summaryrefslogtreecommitdiff
path: root/lib/crypto
diff options
context:
space:
mode:
authorOri Bernstein <ori@eigenstate.org>2016-11-24 16:28:24 -0800
committerOri Bernstein <ori@eigenstate.org>2016-11-24 16:44:21 -0800
commit6c434100fac87e19234389aba2329165827d0711 (patch)
treec76963ca6d2dd9ba8d65da1f64117945b472e978 /lib/crypto
parent49f27bf2a929c681f40752da7329e377030198a3 (diff)
downloadmc-6c434100fac87e19234389aba2329165827d0711.tar.gz
Rename 'libcryptohash' to 'libcrypto'
The ciphers are coming. Hold on to your hats. The ciphers are coming.
Diffstat (limited to 'lib/crypto')
-rw-r--r--lib/crypto/bld.sub16
-rw-r--r--lib/crypto/md5.myr216
-rw-r--r--lib/crypto/sha1.myr244
-rw-r--r--lib/crypto/sha256.myr416
-rw-r--r--lib/crypto/sha512.myr475
-rw-r--r--lib/crypto/test/md5.myr18
-rw-r--r--lib/crypto/test/sha1.myr18
-rw-r--r--lib/crypto/test/sha256.myr29
-rw-r--r--lib/crypto/test/sha512.myr29
-rw-r--r--lib/crypto/test/util.myr19
10 files changed, 1480 insertions, 0 deletions
diff --git a/lib/crypto/bld.sub b/lib/crypto/bld.sub
new file mode 100644
index 0000000..9688fc7
--- /dev/null
+++ b/lib/crypto/bld.sub
@@ -0,0 +1,16 @@
+testdeps = ../testr:testr ;;
+
+lib crypto =
+ # hashes
+ md5.myr
+ sha1.myr
+ sha256.myr
+ sha512.myr
+
+ # ciphers
+ chacha20.myr
+
+ lib ../std:std
+ lib ../sys:sys
+;;
+
diff --git a/lib/crypto/md5.myr b/lib/crypto/md5.myr
new file mode 100644
index 0000000..04142f1
--- /dev/null
+++ b/lib/crypto/md5.myr
@@ -0,0 +1,216 @@
+use std
+
+pkg crypto =
+ type md5
+
+ const md5 : (data : byte[:] -> byte[16])
+ const md5init : (st : md5# -> void)
+ const md5add : (st : md5#, data : byte[:] -> void)
+ const md5fin : (st : md5# -> byte[16])
+;;
+
+type md5 = struct
+ a : uint32
+ b : uint32
+ c : uint32
+ d : uint32
+ tail : byte[64]
+ msglen : uint64
+
+;;
+
+const md5 = {data
+ var st
+
+ md5init(&st)
+ md5add(&st, data)
+ -> md5fin(&st)
+}
+
+const md5init = {st
+ st.a = 0x67452301
+ st.b = 0xefcdab89
+ st.c = 0x98badcfe
+ st.d = 0x10325476
+ st.msglen = 0
+}
+
+const md5add = {st, data
+ var n, ntail
+
+ ntail = st.msglen % 64
+ st.msglen += data.len
+ if ntail > 0
+ n = std.min(64 - ntail, data.len)
+ std.slcp(st.tail[ntail:ntail + n], data[:n])
+ data = data[n:]
+ if n + ntail < 64
+ -> void
+ ;;
+ step(st, st.tail[:])
+ ;;
+ while data.len >= 64
+ step(st, data[:64])
+ data = data[64:]
+ ;;
+ std.slcp(st.tail[:data.len], data)
+}
+
+const md5fin = {st
+ var r : byte[16]
+ var ntail
+
+ /* append first padding block */
+ ntail = st.msglen % 64
+ st.tail[ntail++] = 0x80
+ std.slfill(st.tail[ntail:], 0)
+ if 64 - ntail < 8
+ step(st, st.tail[:])
+ std.slfill(st.tail[:], 0)
+ ;;
+
+ /* append size block */
+ st.tail[56] = ((st.msglen * 8) >> 0 : byte)
+ st.tail[57] = ((st.msglen * 8) >> 8 : byte)
+ st.tail[58] = ((st.msglen * 8) >> 16 : byte)
+ st.tail[59] = ((st.msglen * 8) >> 24 : byte)
+ st.tail[60] = ((st.msglen * 8) >> 32 : byte)
+ st.tail[61] = ((st.msglen * 8) >> 40 : byte)
+ st.tail[62] = ((st.msglen * 8) >> 48 : byte)
+ st.tail[63] = ((st.msglen * 8) >> 56 : byte)
+ step(st, st.tail[:])
+
+ r[0] = (st.a >> 0 : byte)
+ r[1] = (st.a >> 8 : byte)
+ r[2] = (st.a >> 16 : byte)
+ r[3] = (st.a >> 24 : byte)
+ r[4] = (st.b >> 0 : byte)
+ r[5] = (st.b >> 8 : byte)
+ r[6] = (st.b >> 16 : byte)
+ r[7] = (st.b >> 24 : byte)
+ r[8] = (st.c >> 0 : byte)
+ r[9] = (st.c >> 8 : byte)
+ r[10] = (st.c >> 16 : byte)
+ r[11] = (st.c >> 24 : byte)
+ r[12] = (st.d >> 0 : byte)
+ r[13] = (st.d >> 8 : byte)
+ r[14] = (st.d >> 16 : byte)
+ r[15] = (st.d >> 24 : byte)
+ -> r
+}
+
+const step = {st, blk
+ var a, b, c, d
+ var s00, s01, s02, s03, s04, s05, s06, s07
+ var s08, s09, s10, s11, s12, s13, s14, s15
+
+ a = st.a
+ b = st.b
+ c = st.c
+ d = st.d
+
+ s00 = unpack(blk[0:4])
+ s01 = unpack(blk[4:8])
+ s02 = unpack(blk[8:12])
+ s03 = unpack(blk[12:16])
+ s04 = unpack(blk[16:20])
+ s05 = unpack(blk[20:24])
+ s06 = unpack(blk[24:28])
+ s07 = unpack(blk[28:32])
+ s08 = unpack(blk[32:36])
+ s09 = unpack(blk[36:40])
+ s10 = unpack(blk[40:44])
+ s11 = unpack(blk[44:48])
+ s12 = unpack(blk[48:52])
+ s13 = unpack(blk[52:56])
+ s14 = unpack(blk[56:60])
+ s15 = unpack(blk[60:64])
+
+ /* round 1 */
+ a += (d ^ (b & (c ^ d))) + 0xd76aa478 + s00; a = b + (a << 7 | a >> 25)
+ d += (c ^ (a & (b ^ c))) + 0xe8c7b756 + s01; d = a + (d << 12 | d >> 20)
+ c += (b ^ (d & (a ^ b))) + 0x242070db + s02; c = d + (c << 17 | c >> 15)
+ b += (a ^ (c & (d ^ a))) + 0xc1bdceee + s03; b = c + (b << 22 | b >> 10)
+ a += (d ^ (b & (c ^ d))) + 0xf57c0faf + s04; a = b + (a << 7 | a >> 25)
+ d += (c ^ (a & (b ^ c))) + 0x4787c62a + s05; d = a + (d << 12 | d >> 20)
+ c += (b ^ (d & (a ^ b))) + 0xa8304613 + s06; c = d + (c << 17 | c >> 15)
+ b += (a ^ (c & (d ^ a))) + 0xfd469501 + s07; b = c + (b << 22 | b >> 10)
+ a += (d ^ (b & (c ^ d))) + 0x698098d8 + s08; a = b + (a << 7 | a >> 25)
+ d += (c ^ (a & (b ^ c))) + 0x8b44f7af + s09; d = a + (d << 12 | d >> 20)
+ c += (b ^ (d & (a ^ b))) + 0xffff5bb1 + s10; c = d + (c << 17 | c >> 15)
+ b += (a ^ (c & (d ^ a))) + 0x895cd7be + s11; b = c + (b << 22 | b >> 10)
+ a += (d ^ (b & (c ^ d))) + 0x6b901122 + s12; a = b + (a << 7 | a >> 25)
+ d += (c ^ (a & (b ^ c))) + 0xfd987193 + s13; d = a + (d << 12 | d >> 20)
+ c += (b ^ (d & (a ^ b))) + 0xa679438e + s14; c = d + (c << 17 | c >> 15)
+ b += (a ^ (c & (d ^ a))) + 0x49b40821 + s15; b = c + (b << 22 | b >> 10)
+
+ /* round 2 */
+ a += (c ^ (d & (b ^ c))) + 0xf61e2562 + s01; a = b + (a << 5 | a >> 27)
+ d += (b ^ (c & (a ^ b))) + 0xc040b340 + s06; d = a + (d << 9 | d >> 23)
+ c += (a ^ (b & (d ^ a))) + 0x265e5a51 + s11; c = d + (c << 14 | c >> 18)
+ b += (d ^ (a & (c ^ d))) + 0xe9b6c7aa + s00; b = c + (b << 20 | b >> 12)
+ a += (c ^ (d & (b ^ c))) + 0xd62f105d + s05; a = b + (a << 5 | a >> 27)
+ d += (b ^ (c & (a ^ b))) + 0x02441453 + s10; d = a + (d << 9 | d >> 23)
+ c += (a ^ (b & (d ^ a))) + 0xd8a1e681 + s15; c = d + (c << 14 | c >> 18)
+ b += (d ^ (a & (c ^ d))) + 0xe7d3fbc8 + s04; b = c + (b << 20 | b >> 12)
+ a += (c ^ (d & (b ^ c))) + 0x21e1cde6 + s09; a = b + (a << 5 | a >> 27)
+ d += (b ^ (c & (a ^ b))) + 0xc33707d6 + s14; d = a + (d << 9 | d >> 23)
+ c += (a ^ (b & (d ^ a))) + 0xf4d50d87 + s03; c = d + (c << 14 | c >> 18)
+ b += (d ^ (a & (c ^ d))) + 0x455a14ed + s08; b = c + (b << 20 | b >> 12)
+ a += (c ^ (d & (b ^ c))) + 0xa9e3e905 + s13; a = b + (a << 5 | a >> 27)
+ d += (b ^ (c & (a ^ b))) + 0xfcefa3f8 + s02; d = a + (d << 9 | d >> 23)
+ c += (a ^ (b & (d ^ a))) + 0x676f02d9 + s07; c = d + (c << 14 | c >> 18)
+ b += (d ^ (a & (c ^ d))) + 0x8d2a4c8a + s12; b = c + (b << 20 | b >> 12)
+
+ /* round 3 */
+ a += (b ^ c ^ d) + 0xfffa3942 + s05; a = b + (a << 4 | a >> 28)
+ d += (a ^ b ^ c) + 0x8771f681 + s08; d = a + (d << 11 | d >> 21)
+ c += (d ^ a ^ b) + 0x6d9d6122 + s11; c = d + (c << 16 | c >> 16)
+ b += (c ^ d ^ a) + 0xfde5380c + s14; b = c + (b << 23 | b >> 9)
+ a += (b ^ c ^ d) + 0xa4beea44 + s01; a = b + (a << 4 | a >> 28)
+ d += (a ^ b ^ c) + 0x4bdecfa9 + s04; d = a + (d << 11 | d >> 21)
+ c += (d ^ a ^ b) + 0xf6bb4b60 + s07; c = d + (c << 16 | c >> 16)
+ b += (c ^ d ^ a) + 0xbebfbc70 + s10; b = c + (b << 23 | b >> 9)
+ a += (b ^ c ^ d) + 0x289b7ec6 + s13; a = b + (a << 4 | a >> 28)
+ d += (a ^ b ^ c) + 0xeaa127fa + s00; d = a + (d << 11 | d >> 21)
+ c += (d ^ a ^ b) + 0xd4ef3085 + s03; c = d + (c << 16 | c >> 16)
+ b += (c ^ d ^ a) + 0x04881d05 + s06; b = c + (b << 23 | b >> 9)
+ a += (b ^ c ^ d) + 0xd9d4d039 + s09; a = b + (a << 4 | a >> 28)
+ d += (a ^ b ^ c) + 0xe6db99e5 + s12; d = a + (d << 11 | d >> 21)
+ c += (d ^ a ^ b) + 0x1fa27cf8 + s15; c = d + (c << 16 | c >> 16)
+ b += (c ^ d ^ a) + 0xc4ac5665 + s02; b = c + (b << 23 | b >> 9)
+
+ /* round 4 */
+ a += (c ^ (b | ~d)) + 0xf4292244 + s00; a = b + (a << 6 | a >> 26)
+ d += (b ^ (a | ~c)) + 0x432aff97 + s07; d = a + (d << 10 | d >> 22)
+ c += (a ^ (d | ~b)) + 0xab9423a7 + s14; c = d + (c << 15 | c >> 17)
+ b += (d ^ (c | ~a)) + 0xfc93a039 + s05; b = c + (b << 21 | b >> 11)
+ a += (c ^ (b | ~d)) + 0x655b59c3 + s12; a = b + (a << 6 | a >> 26)
+ d += (b ^ (a | ~c)) + 0x8f0ccc92 + s03; d = a + (d << 10 | d >> 22)
+ c += (a ^ (d | ~b)) + 0xffeff47d + s10; c = d + (c << 15 | c >> 17)
+ b += (d ^ (c | ~a)) + 0x85845dd1 + s01; b = c + (b << 21 | b >> 11)
+ a += (c ^ (b | ~d)) + 0x6fa87e4f + s08; a = b + (a << 6 | a >> 26)
+ d += (b ^ (a | ~c)) + 0xfe2ce6e0 + s15; d = a + (d << 10 | d >> 22)
+ c += (a ^ (d | ~b)) + 0xa3014314 + s06; c = d + (c << 15 | c >> 17)
+ b += (d ^ (c | ~a)) + 0x4e0811a1 + s13; b = c + (b << 21 | b >> 11)
+ a += (c ^ (b | ~d)) + 0xf7537e82 + s04; a = b + (a << 6 | a >> 26)
+ d += (b ^ (a | ~c)) + 0xbd3af235 + s11; d = a + (d << 10 | d >> 22)
+ c += (a ^ (d | ~b)) + 0x2ad7d2bb + s02; c = d + (c << 15 | c >> 17)
+ b += (d ^ (c | ~a)) + 0xeb86d391 + s09; b = c + (b << 21 | b >> 11)
+
+ st.a += a
+ st.b += b
+ st.c += c
+ st.d += d
+}
+
+const unpack = {b
+ var v : uint32
+
+ v = 0
+ v |= (b[0] : uint32) << 0
+ v |= (b[1] : uint32) << 8
+ v |= (b[2] : uint32) << 16
+ v |= (b[3] : uint32) << 24
+ -> v
+}
diff --git a/lib/crypto/sha1.myr b/lib/crypto/sha1.myr
new file mode 100644
index 0000000..949074a
--- /dev/null
+++ b/lib/crypto/sha1.myr
@@ -0,0 +1,244 @@
+use std
+
+pkg crypto =
+ type sha1
+
+ const sha1 : (data : byte[:] -> byte[20])
+ const sha1init : (st : sha1# -> void)
+ const sha1add : (st : sha1#, data : byte[:] -> void)
+ const sha1fin : (st : sha1# -> byte[20])
+;;
+
+type sha1 = struct
+ a : uint32
+ b : uint32
+ c : uint32
+ d : uint32
+ e : uint32
+ tail : byte[64]
+ msglen : uint64
+;;
+
+const sha1 = {data
+ var st
+
+ sha1init(&st)
+ sha1add(&st, data)
+ -> sha1fin(&st)
+}
+
+const sha1init = {st
+ st.a = 0x67452301
+ st.b = 0xefcdab89
+ st.c = 0x98badcfe
+ st.d = 0x10325476
+ st.e = 0xc3d2e1f0
+ st.msglen = 0
+}
+
+const sha1add = {st, data
+ var n, ntail
+
+ ntail = st.msglen % 64
+ st.msglen += data.len
+ if ntail > 0
+ n = std.min(64 - ntail, data.len)
+ std.slcp(st.tail[ntail:ntail + n], data[:n])
+ data = data[n:]
+ if n + ntail < 64
+ -> void
+ ;;
+ step(st, st.tail[:])
+ ;;
+
+ while data.len >= 64
+ step(st, data[:64])
+ data = data[64:]
+ ;;
+
+ std.slcp(st.tail[:data.len], data)
+}
+
+const sha1fin = {st
+ var r : byte[20]
+ var ntail
+
+ /* append first padding block */
+ ntail = st.msglen % 64
+ st.tail[ntail++] = 0x80
+ std.slfill(st.tail[ntail:], 0)
+ if 64 - ntail < 8
+ step(st, st.tail[:])
+ std.slfill(st.tail[:], 0)
+ ;;
+
+
+ /* append size block */
+ st.tail[56] = ((st.msglen * 8) >> 56 : byte)
+ st.tail[57] = ((st.msglen * 8) >> 48 : byte)
+ st.tail[58] = ((st.msglen * 8) >> 40 : byte)
+ st.tail[59] = ((st.msglen * 8) >> 32 : byte)
+ st.tail[60] = ((st.msglen * 8) >> 24 : byte)
+ st.tail[61] = ((st.msglen * 8) >> 16 : byte)
+ st.tail[62] = ((st.msglen * 8) >> 8 : byte)
+ st.tail[63] = ((st.msglen * 8) >> 0 : byte)
+ step(st, st.tail[:])
+
+ r[0] = (st.a >> 24 : byte)
+ r[1] = (st.a >> 16 : byte)
+ r[2] = (st.a >> 8 : byte)
+ r[3] = (st.a >> 0 : byte)
+ r[4] = (st.b >> 24 : byte)
+ r[5] = (st.b >> 16 : byte)
+ r[6] = (st.b >> 8 : byte)
+ r[7] = (st.b >> 0 : byte)
+ r[8] = (st.c >> 24 : byte)
+ r[9] = (st.c >> 16 : byte)
+ r[10] = (st.c >> 8 : byte)
+ r[11] = (st.c >> 0 : byte)
+ r[12] = (st.d >> 16 : byte)
+ r[13] = (st.d >> 24 : byte)
+ r[14] = (st.d >> 8 : byte)
+ r[15] = (st.d >> 0 : byte)
+ r[16] = (st.e >> 16 : byte)
+ r[17] = (st.e >> 24 : byte)
+ r[18] = (st.e >> 8 : byte)
+ r[19] = (st.e >> 0 : byte)
+ -> r
+}
+
+const K0 = 0x5a827999
+const K1 = 0x6ed9eba1
+const K2 = 0x8f1bbcdc
+const K3 = 0xCA62C1D6
+const step = {st, msg
+ var a, b, c, d, e
+ var s00, s01, s02, s03, s04, s05, s06, s07
+ var s08, s09, s10, s11, s12, s13, s14, s15
+ var t
+
+ a = st.a
+ b = st.b
+ c = st.c
+ d = st.d
+ e = st.e
+
+ s00 = unpack(msg[ 0: 4])
+ s01 = unpack(msg[ 4: 8])
+ s02 = unpack(msg[ 8:12])
+ s03 = unpack(msg[12:16])
+ s04 = unpack(msg[16:20])
+ s05 = unpack(msg[20:24])
+ s06 = unpack(msg[24:28])
+ s07 = unpack(msg[28:32])
+ s08 = unpack(msg[32:36])
+ s09 = unpack(msg[36:40])
+ s10 = unpack(msg[40:44])
+ s11 = unpack(msg[44:48])
+ s12 = unpack(msg[48:52])
+ s13 = unpack(msg[52:56])
+ s14 = unpack(msg[56:60])
+ s15 = unpack(msg[60:64])
+
+ e += (a << 5 | a >> 27) + (d ^ (b & (c ^ d))) + s00 + K0; b = b << 30 | b >> 2
+ d += (e << 5 | e >> 27) + (c ^ (a & (b ^ c))) + s01 + K0; a = a << 30 | a >> 2
+ c += (d << 5 | d >> 27) + (b ^ (e & (a ^ b))) + s02 + K0; e = e << 30 | e >> 2
+ b += (c << 5 | c >> 27) + (a ^ (d & (e ^ a))) + s03 + K0; d = d << 30 | d >> 2
+ a += (b << 5 | b >> 27) + (e ^ (c & (d ^ e))) + s04 + K0; c = c << 30 | c >> 2
+ e += (a << 5 | a >> 27) + (d ^ (b & (c ^ d))) + s05 + K0; b = b << 30 | b >> 2
+ d += (e << 5 | e >> 27) + (c ^ (a & (b ^ c))) + s06 + K0; a = a << 30 | a >> 2
+ c += (d << 5 | d >> 27) + (b ^ (e & (a ^ b))) + s07 + K0; e = e << 30 | e >> 2
+ b += (c << 5 | c >> 27) + (a ^ (d & (e ^ a))) + s08 + K0; d = d << 30 | d >> 2
+ a += (b << 5 | b >> 27) + (e ^ (c & (d ^ e))) + s09 + K0; c = c << 30 | c >> 2
+ e += (a << 5 | a >> 27) + (d ^ (b & (c ^ d))) + s10 + K0; b = b << 30 | b >> 2
+ d += (e << 5 | e >> 27) + (c ^ (a & (b ^ c))) + s11 + K0; a = a << 30 | a >> 2
+ c += (d << 5 | d >> 27) + (b ^ (e & (a ^ b))) + s12 + K0; e = e << 30 | e >> 2
+ b += (c << 5 | c >> 27) + (a ^ (d & (e ^ a))) + s13 + K0; d = d << 30 | d >> 2
+ a += (b << 5 | b >> 27) + (e ^ (c & (d ^ e))) + s14 + K0; c = c << 30 | c >> 2
+ e += (a << 5 | a >> 27) + (d ^ (b & (c ^ d))) + s15 + K0; b = b << 30 | b >> 2
+
+
+ t = s13 ^ s08 ^ s02 ^ s00; s00 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + (c ^ (a & (b ^ c))) + s00 + K0; a = a << 30 | a >> 2
+ t = s14 ^ s09 ^ s03 ^ s01; s01 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + (b ^ (e & (a ^ b))) + s01 + K0; e = e << 30 | e >> 2
+ t = s15 ^ s10 ^ s04 ^ s02; s02 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + (a ^ (d & (e ^ a))) + s02 + K0; d = d << 30 | d >> 2
+ t = s00 ^ s11 ^ s05 ^ s03; s03 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + (e ^ (c & (d ^ e))) + s03 + K0; c = c << 30 | c >> 2
+ t = s01 ^ s12 ^ s06 ^ s04; s04 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + (b ^ c ^ d) + s04 + K1; b = b << 30 | b >> 2
+ t = s02 ^ s13 ^ s07 ^ s05; s05 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + (a ^ b ^ c) + s05 + K1; a = a << 30 | a >> 2
+ t = s03 ^ s14 ^ s08 ^ s06; s06 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + (e ^ a ^ b) + s06 + K1; e = e << 30 | e >> 2
+ t = s04 ^ s15 ^ s09 ^ s07; s07 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + (d ^ e ^ a) + s07 + K1; d = d << 30 | d >> 2
+ t = s05 ^ s00 ^ s10 ^ s08; s08 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + (c ^ d ^ e) + s08 + K1; c = c << 30 | c >> 2
+ t = s06 ^ s01 ^ s11 ^ s09; s09 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + (b ^ c ^ d) + s09 + K1; b = b << 30 | b >> 2
+ t = s07 ^ s02 ^ s12 ^ s10; s10 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + (a ^ b ^ c) + s10 + K1; a = a << 30 | a >> 2
+ t = s08 ^ s03 ^ s13 ^ s11; s11 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + (e ^ a ^ b) + s11 + K1; e = e << 30 | e >> 2
+ t = s09 ^ s04 ^ s14 ^ s12; s12 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + (d ^ e ^ a) + s12 + K1; d = d << 30 | d >> 2
+ t = s10 ^ s05 ^ s15 ^ s13; s13 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + (c ^ d ^ e) + s13 + K1; c = c << 30 | c >> 2
+ t = s11 ^ s06 ^ s00 ^ s14; s14 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + (b ^ c ^ d) + s14 + K1; b = b << 30 | b >> 2
+ t = s12 ^ s07 ^ s01 ^ s15; s15 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + (a ^ b ^ c) + s15 + K1; a = a << 30 | a >> 2
+ t = s13 ^ s08 ^ s02 ^ s00; s00 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + (e ^ a ^ b) + s00 + K1; e = e << 30 | e >> 2
+ t = s14 ^ s09 ^ s03 ^ s01; s01 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + (d ^ e ^ a) + s01 + K1; d = d << 30 | d >> 2
+ t = s15 ^ s10 ^ s04 ^ s02; s02 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + (c ^ d ^ e) + s02 + K1; c = c << 30 | c >> 2
+ t = s00 ^ s11 ^ s05 ^ s03; s03 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + (b ^ c ^ d) + s03 + K1; b = b << 30 | b >> 2
+ t = s01 ^ s12 ^ s06 ^ s04; s04 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + (a ^ b ^ c) + s04 + K1; a = a << 30 | a >> 2
+ t = s02 ^ s13 ^ s07 ^ s05; s05 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + (e ^ a ^ b) + s05 + K1; e = e << 30 | e >> 2
+ t = s03 ^ s14 ^ s08 ^ s06; s06 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + (d ^ e ^ a) + s06 + K1; d = d << 30 | d >> 2
+ t = s04 ^ s15 ^ s09 ^ s07; s07 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + (c ^ d ^ e) + s07 + K1; c = c << 30 | c >> 2
+
+ t = s05 ^ s00 ^ s10 ^ s08; s08 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + ((b & (c | d)) | (c & d)) + s08 + K2; b = b << 30 | b >> 2
+ t = s06 ^ s01 ^ s11 ^ s09; s09 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + ((a & (b | c)) | (b & c)) + s09 + K2; a = a << 30 | a >> 2
+ t = s07 ^ s02 ^ s12 ^ s10; s10 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + ((e & (a | b)) | (a & b)) + s10 + K2; e = e << 30 | e >> 2
+ t = s08 ^ s03 ^ s13 ^ s11; s11 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + ((d & (e | a)) | (e & a)) + s11 + K2; d = d << 30 | d >> 2
+ t = s09 ^ s04 ^ s14 ^ s12; s12 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + ((c & (d | e)) | (d & e)) + s12 + K2; c = c << 30 | c >> 2
+ t = s10 ^ s05 ^ s15 ^ s13; s13 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + ((b & (c | d)) | (c & d)) + s13 + K2; b = b << 30 | b >> 2
+ t = s11 ^ s06 ^ s00 ^ s14; s14 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + ((a & (b | c)) | (b & c)) + s14 + K2; a = a << 30 | a >> 2
+ t = s12 ^ s07 ^ s01 ^ s15; s15 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + ((e & (a | b)) | (a & b)) + s15 + K2; e = e << 30 | e >> 2
+ t = s13 ^ s08 ^ s02 ^ s00; s00 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + ((d & (e | a)) | (e & a)) + s00 + K2; d = d << 30 | d >> 2
+ t = s14 ^ s09 ^ s03 ^ s01; s01 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + ((c & (d | e)) | (d & e)) + s01 + K2; c = c << 30 | c >> 2
+ t = s15 ^ s10 ^ s04 ^ s02; s02 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + ((b & (c | d)) | (c & d)) + s02 + K2; b = b << 30 | b >> 2
+ t = s00 ^ s11 ^ s05 ^ s03; s03 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + ((a & (b | c)) | (b & c)) + s03 + K2; a = a << 30 | a >> 2
+ t = s01 ^ s12 ^ s06 ^ s04; s04 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + ((e & (a | b)) | (a & b)) + s04 + K2; e = e << 30 | e >> 2
+ t = s02 ^ s13 ^ s07 ^ s05; s05 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + ((d & (e | a)) | (e & a)) + s05 + K2; d = d << 30 | d >> 2
+ t = s03 ^ s14 ^ s08 ^ s06; s06 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + ((c & (d | e)) | (d & e)) + s06 + K2; c = c << 30 | c >> 2
+ t = s04 ^ s15 ^ s09 ^ s07; s07 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + ((b & (c | d)) | (c & d)) + s07 + K2; b = b << 30 | b >> 2
+ t = s05 ^ s00 ^ s10 ^ s08; s08 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + ((a & (b | c)) | (b & c)) + s08 + K2; a = a << 30 | a >> 2
+ t = s06 ^ s01 ^ s11 ^ s09; s09 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + ((e & (a | b)) | (a & b)) + s09 + K2; e = e << 30 | e >> 2
+ t = s07 ^ s02 ^ s12 ^ s10; s10 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + ((d & (e | a)) | (e & a)) + s10 + K2; d = d << 30 | d >> 2
+ t = s08 ^ s03 ^ s13 ^ s11; s11 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + ((c & (d | e)) | (d & e)) + s11 + K2; c = c << 30 | c >> 2
+
+ t = s09 ^ s04 ^ s14 ^ s12; s12 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + (b ^ c ^ d) + s12 + K3; b = b << 30 | b >> 2
+ t = s10 ^ s05 ^ s15 ^ s13; s13 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + (a ^ b ^ c) + s13 + K3; a = a << 30 | a >> 2
+ t = s11 ^ s06 ^ s00 ^ s14; s14 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + (e ^ a ^ b) + s14 + K3; e = e << 30 | e >> 2
+ t = s12 ^ s07 ^ s01 ^ s15; s15 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + (d ^ e ^ a) + s15 + K3; d = d << 30 | d >> 2
+ t = s13 ^ s08 ^ s02 ^ s00; s00 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + (c ^ d ^ e) + s00 + K3; c = c << 30 | c >> 2
+ t = s14 ^ s09 ^ s03 ^ s01; s01 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + (b ^ c ^ d) + s01 + K3; b = b << 30 | b >> 2
+ t = s15 ^ s10 ^ s04 ^ s02; s02 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + (a ^ b ^ c) + s02 + K3; a = a << 30 | a >> 2
+ t = s00 ^ s11 ^ s05 ^ s03; s03 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + (e ^ a ^ b) + s03 + K3; e = e << 30 | e >> 2
+ t = s01 ^ s12 ^ s06 ^ s04; s04 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + (d ^ e ^ a) + s04 + K3; d = d << 30 | d >> 2
+ t = s02 ^ s13 ^ s07 ^ s05; s05 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + (c ^ d ^ e) + s05 + K3; c = c << 30 | c >> 2
+ t = s03 ^ s14 ^ s08 ^ s06; s06 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + (b ^ c ^ d) + s06 + K3; b = b << 30 | b >> 2
+ t = s04 ^ s15 ^ s09 ^ s07; s07 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + (a ^ b ^ c) + s07 + K3; a = a << 30 | a >> 2
+ t = s05 ^ s00 ^ s10 ^ s08; s08 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + (e ^ a ^ b) + s08 + K3; e = e << 30 | e >> 2
+ t = s06 ^ s01 ^ s11 ^ s09; s09 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + (d ^ e ^ a) + s09 + K3; d = d << 30 | d >> 2
+ t = s07 ^ s02 ^ s12 ^ s10; s10 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + (c ^ d ^ e) + s10 + K3; c = c << 30 | c >> 2
+ t = s08 ^ s03 ^ s13 ^ s11; s11 = t << 1 | t >> 31; e += (a << 5 | a >> 27) + (b ^ c ^ d) + s11 + K3; b = b << 30 | b >> 2
+ t = s09 ^ s04 ^ s14 ^ s12; s12 = t << 1 | t >> 31; d += (e << 5 | e >> 27) + (a ^ b ^ c) + s12 + K3; a = a << 30 | a >> 2
+ t = s10 ^ s05 ^ s15 ^ s13; s13 = t << 1 | t >> 31; c += (d << 5 | d >> 27) + (e ^ a ^ b) + s13 + K3; e = e << 30 | e >> 2
+ t = s11 ^ s06 ^ s00 ^ s14; s14 = t << 1 | t >> 31; b += (c << 5 | c >> 27) + (d ^ e ^ a) + s14 + K3; d = d << 30 | d >> 2
+ t = s12 ^ s07 ^ s01 ^ s15; s15 = t << 1 | t >> 31; a += (b << 5 | b >> 27) + (c ^ d ^ e) + s15 + K3; c = c << 30 | c >> 2
+
+ st.a += a
+ st.b += b
+ st.c += c
+ st.d += d
+ st.e += e
+}
+
+const unpack = {b
+ var v : uint32
+
+ v = 0
+ v |= (b[0] : uint32) << 24
+ v |= (b[1] : uint32) << 16
+ v |= (b[2] : uint32) << 8
+ v |= (b[3] : uint32) << 0
+ -> v
+}
diff --git a/lib/crypto/sha256.myr b/lib/crypto/sha256.myr
new file mode 100644
index 0000000..a83804e
--- /dev/null
+++ b/lib/crypto/sha256.myr
@@ -0,0 +1,416 @@
+use std
+
+pkg crypto =
+ type sha256
+ type sha224
+
+ const sha256 : (data : byte[:] -> byte[32])
+ const sha256init : (st : sha256# -> void)
+ const sha256add : (st : sha256#, data : byte[:] -> void)
+ const sha256fin : (st : sha256# -> byte[32])
+
+ const sha224 : (data : byte[:] -> byte[28])
+ const sha224init : (st : sha224# -> void)
+ const sha224add : (st : sha224#, data : byte[:] -> void)
+ const sha224fin : (st : sha224# -> byte[28])
+;;
+
+type sha256 = struct
+ x : uint32[8]
+ tail : byte[64]
+ msglen : uint64
+;;
+
+const sha256 = {data
+ var st
+
+ sha256init(&st)
+ sha256add(&st, data)
+ -> sha256fin(&st)
+}
+
+const sha256init = {st
+ st.x[0] = 0x6A09E667
+ st.x[1] = 0xBB67AE85
+ st.x[2] = 0x3C6EF372
+ st.x[3] = 0xA54FF53A
+ st.x[4] = 0x510e527f
+ st.x[5] = 0x9b05688c
+ st.x[6] = 0x1f83d9ab
+ st.x[7] = 0x5be0cd19
+ st.msglen = 0
+}
+
+const sha256add = {st, data
+ var n, ntail
+
+ ntail = st.msglen % 64
+ st.msglen += data.len
+ if ntail > 0
+ n = std.min(64 - ntail, data.len)
+ std.slcp(st.tail[ntail:ntail + n], data[:n])
+ data = data[n:]
+ if n + ntail < 64
+ -> void
+ ;;
+ step(st.x[:], st.tail[:])
+ ;;
+
+ while data.len >= 64
+ step(st.x[:], data[:64])
+ data = data[64:]
+ ;;
+
+ ntail = st.msglen % 64
+ std.slcp(st.tail[:ntail], data)
+}
+
+const sha256fin = {st
+ var r : byte[32]
+
+ tail(st.x[:], st.msglen, st.tail[:])
+
+ pack(r[0:4], st.x[0])
+ pack(r[4:8], st.x[1])
+ pack(r[8:12], st.x[2])
+ pack(r[12:16], st.x[3])
+ pack(r[16:20], st.x[4])
+ pack(r[20:24], st.x[5])
+ pack(r[24:28], st.x[6])
+ pack(r[28:32], st.x[7])
+ -> r
+}
+
+type sha224 = struct
+ x : uint32[8]
+ tail : byte[64]
+ msglen : uint64
+;;
+
+const sha224 = {data
+ var st
+
+ sha224init(&st)
+ sha224add(&st, data)
+ -> sha224fin(&st)
+}
+
+const sha224init = {st
+ st.x[0] = 0xc1059ed8
+ st.x[1] = 0x367cd507
+ st.x[2] = 0x3070dd17
+ st.x[3] = 0xf70e5939
+ st.x[4] = 0xffc00b31
+ st.x[5] = 0x68581511
+ st.x[6] = 0x64f98fa7
+ st.x[7] = 0xbefa4fa4
+ st.msglen = 0
+}
+
+const sha224add = {st, data
+ var n, ntail
+
+ ntail = st.msglen % 64
+ st.msglen += data.len
+ if ntail > 0
+ n = std.min(64 - ntail, data.len)
+ std.slcp(st.tail[ntail:ntail + n], data[:n])
+ data = data[n:]
+ if n + ntail < 64
+ -> void
+ ;;
+ step(st.x[:], st.tail[:])
+ ;;
+
+ while data.len >= 64
+ step(st.x[:], data[:64])
+ data = data[64:]
+ ;;
+
+ ntail = st.msglen % 64
+ std.slcp(st.tail[:ntail], data)
+}
+
+const sha224fin = {st
+ var r : byte[28]
+
+ tail(st.x[:], st.msglen, st.tail[:])
+
+ pack(r[0:4], st.x[0])
+ pack(r[4:8], st.x[1])
+ pack(r[8:12], st.x[2])
+ pack(r[12:16], st.x[3])
+ pack(r[16:20], st.x[4])
+ pack(r[20:24], st.x[5])
+ pack(r[24:28], st.x[6])
+ -> r
+}
+
+
+const tail = {x, msglen, tail
+ var ntail
+
+ /* append first padding block */
+ ntail = msglen % 64
+ tail[ntail++] = 0x80
+ std.slfill(tail[ntail:], 0)
+ if 64 - ntail < 8
+ step(x, tail)
+ std.slfill(tail, 0)
+ ;;
+
+ /* append size block */
+ tail[56] = ((msglen * 8) >> 56 : byte)
+ tail[57] = ((msglen * 8) >> 48 : byte)
+ tail[58] = ((msglen * 8) >> 40 : byte)
+ tail[59] = ((msglen * 8) >> 32 : byte)
+ tail[60] = ((msglen * 8) >> 24 : byte)
+ tail[61] = ((msglen * 8) >> 16 : byte)
+ tail[62] = ((msglen * 8) >> 8 : byte)
+ tail[63] = ((msglen * 8) >> 0 : byte)
+ step(x, tail)
+}
+
+const step = {x, msg
+ var a, b, c, d, e, f, g, h
+ var s00, s01, s02, s03, s04, s05, s06, s07
+ var s08, s09, s10, s11, s12, s13, s14, s15
+ var s16, s17, s18, s19, s20, s21, s22, s23
+ var s24, s25, s26, s27, s28, s29, s30, s31
+ var s32, s33, s34, s35, s36, s37, s38, s39
+ var s40, s41, s42, s43, s44, s45, s46, s47
+ var s48, s49, s50, s51, s52, s53, s54, s55
+ var s56, s57, s58, s59, s60, s61, s62, s63
+
+ a = x[0]
+ b = x[1]
+ c = x[2]
+ d = x[3]
+ e = x[4]
+ f = x[5]
+ g = x[6]
+ h = x[7]
+
+ s00 = unpack(msg[ 0: 4])
+ s01 = unpack(msg[ 4: 8])
+ s02 = unpack(msg[ 8:12])
+ s03 = unpack(msg[12:16])
+ s04 = unpack(msg[16:20])
+ s05 = unpack(msg[20:24])
+ s06 = unpack(msg[24:28])
+ s07 = unpack(msg[28:32])
+ s08 = unpack(msg[32:36])
+ s09 = unpack(msg[36:40])
+ s10 = unpack(msg[40:44])
+ s11 = unpack(msg[44:48])
+ s12 = unpack(msg[48:52])
+ s13 = unpack(msg[52:56])
+ s14 = unpack(msg[56:60])
+ s15 = unpack(msg[60:64])
+
+ s16 = s00 + s09 + (((s01 << 25) | (s01 >> 7)) ^ ((s01 << 14) | (s01 >> 18)) ^ (s01 >> 3)) + (((s14 << 15) | (s14 >> 17)) ^ ((s14 << (32- 19)) | (s14 >> 19)) ^ (s14 >> 10));
+ s17 = s01 + s10 + (((s02 << 25) | (s02 >> 7)) ^ ((s02 << 14) | (s02 >> 18)) ^ (s02 >> 3)) + (((s15 << 15) | (s15 >> 17)) ^ ((s15 << (32- 19)) | (s15 >> 19)) ^ (s15 >> 10));
+ s18 = s02 + s11 + (((s03 << 25) | (s03 >> 7)) ^ ((s03 << 14) | (s03 >> 18)) ^ (s03 >> 3)) + (((s16 << 15) | (s16 >> 17)) ^ ((s16 << (32- 19)) | (s16 >> 19)) ^ (s16 >> 10));
+ s19 = s03 + s12 + (((s04 << 25) | (s04 >> 7)) ^ ((s04 << 14) | (s04 >> 18)) ^ (s04 >> 3)) + (((s17 << 15) | (s17 >> 17)) ^ ((s17 << (32- 19)) | (s17 >> 19)) ^ (s17 >> 10));
+ s20 = s04 + s13 + (((s05 << 25) | (s05 >> 7)) ^ ((s05 << 14) | (s05 >> 18)) ^ (s05 >> 3)) + (((s18 << 15) | (s18 >> 17)) ^ ((s18 << (32- 19)) | (s18 >> 19)) ^ (s18 >> 10));
+ s21 = s05 + s14 + (((s06 << 25) | (s06 >> 7)) ^ ((s06 << 14) | (s06 >> 18)) ^ (s06 >> 3)) + (((s19 << 15) | (s19 >> 17)) ^ ((s19 << (32- 19)) | (s19 >> 19)) ^ (s19 >> 10));
+ s22 = s06 + s15 + (((s07 << 25) | (s07 >> 7)) ^ ((s07 << 14) | (s07 >> 18)) ^ (s07 >> 3)) + (((s20 << 15) | (s20 >> 17)) ^ ((s20 << (32- 19)) | (s20 >> 19)) ^ (s20 >> 10));
+ s23 = s07 + s16 + (((s08 << 25) | (s08 >> 7)) ^ ((s08 << 14) | (s08 >> 18)) ^ (s08 >> 3)) + (((s21 << 15) | (s21 >> 17)) ^ ((s21 << (32- 19)) | (s21 >> 19)) ^ (s21 >> 10));
+ s24 = s08 + s17 + (((s09 << 25) | (s09 >> 7)) ^ ((s09 << 14) | (s09 >> 18)) ^ (s09 >> 3)) + (((s22 << 15) | (s22 >> 17)) ^ ((s22 << (32- 19)) | (s22 >> 19)) ^ (s22 >> 10));
+ s25 = s09 + s18 + (((s10 << 25) | (s10 >> 7)) ^ ((s10 << 14) | (s10 >> 18)) ^ (s10 >> 3)) + (((s23 << 15) | (s23 >> 17)) ^ ((s23 << (32- 19)) | (s23 >> 19)) ^ (s23 >> 10));
+ s26 = s10 + s19 + (((s11 << 25) | (s11 >> 7)) ^ ((s11 << 14) | (s11 >> 18)) ^ (s11 >> 3)) + (((s24 << 15) | (s24 >> 17)) ^ ((s24 << (32- 19)) | (s24 >> 19)) ^ (s24 >> 10));
+ s27 = s11 + s20 + (((s12 << 25) | (s12 >> 7)) ^ ((s12 << 14) | (s12 >> 18)) ^ (s12 >> 3)) + (((s25 << 15) | (s25 >> 17)) ^ ((s25 << (32- 19)) | (s25 >> 19)) ^ (s25 >> 10));
+ s28 = s12 + s21 + (((s13 << 25) | (s13 >> 7)) ^ ((s13 << 14) | (s13 >> 18)) ^ (s13 >> 3)) + (((s26 << 15) | (s26 >> 17)) ^ ((s26 << (32- 19)) | (s26 >> 19)) ^ (s26 >> 10));
+ s29 = s13 + s22 + (((s14 << 25) | (s14 >> 7)) ^ ((s14 << 14) | (s14 >> 18)) ^ (s14 >> 3)) + (((s27 << 15) | (s27 >> 17)) ^ ((s27 << (32- 19)) | (s27 >> 19)) ^ (s27 >> 10));
+ s30 = s14 + s23 + (((s15 << 25) | (s15 >> 7)) ^ ((s15 << 14) | (s15 >> 18)) ^ (s15 >> 3)) + (((s28 << 15) | (s28 >> 17)) ^ ((s28 << (32- 19)) | (s28 >> 19)) ^ (s28 >> 10));
+ s31 = s15 + s24 + (((s16 << 25) | (s16 >> 7)) ^ ((s16 << 14) | (s16 >> 18)) ^ (s16 >> 3)) + (((s29 << 15) | (s29 >> 17)) ^ ((s29 << (32- 19)) | (s29 >> 19)) ^ (s29 >> 10));
+ s32 = s16 + s25 + (((s17 << 25) | (s17 >> 7)) ^ ((s17 << 14) | (s17 >> 18)) ^ (s17 >> 3)) + (((s30 << 15) | (s30 >> 17)) ^ ((s30 << (32- 19)) | (s30 >> 19)) ^ (s30 >> 10));
+ s33 = s17 + s26 + (((s18 << 25) | (s18 >> 7)) ^ ((s18 << 14) | (s18 >> 18)) ^ (s18 >> 3)) + (((s31 << 15) | (s31 >> 17)) ^ ((s31 << (32- 19)) | (s31 >> 19)) ^ (s31 >> 10));
+ s34 = s18 + s27 + (((s19 << 25) | (s19 >> 7)) ^ ((s19 << 14) | (s19 >> 18)) ^ (s19 >> 3)) + (((s32 << 15) | (s32 >> 17)) ^ ((s32 << (32- 19)) | (s32 >> 19)) ^ (s32 >> 10));
+ s35 = s19 + s28 + (((s20 << 25) | (s20 >> 7)) ^ ((s20 << 14) | (s20 >> 18)) ^ (s20 >> 3)) + (((s33 << 15) | (s33 >> 17)) ^ ((s33 << (32- 19)) | (s33 >> 19)) ^ (s33 >> 10));
+ s36 = s20 + s29 + (((s21 << 25) | (s21 >> 7)) ^ ((s21 << 14) | (s21 >> 18)) ^ (s21 >> 3)) + (((s34 << 15) | (s34 >> 17)) ^ ((s34 << (32- 19)) | (s34 >> 19)) ^ (s34 >> 10));
+ s37 = s21 + s30 + (((s22 << 25) | (s22 >> 7)) ^ ((s22 << 14) | (s22 >> 18)) ^ (s22 >> 3)) + (((s35 << 15) | (s35 >> 17)) ^ ((s35 << (32- 19)) | (s35 >> 19)) ^ (s35 >> 10));
+ s38 = s22 + s31 + (((s23 << 25) | (s23 >> 7)) ^ ((s23 << 14) | (s23 >> 18)) ^ (s23 >> 3)) + (((s36 << 15) | (s36 >> 17)) ^ ((s36 << (32- 19)) | (s36 >> 19)) ^ (s36 >> 10));
+ s39 = s23 + s32 + (((s24 << 25) | (s24 >> 7)) ^ ((s24 << 14) | (s24 >> 18)) ^ (s24 >> 3)) + (((s37 << 15) | (s37 >> 17)) ^ ((s37 << (32- 19)) | (s37 >> 19)) ^ (s37 >> 10));
+ s40 = s24 + s33 + (((s25 << 25) | (s25 >> 7)) ^ ((s25 << 14) | (s25 >> 18)) ^ (s25 >> 3)) + (((s38 << 15) | (s38 >> 17)) ^ ((s38 << (32- 19)) | (s38 >> 19)) ^ (s38 >> 10));
+ s41 = s25 + s34 + (((s26 << 25) | (s26 >> 7)) ^ ((s26 << 14) | (s26 >> 18)) ^ (s26 >> 3)) + (((s39 << 15) | (s39 >> 17)) ^ ((s39 << (32- 19)) | (s39 >> 19)) ^ (s39 >> 10));
+ s42 = s26 + s35 + (((s27 << 25) | (s27 >> 7)) ^ ((s27 << 14) | (s27 >> 18)) ^ (s27 >> 3)) + (((s40 << 15) | (s40 >> 17)) ^ ((s40 << (32- 19)) | (s40 >> 19)) ^ (s40 >> 10));
+ s43 = s27 + s36 + (((s28 << 25) | (s28 >> 7)) ^ ((s28 << 14) | (s28 >> 18)) ^ (s28 >> 3)) + (((s41 << 15) | (s41 >> 17)) ^ ((s41 << (32- 19)) | (s41 >> 19)) ^ (s41 >> 10));
+ s44 = s28 + s37 + (((s29 << 25) | (s29 >> 7)) ^ ((s29 << 14) | (s29 >> 18)) ^ (s29 >> 3)) + (((s42 << 15) | (s42 >> 17)) ^ ((s42 << (32- 19)) | (s42 >> 19)) ^ (s42 >> 10));
+ s45 = s29 + s38 + (((s30 << 25) | (s30 >> 7)) ^ ((s30 << 14) | (s30 >> 18)) ^ (s30 >> 3)) + (((s43 << 15) | (s43 >> 17)) ^ ((s43 << (32- 19)) | (s43 >> 19)) ^ (s43 >> 10));
+ s46 = s30 + s39 + (((s31 << 25) | (s31 >> 7)) ^ ((s31 << 14) | (s31 >> 18)) ^ (s31 >> 3)) + (((s44 << 15) | (s44 >> 17)) ^ ((s44 << (32- 19)) | (s44 >> 19)) ^ (s44 >> 10));
+ s47 = s31 + s40 + (((s32 << 25) | (s32 >> 7)) ^ ((s32 << 14) | (s32 >> 18)) ^ (s32 >> 3)) + (((s45 << 15) | (s45 >> 17)) ^ ((s45 << (32- 19)) | (s45 >> 19)) ^ (s45 >> 10));
+ s48 = s32 + s41 + (((s33 << 25) | (s33 >> 7)) ^ ((s33 << 14) | (s33 >> 18)) ^ (s33 >> 3)) + (((s46 << 15) | (s46 >> 17)) ^ ((s46 << (32- 19)) | (s46 >> 19)) ^ (s46 >> 10));
+ s49 = s33 + s42 + (((s34 << 25) | (s34 >> 7)) ^ ((s34 << 14) | (s34 >> 18)) ^ (s34 >> 3)) + (((s47 << 15) | (s47 >> 17)) ^ ((s47 << (32- 19)) | (s47 >> 19)) ^ (s47 >> 10));
+ s50 = s34 + s43 + (((s35 << 25) | (s35 >> 7)) ^ ((s35 << 14) | (s35 >> 18)) ^ (s35 >> 3)) + (((s48 << 15) | (s48 >> 17)) ^ ((s48 << (32- 19)) | (s48 >> 19)) ^ (s48 >> 10));
+ s51 = s35 + s44 + (((s36 << 25) | (s36 >> 7)) ^ ((s36 << 14) | (s36 >> 18)) ^ (s36 >> 3)) + (((s49 << 15) | (s49 >> 17)) ^ ((s49 << (32- 19)) | (s49 >> 19)) ^ (s49 >> 10));
+ s52 = s36 + s45 + (((s37 << 25) | (s37 >> 7)) ^ ((s37 << 14) | (s37 >> 18)) ^ (s37 >> 3)) + (((s50 << 15) | (s50 >> 17)) ^ ((s50 << (32- 19)) | (s50 >> 19)) ^ (s50 >> 10));
+ s53 = s37 + s46 + (((s38 << 25) | (s38 >> 7)) ^ ((s38 << 14) | (s38 >> 18)) ^ (s38 >> 3)) + (((s51 << 15) | (s51 >> 17)) ^ ((s51 << (32- 19)) | (s51 >> 19)) ^ (s51 >> 10));
+ s54 = s38 + s47 + (((s39 << 25) | (s39 >> 7)) ^ ((s39 << 14) | (s39 >> 18)) ^ (s39 >> 3)) + (((s52 << 15) | (s52 >> 17)) ^ ((s52 << (32- 19)) | (s52 >> 19)) ^ (s52 >> 10));
+ s55 = s39 + s48 + (((s40 << 25) | (s40 >> 7)) ^ ((s40 << 14) | (s40 >> 18)) ^ (s40 >> 3)) + (((s53 << 15) | (s53 >> 17)) ^ ((s53 << (32- 19)) | (s53 >> 19)) ^ (s53 >> 10));
+ s56 = s40 + s49 + (((s41 << 25) | (s41 >> 7)) ^ ((s41 << 14) | (s41 >> 18)) ^ (s41 >> 3)) + (((s54 << 15) | (s54 >> 17)) ^ ((s54 << (32- 19)) | (s54 >> 19)) ^ (s54 >> 10));
+ s57 = s41 + s50 + (((s42 << 25) | (s42 >> 7)) ^ ((s42 << 14) | (s42 >> 18)) ^ (s42 >> 3)) + (((s55 << 15) | (s55 >> 17)) ^ ((s55 << (32- 19)) | (s55 >> 19)) ^ (s55 >> 10));
+ s58 = s42 + s51 + (((s43 << 25) | (s43 >> 7)) ^ ((s43 << 14) | (s43 >> 18)) ^ (s43 >> 3)) + (((s56 << 15) | (s56 >> 17)) ^ ((s56 << (32- 19)) | (s56 >> 19)) ^ (s56 >> 10));
+ s59 = s43 + s52 + (((s44 << 25) | (s44 >> 7)) ^ ((s44 << 14) | (s44 >> 18)) ^ (s44 >> 3)) + (((s57 << 15) | (s57 >> 17)) ^ ((s57 << (32- 19)) | (s57 >> 19)) ^ (s57 >> 10));
+ s60 = s44 + s53 + (((s45 << 25) | (s45 >> 7)) ^ ((s45 << 14) | (s45 >> 18)) ^ (s45 >> 3)) + (((s58 << 15) | (s58 >> 17)) ^ ((s58 << (32- 19)) | (s58 >> 19)) ^ (s58 >> 10));
+ s61 = s45 + s54 + (((s46 << 25) | (s46 >> 7)) ^ ((s46 << 14) | (s46 >> 18)) ^ (s46 >> 3)) + (((s59 << 15) | (s59 >> 17)) ^ ((s59 << (32- 19)) | (s59 >> 19)) ^ (s59 >> 10));
+ s62 = s46 + s55 + (((s47 << 25) | (s47 >> 7)) ^ ((s47 << 14) | (s47 >> 18)) ^ (s47 >> 3)) + (((s60 << 15) | (s60 >> 17)) ^ ((s60 << (32- 19)) | (s60 >> 19)) ^ (s60 >> 10));
+ s63 = s47 + s56 + (((s48 << 25) | (s48 >> 7)) ^ ((s48 << 14) | (s48 >> 18)) ^ (s48 >> 3)) + (((s61 << 15) | (s61 >> 17)) ^ ((s61 << (32- 19)) | (s61 >> 19)) ^ (s61 >> 10));
+
+
+ h += (((e << 26) | (e >> 6)) ^ ((e << 21) | (e >> 11)) ^ ((e << 7) | (e >> 25))) + (g ^ (e & (f ^ g))) + 0x428a2f98 + s00;
+ d += h; h += (((a << 30) | (a >> 2)) ^ ((a << 19) | (a >> 13)) ^ ((a << 10) | (a >> 22))) + ((a & (b | c)) | (b & c));
+ g += (((d << 26) | (d >> 6)) ^ ((d << 21) | (d >> 11)) ^ ((d << 7) | (d >> 25))) + (f ^ (d & (e ^ f))) + 0x71374491 + s01;
+ c += g; g += (((h << 30) | (h >> 2)) ^ ((h << 19) | (h >> 13)) ^ ((h << 10) | (h >> 22))) + ((h & (a | b)) | (a & b));
+ f += (((c << 26) | (c >> 6)) ^ ((c << 21) | (c >> 11)) ^ ((c << 7) | (c >> 25))) + (e ^ (c & (d ^ e))) + 0xb5c0fbcf + s02;
+ b += f; f += (((g << 30) | (g >> 2)) ^ ((g << 19) | (g >> 13)) ^ ((g << 10) | (g >> 22))) + ((g & (h | a)) | (h & a));
+ e += (((b << 26) | (b >> 6)) ^ ((b << 21) | (b >> 11)) ^ ((b << 7) | (b >> 25))) + (d ^ (b & (c ^ d))) + 0xe9b5dba5 + s03;
+ a += e; e += (((f << 30) | (f >> 2)) ^ ((f << 19) | (f >> 13)) ^ ((f << 10) | (f >> 22))) + ((f & (g | h)) | (g & h));
+ d += (((a << 26) | (a >> 6)) ^ ((a << 21) | (a >> 11)) ^ ((a << 7) | (a >> 25))) + (c ^ (a & (b ^ c))) + 0x3956c25b + s04;
+ h += d; d += (((e << 30) | (e >> 2)) ^ ((e << 19) | (e >> 13)) ^ ((e << 10) | (e >> 22))) + ((e & (f | g)) | (f & g));
+ c += (((h << 26) | (h >> 6)) ^ ((h << 21) | (h >> 11)) ^ ((h << 7) | (h >> 25))) + (b ^ (h & (a ^ b))) + 0x59f111f1 + s05;
+ g += c; c += (((d << 30) | (d >> 2)) ^ ((d << 19) | (d >> 13)) ^ ((d << 10) | (d >> 22))) + ((d & (e | f)) | (e & f));
+ b += (((g << 26) | (g >> 6)) ^ ((g << 21) | (g >> 11)) ^ ((g << 7) | (g >> 25))) + (a ^ (g & (h ^ a))) + 0x923f82a4 + s06;
+ f += b; b += (((c << 30) | (c >> 2)) ^ ((c << 19) | (c >> 13)) ^ ((c << 10) | (c >> 22))) + ((c & (d | e)) | (d & e));
+ a += (((f << 26) | (f >> 6)) ^ ((f << 21) | (f >> 11)) ^ ((f << 7) | (f >> 25))) + (h ^ (f & (g ^ h))) + 0xab1c5ed5 + s07;
+ e += a; a += (((b << 30) | (b >> 2)) ^ ((b << 19) | (b >> 13)) ^ ((b << 10) | (b >> 22))) + ((b & (c | d)) | (c & d));
+ h += (((e << 26) | (e >> 6)) ^ ((e << 21) | (e >> 11)) ^ ((e << 7) | (e >> 25))) + (g ^ (e & (f ^ g))) + 0xd807aa98 + s08;
+ d += h; h += (((a << 30) | (a >> 2)) ^ ((a << 19) | (a >> 13)) ^ ((a << 10) | (a >> 22))) + ((a & (b | c)) | (b & c));
+ g += (((d << 26) | (d >> 6)) ^ ((d << 21) | (d >> 11)) ^ ((d << 7) | (d >> 25))) + (f ^ (d & (e ^ f))) + 0x12835b01 + s09;
+ c += g; g += (((h << 30) | (h >> 2)) ^ ((h << 19) | (h >> 13)) ^ ((h << 10) | (h >> 22))) + ((h & (a | b)) | (a & b));
+ f += (((c << 26) | (c >> 6)) ^ ((c << 21) | (c >> 11)) ^ ((c << 7) | (c >> 25))) + (e ^ (c & (d ^ e))) + 0x243185be + s10;
+ b += f; f += (((g << 30) | (g >> 2)) ^ ((g << 19) | (g >> 13)) ^ ((g << 10) | (g >> 22))) + ((g & (h | a)) | (h & a));
+ e += (((b << 26) | (b >> 6)) ^ ((b << 21) | (b >> 11)) ^ ((b << 7) | (b >> 25))) + (d ^ (b & (c ^ d))) + 0x550c7dc3 + s11;
+ a += e; e += (((f << 30) | (f >> 2)) ^ ((f << 19) | (f >> 13)) ^ ((f << 10) | (f >> 22))) + ((f & (g | h)) | (g & h));
+ d += (((a << 26) | (a >> 6)) ^ ((a << 21) | (a >> 11)) ^ ((a << 7) | (a >> 25))) + (c ^ (a & (b ^ c))) + 0x72be5d74 + s12;
+ h += d; d += (((e << 30) | (e >> 2)) ^ ((e << 19) | (e >> 13)) ^ ((e << 10) | (e >> 22))) + ((e & (f | g)) | (f & g));
+ c += (((h << 26) | (h >> 6)) ^ ((h << 21) | (h >> 11)) ^ ((h << 7) | (h >> 25))) + (b ^ (h & (a ^ b))) + 0x80deb1fe + s13;
+ g += c; c += (((d << 30) | (d >> 2)) ^ ((d << 19) | (d >> 13)) ^ ((d << 10) | (d >> 22))) + ((d & (e | f)) | (e & f));
+ b += (((g << 26) | (g >> 6)) ^ ((g << 21) | (g >> 11)) ^ ((g << 7) | (g >> 25))) + (a ^ (g & (h ^ a))) + 0x9bdc06a7 + s14;
+ f += b; b += (((c << 30) | (c >> 2)) ^ ((c << 19) | (c >> 13)) ^ ((c << 10) | (c >> 22))) + ((c & (d | e)) | (d & e));
+ a += (((f << 26) | (f >> 6)) ^ ((f << 21) | (f >> 11)) ^ ((f << 7) | (f >> 25))) + (h ^ (f & (g ^ h))) + 0xc19bf174 + s15;
+ e += a; a += (((b << 30) | (b >> 2)) ^ ((b << 19) | (b >> 13)) ^ ((b << 10) | (b >> 22))) + ((b & (c | d)) | (c & d));
+ h += (((e << 26) | (e >> 6)) ^ ((e << 21) | (e >> 11)) ^ ((e << 7) | (e >> 25))) + (g ^ (e & (f ^ g))) + 0xe49b69c1 + s16;
+ d += h; h += (((a << 30) | (a >> 2)) ^ ((a << 19) | (a >> 13)) ^ ((a << 10) | (a >> 22))) + ((a & (b | c)) | (b & c));
+ g += (((d << 26) | (d >> 6)) ^ ((d << 21) | (d >> 11)) ^ ((d << 7) | (d >> 25))) + (f ^ (d & (e ^ f))) + 0xefbe4786 + s17;
+ c += g; g += (((h << 30) | (h >> 2)) ^ ((h << 19) | (h >> 13)) ^ ((h << 10) | (h >> 22))) + ((h & (a | b)) | (a & b));
+ f += (((c << 26) | (c >> 6)) ^ ((c << 21) | (c >> 11)) ^ ((c << 7) | (c >> 25))) + (e ^ (c & (d ^ e))) + 0x0fc19dc6 + s18;
+ b += f; f += (((g << 30) | (g >> 2)) ^ ((g << 19) | (g >> 13)) ^ ((g << 10) | (g >> 22))) + ((g & (h | a)) | (h & a));
+ e += (((b << 26) | (b >> 6)) ^ ((b << 21) | (b >> 11)) ^ ((b << 7) | (b >> 25))) + (d ^ (b & (c ^ d))) + 0x240ca1cc + s19;
+ a += e; e += (((f << 30) | (f >> 2)) ^ ((f << 19) | (f >> 13)) ^ ((f << 10) | (f >> 22))) + ((f & (g | h)) | (g & h));
+ d += (((a << 26) | (a >> 6)) ^ ((a << 21) | (a >> 11)) ^ ((a << 7) | (a >> 25))) + (c ^ (a & (b ^ c))) + 0x2de92c6f + s20;
+ h += d; d += (((e << 30) | (e >> 2)) ^ ((e << 19) | (e >> 13)) ^ ((e << 10) | (e >> 22))) + ((e & (f | g)) | (f & g));
+ c += (((h << 26) | (h >> 6)) ^ ((h << 21) | (h >> 11)) ^ ((h << 7) | (h >> 25))) + (b ^ (h & (a ^ b))) + 0x4a7484aa + s21;
+ g += c; c += (((d << 30) | (d >> 2)) ^ ((d << 19) | (d >> 13)) ^ ((d << 10) | (d >> 22))) + ((d & (e | f)) | (e & f));
+ b += (((g << 26) | (g >> 6)) ^ ((g << 21) | (g >> 11)) ^ ((g << 7) | (g >> 25))) + (a ^ (g & (h ^ a))) + 0x5cb0a9dc + s22;
+ f += b; b += (((c << 30) | (c >> 2)) ^ ((c << 19) | (c >> 13)) ^ ((c << 10) | (c >> 22))) + ((c & (d | e)) | (d & e));
+ a += (((f << 26) | (f >> 6)) ^ ((f << 21) | (f >> 11)) ^ ((f << 7) | (f >> 25))) + (h ^ (f & (g ^ h))) + 0x76f988da + s23;
+ e += a; a += (((b << 30) | (b >> 2)) ^ ((b << 19) | (b >> 13)) ^ ((b << 10) | (b >> 22))) + ((b & (c | d)) | (c & d));
+ h += (((e << 26) | (e >> 6)) ^ ((e << 21) | (e >> 11)) ^ ((e << 7) | (e >> 25))) + (g ^ (e & (f ^ g))) + 0x983e5152 + s24;
+ d += h; h += (((a << 30) | (a >> 2)) ^ ((a << 19) | (a >> 13)) ^ ((a << 10) | (a >> 22))) + ((a & (b | c)) | (b & c));
+ g += (((d << 26) | (d >> 6)) ^ ((d << 21) | (d >> 11)) ^ ((d << 7) | (d >> 25))) + (f ^ (d & (e ^ f))) + 0xa831c66d + s25;
+ c += g; g += (((h << 30) | (h >> 2)) ^ ((h << 19) | (h >> 13)) ^ ((h << 10) | (h >> 22))) + ((h & (a | b)) | (a & b));
+ f += (((c << 26) | (c >> 6)) ^ ((c << 21) | (c >> 11)) ^ ((c << 7) | (c >> 25))) + (e ^ (c & (d ^ e))) + 0xb00327c8 + s26;
+ b += f; f += (((g << 30) | (g >> 2)) ^ ((g << 19) | (g >> 13)) ^ ((g << 10) | (g >> 22))) + ((g & (h | a)) | (h & a));
+ e += (((b << 26) | (b >> 6)) ^ ((b << 21) | (b >> 11)) ^ ((b << 7) | (b >> 25))) + (d ^ (b & (c ^ d))) + 0xbf597fc7 + s27;
+ a += e; e += (((f << 30) | (f >> 2)) ^ ((f << 19) | (f >> 13)) ^ ((f << 10) | (f >> 22))) + ((f & (g | h)) | (g & h));
+ d += (((a << 26) | (a >> 6)) ^ ((a << 21) | (a >> 11)) ^ ((a << 7) | (a >> 25))) + (c ^ (a & (b ^ c))) + 0xc6e00bf3 + s28;
+ h += d; d += (((e << 30) | (e >> 2)) ^ ((e << 19) | (e >> 13)) ^ ((e << 10) | (e >> 22))) + ((e & (f | g)) | (f & g));
+ c += (((h << 26) | (h >> 6)) ^ ((h << 21) | (h >> 11)) ^ ((h << 7) | (h >> 25))) + (b ^ (h & (a ^ b))) + 0xd5a79147 + s29;
+ g += c; c += (((d << 30) | (d >> 2)) ^ ((d << 19) | (d >> 13)) ^ ((d << 10) | (d >> 22))) + ((d & (e | f)) | (e & f));
+ b += (((g << 26) | (g >> 6)) ^ ((g << 21) | (g >> 11)) ^ ((g << 7) | (g >> 25))) + (a ^ (g & (h ^ a))) + 0x06ca6351 + s30;
+ f += b; b += (((c << 30) | (c >> 2)) ^ ((c << 19) | (c >> 13)) ^ ((c << 10) | (c >> 22))) + ((c & (d | e)) | (d & e));
+ a += (((f << 26) | (f >> 6)) ^ ((f << 21) | (f >> 11)) ^ ((f << 7) | (f >> 25))) + (h ^ (f & (g ^ h))) + 0x14292967 + s31;
+ e += a; a += (((b << 30) | (b >> 2)) ^ ((b << 19) | (b >> 13)) ^ ((b << 10) | (b >> 22))) + ((b & (c | d)) | (c & d));
+ h += (((e << 26) | (e >> 6)) ^ ((e << 21) | (e >> 11)) ^ ((e << 7) | (e >> 25))) + (g ^ (e & (f ^ g))) + 0x27b70a85 + s32;
+ d += h; h += (((a << 30) | (a >> 2)) ^ ((a << 19) | (a >> 13)) ^ ((a << 10) | (a >> 22))) + ((a & (b | c)) | (b & c));
+ g += (((d << 26) | (d >> 6)) ^ ((d << 21) | (d >> 11)) ^ ((d << 7) | (d >> 25))) + (f ^ (d & (e ^ f))) + 0x2e1b2138 + s33;
+ c += g; g += (((h << 30) | (h >> 2)) ^ ((h << 19) | (h >> 13)) ^ ((h << 10) | (h >> 22))) + ((h & (a | b)) | (a & b));
+ f += (((c << 26) | (c >> 6)) ^ ((c << 21) | (c >> 11)) ^ ((c << 7) | (c >> 25))) + (e ^ (c & (d ^ e))) + 0x4d2c6dfc + s34;
+ b += f; f += (((g << 30) | (g >> 2)) ^ ((g << 19) | (g >> 13)) ^ ((g << 10) | (g >> 22))) + ((g & (h | a)) | (h & a));
+ e += (((b << 26) | (b >> 6)) ^ ((b << 21) | (b >> 11)) ^ ((b << 7) | (b >> 25))) + (d ^ (b & (c ^ d))) + 0x53380d13 + s35;
+ a += e; e += (((f << 30) | (f >> 2)) ^ ((f << 19) | (f >> 13)) ^ ((f << 10) | (f >> 22))) + ((f & (g | h)) | (g & h));
+ d += (((a << 26) | (a >> 6)) ^ ((a << 21) | (a >> 11)) ^ ((a << 7) | (a >> 25))) + (c ^ (a & (b ^ c))) + 0x650a7354 + s36;
+ h += d; d += (((e << 30) | (e >> 2)) ^ ((e << 19) | (e >> 13)) ^ ((e << 10) | (e >> 22))) + ((e & (f | g)) | (f & g));
+ c += (((h << 26) | (h >> 6)) ^ ((h << 21) | (h >> 11)) ^ ((h << 7) | (h >> 25))) + (b ^ (h & (a ^ b))) + 0x766a0abb + s37;
+ g += c; c += (((d << 30) | (d >> 2)) ^ ((d << 19) | (d >> 13)) ^ ((d << 10) | (d >> 22))) + ((d & (e | f)) | (e & f));
+ b += (((g << 26) | (g >> 6)) ^ ((g << 21) | (g >> 11)) ^ ((g << 7) | (g >> 25))) + (a ^ (g & (h ^ a))) + 0x81c2c92e + s38;
+ f += b; b += (((c << 30) | (c >> 2)) ^ ((c << 19) | (c >> 13)) ^ ((c << 10) | (c >> 22))) + ((c & (d | e)) | (d & e));
+ a += (((f << 26) | (f >> 6)) ^ ((f << 21) | (f >> 11)) ^ ((f << 7) | (f >> 25))) + (h ^ (f & (g ^ h))) + 0x92722c85 + s39;
+ e += a; a += (((b << 30) | (b >> 2)) ^ ((b << 19) | (b >> 13)) ^ ((b << 10) | (b >> 22))) + ((b & (c | d)) | (c & d));
+ h += (((e << 26) | (e >> 6)) ^ ((e << 21) | (e >> 11)) ^ ((e << 7) | (e >> 25))) + (g ^ (e & (f ^ g))) + 0xa2bfe8a1 + s40;
+ d += h; h += (((a << 30) | (a >> 2)) ^ ((a << 19) | (a >> 13)) ^ ((a << 10) | (a >> 22))) + ((a & (b | c)) | (b & c));
+ g += (((d << 26) | (d >> 6)) ^ ((d << 21) | (d >> 11)) ^ ((d << 7) | (d >> 25))) + (f ^ (d & (e ^ f))) + 0xa81a664b + s41;
+ c += g; g += (((h << 30) | (h >> 2)) ^ ((h << 19) | (h >> 13)) ^ ((h << 10) | (h >> 22))) + ((h & (a | b)) | (a & b));
+ f += (((c << 26) | (c >> 6)) ^ ((c << 21) | (c >> 11)) ^ ((c << 7) | (c >> 25))) + (e ^ (c & (d ^ e))) + 0xc24b8b70 + s42;
+ b += f; f += (((g << 30) | (g >> 2)) ^ ((g << 19) | (g >> 13)) ^ ((g << 10) | (g >> 22))) + ((g & (h | a)) | (h & a));
+ e += (((b << 26) | (b >> 6)) ^ ((b << 21) | (b >> 11)) ^ ((b << 7) | (b >> 25))) + (d ^ (b & (c ^ d))) + 0xc76c51a3 + s43;
+ a += e; e += (((f << 30) | (f >> 2)) ^ ((f << 19) | (f >> 13)) ^ ((f << 10) | (f >> 22))) + ((f & (g | h)) | (g & h));
+ d += (((a << 26) | (a >> 6)) ^ ((a << 21) | (a >> 11)) ^ ((a << 7) | (a >> 25))) + (c ^ (a & (b ^ c))) + 0xd192e819 + s44;
+ h += d; d += (((e << 30) | (e >> 2)) ^ ((e << 19) | (e >> 13)) ^ ((e << 10) | (e >> 22))) + ((e & (f | g)) | (f & g));
+ c += (((h << 26) | (h >> 6)) ^ ((h << 21) | (h >> 11)) ^ ((h << 7) | (h >> 25))) + (b ^ (h & (a ^ b))) + 0xd6990624 + s45;
+ g += c; c += (((d << 30) | (d >> 2)) ^ ((d << 19) | (d >> 13)) ^ ((d << 10) | (d >> 22))) + ((d & (e | f)) | (e & f));
+ b += (((g << 26) | (g >> 6)) ^ ((g << 21) | (g >> 11)) ^ ((g << 7) | (g >> 25))) + (a ^ (g & (h ^ a))) + 0xf40e3585 + s46;
+ f += b; b += (((c << 30) | (c >> 2)) ^ ((c << 19) | (c >> 13)) ^ ((c << 10) | (c >> 22))) + ((c & (d | e)) | (d & e));
+ a += (((f << 26) | (f >> 6)) ^ ((f << 21) | (f >> 11)) ^ ((f << 7) | (f >> 25))) + (h ^ (f & (g ^ h))) + 0x106aa070 + s47;
+ e += a; a += (((b << 30) | (b >> 2)) ^ ((b << 19) | (b >> 13)) ^ ((b << 10) | (b >> 22))) + ((b & (c | d)) | (c & d));
+ h += (((e << 26) | (e >> 6)) ^ ((e << 21) | (e >> 11)) ^ ((e << 7) | (e >> 25))) + (g ^ (e & (f ^ g))) + 0x19a4c116 + s48;
+ d += h; h += (((a << 30) | (a >> 2)) ^ ((a << 19) | (a >> 13)) ^ ((a << 10) | (a >> 22))) + ((a & (b | c)) | (b & c));
+ g += (((d << 26) | (d >> 6)) ^ ((d << 21) | (d >> 11)) ^ ((d << 7) | (d >> 25))) + (f ^ (d & (e ^ f))) + 0x1e376c08 + s49;
+ c += g; g += (((h << 30) | (h >> 2)) ^ ((h << 19) | (h >> 13)) ^ ((h << 10) | (h >> 22))) + ((h & (a | b)) | (a & b));
+ f += (((c << 26) | (c >> 6)) ^ ((c << 21) | (c >> 11)) ^ ((c << 7) | (c >> 25))) + (e ^ (c & (d ^ e))) + 0x2748774c + s50;
+ b += f; f += (((g << 30) | (g >> 2)) ^ ((g << 19) | (g >> 13)) ^ ((g << 10) | (g >> 22))) + ((g & (h | a)) | (h & a));
+ e += (((b << 26) | (b >> 6)) ^ ((b << 21) | (b >> 11)) ^ ((b << 7) | (b >> 25))) + (d ^ (b & (c ^ d))) + 0x34b0bcb5 + s51;
+ a += e; e += (((f << 30) | (f >> 2)) ^ ((f << 19) | (f >> 13)) ^ ((f << 10) | (f >> 22))) + ((f & (g | h)) | (g & h));
+ d += (((a << 26) | (a >> 6)) ^ ((a << 21) | (a >> 11)) ^ ((a << 7) | (a >> 25))) + (c ^ (a & (b ^ c))) + 0x391c0cb3 + s52;
+ h += d; d += (((e << 30) | (e >> 2)) ^ ((e << 19) | (e >> 13)) ^ ((e << 10) | (e >> 22))) + ((e & (f | g)) | (f & g));
+ c += (((h << 26) | (h >> 6)) ^ ((h << 21) | (h >> 11)) ^ ((h << 7) | (h >> 25))) + (b ^ (h & (a ^ b))) + 0x4ed8aa4a + s53;
+ g += c; c += (((d << 30) | (d >> 2)) ^ ((d << 19) | (d >> 13)) ^ ((d << 10) | (d >> 22))) + ((d & (e | f)) | (e & f));
+ b += (((g << 26) | (g >> 6)) ^ ((g << 21) | (g >> 11)) ^ ((g << 7) | (g >> 25))) + (a ^ (g & (h ^ a))) + 0x5b9cca4f + s54;
+ f += b; b += (((c << 30) | (c >> 2)) ^ ((c << 19) | (c >> 13)) ^ ((c << 10) | (c >> 22))) + ((c & (d | e)) | (d & e));
+ a += (((f << 26) | (f >> 6)) ^ ((f << 21) | (f >> 11)) ^ ((f << 7) | (f >> 25))) + (h ^ (f & (g ^ h))) + 0x682e6ff3 + s55;
+ e += a; a += (((b << 30) | (b >> 2)) ^ ((b << 19) | (b >> 13)) ^ ((b << 10) | (b >> 22))) + ((b & (c | d)) | (c & d));
+ h += (((e << 26) | (e >> 6)) ^ ((e << 21) | (e >> 11)) ^ ((e << 7) | (e >> 25))) + (g ^ (e & (f ^ g))) + 0x748f82ee + s56;
+ d += h; h += (((a << 30) | (a >> 2)) ^ ((a << 19) | (a >> 13)) ^ ((a << 10) | (a >> 22))) + ((a & (b | c)) | (b & c));
+ g += (((d << 26) | (d >> 6)) ^ ((d << 21) | (d >> 11)) ^ ((d << 7) | (d >> 25))) + (f ^ (d & (e ^ f))) + 0x78a5636f + s57;
+ c += g; g += (((h << 30) | (h >> 2)) ^ ((h << 19) | (h >> 13)) ^ ((h << 10) | (h >> 22))) + ((h & (a | b)) | (a & b));
+ f += (((c << 26) | (c >> 6)) ^ ((c << 21) | (c >> 11)) ^ ((c << 7) | (c >> 25))) + (e ^ (c & (d ^ e))) + 0x84c87814 + s58;
+ b += f; f += (((g << 30) | (g >> 2)) ^ ((g << 19) | (g >> 13)) ^ ((g << 10) | (g >> 22))) + ((g & (h | a)) | (h & a));
+ e += (((b << 26) | (b >> 6)) ^ ((b << 21) | (b >> 11)) ^ ((b << 7) | (b >> 25))) + (d ^ (b & (c ^ d))) + 0x8cc70208 + s59;
+ a += e; e += (((f << 30) | (f >> 2)) ^ ((f << 19) | (f >> 13)) ^ ((f << 10) | (f >> 22))) + ((f & (g | h)) | (g & h));
+ d += (((a << 26) | (a >> 6)) ^ ((a << 21) | (a >> 11)) ^ ((a << 7) | (a >> 25))) + (c ^ (a & (b ^ c))) + 0x90befffa + s60;
+ h += d; d += (((e << 30) | (e >> 2)) ^ ((e << 19) | (e >> 13)) ^ ((e << 10) | (e >> 22))) + ((e & (f | g)) | (f & g));
+ c += (((h << 26) | (h >> 6)) ^ ((h << 21) | (h >> 11)) ^ ((h << 7) | (h >> 25))) + (b ^ (h & (a ^ b))) + 0xa4506ceb + s61;
+ g += c; c += (((d << 30) | (d >> 2)) ^ ((d << 19) | (d >> 13)) ^ ((d << 10) | (d >> 22))) + ((d & (e | f)) | (e & f));
+ b += (((g << 26) | (g >> 6)) ^ ((g << 21) | (g >> 11)) ^ ((g << 7) | (g >> 25))) + (a ^ (g & (h ^ a))) + 0xbef9a3f7 + s62;
+ f += b; b += (((c << 30) | (c >> 2)) ^ ((c << 19) | (c >> 13)) ^ ((c << 10) | (c >> 22))) + ((c & (d | e)) | (d & e));
+ a += (((f << 26) | (f >> 6)) ^ ((f << 21) | (f >> 11)) ^ ((f << 7) | (f >> 25))) + (h ^ (f & (g ^ h))) + 0xc67178f2 + s63;
+ e += a; a += (((b << 30) | (b >> 2)) ^ ((b << 19) | (b >> 13)) ^ ((b << 10) | (b >> 22))) + ((b & (c | d)) | (c & d));
+
+ x[0] += a
+ x[1] += b
+ x[2] += c
+ x[3] += d
+ x[4] += e
+ x[5] += f
+ x[6] += g
+ x[7] += h
+}
+
+const unpack = {b
+ var v : uint32
+
+ v = 0
+ v |= (b[0] : uint32) << 24
+ v |= (b[1] : uint32) << 16
+ v |= (b[2] : uint32) << 8
+ v |= (b[3] : uint32) << 0
+ -> v
+}
+
+const pack = {out, v
+ out[0] = (v >> 24 : byte)
+ out[1] = (v >> 16 : byte)
+ out[2] = (v >> 8 : byte)
+ out[3] = (v >> 0 : byte)
+}
diff --git a/lib/crypto/sha512.myr b/lib/crypto/sha512.myr
new file mode 100644
index 0000000..d9d8dd9
--- /dev/null
+++ b/lib/crypto/sha512.myr
@@ -0,0 +1,475 @@
+use std
+
+pkg crypto =
+ type sha512
+ type sha384
+
+ const sha512 : (data : byte[:] -> byte[64])
+ const sha512init : (st : sha512# -> void)
+ const sha512add : (st : sha512#, data : byte[:] -> void)
+ const sha512fin : (st : sha512# -> byte[64])
+
+ const sha384 : (data : byte[:] -> byte[48])
+ const sha384init : (st : sha384# -> void)
+ const sha384add : (st : sha384#, data : byte[:] -> void)
+ const sha384fin : (st : sha384# -> byte[48])
+;;
+
+
+type sha512 = struct
+ x : uint64[8]
+ tail : byte[128]
+ msglen : uint64
+;;
+
+type sha384 = struct
+ x : uint64[8]
+ tail : byte[128]
+ msglen : uint64
+;;
+
+const sha512 = {data
+ var st
+
+ sha512init(&st)
+ sha512add(&st, data)
+ -> sha512fin(&st)
+}
+
+const sha512init = {st
+ st.x[0] = 0x6a09e667f3bcc908ul
+ st.x[1] = 0xbb67ae8584caa73bul
+ st.x[2] = 0x3c6ef372fe94f82bul
+ st.x[3] = 0xa54ff53a5f1d36f1ul
+ st.x[4] = 0x510e527fade682d1ul
+ st.x[5] = 0x9b05688c2b3e6c1ful
+ st.x[6] = 0x1f83d9abfb41bd6bul
+ st.x[7] = 0x5be0cd19137e2179ul
+ st.msglen = 0
+}
+
+const sha512add = {st, data
+ var n, ntail
+
+ ntail = st.msglen % 128
+ st.msglen += data.len
+ if ntail > 0
+ n = std.min(128 - ntail, data.len)
+ std.slcp(st.tail[ntail:ntail+n], data[:n])
+ data = data[n:]
+ if n + ntail < 128
+ -> void
+ ;;
+ step(st.x[:], st.tail[:])
+ ;;
+
+ while data.len >= 128
+ step(st.x[:], data[:128])
+ data = data[128:]
+ ;;
+
+ ntail = st.msglen % 128
+ std.slcp(st.tail[:ntail], data)
+}
+
+const sha512fin = {st
+ var r : byte[64]
+
+ tail(st.x[:], st.msglen, st.tail[:])
+
+ pack(r[ 0: 8], st.x[0])
+ pack(r[ 8:16], st.x[1])
+ pack(r[16:24], st.x[2])
+ pack(r[24:32], st.x[3])
+ pack(r[32:40], st.x[4])
+ pack(r[40:48], st.x[5])
+ pack(r[48:56], st.x[6])
+ pack(r[56:64], st.x[7])
+ -> r
+}
+
+const sha384 = {data
+ var st
+
+ sha384init(&st)
+ sha384add(&st, data)
+ -> sha384fin(&st)
+}
+
+const sha384init = {st
+ st.x[0] = 0xCBBB9D5DC1059ED8ul
+ st.x[1] = 0x629A292A367CD507ul
+ st.x[2] = 0x9159015A3070DD17ul
+ st.x[3] = 0x152FECD8F70E5939ul
+ st.x[4] = 0x67332667FFC00B31ul
+ st.x[5] = 0x8EB44A8768581511ul
+ st.x[6] = 0xDB0C2E0D64F98FA7ul
+ st.x[7] = 0x47B5481DBEFA4FA4ul
+ st.msglen = 0
+}
+
+const sha384add = {st, data
+ var n, ntail
+
+ ntail = st.msglen % 128
+ st.msglen += data.len
+ if ntail > 0
+ n = std.min(128 - ntail, data.len)
+ std.slcp(st.tail[ntail:ntail+n], data[:n])
+ data = data[n:]
+ if n + ntail < 128
+ -> void
+ ;;
+ step(st.x[:], st.tail[:])
+ ;;
+
+ while data.len >= 128
+ step(st.x[:], data[:128])
+ data = data[128:]
+ ;;
+
+ ntail = st.msglen % 128
+ std.slcp(st.tail[:ntail], data)
+}
+
+const sha384fin = {st
+ var r : byte[48]
+
+ tail(st.x[:], st.msglen, st.tail[:])
+
+ pack(r[ 0: 8], st.x[0])
+ pack(r[ 8:16], st.x[1])
+ pack(r[16:24], st.x[2])
+ pack(r[24:32], st.x[3])
+ pack(r[32:40], st.x[4])
+ pack(r[40:48], st.x[5])
+ -> r
+}
+
+
+const tail = {x, msglen, tail
+ var ntail
+
+ /* append first padding block */
+ ntail = msglen % 128
+ tail[ntail++] = 0x80
+ std.slfill(tail[ntail:], 0)
+ if 128 - ntail < 16
+ step(x, tail)
+ std.slfill(tail, 0)
+ ;;
+
+ /* append size block */
+ tail[120] = ((msglen * 8) >> 56 : byte)
+ tail[121] = ((msglen * 8) >> 48 : byte)
+ tail[122] = ((msglen * 8) >> 40 : byte)
+ tail[123] = ((msglen * 8) >> 32 : byte)
+ tail[124] = ((msglen * 8) >> 24 : byte)
+ tail[125] = ((msglen * 8) >> 16 : byte)
+ tail[126] = ((msglen * 8) >> 8 : byte)
+ tail[127] = ((msglen * 8) >> 0 : byte)
+ step(x, tail)
+}
+
+const step = {x : uint64[:], msg
+ var a, b, c, d, e, f, g, h
+ var s00, s01, s02, s03, s04, s05, s06, s07
+ var s08, s09, s10, s11, s12, s13, s14, s15
+ var s16, s17, s18, s19, s20, s21, s22, s23
+ var s24, s25, s26, s27, s28, s29, s30, s31
+ var s32, s33, s34, s35, s36, s37, s38, s39
+ var s40, s41, s42, s43, s44, s45, s46, s47
+ var s48, s49, s50, s51, s52, s53, s54, s55
+ var s56, s57, s58, s59, s60, s61, s62, s63
+ var s64, s65, s66, s67, s68, s69, s70, s71
+ var s72, s73, s74, s75, s76, s77, s78, s79
+
+ a = x[0]
+ b = x[1]
+ c = x[2]
+ d = x[3]
+ e = x[4]
+ f = x[5]
+ g = x[6]
+ h = x[7]
+
+ s00 = unpack(msg[ 0: 8])
+ s01 = unpack(msg[ 8: 16])
+ s02 = unpack(msg[ 16: 24])
+ s03 = unpack(msg[ 24: 32])
+ s04 = unpack(msg[ 32: 40])
+ s05 = unpack(msg[ 40: 48])
+ s06 = unpack(msg[ 48: 56])
+ s07 = unpack(msg[ 56: 64])
+ s08 = unpack(msg[ 64: 72])
+ s09 = unpack(msg[ 72: 80])
+ s10 = unpack(msg[ 80: 88])
+ s11 = unpack(msg[ 88: 96])
+ s12 = unpack(msg[ 96:104])
+ s13 = unpack(msg[104:112])
+ s14 = unpack(msg[112:120])
+ s15 = unpack(msg[120:128])
+
+ s16 = s00 + s09 + (((s01 << 63) | (s01 >> 1))^((s01 << 56) | (s01 >> 8))^(s01 >> 7)) + (((s14 << 45) | (s14 >> 19))^((s14 << 3) | (s14 >> 61))^(s14 >> 6))
+ s17 = s01 + s10 + (((s02 << 63) | (s02 >> 1))^((s02 << 56) | (s02 >> 8))^(s02 >> 7)) + (((s15 << 45) | (s15 >> 19))^((s15 << 3) | (s15 >> 61))^(s15 >> 6))
+ s18 = s02 + s11 + (((s03 << 63) | (s03 >> 1))^((s03 << 56) | (s03 >> 8))^(s03 >> 7)) + (((s16 << 45) | (s16 >> 19))^((s16 << 3) | (s16 >> 61))^(s16 >> 6))
+ s19 = s03 + s12 + (((s04 << 63) | (s04 >> 1))^((s04 << 56) | (s04 >> 8))^(s04 >> 7)) + (((s17 << 45) | (s17 >> 19))^((s17 << 3) | (s17 >> 61))^(s17 >> 6))
+ s20 = s04 + s13 + (((s05 << 63) | (s05 >> 1))^((s05 << 56) | (s05 >> 8))^(s05 >> 7)) + (((s18 << 45) | (s18 >> 19))^((s18 << 3) | (s18 >> 61))^(s18 >> 6))
+ s21 = s05 + s14 + (((s06 << 63) | (s06 >> 1))^((s06 << 56) | (s06 >> 8))^(s06 >> 7)) + (((s19 << 45) | (s19 >> 19))^((s19 << 3) | (s19 >> 61))^(s19 >> 6))
+ s22 = s06 + s15 + (((s07 << 63) | (s07 >> 1))^((s07 << 56) | (s07 >> 8))^(s07 >> 7)) + (((s20 << 45) | (s20 >> 19))^((s20 << 3) | (s20 >> 61))^(s20 >> 6))
+ s23 = s07 + s16 + (((s08 << 63) | (s08 >> 1))^((s08 << 56) | (s08 >> 8))^(s08 >> 7)) + (((s21 << 45) | (s21 >> 19))^((s21 << 3) | (s21 >> 61))^(s21 >> 6))
+ s24 = s08 + s17 + (((s09 << 63) | (s09 >> 1))^((s09 << 56) | (s09 >> 8))^(s09 >> 7)) + (((s22 << 45) | (s22 >> 19))^((s22 << 3) | (s22 >> 61))^(s22 >> 6))
+ s25 = s09 + s18 + (((s10 << 63) | (s10 >> 1))^((s10 << 56) | (s10 >> 8))^(s10 >> 7)) + (((s23 << 45) | (s23 >> 19))^((s23 << 3) | (s23 >> 61))^(s23 >> 6))
+ s26 = s10 + s19 + (((s11 << 63) | (s11 >> 1))^((s11 << 56) | (s11 >> 8))^(s11 >> 7)) + (((s24 << 45) | (s24 >> 19))^((s24 << 3) | (s24 >> 61))^(s24 >> 6))
+ s27 = s11 + s20 + (((s12 << 63) | (s12 >> 1))^((s12 << 56) | (s12 >> 8))^(s12 >> 7)) + (((s25 << 45) | (s25 >> 19))^((s25 << 3) | (s25 >> 61))^(s25 >> 6))
+ s28 = s12 + s21 + (((s13 << 63) | (s13 >> 1))^((s13 << 56) | (s13 >> 8))^(s13 >> 7)) + (((s26 << 45) | (s26 >> 19))^((s26 << 3) | (s26 >> 61))^(s26 >> 6))
+ s29 = s13 + s22 + (((s14 << 63) | (s14 >> 1))^((s14 << 56) | (s14 >> 8))^(s14 >> 7)) + (((s27 << 45) | (s27 >> 19))^((s27 << 3) | (s27 >> 61))^(s27 >> 6))
+ s30 = s14 + s23 + (((s15 << 63) | (s15 >> 1))^((s15 << 56) | (s15 >> 8))^(s15 >> 7)) + (((s28 << 45) | (s28 >> 19))^((s28 << 3) | (s28 >> 61))^(s28 >> 6))
+ s31 = s15 + s24 + (((s16 << 63) | (s16 >> 1))^((s16 << 56) | (s16 >> 8))^(s16 >> 7)) + (((s29 << 45) | (s29 >> 19))^((s29 << 3) | (s29 >> 61))^(s29 >> 6))
+ s32 = s16 + s25 + (((s17 << 63) | (s17 >> 1))^((s17 << 56) | (s17 >> 8))^(s17 >> 7)) + (((s30 << 45) | (s30 >> 19))^((s30 << 3) | (s30 >> 61))^(s30 >> 6))
+ s33 = s17 + s26 + (((s18 << 63) | (s18 >> 1))^((s18 << 56) | (s18 >> 8))^(s18 >> 7)) + (((s31 << 45) | (s31 >> 19))^((s31 << 3) | (s31 >> 61))^(s31 >> 6))
+ s34 = s18 + s27 + (((s19 << 63) | (s19 >> 1))^((s19 << 56) | (s19 >> 8))^(s19 >> 7)) + (((s32 << 45) | (s32 >> 19))^((s32 << 3) | (s32 >> 61))^(s32 >> 6))
+ s35 = s19 + s28 + (((s20 << 63) | (s20 >> 1))^((s20 << 56) | (s20 >> 8))^(s20 >> 7)) + (((s33 << 45) | (s33 >> 19))^((s33 << 3) | (s33 >> 61))^(s33 >> 6))
+ s36 = s20 + s29 + (((s21 << 63) | (s21 >> 1))^((s21 << 56) | (s21 >> 8))^(s21 >> 7)) + (((s34 << 45) | (s34 >> 19))^((s34 << 3) | (s34 >> 61))^(s34 >> 6))
+ s37 = s21 + s30 + (((s22 << 63) | (s22 >> 1))^((s22 << 56) | (s22 >> 8))^(s22 >> 7)) + (((s35 << 45) | (s35 >> 19))^((s35 << 3) | (s35 >> 61))^(s35 >> 6))
+ s38 = s22 + s31 + (((s23 << 63) | (s23 >> 1))^((s23 << 56) | (s23 >> 8))^(s23 >> 7)) + (((s36 << 45) | (s36 >> 19))^((s36 << 3) | (s36 >> 61))^(s36 >> 6))
+ s39 = s23 + s32 + (((s24 << 63) | (s24 >> 1))^((s24 << 56) | (s24 >> 8))^(s24 >> 7)) + (((s37 << 45) | (s37 >> 19))^((s37 << 3) | (s37 >> 61))^(s37 >> 6))
+ s40 = s24 + s33 + (((s25 << 63) | (s25 >> 1))^((s25 << 56) | (s25 >> 8))^(s25 >> 7)) + (((s38 << 45) | (s38 >> 19))^((s38 << 3) | (s38 >> 61))^(s38 >> 6))
+ s41 = s25 + s34 + (((s26 << 63) | (s26 >> 1))^((s26 << 56) | (s26 >> 8))^(s26 >> 7)) + (((s39 << 45) | (s39 >> 19))^((s39 << 3) | (s39 >> 61))^(s39 >> 6))
+ s42 = s26 + s35 + (((s27 << 63) | (s27 >> 1))^((s27 << 56) | (s27 >> 8))^(s27 >> 7)) + (((s40 << 45) | (s40 >> 19))^((s40 << 3) | (s40 >> 61))^(s40 >> 6))
+ s43 = s27 + s36 + (((s28 << 63) | (s28 >> 1))^((s28 << 56) | (s28 >> 8))^(s28 >> 7)) + (((s41 << 45) | (s41 >> 19))^((s41 << 3) | (s41 >> 61))^(s41 >> 6))
+ s44 = s28 + s37 + (((s29 << 63) | (s29 >> 1))^((s29 << 56) | (s29 >> 8))^(s29 >> 7)) + (((s42 << 45) | (s42 >> 19))^((s42 << 3) | (s42 >> 61))^(s42 >> 6))
+ s45 = s29 + s38 + (((s30 << 63) | (s30 >> 1))^((s30 << 56) | (s30 >> 8))^(s30 >> 7)) + (((s43 << 45) | (s43 >> 19))^((s43 << 3) | (s43 >> 61))^(s43 >> 6))
+ s46 = s30 + s39 + (((s31 << 63) | (s31 >> 1))^((s31 << 56) | (s31 >> 8))^(s31 >> 7)) + (((s44 << 45) | (s44 >> 19))^((s44 << 3) | (s44 >> 61))^(s44 >> 6))
+ s47 = s31 + s40 + (((s32 << 63) | (s32 >> 1))^((s32 << 56) | (s32 >> 8))^(s32 >> 7)) + (((s45 << 45) | (s45 >> 19))^((s45 << 3) | (s45 >> 61))^(s45 >> 6))
+ s48 = s32 + s41 + (((s33 << 63) | (s33 >> 1))^((s33 << 56) | (s33 >> 8))^(s33 >> 7)) + (((s46 << 45) | (s46 >> 19))^((s46 << 3) | (s46 >> 61))^(s46 >> 6))
+ s49 = s33 + s42 + (((s34 << 63) | (s34 >> 1))^((s34 << 56) | (s34 >> 8))^(s34 >> 7)) + (((s47 << 45) | (s47 >> 19))^((s47 << 3) | (s47 >> 61))^(s47 >> 6))
+ s50 = s34 + s43 + (((s35 << 63) | (s35 >> 1))^((s35 << 56) | (s35 >> 8))^(s35 >> 7)) + (((s48 << 45) | (s48 >> 19))^((s48 << 3) | (s48 >> 61))^(s48 >> 6))
+ s51 = s35 + s44 + (((s36 << 63) | (s36 >> 1))^((s36 << 56) | (s36 >> 8))^(s36 >> 7)) + (((s49 << 45) | (s49 >> 19))^((s49 << 3) | (s49 >> 61))^(s49 >> 6))
+ s52 = s36 + s45 + (((s37 << 63) | (s37 >> 1))^((s37 << 56) | (s37 >> 8))^(s37 >> 7)) + (((s50 << 45) | (s50 >> 19))^((s50 << 3) | (s50 >> 61))^(s50 >> 6))
+ s53 = s37 + s46 + (((s38 << 63) | (s38 >> 1))^((s38 << 56) | (s38 >> 8))^(s38 >> 7)) + (((s51 << 45) | (s51 >> 19))^((s51 << 3) | (s51 >> 61))^(s51 >> 6))
+ s54 = s38 + s47 + (((s39 << 63) | (s39 >> 1))^((s39 << 56) | (s39 >> 8))^(s39 >> 7)) + (((s52 << 45) | (s52 >> 19))^((s52 << 3) | (s52 >> 61))^(s52 >> 6))
+ s55 = s39 + s48 + (((s40 << 63) | (s40 >> 1))^((s40 << 56) | (s40 >> 8))^(s40 >> 7)) + (((s53 << 45) | (s53 >> 19))^((s53 << 3) | (s53 >> 61))^(s53 >> 6))
+ s56 = s40 + s49 + (((s41 << 63) | (s41 >> 1))^((s41 << 56) | (s41 >> 8))^(s41 >> 7)) + (((s54 << 45) | (s54 >> 19))^((s54 << 3) | (s54 >> 61))^(s54 >> 6))
+ s57 = s41 + s50 + (((s42 << 63) | (s42 >> 1))^((s42 << 56) | (s42 >> 8))^(s42 >> 7)) + (((s55 << 45) | (s55 >> 19))^((s55 << 3) | (s55 >> 61))^(s55 >> 6))
+ s58 = s42 + s51 + (((s43 << 63) | (s43 >> 1))^((s43 << 56) | (s43 >> 8))^(s43 >> 7)) + (((s56 << 45) | (s56 >> 19))^((s56 << 3) | (s56 >> 61))^(s56 >> 6))
+ s59 = s43 + s52 + (((s44 << 63) | (s44 >> 1))^((s44 << 56) | (s44 >> 8))^(s44 >> 7)) + (((s57 << 45) | (s57 >> 19))^((s57 << 3) | (s57 >> 61))^(s57 >> 6))
+ s60 = s44 + s53 + (((s45 << 63) | (s45 >> 1))^((s45 << 56) | (s45 >> 8))^(s45 >> 7)) + (((s58 << 45) | (s58 >> 19))^((s58 << 3) | (s58 >> 61))^(s58 >> 6))
+ s61 = s45 + s54 + (((s46 << 63) | (s46 >> 1))^((s46 << 56) | (s46 >> 8))^(s46 >> 7)) + (((s59 << 45) | (s59 >> 19))^((s59 << 3) | (s59 >> 61))^(s59 >> 6))
+ s62 = s46 + s55 + (((s47 << 63) | (s47 >> 1))^((s47 << 56) | (s47 >> 8))^(s47 >> 7)) + (((s60 << 45) | (s60 >> 19))^((s60 << 3) | (s60 >> 61))^(s60 >> 6))
+ s63 = s47 + s56 + (((s48 << 63) | (s48 >> 1))^((s48 << 56) | (s48 >> 8))^(s48 >> 7)) + (((s61 << 45) | (s61 >> 19))^((s61 << 3) | (s61 >> 61))^(s61 >> 6))
+ s64 = s48 + s57 + (((s49 << 63) | (s49 >> 1))^((s49 << 56) | (s49 >> 8))^(s49 >> 7)) + (((s62 << 45) | (s62 >> 19))^((s62 << 3) | (s62 >> 61))^(s62 >> 6))
+ s65 = s49 + s58 + (((s50 << 63) | (s50 >> 1))^((s50 << 56) | (s50 >> 8))^(s50 >> 7)) + (((s63 << 45) | (s63 >> 19))^((s63 << 3) | (s63 >> 61))^(s63 >> 6))
+ s66 = s50 + s59 + (((s51 << 63) | (s51 >> 1))^((s51 << 56) | (s51 >> 8))^(s51 >> 7)) + (((s64 << 45) | (s64 >> 19))^((s64 << 3) | (s64 >> 61))^(s64 >> 6))
+ s67 = s51 + s60 + (((s52 << 63) | (s52 >> 1))^((s52 << 56) | (s52 >> 8))^(s52 >> 7)) + (((s65 << 45) | (s65 >> 19))^((s65 << 3) | (s65 >> 61))^(s65 >> 6))
+ s68 = s52 + s61 + (((s53 << 63) | (s53 >> 1))^((s53 << 56) | (s53 >> 8))^(s53 >> 7)) + (((s66 << 45) | (s66 >> 19))^((s66 << 3) | (s66 >> 61))^(s66 >> 6))
+ s69 = s53 + s62 + (((s54 << 63) | (s54 >> 1))^((s54 << 56) | (s54 >> 8))^(s54 >> 7)) + (((s67 << 45) | (s67 >> 19))^((s67 << 3) | (s67 >> 61))^(s67 >> 6))
+ s70 = s54 + s63 + (((s55 << 63) | (s55 >> 1))^((s55 << 56) | (s55 >> 8))^(s55 >> 7)) + (((s68 << 45) | (s68 >> 19))^((s68 << 3) | (s68 >> 61))^(s68 >> 6))
+ s71 = s55 + s64 + (((s56 << 63) | (s56 >> 1))^((s56 << 56) | (s56 >> 8))^(s56 >> 7)) + (((s69 << 45) | (s69 >> 19))^((s69 << 3) | (s69 >> 61))^(s69 >> 6))
+ s72 = s56 + s65 + (((s57 << 63) | (s57 >> 1))^((s57 << 56) | (s57 >> 8))^(s57 >> 7)) + (((s70 << 45) | (s70 >> 19))^((s70 << 3) | (s70 >> 61))^(s70 >> 6))
+ s73 = s57 + s66 + (((s58 << 63) | (s58 >> 1))^((s58 << 56) | (s58 >> 8))^(s58 >> 7)) + (((s71 << 45) | (s71 >> 19))^((s71 << 3) | (s71 >> 61))^(s71 >> 6))
+ s74 = s58 + s67 + (((s59 << 63) | (s59 >> 1))^((s59 << 56) | (s59 >> 8))^(s59 >> 7)) + (((s72 << 45) | (s72 >> 19))^((s72 << 3) | (s72 >> 61))^(s72 >> 6))
+ s75 = s59 + s68 + (((s60 << 63) | (s60 >> 1))^((s60 << 56) | (s60 >> 8))^(s60 >> 7)) + (((s73 << 45) | (s73 >> 19))^((s73 << 3) | (s73 >> 61))^(s73 >> 6))
+ s76 = s60 + s69 + (((s61 << 63) | (s61 >> 1))^((s61 << 56) | (s61 >> 8))^(s61 >> 7)) + (((s74 << 45) | (s74 >> 19))^((s74 << 3) | (s74 >> 61))^(s74 >> 6))
+ s77 = s61 + s70 + (((s62 << 63) | (s62 >> 1))^((s62 << 56) | (s62 >> 8))^(s62 >> 7)) + (((s75 << 45) | (s75 >> 19))^((s75 << 3) | (s75 >> 61))^(s75 >> 6))
+ s78 = s62 + s71 + (((s63 << 63) | (s63 >> 1))^((s63 << 56) | (s63 >> 8))^(s63 >> 7)) + (((s76 << 45) | (s76 >> 19))^((s76 << 3) | (s76 >> 61))^(s76 >> 6))
+ s79 = s63 + s72 + (((s64 << 63) | (s64 >> 1))^((s64 << 56) | (s64 >> 8))^(s64 >> 7)) + (((s77 << 45) | (s77 >> 19))^((s77 << 3) | (s77 >> 61))^(s77 >> 6))
+
+
+ h += (((e << 50) | (e >> 14)) ^ ((e << (64 - 18)) | (e >> 18)) ^ ((e << 23) | (e >> 41))) + (g ^ (e & (f ^ g))) + 0x428a2f98d728ae22ul + s00
+ d += h; h += (((a << 36) | (a >> 28)) ^ ((a << (64 - 34)) | (a >> 34)) ^ ((a << 25) | (a >> 39))) + ((a & (b | c)) | (b & c));
+ g += (((d << 50) | (d >> 14)) ^ ((d << (64 - 18)) | (d >> 18)) ^ ((d << 23) | (d >> 41))) + (f ^ (d & (e ^ f))) + 0x7137449123ef65cdul + s01
+ c += g; g += (((h << 36) | (h >> 28)) ^ ((h << (64 - 34)) | (h >> 34)) ^ ((h << 25) | (h >> 39))) + ((h & (a | b)) | (a & b));
+ f += (((c << 50) | (c >> 14)) ^ ((c << (64 - 18)) | (c >> 18)) ^ ((c << 23) | (c >> 41))) + (e ^ (c & (d ^ e))) + 0xb5c0fbcfec4d3b2ful + s02
+ b += f; f += (((g << 36) | (g >> 28)) ^ ((g << (64 - 34)) | (g >> 34)) ^ ((g << 25) | (g >> 39))) + ((g & (h | a)) | (h & a));
+ e += (((b << 50) | (b >> 14)) ^ ((b << (64 - 18)) | (b >> 18)) ^ ((b << 23) | (b >> 41))) + (d ^ (b & (c ^ d))) + 0xe9b5dba58189dbbcul + s03
+ a += e; e += (((f << 36) | (f >> 28)) ^ ((f << (64 - 34)) | (f >> 34)) ^ ((f << 25) | (f >> 39))) + ((f & (g | h)) | (g & h));
+ d += (((a << 50) | (a >> 14)) ^ ((a << (64 - 18)) | (a >> 18)) ^ ((a << 23) | (a >> 41))) + (c ^ (a & (b ^ c))) + 0x3956c25bf348b538ul + s04
+ h += d; d += (((e << 36) | (e >> 28)) ^ ((e << (64 - 34)) | (e >> 34)) ^ ((e << 25) | (e >> 39))) + ((e & (f | g)) | (f & g));
+ c += (((h << 50) | (h >> 14)) ^ ((h << (64 - 18)) | (h >> 18)) ^ ((h << 23) | (h >> 41))) + (b ^ (h & (a ^ b))) + 0x59f111f1b605d019ul + s05
+ g += c; c += (((d << 36) | (d >> 28)) ^ ((d << (64 - 34)) | (d >> 34)) ^ ((d << 25) | (d >> 39))) + ((d & (e | f)) | (e & f));
+ b += (((g << 50) | (g >> 14)) ^ ((g << (64 - 18)) | (g >> 18)) ^ ((g << 23) | (g >> 41))) + (a ^ (g & (h ^ a))) + 0x923f82a4af194f9bul + s06
+ f += b; b += (((c << 36) | (c >> 28)) ^ ((c << (64 - 34)) | (c >> 34)) ^ ((c << 25) | (c >> 39))) + ((c & (d | e)) | (d & e));
+ a += (((f << 50) | (f >> 14)) ^ ((f << (64 - 18)) | (f >> 18)) ^ ((f << 23) | (f >> 41))) + (h ^ (f & (g ^ h))) + 0xab1c5ed5da6d8118ul + s07
+ e += a; a += (((b << 36) | (b >> 28)) ^ ((b << (64 - 34)) | (b >> 34)) ^ ((b << 25) | (b >> 39))) + ((b & (c | d)) | (c & d));
+ h += (((e << 50) | (e >> 14)) ^ ((e << (64 - 18)) | (e >> 18)) ^ ((e << 23) | (e >> 41))) + (g ^ (e & (f ^ g))) + 0xd807aa98a3030242ul + s08
+ d += h; h += (((a << 36) | (a >> 28)) ^ ((a << (64 - 34)) | (a >> 34)) ^ ((a << 25) | (a >> 39))) + ((a & (b | c)) | (b & c));
+ g += (((d << 50) | (d >> 14)) ^ ((d << (64 - 18)) | (d >> 18)) ^ ((d << 23) | (d >> 41))) + (f ^ (d & (e ^ f))) + 0x12835b0145706fbeul + s09
+ c += g; g += (((h << 36) | (h >> 28)) ^ ((h << (64 - 34)) | (h >> 34)) ^ ((h << 25) | (h >> 39))) + ((h & (a | b)) | (a & b));
+ f += (((c << 50) | (c >> 14)) ^ ((c << (64 - 18)) | (c >> 18)) ^ ((c << 23) | (c >> 41))) + (e ^ (c & (d ^ e))) + 0x243185be4ee4b28cul + s10
+ b += f; f += (((g << 36) | (g >> 28)) ^ ((g << (64 - 34)) | (g >> 34)) ^ ((g << 25) | (g >> 39))) + ((g & (h | a)) | (h & a));
+ e += (((b << 50) | (b >> 14)) ^ ((b << (64 - 18)) | (b >> 18)) ^ ((b << 23) | (b >> 41))) + (d ^ (b & (c ^ d))) + 0x550c7dc3d5ffb4e2ul + s11
+ a += e; e += (((f << 36) | (f >> 28)) ^ ((f << (64 - 34)) | (f >> 34)) ^ ((f << 25) | (f >> 39))) + ((f & (g | h)) | (g & h));
+ d += (((a << 50) | (a >> 14)) ^ ((a << (64 - 18)) | (a >> 18)) ^ ((a << 23) | (a >> 41))) + (c ^ (a & (b ^ c))) + 0x72be5d74f27b896ful + s12
+ h += d; d += (((e << 36) | (e >> 28)) ^ ((e << (64 - 34)) | (e >> 34)) ^ ((e << 25) | (e >> 39))) + ((e & (f | g)) | (f & g));
+ c += (((h << 50) | (h >> 14)) ^ ((h << (64 - 18)) | (h >> 18)) ^ ((h << 23) | (h >> 41))) + (b ^ (h & (a ^ b))) + 0x80deb1fe3b1696b1ul + s13
+ g += c; c += (((d << 36) | (d >> 28)) ^ ((d << (64 - 34)) | (d >> 34)) ^ ((d << 25) | (d >> 39))) + ((d & (e | f)) | (e & f));
+ b += (((g << 50) | (g >> 14)) ^ ((g << (64 - 18)) | (g >> 18)) ^ ((g << 23) | (g >> 41))) + (a ^ (g & (h ^ a))) + 0x9bdc06a725c71235ul + s14
+ f += b; b += (((c << 36) | (c >> 28)) ^ ((c << (64 - 34)) | (c >> 34)) ^ ((c << 25) | (c >> 39))) + ((c & (d | e)) | (d & e));
+ a += (((f << 50) | (f >> 14)) ^ ((f << (64 - 18)) | (f >> 18)) ^ ((f << 23) | (f >> 41))) + (h ^ (f & (g ^ h))) + 0xc19bf174cf692694ul + s15
+ e += a; a += (((b << 36) | (b >> 28)) ^ ((b << (64 - 34)) | (b >> 34)) ^ ((b << 25) | (b >> 39))) + ((b & (c | d)) | (c & d));
+ h += (((e << 50) | (e >> 14)) ^ ((e << (64 - 18)) | (e >> 18)) ^ ((e << 23) | (e >> 41))) + (g ^ (e & (f ^ g))) + 0xe49b69c19ef14ad2ul + s16
+ d += h; h += (((a << 36) | (a >> 28)) ^ ((a << (64 - 34)) | (a >> 34)) ^ ((a << 25) | (a >> 39))) + ((a & (b | c)) | (b & c));
+ g += (((d << 50) | (d >> 14)) ^ ((d << (64 - 18)) | (d >> 18)) ^ ((d << 23) | (d >> 41))) + (f ^ (d & (e ^ f))) + 0xefbe4786384f25e3ul + s17
+ c += g; g += (((h << 36) | (h >> 28)) ^ ((h << (64 - 34)) | (h >> 34)) ^ ((h << 25) | (h >> 39))) + ((h & (a | b)) | (a & b));
+ f += (((c << 50) | (c >> 14)) ^ ((c << (64 - 18)) | (c >> 18)) ^ ((c << 23) | (c >> 41))) + (e ^ (c & (d ^ e))) + 0x0fc19dc68b8cd5b5ul + s18
+ b += f; f += (((g << 36) | (g >> 28)) ^ ((g << (64 - 34)) | (g >> 34)) ^ ((g << 25) | (g >> 39))) + ((g & (h | a)) | (h & a));
+ e += (((b << 50) | (b >> 14)) ^ ((b << (64 - 18)) | (b >> 18)) ^ ((b << 23) | (b >> 41))) + (d ^ (b & (c ^ d))) + 0x240ca1cc77ac9c65ul + s19
+ a += e; e += (((f << 36) | (f >> 28)) ^ ((f << (64 - 34)) | (f >> 34)) ^ ((f << 25) | (f >> 39))) + ((f & (g | h)) | (g & h));
+ d += (((a << 50) | (a >> 14)) ^ ((a << (64 - 18)) | (a >> 18)) ^ ((a << 23) | (a >> 41))) + (c ^ (a & (b ^ c))) + 0x2de92c6f592b0275ul + s20
+ h += d; d += (((e << 36) | (e >> 28)) ^ ((e << (64 - 34)) | (e >> 34)) ^ ((e << 25) | (e >> 39))) + ((e & (f | g)) | (f & g));
+ c += (((h << 50) | (h >> 14)) ^ ((h << (64 - 18)) | (h >> 18)) ^ ((h << 23) | (h >> 41))) + (b ^ (h & (a ^ b))) + 0x4a7484aa6ea6e483ul + s21
+ g += c; c += (((d << 36) | (d >> 28)) ^ ((d << (64 - 34)) | (d >> 34)) ^ ((d << 25) | (d >> 39))) + ((d & (e | f)) | (e & f));
+ b += (((g << 50) | (g >> 14)) ^ ((g << (64 - 18)) | (g >> 18)) ^ ((g << 23) | (g >> 41))) + (a ^ (g & (h ^ a))) + 0x5cb0a9dcbd41fbd4ul + s22
+ f += b; b += (((c << 36) | (c >> 28)) ^ ((c << (64 - 34)) | (c >> 34)) ^ ((c << 25) | (c >> 39))) + ((c & (d | e)) | (d & e));
+ a += (((f << 50) | (f >> 14)) ^ ((f << (64 - 18)) | (f >> 18)) ^ ((f << 23) | (f >> 41))) + (h ^ (f & (g ^ h))) + 0x76f988da831153b5ul + s23
+ e += a; a += (((b << 36) | (b >> 28)) ^ ((b << (64 - 34)) | (b >> 34)) ^ ((b << 25) | (b >> 39))) + ((b & (c | d)) | (c & d));
+ h += (((e << 50) | (e >> 14)) ^ ((e << (64 - 18)) | (e >> 18)) ^ ((e << 23) | (e >> 41))) + (g ^ (e & (f ^ g))) + 0x983e5152ee66dfabul + s24
+ d += h; h += (((a << 36) | (a >> 28)) ^ ((a << (64 - 34)) | (a >> 34)) ^ ((a << 25) | (a >> 39))) + ((a & (b | c)) | (b & c));
+ g += (((d << 50) | (d >> 14)) ^ ((d << (64 - 18)) | (d >> 18)) ^ ((d << 23) | (d >> 41))) + (f ^ (d & (e ^ f))) + 0xa831c66d2db43210ul + s25
+ c += g; g += (((h << 36) | (h >> 28)) ^ ((h << (64 - 34)) | (h >> 34)) ^ ((h << 25) | (h >> 39))) + ((h & (a | b)) | (a & b));
+ f += (((c << 50) | (c >> 14)) ^ ((c << (64 - 18)) | (c >> 18)) ^ ((c << 23) | (c >> 41))) + (e ^ (c & (d ^ e))) + 0xb00327c898fb213ful + s26
+ b += f; f += (((g << 36) | (g >> 28)) ^ ((g << (64 - 34)) | (g >> 34)) ^ ((g << 25) | (g >> 39))) + ((g & (h | a)) | (h & a));
+ e += (((b << 50) | (b >> 14)) ^ ((b << (64 - 18)) | (b >> 18)) ^ ((b << 23) | (b >> 41))) + (d ^ (b & (c ^ d))) + 0xbf597fc7beef0ee4ul + s27
+ a += e; e += (((f << 36) | (f >> 28)) ^ ((f << (64 - 34)) | (f >> 34)) ^ ((f << 25) | (f >> 39))) + ((f & (g | h)) | (g & h));
+ d += (((a << 50) | (a >> 14)) ^ ((a << (64 - 18)) | (a >> 18)) ^ ((a << 23) | (a >> 41))) + (c ^ (a & (b ^ c))) + 0xc6e00bf33da88fc2ul + s28
+ h += d; d += (((e << 36) | (e >> 28)) ^ ((e << (64 - 34)) | (e >> 34)) ^ ((e << 25) | (e >> 39))) + ((e & (f | g)) | (f & g));
+ c += (((h << 50) | (h >> 14)) ^ ((h << (64 - 18)) | (h >> 18)) ^ ((h << 23) | (h >> 41))) + (b ^ (h & (a ^ b))) + 0xd5a79147930aa725ul + s29
+ g += c; c += (((d << 36) | (d >> 28)) ^ ((d << (64 - 34)) | (d >> 34)) ^ ((d << 25) | (d >> 39))) + ((d & (e | f)) | (e & f));
+ b += (((g << 50) | (g >> 14)) ^ ((g << (64 - 18)) | (g >> 18)) ^ ((g << 23) | (g >> 41))) + (a ^ (g & (h ^ a))) + 0x06ca6351e003826ful + s30
+ f += b; b += (((c << 36) | (c >> 28)) ^ ((c << (64 - 34)) | (c >> 34)) ^ ((c << 25) | (c >> 39))) + ((c & (d | e)) | (d & e));
+ a += (((f << 50) | (f >> 14)) ^ ((f << (64 - 18)) | (f >> 18)) ^ ((f << 23) | (f >> 41))) + (h ^ (f & (g ^ h))) + 0x142929670a0e6e70ul + s31
+ e += a; a += (((b << 36) | (b >> 28)) ^ ((b << (64 - 34)) | (b >> 34)) ^ ((b << 25) | (b >> 39))) + ((b & (c | d)) | (c & d));
+ h += (((e << 50) | (e >> 14)) ^ ((e << (64 - 18)) | (e >> 18)) ^ ((e << 23) | (e >> 41))) + (g ^ (e & (f ^ g))) + 0x27b70a8546d22ffcul + s32
+ d += h; h += (((a << 36) | (a >> 28)) ^ ((a << (64 - 34)) | (a >> 34)) ^ ((a << 25) | (a >> 39))) + ((a & (b | c)) | (b & c));
+ g += (((d << 50) | (d >> 14)) ^ ((d << (64 - 18)) | (d >> 18)) ^ ((d << 23) | (d >> 41))) + (f ^ (d & (e ^ f))) + 0x2e1b21385c26c926ul + s33
+ c += g; g += (((h << 36) | (h >> 28)) ^ ((h << (64 - 34)) | (h >> 34)) ^ ((h << 25) | (h >> 39))) + ((h & (a | b)) | (a & b));
+ f += (((c << 50) | (c >> 14)) ^ ((c << (64 - 18)) | (c >> 18)) ^ ((c << 23) | (c >> 41))) + (e ^ (c & (d ^ e))) + 0x4d2c6dfc5ac42aedul + s34
+ b += f; f += (((g << 36) | (g >> 28)) ^ ((g << (64 - 34)) | (g >> 34)) ^ ((g << 25) | (g >> 39))) + ((g & (h | a)) | (h & a));
+ e += (((b << 50) | (b >> 14)) ^ ((b << (64 - 18)) | (b >> 18)) ^ ((b << 23) | (b >> 41))) + (d ^ (b & (c ^ d))) + 0x53380d139d95b3dful + s35
+ a += e; e += (((f << 36) | (f >> 28)) ^ ((f << (64 - 34)) | (f >> 34)) ^ ((f << 25) | (f >> 39))) + ((f & (g | h)) | (g & h));
+ d += (((a << 50) | (a >> 14)) ^ ((a << (64 - 18)) | (a >> 18)) ^ ((a << 23) | (a >> 41))) + (c ^ (a & (b ^ c))) + 0x650a73548baf63deul + s36
+ h += d; d += (((e << 36) | (e >> 28)) ^ ((e << (64 - 34)) | (e >> 34)) ^ ((e << 25) | (e >> 39))) + ((e & (f | g)) | (f & g));
+ c += (((h << 50) | (h >> 14)) ^ ((h << (64 - 18)) | (h >> 18)) ^ ((h << 23) | (h >> 41))) + (b ^ (h & (a ^ b))) + 0x766a0abb3c77b2a8ul + s37
+ g += c; c += (((d << 36) | (d >> 28)) ^ ((d << (64 - 34)) | (d >> 34)) ^ ((d << 25) | (d >> 39))) + ((d & (e | f)) | (e & f));
+ b += (((g << 50) | (g >> 14)) ^ ((g << (64 - 18)) | (g >> 18)) ^ ((g << 23) | (g >> 41))) + (a ^ (g & (h ^ a))) + 0x81c2c92e47edaee6ul + s38
+ f += b; b += (((c << 36) | (c >> 28)) ^ ((c << (64 - 34)) | (c >> 34)) ^ ((c << 25) | (c >> 39))) + ((c & (d | e)) | (d & e));
+ a += (((f << 50) | (f >> 14)) ^ ((f << (64 - 18)) | (f >> 18)) ^ ((f << 23) | (f >> 41))) + (h ^ (f & (g ^ h))) + 0x92722c851482353bul + s39
+ e += a; a += (((b << 36) | (b >> 28)) ^ ((b << (64 - 34)) | (b >> 34)) ^ ((b << 25) | (b >> 39))) + ((b & (c | d)) | (c & d));
+ h += (((e << 50) | (e >> 14)) ^ ((e << (64 - 18)) | (e >> 18)) ^ ((e << 23) | (e >> 41))) + (g ^ (e & (f ^ g))) + 0xa2bfe8a14cf10364ul + s40
+ d += h; h += (((a << 36) | (a >> 28)) ^ ((a << (64 - 34)) | (a >> 34)) ^ ((a << 25) | (a >> 39))) + ((a & (b | c)) | (b & c));
+ g += (((d << 50) | (d >> 14)) ^ ((d << (64 - 18)) | (d >> 18)) ^ ((d << 23) | (d >> 41))) + (f ^ (d & (e ^ f))) + 0xa81a664bbc423001ul + s41
+ c += g; g += (((h << 36) | (h >> 28)) ^ ((h << (64 - 34)) | (h >> 34)) ^ ((h << 25) | (h >> 39))) + ((h & (a | b)) | (a & b));
+ f += (((c << 50) | (c >> 14)) ^ ((c << (64 - 18)) | (c >> 18)) ^ ((c << 23) | (c >> 41))) + (e ^ (c & (d ^ e))) + 0xc24b8b70d0f89791ul + s42
+ b += f; f += (((g << 36) | (g >> 28)) ^ ((g << (64 - 34)) | (g >> 34)) ^ ((g << 25) | (g >> 39))) + ((g & (h | a)) | (h & a));
+ e += (((b << 50) | (b >> 14)) ^ ((b << (64 - 18)) | (b >> 18)) ^ ((b << 23) | (b >> 41))) + (d ^ (b & (c ^ d))) + 0xc76c51a30654be30ul + s43
+ a += e; e += (((f << 36) | (f >> 28)) ^ ((f << (64 - 34)) | (f >> 34)) ^ ((f << 25) | (f >> 39))) + ((f & (g | h)) | (g & h));
+ d += (((a << 50) | (a >> 14)) ^ ((a << (64 - 18)) | (a >> 18)) ^ ((a << 23) | (a >> 41))) + (c ^ (a & (b ^ c))) + 0xd192e819d6ef5218ul + s44
+ h += d; d += (((e << 36) | (e >> 28)) ^ ((e << (64 - 34)) | (e >> 34)) ^ ((e << 25) | (e >> 39))) + ((e & (f | g)) | (f & g));
+ c += (((h << 50) | (h >> 14)) ^ ((h << (64 - 18)) | (h >> 18)) ^ ((h << 23) | (h >> 41))) + (b ^ (h & (a ^ b))) + 0xd69906245565a910ul + s45
+ g += c; c += (((d << 36) | (d >> 28)) ^ ((d << (64 - 34)) | (d >> 34)) ^ ((d << 25) | (d >> 39))) + ((d & (e | f)) | (e & f));
+ b += (((g << 50) | (g >> 14)) ^ ((g << (64 - 18)) | (g >> 18)) ^ ((g << 23) | (g >> 41))) + (a ^ (g & (h ^ a))) + 0xf40e35855771202aul + s46
+ f += b; b += (((c << 36) | (c >> 28)) ^ ((c << (64 - 34)) | (c >> 34)) ^ ((c << 25) | (c >> 39))) + ((c & (d | e)) | (d & e));
+ a += (((f << 50) | (f >> 14)) ^ ((f << (64 - 18)) | (f >> 18)) ^ ((f << 23) | (f >> 41))) + (h ^ (f & (g ^ h))) + 0x106aa07032bbd1b8ul + s47
+ e += a; a += (((b << 36) | (b >> 28)) ^ ((b << (64 - 34)) | (b >> 34)) ^ ((b << 25) | (b >> 39))) + ((b & (c | d)) | (c & d));
+ h += (((e << 50) | (e >> 14)) ^ ((e << (64 - 18)) | (e >> 18)) ^ ((e << 23) | (e >> 41))) + (g ^ (e & (f ^ g))) + 0x19a4c116b8d2d0c8ul + s48
+ d += h; h += (((a << 36) | (a >> 28)) ^ ((a << (64 - 34)) | (a >> 34)) ^ ((a << 25) | (a >> 39))) + ((a & (b | c)) | (b & c));
+ g += (((d << 50) | (d >> 14)) ^ ((d << (64 - 18)) | (d >> 18)) ^ ((d << 23) | (d >> 41))) + (f ^ (d & (e ^ f))) + 0x1e376c085141ab53ul + s49
+ c += g; g += (((h << 36) | (h >> 28)) ^ ((h << (64 - 34)) | (h >> 34)) ^ ((h << 25) | (h >> 39))) + ((h & (a | b)) | (a & b));
+ f += (((c << 50) | (c >> 14)) ^ ((c << (64 - 18)) | (c >> 18)) ^ ((c << 23) | (c >> 41))) + (e ^ (c & (d ^ e))) + 0x2748774cdf8eeb99ul + s50
+ b += f; f += (((g << 36) | (g >> 28)) ^ ((g << (64 - 34)) | (g >> 34)) ^ ((g << 25) | (g >> 39))) + ((g & (h | a)) | (h & a));
+ e += (((b << 50) | (b >> 14)) ^ ((b << (64 - 18)) | (b >> 18)) ^ ((b << 23) | (b >> 41))) + (d ^ (b & (c ^ d))) + 0x34b0bcb5e19b48a8ul + s51
+ a += e; e += (((f << 36) | (f >> 28)) ^ ((f << (64 - 34)) | (f >> 34)) ^ ((f << 25) | (f >> 39))) + ((f & (g | h)) | (g & h));
+ d += (((a << 50) | (a >> 14)) ^ ((a << (64 - 18)) | (a >> 18)) ^ ((a << 23) | (a >> 41))) + (c ^ (a & (b ^ c))) + 0x391c0cb3c5c95a63ul + s52
+ h += d; d += (((e << 36) | (e >> 28)) ^ ((e << (64 - 34)) | (e >> 34)) ^ ((e << 25) | (e >> 39))) + ((e & (f | g)) | (f & g));
+ c += (((h << 50) | (h >> 14)) ^ ((h << (64 - 18)) | (h >> 18)) ^ ((h << 23) | (h >> 41))) + (b ^ (h & (a ^ b))) + 0x4ed8aa4ae3418acbul + s53
+ g += c; c += (((d << 36) | (d >> 28)) ^ ((d << (64 - 34)) | (d >> 34)) ^ ((d << 25) | (d >> 39))) + ((d & (e | f)) | (e & f));
+ b += (((g << 50) | (g >> 14)) ^ ((g << (64 - 18)) | (g >> 18)) ^ ((g << 23) | (g >> 41))) + (a ^ (g & (h ^ a))) + 0x5b9cca4f7763e373ul + s54
+ f += b; b += (((c << 36) | (c >> 28)) ^ ((c << (64 - 34)) | (c >> 34)) ^ ((c << 25) | (c >> 39))) + ((c & (d | e)) | (d & e));
+ a += (((f << 50) | (f >> 14)) ^ ((f << (64 - 18)) | (f >> 18)) ^ ((f << 23) | (f >> 41))) + (h ^ (f & (g ^ h))) + 0x682e6ff3d6b2b8a3ul + s55
+ e += a; a += (((b << 36) | (b >> 28)) ^ ((b << (64 - 34)) | (b >> 34)) ^ ((b << 25) | (b >> 39))) + ((b & (c | d)) | (c & d));
+ h += (((e << 50) | (e >> 14)) ^ ((e << (64 - 18)) | (e >> 18)) ^ ((e << 23) | (e >> 41))) + (g ^ (e & (f ^ g))) + 0x748f82ee5defb2fcul + s56
+ d += h; h += (((a << 36) | (a >> 28)) ^ ((a << (64 - 34)) | (a >> 34)) ^ ((a << 25) | (a >> 39))) + ((a & (b | c)) | (b & c));
+ g += (((d << 50) | (d >> 14)) ^ ((d << (64 - 18)) | (d >> 18)) ^ ((d << 23) | (d >> 41))) + (f ^ (d & (e ^ f))) + 0x78a5636f43172f60ul + s57
+ c += g; g += (((h << 36) | (h >> 28)) ^ ((h << (64 - 34)) | (h >> 34)) ^ ((h << 25) | (h >> 39))) + ((h & (a | b)) | (a & b));
+ f += (((c << 50) | (c >> 14)) ^ ((c << (64 - 18)) | (c >> 18)) ^ ((c << 23) | (c >> 41))) + (e ^ (c & (d ^ e))) + 0x84c87814a1f0ab72ul + s58
+ b += f; f += (((g << 36) | (g >> 28)) ^ ((g << (64 - 34)) | (g >> 34)) ^ ((g << 25) | (g >> 39))) + ((g & (h | a)) | (h & a));
+ e += (((b << 50) | (b >> 14)) ^ ((b << (64 - 18)) | (b >> 18)) ^ ((b << 23) | (b >> 41))) + (d ^ (b & (c ^ d))) + 0x8cc702081a6439ecul + s59
+ a += e; e += (((f << 36) | (f >> 28)) ^ ((f << (64 - 34)) | (f >> 34)) ^ ((f << 25) | (f >> 39))) + ((f & (g | h)) | (g & h));
+ d += (((a << 50) | (a >> 14)) ^ ((a << (64 - 18)) | (a >> 18)) ^ ((a << 23) | (a >> 41))) + (c ^ (a & (b ^ c))) + 0x90befffa23631e28ul + s60
+ h += d; d += (((e << 36) | (e >> 28)) ^ ((e << (64 - 34)) | (e >> 34)) ^ ((e << 25) | (e >> 39))) + ((e & (f | g)) | (f & g));
+ c += (((h << 50) | (h >> 14)) ^ ((h << (64 - 18)) | (h >> 18)) ^ ((h << 23) | (h >> 41))) + (b ^ (h & (a ^ b))) + 0xa4506cebde82bde9ul + s61
+ g += c; c += (((d << 36) | (d >> 28)) ^ ((d << (64 - 34)) | (d >> 34)) ^ ((d << 25) | (d >> 39))) + ((d & (e | f)) | (e & f));
+ b += (((g << 50) | (g >> 14)) ^ ((g << (64 - 18)) | (g >> 18)) ^ ((g << 23) | (g >> 41))) + (a ^ (g & (h ^ a))) + 0xbef9a3f7b2c67915ul + s62
+ f += b; b += (((c << 36) | (c >> 28)) ^ ((c << (64 - 34)) | (c >> 34)) ^ ((c << 25) | (c >> 39))) + ((c & (d | e)) | (d & e));
+ a += (((f << 50) | (f >> 14)) ^ ((f << (64 - 18)) | (f >> 18)) ^ ((f << 23) | (f >> 41))) + (h ^ (f & (g ^ h))) + 0xc67178f2e372532bul + s63
+ e += a; a += (((b << 36) | (b >> 28)) ^ ((b << (64 - 34)) | (b >> 34)) ^ ((b << 25) | (b >> 39))) + ((b & (c | d)) | (c & d));
+ h += (((e << 50) | (e >> 14)) ^ ((e << (64 - 18)) | (e >> 18)) ^ ((e << 23) | (e >> 41))) + (g ^ (e & (f ^ g))) + 0xca273eceea26619cul + s64
+ d += h; h += (((a << 36) | (a >> 28)) ^ ((a << (64 - 34)) | (a >> 34)) ^ ((a << 25) | (a >> 39))) + ((a & (b | c)) | (b & c));
+ g += (((d << 50) | (d >> 14)) ^ ((d << (64 - 18)) | (d >> 18)) ^ ((d << 23) | (d >> 41))) + (f ^ (d & (e ^ f))) + 0xd186b8c721c0c207ul + s65
+ c += g; g += (((h << 36) | (h >> 28)) ^ ((h << (64 - 34)) | (h >> 34)) ^ ((h << 25) | (h >> 39))) + ((h & (a | b)) | (a & b));
+ f += (((c << 50) | (c >> 14)) ^ ((c << (64 - 18)) | (c >> 18)) ^ ((c << 23) | (c >> 41))) + (e ^ (c & (d ^ e))) + 0xeada7dd6cde0eb1eul + s66
+ b += f; f += (((g << 36) | (g >> 28)) ^ ((g << (64 - 34)) | (g >> 34)) ^ ((g << 25) | (g >> 39))) + ((g & (h | a)) | (h & a));
+ e += (((b << 50) | (b >> 14)) ^ ((b << (64 - 18)) | (b >> 18)) ^ ((b << 23) | (b >> 41))) + (d ^ (b & (c ^ d))) + 0xf57d4f7fee6ed178ul + s67
+ a += e; e += (((f << 36) | (f >> 28)) ^ ((f << (64 - 34)) | (f >> 34)) ^ ((f << 25) | (f >> 39))) + ((f & (g | h)) | (g & h));
+ d += (((a << 50) | (a >> 14)) ^ ((a << (64 - 18)) | (a >> 18)) ^ ((a << 23) | (a >> 41))) + (c ^ (a & (b ^ c))) + 0x06f067aa72176fbaul + s68
+ h += d; d += (((e << 36) | (e >> 28)) ^ ((e << (64 - 34)) | (e >> 34)) ^ ((e << 25) | (e >> 39))) + ((e & (f | g)) | (f & g));
+ c += (((h << 50) | (h >> 14)) ^ ((h << (64 - 18)) | (h >> 18)) ^ ((h << 23) | (h >> 41))) + (b ^ (h & (a ^ b))) + 0x0a637dc5a2c898a6ul + s69
+ g += c; c += (((d << 36) | (d >> 28)) ^ ((d << (64 - 34)) | (d >> 34)) ^ ((d << 25) | (d >> 39))) + ((d & (e | f)) | (e & f));
+ b += (((g << 50) | (g >> 14)) ^ ((g << (64 - 18)) | (g >> 18)) ^ ((g << 23) | (g >> 41))) + (a ^ (g & (h ^ a))) + 0x113f9804bef90daeul + s70
+ f += b; b += (((c << 36) | (c >> 28)) ^ ((c << (64 - 34)) | (c >> 34)) ^ ((c << 25) | (c >> 39))) + ((c & (d | e)) | (d & e));
+ a += (((f << 50) | (f >> 14)) ^ ((f << (64 - 18)) | (f >> 18)) ^ ((f << 23) | (f >> 41))) + (h ^ (f & (g ^ h))) + 0x1b710b35131c471bul + s71
+ e += a; a += (((b << 36) | (b >> 28)) ^ ((b << (64 - 34)) | (b >> 34)) ^ ((b << 25) | (b >> 39))) + ((b & (c | d)) | (c & d));
+ h += (((e << 50) | (e >> 14)) ^ ((e << (64 - 18)) | (e >> 18)) ^ ((e << 23) | (e >> 41))) + (g ^ (e & (f ^ g))) + 0x28db77f523047d84ul + s72
+ d += h; h += (((a << 36) | (a >> 28)) ^ ((a << (64 - 34)) | (a >> 34)) ^ ((a << 25) | (a >> 39))) + ((a & (b | c)) | (b & c));
+ g += (((d << 50) | (d >> 14)) ^ ((d << (64 - 18)) | (d >> 18)) ^ ((d << 23) | (d >> 41))) + (f ^ (d & (e ^ f))) + 0x32caab7b40c72493ul + s73
+ c += g; g += (((h << 36) | (h >> 28)) ^ ((h << (64 - 34)) | (h >> 34)) ^ ((h << 25) | (h >> 39))) + ((h & (a | b)) | (a & b));
+ f += (((c << 50) | (c >> 14)) ^ ((c << (64 - 18)) | (c >> 18)) ^ ((c << 23) | (c >> 41))) + (e ^ (c & (d ^ e))) + 0x3c9ebe0a15c9bebcul + s74
+ b += f; f += (((g << 36) | (g >> 28)) ^ ((g << (64 - 34)) | (g >> 34)) ^ ((g << 25) | (g >> 39))) + ((g & (h | a)) | (h & a));
+ e += (((b << 50) | (b >> 14)) ^ ((b << (64 - 18)) | (b >> 18)) ^ ((b << 23) | (b >> 41))) + (d ^ (b & (c ^ d))) + 0x431d67c49c100d4cul + s75
+ a += e; e += (((f << 36) | (f >> 28)) ^ ((f << (64 - 34)) | (f >> 34)) ^ ((f << 25) | (f >> 39))) + ((f & (g | h)) | (g & h));
+ d += (((a << 50) | (a >> 14)) ^ ((a << (64 - 18)) | (a >> 18)) ^ ((a << 23) | (a >> 41))) + (c ^ (a & (b ^ c))) + 0x4cc5d4becb3e42b6ul + s76
+ h += d; d += (((e << 36) | (e >> 28)) ^ ((e << (64 - 34)) | (e >> 34)) ^ ((e << 25) | (e >> 39))) + ((e & (f | g)) | (f & g));
+ c += (((h << 50) | (h >> 14)) ^ ((h << (64 - 18)) | (h >> 18)) ^ ((h << 23) | (h >> 41))) + (b ^ (h & (a ^ b))) + 0x597f299cfc657e2aul + s77
+ g += c; c += (((d << 36) | (d >> 28)) ^ ((d << (64 - 34)) | (d >> 34)) ^ ((d << 25) | (d >> 39))) + ((d & (e | f)) | (e & f));
+ b += (((g << 50) | (g >> 14)) ^ ((g << (64 - 18)) | (g >> 18)) ^ ((g << 23) | (g >> 41))) + (a ^ (g & (h ^ a))) + 0x5fcb6fab3ad6faecul + s78
+ f += b; b += (((c << 36) | (c >> 28)) ^ ((c << (64 - 34)) | (c >> 34)) ^ ((c << 25) | (c >> 39))) + ((c & (d | e)) | (d & e));
+ a += (((f << 50) | (f >> 14)) ^ ((f << (64 - 18)) | (f >> 18)) ^ ((f << 23) | (f >> 41))) + (h ^ (f & (g ^ h))) + 0x6c44198c4a475817ul + s79
+ e += a; a += (((b << 36) | (b >> 28)) ^ ((b << (64 - 34)) | (b >> 34)) ^ ((b << 25) | (b >> 39))) + ((b & (c | d)) | (c & d));
+
+ x[0] += a
+ x[1] += b
+ x[2] += c
+ x[3] += d
+ x[4] += e
+ x[5] += f
+ x[6] += g
+ x[7] += h
+}
+
+const unpack = {b
+ var v : uint64
+
+ v = 0
+ v |= (b[0] : uint64) << 56
+ v |= (b[1] : uint64) << 48
+ v |= (b[2] : uint64) << 40
+ v |= (b[3] : uint64) << 32
+ v |= (b[4] : uint64) << 24
+ v |= (b[5] : uint64) << 16
+ v |= (b[6] : uint64) << 8
+ v |= (b[7] : uint64) << 0
+ -> v
+}
+
+const pack = {out, v
+ out[0] = (v >> 56 : byte)
+ out[1] = (v >> 48 : byte)
+ out[2] = (v >> 40 : byte)
+ out[3] = (v >> 32 : byte)
+ out[4] = (v >> 24 : byte)
+ out[5] = (v >> 16 : byte)
+ out[6] = (v >> 8 : byte)
+ out[7] = (v >> 0 : byte)
+}
+
diff --git a/lib/crypto/test/md5.myr b/lib/crypto/test/md5.myr
new file mode 100644
index 0000000..0548051
--- /dev/null
+++ b/lib/crypto/test/md5.myr
@@ -0,0 +1,18 @@
+use std
+use crypto
+
+use "test/util"
+
+const main = {
+ hasheq(crypto.md5("")[:], \
+ "d41d8cd98f00b204e9800998ecf8427e")
+ hasheq(crypto.md5("h")[:], \
+ "2510c39011c5be704182423e3a695e91")
+ /* 64 byte block */
+ hasheq(crypto.md5("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")[:], \
+ "014842d480b571495a4a0363793f7367")
+ /* tail spanning */
+ hasheq(crypto.md5("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbb")[:], \
+ "3b0bb4c5ece4a6568caa7266e740a140")
+}
+
diff --git a/lib/crypto/test/sha1.myr b/lib/crypto/test/sha1.myr
new file mode 100644
index 0000000..22813d9
--- /dev/null
+++ b/lib/crypto/test/sha1.myr
@@ -0,0 +1,18 @@
+use std
+use crypto
+
+use "test/util"
+
+const main = {
+ hasheq(crypto.sha1("")[:], \
+ "da39a3ee5e6b4b0d3255bfef60951890d8af0709")
+ hasheq(crypto.sha1("h")[:], \
+ "27d5482eebd075de44389774e2fc8c695cf48a75")
+ /* 64 byte block */
+ hasheq(crypto.sha1("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")[:], \
+ "0098ba824b5c16427bd7a1125a2a442aec25644d")
+ /* tail spanning */
+ hasheq(crypto.sha1("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbb")[:], \
+ "4eb17e52bb55910b037869438f69d9c87643d75a")
+}
+
diff --git a/lib/crypto/test/sha256.myr b/lib/crypto/test/sha256.myr
new file mode 100644
index 0000000..e883c84
--- /dev/null
+++ b/lib/crypto/test/sha256.myr
@@ -0,0 +1,29 @@
+use std
+use crypto
+
+use "test/util"
+
+const main = {
+ hasheq(crypto.sha224("")[:], \
+ "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f")
+ hasheq(crypto.sha224("h")[:], \
+ "e0ccaeadfef916630c35576679e4cd4b438e7fc95a60b7361705f708")
+ /* 64 byte block */
+ hasheq(crypto.sha224("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")[:], \
+ "a88cd5cde6d6fe9136a4e58b49167461ea95d388ca2bdb7afdc3cbf4")
+ /* tail spanning */
+ hasheq(crypto.sha224("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbb")[:], \
+ "4a5859b7efa22c3b25710520fc97b0a901f5cdba3e4f0becfeea725e")
+
+ hasheq(crypto.sha256("")[:], \
+ "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")
+ hasheq(crypto.sha256("h")[:], \
+ "aaa9402664f1a41f40ebbc52c9993eb66aeb366602958fdfaa283b71e64db123")
+ /* 64 byte block */
+ hasheq(crypto.sha256("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")[:], \
+ "ffe054fe7ae0cb6dc65c3af9b61d5209f439851db43d0ba5997337df154668eb")
+ /* tail spanning */
+ hasheq(crypto.sha256("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbb")[:], \
+ "bac8bf0f9794a520a5bf0ec64d3206edd1b9f2ef5ea118c9cad5365d84578de4")
+}
+
diff --git a/lib/crypto/test/sha512.myr b/lib/crypto/test/sha512.myr
new file mode 100644
index 0000000..0ae81e4
--- /dev/null
+++ b/lib/crypto/test/sha512.myr
@@ -0,0 +1,29 @@
+use std
+use crypto
+
+use "test/util"
+
+const main = {
+ hasheq(crypto.sha384("")[:], \
+ "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b")
+ hasheq(crypto.sha384("h")[:], \
+ "a4eb0778c79fce94c02126543cba398d645b2fd4c6ff6a02eecc026bbe0cc0dd666279722b7615bc15b4c9126b941c04")
+ /* 64 byte block */
+ hasheq(crypto.sha384("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")[:], \
+ "2e404b9339da795776e510d96930b3be2904c500395b8cb7413334b82d4dec413b4b8113045a05bbbcff846f027423f6")
+ /* tail spanning */
+ hasheq(crypto.sha384("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbb")[:], \
+ "f8f4b55a0fb1ac8506d2e5195c714a1ad16c3bf61ad8b2d544344b105a49a77ff3b8eb61e8f970a71864e9dad87042b1")
+
+ hasheq(crypto.sha512("")[:], \
+ "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e")
+ hasheq(crypto.sha512("h")[:], \
+ "2241bc8fc70705b42efead371fd4982c5ba69917e5b4b895810002644f0386da9c3131793458c2bf47608480d64a07278133c99912e0ba2daf23098f3520eb97")
+ /* 64 byte block */
+ hasheq(crypto.sha512("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")[:], \
+ "01d35c10c6c38c2dcf48f7eebb3235fb5ad74a65ec4cd016e2354c637a8fb49b695ef3c1d6f7ae4cd74d78cc9c9bcac9d4f23a73019998a7f73038a5c9b2dbde")
+ /* tail spanning */
+ hasheq(crypto.sha512("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbb")[:], \
+ "d5c989d2e41299b6bfd57562b4b09cd2efa56f13c8fa109e0ce5ddbd6bfb5b34f8563608d6162104bef750023732581f22704d5df43feecbb05742be1d7c34fa")
+}
+
diff --git a/lib/crypto/test/util.myr b/lib/crypto/test/util.myr
new file mode 100644
index 0000000..ceb411c
--- /dev/null
+++ b/lib/crypto/test/util.myr
@@ -0,0 +1,19 @@
+use std
+
+pkg =
+ const hasheq : (got : byte[:], expected : byte[:] -> void)
+;;
+
+const hasheq = {got, expected
+ var sb, str
+
+ sb = std.mksb()
+ for x in got
+ std.sbfmt(sb, "{p=0,w=2,x}", x)
+ ;;
+ str = std.sbfin(sb)
+ if (!std.sleq(str, expected))
+ std.fatal("mismatched hashes:\n\tgot:\t{}\n\texpected:\t{}\n", str, expected)
+ ;;
+ std.slfree(str)
+}