des_enc.c 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401
  1. /* crypto/des/des_enc.c */
  2. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  3. * All rights reserved.
  4. *
  5. * This package is an SSL implementation written
  6. * by Eric Young (eay@cryptsoft.com).
  7. * The implementation was written so as to conform with Netscapes SSL.
  8. *
  9. * This library is free for commercial and non-commercial use as long as
  10. * the following conditions are aheared to. The following conditions
  11. * apply to all code found in this distribution, be it the RC4, RSA,
  12. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  13. * included with this distribution is covered by the same copyright terms
  14. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15. *
  16. * Copyright remains Eric Young's, and as such any Copyright notices in
  17. * the code are not to be removed.
  18. * If this package is used in a product, Eric Young should be given attribution
  19. * as the author of the parts of the library used.
  20. * This can be in the form of a textual message at program startup or
  21. * in documentation (online or textual) provided with the package.
  22. *
  23. * Redistribution and use in source and binary forms, with or without
  24. * modification, are permitted provided that the following conditions
  25. * are met:
  26. * 1. Redistributions of source code must retain the copyright
  27. * notice, this list of conditions and the following disclaimer.
  28. * 2. Redistributions in binary form must reproduce the above copyright
  29. * notice, this list of conditions and the following disclaimer in the
  30. * documentation and/or other materials provided with the distribution.
  31. * 3. All advertising materials mentioning features or use of this software
  32. * must display the following acknowledgement:
  33. * "This product includes cryptographic software written by
  34. * Eric Young (eay@cryptsoft.com)"
  35. * The word 'cryptographic' can be left out if the rouines from the library
  36. * being used are not cryptographic related :-).
  37. * 4. If you include any Windows specific code (or a derivative thereof) from
  38. * the apps directory (application code) you must include an acknowledgement:
  39. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40. *
  41. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51. * SUCH DAMAGE.
  52. *
  53. * The licence and distribution terms for any publically available version or
  54. * derivative of this code cannot be changed. i.e. this code cannot simply be
  55. * copied and put under another distribution licence
  56. * [including the GNU Public Licence.]
  57. */
  58. #include <openssl/crypto.h>
  59. #include "des_locl.h"
  60. #include "spr.h"
  61. void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
  62. {
  63. register DES_LONG l,r,t,u;
  64. #ifdef DES_PTR
  65. register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
  66. #endif
  67. #ifndef DES_UNROLL
  68. register int i;
  69. #endif
  70. register DES_LONG *s;
  71. r=data[0];
  72. l=data[1];
  73. IP(r,l);
  74. /* Things have been modified so that the initial rotate is
  75. * done outside the loop. This required the
  76. * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
  77. * One perl script later and things have a 5% speed up on a sparc2.
  78. * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
  79. * for pointing this out. */
  80. /* clear the top bits on machines with 8byte longs */
  81. /* shift left by 2 */
  82. r=ROTATE(r,29)&0xffffffffL;
  83. l=ROTATE(l,29)&0xffffffffL;
  84. s=ks->ks->deslong;
  85. /* I don't know if it is worth the effort of loop unrolling the
  86. * inner loop */
  87. if (enc)
  88. {
  89. #ifdef DES_UNROLL
  90. D_ENCRYPT(l,r, 0); /* 1 */
  91. D_ENCRYPT(r,l, 2); /* 2 */
  92. D_ENCRYPT(l,r, 4); /* 3 */
  93. D_ENCRYPT(r,l, 6); /* 4 */
  94. D_ENCRYPT(l,r, 8); /* 5 */
  95. D_ENCRYPT(r,l,10); /* 6 */
  96. D_ENCRYPT(l,r,12); /* 7 */
  97. D_ENCRYPT(r,l,14); /* 8 */
  98. D_ENCRYPT(l,r,16); /* 9 */
  99. D_ENCRYPT(r,l,18); /* 10 */
  100. D_ENCRYPT(l,r,20); /* 11 */
  101. D_ENCRYPT(r,l,22); /* 12 */
  102. D_ENCRYPT(l,r,24); /* 13 */
  103. D_ENCRYPT(r,l,26); /* 14 */
  104. D_ENCRYPT(l,r,28); /* 15 */
  105. D_ENCRYPT(r,l,30); /* 16 */
  106. #else
  107. for (i=0; i<32; i+=4)
  108. {
  109. D_ENCRYPT(l,r,i+0); /* 1 */
  110. D_ENCRYPT(r,l,i+2); /* 2 */
  111. }
  112. #endif
  113. }
  114. else
  115. {
  116. #ifdef DES_UNROLL
  117. D_ENCRYPT(l,r,30); /* 16 */
  118. D_ENCRYPT(r,l,28); /* 15 */
  119. D_ENCRYPT(l,r,26); /* 14 */
  120. D_ENCRYPT(r,l,24); /* 13 */
  121. D_ENCRYPT(l,r,22); /* 12 */
  122. D_ENCRYPT(r,l,20); /* 11 */
  123. D_ENCRYPT(l,r,18); /* 10 */
  124. D_ENCRYPT(r,l,16); /* 9 */
  125. D_ENCRYPT(l,r,14); /* 8 */
  126. D_ENCRYPT(r,l,12); /* 7 */
  127. D_ENCRYPT(l,r,10); /* 6 */
  128. D_ENCRYPT(r,l, 8); /* 5 */
  129. D_ENCRYPT(l,r, 6); /* 4 */
  130. D_ENCRYPT(r,l, 4); /* 3 */
  131. D_ENCRYPT(l,r, 2); /* 2 */
  132. D_ENCRYPT(r,l, 0); /* 1 */
  133. #else
  134. for (i=30; i>0; i-=4)
  135. {
  136. D_ENCRYPT(l,r,i-0); /* 16 */
  137. D_ENCRYPT(r,l,i-2); /* 15 */
  138. }
  139. #endif
  140. }
  141. /* rotate and clear the top bits on machines with 8byte longs */
  142. l=ROTATE(l,3)&0xffffffffL;
  143. r=ROTATE(r,3)&0xffffffffL;
  144. FP(r,l);
  145. data[0]=l;
  146. data[1]=r;
  147. l=r=t=u=0;
  148. }
  149. void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
  150. {
  151. register DES_LONG l,r,t,u;
  152. #ifdef DES_PTR
  153. register const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
  154. #endif
  155. #ifndef DES_UNROLL
  156. register int i;
  157. #endif
  158. register DES_LONG *s;
  159. r=data[0];
  160. l=data[1];
  161. /* Things have been modified so that the initial rotate is
  162. * done outside the loop. This required the
  163. * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
  164. * One perl script later and things have a 5% speed up on a sparc2.
  165. * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
  166. * for pointing this out. */
  167. /* clear the top bits on machines with 8byte longs */
  168. r=ROTATE(r,29)&0xffffffffL;
  169. l=ROTATE(l,29)&0xffffffffL;
  170. s=ks->ks->deslong;
  171. /* I don't know if it is worth the effort of loop unrolling the
  172. * inner loop */
  173. if (enc)
  174. {
  175. #ifdef DES_UNROLL
  176. D_ENCRYPT(l,r, 0); /* 1 */
  177. D_ENCRYPT(r,l, 2); /* 2 */
  178. D_ENCRYPT(l,r, 4); /* 3 */
  179. D_ENCRYPT(r,l, 6); /* 4 */
  180. D_ENCRYPT(l,r, 8); /* 5 */
  181. D_ENCRYPT(r,l,10); /* 6 */
  182. D_ENCRYPT(l,r,12); /* 7 */
  183. D_ENCRYPT(r,l,14); /* 8 */
  184. D_ENCRYPT(l,r,16); /* 9 */
  185. D_ENCRYPT(r,l,18); /* 10 */
  186. D_ENCRYPT(l,r,20); /* 11 */
  187. D_ENCRYPT(r,l,22); /* 12 */
  188. D_ENCRYPT(l,r,24); /* 13 */
  189. D_ENCRYPT(r,l,26); /* 14 */
  190. D_ENCRYPT(l,r,28); /* 15 */
  191. D_ENCRYPT(r,l,30); /* 16 */
  192. #else
  193. for (i=0; i<32; i+=4)
  194. {
  195. D_ENCRYPT(l,r,i+0); /* 1 */
  196. D_ENCRYPT(r,l,i+2); /* 2 */
  197. }
  198. #endif
  199. }
  200. else
  201. {
  202. #ifdef DES_UNROLL
  203. D_ENCRYPT(l,r,30); /* 16 */
  204. D_ENCRYPT(r,l,28); /* 15 */
  205. D_ENCRYPT(l,r,26); /* 14 */
  206. D_ENCRYPT(r,l,24); /* 13 */
  207. D_ENCRYPT(l,r,22); /* 12 */
  208. D_ENCRYPT(r,l,20); /* 11 */
  209. D_ENCRYPT(l,r,18); /* 10 */
  210. D_ENCRYPT(r,l,16); /* 9 */
  211. D_ENCRYPT(l,r,14); /* 8 */
  212. D_ENCRYPT(r,l,12); /* 7 */
  213. D_ENCRYPT(l,r,10); /* 6 */
  214. D_ENCRYPT(r,l, 8); /* 5 */
  215. D_ENCRYPT(l,r, 6); /* 4 */
  216. D_ENCRYPT(r,l, 4); /* 3 */
  217. D_ENCRYPT(l,r, 2); /* 2 */
  218. D_ENCRYPT(r,l, 0); /* 1 */
  219. #else
  220. for (i=30; i>0; i-=4)
  221. {
  222. D_ENCRYPT(l,r,i-0); /* 16 */
  223. D_ENCRYPT(r,l,i-2); /* 15 */
  224. }
  225. #endif
  226. }
  227. /* rotate and clear the top bits on machines with 8byte longs */
  228. data[0]=ROTATE(l,3)&0xffffffffL;
  229. data[1]=ROTATE(r,3)&0xffffffffL;
  230. l=r=t=u=0;
  231. }
  232. void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
  233. DES_key_schedule *ks2, DES_key_schedule *ks3)
  234. {
  235. register DES_LONG l,r;
  236. l=data[0];
  237. r=data[1];
  238. IP(l,r);
  239. data[0]=l;
  240. data[1]=r;
  241. DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
  242. DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
  243. DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
  244. l=data[0];
  245. r=data[1];
  246. FP(r,l);
  247. data[0]=l;
  248. data[1]=r;
  249. }
  250. void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
  251. DES_key_schedule *ks2, DES_key_schedule *ks3)
  252. {
  253. register DES_LONG l,r;
  254. l=data[0];
  255. r=data[1];
  256. IP(l,r);
  257. data[0]=l;
  258. data[1]=r;
  259. DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
  260. DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
  261. DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
  262. l=data[0];
  263. r=data[1];
  264. FP(r,l);
  265. data[0]=l;
  266. data[1]=r;
  267. }
  268. #ifndef DES_DEFAULT_OPTIONS
  269. #undef CBC_ENC_C__DONT_UPDATE_IV
  270. #include "ncbc_enc.c" /* DES_ncbc_encrypt */
  271. void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
  272. long length, DES_key_schedule *ks1,
  273. DES_key_schedule *ks2, DES_key_schedule *ks3,
  274. DES_cblock *ivec, int enc)
  275. {
  276. register DES_LONG tin0,tin1;
  277. register DES_LONG tout0,tout1,xor0,xor1;
  278. register const unsigned char *in;
  279. unsigned char *out;
  280. register long l=length;
  281. DES_LONG tin[2];
  282. unsigned char *iv;
  283. in=input;
  284. out=output;
  285. iv = &(*ivec)[0];
  286. if (enc)
  287. {
  288. c2l(iv,tout0);
  289. c2l(iv,tout1);
  290. for (l-=8; l>=0; l-=8)
  291. {
  292. c2l(in,tin0);
  293. c2l(in,tin1);
  294. tin0^=tout0;
  295. tin1^=tout1;
  296. tin[0]=tin0;
  297. tin[1]=tin1;
  298. DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
  299. tout0=tin[0];
  300. tout1=tin[1];
  301. l2c(tout0,out);
  302. l2c(tout1,out);
  303. }
  304. if (l != -8)
  305. {
  306. c2ln(in,tin0,tin1,l+8);
  307. tin0^=tout0;
  308. tin1^=tout1;
  309. tin[0]=tin0;
  310. tin[1]=tin1;
  311. DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
  312. tout0=tin[0];
  313. tout1=tin[1];
  314. l2c(tout0,out);
  315. l2c(tout1,out);
  316. }
  317. iv = &(*ivec)[0];
  318. l2c(tout0,iv);
  319. l2c(tout1,iv);
  320. }
  321. else
  322. {
  323. register DES_LONG t0,t1;
  324. c2l(iv,xor0);
  325. c2l(iv,xor1);
  326. for (l-=8; l>=0; l-=8)
  327. {
  328. c2l(in,tin0);
  329. c2l(in,tin1);
  330. t0=tin0;
  331. t1=tin1;
  332. tin[0]=tin0;
  333. tin[1]=tin1;
  334. DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
  335. tout0=tin[0];
  336. tout1=tin[1];
  337. tout0^=xor0;
  338. tout1^=xor1;
  339. l2c(tout0,out);
  340. l2c(tout1,out);
  341. xor0=t0;
  342. xor1=t1;
  343. }
  344. if (l != -8)
  345. {
  346. c2l(in,tin0);
  347. c2l(in,tin1);
  348. t0=tin0;
  349. t1=tin1;
  350. tin[0]=tin0;
  351. tin[1]=tin1;
  352. DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
  353. tout0=tin[0];
  354. tout1=tin[1];
  355. tout0^=xor0;
  356. tout1^=xor1;
  357. l2cn(tout0,tout1,out,l+8);
  358. xor0=t0;
  359. xor1=t1;
  360. }
  361. iv = &(*ivec)[0];
  362. l2c(xor0,iv);
  363. l2c(xor1,iv);
  364. }
  365. tin0=tin1=tout0=tout1=xor0=xor1=0;
  366. tin[0]=tin[1]=0;
  367. }
  368. #endif /* DES_DEFAULT_OPTIONS */