Annotation of sys/crypto/des_locl.h, Revision 1.1.1.1
1.1 nbrk 1: /* $OpenBSD: des_locl.h,v 1.3 2005/06/13 10:56:44 hshoexer Exp $ */
2:
3: /* lib/des/des_locl.h */
4: /* Copyright (C) 1995 Eric Young (eay@mincom.oz.au)
5: * All rights reserved.
6: *
7: * This file is part of an SSL implementation written
8: * by Eric Young (eay@mincom.oz.au).
9: * The implementation was written so as to conform with Netscapes SSL
10: * specification. This library and applications are
11: * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
12: * as long as the following conditions are aheared to.
13: *
14: * Copyright remains Eric Young's, and as such any Copyright notices in
15: * the code are not to be removed. If this code is used in a product,
16: * Eric Young should be given attribution as the author of the parts used.
17: * This can be in the form of a textual message at program startup or
18: * in documentation (online or textual) provided with the package.
19: *
20: * Redistribution and use in source and binary forms, with or without
21: * modification, are permitted provided that the following conditions
22: * are met:
23: * 1. Redistributions of source code must retain the copyright
24: * notice, this list of conditions and the following disclaimer.
25: * 2. Redistributions in binary form must reproduce the above copyright
26: * notice, this list of conditions and the following disclaimer in the
27: * documentation and/or other materials provided with the distribution.
28: * 3. All advertising materials mentioning features or use of this software
29: * must display the following acknowledgement:
30: * This product includes software developed by Eric Young (eay@mincom.oz.au)
31: *
32: * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
33: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
34: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
35: * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
36: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
37: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
38: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
39: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
40: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
41: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
42: * SUCH DAMAGE.
43: *
44: * The licence and distribution terms for any publically available version or
45: * derivative of this code cannot be changed. i.e. this code cannot simply be
46: * copied and put under another distribution licence
47: * [including the GNU Public Licence.]
48: */
49:
50: #ifndef HEADER_DES_LOCL_H
51: #define HEADER_DES_LOCL_H
52:
53: #include <sys/cdefs.h>
54: #include <sys/types.h>
55: #include <sys/systm.h>
56:
57: #include "des.h"
58:
59: /* the following is tweaked from a config script, that is why it is a
60: * protected undef/define */
61: #ifndef DES_USE_PTR
62: #undef DES_USE_PTR
63: #endif
64:
65: #ifndef RAND
66: #define RAND
67: #endif
68:
69: #if defined(NOCONST)
70: #define const
71: #endif
72:
73: #ifdef __STDC__
74: #undef PROTO
75: #define PROTO
76: #endif
77:
78: #ifdef RAND
79: #define srandom(s) srand(s)
80: #define random rand
81: #endif
82:
83: #define ITERATIONS 16
84: #define HALF_ITERATIONS 8
85:
86: /* used in des_read and des_write */
87: #define MAXWRITE (1024*16)
88: #define BSIZE (MAXWRITE+4)
89:
90: #define c2l(c,l) (l =((u_int32_t)(*((c)++))) , \
91: l|=((u_int32_t)(*((c)++)))<< 8L, \
92: l|=((u_int32_t)(*((c)++)))<<16L, \
93: l|=((u_int32_t)(*((c)++)))<<24L)
94:
95: /* NOTE - c is not incremented as per c2l */
96: #define c2ln(c,l1,l2,n) { \
97: c+=n; \
98: l1=l2=0; \
99: switch (n) { \
100: case 8: l2 =((u_int32_t)(*(--(c))))<<24L; \
101: case 7: l2|=((u_int32_t)(*(--(c))))<<16L; \
102: case 6: l2|=((u_int32_t)(*(--(c))))<< 8L; \
103: case 5: l2|=((u_int32_t)(*(--(c)))); \
104: case 4: l1 =((u_int32_t)(*(--(c))))<<24L; \
105: case 3: l1|=((u_int32_t)(*(--(c))))<<16L; \
106: case 2: l1|=((u_int32_t)(*(--(c))))<< 8L; \
107: case 1: l1|=((u_int32_t)(*(--(c)))); \
108: } \
109: }
110:
111: #define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
112: *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
113: *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
114: *((c)++)=(unsigned char)(((l)>>24L)&0xff))
115:
116: /* replacements for htonl and ntohl since I have no idea what to do
117: * when faced with machines with 8 byte longs. */
118: #define HDRSIZE 4
119:
120: #define n2l(c,l) (l =((u_int32_t)(*((c)++)))<<24L, \
121: l|=((u_int32_t)(*((c)++)))<<16L, \
122: l|=((u_int32_t)(*((c)++)))<< 8L, \
123: l|=((u_int32_t)(*((c)++))))
124:
125: #define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
126: *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
127: *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
128: *((c)++)=(unsigned char)(((l) )&0xff))
129:
130: /* NOTE - c is not incremented as per l2c */
131: #define l2cn(l1,l2,c,n) { \
132: c+=n; \
133: switch (n) { \
134: case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
135: case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
136: case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
137: case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
138: case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
139: case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
140: case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
141: case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
142: } \
143: }
144:
145: /* The changes to this macro may help or hinder, depending on the
146: * compiler and the achitecture. gcc2 always seems to do well :-).
147: * Inspired by Dana How <how@isl.stanford.edu>
148: * DO NOT use the alternative version on machines with 8 byte longs. */
149: #ifdef DES_USR_PTR
150: #define D_ENCRYPT(L,R,S) { \
151: u=((R^s[S ])<<2); \
152: t= R^s[S+1]; \
153: t=((t>>2)+(t<<30)); \
154: L^= \
155: *(u_int32_t *)(des_SP+0x0100+((t )&0xfc))+ \
156: *(u_int32_t *)(des_SP+0x0300+((t>> 8)&0xfc))+ \
157: *(u_int32_t *)(des_SP+0x0500+((t>>16)&0xfc))+ \
158: *(u_int32_t *)(des_SP+0x0700+((t>>24)&0xfc))+ \
159: *(u_int32_t *)(des_SP+ ((u )&0xfc))+ \
160: *(u_int32_t *)(des_SP+0x0200+((u>> 8)&0xfc))+ \
161: *(u_int32_t *)(des_SP+0x0400+((u>>16)&0xfc))+ \
162: *(u_int32_t *)(des_SP+0x0600+((u>>24)&0xfc)); }
163: #else /* original version */
164: #define D_ENCRYPT(Q,R,S) {\
165: u=(R^s[S ]); \
166: t=R^s[S+1]; \
167: t=((t>>4L)+(t<<28L)); \
168: Q^= des_SPtrans[1][(t )&0x3f]| \
169: des_SPtrans[3][(t>> 8L)&0x3f]| \
170: des_SPtrans[5][(t>>16L)&0x3f]| \
171: des_SPtrans[7][(t>>24L)&0x3f]| \
172: des_SPtrans[0][(u )&0x3f]| \
173: des_SPtrans[2][(u>> 8L)&0x3f]| \
174: des_SPtrans[4][(u>>16L)&0x3f]| \
175: des_SPtrans[6][(u>>24L)&0x3f]; }
176: #endif
177:
178: /* IP and FP
179: * The problem is more of a geometric problem that random bit fiddling.
180: 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
181: 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
182: 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
183: 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
184:
185: 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
186: 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
187: 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
188: 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
189:
190: The output has been subject to swaps of the form
191: 0 1 -> 3 1 but the odd and even bits have been put into
192: 2 3 2 0
193: different words. The main trick is to remember that
194: t=((l>>size)^r)&(mask);
195: r^=t;
196: l^=(t<<size);
197: can be used to swap and move bits between words.
198:
199: So l = 0 1 2 3 r = 16 17 18 19
200: 4 5 6 7 20 21 22 23
201: 8 9 10 11 24 25 26 27
202: 12 13 14 15 28 29 30 31
203: becomes (for size == 2 and mask == 0x3333)
204: t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
205: 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
206: 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
207: 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
208:
209: Thanks for hints from Richard Outerbridge - he told me IP&FP
210: could be done in 15 xor, 10 shifts and 5 ands.
211: When I finally started to think of the problem in 2D
212: I first got ~42 operations without xors. When I remembered
213: how to use xors :-) I got it to its final state.
214: */
215: #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
216: (b)^=(t),\
217: (a)^=((t)<<(n)))
218:
219: #define IP(l,r) \
220: { \
221: register u_int32_t tt; \
222: PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
223: PERM_OP(l,r,tt,16,0x0000ffffL); \
224: PERM_OP(r,l,tt, 2,0x33333333L); \
225: PERM_OP(l,r,tt, 8,0x00ff00ffL); \
226: PERM_OP(r,l,tt, 1,0x55555555L); \
227: }
228:
229: #define FP(l,r) \
230: { \
231: register u_int32_t tt; \
232: PERM_OP(l,r,tt, 1,0x55555555L); \
233: PERM_OP(r,l,tt, 8,0x00ff00ffL); \
234: PERM_OP(l,r,tt, 2,0x33333333L); \
235: PERM_OP(r,l,tt,16,0x0000ffffL); \
236: PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
237: }
238: #endif
CVSweb