des_enc.c 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411
  1. /* crypto/des/des_enc.c */
  2. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  3. * All rights reserved.
  4. *
  5. * This package is an SSL implementation written
  6. * by Eric Young (eay@cryptsoft.com).
  7. * The implementation was written so as to conform with Netscapes SSL.
  8. *
  9. * This library is free for commercial and non-commercial use as long as
  10. * the following conditions are aheared to. The following conditions
  11. * apply to all code found in this distribution, be it the RC4, RSA,
  12. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  13. * included with this distribution is covered by the same copyright terms
  14. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15. *
  16. * Copyright remains Eric Young's, and as such any Copyright notices in
  17. * the code are not to be removed.
  18. * If this package is used in a product, Eric Young should be given attribution
  19. * as the author of the parts of the library used.
  20. * This can be in the form of a textual message at program startup or
  21. * in documentation (online or textual) provided with the package.
  22. *
  23. * Redistribution and use in source and binary forms, with or without
  24. * modification, are permitted provided that the following conditions
  25. * are met:
  26. * 1. Redistributions of source code must retain the copyright
  27. * notice, this list of conditions and the following disclaimer.
  28. * 2. Redistributions in binary form must reproduce the above copyright
  29. * notice, this list of conditions and the following disclaimer in the
  30. * documentation and/or other materials provided with the distribution.
  31. * 3. All advertising materials mentioning features or use of this software
  32. * must display the following acknowledgement:
  33. * "This product includes cryptographic software written by
  34. * Eric Young (eay@cryptsoft.com)"
  35. * The word 'cryptographic' can be left out if the rouines from the library
  36. * being used are not cryptographic related :-).
  37. * 4. If you include any Windows specific code (or a derivative thereof) from
  38. * the apps directory (application code) you must include an acknowledgement:
  39. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40. *
  41. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51. * SUCH DAMAGE.
  52. *
  53. * The licence and distribution terms for any publically available version or
  54. * derivative of this code cannot be changed. i.e. this code cannot simply be
  55. * copied and put under another distribution licence
  56. * [including the GNU Public Licence.]
  57. */
  58. #include "des_locl.h"
  59. void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
  60. {
  61. register DES_LONG l,r,t,u;
  62. #ifdef DES_PTR
  63. register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
  64. #endif
  65. #ifndef DES_UNROLL
  66. register int i;
  67. #endif
  68. register DES_LONG *s;
  69. r=data[0];
  70. l=data[1];
  71. IP(r,l);
  72. /* Things have been modified so that the initial rotate is
  73. * done outside the loop. This required the
  74. * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
  75. * One perl script later and things have a 5% speed up on a sparc2.
  76. * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
  77. * for pointing this out. */
  78. /* clear the top bits on machines with 8byte longs */
  79. /* shift left by 2 */
  80. r=ROTATE(r,29)&0xffffffffL;
  81. l=ROTATE(l,29)&0xffffffffL;
  82. s=ks->ks->deslong;
  83. /* I don't know if it is worth the effort of loop unrolling the
  84. * inner loop */
  85. if (enc)
  86. {
  87. #ifdef DES_UNROLL
  88. D_ENCRYPT(l,r, 0); /* 1 */
  89. D_ENCRYPT(r,l, 2); /* 2 */
  90. D_ENCRYPT(l,r, 4); /* 3 */
  91. D_ENCRYPT(r,l, 6); /* 4 */
  92. D_ENCRYPT(l,r, 8); /* 5 */
  93. D_ENCRYPT(r,l,10); /* 6 */
  94. D_ENCRYPT(l,r,12); /* 7 */
  95. D_ENCRYPT(r,l,14); /* 8 */
  96. D_ENCRYPT(l,r,16); /* 9 */
  97. D_ENCRYPT(r,l,18); /* 10 */
  98. D_ENCRYPT(l,r,20); /* 11 */
  99. D_ENCRYPT(r,l,22); /* 12 */
  100. D_ENCRYPT(l,r,24); /* 13 */
  101. D_ENCRYPT(r,l,26); /* 14 */
  102. D_ENCRYPT(l,r,28); /* 15 */
  103. D_ENCRYPT(r,l,30); /* 16 */
  104. #else
  105. for (i=0; i<32; i+=8)
  106. {
  107. D_ENCRYPT(l,r,i+0); /* 1 */
  108. D_ENCRYPT(r,l,i+2); /* 2 */
  109. D_ENCRYPT(l,r,i+4); /* 3 */
  110. D_ENCRYPT(r,l,i+6); /* 4 */
  111. }
  112. #endif
  113. }
  114. else
  115. {
  116. #ifdef DES_UNROLL
  117. D_ENCRYPT(l,r,30); /* 16 */
  118. D_ENCRYPT(r,l,28); /* 15 */
  119. D_ENCRYPT(l,r,26); /* 14 */
  120. D_ENCRYPT(r,l,24); /* 13 */
  121. D_ENCRYPT(l,r,22); /* 12 */
  122. D_ENCRYPT(r,l,20); /* 11 */
  123. D_ENCRYPT(l,r,18); /* 10 */
  124. D_ENCRYPT(r,l,16); /* 9 */
  125. D_ENCRYPT(l,r,14); /* 8 */
  126. D_ENCRYPT(r,l,12); /* 7 */
  127. D_ENCRYPT(l,r,10); /* 6 */
  128. D_ENCRYPT(r,l, 8); /* 5 */
  129. D_ENCRYPT(l,r, 6); /* 4 */
  130. D_ENCRYPT(r,l, 4); /* 3 */
  131. D_ENCRYPT(l,r, 2); /* 2 */
  132. D_ENCRYPT(r,l, 0); /* 1 */
  133. #else
  134. for (i=30; i>0; i-=8)
  135. {
  136. D_ENCRYPT(l,r,i-0); /* 16 */
  137. D_ENCRYPT(r,l,i-2); /* 15 */
  138. D_ENCRYPT(l,r,i-4); /* 14 */
  139. D_ENCRYPT(r,l,i-6); /* 13 */
  140. }
  141. #endif
  142. }
  143. /* rotate and clear the top bits on machines with 8byte longs */
  144. l=ROTATE(l,3)&0xffffffffL;
  145. r=ROTATE(r,3)&0xffffffffL;
  146. FP(r,l);
  147. data[0]=l;
  148. data[1]=r;
  149. l=r=t=u=0;
  150. }
  151. void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
  152. {
  153. register DES_LONG l,r,t,u;
  154. #ifdef DES_PTR
  155. register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
  156. #endif
  157. #ifndef DES_UNROLL
  158. register int i;
  159. #endif
  160. register DES_LONG *s;
  161. r=data[0];
  162. l=data[1];
  163. /* Things have been modified so that the initial rotate is
  164. * done outside the loop. This required the
  165. * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
  166. * One perl script later and things have a 5% speed up on a sparc2.
  167. * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
  168. * for pointing this out. */
  169. /* clear the top bits on machines with 8byte longs */
  170. r=ROTATE(r,29)&0xffffffffL;
  171. l=ROTATE(l,29)&0xffffffffL;
  172. s=ks->ks->deslong;
  173. /* I don't know if it is worth the effort of loop unrolling the
  174. * inner loop */
  175. if (enc)
  176. {
  177. #ifdef DES_UNROLL
  178. D_ENCRYPT(l,r, 0); /* 1 */
  179. D_ENCRYPT(r,l, 2); /* 2 */
  180. D_ENCRYPT(l,r, 4); /* 3 */
  181. D_ENCRYPT(r,l, 6); /* 4 */
  182. D_ENCRYPT(l,r, 8); /* 5 */
  183. D_ENCRYPT(r,l,10); /* 6 */
  184. D_ENCRYPT(l,r,12); /* 7 */
  185. D_ENCRYPT(r,l,14); /* 8 */
  186. D_ENCRYPT(l,r,16); /* 9 */
  187. D_ENCRYPT(r,l,18); /* 10 */
  188. D_ENCRYPT(l,r,20); /* 11 */
  189. D_ENCRYPT(r,l,22); /* 12 */
  190. D_ENCRYPT(l,r,24); /* 13 */
  191. D_ENCRYPT(r,l,26); /* 14 */
  192. D_ENCRYPT(l,r,28); /* 15 */
  193. D_ENCRYPT(r,l,30); /* 16 */
  194. #else
  195. for (i=0; i<32; i+=8)
  196. {
  197. D_ENCRYPT(l,r,i+0); /* 1 */
  198. D_ENCRYPT(r,l,i+2); /* 2 */
  199. D_ENCRYPT(l,r,i+4); /* 3 */
  200. D_ENCRYPT(r,l,i+6); /* 4 */
  201. }
  202. #endif
  203. }
  204. else
  205. {
  206. #ifdef DES_UNROLL
  207. D_ENCRYPT(l,r,30); /* 16 */
  208. D_ENCRYPT(r,l,28); /* 15 */
  209. D_ENCRYPT(l,r,26); /* 14 */
  210. D_ENCRYPT(r,l,24); /* 13 */
  211. D_ENCRYPT(l,r,22); /* 12 */
  212. D_ENCRYPT(r,l,20); /* 11 */
  213. D_ENCRYPT(l,r,18); /* 10 */
  214. D_ENCRYPT(r,l,16); /* 9 */
  215. D_ENCRYPT(l,r,14); /* 8 */
  216. D_ENCRYPT(r,l,12); /* 7 */
  217. D_ENCRYPT(l,r,10); /* 6 */
  218. D_ENCRYPT(r,l, 8); /* 5 */
  219. D_ENCRYPT(l,r, 6); /* 4 */
  220. D_ENCRYPT(r,l, 4); /* 3 */
  221. D_ENCRYPT(l,r, 2); /* 2 */
  222. D_ENCRYPT(r,l, 0); /* 1 */
  223. #else
  224. for (i=30; i>0; i-=8)
  225. {
  226. D_ENCRYPT(l,r,i-0); /* 16 */
  227. D_ENCRYPT(r,l,i-2); /* 15 */
  228. D_ENCRYPT(l,r,i-4); /* 14 */
  229. D_ENCRYPT(r,l,i-6); /* 13 */
  230. }
  231. #endif
  232. }
  233. /* rotate and clear the top bits on machines with 8byte longs */
  234. data[0]=ROTATE(l,3)&0xffffffffL;
  235. data[1]=ROTATE(r,3)&0xffffffffL;
  236. l=r=t=u=0;
  237. }
  238. void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
  239. DES_key_schedule *ks2, DES_key_schedule *ks3)
  240. {
  241. register DES_LONG l,r;
  242. l=data[0];
  243. r=data[1];
  244. IP(l,r);
  245. data[0]=l;
  246. data[1]=r;
  247. DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
  248. DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
  249. DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
  250. l=data[0];
  251. r=data[1];
  252. FP(r,l);
  253. data[0]=l;
  254. data[1]=r;
  255. }
  256. void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
  257. DES_key_schedule *ks2, DES_key_schedule *ks3)
  258. {
  259. register DES_LONG l,r;
  260. l=data[0];
  261. r=data[1];
  262. IP(l,r);
  263. data[0]=l;
  264. data[1]=r;
  265. DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
  266. DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
  267. DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
  268. l=data[0];
  269. r=data[1];
  270. FP(r,l);
  271. data[0]=l;
  272. data[1]=r;
  273. }
  274. #ifndef DES_DEFAULT_OPTIONS
  275. #if !defined(OPENSSL_FIPS_DES_ASM)
  276. #undef CBC_ENC_C__DONT_UPDATE_IV
  277. #include "ncbc_enc.c" /* DES_ncbc_encrypt */
  278. void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
  279. long length, DES_key_schedule *ks1,
  280. DES_key_schedule *ks2, DES_key_schedule *ks3,
  281. DES_cblock *ivec, int enc)
  282. {
  283. register DES_LONG tin0,tin1;
  284. register DES_LONG tout0,tout1,xor0,xor1;
  285. register const unsigned char *in;
  286. unsigned char *out;
  287. register long l=length;
  288. DES_LONG tin[2];
  289. unsigned char *iv;
  290. in=input;
  291. out=output;
  292. iv = &(*ivec)[0];
  293. if (enc)
  294. {
  295. c2l(iv,tout0);
  296. c2l(iv,tout1);
  297. for (l-=8; l>=0; l-=8)
  298. {
  299. c2l(in,tin0);
  300. c2l(in,tin1);
  301. tin0^=tout0;
  302. tin1^=tout1;
  303. tin[0]=tin0;
  304. tin[1]=tin1;
  305. DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
  306. tout0=tin[0];
  307. tout1=tin[1];
  308. l2c(tout0,out);
  309. l2c(tout1,out);
  310. }
  311. if (l != -8)
  312. {
  313. c2ln(in,tin0,tin1,l+8);
  314. tin0^=tout0;
  315. tin1^=tout1;
  316. tin[0]=tin0;
  317. tin[1]=tin1;
  318. DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
  319. tout0=tin[0];
  320. tout1=tin[1];
  321. l2c(tout0,out);
  322. l2c(tout1,out);
  323. }
  324. iv = &(*ivec)[0];
  325. l2c(tout0,iv);
  326. l2c(tout1,iv);
  327. }
  328. else
  329. {
  330. register DES_LONG t0,t1;
  331. c2l(iv,xor0);
  332. c2l(iv,xor1);
  333. for (l-=8; l>=0; l-=8)
  334. {
  335. c2l(in,tin0);
  336. c2l(in,tin1);
  337. t0=tin0;
  338. t1=tin1;
  339. tin[0]=tin0;
  340. tin[1]=tin1;
  341. DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
  342. tout0=tin[0];
  343. tout1=tin[1];
  344. tout0^=xor0;
  345. tout1^=xor1;
  346. l2c(tout0,out);
  347. l2c(tout1,out);
  348. xor0=t0;
  349. xor1=t1;
  350. }
  351. if (l != -8)
  352. {
  353. c2l(in,tin0);
  354. c2l(in,tin1);
  355. t0=tin0;
  356. t1=tin1;
  357. tin[0]=tin0;
  358. tin[1]=tin1;
  359. DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
  360. tout0=tin[0];
  361. tout1=tin[1];
  362. tout0^=xor0;
  363. tout1^=xor1;
  364. l2cn(tout0,tout1,out,l+8);
  365. xor0=t0;
  366. xor1=t1;
  367. }
  368. iv = &(*ivec)[0];
  369. l2c(xor0,iv);
  370. l2c(xor1,iv);
  371. }
  372. tin0=tin1=tout0=tout1=xor0=xor1=0;
  373. tin[0]=tin[1]=0;
  374. }
  375. #endif
  376. #endif /* DES_DEFAULT_OPTIONS */