tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
crypto: des - split off DES library from generic DES cipher driver
Another one for the cipher museum: split off DES core processing into
a separate module so other drivers (mostly for crypto accelerators)
can reuse the code without pulling in the generic DES cipher itself.
This will also permit the cipher interface to be made private to the
crypto API itself once we move the only user in the kernel (CIFS) to
this library interface.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
authored by
Ard Biesheuvel
and committed by
Herbert Xu
04007b0e
6b5c4818
+1053
-929
+1
-1
arch/x86/crypto/des3_ede_glue.c
+1
-1
arch/x86/crypto/des3_ede_glue.c
+6
-2
crypto/Kconfig
+6
-2
crypto/Kconfig
···
1306
1306
This module provides the Cast6 cipher algorithm that processes
1307
1307
eight blocks parallel using the AVX instruction set.
1308
1308
1309
+
config CRYPTO_LIB_DES
1310
+
tristate
1311
+
1309
1312
config CRYPTO_DES
1310
1313
tristate "DES and Triple DES EDE cipher algorithms"
1311
1314
select CRYPTO_ALGAPI
1315
+
select CRYPTO_LIB_DES
1312
1316
help
1313
1317
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
1314
1318
···
1320
1316
tristate "DES and Triple DES EDE cipher algorithms (SPARC64)"
1321
1317
depends on SPARC64
1322
1318
select CRYPTO_ALGAPI
1323
-
select CRYPTO_DES
1319
+
select CRYPTO_LIB_DES
1324
1320
help
1325
1321
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3),
1326
1322
optimized using SPARC64 crypto opcodes.
···
1329
1325
tristate "Triple DES EDE cipher algorithm (x86-64)"
1330
1326
depends on X86 && 64BIT
1331
1327
select CRYPTO_BLKCIPHER
1332
-
select CRYPTO_DES
1328
+
select CRYPTO_LIB_DES
1333
1329
help
1334
1330
Triple DES EDE (FIPS 46-3) algorithm.
1335
1331
+43
-874
crypto/des_generic.c
+43
-874
crypto/des_generic.c
···
13
13
#include <linux/module.h>
14
14
#include <linux/errno.h>
15
15
#include <linux/crypto.h>
16
-
#include <linux/types.h>
17
16
18
-
#include <crypto/des.h>
19
-
20
-
#define ROL(x, r) ((x) = rol32((x), (r)))
21
-
#define ROR(x, r) ((x) = ror32((x), (r)))
22
-
23
-
struct des_ctx {
24
-
u32 expkey[DES_EXPKEY_WORDS];
25
-
};
26
-
27
-
struct des3_ede_ctx {
28
-
u32 expkey[DES3_EDE_EXPKEY_WORDS];
29
-
};
30
-
31
-
/* Lookup tables for key expansion */
32
-
33
-
static const u8 pc1[256] = {
34
-
0x00, 0x00, 0x40, 0x04, 0x10, 0x10, 0x50, 0x14,
35
-
0x04, 0x40, 0x44, 0x44, 0x14, 0x50, 0x54, 0x54,
36
-
0x02, 0x02, 0x42, 0x06, 0x12, 0x12, 0x52, 0x16,
37
-
0x06, 0x42, 0x46, 0x46, 0x16, 0x52, 0x56, 0x56,
38
-
0x80, 0x08, 0xc0, 0x0c, 0x90, 0x18, 0xd0, 0x1c,
39
-
0x84, 0x48, 0xc4, 0x4c, 0x94, 0x58, 0xd4, 0x5c,
40
-
0x82, 0x0a, 0xc2, 0x0e, 0x92, 0x1a, 0xd2, 0x1e,
41
-
0x86, 0x4a, 0xc6, 0x4e, 0x96, 0x5a, 0xd6, 0x5e,
42
-
0x20, 0x20, 0x60, 0x24, 0x30, 0x30, 0x70, 0x34,
43
-
0x24, 0x60, 0x64, 0x64, 0x34, 0x70, 0x74, 0x74,
44
-
0x22, 0x22, 0x62, 0x26, 0x32, 0x32, 0x72, 0x36,
45
-
0x26, 0x62, 0x66, 0x66, 0x36, 0x72, 0x76, 0x76,
46
-
0xa0, 0x28, 0xe0, 0x2c, 0xb0, 0x38, 0xf0, 0x3c,
47
-
0xa4, 0x68, 0xe4, 0x6c, 0xb4, 0x78, 0xf4, 0x7c,
48
-
0xa2, 0x2a, 0xe2, 0x2e, 0xb2, 0x3a, 0xf2, 0x3e,
49
-
0xa6, 0x6a, 0xe6, 0x6e, 0xb6, 0x7a, 0xf6, 0x7e,
50
-
0x08, 0x80, 0x48, 0x84, 0x18, 0x90, 0x58, 0x94,
51
-
0x0c, 0xc0, 0x4c, 0xc4, 0x1c, 0xd0, 0x5c, 0xd4,
52
-
0x0a, 0x82, 0x4a, 0x86, 0x1a, 0x92, 0x5a, 0x96,
53
-
0x0e, 0xc2, 0x4e, 0xc6, 0x1e, 0xd2, 0x5e, 0xd6,
54
-
0x88, 0x88, 0xc8, 0x8c, 0x98, 0x98, 0xd8, 0x9c,
55
-
0x8c, 0xc8, 0xcc, 0xcc, 0x9c, 0xd8, 0xdc, 0xdc,
56
-
0x8a, 0x8a, 0xca, 0x8e, 0x9a, 0x9a, 0xda, 0x9e,
57
-
0x8e, 0xca, 0xce, 0xce, 0x9e, 0xda, 0xde, 0xde,
58
-
0x28, 0xa0, 0x68, 0xa4, 0x38, 0xb0, 0x78, 0xb4,
59
-
0x2c, 0xe0, 0x6c, 0xe4, 0x3c, 0xf0, 0x7c, 0xf4,
60
-
0x2a, 0xa2, 0x6a, 0xa6, 0x3a, 0xb2, 0x7a, 0xb6,
61
-
0x2e, 0xe2, 0x6e, 0xe6, 0x3e, 0xf2, 0x7e, 0xf6,
62
-
0xa8, 0xa8, 0xe8, 0xac, 0xb8, 0xb8, 0xf8, 0xbc,
63
-
0xac, 0xe8, 0xec, 0xec, 0xbc, 0xf8, 0xfc, 0xfc,
64
-
0xaa, 0xaa, 0xea, 0xae, 0xba, 0xba, 0xfa, 0xbe,
65
-
0xae, 0xea, 0xee, 0xee, 0xbe, 0xfa, 0xfe, 0xfe
66
-
};
67
-
68
-
static const u8 rs[256] = {
69
-
0x00, 0x00, 0x80, 0x80, 0x02, 0x02, 0x82, 0x82,
70
-
0x04, 0x04, 0x84, 0x84, 0x06, 0x06, 0x86, 0x86,
71
-
0x08, 0x08, 0x88, 0x88, 0x0a, 0x0a, 0x8a, 0x8a,
72
-
0x0c, 0x0c, 0x8c, 0x8c, 0x0e, 0x0e, 0x8e, 0x8e,
73
-
0x10, 0x10, 0x90, 0x90, 0x12, 0x12, 0x92, 0x92,
74
-
0x14, 0x14, 0x94, 0x94, 0x16, 0x16, 0x96, 0x96,
75
-
0x18, 0x18, 0x98, 0x98, 0x1a, 0x1a, 0x9a, 0x9a,
76
-
0x1c, 0x1c, 0x9c, 0x9c, 0x1e, 0x1e, 0x9e, 0x9e,
77
-
0x20, 0x20, 0xa0, 0xa0, 0x22, 0x22, 0xa2, 0xa2,
78
-
0x24, 0x24, 0xa4, 0xa4, 0x26, 0x26, 0xa6, 0xa6,
79
-
0x28, 0x28, 0xa8, 0xa8, 0x2a, 0x2a, 0xaa, 0xaa,
80
-
0x2c, 0x2c, 0xac, 0xac, 0x2e, 0x2e, 0xae, 0xae,
81
-
0x30, 0x30, 0xb0, 0xb0, 0x32, 0x32, 0xb2, 0xb2,
82
-
0x34, 0x34, 0xb4, 0xb4, 0x36, 0x36, 0xb6, 0xb6,
83
-
0x38, 0x38, 0xb8, 0xb8, 0x3a, 0x3a, 0xba, 0xba,
84
-
0x3c, 0x3c, 0xbc, 0xbc, 0x3e, 0x3e, 0xbe, 0xbe,
85
-
0x40, 0x40, 0xc0, 0xc0, 0x42, 0x42, 0xc2, 0xc2,
86
-
0x44, 0x44, 0xc4, 0xc4, 0x46, 0x46, 0xc6, 0xc6,
87
-
0x48, 0x48, 0xc8, 0xc8, 0x4a, 0x4a, 0xca, 0xca,
88
-
0x4c, 0x4c, 0xcc, 0xcc, 0x4e, 0x4e, 0xce, 0xce,
89
-
0x50, 0x50, 0xd0, 0xd0, 0x52, 0x52, 0xd2, 0xd2,
90
-
0x54, 0x54, 0xd4, 0xd4, 0x56, 0x56, 0xd6, 0xd6,
91
-
0x58, 0x58, 0xd8, 0xd8, 0x5a, 0x5a, 0xda, 0xda,
92
-
0x5c, 0x5c, 0xdc, 0xdc, 0x5e, 0x5e, 0xde, 0xde,
93
-
0x60, 0x60, 0xe0, 0xe0, 0x62, 0x62, 0xe2, 0xe2,
94
-
0x64, 0x64, 0xe4, 0xe4, 0x66, 0x66, 0xe6, 0xe6,
95
-
0x68, 0x68, 0xe8, 0xe8, 0x6a, 0x6a, 0xea, 0xea,
96
-
0x6c, 0x6c, 0xec, 0xec, 0x6e, 0x6e, 0xee, 0xee,
97
-
0x70, 0x70, 0xf0, 0xf0, 0x72, 0x72, 0xf2, 0xf2,
98
-
0x74, 0x74, 0xf4, 0xf4, 0x76, 0x76, 0xf6, 0xf6,
99
-
0x78, 0x78, 0xf8, 0xf8, 0x7a, 0x7a, 0xfa, 0xfa,
100
-
0x7c, 0x7c, 0xfc, 0xfc, 0x7e, 0x7e, 0xfe, 0xfe
101
-
};
102
-
103
-
static const u32 pc2[1024] = {
104
-
0x00000000, 0x00000000, 0x00000000, 0x00000000,
105
-
0x00040000, 0x00000000, 0x04000000, 0x00100000,
106
-
0x00400000, 0x00000008, 0x00000800, 0x40000000,
107
-
0x00440000, 0x00000008, 0x04000800, 0x40100000,
108
-
0x00000400, 0x00000020, 0x08000000, 0x00000100,
109
-
0x00040400, 0x00000020, 0x0c000000, 0x00100100,
110
-
0x00400400, 0x00000028, 0x08000800, 0x40000100,
111
-
0x00440400, 0x00000028, 0x0c000800, 0x40100100,
112
-
0x80000000, 0x00000010, 0x00000000, 0x00800000,
113
-
0x80040000, 0x00000010, 0x04000000, 0x00900000,
114
-
0x80400000, 0x00000018, 0x00000800, 0x40800000,
115
-
0x80440000, 0x00000018, 0x04000800, 0x40900000,
116
-
0x80000400, 0x00000030, 0x08000000, 0x00800100,
117
-
0x80040400, 0x00000030, 0x0c000000, 0x00900100,
118
-
0x80400400, 0x00000038, 0x08000800, 0x40800100,
119
-
0x80440400, 0x00000038, 0x0c000800, 0x40900100,
120
-
0x10000000, 0x00000000, 0x00200000, 0x00001000,
121
-
0x10040000, 0x00000000, 0x04200000, 0x00101000,
122
-
0x10400000, 0x00000008, 0x00200800, 0x40001000,
123
-
0x10440000, 0x00000008, 0x04200800, 0x40101000,
124
-
0x10000400, 0x00000020, 0x08200000, 0x00001100,
125
-
0x10040400, 0x00000020, 0x0c200000, 0x00101100,
126
-
0x10400400, 0x00000028, 0x08200800, 0x40001100,
127
-
0x10440400, 0x00000028, 0x0c200800, 0x40101100,
128
-
0x90000000, 0x00000010, 0x00200000, 0x00801000,
129
-
0x90040000, 0x00000010, 0x04200000, 0x00901000,
130
-
0x90400000, 0x00000018, 0x00200800, 0x40801000,
131
-
0x90440000, 0x00000018, 0x04200800, 0x40901000,
132
-
0x90000400, 0x00000030, 0x08200000, 0x00801100,
133
-
0x90040400, 0x00000030, 0x0c200000, 0x00901100,
134
-
0x90400400, 0x00000038, 0x08200800, 0x40801100,
135
-
0x90440400, 0x00000038, 0x0c200800, 0x40901100,
136
-
0x00000200, 0x00080000, 0x00000000, 0x00000004,
137
-
0x00040200, 0x00080000, 0x04000000, 0x00100004,
138
-
0x00400200, 0x00080008, 0x00000800, 0x40000004,
139
-
0x00440200, 0x00080008, 0x04000800, 0x40100004,
140
-
0x00000600, 0x00080020, 0x08000000, 0x00000104,
141
-
0x00040600, 0x00080020, 0x0c000000, 0x00100104,
142
-
0x00400600, 0x00080028, 0x08000800, 0x40000104,
143
-
0x00440600, 0x00080028, 0x0c000800, 0x40100104,
144
-
0x80000200, 0x00080010, 0x00000000, 0x00800004,
145
-
0x80040200, 0x00080010, 0x04000000, 0x00900004,
146
-
0x80400200, 0x00080018, 0x00000800, 0x40800004,
147
-
0x80440200, 0x00080018, 0x04000800, 0x40900004,
148
-
0x80000600, 0x00080030, 0x08000000, 0x00800104,
149
-
0x80040600, 0x00080030, 0x0c000000, 0x00900104,
150
-
0x80400600, 0x00080038, 0x08000800, 0x40800104,
151
-
0x80440600, 0x00080038, 0x0c000800, 0x40900104,
152
-
0x10000200, 0x00080000, 0x00200000, 0x00001004,
153
-
0x10040200, 0x00080000, 0x04200000, 0x00101004,
154
-
0x10400200, 0x00080008, 0x00200800, 0x40001004,
155
-
0x10440200, 0x00080008, 0x04200800, 0x40101004,
156
-
0x10000600, 0x00080020, 0x08200000, 0x00001104,
157
-
0x10040600, 0x00080020, 0x0c200000, 0x00101104,
158
-
0x10400600, 0x00080028, 0x08200800, 0x40001104,
159
-
0x10440600, 0x00080028, 0x0c200800, 0x40101104,
160
-
0x90000200, 0x00080010, 0x00200000, 0x00801004,
161
-
0x90040200, 0x00080010, 0x04200000, 0x00901004,
162
-
0x90400200, 0x00080018, 0x00200800, 0x40801004,
163
-
0x90440200, 0x00080018, 0x04200800, 0x40901004,
164
-
0x90000600, 0x00080030, 0x08200000, 0x00801104,
165
-
0x90040600, 0x00080030, 0x0c200000, 0x00901104,
166
-
0x90400600, 0x00080038, 0x08200800, 0x40801104,
167
-
0x90440600, 0x00080038, 0x0c200800, 0x40901104,
168
-
0x00000002, 0x00002000, 0x20000000, 0x00000001,
169
-
0x00040002, 0x00002000, 0x24000000, 0x00100001,
170
-
0x00400002, 0x00002008, 0x20000800, 0x40000001,
171
-
0x00440002, 0x00002008, 0x24000800, 0x40100001,
172
-
0x00000402, 0x00002020, 0x28000000, 0x00000101,
173
-
0x00040402, 0x00002020, 0x2c000000, 0x00100101,
174
-
0x00400402, 0x00002028, 0x28000800, 0x40000101,
175
-
0x00440402, 0x00002028, 0x2c000800, 0x40100101,
176
-
0x80000002, 0x00002010, 0x20000000, 0x00800001,
177
-
0x80040002, 0x00002010, 0x24000000, 0x00900001,
178
-
0x80400002, 0x00002018, 0x20000800, 0x40800001,
179
-
0x80440002, 0x00002018, 0x24000800, 0x40900001,
180
-
0x80000402, 0x00002030, 0x28000000, 0x00800101,
181
-
0x80040402, 0x00002030, 0x2c000000, 0x00900101,
182
-
0x80400402, 0x00002038, 0x28000800, 0x40800101,
183
-
0x80440402, 0x00002038, 0x2c000800, 0x40900101,
184
-
0x10000002, 0x00002000, 0x20200000, 0x00001001,
185
-
0x10040002, 0x00002000, 0x24200000, 0x00101001,
186
-
0x10400002, 0x00002008, 0x20200800, 0x40001001,
187
-
0x10440002, 0x00002008, 0x24200800, 0x40101001,
188
-
0x10000402, 0x00002020, 0x28200000, 0x00001101,
189
-
0x10040402, 0x00002020, 0x2c200000, 0x00101101,
190
-
0x10400402, 0x00002028, 0x28200800, 0x40001101,
191
-
0x10440402, 0x00002028, 0x2c200800, 0x40101101,
192
-
0x90000002, 0x00002010, 0x20200000, 0x00801001,
193
-
0x90040002, 0x00002010, 0x24200000, 0x00901001,
194
-
0x90400002, 0x00002018, 0x20200800, 0x40801001,
195
-
0x90440002, 0x00002018, 0x24200800, 0x40901001,
196
-
0x90000402, 0x00002030, 0x28200000, 0x00801101,
197
-
0x90040402, 0x00002030, 0x2c200000, 0x00901101,
198
-
0x90400402, 0x00002038, 0x28200800, 0x40801101,
199
-
0x90440402, 0x00002038, 0x2c200800, 0x40901101,
200
-
0x00000202, 0x00082000, 0x20000000, 0x00000005,
201
-
0x00040202, 0x00082000, 0x24000000, 0x00100005,
202
-
0x00400202, 0x00082008, 0x20000800, 0x40000005,
203
-
0x00440202, 0x00082008, 0x24000800, 0x40100005,
204
-
0x00000602, 0x00082020, 0x28000000, 0x00000105,
205
-
0x00040602, 0x00082020, 0x2c000000, 0x00100105,
206
-
0x00400602, 0x00082028, 0x28000800, 0x40000105,
207
-
0x00440602, 0x00082028, 0x2c000800, 0x40100105,
208
-
0x80000202, 0x00082010, 0x20000000, 0x00800005,
209
-
0x80040202, 0x00082010, 0x24000000, 0x00900005,
210
-
0x80400202, 0x00082018, 0x20000800, 0x40800005,
211
-
0x80440202, 0x00082018, 0x24000800, 0x40900005,
212
-
0x80000602, 0x00082030, 0x28000000, 0x00800105,
213
-
0x80040602, 0x00082030, 0x2c000000, 0x00900105,
214
-
0x80400602, 0x00082038, 0x28000800, 0x40800105,
215
-
0x80440602, 0x00082038, 0x2c000800, 0x40900105,
216
-
0x10000202, 0x00082000, 0x20200000, 0x00001005,
217
-
0x10040202, 0x00082000, 0x24200000, 0x00101005,
218
-
0x10400202, 0x00082008, 0x20200800, 0x40001005,
219
-
0x10440202, 0x00082008, 0x24200800, 0x40101005,
220
-
0x10000602, 0x00082020, 0x28200000, 0x00001105,
221
-
0x10040602, 0x00082020, 0x2c200000, 0x00101105,
222
-
0x10400602, 0x00082028, 0x28200800, 0x40001105,
223
-
0x10440602, 0x00082028, 0x2c200800, 0x40101105,
224
-
0x90000202, 0x00082010, 0x20200000, 0x00801005,
225
-
0x90040202, 0x00082010, 0x24200000, 0x00901005,
226
-
0x90400202, 0x00082018, 0x20200800, 0x40801005,
227
-
0x90440202, 0x00082018, 0x24200800, 0x40901005,
228
-
0x90000602, 0x00082030, 0x28200000, 0x00801105,
229
-
0x90040602, 0x00082030, 0x2c200000, 0x00901105,
230
-
0x90400602, 0x00082038, 0x28200800, 0x40801105,
231
-
0x90440602, 0x00082038, 0x2c200800, 0x40901105,
232
-
233
-
0x00000000, 0x00000000, 0x00000000, 0x00000000,
234
-
0x00000000, 0x00000008, 0x00080000, 0x10000000,
235
-
0x02000000, 0x00000000, 0x00000080, 0x00001000,
236
-
0x02000000, 0x00000008, 0x00080080, 0x10001000,
237
-
0x00004000, 0x00000000, 0x00000040, 0x00040000,
238
-
0x00004000, 0x00000008, 0x00080040, 0x10040000,
239
-
0x02004000, 0x00000000, 0x000000c0, 0x00041000,
240
-
0x02004000, 0x00000008, 0x000800c0, 0x10041000,
241
-
0x00020000, 0x00008000, 0x08000000, 0x00200000,
242
-
0x00020000, 0x00008008, 0x08080000, 0x10200000,
243
-
0x02020000, 0x00008000, 0x08000080, 0x00201000,
244
-
0x02020000, 0x00008008, 0x08080080, 0x10201000,
245
-
0x00024000, 0x00008000, 0x08000040, 0x00240000,
246
-
0x00024000, 0x00008008, 0x08080040, 0x10240000,
247
-
0x02024000, 0x00008000, 0x080000c0, 0x00241000,
248
-
0x02024000, 0x00008008, 0x080800c0, 0x10241000,
249
-
0x00000000, 0x01000000, 0x00002000, 0x00000020,
250
-
0x00000000, 0x01000008, 0x00082000, 0x10000020,
251
-
0x02000000, 0x01000000, 0x00002080, 0x00001020,
252
-
0x02000000, 0x01000008, 0x00082080, 0x10001020,
253
-
0x00004000, 0x01000000, 0x00002040, 0x00040020,
254
-
0x00004000, 0x01000008, 0x00082040, 0x10040020,
255
-
0x02004000, 0x01000000, 0x000020c0, 0x00041020,
256
-
0x02004000, 0x01000008, 0x000820c0, 0x10041020,
257
-
0x00020000, 0x01008000, 0x08002000, 0x00200020,
258
-
0x00020000, 0x01008008, 0x08082000, 0x10200020,
259
-
0x02020000, 0x01008000, 0x08002080, 0x00201020,
260
-
0x02020000, 0x01008008, 0x08082080, 0x10201020,
261
-
0x00024000, 0x01008000, 0x08002040, 0x00240020,
262
-
0x00024000, 0x01008008, 0x08082040, 0x10240020,
263
-
0x02024000, 0x01008000, 0x080020c0, 0x00241020,
264
-
0x02024000, 0x01008008, 0x080820c0, 0x10241020,
265
-
0x00000400, 0x04000000, 0x00100000, 0x00000004,
266
-
0x00000400, 0x04000008, 0x00180000, 0x10000004,
267
-
0x02000400, 0x04000000, 0x00100080, 0x00001004,
268
-
0x02000400, 0x04000008, 0x00180080, 0x10001004,
269
-
0x00004400, 0x04000000, 0x00100040, 0x00040004,
270
-
0x00004400, 0x04000008, 0x00180040, 0x10040004,
271
-
0x02004400, 0x04000000, 0x001000c0, 0x00041004,
272
-
0x02004400, 0x04000008, 0x001800c0, 0x10041004,
273
-
0x00020400, 0x04008000, 0x08100000, 0x00200004,
274
-
0x00020400, 0x04008008, 0x08180000, 0x10200004,
275
-
0x02020400, 0x04008000, 0x08100080, 0x00201004,
276
-
0x02020400, 0x04008008, 0x08180080, 0x10201004,
277
-
0x00024400, 0x04008000, 0x08100040, 0x00240004,
278
-
0x00024400, 0x04008008, 0x08180040, 0x10240004,
279
-
0x02024400, 0x04008000, 0x081000c0, 0x00241004,
280
-
0x02024400, 0x04008008, 0x081800c0, 0x10241004,
281
-
0x00000400, 0x05000000, 0x00102000, 0x00000024,
282
-
0x00000400, 0x05000008, 0x00182000, 0x10000024,
283
-
0x02000400, 0x05000000, 0x00102080, 0x00001024,
284
-
0x02000400, 0x05000008, 0x00182080, 0x10001024,
285
-
0x00004400, 0x05000000, 0x00102040, 0x00040024,
286
-
0x00004400, 0x05000008, 0x00182040, 0x10040024,
287
-
0x02004400, 0x05000000, 0x001020c0, 0x00041024,
288
-
0x02004400, 0x05000008, 0x001820c0, 0x10041024,
289
-
0x00020400, 0x05008000, 0x08102000, 0x00200024,
290
-
0x00020400, 0x05008008, 0x08182000, 0x10200024,
291
-
0x02020400, 0x05008000, 0x08102080, 0x00201024,
292
-
0x02020400, 0x05008008, 0x08182080, 0x10201024,
293
-
0x00024400, 0x05008000, 0x08102040, 0x00240024,
294
-
0x00024400, 0x05008008, 0x08182040, 0x10240024,
295
-
0x02024400, 0x05008000, 0x081020c0, 0x00241024,
296
-
0x02024400, 0x05008008, 0x081820c0, 0x10241024,
297
-
0x00000800, 0x00010000, 0x20000000, 0x00000010,
298
-
0x00000800, 0x00010008, 0x20080000, 0x10000010,
299
-
0x02000800, 0x00010000, 0x20000080, 0x00001010,
300
-
0x02000800, 0x00010008, 0x20080080, 0x10001010,
301
-
0x00004800, 0x00010000, 0x20000040, 0x00040010,
302
-
0x00004800, 0x00010008, 0x20080040, 0x10040010,
303
-
0x02004800, 0x00010000, 0x200000c0, 0x00041010,
304
-
0x02004800, 0x00010008, 0x200800c0, 0x10041010,
305
-
0x00020800, 0x00018000, 0x28000000, 0x00200010,
306
-
0x00020800, 0x00018008, 0x28080000, 0x10200010,
307
-
0x02020800, 0x00018000, 0x28000080, 0x00201010,
308
-
0x02020800, 0x00018008, 0x28080080, 0x10201010,
309
-
0x00024800, 0x00018000, 0x28000040, 0x00240010,
310
-
0x00024800, 0x00018008, 0x28080040, 0x10240010,
311
-
0x02024800, 0x00018000, 0x280000c0, 0x00241010,
312
-
0x02024800, 0x00018008, 0x280800c0, 0x10241010,
313
-
0x00000800, 0x01010000, 0x20002000, 0x00000030,
314
-
0x00000800, 0x01010008, 0x20082000, 0x10000030,
315
-
0x02000800, 0x01010000, 0x20002080, 0x00001030,
316
-
0x02000800, 0x01010008, 0x20082080, 0x10001030,
317
-
0x00004800, 0x01010000, 0x20002040, 0x00040030,
318
-
0x00004800, 0x01010008, 0x20082040, 0x10040030,
319
-
0x02004800, 0x01010000, 0x200020c0, 0x00041030,
320
-
0x02004800, 0x01010008, 0x200820c0, 0x10041030,
321
-
0x00020800, 0x01018000, 0x28002000, 0x00200030,
322
-
0x00020800, 0x01018008, 0x28082000, 0x10200030,
323
-
0x02020800, 0x01018000, 0x28002080, 0x00201030,
324
-
0x02020800, 0x01018008, 0x28082080, 0x10201030,
325
-
0x00024800, 0x01018000, 0x28002040, 0x00240030,
326
-
0x00024800, 0x01018008, 0x28082040, 0x10240030,
327
-
0x02024800, 0x01018000, 0x280020c0, 0x00241030,
328
-
0x02024800, 0x01018008, 0x280820c0, 0x10241030,
329
-
0x00000c00, 0x04010000, 0x20100000, 0x00000014,
330
-
0x00000c00, 0x04010008, 0x20180000, 0x10000014,
331
-
0x02000c00, 0x04010000, 0x20100080, 0x00001014,
332
-
0x02000c00, 0x04010008, 0x20180080, 0x10001014,
333
-
0x00004c00, 0x04010000, 0x20100040, 0x00040014,
334
-
0x00004c00, 0x04010008, 0x20180040, 0x10040014,
335
-
0x02004c00, 0x04010000, 0x201000c0, 0x00041014,
336
-
0x02004c00, 0x04010008, 0x201800c0, 0x10041014,
337
-
0x00020c00, 0x04018000, 0x28100000, 0x00200014,
338
-
0x00020c00, 0x04018008, 0x28180000, 0x10200014,
339
-
0x02020c00, 0x04018000, 0x28100080, 0x00201014,
340
-
0x02020c00, 0x04018008, 0x28180080, 0x10201014,
341
-
0x00024c00, 0x04018000, 0x28100040, 0x00240014,
342
-
0x00024c00, 0x04018008, 0x28180040, 0x10240014,
343
-
0x02024c00, 0x04018000, 0x281000c0, 0x00241014,
344
-
0x02024c00, 0x04018008, 0x281800c0, 0x10241014,
345
-
0x00000c00, 0x05010000, 0x20102000, 0x00000034,
346
-
0x00000c00, 0x05010008, 0x20182000, 0x10000034,
347
-
0x02000c00, 0x05010000, 0x20102080, 0x00001034,
348
-
0x02000c00, 0x05010008, 0x20182080, 0x10001034,
349
-
0x00004c00, 0x05010000, 0x20102040, 0x00040034,
350
-
0x00004c00, 0x05010008, 0x20182040, 0x10040034,
351
-
0x02004c00, 0x05010000, 0x201020c0, 0x00041034,
352
-
0x02004c00, 0x05010008, 0x201820c0, 0x10041034,
353
-
0x00020c00, 0x05018000, 0x28102000, 0x00200034,
354
-
0x00020c00, 0x05018008, 0x28182000, 0x10200034,
355
-
0x02020c00, 0x05018000, 0x28102080, 0x00201034,
356
-
0x02020c00, 0x05018008, 0x28182080, 0x10201034,
357
-
0x00024c00, 0x05018000, 0x28102040, 0x00240034,
358
-
0x00024c00, 0x05018008, 0x28182040, 0x10240034,
359
-
0x02024c00, 0x05018000, 0x281020c0, 0x00241034,
360
-
0x02024c00, 0x05018008, 0x281820c0, 0x10241034
361
-
};
362
-
363
-
/* S-box lookup tables */
364
-
365
-
static const u32 S1[64] = {
366
-
0x01010400, 0x00000000, 0x00010000, 0x01010404,
367
-
0x01010004, 0x00010404, 0x00000004, 0x00010000,
368
-
0x00000400, 0x01010400, 0x01010404, 0x00000400,
369
-
0x01000404, 0x01010004, 0x01000000, 0x00000004,
370
-
0x00000404, 0x01000400, 0x01000400, 0x00010400,
371
-
0x00010400, 0x01010000, 0x01010000, 0x01000404,
372
-
0x00010004, 0x01000004, 0x01000004, 0x00010004,
373
-
0x00000000, 0x00000404, 0x00010404, 0x01000000,
374
-
0x00010000, 0x01010404, 0x00000004, 0x01010000,
375
-
0x01010400, 0x01000000, 0x01000000, 0x00000400,
376
-
0x01010004, 0x00010000, 0x00010400, 0x01000004,
377
-
0x00000400, 0x00000004, 0x01000404, 0x00010404,
378
-
0x01010404, 0x00010004, 0x01010000, 0x01000404,
379
-
0x01000004, 0x00000404, 0x00010404, 0x01010400,
380
-
0x00000404, 0x01000400, 0x01000400, 0x00000000,
381
-
0x00010004, 0x00010400, 0x00000000, 0x01010004
382
-
};
383
-
384
-
static const u32 S2[64] = {
385
-
0x80108020, 0x80008000, 0x00008000, 0x00108020,
386
-
0x00100000, 0x00000020, 0x80100020, 0x80008020,
387
-
0x80000020, 0x80108020, 0x80108000, 0x80000000,
388
-
0x80008000, 0x00100000, 0x00000020, 0x80100020,
389
-
0x00108000, 0x00100020, 0x80008020, 0x00000000,
390
-
0x80000000, 0x00008000, 0x00108020, 0x80100000,
391
-
0x00100020, 0x80000020, 0x00000000, 0x00108000,
392
-
0x00008020, 0x80108000, 0x80100000, 0x00008020,
393
-
0x00000000, 0x00108020, 0x80100020, 0x00100000,
394
-
0x80008020, 0x80100000, 0x80108000, 0x00008000,
395
-
0x80100000, 0x80008000, 0x00000020, 0x80108020,
396
-
0x00108020, 0x00000020, 0x00008000, 0x80000000,
397
-
0x00008020, 0x80108000, 0x00100000, 0x80000020,
398
-
0x00100020, 0x80008020, 0x80000020, 0x00100020,
399
-
0x00108000, 0x00000000, 0x80008000, 0x00008020,
400
-
0x80000000, 0x80100020, 0x80108020, 0x00108000
401
-
};
402
-
403
-
static const u32 S3[64] = {
404
-
0x00000208, 0x08020200, 0x00000000, 0x08020008,
405
-
0x08000200, 0x00000000, 0x00020208, 0x08000200,
406
-
0x00020008, 0x08000008, 0x08000008, 0x00020000,
407
-
0x08020208, 0x00020008, 0x08020000, 0x00000208,
408
-
0x08000000, 0x00000008, 0x08020200, 0x00000200,
409
-
0x00020200, 0x08020000, 0x08020008, 0x00020208,
410
-
0x08000208, 0x00020200, 0x00020000, 0x08000208,
411
-
0x00000008, 0x08020208, 0x00000200, 0x08000000,
412
-
0x08020200, 0x08000000, 0x00020008, 0x00000208,
413
-
0x00020000, 0x08020200, 0x08000200, 0x00000000,
414
-
0x00000200, 0x00020008, 0x08020208, 0x08000200,
415
-
0x08000008, 0x00000200, 0x00000000, 0x08020008,
416
-
0x08000208, 0x00020000, 0x08000000, 0x08020208,
417
-
0x00000008, 0x00020208, 0x00020200, 0x08000008,
418
-
0x08020000, 0x08000208, 0x00000208, 0x08020000,
419
-
0x00020208, 0x00000008, 0x08020008, 0x00020200
420
-
};
421
-
422
-
static const u32 S4[64] = {
423
-
0x00802001, 0x00002081, 0x00002081, 0x00000080,
424
-
0x00802080, 0x00800081, 0x00800001, 0x00002001,
425
-
0x00000000, 0x00802000, 0x00802000, 0x00802081,
426
-
0x00000081, 0x00000000, 0x00800080, 0x00800001,
427
-
0x00000001, 0x00002000, 0x00800000, 0x00802001,
428
-
0x00000080, 0x00800000, 0x00002001, 0x00002080,
429
-
0x00800081, 0x00000001, 0x00002080, 0x00800080,
430
-
0x00002000, 0x00802080, 0x00802081, 0x00000081,
431
-
0x00800080, 0x00800001, 0x00802000, 0x00802081,
432
-
0x00000081, 0x00000000, 0x00000000, 0x00802000,
433
-
0x00002080, 0x00800080, 0x00800081, 0x00000001,
434
-
0x00802001, 0x00002081, 0x00002081, 0x00000080,
435
-
0x00802081, 0x00000081, 0x00000001, 0x00002000,
436
-
0x00800001, 0x00002001, 0x00802080, 0x00800081,
437
-
0x00002001, 0x00002080, 0x00800000, 0x00802001,
438
-
0x00000080, 0x00800000, 0x00002000, 0x00802080
439
-
};
440
-
441
-
static const u32 S5[64] = {
442
-
0x00000100, 0x02080100, 0x02080000, 0x42000100,
443
-
0x00080000, 0x00000100, 0x40000000, 0x02080000,
444
-
0x40080100, 0x00080000, 0x02000100, 0x40080100,
445
-
0x42000100, 0x42080000, 0x00080100, 0x40000000,
446
-
0x02000000, 0x40080000, 0x40080000, 0x00000000,
447
-
0x40000100, 0x42080100, 0x42080100, 0x02000100,
448
-
0x42080000, 0x40000100, 0x00000000, 0x42000000,
449
-
0x02080100, 0x02000000, 0x42000000, 0x00080100,
450
-
0x00080000, 0x42000100, 0x00000100, 0x02000000,
451
-
0x40000000, 0x02080000, 0x42000100, 0x40080100,
452
-
0x02000100, 0x40000000, 0x42080000, 0x02080100,
453
-
0x40080100, 0x00000100, 0x02000000, 0x42080000,
454
-
0x42080100, 0x00080100, 0x42000000, 0x42080100,
455
-
0x02080000, 0x00000000, 0x40080000, 0x42000000,
456
-
0x00080100, 0x02000100, 0x40000100, 0x00080000,
457
-
0x00000000, 0x40080000, 0x02080100, 0x40000100
458
-
};
459
-
460
-
static const u32 S6[64] = {
461
-
0x20000010, 0x20400000, 0x00004000, 0x20404010,
462
-
0x20400000, 0x00000010, 0x20404010, 0x00400000,
463
-
0x20004000, 0x00404010, 0x00400000, 0x20000010,
464
-
0x00400010, 0x20004000, 0x20000000, 0x00004010,
465
-
0x00000000, 0x00400010, 0x20004010, 0x00004000,
466
-
0x00404000, 0x20004010, 0x00000010, 0x20400010,
467
-
0x20400010, 0x00000000, 0x00404010, 0x20404000,
468
-
0x00004010, 0x00404000, 0x20404000, 0x20000000,
469
-
0x20004000, 0x00000010, 0x20400010, 0x00404000,
470
-
0x20404010, 0x00400000, 0x00004010, 0x20000010,
471
-
0x00400000, 0x20004000, 0x20000000, 0x00004010,
472
-
0x20000010, 0x20404010, 0x00404000, 0x20400000,
473
-
0x00404010, 0x20404000, 0x00000000, 0x20400010,
474
-
0x00000010, 0x00004000, 0x20400000, 0x00404010,
475
-
0x00004000, 0x00400010, 0x20004010, 0x00000000,
476
-
0x20404000, 0x20000000, 0x00400010, 0x20004010
477
-
};
478
-
479
-
static const u32 S7[64] = {
480
-
0x00200000, 0x04200002, 0x04000802, 0x00000000,
481
-
0x00000800, 0x04000802, 0x00200802, 0x04200800,
482
-
0x04200802, 0x00200000, 0x00000000, 0x04000002,
483
-
0x00000002, 0x04000000, 0x04200002, 0x00000802,
484
-
0x04000800, 0x00200802, 0x00200002, 0x04000800,
485
-
0x04000002, 0x04200000, 0x04200800, 0x00200002,
486
-
0x04200000, 0x00000800, 0x00000802, 0x04200802,
487
-
0x00200800, 0x00000002, 0x04000000, 0x00200800,
488
-
0x04000000, 0x00200800, 0x00200000, 0x04000802,
489
-
0x04000802, 0x04200002, 0x04200002, 0x00000002,
490
-
0x00200002, 0x04000000, 0x04000800, 0x00200000,
491
-
0x04200800, 0x00000802, 0x00200802, 0x04200800,
492
-
0x00000802, 0x04000002, 0x04200802, 0x04200000,
493
-
0x00200800, 0x00000000, 0x00000002, 0x04200802,
494
-
0x00000000, 0x00200802, 0x04200000, 0x00000800,
495
-
0x04000002, 0x04000800, 0x00000800, 0x00200002
496
-
};
497
-
498
-
static const u32 S8[64] = {
499
-
0x10001040, 0x00001000, 0x00040000, 0x10041040,
500
-
0x10000000, 0x10001040, 0x00000040, 0x10000000,
501
-
0x00040040, 0x10040000, 0x10041040, 0x00041000,
502
-
0x10041000, 0x00041040, 0x00001000, 0x00000040,
503
-
0x10040000, 0x10000040, 0x10001000, 0x00001040,
504
-
0x00041000, 0x00040040, 0x10040040, 0x10041000,
505
-
0x00001040, 0x00000000, 0x00000000, 0x10040040,
506
-
0x10000040, 0x10001000, 0x00041040, 0x00040000,
507
-
0x00041040, 0x00040000, 0x10041000, 0x00001000,
508
-
0x00000040, 0x10040040, 0x00001000, 0x00041040,
509
-
0x10001000, 0x00000040, 0x10000040, 0x10040000,
510
-
0x10040040, 0x10000000, 0x00040000, 0x10001040,
511
-
0x00000000, 0x10041040, 0x00040040, 0x10000040,
512
-
0x10040000, 0x10001000, 0x10001040, 0x00000000,
513
-
0x10041040, 0x00041000, 0x00041000, 0x00001040,
514
-
0x00001040, 0x00040040, 0x10000000, 0x10041000
515
-
};
516
-
517
-
/* Encryption components: IP, FP, and round function */
518
-
519
-
#define IP(L, R, T) \
520
-
ROL(R, 4); \
521
-
T = L; \
522
-
L ^= R; \
523
-
L &= 0xf0f0f0f0; \
524
-
R ^= L; \
525
-
L ^= T; \
526
-
ROL(R, 12); \
527
-
T = L; \
528
-
L ^= R; \
529
-
L &= 0xffff0000; \
530
-
R ^= L; \
531
-
L ^= T; \
532
-
ROR(R, 14); \
533
-
T = L; \
534
-
L ^= R; \
535
-
L &= 0xcccccccc; \
536
-
R ^= L; \
537
-
L ^= T; \
538
-
ROL(R, 6); \
539
-
T = L; \
540
-
L ^= R; \
541
-
L &= 0xff00ff00; \
542
-
R ^= L; \
543
-
L ^= T; \
544
-
ROR(R, 7); \
545
-
T = L; \
546
-
L ^= R; \
547
-
L &= 0xaaaaaaaa; \
548
-
R ^= L; \
549
-
L ^= T; \
550
-
ROL(L, 1);
551
-
552
-
#define FP(L, R, T) \
553
-
ROR(L, 1); \
554
-
T = L; \
555
-
L ^= R; \
556
-
L &= 0xaaaaaaaa; \
557
-
R ^= L; \
558
-
L ^= T; \
559
-
ROL(R, 7); \
560
-
T = L; \
561
-
L ^= R; \
562
-
L &= 0xff00ff00; \
563
-
R ^= L; \
564
-
L ^= T; \
565
-
ROR(R, 6); \
566
-
T = L; \
567
-
L ^= R; \
568
-
L &= 0xcccccccc; \
569
-
R ^= L; \
570
-
L ^= T; \
571
-
ROL(R, 14); \
572
-
T = L; \
573
-
L ^= R; \
574
-
L &= 0xffff0000; \
575
-
R ^= L; \
576
-
L ^= T; \
577
-
ROR(R, 12); \
578
-
T = L; \
579
-
L ^= R; \
580
-
L &= 0xf0f0f0f0; \
581
-
R ^= L; \
582
-
L ^= T; \
583
-
ROR(R, 4);
584
-
585
-
#define ROUND(L, R, A, B, K, d) \
586
-
B = K[0]; A = K[1]; K += d; \
587
-
B ^= R; A ^= R; \
588
-
B &= 0x3f3f3f3f; ROR(A, 4); \
589
-
L ^= S8[0xff & B]; A &= 0x3f3f3f3f; \
590
-
L ^= S6[0xff & (B >> 8)]; B >>= 16; \
591
-
L ^= S7[0xff & A]; \
592
-
L ^= S5[0xff & (A >> 8)]; A >>= 16; \
593
-
L ^= S4[0xff & B]; \
594
-
L ^= S2[0xff & (B >> 8)]; \
595
-
L ^= S3[0xff & A]; \
596
-
L ^= S1[0xff & (A >> 8)];
597
-
598
-
/*
599
-
* PC2 lookup tables are organized as 2 consecutive sets of 4 interleaved
600
-
* tables of 128 elements. One set is for C_i and the other for D_i, while
601
-
* the 4 interleaved tables correspond to four 7-bit subsets of C_i or D_i.
602
-
*
603
-
* After PC1 each of the variables a,b,c,d contains a 7 bit subset of C_i
604
-
* or D_i in bits 7-1 (bit 0 being the least significant).
605
-
*/
606
-
607
-
#define T1(x) pt[2 * (x) + 0]
608
-
#define T2(x) pt[2 * (x) + 1]
609
-
#define T3(x) pt[2 * (x) + 2]
610
-
#define T4(x) pt[2 * (x) + 3]
611
-
612
-
#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a))
613
-
614
-
/*
615
-
* Encryption key expansion
616
-
*
617
-
* RFC2451: Weak key checks SHOULD be performed.
618
-
*
619
-
* FIPS 74:
620
-
*
621
-
* Keys having duals are keys which produce all zeros, all ones, or
622
-
* alternating zero-one patterns in the C and D registers after Permuted
623
-
* Choice 1 has operated on the key.
624
-
*
625
-
*/
626
-
unsigned long des_ekey(u32 *pe, const u8 *k)
627
-
{
628
-
/* K&R: long is at least 32 bits */
629
-
unsigned long a, b, c, d, w;
630
-
const u32 *pt = pc2;
631
-
632
-
d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d];
633
-
c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c];
634
-
b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b];
635
-
a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a];
636
-
637
-
pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d];
638
-
pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
639
-
pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
640
-
pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
641
-
pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
642
-
pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
643
-
pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
644
-
pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c];
645
-
pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
646
-
pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
647
-
pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
648
-
pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
649
-
pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
650
-
pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
651
-
pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b];
652
-
pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a);
653
-
654
-
/* Check if first half is weak */
655
-
w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]);
656
-
657
-
/* Skip to next table set */
658
-
pt += 512;
659
-
660
-
d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1];
661
-
c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1];
662
-
b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1];
663
-
a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1];
664
-
665
-
/* Check if second half is weak */
666
-
w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]);
667
-
668
-
pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d];
669
-
pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
670
-
pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
671
-
pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
672
-
pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
673
-
pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
674
-
pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
675
-
pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c];
676
-
pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
677
-
pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
678
-
pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
679
-
pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
680
-
pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
681
-
pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
682
-
pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b];
683
-
pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a);
684
-
685
-
/* Fixup: 2413 5768 -> 1357 2468 */
686
-
for (d = 0; d < 16; ++d) {
687
-
a = pe[2 * d];
688
-
b = pe[2 * d + 1];
689
-
c = a ^ b;
690
-
c &= 0xffff0000;
691
-
a ^= c;
692
-
b ^= c;
693
-
ROL(b, 18);
694
-
pe[2 * d] = a;
695
-
pe[2 * d + 1] = b;
696
-
}
697
-
698
-
/* Zero if weak key */
699
-
return w;
700
-
}
701
-
EXPORT_SYMBOL_GPL(des_ekey);
702
-
703
-
/*
704
-
* Decryption key expansion
705
-
*
706
-
* No weak key checking is performed, as this is only used by triple DES
707
-
*
708
-
*/
709
-
static void dkey(u32 *pe, const u8 *k)
710
-
{
711
-
/* K&R: long is at least 32 bits */
712
-
unsigned long a, b, c, d;
713
-
const u32 *pt = pc2;
714
-
715
-
d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d];
716
-
c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c];
717
-
b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b];
718
-
a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a];
719
-
720
-
pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d];
721
-
pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
722
-
pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
723
-
pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
724
-
pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
725
-
pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
726
-
pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
727
-
pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c];
728
-
pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
729
-
pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
730
-
pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
731
-
pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
732
-
pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
733
-
pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
734
-
pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b];
735
-
pe[15 * 2] = DES_PC2(b, c, d, a);
736
-
737
-
/* Skip to next table set */
738
-
pt += 512;
739
-
740
-
d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1];
741
-
c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1];
742
-
b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1];
743
-
a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1];
744
-
745
-
pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d];
746
-
pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
747
-
pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
748
-
pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
749
-
pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
750
-
pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
751
-
pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
752
-
pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c];
753
-
pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
754
-
pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
755
-
pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
756
-
pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
757
-
pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
758
-
pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
759
-
pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b];
760
-
pe[15 * 2 + 1] = DES_PC2(b, c, d, a);
761
-
762
-
/* Fixup: 2413 5768 -> 1357 2468 */
763
-
for (d = 0; d < 16; ++d) {
764
-
a = pe[2 * d];
765
-
b = pe[2 * d + 1];
766
-
c = a ^ b;
767
-
c &= 0xffff0000;
768
-
a ^= c;
769
-
b ^= c;
770
-
ROL(b, 18);
771
-
pe[2 * d] = a;
772
-
pe[2 * d + 1] = b;
773
-
}
774
-
}
17
+
#include <crypto/internal/des.h>
775
18
776
19
static int des_setkey(struct crypto_tfm *tfm, const u8 *key,
777
20
unsigned int keylen)
778
21
{
779
22
struct des_ctx *dctx = crypto_tfm_ctx(tfm);
780
-
u32 *flags = &tfm->crt_flags;
781
-
u32 tmp[DES_EXPKEY_WORDS];
782
-
int ret;
23
+
int err;
783
24
784
-
/* Expand to tmp */
785
-
ret = des_ekey(tmp, key);
786
-
787
-
if (unlikely(ret == 0) && (*flags & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) {
788
-
*flags |= CRYPTO_TFM_RES_WEAK_KEY;
789
-
return -EINVAL;
25
+
err = des_expand_key(dctx, key, keylen);
26
+
if (err == -ENOKEY) {
27
+
if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)
28
+
err = -EINVAL;
29
+
else
30
+
err = 0;
790
31
}
791
32
792
-
/* Copy to output */
793
-
memcpy(dctx->expkey, tmp, sizeof(dctx->expkey));
794
-
795
-
return 0;
33
+
if (err) {
34
+
memset(dctx, 0, sizeof(*dctx));
35
+
crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
36
+
}
37
+
return err;
796
38
}
797
39
798
-
static void des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
40
+
static void crypto_des_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
799
41
{
800
-
struct des_ctx *ctx = crypto_tfm_ctx(tfm);
801
-
const u32 *K = ctx->expkey;
802
-
const __le32 *s = (const __le32 *)src;
803
-
__le32 *d = (__le32 *)dst;
804
-
u32 L, R, A, B;
805
-
int i;
42
+
const struct des_ctx *dctx = crypto_tfm_ctx(tfm);
806
43
807
-
L = le32_to_cpu(s[0]);
808
-
R = le32_to_cpu(s[1]);
809
-
810
-
IP(L, R, A);
811
-
for (i = 0; i < 8; i++) {
812
-
ROUND(L, R, A, B, K, 2);
813
-
ROUND(R, L, A, B, K, 2);
814
-
}
815
-
FP(R, L, A);
816
-
817
-
d[0] = cpu_to_le32(R);
818
-
d[1] = cpu_to_le32(L);
44
+
des_encrypt(dctx, dst, src);
819
45
}
820
46
821
-
static void des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
47
+
static void crypto_des_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
822
48
{
823
-
struct des_ctx *ctx = crypto_tfm_ctx(tfm);
824
-
const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2;
825
-
const __le32 *s = (const __le32 *)src;
826
-
__le32 *d = (__le32 *)dst;
827
-
u32 L, R, A, B;
828
-
int i;
49
+
const struct des_ctx *dctx = crypto_tfm_ctx(tfm);
829
50
830
-
L = le32_to_cpu(s[0]);
831
-
R = le32_to_cpu(s[1]);
832
-
833
-
IP(L, R, A);
834
-
for (i = 0; i < 8; i++) {
835
-
ROUND(L, R, A, B, K, -2);
836
-
ROUND(R, L, A, B, K, -2);
837
-
}
838
-
FP(R, L, A);
839
-
840
-
d[0] = cpu_to_le32(R);
841
-
d[1] = cpu_to_le32(L);
51
+
des_decrypt(dctx, dst, src);
842
52
}
843
53
844
54
int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key,
···
68
858
unsigned int keylen)
69
859
{
70
860
struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm);
71
-
u32 *expkey = dctx->expkey;
72
861
int err;
73
862
74
-
err = crypto_des3_ede_verify_key(tfm, key);
75
-
if (err)
76
-
return err;
863
+
err = des3_ede_expand_key(dctx, key, keylen);
864
+
if (err == -ENOKEY) {
865
+
if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)
866
+
err = -EINVAL;
867
+
else
868
+
err = 0;
869
+
}
77
870
78
-
return __des3_ede_setkey(expkey, flags, key, keylen);
871
+
if (err) {
872
+
memset(dctx, 0, sizeof(*dctx));
873
+
crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
874
+
}
875
+
return err;
79
876
}
80
877
81
-
static void des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
878
+
static void crypto_des3_ede_encrypt(struct crypto_tfm *tfm, u8 *dst,
879
+
const u8 *src)
82
880
{
83
-
struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm);
84
-
const u32 *K = dctx->expkey;
85
-
const __le32 *s = (const __le32 *)src;
86
-
__le32 *d = (__le32 *)dst;
87
-
u32 L, R, A, B;
88
-
int i;
881
+
const struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm);
89
882
90
-
L = le32_to_cpu(s[0]);
91
-
R = le32_to_cpu(s[1]);
92
-
93
-
IP(L, R, A);
94
-
for (i = 0; i < 8; i++) {
95
-
ROUND(L, R, A, B, K, 2);
96
-
ROUND(R, L, A, B, K, 2);
97
-
}
98
-
for (i = 0; i < 8; i++) {
99
-
ROUND(R, L, A, B, K, 2);
100
-
ROUND(L, R, A, B, K, 2);
101
-
}
102
-
for (i = 0; i < 8; i++) {
103
-
ROUND(L, R, A, B, K, 2);
104
-
ROUND(R, L, A, B, K, 2);
105
-
}
106
-
FP(R, L, A);
107
-
108
-
d[0] = cpu_to_le32(R);
109
-
d[1] = cpu_to_le32(L);
883
+
des3_ede_encrypt(dctx, dst, src);
110
884
}
111
885
112
-
static void des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src)
886
+
static void crypto_des3_ede_decrypt(struct crypto_tfm *tfm, u8 *dst,
887
+
const u8 *src)
113
888
{
114
-
struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm);
115
-
const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2;
116
-
const __le32 *s = (const __le32 *)src;
117
-
__le32 *d = (__le32 *)dst;
118
-
u32 L, R, A, B;
119
-
int i;
889
+
const struct des3_ede_ctx *dctx = crypto_tfm_ctx(tfm);
120
890
121
-
L = le32_to_cpu(s[0]);
122
-
R = le32_to_cpu(s[1]);
123
-
124
-
IP(L, R, A);
125
-
for (i = 0; i < 8; i++) {
126
-
ROUND(L, R, A, B, K, -2);
127
-
ROUND(R, L, A, B, K, -2);
128
-
}
129
-
for (i = 0; i < 8; i++) {
130
-
ROUND(R, L, A, B, K, -2);
131
-
ROUND(L, R, A, B, K, -2);
132
-
}
133
-
for (i = 0; i < 8; i++) {
134
-
ROUND(L, R, A, B, K, -2);
135
-
ROUND(R, L, A, B, K, -2);
136
-
}
137
-
FP(R, L, A);
138
-
139
-
d[0] = cpu_to_le32(R);
140
-
d[1] = cpu_to_le32(L);
891
+
des3_ede_decrypt(dctx, dst, src);
141
892
}
142
893
143
894
static struct crypto_alg des_algs[2] = { {
···
109
938
.cra_blocksize = DES_BLOCK_SIZE,
110
939
.cra_ctxsize = sizeof(struct des_ctx),
111
940
.cra_module = THIS_MODULE,
112
-
.cra_alignmask = 3,
113
941
.cra_u = { .cipher = {
114
942
.cia_min_keysize = DES_KEY_SIZE,
115
943
.cia_max_keysize = DES_KEY_SIZE,
116
944
.cia_setkey = des_setkey,
117
-
.cia_encrypt = des_encrypt,
118
-
.cia_decrypt = des_decrypt } }
945
+
.cia_encrypt = crypto_des_encrypt,
946
+
.cia_decrypt = crypto_des_decrypt } }
119
947
}, {
120
948
.cra_name = "des3_ede",
121
949
.cra_driver_name = "des3_ede-generic",
···
123
953
.cra_blocksize = DES3_EDE_BLOCK_SIZE,
124
954
.cra_ctxsize = sizeof(struct des3_ede_ctx),
125
955
.cra_module = THIS_MODULE,
126
-
.cra_alignmask = 3,
127
956
.cra_u = { .cipher = {
128
957
.cia_min_keysize = DES3_EDE_KEY_SIZE,
129
958
.cia_max_keysize = DES3_EDE_KEY_SIZE,
130
959
.cia_setkey = des3_ede_setkey,
131
-
.cia_encrypt = des3_ede_encrypt,
132
-
.cia_decrypt = des3_ede_decrypt } }
960
+
.cia_encrypt = crypto_des3_ede_encrypt,
961
+
.cia_decrypt = crypto_des3_ede_decrypt } }
133
962
} };
134
963
135
964
static int __init des_generic_mod_init(void)
+14
-14
drivers/crypto/Kconfig
+14
-14
drivers/crypto/Kconfig
···
150
150
depends on S390
151
151
select CRYPTO_ALGAPI
152
152
select CRYPTO_BLKCIPHER
153
-
select CRYPTO_DES
153
+
select CRYPTO_LIB_DES
154
154
help
155
155
This is the s390 hardware accelerated implementation of the
156
156
DES cipher algorithm (FIPS 46-2), and Triple DES EDE (FIPS 46-3).
···
215
215
tristate "Marvell's Cryptographic Engine driver"
216
216
depends on PLAT_ORION || ARCH_MVEBU
217
217
select CRYPTO_LIB_AES
218
-
select CRYPTO_DES
218
+
select CRYPTO_LIB_DES
219
219
select CRYPTO_BLKCIPHER
220
220
select CRYPTO_HASH
221
221
select SRAM
···
227
227
228
228
config CRYPTO_DEV_NIAGARA2
229
229
tristate "Niagara2 Stream Processing Unit driver"
230
-
select CRYPTO_DES
230
+
select CRYPTO_LIB_DES
231
231
select CRYPTO_BLKCIPHER
232
232
select CRYPTO_HASH
233
233
select CRYPTO_MD5
···
244
244
245
245
config CRYPTO_DEV_HIFN_795X
246
246
tristate "Driver HIFN 795x crypto accelerator chips"
247
-
select CRYPTO_DES
247
+
select CRYPTO_LIB_DES
248
248
select CRYPTO_BLKCIPHER
249
249
select HW_RANDOM if CRYPTO_DEV_HIFN_795X_RNG
250
250
depends on PCI
···
300
300
config CRYPTO_DEV_IXP4XX
301
301
tristate "Driver for IXP4xx crypto hardware acceleration"
302
302
depends on ARCH_IXP4XX && IXP4XX_QMGR && IXP4XX_NPE
303
-
select CRYPTO_DES
303
+
select CRYPTO_LIB_DES
304
304
select CRYPTO_AEAD
305
305
select CRYPTO_AUTHENC
306
306
select CRYPTO_BLKCIPHER
···
366
366
config CRYPTO_DEV_OMAP_DES
367
367
tristate "Support for OMAP DES/3DES hw engine"
368
368
depends on ARCH_OMAP2PLUS
369
-
select CRYPTO_DES
369
+
select CRYPTO_LIB_DES
370
370
select CRYPTO_BLKCIPHER
371
371
select CRYPTO_ENGINE
372
372
help
···
384
384
select CRYPTO_AES
385
385
select CRYPTO_AUTHENC
386
386
select CRYPTO_BLKCIPHER
387
-
select CRYPTO_DES
387
+
select CRYPTO_LIB_DES
388
388
select CRYPTO_CBC
389
389
select CRYPTO_ECB
390
390
select CRYPTO_SEQIV
···
497
497
config CRYPTO_DEV_ATMEL_TDES
498
498
tristate "Support for Atmel DES/TDES hw accelerator"
499
499
depends on ARCH_AT91 || COMPILE_TEST
500
-
select CRYPTO_DES
500
+
select CRYPTO_LIB_DES
501
501
select CRYPTO_BLKCIPHER
502
502
help
503
503
Some Atmel processors have DES/TDES hw accelerator.
···
595
595
depends on ARCH_QCOM || COMPILE_TEST
596
596
depends on HAS_IOMEM
597
597
select CRYPTO_AES
598
-
select CRYPTO_DES
598
+
select CRYPTO_LIB_DES
599
599
select CRYPTO_ECB
600
600
select CRYPTO_CBC
601
601
select CRYPTO_XTS
···
643
643
select CRYPTO_MD5
644
644
select CRYPTO_SHA1
645
645
select CRYPTO_AES
646
-
select CRYPTO_DES
646
+
select CRYPTO_LIB_DES
647
647
select CRYPTO_BLKCIPHER
648
648
help
649
649
Some Allwinner SoC have a crypto accelerator named
···
666
666
tristate "Rockchip's Cryptographic Engine driver"
667
667
depends on OF && ARCH_ROCKCHIP
668
668
select CRYPTO_AES
669
-
select CRYPTO_DES
669
+
select CRYPTO_LIB_DES
670
670
select CRYPTO_MD5
671
671
select CRYPTO_SHA1
672
672
select CRYPTO_SHA256
···
703
703
depends on MAILBOX
704
704
default m
705
705
select CRYPTO_AUTHENC
706
-
select CRYPTO_DES
706
+
select CRYPTO_LIB_DES
707
707
select CRYPTO_MD5
708
708
select CRYPTO_SHA1
709
709
select CRYPTO_SHA256
···
722
722
select CRYPTO_LIB_AES
723
723
select CRYPTO_AUTHENC
724
724
select CRYPTO_BLKCIPHER
725
-
select CRYPTO_DES
725
+
select CRYPTO_LIB_DES
726
726
select CRYPTO_HASH
727
727
select CRYPTO_HMAC
728
728
select CRYPTO_MD5
···
760
760
default n
761
761
select CRYPTO_HASH
762
762
select CRYPTO_BLKCIPHER
763
-
select CRYPTO_DES
763
+
select CRYPTO_LIB_DES
764
764
select CRYPTO_AEAD
765
765
select CRYPTO_AUTHENC
766
766
select CRYPTO_SHA1
+1
-1
drivers/crypto/caam/Kconfig
+1
-1
drivers/crypto/caam/Kconfig
+1
-1
drivers/crypto/cavium/nitrox/Kconfig
+1
-1
drivers/crypto/cavium/nitrox/Kconfig
+1
-1
drivers/crypto/inside-secure/safexcel_cipher.c
+1
-1
drivers/crypto/inside-secure/safexcel_cipher.c
+1
-1
drivers/crypto/stm32/Kconfig
+1
-1
drivers/crypto/stm32/Kconfig
+1
-1
drivers/crypto/ux500/Kconfig
+1
-1
drivers/crypto/ux500/Kconfig
···
9
9
depends on CRYPTO_DEV_UX500
10
10
select CRYPTO_ALGAPI
11
11
select CRYPTO_BLKCIPHER
12
-
select CRYPTO_DES
12
+
select CRYPTO_LIB_DES
13
13
help
14
14
This selects the crypto driver for the UX500_CRYP hardware. It supports
15
15
AES-ECB, CBC and CTR with keys sizes of 128, 192 and 256 bit sizes.
+39
-4
include/crypto/des.h
+39
-4
include/crypto/des.h
···
6
6
#ifndef __CRYPTO_DES_H
7
7
#define __CRYPTO_DES_H
8
8
9
-
#include <crypto/skcipher.h>
10
-
#include <linux/compiler.h>
11
-
#include <linux/fips.h>
12
-
#include <linux/string.h>
9
+
#include <linux/types.h>
13
10
14
11
#define DES_KEY_SIZE 8
15
12
#define DES_EXPKEY_WORDS 32
···
15
18
#define DES3_EDE_KEY_SIZE (3 * DES_KEY_SIZE)
16
19
#define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS)
17
20
#define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE
21
+
22
+
struct des_ctx {
23
+
u32 expkey[DES_EXPKEY_WORDS];
24
+
};
25
+
26
+
struct des3_ede_ctx {
27
+
u32 expkey[DES3_EDE_EXPKEY_WORDS];
28
+
};
29
+
30
+
void des_encrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src);
31
+
void des_decrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src);
32
+
33
+
void des3_ede_encrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src);
34
+
void des3_ede_decrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src);
35
+
36
+
/**
37
+
* des_expand_key - Expand a DES input key into a key schedule
38
+
* @ctx: the key schedule
39
+
* @key: buffer containing the input key
40
+
* @len: size of the buffer contents
41
+
*
42
+
* Returns 0 on success, -EINVAL if the input key is rejected and -ENOKEY if
43
+
* the key is accepted but has been found to be weak.
44
+
*/
45
+
int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen);
46
+
47
+
/**
48
+
* des3_ede_expand_key - Expand a triple DES input key into a key schedule
49
+
* @ctx: the key schedule
50
+
* @key: buffer containing the input key
51
+
* @len: size of the buffer contents
52
+
*
53
+
* Returns 0 on success, -EINVAL if the input key is rejected and -ENOKEY if
54
+
* the key is accepted but has been found to be weak. Note that weak keys will
55
+
* be rejected (and -EINVAL will be returned) when running in FIPS mode.
56
+
*/
57
+
int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key,
58
+
unsigned int keylen);
18
59
19
60
extern int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key,
20
61
unsigned int keylen);
+40
-29
include/crypto/internal/des.h
+40
-29
include/crypto/internal/des.h
···
25
25
*/
26
26
static inline int crypto_des_verify_key(struct crypto_tfm *tfm, const u8 *key)
27
27
{
28
-
u32 tmp[DES_EXPKEY_WORDS];
29
-
int err = 0;
28
+
struct des_ctx tmp;
29
+
int err;
30
30
31
-
if (!(crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS))
32
-
return 0;
33
-
34
-
if (!des_ekey(tmp, key)) {
35
-
crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
36
-
err = -EINVAL;
31
+
err = des_expand_key(&tmp, key, DES_KEY_SIZE);
32
+
if (err == -ENOKEY) {
33
+
if (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)
34
+
err = -EINVAL;
35
+
else
36
+
err = 0;
37
37
}
38
38
39
-
memzero_explicit(tmp, sizeof(tmp));
39
+
if (err)
40
+
crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
41
+
42
+
memzero_explicit(&tmp, sizeof(tmp));
40
43
return err;
41
44
}
42
45
···
56
53
* property.
57
54
*
58
55
*/
56
+
static inline int des3_ede_verify_key(const u8 *key, unsigned int key_len,
57
+
bool check_weak)
58
+
{
59
+
int ret = fips_enabled ? -EINVAL : -ENOKEY;
60
+
u32 K[6];
61
+
62
+
memcpy(K, key, DES3_EDE_KEY_SIZE);
63
+
64
+
if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
65
+
!((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
66
+
(fips_enabled || check_weak))
67
+
goto bad;
68
+
69
+
if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled)
70
+
goto bad;
71
+
72
+
ret = 0;
73
+
bad:
74
+
memzero_explicit(K, DES3_EDE_KEY_SIZE);
75
+
76
+
return ret;
77
+
}
59
78
60
79
/**
61
80
* crypto_des3_ede_verify_key - Check whether a DES3-EDE key is weak
···
95
70
static inline int crypto_des3_ede_verify_key(struct crypto_tfm *tfm,
96
71
const u8 *key)
97
72
{
98
-
int err = -EINVAL;
99
-
u32 K[6];
73
+
int err;
100
74
101
-
memcpy(K, key, DES3_EDE_KEY_SIZE);
102
-
103
-
if ((!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
104
-
!((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
105
-
(fips_enabled || (crypto_tfm_get_flags(tfm) &
106
-
CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)))
107
-
goto bad;
108
-
109
-
if ((!((K[0] ^ K[4]) | (K[1] ^ K[5]))) && fips_enabled)
110
-
goto bad;
111
-
112
-
err = 0;
113
-
out:
114
-
memzero_explicit(K, DES3_EDE_KEY_SIZE);
75
+
err = des3_ede_verify_key(key, DES3_EDE_KEY_SIZE,
76
+
crypto_tfm_get_flags(tfm) &
77
+
CRYPTO_TFM_REQ_FORBID_WEAK_KEYS);
78
+
if (err)
79
+
crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
115
80
return err;
116
-
117
-
bad:
118
-
crypto_tfm_set_flags(tfm, CRYPTO_TFM_RES_WEAK_KEY);
119
-
goto out;
120
81
}
121
82
122
83
static inline int verify_skcipher_des_key(struct crypto_skcipher *tfm,
+3
lib/crypto/Makefile
+3
lib/crypto/Makefile
+902
lib/crypto/des.c
+902
lib/crypto/des.c
···
1
+
// SPDX-License-Identifier: GPL-2.0-or-later
2
+
/*
3
+
* Cryptographic API.
4
+
*
5
+
* DES & Triple DES EDE Cipher Algorithms.
6
+
*
7
+
* Copyright (c) 2005 Dag Arne Osvik <da@osvik.no>
8
+
*/
9
+
10
+
#include <linux/bitops.h>
11
+
#include <linux/compiler.h>
12
+
#include <linux/crypto.h>
13
+
#include <linux/errno.h>
14
+
#include <linux/fips.h>
15
+
#include <linux/init.h>
16
+
#include <linux/module.h>
17
+
#include <linux/string.h>
18
+
#include <linux/types.h>
19
+
20
+
#include <asm/unaligned.h>
21
+
22
+
#include <crypto/des.h>
23
+
#include <crypto/internal/des.h>
24
+
25
+
#define ROL(x, r) ((x) = rol32((x), (r)))
26
+
#define ROR(x, r) ((x) = ror32((x), (r)))
27
+
28
+
/* Lookup tables for key expansion */
29
+
30
+
static const u8 pc1[256] = {
31
+
0x00, 0x00, 0x40, 0x04, 0x10, 0x10, 0x50, 0x14,
32
+
0x04, 0x40, 0x44, 0x44, 0x14, 0x50, 0x54, 0x54,
33
+
0x02, 0x02, 0x42, 0x06, 0x12, 0x12, 0x52, 0x16,
34
+
0x06, 0x42, 0x46, 0x46, 0x16, 0x52, 0x56, 0x56,
35
+
0x80, 0x08, 0xc0, 0x0c, 0x90, 0x18, 0xd0, 0x1c,
36
+
0x84, 0x48, 0xc4, 0x4c, 0x94, 0x58, 0xd4, 0x5c,
37
+
0x82, 0x0a, 0xc2, 0x0e, 0x92, 0x1a, 0xd2, 0x1e,
38
+
0x86, 0x4a, 0xc6, 0x4e, 0x96, 0x5a, 0xd6, 0x5e,
39
+
0x20, 0x20, 0x60, 0x24, 0x30, 0x30, 0x70, 0x34,
40
+
0x24, 0x60, 0x64, 0x64, 0x34, 0x70, 0x74, 0x74,
41
+
0x22, 0x22, 0x62, 0x26, 0x32, 0x32, 0x72, 0x36,
42
+
0x26, 0x62, 0x66, 0x66, 0x36, 0x72, 0x76, 0x76,
43
+
0xa0, 0x28, 0xe0, 0x2c, 0xb0, 0x38, 0xf0, 0x3c,
44
+
0xa4, 0x68, 0xe4, 0x6c, 0xb4, 0x78, 0xf4, 0x7c,
45
+
0xa2, 0x2a, 0xe2, 0x2e, 0xb2, 0x3a, 0xf2, 0x3e,
46
+
0xa6, 0x6a, 0xe6, 0x6e, 0xb6, 0x7a, 0xf6, 0x7e,
47
+
0x08, 0x80, 0x48, 0x84, 0x18, 0x90, 0x58, 0x94,
48
+
0x0c, 0xc0, 0x4c, 0xc4, 0x1c, 0xd0, 0x5c, 0xd4,
49
+
0x0a, 0x82, 0x4a, 0x86, 0x1a, 0x92, 0x5a, 0x96,
50
+
0x0e, 0xc2, 0x4e, 0xc6, 0x1e, 0xd2, 0x5e, 0xd6,
51
+
0x88, 0x88, 0xc8, 0x8c, 0x98, 0x98, 0xd8, 0x9c,
52
+
0x8c, 0xc8, 0xcc, 0xcc, 0x9c, 0xd8, 0xdc, 0xdc,
53
+
0x8a, 0x8a, 0xca, 0x8e, 0x9a, 0x9a, 0xda, 0x9e,
54
+
0x8e, 0xca, 0xce, 0xce, 0x9e, 0xda, 0xde, 0xde,
55
+
0x28, 0xa0, 0x68, 0xa4, 0x38, 0xb0, 0x78, 0xb4,
56
+
0x2c, 0xe0, 0x6c, 0xe4, 0x3c, 0xf0, 0x7c, 0xf4,
57
+
0x2a, 0xa2, 0x6a, 0xa6, 0x3a, 0xb2, 0x7a, 0xb6,
58
+
0x2e, 0xe2, 0x6e, 0xe6, 0x3e, 0xf2, 0x7e, 0xf6,
59
+
0xa8, 0xa8, 0xe8, 0xac, 0xb8, 0xb8, 0xf8, 0xbc,
60
+
0xac, 0xe8, 0xec, 0xec, 0xbc, 0xf8, 0xfc, 0xfc,
61
+
0xaa, 0xaa, 0xea, 0xae, 0xba, 0xba, 0xfa, 0xbe,
62
+
0xae, 0xea, 0xee, 0xee, 0xbe, 0xfa, 0xfe, 0xfe
63
+
};
64
+
65
+
static const u8 rs[256] = {
66
+
0x00, 0x00, 0x80, 0x80, 0x02, 0x02, 0x82, 0x82,
67
+
0x04, 0x04, 0x84, 0x84, 0x06, 0x06, 0x86, 0x86,
68
+
0x08, 0x08, 0x88, 0x88, 0x0a, 0x0a, 0x8a, 0x8a,
69
+
0x0c, 0x0c, 0x8c, 0x8c, 0x0e, 0x0e, 0x8e, 0x8e,
70
+
0x10, 0x10, 0x90, 0x90, 0x12, 0x12, 0x92, 0x92,
71
+
0x14, 0x14, 0x94, 0x94, 0x16, 0x16, 0x96, 0x96,
72
+
0x18, 0x18, 0x98, 0x98, 0x1a, 0x1a, 0x9a, 0x9a,
73
+
0x1c, 0x1c, 0x9c, 0x9c, 0x1e, 0x1e, 0x9e, 0x9e,
74
+
0x20, 0x20, 0xa0, 0xa0, 0x22, 0x22, 0xa2, 0xa2,
75
+
0x24, 0x24, 0xa4, 0xa4, 0x26, 0x26, 0xa6, 0xa6,
76
+
0x28, 0x28, 0xa8, 0xa8, 0x2a, 0x2a, 0xaa, 0xaa,
77
+
0x2c, 0x2c, 0xac, 0xac, 0x2e, 0x2e, 0xae, 0xae,
78
+
0x30, 0x30, 0xb0, 0xb0, 0x32, 0x32, 0xb2, 0xb2,
79
+
0x34, 0x34, 0xb4, 0xb4, 0x36, 0x36, 0xb6, 0xb6,
80
+
0x38, 0x38, 0xb8, 0xb8, 0x3a, 0x3a, 0xba, 0xba,
81
+
0x3c, 0x3c, 0xbc, 0xbc, 0x3e, 0x3e, 0xbe, 0xbe,
82
+
0x40, 0x40, 0xc0, 0xc0, 0x42, 0x42, 0xc2, 0xc2,
83
+
0x44, 0x44, 0xc4, 0xc4, 0x46, 0x46, 0xc6, 0xc6,
84
+
0x48, 0x48, 0xc8, 0xc8, 0x4a, 0x4a, 0xca, 0xca,
85
+
0x4c, 0x4c, 0xcc, 0xcc, 0x4e, 0x4e, 0xce, 0xce,
86
+
0x50, 0x50, 0xd0, 0xd0, 0x52, 0x52, 0xd2, 0xd2,
87
+
0x54, 0x54, 0xd4, 0xd4, 0x56, 0x56, 0xd6, 0xd6,
88
+
0x58, 0x58, 0xd8, 0xd8, 0x5a, 0x5a, 0xda, 0xda,
89
+
0x5c, 0x5c, 0xdc, 0xdc, 0x5e, 0x5e, 0xde, 0xde,
90
+
0x60, 0x60, 0xe0, 0xe0, 0x62, 0x62, 0xe2, 0xe2,
91
+
0x64, 0x64, 0xe4, 0xe4, 0x66, 0x66, 0xe6, 0xe6,
92
+
0x68, 0x68, 0xe8, 0xe8, 0x6a, 0x6a, 0xea, 0xea,
93
+
0x6c, 0x6c, 0xec, 0xec, 0x6e, 0x6e, 0xee, 0xee,
94
+
0x70, 0x70, 0xf0, 0xf0, 0x72, 0x72, 0xf2, 0xf2,
95
+
0x74, 0x74, 0xf4, 0xf4, 0x76, 0x76, 0xf6, 0xf6,
96
+
0x78, 0x78, 0xf8, 0xf8, 0x7a, 0x7a, 0xfa, 0xfa,
97
+
0x7c, 0x7c, 0xfc, 0xfc, 0x7e, 0x7e, 0xfe, 0xfe
98
+
};
99
+
100
+
static const u32 pc2[1024] = {
101
+
0x00000000, 0x00000000, 0x00000000, 0x00000000,
102
+
0x00040000, 0x00000000, 0x04000000, 0x00100000,
103
+
0x00400000, 0x00000008, 0x00000800, 0x40000000,
104
+
0x00440000, 0x00000008, 0x04000800, 0x40100000,
105
+
0x00000400, 0x00000020, 0x08000000, 0x00000100,
106
+
0x00040400, 0x00000020, 0x0c000000, 0x00100100,
107
+
0x00400400, 0x00000028, 0x08000800, 0x40000100,
108
+
0x00440400, 0x00000028, 0x0c000800, 0x40100100,
109
+
0x80000000, 0x00000010, 0x00000000, 0x00800000,
110
+
0x80040000, 0x00000010, 0x04000000, 0x00900000,
111
+
0x80400000, 0x00000018, 0x00000800, 0x40800000,
112
+
0x80440000, 0x00000018, 0x04000800, 0x40900000,
113
+
0x80000400, 0x00000030, 0x08000000, 0x00800100,
114
+
0x80040400, 0x00000030, 0x0c000000, 0x00900100,
115
+
0x80400400, 0x00000038, 0x08000800, 0x40800100,
116
+
0x80440400, 0x00000038, 0x0c000800, 0x40900100,
117
+
0x10000000, 0x00000000, 0x00200000, 0x00001000,
118
+
0x10040000, 0x00000000, 0x04200000, 0x00101000,
119
+
0x10400000, 0x00000008, 0x00200800, 0x40001000,
120
+
0x10440000, 0x00000008, 0x04200800, 0x40101000,
121
+
0x10000400, 0x00000020, 0x08200000, 0x00001100,
122
+
0x10040400, 0x00000020, 0x0c200000, 0x00101100,
123
+
0x10400400, 0x00000028, 0x08200800, 0x40001100,
124
+
0x10440400, 0x00000028, 0x0c200800, 0x40101100,
125
+
0x90000000, 0x00000010, 0x00200000, 0x00801000,
126
+
0x90040000, 0x00000010, 0x04200000, 0x00901000,
127
+
0x90400000, 0x00000018, 0x00200800, 0x40801000,
128
+
0x90440000, 0x00000018, 0x04200800, 0x40901000,
129
+
0x90000400, 0x00000030, 0x08200000, 0x00801100,
130
+
0x90040400, 0x00000030, 0x0c200000, 0x00901100,
131
+
0x90400400, 0x00000038, 0x08200800, 0x40801100,
132
+
0x90440400, 0x00000038, 0x0c200800, 0x40901100,
133
+
0x00000200, 0x00080000, 0x00000000, 0x00000004,
134
+
0x00040200, 0x00080000, 0x04000000, 0x00100004,
135
+
0x00400200, 0x00080008, 0x00000800, 0x40000004,
136
+
0x00440200, 0x00080008, 0x04000800, 0x40100004,
137
+
0x00000600, 0x00080020, 0x08000000, 0x00000104,
138
+
0x00040600, 0x00080020, 0x0c000000, 0x00100104,
139
+
0x00400600, 0x00080028, 0x08000800, 0x40000104,
140
+
0x00440600, 0x00080028, 0x0c000800, 0x40100104,
141
+
0x80000200, 0x00080010, 0x00000000, 0x00800004,
142
+
0x80040200, 0x00080010, 0x04000000, 0x00900004,
143
+
0x80400200, 0x00080018, 0x00000800, 0x40800004,
144
+
0x80440200, 0x00080018, 0x04000800, 0x40900004,
145
+
0x80000600, 0x00080030, 0x08000000, 0x00800104,
146
+
0x80040600, 0x00080030, 0x0c000000, 0x00900104,
147
+
0x80400600, 0x00080038, 0x08000800, 0x40800104,
148
+
0x80440600, 0x00080038, 0x0c000800, 0x40900104,
149
+
0x10000200, 0x00080000, 0x00200000, 0x00001004,
150
+
0x10040200, 0x00080000, 0x04200000, 0x00101004,
151
+
0x10400200, 0x00080008, 0x00200800, 0x40001004,
152
+
0x10440200, 0x00080008, 0x04200800, 0x40101004,
153
+
0x10000600, 0x00080020, 0x08200000, 0x00001104,
154
+
0x10040600, 0x00080020, 0x0c200000, 0x00101104,
155
+
0x10400600, 0x00080028, 0x08200800, 0x40001104,
156
+
0x10440600, 0x00080028, 0x0c200800, 0x40101104,
157
+
0x90000200, 0x00080010, 0x00200000, 0x00801004,
158
+
0x90040200, 0x00080010, 0x04200000, 0x00901004,
159
+
0x90400200, 0x00080018, 0x00200800, 0x40801004,
160
+
0x90440200, 0x00080018, 0x04200800, 0x40901004,
161
+
0x90000600, 0x00080030, 0x08200000, 0x00801104,
162
+
0x90040600, 0x00080030, 0x0c200000, 0x00901104,
163
+
0x90400600, 0x00080038, 0x08200800, 0x40801104,
164
+
0x90440600, 0x00080038, 0x0c200800, 0x40901104,
165
+
0x00000002, 0x00002000, 0x20000000, 0x00000001,
166
+
0x00040002, 0x00002000, 0x24000000, 0x00100001,
167
+
0x00400002, 0x00002008, 0x20000800, 0x40000001,
168
+
0x00440002, 0x00002008, 0x24000800, 0x40100001,
169
+
0x00000402, 0x00002020, 0x28000000, 0x00000101,
170
+
0x00040402, 0x00002020, 0x2c000000, 0x00100101,
171
+
0x00400402, 0x00002028, 0x28000800, 0x40000101,
172
+
0x00440402, 0x00002028, 0x2c000800, 0x40100101,
173
+
0x80000002, 0x00002010, 0x20000000, 0x00800001,
174
+
0x80040002, 0x00002010, 0x24000000, 0x00900001,
175
+
0x80400002, 0x00002018, 0x20000800, 0x40800001,
176
+
0x80440002, 0x00002018, 0x24000800, 0x40900001,
177
+
0x80000402, 0x00002030, 0x28000000, 0x00800101,
178
+
0x80040402, 0x00002030, 0x2c000000, 0x00900101,
179
+
0x80400402, 0x00002038, 0x28000800, 0x40800101,
180
+
0x80440402, 0x00002038, 0x2c000800, 0x40900101,
181
+
0x10000002, 0x00002000, 0x20200000, 0x00001001,
182
+
0x10040002, 0x00002000, 0x24200000, 0x00101001,
183
+
0x10400002, 0x00002008, 0x20200800, 0x40001001,
184
+
0x10440002, 0x00002008, 0x24200800, 0x40101001,
185
+
0x10000402, 0x00002020, 0x28200000, 0x00001101,
186
+
0x10040402, 0x00002020, 0x2c200000, 0x00101101,
187
+
0x10400402, 0x00002028, 0x28200800, 0x40001101,
188
+
0x10440402, 0x00002028, 0x2c200800, 0x40101101,
189
+
0x90000002, 0x00002010, 0x20200000, 0x00801001,
190
+
0x90040002, 0x00002010, 0x24200000, 0x00901001,
191
+
0x90400002, 0x00002018, 0x20200800, 0x40801001,
192
+
0x90440002, 0x00002018, 0x24200800, 0x40901001,
193
+
0x90000402, 0x00002030, 0x28200000, 0x00801101,
194
+
0x90040402, 0x00002030, 0x2c200000, 0x00901101,
195
+
0x90400402, 0x00002038, 0x28200800, 0x40801101,
196
+
0x90440402, 0x00002038, 0x2c200800, 0x40901101,
197
+
0x00000202, 0x00082000, 0x20000000, 0x00000005,
198
+
0x00040202, 0x00082000, 0x24000000, 0x00100005,
199
+
0x00400202, 0x00082008, 0x20000800, 0x40000005,
200
+
0x00440202, 0x00082008, 0x24000800, 0x40100005,
201
+
0x00000602, 0x00082020, 0x28000000, 0x00000105,
202
+
0x00040602, 0x00082020, 0x2c000000, 0x00100105,
203
+
0x00400602, 0x00082028, 0x28000800, 0x40000105,
204
+
0x00440602, 0x00082028, 0x2c000800, 0x40100105,
205
+
0x80000202, 0x00082010, 0x20000000, 0x00800005,
206
+
0x80040202, 0x00082010, 0x24000000, 0x00900005,
207
+
0x80400202, 0x00082018, 0x20000800, 0x40800005,
208
+
0x80440202, 0x00082018, 0x24000800, 0x40900005,
209
+
0x80000602, 0x00082030, 0x28000000, 0x00800105,
210
+
0x80040602, 0x00082030, 0x2c000000, 0x00900105,
211
+
0x80400602, 0x00082038, 0x28000800, 0x40800105,
212
+
0x80440602, 0x00082038, 0x2c000800, 0x40900105,
213
+
0x10000202, 0x00082000, 0x20200000, 0x00001005,
214
+
0x10040202, 0x00082000, 0x24200000, 0x00101005,
215
+
0x10400202, 0x00082008, 0x20200800, 0x40001005,
216
+
0x10440202, 0x00082008, 0x24200800, 0x40101005,
217
+
0x10000602, 0x00082020, 0x28200000, 0x00001105,
218
+
0x10040602, 0x00082020, 0x2c200000, 0x00101105,
219
+
0x10400602, 0x00082028, 0x28200800, 0x40001105,
220
+
0x10440602, 0x00082028, 0x2c200800, 0x40101105,
221
+
0x90000202, 0x00082010, 0x20200000, 0x00801005,
222
+
0x90040202, 0x00082010, 0x24200000, 0x00901005,
223
+
0x90400202, 0x00082018, 0x20200800, 0x40801005,
224
+
0x90440202, 0x00082018, 0x24200800, 0x40901005,
225
+
0x90000602, 0x00082030, 0x28200000, 0x00801105,
226
+
0x90040602, 0x00082030, 0x2c200000, 0x00901105,
227
+
0x90400602, 0x00082038, 0x28200800, 0x40801105,
228
+
0x90440602, 0x00082038, 0x2c200800, 0x40901105,
229
+
230
+
0x00000000, 0x00000000, 0x00000000, 0x00000000,
231
+
0x00000000, 0x00000008, 0x00080000, 0x10000000,
232
+
0x02000000, 0x00000000, 0x00000080, 0x00001000,
233
+
0x02000000, 0x00000008, 0x00080080, 0x10001000,
234
+
0x00004000, 0x00000000, 0x00000040, 0x00040000,
235
+
0x00004000, 0x00000008, 0x00080040, 0x10040000,
236
+
0x02004000, 0x00000000, 0x000000c0, 0x00041000,
237
+
0x02004000, 0x00000008, 0x000800c0, 0x10041000,
238
+
0x00020000, 0x00008000, 0x08000000, 0x00200000,
239
+
0x00020000, 0x00008008, 0x08080000, 0x10200000,
240
+
0x02020000, 0x00008000, 0x08000080, 0x00201000,
241
+
0x02020000, 0x00008008, 0x08080080, 0x10201000,
242
+
0x00024000, 0x00008000, 0x08000040, 0x00240000,
243
+
0x00024000, 0x00008008, 0x08080040, 0x10240000,
244
+
0x02024000, 0x00008000, 0x080000c0, 0x00241000,
245
+
0x02024000, 0x00008008, 0x080800c0, 0x10241000,
246
+
0x00000000, 0x01000000, 0x00002000, 0x00000020,
247
+
0x00000000, 0x01000008, 0x00082000, 0x10000020,
248
+
0x02000000, 0x01000000, 0x00002080, 0x00001020,
249
+
0x02000000, 0x01000008, 0x00082080, 0x10001020,
250
+
0x00004000, 0x01000000, 0x00002040, 0x00040020,
251
+
0x00004000, 0x01000008, 0x00082040, 0x10040020,
252
+
0x02004000, 0x01000000, 0x000020c0, 0x00041020,
253
+
0x02004000, 0x01000008, 0x000820c0, 0x10041020,
254
+
0x00020000, 0x01008000, 0x08002000, 0x00200020,
255
+
0x00020000, 0x01008008, 0x08082000, 0x10200020,
256
+
0x02020000, 0x01008000, 0x08002080, 0x00201020,
257
+
0x02020000, 0x01008008, 0x08082080, 0x10201020,
258
+
0x00024000, 0x01008000, 0x08002040, 0x00240020,
259
+
0x00024000, 0x01008008, 0x08082040, 0x10240020,
260
+
0x02024000, 0x01008000, 0x080020c0, 0x00241020,
261
+
0x02024000, 0x01008008, 0x080820c0, 0x10241020,
262
+
0x00000400, 0x04000000, 0x00100000, 0x00000004,
263
+
0x00000400, 0x04000008, 0x00180000, 0x10000004,
264
+
0x02000400, 0x04000000, 0x00100080, 0x00001004,
265
+
0x02000400, 0x04000008, 0x00180080, 0x10001004,
266
+
0x00004400, 0x04000000, 0x00100040, 0x00040004,
267
+
0x00004400, 0x04000008, 0x00180040, 0x10040004,
268
+
0x02004400, 0x04000000, 0x001000c0, 0x00041004,
269
+
0x02004400, 0x04000008, 0x001800c0, 0x10041004,
270
+
0x00020400, 0x04008000, 0x08100000, 0x00200004,
271
+
0x00020400, 0x04008008, 0x08180000, 0x10200004,
272
+
0x02020400, 0x04008000, 0x08100080, 0x00201004,
273
+
0x02020400, 0x04008008, 0x08180080, 0x10201004,
274
+
0x00024400, 0x04008000, 0x08100040, 0x00240004,
275
+
0x00024400, 0x04008008, 0x08180040, 0x10240004,
276
+
0x02024400, 0x04008000, 0x081000c0, 0x00241004,
277
+
0x02024400, 0x04008008, 0x081800c0, 0x10241004,
278
+
0x00000400, 0x05000000, 0x00102000, 0x00000024,
279
+
0x00000400, 0x05000008, 0x00182000, 0x10000024,
280
+
0x02000400, 0x05000000, 0x00102080, 0x00001024,
281
+
0x02000400, 0x05000008, 0x00182080, 0x10001024,
282
+
0x00004400, 0x05000000, 0x00102040, 0x00040024,
283
+
0x00004400, 0x05000008, 0x00182040, 0x10040024,
284
+
0x02004400, 0x05000000, 0x001020c0, 0x00041024,
285
+
0x02004400, 0x05000008, 0x001820c0, 0x10041024,
286
+
0x00020400, 0x05008000, 0x08102000, 0x00200024,
287
+
0x00020400, 0x05008008, 0x08182000, 0x10200024,
288
+
0x02020400, 0x05008000, 0x08102080, 0x00201024,
289
+
0x02020400, 0x05008008, 0x08182080, 0x10201024,
290
+
0x00024400, 0x05008000, 0x08102040, 0x00240024,
291
+
0x00024400, 0x05008008, 0x08182040, 0x10240024,
292
+
0x02024400, 0x05008000, 0x081020c0, 0x00241024,
293
+
0x02024400, 0x05008008, 0x081820c0, 0x10241024,
294
+
0x00000800, 0x00010000, 0x20000000, 0x00000010,
295
+
0x00000800, 0x00010008, 0x20080000, 0x10000010,
296
+
0x02000800, 0x00010000, 0x20000080, 0x00001010,
297
+
0x02000800, 0x00010008, 0x20080080, 0x10001010,
298
+
0x00004800, 0x00010000, 0x20000040, 0x00040010,
299
+
0x00004800, 0x00010008, 0x20080040, 0x10040010,
300
+
0x02004800, 0x00010000, 0x200000c0, 0x00041010,
301
+
0x02004800, 0x00010008, 0x200800c0, 0x10041010,
302
+
0x00020800, 0x00018000, 0x28000000, 0x00200010,
303
+
0x00020800, 0x00018008, 0x28080000, 0x10200010,
304
+
0x02020800, 0x00018000, 0x28000080, 0x00201010,
305
+
0x02020800, 0x00018008, 0x28080080, 0x10201010,
306
+
0x00024800, 0x00018000, 0x28000040, 0x00240010,
307
+
0x00024800, 0x00018008, 0x28080040, 0x10240010,
308
+
0x02024800, 0x00018000, 0x280000c0, 0x00241010,
309
+
0x02024800, 0x00018008, 0x280800c0, 0x10241010,
310
+
0x00000800, 0x01010000, 0x20002000, 0x00000030,
311
+
0x00000800, 0x01010008, 0x20082000, 0x10000030,
312
+
0x02000800, 0x01010000, 0x20002080, 0x00001030,
313
+
0x02000800, 0x01010008, 0x20082080, 0x10001030,
314
+
0x00004800, 0x01010000, 0x20002040, 0x00040030,
315
+
0x00004800, 0x01010008, 0x20082040, 0x10040030,
316
+
0x02004800, 0x01010000, 0x200020c0, 0x00041030,
317
+
0x02004800, 0x01010008, 0x200820c0, 0x10041030,
318
+
0x00020800, 0x01018000, 0x28002000, 0x00200030,
319
+
0x00020800, 0x01018008, 0x28082000, 0x10200030,
320
+
0x02020800, 0x01018000, 0x28002080, 0x00201030,
321
+
0x02020800, 0x01018008, 0x28082080, 0x10201030,
322
+
0x00024800, 0x01018000, 0x28002040, 0x00240030,
323
+
0x00024800, 0x01018008, 0x28082040, 0x10240030,
324
+
0x02024800, 0x01018000, 0x280020c0, 0x00241030,
325
+
0x02024800, 0x01018008, 0x280820c0, 0x10241030,
326
+
0x00000c00, 0x04010000, 0x20100000, 0x00000014,
327
+
0x00000c00, 0x04010008, 0x20180000, 0x10000014,
328
+
0x02000c00, 0x04010000, 0x20100080, 0x00001014,
329
+
0x02000c00, 0x04010008, 0x20180080, 0x10001014,
330
+
0x00004c00, 0x04010000, 0x20100040, 0x00040014,
331
+
0x00004c00, 0x04010008, 0x20180040, 0x10040014,
332
+
0x02004c00, 0x04010000, 0x201000c0, 0x00041014,
333
+
0x02004c00, 0x04010008, 0x201800c0, 0x10041014,
334
+
0x00020c00, 0x04018000, 0x28100000, 0x00200014,
335
+
0x00020c00, 0x04018008, 0x28180000, 0x10200014,
336
+
0x02020c00, 0x04018000, 0x28100080, 0x00201014,
337
+
0x02020c00, 0x04018008, 0x28180080, 0x10201014,
338
+
0x00024c00, 0x04018000, 0x28100040, 0x00240014,
339
+
0x00024c00, 0x04018008, 0x28180040, 0x10240014,
340
+
0x02024c00, 0x04018000, 0x281000c0, 0x00241014,
341
+
0x02024c00, 0x04018008, 0x281800c0, 0x10241014,
342
+
0x00000c00, 0x05010000, 0x20102000, 0x00000034,
343
+
0x00000c00, 0x05010008, 0x20182000, 0x10000034,
344
+
0x02000c00, 0x05010000, 0x20102080, 0x00001034,
345
+
0x02000c00, 0x05010008, 0x20182080, 0x10001034,
346
+
0x00004c00, 0x05010000, 0x20102040, 0x00040034,
347
+
0x00004c00, 0x05010008, 0x20182040, 0x10040034,
348
+
0x02004c00, 0x05010000, 0x201020c0, 0x00041034,
349
+
0x02004c00, 0x05010008, 0x201820c0, 0x10041034,
350
+
0x00020c00, 0x05018000, 0x28102000, 0x00200034,
351
+
0x00020c00, 0x05018008, 0x28182000, 0x10200034,
352
+
0x02020c00, 0x05018000, 0x28102080, 0x00201034,
353
+
0x02020c00, 0x05018008, 0x28182080, 0x10201034,
354
+
0x00024c00, 0x05018000, 0x28102040, 0x00240034,
355
+
0x00024c00, 0x05018008, 0x28182040, 0x10240034,
356
+
0x02024c00, 0x05018000, 0x281020c0, 0x00241034,
357
+
0x02024c00, 0x05018008, 0x281820c0, 0x10241034
358
+
};
359
+
360
+
/* S-box lookup tables */
361
+
362
+
static const u32 S1[64] = {
363
+
0x01010400, 0x00000000, 0x00010000, 0x01010404,
364
+
0x01010004, 0x00010404, 0x00000004, 0x00010000,
365
+
0x00000400, 0x01010400, 0x01010404, 0x00000400,
366
+
0x01000404, 0x01010004, 0x01000000, 0x00000004,
367
+
0x00000404, 0x01000400, 0x01000400, 0x00010400,
368
+
0x00010400, 0x01010000, 0x01010000, 0x01000404,
369
+
0x00010004, 0x01000004, 0x01000004, 0x00010004,
370
+
0x00000000, 0x00000404, 0x00010404, 0x01000000,
371
+
0x00010000, 0x01010404, 0x00000004, 0x01010000,
372
+
0x01010400, 0x01000000, 0x01000000, 0x00000400,
373
+
0x01010004, 0x00010000, 0x00010400, 0x01000004,
374
+
0x00000400, 0x00000004, 0x01000404, 0x00010404,
375
+
0x01010404, 0x00010004, 0x01010000, 0x01000404,
376
+
0x01000004, 0x00000404, 0x00010404, 0x01010400,
377
+
0x00000404, 0x01000400, 0x01000400, 0x00000000,
378
+
0x00010004, 0x00010400, 0x00000000, 0x01010004
379
+
};
380
+
381
+
static const u32 S2[64] = {
382
+
0x80108020, 0x80008000, 0x00008000, 0x00108020,
383
+
0x00100000, 0x00000020, 0x80100020, 0x80008020,
384
+
0x80000020, 0x80108020, 0x80108000, 0x80000000,
385
+
0x80008000, 0x00100000, 0x00000020, 0x80100020,
386
+
0x00108000, 0x00100020, 0x80008020, 0x00000000,
387
+
0x80000000, 0x00008000, 0x00108020, 0x80100000,
388
+
0x00100020, 0x80000020, 0x00000000, 0x00108000,
389
+
0x00008020, 0x80108000, 0x80100000, 0x00008020,
390
+
0x00000000, 0x00108020, 0x80100020, 0x00100000,
391
+
0x80008020, 0x80100000, 0x80108000, 0x00008000,
392
+
0x80100000, 0x80008000, 0x00000020, 0x80108020,
393
+
0x00108020, 0x00000020, 0x00008000, 0x80000000,
394
+
0x00008020, 0x80108000, 0x00100000, 0x80000020,
395
+
0x00100020, 0x80008020, 0x80000020, 0x00100020,
396
+
0x00108000, 0x00000000, 0x80008000, 0x00008020,
397
+
0x80000000, 0x80100020, 0x80108020, 0x00108000
398
+
};
399
+
400
+
static const u32 S3[64] = {
401
+
0x00000208, 0x08020200, 0x00000000, 0x08020008,
402
+
0x08000200, 0x00000000, 0x00020208, 0x08000200,
403
+
0x00020008, 0x08000008, 0x08000008, 0x00020000,
404
+
0x08020208, 0x00020008, 0x08020000, 0x00000208,
405
+
0x08000000, 0x00000008, 0x08020200, 0x00000200,
406
+
0x00020200, 0x08020000, 0x08020008, 0x00020208,
407
+
0x08000208, 0x00020200, 0x00020000, 0x08000208,
408
+
0x00000008, 0x08020208, 0x00000200, 0x08000000,
409
+
0x08020200, 0x08000000, 0x00020008, 0x00000208,
410
+
0x00020000, 0x08020200, 0x08000200, 0x00000000,
411
+
0x00000200, 0x00020008, 0x08020208, 0x08000200,
412
+
0x08000008, 0x00000200, 0x00000000, 0x08020008,
413
+
0x08000208, 0x00020000, 0x08000000, 0x08020208,
414
+
0x00000008, 0x00020208, 0x00020200, 0x08000008,
415
+
0x08020000, 0x08000208, 0x00000208, 0x08020000,
416
+
0x00020208, 0x00000008, 0x08020008, 0x00020200
417
+
};
418
+
419
+
static const u32 S4[64] = {
420
+
0x00802001, 0x00002081, 0x00002081, 0x00000080,
421
+
0x00802080, 0x00800081, 0x00800001, 0x00002001,
422
+
0x00000000, 0x00802000, 0x00802000, 0x00802081,
423
+
0x00000081, 0x00000000, 0x00800080, 0x00800001,
424
+
0x00000001, 0x00002000, 0x00800000, 0x00802001,
425
+
0x00000080, 0x00800000, 0x00002001, 0x00002080,
426
+
0x00800081, 0x00000001, 0x00002080, 0x00800080,
427
+
0x00002000, 0x00802080, 0x00802081, 0x00000081,
428
+
0x00800080, 0x00800001, 0x00802000, 0x00802081,
429
+
0x00000081, 0x00000000, 0x00000000, 0x00802000,
430
+
0x00002080, 0x00800080, 0x00800081, 0x00000001,
431
+
0x00802001, 0x00002081, 0x00002081, 0x00000080,
432
+
0x00802081, 0x00000081, 0x00000001, 0x00002000,
433
+
0x00800001, 0x00002001, 0x00802080, 0x00800081,
434
+
0x00002001, 0x00002080, 0x00800000, 0x00802001,
435
+
0x00000080, 0x00800000, 0x00002000, 0x00802080
436
+
};
437
+
438
+
static const u32 S5[64] = {
439
+
0x00000100, 0x02080100, 0x02080000, 0x42000100,
440
+
0x00080000, 0x00000100, 0x40000000, 0x02080000,
441
+
0x40080100, 0x00080000, 0x02000100, 0x40080100,
442
+
0x42000100, 0x42080000, 0x00080100, 0x40000000,
443
+
0x02000000, 0x40080000, 0x40080000, 0x00000000,
444
+
0x40000100, 0x42080100, 0x42080100, 0x02000100,
445
+
0x42080000, 0x40000100, 0x00000000, 0x42000000,
446
+
0x02080100, 0x02000000, 0x42000000, 0x00080100,
447
+
0x00080000, 0x42000100, 0x00000100, 0x02000000,
448
+
0x40000000, 0x02080000, 0x42000100, 0x40080100,
449
+
0x02000100, 0x40000000, 0x42080000, 0x02080100,
450
+
0x40080100, 0x00000100, 0x02000000, 0x42080000,
451
+
0x42080100, 0x00080100, 0x42000000, 0x42080100,
452
+
0x02080000, 0x00000000, 0x40080000, 0x42000000,
453
+
0x00080100, 0x02000100, 0x40000100, 0x00080000,
454
+
0x00000000, 0x40080000, 0x02080100, 0x40000100
455
+
};
456
+
457
+
static const u32 S6[64] = {
458
+
0x20000010, 0x20400000, 0x00004000, 0x20404010,
459
+
0x20400000, 0x00000010, 0x20404010, 0x00400000,
460
+
0x20004000, 0x00404010, 0x00400000, 0x20000010,
461
+
0x00400010, 0x20004000, 0x20000000, 0x00004010,
462
+
0x00000000, 0x00400010, 0x20004010, 0x00004000,
463
+
0x00404000, 0x20004010, 0x00000010, 0x20400010,
464
+
0x20400010, 0x00000000, 0x00404010, 0x20404000,
465
+
0x00004010, 0x00404000, 0x20404000, 0x20000000,
466
+
0x20004000, 0x00000010, 0x20400010, 0x00404000,
467
+
0x20404010, 0x00400000, 0x00004010, 0x20000010,
468
+
0x00400000, 0x20004000, 0x20000000, 0x00004010,
469
+
0x20000010, 0x20404010, 0x00404000, 0x20400000,
470
+
0x00404010, 0x20404000, 0x00000000, 0x20400010,
471
+
0x00000010, 0x00004000, 0x20400000, 0x00404010,
472
+
0x00004000, 0x00400010, 0x20004010, 0x00000000,
473
+
0x20404000, 0x20000000, 0x00400010, 0x20004010
474
+
};
475
+
476
+
static const u32 S7[64] = {
477
+
0x00200000, 0x04200002, 0x04000802, 0x00000000,
478
+
0x00000800, 0x04000802, 0x00200802, 0x04200800,
479
+
0x04200802, 0x00200000, 0x00000000, 0x04000002,
480
+
0x00000002, 0x04000000, 0x04200002, 0x00000802,
481
+
0x04000800, 0x00200802, 0x00200002, 0x04000800,
482
+
0x04000002, 0x04200000, 0x04200800, 0x00200002,
483
+
0x04200000, 0x00000800, 0x00000802, 0x04200802,
484
+
0x00200800, 0x00000002, 0x04000000, 0x00200800,
485
+
0x04000000, 0x00200800, 0x00200000, 0x04000802,
486
+
0x04000802, 0x04200002, 0x04200002, 0x00000002,
487
+
0x00200002, 0x04000000, 0x04000800, 0x00200000,
488
+
0x04200800, 0x00000802, 0x00200802, 0x04200800,
489
+
0x00000802, 0x04000002, 0x04200802, 0x04200000,
490
+
0x00200800, 0x00000000, 0x00000002, 0x04200802,
491
+
0x00000000, 0x00200802, 0x04200000, 0x00000800,
492
+
0x04000002, 0x04000800, 0x00000800, 0x00200002
493
+
};
494
+
495
+
static const u32 S8[64] = {
496
+
0x10001040, 0x00001000, 0x00040000, 0x10041040,
497
+
0x10000000, 0x10001040, 0x00000040, 0x10000000,
498
+
0x00040040, 0x10040000, 0x10041040, 0x00041000,
499
+
0x10041000, 0x00041040, 0x00001000, 0x00000040,
500
+
0x10040000, 0x10000040, 0x10001000, 0x00001040,
501
+
0x00041000, 0x00040040, 0x10040040, 0x10041000,
502
+
0x00001040, 0x00000000, 0x00000000, 0x10040040,
503
+
0x10000040, 0x10001000, 0x00041040, 0x00040000,
504
+
0x00041040, 0x00040000, 0x10041000, 0x00001000,
505
+
0x00000040, 0x10040040, 0x00001000, 0x00041040,
506
+
0x10001000, 0x00000040, 0x10000040, 0x10040000,
507
+
0x10040040, 0x10000000, 0x00040000, 0x10001040,
508
+
0x00000000, 0x10041040, 0x00040040, 0x10000040,
509
+
0x10040000, 0x10001000, 0x10001040, 0x00000000,
510
+
0x10041040, 0x00041000, 0x00041000, 0x00001040,
511
+
0x00001040, 0x00040040, 0x10000000, 0x10041000
512
+
};
513
+
514
+
/* Encryption components: IP, FP, and round function */
515
+
516
+
#define IP(L, R, T) \
517
+
ROL(R, 4); \
518
+
T = L; \
519
+
L ^= R; \
520
+
L &= 0xf0f0f0f0; \
521
+
R ^= L; \
522
+
L ^= T; \
523
+
ROL(R, 12); \
524
+
T = L; \
525
+
L ^= R; \
526
+
L &= 0xffff0000; \
527
+
R ^= L; \
528
+
L ^= T; \
529
+
ROR(R, 14); \
530
+
T = L; \
531
+
L ^= R; \
532
+
L &= 0xcccccccc; \
533
+
R ^= L; \
534
+
L ^= T; \
535
+
ROL(R, 6); \
536
+
T = L; \
537
+
L ^= R; \
538
+
L &= 0xff00ff00; \
539
+
R ^= L; \
540
+
L ^= T; \
541
+
ROR(R, 7); \
542
+
T = L; \
543
+
L ^= R; \
544
+
L &= 0xaaaaaaaa; \
545
+
R ^= L; \
546
+
L ^= T; \
547
+
ROL(L, 1);
548
+
549
+
#define FP(L, R, T) \
550
+
ROR(L, 1); \
551
+
T = L; \
552
+
L ^= R; \
553
+
L &= 0xaaaaaaaa; \
554
+
R ^= L; \
555
+
L ^= T; \
556
+
ROL(R, 7); \
557
+
T = L; \
558
+
L ^= R; \
559
+
L &= 0xff00ff00; \
560
+
R ^= L; \
561
+
L ^= T; \
562
+
ROR(R, 6); \
563
+
T = L; \
564
+
L ^= R; \
565
+
L &= 0xcccccccc; \
566
+
R ^= L; \
567
+
L ^= T; \
568
+
ROL(R, 14); \
569
+
T = L; \
570
+
L ^= R; \
571
+
L &= 0xffff0000; \
572
+
R ^= L; \
573
+
L ^= T; \
574
+
ROR(R, 12); \
575
+
T = L; \
576
+
L ^= R; \
577
+
L &= 0xf0f0f0f0; \
578
+
R ^= L; \
579
+
L ^= T; \
580
+
ROR(R, 4);
581
+
582
+
#define ROUND(L, R, A, B, K, d) \
583
+
B = K[0]; A = K[1]; K += d; \
584
+
B ^= R; A ^= R; \
585
+
B &= 0x3f3f3f3f; ROR(A, 4); \
586
+
L ^= S8[0xff & B]; A &= 0x3f3f3f3f; \
587
+
L ^= S6[0xff & (B >> 8)]; B >>= 16; \
588
+
L ^= S7[0xff & A]; \
589
+
L ^= S5[0xff & (A >> 8)]; A >>= 16; \
590
+
L ^= S4[0xff & B]; \
591
+
L ^= S2[0xff & (B >> 8)]; \
592
+
L ^= S3[0xff & A]; \
593
+
L ^= S1[0xff & (A >> 8)];
594
+
595
+
/*
596
+
* PC2 lookup tables are organized as 2 consecutive sets of 4 interleaved
597
+
* tables of 128 elements. One set is for C_i and the other for D_i, while
598
+
* the 4 interleaved tables correspond to four 7-bit subsets of C_i or D_i.
599
+
*
600
+
* After PC1 each of the variables a,b,c,d contains a 7 bit subset of C_i
601
+
* or D_i in bits 7-1 (bit 0 being the least significant).
602
+
*/
603
+
604
+
#define T1(x) pt[2 * (x) + 0]
605
+
#define T2(x) pt[2 * (x) + 1]
606
+
#define T3(x) pt[2 * (x) + 2]
607
+
#define T4(x) pt[2 * (x) + 3]
608
+
609
+
#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a))
610
+
611
+
/*
612
+
* Encryption key expansion
613
+
*
614
+
* RFC2451: Weak key checks SHOULD be performed.
615
+
*
616
+
* FIPS 74:
617
+
*
618
+
* Keys having duals are keys which produce all zeros, all ones, or
619
+
* alternating zero-one patterns in the C and D registers after Permuted
620
+
* Choice 1 has operated on the key.
621
+
*
622
+
*/
623
+
static unsigned long des_ekey(u32 *pe, const u8 *k)
624
+
{
625
+
/* K&R: long is at least 32 bits */
626
+
unsigned long a, b, c, d, w;
627
+
const u32 *pt = pc2;
628
+
629
+
d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d];
630
+
c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c];
631
+
b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b];
632
+
a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a];
633
+
634
+
pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d];
635
+
pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
636
+
pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
637
+
pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
638
+
pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
639
+
pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
640
+
pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
641
+
pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c];
642
+
pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
643
+
pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
644
+
pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
645
+
pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
646
+
pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
647
+
pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
648
+
pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b];
649
+
pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a);
650
+
651
+
/* Check if first half is weak */
652
+
w = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]);
653
+
654
+
/* Skip to next table set */
655
+
pt += 512;
656
+
657
+
d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1];
658
+
c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1];
659
+
b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1];
660
+
a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1];
661
+
662
+
/* Check if second half is weak */
663
+
w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]);
664
+
665
+
pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d];
666
+
pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
667
+
pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
668
+
pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
669
+
pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
670
+
pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
671
+
pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
672
+
pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c];
673
+
pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
674
+
pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
675
+
pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
676
+
pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
677
+
pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
678
+
pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
679
+
pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b];
680
+
pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a);
681
+
682
+
/* Fixup: 2413 5768 -> 1357 2468 */
683
+
for (d = 0; d < 16; ++d) {
684
+
a = pe[2 * d];
685
+
b = pe[2 * d + 1];
686
+
c = a ^ b;
687
+
c &= 0xffff0000;
688
+
a ^= c;
689
+
b ^= c;
690
+
ROL(b, 18);
691
+
pe[2 * d] = a;
692
+
pe[2 * d + 1] = b;
693
+
}
694
+
695
+
/* Zero if weak key */
696
+
return w;
697
+
}
698
+
699
+
int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen)
700
+
{
701
+
if (keylen != DES_KEY_SIZE)
702
+
return -EINVAL;
703
+
704
+
return des_ekey(ctx->expkey, key) ? 0 : -ENOKEY;
705
+
}
706
+
EXPORT_SYMBOL_GPL(des_expand_key);
707
+
708
+
/*
709
+
* Decryption key expansion
710
+
*
711
+
* No weak key checking is performed, as this is only used by triple DES
712
+
*
713
+
*/
714
+
static void dkey(u32 *pe, const u8 *k)
715
+
{
716
+
/* K&R: long is at least 32 bits */
717
+
unsigned long a, b, c, d;
718
+
const u32 *pt = pc2;
719
+
720
+
d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d];
721
+
c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c];
722
+
b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b];
723
+
a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a];
724
+
725
+
pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d];
726
+
pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
727
+
pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
728
+
pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
729
+
pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
730
+
pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
731
+
pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
732
+
pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c];
733
+
pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
734
+
pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
735
+
pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
736
+
pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
737
+
pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
738
+
pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
739
+
pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b];
740
+
pe[15 * 2] = DES_PC2(b, c, d, a);
741
+
742
+
/* Skip to next table set */
743
+
pt += 512;
744
+
745
+
d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1];
746
+
c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1];
747
+
b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1];
748
+
a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1];
749
+
750
+
pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d];
751
+
pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
752
+
pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
753
+
pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
754
+
pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
755
+
pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];
756
+
pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];
757
+
pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c];
758
+
pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
759
+
pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
760
+
pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
761
+
pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
762
+
pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];
763
+
pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];
764
+
pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b];
765
+
pe[15 * 2 + 1] = DES_PC2(b, c, d, a);
766
+
767
+
/* Fixup: 2413 5768 -> 1357 2468 */
768
+
for (d = 0; d < 16; ++d) {
769
+
a = pe[2 * d];
770
+
b = pe[2 * d + 1];
771
+
c = a ^ b;
772
+
c &= 0xffff0000;
773
+
a ^= c;
774
+
b ^= c;
775
+
ROL(b, 18);
776
+
pe[2 * d] = a;
777
+
pe[2 * d + 1] = b;
778
+
}
779
+
}
780
+
781
+
void des_encrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src)
782
+
{
783
+
const u32 *K = ctx->expkey;
784
+
u32 L, R, A, B;
785
+
int i;
786
+
787
+
L = get_unaligned_le32(src);
788
+
R = get_unaligned_le32(src + 4);
789
+
790
+
IP(L, R, A);
791
+
for (i = 0; i < 8; i++) {
792
+
ROUND(L, R, A, B, K, 2);
793
+
ROUND(R, L, A, B, K, 2);
794
+
}
795
+
FP(R, L, A);
796
+
797
+
put_unaligned_le32(R, dst);
798
+
put_unaligned_le32(L, dst + 4);
799
+
}
800
+
EXPORT_SYMBOL_GPL(des_encrypt);
801
+
802
+
void des_decrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src)
803
+
{
804
+
const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2;
805
+
u32 L, R, A, B;
806
+
int i;
807
+
808
+
L = get_unaligned_le32(src);
809
+
R = get_unaligned_le32(src + 4);
810
+
811
+
IP(L, R, A);
812
+
for (i = 0; i < 8; i++) {
813
+
ROUND(L, R, A, B, K, -2);
814
+
ROUND(R, L, A, B, K, -2);
815
+
}
816
+
FP(R, L, A);
817
+
818
+
put_unaligned_le32(R, dst);
819
+
put_unaligned_le32(L, dst + 4);
820
+
}
821
+
EXPORT_SYMBOL_GPL(des_decrypt);
822
+
823
+
int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key,
824
+
unsigned int keylen)
825
+
{
826
+
u32 *pe = ctx->expkey;
827
+
int err;
828
+
829
+
if (keylen != DES3_EDE_KEY_SIZE)
830
+
return -EINVAL;
831
+
832
+
err = des3_ede_verify_key(key, keylen, true);
833
+
if (err && err != -ENOKEY)
834
+
return err;
835
+
836
+
des_ekey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE;
837
+
dkey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE;
838
+
des_ekey(pe, key);
839
+
840
+
return err;
841
+
}
842
+
EXPORT_SYMBOL_GPL(des3_ede_expand_key);
843
+
844
+
void des3_ede_encrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src)
845
+
{
846
+
const u32 *K = dctx->expkey;
847
+
u32 L, R, A, B;
848
+
int i;
849
+
850
+
L = get_unaligned_le32(src);
851
+
R = get_unaligned_le32(src + 4);
852
+
853
+
IP(L, R, A);
854
+
for (i = 0; i < 8; i++) {
855
+
ROUND(L, R, A, B, K, 2);
856
+
ROUND(R, L, A, B, K, 2);
857
+
}
858
+
for (i = 0; i < 8; i++) {
859
+
ROUND(R, L, A, B, K, 2);
860
+
ROUND(L, R, A, B, K, 2);
861
+
}
862
+
for (i = 0; i < 8; i++) {
863
+
ROUND(L, R, A, B, K, 2);
864
+
ROUND(R, L, A, B, K, 2);
865
+
}
866
+
FP(R, L, A);
867
+
868
+
put_unaligned_le32(R, dst);
869
+
put_unaligned_le32(L, dst + 4);
870
+
}
871
+
EXPORT_SYMBOL_GPL(des3_ede_encrypt);
872
+
873
+
void des3_ede_decrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src)
874
+
{
875
+
const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2;
876
+
u32 L, R, A, B;
877
+
int i;
878
+
879
+
L = get_unaligned_le32(src);
880
+
R = get_unaligned_le32(src + 4);
881
+
882
+
IP(L, R, A);
883
+
for (i = 0; i < 8; i++) {
884
+
ROUND(L, R, A, B, K, -2);
885
+
ROUND(R, L, A, B, K, -2);
886
+
}
887
+
for (i = 0; i < 8; i++) {
888
+
ROUND(R, L, A, B, K, -2);
889
+
ROUND(L, R, A, B, K, -2);
890
+
}
891
+
for (i = 0; i < 8; i++) {
892
+
ROUND(L, R, A, B, K, -2);
893
+
ROUND(R, L, A, B, K, -2);
894
+
}
895
+
FP(R, L, A);
896
+
897
+
put_unaligned_le32(R, dst);
898
+
put_unaligned_le32(L, dst + 4);
899
+
}
900
+
EXPORT_SYMBOL_GPL(des3_ede_decrypt);
901
+
902
+
MODULE_LICENSE("GPL");