From 366e1b046457f2e9d1c62fab6c32669e04a3fe11 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Thu, 1 Mar 2018 14:48:10 +0100
Subject: [PATCH] aria: fix comment on aria_a function

The new version of the comment has been generated by the following python3
script, when the first constant is copy-pasted from RFC 5794 2.4.3.

 #!/usr/bin/python3

RFC_A = """
      y0  = x3 ^ x4 ^ x6 ^ x8  ^ x9  ^ x13 ^ x14,
      y1  = x2 ^ x5 ^ x7 ^ x8  ^ x9  ^ x12 ^ x15,
      y2  = x1 ^ x4 ^ x6 ^ x10 ^ x11 ^ x12 ^ x15,
      y3  = x0 ^ x5 ^ x7 ^ x10 ^ x11 ^ x13 ^ x14,
      y4  = x0 ^ x2 ^ x5 ^ x8  ^ x11 ^ x14 ^ x15,
      y5  = x1 ^ x3 ^ x4 ^ x9  ^ x10 ^ x14 ^ x15,
      y6  = x0 ^ x2 ^ x7 ^ x9  ^ x10 ^ x12 ^ x13,
      y7  = x1 ^ x3 ^ x6 ^ x8  ^ x11 ^ x12 ^ x13,
      y8  = x0 ^ x1 ^ x4 ^ x7  ^ x10 ^ x13 ^ x15,
      y9  = x0 ^ x1 ^ x5 ^ x6  ^ x11 ^ x12 ^ x14,
      y10 = x2 ^ x3 ^ x5 ^ x6  ^ x8  ^ x13 ^ x15,
      y11 = x2 ^ x3 ^ x4 ^ x7  ^ x9  ^ x12 ^ x14,
      y12 = x1 ^ x2 ^ x6 ^ x7  ^ x9  ^ x11 ^ x12,
      y13 = x0 ^ x3 ^ x6 ^ x7  ^ x8  ^ x10 ^ x13,
      y14 = x0 ^ x3 ^ x4 ^ x5  ^ x9  ^ x11 ^ x14,
      y15 = x1 ^ x2 ^ x4 ^ x5  ^ x8  ^ x10 ^ x15.
"""

matrix = []
for l in RFC_A.split('\n')[1:-1]:
    rhs = l.split('=')[1][:-1]
    row = tuple(hex(int(t[2:]))[2:] for t in rhs.split('^'))
    matrix.append(row)

out = {}
out['a'] = tuple(''.join(w) for w in zip(*(matrix[0:4])))
out['b'] = tuple(''.join(w) for w in zip(*(matrix[4:8])))
out['c'] = tuple(''.join(w) for w in zip(*(matrix[8:12])))
out['d'] = tuple(''.join(w) for w in zip(*(matrix[12:])))

out2 = {}
for o, r in out.items():
    row = list(r)
    for i in range(len(r) - 1):
        w1 = row[i]
        if len(set(w1)) == 2:
            w2 = row[i+1]
            nw1 = nw2 = ''
            for j in range(len(w1)):
                if w1[j] in nw1:
                    nw1 += w2[j]
                    nw2 += w1[j]
                else:
                    nw1 += w1[j]
                    nw2 += w2[j]
            row[i] = nw1
            row[i+1] = nw2

    out2[o] = row

for o in 'abcd':
    print(o,   '=', ' + '.join(out[o]))
    print(' ', '=', ' + '.join(out2[o]))
---
 library/aria.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/library/aria.c b/library/aria.c
index 55efd9a52..fdc2137fe 100644
--- a/library/aria.c
+++ b/library/aria.c
@@ -190,11 +190,11 @@ static inline uint32_t aria_p3( uint32_t x )
  *
  * a = 3210 + 4545 + 6767 + 88aa + 99bb + dccd + effe
  *   = 3210 + 4567 + 6745 + 89ab + 98ba + dcfe + efcd
- * b = 0101 + 2323 + 5476 + 8998 + baab + ecec + ffdd
+ * b = 0101 + 2323 + 5476 + 8998 + baab + eecc + ffdd
  *   = 0123 + 2301 + 5476 + 89ab + ba98 + efcd + fedc
- * c = 0022 + 1133 + 4545 + 7667 + ab89 + dcdc + fefe
+ * c = 0022 + 1133 + 4554 + 7667 + ab89 + dcdc + fefe
  *   = 0123 + 1032 + 4567 + 7654 + ab89 + dcfe + fedc
- * d = 1001 + 2332 + 6644 + 7755 + 9898 + baba + cedf
+ * d = 1001 + 2332 + 6644 + 7755 + 9898 + baba + cdef
  *   = 1032 + 2301 + 6745 + 7654 + 98ba + ba98 + cdef
  *
  * Note: another presentation of the A transform can be found as the first