC3,
+        0x82, 0x27, 0xCD, 0x18, 0x51, 0x62, 0x2D, 0xF7, 0x5C, 0x0E, 0x3B, 0xFD, 0xCA, 0x9B, 0x0D, 0x0F,
+        0x79, 0x8C, 0x10, 0x4C, 0x74, 0x1C, 0x0A, 0x8E, 0x7C, 0x94, 0x07, 0xC7, 0x5E, 0x14, 0xA1, 0x21,
+        0x57, 0x50, 0x4E, 0xA9, 0x80, 0xD9, 0xEF, 0x64, 0x41, 0xCF, 0x3C, 0xEE, 0x2E, 0x13, 0x29, 0xBA,
+        0x34, 0x5A, 0xAE, 0x8A, 0x61, 0x33, 0x12, 0xB9, 0x55, 0xA8, 0x15, 0x05, 0xF6, 0x03, 0x06, 0x49,
+        0xB5, 0x25, 0x09, 0x16, 0x0C, 0x2A, 0x38, 0xFC, 0x20, 0xF4, 0xE5, 0x7F, 0xD7, 0x31, 0x2B, 0x66,
+        0x6F, 0xFF, 0x72, 0x86, 0xF0, 0xA3, 0x2F, 0x78, 0x00, 0xBC, 0xCC, 0xE2, 0xB0, 0xF1, 0x42, 0xB4,
+        0x30, 0x5F, 0x60, 0x04, 0xEC, 0xA5, 0xE3, 0x8B, 0xE7, 0x1D, 0xBF, 0x84, 0x7B, 0xE6, 0x81, 0xF8,
+        0xDE, 0xD8, 0xD2, 0x17, 0xCE, 0x4B, 0x47, 0xD6, 0x69, 0x6C, 0x19, 0x99, 0x9A, 0x01, 0xB3, 0x85,
+        0xB1, 0xF9, 0x59, 0xC2, 0x37, 0xE9, 0xC8, 0xA0, 0xED, 0x4F, 0x89, 0x68, 0x6D, 0xD5, 0x26, 0x91,
+        0x87, 0x58, 0xBD, 0xC9, 0x98, 0xDC, 0x75, 0xC0, 0x76, 0xF5, 0x67, 0x6B, 0x7E, 0xEB, 0x52, 0xCB,
+        0xD1, 0x5B, 0x9F, 0x0B, 0xDB, 0x40, 0x92, 0x1A, 0xFA, 0xAC, 0xE4, 0xE1, 0x71, 0x1F, 0x65, 0x8D,
+        0x97, 0x9E, 0x95, 0x90, 0x5D, 0xB7, 0xC1, 0xAF, 0x54, 0xFB, 0x02, 0xE0, 0x35, 0xBB, 0x3A, 0x4D,
+        0xAD, 0x2C, 0x3D, 0x56, 0x08, 0x1B, 0x4A, 0x93, 0x6A, 0xAB, 0xB8, 0x7A, 0xF2, 0x7D, 0xDA, 0x3F,
+        0xFE, 0x3E, 0xBE, 0xEA, 0xAA, 0x44, 0xC6, 0xD0, 0x36, 0x48, 0x70, 0x96, 0x77, 0x24, 0x53, 0xDF,
+        0xF3, 0x83, 0x28, 0x32, 0x45, 0x1E, 0xA4, 0xD3, 0xA2, 0x46, 0x6E, 0x9C, 0xDD, 0x63, 0xD4, 0x9D
+    }
+};
+
+NAMESPACE_END
+NAMESPACE_END
diff --git a/regtest2.cpp b/regtest2.cpp
index 6a37226e..b5528869 100644
--- a/regtest2.cpp
+++ b/regtest2.cpp
@@ -30,6 +30,7 @@
 #include "cast.h"
 #include "rc6.h"
 #include "mars.h"
+#include "kalyna.h"
 #include "des.h"
 #include "idea.h"
 #include "rc5.h"
@@ -40,7 +41,6 @@
 #include "blowfish.h"
 #include "seed.h"
 #include "wake.h"
-#include "seal.h"
 #include "hkdf.h"
 
 // For HMAC's
@@ -134,8 +134,8 @@ void RegisterFactories2()
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Blowfish> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SEED> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<SEED> >();
-//	RegisterSymmetricCipherDefaultFactories<ECB_Mode<Kalyna> >();  // Test Vectors
-//	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Kalyna> >();  // Benchmarks
+	RegisterSymmetricCipherDefaultFactories<ECB_Mode<Kalyna> >();  // Test Vectors
+	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Kalyna> >();  // Benchmarks
 
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA1> >();
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA256> >();
diff --git a/test.cpp b/test.cpp
index 714f70c6..853c10b6 100644
--- a/test.cpp
+++ b/test.cpp
@@ -989,7 +989,7 @@ bool Validate(int alg, bool thorough, const char *seedInput)
 	case 78: result = Test::ValidateHashDRBG(); break;
 	case 79: result = Test::ValidateHmacDRBG(); break;
 
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
 	// http://github.com/weidai11/cryptopp/issues/92
 	case 9999: result = Test::TestSecBlock(); break;
 	// http://github.com/weidai11/cryptopp/issues/64

From 6ad999ef2f1970837718c7cc52992f3895615da5 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 6 May 2017 08:18:54 -0400
Subject: [PATCH 085/200] Updated documentation

---
 kalyna.h | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/kalyna.h b/kalyna.h
index 79ec39b3..006dbe7e 100644
--- a/kalyna.h
+++ b/kalyna.h
@@ -97,10 +97,20 @@ public:
     class CRYPTOPP_NO_VTABLE Base : public VariableBlockCipherImpl<Kalyna_Info>
     {
     public:
-        // Naming follows DSTU 7624:2014, where blocksize is specified first and then key length.
-        // DSTU is a little more complex with more parameters, dashes, underscores. (Thanks RO).
-        std::string AlgorithmName() const {return !BlockSize() ? StaticAlgorithmName() :
-            "Kalyna-" + IntToString(BlockSize())+"("+IntToString(m_kl*8)+")";}
+        //! \brief Provides the name of this algorithm
+        //! \return the standard algorithm name
+        //! \details If the object is unkeyed, then the generic name "Kalyna" is returned
+        //!   to the caller. If the algorithm is keyed, then a two or three part name is
+        //!   returned to the caller. The name follows DSTU 7624:2014, where block size is
+        //!   provided first and then key length. The library uses a dash to identify block size
+        //!   and parenthesis to identify key length. For example, Kalyna-128(256) is Kalyna
+        //!   with a 128-bit block size and a 256-bit key length. If a mode is associated
+        //!   with the object, then it follows as expected. For example, Kalyna-128(256)/ECB.
+		//!   DSTU is a little more complex with more parameters, dashes, underscores, but the
+		//!   library does not use the delimiters or full convention.
+        std::string AlgorithmName() const {
+            return m_blocksize ? "Kalyna-" + IntToString(m_blocksize*8) + "(" + IntToString(m_kl*8) + ")" : StaticAlgorithmName();
+        }
 
         unsigned int OptimalDataAlignment() const {
             return GetAlignmentOf<word64>();

From 3ea8e0655fb3318d2a58b66fd33bbfb4b5dee445 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 6 May 2017 09:07:24 -0400
Subject: [PATCH 086/200] Add constants to default encryptor classes

---
 default.h    | 12 +++++++
 validat0.cpp | 93 ++++++++++++++++++++++++++++++++--------------------
 2 files changed, 70 insertions(+), 35 deletions(-)

diff --git a/default.h b/default.h
index 691cbbb3..56f54c98 100644
--- a/default.h
+++ b/default.h
@@ -180,6 +180,12 @@ template <class BC, class H, class MAC, class Info>
 class DataEncryptorWithMAC : public ProxyFilter
 {
 public:
+	CRYPTOPP_CONSTANT(BLOCKSIZE  = Info::BLOCKSIZE)
+	CRYPTOPP_CONSTANT(KEYLENGTH  = Info::KEYLENGTH)
+	CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH)
+	CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE)
+	CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS)
+
 	//! \brief Constructs a DataEncryptorWithMAC
 	//! \param passphrase a C-String password
 	//! \param attachment a BufferedTransformation to attach to this object
@@ -220,6 +226,12 @@ template <class BC, class H, class MAC, class Info>
 class DataDecryptorWithMAC : public ProxyFilter
 {
 public:
+	CRYPTOPP_CONSTANT(BLOCKSIZE  = Info::BLOCKSIZE)
+	CRYPTOPP_CONSTANT(KEYLENGTH  = Info::KEYLENGTH)
+	CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH)
+	CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE)
+	CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS)
+
 	//! \brief Constructs a DataDecryptor
 	//! \param passphrase a C-String password
 	//! \param attachment a BufferedTransformation to attach to this object
diff --git a/validat0.cpp b/validat0.cpp
index e1b082a1..a47f979f 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -116,8 +116,9 @@ bool TestZinflate()
             // Tamper
             try {
                 StringSource(dest.substr(0, len-2), true, new Inflator(new StringSink(rec)));
-                throw Exception(Exception::OTHER_ERROR, "Deflate failed to detect a truncated stream");
-            } catch(const Exception&) {}
+                std::cout << "Deflate failed to detect a truncated stream\n";
+                fail = true;
+            } catch(const Exception& ex) { }
         }
     }
     catch(const Exception&)
@@ -136,7 +137,7 @@ bool TestZinflate()
 
         try {
             StringSource(src, true, new Inflator(new StringSink(dest)));
-        } catch(const Exception&) {    }
+        } catch(const Exception&) {}
     }
 
     // Inflate random data. See if we can induce a crash
@@ -236,26 +237,37 @@ bool TestDefaultEncryptorWithMAC()
             if (src != rec)
                 throw Exception(Exception::OTHER_ERROR, "DefaultEncryptorWithMAC failed a self test");
 
-            // Tamper. Data format is [SALT][KEYCHECK][ENCRYPTED DATA].
+            // Tamper with the stream. Data format is [SALT][KEYCHECK][ENCRYPTED DATA].
             try {
-                StringSource(dest.substr(0, len-2), true, new Inflator(new StringSink(rec)));
-                throw Exception(Exception::OTHER_ERROR, "DefaultEncryptorWithMAC failed to detect a truncated stream");
-            } catch(const Exception&) {}
+                StringSource(dest.substr(0, len-2), true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
+                std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a truncated stream\n";
+                fail = true;
+            } catch(const Exception& ex) { }
             try {
-                dest[4] ^= 0x01;
-                StringSource(dest, true, new Inflator(new StringSink(rec)));
-                throw Exception(Exception::OTHER_ERROR, "DefaultEncryptorWithMAC failed to detect a tampered salt");
-            } catch(const Exception&) {}
+                // tamper salt
+                dest[DefaultDecryptorWithMAC::SALTLENGTH/2] ^= 0x01;
+                StringSource(dest, true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
+                std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a tampered salt\n";
+                fail = true;
+            } catch(const Exception& ex) { }
             try {
-                dest[4] ^= 0x01; dest[20] ^= 0x01;  // undo previous tamper
-                StringSource(dest, true, new Inflator(new StringSink(rec)));
-                throw Exception(Exception::OTHER_ERROR, "DefaultEncryptorWithMAC failed to detect a tampered keycheck");
-            } catch(const Exception&) {}
+                // undo previous tamper
+                dest[DefaultDecryptorWithMAC::SALTLENGTH/2] ^= 0x01;
+                // tamper keycheck
+                dest[DefaultDecryptorWithMAC::SALTLENGTH+DefaultDecryptorWithMAC::KEYLENGTH/2] ^= 0x01;
+                StringSource(dest, true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
+                std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a tampered keycheck\n";
+                fail = true;
+            } catch(const Exception& ex) { }
             try {
-                dest[20] ^= 0x01; dest[dest.length()-2] ^= 0x01;  // undo previous tamper
-                StringSource(dest, true, new Inflator(new StringSink(rec)));
-                throw Exception(Exception::OTHER_ERROR, "DefaultEncryptorWithMAC failed to detect a tampered data");
-            } catch(const Exception&) {}
+                // undo previous tamper
+                dest[DefaultDecryptorWithMAC::SALTLENGTH+DefaultDecryptorWithMAC::KEYLENGTH/2] ^= 0x01;
+                // tamper encrypted data
+                dest[dest.length()-2] ^= 0x01;
+                StringSource(dest, true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
+                std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a tampered data\n";
+                fail = true;
+            } catch(const Exception& ex) { }
         }
     }
     catch(const Exception&)
@@ -335,26 +347,37 @@ bool TestLegacyEncryptorWithMAC()
             if (src != rec)
                 throw Exception(Exception::OTHER_ERROR, "LegacyEncryptorWithMAC failed a self test");
 
-            // Tamper. Data format is [SALT][KEYCHECK][ENCRYPTED DATA].
+            // Tamper with the stream. Data format is [SALT][KEYCHECK][ENCRYPTED DATA].
             try {
-                StringSource(dest.substr(0, len-2), true, new Inflator(new StringSink(rec)));
-                throw Exception(Exception::OTHER_ERROR, "LegacyEncryptorWithMAC failed to detect a truncated stream");
-            } catch(const Exception&) {}
+                StringSource(dest.substr(0, len-2), true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
+                std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a truncated stream\n";
+                fail = true;
+            } catch(const Exception& ex) { }
             try {
-                dest[4] ^= 0x01;
-                StringSource(dest, true, new Inflator(new StringSink(rec)));
-                throw Exception(Exception::OTHER_ERROR, "LegacyEncryptorWithMAC failed to detect a tampered salt");
-            } catch(const Exception&) {}
+                // tamper salt
+                dest[LegacyEncryptorWithMAC::SALTLENGTH/2] ^= 0x01;
+                StringSource(dest, true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
+                std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a tampered salt\n";
+                fail = true;
+            } catch(const Exception& ex) { }
             try {
-                dest[4] ^= 0x01; dest[20] ^= 0x01;  // undo previous tamper
-                StringSource(dest, true, new Inflator(new StringSink(rec)));
-                throw Exception(Exception::OTHER_ERROR, "LegacyEncryptorWithMAC failed to detect a tampered keycheck");
-            } catch(const Exception&) {}
+                // undo previous tamper
+                dest[LegacyEncryptorWithMAC::SALTLENGTH/2] ^= 0x01;
+                // tamper keycheck
+                dest[LegacyEncryptorWithMAC::SALTLENGTH+LegacyEncryptorWithMAC::KEYLENGTH/2] ^= 0x01;
+                StringSource(dest, true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
+                std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a tampered keycheck\n";
+                fail = true;
+            } catch(const Exception& ex) { }
             try {
-                dest[20] ^= 0x01; dest[dest.length()-2] ^= 0x01;  // undo previous tamper
-                StringSource(dest, true, new Inflator(new StringSink(rec)));
-                throw Exception(Exception::OTHER_ERROR, "LegacyEncryptorWithMAC failed to detect a tampered data");
-            } catch(const Exception&) {}
+                // undo previous tamper
+                dest[LegacyEncryptorWithMAC::SALTLENGTH+LegacyEncryptorWithMAC::KEYLENGTH/2] ^= 0x01;
+                // tamper encrypted data
+                dest[dest.length()-2] ^= 0x01;
+                StringSource(dest, true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
+                std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a tampered data\n";
+                fail = true;
+            } catch(const Exception& ex) { }
         }
     }
     catch(const Exception&)

From 374b8a419f69291ebc13302aa10bc773194129e4 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 6 May 2017 11:37:22 -0400
Subject: [PATCH 087/200] Added additional tests

---
 validat1.cpp | 206 ++++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 186 insertions(+), 20 deletions(-)

diff --git a/validat1.cpp b/validat1.cpp
index 6ff27693..3659b539 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -453,6 +453,31 @@ bool TestOS_RNG()
 		else
 			std::cout << "passed:";
 		std::cout << "  " << total << " generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
+
+		try
+		{
+			// Miscellaneous for code coverage
+			RandomNumberGenerator& prng = *rng.get();
+			(void)prng.AlgorithmName();
+			word32 result = prng.GenerateWord32();
+			result = prng.GenerateWord32(21, 0xffffffff - 21);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
+			pass = true;
+		}
+		catch (const Exception&)
+		{
+			pass = false;
+		}
+
+		if (!pass)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  GenerateWord32 and Crop\n";
 	}
 	else
 		std::cout << "\nNo operating system provided blocking random number generator, skipping test." << std::endl;
@@ -478,6 +503,31 @@ bool TestOS_RNG()
 		else
 			std::cout << "passed:";
 		std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
+
+		try
+		{
+			// Miscellaneous for code coverage
+			RandomNumberGenerator& prng = *rng.get();
+			(void)prng.AlgorithmName();
+			word32 result = prng.GenerateWord32();
+			result = prng.GenerateWord32(21, 0xffffffff - 21);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
+			pass = true;
+		}
+		catch (const Exception&)
+		{
+			pass = false;
+		}
+
+		if (!pass)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  GenerateWord32 and Crop\n";
 	}
 	else
 		std::cout << "\nNo operating system provided nonblocking random number generator, skipping test." << std::endl;
@@ -502,7 +552,7 @@ bool TestAutoSeeded()
 
 	AutoSeededRandomPool prng;
 	static const unsigned int ENTROPY_SIZE = 32;
-	bool generate = true, discard = true, incorporate = false;
+	bool generate = true, discard = true, incorporate = false, crop = false;
 
 	MeterFilter meter(new Redirector(TheBitBucket()));
 	RandomNumberSource test(prng, 100000, true, new Deflator(new Redirector(meter)));
@@ -554,9 +604,33 @@ bool TestAutoSeeded()
 		std::cout << "FAILED:";
 	else
 		std::cout << "passed:";
-	std::cout << "  IncorporateEntropy with " << 4*ENTROPY_SIZE << " bytes" << std::endl;
+	std::cout << "  IncorporateEntropy with " << 4*ENTROPY_SIZE << " bytes\n";
 
-	return generate && discard && incorporate;
+	try
+	{
+		// Miscellaneous for code coverage
+		(void)prng.AlgorithmName();
+		word32 result = prng.GenerateWord32();
+		result = prng.GenerateWord32(21, 0xffffffff - 21);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
+		crop = true;
+	}
+	catch (const Exception&)
+	{
+		crop = false;
+	}
+
+	if (!crop)
+		std::cout << "FAILED:";
+	else
+		std::cout << "passed:";
+	std::cout << "  GenerateWord32 and Crop\n";
+
+	return generate && discard && incorporate && crop;
 }
 
 bool TestAutoSeededX917()
@@ -566,7 +640,7 @@ bool TestAutoSeededX917()
 
 	AutoSeededX917RNG<AES> prng;
 	static const unsigned int ENTROPY_SIZE = 32;
-	bool generate = true, discard = true, incorporate = false;
+	bool generate = true, discard = true, incorporate = false, crop = false;
 
 	MeterFilter meter(new Redirector(TheBitBucket()));
 	RandomNumberSource test(prng, 100000, true, new Deflator(new Redirector(meter)));
@@ -618,9 +692,33 @@ bool TestAutoSeededX917()
 		std::cout << "FAILED:";
 	else
 		std::cout << "passed:";
-	std::cout << "  IncorporateEntropy with " << 4*ENTROPY_SIZE << " bytes" << std::endl;
+	std::cout << "  IncorporateEntropy with " << 4*ENTROPY_SIZE << " bytes\n";
 
-	return generate && discard && incorporate;
+	try
+	{
+		// Miscellaneous for code coverage
+		(void)prng.AlgorithmName();
+		word32 result = prng.GenerateWord32();
+		result = prng.GenerateWord32(21, 0xffffffff - 21);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
+		crop = true;
+	}
+	catch (const Exception&)
+	{
+		crop = false;
+	}
+
+	if (!crop)
+		std::cout << "FAILED:";
+	else
+		std::cout << "passed:";
+	std::cout << "  GenerateWord32 and Crop\n";
+
+	return generate && discard && incorporate && crop;
 }
 #endif // NO_OS_DEPENDENCE
 
@@ -630,7 +728,7 @@ bool TestMersenne()
 	std::cout << "\nTesting Mersenne Twister...\n\n";
 
 	static const unsigned int ENTROPY_SIZE = 32;
-	bool equal = true, generate = true, discard = true, incorporate = false;
+	bool equal = true, generate = true, discard = true, incorporate = false, crop = false;
 
     // First 10; http://create.stephan-brumme.com/mersenne-twister/
 	word32 result[10], expected[10] = {0xD091BB5C, 0x22AE9EF6,
@@ -702,9 +800,33 @@ bool TestMersenne()
 		std::cout << "FAILED:";
 	else
 		std::cout << "passed:";
-	std::cout << "  IncorporateEntropy with " << 4*ENTROPY_SIZE << " bytes" << std::endl;
+	std::cout << "  IncorporateEntropy with " << 4*ENTROPY_SIZE << " bytes\n";
 
-	return equal && generate && discard && incorporate;
+	try
+	{
+		// Miscellaneous for code coverage
+		(void)prng.AlgorithmName();
+		result[0] = prng.GenerateWord32();
+		result[0] = prng.GenerateWord32(21, 0xffffffff - 21);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result[0]), 4);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result[0]), 3);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result[0]), 2);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result[0]), 1);
+		prng.GenerateBlock(reinterpret_cast<byte*>(&result[0]), 0);
+		crop = true;
+	}
+	catch (const Exception&)
+	{
+		crop = false;
+	}
+
+	if (!crop)
+		std::cout << "FAILED:";
+	else
+		std::cout << "passed:";
+	std::cout << "  GenerateWord32 and Crop\n";
+
+	return equal && generate && discard && incorporate && crop;
 }
 #endif
 
@@ -713,7 +835,7 @@ bool TestRDRAND()
 {
 	// Testing on 6th generation i7 shows RDRAND needs less than 8 retries for 10K bytes.
 	RDRAND rdrand;
-	bool entropy = true, compress = true, discard = true;
+	bool entropy = true, compress = true, discard = true, crop = true;
 	static const unsigned int SIZE = 10000;
 
 	if (HasRDRAND())
@@ -773,12 +895,34 @@ bool TestRDRAND()
 	else
 		std::cout << "\nRDRAND generator not available, skipping test.\n";
 
-	// Squash code coverage warnings on unused functions
-	(void)rdrand.AlgorithmName();
-	(void)rdrand.CanIncorporateEntropy();
-	rdrand.IncorporateEntropy(NULLPTR, 0);
+	try
+	{
+		// Miscellaneous for code coverage
+		(void)rdrand.AlgorithmName();
+		(void)rdrand.CanIncorporateEntropy();
+		rdrand.IncorporateEntropy(NULLPTR, 0);
 
-	return entropy && compress && discard;
+		word32 result = rdrand.GenerateWord32();
+		result = rdrand.GenerateWord32(21, 0xffffffff - 21);
+		rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
+		rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
+		rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
+		rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
+		rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
+		crop = true;
+	}
+	catch (const Exception&)
+	{
+		crop = false;
+	}
+
+	if (!crop)
+		std::cout << "FAILED:";
+	else
+		std::cout << "passed:";
+	std::cout << "  GenerateWord32 and Crop\n";
+
+	return entropy && compress && discard && crop;
 }
 #endif
 
@@ -788,7 +932,7 @@ bool TestRDSEED()
 	// Testing on 5th generation i5 shows RDSEED needs about 128 retries for 10K bytes
 	//  on 64-bit/amd64 VM, and it needs more for an 32-bit/i686 VM.
 	RDSEED rdseed;
-	bool entropy = true, compress = true, discard = true;
+	bool entropy = true, compress = true, discard = true, crop = true;
 	static const unsigned int SIZE = 10000;
 
 	if (HasRDSEED())
@@ -848,10 +992,32 @@ bool TestRDSEED()
 	else
 		std::cout << "\nRDSEED generator not available, skipping test.\n";
 
-	// Squash code coverage warnings on unused functions
-	(void)rdseed.AlgorithmName();
-	(void)rdseed.CanIncorporateEntropy();
-	rdseed.IncorporateEntropy(NULLPTR, 0);
+	try
+	{
+		// Miscellaneous for code coverage
+		(void)rdseed.AlgorithmName();
+		(void)rdseed.CanIncorporateEntropy();
+		rdseed.IncorporateEntropy(NULLPTR, 0);
+
+		word32 result = rdseed.GenerateWord32();
+		result = rdseed.GenerateWord32(21, 0xffffffff - 21);
+		rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
+		rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
+		rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
+		rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
+		rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
+		crop = true;
+	}
+	catch (const Exception&)
+	{
+		crop = false;
+	}
+
+	if (!crop)
+		std::cout << "FAILED:";
+	else
+		std::cout << "passed:";
+	std::cout << "  GenerateWord32 and Crop\n";
 
 	return entropy && compress && discard;
 }

From c04b98072c6ba8bb9dd40a739c29a813dfdcea22 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 6 May 2017 18:00:57 -0400
Subject: [PATCH 088/200] Fix compile error with -DNO_OS_DEPENDENCE Whitespace
 check-in

---
 validat1.cpp | 168 +++++++++++++++++++++++++--------------------------
 1 file changed, 84 insertions(+), 84 deletions(-)

diff --git a/validat1.cpp b/validat1.cpp
index 3659b539..bebeebdc 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -96,7 +96,7 @@ bool ValidateAll(bool thorough)
 	pass=TestASN1Parse() && pass;
 	// Enable during debug for code coverage
 	pass=ValidateBaseCode() && pass;
-    // Additional tests due to no coverage
+	// Additional tests due to no coverage
 	pass=TestGzip() && pass;
 	pass=TestZinflate() && pass;
 	pass=TestDefaultEncryptor() && pass;
@@ -586,7 +586,7 @@ bool TestAutoSeeded()
 		if(prng.CanIncorporateEntropy())
 		{
 			SecByteBlock entropy(ENTROPY_SIZE);
-			OS_GenerateRandomBlock(false, entropy, entropy.SizeInBytes());
+			GlobalRNG().GenerateBlock(entropy, entropy.SizeInBytes());
 
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
@@ -674,7 +674,7 @@ bool TestAutoSeededX917()
 		if(prng.CanIncorporateEntropy())
 		{
 			SecByteBlock entropy(ENTROPY_SIZE);
-			OS_GenerateRandomBlock(false, entropy, entropy.SizeInBytes());
+			GlobalRNG().GenerateBlock(entropy, entropy.SizeInBytes());
 
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
@@ -730,14 +730,14 @@ bool TestMersenne()
 	static const unsigned int ENTROPY_SIZE = 32;
 	bool equal = true, generate = true, discard = true, incorporate = false, crop = false;
 
-    // First 10; http://create.stephan-brumme.com/mersenne-twister/
+	// First 10; http://create.stephan-brumme.com/mersenne-twister/
 	word32 result[10], expected[10] = {0xD091BB5C, 0x22AE9EF6,
 		0xE7E1FAEE, 0xD5C31F79, 0x2082352C, 0xF807B7DF, 0xE9D30005,
 		0x3895AFE1, 0xA1E24BBA, 0x4EE4092B};
 
 	MT19937ar prng;
 	prng.GenerateBlock(reinterpret_cast<byte*>(result), sizeof(result));
-    equal = (0 == ::memcmp(result, expected, sizeof(expected)));
+	equal = (0 == ::memcmp(result, expected, sizeof(expected)));
 
 	if (equal)
 	{
@@ -746,9 +746,9 @@ bool TestMersenne()
 	else
 	{
 		std::cout << "FAILED:";
-        equal = false;
+		equal = false;
 	}
-    std::cout << "  Expected sequence from MT19937ar (2002 version)\n";
+	std::cout << "  Expected sequence from MT19937ar (2002 version)\n";
 
 	MeterFilter meter(new Redirector(TheBitBucket()));
 	RandomNumberSource test(prng, 100000, true, new Deflator(new Redirector(meter)));
@@ -782,7 +782,7 @@ bool TestMersenne()
 		if(prng.CanIncorporateEntropy())
 		{
 			SecByteBlock entropy(ENTROPY_SIZE);
-			OS_GenerateRandomBlock(false, entropy, entropy.SizeInBytes());
+			GlobalRNG().GenerateBlock(entropy, entropy.SizeInBytes());
 
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
@@ -891,37 +891,37 @@ bool TestRDRAND()
 		else
 			std::cout << "passed:";
 		std::cout << "  discarded " << SIZE << " bytes\n";
+
+		try
+		{
+			// Miscellaneous for code coverage
+			(void)rdrand.AlgorithmName();
+			(void)rdrand.CanIncorporateEntropy();
+			rdrand.IncorporateEntropy(NULLPTR, 0);
+
+			word32 result = rdrand.GenerateWord32();
+			result = rdrand.GenerateWord32(21, 0xffffffff - 21);
+			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
+			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
+			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
+			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
+			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
+			crop = true;
+		}
+		catch (const Exception&)
+		{
+			crop = false;
+		}
+
+		if (!crop)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  GenerateWord32 and Crop\n";
 	}
 	else
 		std::cout << "\nRDRAND generator not available, skipping test.\n";
 
-	try
-	{
-		// Miscellaneous for code coverage
-		(void)rdrand.AlgorithmName();
-		(void)rdrand.CanIncorporateEntropy();
-		rdrand.IncorporateEntropy(NULLPTR, 0);
-
-		word32 result = rdrand.GenerateWord32();
-		result = rdrand.GenerateWord32(21, 0xffffffff - 21);
-		rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
-		rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
-		rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
-		rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
-		rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
-		crop = true;
-	}
-	catch (const Exception&)
-	{
-		crop = false;
-	}
-
-	if (!crop)
-		std::cout << "FAILED:";
-	else
-		std::cout << "passed:";
-	std::cout << "  GenerateWord32 and Crop\n";
-
 	return entropy && compress && discard && crop;
 }
 #endif
@@ -988,37 +988,37 @@ bool TestRDSEED()
 		else
 			std::cout << "passed:";
 		std::cout << "  discarded " << SIZE << " bytes\n";
+
+		try
+		{
+			// Miscellaneous for code coverage
+			(void)rdseed.AlgorithmName();
+			(void)rdseed.CanIncorporateEntropy();
+			rdseed.IncorporateEntropy(NULLPTR, 0);
+
+			word32 result = rdseed.GenerateWord32();
+			result = rdseed.GenerateWord32(21, 0xffffffff - 21);
+			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
+			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
+			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
+			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
+			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
+			crop = true;
+		}
+		catch (const Exception&)
+		{
+			crop = false;
+		}
+
+		if (!crop)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  GenerateWord32 and Crop\n";
 	}
 	else
 		std::cout << "\nRDSEED generator not available, skipping test.\n";
 
-	try
-	{
-		// Miscellaneous for code coverage
-		(void)rdseed.AlgorithmName();
-		(void)rdseed.CanIncorporateEntropy();
-		rdseed.IncorporateEntropy(NULLPTR, 0);
-
-		word32 result = rdseed.GenerateWord32();
-		result = rdseed.GenerateWord32(21, 0xffffffff - 21);
-		rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
-		rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
-		rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
-		rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
-		rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
-		crop = true;
-	}
-	catch (const Exception&)
-	{
-		crop = false;
-	}
-
-	if (!crop)
-		std::cout << "FAILED:";
-	else
-		std::cout << "passed:";
-	std::cout << "  GenerateWord32 and Crop\n";
-
 	return entropy && compress && discard;
 }
 #endif
@@ -2190,34 +2190,34 @@ bool ValidateARC4()
 	arc4.reset(new Weak::ARC4(Key0, sizeof(Key0)));
 	arc4->ProcessString(Input0, sizeof(Input0));
 	fail = memcmp(Input0, Output0, sizeof(Input0)) != 0;
-	std::cout << (fail ? "FAILED" : "passed") << "    Test 0" << std::endl;
+	std::cout << (fail ? "FAILED" : "passed") << "   Test 0" << std::endl;
 	pass = pass && !fail;
 
 	arc4.reset(new Weak::ARC4(Key1, sizeof(Key1)));
 	arc4->ProcessString(Key1, Input1, sizeof(Key1));
 	fail = memcmp(Output1, Key1, sizeof(Key1)) != 0;
-	std::cout << (fail ? "FAILED" : "passed") << "    Test 1" << std::endl;
+	std::cout << (fail ? "FAILED" : "passed") << "   Test 1" << std::endl;
 	pass = pass && !fail;
 
 	arc4.reset(new Weak::ARC4(Key2, sizeof(Key2)));
 	for (i=0, fail=false; i<sizeof(Input2); i++)
 		if (arc4->ProcessByte(Input2[i]) != Output2[i])
 			fail = true;
-	std::cout << (fail ? "FAILED" : "passed") << "    Test 2" << std::endl;
+	std::cout << (fail ? "FAILED" : "passed") << "   Test 2" << std::endl;
 	pass = pass && !fail;
 
 	arc4.reset(new Weak::ARC4(Key3, sizeof(Key3)));
 	for (i=0, fail=false; i<sizeof(Input3); i++)
 		if (arc4->ProcessByte(Input3[i]) != Output3[i])
 			fail = true;
-	std::cout << (fail ? "FAILED" : "passed") << "    Test 3" << std::endl;
+	std::cout << (fail ? "FAILED" : "passed") << "   Test 3" << std::endl;
 	pass = pass && !fail;
 
 	arc4.reset(new Weak::ARC4(Key4, sizeof(Key4)));
 	for (i=0, fail=false; i<sizeof(Input4); i++)
 		if (arc4->ProcessByte(Input4[i]) != Output4[i])
 			fail = true;
-	std::cout << (fail ? "FAILED" : "passed") << "    Test 4" << std::endl;
+	std::cout << (fail ? "FAILED" : "passed") << "   Test 4" << std::endl;
 	pass = pass && !fail;
 
 	return pass;
@@ -2461,7 +2461,7 @@ bool ValidateBlowfish()
 		fail = fail || memcmp(outplain, plain[i], 8);
 		pass3 = pass3 && !fail;
 
-		std::cout << (fail ? "FAILED    " : "passed    ");
+		std::cout << (fail ? "FAILED   " : "passed   ");
 		std::cout << '\"' << key[i] << '\"';
 		for (int j=0; j<(signed int)(30-strlen(key[i])); j++)
 			std::cout << ' ';
@@ -2728,43 +2728,43 @@ bool ValidateBaseCode()
 	std::cout << "\nBase64, Base64URL, Base32 and Base16 coding validation suite running...\n\n";
 
 	fail = !TestFilter(HexEncoder().Ref(), data, 255, (const byte *)hexEncoded, strlen(hexEncoded));
-	std::cout << (fail ? "FAILED    " : "passed    ");
-	std::cout << "Hex Encoding\n";
+	std::cout << (fail ? "FAILED:" : "passed:");
+	std::cout << "   Hex Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder().Ref(), (const byte *)hexEncoded, strlen(hexEncoded), data, 255);
-	std::cout << (fail ? "FAILED    " : "passed    ");
-	std::cout << "Hex Decoding\n";
+	std::cout << (fail ? "FAILED:" : "passed:");
+	std::cout << "   Hex Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base32Encoder().Ref(), data, 255, (const byte *)base32Encoded, strlen(base32Encoded));
-	std::cout << (fail ? "FAILED    " : "passed    ");
-	std::cout << "Base32 Encoding\n";
+	std::cout << (fail ? "FAILED:" : "passed:");
+	std::cout << "   Base32 Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base32Decoder().Ref(), (const byte *)base32Encoded, strlen(base32Encoded), data, 255);
-	std::cout << (fail ? "FAILED    " : "passed    ");
-	std::cout << "Base32 Decoding\n";
+	std::cout << (fail ? "FAILED:" : "passed:");
+	std::cout << "   Base32 Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base64Encoder(new HexEncoder).Ref(), data, 255, (const byte *)base64AndHexEncoded, strlen(base64AndHexEncoded));
-	std::cout << (fail ? "FAILED    " : "passed    ");
-	std::cout << "Base64 Encoding\n";
+	std::cout << (fail ? "FAILED:" : "passed:");
+	std::cout << "   Base64 Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder(new Base64Decoder).Ref(), (const byte *)base64AndHexEncoded, strlen(base64AndHexEncoded), data, 255);
-	std::cout << (fail ? "FAILED    " : "passed    ");
-	std::cout << "Base64 Decoding\n";
+	std::cout << (fail ? "FAILED:" : "passed:");
+	std::cout << "   Base64 Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base64URLEncoder(new HexEncoder).Ref(), data, 255, (const byte *)base64URLAndHexEncoded, strlen(base64URLAndHexEncoded));
-	std::cout << (fail ? "FAILED    " : "passed    ");
-	std::cout << "Base64 URL Encoding\n";
+	std::cout << (fail ? "FAILED:" : "passed:");
+	std::cout << "   Base64 URL Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder(new Base64URLDecoder).Ref(), (const byte *)base64URLAndHexEncoded, strlen(base64URLAndHexEncoded), data, 255);
-	std::cout << (fail ? "FAILED    " : "passed    ");
-	std::cout << "Base64 URL Decoding\n";
+	std::cout << (fail ? "FAILED:" : "passed:");
+	std::cout << "   Base64 URL Decoding\n";
 	pass = pass && !fail;
 
 	return pass;

From bdd82d781ead91e93d3184e06f615dc80832dbb6 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 6 May 2017 18:51:55 -0400
Subject: [PATCH 089/200] Added additional tests

---
 validat1.cpp | 30 +++++++++++++++++++++++-------
 1 file changed, 23 insertions(+), 7 deletions(-)

diff --git a/validat1.cpp b/validat1.cpp
index bebeebdc..6e592142 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -2656,9 +2656,9 @@ bool ValidateSKIPJACK()
 
 bool ValidateSEAL()
 {
-	static const byte input[] = {0x37,0xa0,0x05,0x95,0x9b,0x84,0xc4,0x9c,0xa4,0xbe,0x1e,0x05,0x06,0x73,0x53,0x0f,0x5f,0xb0,0x97,0xfd,0xf6,0xa1,0x3f,0xbd,0x6c,0x2c,0xde,0xcd,0x81,0xfd,0xee,0x7c};
-	static const byte key[] = {0x67, 0x45, 0x23, 0x01, 0xef, 0xcd, 0xab, 0x89, 0x98, 0xba, 0xdc, 0xfe, 0x10, 0x32, 0x54, 0x76, 0xc3, 0xd2, 0xe1, 0xf0};
-	static const byte iv[] = {0x01, 0x35, 0x77, 0xaf};
+	const byte input[] = {0x37,0xa0,0x05,0x95,0x9b,0x84,0xc4,0x9c,0xa4,0xbe,0x1e,0x05,0x06,0x73,0x53,0x0f,0x5f,0xb0,0x97,0xfd,0xf6,0xa1,0x3f,0xbd,0x6c,0x2c,0xde,0xcd,0x81,0xfd,0xee,0x7c};
+	const byte key[] = {0x67, 0x45, 0x23, 0x01, 0xef, 0xcd, 0xab, 0x89, 0x98, 0xba, 0xdc, 0xfe, 0x10, 0x32, 0x54, 0x76, 0xc3, 0xd2, 0xe1, 0xf0};
+	const byte iv[] = {0x01, 0x35, 0x77, 0xaf};
 	byte output[32];
 
 	std::cout << "\nSEAL validation suite running...\n\n";
@@ -2689,7 +2689,7 @@ bool ValidateBaseCode()
 	for (unsigned int i=0; i<255; i++)
 		data[i] = byte(i);
 
-	static const char hexEncoded[] =
+	const char hexEncoded[] =
 		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627"
 		"28292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F"
 		"505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F7071727374757677"
@@ -2697,14 +2697,14 @@ bool ValidateBaseCode()
 		"A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7"
 		"C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEF"
 		"F0F1F2F3F4F5F6F7F8F9FAFBFCFDFE";
-	static const char base32Encoded[] =
+	const char base32Encoded[] =
 		"AAASEA2EAWDAQCAJBIFS2DIQB6IBCESVCSKTNF22DEPBYHA7D2RUAIJCENUCKJTHFAWUWK3NFWZC8NBT"
 		"GI3VIPJYG66DUQT5HS8V6R4AIFBEGTCFI3DWSUKKJPGE4VURKBIXEW4WKXMFQYC3MJPX2ZK8M7SGC2VD"
 		"NTUYN35IPFXGY5DPP3ZZA6MUQP4HK7VZRB6ZW856RX9H9AEBSKB2JBNGS8EIVCWMTUG27D6SUGJJHFEX"
 		"U4M3TGN4VQQJ5HW9WCS4FI7EWYVKRKFJXKX43MPQX82MDNXVYU45PP72ZG7MZRF7Z496BSQC2RCNMTYH"
 		"3DE6XU8N3ZHN9WGT4MJ7JXQY49NPVYY55VQ77Z9A6HTQH3HF65V8T4RK7RYQ55ZR8D29F69W8Z5RR8H3"
 		"9M7939R8";
-	static const char base64AndHexEncoded[] =
+	const char base64AndHexEncoded[] =
 		"41414543417751464267634943516F4C4441304F4478415245684D554652595847426B6147787764"
 		"486838674953496A4A43556D4A7967704B6973734C5334764D4445794D7A51310A4E6A63344F546F"
 		"375044302B50304242516B4E4552555A4853456C4B5330784E546B395155564A5456465657563168"
@@ -2714,7 +2714,7 @@ bool ValidateBaseCode()
 		"624B7A744C573274376935757275387662362F774D484377385446787366497963724C7A4D334F7A"
 		"39445230745055316462580A324E6E6132397A6433742F6734654C6A354F586D352B6A7036757673"
 		"3765377638504879382F5431397666342B6672372F50332B0A";
-	static const char base64URLAndHexEncoded[] =
+	const char base64URLAndHexEncoded[] =
 		"41414543417751464267634943516F4C4441304F4478415245684D554652595847426B6147787764"
 		"486838674953496A4A43556D4A7967704B6973734C5334764D4445794D7A51314E6A63344F546F37"
 		"5044302D50304242516B4E4552555A4853456C4B5330784E546B395155564A54564656575631685A"
@@ -2728,41 +2728,57 @@ bool ValidateBaseCode()
 	std::cout << "\nBase64, Base64URL, Base32 and Base16 coding validation suite running...\n\n";
 
 	fail = !TestFilter(HexEncoder().Ref(), data, 255, (const byte *)hexEncoded, strlen(hexEncoded));
+	try {HexEncoder().IsolatedInitialize(g_nullNameValuePairs);}
+	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "   Hex Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder().Ref(), (const byte *)hexEncoded, strlen(hexEncoded), data, 255);
+	try {HexDecoder().IsolatedInitialize(g_nullNameValuePairs);}
+	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "   Hex Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base32Encoder().Ref(), data, 255, (const byte *)base32Encoded, strlen(base32Encoded));
+	try {Base32Encoder().IsolatedInitialize(g_nullNameValuePairs);}
+	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "   Base32 Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base32Decoder().Ref(), (const byte *)base32Encoded, strlen(base32Encoded), data, 255);
+	try {Base32Decoder().IsolatedInitialize(g_nullNameValuePairs);}
+	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "   Base32 Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base64Encoder(new HexEncoder).Ref(), data, 255, (const byte *)base64AndHexEncoded, strlen(base64AndHexEncoded));
+	try {Base64Encoder().IsolatedInitialize(g_nullNameValuePairs);}
+	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "   Base64 Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder(new Base64Decoder).Ref(), (const byte *)base64AndHexEncoded, strlen(base64AndHexEncoded), data, 255);
+	try {Base64Decoder().IsolatedInitialize(g_nullNameValuePairs);}
+	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "   Base64 Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base64URLEncoder(new HexEncoder).Ref(), data, 255, (const byte *)base64URLAndHexEncoded, strlen(base64URLAndHexEncoded));
+	try {Base64URLEncoder().IsolatedInitialize(g_nullNameValuePairs);}
+	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "   Base64 URL Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder(new Base64URLDecoder).Ref(), (const byte *)base64URLAndHexEncoded, strlen(base64URLAndHexEncoded), data, 255);
+	try {Base64URLDecoder().IsolatedInitialize(g_nullNameValuePairs);}
+	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "   Base64 URL Decoding\n";
 	pass = pass && !fail;

From 14236ce94b94d14c5a3988f8b5c66d9c779db415 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 6 May 2017 19:20:57 -0400
Subject: [PATCH 090/200] Fold compressor and default encryptor tests

---
 validat0.cpp | 100 +++++++++++++++++++++------------------------------
 validat1.cpp |  27 ++++++--------
 validate.h   |   8 ++---
 3 files changed, 53 insertions(+), 82 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index a47f979f..5b239cf8 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -28,10 +28,10 @@ NAMESPACE_BEGIN(CryptoPP)
 NAMESPACE_BEGIN(Test)
 
 #if defined(CRYPTOPP_EXTENDED_VALIDATION)
-bool TestGzip()
+bool TestCompressors()
 {
-    std::cout << "\nTesting Gzip and Gunzip...\n\n";
-    bool fail = false;
+    std::cout << "\nTesting Compressors and Decompressors...\n\n";
+    bool fail1 = false, fail2 = false;
 
     try
     {
@@ -57,9 +57,11 @@ bool TestGzip()
     }
     catch(const Exception&)
     {
-        fail = true;
+        fail1 = true;
     }
 
+    // **************************************************************
+
     // Unzip random data. See if we can induce a crash
     for (unsigned int i=0; i<128; i++)
     {
@@ -84,19 +86,13 @@ bool TestGzip()
         } catch(const Exception&) {    }
     }
 
-    if (!fail)
+    if (!fail1)
        std::cout << "passed:";
     else
        std::cout << "FAILED:";
-    std::cout << "  256 zips and unzips" << std::endl;
+    std::cout << "  128 zips and unzips" << std::endl;
 
-    return !fail;
-}
-
-bool TestZinflate()
-{
-    std::cout << "\nTesting Deflate and Inflate...\n\n";
-    bool fail = false;
+    // **************************************************************
 
     try
     {
@@ -117,15 +113,17 @@ bool TestZinflate()
             try {
                 StringSource(dest.substr(0, len-2), true, new Inflator(new StringSink(rec)));
                 std::cout << "Deflate failed to detect a truncated stream\n";
-                fail = true;
+                fail2 = true;
             } catch(const Exception& ex) { }
         }
     }
     catch(const Exception&)
     {
-        fail = true;
+        fail2 = true;
     }
 
+    // **************************************************************
+
     for (unsigned int i=0; i<128; i++)
     {
         // See if we can induce a crash
@@ -164,20 +162,20 @@ bool TestZinflate()
         } catch(const Exception&) {    }
     }
 
-    if (!fail)
+    if (!fail2)
        std::cout << "passed:";
     else
        std::cout << "FAILED:";
-    std::cout << "  256 deflates and inflates\n";
+    std::cout << "  128 deflates and inflates\n";
 
     std::cout.flush();
-    return !fail;
+    return !fail1 && !fail2;
 }
 
-bool TestDefaultEncryptor()
+bool TestEncryptors()
 {
-    std::cout << "\nTesting DefaultEncryptor...\n\n";
-    bool fail = false;
+    std::cout << "\nTesting Default Encryptors and Decryptors...\n\n";
+    bool fail1 = false, fail2 = false, fail3 = false, fail4 = false;
 
     try
     {
@@ -201,22 +199,16 @@ bool TestDefaultEncryptor()
     }
     catch(const Exception&)
     {
-        fail = true;
+        fail1 = true;
     }
 
-    if (!fail)
+    if (!fail1)
        std::cout << "passed:";
     else
        std::cout << "FAILED:";
     std::cout << "  128 default encryptions and decryptions" << std::endl;
 
-    return !fail;
-}
-
-bool TestDefaultEncryptorWithMAC()
-{
-    std::cout << "\nTesting DefaultEncryptorWithMAC...\n\n";
-    bool fail = false;
+    // **************************************************************
 
     try
     {
@@ -241,14 +233,14 @@ bool TestDefaultEncryptorWithMAC()
             try {
                 StringSource(dest.substr(0, len-2), true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a truncated stream\n";
-                fail = true;
+                fail2 = true;
             } catch(const Exception& ex) { }
             try {
                 // tamper salt
                 dest[DefaultDecryptorWithMAC::SALTLENGTH/2] ^= 0x01;
                 StringSource(dest, true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a tampered salt\n";
-                fail = true;
+                fail2 = true;
             } catch(const Exception& ex) { }
             try {
                 // undo previous tamper
@@ -257,7 +249,7 @@ bool TestDefaultEncryptorWithMAC()
                 dest[DefaultDecryptorWithMAC::SALTLENGTH+DefaultDecryptorWithMAC::KEYLENGTH/2] ^= 0x01;
                 StringSource(dest, true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a tampered keycheck\n";
-                fail = true;
+                fail2 = true;
             } catch(const Exception& ex) { }
             try {
                 // undo previous tamper
@@ -266,28 +258,22 @@ bool TestDefaultEncryptorWithMAC()
                 dest[dest.length()-2] ^= 0x01;
                 StringSource(dest, true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a tampered data\n";
-                fail = true;
+                fail2 = true;
             } catch(const Exception& ex) { }
         }
     }
     catch(const Exception&)
     {
-        fail = true;
+        fail2 = true;
     }
 
-    if (!fail)
+    if (!fail2)
        std::cout << "passed:";
     else
        std::cout << "FAILED:";
-    std::cout << "  256 default encryptions and decryptions with MAC" << std::endl;
+    std::cout << "  128 default encryptions and decryptions with MAC" << std::endl;
 
-    return !fail;
-}
-
-bool TestLegacyEncryptor()
-{
-    std::cout << "\nTesting LegacyEncryptor...\n\n";
-    bool fail = false;
+    // **************************************************************
 
     try
     {
@@ -311,22 +297,16 @@ bool TestLegacyEncryptor()
     }
     catch(const Exception&)
     {
-        fail = true;
+        fail3 = true;
     }
 
-    if (!fail)
+    if (!fail3)
        std::cout << "passed:";
     else
        std::cout << "FAILED:";
     std::cout << "  128 legacy encryptions and decryptions" << std::endl;
 
-    return !fail;
-}
-
-bool TestLegacyEncryptorWithMAC()
-{
-    std::cout << "\nTesting LegacyEncryptorWithMAC...\n\n";
-    bool fail = false;
+    // **************************************************************
 
     try
     {
@@ -351,14 +331,14 @@ bool TestLegacyEncryptorWithMAC()
             try {
                 StringSource(dest.substr(0, len-2), true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a truncated stream\n";
-                fail = true;
+                fail4 = true;
             } catch(const Exception& ex) { }
             try {
                 // tamper salt
                 dest[LegacyEncryptorWithMAC::SALTLENGTH/2] ^= 0x01;
                 StringSource(dest, true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a tampered salt\n";
-                fail = true;
+                fail4 = true;
             } catch(const Exception& ex) { }
             try {
                 // undo previous tamper
@@ -367,7 +347,7 @@ bool TestLegacyEncryptorWithMAC()
                 dest[LegacyEncryptorWithMAC::SALTLENGTH+LegacyEncryptorWithMAC::KEYLENGTH/2] ^= 0x01;
                 StringSource(dest, true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a tampered keycheck\n";
-                fail = true;
+                fail4 = true;
             } catch(const Exception& ex) { }
             try {
                 // undo previous tamper
@@ -376,22 +356,22 @@ bool TestLegacyEncryptorWithMAC()
                 dest[dest.length()-2] ^= 0x01;
                 StringSource(dest, true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a tampered data\n";
-                fail = true;
+                fail4 = true;
             } catch(const Exception& ex) { }
         }
     }
     catch(const Exception&)
     {
-        fail = true;
+        fail4 = true;
     }
 
-    if (!fail)
+    if (!fail4)
        std::cout << "passed:";
     else
        std::cout << "FAILED:";
     std::cout << "  128 legacy encryptions and decryptions with MAC" << std::endl;
 
-    return !fail;
+    return !fail1 && !fail2 && !fail3 && !fail4;
 }
 
 bool TestRounding()
diff --git a/validat1.cpp b/validat1.cpp
index 6e592142..16c5d83b 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -94,15 +94,10 @@ bool ValidateAll(bool thorough)
 	pass=TestHuffmanCodes() && pass;
 	// http://github.com/weidai11/cryptopp/issues/346
 	pass=TestASN1Parse() && pass;
-	// Enable during debug for code coverage
-	pass=ValidateBaseCode() && pass;
 	// Additional tests due to no coverage
-	pass=TestGzip() && pass;
-	pass=TestZinflate() && pass;
-	pass=TestDefaultEncryptor() && pass;
-	pass=TestDefaultEncryptorWithMAC() && pass;
-	pass=TestLegacyEncryptor() && pass;
-	pass=TestLegacyEncryptorWithMAC() && pass;
+	pass=ValidateBaseCode() && pass;
+	pass=TestCompressors() && pass;
+	pass=TestEncryptors() && pass;
 #endif
 
 	pass=ValidateCRC32() && pass;
@@ -2731,56 +2726,56 @@ bool ValidateBaseCode()
 	try {HexEncoder().IsolatedInitialize(g_nullNameValuePairs);}
 	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
-	std::cout << "   Hex Encoding\n";
+	std::cout << "  Hex Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder().Ref(), (const byte *)hexEncoded, strlen(hexEncoded), data, 255);
 	try {HexDecoder().IsolatedInitialize(g_nullNameValuePairs);}
 	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
-	std::cout << "   Hex Decoding\n";
+	std::cout << "  Hex Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base32Encoder().Ref(), data, 255, (const byte *)base32Encoded, strlen(base32Encoded));
 	try {Base32Encoder().IsolatedInitialize(g_nullNameValuePairs);}
 	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
-	std::cout << "   Base32 Encoding\n";
+	std::cout << "  Base32 Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base32Decoder().Ref(), (const byte *)base32Encoded, strlen(base32Encoded), data, 255);
 	try {Base32Decoder().IsolatedInitialize(g_nullNameValuePairs);}
 	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
-	std::cout << "   Base32 Decoding\n";
+	std::cout << "  Base32 Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base64Encoder(new HexEncoder).Ref(), data, 255, (const byte *)base64AndHexEncoded, strlen(base64AndHexEncoded));
 	try {Base64Encoder().IsolatedInitialize(g_nullNameValuePairs);}
 	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
-	std::cout << "   Base64 Encoding\n";
+	std::cout << "  Base64 Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder(new Base64Decoder).Ref(), (const byte *)base64AndHexEncoded, strlen(base64AndHexEncoded), data, 255);
 	try {Base64Decoder().IsolatedInitialize(g_nullNameValuePairs);}
 	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
-	std::cout << "   Base64 Decoding\n";
+	std::cout << "  Base64 Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base64URLEncoder(new HexEncoder).Ref(), data, 255, (const byte *)base64URLAndHexEncoded, strlen(base64URLAndHexEncoded));
 	try {Base64URLEncoder().IsolatedInitialize(g_nullNameValuePairs);}
 	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
-	std::cout << "   Base64 URL Encoding\n";
+	std::cout << "  Base64 URL Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder(new Base64URLDecoder).Ref(), (const byte *)base64URLAndHexEncoded, strlen(base64URLAndHexEncoded), data, 255);
 	try {Base64URLDecoder().IsolatedInitialize(g_nullNameValuePairs);}
 	catch(const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
-	std::cout << "   Base64 URL Decoding\n";
+	std::cout << "  Base64 URL Decoding\n";
 	pass = pass && !fail;
 
 	return pass;
diff --git a/validate.h b/validate.h
index ebf21830..1e2f33cd 100644
--- a/validate.h
+++ b/validate.h
@@ -126,13 +126,9 @@ bool TestHuffmanCodes();
 // http://github.com/weidai11/cryptopp/issues/346
 bool TestASN1Parse();
 // Additional tests due to no coverage
-bool TestGzip();
-bool TestZinflate();
+bool TestCompressors();
+bool TestEncryptors();
 bool TestMersenne();
-bool TestDefaultEncryptor();
-bool TestDefaultEncryptorWithMAC();
-bool TestLegacyEncryptor();
-bool TestLegacyEncryptorWithMAC();
 #endif
 
 #if 1

From 9cf9f4235d524268ef73e89b546765d0c8f2e489 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 6 May 2017 20:14:26 -0400
Subject: [PATCH 091/200] Add timing attack countermeasures to Kalyna (Issue
 411) The code at check-in a5c67cfdd6ad7eeb did not include it. Unlike
 Threefish, it looks like Kalyna could benefit from the cache hardening given
 how similar Kalyna is to AES. The hardening costs less than 0.1 cpb, which
 equates to about 199 MB/s vs 201 MB/s on a 6th gen Skylake

---
 kalyna.cpp | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/kalyna.cpp b/kalyna.cpp
index ad0ccd41..98de35c9 100644
--- a/kalyna.cpp
+++ b/kalyna.cpp
@@ -1227,6 +1227,15 @@ void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const N
 
 void Kalyna::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
+	// Timing attack countermeasure. see comments in Rijndael for more details
+	const int cacheLineSize = GetCacheLineSize();
+	volatile word32 _u = 0;
+	word32 u = _u;
+
+	for (unsigned int i=0; i<COUNTOF(KalynaTab::S); i+=cacheLineSize)
+		u &= *reinterpret_cast<const word32*>(KalynaTab::S+i);
+	m_wspace[0] = u;
+
     switch ((m_nb << 8) | m_nk)
     {
     case (2 << 8) | 2:

From c62e1ade6ed1e0f6d739dbe6a59f08975c88a60b Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 6 May 2017 22:54:49 -0400
Subject: [PATCH 092/200] Add Makefile recipe for Valgrind builds

---
 GNUmakefile | 16 ++++++++++++++++
 validate.h  |  2 +-
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/GNUmakefile b/GNUmakefile
index cc1d466c..f4c10715 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -444,6 +444,17 @@ CXXFLAGS += -coverage
 endif # -coverage
 endif # GCC code coverage
 
+# Valgrind testing. Issue 'make valgrind'.
+ifneq ($(filter valgrind,$(MAKECMDGOALS)),)
+# Tune flags; see http://valgrind.org/docs/manual/quick-start.html
+CXXFLAGS := $(CXXFLAGS:-g%=-g3)
+CXXFLAGS := $(CXXFLAGS:-O%=-O1)
+CXXFLAGS := $(CXXFLAGS:-xO%=-xO1)
+ifeq ($(findstring -DCRYPTOPP_VALGRIND,$(CXXFLAGS)),)
+CXXFLAGS += -DCRYPTOPP_VALGRIND
+endif # -DCRYPTOPP_VALGRIND
+endif # Valgrind
+
 # Debug testing on GNU systems. Triggered by -DDEBUG.
 #   Newlib test due to http://sourceware.org/bugzilla/show_bug.cgi?id=20268
 ifneq ($(filter -DDEBUG -DDEBUG=1,$(CXXFLAGS)),)
@@ -580,6 +591,11 @@ coverage: libcryptopp.a cryptest.exe
 	lcov --remove cryptest.info "adhoc.cpp" "wait.*" "network.*" "socketft.*" "fips140.*" "*test.*" "bench*.cpp" "validat*.*" "/usr/*" -o cryptest.info
 	genhtml -o ./TestCoverage/ -t "cryptest.exe test coverage" --num-spaces 4 cryptest.info
 
+# SHould use CXXFLAGS="-g3 -O1"
+.PHONY: valgrind
+valgrind: libcryptopp.a cryptest.exe
+	valgrind ./cryptest.exe v
+
 .PHONY: test check
 test check: cryptest.exe
 	./cryptest.exe v
diff --git a/validate.h b/validate.h
index 1e2f33cd..ed9d98f7 100644
--- a/validate.h
+++ b/validate.h
@@ -108,7 +108,7 @@ bool ValidateHashDRBG();
 bool ValidateHmacDRBG();
 
 // If CRYPTOPP_DEBUG or CRYPTOPP_COVERAGE is in effect, then perform additional tests
-#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE)) && !defined(CRYPTOPP_IMPORTS)
+#if (defined(CRYPTOPP_DEBUG) || defined(CRYPTOPP_COVERAGE) || defined(CRYPTOPP_VALGRIND)) && !defined(CRYPTOPP_IMPORTS)
 # define CRYPTOPP_EXTENDED_VALIDATION 1
 #endif
 

From c35e616cbf4e1b391fbe30668c29bf0ab5ccdd50 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 6 May 2017 23:59:17 -0400
Subject: [PATCH 093/200] Make make_odd_key_NNN a template function

---
 kalyna.cpp    | 102 ++++++++++++++++++++++----------------------------
 kalyna.h      |   1 +
 kalynatab.cpp |   2 +-
 3 files changed, 46 insertions(+), 59 deletions(-)

diff --git a/kalyna.cpp b/kalyna.cpp
index 98de35c9..355b84ae 100644
--- a/kalyna.cpp
+++ b/kalyna.cpp
@@ -362,31 +362,17 @@ inline void G512(const word64 x[8], word64 y[8], const word64 k[8])
         T[4][(byte)(x[3] >> 32)] ^ T[5][(byte)(x[2] >> 40)] ^ T[6][(byte)(x[1] >> 48)] ^ T[7][(byte)(x[0] >> 56)];
 }
 
-inline void make_odd_key128(const word64 evenkey[2], word64 oddkey[2])
+template <unsigned int NB>
+inline void MakeOddKey(const word64 evenkey[NB], word64 oddkey[NB])
 {
+	static const unsigned int S = (NB == 2) ? 16 : (NB == 4) ? 32 : (NB == 8) ? 64 : -1;
+	static const unsigned int T = (NB == 2) ?  7 : (NB == 4) ? 11 : (NB == 8) ? 19 : -1;
+
     const byte* even = reinterpret_cast<const byte*>(evenkey);
     byte* odd = reinterpret_cast<byte*>(oddkey);
 
-    memcpy(odd, even + 7, 16 - 7);
-    memcpy(odd + 16 - 7, even, 7);
-}
-
-inline void make_odd_key256(const word64 evenkey[4], word64 oddkey[4])
-{
-    const byte* even = reinterpret_cast<const byte*>(evenkey);
-    byte* odd = reinterpret_cast<byte*>(oddkey);
-
-    memcpy(odd, even + 11, 32 - 11);
-    memcpy(odd + 32 - 11, even, 11);
-}
-
-inline void make_odd_key(const word64 evenkey[8], word64 oddkey[8])
-{
-    const byte* even = reinterpret_cast<const byte*>(evenkey);
-    byte* odd = reinterpret_cast<byte*>(oddkey);
-
-    memcpy(odd, even + 19, 64 - 19);
-    memcpy(odd + 64 - 19, even, 19);
+    memcpy(odd, even + T, S - T);
+    memcpy(odd + S - T, even, T);
 }
 
 ANONYMOUS_NAMESPACE_END
@@ -419,7 +405,7 @@ void Kalyna::Base::SetKey_22(const word64 key[2])
     AddKey<2>(k, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[0], ksc);
-    make_odd_key128(&m_rkeys[0], &m_rkeys[2]);
+    MakeOddKey<2>(&m_rkeys[0], &m_rkeys[2]);
 
     // round 2
     constant <<= 1;
@@ -427,7 +413,7 @@ void Kalyna::Base::SetKey_22(const word64 key[2])
     AddKey<2>(kswapped, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[4], ksc);
-    make_odd_key128(&m_rkeys[4], &m_rkeys[6]);
+    MakeOddKey<2>(&m_rkeys[4], &m_rkeys[6]);
 
     // round 4
     constant <<= 1;
@@ -435,7 +421,7 @@ void Kalyna::Base::SetKey_22(const word64 key[2])
     AddKey<2>(k, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[8], ksc);
-    make_odd_key128(&m_rkeys[8], &m_rkeys[10]);
+    MakeOddKey<2>(&m_rkeys[8], &m_rkeys[10]);
 
     // round 6
     constant <<= 1;
@@ -443,7 +429,7 @@ void Kalyna::Base::SetKey_22(const word64 key[2])
     AddKey<2>(kswapped, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[12], ksc);
-    make_odd_key128(&m_rkeys[12], &m_rkeys[14]);
+    MakeOddKey<2>(&m_rkeys[12], &m_rkeys[14]);
 
     // round 8
     constant <<= 1;
@@ -451,7 +437,7 @@ void Kalyna::Base::SetKey_22(const word64 key[2])
     AddKey<2>(k, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[16], ksc);
-    make_odd_key128(&m_rkeys[16], &m_rkeys[18]);
+    MakeOddKey<2>(&m_rkeys[16], &m_rkeys[18]);
 
     // round 10
     constant <<= 1;
@@ -493,7 +479,7 @@ void Kalyna::Base::SetKey_24(const word64 key[4])
     AddKey<2>(k, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[0], ksc);
-    make_odd_key128(&m_rkeys[0], &m_rkeys[2]);
+    MakeOddKey<2>(&m_rkeys[0], &m_rkeys[2]);
 
     // round 2
     constant <<= 1;
@@ -501,7 +487,7 @@ void Kalyna::Base::SetKey_24(const word64 key[4])
     AddKey<2>(k + 2, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[4], ksc);
-    make_odd_key128(&m_rkeys[4], &m_rkeys[6]);
+    MakeOddKey<2>(&m_rkeys[4], &m_rkeys[6]);
 
     // round 4
     SwapBlocks<4>(k);
@@ -510,7 +496,7 @@ void Kalyna::Base::SetKey_24(const word64 key[4])
     AddKey<2>(k, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[8], ksc);
-    make_odd_key128(&m_rkeys[8], &m_rkeys[10]);
+    MakeOddKey<2>(&m_rkeys[8], &m_rkeys[10]);
 
     // round 6
     constant <<= 1;
@@ -518,7 +504,7 @@ void Kalyna::Base::SetKey_24(const word64 key[4])
     AddKey<2>(k + 2, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[12], ksc);
-    make_odd_key128(&m_rkeys[12], &m_rkeys[14]);
+    MakeOddKey<2>(&m_rkeys[12], &m_rkeys[14]);
 
     // round 8
     SwapBlocks<4>(k);
@@ -527,7 +513,7 @@ void Kalyna::Base::SetKey_24(const word64 key[4])
     AddKey<2>(k, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[16], ksc);
-    make_odd_key128(&m_rkeys[16], &m_rkeys[18]);
+    MakeOddKey<2>(&m_rkeys[16], &m_rkeys[18]);
 
     // round 10
     constant <<= 1;
@@ -535,7 +521,7 @@ void Kalyna::Base::SetKey_24(const word64 key[4])
     AddKey<2>(k + 2, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[20], ksc);
-    make_odd_key128(&m_rkeys[20], &m_rkeys[22]);
+    MakeOddKey<2>(&m_rkeys[20], &m_rkeys[22]);
 
     // round 12
     SwapBlocks<4>(k);
@@ -544,7 +530,7 @@ void Kalyna::Base::SetKey_24(const word64 key[4])
     AddKey<2>(k, t2, ksc);
     G128(t2, t1, ksc);
     GL128(t1, &m_rkeys[24], ksc);
-    make_odd_key128(&m_rkeys[24], &m_rkeys[26]);
+    MakeOddKey<2>(&m_rkeys[24], &m_rkeys[26]);
 
     // round 14
     constant <<= 1;
@@ -592,7 +578,7 @@ void Kalyna::Base::SetKey_44(const word64 key[4])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[0], ksc);
-    make_odd_key256(&m_rkeys[0], &m_rkeys[4]);
+    MakeOddKey<4>(&m_rkeys[0], &m_rkeys[4]);
 
     // round 2
     SwapBlocks<4>(k);
@@ -601,7 +587,7 @@ void Kalyna::Base::SetKey_44(const word64 key[4])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[8], ksc);
-    make_odd_key256(&m_rkeys[8], &m_rkeys[12]);
+    MakeOddKey<4>(&m_rkeys[8], &m_rkeys[12]);
 
     // round 4
     SwapBlocks<4>(k);
@@ -610,7 +596,7 @@ void Kalyna::Base::SetKey_44(const word64 key[4])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[16], ksc);
-    make_odd_key256(&m_rkeys[16], &m_rkeys[20]);
+    MakeOddKey<4>(&m_rkeys[16], &m_rkeys[20]);
 
     // round 6
     SwapBlocks<4>(k);
@@ -619,7 +605,7 @@ void Kalyna::Base::SetKey_44(const word64 key[4])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[24], ksc);
-    make_odd_key256(&m_rkeys[24], &m_rkeys[28]);
+    MakeOddKey<4>(&m_rkeys[24], &m_rkeys[28]);
 
     // round 8
     SwapBlocks<4>(k);
@@ -628,7 +614,7 @@ void Kalyna::Base::SetKey_44(const word64 key[4])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[32], ksc);
-    make_odd_key256(&m_rkeys[32], &m_rkeys[36]);
+    MakeOddKey<4>(&m_rkeys[32], &m_rkeys[36]);
 
     // round 10
     SwapBlocks<4>(k);
@@ -637,7 +623,7 @@ void Kalyna::Base::SetKey_44(const word64 key[4])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[40], ksc);
-    make_odd_key256(&m_rkeys[40], &m_rkeys[44]);
+    MakeOddKey<4>(&m_rkeys[40], &m_rkeys[44]);
 
     // round 12
     SwapBlocks<4>(k);
@@ -646,7 +632,7 @@ void Kalyna::Base::SetKey_44(const word64 key[4])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[48], ksc);
-    make_odd_key256(&m_rkeys[48], &m_rkeys[52]);
+    MakeOddKey<4>(&m_rkeys[48], &m_rkeys[52]);
 
     // round 14
     SwapBlocks<4>(k);
@@ -697,7 +683,7 @@ void Kalyna::Base::SetKey_48(const word64 key[8])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[0], ksc);
-    make_odd_key256(&m_rkeys[0], &m_rkeys[4]);
+    MakeOddKey<4>(&m_rkeys[0], &m_rkeys[4]);
 
     // round 2
     constant <<= 1;
@@ -705,7 +691,7 @@ void Kalyna::Base::SetKey_48(const word64 key[8])
     AddKey<4>(k+4, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[8], ksc);
-    make_odd_key256(&m_rkeys[8], &m_rkeys[12]);
+    MakeOddKey<4>(&m_rkeys[8], &m_rkeys[12]);
 
     // round 4
     SwapBlocks<8>(k);
@@ -714,7 +700,7 @@ void Kalyna::Base::SetKey_48(const word64 key[8])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[16], ksc);
-    make_odd_key256(&m_rkeys[16], &m_rkeys[20]);
+    MakeOddKey<4>(&m_rkeys[16], &m_rkeys[20]);
 
     // round 6
     constant <<= 1;
@@ -722,7 +708,7 @@ void Kalyna::Base::SetKey_48(const word64 key[8])
     AddKey<4>(k+4, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[24], ksc);
-    make_odd_key256(&m_rkeys[24], &m_rkeys[28]);
+    MakeOddKey<4>(&m_rkeys[24], &m_rkeys[28]);
 
     // round 8
     SwapBlocks<8>(k);
@@ -731,7 +717,7 @@ void Kalyna::Base::SetKey_48(const word64 key[8])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[32], ksc);
-    make_odd_key256(&m_rkeys[32], &m_rkeys[36]);
+    MakeOddKey<4>(&m_rkeys[32], &m_rkeys[36]);
 
     // round 10
     constant <<= 1;
@@ -739,7 +725,7 @@ void Kalyna::Base::SetKey_48(const word64 key[8])
     AddKey<4>(k+4, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[40], ksc);
-    make_odd_key256(&m_rkeys[40], &m_rkeys[44]);
+    MakeOddKey<4>(&m_rkeys[40], &m_rkeys[44]);
 
     // round 12
     SwapBlocks<8>(k);
@@ -748,7 +734,7 @@ void Kalyna::Base::SetKey_48(const word64 key[8])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[48], ksc);
-    make_odd_key256(&m_rkeys[48], &m_rkeys[52]);
+    MakeOddKey<4>(&m_rkeys[48], &m_rkeys[52]);
 
     // round 14
     constant <<= 1;
@@ -756,7 +742,7 @@ void Kalyna::Base::SetKey_48(const word64 key[8])
     AddKey<4>(k+4, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[56], ksc);
-    make_odd_key256(&m_rkeys[56], &m_rkeys[60]);
+    MakeOddKey<4>(&m_rkeys[56], &m_rkeys[60]);
 
     // round 16
     SwapBlocks<8>(k);
@@ -765,7 +751,7 @@ void Kalyna::Base::SetKey_48(const word64 key[8])
     AddKey<4>(k, t2, ksc);
     G256(t2, t1, ksc);
     GL256(t1, &m_rkeys[64], ksc);
-    make_odd_key256(&m_rkeys[64], &m_rkeys[68]);
+    MakeOddKey<4>(&m_rkeys[64], &m_rkeys[68]);
 
     // round 18
     constant <<= 1;
@@ -817,7 +803,7 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
     AddKey<8>(k, t2, ksc);
     G512(t2, t1, ksc);
     GL512(t1, &m_rkeys[0], ksc);
-    make_odd_key(&m_rkeys[0], &m_rkeys[8]);
+    MakeOddKey<8>(&m_rkeys[0], &m_rkeys[8]);
 
     // round 2
     SwapBlocks<8>(k);
@@ -826,7 +812,7 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
     AddKey<8>(k, t2, ksc);
     G512(t2, t1, ksc);
     GL512(t1, &m_rkeys[16], ksc);
-    make_odd_key(&m_rkeys[16], &m_rkeys[24]);
+    MakeOddKey<8>(&m_rkeys[16], &m_rkeys[24]);
 
     // round 4
     SwapBlocks<8>(k);
@@ -835,7 +821,7 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
     AddKey<8>(k, t2, ksc);
     G512(t2, t1, ksc);
     GL512(t1, &m_rkeys[32], ksc);
-    make_odd_key(&m_rkeys[32], &m_rkeys[40]);
+    MakeOddKey<8>(&m_rkeys[32], &m_rkeys[40]);
 
     // round 6
     SwapBlocks<8>(k);
@@ -844,7 +830,7 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
     AddKey<8>(k, t2, ksc);
     G512(t2, t1, ksc);
     GL512(t1, &m_rkeys[48], ksc);
-    make_odd_key(&m_rkeys[48], &m_rkeys[56]);
+    MakeOddKey<8>(&m_rkeys[48], &m_rkeys[56]);
 
     // round 8
     SwapBlocks<8>(k);
@@ -853,7 +839,7 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
     AddKey<8>(k, t2, ksc);
     G512(t2, t1, ksc);
     GL512(t1, &m_rkeys[64], ksc);
-    make_odd_key(&m_rkeys[64], &m_rkeys[72]);
+    MakeOddKey<8>(&m_rkeys[64], &m_rkeys[72]);
 
     // round 10
     SwapBlocks<8>(k);
@@ -862,7 +848,7 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
     AddKey<8>(k, t2, ksc);
     G512(t2, t1, ksc);
     GL512(t1, &m_rkeys[80], ksc);
-    make_odd_key(&m_rkeys[80], &m_rkeys[88]);
+    MakeOddKey<8>(&m_rkeys[80], &m_rkeys[88]);
 
     // round 12
     SwapBlocks<8>(k);
@@ -871,7 +857,7 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
     AddKey<8>(k, t2, ksc);
     G512(t2, t1, ksc);
     GL512(t1, &m_rkeys[96], ksc);
-    make_odd_key(&m_rkeys[96], &m_rkeys[104]);
+    MakeOddKey<8>(&m_rkeys[96], &m_rkeys[104]);
 
     // round 14
     SwapBlocks<8>(k);
@@ -880,7 +866,7 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
     AddKey<8>(k, t2, ksc);
     G512(t2, t1, ksc);
     GL512(t1, &m_rkeys[112], ksc);
-    make_odd_key(&m_rkeys[112], &m_rkeys[120]);
+    MakeOddKey<8>(&m_rkeys[112], &m_rkeys[120]);
 
     // round 16
     SwapBlocks<8>(k);
@@ -889,7 +875,7 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
     AddKey<8>(k, t2, ksc);
     G512(t2, t1, ksc);
     GL512(t1, &m_rkeys[128], ksc);
-    make_odd_key(&m_rkeys[128], &m_rkeys[136]);
+    MakeOddKey<8>(&m_rkeys[128], &m_rkeys[136]);
 
     // round 18
     SwapBlocks<8>(k);
diff --git a/kalyna.h b/kalyna.h
index 006dbe7e..f1f74d02 100644
--- a/kalyna.h
+++ b/kalyna.h
@@ -1,4 +1,5 @@
 // kalyna.h - written and placed in the public domain by Jeffrey Walton
+//            Based on public domain code by Keru Kuro.
 
 //! \file kalyna.h
 //! \brief Classes for the Kalyna block cipher
diff --git a/kalynatab.cpp b/kalynatab.cpp
index 0b777f51..49f495f1 100644
--- a/kalynatab.cpp
+++ b/kalynatab.cpp
@@ -945,7 +945,7 @@ const word64 IT[8][256] =
     },
     {
         0x352b557f679cc74f, 0x3e9424bf376719b2, 0x5deb7e0dcc14a992, 0xb3e20c56b07e6c87,
-            0x83b3886aa17dbce1, 0x3d496b75ee12145e, 0xae3e9f0b406e139d, 0x8a9a7826942b9f5f,
+        0x83b3886aa17dbce1, 0x3d496b75ee12145e, 0xae3e9f0b406e139d, 0x8a9a7826942b9f5f,
         0x845fd8a5b24f568b, 0x5a072ec2df2643f8, 0xf3d5e1068c7aba0f, 0x7ea3c9ef0b63cf3a,
         0x923c3a3812a4f76c, 0x3fdfeaf98bbfe91d, 0xd340192e9278d14b, 0x04311f05ca47e786,
         0xcc0a0bff07c55312, 0xff86c009cfb38e98, 0xade3d0c1991b1e71, 0xfc5b8fc316c68374,

From 1d7dfc69274d1d4c12ea5a373f90b2c3c6f97f52 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 8 May 2017 01:59:37 -0400
Subject: [PATCH 094/200] Port Kalyna to big-endian (Issue 411) Tested on
 GCC110 from the GCC compile farm. Performance is comparable to AES on GCC110.

---
 kalyna.cpp | 207 +++++++++++++++++++++++++++++++++++++++++------------
 kalyna.h   |   6 +-
 2 files changed, 163 insertions(+), 50 deletions(-)

diff --git a/kalyna.cpp b/kalyna.cpp
index 355b84ae..1bc833cf 100644
--- a/kalyna.cpp
+++ b/kalyna.cpp
@@ -4,9 +4,10 @@
 //              Standard of Ukraine: The Kalyna Block Cipher" (http://eprint.iacr.org/2015/650.pdf). Second
 //              was Roman Oliynykov and Oleksandr Kazymyrov's GitHub with the reference implementation
 //              (http://github.com/Roman-Oliynykov/Kalyna-reference). The third and most utilized resource
-//              was Keru Kuro's implementation of Kalyna in CppCrypto (http://sourceforge.net/projects/cppcrypto/).
-//              Kuro has an outstanding implementation that performed better than the reference implementation
-//              and out intial attempts.
+//              was Keru Kuro's public domain implementation of Kalyna in CppCrypto
+//              (http://sourceforge.net/projects/cppcrypto/). Kuro has an outstanding implementation that
+//              performed better than the reference implementation and out intial attempts. The only downside
+//              was the missing big endian port.
 
 #include "pch.h"
 #include "config.h"
@@ -20,7 +21,7 @@ NAMESPACE_BEGIN(CryptoPP)
 NAMESPACE_BEGIN(KalynaTab)
 
 // T can be shared between Kupyna and Kalyna; IT, S and IS are Kalyna specific
-extern const word64 T[8][256];  // Substitution
+extern const word64 T[8][256];  // Columns
 extern const word64 IT[8][256]; // Inverse
 extern const byte S[4][256];    // Substitution
 extern const byte IS[4][256];   // Inverse
@@ -31,10 +32,54 @@ NAMESPACE_END
 ANONYMOUS_NAMESPACE_BEGIN
 
 using CryptoPP::word64;
-using CryptoPP::KalynaTab::S;
 using CryptoPP::KalynaTab::T;
-using CryptoPP::KalynaTab::IS;
+using CryptoPP::KalynaTab::S;
 using CryptoPP::KalynaTab::IT;
+using CryptoPP::KalynaTab::IS;
+
+template <unsigned int NB>
+inline void MakeOddKey(const word64 evenkey[NB], word64 oddkey[NB])
+{
+#if defined(IS_BIG_ENDIAN)
+    if (NB == 2)
+    {
+        oddkey[0] = (evenkey[1] << 8) | (evenkey[0] >> 56);
+        oddkey[1] = (evenkey[0] << 8) | (evenkey[1] >> 56);
+    }
+    else if (NB == 4)
+    {
+        oddkey[0] = (evenkey[2] << 40) | (evenkey[1] >> 24);
+        oddkey[1] = (evenkey[3] << 40) | (evenkey[2] >> 24);
+        oddkey[2] = (evenkey[0] << 40) | (evenkey[3] >> 24);
+        oddkey[3] = (evenkey[1] << 40) | (evenkey[0] >> 24);
+    }
+    else if (NB == 8)
+    {
+        oddkey[0] = (evenkey[3] << 40) | (evenkey[2] >> 24);
+        oddkey[1] = (evenkey[4] << 40) | (evenkey[3] >> 24);
+        oddkey[2] = (evenkey[5] << 40) | (evenkey[4] >> 24);
+        oddkey[3] = (evenkey[6] << 40) | (evenkey[5] >> 24);
+
+        oddkey[4] = (evenkey[7] << 40) | (evenkey[6] >> 24);
+        oddkey[5] = (evenkey[0] << 40) | (evenkey[7] >> 24);
+        oddkey[6] = (evenkey[1] << 40) | (evenkey[0] >> 24);
+        oddkey[7] = (evenkey[2] << 40) | (evenkey[1] >> 24);
+    }
+    else
+    {
+        CRYPTOPP_ASSERT(0);
+    }
+#else
+    static const unsigned int S = (NB == 2) ? 16 : (NB == 4) ? 32 : (NB == 8) ? 64 : -1;
+    static const unsigned int T = (NB == 2) ?  7 : (NB == 4) ? 11 : (NB == 8) ? 19 : -1;
+
+    const byte* even = reinterpret_cast<const byte*>(evenkey);
+    byte* odd = reinterpret_cast<byte*>(oddkey);
+
+    memcpy(odd, even + T, S - T);
+    memcpy(odd + S - T, even, T);
+#endif
+}
 
 template <unsigned int NB>
 inline void SwapBlocks(word64 k[NB])
@@ -362,19 +407,6 @@ inline void G512(const word64 x[8], word64 y[8], const word64 k[8])
         T[4][(byte)(x[3] >> 32)] ^ T[5][(byte)(x[2] >> 40)] ^ T[6][(byte)(x[1] >> 48)] ^ T[7][(byte)(x[0] >> 56)];
 }
 
-template <unsigned int NB>
-inline void MakeOddKey(const word64 evenkey[NB], word64 oddkey[NB])
-{
-	static const unsigned int S = (NB == 2) ? 16 : (NB == 4) ? 32 : (NB == 8) ? 64 : -1;
-	static const unsigned int T = (NB == 2) ?  7 : (NB == 4) ? 11 : (NB == 8) ? 19 : -1;
-
-    const byte* even = reinterpret_cast<const byte*>(evenkey);
-    byte* odd = reinterpret_cast<byte*>(oddkey);
-
-    memcpy(odd, even + T, S - T);
-    memcpy(odd + S - T, even, T);
-}
-
 ANONYMOUS_NAMESPACE_END
 
 NAMESPACE_BEGIN(CryptoPP)
@@ -562,7 +594,7 @@ void Kalyna::Base::SetKey_44(const word64 key[4])
     word64 *ks = m_wspace+0, *ksc = m_wspace+4, *t1 = m_wspace+8;
     word64 *t2 = m_wspace+12, *k = m_wspace+16;
 
-    memset(t1, 0, 4*8);
+    memset(t1, 0, 32);
     t1[0] = (256 + 256 + 64) / 64;
 
     AddKey<4>(t1, t2, key);
@@ -904,7 +936,18 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
 
 void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2]) const
 {
-    word64 *t1 = m_wspace+0, *t2 = m_wspace+2;
+#if defined(IS_BIG_ENDIAN)
+    word64 *t1 = m_wspace+0, *t2 = m_wspace+2, *msg = m_wspace+4;
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(inBlock);
+        block(msg[0])(msg[1]);
+        inBlock = msg;
+    }
+#else
+    word64 *t1 = outBlock, *t2 = m_wspace+2;
+#endif
+
     if (IsForwardTransformation())
     {
         AddKey<2>(inBlock, t1, m_rkeys);
@@ -935,12 +978,29 @@ void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2])
         IGL128(t2, t1, &m_rkeys[0]);
     }
 
-    memcpy(outBlock, t1, 16);
+#if defined(IS_BIG_ENDIAN)
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(t1);
+        block(outBlock[0])(outBlock[1]);
+    }
+#endif
 }
 
 void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2]) const
 {
-    word64 *t1 = m_wspace+0, *t2 = m_wspace+2;
+#if defined(IS_BIG_ENDIAN)
+    word64 *t1 = m_wspace+0, *t2 = m_wspace+2, *msg = m_wspace+4;
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(inBlock);
+        block(msg[0])(msg[1]);
+        inBlock = msg;
+    }
+#else
+    word64 *t1 = outBlock, *t2 = m_wspace+2;
+#endif
+
     if (IsForwardTransformation())
     {
         AddKey<2>(inBlock, t1, m_rkeys);
@@ -979,12 +1039,29 @@ void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2])
         IGL128(t2, t1, &m_rkeys[0]);
     }
 
-    memcpy(outBlock, t1, 16);
+#if defined(IS_BIG_ENDIAN)
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(t1);
+        block(outBlock[0])(outBlock[1]);
+    }
+#endif
 }
 
 void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4]) const
 {
-    word64 *t1 = m_wspace+0, *t2 = m_wspace+4;
+#if defined(IS_BIG_ENDIAN)
+    word64 *t1 = m_wspace+0, *t2 = m_wspace+4, *msg = m_wspace+8;
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(inBlock);
+        block(msg[0])(msg[1])(msg[2])(msg[3]);
+        inBlock = msg;
+    }
+#else
+    word64 *t1 = outBlock, *t2 = m_wspace+4;
+#endif
+
     if (IsForwardTransformation())
     {
         AddKey<4>(inBlock, t1, m_rkeys);
@@ -1023,13 +1100,27 @@ void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4])
         IGL256(t2, t1, &m_rkeys[0]);
     }
 
-    memcpy(outBlock, t1, 32);
+#if defined(IS_BIG_ENDIAN)
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(t1); block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3]);
+    }
+#endif
 }
 
 void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4]) const
 {
-    // word64 t1[4], t2[4];
-    word64 *t1 = m_wspace+0, *t2 = m_wspace+4;
+#if defined(IS_BIG_ENDIAN)
+    word64 *t1 = m_wspace+0, *t2 = m_wspace+4, *msg = m_wspace+8;
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(inBlock);
+        block(msg[0])(msg[1])(msg[2])(msg[3]);
+        inBlock = msg;
+    }
+#else
+    word64 *t1 = outBlock, *t2 = m_wspace+4;
+#endif
 
     if (IsForwardTransformation())
     {
@@ -1077,13 +1168,28 @@ void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4])
         IGL256(t2, t1, &m_rkeys[0]);
     }
 
-    memcpy(outBlock, t1, 32);
+#if defined(IS_BIG_ENDIAN)
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(t1);
+        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3]);
+    }
+#endif
 }
 
 void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8]) const
 {
-    // word64 t1[8], t2[8];
-    word64 *t1 = m_wspace+0, *t2 = m_wspace+8;
+#if defined(IS_BIG_ENDIAN)
+    word64 *t1 = m_wspace+0, *t2 = m_wspace+8, *msg = m_wspace+16;
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(inBlock);
+        block(msg[0])(msg[1])(msg[2])(msg[3])(msg[4])(msg[5])(msg[6])(msg[7]);
+        inBlock = msg;
+    }
+#else
+    word64 *t1 = outBlock, *t2 = m_wspace+8;
+#endif
 
     if (IsForwardTransformation())
     {
@@ -1131,7 +1237,14 @@ void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8])
         IGL512(t2, t1, &m_rkeys[0]);
     }
 
-    memcpy(outBlock, t1, 64);
+#if defined(IS_BIG_ENDIAN)
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(t1);
+        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3])
+             (outBlock[4])(outBlock[5])(outBlock[6])(outBlock[7]);
+    }
+#endif
 }
 
 // *********************** Library routines *********************** //
@@ -1139,7 +1252,7 @@ void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8])
 void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params)
 {
     typedef GetBlock<word64, LittleEndian, false> Block;
-    Block userkey(key);
+    Block block(key);
 
     switch (keylen)
     {
@@ -1169,7 +1282,7 @@ void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const N
         m_rkeys.New(11*2);
         m_wspace.New(2*6);
 
-        userkey(m_mkey[0])(m_mkey[1]);
+        block(m_mkey[0])(m_mkey[1]);
         SetKey_22(m_mkey.data());
         break;
     case (2 << 8) | 4:  // 256 key, 128 block
@@ -1177,7 +1290,7 @@ void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const N
         m_rkeys.New(15*2);
         m_wspace.New(6*2+4);
 
-        userkey(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3]);
+        block(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3]);
         SetKey_24(m_mkey.data());
         break;
     case (4 << 8) | 4:  // 256 key, 256 block
@@ -1185,7 +1298,7 @@ void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const N
         m_rkeys.New(15*4);
         m_wspace.New(5*4);
 
-        userkey(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3]);
+        block(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3]);
         SetKey_44(m_mkey.data());
         break;
     case (4 << 8) | 8:  // 512 key, 256 block
@@ -1193,8 +1306,8 @@ void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const N
         m_rkeys.New(19*4);
         m_wspace.New(6*4+8);
 
-        userkey(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3])
-               (m_mkey[4])(m_mkey[5])(m_mkey[6])(m_mkey[7]);
+        block(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3])
+             (m_mkey[4])(m_mkey[5])(m_mkey[6])(m_mkey[7]);
         SetKey_48(m_mkey.data());
         break;
     case (8 << 8) | 8:  // 512 key, 512 block
@@ -1202,8 +1315,8 @@ void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const N
         m_rkeys.New(19*8);
         m_wspace.New(5*8);
 
-        userkey(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3])
-               (m_mkey[4])(m_mkey[5])(m_mkey[6])(m_mkey[7]);
+        block(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3])
+             (m_mkey[4])(m_mkey[5])(m_mkey[6])(m_mkey[7]);
         SetKey_88(m_mkey.data());
         break;
     default:
@@ -1213,14 +1326,14 @@ void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const N
 
 void Kalyna::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
-	// Timing attack countermeasure. see comments in Rijndael for more details
-	const int cacheLineSize = GetCacheLineSize();
-	volatile word32 _u = 0;
-	word32 u = _u;
+    // Timing attack countermeasure. see comments in Rijndael for more details
+    const int cacheLineSize = GetCacheLineSize();
+    volatile word32 _u = 0;
+    word32 u = _u;
 
-	for (unsigned int i=0; i<COUNTOF(KalynaTab::S); i+=cacheLineSize)
-		u &= *reinterpret_cast<const word32*>(KalynaTab::S+i);
-	m_wspace[0] = u;
+    for (unsigned int i=0; i<256; i+=cacheLineSize)
+        u &= *reinterpret_cast<const word32*>(KalynaTab::S+i);
+    m_wspace[0] = u;
 
     switch ((m_nb << 8) | m_nk)
     {
diff --git a/kalyna.h b/kalyna.h
index f1f74d02..0e77a1fb 100644
--- a/kalyna.h
+++ b/kalyna.h
@@ -7,7 +7,7 @@
 //!   Ruzhentsev, Kuznetsov, Gorbenko, Dyrda, Dolgov, Pushkaryov, Mordvinov and Kaidalov's "A New Encryption
 //!   Standard of Ukraine: The Kalyna Block Cipher" (http://eprint.iacr.org/2015/650.pdf). Second was Roman
 //!   Oliynykov and Oleksandr Kazymyrov's GitHub with the reference implementation
-//!  (http://github.com/Roman-Oliynykov/Kalyna-reference). The third resource was Keru Kuro's implementation
+//!   (http://github.com/Roman-Oliynykov/Kalyna-reference). The third resource was Keru Kuro's implementation
 //!   of Kalyna in CppCrypto (http://sourceforge.net/projects/cppcrypto/). Kuro has an outstanding
 //!   implementation that performed better than the reference implementation and out intial attempts.
 
@@ -107,8 +107,8 @@ public:
         //!   and parenthesis to identify key length. For example, Kalyna-128(256) is Kalyna
         //!   with a 128-bit block size and a 256-bit key length. If a mode is associated
         //!   with the object, then it follows as expected. For example, Kalyna-128(256)/ECB.
-		//!   DSTU is a little more complex with more parameters, dashes, underscores, but the
-		//!   library does not use the delimiters or full convention.
+        //!   DSTU is a little more complex with more parameters, dashes, underscores, but the
+        //!   library does not use the delimiters or full convention.
         std::string AlgorithmName() const {
             return m_blocksize ? "Kalyna-" + IntToString(m_blocksize*8) + "(" + IntToString(m_kl*8) + ")" : StaticAlgorithmName();
         }

From 238b5e6188e1c6ddcd1de17348daff4f68900aba Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 8 May 2017 03:20:23 -0400
Subject: [PATCH 095/200] Whitespace check-in

---
 kalyna.cpp    | 10 +++-------
 kalyna.h      |  2 +-
 kalynatab.cpp |  6 ------
 3 files changed, 4 insertions(+), 14 deletions(-)

diff --git a/kalyna.cpp b/kalyna.cpp
index 1bc833cf..e8be7238 100644
--- a/kalyna.cpp
+++ b/kalyna.cpp
@@ -6,7 +6,7 @@
 //              (http://github.com/Roman-Oliynykov/Kalyna-reference). The third and most utilized resource
 //              was Keru Kuro's public domain implementation of Kalyna in CppCrypto
 //              (http://sourceforge.net/projects/cppcrypto/). Kuro has an outstanding implementation that
-//              performed better than the reference implementation and out intial attempts. The only downside
+//              performed better than the reference implementation and our initial attempts. The only downside
 //              was the missing big endian port.
 
 #include "pch.h"
@@ -927,11 +927,6 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
     }
 }
 
-//template <unsigned int NB, unsigned int NK>
-//void Kalyna::Base::SetKey_Template(const word64 key[NK])
-//{
-//}
-
 // *********************** ProcessAndXorBlock specializations *********************** //
 
 void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2]) const
@@ -1103,7 +1098,8 @@ void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4])
 #if defined(IS_BIG_ENDIAN)
     {
         typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(t1); block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3]);
+        Block block(t1);
+        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3]);
     }
 #endif
 }
diff --git a/kalyna.h b/kalyna.h
index 0e77a1fb..1440a4bb 100644
--- a/kalyna.h
+++ b/kalyna.h
@@ -9,7 +9,7 @@
 //!   Oliynykov and Oleksandr Kazymyrov's GitHub with the reference implementation
 //!   (http://github.com/Roman-Oliynykov/Kalyna-reference). The third resource was Keru Kuro's implementation
 //!   of Kalyna in CppCrypto (http://sourceforge.net/projects/cppcrypto/). Kuro has an outstanding
-//!   implementation that performed better than the reference implementation and out intial attempts.
+//!   implementation that performed better than the reference implementation and our initial attempts.
 
 #ifndef CRYPTOPP_KALYNA_H
 #define CRYPTOPP_KALYNA_H
diff --git a/kalynatab.cpp b/kalynatab.cpp
index 49f495f1..1c9c225b 100644
--- a/kalynatab.cpp
+++ b/kalynatab.cpp
@@ -9,8 +9,6 @@ NAMESPACE_BEGIN(KalynaTab)
 
 #define EXPORT_TABLE extern
 
-#if defined(IS_LITTLE_ENDIAN)
-
 EXPORT_TABLE
 const word64 T[8][256] =
 {
@@ -1077,10 +1075,6 @@ const word64 IT[8][256] =
     }
 };
 
-#else
-# error "Only little endian is supported at the moment"
-#endif
-
 EXPORT_TABLE
 const byte S[4][256] =
 {

From 798f1c9ed8b1e9d2da6ddc0b15a0b8d797b1088b Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 8 May 2017 05:13:55 -0400
Subject: [PATCH 096/200] Clear warnings under Visual Studio

---
 validat0.cpp | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index 5b239cf8..651c4f82 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -70,7 +70,7 @@ bool TestCompressors()
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
-        src[0] = 0x1f; src[1] = 0x8b;  // magic Header
+        src[0] = (byte)0x1f; src[1] = (byte)0x8b;  // magic header
         src[2] = 0x00;  // extra flags
         src[3] = src[3] & (2|4|8|16|32);  // flags
 
@@ -114,7 +114,7 @@ bool TestCompressors()
                 StringSource(dest.substr(0, len-2), true, new Inflator(new StringSink(rec)));
                 std::cout << "Deflate failed to detect a truncated stream\n";
                 fail2 = true;
-            } catch(const Exception& ex) { }
+            } catch(const Exception&) { }
         }
     }
     catch(const Exception&)
@@ -146,7 +146,7 @@ bool TestCompressors()
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
-        src[0] = 0x1f; src[1] = 0x8b;  // magic Header
+        src[0] = (byte)0x1f; src[1] = (byte)0x8b;  // magic Header
         src[2] = 0x00;  // extra flags
         src[3] = src[3] & (2|4|8|16|32);  // flags
 
@@ -234,14 +234,14 @@ bool TestEncryptors()
                 StringSource(dest.substr(0, len-2), true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a truncated stream\n";
                 fail2 = true;
-            } catch(const Exception& ex) { }
+            } catch(const Exception&) { }
             try {
                 // tamper salt
                 dest[DefaultDecryptorWithMAC::SALTLENGTH/2] ^= 0x01;
                 StringSource(dest, true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a tampered salt\n";
                 fail2 = true;
-            } catch(const Exception& ex) { }
+            } catch(const Exception&) { }
             try {
                 // undo previous tamper
                 dest[DefaultDecryptorWithMAC::SALTLENGTH/2] ^= 0x01;
@@ -250,7 +250,7 @@ bool TestEncryptors()
                 StringSource(dest, true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a tampered keycheck\n";
                 fail2 = true;
-            } catch(const Exception& ex) { }
+            } catch(const Exception&) { }
             try {
                 // undo previous tamper
                 dest[DefaultDecryptorWithMAC::SALTLENGTH+DefaultDecryptorWithMAC::KEYLENGTH/2] ^= 0x01;
@@ -259,7 +259,7 @@ bool TestEncryptors()
                 StringSource(dest, true, new DefaultDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  DefaultDecryptorWithMAC failed to detect a tampered data\n";
                 fail2 = true;
-            } catch(const Exception& ex) { }
+            } catch(const Exception&) { }
         }
     }
     catch(const Exception&)
@@ -332,14 +332,14 @@ bool TestEncryptors()
                 StringSource(dest.substr(0, len-2), true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a truncated stream\n";
                 fail4 = true;
-            } catch(const Exception& ex) { }
+            } catch(const Exception&) { }
             try {
                 // tamper salt
                 dest[LegacyEncryptorWithMAC::SALTLENGTH/2] ^= 0x01;
                 StringSource(dest, true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a tampered salt\n";
                 fail4 = true;
-            } catch(const Exception& ex) { }
+            } catch(const Exception&) { }
             try {
                 // undo previous tamper
                 dest[LegacyEncryptorWithMAC::SALTLENGTH/2] ^= 0x01;
@@ -348,7 +348,7 @@ bool TestEncryptors()
                 StringSource(dest, true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a tampered keycheck\n";
                 fail4 = true;
-            } catch(const Exception& ex) { }
+            } catch(const Exception&) { }
             try {
                 // undo previous tamper
                 dest[LegacyEncryptorWithMAC::SALTLENGTH+LegacyEncryptorWithMAC::KEYLENGTH/2] ^= 0x01;
@@ -357,7 +357,7 @@ bool TestEncryptors()
                 StringSource(dest, true, new LegacyDecryptorWithMAC(pwd.c_str(), new StringSink(rec)));
                 std::cout << "FAILED:  LegacyEncryptorWithMAC failed to detect a tampered data\n";
                 fail4 = true;
-            } catch(const Exception& ex) { }
+            } catch(const Exception&) { }
         }
     }
     catch(const Exception&)

From 7ba33868e06e0d5f15ce82327a60ca25f8f5bdd1 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 8 May 2017 06:08:27 -0400
Subject: [PATCH 097/200] Add zLib compressor and decompressor tests

---
 validat0.cpp | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 56 insertions(+), 2 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index 651c4f82..629fa11b 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -11,6 +11,7 @@
 #include "default.h"
 #include "zinflate.h"
 #include "gzip.h"
+#include "zlib.h"
 #include "hex.h"
 #include "asn.h"
 
@@ -31,7 +32,7 @@ NAMESPACE_BEGIN(Test)
 bool TestCompressors()
 {
     std::cout << "\nTesting Compressors and Decompressors...\n\n";
-    bool fail1 = false, fail2 = false;
+    bool fail1 = false, fail2 = false, fail3 = false;
 
     try
     {
@@ -168,8 +169,61 @@ bool TestCompressors()
        std::cout << "FAILED:";
     std::cout << "  128 deflates and inflates\n";
 
+    // **************************************************************
+
+    try
+    {
+        for (unsigned int i=0; i<128; ++i)
+        {
+            std::string src, dest, rec;
+            unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+
+            src.resize(len);
+            GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+            StringSource(src, true, new ZlibCompressor(new StringSink(dest)));
+            StringSource(dest, true, new ZlibDecompressor (new StringSink(rec)));
+            if (src != rec)
+                throw Exception(Exception::OTHER_ERROR, "ZlibCompressor failed to decompress stream");
+
+            // Tamper
+            try {
+                StringSource(dest.substr(0, len-2), true, new ZlibDecompressor (new StringSink(rec)));
+                throw Exception(Exception::OTHER_ERROR, "ZlibCompressor failed to detect a truncated stream");
+            } catch(const Exception&) {}
+        }
+    }
+    catch(const Exception&)
+    {
+        fail3 = true;
+    }
+
+    // **************************************************************
+
+    // Unzip random data. See if we can induce a crash
+    for (unsigned int i=0; i<128; i++)
+    {
+        std::string src, dest;
+        unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+
+        src.resize(len);
+        GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+        try {
+            StringSource(src, true, new ZlibDecompressor(new StringSink(dest)));
+        } catch(const Exception&) {    }
+    }
+
+    if (!fail3)
+       std::cout << "passed:";
+    else
+       std::cout << "FAILED:";
+    std::cout << "  128 zlib decompress and compress" << std::endl;
+
+    // **************************************************************
+
     std::cout.flush();
-    return !fail1 && !fail2;
+    return !fail1 && !fail2 && !fail3;
 }
 
 bool TestEncryptors()

From fe2d5752cd92d135593fac5685ce192050ee6b9d Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 8 May 2017 14:32:30 -0400
Subject: [PATCH 098/200] Switch to library's GetUserKey

---
 kalyna.cpp | 25 ++++++++++---------------
 1 file changed, 10 insertions(+), 15 deletions(-)

diff --git a/kalyna.cpp b/kalyna.cpp
index e8be7238..b468571c 100644
--- a/kalyna.cpp
+++ b/kalyna.cpp
@@ -1247,9 +1247,6 @@ void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8])
 
 void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params)
 {
-    typedef GetBlock<word64, LittleEndian, false> Block;
-    Block block(key);
-
     switch (keylen)
     {
     case 16:  // 128
@@ -1278,42 +1275,40 @@ void Kalyna::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const N
         m_rkeys.New(11*2);
         m_wspace.New(2*6);
 
-        block(m_mkey[0])(m_mkey[1]);
-        SetKey_22(m_mkey.data());
+        GetUserKey(LITTLE_ENDIAN_ORDER, m_mkey.begin(), 2, key, 16);
+        SetKey_22(m_mkey.begin());
         break;
     case (2 << 8) | 4:  // 256 key, 128 block
         m_mkey.New(4);
         m_rkeys.New(15*2);
         m_wspace.New(6*2+4);
 
-        block(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3]);
-        SetKey_24(m_mkey.data());
+        GetUserKey(LITTLE_ENDIAN_ORDER, m_mkey.begin(), 4, key, 32);
+        SetKey_24(m_mkey.begin());
         break;
     case (4 << 8) | 4:  // 256 key, 256 block
         m_mkey.New(4);
         m_rkeys.New(15*4);
         m_wspace.New(5*4);
 
-        block(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3]);
-        SetKey_44(m_mkey.data());
+        GetUserKey(LITTLE_ENDIAN_ORDER, m_mkey.begin(), 4, key, 32);
+        SetKey_44(m_mkey.begin());
         break;
     case (4 << 8) | 8:  // 512 key, 256 block
         m_mkey.New(8);
         m_rkeys.New(19*4);
         m_wspace.New(6*4+8);
 
-        block(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3])
-             (m_mkey[4])(m_mkey[5])(m_mkey[6])(m_mkey[7]);
-        SetKey_48(m_mkey.data());
+        GetUserKey(LITTLE_ENDIAN_ORDER, m_mkey.begin(), 8, key, 64);
+        SetKey_48(m_mkey.begin());
         break;
     case (8 << 8) | 8:  // 512 key, 512 block
         m_mkey.New(8);
         m_rkeys.New(19*8);
         m_wspace.New(5*8);
 
-        block(m_mkey[0])(m_mkey[1])(m_mkey[2])(m_mkey[3])
-             (m_mkey[4])(m_mkey[5])(m_mkey[6])(m_mkey[7]);
-        SetKey_88(m_mkey.data());
+        GetUserKey(LITTLE_ENDIAN_ORDER, m_mkey.begin(), 8, key, 64);
+        SetKey_88(m_mkey.begin());
         break;
     default:
         CRYPTOPP_ASSERT(0);

From 7421bd20551abbea9dfaa9dc1595e386d9589e86 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 8 May 2017 16:17:17 -0400
Subject: [PATCH 099/200] Fix "Load of address X with insufficient space for an
 object of type const word32"

---
 kalyna.cpp | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/kalyna.cpp b/kalyna.cpp
index b468571c..864f139d 100644
--- a/kalyna.cpp
+++ b/kalyna.cpp
@@ -1319,11 +1319,12 @@ void Kalyna::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock,
 {
     // Timing attack countermeasure. see comments in Rijndael for more details
     const int cacheLineSize = GetCacheLineSize();
-    volatile word32 _u = 0;
-    word32 u = _u;
+    volatile word64 _u = 0;
+    word64 u = _u;
 
+    const byte* p = reinterpret_cast<const byte*>(KalynaTab::S);
     for (unsigned int i=0; i<256; i+=cacheLineSize)
-        u &= *reinterpret_cast<const word32*>(KalynaTab::S+i);
+        u &= *reinterpret_cast<const word64*>(p+i);
     m_wspace[0] = u;
 
     switch ((m_nb << 8) | m_nk)

From ba8882db390dac1c0cf67520e6e3897f5006b8c3 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 8 May 2017 17:03:06 -0400
Subject: [PATCH 100/200] Use [31398, 31468] for prime gap test

---
 validat0.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index 629fa11b..5f9912a2 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -2152,8 +2152,8 @@ bool TestIntegerBitops()
 
     // Integer is missing a couple of tests...
     try {
-        // All in range [90, 96] are composite
-        Integer x = Integer(GlobalRNG(), 90, 96, Integer::PRIME);
+        // A run of 71 composites; see http://en.wikipedia.org/wiki/Prime_gap
+        Integer x = Integer(GlobalRNG(), 31398, 31468, Integer::PRIME);
         pass=false;
     } catch (const Exception&) {
         pass=true;

From ffa92b09e6a2f934001426e74e10b434df175a7f Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 8 May 2017 22:36:58 -0400
Subject: [PATCH 101/200] Add test for Carmichael pseudo-primes

---
 validat0.cpp | 26 ++++++++++++++++++++++----
 1 file changed, 22 insertions(+), 4 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index 5f9912a2..b5f589a1 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -5,6 +5,7 @@
 
 #include "secblock.h"
 #include "integer.h"
+#include "nbtheory.h"
 #include "zdeflate.h"
 #include "filters.h"
 #include "stdcpp.h"
@@ -2151,13 +2152,12 @@ bool TestIntegerBitops()
     std::cout << "  Integer DivideByZero\n";
 
     // Integer is missing a couple of tests...
+    pass=true;
     try {
         // A run of 71 composites; see http://en.wikipedia.org/wiki/Prime_gap
         Integer x = Integer(GlobalRNG(), 31398, 31468, Integer::PRIME);
         pass=false;
-    } catch (const Exception&) {
-        pass=true;
-    }
+    } catch (const Exception&) { }
 
     if (pass)
         std::cout << "passed:";
@@ -2165,9 +2165,27 @@ bool TestIntegerBitops()
         std::cout << "FAILED:";
     std::cout << "  Integer RandomNumberNotFound\n";
 
+    // Carmichael pseudo-primes
+    pass=true;
+    if (IsPrime(Integer("561")))
+        pass = false;
+    if (!IsPrime(Integer("41041")))
+        pass = false;
+    if (!IsPrime(Integer("321197185")))
+        pass = false;
+    if (!IsPrime(Integer("232250619601")))
+        pass = false;
+    if (!IsPrime(Integer("974637772161")))
+        pass = false;
+
+    if (pass)
+        std::cout << "passed:";
+    else
+        std::cout << "FAILED:";
+    std::cout << "  Carmichael pseudo-primes\n";
+
     // Integer is missing a couple of tests...
     try {
-        // All in range [90, 96] are composite
         Integer x = Integer::One().Doubled();
         pass=(x == Integer::Two());
     } catch (const Exception&) {

From 6ca68e714bf164641a6ce768fdd572568cb02391 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 8 May 2017 23:25:39 -0400
Subject: [PATCH 102/200] Updated documentation

---
 cryptlib.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cryptlib.h b/cryptlib.h
index 840c3a45..8f38e70b 100644
--- a/cryptlib.h
+++ b/cryptlib.h
@@ -716,7 +716,7 @@ protected:
 
 	//! \brief Validates the IV length
 	//! \param length the size of an IV, in bytes
-	//! \throws InvalidArgument if the number of rounds are invalid
+	//! \throws InvalidArgument if the IV length is invalid
 	size_t ThrowIfInvalidIVLength(int length);
 
 	//! \brief Retrieves and validates the IV

From 8a177c58e692f8852199868ff4845deac55b461b Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 9 May 2017 00:58:42 -0400
Subject: [PATCH 103/200] Add validation for W3C_PADDING
 InitializeDerivedAndReturnNewSizes This should have occurred with PR 368 or
 Commit 8e088b48654f

---
 filters.cpp | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/filters.cpp b/filters.cpp
index ca85edc7..0b4b2e2d 100644
--- a/filters.cpp
+++ b/filters.cpp
@@ -611,8 +611,14 @@ void StreamTransformationFilter::InitializeDerivedAndReturnNewSizes(const NameVa
 	else
 		m_padding = padding;
 
-	if (!isBlockCipher && (m_padding == PKCS_PADDING || m_padding == ONE_AND_ZEROS_PADDING))
-		throw InvalidArgument("StreamTransformationFilter: PKCS_PADDING and ONE_AND_ZEROS_PADDING cannot be used with " + m_cipher.AlgorithmName());
+	if (!isBlockCipher && (m_padding == PKCS_PADDING))
+		throw InvalidArgument("StreamTransformationFilter: PKCS_PADDING cannot be used with " + m_cipher.AlgorithmName());
+
+	if (!isBlockCipher && (m_padding == W3C_PADDING))
+		throw InvalidArgument("StreamTransformationFilter: W3C_PADDING cannot be used with " + m_cipher.AlgorithmName());
+
+	if (!isBlockCipher && (m_padding == ONE_AND_ZEROS_PADDING))
+		throw InvalidArgument("StreamTransformationFilter: ONE_AND_ZEROS_PADDING cannot be used with " + m_cipher.AlgorithmName());
 
 	firstSize = 0;
 	blockSize = m_cipher.MandatoryBlockSize();

From 4f7fee38d6acd63eafc86fd9bdb5bee7e27548d2 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 9 May 2017 13:20:53 -0400
Subject: [PATCH 104/200] Mkaake RDRAND and RDSEED throw if not available Fix
 Carmichael pseudo-prime tests

---
 rdrand.cpp   | 68 ++++++++++++++++++++++++++++++----------------
 rdrand.h     |  9 +++---
 validat0.cpp | 10 ++++---
 validat1.cpp | 77 +++++++++++++++++++++++++++++-----------------------
 4 files changed, 98 insertions(+), 66 deletions(-)

diff --git a/rdrand.cpp b/rdrand.cpp
index 75889f1d..d18f3bd0 100644
--- a/rdrand.cpp
+++ b/rdrand.cpp
@@ -126,15 +126,16 @@ NAMESPACE_BEGIN(CryptoPP)
 inline void RDRAND32(void* output)
 {
 #if defined(__SUNPRO_CC)
-    __asm__ __volatile__
+    __asm__
     (
+        "1:\n"
         ".byte 0x0f, 0xc7, 0xf0;\n"
-        ".byte 0x73, 0xfb;\n"
+        "jnc 1b;\n"
         : "=a" (*reinterpret_cast<word32*>(output))
         : : "cc"
     );
 #elif defined(GCC_RDRAND_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 40600)
-    __asm__ __volatile__
+    __asm__
     (
         INTEL_NOPREFIX
         ASL(1)
@@ -145,10 +146,11 @@ inline void RDRAND32(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDRAND_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 30200)
-    __asm__ __volatile__
+    __asm__
     (
+        "1:\n"
         ".byte 0x0f, 0xc7, 0xf0;\n"
-        ".byte 0x73, 0xfb;\n"
+        "jnc 1b;\n"
         : "=a" (*reinterpret_cast<word32*>(output))
         : : "cc"
     );
@@ -165,15 +167,16 @@ inline void RDRAND32(void* output)
 inline void RDRAND64(void* output)
 {
 #if defined(__SUNPRO_CC) && (__SUNPRO_CC >= 0x5100)
-    __asm__ __volatile__
+    __asm__
     (
+        "1:\n"
         ".byte 0x48, 0x0f, 0xc7, 0xf0;\n"
-        ".byte 0x73, 0xfa;\n"
+        "jnc 1b;\n"
         : "=a" (*reinterpret_cast<word64*>(output))
         : : "cc"
     );
 #elif defined(GCC_RDRAND_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 40600)
-    __asm__ __volatile__
+    __asm__
     (
         INTEL_NOPREFIX
         ASL(1)
@@ -184,10 +187,11 @@ inline void RDRAND64(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDRAND_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 30200)
-    __asm__ __volatile__
+    __asm__
     (
+        "1:\n"
         ".byte 0x48, 0x0f, 0xc7, 0xf0;\n"
-        ".byte 0x73, 0xfa;\n"
+        "jnc 1b;\n"
         : "=a" (*reinterpret_cast<word64*>(output))
         : : "cc"
     );
@@ -200,6 +204,12 @@ inline void RDRAND64(void* output)
 }
 #endif  // CRYPTOPP_BOOL_X64, CRYPTOPP_BOOL_X32 and RDRAND64
 
+RDRAND::RDRAND()
+{
+    if (!HasRDRAND())
+        throw RDRAND_Err("HasRDRAND");
+}
+
 void RDRAND::GenerateBlock(byte *output, size_t size)
 {
     CRYPTOPP_ASSERT((output && size) || !(output || size));
@@ -225,7 +235,7 @@ void RDRAND::GenerateBlock(byte *output, size_t size)
     {
         word64 val;
         RDRAND64(&val);
-        std::memcpy(output, &val, size);
+        ::memcpy(output, &val, size);
     }
 #elif CRYPTOPP_BOOL_X86
     size_t i = 0;
@@ -239,7 +249,7 @@ void RDRAND::GenerateBlock(byte *output, size_t size)
     {
         word32 val;
         RDRAND32(&val);
-        std::memcpy(output, &val, size);
+        ::memcpy(output, &val, size);
     }
 #else
     // RDRAND not detected at compile time, or no suitable compiler found
@@ -270,15 +280,16 @@ void RDRAND::DiscardBytes(size_t n)
 inline void RDSEED32(void* output)
 {
 #if defined(__SUNPRO_CC)
-    __asm__ __volatile__
+    __asm__
     (
+        "1:\n"
         ".byte 0x0f, 0xc7, 0xf8;\n"
-        ".byte 0x73, 0xfb;\n"
+        "jnc 1b;\n"
         : "=a" (*reinterpret_cast<word32*>(output))
         : : "cc"
     );
 #elif defined(GCC_RDSEED_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 40600)
-    __asm__ __volatile__
+    __asm__
     (
         INTEL_NOPREFIX
         ASL(1)
@@ -289,10 +300,11 @@ inline void RDSEED32(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDSEED_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 30200)
-    __asm__ __volatile__
+    __asm__
     (
+        "1:\n"
         ".byte 0x0f, 0xc7, 0xf8;\n"
-        ".byte 0x73, 0xfb;\n"
+        "jnc 1b;\n"
         : "=a" (*reinterpret_cast<word32*>(output))
         : : "cc"
     );
@@ -309,15 +321,16 @@ inline void RDSEED32(void* output)
 inline void RDSEED64(void* output)
 {
 #if defined(__SUNPRO_CC) && (__SUNPRO_CC >= 0x5100)
-    __asm__ __volatile__
+    __asm__
     (
+        "1:\n"
         ".byte 0x48, 0x0f, 0xc7, 0xf8;\n"
-        ".byte 0x73, 0xfa;\n"
+        "jnc 1b;\n"
         : "=a" (*reinterpret_cast<word64*>(output))
         : : "cc"
     );
 #elif defined(GCC_RDSEED_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 40600)
-    __asm__ __volatile__
+    __asm__
     (
         INTEL_NOPREFIX
         ASL(1)
@@ -328,10 +341,11 @@ inline void RDSEED64(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDSEED_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 30200)
-    __asm__ __volatile__
+    __asm__
     (
+        "1:\n"
         ".byte 0x48, 0x0f, 0xc7, 0xf8;\n"
-        ".byte 0x73, 0xfa;\n"
+        "jnc 1b;\n"
         : "=a" (*reinterpret_cast<word64*>(output))
         : : "cc"
     );
@@ -344,6 +358,12 @@ inline void RDSEED64(void* output)
 }
 #endif  // CRYPTOPP_BOOL_X64 and RDSEED64
 
+RDSEED::RDSEED()
+{
+    if (!HasRDSEED())
+        throw RDSEED_Err("HasRDSEED");
+}
+
 void RDSEED::GenerateBlock(byte *output, size_t size)
 {
     CRYPTOPP_ASSERT((output && size) || !(output || size));
@@ -369,7 +389,7 @@ void RDSEED::GenerateBlock(byte *output, size_t size)
     {
         word64 val;
         RDSEED64(&val);
-        std::memcpy(output, &val, size);
+        ::memcpy(output, &val, size);
     }
 #elif CRYPTOPP_BOOL_X86
     size_t i = 0;
@@ -383,7 +403,7 @@ void RDSEED::GenerateBlock(byte *output, size_t size)
     {
         word32 val;
         RDSEED32(&val);
-        std::memcpy(output, &val, size);
+        ::memcpy(output, &val, size);
     }
 #endif  // CRYPTOPP_BOOL_X64, CRYPTOPP_BOOL_X32 and RDSEED64
 }
diff --git a/rdrand.h b/rdrand.h
index dba3ad70..03a186f4 100644
--- a/rdrand.h
+++ b/rdrand.h
@@ -56,9 +56,9 @@ public:
     //! \brief Construct a RDRAND generator
     //! \details According to DJ of Intel, the Intel RDRAND circuit does not underflow.
     //!   If it did hypothetically underflow, then it would return 0 for the random value.
-    //!   AMD's RDRAND implementation appears to provide the same behavior except the
-    //!   values are not generated consistent with FIPS 140.
-    RDRAND() {}
+    //!   AMD's RDRAND implementation appears to provide the same behavior.
+     //! \throws RDRAND_Err if the random number generator is not available
+    RDRAND();
 
     //! \brief Generate random array of bytes
     //! \param output the byte buffer
@@ -107,7 +107,8 @@ public:
     //! \details Empirical testing under a 6th generaton i7 (6200U) shows RDSEED fails
     //!   to fulfill requests at about once every for every 256 bytes requested.
     //!   The generator runs about 4 times slower than RDRAND.
-    RDSEED() {}
+     //! \throws RDSEED_Err if the random number generator is not available
+    RDSEED();
 
     //! \brief Generate random array of bytes
     //! \param output the byte buffer
diff --git a/validat0.cpp b/validat0.cpp
index b5f589a1..4d3c5c90 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -2169,13 +2169,15 @@ bool TestIntegerBitops()
     pass=true;
     if (IsPrime(Integer("561")))
         pass = false;
-    if (!IsPrime(Integer("41041")))
+    if (IsPrime(Integer("41041")))
         pass = false;
-    if (!IsPrime(Integer("321197185")))
+    if (IsPrime(Integer("321197185")))
         pass = false;
-    if (!IsPrime(Integer("232250619601")))
+    if (IsPrime(Integer("5394826801")))
         pass = false;
-    if (!IsPrime(Integer("974637772161")))
+    if (IsPrime(Integer("232250619601")))
+        pass = false;
+    if (IsPrime(Integer("974637772161")))
         pass = false;
 
     if (pass)
diff --git a/validat1.cpp b/validat1.cpp
index 16c5d83b..af8299ed 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -376,7 +376,7 @@ bool TestOS_RNG()
 
 #ifdef BLOCKING_RNG_AVAILABLE
 	try {rng.reset(new BlockingRng);}
-	catch (OS_RNG_Err &) {}
+	catch (const OS_RNG_Err &) {}
 #endif
 
 	if (rng.get())
@@ -565,7 +565,7 @@ bool TestAutoSeeded()
 	{
 		prng.DiscardBytes(100000);
 	}
-	catch(const Exception&)
+	catch (const Exception&)
 	{
 		discard = false;
 	}
@@ -591,7 +591,7 @@ bool TestAutoSeeded()
 			incorporate = true;
 		}
 	}
-	catch(const Exception& /*ex*/)
+	catch (const Exception& /*ex*/)
 	{
 	}
 
@@ -653,7 +653,7 @@ bool TestAutoSeededX917()
 	{
 		prng.DiscardBytes(100000);
 	}
-	catch(const Exception&)
+	catch (const Exception&)
 	{
 		discard = false;
 	}
@@ -679,7 +679,7 @@ bool TestAutoSeededX917()
 			incorporate = true;
 		}
 	}
-	catch(const Exception& /*ex*/)
+	catch (const Exception& /*ex*/)
 	{
 	}
 
@@ -761,7 +761,7 @@ bool TestMersenne()
 	{
 		prng.DiscardBytes(100000);
 	}
-	catch(const Exception&)
+	catch (const Exception&)
 	{
 		discard = false;
 	}
@@ -787,7 +787,7 @@ bool TestMersenne()
 			incorporate = true;
 		}
 	}
-	catch(const Exception& /*ex*/)
+	catch (const Exception& /*ex*/)
 	{
 	}
 
@@ -828,14 +828,20 @@ bool TestMersenne()
 #if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
 bool TestRDRAND()
 {
-	// Testing on 6th generation i7 shows RDRAND needs less than 8 retries for 10K bytes.
-	RDRAND rdrand;
-	bool entropy = true, compress = true, discard = true, crop = true;
-	static const unsigned int SIZE = 10000;
+	std::cout << "\nTesting RDRAND generator...\n\n";
 
-	if (HasRDRAND())
+	bool entropy = true, compress = true, discard = true, crop = true;
+	member_ptr<RandomNumberGenerator> rng;
+
+#ifdef BLOCKING_RNG_AVAILABLE
+	try {rng.reset(new RDRAND);}
+	catch (const RDRAND_Err &) {}
+#endif
+
+	if (rng.get())
 	{
-		std::cout << "\nTesting RDRAND generator...\n\n";
+		RDRAND& rdrand = dynamic_cast<RDRAND&>(*rng.get());
+		static const unsigned int SIZE = 10000;
 
 		MeterFilter meter(new Redirector(TheBitBucket()));
 		Deflator deflator(new Redirector(meter));
@@ -876,7 +882,7 @@ bool TestRDRAND()
 		{
 			rdrand.DiscardBytes(SIZE);
 		}
-		catch(const Exception&)
+		catch (const Exception&)
 		{
 			discard = false;
 		}
@@ -900,7 +906,6 @@ bool TestRDRAND()
 			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
 			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
 			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
-			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
 			crop = true;
 		}
 		catch (const Exception&)
@@ -924,15 +929,20 @@ bool TestRDRAND()
 #if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
 bool TestRDSEED()
 {
-	// Testing on 5th generation i5 shows RDSEED needs about 128 retries for 10K bytes
-	//  on 64-bit/amd64 VM, and it needs more for an 32-bit/i686 VM.
-	RDSEED rdseed;
-	bool entropy = true, compress = true, discard = true, crop = true;
-	static const unsigned int SIZE = 10000;
+	std::cout << "\nTesting RDSEED generator...\n\n";
 
-	if (HasRDSEED())
+	bool entropy = true, compress = true, discard = true, crop = true;
+	member_ptr<RandomNumberGenerator> rng;
+
+#ifdef BLOCKING_RNG_AVAILABLE
+	try {rng.reset(new RDSEED);}
+	catch (const RDSEED_Err &) {}
+#endif
+
+	if (rng.get())
 	{
-		std::cout << "\nTesting RDSEED generator...\n\n";
+		RDSEED& rdseed = dynamic_cast<RDSEED&>(*rng.get());
+		static const unsigned int SIZE = 10000;
 
 		MeterFilter meter(new Redirector(TheBitBucket()));
 		Deflator deflator(new Redirector(meter));
@@ -958,7 +968,7 @@ bool TestRDSEED()
 		// Coverity finding, also see http://stackoverflow.com/a/34509163/608639.
 		StreamState ss(std::cout);
 		std::cout << std::setiosflags(std::ios::fixed) << std::setprecision(6);
-		std::cout << "  Maurer Randomness Test returned value " << mv << std::endl;
+		std::cout << "  Maurer Randomness Test returned value " << mv << "\n";
 
 		if (meter.GetTotalBytes() < SIZE)
 		{
@@ -973,7 +983,7 @@ bool TestRDSEED()
 		{
 			rdseed.DiscardBytes(SIZE);
 		}
-		catch(const Exception&)
+		catch (const Exception&)
 		{
 			discard = false;
 		}
@@ -997,7 +1007,6 @@ bool TestRDSEED()
 			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
 			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
 			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
-			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
 			crop = true;
 		}
 		catch (const Exception&)
@@ -1014,7 +1023,7 @@ bool TestRDSEED()
 	else
 		std::cout << "\nRDSEED generator not available, skipping test.\n";
 
-	return entropy && compress && discard;
+	return entropy && compress && discard && crop;
 }
 #endif
 
@@ -2724,56 +2733,56 @@ bool ValidateBaseCode()
 
 	fail = !TestFilter(HexEncoder().Ref(), data, 255, (const byte *)hexEncoded, strlen(hexEncoded));
 	try {HexEncoder().IsolatedInitialize(g_nullNameValuePairs);}
-	catch(const Exception&) {fail=true;}
+	catch (const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "  Hex Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder().Ref(), (const byte *)hexEncoded, strlen(hexEncoded), data, 255);
 	try {HexDecoder().IsolatedInitialize(g_nullNameValuePairs);}
-	catch(const Exception&) {fail=true;}
+	catch (const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "  Hex Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base32Encoder().Ref(), data, 255, (const byte *)base32Encoded, strlen(base32Encoded));
 	try {Base32Encoder().IsolatedInitialize(g_nullNameValuePairs);}
-	catch(const Exception&) {fail=true;}
+	catch (const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "  Base32 Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base32Decoder().Ref(), (const byte *)base32Encoded, strlen(base32Encoded), data, 255);
 	try {Base32Decoder().IsolatedInitialize(g_nullNameValuePairs);}
-	catch(const Exception&) {fail=true;}
+	catch (const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "  Base32 Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base64Encoder(new HexEncoder).Ref(), data, 255, (const byte *)base64AndHexEncoded, strlen(base64AndHexEncoded));
 	try {Base64Encoder().IsolatedInitialize(g_nullNameValuePairs);}
-	catch(const Exception&) {fail=true;}
+	catch (const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "  Base64 Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder(new Base64Decoder).Ref(), (const byte *)base64AndHexEncoded, strlen(base64AndHexEncoded), data, 255);
 	try {Base64Decoder().IsolatedInitialize(g_nullNameValuePairs);}
-	catch(const Exception&) {fail=true;}
+	catch (const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "  Base64 Decoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(Base64URLEncoder(new HexEncoder).Ref(), data, 255, (const byte *)base64URLAndHexEncoded, strlen(base64URLAndHexEncoded));
 	try {Base64URLEncoder().IsolatedInitialize(g_nullNameValuePairs);}
-	catch(const Exception&) {fail=true;}
+	catch (const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "  Base64 URL Encoding\n";
 	pass = pass && !fail;
 
 	fail = !TestFilter(HexDecoder(new Base64URLDecoder).Ref(), (const byte *)base64URLAndHexEncoded, strlen(base64URLAndHexEncoded), data, 255);
 	try {Base64URLDecoder().IsolatedInitialize(g_nullNameValuePairs);}
-	catch(const Exception&) {fail=true;}
+	catch (const Exception&) {fail=true;}
 	std::cout << (fail ? "FAILED:" : "passed:");
 	std::cout << "  Base64 URL Decoding\n";
 	pass = pass && !fail;

From bc29f1b5b8e93ccbde3a7445beada67e1fdb1d37 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 9 May 2017 15:13:11 -0400
Subject: [PATCH 105/200] Updated documentation

---
 rdrand.h | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/rdrand.h b/rdrand.h
index 03a186f4..33309017 100644
--- a/rdrand.h
+++ b/rdrand.h
@@ -9,12 +9,11 @@
 
 #include "cryptlib.h"
 
-// This file (and friends) provides both RDRAND and RDSEED. They were added at
+// This class file provides both RDRAND and RDSEED. They were added at
 //   Crypto++ 5.6.3. At compile time, it uses CRYPTOPP_BOOL_{X86|X32|X64}
-//   to select an implementation or "throw NotImplemented". The class does not
-//   use CPUID to determine if RDRAND or RDSEED are available. If not available,
-//   then a SIGILL will result. Users of the classes should call HasRDRAND() or
-//   HasRDSEED() to determine if a generator is available.
+//   to select an implementation or "throw NotImplemented". At runtime the
+//   constructor will throw RDRAND_Err or RDSEED_Err if a generator is
+//   is not available.
 // The original classes accepted a retry count. Retries were superflous for
 //   RDRAND, and RDSEED encountered a failure about 1 in 256 bytes depending
 //   on the processor. Retries were removed at Crypto++ 6.0 because
@@ -28,8 +27,8 @@
 //   during testing with Athlon X4 845. The Bulldozer v4 only performed at 1 MiB/s.
 
 // Microsoft added RDRAND in August 2012, VS2012; RDSEED in October 2013, VS2013.
-// GCC added RDRAND in December 2010, GCC 4.6. LLVM added RDRAND in July 2012, Clang 3.2.
-// Intel added RDRAND in September 2011, ICC 12.1.
+// GCC added RDRAND in December 2010, GCC 4.6. LLVM added RDRAND in July 2012,
+// Clang 3.2. Intel added RDRAND in September 2011, ICC 12.1.
 
 NAMESPACE_BEGIN(CryptoPP)
 

From a0832a63be5382b1df859c00e42b98bffe429e42 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 9 May 2017 15:28:42 -0400
Subject: [PATCH 106/200] Whitespace check-in

---
 validat1.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/validat1.cpp b/validat1.cpp
index af8299ed..07a0a01a 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -920,7 +920,7 @@ bool TestRDRAND()
 		std::cout << "  GenerateWord32 and Crop\n";
 	}
 	else
-		std::cout << "\nRDRAND generator not available, skipping test.\n";
+		std::cout << "RDRAND generator not available, skipping test.\n";
 
 	return entropy && compress && discard && crop;
 }
@@ -1021,7 +1021,7 @@ bool TestRDSEED()
 		std::cout << "  GenerateWord32 and Crop\n";
 	}
 	else
-		std::cout << "\nRDSEED generator not available, skipping test.\n";
+		std::cout << "RDSEED generator not available, skipping test.\n";
 
 	return entropy && compress && discard && crop;
 }

From f817fc7c2ecd0ae4321861848b8b0f41a8f3e42c Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 9 May 2017 15:40:49 -0400
Subject: [PATCH 107/200] Clear C4100 warning (Issue 412)

---
 rdrand.cpp | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/rdrand.cpp b/rdrand.cpp
index d18f3bd0..f3b586a9 100644
--- a/rdrand.cpp
+++ b/rdrand.cpp
@@ -7,10 +7,6 @@
 #include "rdrand.h"
 #include "cpu.h"
 
-#if CRYPTOPP_MSC_VERSION
-# pragma warning(disable: 4100)
-#endif
-
 // This file (and friends) provides both RDRAND and RDSEED. They were added at
 //   Crypto++ 5.6.3. At compile time, it uses CRYPTOPP_BOOL_{X86|X32|X64}
 //   to select an implementation or "throw NotImplemented". The class does not
@@ -158,6 +154,7 @@ inline void RDRAND32(void* output)
     while(!_rdrand32_step(reinterpret_cast<word32*>(output))) {}
 #else
     // RDRAND not detected at compile time, or no suitable compiler found
+	CRYPTOPP_UNUSED(output);
     throw NotImplemented("RDRAND: failed to find an implementation");
 #endif
 }
@@ -199,6 +196,7 @@ inline void RDRAND64(void* output)
     while(!_rdrand64_step(reinterpret_cast<unsigned long long*>(output))) {}
 #else
     // RDRAND not detected at compile time, or no suitable compiler found
+	CRYPTOPP_UNUSED(output);
     throw NotImplemented("RDRAND: failed to find an implementation");
 #endif
 }
@@ -253,6 +251,7 @@ void RDRAND::GenerateBlock(byte *output, size_t size)
     }
 #else
     // RDRAND not detected at compile time, or no suitable compiler found
+	CRYPTOPP_UNUSED(output);
     throw NotImplemented("RDRAND: failed to find a suitable implementation");
 #endif
 }
@@ -312,6 +311,7 @@ inline void RDSEED32(void* output)
     while(!_rdseed32_step(reinterpret_cast<word32*>(output))) {}
 #else
     // RDSEED not detected at compile time, or no suitable compiler found
+	CRYPTOPP_UNUSED(output);
     throw NotImplemented("RDSEED: failed to find an implementation");
 #endif
 }
@@ -353,6 +353,7 @@ inline void RDSEED64(void* output)
     while(!_rdseed64_step(reinterpret_cast<unsigned long long*>(output))) {}
 #else
     // RDSEED not detected at compile time, or no suitable compiler found
+	CRYPTOPP_UNUSED(output);
     throw NotImplemented("RDSEED: failed to find an implementation");
 #endif
 }

From 3b4a9e2ccfe3f15bd2c004f96d462e5de16b46b3 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 9 May 2017 15:48:52 -0400
Subject: [PATCH 108/200] Update padding check logic

---
 filters.cpp | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/filters.cpp b/filters.cpp
index 0b4b2e2d..5984e9f0 100644
--- a/filters.cpp
+++ b/filters.cpp
@@ -611,14 +611,15 @@ void StreamTransformationFilter::InitializeDerivedAndReturnNewSizes(const NameVa
 	else
 		m_padding = padding;
 
-	if (!isBlockCipher && (m_padding == PKCS_PADDING))
-		throw InvalidArgument("StreamTransformationFilter: PKCS_PADDING cannot be used with " + m_cipher.AlgorithmName());
-
-	if (!isBlockCipher && (m_padding == W3C_PADDING))
-		throw InvalidArgument("StreamTransformationFilter: W3C_PADDING cannot be used with " + m_cipher.AlgorithmName());
-
-	if (!isBlockCipher && (m_padding == ONE_AND_ZEROS_PADDING))
-		throw InvalidArgument("StreamTransformationFilter: ONE_AND_ZEROS_PADDING cannot be used with " + m_cipher.AlgorithmName());
+	if (!isBlockCipher)
+	{
+		if (m_padding == PKCS_PADDING)
+			throw InvalidArgument("StreamTransformationFilter: PKCS_PADDING cannot be used with " + m_cipher.AlgorithmName());
+		else if (m_padding == W3C_PADDING)
+			throw InvalidArgument("StreamTransformationFilter: W3C_PADDING cannot be used with " + m_cipher.AlgorithmName());
+		else if (m_padding == ONE_AND_ZEROS_PADDING)
+			throw InvalidArgument("StreamTransformationFilter: ONE_AND_ZEROS_PADDING cannot be used with " + m_cipher.AlgorithmName());
+	}
 
 	firstSize = 0;
 	blockSize = m_cipher.MandatoryBlockSize();

From 33235f88db56c1a34f47fb80a10c4ecf1953327b Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 9 May 2017 16:23:30 -0400
Subject: [PATCH 109/200] Removed unneeded guard Whitespace check-in

---
 rdrand.cpp   | 10 +++++-----
 validat1.cpp |  6 ------
 2 files changed, 5 insertions(+), 11 deletions(-)

diff --git a/rdrand.cpp b/rdrand.cpp
index f3b586a9..979e6503 100644
--- a/rdrand.cpp
+++ b/rdrand.cpp
@@ -154,7 +154,7 @@ inline void RDRAND32(void* output)
     while(!_rdrand32_step(reinterpret_cast<word32*>(output))) {}
 #else
     // RDRAND not detected at compile time, or no suitable compiler found
-	CRYPTOPP_UNUSED(output);
+    CRYPTOPP_UNUSED(output);
     throw NotImplemented("RDRAND: failed to find an implementation");
 #endif
 }
@@ -196,7 +196,7 @@ inline void RDRAND64(void* output)
     while(!_rdrand64_step(reinterpret_cast<unsigned long long*>(output))) {}
 #else
     // RDRAND not detected at compile time, or no suitable compiler found
-	CRYPTOPP_UNUSED(output);
+    CRYPTOPP_UNUSED(output);
     throw NotImplemented("RDRAND: failed to find an implementation");
 #endif
 }
@@ -251,7 +251,7 @@ void RDRAND::GenerateBlock(byte *output, size_t size)
     }
 #else
     // RDRAND not detected at compile time, or no suitable compiler found
-	CRYPTOPP_UNUSED(output);
+    CRYPTOPP_UNUSED(output);
     throw NotImplemented("RDRAND: failed to find a suitable implementation");
 #endif
 }
@@ -311,7 +311,7 @@ inline void RDSEED32(void* output)
     while(!_rdseed32_step(reinterpret_cast<word32*>(output))) {}
 #else
     // RDSEED not detected at compile time, or no suitable compiler found
-	CRYPTOPP_UNUSED(output);
+    CRYPTOPP_UNUSED(output);
     throw NotImplemented("RDSEED: failed to find an implementation");
 #endif
 }
@@ -353,7 +353,7 @@ inline void RDSEED64(void* output)
     while(!_rdseed64_step(reinterpret_cast<unsigned long long*>(output))) {}
 #else
     // RDSEED not detected at compile time, or no suitable compiler found
-	CRYPTOPP_UNUSED(output);
+    CRYPTOPP_UNUSED(output);
     throw NotImplemented("RDSEED: failed to find an implementation");
 #endif
 }
diff --git a/validat1.cpp b/validat1.cpp
index 07a0a01a..22d9905f 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -833,11 +833,8 @@ bool TestRDRAND()
 	bool entropy = true, compress = true, discard = true, crop = true;
 	member_ptr<RandomNumberGenerator> rng;
 
-#ifdef BLOCKING_RNG_AVAILABLE
 	try {rng.reset(new RDRAND);}
 	catch (const RDRAND_Err &) {}
-#endif
-
 	if (rng.get())
 	{
 		RDRAND& rdrand = dynamic_cast<RDRAND&>(*rng.get());
@@ -934,11 +931,8 @@ bool TestRDSEED()
 	bool entropy = true, compress = true, discard = true, crop = true;
 	member_ptr<RandomNumberGenerator> rng;
 
-#ifdef BLOCKING_RNG_AVAILABLE
 	try {rng.reset(new RDSEED);}
 	catch (const RDSEED_Err &) {}
-#endif
-
 	if (rng.get())
 	{
 		RDSEED& rdseed = dynamic_cast<RDSEED&>(*rng.get());

From 35ec7b105e6fc992ca40034180d5fa1393d908e1 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 9 May 2017 16:40:02 -0400
Subject: [PATCH 110/200] Enable MD4 testing under extended validations

---
 validat1.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/validat1.cpp b/validat1.cpp
index 22d9905f..dd430de8 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -104,11 +104,14 @@ bool ValidateAll(bool thorough)
 	pass=ValidateCRC32C() && pass;
 	pass=ValidateAdler32() && pass;
 	pass=ValidateMD2() && pass;
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
+	pass=ValidateMD4() && pass;
+#endif
 	pass=ValidateMD5() && pass;
 	pass=ValidateSHA() && pass;
 
 	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/keccak.txt") && pass;
-	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/sha3_fips_202.txt") && pass;
+	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/sha3.txt") && pass;
 
 	pass=ValidateHashDRBG() && pass;
 	pass=ValidateHmacDRBG() && pass;

From 0cbaea0428a281a0c98f10241cef5456a5bf365d Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 9 May 2017 18:44:45 -0400
Subject: [PATCH 111/200] Add tests for Information Dispersal and Secret
 Sharing

---
 cryptlib.cpp |   3 -
 cryptlib.h   |   2 +-
 validat0.cpp | 175 +++++++++++++++++++++++++++++++++++++++++++++++----
 validat1.cpp |   1 +
 validate.h   |   1 +
 5 files changed, 167 insertions(+), 15 deletions(-)

diff --git a/cryptlib.cpp b/cryptlib.cpp
index 8920d356..24eb0209 100644
--- a/cryptlib.cpp
+++ b/cryptlib.cpp
@@ -177,9 +177,6 @@ size_t BlockTransformation::AdvancedProcessBlocks(const byte *inBlocks, const by
 		{
 			// Coverity finding. However, xorBlocks is never NULL if BT_XorInput.
 			CRYPTOPP_ASSERT(xorBlocks);
-#if defined(__COVERITY__)
-			if (xorBlocks)
-#endif
 			xorbuf(outBlocks, xorBlocks, inBlocks, blockSize);
 			ProcessBlock(outBlocks);
 		}
diff --git a/cryptlib.h b/cryptlib.h
index 8f38e70b..f2c04267 100644
--- a/cryptlib.h
+++ b/cryptlib.h
@@ -1265,7 +1265,7 @@ public:
 	{
 		// TODO: What happens if there are more than 2^32 elements?
 		for (; begin != end; ++begin)
-			std::iter_swap(begin, begin + GenerateWord32(0, end-begin-1));
+			std::iter_swap(begin, begin + GenerateWord32(0, static_cast<word32>(end-begin-1)));
 	}
 };
 
diff --git a/validat0.cpp b/validat0.cpp
index 4d3c5c90..291d354b 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -11,8 +11,11 @@
 #include "stdcpp.h"
 #include "default.h"
 #include "zinflate.h"
+#include "channels.h"
+#include "files.h"
 #include "gzip.h"
 #include "zlib.h"
+#include "ida.h"
 #include "hex.h"
 #include "asn.h"
 
@@ -40,7 +43,7 @@ bool TestCompressors()
         for (unsigned int i=0; i<128; ++i)
         {
             std::string src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -68,7 +71,7 @@ bool TestCompressors()
     for (unsigned int i=0; i<128; i++)
     {
         std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+        unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -101,7 +104,7 @@ bool TestCompressors()
         for (unsigned int i=0; i<128; ++i)
         {
             std::string src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -130,7 +133,7 @@ bool TestCompressors()
     {
         // See if we can induce a crash
         std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+        unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -144,7 +147,7 @@ bool TestCompressors()
     for (unsigned int i=0; i<128; i++)
     {
         std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+        unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -177,7 +180,7 @@ bool TestCompressors()
         for (unsigned int i=0; i<128; ++i)
         {
             std::string src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -205,7 +208,7 @@ bool TestCompressors()
     for (unsigned int i=0; i<128; i++)
     {
         std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32() & 0xffff;
+        unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -237,7 +240,7 @@ bool TestEncryptors()
         for (unsigned int i=0; i<128; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = (GlobalRNG().GenerateWord32() & 0xffff) + 8;
+            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff) + 8;
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -270,7 +273,7 @@ bool TestEncryptors()
         for (unsigned int i=0; i<128; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = (GlobalRNG().GenerateWord32() & 0xffff) + 8;
+            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff) + 8;
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -335,7 +338,7 @@ bool TestEncryptors()
         for (unsigned int i=0; i<128; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = (GlobalRNG().GenerateWord32() & 0xffff) + 8;
+            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff) + 8;
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -368,7 +371,7 @@ bool TestEncryptors()
         for (unsigned int i=0; i<128; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = (GlobalRNG().GenerateWord32() & 0xffff) + 8;
+            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff) + 8;
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -429,6 +432,156 @@ bool TestEncryptors()
     return !fail1 && !fail2 && !fail3 && !fail4;
 }
 
+// Information Dispesal and Secret Sharing
+bool TestSharing()
+{
+    std::cout << "\nInformation Dispersal and Secret Sharing...\n\n";
+    static const unsigned int INFORMATION_SHARES = 128;
+    static const unsigned int SECRET_SHARES = 64;
+    static const unsigned int CHID_LENGTH = 4;
+    bool pass=true, fail=false;
+
+    // ********** Infrmation Dispersal **********//
+
+    for (unsigned int shares=3; shares<INFORMATION_SHARES; ++shares)
+    {
+        std::string message;
+        unsigned int len = GlobalRNG().GenerateWord32(0, 0xff);
+        unsigned int threshold = GlobalRNG().GenerateWord32(2, shares-1);
+
+        message.resize(len);
+        GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&message[0]), message.size());
+
+        ChannelSwitch *channelSwitch = NULLPTR;
+        StringSource source(message, false, new InformationDispersal(threshold, shares, channelSwitch = new ChannelSwitch));
+
+        std::vector<std::string> strShares(shares);
+        vector_member_ptrs<StringSink> strSinks(shares);
+        std::string channel;
+
+        // ********** Create Shares
+        for (unsigned int i=0; i<shares; i++)
+        {
+            strSinks[i].reset(new StringSink(strShares[i]));
+            channel = WordToString<word32>(i);
+            strSinks[i]->Put((const byte *)channel.data(), CHID_LENGTH);
+            channelSwitch->AddRoute(channel, *strSinks[i], DEFAULT_CHANNEL);
+        }
+        source.PumpAll();
+
+        // ********** Randomize shares
+
+        GlobalRNG().Shuffle(strShares.begin(), strShares.end());
+
+        // ********** Recover secret
+        try
+        {
+            std::string recovered;
+            InformationRecovery recovery(threshold, new StringSink(recovered));
+
+            vector_member_ptrs<StringSource> strSources(threshold);
+            channel.resize(CHID_LENGTH);
+            for (unsigned int i=0; i<threshold; i++)
+            {
+                strSources[i].reset(new StringSource(strShares[i], false));
+                strSources[i]->Pump(CHID_LENGTH);
+                strSources[i]->Get((byte*)&channel[0], CHID_LENGTH);
+                strSources[i]->Attach(new ChannelSwitch(recovery, channel));
+            }
+
+            while (strSources[0]->Pump(256))
+            {
+                for (unsigned int i=1; i<threshold; i++)
+                    strSources[i]->Pump(256);
+            }
+
+            for (unsigned int i=0; i<threshold; i++)
+                strSources[i]->PumpAll();
+
+            fail = (message != recovered);
+        }
+        catch (const Exception&)
+        {
+            fail = true;
+        }
+
+        pass &= !fail;
+    }
+
+    std::cout << (fail ? "FAILED:" : "passed:") << "  64 information dispersals\n";
+
+    // ********** Secret Sharing **********//
+
+    for (unsigned int shares=3; shares<SECRET_SHARES; ++shares)
+    {
+        std::string message;
+        unsigned int len = GlobalRNG().GenerateWord32(0, 0xff);
+        unsigned int threshold = GlobalRNG().GenerateWord32(2, shares-1);
+
+        message.resize(len);
+        GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&message[0]), message.size());
+
+        ChannelSwitch *channelSwitch = NULLPTR;
+        StringSource source(message, false, new SecretSharing(GlobalRNG(), threshold, shares, channelSwitch = new ChannelSwitch));
+
+        std::vector<std::string> strShares(shares);
+        vector_member_ptrs<StringSink> strSinks(shares);
+        std::string channel;
+
+        // ********** Create Shares
+        for (unsigned int i=0; i<shares; i++)
+        {
+            strSinks[i].reset(new StringSink(strShares[i]));
+            channel = WordToString<word32>(i);
+            strSinks[i]->Put((const byte *)channel.data(), CHID_LENGTH);
+            channelSwitch->AddRoute(channel, *strSinks[i], DEFAULT_CHANNEL);
+        }
+        source.PumpAll();
+
+        // ********** Randomize shares
+
+        GlobalRNG().Shuffle(strShares.begin(), strShares.end());
+
+        // ********** Recover secret
+        try
+        {
+            std::string recovered;
+            SecretRecovery recovery(threshold, new StringSink(recovered));
+
+            vector_member_ptrs<StringSource> strSources(threshold);
+            channel.resize(CHID_LENGTH);
+            for (unsigned int i=0; i<threshold; i++)
+            {
+                strSources[i].reset(new StringSource(strShares[i], false));
+                strSources[i]->Pump(CHID_LENGTH);
+                strSources[i]->Get((byte*)&channel[0], CHID_LENGTH);
+                strSources[i]->Attach(new ChannelSwitch(recovery, channel));
+            }
+
+            while (strSources[0]->Pump(256))
+            {
+                for (unsigned int i=1; i<threshold; i++)
+                    strSources[i]->Pump(256);
+            }
+
+            for (unsigned int i=0; i<threshold; i++)
+                strSources[i]->PumpAll();
+
+            fail = (message != recovered);
+        }
+        catch (const Exception&)
+        {
+            fail = true;
+        }
+
+        pass &= !fail;
+    }
+
+    std::cout << (fail ? "FAILED:" : "passed:") << "  64 secret sharings\n";
+
+    return pass;
+}
+
 bool TestRounding()
 {
     std::cout << "\nTesting RoundUpToMultipleOf/RoundDownToMultipleOf...\n\n";
diff --git a/validat1.cpp b/validat1.cpp
index dd430de8..b38dac66 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -97,6 +97,7 @@ bool ValidateAll(bool thorough)
 	// Additional tests due to no coverage
 	pass=ValidateBaseCode() && pass;
 	pass=TestCompressors() && pass;
+	pass=TestSharing() && pass;
 	pass=TestEncryptors() && pass;
 #endif
 
diff --git a/validate.h b/validate.h
index ed9d98f7..23d28414 100644
--- a/validate.h
+++ b/validate.h
@@ -129,6 +129,7 @@ bool TestASN1Parse();
 bool TestCompressors();
 bool TestEncryptors();
 bool TestMersenne();
+bool TestSharing();
 #endif
 
 #if 1

From 5c42ec96f2c7ef4a5716f5fc84c87ccf411adbe2 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 9 May 2017 22:47:14 -0400
Subject: [PATCH 112/200] Fix bad GCC code generation with -Os It appears GCC
 was doing something wonky with the call to RDSEED. The test script was
 experiencing a hang

---
 rdrand.cpp | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/rdrand.cpp b/rdrand.cpp
index 979e6503..ab2c5093 100644
--- a/rdrand.cpp
+++ b/rdrand.cpp
@@ -122,7 +122,7 @@ NAMESPACE_BEGIN(CryptoPP)
 inline void RDRAND32(void* output)
 {
 #if defined(__SUNPRO_CC)
-    __asm__
+    __asm__ __volatile__
     (
         "1:\n"
         ".byte 0x0f, 0xc7, 0xf0;\n"
@@ -131,7 +131,7 @@ inline void RDRAND32(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDRAND_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 40600)
-    __asm__
+    __asm__ __volatile__
     (
         INTEL_NOPREFIX
         ASL(1)
@@ -142,7 +142,7 @@ inline void RDRAND32(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDRAND_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 30200)
-    __asm__
+    __asm__ __volatile__
     (
         "1:\n"
         ".byte 0x0f, 0xc7, 0xf0;\n"
@@ -164,7 +164,7 @@ inline void RDRAND32(void* output)
 inline void RDRAND64(void* output)
 {
 #if defined(__SUNPRO_CC) && (__SUNPRO_CC >= 0x5100)
-    __asm__
+    __asm__ __volatile__
     (
         "1:\n"
         ".byte 0x48, 0x0f, 0xc7, 0xf0;\n"
@@ -173,7 +173,7 @@ inline void RDRAND64(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDRAND_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 40600)
-    __asm__
+    __asm__ __volatile__
     (
         INTEL_NOPREFIX
         ASL(1)
@@ -184,7 +184,7 @@ inline void RDRAND64(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDRAND_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 30200)
-    __asm__
+    __asm__ __volatile__
     (
         "1:\n"
         ".byte 0x48, 0x0f, 0xc7, 0xf0;\n"
@@ -279,7 +279,7 @@ void RDRAND::DiscardBytes(size_t n)
 inline void RDSEED32(void* output)
 {
 #if defined(__SUNPRO_CC)
-    __asm__
+    __asm__ __volatile__
     (
         "1:\n"
         ".byte 0x0f, 0xc7, 0xf8;\n"
@@ -288,7 +288,7 @@ inline void RDSEED32(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDSEED_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 40600)
-    __asm__
+    __asm__ __volatile__
     (
         INTEL_NOPREFIX
         ASL(1)
@@ -299,7 +299,7 @@ inline void RDSEED32(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDSEED_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 30200)
-    __asm__
+    __asm__ __volatile__
     (
         "1:\n"
         ".byte 0x0f, 0xc7, 0xf8;\n"
@@ -321,7 +321,7 @@ inline void RDSEED32(void* output)
 inline void RDSEED64(void* output)
 {
 #if defined(__SUNPRO_CC) && (__SUNPRO_CC >= 0x5100)
-    __asm__
+    __asm__ __volatile__
     (
         "1:\n"
         ".byte 0x48, 0x0f, 0xc7, 0xf8;\n"
@@ -330,7 +330,7 @@ inline void RDSEED64(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDSEED_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 40600)
-    __asm__
+    __asm__ __volatile__
     (
         INTEL_NOPREFIX
         ASL(1)
@@ -341,7 +341,7 @@ inline void RDSEED64(void* output)
         : : "cc"
     );
 #elif defined(GCC_RDSEED_ASM_AVAILABLE) && (CRYPTOPP_GCC_VERSION >= 30200)
-    __asm__
+    __asm__ __volatile__
     (
         "1:\n"
         ".byte 0x48, 0x0f, 0xc7, 0xf8;\n"

From 4904a951cee1cccc424058db201fa73258bda26a Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 01:28:25 -0400
Subject: [PATCH 113/200] Fix bad code generation with GCC, -Os and rdseed

---
 rdrand.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rdrand.cpp b/rdrand.cpp
index ab2c5093..f9dab893 100644
--- a/rdrand.cpp
+++ b/rdrand.cpp
@@ -69,12 +69,12 @@
 #    define GCC_RDSEED_ASM_AVAILABLE 1
 #  endif
 # elif defined(CRYPTOPP_GCC_VERSION)
-#  if defined(__RDRND__) && (CRYPTOPP_GCC_VERSION >= 40600)
+#  if defined(__RDRND__) && (CRYPTOPP_GCC_VERSION >= 40600) && !defined(__OPTIMIZE_SIZE__)
 #    define ALL_RDRAND_INTRIN_AVAILABLE 1
 #  else
 #    define GCC_RDRAND_ASM_AVAILABLE 1
 #  endif
-#  if defined(__RDSEED__) && (CRYPTOPP_GCC_VERSION >= 40600)
+#  if defined(__RDSEED__) && (CRYPTOPP_GCC_VERSION >= 40600) && !defined(__OPTIMIZE_SIZE__)
 #    define ALL_RDSEED_INTRIN_AVAILABLE 1
 #  else
 #    define GCC_RDSEED_ASM_AVAILABLE 1

From 151ec518e8fe5341c916af070079597d17f960a6 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 01:28:52 -0400
Subject: [PATCH 114/200] Add additional tests

---
 validat0.cpp |  29 ++--
 validat1.cpp | 432 ++++++++++++++++++++++++++++++++-------------------
 validate.h   |   2 +-
 3 files changed, 285 insertions(+), 178 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index 291d354b..7277203a 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -233,14 +233,15 @@ bool TestCompressors()
 bool TestEncryptors()
 {
     std::cout << "\nTesting Default Encryptors and Decryptors...\n\n";
+    static const unsigned int ENCRYPT_COUNT = 128, ENCRYPT_MAC_COUNT = 64;
     bool fail1 = false, fail2 = false, fail3 = false, fail4 = false;
 
     try
     {
-        for (unsigned int i=0; i<128; ++i)
+        for (unsigned int i=0; i<ENCRYPT_COUNT; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff) + 8;
+            unsigned int len = GlobalRNG().GenerateWord32(16, 0xffff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -264,16 +265,16 @@ bool TestEncryptors()
        std::cout << "passed:";
     else
        std::cout << "FAILED:";
-    std::cout << "  128 default encryptions and decryptions" << std::endl;
+    std::cout << "  " << ENCRYPT_COUNT << " default encryptions and decryptions" << std::endl;
 
     // **************************************************************
 
     try
     {
-        for (unsigned int i=0; i<128; ++i)
+        for (unsigned int i=0; i<ENCRYPT_MAC_COUNT; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff) + 8;
+            unsigned int len = GlobalRNG().GenerateWord32(16, 0xffff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -329,16 +330,16 @@ bool TestEncryptors()
        std::cout << "passed:";
     else
        std::cout << "FAILED:";
-    std::cout << "  128 default encryptions and decryptions with MAC" << std::endl;
+    std::cout << "  " << ENCRYPT_MAC_COUNT << " default encryptions and decryptions with MAC" << std::endl;
 
     // **************************************************************
 
     try
     {
-        for (unsigned int i=0; i<128; ++i)
+        for (unsigned int i=0; i<ENCRYPT_COUNT; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff) + 8;
+            unsigned int len = GlobalRNG().GenerateWord32(16, 0xffff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -362,16 +363,16 @@ bool TestEncryptors()
        std::cout << "passed:";
     else
        std::cout << "FAILED:";
-    std::cout << "  128 legacy encryptions and decryptions" << std::endl;
+    std::cout << "  " << ENCRYPT_COUNT << " legacy encryptions and decryptions" << std::endl;
 
     // **************************************************************
 
     try
     {
-        for (unsigned int i=0; i<128; ++i)
+        for (unsigned int i=0; i<ENCRYPT_MAC_COUNT; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff) + 8;
+            unsigned int len = GlobalRNG().GenerateWord32(16, 0xffff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -427,7 +428,7 @@ bool TestEncryptors()
        std::cout << "passed:";
     else
        std::cout << "FAILED:";
-    std::cout << "  128 legacy encryptions and decryptions with MAC" << std::endl;
+    std::cout << "  " << ENCRYPT_MAC_COUNT << " legacy encryptions and decryptions with MAC" << std::endl;
 
     return !fail1 && !fail2 && !fail3 && !fail4;
 }
@@ -508,7 +509,7 @@ bool TestSharing()
         pass &= !fail;
     }
 
-    std::cout << (fail ? "FAILED:" : "passed:") << "  64 information dispersals\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  " << INFORMATION_SHARES << " information dispersals\n";
 
     // ********** Secret Sharing **********//
 
@@ -577,7 +578,7 @@ bool TestSharing()
         pass &= !fail;
     }
 
-    std::cout << (fail ? "FAILED:" : "passed:") << "  64 secret sharings\n";
+    std::cout << (fail ? "FAILED:" : "passed:") << "  " << SECRET_SHARES << " secret sharings\n";
 
     return pass;
 }
diff --git a/validat1.cpp b/validat1.cpp
index b38dac66..31fe71d7 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -70,7 +70,7 @@ bool ValidateAll(bool thorough)
 {
 	bool pass=TestSettings();
 	pass=TestOS_RNG() && pass;
-	pass=TestAutoSeeded() && pass;
+	pass=TestRandomPool() && pass;
 	pass=TestAutoSeededX917() && pass;
 	// pass=TestSecRandom() && pass;
 #if defined(CRYPTOPP_EXTENDED_VALIDATION)
@@ -459,7 +459,7 @@ bool TestOS_RNG()
 			RandomNumberGenerator& prng = *rng.get();
 			(void)prng.AlgorithmName();
 			word32 result = prng.GenerateWord32();
-			result = prng.GenerateWord32(21, 0xffffffff - 21);
+			result = prng.GenerateWord32((result & 0xff), 0xffffffff - (result & 0xff));
 			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
 			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
 			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
@@ -509,7 +509,7 @@ bool TestOS_RNG()
 			RandomNumberGenerator& prng = *rng.get();
 			(void)prng.AlgorithmName();
 			word32 result = prng.GenerateWord32();
-			result = prng.GenerateWord32(21, 0xffffffff - 21);
+			result = prng.GenerateWord32((result & 0xff), 0xffffffff - (result & 0xff));
 			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
 			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
 			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
@@ -534,102 +534,185 @@ bool TestOS_RNG()
 	return pass;
 }
 
-#if defined(NO_OS_DEPENDENCE) || !defined(OS_RNG_AVAILABLE)
-bool TestAutoSeeded()
+#if !defined(NO_OS_DEPENDENCE)
+bool TestRandomPool()
 {
-	return true;
-}
-bool TestAutoSeededX917()
-{
-	return true;
-}
-#else
-bool TestAutoSeeded()
-{
-	// This tests Auto-Seeding and GenerateIntoBufferedTransformation.
-	std::cout << "\nTesting AutoSeeded generator...\n\n";
-
-	AutoSeededRandomPool prng;
-	static const unsigned int ENTROPY_SIZE = 32;
-	bool generate = true, discard = true, incorporate = false, crop = false;
-
-	MeterFilter meter(new Redirector(TheBitBucket()));
-	RandomNumberSource test(prng, 100000, true, new Deflator(new Redirector(meter)));
-
-	if (meter.GetTotalBytes() < 100000)
+	std::cout << "\nTesting RandomPool generator...\n\n";
+	bool pass=true, fail;
 	{
-		std::cout << "FAILED:";
-		generate = false;
-	}
-	else
-		std::cout << "passed:";
-	std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
+		RandomPool prng;
+		static const unsigned int ENTROPY_SIZE = 32;
 
-	try
-	{
-		prng.DiscardBytes(100000);
-	}
-	catch (const Exception&)
-	{
-		discard = false;
-	}
+		MeterFilter meter(new Redirector(TheBitBucket()));
+		RandomNumberSource test(prng, 100000, true, new Deflator(new Redirector(meter)));
 
-	if (!discard)
-		std::cout << "FAILED:";
-	else
-		std::cout << "passed:";
-	std::cout << "  discarded 10000 bytes" << std::endl;
+		fail = false;
+		if (meter.GetTotalBytes() < 100000)
+			fail = true;
 
-	try
-	{
-		if(prng.CanIncorporateEntropy())
+		pass &= !fail;
+		if (fail)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
+
+		try
 		{
-			SecByteBlock entropy(ENTROPY_SIZE);
-			GlobalRNG().GenerateBlock(entropy, entropy.SizeInBytes());
-
-			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
-			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
-			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
-			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
-
-			incorporate = true;
+			fail = false;
+			prng.DiscardBytes(100000);
 		}
+		catch (const Exception&)
+		{
+			fail = true;
+		}
+
+		pass &= !fail;
+		if (fail)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  discarded 10000 bytes" << std::endl;
+
+		try
+		{
+			fail = false;
+			if(prng.CanIncorporateEntropy())
+			{
+				SecByteBlock entropy(ENTROPY_SIZE);
+				GlobalRNG().GenerateBlock(entropy, entropy.SizeInBytes());
+
+				prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+				prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+				prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+				prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+			}
+		}
+		catch (const Exception& /*ex*/)
+		{
+			fail = true;
+		}
+
+		pass &= !fail;
+		if (fail)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  IncorporateEntropy with " << 4*ENTROPY_SIZE << " bytes\n";
+
+		try
+		{
+			// Miscellaneous for code coverage
+			(void)prng.AlgorithmName();  // "unknown"
+			word32 result = prng.GenerateWord32();
+			result = prng.GenerateWord32((result & 0xff), 0xffffffff - (result & 0xff));
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
+		}
+		catch (const Exception&)
+		{
+			fail = true;
+		}
+
+		pass &= !fail;
+		if (fail)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  GenerateWord32 and Crop\n";	
 	}
-	catch (const Exception& /*ex*/)
+
+	std::cout << "\nTesting AutoSeeded RandomPool generator...\n\n";
 	{
+		AutoSeededRandomPool prng;
+		static const unsigned int ENTROPY_SIZE = 32;
+
+		MeterFilter meter(new Redirector(TheBitBucket()));
+		RandomNumberSource test(prng, 100000, true, new Deflator(new Redirector(meter)));
+
+		fail = false;
+		if (meter.GetTotalBytes() < 100000)
+			fail = true;
+
+		pass &= !fail;
+		if (fail)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
+
+		try
+		{
+			fail = false;
+			prng.DiscardBytes(100000);
+		}
+		catch (const Exception&)
+		{
+			fail = true;
+		}
+
+		pass &= !fail;
+		if (fail)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  discarded 10000 bytes" << std::endl;
+
+		try
+		{
+			fail = false;
+			if(prng.CanIncorporateEntropy())
+			{
+				SecByteBlock entropy(ENTROPY_SIZE);
+				GlobalRNG().GenerateBlock(entropy, entropy.SizeInBytes());
+
+				prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+				prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+				prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+				prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
+			}
+		}
+		catch (const Exception& /*ex*/)
+		{
+			fail = true;
+		}
+
+		pass &= !fail;
+		if (fail)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  IncorporateEntropy with " << 4*ENTROPY_SIZE << " bytes\n";
+
+		try
+		{
+			// Miscellaneous for code coverage
+			fail = false;
+			(void)prng.AlgorithmName();  // "unknown"
+			word32 result = prng.GenerateWord32();
+			result = prng.GenerateWord32((result & 0xff), 0xffffffff - (result & 0xff));
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
+			prng.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
+		}
+		catch (const Exception&)
+		{
+			fail = true;
+		}
+
+		pass &= !fail;
+		if (fail)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
+		std::cout << "  GenerateWord32 and Crop\n";	
 	}
 
-	if (!incorporate)
-		std::cout << "FAILED:";
-	else
-		std::cout << "passed:";
-	std::cout << "  IncorporateEntropy with " << 4*ENTROPY_SIZE << " bytes\n";
-
-	try
-	{
-		// Miscellaneous for code coverage
-		(void)prng.AlgorithmName();
-		word32 result = prng.GenerateWord32();
-		result = prng.GenerateWord32(21, 0xffffffff - 21);
-		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
-		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
-		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
-		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
-		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
-		crop = true;
-	}
-	catch (const Exception&)
-	{
-		crop = false;
-	}
-
-	if (!crop)
-		std::cout << "FAILED:";
-	else
-		std::cout << "passed:";
-	std::cout << "  GenerateWord32 and Crop\n";
-
-	return generate && discard && incorporate && crop;
+	std::cout.flush();
+	return pass;
 }
 
 bool TestAutoSeededX917()
@@ -638,31 +721,35 @@ bool TestAutoSeededX917()
 	std::cout << "\nTesting AutoSeeded X917 generator...\n\n";
 
 	AutoSeededX917RNG<AES> prng;
+	bool pass = true, fail;
 	static const unsigned int ENTROPY_SIZE = 32;
-	bool generate = true, discard = true, incorporate = false, crop = false;
 
 	MeterFilter meter(new Redirector(TheBitBucket()));
 	RandomNumberSource test(prng, 100000, true, new Deflator(new Redirector(meter)));
 
+	fail = false;
 	if (meter.GetTotalBytes() < 100000)
-	{
+		fail = true;
+
+	pass &= !fail;
+	if (fail)
 		std::cout << "FAILED:";
-		generate = false;
-	}
 	else
 		std::cout << "passed:";
 	std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
 
 	try
 	{
+		fail = false;
 		prng.DiscardBytes(100000);
 	}
 	catch (const Exception&)
 	{
-		discard = false;
+		fail = true;
 	}
 
-	if (!discard)
+	pass &= !fail;
+	if (fail)
 		std::cout << "FAILED:";
 	else
 		std::cout << "passed:";
@@ -670,6 +757,7 @@ bool TestAutoSeededX917()
 
 	try
 	{
+		fail = false;
 		if(prng.CanIncorporateEntropy())
 		{
 			SecByteBlock entropy(ENTROPY_SIZE);
@@ -679,15 +767,15 @@ bool TestAutoSeededX917()
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
-
-			incorporate = true;
 		}
 	}
 	catch (const Exception& /*ex*/)
 	{
+		fail = true;
 	}
 
-	if (!incorporate)
+	pass &= !fail;
+	if (fail)
 		std::cout << "FAILED:";
 	else
 		std::cout << "passed:";
@@ -696,28 +784,29 @@ bool TestAutoSeededX917()
 	try
 	{
 		// Miscellaneous for code coverage
-		(void)prng.AlgorithmName();
+		fail = false;
+		(void)prng.AlgorithmName();  // "unknown"
 		word32 result = prng.GenerateWord32();
-		result = prng.GenerateWord32(21, 0xffffffff - 21);
+		result = prng.GenerateWord32((result & 0xff), 0xffffffff - (result & 0xff));
 		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
 		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
 		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
 		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
-		prng.GenerateBlock(reinterpret_cast<byte*>(&result), 0);
-		crop = true;
 	}
 	catch (const Exception&)
 	{
-		crop = false;
+		fail = true;
 	}
 
-	if (!crop)
+	pass &= !fail;
+	if (fail)
 		std::cout << "FAILED:";
 	else
 		std::cout << "passed:";
-	std::cout << "  GenerateWord32 and Crop\n";
+	std::cout << "  GenerateWord32 and Crop\n";	
 
-	return generate && discard && incorporate && crop;
+	std::cout.flush();
+	return pass;
 }
 #endif // NO_OS_DEPENDENCE
 
@@ -727,7 +816,7 @@ bool TestMersenne()
 	std::cout << "\nTesting Mersenne Twister...\n\n";
 
 	static const unsigned int ENTROPY_SIZE = 32;
-	bool equal = true, generate = true, discard = true, incorporate = false, crop = false;
+	bool pass = true, fail = false;
 
 	// First 10; http://create.stephan-brumme.com/mersenne-twister/
 	word32 result[10], expected[10] = {0xD091BB5C, 0x22AE9EF6,
@@ -736,41 +825,41 @@ bool TestMersenne()
 
 	MT19937ar prng;
 	prng.GenerateBlock(reinterpret_cast<byte*>(result), sizeof(result));
-	equal = (0 == ::memcmp(result, expected, sizeof(expected)));
+	fail = (0 != ::memcmp(result, expected, sizeof(expected)));
 
-	if (equal)
-	{
-		std::cout << "passed:";
-	}
-	else
-	{
+	pass &= !fail;
+	if (fail)
 		std::cout << "FAILED:";
-		equal = false;
-	}
+	else
+		std::cout << "passed:";
 	std::cout << "  Expected sequence from MT19937ar (2002 version)\n";
 
 	MeterFilter meter(new Redirector(TheBitBucket()));
 	RandomNumberSource test(prng, 100000, true, new Deflator(new Redirector(meter)));
 
+	fail = false;
 	if (meter.GetTotalBytes() < 100000)
-	{
+		fail = true;
+
+	pass &= !fail;
+	if (fail)
 		std::cout << "FAILED:";
-		generate = false;
-	}
 	else
 		std::cout << "passed:";
 	std::cout << "  100000 generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
 
 	try
 	{
+		fail = false;
 		prng.DiscardBytes(100000);
 	}
 	catch (const Exception&)
 	{
-		discard = false;
+		fail = true;
 	}
 
-	if (!discard)
+	pass &= !fail;
+	if (fail)
 		std::cout << "FAILED:";
 	else
 		std::cout << "passed:";
@@ -778,6 +867,7 @@ bool TestMersenne()
 
 	try
 	{
+		fail = false;
 		if(prng.CanIncorporateEntropy())
 		{
 			SecByteBlock entropy(ENTROPY_SIZE);
@@ -787,15 +877,15 @@ bool TestMersenne()
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
 			prng.IncorporateEntropy(entropy, entropy.SizeInBytes());
-
-			incorporate = true;
 		}
 	}
 	catch (const Exception& /*ex*/)
 	{
+		fail = true;
 	}
 
-	if (!incorporate)
+	pass &= !fail;
+	if (fail)
 		std::cout << "FAILED:";
 	else
 		std::cout << "passed:";
@@ -805,27 +895,29 @@ bool TestMersenne()
 	{
 		// Miscellaneous for code coverage
 		(void)prng.AlgorithmName();
-		result[0] = prng.GenerateWord32();
-		result[0] = prng.GenerateWord32(21, 0xffffffff - 21);
+		word32 temp = prng.GenerateWord32();
+		temp = prng.GenerateWord32((temp & 0xff), 0xffffffff - (temp & 0xff));
 		prng.GenerateBlock(reinterpret_cast<byte*>(&result[0]), 4);
 		prng.GenerateBlock(reinterpret_cast<byte*>(&result[0]), 3);
 		prng.GenerateBlock(reinterpret_cast<byte*>(&result[0]), 2);
 		prng.GenerateBlock(reinterpret_cast<byte*>(&result[0]), 1);
 		prng.GenerateBlock(reinterpret_cast<byte*>(&result[0]), 0);
-		crop = true;
+		fail = false;
 	}
 	catch (const Exception&)
 	{
-		crop = false;
+		fail = true;
 	}
 
-	if (!crop)
+	pass &= !fail;
+	if (fail)
 		std::cout << "FAILED:";
 	else
 		std::cout << "passed:";
 	std::cout << "  GenerateWord32 and Crop\n";
 
-	return equal && generate && discard && incorporate && crop;
+	std::cout.flush();
+	return pass;
 }
 #endif
 
@@ -834,7 +926,7 @@ bool TestRDRAND()
 {
 	std::cout << "\nTesting RDRAND generator...\n\n";
 
-	bool entropy = true, compress = true, discard = true, crop = true;
+	bool pass = true, fail = false;
 	member_ptr<RandomNumberGenerator> rng;
 
 	try {rng.reset(new RDRAND);}
@@ -858,37 +950,42 @@ bool TestRDRAND()
 		CRYPTOPP_ASSERT(0 == maurer.BytesNeeded());
 		const double mv = maurer.GetTestValue();
 		if (mv < 0.98f)
-		{
-			std::cout << "FAILED:";
-			entropy = false;
-		}
-		else
-			std::cout << "passed:";
+			fail = true;
 
 		// Coverity finding, also see http://stackoverflow.com/a/34509163/608639.
 		StreamState ss(std::cout);
 		std::cout << std::setiosflags(std::ios::fixed) << std::setprecision(6);
+
+		pass &= !fail;
+		if (fail)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
 		std::cout << "  Maurer Randomness Test returned value " << mv << "\n";
 
+		fail = false;
 		if (meter.GetTotalBytes() < SIZE)
-		{
+			fail = true;
+
+		pass &= !fail;
+		if (fail)
 			std::cout << "FAILED:";
-			compress = false;
-		}
 		else
 			std::cout << "passed:";
 		std::cout << "  " << SIZE << " generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
 
 		try
 		{
+			fail = false;
 			rdrand.DiscardBytes(SIZE);
 		}
 		catch (const Exception&)
 		{
-			discard = false;
+			fail = true;
 		}
 
-		if (!discard)
+		pass &= !fail;
+		if (fail)
 			std::cout << "FAILED:";
 		else
 			std::cout << "passed:";
@@ -902,19 +999,20 @@ bool TestRDRAND()
 			rdrand.IncorporateEntropy(NULLPTR, 0);
 
 			word32 result = rdrand.GenerateWord32();
-			result = rdrand.GenerateWord32(21, 0xffffffff - 21);
+			result = rdrand.GenerateWord32((result & 0xff), 0xffffffff - (result & 0xff));
 			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
 			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
 			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
 			rdrand.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
-			crop = true;
+			fail = false;
 		}
 		catch (const Exception&)
 		{
-			crop = false;
+			fail = true;
 		}
 
-		if (!crop)
+		pass &= !fail;
+		if (fail)
 			std::cout << "FAILED:";
 		else
 			std::cout << "passed:";
@@ -923,7 +1021,8 @@ bool TestRDRAND()
 	else
 		std::cout << "RDRAND generator not available, skipping test.\n";
 
-	return entropy && compress && discard && crop;
+	std::cout.flush();
+	return pass;
 }
 #endif
 
@@ -932,7 +1031,7 @@ bool TestRDSEED()
 {
 	std::cout << "\nTesting RDSEED generator...\n\n";
 
-	bool entropy = true, compress = true, discard = true, crop = true;
+	bool pass = true, fail = false;
 	member_ptr<RandomNumberGenerator> rng;
 
 	try {rng.reset(new RDSEED);}
@@ -956,37 +1055,42 @@ bool TestRDSEED()
 		CRYPTOPP_ASSERT(0 == maurer.BytesNeeded());
 		const double mv = maurer.GetTestValue();
 		if (mv < 0.98f)
-		{
-			std::cout << "FAILED:";
-			entropy = false;
-		}
-		else
-			std::cout << "passed:";
+			fail = true;
 
 		// Coverity finding, also see http://stackoverflow.com/a/34509163/608639.
 		StreamState ss(std::cout);
 		std::cout << std::setiosflags(std::ios::fixed) << std::setprecision(6);
+
+		pass &= !fail;
+		if (fail)
+			std::cout << "FAILED:";
+		else
+			std::cout << "passed:";
 		std::cout << "  Maurer Randomness Test returned value " << mv << "\n";
 
+		fail = false;
 		if (meter.GetTotalBytes() < SIZE)
-		{
+			fail = true;
+
+		pass &= !fail;
+		if (fail)
 			std::cout << "FAILED:";
-			compress = false;
-		}
 		else
 			std::cout << "passed:";
 		std::cout << "  " << SIZE << " generated bytes compressed to " << meter.GetTotalBytes() << " bytes by DEFLATE\n";
 
 		try
 		{
+			fail = false;
 			rdseed.DiscardBytes(SIZE);
 		}
 		catch (const Exception&)
 		{
-			discard = false;
+			fail = true;
 		}
 
-		if (!discard)
+		pass &= !fail;
+		if (fail)
 			std::cout << "FAILED:";
 		else
 			std::cout << "passed:";
@@ -1000,19 +1104,20 @@ bool TestRDSEED()
 			rdseed.IncorporateEntropy(NULLPTR, 0);
 
 			word32 result = rdseed.GenerateWord32();
-			result = rdseed.GenerateWord32(21, 0xffffffff - 21);
+			result = rdseed.GenerateWord32((result & 0xff), 0xffffffff - (result & 0xff));
 			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 4);
 			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 3);
 			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 2);
 			rdseed.GenerateBlock(reinterpret_cast<byte*>(&result), 1);
-			crop = true;
+			fail = false;
 		}
 		catch (const Exception&)
 		{
-			crop = false;
+			fail = true;
 		}
 
-		if (!crop)
+		pass &= !fail;
+		if (fail)
 			std::cout << "FAILED:";
 		else
 			std::cout << "passed:";
@@ -1021,7 +1126,8 @@ bool TestRDSEED()
 	else
 		std::cout << "RDSEED generator not available, skipping test.\n";
 
-	return entropy && compress && discard && crop;
+	std::cout.flush();
+	return pass;
 }
 #endif
 
diff --git a/validate.h b/validate.h
index 23d28414..a928eb46 100644
--- a/validate.h
+++ b/validate.h
@@ -18,7 +18,7 @@ bool ValidateAll(bool thorough);
 bool TestSettings();
 bool TestOS_RNG();
 // bool TestSecRandom();
-bool TestAutoSeeded();
+bool TestRandomPool();
 bool TestAutoSeededX917();
 
 #if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)

From 093499260ec23c901059c45a4048781a8da41848 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 03:50:32 -0400
Subject: [PATCH 115/200] Fix compile error with NO_OS_DEPENDENCE

---
 validat1.cpp | 9 +++++++--
 validate.h   | 3 ++-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/validat1.cpp b/validat1.cpp
index 31fe71d7..cd8655b4 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -46,6 +46,7 @@
 #include "drbg.h"
 #include "rdrand.h"
 #include "mersenne.h"
+#include "randpool.h"
 #include "zdeflate.h"
 #include "smartptr.h"
 #include "channels.h"
@@ -71,7 +72,9 @@ bool ValidateAll(bool thorough)
 	bool pass=TestSettings();
 	pass=TestOS_RNG() && pass;
 	pass=TestRandomPool() && pass;
+#if !defined(NO_OS_DEPENDENCE)
 	pass=TestAutoSeededX917() && pass;
+#endif
 	// pass=TestSecRandom() && pass;
 #if defined(CRYPTOPP_EXTENDED_VALIDATION)
 	pass=TestMersenne() && pass;
@@ -534,7 +537,6 @@ bool TestOS_RNG()
 	return pass;
 }
 
-#if !defined(NO_OS_DEPENDENCE)
 bool TestRandomPool()
 {
 	std::cout << "\nTesting RandomPool generator...\n\n";
@@ -624,6 +626,7 @@ bool TestRandomPool()
 		std::cout << "  GenerateWord32 and Crop\n";	
 	}
 
+#if !defined(NO_OS_DEPENDENCE)
 	std::cout << "\nTesting AutoSeeded RandomPool generator...\n\n";
 	{
 		AutoSeededRandomPool prng;
@@ -710,11 +713,13 @@ bool TestRandomPool()
 			std::cout << "passed:";
 		std::cout << "  GenerateWord32 and Crop\n";	
 	}
+#endif
 
 	std::cout.flush();
 	return pass;
 }
 
+#if !defined(NO_OS_DEPENDENCE)
 bool TestAutoSeededX917()
 {
 	// This tests Auto-Seeding and GenerateIntoBufferedTransformation.
@@ -808,7 +813,7 @@ bool TestAutoSeededX917()
 	std::cout.flush();
 	return pass;
 }
-#endif // NO_OS_DEPENDENCE
+#endif
 
 #if defined(CRYPTOPP_EXTENDED_VALIDATION)
 bool TestMersenne()
diff --git a/validate.h b/validate.h
index a928eb46..80386778 100644
--- a/validate.h
+++ b/validate.h
@@ -19,8 +19,9 @@ bool TestSettings();
 bool TestOS_RNG();
 // bool TestSecRandom();
 bool TestRandomPool();
+#if !defined(NO_OS_DEPENDENCE)
 bool TestAutoSeededX917();
-
+#endif
 #if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
 bool TestRDRAND();
 bool TestRDSEED();

From 9b383e8a07ca323d95f1bd378698d1f2e2c37db9 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 04:15:42 -0400
Subject: [PATCH 116/200] Clear out-of-bounds read when fuzzing
 zinflate.cpp:553:41: runtime error: index 30 out of bounds for type 'unsigned
 int [30]' zinflate.cpp:553:11: runtime error: load of address 0x0000011806b8
 with insufficient space for an object of type 'const unsigned int'
 zinflate.cpp:32:32: runtime error: shift exponent 64 is too large for 64-bit
 type 'long unsigned int'

---
 zinflate.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/zinflate.cpp b/zinflate.cpp
index 6d8c31e7..62431771 100644
--- a/zinflate.cpp
+++ b/zinflate.cpp
@@ -550,7 +550,9 @@ bool Inflator::DecodeBody()
 						break;
 					}
 		case DISTANCE_BITS:
-					bits = distanceExtraBits[m_distance];
+					// TODO: this surfaced during fuzzing. What do we do???
+					CRYPTOPP_ASSERT(m_distance < COUNTOF(distanceExtraBits));
+					bits = (m_distance >= COUNTOF(distanceExtraBits)) ? distanceExtraBits[29] : distanceExtraBits[m_distance];
 					if (!m_reader.FillBuffer(bits))
 					{
 						m_nextDecode = DISTANCE_BITS;

From 76bb4ead40ded06b55b506a85106eae38519b7ee Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 06:26:29 -0400
Subject: [PATCH 117/200] XOR block in specialized ProcessBlock Use Put and Get
 blocks consistently

---
 cryptdll.vcxproj         |  21 +----
 cryptest.vcxproj         |  19 +----
 cryptest.vcxproj.filters |   5 +-
 cryptest.vcxproj.user    |   9 ++-
 cryptlib.vcxproj         |  14 +---
 dlltest.vcxproj          |  16 +---
 kalyna.cpp               | 168 ++++++++++++++++-----------------------
 kalyna.h                 |  10 +--
 regtest2.cpp             |   1 +
 9 files changed, 90 insertions(+), 173 deletions(-)

diff --git a/cryptdll.vcxproj b/cryptdll.vcxproj
index 9553cd14..e86a9791 100644
--- a/cryptdll.vcxproj
+++ b/cryptdll.vcxproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
@@ -21,20 +21,17 @@
   <PropertyGroup Label="Globals">
     <ProjectGuid>{94a428a1-9ba8-4db2-b76e-bd2e3c08f257}</ProjectGuid>
     <RootNamespace>cryptdll</RootNamespace>
-    <PlatformToolset>v100</PlatformToolset>
+    <PlatformToolset>v110</PlatformToolset>
     <ConfigurationType>DynamicLibrary</ConfigurationType>
   </PropertyGroup>
-
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-
   <ImportGroup Label="ExtensionSettings" />
   <ImportGroup Label="PropertySheets">
     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
   </ImportGroup>
   <PropertyGroup Label="UserMacros" />
   <!-- End of Visual Studio boilerplate -->
-
   <!-- All Configurations -->
   <PropertyGroup Label="All Configurations">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
@@ -46,7 +43,6 @@
     <OutDir>$(Platform)\DLL_Output\$(Configuration)\</OutDir>
     <IntDir>$(Platform)\$(ProjectName)\$(Configuration)\</IntDir>
   </PropertyGroup>
-
   <!-- All Configurations -->
   <ItemDefinitionGroup Label="All Configurations">
     <ClCompile>
@@ -67,7 +63,6 @@
       <ImportLibrary>$(TargetDir)\cryptopp.lib</ImportLibrary>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- Debug Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Debug'" Label="Debug Configuration">
     <ClCompile>
@@ -83,7 +78,6 @@
       <Culture>0x0409</Culture>
     </ResourceCompile>
   </ItemDefinitionGroup>
-
   <!-- Release Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Release'" Label="Release Configuration">
     <ClCompile>
@@ -105,7 +99,6 @@
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- X86 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='Win32'" Label="X86 Configuration">
     <ClCompile>
@@ -116,7 +109,6 @@
       <ImageHasSafeExceptionHandlers>true</ImageHasSafeExceptionHandlers>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- X64 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='x64'" Label="X64 Configuration">
     <ClCompile>
@@ -126,7 +118,6 @@
       <TargetMachine>MachineX64</TargetMachine>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- Win32/Debug cryptest.exe for DLL MAC'ing -->
   <!-- Broken at the moment; see http://stackoverflow.com/q/39900437 -->
   <!--   and http://stackoverflow.com/q/39929817/608639              -->
@@ -142,7 +133,6 @@
       Properties="Configuration=Debug;Platform=Win32;"/>
   </Target>
   -->
-
   <ItemDefinitionGroup Condition="!Exists('Win32\Output\Debug\cryptest.exe')" Label="MAC tool">
     <PreBuildEvent>
       <Message>Creating Win32/Debug cryptest.exe for MAC computation</Message>
@@ -152,7 +142,6 @@
       </Command>
     </PreBuildEvent>
   </ItemDefinitionGroup>
-
   <!-- DLL MAC'ing performed by cryptest.exe -->
   <ItemDefinitionGroup Label="DLL MAC">
     <PostBuildEvent>
@@ -165,7 +154,6 @@
       <Outputs>$(OutDir)cryptopp.mac.done;%(Outputs)</Outputs>
     </PostBuildEvent>
   </ItemDefinitionGroup>
-
   <!-- Original File with special treatment -->
   <ItemGroup>
     <CustomBuild Condition="'$(Platform)'=='x64' AND ('$(Configuration)'=='Debug' Or '$(Configuration)'=='Release')" Include="x64dll.asm">
@@ -174,7 +162,6 @@
       <Outputs>$(IntDir)x64dll.obj;%(Outputs)</Outputs>
     </CustomBuild>
   </ItemGroup>
-
   <!-- Source Files -->
   <ItemGroup>
     <ClCompile Include="pch.cpp">
@@ -239,7 +226,6 @@
     <ClCompile Include="strciphr.cpp" />
     <ClCompile Include="trdlocal.cpp" />
   </ItemGroup>
-
   <!-- Header Files -->
   <ItemGroup>
     <ClInclude Include="aes.h" />
@@ -310,7 +296,6 @@
     <ClInclude Include="trdlocal.h" />
     <ClInclude Include="words.h" />
   </ItemGroup>
-
   <!-- Back to Visual Studio boilerplate -->
   <ItemGroup>
     <ResourceCompile Include="cryptopp.rc" />
@@ -319,4 +304,4 @@
   <ImportGroup Label="ExtensionTargets">
     <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.targets" />
   </ImportGroup>
-</Project>
+</Project>
\ No newline at end of file
diff --git a/cryptest.vcxproj b/cryptest.vcxproj
index c857b673..8fe70017 100644
--- a/cryptest.vcxproj
+++ b/cryptest.vcxproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
@@ -34,16 +34,14 @@
       <Platform>x64</Platform>
     </ProjectConfiguration>
   </ItemGroup>
-
   <PropertyGroup Label="Globals">
     <ProjectGuid>{09cdac08-e6ae-48a9-8de7-0fbc779eebde}</ProjectGuid>
     <RootNamespace>cryptest</RootNamespace>
-    <PlatformToolset>v100</PlatformToolset>
+    <PlatformToolset>v110</PlatformToolset>
     <ConfigurationType>Application</ConfigurationType>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-
   <ImportGroup Label="ExtensionSettings">
     <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.props" />
   </ImportGroup>
@@ -52,7 +50,6 @@
   </ImportGroup>
   <PropertyGroup Label="UserMacros" />
   <!-- End of Visual Studio boilerplate -->
-
   <!-- All Configurations -->
   <PropertyGroup Label="All Configurations">
     <ConfigurationType>Application</ConfigurationType>
@@ -62,7 +59,6 @@
     <CharacterSet>MultiByte</CharacterSet>
     <WholeProgramOptimization>true</WholeProgramOptimization>
   </PropertyGroup>
-
   <!-- Intermediate and Output directories -->
   <!-- Cryptlib and Cryptest need extra care due to Non-DLL/DLL configs -->
   <PropertyGroup Condition="'$(Configuration)'=='Debug' Or '$(Configuration)'=='Release'" Label="Non-DLL Directories">
@@ -77,7 +73,6 @@
     <OutDir>$(Platform)\DLL_Output\Release\</OutDir>
     <IntDir>$(Platform)\$(ProjectName)\$(Configuration)\</IntDir>
   </PropertyGroup>
-
   <!-- All Configurations -->
   <ItemDefinitionGroup Label="All Configurations">
     <ClCompile>
@@ -97,7 +92,6 @@
       <SubSystem>Console</SubSystem>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- Debug Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Debug' Or '$(Configuration)'=='DLL-Import Debug'" Label="Debug Configuration">
     <ClCompile>
@@ -113,7 +107,6 @@
       <Culture>0x0409</Culture>
     </ResourceCompile>
   </ItemDefinitionGroup>
-
   <!-- Release Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Release' Or '$(Configuration)'=='DLL-Import Release'" Label="Release Configuration">
     <ClCompile>
@@ -135,7 +128,6 @@
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- DLL-Import Overrides for Preprocessor and Libraries -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='DLL-Import Debug'" Label="DLL Debug Configuration">
     <ClCompile>
@@ -155,7 +147,6 @@
       <AdditionalDependencies>cryptopp.lib;cryptlib.lib;Ws2_32.lib</AdditionalDependencies>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- X86 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='Win32'" Label="X86 Configuration">
     <ClCompile>
@@ -166,7 +157,6 @@
       <ImageHasSafeExceptionHandlers>true</ImageHasSafeExceptionHandlers>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- X64 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='x64'" Label="X64 Configuration">
     <ClCompile>
@@ -176,7 +166,6 @@
       <TargetMachine>MachineX64</TargetMachine>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- FIPS Validated Warning -->
   <ItemDefinitionGroup Label="FIPS Warning">
     <PreBuildEvent Condition="'$(Configuration)'=='DLL-Import Debug' Or '$(Configuration)'=='DLL-Import Release'">
@@ -190,14 +179,12 @@
       </Command>
     </PreBuildEvent>
   </ItemDefinitionGroup>
-
   <!-- Target for Appvoyer                           -->
   <!-- The rule copies cryptest.exe to the project   -->
   <!-- root directory so it can be executed in place -->
   <Target Name="CopyCryptestToRoot">
     <Exec Command="copy $(Platform)\Output\$(Configuration)\cryptest.exe $(SolutionDir)" />
   </Target>
-
   <!-- Source Files -->
   <ItemGroup>
     <ClCompile Include="adhoc.cpp" />
@@ -215,14 +202,12 @@
     <ClCompile Include="validat2.cpp" />
     <ClCompile Include="validat3.cpp" />
   </ItemGroup>
-
   <!-- Header Files -->
   <ItemGroup>
     <ClInclude Include="bench.h" />
     <ClInclude Include="factory.h" />
     <ClInclude Include="validate.h" />
   </ItemGroup>
-
   <!-- Test Files -->
   <ItemGroup>
     <None Include="TestVectors\aes.txt" />
diff --git a/cryptest.vcxproj.filters b/cryptest.vcxproj.filters
index 2d2177b0..ec0ae192 100644
--- a/cryptest.vcxproj.filters
+++ b/cryptest.vcxproj.filters
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup>
     <Filter Include="TestVectors">
@@ -75,9 +75,6 @@
     <None Include="TestVectors\hmac.txt">
       <Filter>TestVectors</Filter>
     </None>
-    <None Include="TestVectors\kalyna.txt">
-      <Filter>TestVectors</Filter>
-    </None>
     <None Include="TestVectors\mars.txt">
       <Filter>TestVectors</Filter>
     </None>
diff --git a/cryptest.vcxproj.user b/cryptest.vcxproj.user
index ceb23602..08271a53 100644
--- a/cryptest.vcxproj.user
+++ b/cryptest.vcxproj.user
@@ -1,6 +1,9 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
-    <LocalDebuggerCommandArguments>v</LocalDebuggerCommandArguments>
+    <LocalDebuggerCommandArguments>tv kalyna</LocalDebuggerCommandArguments>
   </PropertyGroup>
-</Project>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
+  </PropertyGroup>
+</Project>
\ No newline at end of file
diff --git a/cryptlib.vcxproj b/cryptlib.vcxproj
index 22d3e4d7..fcfe505b 100644
--- a/cryptlib.vcxproj
+++ b/cryptlib.vcxproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
@@ -37,7 +37,7 @@
   <PropertyGroup Label="Globals">
     <ProjectGuid>{c39f4b46-6e89-4074-902e-ca57073044d2}</ProjectGuid>
     <RootNamespace>cryptlib</RootNamespace>
-    <PlatformToolset>v100</PlatformToolset>
+    <PlatformToolset>v110</PlatformToolset>
     <ConfigurationType>StaticLibrary</ConfigurationType>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
@@ -50,7 +50,6 @@
   </ImportGroup>
   <PropertyGroup Label="UserMacros" />
   <!-- End of Visual Studio boilerplate -->
-
   <!-- All Configurations -->
   <PropertyGroup Label="All Configurations">
     <ConfigurationType>StaticLibrary</ConfigurationType>
@@ -60,7 +59,6 @@
     <CharacterSet>MultiByte</CharacterSet>
     <WholeProgramOptimization>true</WholeProgramOptimization>
   </PropertyGroup>
-
   <!-- Intermediate and Output directories -->
   <!-- Cryptlib and Cryptest need extra care due to Non-DLL/DLL configs -->
   <PropertyGroup Condition="'$(Configuration)'=='Debug' Or '$(Configuration)'=='Release'" Label="Non-DLL Directories">
@@ -75,7 +73,6 @@
     <OutDir>$(Platform)\DLL_Output\Release\</OutDir>
     <IntDir>$(Platform)\$(ProjectName)\$(Configuration)\</IntDir>
   </PropertyGroup>
-
   <!-- All Configurations -->
   <ItemDefinitionGroup Label="All Configurations">
     <ClCompile>
@@ -89,7 +86,6 @@
       <ErrorReporting>NoErrorReport</ErrorReporting>
     </Lib>
   </ItemDefinitionGroup>
-
   <!-- Debug Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Debug' Or '$(Configuration)'=='DLL-Import Debug'" Label="Debug Configuration">
     <ClCompile>
@@ -105,7 +101,6 @@
       <Culture>0x0409</Culture>
     </ResourceCompile>
   </ItemDefinitionGroup>
-
   <!-- Release Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Release' Or '$(Configuration)'=='DLL-Import Release'" Label="Release Configuration">
     <ClCompile>
@@ -123,7 +118,6 @@
       <Culture>0x0409</Culture>
     </ResourceCompile>
   </ItemDefinitionGroup>
-
   <!-- DLL-Import Overrides for Preprocessor -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='DLL-Import Debug'" Label="DLL Debug Configuration">
     <ClCompile>
@@ -135,7 +129,6 @@
       <PreprocessorDefinitions>NDEBUG;USE_PRECOMPILED_HEADERS;CRYPTOPP_IMPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
     </ClCompile>
   </ItemDefinitionGroup>
-
   <!-- X86 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='Win32'" Label="X86 Configuration">
     <ClCompile>
@@ -146,7 +139,6 @@
       <ImageHasSafeExceptionHandlers>true</ImageHasSafeExceptionHandlers>
     </Lib>
   </ItemDefinitionGroup>
-
   <!-- X64 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='x64'" Label="X64 Configuration">
     <ClCompile>
@@ -156,9 +148,7 @@
       <TargetMachine>MachineX64</TargetMachine>
     </Lib>
   </ItemDefinitionGroup>
-
   <!-- Original File with special treatment -->
-
   <!-- Source Files -->
   <!-- The order of the first three matters -->
   <ItemGroup>
diff --git a/dlltest.vcxproj b/dlltest.vcxproj
index f008456c..c82c557a 100644
--- a/dlltest.vcxproj
+++ b/dlltest.vcxproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
@@ -21,20 +21,17 @@
   <PropertyGroup Label="Globals">
     <ProjectGuid>{1974a53a-9863-41c9-886d-b2b8c2fc3c8b}</ProjectGuid>
     <RootNamespace>dlltest</RootNamespace>
-    <PlatformToolset>v100</PlatformToolset>
+    <PlatformToolset>v110</PlatformToolset>
     <ConfigurationType>Application</ConfigurationType>
   </PropertyGroup>
-
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-
   <ImportGroup Label="ExtensionSettings" />
   <ImportGroup Label="PropertySheets">
     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
   </ImportGroup>
   <PropertyGroup Label="UserMacros" />
   <!-- End of Visual Studio boilerplate -->
-
   <!-- All Configurations -->
   <PropertyGroup Label="All Configurations">
     <ConfigurationType>Application</ConfigurationType>
@@ -44,7 +41,6 @@
     <OutDir>$(Platform)\DLL_Output\$(Configuration)\</OutDir>
     <IntDir>$(Platform)\$(ProjectName)\$(Configuration)\</IntDir>
   </PropertyGroup>
-
   <!-- All Configurations -->
   <ItemDefinitionGroup Label="All Configurations">
     <ClCompile>
@@ -61,7 +57,6 @@
       <GenerateDebugInformation>true</GenerateDebugInformation>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- Debug Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Debug'" Label="Debug Configuration">
     <ClCompile>
@@ -77,7 +72,6 @@
       <Culture>0x0409</Culture>
     </ResourceCompile>
   </ItemDefinitionGroup>
-
   <!-- Release Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Release'" Label="Release Configuration">
     <ClCompile>
@@ -99,7 +93,6 @@
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- X86 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='Win32'" Label="X86 Configuration">
     <ClCompile>
@@ -110,7 +103,6 @@
       <ImageHasSafeExceptionHandlers>true</ImageHasSafeExceptionHandlers>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- X64 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='x64'" Label="X64 Configuration">
     <ClCompile>
@@ -120,14 +112,12 @@
       <TargetMachine>MachineX64</TargetMachine>
     </Link>
   </ItemDefinitionGroup>
-
   <!-- Source Files -->
   <ItemGroup>
     <ClCompile Include="dlltest.cpp" />
   </ItemGroup>
-
   <!-- Back to Visual Studio boilerplate -->
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
   <ImportGroup Label="ExtensionTargets">
   </ImportGroup>
-</Project>
+</Project>
\ No newline at end of file
diff --git a/kalyna.cpp b/kalyna.cpp
index 864f139d..eba64846 100644
--- a/kalyna.cpp
+++ b/kalyna.cpp
@@ -929,20 +929,16 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
 
 // *********************** ProcessAndXorBlock specializations *********************** //
 
-void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2]) const
+void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], const word64 xorBlock[2], word64 outBlock[2]) const
 {
-#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+2, *msg = m_wspace+4;
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(inBlock);
-        block(msg[0])(msg[1]);
-        inBlock = msg;
-    }
-#else
-    word64 *t1 = outBlock, *t2 = m_wspace+2;
-#endif
 
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(msg[0])(msg[1]);
+
+    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<2>(inBlock, t1, m_rkeys);
@@ -973,29 +969,22 @@ void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2])
         IGL128(t2, t1, &m_rkeys[0]);
     }
 
-#if defined(IS_BIG_ENDIAN)
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(t1);
-        block(outBlock[0])(outBlock[1]);
-    }
-#endif
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(t1[0])(t1[1]);
 }
 
-void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2]) const
+void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], const word64 xorBlock[2], word64 outBlock[2]) const
 {
-#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+2, *msg = m_wspace+4;
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(inBlock);
-        block(msg[0])(msg[1]);
-        inBlock = msg;
-    }
-#else
-    word64 *t1 = outBlock, *t2 = m_wspace+2;
-#endif
 
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(msg[0])(msg[1]);
+
+    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<2>(inBlock, t1, m_rkeys);
@@ -1034,29 +1023,22 @@ void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2])
         IGL128(t2, t1, &m_rkeys[0]);
     }
 
-#if defined(IS_BIG_ENDIAN)
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(t1);
-        block(outBlock[0])(outBlock[1]);
-    }
-#endif
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(t1[0])(t1[1]);
 }
 
-void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4]) const
+void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const
 {
-#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+4, *msg = m_wspace+8;
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(inBlock);
-        block(msg[0])(msg[1])(msg[2])(msg[3]);
-        inBlock = msg;
-    }
-#else
-    word64 *t1 = outBlock, *t2 = m_wspace+4;
-#endif
 
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(msg[0])(msg[1])(msg[2])(msg[3]);
+
+    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<4>(inBlock, t1, m_rkeys);
@@ -1095,32 +1077,25 @@ void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4])
         IGL256(t2, t1, &m_rkeys[0]);
     }
 
-#if defined(IS_BIG_ENDIAN)
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(t1);
-        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3]);
-    }
-#endif
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(t1[0])(t1[1])(t1[2])(t1[3]);
 }
 
-void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4]) const
+void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const
 {
-#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+4, *msg = m_wspace+8;
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(inBlock);
-        block(msg[0])(msg[1])(msg[2])(msg[3]);
-        inBlock = msg;
-    }
-#else
-    word64 *t1 = outBlock, *t2 = m_wspace+4;
-#endif
 
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(msg[0])(msg[1])(msg[2])(msg[3]);
+
+    inBlock = msg;
     if (IsForwardTransformation())
     {
-        AddKey<4>((const word64*)inBlock, t1, m_rkeys);
+        AddKey<4>(inBlock, t1, m_rkeys);
         G256(t1, t2, &m_rkeys[4]); // 1
         G256(t2, t1, &m_rkeys[8]); // 2
         G256(t1, t2, &m_rkeys[12]); // 3
@@ -1164,29 +1139,22 @@ void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4])
         IGL256(t2, t1, &m_rkeys[0]);
     }
 
-#if defined(IS_BIG_ENDIAN)
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(t1);
-        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3]);
-    }
-#endif
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(t1[0])(t1[1])(t1[2])(t1[3]);
 }
 
-void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8]) const
+void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], const word64 xorBlock[8], word64 outBlock[8]) const
 {
-#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+8, *msg = m_wspace+16;
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(inBlock);
-        block(msg[0])(msg[1])(msg[2])(msg[3])(msg[4])(msg[5])(msg[6])(msg[7]);
-        inBlock = msg;
-    }
-#else
-    word64 *t1 = outBlock, *t2 = m_wspace+8;
-#endif
 
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(msg[0])(msg[1])(msg[2])(msg[3])(msg[4])(msg[5])(msg[6])(msg[7]);
+
+    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<8>(inBlock, t1, m_rkeys);
@@ -1233,14 +1201,10 @@ void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8])
         IGL512(t2, t1, &m_rkeys[0]);
     }
 
-#if defined(IS_BIG_ENDIAN)
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(t1);
-        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3])
-             (outBlock[4])(outBlock[5])(outBlock[6])(outBlock[7]);
-    }
-#endif
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(t1[0])(t1[1])(t1[2])(t1[3])(t1[4])(t1[5])(t1[6])(t1[7]);
 }
 
 // *********************** Library routines *********************** //
@@ -1324,32 +1288,34 @@ void Kalyna::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock,
 
     const byte* p = reinterpret_cast<const byte*>(KalynaTab::S);
     for (unsigned int i=0; i<256; i+=cacheLineSize)
-        u &= *reinterpret_cast<const word64*>(p+i);
+        u ^= *reinterpret_cast<const word64*>(p+i);
     m_wspace[0] = u;
 
     switch ((m_nb << 8) | m_nk)
     {
     case (2 << 8) | 2:
-        ProcessBlock_22(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_22(reinterpret_cast<const word64*>(inBlock),
+            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (2 << 8) | 4:
-        ProcessBlock_24(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_24(reinterpret_cast<const word64*>(inBlock),
+            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (4 << 8) | 4:
-        ProcessBlock_44(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_44(reinterpret_cast<const word64*>(inBlock),
+            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (4 << 8) | 8:
-        ProcessBlock_48(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_48(reinterpret_cast<const word64*>(inBlock),
+            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (8 << 8) | 8:
-        ProcessBlock_88(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_88(reinterpret_cast<const word64*>(inBlock),
+            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
         break;
     default:
         CRYPTOPP_ASSERT(0);
     }
-
-    for (size_t i=0; xorBlock && i<m_nb; ++i)
-        outBlock[i] ^= xorBlock[i];
 }
 
 NAMESPACE_END
diff --git a/kalyna.h b/kalyna.h
index 1440a4bb..047685ef 100644
--- a/kalyna.h
+++ b/kalyna.h
@@ -134,11 +134,11 @@ public:
         // Visual Studio and C2910: 'Kalyna::Base::ProcessBlock_Template': cannot be explicitly specialized
         //template <unsigned int NB, unsigned int NK>
         //  void ProcessBlock_Template(const word64 inBlock[NB], const word64 outBlock[NB]) const;
-        void ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2]) const;
-        void ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2]) const;
-        void ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4]) const;
-        void ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4]) const;
-        void ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8]) const;
+        void ProcessBlock_22(const word64 inBlock[2], const word64 xorBlock[2], word64 outBlock[2]) const;
+        void ProcessBlock_24(const word64 inBlock[2], const word64 xorBlock[2] ,word64 outBlock[2]) const;
+        void ProcessBlock_44(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const;
+        void ProcessBlock_48(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const;
+        void ProcessBlock_88(const word64 inBlock[8], const word64 xorBlock[8], word64 outBlock[8]) const;
 
     private:
         typedef SecBlock<word64, AllocatorWithCleanup<word64, true> > AlignedSecBlock64;
diff --git a/regtest2.cpp b/regtest2.cpp
index b5528869..0e9d3d2d 100644
--- a/regtest2.cpp
+++ b/regtest2.cpp
@@ -135,6 +135,7 @@ void RegisterFactories2()
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SEED> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<SEED> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<Kalyna> >();  // Test Vectors
+	RegisterSymmetricCipherDefaultFactories<CBC_Mode<Kalyna> >();  // Test Vectors
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Kalyna> >();  // Benchmarks
 
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA1> >();

From 20c3d556c320092a0a79744e449fadda47e44946 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 06:30:08 -0400
Subject: [PATCH 118/200] Revert "XOR block in specialized ProcessBlock"

This reverts commit 76bb4ead40ded06b55b506a85106eae38519b7ee. The Visual Studio project files and other test files were not supposed to be checked-in.
---
 cryptdll.vcxproj         |  21 ++++-
 cryptest.vcxproj         |  19 ++++-
 cryptest.vcxproj.filters |   5 +-
 cryptest.vcxproj.user    |   9 +--
 cryptlib.vcxproj         |  14 +++-
 dlltest.vcxproj          |  16 +++-
 kalyna.cpp               | 168 +++++++++++++++++++++++----------------
 kalyna.h                 |  10 +--
 regtest2.cpp             |   1 -
 9 files changed, 173 insertions(+), 90 deletions(-)

diff --git a/cryptdll.vcxproj b/cryptdll.vcxproj
index e86a9791..9553cd14 100644
--- a/cryptdll.vcxproj
+++ b/cryptdll.vcxproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
@@ -21,17 +21,20 @@
   <PropertyGroup Label="Globals">
     <ProjectGuid>{94a428a1-9ba8-4db2-b76e-bd2e3c08f257}</ProjectGuid>
     <RootNamespace>cryptdll</RootNamespace>
-    <PlatformToolset>v110</PlatformToolset>
+    <PlatformToolset>v100</PlatformToolset>
     <ConfigurationType>DynamicLibrary</ConfigurationType>
   </PropertyGroup>
+
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+
   <ImportGroup Label="ExtensionSettings" />
   <ImportGroup Label="PropertySheets">
     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
   </ImportGroup>
   <PropertyGroup Label="UserMacros" />
   <!-- End of Visual Studio boilerplate -->
+
   <!-- All Configurations -->
   <PropertyGroup Label="All Configurations">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
@@ -43,6 +46,7 @@
     <OutDir>$(Platform)\DLL_Output\$(Configuration)\</OutDir>
     <IntDir>$(Platform)\$(ProjectName)\$(Configuration)\</IntDir>
   </PropertyGroup>
+
   <!-- All Configurations -->
   <ItemDefinitionGroup Label="All Configurations">
     <ClCompile>
@@ -63,6 +67,7 @@
       <ImportLibrary>$(TargetDir)\cryptopp.lib</ImportLibrary>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- Debug Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Debug'" Label="Debug Configuration">
     <ClCompile>
@@ -78,6 +83,7 @@
       <Culture>0x0409</Culture>
     </ResourceCompile>
   </ItemDefinitionGroup>
+
   <!-- Release Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Release'" Label="Release Configuration">
     <ClCompile>
@@ -99,6 +105,7 @@
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- X86 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='Win32'" Label="X86 Configuration">
     <ClCompile>
@@ -109,6 +116,7 @@
       <ImageHasSafeExceptionHandlers>true</ImageHasSafeExceptionHandlers>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- X64 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='x64'" Label="X64 Configuration">
     <ClCompile>
@@ -118,6 +126,7 @@
       <TargetMachine>MachineX64</TargetMachine>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- Win32/Debug cryptest.exe for DLL MAC'ing -->
   <!-- Broken at the moment; see http://stackoverflow.com/q/39900437 -->
   <!--   and http://stackoverflow.com/q/39929817/608639              -->
@@ -133,6 +142,7 @@
       Properties="Configuration=Debug;Platform=Win32;"/>
   </Target>
   -->
+
   <ItemDefinitionGroup Condition="!Exists('Win32\Output\Debug\cryptest.exe')" Label="MAC tool">
     <PreBuildEvent>
       <Message>Creating Win32/Debug cryptest.exe for MAC computation</Message>
@@ -142,6 +152,7 @@
       </Command>
     </PreBuildEvent>
   </ItemDefinitionGroup>
+
   <!-- DLL MAC'ing performed by cryptest.exe -->
   <ItemDefinitionGroup Label="DLL MAC">
     <PostBuildEvent>
@@ -154,6 +165,7 @@
       <Outputs>$(OutDir)cryptopp.mac.done;%(Outputs)</Outputs>
     </PostBuildEvent>
   </ItemDefinitionGroup>
+
   <!-- Original File with special treatment -->
   <ItemGroup>
     <CustomBuild Condition="'$(Platform)'=='x64' AND ('$(Configuration)'=='Debug' Or '$(Configuration)'=='Release')" Include="x64dll.asm">
@@ -162,6 +174,7 @@
       <Outputs>$(IntDir)x64dll.obj;%(Outputs)</Outputs>
     </CustomBuild>
   </ItemGroup>
+
   <!-- Source Files -->
   <ItemGroup>
     <ClCompile Include="pch.cpp">
@@ -226,6 +239,7 @@
     <ClCompile Include="strciphr.cpp" />
     <ClCompile Include="trdlocal.cpp" />
   </ItemGroup>
+
   <!-- Header Files -->
   <ItemGroup>
     <ClInclude Include="aes.h" />
@@ -296,6 +310,7 @@
     <ClInclude Include="trdlocal.h" />
     <ClInclude Include="words.h" />
   </ItemGroup>
+
   <!-- Back to Visual Studio boilerplate -->
   <ItemGroup>
     <ResourceCompile Include="cryptopp.rc" />
@@ -304,4 +319,4 @@
   <ImportGroup Label="ExtensionTargets">
     <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.targets" />
   </ImportGroup>
-</Project>
\ No newline at end of file
+</Project>
diff --git a/cryptest.vcxproj b/cryptest.vcxproj
index 8fe70017..c857b673 100644
--- a/cryptest.vcxproj
+++ b/cryptest.vcxproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
@@ -34,14 +34,16 @@
       <Platform>x64</Platform>
     </ProjectConfiguration>
   </ItemGroup>
+
   <PropertyGroup Label="Globals">
     <ProjectGuid>{09cdac08-e6ae-48a9-8de7-0fbc779eebde}</ProjectGuid>
     <RootNamespace>cryptest</RootNamespace>
-    <PlatformToolset>v110</PlatformToolset>
+    <PlatformToolset>v100</PlatformToolset>
     <ConfigurationType>Application</ConfigurationType>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+
   <ImportGroup Label="ExtensionSettings">
     <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.props" />
   </ImportGroup>
@@ -50,6 +52,7 @@
   </ImportGroup>
   <PropertyGroup Label="UserMacros" />
   <!-- End of Visual Studio boilerplate -->
+
   <!-- All Configurations -->
   <PropertyGroup Label="All Configurations">
     <ConfigurationType>Application</ConfigurationType>
@@ -59,6 +62,7 @@
     <CharacterSet>MultiByte</CharacterSet>
     <WholeProgramOptimization>true</WholeProgramOptimization>
   </PropertyGroup>
+
   <!-- Intermediate and Output directories -->
   <!-- Cryptlib and Cryptest need extra care due to Non-DLL/DLL configs -->
   <PropertyGroup Condition="'$(Configuration)'=='Debug' Or '$(Configuration)'=='Release'" Label="Non-DLL Directories">
@@ -73,6 +77,7 @@
     <OutDir>$(Platform)\DLL_Output\Release\</OutDir>
     <IntDir>$(Platform)\$(ProjectName)\$(Configuration)\</IntDir>
   </PropertyGroup>
+
   <!-- All Configurations -->
   <ItemDefinitionGroup Label="All Configurations">
     <ClCompile>
@@ -92,6 +97,7 @@
       <SubSystem>Console</SubSystem>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- Debug Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Debug' Or '$(Configuration)'=='DLL-Import Debug'" Label="Debug Configuration">
     <ClCompile>
@@ -107,6 +113,7 @@
       <Culture>0x0409</Culture>
     </ResourceCompile>
   </ItemDefinitionGroup>
+
   <!-- Release Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Release' Or '$(Configuration)'=='DLL-Import Release'" Label="Release Configuration">
     <ClCompile>
@@ -128,6 +135,7 @@
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- DLL-Import Overrides for Preprocessor and Libraries -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='DLL-Import Debug'" Label="DLL Debug Configuration">
     <ClCompile>
@@ -147,6 +155,7 @@
       <AdditionalDependencies>cryptopp.lib;cryptlib.lib;Ws2_32.lib</AdditionalDependencies>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- X86 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='Win32'" Label="X86 Configuration">
     <ClCompile>
@@ -157,6 +166,7 @@
       <ImageHasSafeExceptionHandlers>true</ImageHasSafeExceptionHandlers>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- X64 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='x64'" Label="X64 Configuration">
     <ClCompile>
@@ -166,6 +176,7 @@
       <TargetMachine>MachineX64</TargetMachine>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- FIPS Validated Warning -->
   <ItemDefinitionGroup Label="FIPS Warning">
     <PreBuildEvent Condition="'$(Configuration)'=='DLL-Import Debug' Or '$(Configuration)'=='DLL-Import Release'">
@@ -179,12 +190,14 @@
       </Command>
     </PreBuildEvent>
   </ItemDefinitionGroup>
+
   <!-- Target for Appvoyer                           -->
   <!-- The rule copies cryptest.exe to the project   -->
   <!-- root directory so it can be executed in place -->
   <Target Name="CopyCryptestToRoot">
     <Exec Command="copy $(Platform)\Output\$(Configuration)\cryptest.exe $(SolutionDir)" />
   </Target>
+
   <!-- Source Files -->
   <ItemGroup>
     <ClCompile Include="adhoc.cpp" />
@@ -202,12 +215,14 @@
     <ClCompile Include="validat2.cpp" />
     <ClCompile Include="validat3.cpp" />
   </ItemGroup>
+
   <!-- Header Files -->
   <ItemGroup>
     <ClInclude Include="bench.h" />
     <ClInclude Include="factory.h" />
     <ClInclude Include="validate.h" />
   </ItemGroup>
+
   <!-- Test Files -->
   <ItemGroup>
     <None Include="TestVectors\aes.txt" />
diff --git a/cryptest.vcxproj.filters b/cryptest.vcxproj.filters
index ec0ae192..2d2177b0 100644
--- a/cryptest.vcxproj.filters
+++ b/cryptest.vcxproj.filters
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup>
     <Filter Include="TestVectors">
@@ -75,6 +75,9 @@
     <None Include="TestVectors\hmac.txt">
       <Filter>TestVectors</Filter>
     </None>
+    <None Include="TestVectors\kalyna.txt">
+      <Filter>TestVectors</Filter>
+    </None>
     <None Include="TestVectors\mars.txt">
       <Filter>TestVectors</Filter>
     </None>
diff --git a/cryptest.vcxproj.user b/cryptest.vcxproj.user
index 08271a53..ceb23602 100644
--- a/cryptest.vcxproj.user
+++ b/cryptest.vcxproj.user
@@ -1,9 +1,6 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <PropertyGroup>
-    <LocalDebuggerCommandArguments>tv kalyna</LocalDebuggerCommandArguments>
+    <LocalDebuggerCommandArguments>v</LocalDebuggerCommandArguments>
   </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
-    <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
-  </PropertyGroup>
-</Project>
\ No newline at end of file
+</Project>
diff --git a/cryptlib.vcxproj b/cryptlib.vcxproj
index fcfe505b..22d3e4d7 100644
--- a/cryptlib.vcxproj
+++ b/cryptlib.vcxproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
@@ -37,7 +37,7 @@
   <PropertyGroup Label="Globals">
     <ProjectGuid>{c39f4b46-6e89-4074-902e-ca57073044d2}</ProjectGuid>
     <RootNamespace>cryptlib</RootNamespace>
-    <PlatformToolset>v110</PlatformToolset>
+    <PlatformToolset>v100</PlatformToolset>
     <ConfigurationType>StaticLibrary</ConfigurationType>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
@@ -50,6 +50,7 @@
   </ImportGroup>
   <PropertyGroup Label="UserMacros" />
   <!-- End of Visual Studio boilerplate -->
+
   <!-- All Configurations -->
   <PropertyGroup Label="All Configurations">
     <ConfigurationType>StaticLibrary</ConfigurationType>
@@ -59,6 +60,7 @@
     <CharacterSet>MultiByte</CharacterSet>
     <WholeProgramOptimization>true</WholeProgramOptimization>
   </PropertyGroup>
+
   <!-- Intermediate and Output directories -->
   <!-- Cryptlib and Cryptest need extra care due to Non-DLL/DLL configs -->
   <PropertyGroup Condition="'$(Configuration)'=='Debug' Or '$(Configuration)'=='Release'" Label="Non-DLL Directories">
@@ -73,6 +75,7 @@
     <OutDir>$(Platform)\DLL_Output\Release\</OutDir>
     <IntDir>$(Platform)\$(ProjectName)\$(Configuration)\</IntDir>
   </PropertyGroup>
+
   <!-- All Configurations -->
   <ItemDefinitionGroup Label="All Configurations">
     <ClCompile>
@@ -86,6 +89,7 @@
       <ErrorReporting>NoErrorReport</ErrorReporting>
     </Lib>
   </ItemDefinitionGroup>
+
   <!-- Debug Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Debug' Or '$(Configuration)'=='DLL-Import Debug'" Label="Debug Configuration">
     <ClCompile>
@@ -101,6 +105,7 @@
       <Culture>0x0409</Culture>
     </ResourceCompile>
   </ItemDefinitionGroup>
+
   <!-- Release Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Release' Or '$(Configuration)'=='DLL-Import Release'" Label="Release Configuration">
     <ClCompile>
@@ -118,6 +123,7 @@
       <Culture>0x0409</Culture>
     </ResourceCompile>
   </ItemDefinitionGroup>
+
   <!-- DLL-Import Overrides for Preprocessor -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='DLL-Import Debug'" Label="DLL Debug Configuration">
     <ClCompile>
@@ -129,6 +135,7 @@
       <PreprocessorDefinitions>NDEBUG;USE_PRECOMPILED_HEADERS;CRYPTOPP_IMPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
     </ClCompile>
   </ItemDefinitionGroup>
+
   <!-- X86 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='Win32'" Label="X86 Configuration">
     <ClCompile>
@@ -139,6 +146,7 @@
       <ImageHasSafeExceptionHandlers>true</ImageHasSafeExceptionHandlers>
     </Lib>
   </ItemDefinitionGroup>
+
   <!-- X64 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='x64'" Label="X64 Configuration">
     <ClCompile>
@@ -148,7 +156,9 @@
       <TargetMachine>MachineX64</TargetMachine>
     </Lib>
   </ItemDefinitionGroup>
+
   <!-- Original File with special treatment -->
+
   <!-- Source Files -->
   <!-- The order of the first three matters -->
   <ItemGroup>
diff --git a/dlltest.vcxproj b/dlltest.vcxproj
index c82c557a..f008456c 100644
--- a/dlltest.vcxproj
+++ b/dlltest.vcxproj
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0" encoding="utf-8"?>
 <Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
@@ -21,17 +21,20 @@
   <PropertyGroup Label="Globals">
     <ProjectGuid>{1974a53a-9863-41c9-886d-b2b8c2fc3c8b}</ProjectGuid>
     <RootNamespace>dlltest</RootNamespace>
-    <PlatformToolset>v110</PlatformToolset>
+    <PlatformToolset>v100</PlatformToolset>
     <ConfigurationType>Application</ConfigurationType>
   </PropertyGroup>
+
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+
   <ImportGroup Label="ExtensionSettings" />
   <ImportGroup Label="PropertySheets">
     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
   </ImportGroup>
   <PropertyGroup Label="UserMacros" />
   <!-- End of Visual Studio boilerplate -->
+
   <!-- All Configurations -->
   <PropertyGroup Label="All Configurations">
     <ConfigurationType>Application</ConfigurationType>
@@ -41,6 +44,7 @@
     <OutDir>$(Platform)\DLL_Output\$(Configuration)\</OutDir>
     <IntDir>$(Platform)\$(ProjectName)\$(Configuration)\</IntDir>
   </PropertyGroup>
+
   <!-- All Configurations -->
   <ItemDefinitionGroup Label="All Configurations">
     <ClCompile>
@@ -57,6 +61,7 @@
       <GenerateDebugInformation>true</GenerateDebugInformation>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- Debug Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Debug'" Label="Debug Configuration">
     <ClCompile>
@@ -72,6 +77,7 @@
       <Culture>0x0409</Culture>
     </ResourceCompile>
   </ItemDefinitionGroup>
+
   <!-- Release Configurations -->
   <ItemDefinitionGroup Condition="'$(Configuration)'=='Release'" Label="Release Configuration">
     <ClCompile>
@@ -93,6 +99,7 @@
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- X86 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='Win32'" Label="X86 Configuration">
     <ClCompile>
@@ -103,6 +110,7 @@
       <ImageHasSafeExceptionHandlers>true</ImageHasSafeExceptionHandlers>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- X64 Configurations -->
   <ItemDefinitionGroup Condition="'$(Platform)'=='x64'" Label="X64 Configuration">
     <ClCompile>
@@ -112,12 +120,14 @@
       <TargetMachine>MachineX64</TargetMachine>
     </Link>
   </ItemDefinitionGroup>
+
   <!-- Source Files -->
   <ItemGroup>
     <ClCompile Include="dlltest.cpp" />
   </ItemGroup>
+
   <!-- Back to Visual Studio boilerplate -->
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
   <ImportGroup Label="ExtensionTargets">
   </ImportGroup>
-</Project>
\ No newline at end of file
+</Project>
diff --git a/kalyna.cpp b/kalyna.cpp
index eba64846..864f139d 100644
--- a/kalyna.cpp
+++ b/kalyna.cpp
@@ -929,16 +929,20 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
 
 // *********************** ProcessAndXorBlock specializations *********************** //
 
-void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], const word64 xorBlock[2], word64 outBlock[2]) const
+void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2]) const
 {
+#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+2, *msg = m_wspace+4;
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(inBlock);
+        block(msg[0])(msg[1]);
+        inBlock = msg;
+    }
+#else
+    word64 *t1 = outBlock, *t2 = m_wspace+2;
+#endif
 
-    // Reverse bytes on BigEndian; Align pointer on LittleEndian
-    typedef GetBlock<word64, LittleEndian, false> InBlock;
-    InBlock iblk(inBlock);
-    iblk(msg[0])(msg[1]);
-
-    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<2>(inBlock, t1, m_rkeys);
@@ -969,22 +973,29 @@ void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], const word64 xorBloc
         IGL128(t2, t1, &m_rkeys[0]);
     }
 
-    // Reverse bytes on BigEndian; Align pointer on LittleEndian
-    typedef PutBlock<word64, LittleEndian, false> OutBlock;
-    OutBlock oblk(xorBlock, outBlock);
-    oblk(t1[0])(t1[1]);
+#if defined(IS_BIG_ENDIAN)
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(t1);
+        block(outBlock[0])(outBlock[1]);
+    }
+#endif
 }
 
-void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], const word64 xorBlock[2], word64 outBlock[2]) const
+void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2]) const
 {
+#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+2, *msg = m_wspace+4;
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(inBlock);
+        block(msg[0])(msg[1]);
+        inBlock = msg;
+    }
+#else
+    word64 *t1 = outBlock, *t2 = m_wspace+2;
+#endif
 
-    // Reverse bytes on BigEndian; Align pointer on LittleEndian
-    typedef GetBlock<word64, LittleEndian, false> InBlock;
-    InBlock iblk(inBlock);
-    iblk(msg[0])(msg[1]);
-
-    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<2>(inBlock, t1, m_rkeys);
@@ -1023,22 +1034,29 @@ void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], const word64 xorBloc
         IGL128(t2, t1, &m_rkeys[0]);
     }
 
-    // Reverse bytes on BigEndian; Align pointer on LittleEndian
-    typedef PutBlock<word64, LittleEndian, false> OutBlock;
-    OutBlock oblk(xorBlock, outBlock);
-    oblk(t1[0])(t1[1]);
+#if defined(IS_BIG_ENDIAN)
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(t1);
+        block(outBlock[0])(outBlock[1]);
+    }
+#endif
 }
 
-void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const
+void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4]) const
 {
+#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+4, *msg = m_wspace+8;
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(inBlock);
+        block(msg[0])(msg[1])(msg[2])(msg[3]);
+        inBlock = msg;
+    }
+#else
+    word64 *t1 = outBlock, *t2 = m_wspace+4;
+#endif
 
-    // Reverse bytes on BigEndian; Align pointer on LittleEndian
-    typedef GetBlock<word64, LittleEndian, false> InBlock;
-    InBlock iblk(inBlock);
-    iblk(msg[0])(msg[1])(msg[2])(msg[3]);
-
-    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<4>(inBlock, t1, m_rkeys);
@@ -1077,25 +1095,32 @@ void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], const word64 xorBloc
         IGL256(t2, t1, &m_rkeys[0]);
     }
 
-    // Reverse bytes on BigEndian; Align pointer on LittleEndian
-    typedef PutBlock<word64, LittleEndian, false> OutBlock;
-    OutBlock oblk(xorBlock, outBlock);
-    oblk(t1[0])(t1[1])(t1[2])(t1[3]);
+#if defined(IS_BIG_ENDIAN)
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(t1);
+        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3]);
+    }
+#endif
 }
 
-void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const
+void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4]) const
 {
+#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+4, *msg = m_wspace+8;
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(inBlock);
+        block(msg[0])(msg[1])(msg[2])(msg[3]);
+        inBlock = msg;
+    }
+#else
+    word64 *t1 = outBlock, *t2 = m_wspace+4;
+#endif
 
-    // Reverse bytes on BigEndian; Align pointer on LittleEndian
-    typedef GetBlock<word64, LittleEndian, false> InBlock;
-    InBlock iblk(inBlock);
-    iblk(msg[0])(msg[1])(msg[2])(msg[3]);
-
-    inBlock = msg;
     if (IsForwardTransformation())
     {
-        AddKey<4>(inBlock, t1, m_rkeys);
+        AddKey<4>((const word64*)inBlock, t1, m_rkeys);
         G256(t1, t2, &m_rkeys[4]); // 1
         G256(t2, t1, &m_rkeys[8]); // 2
         G256(t1, t2, &m_rkeys[12]); // 3
@@ -1139,22 +1164,29 @@ void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], const word64 xorBloc
         IGL256(t2, t1, &m_rkeys[0]);
     }
 
-    // Reverse bytes on BigEndian; Align pointer on LittleEndian
-    typedef PutBlock<word64, LittleEndian, false> OutBlock;
-    OutBlock oblk(xorBlock, outBlock);
-    oblk(t1[0])(t1[1])(t1[2])(t1[3]);
+#if defined(IS_BIG_ENDIAN)
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(t1);
+        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3]);
+    }
+#endif
 }
 
-void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], const word64 xorBlock[8], word64 outBlock[8]) const
+void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8]) const
 {
+#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+8, *msg = m_wspace+16;
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(inBlock);
+        block(msg[0])(msg[1])(msg[2])(msg[3])(msg[4])(msg[5])(msg[6])(msg[7]);
+        inBlock = msg;
+    }
+#else
+    word64 *t1 = outBlock, *t2 = m_wspace+8;
+#endif
 
-    // Reverse bytes on BigEndian; Align pointer on LittleEndian
-    typedef GetBlock<word64, LittleEndian, false> InBlock;
-    InBlock iblk(inBlock);
-    iblk(msg[0])(msg[1])(msg[2])(msg[3])(msg[4])(msg[5])(msg[6])(msg[7]);
-
-    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<8>(inBlock, t1, m_rkeys);
@@ -1201,10 +1233,14 @@ void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], const word64 xorBloc
         IGL512(t2, t1, &m_rkeys[0]);
     }
 
-    // Reverse bytes on BigEndian; Align pointer on LittleEndian
-    typedef PutBlock<word64, LittleEndian, false> OutBlock;
-    OutBlock oblk(xorBlock, outBlock);
-    oblk(t1[0])(t1[1])(t1[2])(t1[3])(t1[4])(t1[5])(t1[6])(t1[7]);
+#if defined(IS_BIG_ENDIAN)
+    {
+        typedef GetBlock<word64, LittleEndian, false> Block;
+        Block block(t1);
+        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3])
+             (outBlock[4])(outBlock[5])(outBlock[6])(outBlock[7]);
+    }
+#endif
 }
 
 // *********************** Library routines *********************** //
@@ -1288,34 +1324,32 @@ void Kalyna::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock,
 
     const byte* p = reinterpret_cast<const byte*>(KalynaTab::S);
     for (unsigned int i=0; i<256; i+=cacheLineSize)
-        u ^= *reinterpret_cast<const word64*>(p+i);
+        u &= *reinterpret_cast<const word64*>(p+i);
     m_wspace[0] = u;
 
     switch ((m_nb << 8) | m_nk)
     {
     case (2 << 8) | 2:
-        ProcessBlock_22(reinterpret_cast<const word64*>(inBlock),
-            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_22(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (2 << 8) | 4:
-        ProcessBlock_24(reinterpret_cast<const word64*>(inBlock),
-            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_24(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (4 << 8) | 4:
-        ProcessBlock_44(reinterpret_cast<const word64*>(inBlock),
-            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_44(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (4 << 8) | 8:
-        ProcessBlock_48(reinterpret_cast<const word64*>(inBlock),
-            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_48(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (8 << 8) | 8:
-        ProcessBlock_88(reinterpret_cast<const word64*>(inBlock),
-            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_88(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
         break;
     default:
         CRYPTOPP_ASSERT(0);
     }
+
+    for (size_t i=0; xorBlock && i<m_nb; ++i)
+        outBlock[i] ^= xorBlock[i];
 }
 
 NAMESPACE_END
diff --git a/kalyna.h b/kalyna.h
index 047685ef..1440a4bb 100644
--- a/kalyna.h
+++ b/kalyna.h
@@ -134,11 +134,11 @@ public:
         // Visual Studio and C2910: 'Kalyna::Base::ProcessBlock_Template': cannot be explicitly specialized
         //template <unsigned int NB, unsigned int NK>
         //  void ProcessBlock_Template(const word64 inBlock[NB], const word64 outBlock[NB]) const;
-        void ProcessBlock_22(const word64 inBlock[2], const word64 xorBlock[2], word64 outBlock[2]) const;
-        void ProcessBlock_24(const word64 inBlock[2], const word64 xorBlock[2] ,word64 outBlock[2]) const;
-        void ProcessBlock_44(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const;
-        void ProcessBlock_48(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const;
-        void ProcessBlock_88(const word64 inBlock[8], const word64 xorBlock[8], word64 outBlock[8]) const;
+        void ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2]) const;
+        void ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2]) const;
+        void ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4]) const;
+        void ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4]) const;
+        void ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8]) const;
 
     private:
         typedef SecBlock<word64, AllocatorWithCleanup<word64, true> > AlignedSecBlock64;
diff --git a/regtest2.cpp b/regtest2.cpp
index 0e9d3d2d..b5528869 100644
--- a/regtest2.cpp
+++ b/regtest2.cpp
@@ -135,7 +135,6 @@ void RegisterFactories2()
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SEED> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<SEED> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<Kalyna> >();  // Test Vectors
-	RegisterSymmetricCipherDefaultFactories<CBC_Mode<Kalyna> >();  // Test Vectors
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Kalyna> >();  // Benchmarks
 
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA1> >();

From 3bee1f57cf9b5f7fe309692d1e13239d1b23b4e2 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 06:34:22 -0400
Subject: [PATCH 119/200] XOR block in specialized ProcessBlock Use Put and Get
 blocks consistently

---
 kalyna.cpp | 168 +++++++++++++++++++++--------------------------------
 kalyna.h   |  10 ++--
 2 files changed, 72 insertions(+), 106 deletions(-)

diff --git a/kalyna.cpp b/kalyna.cpp
index 864f139d..eba64846 100644
--- a/kalyna.cpp
+++ b/kalyna.cpp
@@ -929,20 +929,16 @@ void Kalyna::Base::SetKey_88(const word64 key[8])
 
 // *********************** ProcessAndXorBlock specializations *********************** //
 
-void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2]) const
+void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], const word64 xorBlock[2], word64 outBlock[2]) const
 {
-#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+2, *msg = m_wspace+4;
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(inBlock);
-        block(msg[0])(msg[1]);
-        inBlock = msg;
-    }
-#else
-    word64 *t1 = outBlock, *t2 = m_wspace+2;
-#endif
 
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(msg[0])(msg[1]);
+
+    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<2>(inBlock, t1, m_rkeys);
@@ -973,29 +969,22 @@ void Kalyna::Base::ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2])
         IGL128(t2, t1, &m_rkeys[0]);
     }
 
-#if defined(IS_BIG_ENDIAN)
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(t1);
-        block(outBlock[0])(outBlock[1]);
-    }
-#endif
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(t1[0])(t1[1]);
 }
 
-void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2]) const
+void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], const word64 xorBlock[2], word64 outBlock[2]) const
 {
-#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+2, *msg = m_wspace+4;
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(inBlock);
-        block(msg[0])(msg[1]);
-        inBlock = msg;
-    }
-#else
-    word64 *t1 = outBlock, *t2 = m_wspace+2;
-#endif
 
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(msg[0])(msg[1]);
+
+    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<2>(inBlock, t1, m_rkeys);
@@ -1034,29 +1023,22 @@ void Kalyna::Base::ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2])
         IGL128(t2, t1, &m_rkeys[0]);
     }
 
-#if defined(IS_BIG_ENDIAN)
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(t1);
-        block(outBlock[0])(outBlock[1]);
-    }
-#endif
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(t1[0])(t1[1]);
 }
 
-void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4]) const
+void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const
 {
-#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+4, *msg = m_wspace+8;
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(inBlock);
-        block(msg[0])(msg[1])(msg[2])(msg[3]);
-        inBlock = msg;
-    }
-#else
-    word64 *t1 = outBlock, *t2 = m_wspace+4;
-#endif
 
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(msg[0])(msg[1])(msg[2])(msg[3]);
+
+    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<4>(inBlock, t1, m_rkeys);
@@ -1095,32 +1077,25 @@ void Kalyna::Base::ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4])
         IGL256(t2, t1, &m_rkeys[0]);
     }
 
-#if defined(IS_BIG_ENDIAN)
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(t1);
-        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3]);
-    }
-#endif
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(t1[0])(t1[1])(t1[2])(t1[3]);
 }
 
-void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4]) const
+void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const
 {
-#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+4, *msg = m_wspace+8;
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(inBlock);
-        block(msg[0])(msg[1])(msg[2])(msg[3]);
-        inBlock = msg;
-    }
-#else
-    word64 *t1 = outBlock, *t2 = m_wspace+4;
-#endif
 
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(msg[0])(msg[1])(msg[2])(msg[3]);
+
+    inBlock = msg;
     if (IsForwardTransformation())
     {
-        AddKey<4>((const word64*)inBlock, t1, m_rkeys);
+        AddKey<4>(inBlock, t1, m_rkeys);
         G256(t1, t2, &m_rkeys[4]); // 1
         G256(t2, t1, &m_rkeys[8]); // 2
         G256(t1, t2, &m_rkeys[12]); // 3
@@ -1164,29 +1139,22 @@ void Kalyna::Base::ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4])
         IGL256(t2, t1, &m_rkeys[0]);
     }
 
-#if defined(IS_BIG_ENDIAN)
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(t1);
-        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3]);
-    }
-#endif
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(t1[0])(t1[1])(t1[2])(t1[3]);
 }
 
-void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8]) const
+void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], const word64 xorBlock[8], word64 outBlock[8]) const
 {
-#if defined(IS_BIG_ENDIAN)
     word64 *t1 = m_wspace+0, *t2 = m_wspace+8, *msg = m_wspace+16;
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(inBlock);
-        block(msg[0])(msg[1])(msg[2])(msg[3])(msg[4])(msg[5])(msg[6])(msg[7]);
-        inBlock = msg;
-    }
-#else
-    word64 *t1 = outBlock, *t2 = m_wspace+8;
-#endif
 
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(msg[0])(msg[1])(msg[2])(msg[3])(msg[4])(msg[5])(msg[6])(msg[7]);
+
+    inBlock = msg;
     if (IsForwardTransformation())
     {
         AddKey<8>(inBlock, t1, m_rkeys);
@@ -1233,14 +1201,10 @@ void Kalyna::Base::ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8])
         IGL512(t2, t1, &m_rkeys[0]);
     }
 
-#if defined(IS_BIG_ENDIAN)
-    {
-        typedef GetBlock<word64, LittleEndian, false> Block;
-        Block block(t1);
-        block(outBlock[0])(outBlock[1])(outBlock[2])(outBlock[3])
-             (outBlock[4])(outBlock[5])(outBlock[6])(outBlock[7]);
-    }
-#endif
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(t1[0])(t1[1])(t1[2])(t1[3])(t1[4])(t1[5])(t1[6])(t1[7]);
 }
 
 // *********************** Library routines *********************** //
@@ -1324,32 +1288,34 @@ void Kalyna::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock,
 
     const byte* p = reinterpret_cast<const byte*>(KalynaTab::S);
     for (unsigned int i=0; i<256; i+=cacheLineSize)
-        u &= *reinterpret_cast<const word64*>(p+i);
+        u ^= *reinterpret_cast<const word64*>(p+i);
     m_wspace[0] = u;
 
     switch ((m_nb << 8) | m_nk)
     {
     case (2 << 8) | 2:
-        ProcessBlock_22(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_22(reinterpret_cast<const word64*>(inBlock),
+            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (2 << 8) | 4:
-        ProcessBlock_24(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_24(reinterpret_cast<const word64*>(inBlock),
+            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (4 << 8) | 4:
-        ProcessBlock_44(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_44(reinterpret_cast<const word64*>(inBlock),
+            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (4 << 8) | 8:
-        ProcessBlock_48(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_48(reinterpret_cast<const word64*>(inBlock),
+            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
         break;
     case (8 << 8) | 8:
-        ProcessBlock_88(reinterpret_cast<const word64*>(inBlock), reinterpret_cast<word64*>(outBlock));
+        ProcessBlock_88(reinterpret_cast<const word64*>(inBlock),
+            reinterpret_cast<const word64*>(xorBlock), reinterpret_cast<word64*>(outBlock));
         break;
     default:
         CRYPTOPP_ASSERT(0);
     }
-
-    for (size_t i=0; xorBlock && i<m_nb; ++i)
-        outBlock[i] ^= xorBlock[i];
 }
 
 NAMESPACE_END
diff --git a/kalyna.h b/kalyna.h
index 1440a4bb..047685ef 100644
--- a/kalyna.h
+++ b/kalyna.h
@@ -134,11 +134,11 @@ public:
         // Visual Studio and C2910: 'Kalyna::Base::ProcessBlock_Template': cannot be explicitly specialized
         //template <unsigned int NB, unsigned int NK>
         //  void ProcessBlock_Template(const word64 inBlock[NB], const word64 outBlock[NB]) const;
-        void ProcessBlock_22(const word64 inBlock[2], word64 outBlock[2]) const;
-        void ProcessBlock_24(const word64 inBlock[2], word64 outBlock[2]) const;
-        void ProcessBlock_44(const word64 inBlock[4], word64 outBlock[4]) const;
-        void ProcessBlock_48(const word64 inBlock[4], word64 outBlock[4]) const;
-        void ProcessBlock_88(const word64 inBlock[8], word64 outBlock[8]) const;
+        void ProcessBlock_22(const word64 inBlock[2], const word64 xorBlock[2], word64 outBlock[2]) const;
+        void ProcessBlock_24(const word64 inBlock[2], const word64 xorBlock[2] ,word64 outBlock[2]) const;
+        void ProcessBlock_44(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const;
+        void ProcessBlock_48(const word64 inBlock[4], const word64 xorBlock[4], word64 outBlock[4]) const;
+        void ProcessBlock_88(const word64 inBlock[8], const word64 xorBlock[8], word64 outBlock[8]) const;
 
     private:
         typedef SecBlock<word64, AllocatorWithCleanup<word64, true> > AlignedSecBlock64;

From 0de44edde1d623388fff567bc69cefae884ceba0 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 13:50:36 -0400
Subject: [PATCH 120/200] Remove EncryptBlockCipher The test mode
 EncryptBlockCipher is not needed. datatest.cpp is versatile enough to handle
 variable block sizes under test mode Encrypt

---
 TestVectors/Readme.txt | 1 -
 datatest.cpp           | 7 +++----
 regtest2.cpp           | 1 +
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/TestVectors/Readme.txt b/TestVectors/Readme.txt
index df33ee84..ec7a761f 100644
--- a/TestVectors/Readme.txt
+++ b/TestVectors/Readme.txt
@@ -82,6 +82,5 @@ NotVerify - signature/digest/MAC verification should not pass
 DeterministicSign - sign message using given seed, and the resulting
     signature should equal the given signature
 Encrypt - plaintext encrypts to ciphertext
-EncryptBlockSize - plaintext encrypts to ciphertext under a key and blocksize
 DecryptMatch - ciphertext decrypts to plaintext
 (more to come here)
diff --git a/datatest.cpp b/datatest.cpp
index 95f7da3b..5289642c 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -363,7 +363,7 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 	TestDataNameValuePairs testDataPairs(v);
 	CombinedNameValuePairs pairs(overrideParameters, testDataPairs);
 
-	if (test == "Encrypt" || test == "EncryptBlockSize" || test == "EncryptXorDigest" || test == "Resync" || test == "EncryptionMCT" || test == "DecryptionMCT")
+	if (test == "Encrypt" || test == "EncryptXorDigest" || test == "Resync" || test == "EncryptionMCT" || test == "DecryptionMCT")
 	{
 		static member_ptr<SymmetricCipher> encryptor, decryptor;
 		static std::string lastName;
@@ -375,9 +375,8 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 			lastName = name;
 		}
 
-		int blockSize = 0;
-		if (test == "EncryptBlockSize" && !pairs.GetValue(Name::BlockSize(), blockSize))
-			SignalTestFailure();
+		// Most block ciphers don't specify this. Kalyna and Threefish use it.
+		int blockSize = pairs.GetIntValueWithDefault(Name::BlockSize(), 0);
 
 		ConstByteArrayParameter iv;
 		if (pairs.GetValue(Name::IV(), iv) && iv.size() != encryptor->IVSize() && (int)iv.size() != blockSize)
diff --git a/regtest2.cpp b/regtest2.cpp
index b5528869..0e9d3d2d 100644
--- a/regtest2.cpp
+++ b/regtest2.cpp
@@ -135,6 +135,7 @@ void RegisterFactories2()
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<SEED> >();
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<SEED> >();
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<Kalyna> >();  // Test Vectors
+	RegisterSymmetricCipherDefaultFactories<CBC_Mode<Kalyna> >();  // Test Vectors
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Kalyna> >();  // Benchmarks
 
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA1> >();

From b2a6ba460fc85585d8f5851574e39ad4dc649bcf Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 15:26:36 -0400
Subject: [PATCH 121/200] Make datatest.cpp aware of padding schemes This
 change was needed for Kalyna and its CBC test vectors. One test uses
 OneAndZeros padding

---
 datatest.cpp | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/datatest.cpp b/datatest.cpp
index 5289642c..b0122f54 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -375,9 +375,15 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 			lastName = name;
 		}
 
-		// Most block ciphers don't specify this. Kalyna and Threefish use it.
+		// Most block ciphers don't specify BlockSize. Kalyna and Threefish use it.
 		int blockSize = pairs.GetIntValueWithDefault(Name::BlockSize(), 0);
 
+		// Most block ciphers don't specify BlockPaddingScheme. Kalyna uses it in test vectors.
+		// 0 is NoPadding, 1 is ZerosPadding, 2 is PkcsPadding, 3 is OneAndZerosPadding, etc
+		// Note: The machinery is wired such that paddingScheme is effectively latched. An
+		//   old paddingScheme may be unintentionally used in a subsequent test.
+		int paddingScheme = pairs.GetIntValueWithDefault(Name::BlockPaddingScheme(), 0);
+
 		ConstByteArrayParameter iv;
 		if (pairs.GetValue(Name::IV(), iv) && iv.size() != encryptor->IVSize() && (int)iv.size() != blockSize)
 			SignalTestFailure();
@@ -439,13 +445,15 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 			return;
 		}
 
-		StreamTransformationFilter encFilter(*encryptor, new StringSink(encrypted), StreamTransformationFilter::NO_PADDING);
+		StreamTransformationFilter encFilter(*encryptor, new StringSink(encrypted),
+				static_cast<BlockPaddingSchemeDef::BlockPaddingScheme>(paddingScheme));
 		RandomizedTransfer(StringStore(plaintext).Ref(), encFilter, true);
 		encFilter.MessageEnd();
 		/*{
 			std::string z;
 			encryptor->Seek(seek);
-			StringSource ss(plaintext, false, new StreamTransformationFilter(*encryptor, new StringSink(z), StreamTransformationFilter::NO_PADDING));
+			StringSource ss(plaintext, false, new StreamTransformationFilter(*encryptor, new StringSink(z),
+					static_cast<BlockPaddingSchemeDef::BlockPaddingScheme>(paddingScheme)));
 			while (ss.Pump(64)) {}
 			ss.PumpAll();
 			for (int i=0; i<z.length(); i++)
@@ -469,7 +477,8 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 			SignalTestFailure();
 		}
 		std::string decrypted;
-		StreamTransformationFilter decFilter(*decryptor, new StringSink(decrypted), StreamTransformationFilter::NO_PADDING);
+		StreamTransformationFilter decFilter(*decryptor, new StringSink(decrypted),
+				static_cast<BlockPaddingSchemeDef::BlockPaddingScheme>(paddingScheme));
 		RandomizedTransfer(StringStore(encrypted).Ref(), decFilter, true);
 		decFilter.MessageEnd();
 		if (decrypted != plaintext)

From d236cf1277bf98007660ef8914449ff289827b4a Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 15:27:57 -0400
Subject: [PATCH 122/200] Add Kalyna CBC test vectors

---
 TestVectors/kalyna.txt | 77 +++++++++++++++++++++++++++++++++++++++---
 1 file changed, 72 insertions(+), 5 deletions(-)

diff --git a/TestVectors/kalyna.txt b/TestVectors/kalyna.txt
index 59ae2b8c..6829c7a0 100644
--- a/TestVectors/kalyna.txt
+++ b/TestVectors/kalyna.txt
@@ -6,7 +6,7 @@ Key: 000102030405060708090A0B0C0D0E0F
 BlockSize: 16
 Plaintext: 101112131415161718191A1B1C1D1E1F
 Ciphertext: 81BF1C7D779BAC20E1C9EA39B4D2AD06
-Test: EncryptBlockSize
+Test: Encrypt
 Name: Kalyna/ECB
 Source: Kalyna reference implementation
 Comment: Kalyna 256-bit key, 128-bit block
@@ -14,7 +14,7 @@ Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
 BlockSize: 16
 Plaintext: 202122232425262728292A2B2C2D2E2F
 Ciphertext: 58EC3E091000158A1148F7166F334F14
-Test: EncryptBlockSize
+Test: Encrypt
 Name: Kalyna/ECB
 Source: Kalyna reference implementation
 Comment: Kalyna 256-bit key, 256-bit block
@@ -22,7 +22,7 @@ Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
 BlockSize: 32
 Plaintext: 202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
 Ciphertext: F66E3D570EC92135AEDAE323DCBD2A8CA03963EC206A0D5A88385C24617FD92C
-Test: EncryptBlockSize
+Test: Encrypt
 Name: Kalyna/ECB
 Source: Kalyna reference implementation
 Comment: Kalyna 512-bit key, 256-bit block
@@ -30,7 +30,7 @@ Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223242
 BlockSize: 32
 Plaintext: 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
 Ciphertext: 606990E9E6B7B67A4BD6D893D72268B78E02C83C3CD7E102FD2E74A8FDFE5DD9
-Test: EncryptBlockSize
+Test: Encrypt
 Name: Kalyna/ECB
 Source: Kalyna reference implementation
 Comment: Kalyna 512-bit key, 512-bit block
@@ -38,4 +38,71 @@ Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223242
 BlockSize: 64
 Plaintext: 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
 Ciphertext: 4A26E31B811C356AA61DD6CA0596231A67BA8354AA47F3A13E1DEEC320EB56B895D0F417175BAB662FD6F134BB15C86CCB906A26856EFEB7C5BC6472940DD9D9
-Test: EncryptBlockSize
+Test: Encrypt
+Name: Kalyna/CBC
+Source: DSTU 7624:2014, Section B.6.1 (p.148)
+Comment: Kalyna 128-bit key, 128-bit block
+Key: 000102030405060708090A0B0C0D0E0F
+IV: 101112131415161718191A1B1C1D1E1F
+BlockSize: 16
+BlockPaddingScheme: 0  # NoPadding
+Plaintext: 202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F
+Ciphertext: A73625D7BE994E85469A9FAABCEDAAB6DBC5F65DD77BB35E06BD7D1D8EAFC8624D6CB31CE189C82B8979F2936DE9BF14
+Test: Encrypt
+Name: Kalyna/CBC
+Source: DSTU 7624:2014, Section B.6.3 (p.149)
+Comment: Kalyna 256-bit key, 128-bit block, OneAndZeros padding
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+IV: 202122232425262728292A2B2C2D2E2F
+BlockSize: 16
+BlockPaddingScheme: 3  # OneAndZeroPadding
+Plaintext: 303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D
+Ciphertext: 13EA15843AD14C50BC03ECEF1F43E398E4217752D3EB046AC393DACC5CA1D6FA0EB9FCEB229362B4F1565527EE3D8433
+Test: Encrypt
+Name: Kalyna/CBC
+Source: DSTU 7624:2014, Section B.6.5 (p.151)
+Comment: Kalyna 256-bit key, 256-bit block
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
+IV:  202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+BlockSize: 32
+BlockPaddingScheme: 0  # NoPadding
+Plaintext:  404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F \
+            606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F \
+            808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F
+Ciphertext: 9CDFDAA75929E7C2A5CFC1BF16B42C5AE3886D0258E8C577DC01DAF62D185FB9 \
+            99B9867736B87110F5F1BC7481912C593F48FF79E2AFDFAB9F704A277EC3E557 \
+            B1B0A9F223DAE6ED5AF591C4F2D6FB22E48334F5E9B96B1A2EA5200F30A406CE
+Test: Encrypt
+Name: Kalyna/CBC
+Source: DSTU 7624:2014, Section B.6.7 (p.151)
+Comment: Kalyna 512-bit key, 256-bit block
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F \
+     202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+IV:  404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+BlockSize: 32
+BlockPaddingScheme: 0  # NoPadding
+Plaintext: 606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F \
+           808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F \
+           A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF
+Ciphertext: B8A2474578C2FEBF3F94703587BD5FDC3F4A4D2F43575B6144A1E1031FB3D145 \
+            2B7FD52F5E3411461DAC506869FF8D2FAEF4FEE60379AE00B33AA3EAF911645A \
+            F8091CD8A45D141D1FB150E5A01C1F26FF3DBD26AC4225EC7577B2CE57A5B0FF
+Test: Encrypt
+Name: Kalyna/CBC
+Source: DSTU 7624:2014, Section B.6.9 (p.152)
+Comment: Kalyna 512-bit key, 512-bit block
+Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F \
+     202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
+IV:  404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F \
+     606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
+BlockSize: 64
+BlockPaddingScheme: 0  # NoPadding
+Plaintext: 808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F \
+           A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF \
+           C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF \
+           E0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF
+Ciphertext: D4739B829EF901B24C1162AE4FDEF897EDA41FAC7F5770CDC90E1D1CDF124E8D \
+            7831E06B4498A4B6F6EC815DF2461DC99BB0449B0F09FCAA2C84090534BCC932 \
+            9626FD74EF8F0A0BCB5765184629C3CBF53B0FB134F6D0421174B1C4E884D1CD \
+            1069A7AD19752DCEBF655842E79B7858BDE01390A760D85E88925BFE38B0FA57
+Test: Encrypt
\ No newline at end of file

From e456cd2275bba020e4ee3cc08381f3269df536b0 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 16:20:12 -0400
Subject: [PATCH 123/200] Modify datatest parse to eat whitespace when line
 continuation is in effect Previously the parsed string would look as follows.
 You would get this on a failed self test. Key: 0000000000000000    
 0000000000000000         0000000000000000             0000000000000000

The new behavior eats the leading whitespace, so the key is reported as:
Key: 0000000000000000000000000000000000000000000000000000000000000000
---
 datatest.cpp | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/datatest.cpp b/datatest.cpp
index b0122f54..ac1bf76d 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -685,10 +685,21 @@ bool GetField(std::istream &is, std::string &name, std::string &value)
 
 	do
 	{
+		continueLine = false;
 		do
 		{
 			is.get(buffer, sizeof(buffer));
-			value += buffer;
+
+			// Eat leading whispace on line continuation
+			if (continueLine == true)
+			{
+				size_t pos = 0;
+				while (buffer[pos] != '\0' && buffer[pos] != ' ')
+					pos++;
+				value += &buffer[pos];
+			}
+			else
+				value += buffer;
 			if (buffer[0] == ' ')
 				space = true;
 		}

From 07dbcc3d9644b18e05c1776db2a57fe04d780965 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 18:17:12 -0400
Subject: [PATCH 124/200] Add Inflator::BadDistanceErr exception (Issue 414)
 The improved validation and excpetion clears the Address Sanitizer and
 Undefined Behavior Sanitizer findings

---
 validat1.cpp | 6 +++---
 zinflate.cpp | 8 +++++++-
 zinflate.h   | 4 ++++
 3 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/validat1.cpp b/validat1.cpp
index cd8655b4..e81a46c6 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -623,7 +623,7 @@ bool TestRandomPool()
 			std::cout << "FAILED:";
 		else
 			std::cout << "passed:";
-		std::cout << "  GenerateWord32 and Crop\n";	
+		std::cout << "  GenerateWord32 and Crop\n";
 	}
 
 #if !defined(NO_OS_DEPENDENCE)
@@ -711,7 +711,7 @@ bool TestRandomPool()
 			std::cout << "FAILED:";
 		else
 			std::cout << "passed:";
-		std::cout << "  GenerateWord32 and Crop\n";	
+		std::cout << "  GenerateWord32 and Crop\n";
 	}
 #endif
 
@@ -808,7 +808,7 @@ bool TestAutoSeededX917()
 		std::cout << "FAILED:";
 	else
 		std::cout << "passed:";
-	std::cout << "  GenerateWord32 and Crop\n";	
+	std::cout << "  GenerateWord32 and Crop\n";
 
 	std::cout.flush();
 	return pass;
diff --git a/zinflate.cpp b/zinflate.cpp
index 62431771..ee15c945 100644
--- a/zinflate.cpp
+++ b/zinflate.cpp
@@ -552,12 +552,18 @@ bool Inflator::DecodeBody()
 		case DISTANCE_BITS:
 					// TODO: this surfaced during fuzzing. What do we do???
 					CRYPTOPP_ASSERT(m_distance < COUNTOF(distanceExtraBits));
-					bits = (m_distance >= COUNTOF(distanceExtraBits)) ? distanceExtraBits[29] : distanceExtraBits[m_distance];
+					if (m_distance >= COUNTOF(distanceExtraBits))
+						throw BadDistanceErr();
+					bits = distanceExtraBits[m_distance];
 					if (!m_reader.FillBuffer(bits))
 					{
 						m_nextDecode = DISTANCE_BITS;
 						break;
 					}
+					// TODO: this surfaced during fuzzing. What do we do???
+					CRYPTOPP_ASSERT(m_distance < COUNTOF(distanceStarts));
+					if (m_distance >= COUNTOF(distanceStarts))
+						throw BadDistanceErr();
 					m_distance = m_reader.GetBits(bits) + distanceStarts[m_distance];
 					OutputPast(m_literal, m_distance);
 				}
diff --git a/zinflate.h b/zinflate.h
index b0879cef..0767d4f9 100644
--- a/zinflate.h
+++ b/zinflate.h
@@ -98,8 +98,12 @@ public:
 		Err(ErrorType e, const std::string &s)
 			: Exception(e, s) {}
 	};
+	//! \brief Exception thrown when a truncated stream is encountered
 	class UnexpectedEndErr : public Err {public: UnexpectedEndErr() : Err(INVALID_DATA_FORMAT, "Inflator: unexpected end of compressed block") {}};
+	//! \brief Exception thrown when a bad block is encountered
 	class BadBlockErr : public Err {public: BadBlockErr() : Err(INVALID_DATA_FORMAT, "Inflator: error in compressed block") {}};
+	//! \brief Exception thrown when an invalid distance is encountered
+	class BadDistanceErr : public Err {public: BadDistanceErr() : Err(INVALID_DATA_FORMAT, "Inflator: error in bit distance") {}};
 
 	//! \brief RFC 1951 Decompressor
 	//! \param attachment the filter's attached transformation

From 2a20d09dc61ec1ae0cb6d95210e2c00ebee3f4c3 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 20:32:50 -0400
Subject: [PATCH 125/200] Additional self tests for Decompressors

---
 validat0.cpp | 26 ++++++++++++++++++++++++++
 zinflate.cpp |  8 +++++++-
 2 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/validat0.cpp b/validat0.cpp
index 7277203a..f4837d56 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -2281,6 +2281,32 @@ bool TestHuffmanCodes()
         std::cout << "passed:";
     std::cout << "  GenerateCodeLengths" << std::endl;
 
+    // Try to crash the HuffmanDecoder
+    for (unsigned int i=0; i<128; ++i)
+    {
+        try
+        {
+            byte data1[0xfff];  // Place on stack, avoid new
+            unsigned int data2[0xff];
+
+            unsigned int len1 = GlobalRNG().GenerateWord32(0, 0xfff);
+            GlobalRNG().GenerateBlock(data1, len1);
+            unsigned int len2 = GlobalRNG().GenerateWord32(0, 0xff);
+            GlobalRNG().GenerateBlock((byte*)data2, len2*sizeof(unsigned int));
+
+            ArraySource source(data1, len1, false);
+            HuffmanDecoder decoder(data2, len2);
+
+            LowFirstBitReader reader(source);
+            unsigned int val;
+            for (unsigned int j=0; !source.AnyRetrievable(); ++j)
+                decoder.Decode(reader, val);
+        }
+        catch (const Exception&) {}
+    }
+
+    std::cout << "passed:  HuffmanDecoder decode" << std::endl;
+
     return pass;
 }
 #endif
diff --git a/zinflate.cpp b/zinflate.cpp
index ee15c945..41690ef9 100644
--- a/zinflate.cpp
+++ b/zinflate.cpp
@@ -128,6 +128,7 @@ void HuffmanDecoder::Initialize(const unsigned int *codeBits, unsigned int nCode
 		unsigned int len = codeBits[i];
 		if (len != 0)
 		{
+			CRYPTOPP_ASSERT(j < m_codeToValue.size());
 			code = NormalizeCode(nextCode[len]++, len);
 			m_codeToValue[j].code = code;
 			m_codeToValue[j].len = len;
@@ -181,7 +182,7 @@ void HuffmanDecoder::FillCacheEntry(LookupEntry &entry, code_t normalizedCode) c
 
 inline unsigned int HuffmanDecoder::Decode(code_t code, /* out */ value_t &value) const
 {
-	CRYPTOPP_ASSERT(m_codeToValue.size() > 0);
+	CRYPTOPP_ASSERT(((int)(code & m_cacheMask)) < m_cache.size());
 	LookupEntry &entry = m_cache[code & m_cacheMask];
 
 	code_t normalizedCode = 0;
@@ -406,7 +407,10 @@ void Inflator::DecodeHeader()
 			16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
 		std::fill(codeLengths.begin(), codeLengths+19, 0);
 		for (i=0; i<hclen+4; i++)
+		{
+			CRYPTOPP_ASSERT(border[i] < codeLengths.size());
 			codeLengths[border[i]] = m_reader.GetBits(3);
+		}
 
 		try
 		{
@@ -536,12 +540,14 @@ bool Inflator::DecodeBody()
 						throw BadBlockErr();
 					unsigned int bits;
 		case LENGTH_BITS:
+					CRYPTOPP_ASSERT(m_literal-257 < COUNTOF(lengthExtraBits));
 					bits = lengthExtraBits[m_literal-257];
 					if (!m_reader.FillBuffer(bits))
 					{
 						m_nextDecode = LENGTH_BITS;
 						break;
 					}
+					CRYPTOPP_ASSERT(m_literal-257 < COUNTOF(lengthStarts));
 					m_literal = m_reader.GetBits(bits) + lengthStarts[m_literal-257];
 		case DISTANCE:
 					if (!distanceDecoder.Decode(m_reader, m_distance))

From 702dae7db9f4d7a6c5dad81e619b45b2857fe129 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 10 May 2017 21:00:53 -0400
Subject: [PATCH 126/200] Fix Mersenne output on big-endian machines

---
 mersenne.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mersenne.h b/mersenne.h
index d5bd039b..369aa625 100644
--- a/mersenne.h
+++ b/mersenne.h
@@ -74,7 +74,7 @@ public:
 		for (size_t i=0; i < size/4; i++, output += 4)
 		{
 			temp = NextMersenneWord();
-			PutWord<word32>(false, LITTLE_ENDIAN_ORDER, output, temp);
+			memcpy(output, &temp, 4);
 		}
 
 		// No tail bytes

From e8e0b1c3f2e945e1468ef29aff45b3ff77bc86f5 Mon Sep 17 00:00:00 2001
From: "Dmitry S. Baikov" <dsbaikov@gmail.com>
Date: Thu, 11 May 2017 06:46:56 +0300
Subject: [PATCH 127/200] blake2: Fixed initialization when using non-keyed
 constructor with non-standard digest size. Added test vectors.

https://github.com/weidai11/cryptopp/issues/415

Test vectors generated with pyblake2 which uses 'BLAKE2 reference source code package' by Samuel Neves
---
 blake2.cpp   |  2 +-
 validat3.cpp | 88 +++++++++++++++++++++++++++++++++++++++++++++++-----
 2 files changed, 81 insertions(+), 9 deletions(-)

diff --git a/blake2.cpp b/blake2.cpp
index 5d3154fb..d3af047a 100644
--- a/blake2.cpp
+++ b/blake2.cpp
@@ -351,7 +351,7 @@ BLAKE2_Base<W, T_64bit>::BLAKE2_Base(bool treeMode, unsigned int digestSize) : m
 {
     CRYPTOPP_ASSERT(digestSize <= DIGESTSIZE);
 
-    UncheckedSetKey(NULLPTR, 0, g_nullNameValuePairs);
+    UncheckedSetKey(NULL, 0, MakeParameters(Name::DigestSize(), (int)digestSize)(Name::TreeMode(), treeMode, false));
     Restart();
 }
 
diff --git a/validat3.cpp b/validat3.cpp
index 2ff56541..e8ad4ff7 100644
--- a/validat3.cpp
+++ b/validat3.cpp
@@ -1085,6 +1085,30 @@ bool ValidateBLAKE2s()
 	}
 
 	static const BLAKE2_TestTuples tests[] = {
+	    {
+	        NULLPTR,
+	        NULLPTR,
+	        "\x8F\x38",
+	        0, 0, 2
+	    },
+	    {
+	        NULLPTR,
+	        NULLPTR,
+	        "\x36\xE9\xD2\x46",
+	        0, 0, 4
+	    },
+	    {
+	        NULLPTR,
+	        NULLPTR,
+	        "\xEF\x2A\x8B\x78\xDD\x80\xDA\x9C",
+	        0, 0, 8
+	    },
+	    {
+	        NULLPTR,
+	        NULLPTR,
+	        "\x64\x55\x0D\x6F\xFE\x2C\x0A\x01\xA1\x4A\xBA\x1E\xAD\xE0\x20\x0C",
+	        0, 0, 16
+	    },
 	    {
 	        NULLPTR,
 	        NULLPTR,
@@ -1450,11 +1474,23 @@ bool ValidateBLAKE2s()
 	byte digest[BLAKE2s::DIGESTSIZE];
 	for (unsigned int i=0; i<COUNTOF(tests); ++i)
 	{
-		BLAKE2s blake2s((const byte*)tests[i].key, tests[i].klen);
-		blake2s.Update((const byte*)tests[i].message, tests[i].mlen);
-		blake2s.Final(digest);
+		// the condition is written in a way which for non-default digest sizes
+		// tests the BLAKE2_Base(bool treeMode, unsigned int digestSize) constructor.
+		// See https://github.com/weidai11/cryptopp/issues/415
+		if (tests[i].dlen < BLAKE2s::DIGESTSIZE && tests[i].key == NULL)
+		{
+			BLAKE2s blake2s(false, unsigned int(tests[i].dlen));
+			blake2s.Update((const byte*)tests[i].message, tests[i].mlen);
+			blake2s.Final(digest);
+		}
+		else
+		{
+			BLAKE2s blake2s((const byte*)tests[i].key, tests[i].klen, NULLPTR, 0, NULLPTR, 0, false, unsigned int(tests[i].dlen));
+			blake2s.Update((const byte*)tests[i].message, tests[i].mlen);
+			blake2s.Final(digest);
+		}
 
-		fail = !!memcmp(digest, tests[i].digest, sizeof(digest)) != 0;
+		fail = !!memcmp(digest, tests[i].digest, tests[i].dlen) != 0;
 		if (fail)
 		{
 			std::cout << "FAILED   " << "BLAKE2s test set " << i << std::endl;
@@ -1480,6 +1516,30 @@ bool ValidateBLAKE2b()
 	}
 
 	static const BLAKE2_TestTuples tests[] = {
+	    {
+	        NULLPTR,
+	        NULLPTR,
+	        "\x12\x71\xCF\x25",
+	        0, 0, 4
+	    },
+	    {
+	        NULLPTR,
+	        NULLPTR,
+	        "\xE4\xA6\xA0\x57\x74\x79\xB2\xB4",
+	        0, 0, 8
+	    },
+	    {
+	        NULLPTR,
+	        NULLPTR,
+	        "\xCA\xE6\x69\x41\xD9\xEF\xBD\x40\x4E\x4D\x88\x75\x8E\xA6\x76\x70",
+	        0, 0, 16
+	    },
+	    {
+	        NULLPTR,
+	        NULLPTR,
+	        "\x0E\x57\x51\xC0\x26\xE5\x43\xB2\xE8\xAB\x2E\xB0\x60\x99\xDA\xA1\xD1\xE5\xDF\x47\x77\x8F\x77\x87\xFA\xAB\x45\xCD\xF1\x2F\xE3\xA8",
+	        0, 0, 32
+	    },
 	    {
 	        NULLPTR,
 	        NULLPTR,
@@ -1845,11 +1905,23 @@ bool ValidateBLAKE2b()
 	byte digest[BLAKE2b::DIGESTSIZE];
 	for (unsigned int i=0; i<COUNTOF(tests); ++i)
 	{
-		BLAKE2b blake2b((const byte*)tests[i].key, tests[i].klen);
-		blake2b.Update((const byte*)tests[i].message, tests[i].mlen);
-		blake2b.Final(digest);
+		// the condition is written in a way which for non-default digest sizes
+		// tests the BLAKE2_Base(bool treeMode, unsigned int digestSize) constructor.
+		// See https://github.com/weidai11/cryptopp/issues/415
+		if (tests[i].dlen < BLAKE2b::DIGESTSIZE && tests[i].key == NULL)
+		{
+			BLAKE2b blake2b(false, unsigned int(tests[i].dlen));
+			blake2b.Update((const byte*)tests[i].message, tests[i].mlen);
+			blake2b.Final(digest);
+		}
+		else
+		{
+			BLAKE2b blake2b((const byte*)tests[i].key, tests[i].klen, NULLPTR, 0, NULLPTR, 0, false, unsigned int(tests[i].dlen));
+			blake2b.Update((const byte*)tests[i].message, tests[i].mlen);
+			blake2b.Final(digest);
+		}
 
-		fail = !!memcmp(digest, tests[i].digest, sizeof(digest)) != 0;
+		fail = !!memcmp(digest, tests[i].digest, tests[i].dlen) != 0;
 		if (fail)
 		{
 			std::cout << "FAILED   " << "BLAKE2b test set " << i << std::endl;

From 369fa3bc52043ab15ac4b484250d1d325aa33bd2 Mon Sep 17 00:00:00 2001
From: "Dmitry S. Baikov" <dsbaikov@gmail.com>
Date: Thu, 11 May 2017 07:04:51 +0300
Subject: [PATCH 128/200] NULLPTR fix for blake2

---
 blake2.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/blake2.cpp b/blake2.cpp
index d3af047a..09a3794d 100644
--- a/blake2.cpp
+++ b/blake2.cpp
@@ -351,7 +351,7 @@ BLAKE2_Base<W, T_64bit>::BLAKE2_Base(bool treeMode, unsigned int digestSize) : m
 {
     CRYPTOPP_ASSERT(digestSize <= DIGESTSIZE);
 
-    UncheckedSetKey(NULL, 0, MakeParameters(Name::DigestSize(), (int)digestSize)(Name::TreeMode(), treeMode, false));
+    UncheckedSetKey(NULLPTR, 0, MakeParameters(Name::DigestSize(), (int)digestSize)(Name::TreeMode(), treeMode, false));
     Restart();
 }
 

From 39abbbb07007f812d17bb7f5e25f6942e7c28d69 Mon Sep 17 00:00:00 2001
From: "Dmitry S. Baikov" <dsbaikov@gmail.com>
Date: Thu, 11 May 2017 07:14:37 +0300
Subject: [PATCH 129/200] NULLPTR fix for blake2 tests

---
 validat3.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/validat3.cpp b/validat3.cpp
index e8ad4ff7..aa5c9978 100644
--- a/validat3.cpp
+++ b/validat3.cpp
@@ -1477,7 +1477,7 @@ bool ValidateBLAKE2s()
 		// the condition is written in a way which for non-default digest sizes
 		// tests the BLAKE2_Base(bool treeMode, unsigned int digestSize) constructor.
 		// See https://github.com/weidai11/cryptopp/issues/415
-		if (tests[i].dlen < BLAKE2s::DIGESTSIZE && tests[i].key == NULL)
+		if (tests[i].dlen < BLAKE2s::DIGESTSIZE && tests[i].key == NULLPTR)
 		{
 			BLAKE2s blake2s(false, unsigned int(tests[i].dlen));
 			blake2s.Update((const byte*)tests[i].message, tests[i].mlen);
@@ -1908,7 +1908,7 @@ bool ValidateBLAKE2b()
 		// the condition is written in a way which for non-default digest sizes
 		// tests the BLAKE2_Base(bool treeMode, unsigned int digestSize) constructor.
 		// See https://github.com/weidai11/cryptopp/issues/415
-		if (tests[i].dlen < BLAKE2b::DIGESTSIZE && tests[i].key == NULL)
+		if (tests[i].dlen < BLAKE2b::DIGESTSIZE && tests[i].key == NULLPTR)
 		{
 			BLAKE2b blake2b(false, unsigned int(tests[i].dlen));
 			blake2b.Update((const byte*)tests[i].message, tests[i].mlen);

From a9b06b40e7a6e426c9455cd68c3822783f59ec38 Mon Sep 17 00:00:00 2001
From: "Dmitry S. Baikov" <dsbaikov@gmail.com>
Date: Thu, 11 May 2017 07:39:51 +0300
Subject: [PATCH 130/200] fixed type casts in blake2 tests

---
 validat3.cpp | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/validat3.cpp b/validat3.cpp
index aa5c9978..cc6eff1a 100644
--- a/validat3.cpp
+++ b/validat3.cpp
@@ -1479,13 +1479,13 @@ bool ValidateBLAKE2s()
 		// See https://github.com/weidai11/cryptopp/issues/415
 		if (tests[i].dlen < BLAKE2s::DIGESTSIZE && tests[i].key == NULLPTR)
 		{
-			BLAKE2s blake2s(false, unsigned int(tests[i].dlen));
+			BLAKE2s blake2s(false, (unsigned int)tests[i].dlen);
 			blake2s.Update((const byte*)tests[i].message, tests[i].mlen);
 			blake2s.Final(digest);
 		}
 		else
 		{
-			BLAKE2s blake2s((const byte*)tests[i].key, tests[i].klen, NULLPTR, 0, NULLPTR, 0, false, unsigned int(tests[i].dlen));
+			BLAKE2s blake2s((const byte*)tests[i].key, tests[i].klen, NULLPTR, 0, NULLPTR, 0, false, (unsigned int)tests[i].dlen);
 			blake2s.Update((const byte*)tests[i].message, tests[i].mlen);
 			blake2s.Final(digest);
 		}
@@ -1910,13 +1910,13 @@ bool ValidateBLAKE2b()
 		// See https://github.com/weidai11/cryptopp/issues/415
 		if (tests[i].dlen < BLAKE2b::DIGESTSIZE && tests[i].key == NULLPTR)
 		{
-			BLAKE2b blake2b(false, unsigned int(tests[i].dlen));
+			BLAKE2b blake2b(false, (unsigned int)tests[i].dlen);
 			blake2b.Update((const byte*)tests[i].message, tests[i].mlen);
 			blake2b.Final(digest);
 		}
 		else
 		{
-			BLAKE2b blake2b((const byte*)tests[i].key, tests[i].klen, NULLPTR, 0, NULLPTR, 0, false, unsigned int(tests[i].dlen));
+			BLAKE2b blake2b((const byte*)tests[i].key, tests[i].klen, NULLPTR, 0, NULLPTR, 0, false, (unsigned int)tests[i].dlen);
 			blake2b.Update((const byte*)tests[i].message, tests[i].mlen);
 			blake2b.Final(digest);
 		}

From b40d4d9180b6cf49f52013fccfc708651120233e Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 11 May 2017 01:35:32 -0400
Subject: [PATCH 131/200] Add CRYPTOPP_COVERAGE for Asan and UBsan builds

---
 GNUmakefile | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/GNUmakefile b/GNUmakefile
index f4c10715..0ea87c15 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -409,6 +409,9 @@ ifeq ($(findstring ubsan,$(MAKECMDGOALS)),ubsan)
 ifeq ($(findstring -fsanitize=undefined,$(CXXFLAGS)),)
 CXXFLAGS += -fsanitize=undefined
 endif # CXXFLAGS
+ifeq ($(findstring -DCRYPTOPP_COVERAGE,$(CXXFLAGS)),)
+CXXFLAGS += -DCRYPTOPP_COVERAGE
+endif # CXXFLAGS
 ifeq ($(findstring -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS,$(CXXFLAGS)),)
 CXXFLAGS += -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS
 endif # CXXFLAGS
@@ -419,6 +422,9 @@ ifeq ($(findstring asan,$(MAKECMDGOALS)),asan)
 ifeq ($(findstring -fsanitize=address,$(CXXFLAGS)),)
 CXXFLAGS += -fsanitize=address
 endif # CXXFLAGS
+ifeq ($(findstring -DCRYPTOPP_COVERAGE,$(CXXFLAGS)),)
+CXXFLAGS += -DCRYPTOPP_COVERAGE
+endif # CXXFLAGS
 ifeq ($(findstring -fno-omit-frame-pointer,$(CXXFLAGS)),)
 CXXFLAGS += -fno-omit-frame-pointer
 endif # CXXFLAGS

From 598f838e0a93e0de9517350bb29623d3c7b62728 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 11 May 2017 02:13:27 -0400
Subject: [PATCH 132/200] Reduce random string size. Tests run faster without
 diminishing returns

---
 validat0.cpp | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index f4837d56..29062bc4 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -43,7 +43,7 @@ bool TestCompressors()
         for (unsigned int i=0; i<128; ++i)
         {
             std::string src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
+            unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -71,7 +71,7 @@ bool TestCompressors()
     for (unsigned int i=0; i<128; i++)
     {
         std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
+        unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -104,7 +104,7 @@ bool TestCompressors()
         for (unsigned int i=0; i<128; ++i)
         {
             std::string src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
+            unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -133,7 +133,7 @@ bool TestCompressors()
     {
         // See if we can induce a crash
         std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
+        unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -147,7 +147,7 @@ bool TestCompressors()
     for (unsigned int i=0; i<128; i++)
     {
         std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
+        unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -180,7 +180,7 @@ bool TestCompressors()
         for (unsigned int i=0; i<128; ++i)
         {
             std::string src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
+            unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -208,7 +208,7 @@ bool TestCompressors()
     for (unsigned int i=0; i<128; i++)
     {
         std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32(0, 0xffff);
+        unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -241,7 +241,7 @@ bool TestEncryptors()
         for (unsigned int i=0; i<ENCRYPT_COUNT; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32(16, 0xffff);
+            unsigned int len = GlobalRNG().GenerateWord32(16, 0xfff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -274,7 +274,7 @@ bool TestEncryptors()
         for (unsigned int i=0; i<ENCRYPT_MAC_COUNT; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32(16, 0xffff);
+            unsigned int len = GlobalRNG().GenerateWord32(16, 0xfff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -339,7 +339,7 @@ bool TestEncryptors()
         for (unsigned int i=0; i<ENCRYPT_COUNT; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32(16, 0xffff);
+            unsigned int len = GlobalRNG().GenerateWord32(16, 0xfff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
@@ -372,7 +372,7 @@ bool TestEncryptors()
         for (unsigned int i=0; i<ENCRYPT_MAC_COUNT; ++i)
         {
             std::string pwd, src, dest, rec;
-            unsigned int len = GlobalRNG().GenerateWord32(16, 0xffff);
+            unsigned int len = GlobalRNG().GenerateWord32(16, 0xfff);
 
             src.resize(len);
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());

From c87b0d1485d70cb342783a4a264917019451a14e Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 11 May 2017 02:57:48 -0400
Subject: [PATCH 133/200] Fix subscript out of range in test

---
 validat0.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/validat0.cpp b/validat0.cpp
index 29062bc4..89fde6ba 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -71,7 +71,7 @@ bool TestCompressors()
     for (unsigned int i=0; i<128; i++)
     {
         std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
+        unsigned int len = GlobalRNG().GenerateWord32(8, 0xfff);
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());

From ea5d003a9a9c10918171c1df90efe645922a66b2 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 11 May 2017 03:56:19 -0400
Subject: [PATCH 134/200] Move TestPolynomialMod2 to validat0.cpp

---
 validat0.cpp | 115 +++++++++++++++++++++++++++++++++++++++++++++++++++
 validat2.cpp | 114 --------------------------------------------------
 2 files changed, 115 insertions(+), 114 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index 89fde6ba..e3db4b73 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -13,6 +13,7 @@
 #include "zinflate.h"
 #include "channels.h"
 #include "files.h"
+#include "gf2n.h"
 #include "gzip.h"
 #include "zlib.h"
 #include "ida.h"
@@ -32,6 +33,120 @@
 NAMESPACE_BEGIN(CryptoPP)
 NAMESPACE_BEGIN(Test)
 
+#if defined(CRYPTOPP_EXTENDED_VALIDATION)
+// Issue 64: "PolynomialMod2::operator<<=", http://github.com/weidai11/cryptopp/issues/64
+bool TestPolynomialMod2()
+{
+    bool pass1 = true, pass2 = true, pass3 = true;
+
+    std::cout << "\nTesting PolynomialMod2 bit operations...\n\n";
+
+    static const unsigned int start = 0;
+    static const unsigned int stop = 4 * WORD_BITS + 1;
+
+    for (unsigned int i = start; i < stop; i++)
+    {
+        PolynomialMod2 p(1);
+        p <<= i;
+
+        Integer n(Integer::One());
+        n <<= i;
+
+        std::ostringstream oss1;
+        oss1 << p;
+
+        std::string str1, str2;
+
+        // str1 needs the commas removed used for grouping
+        str1 = oss1.str();
+        str1.erase(std::remove(str1.begin(), str1.end(), ','), str1.end());
+
+        // str1 needs the trailing 'b' removed
+        str1.erase(str1.end() - 1);
+
+        // str2 is fine as-is
+        str2 = IntToString(n, 2);
+
+        pass1 &= (str1 == str2);
+    }
+
+    for (unsigned int i = start; i < stop; i++)
+    {
+        const word w((word)SIZE_MAX);
+
+        PolynomialMod2 p(w);
+        p <<= i;
+
+        Integer n(Integer::POSITIVE, static_cast<lword>(w));
+        n <<= i;
+
+        std::ostringstream oss1;
+        oss1 << p;
+
+        std::string str1, str2;
+
+        // str1 needs the commas removed used for grouping
+        str1 = oss1.str();
+        str1.erase(std::remove(str1.begin(), str1.end(), ','), str1.end());
+
+        // str1 needs the trailing 'b' removed
+        str1.erase(str1.end() - 1);
+
+        // str2 is fine as-is
+        str2 = IntToString(n, 2);
+
+        pass2 &= (str1 == str2);
+    }
+
+    RandomNumberGenerator& prng = GlobalRNG();
+    for (unsigned int i = start; i < stop; i++)
+    {
+        word w;     // Cast to lword due to Visual Studio
+        prng.GenerateBlock((byte*)&w, sizeof(w));
+
+        PolynomialMod2 p(w);
+        p <<= i;
+
+        Integer n(Integer::POSITIVE, static_cast<lword>(w));
+        n <<= i;
+
+        std::ostringstream oss1;
+        oss1 << p;
+
+        std::string str1, str2;
+
+        // str1 needs the commas removed used for grouping
+        str1 = oss1.str();
+        str1.erase(std::remove(str1.begin(), str1.end(), ','), str1.end());
+
+        // str1 needs the trailing 'b' removed
+        str1.erase(str1.end() - 1);
+
+        // str2 is fine as-is
+        str2 = IntToString(n, 2);
+
+        if (str1 != str2)
+        {
+            std::cout << "  Oops..." << "\n";
+            std::cout << "     random: " << std::hex << n << std::dec << "\n";
+            std::cout << "     str1: " << str1 << "\n";
+            std::cout << "     str2: " << str2 << "\n";
+        }
+
+        pass3 &= (str1 == str2);
+    }
+
+    std::cout << (!pass1 ? "FAILED" : "passed") << ":  " << "1 shifted over range [" << std::dec << start << "," << stop << "]" << "\n";
+    std::cout << (!pass2 ? "FAILED" : "passed") << ":  " << "0x" << std::hex << word(SIZE_MAX) << std::dec << " shifted over range [" << start << "," << stop << "]" << "\n";
+    std::cout << (!pass3 ? "FAILED" : "passed") << ":  " << "random values shifted over range [" << std::dec << start << "," << stop << "]" << "\n";
+
+    if (!(pass1 && pass2 && pass3))
+        std::cout.flush();
+
+    return pass1 && pass2 && pass3;
+}
+#endif
+
 #if defined(CRYPTOPP_EXTENDED_VALIDATION)
 bool TestCompressors()
 {
diff --git a/validat2.cpp b/validat2.cpp
index ecb17556..8b354342 100644
--- a/validat2.cpp
+++ b/validat2.cpp
@@ -793,120 +793,6 @@ bool ValidateBlumGoldwasser()
 }
 */
 
-#if defined(CRYPTOPP_EXTENDED_VALIDATION)
-// Issue 64: "PolynomialMod2::operator<<=", http://github.com/weidai11/cryptopp/issues/64
-bool TestPolynomialMod2()
-{
-	bool pass1 = true, pass2 = true, pass3 = true;
-
-	std::cout << "\nTesting PolynomialMod2 bit operations...\n\n";
-
-	static const unsigned int start = 0;
-	static const unsigned int stop = 4 * WORD_BITS + 1;
-
-	for (unsigned int i=start; i < stop; i++)
-	{
-		PolynomialMod2 p(1);
-		p <<= i;
-
-		Integer n(Integer::One());
-		n <<= i;
-
-		std::ostringstream oss1;
-		oss1 << p;
-
-		std::string str1, str2;
-
-		// str1 needs the commas removed used for grouping
-		str1 = oss1.str();
-		str1.erase(std::remove(str1.begin(), str1.end(), ','), str1.end());
-
-		// str1 needs the trailing 'b' removed
-		str1.erase(str1.end() - 1);
-
-		// str2 is fine as-is
-		str2 = IntToString(n, 2);
-
-		pass1 &= (str1 == str2);
-	}
-
-	for (unsigned int i=start; i < stop; i++)
-	{
-		const word w((word)SIZE_MAX);
-
-		PolynomialMod2 p(w);
-		p <<= i;
-
-		Integer n(Integer::POSITIVE, static_cast<lword>(w));
-		n <<= i;
-
-		std::ostringstream oss1;
-		oss1 << p;
-
-		std::string str1, str2;
-
-		// str1 needs the commas removed used for grouping
-		str1 = oss1.str();
-		str1.erase(std::remove(str1.begin(), str1.end(), ','), str1.end());
-
-		// str1 needs the trailing 'b' removed
-		str1.erase(str1.end() - 1);
-
-		// str2 is fine as-is
-		str2 = IntToString(n, 2);
-
-		pass2 &= (str1 == str2);
-	}
-
-	RandomNumberGenerator& prng = GlobalRNG();
-	for (unsigned int i=start; i < stop; i++)
-	{
-		word w; 	// Cast to lword due to Visual Studio
-		prng.GenerateBlock((byte*)&w, sizeof(w));
-
-		PolynomialMod2 p(w);
-		p <<= i;
-
-		Integer n(Integer::POSITIVE, static_cast<lword>(w));
-		n <<= i;
-
-		std::ostringstream oss1;
-		oss1 << p;
-
-		std::string str1, str2;
-
-		// str1 needs the commas removed used for grouping
-		str1 = oss1.str();
-		str1.erase(std::remove(str1.begin(), str1.end(), ','), str1.end());
-
-		// str1 needs the trailing 'b' removed
-		str1.erase(str1.end() - 1);
-
-		// str2 is fine as-is
-		str2 = IntToString(n, 2);
-
-		if (str1 != str2)
-		{
-			std::cout << "  Oops..." << "\n";
-			std::cout << "     random: " << std::hex << n << std::dec << "\n";
-			std::cout << "     str1: " << str1 << "\n";
-			std::cout << "     str2: " << str2 << "\n";
-		}
-
-		pass3 &= (str1 == str2);
-	}
-
-	std::cout << (!pass1 ? "FAILED" : "passed") << ":  " << "1 shifted over range [" << std::dec << start << "," << stop << "]" << "\n";
-	std::cout << (!pass2 ? "FAILED" : "passed") << ":  " << "0x" << std::hex << word(SIZE_MAX) << std::dec << " shifted over range [" << start << "," << stop << "]" << "\n";
-	std::cout << (!pass3 ? "FAILED" : "passed") << ":  " << "random values shifted over range [" << std::dec << start << "," << stop << "]" << "\n";
-
-	if (!(pass1 && pass2 && pass3))
-		std::cout.flush();
-
-	return pass1 && pass2 && pass3;
-}
-#endif
-
 bool ValidateECP()
 {
 	std::cout << "\nECP validation suite running...\n\n";

From 34edf7e12f57ae619098de12ec43fda6de91e8de Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 11 May 2017 04:14:13 -0400
Subject: [PATCH 135/200] Fix subscript out of range in test

---
 validat0.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/validat0.cpp b/validat0.cpp
index e3db4b73..b3bb80e5 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -262,7 +262,7 @@ bool TestCompressors()
     for (unsigned int i=0; i<128; i++)
     {
         std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
+        unsigned int len = GlobalRNG().GenerateWord32(8, 0xfff);
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());

From 308336c4e148c0a67f558a870e818cdd6b7ff3fe Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 11 May 2017 11:18:52 -0400
Subject: [PATCH 136/200] Switch to COUNTOF in validat3.cpp

---
 validat3.cpp | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/validat3.cpp b/validat3.cpp
index cc6eff1a..577247fc 100644
--- a/validat3.cpp
+++ b/validat3.cpp
@@ -106,7 +106,7 @@ bool ValidateCRC32()
 	CRC32 crc;
 
 	std::cout << "\nCRC-32 validation suite running...\n\n";
-	return HashModuleTest(crc, testSet, sizeof(testSet)/sizeof(testSet[0]));
+	return HashModuleTest(crc, testSet, COUNTOF(testSet));
 }
 
 bool ValidateCRC32C()
@@ -126,7 +126,7 @@ bool ValidateCRC32C()
 	CRC32C crc;
 
 	std::cout << "\nCRC-32C validation suite running...\n\n";
-	return HashModuleTest(crc, testSet, sizeof(testSet)/sizeof(testSet[0]));
+	return HashModuleTest(crc, testSet, COUNTOF(testSet));
 }
 
 bool ValidateAdler32()
@@ -145,7 +145,7 @@ bool ValidateAdler32()
 	Adler32 md;
 
 	std::cout << "\nAdler-32 validation suite running...\n\n";
-	return HashModuleTest(md, testSet, sizeof(testSet)/sizeof(testSet[0]));
+	return HashModuleTest(md, testSet, COUNTOF(testSet));
 }
 
 bool ValidateMD2()
@@ -164,7 +164,7 @@ bool ValidateMD2()
 	Weak::MD2 md2;
 
 	std::cout << "\nMD2 validation suite running...\n\n";
-	return HashModuleTest(md2, testSet, sizeof(testSet)/sizeof(testSet[0]));
+	return HashModuleTest(md2, testSet, COUNTOF(testSet));
 }
 
 bool ValidateMD4()
@@ -183,7 +183,7 @@ bool ValidateMD4()
 	Weak::MD4 md4;
 
 	std::cout << "\nMD4 validation suite running...\n\n";
-	return HashModuleTest(md4, testSet, sizeof(testSet)/sizeof(testSet[0]));
+	return HashModuleTest(md4, testSet, COUNTOF(testSet));
 }
 
 bool ValidateMD5()
@@ -202,7 +202,7 @@ bool ValidateMD5()
 	Weak::MD5 md5;
 
 	std::cout << "\nMD5 validation suite running...\n\n";
-	return HashModuleTest(md5, testSet, sizeof(testSet)/sizeof(testSet[0]));
+	return HashModuleTest(md5, testSet, COUNTOF(testSet));
 }
 
 bool ValidateSHA()
@@ -236,7 +236,7 @@ bool ValidateTiger()
 
 	Tiger tiger;
 
-	return HashModuleTest(tiger, testSet, sizeof(testSet)/sizeof(testSet[0]));
+	return HashModuleTest(tiger, testSet, COUNTOF(testSet));
 }
 
 bool ValidateRIPEMD()
@@ -297,19 +297,19 @@ bool ValidateRIPEMD()
 
 	std::cout << "\nRIPEMD-128 validation suite running...\n\n";
 	RIPEMD128 md128;
-	pass = HashModuleTest(md128, testSet128, sizeof(testSet128)/sizeof(testSet128[0])) && pass;
+	pass = HashModuleTest(md128, testSet128, COUNTOF(testSet128)) && pass;
 
 	std::cout << "\nRIPEMD-160 validation suite running...\n\n";
 	RIPEMD160 md160;
-	pass = HashModuleTest(md160, testSet160, sizeof(testSet160)/sizeof(testSet160[0])) && pass;
+	pass = HashModuleTest(md160, testSet160, COUNTOF(testSet160)) && pass;
 
 	std::cout << "\nRIPEMD-256 validation suite running...\n\n";
 	RIPEMD256 md256;
-	pass = HashModuleTest(md256, testSet256, sizeof(testSet256)/sizeof(testSet256[0])) && pass;
+	pass = HashModuleTest(md256, testSet256, COUNTOF(testSet256)) && pass;
 
 	std::cout << "\nRIPEMD-320 validation suite running...\n\n";
 	RIPEMD320 md320;
-	pass = HashModuleTest(md320, testSet320, sizeof(testSet320)/sizeof(testSet320[0])) && pass;
+	pass = HashModuleTest(md320, testSet320, COUNTOF(testSet320)) && pass;
 
 	return pass;
 }
@@ -543,7 +543,7 @@ bool ValidateTTMAC()
 	std::cout << "\nTwo-Track-MAC validation suite running...\n";
 
 	TTMAC mac(key, sizeof(key));
-	for (unsigned int k=0; k<sizeof(TestVals)/sizeof(TestVals[0]); k++)
+	for (unsigned int k = 0; k<COUNTOF(TestVals); k++)
 	{
 		mac.Update((byte *)TestVals[k], strlen(TestVals[k]));
 		mac.Final(digest);
@@ -619,7 +619,7 @@ bool ValidatePBKDF()
 	PKCS12_PBKDF<SHA1> pbkdf;
 
 	std::cout << "\nPKCS #12 PBKDF validation suite running...\n\n";
-	pass = TestPBKDF(pbkdf, testSet, sizeof(testSet)/sizeof(testSet[0])) && pass;
+	pass = TestPBKDF(pbkdf, testSet, COUNTOF(testSet)) && pass;
 	}
 
 	{
@@ -633,7 +633,7 @@ bool ValidatePBKDF()
 	PKCS5_PBKDF2_HMAC<SHA1> pbkdf;
 
 	std::cout << "\nPKCS #5 PBKDF2 validation suite running...\n\n";
-	pass = TestPBKDF(pbkdf, testSet, sizeof(testSet)/sizeof(testSet[0])) && pass;
+	pass = TestPBKDF(pbkdf, testSet, COUNTOF(testSet)) && pass;
 	}
 
 	return pass;

From aa287d6112514c7c150047faa732c28f1ac76595 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 11 May 2017 11:55:00 -0400
Subject: [PATCH 137/200] Fix compile under GCC 6.3 on Fedora

---
 validat0.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/validat0.cpp b/validat0.cpp
index b3bb80e5..b9ff1aaf 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -22,6 +22,7 @@
 
 #include <iostream>
 #include <iomanip>
+#include <sstream>
 
 #include "validate.h"
 

From 537ee61ade03ee00fa394426319ec6869c0762d3 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 11 May 2017 12:05:57 -0400
Subject: [PATCH 138/200] Switch to _MSC_FULL_VER for SP1 releases

---
 datatest.cpp | 2 +-
 integer.cpp  | 2 +-
 regtest1.cpp | 2 +-
 regtest2.cpp | 2 +-
 regtest3.cpp | 2 +-
 test.cpp     | 2 +-
 validat0.cpp | 2 +-
 validat1.cpp | 4 ++--
 validat2.cpp | 2 +-
 validat3.cpp | 2 +-
 10 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/datatest.cpp b/datatest.cpp
index ac1bf76d..837db43f 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -20,7 +20,7 @@
 #include <iostream>
 
 // Aggressive stack checking with VS2005 SP1 and above.
-#if (CRYPTOPP_MSC_VERSION >= 1410)
+#if (_MSC_FULL_VER >= 140050727)
 # pragma strict_gs_check (on)
 #endif
 
diff --git a/integer.cpp b/integer.cpp
index 317ad89f..ae9e1a1f 100644
--- a/integer.cpp
+++ b/integer.cpp
@@ -3048,7 +3048,7 @@ Integer::Integer(const byte *encodedInteger, size_t byteCount, Signedness s, Byt
 	if (o == LITTLE_ENDIAN_ORDER)
 	{
 		SecByteBlock block(byteCount);
-#if (CRYPTOPP_MSC_VERSION >= 1410)
+#if (_MSC_FULL_VER >= 140050727)
 		std::reverse_copy(encodedInteger, encodedInteger+byteCount,
 			stdext::make_checked_array_iterator(block.begin(), block.size()));
 #else
diff --git a/regtest1.cpp b/regtest1.cpp
index e30ff353..194f2898 100644
--- a/regtest1.cpp
+++ b/regtest1.cpp
@@ -30,7 +30,7 @@
 #include "aes.h"
 
 // Aggressive stack checking with VS2005 SP1 and above.
-#if (CRYPTOPP_MSC_VERSION >= 1410)
+#if (_MSC_FULL_VER >= 140050727)
 # pragma strict_gs_check (on)
 #endif
 
diff --git a/regtest2.cpp b/regtest2.cpp
index 0e9d3d2d..3d560186 100644
--- a/regtest2.cpp
+++ b/regtest2.cpp
@@ -56,7 +56,7 @@
 #include "panama.h"
 
 // Aggressive stack checking with VS2005 SP1 and above.
-#if (CRYPTOPP_MSC_VERSION >= 1410)
+#if (_MSC_FULL_VER >= 140050727)
 # pragma strict_gs_check (on)
 #endif
 
diff --git a/regtest3.cpp b/regtest3.cpp
index 5e66f3bb..292bd544 100644
--- a/regtest3.cpp
+++ b/regtest3.cpp
@@ -22,7 +22,7 @@
 #include "sha.h"
 
 // Aggressive stack checking with VS2005 SP1 and above.
-#if (CRYPTOPP_MSC_VERSION >= 1410)
+#if (_MSC_FULL_VER >= 140050727)
 # pragma strict_gs_check (on)
 #endif
 
diff --git a/test.cpp b/test.cpp
index 853c10b6..d1a479df 100644
--- a/test.cpp
+++ b/test.cpp
@@ -62,7 +62,7 @@
 #endif
 
 // Aggressive stack checking with VS2005 SP1 and above.
-#if (CRYPTOPP_MSC_VERSION >= 1410)
+#if (_MSC_FULL_VER >= 140050727)
 # pragma strict_gs_check (on)
 #endif
 
diff --git a/validat0.cpp b/validat0.cpp
index b9ff1aaf..63c26194 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -27,7 +27,7 @@
 #include "validate.h"
 
 // Aggressive stack checking with VS2005 SP1 and above.
-#if (CRYPTOPP_MSC_VERSION >= 1410)
+#if (_MSC_FULL_VER >= 140050727)
 # pragma strict_gs_check (on)
 #endif
 
diff --git a/validat1.cpp b/validat1.cpp
index e81a46c6..d8703731 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -60,7 +60,7 @@
 #include "validate.h"
 
 // Aggressive stack checking with VS2005 SP1 and above.
-#if (CRYPTOPP_MSC_VERSION >= 1410)
+#if (_MSC_FULL_VER >= 140050727)
 # pragma strict_gs_check (on)
 #endif
 
@@ -209,7 +209,7 @@ bool TestSettings()
 	word32 w;
 	const byte s[] = "\x01\x02\x03\x04";
 
-#if (CRYPTOPP_MSC_VERSION >= 1410)
+#if (_MSC_FULL_VER >= 140050727)
 	std::copy(s, s+4,
 		stdext::make_checked_array_iterator(reinterpret_cast<byte*>(&w), sizeof(w)));
 #else
diff --git a/validat2.cpp b/validat2.cpp
index 8b354342..cc505edd 100644
--- a/validat2.cpp
+++ b/validat2.cpp
@@ -47,7 +47,7 @@
 #include "validate.h"
 
 // Aggressive stack checking with VS2005 SP1 and above.
-#if (CRYPTOPP_MSC_VERSION >= 1410)
+#if (_MSC_FULL_VER >= 140050727)
 # pragma strict_gs_check (on)
 #endif
 
diff --git a/validat3.cpp b/validat3.cpp
index 577247fc..829840b0 100644
--- a/validat3.cpp
+++ b/validat3.cpp
@@ -40,7 +40,7 @@
 #include "validate.h"
 
 // Aggressive stack checking with VS2005 SP1 and above.
-#if (CRYPTOPP_MSC_VERSION >= 1410)
+#if (_MSC_FULL_VER >= 140050727)
 # pragma strict_gs_check (on)
 #endif
 

From 35451f3ab6b2aed088b33399199c23d56dea9dbc Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 11 May 2017 13:00:17 -0400
Subject: [PATCH 139/200] Additional self tests for Decompressors

---
 validat0.cpp | 133 ++++++++++++++++++++++++++++++++-------------------
 1 file changed, 84 insertions(+), 49 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index 63c26194..ef324219 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -156,7 +156,7 @@ bool TestCompressors()
 
     try
     {
-        for (unsigned int i=0; i<128; ++i)
+        for (unsigned int i = 0; i<128; ++i)
         {
             std::string src, dest, rec;
             unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
@@ -171,12 +171,13 @@ bool TestCompressors()
 
             // Tamper
             try {
-                StringSource(dest.substr(0, len-2), true, new Gunzip(new StringSink(rec)));
+                StringSource(dest.substr(0, len - 2), true, new Gunzip(new StringSink(rec)));
                 throw Exception(Exception::OTHER_ERROR, "Gzip failed to detect a truncated stream");
-            } catch(const Exception&) {}
+            }
+            catch (const Exception&) {}
         }
     }
-    catch(const Exception&)
+    catch (const Exception&)
     {
         fail1 = true;
     }
@@ -184,7 +185,22 @@ bool TestCompressors()
     // **************************************************************
 
     // Unzip random data. See if we can induce a crash
-    for (unsigned int i=0; i<128; i++)
+    for (unsigned int i = 0; i<128; i++)
+    {
+        std::string src, dest;
+        unsigned int len = GlobalRNG().GenerateWord32(8, 0xfff);
+
+        src.resize(len);
+        GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+        try {
+            StringSource(src, true, new Gunzip(new StringSink(dest)));
+        }
+        catch (const Exception&) {}
+    }
+
+    // Unzip random data. See if we can induce a crash
+    for (unsigned int i = 0; i<128; i++)
     {
         std::string src, dest;
         unsigned int len = GlobalRNG().GenerateWord32(8, 0xfff);
@@ -193,31 +209,32 @@ bool TestCompressors()
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
         src[0] = (byte)0x1f; src[1] = (byte)0x8b;  // magic header
         src[2] = 0x00;  // extra flags
-        src[3] = src[3] & (2|4|8|16|32);  // flags
+        src[3] = src[3] & (2 | 4 | 8 | 16 | 32);  // flags
 
         // Don't allow ENCRYPTED|CONTINUED to over-run tests
-        if (src[3] & (2|32)) {
-            if (i%3 == 0) {src[3] &= ~2;}
-            if (i%3 == 1) {src[3] &= ~32;}
+        if (src[3] & (2 | 32)) {
+            if (i % 3 == 0) { src[3] &= ~2; }
+            if (i % 3 == 1) { src[3] &= ~32; }
         }
         // The remainder are extra headers and the payload
 
         try {
             StringSource(src, true, new Gunzip(new StringSink(dest)));
-        } catch(const Exception&) {    }
+        }
+        catch (const Exception&) {}
     }
 
     if (!fail1)
-       std::cout << "passed:";
+        std::cout << "passed:";
     else
-       std::cout << "FAILED:";
+        std::cout << "FAILED:";
     std::cout << "  128 zips and unzips" << std::endl;
 
     // **************************************************************
 
     try
     {
-        for (unsigned int i=0; i<128; ++i)
+        for (unsigned int i = 0; i<128; ++i)
         {
             std::string src, dest, rec;
             unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
@@ -232,35 +249,24 @@ bool TestCompressors()
 
             // Tamper
             try {
-                StringSource(dest.substr(0, len-2), true, new Inflator(new StringSink(rec)));
+                // If this fails once, its likely due to a collision on Adler32. A re-run should
+                // not witness another failure. If it fails more than once, then there's a problem.
+                StringSource(dest.substr(0, len - 2), true, new Inflator(new StringSink(rec)));
                 std::cout << "Deflate failed to detect a truncated stream\n";
                 fail2 = true;
-            } catch(const Exception&) { }
+            }
+            catch (const Exception&) {}
         }
     }
-    catch(const Exception&)
+    catch (const Exception&)
     {
         fail2 = true;
     }
 
     // **************************************************************
 
-    for (unsigned int i=0; i<128; i++)
-    {
-        // See if we can induce a crash
-        std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
-
-        src.resize(len);
-        GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
-
-        try {
-            StringSource(src, true, new Inflator(new StringSink(dest)));
-        } catch(const Exception&) {}
-    }
-
     // Inflate random data. See if we can induce a crash
-    for (unsigned int i=0; i<128; i++)
+    for (unsigned int i = 0; i<128; i++)
     {
         std::string src, dest;
         unsigned int len = GlobalRNG().GenerateWord32(8, 0xfff);
@@ -269,31 +275,48 @@ bool TestCompressors()
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
         src[0] = (byte)0x1f; src[1] = (byte)0x8b;  // magic Header
         src[2] = 0x00;  // extra flags
-        src[3] = src[3] & (2|4|8|16|32);  // flags
+        src[3] = src[3] & (2 | 4 | 8 | 16 | 32);  // flags
 
         // Don't allow ENCRYPTED|CONTINUED to over-run tests
-        if (src[3] & (2|32)) {
-            if (i%3 == 0) {src[3] &= ~2;}
-            if (i%3 == 1) {src[3] &= ~32;}
+        if (src[3] & (2 | 32)) {
+            if (i % 3 == 0) { src[3] &= ~2; }
+            if (i % 3 == 1) { src[3] &= ~32; }
         }
+
         // The remainder are extra headers and the payload
 
         try {
             StringSource(src, true, new Inflator(new StringSink(dest)));
-        } catch(const Exception&) {    }
+        }
+        catch (const Exception&) {}
+    }
+
+    // Inflate random data. See if we can induce a crash
+    for (unsigned int i = 0; i<128; i++)
+    {
+        std::string src, dest;
+        unsigned int len = GlobalRNG().GenerateWord32(8, 0xfff);
+
+        src.resize(len);
+        GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+        try {
+            StringSource(src, true, new Inflator(new StringSink(dest)));
+        }
+        catch (const Exception&) {}
     }
 
     if (!fail2)
-       std::cout << "passed:";
+        std::cout << "passed:";
     else
-       std::cout << "FAILED:";
+        std::cout << "FAILED:";
     std::cout << "  128 deflates and inflates\n";
 
     // **************************************************************
 
     try
     {
-        for (unsigned int i=0; i<128; ++i)
+        for (unsigned int i = 0; i<128; ++i)
         {
             std::string src, dest, rec;
             unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
@@ -302,42 +325,54 @@ bool TestCompressors()
             GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
 
             StringSource(src, true, new ZlibCompressor(new StringSink(dest)));
-            StringSource(dest, true, new ZlibDecompressor (new StringSink(rec)));
+            StringSource(dest, true, new ZlibDecompressor(new StringSink(rec)));
             if (src != rec)
                 throw Exception(Exception::OTHER_ERROR, "ZlibCompressor failed to decompress stream");
 
             // Tamper
             try {
-                StringSource(dest.substr(0, len-2), true, new ZlibDecompressor (new StringSink(rec)));
+                StringSource(dest.substr(0, len - 2), true, new ZlibDecompressor(new StringSink(rec)));
                 throw Exception(Exception::OTHER_ERROR, "ZlibCompressor failed to detect a truncated stream");
-            } catch(const Exception&) {}
+            }
+            catch (const Exception&) {}
         }
     }
-    catch(const Exception&)
+    catch (const Exception&)
     {
         fail3 = true;
     }
 
     // **************************************************************
 
-    // Unzip random data. See if we can induce a crash
-    for (unsigned int i=0; i<128; i++)
+    // Decompress random data. See if we can induce a crash
+    for (unsigned int i = 0; i<128; i++)
     {
         std::string src, dest;
-        unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
+        unsigned int len = GlobalRNG().GenerateWord32(8, 0xfff);
 
         src.resize(len);
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
 
+        // CMF byte
+        src[0] = (byte)(GlobalRNG().GenerateWord32(0, 14) << 4);
+        src[0] |= (byte)(GlobalRNG().GenerateWord32(0, 7));
+
+        // FLG byte
+        src[1] = (byte)(GlobalRNG().GenerateWord32(0, 7) << 5);
+        src[1] |= (byte)(31 - (src[0] * 256 + src[1]) % 31);
+
+        // The remainder are the payload, but missing Adler32
+
         try {
             StringSource(src, true, new ZlibDecompressor(new StringSink(dest)));
-        } catch(const Exception&) {    }
+        }
+        catch (const Exception&) {}
     }
 
     if (!fail3)
-       std::cout << "passed:";
+        std::cout << "passed:";
     else
-       std::cout << "FAILED:";
+        std::cout << "FAILED:";
     std::cout << "  128 zlib decompress and compress" << std::endl;
 
     // **************************************************************

From 9850576d0bf11da867fdec45257f0b5063c633e8 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 11 May 2017 17:59:20 -0400
Subject: [PATCH 140/200] Improve compressor error messages

---
 validat0.cpp | 31 +++++++++++++++++--------------
 1 file changed, 17 insertions(+), 14 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index ef324219..66547efc 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -172,13 +172,15 @@ bool TestCompressors()
             // Tamper
             try {
                 StringSource(dest.substr(0, len - 2), true, new Gunzip(new StringSink(rec)));
-                throw Exception(Exception::OTHER_ERROR, "Gzip failed to detect a truncated stream");
+                std::cout << "FAILED:   Gzip failed to detect a truncated stream\n";
+                fail1 = true;
             }
             catch (const Exception&) {}
         }
     }
-    catch (const Exception&)
+    catch (const Exception& ex)
     {
+        std::cout << "FAILED:   " << ex.what() << "\n";
         fail1 = true;
     }
 
@@ -209,7 +211,7 @@ bool TestCompressors()
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
         src[0] = (byte)0x1f; src[1] = (byte)0x8b;  // magic header
         src[2] = 0x00;  // extra flags
-        src[3] = src[3] & (2 | 4 | 8 | 16 | 32);  // flags
+        src[3] = src[3] & (2 | 4 | 8 | 16 | 32);   // flags
 
         // Don't allow ENCRYPTED|CONTINUED to over-run tests
         if (src[3] & (2 | 32)) {
@@ -245,21 +247,20 @@ bool TestCompressors()
             StringSource(src, true, new Deflator(new StringSink(dest)));
             StringSource(dest, true, new Inflator(new StringSink(rec)));
             if (src != rec)
-                throw Exception(Exception::OTHER_ERROR, "Deflate failed to decompress stream");
+                throw Exception(Exception::OTHER_ERROR, "Inflate failed to decompress stream");
 
             // Tamper
             try {
-                // If this fails once, its likely due to a collision on Adler32. A re-run should
-                // not witness another failure. If it fails more than once, then there's a problem.
-                StringSource(dest.substr(0, len - 2), true, new Inflator(new StringSink(rec)));
-                std::cout << "Deflate failed to detect a truncated stream\n";
+                StringSource(dest.substr(0, len - 2), true, new Gunzip(new StringSink(rec)));
+                std::cout << "FAILED:   Inflate failed to detect a truncated stream\n";
                 fail2 = true;
             }
             catch (const Exception&) {}
         }
     }
-    catch (const Exception&)
+    catch (const Exception& ex)
     {
+        std::cout << "FAILED:   " << ex.what() << "\n";
         fail2 = true;
     }
 
@@ -275,7 +276,7 @@ bool TestCompressors()
         GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
         src[0] = (byte)0x1f; src[1] = (byte)0x8b;  // magic Header
         src[2] = 0x00;  // extra flags
-        src[3] = src[3] & (2 | 4 | 8 | 16 | 32);  // flags
+        src[3] = src[3] & (2 | 4 | 8 | 16 | 32);   // flags
 
         // Don't allow ENCRYPTED|CONTINUED to over-run tests
         if (src[3] & (2 | 32)) {
@@ -327,18 +328,20 @@ bool TestCompressors()
             StringSource(src, true, new ZlibCompressor(new StringSink(dest)));
             StringSource(dest, true, new ZlibDecompressor(new StringSink(rec)));
             if (src != rec)
-                throw Exception(Exception::OTHER_ERROR, "ZlibCompressor failed to decompress stream");
+                throw Exception(Exception::OTHER_ERROR, "Zlib failed to decompress stream");
 
             // Tamper
             try {
-                StringSource(dest.substr(0, len - 2), true, new ZlibDecompressor(new StringSink(rec)));
-                throw Exception(Exception::OTHER_ERROR, "ZlibCompressor failed to detect a truncated stream");
+                StringSource(dest.substr(0, len - 2), true, new Gunzip(new StringSink(rec)));
+                std::cout << "FAILED:   Zlib failed to detect a truncated stream\n";
+                fail3 = true;
             }
             catch (const Exception&) {}
         }
     }
-    catch (const Exception&)
+    catch (const Exception& ex)
     {
+        std::cout << "FAILED:   " << ex.what() << "\n";
         fail3 = true;
     }
 

From ac6db2fa91744ed995bf0abcdc43e8e80491003d Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 12 May 2017 02:20:44 -0400
Subject: [PATCH 141/200] Fix parser break on OS X This was introduced at
 Commit e456cd2275bba020, and affected Uri during his rounds of testing. We
 also took the opportunity to write it in modern C++ (and remove the VC++ 6.0
 bug workaround)

---
 datatest.cpp | 77 ++++++++++++++++------------------------------------
 1 file changed, 23 insertions(+), 54 deletions(-)

diff --git a/datatest.cpp b/datatest.cpp
index 837db43f..fbde5313 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -659,6 +659,7 @@ void TestKeyDerivationFunction(TestData &v)
 
 bool GetField(std::istream &is, std::string &name, std::string &value)
 {
+	// ***** Name *****
 	name.clear();
 	is >> name;
 
@@ -678,67 +679,35 @@ bool GetField(std::istream &is, std::string &name, std::string &value)
 	while (is.peek() == ' ')
 		is.ignore(1);
 
-	// VC60 workaround: getline bug
-	char buffer[128];
+	// ***** Value *****
 	value.clear();
-	bool continueLine, space = false;
+	std::string line;
+	bool continueLine = true;
 
-	do
+	while (continueLine && std::getline(is, line))
 	{
+		// Leading, trailing and position. The leading iterator moves right, and trailing iterator
+		// moves left. When finished, the sub-string in the middle is the value for the name.
+		std::string::size_type l, t, p;
+		const std::string whitespace = " \r\n\t\v\f";
+
+		l = line.find_first_not_of(whitespace);
+		if (l == std::string::npos) { break; }
+		t = line.find_last_not_of(whitespace);
+
 		continueLine = false;
-		do
-		{
-			is.get(buffer, sizeof(buffer));
-
-			// Eat leading whispace on line continuation
-			if (continueLine == true)
-			{
-				size_t pos = 0;
-				while (buffer[pos] != '\0' && buffer[pos] != ' ')
-					pos++;
-				value += &buffer[pos];
-			}
-			else
-				value += buffer;
-			if (buffer[0] == ' ')
-				space = true;
-		}
-		while (buffer[0] != 0);
-		is.clear();
-		is.ignore();
-
-		if (!value.empty() && value[value.size()-1] == '\r')
-			value.resize(value.size()-1);
-
-		if (!value.empty() && value[value.size()-1] == '\\')
-		{
-			value.resize(value.size()-1);
+		if (t != std::string::npos && line[t] == '\\') {
 			continueLine = true;
-		}
-		else
-			continueLine = false;
-
-		std::string::size_type i = value.find('#');
-		if (i != std::string::npos)
-			value.erase(i);
-	}
-	while (continueLine);
-
-	// Strip intermediate spaces for some values.
-	if (space && (name == "Modulus" || name == "SubgroupOrder" || name == "SubgroupGenerator" ||
-		name == "PublicElement" || name == "PrivateExponent" || name == "Signature"))
-	{
-		std::string temp;
-		temp.reserve(value.size());
-
-		std::string::const_iterator it;
-		for(it = value.begin(); it != value.end(); it++)
-		{
-			if(*it != ' ')
-				temp.push_back(*it);
+			t = line.find_last_not_of(whitespace, t);
 		}
 
-		std::swap(temp, value);
+		p = line.find('#', l);
+		if (p < t) {
+			t = p;
+			t = line.find_last_not_of(whitespace, t);
+		}
+
+		value += line.substr(l, t - l + 1);
 	}
 
 	return true;

From d3986223a612791c8b9da6e29c6160f4a79644a4 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 12 May 2017 03:05:24 -0400
Subject: [PATCH 142/200] Add early continuation for parsing a continued line

---
 datatest.cpp | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/datatest.cpp b/datatest.cpp
index fbde5313..996fdb14 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -686,8 +686,11 @@ bool GetField(std::istream &is, std::string &name, std::string &value)
 
 	while (continueLine && std::getline(is, line))
 	{
-		// Leading, trailing and position. The leading iterator moves right, and trailing iterator
-		// moves left. When finished, the sub-string in the middle is the value for the name.
+		// Early out for immediately continuing a line
+		if (!line.empty() && line[0] == '\\') { continue; }
+
+		// Leading, trailing and temp position. The leading iterator moves right, and trailing
+		// iterator moves left.The sub-string in the middle is the value for the name.
 		std::string::size_type l, t, p;
 		const std::string whitespace = " \r\n\t\v\f";
 
@@ -698,7 +701,7 @@ bool GetField(std::istream &is, std::string &name, std::string &value)
 		continueLine = false;
 		if (t != std::string::npos && line[t] == '\\') {
 			continueLine = true;
-			t = line.find_last_not_of(whitespace, t);
+			t = line.find_last_not_of(whitespace, t-1);
 		}
 
 		p = line.find('#', l);
@@ -770,6 +773,9 @@ void TestDataFile(std::string filename, const NameValuePairs &overrideParameters
 
 		if (!GetField(file, name, value))
 			break;
+
+		// Can't assert value. Plaintext is sometimes empty.
+		// CRYPTOPP_ASSERT(!value.empty());
 		v[name] = value;
 
 		if (name == "Test" && (s_thorough || v["SlowTest"] != "1"))

From b160cb40e1e8615b53954dd571efaa846588bf1b Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 12 May 2017 03:09:06 -0400
Subject: [PATCH 143/200] Add comment concerning empty value

---
 datatest.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/datatest.cpp b/datatest.cpp
index 996fdb14..c68f6266 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -690,7 +690,8 @@ bool GetField(std::istream &is, std::string &name, std::string &value)
 		if (!line.empty() && line[0] == '\\') { continue; }
 
 		// Leading, trailing and temp position. The leading iterator moves right, and trailing
-		// iterator moves left.The sub-string in the middle is the value for the name.
+		// iterator moves left. The sub-string in the middle is the value for the name. The
+		// value can be an empty string. One Plaintext is often empty for algorithm testing.
 		std::string::size_type l, t, p;
 		const std::string whitespace = " \r\n\t\v\f";
 

From 3f9667f3cd7541291705de413f37b7471ce5c6e5 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 12 May 2017 03:50:37 -0400
Subject: [PATCH 144/200] Remove VC++ 6.0 workaround in datatest.cpp

---
 datatest.cpp | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/datatest.cpp b/datatest.cpp
index c68f6266..e15d795f 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -111,12 +111,11 @@ void PutDecodedDatumInto(const TestData &data, const char *name, BufferedTransfo
 		int repeat = 1;
 		if (s1[0] == 'r')
 		{
-			repeat = atoi(s1.c_str()+1);
+			repeat = ::atoi(s1.c_str()+1);
 			s1 = s1.substr(s1.find(' ')+1);
 		}
 
-		s2 = ""; // MSVC 6 doesn't have clear();
-
+		s2.clear();
 		if (s1[0] == '\"')
 		{
 			s2 = s1.substr(1, s1.find('\"', 1)-1);
@@ -708,7 +707,7 @@ bool GetField(std::istream &is, std::string &name, std::string &value)
 		p = line.find('#', l);
 		if (p < t) {
 			t = p;
-			t = line.find_last_not_of(whitespace, t);
+			t = line.find_last_not_of(whitespace, t-1);
 		}
 
 		value += line.substr(l, t - l + 1);
@@ -760,6 +759,7 @@ void TestDataFile(std::string filename, const NameValuePairs &overrideParameters
 	std::ifstream file(filename.c_str());
 	if (!file.good())
 		throw Exception(Exception::OTHER_ERROR, "Can not open file " + filename + " for reading");
+
 	TestData v;
 	s_currentTestData = &v;
 	std::string name, value, lastAlgName;

From 973de7712a63a7a08ffda24da3043e7f37f7f9aa Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 12 May 2017 14:25:25 -0400
Subject: [PATCH 145/200] Fix GetField for stray CR or LF The test vector
 rsa_pkcs1_1_5.txt is the torture test. We calculated an incorrect index when
 a line continuation was part of a comment

---
 datatest.cpp | 60 ++++++++++++++++++++++++++++++++++++++++------------
 1 file changed, 46 insertions(+), 14 deletions(-)

diff --git a/datatest.cpp b/datatest.cpp
index e15d795f..58be70be 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -656,6 +656,10 @@ void TestKeyDerivationFunction(TestData &v)
 		SignalTestFailure();
 }
 
+// GetField parses the name/value pairs. The tricky part is the insertion operator
+// because Unix&Linux uses LF, OS X uses CR, and Windows uses CRLF. If this function
+// is modified, then run 'cryptest.exe tv rsa_pkcs1_1_5' as a test. Its the parser
+// file from hell. If it can be parsed without error, then things are likely OK.
 bool GetField(std::istream &is, std::string &name, std::string &value)
 {
 	// ***** Name *****
@@ -685,31 +689,59 @@ bool GetField(std::istream &is, std::string &name, std::string &value)
 
 	while (continueLine && std::getline(is, line))
 	{
-		// Early out for immediately continuing a line
-		if (!line.empty() && line[0] == '\\') { continue; }
+		// Unix and Linux may have a stray \r because of Windows
+		if (!line.empty() && (line[line.size() - 1] == '\r' || line[line.size() - 1] == '\n')) {
+			line.erase(line.size()-1);
+		}
 
-		// Leading, trailing and temp position. The leading iterator moves right, and trailing
-		// iterator moves left. The sub-string in the middle is the value for the name. The
-		// value can be an empty string. One Plaintext is often empty for algorithm testing.
+		continueLine = false;
+		if (!line.empty())
+		{
+			// Early out for immediate line continuation
+			if (line[0] == '\\') {
+				continueLine = true;
+				continue;
+			}
+			// Check end of line. It must be last character
+			if (line[line.size() - 1] == '\\') {
+				continueLine = true;
+			}
+		}
+
+		// Leading, trailing and temp position. The leading position moves right, and
+		// trailing position moves left. The sub-string in the middle is the value for
+		// the name. We leave one space when line continuation is in effect, (and if
+		// present). The value can be an empty string. One Plaintext value is often
+		// empty for algorithm testing.
 		std::string::size_type l, t, p;
 		const std::string whitespace = " \r\n\t\v\f";
 
 		l = line.find_first_not_of(whitespace);
-		if (l == std::string::npos) { break; }
-		t = line.find_last_not_of(whitespace);
-
-		continueLine = false;
-		if (t != std::string::npos && line[t] == '\\') {
-			continueLine = true;
-			t = line.find_last_not_of(whitespace, t-1);
-		}
+		if (l == std::string::npos) { l = 0; }
+		t = line.find_last_not_of(whitespace+"\\");
+		if (l == std::string::npos) { t = line.size(); }
 
+		// Chop comment. Perform after setting continueLine
 		p = line.find('#', l);
 		if (p < t) {
 			t = p;
-			t = line.find_last_not_of(whitespace, t-1);
+			if (t) t--;
 		}
 
+		// Leave one whitespace if line continuation is in effect
+		if (continueLine)
+		{
+			if (l > 0 && ::isspace(line[l - 1]))
+			{
+				l--;
+			}
+			else if (t < line.size()-1 && ::isspace(line[t + 1]))
+			{
+				t++;
+			}
+		}
+
+		CRYPTOPP_ASSERT(t >= l);
 		value += line.substr(l, t - l + 1);
 	}
 

From d901ecd9a4debb625f0f7f24c0dc4178feb8c679 Mon Sep 17 00:00:00 2001
From: c0ff <dsbaikov@gmail.com>
Date: Fri, 12 May 2017 22:09:21 +0300
Subject: [PATCH 146/200] Gunzip: added GetFilename() and GetComment() methods
 (#418)

Add Filename, Filtetime and Comment support to Gzip classes
---
 gzip.cpp | 111 +++++++++++++++++++++++++++++++++++++++++++++++++++----
 gzip.h   |  43 +++++++++++++++++++++
 2 files changed, 146 insertions(+), 8 deletions(-)

diff --git a/gzip.cpp b/gzip.cpp
index 04568386..4b4869b4 100644
--- a/gzip.cpp
+++ b/gzip.cpp
@@ -5,19 +5,39 @@
 
 NAMESPACE_BEGIN(CryptoPP)
 
+// Checks whether the character is valid for ISO/IEC 8859-1 as required by RFC 1952
+static inline bool Is8859Character(char c) {
+	const unsigned char cc = static_cast<unsigned char>(c);
+	return (cc >= 32 && cc <= 126) || (cc >= 160 && cc <= 255);
+}
+
 void Gzip::WritePrestreamHeader()
 {
 	m_totalLen = 0;
 	m_crc.Restart();
 
+	int flags = 0;
+	if(!m_filename.empty())
+		flags |= FILENAME;
+	if(!m_comment.empty())
+		flags |= COMMENTS;
+
 	AttachedTransformation()->Put(MAGIC1);
 	AttachedTransformation()->Put(MAGIC2);
 	AttachedTransformation()->Put(DEFLATED);
-	AttachedTransformation()->Put(0);		// general flag
-	AttachedTransformation()->PutWord32(0);	// time stamp
-	byte extra = byte((GetDeflateLevel() == 1) ? FAST : ((GetDeflateLevel() == 9) ? SLOW : 0));
+	AttachedTransformation()->Put((byte)flags);		// general flag
+	AttachedTransformation()->PutWord32(m_filetime, LITTLE_ENDIAN_ORDER);	// time stamp
+	byte extra = (GetDeflateLevel() == 1) ? FAST : ((GetDeflateLevel() == 9) ? SLOW : 0);
 	AttachedTransformation()->Put(extra);
 	AttachedTransformation()->Put(GZIP_OS_CODE);
+
+	// Filename is NULL terminated, hence the +1
+	if(!m_filename.empty())
+		AttachedTransformation()->Put((const unsigned char*)m_filename.data(), m_filename.size() +1);
+
+	// Comment is NULL terminated, hence the +1
+	if(!m_comment.empty())
+		AttachedTransformation()->Put((const unsigned char*)m_comment.data(), m_comment.size() +1);
 }
 
 void Gzip::ProcessUncompressedData(const byte *inString, size_t length)
@@ -32,12 +52,44 @@ void Gzip::WritePoststreamTail()
 	m_crc.Final(crc);
 	AttachedTransformation()->Put(crc, 4);
 	AttachedTransformation()->PutWord32(m_totalLen, LITTLE_ENDIAN_ORDER);
+
+	m_filetime = 0;
+	m_filename.clear();
+	m_comment.clear();
+}
+
+void Gzip::SetComment(const std::string& comment, bool throwOnEncodingError)
+{
+	if(throwOnEncodingError)
+	{
+		for(size_t i = 0; i < comment.length(); i++) {
+			const char c = comment[i];
+			if(!Is8859Character(c))
+				throw InvalidDataFormat("The comment is not ISO/IEC 8859-1 encoded");
+		}
+	}
+
+	m_comment = comment;
+}
+
+void Gzip::SetFilename(const std::string& filename, bool throwOnEncodingError)
+{
+	if(throwOnEncodingError)
+	{
+		for(size_t i = 0; i < filename.length(); i++) {
+			const char c = filename[i];
+			if(!Is8859Character(c))
+				throw InvalidDataFormat("The filename is not ISO/IEC 8859-1 encoded");
+		}
+	}
+
+	m_filename = filename;
 }
 
 // *************************************************************
 
 Gunzip::Gunzip(BufferedTransformation *attachment, bool repeat, int propagation)
-	: Inflator(attachment, repeat, propagation), m_length(0)
+	: Inflator(attachment, repeat, propagation), m_length(0), m_filetime(0)
 {
 }
 
@@ -46,15 +98,20 @@ void Gunzip::ProcessPrestreamHeader()
 	m_length = 0;
 	m_crc.Restart();
 
+	m_filetime = 0;
+	m_filename.clear();
+	m_comment.clear();
+
 	byte buf[6];
 	byte b, flags;
 
 	if (m_inQueue.Get(buf, 2)!=2) throw HeaderErr();
 	if (buf[0] != MAGIC1 || buf[1] != MAGIC2) throw HeaderErr();
-	if (!m_inQueue.Skip(1)) throw HeaderErr();	 // skip extra flags
+	if (!m_inQueue.Get(b) || (b != DEFLATED)) throw HeaderErr();	 // skip CM flag
 	if (!m_inQueue.Get(flags)) throw HeaderErr();
 	if (flags & (ENCRYPTED | CONTINUED)) throw HeaderErr();
-	if (m_inQueue.Skip(6)!=6) throw HeaderErr();    // Skip file time, extra flags and OS type
+	if (m_inQueue.GetWord32(m_filetime, LITTLE_ENDIAN_ORDER) != 4) throw HeaderErr();
+	if (m_inQueue.Skip(2)!=2) throw HeaderErr();    // Skip extra flags and OS type
 
 	if (flags & EXTRA_FIELDS)	// skip extra fields
 	{
@@ -63,15 +120,25 @@ void Gunzip::ProcessPrestreamHeader()
 		if (m_inQueue.Skip(length)!=length) throw HeaderErr();
 	}
 
-	if (flags & FILENAME)	// skip filename
+	if (flags & FILENAME)	// extract filename
+	{
 		do
+		{
 			if(!m_inQueue.Get(b)) throw HeaderErr();
+			if(b) m_filename.append( 1, (char)b );
+		}
 		while (b);
+	}
 
-	if (flags & COMMENTS)	// skip comments
+	if (flags & COMMENTS)	// extract comments
+	{
 		do
+		{
 			if(!m_inQueue.Get(b)) throw HeaderErr();
+			if(b) m_comment.append( 1, (char)b );
+		}
 		while (b);
+	}
 }
 
 void Gunzip::ProcessDecompressedData(const byte *inString, size_t length)
@@ -96,4 +163,32 @@ void Gunzip::ProcessPoststreamTail()
 		throw LengthErr();
 }
 
+const std::string& Gunzip::GetComment(bool throwOnEncodingError) const
+{
+	if(throwOnEncodingError)
+	{
+		for(size_t i = 0; i < m_comment.length(); i++) {
+			const char c = m_comment[i];
+			if(!Is8859Character(c))
+				throw InvalidDataFormat("The comment is not ISO/IEC 8859-1 encoded");
+		}
+	}
+
+	return m_comment;
+}
+
+const std::string& Gunzip::GetFilename(bool throwOnEncodingError) const
+{
+	if(throwOnEncodingError)
+	{
+		for(size_t i = 0; i < m_filename.length(); i++) {
+			const char c = m_filename[i];
+			if(!Is8859Character(c))
+				throw InvalidDataFormat("The filename is not ISO/IEC 8859-1 encoded");
+		}
+	}
+
+	return m_filename;
+}
+
 NAMESPACE_END
diff --git a/gzip.h b/gzip.h
index a53a23e4..3f7b7cdc 100644
--- a/gzip.h
+++ b/gzip.h
@@ -35,9 +35,29 @@ public:
 	Gzip(const NameValuePairs &parameters, BufferedTransformation *attachment=NULLPTR)
 		: Deflator(parameters, attachment), m_totalLen(0) {}
 
+	//! \param filetime the filetime to set in the header. The application is responsible for setting it.
+	void SetFiletime(word32 filetime) { m_filetime = filetime; }
+    
+	//! \param filename the original filename to set in the header. The application is responsible for setting it.
+	//!        RFC 1952 requires a ISO/IEC 8859-1 encoding.
+	//! \param throwOnEncodingError if throwOnEncodingError is true, then the filename is checked to ensure it is
+	//!        ISO/IEC 8859-1 encoded. If the filename does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat
+	//!        is thrown. If throwOnEncodingError is false then the filename is not checked.
+	void SetFilename(const std::string& filename, bool throwOnEncodingError = false);
+    
+	//! \param comment the comment to set in the header. The application is responsible for setting it.
+	//!        RFC 1952 requires a ISO/IEC 8859-1 encoding.
+	//! \param throwOnEncodingError if throwOnEncodingError is true, then the comment is checked to ensure it is
+	//!        ISO/IEC 8859-1 encoded. If the comment does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat
+	//!        is thrown. If throwOnEncodingError is false then the comment is not checked.
+	void SetComment(const std::string& comment, bool throwOnEncodingError = false);
+
 protected:
 	enum {MAGIC1=0x1f, MAGIC2=0x8b,   // flags for the header
 		  DEFLATED=8, FAST=4, SLOW=2};
+    
+	enum FLAG_MASKS {
+		FILENAME=8, COMMENTS=16};
 
 	void WritePrestreamHeader();
 	void ProcessUncompressedData(const byte *string, size_t length);
@@ -45,6 +65,10 @@ protected:
 
 	word32 m_totalLen;
 	CRC32 m_crc;
+    
+	word32 m_filetime;
+	std::string m_filename;
+	std::string m_comment;
 };
 
 //! \class Gunzip
@@ -73,6 +97,21 @@ public:
 	//! \param autoSignalPropagation 0 to turn off MessageEnd signal
 	Gunzip(BufferedTransformation *attachment = NULLPTR, bool repeat = false, int autoSignalPropagation = -1);
 
+	//! \return the filetime of the stream as set in the header. The application is responsible for setting it on the decompressed file.
+	word32 GetFiletime() const { return m_filetime; }
+    
+	//! \return the filename of the stream as set in the header. The application is responsible for setting it on the decompressed file.
+	//! \param throwOnEncodingError if throwOnEncodingError is true, then the filename is checked to ensure it is
+	//!        ISO/IEC 8859-1 encoded. If the filename does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat is thrown.
+	//!        If throwOnEncodingError is false then the filename is not checked.
+	const std::string& GetFilename(bool throwOnEncodingError = false) const;
+    
+	//! \return the comment of the stream as set in the header.
+	//! \param throwOnEncodingError if throwOnEncodingError is true, then the comment is checked to ensure it is
+	//!        ISO/IEC 8859-1 encoded. If the comment does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat is thrown.
+	//!        If throwOnEncodingError is false then the comment is not checked.
+	const std::string& GetComment(bool throwOnEncodingError = false) const;
+
 protected:
 	enum {
 		//! \brief First header magic value
@@ -94,6 +133,10 @@ protected:
 
 	word32 m_length;
 	CRC32 m_crc;
+
+	word32 m_filetime;
+	std::string m_filename;
+	std::string m_comment;
 };
 
 NAMESPACE_END

From 591b13934336a73edcc429f27d340a5fb91d51c6 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 12 May 2017 15:29:03 -0400
Subject: [PATCH 147/200] Write MTIME in big-endian order Whitespace

---
 gzip.cpp |  4 ++--
 gzip.h   | 12 ++++++------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/gzip.cpp b/gzip.cpp
index 4b4869b4..27972a1d 100644
--- a/gzip.cpp
+++ b/gzip.cpp
@@ -26,7 +26,7 @@ void Gzip::WritePrestreamHeader()
 	AttachedTransformation()->Put(MAGIC2);
 	AttachedTransformation()->Put(DEFLATED);
 	AttachedTransformation()->Put((byte)flags);		// general flag
-	AttachedTransformation()->PutWord32(m_filetime, LITTLE_ENDIAN_ORDER);	// time stamp
+	AttachedTransformation()->PutWord32(m_filetime, BIG_ENDIAN_ORDER);	// time stamp
 	byte extra = (GetDeflateLevel() == 1) ? FAST : ((GetDeflateLevel() == 9) ? SLOW : 0);
 	AttachedTransformation()->Put(extra);
 	AttachedTransformation()->Put(GZIP_OS_CODE);
@@ -51,7 +51,7 @@ void Gzip::WritePoststreamTail()
 	SecByteBlock crc(4);
 	m_crc.Final(crc);
 	AttachedTransformation()->Put(crc, 4);
-	AttachedTransformation()->PutWord32(m_totalLen, LITTLE_ENDIAN_ORDER);
+	AttachedTransformation()->PutWord32(m_totalLen, BIG_ENDIAN_ORDER);
 
 	m_filetime = 0;
 	m_filename.clear();
diff --git a/gzip.h b/gzip.h
index 3f7b7cdc..271ff500 100644
--- a/gzip.h
+++ b/gzip.h
@@ -37,14 +37,14 @@ public:
 
 	//! \param filetime the filetime to set in the header. The application is responsible for setting it.
 	void SetFiletime(word32 filetime) { m_filetime = filetime; }
-    
+
 	//! \param filename the original filename to set in the header. The application is responsible for setting it.
 	//!        RFC 1952 requires a ISO/IEC 8859-1 encoding.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the filename is checked to ensure it is
 	//!        ISO/IEC 8859-1 encoded. If the filename does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat
 	//!        is thrown. If throwOnEncodingError is false then the filename is not checked.
 	void SetFilename(const std::string& filename, bool throwOnEncodingError = false);
-    
+
 	//! \param comment the comment to set in the header. The application is responsible for setting it.
 	//!        RFC 1952 requires a ISO/IEC 8859-1 encoding.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the comment is checked to ensure it is
@@ -55,7 +55,7 @@ public:
 protected:
 	enum {MAGIC1=0x1f, MAGIC2=0x8b,   // flags for the header
 		  DEFLATED=8, FAST=4, SLOW=2};
-    
+
 	enum FLAG_MASKS {
 		FILENAME=8, COMMENTS=16};
 
@@ -65,7 +65,7 @@ protected:
 
 	word32 m_totalLen;
 	CRC32 m_crc;
-    
+
 	word32 m_filetime;
 	std::string m_filename;
 	std::string m_comment;
@@ -99,13 +99,13 @@ public:
 
 	//! \return the filetime of the stream as set in the header. The application is responsible for setting it on the decompressed file.
 	word32 GetFiletime() const { return m_filetime; }
-    
+
 	//! \return the filename of the stream as set in the header. The application is responsible for setting it on the decompressed file.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the filename is checked to ensure it is
 	//!        ISO/IEC 8859-1 encoded. If the filename does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat is thrown.
 	//!        If throwOnEncodingError is false then the filename is not checked.
 	const std::string& GetFilename(bool throwOnEncodingError = false) const;
-    
+
 	//! \return the comment of the stream as set in the header.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the comment is checked to ensure it is
 	//!        ISO/IEC 8859-1 encoded. If the comment does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat is thrown.

From cfa339535bdf15054cf9fee7861f963630b0213e Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 12 May 2017 16:51:03 -0400
Subject: [PATCH 148/200] Revert "Write MTIME in big-endian order"

This reverts commit 591b13934336. RFC 1952 states the bytes are written in little-endian order, not big-endian. That includes MTIME.
---
 gzip.cpp |  4 ++--
 gzip.h   | 12 ++++++------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/gzip.cpp b/gzip.cpp
index 27972a1d..4b4869b4 100644
--- a/gzip.cpp
+++ b/gzip.cpp
@@ -26,7 +26,7 @@ void Gzip::WritePrestreamHeader()
 	AttachedTransformation()->Put(MAGIC2);
 	AttachedTransformation()->Put(DEFLATED);
 	AttachedTransformation()->Put((byte)flags);		// general flag
-	AttachedTransformation()->PutWord32(m_filetime, BIG_ENDIAN_ORDER);	// time stamp
+	AttachedTransformation()->PutWord32(m_filetime, LITTLE_ENDIAN_ORDER);	// time stamp
 	byte extra = (GetDeflateLevel() == 1) ? FAST : ((GetDeflateLevel() == 9) ? SLOW : 0);
 	AttachedTransformation()->Put(extra);
 	AttachedTransformation()->Put(GZIP_OS_CODE);
@@ -51,7 +51,7 @@ void Gzip::WritePoststreamTail()
 	SecByteBlock crc(4);
 	m_crc.Final(crc);
 	AttachedTransformation()->Put(crc, 4);
-	AttachedTransformation()->PutWord32(m_totalLen, BIG_ENDIAN_ORDER);
+	AttachedTransformation()->PutWord32(m_totalLen, LITTLE_ENDIAN_ORDER);
 
 	m_filetime = 0;
 	m_filename.clear();
diff --git a/gzip.h b/gzip.h
index 271ff500..3f7b7cdc 100644
--- a/gzip.h
+++ b/gzip.h
@@ -37,14 +37,14 @@ public:
 
 	//! \param filetime the filetime to set in the header. The application is responsible for setting it.
 	void SetFiletime(word32 filetime) { m_filetime = filetime; }
-
+    
 	//! \param filename the original filename to set in the header. The application is responsible for setting it.
 	//!        RFC 1952 requires a ISO/IEC 8859-1 encoding.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the filename is checked to ensure it is
 	//!        ISO/IEC 8859-1 encoded. If the filename does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat
 	//!        is thrown. If throwOnEncodingError is false then the filename is not checked.
 	void SetFilename(const std::string& filename, bool throwOnEncodingError = false);
-
+    
 	//! \param comment the comment to set in the header. The application is responsible for setting it.
 	//!        RFC 1952 requires a ISO/IEC 8859-1 encoding.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the comment is checked to ensure it is
@@ -55,7 +55,7 @@ public:
 protected:
 	enum {MAGIC1=0x1f, MAGIC2=0x8b,   // flags for the header
 		  DEFLATED=8, FAST=4, SLOW=2};
-
+    
 	enum FLAG_MASKS {
 		FILENAME=8, COMMENTS=16};
 
@@ -65,7 +65,7 @@ protected:
 
 	word32 m_totalLen;
 	CRC32 m_crc;
-
+    
 	word32 m_filetime;
 	std::string m_filename;
 	std::string m_comment;
@@ -99,13 +99,13 @@ public:
 
 	//! \return the filetime of the stream as set in the header. The application is responsible for setting it on the decompressed file.
 	word32 GetFiletime() const { return m_filetime; }
-
+    
 	//! \return the filename of the stream as set in the header. The application is responsible for setting it on the decompressed file.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the filename is checked to ensure it is
 	//!        ISO/IEC 8859-1 encoded. If the filename does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat is thrown.
 	//!        If throwOnEncodingError is false then the filename is not checked.
 	const std::string& GetFilename(bool throwOnEncodingError = false) const;
-
+    
 	//! \return the comment of the stream as set in the header.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the comment is checked to ensure it is
 	//!        ISO/IEC 8859-1 encoded. If the comment does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat is thrown.

From e3ae7000eaf92cf1cfa6f546ec1a0f6d84543f34 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 12 May 2017 16:53:07 -0400
Subject: [PATCH 149/200] Whitespace check-in

---
 gzip.h | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/gzip.h b/gzip.h
index 3f7b7cdc..271ff500 100644
--- a/gzip.h
+++ b/gzip.h
@@ -37,14 +37,14 @@ public:
 
 	//! \param filetime the filetime to set in the header. The application is responsible for setting it.
 	void SetFiletime(word32 filetime) { m_filetime = filetime; }
-    
+
 	//! \param filename the original filename to set in the header. The application is responsible for setting it.
 	//!        RFC 1952 requires a ISO/IEC 8859-1 encoding.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the filename is checked to ensure it is
 	//!        ISO/IEC 8859-1 encoded. If the filename does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat
 	//!        is thrown. If throwOnEncodingError is false then the filename is not checked.
 	void SetFilename(const std::string& filename, bool throwOnEncodingError = false);
-    
+
 	//! \param comment the comment to set in the header. The application is responsible for setting it.
 	//!        RFC 1952 requires a ISO/IEC 8859-1 encoding.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the comment is checked to ensure it is
@@ -55,7 +55,7 @@ public:
 protected:
 	enum {MAGIC1=0x1f, MAGIC2=0x8b,   // flags for the header
 		  DEFLATED=8, FAST=4, SLOW=2};
-    
+
 	enum FLAG_MASKS {
 		FILENAME=8, COMMENTS=16};
 
@@ -65,7 +65,7 @@ protected:
 
 	word32 m_totalLen;
 	CRC32 m_crc;
-    
+
 	word32 m_filetime;
 	std::string m_filename;
 	std::string m_comment;
@@ -99,13 +99,13 @@ public:
 
 	//! \return the filetime of the stream as set in the header. The application is responsible for setting it on the decompressed file.
 	word32 GetFiletime() const { return m_filetime; }
-    
+
 	//! \return the filename of the stream as set in the header. The application is responsible for setting it on the decompressed file.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the filename is checked to ensure it is
 	//!        ISO/IEC 8859-1 encoded. If the filename does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat is thrown.
 	//!        If throwOnEncodingError is false then the filename is not checked.
 	const std::string& GetFilename(bool throwOnEncodingError = false) const;
-    
+
 	//! \return the comment of the stream as set in the header.
 	//! \param throwOnEncodingError if throwOnEncodingError is true, then the comment is checked to ensure it is
 	//!        ISO/IEC 8859-1 encoded. If the comment does not adhere to ISO/IEC 8859-1, then a InvalidDataFormat is thrown.

From 78db20d9395f05a2b41774e103011eaca467e31a Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 12 May 2017 19:52:42 -0400
Subject: [PATCH 150/200] Add FileName, FileTime and Comment to argnames.h Add
 self tests to verify handling of filenames, filetimes and comments

---
 argnames.h   |  3 +++
 gzip.cpp     | 11 ++++++++++
 gzip.h       | 10 +++++++--
 validat0.cpp | 58 ++++++++++++++++++++++++++++++++++++++++++++--------
 4 files changed, 72 insertions(+), 10 deletions(-)

diff --git a/argnames.h b/argnames.h
index e80115b8..a6fbb07a 100644
--- a/argnames.h
+++ b/argnames.h
@@ -88,6 +88,9 @@ CRYPTOPP_DEFINE_NAME_STRING(Salt)				//!< ConstByteArrayParameter
 CRYPTOPP_DEFINE_NAME_STRING(Tweak)				//!< ConstByteArrayParameter
 CRYPTOPP_DEFINE_NAME_STRING(SaltSize)			//!< int, in bytes
 CRYPTOPP_DEFINE_NAME_STRING(TreeMode)			//< byte
+CRYPTOPP_DEFINE_NAME_STRING(FileName)			//!< const char *
+CRYPTOPP_DEFINE_NAME_STRING(FileTime)			//!< int
+CRYPTOPP_DEFINE_NAME_STRING(Comment)			//!< const char *
 DOCUMENTED_NAMESPACE_END
 
 NAMESPACE_END
diff --git a/gzip.cpp b/gzip.cpp
index 4b4869b4..331ce019 100644
--- a/gzip.cpp
+++ b/gzip.cpp
@@ -2,6 +2,7 @@
 
 #include "pch.h"
 #include "gzip.h"
+#include "argnames.h"
 
 NAMESPACE_BEGIN(CryptoPP)
 
@@ -11,6 +12,16 @@ static inline bool Is8859Character(char c) {
 	return (cc >= 32 && cc <= 126) || (cc >= 160 && cc <= 255);
 }
 
+void Gzip::IsolatedInitialize(const NameValuePairs &parameters)
+{
+	ConstByteArrayParameter v;
+	if (parameters.GetValue(Name::FileName(), v))
+		m_filename.assign(reinterpret_cast<const char*>(v.begin()), v.size());
+	if (parameters.GetValue(Name::Comment(), v))
+		m_comment.assign(reinterpret_cast<const char*>(v.begin()), v.size());
+	m_filetime = parameters.GetIntValueWithDefault(Name::FileTime(), 0);
+}
+
 void Gzip::WritePrestreamHeader()
 {
 	m_totalLen = 0;
diff --git a/gzip.h b/gzip.h
index 271ff500..0c3f53df 100644
--- a/gzip.h
+++ b/gzip.h
@@ -27,13 +27,17 @@ public:
 	//!   if a file has both compressible and uncompressible parts, it may fail to compress
 	//!   some of the compressible parts.
 	Gzip(BufferedTransformation *attachment=NULLPTR, unsigned int deflateLevel=DEFAULT_DEFLATE_LEVEL, unsigned int log2WindowSize=DEFAULT_LOG2_WINDOW_SIZE, bool detectUncompressible=true)
-		: Deflator(attachment, deflateLevel, log2WindowSize, detectUncompressible), m_totalLen(0) {}
+		: Deflator(attachment, deflateLevel, log2WindowSize, detectUncompressible), m_totalLen(0) { }
+
 	//! \brief Construct a Gzip compressor
 	//! \param parameters a set of NameValuePairs to initialize this object
 	//! \param attachment an attached transformation
 	//! \details Possible parameter names: Log2WindowSize, DeflateLevel, DetectUncompressible
 	Gzip(const NameValuePairs &parameters, BufferedTransformation *attachment=NULLPTR)
-		: Deflator(parameters, attachment), m_totalLen(0) {}
+		: Deflator(parameters, attachment), m_totalLen(0)
+	{
+		IsolatedInitialize(parameters);
+	}
 
 	//! \param filetime the filetime to set in the header. The application is responsible for setting it.
 	void SetFiletime(word32 filetime) { m_filetime = filetime; }
@@ -52,6 +56,8 @@ public:
 	//!        is thrown. If throwOnEncodingError is false then the comment is not checked.
 	void SetComment(const std::string& comment, bool throwOnEncodingError = false);
 
+	void IsolatedInitialize(const NameValuePairs &parameters);
+
 protected:
 	enum {MAGIC1=0x1f, MAGIC2=0x8b,   // flags for the header
 		  DEFLATED=8, FAST=4, SLOW=2};
diff --git a/validat0.cpp b/validat0.cpp
index 66547efc..95f84d98 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -172,7 +172,7 @@ bool TestCompressors()
             // Tamper
             try {
                 StringSource(dest.substr(0, len - 2), true, new Gunzip(new StringSink(rec)));
-                std::cout << "FAILED:   Gzip failed to detect a truncated stream\n";
+                std::cout << "FAILED:  Gzip failed to detect a truncated stream\n";
                 fail1 = true;
             }
             catch (const Exception&) {}
@@ -186,6 +186,42 @@ bool TestCompressors()
 
     // **************************************************************
 
+    // Gzip Filename, Filetime and Comment
+    try
+    {
+        std::string filename = "test.txt";
+        std::string comment = "This is a test";
+        word32 filetime = GlobalRNG().GenerateWord32(0, 0xffffff);
+
+        AlgorithmParameters params = MakeParameters(Name::FileTime(), (int)filetime)
+            (Name::FileName(), ConstByteArrayParameter(filename.c_str(), false))
+            (Name::Comment(), ConstByteArrayParameter(comment.c_str(), false));
+
+        std::string src, dest;
+        unsigned int len = GlobalRNG().GenerateWord32(0, 0xfff);
+
+        src.resize(len);
+        GlobalRNG().GenerateBlock(reinterpret_cast<byte*>(&src[0]), src.size());
+
+        Gunzip unzip(new StringSink(dest));
+        StringSource(src, true, new Gzip(params, new Redirector(unzip)));
+
+        if (filename != unzip.GetFilename())
+            throw Exception(Exception::OTHER_ERROR, "Failed to retrieve filename");
+
+        if (filetime != unzip.GetFiletime())
+            throw Exception(Exception::OTHER_ERROR, "Failed to retrieve filetime");
+
+        if (comment != unzip.GetComment())
+            throw Exception(Exception::OTHER_ERROR, "Failed to retrieve comment");
+
+        std::cout << "passed:  filenames, filetimes and comments\n";
+    }
+    catch (const Exception& ex)
+    {
+        std::cout << "FAILED:  " << ex.what() << "\n";
+    }
+
     // Unzip random data. See if we can induce a crash
     for (unsigned int i = 0; i<128; i++)
     {
@@ -213,11 +249,17 @@ bool TestCompressors()
         src[2] = 0x00;  // extra flags
         src[3] = src[3] & (2 | 4 | 8 | 16 | 32);   // flags
 
-        // Don't allow ENCRYPTED|CONTINUED to over-run tests
-        if (src[3] & (2 | 32)) {
-            if (i % 3 == 0) { src[3] &= ~2; }
-            if (i % 3 == 1) { src[3] &= ~32; }
-        }
+        // Commit d901ecd9a4de added Filenames, Filetimes and Comments. Gzip does
+        // not specify a length for them; rather, they are NULL terminated. We add
+        // a couple of NULLs in random places near filenames and comments to ensure
+        // we are getting coverage in areas beyond the header.
+        len = GlobalRNG().GenerateWord32(12, 24);
+        if (len < src.size())  // guard it to ensure in-bounds
+            src[len] = (byte)0x00;
+        len = GlobalRNG().GenerateWord32(12+len, 24+len);
+        if (len < src.size())  // guard it to ensure in-bounds
+            src[len] = (byte)0x00;
+
         // The remainder are extra headers and the payload
 
         try {
@@ -252,7 +294,7 @@ bool TestCompressors()
             // Tamper
             try {
                 StringSource(dest.substr(0, len - 2), true, new Gunzip(new StringSink(rec)));
-                std::cout << "FAILED:   Inflate failed to detect a truncated stream\n";
+                std::cout << "FAILED:  Inflate failed to detect a truncated stream\n";
                 fail2 = true;
             }
             catch (const Exception&) {}
@@ -333,7 +375,7 @@ bool TestCompressors()
             // Tamper
             try {
                 StringSource(dest.substr(0, len - 2), true, new Gunzip(new StringSink(rec)));
-                std::cout << "FAILED:   Zlib failed to detect a truncated stream\n";
+                std::cout << "FAILED:  Zlib failed to detect a truncated stream\n";
                 fail3 = true;
             }
             catch (const Exception&) {}

From 0611e1150778dec829b5bc42e20641356bbca9fa Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 12 May 2017 23:51:27 -0400
Subject: [PATCH 151/200] Disable word128 for PPC64 and GCC 4.8 (Issue 421)

---
 config.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/config.h b/config.h
index 00e580d0..b4a4bc54 100644
--- a/config.h
+++ b/config.h
@@ -258,8 +258,9 @@ const lword LWORD_MAX = W64LIT(0xffffffffffffffff);
 #else
 	#define CRYPTOPP_NATIVE_DWORD_AVAILABLE 1
 	#if defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || defined(__x86_64__) || defined(__mips64) || defined(__sparc64__)
-		#if defined(__GNUC__) && !defined(__INTEL_COMPILER) && !(CRYPTOPP_GCC_VERSION == 40001 && defined(__APPLE__)) && CRYPTOPP_GCC_VERSION >= 30400
+#if defined(__GNUC__) && !defined(__INTEL_COMPILER) && !(CRYPTOPP_GCC_VERSION == 40001 && defined(__APPLE__)) && !(defined(__GNUC__) && CRYPTOPP_GCC_VERSION < 50000 && defined(_ARCH_PPC64)) && CRYPTOPP_GCC_VERSION >= 30400
 			// GCC 4.0.1 on MacOS X is missing __umodti3 and __udivti3
+			// GCC 4.8.3 and bad uint128_t ops on PPC64/POWER7 (Issue 421)
 			// mode(TI) division broken on amd64 with GCC earlier than GCC 3.4
 			typedef word32 hword;
 			typedef word64 word;

From e226523b05b5d6ab99f68961246091fbc28195e9 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 13 May 2017 16:28:05 -0400
Subject: [PATCH 152/200] Call cipher.SetKey() before cipher.BlockSize() (Issue
 408)

Variable block size ciphers need the key set before they can return an accurate size for BlockSize(). This issue surfaced during Kalyna testing with authenticated encryption modes. In particular, EAX mode, which effectively uses CMAC:

    AlgorithmParameters params = MakeParameters(Name::BlockSize(), 64)
        (Name::IV(), ConstByteArrayParameter((const byte *)iv, 64));

    EAX<Kalyna>::Encryption kalyna;
    kalyna.SetKey(key, 64, params);
---
 cmac.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cmac.cpp b/cmac.cpp
index 09ce4d31..f8570a7f 100644
--- a/cmac.cpp
+++ b/cmac.cpp
@@ -43,9 +43,9 @@ static void MulU(byte *k, unsigned int length)
 void CMAC_Base::UncheckedSetKey(const byte *key, unsigned int length, const NameValuePairs &params)
 {
 	BlockCipher &cipher = AccessCipher();
-	unsigned int blockSize = cipher.BlockSize();
-
 	cipher.SetKey(key, length, params);
+
+	unsigned int blockSize = cipher.BlockSize();
 	m_reg.CleanNew(3*blockSize);
 	m_counter = 0;
 

From 7697857481f51c51766943d0487b08045efefd87 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 13 May 2017 17:36:29 -0400
Subject: [PATCH 153/200] Add polynomial for 512-bit block ciphers I believe
 this is correct, but it may be wrong. According to the Kalyna team, the
 polynomial for GCM mode is x^512 + x^8 + x^5 + x^2 + 1. It appears the
 polinomial applies to other block cipher modes of operations, like
 CMAC.Dropping the first term and evaluating the remaining terms at X=2
 results in 293 (0x125)

---
 cmac.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/cmac.cpp b/cmac.cpp
index f8570a7f..ca04d0bd 100644
--- a/cmac.cpp
+++ b/cmac.cpp
@@ -31,9 +31,15 @@ static void MulU(byte *k, unsigned int length)
 			k[15] ^= 0x87;
 			break;
 		case 32:
+			// Should this be 0x425?
 			k[30] ^= 4;
 			k[31] ^= 0x23;
 			break;
+		case 64:
+			// https://crypto.stackexchange.com/q/9815/10496
+			k[62] ^= 1;
+			k[63] ^= 0x25;
+			break;
 		default:
 			throw InvalidArgument("CMAC: " + IntToString(length) + " is not a supported cipher block size");
 		}

From d654c893ef4658da83ed5753cb4c360e60e5afa3 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 13 May 2017 19:15:46 -0400
Subject: [PATCH 154/200] Add polynomial for 1024-bit block cipher. This will
 support Threefish and its 1024-bit block size. I believe this is correct, but
 it may be wrong. According to "Table of Low-Weight Binary Irreducible
 Polynomials" (http://www.hpl.hp.com/techreports/98/HPL-98-135.pdf), the
 polynomial is x^1024 + x^19 + x^6 + x + 1.

---
 cmac.cpp | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/cmac.cpp b/cmac.cpp
index ca04d0bd..81047827 100644
--- a/cmac.cpp
+++ b/cmac.cpp
@@ -31,15 +31,24 @@ static void MulU(byte *k, unsigned int length)
 			k[15] ^= 0x87;
 			break;
 		case 32:
-			// Should this be 0x425?
+			// https://crypto.stackexchange.com/q/9815/10496
+			// Polynomial x^256 + x^10 + x^5 + x + 1
 			k[30] ^= 4;
 			k[31] ^= 0x23;
 			break;
 		case 64:
 			// https://crypto.stackexchange.com/q/9815/10496
+			// Polynomial x^512 + x^8 + x^5 + x^2 + 1
 			k[62] ^= 1;
 			k[63] ^= 0x25;
 			break;
+		case 128:
+			// https://crypto.stackexchange.com/q/9815/10496
+			// Polynomial x^1024 + x^19 + x^6 + x + 1
+			k[126] ^= 8;
+			k[126] ^= 0x00;
+			k[127] ^= 0x43;
+			break;
 		default:
 			throw InvalidArgument("CMAC: " + IntToString(length) + " is not a supported cipher block size");
 		}

From cea45eb024b73a11598fb9f9f697c00781c22db8 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 13 May 2017 19:18:24 -0400
Subject: [PATCH 155/200] Revert "Add polynomial for 1024-bit block cipher."

This reverts commit d654c893ef4658da83ed5753cb4c360e60e5afa3. The polinomial for 1024-bit block sizes had a typo.
---
 cmac.cpp | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/cmac.cpp b/cmac.cpp
index 81047827..ca04d0bd 100644
--- a/cmac.cpp
+++ b/cmac.cpp
@@ -31,24 +31,15 @@ static void MulU(byte *k, unsigned int length)
 			k[15] ^= 0x87;
 			break;
 		case 32:
-			// https://crypto.stackexchange.com/q/9815/10496
-			// Polynomial x^256 + x^10 + x^5 + x + 1
+			// Should this be 0x425?
 			k[30] ^= 4;
 			k[31] ^= 0x23;
 			break;
 		case 64:
 			// https://crypto.stackexchange.com/q/9815/10496
-			// Polynomial x^512 + x^8 + x^5 + x^2 + 1
 			k[62] ^= 1;
 			k[63] ^= 0x25;
 			break;
-		case 128:
-			// https://crypto.stackexchange.com/q/9815/10496
-			// Polynomial x^1024 + x^19 + x^6 + x + 1
-			k[126] ^= 8;
-			k[126] ^= 0x00;
-			k[127] ^= 0x43;
-			break;
 		default:
 			throw InvalidArgument("CMAC: " + IntToString(length) + " is not a supported cipher block size");
 		}

From bc2678478ce9bf008d3111b9414b3c05bd539213 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 13 May 2017 19:23:24 -0400
Subject: [PATCH 156/200] Add polynomial for 1024-bit block cipher. This will
 support Threefish and its 1024-bit block size. I believe this is correct, but
 it may be wrong. According to "Table of Low-Weight Binary Irreducible
 Polynomials" (http://www.hpl.hp.com/techreports/98/HPL-98-135.pdf), the
 polynomial is x^1024 + x^19 + x^6 + x + 1.

---
 cmac.cpp | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/cmac.cpp b/cmac.cpp
index ca04d0bd..1b56662d 100644
--- a/cmac.cpp
+++ b/cmac.cpp
@@ -31,15 +31,24 @@ static void MulU(byte *k, unsigned int length)
 			k[15] ^= 0x87;
 			break;
 		case 32:
-			// Should this be 0x425?
+			// https://crypto.stackexchange.com/q/9815/10496
+			// Polynomial x^256 + x^10 + x^5 + x + 1
 			k[30] ^= 4;
 			k[31] ^= 0x23;
 			break;
 		case 64:
 			// https://crypto.stackexchange.com/q/9815/10496
+			// Polynomial x^512 + x^8 + x^5 + x^2 + 1
 			k[62] ^= 1;
 			k[63] ^= 0x25;
 			break;
+		case 128:
+			// https://crypto.stackexchange.com/q/9815/10496
+			// Polynomial x^1024 + x^19 + x^6 + x + 1
+			k[125] ^= 8;
+			k[126] ^= 0x00;
+			k[127] ^= 0x43;
+			break;
 		default:
 			throw InvalidArgument("CMAC: " + IntToString(length) + " is not a supported cipher block size");
 		}

From 2c570e27a02bfcab2eda02b9d61cde9ef2624899 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 14 May 2017 02:41:22 -0400
Subject: [PATCH 157/200] Explicitly add space on line continuation Formatting
 of data for a failed self test was still off a bit. It was due to retaining a
 whitespace character from the test vector file. The problem was, the
 whitespace was a tab on occasion.

---
 datatest.cpp | 38 ++++++++++++++------------------------
 1 file changed, 14 insertions(+), 24 deletions(-)

diff --git a/datatest.cpp b/datatest.cpp
index 58be70be..64065ea3 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -706,6 +706,10 @@ bool GetField(std::istream &is, std::string &name, std::string &value)
 			if (line[line.size() - 1] == '\\') {
 				continueLine = true;
 			}
+			// Check for comment. It can be first character
+			if (line[0] == '#') {
+				continue;
+			}
 		}
 
 		// Leading, trailing and temp position. The leading position moves right, and
@@ -713,36 +717,22 @@ bool GetField(std::istream &is, std::string &name, std::string &value)
 		// the name. We leave one space when line continuation is in effect, (and if
 		// present). The value can be an empty string. One Plaintext value is often
 		// empty for algorithm testing.
-		std::string::size_type l, t, p;
+		std::string::size_type l=0, t=std::string::npos;
 		const std::string whitespace = " \r\n\t\v\f";
 
-		l = line.find_first_not_of(whitespace);
+		l = line.find_first_not_of(whitespace, l);
 		if (l == std::string::npos) { l = 0; }
-		t = line.find_last_not_of(whitespace+"\\");
-		if (l == std::string::npos) { t = line.size(); }
+		t = line.find('#', l);
+		if (t != std::string::npos) { t--; }
 
-		// Chop comment. Perform after setting continueLine
-		p = line.find('#', l);
-		if (p < t) {
-			t = p;
-			if (t) t--;
-		}
-
-		// Leave one whitespace if line continuation is in effect
-		if (continueLine)
-		{
-			if (l > 0 && ::isspace(line[l - 1]))
-			{
-				l--;
-			}
-			else if (t < line.size()-1 && ::isspace(line[t + 1]))
-			{
-				t++;
-			}
-		}
+		t = line.find_last_not_of(whitespace+"\\", t);
+		if (t != std::string::npos) { t++; }
 
 		CRYPTOPP_ASSERT(t >= l);
-		value += line.substr(l, t - l + 1);
+		value += line.substr(l, t - l);
+
+		if (continueLine)
+			value.append(1, ' ');
 	}
 
 	return true;

From 017f7f61b40f101b03ed3d276526b5f550eb79bd Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 14 May 2017 04:09:26 -0400
Subject: [PATCH 158/200] Rearrange characters in whitespace string The
 arrangement saves about 1.3 seconds when running the test vectors. It looks
 like the tab character is dominant, so we profit by listing it first.

---
 datatest.cpp | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/datatest.cpp b/datatest.cpp
index 64065ea3..97be8d20 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -712,20 +712,19 @@ bool GetField(std::istream &is, std::string &name, std::string &value)
 			}
 		}
 
-		// Leading, trailing and temp position. The leading position moves right, and
-		// trailing position moves left. The sub-string in the middle is the value for
-		// the name. We leave one space when line continuation is in effect, (and if
-		// present). The value can be an empty string. One Plaintext value is often
-		// empty for algorithm testing.
+		// Leading and trailing position. The leading position moves right, and
+		// trailing position moves left. The sub-string in the middle is the value
+		// for the name. We leave one space when line continuation is in effect.
+		// The value can be an empty string. One Plaintext value is often empty
+		// for algorithm testing.
 		std::string::size_type l=0, t=std::string::npos;
-		const std::string whitespace = " \r\n\t\v\f";
+		const std::string whitespace = "\t \r\n";
 
 		l = line.find_first_not_of(whitespace, l);
 		if (l == std::string::npos) { l = 0; }
 		t = line.find('#', l);
 		if (t != std::string::npos) { t--; }
-
-		t = line.find_last_not_of(whitespace+"\\", t);
+		t = line.find_last_not_of(whitespace, t);
 		if (t != std::string::npos) { t++; }
 
 		CRYPTOPP_ASSERT(t >= l);

From 7ee87af86b93dcc766aeb01b9ec4caf05c00ee0d Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 14 May 2017 05:26:33 -0400
Subject: [PATCH 159/200] Don't latch BlockSize or BlockPaddingScheme across
 tests

---
 TestVectors/kalyna.txt | 8 ++------
 datatest.cpp           | 8 ++++++++
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/TestVectors/kalyna.txt b/TestVectors/kalyna.txt
index 6829c7a0..92157d49 100644
--- a/TestVectors/kalyna.txt
+++ b/TestVectors/kalyna.txt
@@ -45,7 +45,6 @@ Comment: Kalyna 128-bit key, 128-bit block
 Key: 000102030405060708090A0B0C0D0E0F
 IV: 101112131415161718191A1B1C1D1E1F
 BlockSize: 16
-BlockPaddingScheme: 0  # NoPadding
 Plaintext: 202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F
 Ciphertext: A73625D7BE994E85469A9FAABCEDAAB6DBC5F65DD77BB35E06BD7D1D8EAFC8624D6CB31CE189C82B8979F2936DE9BF14
 Test: Encrypt
@@ -60,12 +59,11 @@ Plaintext: 303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F50515
 Ciphertext: 13EA15843AD14C50BC03ECEF1F43E398E4217752D3EB046AC393DACC5CA1D6FA0EB9FCEB229362B4F1565527EE3D8433
 Test: Encrypt
 Name: Kalyna/CBC
-Source: DSTU 7624:2014, Section B.6.5 (p.151)
+Source: DSTU 7624:2014, Section B.6.5 (p.150)
 Comment: Kalyna 256-bit key, 256-bit block
 Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F
 IV:  202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
 BlockSize: 32
-BlockPaddingScheme: 0  # NoPadding
 Plaintext:  404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F \
             606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F \
             808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F
@@ -80,7 +78,6 @@ Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F \
      202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
 IV:  404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
 BlockSize: 32
-BlockPaddingScheme: 0  # NoPadding
 Plaintext: 606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F \
            808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F \
            A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF
@@ -96,7 +93,6 @@ Key: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F \
 IV:  404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F \
      606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
 BlockSize: 64
-BlockPaddingScheme: 0  # NoPadding
 Plaintext: 808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F \
            A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF \
            C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF \
@@ -105,4 +101,4 @@ Ciphertext: D4739B829EF901B24C1162AE4FDEF897EDA41FAC7F5770CDC90E1D1CDF124E8D \
             7831E06B4498A4B6F6EC815DF2461DC99BB0449B0F09FCAA2C84090534BCC932 \
             9626FD74EF8F0A0BCB5765184629C3CBF53B0FB134F6D0421174B1C4E884D1CD \
             1069A7AD19752DCEBF655842E79B7858BDE01390A760D85E88925BFE38B0FA57
-Test: Encrypt
\ No newline at end of file
+Test: Encrypt
diff --git a/datatest.cpp b/datatest.cpp
index 97be8d20..296ef16d 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -488,6 +488,14 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 			std::cout << "\n";
 			SignalTestFailure();
 		}
+
+		// If BlockSize or BlockPaddingScheme was set for a test, then it becomes latched
+		// in testDataPairs. The old value is used in subsequent tests, and it could cause a
+		// self test failure in the next test. The behavior surfaced under Kalyna, where the
+		// official test vectors use NO_PADDING for all tests excpet one. For BlockSize or
+		// BlockPaddingScheme, unlatch them now. Also note we only unlatch from testDataPairs.
+		// If overrideParameters are specified, then the caller is responsible.
+		v.erase("BlockSize"); v.erase("BlockPaddingScheme");
 	}
 	else
 	{

From 8c34a5f7f5d17ed295471aa93ff16e4df9a5e9e2 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 14 May 2017 13:51:41 -0400
Subject: [PATCH 160/200] Add Threefish block cipher (Issue 422)

---
 TestVectors/all.txt       |   1 +
 TestVectors/threefish.txt |  41 ++++
 bench1.cpp                |   6 +-
 datatest.cpp              |   4 +-
 regtest2.cpp              |   4 +
 threefish.cpp             | 495 ++++++++++++++++++++++++++++++++++++++
 threefish.h               | 106 ++++++++
 7 files changed, 652 insertions(+), 5 deletions(-)
 create mode 100644 TestVectors/threefish.txt
 create mode 100644 threefish.cpp
 create mode 100644 threefish.h

diff --git a/TestVectors/all.txt b/TestVectors/all.txt
index c6fb6b7d..01b1e20e 100644
--- a/TestVectors/all.txt
+++ b/TestVectors/all.txt
@@ -27,6 +27,7 @@ Test: TestVectors/sha3_fips_202.txt
 Test: TestVectors/panama.txt
 Test: TestVectors/aes.txt
 Test: TestVectors/kalyna.txt
+Test: TestVectors/threefish.txt
 Test: TestVectors/salsa.txt
 Test: TestVectors/chacha.txt
 #Test: TestVectors/tls_chacha.txt
diff --git a/TestVectors/threefish.txt b/TestVectors/threefish.txt
new file mode 100644
index 00000000..d6245d29
--- /dev/null
+++ b/TestVectors/threefish.txt
@@ -0,0 +1,41 @@
+AlgorithmType: SymmetricCipher
+Name: Threefish/ECB
+Comment: Test Vector 1
+Key: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 \
+     0000000000000000 0000000000000000 0000000000000000 0000000000000000
+Plaintext:  0000000000000000 0000000000000000 0000000000000000 0000000000000000 \
+            0000000000000000 0000000000000000 0000000000000000 0000000000000000
+Ciphertext: B1A2BBC6EF6025BC 40EB3822161F36E3 75D1BB0AEE3186FB D19E47C5D479947B \
+            7BC2F8586E35F0CF F7E7F03084B0B7B1 F1AB3961A580A3E9 7EB41EA14A6D7BBE
+Test: Encrypt
+Name: Threefish/ECB
+Comment: Test Vector 2
+Key: B1A2BBC6EF6025BC 40EB3822161F36E3 75D1BB0AEE3186FB D19E47C5D479947B \
+     7BC2F8586E35F0CF F7E7F03084B0B7B1 F1AB3961A580A3E9 7EB41EA14A6D7BBE
+Plaintext:  0000000000000000 0000000000000000 0000000000000000 0000000000000000 \
+            0000000000000000 0000000000000000 0000000000000000 0000000000000000
+Ciphertext: F13CA06760DD9BBE AB87B6C56F3BBBDB E9D08A77978B942A C02D471DC10268F2 \
+            261C3D4330D6CA34 1F4BD4115DEE16A2 1DCDA2A34A0A76FB A976174E4CF1E306
+Test: Encrypt
+Name: Threefish/ECB
+Comment: Test Vector 3
+Key: F13CA06760DD9BBE AB87B6C56F3BBBDB E9D08A77978B942A C02D471DC10268F2 \
+     261C3D4330D6CA34 1F4BD4115DEE16A2 1DCDA2A34A0A76FB A976174E4CF1E306
+Plaintext: B1A2BBC6EF6025BC 40EB3822161F36E3 75D1BB0AEE3186FB D19E47C5D479947B \
+           7BC2F8586E35F0CF F7E7F03084B0B7B1 F1AB3961A580A3E9 7EB41EA14A6D7BBE
+Ciphertext: 1BEC82CBA1357566 B34E1CF1FBF123A1 41C8F4089F6E4CE3 209AEA10095AEC93 \
+            C900D068BDC7F7A2 DD58513C11DEC956 B93169B1C4F24CED E31A265DE83E36B4
+Test: Encrypt
+Name: Threefish/ECB
+Comment: Test Vector 4
+Key: F13CA06760DD9BBE AB87B6C56F3BBBDB E9D08A77978B942A C02D471DC10268F2 \
+     261C3D4330D6CA34 1F4BD4115DEE16A2 1DCDA2A34A0A76FB A976174E4CF1E306
+Plaintext: B1A2BBC6EF6025BC 40EB3822161F36E3 75D1BB0AEE3186FB D19E47C5D479947B \
+           7BC2F8586E35F0CF F7E7F03084B0B7B1 F1AB3961A580A3E9 7EB41EA14A6D7BBE \
+           B1A2BBC6EF6025BC 40EB3822161F36E3 75D1BB0AEE3186FB D19E47C5D479947B \
+            7BC2F8586E35F0CF F7E7F03084B0B7B1 F1AB3961A580A3E9 7EB41EA14A6D7BBF
+Ciphertext: 1BEC82CBA1357566 B34E1CF1FBF123A1 41C8F4089F6E4CE3 209AEA10095AEC93 \
+            C900D068BDC7F7A2 DD58513C11DEC956 B93169B1C4F24CED E31A265DE83E36B4 \
+            073CB5F8FABFA17D B751477F294EB3DD 4ACD92B78397331F CC36A9C3D3055B81 \
+            D867CBDD56279037 373359CA1832669A F4B87A1F2FDAF8D3 6E2FB7A6D19F5D45
+Test: Encrypt
diff --git a/bench1.cpp b/bench1.cpp
index eff2bf31..821aa08c 100644
--- a/bench1.cpp
+++ b/bench1.cpp
@@ -539,9 +539,9 @@ void Benchmark2(double t, double hertz)
 		BenchMarkByName<SymmetricCipher>("Camellia/CTR", 16);
 		BenchMarkByName<SymmetricCipher>("Camellia/CTR", 32);
 		BenchMarkByName<SymmetricCipher>("Twofish/CTR");
-//		BenchMarkByName<SymmetricCipher>("Threefish256/CTR");
-//		BenchMarkByName<SymmetricCipher>("Threefish512/CTR");
-//		BenchMarkByName<SymmetricCipher>("Threefish1024/CTR");
+		BenchMarkByName<SymmetricCipher>("Threefish/CTR", 32, "Threefish/CTR (256-bit key)", MakeParameters(Name::BlockSize(), 32));
+		BenchMarkByName<SymmetricCipher>("Threefish/CTR", 64, "Threefish/CTR (512-bit key)", MakeParameters(Name::BlockSize(), 64));
+		BenchMarkByName<SymmetricCipher>("Threefish/CTR", 128, "Threefish/CTR (1024-bit key)", MakeParameters(Name::BlockSize(), 128));
 		BenchMarkByName<SymmetricCipher>("Serpent/CTR");
 		BenchMarkByName<SymmetricCipher>("CAST-256/CTR");
 		BenchMarkByName<SymmetricCipher>("RC6/CTR");
diff --git a/datatest.cpp b/datatest.cpp
index 296ef16d..4cef5a1c 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -732,14 +732,14 @@ bool GetField(std::istream &is, std::string &name, std::string &value)
 		if (l == std::string::npos) { l = 0; }
 		t = line.find('#', l);
 		if (t != std::string::npos) { t--; }
-		t = line.find_last_not_of(whitespace, t);
+		t = line.find_last_not_of(whitespace+"\\", t);
 		if (t != std::string::npos) { t++; }
 
 		CRYPTOPP_ASSERT(t >= l);
 		value += line.substr(l, t - l);
 
 		if (continueLine)
-			value.append(1, ' ');
+			value += ' ';
 	}
 
 	return true;
diff --git a/regtest2.cpp b/regtest2.cpp
index 3d560186..d7a1d58c 100644
--- a/regtest2.cpp
+++ b/regtest2.cpp
@@ -31,6 +31,7 @@
 #include "rc6.h"
 #include "mars.h"
 #include "kalyna.h"
+#include "threefish.h"
 #include "des.h"
 #include "idea.h"
 #include "rc5.h"
@@ -137,6 +138,9 @@ void RegisterFactories2()
 	RegisterSymmetricCipherDefaultFactories<ECB_Mode<Kalyna> >();  // Test Vectors
 	RegisterSymmetricCipherDefaultFactories<CBC_Mode<Kalyna> >();  // Test Vectors
 	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Kalyna> >();  // Benchmarks
+	RegisterSymmetricCipherDefaultFactories<ECB_Mode<Threefish> >();  // Test Vectors
+	RegisterSymmetricCipherDefaultFactories<CBC_Mode<Threefish> >();  // Test Vectors
+	RegisterSymmetricCipherDefaultFactories<CTR_Mode<Threefish> >();  // Benchmarks
 
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA1> >();
 	RegisterDefaultFactoryFor<KeyDerivationFunction, HKDF<SHA256> >();
diff --git a/threefish.cpp b/threefish.cpp
new file mode 100644
index 00000000..ac48d64b
--- /dev/null
+++ b/threefish.cpp
@@ -0,0 +1,495 @@
+// threefish.cpp - written and placed in the public domain by Jeffrey Walton
+//                 Based on public domain code by Keru Kuro. Kuro's code is
+//                 available at http://cppcrypto.sourceforge.net/.
+
+#include "pch.h"
+#include "config.h"
+
+#include "threefish.h"
+#include "misc.h"
+#include "cpu.h"
+#include "algparam.h"
+#include "argnames.h"
+
+ANONYMOUS_NAMESPACE_BEGIN
+
+#if defined(__clang__)
+# define rotatel64(x,y) rotlVariable(x,y)
+# define rotater64(x,y) rotrVariable(x,y)
+#else
+# define rotatel64(x,y) rotlFixed(x,y)
+# define rotater64(x,y) rotrFixed(x,y)
+#endif
+
+#define G256(G0, G1, G2, G3, C0, C1) \
+	G0 += G1; \
+	G1 = rotatel64(G1, C0) ^ G0; \
+	G2 += G3; \
+	G3 = rotatel64(G3, C1) ^ G2;
+
+#define IG256(G0, G1, G2, G3, C0, C1) \
+	G3 = rotater64(G3 ^ G2, C1); \
+	G2 -= G3; \
+	G1 = rotater64(G1 ^ G0, C0); \
+	G0 -= G1; \
+
+#define KS256(r) \
+	G0 += m_rkey[(r + 1) % 5]; \
+	G1 += m_rkey[(r + 2) % 5] + m_tweak[(r + 1) % 3]; \
+	G2 += m_rkey[(r + 3) % 5] + m_tweak[(r + 2) % 3]; \
+	G3 += m_rkey[(r + 4) % 5] + r + 1;
+
+#define IKS256(r) \
+	G0 -= m_rkey[(r + 1) % 5]; \
+	G1 -= (m_rkey[(r + 2) % 5] + m_tweak[(r + 1) % 3]); \
+	G2 -= (m_rkey[(r + 3) % 5] + m_tweak[(r + 2) % 3]); \
+	G3 -= (m_rkey[(r + 4) % 5] + r + 1);
+
+#define G8256(r) \
+	G256(G0, G1, G2, G3, 14, 16); \
+	G256(G0, G3, G2, G1, 52, 57); \
+	G256(G0, G1, G2, G3, 23, 40); \
+	G256(G0, G3, G2, G1, 5, 37); \
+	KS256(r); \
+	G256(G0, G1, G2, G3, 25, 33); \
+	G256(G0, G3, G2, G1, 46, 12); \
+	G256(G0, G1, G2, G3, 58, 22); \
+	G256(G0, G3, G2, G1, 32, 32); \
+	KS256(r + 1);
+
+#define IG8256(r) \
+	IG256(G0, G3, G2, G1, 32, 32); \
+	IG256(G0, G1, G2, G3, 58, 22); \
+	IG256(G0, G3, G2, G1, 46, 12); \
+	IG256(G0, G1, G2, G3, 25, 33); \
+	IKS256(r); \
+	IG256(G0, G3, G2, G1, 5, 37); \
+	IG256(G0, G1, G2, G3, 23, 40); \
+	IG256(G0, G3, G2, G1, 52, 57); \
+	IG256(G0, G1, G2, G3, 14, 16); \
+	IKS256(r - 1);
+
+#define IG512(G0, G1, G2, G3, G4, G5, G6, G7, C0, C1, C2, C3) \
+	G7 = rotater64(G7 ^ G6, C3); \
+	G6 -= G7; \
+	G5 = rotater64(G5 ^ G4, C2); \
+	G4 -= G5; \
+	G3 = rotater64(G3 ^ G2, C1); \
+	G2 -= G3; \
+	G1 = rotater64(G1 ^ G0, C0); \
+	G0 -= G1;
+
+#define G512(G0, G1, G2, G3, G4, G5, G6, G7, C0, C1, C2, C3) \
+	G0 += G1; \
+	G1 = rotatel64(G1, C0) ^ G0; \
+	G2 += G3; \
+	G3 = rotatel64(G3, C1) ^ G2; \
+	G4 += G5; \
+	G5 = rotatel64(G5, C2) ^ G4; \
+	G6 += G7; \
+	G7 = rotatel64(G7, C3) ^ G6;
+
+#define IKS512(r) \
+	G0 -= m_rkey[(r + 1) % 9]; \
+	G1 -= m_rkey[(r + 2) % 9]; \
+	G2 -= m_rkey[(r + 3) % 9]; \
+	G3 -= m_rkey[(r + 4) % 9]; \
+	G4 -= m_rkey[(r + 5) % 9]; \
+	G5 -= (m_rkey[(r + 6) % 9] + m_tweak[(r + 1) % 3]); \
+	G6 -= (m_rkey[(r + 7) % 9] + m_tweak[(r + 2) % 3]); \
+	G7 -= (m_rkey[(r + 8) % 9] + r + 1);
+
+#define KS512(r) \
+	G0 += m_rkey[(r + 1) % 9]; \
+	G1 += m_rkey[(r + 2) % 9]; \
+	G2 += m_rkey[(r + 3) % 9]; \
+	G3 += m_rkey[(r + 4) % 9]; \
+	G4 += m_rkey[(r + 5) % 9]; \
+	G5 += m_rkey[(r + 6) % 9] + m_tweak[(r + 1) % 3]; \
+	G6 += m_rkey[(r + 7) % 9] + m_tweak[(r + 2) % 3]; \
+	G7 += m_rkey[(r + 8) % 9] + r + 1;
+
+#define IG8512(r) \
+	IG512(G6, G1, G0, G7, G2, G5, G4, G3, 8, 35, 56, 22); \
+	IG512(G4, G1, G6, G3, G0, G5, G2, G7, 25, 29, 39, 43); \
+	IG512(G2, G1, G4, G7, G6, G5, G0, G3, 13, 50, 10, 17); \
+    IG512(G0, G1, G2, G3, G4, G5, G6, G7, 39, 30, 34, 24); \
+	IKS512(r) \
+	IG512(G6, G1, G0, G7, G2, G5, G4, G3, 44, 9, 54, 56); \
+	IG512(G4, G1, G6, G3, G0, G5, G2, G7, 17, 49, 36, 39); \
+	IG512(G2, G1, G4, G7, G6, G5, G0, G3, 33, 27, 14, 42); \
+	IG512(G0, G1, G2, G3, G4, G5, G6, G7, 46, 36, 19, 37); \
+	IKS512(r - 1)
+
+#define G8512(r) \
+	G512(G0, G1, G2, G3, G4, G5, G6, G7, 46, 36, 19, 37); \
+	G512(G2, G1, G4, G7, G6, G5, G0, G3, 33, 27, 14, 42); \
+	G512(G4, G1, G6, G3, G0, G5, G2, G7, 17, 49, 36, 39); \
+	G512(G6, G1, G0, G7, G2, G5, G4, G3, 44, 9, 54, 56); \
+	KS512(r) \
+    G512(G0, G1, G2, G3, G4, G5, G6, G7, 39, 30, 34, 24); \
+	G512(G2, G1, G4, G7, G6, G5, G0, G3, 13, 50, 10, 17); \
+	G512(G4, G1, G6, G3, G0, G5, G2, G7, 25, 29, 39, 43); \
+	G512(G6, G1, G0, G7, G2, G5, G4, G3, 8, 35, 56, 22); \
+	KS512(r + 1)
+
+#define IG1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, C1, C2, C3, C4, C5, C6, C7, C8) \
+	G15 = rotater64(G15 ^ G14, C8); \
+	G14 -= G15; \
+	G13 = rotater64(G13 ^ G12, C7); \
+	G12 -= G13; \
+	G11 = rotater64(G11 ^ G10, C6); \
+	G10 -= G11; \
+	G9 = rotater64(G9 ^ G8, C5); \
+	G8 -= G9; \
+	G7 = rotater64(G7 ^ G6, C4); \
+	G6 -= G7; \
+	G5 = rotater64(G5 ^ G4, C3); \
+	G4 -= G5; \
+	G3 = rotater64(G3 ^ G2, C2); \
+	G2 -= G3; \
+	G1 = rotater64(G1 ^ G0, C1); \
+	G0 -= G1;
+
+#define G1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, C1, C2, C3, C4, C5, C6, C7, C8) \
+	G0 += G1; \
+	G1 = rotatel64(G1, C1) ^ G0; \
+	G2 += G3; \
+	G3 = rotatel64(G3, C2) ^ G2; \
+	G4 += G5; \
+	G5 = rotatel64(G5, C3) ^ G4; \
+	G6 += G7; \
+	G7 = rotatel64(G7, C4) ^ G6; \
+	G8 += G9; \
+	G9 = rotatel64(G9, C5) ^ G8; \
+	G10 += G11; \
+	G11 = rotatel64(G11, C6) ^ G10; \
+	G12 += G13; \
+	G13 = rotatel64(G13, C7) ^ G12; \
+	G14 += G15; \
+	G15 = rotatel64(G15, C8) ^ G14;
+
+#define IKS1024(r) \
+	G0 -= m_rkey[(r + 1) % 17]; \
+	G1 -= m_rkey[(r + 2) % 17]; \
+	G2 -= m_rkey[(r + 3) % 17]; \
+	G3 -= m_rkey[(r + 4) % 17]; \
+	G4 -= m_rkey[(r + 5) % 17]; \
+	G5 -= m_rkey[(r + 6) % 17]; \
+	G6 -= m_rkey[(r + 7) % 17]; \
+	G7 -= m_rkey[(r + 8) % 17]; \
+	G8 -= m_rkey[(r + 9) % 17]; \
+	G9 -= m_rkey[(r + 10) % 17]; \
+	G10 -= m_rkey[(r + 11) % 17]; \
+	G11 -= m_rkey[(r + 12) % 17]; \
+	G12 -= m_rkey[(r + 13) % 17]; \
+	G13 -= (m_rkey[(r + 14) % 17] + m_tweak[(r + 1) % 3]); \
+	G14 -= (m_rkey[(r + 15) % 17] + m_tweak[(r + 2) % 3]); \
+	G15 -= (m_rkey[(r + 16) % 17] + r + 1);
+
+#define KS1024(r) \
+	G0 += m_rkey[(r + 1) % 17]; \
+	G1 += m_rkey[(r + 2) % 17]; \
+	G2 += m_rkey[(r + 3) % 17]; \
+	G3 += m_rkey[(r + 4) % 17]; \
+	G4 += m_rkey[(r + 5) % 17]; \
+	G5 += m_rkey[(r + 6) % 17]; \
+	G6 += m_rkey[(r + 7) % 17]; \
+	G7 += m_rkey[(r + 8) % 17]; \
+	G8 += m_rkey[(r + 9) % 17]; \
+	G9 += m_rkey[(r + 10) % 17]; \
+	G10 += m_rkey[(r + 11) % 17]; \
+	G11 += m_rkey[(r + 12) % 17]; \
+	G12 += m_rkey[(r + 13) % 17]; \
+	G13 += m_rkey[(r + 14) % 17] + m_tweak[(r + 1) % 3]; \
+	G14 += m_rkey[(r + 15) % 17] + m_tweak[(r + 2) % 3]; \
+	G15 += m_rkey[(r + 16) % 17] + r + 1;
+
+#define IG81024(r) \
+	IG1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 9, 48, 35, 52, 23, 31, 37, 20); \
+	IG1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 31, 44, 47, 46, 19, 42, 44, 25); \
+	IG1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 16, 34, 56, 51, 4, 53, 42, 41); \
+	IG1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 41, 9, 37, 31, 12, 47, 44, 30); \
+	IKS1024(r); \
+	IG1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 5, 20, 48, 41, 47, 28, 16, 25); \
+	IG1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 33, 4, 51, 13, 34, 41, 59, 17); \
+	IG1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 38, 19, 10, 55, 49, 18, 23, 52); \
+	IG1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 24, 13, 8, 47, 8, 17, 22, 37); \
+	IKS1024(r - 1);
+
+#define G81024(r) \
+	G1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 24, 13, 8, 47, 8, 17, 22, 37); \
+	G1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 38, 19, 10, 55, 49, 18, 23, 52); \
+	G1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 33, 4, 51, 13, 34, 41, 59, 17); \
+	G1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 5, 20, 48, 41, 47, 28, 16, 25); \
+	KS1024(r); \
+	G1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 41, 9, 37, 31, 12, 47, 44, 30); \
+	G1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 16, 34, 56, 51, 4, 53, 42, 41); \
+	G1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 31, 44, 47, 46, 19, 42, 44, 25); \
+	G1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 9, 48, 35, 52, 23, 31, 37, 20); \
+	KS1024(r + 1);
+
+ANONYMOUS_NAMESPACE_END
+
+///////////////////////////////////////////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////
+
+NAMESPACE_BEGIN(CryptoPP)
+
+void Threefish::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params)
+{
+    switch (keylen)
+    {
+    case 32:  // 256
+		m_rkey.New(5);
+		m_wspace.New(4);
+        m_blocksize = 32;
+
+		GetUserKey(LITTLE_ENDIAN_ORDER, m_rkey.begin(), 4, key, 32);
+		m_rkey[4] = W64LIT(0x1BD11BDAA9FC1A22) ^ m_rkey[0] ^ m_rkey[1] ^ m_rkey[2] ^ m_rkey[3];
+        break;
+    case 64:  // 512
+		m_rkey.New(9);
+		m_wspace.New(8);
+        m_blocksize = 64;
+
+		GetUserKey(LITTLE_ENDIAN_ORDER, m_rkey.begin(), 8, key, 64);
+		m_rkey[8] = W64LIT(0x1BD11BDAA9FC1A22) ^ m_rkey[0] ^ m_rkey[1] ^ m_rkey[2] ^ m_rkey[3] ^ m_rkey[4] ^
+			m_rkey[5] ^ m_rkey[6] ^ m_rkey[7];
+        break;
+    case 128:  // 128
+		m_rkey.New(17);
+		m_wspace.New(16);
+        m_blocksize = 128;
+
+		GetUserKey(LITTLE_ENDIAN_ORDER, m_rkey.begin(), 16, key, 128);
+		m_rkey[16] = W64LIT(0x1BD11BDAA9FC1A22) ^ m_rkey[0] ^ m_rkey[1] ^ m_rkey[2] ^ m_rkey[3] ^ m_rkey[4] ^
+			m_rkey[5] ^ m_rkey[6] ^ m_rkey[7] ^ m_rkey[8] ^ m_rkey[9] ^ m_rkey[10] ^ m_rkey[11] ^ m_rkey[12] ^
+			m_rkey[13] ^ m_rkey[14] ^ m_rkey[15];
+        break;
+    default:
+        CRYPTOPP_ASSERT(0);
+    }
+
+	m_tweak.New(3);
+	ConstByteArrayParameter t;
+	if (params.GetValue(Name::Tweak(), t))
+	{
+		CRYPTOPP_ASSERT(t.size() == 16);
+		::memcpy(m_tweak.begin(), t.begin(), 16);
+		m_tweak[2] = m_tweak[0] + m_tweak[1];
+	}
+	else
+	{
+		::memset(m_tweak.begin(), 0x00, 24);
+	}
+}
+
+void Threefish::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+{
+	switch(m_blocksize)
+	{
+	case 32:
+		ProcessAndXorBlock_256(inBlock, xorBlock, outBlock);
+		break;
+	case 64:
+		ProcessAndXorBlock_512(inBlock, xorBlock, outBlock);
+		break;
+	case 128:
+		ProcessAndXorBlock_1024(inBlock, xorBlock, outBlock);
+		break;
+	default:
+		CRYPTOPP_ASSERT(0);
+	}
+}
+
+void Threefish::Base::ProcessAndXorBlock_256(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+{
+	word64 &G0=m_wspace[0], &G1=m_wspace[1], &G2=m_wspace[2], &G3=m_wspace[3];
+
+	// Reverse bytes on BigEndian; Align pointer on LittleEndian
+	typedef GetBlock<word64, LittleEndian, false> InBlock;
+	InBlock iblk(inBlock);
+	iblk(G0)(G1)(G2)(G3);
+
+	if (IsForwardTransformation())
+	{
+		G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
+		G1 += m_tweak[0]; G2 += m_tweak[1];
+
+		G8256(0); G8256(2); G8256(4); G8256(6); G8256(8);
+		G8256(10); G8256(12); G8256(14); G8256(16);
+	}
+	else
+	{
+		G0 -= m_rkey[3]; G1 -= m_rkey[4]; G2 -= m_rkey[0]; G3 -= m_rkey[1];
+		G1 -= m_tweak[0]; G2 -= m_tweak[1]; G3 -= 18;
+
+		IG8256(16); IG8256(14); IG8256(12); IG8256(10);
+		IG8256(8); IG8256(6); IG8256(4); IG8256(2); IG8256(0);
+	}
+
+	// Reverse bytes on BigEndian; Align pointer on LittleEndian
+	typedef PutBlock<word64, LittleEndian, false> OutBlock;
+	OutBlock oblk(xorBlock, outBlock);
+	oblk(G0)(G1)(G2)(G3);
+}
+
+void Threefish::Base::ProcessAndXorBlock_512(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+{
+	word64 &G0=m_wspace[0],   &G1=m_wspace[1],   &G2=m_wspace[2],   &G3=m_wspace[3];
+	word64 &G4=m_wspace[4],   &G5=m_wspace[5],   &G6=m_wspace[6],   &G7=m_wspace[7];
+
+	// Reverse bytes on BigEndian; Align pointer on LittleEndian
+	typedef GetBlock<word64, LittleEndian, false> InBlock;
+	InBlock iblk(inBlock);
+	iblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7);
+
+	if (IsForwardTransformation())
+	{
+#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && 0
+		const bool s_sse2 = HasSSE2();
+		if (s_sse2)
+		{
+			const word64 *ky = m_rkey.begin(), *tw = m_tweak.begin();
+			word64 *ws = m_wspace.begin();
+
+			// 15 SSE instructions
+			_mm_store_si128((__m128i*)ws,
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)ws),
+					_mm_load_si128((const __m128i*)ky)));
+			_mm_store_si128((__m128i*)(ws+2),
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)(ws+2)),
+					_mm_load_si128((const __m128i*)(ky+2))));
+			_mm_store_si128((__m128i*)(ws+4),
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)(ws+4)),
+					_mm_load_si128((const __m128i*)(ky+4))));
+			_mm_store_si128((__m128i*)(ws+6),
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)(ws+6)),
+					_mm_load_si128((const __m128i*)(ky+6))));
+			_mm_storeu_si128((__m128i*)(ws+5),
+				_mm_add_epi64(
+					_mm_loadu_si128((const __m128i*)(ws+5)),
+					_mm_load_si128((const __m128i*)(tw))));
+		}
+#endif
+		{
+			// 34 integer instructions total
+			G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
+			G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
+			G5 += m_tweak[0]; G6 += m_tweak[1];
+		}
+
+		G8512(0); G8512(2); G8512(4); G8512(6); G8512(8);
+		G8512(10); G8512(12); G8512(14); G8512(16);
+	}
+	else
+	{
+		G0 -= m_rkey[0]; G1 -= m_rkey[1]; G2 -= m_rkey[2]; G3 -= m_rkey[3];
+		G4 -= m_rkey[4]; G5 -= m_rkey[5]; G6 -= m_rkey[6]; G7 -= m_rkey[7];
+		G5 -= m_tweak[0]; G6 -= m_tweak[1];	G7 -= 18;
+
+		IG8512(16); IG8512(14); IG8512(12); IG8512(10);
+		IG8512(8); IG8512(6); IG8512(4); IG8512(2);	IG8512(0);
+	}
+
+	// Reverse bytes on BigEndian; Align pointer on LittleEndian
+	typedef PutBlock<word64, LittleEndian, false> OutBlock;
+	OutBlock oblk(xorBlock, outBlock);
+	oblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7);
+}
+
+void Threefish::Base::ProcessAndXorBlock_1024(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+{
+	word64  &G0=m_wspace[0],   &G1=m_wspace[1],   &G2=m_wspace[2],   &G3=m_wspace[3];
+	word64  &G4=m_wspace[4],   &G5=m_wspace[5],   &G6=m_wspace[6],   &G7=m_wspace[7];
+	word64  &G8=m_wspace[8],   &G9=m_wspace[9],  &G10=m_wspace[10], &G11=m_wspace[11];
+	word64 &G12=m_wspace[12], &G13=m_wspace[13], &G14=m_wspace[14], &G15=m_wspace[15];
+
+	// Reverse bytes on BigEndian; Align pointer on LittleEndian
+	typedef GetBlock<word64, LittleEndian, false> InBlock;
+	InBlock iblk(inBlock);
+	iblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7)(G8)(G9)(G10)(G11)(G12)(G13)(G14)(G15);
+
+	if (IsForwardTransformation())
+	{
+#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && 0
+		const bool s_sse2 = HasSSE2();
+		if (s_sse2)
+		{
+			const word64 *ky = m_rkey.begin(), *tw = m_tweak.begin();
+			word64 *ws = m_wspace.begin();
+
+			_mm_store_si128((__m128i*)ws,
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)ws),
+					_mm_load_si128((const __m128i*)ky)));
+			_mm_store_si128((__m128i*)(ws+2),
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)(ws+2)),
+					_mm_load_si128((const __m128i*)(ky+2))));
+			_mm_store_si128((__m128i*)(ws+4),
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)(ws+4)),
+					_mm_load_si128((const __m128i*)(ky+4))));
+			_mm_store_si128((__m128i*)(ws+6),
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)(ws+6)),
+					_mm_load_si128((const __m128i*)(ky+6))));
+			_mm_store_si128((__m128i*)(ws+8),
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)(ws+8)),
+					_mm_load_si128((const __m128i*)(ky+8))));
+			_mm_store_si128((__m128i*)(ws+10),
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)(ws+10)),
+					_mm_load_si128((const __m128i*)(ky+10))));
+			_mm_store_si128((__m128i*)(ws+12),
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)(ws+12)),
+					_mm_load_si128((const __m128i*)(ky+12))));
+			_mm_store_si128((__m128i*)(ws+14),
+				_mm_add_epi64(
+					_mm_load_si128((const __m128i*)(ws+14)),
+					_mm_load_si128((const __m128i*)(ky+14))));
+			_mm_storeu_si128((__m128i*)(ws+13),
+				_mm_add_epi64(
+					_mm_loadu_si128((const __m128i*)(ws+13)),
+					_mm_load_si128((const __m128i*)(tw))));
+		}
+		else
+#endif
+		{
+			G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
+			G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
+			G8 += m_rkey[8]; G9 += m_rkey[9]; G10 += m_rkey[10]; G11 += m_rkey[11];
+			G12 += m_rkey[12]; G13 += m_rkey[13]; G14 += m_rkey[14]; G15 += m_rkey[15];
+			G13 += m_tweak[0]; G14 += m_tweak[1];
+		}
+
+		G81024(0); G81024(2); G81024(4); G81024(6); G81024(8);
+		G81024(10); G81024(12); G81024(14); G81024(16); G81024(18);
+	}
+	else
+	{
+		G0 -= m_rkey[3]; G1 -= m_rkey[4]; G2 -= m_rkey[5]; G3 -= m_rkey[6];
+		G4 -= m_rkey[7]; G5 -= m_rkey[8]; G6 -= m_rkey[9]; G7 -= m_rkey[10];
+		G8 -= m_rkey[11]; G9 -= m_rkey[12]; G10 -= m_rkey[13]; G11 -= m_rkey[14];
+		G12 -= m_rkey[15]; G13 -= m_rkey[16]; G14 -= m_rkey[0]; G15 -= m_rkey[1];
+		G13 -= m_tweak[2]; G14 -= m_tweak[0]; G15 -= 20;
+
+		IG81024(18); IG81024(16); IG81024(14); IG81024(12);	IG81024(10);
+		IG81024(8); IG81024(6); IG81024(4);	IG81024(2); IG81024(0);
+	}
+
+	// Reverse bytes on BigEndian; Align pointer on LittleEndian
+	typedef PutBlock<word64, LittleEndian, false> OutBlock;
+	OutBlock oblk(xorBlock, outBlock);
+	oblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7)(G8)(G9)(G10)(G11)(G12)(G13)(G14)(G15);
+}
+
+NAMESPACE_END
diff --git a/threefish.h b/threefish.h
new file mode 100644
index 00000000..97a7949b
--- /dev/null
+++ b/threefish.h
@@ -0,0 +1,106 @@
+// threefish.h - written and placed in the public domain by Jeffrey Walton
+//               Based on public domain code by Keru Kuro. Kuro's code is
+//               available at http://cppcrypto.sourceforge.net/.
+
+//! \file Threefish.h
+//! \brief Classes for the Threefish block cipher
+//! \since Crypto++ 6.0
+
+#ifndef CRYPTOPP_THREEFISH_H
+#define CRYPTOPP_THREEFISH_H
+
+#include "config.h"
+#include "seckey.h"
+#include "secblock.h"
+
+NAMESPACE_BEGIN(CryptoPP)
+
+//! \class Threefish_Info
+//! \brief Threefish block cipher information
+//! \tparam SIZE block and key size, in bytes
+//! \note Crypto++ provides a byte oriented implementation
+//! \since Crypto++ 6.0
+struct Threefish_Info : public VariableBlockSize<32, 32, 128>
+{
+	CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() {return "Threefish";}
+
+	//! \brief The minimum key length used by the algorithm provided as a constant
+	//! \details MIN_KEYLENGTH is provided in bytes, not bits
+	CRYPTOPP_CONSTANT(MIN_KEYLENGTH=32)
+	//! \brief The maximum key length used by the algorithm provided as a constant
+	//! \details MIN_KEYLENGTH is provided in bytes, not bits
+	CRYPTOPP_CONSTANT(MAX_KEYLENGTH=128)
+	//! \brief The default key length used by the algorithm provided as a constant
+	//! \details MIN_KEYLENGTH is provided in bytes, not bits
+	CRYPTOPP_CONSTANT(DEFAULT_KEYLENGTH=32)
+	//! \brief The default IV requirements for the algorithm provided as a constant
+	//! \details The default value is NOT_RESYNCHRONIZABLE. See IV_Requirement
+	//!  in cryptlib.h for allowed values.
+	CRYPTOPP_CONSTANT(IV_REQUIREMENT=SimpleKeyingInterface::UNIQUE_IV)
+	//! \brief The default initialization vector length for the algorithm provided as a constant
+	//! \details IV_LENGTH is provided in bytes, not bits.
+	CRYPTOPP_CONSTANT(IV_LENGTH=32)
+	//! \brief Provides a valid key length for the algorithm provided by a static function.
+	//! \param keylength the size of the key, in bytes
+	//! \details The key length depends on the block size. For each block size, 128, 256 and 512,
+	//!   the key length can be either the block size or twice the block size. That means the
+	//!   valid key lengths are 126, 256, 512 and 1024. Additionally, it means a key length of,
+	//!   say, 32 could be used with either 128-block size or 256-block size.
+	CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidKeyLength(size_t keylength)
+	{
+		// Valid key lengths are 256, 512 and 1024 bits
+		return (keylength >= 128) ? 128 :
+			(keylength >= 64) ? 64 : 32;
+	}
+
+	CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidBlockSize(size_t keylength)
+	{
+		return (keylength >= 128) ? 128 :
+			(keylength >= 64) ? 64 : 32;
+	}
+};
+
+//! \class Threefish1024
+//! \brief Threefish-1024 block cipher
+//! \sa <a href="http://www.weidai.com/scan-mirror/cs.html#Threefish">Threefish</a>
+//! \since Crypto++ 6.0
+class Threefish : public Threefish_Info, public BlockCipherDocumentation
+{
+public:
+	class CRYPTOPP_NO_VTABLE Base : public VariableBlockCipherImpl<Threefish_Info>
+	{
+	public:
+		std::string AlgorithmName() const {
+			return m_blocksize ? "Threefish-" + IntToString(m_blocksize*8) + "(" + IntToString((m_rkey.size()-1)*8) + ")" : StaticAlgorithmName();
+		}
+
+		unsigned int OptimalDataAlignment() const {
+			return GetAlignmentOf<word64>();
+		}
+
+	protected:
+		void UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params);
+		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+
+		void ProcessAndXorBlock_256(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+		void ProcessAndXorBlock_512(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+		void ProcessAndXorBlock_1024(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+
+	private:
+        typedef SecBlock<word64, AllocatorWithCleanup<word64, true> > AlignedSecBlock64;
+        mutable AlignedSecBlock64 m_wspace;   // workspace
+		AlignedSecBlock64         m_rkey;     // keys
+		AlignedSecBlock64         m_tweak;
+	};
+
+public:
+	typedef BlockCipherFinal<ENCRYPTION, Base> Encryption;
+	typedef BlockCipherFinal<DECRYPTION, Base> Decryption;
+};
+
+typedef Threefish::Encryption ThreefishEncryption;
+typedef Threefish::Decryption ThreefishDecryption;
+
+NAMESPACE_END
+
+#endif  // CRYPTOPP_THREEFISH_H

From 32ab4af5ff82b64bb5910ad8b343c84013eff778 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 14 May 2017 15:27:50 -0400
Subject: [PATCH 161/200] Add Threefish to project files Whitespace check-in

---
 Filelist.txt             | 2 ++
 GNUmakefile              | 2 +-
 cryptest.nmake           | 4 ++--
 cryptest.vcxproj         | 2 ++
 cryptest.vcxproj.filters | 3 +++
 cryptlib.vcxproj         | 2 ++
 cryptlib.vcxproj.filters | 6 ++++++
 validat1.cpp             | 1 +
 8 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/Filelist.txt b/Filelist.txt
index 4df8cdb6..29c25205 100644
--- a/Filelist.txt
+++ b/Filelist.txt
@@ -277,6 +277,8 @@ tea.h
 test.cpp
 trap.h
 tftables.cpp
+threefish.cpp
+threefish.h
 tiger.cpp
 tiger.h
 tigertab.cpp
diff --git a/GNUmakefile b/GNUmakefile
index 0ea87c15..44920a45 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -550,7 +550,7 @@ TESTOBJS := $(TESTSRCS:.cpp=.o)
 LIBOBJS := $(filter-out $(TESTOBJS),$(OBJS))
 
 # List cryptlib.cpp first, then cpu.cpp, then integer.cpp to tame C++ static initialization problems.
-DLLSRCS := cryptlib.cpp cpu.cpp integer.cpp shacal2.cpp md5.cpp shark.cpp zinflate.cpp gf2n.cpp salsa.cpp xtr.cpp oaep.cpp poly1305.cpp polynomi.cpp rc2.cpp default.cpp wait.cpp wake.cpp twofish.cpp iterhash.cpp adler32.cpp elgamal.cpp marss.cpp blowfish.cpp ecp.cpp filters.cpp strciphr.cpp camellia.cpp ida.cpp zlib.cpp des.cpp crc.cpp algparam.cpp dessp.cpp tea.cpp eax.cpp network.cpp emsa2.cpp pkcspad.cpp squaretb.cpp idea.cpp authenc.cpp hmac.cpp zdeflate.cpp xtrcrypt.cpp queue.cpp mars.cpp rc5.cpp blake2.cpp hrtimer.cpp eprecomp.cpp hex.cpp dsa.cpp sha.cpp fips140.cpp gzip.cpp seal.cpp files.cpp base32.cpp vmac.cpp tigertab.cpp sharkbox.cpp safer.cpp randpool.cpp esign.cpp arc4.cpp osrng.cpp skipjack.cpp seed.cpp sha3.cpp sosemanuk.cpp bfinit.cpp rabin.cpp 3way.cpp rw.cpp rdrand.cpp rsa.cpp rdtables.cpp gost.cpp socketft.cpp tftables.cpp nbtheory.cpp panama.cpp modes.cpp rijndael.cpp casts.cpp chacha.cpp gfpcrypt.cpp poly1305.cpp dll.cpp ec2n.cpp blumshub.cpp algebra.cpp basecode.cpp base64.cpp cbcmac.cpp rc6.cpp dh2.cpp gf256.cpp mqueue.cpp misc.cpp pssr.cpp channels.cpp tiger.cpp cast.cpp rng.cpp square.cpp asn.cpp whrlpool.cpp md4.cpp dh.cpp ccm.cpp md2.cpp mqv.cpp gf2_32.cpp ttmac.cpp luc.cpp trdlocal.cpp pubkey.cpp gcm.cpp ripemd.cpp eccrypto.cpp serpent.cpp cmac.cpp
+DLLSRCS := cryptlib.cpp cpu.cpp integer.cpp shacal2.cpp md5.cpp shark.cpp zinflate.cpp gf2n.cpp salsa.cpp xtr.cpp oaep.cpp poly1305.cpp polynomi.cpp rc2.cpp default.cpp wait.cpp wake.cpp twofish.cpp iterhash.cpp adler32.cpp elgamal.cpp marss.cpp blowfish.cpp ecp.cpp filters.cpp strciphr.cpp camellia.cpp ida.cpp zlib.cpp des.cpp crc.cpp algparam.cpp dessp.cpp tea.cpp eax.cpp network.cpp emsa2.cpp pkcspad.cpp squaretb.cpp idea.cpp authenc.cpp kalyna.cpp threefish.cpp hmac.cpp zdeflate.cpp xtrcrypt.cpp queue.cpp mars.cpp rc5.cpp blake2.cpp hrtimer.cpp eprecomp.cpp hex.cpp dsa.cpp sha.cpp fips140.cpp gzip.cpp seal.cpp files.cpp base32.cpp vmac.cpp tigertab.cpp sharkbox.cpp safer.cpp randpool.cpp esign.cpp arc4.cpp osrng.cpp skipjack.cpp seed.cpp sha3.cpp sosemanuk.cpp bfinit.cpp rabin.cpp 3way.cpp rw.cpp rdrand.cpp rsa.cpp rdtables.cpp gost.cpp socketft.cpp tftables.cpp nbtheory.cpp panama.cpp modes.cpp rijndael.cpp casts.cpp chacha.cpp gfpcrypt.cpp poly1305.cpp dll.cpp ec2n.cpp blumshub.cpp algebra.cpp basecode.cpp base64.cpp cbcmac.cpp rc6.cpp dh2.cpp gf256.cpp mqueue.cpp misc.cpp pssr.cpp channels.cpp tiger.cpp cast.cpp rng.cpp square.cpp asn.cpp whrlpool.cpp md4.cpp dh.cpp ccm.cpp md2.cpp mqv.cpp gf2_32.cpp ttmac.cpp luc.cpp trdlocal.cpp pubkey.cpp gcm.cpp ripemd.cpp eccrypto.cpp serpent.cpp cmac.cpp
 DLLOBJS := $(DLLSRCS:.cpp=.export.o)
 
 # Import lib testing
diff --git a/cryptest.nmake b/cryptest.nmake
index 4d561200..b4fe0f2d 100644
--- a/cryptest.nmake
+++ b/cryptest.nmake
@@ -48,9 +48,9 @@
 # If you use 'make sources' from Linux makefile, then add 'winpipes.cpp'. Platform specific
 #  classes, like 'rdrand.cpp', should not be included. Add them under the X86 and X64 rules.
 
-LIB_SRCS = cryptlib.cpp cpu.cpp integer.cpp shacal2.cpp md5.cpp shark.cpp zinflate.cpp gf2n.cpp salsa.cpp xtr.cpp oaep.cpp rc2.cpp default.cpp wait.cpp wake.cpp twofish.cpp iterhash.cpp adler32.cpp algparam.cpp marss.cpp blowfish.cpp ecp.cpp strciphr.cpp aria.cpp camellia.cpp dh2.cpp ida.cpp zlib.cpp elgamal.cpp crc.cpp dessp.cpp tea.cpp eax.cpp network.cpp sha.cpp emsa2.cpp pkcspad.cpp squaretb.cpp idea.cpp authenc.cpp hmac.cpp xtrcrypt.cpp queue.cpp mars.cpp rc5.cpp md2.cpp hrtimer.cpp vmac.cpp eprecomp.cpp hex.cpp dsa.cpp fips140.cpp gzip.cpp seal.cpp blake2.cpp files.cpp base32.cpp sharkbox.cpp safer.cpp randpool.cpp sosemanuk.cpp arc4.cpp osrng.cpp skipjack.cpp seed.cpp sha3.cpp filters.cpp bfinit.cpp rabin.cpp 3way.cpp rw.cpp rdtables.cpp rsa.cpp tftables.cpp gost.cpp socketft.cpp nbtheory.cpp panama.cpp modes.cpp rijndael.cpp casts.cpp algebra.cpp esign.cpp gfpcrypt.cpp dll.cpp ec2n.cpp poly1305.cpp polynomi.cpp blumshub.cpp des.cpp basecode.cpp zdeflate.cpp base64.cpp rc6.cpp gf256.cpp mqueue.cpp misc.cpp pssr.cpp channels.cpp rng.cpp tiger.cpp cast.cpp square.cpp asn.cpp chacha.cpp whrlpool.cpp md4.cpp dh.cpp ccm.cpp mqv.cpp tigertab.cpp gf2_32.cpp cbcmac.cpp ttmac.cpp luc.cpp trdlocal.cpp pubkey.cpp gcm.cpp ripemd.cpp kalyna.cpp kalynatab.cpp keccak.cpp eccrypto.cpp serpent.cpp cmac.cpp winpipes.cpp
+LIB_SRCS = cryptlib.cpp cpu.cpp integer.cpp shacal2.cpp md5.cpp shark.cpp zinflate.cpp gf2n.cpp salsa.cpp xtr.cpp oaep.cpp rc2.cpp default.cpp wait.cpp wake.cpp twofish.cpp iterhash.cpp adler32.cpp algparam.cpp marss.cpp blowfish.cpp ecp.cpp strciphr.cpp aria.cpp camellia.cpp dh2.cpp ida.cpp zlib.cpp elgamal.cpp crc.cpp dessp.cpp tea.cpp eax.cpp network.cpp sha.cpp emsa2.cpp pkcspad.cpp squaretb.cpp idea.cpp authenc.cpp hmac.cpp xtrcrypt.cpp queue.cpp mars.cpp rc5.cpp md2.cpp hrtimer.cpp vmac.cpp eprecomp.cpp hex.cpp dsa.cpp fips140.cpp gzip.cpp seal.cpp blake2.cpp files.cpp base32.cpp sharkbox.cpp safer.cpp randpool.cpp sosemanuk.cpp arc4.cpp osrng.cpp skipjack.cpp seed.cpp sha3.cpp filters.cpp bfinit.cpp rabin.cpp 3way.cpp rw.cpp rdtables.cpp rsa.cpp tftables.cpp gost.cpp socketft.cpp nbtheory.cpp panama.cpp modes.cpp rijndael.cpp casts.cpp algebra.cpp esign.cpp gfpcrypt.cpp dll.cpp ec2n.cpp poly1305.cpp polynomi.cpp blumshub.cpp des.cpp basecode.cpp zdeflate.cpp base64.cpp rc6.cpp gf256.cpp mqueue.cpp misc.cpp pssr.cpp channels.cpp rng.cpp threefish.cpp tiger.cpp cast.cpp square.cpp asn.cpp chacha.cpp whrlpool.cpp md4.cpp dh.cpp ccm.cpp mqv.cpp tigertab.cpp gf2_32.cpp cbcmac.cpp ttmac.cpp luc.cpp trdlocal.cpp pubkey.cpp gcm.cpp ripemd.cpp kalyna.cpp kalynatab.cpp keccak.cpp eccrypto.cpp serpent.cpp cmac.cpp winpipes.cpp
 
-LIB_OBJS = cryptlib.obj cpu.obj integer.obj shacal2.obj md5.obj shark.obj zinflate.obj gf2n.obj salsa.obj xtr.obj oaep.obj rc2.obj default.obj wait.obj wake.obj twofish.obj iterhash.obj adler32.obj algparam.obj marss.obj blowfish.obj ecp.obj strciphr.obj aria.obj camellia.obj dh2.obj ida.obj zlib.obj elgamal.obj crc.obj dessp.obj tea.obj eax.obj network.obj sha.obj emsa2.obj pkcspad.obj squaretb.obj idea.obj authenc.obj hmac.obj xtrcrypt.obj queue.obj mars.obj rc5.obj md2.obj hrtimer.obj vmac.obj eprecomp.obj hex.obj dsa.obj fips140.obj gzip.obj seal.obj blake2.obj files.obj base32.obj sharkbox.obj safer.obj randpool.obj sosemanuk.obj arc4.obj osrng.obj skipjack.obj seed.obj sha3.obj filters.obj bfinit.obj rabin.obj 3way.obj rw.obj rdtables.obj rsa.obj tftables.obj gost.obj socketft.obj nbtheory.obj panama.obj modes.obj rijndael.obj casts.obj algebra.obj esign.obj gfpcrypt.obj dll.obj ec2n.obj poly1305.obj polynomi.obj blumshub.obj des.obj basecode.obj zdeflate.obj base64.obj rc6.obj gf256.obj mqueue.obj misc.obj pssr.obj channels.obj rng.obj tiger.obj cast.obj square.obj asn.obj chacha.obj whrlpool.obj md4.obj dh.obj ccm.obj mqv.obj tigertab.obj gf2_32.obj cbcmac.obj ttmac.obj luc.obj trdlocal.obj pubkey.obj gcm.obj ripemd.obj kalyna.obj kalynatab.obj keccak.obj eccrypto.obj serpent.obj cmac.obj winpipes.obj
+LIB_OBJS = cryptlib.obj cpu.obj integer.obj shacal2.obj md5.obj shark.obj zinflate.obj gf2n.obj salsa.obj xtr.obj oaep.obj rc2.obj default.obj wait.obj wake.obj twofish.obj iterhash.obj adler32.obj algparam.obj marss.obj blowfish.obj ecp.obj strciphr.obj aria.obj camellia.obj dh2.obj ida.obj zlib.obj elgamal.obj crc.obj dessp.obj tea.obj eax.obj network.obj sha.obj emsa2.obj pkcspad.obj squaretb.obj idea.obj authenc.obj hmac.obj xtrcrypt.obj queue.obj mars.obj rc5.obj md2.obj hrtimer.obj vmac.obj eprecomp.obj hex.obj dsa.obj fips140.obj gzip.obj seal.obj blake2.obj files.obj base32.obj sharkbox.obj safer.obj randpool.obj sosemanuk.obj arc4.obj osrng.obj skipjack.obj seed.obj sha3.obj filters.obj bfinit.obj rabin.obj 3way.obj rw.obj rdtables.obj rsa.obj tftables.obj gost.obj socketft.obj nbtheory.obj panama.obj modes.obj rijndael.obj casts.obj algebra.obj esign.obj gfpcrypt.obj dll.obj ec2n.obj poly1305.obj polynomi.obj blumshub.obj des.obj basecode.obj zdeflate.obj base64.obj rc6.obj gf256.obj mqueue.obj misc.obj pssr.obj channels.obj rng.obj threefish.obj tiger.obj cast.obj square.obj asn.obj chacha.obj whrlpool.obj md4.obj dh.obj ccm.obj mqv.obj tigertab.obj gf2_32.obj cbcmac.obj ttmac.obj luc.obj trdlocal.obj pubkey.obj gcm.obj ripemd.obj kalyna.obj kalynatab.obj keccak.obj eccrypto.obj serpent.obj cmac.obj winpipes.obj
 
 TEST_SRCS = bench1.cpp bench2.cpp test.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp datatest.cpp regtest1.cpp regtest2.cpp regtest3.cpp fipsalgt.cpp dlltest.cpp fipstest.cpp
 
diff --git a/cryptest.vcxproj b/cryptest.vcxproj
index c857b673..4e958f07 100644
--- a/cryptest.vcxproj
+++ b/cryptest.vcxproj
@@ -244,6 +244,7 @@
     <None Include="TestVectors\gcm.txt" />
     <None Include="TestVectors\hkdf.txt" />
     <None Include="TestVectors\hmac.txt" />
+    <None Include="TestVectors\kalyna.txt" />
     <None Include="TestVectors\mars.txt" />
     <None Include="TestVectors\nr.txt" />
     <None Include="TestVectors\panama.txt" />
@@ -262,6 +263,7 @@
     <None Include="TestVectors\siphash.txt" />
     <None Include="TestVectors\sosemanuk.txt" />
     <None Include="TestVectors\tea.txt" />
+    <None Include="TestVectors\threefish.txt" />
     <None Include="TestVectors\ttmac.txt" />
     <None Include="TestVectors\vmac.txt" />
     <None Include="TestVectors\wake.txt" />
diff --git a/cryptest.vcxproj.filters b/cryptest.vcxproj.filters
index 2d2177b0..32428a15 100644
--- a/cryptest.vcxproj.filters
+++ b/cryptest.vcxproj.filters
@@ -132,6 +132,9 @@
     <None Include="TestVectors\tea.txt">
       <Filter>TestVectors</Filter>
     </None>
+    <None Include="TestVectors\threefish.txt">
+      <Filter>TestVectors</Filter>
+    </None>
     <None Include="TestVectors\ttmac.txt">
       <Filter>TestVectors</Filter>
     </None>
diff --git a/cryptlib.vcxproj b/cryptlib.vcxproj
index 22d3e4d7..7dec57de 100644
--- a/cryptlib.vcxproj
+++ b/cryptlib.vcxproj
@@ -287,6 +287,7 @@
     <ClCompile Include="strciphr.cpp" />
     <ClCompile Include="tea.cpp" />
     <ClCompile Include="tftables.cpp" />
+    <ClCompile Include="threefish.cpp" />
     <ClCompile Include="tiger.cpp" />
     <ClCompile Include="tigertab.cpp" />
     <ClCompile Include="trdlocal.cpp" />
@@ -465,6 +466,7 @@
     <ClInclude Include="stdcpp.h" />
     <ClInclude Include="strciphr.h" />
     <ClInclude Include="tea.h" />
+    <ClInclude Include="threefish.h" />
     <ClInclude Include="tiger.h" />
     <ClInclude Include="trap.h" />
     <ClInclude Include="trdlocal.h" />
diff --git a/cryptlib.vcxproj.filters b/cryptlib.vcxproj.filters
index c423ab33..c826e491 100644
--- a/cryptlib.vcxproj.filters
+++ b/cryptlib.vcxproj.filters
@@ -359,6 +359,9 @@
     <ClCompile Include="tftables.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
+    <ClCompile Include="threefish.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
     <ClCompile Include="tiger.cpp">
       <Filter>Source Files</Filter>
     </ClCompile>
@@ -795,6 +798,9 @@
     <ClInclude Include="tea.h">
       <Filter>Header Files</Filter>
     </ClInclude>
+    <ClInclude Include="threefish.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
     <ClInclude Include="tiger.h">
       <Filter>Header Files</Filter>
     </ClInclude>
diff --git a/validat1.cpp b/validat1.cpp
index d8703731..1157d60e 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -162,6 +162,7 @@ bool ValidateAll(bool thorough)
 	pass=ValidateSalsa() && pass;
 	pass=ValidateSosemanuk() && pass;
 	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/seed.txt") && pass;
+	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/threefish.txt") && pass;
 	pass=RunTestDataFile(CRYPTOPP_DATA_DIR "TestVectors/kalyna.txt") && pass;
 	pass=ValidateVMAC() && pass;
 	pass=ValidateCCM() && pass;

From 54ca8b3a16c727f48a82398dbcd4113459d89f27 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 14 May 2017 15:30:59 -0400
Subject: [PATCH 162/200] Whitespace check-in

---
 threefish.cpp | 734 +++++++++++++++++++++++++-------------------------
 threefish.h   | 107 ++++----
 2 files changed, 419 insertions(+), 422 deletions(-)

diff --git a/threefish.cpp b/threefish.cpp
index ac48d64b..95160b1f 100644
--- a/threefish.cpp
+++ b/threefish.cpp
@@ -22,212 +22,212 @@ ANONYMOUS_NAMESPACE_BEGIN
 #endif
 
 #define G256(G0, G1, G2, G3, C0, C1) \
-	G0 += G1; \
-	G1 = rotatel64(G1, C0) ^ G0; \
-	G2 += G3; \
-	G3 = rotatel64(G3, C1) ^ G2;
+    G0 += G1; \
+    G1 = rotatel64(G1, C0) ^ G0; \
+    G2 += G3; \
+    G3 = rotatel64(G3, C1) ^ G2;
 
 #define IG256(G0, G1, G2, G3, C0, C1) \
-	G3 = rotater64(G3 ^ G2, C1); \
-	G2 -= G3; \
-	G1 = rotater64(G1 ^ G0, C0); \
-	G0 -= G1; \
+    G3 = rotater64(G3 ^ G2, C1); \
+    G2 -= G3; \
+    G1 = rotater64(G1 ^ G0, C0); \
+    G0 -= G1; \
 
 #define KS256(r) \
-	G0 += m_rkey[(r + 1) % 5]; \
-	G1 += m_rkey[(r + 2) % 5] + m_tweak[(r + 1) % 3]; \
-	G2 += m_rkey[(r + 3) % 5] + m_tweak[(r + 2) % 3]; \
-	G3 += m_rkey[(r + 4) % 5] + r + 1;
+    G0 += m_rkey[(r + 1) % 5]; \
+    G1 += m_rkey[(r + 2) % 5] + m_tweak[(r + 1) % 3]; \
+    G2 += m_rkey[(r + 3) % 5] + m_tweak[(r + 2) % 3]; \
+    G3 += m_rkey[(r + 4) % 5] + r + 1;
 
 #define IKS256(r) \
-	G0 -= m_rkey[(r + 1) % 5]; \
-	G1 -= (m_rkey[(r + 2) % 5] + m_tweak[(r + 1) % 3]); \
-	G2 -= (m_rkey[(r + 3) % 5] + m_tweak[(r + 2) % 3]); \
-	G3 -= (m_rkey[(r + 4) % 5] + r + 1);
+    G0 -= m_rkey[(r + 1) % 5]; \
+    G1 -= (m_rkey[(r + 2) % 5] + m_tweak[(r + 1) % 3]); \
+    G2 -= (m_rkey[(r + 3) % 5] + m_tweak[(r + 2) % 3]); \
+    G3 -= (m_rkey[(r + 4) % 5] + r + 1);
 
 #define G8256(r) \
-	G256(G0, G1, G2, G3, 14, 16); \
-	G256(G0, G3, G2, G1, 52, 57); \
-	G256(G0, G1, G2, G3, 23, 40); \
-	G256(G0, G3, G2, G1, 5, 37); \
-	KS256(r); \
-	G256(G0, G1, G2, G3, 25, 33); \
-	G256(G0, G3, G2, G1, 46, 12); \
-	G256(G0, G1, G2, G3, 58, 22); \
-	G256(G0, G3, G2, G1, 32, 32); \
-	KS256(r + 1);
+    G256(G0, G1, G2, G3, 14, 16); \
+    G256(G0, G3, G2, G1, 52, 57); \
+    G256(G0, G1, G2, G3, 23, 40); \
+    G256(G0, G3, G2, G1, 5, 37); \
+    KS256(r); \
+    G256(G0, G1, G2, G3, 25, 33); \
+    G256(G0, G3, G2, G1, 46, 12); \
+    G256(G0, G1, G2, G3, 58, 22); \
+    G256(G0, G3, G2, G1, 32, 32); \
+    KS256(r + 1);
 
 #define IG8256(r) \
-	IG256(G0, G3, G2, G1, 32, 32); \
-	IG256(G0, G1, G2, G3, 58, 22); \
-	IG256(G0, G3, G2, G1, 46, 12); \
-	IG256(G0, G1, G2, G3, 25, 33); \
-	IKS256(r); \
-	IG256(G0, G3, G2, G1, 5, 37); \
-	IG256(G0, G1, G2, G3, 23, 40); \
-	IG256(G0, G3, G2, G1, 52, 57); \
-	IG256(G0, G1, G2, G3, 14, 16); \
-	IKS256(r - 1);
+    IG256(G0, G3, G2, G1, 32, 32); \
+    IG256(G0, G1, G2, G3, 58, 22); \
+    IG256(G0, G3, G2, G1, 46, 12); \
+    IG256(G0, G1, G2, G3, 25, 33); \
+    IKS256(r); \
+    IG256(G0, G3, G2, G1, 5, 37); \
+    IG256(G0, G1, G2, G3, 23, 40); \
+    IG256(G0, G3, G2, G1, 52, 57); \
+    IG256(G0, G1, G2, G3, 14, 16); \
+    IKS256(r - 1);
 
 #define IG512(G0, G1, G2, G3, G4, G5, G6, G7, C0, C1, C2, C3) \
-	G7 = rotater64(G7 ^ G6, C3); \
-	G6 -= G7; \
-	G5 = rotater64(G5 ^ G4, C2); \
-	G4 -= G5; \
-	G3 = rotater64(G3 ^ G2, C1); \
-	G2 -= G3; \
-	G1 = rotater64(G1 ^ G0, C0); \
-	G0 -= G1;
+    G7 = rotater64(G7 ^ G6, C3); \
+    G6 -= G7; \
+    G5 = rotater64(G5 ^ G4, C2); \
+    G4 -= G5; \
+    G3 = rotater64(G3 ^ G2, C1); \
+    G2 -= G3; \
+    G1 = rotater64(G1 ^ G0, C0); \
+    G0 -= G1;
 
 #define G512(G0, G1, G2, G3, G4, G5, G6, G7, C0, C1, C2, C3) \
-	G0 += G1; \
-	G1 = rotatel64(G1, C0) ^ G0; \
-	G2 += G3; \
-	G3 = rotatel64(G3, C1) ^ G2; \
-	G4 += G5; \
-	G5 = rotatel64(G5, C2) ^ G4; \
-	G6 += G7; \
-	G7 = rotatel64(G7, C3) ^ G6;
+    G0 += G1; \
+    G1 = rotatel64(G1, C0) ^ G0; \
+    G2 += G3; \
+    G3 = rotatel64(G3, C1) ^ G2; \
+    G4 += G5; \
+    G5 = rotatel64(G5, C2) ^ G4; \
+    G6 += G7; \
+    G7 = rotatel64(G7, C3) ^ G6;
 
 #define IKS512(r) \
-	G0 -= m_rkey[(r + 1) % 9]; \
-	G1 -= m_rkey[(r + 2) % 9]; \
-	G2 -= m_rkey[(r + 3) % 9]; \
-	G3 -= m_rkey[(r + 4) % 9]; \
-	G4 -= m_rkey[(r + 5) % 9]; \
-	G5 -= (m_rkey[(r + 6) % 9] + m_tweak[(r + 1) % 3]); \
-	G6 -= (m_rkey[(r + 7) % 9] + m_tweak[(r + 2) % 3]); \
-	G7 -= (m_rkey[(r + 8) % 9] + r + 1);
+    G0 -= m_rkey[(r + 1) % 9]; \
+    G1 -= m_rkey[(r + 2) % 9]; \
+    G2 -= m_rkey[(r + 3) % 9]; \
+    G3 -= m_rkey[(r + 4) % 9]; \
+    G4 -= m_rkey[(r + 5) % 9]; \
+    G5 -= (m_rkey[(r + 6) % 9] + m_tweak[(r + 1) % 3]); \
+    G6 -= (m_rkey[(r + 7) % 9] + m_tweak[(r + 2) % 3]); \
+    G7 -= (m_rkey[(r + 8) % 9] + r + 1);
 
 #define KS512(r) \
-	G0 += m_rkey[(r + 1) % 9]; \
-	G1 += m_rkey[(r + 2) % 9]; \
-	G2 += m_rkey[(r + 3) % 9]; \
-	G3 += m_rkey[(r + 4) % 9]; \
-	G4 += m_rkey[(r + 5) % 9]; \
-	G5 += m_rkey[(r + 6) % 9] + m_tweak[(r + 1) % 3]; \
-	G6 += m_rkey[(r + 7) % 9] + m_tweak[(r + 2) % 3]; \
-	G7 += m_rkey[(r + 8) % 9] + r + 1;
+    G0 += m_rkey[(r + 1) % 9]; \
+    G1 += m_rkey[(r + 2) % 9]; \
+    G2 += m_rkey[(r + 3) % 9]; \
+    G3 += m_rkey[(r + 4) % 9]; \
+    G4 += m_rkey[(r + 5) % 9]; \
+    G5 += m_rkey[(r + 6) % 9] + m_tweak[(r + 1) % 3]; \
+    G6 += m_rkey[(r + 7) % 9] + m_tweak[(r + 2) % 3]; \
+    G7 += m_rkey[(r + 8) % 9] + r + 1;
 
 #define IG8512(r) \
-	IG512(G6, G1, G0, G7, G2, G5, G4, G3, 8, 35, 56, 22); \
-	IG512(G4, G1, G6, G3, G0, G5, G2, G7, 25, 29, 39, 43); \
-	IG512(G2, G1, G4, G7, G6, G5, G0, G3, 13, 50, 10, 17); \
+    IG512(G6, G1, G0, G7, G2, G5, G4, G3, 8, 35, 56, 22); \
+    IG512(G4, G1, G6, G3, G0, G5, G2, G7, 25, 29, 39, 43); \
+    IG512(G2, G1, G4, G7, G6, G5, G0, G3, 13, 50, 10, 17); \
     IG512(G0, G1, G2, G3, G4, G5, G6, G7, 39, 30, 34, 24); \
-	IKS512(r) \
-	IG512(G6, G1, G0, G7, G2, G5, G4, G3, 44, 9, 54, 56); \
-	IG512(G4, G1, G6, G3, G0, G5, G2, G7, 17, 49, 36, 39); \
-	IG512(G2, G1, G4, G7, G6, G5, G0, G3, 33, 27, 14, 42); \
-	IG512(G0, G1, G2, G3, G4, G5, G6, G7, 46, 36, 19, 37); \
-	IKS512(r - 1)
+    IKS512(r) \
+    IG512(G6, G1, G0, G7, G2, G5, G4, G3, 44, 9, 54, 56); \
+    IG512(G4, G1, G6, G3, G0, G5, G2, G7, 17, 49, 36, 39); \
+    IG512(G2, G1, G4, G7, G6, G5, G0, G3, 33, 27, 14, 42); \
+    IG512(G0, G1, G2, G3, G4, G5, G6, G7, 46, 36, 19, 37); \
+    IKS512(r - 1)
 
 #define G8512(r) \
-	G512(G0, G1, G2, G3, G4, G5, G6, G7, 46, 36, 19, 37); \
-	G512(G2, G1, G4, G7, G6, G5, G0, G3, 33, 27, 14, 42); \
-	G512(G4, G1, G6, G3, G0, G5, G2, G7, 17, 49, 36, 39); \
-	G512(G6, G1, G0, G7, G2, G5, G4, G3, 44, 9, 54, 56); \
-	KS512(r) \
+    G512(G0, G1, G2, G3, G4, G5, G6, G7, 46, 36, 19, 37); \
+    G512(G2, G1, G4, G7, G6, G5, G0, G3, 33, 27, 14, 42); \
+    G512(G4, G1, G6, G3, G0, G5, G2, G7, 17, 49, 36, 39); \
+    G512(G6, G1, G0, G7, G2, G5, G4, G3, 44, 9, 54, 56); \
+    KS512(r) \
     G512(G0, G1, G2, G3, G4, G5, G6, G7, 39, 30, 34, 24); \
-	G512(G2, G1, G4, G7, G6, G5, G0, G3, 13, 50, 10, 17); \
-	G512(G4, G1, G6, G3, G0, G5, G2, G7, 25, 29, 39, 43); \
-	G512(G6, G1, G0, G7, G2, G5, G4, G3, 8, 35, 56, 22); \
-	KS512(r + 1)
+    G512(G2, G1, G4, G7, G6, G5, G0, G3, 13, 50, 10, 17); \
+    G512(G4, G1, G6, G3, G0, G5, G2, G7, 25, 29, 39, 43); \
+    G512(G6, G1, G0, G7, G2, G5, G4, G3, 8, 35, 56, 22); \
+    KS512(r + 1)
 
 #define IG1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, C1, C2, C3, C4, C5, C6, C7, C8) \
-	G15 = rotater64(G15 ^ G14, C8); \
-	G14 -= G15; \
-	G13 = rotater64(G13 ^ G12, C7); \
-	G12 -= G13; \
-	G11 = rotater64(G11 ^ G10, C6); \
-	G10 -= G11; \
-	G9 = rotater64(G9 ^ G8, C5); \
-	G8 -= G9; \
-	G7 = rotater64(G7 ^ G6, C4); \
-	G6 -= G7; \
-	G5 = rotater64(G5 ^ G4, C3); \
-	G4 -= G5; \
-	G3 = rotater64(G3 ^ G2, C2); \
-	G2 -= G3; \
-	G1 = rotater64(G1 ^ G0, C1); \
-	G0 -= G1;
+    G15 = rotater64(G15 ^ G14, C8); \
+    G14 -= G15; \
+    G13 = rotater64(G13 ^ G12, C7); \
+    G12 -= G13; \
+    G11 = rotater64(G11 ^ G10, C6); \
+    G10 -= G11; \
+    G9 = rotater64(G9 ^ G8, C5); \
+    G8 -= G9; \
+    G7 = rotater64(G7 ^ G6, C4); \
+    G6 -= G7; \
+    G5 = rotater64(G5 ^ G4, C3); \
+    G4 -= G5; \
+    G3 = rotater64(G3 ^ G2, C2); \
+    G2 -= G3; \
+    G1 = rotater64(G1 ^ G0, C1); \
+    G0 -= G1;
 
 #define G1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, C1, C2, C3, C4, C5, C6, C7, C8) \
-	G0 += G1; \
-	G1 = rotatel64(G1, C1) ^ G0; \
-	G2 += G3; \
-	G3 = rotatel64(G3, C2) ^ G2; \
-	G4 += G5; \
-	G5 = rotatel64(G5, C3) ^ G4; \
-	G6 += G7; \
-	G7 = rotatel64(G7, C4) ^ G6; \
-	G8 += G9; \
-	G9 = rotatel64(G9, C5) ^ G8; \
-	G10 += G11; \
-	G11 = rotatel64(G11, C6) ^ G10; \
-	G12 += G13; \
-	G13 = rotatel64(G13, C7) ^ G12; \
-	G14 += G15; \
-	G15 = rotatel64(G15, C8) ^ G14;
+    G0 += G1; \
+    G1 = rotatel64(G1, C1) ^ G0; \
+    G2 += G3; \
+    G3 = rotatel64(G3, C2) ^ G2; \
+    G4 += G5; \
+    G5 = rotatel64(G5, C3) ^ G4; \
+    G6 += G7; \
+    G7 = rotatel64(G7, C4) ^ G6; \
+    G8 += G9; \
+    G9 = rotatel64(G9, C5) ^ G8; \
+    G10 += G11; \
+    G11 = rotatel64(G11, C6) ^ G10; \
+    G12 += G13; \
+    G13 = rotatel64(G13, C7) ^ G12; \
+    G14 += G15; \
+    G15 = rotatel64(G15, C8) ^ G14;
 
 #define IKS1024(r) \
-	G0 -= m_rkey[(r + 1) % 17]; \
-	G1 -= m_rkey[(r + 2) % 17]; \
-	G2 -= m_rkey[(r + 3) % 17]; \
-	G3 -= m_rkey[(r + 4) % 17]; \
-	G4 -= m_rkey[(r + 5) % 17]; \
-	G5 -= m_rkey[(r + 6) % 17]; \
-	G6 -= m_rkey[(r + 7) % 17]; \
-	G7 -= m_rkey[(r + 8) % 17]; \
-	G8 -= m_rkey[(r + 9) % 17]; \
-	G9 -= m_rkey[(r + 10) % 17]; \
-	G10 -= m_rkey[(r + 11) % 17]; \
-	G11 -= m_rkey[(r + 12) % 17]; \
-	G12 -= m_rkey[(r + 13) % 17]; \
-	G13 -= (m_rkey[(r + 14) % 17] + m_tweak[(r + 1) % 3]); \
-	G14 -= (m_rkey[(r + 15) % 17] + m_tweak[(r + 2) % 3]); \
-	G15 -= (m_rkey[(r + 16) % 17] + r + 1);
+    G0 -= m_rkey[(r + 1) % 17]; \
+    G1 -= m_rkey[(r + 2) % 17]; \
+    G2 -= m_rkey[(r + 3) % 17]; \
+    G3 -= m_rkey[(r + 4) % 17]; \
+    G4 -= m_rkey[(r + 5) % 17]; \
+    G5 -= m_rkey[(r + 6) % 17]; \
+    G6 -= m_rkey[(r + 7) % 17]; \
+    G7 -= m_rkey[(r + 8) % 17]; \
+    G8 -= m_rkey[(r + 9) % 17]; \
+    G9 -= m_rkey[(r + 10) % 17]; \
+    G10 -= m_rkey[(r + 11) % 17]; \
+    G11 -= m_rkey[(r + 12) % 17]; \
+    G12 -= m_rkey[(r + 13) % 17]; \
+    G13 -= (m_rkey[(r + 14) % 17] + m_tweak[(r + 1) % 3]); \
+    G14 -= (m_rkey[(r + 15) % 17] + m_tweak[(r + 2) % 3]); \
+    G15 -= (m_rkey[(r + 16) % 17] + r + 1);
 
 #define KS1024(r) \
-	G0 += m_rkey[(r + 1) % 17]; \
-	G1 += m_rkey[(r + 2) % 17]; \
-	G2 += m_rkey[(r + 3) % 17]; \
-	G3 += m_rkey[(r + 4) % 17]; \
-	G4 += m_rkey[(r + 5) % 17]; \
-	G5 += m_rkey[(r + 6) % 17]; \
-	G6 += m_rkey[(r + 7) % 17]; \
-	G7 += m_rkey[(r + 8) % 17]; \
-	G8 += m_rkey[(r + 9) % 17]; \
-	G9 += m_rkey[(r + 10) % 17]; \
-	G10 += m_rkey[(r + 11) % 17]; \
-	G11 += m_rkey[(r + 12) % 17]; \
-	G12 += m_rkey[(r + 13) % 17]; \
-	G13 += m_rkey[(r + 14) % 17] + m_tweak[(r + 1) % 3]; \
-	G14 += m_rkey[(r + 15) % 17] + m_tweak[(r + 2) % 3]; \
-	G15 += m_rkey[(r + 16) % 17] + r + 1;
+    G0 += m_rkey[(r + 1) % 17]; \
+    G1 += m_rkey[(r + 2) % 17]; \
+    G2 += m_rkey[(r + 3) % 17]; \
+    G3 += m_rkey[(r + 4) % 17]; \
+    G4 += m_rkey[(r + 5) % 17]; \
+    G5 += m_rkey[(r + 6) % 17]; \
+    G6 += m_rkey[(r + 7) % 17]; \
+    G7 += m_rkey[(r + 8) % 17]; \
+    G8 += m_rkey[(r + 9) % 17]; \
+    G9 += m_rkey[(r + 10) % 17]; \
+    G10 += m_rkey[(r + 11) % 17]; \
+    G11 += m_rkey[(r + 12) % 17]; \
+    G12 += m_rkey[(r + 13) % 17]; \
+    G13 += m_rkey[(r + 14) % 17] + m_tweak[(r + 1) % 3]; \
+    G14 += m_rkey[(r + 15) % 17] + m_tweak[(r + 2) % 3]; \
+    G15 += m_rkey[(r + 16) % 17] + r + 1;
 
 #define IG81024(r) \
-	IG1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 9, 48, 35, 52, 23, 31, 37, 20); \
-	IG1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 31, 44, 47, 46, 19, 42, 44, 25); \
-	IG1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 16, 34, 56, 51, 4, 53, 42, 41); \
-	IG1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 41, 9, 37, 31, 12, 47, 44, 30); \
-	IKS1024(r); \
-	IG1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 5, 20, 48, 41, 47, 28, 16, 25); \
-	IG1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 33, 4, 51, 13, 34, 41, 59, 17); \
-	IG1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 38, 19, 10, 55, 49, 18, 23, 52); \
-	IG1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 24, 13, 8, 47, 8, 17, 22, 37); \
-	IKS1024(r - 1);
+    IG1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 9, 48, 35, 52, 23, 31, 37, 20); \
+    IG1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 31, 44, 47, 46, 19, 42, 44, 25); \
+    IG1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 16, 34, 56, 51, 4, 53, 42, 41); \
+    IG1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 41, 9, 37, 31, 12, 47, 44, 30); \
+    IKS1024(r); \
+    IG1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 5, 20, 48, 41, 47, 28, 16, 25); \
+    IG1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 33, 4, 51, 13, 34, 41, 59, 17); \
+    IG1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 38, 19, 10, 55, 49, 18, 23, 52); \
+    IG1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 24, 13, 8, 47, 8, 17, 22, 37); \
+    IKS1024(r - 1);
 
 #define G81024(r) \
-	G1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 24, 13, 8, 47, 8, 17, 22, 37); \
-	G1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 38, 19, 10, 55, 49, 18, 23, 52); \
-	G1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 33, 4, 51, 13, 34, 41, 59, 17); \
-	G1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 5, 20, 48, 41, 47, 28, 16, 25); \
-	KS1024(r); \
-	G1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 41, 9, 37, 31, 12, 47, 44, 30); \
-	G1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 16, 34, 56, 51, 4, 53, 42, 41); \
-	G1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 31, 44, 47, 46, 19, 42, 44, 25); \
-	G1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 9, 48, 35, 52, 23, 31, 37, 20); \
-	KS1024(r + 1);
+    G1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 24, 13, 8, 47, 8, 17, 22, 37); \
+    G1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 38, 19, 10, 55, 49, 18, 23, 52); \
+    G1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 33, 4, 51, 13, 34, 41, 59, 17); \
+    G1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 5, 20, 48, 41, 47, 28, 16, 25); \
+    KS1024(r); \
+    G1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 41, 9, 37, 31, 12, 47, 44, 30); \
+    G1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 16, 34, 56, 51, 4, 53, 42, 41); \
+    G1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 31, 44, 47, 46, 19, 42, 44, 25); \
+    G1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 9, 48, 35, 52, 23, 31, 37, 20); \
+    KS1024(r + 1);
 
 ANONYMOUS_NAMESPACE_END
 
@@ -241,255 +241,255 @@ void Threefish::Base::UncheckedSetKey(const byte *key, unsigned int keylen, cons
     switch (keylen)
     {
     case 32:  // 256
-		m_rkey.New(5);
-		m_wspace.New(4);
+        m_rkey.New(5);
+        m_wspace.New(4);
         m_blocksize = 32;
 
-		GetUserKey(LITTLE_ENDIAN_ORDER, m_rkey.begin(), 4, key, 32);
-		m_rkey[4] = W64LIT(0x1BD11BDAA9FC1A22) ^ m_rkey[0] ^ m_rkey[1] ^ m_rkey[2] ^ m_rkey[3];
+        GetUserKey(LITTLE_ENDIAN_ORDER, m_rkey.begin(), 4, key, 32);
+        m_rkey[4] = W64LIT(0x1BD11BDAA9FC1A22) ^ m_rkey[0] ^ m_rkey[1] ^ m_rkey[2] ^ m_rkey[3];
         break;
     case 64:  // 512
-		m_rkey.New(9);
-		m_wspace.New(8);
+        m_rkey.New(9);
+        m_wspace.New(8);
         m_blocksize = 64;
 
-		GetUserKey(LITTLE_ENDIAN_ORDER, m_rkey.begin(), 8, key, 64);
-		m_rkey[8] = W64LIT(0x1BD11BDAA9FC1A22) ^ m_rkey[0] ^ m_rkey[1] ^ m_rkey[2] ^ m_rkey[3] ^ m_rkey[4] ^
-			m_rkey[5] ^ m_rkey[6] ^ m_rkey[7];
+        GetUserKey(LITTLE_ENDIAN_ORDER, m_rkey.begin(), 8, key, 64);
+        m_rkey[8] = W64LIT(0x1BD11BDAA9FC1A22) ^ m_rkey[0] ^ m_rkey[1] ^ m_rkey[2] ^ m_rkey[3] ^ m_rkey[4] ^
+            m_rkey[5] ^ m_rkey[6] ^ m_rkey[7];
         break;
     case 128:  // 128
-		m_rkey.New(17);
-		m_wspace.New(16);
+        m_rkey.New(17);
+        m_wspace.New(16);
         m_blocksize = 128;
 
-		GetUserKey(LITTLE_ENDIAN_ORDER, m_rkey.begin(), 16, key, 128);
-		m_rkey[16] = W64LIT(0x1BD11BDAA9FC1A22) ^ m_rkey[0] ^ m_rkey[1] ^ m_rkey[2] ^ m_rkey[3] ^ m_rkey[4] ^
-			m_rkey[5] ^ m_rkey[6] ^ m_rkey[7] ^ m_rkey[8] ^ m_rkey[9] ^ m_rkey[10] ^ m_rkey[11] ^ m_rkey[12] ^
-			m_rkey[13] ^ m_rkey[14] ^ m_rkey[15];
+        GetUserKey(LITTLE_ENDIAN_ORDER, m_rkey.begin(), 16, key, 128);
+        m_rkey[16] = W64LIT(0x1BD11BDAA9FC1A22) ^ m_rkey[0] ^ m_rkey[1] ^ m_rkey[2] ^ m_rkey[3] ^ m_rkey[4] ^
+            m_rkey[5] ^ m_rkey[6] ^ m_rkey[7] ^ m_rkey[8] ^ m_rkey[9] ^ m_rkey[10] ^ m_rkey[11] ^ m_rkey[12] ^
+            m_rkey[13] ^ m_rkey[14] ^ m_rkey[15];
         break;
     default:
         CRYPTOPP_ASSERT(0);
     }
 
-	m_tweak.New(3);
-	ConstByteArrayParameter t;
-	if (params.GetValue(Name::Tweak(), t))
-	{
-		CRYPTOPP_ASSERT(t.size() == 16);
-		::memcpy(m_tweak.begin(), t.begin(), 16);
-		m_tweak[2] = m_tweak[0] + m_tweak[1];
-	}
-	else
-	{
-		::memset(m_tweak.begin(), 0x00, 24);
-	}
+    m_tweak.New(3);
+    ConstByteArrayParameter t;
+    if (params.GetValue(Name::Tweak(), t))
+    {
+        CRYPTOPP_ASSERT(t.size() == 16);
+        ::memcpy(m_tweak.begin(), t.begin(), 16);
+        m_tweak[2] = m_tweak[0] + m_tweak[1];
+    }
+    else
+    {
+        ::memset(m_tweak.begin(), 0x00, 24);
+    }
 }
 
 void Threefish::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
-	switch(m_blocksize)
-	{
-	case 32:
-		ProcessAndXorBlock_256(inBlock, xorBlock, outBlock);
-		break;
-	case 64:
-		ProcessAndXorBlock_512(inBlock, xorBlock, outBlock);
-		break;
-	case 128:
-		ProcessAndXorBlock_1024(inBlock, xorBlock, outBlock);
-		break;
-	default:
-		CRYPTOPP_ASSERT(0);
-	}
+    switch(m_blocksize)
+    {
+    case 32:
+        ProcessAndXorBlock_256(inBlock, xorBlock, outBlock);
+        break;
+    case 64:
+        ProcessAndXorBlock_512(inBlock, xorBlock, outBlock);
+        break;
+    case 128:
+        ProcessAndXorBlock_1024(inBlock, xorBlock, outBlock);
+        break;
+    default:
+        CRYPTOPP_ASSERT(0);
+    }
 }
 
 void Threefish::Base::ProcessAndXorBlock_256(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
-	word64 &G0=m_wspace[0], &G1=m_wspace[1], &G2=m_wspace[2], &G3=m_wspace[3];
+    word64 &G0=m_wspace[0], &G1=m_wspace[1], &G2=m_wspace[2], &G3=m_wspace[3];
 
-	// Reverse bytes on BigEndian; Align pointer on LittleEndian
-	typedef GetBlock<word64, LittleEndian, false> InBlock;
-	InBlock iblk(inBlock);
-	iblk(G0)(G1)(G2)(G3);
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(G0)(G1)(G2)(G3);
 
-	if (IsForwardTransformation())
-	{
-		G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
-		G1 += m_tweak[0]; G2 += m_tweak[1];
+    if (IsForwardTransformation())
+    {
+        G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
+        G1 += m_tweak[0]; G2 += m_tweak[1];
 
-		G8256(0); G8256(2); G8256(4); G8256(6); G8256(8);
-		G8256(10); G8256(12); G8256(14); G8256(16);
-	}
-	else
-	{
-		G0 -= m_rkey[3]; G1 -= m_rkey[4]; G2 -= m_rkey[0]; G3 -= m_rkey[1];
-		G1 -= m_tweak[0]; G2 -= m_tweak[1]; G3 -= 18;
+        G8256(0); G8256(2); G8256(4); G8256(6); G8256(8);
+        G8256(10); G8256(12); G8256(14); G8256(16);
+    }
+    else
+    {
+        G0 -= m_rkey[3]; G1 -= m_rkey[4]; G2 -= m_rkey[0]; G3 -= m_rkey[1];
+        G1 -= m_tweak[0]; G2 -= m_tweak[1]; G3 -= 18;
 
-		IG8256(16); IG8256(14); IG8256(12); IG8256(10);
-		IG8256(8); IG8256(6); IG8256(4); IG8256(2); IG8256(0);
-	}
+        IG8256(16); IG8256(14); IG8256(12); IG8256(10);
+        IG8256(8); IG8256(6); IG8256(4); IG8256(2); IG8256(0);
+    }
 
-	// Reverse bytes on BigEndian; Align pointer on LittleEndian
-	typedef PutBlock<word64, LittleEndian, false> OutBlock;
-	OutBlock oblk(xorBlock, outBlock);
-	oblk(G0)(G1)(G2)(G3);
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(G0)(G1)(G2)(G3);
 }
 
 void Threefish::Base::ProcessAndXorBlock_512(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
-	word64 &G0=m_wspace[0],   &G1=m_wspace[1],   &G2=m_wspace[2],   &G3=m_wspace[3];
-	word64 &G4=m_wspace[4],   &G5=m_wspace[5],   &G6=m_wspace[6],   &G7=m_wspace[7];
+    word64 &G0=m_wspace[0],   &G1=m_wspace[1],   &G2=m_wspace[2],   &G3=m_wspace[3];
+    word64 &G4=m_wspace[4],   &G5=m_wspace[5],   &G6=m_wspace[6],   &G7=m_wspace[7];
 
-	// Reverse bytes on BigEndian; Align pointer on LittleEndian
-	typedef GetBlock<word64, LittleEndian, false> InBlock;
-	InBlock iblk(inBlock);
-	iblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7);
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7);
 
-	if (IsForwardTransformation())
-	{
+    if (IsForwardTransformation())
+    {
 #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && 0
-		const bool s_sse2 = HasSSE2();
-		if (s_sse2)
-		{
-			const word64 *ky = m_rkey.begin(), *tw = m_tweak.begin();
-			word64 *ws = m_wspace.begin();
+        const bool s_sse2 = HasSSE2();
+        if (s_sse2)
+        {
+            const word64 *ky = m_rkey.begin(), *tw = m_tweak.begin();
+            word64 *ws = m_wspace.begin();
 
-			// 15 SSE instructions
-			_mm_store_si128((__m128i*)ws,
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)ws),
-					_mm_load_si128((const __m128i*)ky)));
-			_mm_store_si128((__m128i*)(ws+2),
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)(ws+2)),
-					_mm_load_si128((const __m128i*)(ky+2))));
-			_mm_store_si128((__m128i*)(ws+4),
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)(ws+4)),
-					_mm_load_si128((const __m128i*)(ky+4))));
-			_mm_store_si128((__m128i*)(ws+6),
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)(ws+6)),
-					_mm_load_si128((const __m128i*)(ky+6))));
-			_mm_storeu_si128((__m128i*)(ws+5),
-				_mm_add_epi64(
-					_mm_loadu_si128((const __m128i*)(ws+5)),
-					_mm_load_si128((const __m128i*)(tw))));
-		}
+            // 15 SSE instructions
+            _mm_store_si128((__m128i*)ws,
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)ws),
+                    _mm_load_si128((const __m128i*)ky)));
+            _mm_store_si128((__m128i*)(ws+2),
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)(ws+2)),
+                    _mm_load_si128((const __m128i*)(ky+2))));
+            _mm_store_si128((__m128i*)(ws+4),
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)(ws+4)),
+                    _mm_load_si128((const __m128i*)(ky+4))));
+            _mm_store_si128((__m128i*)(ws+6),
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)(ws+6)),
+                    _mm_load_si128((const __m128i*)(ky+6))));
+            _mm_storeu_si128((__m128i*)(ws+5),
+                _mm_add_epi64(
+                    _mm_loadu_si128((const __m128i*)(ws+5)),
+                    _mm_load_si128((const __m128i*)(tw))));
+        }
 #endif
-		{
-			// 34 integer instructions total
-			G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
-			G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
-			G5 += m_tweak[0]; G6 += m_tweak[1];
-		}
+        {
+            // 34 integer instructions total
+            G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
+            G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
+            G5 += m_tweak[0]; G6 += m_tweak[1];
+        }
 
-		G8512(0); G8512(2); G8512(4); G8512(6); G8512(8);
-		G8512(10); G8512(12); G8512(14); G8512(16);
-	}
-	else
-	{
-		G0 -= m_rkey[0]; G1 -= m_rkey[1]; G2 -= m_rkey[2]; G3 -= m_rkey[3];
-		G4 -= m_rkey[4]; G5 -= m_rkey[5]; G6 -= m_rkey[6]; G7 -= m_rkey[7];
-		G5 -= m_tweak[0]; G6 -= m_tweak[1];	G7 -= 18;
+        G8512(0); G8512(2); G8512(4); G8512(6); G8512(8);
+        G8512(10); G8512(12); G8512(14); G8512(16);
+    }
+    else
+    {
+        G0 -= m_rkey[0]; G1 -= m_rkey[1]; G2 -= m_rkey[2]; G3 -= m_rkey[3];
+        G4 -= m_rkey[4]; G5 -= m_rkey[5]; G6 -= m_rkey[6]; G7 -= m_rkey[7];
+        G5 -= m_tweak[0]; G6 -= m_tweak[1];    G7 -= 18;
 
-		IG8512(16); IG8512(14); IG8512(12); IG8512(10);
-		IG8512(8); IG8512(6); IG8512(4); IG8512(2);	IG8512(0);
-	}
+        IG8512(16); IG8512(14); IG8512(12); IG8512(10);
+        IG8512(8); IG8512(6); IG8512(4); IG8512(2); IG8512(0);
+    }
 
-	// Reverse bytes on BigEndian; Align pointer on LittleEndian
-	typedef PutBlock<word64, LittleEndian, false> OutBlock;
-	OutBlock oblk(xorBlock, outBlock);
-	oblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7);
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7);
 }
 
 void Threefish::Base::ProcessAndXorBlock_1024(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
-	word64  &G0=m_wspace[0],   &G1=m_wspace[1],   &G2=m_wspace[2],   &G3=m_wspace[3];
-	word64  &G4=m_wspace[4],   &G5=m_wspace[5],   &G6=m_wspace[6],   &G7=m_wspace[7];
-	word64  &G8=m_wspace[8],   &G9=m_wspace[9],  &G10=m_wspace[10], &G11=m_wspace[11];
-	word64 &G12=m_wspace[12], &G13=m_wspace[13], &G14=m_wspace[14], &G15=m_wspace[15];
+    word64  &G0=m_wspace[0],   &G1=m_wspace[1],   &G2=m_wspace[2],   &G3=m_wspace[3];
+    word64  &G4=m_wspace[4],   &G5=m_wspace[5],   &G6=m_wspace[6],   &G7=m_wspace[7];
+    word64  &G8=m_wspace[8],   &G9=m_wspace[9],  &G10=m_wspace[10], &G11=m_wspace[11];
+    word64 &G12=m_wspace[12], &G13=m_wspace[13], &G14=m_wspace[14], &G15=m_wspace[15];
 
-	// Reverse bytes on BigEndian; Align pointer on LittleEndian
-	typedef GetBlock<word64, LittleEndian, false> InBlock;
-	InBlock iblk(inBlock);
-	iblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7)(G8)(G9)(G10)(G11)(G12)(G13)(G14)(G15);
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7)(G8)(G9)(G10)(G11)(G12)(G13)(G14)(G15);
 
-	if (IsForwardTransformation())
-	{
+    if (IsForwardTransformation())
+    {
 #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && 0
-		const bool s_sse2 = HasSSE2();
-		if (s_sse2)
-		{
-			const word64 *ky = m_rkey.begin(), *tw = m_tweak.begin();
-			word64 *ws = m_wspace.begin();
+        const bool s_sse2 = HasSSE2();
+        if (s_sse2)
+        {
+            const word64 *ky = m_rkey.begin(), *tw = m_tweak.begin();
+            word64 *ws = m_wspace.begin();
 
-			_mm_store_si128((__m128i*)ws,
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)ws),
-					_mm_load_si128((const __m128i*)ky)));
-			_mm_store_si128((__m128i*)(ws+2),
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)(ws+2)),
-					_mm_load_si128((const __m128i*)(ky+2))));
-			_mm_store_si128((__m128i*)(ws+4),
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)(ws+4)),
-					_mm_load_si128((const __m128i*)(ky+4))));
-			_mm_store_si128((__m128i*)(ws+6),
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)(ws+6)),
-					_mm_load_si128((const __m128i*)(ky+6))));
-			_mm_store_si128((__m128i*)(ws+8),
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)(ws+8)),
-					_mm_load_si128((const __m128i*)(ky+8))));
-			_mm_store_si128((__m128i*)(ws+10),
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)(ws+10)),
-					_mm_load_si128((const __m128i*)(ky+10))));
-			_mm_store_si128((__m128i*)(ws+12),
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)(ws+12)),
-					_mm_load_si128((const __m128i*)(ky+12))));
-			_mm_store_si128((__m128i*)(ws+14),
-				_mm_add_epi64(
-					_mm_load_si128((const __m128i*)(ws+14)),
-					_mm_load_si128((const __m128i*)(ky+14))));
-			_mm_storeu_si128((__m128i*)(ws+13),
-				_mm_add_epi64(
-					_mm_loadu_si128((const __m128i*)(ws+13)),
-					_mm_load_si128((const __m128i*)(tw))));
-		}
-		else
+            _mm_store_si128((__m128i*)ws,
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)ws),
+                    _mm_load_si128((const __m128i*)ky)));
+            _mm_store_si128((__m128i*)(ws+2),
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)(ws+2)),
+                    _mm_load_si128((const __m128i*)(ky+2))));
+            _mm_store_si128((__m128i*)(ws+4),
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)(ws+4)),
+                    _mm_load_si128((const __m128i*)(ky+4))));
+            _mm_store_si128((__m128i*)(ws+6),
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)(ws+6)),
+                    _mm_load_si128((const __m128i*)(ky+6))));
+            _mm_store_si128((__m128i*)(ws+8),
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)(ws+8)),
+                    _mm_load_si128((const __m128i*)(ky+8))));
+            _mm_store_si128((__m128i*)(ws+10),
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)(ws+10)),
+                    _mm_load_si128((const __m128i*)(ky+10))));
+            _mm_store_si128((__m128i*)(ws+12),
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)(ws+12)),
+                    _mm_load_si128((const __m128i*)(ky+12))));
+            _mm_store_si128((__m128i*)(ws+14),
+                _mm_add_epi64(
+                    _mm_load_si128((const __m128i*)(ws+14)),
+                    _mm_load_si128((const __m128i*)(ky+14))));
+            _mm_storeu_si128((__m128i*)(ws+13),
+                _mm_add_epi64(
+                    _mm_loadu_si128((const __m128i*)(ws+13)),
+                    _mm_load_si128((const __m128i*)(tw))));
+        }
+        else
 #endif
-		{
-			G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
-			G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
-			G8 += m_rkey[8]; G9 += m_rkey[9]; G10 += m_rkey[10]; G11 += m_rkey[11];
-			G12 += m_rkey[12]; G13 += m_rkey[13]; G14 += m_rkey[14]; G15 += m_rkey[15];
-			G13 += m_tweak[0]; G14 += m_tweak[1];
-		}
+        {
+            G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
+            G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
+            G8 += m_rkey[8]; G9 += m_rkey[9]; G10 += m_rkey[10]; G11 += m_rkey[11];
+            G12 += m_rkey[12]; G13 += m_rkey[13]; G14 += m_rkey[14]; G15 += m_rkey[15];
+            G13 += m_tweak[0]; G14 += m_tweak[1];
+        }
 
-		G81024(0); G81024(2); G81024(4); G81024(6); G81024(8);
-		G81024(10); G81024(12); G81024(14); G81024(16); G81024(18);
-	}
-	else
-	{
-		G0 -= m_rkey[3]; G1 -= m_rkey[4]; G2 -= m_rkey[5]; G3 -= m_rkey[6];
-		G4 -= m_rkey[7]; G5 -= m_rkey[8]; G6 -= m_rkey[9]; G7 -= m_rkey[10];
-		G8 -= m_rkey[11]; G9 -= m_rkey[12]; G10 -= m_rkey[13]; G11 -= m_rkey[14];
-		G12 -= m_rkey[15]; G13 -= m_rkey[16]; G14 -= m_rkey[0]; G15 -= m_rkey[1];
-		G13 -= m_tweak[2]; G14 -= m_tweak[0]; G15 -= 20;
+        G81024(0); G81024(2); G81024(4); G81024(6); G81024(8);
+        G81024(10); G81024(12); G81024(14); G81024(16); G81024(18);
+    }
+    else
+    {
+        G0 -= m_rkey[3]; G1 -= m_rkey[4]; G2 -= m_rkey[5]; G3 -= m_rkey[6];
+        G4 -= m_rkey[7]; G5 -= m_rkey[8]; G6 -= m_rkey[9]; G7 -= m_rkey[10];
+        G8 -= m_rkey[11]; G9 -= m_rkey[12]; G10 -= m_rkey[13]; G11 -= m_rkey[14];
+        G12 -= m_rkey[15]; G13 -= m_rkey[16]; G14 -= m_rkey[0]; G15 -= m_rkey[1];
+        G13 -= m_tweak[2]; G14 -= m_tweak[0]; G15 -= 20;
 
-		IG81024(18); IG81024(16); IG81024(14); IG81024(12);	IG81024(10);
-		IG81024(8); IG81024(6); IG81024(4);	IG81024(2); IG81024(0);
-	}
+        IG81024(18); IG81024(16); IG81024(14); IG81024(12); IG81024(10);
+        IG81024(8); IG81024(6); IG81024(4); IG81024(2); IG81024(0);
+    }
 
-	// Reverse bytes on BigEndian; Align pointer on LittleEndian
-	typedef PutBlock<word64, LittleEndian, false> OutBlock;
-	OutBlock oblk(xorBlock, outBlock);
-	oblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7)(G8)(G9)(G10)(G11)(G12)(G13)(G14)(G15);
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7)(G8)(G9)(G10)(G11)(G12)(G13)(G14)(G15);
 }
 
 NAMESPACE_END
diff --git a/threefish.h b/threefish.h
index 97a7949b..422da93f 100644
--- a/threefish.h
+++ b/threefish.h
@@ -22,42 +22,39 @@ NAMESPACE_BEGIN(CryptoPP)
 //! \since Crypto++ 6.0
 struct Threefish_Info : public VariableBlockSize<32, 32, 128>
 {
-	CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() {return "Threefish";}
+    CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() {return "Threefish";}
 
-	//! \brief The minimum key length used by the algorithm provided as a constant
-	//! \details MIN_KEYLENGTH is provided in bytes, not bits
-	CRYPTOPP_CONSTANT(MIN_KEYLENGTH=32)
-	//! \brief The maximum key length used by the algorithm provided as a constant
-	//! \details MIN_KEYLENGTH is provided in bytes, not bits
-	CRYPTOPP_CONSTANT(MAX_KEYLENGTH=128)
-	//! \brief The default key length used by the algorithm provided as a constant
-	//! \details MIN_KEYLENGTH is provided in bytes, not bits
-	CRYPTOPP_CONSTANT(DEFAULT_KEYLENGTH=32)
-	//! \brief The default IV requirements for the algorithm provided as a constant
-	//! \details The default value is NOT_RESYNCHRONIZABLE. See IV_Requirement
-	//!  in cryptlib.h for allowed values.
-	CRYPTOPP_CONSTANT(IV_REQUIREMENT=SimpleKeyingInterface::UNIQUE_IV)
-	//! \brief The default initialization vector length for the algorithm provided as a constant
-	//! \details IV_LENGTH is provided in bytes, not bits.
-	CRYPTOPP_CONSTANT(IV_LENGTH=32)
-	//! \brief Provides a valid key length for the algorithm provided by a static function.
-	//! \param keylength the size of the key, in bytes
-	//! \details The key length depends on the block size. For each block size, 128, 256 and 512,
-	//!   the key length can be either the block size or twice the block size. That means the
-	//!   valid key lengths are 126, 256, 512 and 1024. Additionally, it means a key length of,
-	//!   say, 32 could be used with either 128-block size or 256-block size.
-	CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidKeyLength(size_t keylength)
-	{
-		// Valid key lengths are 256, 512 and 1024 bits
-		return (keylength >= 128) ? 128 :
-			(keylength >= 64) ? 64 : 32;
-	}
+    //! \brief The minimum key length used by the algorithm provided as a constant
+    //! \details MIN_KEYLENGTH is provided in bytes, not bits
+    CRYPTOPP_CONSTANT(MIN_KEYLENGTH=32)
+    //! \brief The maximum key length used by the algorithm provided as a constant
+    //! \details MIN_KEYLENGTH is provided in bytes, not bits
+    CRYPTOPP_CONSTANT(MAX_KEYLENGTH=128)
+    //! \brief The default key length used by the algorithm provided as a constant
+    //! \details MIN_KEYLENGTH is provided in bytes, not bits
+    CRYPTOPP_CONSTANT(DEFAULT_KEYLENGTH=32)
+    //! \brief The default IV requirements for the algorithm provided as a constant
+    //! \details The default value is NOT_RESYNCHRONIZABLE. See IV_Requirement
+    //!  in cryptlib.h for allowed values.
+    CRYPTOPP_CONSTANT(IV_REQUIREMENT=SimpleKeyingInterface::UNIQUE_IV)
+    //! \brief The default initialization vector length for the algorithm provided as a constant
+    //! \details IV_LENGTH is provided in bytes, not bits.
+    CRYPTOPP_CONSTANT(IV_LENGTH=32)
+    //! \brief Provides a valid key length for the algorithm provided by a static function.
+    //! \param keylength the size of the key, in bytes
+    //! \details Threefish uses 256, 512 and 1024-bit keys. The block size follows key length.
+    CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidKeyLength(size_t keylength)
+    {
+        // Valid key lengths are 256, 512 and 1024 bits
+        return (keylength >= 128) ? 128 :
+            (keylength >= 64) ? 64 : 32;
+    }
 
-	CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidBlockSize(size_t keylength)
-	{
-		return (keylength >= 128) ? 128 :
-			(keylength >= 64) ? 64 : 32;
-	}
+    CRYPTOPP_STATIC_CONSTEXPR size_t CRYPTOPP_API StaticGetValidBlockSize(size_t keylength)
+    {
+        return (keylength >= 128) ? 128 :
+            (keylength >= 64) ? 64 : 32;
+    }
 };
 
 //! \class Threefish1024
@@ -67,35 +64,35 @@ struct Threefish_Info : public VariableBlockSize<32, 32, 128>
 class Threefish : public Threefish_Info, public BlockCipherDocumentation
 {
 public:
-	class CRYPTOPP_NO_VTABLE Base : public VariableBlockCipherImpl<Threefish_Info>
-	{
-	public:
-		std::string AlgorithmName() const {
-			return m_blocksize ? "Threefish-" + IntToString(m_blocksize*8) + "(" + IntToString((m_rkey.size()-1)*8) + ")" : StaticAlgorithmName();
-		}
+    class CRYPTOPP_NO_VTABLE Base : public VariableBlockCipherImpl<Threefish_Info>
+    {
+    public:
+        std::string AlgorithmName() const {
+            return m_blocksize ? "Threefish-" + IntToString(m_blocksize*8) + "(" + IntToString((m_rkey.size()-1)*8) + ")" : StaticAlgorithmName();
+        }
 
-		unsigned int OptimalDataAlignment() const {
-			return GetAlignmentOf<word64>();
-		}
+        unsigned int OptimalDataAlignment() const {
+            return GetAlignmentOf<word64>();
+        }
 
-	protected:
-		void UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params);
-		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+    protected:
+        void UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params);
+        void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 
-		void ProcessAndXorBlock_256(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
-		void ProcessAndXorBlock_512(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
-		void ProcessAndXorBlock_1024(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+        void ProcessAndXorBlock_256(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+        void ProcessAndXorBlock_512(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+        void ProcessAndXorBlock_1024(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 
-	private:
+    private:
         typedef SecBlock<word64, AllocatorWithCleanup<word64, true> > AlignedSecBlock64;
         mutable AlignedSecBlock64 m_wspace;   // workspace
-		AlignedSecBlock64         m_rkey;     // keys
-		AlignedSecBlock64         m_tweak;
-	};
+        AlignedSecBlock64         m_rkey;     // keys
+        AlignedSecBlock64         m_tweak;
+    };
 
 public:
-	typedef BlockCipherFinal<ENCRYPTION, Base> Encryption;
-	typedef BlockCipherFinal<DECRYPTION, Base> Decryption;
+    typedef BlockCipherFinal<ENCRYPTION, Base> Encryption;
+    typedef BlockCipherFinal<DECRYPTION, Base> Decryption;
 };
 
 typedef Threefish::Encryption ThreefishEncryption;

From b3399b4f86918efee66e0831cc88da542c71aa10 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 14 May 2017 16:59:04 -0400
Subject: [PATCH 163/200] Remove SSE2 intrinsics from Threefish The benchmarks
 showed things ran slower with GCC and MSVC

---
 threefish.cpp | 98 +++++----------------------------------------------
 1 file changed, 9 insertions(+), 89 deletions(-)

diff --git a/threefish.cpp b/threefish.cpp
index 95160b1f..8ec51762 100644
--- a/threefish.cpp
+++ b/threefish.cpp
@@ -347,42 +347,10 @@ void Threefish::Base::ProcessAndXorBlock_512(const byte *inBlock, const byte *xo
 
     if (IsForwardTransformation())
     {
-#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && 0
-        const bool s_sse2 = HasSSE2();
-        if (s_sse2)
-        {
-            const word64 *ky = m_rkey.begin(), *tw = m_tweak.begin();
-            word64 *ws = m_wspace.begin();
-
-            // 15 SSE instructions
-            _mm_store_si128((__m128i*)ws,
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)ws),
-                    _mm_load_si128((const __m128i*)ky)));
-            _mm_store_si128((__m128i*)(ws+2),
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)(ws+2)),
-                    _mm_load_si128((const __m128i*)(ky+2))));
-            _mm_store_si128((__m128i*)(ws+4),
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)(ws+4)),
-                    _mm_load_si128((const __m128i*)(ky+4))));
-            _mm_store_si128((__m128i*)(ws+6),
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)(ws+6)),
-                    _mm_load_si128((const __m128i*)(ky+6))));
-            _mm_storeu_si128((__m128i*)(ws+5),
-                _mm_add_epi64(
-                    _mm_loadu_si128((const __m128i*)(ws+5)),
-                    _mm_load_si128((const __m128i*)(tw))));
-        }
-#endif
-        {
-            // 34 integer instructions total
-            G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
-            G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
-            G5 += m_tweak[0]; G6 += m_tweak[1];
-        }
+        // 34 integer instructions total
+        G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
+        G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
+        G5 += m_tweak[0]; G6 += m_tweak[1];
 
         G8512(0); G8512(2); G8512(4); G8512(6); G8512(8);
         G8512(10); G8512(12); G8512(14); G8512(16);
@@ -417,59 +385,11 @@ void Threefish::Base::ProcessAndXorBlock_1024(const byte *inBlock, const byte *x
 
     if (IsForwardTransformation())
     {
-#if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE && 0
-        const bool s_sse2 = HasSSE2();
-        if (s_sse2)
-        {
-            const word64 *ky = m_rkey.begin(), *tw = m_tweak.begin();
-            word64 *ws = m_wspace.begin();
-
-            _mm_store_si128((__m128i*)ws,
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)ws),
-                    _mm_load_si128((const __m128i*)ky)));
-            _mm_store_si128((__m128i*)(ws+2),
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)(ws+2)),
-                    _mm_load_si128((const __m128i*)(ky+2))));
-            _mm_store_si128((__m128i*)(ws+4),
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)(ws+4)),
-                    _mm_load_si128((const __m128i*)(ky+4))));
-            _mm_store_si128((__m128i*)(ws+6),
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)(ws+6)),
-                    _mm_load_si128((const __m128i*)(ky+6))));
-            _mm_store_si128((__m128i*)(ws+8),
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)(ws+8)),
-                    _mm_load_si128((const __m128i*)(ky+8))));
-            _mm_store_si128((__m128i*)(ws+10),
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)(ws+10)),
-                    _mm_load_si128((const __m128i*)(ky+10))));
-            _mm_store_si128((__m128i*)(ws+12),
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)(ws+12)),
-                    _mm_load_si128((const __m128i*)(ky+12))));
-            _mm_store_si128((__m128i*)(ws+14),
-                _mm_add_epi64(
-                    _mm_load_si128((const __m128i*)(ws+14)),
-                    _mm_load_si128((const __m128i*)(ky+14))));
-            _mm_storeu_si128((__m128i*)(ws+13),
-                _mm_add_epi64(
-                    _mm_loadu_si128((const __m128i*)(ws+13)),
-                    _mm_load_si128((const __m128i*)(tw))));
-        }
-        else
-#endif
-        {
-            G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
-            G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
-            G8 += m_rkey[8]; G9 += m_rkey[9]; G10 += m_rkey[10]; G11 += m_rkey[11];
-            G12 += m_rkey[12]; G13 += m_rkey[13]; G14 += m_rkey[14]; G15 += m_rkey[15];
-            G13 += m_tweak[0]; G14 += m_tweak[1];
-        }
+        G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
+        G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
+        G8 += m_rkey[8]; G9 += m_rkey[9]; G10 += m_rkey[10]; G11 += m_rkey[11];
+        G12 += m_rkey[12]; G13 += m_rkey[13]; G14 += m_rkey[14]; G15 += m_rkey[15];
+        G13 += m_tweak[0]; G14 += m_tweak[1];
 
         G81024(0); G81024(2); G81024(4); G81024(6); G81024(8);
         G81024(10); G81024(12); G81024(14); G81024(16); G81024(18);

From f60f2126875125dd4a0b75e364f7aa11a2b98702 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 15 May 2017 14:38:24 -0400
Subject: [PATCH 164/200] Remove Tweak handling. We are arriving at incorrect
 result for G2 after the first Key Injection, and its not readily apparent
 why.

---
 threefish.cpp | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

diff --git a/threefish.cpp b/threefish.cpp
index 8ec51762..66bef801 100644
--- a/threefish.cpp
+++ b/threefish.cpp
@@ -272,17 +272,7 @@ void Threefish::Base::UncheckedSetKey(const byte *key, unsigned int keylen, cons
     }
 
     m_tweak.New(3);
-    ConstByteArrayParameter t;
-    if (params.GetValue(Name::Tweak(), t))
-    {
-        CRYPTOPP_ASSERT(t.size() == 16);
-        ::memcpy(m_tweak.begin(), t.begin(), 16);
-        m_tweak[2] = m_tweak[0] + m_tweak[1];
-    }
-    else
-    {
-        ::memset(m_tweak.begin(), 0x00, 24);
-    }
+    ::memset(m_tweak.begin(), 0x00, 24);
 }
 
 void Threefish::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const

From a61c97f7ee720ed13684e55e604b5f29a45ccfb3 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 15 May 2017 18:42:20 -0400
Subject: [PATCH 165/200] Re-enable the Tweak on Threefish

We also add a helper to PutDecodedDatumInto which reverses the little-endian values from the Threefish test vectors. Test vectors will follow at next check-in.
---
 datatest.cpp  | 32 ++++++++++++++++++++++++--------
 threefish.cpp | 12 +++++++++++-
 2 files changed, 35 insertions(+), 9 deletions(-)

diff --git a/datatest.cpp b/datatest.cpp
index 4cef5a1c..315300dd 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -18,6 +18,7 @@
 #include "hkdf.h"
 #include "stdcpp.h"
 #include <iostream>
+#include <sstream>
 
 // Aggressive stack checking with VS2005 SP1 and above.
 #if (_MSC_FULL_VER >= 140050727)
@@ -115,6 +116,19 @@ void PutDecodedDatumInto(const TestData &data, const char *name, BufferedTransfo
 			s1 = s1.substr(s1.find(' ')+1);
 		}
 
+		// Use like this (from Threefish test vectors, which supplies byte-reversed values):
+		//   Key: ce BC2560EFC6BBA2B1 E3361F162238EB40 FB8631EE0ABBD175 7B9479D4C5479ED1
+		// The 'ce' means BC2560EFC6BBA2B1 will be processed into B1A2BBC6EF6025BC.
+		if (s1.length() >= 2 && s1.substr(0,2) == "ce")
+		{
+			word64 value;
+			std::istringstream iss(s1.substr(3));
+			while (iss >> std::hex >> value)
+				q.Put((const byte *)&value, 8);
+
+			goto end;
+		}
+
 		s2.clear();
 		if (s1[0] == '\"')
 		{
@@ -405,6 +419,16 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 			decryptor->Seek(seek);
 		}
 
+		// If a per-test vector parameter was set for a test, like BlockPadding, BlockSize or Tweak,
+		// then it becomes latched in testDataPairs. The old value is used in subsequent tests, and
+		// it could cause a self test failure in the next test. The behavior surfaced under Kalyna
+		// and Threefish. The Kalyna test vectors use NO_PADDING for all tests excpet one. For
+		// Threefish, using (and not using) a Tweak caused problems as we marched through test
+		// vectors. For BlockPadding, BlockSize or Tweak, unlatch them now, after the key has been
+		// set and NameValuePairs have been processed. Also note we only unlatch from testDataPairs.
+		// If overrideParameters are specified, the caller is responsible for managing the parameter.
+		v.erase("Tweak"); v.erase("BlockSize"); v.erase("BlockPaddingScheme");
+
 		std::string encrypted, xorDigest, ciphertext, ciphertextXorDigest;
 		if (test == "EncryptionMCT" || test == "DecryptionMCT")
 		{
@@ -488,14 +512,6 @@ void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
 			std::cout << "\n";
 			SignalTestFailure();
 		}
-
-		// If BlockSize or BlockPaddingScheme was set for a test, then it becomes latched
-		// in testDataPairs. The old value is used in subsequent tests, and it could cause a
-		// self test failure in the next test. The behavior surfaced under Kalyna, where the
-		// official test vectors use NO_PADDING for all tests excpet one. For BlockSize or
-		// BlockPaddingScheme, unlatch them now. Also note we only unlatch from testDataPairs.
-		// If overrideParameters are specified, then the caller is responsible.
-		v.erase("BlockSize"); v.erase("BlockPaddingScheme");
 	}
 	else
 	{
diff --git a/threefish.cpp b/threefish.cpp
index 66bef801..fde7a894 100644
--- a/threefish.cpp
+++ b/threefish.cpp
@@ -272,7 +272,17 @@ void Threefish::Base::UncheckedSetKey(const byte *key, unsigned int keylen, cons
     }
 
     m_tweak.New(3);
-    ::memset(m_tweak.begin(), 0x00, 24);
+    ConstByteArrayParameter t;
+    if (params.GetValue(Name::Tweak(), t))
+    {
+        CRYPTOPP_ASSERT(t.size() == 16);
+        GetUserKey(LITTLE_ENDIAN_ORDER, m_tweak.begin(), 2, t.begin(), 16);
+        m_tweak[2] = m_tweak[0] ^ m_tweak[1];
+    }
+    else
+    {
+        ::memset(m_tweak.begin(), 0x00, 24);
+    }
 }
 
 void Threefish::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const

From 7fd5c13e064c6d1d27e9e9f2e739f369fb8f9a04 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 15 May 2017 20:14:22 -0400
Subject: [PATCH 166/200] Fix PutDecodedDatumInto on OS X

---
 datatest.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/datatest.cpp b/datatest.cpp
index 315300dd..dcf2140b 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -119,7 +119,7 @@ void PutDecodedDatumInto(const TestData &data, const char *name, BufferedTransfo
 		// Use like this (from Threefish test vectors, which supplies byte-reversed values):
 		//   Key: ce BC2560EFC6BBA2B1 E3361F162238EB40 FB8631EE0ABBD175 7B9479D4C5479ED1
 		// The 'ce' means BC2560EFC6BBA2B1 will be processed into B1A2BBC6EF6025BC.
-		if (s1.length() >= 2 && s1.substr(0,2) == "ce")
+		if (s1.length() >= 3 && s1.substr(0,2) == "ce ")
 		{
 			word64 value;
 			std::istringstream iss(s1.substr(3));

From 30ac06dd0dda9d8d6145710b750b1f647842c353 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 15 May 2017 20:41:32 -0400
Subject: [PATCH 167/200] Fix substring length

---
 datatest.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/datatest.cpp b/datatest.cpp
index dcf2140b..b1f05430 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -119,7 +119,7 @@ void PutDecodedDatumInto(const TestData &data, const char *name, BufferedTransfo
 		// Use like this (from Threefish test vectors, which supplies byte-reversed values):
 		//   Key: ce BC2560EFC6BBA2B1 E3361F162238EB40 FB8631EE0ABBD175 7B9479D4C5479ED1
 		// The 'ce' means BC2560EFC6BBA2B1 will be processed into B1A2BBC6EF6025BC.
-		if (s1.length() >= 3 && s1.substr(0,2) == "ce ")
+		if (s1.length() >= 3 && s1.substr(0,3) == "ce ")
 		{
 			word64 value;
 			std::istringstream iss(s1.substr(3));

From 4da06919ebd871b14a5f072a3988986ada98486d Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 15 May 2017 21:02:47 -0400
Subject: [PATCH 168/200] Switch conversion switch from 'ce' to 'cvt' There
 were some collisions in the RSA test vectors

---
 datatest.cpp | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/datatest.cpp b/datatest.cpp
index b1f05430..d4e7cb36 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -116,16 +116,17 @@ void PutDecodedDatumInto(const TestData &data, const char *name, BufferedTransfo
 			s1 = s1.substr(s1.find(' ')+1);
 		}
 
-		// Use like this (from Threefish test vectors, which supplies byte-reversed values):
-		//   Key: ce BC2560EFC6BBA2B1 E3361F162238EB40 FB8631EE0ABBD175 7B9479D4C5479ED1
-		// The 'ce' means BC2560EFC6BBA2B1 will be processed into B1A2BBC6EF6025BC.
-		if (s1.length() >= 3 && s1.substr(0,3) == "ce ")
+		// Convert endian order. Use it with 64-bit words like this:
+		//   Key: cvt BC2560EFC6BBA2B1 E3361F162238EB40 FB8631EE0ABBD175 7B9479D4C5479ED1
+		// BC2560EFC6BBA2B1 will be processed into B1A2BBC6EF6025BC.
+		if (s1.length() >= 3 && s1.substr(0,3) == "cvt")
 		{
 			word64 value;
 			std::istringstream iss(s1.substr(3));
 			while (iss >> std::hex >> value)
 				q.Put((const byte *)&value, 8);
 
+			s1.clear(); s2.clear();
 			goto end;
 		}
 

From 30ac53ff416985ef657f9124ed37084132d9cfcb Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 15 May 2017 21:55:39 -0400
Subject: [PATCH 169/200] Add support for word32 and word64 parsing

---
 datatest.cpp | 34 +++++++++++++++++++++++++---------
 1 file changed, 25 insertions(+), 9 deletions(-)

diff --git a/datatest.cpp b/datatest.cpp
index d4e7cb36..805fcd03 100644
--- a/datatest.cpp
+++ b/datatest.cpp
@@ -117,16 +117,32 @@ void PutDecodedDatumInto(const TestData &data, const char *name, BufferedTransfo
 		}
 
 		// Convert endian order. Use it with 64-bit words like this:
-		//   Key: cvt BC2560EFC6BBA2B1 E3361F162238EB40 FB8631EE0ABBD175 7B9479D4C5479ED1
-		// BC2560EFC6BBA2B1 will be processed into B1A2BBC6EF6025BC.
-		if (s1.length() >= 3 && s1.substr(0,3) == "cvt")
+		//   Key: word64 BC2560EFC6BBA2B1 E3361F162238EB40 FB8631EE0ABBD175 7B9479D4C5479ED1
+		//   BC2560EFC6BBA2B1 will be processed into B1A2BBC6EF6025BC.
+		// or:
+		//   Key: word32 BC2560EF E3361F16 FB8631EE 7B9479D4
+		//   BC2560EF will be processed into EF6025BC.
+		if (s1.length() >= 6 && (s1.substr(0,6) == "word32" || s1.substr(0,6) == "word64"))
 		{
-			word64 value;
-			std::istringstream iss(s1.substr(3));
-			while (iss >> std::hex >> value)
-				q.Put((const byte *)&value, 8);
-
-			s1.clear(); s2.clear();
+			std::istringstream iss(s1.substr(6));
+			if (s1.substr(0,6) == "word64")
+			{
+				word64 value;
+				while (iss >> std::skipws >> std::hex >> value)
+				{
+					value = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, value);
+					q.Put((const byte *)&value, 8);
+				}
+			}
+			else
+			{
+				word32 value;
+				while (iss >> std::skipws >> std::hex >> value)
+				{
+					value = ConditionalByteReverse(LITTLE_ENDIAN_ORDER, value);
+					q.Put((const byte *)&value, 4);
+				}
+			}
 			goto end;
 		}
 

From ae09662f43e6ae3777775ce8c86d88bac20fc8f2 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 15 May 2017 22:53:44 -0400
Subject: [PATCH 170/200] Update Makefile to trim data files

---
 GNUmakefile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/GNUmakefile b/GNUmakefile
index 44920a45..7947557b 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -766,9 +766,13 @@ endif
 trim:
 ifneq ($(IS_DARWIN),0)
 	sed -i '' -e's/[[:space:]]*$$//' *.sh *.h *.cpp *.asm *.s *.sln *.vcxproj *.filters GNUmakefile GNUmakefile-cross
+	sed -i '' -e's/[[:space:]]*$$//' *.sh TestData/*.dat
+	sed -i '' -e's/[[:space:]]*$$//' *.sh TestVectors/*.txt
 	make convert
 else
 	sed -i -e's/[[:space:]]*$$//' *.sh *.h *.cpp *.asm *.s *.sln *.vcxproj *.filters GNUmakefile GNUmakefile-cross
+	sed -i -e's/[[:space:]]*$$//' *.sh TestData/*.dat
+	sed -i -e's/[[:space:]]*$$//' *.sh TestVectors/*.txt
 	make convert
 endif
 

From 5bf43f4ef37ccb0a8cf34671b928aac779ee683e Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 15 May 2017 22:55:33 -0400
Subject: [PATCH 171/200] Add additional Threefish test vectors The test
 vectors came from NIST submission archive (NIST_CD_102610),
 skein_golden_kat_short_internals.txt

---
 TestVectors/threefish.txt | 77 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 77 insertions(+)

diff --git a/TestVectors/threefish.txt b/TestVectors/threefish.txt
index d6245d29..b4f175ba 100644
--- a/TestVectors/threefish.txt
+++ b/TestVectors/threefish.txt
@@ -1,6 +1,7 @@
 AlgorithmType: SymmetricCipher
 Name: Threefish/ECB
 Comment: Test Vector 1
+Source: Botan test vectors (threefish.vec)
 Key: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 \
      0000000000000000 0000000000000000 0000000000000000 0000000000000000
 Plaintext:  0000000000000000 0000000000000000 0000000000000000 0000000000000000 \
@@ -10,6 +11,7 @@ Ciphertext: B1A2BBC6EF6025BC 40EB3822161F36E3 75D1BB0AEE3186FB D19E47C5D479947B
 Test: Encrypt
 Name: Threefish/ECB
 Comment: Test Vector 2
+Source: Botan test vectors (threefish.vec)
 Key: B1A2BBC6EF6025BC 40EB3822161F36E3 75D1BB0AEE3186FB D19E47C5D479947B \
      7BC2F8586E35F0CF F7E7F03084B0B7B1 F1AB3961A580A3E9 7EB41EA14A6D7BBE
 Plaintext:  0000000000000000 0000000000000000 0000000000000000 0000000000000000 \
@@ -19,6 +21,7 @@ Ciphertext: F13CA06760DD9BBE AB87B6C56F3BBBDB E9D08A77978B942A C02D471DC10268F2
 Test: Encrypt
 Name: Threefish/ECB
 Comment: Test Vector 3
+Source: Botan test vectors (threefish.vec)
 Key: F13CA06760DD9BBE AB87B6C56F3BBBDB E9D08A77978B942A C02D471DC10268F2 \
      261C3D4330D6CA34 1F4BD4115DEE16A2 1DCDA2A34A0A76FB A976174E4CF1E306
 Plaintext: B1A2BBC6EF6025BC 40EB3822161F36E3 75D1BB0AEE3186FB D19E47C5D479947B \
@@ -28,6 +31,7 @@ Ciphertext: 1BEC82CBA1357566 B34E1CF1FBF123A1 41C8F4089F6E4CE3 209AEA10095AEC93
 Test: Encrypt
 Name: Threefish/ECB
 Comment: Test Vector 4
+Source: Botan test vectors (threefish.vec)
 Key: F13CA06760DD9BBE AB87B6C56F3BBBDB E9D08A77978B942A C02D471DC10268F2 \
      261C3D4330D6CA34 1F4BD4115DEE16A2 1DCDA2A34A0A76FB A976174E4CF1E306
 Plaintext: B1A2BBC6EF6025BC 40EB3822161F36E3 75D1BB0AEE3186FB D19E47C5D479947B \
@@ -39,3 +43,76 @@ Ciphertext: 1BEC82CBA1357566 B34E1CF1FBF123A1 41C8F4089F6E4CE3 209AEA10095AEC93
             073CB5F8FABFA17D B751477F294EB3DD 4ACD92B78397331F CC36A9C3D3055B81 \
             D867CBDD56279037 373359CA1832669A F4B87A1F2FDAF8D3 6E2FB7A6D19F5D45
 Test: Encrypt
+##################################################################################
+Name: Threefish/ECB
+Comment: Test Vector 5, Threefish-256, null tweak
+Source: skein_golden_kat_internals.txt
+Tweak: word64 0000000000000000  0000000000000000
+Key: word64 0000000000000000  0000000000000000  0000000000000000  0000000000000000
+Plaintext: word64 0000000000000000  0000000000000000  0000000000000000  0000000000000000
+Ciphertext: word64 94EEEA8B1F2ADA84  ADF103313EAE6670  952419A1F4B16D53  D83F13E63C9F6B11
+Test: Encrypt
+Name: Threefish/ECB
+Comment: Test Vector 6, Threefish-256, tweak
+Source: skein_golden_kat_internals.txt
+Tweak: word64 0706050403020100  0F0E0D0C0B0A0908
+Key: word64 1716151413121110  1F1E1D1C1B1A1918  2726252423222120  2F2E2D2C2B2A2928
+Plaintext: word64 F8F9FAFBFCFDFEFF  F0F1F2F3F4F5F6F7  E8E9EAEBECEDEEEF  E0E1E2E3E4E5E6E7
+Ciphertext: word64 DF8FEA0EFF91D0E0  D50AD82EE69281C9  76F48D58085D869D  DF975E95B5567065
+Test: Encrypt
+Name: Threefish/ECB
+Comment: Test Vector 7, Threefish-512, null tweak
+Source: skein_golden_kat_internals.txt
+Tweak: word64 0000000000000000  0000000000000000
+Key: word64 0000000000000000  0000000000000000  0000000000000000  0000000000000000 \
+            0000000000000000  0000000000000000  0000000000000000  0000000000000000
+Plaintext: word64 0000000000000000  0000000000000000  0000000000000000  0000000000000000 \
+                  0000000000000000  0000000000000000  0000000000000000  0000000000000000
+Ciphertext: word64 BC2560EFC6BBA2B1  E3361F162238EB40  FB8631EE0ABBD175  7B9479D4C5479ED1 \
+                   CFF0356E58F8C27B  B1B7B08430F0E7F7  E9A380A56139ABF1  BE7B6D4AA11EB47E
+Test: Encrypt
+Name: Threefish/ECB
+Comment: Test Vector 8, Threefish-512, tweak
+Source: skein_golden_kat_internals.txt
+Tweak: word64 0706050403020100  0F0E0D0C0B0A0908
+Key: word64 1716151413121110  1F1E1D1C1B1A1918  2726252423222120  2F2E2D2C2B2A2928 \
+            3736353433323130  3F3E3D3C3B3A3938  4746454443424140  4F4E4D4C4B4A4948
+Plaintext: word64 F8F9FAFBFCFDFEFF  F0F1F2F3F4F5F6F7  E8E9EAEBECEDEEEF  E0E1E2E3E4E5E6E7 \
+                  D8D9DADBDCDDDEDF  D0D1D2D3D4D5D6D7  C8C9CACBCCCDCECF  C0C1C2C3C4C5C6C7
+Ciphertext: word64 2C5AD426964304E3  9A2436D6D8CA01B4  DD456DB00E333863  794725970EB9368B \
+                   043546998D0A2A27  25A7C918EA204478  346201A1FEDF11AF  3DAF1C5C3D672789
+Test: Encrypt
+Name: Threefish/ECB
+Comment: Test Vector 9, Threefish-1024, null tweak
+Source: skein_golden_kat_internals.txt
+Tweak: word64 0000000000000000  0000000000000000
+Key: word64 0000000000000000  0000000000000000  0000000000000000  0000000000000000 \
+            0000000000000000  0000000000000000  0000000000000000  0000000000000000 \
+            0000000000000000  0000000000000000  0000000000000000  0000000000000000 \
+            0000000000000000  0000000000000000  0000000000000000  0000000000000000
+Plaintext: word64 0000000000000000  0000000000000000  0000000000000000  0000000000000000 \
+                  0000000000000000  0000000000000000  0000000000000000  0000000000000000 \
+                  0000000000000000  0000000000000000  0000000000000000  0000000000000000 \
+                  0000000000000000  0000000000000000  0000000000000000  0000000000000000
+Ciphertext: word64 04B3053D0A3D5CF0  0136E0D1C7DD85F7  067B212F6EA78A5C  0DA9C10B4C54E1C6 \
+                   0F4EC27394CBACF0  32437F0568EA4FD5  CFF56D1D7654B49C  A2D5FB14369B2E7B \
+                   540306B460472E0B  71C18254BCEA820D  C36B4068BEAF32C8  FA4329597A360095 \
+                   C4A36C28434A5B9A  D54331444B1046CF  DF11834830B2A460  1E39E8DFE1F7EE4F
+Test: Encrypt
+Name: Threefish/ECB
+Comment: Test Vector 10, Threefish-1024, tweak
+Source: skein_golden_kat_internals.txt
+Tweak: word64 0706050403020100  0F0E0D0C0B0A0908
+Key: word64 1716151413121110  1F1E1D1C1B1A1918  2726252423222120  2F2E2D2C2B2A2928 \
+            3736353433323130  3F3E3D3C3B3A3938  4746454443424140  4F4E4D4C4B4A4948 \
+            5756555453525150  5F5E5D5C5B5A5958  6766656463626160  6F6E6D6C6B6A6968 \
+            7776757473727170  7F7E7D7C7B7A7978  8786858483828180  8F8E8D8C8B8A8988
+Plaintext: word64 F8F9FAFBFCFDFEFF  F0F1F2F3F4F5F6F7  E8E9EAEBECEDEEEF  E0E1E2E3E4E5E6E7 \
+                  D8D9DADBDCDDDEDF  D0D1D2D3D4D5D6D7  C8C9CACBCCCDCECF  C0C1C2C3C4C5C6C7 \
+                  B8B9BABBBCBDBEBF  B0B1B2B3B4B5B6B7  A8A9AAABACADAEAF  A0A1A2A3A4A5A6A7 \
+                  98999A9B9C9D9E9F  9091929394959697  88898A8B8C8D8E8F  8081828384858687
+Ciphertext: word64 B0C33CD7DB4D65A6  BC49A85A1077D75D  6855FCAFEA7293E4  1C5385AB1B7754D2 \
+                   30E4AAFFE780F794  E1BBEE708CAFD8D5  9CA837B7423B0F76  BD1403670D4963B3 \
+                   451F2E3CE61EA48A  B360832F9277D4FB  0AAFC7A65E12D688  C8906E79016D05D7 \
+                   B316570A15F41333  74E98A2869F5D50E  57CE6F9247432BCE  DE7CDD77215144DE
+Test: Encrypt

From b083390d4f2c83d43a5d149fd8fd3963738d3cc7 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 16 May 2017 01:59:09 -0400
Subject: [PATCH 172/200] Added some intelligence to truncated Gzip stream test

---
 validat0.cpp | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/validat0.cpp b/validat0.cpp
index 95f84d98..c4a25c76 100644
--- a/validat0.cpp
+++ b/validat0.cpp
@@ -156,6 +156,9 @@ bool TestCompressors()
 
     try
     {
+        // Gzip uses Adler32 checksums. We expect a failure to to happen on occasion.
+        // If we see more than 2 failures in a run of 128, then we need to investigate.
+        unsigned int truncatedCount=0;
         for (unsigned int i = 0; i<128; ++i)
         {
             std::string src, dest, rec;
@@ -172,8 +175,11 @@ bool TestCompressors()
             // Tamper
             try {
                 StringSource(dest.substr(0, len - 2), true, new Gunzip(new StringSink(rec)));
-                std::cout << "FAILED:  Gzip failed to detect a truncated stream\n";
-                fail1 = true;
+                if (truncatedCount++ >= 2)
+                {
+                    std::cout << "FAILED:  Gzip failed to detect a truncated stream\n";
+                    fail1 = true;
+                }
             }
             catch (const Exception&) {}
         }

From 5f0cbde9804fa34ad8e71f6d9a96a351dc5a033b Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 16 May 2017 03:52:03 -0400
Subject: [PATCH 173/200] Removed MSVC warning suppression for many warnings
 (Issue 412) Most of these appear to have been cleared over the last couple of
 years.

C4127 is too prevelant. We are probably going to have to live with it.

We may be able to clear C4250 with a using statement. For example 'using ASN1CryptoMaterial::Load'.

MSVC resisted clearing C4661 by pushing/poping in iterhash.h and osrng.h. It was like MSVC simply ignored it.
---
 config.h   |  2 +-
 dll.cpp    | 14 +++-----------
 validate.h |  2 +-
 3 files changed, 5 insertions(+), 13 deletions(-)

diff --git a/config.h b/config.h
index b4a4bc54..66292257 100644
--- a/config.h
+++ b/config.h
@@ -354,7 +354,7 @@ NAMESPACE_END
 	// 4786: identifier was truncated in debug information
 	// 4355: 'this' : used in base member initializer list
 	// 4910: '__declspec(dllexport)' and 'extern' are incompatible on an explicit instantiation
-#	pragma warning(disable: 4127 4231 4250 4251 4275 4505 4512 4660 4661 4786 4355 4910)
+#	pragma warning(disable: 4127 4512 4661)
 	// Security related, possible defects
 	// http://blogs.msdn.com/b/vcblog/archive/2010/12/14/off-by-default-compiler-warnings-in-visual-c.aspx
 #	pragma warning(once: 4191 4242 4263 4264 4266 4302 4826 4905 4906 4928)
diff --git a/dll.cpp b/dll.cpp
index 7b57dc1f..bc406de2 100644
--- a/dll.cpp
+++ b/dll.cpp
@@ -5,15 +5,10 @@
 
 #include "dll.h"
 #include "config.h"
+#include "iterhash.h"
 
-// TODO: fix the C4589 warnings
-#if CRYPTOPP_MSC_VERSION
-# pragma warning(disable: 4589)
-#endif
-
-#if CRYPTOPP_MSC_VERSION
-# pragma warning(default: 4660)
-#endif
+// Cast from FARPROC to funcptr with args, http://stackoverflow.com/q/4192058/608639
+#pragma warning(disable: 4191)
 
 #if defined(CRYPTOPP_EXPORTS) && defined(CRYPTOPP_WIN32_AVAILABLE)
 #include <windows.h>
@@ -70,9 +65,6 @@ static void * New (size_t size)
 	return p;
 }
 
-// Cast from FARPROC to funcptr with args, http://stackoverflow.com/q/4192058/608639
-#pragma warning(disable: 4191)
-
 static void SetNewAndDeleteFunctionPointers()
 {
 	void *p = NULLPTR;
diff --git a/validate.h b/validate.h
index 80386778..9e25e1bb 100644
--- a/validate.h
+++ b/validate.h
@@ -182,7 +182,7 @@ private:
 #endif
 
 // Safer functions on Windows for C&A, https://github.com/weidai11/cryptopp/issues/55
-static std::string TimeToString(const time_t& t)
+inline std::string TimeToString(const time_t& t)
 {
 #if (CRYPTOPP_MSC_VERSION >= 1400)
 	tm localTime = {};

From c9d4ebb3d4db6d9626a99e9357cdb19d71798b4d Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 16 May 2017 04:21:27 -0400
Subject: [PATCH 174/200] Cleared C4250 under MSVC (Issue 412)

---
 esign.h | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/esign.h b/esign.h
index 4ea631a8..dcda42c4 100644
--- a/esign.h
+++ b/esign.h
@@ -85,6 +85,14 @@ public:
 	void Initialize(RandomNumberGenerator &rng, unsigned int modulusBits)
 		{GenerateRandomWithKeySize(rng, modulusBits);}
 
+	// Squash Visual Studio C4250 warning
+	void Save(BufferedTransformation &bt) const
+		{BEREncode(bt);}
+
+	// Squash Visual Studio C4250 warning
+	void Load(BufferedTransformation &bt)
+		{BERDecode(bt);}
+
 	void BERDecode(BufferedTransformation &bt);
 	void DEREncode(BufferedTransformation &bt) const;
 

From a59e32be73d0c865ee4ce22e77d1cbcc1267c9a2 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 16 May 2017 04:49:33 -0400
Subject: [PATCH 175/200] Add missing Threefish test vectors to Filelist (Isse
 422)

---
 Filelist.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Filelist.txt b/Filelist.txt
index 29c25205..f43b8a17 100644
--- a/Filelist.txt
+++ b/Filelist.txt
@@ -441,6 +441,7 @@ TestVectors/shacal2.txt
 TestVectors/siphash.txt
 TestVectors/sosemanuk.txt
 TestVectors/tea.txt
+TestVectors/threefish.txt
 TestVectors/ttmac.txt
 TestVectors/vmac.txt
 TestVectors/wake.txt

From 5b81b5c66c6b14cf9aa120100a9ddfb2b356cbee Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 17 May 2017 10:59:22 -0400
Subject: [PATCH 176/200] Updated test scripts for ARM NEON

---
 TestScripts/cryptest.sh | 38 +++++++++++++++++++++-----------------
 cryptest.sh             | 38 +++++++++++++++++++++-----------------
 2 files changed, 42 insertions(+), 34 deletions(-)

diff --git a/TestScripts/cryptest.sh b/TestScripts/cryptest.sh
index a39efa8c..e831bba8 100755
--- a/TestScripts/cryptest.sh
+++ b/TestScripts/cryptest.sh
@@ -1461,46 +1461,50 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_ARM32" -ne "0" || "$IS_ARM64" -ne "0")) ]
 		echo "Testing: ARM NEON code generation" | tee -a "$TEST_RESULTS"
 		echo
 
-		OBJFILE=blake2.o; rm -f "$OBJFILE" 2>/dev/null
+		OBJFILE=aria.o; rm -f "$OBJFILE" 2>/dev/null
 		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
 		DISASS_TEXT=$("$DISASS" "${DISASSARGS[@]}" "$OBJFILE" 2>/dev/null)
 
-		# BLAKE2_NEON_Compress32: 30 each vld1q_u8 and vld1q_u64
-		# BLAKE2_NEON_Compress64: 22 each vld1q_u8 and vld1q_u64
-		COUNT1=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'ldr.*q|vld.*128')
-		COUNT2=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'ldp.*q')
-		COUNT=$(($COUNT1 + $(($COUNT2 + $COUNT2))))
-		if [[ ("$COUNT" -lt "25") ]]; then
+		# ARIA::UncheckedKeySet: 8 vld1q.32
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'vld')
+		if [[ ("$COUNT" -lt "8") ]]; then
 			FAILED=1
 			echo "ERROR: failed to generate expected vector load instructions" | tee -a "$TEST_RESULTS"
 		fi
 
-		# BLAKE2_NEON_Compress{32|64}: 6 each vst1q_u32 and vst1q_u64
-		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'str.*q|vstr')
-		if [[ ("$COUNT" -lt "6") ]]; then
+		# ARIA::UncheckedKeySet: 24 vstr1q.32
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'vst')
+		if [[ ("$COUNT" -lt "24") ]]; then
 			FAILED=1
 			echo "ERROR: failed to generate expected vector store instructions" | tee -a "$TEST_RESULTS"
 		fi
 
-		# BLAKE2_NEON_Compress{32|64}: 409 each vaddq_u32 and vaddq_u64
-		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'add.*v|vadd')
-		if [[ ("$COUNT" -lt "400") ]]; then
+		# ARIA::UncheckedKeySet: 17 vshl.32
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'vshl')
+		if [[ ("$COUNT" -lt "17") ]]; then
 			FAILED=1
-			echo "ERROR: failed to generate expected vector add instructions" | tee -a "$TEST_RESULTS"
+			echo "ERROR: failed to generate expected vector shift left instructions" | tee -a "$TEST_RESULTS"
 		fi
 
-		# BLAKE2_NEON_Compress{32|64}: 559 each veorq_u32 and veorq_u64
+		# ARIA::UncheckedKeySet: 17 vshr.32
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'vshl')
+		if [[ ("$COUNT" -lt "17") ]]; then
+			FAILED=1
+			echo "ERROR: failed to generate expected vector shift right instructions" | tee -a "$TEST_RESULTS"
+		fi
+
+		# ARIA::UncheckedKeySet: 34 veor
 		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'eor.*v|veor')
-		if [[ ("$COUNT" -lt "550") ]]; then
+		if [[ ("$COUNT" -lt "34") ]]; then
 			FAILED=1
 			echo "ERROR: failed to generate expected vector xor instructions" | tee -a "$TEST_RESULTS"
 		fi
 
 		if [[ ("$FAILED" -eq "0") ]]; then
-			echo "Verified vector load, store, add, xor machine instructions" | tee -a "$TEST_RESULTS"
+			echo "Verified vector load, store, shfit left, shift right, xor machine instructions" | tee -a "$TEST_RESULTS"
 		fi
 	fi
 
diff --git a/cryptest.sh b/cryptest.sh
index a39efa8c..e831bba8 100755
--- a/cryptest.sh
+++ b/cryptest.sh
@@ -1461,46 +1461,50 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_ARM32" -ne "0" || "$IS_ARM64" -ne "0")) ]
 		echo "Testing: ARM NEON code generation" | tee -a "$TEST_RESULTS"
 		echo
 
-		OBJFILE=blake2.o; rm -f "$OBJFILE" 2>/dev/null
+		OBJFILE=aria.o; rm -f "$OBJFILE" 2>/dev/null
 		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
 		DISASS_TEXT=$("$DISASS" "${DISASSARGS[@]}" "$OBJFILE" 2>/dev/null)
 
-		# BLAKE2_NEON_Compress32: 30 each vld1q_u8 and vld1q_u64
-		# BLAKE2_NEON_Compress64: 22 each vld1q_u8 and vld1q_u64
-		COUNT1=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'ldr.*q|vld.*128')
-		COUNT2=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'ldp.*q')
-		COUNT=$(($COUNT1 + $(($COUNT2 + $COUNT2))))
-		if [[ ("$COUNT" -lt "25") ]]; then
+		# ARIA::UncheckedKeySet: 8 vld1q.32
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'vld')
+		if [[ ("$COUNT" -lt "8") ]]; then
 			FAILED=1
 			echo "ERROR: failed to generate expected vector load instructions" | tee -a "$TEST_RESULTS"
 		fi
 
-		# BLAKE2_NEON_Compress{32|64}: 6 each vst1q_u32 and vst1q_u64
-		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'str.*q|vstr')
-		if [[ ("$COUNT" -lt "6") ]]; then
+		# ARIA::UncheckedKeySet: 24 vstr1q.32
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'vst')
+		if [[ ("$COUNT" -lt "24") ]]; then
 			FAILED=1
 			echo "ERROR: failed to generate expected vector store instructions" | tee -a "$TEST_RESULTS"
 		fi
 
-		# BLAKE2_NEON_Compress{32|64}: 409 each vaddq_u32 and vaddq_u64
-		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'add.*v|vadd')
-		if [[ ("$COUNT" -lt "400") ]]; then
+		# ARIA::UncheckedKeySet: 17 vshl.32
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'vshl')
+		if [[ ("$COUNT" -lt "17") ]]; then
 			FAILED=1
-			echo "ERROR: failed to generate expected vector add instructions" | tee -a "$TEST_RESULTS"
+			echo "ERROR: failed to generate expected vector shift left instructions" | tee -a "$TEST_RESULTS"
 		fi
 
-		# BLAKE2_NEON_Compress{32|64}: 559 each veorq_u32 and veorq_u64
+		# ARIA::UncheckedKeySet: 17 vshr.32
+		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'vshl')
+		if [[ ("$COUNT" -lt "17") ]]; then
+			FAILED=1
+			echo "ERROR: failed to generate expected vector shift right instructions" | tee -a "$TEST_RESULTS"
+		fi
+
+		# ARIA::UncheckedKeySet: 34 veor
 		COUNT=$(echo -n "$DISASS_TEXT" | "$EGREP" -i -c 'eor.*v|veor')
-		if [[ ("$COUNT" -lt "550") ]]; then
+		if [[ ("$COUNT" -lt "34") ]]; then
 			FAILED=1
 			echo "ERROR: failed to generate expected vector xor instructions" | tee -a "$TEST_RESULTS"
 		fi
 
 		if [[ ("$FAILED" -eq "0") ]]; then
-			echo "Verified vector load, store, add, xor machine instructions" | tee -a "$TEST_RESULTS"
+			echo "Verified vector load, store, shfit left, shift right, xor machine instructions" | tee -a "$TEST_RESULTS"
 		fi
 	fi
 

From 03a6a8fb7328d619f84292bf96b81df02aaa121d Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 17 May 2017 14:38:37 -0400
Subject: [PATCH 177/200] Add separate Enc and Dec classes to Threefish The
 change speeds up benchmarks for Threefish-256 and Threefish-512 by about 10
 MiB/s on a 6th gen Skylake

---
 threefish.cpp | 176 ++++++++++++++++++++++++++++++++------------------
 threefish.h   |  33 +++++++---
 2 files changed, 138 insertions(+), 71 deletions(-)

diff --git a/threefish.cpp b/threefish.cpp
index fde7a894..bb472851 100644
--- a/threefish.cpp
+++ b/threefish.cpp
@@ -45,7 +45,7 @@ ANONYMOUS_NAMESPACE_BEGIN
     G2 -= (m_rkey[(r + 3) % 5] + m_tweak[(r + 2) % 3]); \
     G3 -= (m_rkey[(r + 4) % 5] + r + 1);
 
-#define G8256(r) \
+#define G256x8(r) \
     G256(G0, G1, G2, G3, 14, 16); \
     G256(G0, G3, G2, G1, 52, 57); \
     G256(G0, G1, G2, G3, 23, 40); \
@@ -57,7 +57,7 @@ ANONYMOUS_NAMESPACE_BEGIN
     G256(G0, G3, G2, G1, 32, 32); \
     KS256(r + 1);
 
-#define IG8256(r) \
+#define IG256x8(r) \
     IG256(G0, G3, G2, G1, 32, 32); \
     IG256(G0, G1, G2, G3, 58, 22); \
     IG256(G0, G3, G2, G1, 46, 12); \
@@ -109,7 +109,7 @@ ANONYMOUS_NAMESPACE_BEGIN
     G6 += m_rkey[(r + 7) % 9] + m_tweak[(r + 2) % 3]; \
     G7 += m_rkey[(r + 8) % 9] + r + 1;
 
-#define IG8512(r) \
+#define IG512x8(r) \
     IG512(G6, G1, G0, G7, G2, G5, G4, G3, 8, 35, 56, 22); \
     IG512(G4, G1, G6, G3, G0, G5, G2, G7, 25, 29, 39, 43); \
     IG512(G2, G1, G4, G7, G6, G5, G0, G3, 13, 50, 10, 17); \
@@ -121,7 +121,7 @@ ANONYMOUS_NAMESPACE_BEGIN
     IG512(G0, G1, G2, G3, G4, G5, G6, G7, 46, 36, 19, 37); \
     IKS512(r - 1)
 
-#define G8512(r) \
+#define G512x8(r) \
     G512(G0, G1, G2, G3, G4, G5, G6, G7, 46, 36, 19, 37); \
     G512(G2, G1, G4, G7, G6, G5, G0, G3, 33, 27, 14, 42); \
     G512(G4, G1, G6, G3, G0, G5, G2, G7, 17, 49, 36, 39); \
@@ -205,7 +205,7 @@ ANONYMOUS_NAMESPACE_BEGIN
     G14 += m_rkey[(r + 15) % 17] + m_tweak[(r + 2) % 3]; \
     G15 += m_rkey[(r + 16) % 17] + r + 1;
 
-#define IG81024(r) \
+#define IG1024x8(r) \
     IG1024(G0, G15, G2, G11, G6, G13, G4, G9, G14, G1, G8, G5, G10, G3, G12, G7, 9, 48, 35, 52, 23, 31, 37, 20); \
     IG1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 31, 44, 47, 46, 19, 42, 44, 25); \
     IG1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 16, 34, 56, 51, 4, 53, 42, 41); \
@@ -217,7 +217,7 @@ ANONYMOUS_NAMESPACE_BEGIN
     IG1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 24, 13, 8, 47, 8, 17, 22, 37); \
     IKS1024(r - 1);
 
-#define G81024(r) \
+#define G1024x8(r) \
     G1024(G0, G1, G2, G3, G4, G5, G6, G7, G8, G9, G10, G11, G12, G13, G14, G15, 24, 13, 8, 47, 8, 17, 22, 37); \
     G1024(G0, G9, G2, G13, G6, G11, G4, G15, G10, G7, G12, G3, G14, G5, G8, G1, 38, 19, 10, 55, 49, 18, 23, 52); \
     G1024(G0, G7, G2, G5, G4, G3, G6, G1, G12, G15, G14, G13, G8, G11, G10, G9, 33, 4, 51, 13, 34, 41, 59, 17); \
@@ -285,7 +285,7 @@ void Threefish::Base::UncheckedSetKey(const byte *key, unsigned int keylen, cons
     }
 }
 
-void Threefish::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+void Threefish::Enc::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
     switch(m_blocksize)
     {
@@ -303,7 +303,7 @@ void Threefish::Base::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlo
     }
 }
 
-void Threefish::Base::ProcessAndXorBlock_256(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+void Threefish::Enc::ProcessAndXorBlock_256(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
     word64 &G0=m_wspace[0], &G1=m_wspace[1], &G2=m_wspace[2], &G3=m_wspace[3];
 
@@ -312,22 +312,11 @@ void Threefish::Base::ProcessAndXorBlock_256(const byte *inBlock, const byte *xo
     InBlock iblk(inBlock);
     iblk(G0)(G1)(G2)(G3);
 
-    if (IsForwardTransformation())
-    {
-        G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
-        G1 += m_tweak[0]; G2 += m_tweak[1];
+    G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
+    G1 += m_tweak[0]; G2 += m_tweak[1];
 
-        G8256(0); G8256(2); G8256(4); G8256(6); G8256(8);
-        G8256(10); G8256(12); G8256(14); G8256(16);
-    }
-    else
-    {
-        G0 -= m_rkey[3]; G1 -= m_rkey[4]; G2 -= m_rkey[0]; G3 -= m_rkey[1];
-        G1 -= m_tweak[0]; G2 -= m_tweak[1]; G3 -= 18;
-
-        IG8256(16); IG8256(14); IG8256(12); IG8256(10);
-        IG8256(8); IG8256(6); IG8256(4); IG8256(2); IG8256(0);
-    }
+    G256x8(0); G256x8(2); G256x8(4); G256x8(6); G256x8(8);
+    G256x8(10); G256x8(12); G256x8(14); G256x8(16);
 
     // Reverse bytes on BigEndian; Align pointer on LittleEndian
     typedef PutBlock<word64, LittleEndian, false> OutBlock;
@@ -335,7 +324,7 @@ void Threefish::Base::ProcessAndXorBlock_256(const byte *inBlock, const byte *xo
     oblk(G0)(G1)(G2)(G3);
 }
 
-void Threefish::Base::ProcessAndXorBlock_512(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+void Threefish::Enc::ProcessAndXorBlock_512(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
     word64 &G0=m_wspace[0],   &G1=m_wspace[1],   &G2=m_wspace[2],   &G3=m_wspace[3];
     word64 &G4=m_wspace[4],   &G5=m_wspace[5],   &G6=m_wspace[6],   &G7=m_wspace[7];
@@ -345,25 +334,13 @@ void Threefish::Base::ProcessAndXorBlock_512(const byte *inBlock, const byte *xo
     InBlock iblk(inBlock);
     iblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7);
 
-    if (IsForwardTransformation())
-    {
-        // 34 integer instructions total
-        G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
-        G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
-        G5 += m_tweak[0]; G6 += m_tweak[1];
+    // 34 integer instructions total
+    G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
+    G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
+    G5 += m_tweak[0]; G6 += m_tweak[1];
 
-        G8512(0); G8512(2); G8512(4); G8512(6); G8512(8);
-        G8512(10); G8512(12); G8512(14); G8512(16);
-    }
-    else
-    {
-        G0 -= m_rkey[0]; G1 -= m_rkey[1]; G2 -= m_rkey[2]; G3 -= m_rkey[3];
-        G4 -= m_rkey[4]; G5 -= m_rkey[5]; G6 -= m_rkey[6]; G7 -= m_rkey[7];
-        G5 -= m_tweak[0]; G6 -= m_tweak[1];    G7 -= 18;
-
-        IG8512(16); IG8512(14); IG8512(12); IG8512(10);
-        IG8512(8); IG8512(6); IG8512(4); IG8512(2); IG8512(0);
-    }
+    G512x8(0); G512x8(2); G512x8(4); G512x8(6); G512x8(8);
+    G512x8(10); G512x8(12); G512x8(14); G512x8(16);
 
     // Reverse bytes on BigEndian; Align pointer on LittleEndian
     typedef PutBlock<word64, LittleEndian, false> OutBlock;
@@ -371,7 +348,7 @@ void Threefish::Base::ProcessAndXorBlock_512(const byte *inBlock, const byte *xo
     oblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7);
 }
 
-void Threefish::Base::ProcessAndXorBlock_1024(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+void Threefish::Enc::ProcessAndXorBlock_1024(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
 {
     word64  &G0=m_wspace[0],   &G1=m_wspace[1],   &G2=m_wspace[2],   &G3=m_wspace[3];
     word64  &G4=m_wspace[4],   &G5=m_wspace[5],   &G6=m_wspace[6],   &G7=m_wspace[7];
@@ -383,28 +360,103 @@ void Threefish::Base::ProcessAndXorBlock_1024(const byte *inBlock, const byte *x
     InBlock iblk(inBlock);
     iblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7)(G8)(G9)(G10)(G11)(G12)(G13)(G14)(G15);
 
-    if (IsForwardTransformation())
-    {
-        G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
-        G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
-        G8 += m_rkey[8]; G9 += m_rkey[9]; G10 += m_rkey[10]; G11 += m_rkey[11];
-        G12 += m_rkey[12]; G13 += m_rkey[13]; G14 += m_rkey[14]; G15 += m_rkey[15];
-        G13 += m_tweak[0]; G14 += m_tweak[1];
+    G0 += m_rkey[0]; G1 += m_rkey[1]; G2 += m_rkey[2]; G3 += m_rkey[3];
+    G4 += m_rkey[4]; G5 += m_rkey[5]; G6 += m_rkey[6]; G7 += m_rkey[7];
+    G8 += m_rkey[8]; G9 += m_rkey[9]; G10 += m_rkey[10]; G11 += m_rkey[11];
+    G12 += m_rkey[12]; G13 += m_rkey[13]; G14 += m_rkey[14]; G15 += m_rkey[15];
+    G13 += m_tweak[0]; G14 += m_tweak[1];
 
-        G81024(0); G81024(2); G81024(4); G81024(6); G81024(8);
-        G81024(10); G81024(12); G81024(14); G81024(16); G81024(18);
-    }
-    else
-    {
-        G0 -= m_rkey[3]; G1 -= m_rkey[4]; G2 -= m_rkey[5]; G3 -= m_rkey[6];
-        G4 -= m_rkey[7]; G5 -= m_rkey[8]; G6 -= m_rkey[9]; G7 -= m_rkey[10];
-        G8 -= m_rkey[11]; G9 -= m_rkey[12]; G10 -= m_rkey[13]; G11 -= m_rkey[14];
-        G12 -= m_rkey[15]; G13 -= m_rkey[16]; G14 -= m_rkey[0]; G15 -= m_rkey[1];
-        G13 -= m_tweak[2]; G14 -= m_tweak[0]; G15 -= 20;
+    G1024x8(0); G1024x8(2); G1024x8(4); G1024x8(6); G1024x8(8);
+    G1024x8(10); G1024x8(12); G1024x8(14); G1024x8(16); G1024x8(18);
 
-        IG81024(18); IG81024(16); IG81024(14); IG81024(12); IG81024(10);
-        IG81024(8); IG81024(6); IG81024(4); IG81024(2); IG81024(0);
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7)(G8)(G9)(G10)(G11)(G12)(G13)(G14)(G15);
+}
+
+void Threefish::Dec::ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+{
+    switch(m_blocksize)
+    {
+    case 32:
+        ProcessAndXorBlock_256(inBlock, xorBlock, outBlock);
+        break;
+    case 64:
+        ProcessAndXorBlock_512(inBlock, xorBlock, outBlock);
+        break;
+    case 128:
+        ProcessAndXorBlock_1024(inBlock, xorBlock, outBlock);
+        break;
+    default:
+        CRYPTOPP_ASSERT(0);
     }
+}
+
+void Threefish::Dec::ProcessAndXorBlock_256(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+{
+    word64 &G0=m_wspace[0], &G1=m_wspace[1], &G2=m_wspace[2], &G3=m_wspace[3];
+
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(G0)(G1)(G2)(G3);
+
+    G0 -= m_rkey[3]; G1 -= m_rkey[4]; G2 -= m_rkey[0]; G3 -= m_rkey[1];
+    G1 -= m_tweak[0]; G2 -= m_tweak[1]; G3 -= 18;
+
+    IG256x8(16); IG256x8(14); IG256x8(12); IG256x8(10);
+    IG256x8(8); IG256x8(6); IG256x8(4); IG256x8(2); IG256x8(0);
+
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(G0)(G1)(G2)(G3);
+}
+
+void Threefish::Dec::ProcessAndXorBlock_512(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+{
+    word64 &G0=m_wspace[0],   &G1=m_wspace[1],   &G2=m_wspace[2],   &G3=m_wspace[3];
+    word64 &G4=m_wspace[4],   &G5=m_wspace[5],   &G6=m_wspace[6],   &G7=m_wspace[7];
+
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7);
+
+    G0 -= m_rkey[0]; G1 -= m_rkey[1]; G2 -= m_rkey[2]; G3 -= m_rkey[3];
+    G4 -= m_rkey[4]; G5 -= m_rkey[5]; G6 -= m_rkey[6]; G7 -= m_rkey[7];
+    G5 -= m_tweak[0]; G6 -= m_tweak[1];    G7 -= 18;
+
+    IG512x8(16); IG512x8(14); IG512x8(12); IG512x8(10);
+    IG512x8(8); IG512x8(6); IG512x8(4); IG512x8(2); IG512x8(0);
+
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef PutBlock<word64, LittleEndian, false> OutBlock;
+    OutBlock oblk(xorBlock, outBlock);
+    oblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7);
+}
+
+void Threefish::Dec::ProcessAndXorBlock_1024(const byte *inBlock, const byte *xorBlock, byte *outBlock) const
+{
+    word64  &G0=m_wspace[0],   &G1=m_wspace[1],   &G2=m_wspace[2],   &G3=m_wspace[3];
+    word64  &G4=m_wspace[4],   &G5=m_wspace[5],   &G6=m_wspace[6],   &G7=m_wspace[7];
+    word64  &G8=m_wspace[8],   &G9=m_wspace[9],  &G10=m_wspace[10], &G11=m_wspace[11];
+    word64 &G12=m_wspace[12], &G13=m_wspace[13], &G14=m_wspace[14], &G15=m_wspace[15];
+
+    // Reverse bytes on BigEndian; Align pointer on LittleEndian
+    typedef GetBlock<word64, LittleEndian, false> InBlock;
+    InBlock iblk(inBlock);
+    iblk(G0)(G1)(G2)(G3)(G4)(G5)(G6)(G7)(G8)(G9)(G10)(G11)(G12)(G13)(G14)(G15);
+
+    G0 -= m_rkey[3]; G1 -= m_rkey[4]; G2 -= m_rkey[5]; G3 -= m_rkey[6];
+    G4 -= m_rkey[7]; G5 -= m_rkey[8]; G6 -= m_rkey[9]; G7 -= m_rkey[10];
+    G8 -= m_rkey[11]; G9 -= m_rkey[12]; G10 -= m_rkey[13]; G11 -= m_rkey[14];
+    G12 -= m_rkey[15]; G13 -= m_rkey[16]; G14 -= m_rkey[0]; G15 -= m_rkey[1];
+    G13 -= m_tweak[2]; G14 -= m_tweak[0]; G15 -= 20;
+
+    IG1024x8(18); IG1024x8(16); IG1024x8(14); IG1024x8(12); IG1024x8(10);
+    IG1024x8(8); IG1024x8(6); IG1024x8(4); IG1024x8(2); IG1024x8(0);
 
     // Reverse bytes on BigEndian; Align pointer on LittleEndian
     typedef PutBlock<word64, LittleEndian, false> OutBlock;
diff --git a/threefish.h b/threefish.h
index 422da93f..087e52a0 100644
--- a/threefish.h
+++ b/threefish.h
@@ -68,7 +68,8 @@ public:
     {
     public:
         std::string AlgorithmName() const {
-            return m_blocksize ? "Threefish-" + IntToString(m_blocksize*8) + "(" + IntToString((m_rkey.size()-1)*8) + ")" : StaticAlgorithmName();
+            // Key length is the same as blocksize
+            return m_blocksize ? "Threefish-" + IntToString(m_blocksize*8) : StaticAlgorithmName();
         }
 
         unsigned int OptimalDataAlignment() const {
@@ -77,22 +78,36 @@ public:
 
     protected:
         void UncheckedSetKey(const byte *key, unsigned int keylen, const NameValuePairs &params);
-        void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 
-        void ProcessAndXorBlock_256(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
-        void ProcessAndXorBlock_512(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
-        void ProcessAndXorBlock_1024(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
-
-    private:
         typedef SecBlock<word64, AllocatorWithCleanup<word64, true> > AlignedSecBlock64;
         mutable AlignedSecBlock64 m_wspace;   // workspace
         AlignedSecBlock64         m_rkey;     // keys
         AlignedSecBlock64         m_tweak;
     };
 
+    class CRYPTOPP_NO_VTABLE Enc : public Base
+    {
+    protected:
+        void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+
+        void ProcessAndXorBlock_256(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+        void ProcessAndXorBlock_512(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+        void ProcessAndXorBlock_1024(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+    };
+
+    class CRYPTOPP_NO_VTABLE Dec : public Base
+    {
+    protected:
+        void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+
+        void ProcessAndXorBlock_256(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+        void ProcessAndXorBlock_512(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+        void ProcessAndXorBlock_1024(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
+    };
+
 public:
-    typedef BlockCipherFinal<ENCRYPTION, Base> Encryption;
-    typedef BlockCipherFinal<DECRYPTION, Base> Decryption;
+    typedef BlockCipherFinal<ENCRYPTION, Enc> Encryption;
+    typedef BlockCipherFinal<DECRYPTION, Dec> Decryption;
 };
 
 typedef Threefish::Encryption ThreefishEncryption;

From 1b1c32d7cf883078e0da02aaa38981f81c639cf3 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Wed, 17 May 2017 16:21:20 -0400
Subject: [PATCH 178/200] Build RDRAND for all platofrms (Issue 419, PR 424) We
 have not been able to determine a reliable way to detect cpu's and platforms
 with Cmake. We are side stepping the Cmake problem by building rdrand.cpp all
 the time. If its not avilable for a cpu or platform, then RDRAND or RDSEED
 throw an exception.

---
 GNUmakefile  | 10 ++--------
 rdrand.cpp   | 40 ++++++++++++++++++++++++++++++++++++++--
 validat1.cpp |  6 ------
 validate.h   |  2 --
 4 files changed, 40 insertions(+), 18 deletions(-)

diff --git a/GNUmakefile b/GNUmakefile
index 7947557b..8ec0f7f8 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -522,10 +522,6 @@ SRCS := cryptlib.cpp cpu.cpp integer.cpp $(filter-out cryptlib.cpp cpu.cpp integ
 ifeq ($(IS_X86)$(IS_X32)$(IS_X64)$(IS_ARM32)$(IS_ARM64),00000)
   SRCS := $(filter-out cpu.cpp, $(SRCS))
 endif
-# Need RDRAND for X86/X64/X32
-ifeq ($(IS_X86)$(IS_X32)$(IS_X64),000)
-  SRCS := $(filter-out rdrand.cpp, $(SRCS))
-endif
 
 ifneq ($(IS_MINGW),0)
 SRCS += winpipes.cpp
@@ -766,13 +762,11 @@ endif
 trim:
 ifneq ($(IS_DARWIN),0)
 	sed -i '' -e's/[[:space:]]*$$//' *.sh *.h *.cpp *.asm *.s *.sln *.vcxproj *.filters GNUmakefile GNUmakefile-cross
-	sed -i '' -e's/[[:space:]]*$$//' *.sh TestData/*.dat
-	sed -i '' -e's/[[:space:]]*$$//' *.sh TestVectors/*.txt
+	sed -i '' -e's/[[:space:]]*$$//' TestData/*.dat TestVectors/*.txt TestScripts/*.sh
 	make convert
 else
 	sed -i -e's/[[:space:]]*$$//' *.sh *.h *.cpp *.asm *.s *.sln *.vcxproj *.filters GNUmakefile GNUmakefile-cross
-	sed -i -e's/[[:space:]]*$$//' *.sh TestData/*.dat
-	sed -i -e's/[[:space:]]*$$//' *.sh TestVectors/*.txt
+	sed -i -e's/[[:space:]]*$$//' TestData/*.dat TestVectors/*.txt TestScripts/*.sh
 	make convert
 endif
 
diff --git a/rdrand.cpp b/rdrand.cpp
index f9dab893..b591407d 100644
--- a/rdrand.cpp
+++ b/rdrand.cpp
@@ -69,12 +69,12 @@
 #    define GCC_RDSEED_ASM_AVAILABLE 1
 #  endif
 # elif defined(CRYPTOPP_GCC_VERSION)
-#  if defined(__RDRND__) && (CRYPTOPP_GCC_VERSION >= 40600) && !defined(__OPTIMIZE_SIZE__)
+#  if defined(__RDRND__) && (CRYPTOPP_GCC_VERSION >= 40600) && !defined(__OPTIMIZE__)
 #    define ALL_RDRAND_INTRIN_AVAILABLE 1
 #  else
 #    define GCC_RDRAND_ASM_AVAILABLE 1
 #  endif
-#  if defined(__RDSEED__) && (CRYPTOPP_GCC_VERSION >= 40600) && !defined(__OPTIMIZE_SIZE__)
+#  if defined(__RDSEED__) && (CRYPTOPP_GCC_VERSION >= 40600) && !defined(__OPTIMIZE__)
 #    define ALL_RDSEED_INTRIN_AVAILABLE 1
 #  else
 #    define GCC_RDSEED_ASM_AVAILABLE 1
@@ -118,6 +118,8 @@ extern "C" void NASM_RDSEED_GenerateBlock(byte*, size_t);
 
 NAMESPACE_BEGIN(CryptoPP)
 
+#if defined(CRYPTOPP_CPUID_AVAILABLE)
+
 // Fills 4 bytes
 inline void RDRAND32(void* output)
 {
@@ -425,4 +427,38 @@ void RDSEED::DiscardBytes(size_t n)
     }
 }
 
+#else  // CRYPTOPP_CPUID_AVAILABLE
+
+RDRAND::RDRAND()
+{
+    throw RDRAND_Err("HasRDRAND");
+}
+
+void RDRAND::GenerateBlock(byte *output, size_t size)
+{
+    CRYPTOPP_UNUSED(output); CRYPTOPP_UNUSED(size);
+}
+
+void RDRAND::DiscardBytes(size_t n)
+{
+    CRYPTOPP_UNUSED(n);
+}
+
+RDSEED::RDSEED()
+{
+    throw RDSEED_Err("HasRDSEED");
+}
+
+void RDSEED::GenerateBlock(byte *output, size_t size)
+{
+    CRYPTOPP_UNUSED(output); CRYPTOPP_UNUSED(size);
+}
+
+void RDSEED::DiscardBytes(size_t n)
+{
+    CRYPTOPP_UNUSED(n);
+}
+
+#endif
+
 NAMESPACE_END
diff --git a/validat1.cpp b/validat1.cpp
index 1157d60e..fa43cc92 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -79,10 +79,8 @@ bool ValidateAll(bool thorough)
 #if defined(CRYPTOPP_EXTENDED_VALIDATION)
 	pass=TestMersenne() && pass;
 #endif
-#if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
 	pass=TestRDRAND() && pass;
 	pass=TestRDSEED() && pass;
-#endif
 
 #if defined(CRYPTOPP_EXTENDED_VALIDATION)
 	// http://github.com/weidai11/cryptopp/issues/92
@@ -927,7 +925,6 @@ bool TestMersenne()
 }
 #endif
 
-#if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
 bool TestRDRAND()
 {
 	std::cout << "\nTesting RDRAND generator...\n\n";
@@ -1030,9 +1027,7 @@ bool TestRDRAND()
 	std::cout.flush();
 	return pass;
 }
-#endif
 
-#if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
 bool TestRDSEED()
 {
 	std::cout << "\nTesting RDSEED generator...\n\n";
@@ -1135,7 +1130,6 @@ bool TestRDSEED()
 	std::cout.flush();
 	return pass;
 }
-#endif
 
 bool ValidateHashDRBG()
 {
diff --git a/validate.h b/validate.h
index 9e25e1bb..8d2d4f46 100644
--- a/validate.h
+++ b/validate.h
@@ -22,10 +22,8 @@ bool TestRandomPool();
 #if !defined(NO_OS_DEPENDENCE)
 bool TestAutoSeededX917();
 #endif
-#if (CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64)
 bool TestRDRAND();
 bool TestRDSEED();
-#endif
 
 bool ValidateBaseCode();
 bool ValidateCRC32();

From 3fe188ba894e7e0b0723f93675498efb8b3fb771 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 18 May 2017 00:59:11 -0400
Subject: [PATCH 179/200] Updated README with additional algorithms

---
 Readme.txt | 26 ++++++++++++++------------
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/Readme.txt b/Readme.txt
index 908e56c4..aef18e58 100644
--- a/Readme.txt
+++ b/Readme.txt
@@ -14,23 +14,24 @@ Currently the library contains the following algorithms:
            AES and AES candidates  AES (Rijndael), RC6, MARS, Twofish, Serpent,
                                    CAST-256
 
-                                   IDEA, Triple-DES (DES-EDE2 and DES-EDE3),
-              other block ciphers  Camellia, SEED, RC5, Blowfish, TEA, XTEA,
-                                   Skipjack, SHACAL-2
+                                   ARIA, IDEA, Triple-DES (DES-EDE2 and DES-EDE3),
+              other block ciphers  Camellia, SEED, Kalyna RC5, Blowfish, TEA, XTEA,
+                                   Threefish, Skipjack, SHACAL-2
 
   block cipher modes of operation  ECB, CBC, CBC ciphertext stealing (CTS),
                                    CFB, OFB, counter mode (CTR)
 
      message authentication codes  VMAC, HMAC, GMAC, CMAC, CBC-MAC, DMAC,
-                                   Two-Track-MAC, BLAKE2 (BLAKE2b, BLAKE2s)
+                                   Two-Track-MAC, BLAKE2s, BLAKE2b
 
-                                   BLAKE2 (BLAKE2b, BLAKE2s), SHA-1, SHA-2 (SHA-224,
-                   hash functions  SHA-256, SHA-384, and SHA-512), SHA-3, Tiger,
-                                   WHIRLPOOL, RIPEMD-128, RIPEMD-256, RIPEMD-160,
-                                   RIPEMD-320
+                                   BLAKE2s, BLAKE2b, Keccack (F1600) SHA-1, SHA-2 
+                   hash functions  (SHA-224, SHA-256, SHA-384, and SHA-512), SHA-3,
+                                   Tiger,WHIRLPOOL, RIPEMD-128, RIPEMD-256,
+                                   RIPEMD-160, RIPEMD-320
 
-                                   RSA, DSA, ElGamal, Nyberg-Rueppel (NR),
-          public-key cryptography  Rabin-Williams (RW), LUC, LUCELG,
+                                   RSA, DSA, Determinsitic DSA, ElGamal, 
+          public-key cryptography  Nyberg-Rueppel (NR), Rabin-Williams (RW), LUC,
+                                   LUCELG, EC-based German Digital Signature (ECGDSA),
                                    DLIES (variants of DHAES), ESIGN
 
    padding schemes for public-key  PKCS#1 v2.0, OAEP, PSS, PSSR, IEEE P1363
@@ -40,7 +41,7 @@ Currently the library contains the following algorithms:
             key agreement schemes  (DH2), Menezes-Qu-Vanstone (MQV), Hashed MQV (HMQV),
                                    Fully Hashed MQV (FHMQV), LUCDIF, XTR-DH
 
-      elliptic curve cryptography  ECDSA, ECNR, ECIES, ECDH, ECMQV
+      elliptic curve cryptography  ECDSA, Determinsitic ECDSA, ECNR, ECIES, ECDH, ECMQV
 
           insecure or obsolescent  MD2, MD4, MD5, Panama Hash, DES, ARC4, SEAL
 algorithms retained for backwards  3.0, WAKE-OFB, DESX (DES-XEX3), RC2,
@@ -49,7 +50,8 @@ algorithms retained for backwards  3.0, WAKE-OFB, DESX (DES-XEX3), RC2,
 
 Other features include:
 
-  * pseudo random number generators (PRNG): ANSI X9.17 appendix C, RandomPool
+  * pseudo random number generators (PRNG): ANSI X9.17 appendix C, RandomPool,
+    RDRAND, RDSEED, NIST Hash DRBG, NIST HMAC DRBG
   * password based key derivation functions: PBKDF1 and PBKDF2 from PKCS #5,
     PBKDF from PKCS #12 appendix B, HKDF from RFC 5869
   * Shamir's secret sharing scheme and Rabin's information dispersal algorithm

From ddcd70b152964db5ced3623f26c61f7a4f8d31f5 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 18 May 2017 08:36:00 -0400
Subject: [PATCH 180/200] Fix "error C2065: prng undeclared identifier" under
 Windows Phone

---
 validat1.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/validat1.cpp b/validat1.cpp
index fa43cc92..27332172 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -625,7 +625,7 @@ bool TestRandomPool()
 		std::cout << "  GenerateWord32 and Crop\n";
 	}
 
-#if !defined(NO_OS_DEPENDENCE)
+#if !defined(NO_OS_DEPENDENCE) && defined(OS_RNG_AVAILABLE)
 	std::cout << "\nTesting AutoSeeded RandomPool generator...\n\n";
 	{
 		AutoSeededRandomPool prng;
@@ -718,7 +718,7 @@ bool TestRandomPool()
 	return pass;
 }
 
-#if !defined(NO_OS_DEPENDENCE)
+#if !defined(NO_OS_DEPENDENCE) && defined(OS_RNG_AVAILABLE)
 bool TestAutoSeededX917()
 {
 	// This tests Auto-Seeding and GenerateIntoBufferedTransformation.

From a090aad8d2bb30f71d0fb6162afece367b0c8034 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 18 May 2017 08:45:07 -0400
Subject: [PATCH 181/200] Fix "warning C4702: unreachable code" under Windows
 Phone

---
 fipstest.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fipstest.cpp b/fipstest.cpp
index ccaed1b3..a7419821 100644
--- a/fipstest.cpp
+++ b/fipstest.cpp
@@ -46,7 +46,7 @@ extern "C" {void __cdecl _CRT_DEBUGGER_HOOK(int); }
 #include <iostream>
 
 #if CRYPTOPP_MSC_VERSION
-# pragma warning(disable: 4100)
+# pragma warning(disable: 4100 4702)
 #endif
 
 NAMESPACE_BEGIN(CryptoPP)

From 9dcb72f9e5309b19fd72fcf14672a652bbd63b83 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 18 May 2017 09:35:09 -0400
Subject: [PATCH 182/200] Fix "error LNK2019: unresolved external symbol
 TestAutoSeededX917()" under Windows Phone

---
 validat1.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/validat1.cpp b/validat1.cpp
index 27332172..ee46379c 100644
--- a/validat1.cpp
+++ b/validat1.cpp
@@ -72,7 +72,7 @@ bool ValidateAll(bool thorough)
 	bool pass=TestSettings();
 	pass=TestOS_RNG() && pass;
 	pass=TestRandomPool() && pass;
-#if !defined(NO_OS_DEPENDENCE)
+#if !defined(NO_OS_DEPENDENCE) && defined(OS_RNG_AVAILABLE)
 	pass=TestAutoSeededX917() && pass;
 #endif
 	// pass=TestSecRandom() && pass;

From 033fed8c9246152b06bc2dcf96bbf9b33b2be71f Mon Sep 17 00:00:00 2001
From: "Bernhard M. Wiedemann" <githubbmw@lsmod.de>
Date: Sat, 20 May 2017 00:34:08 +0200
Subject: [PATCH 183/200] have constant link order (#426)

Make builds reproducible
See https://reproducible-builds.org/ for why this is good.

Without this patch g++ would order functions in libcryptopp.so.5.6.5
depending on random order of files in the build system's filesystem.
---
 GNUmakefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/GNUmakefile b/GNUmakefile
index 8ec0f7f8..3981dd53 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -516,7 +516,7 @@ endif # HAS_SOLIB_VERSION
 ###########################################################
 
 # List cryptlib.cpp first, then cpu.cpp, then integer.cpp to tame C++ static initialization problems.
-SRCS := cryptlib.cpp cpu.cpp integer.cpp $(filter-out cryptlib.cpp cpu.cpp integer.cpp pch.cpp simple.cpp winpipes.cpp cryptlib_bds.cpp,$(wildcard *.cpp))
+SRCS := cryptlib.cpp cpu.cpp integer.cpp $(filter-out cryptlib.cpp cpu.cpp integer.cpp pch.cpp simple.cpp winpipes.cpp cryptlib_bds.cpp,$(sort $(wildcard *.cpp)))
 
 # Need CPU for X86/X64/X32 and ARM
 ifeq ($(IS_X86)$(IS_X32)$(IS_X64)$(IS_ARM32)$(IS_ARM64),00000)

From 82accdc13bfed8fa52e0b7681f5d10e5100740c4 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 19 May 2017 20:12:29 -0400
Subject: [PATCH 184/200] Sort source list (Pull Request 426)

---
 CMakeLists.txt | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 841fdab4..2bb6a945 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -91,8 +91,7 @@ if(IS_BIG_ENDIAN)
 	add_definitions(-DIS_BIG_ENDIAN)
 endif()
 
-# No DISABLE_NATIVE_ARCH with DISABLE_ASM for now
-#  See http://github.com/weidai11/cryptopp/issues/395
+# Also see http://github.com/weidai11/cryptopp/issues/395
 if(DISABLE_ASM)
 	add_definitions(-DCRYPTOPP_DISABLE_ASM)
 endif()
@@ -287,7 +286,9 @@ file(GLOB cryptopp_HEADERS *.h)
 file(GLOB cryptopp_SOURCES_TEST test.cpp bench1.cpp bench2.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp adhoc.cpp datatest.cpp regtest1.cpp regtest2.cpp regtest3.cpp fipsalgt.cpp dlltest.cpp fipstest.cpp)
 
 # Library sources. You can use the GNUmakefile to generate the list: `make sources`.
+# Makefile sorted them at http://github.com/weidai11/cryptopp/pull/426.
 file(GLOB cryptopp_SOURCES *.cpp)
+list(SORT cryptopp_SOURCES)
 list(REMOVE_ITEM cryptopp_SOURCES
 		${CMAKE_CURRENT_SOURCE_DIR}/cryptlib.cpp
 		${CMAKE_CURRENT_SOURCE_DIR}/cpu.cpp

From 4fef9b88371acde819cd431f4e099e7e511606e4 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Fri, 19 May 2017 23:29:59 -0400
Subject: [PATCH 185/200] Rework benchmark code This change moves test
 selections from test.cpp into bench.cpp. It also allows us finer control over
 test classes and algorithms

---
 bench.h      | 11 ++++++++++-
 bench1.cpp   | 38 +++++++++++++++++++++++++++++++++++---
 regtest1.cpp |  4 +++-
 test.cpp     | 48 +++---------------------------------------------
 validate.h   | 39 +++++++++++++++++++++++++++++++++++++++
 5 files changed, 90 insertions(+), 50 deletions(-)

diff --git a/bench.h b/bench.h
index a30b22ef..d16f7462 100644
--- a/bench.h
+++ b/bench.h
@@ -14,7 +14,14 @@
 NAMESPACE_BEGIN(CryptoPP)
 NAMESPACE_BEGIN(Test)
 
-enum TestClass {Unkeyed=1,SharedKey=2,PublicKey=4, All=Unkeyed|SharedKey|PublicKey};
+// More granular control over benchmarks
+enum TestClass {
+	Unkeyed=1,SharedKeyMAC=2,SharedKeyStream=4,SharedKeyBlock=8,SharedKeyOther=16,
+	PublicKeyAgreement=32,PublicKeyEncryption=64,PublicKeySignature=128,PublicKeyOther=256,
+	SharedKey=SharedKeyMAC|SharedKeyStream|SharedKeyBlock|SharedKeyOther,
+	PublicKey=PublicKeyAgreement|PublicKeyEncryption|PublicKeySignature|PublicKeyOther,
+	All=Unkeyed|SharedKey|PublicKey
+};
 
 extern const double CLOCK_TICKS_PER_SECOND;
 extern double g_allocatedTime;
@@ -27,6 +34,8 @@ extern const byte defaultKey[];
 extern time_t g_testBegin;
 extern time_t g_testEnd;
 
+// Command handler
+void BenchmarkWithCommand(int argc, const char* const argv[]);
 // Top level, prints preamble and postamble
 void Benchmark(Test::TestClass suites, double t, double hertz);
 // Unkeyed systems
diff --git a/bench1.cpp b/bench1.cpp
index 821aa08c..d288cdc7 100644
--- a/bench1.cpp
+++ b/bench1.cpp
@@ -339,6 +339,23 @@ void AddHtmlFooter()
 	std::cout << "\n</HTML>" << std::endl;
 }
 
+void BenchmarkWithCommand(int argc, const char* const argv[])
+{
+	std::string command(argv[1]);
+	float runningTime(argc >= 3 ? Test::StringToValue<float, true>(argv[2]) : 1.0f);
+	float cpuFreq(argc >= 4 ? Test::StringToValue<float, true>(argv[3])*float(1e9) : 0.0f);
+	std::string algoName(argc >= 5 ? argv[4] : "");
+
+	if (command == "b")  // All benchmarks
+		Benchmark(Test::All, runningTime, cpuFreq);
+	else if (command == "b3")  // Public key algorithms
+		Test::Benchmark(Test::PublicKey, runningTime, cpuFreq);
+	else if (command == "b2")  // Shared key algorithms
+		Test::Benchmark(Test::SharedKey, runningTime, cpuFreq);
+	else if (command == "b1")  // Unkeyed algorithms
+		Test::Benchmark(Test::Unkeyed, runningTime, cpuFreq);
+}
+
 void Benchmark(Test::TestClass suites, double t, double hertz)
 {
 	g_allocatedTime = t;
@@ -348,7 +365,7 @@ void Benchmark(Test::TestClass suites, double t, double hertz)
 
 	g_testBegin = std::time(NULLPTR);
 
-	if (static_cast<int>(suites) > 7 || static_cast<int>(suites) == 0)
+	if (static_cast<int>(suites) > 256 || static_cast<int>(suites) == 0)
 		suites = Test::All;
 
 	// Unkeyed algorithms
@@ -358,8 +375,22 @@ void Benchmark(Test::TestClass suites, double t, double hertz)
 		Benchmark1(t, hertz);
 	}
 
-	// Shared key algorithms
-	if (suites & Test::SharedKey)
+	// Shared key algorithms (MACs)
+	if (suites & Test::SharedKeyMAC)
+	{
+		std::cout << "\n<BR>";
+		Benchmark2(t, hertz);
+	}
+
+	// Shared key algorithms (stream ciphers)
+	if (suites & Test::SharedKeyStream)
+	{
+		std::cout << "\n<BR>";
+		Benchmark2(t, hertz);
+	}
+
+	// Shared key algorithms (block ciphers)
+	if (suites & Test::SharedKeyBlock)
 	{
 		std::cout << "\n<BR>";
 		Benchmark2(t, hertz);
@@ -399,6 +430,7 @@ void Benchmark1(double t, double hertz)
 		cpb = "";
 
 	std::cout << "\n<TABLE>";
+
 	std::cout << "\n<COLGROUP><COL style=\"text-align: left;\"><COL style=\"text-align: right;\">";
 	std::cout << "<COL style=\"text-align: right;\">";
 	std::cout << "\n<THEAD style=\"background: #F0F0F0\"><TR><TH>Algorithm<TH>MiB/Second" << cpb;
diff --git a/regtest1.cpp b/regtest1.cpp
index 194f2898..c4eb7380 100644
--- a/regtest1.cpp
+++ b/regtest1.cpp
@@ -52,7 +52,9 @@ void RegisterFactories(Test::TestClass suites)
 	if ((suites & Test::Unkeyed) == Test::Unkeyed)
 		RegisterFactories1();
 
-	if ((suites & Test::SharedKey) == Test::SharedKey)
+	if ((suites & Test::SharedKeyMAC) == Test::SharedKeyMAC ||
+		(suites & Test::SharedKeyMAC) == Test::SharedKeyStream ||
+		(suites & Test::SharedKeyMAC) == Test::SharedKeyBlock)
 		RegisterFactories2();
 
 	if ((suites & Test::PublicKey) == Test::PublicKey)
diff --git a/test.cpp b/test.cpp
index d1a479df..b19fbad5 100644
--- a/test.cpp
+++ b/test.cpp
@@ -117,43 +117,6 @@ int (*AdhocTest)(int argc, char *argv[]) = NULLPTR;
 NAMESPACE_BEGIN(CryptoPP)
 NAMESPACE_BEGIN(Test)
 
-// Coverity finding
-template <class T, bool NON_NEGATIVE>
-T StringToValue(const std::string& str)
-{
-	std::istringstream iss(str);
-
-	// Arbitrary, but we need to clear a Coverity finding TAINTED_SCALAR
-	if (iss.str().length() > 25)
-		throw InvalidArgument(str + "' is too long");
-
-	T value;
-	iss >> std::noskipws >> value;
-
-	// Use fail(), not bad()
-	if (iss.fail() || !iss.eof())
-		throw InvalidArgument(str + "' is not a value");
-
-	if (NON_NEGATIVE && value < 0)
-		throw InvalidArgument(str + "' is negative");
-
-	return value;
-}
-
-// Coverity finding
-template<>
-int StringToValue<int, true>(const std::string& str)
-{
-	Integer n(str.c_str());
-	long l = n.ConvertToLong();
-
-	int r;
-	if (!SafeConvert(l, r))
-		throw InvalidArgument(str + "' is not an integer value");
-
-	return r;
-}
-
 ANONYMOUS_NAMESPACE_BEGIN
 OFB_Mode<AES>::Encryption s_globalRNG;
 NAMESPACE_END
@@ -399,14 +362,8 @@ int CRYPTOPP_API main(int argc, char *argv[])
 			InformationRecoverFile(argc-3, argv[2], argv+3);
 		else if (command == "v" || command == "vv")
 			return !Validate(argc>2 ? Test::StringToValue<int, true>(argv[2]) : 0, argv[1][1] == 'v', argc>3 ? argv[3] : NULLPTR);
-		else if (command == "b")  // All benchmarks
-			Test::Benchmark(Test::All, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
-		else if (command == "b3")  // Public key algorithms
-			Test::Benchmark(Test::PublicKey, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
-		else if (command == "b2")  // Shared key algorithms
-			Test::Benchmark(Test::SharedKey, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
-		else if (command == "b1")  // Unkeyed algorithms
-			Test::Benchmark(Test::Unkeyed, argc<3 ? 1 : Test::StringToValue<float, true>(argv[2]), argc<4 ? 0.0f : Test::StringToValue<float, true>(argv[3])*1e9);
+		else if (command.substr(0,1) == "b") // "b", "b1", "b2", ...
+			Test::BenchmarkWithCommand(argc, argv);
 		else if (command == "z")
 			GzipFile(argv[3], argv[4], argv[2][0]-'0');
 		else if (command == "u")
@@ -435,6 +392,7 @@ int CRYPTOPP_API main(int argc, char *argv[])
 		{
 			FileSource usage(CRYPTOPP_DATA_DIR "TestData/usage.dat", true, new FileSink(std::cout));
 			return 1;
+			return 1;
 		}
 		else if (command == "V")
 		{
diff --git a/validate.h b/validate.h
index 8d2d4f46..e339bb01 100644
--- a/validate.h
+++ b/validate.h
@@ -5,6 +5,8 @@
 #define CRYPTOPP_VALIDATE_H
 
 #include "cryptlib.h"
+#include "integer.h"
+#include "misc.h"
 
 #include <iostream>
 #include <iomanip>
@@ -207,6 +209,43 @@ inline std::string TimeToString(const time_t& t)
 	return str;
 }
 
+// Coverity finding
+template <class T, bool NON_NEGATIVE>
+inline T StringToValue(const std::string& str)
+{
+	std::istringstream iss(str);
+
+	// Arbitrary, but we need to clear a Coverity finding TAINTED_SCALAR
+	if (iss.str().length() > 25)
+		throw InvalidArgument(str + "' is too long");
+
+	T value;
+	iss >> std::noskipws >> value;
+
+	// Use fail(), not bad()
+	if (iss.fail() || !iss.eof())
+		throw InvalidArgument(str + "' is not a value");
+
+	if (NON_NEGATIVE && value < 0)
+		throw InvalidArgument(str + "' is negative");
+
+	return value;
+}
+
+// Coverity finding
+template<>
+inline int StringToValue<int, true>(const std::string& str)
+{
+	Integer n(str.c_str());
+	long l = n.ConvertToLong();
+
+	int r;
+	if (!SafeConvert(l, r))
+		throw InvalidArgument(str + "' is not an integer value");
+
+	return r;
+}
+
 // Functions that need a RNG; uses AES inf CFB mode with Seed.
 CryptoPP::RandomNumberGenerator & GlobalRNG();
 

From e0d856d0ca08a70c7a33cae99b2bf3dc756bac95 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 20 May 2017 01:27:23 -0400
Subject: [PATCH 186/200] Clear coverity finding CONSTANT_EXPRESSION_RESULT
 (CID 179384)

---
 gzip.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gzip.cpp b/gzip.cpp
index 331ce019..2007bf80 100644
--- a/gzip.cpp
+++ b/gzip.cpp
@@ -9,7 +9,7 @@ NAMESPACE_BEGIN(CryptoPP)
 // Checks whether the character is valid for ISO/IEC 8859-1 as required by RFC 1952
 static inline bool Is8859Character(char c) {
 	const unsigned char cc = static_cast<unsigned char>(c);
-	return (cc >= 32 && cc <= 126) || (cc >= 160 && cc <= 255);
+	return (cc >= 32 && cc <= 126) || (cc >= 160);
 }
 
 void Gzip::IsolatedInitialize(const NameValuePairs &parameters)

From 555617d456b390b821f95fbdd7ae9d545df850be Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 20 May 2017 01:35:39 -0400
Subject: [PATCH 187/200] Clear coverity finding CONSTANT_EXPRESSION_RESULT
 (CID 147833)

---
 integer.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/integer.cpp b/integer.cpp
index ae9e1a1f..13a58a4e 100644
--- a/integer.cpp
+++ b/integer.cpp
@@ -3404,7 +3404,7 @@ void Integer::Decode(BufferedTransformation &bt, size_t inputLen, Signedness s)
 	reg.CleanNew(RoundupSize(BytesToWords(inputLen)));
 	for (size_t i=inputLen; i > 0; i--)
 	{
-		bt.Get(b);
+		(void)bt.Get(b);
 		reg[(i-1)/WORD_SIZE] |= word(b) << ((i-1)%WORD_SIZE)*8;
 	}
 

From 25fcb7bef83b8b11463e726b8ae5d0cfee8091b3 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 20 May 2017 01:42:20 -0400
Subject: [PATCH 188/200] Clear coverity finding CHECKED_RETURN (CID 147833)

---
 gf2n.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/gf2n.cpp b/gf2n.cpp
index e5e11207..a1d24ff3 100644
--- a/gf2n.cpp
+++ b/gf2n.cpp
@@ -155,12 +155,16 @@ void PolynomialMod2::Encode(byte *output, size_t outputLen) const
 
 void PolynomialMod2::Decode(BufferedTransformation &bt, size_t inputLen)
 {
+	CRYPTOPP_ASSERT(bt.MaxRetrievable() >= inputLen);
+	if (bt.MaxRetrievable() < inputLen)
+		throw InvalidArgument("PolynomialMod2: input length is too small");
+
 	reg.CleanNew(BytesToWords(inputLen));
 
 	for (size_t i=inputLen; i > 0; i--)
 	{
 		byte b;
-		bt.Get(b);
+		(void)bt.Get(b);
 		reg[(i-1)/WORD_SIZE] |= word(b) << ((i-1)%WORD_SIZE)*8;
 	}
 }

From 0bdbde2c21afeb858ebd6e2106c13b35b55b7ca6 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 20 May 2017 02:12:43 -0400
Subject: [PATCH 189/200] Clear coverity finding FORWARD_NULL (CID 147865)

---
 cryptlib.cpp | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/cryptlib.cpp b/cryptlib.cpp
index 24eb0209..9f1e749c 100644
--- a/cryptlib.cpp
+++ b/cryptlib.cpp
@@ -171,18 +171,18 @@ size_t BlockTransformation::AdvancedProcessBlocks(const byte *inBlocks, const by
 		outIncrement = 0-outIncrement;
 	}
 
+	// Coverity finding CID 147865. In practice, if BT_XorInput, then xorBlocks is non-NULL.
+	bool xorFlag = (flags & BT_XorInput) && (xorBlocks != NULLPTR);
 	while (length >= blockSize)
 	{
-		if (flags & BT_XorInput)
+		if (xorFlag)
 		{
-			// Coverity finding. However, xorBlocks is never NULL if BT_XorInput.
-			CRYPTOPP_ASSERT(xorBlocks);
 			xorbuf(outBlocks, xorBlocks, inBlocks, blockSize);
+			xorBlocks += xorIncrement;
 			ProcessBlock(outBlocks);
 		}
 		else
 		{
-			// xorBlocks can be NULL. See, for example, ECB_OneWay::ProcessData.
 			ProcessAndXorBlock(inBlocks, xorBlocks, outBlocks);
 		}
 
@@ -190,7 +190,6 @@ size_t BlockTransformation::AdvancedProcessBlocks(const byte *inBlocks, const by
 			const_cast<byte *>(inBlocks)[blockSize-1]++;
 		inBlocks += inIncrement;
 		outBlocks += outIncrement;
-		xorBlocks += xorIncrement;
 		length -= blockSize;
 	}
 

From 1abb5c36bd0055c203f3f283924ebdcfc029c073 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 20 May 2017 02:20:25 -0400
Subject: [PATCH 190/200] Revert "Clear coverity finding FORWARD_NULL (CID
 147865)"

This broke some self tests.
---
 cryptlib.cpp | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/cryptlib.cpp b/cryptlib.cpp
index 9f1e749c..24eb0209 100644
--- a/cryptlib.cpp
+++ b/cryptlib.cpp
@@ -171,18 +171,18 @@ size_t BlockTransformation::AdvancedProcessBlocks(const byte *inBlocks, const by
 		outIncrement = 0-outIncrement;
 	}
 
-	// Coverity finding CID 147865. In practice, if BT_XorInput, then xorBlocks is non-NULL.
-	bool xorFlag = (flags & BT_XorInput) && (xorBlocks != NULLPTR);
 	while (length >= blockSize)
 	{
-		if (xorFlag)
+		if (flags & BT_XorInput)
 		{
+			// Coverity finding. However, xorBlocks is never NULL if BT_XorInput.
+			CRYPTOPP_ASSERT(xorBlocks);
 			xorbuf(outBlocks, xorBlocks, inBlocks, blockSize);
-			xorBlocks += xorIncrement;
 			ProcessBlock(outBlocks);
 		}
 		else
 		{
+			// xorBlocks can be NULL. See, for example, ECB_OneWay::ProcessData.
 			ProcessAndXorBlock(inBlocks, xorBlocks, outBlocks);
 		}
 
@@ -190,6 +190,7 @@ size_t BlockTransformation::AdvancedProcessBlocks(const byte *inBlocks, const by
 			const_cast<byte *>(inBlocks)[blockSize-1]++;
 		inBlocks += inIncrement;
 		outBlocks += outIncrement;
+		xorBlocks += xorIncrement;
 		length -= blockSize;
 	}
 

From 1427f5ecf917d5be28243c445edbbab8945ebc65 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 20 May 2017 02:37:51 -0400
Subject: [PATCH 191/200] Clear coverity finding FORWARD_NULL (CID 147865)

---
 cryptlib.cpp | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/cryptlib.cpp b/cryptlib.cpp
index 24eb0209..3cac112f 100644
--- a/cryptlib.cpp
+++ b/cryptlib.cpp
@@ -171,18 +171,19 @@ size_t BlockTransformation::AdvancedProcessBlocks(const byte *inBlocks, const by
 		outIncrement = 0-outIncrement;
 	}
 
+	// Coverity finding.
+	bool xorFlag = xorBlocks && (flags & BT_XorInput);
 	while (length >= blockSize)
 	{
-		if (flags & BT_XorInput)
+		if (xorFlag)
 		{
-			// Coverity finding. However, xorBlocks is never NULL if BT_XorInput.
-			CRYPTOPP_ASSERT(xorBlocks);
+			// xorBlocks non-NULL and with BT_XorInput.
 			xorbuf(outBlocks, xorBlocks, inBlocks, blockSize);
 			ProcessBlock(outBlocks);
 		}
 		else
 		{
-			// xorBlocks can be NULL. See, for example, ECB_OneWay::ProcessData.
+			// xorBlocks may be non-NULL and without BT_XorInput.
 			ProcessAndXorBlock(inBlocks, xorBlocks, outBlocks);
 		}
 

From 8c02c6058440c23e7a860e0f56447f8e3bc580b9 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 20 May 2017 04:09:17 -0400
Subject: [PATCH 192/200] Add missing <sstream> header This failed under C++03
 builds. C++11 was OK, so it slipped past the initial smoke tests

---
 validate.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/validate.h b/validate.h
index e339bb01..1d5a097e 100644
--- a/validate.h
+++ b/validate.h
@@ -9,6 +9,7 @@
 #include "misc.h"
 
 #include <iostream>
+#include <sstream>
 #include <iomanip>
 #include <ctime>
 #include <cctype>

From bc0f943c6bfb3cf1dad50154953722d325d6b998 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 20 May 2017 17:59:21 -0400
Subject: [PATCH 193/200] Add defines for GCC_INLINE and GCC_INLINE_ATTRIB
 (Issues 427 and 428)

---
 cpu.h | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/cpu.h b/cpu.h
index 8d1db36e..d833f95c 100644
--- a/cpu.h
+++ b/cpu.h
@@ -32,6 +32,18 @@
 # endif
 #endif  // ARM32 and ARM64 Headers
 
+// Used when supplying ASM due to missing intrinsics
+#if defined(__clang__)
+#  define GCC_INLINE inline
+#  define GCC_INLINE_ATTRIB __attribute__((__gnu_inline__, __always_inline__))
+#elif (CRYPTOPP_GCC_VERSION >= 30300) || defined(__INTEL_COMPILER)
+#  define GCC_INLINE __inline
+#  define GCC_INLINE_ATTRIB __attribute__((__gnu_inline__, __always_inline__, __artificial__))
+#else
+#  define GCC_INLINE inline
+#  define GCC_INLINE_ATTRIB
+# endif
+
 // X86/X64/X32 Headers
 #if CRYPTOPP_BOOL_X86 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64
 

From 9d2455a69949356713cdbb8e34d20063e19cd457 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 20 May 2017 18:03:53 -0400
Subject: [PATCH 194/200] Add inline ASM for missing CRC intrinsics (Issue 428)

---
 crc.cpp | 33 ++++++++++++++++++++++++++++++---
 1 file changed, 30 insertions(+), 3 deletions(-)

diff --git a/crc.cpp b/crc.cpp
index 1add0d84..18babbb7 100644
--- a/crc.cpp
+++ b/crc.cpp
@@ -13,6 +13,33 @@ NAMESPACE_BEGIN(CryptoPP)
 # undef CRYPTOPP_BOOL_SSE4_INTRINSICS_AVAILABLE
 #endif
 
+
+// Use inline ASM to provide the instructions when the user omits -march=native
+#if (CRYPTOPP_GCC_VERSION >= 40300 || CRYPTOPP_LLVM_CLANG_VERSION >= 30200 || CRYPTOPP_APPLE_CLANG_VERSION >= 30200) && !defined(__SSE4_2__)
+GCC_INLINE unsigned int GCC_INLINE_ATTRIB
+MM_CRC32_U8(unsigned int crc, unsigned char val)
+{
+	asm ("crc32 %1, %0" : "+r"(crc) : "r"(val));
+	return crc;
+}
+GCC_INLINE unsigned int GCC_INLINE_ATTRIB
+MM_CRC32_U16(unsigned int crc, unsigned short val)
+{
+	asm ("crc32 %1, %0" : "+r"(crc) : "r"(val));
+	return crc;
+}
+GCC_INLINE unsigned int GCC_INLINE_ATTRIB
+MM_CRC32_U32(unsigned int crc, unsigned int val)
+{
+	asm ("crc32 %1, %0" : "+r"(crc) : "r"(val));
+	return crc;
+}
+#else
+	#define MM_CRC32_U8(a,b)  _mm_crc32_u8(a,b)
+	#define MM_CRC32_U16(a,b) _mm_crc32_u16(a,b)
+	#define MM_CRC32_U32(a,b) _mm_crc32_u32(a,b)
+#endif
+
 /* Table of CRC-32's of all single byte values (made by makecrc.c) */
 const word32 CRC32::m_tab[] = {
 #ifdef IS_LITTLE_ENDIAN
@@ -303,13 +330,13 @@ void CRC32C::Update(const byte *s, size_t n)
 	if (HasSSE4())
 	{
 		for(; !IsAligned<word32>(s) && n > 0; s++, n--)
-			m_crc = _mm_crc32_u8(m_crc, *s);
+			m_crc = MM_CRC32_U8(m_crc, *s);
 
 		for(; n > 4; s+=4, n-=4)
-			m_crc = _mm_crc32_u32(m_crc, *(const word32 *)(void*)s);
+			m_crc = MM_CRC32_U32(m_crc, *(const word32 *)(void*)s);
 
 		for(; n > 0; s++, n--)
-			m_crc = _mm_crc32_u8(m_crc, *s);
+			m_crc = MM_CRC32_U8(m_crc, *s);
 
 		return;
 	}

From 5fd202077c54b6488b7e8fca67656ab6eef5ea98 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 20 May 2017 18:32:48 -0400
Subject: [PATCH 195/200] Add additional compilers for inline ASM (Issue 428)

---
 crc.cpp | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/crc.cpp b/crc.cpp
index 18babbb7..52c2b0e6 100644
--- a/crc.cpp
+++ b/crc.cpp
@@ -13,9 +13,8 @@ NAMESPACE_BEGIN(CryptoPP)
 # undef CRYPTOPP_BOOL_SSE4_INTRINSICS_AVAILABLE
 #endif
 
-
-// Use inline ASM to provide the instructions when the user omits -march=native
-#if (CRYPTOPP_GCC_VERSION >= 40300 || CRYPTOPP_LLVM_CLANG_VERSION >= 30200 || CRYPTOPP_APPLE_CLANG_VERSION >= 30200) && !defined(__SSE4_2__)
+// Use inline ASM to provide the instructions when the user omits -march=native or -msse4.2
+#if (CRYPTOPP_GCC_VERSION >= 40300 || __INTEL_COMPILER >= 1000 || __SUNPRO_CC >= 0x5110 || CRYPTOPP_LLVM_CLANG_VERSION >= 20300 || CRYPTOPP_APPLE_CLANG_VERSION >= 40000) && !defined(__SSE4_2__)
 GCC_INLINE unsigned int GCC_INLINE_ATTRIB
 MM_CRC32_U8(unsigned int crc, unsigned char val)
 {

From 2f58912fddb27d1e8e0045e77adb745db62e5f42 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 21 May 2017 11:38:56 -0400
Subject: [PATCH 196/200] Enable RDSEED and SHA for AMD processors AMD donated
 a AMD Ryzen 7 1700X to the GCC Compile Farm. We were able to verify
 compatibility and correctness. Many thanks to AMD for the donation

---
 cpu.cpp | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/cpu.cpp b/cpu.cpp
index f5822600..dd2d87fa 100644
--- a/cpu.cpp
+++ b/cpu.cpp
@@ -267,10 +267,21 @@ void DetectX86Features()
 	else if (IsAMD(cpuid1))
 	{
 		static const unsigned int RDRAND_FLAG = (1 << 30);
+		static const unsigned int RDSEED_FLAG = (1 << 18);
+		static const unsigned int    SHA_FLAG = (1 << 29);
 
 		CpuId(0x01, cpuid1);
 		g_hasRDRAND = !!(cpuid1[2] /*ECX*/ & RDRAND_FLAG);
 
+		if (cpuid1[0] /*EAX*/ >= 7)
+		{
+			if (CpuId(7, cpuid3))
+			{
+				g_hasRDSEED = !!(cpuid3[1] /*EBX*/ & RDSEED_FLAG);
+				g_hasSHA = !!(cpuid3[1] /*EBX*/ & SHA_FLAG);
+			}
+		}
+
 		CpuId(0x80000005, cpuid1);
 		g_cacheLineSize = GETBYTE(cpuid1[2], 0);
 	}

From 1be7d29af9563daca8e4b6fc43b18e9257a313ff Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 21 May 2017 14:52:20 -0400
Subject: [PATCH 197/200] Update test script to exercise
 -DDISABLE_NATIVE_ARCH=1

---
 TestScripts/cryptest.sh | 16 ++++++++--------
 cryptest.sh             | 16 ++++++++--------
 2 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/TestScripts/cryptest.sh b/TestScripts/cryptest.sh
index e831bba8..51ad51c6 100755
--- a/TestScripts/cryptest.sh
+++ b/TestScripts/cryptest.sh
@@ -1163,7 +1163,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=sha.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		DISASS_TEXT=$("$DISASS" "${DISASSARGS[@]}" "$OBJFILE" 2>/dev/null)
 
@@ -1209,7 +1209,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=rijndael.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1271,7 +1271,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=gcm.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1313,7 +1313,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=rdrand.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1355,7 +1355,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=crc.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1393,7 +1393,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=sha.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1462,7 +1462,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_ARM32" -ne "0" || "$IS_ARM64" -ne "0")) ]
 		echo
 
 		OBJFILE=aria.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1519,7 +1519,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_ARM32" -ne "0" || "$IS_ARM64" -ne "0")) ]
 		echo
 
 		OBJFILE=gcm.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
diff --git a/cryptest.sh b/cryptest.sh
index e831bba8..51ad51c6 100755
--- a/cryptest.sh
+++ b/cryptest.sh
@@ -1163,7 +1163,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=sha.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		DISASS_TEXT=$("$DISASS" "${DISASSARGS[@]}" "$OBJFILE" 2>/dev/null)
 
@@ -1209,7 +1209,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=rijndael.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1271,7 +1271,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=gcm.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1313,7 +1313,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=rdrand.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1355,7 +1355,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=crc.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1393,7 +1393,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		echo
 
 		OBJFILE=sha.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1462,7 +1462,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_ARM32" -ne "0" || "$IS_ARM64" -ne "0")) ]
 		echo
 
 		OBJFILE=aria.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0
@@ -1519,7 +1519,7 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_ARM32" -ne "0" || "$IS_ARM64" -ne "0")) ]
 		echo
 
 		OBJFILE=gcm.o; rm -f "$OBJFILE" 2>/dev/null
-		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS ${PLATFORM_CXXFLAGS[@]}" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
 
 		COUNT=0
 		FAILED=0

From 0c4b80c9952d3a2bf3ddc87f2b54595de581d515 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 21 May 2017 20:45:08 -0400
Subject: [PATCH 198/200] Remove unaligned access safety with Asan and UBsan
 NO_UNALIGNED_DATA_ACCESS is now the norm. Those who allow unaligned data
 accesses are the special case.

---
 GNUmakefile | 50 +++++++++++++-------------------------------------
 1 file changed, 13 insertions(+), 37 deletions(-)

diff --git a/GNUmakefile b/GNUmakefile
index 3981dd53..91633f7f 100755
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -217,22 +217,6 @@ endif  # -march
 endif  # DISABLE_NATIVE_ARCH
 # END_NATIVE_ARCH
 
-# Aligned access required for -O3 and above due to vectorization
-UNALIGNED_ACCESS := $(shell $(EGREP) -c "^[[:space:]]*//[[:space:]]*\#[[:space:]]*define[[:space:]]*CRYPTOPP_NO_UNALIGNED_DATA_ACCESS" config.h)
-ifneq ($(UNALIGNED_ACCESS),0)
-ifeq ($(findstring -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS,$(CXXFLAGS)),)
-ifeq ($(findstring -O3,$(CXXFLAGS)),-O3)
-CXXFLAGS += -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS
-endif # -O3
-ifeq ($(findstring -O5,$(CXXFLAGS)),-O5)
-CXXFLAGS += -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS
-endif # -O5
-ifeq ($(findstring -Ofast,$(CXXFLAGS)),-Ofast)
-CXXFLAGS += -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS
-endif # -Ofast
-endif # CRYPTOPP_NO_UNALIGNED_DATA_ACCESS
-endif # UNALIGNED_ACCESS
-
 ifneq ($(INTEL_COMPILER),0)
 CXXFLAGS += -wd68 -wd186 -wd279 -wd327 -wd161 -wd3180
 ifeq ($(ICC111_OR_LATER),0)
@@ -296,22 +280,6 @@ CXXFLAGS += -pipe
 endif
 endif
 
-# Aligned access required for -O3 and above due to vectorization
-UNALIGNED_ACCESS := $(shell $(EGREP) -c "^[[:space:]]*//[[:space:]]*\#[[:space:]]*define[[:space:]]*CRYPTOPP_NO_UNALIGNED_DATA_ACCESS" config.h)
-ifneq ($(UNALIGNED_ACCESS),0)
-ifeq ($(findstring -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS,$(CXXFLAGS)),)
-ifeq ($(findstring -O3,$(CXXFLAGS)),-O3)
-CXXFLAGS += -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS
-endif # -O3
-ifeq ($(findstring -O5,$(CXXFLAGS)),-O5)
-CXXFLAGS += -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS
-endif # -O5
-ifeq ($(findstring -Ofast,$(CXXFLAGS)),-Ofast)
-CXXFLAGS += -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS
-endif # -Ofast
-endif # CRYPTOPP_NO_UNALIGNED_DATA_ACCESS
-endif # UNALIGNED_ACCESS
-
 endif	# IS_X86
 
 ###########################################################
@@ -403,8 +371,7 @@ CXXFLAGS += -DCRYPTOPP_DISABLE_ASM
 endif # CXXFLAGS
 endif # No ASM
 
-# Undefined Behavior Sanitizer (UBsan) testing. There's no sense in
-#   allowing unaligned data access. There will too many findings.
+# Undefined Behavior Sanitizer (UBsan) testing. Issue 'make ubsan'.
 ifeq ($(findstring ubsan,$(MAKECMDGOALS)),ubsan)
 ifeq ($(findstring -fsanitize=undefined,$(CXXFLAGS)),)
 CXXFLAGS += -fsanitize=undefined
@@ -412,9 +379,6 @@ endif # CXXFLAGS
 ifeq ($(findstring -DCRYPTOPP_COVERAGE,$(CXXFLAGS)),)
 CXXFLAGS += -DCRYPTOPP_COVERAGE
 endif # CXXFLAGS
-ifeq ($(findstring -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS,$(CXXFLAGS)),)
-CXXFLAGS += -DCRYPTOPP_NO_UNALIGNED_DATA_ACCESS
-endif # CXXFLAGS
 endif # UBsan
 
 # Address Sanitizer (Asan) testing. Issue 'make asan'.
@@ -829,6 +793,18 @@ rdrand-%.o:
 	./rdrand-nasm.sh
 endif
 
+# Don't build Rijndael with UBsan. Too much noise due to unaligned data accesses.
+ifneq ($(findstring -fsanitize=undefined,$(CXXFLAGS)),)
+rijndael.o : rijndael.cpp
+	$(CXX) $(strip $(subst -fsanitize=undefined,,$(CXXFLAGS))) -c $<
+endif
+
+# Don't build VMAC and friends with Asan. Too many false positives.
+ifneq ($(findstring -fsanitize=address,$(CXXFLAGS)),)
+vmac.o : vmac.cpp
+	$(CXX) $(strip $(subst -fsanitize=address,,$(CXXFLAGS))) -c $<
+endif
+
 # Only use CRYPTOPP_DATA_DIR if its not set in CXXFLAGS
 ifeq ($(findstring -DCRYPTOPP_DATA_DIR, $(strip $(CXXFLAGS))),)
 ifneq ($(strip $(CRYPTOPP_DATA_DIR)),)

From f40c55810d25949d59f8de2921d56bd06099c4cc Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Sun, 21 May 2017 21:51:31 -0400
Subject: [PATCH 199/200] Add method for sanitizer suppression

---
 config.h | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/config.h b/config.h
index 66292257..d21b0d4a 100644
--- a/config.h
+++ b/config.h
@@ -764,14 +764,23 @@ NAMESPACE_END
 
 // ************** Deprecated ***************
 
-#if (CRYPTOPP_GCC_VERSION >= 40500) || (CRYPTOPP_LLVM_CLANG_VERSION >= 20800)
-# define CRYPTOPP_DEPRECATED(msg) __attribute__((deprecated (msg)));
+#if (CRYPTOPP_GCC_VERSION >= 40500) || (CRYPTOPP_LLVM_CLANG_VERSION >= 20800) || (CRYPTOPP_APPLE_CLANG_VERSION >= 40200)
+# define CRYPTOPP_DEPRECATED(msg) __attribute__((deprecated (msg)))
 #elif (CRYPTOPP_GCC_VERSION)
-# define CRYPTOPP_DEPRECATED(msg) __attribute__((deprecated));
+# define CRYPTOPP_DEPRECATED(msg) __attribute__((deprecated))
 #else
 # define CRYPTOPP_DEPRECATED(msg)
 #endif
 
+// ************** Instrumentation ***************
+
+// GCC does not support; see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78204
+#if (CRYPTOPP_LLVM_CLANG_VERSION >= 30700) || (CRYPTOPP_APPLE_CLANG_VERSION >= 70000)
+# define CRYPTOPP_NO_SANITIZE(x) __attribute__((no_sanitize(x)))
+#else
+# define CRYPTOPP_NO_SANITIZE(x)
+#endif
+
 // ***************** C++11 related ********************
 
 // Visual Studio began at VS2010, http://msdn.microsoft.com/en-us/library/hh567368%28v=vs.110%29.aspx.

From bc40d3607565f53af732e1c01d2b3e22ed837432 Mon Sep 17 00:00:00 2001
From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 22 May 2017 04:34:57 -0400
Subject: [PATCH 200/200] Fixed ARIA self test failures under SunCC

---
 aria.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aria.cpp b/aria.cpp
index 8e2a561b..bfa9ab07 100644
--- a/aria.cpp
+++ b/aria.cpp
@@ -453,7 +453,7 @@ void ARIA::Base::UncheckedSetKey(const byte *key, unsigned int keylen, const Nam
 		rk = m_rk.data();
 		r = R; q = Q;
 
-#if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS
+#if CRYPTOPP_ENABLE_ARIA_SSE2_INTRINSICS && !defined(__SUNPRO_CC)
 		if (HasSSE2())
 		{
 			a=reinterpret_cast<word32*>(rk); s=m_w.data()+24; z=a+r*4;