| blob | eb9902e57c12d21a1d19e00725e49f8a6e734591 |
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
22 /*
23 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
27 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
28 /* All Rights Reserved */
30 /*
31 * Portions of this source code were derived from Berkeley 4.3 BSD
32 * under license from the Regents of the University of California.
33 */
35 /*
36 * Warning! Things are arranged very carefully in this file to
37 * allow read-only data to be moved to the text segment. The
38 * various DES tables must appear before any function definitions
39 * (this is arranged by including them immediately below) and partab
40 * must also appear before and function definitions
41 * This arrangement allows all data up through the first text to
42 * be moved to text.
43 */
45 #ifndef _KERNEL
47 #endif
49 #ifdef CRYPT
50 #include <sys/types.h>
51 #include <des/softdes.h>
52 #include <des/desdata.h>
54 #ifdef sun
55 #include <sys/ioctl.h>
56 #include <sys/des.h>
57 #else
58 #include <des/des.h>
59 #endif
63 /*
64 * Fast (?) software implementation of DES
65 * Has been seen going at 2000 bytes/sec on a Sun-2
66 * Works on a VAX too.
67 * Won't work without 8 bit chars and 32 bit longs
68 */
70 #define btst(k, b) (k[b >> 3] & (0x80 >> (b & 07)))
71 #define BIT28 (1<<28)
79 #ifndef _KERNEL
80 /*
81 * Table giving odd parity in the low bit for ASCII characters
82 */
100 };
104 /*
105 * Add odd parity to low bit of 8 byte key
106 */
107 void
109 {
114 p++;
115 }
116 }
119 #ifdef CRYPT
120 /*
121 * Software encrypt or decrypt a block of data (multiple of 8 bytes)
122 * Do the CBC ourselves if needed.
123 */
124 int
126 {
154 }
156 }
161 }
164 }
166 }
169 /*
170 * Set the key and direction for an encryption operation
171 * We build the 16 key entries here
172 */
173 static void
175 {
179 /*
180 * First, generate C and D by permuting
181 * the key. The low order bit of each
182 * 8-bit char is not used, so C and D are only 28
183 * bits apiece.
184 */
185 {
199 }
200 }
201 /*
202 * To generate Ki, rotate C and D according
203 * to schedule and pick up a permutation
204 * using PC2.
205 */
211 /*
212 * Do the "left shift" (rotate)
213 * We know we always rotate by either 1 or 2 bits
214 * the shifts table tells us if its 2
215 */
229 }
230 /*
231 * get Ki. Note C and D are concatenated.
232 */
239 }
249 bit++;
250 }
252 }
254 }
255 }
259 /*
260 * Do an encryption operation
261 * Much pain is taken (with preprocessor) to avoid loops so the compiler
262 * can do address arithmetic instead of doing it at runtime.
263 * Note that the byte-to-chunk conversion is necessary to guarantee
264 * processor byte-order independence.
265 */
266 static void
268 {
271 /*
272 * Initial permutation
273 * and byte to chunk conversion
274 */
275 {
295 else
297 }
298 }
305 else
307 }
308 }
311 }
313 /*
314 * Expand 8 bits of 32 bit R to 48 bit R
315 */
316 #define do_R_to_ER(op, b) { \
317 const struct R_to_ER *p = &R_to_ER_tab[b][R.byte##b]; \
318 e0 op p->l0; \
319 e1 op p->l1; \
320 }
322 /*
323 * Inner part of the algorithm:
324 * Expand R from 32 to 48 bits; xor key value;
325 * apply S boxes; permute 32 bits of output
326 */
327 #define do_F(iter, inR, outR) { \
328 chunk_t R, ER; \
329 uint32_t e0, e1; \
330 R.long0 = inR; \
332 do_R_to_ER(=, 0); \
334 do_R_to_ER(|=, 1); \
336 do_R_to_ER(|=, 2); \
338 do_R_to_ER(|=, 3); \
339 ER.long0 = e0 ^ kd->keyval[iter].long0; \
340 ER.long1 = e1 ^ kd->keyval[iter].long1; \
341 R.long0 = \
342 S_tab[0][ER.byte0] + \
343 S_tab[1][ER.byte1] + \
344 S_tab[2][ER.byte2] + \
345 S_tab[3][ER.byte3] + \
346 S_tab[4][ER.byte4] + \
347 S_tab[5][ER.byte5] + \
348 S_tab[6][ER.byte6] + \
349 S_tab[7][ER.byte7]; \
350 outR = \
351 P_tab[0][R.byte0] + \
352 P_tab[1][R.byte1] + \
353 P_tab[2][R.byte2] + \
354 P_tab[3][R.byte3]; \
355 }
357 /*
358 * Do a cipher step
359 * Apply inner part; do xor and exchange of 32 bit parts
360 */
361 #define cipher(iter, inR, inL, outR, outL) { \
362 do_F(iter, inR, outR); \
363 outR ^= inL; \
364 outL = inR; \
365 }
367 /*
368 * Apply the 16 ciphering steps
369 */
370 {
393 }
395 /*
396 * Final permutation
397 * and chunk to byte conversion
398 */
399 {
411 else
413 }
414 }
421 else
423 }
424 }
427 }
436 }