1 /* $FreeBSD: src/sys/crypto/md5.h,v 1.4 2002/03/20 05:13:50 alfred Exp $ */
2 /* $KAME: md5.h,v 1.4 2000/03/27 04:36:22 sumikawa Exp $ */
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 #include "../config.h"
37 #ifndef _NETINET6_MD5_H_
38 #define _NETINET6_MD5_H_
42 typedef long unsigned int u_int32_t;
43 typedef long long unsigned int u_int64_t;
44 typedef unsigned char u_int8_t;
45 typedef unsigned int u_int;
46 typedef unsigned long u_long;
47 typedef unsigned char u_char;
51 u_int32_t md5_state32[4];
52 u_int8_t md5_state8[16];
55 #define md5_sta md5_st.md5_state32[0]
56 #define md5_stb md5_st.md5_state32[1]
57 #define md5_stc md5_st.md5_state32[2]
58 #define md5_std md5_st.md5_state32[3]
59 #define md5_st8 md5_st.md5_state8
62 u_int64_t md5_count64;
63 u_int8_t md5_count8[8];
65 #define md5_n md5_count.md5_count64
66 #define md5_n8 md5_count.md5_count8
69 u_int8_t md5_buf[MD5_BUFLEN];
72 static void md5_init(md5_ctxt *);
73 static void md5_loop(md5_ctxt *, const u_int8_t *, u_int);
74 static void md5_pad(md5_ctxt *);
75 static void md5_result(u_int8_t *, md5_ctxt *);
78 #define MD5_CTX md5_ctxt
79 #define MD5Init(x) md5_init((x))
80 #define MD5Update(x, y, z) md5_loop((x), (y), (z))
81 #define MD5Final(x, y) \
84 md5_result((x), (y)); \
87 #endif /* ! _NETINET6_MD5_H_*/
90 * Copyright (c) 2003 Poul-Henning Kamp
92 * University of California. All rights reserved.
93 * All rights reserved.
95 * Redistribution and use in source and binary forms, with or without
96 * modification, are permitted provided that the following conditions
98 * 1. Redistributions of source code must retain the above copyright
99 * notice, this list of conditions and the following disclaimer.
100 * 2. Redistributions in binary form must reproduce the above copyright
101 * notice, this list of conditions and the following disclaimer in the
102 * documentation and/or other materials provided with the distribution.
103 * 3. Neither the name of the author nor the names of any co-contributors
104 * may be used to endorse or promote products derived from this software
105 * without specific prior written permission.
107 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
108 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
109 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
110 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
111 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
112 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
113 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
114 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
115 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
116 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
126 void bcopy(const void*src, void*dest, int len)
128 memcpy(dest, src, len);
133 void bzero(void*mem, int len)
142 static char itoa64[] = /* 0 ... 63 => ascii - 64 */
143 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
146 _crypt_to64(char *s, u_long v, int n)
149 *s++ = itoa64[v&0x3f];
154 char * crypt_md5(const char *pw, const char *salt)
160 u_char final[MD5_SIZE];
161 static const char *sp, *ep;
162 static char passwd[120], *p;
163 static const char *magic = "$1$";
165 /* Refine the Salt first */
168 /* If it starts with the magic string, then skip that */
169 if(!strncmp(sp, magic, strlen(magic)))
172 /* It stops at the first '$', max 8 chars */
173 for(ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++)
176 /* get the length of the true salt */
181 /* The password first, since that is what is most unknown */
182 MD5Update(&ctx, (const u_char *)pw, strlen(pw));
184 /* Then our magic string */
185 MD5Update(&ctx, (const u_char *)magic, strlen(magic));
187 /* Then the raw salt */
188 MD5Update(&ctx, (const u_char *)sp, (u_int)sl);
190 /* Then just as many characters of the MD5(pw,salt,pw) */
192 MD5Update(&ctx1, (const u_char *)pw, strlen(pw));
193 MD5Update(&ctx1, (const u_char *)sp, (u_int)sl);
194 MD5Update(&ctx1, (const u_char *)pw, strlen(pw));
195 MD5Final(final, &ctx1);
196 for(pl = (int)strlen(pw); pl > 0; pl -= MD5_SIZE)
197 MD5Update(&ctx, (const u_char *)final,
198 (u_int)(pl > MD5_SIZE ? MD5_SIZE : pl));
200 /* Don't leave anything around in vm they could use. */
201 memset(final, 0, sizeof(final));
203 /* Then something really weird... */
204 for (i = strlen(pw); i; i >>= 1)
206 MD5Update(&ctx, (const u_char *)final, 1);
208 MD5Update(&ctx, (const u_char *)pw, 1);
210 /* Now make the output string */
211 strcpy(passwd, magic);
212 strncat(passwd, sp, (u_int)sl);
215 MD5Final(final, &ctx);
218 * and now, just to make sure things don't run too fast
219 * On a 60 Mhz Pentium this takes 34 msec, so you would
220 * need 30 seconds to build a 1000 entry dictionary...
222 for(i = 0; i < 1000; i++) {
225 MD5Update(&ctx1, (const u_char *)pw, strlen(pw));
227 MD5Update(&ctx1, (const u_char *)final, MD5_SIZE);
230 MD5Update(&ctx1, (const u_char *)sp, (u_int)sl);
233 MD5Update(&ctx1, (const u_char *)pw, strlen(pw));
236 MD5Update(&ctx1, (const u_char *)final, MD5_SIZE);
238 MD5Update(&ctx1, (const u_char *)pw, strlen(pw));
239 MD5Final(final, &ctx1);
242 p = passwd + strlen(passwd);
244 l = (final[ 0]<<16) | (final[ 6]<<8) | final[12];
245 _crypt_to64(p, l, 4); p += 4;
246 l = (final[ 1]<<16) | (final[ 7]<<8) | final[13];
247 _crypt_to64(p, l, 4); p += 4;
248 l = (final[ 2]<<16) | (final[ 8]<<8) | final[14];
249 _crypt_to64(p, l, 4); p += 4;
250 l = (final[ 3]<<16) | (final[ 9]<<8) | final[15];
251 _crypt_to64(p, l, 4); p += 4;
252 l = (final[ 4]<<16) | (final[10]<<8) | final[ 5];
253 _crypt_to64(p, l, 4); p += 4;
255 _crypt_to64(p, l, 2); p += 2;
258 /* Don't leave anything around in vm they could use. */
259 memset(final, 0, sizeof(final));
264 /* $KAME: md5.c,v 1.5 2000/11/08 06:13:08 itojun Exp $ */
266 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
267 * All rights reserved.
269 * Redistribution and use in source and binary forms, with or without
270 * modification, are permitted provided that the following conditions
272 * 1. Redistributions of source code must retain the above copyright
273 * notice, this list of conditions and the following disclaimer.
274 * 2. Redistributions in binary form must reproduce the above copyright
275 * notice, this list of conditions and the following disclaimer in the
276 * documentation and/or other materials provided with the distribution.
277 * 3. Neither the name of the project nor the names of its contributors
278 * may be used to endorse or promote products derived from this software
279 * without specific prior written permission.
281 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
282 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
283 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
284 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
285 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
286 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
287 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
288 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
289 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
290 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
294 #define SHIFT(X, s) (((X) << (s)) | ((X) >> (32 - (s))))
296 #define F(X, Y, Z) (((X) & (Y)) | ((~X) & (Z)))
297 #define G(X, Y, Z) (((X) & (Z)) | ((Y) & (~Z)))
298 #define H(X, Y, Z) ((X) ^ (Y) ^ (Z))
299 #define I(X, Y, Z) ((Y) ^ ((X) | (~Z)))
301 #define ROUND1(a, b, c, d, k, s, i) { \
302 (a) = (a) + F((b), (c), (d)) + X[(k)] + T[(i)]; \
303 (a) = SHIFT((a), (s)); \
307 #define ROUND2(a, b, c, d, k, s, i) { \
308 (a) = (a) + G((b), (c), (d)) + X[(k)] + T[(i)]; \
309 (a) = SHIFT((a), (s)); \
313 #define ROUND3(a, b, c, d, k, s, i) { \
314 (a) = (a) + H((b), (c), (d)) + X[(k)] + T[(i)]; \
315 (a) = SHIFT((a), (s)); \
319 #define ROUND4(a, b, c, d, k, s, i) { \
320 (a) = (a) + I((b), (c), (d)) + X[(k)] + T[(i)]; \
321 (a) = SHIFT((a), (s)); \
345 #define MD5_A0 0x67452301
346 #define MD5_B0 0xefcdab89
347 #define MD5_C0 0x98badcfe
348 #define MD5_D0 0x10325476
350 /* Integer part of 4294967296 times abs(sin(i)), where i is in radians. */
351 static const u_int32_t T[65] = {
353 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee,
354 0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501,
355 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be,
356 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821,
358 0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa,
359 0xd62f105d, 0x2441453, 0xd8a1e681, 0xe7d3fbc8,
360 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed,
361 0xa9e3e905, 0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a,
363 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c,
364 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70,
365 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x4881d05,
366 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665,
368 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039,
369 0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1,
370 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1,
371 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391,
374 static const u_int8_t md5_paddat[MD5_BUFLEN] = {
375 0x80, 0, 0, 0, 0, 0, 0, 0,
376 0, 0, 0, 0, 0, 0, 0, 0,
377 0, 0, 0, 0, 0, 0, 0, 0,
378 0, 0, 0, 0, 0, 0, 0, 0,
379 0, 0, 0, 0, 0, 0, 0, 0,
380 0, 0, 0, 0, 0, 0, 0, 0,
381 0, 0, 0, 0, 0, 0, 0, 0,
382 0, 0, 0, 0, 0, 0, 0, 0,
385 static void md5_calc(u_int8_t *, md5_ctxt *);
387 static void md5_init(ctxt)
392 ctxt->md5_sta = MD5_A0;
393 ctxt->md5_stb = MD5_B0;
394 ctxt->md5_stc = MD5_C0;
395 ctxt->md5_std = MD5_D0;
396 bzero(ctxt->md5_buf, sizeof(ctxt->md5_buf));
399 static void md5_loop(ctxt, input, len)
401 const u_int8_t *input;
402 u_int len; /* number of bytes */
406 ctxt->md5_n += len * 8; /* byte to bit */
407 gap = MD5_BUFLEN - ctxt->md5_i;
410 bcopy((void *)input, (void *)(ctxt->md5_buf + ctxt->md5_i),
412 md5_calc(ctxt->md5_buf, ctxt);
414 for (i = gap; i + MD5_BUFLEN <= len; i += MD5_BUFLEN) {
415 md5_calc((u_int8_t *)(input + i), ctxt);
418 ctxt->md5_i = len - i;
419 bcopy((void *)(input + i), (void *)ctxt->md5_buf, ctxt->md5_i);
421 bcopy((void *)input, (void *)(ctxt->md5_buf + ctxt->md5_i),
427 static void md5_pad(ctxt)
432 /* Don't count up padding. Keep md5_n. */
433 gap = MD5_BUFLEN - ctxt->md5_i;
436 (void *)(ctxt->md5_buf + ctxt->md5_i),
437 gap - sizeof(ctxt->md5_n));
439 /* including gap == 8 */
440 bcopy(md5_paddat, (void *)(ctxt->md5_buf + ctxt->md5_i),
442 md5_calc(ctxt->md5_buf, ctxt);
443 bcopy((md5_paddat + gap),
444 (void *)ctxt->md5_buf,
445 MD5_BUFLEN - sizeof(ctxt->md5_n));
449 #if BYTE_ORDER == LITTLE_ENDIAN
450 bcopy(&ctxt->md5_n8[0], &ctxt->md5_buf[56], 8);
452 #if BYTE_ORDER == BIG_ENDIAN
453 ctxt->md5_buf[56] = ctxt->md5_n8[7];
454 ctxt->md5_buf[57] = ctxt->md5_n8[6];
455 ctxt->md5_buf[58] = ctxt->md5_n8[5];
456 ctxt->md5_buf[59] = ctxt->md5_n8[4];
457 ctxt->md5_buf[60] = ctxt->md5_n8[3];
458 ctxt->md5_buf[61] = ctxt->md5_n8[2];
459 ctxt->md5_buf[62] = ctxt->md5_n8[1];
460 ctxt->md5_buf[63] = ctxt->md5_n8[0];
463 md5_calc(ctxt->md5_buf, ctxt);
466 static void md5_result(digest, ctxt)
471 #if BYTE_ORDER == LITTLE_ENDIAN
472 bcopy(&ctxt->md5_st8[0], digest, 16);
474 #if BYTE_ORDER == BIG_ENDIAN
475 digest[ 0] = ctxt->md5_st8[ 3]; digest[ 1] = ctxt->md5_st8[ 2];
476 digest[ 2] = ctxt->md5_st8[ 1]; digest[ 3] = ctxt->md5_st8[ 0];
477 digest[ 4] = ctxt->md5_st8[ 7]; digest[ 5] = ctxt->md5_st8[ 6];
478 digest[ 6] = ctxt->md5_st8[ 5]; digest[ 7] = ctxt->md5_st8[ 4];
479 digest[ 8] = ctxt->md5_st8[11]; digest[ 9] = ctxt->md5_st8[10];
480 digest[10] = ctxt->md5_st8[ 9]; digest[11] = ctxt->md5_st8[ 8];
481 digest[12] = ctxt->md5_st8[15]; digest[13] = ctxt->md5_st8[14];
482 digest[14] = ctxt->md5_st8[13]; digest[15] = ctxt->md5_st8[12];
486 #if BYTE_ORDER == BIG_ENDIAN
490 static void md5_calc(b64, ctxt)
494 u_int32_t A = ctxt->md5_sta;
495 u_int32_t B = ctxt->md5_stb;
496 u_int32_t C = ctxt->md5_stc;
497 u_int32_t D = ctxt->md5_std;
498 #if BYTE_ORDER == LITTLE_ENDIAN
499 u_int32_t *X = (u_int32_t *)b64;
501 #if BYTE_ORDER == BIG_ENDIAN
503 /* what a brute force but fast! */
504 u_int8_t *y = (u_int8_t *)X;
505 y[ 0] = b64[ 3]; y[ 1] = b64[ 2]; y[ 2] = b64[ 1]; y[ 3] = b64[ 0];
506 y[ 4] = b64[ 7]; y[ 5] = b64[ 6]; y[ 6] = b64[ 5]; y[ 7] = b64[ 4];
507 y[ 8] = b64[11]; y[ 9] = b64[10]; y[10] = b64[ 9]; y[11] = b64[ 8];
508 y[12] = b64[15]; y[13] = b64[14]; y[14] = b64[13]; y[15] = b64[12];
509 y[16] = b64[19]; y[17] = b64[18]; y[18] = b64[17]; y[19] = b64[16];
510 y[20] = b64[23]; y[21] = b64[22]; y[22] = b64[21]; y[23] = b64[20];
511 y[24] = b64[27]; y[25] = b64[26]; y[26] = b64[25]; y[27] = b64[24];
512 y[28] = b64[31]; y[29] = b64[30]; y[30] = b64[29]; y[31] = b64[28];
513 y[32] = b64[35]; y[33] = b64[34]; y[34] = b64[33]; y[35] = b64[32];
514 y[36] = b64[39]; y[37] = b64[38]; y[38] = b64[37]; y[39] = b64[36];
515 y[40] = b64[43]; y[41] = b64[42]; y[42] = b64[41]; y[43] = b64[40];
516 y[44] = b64[47]; y[45] = b64[46]; y[46] = b64[45]; y[47] = b64[44];
517 y[48] = b64[51]; y[49] = b64[50]; y[50] = b64[49]; y[51] = b64[48];
518 y[52] = b64[55]; y[53] = b64[54]; y[54] = b64[53]; y[55] = b64[52];
519 y[56] = b64[59]; y[57] = b64[58]; y[58] = b64[57]; y[59] = b64[56];
520 y[60] = b64[63]; y[61] = b64[62]; y[62] = b64[61]; y[63] = b64[60];
523 ROUND1(A, B, C, D, 0, Sa, 1); ROUND1(D, A, B, C, 1, Sb, 2);
524 ROUND1(C, D, A, B, 2, Sc, 3); ROUND1(B, C, D, A, 3, Sd, 4);
525 ROUND1(A, B, C, D, 4, Sa, 5); ROUND1(D, A, B, C, 5, Sb, 6);
526 ROUND1(C, D, A, B, 6, Sc, 7); ROUND1(B, C, D, A, 7, Sd, 8);
527 ROUND1(A, B, C, D, 8, Sa, 9); ROUND1(D, A, B, C, 9, Sb, 10);
528 ROUND1(C, D, A, B, 10, Sc, 11); ROUND1(B, C, D, A, 11, Sd, 12);
529 ROUND1(A, B, C, D, 12, Sa, 13); ROUND1(D, A, B, C, 13, Sb, 14);
530 ROUND1(C, D, A, B, 14, Sc, 15); ROUND1(B, C, D, A, 15, Sd, 16);
532 ROUND2(A, B, C, D, 1, Se, 17); ROUND2(D, A, B, C, 6, Sf, 18);
533 ROUND2(C, D, A, B, 11, Sg, 19); ROUND2(B, C, D, A, 0, Sh, 20);
534 ROUND2(A, B, C, D, 5, Se, 21); ROUND2(D, A, B, C, 10, Sf, 22);
535 ROUND2(C, D, A, B, 15, Sg, 23); ROUND2(B, C, D, A, 4, Sh, 24);
536 ROUND2(A, B, C, D, 9, Se, 25); ROUND2(D, A, B, C, 14, Sf, 26);
537 ROUND2(C, D, A, B, 3, Sg, 27); ROUND2(B, C, D, A, 8, Sh, 28);
538 ROUND2(A, B, C, D, 13, Se, 29); ROUND2(D, A, B, C, 2, Sf, 30);
539 ROUND2(C, D, A, B, 7, Sg, 31); ROUND2(B, C, D, A, 12, Sh, 32);
541 ROUND3(A, B, C, D, 5, Si, 33); ROUND3(D, A, B, C, 8, Sj, 34);
542 ROUND3(C, D, A, B, 11, Sk, 35); ROUND3(B, C, D, A, 14, Sl, 36);
543 ROUND3(A, B, C, D, 1, Si, 37); ROUND3(D, A, B, C, 4, Sj, 38);
544 ROUND3(C, D, A, B, 7, Sk, 39); ROUND3(B, C, D, A, 10, Sl, 40);
545 ROUND3(A, B, C, D, 13, Si, 41); ROUND3(D, A, B, C, 0, Sj, 42);
546 ROUND3(C, D, A, B, 3, Sk, 43); ROUND3(B, C, D, A, 6, Sl, 44);
547 ROUND3(A, B, C, D, 9, Si, 45); ROUND3(D, A, B, C, 12, Sj, 46);
548 ROUND3(C, D, A, B, 15, Sk, 47); ROUND3(B, C, D, A, 2, Sl, 48);
550 ROUND4(A, B, C, D, 0, Sm, 49); ROUND4(D, A, B, C, 7, Sn, 50);
551 ROUND4(C, D, A, B, 14, So, 51); ROUND4(B, C, D, A, 5, Sp, 52);
552 ROUND4(A, B, C, D, 12, Sm, 53); ROUND4(D, A, B, C, 3, Sn, 54);
553 ROUND4(C, D, A, B, 10, So, 55); ROUND4(B, C, D, A, 1, Sp, 56);
554 ROUND4(A, B, C, D, 8, Sm, 57); ROUND4(D, A, B, C, 15, Sn, 58);
555 ROUND4(C, D, A, B, 6, So, 59); ROUND4(B, C, D, A, 13, Sp, 60);
556 ROUND4(A, B, C, D, 4, Sm, 61); ROUND4(D, A, B, C, 11, Sn, 62);
557 ROUND4(C, D, A, B, 2, So, 63); ROUND4(B, C, D, A, 9, Sp, 64);