des_generic.c (7a996d3ab150bb0e1b71fa182f70199a703efdd1) | des_generic.c (db36b906fefa5b95039bd418bc354ffc9b141020) |
---|---|
1/* 2 * Cryptographic API. 3 * 4 * DES & Triple DES EDE Cipher Algorithms. 5 * 6 * Copyright (c) 2005 Dag Arne Osvik <da@osvik.no> 7 * 8 * This program is free software; you can redistribute it and/or modify --- 600 unchanged lines hidden (view full) --- 609 * or D_i in bits 7-1 (bit 0 being the least significant). 610 */ 611 612#define T1(x) pt[2 * (x) + 0] 613#define T2(x) pt[2 * (x) + 1] 614#define T3(x) pt[2 * (x) + 2] 615#define T4(x) pt[2 * (x) + 3] 616 | 1/* 2 * Cryptographic API. 3 * 4 * DES & Triple DES EDE Cipher Algorithms. 5 * 6 * Copyright (c) 2005 Dag Arne Osvik <da@osvik.no> 7 * 8 * This program is free software; you can redistribute it and/or modify --- 600 unchanged lines hidden (view full) --- 609 * or D_i in bits 7-1 (bit 0 being the least significant). 610 */ 611 612#define T1(x) pt[2 * (x) + 0] 613#define T2(x) pt[2 * (x) + 1] 614#define T3(x) pt[2 * (x) + 2] 615#define T4(x) pt[2 * (x) + 3] 616 |
617#define PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a)) | 617#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a)) |
618 619/* 620 * Encryption key expansion 621 * 622 * RFC2451: Weak key checks SHOULD be performed. 623 * 624 * FIPS 74: 625 * --- 8 unchanged lines hidden (view full) --- 634 unsigned long a, b, c, d, w; 635 const u32 *pt = pc2; 636 637 d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; 638 c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; 639 b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; 640 a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; 641 | 618 619/* 620 * Encryption key expansion 621 * 622 * RFC2451: Weak key checks SHOULD be performed. 623 * 624 * FIPS 74: 625 * --- 8 unchanged lines hidden (view full) --- 634 unsigned long a, b, c, d, w; 635 const u32 *pt = pc2; 636 637 d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; 638 c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; 639 b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; 640 a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; 641 |
642 pe[15 * 2 + 0] = PC2(a, b, c, d); d = rs[d]; 643 pe[14 * 2 + 0] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 644 pe[13 * 2 + 0] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 645 pe[12 * 2 + 0] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 646 pe[11 * 2 + 0] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 647 pe[10 * 2 + 0] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 648 pe[ 9 * 2 + 0] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 649 pe[ 8 * 2 + 0] = PC2(d, a, b, c); c = rs[c]; 650 pe[ 7 * 2 + 0] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 651 pe[ 6 * 2 + 0] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 652 pe[ 5 * 2 + 0] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 653 pe[ 4 * 2 + 0] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 654 pe[ 3 * 2 + 0] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 655 pe[ 2 * 2 + 0] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 656 pe[ 1 * 2 + 0] = PC2(c, d, a, b); b = rs[b]; 657 pe[ 0 * 2 + 0] = PC2(b, c, d, a); | 642 pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; 643 pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 644 pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 645 pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 646 pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 647 pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 648 pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 649 pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; 650 pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 651 pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 652 pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 653 pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 654 pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 655 pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 656 pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; 657 pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a); |
658 659 /* Check if first half is weak */ 660 w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); 661 662 /* Skip to next table set */ 663 pt += 512; 664 665 d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; 666 c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; 667 b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; 668 a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; 669 670 /* Check if second half is weak */ 671 w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); 672 | 658 659 /* Check if first half is weak */ 660 w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); 661 662 /* Skip to next table set */ 663 pt += 512; 664 665 d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; 666 c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; 667 b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; 668 a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; 669 670 /* Check if second half is weak */ 671 w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]); 672 |
673 pe[15 * 2 + 1] = PC2(a, b, c, d); d = rs[d]; 674 pe[14 * 2 + 1] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 675 pe[13 * 2 + 1] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 676 pe[12 * 2 + 1] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 677 pe[11 * 2 + 1] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 678 pe[10 * 2 + 1] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 679 pe[ 9 * 2 + 1] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 680 pe[ 8 * 2 + 1] = PC2(d, a, b, c); c = rs[c]; 681 pe[ 7 * 2 + 1] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 682 pe[ 6 * 2 + 1] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 683 pe[ 5 * 2 + 1] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 684 pe[ 4 * 2 + 1] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 685 pe[ 3 * 2 + 1] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 686 pe[ 2 * 2 + 1] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 687 pe[ 1 * 2 + 1] = PC2(c, d, a, b); b = rs[b]; 688 pe[ 0 * 2 + 1] = PC2(b, c, d, a); | 673 pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; 674 pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 675 pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 676 pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 677 pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 678 pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 679 pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 680 pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; 681 pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 682 pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 683 pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 684 pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 685 pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 686 pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 687 pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; 688 pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a); |
689 690 /* Fixup: 2413 5768 -> 1357 2468 */ 691 for (d = 0; d < 16; ++d) { 692 a = pe[2 * d]; 693 b = pe[2 * d + 1]; 694 c = a ^ b; 695 c &= 0xffff0000; 696 a ^= c; --- 20 unchanged lines hidden (view full) --- 717 unsigned long a, b, c, d; 718 const u32 *pt = pc2; 719 720 d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; 721 c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; 722 b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; 723 a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; 724 | 689 690 /* Fixup: 2413 5768 -> 1357 2468 */ 691 for (d = 0; d < 16; ++d) { 692 a = pe[2 * d]; 693 b = pe[2 * d + 1]; 694 c = a ^ b; 695 c &= 0xffff0000; 696 a ^= c; --- 20 unchanged lines hidden (view full) --- 717 unsigned long a, b, c, d; 718 const u32 *pt = pc2; 719 720 d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d]; 721 c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c]; 722 b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b]; 723 a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a]; 724 |
725 pe[ 0 * 2] = PC2(a, b, c, d); d = rs[d]; 726 pe[ 1 * 2] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 727 pe[ 2 * 2] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 728 pe[ 3 * 2] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 729 pe[ 4 * 2] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 730 pe[ 5 * 2] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 731 pe[ 6 * 2] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 732 pe[ 7 * 2] = PC2(d, a, b, c); c = rs[c]; 733 pe[ 8 * 2] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 734 pe[ 9 * 2] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 735 pe[10 * 2] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 736 pe[11 * 2] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 737 pe[12 * 2] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 738 pe[13 * 2] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 739 pe[14 * 2] = PC2(c, d, a, b); b = rs[b]; 740 pe[15 * 2] = PC2(b, c, d, a); | 725 pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d]; 726 pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 727 pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 728 pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 729 pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 730 pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 731 pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 732 pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c]; 733 pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 734 pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 735 pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 736 pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 737 pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 738 pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 739 pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b]; 740 pe[15 * 2] = DES_PC2(b, c, d, a); |
741 742 /* Skip to next table set */ 743 pt += 512; 744 745 d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; 746 c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; 747 b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; 748 a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; 749 | 741 742 /* Skip to next table set */ 743 pt += 512; 744 745 d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1]; 746 c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1]; 747 b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1]; 748 a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1]; 749 |
750 pe[ 0 * 2 + 1] = PC2(a, b, c, d); d = rs[d]; 751 pe[ 1 * 2 + 1] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 752 pe[ 2 * 2 + 1] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 753 pe[ 3 * 2 + 1] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 754 pe[ 4 * 2 + 1] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 755 pe[ 5 * 2 + 1] = PC2(d, a, b, c); c = rs[c]; b = rs[b]; 756 pe[ 6 * 2 + 1] = PC2(b, c, d, a); a = rs[a]; d = rs[d]; 757 pe[ 7 * 2 + 1] = PC2(d, a, b, c); c = rs[c]; 758 pe[ 8 * 2 + 1] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 759 pe[ 9 * 2 + 1] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 760 pe[10 * 2 + 1] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 761 pe[11 * 2 + 1] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 762 pe[12 * 2 + 1] = PC2(c, d, a, b); b = rs[b]; a = rs[a]; 763 pe[13 * 2 + 1] = PC2(a, b, c, d); d = rs[d]; c = rs[c]; 764 pe[14 * 2 + 1] = PC2(c, d, a, b); b = rs[b]; 765 pe[15 * 2 + 1] = PC2(b, c, d, a); | 750 pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; 751 pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 752 pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 753 pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 754 pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 755 pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b]; 756 pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d]; 757 pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; 758 pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 759 pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 760 pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 761 pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 762 pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a]; 763 pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c]; 764 pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; 765 pe[15 * 2 + 1] = DES_PC2(b, c, d, a); |
766 767 /* Fixup: 2413 5768 -> 1357 2468 */ 768 for (d = 0; d < 16; ++d) { 769 a = pe[2 * d]; 770 b = pe[2 * d + 1]; 771 c = a ^ b; 772 c &= 0xffff0000; 773 a ^= c; --- 234 unchanged lines hidden --- | 766 767 /* Fixup: 2413 5768 -> 1357 2468 */ 768 for (d = 0; d < 16; ++d) { 769 a = pe[2 * d]; 770 b = pe[2 * d + 1]; 771 c = a ^ b; 772 c &= 0xffff0000; 773 a ^= c; --- 234 unchanged lines hidden --- |