1 /* $OpenBSD: set_key.c,v 1.27 2024/03/29 01:47:29 joshua Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59 #include <stdlib.h>
60
61 #include <openssl/crypto.h>
62
63 #include "des_local.h"
64
65 int DES_check_key = 0; /* defaults to false */
66
67 static const unsigned char odd_parity[256] = {
68 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
69 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
70 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
71 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
72 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
73 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
74 97, 97, 98, 98, 100, 100, 103, 103, 104, 104, 107, 107, 109, 109, 110, 110,
75 112, 112, 115, 115, 117, 117, 118, 118, 121, 121, 122, 122, 124, 124, 127, 127,
76 128, 128, 131, 131, 133, 133, 134, 134, 137, 137, 138, 138, 140, 140, 143, 143,
77 145, 145, 146, 146, 148, 148, 151, 151, 152, 152, 155, 155, 157, 157, 158, 158,
78 161, 161, 162, 162, 164, 164, 167, 167, 168, 168, 171, 171, 173, 173, 174, 174,
79 176, 176, 179, 179, 181, 181, 182, 182, 185, 185, 186, 186, 188, 188, 191, 191,
80 193, 193, 194, 194, 196, 196, 199, 199, 200, 200, 203, 203, 205, 205, 206, 206,
81 208, 208, 211, 211, 213, 213, 214, 214, 217, 217, 218, 218, 220, 220, 223, 223,
82 224, 224, 227, 227, 229, 229, 230, 230, 233, 233, 234, 234, 236, 236, 239, 239,
83 241, 241, 242, 242, 244, 244, 247, 247, 248, 248, 251, 251, 253, 253, 254, 254,
84 };
85
86 void
DES_set_odd_parity(DES_cblock * key)87 DES_set_odd_parity(DES_cblock *key)
88 {
89 unsigned int i;
90
91 for (i = 0; i < DES_KEY_SZ; i++)
92 (*key)[i] = odd_parity[(*key)[i]];
93 }
94 LCRYPTO_ALIAS(DES_set_odd_parity);
95
96 int
DES_check_key_parity(const_DES_cblock * key)97 DES_check_key_parity(const_DES_cblock *key)
98 {
99 unsigned int i;
100
101 for (i = 0; i < DES_KEY_SZ; i++) {
102 if ((*key)[i] != odd_parity[(*key)[i]])
103 return (0);
104 }
105 return (1);
106 }
107 LCRYPTO_ALIAS(DES_check_key_parity);
108
109 /* Weak and semi weak keys as taken from
110 * %A D.W. Davies
111 * %A W.L. Price
112 * %T Security for Computer Networks
113 * %I John Wiley & Sons
114 * %D 1984
115 * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
116 * (and actual cblock values).
117 */
118 #define NUM_WEAK_KEY 16
119 static const DES_cblock weak_keys[NUM_WEAK_KEY] = {
120 /* weak keys */
121 {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
122 {0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE},
123 {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
124 {0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1},
125 /* semi-weak keys */
126 {0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE},
127 {0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01},
128 {0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1},
129 {0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E},
130 {0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1},
131 {0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01},
132 {0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE},
133 {0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E},
134 {0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E},
135 {0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01},
136 {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
137 {0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1},
138 };
139
140 int
DES_is_weak_key(const_DES_cblock * key)141 DES_is_weak_key(const_DES_cblock *key)
142 {
143 unsigned int i;
144
145 for (i = 0; i < NUM_WEAK_KEY; i++)
146 if (memcmp(weak_keys[i], key, sizeof(DES_cblock)) == 0)
147 return 1;
148 return 0;
149 }
150 LCRYPTO_ALIAS(DES_is_weak_key);
151
152 /* NOW DEFINED IN des_local.h
153 * See ecb_encrypt.c for a pseudo description of these macros.
154 * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
155 * (b)^=(t),\
156 * (a)=((a)^((t)<<(n))))
157 */
158
159 #define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)), \
160 (a)=(a)^(t)^(t>>(16-(n))))
161
162 static const DES_LONG des_skb[8][64] = {
163 {
164 /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
165 0x00000000L, 0x00000010L, 0x20000000L, 0x20000010L,
166 0x00010000L, 0x00010010L, 0x20010000L, 0x20010010L,
167 0x00000800L, 0x00000810L, 0x20000800L, 0x20000810L,
168 0x00010800L, 0x00010810L, 0x20010800L, 0x20010810L,
169 0x00000020L, 0x00000030L, 0x20000020L, 0x20000030L,
170 0x00010020L, 0x00010030L, 0x20010020L, 0x20010030L,
171 0x00000820L, 0x00000830L, 0x20000820L, 0x20000830L,
172 0x00010820L, 0x00010830L, 0x20010820L, 0x20010830L,
173 0x00080000L, 0x00080010L, 0x20080000L, 0x20080010L,
174 0x00090000L, 0x00090010L, 0x20090000L, 0x20090010L,
175 0x00080800L, 0x00080810L, 0x20080800L, 0x20080810L,
176 0x00090800L, 0x00090810L, 0x20090800L, 0x20090810L,
177 0x00080020L, 0x00080030L, 0x20080020L, 0x20080030L,
178 0x00090020L, 0x00090030L, 0x20090020L, 0x20090030L,
179 0x00080820L, 0x00080830L, 0x20080820L, 0x20080830L,
180 0x00090820L, 0x00090830L, 0x20090820L, 0x20090830L,
181 }, {
182 /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
183 0x00000000L, 0x02000000L, 0x00002000L, 0x02002000L,
184 0x00200000L, 0x02200000L, 0x00202000L, 0x02202000L,
185 0x00000004L, 0x02000004L, 0x00002004L, 0x02002004L,
186 0x00200004L, 0x02200004L, 0x00202004L, 0x02202004L,
187 0x00000400L, 0x02000400L, 0x00002400L, 0x02002400L,
188 0x00200400L, 0x02200400L, 0x00202400L, 0x02202400L,
189 0x00000404L, 0x02000404L, 0x00002404L, 0x02002404L,
190 0x00200404L, 0x02200404L, 0x00202404L, 0x02202404L,
191 0x10000000L, 0x12000000L, 0x10002000L, 0x12002000L,
192 0x10200000L, 0x12200000L, 0x10202000L, 0x12202000L,
193 0x10000004L, 0x12000004L, 0x10002004L, 0x12002004L,
194 0x10200004L, 0x12200004L, 0x10202004L, 0x12202004L,
195 0x10000400L, 0x12000400L, 0x10002400L, 0x12002400L,
196 0x10200400L, 0x12200400L, 0x10202400L, 0x12202400L,
197 0x10000404L, 0x12000404L, 0x10002404L, 0x12002404L,
198 0x10200404L, 0x12200404L, 0x10202404L, 0x12202404L,
199 }, {
200 /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
201 0x00000000L, 0x00000001L, 0x00040000L, 0x00040001L,
202 0x01000000L, 0x01000001L, 0x01040000L, 0x01040001L,
203 0x00000002L, 0x00000003L, 0x00040002L, 0x00040003L,
204 0x01000002L, 0x01000003L, 0x01040002L, 0x01040003L,
205 0x00000200L, 0x00000201L, 0x00040200L, 0x00040201L,
206 0x01000200L, 0x01000201L, 0x01040200L, 0x01040201L,
207 0x00000202L, 0x00000203L, 0x00040202L, 0x00040203L,
208 0x01000202L, 0x01000203L, 0x01040202L, 0x01040203L,
209 0x08000000L, 0x08000001L, 0x08040000L, 0x08040001L,
210 0x09000000L, 0x09000001L, 0x09040000L, 0x09040001L,
211 0x08000002L, 0x08000003L, 0x08040002L, 0x08040003L,
212 0x09000002L, 0x09000003L, 0x09040002L, 0x09040003L,
213 0x08000200L, 0x08000201L, 0x08040200L, 0x08040201L,
214 0x09000200L, 0x09000201L, 0x09040200L, 0x09040201L,
215 0x08000202L, 0x08000203L, 0x08040202L, 0x08040203L,
216 0x09000202L, 0x09000203L, 0x09040202L, 0x09040203L,
217 }, {
218 /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
219 0x00000000L, 0x00100000L, 0x00000100L, 0x00100100L,
220 0x00000008L, 0x00100008L, 0x00000108L, 0x00100108L,
221 0x00001000L, 0x00101000L, 0x00001100L, 0x00101100L,
222 0x00001008L, 0x00101008L, 0x00001108L, 0x00101108L,
223 0x04000000L, 0x04100000L, 0x04000100L, 0x04100100L,
224 0x04000008L, 0x04100008L, 0x04000108L, 0x04100108L,
225 0x04001000L, 0x04101000L, 0x04001100L, 0x04101100L,
226 0x04001008L, 0x04101008L, 0x04001108L, 0x04101108L,
227 0x00020000L, 0x00120000L, 0x00020100L, 0x00120100L,
228 0x00020008L, 0x00120008L, 0x00020108L, 0x00120108L,
229 0x00021000L, 0x00121000L, 0x00021100L, 0x00121100L,
230 0x00021008L, 0x00121008L, 0x00021108L, 0x00121108L,
231 0x04020000L, 0x04120000L, 0x04020100L, 0x04120100L,
232 0x04020008L, 0x04120008L, 0x04020108L, 0x04120108L,
233 0x04021000L, 0x04121000L, 0x04021100L, 0x04121100L,
234 0x04021008L, 0x04121008L, 0x04021108L, 0x04121108L,
235 }, {
236 /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
237 0x00000000L, 0x10000000L, 0x00010000L, 0x10010000L,
238 0x00000004L, 0x10000004L, 0x00010004L, 0x10010004L,
239 0x20000000L, 0x30000000L, 0x20010000L, 0x30010000L,
240 0x20000004L, 0x30000004L, 0x20010004L, 0x30010004L,
241 0x00100000L, 0x10100000L, 0x00110000L, 0x10110000L,
242 0x00100004L, 0x10100004L, 0x00110004L, 0x10110004L,
243 0x20100000L, 0x30100000L, 0x20110000L, 0x30110000L,
244 0x20100004L, 0x30100004L, 0x20110004L, 0x30110004L,
245 0x00001000L, 0x10001000L, 0x00011000L, 0x10011000L,
246 0x00001004L, 0x10001004L, 0x00011004L, 0x10011004L,
247 0x20001000L, 0x30001000L, 0x20011000L, 0x30011000L,
248 0x20001004L, 0x30001004L, 0x20011004L, 0x30011004L,
249 0x00101000L, 0x10101000L, 0x00111000L, 0x10111000L,
250 0x00101004L, 0x10101004L, 0x00111004L, 0x10111004L,
251 0x20101000L, 0x30101000L, 0x20111000L, 0x30111000L,
252 0x20101004L, 0x30101004L, 0x20111004L, 0x30111004L,
253 }, {
254 /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
255 0x00000000L, 0x08000000L, 0x00000008L, 0x08000008L,
256 0x00000400L, 0x08000400L, 0x00000408L, 0x08000408L,
257 0x00020000L, 0x08020000L, 0x00020008L, 0x08020008L,
258 0x00020400L, 0x08020400L, 0x00020408L, 0x08020408L,
259 0x00000001L, 0x08000001L, 0x00000009L, 0x08000009L,
260 0x00000401L, 0x08000401L, 0x00000409L, 0x08000409L,
261 0x00020001L, 0x08020001L, 0x00020009L, 0x08020009L,
262 0x00020401L, 0x08020401L, 0x00020409L, 0x08020409L,
263 0x02000000L, 0x0A000000L, 0x02000008L, 0x0A000008L,
264 0x02000400L, 0x0A000400L, 0x02000408L, 0x0A000408L,
265 0x02020000L, 0x0A020000L, 0x02020008L, 0x0A020008L,
266 0x02020400L, 0x0A020400L, 0x02020408L, 0x0A020408L,
267 0x02000001L, 0x0A000001L, 0x02000009L, 0x0A000009L,
268 0x02000401L, 0x0A000401L, 0x02000409L, 0x0A000409L,
269 0x02020001L, 0x0A020001L, 0x02020009L, 0x0A020009L,
270 0x02020401L, 0x0A020401L, 0x02020409L, 0x0A020409L,
271 }, {
272 /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
273 0x00000000L, 0x00000100L, 0x00080000L, 0x00080100L,
274 0x01000000L, 0x01000100L, 0x01080000L, 0x01080100L,
275 0x00000010L, 0x00000110L, 0x00080010L, 0x00080110L,
276 0x01000010L, 0x01000110L, 0x01080010L, 0x01080110L,
277 0x00200000L, 0x00200100L, 0x00280000L, 0x00280100L,
278 0x01200000L, 0x01200100L, 0x01280000L, 0x01280100L,
279 0x00200010L, 0x00200110L, 0x00280010L, 0x00280110L,
280 0x01200010L, 0x01200110L, 0x01280010L, 0x01280110L,
281 0x00000200L, 0x00000300L, 0x00080200L, 0x00080300L,
282 0x01000200L, 0x01000300L, 0x01080200L, 0x01080300L,
283 0x00000210L, 0x00000310L, 0x00080210L, 0x00080310L,
284 0x01000210L, 0x01000310L, 0x01080210L, 0x01080310L,
285 0x00200200L, 0x00200300L, 0x00280200L, 0x00280300L,
286 0x01200200L, 0x01200300L, 0x01280200L, 0x01280300L,
287 0x00200210L, 0x00200310L, 0x00280210L, 0x00280310L,
288 0x01200210L, 0x01200310L, 0x01280210L, 0x01280310L,
289 }, {
290 /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
291 0x00000000L, 0x04000000L, 0x00040000L, 0x04040000L,
292 0x00000002L, 0x04000002L, 0x00040002L, 0x04040002L,
293 0x00002000L, 0x04002000L, 0x00042000L, 0x04042000L,
294 0x00002002L, 0x04002002L, 0x00042002L, 0x04042002L,
295 0x00000020L, 0x04000020L, 0x00040020L, 0x04040020L,
296 0x00000022L, 0x04000022L, 0x00040022L, 0x04040022L,
297 0x00002020L, 0x04002020L, 0x00042020L, 0x04042020L,
298 0x00002022L, 0x04002022L, 0x00042022L, 0x04042022L,
299 0x00000800L, 0x04000800L, 0x00040800L, 0x04040800L,
300 0x00000802L, 0x04000802L, 0x00040802L, 0x04040802L,
301 0x00002800L, 0x04002800L, 0x00042800L, 0x04042800L,
302 0x00002802L, 0x04002802L, 0x00042802L, 0x04042802L,
303 0x00000820L, 0x04000820L, 0x00040820L, 0x04040820L,
304 0x00000822L, 0x04000822L, 0x00040822L, 0x04040822L,
305 0x00002820L, 0x04002820L, 0x00042820L, 0x04042820L,
306 0x00002822L, 0x04002822L, 0x00042822L, 0x04042822L,
307 },
308 };
309
310 int
DES_set_key(const_DES_cblock * key,DES_key_schedule * schedule)311 DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
312 {
313 if (DES_check_key) {
314 return DES_set_key_checked(key, schedule);
315 } else {
316 DES_set_key_unchecked(key, schedule);
317 return 0;
318 }
319 }
320 LCRYPTO_ALIAS(DES_set_key);
321
322 /* return 0 if key parity is odd (correct),
323 * return -1 if key parity error,
324 * return -2 if illegal weak key.
325 */
326 int
DES_set_key_checked(const_DES_cblock * key,DES_key_schedule * schedule)327 DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
328 {
329 if (!DES_check_key_parity(key))
330 return (-1);
331 if (DES_is_weak_key(key))
332 return (-2);
333 DES_set_key_unchecked(key, schedule);
334 return 0;
335 }
336 LCRYPTO_ALIAS(DES_set_key_checked);
337
338 void
DES_set_key_unchecked(const_DES_cblock * key,DES_key_schedule * schedule)339 DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
340 {
341 static const int shifts2[16] = {0, 0,1, 1,1, 1,1, 1,0, 1,1, 1,1, 1,1, 0};
342 DES_LONG c, d, t, s, t2;
343 const unsigned char *in;
344 DES_LONG *k;
345 int i;
346
347 k = &schedule->ks->deslong[0];
348 in = &(*key)[0];
349
350 c2l(in, c);
351 c2l(in, d);
352
353 /* do PC1 in 47 simple operations :-)
354 * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
355 * for the inspiration. :-) */
356 PERM_OP(d, c, t, 4, 0x0f0f0f0fL);
357 HPERM_OP(c, t, -2, 0xcccc0000L);
358 HPERM_OP(d, t, -2, 0xcccc0000L);
359 PERM_OP(d, c, t, 1, 0x55555555L);
360 PERM_OP(c, d, t, 8, 0x00ff00ffL);
361 PERM_OP(d, c, t, 1, 0x55555555L);
362 d = (((d & 0x000000ffL) << 16L) | (d & 0x0000ff00L) |
363 ((d & 0x00ff0000L) >> 16L)|((c & 0xf0000000L) >> 4L));
364 c &= 0x0fffffffL;
365
366 for (i = 0; i < ITERATIONS; i++) {
367 if (shifts2[i]) {
368 c = ((c >> 2L)|(c << 26L));
369 d = ((d >> 2L)|(d << 26L));
370 } else {
371 c = ((c >> 1L)|(c << 27L));
372 d = ((d >> 1L)|(d << 27L));
373 }
374 c &= 0x0fffffffL;
375 d &= 0x0fffffffL;
376 /* could be a few less shifts but I am to lazy at this
377 * point in time to investigate */
378 s = des_skb[0][(c)&0x3f]|
379 des_skb[1][((c >> 6L) & 0x03)|((c >> 7L) & 0x3c)]|
380 des_skb[2][((c >> 13L) & 0x0f)|((c >> 14L) & 0x30)]|
381 des_skb[3][((c >> 20L) & 0x01)|((c >> 21L) & 0x06) |
382 ((c >> 22L) & 0x38)];
383 t = des_skb[4][(d)&0x3f]|
384 des_skb[5][((d >> 7L) & 0x03)|((d >> 8L) & 0x3c)]|
385 des_skb[6][(d >> 15L) & 0x3f]|
386 des_skb[7][((d >> 21L) & 0x0f)|((d >> 22L) & 0x30)];
387
388 /* table contained 0213 4657 */
389 t2 = ((t << 16L)|(s & 0x0000ffffL)) & 0xffffffffL;
390 *(k++) = ROTATE(t2, 30) & 0xffffffffL;
391
392 t2 = ((s >> 16L)|(t & 0xffff0000L));
393 *(k++) = ROTATE(t2, 26) & 0xffffffffL;
394 }
395 }
396 LCRYPTO_ALIAS(DES_set_key_unchecked);
397
398 int
DES_key_sched(const_DES_cblock * key,DES_key_schedule * schedule)399 DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
400 {
401 return (DES_set_key(key, schedule));
402 }
403 LCRYPTO_ALIAS(DES_key_sched);
404
405 int
DES_random_key(DES_cblock * ret)406 DES_random_key(DES_cblock *ret)
407 {
408 do {
409 arc4random_buf(ret, sizeof(DES_cblock));
410 DES_set_odd_parity(ret);
411 } while (DES_is_weak_key(ret));
412 return (1);
413 }
414 LCRYPTO_ALIAS(DES_random_key);
415