3 * des.c : Source code for the DES block cipher
5 * Part of the Python Cryptography Toolkit
7 * Distribute and use freely; there are no restrictions on further
8 * dissemination and usage except those imposed by the laws of your
9 * country of residence.
14 /* Copyright (C) 1993 Eric Young */
15 /* Integrated into the PCT by A.M. Kuchling, November 1994 */
16 /* Fully independent key mode added by Wim Lewis, July 1997 */
20 #define MODULE_NAME DES3
24 typedef unsigned char des_cblock[8];
27 /* Copyright (C) 1993 Eric Young - see README for more details */
29 #define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
30 l|=((unsigned long)(*((c)++)))<< 8, \
31 l|=((unsigned long)(*((c)++)))<<16, \
32 l|=((unsigned long)(*((c)++)))<<24)
34 /* NOTE - c is not incremented as per c2l */
35 #define c2ln(c,l1,l2,n) { \
39 case 8: l2|=((unsigned long)(*(--(c))))<<24; \
40 case 7: l2|=((unsigned long)(*(--(c))))<<16; \
41 case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
42 case 5: l2|=((unsigned long)(*(--(c)))); \
43 case 4: l1|=((unsigned long)(*(--(c))))<<24; \
44 case 3: l1|=((unsigned long)(*(--(c))))<<16; \
45 case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
46 case 1: l1|=((unsigned long)(*(--(c)))); \
50 #define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
51 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
52 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
53 *((c)++)=(unsigned char)(((l)>>24)&0xff))
55 /* replacements for htonl and ntohl since I have no idea what to do
56 * when faced with machines with 8 byte longs. */
59 #define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
60 l|=((unsigned long)(*((c)++)))<<16, \
61 l|=((unsigned long)(*((c)++)))<< 8, \
62 l|=((unsigned long)(*((c)++))))
64 #define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
65 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
66 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
67 *((c)++)=(unsigned char)(((l) )&0xff))
69 /* NOTE - c is not incremented as per l2c */
70 #define l2cn(l1,l2,c,n) { \
73 case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
74 case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
75 case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
76 case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
77 case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
78 case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
79 case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
80 case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
84 #define D_ENCRYPT(L,R,S) \
88 L^= des_SPtrans[1][(t )&0x3f]| \
89 des_SPtrans[3][(t>> 8)&0x3f]| \
90 des_SPtrans[5][(t>>16)&0x3f]| \
91 des_SPtrans[7][(t>>24)&0x3f]| \
92 des_SPtrans[0][(u )&0x3f]| \
93 des_SPtrans[2][(u>> 8)&0x3f]| \
94 des_SPtrans[4][(u>>16)&0x3f]| \
95 des_SPtrans[6][(u>>24)&0x3f];
98 * The problem is more of a geometric problem that random bit fiddling.
99 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
100 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
101 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
102 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
104 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
105 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
106 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
107 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
109 The output has been subject to swaps of the form
110 0 1 -> 3 1 but the odd and even bits have been put into
112 different words. The main trick is to remember that
113 t=((l>>size)^r)&(mask);
116 can be used to swap and move bits between words.
118 So l = 0 1 2 3 r = 16 17 18 19
120 8 9 10 11 24 25 26 27
121 12 13 14 15 28 29 30 31
122 becomes (for size == 2 and mask == 0x3333)
123 t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
124 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
125 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
126 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
128 Thanks for hints from Richard Outerbridge - he told me IP&FP
129 could be done in 15 xor, 10 shifts and 5 ands.
130 When I finally started to think of the problem in 2D
131 I first got ~42 operations without xors. When I remembered
132 how to use xors :-) I got it to its final state.
134 #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
141 /* Copyright (C) 1993 Eric Young - see README for more details */
142 static unsigned long des_SPtrans[8][64]={
144 {0x00820200, 0x00020000, 0x80800000, 0x80820200,
145 0x00800000, 0x80020200, 0x80020000, 0x80800000,
146 0x80020200, 0x00820200, 0x00820000, 0x80000200,
147 0x80800200, 0x00800000, 0x00000000, 0x80020000,
148 0x00020000, 0x80000000, 0x00800200, 0x00020200,
149 0x80820200, 0x00820000, 0x80000200, 0x00800200,
150 0x80000000, 0x00000200, 0x00020200, 0x80820000,
151 0x00000200, 0x80800200, 0x80820000, 0x00000000,
152 0x00000000, 0x80820200, 0x00800200, 0x80020000,
153 0x00820200, 0x00020000, 0x80000200, 0x00800200,
154 0x80820000, 0x00000200, 0x00020200, 0x80800000,
155 0x80020200, 0x80000000, 0x80800000, 0x00820000,
156 0x80820200, 0x00020200, 0x00820000, 0x80800200,
157 0x00800000, 0x80000200, 0x80020000, 0x00000000,
158 0x00020000, 0x00800000, 0x80800200, 0x00820200,
159 0x80000000, 0x80820000, 0x00000200, 0x80020200},
162 {0x10042004, 0x00000000, 0x00042000, 0x10040000,
163 0x10000004, 0x00002004, 0x10002000, 0x00042000,
164 0x00002000, 0x10040004, 0x00000004, 0x10002000,
165 0x00040004, 0x10042000, 0x10040000, 0x00000004,
166 0x00040000, 0x10002004, 0x10040004, 0x00002000,
167 0x00042004, 0x10000000, 0x00000000, 0x00040004,
168 0x10002004, 0x00042004, 0x10042000, 0x10000004,
169 0x10000000, 0x00040000, 0x00002004, 0x10042004,
170 0x00040004, 0x10042000, 0x10002000, 0x00042004,
171 0x10042004, 0x00040004, 0x10000004, 0x00000000,
172 0x10000000, 0x00002004, 0x00040000, 0x10040004,
173 0x00002000, 0x10000000, 0x00042004, 0x10002004,
174 0x10042000, 0x00002000, 0x00000000, 0x10000004,
175 0x00000004, 0x10042004, 0x00042000, 0x10040000,
176 0x10040004, 0x00040000, 0x00002004, 0x10002000,
177 0x10002004, 0x00000004, 0x10040000, 0x00042000},
180 {0x41000000, 0x01010040, 0x00000040, 0x41000040,
181 0x40010000, 0x01000000, 0x41000040, 0x00010040,
182 0x01000040, 0x00010000, 0x01010000, 0x40000000,
183 0x41010040, 0x40000040, 0x40000000, 0x41010000,
184 0x00000000, 0x40010000, 0x01010040, 0x00000040,
185 0x40000040, 0x41010040, 0x00010000, 0x41000000,
186 0x41010000, 0x01000040, 0x40010040, 0x01010000,
187 0x00010040, 0x00000000, 0x01000000, 0x40010040,
188 0x01010040, 0x00000040, 0x40000000, 0x00010000,
189 0x40000040, 0x40010000, 0x01010000, 0x41000040,
190 0x00000000, 0x01010040, 0x00010040, 0x41010000,
191 0x40010000, 0x01000000, 0x41010040, 0x40000000,
192 0x40010040, 0x41000000, 0x01000000, 0x41010040,
193 0x00010000, 0x01000040, 0x41000040, 0x00010040,
194 0x01000040, 0x00000000, 0x41010000, 0x40000040,
195 0x41000000, 0x40010040, 0x00000040, 0x01010000},
198 {0x00100402, 0x04000400, 0x00000002, 0x04100402,
199 0x00000000, 0x04100000, 0x04000402, 0x00100002,
200 0x04100400, 0x04000002, 0x04000000, 0x00000402,
201 0x04000002, 0x00100402, 0x00100000, 0x04000000,
202 0x04100002, 0x00100400, 0x00000400, 0x00000002,
203 0x00100400, 0x04000402, 0x04100000, 0x00000400,
204 0x00000402, 0x00000000, 0x00100002, 0x04100400,
205 0x04000400, 0x04100002, 0x04100402, 0x00100000,
206 0x04100002, 0x00000402, 0x00100000, 0x04000002,
207 0x00100400, 0x04000400, 0x00000002, 0x04100000,
208 0x04000402, 0x00000000, 0x00000400, 0x00100002,
209 0x00000000, 0x04100002, 0x04100400, 0x00000400,
210 0x04000000, 0x04100402, 0x00100402, 0x00100000,
211 0x04100402, 0x00000002, 0x04000400, 0x00100402,
212 0x00100002, 0x00100400, 0x04100000, 0x04000402,
213 0x00000402, 0x04000000, 0x04000002, 0x04100400},
216 {0x02000000, 0x00004000, 0x00000100, 0x02004108,
217 0x02004008, 0x02000100, 0x00004108, 0x02004000,
218 0x00004000, 0x00000008, 0x02000008, 0x00004100,
219 0x02000108, 0x02004008, 0x02004100, 0x00000000,
220 0x00004100, 0x02000000, 0x00004008, 0x00000108,
221 0x02000100, 0x00004108, 0x00000000, 0x02000008,
222 0x00000008, 0x02000108, 0x02004108, 0x00004008,
223 0x02004000, 0x00000100, 0x00000108, 0x02004100,
224 0x02004100, 0x02000108, 0x00004008, 0x02004000,
225 0x00004000, 0x00000008, 0x02000008, 0x02000100,
226 0x02000000, 0x00004100, 0x02004108, 0x00000000,
227 0x00004108, 0x02000000, 0x00000100, 0x00004008,
228 0x02000108, 0x00000100, 0x00000000, 0x02004108,
229 0x02004008, 0x02004100, 0x00000108, 0x00004000,
230 0x00004100, 0x02004008, 0x02000100, 0x00000108,
231 0x00000008, 0x00004108, 0x02004000, 0x02000008},
234 {0x20000010, 0x00080010, 0x00000000, 0x20080800,
235 0x00080010, 0x00000800, 0x20000810, 0x00080000,
236 0x00000810, 0x20080810, 0x00080800, 0x20000000,
237 0x20000800, 0x20000010, 0x20080000, 0x00080810,
238 0x00080000, 0x20000810, 0x20080010, 0x00000000,
239 0x00000800, 0x00000010, 0x20080800, 0x20080010,
240 0x20080810, 0x20080000, 0x20000000, 0x00000810,
241 0x00000010, 0x00080800, 0x00080810, 0x20000800,
242 0x00000810, 0x20000000, 0x20000800, 0x00080810,
243 0x20080800, 0x00080010, 0x00000000, 0x20000800,
244 0x20000000, 0x00000800, 0x20080010, 0x00080000,
245 0x00080010, 0x20080810, 0x00080800, 0x00000010,
246 0x20080810, 0x00080800, 0x00080000, 0x20000810,
247 0x20000010, 0x20080000, 0x00080810, 0x00000000,
248 0x00000800, 0x20000010, 0x20000810, 0x20080800,
249 0x20080000, 0x00000810, 0x00000010, 0x20080010},
252 {0x00001000, 0x00000080, 0x00400080, 0x00400001,
253 0x00401081, 0x00001001, 0x00001080, 0x00000000,
254 0x00400000, 0x00400081, 0x00000081, 0x00401000,
255 0x00000001, 0x00401080, 0x00401000, 0x00000081,
256 0x00400081, 0x00001000, 0x00001001, 0x00401081,
257 0x00000000, 0x00400080, 0x00400001, 0x00001080,
258 0x00401001, 0x00001081, 0x00401080, 0x00000001,
259 0x00001081, 0x00401001, 0x00000080, 0x00400000,
260 0x00001081, 0x00401000, 0x00401001, 0x00000081,
261 0x00001000, 0x00000080, 0x00400000, 0x00401001,
262 0x00400081, 0x00001081, 0x00001080, 0x00000000,
263 0x00000080, 0x00400001, 0x00000001, 0x00400080,
264 0x00000000, 0x00400081, 0x00400080, 0x00001080,
265 0x00000081, 0x00001000, 0x00401081, 0x00400000,
266 0x00401080, 0x00000001, 0x00001001, 0x00401081,
267 0x00400001, 0x00401080, 0x00401000, 0x00001001},
270 {0x08200020, 0x08208000, 0x00008020, 0x00000000,
271 0x08008000, 0x00200020, 0x08200000, 0x08208020,
272 0x00000020, 0x08000000, 0x00208000, 0x00008020,
273 0x00208020, 0x08008020, 0x08000020, 0x08200000,
274 0x00008000, 0x00208020, 0x00200020, 0x08008000,
275 0x08208020, 0x08000020, 0x00000000, 0x00208000,
276 0x08000000, 0x00200000, 0x08008020, 0x08200020,
277 0x00200000, 0x00008000, 0x08208000, 0x00000020,
278 0x00200000, 0x00008000, 0x08000020, 0x08208020,
279 0x00008020, 0x08000000, 0x00000000, 0x00208000,
280 0x08200020, 0x08008020, 0x08008000, 0x00200020,
281 0x08208000, 0x00000020, 0x00200020, 0x08008000,
282 0x08208020, 0x00200000, 0x08200000, 0x08000020,
283 0x00208000, 0x00008020, 0x08008020, 0x08200000,
284 0x00000020, 0x08208000, 0x00208020, 0x00000000,
285 0x08000000, 0x08200020, 0x00008000, 0x00208020}};
287 static unsigned long des_skb[8][64]={
288 /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
289 {0x00000000,0x00000010,0x20000000,0x20000010,
290 0x00010000,0x00010010,0x20010000,0x20010010,
291 0x00000800,0x00000810,0x20000800,0x20000810,
292 0x00010800,0x00010810,0x20010800,0x20010810,
293 0x00000020,0x00000030,0x20000020,0x20000030,
294 0x00010020,0x00010030,0x20010020,0x20010030,
295 0x00000820,0x00000830,0x20000820,0x20000830,
296 0x00010820,0x00010830,0x20010820,0x20010830,
297 0x00080000,0x00080010,0x20080000,0x20080010,
298 0x00090000,0x00090010,0x20090000,0x20090010,
299 0x00080800,0x00080810,0x20080800,0x20080810,
300 0x00090800,0x00090810,0x20090800,0x20090810,
301 0x00080020,0x00080030,0x20080020,0x20080030,
302 0x00090020,0x00090030,0x20090020,0x20090030,
303 0x00080820,0x00080830,0x20080820,0x20080830,
304 0x00090820,0x00090830,0x20090820,0x20090830},
305 /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
306 {0x00000000,0x02000000,0x00002000,0x02002000,
307 0x00200000,0x02200000,0x00202000,0x02202000,
308 0x00000004,0x02000004,0x00002004,0x02002004,
309 0x00200004,0x02200004,0x00202004,0x02202004,
310 0x00000400,0x02000400,0x00002400,0x02002400,
311 0x00200400,0x02200400,0x00202400,0x02202400,
312 0x00000404,0x02000404,0x00002404,0x02002404,
313 0x00200404,0x02200404,0x00202404,0x02202404,
314 0x10000000,0x12000000,0x10002000,0x12002000,
315 0x10200000,0x12200000,0x10202000,0x12202000,
316 0x10000004,0x12000004,0x10002004,0x12002004,
317 0x10200004,0x12200004,0x10202004,0x12202004,
318 0x10000400,0x12000400,0x10002400,0x12002400,
319 0x10200400,0x12200400,0x10202400,0x12202400,
320 0x10000404,0x12000404,0x10002404,0x12002404,
321 0x10200404,0x12200404,0x10202404,0x12202404},
322 /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
323 {0x00000000,0x00000001,0x00040000,0x00040001,
324 0x01000000,0x01000001,0x01040000,0x01040001,
325 0x00000002,0x00000003,0x00040002,0x00040003,
326 0x01000002,0x01000003,0x01040002,0x01040003,
327 0x00000200,0x00000201,0x00040200,0x00040201,
328 0x01000200,0x01000201,0x01040200,0x01040201,
329 0x00000202,0x00000203,0x00040202,0x00040203,
330 0x01000202,0x01000203,0x01040202,0x01040203,
331 0x08000000,0x08000001,0x08040000,0x08040001,
332 0x09000000,0x09000001,0x09040000,0x09040001,
333 0x08000002,0x08000003,0x08040002,0x08040003,
334 0x09000002,0x09000003,0x09040002,0x09040003,
335 0x08000200,0x08000201,0x08040200,0x08040201,
336 0x09000200,0x09000201,0x09040200,0x09040201,
337 0x08000202,0x08000203,0x08040202,0x08040203,
338 0x09000202,0x09000203,0x09040202,0x09040203},
339 /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
340 {0x00000000,0x00100000,0x00000100,0x00100100,
341 0x00000008,0x00100008,0x00000108,0x00100108,
342 0x00001000,0x00101000,0x00001100,0x00101100,
343 0x00001008,0x00101008,0x00001108,0x00101108,
344 0x04000000,0x04100000,0x04000100,0x04100100,
345 0x04000008,0x04100008,0x04000108,0x04100108,
346 0x04001000,0x04101000,0x04001100,0x04101100,
347 0x04001008,0x04101008,0x04001108,0x04101108,
348 0x00020000,0x00120000,0x00020100,0x00120100,
349 0x00020008,0x00120008,0x00020108,0x00120108,
350 0x00021000,0x00121000,0x00021100,0x00121100,
351 0x00021008,0x00121008,0x00021108,0x00121108,
352 0x04020000,0x04120000,0x04020100,0x04120100,
353 0x04020008,0x04120008,0x04020108,0x04120108,
354 0x04021000,0x04121000,0x04021100,0x04121100,
355 0x04021008,0x04121008,0x04021108,0x04121108},
356 /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
357 {0x00000000,0x10000000,0x00010000,0x10010000,
358 0x00000004,0x10000004,0x00010004,0x10010004,
359 0x20000000,0x30000000,0x20010000,0x30010000,
360 0x20000004,0x30000004,0x20010004,0x30010004,
361 0x00100000,0x10100000,0x00110000,0x10110000,
362 0x00100004,0x10100004,0x00110004,0x10110004,
363 0x20100000,0x30100000,0x20110000,0x30110000,
364 0x20100004,0x30100004,0x20110004,0x30110004,
365 0x00001000,0x10001000,0x00011000,0x10011000,
366 0x00001004,0x10001004,0x00011004,0x10011004,
367 0x20001000,0x30001000,0x20011000,0x30011000,
368 0x20001004,0x30001004,0x20011004,0x30011004,
369 0x00101000,0x10101000,0x00111000,0x10111000,
370 0x00101004,0x10101004,0x00111004,0x10111004,
371 0x20101000,0x30101000,0x20111000,0x30111000,
372 0x20101004,0x30101004,0x20111004,0x30111004},
373 /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
374 {0x00000000,0x08000000,0x00000008,0x08000008,
375 0x00000400,0x08000400,0x00000408,0x08000408,
376 0x00020000,0x08020000,0x00020008,0x08020008,
377 0x00020400,0x08020400,0x00020408,0x08020408,
378 0x00000001,0x08000001,0x00000009,0x08000009,
379 0x00000401,0x08000401,0x00000409,0x08000409,
380 0x00020001,0x08020001,0x00020009,0x08020009,
381 0x00020401,0x08020401,0x00020409,0x08020409,
382 0x02000000,0x0A000000,0x02000008,0x0A000008,
383 0x02000400,0x0A000400,0x02000408,0x0A000408,
384 0x02020000,0x0A020000,0x02020008,0x0A020008,
385 0x02020400,0x0A020400,0x02020408,0x0A020408,
386 0x02000001,0x0A000001,0x02000009,0x0A000009,
387 0x02000401,0x0A000401,0x02000409,0x0A000409,
388 0x02020001,0x0A020001,0x02020009,0x0A020009,
389 0x02020401,0x0A020401,0x02020409,0x0A020409},
390 /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
391 {0x00000000,0x00000100,0x00080000,0x00080100,
392 0x01000000,0x01000100,0x01080000,0x01080100,
393 0x00000010,0x00000110,0x00080010,0x00080110,
394 0x01000010,0x01000110,0x01080010,0x01080110,
395 0x00200000,0x00200100,0x00280000,0x00280100,
396 0x01200000,0x01200100,0x01280000,0x01280100,
397 0x00200010,0x00200110,0x00280010,0x00280110,
398 0x01200010,0x01200110,0x01280010,0x01280110,
399 0x00000200,0x00000300,0x00080200,0x00080300,
400 0x01000200,0x01000300,0x01080200,0x01080300,
401 0x00000210,0x00000310,0x00080210,0x00080310,
402 0x01000210,0x01000310,0x01080210,0x01080310,
403 0x00200200,0x00200300,0x00280200,0x00280300,
404 0x01200200,0x01200300,0x01280200,0x01280300,
405 0x00200210,0x00200310,0x00280210,0x00280310,
406 0x01200210,0x01200310,0x01280210,0x01280310},
407 /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
408 {0x00000000,0x04000000,0x00040000,0x04040000,
409 0x00000002,0x04000002,0x00040002,0x04040002,
410 0x00002000,0x04002000,0x00042000,0x04042000,
411 0x00002002,0x04002002,0x00042002,0x04042002,
412 0x00000020,0x04000020,0x00040020,0x04040020,
413 0x00000022,0x04000022,0x00040022,0x04040022,
414 0x00002020,0x04002020,0x00042020,0x04042020,
415 0x00002022,0x04002022,0x00042022,0x04042022,
416 0x00000800,0x04000800,0x00040800,0x04040800,
417 0x00000802,0x04000802,0x00040802,0x04040802,
418 0x00002800,0x04002800,0x00042800,0x04042800,
419 0x00002802,0x04002802,0x00042802,0x04042802,
420 0x00000820,0x04000820,0x00040820,0x04040820,
421 0x00000822,0x04000822,0x00040822,0x04040822,
422 0x00002820,0x04002820,0x00042820,0x04042820,
423 0x00002822,0x04002822,0x00042822,0x04042822}
426 typedef struct des_ks_struct
430 /* make sure things are correct size on machines with
432 unsigned long pad[2];
435 } des_key_schedule[16];
439 des_key_schedule KeySched1, KeySched2, KeySched3;
442 static int des_encrypt(unsigned long *input, unsigned long *output,
443 des_key_schedule ks, int encrypt)
445 register unsigned long l,r,t,u;
447 register unsigned long *s;
453 PERM_OP(r,l,t, 4,0x0f0f0f0f);
454 PERM_OP(l,r,t,16,0x0000ffff);
455 PERM_OP(r,l,t, 2,0x33333333);
456 PERM_OP(l,r,t, 8,0x00ff00ff);
457 PERM_OP(r,l,t, 1,0x55555555);
458 /* r and l are reversed - remember that :-) - fix
459 * it in the next step */
461 /* Things have been modified so that the initial rotate is
462 * done outside the loop. This required the
463 * des_SPtrans values in sp.h to be rotated 1 bit to the right.
464 * One perl script later and things have a 5% speed up on a sparc2.
465 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
466 * for pointing this out. */
471 /* clear the top bits on machines with 8byte longs */
475 s=(unsigned long *)ks;
476 /* I don't know if it is worth the effort of loop unrolling the
480 for (i=0; i<32; i+=4)
482 D_ENCRYPT(l,r,i+0); /* 1 */
483 D_ENCRYPT(r,l,i+2); /* 2 */
488 for (i=30; i>0; i-=4)
490 D_ENCRYPT(l,r,i-0); /* 16 */
491 D_ENCRYPT(r,l,i-2); /* 15 */
496 /* clear the top bits on machines with 8byte longs */
501 * we will not do the swap so just remember they are
502 * reversed for the rest of the subroutine
503 * luckily FP fixes this problem :-) */
505 PERM_OP(r,l,t, 1,0x55555555);
506 PERM_OP(l,r,t, 8,0x00ff00ff);
507 PERM_OP(r,l,t, 2,0x33333333);
508 PERM_OP(l,r,t,16,0x0000ffff);
509 PERM_OP(r,l,t, 4,0x0f0f0f0f);
517 static int des_ecb_encrypt(des_cblock *input, des_cblock *output,
518 des_key_schedule ks, int encrypt)
520 register unsigned long l0,l1;
521 register unsigned char *in,*out;
524 in=(unsigned char *)input;
525 out=(unsigned char *)output;
530 des_encrypt(ll,ll,ks,encrypt);
541 static void block_decrypt(block_state *self,
545 des_cblock output, output2;
547 des_ecb_encrypt((des_cblock *)in, &output, self->KeySched3, 0);
548 des_ecb_encrypt(&output, &output2, self->KeySched2, 1);
549 des_ecb_encrypt(&output2, (des_cblock *)out, self->KeySched1, 0);
552 static void block_encrypt(block_state *self,
556 des_cblock output, output2;
558 des_ecb_encrypt((des_cblock *)in, &output, self->KeySched1, 1);
559 des_ecb_encrypt(&output, &output2, self->KeySched2, 0);
560 des_ecb_encrypt(&output2, (des_cblock *)out, self->KeySched3, 1);
563 /* NOW DEFINED IN des_local.h
564 * See ecb_encrypt.c for a pseudo description of these macros.
565 * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
567 * (a)=((a)^((t)<<(n))))
570 #define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
571 (a)=(a)^(t)^(t>>(16-(n))))
573 static char shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
575 static int des_set_key(des_cblock *key, des_key_schedule schedule)
577 register unsigned long c,d,t,s;
578 register unsigned char *in;
579 register unsigned long *k;
582 k=(unsigned long *)schedule;
583 in=(unsigned char *)key;
588 /* do PC1 in 60 simple operations */
589 /* PERM_OP(d,c,t,4,0x0f0f0f0f);
590 HPERM_OP(c,t,-2, 0xcccc0000);
591 HPERM_OP(c,t,-1, 0xaaaa0000);
592 HPERM_OP(c,t, 8, 0x00ff0000);
593 HPERM_OP(c,t,-1, 0xaaaa0000);
594 HPERM_OP(d,t,-8, 0xff000000);
595 HPERM_OP(d,t, 8, 0x00ff0000);
596 HPERM_OP(d,t, 2, 0x33330000);
597 d=((d&0x00aa00aa)<<7)|((d&0x55005500)>>7)|(d&0xaa55aa55);
598 d=(d>>8)|((c&0xf0000000)>>4);
601 /* I now do it in 47 simple operations :-)
602 * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
603 * for the inspiration. :-) */
604 PERM_OP (d,c,t,4,0x0f0f0f0f);
605 HPERM_OP(c,t,-2,0xcccc0000);
606 HPERM_OP(d,t,-2,0xcccc0000);
607 PERM_OP (d,c,t,1,0x55555555);
608 PERM_OP (c,d,t,8,0x00ff00ff);
609 PERM_OP (d,c,t,1,0x55555555);
610 d= (((d&0x000000ff)<<16)| (d&0x0000ff00) |
611 ((d&0x00ff0000)>>16)|((c&0xf0000000)>>4));
617 { c=((c>>2)|(c<<26)); d=((d>>2)|(d<<26)); }
619 { c=((c>>1)|(c<<27)); d=((d>>1)|(d<<27)); }
622 /* could be a few less shifts but I am to lazy at this
623 * point in time to investigate */
624 s= des_skb[0][ (c )&0x3f ]|
625 des_skb[1][((c>> 6)&0x03)|((c>> 7)&0x3c)]|
626 des_skb[2][((c>>13)&0x0f)|((c>>14)&0x30)]|
627 des_skb[3][((c>>20)&0x01)|((c>>21)&0x06) |
629 t= des_skb[4][ (d )&0x3f ]|
630 des_skb[5][((d>> 7)&0x03)|((d>> 8)&0x3c)]|
631 des_skb[6][ (d>>15)&0x3f ]|
632 des_skb[7][((d>>21)&0x0f)|((d>>22)&0x30)];
634 /* table contained 0213 4657 */
635 *(k++)=((t<<16)|(s&0x0000ffff))&0xffffffff;
636 s= ((s>>16)|(t&0xffff0000));
644 static const unsigned char odd_parity[256]={
645 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
646 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
647 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
648 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
649 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
650 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
651 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
652 112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
653 128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
654 145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
655 161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
656 176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
657 193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
658 208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
659 224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
660 241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
662 static void block_init(block_state *self, unsigned char *key,
668 if (keylength != 16 && keylength != 24) {
669 PyErr_SetString(PyExc_ValueError,
670 "DES3 key must be either 16 or 24 bytes long");
674 for (i=0; i<keylength; i++)
676 oddkey[i]=odd_parity[ key[i] ];
678 des_set_key((des_cblock *)(oddkey+0), self->KeySched1);
679 des_set_key((des_cblock *)(oddkey+8), self->KeySched2);
680 if (keylength == 24) {
681 des_set_key((des_cblock *)(oddkey+16), self->KeySched3);
683 memcpy(self->KeySched3, self->KeySched1,
684 sizeof(self->KeySched3));
688 #include "block_template.c"
projects / tahoe-lafs / tahoe-lafs.git / blob