1 /* $OpenBSD: des_locl.h,v 1.7 2015/12/10 21:00:51 naddy Exp $ */ 2 3 /* lib/des/des_locl.h */ 4 /* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) 5 * All rights reserved. 6 * 7 * This file is part of an SSL implementation written 8 * by Eric Young (eay@mincom.oz.au). 9 * The implementation was written so as to conform with Netscapes SSL 10 * specification. This library and applications are 11 * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE 12 * as long as the following conditions are aheared to. 13 * 14 * Copyright remains Eric Young's, and as such any Copyright notices in 15 * the code are not to be removed. If this code is used in a product, 16 * Eric Young should be given attribution as the author of the parts used. 17 * This can be in the form of a textual message at program startup or 18 * in documentation (online or textual) provided with the package. 19 * 20 * Redistribution and use in source and binary forms, with or without 21 * modification, are permitted provided that the following conditions 22 * are met: 23 * 1. Redistributions of source code must retain the copyright 24 * notice, this list of conditions and the following disclaimer. 25 * 2. Redistributions in binary form must reproduce the above copyright 26 * notice, this list of conditions and the following disclaimer in the 27 * documentation and/or other materials provided with the distribution. 28 * 3. All advertising materials mentioning features or use of this software 29 * must display the following acknowledgement: 30 * This product includes software developed by Eric Young (eay@mincom.oz.au) 31 * 32 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 33 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 34 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 35 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 36 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 37 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 38 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 39 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 40 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 41 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 42 * SUCH DAMAGE. 43 * 44 * The licence and distribution terms for any publically available version or 45 * derivative of this code cannot be changed. i.e. this code cannot simply be 46 * copied and put under another distribution licence 47 * [including the GNU Public Licence.] 48 */ 49 50 #ifndef HEADER_DES_LOCL_H 51 #define HEADER_DES_LOCL_H 52 53 #include <sys/types.h> 54 #include <sys/systm.h> 55 56 typedef unsigned char des_cblock[8]; 57 typedef struct des_ks_struct 58 { 59 union { 60 des_cblock cblock; 61 /* make sure things are correct size on machines with 62 * 8 byte longs */ 63 int32_t pad[2]; 64 } ks; 65 } des_key_schedule[16]; 66 67 #define DES_KEY_SZ (sizeof(des_cblock)) 68 #define DES_SCHEDULE_SZ (sizeof(des_key_schedule)) 69 70 71 void des_encrypt2(u_int32_t *data,des_key_schedule ks, int enc); 72 73 74 #define ITERATIONS 16 75 #define HALF_ITERATIONS 8 76 77 78 #define c2l(c,l) (l =((u_int32_t)(*((c)++))) , \ 79 l|=((u_int32_t)(*((c)++)))<< 8L, \ 80 l|=((u_int32_t)(*((c)++)))<<16L, \ 81 l|=((u_int32_t)(*((c)++)))<<24L) 82 83 #define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ 84 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ 85 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ 86 *((c)++)=(unsigned char)(((l)>>24L)&0xff)) 87 88 #define D_ENCRYPT(Q,R,S) {\ 89 u=(R^s[S ]); \ 90 t=R^s[S+1]; \ 91 t=((t>>4L)+(t<<28L)); \ 92 Q^= des_SPtrans[1][(t )&0x3f]| \ 93 des_SPtrans[3][(t>> 8L)&0x3f]| \ 94 des_SPtrans[5][(t>>16L)&0x3f]| \ 95 des_SPtrans[7][(t>>24L)&0x3f]| \ 96 des_SPtrans[0][(u )&0x3f]| \ 97 des_SPtrans[2][(u>> 8L)&0x3f]| \ 98 des_SPtrans[4][(u>>16L)&0x3f]| \ 99 des_SPtrans[6][(u>>24L)&0x3f]; } 100 101 /* IP and FP 102 * The problem is more of a geometric problem that random bit fiddling. 103 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6 104 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4 105 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2 106 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0 107 108 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7 109 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5 110 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3 111 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1 112 113 The output has been subject to swaps of the form 114 0 1 -> 3 1 but the odd and even bits have been put into 115 2 3 2 0 116 different words. The main trick is to remember that 117 t=((l>>size)^r)&(mask); 118 r^=t; 119 l^=(t<<size); 120 can be used to swap and move bits between words. 121 122 So l = 0 1 2 3 r = 16 17 18 19 123 4 5 6 7 20 21 22 23 124 8 9 10 11 24 25 26 27 125 12 13 14 15 28 29 30 31 126 becomes (for size == 2 and mask == 0x3333) 127 t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19 128 6^20 7^21 -- -- 4 5 20 21 6 7 22 23 129 10^24 11^25 -- -- 8 9 24 25 10 11 24 25 130 14^28 15^29 -- -- 12 13 28 29 14 15 28 29 131 132 Thanks for hints from Richard Outerbridge - he told me IP&FP 133 could be done in 15 xor, 10 shifts and 5 ands. 134 When I finally started to think of the problem in 2D 135 I first got ~42 operations without xors. When I remembered 136 how to use xors :-) I got it to its final state. 137 */ 138 #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\ 139 (b)^=(t),\ 140 (a)^=((t)<<(n))) 141 142 #define IP(l,r) \ 143 { \ 144 register u_int32_t tt; \ 145 PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \ 146 PERM_OP(l,r,tt,16,0x0000ffffL); \ 147 PERM_OP(r,l,tt, 2,0x33333333L); \ 148 PERM_OP(l,r,tt, 8,0x00ff00ffL); \ 149 PERM_OP(r,l,tt, 1,0x55555555L); \ 150 } 151 152 #define FP(l,r) \ 153 { \ 154 register u_int32_t tt; \ 155 PERM_OP(l,r,tt, 1,0x55555555L); \ 156 PERM_OP(r,l,tt, 8,0x00ff00ffL); \ 157 PERM_OP(l,r,tt, 2,0x33333333L); \ 158 PERM_OP(r,l,tt,16,0x0000ffffL); \ 159 PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \ 160 } 161 #endif 162