43 * be moved to text.
44 */
45
46 /*
47 * Fast (?) software implementation of DES
48 * Has been seen going at 2000 bytes/sec on a Sun-2
49 * Works on a VAX too.
50 * Won't work without 8 bit chars and 32 bit longs
51 */
52
53 #include <sys/types.h>
54 #include <des/des.h>
55 #include <des/softdes.h>
56 #include <des/desdata.h>
57 #include <sys/debug.h>
58
59 static void des_setkey(u_char userkey[8], struct deskeydata *kd,
60 unsigned int dir);
61 static void des_encrypt(u_char *data, struct deskeydata *kd);
62
63 /* EXPORT DELETE START */
64 #define btst(k, b) (k[b >> 3] & (0x80 >> (b & 07)))
65 #define BIT28 (1<<28)
66 /* EXPORT DELETE END */
67
68 /*
69 * Software encrypt or decrypt a block of data (multiple of 8 bytes)
70 * Do the CBC ourselves if needed.
71 */
72 /* ARGSUSED */
73 int
74 _des_crypt(char *buf, size_t len, struct desparams *desp)
75 {
76 /* EXPORT DELETE START */
77 short i;
78 uint_t mode;
79 uint_t dir;
80 char nextiv[8];
81 struct deskeydata softkey;
82
83 mode = desp->des_mode;
84 dir = desp->des_dir;
85 des_setkey(desp->des_key, &softkey, dir);
86 while (len != 0) {
87 switch (mode) {
88 case CBC:
89 switch (dir) {
90 case ENCRYPT:
91 for (i = 0; i < 8; i++)
92 buf[i] ^= desp->des_ivec[i];
93 des_encrypt((u_char *)buf, &softkey);
94 for (i = 0; i < 8; i++)
95 desp->des_ivec[i] = buf[i];
96 break;
97 case DECRYPT:
98 for (i = 0; i < 8; i++)
99 nextiv[i] = buf[i];
100 des_encrypt((u_char *)buf, &softkey);
101 for (i = 0; i < 8; i++) {
102 buf[i] ^= desp->des_ivec[i];
103 desp->des_ivec[i] = nextiv[i];
104 }
105 break;
106 }
107 break;
108 case ECB:
109 des_encrypt((u_char *)buf, &softkey);
110 break;
111 }
112 buf += 8;
113 len -= 8;
114 }
115 /* EXPORT DELETE END */
116 return (1);
117 }
118
119
120 /*
121 * Set the key and direction for an encryption operation
122 * We build the 16 key entries here
123 */
124 /* ARGSUSED */
125 static void
126 des_setkey(u_char userkey[8], struct deskeydata *kd, unsigned int dir)
127 {
128 /* EXPORT DELETE START */
129 int32_t C, D;
130 short i;
131
132 /*
133 * First, generate C and D by permuting
134 * the key. The low order bit of each
135 * 8-bit char is not used, so C and D are only 28
136 * bits apiece.
137 */
138 {
139 short bit;
140 short *pcc = (short *)PC1_C, *pcd = (short *)PC1_D;
141
142 C = D = 0;
143 for (i = 0; i < 28; i++) {
144 C <<= 1;
145 D <<= 1;
146 bit = *pcc++;
147 if (btst(userkey, bit))
148 C |= 1;
189 c = &kd->keyval[i];
190 break;
191 case DECRYPT:
192 c = &kd->keyval[15 - i];
193 break;
194 }
195 c->long0 = 0;
196 c->long1 = 0;
197 bbit = (1 << 5) << 24;
198 for (j = 0; j < 4; j++) {
199 for (k = 0; k < 6; k++) {
200 if (C & (BIT28 >> PC2_C[bit]))
201 c->long0 |= bbit >> k;
202 if (D & (BIT28 >> PC2_D[bit]))
203 c->long1 |= bbit >> k;
204 bit++;
205 }
206 bbit >>= 8;
207 }
208 }
209 /* EXPORT DELETE END */
210 }
211
212
213
214 /*
215 * Do an encryption operation
216 * Much pain is taken (with preprocessor) to avoid loops so the compiler
217 * can do address arithmetic instead of doing it at runtime.
218 * Note that the byte-to-chunk conversion is necessary to guarantee
219 * processor byte-order independence.
220 */
221 /* ARGSUSED */
222 static void
223 des_encrypt(u_char *data, struct deskeydata *kd)
224 {
225 /* EXPORT DELETE START */
226 chunk_t work1, work2;
227
228 /*
229 * Initial permutation
230 * and byte to chunk conversion
231 */
232 {
233 const uint32_t *lp;
234 uint32_t l0, l1, w;
235 short i, pbit;
236
237 work1.byte0 = data[0];
238 work1.byte1 = data[1];
239 work1.byte2 = data[2];
240 work1.byte3 = data[3];
241 work1.byte4 = data[4];
242 work1.byte5 = data[5];
243 work1.byte6 = data[6];
244 work1.byte7 = data[7];
245 l0 = l1 = 0;
383 for (lp = &longtab[0], i = 32; i < 64; i++) {
384 if (w & *lp++) {
385 pbit = FPtab[i];
386 if (pbit < 32)
387 l0 |= longtab[pbit];
388 else
389 l1 |= longtab[pbit-32];
390 }
391 }
392 work2.long0 = l0;
393 work2.long1 = l1;
394 }
395 data[0] = work2.byte0;
396 data[1] = work2.byte1;
397 data[2] = work2.byte2;
398 data[3] = work2.byte3;
399 data[4] = work2.byte4;
400 data[5] = work2.byte5;
401 data[6] = work2.byte6;
402 data[7] = work2.byte7;
403 /* EXPORT DELETE END */
404 }
|
43 * be moved to text.
44 */
45
46 /*
47 * Fast (?) software implementation of DES
48 * Has been seen going at 2000 bytes/sec on a Sun-2
49 * Works on a VAX too.
50 * Won't work without 8 bit chars and 32 bit longs
51 */
52
53 #include <sys/types.h>
54 #include <des/des.h>
55 #include <des/softdes.h>
56 #include <des/desdata.h>
57 #include <sys/debug.h>
58
59 static void des_setkey(u_char userkey[8], struct deskeydata *kd,
60 unsigned int dir);
61 static void des_encrypt(u_char *data, struct deskeydata *kd);
62
63 #define btst(k, b) (k[b >> 3] & (0x80 >> (b & 07)))
64 #define BIT28 (1<<28)
65
66 /*
67 * Software encrypt or decrypt a block of data (multiple of 8 bytes)
68 * Do the CBC ourselves if needed.
69 */
70 /* ARGSUSED */
71 int
72 _des_crypt(char *buf, size_t len, struct desparams *desp)
73 {
74 short i;
75 uint_t mode;
76 uint_t dir;
77 char nextiv[8];
78 struct deskeydata softkey;
79
80 mode = desp->des_mode;
81 dir = desp->des_dir;
82 des_setkey(desp->des_key, &softkey, dir);
83 while (len != 0) {
84 switch (mode) {
85 case CBC:
86 switch (dir) {
87 case ENCRYPT:
88 for (i = 0; i < 8; i++)
89 buf[i] ^= desp->des_ivec[i];
90 des_encrypt((u_char *)buf, &softkey);
91 for (i = 0; i < 8; i++)
92 desp->des_ivec[i] = buf[i];
93 break;
94 case DECRYPT:
95 for (i = 0; i < 8; i++)
96 nextiv[i] = buf[i];
97 des_encrypt((u_char *)buf, &softkey);
98 for (i = 0; i < 8; i++) {
99 buf[i] ^= desp->des_ivec[i];
100 desp->des_ivec[i] = nextiv[i];
101 }
102 break;
103 }
104 break;
105 case ECB:
106 des_encrypt((u_char *)buf, &softkey);
107 break;
108 }
109 buf += 8;
110 len -= 8;
111 }
112 return (1);
113 }
114
115
116 /*
117 * Set the key and direction for an encryption operation
118 * We build the 16 key entries here
119 */
120 /* ARGSUSED */
121 static void
122 des_setkey(u_char userkey[8], struct deskeydata *kd, unsigned int dir)
123 {
124 int32_t C, D;
125 short i;
126
127 /*
128 * First, generate C and D by permuting
129 * the key. The low order bit of each
130 * 8-bit char is not used, so C and D are only 28
131 * bits apiece.
132 */
133 {
134 short bit;
135 short *pcc = (short *)PC1_C, *pcd = (short *)PC1_D;
136
137 C = D = 0;
138 for (i = 0; i < 28; i++) {
139 C <<= 1;
140 D <<= 1;
141 bit = *pcc++;
142 if (btst(userkey, bit))
143 C |= 1;
184 c = &kd->keyval[i];
185 break;
186 case DECRYPT:
187 c = &kd->keyval[15 - i];
188 break;
189 }
190 c->long0 = 0;
191 c->long1 = 0;
192 bbit = (1 << 5) << 24;
193 for (j = 0; j < 4; j++) {
194 for (k = 0; k < 6; k++) {
195 if (C & (BIT28 >> PC2_C[bit]))
196 c->long0 |= bbit >> k;
197 if (D & (BIT28 >> PC2_D[bit]))
198 c->long1 |= bbit >> k;
199 bit++;
200 }
201 bbit >>= 8;
202 }
203 }
204 }
205
206
207
208 /*
209 * Do an encryption operation
210 * Much pain is taken (with preprocessor) to avoid loops so the compiler
211 * can do address arithmetic instead of doing it at runtime.
212 * Note that the byte-to-chunk conversion is necessary to guarantee
213 * processor byte-order independence.
214 */
215 /* ARGSUSED */
216 static void
217 des_encrypt(u_char *data, struct deskeydata *kd)
218 {
219 chunk_t work1, work2;
220
221 /*
222 * Initial permutation
223 * and byte to chunk conversion
224 */
225 {
226 const uint32_t *lp;
227 uint32_t l0, l1, w;
228 short i, pbit;
229
230 work1.byte0 = data[0];
231 work1.byte1 = data[1];
232 work1.byte2 = data[2];
233 work1.byte3 = data[3];
234 work1.byte4 = data[4];
235 work1.byte5 = data[5];
236 work1.byte6 = data[6];
237 work1.byte7 = data[7];
238 l0 = l1 = 0;
376 for (lp = &longtab[0], i = 32; i < 64; i++) {
377 if (w & *lp++) {
378 pbit = FPtab[i];
379 if (pbit < 32)
380 l0 |= longtab[pbit];
381 else
382 l1 |= longtab[pbit-32];
383 }
384 }
385 work2.long0 = l0;
386 work2.long1 = l1;
387 }
388 data[0] = work2.byte0;
389 data[1] = work2.byte1;
390 data[2] = work2.byte2;
391 data[3] = work2.byte3;
392 data[4] = work2.byte4;
393 data[5] = work2.byte5;
394 data[6] = work2.byte6;
395 data[7] = work2.byte7;
396 }
|