--- pgp/src/idea.c	2018/04/24 16:42:32	1.1.1.5
+++ pgp/src/idea.c	2018/04/24 16:43:48	1.1.1.6
@@ -1,67 +1,67 @@
 /*
- *	idea.c - C source code for IDEA block cipher.
- *	IDEA (International Data Encryption Algorithm), formerly known as 
- *	IPES (Improved Proposed Encryption Standard).
- *	Algorithm developed by Xuejia Lai and James L. Massey, of ETH Zurich.
- *	This implementation modified and derived from original C code 
- *	developed by Xuejia Lai.  
- *	Zero-based indexing added, names changed from IPES to IDEA.
- *	CFB functions added.  Random number routines added.
+ *    idea.c - C source code for IDEA block cipher.
+ *      IDEA (International Data Encryption Algorithm), formerly known as 
+ *      IPES (Improved Proposed Encryption Standard).
+ *      Algorithm developed by Xuejia Lai and James L. Massey, of ETH Zurich.
+ *      This implementation modified and derived from original C code 
+ *      developed by Xuejia Lai.  
+ *      Zero-based indexing added, names changed from IPES to IDEA.
+ *      CFB functions added.  Random number routines added.
  *
- *	Extensively optimized and restructured by Colin Plumb.
+ *      Extensively optimized and restructured by Colin Plumb.
  *
- *	There are two adjustments that can be made to this code to
- *	speed it up.  Defaults may be used for PCs.  Only the -DIDEA32
- *	pays off significantly if selectively set or not set.
- *	Experiment to see what works best for your machine.
+ *      There are two adjustments that can be made to this code to
+ *      speed it up.  Defaults may be used for PCs.  Only the -DIDEA32
+ *      pays off significantly if selectively set or not set.
+ *      Experiment to see what works best for your machine.
  *
- *	Multiplication: default is inline, -DAVOID_JUMPS uses a
- *		different version that does not do any conditional
- *		jumps (a few percent worse on a SPARC), while
- *		-DSMALL_CACHE takes it out of line to stay
- *		within a small on-chip code cache.
- *	Variables: normally, 16-bit variables are used, but some
- *		machines (notably RISCs) do not have 16-bit registers,
- *		so they do a great deal of masking.  -DIDEA32 uses "int"
- *		register variables and masks explicitly only where
- *		necessary.  On a SPARC, for example, this boosts
- *		performace by 30%.
+ *      Multiplication: default is inline, -DAVOID_JUMPS uses a
+ *              different version that does not do any conditional
+ *              jumps (a few percent worse on a SPARC), while
+ *              -DSMALL_CACHE takes it out of line to stay
+ *              within a small on-chip code cache.
+ *      Variables: normally, 16-bit variables are used, but some
+ *              machines (notably RISCs) do not have 16-bit registers,
+ *              so they do a great deal of masking.  -DIDEA32 uses "int"
+ *              register variables and masks explicitly only where
+ *              necessary.  On a SPARC, for example, this boosts
+ *              performace by 30%.
  *
- *	The IDEA(tm) block cipher is covered by patents held by ETH and a
- *	Swiss company called Ascom-Tech AG.  The Swiss patent number is
- *	PCT/CH91/00117, the European patent number is EP 0 482 154 B1, and
- *	the U.S. patent number is US005214703.  IDEA(tm) is a trademark of
- *	Ascom-Tech AG.  There is no license fee required for noncommercial
- *	use.  Commercial users may obtain licensing details from Dieter
- *	Profos, Ascom Tech AG, Solothurn Lab, Postfach 151, 4502 Solothurn,
- *	Switzerland, Tel +41 65 242885, Fax +41 65 235761.
+ *      The IDEA(tm) block cipher is covered by patents held by ETH and a
+ *      Swiss company called Ascom-Tech AG.  The Swiss patent number is
+ *      PCT/CH91/00117, the European patent number is EP 0 482 154 B1, and
+ *      the U.S. patent number is US005214703.  IDEA(tm) is a trademark of
+ *      Ascom-Tech AG.  There is no license fee required for noncommercial
+ *      use.  Commercial users may obtain licensing details from Dieter
+ *      Profos, Ascom Tech AG, Solothurn Lab, Postfach 151, 4502 Solothurn,
+ *      Switzerland, Tel +41 65 242885, Fax +41 65 235761.
  *
- *	The IDEA block cipher uses a 64-bit block size, and a 128-bit key 
- *	size.  It breaks the 64-bit cipher block into four 16-bit words
- *	because all of the primitive inner operations are done with 16-bit 
- *	arithmetic.  It likewise breaks the 128-bit cipher key into eight 
- *	16-bit words.
+ *      The IDEA block cipher uses a 64-bit block size, and a 128-bit key 
+ *      size.  It breaks the 64-bit cipher block into four 16-bit words
+ *      because all of the primitive inner operations are done with 16-bit 
+ *      arithmetic.  It likewise breaks the 128-bit cipher key into eight 
+ *      16-bit words.
  *
- *	For further information on the IDEA cipher, see the book:
- *	  Xuejia Lai, "On the Design and Security of Block Ciphers",
- *	  ETH Series on Information Processing (ed. J.L. Massey) Vol 1,
- *	  Hartung-Gorre Verlag, Konstanz, Switzerland, 1992.  ISBN
- *	  3-89191-573-X.
+ *      For further information on the IDEA cipher, see the book:
+ *        Xuejia Lai, "On the Design and Security of Block Ciphers",
+ *        ETH Series on Information Processing (ed. J.L. Massey) Vol 1,
+ *        Hartung-Gorre Verlag, Konstanz, Switzerland, 1992.  ISBN
+ *        3-89191-573-X.
  *
- *	This code runs on arrays of bytes by taking pairs in big-endian
- *	order to make the 16-bit words that IDEA uses internally.  This
- *	produces the same result regardless of the byte order of the
- *	native CPU.
+ *      This code runs on arrays of bytes by taking pairs in big-endian
+ *      order to make the 16-bit words that IDEA uses internally.  This
+ *      produces the same result regardless of the byte order of the
+ *      native CPU.
  */
 
 #include "idea.h"
 #include "randpool.h"
 
-#ifdef IDEA32	/* Use >16-bit temporaries */
+#ifdef IDEA32			/* Use >16-bit temporaries */
 #define low16(x) ((x) & 0xFFFF)
 typedef unsigned int uint16;	/* at LEAST 16 bits, maybe more */
 #else
-#define low16(x) (x)	/* this is only ever applied to uint16's */
+#define low16(x) (x)		/* this is only ever applied to uint16's */
 typedef word16 uint16;
 #endif
 
@@ -75,29 +75,29 @@ typedef word16 uint16;
 #endif
 
 /*
- *	Multiplication, modulo (2**16)+1
+ * Multiplication, modulo (2**16)+1
  * Note that this code is structured on the assumption that
  * untaken branches are cheaper than taken branches, and the
  * compiler doesn't schedule branches.
  */
 #ifdef SMALL_CACHE
 CONST static uint16
-mul(register uint16 a, register uint16 b)
+ mul(register uint16 a, register uint16 b)
 {
-	register word32 p;
+    register word32 p;
 
-	p = (word32)a * b;
-	if (p) {
-		b = low16(p);
-		a = p>>16;
-		return (b - a) + (b < a);
-	} else if (a) {
-		return 1-b;
-	} else {
-		return 1-a;
-	}
-} /* mul */
-#endif /* SMALL_CACHE */
+    p = (word32) a *b;
+    if (p) {
+	b = low16(p);
+	a = p >> 16;
+	return (b - a) + (b < a);
+    } else if (a) {
+	return 1 - b;
+    } else {
+	return 1 - a;
+    }
+}				/* mul */
+#endif				/* SMALL_CACHE */
 
 /*
  * Compute the multiplicative inverse of x, modulo 65537, using Euclid's
@@ -105,85 +105,71 @@ mul(register uint16 a, register uint16 b
  * iteration, and some subtracts of t have been changed to adds.
  */
 CONST static uint16
-mulInv(uint16 x)     
+ mulInv(uint16 x)
 {
-	uint16 t0, t1;
-	uint16 q, y;
+    uint16 t0, t1;
+    uint16 q, y;
 
-	if (x <= 1)
-		return x;	/* 0 and 1 are self-inverse */
-	t1 = 0x10001L / x;	/* Since x >= 2, this fits into 16 bits */
-	y = 0x10001L % x;
-	if (y == 1)
-		return low16(1-t1);
-	t0 = 1;
-	do {
-		q = x / y;
-		x = x % y;
-		t0 += q * t1;
-		if (x == 1)
-			return t0;
-		q = y / x;
-		y = y % x;
-		t1 += q * t0;
-	} while (y != 1);
-	return low16(1-t1);
-} /* mukInv */
+    if (x <= 1)
+	return x;		/* 0 and 1 are self-inverse */
+    t1 = 0x10001L / x;		/* Since x >= 2, this fits into 16 bits */
+    y = 0x10001L % x;
+    if (y == 1)
+	return low16(1 - t1);
+    t0 = 1;
+    do {
+	q = x / y;
+	x = x % y;
+	t0 += q * t1;
+	if (x == 1)
+	    return t0;
+	q = y / x;
+	y = y % x;
+	t1 += q * t0;
+    } while (y != 1);
+    return low16(1 - t1);
+}				/* mukInv */
 
 /*
  * Expand a 128-bit user key to a working encryption key EK
  */
-static void
-ideaExpandKey(byte const *userkey, word16 *EK)
+static void ideaExpandKey(byte const *userkey, word16 * EK)
 {
-	int i,j;
+    int i, j;
 
-	for (j=0; j<8; j++) {
-		EK[j] = (userkey[0]<<8) + userkey[1];
-		userkey += 2;
-	}
-	for (i=0; j < IDEAKEYLEN; j++) {
-		i++;
-		EK[i+7] = EK[i & 7] << 9 | EK[i+1 & 7] >> 7;
-		EK += i & 8;
-		i &= 7;
-	}
-} /* ideaExpandKey */
+    for (j = 0; j < 8; j++) {
+	EK[j] = (userkey[0] << 8) + userkey[1];
+	userkey += 2;
+    }
+    for (i = 0; j < IDEAKEYLEN; j++) {
+	i++;
+	EK[i + 7] = EK[i & 7] << 9 | EK[i + 1 & 7] >> 7;
+	EK += i & 8;
+	i &= 7;
+    }
+}				/* ideaExpandKey */
 
 /*
  * Compute IDEA decryption key DK from an expanded IDEA encryption key EK
  * Note that the input and output may be the same.  Thus, the key is
  * inverted into an internal buffer, and then copied to the output.
  */
-static void
-ideaInvertKey(word16 const *EK, word16 DK[IDEAKEYLEN])
+static void ideaInvertKey(word16 const *EK, word16 DK[IDEAKEYLEN])
 {
-	int i;
-	uint16 t1, t2, t3;
-	word16 temp[IDEAKEYLEN];
-	word16 *p = temp + IDEAKEYLEN;
-
-	t1 = mulInv(*EK++);
-	t2 = -*EK++;
-	t3 = -*EK++;
-	*--p = mulInv(*EK++);
-	*--p = t3;
-	*--p = t2;
-	*--p = t1;
+    int i;
+    uint16 t1, t2, t3;
+    word16 temp[IDEAKEYLEN];
+    word16 *p = temp + IDEAKEYLEN;
+
+    t1 = mulInv(*EK++);
+    t2 = -*EK++;
+    t3 = -*EK++;
+    *--p = mulInv(*EK++);
+    *--p = t3;
+    *--p = t2;
+    *--p = t1;
 
-	for (i = 0; i < IDEAROUNDS-1; i++) {
-		t1 = *EK++;
-		*--p = *EK++;
-		*--p = t1;
-
-		t1 = mulInv(*EK++);
-		t2 = -*EK++;
-		t3 = -*EK++;
-		*--p = mulInv(*EK++);
-		*--p = t2;
-		*--p = t3;
-		*--p = t1;
-	}
+    for (i = 0; i < IDEAROUNDS - 1; i++) {
 	t1 = *EK++;
 	*--p = *EK++;
 	*--p = t1;
@@ -192,13 +178,25 @@ ideaInvertKey(word16 const *EK, word16 D
 	t2 = -*EK++;
 	t3 = -*EK++;
 	*--p = mulInv(*EK++);
-	*--p = t3;
 	*--p = t2;
+	*--p = t3;
 	*--p = t1;
+    }
+    t1 = *EK++;
+    *--p = *EK++;
+    *--p = t1;
+
+    t1 = mulInv(*EK++);
+    t2 = -*EK++;
+    t3 = -*EK++;
+    *--p = mulInv(*EK++);
+    *--p = t3;
+    *--p = t2;
+    *--p = t1;
 /* Copy and destroy temp copy */
-	memcpy(DK, temp, sizeof(temp));
-	burn(temp);
-} /* ideaInvertKey */
+    memcpy(DK, temp, sizeof(temp));
+    burn(temp);
+}				/* ideaInvertKey */
 
 /*
  * MUL(x,y) computes x = x*y, modulo 0x10001.  Requires two temps, 
@@ -209,12 +207,12 @@ ideaInvertKey(word16 const *EK, word16 D
  */
 #ifdef SMALL_CACHE
 #define MUL(x,y) (x = mul(low16(x),y))
-#else /* !SMALL_CACHE */
+#else				/* !SMALL_CACHE */
 #ifdef AVOID_JUMPS
 #define MUL(x,y) (x = low16(x-1), t16 = low16((y)-1), \
 		t32 = (word32)x*t16 + x + t16 + 1, x = low16(t32), \
 		t16 = t32>>16, x = (x-t16) + (x<t16) )
-#else /* !AVOID_JUMPS (default) */
+#else				/* !AVOID_JUMPS (default) */
 #define MUL(x,y) \
 	((t16 = (y)) ? \
 		(x=low16(x)) ? \
@@ -229,69 +227,73 @@ ideaInvertKey(word16 const *EK, word16 D
 #endif
 #endif
 
-/*	IDEA encryption/decryption algorithm */
+/*      IDEA encryption/decryption algorithm */
 /* Note that in and out can be the same buffer */
-static void
-ideaCipher(byte const (inbuf[8]), byte (outbuf[8]), word16 const *key)
+static void ideaCipher(byte const inbuf[8], byte outbuf[8],
+		       word16 const *key)
 {
-	register uint16 x1, x2, x3, x4, s2, s3;
-	word16 *in, *out;
+    register uint16 x1, x2, x3, x4, s2, s3;
+    word16 *in, *out;
 #ifndef SMALL_CACHE
-	register uint16 t16;	/* Temporaries needed by MUL macro */
-	register word32 t32;
+    register uint16 t16;	/* Temporaries needed by MUL macro */
+    register word32 t32;
 #endif
-	int r = IDEAROUNDS;
+    int r = IDEAROUNDS;
 
-	in = (word16 *)inbuf;
-	x1 = *in++;  x2 = *in++;
-	x3 = *in++;  x4 = *in;
+    in = (word16 *) inbuf;
+    x1 = *in++;
+    x2 = *in++;
+    x3 = *in++;
+    x4 = *in;
 #ifndef HIGHFIRST
-	x1 = (x1>>8) | (x1<<8);
-	x2 = (x2>>8) | (x2<<8);
-	x3 = (x3>>8) | (x3<<8);
-	x4 = (x4>>8) | (x4<<8);
+    x1 = (x1 >> 8) | (x1 << 8);
+    x2 = (x2 >> 8) | (x2 << 8);
+    x3 = (x3 >> 8) | (x3 << 8);
+    x4 = (x4 >> 8) | (x4 << 8);
 #endif
-	do {
-		MUL(x1,*key++);
-		x2 += *key++;
-		x3 += *key++;
-		MUL(x4, *key++);
-
-		s3 = x3;
-		x3 ^= x1;
-		MUL(x3, *key++);
-		s2 = x2;
-		x2 ^= x4;
-		x2 += x3;
-		MUL(x2, *key++);
-		x3 += x2;
-
-		x1 ^= x2;  x4 ^= x3;
-
-		x2 ^= s3;  x3 ^= s2;
-	} while (--r);
+    do {
 	MUL(x1, *key++);
-	x3 += *key++;
 	x2 += *key++;
-	MUL(x4, *key);
+	x3 += *key++;
+	MUL(x4, *key++);
+
+	s3 = x3;
+	x3 ^= x1;
+	MUL(x3, *key++);
+	s2 = x2;
+	x2 ^= x4;
+	x2 += x3;
+	MUL(x2, *key++);
+	x3 += x2;
+
+	x1 ^= x2;
+	x4 ^= x3;
+
+	x2 ^= s3;
+	x3 ^= s2;
+    } while (--r);
+    MUL(x1, *key++);
+    x3 += *key++;
+    x2 += *key++;
+    MUL(x4, *key);
 
-	out = (word16 *)outbuf;
+    out = (word16 *) outbuf;
 #ifdef HIGHFIRST
-	*out++ = x1;
-	*out++ = x3;
-	*out++ = x2;
-	*out = x4;
-#else /* !HIGHFIRST */
-	x1 = low16(x1);
-	x2 = low16(x2);
-	x3 = low16(x3);
-	x4 = low16(x4);
-	*out++ = (x1>>8) | (x1<<8);
-	*out++ = (x3>>8) | (x3<<8);
-	*out++ = (x2>>8) | (x2<<8);
-	*out   = (x4>>8) | (x4<<8);
+    *out++ = x1;
+    *out++ = x3;
+    *out++ = x2;
+    *out = x4;
+#else				/* !HIGHFIRST */
+    x1 = low16(x1);
+    x2 = low16(x2);
+    x3 = low16(x3);
+    x4 = low16(x4);
+    *out++ = (x1 >> 8) | (x1 << 8);
+    *out++ = (x3 >> 8) | (x3 << 8);
+    *out++ = (x2 >> 8) | (x2 << 8);
+    *out = (x4 >> 8) | (x4 << 8);
 #endif
-} /* ideaCipher */
+}				/* ideaCipher */
 
 /*-------------------------------------------------------------*/
 
@@ -310,109 +312,105 @@ ideaCipher(byte const (inbuf[8]), byte (
 #define BLOCKS (64*KBYTES)
 #endif
 
-int
-main(void)
-{	/* Test driver for IDEA cipher */
-	int i, j, k;
-	byte userkey[16];
-	word16 EK[IDEAKEYLEN], DK[IDEAKEYLEN];
-	byte XX[8], YY[8], ZZ[8];
-	clock_t start, end;
-	long l;
-
-	/* Make a sample user key for testing... */
-	for(i=0; i<16; i++)
-		userkey[i] = i+1;
-
-	/* Compute encryption subkeys from user key... */
-	ideaExpandKey(userkey, EK);
-	printf("\nEncryption key subblocks: ");
-	for (j=0; j<IDEAROUNDS+1; j++) {
-		printf("\nround %d:   ", j+1);
-		if (j < IDEAROUNDS)
-			for(i=0; i<6; i++)
-				printf(" %6u", EK[j*6+i]);
-		else
-			for(i=0; i<4; i++)
-				printf(" %6u", EK[j*6+i]);
-	}
-
-	/* Compute decryption subkeys from encryption subkeys... */
-	ideaInvertKey(EK, DK);
-	printf("\nDecryption key subblocks: ");
-	for (j=0; j<IDEAROUNDS+1; j++) {
-		printf("\nround %d:   ", j+1);
-		if (j < IDEAROUNDS)
-			for(i=0; i<6; i++)
-				printf(" %6u", DK[j*6+i]);
-		else
-			for(i=0; i<4; i++)
-				printf(" %6u", DK[j*6+i]);
-	}
-
-	/* Make a sample plaintext pattern for testing... */
-	for (k=0; k<8; k++)
-		XX[k] = k;
-
-	printf("\n Encrypting %d bytes (%ld blocks)...", BLOCKS*16, BLOCKS);
-	fflush(stdout);
-	start = clock();
-	memcpy(YY, XX, 8);
-	for (l = 0; l < BLOCKS; l++)
-		ideaCipher(YY, YY, EK);	/* repeated encryption */
-	memcpy(ZZ, YY, 8);
-	for (l = 0; l < BLOCKS; l++)
-		ideaCipher(ZZ, ZZ, DK);	/* repeated decryption */
-	end = clock() - start;
-	l = end  / (CLOCKS_PER_SEC/1000) + 1;
-	i = l/1000;
-	j = l%1000;
-	l = (16 * BLOCKS * (CLOCKS_PER_SEC/1000)) / (end/1000);
-	printf("%d.%03d seconds = %ld bytes per second\n", i, j, l);
-
-	printf("\nX %3u  %3u  %3u  %3u  %3u  %3u  %3u %3u\n",
-	  XX[0], XX[1],  XX[2], XX[3], XX[4], XX[5],  XX[6], XX[7]);
-	printf("\nY %3u  %3u  %3u  %3u  %3u  %3u  %3u %3u\n",
-	  YY[0], YY[1],  YY[2], YY[3], YY[4], YY[5],  YY[6], YY[7]);
-	printf("\nZ %3u  %3u  %3u  %3u  %3u  %3u  %3u %3u\n",    
-	  ZZ[0], ZZ[1],  ZZ[2], ZZ[3], ZZ[4], ZZ[5],  ZZ[6], ZZ[7]);
-
-	/* Now decrypted ZZ should be same as original XX */
-	for (k=0; k<8; k++)
-		if (XX[k] != ZZ[k]) {
-			printf("\n\07Error!  Noninvertable encryption.\n");
-			exit(-1);	/* error exit */ 
-		}
-	printf("\nNormal exit.\n");
-	return 0;	/* normal exit */
-} /* main */
+int main(void)
+{				/* Test driver for IDEA cipher */
+    int i, j, k;
+    byte userkey[16];
+    word16 EK[IDEAKEYLEN], DK[IDEAKEYLEN];
+    byte XX[8], YY[8], ZZ[8];
+    clock_t start, end;
+    long l;
+
+    /* Make a sample user key for testing... */
+    for (i = 0; i < 16; i++)
+	userkey[i] = i + 1;
+
+    /* Compute encryption subkeys from user key... */
+    ideaExpandKey(userkey, EK);
+    printf("\nEncryption key subblocks: ");
+    for (j = 0; j < IDEAROUNDS + 1; j++) {
+	printf("\nround %d:   ", j + 1);
+	if (j < IDEAROUNDS)
+	    for (i = 0; i < 6; i++)
+		printf(" %6u", EK[j * 6 + i]);
+	else
+	    for (i = 0; i < 4; i++)
+		printf(" %6u", EK[j * 6 + i]);
+    }
+
+    /* Compute decryption subkeys from encryption subkeys... */
+    ideaInvertKey(EK, DK);
+    printf("\nDecryption key subblocks: ");
+    for (j = 0; j < IDEAROUNDS + 1; j++) {
+	printf("\nround %d:   ", j + 1);
+	if (j < IDEAROUNDS)
+	    for (i = 0; i < 6; i++)
+		printf(" %6u", DK[j * 6 + i]);
+	else
+	    for (i = 0; i < 4; i++)
+		printf(" %6u", DK[j * 6 + i]);
+    }
+
+    /* Make a sample plaintext pattern for testing... */
+    for (k = 0; k < 8; k++)
+	XX[k] = k;
+
+    printf("\n Encrypting %d bytes (%ld blocks)...", BLOCKS * 16, BLOCKS);
+    fflush(stdout);
+    start = clock();
+    memcpy(YY, XX, 8);
+    for (l = 0; l < BLOCKS; l++)
+	ideaCipher(YY, YY, EK);	/* repeated encryption */
+    memcpy(ZZ, YY, 8);
+    for (l = 0; l < BLOCKS; l++)
+	ideaCipher(ZZ, ZZ, DK);	/* repeated decryption */
+    end = clock() - start;
+    l = end / (CLOCKS_PER_SEC / 1000) + 1;
+    i = l / 1000;
+    j = l % 1000;
+    l = (16 * BLOCKS * (CLOCKS_PER_SEC / 1000)) / (end / 1000);
+    printf("%d.%03d seconds = %ld bytes per second\n", i, j, l);
+
+    printf("\nX %3u  %3u  %3u  %3u  %3u  %3u  %3u %3u\n",
+	   XX[0], XX[1], XX[2], XX[3], XX[4], XX[5], XX[6], XX[7]);
+    printf("\nY %3u  %3u  %3u  %3u  %3u  %3u  %3u %3u\n",
+	   YY[0], YY[1], YY[2], YY[3], YY[4], YY[5], YY[6], YY[7]);
+    printf("\nZ %3u  %3u  %3u  %3u  %3u  %3u  %3u %3u\n",
+	   ZZ[0], ZZ[1], ZZ[2], ZZ[3], ZZ[4], ZZ[5], ZZ[6], ZZ[7]);
+
+    /* Now decrypted ZZ should be same as original XX */
+    for (k = 0; k < 8; k++)
+	if (XX[k] != ZZ[k]) {
+	    printf("\n\07Error!  Noninvertable encryption.\n");
+	    exit(-1);		/* error exit */
+	}
+    printf("\nNormal exit.\n");
+    return 0;			/* normal exit */
+}				/* main */
 
-#endif /* TEST */
+#endif				/* TEST */
 
 
 /*************************************************************************/
 
-void
-ideaCfbReinit(struct IdeaCfbContext *context, byte const *iv)
+void ideaCfbReinit(struct IdeaCfbContext *context, byte const *iv)
 {
-	if (iv)
-		memcpy(context->iv, iv, 8);
-	else
-		fill0(context->iv, 8);
-	context->bufleft = 0;
+    if (iv)
+	memcpy(context->iv, iv, 8);
+    else
+	fill0(context->iv, 8);
+    context->bufleft = 0;
 }
 
-void
-ideaCfbInit(struct IdeaCfbContext *context, byte const (key[16]))
+void ideaCfbInit(struct IdeaCfbContext *context, byte const key[16])
 {
-	ideaExpandKey(key, context->key);
-	ideaCfbReinit(context,0);
+    ideaExpandKey(key, context->key);
+    ideaCfbReinit(context, 0);
 }
 
-void
-ideaCfbDestroy(struct IdeaCfbContext *context)
+void ideaCfbDestroy(struct IdeaCfbContext *context)
 {
-	burn(*context);
+    burn(*context);
 }
 
 /*
@@ -440,16 +438,15 @@ ideaCfbDestroy(struct IdeaCfbContext *co
  * with the last 6 bytes of the old ciphertext followed by the
  * 2 bytes of new ciphertext stored in the front of the iv buffer.
  */
-void
-ideaCfbSync(struct IdeaCfbContext *context)
+void ideaCfbSync(struct IdeaCfbContext *context)
 {
-	int bufleft = context->bufleft;
+    int bufleft = context->bufleft;
 
-	if (bufleft) {
-		memmove(context->iv+bufleft, context->iv, 8-bufleft);
-		memcpy(context->iv, context->oldcipher+8-bufleft, bufleft);
-		context->bufleft = 0;
-	}
+    if (bufleft) {
+	memmove(context->iv + bufleft, context->iv, 8 - bufleft);
+	memcpy(context->iv, context->oldcipher + 8 - bufleft, bufleft);
+	context->bufleft = 0;
+    }
 }
 
 /*
@@ -457,52 +454,51 @@ ideaCfbSync(struct IdeaCfbContext *conte
  * There are more compact ways of writing this, but this is
  * written for speed.
  */
-void
-ideaCfbEncrypt(struct IdeaCfbContext *context, byte const *src,
-	       byte *dest, int count)
-{
-	int bufleft = context->bufleft;
-	byte *bufptr = context->iv + 8-bufleft;
-
-	/* If there are no more bytes to encrypt that there are bytes
-	 * in the buffer, XOR them in and return.
-	 */
-	if (count <= bufleft) {
-		context->bufleft = bufleft - count;
-		while (count--) {
-			*dest++ = *bufptr++ ^= *src++;
-		}
-		return;
-	}
-	count -= bufleft;
-	/* Encrypt the first bufleft (0 to 7) bytes of the input by XOR
-	 * with the last bufleft bytes in the iv buffer.
-	 */
-	while (bufleft--) {
-		*dest++ = (*bufptr++ ^= *src++);
-	}
-	/* Encrypt middle blocks of the input by cranking the cipher,
-	 * XORing 8-byte blocks, and repeating until the count
-	 * is 8 or less.
-	 */
-	while (count > 8) {
-		bufptr = context->iv;
-		memcpy(context->oldcipher, bufptr, 8);
-		ideaCipher(bufptr, bufptr, context->key);
-		bufleft = 8;
-		count -= 8;
-		do {
-			*dest++ = (*bufptr++ ^= *src++);
-		} while (--bufleft);
-	}
-	/* Do the last 1 to 8 bytes */
+void ideaCfbEncrypt(struct IdeaCfbContext *context, byte const *src,
+		    byte * dest, int count)
+{
+    int bufleft = context->bufleft;
+    byte *bufptr = context->iv + 8 - bufleft;
+
+    /* If there are no more bytes to encrypt that there are bytes
+     * in the buffer, XOR them in and return.
+     */
+    if (count <= bufleft) {
+	context->bufleft = bufleft - count;
+	while (count--) {
+	    *dest++ = *bufptr++ ^= *src++;
+	}
+	return;
+    }
+    count -= bufleft;
+    /* Encrypt the first bufleft (0 to 7) bytes of the input by XOR
+     * with the last bufleft bytes in the iv buffer.
+     */
+    while (bufleft--) {
+	*dest++ = (*bufptr++ ^= *src++);
+    }
+    /* Encrypt middle blocks of the input by cranking the cipher,
+     * XORing 8-byte blocks, and repeating until the count
+     * is 8 or less.
+     */
+    while (count > 8) {
 	bufptr = context->iv;
 	memcpy(context->oldcipher, bufptr, 8);
 	ideaCipher(bufptr, bufptr, context->key);
-	context->bufleft = 8-count;
-	do  {
-		*dest++ = (*bufptr++ ^= *src++);
-	} while (--count);
+	bufleft = 8;
+	count -= 8;
+	do {
+	    *dest++ = (*bufptr++ ^= *src++);
+	} while (--bufleft);
+    }
+    /* Do the last 1 to 8 bytes */
+    bufptr = context->iv;
+    memcpy(context->oldcipher, bufptr, 8);
+    ideaCipher(bufptr, bufptr, context->key);
+    context->bufleft = 8 - count;
+    do {
+	*dest++ = (*bufptr++ ^= *src++);
+    } while (--count);
 }
 
 
@@ -511,47 +507,46 @@ ideaCfbEncrypt(struct IdeaCfbContext *co
  * There are more compact ways of writing this, but this is
  * written for speed.
  */
-void
-ideaCfbDecrypt(struct IdeaCfbContext *context, byte const *src,
-	       byte *dest, int count)
-{
-	int bufleft = context->bufleft;
-	static byte *bufptr;
-	byte t;
-
-	bufptr = context->iv + (8-bufleft);
-	if (count <= bufleft) {
-		context->bufleft = bufleft - count;
-		while (count--) {
-			t = *bufptr;
-			*dest++ = t ^ (*bufptr++ = *src++);
-		}
-		return;
-	}
-	count -= bufleft;
-	while (bufleft--) {
-		t = *bufptr;
-		*dest++ = t ^ (*bufptr++ = *src++);
-	}
-	while (count > 8) {
-		bufptr = context->iv;
-		memcpy(context->oldcipher, bufptr, 8);
-		ideaCipher(bufptr, bufptr, context->key);
-		bufleft = 8;
-		count -= 8;
-		do {
-			t = *bufptr;
-			*dest++ = t ^ (*bufptr++ = *src++);
-		} while (--bufleft);
-	}
+void ideaCfbDecrypt(struct IdeaCfbContext *context, byte const *src,
+		    byte * dest, int count)
+{
+    int bufleft = context->bufleft;
+    static byte *bufptr;
+    byte t;
+
+    bufptr = context->iv + (8 - bufleft);
+    if (count <= bufleft) {
+	context->bufleft = bufleft - count;
+	while (count--) {
+	    t = *bufptr;
+	    *dest++ = t ^ (*bufptr++ = *src++);
+	}
+	return;
+    }
+    count -= bufleft;
+    while (bufleft--) {
+	t = *bufptr;
+	*dest++ = t ^ (*bufptr++ = *src++);
+    }
+    while (count > 8) {
 	bufptr = context->iv;
 	memcpy(context->oldcipher, bufptr, 8);
 	ideaCipher(bufptr, bufptr, context->key);
-	context->bufleft = 8-count;
+	bufleft = 8;
+	count -= 8;
 	do {
-		t = *bufptr;
-		*dest++ = t ^ (*bufptr++ = *src++);
-	} while (--count);
+	    t = *bufptr;
+	    *dest++ = t ^ (*bufptr++ = *src++);
+	} while (--bufleft);
+    }
+    bufptr = context->iv;
+    memcpy(context->oldcipher, bufptr, 8);
+    ideaCipher(bufptr, bufptr, context->key);
+    context->bufleft = 8 - count;
+    do {
+	t = *bufptr;
+	*dest++ = t ^ (*bufptr++ = *src++);
+    } while (--count);
 }
 
 /********************************************************************/
@@ -567,48 +562,45 @@ ideaCfbDecrypt(struct IdeaCfbContext *co
  * Initialize a cryptographic random-number generator.
  * key and seed should be arbitrary.
  */
-void
-ideaRandInit(struct IdeaRandContext *context, byte const (key[16]),
-	     byte const (seed[8]))
+void ideaRandInit(struct IdeaRandContext *context, byte const key[16],
+		  byte const seed[8])
 {
-	int i;
+    int i;
 
-	ideaExpandKey(key, context->key);
-	context->bufleft = 0;
-	memcpy(context->internalbuf, seed, 8);
+    ideaExpandKey(key, context->key);
+    context->bufleft = 0;
+    memcpy(context->internalbuf, seed, 8);
 }
 
 
 /*
  * Read out the RNG's state.
  */
-void
-ideaRandState(struct IdeaRandContext *context, byte key[16], byte seed[8])
+void ideaRandState(struct IdeaRandContext *context, byte key[16], byte seed[8])
 {
-	int i;
+    int i;
 
-	memcpy(seed, context->internalbuf, 8);
-	for (i = 0; i < 8; i++) {
-		key[2*i] = context->key[i] >> 8;
-		key[2*i+1] = context->key[i];
-	}
+    memcpy(seed, context->internalbuf, 8);
+    for (i = 0; i < 8; i++) {
+	key[2 * i] = context->key[i] >> 8;
+	key[2 * i + 1] = context->key[i];
+    }
 
 }
 
 /*
  * Encrypt the RNG's state with the given CFB encryptor.
  */
-void
-ideaRandWash(struct IdeaRandContext *context, struct IdeaCfbContext *cfb)
+void ideaRandWash(struct IdeaRandContext *context, struct IdeaCfbContext *cfb)
 {
-	byte keyseed[16+8];
-	int i;
+    byte keyseed[16 + 8];
+    int i;
 
-	ideaRandState(context, keyseed, keyseed+16);
-	ideaCfbEncrypt(cfb, keyseed, keyseed, 16+8);
-	ideaRandInit(context, keyseed, keyseed+16);
+    ideaRandState(context, keyseed, keyseed + 16);
+    ideaCfbEncrypt(cfb, keyseed, keyseed, 16 + 8);
+    ideaRandInit(context, keyseed, keyseed + 16);
 
-	memset(keyseed, 0, 16+8);
+    memset(keyseed, 0, 16 + 8);
 }
 
 /*
@@ -618,27 +610,26 @@ ideaRandWash(struct IdeaRandContext *con
 byte
 ideaRandByte(struct IdeaRandContext *c)
 {
-	int i;
+    int i;
 
-	if (!c->bufleft) {
-		byte timestamp[8];
-	
-		/* Get some true-random noise to help */
-		randPoolGetBytes(timestamp, sizeof(timestamp));
-
-		/* Compute next 8 bytes of output */
-		for (i=0; i<8; i++)
-			c->outbuf[i] = c->internalbuf[i] ^ timestamp[i];
-		ideaCipher(c->outbuf, c->outbuf, c->key);
-		/* Compute new seed vector */
-		for (i=0; i<8; i++)
-			c->internalbuf[i] = c->outbuf[i] ^ timestamp[i];
-		ideaCipher(c->internalbuf, c->internalbuf, c->key);
-		burn(timestamp);
-		c->bufleft = 8;
-	}
-	return c->outbuf[--c->bufleft];
+    if (!c->bufleft) {
+	byte timestamp[8];
+
+	/* Get some true-random noise to help */
+	randPoolGetBytes(timestamp, sizeof(timestamp));
+
+	/* Compute next 8 bytes of output */
+	for (i = 0; i < 8; i++)
+	    c->outbuf[i] = c->internalbuf[i] ^ timestamp[i];
+	ideaCipher(c->outbuf, c->outbuf, c->key);
+	/* Compute new seed vector */
+	for (i = 0; i < 8; i++)
+	    c->internalbuf[i] = c->outbuf[i] ^ timestamp[i];
+	ideaCipher(c->internalbuf, c->internalbuf, c->key);
+	burn(timestamp);
+	c->bufleft = 8;
+    }
+    return c->outbuf[--c->bufleft];
 }
 
 /* end of idea.c */
-