1 /*
2 * cross-platform and mod_ssl-safe code modifications are Copyright (C)
3 * 2000 W3Works, LLC. All rights reserved.
4 */
5
6 /*
7 * The modifications found herein are Copyright (C) W3Works, LLC.
8 # All rights reserved.
9 */
10
11 /*
12 * NB - This file is a modified version of one by Eric Young.
13 * It was modifed by Systemics Ltd (http://www.systemics.com/)
14 */
15
16 /* Copyright (C) 1995 Eric Young (eay@mincom.oz.au)
17 * All rights reserved.
18 *
19 * This file is part of an SSL implementation written
20 * by Eric Young (eay@mincom.oz.au).
21 * The implementation was written so as to conform with Netscapes SSL
22 * specification. This library and applications are
23 * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
24 * as long as the following conditions are aheared to.
25 *
26 * Copyright remains Eric Young's, and as such any Copyright notices in
27 * the code are not to be removed. If this code is used in a product,
28 * Eric Young should be given attribution as the author of the parts used.
29 * This can be in the form of a textual message at program startup or
30 * in documentation (online or textual) provided with the package.
31 *
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
34 * are met:
35 * 1. Redistributions of source code must retain the copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by Eric Young (eay@mincom.oz.au)
43 *
44 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
45 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
46 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
47 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
48 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
49 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
50 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
51 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
52 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
53 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
54 * SUCH DAMAGE.
55 *
56 * The licence and distribution terms for any publically available version or
57 * derivative of this code cannot be changed. i.e. this code cannot simply be
58 * copied and put under another distribution licence
59 * [including the GNU Public Licence.]
60 */
61
62 #include "_des.h"
63
64 #define c2l(c,l) (l =((unsigned long)(*((c)++))), \
65 l|=((unsigned long)(*((c)++)))<< 8, \
66 l|=((unsigned long)(*((c)++)))<<16, \
67 l|=((unsigned long)(*((c)++)))<<24)
68
69 #define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
70 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
71 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
72 *((c)++)=(unsigned char)(((l)>>24)&0xff))
73
74 #define ITERATIONS 16
75 #define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
76 (a)=(a)^(t)^(t>>(16-(n))))
77
78
79 unsigned long des_SPtrans_x[8][64]={
80 /* nibble 0 */
81 0x00820200, 0x00020000, 0x80800000, 0x80820200,
82 0x00800000, 0x80020200, 0x80020000, 0x80800000,
83 0x80020200, 0x00820200, 0x00820000, 0x80000200,
84 0x80800200, 0x00800000, 0x00000000, 0x80020000,
85 0x00020000, 0x80000000, 0x00800200, 0x00020200,
86 0x80820200, 0x00820000, 0x80000200, 0x00800200,
87 0x80000000, 0x00000200, 0x00020200, 0x80820000,
88 0x00000200, 0x80800200, 0x80820000, 0x00000000,
89 0x00000000, 0x80820200, 0x00800200, 0x80020000,
90 0x00820200, 0x00020000, 0x80000200, 0x00800200,
91 0x80820000, 0x00000200, 0x00020200, 0x80800000,
92 0x80020200, 0x80000000, 0x80800000, 0x00820000,
93 0x80820200, 0x00020200, 0x00820000, 0x80800200,
94 0x00800000, 0x80000200, 0x80020000, 0x00000000,
95 0x00020000, 0x00800000, 0x80800200, 0x00820200,
96 0x80000000, 0x80820000, 0x00000200, 0x80020200,
97
98 /* nibble 1 */
99 0x10042004, 0x00000000, 0x00042000, 0x10040000,
100 0x10000004, 0x00002004, 0x10002000, 0x00042000,
101 0x00002000, 0x10040004, 0x00000004, 0x10002000,
102 0x00040004, 0x10042000, 0x10040000, 0x00000004,
103 0x00040000, 0x10002004, 0x10040004, 0x00002000,
104 0x00042004, 0x10000000, 0x00000000, 0x00040004,
105 0x10002004, 0x00042004, 0x10042000, 0x10000004,
106 0x10000000, 0x00040000, 0x00002004, 0x10042004,
107 0x00040004, 0x10042000, 0x10002000, 0x00042004,
108 0x10042004, 0x00040004, 0x10000004, 0x00000000,
109 0x10000000, 0x00002004, 0x00040000, 0x10040004,
110 0x00002000, 0x10000000, 0x00042004, 0x10002004,
111 0x10042000, 0x00002000, 0x00000000, 0x10000004,
112 0x00000004, 0x10042004, 0x00042000, 0x10040000,
113 0x10040004, 0x00040000, 0x00002004, 0x10002000,
114 0x10002004, 0x00000004, 0x10040000, 0x00042000,
115
116 /* nibble 2 */
117 0x41000000, 0x01010040, 0x00000040, 0x41000040,
118 0x40010000, 0x01000000, 0x41000040, 0x00010040,
119 0x01000040, 0x00010000, 0x01010000, 0x40000000,
120 0x41010040, 0x40000040, 0x40000000, 0x41010000,
121 0x00000000, 0x40010000, 0x01010040, 0x00000040,
122 0x40000040, 0x41010040, 0x00010000, 0x41000000,
123 0x41010000, 0x01000040, 0x40010040, 0x01010000,
124 0x00010040, 0x00000000, 0x01000000, 0x40010040,
125 0x01010040, 0x00000040, 0x40000000, 0x00010000,
126 0x40000040, 0x40010000, 0x01010000, 0x41000040,
127 0x00000000, 0x01010040, 0x00010040, 0x41010000,
128 0x40010000, 0x01000000, 0x41010040, 0x40000000,
129 0x40010040, 0x41000000, 0x01000000, 0x41010040,
130 0x00010000, 0x01000040, 0x41000040, 0x00010040,
131 0x01000040, 0x00000000, 0x41010000, 0x40000040,
132 0x41000000, 0x40010040, 0x00000040, 0x01010000,
133
134 /* nibble 3 */
135 0x00100402, 0x04000400, 0x00000002, 0x04100402,
136 0x00000000, 0x04100000, 0x04000402, 0x00100002,
137 0x04100400, 0x04000002, 0x04000000, 0x00000402,
138 0x04000002, 0x00100402, 0x00100000, 0x04000000,
139 0x04100002, 0x00100400, 0x00000400, 0x00000002,
140 0x00100400, 0x04000402, 0x04100000, 0x00000400,
141 0x00000402, 0x00000000, 0x00100002, 0x04100400,
142 0x04000400, 0x04100002, 0x04100402, 0x00100000,
143 0x04100002, 0x00000402, 0x00100000, 0x04000002,
144 0x00100400, 0x04000400, 0x00000002, 0x04100000,
145 0x04000402, 0x00000000, 0x00000400, 0x00100002,
146 0x00000000, 0x04100002, 0x04100400, 0x00000400,
147 0x04000000, 0x04100402, 0x00100402, 0x00100000,
148 0x04100402, 0x00000002, 0x04000400, 0x00100402,
149 0x00100002, 0x00100400, 0x04100000, 0x04000402,
150 0x00000402, 0x04000000, 0x04000002, 0x04100400,
151
152 /* nibble 4 */
153 0x02000000, 0x00004000, 0x00000100, 0x02004108,
154 0x02004008, 0x02000100, 0x00004108, 0x02004000,
155 0x00004000, 0x00000008, 0x02000008, 0x00004100,
156 0x02000108, 0x02004008, 0x02004100, 0x00000000,
157 0x00004100, 0x02000000, 0x00004008, 0x00000108,
158 0x02000100, 0x00004108, 0x00000000, 0x02000008,
159 0x00000008, 0x02000108, 0x02004108, 0x00004008,
160 0x02004000, 0x00000100, 0x00000108, 0x02004100,
161 0x02004100, 0x02000108, 0x00004008, 0x02004000,
162 0x00004000, 0x00000008, 0x02000008, 0x02000100,
163 0x02000000, 0x00004100, 0x02004108, 0x00000000,
164 0x00004108, 0x02000000, 0x00000100, 0x00004008,
165 0x02000108, 0x00000100, 0x00000000, 0x02004108,
166 0x02004008, 0x02004100, 0x00000108, 0x00004000,
167 0x00004100, 0x02004008, 0x02000100, 0x00000108,
168 0x00000008, 0x00004108, 0x02004000, 0x02000008,
169
170 /* nibble 5 */
171 0x20000010, 0x00080010, 0x00000000, 0x20080800,
172 0x00080010, 0x00000800, 0x20000810, 0x00080000,
173 0x00000810, 0x20080810, 0x00080800, 0x20000000,
174 0x20000800, 0x20000010, 0x20080000, 0x00080810,
175 0x00080000, 0x20000810, 0x20080010, 0x00000000,
176 0x00000800, 0x00000010, 0x20080800, 0x20080010,
177 0x20080810, 0x20080000, 0x20000000, 0x00000810,
178 0x00000010, 0x00080800, 0x00080810, 0x20000800,
179 0x00000810, 0x20000000, 0x20000800, 0x00080810,
180 0x20080800, 0x00080010, 0x00000000, 0x20000800,
181 0x20000000, 0x00000800, 0x20080010, 0x00080000,
182 0x00080010, 0x20080810, 0x00080800, 0x00000010,
183 0x20080810, 0x00080800, 0x00080000, 0x20000810,
184 0x20000010, 0x20080000, 0x00080810, 0x00000000,
185 0x00000800, 0x20000010, 0x20000810, 0x20080800,
186 0x20080000, 0x00000810, 0x00000010, 0x20080010,
187
188 /* nibble 6 */
189 0x00001000, 0x00000080, 0x00400080, 0x00400001,
190 0x00401081, 0x00001001, 0x00001080, 0x00000000,
191 0x00400000, 0x00400081, 0x00000081, 0x00401000,
192 0x00000001, 0x00401080, 0x00401000, 0x00000081,
193 0x00400081, 0x00001000, 0x00001001, 0x00401081,
194 0x00000000, 0x00400080, 0x00400001, 0x00001080,
195 0x00401001, 0x00001081, 0x00401080, 0x00000001,
196 0x00001081, 0x00401001, 0x00000080, 0x00400000,
197 0x00001081, 0x00401000, 0x00401001, 0x00000081,
198 0x00001000, 0x00000080, 0x00400000, 0x00401001,
199 0x00400081, 0x00001081, 0x00001080, 0x00000000,
200 0x00000080, 0x00400001, 0x00000001, 0x00400080,
201 0x00000000, 0x00400081, 0x00400080, 0x00001080,
202 0x00000081, 0x00001000, 0x00401081, 0x00400000,
203 0x00401080, 0x00000001, 0x00001001, 0x00401081,
204 0x00400001, 0x00401080, 0x00401000, 0x00001001,
205
206 /* nibble 7 */
207 0x08200020, 0x08208000, 0x00008020, 0x00000000,
208 0x08008000, 0x00200020, 0x08200000, 0x08208020,
209 0x00000020, 0x08000000, 0x00208000, 0x00008020,
210 0x00208020, 0x08008020, 0x08000020, 0x08200000,
211 0x00008000, 0x00208020, 0x00200020, 0x08008000,
212 0x08208020, 0x08000020, 0x00000000, 0x00208000,
213 0x08000000, 0x00200000, 0x08008020, 0x08200020,
214 0x00200000, 0x00008000, 0x08208000, 0x00000020,
215 0x00200000, 0x00008000, 0x08000020, 0x08208020,
216 0x00008020, 0x08000000, 0x00000000, 0x00208000,
217 0x08200020, 0x08008020, 0x08008000, 0x00200020,
218 0x08208000, 0x00000020, 0x00200020, 0x08008000,
219 0x08208020, 0x00200000, 0x08200000, 0x08000020,
220 0x00208000, 0x00008020, 0x08008020, 0x08200000,
221 0x00000020, 0x08208000, 0x00208020, 0x00000000,
222 0x08000000, 0x08200020, 0x00008000, 0x00208020};
223
224 unsigned long des_skb[8][64]={
225 /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
226 0x00000000,0x00000010,0x20000000,0x20000010,
227 0x00010000,0x00010010,0x20010000,0x20010010,
228 0x00000800,0x00000810,0x20000800,0x20000810,
229 0x00010800,0x00010810,0x20010800,0x20010810,
230 0x00000020,0x00000030,0x20000020,0x20000030,
231 0x00010020,0x00010030,0x20010020,0x20010030,
232 0x00000820,0x00000830,0x20000820,0x20000830,
233 0x00010820,0x00010830,0x20010820,0x20010830,
234 0x00080000,0x00080010,0x20080000,0x20080010,
235 0x00090000,0x00090010,0x20090000,0x20090010,
236 0x00080800,0x00080810,0x20080800,0x20080810,
237 0x00090800,0x00090810,0x20090800,0x20090810,
238 0x00080020,0x00080030,0x20080020,0x20080030,
239 0x00090020,0x00090030,0x20090020,0x20090030,
240 0x00080820,0x00080830,0x20080820,0x20080830,
241 0x00090820,0x00090830,0x20090820,0x20090830,
242 /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
243 0x00000000,0x02000000,0x00002000,0x02002000,
244 0x00200000,0x02200000,0x00202000,0x02202000,
245 0x00000004,0x02000004,0x00002004,0x02002004,
246 0x00200004,0x02200004,0x00202004,0x02202004,
247 0x00000400,0x02000400,0x00002400,0x02002400,
248 0x00200400,0x02200400,0x00202400,0x02202400,
249 0x00000404,0x02000404,0x00002404,0x02002404,
250 0x00200404,0x02200404,0x00202404,0x02202404,
251 0x10000000,0x12000000,0x10002000,0x12002000,
252 0x10200000,0x12200000,0x10202000,0x12202000,
253 0x10000004,0x12000004,0x10002004,0x12002004,
254 0x10200004,0x12200004,0x10202004,0x12202004,
255 0x10000400,0x12000400,0x10002400,0x12002400,
256 0x10200400,0x12200400,0x10202400,0x12202400,
257 0x10000404,0x12000404,0x10002404,0x12002404,
258 0x10200404,0x12200404,0x10202404,0x12202404,
259 /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
260 0x00000000,0x00000001,0x00040000,0x00040001,
261 0x01000000,0x01000001,0x01040000,0x01040001,
262 0x00000002,0x00000003,0x00040002,0x00040003,
263 0x01000002,0x01000003,0x01040002,0x01040003,
264 0x00000200,0x00000201,0x00040200,0x00040201,
265 0x01000200,0x01000201,0x01040200,0x01040201,
266 0x00000202,0x00000203,0x00040202,0x00040203,
267 0x01000202,0x01000203,0x01040202,0x01040203,
268 0x08000000,0x08000001,0x08040000,0x08040001,
269 0x09000000,0x09000001,0x09040000,0x09040001,
270 0x08000002,0x08000003,0x08040002,0x08040003,
271 0x09000002,0x09000003,0x09040002,0x09040003,
272 0x08000200,0x08000201,0x08040200,0x08040201,
273 0x09000200,0x09000201,0x09040200,0x09040201,
274 0x08000202,0x08000203,0x08040202,0x08040203,
275 0x09000202,0x09000203,0x09040202,0x09040203,
276 /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
277 0x00000000,0x00100000,0x00000100,0x00100100,
278 0x00000008,0x00100008,0x00000108,0x00100108,
279 0x00001000,0x00101000,0x00001100,0x00101100,
280 0x00001008,0x00101008,0x00001108,0x00101108,
281 0x04000000,0x04100000,0x04000100,0x04100100,
282 0x04000008,0x04100008,0x04000108,0x04100108,
283 0x04001000,0x04101000,0x04001100,0x04101100,
284 0x04001008,0x04101008,0x04001108,0x04101108,
285 0x00020000,0x00120000,0x00020100,0x00120100,
286 0x00020008,0x00120008,0x00020108,0x00120108,
287 0x00021000,0x00121000,0x00021100,0x00121100,
288 0x00021008,0x00121008,0x00021108,0x00121108,
289 0x04020000,0x04120000,0x04020100,0x04120100,
290 0x04020008,0x04120008,0x04020108,0x04120108,
291 0x04021000,0x04121000,0x04021100,0x04121100,
292 0x04021008,0x04121008,0x04021108,0x04121108,
293 /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
294 0x00000000,0x10000000,0x00010000,0x10010000,
295 0x00000004,0x10000004,0x00010004,0x10010004,
296 0x20000000,0x30000000,0x20010000,0x30010000,
297 0x20000004,0x30000004,0x20010004,0x30010004,
298 0x00100000,0x10100000,0x00110000,0x10110000,
299 0x00100004,0x10100004,0x00110004,0x10110004,
300 0x20100000,0x30100000,0x20110000,0x30110000,
301 0x20100004,0x30100004,0x20110004,0x30110004,
302 0x00001000,0x10001000,0x00011000,0x10011000,
303 0x00001004,0x10001004,0x00011004,0x10011004,
304 0x20001000,0x30001000,0x20011000,0x30011000,
305 0x20001004,0x30001004,0x20011004,0x30011004,
306 0x00101000,0x10101000,0x00111000,0x10111000,
307 0x00101004,0x10101004,0x00111004,0x10111004,
308 0x20101000,0x30101000,0x20111000,0x30111000,
309 0x20101004,0x30101004,0x20111004,0x30111004,
310 /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
311 0x00000000,0x08000000,0x00000008,0x08000008,
312 0x00000400,0x08000400,0x00000408,0x08000408,
313 0x00020000,0x08020000,0x00020008,0x08020008,
314 0x00020400,0x08020400,0x00020408,0x08020408,
315 0x00000001,0x08000001,0x00000009,0x08000009,
316 0x00000401,0x08000401,0x00000409,0x08000409,
317 0x00020001,0x08020001,0x00020009,0x08020009,
318 0x00020401,0x08020401,0x00020409,0x08020409,
319 0x02000000,0x0A000000,0x02000008,0x0A000008,
320 0x02000400,0x0A000400,0x02000408,0x0A000408,
321 0x02020000,0x0A020000,0x02020008,0x0A020008,
322 0x02020400,0x0A020400,0x02020408,0x0A020408,
323 0x02000001,0x0A000001,0x02000009,0x0A000009,
324 0x02000401,0x0A000401,0x02000409,0x0A000409,
325 0x02020001,0x0A020001,0x02020009,0x0A020009,
326 0x02020401,0x0A020401,0x02020409,0x0A020409,
327 /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
328 0x00000000,0x00000100,0x00080000,0x00080100,
329 0x01000000,0x01000100,0x01080000,0x01080100,
330 0x00000010,0x00000110,0x00080010,0x00080110,
331 0x01000010,0x01000110,0x01080010,0x01080110,
332 0x00200000,0x00200100,0x00280000,0x00280100,
333 0x01200000,0x01200100,0x01280000,0x01280100,
334 0x00200010,0x00200110,0x00280010,0x00280110,
335 0x01200010,0x01200110,0x01280010,0x01280110,
336 0x00000200,0x00000300,0x00080200,0x00080300,
337 0x01000200,0x01000300,0x01080200,0x01080300,
338 0x00000210,0x00000310,0x00080210,0x00080310,
339 0x01000210,0x01000310,0x01080210,0x01080310,
340 0x00200200,0x00200300,0x00280200,0x00280300,
341 0x01200200,0x01200300,0x01280200,0x01280300,
342 0x00200210,0x00200310,0x00280210,0x00280310,
343 0x01200210,0x01200310,0x01280210,0x01280310,
344 /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
345 0x00000000,0x04000000,0x00040000,0x04040000,
346 0x00000002,0x04000002,0x00040002,0x04040002,
347 0x00002000,0x04002000,0x00042000,0x04042000,
348 0x00002002,0x04002002,0x00042002,0x04042002,
349 0x00000020,0x04000020,0x00040020,0x04040020,
350 0x00000022,0x04000022,0x00040022,0x04040022,
351 0x00002020,0x04002020,0x00042020,0x04042020,
352 0x00002022,0x04002022,0x00042022,0x04042022,
353 0x00000800,0x04000800,0x00040800,0x04040800,
354 0x00000802,0x04000802,0x00040802,0x04040802,
355 0x00002800,0x04002800,0x00042800,0x04042800,
356 0x00002802,0x04002802,0x00042802,0x04042802,
357 0x00000820,0x04000820,0x00040820,0x04040820,
358 0x00000822,0x04000822,0x00040822,0x04040822,
359 0x00002820,0x04002820,0x00042820,0x04042820,
360 0x00002822,0x04002822,0x00042822,0x04042822,
361 };
362
363
364
365
366
367
368
369 /* The changes to this macro may help or hinder, depending on the
370 * compiler and the achitecture. gcc2 always seems to do well :-).
371 * Inspired by Dana How <how@isl.stanford.edu>
372 * DO NOT use the alternative version on machines with 8 byte longs. */
373
374 #ifdef ALT_ECB
375 #define D_ENCRYPT(L,R,S) \
376 u=((R^s[S ])<<2); \
377 t= R^s[S+1]; \
378 t=((t>>2)+(t<<30)); \
379 L^= \
380 *(unsigned long *)(des_SP+0x0100+((t )&0xfc))+ \
381 *(unsigned long *)(des_SP+0x0300+((t>> 8)&0xfc))+ \
382 *(unsigned long *)(des_SP+0x0500+((t>>16)&0xfc))+ \
383 *(unsigned long *)(des_SP+0x0700+((t>>24)&0xfc))+ \
384 *(unsigned long *)(des_SP+ ((u )&0xfc))+ \
385 *(unsigned long *)(des_SP+0x0200+((u>> 8)&0xfc))+ \
386 *(unsigned long *)(des_SP+0x0400+((u>>16)&0xfc))+ \
387 *(unsigned long *)(des_SP+0x0600+((u>>24)&0xfc));
388 #else /* original version */
389 #define D_ENCRYPT(L,R,S) \
390 u=(R^s[S ]); \
391 t=R^s[S+1]; \
392 t=((t>>4)+(t<<28)); \
393 L^= des_SPtrans_x[1][(t )&0x3f]| \
394 des_SPtrans_x[3][(t>> 8)&0x3f]| \
395 des_SPtrans_x[5][(t>>16)&0x3f]| \
396 des_SPtrans_x[7][(t>>24)&0x3f]| \
397 des_SPtrans_x[0][(u )&0x3f]| \
398 des_SPtrans_x[2][(u>> 8)&0x3f]| \
399 des_SPtrans_x[4][(u>>16)&0x3f]| \
400 des_SPtrans_x[6][(u>>24)&0x3f];
401 #endif
402
403 /* IP and FP
404 * The problem is more of a geometric problem that random bit fiddling.
405 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
406 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
407 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
408 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
409
410 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
411 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
412 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
413 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
414
415 The output has been subject to swaps of the form
416 0 1 -> 3 1 but the odd and even bits have been put into
417 2 3 2 0
418 different words. The main trick is to remember that
419 t=((l>>size)^r)&(mask);
420 r^=t;
421 l^=(t<<size);
422 can be used to swap and move bits between words.
423
424 So l = 0 1 2 3 r = 16 17 18 19
425 4 5 6 7 20 21 22 23
426 8 9 10 11 24 25 26 27
427 12 13 14 15 28 29 30 31
428 becomes (for size == 2 and mask == 0x3333)
429 t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
430 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
431 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
432 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
433
434 Thanks for hints from Richard Outerbridge - he told me IP&FP
435 could be done in 15 xor, 10 shifts and 5 ands.
436 When I finally started to think of the problem in 2D
437 I first got ~42 operations without xors. When I remembered
438 how to use xors :-) I got it to its final state.
439 */
440 #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
441 (b)^=(t),\
442 (a)^=((t)<<(n)))
443
444
445 void
perl_des_crypt(des_cblock input,des_cblock output,des_ks ks,int encrypt)446 perl_des_crypt( des_cblock input, des_cblock output, des_ks ks, int encrypt )
447 {
448 unsigned long l,r,t,u;
449 #ifdef ALT_ECB
450 unsigned char *des_SP=(unsigned char *)des_SPtrans_x;
451 #endif
452 static int i;
453 static unsigned long * s;
454 unsigned char * ptr;
455
456 c2l( input, l ); /* get endian free long from input block */
457 c2l( input, r ); /* get endian free long from input block */
458
459 /* do IP */
460 PERM_OP(r,l,t, 4,0x0f0f0f0f);
461 PERM_OP(l,r,t,16,0x0000ffff);
462 PERM_OP(r,l,t, 2,0x33333333);
463 PERM_OP(l,r,t, 8,0x00ff00ff);
464 PERM_OP(r,l,t, 1,0x55555555);
465 /* r and l are reversed - remember that :-) - fix
466 * it in the next step */
467
468 /* Things have been modified so that the initial rotate is
469 * done outside the loop. This required the
470 * des_SPtrans_x values in sp.h to be rotated 1 bit to the right.
471 * One perl script later and things have a 5% speed up on a sparc2.
472 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
473 * for pointing this out. */
474 t=(r<<1)|(r>>31);
475 r=(l<<1)|(l>>31);
476 l=t;
477
478 /* clear the top bits on machines with 8byte longs */
479 l&=0xffffffff;
480 r&=0xffffffff;
481
482 s=(unsigned long *)ks;
483 /* I don't know if it is worth the effort of loop unrolling the
484 * inner loop */
485 if (encrypt)
486 {
487 for (i=0; i<32; i+=4)
488 {
489 D_ENCRYPT(l,r,i+0); /* 1 */
490 D_ENCRYPT(r,l,i+2); /* 2 */
491 }
492 }
493 else
494 {
495 for (i=30; i>0; i-=4)
496 {
497 D_ENCRYPT(l,r,i-0); /* 16 */
498 D_ENCRYPT(r,l,i-2); /* 15 */
499 }
500 }
501 l=(l>>1)|(l<<31);
502 r=(r>>1)|(r<<31);
503 /* clear the top bits on machines with 8byte longs */
504 l&=0xffffffff;
505 r&=0xffffffff;
506
507 /* swap l and r
508 * we will not do the swap so just remember they are
509 * reversed for the rest of the subroutine
510 * luckily FP fixes this problem :-) */
511
512 PERM_OP(r,l,t, 1,0x55555555);
513 PERM_OP(l,r,t, 8,0x00ff00ff);
514 PERM_OP(r,l,t, 2,0x33333333);
515 PERM_OP(l,r,t,16,0x0000ffff);
516 PERM_OP(r,l,t, 4,0x0f0f0f0f);
517
518 l2c( l, output ); /* get endian free long from input block */
519 l2c( r, output ); /* get endian free long from input block */
520 }
521
522 void
perl_des_expand_key(des_user_key userKey,des_ks ks)523 perl_des_expand_key(des_user_key userKey, des_ks ks)
524 {
525 unsigned long c,d,t,s;
526 unsigned char * in;
527 unsigned long * k;
528 int i;
529 static unsigned char shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
530
531 k=(unsigned long *)ks;
532 in=(unsigned char *)userKey;
533
534 c2l(in,c);
535 c2l(in,d);
536
537 /* do PC1 in 60 simple operations */
538 /* PERM_OP(d,c,t,4,0x0f0f0f0f);
539 HPERM_OP(c,t,-2, 0xcccc0000);
540 HPERM_OP(c,t,-1, 0xaaaa0000);
541 HPERM_OP(c,t, 8, 0x00ff0000);
542 HPERM_OP(c,t,-1, 0xaaaa0000);
543 HPERM_OP(d,t,-8, 0xff000000);
544 HPERM_OP(d,t, 8, 0x00ff0000);
545 HPERM_OP(d,t, 2, 0x33330000);
546 d=((d&0x00aa00aa)<<7)|((d&0x55005500)>>7)|(d&0xaa55aa55);
547 d=(d>>8)|((c&0xf0000000)>>4);
548 c&=0x0fffffff; */
549
550 /* I now do it in 47 simple operations :-)
551 * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
552 * for the inspiration. :-) */
553 PERM_OP (d,c,t,4,0x0f0f0f0f);
554 HPERM_OP(c,t,-2,0xcccc0000);
555 HPERM_OP(d,t,-2,0xcccc0000);
556 PERM_OP (d,c,t,1,0x55555555);
557 PERM_OP (c,d,t,8,0x00ff00ff);
558 PERM_OP (d,c,t,1,0x55555555);
559 d= (((d&0x000000ff)<<16)| (d&0x0000ff00) |
560 ((d&0x00ff0000)>>16)|((c&0xf0000000)>>4));
561 c&=0x0fffffff;
562
563 for (i=0; i<ITERATIONS; i++)
564 {
565 if (shifts2[i])
566 { c=((c>>2)|(c<<26)); d=((d>>2)|(d<<26)); }
567 else
568 { c=((c>>1)|(c<<27)); d=((d>>1)|(d<<27)); }
569 c&=0x0fffffff;
570 d&=0x0fffffff;
571 /* could be a few less shifts but I am to lazy at this
572 * point in time to investigate */
573 s=des_skb[0][ (c )&0x3f ]|
574 des_skb[1][((c>> 6)&0x03)|((c>> 7)&0x3c)]|
575 des_skb[2][((c>>13)&0x0f)|((c>>14)&0x30)]|
576 des_skb[3][((c>>20)&0x01)|((c>>21)&0x06) |
577 ((c>>22)&0x38)];
578
579 t=des_skb[4][ (d )&0x3f ]|
580 des_skb[5][((d>> 7)&0x03)|((d>> 8)&0x3c)]|
581 des_skb[6][ (d>>15)&0x3f ]|
582 des_skb[7][((d>>21)&0x0f)|((d>>22)&0x30)];
583
584 /* table contained 0213 4657 */
585 *(k++)=((t<<16)|(s&0x0000ffff))&0xffffffff;
586 s= ((s>>16)|(t&0xffff0000));
587
588 s=(s<<4)|(s>>28);
589 *(k++)=s&0xffffffff;
590 }
591 }
592