/src/boringssl/crypto/des/des.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
2 | | * All rights reserved. |
3 | | * |
4 | | * This package is an SSL implementation written |
5 | | * by Eric Young (eay@cryptsoft.com). |
6 | | * The implementation was written so as to conform with Netscapes SSL. |
7 | | * |
8 | | * This library is free for commercial and non-commercial use as long as |
9 | | * the following conditions are aheared to. The following conditions |
10 | | * apply to all code found in this distribution, be it the RC4, RSA, |
11 | | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
12 | | * included with this distribution is covered by the same copyright terms |
13 | | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
14 | | * |
15 | | * Copyright remains Eric Young's, and as such any Copyright notices in |
16 | | * the code are not to be removed. |
17 | | * If this package is used in a product, Eric Young should be given attribution |
18 | | * as the author of the parts of the library used. |
19 | | * This can be in the form of a textual message at program startup or |
20 | | * in documentation (online or textual) provided with the package. |
21 | | * |
22 | | * Redistribution and use in source and binary forms, with or without |
23 | | * modification, are permitted provided that the following conditions |
24 | | * are met: |
25 | | * 1. Redistributions of source code must retain the copyright |
26 | | * notice, this list of conditions and the following disclaimer. |
27 | | * 2. Redistributions in binary form must reproduce the above copyright |
28 | | * notice, this list of conditions and the following disclaimer in the |
29 | | * documentation and/or other materials provided with the distribution. |
30 | | * 3. All advertising materials mentioning features or use of this software |
31 | | * must display the following acknowledgement: |
32 | | * "This product includes cryptographic software written by |
33 | | * Eric Young (eay@cryptsoft.com)" |
34 | | * The word 'cryptographic' can be left out if the rouines from the library |
35 | | * being used are not cryptographic related :-). |
36 | | * 4. If you include any Windows specific code (or a derivative thereof) from |
37 | | * the apps directory (application code) you must include an acknowledgement: |
38 | | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
39 | | * |
40 | | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
41 | | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
42 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
43 | | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
44 | | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
45 | | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
46 | | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
47 | | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
48 | | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
49 | | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
50 | | * SUCH DAMAGE. |
51 | | * |
52 | | * The licence and distribution terms for any publically available version or |
53 | | * derivative of this code cannot be changed. i.e. this code cannot simply be |
54 | | * copied and put under another distribution licence |
55 | | * [including the GNU Public Licence.] */ |
56 | | |
57 | | #include <openssl/des.h> |
58 | | |
59 | | #include <stdlib.h> |
60 | | |
61 | | #include "internal.h" |
62 | | |
63 | | |
64 | | static const uint32_t des_skb[8][64] = { |
65 | | { // for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 |
66 | | 0x00000000, 0x00000010, 0x20000000, 0x20000010, 0x00010000, |
67 | | 0x00010010, 0x20010000, 0x20010010, 0x00000800, 0x00000810, |
68 | | 0x20000800, 0x20000810, 0x00010800, 0x00010810, 0x20010800, |
69 | | 0x20010810, 0x00000020, 0x00000030, 0x20000020, 0x20000030, |
70 | | 0x00010020, 0x00010030, 0x20010020, 0x20010030, 0x00000820, |
71 | | 0x00000830, 0x20000820, 0x20000830, 0x00010820, 0x00010830, |
72 | | 0x20010820, 0x20010830, 0x00080000, 0x00080010, 0x20080000, |
73 | | 0x20080010, 0x00090000, 0x00090010, 0x20090000, 0x20090010, |
74 | | 0x00080800, 0x00080810, 0x20080800, 0x20080810, 0x00090800, |
75 | | 0x00090810, 0x20090800, 0x20090810, 0x00080020, 0x00080030, |
76 | | 0x20080020, 0x20080030, 0x00090020, 0x00090030, 0x20090020, |
77 | | 0x20090030, 0x00080820, 0x00080830, 0x20080820, 0x20080830, |
78 | | 0x00090820, 0x00090830, 0x20090820, 0x20090830, }, |
79 | | { // for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 |
80 | | 0x00000000, 0x02000000, 0x00002000, 0x02002000, 0x00200000, |
81 | | 0x02200000, 0x00202000, 0x02202000, 0x00000004, 0x02000004, |
82 | | 0x00002004, 0x02002004, 0x00200004, 0x02200004, 0x00202004, |
83 | | 0x02202004, 0x00000400, 0x02000400, 0x00002400, 0x02002400, |
84 | | 0x00200400, 0x02200400, 0x00202400, 0x02202400, 0x00000404, |
85 | | 0x02000404, 0x00002404, 0x02002404, 0x00200404, 0x02200404, |
86 | | 0x00202404, 0x02202404, 0x10000000, 0x12000000, 0x10002000, |
87 | | 0x12002000, 0x10200000, 0x12200000, 0x10202000, 0x12202000, |
88 | | 0x10000004, 0x12000004, 0x10002004, 0x12002004, 0x10200004, |
89 | | 0x12200004, 0x10202004, 0x12202004, 0x10000400, 0x12000400, |
90 | | 0x10002400, 0x12002400, 0x10200400, 0x12200400, 0x10202400, |
91 | | 0x12202400, 0x10000404, 0x12000404, 0x10002404, 0x12002404, |
92 | | 0x10200404, 0x12200404, 0x10202404, 0x12202404, }, |
93 | | { // for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 |
94 | | 0x00000000, 0x00000001, 0x00040000, 0x00040001, 0x01000000, |
95 | | 0x01000001, 0x01040000, 0x01040001, 0x00000002, 0x00000003, |
96 | | 0x00040002, 0x00040003, 0x01000002, 0x01000003, 0x01040002, |
97 | | 0x01040003, 0x00000200, 0x00000201, 0x00040200, 0x00040201, |
98 | | 0x01000200, 0x01000201, 0x01040200, 0x01040201, 0x00000202, |
99 | | 0x00000203, 0x00040202, 0x00040203, 0x01000202, 0x01000203, |
100 | | 0x01040202, 0x01040203, 0x08000000, 0x08000001, 0x08040000, |
101 | | 0x08040001, 0x09000000, 0x09000001, 0x09040000, 0x09040001, |
102 | | 0x08000002, 0x08000003, 0x08040002, 0x08040003, 0x09000002, |
103 | | 0x09000003, 0x09040002, 0x09040003, 0x08000200, 0x08000201, |
104 | | 0x08040200, 0x08040201, 0x09000200, 0x09000201, 0x09040200, |
105 | | 0x09040201, 0x08000202, 0x08000203, 0x08040202, 0x08040203, |
106 | | 0x09000202, 0x09000203, 0x09040202, 0x09040203, }, |
107 | | { // for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 |
108 | | 0x00000000, 0x00100000, 0x00000100, 0x00100100, 0x00000008, |
109 | | 0x00100008, 0x00000108, 0x00100108, 0x00001000, 0x00101000, |
110 | | 0x00001100, 0x00101100, 0x00001008, 0x00101008, 0x00001108, |
111 | | 0x00101108, 0x04000000, 0x04100000, 0x04000100, 0x04100100, |
112 | | 0x04000008, 0x04100008, 0x04000108, 0x04100108, 0x04001000, |
113 | | 0x04101000, 0x04001100, 0x04101100, 0x04001008, 0x04101008, |
114 | | 0x04001108, 0x04101108, 0x00020000, 0x00120000, 0x00020100, |
115 | | 0x00120100, 0x00020008, 0x00120008, 0x00020108, 0x00120108, |
116 | | 0x00021000, 0x00121000, 0x00021100, 0x00121100, 0x00021008, |
117 | | 0x00121008, 0x00021108, 0x00121108, 0x04020000, 0x04120000, |
118 | | 0x04020100, 0x04120100, 0x04020008, 0x04120008, 0x04020108, |
119 | | 0x04120108, 0x04021000, 0x04121000, 0x04021100, 0x04121100, |
120 | | 0x04021008, 0x04121008, 0x04021108, 0x04121108, }, |
121 | | { // for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 |
122 | | 0x00000000, 0x10000000, 0x00010000, 0x10010000, 0x00000004, |
123 | | 0x10000004, 0x00010004, 0x10010004, 0x20000000, 0x30000000, |
124 | | 0x20010000, 0x30010000, 0x20000004, 0x30000004, 0x20010004, |
125 | | 0x30010004, 0x00100000, 0x10100000, 0x00110000, 0x10110000, |
126 | | 0x00100004, 0x10100004, 0x00110004, 0x10110004, 0x20100000, |
127 | | 0x30100000, 0x20110000, 0x30110000, 0x20100004, 0x30100004, |
128 | | 0x20110004, 0x30110004, 0x00001000, 0x10001000, 0x00011000, |
129 | | 0x10011000, 0x00001004, 0x10001004, 0x00011004, 0x10011004, |
130 | | 0x20001000, 0x30001000, 0x20011000, 0x30011000, 0x20001004, |
131 | | 0x30001004, 0x20011004, 0x30011004, 0x00101000, 0x10101000, |
132 | | 0x00111000, 0x10111000, 0x00101004, 0x10101004, 0x00111004, |
133 | | 0x10111004, 0x20101000, 0x30101000, 0x20111000, 0x30111000, |
134 | | 0x20101004, 0x30101004, 0x20111004, 0x30111004, }, |
135 | | { // for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 |
136 | | 0x00000000, 0x08000000, 0x00000008, 0x08000008, 0x00000400, |
137 | | 0x08000400, 0x00000408, 0x08000408, 0x00020000, 0x08020000, |
138 | | 0x00020008, 0x08020008, 0x00020400, 0x08020400, 0x00020408, |
139 | | 0x08020408, 0x00000001, 0x08000001, 0x00000009, 0x08000009, |
140 | | 0x00000401, 0x08000401, 0x00000409, 0x08000409, 0x00020001, |
141 | | 0x08020001, 0x00020009, 0x08020009, 0x00020401, 0x08020401, |
142 | | 0x00020409, 0x08020409, 0x02000000, 0x0A000000, 0x02000008, |
143 | | 0x0A000008, 0x02000400, 0x0A000400, 0x02000408, 0x0A000408, |
144 | | 0x02020000, 0x0A020000, 0x02020008, 0x0A020008, 0x02020400, |
145 | | 0x0A020400, 0x02020408, 0x0A020408, 0x02000001, 0x0A000001, |
146 | | 0x02000009, 0x0A000009, 0x02000401, 0x0A000401, 0x02000409, |
147 | | 0x0A000409, 0x02020001, 0x0A020001, 0x02020009, 0x0A020009, |
148 | | 0x02020401, 0x0A020401, 0x02020409, 0x0A020409, }, |
149 | | { // for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 |
150 | | 0x00000000, 0x00000100, 0x00080000, 0x00080100, 0x01000000, |
151 | | 0x01000100, 0x01080000, 0x01080100, 0x00000010, 0x00000110, |
152 | | 0x00080010, 0x00080110, 0x01000010, 0x01000110, 0x01080010, |
153 | | 0x01080110, 0x00200000, 0x00200100, 0x00280000, 0x00280100, |
154 | | 0x01200000, 0x01200100, 0x01280000, 0x01280100, 0x00200010, |
155 | | 0x00200110, 0x00280010, 0x00280110, 0x01200010, 0x01200110, |
156 | | 0x01280010, 0x01280110, 0x00000200, 0x00000300, 0x00080200, |
157 | | 0x00080300, 0x01000200, 0x01000300, 0x01080200, 0x01080300, |
158 | | 0x00000210, 0x00000310, 0x00080210, 0x00080310, 0x01000210, |
159 | | 0x01000310, 0x01080210, 0x01080310, 0x00200200, 0x00200300, |
160 | | 0x00280200, 0x00280300, 0x01200200, 0x01200300, 0x01280200, |
161 | | 0x01280300, 0x00200210, 0x00200310, 0x00280210, 0x00280310, |
162 | | 0x01200210, 0x01200310, 0x01280210, 0x01280310, }, |
163 | | { // for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 |
164 | | 0x00000000, 0x04000000, 0x00040000, 0x04040000, 0x00000002, |
165 | | 0x04000002, 0x00040002, 0x04040002, 0x00002000, 0x04002000, |
166 | | 0x00042000, 0x04042000, 0x00002002, 0x04002002, 0x00042002, |
167 | | 0x04042002, 0x00000020, 0x04000020, 0x00040020, 0x04040020, |
168 | | 0x00000022, 0x04000022, 0x00040022, 0x04040022, 0x00002020, |
169 | | 0x04002020, 0x00042020, 0x04042020, 0x00002022, 0x04002022, |
170 | | 0x00042022, 0x04042022, 0x00000800, 0x04000800, 0x00040800, |
171 | | 0x04040800, 0x00000802, 0x04000802, 0x00040802, 0x04040802, |
172 | | 0x00002800, 0x04002800, 0x00042800, 0x04042800, 0x00002802, |
173 | | 0x04002802, 0x00042802, 0x04042802, 0x00000820, 0x04000820, |
174 | | 0x00040820, 0x04040820, 0x00000822, 0x04000822, 0x00040822, |
175 | | 0x04040822, 0x00002820, 0x04002820, 0x00042820, 0x04042820, |
176 | | 0x00002822, 0x04002822, 0x00042822, 0x04042822, }}; |
177 | | |
178 | | static const uint32_t DES_SPtrans[8][64] = { |
179 | | { // nibble 0 |
180 | | 0x02080800, 0x00080000, 0x02000002, 0x02080802, 0x02000000, |
181 | | 0x00080802, 0x00080002, 0x02000002, 0x00080802, 0x02080800, |
182 | | 0x02080000, 0x00000802, 0x02000802, 0x02000000, 0x00000000, |
183 | | 0x00080002, 0x00080000, 0x00000002, 0x02000800, 0x00080800, |
184 | | 0x02080802, 0x02080000, 0x00000802, 0x02000800, 0x00000002, |
185 | | 0x00000800, 0x00080800, 0x02080002, 0x00000800, 0x02000802, |
186 | | 0x02080002, 0x00000000, 0x00000000, 0x02080802, 0x02000800, |
187 | | 0x00080002, 0x02080800, 0x00080000, 0x00000802, 0x02000800, |
188 | | 0x02080002, 0x00000800, 0x00080800, 0x02000002, 0x00080802, |
189 | | 0x00000002, 0x02000002, 0x02080000, 0x02080802, 0x00080800, |
190 | | 0x02080000, 0x02000802, 0x02000000, 0x00000802, 0x00080002, |
191 | | 0x00000000, 0x00080000, 0x02000000, 0x02000802, 0x02080800, |
192 | | 0x00000002, 0x02080002, 0x00000800, 0x00080802, }, |
193 | | { // nibble 1 |
194 | | 0x40108010, 0x00000000, 0x00108000, 0x40100000, 0x40000010, |
195 | | 0x00008010, 0x40008000, 0x00108000, 0x00008000, 0x40100010, |
196 | | 0x00000010, 0x40008000, 0x00100010, 0x40108000, 0x40100000, |
197 | | 0x00000010, 0x00100000, 0x40008010, 0x40100010, 0x00008000, |
198 | | 0x00108010, 0x40000000, 0x00000000, 0x00100010, 0x40008010, |
199 | | 0x00108010, 0x40108000, 0x40000010, 0x40000000, 0x00100000, |
200 | | 0x00008010, 0x40108010, 0x00100010, 0x40108000, 0x40008000, |
201 | | 0x00108010, 0x40108010, 0x00100010, 0x40000010, 0x00000000, |
202 | | 0x40000000, 0x00008010, 0x00100000, 0x40100010, 0x00008000, |
203 | | 0x40000000, 0x00108010, 0x40008010, 0x40108000, 0x00008000, |
204 | | 0x00000000, 0x40000010, 0x00000010, 0x40108010, 0x00108000, |
205 | | 0x40100000, 0x40100010, 0x00100000, 0x00008010, 0x40008000, |
206 | | 0x40008010, 0x00000010, 0x40100000, 0x00108000, }, |
207 | | { // nibble 2 |
208 | | 0x04000001, 0x04040100, 0x00000100, 0x04000101, 0x00040001, |
209 | | 0x04000000, 0x04000101, 0x00040100, 0x04000100, 0x00040000, |
210 | | 0x04040000, 0x00000001, 0x04040101, 0x00000101, 0x00000001, |
211 | | 0x04040001, 0x00000000, 0x00040001, 0x04040100, 0x00000100, |
212 | | 0x00000101, 0x04040101, 0x00040000, 0x04000001, 0x04040001, |
213 | | 0x04000100, 0x00040101, 0x04040000, 0x00040100, 0x00000000, |
214 | | 0x04000000, 0x00040101, 0x04040100, 0x00000100, 0x00000001, |
215 | | 0x00040000, 0x00000101, 0x00040001, 0x04040000, 0x04000101, |
216 | | 0x00000000, 0x04040100, 0x00040100, 0x04040001, 0x00040001, |
217 | | 0x04000000, 0x04040101, 0x00000001, 0x00040101, 0x04000001, |
218 | | 0x04000000, 0x04040101, 0x00040000, 0x04000100, 0x04000101, |
219 | | 0x00040100, 0x04000100, 0x00000000, 0x04040001, 0x00000101, |
220 | | 0x04000001, 0x00040101, 0x00000100, 0x04040000, }, |
221 | | { // nibble 3 |
222 | | 0x00401008, 0x10001000, 0x00000008, 0x10401008, 0x00000000, |
223 | | 0x10400000, 0x10001008, 0x00400008, 0x10401000, 0x10000008, |
224 | | 0x10000000, 0x00001008, 0x10000008, 0x00401008, 0x00400000, |
225 | | 0x10000000, 0x10400008, 0x00401000, 0x00001000, 0x00000008, |
226 | | 0x00401000, 0x10001008, 0x10400000, 0x00001000, 0x00001008, |
227 | | 0x00000000, 0x00400008, 0x10401000, 0x10001000, 0x10400008, |
228 | | 0x10401008, 0x00400000, 0x10400008, 0x00001008, 0x00400000, |
229 | | 0x10000008, 0x00401000, 0x10001000, 0x00000008, 0x10400000, |
230 | | 0x10001008, 0x00000000, 0x00001000, 0x00400008, 0x00000000, |
231 | | 0x10400008, 0x10401000, 0x00001000, 0x10000000, 0x10401008, |
232 | | 0x00401008, 0x00400000, 0x10401008, 0x00000008, 0x10001000, |
233 | | 0x00401008, 0x00400008, 0x00401000, 0x10400000, 0x10001008, |
234 | | 0x00001008, 0x10000000, 0x10000008, 0x10401000, }, |
235 | | { // nibble 4 |
236 | | 0x08000000, 0x00010000, 0x00000400, 0x08010420, 0x08010020, |
237 | | 0x08000400, 0x00010420, 0x08010000, 0x00010000, 0x00000020, |
238 | | 0x08000020, 0x00010400, 0x08000420, 0x08010020, 0x08010400, |
239 | | 0x00000000, 0x00010400, 0x08000000, 0x00010020, 0x00000420, |
240 | | 0x08000400, 0x00010420, 0x00000000, 0x08000020, 0x00000020, |
241 | | 0x08000420, 0x08010420, 0x00010020, 0x08010000, 0x00000400, |
242 | | 0x00000420, 0x08010400, 0x08010400, 0x08000420, 0x00010020, |
243 | | 0x08010000, 0x00010000, 0x00000020, 0x08000020, 0x08000400, |
244 | | 0x08000000, 0x00010400, 0x08010420, 0x00000000, 0x00010420, |
245 | | 0x08000000, 0x00000400, 0x00010020, 0x08000420, 0x00000400, |
246 | | 0x00000000, 0x08010420, 0x08010020, 0x08010400, 0x00000420, |
247 | | 0x00010000, 0x00010400, 0x08010020, 0x08000400, 0x00000420, |
248 | | 0x00000020, 0x00010420, 0x08010000, 0x08000020, }, |
249 | | { // nibble 5 |
250 | | 0x80000040, 0x00200040, 0x00000000, 0x80202000, 0x00200040, |
251 | | 0x00002000, 0x80002040, 0x00200000, 0x00002040, 0x80202040, |
252 | | 0x00202000, 0x80000000, 0x80002000, 0x80000040, 0x80200000, |
253 | | 0x00202040, 0x00200000, 0x80002040, 0x80200040, 0x00000000, |
254 | | 0x00002000, 0x00000040, 0x80202000, 0x80200040, 0x80202040, |
255 | | 0x80200000, 0x80000000, 0x00002040, 0x00000040, 0x00202000, |
256 | | 0x00202040, 0x80002000, 0x00002040, 0x80000000, 0x80002000, |
257 | | 0x00202040, 0x80202000, 0x00200040, 0x00000000, 0x80002000, |
258 | | 0x80000000, 0x00002000, 0x80200040, 0x00200000, 0x00200040, |
259 | | 0x80202040, 0x00202000, 0x00000040, 0x80202040, 0x00202000, |
260 | | 0x00200000, 0x80002040, 0x80000040, 0x80200000, 0x00202040, |
261 | | 0x00000000, 0x00002000, 0x80000040, 0x80002040, 0x80202000, |
262 | | 0x80200000, 0x00002040, 0x00000040, 0x80200040, }, |
263 | | { // nibble 6 |
264 | | 0x00004000, 0x00000200, 0x01000200, 0x01000004, 0x01004204, |
265 | | 0x00004004, 0x00004200, 0x00000000, 0x01000000, 0x01000204, |
266 | | 0x00000204, 0x01004000, 0x00000004, 0x01004200, 0x01004000, |
267 | | 0x00000204, 0x01000204, 0x00004000, 0x00004004, 0x01004204, |
268 | | 0x00000000, 0x01000200, 0x01000004, 0x00004200, 0x01004004, |
269 | | 0x00004204, 0x01004200, 0x00000004, 0x00004204, 0x01004004, |
270 | | 0x00000200, 0x01000000, 0x00004204, 0x01004000, 0x01004004, |
271 | | 0x00000204, 0x00004000, 0x00000200, 0x01000000, 0x01004004, |
272 | | 0x01000204, 0x00004204, 0x00004200, 0x00000000, 0x00000200, |
273 | | 0x01000004, 0x00000004, 0x01000200, 0x00000000, 0x01000204, |
274 | | 0x01000200, 0x00004200, 0x00000204, 0x00004000, 0x01004204, |
275 | | 0x01000000, 0x01004200, 0x00000004, 0x00004004, 0x01004204, |
276 | | 0x01000004, 0x01004200, 0x01004000, 0x00004004, }, |
277 | | { // nibble 7 |
278 | | 0x20800080, 0x20820000, 0x00020080, 0x00000000, 0x20020000, |
279 | | 0x00800080, 0x20800000, 0x20820080, 0x00000080, 0x20000000, |
280 | | 0x00820000, 0x00020080, 0x00820080, 0x20020080, 0x20000080, |
281 | | 0x20800000, 0x00020000, 0x00820080, 0x00800080, 0x20020000, |
282 | | 0x20820080, 0x20000080, 0x00000000, 0x00820000, 0x20000000, |
283 | | 0x00800000, 0x20020080, 0x20800080, 0x00800000, 0x00020000, |
284 | | 0x20820000, 0x00000080, 0x00800000, 0x00020000, 0x20000080, |
285 | | 0x20820080, 0x00020080, 0x20000000, 0x00000000, 0x00820000, |
286 | | 0x20800080, 0x20020080, 0x20020000, 0x00800080, 0x20820000, |
287 | | 0x00000080, 0x00800080, 0x20020000, 0x20820080, 0x00800000, |
288 | | 0x20800000, 0x20000080, 0x00820000, 0x00020080, 0x20020080, |
289 | | 0x20800000, 0x00000080, 0x20820000, 0x00820080, 0x00000000, |
290 | | 0x20000000, 0x20800080, 0x00020000, 0x00820080, }}; |
291 | | |
292 | | #define HPERM_OP(a, t, n, m) \ |
293 | 0 | ((t) = ((((a) << (16 - (n))) ^ (a)) & (m)), \ |
294 | 0 | (a) = (a) ^ (t) ^ ((t) >> (16 - (n)))) |
295 | | |
296 | 0 | void DES_set_key(const DES_cblock *key, DES_key_schedule *schedule) { |
297 | 0 | static const int shifts2[16] = {0, 0, 1, 1, 1, 1, 1, 1, |
298 | 0 | 0, 1, 1, 1, 1, 1, 1, 0}; |
299 | 0 | uint32_t c, d, t, s, t2; |
300 | 0 | const uint8_t *in; |
301 | 0 | int i; |
302 | |
|
303 | 0 | in = key->bytes; |
304 | |
|
305 | 0 | c2l(in, c); |
306 | 0 | c2l(in, d); |
307 | | |
308 | | // do PC1 in 47 simple operations :-) |
309 | | // Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov) |
310 | | // for the inspiration. :-) |
311 | 0 | PERM_OP(d, c, t, 4, 0x0f0f0f0f); |
312 | 0 | HPERM_OP(c, t, -2, 0xcccc0000); |
313 | 0 | HPERM_OP(d, t, -2, 0xcccc0000); |
314 | 0 | PERM_OP(d, c, t, 1, 0x55555555); |
315 | 0 | PERM_OP(c, d, t, 8, 0x00ff00ff); |
316 | 0 | PERM_OP(d, c, t, 1, 0x55555555); |
317 | 0 | d = (((d & 0x000000ff) << 16) | (d & 0x0000ff00) | |
318 | 0 | ((d & 0x00ff0000) >> 16) | ((c & 0xf0000000) >> 4)); |
319 | 0 | c &= 0x0fffffff; |
320 | |
|
321 | 0 | for (i = 0; i < ITERATIONS; i++) { |
322 | 0 | if (shifts2[i]) { |
323 | 0 | c = ((c >> 2) | (c << 26)); |
324 | 0 | d = ((d >> 2) | (d << 26)); |
325 | 0 | } else { |
326 | 0 | c = ((c >> 1) | (c << 27)); |
327 | 0 | d = ((d >> 1) | (d << 27)); |
328 | 0 | } |
329 | 0 | c &= 0x0fffffff; |
330 | 0 | d &= 0x0fffffff; |
331 | | // could be a few less shifts but I am to lazy at this |
332 | | // point in time to investigate |
333 | 0 | s = des_skb[0][(c) & 0x3f] | |
334 | 0 | des_skb[1][((c >> 6) & 0x03) | ((c >> 7) & 0x3c)] | |
335 | 0 | des_skb[2][((c >> 13) & 0x0f) | ((c >> 14) & 0x30)] | |
336 | 0 | des_skb[3][((c >> 20) & 0x01) | ((c >> 21) & 0x06) | |
337 | 0 | ((c >> 22) & 0x38)]; |
338 | 0 | t = des_skb[4][(d) & 0x3f] | |
339 | 0 | des_skb[5][((d >> 7) & 0x03) | ((d >> 8) & 0x3c)] | |
340 | 0 | des_skb[6][(d >> 15) & 0x3f] | |
341 | 0 | des_skb[7][((d >> 21) & 0x0f) | ((d >> 22) & 0x30)]; |
342 | | |
343 | | // table contained 0213 4657 |
344 | 0 | t2 = ((t << 16) | (s & 0x0000ffff)) & 0xffffffff; |
345 | 0 | schedule->subkeys[i][0] = CRYPTO_rotr_u32(t2, 30); |
346 | |
|
347 | 0 | t2 = ((s >> 16) | (t & 0xffff0000)); |
348 | 0 | schedule->subkeys[i][1] = CRYPTO_rotr_u32(t2, 26); |
349 | 0 | } |
350 | 0 | } |
351 | | |
352 | | static const uint8_t kOddParity[256] = { |
353 | | 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, |
354 | | 14, 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, |
355 | | 31, 31, 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, |
356 | | 44, 47, 47, 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, |
357 | | 61, 61, 62, 62, 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, |
358 | | 74, 76, 76, 79, 79, 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, |
359 | | 91, 91, 93, 93, 94, 94, 97, 97, 98, 98, 100, 100, 103, 103, 104, |
360 | | 104, 107, 107, 109, 109, 110, 110, 112, 112, 115, 115, 117, 117, 118, 118, |
361 | | 121, 121, 122, 122, 124, 124, 127, 127, 128, 128, 131, 131, 133, 133, 134, |
362 | | 134, 137, 137, 138, 138, 140, 140, 143, 143, 145, 145, 146, 146, 148, 148, |
363 | | 151, 151, 152, 152, 155, 155, 157, 157, 158, 158, 161, 161, 162, 162, 164, |
364 | | 164, 167, 167, 168, 168, 171, 171, 173, 173, 174, 174, 176, 176, 179, 179, |
365 | | 181, 181, 182, 182, 185, 185, 186, 186, 188, 188, 191, 191, 193, 193, 194, |
366 | | 194, 196, 196, 199, 199, 200, 200, 203, 203, 205, 205, 206, 206, 208, 208, |
367 | | 211, 211, 213, 213, 214, 214, 217, 217, 218, 218, 220, 220, 223, 223, 224, |
368 | | 224, 227, 227, 229, 229, 230, 230, 233, 233, 234, 234, 236, 236, 239, 239, |
369 | | 241, 241, 242, 242, 244, 244, 247, 247, 248, 248, 251, 251, 253, 253, 254, |
370 | | 254 |
371 | | }; |
372 | | |
373 | 0 | void DES_set_odd_parity(DES_cblock *key) { |
374 | 0 | unsigned i; |
375 | |
|
376 | 0 | for (i = 0; i < DES_KEY_SZ; i++) { |
377 | 0 | key->bytes[i] = kOddParity[key->bytes[i]]; |
378 | 0 | } |
379 | 0 | } |
380 | | |
381 | 0 | static void DES_encrypt1(uint32_t *data, const DES_key_schedule *ks, int enc) { |
382 | 0 | uint32_t l, r, t, u; |
383 | |
|
384 | 0 | r = data[0]; |
385 | 0 | l = data[1]; |
386 | |
|
387 | 0 | IP(r, l); |
388 | | // Things have been modified so that the initial rotate is done outside |
389 | | // the loop. This required the DES_SPtrans values in sp.h to be |
390 | | // rotated 1 bit to the right. One perl script later and things have a |
391 | | // 5% speed up on a sparc2. Thanks to Richard Outerbridge |
392 | | // <71755.204@CompuServe.COM> for pointing this out. |
393 | | // clear the top bits on machines with 8byte longs |
394 | | // shift left by 2 |
395 | 0 | r = CRYPTO_rotr_u32(r, 29); |
396 | 0 | l = CRYPTO_rotr_u32(l, 29); |
397 | | |
398 | | // I don't know if it is worth the effort of loop unrolling the |
399 | | // inner loop |
400 | 0 | if (enc) { |
401 | 0 | D_ENCRYPT(ks, l, r, 0); |
402 | 0 | D_ENCRYPT(ks, r, l, 1); |
403 | 0 | D_ENCRYPT(ks, l, r, 2); |
404 | 0 | D_ENCRYPT(ks, r, l, 3); |
405 | 0 | D_ENCRYPT(ks, l, r, 4); |
406 | 0 | D_ENCRYPT(ks, r, l, 5); |
407 | 0 | D_ENCRYPT(ks, l, r, 6); |
408 | 0 | D_ENCRYPT(ks, r, l, 7); |
409 | 0 | D_ENCRYPT(ks, l, r, 8); |
410 | 0 | D_ENCRYPT(ks, r, l, 9); |
411 | 0 | D_ENCRYPT(ks, l, r, 10); |
412 | 0 | D_ENCRYPT(ks, r, l, 11); |
413 | 0 | D_ENCRYPT(ks, l, r, 12); |
414 | 0 | D_ENCRYPT(ks, r, l, 13); |
415 | 0 | D_ENCRYPT(ks, l, r, 14); |
416 | 0 | D_ENCRYPT(ks, r, l, 15); |
417 | 0 | } else { |
418 | 0 | D_ENCRYPT(ks, l, r, 15); |
419 | 0 | D_ENCRYPT(ks, r, l, 14); |
420 | 0 | D_ENCRYPT(ks, l, r, 13); |
421 | 0 | D_ENCRYPT(ks, r, l, 12); |
422 | 0 | D_ENCRYPT(ks, l, r, 11); |
423 | 0 | D_ENCRYPT(ks, r, l, 10); |
424 | 0 | D_ENCRYPT(ks, l, r, 9); |
425 | 0 | D_ENCRYPT(ks, r, l, 8); |
426 | 0 | D_ENCRYPT(ks, l, r, 7); |
427 | 0 | D_ENCRYPT(ks, r, l, 6); |
428 | 0 | D_ENCRYPT(ks, l, r, 5); |
429 | 0 | D_ENCRYPT(ks, r, l, 4); |
430 | 0 | D_ENCRYPT(ks, l, r, 3); |
431 | 0 | D_ENCRYPT(ks, r, l, 2); |
432 | 0 | D_ENCRYPT(ks, l, r, 1); |
433 | 0 | D_ENCRYPT(ks, r, l, 0); |
434 | 0 | } |
435 | | |
436 | | // rotate and clear the top bits on machines with 8byte longs |
437 | 0 | l = CRYPTO_rotr_u32(l, 3); |
438 | 0 | r = CRYPTO_rotr_u32(r, 3); |
439 | |
|
440 | 0 | FP(r, l); |
441 | 0 | data[0] = l; |
442 | 0 | data[1] = r; |
443 | 0 | } |
444 | | |
445 | 0 | static void DES_encrypt2(uint32_t *data, const DES_key_schedule *ks, int enc) { |
446 | 0 | uint32_t l, r, t, u; |
447 | |
|
448 | 0 | r = data[0]; |
449 | 0 | l = data[1]; |
450 | | |
451 | | // Things have been modified so that the initial rotate is done outside the |
452 | | // loop. This required the DES_SPtrans values in sp.h to be rotated 1 bit to |
453 | | // the right. One perl script later and things have a 5% speed up on a |
454 | | // sparc2. Thanks to Richard Outerbridge <71755.204@CompuServe.COM> for |
455 | | // pointing this out. |
456 | | // clear the top bits on machines with 8byte longs |
457 | 0 | r = CRYPTO_rotr_u32(r, 29); |
458 | 0 | l = CRYPTO_rotr_u32(l, 29); |
459 | | |
460 | | // I don't know if it is worth the effort of loop unrolling the |
461 | | // inner loop |
462 | 0 | if (enc) { |
463 | 0 | D_ENCRYPT(ks, l, r, 0); |
464 | 0 | D_ENCRYPT(ks, r, l, 1); |
465 | 0 | D_ENCRYPT(ks, l, r, 2); |
466 | 0 | D_ENCRYPT(ks, r, l, 3); |
467 | 0 | D_ENCRYPT(ks, l, r, 4); |
468 | 0 | D_ENCRYPT(ks, r, l, 5); |
469 | 0 | D_ENCRYPT(ks, l, r, 6); |
470 | 0 | D_ENCRYPT(ks, r, l, 7); |
471 | 0 | D_ENCRYPT(ks, l, r, 8); |
472 | 0 | D_ENCRYPT(ks, r, l, 9); |
473 | 0 | D_ENCRYPT(ks, l, r, 10); |
474 | 0 | D_ENCRYPT(ks, r, l, 11); |
475 | 0 | D_ENCRYPT(ks, l, r, 12); |
476 | 0 | D_ENCRYPT(ks, r, l, 13); |
477 | 0 | D_ENCRYPT(ks, l, r, 14); |
478 | 0 | D_ENCRYPT(ks, r, l, 15); |
479 | 0 | } else { |
480 | 0 | D_ENCRYPT(ks, l, r, 15); |
481 | 0 | D_ENCRYPT(ks, r, l, 14); |
482 | 0 | D_ENCRYPT(ks, l, r, 13); |
483 | 0 | D_ENCRYPT(ks, r, l, 12); |
484 | 0 | D_ENCRYPT(ks, l, r, 11); |
485 | 0 | D_ENCRYPT(ks, r, l, 10); |
486 | 0 | D_ENCRYPT(ks, l, r, 9); |
487 | 0 | D_ENCRYPT(ks, r, l, 8); |
488 | 0 | D_ENCRYPT(ks, l, r, 7); |
489 | 0 | D_ENCRYPT(ks, r, l, 6); |
490 | 0 | D_ENCRYPT(ks, l, r, 5); |
491 | 0 | D_ENCRYPT(ks, r, l, 4); |
492 | 0 | D_ENCRYPT(ks, l, r, 3); |
493 | 0 | D_ENCRYPT(ks, r, l, 2); |
494 | 0 | D_ENCRYPT(ks, l, r, 1); |
495 | 0 | D_ENCRYPT(ks, r, l, 0); |
496 | 0 | } |
497 | | // rotate and clear the top bits on machines with 8byte longs |
498 | 0 | data[0] = CRYPTO_rotr_u32(l, 3); |
499 | 0 | data[1] = CRYPTO_rotr_u32(r, 3); |
500 | 0 | } |
501 | | |
502 | | void DES_encrypt3(uint32_t *data, const DES_key_schedule *ks1, |
503 | 0 | const DES_key_schedule *ks2, const DES_key_schedule *ks3) { |
504 | 0 | uint32_t l, r; |
505 | |
|
506 | 0 | l = data[0]; |
507 | 0 | r = data[1]; |
508 | 0 | IP(l, r); |
509 | 0 | data[0] = l; |
510 | 0 | data[1] = r; |
511 | 0 | DES_encrypt2((uint32_t *)data, ks1, DES_ENCRYPT); |
512 | 0 | DES_encrypt2((uint32_t *)data, ks2, DES_DECRYPT); |
513 | 0 | DES_encrypt2((uint32_t *)data, ks3, DES_ENCRYPT); |
514 | 0 | l = data[0]; |
515 | 0 | r = data[1]; |
516 | 0 | FP(r, l); |
517 | 0 | data[0] = l; |
518 | 0 | data[1] = r; |
519 | 0 | } |
520 | | |
521 | | void DES_decrypt3(uint32_t *data, const DES_key_schedule *ks1, |
522 | 0 | const DES_key_schedule *ks2, const DES_key_schedule *ks3) { |
523 | 0 | uint32_t l, r; |
524 | |
|
525 | 0 | l = data[0]; |
526 | 0 | r = data[1]; |
527 | 0 | IP(l, r); |
528 | 0 | data[0] = l; |
529 | 0 | data[1] = r; |
530 | 0 | DES_encrypt2((uint32_t *)data, ks3, DES_DECRYPT); |
531 | 0 | DES_encrypt2((uint32_t *)data, ks2, DES_ENCRYPT); |
532 | 0 | DES_encrypt2((uint32_t *)data, ks1, DES_DECRYPT); |
533 | 0 | l = data[0]; |
534 | 0 | r = data[1]; |
535 | 0 | FP(r, l); |
536 | 0 | data[0] = l; |
537 | 0 | data[1] = r; |
538 | 0 | } |
539 | | |
540 | | void DES_ecb_encrypt(const DES_cblock *in_block, DES_cblock *out_block, |
541 | 0 | const DES_key_schedule *schedule, int is_encrypt) { |
542 | 0 | uint32_t l; |
543 | 0 | uint32_t ll[2]; |
544 | 0 | const uint8_t *in = in_block->bytes; |
545 | 0 | uint8_t *out = out_block->bytes; |
546 | |
|
547 | 0 | c2l(in, l); |
548 | 0 | ll[0] = l; |
549 | 0 | c2l(in, l); |
550 | 0 | ll[1] = l; |
551 | 0 | DES_encrypt1(ll, schedule, is_encrypt); |
552 | 0 | l = ll[0]; |
553 | 0 | l2c(l, out); |
554 | 0 | l = ll[1]; |
555 | 0 | l2c(l, out); |
556 | 0 | ll[0] = ll[1] = 0; |
557 | 0 | } |
558 | | |
559 | | void DES_ncbc_encrypt(const uint8_t *in, uint8_t *out, size_t len, |
560 | | const DES_key_schedule *schedule, DES_cblock *ivec, |
561 | 0 | int enc) { |
562 | 0 | uint32_t tin0, tin1; |
563 | 0 | uint32_t tout0, tout1, xor0, xor1; |
564 | 0 | uint32_t tin[2]; |
565 | 0 | unsigned char *iv; |
566 | |
|
567 | 0 | iv = ivec->bytes; |
568 | |
|
569 | 0 | if (enc) { |
570 | 0 | c2l(iv, tout0); |
571 | 0 | c2l(iv, tout1); |
572 | 0 | for (; len >= 8; len -= 8) { |
573 | 0 | c2l(in, tin0); |
574 | 0 | c2l(in, tin1); |
575 | 0 | tin0 ^= tout0; |
576 | 0 | tin[0] = tin0; |
577 | 0 | tin1 ^= tout1; |
578 | 0 | tin[1] = tin1; |
579 | 0 | DES_encrypt1((uint32_t *)tin, schedule, DES_ENCRYPT); |
580 | 0 | tout0 = tin[0]; |
581 | 0 | l2c(tout0, out); |
582 | 0 | tout1 = tin[1]; |
583 | 0 | l2c(tout1, out); |
584 | 0 | } |
585 | 0 | if (len != 0) { |
586 | 0 | c2ln(in, tin0, tin1, len); |
587 | 0 | tin0 ^= tout0; |
588 | 0 | tin[0] = tin0; |
589 | 0 | tin1 ^= tout1; |
590 | 0 | tin[1] = tin1; |
591 | 0 | DES_encrypt1((uint32_t *)tin, schedule, DES_ENCRYPT); |
592 | 0 | tout0 = tin[0]; |
593 | 0 | l2c(tout0, out); |
594 | 0 | tout1 = tin[1]; |
595 | 0 | l2c(tout1, out); |
596 | 0 | } |
597 | 0 | iv = ivec->bytes; |
598 | 0 | l2c(tout0, iv); |
599 | 0 | l2c(tout1, iv); |
600 | 0 | } else { |
601 | 0 | c2l(iv, xor0); |
602 | 0 | c2l(iv, xor1); |
603 | 0 | for (; len >= 8; len -= 8) { |
604 | 0 | c2l(in, tin0); |
605 | 0 | tin[0] = tin0; |
606 | 0 | c2l(in, tin1); |
607 | 0 | tin[1] = tin1; |
608 | 0 | DES_encrypt1((uint32_t *)tin, schedule, DES_DECRYPT); |
609 | 0 | tout0 = tin[0] ^ xor0; |
610 | 0 | tout1 = tin[1] ^ xor1; |
611 | 0 | l2c(tout0, out); |
612 | 0 | l2c(tout1, out); |
613 | 0 | xor0 = tin0; |
614 | 0 | xor1 = tin1; |
615 | 0 | } |
616 | 0 | if (len != 0) { |
617 | 0 | c2l(in, tin0); |
618 | 0 | tin[0] = tin0; |
619 | 0 | c2l(in, tin1); |
620 | 0 | tin[1] = tin1; |
621 | 0 | DES_encrypt1((uint32_t *)tin, schedule, DES_DECRYPT); |
622 | 0 | tout0 = tin[0] ^ xor0; |
623 | 0 | tout1 = tin[1] ^ xor1; |
624 | 0 | l2cn(tout0, tout1, out, len); |
625 | 0 | xor0 = tin0; |
626 | 0 | xor1 = tin1; |
627 | 0 | } |
628 | 0 | iv = ivec->bytes; |
629 | 0 | l2c(xor0, iv); |
630 | 0 | l2c(xor1, iv); |
631 | 0 | } |
632 | 0 | tin[0] = tin[1] = 0; |
633 | 0 | } |
634 | | |
635 | | void DES_ecb3_encrypt(const DES_cblock *input, DES_cblock *output, |
636 | | const DES_key_schedule *ks1, const DES_key_schedule *ks2, |
637 | 0 | const DES_key_schedule *ks3, int enc) { |
638 | 0 | uint32_t l0, l1; |
639 | 0 | uint32_t ll[2]; |
640 | 0 | const uint8_t *in = input->bytes; |
641 | 0 | uint8_t *out = output->bytes; |
642 | |
|
643 | 0 | c2l(in, l0); |
644 | 0 | c2l(in, l1); |
645 | 0 | ll[0] = l0; |
646 | 0 | ll[1] = l1; |
647 | 0 | if (enc) { |
648 | 0 | DES_encrypt3(ll, ks1, ks2, ks3); |
649 | 0 | } else { |
650 | 0 | DES_decrypt3(ll, ks1, ks2, ks3); |
651 | 0 | } |
652 | 0 | l0 = ll[0]; |
653 | 0 | l1 = ll[1]; |
654 | 0 | l2c(l0, out); |
655 | 0 | l2c(l1, out); |
656 | 0 | } |
657 | | |
658 | | void DES_ede3_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len, |
659 | | const DES_key_schedule *ks1, |
660 | | const DES_key_schedule *ks2, |
661 | | const DES_key_schedule *ks3, DES_cblock *ivec, |
662 | 0 | int enc) { |
663 | 0 | uint32_t tin0, tin1; |
664 | 0 | uint32_t tout0, tout1, xor0, xor1; |
665 | 0 | uint32_t tin[2]; |
666 | 0 | uint8_t *iv; |
667 | |
|
668 | 0 | iv = ivec->bytes; |
669 | |
|
670 | 0 | if (enc) { |
671 | 0 | c2l(iv, tout0); |
672 | 0 | c2l(iv, tout1); |
673 | 0 | for (; len >= 8; len -= 8) { |
674 | 0 | c2l(in, tin0); |
675 | 0 | c2l(in, tin1); |
676 | 0 | tin0 ^= tout0; |
677 | 0 | tin1 ^= tout1; |
678 | |
|
679 | 0 | tin[0] = tin0; |
680 | 0 | tin[1] = tin1; |
681 | 0 | DES_encrypt3((uint32_t *)tin, ks1, ks2, ks3); |
682 | 0 | tout0 = tin[0]; |
683 | 0 | tout1 = tin[1]; |
684 | |
|
685 | 0 | l2c(tout0, out); |
686 | 0 | l2c(tout1, out); |
687 | 0 | } |
688 | 0 | if (len != 0) { |
689 | 0 | c2ln(in, tin0, tin1, len); |
690 | 0 | tin0 ^= tout0; |
691 | 0 | tin1 ^= tout1; |
692 | |
|
693 | 0 | tin[0] = tin0; |
694 | 0 | tin[1] = tin1; |
695 | 0 | DES_encrypt3((uint32_t *)tin, ks1, ks2, ks3); |
696 | 0 | tout0 = tin[0]; |
697 | 0 | tout1 = tin[1]; |
698 | |
|
699 | 0 | l2c(tout0, out); |
700 | 0 | l2c(tout1, out); |
701 | 0 | } |
702 | 0 | iv = ivec->bytes; |
703 | 0 | l2c(tout0, iv); |
704 | 0 | l2c(tout1, iv); |
705 | 0 | } else { |
706 | 0 | uint32_t t0, t1; |
707 | |
|
708 | 0 | c2l(iv, xor0); |
709 | 0 | c2l(iv, xor1); |
710 | 0 | for (; len >= 8; len -= 8) { |
711 | 0 | c2l(in, tin0); |
712 | 0 | c2l(in, tin1); |
713 | |
|
714 | 0 | t0 = tin0; |
715 | 0 | t1 = tin1; |
716 | |
|
717 | 0 | tin[0] = tin0; |
718 | 0 | tin[1] = tin1; |
719 | 0 | DES_decrypt3((uint32_t *)tin, ks1, ks2, ks3); |
720 | 0 | tout0 = tin[0]; |
721 | 0 | tout1 = tin[1]; |
722 | |
|
723 | 0 | tout0 ^= xor0; |
724 | 0 | tout1 ^= xor1; |
725 | 0 | l2c(tout0, out); |
726 | 0 | l2c(tout1, out); |
727 | 0 | xor0 = t0; |
728 | 0 | xor1 = t1; |
729 | 0 | } |
730 | 0 | if (len != 0) { |
731 | 0 | c2l(in, tin0); |
732 | 0 | c2l(in, tin1); |
733 | |
|
734 | 0 | t0 = tin0; |
735 | 0 | t1 = tin1; |
736 | |
|
737 | 0 | tin[0] = tin0; |
738 | 0 | tin[1] = tin1; |
739 | 0 | DES_decrypt3((uint32_t *)tin, ks1, ks2, ks3); |
740 | 0 | tout0 = tin[0]; |
741 | 0 | tout1 = tin[1]; |
742 | |
|
743 | 0 | tout0 ^= xor0; |
744 | 0 | tout1 ^= xor1; |
745 | 0 | l2cn(tout0, tout1, out, len); |
746 | 0 | xor0 = t0; |
747 | 0 | xor1 = t1; |
748 | 0 | } |
749 | |
|
750 | 0 | iv = ivec->bytes; |
751 | 0 | l2c(xor0, iv); |
752 | 0 | l2c(xor1, iv); |
753 | 0 | } |
754 | |
|
755 | 0 | tin[0] = tin[1] = 0; |
756 | 0 | } |
757 | | |
758 | | void DES_ede2_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len, |
759 | | const DES_key_schedule *ks1, |
760 | | const DES_key_schedule *ks2, |
761 | | DES_cblock *ivec, |
762 | 0 | int enc) { |
763 | 0 | DES_ede3_cbc_encrypt(in, out, len, ks1, ks2, ks1, ivec, enc); |
764 | 0 | } |
765 | | |
766 | | |
767 | | // Deprecated functions. |
768 | | |
769 | 0 | void DES_set_key_unchecked(const DES_cblock *key, DES_key_schedule *schedule) { |
770 | 0 | DES_set_key(key, schedule); |
771 | 0 | } |
772 | | |
773 | | #undef HPERM_OP |
774 | | #undef c2l |
775 | | #undef l2c |
776 | | #undef c2ln |
777 | | #undef l2cn |
778 | | #undef PERM_OP |
779 | | #undef IP |
780 | | #undef FP |
781 | | #undef LOAD_DATA |
782 | | #undef D_ENCRYPT |
783 | | #undef ITERATIONS |
784 | | #undef HALF_ITERATIONS |