xref: /illumos-gate/usr/src/lib/libcrypt/common/des_decrypt.c (revision 20a7641f9918de8574b8b3b47dbe35c4bfc78df1)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*	Copyright (c) 1988 AT&T	*/
23 /*	  All Rights Reserved  	*/
24 
25 
26 /*
27  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
28  * Use is subject to license terms.
29  */
30 
31 /*LINTLIBRARY*/
32 
33 #include <sys/types.h>
34 
35 void
36 _des_decrypt1(char *block, char *L, char *IP, char *R, char *preS, char *E, char KS[][48], char S[][64], char *f, char *tempL, char *P, char *FP)
37 {
38 	int	i, ii;
39 	int	t, j, k;
40 	char	t2;
41 
42 	/*
43 	 * First, permute the bits in the input
44 	 */
45 	for (j = 0; j < 64; j++)
46 		L[j] = block[IP[j]-1];
47 	/*
48 	 * Perform a decryption operation 16 times.
49 	 */
50 	for (ii = 0; ii < 16; ii++) {
51 		i = 15-ii;
52 		/*
53 		 * Save the R array,
54 		 * which will be the new L.
55 		 */
56 		for (j = 0; j < 32; j++)
57 			tempL[j] = R[j];
58 		/*
59 		 * Expand R to 48 bits using the E selector;
60 		 * exclusive-or with the current key bits.
61 		 */
62 		for (j = 0; j < 48; j++)
63 			preS[j] = R[E[j]-1] ^ KS[i][j];
64 		/*
65 		 * The pre-select bits are now considered
66 		 * in 8 groups of 6 bits each.
67 		 * The 8 selection functions map these
68 		 * 6-bit quantities into 4-bit quantities
69 		 * and the results permuted
70 		 * to make an f(R, K).
71 		 * The indexing into the selection functions
72 		 * is peculiar; it could be simplified by
73 		 * rewriting the tables.
74 		 */
75 		for (j = 0; j < 8; j++) {
76 			t = 6*j;
77 			k = S[j][(preS[t+0]<<5)+
78 				(preS[t+1]<<3)+
79 				(preS[t+2]<<2)+
80 				(preS[t+3]<<1)+
81 				(preS[t+4]<<0)+
82 				(preS[t+5]<<4)];
83 			t = 4*j;
84 			f[t+0] = (k>>3)&01;
85 			f[t+1] = (k>>2)&01;
86 			f[t+2] = (k>>1)&01;
87 			f[t+3] = (k>>0)&01;
88 		}
89 		/*
90 		 * The new R is L ^ f(R, K).
91 		 * The f here has to be permuted first, though.
92 		 */
93 		for (j = 0; j < 32; j++)
94 			R[j] = L[j] ^ f[P[j]-1];
95 		/*
96 		 * Finally, the new L (the original R)
97 		 * is copied back.
98 		 */
99 		for (j = 0; j < 32; j++)
100 			L[j] = tempL[j];
101 	}
102 	/*
103 	 * The output L and R are reversed.
104 	 */
105 	for (j = 0; j < 32; j++) {
106 		t2 = L[j];
107 		L[j] = R[j];
108 		R[j] = t2;
109 	}
110 	/*
111 	 * The final output
112 	 * gets the inverse permutation of the very original.
113 	 */
114 	for (j = 0; j < 64; j++)
115 		block[j] = L[FP[j]-1];
116 }
117