/*
The eXtended Keccak Code Package (XKCP)
https://github.com/XKCP/XKCP

The Keccak-p permutations, designed by Guido Bertoni, Joan Daemen, Michaël Peeters and Gilles Van Assche.

Implementation by Ronny Van Keer, hereby denoted as "the implementer".

For more information, feedback or questions, please refer to the Keccak Team website:
https://keccak.team/

To the extent possible under law, the implementer has waived all copyright
and related or neighboring rights to the source code in this file.
http://creativecommons.org/publicdomain/zero/1.0/
*/

#define _b  0
#define _g  5
#define _k  10
#define _m  15
#define _s  20

#define _a  0
#define _e  1
#define _i  2
#define _o  3
#define _u  4

#define Ca Ba
#define Ce Be
#define Ci Bi
#define Co Bo
#define Cu Bu

#define declareBCDE \
    uint32_t Ba, Be, Bi, Bo, Bu; \
    uint32_t Da, De, Di, Do, Du; \
    uint32_t Estate[25]; \

#ifdef UseBebigokimisa
/* --- Code for round (lane complementing pattern 'bebigokimisa') */
/* --- 32-bit lanes mapped to 32-bit words */
#define thetaRhoPiChiIota(i, A, E) \
    Ca = A##state[_b+_a]^A##state[_g+_a]^A##state[_k+_a]^A##state[_m+_a]^A##state[_s+_a]; \
    Ce = A##state[_b+_e]^A##state[_g+_e]^A##state[_k+_e]^A##state[_m+_e]^A##state[_s+_e]; \
    Ci = A##state[_b+_i]^A##state[_g+_i]^A##state[_k+_i]^A##state[_m+_i]^A##state[_s+_i]; \
    Co = A##state[_b+_o]^A##state[_g+_o]^A##state[_k+_o]^A##state[_m+_o]^A##state[_s+_o]; \
    Cu = A##state[_b+_u]^A##state[_g+_u]^A##state[_k+_u]^A##state[_m+_u]^A##state[_s+_u]; \
    Da = Cu^ROL32(Ce, 1); \
    De = Ca^ROL32(Ci, 1); \
    Di = Ce^ROL32(Co, 1); \
    Do = Ci^ROL32(Cu, 1); \
    Du = Co^ROL32(Ca, 1); \
\
    Ba = A##state[_b+_a] ^ Da; \
    Be = ROL32(A##state[_g+_e] ^ De, 12); \
    Bi = ROL32(A##state[_k+_i] ^ Di, 11); \
    Bo = ROL32(A##state[_m+_o] ^ Do, 21); \
    Bu = ROL32(A##state[_s+_u] ^ Du, 14); \
    E##state[_b+_a] =   Ba ^(  Be |  Bi ) ^ KeccakF800RoundConstants[i]; \
    E##state[_b+_e] =   Be ^((~Bi)|  Bo ); \
    E##state[_b+_i] =   Bi ^(  Bo &  Bu ); \
    E##state[_b+_o] =   Bo ^(  Bu |  Ba ); \
    E##state[_b+_u] =   Bu ^(  Ba &  Be ); \
\
    Ba = ROL32(A##state[_b+_o] ^ Do, 28); \
    Be = ROL32(A##state[_g+_u] ^ Du, 20); \
    Bi = ROL32(A##state[_k+_a] ^ Da,  3); \
    Bo = ROL32(A##state[_m+_e] ^ De, 13); \
    Bu = ROL32(A##state[_s+_i] ^ Di, 29); \
    E##state[_g+_a] =   Ba ^(  Be |  Bi ); \
    E##state[_g+_e] =   Be ^(  Bi &  Bo ); \
    E##state[_g+_i] =   Bi ^(  Bo |(~Bu)); \
    E##state[_g+_o] =   Bo ^(  Bu |  Ba ); \
    E##state[_g+_u] =   Bu ^(  Ba &  Be ); \
\
    Ba = ROL32(A##state[_b+_e] ^ De,  1); \
    Be = ROL32(A##state[_g+_i] ^ Di,  6); \
    Bi = ROL32(A##state[_k+_o] ^ Do, 25); \
    Bo = ROL32(A##state[_m+_u] ^ Du,  8); \
    Bu = ROL32(A##state[_s+_a] ^ Da, 18); \
    E##state[_k+_a] =   Ba ^(  Be |  Bi ); \
    E##state[_k+_e] =   Be ^(  Bi &  Bo ); \
    E##state[_k+_i] =   Bi ^((~Bo)&  Bu ); \
    E##state[_k+_o] = (~Bo)^(  Bu |  Ba ); \
    E##state[_k+_u] =   Bu ^(  Ba &  Be ); \
\
    Ba = ROL32(A##state[_b+_u] ^ Du, 27); \
    Be = ROL32(A##state[_g+_a] ^ Da,  4); \
    Bi = ROL32(A##state[_k+_e] ^ De, 10); \
    Bo = ROL32(A##state[_m+_i] ^ Di, 15); \
    Bu = ROL32(A##state[_s+_o] ^ Do, 24); \
    E##state[_m+_a] =   Ba ^(  Be &  Bi ); \
    E##state[_m+_e] =   Be ^(  Bi |  Bo ); \
    E##state[_m+_i] =   Bi ^((~Bo)|  Bu ); \
    E##state[_m+_o] = (~Bo)^(  Bu &  Ba ); \
    E##state[_m+_u] =   Bu ^(  Ba |  Be ); \
\
    Ba = ROL32(A##state[_b+_i] ^ Di, 30); \
    Be = ROL32(A##state[_g+_o] ^ Do, 23); \
    Bi = ROL32(A##state[_k+_u] ^ Du,  7); \
    Bo = ROL32(A##state[_m+_a] ^ Da,  9); \
    Bu = ROL32(A##state[_s+_e] ^ De,  2); \
    E##state[_s+_a] =   Ba ^((~Be)&  Bi ); \
    E##state[_s+_e] = (~Be)^(  Bi |  Bo ); \
    E##state[_s+_i] =   Bi ^(  Bo &  Bu ); \
    E##state[_s+_o] =   Bo ^(  Bu |  Ba ); \
    E##state[_s+_u] =   Bu ^(  Ba &  Be ); \
\

#else /* UseBebigokimisa */

/* --- Code for round */
/* --- 32-bit lanes mapped to 32-bit words */
#define thetaRhoPiChiIota(i, A, E) \
    Ca = A##state[_b+_a]^A##state[_g+_a]^A##state[_k+_a]^A##state[_m+_a]^A##state[_s+_a]; \
    Ce = A##state[_b+_e]^A##state[_g+_e]^A##state[_k+_e]^A##state[_m+_e]^A##state[_s+_e]; \
    Ci = A##state[_b+_i]^A##state[_g+_i]^A##state[_k+_i]^A##state[_m+_i]^A##state[_s+_i]; \
    Co = A##state[_b+_o]^A##state[_g+_o]^A##state[_k+_o]^A##state[_m+_o]^A##state[_s+_o]; \
    Cu = A##state[_b+_u]^A##state[_g+_u]^A##state[_k+_u]^A##state[_m+_u]^A##state[_s+_u]; \
    Da = Cu^ROL32(Ce, 1); \
    De = Ca^ROL32(Ci, 1); \
    Di = Ce^ROL32(Co, 1); \
    Do = Ci^ROL32(Cu, 1); \
    Du = Co^ROL32(Ca, 1); \
\
    Ba = A##state[_b+_a] ^ Da; \
    Be = ROL32(A##state[_g+_e] ^ De, 12); \
    Bi = ROL32(A##state[_k+_i] ^ Di, 11); \
    Bo = ROL32(A##state[_m+_o] ^ Do, 21); \
    Bu = ROL32(A##state[_s+_u] ^ Du, 14); \
    E##state[_b+_a] =   Ba ^((~Be)&  Bi ) ^ KeccakF800RoundConstants[i]; \
    E##state[_b+_e] =   Be ^((~Bi)&  Bo ); \
    E##state[_b+_i] =   Bi ^((~Bo)&  Bu ); \
    E##state[_b+_o] =   Bo ^((~Bu)&  Ba ); \
    E##state[_b+_u] =   Bu ^((~Ba)&  Be ); \
\
    Ba = ROL32(A##state[_b+_o] ^ Do, 28); \
    Be = ROL32(A##state[_g+_u] ^ Du, 20); \
    Bi = ROL32(A##state[_k+_a] ^ Da,  3); \
    Bo = ROL32(A##state[_m+_e] ^ De, 13); \
    Bu = ROL32(A##state[_s+_i] ^ Di, 29); \
    E##state[_g+_a] =   Ba ^((~Be)&  Bi ); \
    E##state[_g+_e] =   Be ^((~Bi)&  Bo ); \
    E##state[_g+_i] =   Bi ^((~Bo)&  Bu ); \
    E##state[_g+_o] =   Bo ^((~Bu)&  Ba ); \
    E##state[_g+_u] =   Bu ^((~Ba)&  Be ); \
\
    Ba = ROL32(A##state[_b+_e] ^ De,  1); \
    Be = ROL32(A##state[_g+_i] ^ Di,  6); \
    Bi = ROL32(A##state[_k+_o] ^ Do, 25); \
    Bo = ROL32(A##state[_m+_u] ^ Du,  8); \
    Bu = ROL32(A##state[_s+_a] ^ Da, 18); \
    E##state[_k+_a] =   Ba ^((~Be)&  Bi ); \
    E##state[_k+_e] =   Be ^((~Bi)&  Bo ); \
    E##state[_k+_i] =   Bi ^((~Bo)&  Bu ); \
    E##state[_k+_o] =   Bo ^((~Bu)&  Ba ); \
    E##state[_k+_u] =   Bu ^((~Ba)&  Be ); \
\
    Ba = ROL32(A##state[_b+_u] ^ Du, 27); \
    Be = ROL32(A##state[_g+_a] ^ Da,  4); \
    Bi = ROL32(A##state[_k+_e] ^ De, 10); \
    Bo = ROL32(A##state[_m+_i] ^ Di, 15); \
    Bu = ROL32(A##state[_s+_o] ^ Do, 24); \
    E##state[_m+_a] =   Ba ^((~Be)&  Bi ); \
    E##state[_m+_e] =   Be ^((~Bi)&  Bo ); \
    E##state[_m+_i] =   Bi ^((~Bo)&  Bu ); \
    E##state[_m+_o] =   Bo ^((~Bu)&  Ba ); \
    E##state[_m+_u] =   Bu ^((~Ba)&  Be ); \
\
    Ba = ROL32(A##state[_b+_i] ^ Di, 30); \
    Be = ROL32(A##state[_g+_o] ^ Do, 23); \
    Bi = ROL32(A##state[_k+_u] ^ Du,  7); \
    Bo = ROL32(A##state[_m+_a] ^ Da,  9); \
    Bu = ROL32(A##state[_s+_e] ^ De,  2); \
    E##state[_s+_a] =   Ba ^((~Be)&  Bi ); \
    E##state[_s+_e] =   Be ^((~Bi)&  Bo ); \
    E##state[_s+_i] =   Bi ^((~Bo)&  Bu ); \
    E##state[_s+_o] =   Bo ^((~Bu)&  Ba ); \
    E##state[_s+_u] =   Bu ^((~Ba)&  Be ); \
\

#endif /* UseBebigokimisa */