// RIPEMD-160 written and placed in the public domain by Wei Dai

/*
 * This code implements the MD4 message-digest algorithm.
 * The algorithm is due to Ron Rivest.  This code was
 * written by Colin Plumb in 1993, no copyright is claimed.
 * This code is in the public domain; do with it what you wish.
 */

/* Adapted for TrueCrypt */
/* Adapted for VeraCrypt */
#if !defined(_UEFI)
#include <memory.h>
#endif // !defined(_UEFI)

#include "Common/Tcdefs.h"
#include "Common/Endian.h"
#include "Rmd160.h"

#define F(x, y, z)    (x ^ y ^ z) 
#define G(x, y, z)    (z ^ (x & (y^z)))
#define H(x, y, z)    (z ^ (x | ~y))
#define I(x, y, z)    (y ^ (z & (x^y)))
#define J(x, y, z)    (x ^ (y | ~z))

#define PUT_64BIT_LE(cp, value) do {                                    \
	(cp)[7] = (byte) ((value) >> 56);                                        \
	(cp)[6] = (byte) ((value) >> 48);                                        \
	(cp)[5] = (byte) ((value) >> 40);                                        \
	(cp)[4] = (byte) ((value) >> 32);                                        \
	(cp)[3] = (byte) ((value) >> 24);                                        \
	(cp)[2] = (byte) ((value) >> 16);                                        \
	(cp)[1] = (byte) ((value) >> 8);                                         \
	(cp)[0] = (byte) (value); } while (0)

#define PUT_32BIT_LE(cp, value) do {                                    \
	(cp)[3] = (byte) ((value) >> 24);                                        \
	(cp)[2] = (byte) ((value) >> 16);                                        \
	(cp)[1] = (byte) ((value) >> 8);                                         \
	(cp)[0] = (byte) (value); } while (0)

#ifndef TC_MINIMIZE_CODE_SIZE

static byte PADDING[64] = {
	0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};

#else

static byte PADDING[64];

#endif

void RMD160Init (RMD160_CTX *ctx)
{
	ctx->count = 0;
	ctx->state[0] = 0x67452301;
	ctx->state[1] = 0xefcdab89;
	ctx->state[2] = 0x98badcfe;
	ctx->state[3] = 0x10325476;
	ctx->state[4] = 0xc3d2e1f0;
	PADDING[0] = 0x80;
}

/*
* Update context to reflect the concatenation of another buffer full
* of bytes.
*/
void RMD160Update (RMD160_CTX *ctx, const unsigned char *input, unsigned __int32 lenArg)
{
#ifndef TC_WINDOWS_BOOT
	uint64 len = lenArg;
#else
	uint32 len = lenArg;
#endif
	unsigned int have, need;

	/* Check how many bytes we already have and how many more we need. */
	have = (unsigned int) ((ctx->count) & (RIPEMD160_BLOCK_LENGTH - 1));
	need = RIPEMD160_BLOCK_LENGTH - have;

	/* Update bitcount */
	ctx->count += len;

	if (len >= need) {
		if (have != 0) {
			memcpy (ctx->buffer + have, input, (size_t) need);
			RMD160Transform ((uint32 *) ctx->state, (const uint32 *) ctx->buffer);
			input += need;
			len -= need;
			have = 0;
		}

		/* Process data in RIPEMD160_BLOCK_LENGTH-byte chunks. */
		while (len >= RIPEMD160_BLOCK_LENGTH) {
			RMD160Transform ((uint32 *) ctx->state, (const uint32 *) input);
			input += RIPEMD160_BLOCK_LENGTH;
			len -= RIPEMD160_BLOCK_LENGTH;
		}
	}

	/* Handle any remaining bytes of data. */
	if (len != 0)
		memcpy (ctx->buffer + have, input, (size_t) len);
}

/*
* Pad pad to 64-byte boundary with the bit pattern
* 1 0* (64-bit count of bits processed, MSB-first)
*/
static void RMD160Pad(RMD160_CTX *ctx)
{
	byte count[8];
	uint32 padlen;

	/* Convert count to 8 bytes in little endian order. */

#ifndef TC_WINDOWS_BOOT
	uint64 bitcount = ctx->count << 3;
	PUT_64BIT_LE(count, bitcount);
#else
	*(uint32 *) (count + 4) = 0;
	*(uint32 *) (count + 0) = ctx->count << 3;
#endif

	/* Pad out to 56 mod 64. */
	padlen = RIPEMD160_BLOCK_LENGTH -
		(uint32)((ctx->count) & (RIPEMD160_BLOCK_LENGTH - 1));
	if (padlen < 1 + 8)
		padlen += RIPEMD160_BLOCK_LENGTH;
	RMD160Update(ctx, PADDING, padlen - 8);            /* padlen - 8 <= 64 */
	RMD160Update(ctx, count, 8);
}

/*
* Final wrapup--call RMD160Pad, fill in digest and zero out ctx.
*/
void RMD160Final(unsigned char *digest, RMD160_CTX *ctx)
{
	int i;

	RMD160Pad(ctx);
	if (digest) {
		for (i = 0; i < 5; i++)
			PUT_32BIT_LE(digest + i * 4, ctx->state[i]);
#ifndef TC_WINDOWS_BOOT
		burn (ctx, sizeof(*ctx));
#endif
	}
}


#ifndef TC_MINIMIZE_CODE_SIZE

#define word32 unsigned __int32

#define k0 0
#define k1 0x5a827999UL
#define k2 0x6ed9eba1UL
#define k3 0x8f1bbcdcUL
#define k4 0xa953fd4eUL
#define k5 0x50a28be6UL
#define k6 0x5c4dd124UL
#define k7 0x6d703ef3UL
#define k8 0x7a6d76e9UL
#define k9 0

static word32 rotlFixed (word32 x, unsigned int y)
{
	return (word32)((x<<y) | (x>>(sizeof(word32)*8-y)));
}

#define Subround(f, a, b, c, d, e, x, s, k)        \
	a += f(b, c, d) + x + k;\
	a = rotlFixed((word32)a, s) + e;\
	c = rotlFixed((word32)c, 10U)

void RMD160Transform (unsigned __int32 *digest, const unsigned __int32 *data)
{
#if BYTE_ORDER == LITTLE_ENDIAN
	const word32 *X = data;
#else
	word32 X[16];
	int i;
#endif

	word32 a1, b1, c1, d1, e1, a2, b2, c2, d2, e2;
	a1 = a2 = digest[0];
	b1 = b2 = digest[1];
	c1 = c2 = digest[2];
	d1 = d2 = digest[3];
	e1 = e2 = digest[4];

#if BYTE_ORDER == BIG_ENDIAN
	for (i = 0; i < 16; i++)
	{
		X[i] = LE32 (data[i]);
	}
#endif

	Subround(F, a1, b1, c1, d1, e1, X[ 0], 11, k0);
	Subround(F, e1, a1, b1, c1, d1, X[ 1], 14, k0);
	Subround(F, d1, e1, a1, b1, c1, X[ 2], 15, k0);
	Subround(F, c1, d1, e1, a1, b1, X[ 3], 12, k0);
	Subround(F, b1, c1, d1, e1, a1, X[ 4],  5, k0);
	Subround(F, a1, b1, c1, d1, e1, X[ 5],  8, k0);
	Subround(F, e1, a1, b1, c1, d1, X[ 6],  7, k0);
	Subround(F, d1, e1, a1, b1, c1, X[ 7],  9, k0);
	Subround(F, c1, d1, e1, a1, b1, X[ 8], 11, k0);
	Subround(F, b1, c1, d1, e1, a1, X[ 9], 13, k0);
	Subround(F, a1, b1, c1, d1, e1, X[10], 14, k0);
	Subround(F, e1, a1, b1, c1, d1, X[11], 15, k0);
	Subround(F, d1, e1, a1, b1, c1, X[12],  6, k0);
	Subround(F, c1, d1, e1, a1, b1, X[13],  7, k0);
	Subround(F, b1, c1, d1, e1, a1, X[14],  9, k0);
	Subround(F, a1, b1, c1, d1, e1, X[15],  8, k0);

	Subround(G, e1, a1, b1, c1, d1, X[ 7],  7, k1);
	Subround(G, d1, e1, a1, b1, c1, X[ 4],  6, k1);
	Subround(G, c1, d1, e1, a1, b1, X[13],  8, k1);
	Subround(G, b1, c1, d1, e1, a1, X[ 1], 13, k1);
	Subround(G, a1, b1, c1, d1, e1, X[10], 11, k1);
	Subround(G, e1, a1, b1, c1, d1, X[ 6],  9, k1);
	Subround(G, d1, e1, a1, b1, c1, X[15],  7, k1);
	Subround(G, c1, d1, e1, a1, b1, X[ 3], 15, k1);
	Subround(G, b1, c1, d1, e1, a1, X[12],  7, k1);
	Subround(G, a1, b1, c1, d1, e1, X[ 0], 12, k1);
	Subround(G, e1, a1, b1, c1, d1, X[ 9], 15, k1);
	Subround(G, d1, e1, a1, b1, c1, X[ 5],  9, k1);
	Subround(G, c1, d1, e1, a1, b1, X[ 2], 11, k1);
	Subround(G, b1, c1, d1, e1, a1, X[14],  7, k1);
	Subround(G, a1, b1, c1, d1, e1, X[11], 13, k1);
	Subround(G, e1, a1, b1, c1, d1, X[ 8], 12, k1);

	Subround(H, d1, e1, a1, b1, c1, X[ 3], 11, k2);
	Subround(H, c1, d1, e1, a1, b1, X[10], 13, k2);
	Subround(H, b1, c1, d1, e1, a1, X[14],  6, k2);
	Subround(H, a1, b1, c1, d1, e1, X[ 4],  7, k2);
	Subround(H, e1, a1, b1, c1, d1, X[ 9], 14, k2);
	Subround(H, d1, e1, a1, b1, c1, X[15],  9, k2);
	Subround(H, c1, d1, e1, a1, b1, X[ 8], 13, k2);
	Subround(H, b1, c1, d1, e1, a1, X[ 1], 15, k2);
	Subround(H, a1, b1, c1, d1, e1, X[ 2], 14, k2);
	Subround(H, e1, a1, b1, c1, d1, X[ 7],  8, k2);
	Subround(H, d1, e1, a1, b1, c1, X[ 0], 13, k2);
	Subround(H, c1, d1, e1, a1, b1, X[ 6],  6, k2);
	Subround(H, b1, c1, d1, e1, a1, X[13],  5, k2);
	Subround(H, a1, b1, c1, d1, e1, X[11], 12, k2);
	Subround(H, e1, a1, b1, c1, d1, X[ 5],  7, k2);
	Subround(H, d1, e1, a1, b1, c1, X[12],  5, k2);

	Subround(I, c1, d1, e1, a1, b1, X[ 1], 11, k3);
	Subround(I, b1, c1, d1, e1, a1, X[ 9], 12, k3);
	Subround(I, a1, b1, c1, d1, e1, X[11], 14, k3);
	Subround(I, e1, a1, b1, c1, d1, X[10], 15, k3);
	Subround(I, d1, e1, a1, b1, c1, X[ 0], 14, k3);
	Subround(I, c1, d1, e1, a1, b1, X[ 8], 15, k3);
	Subround(I, b1, c1, d1, e1, a1, X[12],  9, k3);
	Subround(I, a1, b1, c1, d1, e1, X[ 4],  8, k3);
	Subround(I, e1, a1, b1, c1, d1, X[13],  9, k3);
	Subround(I, d1, e1, a1, b1, c1, X[ 3], 14, k3);
	Subround(I, c1, d1, e1, a1, b1, X[ 7],  5, k3);
	Subround(I, b1, c1, d1, e1, a1, X[15],  6, k3);
	Subround(I, a1, b1, c1, d1, e1, X[14],  8, k3);
	Subround(I, e1, a1, b1, c1, d1, X[ 5],  6, k3);
	Subround(I, d1, e1, a1, b1, c1, X[ 6],  5, k3);
	Subround(I, c1, d1, e1, a1, b1, X[ 2], 12, k3);

	Subround(J, b1, c1, d1, e1, a1, X[ 4],  9, k4);
	Subround(J, a1, b1, c1, d1, e1, X[ 0], 15, k4);
	Subround(J, e1, a1, b1, c1, d1, X[ 5],  5, k4);
	Subround(J, d1, e1, a1, b1, c1, X[ 9], 11, k4);
	Subround(J, c1, d1, e1, a1, b1, X[ 7],  6, k4);
	Subround(J, b1, c1, d1, e1, a1, X[12],  8, k4);
	Subround(J, a1, b1, c1, d1, e1, X[ 2], 13, k4);
	Subround(J, e1, a1, b1, c1, d1, X[10], 12, k4);
	Subround(J, d1, e1, a1, b1, c1, X[14],  5, k4);
	Subround(J, c1, d1, e1, a1, b1, X[ 1], 12, k4);
	Subround(J, b1, c1, d1, e1, a1, X[ 3], 13, k4);
	Subround(J, a1, b1, c1, d1, e1, X[ 8], 14, k4);
	Subround(J, e1, a1, b1, c1, d1, X[11], 11, k4);
	Subround(J, d1, e1, a1, b1, c1, X[ 6],  8, k4);
	Subround(J, c1, d1, e1, a1, b1, X[15],  5, k4);
	Subround(J, b1, c1, d1, e1, a1, X[13],  6, k4);

	Subround(J, a2, b2, c2, d2, e2, X[ 5],  8, k5);
	Subround(J, e2, a2, b2, c2, d2, X[14],  9, k5);
	Subround(J, d2, e2, a2, b2, c2, X[ 7],  9, k5);
	Subround(J, c2, d2, e2, a2, b2, X[ 0], 11, k5);
	Subround(J, b2, c2, d2, e2, a2, X[ 9], 13, k5);
	Subround(J, a2, b2, c2, d2, e2, X[ 2], 15, k5);
	Subround(J, e2, a2, b2, c2, d2, X[11], 15, k5);
	Subround(J, d2, e2, a2, b2, c2, X[ 4],  5, k5);
	Subround(J, c2, d2, e2, a2, b2, X[13],  7, k5);
	Subround(J, b2, c2, d2, e2, a2, X[ 6],  7, k5);
	Subround(J, a2, b2, c2, d2, e2, X[15],  8, k5);
	Subround(J, e2, a2, b2, c2, d2, X[ 8], 11, k5);
	Subround(J, d2, e2, a2, b2, c2, X[ 1], 14, k5);
	Subround(J, c2, d2, e2, a2, b2, X[10], 14, k5);
	Subround(J, b2, c2, d2, e2, a2, X[ 3], 12, k5);
	Subround(J, a2, b2, c2, d2, e2, X[12],  6, k5);

	Subround(I, e2, a2, b2, c2, d2, X[ 6],  9, k6); 
	Subround(I, d2, e2, a2, b2, c2, X[11], 13, k6);
	Subround(I, c2, d2, e2, a2, b2, X[ 3], 15, k6);
	Subround(I, b2, c2, d2, e2, a2, X[ 7],  7, k6);
	Subround(I, a2, b2, c2, d2, e2, X[ 0], 12, k6);
	Subround(I, e2, a2, b2, c2, d2, X[13],  8, k6);
	Subround(I, d2, e2, a2, b2, c2, X[ 5],  9, k6);
	Subround(I, c2, d2, e2, a2, b2, X[10], 11, k6);
	Subround(I, b2, c2, d2, e2, a2, X[14],  7, k6);
	Subround(I, a2, b2, c2, d2, e2, X[15],  7, k6);
	Subround(I, e2, a2, b2, c2, d2, X[ 8], 12, k6);
	Subround(I, d2, e2, a2, b2, c2, X[12],  7, k6);
	Subround(I, c2, d2, e2, a2, b2, X[ 4],  6, k6);
	Subround(I, b2, c2, d2, e2, a2, X[ 9], 15, k6);
	Subround(I, a2, b2, c2, d2, e2, X[ 1], 13, k6);
	Subround(I, e2, a2, b2, c2, d2, X[ 2], 11, k6);

	Subround(H, d2, e2, a2, b2, c2, X[15],  9, k7);
	Subround(H, c2, d2, e2, a2, b2, X[ 5],  7, k7);
	Subround(H, b2, c2, d2, e2, a2, X[ 1], 15, k7);
	Subround(H, a2, b2, c2, d2, e2, X[ 3], 11, k7);
	Subround(H, e2, a2, b2, c2, d2, X[ 7],  8, k7);
	Subround(H, d2, e2, a2, b2, c2, X[14],  6, k7);
	Subround(H, c2, d2, e2, a2, b2, X[ 6],  6, k7);
	Subround(H, b2, c2, d2, e2, a2, X[ 9], 14, k7);
	Subround(H, a2, b2, c2, d2, e2, X[11], 12, k7);
	Subround(H, e2, a2, b2, c2, d2, X[ 8], 13, k7);
	Subround(H, d2, e2, a2, b2, c2, X[12],  5, k7);
	Subround(H, c2, d2, e2, a2, b2, X[ 2], 14, k7);
	Subround(H, b2, c2, d2, e2, a2, X[10], 13, k7);
	Subround(H, a2, b2, c2, d2, e2, X[ 0], 13, k7);
	Subround(H, e2, a2, b2, c2, d2, X[ 4],  7, k7);
	Subround(H, d2, e2, a2, b2, c2, X[13],  5, k7);

	Subround(G, c2, d2, e2, a2, b2, X[ 8], 15, k8);
	Subround(G, b2, c2, d2, e2, a2, X[ 6],  5, k8);
	Subround(G, a2, b2, c2, d2, e2, X[ 4],  8, k8);
	Subround(G, e2, a2, b2, c2, d2, X[ 1], 11, k8);
	Subround(G, d2, e2, a2, b2, c2, X[ 3], 14, k8);
	Subround(G, c2, d2, e2, a2, b2, X[11], 14, k8);
	Subround(G, b2, c2, d2, e2, a2, X[15],  6, k8);
	Subround(G, a2, b2, c2, d2, e2, X[ 0], 14, k8);
	Subround(G, e2, a2, b2, c2, d2, X[ 5],  6, k8);
	Subround(G, d2, e2, a2, b2, c2, X[12],  9, k8);
	Subround(G, c2, d2, e2, a2, b2, X[ 2], 12, k8);
	Subround(G, b2, c2, d2, e2, a2, X[13],  9, k8);
	Subround(G, a2, b2, c2, d2, e2, X[ 9], 12, k8);
	Subround(G, e2, a2, b2, c2, d2, X[ 7],  5, k8);
	Subround(G, d2, e2, a2, b2, c2, X[10], 15, k8);
	Subround(G, c2, d2, e2, a2, b2, X[14],  8, k8);

	Subround(F, b2, c2, d2, e2, a2, X[12],  8, k9);
	Subround(F, a2, b2, c2, d2, e2, X[15],  5, k9);
	Subround(F, e2, a2, b2, c2, d2, X[10], 12, k9);
	Subround(F, d2, e2, a2, b2, c2, X[ 4],  9, k9);
	Subround(F, c2, d2, e2, a2, b2, X[ 1], 12, k9);
	Subround(F, b2, c2, d2, e2, a2, X[ 5],  5, k9);
	Subround(F, a2, b2, c2, d2, e2, X[ 8], 14, k9);
	Subround(F, e2, a2, b2, c2, d2, X[ 7],  6, k9);
	Subround(F, d2, e2, a2, b2, c2, X[ 6],  8, k9);
	Subround(F, c2, d2, e2, a2, b2, X[ 2], 13, k9);
	Subround(F, b2, c2, d2, e2, a2, X[13],  6, k9);
	Subround(F, a2, b2, c2, d2, e2, X[14],  5, k9);
	Subround(F, e2, a2, b2, c2, d2, X[ 0], 15, k9);
	Subround(F, d2, e2, a2, b2, c2, X[ 3], 13, k9);
	Subround(F, c2, d2, e2, a2, b2, X[ 9], 11, k9);
	Subround(F, b2, c2, d2, e2, a2, X[11], 11, k9);

	c1        = digest[1] + c1 + d2;
	digest[1] = digest[2] + d1 + e2;
	digest[2] = digest[3] + e1 + a2;
	digest[3] = digest[4] + a1 + b2;
	digest[4] = digest[0] + b1 + c2;
	digest[0] = c1;
}

#else // TC_MINIMIZE_CODE_SIZE

/*
 Derived from source code of TrueCrypt 7.1a, which is
 Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
 by the TrueCrypt License 3.0.

 Modifications and additions to the original source code (contained in this file) 
 and all other portions of this file are Copyright (c) 2013-2017 IDRIX
 and are governed by the Apache License 2.0 the full text of which is
 contained in the file License.txt included in VeraCrypt binary and source
 code distribution packages.
*/

#pragma optimize ("tl", on)

typedef unsigned __int32 uint32;
typedef unsigned __int8 byte;

#include <stdlib.h>
#pragma intrinsic (_lrotl)

static const byte OrderTab[] = {
	0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
	7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8,
	3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12,
	1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2,
	4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13,
	5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12,
	6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2,
	15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13,
	8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14,
	12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
};

static const byte RolTab[] = {
	11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8,
	7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12,
	11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5,
	11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12,
	9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6,
	8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6,
	9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11,
	9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5,
	15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8,
	8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
};

static const uint32 KTab[] = {
	0x00000000UL,
	0x5A827999UL,
	0x6ED9EBA1UL,
	0x8F1BBCDCUL,
	0xA953FD4EUL,
	0x50A28BE6UL,
	0x5C4DD124UL,
	0x6D703EF3UL,
	0x7A6D76E9UL,
	0x00000000UL
};


void RMD160Transform (unsigned __int32 *state, const unsigned __int32 *data)
{
	uint32 a, b, c, d, e;
	uint32 a2, b2, c2, d2, e2;
	byte pos;
	uint32 tmp;

	a = state[0];
	b = state[1];
	c = state[2];
	d = state[3];
	e = state[4];

	for (pos = 0; pos < 160; ++pos)
	{
		tmp = a + data[OrderTab[pos]] + KTab[pos >> 4];
		
		switch (pos >> 4)
		{
		case 0: case 9: tmp += F (b, c, d); break<style>.highlight .hll { background-color: #ffffcc }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="cm">/* cpu.c - written and placed in the public domain by Wei Dai */</span>

<span class="cp">#include</span> <span class="cpf">&quot;cpu.h&quot;</span><span class="cp"></span>
<span class="cp">#include</span> <span class="cpf">&quot;misc.h&quot;</span><span class="cp"></span>

<span class="cp">#ifndef EXCEPTION_EXECUTE_HANDLER</span>
<span class="cp">#define EXCEPTION_EXECUTE_HANDLER 1</span>
<span class="cp">#endif</span>

<span class="cp">#ifndef CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY</span>
<span class="cp">#include</span> <span class="cpf">&lt;signal.h&gt;</span><span class="cp"></span>
<span class="cp">#include</span> <span class="cpf">&lt;setjmp.h&gt;</span><span class="cp"></span>
<span class="cp">#endif</span>

<span class="cp">#ifdef CRYPTOPP_CPUID_AVAILABLE</span>

<span class="cp">#if _MSC_VER &gt;= 1400 &amp;&amp; CRYPTOPP_BOOL_X64</span>

<span class="kt">int</span> <span class="nf">CpuId</span><span class="p">(</span><span class="n">uint32</span> <span class="n">input</span><span class="p">,</span> <span class="n">uint32</span> <span class="n">output</span><span class="p">[</span><span class="mi">4</span><span class="p">])</span>
<span class="p">{</span>
	<span class="n">__cpuid</span><span class="p">((</span><span class="kt">int</span> <span class="o">*</span><span class="p">)</span><span class="n">output</span><span class="p">,</span> <span class="n">input</span><span class="p">);</span>
	<span class="k">return</span> <span class="mi">1</span><span class="p">;</span>
<span class="p">}</span>

<span class="cp">#else</span>

<span class="cp">#ifndef CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY</span>

<span class="cp">#if defined(__cplusplus)</span>
<span class="k">extern</span> <span class="s">&quot;C&quot;</span> <span class="p">{</span>
<span class="cp">#endif</span>

<span class="k">typedef</span> <span class="kt">void</span> <span class="p">(</span><span class="o">*</span><span class="n">SigHandler</span><span class="p">)(</span><span class="kt">int</span><span class="p">);</span>

<span class="k">static</span> <span class="kt">jmp_buf</span> <span class="n">s_jmpNoCPUID</span><span class="p">;</span>
<span class="k">static</span> <span class="kt">void</span> <span class="nf">SigIllHandlerCPUID</span><span class="p">(</span><span class="kt">int</span> <span class="n">p</span><span class="p">)</span>
<span class="p">{</span>
	<span class="n">longjmp</span><span class="p">(</span><span class="n">s_jmpNoCPUID</span><span class="p">,</span> <span class="mi">1</span><span class="p">);</span>
<span class="p">}</span>

<span class="cp">#if !defined (_UEFI) &amp;&amp; ((defined(__AES__) &amp;&amp; defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE)</span>

<span class="k">static</span> <span class="kt">jmp_buf</span> <span class="n">s_jmpNoAESNI</span><span class="p">;</span>
<span class="k">static</span> <span class="kt">void</span> <span class="nf">SigIllHandlerAESNI</span><span class="p">(</span><span class="kt">int</span> <span class="n">p</span><span class="p">)</span>
<span class="p">{</span>
	<span class="n">longjmp</span><span class="p">(</span><span class="n">s_jmpNoAESNI</span><span class="p">,</span> <span class="mi">1</span><span class="p">);</span>
<span class="p">}</span>

<span class="cp">#endif</span>

<span class="cp">#if CRYPTOPP_BOOL_X64 == 0</span>
<span class="k">static</span> <span class="kt">jmp_buf</span> <span class="n">s_jmpNoSSE2</span><span class="p">;</span>
<span class="k">static</span> <span class="kt">void</span> <span class="nf">SigIllHandlerSSE2</span><span class="p">(</span><span class="kt">int</span> <span class="n">p</span><span class="p">)</span>
<span class="p">{</span>
	<span class="n">longjmp</span><span class="p">(</span><span class="n">s_jmpNoSSE2</span><span class="p">,</span> <span class="mi">1</span><span class="p">);</span>
<span class="p">}</span>
<span class="cp">#endif</span>

<span class="cp">#if defined(__cplusplus)</span>
<span class="p">}</span>
<span class="cp">#endif</span>
<span class="cp">#endif</span>

<span class="kt">int</span> <span class="n">CpuId</span><span class="p">(</span><span class="n">uint32</span> <span class="n">input</span><span class="p">,</span> <span class="n">uint32</span> <span class="n">output</span><span class="p">[</span><span class="mi">4</span><span class="p">])</span>
<span class="p">{</span>
<span class="cp">#ifdef CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY</span>
<span class="cp">#ifndef _UEFI</span>
    <span class="kr">__try</span>
	<span class="p">{</span>
<span class="cp">#endif</span>
		<span class="kr">__asm</span>
		<span class="p">{</span>
			<span class="n">mov</span> <span class="n">eax</span><span class="p">,</span> <span class="n">input</span>
            <span class="n">mov</span> <span class="n">ecx</span><span class="p">,</span> <span class="mi">0</span>
			<span class="n">cpuid</span>
			<span class="n">mov</span> <span class="n">edi</span><span class="p">,</span> <span class="n">output</span>
			<span class="n">mov</span> <span class="p">[</span><span class="n">edi</span><span class="p">],</span> <span class="n">eax</span>
			<span class="n">mov</span> <span class="p">[</span><span class="n">edi</span><span class="o">+</span><span class="mi">4</span><span class="p">],</span> <span class="n">ebx</span>
			<span class="n">mov</span> <span class="p">[</span><span class="n">edi</span><span class="o">+</span><span class="mi">8</span><span class="p">],</span> <span class="n">ecx</span>
			<span class="n">mov</span> <span class="p">[</span><span class="n">edi</span><span class="o">+</span><span class="mi">12</span><span class="p">],</span> <span class="n">edx</span>
		<span class="p">}</span>
<span class="cp">#ifndef _UEFI</span>
	 <span class="p">}</span>
	 <span class="kr">__except</span> <span class="p">(</span><span class="n">EXCEPTION_EXECUTE_HANDLER</span><span class="p">)</span>
	<span class="p">{</span>
		<span class="k">return</span> <span class="mi">0</span><span class="p">;</span>
    <span class="p">}</span>
<span class="cp">#endif</span>

	<span class="c1">// function 0 returns the highest basic function understood in EAX</span>
	<span class="k">if</span><span class="p">(</span><span class="n">input</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)</span>
        <span class="k">return</span> <span class="o">!!</span><span class="n">output</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">?</span> <span class="mi">1</span> <span class="o">:</span> <span class="mi">0</span><span class="p">;</span>

	<span class="k">return</span> <span class="mi">1</span><span class="p">;</span>
<span class="cp">#else</span>
	<span class="c1">// longjmp and clobber warnings. Volatile is required.</span>
	<span class="c1">// http://github.com/weidai11/cryptopp/issues/24</span>
	<span class="c1">// http://stackoverflow.com/q/7721854</span>
	<span class="k">volatile</span> <span class="kt">int</span> <span class="n">result</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>

	<span class="n">SigHandler</span> <span class="n">oldHandler</span> <span class="o">=</span> <span class="n">signal</span><span class="p">(</span><span class="n">SIGILL</span><span class="p">,</span> <span class="n">SigIllHandlerCPUID</span><span class="p">);</span>
	<span class="k">if</span> <span class="p">(</span><span class="n">oldHandler</span> <span class="o">==</span> <span class="n">SIG_ERR</span><span class="p">)</span>
		<span class="n">result</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>

	<span class="k">if</span> <span class="p">(</span><span class="n">setjmp</span><span class="p">(</span><span class="n">s_jmpNoCPUID</span><span class="p">))</span>
		<span class="n">result</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
	<span class="k">else</span>
	<span class="p">{</span>
		<span class="k">asm</span> <span class="k">volatile</span>
		<span class="p">(</span>
            <span class="c1">// save ebx in case -fPIC is being used</span>
            <span class="c1">// TODO: this might need an early clobber on EDI.</span>
<span class="cp">#if CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X64</span>
            <span class="s">&quot;pushq %%rbx; cpuid; mov %%ebx, %%edi; popq %%rbx&quot;</span>
<span class="cp">#else</span>
            <span class="s">&quot;push %%ebx; cpuid; mov %%ebx, %%edi; pop %%ebx&quot;</span>
<span class="cp">#endif</span>
            <span class="o">:</span> <span class="s">&quot;=a&quot;</span> <span class="p">(</span><span class="n">output</span><span class="p">[</span><span class="mi">0</span><span class="p">]),</span> <span class="s">&quot;=D&quot;</span> <span class="p">(</span><span class="n">output</span><span class="p">[</span><span class="mi">1</span><span class="p">]),</span> <span class="s">&quot;=c&quot;</span> <span class="p">(</span><span class="n">output</span><span class="p">[</span><span class="mi">2</span><span class="p">]),</span> <span class="s">&quot;=d&quot;</span> <span class="p">(</span><span class="n">output</span><span class="p">[</span><span class="mi">3</span><span class="p">])</span>
            <span class="o">:</span> <span class="s">&quot;a&quot;</span> <span class="p">(</span><span class="n">input</span><span class="p">),</span> <span class="s">&quot;c&quot;</span> <span class="p">(</span><span class="mi">0</span><span class="p">)</span>
         <span class="p">);</span>
	<span class="p">}</span>

	<span class="n">signal</span><span class="p">(</span><span class="n">SIGILL</span><span class="p">,</span> <span class="n">oldHandler</span><span class="p">);</span>
	<span class="k">return</span> <span class="n">result</span><span class="p">;</span>
<span class="cp">#endif</span>
<span class="p">}</span>

<span class="cp">#endif</span>

<span class="k">static</span> <span class="kt">int</span> <span class="n">TrySSE2</span><span class="p">()</span>
<span class="p">{</span>
<span class="cp">#if CRYPTOPP_BOOL_X64</span>
	<span class="k">return</span> <span class="mi">1</span><span class="p">;</span>
<span class="cp">#elif defined(CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY) &amp;&amp; !defined(_UEFI)</span>
	<span class="k">volatile</span> <span class="kt">int</span> <span class="n">result</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>
<span class="cp">#if defined (TC_WINDOWS_DRIVER) &amp;&amp; !defined (_WIN64)</span>
	<span class="n">KFLOATING_SAVE</span> <span class="n">floatingPointState</span><span class="p">;</span>
	<span class="k">if</span> <span class="p">(</span><span class="n">NT_SUCCESS</span> <span class="p">(</span><span class="n">KeSaveFloatingPointState</span> <span class="p">(</span><span class="o">&amp;</span><span class="n">floatingPointState</span><span class="p">)))</span>
	<span class="p">{</span>
<span class="cp">#endif</span>
    <span class="kr">__try</span>
	<span class="p">{</span>
<span class="cp">#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE</span>
        <span class="n">AS2</span><span class="p">(</span><span class="n">por</span> <span class="n">xmm0</span><span class="p">,</span> <span class="n">xmm0</span><span class="p">)</span>        <span class="c1">// executing SSE2 instruction</span>
<span class="cp">#elif CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE</span>
		<span class="kr">__m128i</span> <span class="n">x</span> <span class="o">=</span> <span class="n">_mm_setzero_si128</span><span class="p">();</span>
		<span class="n">result</span> <span class="o">=</span> <span class="n">_mm_cvtsi128_si32</span><span class="p">(</span><span class="n">x</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span> <span class="o">?</span> <span class="mi">1</span> <span class="o">:</span> <span class="mi">0</span><span class="p">;</span>
<span class="cp">#endif</span>
	<span class="p">}</span>
    <span class="kr">__except</span> <span class="p">(</span><span class="n">EXCEPTION_EXECUTE_HANDLER</span><span class="p">)</span>
	<span class="p">{</span>
		<span class="n">result</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
	<span class="p">}</span>
<span class="cp">#if defined (TC_WINDOWS_DRIVER) &amp;&amp; !defined (_WIN64)</span>
	<span class="n">KeRestoreFloatingPointState</span> <span class="p">(</span><span class="o">&amp;</span><span class="n">floatingPointState</span><span class="p">);</span>
	<span class="p">}</span>
	<span class="k">else</span>
		<span class="k">return</span> <span class="mi">0</span><span class="p">;</span>
<span class="cp">#endif</span>
	<span class="k">return</span> <span class="n">result</span><span class="p">;</span>
<span class="cp">#elif !defined(_UEFI)</span>
	<span class="c1">// longjmp and clobber warnings. Volatile is required.</span>
	<span class="c1">// http://github.com/weidai11/cryptopp/issues/24</span>
	<span class="c1">// http://stackoverflow.com/q/7721854</span>
	<span class="k">volatile</span> <span class="kt">int</span> <span class="n">result</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>

	<span class="n">SigHandler</span> <span class="n">oldHandler</span> <span class="o">=</span> <span class="n">signal</span><span class="p">(</span><span class="n">SIGILL</span><span class="p">,</span> <span class="n">SigIllHandlerSSE2</span><span class="p">);</span>
	<span class="k">if</span> <span class="p">(</span><span class="n">oldHandler</span> <span class="o">==</span> <span class="n">SIG_ERR</span><span class="p">)</span>
		<span class="k">return</span> <span class="mi">0</span><span class="p">;</span>

	<span class="k">if</span> <span class="p">(</span><span class="n">setjmp</span><span class="p">(</span><span class="n">s_jmpNoSSE2</span><span class="p">))</span>
		<span class="n">result</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>
	<span class="k">else</span>
	<span class="p">{</span>
<span class="cp">#if CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE</span>
		<span class="kr">__asm</span> <span class="n">__volatile</span> <span class="p">(</span><span class="s">&quot;por %xmm0, %xmm0&quot;</span><span class="p">);</span>
<span class="cp">#elif CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE</span>
		<span class="kr">__m128i</span> <span class="n">x</span> <span class="o">=</span> <span class="n">_mm_setzero_si128</span><span class="p">();</span>
		<span class="n">result</span> <span class="o">=</span> <span class="n">_mm_cvtsi128_si32</span><span class="p">(</span><span class="n">x</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="o">?</span> <span class="mi">1</span> <span class="o">:</span> <span class="mi">0</span><span class="p">;</span>
<span class="cp">#endif</span>
	<span class="p">}</span>

	<span class="n">signal</span><span class="p">(</span><span class="n">SIGILL</span><span class="p">,</span> <span class="n">oldHandler</span><span class="p">);</span>
	<span class="k">return</span> <span class="n">result</span><span class="p">;</span>
<span class="cp">#else</span>
	<span class="k">return</span> <span class="mi">1</span><span class="p">;</span>
<span class="cp">#endif</span>
<span class="p">}</span>

<span class="kt">int</span> <span class="n">g_x86DetectionDone</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
<span class="kt">int</span> <span class="n">g_hasISSE</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">g_hasSSE2</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">g_hasSSSE3</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">g_hasMMX</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">g_hasAESNI</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">g_hasCLMUL</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">g_isP4</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
<span class="kt">int</span> <span class="n">g_hasAVX</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">g_hasAVX2</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">g_hasBMI2</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">g_hasSSE42</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">g_hasSSE41</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
<span class="n">uint32</span> <span class="n">g_cacheLineSize</span> <span class="o">=</span> <span class="n">CRYPTOPP_L1_CACHE_LINE_SIZE</span><span class="p">;</span>

<span class="n">VC_INLINE</span> <span class="kt">int</span> <span class="nf">IsIntel</span><span class="p">(</span><span class="k">const</span> <span class="n">uint32</span> <span class="n">output</span><span class="p">[</span><span class="mi">4</span><span class="p">])</span>
<span class="p">{</span>
	<span class="c1">// This is the &quot;GenuineIntel&quot; string</span>
	<span class="k">return</span> <span class="p">(</span><span class="n">output</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span> <span class="cm">/*EBX*/</span> <span class="o">==</span> <span class="mh">0x756e6547</span><span class="p">)</span> <span class="o">&amp;&amp;</span>
    <span class="p">(</span><span class="n">output</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span> <span class="cm">/*ECX*/</span> <span class="o">==</span> <span class="mh">0x6c65746e</span><span class="p">)</span> <span class="o">&amp;&amp;</span>
    <span class="p">(</span><span class="n">output</span><span class="p">[</span><span class="mi">3</span><span class="p">]</span> <span class="cm">/*EDX*/</span> <span class="o">==</span> <span class="mh">0x49656e69</span><span class="p">);</span>
<span class="p">}</span>

<span class="n">VC_INLINE</span> <span class="kt">int</span> <span class="nf">IsAMD</span><span class="p">(</span><span class="k">const</span> <span class="n">uint32</span> <span class="n">output</span><span class="p">[</span><span class="mi">4</span><span class="p">])</span>
<span class="p">{</span>
	<span class="c1">// This is the &quot;AuthenticAMD&quot; string</span>
	<span class="k">return</span> <span class="p">(</span><span class="n">output</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span> <span class="cm">/*EBX*/</span> <span class="o">==</span> <span class="mh">0x68747541</span><span class="p">)</span> <span class="o">&amp;&amp;</span>
    <span class="p">(</span><span class="n">output</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span> <span class="cm">/*ECX*/</span> <span class="o">==</span> <span class="mh">0x69746E65</span><span class="p">)</span> <span class="o">&amp;&amp;</span>
    <span class="p">(</span><span class="n">output</span><span class="p">[</span><span class="mi">3</span><span class="p">]</span> <span class="cm">/*EDX*/</span> <span class="o">==</span> <span class="mh">0x444D4163</span><span class="p">);</span>
<span class="p">}</span>

<span class="cp">#if !defined (_UEFI) &amp;&amp; ((defined(__AES__) &amp;&amp; defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE)</span>

<span class="k">static</span> <span class="kt">int</span> <span class="nf">TryAESNI</span> <span class="p">()</span>
<span class="p">{</span>
	<span class="k">volatile</span> <span class="kt">int</span> <span class="n">result</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
<span class="cp">#ifdef _MSC_VER</span>
	<span class="kr">__try</span>
<span class="cp">#else</span>
	<span class="n">SigHandler</span> <span class="n">oldHandler</span> <span class="o">=</span> <span class="n">signal</span><span class="p">(</span><span class="n">SIGILL</span><span class="p">,</span> <span class="n">SigIllHandlerAESNI</span><span class="p">);</span>
	<span class="k">if</span> <span class="p">(</span><span class="n">oldHandler</span> <span class="o">==</span> <span class="n">SIG_ERR</span><span class="p">)</span>
		<span class="k">return</span> <span class="mi">0</span><span class="p">;</span>

	<span class="k">if</span> <span class="p">(</span><span class="n">setjmp</span><span class="p">(</span><span class="n">s_jmpNoAESNI</span><span class="p">))</span>
		<span class="n">result</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
	<span class="k">else</span>
<span class="cp">#endif</span>
	<span class="p">{</span>
		<span class="kr">__m128i</span> <span class="n">block</span><span class="p">,</span> <span class="n">subkey</span><span class="p">,</span> <span class="n">ciphered</span><span class="p">;</span>
		<span class="c1">// perform AES round.</span>
		<span class="n">block</span> <span class="o">=</span> <span class="n">_mm_setr_epi32</span><span class="p">(</span><span class="mh">0x11223344</span><span class="p">,</span><span class="mh">0x55667788</span><span class="p">,</span><span class="mh">0x99AABBCC</span><span class="p">,</span><span class="mh">0xDDEEFF00</span><span class="p">);</span>
		<span class="n">subkey</span> <span class="o">=</span> <span class="n">_mm_setr_epi32</span><span class="p">(</span><span class="mh">0xA5A5A5A5</span><span class="p">,</span><span class="mh">0xA5A5A5A5</span><span class="p">,</span><span class="mh">0x5A5A5A5A</span><span class="p">,</span><span class="mh">0x5A5A5A5A</span><span class="p">);</span>
		<span class="n">ciphered</span> <span class="o">=</span> <span class="n">_mm_aesenc_si128</span><span class="p">(</span><span class="n">block</span><span class="p">,</span> <span class="n">subkey</span><span class="p">);</span>
<span class="cp">#ifdef _MSC_VER</span>
		<span class="k">if</span> <span class="p">(</span><span class="n">ciphered</span><span class="p">.</span><span class="n">m128i_u64</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">==</span> <span class="n">LL</span><span class="p">(</span><span class="mh">0x2f4654b9485061fa</span><span class="p">)</span> <span class="o">&amp;&amp;</span> <span class="n">ciphered</span><span class="p">.</span><span class="n">m128i_u64</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span> <span class="o">==</span> <span class="n">LL</span><span class="p">(</span><span class="mh">0xc8b51f1fe1256f99</span><span class="p">))</span>
<span class="cp">#else</span>
		<span class="k">if</span> <span class="p">(((</span><span class="kt">uint64_t</span><span class="o">*</span><span class="p">)(</span><span class="o">&amp;</span><span class="n">ciphered</span><span class="p">))[</span><span class="mi">0</span><span class="p">]</span> <span class="o">==</span> <span class="n">LL</span><span class="p">(</span><span class="mh">0x2f4654b9485061fa</span><span class="p">)</span> <span class="o">&amp;&amp;</span> <span class="p">((</span><span class="kt">uint64_t</span><span class="o">*</span><span class="p">)(</span><span class="o">&amp;</span><span class="n">ciphered</span><span class="p">))[</span><span class="mi">1</span><span class="p">]</span> <span class="o">==</span> <span class="n">LL</span><span class="p">(</span><span class="mh">0xc8b51f1fe1256f99</span><span class="p">))</span>
<span class="cp">#endif</span>
			<span class="n">result</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>
	<span class="p">}</span>
<span class="cp">#ifdef _MSC_VER</span>
	<span class="kr">__except</span> <span class="p">(</span><span class="n">EXCEPTION_EXECUTE_HANDLER</span><span class="p">)</span>
	<span class="p">{</span>
		<span class="c1">// ignore error if AES-NI not supported</span>
	<span class="p">}</span>
<span class="cp">#else</span>
	<span class="n">signal</span><span class="p">(</span><span class="n">SIGILL</span><span class="p">,</span> <span class="n">oldHandler</span><span class="p">);</span>
<span class="cp">#endif</span>
	
	<span class="k">return</span> <span class="n">result</span><span class="p">;</span>
<span class="p">}</span>

<span class="k">static</span> <span class="kt">int</span> <span class="nf">Detect_MS_HyperV_AES</span> <span class="p">()</span>
<span class="p">{</span>
	<span class="kt">int</span> <span class="n">hasAesNI</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
	<span class="c1">// when Hyper-V is enabled on older versions of Windows Server (i.e. 2008 R2), the AES-NI capability </span>
	<span class="c1">// gets masked out for all applications, even running on the host.</span>
	<span class="c1">// We try to detect Hyper-V virtual CPU and perform a dummy AES-NI operation to check its real presence</span>
	<span class="n">uint32</span> <span class="n">cpuid</span><span class="p">[</span><span class="mi">4</span><span class="p">];</span>
	<span class="kt">char</span> <span class="n">HvProductName</span><span class="p">[</span><span class="mi">13</span><span class="p">];</span>

	<span class="n">CpuId</span><span class="p">(</span><span class="mh">0x40000000</span><span class="p">,</span> <span class="n">cpuid</span><span class="p">);</span>
	<span class="n">memcpy</span> <span class="p">(</span><span class="n">HvProductName</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">cpuid</span><span class="p">[</span><span class="mi">1</span><span class="p">],</span> <span class="mi">12</span><span class="p">);</span>
	<span class="n">HvProductName</span><span class="p">[</span><span class="mi">12</span><span class="p">]</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
	<span class="k">if</span> <span class="p">(</span><span class="n">_stricmp</span><span class="p">(</span><span class="n">HvProductName</span><span class="p">,</span> <span class="s">&quot;Microsoft Hv&quot;</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)</span>
	<span class="p">{</span>
<span class="cp">#if defined (TC_WINDOWS_DRIVER) &amp;&amp; !defined (_WIN64)</span>
		<span class="n">KFLOATING_SAVE</span> <span class="n">floatingPointState</span><span class="p">;</span>
		<span class="k">if</span> <span class="p">(</span><span class="n">NT_SUCCESS</span> <span class="p">(</span><span class="n">KeSaveFloatingPointState</span> <span class="p">(</span><span class="o">&amp;</span><span class="n">floatingPointState</span><span class="p">)))</span>
		<span class="p">{</span>
<span class="cp">#endif</span>
		<span class="n">hasAesNI</span> <span class="o">=</span> <span class="n">TryAESNI</span> <span class="p">();</span>

<span class="cp">#if defined (TC_WINDOWS_DRIVER) &amp;&amp; !defined (_WIN64)</span>
		<span class="n">KeRestoreFloatingPointState</span> <span class="p">(</span><span class="o">&amp;</span><span class="n">floatingPointState</span><span class="p">);</span>
		<span class="p">}</span>
<span class="cp">#endif</span>
	<span class="p">}</span>

	<span class="k">return</span> <span class="n">hasAesNI</span><span class="p">;</span>
<span class="p">}</span>

<span class="cp">#endif</span>

<span class="kt">void</span> <span class="nf">DetectX86Features</span><span class="p">()</span>
<span class="p">{</span>
	<span class="n">uint32</span> <span class="n">cpuid</span><span class="p">[</span><span class="mi">4</span><span class="p">]</span> <span class="o">=</span> <span class="p">{</span><span class="mi">0</span><span class="p">},</span> <span class="n">cpuid1</span><span class="p">[</span><span class="mi">4</span><span class="p">]</span> <span class="o">=</span> <span class="p">{</span><span class="mi">0</span><span class="p">};</span>
	<span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">CpuId</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span> <span class="n">cpuid</span><span class="p">))</span>
		<span class="k">return</span><span class="p">;</span>
	<span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">CpuId</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="n">cpuid1</span><span class="p">))</span>
		<span class="k">return</span><span class="p">;</span>

	<span class="n">g_hasMMX</span> <span class="o">=</span> <span class="p">(</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">3</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span> <span class="o">&lt;&lt;</span> <span class="mi">23</span><span class="p">))</span> <span class="o">!=</span> <span class="mi">0</span><span class="p">;</span>
	<span class="k">if</span> <span class="p">((</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">3</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span> <span class="o">&lt;&lt;</span> <span class="mi">26</span><span class="p">))</span> <span class="o">!=</span> <span class="mi">0</span><span class="p">)</span>
		<span class="n">g_hasSSE2</span> <span class="o">=</span> <span class="n">TrySSE2</span><span class="p">();</span>
	<span class="n">g_hasAVX2</span> <span class="o">=</span> <span class="n">g_hasSSE2</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span> <span class="o">&lt;&lt;</span> <span class="mi">5</span><span class="p">));</span>
	<span class="n">g_hasBMI2</span> <span class="o">=</span> <span class="n">g_hasSSE2</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span> <span class="o">&lt;&lt;</span> <span class="mi">8</span><span class="p">));</span>
	<span class="n">g_hasAVX</span> <span class="o">=</span> <span class="n">g_hasSSE2</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span> <span class="o">&lt;&lt;</span> <span class="mi">28</span><span class="p">));</span>
	<span class="n">g_hasSSE42</span> <span class="o">=</span> <span class="n">g_hasSSE2</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span> <span class="o">&lt;&lt;</span> <span class="mi">20</span><span class="p">));</span>
	<span class="n">g_hasSSE41</span> <span class="o">=</span> <span class="n">g_hasSSE2</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span> <span class="o">&lt;&lt;</span> <span class="mi">19</span><span class="p">));</span>
	<span class="n">g_hasSSSE3</span> <span class="o">=</span> <span class="n">g_hasSSE2</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span><span class="o">&lt;&lt;</span><span class="mi">9</span><span class="p">));</span>
	<span class="n">g_hasAESNI</span> <span class="o">=</span> <span class="n">g_hasSSE2</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span><span class="o">&lt;&lt;</span><span class="mi">25</span><span class="p">));</span>
	<span class="n">g_hasCLMUL</span> <span class="o">=</span> <span class="n">g_hasSSE2</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span><span class="o">&lt;&lt;</span><span class="mi">1</span><span class="p">));</span>

<span class="cp">#if !defined (_UEFI) &amp;&amp; ((defined(__AES__) &amp;&amp; defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE)</span>
	<span class="c1">// Hypervisor = bit 31 of ECX of CPUID leaf 0x1</span>
	<span class="c1">// reference: http://artemonsecurity.com/vmde.pdf</span>
	<span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">g_hasAESNI</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span><span class="o">&lt;&lt;</span><span class="mi">31</span><span class="p">)))</span>
	<span class="p">{</span>
		<span class="n">g_hasAESNI</span> <span class="o">=</span> <span class="n">Detect_MS_HyperV_AES</span> <span class="p">();</span>
	<span class="p">}</span>
<span class="cp">#endif</span>

	<span class="k">if</span> <span class="p">((</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">3</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span> <span class="o">&lt;&lt;</span> <span class="mi">25</span><span class="p">))</span> <span class="o">!=</span> <span class="mi">0</span><span class="p">)</span>
		<span class="n">g_hasISSE</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>
	<span class="k">else</span>
	<span class="p">{</span>
		<span class="n">uint32</span> <span class="n">cpuid2</span><span class="p">[</span><span class="mi">4</span><span class="p">];</span>
		<span class="n">CpuId</span><span class="p">(</span><span class="mh">0x080000000</span><span class="p">,</span> <span class="n">cpuid2</span><span class="p">);</span>
		<span class="k">if</span> <span class="p">(</span><span class="n">cpuid2</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">&gt;=</span> <span class="mh">0x080000001</span><span class="p">)</span>
		<span class="p">{</span>
			<span class="n">CpuId</span><span class="p">(</span><span class="mh">0x080000001</span><span class="p">,</span> <span class="n">cpuid2</span><span class="p">);</span>
			<span class="n">g_hasISSE</span> <span class="o">=</span> <span class="p">(</span><span class="n">cpuid2</span><span class="p">[</span><span class="mi">3</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span> <span class="o">&lt;&lt;</span> <span class="mi">22</span><span class="p">))</span> <span class="o">!=</span> <span class="mi">0</span><span class="p">;</span>
		<span class="p">}</span>
	<span class="p">}</span>

	<span class="k">if</span> <span class="p">(</span><span class="n">IsIntel</span><span class="p">(</span><span class="n">cpuid</span><span class="p">))</span>
	<span class="p">{</span>
		<span class="n">g_isP4</span> <span class="o">=</span> <span class="p">((</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">&gt;&gt;</span> <span class="mi">8</span><span class="p">)</span> <span class="o">&amp;</span> <span class="mh">0xf</span><span class="p">)</span> <span class="o">==</span> <span class="mh">0xf</span><span class="p">;</span>
		<span class="n">g_cacheLineSize</span> <span class="o">=</span> <span class="mi">8</span> <span class="o">*</span> <span class="n">GETBYTE</span><span class="p">(</span><span class="n">cpuid1</span><span class="p">[</span><span class="mi">1</span><span class="p">],</span> <span class="mi">1</span><span class="p">);</span>
	<span class="p">}</span>
	<span class="k">else</span> <span class="k">if</span> <span class="p">(</span><span class="n">IsAMD</span><span class="p">(</span><span class="n">cpuid</span><span class="p">))</span>
	<span class="p">{</span>
		<span class="n">CpuId</span><span class="p">(</span><span class="mh">0x80000005</span><span class="p">,</span> <span class="n">cpuid</span><span class="p">);</span>
		<span class="n">g_cacheLineSize</span> <span class="o">=</span> <span class="n">GETBYTE</span><span class="p">(</span><span class="n">cpuid</span><span class="p">[</span><span class="mi">2</span><span class="p">],</span> <span class="mi">0</span><span class="p">);</span>
	<span class="p">}</span>

	<span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">g_cacheLineSize</span><span class="p">)</span>
		<span class="n">g_cacheLineSize</span> <span class="o">=</span> <span class="n">CRYPTOPP_L1_CACHE_LINE_SIZE</span><span class="p">;</span>

	<span class="o">*</span><span class="p">((</span><span class="k">volatile</span> <span class="kt">int</span><span class="o">*</span><span class="p">)</span><span class="o">&amp;</span><span class="n">g_x86DetectionDone</span><span class="p">)</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>
<span class="p">}</span>

<span class="kt">int</span> <span class="nf">is_aes_hw_cpu_supported</span> <span class="p">()</span>
<span class="p">{</span>
	<span class="kt">int</span> <span class="n">bHasAESNI</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span>
	<span class="n">uint32</span> <span class="n">cpuid</span><span class="p">[</span><span class="mi">4</span><span class="p">];</span>

	<span class="k">if</span> <span class="p">(</span><span class="n">CpuId</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="n">cpuid</span><span class="p">))</span>
	<span class="p">{</span>
		<span class="k">if</span> <span class="p">(</span><span class="n">cpuid</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span><span class="o">&lt;&lt;</span><span class="mi">25</span><span class="p">))</span>
			<span class="n">bHasAESNI</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>
<span class="cp">#if !defined (_UEFI) &amp;&amp; ((defined(__AES__) &amp;&amp; defined(__PCLMUL__)) || defined(__INTEL_COMPILER) || CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE)</span>
		<span class="c1">// Hypervisor = bit 31 of ECX of CPUID leaf 0x1</span>
		<span class="c1">// reference: http://artemonsecurity.com/vmde.pdf</span>
		<span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">bHasAESNI</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="n">cpuid</span><span class="p">[</span><span class="mi">2</span><span class="p">]</span> <span class="o">&amp;</span> <span class="p">(</span><span class="mi">1</span><span class="o">&lt;&lt;</span><span class="mi">31</span><span class="p">)))</span>
		<span class="p">{</span>
			<span class="n">bHasAESNI</span> <span class="o">=</span> <span class="n">Detect_MS_HyperV_AES</span> <span class="p">();</span>
		<span class="p">}</span>
<span class="cp">#endif</span>
	<span class="p">}</span>

	<span class="k">return</span> <span class="n">bHasAESNI</span><span class="p">;</span>
<span class="p">}</span>

<span class="cp">#endif</span>
</pre></div>
</code></pre></td></tr></table>
</div> <!-- class=content -->
</div> <!-- id=cgit -->
</body></html>