From 51528ecf3d90d09351322e172d91eed0cb45b2e7 Mon Sep 17 00:00:00 2001
From: Aqua-sama <aqua@iserlohn-fortress.net>
Date: Sun, 8 Nov 2020 20:34:13 +0200
Subject: Add more test vectors

---
 blowfish.hpp           |  50 +++++-----
 blowfish_init.hpp      |   3 +-
 main.cpp               |  46 +--------
 makefile               |  13 +--
 test_set_keys.cpp      |  42 ++++++++
 test_variable_keys.cpp |  36 +++++++
 vectors.h              | 253 +++++++++++++++++++++++++++----------------------
 7 files changed, 255 insertions(+), 188 deletions(-)
 create mode 100644 test_set_keys.cpp
 create mode 100644 test_variable_keys.cpp

diff --git a/blowfish.hpp b/blowfish.hpp
index 3637335..88d865a 100644
--- a/blowfish.hpp
+++ b/blowfish.hpp
@@ -4,9 +4,12 @@
 
 #include "blowfish_init.hpp"
 #include <algorithm>
+#include <span>
 
 namespace Blowfish {
-template <std::size_t sz> concept is_valid_key_length = (sz < KEYLEN);
+
+template <std::size_t sz>
+concept is_valid_key_length = (KEYLEN_MIN <= sz && sz <= KEYLEN_MAX);
 
 struct Block {
   constexpr Block(uint64_t x) {
@@ -28,23 +31,21 @@ struct Block {
 template <std::size_t keylen>
 requires is_valid_key_length<keylen> class Context {
 public:
-  constexpr Context(const std::array<uint8_t, keylen> &key) {
+  constexpr Context(const std::span<const uint8_t> &key) {
     for (std::size_t i = 0; i < BOXES; ++i) {
       std::copy(S_INIT[i].begin(), S_INIT[i].end(), S[i].begin());
     }
 
-    //
-    std::size_t k = 0;
     for (std::size_t i = 0; i < SUBKEYS; ++i) {
-      uint32_t qk = 0;
-      for (std::size_t j = 0; j < 4; ++j) {
-        qk = (qk << 8) | key[k];
-        ++k;
-        if (k >= keylen) {
-          k = 0;
-        }
-      }
-      P[i] = P_INIT[i] ^ qk;
+        const auto idx0 = (i * 4 + 0) % keylen;
+        const auto idx1 = (i * 4 + 1) % keylen;
+        const auto idx2 = (i * 4 + 2) % keylen;
+        const auto idx3 = (i * 4 + 3) % keylen;
+        const uint32_t qk = (static_cast<uint32_t>(key[idx0]) << 24) +
+                            (static_cast<uint32_t>(key[idx1]) << 16) +
+                            (static_cast<uint32_t>(key[idx2]) << 8) +
+                            static_cast<uint32_t>(key[idx3]);
+        P[i] = P_INIT[i] ^ qk;
     }
 
     Block x(0, 0);
@@ -54,6 +55,7 @@ public:
       P[i] = x.L;
       P[i + 1] = x.R;
     }
+
     for (std::size_t i = 0; i < BOXES; ++i) {
       for (std::size_t j = 0; j < ENTRIES; j += 2) {
         x = encrypt(x);
@@ -65,11 +67,12 @@ public:
 
   constexpr Block encrypt(const Block &x) const {
     Block y(x);
-    for (std::size_t i = 0; i < ROUNDS; ++i) {
-      y.L = y.L ^ P[i];
-      y.R = F(y.L) ^ y.R;
-      std::swap(y.L, y.R);
-    }
+    for (std::size_t i = 0; i < ROUNDS; ++i)
+      [[likely]] {
+        y.L = y.L ^ P[i];
+        y.R = F(y.L) ^ y.R;
+        std::swap(y.L, y.R);
+      }
     std::swap(y.L, y.R);
     y.R = y.R ^ P[16];
     y.L = y.L ^ P[17];
@@ -79,11 +82,12 @@ public:
 
   constexpr Block decrypt(const Block &x) const {
     Block y(x);
-    for (std::size_t i = ROUNDS + 1; i > 1; --i) {
-      y.L = y.L ^ P[i];
-      y.R = F(y.L) ^ y.R;
-      std::swap(y.L, y.R);
-    }
+    for (std::size_t i = ROUNDS + 1; i > 1; --i)
+      [[likely]] {
+        y.L = y.L ^ P[i];
+        y.R = F(y.L) ^ y.R;
+        std::swap(y.L, y.R);
+      }
     std::swap(y.L, y.R);
     y.R = y.R ^ P[1];
     y.L = y.L ^ P[0];
diff --git a/blowfish_init.hpp b/blowfish_init.hpp
index 2d7bf6c..7e9a0d9 100644
--- a/blowfish_init.hpp
+++ b/blowfish_init.hpp
@@ -4,7 +4,8 @@
 
 namespace Blowfish {
 
-constexpr std::size_t KEYLEN = 448 / sizeof(uint8_t);
+constexpr std::size_t KEYLEN_MIN = 32 / 8;
+constexpr std::size_t KEYLEN_MAX = 448 / 8;
 constexpr std::size_t ROUNDS = 16;
 constexpr std::size_t SUBKEYS = ROUNDS + 2;
 constexpr std::size_t BOXES = 4;
diff --git a/main.cpp b/main.cpp
index 2a46d8c..d11aba1 100644
--- a/main.cpp
+++ b/main.cpp
@@ -2,49 +2,11 @@
 #include "vectors.h"
 #include <cstdio>
 
-constexpr uint64_t k(const uint8_t key[8]) {
-  uint64_t r = 0;
-  for (int i = 0; i < 8; ++i) {
-    r += static_cast<uint64_t>(key[i]) << (64 - 8 * (i + 1));
-  }
-  return r;
-}
-
-template <int i> struct wrapper {
-  constexpr void operator()() const {
-    constexpr Blowfish::Context<8> b(std::to_array(variable_key[i]));
-    constexpr Blowfish::Block x(plaintext_l[i], plaintext_r[i]);
-
-    constexpr auto y = b.encrypt(x);
-    static_assert(y.L == ciphertext_l[i]);
-    static_assert(y.R == ciphertext_r[i]);
-
-    constexpr auto z = b.decrypt(y);
-    static_assert(x.L == z.L);
-    static_assert(x.R == z.R);
-
-    printf("0x%016lx\t", k(variable_key[i]));
-    printf("0x%016lx\t", static_cast<uint64_t>(x));
-    printf("0x%016lx\t", static_cast<uint64_t>(y));
-    printf("0x%016lx\n", static_cast<uint64_t>(z));
-  }
-};
-
-template <template <int> class W, std::size_t... I>
-void caller_impl(std::index_sequence<I...>) {
-  int t[] = {0, ((void)W<I>()(), 1)...};
-  (void)t;
-}
-
-template <template <int> class W, std::size_t N,
-          typename Indices = std::make_index_sequence<N>>
-void call_times() {
-  caller_impl<W>(Indices());
-}
+void run_variable_key_wrapper();
+void run_set_key_wrapper();
 
 int main(int, char **) {
-  printf("%-18s\t%-18s\t%-18s\t%-18s\n", "/ key", "/ cleartext", "/ encrypt",
-         "/ decrypt");
-  call_times<wrapper, NUM_VARIABLE_KEY_TESTS>();
+  run_variable_key_wrapper();
+  run_set_key_wrapper();
   return 0;
 }
diff --git a/makefile b/makefile
index ed10a1a..b4cf5d8 100644
--- a/makefile
+++ b/makefile
@@ -1,20 +1,17 @@
 CXX = g++
-CXXFLAGS = -Wall -Wextra -Wpedantic -std=c++2a -g
+CXXFLAGS = -Wall -Wextra -Wpedantic -std=c++2a -g -funroll-loops
+LDFLAGS = -static -static-libgcc -static-libstdc++
 RELEASE = -O3 -march=native -mtune=native
 
-objects = main.o
+objects = main.o test_set_keys.o test_variable_keys.o
 
 default: main
 
-release:
-	$(CXX) -c $(CXXFLAGS) $(RELEASE) main.cpp
-	$(CXX) -o main main.o
-
 %.o: %.cpp
-	$(CXX) -c $(CXXFLAGS) $<
+	$(CXX) -c $(CXXFLAGS) $(RELEASE) $<
 
 main: $(objects)
-	g++ -o $@ $^
+	$(CXX) $(LDFLAGS) -o $@ $^
 
 clean:
 	rm $(objects)
diff --git a/test_set_keys.cpp b/test_set_keys.cpp
new file mode 100644
index 0000000..e963930
--- /dev/null
+++ b/test_set_keys.cpp
@@ -0,0 +1,42 @@
+#include "blowfish.hpp"
+#include "vectors.h"
+#include <cstdio>
+
+template <int sz> constexpr void printKey() {
+  for (int i = 0; i < sz; ++i) {
+    printf("%02x ", set_key[i]);
+  }
+  printf("\n");
+}
+
+template <int i> struct set_key_wrapper {
+  constexpr void operator()() const {
+
+    if constexpr (i < 3) {
+      printf("skip - minimal key length is 32bits (4bytes): current key "
+             "length: %i bytes\n",
+             i + 1);
+    } else {
+      constexpr auto s = std::span(set_key, i + 1);
+
+      constexpr Blowfish::Context<i + 1> b(s);
+      constexpr Blowfish::Block x(set_key_ptext);
+
+      constexpr auto y = b.encrypt(x);
+      static_assert(static_cast<uint64_t>(y) == set_key_ctext[i]);
+      printf("0x%016lx\t", static_cast<uint64_t>(y));
+
+      constexpr auto z = b.decrypt(y);
+      static_assert(static_cast<uint64_t>(z) == set_key_ptext);
+      printf("0x%016lx\t", static_cast<uint64_t>(z));
+
+      printKey<i + 1>();
+    }
+  }
+};
+
+void run_set_key_wrapper() {
+  printf("%-18s\t%-18s\t%-18s\n", "/ encrypt", "/ decrypt", "/ key");
+  call_times<set_key_wrapper, NUM_SET_KEY_TESTS>();
+  printf("%-18s\t0x%016lx\n", "cleartext", set_key_ptext);
+}
diff --git a/test_variable_keys.cpp b/test_variable_keys.cpp
new file mode 100644
index 0000000..8382900
--- /dev/null
+++ b/test_variable_keys.cpp
@@ -0,0 +1,36 @@
+#include "blowfish.hpp"
+#include "vectors.h"
+#include <cstdio>
+
+constexpr uint64_t castVarKey(const uint8_t key[8]) {
+  uint64_t r = 0;
+  for (int i = 0; i < 8; ++i) {
+    r += static_cast<uint64_t>(key[i]) << (64 - 8 * (i + 1));
+  }
+  return r;
+}
+
+template <int i> struct variable_key_wrapper {
+  constexpr void operator()() const {
+    constexpr Blowfish::Context<8> b(std::span(variable_key[i], 8));
+    constexpr Blowfish::Block x(plaintext_l[i], plaintext_r[i]);
+
+    constexpr auto y = b.encrypt(x);
+    static_assert(y.L == ciphertext_l[i]);
+    static_assert(y.R == ciphertext_r[i]);
+
+    constexpr auto z = b.decrypt(y);
+    static_assert(x.L == z.L);
+    static_assert(x.R == z.R);
+
+    printf("0x%016lx\t", castVarKey(variable_key[i]));
+    printf("0x%016lx\t", static_cast<uint64_t>(x));
+    printf("0x%016lx\t", static_cast<uint64_t>(y));
+    printf("0x%016lx\n", static_cast<uint64_t>(z));
+  }
+};
+void run_variable_key_wrapper() {
+  printf("%-18s\t%-18s\t%-18s\t%-18s\n", "/ key", "/ cleartext", "/ encrypt",
+         "/ decrypt");
+  call_times<variable_key_wrapper, NUM_VARIABLE_KEY_TESTS>();
+}
diff --git a/vectors.h b/vectors.h
index a34a040..2835de7 100644
--- a/vectors.h
+++ b/vectors.h
@@ -1,114 +1,139 @@
-#pragma once
-// https://www.schneier.com/wp-content/uploads/2015/12/vectors2-1.txt
-
-/*
- *  Author     :  Randy L. Milbert
- *  E-mail     :  rmilbert@mit.edu
- *  Date       :  18 Jun 97
- *  Description:  Eric Young's test vectors for Blowfish.
- */
-
-#define NUM_VARIABLE_KEY_TESTS	34
-#define NUM_SET_KEY_TESTS			24
-
-/* plaintext bytes -- left halves */
-constexpr uint32_t plaintext_l[NUM_VARIABLE_KEY_TESTS + NUM_SET_KEY_TESTS] = {
-    0x00000000l, 0xFFFFFFFFl, 0x10000000l, 0x11111111l, 0x11111111l,
-    0x01234567l, 0x00000000l, 0x01234567l, 0x01A1D6D0l, 0x5CD54CA8l,
-    0x0248D438l, 0x51454B58l, 0x42FD4430l, 0x059B5E08l, 0x0756D8E0l,
-    0x762514B8l, 0x3BDD1190l, 0x26955F68l, 0x164D5E40l, 0x6B056E18l,
-    0x004BD6EFl, 0x480D3900l, 0x437540C8l, 0x072D43A0l, 0x02FE5577l,
-    0x1D9D5C50l, 0x30553228l, 0x01234567l, 0x01234567l, 0x01234567l,
-    0xFFFFFFFFl, 0x00000000l, 0x00000000l, 0xFFFFFFFFl, 0xFEDCBA98l,
-    0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l,
-    0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l,
-    0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l,
-    0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l,
-    0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l};
-
-/* plaintext bytes -- right halves */
-constexpr uint32_t plaintext_r[NUM_VARIABLE_KEY_TESTS + NUM_SET_KEY_TESTS] = {
-    0x00000000l, 0xFFFFFFFFl, 0x00000001l, 0x11111111l, 0x11111111l,
-    0x89ABCDEFl, 0x00000000l, 0x89ABCDEFl, 0x39776742l, 0x3DEF57DAl,
-    0x06F67172l, 0x2DDF440Al, 0x59577FA2l, 0x51CF143Al, 0x774761D2l,
-    0x29BF486Al, 0x49372802l, 0x35AF609Al, 0x4F275232l, 0x759F5CCAl,
-    0x09176062l, 0x6EE762F2l, 0x698F3CFAl, 0x77075292l, 0x8117F12Al,
-    0x18F728C2l, 0x6D6F295Al, 0x89ABCDEFl, 0x89ABCDEFl, 0x89ABCDEFl,
-    0xFFFFFFFFl, 0x00000000l, 0x00000000l, 0xFFFFFFFFl, 0x76543210l,
-    0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l,
-    0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l,
-    0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l,
-    0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l,
-    0x76543210l, 0x76543210l, 0x76543210l};
-
-/* key bytes for variable key tests */
-constexpr uint8_t variable_key[NUM_VARIABLE_KEY_TESTS][8] = {
-    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
-    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
-    {0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
-    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
-    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
-    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
-    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
-    {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
-    {0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57},
-    {0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E},
-    {0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86},
-    {0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E},
-    {0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6},
-    {0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE},
-    {0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6},
-    {0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE},
-    {0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16},
-    {0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F},
-    {0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46},
-    {0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E},
-    {0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76},
-    {0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07},
-    {0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F},
-    {0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7},
-    {0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF},
-    {0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6},
-    {0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF},
-    {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
-    {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
-    {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
-    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
-    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
-    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
-    {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}};
-
-/* key bytes for set key tests */
-unsigned char set_key[24] = {0xF0, 0xE1, 0xD2, 0xC3, 0xB4, 0xA5, 0x96, 0x87,
-                             0x78, 0x69, 0x5A, 0x4B, 0x3C, 0x2D, 0x1E, 0x0F,
-                             0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77};
-
-/* ciphertext bytes -- left halves */
-constexpr uint32_t ciphertext_l[NUM_VARIABLE_KEY_TESTS + NUM_SET_KEY_TESTS] = {
-    0x4EF99745l, 0x51866FD5l, 0x7D856F9Al, 0x2466DD87l, 0x61F9C380l,
-    0x7D0CC630l, 0x4EF99745l, 0x0ACEAB0Fl, 0x59C68245l, 0xB1B8CC0Bl,
-    0x1730E577l, 0xA25E7856l, 0x353882B1l, 0x48F4D088l, 0x432193B7l,
-    0x13F04154l, 0x2EEDDA93l, 0xD887E039l, 0x5F99D04Fl, 0x4A057A3Bl,
-    0x452031C1l, 0x7555AE39l, 0x53C55F9Cl, 0x7A8E7BFAl, 0xCF9C5D7Al,
-    0xD1ABB290l, 0x55CB3774l, 0xFA34EC48l, 0xA7907951l, 0xC39E072Dl,
-    0x014933E0l, 0xF21E9A77l, 0x24594688l, 0x6B5C5A9Cl, 0xF9AD597Cl,
-    0xE91D21C1l, 0xE9C2B70Al, 0xBE1E6394l, 0xB39E4448l, 0x9457AA83l,
-    0x8BB77032l, 0xE87A244El, 0x15750E7Al, 0x122BA70Bl, 0x3A833C9Al,
-    0x9409DA87l, 0x884F8062l, 0x1F85031Cl, 0x79D9373Al, 0x93142887l,
-    0x03429E83l, 0xA4299E27l, 0xAFD5AED1l, 0x10851C0El, 0xE6F51ED7l,
-    0x64A6E14Al, 0x80C7D7D4l, 0x05044B62l};
-
-/* ciphertext bytes -- right halves */
-constexpr uint32_t ciphertext_r[NUM_VARIABLE_KEY_TESTS + NUM_SET_KEY_TESTS] = {
-    0x6198DD78l, 0xB85ECB8Al, 0x613063F2l, 0x8B963C9Dl, 0x2281B096l,
-    0xAFDA1EC7l, 0x6198DD78l, 0xC6A0A28Dl, 0xEB05282Bl, 0x250F09A0l,
-    0x8BEA1DA4l, 0xCF2651EBl, 0x09CE8F1Al, 0x4C379918l, 0x8951FC98l,
-    0xD69D1AE5l, 0xFFD39C79l, 0x3C2DA6E3l, 0x5B163969l, 0x24D3977Bl,
-    0xE4FADA8El, 0xF59B87BDl, 0xB49FC019l, 0x937E89A3l, 0x4986ADB5l,
-    0x658BC778l, 0xD13EF201l, 0x47B268B2l, 0x08EA3CAEl, 0x9FAC631Dl,
-    0xCDAFF6E4l, 0xB71C49BCl, 0x5754369Al, 0x5D9E0A5Al, 0x49DB005El,
-    0xD961A6D6l, 0x1BC65CF3l, 0x08640F05l, 0x1BDB1E6El, 0xB1928C0Dl,
-    0xF960629Dl, 0x2CC85E82l, 0x4F4EC577l, 0x3AB64AE0l, 0xFFC537F6l,
-    0xA90F6BF2l, 0x5060B8B4l, 0x19E11968l, 0x714CA34Fl, 0xEE3BE15Cl,
-    0x8CE2D14Bl, 0x469FF67Bl, 0xC1BC96A8l, 0x3858DA9Fl, 0x9B9DB21Fl,
-    0xFD36B46Fl, 0x5A5479ADl, 0xFA52D080l};
+#pragma once
+
+template <template <int> class W, std::size_t... I>
+void caller_impl(std::index_sequence<I...>) {
+  int t[] = {0, ((void)W<I>()(), 1)...};
+  (void)t;
+}
+
+template <template <int> class W, std::size_t N,
+          typename Indices = std::make_index_sequence<N>>
+void call_times() {
+  caller_impl<W>(Indices());
+}
+
+// https://www.schneier.com/wp-content/uploads/2015/12/vectors2-1.txt
+
+/*
+ *  Author     :  Randy L. Milbert
+ *  E-mail     :  rmilbert@mit.edu
+ *  Date       :  18 Jun 97
+ *  Description:  Eric Young's test vectors for Blowfish.
+ */
+
+constexpr std::size_t NUM_VARIABLE_KEY_TESTS = 34;
+constexpr std::size_t NUM_SET_KEY_TESTS = 24;
+
+/* plaintext bytes -- left halves */
+constexpr uint32_t plaintext_l[NUM_VARIABLE_KEY_TESTS + NUM_SET_KEY_TESTS] = {
+    0x00000000l, 0xFFFFFFFFl, 0x10000000l, 0x11111111l, 0x11111111l,
+    0x01234567l, 0x00000000l, 0x01234567l, 0x01A1D6D0l, 0x5CD54CA8l,
+    0x0248D438l, 0x51454B58l, 0x42FD4430l, 0x059B5E08l, 0x0756D8E0l,
+    0x762514B8l, 0x3BDD1190l, 0x26955F68l, 0x164D5E40l, 0x6B056E18l,
+    0x004BD6EFl, 0x480D3900l, 0x437540C8l, 0x072D43A0l, 0x02FE5577l,
+    0x1D9D5C50l, 0x30553228l, 0x01234567l, 0x01234567l, 0x01234567l,
+    0xFFFFFFFFl, 0x00000000l, 0x00000000l, 0xFFFFFFFFl, 0xFEDCBA98l,
+    0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l,
+    0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l,
+    0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l,
+    0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l,
+    0xFEDCBA98l, 0xFEDCBA98l, 0xFEDCBA98l};
+
+/* plaintext bytes -- right halves */
+constexpr uint32_t plaintext_r[NUM_VARIABLE_KEY_TESTS + NUM_SET_KEY_TESTS] = {
+    0x00000000l, 0xFFFFFFFFl, 0x00000001l, 0x11111111l, 0x11111111l,
+    0x89ABCDEFl, 0x00000000l, 0x89ABCDEFl, 0x39776742l, 0x3DEF57DAl,
+    0x06F67172l, 0x2DDF440Al, 0x59577FA2l, 0x51CF143Al, 0x774761D2l,
+    0x29BF486Al, 0x49372802l, 0x35AF609Al, 0x4F275232l, 0x759F5CCAl,
+    0x09176062l, 0x6EE762F2l, 0x698F3CFAl, 0x77075292l, 0x8117F12Al,
+    0x18F728C2l, 0x6D6F295Al, 0x89ABCDEFl, 0x89ABCDEFl, 0x89ABCDEFl,
+    0xFFFFFFFFl, 0x00000000l, 0x00000000l, 0xFFFFFFFFl, 0x76543210l,
+    0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l,
+    0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l,
+    0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l,
+    0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l, 0x76543210l,
+    0x76543210l, 0x76543210l, 0x76543210l};
+
+/* key bytes for variable key tests */
+constexpr uint8_t variable_key[NUM_VARIABLE_KEY_TESTS][8] = {
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+    {0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57},
+    {0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E},
+    {0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86},
+    {0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E},
+    {0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6},
+    {0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE},
+    {0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6},
+    {0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE},
+    {0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16},
+    {0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F},
+    {0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46},
+    {0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E},
+    {0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76},
+    {0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07},
+    {0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F},
+    {0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7},
+    {0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF},
+    {0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6},
+    {0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF},
+    {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
+    {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
+    {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}};
+
+/* ciphertext bytes -- left halves */
+constexpr uint32_t ciphertext_l[NUM_VARIABLE_KEY_TESTS + NUM_SET_KEY_TESTS] = {
+    0x4EF99745l, 0x51866FD5l, 0x7D856F9Al, 0x2466DD87l, 0x61F9C380l,
+    0x7D0CC630l, 0x4EF99745l, 0x0ACEAB0Fl, 0x59C68245l, 0xB1B8CC0Bl,
+    0x1730E577l, 0xA25E7856l, 0x353882B1l, 0x48F4D088l, 0x432193B7l,
+    0x13F04154l, 0x2EEDDA93l, 0xD887E039l, 0x5F99D04Fl, 0x4A057A3Bl,
+    0x452031C1l, 0x7555AE39l, 0x53C55F9Cl, 0x7A8E7BFAl, 0xCF9C5D7Al,
+    0xD1ABB290l, 0x55CB3774l, 0xFA34EC48l, 0xA7907951l, 0xC39E072Dl,
+    0x014933E0l, 0xF21E9A77l, 0x24594688l, 0x6B5C5A9Cl, 0xF9AD597Cl,
+    0xE91D21C1l, 0xE9C2B70Al, 0xBE1E6394l, 0xB39E4448l, 0x9457AA83l,
+    0x8BB77032l, 0xE87A244El, 0x15750E7Al, 0x122BA70Bl, 0x3A833C9Al,
+    0x9409DA87l, 0x884F8062l, 0x1F85031Cl, 0x79D9373Al, 0x93142887l,
+    0x03429E83l, 0xA4299E27l, 0xAFD5AED1l, 0x10851C0El, 0xE6F51ED7l,
+    0x64A6E14Al, 0x80C7D7D4l, 0x05044B62l};
+
+/* ciphertext bytes -- right halves */
+constexpr uint32_t ciphertext_r[NUM_VARIABLE_KEY_TESTS + NUM_SET_KEY_TESTS] = {
+    0x6198DD78l, 0xB85ECB8Al, 0x613063F2l, 0x8B963C9Dl, 0x2281B096l,
+    0xAFDA1EC7l, 0x6198DD78l, 0xC6A0A28Dl, 0xEB05282Bl, 0x250F09A0l,
+    0x8BEA1DA4l, 0xCF2651EBl, 0x09CE8F1Al, 0x4C379918l, 0x8951FC98l,
+    0xD69D1AE5l, 0xFFD39C79l, 0x3C2DA6E3l, 0x5B163969l, 0x24D3977Bl,
+    0xE4FADA8El, 0xF59B87BDl, 0xB49FC019l, 0x937E89A3l, 0x4986ADB5l,
+    0x658BC778l, 0xD13EF201l, 0x47B268B2l, 0x08EA3CAEl, 0x9FAC631Dl,
+    0xCDAFF6E4l, 0xB71C49BCl, 0x5754369Al, 0x5D9E0A5Al, 0x49DB005El,
+    0xD961A6D6l, 0x1BC65CF3l, 0x08640F05l, 0x1BDB1E6El, 0xB1928C0Dl,
+    0xF960629Dl, 0x2CC85E82l, 0x4F4EC577l, 0x3AB64AE0l, 0xFFC537F6l,
+    0xA90F6BF2l, 0x5060B8B4l, 0x19E11968l, 0x714CA34Fl, 0xEE3BE15Cl,
+    0x8CE2D14Bl, 0x469FF67Bl, 0xC1BC96A8l, 0x3858DA9Fl, 0x9B9DB21Fl,
+    0xFD36B46Fl, 0x5A5479ADl, 0xFA52D080l};
+
+/* key bytes for set key tests */
+constexpr uint8_t set_key[] = {0xF0, 0xE1, 0xD2, 0xC3, 0xB4, 0xA5, 0x96, 0x87,
+                               0x78, 0x69, 0x5A, 0x4B, 0x3C, 0x2D, 0x1E, 0x0F,
+                               0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77};
+
+constexpr uint64_t set_key_ptext = 0xFEDCBA9876543210;
+constexpr uint64_t set_key_ctext[NUM_SET_KEY_TESTS] = {
+    0xF9AD597C49DB005E, 0xE91D21C1D961A6D6, 0xE9C2B70A1BC65CF3,
+    0xBE1E639408640F05, 0xB39E44481BDB1E6E, 0x9457AA83B1928C0D,
+    0x8BB77032F960629D, 0xE87A244E2CC85E82, 0x15750E7A4F4EC577,
+    0x122BA70B3AB64AE0, 0x3A833C9AFFC537F6, 0x9409DA87A90F6BF2,
+    0x884F80625060B8B4, 0x1F85031C19E11968, 0x79D9373A714CA34F,
+    0x93142887EE3BE15C, 0x03429E838CE2D14B, 0xA4299E27469FF67B,
+    0xAFD5AED1C1BC96A8, 0x10851C0E3858DA9F, 0xE6F51ED79B9DB21F,
+    0x64A6E14AFD36B46F, 0x80C7D7D45A5479AD, 0x05044B62FA52D080};
+
-- 
cgit v1.2.1