输入80E3，可执行算法正确性检验，验证通过，对len=38Bytes明文加密结果符合预期、解密结果符合输入;

输入80E2，可写入密钥到flash，若算法类型、key id, key版本一致，就写入，已满就报错，无记录就写入新记录;
输入80CA，可执行伪位置加密，原封不动将输入的data返回回来。

Project/Src/com/cscn/Zuc256Core.java

@@ -67,20 +67,20 @@ public class Zuc256Core {
 
         // BitReconstruction4
         short c15 = (short)((LFSR_lo[15] & (short)0x8000) >>> 15);           // 左移产生的进位
-        X0[1] = (short)(((LFSR_hi[15] & (short)0x7FFF) << 1) | c15);         // hi
+        X0[1] = (short)(((LFSR_hi[15] & (short)0x7FFF) << 1) | (short)(c15 & 0x0001));         // hi
         X0[0] = LFSR_lo[14];                                          // lo
 
         // X1 = ((L11 & 0xFFFF) << 16) | (L9 >>> 15)
         X1[1] = LFSR_lo[11];
-        X1[0] = (short)(((LFSR_lo[9] & (short)0x8000) >>> 15) | (LFSR_hi[9] << 1));
+        X1[0] = (short)((((LFSR_lo[9] & (short)0x8000) >>> 15) & 0X0001) | (LFSR_hi[9] << 1));
 
         // X2 = ((L7 & 0xFFFF) << 16) | (L5 >>> 15)
         X2[1] = LFSR_lo[7];
-        X2[0] = (short)(((LFSR_lo[5] & (short)0x8000) >>> 15) | (LFSR_hi[5] << 1));
+        X2[0] = (short)((((LFSR_lo[5] & (short)0x8000) >>> 15) & 0X0001) | (LFSR_hi[5] << 1));
 
         // X3 = ((L2 & 0xFFFF) << 16) | (L0 >>> 15)
         X3[1] = LFSR_lo[2];
-        X3[0] = (short)(((LFSR_lo[0] & (short)0x8000) >>> 15) | (LFSR_hi[0] << 1));
+        X3[0] = (short)((((LFSR_lo[0] & (short)0x8000) >>> 15) & 0X0001) | (LFSR_hi[0] << 1));
 
 
 
@@ -383,12 +383,12 @@ public class Zuc256Core {
 //            X1 = ((LFSR[11] & 0xFFFF) << 16) | (LFSR[9] >>> 15);
             // X1 = ((L11 & 0xFFFF)<<16) | (L9>>>15)
             X1[1] = state.LFSR_lo[11];
-            X1[0] = (short)(((state.LFSR_lo[9] & (short)0x8000) >>> 15) | (state.LFSR_hi[9] << 1));
+            X1[0] = (short)((((state.LFSR_lo[9] & (short)0x8000) >>> 15) & 0X0001) | (state.LFSR_hi[9] << 1));
 
 //            X2 = ((LFSR[7] & 0xFFFF) << 16) | (LFSR[5] >>> 15);
             // X2 = ((L7 & 0xFFFF)<<16) | (L5>>>15)
             X2[1] = state.LFSR_lo[7];
-            X2[0] = (short)(((state.LFSR_lo[5] & (short)0x8000) >>> 15) | (state.LFSR_hi[5] << 1));
+            X2[0] = (short)((((state.LFSR_lo[5] & (short)0x8000) >>> 15) & 0X0001) | (state.LFSR_hi[5] << 1));
 
 
 
@@ -481,17 +481,17 @@ public class Zuc256Core {
         // BitReconstruction2
 //        X1 = ((LFSR[11] & 0xFFFF) << 16) | (LFSR[9] >>> 15);
         X1[1] = state.LFSR_lo[11];
-        X1[0] = (short)(((state.LFSR_lo[9] & (short)0x8000) >>> 15) | (state.LFSR_hi[9] << 1));
+        X1[0] = (short)((((state.LFSR_lo[9] & (short)0x8000) >>> 15) & 0X0001) | (state.LFSR_hi[9] << 1));
 
 //        X2 = ((LFSR[7] & 0xFFFF) << 16) | (LFSR[5] >>> 15);
         X2[1] = state.LFSR_lo[7];
-        X2[0] = (short)(((state.LFSR_lo[5] & (short)0x8000) >>> 15) | (state.LFSR_hi[5] << 1));
+        X2[0] = (short)((((state.LFSR_lo[5] & (short)0x8000) >>> 15) & 0X0001) | (state.LFSR_hi[5] << 1));
 
         // F_(X1, X2)
 //        W1 = R1 + X1;
-        add32(state.R1_lo, state.R1_hi, X1[0], X1[1], W1);   // W1 = R1 + X1
+        add32(R1[0], R1[1], X1[0], X1[1], W1);   // W1 = R1 + X1
 //        W2 = R2 ^ X2;
-        xor32(state.R2_lo, state.R2_hi, X2[0], X2[1], W2);   // W2 = R2 ^ X2
+        xor32(R2[0], R2[1], X2[0], X2[1], W2);   // W2 = R2 ^ X2
 
 //        U = L1((W1 << 16) | (W2 >>> 16));
         // U = L1((W1<<16)|(W2>>>16)) → lo=W2_hi, hi=W1_lo