keccakpermutationoptimized64.macros

Keccak hash加密算法

/*
Algorithm Name: Keccak
Authors: Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche
Date: January 9, 2009

This code, originally by Guido Bertoni, Joan Daemen, Michaël Peeters and
Gilles Van Assche as a part of the SHA-3 submission, is hereby put in the
public domain. It is given as is, without any guarantee.

For more information, feedback or questions, please refer to our website:
http://keccak.noekeon.org/
*/

#define declareABCDE \
    UINT64 Aba, Abe, Abi, Abo, Abu; \
    UINT64 Aga, Age, Agi, Ago, Agu; \
    UINT64 Aka, Ake, Aki, Ako, Aku; \
    UINT64 Ama, Ame, Ami, Amo, Amu; \
    UINT64 Asa, Ase, Asi, Aso, Asu; \
    UINT64 Bba, Bbe, Bbi, Bbo, Bbu; \
    UINT64 Bga, Bge, Bgi, Bgo, Bgu; \
    UINT64 Bka, Bke, Bki, Bko, Bku; \
    UINT64 Bma, Bme, Bmi, Bmo, Bmu; \
    UINT64 Bsa, Bse, Bsi, Bso, Bsu; \
    UINT64 Ca, Ce, Ci, Co, Cu; \
    UINT64 Da, De, Di, Do, Du; \
    UINT64 Eba, Ebe, Ebi, Ebo, Ebu; \
    UINT64 Ega, Ege, Egi, Ego, Egu; \
    UINT64 Eka, Eke, Eki, Eko, Eku; \
    UINT64 Ema, Eme, Emi, Emo, Emu; \
    UINT64 Esa, Ese, Esi, Eso, Esu; \

#define thetaRhoPiChiIotaPrepareTheta(i) \
    Da = Cu^ROL64(Ce, 1); \
    De = Ca^ROL64(Ci, 1); \
    Di = Ce^ROL64(Co, 1); \
    Do = Ci^ROL64(Cu, 1); \
    Du = Co^ROL64(Ca, 1); \
\
    Aba ^= Da; \
    Bba = Aba; \
    Age ^= De; \
    Bbe = ROL64(Age, 44); \
    Aki ^= Di; \
    Bbi = ROL64(Aki, 43); \
    Eba = Bba ^ ((~Bbe)&Bbi); \
    Eba ^= KeccakRoundConstants[i]; \
    Ca = Eba; \
    Amo ^= Do; \
    Bbo = ROL64(Amo, 21); \
    Ebe = Bbe ^ ((~Bbi)&Bbo); \
    Ce = Ebe; \
    Asu ^= Du; \
    Bbu = ROL64(Asu, 14); \
    Ebi = Bbi ^ ((~Bbo)&Bbu); \
    Ci = Ebi; \
    Ebo = Bbo ^ ((~Bbu)&Bba); \
    Co = Ebo; \
    Ebu = Bbu ^ ((~Bba)&Bbe); \
    Cu = Ebu; \
\
    Abo ^= Do; \
    Bga = ROL64(Abo, 28); \
    Agu ^= Du; \
    Bge = ROL64(Agu, 20); \
    Aka ^= Da; \
    Bgi = ROL64(Aka,  3); \
    Ega = Bga ^ ((~Bge)&Bgi); \
    Ca ^= Ega; \
    Ame ^= De; \
    Bgo = ROL64(Ame, 45); \
    Ege = Bge ^ ((~Bgi)&Bgo); \
    Ce ^= Ege; \
    Asi ^= Di; \
    Bgu = ROL64(Asi, 61); \
    Egi = Bgi ^ ((~Bgo)&Bgu); \
    Ci ^= Egi; \
    Ego = Bgo ^ ((~Bgu)&Bga); \
    Co ^= Ego; \
    Egu = Bgu ^ ((~Bga)&Bge); \
    Cu ^= Egu; \
\
    Abe ^= De; \
    Bka = ROL64(Abe,  1); \
    Agi ^= Di; \
    Bke = ROL64(Agi,  6); \
    Ako ^= Do; \
    Bki = ROL64(Ako, 25); \
    Eka = Bka ^ ((~Bke)&Bki); \
    Ca ^= Eka; \
    Amu ^= Du; \
    Bko = ROL64(Amu,  8); \
    Eke = Bke ^ ((~Bki)&Bko); \
    Ce ^= Eke; \
    Asa ^= Da; \
    Bku = ROL64(Asa, 18); \
    Eki = Bki ^ ((~Bko)&Bku); \
    Ci ^= Eki; \
    Eko = Bko ^ ((~Bku)&Bka); \
    Co ^= Eko; \
    Eku = Bku ^ ((~Bka)&Bke); \
    Cu ^= Eku; \
\
    Abu ^= Du; \
    Bma = ROL64(Abu, 27); \
    Aga ^= Da; \
    Bme = ROL64(Aga, 36); \
    Ake ^= De; \
    Bmi = ROL64(Ake, 10); \
    Ema = Bma ^ ((~Bme)&Bmi); \
    Ca ^= Ema; \
    Ami ^= Di; \
    Bmo = ROL64(Ami, 15); \
    Eme = Bme ^ ((~Bmi)&Bmo); \
    Ce ^= Eme; \
    Aso ^= Do; \
    Bmu = ROL64(Aso, 56); \
    Emi = Bmi ^ ((~Bmo)&Bmu); \
    Ci ^= Emi; \
    Emo = Bmo ^ ((~Bmu)&Bma); \
    Co ^= Emo; \
    Emu = Bmu ^ ((~Bma)&Bme); \
    Cu ^= Emu; \
\
    Abi ^= Di; \
    Bsa = ROL64(Abi, 62); \
    Ago ^= Do; \
    Bse = ROL64(Ago, 55); \
    Aku ^= Du; \
    Bsi = ROL64(Aku, 39); \
    Esa = Bsa ^ ((~Bse)&Bsi); \
    Ca ^= Esa; \
    Ama ^= Da; \
    Bso = ROL64(Ama, 41); \
    Ese = Bse ^ ((~Bsi)&Bso); \
    Ce ^= Ese; \
    Ase ^= De; \
    Bsu = ROL64(Ase,  2); \
    Esi = Bsi ^ ((~Bso)&Bsu); \
    Ci ^= Esi; \
    Eso = Bso ^ ((~Bsu)&Bsa); \
    Co ^= Eso; \
    Esu = Bsu ^ ((~Bsa)&Bse); \
    Cu ^= Esu; \
\
    Aba = Eba; \
    Abe = Ebe; \
    Abi = Ebi; \
    Abo = Ebo; \
    Abu = Ebu; \
    Aga = Ega; \
    Age = Ege; \
    Agi = Egi; \
    Ago = Ego; \
    Agu = Egu; \
    Aka = Eka; \
    Ake = Eke; \
    Aki = Eki; \
    Ako = Eko; \
    Aku = Eku; \
    Ama = Ema; \
    Ame = Eme; \
    Ami = Emi; \
    Amo = Emo; \
    Amu = Emu; \
    Asa = Esa; \
    Ase = Ese; \
    Asi = Esi; \
    Aso = Eso; \
    Asu = Esu; \

#define thetaRhoPiAltchiIotaPrepareTheta(i) \
    Da = Cu^ROL64(Ce, 1); \
    De = Ca^ROL64(Ci, 1); \
    Di = Ce^ROL64(Co, 1); \
    Do = Ci^ROL64(Cu, 1); \
    Du = Co^ROL64(Ca, 1); \
\
    Aba ^= Da; \
    Bba = Aba; \
    Age ^= De; \
    Bbe = ROL64(Age, 44); \
    Aki ^= Di; \
    Bbi = ROL64(Aki, 43); \
    Eba =  Bba ^ (  Bbe |  Bbi ); \
    Eba ^= KeccakRoundConstants[i]; \
    Ca = Eba; \
    Amo ^= Do; \
    Bbo = ROL64(Amo, 21); \
    Ebe =  Bbe ^ ((~Bbi)|  Bbo ); \
    Ce = Ebe; \
    Asu ^= Du; \
    Bbu = ROL64(Asu, 14); \
    Ebi =  Bbi ^ (  Bbo &  Bbu ); \
    Ci = Ebi; \
    Ebo =  Bbo ^ (  Bbu |  Bba ); \
    Co = Ebo; \
    Ebu =  Bbu ^ (  Bba &  Bbe ); \
    Cu = Ebu; \
\
    Abo ^= Do; \
    Bga = ROL64(Abo, 28); \
    Agu ^= Du; \
    Bge = ROL64(Agu, 20); \
    Aka ^= Da; \
    Bgi = ROL64(Aka,  3); \
    Ega =  Bga ^ (  Bge |  Bgi ); \
    Ca ^= Ega; \
    Ame ^= De; \
    Bgo = ROL64(Ame, 45); \
    Ege =  Bge ^ (  Bgi &  Bgo ); \
    Ce ^= Ege; \
    Asi ^= Di; \
    Bgu = ROL64(Asi, 61); \
    Egi =  Bgi ^ (  Bgo |(~Bgu)); \
    Ci ^= Egi; \
    Ego =  Bgo ^ (  Bgu |  Bga ); \
    Co ^= Ego; \
    Egu =  Bgu ^ (  Bga &  Bge ); \
    Cu ^= Egu; \
\
    Abe ^= De; \
    Bka = ROL64(Abe,  1); \
    Agi ^= Di; \
    Bke = ROL64(Agi,  6); \
    Ako ^= Do; \
    Bki = ROL64(Ako, 25); \
    Eka =  Bka ^ (  Bke |  Bki ); \
    Ca ^= Eka; \
    Amu ^= Du; \
    Bko = ROL64(Amu,  8); \
    Eke =  Bke ^ (  Bki &  Bko ); \
    Ce ^= Eke; \
    Asa ^= Da; \
    Bku = ROL64(Asa, 18); \
    Eki =  Bki ^ ((~Bko)&  Bku ); \
    Ci ^= Eki; \
    Eko = ~Bko ^ (  Bku |  Bka ); \
    Co ^= Eko; \
    Eku =  Bku ^ (  Bka &  Bke ); \
    Cu ^= Eku; \
\
    Abu ^= Du; \
    Bma = ROL64(Abu, 27); \
    Aga ^= Da; \
    Bme = ROL64(Aga, 36); \
    Ake ^= De; \
    Bmi = ROL64(Ake, 10); \
    Ema =  Bma ^ (  Bme &  Bmi ); \
    Ca ^= Ema; \
    Ami ^= Di; \
    Bmo = ROL64(Ami, 15); \
    Eme =  Bme ^ (  Bmi |  Bmo ); \
    Ce ^= Eme; \
    Aso ^= Do; \
    Bmu = ROL64(Aso, 56); \
    Emi =  Bmi ^ ((~Bmo)|  Bmu ); \
    Ci ^= Emi; \
    Emo = ~Bmo ^ (  Bmu &  Bma ); \
    Co ^= Emo; \
    Emu =  Bmu ^ (  Bma |  Bme ); \
    Cu ^= Emu; \
\
    Abi ^= Di; \
    Bsa = ROL64(Abi, 62); \
    Ago ^= Do; \
    Bse = ROL64(Ago, 55); \
    Aku ^= Du; \
    Bsi = ROL64(Aku, 39); \
    Esa =  Bsa ^ ((~Bse)&  Bsi ); \
    Ca ^= Esa; \
    Ama ^= Da; \
    Bso = ROL64(Ama, 41); \
    Ese = ~Bse ^ (  Bsi |  Bso ); \
    Ce ^= Ese; \
    Ase ^= De; \
    Bsu = ROL64(Ase,  2); \
    Esi =  Bsi ^ (  Bso &  Bsu ); \
    Ci ^= Esi; \
    Eso =  Bso ^ (  Bsu |  Bsa ); \
    Co ^= Eso; \
    Esu =  Bsu ^ (  Bsa &  Bse ); \
    Cu ^= Esu; \
\
    Aba = Eba; \
    Abe = Ebe; \
    Abi = Ebi; \
    Abo = Ebo; \
    Abu = Ebu; \
    Aga = Ega; \
    Age = Ege; \
    Agi = Egi; \
    Ago = Ego; \
    Agu = Egu; \
    Aka = Eka; \
    Ake = Eke; \
    Aki = Eki; \
    Ako = Eko; \
    Aku = Eku; \
    Ama = Ema; \
    Ame = Eme; \
    Ami = Emi; \
    Amo = Emo; \
    Amu = Emu; \
    Asa = Esa; \
    Ase = Ese; \
    Asi = Esi; \
    Aso = Eso; \
    Asu = Esu; \

#ifdef UseBebigokimisa

#define firstRound(i) \
    Ca = Aba^Aga^Aka^Ama^Asa; \
    Ce = Abe^Age^Ake^Ame^Ase; \
    Ci = Abi^Agi^Aki^Ami^Asi; \
    Co = Abo^Ago^Ako^Amo^Aso; \
    Cu = Abu^Agu^Aku^Amu^Asu; \
    thetaRhoPiAltchiIotaPrepareTheta(i)

#define middleRound(i) \
    thetaRhoPiAltchiIotaPrepareTheta(i)

#else

#define firstRound(i) \
    Ca = Aba^Aga^Aka^Ama^Asa; \
    Ce = Abe^Age^Ake^Ame^Ase; \
    Ci = Abi^Agi^Aki^Ami^Asi; \
    Co = Abo^Ago^Ako^Amo^Aso; \
    Cu = Abu^Agu^Aku^Amu^Asu; \
    thetaRhoPiChiIotaPrepareTheta(i)

#define middleRound(i) \
    thetaRhoPiChiIotaPrepareTheta(i)

#endif

#define lastRoundNormal(i) \
    Da = Cu^ROL64(Ce, 1); \
    De = Ca^ROL64(Ci, 1); \
    Di = Ce^ROL64(Co, 1); \
    Do = Ci^ROL64(Cu, 1); \
    Du = Co^ROL64(Ca, 1); \
\
    Aba ^= Da; \
    Bba = Aba; \
    Age ^= De; \
    Bbe = ROL64(Age, 44); \
    Aki ^= Di; \
    Bbi = ROL64(Aki, 43); \
    Eba = Bba ^ ((~Bbe)&Bbi); \
    Eba ^= KeccakRoundConstants[i]; \
    Amo ^= Do; \
    Bbo = ROL64(Amo, 21); \
    Ebe = Bbe ^ ((~Bbi)&Bbo); \
    Asu ^= Du; \
    Bbu = ROL64(Asu, 14); \
    Ebi = Bbi ^ ((~Bbo)&Bbu); \
    Ebo = Bbo ^ ((~Bbu)&Bba); \
    Ebu = Bbu ^ ((~Bba)&Bbe); \
\
    Abo ^= Do; \
    Bga = ROL64(Abo, 28); \
    Agu ^= Du; \
    Bge = ROL64(Agu, 20); \
    Aka ^= Da; \
    Bgi = ROL64(Aka,  3); \
    Ega = Bga ^ ((~Bge)&Bgi); \
    Ame ^= De; \
    Bgo = ROL64(Ame, 45); \
    Ege = Bge ^ ((~Bgi)&Bgo); \
    Asi ^= Di; \
    Bgu = ROL64(Asi, 61); \
    Egi = Bgi ^ ((~Bgo)&Bgu); \
    Ego = Bgo ^ ((~Bgu)&Bga); \
    Egu = Bgu ^ ((~Bga)&Bge); \
\
    Abe ^= De; \
    Bka = ROL64(Abe,  1); \
    Agi ^= Di; \
    Bke = ROL64(Agi,  6); \
    Ako ^= Do; \
    Bki = ROL64(Ako, 25); \
    Eka = Bka ^ ((~Bke)&Bki); \
    Amu ^= Du; \
    Bko = ROL64(Amu,  8); \
    Eke = Bke ^ ((~Bki)&Bko); \
    Asa ^= Da; \
    Bku = ROL64(Asa, 18); \
    Eki = Bki ^ ((~Bko)&Bku); \
    Eko = Bko ^ ((~Bku)&Bka); \
    Eku = Bku ^ ((~Bka)&Bke); \
\
    Abu ^= Du; \
    Bma = ROL64(Abu, 27); \
    Aga ^= Da; \
    Bme = ROL64(Aga, 36); \
    Ake ^= De; \
    Bmi = ROL64(Ake, 10); \
    Ema = Bma ^ ((~Bme)&Bmi); \
    Ami ^= Di; \
    Bmo = ROL64(Ami, 15); \
    Eme = Bme ^ ((~Bmi)&Bmo); \
    Aso ^= Do; \
    Bmu = ROL64(Aso, 56); \
    Emi = Bmi ^ ((~Bmo)&Bmu); \
    Emo = Bmo ^ ((~Bmu)&Bma); \
    Emu = Bmu ^ ((~Bma)&Bme); \
\
    Abi ^= Di; \
    Bsa = ROL64(Abi, 62); \
    Ago ^= Do; \
    Bse = ROL64(Ago, 55); \
    Aku ^= Du; \
    Bsi = ROL64(Aku, 39); \
    Esa = Bsa ^ ((~Bse)&Bsi); \
    Ama ^= Da; \
    Bso = ROL64(Ama, 41); \
    Ese = Bse ^ ((~Bsi)&Bso); \
    Ase ^= De; \
    Bsu = ROL64(Ase,  2); \
    Esi = Bsi ^ ((~Bso)&Bsu); \
    Eso = Bso ^ ((~Bsu)&Bsa); \
    Esu = Bsu ^ ((~Bsa)&Bse); \

#define lastRoundBebigokimisa(i) \
    Da = Cu^ROL64(Ce, 1); \
    De = Ca^ROL64(Ci, 1); \
    Di = Ce^ROL64(Co, 1); \
    Do = Ci^ROL64(Cu, 1); \
    Du = Co^ROL64(Ca, 1); \
\
    Aba ^= Da; \
    Bba = Aba; \
    Age ^= De; \
    Bbe = ROL64(Age, 44); \
    Aki ^= Di; \
    Bbi = ROL64(Aki, 43); \
    Eba =  Bba ^ (  Bbe |  Bbi ); \
    Eba ^= KeccakRoundConstants[i]; \
    Amo ^= Do; \
    Bbo = ROL64(Amo, 21); \
    Ebe =  Bbe ^ ((~Bbi)|  Bbo ); \
    Asu ^= Du; \
    Bbu = ROL64(Asu, 14); \
    Ebi =  Bbi ^ (  Bbo &  Bbu ); \
    Ebo =  Bbo ^ (  Bbu |  Bba ); \
    Ebu =  Bbu ^ (  Bba &  Bbe ); \
\
    Abo ^= Do; \
    Bga = ROL64(Abo, 28); \
    Agu ^= Du; \
    Bge = ROL64(Agu, 20); \
    Aka ^= Da; \
    Bgi = ROL64(Aka,  3); \
    Ega =  Bga ^ (  Bge |  Bgi ); \
    Ame ^= De; \
    Bgo = ROL64(Ame, 45); \
    Ege =  Bge ^ (  Bgi &  Bgo ); \
    Asi ^= Di; \
    Bgu = ROL64(Asi, 61); \
    Egi =  Bgi ^ (  Bgo |(~Bgu)); \
    Ego =  Bgo ^ (  Bgu |  Bga ); \
    Egu =  Bgu ^ (  Bga &  Bge ); \
\
    Abe ^= De; \
    Bka = ROL64(Abe,  1); \
    Agi ^= Di; \
    Bke = ROL64(Agi,  6); \
    Ako ^= Do; \
    Bki = ROL64(Ako, 25); \
    Eka =  Bka ^ (  Bke |  Bki ); \
    Amu ^= Du; \
    Bko = ROL64(Amu,  8); \
    Eke =  Bke ^ (  Bki &  Bko ); \
    Asa ^= Da; \
    Bku = ROL64(Asa, 18); \
    Eki =  Bki ^ ((~Bko)&  Bku ); \
    Eko = ~Bko ^ (  Bku |  Bka ); \
    Eku =  Bku ^ (  Bka &  Bke ); \
\
    Abu ^= Du; \
    Bma = ROL64(Abu, 27); \
    Aga ^= Da; \
    Bme = ROL64(Aga, 36); \
    Ake ^= De; \
    Bmi = ROL64(Ake, 10); \
    Ema =  Bma ^ (  Bme &  Bmi ); \
    Ami ^= Di; \
    Bmo = ROL64(Ami, 15); \
    Eme =  Bme ^ (  Bmi |  Bmo ); \
    Aso ^= Do; \
    Bmu = ROL64(Aso, 56); \
    Emi =  Bmi ^ ((~Bmo)|  Bmu ); \
    Emo = ~Bmo ^ (  Bmu &  Bma ); \
    Emu =  Bmu ^ (  Bma |  Bme ); \
\
    Abi ^= Di; \
    Bsa = ROL64(Abi, 62); \
    Ago ^= Do; \
    Bse = ROL64(Ago, 55); \
    Aku ^= Du; \
    Bsi = ROL64(Aku, 39); \
    Esa =  Bsa ^ ((~Bse)&  Bsi ); \
    Ama ^= Da; \
    Bso = ROL64(Ama, 41); \
    Ese = ~Bse ^ (  Bsi |  Bso ); \
    Ase ^= De; \
    Bsu = ROL64(Ase,  2); \
    Esi =  Bsi ^ (  Bso &  Bsu ); \
    Eso =  Bso ^ (  Bsu |  Bsa ); \
    Esu =  Bsu ^ (  Bsa &  Bse ); \

#ifdef UseBebigokimisa

#define lastRound(i) \
    lastRoundBebigokimisa(i)

#else

#define lastRound(i) \
    lastRoundNormal(i)

#endif

#define copyFromState(X, state) \
    X##ba = state[ 0]; \
    X##be = state[ 1]; \
    X##bi = state[ 2]; \
    X##bo = state[ 3]; \
    X##bu = state[ 4]; \
    X##ga = state[ 5]; \
    X##ge = state[ 6]; \
    X##gi = state[ 7]; \
    X##go = state[ 8]; \
    X##gu = state[ 9]; \
    X##ka = state[10]; \
    X##ke = state[11]; \
    X##ki = state[12]; \
    X##ko = state[13]; \
    X##ku = state[14]; \
    X##ma = state[15]; \
    X##me = state[16]; \
    X##mi = state[17]; \
    X##mo = state[18]; \
    X##mu = state[19]; \
    X##sa = state[20]; \
    X##se = state[21]; \
    X##si = state[22]; \
    X##so = state[23]; \
    X##su = state[24];

#define copyToState(state, X) \
    state[ 0] = X##ba; \
    state[ 1] = X##be; \
    state[ 2] = X##bi; \
    state[ 3] = X##bo; \
    state[ 4] = X##bu; \
    state[ 5] = X##ga; \
    state[ 6] = X##ge; \
    state[ 7] = X##gi; \
    state[ 8] = X##go; \
    state[ 9] = X##gu; \
    state[10] = X##ka; \
    state[11] = X##ke; \
    state[12] = X##ki; \
    state[13] = X##ko; \
    state[14] = X##ku; \
    state[15] = X##ma; \
    state[16] = X##me; \
    state[17] = X##mi; \
    state[18] = X##mo; \
    state[19] = X##mu; \
    state[20] = X##sa; \
    state[21] = X##se; \
    state[22] = X##si; \
    state[23] = X##so; \
    state[24] = X##su;

#define copyFromStateAndXor8words(X, state, input) \
    X##ba = state[ 0]^input[ 0]; \
    X##be = state[ 1]^input[ 1]; \
    X##bi = state[ 2]^input[ 2]; \
    X##bo = state[ 3]^input[ 3]; \
    X##bu = state[ 4]^input[ 4]; \
    X##ga = state[ 5]^input[ 5]; \
    X##ge = state[ 6]^input[ 6]; \
    X##gi = state[ 7]^input[ 7]; \
    X##go = state[ 8]; \
    X##gu = state[ 9]; \
    X##ka = state[10]; \
    X##ke = state[11]; \
    X##ki = state[12]; \
    X##ko = state[13]; \
    X##ku = state[14]; \
    X##ma = state[15]; \
    X##me = state[16]; \
    X##mi = state[17]; \
    X##mo = state[18]; \
    X##mu = state[19]; \
    X##sa = state[20]; \
    X##se = state[21]; \
    X##si = state[22]; \
    X##so = state[23]; \
    X##su = state[24];

#define copyFromStateAndXor16words(X, state, input) \
    X##ba = state[ 0]^input[ 0]; \
    X##be = state[ 1]^input[ 1]; \
    X##bi = state[ 2]^input[ 2]; \
    X##bo = state[ 3]^input[ 3]; \
    X##bu = state[ 4]^input[ 4]; \
    X##ga = state[ 5]^input[ 5]; \
    X##ge = state[ 6]^input[ 6]; \
    X##gi = state[ 7]^input[ 7]; \
    X##go = state[ 8]^input[ 8]; \
    X##gu = state[ 9]^input[ 9]; \
    X##ka = state[10]^input[10]; \
    X##ke = state[11]^input[11]; \
    X##ki = state[12]^input[12]; \
    X##ko = state[13]^input[13]; \
    X##ku = state[14]^input[14]; \
    X##ma = state[15]^input[15]; \
    X##me = state[16]; \
    X##mi = state[17]; \
    X##mo = state[18]; \
    X##mu = state[19]; \
    X##sa = state[20]; \
    X##se = state[21]; \
    X##si = state[22]; \
    X##so = state[23]; \
    X##su = state[24];