Refactor in Engines

gefeili · gefeili · commit 476db8592ae0 · 2025-01-29T17:21:22.000+10:30
diff --git a/core/src/main/java/org/bouncycastle/crypto/digests/PhotonBeetleDigest.java b/core/src/main/java/org/bouncycastle/crypto/digests/PhotonBeetleDigest.java
@@ -24,7 +24,6 @@ private Friend()
     }
 
     private final byte[] state;
-    private final byte[][] state_2d;
     private static final int SQUEEZE_RATE_INBYTES = 16;
     private static final int D = 8;
     private int blockCount;
@@ -34,7 +33,6 @@ public PhotonBeetleDigest()
         super(ProcessingBufferType.Buffered, 4);
         DigestSize = 32;
         state = new byte[DigestSize];
-        state_2d = new byte[D][D];
         algorithmName = "Photon-Beetle Hash";
         blockCount = 0;
     }
@@ -48,7 +46,7 @@ protected void processBytes(byte[] input, int inOff)
         }
         else
         {
-            PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state_2d, state);
+            PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state);
             Bytes.xorTo(BlockSize, input, inOff, state);
         }
         blockCount++;
@@ -74,17 +72,17 @@ else if (blockCount == 4 && m_bufPos == 0)
         }
         else
         {
-            PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state_2d, state);
+            PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state);
             Bytes.xorTo(m_bufPos, m_buf, state);
             if (m_bufPos < BlockSize)
             {
                 state[m_bufPos] ^= 0x01; // ozs
             }
             state[DigestSize - 1] ^= (m_bufPos % BlockSize == 0 ? (byte)1 : (byte)2) << LAST_THREE_BITS_OFFSET;
         }
-        PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state_2d, state);
+        PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state);
         System.arraycopy(state, 0, output, outOff, SQUEEZE_RATE_INBYTES);
-        PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state_2d, state);
+        PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state);
         System.arraycopy(state, 0, output, outOff + SQUEEZE_RATE_INBYTES, SQUEEZE_RATE_INBYTES);
     }
 
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/ElephantEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/ElephantEngine.java
@@ -260,7 +260,7 @@ private void KeccakP200Round(byte[] state, int indexRound)
 
         private byte ROL8(byte a, int offset)
         {
-            return (byte)((offset != 0) ? (((a & 0xFF) << offset) ^ ((a & 0xFF) >>> (8 - offset))) : a);
+            return (byte)(((a & 0xff) << offset) | ((a & 0xff) >> (8 - offset)));
         }
 
         private int index(int x, int y)
@@ -274,7 +274,6 @@ private byte rotl(byte b)
         return (byte)(((b & 0xFF) << 1) | ((b & 0xFF) >>> 7));
     }
 
-
     // State should be BLOCK_SIZE bytes long
     // Note: input may be equal to output
     private void lfsr_step()
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/ISAPEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/ISAPEngine.java
@@ -167,18 +167,15 @@ private void isap_rk(AsconPermutationFriend.AsconPermutation p, long iv64, byte[
 
         public void processEncBlock(byte[] input, int inOff, byte[] output, int outOff)
         {
-            long m64 = Pack.littleEndianToLong(input, inOff);
-            long c64 = U64BIG(p.x0) ^ m64;
+            Pack.longToBigEndian(Pack.bigEndianToLong(input, inOff) ^ p.x0, output, outOff);
             PX1(p);
-            Pack.longToLittleEndian(c64, output, outOff);
         }
 
         public void processEncFinalBlock(byte[] output, int outOff)
         {
             /* Encrypt final m block */
             byte[] xo = Pack.longToLittleEndian(p.x0);
-            int mlen = m_bufPos;
-            Bytes.xor(mlen, xo, BlockSize - mlen, m_buf, 0, output, outOff);
+            Bytes.xor(m_bufPos, xo, BlockSize - m_bufPos, m_buf, 0, output, outOff);
         }
 
         public void reset()
@@ -197,12 +194,6 @@ private int getLongSize(int x)
         {
             return ((x + 7) >>> 3);
         }
-
-        protected long U64BIG(long x)
-        {
-            return ((Longs.rotateRight(x, 8) & (0xFF000000FF000000L)) | (Longs.rotateRight(x, 24) & (0x00FF000000FF0000L)) |
-                (Longs.rotateRight(x, 40) & (0x0000FF000000FF00L)) | (Longs.rotateRight(x, 56) & (0x000000FF000000FFL)));
-        }
     }
 
     private class ISAPAEAD_A_128A
@@ -250,7 +241,7 @@ protected void PX2(AsconPermutationFriend.AsconPermutation p)
     private abstract class ISAPAEAD_K
         implements ISAP_AEAD
     {
-        final int ISAP_STATE_SZ_CRYPTO_NPUBBYTES = ISAP_STATE_SZ - IV_SIZE;
+        protected final int ISAP_STATE_SZ_CRYPTO_NPUBBYTES = ISAP_STATE_SZ - IV_SIZE;
         protected short[] ISAP_IV1_16;
         protected short[] ISAP_IV2_16;
         protected short[] ISAP_IV3_16;
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/PhotonBeetleEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/PhotonBeetleEngine.java
@@ -24,7 +24,6 @@ public enum PhotonBeetleParameters
     private byte[] K;
     private byte[] N;
     private byte[] state;
-    private byte[][] state_2d;
     private final int RATE_INBYTES_HALF;
     private final int STATE_INBYTES;
     private final int LAST_THREE_BITS_OFFSET;
@@ -84,15 +83,14 @@ protected void init(byte[] key, byte[] iv)
         K = key;
         N = iv;
         state = new byte[STATE_INBYTES];
-        state_2d = new byte[D][D];
         m_state = forEncryption ? State.EncInit : State.DecInit;
         reset(false);
     }
 
 
     protected void processBufferAAD(byte[] input, int inOff)
     {
-        photonPermutation(state_2d, state);
+        photonPermutation(state);
         Bytes.xorTo(BlockSize, input, inOff, state);
     }
 
@@ -126,7 +124,7 @@ public void processFinalAAD()
         {
             if (m_aadPos != 0)
             {
-                photonPermutation(state_2d, state);
+                photonPermutation(state);
                 Bytes.xorTo(m_aadPos, m_aad, state);
                 if (m_aadPos < BlockSize)
                 {
@@ -140,14 +138,12 @@ public void processFinalAAD()
 
     protected void processBufferEncrypt(byte[] input, int inOff, byte[] output, int outOff)
     {
-        photonPermutation(state_2d, state);
         rhoohr(output, outOff, input, inOff, BlockSize);
         Bytes.xorTo(BlockSize, input, inOff, state);
     }
 
     protected void processBufferDecrypt(byte[] input, int inOff, byte[] output, int outOff)
     {
-        photonPermutation(state_2d, state);
         rhoohr(output, outOff, input, inOff, BlockSize);
         Bytes.xorTo(BlockSize, output, outOff, state);
     }
@@ -168,7 +164,6 @@ protected void processFinalBlock(byte[] output, int outOff)
         {
             if (bufferLen != 0)
             {
-                photonPermutation(state_2d, state);
                 rhoohr(output, outOff, m_buf, 0, bufferLen);
                 if (forEncryption)
                 {
@@ -185,11 +180,11 @@ protected void processFinalBlock(byte[] output, int outOff)
             }
             state[STATE_INBYTES - 1] ^= c1 << LAST_THREE_BITS_OFFSET;
         }
-        if (input_empty)
+        else if (input_empty)
         {
             state[STATE_INBYTES - 1] ^= 1 << LAST_THREE_BITS_OFFSET;
         }
-        photonPermutation(state_2d, state);
+        photonPermutation(state);
         System.arraycopy(state, 0, mac, 0, MAC_SIZE);
     }
 
@@ -203,12 +198,13 @@ protected void reset(boolean clearMac)
         super.reset(clearMac);
     }
 
-    private static void photonPermutation(byte[][] state_2d, byte[] state)
+    private static void photonPermutation(byte[] state)
     {
         int i, j, k;
         int dq = 3;
         int dr = 7;
         int DSquare = 64;
+        byte[][] state_2d = new byte[D][D];
         for (i = 0; i < DSquare; i++)
         {
             state_2d[i >>> dq][i & dr] = (byte)(((state[i >> 1] & 0xFF) >>> (4 * (i & 1))) & 0xf);
@@ -292,31 +288,26 @@ private byte select(boolean condition1, boolean condition2, byte option3, byte o
 
     private void rhoohr(byte[] ciphertext, int outOff, byte[] plaintext, int inOff, int DBlen_inbytes)
     {
-        byte[] OuterState_part1_ROTR1 = state_2d[0];
+        photonPermutation(state);
+        byte[] OuterState_part1_ROTR1 = new byte[D];
         int i, loop_end = Math.min(DBlen_inbytes, RATE_INBYTES_HALF);
         for (i = 0; i < RATE_INBYTES_HALF - 1; i++)
         {
             OuterState_part1_ROTR1[i] = (byte)(((state[i] & 0xFF) >>> 1) | ((state[(i + 1)] & 1) << 7));
         }
         OuterState_part1_ROTR1[RATE_INBYTES_HALF - 1] = (byte)(((state[i] & 0xFF) >>> 1) | ((state[0] & 1) << 7));
-        i = 0;
-        while (i < loop_end)
-        {
-            ciphertext[i + outOff] = (byte)(state[i + RATE_INBYTES_HALF] ^ plaintext[i++ + inOff]);
-        }
-        while (i < DBlen_inbytes)
-        {
-            ciphertext[i + outOff] = (byte)(OuterState_part1_ROTR1[i - RATE_INBYTES_HALF] ^ plaintext[i++ + inOff]);
-        }
+        Bytes.xor(loop_end, state, RATE_INBYTES_HALF, plaintext, inOff, ciphertext, outOff);
+        Bytes.xor(DBlen_inbytes - loop_end, OuterState_part1_ROTR1, loop_end - RATE_INBYTES_HALF, plaintext,
+            inOff + loop_end, ciphertext, outOff + loop_end);
     }
 
-    public static void photonPermutation(PhotonBeetleDigest.Friend friend, byte[][] state_2d, byte[] state)
+    public static void photonPermutation(PhotonBeetleDigest.Friend friend, byte[] state)
     {
         if (null == friend)
         {
             throw new NullPointerException("This method is only for use by PhotonBeetleDigest");
         }
 
-        photonPermutation(state_2d, state);
+        photonPermutation(state);
     }
-}
+}
diff --git a/core/src/main/java/org/bouncycastle/crypto/engines/RomulusEngine.java b/core/src/main/java/org/bouncycastle/crypto/engines/RomulusEngine.java
@@ -245,15 +245,12 @@ int ad_encryption(byte[] A, int AOff, byte[] s, byte[] k, int adlen, byte[] CNT,
             byte[] T = new byte[16];
             byte[] mp = new byte[16];
             int n = 16;
-            int i, len8;
+            int len8;
             len8 = Math.min(adlen, n);
             adlen -= len8;
             // Rho(S,A) pads an A block and XORs it to the internal state.
             pad(A, AOff, mp, n, len8);
-            for (i = 0; i < n; i++)
-            {
-                s[i] = (byte)(s[i] ^ mp[i]);
-            }
+            Bytes.xorTo(n, mp, s);
             offset = AOff += len8;
             lfsr_gf56(CNT);
             if (adlen != 0)
@@ -793,7 +790,6 @@ void rho(byte[] m, int mOff, byte[] c, int cOff, byte[] s, int len8)
                 }
             }
         }
-
     }
 
     // Applies CNT'=2 * CNT (mod GF(2^56)), where GF(2^56) is defined using the irreducible polynomial

Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,6 @@ private Friend()`
`24`	`24`	`}`
`25`	`25`
`26`	`26`	`private final byte[] state;`
`27`		`- private final byte[][] state_2d;`
`28`	`27`	`private static final int SQUEEZE_RATE_INBYTES = 16;`
`29`	`28`	`private static final int D = 8;`
`30`	`29`	`private int blockCount;`
`@@ -34,7 +33,6 @@ public PhotonBeetleDigest()`
`34`	`33`	`super(ProcessingBufferType.Buffered, 4);`
`35`	`34`	`DigestSize = 32;`
`36`	`35`	`state = new byte[DigestSize];`
`37`		`- state_2d = new byte[D][D];`
`38`	`36`	`algorithmName = "Photon-Beetle Hash";`
`39`	`37`	`blockCount = 0;`
`40`	`38`	`}`
`@@ -48,7 +46,7 @@ protected void processBytes(byte[] input, int inOff)`
`48`	`46`	`}`
`49`	`47`	`else`
`50`	`48`	`{`
`51`		`- PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state_2d, state);`
	`49`	`+ PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state);`
`52`	`50`	`Bytes.xorTo(BlockSize, input, inOff, state);`
`53`	`51`	`}`
`54`	`52`	`blockCount++;`
`@@ -74,17 +72,17 @@ else if (blockCount == 4 && m_bufPos == 0)`
`74`	`72`	`}`
`75`	`73`	`else`
`76`	`74`	`{`
`77`		`- PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state_2d, state);`
	`75`	`+ PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state);`
`78`	`76`	`Bytes.xorTo(m_bufPos, m_buf, state);`
`79`	`77`	`if (m_bufPos < BlockSize)`
`80`	`78`	`{`
`81`	`79`	`state[m_bufPos] ^= 0x01; // ozs`
`82`	`80`	`}`
`83`	`81`	`state[DigestSize - 1] ^= (m_bufPos % BlockSize == 0 ? (byte)1 : (byte)2) << LAST_THREE_BITS_OFFSET;`
`84`	`82`	`}`
`85`		`- PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state_2d, state);`
	`83`	`+ PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state);`
`86`	`84`	`System.arraycopy(state, 0, output, outOff, SQUEEZE_RATE_INBYTES);`
`87`		`- PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state_2d, state);`
	`85`	`+ PhotonBeetleEngine.photonPermutation(Friend.INSTANCE, state);`
`88`	`86`	`System.arraycopy(state, 0, output, outOff + SQUEEZE_RATE_INBYTES, SQUEEZE_RATE_INBYTES);`
`89`	`87`	`}`
`90`	`88`
Original file line number	Diff line number	Diff line change
`@@ -260,7 +260,7 @@ private void KeccakP200Round(byte[] state, int indexRound)`
`260`	`260`
`261`	`261`	`private byte ROL8(byte a, int offset)`
`262`	`262`	`{`
`263`		`- return (byte)((offset != 0) ? (((a & 0xFF) << offset) ^ ((a & 0xFF) >>> (8 - offset))) : a);`
	`263`	`+ return (byte)(((a & 0xff) << offset) \| ((a & 0xff) >> (8 - offset)));`
`264`	`264`	`}`
`265`	`265`
`266`	`266`	`private int index(int x, int y)`
`@@ -274,7 +274,6 @@ private byte rotl(byte b)`
`274`	`274`	`return (byte)(((b & 0xFF) << 1) \| ((b & 0xFF) >>> 7));`
`275`	`275`	`}`
`276`	`276`
`277`		`-`
`278`	`277`	`// State should be BLOCK_SIZE bytes long`
`279`	`278`	`// Note: input may be equal to output`
`280`	`279`	`private void lfsr_step()`
Original file line number	Diff line number	Diff line change
`@@ -167,18 +167,15 @@ private void isap_rk(AsconPermutationFriend.AsconPermutation p, long iv64, byte[`
`167`	`167`
`168`	`168`	`public void processEncBlock(byte[] input, int inOff, byte[] output, int outOff)`
`169`	`169`	`{`
`170`		`- long m64 = Pack.littleEndianToLong(input, inOff);`
`171`		`- long c64 = U64BIG(p.x0) ^ m64;`
	`170`	`+ Pack.longToBigEndian(Pack.bigEndianToLong(input, inOff) ^ p.x0, output, outOff);`
`172`	`171`	`PX1(p);`
`173`		`- Pack.longToLittleEndian(c64, output, outOff);`
`174`	`172`	`}`
`175`	`173`
`176`	`174`	`public void processEncFinalBlock(byte[] output, int outOff)`
`177`	`175`	`{`
`178`	`176`	`/* Encrypt final m block */`
`179`	`177`	`byte[] xo = Pack.longToLittleEndian(p.x0);`
`180`		`- int mlen = m_bufPos;`
`181`		`- Bytes.xor(mlen, xo, BlockSize - mlen, m_buf, 0, output, outOff);`
	`178`	`+ Bytes.xor(m_bufPos, xo, BlockSize - m_bufPos, m_buf, 0, output, outOff);`
`182`	`179`	`}`
`183`	`180`
`184`	`181`	`public void reset()`
`@@ -197,12 +194,6 @@ private int getLongSize(int x)`
`197`	`194`	`{`
`198`	`195`	`return ((x + 7) >>> 3);`
`199`	`196`	`}`
`200`		`-`
`201`		`- protected long U64BIG(long x)`
`202`		`- {`
`203`		`- return ((Longs.rotateRight(x, 8) & (0xFF000000FF000000L)) \| (Longs.rotateRight(x, 24) & (0x00FF000000FF0000L)) \|`
`204`		`- (Longs.rotateRight(x, 40) & (0x0000FF000000FF00L)) \| (Longs.rotateRight(x, 56) & (0x000000FF000000FFL)));`
`205`		`- }`
`206`	`197`	`}`
`207`	`198`
`208`	`199`	`private class ISAPAEAD_A_128A`
`@@ -250,7 +241,7 @@ protected void PX2(AsconPermutationFriend.AsconPermutation p)`
`250`	`241`	`private abstract class ISAPAEAD_K`
`251`	`242`	`implements ISAP_AEAD`
`252`	`243`	`{`
`253`		`- final int ISAP_STATE_SZ_CRYPTO_NPUBBYTES = ISAP_STATE_SZ - IV_SIZE;`
	`244`	`+ protected final int ISAP_STATE_SZ_CRYPTO_NPUBBYTES = ISAP_STATE_SZ - IV_SIZE;`
`254`	`245`	`protected short[] ISAP_IV1_16;`
`255`	`246`	`protected short[] ISAP_IV2_16;`
`256`	`247`	`protected short[] ISAP_IV3_16;`
Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,6 @@ public enum PhotonBeetleParameters`
`24`	`24`	`private byte[] K;`
`25`	`25`	`private byte[] N;`
`26`	`26`	`private byte[] state;`
`27`		`- private byte[][] state_2d;`
`28`	`27`	`private final int RATE_INBYTES_HALF;`
`29`	`28`	`private final int STATE_INBYTES;`
`30`	`29`	`private final int LAST_THREE_BITS_OFFSET;`
`@@ -84,15 +83,14 @@ protected void init(byte[] key, byte[] iv)`
`84`	`83`	`K = key;`
`85`	`84`	`N = iv;`
`86`	`85`	`state = new byte[STATE_INBYTES];`
`87`		`- state_2d = new byte[D][D];`
`88`	`86`	`m_state = forEncryption ? State.EncInit : State.DecInit;`
`89`	`87`	`reset(false);`
`90`	`88`	`}`
`91`	`89`
`92`	`90`
`93`	`91`	`protected void processBufferAAD(byte[] input, int inOff)`
`94`	`92`	`{`
`95`		`- photonPermutation(state_2d, state);`
	`93`	`+ photonPermutation(state);`
`96`	`94`	`Bytes.xorTo(BlockSize, input, inOff, state);`
`97`	`95`	`}`
`98`	`96`
`@@ -126,7 +124,7 @@ public void processFinalAAD()`
`126`	`124`	`{`
`127`	`125`	`if (m_aadPos != 0)`
`128`	`126`	`{`
`129`		`- photonPermutation(state_2d, state);`
	`127`	`+ photonPermutation(state);`
`130`	`128`	`Bytes.xorTo(m_aadPos, m_aad, state);`
`131`	`129`	`if (m_aadPos < BlockSize)`
`132`	`130`	`{`
`@@ -140,14 +138,12 @@ public void processFinalAAD()`
`140`	`138`
`141`	`139`	`protected void processBufferEncrypt(byte[] input, int inOff, byte[] output, int outOff)`
`142`	`140`	`{`
`143`		`- photonPermutation(state_2d, state);`
`144`	`141`	`rhoohr(output, outOff, input, inOff, BlockSize);`
`145`	`142`	`Bytes.xorTo(BlockSize, input, inOff, state);`
`146`	`143`	`}`
`147`	`144`
`148`	`145`	`protected void processBufferDecrypt(byte[] input, int inOff, byte[] output, int outOff)`
`149`	`146`	`{`
`150`		`- photonPermutation(state_2d, state);`
`151`	`147`	`rhoohr(output, outOff, input, inOff, BlockSize);`
`152`	`148`	`Bytes.xorTo(BlockSize, output, outOff, state);`
`153`	`149`	`}`
`@@ -168,7 +164,6 @@ protected void processFinalBlock(byte[] output, int outOff)`
`168`	`164`	`{`
`169`	`165`	`if (bufferLen != 0)`
`170`	`166`	`{`
`171`		`- photonPermutation(state_2d, state);`
`172`	`167`	`rhoohr(output, outOff, m_buf, 0, bufferLen);`
`173`	`168`	`if (forEncryption)`
`174`	`169`	`{`
`@@ -185,11 +180,11 @@ protected void processFinalBlock(byte[] output, int outOff)`
`185`	`180`	`}`
`186`	`181`	`state[STATE_INBYTES - 1] ^= c1 << LAST_THREE_BITS_OFFSET;`
`187`	`182`	`}`
`188`		`- if (input_empty)`
	`183`	`+ else if (input_empty)`
`189`	`184`	`{`
`190`	`185`	`state[STATE_INBYTES - 1] ^= 1 << LAST_THREE_BITS_OFFSET;`
`191`	`186`	`}`
`192`		`- photonPermutation(state_2d, state);`
	`187`	`+ photonPermutation(state);`
`193`	`188`	`System.arraycopy(state, 0, mac, 0, MAC_SIZE);`
`194`	`189`	`}`
`195`	`190`
`@@ -203,12 +198,13 @@ protected void reset(boolean clearMac)`
`203`	`198`	`super.reset(clearMac);`
`204`	`199`	`}`
`205`	`200`
`206`		`- private static void photonPermutation(byte[][] state_2d, byte[] state)`
	`201`	`+ private static void photonPermutation(byte[] state)`
`207`	`202`	`{`
`208`	`203`	`int i, j, k;`
`209`	`204`	`int dq = 3;`
`210`	`205`	`int dr = 7;`
`211`	`206`	`int DSquare = 64;`
	`207`	`+ byte[][] state_2d = new byte[D][D];`
`212`	`208`	`for (i = 0; i < DSquare; i++)`
`213`	`209`	`{`
`214`	`210`	`state_2d[i >>> dq][i & dr] = (byte)(((state[i >> 1] & 0xFF) >>> (4 * (i & 1))) & 0xf);`
`@@ -292,31 +288,26 @@ private byte select(boolean condition1, boolean condition2, byte option3, byte o`
`292`	`288`
`293`	`289`	`private void rhoohr(byte[] ciphertext, int outOff, byte[] plaintext, int inOff, int DBlen_inbytes)`
`294`	`290`	`{`
`295`		`- byte[] OuterState_part1_ROTR1 = state_2d[0];`
	`291`	`+ photonPermutation(state);`
	`292`	`+ byte[] OuterState_part1_ROTR1 = new byte[D];`
`296`	`293`	`int i, loop_end = Math.min(DBlen_inbytes, RATE_INBYTES_HALF);`
`297`	`294`	`for (i = 0; i < RATE_INBYTES_HALF - 1; i++)`
`298`	`295`	`{`
`299`	`296`	`OuterState_part1_ROTR1[i] = (byte)(((state[i] & 0xFF) >>> 1) \| ((state[(i + 1)] & 1) << 7));`
`300`	`297`	`}`
`301`	`298`	`OuterState_part1_ROTR1[RATE_INBYTES_HALF - 1] = (byte)(((state[i] & 0xFF) >>> 1) \| ((state[0] & 1) << 7));`
`302`		`- i = 0;`
`303`		`- while (i < loop_end)`
`304`		`- {`
`305`		`- ciphertext[i + outOff] = (byte)(state[i + RATE_INBYTES_HALF] ^ plaintext[i++ + inOff]);`
`306`		`- }`
`307`		`- while (i < DBlen_inbytes)`
`308`		`- {`
`309`		`- ciphertext[i + outOff] = (byte)(OuterState_part1_ROTR1[i - RATE_INBYTES_HALF] ^ plaintext[i++ + inOff]);`
`310`		`- }`
	`299`	`+ Bytes.xor(loop_end, state, RATE_INBYTES_HALF, plaintext, inOff, ciphertext, outOff);`
	`300`	`+ Bytes.xor(DBlen_inbytes - loop_end, OuterState_part1_ROTR1, loop_end - RATE_INBYTES_HALF, plaintext,`
	`301`	`+ inOff + loop_end, ciphertext, outOff + loop_end);`
`311`	`302`	`}`
`312`	`303`
`313`		`- public static void photonPermutation(PhotonBeetleDigest.Friend friend, byte[][] state_2d, byte[] state)`
	`304`	`+ public static void photonPermutation(PhotonBeetleDigest.Friend friend, byte[] state)`
`314`	`305`	`{`
`315`	`306`	`if (null == friend)`
`316`	`307`	`{`
`317`	`308`	`throw new NullPointerException("This method is only for use by PhotonBeetleDigest");`
`318`	`309`	`}`
`319`	`310`
`320`		`- photonPermutation(state_2d, state);`
	`311`	`+ photonPermutation(state);`
`321`	`312`	`}`
`322`		`-}`
	`313`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -245,15 +245,12 @@ int ad_encryption(byte[] A, int AOff, byte[] s, byte[] k, int adlen, byte[] CNT,`
`245`	`245`	`byte[] T = new byte[16];`
`246`	`246`	`byte[] mp = new byte[16];`
`247`	`247`	`int n = 16;`
`248`		`- int i, len8;`
	`248`	`+ int len8;`
`249`	`249`	`len8 = Math.min(adlen, n);`
`250`	`250`	`adlen -= len8;`
`251`	`251`	`// Rho(S,A) pads an A block and XORs it to the internal state.`
`252`	`252`	`pad(A, AOff, mp, n, len8);`
`253`		`- for (i = 0; i < n; i++)`
`254`		`- {`
`255`		`- s[i] = (byte)(s[i] ^ mp[i]);`
`256`		`- }`
	`253`	`+ Bytes.xorTo(n, mp, s);`
`257`	`254`	`offset = AOff += len8;`
`258`	`255`	`lfsr_gf56(CNT);`
`259`	`256`	`if (adlen != 0)`
`@@ -793,7 +790,6 @@ void rho(byte[] m, int mOff, byte[] c, int cOff, byte[] s, int len8)`
`793`	`790`	`}`
`794`	`791`	`}`
`795`	`792`	`}`
`796`		`-`
`797`	`793`	`}`
`798`	`794`
`799`	`795`	`// Applies CNT'=2 * CNT (mod GF(2^56)), where GF(2^56) is defined using the irreducible polynomial`