172c33676SMaxim Ag /* $OpenBSD: set_key.c,v 1.20 2017/02/09 03:43:05 dtucker Exp $ */
2f5b1c8a1SJohn Marino /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3f5b1c8a1SJohn Marino * All rights reserved.
4f5b1c8a1SJohn Marino *
5f5b1c8a1SJohn Marino * This package is an SSL implementation written
6f5b1c8a1SJohn Marino * by Eric Young (eay@cryptsoft.com).
7f5b1c8a1SJohn Marino * The implementation was written so as to conform with Netscapes SSL.
8f5b1c8a1SJohn Marino *
9f5b1c8a1SJohn Marino * This library is free for commercial and non-commercial use as long as
10f5b1c8a1SJohn Marino * the following conditions are aheared to. The following conditions
11f5b1c8a1SJohn Marino * apply to all code found in this distribution, be it the RC4, RSA,
12f5b1c8a1SJohn Marino * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13f5b1c8a1SJohn Marino * included with this distribution is covered by the same copyright terms
14f5b1c8a1SJohn Marino * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15f5b1c8a1SJohn Marino *
16f5b1c8a1SJohn Marino * Copyright remains Eric Young's, and as such any Copyright notices in
17f5b1c8a1SJohn Marino * the code are not to be removed.
18f5b1c8a1SJohn Marino * If this package is used in a product, Eric Young should be given attribution
19f5b1c8a1SJohn Marino * as the author of the parts of the library used.
20f5b1c8a1SJohn Marino * This can be in the form of a textual message at program startup or
21f5b1c8a1SJohn Marino * in documentation (online or textual) provided with the package.
22f5b1c8a1SJohn Marino *
23f5b1c8a1SJohn Marino * Redistribution and use in source and binary forms, with or without
24f5b1c8a1SJohn Marino * modification, are permitted provided that the following conditions
25f5b1c8a1SJohn Marino * are met:
26f5b1c8a1SJohn Marino * 1. Redistributions of source code must retain the copyright
27f5b1c8a1SJohn Marino * notice, this list of conditions and the following disclaimer.
28f5b1c8a1SJohn Marino * 2. Redistributions in binary form must reproduce the above copyright
29f5b1c8a1SJohn Marino * notice, this list of conditions and the following disclaimer in the
30f5b1c8a1SJohn Marino * documentation and/or other materials provided with the distribution.
31f5b1c8a1SJohn Marino * 3. All advertising materials mentioning features or use of this software
32f5b1c8a1SJohn Marino * must display the following acknowledgement:
33f5b1c8a1SJohn Marino * "This product includes cryptographic software written by
34f5b1c8a1SJohn Marino * Eric Young (eay@cryptsoft.com)"
35f5b1c8a1SJohn Marino * The word 'cryptographic' can be left out if the rouines from the library
36f5b1c8a1SJohn Marino * being used are not cryptographic related :-).
37f5b1c8a1SJohn Marino * 4. If you include any Windows specific code (or a derivative thereof) from
38f5b1c8a1SJohn Marino * the apps directory (application code) you must include an acknowledgement:
39f5b1c8a1SJohn Marino * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40f5b1c8a1SJohn Marino *
41f5b1c8a1SJohn Marino * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42f5b1c8a1SJohn Marino * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43f5b1c8a1SJohn Marino * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44f5b1c8a1SJohn Marino * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45f5b1c8a1SJohn Marino * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46f5b1c8a1SJohn Marino * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47f5b1c8a1SJohn Marino * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48f5b1c8a1SJohn Marino * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49f5b1c8a1SJohn Marino * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50f5b1c8a1SJohn Marino * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51f5b1c8a1SJohn Marino * SUCH DAMAGE.
52f5b1c8a1SJohn Marino *
53f5b1c8a1SJohn Marino * The licence and distribution terms for any publically available version or
54f5b1c8a1SJohn Marino * derivative of this code cannot be changed. i.e. this code cannot simply be
55f5b1c8a1SJohn Marino * copied and put under another distribution licence
56f5b1c8a1SJohn Marino * [including the GNU Public Licence.]
57f5b1c8a1SJohn Marino */
58f5b1c8a1SJohn Marino
59f5b1c8a1SJohn Marino /* set_key.c v 1.4 eay 24/9/91
60f5b1c8a1SJohn Marino * 1.4 Speed up by 400% :-)
61f5b1c8a1SJohn Marino * 1.3 added register declarations.
62f5b1c8a1SJohn Marino * 1.2 unrolled make_key_sched a bit more
63f5b1c8a1SJohn Marino * 1.1 added norm_expand_bits
64f5b1c8a1SJohn Marino * 1.0 First working version
65f5b1c8a1SJohn Marino */
66f5b1c8a1SJohn Marino #include <openssl/crypto.h>
67f5b1c8a1SJohn Marino #include "des_locl.h"
68f5b1c8a1SJohn Marino
69f5b1c8a1SJohn Marino int DES_check_key = 0; /* defaults to false */
70f5b1c8a1SJohn Marino
71f5b1c8a1SJohn Marino static const unsigned char odd_parity[256]={
72f5b1c8a1SJohn Marino 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
73f5b1c8a1SJohn Marino 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
74f5b1c8a1SJohn Marino 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
75f5b1c8a1SJohn Marino 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
76f5b1c8a1SJohn Marino 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
77f5b1c8a1SJohn Marino 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
78f5b1c8a1SJohn Marino 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
79f5b1c8a1SJohn Marino 112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
80f5b1c8a1SJohn Marino 128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
81f5b1c8a1SJohn Marino 145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
82f5b1c8a1SJohn Marino 161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
83f5b1c8a1SJohn Marino 176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
84f5b1c8a1SJohn Marino 193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
85f5b1c8a1SJohn Marino 208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
86f5b1c8a1SJohn Marino 224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
87f5b1c8a1SJohn Marino 241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
88f5b1c8a1SJohn Marino
DES_set_odd_parity(DES_cblock * key)89f5b1c8a1SJohn Marino void DES_set_odd_parity(DES_cblock *key)
90f5b1c8a1SJohn Marino {
91f5b1c8a1SJohn Marino unsigned int i;
92f5b1c8a1SJohn Marino
93f5b1c8a1SJohn Marino for (i=0; i<DES_KEY_SZ; i++)
94f5b1c8a1SJohn Marino (*key)[i]=odd_parity[(*key)[i]];
95f5b1c8a1SJohn Marino }
96f5b1c8a1SJohn Marino
DES_check_key_parity(const_DES_cblock * key)97f5b1c8a1SJohn Marino int DES_check_key_parity(const_DES_cblock *key)
98f5b1c8a1SJohn Marino {
99f5b1c8a1SJohn Marino unsigned int i;
100f5b1c8a1SJohn Marino
101f5b1c8a1SJohn Marino for (i=0; i<DES_KEY_SZ; i++)
102f5b1c8a1SJohn Marino {
103f5b1c8a1SJohn Marino if ((*key)[i] != odd_parity[(*key)[i]])
104f5b1c8a1SJohn Marino return(0);
105f5b1c8a1SJohn Marino }
106f5b1c8a1SJohn Marino return(1);
107f5b1c8a1SJohn Marino }
108f5b1c8a1SJohn Marino
10972c33676SMaxim Ag /* Weak and semi weak keys as taken from
110f5b1c8a1SJohn Marino * %A D.W. Davies
111f5b1c8a1SJohn Marino * %A W.L. Price
112f5b1c8a1SJohn Marino * %T Security for Computer Networks
113f5b1c8a1SJohn Marino * %I John Wiley & Sons
114f5b1c8a1SJohn Marino * %D 1984
115f5b1c8a1SJohn Marino * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
116f5b1c8a1SJohn Marino * (and actual cblock values).
117f5b1c8a1SJohn Marino */
118f5b1c8a1SJohn Marino #define NUM_WEAK_KEY 16
119f5b1c8a1SJohn Marino static const DES_cblock weak_keys[NUM_WEAK_KEY]={
120f5b1c8a1SJohn Marino /* weak keys */
121f5b1c8a1SJohn Marino {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
122f5b1c8a1SJohn Marino {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
123f5b1c8a1SJohn Marino {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
124f5b1c8a1SJohn Marino {0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
125f5b1c8a1SJohn Marino /* semi-weak keys */
126f5b1c8a1SJohn Marino {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
127f5b1c8a1SJohn Marino {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
128f5b1c8a1SJohn Marino {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
129f5b1c8a1SJohn Marino {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
130f5b1c8a1SJohn Marino {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
131f5b1c8a1SJohn Marino {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
132f5b1c8a1SJohn Marino {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
133f5b1c8a1SJohn Marino {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
134f5b1c8a1SJohn Marino {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
135f5b1c8a1SJohn Marino {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
136f5b1c8a1SJohn Marino {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
137f5b1c8a1SJohn Marino {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
138f5b1c8a1SJohn Marino
139f5b1c8a1SJohn Marino int
DES_is_weak_key(const_DES_cblock * key)140f5b1c8a1SJohn Marino DES_is_weak_key(const_DES_cblock *key)
141f5b1c8a1SJohn Marino {
142f5b1c8a1SJohn Marino unsigned int i;
143f5b1c8a1SJohn Marino
144f5b1c8a1SJohn Marino for (i = 0; i < NUM_WEAK_KEY; i++)
145f5b1c8a1SJohn Marino if (memcmp(weak_keys[i], key, sizeof(DES_cblock)) == 0)
146f5b1c8a1SJohn Marino return 1;
147f5b1c8a1SJohn Marino return 0;
148f5b1c8a1SJohn Marino }
149f5b1c8a1SJohn Marino
150f5b1c8a1SJohn Marino /* NOW DEFINED IN des_local.h
151f5b1c8a1SJohn Marino * See ecb_encrypt.c for a pseudo description of these macros.
152f5b1c8a1SJohn Marino * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
153f5b1c8a1SJohn Marino * (b)^=(t),\
154f5b1c8a1SJohn Marino * (a)=((a)^((t)<<(n))))
155f5b1c8a1SJohn Marino */
156f5b1c8a1SJohn Marino
157f5b1c8a1SJohn Marino #define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
158f5b1c8a1SJohn Marino (a)=(a)^(t)^(t>>(16-(n))))
159f5b1c8a1SJohn Marino
160f5b1c8a1SJohn Marino static const DES_LONG des_skb[8][64]={
161f5b1c8a1SJohn Marino {
162f5b1c8a1SJohn Marino /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
163f5b1c8a1SJohn Marino 0x00000000L,0x00000010L,0x20000000L,0x20000010L,
164f5b1c8a1SJohn Marino 0x00010000L,0x00010010L,0x20010000L,0x20010010L,
165f5b1c8a1SJohn Marino 0x00000800L,0x00000810L,0x20000800L,0x20000810L,
166f5b1c8a1SJohn Marino 0x00010800L,0x00010810L,0x20010800L,0x20010810L,
167f5b1c8a1SJohn Marino 0x00000020L,0x00000030L,0x20000020L,0x20000030L,
168f5b1c8a1SJohn Marino 0x00010020L,0x00010030L,0x20010020L,0x20010030L,
169f5b1c8a1SJohn Marino 0x00000820L,0x00000830L,0x20000820L,0x20000830L,
170f5b1c8a1SJohn Marino 0x00010820L,0x00010830L,0x20010820L,0x20010830L,
171f5b1c8a1SJohn Marino 0x00080000L,0x00080010L,0x20080000L,0x20080010L,
172f5b1c8a1SJohn Marino 0x00090000L,0x00090010L,0x20090000L,0x20090010L,
173f5b1c8a1SJohn Marino 0x00080800L,0x00080810L,0x20080800L,0x20080810L,
174f5b1c8a1SJohn Marino 0x00090800L,0x00090810L,0x20090800L,0x20090810L,
175f5b1c8a1SJohn Marino 0x00080020L,0x00080030L,0x20080020L,0x20080030L,
176f5b1c8a1SJohn Marino 0x00090020L,0x00090030L,0x20090020L,0x20090030L,
177f5b1c8a1SJohn Marino 0x00080820L,0x00080830L,0x20080820L,0x20080830L,
178f5b1c8a1SJohn Marino 0x00090820L,0x00090830L,0x20090820L,0x20090830L,
179f5b1c8a1SJohn Marino },{
180f5b1c8a1SJohn Marino /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
181f5b1c8a1SJohn Marino 0x00000000L,0x02000000L,0x00002000L,0x02002000L,
182f5b1c8a1SJohn Marino 0x00200000L,0x02200000L,0x00202000L,0x02202000L,
183f5b1c8a1SJohn Marino 0x00000004L,0x02000004L,0x00002004L,0x02002004L,
184f5b1c8a1SJohn Marino 0x00200004L,0x02200004L,0x00202004L,0x02202004L,
185f5b1c8a1SJohn Marino 0x00000400L,0x02000400L,0x00002400L,0x02002400L,
186f5b1c8a1SJohn Marino 0x00200400L,0x02200400L,0x00202400L,0x02202400L,
187f5b1c8a1SJohn Marino 0x00000404L,0x02000404L,0x00002404L,0x02002404L,
188f5b1c8a1SJohn Marino 0x00200404L,0x02200404L,0x00202404L,0x02202404L,
189f5b1c8a1SJohn Marino 0x10000000L,0x12000000L,0x10002000L,0x12002000L,
190f5b1c8a1SJohn Marino 0x10200000L,0x12200000L,0x10202000L,0x12202000L,
191f5b1c8a1SJohn Marino 0x10000004L,0x12000004L,0x10002004L,0x12002004L,
192f5b1c8a1SJohn Marino 0x10200004L,0x12200004L,0x10202004L,0x12202004L,
193f5b1c8a1SJohn Marino 0x10000400L,0x12000400L,0x10002400L,0x12002400L,
194f5b1c8a1SJohn Marino 0x10200400L,0x12200400L,0x10202400L,0x12202400L,
195f5b1c8a1SJohn Marino 0x10000404L,0x12000404L,0x10002404L,0x12002404L,
196f5b1c8a1SJohn Marino 0x10200404L,0x12200404L,0x10202404L,0x12202404L,
197f5b1c8a1SJohn Marino },{
198f5b1c8a1SJohn Marino /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
199f5b1c8a1SJohn Marino 0x00000000L,0x00000001L,0x00040000L,0x00040001L,
200f5b1c8a1SJohn Marino 0x01000000L,0x01000001L,0x01040000L,0x01040001L,
201f5b1c8a1SJohn Marino 0x00000002L,0x00000003L,0x00040002L,0x00040003L,
202f5b1c8a1SJohn Marino 0x01000002L,0x01000003L,0x01040002L,0x01040003L,
203f5b1c8a1SJohn Marino 0x00000200L,0x00000201L,0x00040200L,0x00040201L,
204f5b1c8a1SJohn Marino 0x01000200L,0x01000201L,0x01040200L,0x01040201L,
205f5b1c8a1SJohn Marino 0x00000202L,0x00000203L,0x00040202L,0x00040203L,
206f5b1c8a1SJohn Marino 0x01000202L,0x01000203L,0x01040202L,0x01040203L,
207f5b1c8a1SJohn Marino 0x08000000L,0x08000001L,0x08040000L,0x08040001L,
208f5b1c8a1SJohn Marino 0x09000000L,0x09000001L,0x09040000L,0x09040001L,
209f5b1c8a1SJohn Marino 0x08000002L,0x08000003L,0x08040002L,0x08040003L,
210f5b1c8a1SJohn Marino 0x09000002L,0x09000003L,0x09040002L,0x09040003L,
211f5b1c8a1SJohn Marino 0x08000200L,0x08000201L,0x08040200L,0x08040201L,
212f5b1c8a1SJohn Marino 0x09000200L,0x09000201L,0x09040200L,0x09040201L,
213f5b1c8a1SJohn Marino 0x08000202L,0x08000203L,0x08040202L,0x08040203L,
214f5b1c8a1SJohn Marino 0x09000202L,0x09000203L,0x09040202L,0x09040203L,
215f5b1c8a1SJohn Marino },{
216f5b1c8a1SJohn Marino /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
217f5b1c8a1SJohn Marino 0x00000000L,0x00100000L,0x00000100L,0x00100100L,
218f5b1c8a1SJohn Marino 0x00000008L,0x00100008L,0x00000108L,0x00100108L,
219f5b1c8a1SJohn Marino 0x00001000L,0x00101000L,0x00001100L,0x00101100L,
220f5b1c8a1SJohn Marino 0x00001008L,0x00101008L,0x00001108L,0x00101108L,
221f5b1c8a1SJohn Marino 0x04000000L,0x04100000L,0x04000100L,0x04100100L,
222f5b1c8a1SJohn Marino 0x04000008L,0x04100008L,0x04000108L,0x04100108L,
223f5b1c8a1SJohn Marino 0x04001000L,0x04101000L,0x04001100L,0x04101100L,
224f5b1c8a1SJohn Marino 0x04001008L,0x04101008L,0x04001108L,0x04101108L,
225f5b1c8a1SJohn Marino 0x00020000L,0x00120000L,0x00020100L,0x00120100L,
226f5b1c8a1SJohn Marino 0x00020008L,0x00120008L,0x00020108L,0x00120108L,
227f5b1c8a1SJohn Marino 0x00021000L,0x00121000L,0x00021100L,0x00121100L,
228f5b1c8a1SJohn Marino 0x00021008L,0x00121008L,0x00021108L,0x00121108L,
229f5b1c8a1SJohn Marino 0x04020000L,0x04120000L,0x04020100L,0x04120100L,
230f5b1c8a1SJohn Marino 0x04020008L,0x04120008L,0x04020108L,0x04120108L,
231f5b1c8a1SJohn Marino 0x04021000L,0x04121000L,0x04021100L,0x04121100L,
232f5b1c8a1SJohn Marino 0x04021008L,0x04121008L,0x04021108L,0x04121108L,
233f5b1c8a1SJohn Marino },{
234f5b1c8a1SJohn Marino /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
235f5b1c8a1SJohn Marino 0x00000000L,0x10000000L,0x00010000L,0x10010000L,
236f5b1c8a1SJohn Marino 0x00000004L,0x10000004L,0x00010004L,0x10010004L,
237f5b1c8a1SJohn Marino 0x20000000L,0x30000000L,0x20010000L,0x30010000L,
238f5b1c8a1SJohn Marino 0x20000004L,0x30000004L,0x20010004L,0x30010004L,
239f5b1c8a1SJohn Marino 0x00100000L,0x10100000L,0x00110000L,0x10110000L,
240f5b1c8a1SJohn Marino 0x00100004L,0x10100004L,0x00110004L,0x10110004L,
241f5b1c8a1SJohn Marino 0x20100000L,0x30100000L,0x20110000L,0x30110000L,
242f5b1c8a1SJohn Marino 0x20100004L,0x30100004L,0x20110004L,0x30110004L,
243f5b1c8a1SJohn Marino 0x00001000L,0x10001000L,0x00011000L,0x10011000L,
244f5b1c8a1SJohn Marino 0x00001004L,0x10001004L,0x00011004L,0x10011004L,
245f5b1c8a1SJohn Marino 0x20001000L,0x30001000L,0x20011000L,0x30011000L,
246f5b1c8a1SJohn Marino 0x20001004L,0x30001004L,0x20011004L,0x30011004L,
247f5b1c8a1SJohn Marino 0x00101000L,0x10101000L,0x00111000L,0x10111000L,
248f5b1c8a1SJohn Marino 0x00101004L,0x10101004L,0x00111004L,0x10111004L,
249f5b1c8a1SJohn Marino 0x20101000L,0x30101000L,0x20111000L,0x30111000L,
250f5b1c8a1SJohn Marino 0x20101004L,0x30101004L,0x20111004L,0x30111004L,
251f5b1c8a1SJohn Marino },{
252f5b1c8a1SJohn Marino /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
253f5b1c8a1SJohn Marino 0x00000000L,0x08000000L,0x00000008L,0x08000008L,
254f5b1c8a1SJohn Marino 0x00000400L,0x08000400L,0x00000408L,0x08000408L,
255f5b1c8a1SJohn Marino 0x00020000L,0x08020000L,0x00020008L,0x08020008L,
256f5b1c8a1SJohn Marino 0x00020400L,0x08020400L,0x00020408L,0x08020408L,
257f5b1c8a1SJohn Marino 0x00000001L,0x08000001L,0x00000009L,0x08000009L,
258f5b1c8a1SJohn Marino 0x00000401L,0x08000401L,0x00000409L,0x08000409L,
259f5b1c8a1SJohn Marino 0x00020001L,0x08020001L,0x00020009L,0x08020009L,
260f5b1c8a1SJohn Marino 0x00020401L,0x08020401L,0x00020409L,0x08020409L,
261f5b1c8a1SJohn Marino 0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
262f5b1c8a1SJohn Marino 0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
263f5b1c8a1SJohn Marino 0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
264f5b1c8a1SJohn Marino 0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
265f5b1c8a1SJohn Marino 0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
266f5b1c8a1SJohn Marino 0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
267f5b1c8a1SJohn Marino 0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
268f5b1c8a1SJohn Marino 0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
269f5b1c8a1SJohn Marino },{
270f5b1c8a1SJohn Marino /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
271f5b1c8a1SJohn Marino 0x00000000L,0x00000100L,0x00080000L,0x00080100L,
272f5b1c8a1SJohn Marino 0x01000000L,0x01000100L,0x01080000L,0x01080100L,
273f5b1c8a1SJohn Marino 0x00000010L,0x00000110L,0x00080010L,0x00080110L,
274f5b1c8a1SJohn Marino 0x01000010L,0x01000110L,0x01080010L,0x01080110L,
275f5b1c8a1SJohn Marino 0x00200000L,0x00200100L,0x00280000L,0x00280100L,
276f5b1c8a1SJohn Marino 0x01200000L,0x01200100L,0x01280000L,0x01280100L,
277f5b1c8a1SJohn Marino 0x00200010L,0x00200110L,0x00280010L,0x00280110L,
278f5b1c8a1SJohn Marino 0x01200010L,0x01200110L,0x01280010L,0x01280110L,
279f5b1c8a1SJohn Marino 0x00000200L,0x00000300L,0x00080200L,0x00080300L,
280f5b1c8a1SJohn Marino 0x01000200L,0x01000300L,0x01080200L,0x01080300L,
281f5b1c8a1SJohn Marino 0x00000210L,0x00000310L,0x00080210L,0x00080310L,
282f5b1c8a1SJohn Marino 0x01000210L,0x01000310L,0x01080210L,0x01080310L,
283f5b1c8a1SJohn Marino 0x00200200L,0x00200300L,0x00280200L,0x00280300L,
284f5b1c8a1SJohn Marino 0x01200200L,0x01200300L,0x01280200L,0x01280300L,
285f5b1c8a1SJohn Marino 0x00200210L,0x00200310L,0x00280210L,0x00280310L,
286f5b1c8a1SJohn Marino 0x01200210L,0x01200310L,0x01280210L,0x01280310L,
287f5b1c8a1SJohn Marino },{
288f5b1c8a1SJohn Marino /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
289f5b1c8a1SJohn Marino 0x00000000L,0x04000000L,0x00040000L,0x04040000L,
290f5b1c8a1SJohn Marino 0x00000002L,0x04000002L,0x00040002L,0x04040002L,
291f5b1c8a1SJohn Marino 0x00002000L,0x04002000L,0x00042000L,0x04042000L,
292f5b1c8a1SJohn Marino 0x00002002L,0x04002002L,0x00042002L,0x04042002L,
293f5b1c8a1SJohn Marino 0x00000020L,0x04000020L,0x00040020L,0x04040020L,
294f5b1c8a1SJohn Marino 0x00000022L,0x04000022L,0x00040022L,0x04040022L,
295f5b1c8a1SJohn Marino 0x00002020L,0x04002020L,0x00042020L,0x04042020L,
296f5b1c8a1SJohn Marino 0x00002022L,0x04002022L,0x00042022L,0x04042022L,
297f5b1c8a1SJohn Marino 0x00000800L,0x04000800L,0x00040800L,0x04040800L,
298f5b1c8a1SJohn Marino 0x00000802L,0x04000802L,0x00040802L,0x04040802L,
299f5b1c8a1SJohn Marino 0x00002800L,0x04002800L,0x00042800L,0x04042800L,
300f5b1c8a1SJohn Marino 0x00002802L,0x04002802L,0x00042802L,0x04042802L,
301f5b1c8a1SJohn Marino 0x00000820L,0x04000820L,0x00040820L,0x04040820L,
302f5b1c8a1SJohn Marino 0x00000822L,0x04000822L,0x00040822L,0x04040822L,
303f5b1c8a1SJohn Marino 0x00002820L,0x04002820L,0x00042820L,0x04042820L,
304f5b1c8a1SJohn Marino 0x00002822L,0x04002822L,0x00042822L,0x04042822L,
305f5b1c8a1SJohn Marino }};
306f5b1c8a1SJohn Marino
DES_set_key(const_DES_cblock * key,DES_key_schedule * schedule)307f5b1c8a1SJohn Marino int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
308f5b1c8a1SJohn Marino {
309f5b1c8a1SJohn Marino if (DES_check_key)
310f5b1c8a1SJohn Marino {
311f5b1c8a1SJohn Marino return DES_set_key_checked(key, schedule);
312f5b1c8a1SJohn Marino }
313f5b1c8a1SJohn Marino else
314f5b1c8a1SJohn Marino {
315f5b1c8a1SJohn Marino DES_set_key_unchecked(key, schedule);
316f5b1c8a1SJohn Marino return 0;
317f5b1c8a1SJohn Marino }
318f5b1c8a1SJohn Marino }
319f5b1c8a1SJohn Marino
320f5b1c8a1SJohn Marino /* return 0 if key parity is odd (correct),
321f5b1c8a1SJohn Marino * return -1 if key parity error,
322f5b1c8a1SJohn Marino * return -2 if illegal weak key.
323f5b1c8a1SJohn Marino */
DES_set_key_checked(const_DES_cblock * key,DES_key_schedule * schedule)324f5b1c8a1SJohn Marino int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
325f5b1c8a1SJohn Marino {
326f5b1c8a1SJohn Marino if (!DES_check_key_parity(key))
327f5b1c8a1SJohn Marino return(-1);
328f5b1c8a1SJohn Marino if (DES_is_weak_key(key))
329f5b1c8a1SJohn Marino return(-2);
330f5b1c8a1SJohn Marino DES_set_key_unchecked(key, schedule);
331f5b1c8a1SJohn Marino return 0;
332f5b1c8a1SJohn Marino }
333f5b1c8a1SJohn Marino
DES_set_key_unchecked(const_DES_cblock * key,DES_key_schedule * schedule)334f5b1c8a1SJohn Marino void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
335f5b1c8a1SJohn Marino {
336f5b1c8a1SJohn Marino static const int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
337f5b1c8a1SJohn Marino DES_LONG c,d,t,s,t2;
338f5b1c8a1SJohn Marino const unsigned char *in;
339f5b1c8a1SJohn Marino DES_LONG *k;
340f5b1c8a1SJohn Marino int i;
341f5b1c8a1SJohn Marino
342f5b1c8a1SJohn Marino k = &schedule->ks->deslong[0];
343f5b1c8a1SJohn Marino in = &(*key)[0];
344f5b1c8a1SJohn Marino
345f5b1c8a1SJohn Marino c2l(in,c);
346f5b1c8a1SJohn Marino c2l(in,d);
347f5b1c8a1SJohn Marino
348f5b1c8a1SJohn Marino /* do PC1 in 47 simple operations :-)
349f5b1c8a1SJohn Marino * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
350f5b1c8a1SJohn Marino * for the inspiration. :-) */
351f5b1c8a1SJohn Marino PERM_OP (d,c,t,4,0x0f0f0f0fL);
352f5b1c8a1SJohn Marino HPERM_OP(c,t,-2,0xcccc0000L);
353f5b1c8a1SJohn Marino HPERM_OP(d,t,-2,0xcccc0000L);
354f5b1c8a1SJohn Marino PERM_OP (d,c,t,1,0x55555555L);
355f5b1c8a1SJohn Marino PERM_OP (c,d,t,8,0x00ff00ffL);
356f5b1c8a1SJohn Marino PERM_OP (d,c,t,1,0x55555555L);
357f5b1c8a1SJohn Marino d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) |
358f5b1c8a1SJohn Marino ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
359f5b1c8a1SJohn Marino c&=0x0fffffffL;
360f5b1c8a1SJohn Marino
361f5b1c8a1SJohn Marino for (i=0; i<ITERATIONS; i++)
362f5b1c8a1SJohn Marino {
363f5b1c8a1SJohn Marino if (shifts2[i])
364f5b1c8a1SJohn Marino { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
365f5b1c8a1SJohn Marino else
366f5b1c8a1SJohn Marino { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
367f5b1c8a1SJohn Marino c&=0x0fffffffL;
368f5b1c8a1SJohn Marino d&=0x0fffffffL;
369f5b1c8a1SJohn Marino /* could be a few less shifts but I am to lazy at this
370f5b1c8a1SJohn Marino * point in time to investigate */
371f5b1c8a1SJohn Marino s= des_skb[0][ (c )&0x3f ]|
372f5b1c8a1SJohn Marino des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]|
373f5b1c8a1SJohn Marino des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]|
374f5b1c8a1SJohn Marino des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) |
375f5b1c8a1SJohn Marino ((c>>22L)&0x38)];
376f5b1c8a1SJohn Marino t= des_skb[4][ (d )&0x3f ]|
377f5b1c8a1SJohn Marino des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
378f5b1c8a1SJohn Marino des_skb[6][ (d>>15L)&0x3f ]|
379f5b1c8a1SJohn Marino des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
380f5b1c8a1SJohn Marino
381f5b1c8a1SJohn Marino /* table contained 0213 4657 */
382f5b1c8a1SJohn Marino t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
383f5b1c8a1SJohn Marino *(k++)=ROTATE(t2,30)&0xffffffffL;
384f5b1c8a1SJohn Marino
385f5b1c8a1SJohn Marino t2=((s>>16L)|(t&0xffff0000L));
386f5b1c8a1SJohn Marino *(k++)=ROTATE(t2,26)&0xffffffffL;
387f5b1c8a1SJohn Marino }
388f5b1c8a1SJohn Marino }
389f5b1c8a1SJohn Marino
DES_key_sched(const_DES_cblock * key,DES_key_schedule * schedule)390f5b1c8a1SJohn Marino int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
391f5b1c8a1SJohn Marino {
392f5b1c8a1SJohn Marino return(DES_set_key(key,schedule));
393f5b1c8a1SJohn Marino }
394f5b1c8a1SJohn Marino /*
395f5b1c8a1SJohn Marino #undef des_fixup_key_parity
396f5b1c8a1SJohn Marino void des_fixup_key_parity(des_cblock *key)
397f5b1c8a1SJohn Marino {
398f5b1c8a1SJohn Marino des_set_odd_parity(key);
399f5b1c8a1SJohn Marino }
400f5b1c8a1SJohn Marino */
401