1
0
Fork 0
mirror of https://github.com/ossrs/srs.git synced 2025-03-09 15:49:59 +00:00

Upgrade openssl from 1.1.0e to 1.1.1b, with source code. 4.0.78

This commit is contained in:
winlin 2021-03-01 20:47:57 +08:00
parent 8f1c992379
commit 96dbd7bced
1476 changed files with 616554 additions and 4 deletions

View file

@ -0,0 +1,217 @@
#! /usr/bin/env perl
# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# The inner loop instruction sequence and the IP/FP modifications are from
# Svend Olaf Mikkelsen
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
$output=pop;
open STDOUT,">$output";
&asm_init($ARGV[0]);
$L="edi";
$R="esi";
&external_label("DES_SPtrans");
&fcrypt_body("fcrypt_body");
&asm_finish();
close STDOUT;
sub fcrypt_body
{
local($name,$do_ip)=@_;
&function_begin($name);
&comment("");
&comment("Load the 2 words");
$trans="ebp";
&xor( $L, $L);
&xor( $R, $R);
# PIC-ification:-)
&picmeup("edx","DES_SPtrans");
#if ($cpp) { &picmeup("edx","DES_SPtrans"); }
#else { &lea("edx",&DWP("DES_SPtrans")); }
&push("edx"); # becomes &swtmp(1)
#
&mov($trans,&wparam(1)); # reloaded with DES_SPtrans in D_ENCRYPT
&push(&DWC(25)); # add a variable
&set_label("start");
for ($i=0; $i<16; $i+=2)
{
&comment("");
&comment("Round $i");
&D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
&comment("");
&comment("Round ".sprintf("%d",$i+1));
&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx");
}
&mov("ebx", &swtmp(0));
&mov("eax", $L);
&dec("ebx");
&mov($L, $R);
&mov($R, "eax");
&mov(&swtmp(0), "ebx");
&jnz(&label("start"));
&comment("");
&comment("FP");
&mov("edx",&wparam(0));
&FP_new($R,$L,"eax",3);
&mov(&DWP(0,"edx","",0),"eax");
&mov(&DWP(4,"edx","",0),$L);
&add("esp",8); # remove variables
&function_end($name);
}
sub D_ENCRYPT
{
local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_;
&mov( $u, &wparam(2)); # 2
&mov( $t, $R);
&shr( $t, 16); # 1
&mov( $tmp2, &wparam(3)); # 2
&xor( $t, $R); # 1
&and( $u, $t); # 2
&and( $t, $tmp2); # 2
&mov( $tmp1, $u);
&shl( $tmp1, 16); # 1
&mov( $tmp2, $t);
&shl( $tmp2, 16); # 1
&xor( $u, $tmp1); # 2
&xor( $t, $tmp2); # 2
&mov( $tmp1, &DWP(&n2a($S*4),$trans,"",0)); # 2
&xor( $u, $tmp1);
&mov( $tmp2, &DWP(&n2a(($S+1)*4),$trans,"",0)); # 2
&xor( $u, $R);
&xor( $t, $R);
&xor( $t, $tmp2);
&and( $u, "0xfcfcfcfc" ); # 2
&xor( $tmp1, $tmp1); # 1
&and( $t, "0xcfcfcfcf" ); # 2
&xor( $tmp2, $tmp2);
&movb( &LB($tmp1), &LB($u) );
&movb( &LB($tmp2), &HB($u) );
&rotr( $t, 4 );
&mov( $trans, &swtmp(1));
&xor( $L, &DWP(" ",$trans,$tmp1,0));
&movb( &LB($tmp1), &LB($t) );
&xor( $L, &DWP("0x200",$trans,$tmp2,0));
&movb( &LB($tmp2), &HB($t) );
&shr( $u, 16);
&xor( $L, &DWP("0x100",$trans,$tmp1,0));
&movb( &LB($tmp1), &HB($u) );
&shr( $t, 16);
&xor( $L, &DWP("0x300",$trans,$tmp2,0));
&movb( &LB($tmp2), &HB($t) );
&and( $u, "0xff" );
&and( $t, "0xff" );
&mov( $tmp1, &DWP("0x600",$trans,$tmp1,0));
&xor( $L, $tmp1);
&mov( $tmp1, &DWP("0x700",$trans,$tmp2,0));
&xor( $L, $tmp1);
&mov( $tmp1, &DWP("0x400",$trans,$u,0));
&xor( $L, $tmp1);
&mov( $tmp1, &DWP("0x500",$trans,$t,0));
&xor( $L, $tmp1);
&mov( $trans, &wparam(1));
}
sub n2a
{
sprintf("%d",$_[0]);
}
# now has a side affect of rotating $a by $shift
sub R_PERM_OP
{
local($a,$b,$tt,$shift,$mask,$last)=@_;
&rotl( $a, $shift ) if ($shift != 0);
&mov( $tt, $a );
&xor( $a, $b );
&and( $a, $mask );
if ($notlast eq $b)
{
&xor( $b, $a );
&xor( $tt, $a );
}
else
{
&xor( $tt, $a );
&xor( $b, $a );
}
&comment("");
}
sub IP_new
{
local($l,$r,$tt,$lr)=@_;
&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
if ($lr != 3)
{
if (($lr-3) < 0)
{ &rotr($tt, 3-$lr); }
else { &rotl($tt, $lr-3); }
}
if ($lr != 2)
{
if (($lr-2) < 0)
{ &rotr($r, 2-$lr); }
else { &rotl($r, $lr-2); }
}
}
sub FP_new
{
local($l,$r,$tt,$lr)=@_;
if ($lr != 2)
{
if (($lr-2) < 0)
{ &rotl($r, 2-$lr); }
else { &rotr($r, $lr-2); }
}
if ($lr != 3)
{
if (($lr-3) < 0)
{ &rotl($l, 3-$lr); }
else { &rotr($l, $lr-3); }
}
&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
&rotr($tt , 4);
}

View file

@ -0,0 +1,465 @@
#! /usr/bin/env perl
# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# The inner loop instruction sequence and the IP/FP modifications are from
# Svend Olaf Mikkelsen.
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "x86asm.pl";
require "cbc.pl";
require "desboth.pl";
# base code is in Microsoft
# op dest, source
# format.
#
$output=pop;
open STDOUT,">$output";
&asm_init($ARGV[0]);
$L="edi";
$R="esi";
$trans="ebp";
$small_footprint=1 if (grep(/\-DOPENSSL_SMALL_FOOTPRINT/,@ARGV));
# one can discuss setting this variable to 1 unconditionally, as
# the folded loop is only 3% slower than unrolled, but >7 times smaller
&public_label("DES_SPtrans");
&static_label("des_sptrans");
&DES_encrypt_internal();
&DES_decrypt_internal();
&DES_encrypt("DES_encrypt1",1);
&DES_encrypt("DES_encrypt2",0);
&DES_encrypt3("DES_encrypt3",1);
&DES_encrypt3("DES_decrypt3",0);
&cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1);
&cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5);
&DES_SPtrans();
&asm_finish();
close STDOUT;
sub DES_encrypt_internal()
{
&function_begin_B("_x86_DES_encrypt");
if ($small_footprint)
{
&lea("edx",&DWP(128,"ecx"));
&push("edx");
&push("ecx");
&set_label("eloop");
&D_ENCRYPT(0,$L,$R,0,$trans,"eax","ebx","ecx","edx",&swtmp(0));
&comment("");
&D_ENCRYPT(1,$R,$L,2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
&comment("");
&add("ecx",16);
&cmp("ecx",&swtmp(1));
&mov(&swtmp(0),"ecx");
&jb(&label("eloop"));
&add("esp",8);
}
else
{
&push("ecx");
for ($i=0; $i<16; $i+=2)
{
&comment("Round $i");
&D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
&comment("Round ".sprintf("%d",$i+1));
&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
}
&add("esp",4);
}
&ret();
&function_end_B("_x86_DES_encrypt");
}
sub DES_decrypt_internal()
{
&function_begin_B("_x86_DES_decrypt");
if ($small_footprint)
{
&push("ecx");
&lea("ecx",&DWP(128,"ecx"));
&push("ecx");
&set_label("dloop");
&D_ENCRYPT(0,$L,$R,-2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
&comment("");
&D_ENCRYPT(1,$R,$L,-4,$trans,"eax","ebx","ecx","edx",&swtmp(0));
&comment("");
&sub("ecx",16);
&cmp("ecx",&swtmp(1));
&mov(&swtmp(0),"ecx");
&ja(&label("dloop"));
&add("esp",8);
}
else
{
&push("ecx");
for ($i=15; $i>0; $i-=2)
{
&comment("Round $i");
&D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
&comment("Round ".sprintf("%d",$i-1));
&D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
}
&add("esp",4);
}
&ret();
&function_end_B("_x86_DES_decrypt");
}
sub DES_encrypt
{
local($name,$do_ip)=@_;
&function_begin_B($name);
&push("esi");
&push("edi");
&comment("");
&comment("Load the 2 words");
if ($do_ip)
{
&mov($R,&wparam(0));
&xor( "ecx", "ecx" );
&push("ebx");
&push("ebp");
&mov("eax",&DWP(0,$R,"",0));
&mov("ebx",&wparam(2)); # get encrypt flag
&mov($L,&DWP(4,$R,"",0));
&comment("");
&comment("IP");
&IP_new("eax",$L,$R,3);
}
else
{
&mov("eax",&wparam(0));
&xor( "ecx", "ecx" );
&push("ebx");
&push("ebp");
&mov($R,&DWP(0,"eax","",0));
&mov("ebx",&wparam(2)); # get encrypt flag
&rotl($R,3);
&mov($L,&DWP(4,"eax","",0));
&rotl($L,3);
}
# PIC-ification:-)
&call (&label("pic_point"));
&set_label("pic_point");
&blindpop($trans);
&lea ($trans,&DWP(&label("des_sptrans")."-".&label("pic_point"),$trans));
&mov( "ecx", &wparam(1) );
&cmp("ebx","0");
&je(&label("decrypt"));
&call("_x86_DES_encrypt");
&jmp(&label("done"));
&set_label("decrypt");
&call("_x86_DES_decrypt");
&set_label("done");
if ($do_ip)
{
&comment("");
&comment("FP");
&mov("edx",&wparam(0));
&FP_new($L,$R,"eax",3);
&mov(&DWP(0,"edx","",0),"eax");
&mov(&DWP(4,"edx","",0),$R);
}
else
{
&comment("");
&comment("Fixup");
&rotr($L,3); # r
&mov("eax",&wparam(0));
&rotr($R,3); # l
&mov(&DWP(0,"eax","",0),$L);
&mov(&DWP(4,"eax","",0),$R);
}
&pop("ebp");
&pop("ebx");
&pop("edi");
&pop("esi");
&ret();
&function_end_B($name);
}
sub D_ENCRYPT
{
local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t,$wp1)=@_;
&mov( $u, &DWP(&n2a($S*4),$tmp2,"",0));
&xor( $tmp1, $tmp1);
&mov( $t, &DWP(&n2a(($S+1)*4),$tmp2,"",0));
&xor( $u, $R);
&xor( $tmp2, $tmp2);
&xor( $t, $R);
&and( $u, "0xfcfcfcfc" );
&and( $t, "0xcfcfcfcf" );
&movb( &LB($tmp1), &LB($u) );
&movb( &LB($tmp2), &HB($u) );
&rotr( $t, 4 );
&xor( $L, &DWP(" ",$trans,$tmp1,0));
&movb( &LB($tmp1), &LB($t) );
&xor( $L, &DWP("0x200",$trans,$tmp2,0));
&movb( &LB($tmp2), &HB($t) );
&shr( $u, 16);
&xor( $L, &DWP("0x100",$trans,$tmp1,0));
&movb( &LB($tmp1), &HB($u) );
&shr( $t, 16);
&xor( $L, &DWP("0x300",$trans,$tmp2,0));
&movb( &LB($tmp2), &HB($t) );
&and( $u, "0xff" );
&and( $t, "0xff" );
&xor( $L, &DWP("0x600",$trans,$tmp1,0));
&xor( $L, &DWP("0x700",$trans,$tmp2,0));
&mov( $tmp2, $wp1 );
&xor( $L, &DWP("0x400",$trans,$u,0));
&xor( $L, &DWP("0x500",$trans,$t,0));
}
sub n2a
{
sprintf("%d",$_[0]);
}
# now has a side affect of rotating $a by $shift
sub R_PERM_OP
{
local($a,$b,$tt,$shift,$mask,$last)=@_;
&rotl( $a, $shift ) if ($shift != 0);
&mov( $tt, $a );
&xor( $a, $b );
&and( $a, $mask );
# This can never succeed, and besides it is difficult to see what the
# idea was - Ben 13 Feb 99
if (!$last eq $b)
{
&xor( $b, $a );
&xor( $tt, $a );
}
else
{
&xor( $tt, $a );
&xor( $b, $a );
}
&comment("");
}
sub IP_new
{
local($l,$r,$tt,$lr)=@_;
&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
if ($lr != 3)
{
if (($lr-3) < 0)
{ &rotr($tt, 3-$lr); }
else { &rotl($tt, $lr-3); }
}
if ($lr != 2)
{
if (($lr-2) < 0)
{ &rotr($r, 2-$lr); }
else { &rotl($r, $lr-2); }
}
}
sub FP_new
{
local($l,$r,$tt,$lr)=@_;
if ($lr != 2)
{
if (($lr-2) < 0)
{ &rotl($r, 2-$lr); }
else { &rotr($r, $lr-2); }
}
if ($lr != 3)
{
if (($lr-3) < 0)
{ &rotl($l, 3-$lr); }
else { &rotr($l, $lr-3); }
}
&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
&rotr($tt , 4);
}
sub DES_SPtrans
{
&set_label("DES_SPtrans",64);
&set_label("des_sptrans");
&data_word(0x02080800, 0x00080000, 0x02000002, 0x02080802);
&data_word(0x02000000, 0x00080802, 0x00080002, 0x02000002);
&data_word(0x00080802, 0x02080800, 0x02080000, 0x00000802);
&data_word(0x02000802, 0x02000000, 0x00000000, 0x00080002);
&data_word(0x00080000, 0x00000002, 0x02000800, 0x00080800);
&data_word(0x02080802, 0x02080000, 0x00000802, 0x02000800);
&data_word(0x00000002, 0x00000800, 0x00080800, 0x02080002);
&data_word(0x00000800, 0x02000802, 0x02080002, 0x00000000);
&data_word(0x00000000, 0x02080802, 0x02000800, 0x00080002);
&data_word(0x02080800, 0x00080000, 0x00000802, 0x02000800);
&data_word(0x02080002, 0x00000800, 0x00080800, 0x02000002);
&data_word(0x00080802, 0x00000002, 0x02000002, 0x02080000);
&data_word(0x02080802, 0x00080800, 0x02080000, 0x02000802);
&data_word(0x02000000, 0x00000802, 0x00080002, 0x00000000);
&data_word(0x00080000, 0x02000000, 0x02000802, 0x02080800);
&data_word(0x00000002, 0x02080002, 0x00000800, 0x00080802);
# nibble 1
&data_word(0x40108010, 0x00000000, 0x00108000, 0x40100000);
&data_word(0x40000010, 0x00008010, 0x40008000, 0x00108000);
&data_word(0x00008000, 0x40100010, 0x00000010, 0x40008000);
&data_word(0x00100010, 0x40108000, 0x40100000, 0x00000010);
&data_word(0x00100000, 0x40008010, 0x40100010, 0x00008000);
&data_word(0x00108010, 0x40000000, 0x00000000, 0x00100010);
&data_word(0x40008010, 0x00108010, 0x40108000, 0x40000010);
&data_word(0x40000000, 0x00100000, 0x00008010, 0x40108010);
&data_word(0x00100010, 0x40108000, 0x40008000, 0x00108010);
&data_word(0x40108010, 0x00100010, 0x40000010, 0x00000000);
&data_word(0x40000000, 0x00008010, 0x00100000, 0x40100010);
&data_word(0x00008000, 0x40000000, 0x00108010, 0x40008010);
&data_word(0x40108000, 0x00008000, 0x00000000, 0x40000010);
&data_word(0x00000010, 0x40108010, 0x00108000, 0x40100000);
&data_word(0x40100010, 0x00100000, 0x00008010, 0x40008000);
&data_word(0x40008010, 0x00000010, 0x40100000, 0x00108000);
# nibble 2
&data_word(0x04000001, 0x04040100, 0x00000100, 0x04000101);
&data_word(0x00040001, 0x04000000, 0x04000101, 0x00040100);
&data_word(0x04000100, 0x00040000, 0x04040000, 0x00000001);
&data_word(0x04040101, 0x00000101, 0x00000001, 0x04040001);
&data_word(0x00000000, 0x00040001, 0x04040100, 0x00000100);
&data_word(0x00000101, 0x04040101, 0x00040000, 0x04000001);
&data_word(0x04040001, 0x04000100, 0x00040101, 0x04040000);
&data_word(0x00040100, 0x00000000, 0x04000000, 0x00040101);
&data_word(0x04040100, 0x00000100, 0x00000001, 0x00040000);
&data_word(0x00000101, 0x00040001, 0x04040000, 0x04000101);
&data_word(0x00000000, 0x04040100, 0x00040100, 0x04040001);
&data_word(0x00040001, 0x04000000, 0x04040101, 0x00000001);
&data_word(0x00040101, 0x04000001, 0x04000000, 0x04040101);
&data_word(0x00040000, 0x04000100, 0x04000101, 0x00040100);
&data_word(0x04000100, 0x00000000, 0x04040001, 0x00000101);
&data_word(0x04000001, 0x00040101, 0x00000100, 0x04040000);
# nibble 3
&data_word(0x00401008, 0x10001000, 0x00000008, 0x10401008);
&data_word(0x00000000, 0x10400000, 0x10001008, 0x00400008);
&data_word(0x10401000, 0x10000008, 0x10000000, 0x00001008);
&data_word(0x10000008, 0x00401008, 0x00400000, 0x10000000);
&data_word(0x10400008, 0x00401000, 0x00001000, 0x00000008);
&data_word(0x00401000, 0x10001008, 0x10400000, 0x00001000);
&data_word(0x00001008, 0x00000000, 0x00400008, 0x10401000);
&data_word(0x10001000, 0x10400008, 0x10401008, 0x00400000);
&data_word(0x10400008, 0x00001008, 0x00400000, 0x10000008);
&data_word(0x00401000, 0x10001000, 0x00000008, 0x10400000);
&data_word(0x10001008, 0x00000000, 0x00001000, 0x00400008);
&data_word(0x00000000, 0x10400008, 0x10401000, 0x00001000);
&data_word(0x10000000, 0x10401008, 0x00401008, 0x00400000);
&data_word(0x10401008, 0x00000008, 0x10001000, 0x00401008);
&data_word(0x00400008, 0x00401000, 0x10400000, 0x10001008);
&data_word(0x00001008, 0x10000000, 0x10000008, 0x10401000);
# nibble 4
&data_word(0x08000000, 0x00010000, 0x00000400, 0x08010420);
&data_word(0x08010020, 0x08000400, 0x00010420, 0x08010000);
&data_word(0x00010000, 0x00000020, 0x08000020, 0x00010400);
&data_word(0x08000420, 0x08010020, 0x08010400, 0x00000000);
&data_word(0x00010400, 0x08000000, 0x00010020, 0x00000420);
&data_word(0x08000400, 0x00010420, 0x00000000, 0x08000020);
&data_word(0x00000020, 0x08000420, 0x08010420, 0x00010020);
&data_word(0x08010000, 0x00000400, 0x00000420, 0x08010400);
&data_word(0x08010400, 0x08000420, 0x00010020, 0x08010000);
&data_word(0x00010000, 0x00000020, 0x08000020, 0x08000400);
&data_word(0x08000000, 0x00010400, 0x08010420, 0x00000000);
&data_word(0x00010420, 0x08000000, 0x00000400, 0x00010020);
&data_word(0x08000420, 0x00000400, 0x00000000, 0x08010420);
&data_word(0x08010020, 0x08010400, 0x00000420, 0x00010000);
&data_word(0x00010400, 0x08010020, 0x08000400, 0x00000420);
&data_word(0x00000020, 0x00010420, 0x08010000, 0x08000020);
# nibble 5
&data_word(0x80000040, 0x00200040, 0x00000000, 0x80202000);
&data_word(0x00200040, 0x00002000, 0x80002040, 0x00200000);
&data_word(0x00002040, 0x80202040, 0x00202000, 0x80000000);
&data_word(0x80002000, 0x80000040, 0x80200000, 0x00202040);
&data_word(0x00200000, 0x80002040, 0x80200040, 0x00000000);
&data_word(0x00002000, 0x00000040, 0x80202000, 0x80200040);
&data_word(0x80202040, 0x80200000, 0x80000000, 0x00002040);
&data_word(0x00000040, 0x00202000, 0x00202040, 0x80002000);
&data_word(0x00002040, 0x80000000, 0x80002000, 0x00202040);
&data_word(0x80202000, 0x00200040, 0x00000000, 0x80002000);
&data_word(0x80000000, 0x00002000, 0x80200040, 0x00200000);
&data_word(0x00200040, 0x80202040, 0x00202000, 0x00000040);
&data_word(0x80202040, 0x00202000, 0x00200000, 0x80002040);
&data_word(0x80000040, 0x80200000, 0x00202040, 0x00000000);
&data_word(0x00002000, 0x80000040, 0x80002040, 0x80202000);
&data_word(0x80200000, 0x00002040, 0x00000040, 0x80200040);
# nibble 6
&data_word(0x00004000, 0x00000200, 0x01000200, 0x01000004);
&data_word(0x01004204, 0x00004004, 0x00004200, 0x00000000);
&data_word(0x01000000, 0x01000204, 0x00000204, 0x01004000);
&data_word(0x00000004, 0x01004200, 0x01004000, 0x00000204);
&data_word(0x01000204, 0x00004000, 0x00004004, 0x01004204);
&data_word(0x00000000, 0x01000200, 0x01000004, 0x00004200);
&data_word(0x01004004, 0x00004204, 0x01004200, 0x00000004);
&data_word(0x00004204, 0x01004004, 0x00000200, 0x01000000);
&data_word(0x00004204, 0x01004000, 0x01004004, 0x00000204);
&data_word(0x00004000, 0x00000200, 0x01000000, 0x01004004);
&data_word(0x01000204, 0x00004204, 0x00004200, 0x00000000);
&data_word(0x00000200, 0x01000004, 0x00000004, 0x01000200);
&data_word(0x00000000, 0x01000204, 0x01000200, 0x00004200);
&data_word(0x00000204, 0x00004000, 0x01004204, 0x01000000);
&data_word(0x01004200, 0x00000004, 0x00004004, 0x01004204);
&data_word(0x01000004, 0x01004200, 0x01004000, 0x00004004);
# nibble 7
&data_word(0x20800080, 0x20820000, 0x00020080, 0x00000000);
&data_word(0x20020000, 0x00800080, 0x20800000, 0x20820080);
&data_word(0x00000080, 0x20000000, 0x00820000, 0x00020080);
&data_word(0x00820080, 0x20020080, 0x20000080, 0x20800000);
&data_word(0x00020000, 0x00820080, 0x00800080, 0x20020000);
&data_word(0x20820080, 0x20000080, 0x00000000, 0x00820000);
&data_word(0x20000000, 0x00800000, 0x20020080, 0x20800080);
&data_word(0x00800000, 0x00020000, 0x20820000, 0x00000080);
&data_word(0x00800000, 0x00020000, 0x20000080, 0x20820080);
&data_word(0x00020080, 0x20000000, 0x00000000, 0x00820000);
&data_word(0x20800080, 0x20020080, 0x20020000, 0x00800080);
&data_word(0x20820000, 0x00000080, 0x00800080, 0x20020000);
&data_word(0x20820080, 0x00800000, 0x20800000, 0x20000080);
&data_word(0x00820000, 0x00020080, 0x20020080, 0x20800000);
&data_word(0x00000080, 0x20820000, 0x00820080, 0x00000000);
&data_word(0x20000000, 0x20800080, 0x00020000, 0x00820080);
}

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,86 @@
#! /usr/bin/env perl
# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
$L="edi";
$R="esi";
sub DES_encrypt3
{
local($name,$enc)=@_;
&function_begin_B($name,"");
&push("ebx");
&mov("ebx",&wparam(0));
&push("ebp");
&push("esi");
&push("edi");
&comment("");
&comment("Load the data words");
&mov($L,&DWP(0,"ebx","",0));
&mov($R,&DWP(4,"ebx","",0));
&stack_push(3);
&comment("");
&comment("IP");
&IP_new($L,$R,"edx",0);
# put them back
if ($enc)
{
&mov(&DWP(4,"ebx","",0),$R);
&mov("eax",&wparam(1));
&mov(&DWP(0,"ebx","",0),"edx");
&mov("edi",&wparam(2));
&mov("esi",&wparam(3));
}
else
{
&mov(&DWP(4,"ebx","",0),$R);
&mov("esi",&wparam(1));
&mov(&DWP(0,"ebx","",0),"edx");
&mov("edi",&wparam(2));
&mov("eax",&wparam(3));
}
&mov(&swtmp(2), (DWC(($enc)?"1":"0")));
&mov(&swtmp(1), "eax");
&mov(&swtmp(0), "ebx");
&call("DES_encrypt2");
&mov(&swtmp(2), (DWC(($enc)?"0":"1")));
&mov(&swtmp(1), "edi");
&mov(&swtmp(0), "ebx");
&call("DES_encrypt2");
&mov(&swtmp(2), (DWC(($enc)?"1":"0")));
&mov(&swtmp(1), "esi");
&mov(&swtmp(0), "ebx");
&call("DES_encrypt2");
&stack_pop(3);
&mov($L,&DWP(0,"ebx","",0));
&mov($R,&DWP(4,"ebx","",0));
&comment("");
&comment("FP");
&FP_new($L,$R,"eax",0);
&mov(&DWP(0,"ebx","",0),"eax");
&mov(&DWP(4,"ebx","",0),$R);
&pop("edi");
&pop("esi");
&pop("ebp");
&pop("ebx");
&ret();
&function_end_B($name);
}

View file

@ -0,0 +1,627 @@
#! /usr/bin/env perl
# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
# ====================================================================
# Written by David S. Miller and Andy Polyakov.
# The module is licensed under 2-clause BSD
# license. March 2013. All rights reserved.
# ====================================================================
######################################################################
# DES for SPARC T4.
#
# As with other hardware-assisted ciphers CBC encrypt results [for
# aligned data] are virtually identical to critical path lengths:
#
# DES Triple-DES
# CBC encrypt 4.14/4.15(*) 11.7/11.7
# CBC decrypt 1.77/4.11(**) 6.42/7.47
#
# (*) numbers after slash are for
# misaligned data;
# (**) this is result for largest
# block size, unlike all other
# cases smaller blocks results
# are better[?];
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
push(@INC,"${dir}","${dir}../../perlasm");
require "sparcv9_modes.pl";
$output=pop;
open STDOUT,">$output";
$code.=<<___;
#include "sparc_arch.h"
#ifdef __arch64__
.register %g2,#scratch
.register %g3,#scratch
#endif
.text
___
{ my ($inp,$out)=("%o0","%o1");
$code.=<<___;
.align 32
.globl des_t4_key_expand
.type des_t4_key_expand,#function
des_t4_key_expand:
andcc $inp, 0x7, %g0
alignaddr $inp, %g0, $inp
bz,pt %icc, 1f
ldd [$inp + 0x00], %f0
ldd [$inp + 0x08], %f2
faligndata %f0, %f2, %f0
1: des_kexpand %f0, 0, %f0
des_kexpand %f0, 1, %f2
std %f0, [$out + 0x00]
des_kexpand %f2, 3, %f6
std %f2, [$out + 0x08]
des_kexpand %f2, 2, %f4
des_kexpand %f6, 3, %f10
std %f6, [$out + 0x18]
des_kexpand %f6, 2, %f8
std %f4, [$out + 0x10]
des_kexpand %f10, 3, %f14
std %f10, [$out + 0x28]
des_kexpand %f10, 2, %f12
std %f8, [$out + 0x20]
des_kexpand %f14, 1, %f16
std %f14, [$out + 0x38]
des_kexpand %f16, 3, %f20
std %f12, [$out + 0x30]
des_kexpand %f16, 2, %f18
std %f16, [$out + 0x40]
des_kexpand %f20, 3, %f24
std %f20, [$out + 0x50]
des_kexpand %f20, 2, %f22
std %f18, [$out + 0x48]
des_kexpand %f24, 3, %f28
std %f24, [$out + 0x60]
des_kexpand %f24, 2, %f26
std %f22, [$out + 0x58]
des_kexpand %f28, 1, %f30
std %f28, [$out + 0x70]
std %f26, [$out + 0x68]
retl
std %f30, [$out + 0x78]
.size des_t4_key_expand,.-des_t4_key_expand
___
}
{ my ($inp,$out,$len,$key,$ivec) = map("%o$_",(0..4));
my ($ileft,$iright,$omask) = map("%g$_",(1..3));
$code.=<<___;
.globl des_t4_cbc_encrypt
.align 32
des_t4_cbc_encrypt:
cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort
srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f0 ! load ivec
ld [$ivec + 4], %f1
and $inp, 7, $ileft
andn $inp, 7, $inp
sll $ileft, 3, $ileft
mov 0xff, $omask
prefetch [$inp], 20
prefetch [$inp + 63], 20
sub %g0, $ileft, $iright
and $out, 7, %g4
alignaddrl $out, %g0, $out
srl $omask, %g4, $omask
srlx $len, 3, $len
movrz %g4, 0, $omask
prefetch [$out], 22
ldd [$key + 0x00], %f4 ! load key schedule
ldd [$key + 0x08], %f6
ldd [$key + 0x10], %f8
ldd [$key + 0x18], %f10
ldd [$key + 0x20], %f12
ldd [$key + 0x28], %f14
ldd [$key + 0x30], %f16
ldd [$key + 0x38], %f18
ldd [$key + 0x40], %f20
ldd [$key + 0x48], %f22
ldd [$key + 0x50], %f24
ldd [$key + 0x58], %f26
ldd [$key + 0x60], %f28
ldd [$key + 0x68], %f30
ldd [$key + 0x70], %f32
ldd [$key + 0x78], %f34
.Ldes_cbc_enc_loop:
ldx [$inp + 0], %g4
brz,pt $ileft, 4f
nop
ldx [$inp + 8], %g5
sllx %g4, $ileft, %g4
srlx %g5, $iright, %g5
or %g5, %g4, %g4
4:
movxtod %g4, %f2
prefetch [$inp + 8+63], 20
add $inp, 8, $inp
fxor %f2, %f0, %f0 ! ^= ivec
prefetch [$out + 63], 22
des_ip %f0, %f0
des_round %f4, %f6, %f0, %f0
des_round %f8, %f10, %f0, %f0
des_round %f12, %f14, %f0, %f0
des_round %f16, %f18, %f0, %f0
des_round %f20, %f22, %f0, %f0
des_round %f24, %f26, %f0, %f0
des_round %f28, %f30, %f0, %f0
des_round %f32, %f34, %f0, %f0
des_iip %f0, %f0
brnz,pn $omask, 2f
sub $len, 1, $len
std %f0, [$out + 0]
brnz,pt $len, .Ldes_cbc_enc_loop
add $out, 8, $out
st %f0, [$ivec + 0] ! write out ivec
retl
st %f1, [$ivec + 4]
.Lcbc_abort:
retl
nop
.align 16
2: ldxa [$inp]0x82, %g4 ! avoid read-after-write hazard
! and ~4x deterioration
! in inp==out case
faligndata %f0, %f0, %f2 ! handle unaligned output
stda %f2, [$out + $omask]0xc0 ! partial store
add $out, 8, $out
orn %g0, $omask, $omask
stda %f2, [$out + $omask]0xc0 ! partial store
brnz,pt $len, .Ldes_cbc_enc_loop+4
orn %g0, $omask, $omask
st %f0, [$ivec + 0] ! write out ivec
retl
st %f1, [$ivec + 4]
.type des_t4_cbc_encrypt,#function
.size des_t4_cbc_encrypt,.-des_t4_cbc_encrypt
.globl des_t4_cbc_decrypt
.align 32
des_t4_cbc_decrypt:
cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort
srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f2 ! load ivec
ld [$ivec + 4], %f3
and $inp, 7, $ileft
andn $inp, 7, $inp
sll $ileft, 3, $ileft
mov 0xff, $omask
prefetch [$inp], 20
prefetch [$inp + 63], 20
sub %g0, $ileft, $iright
and $out, 7, %g4
alignaddrl $out, %g0, $out
srl $omask, %g4, $omask
srlx $len, 3, $len
movrz %g4, 0, $omask
prefetch [$out], 22
ldd [$key + 0x78], %f4 ! load key schedule
ldd [$key + 0x70], %f6
ldd [$key + 0x68], %f8
ldd [$key + 0x60], %f10
ldd [$key + 0x58], %f12
ldd [$key + 0x50], %f14
ldd [$key + 0x48], %f16
ldd [$key + 0x40], %f18
ldd [$key + 0x38], %f20
ldd [$key + 0x30], %f22
ldd [$key + 0x28], %f24
ldd [$key + 0x20], %f26
ldd [$key + 0x18], %f28
ldd [$key + 0x10], %f30
ldd [$key + 0x08], %f32
ldd [$key + 0x00], %f34
.Ldes_cbc_dec_loop:
ldx [$inp + 0], %g4
brz,pt $ileft, 4f
nop
ldx [$inp + 8], %g5
sllx %g4, $ileft, %g4
srlx %g5, $iright, %g5
or %g5, %g4, %g4
4:
movxtod %g4, %f0
prefetch [$inp + 8+63], 20
add $inp, 8, $inp
prefetch [$out + 63], 22
des_ip %f0, %f0
des_round %f4, %f6, %f0, %f0
des_round %f8, %f10, %f0, %f0
des_round %f12, %f14, %f0, %f0
des_round %f16, %f18, %f0, %f0
des_round %f20, %f22, %f0, %f0
des_round %f24, %f26, %f0, %f0
des_round %f28, %f30, %f0, %f0
des_round %f32, %f34, %f0, %f0
des_iip %f0, %f0
fxor %f2, %f0, %f0 ! ^= ivec
movxtod %g4, %f2
brnz,pn $omask, 2f
sub $len, 1, $len
std %f0, [$out + 0]
brnz,pt $len, .Ldes_cbc_dec_loop
add $out, 8, $out
st %f2, [$ivec + 0] ! write out ivec
retl
st %f3, [$ivec + 4]
.align 16
2: ldxa [$inp]0x82, %g4 ! avoid read-after-write hazard
! and ~4x deterioration
! in inp==out case
faligndata %f0, %f0, %f0 ! handle unaligned output
stda %f0, [$out + $omask]0xc0 ! partial store
add $out, 8, $out
orn %g0, $omask, $omask
stda %f0, [$out + $omask]0xc0 ! partial store
brnz,pt $len, .Ldes_cbc_dec_loop+4
orn %g0, $omask, $omask
st %f2, [$ivec + 0] ! write out ivec
retl
st %f3, [$ivec + 4]
.type des_t4_cbc_decrypt,#function
.size des_t4_cbc_decrypt,.-des_t4_cbc_decrypt
___
# One might wonder why does one have back-to-back des_iip/des_ip
# pairs between EDE passes. Indeed, aren't they inverse of each other?
# They almost are. Outcome of the pair is 32-bit words being swapped
# in target register. Consider pair of des_iip/des_ip as a way to
# perform the due swap, it's actually fastest way in this case.
$code.=<<___;
.globl des_t4_ede3_cbc_encrypt
.align 32
des_t4_ede3_cbc_encrypt:
cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort
srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f0 ! load ivec
ld [$ivec + 4], %f1
and $inp, 7, $ileft
andn $inp, 7, $inp
sll $ileft, 3, $ileft
mov 0xff, $omask
prefetch [$inp], 20
prefetch [$inp + 63], 20
sub %g0, $ileft, $iright
and $out, 7, %g4
alignaddrl $out, %g0, $out
srl $omask, %g4, $omask
srlx $len, 3, $len
movrz %g4, 0, $omask
prefetch [$out], 22
ldd [$key + 0x00], %f4 ! load key schedule
ldd [$key + 0x08], %f6
ldd [$key + 0x10], %f8
ldd [$key + 0x18], %f10
ldd [$key + 0x20], %f12
ldd [$key + 0x28], %f14
ldd [$key + 0x30], %f16
ldd [$key + 0x38], %f18
ldd [$key + 0x40], %f20
ldd [$key + 0x48], %f22
ldd [$key + 0x50], %f24
ldd [$key + 0x58], %f26
ldd [$key + 0x60], %f28
ldd [$key + 0x68], %f30
ldd [$key + 0x70], %f32
ldd [$key + 0x78], %f34
.Ldes_ede3_cbc_enc_loop:
ldx [$inp + 0], %g4
brz,pt $ileft, 4f
nop
ldx [$inp + 8], %g5
sllx %g4, $ileft, %g4
srlx %g5, $iright, %g5
or %g5, %g4, %g4
4:
movxtod %g4, %f2
prefetch [$inp + 8+63], 20
add $inp, 8, $inp
fxor %f2, %f0, %f0 ! ^= ivec
prefetch [$out + 63], 22
des_ip %f0, %f0
des_round %f4, %f6, %f0, %f0
des_round %f8, %f10, %f0, %f0
des_round %f12, %f14, %f0, %f0
des_round %f16, %f18, %f0, %f0
ldd [$key + 0x100-0x08], %f36
ldd [$key + 0x100-0x10], %f38
des_round %f20, %f22, %f0, %f0
ldd [$key + 0x100-0x18], %f40
ldd [$key + 0x100-0x20], %f42
des_round %f24, %f26, %f0, %f0
ldd [$key + 0x100-0x28], %f44
ldd [$key + 0x100-0x30], %f46
des_round %f28, %f30, %f0, %f0
ldd [$key + 0x100-0x38], %f48
ldd [$key + 0x100-0x40], %f50
des_round %f32, %f34, %f0, %f0
ldd [$key + 0x100-0x48], %f52
ldd [$key + 0x100-0x50], %f54
des_iip %f0, %f0
ldd [$key + 0x100-0x58], %f56
ldd [$key + 0x100-0x60], %f58
des_ip %f0, %f0
ldd [$key + 0x100-0x68], %f60
ldd [$key + 0x100-0x70], %f62
des_round %f36, %f38, %f0, %f0
ldd [$key + 0x100-0x78], %f36
ldd [$key + 0x100-0x80], %f38
des_round %f40, %f42, %f0, %f0
des_round %f44, %f46, %f0, %f0
des_round %f48, %f50, %f0, %f0
ldd [$key + 0x100+0x00], %f40
ldd [$key + 0x100+0x08], %f42
des_round %f52, %f54, %f0, %f0
ldd [$key + 0x100+0x10], %f44
ldd [$key + 0x100+0x18], %f46
des_round %f56, %f58, %f0, %f0
ldd [$key + 0x100+0x20], %f48
ldd [$key + 0x100+0x28], %f50
des_round %f60, %f62, %f0, %f0
ldd [$key + 0x100+0x30], %f52
ldd [$key + 0x100+0x38], %f54
des_round %f36, %f38, %f0, %f0
ldd [$key + 0x100+0x40], %f56
ldd [$key + 0x100+0x48], %f58
des_iip %f0, %f0
ldd [$key + 0x100+0x50], %f60
ldd [$key + 0x100+0x58], %f62
des_ip %f0, %f0
ldd [$key + 0x100+0x60], %f36
ldd [$key + 0x100+0x68], %f38
des_round %f40, %f42, %f0, %f0
ldd [$key + 0x100+0x70], %f40
ldd [$key + 0x100+0x78], %f42
des_round %f44, %f46, %f0, %f0
des_round %f48, %f50, %f0, %f0
des_round %f52, %f54, %f0, %f0
des_round %f56, %f58, %f0, %f0
des_round %f60, %f62, %f0, %f0
des_round %f36, %f38, %f0, %f0
des_round %f40, %f42, %f0, %f0
des_iip %f0, %f0
brnz,pn $omask, 2f
sub $len, 1, $len
std %f0, [$out + 0]
brnz,pt $len, .Ldes_ede3_cbc_enc_loop
add $out, 8, $out
st %f0, [$ivec + 0] ! write out ivec
retl
st %f1, [$ivec + 4]
.align 16
2: ldxa [$inp]0x82, %g4 ! avoid read-after-write hazard
! and ~2x deterioration
! in inp==out case
faligndata %f0, %f0, %f2 ! handle unaligned output
stda %f2, [$out + $omask]0xc0 ! partial store
add $out, 8, $out
orn %g0, $omask, $omask
stda %f2, [$out + $omask]0xc0 ! partial store
brnz,pt $len, .Ldes_ede3_cbc_enc_loop+4
orn %g0, $omask, $omask
st %f0, [$ivec + 0] ! write out ivec
retl
st %f1, [$ivec + 4]
.type des_t4_ede3_cbc_encrypt,#function
.size des_t4_ede3_cbc_encrypt,.-des_t4_ede3_cbc_encrypt
.globl des_t4_ede3_cbc_decrypt
.align 32
des_t4_ede3_cbc_decrypt:
cmp $len, 0
be,pn $::size_t_cc, .Lcbc_abort
srln $len, 0, $len ! needed on v8+, "nop" on v9
ld [$ivec + 0], %f2 ! load ivec
ld [$ivec + 4], %f3
and $inp, 7, $ileft
andn $inp, 7, $inp
sll $ileft, 3, $ileft
mov 0xff, $omask
prefetch [$inp], 20
prefetch [$inp + 63], 20
sub %g0, $ileft, $iright
and $out, 7, %g4
alignaddrl $out, %g0, $out
srl $omask, %g4, $omask
srlx $len, 3, $len
movrz %g4, 0, $omask
prefetch [$out], 22
ldd [$key + 0x100+0x78], %f4 ! load key schedule
ldd [$key + 0x100+0x70], %f6
ldd [$key + 0x100+0x68], %f8
ldd [$key + 0x100+0x60], %f10
ldd [$key + 0x100+0x58], %f12
ldd [$key + 0x100+0x50], %f14
ldd [$key + 0x100+0x48], %f16
ldd [$key + 0x100+0x40], %f18
ldd [$key + 0x100+0x38], %f20
ldd [$key + 0x100+0x30], %f22
ldd [$key + 0x100+0x28], %f24
ldd [$key + 0x100+0x20], %f26
ldd [$key + 0x100+0x18], %f28
ldd [$key + 0x100+0x10], %f30
ldd [$key + 0x100+0x08], %f32
ldd [$key + 0x100+0x00], %f34
.Ldes_ede3_cbc_dec_loop:
ldx [$inp + 0], %g4
brz,pt $ileft, 4f
nop
ldx [$inp + 8], %g5
sllx %g4, $ileft, %g4
srlx %g5, $iright, %g5
or %g5, %g4, %g4
4:
movxtod %g4, %f0
prefetch [$inp + 8+63], 20
add $inp, 8, $inp
prefetch [$out + 63], 22
des_ip %f0, %f0
des_round %f4, %f6, %f0, %f0
des_round %f8, %f10, %f0, %f0
des_round %f12, %f14, %f0, %f0
des_round %f16, %f18, %f0, %f0
ldd [$key + 0x80+0x00], %f36
ldd [$key + 0x80+0x08], %f38
des_round %f20, %f22, %f0, %f0
ldd [$key + 0x80+0x10], %f40
ldd [$key + 0x80+0x18], %f42
des_round %f24, %f26, %f0, %f0
ldd [$key + 0x80+0x20], %f44
ldd [$key + 0x80+0x28], %f46
des_round %f28, %f30, %f0, %f0
ldd [$key + 0x80+0x30], %f48
ldd [$key + 0x80+0x38], %f50
des_round %f32, %f34, %f0, %f0
ldd [$key + 0x80+0x40], %f52
ldd [$key + 0x80+0x48], %f54
des_iip %f0, %f0
ldd [$key + 0x80+0x50], %f56
ldd [$key + 0x80+0x58], %f58
des_ip %f0, %f0
ldd [$key + 0x80+0x60], %f60
ldd [$key + 0x80+0x68], %f62
des_round %f36, %f38, %f0, %f0
ldd [$key + 0x80+0x70], %f36
ldd [$key + 0x80+0x78], %f38
des_round %f40, %f42, %f0, %f0
des_round %f44, %f46, %f0, %f0
des_round %f48, %f50, %f0, %f0
ldd [$key + 0x80-0x08], %f40
ldd [$key + 0x80-0x10], %f42
des_round %f52, %f54, %f0, %f0
ldd [$key + 0x80-0x18], %f44
ldd [$key + 0x80-0x20], %f46
des_round %f56, %f58, %f0, %f0
ldd [$key + 0x80-0x28], %f48
ldd [$key + 0x80-0x30], %f50
des_round %f60, %f62, %f0, %f0
ldd [$key + 0x80-0x38], %f52
ldd [$key + 0x80-0x40], %f54
des_round %f36, %f38, %f0, %f0
ldd [$key + 0x80-0x48], %f56
ldd [$key + 0x80-0x50], %f58
des_iip %f0, %f0
ldd [$key + 0x80-0x58], %f60
ldd [$key + 0x80-0x60], %f62
des_ip %f0, %f0
ldd [$key + 0x80-0x68], %f36
ldd [$key + 0x80-0x70], %f38
des_round %f40, %f42, %f0, %f0
ldd [$key + 0x80-0x78], %f40
ldd [$key + 0x80-0x80], %f42
des_round %f44, %f46, %f0, %f0
des_round %f48, %f50, %f0, %f0
des_round %f52, %f54, %f0, %f0
des_round %f56, %f58, %f0, %f0
des_round %f60, %f62, %f0, %f0
des_round %f36, %f38, %f0, %f0
des_round %f40, %f42, %f0, %f0
des_iip %f0, %f0
fxor %f2, %f0, %f0 ! ^= ivec
movxtod %g4, %f2
brnz,pn $omask, 2f
sub $len, 1, $len
std %f0, [$out + 0]
brnz,pt $len, .Ldes_ede3_cbc_dec_loop
add $out, 8, $out
st %f2, [$ivec + 0] ! write out ivec
retl
st %f3, [$ivec + 4]
.align 16
2: ldxa [$inp]0x82, %g4 ! avoid read-after-write hazard
! and ~3x deterioration
! in inp==out case
faligndata %f0, %f0, %f0 ! handle unaligned output
stda %f0, [$out + $omask]0xc0 ! partial store
add $out, 8, $out
orn %g0, $omask, $omask
stda %f0, [$out + $omask]0xc0 ! partial store
brnz,pt $len, .Ldes_ede3_cbc_dec_loop+4
orn %g0, $omask, $omask
st %f2, [$ivec + 0] ! write out ivec
retl
st %f3, [$ivec + 4]
.type des_t4_ede3_cbc_decrypt,#function
.size des_t4_ede3_cbc_decrypt,.-des_t4_ede3_cbc_decrypt
___
}
$code.=<<___;
.asciz "DES for SPARC T4, David S. Miller, Andy Polyakov"
.align 4
___
&emit_assembler();
close STDOUT;

View file

@ -0,0 +1,19 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]=\
set_key.c ecb_enc.c cbc_enc.c \
ecb3_enc.c cfb64enc.c cfb64ede.c cfb_enc.c \
ofb64ede.c ofb64enc.c ofb_enc.c \
str2key.c pcbc_enc.c qud_cksm.c rand_key.c \
{- $target{des_asm_src} -} \
fcrypt.c xcbc_enc.c cbc_cksm.c
GENERATE[des_enc-sparc.S]=asm/des_enc.m4
GENERATE[dest4-sparcv9.S]=asm/dest4-sparcv9.pl $(PERLASM_SCHEME)
INCLUDE[dest4-sparcv9.o]=..
GENERATE[des-586.s]=asm/des-586.pl \
$(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS)
DEPEND[des-586.s]=../perlasm/x86asm.pl ../perlasm/cbc.pl
GENERATE[crypt586.s]=asm/crypt586.pl \
$(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS)
DEPEND[crypt586.s]=../perlasm/x86asm.pl ../perlasm/cbc.pl

View file

@ -0,0 +1,53 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "des_locl.h"
DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
long length, DES_key_schedule *schedule,
const_DES_cblock *ivec)
{
register DES_LONG tout0, tout1, tin0, tin1;
register long l = length;
DES_LONG tin[2];
unsigned char *out = &(*output)[0];
const unsigned char *iv = &(*ivec)[0];
c2l(iv, tout0);
c2l(iv, tout1);
for (; l > 0; l -= 8) {
if (l >= 8) {
c2l(in, tin0);
c2l(in, tin1);
} else
c2ln(in, tin0, tin1, l);
tin0 ^= tout0;
tin[0] = tin0;
tin1 ^= tout1;
tin[1] = tin1;
DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
tout0 = tin[0];
tout1 = tin[1];
}
if (out != NULL) {
l2c(tout0, out);
l2c(tout1, out);
}
tout0 = tin0 = tin1 = tin[0] = tin[1] = 0;
/*
* Transform the data in tout1 so that it will match the return value
* that the MIT Kerberos mit_des_cbc_cksum API returns.
*/
tout1 = ((tout1 >> 24L) & 0x000000FF)
| ((tout1 >> 8L) & 0x0000FF00)
| ((tout1 << 8L) & 0x00FF0000)
| ((tout1 << 24L) & 0xFF000000);
return tout1;
}

View file

@ -0,0 +1,12 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#define CBC_ENC_C__DONT_UPDATE_IV
#include "ncbc_enc.c" /* des_cbc_encrypt */

View file

@ -0,0 +1,189 @@
/*
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "des_locl.h"
/*
* The input and output encrypted as though 64bit cfb mode is being used.
* The extra state information to record how much of the 64bit block we have
* used is contained in *num;
*/
void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_key_schedule *ks3,
DES_cblock *ivec, int *num, int enc)
{
register DES_LONG v0, v1;
register long l = length;
register int n = *num;
DES_LONG ti[2];
unsigned char *iv, c, cc;
iv = &(*ivec)[0];
if (enc) {
while (l--) {
if (n == 0) {
c2l(iv, v0);
c2l(iv, v1);
ti[0] = v0;
ti[1] = v1;
DES_encrypt3(ti, ks1, ks2, ks3);
v0 = ti[0];
v1 = ti[1];
iv = &(*ivec)[0];
l2c(v0, iv);
l2c(v1, iv);
iv = &(*ivec)[0];
}
c = *(in++) ^ iv[n];
*(out++) = c;
iv[n] = c;
n = (n + 1) & 0x07;
}
} else {
while (l--) {
if (n == 0) {
c2l(iv, v0);
c2l(iv, v1);
ti[0] = v0;
ti[1] = v1;
DES_encrypt3(ti, ks1, ks2, ks3);
v0 = ti[0];
v1 = ti[1];
iv = &(*ivec)[0];
l2c(v0, iv);
l2c(v1, iv);
iv = &(*ivec)[0];
}
cc = *(in++);
c = iv[n];
iv[n] = cc;
*(out++) = c ^ cc;
n = (n + 1) & 0x07;
}
}
v0 = v1 = ti[0] = ti[1] = c = cc = 0;
*num = n;
}
/*
* This is compatible with the single key CFB-r for DES, even thought that's
* not what EVP needs.
*/
void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
int numbits, long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_key_schedule *ks3,
DES_cblock *ivec, int enc)
{
register DES_LONG d0, d1, v0, v1;
register unsigned long l = length, n = ((unsigned int)numbits + 7) / 8;
register int num = numbits, i;
DES_LONG ti[2];
unsigned char *iv;
unsigned char ovec[16];
if (num > 64)
return;
iv = &(*ivec)[0];
c2l(iv, v0);
c2l(iv, v1);
if (enc) {
while (l >= n) {
l -= n;
ti[0] = v0;
ti[1] = v1;
DES_encrypt3(ti, ks1, ks2, ks3);
c2ln(in, d0, d1, n);
in += n;
d0 ^= ti[0];
d1 ^= ti[1];
l2cn(d0, d1, out, n);
out += n;
/*
* 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
* gcc :-(
*/
if (num == 32) {
v0 = v1;
v1 = d0;
} else if (num == 64) {
v0 = d0;
v1 = d1;
} else {
iv = &ovec[0];
l2c(v0, iv);
l2c(v1, iv);
l2c(d0, iv);
l2c(d1, iv);
/* shift ovec left most of the bits... */
memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0));
/* now the remaining bits */
if (num % 8 != 0)
for (i = 0; i < 8; ++i) {
ovec[i] <<= num % 8;
ovec[i] |= ovec[i + 1] >> (8 - num % 8);
}
iv = &ovec[0];
c2l(iv, v0);
c2l(iv, v1);
}
}
} else {
while (l >= n) {
l -= n;
ti[0] = v0;
ti[1] = v1;
DES_encrypt3(ti, ks1, ks2, ks3);
c2ln(in, d0, d1, n);
in += n;
/*
* 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
* gcc :-(
*/
if (num == 32) {
v0 = v1;
v1 = d0;
} else if (num == 64) {
v0 = d0;
v1 = d1;
} else {
iv = &ovec[0];
l2c(v0, iv);
l2c(v1, iv);
l2c(d0, iv);
l2c(d1, iv);
/* shift ovec left most of the bits... */
memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0));
/* now the remaining bits */
if (num % 8 != 0)
for (i = 0; i < 8; ++i) {
ovec[i] <<= num % 8;
ovec[i] |= ovec[i + 1] >> (8 - num % 8);
}
iv = &ovec[0];
c2l(iv, v0);
c2l(iv, v1);
}
d0 ^= ti[0];
d1 ^= ti[1];
l2cn(d0, d1, out, n);
out += n;
}
}
iv = &(*ivec)[0];
l2c(v0, iv);
l2c(v1, iv);
v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
}

View file

@ -0,0 +1,73 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "des_locl.h"
/*
* The input and output encrypted as though 64bit cfb mode is being used.
* The extra state information to record how much of the 64bit block we have
* used is contained in *num;
*/
void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *schedule,
DES_cblock *ivec, int *num, int enc)
{
register DES_LONG v0, v1;
register long l = length;
register int n = *num;
DES_LONG ti[2];
unsigned char *iv, c, cc;
iv = &(*ivec)[0];
if (enc) {
while (l--) {
if (n == 0) {
c2l(iv, v0);
ti[0] = v0;
c2l(iv, v1);
ti[1] = v1;
DES_encrypt1(ti, schedule, DES_ENCRYPT);
iv = &(*ivec)[0];
v0 = ti[0];
l2c(v0, iv);
v0 = ti[1];
l2c(v0, iv);
iv = &(*ivec)[0];
}
c = *(in++) ^ iv[n];
*(out++) = c;
iv[n] = c;
n = (n + 1) & 0x07;
}
} else {
while (l--) {
if (n == 0) {
c2l(iv, v0);
ti[0] = v0;
c2l(iv, v1);
ti[1] = v1;
DES_encrypt1(ti, schedule, DES_ENCRYPT);
iv = &(*ivec)[0];
v0 = ti[0];
l2c(v0, iv);
v0 = ti[1];
l2c(v0, iv);
iv = &(*ivec)[0];
}
cc = *(in++);
c = iv[n];
iv[n] = cc;
*(out++) = c ^ cc;
n = (n + 1) & 0x07;
}
}
v0 = v1 = ti[0] = ti[1] = c = cc = 0;
*num = n;
}

View file

@ -0,0 +1,150 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "e_os.h"
#include "des_locl.h"
#include <assert.h>
/*
* The input and output are loaded in multiples of 8 bits. What this means is
* that if you hame numbits=12 and length=2 the first 12 bits will be
* retrieved from the first byte and half the second. The second 12 bits
* will come from the 3rd and half the 4th byte.
*/
/*
* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
* will not be compatible with any encryption prior to that date. Ben.
*/
void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
long length, DES_key_schedule *schedule,
DES_cblock *ivec, int enc)
{
register DES_LONG d0, d1, v0, v1;
register unsigned long l = length;
register int num = numbits / 8, n = (numbits + 7) / 8, i, rem =
numbits % 8;
DES_LONG ti[2];
unsigned char *iv;
#ifndef L_ENDIAN
unsigned char ovec[16];
#else
unsigned int sh[4];
unsigned char *ovec = (unsigned char *)sh;
/* I kind of count that compiler optimizes away this assertion, */
assert(sizeof(sh[0]) == 4); /* as this holds true for all, */
/* but 16-bit platforms... */
#endif
if (numbits <= 0 || numbits > 64)
return;
iv = &(*ivec)[0];
c2l(iv, v0);
c2l(iv, v1);
if (enc) {
while (l >= (unsigned long)n) {
l -= n;
ti[0] = v0;
ti[1] = v1;
DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
c2ln(in, d0, d1, n);
in += n;
d0 ^= ti[0];
d1 ^= ti[1];
l2cn(d0, d1, out, n);
out += n;
/*
* 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
* gcc :-(
*/
if (numbits == 32) {
v0 = v1;
v1 = d0;
} else if (numbits == 64) {
v0 = d0;
v1 = d1;
} else {
#ifndef L_ENDIAN
iv = &ovec[0];
l2c(v0, iv);
l2c(v1, iv);
l2c(d0, iv);
l2c(d1, iv);
#else
sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
#endif
if (rem == 0)
memmove(ovec, ovec + num, 8);
else
for (i = 0; i < 8; ++i)
ovec[i] = ovec[i + num] << rem |
ovec[i + num + 1] >> (8 - rem);
#ifdef L_ENDIAN
v0 = sh[0], v1 = sh[1];
#else
iv = &ovec[0];
c2l(iv, v0);
c2l(iv, v1);
#endif
}
}
} else {
while (l >= (unsigned long)n) {
l -= n;
ti[0] = v0;
ti[1] = v1;
DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
c2ln(in, d0, d1, n);
in += n;
/*
* 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
* gcc :-(
*/
if (numbits == 32) {
v0 = v1;
v1 = d0;
} else if (numbits == 64) {
v0 = d0;
v1 = d1;
} else {
#ifndef L_ENDIAN
iv = &ovec[0];
l2c(v0, iv);
l2c(v1, iv);
l2c(d0, iv);
l2c(d1, iv);
#else
sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
#endif
if (rem == 0)
memmove(ovec, ovec + num, 8);
else
for (i = 0; i < 8; ++i)
ovec[i] = ovec[i + num] << rem |
ovec[i + num + 1] >> (8 - rem);
#ifdef L_ENDIAN
v0 = sh[0], v1 = sh[1];
#else
iv = &ovec[0];
c2l(iv, v0);
c2l(iv, v1);
#endif
}
d0 ^= ti[0];
d1 ^= ti[1];
l2cn(d0, d1, out, n);
out += n;
}
}
iv = &(*ivec)[0];
l2c(v0, iv);
l2c(v1, iv);
v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
}

View file

@ -0,0 +1,299 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/crypto.h>
#include "des_locl.h"
#include "spr.h"
void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
{
register DES_LONG l, r, t, u;
register DES_LONG *s;
r = data[0];
l = data[1];
IP(r, l);
/*
* Things have been modified so that the initial rotate is done outside
* the loop. This required the DES_SPtrans values in sp.h to be rotated
* 1 bit to the right. One perl script later and things have a 5% speed
* up on a sparc2. Thanks to Richard Outerbridge for pointing this out.
*/
/* clear the top bits on machines with 8byte longs */
/* shift left by 2 */
r = ROTATE(r, 29) & 0xffffffffL;
l = ROTATE(l, 29) & 0xffffffffL;
s = ks->ks->deslong;
/*
* I don't know if it is worth the effort of loop unrolling the inner
* loop
*/
if (enc) {
D_ENCRYPT(l, r, 0); /* 1 */
D_ENCRYPT(r, l, 2); /* 2 */
D_ENCRYPT(l, r, 4); /* 3 */
D_ENCRYPT(r, l, 6); /* 4 */
D_ENCRYPT(l, r, 8); /* 5 */
D_ENCRYPT(r, l, 10); /* 6 */
D_ENCRYPT(l, r, 12); /* 7 */
D_ENCRYPT(r, l, 14); /* 8 */
D_ENCRYPT(l, r, 16); /* 9 */
D_ENCRYPT(r, l, 18); /* 10 */
D_ENCRYPT(l, r, 20); /* 11 */
D_ENCRYPT(r, l, 22); /* 12 */
D_ENCRYPT(l, r, 24); /* 13 */
D_ENCRYPT(r, l, 26); /* 14 */
D_ENCRYPT(l, r, 28); /* 15 */
D_ENCRYPT(r, l, 30); /* 16 */
} else {
D_ENCRYPT(l, r, 30); /* 16 */
D_ENCRYPT(r, l, 28); /* 15 */
D_ENCRYPT(l, r, 26); /* 14 */
D_ENCRYPT(r, l, 24); /* 13 */
D_ENCRYPT(l, r, 22); /* 12 */
D_ENCRYPT(r, l, 20); /* 11 */
D_ENCRYPT(l, r, 18); /* 10 */
D_ENCRYPT(r, l, 16); /* 9 */
D_ENCRYPT(l, r, 14); /* 8 */
D_ENCRYPT(r, l, 12); /* 7 */
D_ENCRYPT(l, r, 10); /* 6 */
D_ENCRYPT(r, l, 8); /* 5 */
D_ENCRYPT(l, r, 6); /* 4 */
D_ENCRYPT(r, l, 4); /* 3 */
D_ENCRYPT(l, r, 2); /* 2 */
D_ENCRYPT(r, l, 0); /* 1 */
}
/* rotate and clear the top bits on machines with 8byte longs */
l = ROTATE(l, 3) & 0xffffffffL;
r = ROTATE(r, 3) & 0xffffffffL;
FP(r, l);
data[0] = l;
data[1] = r;
l = r = t = u = 0;
}
void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
{
register DES_LONG l, r, t, u;
register DES_LONG *s;
r = data[0];
l = data[1];
/*
* Things have been modified so that the initial rotate is done outside
* the loop. This required the DES_SPtrans values in sp.h to be rotated
* 1 bit to the right. One perl script later and things have a 5% speed
* up on a sparc2. Thanks to Richard Outerbridge for pointing this out.
*/
/* clear the top bits on machines with 8byte longs */
r = ROTATE(r, 29) & 0xffffffffL;
l = ROTATE(l, 29) & 0xffffffffL;
s = ks->ks->deslong;
/*
* I don't know if it is worth the effort of loop unrolling the inner
* loop
*/
if (enc) {
D_ENCRYPT(l, r, 0); /* 1 */
D_ENCRYPT(r, l, 2); /* 2 */
D_ENCRYPT(l, r, 4); /* 3 */
D_ENCRYPT(r, l, 6); /* 4 */
D_ENCRYPT(l, r, 8); /* 5 */
D_ENCRYPT(r, l, 10); /* 6 */
D_ENCRYPT(l, r, 12); /* 7 */
D_ENCRYPT(r, l, 14); /* 8 */
D_ENCRYPT(l, r, 16); /* 9 */
D_ENCRYPT(r, l, 18); /* 10 */
D_ENCRYPT(l, r, 20); /* 11 */
D_ENCRYPT(r, l, 22); /* 12 */
D_ENCRYPT(l, r, 24); /* 13 */
D_ENCRYPT(r, l, 26); /* 14 */
D_ENCRYPT(l, r, 28); /* 15 */
D_ENCRYPT(r, l, 30); /* 16 */
} else {
D_ENCRYPT(l, r, 30); /* 16 */
D_ENCRYPT(r, l, 28); /* 15 */
D_ENCRYPT(l, r, 26); /* 14 */
D_ENCRYPT(r, l, 24); /* 13 */
D_ENCRYPT(l, r, 22); /* 12 */
D_ENCRYPT(r, l, 20); /* 11 */
D_ENCRYPT(l, r, 18); /* 10 */
D_ENCRYPT(r, l, 16); /* 9 */
D_ENCRYPT(l, r, 14); /* 8 */
D_ENCRYPT(r, l, 12); /* 7 */
D_ENCRYPT(l, r, 10); /* 6 */
D_ENCRYPT(r, l, 8); /* 5 */
D_ENCRYPT(l, r, 6); /* 4 */
D_ENCRYPT(r, l, 4); /* 3 */
D_ENCRYPT(l, r, 2); /* 2 */
D_ENCRYPT(r, l, 0); /* 1 */
}
/* rotate and clear the top bits on machines with 8byte longs */
data[0] = ROTATE(l, 3) & 0xffffffffL;
data[1] = ROTATE(r, 3) & 0xffffffffL;
l = r = t = u = 0;
}
void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_key_schedule *ks3)
{
register DES_LONG l, r;
l = data[0];
r = data[1];
IP(l, r);
data[0] = l;
data[1] = r;
DES_encrypt2((DES_LONG *)data, ks1, DES_ENCRYPT);
DES_encrypt2((DES_LONG *)data, ks2, DES_DECRYPT);
DES_encrypt2((DES_LONG *)data, ks3, DES_ENCRYPT);
l = data[0];
r = data[1];
FP(r, l);
data[0] = l;
data[1] = r;
}
void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_key_schedule *ks3)
{
register DES_LONG l, r;
l = data[0];
r = data[1];
IP(l, r);
data[0] = l;
data[1] = r;
DES_encrypt2((DES_LONG *)data, ks3, DES_DECRYPT);
DES_encrypt2((DES_LONG *)data, ks2, DES_ENCRYPT);
DES_encrypt2((DES_LONG *)data, ks1, DES_DECRYPT);
l = data[0];
r = data[1];
FP(r, l);
data[0] = l;
data[1] = r;
}
#ifndef DES_DEFAULT_OPTIONS
# undef CBC_ENC_C__DONT_UPDATE_IV
# include "ncbc_enc.c" /* DES_ncbc_encrypt */
void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_key_schedule *ks3,
DES_cblock *ivec, int enc)
{
register DES_LONG tin0, tin1;
register DES_LONG tout0, tout1, xor0, xor1;
register const unsigned char *in;
unsigned char *out;
register long l = length;
DES_LONG tin[2];
unsigned char *iv;
in = input;
out = output;
iv = &(*ivec)[0];
if (enc) {
c2l(iv, tout0);
c2l(iv, tout1);
for (l -= 8; l >= 0; l -= 8) {
c2l(in, tin0);
c2l(in, tin1);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
DES_encrypt3((DES_LONG *)tin, ks1, ks2, ks3);
tout0 = tin[0];
tout1 = tin[1];
l2c(tout0, out);
l2c(tout1, out);
}
if (l != -8) {
c2ln(in, tin0, tin1, l + 8);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
DES_encrypt3((DES_LONG *)tin, ks1, ks2, ks3);
tout0 = tin[0];
tout1 = tin[1];
l2c(tout0, out);
l2c(tout1, out);
}
iv = &(*ivec)[0];
l2c(tout0, iv);
l2c(tout1, iv);
} else {
register DES_LONG t0, t1;
c2l(iv, xor0);
c2l(iv, xor1);
for (l -= 8; l >= 0; l -= 8) {
c2l(in, tin0);
c2l(in, tin1);
t0 = tin0;
t1 = tin1;
tin[0] = tin0;
tin[1] = tin1;
DES_decrypt3((DES_LONG *)tin, ks1, ks2, ks3);
tout0 = tin[0];
tout1 = tin[1];
tout0 ^= xor0;
tout1 ^= xor1;
l2c(tout0, out);
l2c(tout1, out);
xor0 = t0;
xor1 = t1;
}
if (l != -8) {
c2l(in, tin0);
c2l(in, tin1);
t0 = tin0;
t1 = tin1;
tin[0] = tin0;
tin[1] = tin1;
DES_decrypt3((DES_LONG *)tin, ks1, ks2, ks3);
tout0 = tin[0];
tout1 = tin[1];
tout0 ^= xor0;
tout1 ^= xor1;
l2cn(tout0, tout1, out, l + 8);
xor0 = t0;
xor1 = t1;
}
iv = &(*ivec)[0];
l2c(xor0, iv);
l2c(xor1, iv);
}
tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
tin[0] = tin[1] = 0;
}
#endif /* DES_DEFAULT_OPTIONS */

View file

@ -0,0 +1,226 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef HEADER_DES_LOCL_H
# define HEADER_DES_LOCL_H
# include <openssl/e_os2.h>
# include <stdio.h>
# include <stdlib.h>
# include <string.h>
# include <openssl/des.h>
# ifdef OPENSSL_BUILD_SHLIBCRYPTO
# undef OPENSSL_EXTERN
# define OPENSSL_EXTERN OPENSSL_EXPORT
# endif
# define ITERATIONS 16
# define HALF_ITERATIONS 8
# define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
l|=((DES_LONG)(*((c)++)))<< 8L, \
l|=((DES_LONG)(*((c)++)))<<16L, \
l|=((DES_LONG)(*((c)++)))<<24L)
/* NOTE - c is not incremented as per c2l */
# define c2ln(c,l1,l2,n) { \
c+=n; \
l1=l2=0; \
switch (n) { \
case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
/* fall thru */ \
case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
/* fall thru */ \
case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
/* fall thru */ \
case 5: l2|=((DES_LONG)(*(--(c)))); \
/* fall thru */ \
case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
/* fall thru */ \
case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
/* fall thru */ \
case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
/* fall thru */ \
case 1: l1|=((DES_LONG)(*(--(c)))); \
} \
}
# define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
*((c)++)=(unsigned char)(((l)>>24L)&0xff))
/*
* replacements for htonl and ntohl since I have no idea what to do when
* faced with machines with 8 byte longs.
*/
# define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
l|=((DES_LONG)(*((c)++)))<<16L, \
l|=((DES_LONG)(*((c)++)))<< 8L, \
l|=((DES_LONG)(*((c)++))))
# define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
/* NOTE - c is not incremented as per l2c */
# define l2cn(l1,l2,c,n) { \
c+=n; \
switch (n) { \
case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
/* fall thru */ \
case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
/* fall thru */ \
case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
/* fall thru */ \
case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
/* fall thru */ \
case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
/* fall thru */ \
case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
/* fall thru */ \
case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
/* fall thru */ \
case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
} \
}
# if defined(_MSC_VER)
# define ROTATE(a,n) (_lrotr(a,n))
# elif defined(__ICC)
# define ROTATE(a,n) (_rotr(a,n))
# elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
# define ROTATE(a,n) ({ register unsigned int ret; \
asm ("rorl %1,%0" \
: "=r"(ret) \
: "I"(n),"0"(a) \
: "cc"); \
ret; \
})
# endif
# endif
# ifndef ROTATE
# define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n))))
# endif
/*
* Don't worry about the LOAD_DATA() stuff, that is used by fcrypt() to add
* it's little bit to the front
*/
# ifdef DES_FCRYPT
# define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
{ DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
# define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
t=R^(R>>16L); \
u=t&E0; t&=E1; \
tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
tmp=(t<<16); t^=R^s[S+1]; t^=tmp
# else
# define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
# define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
u=R^s[S ]; \
t=R^s[S+1]
# endif
/*
* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there is no reason
* to not xor all the sub items together. This potentially saves a register
* since things can be xored directly into L
*/
# define D_ENCRYPT(LL,R,S) { \
LOAD_DATA_tmp(R,S,u,t,E0,E1); \
t=ROTATE(t,4); \
LL^= \
DES_SPtrans[0][(u>> 2L)&0x3f]^ \
DES_SPtrans[2][(u>>10L)&0x3f]^ \
DES_SPtrans[4][(u>>18L)&0x3f]^ \
DES_SPtrans[6][(u>>26L)&0x3f]^ \
DES_SPtrans[1][(t>> 2L)&0x3f]^ \
DES_SPtrans[3][(t>>10L)&0x3f]^ \
DES_SPtrans[5][(t>>18L)&0x3f]^ \
DES_SPtrans[7][(t>>26L)&0x3f]; }
/*-
* IP and FP
* The problem is more of a geometric problem that random bit fiddling.
0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
The output has been subject to swaps of the form
0 1 -> 3 1 but the odd and even bits have been put into
2 3 2 0
different words. The main trick is to remember that
t=((l>>size)^r)&(mask);
r^=t;
l^=(t<<size);
can be used to swap and move bits between words.
So l = 0 1 2 3 r = 16 17 18 19
4 5 6 7 20 21 22 23
8 9 10 11 24 25 26 27
12 13 14 15 28 29 30 31
becomes (for size == 2 and mask == 0x3333)
t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
6^20 7^21 -- -- 4 5 20 21 6 7 22 23
10^24 11^25 -- -- 8 9 24 25 10 11 24 25
14^28 15^29 -- -- 12 13 28 29 14 15 28 29
Thanks for hints from Richard Outerbridge - he told me IP&FP
could be done in 15 xor, 10 shifts and 5 ands.
When I finally started to think of the problem in 2D
I first got ~42 operations without xors. When I remembered
how to use xors :-) I got it to its final state.
*/
# define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
(b)^=(t),\
(a)^=((t)<<(n)))
# define IP(l,r) \
{ \
register DES_LONG tt; \
PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
PERM_OP(l,r,tt,16,0x0000ffffL); \
PERM_OP(r,l,tt, 2,0x33333333L); \
PERM_OP(l,r,tt, 8,0x00ff00ffL); \
PERM_OP(r,l,tt, 1,0x55555555L); \
}
# define FP(l,r) \
{ \
register DES_LONG tt; \
PERM_OP(l,r,tt, 1,0x55555555L); \
PERM_OP(r,l,tt, 8,0x00ff00ffL); \
PERM_OP(l,r,tt, 2,0x33333333L); \
PERM_OP(r,l,tt,16,0x0000ffffL); \
PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
}
extern const DES_LONG DES_SPtrans[8][64];
void fcrypt_body(DES_LONG *out, DES_key_schedule *ks,
DES_LONG Eswap0, DES_LONG Eswap1);
#endif

View file

@ -0,0 +1,33 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "des_locl.h"
void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
DES_key_schedule *ks1, DES_key_schedule *ks2,
DES_key_schedule *ks3, int enc)
{
register DES_LONG l0, l1;
DES_LONG ll[2];
const unsigned char *in = &(*input)[0];
unsigned char *out = &(*output)[0];
c2l(in, l0);
c2l(in, l1);
ll[0] = l0;
ll[1] = l1;
if (enc)
DES_encrypt3(ll, ks1, ks2, ks3);
else
DES_decrypt3(ll, ks1, ks2, ks3);
l0 = ll[0];
l1 = ll[1];
l2c(l0, out);
l2c(l1, out);
}

View file

@ -0,0 +1,48 @@
/*
* Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "des_locl.h"
#include <openssl/opensslv.h>
#include <openssl/bio.h>
const char *DES_options(void)
{
static int init = 1;
static char buf[12];
if (init) {
if (sizeof(DES_LONG) != sizeof(long))
OPENSSL_strlcpy(buf, "des(int)", sizeof(buf));
else
OPENSSL_strlcpy(buf, "des(long)", sizeof(buf));
init = 0;
}
return buf;
}
void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
DES_key_schedule *ks, int enc)
{
register DES_LONG l;
DES_LONG ll[2];
const unsigned char *in = &(*input)[0];
unsigned char *out = &(*output)[0];
c2l(in, l);
ll[0] = l;
c2l(in, l);
ll[1] = l;
DES_encrypt1(ll, ks, enc);
l = ll[0];
l2c(l, out);
l = ll[1];
l2c(l, out);
l = ll[0] = ll[1] = 0;
}

View file

@ -0,0 +1,149 @@
/*
* Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* NOCW */
#include <stdio.h>
#ifdef _OSD_POSIX
# ifndef CHARSET_EBCDIC
# define CHARSET_EBCDIC 1
# endif
#endif
#ifdef CHARSET_EBCDIC
# include <openssl/ebcdic.h>
#endif
#include <openssl/crypto.h>
#include "des_locl.h"
/*
* Added more values to handle illegal salt values the way normal crypt()
* implementations do.
*/
static unsigned const char con_salt[128] = {
0xD2, 0xD3, 0xD4, 0xD5, 0xD6, 0xD7, 0xD8, 0xD9,
0xDA, 0xDB, 0xDC, 0xDD, 0xDE, 0xDF, 0xE0, 0xE1,
0xE2, 0xE3, 0xE4, 0xE5, 0xE6, 0xE7, 0xE8, 0xE9,
0xEA, 0xEB, 0xEC, 0xED, 0xEE, 0xEF, 0xF0, 0xF1,
0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9,
0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF, 0x00, 0x01,
0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A,
0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12,
0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A,
0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
0x23, 0x24, 0x25, 0x20, 0x21, 0x22, 0x23, 0x24,
0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C,
0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34,
0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C,
0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44,
};
static unsigned const char cov_2char[64] = {
0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44,
0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C,
0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54,
0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x61, 0x62,
0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A,
0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71, 0x72,
0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A
};
char *DES_crypt(const char *buf, const char *salt)
{
static char buff[14];
#ifndef CHARSET_EBCDIC
return DES_fcrypt(buf, salt, buff);
#else
char e_salt[2 + 1];
char e_buf[32 + 1]; /* replace 32 by 8 ? */
char *ret;
if (salt[0] == '\0' || salt[1] == '\0')
return NULL;
/* Copy salt, convert to ASCII. */
e_salt[0] = salt[0];
e_salt[1] = salt[1];
e_salt[2] = '\0';
ebcdic2ascii(e_salt, e_salt, sizeof(e_salt));
/* Convert password to ASCII. */
OPENSSL_strlcpy(e_buf, buf, sizeof(e_buf));
ebcdic2ascii(e_buf, e_buf, sizeof(e_buf));
/* Encrypt it (from/to ASCII); if it worked, convert back. */
ret = DES_fcrypt(e_buf, e_salt, buff);
if (ret != NULL)
ascii2ebcdic(ret, ret, strlen(ret));
return ret;
#endif
}
char *DES_fcrypt(const char *buf, const char *salt, char *ret)
{
unsigned int i, j, x, y;
DES_LONG Eswap0, Eswap1;
DES_LONG out[2], ll;
DES_cblock key;
DES_key_schedule ks;
unsigned char bb[9];
unsigned char *b = bb;
unsigned char c, u;
x = ret[0] = salt[0];
if (x == 0 || x >= sizeof(con_salt))
return NULL;
Eswap0 = con_salt[x] << 2;
x = ret[1] = salt[1];
if (x == 0 || x >= sizeof(con_salt))
return NULL;
Eswap1 = con_salt[x] << 6;
/*
* EAY r=strlen(buf); r=(r+7)/8;
*/
for (i = 0; i < 8; i++) {
c = *(buf++);
if (!c)
break;
key[i] = (c << 1);
}
for (; i < 8; i++)
key[i] = 0;
DES_set_key_unchecked(&key, &ks);
fcrypt_body(&(out[0]), &ks, Eswap0, Eswap1);
ll = out[0];
l2c(ll, b);
ll = out[1];
l2c(ll, b);
y = 0;
u = 0x80;
bb[8] = 0;
for (i = 2; i < 13; i++) {
c = 0;
for (j = 0; j < 6; j++) {
c <<= 1;
if (bb[y] & u)
c |= 1;
u >>= 1;
if (!u) {
y++;
u = 0x80;
}
}
ret[i] = cov_2char[c];
}
ret[13] = '\0';
return ret;
}

View file

@ -0,0 +1,72 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#define DES_FCRYPT
#include "des_locl.h"
#undef DES_FCRYPT
#undef PERM_OP
#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
(b)^=(t),\
(a)^=((t)<<(n)))
#undef HPERM_OP
#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
(a)=(a)^(t)^(t>>(16-(n))))\
void fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0,
DES_LONG Eswap1)
{
register DES_LONG l, r, t, u;
register DES_LONG *s;
register int j;
register DES_LONG E0, E1;
l = 0;
r = 0;
s = (DES_LONG *)ks;
E0 = Eswap0;
E1 = Eswap1;
for (j = 0; j < 25; j++) {
D_ENCRYPT(l, r, 0); /* 1 */
D_ENCRYPT(r, l, 2); /* 2 */
D_ENCRYPT(l, r, 4); /* 3 */
D_ENCRYPT(r, l, 6); /* 4 */
D_ENCRYPT(l, r, 8); /* 5 */
D_ENCRYPT(r, l, 10); /* 6 */
D_ENCRYPT(l, r, 12); /* 7 */
D_ENCRYPT(r, l, 14); /* 8 */
D_ENCRYPT(l, r, 16); /* 9 */
D_ENCRYPT(r, l, 18); /* 10 */
D_ENCRYPT(l, r, 20); /* 11 */
D_ENCRYPT(r, l, 22); /* 12 */
D_ENCRYPT(l, r, 24); /* 13 */
D_ENCRYPT(r, l, 26); /* 14 */
D_ENCRYPT(l, r, 28); /* 15 */
D_ENCRYPT(r, l, 30); /* 16 */
t = l;
l = r;
r = t;
}
l = ROTATE(l, 3) & 0xffffffffL;
r = ROTATE(r, 3) & 0xffffffffL;
PERM_OP(l, r, t, 1, 0x55555555L);
PERM_OP(r, l, t, 8, 0x00ff00ffL);
PERM_OP(l, r, t, 2, 0x33333333L);
PERM_OP(r, l, t, 16, 0x0000ffffL);
PERM_OP(l, r, t, 4, 0x0f0f0f0fL);
out[0] = r;
out[1] = l;
}

View file

@ -0,0 +1,106 @@
/*
* Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*-
* #included by:
* cbc_enc.c (DES_cbc_encrypt)
* des_enc.c (DES_ncbc_encrypt)
*/
#include "des_locl.h"
#ifdef CBC_ENC_C__DONT_UPDATE_IV
void DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
#else
void DES_ncbc_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *_schedule,
DES_cblock *ivec, int enc)
#endif
{
register DES_LONG tin0, tin1;
register DES_LONG tout0, tout1, xor0, xor1;
register long l = length;
DES_LONG tin[2];
unsigned char *iv;
iv = &(*ivec)[0];
if (enc) {
c2l(iv, tout0);
c2l(iv, tout1);
for (l -= 8; l >= 0; l -= 8) {
c2l(in, tin0);
c2l(in, tin1);
tin0 ^= tout0;
tin[0] = tin0;
tin1 ^= tout1;
tin[1] = tin1;
DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
tout0 = tin[0];
l2c(tout0, out);
tout1 = tin[1];
l2c(tout1, out);
}
if (l != -8) {
c2ln(in, tin0, tin1, l + 8);
tin0 ^= tout0;
tin[0] = tin0;
tin1 ^= tout1;
tin[1] = tin1;
DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
tout0 = tin[0];
l2c(tout0, out);
tout1 = tin[1];
l2c(tout1, out);
}
#ifndef CBC_ENC_C__DONT_UPDATE_IV
iv = &(*ivec)[0];
l2c(tout0, iv);
l2c(tout1, iv);
#endif
} else {
c2l(iv, xor0);
c2l(iv, xor1);
for (l -= 8; l >= 0; l -= 8) {
c2l(in, tin0);
tin[0] = tin0;
c2l(in, tin1);
tin[1] = tin1;
DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
tout0 = tin[0] ^ xor0;
tout1 = tin[1] ^ xor1;
l2c(tout0, out);
l2c(tout1, out);
xor0 = tin0;
xor1 = tin1;
}
if (l != -8) {
c2l(in, tin0);
tin[0] = tin0;
c2l(in, tin1);
tin[1] = tin1;
DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
tout0 = tin[0] ^ xor0;
tout1 = tin[1] ^ xor1;
l2cn(tout0, tout1, out, l + 8);
#ifndef CBC_ENC_C__DONT_UPDATE_IV
xor0 = tin0;
xor1 = tin1;
#endif
}
#ifndef CBC_ENC_C__DONT_UPDATE_IV
iv = &(*ivec)[0];
l2c(xor0, iv);
l2c(xor1, iv);
#endif
}
tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
tin[0] = tin[1] = 0;
}

View file

@ -0,0 +1,62 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "des_locl.h"
/*
* The input and output encrypted as though 64bit ofb mode is being used.
* The extra state information to record how much of the 64bit block we have
* used is contained in *num;
*/
void DES_ede3_ofb64_encrypt(register const unsigned char *in,
register unsigned char *out, long length,
DES_key_schedule *k1, DES_key_schedule *k2,
DES_key_schedule *k3, DES_cblock *ivec, int *num)
{
register DES_LONG v0, v1;
register int n = *num;
register long l = length;
DES_cblock d;
register char *dp;
DES_LONG ti[2];
unsigned char *iv;
int save = 0;
iv = &(*ivec)[0];
c2l(iv, v0);
c2l(iv, v1);
ti[0] = v0;
ti[1] = v1;
dp = (char *)d;
l2c(v0, dp);
l2c(v1, dp);
while (l--) {
if (n == 0) {
/* ti[0]=v0; */
/* ti[1]=v1; */
DES_encrypt3(ti, k1, k2, k3);
v0 = ti[0];
v1 = ti[1];
dp = (char *)d;
l2c(v0, dp);
l2c(v1, dp);
save++;
}
*(out++) = *(in++) ^ d[n];
n = (n + 1) & 0x07;
}
if (save) {
iv = &(*ivec)[0];
l2c(v0, iv);
l2c(v1, iv);
}
v0 = v1 = ti[0] = ti[1] = 0;
*num = n;
}

View file

@ -0,0 +1,60 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "des_locl.h"
/*
* The input and output encrypted as though 64bit ofb mode is being used.
* The extra state information to record how much of the 64bit block we have
* used is contained in *num;
*/
void DES_ofb64_encrypt(register const unsigned char *in,
register unsigned char *out, long length,
DES_key_schedule *schedule, DES_cblock *ivec, int *num)
{
register DES_LONG v0, v1, t;
register int n = *num;
register long l = length;
DES_cblock d;
register unsigned char *dp;
DES_LONG ti[2];
unsigned char *iv;
int save = 0;
iv = &(*ivec)[0];
c2l(iv, v0);
c2l(iv, v1);
ti[0] = v0;
ti[1] = v1;
dp = d;
l2c(v0, dp);
l2c(v1, dp);
while (l--) {
if (n == 0) {
DES_encrypt1(ti, schedule, DES_ENCRYPT);
dp = d;
t = ti[0];
l2c(t, dp);
t = ti[1];
l2c(t, dp);
save++;
}
*(out++) = *(in++) ^ d[n];
n = (n + 1) & 0x07;
}
if (save) {
v0 = ti[0];
v1 = ti[1];
iv = &(*ivec)[0];
l2c(v0, iv);
l2c(v1, iv);
}
t = v0 = v1 = ti[0] = ti[1] = 0;
*num = n;
}

View file

@ -0,0 +1,82 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "des_locl.h"
/*
* The input and output are loaded in multiples of 8 bits. What this means is
* that if you have numbits=12 and length=2 the first 12 bits will be
* retrieved from the first byte and half the second. The second 12 bits
* will come from the 3rd and half the 4th byte.
*/
void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
long length, DES_key_schedule *schedule,
DES_cblock *ivec)
{
register DES_LONG d0, d1, vv0, vv1, v0, v1, n = (numbits + 7) / 8;
register DES_LONG mask0, mask1;
register long l = length;
register int num = numbits;
DES_LONG ti[2];
unsigned char *iv;
if (num > 64)
return;
if (num > 32) {
mask0 = 0xffffffffL;
if (num >= 64)
mask1 = mask0;
else
mask1 = (1L << (num - 32)) - 1;
} else {
if (num == 32)
mask0 = 0xffffffffL;
else
mask0 = (1L << num) - 1;
mask1 = 0x00000000L;
}
iv = &(*ivec)[0];
c2l(iv, v0);
c2l(iv, v1);
ti[0] = v0;
ti[1] = v1;
while (l-- > 0) {
ti[0] = v0;
ti[1] = v1;
DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
vv0 = ti[0];
vv1 = ti[1];
c2ln(in, d0, d1, n);
in += n;
d0 = (d0 ^ vv0) & mask0;
d1 = (d1 ^ vv1) & mask1;
l2cn(d0, d1, out, n);
out += n;
if (num == 32) {
v0 = v1;
v1 = vv0;
} else if (num == 64) {
v0 = vv0;
v1 = vv1;
} else if (num > 32) { /* && num != 64 */
v0 = ((v1 >> (num - 32)) | (vv0 << (64 - num))) & 0xffffffffL;
v1 = ((vv0 >> (num - 32)) | (vv1 << (64 - num))) & 0xffffffffL;
} else { /* num < 32 */
v0 = ((v0 >> num) | (v1 << (32 - num))) & 0xffffffffL;
v1 = ((v1 >> num) | (vv0 << (32 - num))) & 0xffffffffL;
}
}
iv = &(*ivec)[0];
l2c(v0, iv);
l2c(v1, iv);
v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
}

View file

@ -0,0 +1,66 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "des_locl.h"
void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
long length, DES_key_schedule *schedule,
DES_cblock *ivec, int enc)
{
register DES_LONG sin0, sin1, xor0, xor1, tout0, tout1;
DES_LONG tin[2];
const unsigned char *in;
unsigned char *out, *iv;
in = input;
out = output;
iv = &(*ivec)[0];
if (enc) {
c2l(iv, xor0);
c2l(iv, xor1);
for (; length > 0; length -= 8) {
if (length >= 8) {
c2l(in, sin0);
c2l(in, sin1);
} else
c2ln(in, sin0, sin1, length);
tin[0] = sin0 ^ xor0;
tin[1] = sin1 ^ xor1;
DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
tout0 = tin[0];
tout1 = tin[1];
xor0 = sin0 ^ tout0;
xor1 = sin1 ^ tout1;
l2c(tout0, out);
l2c(tout1, out);
}
} else {
c2l(iv, xor0);
c2l(iv, xor1);
for (; length > 0; length -= 8) {
c2l(in, sin0);
c2l(in, sin1);
tin[0] = sin0;
tin[1] = sin1;
DES_encrypt1((DES_LONG *)tin, schedule, DES_DECRYPT);
tout0 = tin[0] ^ xor0;
tout1 = tin[1] ^ xor1;
if (length >= 8) {
l2c(tout0, out);
l2c(tout1, out);
} else
l2cn(tout0, tout1, out, length);
xor0 = tout0 ^ sin0;
xor1 = tout1 ^ sin1;
}
}
tin[0] = tin[1] = 0;
sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
}

View file

@ -0,0 +1,76 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer IEEE
* Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40 This module in
* only based on the code in this paper and is almost definitely not the same
* as the MIT implementation.
*/
#include "des_locl.h"
#define Q_B0(a) (((DES_LONG)(a)))
#define Q_B1(a) (((DES_LONG)(a))<<8)
#define Q_B2(a) (((DES_LONG)(a))<<16)
#define Q_B3(a) (((DES_LONG)(a))<<24)
/* used to scramble things a bit */
/* Got the value MIT uses via brute force :-) 2/10/90 eay */
#define NOISE ((DES_LONG)83653421L)
DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
long length, int out_count, DES_cblock *seed)
{
DES_LONG z0, z1, t0, t1;
int i;
long l;
const unsigned char *cp;
DES_LONG *lp;
if (out_count < 1)
out_count = 1;
lp = (DES_LONG *)&(output[0])[0];
z0 = Q_B0((*seed)[0]) | Q_B1((*seed)[1]) | Q_B2((*seed)[2]) |
Q_B3((*seed)[3]);
z1 = Q_B0((*seed)[4]) | Q_B1((*seed)[5]) | Q_B2((*seed)[6]) |
Q_B3((*seed)[7]);
for (i = 0; ((i < 4) && (i < out_count)); i++) {
cp = input;
l = length;
while (l > 0) {
if (l > 1) {
t0 = (DES_LONG)(*(cp++));
t0 |= (DES_LONG)Q_B1(*(cp++));
l--;
} else
t0 = (DES_LONG)(*(cp++));
l--;
/* add */
t0 += z0;
t0 &= 0xffffffffL;
t1 = z1;
/* square, well sort of square */
z0 = ((((t0 * t0) & 0xffffffffL) + ((t1 * t1) & 0xffffffffL))
& 0xffffffffL) % 0x7fffffffL;
z1 = ((t0 * ((t1 + NOISE) & 0xffffffffL)) & 0xffffffffL) %
0x7fffffffL;
}
if (lp != NULL) {
/*
* The MIT library assumes that the checksum is composed of
* 2*out_count 32 bit ints
*/
*lp++ = z0;
*lp++ = z1;
}
}
return z0;
}

View file

@ -0,0 +1,21 @@
/*
* Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/des.h>
#include <openssl/rand.h>
int DES_random_key(DES_cblock *ret)
{
do {
if (RAND_priv_bytes((unsigned char *)ret, sizeof(DES_cblock)) != 1)
return 0;
} while (DES_is_weak_key(ret));
DES_set_odd_parity(ret);
return 1;
}

View file

@ -0,0 +1,372 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*-
* set_key.c v 1.4 eay 24/9/91
* 1.4 Speed up by 400% :-)
* 1.3 added register declarations.
* 1.2 unrolled make_key_sched a bit more
* 1.1 added norm_expand_bits
* 1.0 First working version
*/
#include <openssl/crypto.h>
#include "des_locl.h"
/* defaults to false */
OPENSSL_IMPLEMENT_GLOBAL(int, DES_check_key, 0)
static const unsigned char odd_parity[256] = {
1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
97, 97, 98, 98, 100, 100, 103, 103, 104, 104, 107, 107, 109, 109, 110,
110,
112, 112, 115, 115, 117, 117, 118, 118, 121, 121, 122, 122, 124, 124, 127,
127,
128, 128, 131, 131, 133, 133, 134, 134, 137, 137, 138, 138, 140, 140, 143,
143,
145, 145, 146, 146, 148, 148, 151, 151, 152, 152, 155, 155, 157, 157, 158,
158,
161, 161, 162, 162, 164, 164, 167, 167, 168, 168, 171, 171, 173, 173, 174,
174,
176, 176, 179, 179, 181, 181, 182, 182, 185, 185, 186, 186, 188, 188, 191,
191,
193, 193, 194, 194, 196, 196, 199, 199, 200, 200, 203, 203, 205, 205, 206,
206,
208, 208, 211, 211, 213, 213, 214, 214, 217, 217, 218, 218, 220, 220, 223,
223,
224, 224, 227, 227, 229, 229, 230, 230, 233, 233, 234, 234, 236, 236, 239,
239,
241, 241, 242, 242, 244, 244, 247, 247, 248, 248, 251, 251, 253, 253, 254,
254
};
void DES_set_odd_parity(DES_cblock *key)
{
unsigned int i;
for (i = 0; i < DES_KEY_SZ; i++)
(*key)[i] = odd_parity[(*key)[i]];
}
int DES_check_key_parity(const_DES_cblock *key)
{
unsigned int i;
for (i = 0; i < DES_KEY_SZ; i++) {
if ((*key)[i] != odd_parity[(*key)[i]])
return 0;
}
return 1;
}
/*-
* Weak and semi weak keys as taken from
* %A D.W. Davies
* %A W.L. Price
* %T Security for Computer Networks
* %I John Wiley & Sons
* %D 1984
*/
#define NUM_WEAK_KEY 16
static const DES_cblock weak_keys[NUM_WEAK_KEY] = {
/* weak keys */
{0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
{0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE},
{0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
{0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1},
/* semi-weak keys */
{0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE},
{0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01},
{0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1},
{0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E},
{0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1},
{0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01},
{0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE},
{0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E},
{0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E},
{0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01},
{0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
{0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1}
};
int DES_is_weak_key(const_DES_cblock *key)
{
int i;
for (i = 0; i < NUM_WEAK_KEY; i++)
if (memcmp(weak_keys[i], key, sizeof(DES_cblock)) == 0)
return 1;
return 0;
}
/*-
* NOW DEFINED IN des_local.h
* See ecb_encrypt.c for a pseudo description of these macros.
* #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
* (b)^=(t),\
* (a)=((a)^((t)<<(n))))
*/
#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
(a)=(a)^(t)^(t>>(16-(n))))
static const DES_LONG des_skb[8][64] = {
{
/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
0x00000000L, 0x00000010L, 0x20000000L, 0x20000010L,
0x00010000L, 0x00010010L, 0x20010000L, 0x20010010L,
0x00000800L, 0x00000810L, 0x20000800L, 0x20000810L,
0x00010800L, 0x00010810L, 0x20010800L, 0x20010810L,
0x00000020L, 0x00000030L, 0x20000020L, 0x20000030L,
0x00010020L, 0x00010030L, 0x20010020L, 0x20010030L,
0x00000820L, 0x00000830L, 0x20000820L, 0x20000830L,
0x00010820L, 0x00010830L, 0x20010820L, 0x20010830L,
0x00080000L, 0x00080010L, 0x20080000L, 0x20080010L,
0x00090000L, 0x00090010L, 0x20090000L, 0x20090010L,
0x00080800L, 0x00080810L, 0x20080800L, 0x20080810L,
0x00090800L, 0x00090810L, 0x20090800L, 0x20090810L,
0x00080020L, 0x00080030L, 0x20080020L, 0x20080030L,
0x00090020L, 0x00090030L, 0x20090020L, 0x20090030L,
0x00080820L, 0x00080830L, 0x20080820L, 0x20080830L,
0x00090820L, 0x00090830L, 0x20090820L, 0x20090830L,
},
{
/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
0x00000000L, 0x02000000L, 0x00002000L, 0x02002000L,
0x00200000L, 0x02200000L, 0x00202000L, 0x02202000L,
0x00000004L, 0x02000004L, 0x00002004L, 0x02002004L,
0x00200004L, 0x02200004L, 0x00202004L, 0x02202004L,
0x00000400L, 0x02000400L, 0x00002400L, 0x02002400L,
0x00200400L, 0x02200400L, 0x00202400L, 0x02202400L,
0x00000404L, 0x02000404L, 0x00002404L, 0x02002404L,
0x00200404L, 0x02200404L, 0x00202404L, 0x02202404L,
0x10000000L, 0x12000000L, 0x10002000L, 0x12002000L,
0x10200000L, 0x12200000L, 0x10202000L, 0x12202000L,
0x10000004L, 0x12000004L, 0x10002004L, 0x12002004L,
0x10200004L, 0x12200004L, 0x10202004L, 0x12202004L,
0x10000400L, 0x12000400L, 0x10002400L, 0x12002400L,
0x10200400L, 0x12200400L, 0x10202400L, 0x12202400L,
0x10000404L, 0x12000404L, 0x10002404L, 0x12002404L,
0x10200404L, 0x12200404L, 0x10202404L, 0x12202404L,
},
{
/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
0x00000000L, 0x00000001L, 0x00040000L, 0x00040001L,
0x01000000L, 0x01000001L, 0x01040000L, 0x01040001L,
0x00000002L, 0x00000003L, 0x00040002L, 0x00040003L,
0x01000002L, 0x01000003L, 0x01040002L, 0x01040003L,
0x00000200L, 0x00000201L, 0x00040200L, 0x00040201L,
0x01000200L, 0x01000201L, 0x01040200L, 0x01040201L,
0x00000202L, 0x00000203L, 0x00040202L, 0x00040203L,
0x01000202L, 0x01000203L, 0x01040202L, 0x01040203L,
0x08000000L, 0x08000001L, 0x08040000L, 0x08040001L,
0x09000000L, 0x09000001L, 0x09040000L, 0x09040001L,
0x08000002L, 0x08000003L, 0x08040002L, 0x08040003L,
0x09000002L, 0x09000003L, 0x09040002L, 0x09040003L,
0x08000200L, 0x08000201L, 0x08040200L, 0x08040201L,
0x09000200L, 0x09000201L, 0x09040200L, 0x09040201L,
0x08000202L, 0x08000203L, 0x08040202L, 0x08040203L,
0x09000202L, 0x09000203L, 0x09040202L, 0x09040203L,
},
{
/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
0x00000000L, 0x00100000L, 0x00000100L, 0x00100100L,
0x00000008L, 0x00100008L, 0x00000108L, 0x00100108L,
0x00001000L, 0x00101000L, 0x00001100L, 0x00101100L,
0x00001008L, 0x00101008L, 0x00001108L, 0x00101108L,
0x04000000L, 0x04100000L, 0x04000100L, 0x04100100L,
0x04000008L, 0x04100008L, 0x04000108L, 0x04100108L,
0x04001000L, 0x04101000L, 0x04001100L, 0x04101100L,
0x04001008L, 0x04101008L, 0x04001108L, 0x04101108L,
0x00020000L, 0x00120000L, 0x00020100L, 0x00120100L,
0x00020008L, 0x00120008L, 0x00020108L, 0x00120108L,
0x00021000L, 0x00121000L, 0x00021100L, 0x00121100L,
0x00021008L, 0x00121008L, 0x00021108L, 0x00121108L,
0x04020000L, 0x04120000L, 0x04020100L, 0x04120100L,
0x04020008L, 0x04120008L, 0x04020108L, 0x04120108L,
0x04021000L, 0x04121000L, 0x04021100L, 0x04121100L,
0x04021008L, 0x04121008L, 0x04021108L, 0x04121108L,
},
{
/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
0x00000000L, 0x10000000L, 0x00010000L, 0x10010000L,
0x00000004L, 0x10000004L, 0x00010004L, 0x10010004L,
0x20000000L, 0x30000000L, 0x20010000L, 0x30010000L,
0x20000004L, 0x30000004L, 0x20010004L, 0x30010004L,
0x00100000L, 0x10100000L, 0x00110000L, 0x10110000L,
0x00100004L, 0x10100004L, 0x00110004L, 0x10110004L,
0x20100000L, 0x30100000L, 0x20110000L, 0x30110000L,
0x20100004L, 0x30100004L, 0x20110004L, 0x30110004L,
0x00001000L, 0x10001000L, 0x00011000L, 0x10011000L,
0x00001004L, 0x10001004L, 0x00011004L, 0x10011004L,
0x20001000L, 0x30001000L, 0x20011000L, 0x30011000L,
0x20001004L, 0x30001004L, 0x20011004L, 0x30011004L,
0x00101000L, 0x10101000L, 0x00111000L, 0x10111000L,
0x00101004L, 0x10101004L, 0x00111004L, 0x10111004L,
0x20101000L, 0x30101000L, 0x20111000L, 0x30111000L,
0x20101004L, 0x30101004L, 0x20111004L, 0x30111004L,
},
{
/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
0x00000000L, 0x08000000L, 0x00000008L, 0x08000008L,
0x00000400L, 0x08000400L, 0x00000408L, 0x08000408L,
0x00020000L, 0x08020000L, 0x00020008L, 0x08020008L,
0x00020400L, 0x08020400L, 0x00020408L, 0x08020408L,
0x00000001L, 0x08000001L, 0x00000009L, 0x08000009L,
0x00000401L, 0x08000401L, 0x00000409L, 0x08000409L,
0x00020001L, 0x08020001L, 0x00020009L, 0x08020009L,
0x00020401L, 0x08020401L, 0x00020409L, 0x08020409L,
0x02000000L, 0x0A000000L, 0x02000008L, 0x0A000008L,
0x02000400L, 0x0A000400L, 0x02000408L, 0x0A000408L,
0x02020000L, 0x0A020000L, 0x02020008L, 0x0A020008L,
0x02020400L, 0x0A020400L, 0x02020408L, 0x0A020408L,
0x02000001L, 0x0A000001L, 0x02000009L, 0x0A000009L,
0x02000401L, 0x0A000401L, 0x02000409L, 0x0A000409L,
0x02020001L, 0x0A020001L, 0x02020009L, 0x0A020009L,
0x02020401L, 0x0A020401L, 0x02020409L, 0x0A020409L,
},
{
/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
0x00000000L, 0x00000100L, 0x00080000L, 0x00080100L,
0x01000000L, 0x01000100L, 0x01080000L, 0x01080100L,
0x00000010L, 0x00000110L, 0x00080010L, 0x00080110L,
0x01000010L, 0x01000110L, 0x01080010L, 0x01080110L,
0x00200000L, 0x00200100L, 0x00280000L, 0x00280100L,
0x01200000L, 0x01200100L, 0x01280000L, 0x01280100L,
0x00200010L, 0x00200110L, 0x00280010L, 0x00280110L,
0x01200010L, 0x01200110L, 0x01280010L, 0x01280110L,
0x00000200L, 0x00000300L, 0x00080200L, 0x00080300L,
0x01000200L, 0x01000300L, 0x01080200L, 0x01080300L,
0x00000210L, 0x00000310L, 0x00080210L, 0x00080310L,
0x01000210L, 0x01000310L, 0x01080210L, 0x01080310L,
0x00200200L, 0x00200300L, 0x00280200L, 0x00280300L,
0x01200200L, 0x01200300L, 0x01280200L, 0x01280300L,
0x00200210L, 0x00200310L, 0x00280210L, 0x00280310L,
0x01200210L, 0x01200310L, 0x01280210L, 0x01280310L,
},
{
/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
0x00000000L, 0x04000000L, 0x00040000L, 0x04040000L,
0x00000002L, 0x04000002L, 0x00040002L, 0x04040002L,
0x00002000L, 0x04002000L, 0x00042000L, 0x04042000L,
0x00002002L, 0x04002002L, 0x00042002L, 0x04042002L,
0x00000020L, 0x04000020L, 0x00040020L, 0x04040020L,
0x00000022L, 0x04000022L, 0x00040022L, 0x04040022L,
0x00002020L, 0x04002020L, 0x00042020L, 0x04042020L,
0x00002022L, 0x04002022L, 0x00042022L, 0x04042022L,
0x00000800L, 0x04000800L, 0x00040800L, 0x04040800L,
0x00000802L, 0x04000802L, 0x00040802L, 0x04040802L,
0x00002800L, 0x04002800L, 0x00042800L, 0x04042800L,
0x00002802L, 0x04002802L, 0x00042802L, 0x04042802L,
0x00000820L, 0x04000820L, 0x00040820L, 0x04040820L,
0x00000822L, 0x04000822L, 0x00040822L, 0x04040822L,
0x00002820L, 0x04002820L, 0x00042820L, 0x04042820L,
0x00002822L, 0x04002822L, 0x00042822L, 0x04042822L,
}
};
int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
{
if (DES_check_key) {
return DES_set_key_checked(key, schedule);
} else {
DES_set_key_unchecked(key, schedule);
return 0;
}
}
/*-
* return 0 if key parity is odd (correct),
* return -1 if key parity error,
* return -2 if illegal weak key.
*/
int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
{
if (!DES_check_key_parity(key))
return -1;
if (DES_is_weak_key(key))
return -2;
DES_set_key_unchecked(key, schedule);
return 0;
}
void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
{
static const int shifts2[16] =
{ 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0 };
register DES_LONG c, d, t, s, t2;
register const unsigned char *in;
register DES_LONG *k;
register int i;
#ifdef OPENBSD_DEV_CRYPTO
memcpy(schedule->key, key, sizeof(schedule->key));
schedule->session = NULL;
#endif
k = &schedule->ks->deslong[0];
in = &(*key)[0];
c2l(in, c);
c2l(in, d);
/*
* do PC1 in 47 simple operations. Thanks to John Fletcher
* for the inspiration.
*/
PERM_OP(d, c, t, 4, 0x0f0f0f0fL);
HPERM_OP(c, t, -2, 0xcccc0000L);
HPERM_OP(d, t, -2, 0xcccc0000L);
PERM_OP(d, c, t, 1, 0x55555555L);
PERM_OP(c, d, t, 8, 0x00ff00ffL);
PERM_OP(d, c, t, 1, 0x55555555L);
d = (((d & 0x000000ffL) << 16L) | (d & 0x0000ff00L) |
((d & 0x00ff0000L) >> 16L) | ((c & 0xf0000000L) >> 4L));
c &= 0x0fffffffL;
for (i = 0; i < ITERATIONS; i++) {
if (shifts2[i]) {
c = ((c >> 2L) | (c << 26L));
d = ((d >> 2L) | (d << 26L));
} else {
c = ((c >> 1L) | (c << 27L));
d = ((d >> 1L) | (d << 27L));
}
c &= 0x0fffffffL;
d &= 0x0fffffffL;
/*
* could be a few less shifts but I am to lazy at this point in time
* to investigate
*/
s = des_skb[0][(c) & 0x3f] |
des_skb[1][((c >> 6L) & 0x03) | ((c >> 7L) & 0x3c)] |
des_skb[2][((c >> 13L) & 0x0f) | ((c >> 14L) & 0x30)] |
des_skb[3][((c >> 20L) & 0x01) | ((c >> 21L) & 0x06) |
((c >> 22L) & 0x38)];
t = des_skb[4][(d) & 0x3f] |
des_skb[5][((d >> 7L) & 0x03) | ((d >> 8L) & 0x3c)] |
des_skb[6][(d >> 15L) & 0x3f] |
des_skb[7][((d >> 21L) & 0x0f) | ((d >> 22L) & 0x30)];
/* table contained 0213 4657 */
t2 = ((t << 16L) | (s & 0x0000ffffL)) & 0xffffffffL;
*(k++) = ROTATE(t2, 30) & 0xffffffffL;
t2 = ((s >> 16L) | (t & 0xffff0000L));
*(k++) = ROTATE(t2, 26) & 0xffffffffL;
}
}
int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
{
return DES_set_key(key, schedule);
}

View file

@ -0,0 +1,163 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
const DES_LONG DES_SPtrans[8][64] = {
{
/* nibble 0 */
0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
},
{
/* nibble 1 */
0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
},
{
/* nibble 2 */
0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
},
{
/* nibble 3 */
0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
},
{
/* nibble 4 */
0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
},
{
/* nibble 5 */
0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
},
{
/* nibble 6 */
0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
},
{
/* nibble 7 */
0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
}
};

View file

@ -0,0 +1,77 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/crypto.h>
#include "des_locl.h"
void DES_string_to_key(const char *str, DES_cblock *key)
{
DES_key_schedule ks;
int i, length;
memset(key, 0, 8);
length = strlen(str);
for (i = 0; i < length; i++) {
register unsigned char j = str[i];
if ((i % 16) < 8)
(*key)[i % 8] ^= (j << 1);
else {
/* Reverse the bit order 05/05/92 eay */
j = ((j << 4) & 0xf0) | ((j >> 4) & 0x0f);
j = ((j << 2) & 0xcc) | ((j >> 2) & 0x33);
j = ((j << 1) & 0xaa) | ((j >> 1) & 0x55);
(*key)[7 - (i % 8)] ^= j;
}
}
DES_set_odd_parity(key);
DES_set_key_unchecked(key, &ks);
DES_cbc_cksum((const unsigned char *)str, key, length, &ks, key);
OPENSSL_cleanse(&ks, sizeof(ks));
DES_set_odd_parity(key);
}
void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
{
DES_key_schedule ks;
int i, length;
memset(key1, 0, 8);
memset(key2, 0, 8);
length = strlen(str);
for (i = 0; i < length; i++) {
register unsigned char j = str[i];
if ((i % 32) < 16) {
if ((i % 16) < 8)
(*key1)[i % 8] ^= (j << 1);
else
(*key2)[i % 8] ^= (j << 1);
} else {
j = ((j << 4) & 0xf0) | ((j >> 4) & 0x0f);
j = ((j << 2) & 0xcc) | ((j >> 2) & 0x33);
j = ((j << 1) & 0xaa) | ((j >> 1) & 0x55);
if ((i % 16) < 8)
(*key1)[7 - (i % 8)] ^= j;
else
(*key2)[7 - (i % 8)] ^= j;
}
}
if (length <= 8)
memcpy(key2, key1, 8);
DES_set_odd_parity(key1);
DES_set_odd_parity(key2);
DES_set_key_unchecked(key1, &ks);
DES_cbc_cksum((const unsigned char *)str, key1, length, &ks, key1);
DES_set_key_unchecked(key2, &ks);
DES_cbc_cksum((const unsigned char *)str, key2, length, &ks, key2);
OPENSSL_cleanse(&ks, sizeof(ks));
DES_set_odd_parity(key1);
DES_set_odd_parity(key2);
}

View file

@ -0,0 +1,103 @@
/*
* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "des_locl.h"
/* RSA's DESX */
void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *schedule,
DES_cblock *ivec, const_DES_cblock *inw,
const_DES_cblock *outw, int enc)
{
register DES_LONG tin0, tin1;
register DES_LONG tout0, tout1, xor0, xor1;
register DES_LONG inW0, inW1, outW0, outW1;
register const unsigned char *in2;
register long l = length;
DES_LONG tin[2];
unsigned char *iv;
in2 = &(*inw)[0];
c2l(in2, inW0);
c2l(in2, inW1);
in2 = &(*outw)[0];
c2l(in2, outW0);
c2l(in2, outW1);
iv = &(*ivec)[0];
if (enc) {
c2l(iv, tout0);
c2l(iv, tout1);
for (l -= 8; l >= 0; l -= 8) {
c2l(in, tin0);
c2l(in, tin1);
tin0 ^= tout0 ^ inW0;
tin[0] = tin0;
tin1 ^= tout1 ^ inW1;
tin[1] = tin1;
DES_encrypt1(tin, schedule, DES_ENCRYPT);
tout0 = tin[0] ^ outW0;
l2c(tout0, out);
tout1 = tin[1] ^ outW1;
l2c(tout1, out);
}
if (l != -8) {
c2ln(in, tin0, tin1, l + 8);
tin0 ^= tout0 ^ inW0;
tin[0] = tin0;
tin1 ^= tout1 ^ inW1;
tin[1] = tin1;
DES_encrypt1(tin, schedule, DES_ENCRYPT);
tout0 = tin[0] ^ outW0;
l2c(tout0, out);
tout1 = tin[1] ^ outW1;
l2c(tout1, out);
}
iv = &(*ivec)[0];
l2c(tout0, iv);
l2c(tout1, iv);
} else {
c2l(iv, xor0);
c2l(iv, xor1);
for (l -= 8; l > 0; l -= 8) {
c2l(in, tin0);
tin[0] = tin0 ^ outW0;
c2l(in, tin1);
tin[1] = tin1 ^ outW1;
DES_encrypt1(tin, schedule, DES_DECRYPT);
tout0 = tin[0] ^ xor0 ^ inW0;
tout1 = tin[1] ^ xor1 ^ inW1;
l2c(tout0, out);
l2c(tout1, out);
xor0 = tin0;
xor1 = tin1;
}
if (l != -8) {
c2l(in, tin0);
tin[0] = tin0 ^ outW0;
c2l(in, tin1);
tin[1] = tin1 ^ outW1;
DES_encrypt1(tin, schedule, DES_DECRYPT);
tout0 = tin[0] ^ xor0 ^ inW0;
tout1 = tin[1] ^ xor1 ^ inW1;
l2cn(tout0, tout1, out, l + 8);
xor0 = tin0;
xor1 = tin1;
}
iv = &(*ivec)[0];
l2c(xor0, iv);
l2c(xor1, iv);
}
tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
inW0 = inW1 = outW0 = outW1 = 0;
tin[0] = tin[1] = 0;
}