LibXenon
Bare-metal Xbox 360 homebrew library
Loading...
Searching...
No Matches
des.c
Go to the documentation of this file.
1/*
2 * FIPS-46-3 compliant Triple-DES implementation
3 *
4 * Copyright (C) 2006-2007 Christophe Devine
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License, version 2.1 as published by the Free Software Foundation.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
18 * MA 02110-1301 USA
19 */
20/*
21 * DES, on which TDES is based, was originally designed by Hans Feistel
22 * at IBM in 1974, and was adopted as a standard by NIST (formerly NBS).
23 *
24 * http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
25 */
26
27//#include "xyssl/config.h"
28
29#define XYSSL_DES_C
30
31#if defined(XYSSL_DES_C)
32
33#include "des.h"
34
35#include <string.h>
36
37/*
38 * 32-bit integer manipulation macros (big endian)
39 */
40#ifndef GET_ULONG_BE
41#define GET_ULONG_BE(n,b,i) \
42{ \
43 (n) = ( (unsigned long) (b)[(i) ] << 24 ) \
44 | ( (unsigned long) (b)[(i) + 1] << 16 ) \
45 | ( (unsigned long) (b)[(i) + 2] << 8 ) \
46 | ( (unsigned long) (b)[(i) + 3] ); \
47}
48#endif
49
50#ifndef PUT_ULONG_BE
51#define PUT_ULONG_BE(n,b,i) \
52{ \
53 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
54 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
55 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
56 (b)[(i) + 3] = (unsigned char) ( (n) ); \
57}
58#endif
59
60/*
61 * Expanded DES S-boxes
62 */
63static const unsigned long SB1[64] =
64{
65 0x01010400, 0x00000000, 0x00010000, 0x01010404,
66 0x01010004, 0x00010404, 0x00000004, 0x00010000,
67 0x00000400, 0x01010400, 0x01010404, 0x00000400,
68 0x01000404, 0x01010004, 0x01000000, 0x00000004,
69 0x00000404, 0x01000400, 0x01000400, 0x00010400,
70 0x00010400, 0x01010000, 0x01010000, 0x01000404,
71 0x00010004, 0x01000004, 0x01000004, 0x00010004,
72 0x00000000, 0x00000404, 0x00010404, 0x01000000,
73 0x00010000, 0x01010404, 0x00000004, 0x01010000,
74 0x01010400, 0x01000000, 0x01000000, 0x00000400,
75 0x01010004, 0x00010000, 0x00010400, 0x01000004,
76 0x00000400, 0x00000004, 0x01000404, 0x00010404,
77 0x01010404, 0x00010004, 0x01010000, 0x01000404,
78 0x01000004, 0x00000404, 0x00010404, 0x01010400,
79 0x00000404, 0x01000400, 0x01000400, 0x00000000,
80 0x00010004, 0x00010400, 0x00000000, 0x01010004
81};
82
83static const unsigned long SB2[64] =
84{
85 0x80108020, 0x80008000, 0x00008000, 0x00108020,
86 0x00100000, 0x00000020, 0x80100020, 0x80008020,
87 0x80000020, 0x80108020, 0x80108000, 0x80000000,
88 0x80008000, 0x00100000, 0x00000020, 0x80100020,
89 0x00108000, 0x00100020, 0x80008020, 0x00000000,
90 0x80000000, 0x00008000, 0x00108020, 0x80100000,
91 0x00100020, 0x80000020, 0x00000000, 0x00108000,
92 0x00008020, 0x80108000, 0x80100000, 0x00008020,
93 0x00000000, 0x00108020, 0x80100020, 0x00100000,
94 0x80008020, 0x80100000, 0x80108000, 0x00008000,
95 0x80100000, 0x80008000, 0x00000020, 0x80108020,
96 0x00108020, 0x00000020, 0x00008000, 0x80000000,
97 0x00008020, 0x80108000, 0x00100000, 0x80000020,
98 0x00100020, 0x80008020, 0x80000020, 0x00100020,
99 0x00108000, 0x00000000, 0x80008000, 0x00008020,
100 0x80000000, 0x80100020, 0x80108020, 0x00108000
101};
102
103static const unsigned long SB3[64] =
104{
105 0x00000208, 0x08020200, 0x00000000, 0x08020008,
106 0x08000200, 0x00000000, 0x00020208, 0x08000200,
107 0x00020008, 0x08000008, 0x08000008, 0x00020000,
108 0x08020208, 0x00020008, 0x08020000, 0x00000208,
109 0x08000000, 0x00000008, 0x08020200, 0x00000200,
110 0x00020200, 0x08020000, 0x08020008, 0x00020208,
111 0x08000208, 0x00020200, 0x00020000, 0x08000208,
112 0x00000008, 0x08020208, 0x00000200, 0x08000000,
113 0x08020200, 0x08000000, 0x00020008, 0x00000208,
114 0x00020000, 0x08020200, 0x08000200, 0x00000000,
115 0x00000200, 0x00020008, 0x08020208, 0x08000200,
116 0x08000008, 0x00000200, 0x00000000, 0x08020008,
117 0x08000208, 0x00020000, 0x08000000, 0x08020208,
118 0x00000008, 0x00020208, 0x00020200, 0x08000008,
119 0x08020000, 0x08000208, 0x00000208, 0x08020000,
120 0x00020208, 0x00000008, 0x08020008, 0x00020200
121};
122
123static const unsigned long SB4[64] =
124{
125 0x00802001, 0x00002081, 0x00002081, 0x00000080,
126 0x00802080, 0x00800081, 0x00800001, 0x00002001,
127 0x00000000, 0x00802000, 0x00802000, 0x00802081,
128 0x00000081, 0x00000000, 0x00800080, 0x00800001,
129 0x00000001, 0x00002000, 0x00800000, 0x00802001,
130 0x00000080, 0x00800000, 0x00002001, 0x00002080,
131 0x00800081, 0x00000001, 0x00002080, 0x00800080,
132 0x00002000, 0x00802080, 0x00802081, 0x00000081,
133 0x00800080, 0x00800001, 0x00802000, 0x00802081,
134 0x00000081, 0x00000000, 0x00000000, 0x00802000,
135 0x00002080, 0x00800080, 0x00800081, 0x00000001,
136 0x00802001, 0x00002081, 0x00002081, 0x00000080,
137 0x00802081, 0x00000081, 0x00000001, 0x00002000,
138 0x00800001, 0x00002001, 0x00802080, 0x00800081,
139 0x00002001, 0x00002080, 0x00800000, 0x00802001,
140 0x00000080, 0x00800000, 0x00002000, 0x00802080
141};
142
143static const unsigned long SB5[64] =
144{
145 0x00000100, 0x02080100, 0x02080000, 0x42000100,
146 0x00080000, 0x00000100, 0x40000000, 0x02080000,
147 0x40080100, 0x00080000, 0x02000100, 0x40080100,
148 0x42000100, 0x42080000, 0x00080100, 0x40000000,
149 0x02000000, 0x40080000, 0x40080000, 0x00000000,
150 0x40000100, 0x42080100, 0x42080100, 0x02000100,
151 0x42080000, 0x40000100, 0x00000000, 0x42000000,
152 0x02080100, 0x02000000, 0x42000000, 0x00080100,
153 0x00080000, 0x42000100, 0x00000100, 0x02000000,
154 0x40000000, 0x02080000, 0x42000100, 0x40080100,
155 0x02000100, 0x40000000, 0x42080000, 0x02080100,
156 0x40080100, 0x00000100, 0x02000000, 0x42080000,
157 0x42080100, 0x00080100, 0x42000000, 0x42080100,
158 0x02080000, 0x00000000, 0x40080000, 0x42000000,
159 0x00080100, 0x02000100, 0x40000100, 0x00080000,
160 0x00000000, 0x40080000, 0x02080100, 0x40000100
161};
162
163static const unsigned long SB6[64] =
164{
165 0x20000010, 0x20400000, 0x00004000, 0x20404010,
166 0x20400000, 0x00000010, 0x20404010, 0x00400000,
167 0x20004000, 0x00404010, 0x00400000, 0x20000010,
168 0x00400010, 0x20004000, 0x20000000, 0x00004010,
169 0x00000000, 0x00400010, 0x20004010, 0x00004000,
170 0x00404000, 0x20004010, 0x00000010, 0x20400010,
171 0x20400010, 0x00000000, 0x00404010, 0x20404000,
172 0x00004010, 0x00404000, 0x20404000, 0x20000000,
173 0x20004000, 0x00000010, 0x20400010, 0x00404000,
174 0x20404010, 0x00400000, 0x00004010, 0x20000010,
175 0x00400000, 0x20004000, 0x20000000, 0x00004010,
176 0x20000010, 0x20404010, 0x00404000, 0x20400000,
177 0x00404010, 0x20404000, 0x00000000, 0x20400010,
178 0x00000010, 0x00004000, 0x20400000, 0x00404010,
179 0x00004000, 0x00400010, 0x20004010, 0x00000000,
180 0x20404000, 0x20000000, 0x00400010, 0x20004010
181};
182
183static const unsigned long SB7[64] =
184{
185 0x00200000, 0x04200002, 0x04000802, 0x00000000,
186 0x00000800, 0x04000802, 0x00200802, 0x04200800,
187 0x04200802, 0x00200000, 0x00000000, 0x04000002,
188 0x00000002, 0x04000000, 0x04200002, 0x00000802,
189 0x04000800, 0x00200802, 0x00200002, 0x04000800,
190 0x04000002, 0x04200000, 0x04200800, 0x00200002,
191 0x04200000, 0x00000800, 0x00000802, 0x04200802,
192 0x00200800, 0x00000002, 0x04000000, 0x00200800,
193 0x04000000, 0x00200800, 0x00200000, 0x04000802,
194 0x04000802, 0x04200002, 0x04200002, 0x00000002,
195 0x00200002, 0x04000000, 0x04000800, 0x00200000,
196 0x04200800, 0x00000802, 0x00200802, 0x04200800,
197 0x00000802, 0x04000002, 0x04200802, 0x04200000,
198 0x00200800, 0x00000000, 0x00000002, 0x04200802,
199 0x00000000, 0x00200802, 0x04200000, 0x00000800,
200 0x04000002, 0x04000800, 0x00000800, 0x00200002
201};
202
203static const unsigned long SB8[64] =
204{
205 0x10001040, 0x00001000, 0x00040000, 0x10041040,
206 0x10000000, 0x10001040, 0x00000040, 0x10000000,
207 0x00040040, 0x10040000, 0x10041040, 0x00041000,
208 0x10041000, 0x00041040, 0x00001000, 0x00000040,
209 0x10040000, 0x10000040, 0x10001000, 0x00001040,
210 0x00041000, 0x00040040, 0x10040040, 0x10041000,
211 0x00001040, 0x00000000, 0x00000000, 0x10040040,
212 0x10000040, 0x10001000, 0x00041040, 0x00040000,
213 0x00041040, 0x00040000, 0x10041000, 0x00001000,
214 0x00000040, 0x10040040, 0x00001000, 0x00041040,
215 0x10001000, 0x00000040, 0x10000040, 0x10040000,
216 0x10040040, 0x10000000, 0x00040000, 0x10001040,
217 0x00000000, 0x10041040, 0x00040040, 0x10000040,
218 0x10040000, 0x10001000, 0x10001040, 0x00000000,
219 0x10041040, 0x00041000, 0x00041000, 0x00001040,
220 0x00001040, 0x00040040, 0x10000000, 0x10041000
221};
222
223/*
224 * PC1: left and right halves bit-swap
225 */
226static const unsigned long LHs[16] =
227{
228 0x00000000, 0x00000001, 0x00000100, 0x00000101,
229 0x00010000, 0x00010001, 0x00010100, 0x00010101,
230 0x01000000, 0x01000001, 0x01000100, 0x01000101,
231 0x01010000, 0x01010001, 0x01010100, 0x01010101
232};
233
234static const unsigned long RHs[16] =
235{
236 0x00000000, 0x01000000, 0x00010000, 0x01010000,
237 0x00000100, 0x01000100, 0x00010100, 0x01010100,
238 0x00000001, 0x01000001, 0x00010001, 0x01010001,
239 0x00000101, 0x01000101, 0x00010101, 0x01010101,
240};
241
242/*
243 * Initial Permutation macro
244 */
245#define DES_IP(X,Y) \
246{ \
247 T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \
248 T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \
249 T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \
250 T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \
251 Y = ((Y << 1) | (Y >> 31)) & 0xFFFFFFFF; \
252 T = (X ^ Y) & 0xAAAAAAAA; Y ^= T; X ^= T; \
253 X = ((X << 1) | (X >> 31)) & 0xFFFFFFFF; \
254}
255
256/*
257 * Final Permutation macro
258 */
259#define DES_FP(X,Y) \
260{ \
261 X = ((X << 31) | (X >> 1)) & 0xFFFFFFFF; \
262 T = (X ^ Y) & 0xAAAAAAAA; X ^= T; Y ^= T; \
263 Y = ((Y << 31) | (Y >> 1)) & 0xFFFFFFFF; \
264 T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \
265 T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \
266 T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \
267 T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \
268}
269
270/*
271 * DES round macro
272 */
273#define DES_ROUND(X,Y) \
274{ \
275 T = *SK++ ^ X; \
276 Y ^= SB8[ (T ) & 0x3F ] ^ \
277 SB6[ (T >> 8) & 0x3F ] ^ \
278 SB4[ (T >> 16) & 0x3F ] ^ \
279 SB2[ (T >> 24) & 0x3F ]; \
280 \
281 T = *SK++ ^ ((X << 28) | (X >> 4)); \
282 Y ^= SB7[ (T ) & 0x3F ] ^ \
283 SB5[ (T >> 8) & 0x3F ] ^ \
284 SB3[ (T >> 16) & 0x3F ] ^ \
285 SB1[ (T >> 24) & 0x3F ]; \
286}
287
288#define SWAP(a,b) { unsigned long t = a; a = b; b = t; t = 0; }
289
290static void des_setkey( unsigned long SK[32], unsigned char key[8] )
291{
292 int i;
293 unsigned long X, Y, T;
294
295 GET_ULONG_BE( X, key, 0 );
296 GET_ULONG_BE( Y, key, 4 );
297
298 /*
299 * Permuted Choice 1
300 */
301 T = ((Y >> 4) ^ X) & 0x0F0F0F0F; X ^= T; Y ^= (T << 4);
302 T = ((Y ) ^ X) & 0x10101010; X ^= T; Y ^= (T );
303
304 X = (LHs[ (X ) & 0xF] << 3) | (LHs[ (X >> 8) & 0xF ] << 2)
305 | (LHs[ (X >> 16) & 0xF] << 1) | (LHs[ (X >> 24) & 0xF ] )
306 | (LHs[ (X >> 5) & 0xF] << 7) | (LHs[ (X >> 13) & 0xF ] << 6)
307 | (LHs[ (X >> 21) & 0xF] << 5) | (LHs[ (X >> 29) & 0xF ] << 4);
308
309 Y = (RHs[ (Y >> 1) & 0xF] << 3) | (RHs[ (Y >> 9) & 0xF ] << 2)
310 | (RHs[ (Y >> 17) & 0xF] << 1) | (RHs[ (Y >> 25) & 0xF ] )
311 | (RHs[ (Y >> 4) & 0xF] << 7) | (RHs[ (Y >> 12) & 0xF ] << 6)
312 | (RHs[ (Y >> 20) & 0xF] << 5) | (RHs[ (Y >> 28) & 0xF ] << 4);
313
314 X &= 0x0FFFFFFF;
315 Y &= 0x0FFFFFFF;
316
317 /*
318 * calculate subkeys
319 */
320 for( i = 0; i < 16; i++ )
321 {
322 if( i < 2 || i == 8 || i == 15 )
323 {
324 X = ((X << 1) | (X >> 27)) & 0x0FFFFFFF;
325 Y = ((Y << 1) | (Y >> 27)) & 0x0FFFFFFF;
326 }
327 else
328 {
329 X = ((X << 2) | (X >> 26)) & 0x0FFFFFFF;
330 Y = ((Y << 2) | (Y >> 26)) & 0x0FFFFFFF;
331 }
332
333 *SK++ = ((X << 4) & 0x24000000) | ((X << 28) & 0x10000000)
334 | ((X << 14) & 0x08000000) | ((X << 18) & 0x02080000)
335 | ((X << 6) & 0x01000000) | ((X << 9) & 0x00200000)
336 | ((X >> 1) & 0x00100000) | ((X << 10) & 0x00040000)
337 | ((X << 2) & 0x00020000) | ((X >> 10) & 0x00010000)
338 | ((Y >> 13) & 0x00002000) | ((Y >> 4) & 0x00001000)
339 | ((Y << 6) & 0x00000800) | ((Y >> 1) & 0x00000400)
340 | ((Y >> 14) & 0x00000200) | ((Y ) & 0x00000100)
341 | ((Y >> 5) & 0x00000020) | ((Y >> 10) & 0x00000010)
342 | ((Y >> 3) & 0x00000008) | ((Y >> 18) & 0x00000004)
343 | ((Y >> 26) & 0x00000002) | ((Y >> 24) & 0x00000001);
344
345 *SK++ = ((X << 15) & 0x20000000) | ((X << 17) & 0x10000000)
346 | ((X << 10) & 0x08000000) | ((X << 22) & 0x04000000)
347 | ((X >> 2) & 0x02000000) | ((X << 1) & 0x01000000)
348 | ((X << 16) & 0x00200000) | ((X << 11) & 0x00100000)
349 | ((X << 3) & 0x00080000) | ((X >> 6) & 0x00040000)
350 | ((X << 15) & 0x00020000) | ((X >> 4) & 0x00010000)
351 | ((Y >> 2) & 0x00002000) | ((Y << 8) & 0x00001000)
352 | ((Y >> 14) & 0x00000808) | ((Y >> 9) & 0x00000400)
353 | ((Y ) & 0x00000200) | ((Y << 7) & 0x00000100)
354 | ((Y >> 7) & 0x00000020) | ((Y >> 3) & 0x00000011)
355 | ((Y << 2) & 0x00000004) | ((Y >> 21) & 0x00000002);
356 }
357}
358
359/*
360 * DES key schedule (56-bit, encryption)
361 */
362void des_setkey_enc( des_context *ctx, unsigned char key[8] )
363{
364 des_setkey( ctx->sk, key );
365}
366
367/*
368 * DES key schedule (56-bit, decryption)
369 */
370void des_setkey_dec( des_context *ctx, unsigned char key[8] )
371{
372 int i;
373
374 des_setkey( ctx->sk, key );
375
376 for( i = 0; i < 16; i += 2 )
377 {
378 SWAP( ctx->sk[i ], ctx->sk[30 - i] );
379 SWAP( ctx->sk[i + 1], ctx->sk[31 - i] );
380 }
381}
382
383static void des3_set2key( unsigned long esk[96],
384 unsigned long dsk[96],
385 unsigned char key[16] )
386{
387 int i;
388
389 des_setkey( esk, key );
390 des_setkey( dsk + 32, key + 8 );
391
392 for( i = 0; i < 32; i += 2 )
393 {
394 dsk[i ] = esk[30 - i];
395 dsk[i + 1] = esk[31 - i];
396
397 esk[i + 32] = dsk[62 - i];
398 esk[i + 33] = dsk[63 - i];
399
400 esk[i + 64] = esk[i ];
401 esk[i + 65] = esk[i + 1];
402
403 dsk[i + 64] = dsk[i ];
404 dsk[i + 65] = dsk[i + 1];
405 }
406}
407
408/*
409 * Triple-DES key schedule (112-bit, encryption)
410 */
411void des3_set2key_enc( des3_context *ctx, unsigned char key[16] )
412{
413 unsigned long sk[96];
414
415 des3_set2key( ctx->sk, sk, key );
416 memset( sk, 0, sizeof( sk ) );
417}
418
419/*
420 * Triple-DES key schedule (112-bit, decryption)
421 */
422void des3_set2key_dec( des3_context *ctx, unsigned char key[16] )
423{
424 unsigned long sk[96];
425
426 des3_set2key( sk, ctx->sk, key );
427 memset( sk, 0, sizeof( sk ) );
428}
429
430static void des3_set3key( unsigned long esk[96],
431 unsigned long dsk[96],
432 unsigned char key[24] )
433{
434 int i;
435
436 des_setkey( esk, key );
437 des_setkey( dsk + 32, key + 8 );
438 des_setkey( esk + 64, key + 16 );
439
440 for( i = 0; i < 32; i += 2 )
441 {
442 dsk[i ] = esk[94 - i];
443 dsk[i + 1] = esk[95 - i];
444
445 esk[i + 32] = dsk[62 - i];
446 esk[i + 33] = dsk[63 - i];
447
448 dsk[i + 64] = esk[30 - i];
449 dsk[i + 65] = esk[31 - i];
450 }
451}
452
453/*
454 * Triple-DES key schedule (168-bit, encryption)
455 */
456void des3_set3key_enc( des3_context *ctx, unsigned char key[24] )
457{
458 unsigned long sk[96];
459
460 des3_set3key( ctx->sk, sk, key );
461 memset( sk, 0, sizeof( sk ) );
462}
463
464/*
465 * Triple-DES key schedule (168-bit, decryption)
466 */
467void des3_set3key_dec( des3_context *ctx, unsigned char key[24] )
468{
469 unsigned long sk[96];
470
471 des3_set3key( sk, ctx->sk, key );
472 memset( sk, 0, sizeof( sk ) );
473}
474
475/*
476 * DES-ECB block encryption/decryption
477 */
478void des_crypt_ecb( des_context *ctx,
479 unsigned char input[8],
480 unsigned char output[8] )
481{
482 int i;
483 unsigned long X, Y, T, *SK;
484
485 SK = ctx->sk;
486
487 GET_ULONG_BE( X, input, 0 );
488 GET_ULONG_BE( Y, input, 4 );
489
490 DES_IP( X, Y );
491
492 for( i = 0; i < 8; i++ )
493 {
494 DES_ROUND( Y, X );
495 DES_ROUND( X, Y );
496 }
497
498 DES_FP( Y, X );
499
500 PUT_ULONG_BE( Y, output, 0 );
501 PUT_ULONG_BE( X, output, 4 );
502}
503
504/*
505 * DES-CBC buffer encryption/decryption
506 */
507void des_crypt_cbc( des_context *ctx,
508 int mode,
509 int length,
510 unsigned char iv[8],
511 unsigned char *input,
512 unsigned char *output )
513{
514 int i;
515 unsigned char temp[8];
516
517 if( mode == DES_ENCRYPT )
518 {
519 while( length > 0 )
520 {
521 for( i = 0; i < 8; i++ )
522 output[i] = (unsigned char)( input[i] ^ iv[i] );
523
524 des_crypt_ecb( ctx, output, output );
525 memcpy( iv, output, 8 );
526
527 input += 8;
528 output += 8;
529 length -= 8;
530 }
531 }
532 else /* DES_DECRYPT */
533 {
534 while( length > 0 )
535 {
536 memcpy( temp, input, 8 );
537 des_crypt_ecb( ctx, input, output );
538
539 for( i = 0; i < 8; i++ )
540 output[i] = (unsigned char)( output[i] ^ iv[i] );
541
542 memcpy( iv, temp, 8 );
543
544 input += 8;
545 output += 8;
546 length -= 8;
547 }
548 }
549}
550
551/*
552 * 3DES-ECB block encryption/decryption
553 */
554void des3_crypt_ecb( des3_context *ctx,
555 unsigned char input[8],
556 unsigned char output[8] )
557{
558 int i;
559 unsigned long X, Y, T, *SK;
560
561 SK = ctx->sk;
562
563 GET_ULONG_BE( X, input, 0 );
564 GET_ULONG_BE( Y, input, 4 );
565
566 DES_IP( X, Y );
567
568 for( i = 0; i < 8; i++ )
569 {
570 DES_ROUND( Y, X );
571 DES_ROUND( X, Y );
572 }
573
574 for( i = 0; i < 8; i++ )
575 {
576 DES_ROUND( X, Y );
577 DES_ROUND( Y, X );
578 }
579
580 for( i = 0; i < 8; i++ )
581 {
582 DES_ROUND( Y, X );
583 DES_ROUND( X, Y );
584 }
585
586 DES_FP( Y, X );
587
588 PUT_ULONG_BE( Y, output, 0 );
589 PUT_ULONG_BE( X, output, 4 );
590}
591
592/*
593 * 3DES-CBC buffer encryption/decryption
594 */
595void des3_crypt_cbc( des3_context *ctx,
596 int mode,
597 int length,
598 unsigned char iv[8],
599 unsigned char *input,
600 unsigned char *output )
601{
602 int i;
603 unsigned char temp[8];
604
605 if( mode == DES_ENCRYPT )
606 {
607 while( length > 0 )
608 {
609 for( i = 0; i < 8; i++ )
610 output[i] = (unsigned char)( input[i] ^ iv[i] );
611
612 des3_crypt_ecb( ctx, output, output );
613 memcpy( iv, output, 8 );
614
615 input += 8;
616 output += 8;
617 length -= 8;
618 }
619 }
620 else /* DES_DECRYPT */
621 {
622 while( length > 0 )
623 {
624 memcpy( temp, input, 8 );
625 des3_crypt_ecb( ctx, input, output );
626
627 for( i = 0; i < 8; i++ )
628 output[i] = (unsigned char)( output[i] ^ iv[i] );
629
630 memcpy( iv, temp, 8 );
631
632 input += 8;
633 output += 8;
634 length -= 8;
635 }
636 }
637}
638
639#if defined(XYSSL_SELF_TEST)
640
641#include <stdio.h>
642
643/*
644 * DES/3DES test vectors (source: NIST, tripledes-vectors.zip)
645 */
646static const unsigned char DES3_keys[24] =
647{
648 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
649 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
650 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
651};
652
653static const unsigned char DES3_init[8] =
654{
655 0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74
656};
657
658static const unsigned char DES3_enc_test[3][8] =
659{
660 { 0x6A, 0x2A, 0x19, 0xF4, 0x1E, 0xCA, 0x85, 0x4B },
661 { 0x03, 0xE6, 0x9F, 0x5B, 0xFA, 0x58, 0xEB, 0x42 },
662 { 0xDD, 0x17, 0xE8, 0xB8, 0xB4, 0x37, 0xD2, 0x32 }
663};
664
665static const unsigned char DES3_dec_test[3][8] =
666{
667 { 0xCD, 0xD6, 0x4F, 0x2F, 0x94, 0x27, 0xC1, 0x5D },
668 { 0x69, 0x96, 0xC8, 0xFA, 0x47, 0xA2, 0xAB, 0xEB },
669 { 0x83, 0x25, 0x39, 0x76, 0x44, 0x09, 0x1A, 0x0A }
670};
671
672/*
673 * Checkup routine
674 */
675int des_self_test( int verbose )
676{
677 int i, j, u, v;
678 des_context ctx;
679 des3_context ctx3;
680 unsigned char buf[8];
681
682 for( i = 0; i < 6; i++ )
683 {
684 u = i >> 1;
685 v = i & 1;
686
687 if( verbose != 0 )
688 printf( " DES%c-ECB-%3d (%s): ",
689 ( u == 0 ) ? ' ' : '3', 56 + u * 56,
690 ( v == 0 ) ? "enc" : "dec" );
691
692 memcpy( buf, DES3_init, 8 );
693
694 switch( u )
695 {
696 case 0:
697 if( v == 0 )
698 des_setkey_enc( &ctx, (unsigned char *) DES3_keys );
699 if( v == 1 )
700 des_setkey_dec( &ctx, (unsigned char *) DES3_keys );
701 break;
702
703 case 1:
704 if( v == 0 )
705 des3_set2key_enc( &ctx3, (unsigned char *) DES3_keys );
706 if( v == 1 )
707 des3_set2key_dec( &ctx3, (unsigned char *) DES3_keys );
708 break;
709
710 default:
711 if( v == 0 )
712 des3_set3key_enc( &ctx3, (unsigned char *) DES3_keys );
713 if( v == 1 )
714 des3_set3key_dec( &ctx3, (unsigned char *) DES3_keys );
715 break;
716 }
717
718 for( j = 0; j < 10000; j++ )
719 {
720 if( u == 0 )
721 des_crypt_ecb( &ctx, buf, buf );
722 else
723 des3_crypt_ecb( &ctx3, buf, buf );
724 }
725
726 if( ( v == 0 && memcmp( buf, DES3_enc_test[u], 8 ) != 0 ) ||
727 ( v == 1 && memcmp( buf, DES3_dec_test[u], 8 ) != 0 ) )
728 {
729 if( verbose != 0 )
730 printf( "failed\n" );
731
732 return( 1 );
733 }
734
735 if( verbose != 0 )
736 printf( "passed\n" );
737 }
738
739 if( verbose != 0 )
740 printf( "\n" );
741
742 return( 0 );
743}
744
745#endif
746
747#endif
SK
#define SK(sense)
Definition: ata.c:420
length
uint16_t length
Definition: ata.h:4
des3_set2key_dec
void des3_set2key_dec(des3_context *ctx, unsigned char key[16])
Triple-DES key schedule (112-bit, decryption)
Definition: des.c:422
DES_IP
#define DES_IP(X, Y)
Definition: des.c:245
DES_FP
#define DES_FP(X, Y)
Definition: des.c:259
DES_ROUND
#define DES_ROUND(X, Y)
Definition: des.c:273
des_setkey_dec
void des_setkey_dec(des_context *ctx, unsigned char key[8])
DES key schedule (56-bit, decryption)
Definition: des.c:370
des_setkey_enc
void des_setkey_enc(des_context *ctx, unsigned char key[8])
DES key schedule (56-bit, encryption)
Definition: des.c:362
des3_crypt_cbc
void des3_crypt_cbc(des3_context *ctx, int mode, int length, unsigned char iv[8], unsigned char *input, unsigned char *output)
3DES-CBC buffer encryption/decryption
Definition: des.c:595
des_crypt_ecb
void des_crypt_ecb(des_context *ctx, unsigned char input[8], unsigned char output[8])
DES-ECB block encryption/decryption.
Definition: des.c:478
GET_ULONG_BE
#define GET_ULONG_BE(n, b, i)
Definition: des.c:41
des3_set3key_dec
void des3_set3key_dec(des3_context *ctx, unsigned char key[24])
Triple-DES key schedule (168-bit, decryption)
Definition: des.c:467
SWAP
#define SWAP(a, b)
Definition: des.c:288
des_crypt_cbc
void des_crypt_cbc(des_context *ctx, int mode, int length, unsigned char iv[8], unsigned char *input, unsigned char *output)
DES-CBC buffer encryption/decryption.
Definition: des.c:507
PUT_ULONG_BE
#define PUT_ULONG_BE(n, b, i)
Definition: des.c:51
des3_set2key_enc
void des3_set2key_enc(des3_context *ctx, unsigned char key[16])
Triple-DES key schedule (112-bit, encryption)
Definition: des.c:411
des3_set3key_enc
void des3_set3key_enc(des3_context *ctx, unsigned char key[24])
Triple-DES key schedule (168-bit, encryption)
Definition: des.c:456
des3_crypt_ecb
void des3_crypt_ecb(des3_context *ctx, unsigned char input[8], unsigned char output[8])
3DES-ECB block encryption/decryption
Definition: des.c:554
des_self_test
int des_self_test(int verbose)
DES_ENCRYPT
#define DES_ENCRYPT
Definition: des.h:7
des3_context
Triple-DES context structure.
Definition: des.h:24
des3_context::sk
unsigned long sk[96]
Definition: des.h:26
des_context
DES context structure.
Definition: des.h:14
des_context::sk
unsigned long sk[32]
Definition: des.h:16
j
u8 j
Definition: xenos_edid.h:10
input
u8 input
Definition: xenos_edid.h:11
Generated by doxygen 1.9.5