00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032 #include "polarssl/config.h"
00033
00034 #if defined(POLARSSL_DES_C)
00035
00036 #include "polarssl/des.h"
00037
00038 #if !defined(POLARSSL_DES_ALT)
00039
00040
00041
00042
00043 #ifndef GET_UINT32_BE
00044 #define GET_UINT32_BE(n,b,i) \
00045 { \
00046 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
00047 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
00048 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
00049 | ( (uint32_t) (b)[(i) + 3] ); \
00050 }
00051 #endif
00052
00053 #ifndef PUT_UINT32_BE
00054 #define PUT_UINT32_BE(n,b,i) \
00055 { \
00056 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
00057 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
00058 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
00059 (b)[(i) + 3] = (unsigned char) ( (n) ); \
00060 }
00061 #endif
00062
00063
00064
00065
00066 static const uint32_t SB1[64] =
00067 {
00068 0x01010400, 0x00000000, 0x00010000, 0x01010404,
00069 0x01010004, 0x00010404, 0x00000004, 0x00010000,
00070 0x00000400, 0x01010400, 0x01010404, 0x00000400,
00071 0x01000404, 0x01010004, 0x01000000, 0x00000004,
00072 0x00000404, 0x01000400, 0x01000400, 0x00010400,
00073 0x00010400, 0x01010000, 0x01010000, 0x01000404,
00074 0x00010004, 0x01000004, 0x01000004, 0x00010004,
00075 0x00000000, 0x00000404, 0x00010404, 0x01000000,
00076 0x00010000, 0x01010404, 0x00000004, 0x01010000,
00077 0x01010400, 0x01000000, 0x01000000, 0x00000400,
00078 0x01010004, 0x00010000, 0x00010400, 0x01000004,
00079 0x00000400, 0x00000004, 0x01000404, 0x00010404,
00080 0x01010404, 0x00010004, 0x01010000, 0x01000404,
00081 0x01000004, 0x00000404, 0x00010404, 0x01010400,
00082 0x00000404, 0x01000400, 0x01000400, 0x00000000,
00083 0x00010004, 0x00010400, 0x00000000, 0x01010004
00084 };
00085
00086 static const uint32_t SB2[64] =
00087 {
00088 0x80108020, 0x80008000, 0x00008000, 0x00108020,
00089 0x00100000, 0x00000020, 0x80100020, 0x80008020,
00090 0x80000020, 0x80108020, 0x80108000, 0x80000000,
00091 0x80008000, 0x00100000, 0x00000020, 0x80100020,
00092 0x00108000, 0x00100020, 0x80008020, 0x00000000,
00093 0x80000000, 0x00008000, 0x00108020, 0x80100000,
00094 0x00100020, 0x80000020, 0x00000000, 0x00108000,
00095 0x00008020, 0x80108000, 0x80100000, 0x00008020,
00096 0x00000000, 0x00108020, 0x80100020, 0x00100000,
00097 0x80008020, 0x80100000, 0x80108000, 0x00008000,
00098 0x80100000, 0x80008000, 0x00000020, 0x80108020,
00099 0x00108020, 0x00000020, 0x00008000, 0x80000000,
00100 0x00008020, 0x80108000, 0x00100000, 0x80000020,
00101 0x00100020, 0x80008020, 0x80000020, 0x00100020,
00102 0x00108000, 0x00000000, 0x80008000, 0x00008020,
00103 0x80000000, 0x80100020, 0x80108020, 0x00108000
00104 };
00105
00106 static const uint32_t SB3[64] =
00107 {
00108 0x00000208, 0x08020200, 0x00000000, 0x08020008,
00109 0x08000200, 0x00000000, 0x00020208, 0x08000200,
00110 0x00020008, 0x08000008, 0x08000008, 0x00020000,
00111 0x08020208, 0x00020008, 0x08020000, 0x00000208,
00112 0x08000000, 0x00000008, 0x08020200, 0x00000200,
00113 0x00020200, 0x08020000, 0x08020008, 0x00020208,
00114 0x08000208, 0x00020200, 0x00020000, 0x08000208,
00115 0x00000008, 0x08020208, 0x00000200, 0x08000000,
00116 0x08020200, 0x08000000, 0x00020008, 0x00000208,
00117 0x00020000, 0x08020200, 0x08000200, 0x00000000,
00118 0x00000200, 0x00020008, 0x08020208, 0x08000200,
00119 0x08000008, 0x00000200, 0x00000000, 0x08020008,
00120 0x08000208, 0x00020000, 0x08000000, 0x08020208,
00121 0x00000008, 0x00020208, 0x00020200, 0x08000008,
00122 0x08020000, 0x08000208, 0x00000208, 0x08020000,
00123 0x00020208, 0x00000008, 0x08020008, 0x00020200
00124 };
00125
00126 static const uint32_t SB4[64] =
00127 {
00128 0x00802001, 0x00002081, 0x00002081, 0x00000080,
00129 0x00802080, 0x00800081, 0x00800001, 0x00002001,
00130 0x00000000, 0x00802000, 0x00802000, 0x00802081,
00131 0x00000081, 0x00000000, 0x00800080, 0x00800001,
00132 0x00000001, 0x00002000, 0x00800000, 0x00802001,
00133 0x00000080, 0x00800000, 0x00002001, 0x00002080,
00134 0x00800081, 0x00000001, 0x00002080, 0x00800080,
00135 0x00002000, 0x00802080, 0x00802081, 0x00000081,
00136 0x00800080, 0x00800001, 0x00802000, 0x00802081,
00137 0x00000081, 0x00000000, 0x00000000, 0x00802000,
00138 0x00002080, 0x00800080, 0x00800081, 0x00000001,
00139 0x00802001, 0x00002081, 0x00002081, 0x00000080,
00140 0x00802081, 0x00000081, 0x00000001, 0x00002000,
00141 0x00800001, 0x00002001, 0x00802080, 0x00800081,
00142 0x00002001, 0x00002080, 0x00800000, 0x00802001,
00143 0x00000080, 0x00800000, 0x00002000, 0x00802080
00144 };
00145
00146 static const uint32_t SB5[64] =
00147 {
00148 0x00000100, 0x02080100, 0x02080000, 0x42000100,
00149 0x00080000, 0x00000100, 0x40000000, 0x02080000,
00150 0x40080100, 0x00080000, 0x02000100, 0x40080100,
00151 0x42000100, 0x42080000, 0x00080100, 0x40000000,
00152 0x02000000, 0x40080000, 0x40080000, 0x00000000,
00153 0x40000100, 0x42080100, 0x42080100, 0x02000100,
00154 0x42080000, 0x40000100, 0x00000000, 0x42000000,
00155 0x02080100, 0x02000000, 0x42000000, 0x00080100,
00156 0x00080000, 0x42000100, 0x00000100, 0x02000000,
00157 0x40000000, 0x02080000, 0x42000100, 0x40080100,
00158 0x02000100, 0x40000000, 0x42080000, 0x02080100,
00159 0x40080100, 0x00000100, 0x02000000, 0x42080000,
00160 0x42080100, 0x00080100, 0x42000000, 0x42080100,
00161 0x02080000, 0x00000000, 0x40080000, 0x42000000,
00162 0x00080100, 0x02000100, 0x40000100, 0x00080000,
00163 0x00000000, 0x40080000, 0x02080100, 0x40000100
00164 };
00165
00166 static const uint32_t SB6[64] =
00167 {
00168 0x20000010, 0x20400000, 0x00004000, 0x20404010,
00169 0x20400000, 0x00000010, 0x20404010, 0x00400000,
00170 0x20004000, 0x00404010, 0x00400000, 0x20000010,
00171 0x00400010, 0x20004000, 0x20000000, 0x00004010,
00172 0x00000000, 0x00400010, 0x20004010, 0x00004000,
00173 0x00404000, 0x20004010, 0x00000010, 0x20400010,
00174 0x20400010, 0x00000000, 0x00404010, 0x20404000,
00175 0x00004010, 0x00404000, 0x20404000, 0x20000000,
00176 0x20004000, 0x00000010, 0x20400010, 0x00404000,
00177 0x20404010, 0x00400000, 0x00004010, 0x20000010,
00178 0x00400000, 0x20004000, 0x20000000, 0x00004010,
00179 0x20000010, 0x20404010, 0x00404000, 0x20400000,
00180 0x00404010, 0x20404000, 0x00000000, 0x20400010,
00181 0x00000010, 0x00004000, 0x20400000, 0x00404010,
00182 0x00004000, 0x00400010, 0x20004010, 0x00000000,
00183 0x20404000, 0x20000000, 0x00400010, 0x20004010
00184 };
00185
00186 static const uint32_t SB7[64] =
00187 {
00188 0x00200000, 0x04200002, 0x04000802, 0x00000000,
00189 0x00000800, 0x04000802, 0x00200802, 0x04200800,
00190 0x04200802, 0x00200000, 0x00000000, 0x04000002,
00191 0x00000002, 0x04000000, 0x04200002, 0x00000802,
00192 0x04000800, 0x00200802, 0x00200002, 0x04000800,
00193 0x04000002, 0x04200000, 0x04200800, 0x00200002,
00194 0x04200000, 0x00000800, 0x00000802, 0x04200802,
00195 0x00200800, 0x00000002, 0x04000000, 0x00200800,
00196 0x04000000, 0x00200800, 0x00200000, 0x04000802,
00197 0x04000802, 0x04200002, 0x04200002, 0x00000002,
00198 0x00200002, 0x04000000, 0x04000800, 0x00200000,
00199 0x04200800, 0x00000802, 0x00200802, 0x04200800,
00200 0x00000802, 0x04000002, 0x04200802, 0x04200000,
00201 0x00200800, 0x00000000, 0x00000002, 0x04200802,
00202 0x00000000, 0x00200802, 0x04200000, 0x00000800,
00203 0x04000002, 0x04000800, 0x00000800, 0x00200002
00204 };
00205
00206 static const uint32_t SB8[64] =
00207 {
00208 0x10001040, 0x00001000, 0x00040000, 0x10041040,
00209 0x10000000, 0x10001040, 0x00000040, 0x10000000,
00210 0x00040040, 0x10040000, 0x10041040, 0x00041000,
00211 0x10041000, 0x00041040, 0x00001000, 0x00000040,
00212 0x10040000, 0x10000040, 0x10001000, 0x00001040,
00213 0x00041000, 0x00040040, 0x10040040, 0x10041000,
00214 0x00001040, 0x00000000, 0x00000000, 0x10040040,
00215 0x10000040, 0x10001000, 0x00041040, 0x00040000,
00216 0x00041040, 0x00040000, 0x10041000, 0x00001000,
00217 0x00000040, 0x10040040, 0x00001000, 0x00041040,
00218 0x10001000, 0x00000040, 0x10000040, 0x10040000,
00219 0x10040040, 0x10000000, 0x00040000, 0x10001040,
00220 0x00000000, 0x10041040, 0x00040040, 0x10000040,
00221 0x10040000, 0x10001000, 0x10001040, 0x00000000,
00222 0x10041040, 0x00041000, 0x00041000, 0x00001040,
00223 0x00001040, 0x00040040, 0x10000000, 0x10041000
00224 };
00225
00226
00227
00228
00229 static const uint32_t LHs[16] =
00230 {
00231 0x00000000, 0x00000001, 0x00000100, 0x00000101,
00232 0x00010000, 0x00010001, 0x00010100, 0x00010101,
00233 0x01000000, 0x01000001, 0x01000100, 0x01000101,
00234 0x01010000, 0x01010001, 0x01010100, 0x01010101
00235 };
00236
00237 static const uint32_t RHs[16] =
00238 {
00239 0x00000000, 0x01000000, 0x00010000, 0x01010000,
00240 0x00000100, 0x01000100, 0x00010100, 0x01010100,
00241 0x00000001, 0x01000001, 0x00010001, 0x01010001,
00242 0x00000101, 0x01000101, 0x00010101, 0x01010101,
00243 };
00244
00245
00246
00247
00248 #define DES_IP(X,Y) \
00249 { \
00250 T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \
00251 T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \
00252 T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \
00253 T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \
00254 Y = ((Y << 1) | (Y >> 31)) & 0xFFFFFFFF; \
00255 T = (X ^ Y) & 0xAAAAAAAA; Y ^= T; X ^= T; \
00256 X = ((X << 1) | (X >> 31)) & 0xFFFFFFFF; \
00257 }
00258
00259
00260
00261
00262 #define DES_FP(X,Y) \
00263 { \
00264 X = ((X << 31) | (X >> 1)) & 0xFFFFFFFF; \
00265 T = (X ^ Y) & 0xAAAAAAAA; X ^= T; Y ^= T; \
00266 Y = ((Y << 31) | (Y >> 1)) & 0xFFFFFFFF; \
00267 T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \
00268 T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \
00269 T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \
00270 T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \
00271 }
00272
00273
00274
00275
00276 #define DES_ROUND(X,Y) \
00277 { \
00278 T = *SK++ ^ X; \
00279 Y ^= SB8[ (T ) & 0x3F ] ^ \
00280 SB6[ (T >> 8) & 0x3F ] ^ \
00281 SB4[ (T >> 16) & 0x3F ] ^ \
00282 SB2[ (T >> 24) & 0x3F ]; \
00283 \
00284 T = *SK++ ^ ((X << 28) | (X >> 4)); \
00285 Y ^= SB7[ (T ) & 0x3F ] ^ \
00286 SB5[ (T >> 8) & 0x3F ] ^ \
00287 SB3[ (T >> 16) & 0x3F ] ^ \
00288 SB1[ (T >> 24) & 0x3F ]; \
00289 }
00290
00291 #define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; }
00292
00293 static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8,
00294 11, 13, 14, 16, 19, 21, 22, 25, 26, 28, 31, 32, 35, 37, 38, 41, 42, 44,
00295 47, 49, 50, 52, 55, 56, 59, 61, 62, 64, 67, 69, 70, 73, 74, 76, 79, 81,
00296 82, 84, 87, 88, 91, 93, 94, 97, 98, 100, 103, 104, 107, 109, 110, 112,
00297 115, 117, 118, 121, 122, 124, 127, 128, 131, 133, 134, 137, 138, 140,
00298 143, 145, 146, 148, 151, 152, 155, 157, 158, 161, 162, 164, 167, 168,
00299 171, 173, 174, 176, 179, 181, 182, 185, 186, 188, 191, 193, 194, 196,
00300 199, 200, 203, 205, 206, 208, 211, 213, 214, 217, 218, 220, 223, 224,
00301 227, 229, 230, 233, 234, 236, 239, 241, 242, 244, 247, 248, 251, 253,
00302 254 };
00303
00304 void des_key_set_parity( unsigned char key[DES_KEY_SIZE] )
00305 {
00306 int i;
00307
00308 for( i = 0; i < DES_KEY_SIZE; i++ )
00309 key[i] = odd_parity_table[key[i] / 2];
00310 }
00311
00312
00313
00314
00315 int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] )
00316 {
00317 int i;
00318
00319 for( i = 0; i < DES_KEY_SIZE; i++ )
00320 if ( key[i] != odd_parity_table[key[i] / 2] )
00321 return( 1 );
00322
00323 return( 0 );
00324 }
00325
00326
00327
00328
00329
00330
00331
00332
00333
00334
00335
00336
00337
00338
00339
00340
00341
00342
00343
00344
00345
00346
00347 #define WEAK_KEY_COUNT 16
00348
00349 static const unsigned char weak_key_table[WEAK_KEY_COUNT][DES_KEY_SIZE] =
00350 {
00351 { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
00352 { 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE },
00353 { 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E },
00354 { 0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1 },
00355
00356 { 0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E },
00357 { 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01 },
00358 { 0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1 },
00359 { 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01 },
00360 { 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE },
00361 { 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01 },
00362 { 0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1 },
00363 { 0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E },
00364 { 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE },
00365 { 0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E },
00366 { 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE },
00367 { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 }
00368 };
00369
00370 int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] )
00371 {
00372 int i;
00373
00374 for( i = 0; i < WEAK_KEY_COUNT; i++ )
00375 if( memcmp( weak_key_table[i], key, DES_KEY_SIZE) == 0)
00376 return( 1 );
00377
00378 return( 0 );
00379 }
00380
00381 static void des_setkey( uint32_t SK[32], const unsigned char key[DES_KEY_SIZE] )
00382 {
00383 int i;
00384 uint32_t X, Y, T;
00385
00386 GET_UINT32_BE( X, key, 0 );
00387 GET_UINT32_BE( Y, key, 4 );
00388
00389
00390
00391
00392 T = ((Y >> 4) ^ X) & 0x0F0F0F0F; X ^= T; Y ^= (T << 4);
00393 T = ((Y ) ^ X) & 0x10101010; X ^= T; Y ^= (T );
00394
00395 X = (LHs[ (X ) & 0xF] << 3) | (LHs[ (X >> 8) & 0xF ] << 2)
00396 | (LHs[ (X >> 16) & 0xF] << 1) | (LHs[ (X >> 24) & 0xF ] )
00397 | (LHs[ (X >> 5) & 0xF] << 7) | (LHs[ (X >> 13) & 0xF ] << 6)
00398 | (LHs[ (X >> 21) & 0xF] << 5) | (LHs[ (X >> 29) & 0xF ] << 4);
00399
00400 Y = (RHs[ (Y >> 1) & 0xF] << 3) | (RHs[ (Y >> 9) & 0xF ] << 2)
00401 | (RHs[ (Y >> 17) & 0xF] << 1) | (RHs[ (Y >> 25) & 0xF ] )
00402 | (RHs[ (Y >> 4) & 0xF] << 7) | (RHs[ (Y >> 12) & 0xF ] << 6)
00403 | (RHs[ (Y >> 20) & 0xF] << 5) | (RHs[ (Y >> 28) & 0xF ] << 4);
00404
00405 X &= 0x0FFFFFFF;
00406 Y &= 0x0FFFFFFF;
00407
00408
00409
00410
00411 for( i = 0; i < 16; i++ )
00412 {
00413 if( i < 2 || i == 8 || i == 15 )
00414 {
00415 X = ((X << 1) | (X >> 27)) & 0x0FFFFFFF;
00416 Y = ((Y << 1) | (Y >> 27)) & 0x0FFFFFFF;
00417 }
00418 else
00419 {
00420 X = ((X << 2) | (X >> 26)) & 0x0FFFFFFF;
00421 Y = ((Y << 2) | (Y >> 26)) & 0x0FFFFFFF;
00422 }
00423
00424 *SK++ = ((X << 4) & 0x24000000) | ((X << 28) & 0x10000000)
00425 | ((X << 14) & 0x08000000) | ((X << 18) & 0x02080000)
00426 | ((X << 6) & 0x01000000) | ((X << 9) & 0x00200000)
00427 | ((X >> 1) & 0x00100000) | ((X << 10) & 0x00040000)
00428 | ((X << 2) & 0x00020000) | ((X >> 10) & 0x00010000)
00429 | ((Y >> 13) & 0x00002000) | ((Y >> 4) & 0x00001000)
00430 | ((Y << 6) & 0x00000800) | ((Y >> 1) & 0x00000400)
00431 | ((Y >> 14) & 0x00000200) | ((Y ) & 0x00000100)
00432 | ((Y >> 5) & 0x00000020) | ((Y >> 10) & 0x00000010)
00433 | ((Y >> 3) & 0x00000008) | ((Y >> 18) & 0x00000004)
00434 | ((Y >> 26) & 0x00000002) | ((Y >> 24) & 0x00000001);
00435
00436 *SK++ = ((X << 15) & 0x20000000) | ((X << 17) & 0x10000000)
00437 | ((X << 10) & 0x08000000) | ((X << 22) & 0x04000000)
00438 | ((X >> 2) & 0x02000000) | ((X << 1) & 0x01000000)
00439 | ((X << 16) & 0x00200000) | ((X << 11) & 0x00100000)
00440 | ((X << 3) & 0x00080000) | ((X >> 6) & 0x00040000)
00441 | ((X << 15) & 0x00020000) | ((X >> 4) & 0x00010000)
00442 | ((Y >> 2) & 0x00002000) | ((Y << 8) & 0x00001000)
00443 | ((Y >> 14) & 0x00000808) | ((Y >> 9) & 0x00000400)
00444 | ((Y ) & 0x00000200) | ((Y << 7) & 0x00000100)
00445 | ((Y >> 7) & 0x00000020) | ((Y >> 3) & 0x00000011)
00446 | ((Y << 2) & 0x00000004) | ((Y >> 21) & 0x00000002);
00447 }
00448 }
00449
00450
00451
00452
00453 int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] )
00454 {
00455 des_setkey( ctx->sk, key );
00456
00457 return( 0 );
00458 }
00459
00460
00461
00462
00463 int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] )
00464 {
00465 int i;
00466
00467 des_setkey( ctx->sk, key );
00468
00469 for( i = 0; i < 16; i += 2 )
00470 {
00471 SWAP( ctx->sk[i ], ctx->sk[30 - i] );
00472 SWAP( ctx->sk[i + 1], ctx->sk[31 - i] );
00473 }
00474
00475 return( 0 );
00476 }
00477
00478 static void des3_set2key( uint32_t esk[96],
00479 uint32_t dsk[96],
00480 const unsigned char key[DES_KEY_SIZE*2] )
00481 {
00482 int i;
00483
00484 des_setkey( esk, key );
00485 des_setkey( dsk + 32, key + 8 );
00486
00487 for( i = 0; i < 32; i += 2 )
00488 {
00489 dsk[i ] = esk[30 - i];
00490 dsk[i + 1] = esk[31 - i];
00491
00492 esk[i + 32] = dsk[62 - i];
00493 esk[i + 33] = dsk[63 - i];
00494
00495 esk[i + 64] = esk[i ];
00496 esk[i + 65] = esk[i + 1];
00497
00498 dsk[i + 64] = dsk[i ];
00499 dsk[i + 65] = dsk[i + 1];
00500 }
00501 }
00502
00503
00504
00505
00506 int des3_set2key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] )
00507 {
00508 uint32_t sk[96];
00509
00510 des3_set2key( ctx->sk, sk, key );
00511 memset( sk, 0, sizeof( sk ) );
00512
00513 return( 0 );
00514 }
00515
00516
00517
00518
00519 int des3_set2key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] )
00520 {
00521 uint32_t sk[96];
00522
00523 des3_set2key( sk, ctx->sk, key );
00524 memset( sk, 0, sizeof( sk ) );
00525
00526 return( 0 );
00527 }
00528
00529 static void des3_set3key( uint32_t esk[96],
00530 uint32_t dsk[96],
00531 const unsigned char key[24] )
00532 {
00533 int i;
00534
00535 des_setkey( esk, key );
00536 des_setkey( dsk + 32, key + 8 );
00537 des_setkey( esk + 64, key + 16 );
00538
00539 for( i = 0; i < 32; i += 2 )
00540 {
00541 dsk[i ] = esk[94 - i];
00542 dsk[i + 1] = esk[95 - i];
00543
00544 esk[i + 32] = dsk[62 - i];
00545 esk[i + 33] = dsk[63 - i];
00546
00547 dsk[i + 64] = esk[30 - i];
00548 dsk[i + 65] = esk[31 - i];
00549 }
00550 }
00551
00552
00553
00554
00555 int des3_set3key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] )
00556 {
00557 uint32_t sk[96];
00558
00559 des3_set3key( ctx->sk, sk, key );
00560 memset( sk, 0, sizeof( sk ) );
00561
00562 return( 0 );
00563 }
00564
00565
00566
00567
00568 int des3_set3key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] )
00569 {
00570 uint32_t sk[96];
00571
00572 des3_set3key( sk, ctx->sk, key );
00573 memset( sk, 0, sizeof( sk ) );
00574
00575 return( 0 );
00576 }
00577
00578
00579
00580
00581 int des_crypt_ecb( des_context *ctx,
00582 const unsigned char input[8],
00583 unsigned char output[8] )
00584 {
00585 int i;
00586 uint32_t X, Y, T, *SK;
00587
00588 SK = ctx->sk;
00589
00590 GET_UINT32_BE( X, input, 0 );
00591 GET_UINT32_BE( Y, input, 4 );
00592
00593 DES_IP( X, Y );
00594
00595 for( i = 0; i < 8; i++ )
00596 {
00597 DES_ROUND( Y, X );
00598 DES_ROUND( X, Y );
00599 }
00600
00601 DES_FP( Y, X );
00602
00603 PUT_UINT32_BE( Y, output, 0 );
00604 PUT_UINT32_BE( X, output, 4 );
00605
00606 return( 0 );
00607 }
00608
00609 #if defined(POLARSSL_CIPHER_MODE_CBC)
00610
00611
00612
00613 int des_crypt_cbc( des_context *ctx,
00614 int mode,
00615 size_t length,
00616 unsigned char iv[8],
00617 const unsigned char *input,
00618 unsigned char *output )
00619 {
00620 int i;
00621 unsigned char temp[8];
00622
00623 if( length % 8 )
00624 return( POLARSSL_ERR_DES_INVALID_INPUT_LENGTH );
00625
00626 if( mode == DES_ENCRYPT )
00627 {
00628 while( length > 0 )
00629 {
00630 for( i = 0; i < 8; i++ )
00631 output[i] = (unsigned char)( input[i] ^ iv[i] );
00632
00633 des_crypt_ecb( ctx, output, output );
00634 memcpy( iv, output, 8 );
00635
00636 input += 8;
00637 output += 8;
00638 length -= 8;
00639 }
00640 }
00641 else
00642 {
00643 while( length > 0 )
00644 {
00645 memcpy( temp, input, 8 );
00646 des_crypt_ecb( ctx, input, output );
00647
00648 for( i = 0; i < 8; i++ )
00649 output[i] = (unsigned char)( output[i] ^ iv[i] );
00650
00651 memcpy( iv, temp, 8 );
00652
00653 input += 8;
00654 output += 8;
00655 length -= 8;
00656 }
00657 }
00658
00659 return( 0 );
00660 }
00661 #endif
00662
00663
00664
00665
00666 int des3_crypt_ecb( des3_context *ctx,
00667 const unsigned char input[8],
00668 unsigned char output[8] )
00669 {
00670 int i;
00671 uint32_t X, Y, T, *SK;
00672
00673 SK = ctx->sk;
00674
00675 GET_UINT32_BE( X, input, 0 );
00676 GET_UINT32_BE( Y, input, 4 );
00677
00678 DES_IP( X, Y );
00679
00680 for( i = 0; i < 8; i++ )
00681 {
00682 DES_ROUND( Y, X );
00683 DES_ROUND( X, Y );
00684 }
00685
00686 for( i = 0; i < 8; i++ )
00687 {
00688 DES_ROUND( X, Y );
00689 DES_ROUND( Y, X );
00690 }
00691
00692 for( i = 0; i < 8; i++ )
00693 {
00694 DES_ROUND( Y, X );
00695 DES_ROUND( X, Y );
00696 }
00697
00698 DES_FP( Y, X );
00699
00700 PUT_UINT32_BE( Y, output, 0 );
00701 PUT_UINT32_BE( X, output, 4 );
00702
00703 return( 0 );
00704 }
00705
00706 #if defined(POLARSSL_CIPHER_MODE_CBC)
00707
00708
00709
00710 int des3_crypt_cbc( des3_context *ctx,
00711 int mode,
00712 size_t length,
00713 unsigned char iv[8],
00714 const unsigned char *input,
00715 unsigned char *output )
00716 {
00717 int i;
00718 unsigned char temp[8];
00719
00720 if( length % 8 )
00721 return( POLARSSL_ERR_DES_INVALID_INPUT_LENGTH );
00722
00723 if( mode == DES_ENCRYPT )
00724 {
00725 while( length > 0 )
00726 {
00727 for( i = 0; i < 8; i++ )
00728 output[i] = (unsigned char)( input[i] ^ iv[i] );
00729
00730 des3_crypt_ecb( ctx, output, output );
00731 memcpy( iv, output, 8 );
00732
00733 input += 8;
00734 output += 8;
00735 length -= 8;
00736 }
00737 }
00738 else
00739 {
00740 while( length > 0 )
00741 {
00742 memcpy( temp, input, 8 );
00743 des3_crypt_ecb( ctx, input, output );
00744
00745 for( i = 0; i < 8; i++ )
00746 output[i] = (unsigned char)( output[i] ^ iv[i] );
00747
00748 memcpy( iv, temp, 8 );
00749
00750 input += 8;
00751 output += 8;
00752 length -= 8;
00753 }
00754 }
00755
00756 return( 0 );
00757 }
00758 #endif
00759
00760 #endif
00761
00762 #if defined(POLARSSL_SELF_TEST)
00763
00764 #include <stdio.h>
00765
00766
00767
00768
00769
00770
00771 static const unsigned char des3_test_keys[24] =
00772 {
00773 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
00774 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
00775 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
00776 };
00777
00778 static const unsigned char des3_test_iv[8] =
00779 {
00780 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF,
00781 };
00782
00783 static const unsigned char des3_test_buf[8] =
00784 {
00785 0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74
00786 };
00787
00788 static const unsigned char des3_test_ecb_dec[3][8] =
00789 {
00790 { 0xCD, 0xD6, 0x4F, 0x2F, 0x94, 0x27, 0xC1, 0x5D },
00791 { 0x69, 0x96, 0xC8, 0xFA, 0x47, 0xA2, 0xAB, 0xEB },
00792 { 0x83, 0x25, 0x39, 0x76, 0x44, 0x09, 0x1A, 0x0A }
00793 };
00794
00795 static const unsigned char des3_test_ecb_enc[3][8] =
00796 {
00797 { 0x6A, 0x2A, 0x19, 0xF4, 0x1E, 0xCA, 0x85, 0x4B },
00798 { 0x03, 0xE6, 0x9F, 0x5B, 0xFA, 0x58, 0xEB, 0x42 },
00799 { 0xDD, 0x17, 0xE8, 0xB8, 0xB4, 0x37, 0xD2, 0x32 }
00800 };
00801
00802 static const unsigned char des3_test_cbc_dec[3][8] =
00803 {
00804 { 0x12, 0x9F, 0x40, 0xB9, 0xD2, 0x00, 0x56, 0xB3 },
00805 { 0x47, 0x0E, 0xFC, 0x9A, 0x6B, 0x8E, 0xE3, 0x93 },
00806 { 0xC5, 0xCE, 0xCF, 0x63, 0xEC, 0xEC, 0x51, 0x4C }
00807 };
00808
00809 static const unsigned char des3_test_cbc_enc[3][8] =
00810 {
00811 { 0x54, 0xF1, 0x5A, 0xF6, 0xEB, 0xE3, 0xA4, 0xB4 },
00812 { 0x35, 0x76, 0x11, 0x56, 0x5F, 0xA1, 0x8E, 0x4D },
00813 { 0xCB, 0x19, 0x1F, 0x85, 0xD1, 0xED, 0x84, 0x39 }
00814 };
00815
00816
00817
00818
00819 int des_self_test( int verbose )
00820 {
00821 int i, j, u, v;
00822 des_context ctx;
00823 des3_context ctx3;
00824 unsigned char key[24];
00825 unsigned char buf[8];
00826 #if defined(POLARSSL_CIPHER_MODE_CBC)
00827 unsigned char prv[8];
00828 unsigned char iv[8];
00829 #endif
00830
00831 memset( key, 0, 24 );
00832
00833
00834
00835
00836 for( i = 0; i < 6; i++ )
00837 {
00838 u = i >> 1;
00839 v = i & 1;
00840
00841 if( verbose != 0 )
00842 printf( " DES%c-ECB-%3d (%s): ",
00843 ( u == 0 ) ? ' ' : '3', 56 + u * 56,
00844 ( v == DES_DECRYPT ) ? "dec" : "enc" );
00845
00846 memcpy( buf, des3_test_buf, 8 );
00847
00848 switch( i )
00849 {
00850 case 0:
00851 des_setkey_dec( &ctx, des3_test_keys );
00852 break;
00853
00854 case 1:
00855 des_setkey_enc( &ctx, des3_test_keys );
00856 break;
00857
00858 case 2:
00859 des3_set2key_dec( &ctx3, des3_test_keys );
00860 break;
00861
00862 case 3:
00863 des3_set2key_enc( &ctx3, des3_test_keys );
00864 break;
00865
00866 case 4:
00867 des3_set3key_dec( &ctx3, des3_test_keys );
00868 break;
00869
00870 case 5:
00871 des3_set3key_enc( &ctx3, des3_test_keys );
00872 break;
00873
00874 default:
00875 return( 1 );
00876 }
00877
00878 for( j = 0; j < 10000; j++ )
00879 {
00880 if( u == 0 )
00881 des_crypt_ecb( &ctx, buf, buf );
00882 else
00883 des3_crypt_ecb( &ctx3, buf, buf );
00884 }
00885
00886 if( ( v == DES_DECRYPT &&
00887 memcmp( buf, des3_test_ecb_dec[u], 8 ) != 0 ) ||
00888 ( v != DES_DECRYPT &&
00889 memcmp( buf, des3_test_ecb_enc[u], 8 ) != 0 ) )
00890 {
00891 if( verbose != 0 )
00892 printf( "failed\n" );
00893
00894 return( 1 );
00895 }
00896
00897 if( verbose != 0 )
00898 printf( "passed\n" );
00899 }
00900
00901 if( verbose != 0 )
00902 printf( "\n" );
00903
00904 #if defined(POLARSSL_CIPHER_MODE_CBC)
00905
00906
00907
00908 for( i = 0; i < 6; i++ )
00909 {
00910 u = i >> 1;
00911 v = i & 1;
00912
00913 if( verbose != 0 )
00914 printf( " DES%c-CBC-%3d (%s): ",
00915 ( u == 0 ) ? ' ' : '3', 56 + u * 56,
00916 ( v == DES_DECRYPT ) ? "dec" : "enc" );
00917
00918 memcpy( iv, des3_test_iv, 8 );
00919 memcpy( prv, des3_test_iv, 8 );
00920 memcpy( buf, des3_test_buf, 8 );
00921
00922 switch( i )
00923 {
00924 case 0:
00925 des_setkey_dec( &ctx, des3_test_keys );
00926 break;
00927
00928 case 1:
00929 des_setkey_enc( &ctx, des3_test_keys );
00930 break;
00931
00932 case 2:
00933 des3_set2key_dec( &ctx3, des3_test_keys );
00934 break;
00935
00936 case 3:
00937 des3_set2key_enc( &ctx3, des3_test_keys );
00938 break;
00939
00940 case 4:
00941 des3_set3key_dec( &ctx3, des3_test_keys );
00942 break;
00943
00944 case 5:
00945 des3_set3key_enc( &ctx3, des3_test_keys );
00946 break;
00947
00948 default:
00949 return( 1 );
00950 }
00951
00952 if( v == DES_DECRYPT )
00953 {
00954 for( j = 0; j < 10000; j++ )
00955 {
00956 if( u == 0 )
00957 des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
00958 else
00959 des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
00960 }
00961 }
00962 else
00963 {
00964 for( j = 0; j < 10000; j++ )
00965 {
00966 unsigned char tmp[8];
00967
00968 if( u == 0 )
00969 des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
00970 else
00971 des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
00972
00973 memcpy( tmp, prv, 8 );
00974 memcpy( prv, buf, 8 );
00975 memcpy( buf, tmp, 8 );
00976 }
00977
00978 memcpy( buf, prv, 8 );
00979 }
00980
00981 if( ( v == DES_DECRYPT &&
00982 memcmp( buf, des3_test_cbc_dec[u], 8 ) != 0 ) ||
00983 ( v != DES_DECRYPT &&
00984 memcmp( buf, des3_test_cbc_enc[u], 8 ) != 0 ) )
00985 {
00986 if( verbose != 0 )
00987 printf( "failed\n" );
00988
00989 return( 1 );
00990 }
00991
00992 if( verbose != 0 )
00993 printf( "passed\n" );
00994 }
00995 #endif
00996
00997 if( verbose != 0 )
00998 printf( "\n" );
00999
01000 return( 0 );
01001 }
01002
01003 #endif
01004
01005 #endif