diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-05-15 01:28:48 +0200 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-05-15 01:28:48 +0200 |
| commit | 1bfb8007c22e14025a7308e371851130df94e93e (patch) | |
| tree | 4904faf9d2664abf643e4230db5a8d4047b7660b /src/libcrypto | |
| parent | c628e3455d486e0ebc1b98e749f9b625a9e65523 (diff) | |
| download | strongswan-1bfb8007c22e14025a7308e371851130df94e93e.tar.bz2 strongswan-1bfb8007c22e14025a7308e371851130df94e93e.tar.xz | |
got rid of libcrypto
Diffstat (limited to 'src/libcrypto')
80 files changed, 0 insertions, 19986 deletions
diff --git a/src/libcrypto/Makefile.am b/src/libcrypto/Makefile.am deleted file mode 100644 index 08f35a955..000000000 --- a/src/libcrypto/Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ -noinst_LIBRARIES = libcrypto.a -libcrypto_a_SOURCES = \ -libaes/aes_xcbc_mac.c libaes/aes_cbc.c libaes/aes_xcbc_mac.h libaes/aes_cbc.h libaes/aes.c libaes/aes.h \ -include/md32_common.h include/cbc_generic.h include/hmac_generic.h \ -libblowfish/bf_skey.c libblowfish/blowfish.h libblowfish/bf_pi.h libblowfish/bf_locl.h libblowfish/bf_enc.c \ -libserpent/serpent_cbc.c libserpent/serpent_cbc.h libserpent/serpent.c libserpent/serpent.h \ -libtwofish/twofish_cbc.h libtwofish/twofish_cbc.c libtwofish/twofish.c libtwofish/twofish.h libdes/des_enc.c \ -libdes/podd.h libdes/sk.h libdes/set_key.c libdes/fcrypt_b.c libdes/fcrypt.c libdes/destest.c \ -libdes/spr.h libdes/cbc_enc.c libdes/ecb_enc.c libdes/des_locl.h libdes/des_ver.h libdes/des.h - -INCLUDES = -I$(top_srcdir)/src/libcrypto/include diff --git a/src/libcrypto/include/cbc_generic.h b/src/libcrypto/include/cbc_generic.h deleted file mode 100644 index 0dd3a77d6..000000000 --- a/src/libcrypto/include/cbc_generic.h +++ /dev/null @@ -1,110 +0,0 @@ -#ifndef _CBC_GENERIC_H -#define _CBC_GENERIC_H -/* - * CBC macro helpers - * - * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - */ - -/* - * Heavily inspired in loop_AES - */ -#define CBC_IMPL_BLK16(name, ctx_type, addr_type, enc_func, dec_func) \ -int name(ctx_type *ctx, const u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt) { \ - int ret=ilen, pos; \ - const u_int32_t *iv_i; \ - if ((ilen) % 16) return 0; \ - if (encrypt) { \ - pos=0; \ - while(pos<ilen) { \ - if (pos==0) \ - iv_i=(const u_int32_t*) iv; \ - else \ - iv_i=(const u_int32_t*) (out-16); \ - *((u_int32_t *)(&out[ 0])) = iv_i[0]^*((const u_int32_t *)(&in[ 0])); \ - *((u_int32_t *)(&out[ 4])) = iv_i[1]^*((const u_int32_t *)(&in[ 4])); \ - *((u_int32_t *)(&out[ 8])) = iv_i[2]^*((const u_int32_t *)(&in[ 8])); \ - *((u_int32_t *)(&out[12])) = iv_i[3]^*((const u_int32_t *)(&in[12])); \ - enc_func(ctx, (addr_type) out, (addr_type) out); \ - in+=16; \ - out+=16; \ - pos+=16; \ - } \ - } else { \ - pos=ilen-16; \ - in+=pos; \ - out+=pos; \ - while(pos>=0) { \ - dec_func(ctx, (const addr_type) in, (addr_type) out); \ - if (pos==0) \ - iv_i=(const u_int32_t*) (iv); \ - else \ - iv_i=(const u_int32_t*) (in-16); \ - *((u_int32_t *)(&out[ 0])) ^= iv_i[0]; \ - *((u_int32_t *)(&out[ 4])) ^= iv_i[1]; \ - *((u_int32_t *)(&out[ 8])) ^= iv_i[2]; \ - *((u_int32_t *)(&out[12])) ^= iv_i[3]; \ - in-=16; \ - out-=16; \ - pos-=16; \ - } \ - } \ - return ret; \ -} -#define CBC_IMPL_BLK8(name, ctx_type, addr_type, enc_func, dec_func) \ -int name(ctx_type *ctx, u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt) { \ - int ret=ilen, pos; \ - const u_int32_t *iv_i; \ - if ((ilen) % 8) return 0; \ - if (encrypt) { \ - pos=0; \ - while(pos<ilen) { \ - if (pos==0) \ - iv_i=(const u_int32_t*) iv; \ - else \ - iv_i=(const u_int32_t*) (out-8); \ - *((u_int32_t *)(&out[ 0])) = iv_i[0]^*((const u_int32_t *)(&in[ 0])); \ - *((u_int32_t *)(&out[ 4])) = iv_i[1]^*((const u_int32_t *)(&in[ 4])); \ - enc_func(ctx, (addr_type)out, (addr_type)out); \ - in+=8; \ - out+=8; \ - pos+=8; \ - } \ - } else { \ - pos=ilen-8; \ - in+=pos; \ - out+=pos; \ - while(pos>=0) { \ - dec_func(ctx, (const addr_type)in, (addr_type)out); \ - if (pos==0) \ - iv_i=(const u_int32_t*) (iv); \ - else \ - iv_i=(const u_int32_t*) (in-8); \ - *((u_int32_t *)(&out[ 0])) ^= iv_i[0]; \ - *((u_int32_t *)(&out[ 4])) ^= iv_i[1]; \ - in-=8; \ - out-=8; \ - pos-=8; \ - } \ - } \ - return ret; \ -} -#define CBC_DECL(name, ctx_type) \ -int name(ctx_type *ctx, u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt) -/* -Eg.: -CBC_IMPL_BLK16(AES_cbc_encrypt, aes_context, u_int8_t *, aes_encrypt, aes_decrypt); -CBC_DECL(AES_cbc_encrypt, aes_context); -*/ -#endif /* _CBC_GENERIC_H */ diff --git a/src/libcrypto/include/hmac_generic.h b/src/libcrypto/include/hmac_generic.h deleted file mode 100644 index a749228e3..000000000 --- a/src/libcrypto/include/hmac_generic.h +++ /dev/null @@ -1,60 +0,0 @@ -#ifndef _HMAC_GENERIC_H -#define _HMAC_GENERIC_H -/* - * HMAC macro helpers - * - * Author: JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - */ - -#ifndef DIVUP -#define DIVUP(x,y) ((x + y -1) / y) /* divide, rounding upwards */ -#endif -#ifndef HMAC_IPAD -#define HMAC_IPAD 0x36 -#define HMAC_OPAD 0x5C -#endif -#define HMAC_SET_KEY_IMPL(func_name, hctx_t, blocksize, func_init, func_update) \ -void func_name(hctx_t *hctx, const u_int8_t * key, int keylen) { \ - int i;\ - u_int8_t kb[blocksize]; \ - for (i = 0; i < DIVUP(keylen*8, 8); i++) { \ - kb[i] = key[i] ^ HMAC_IPAD; \ - } \ - for (; i < blocksize; i++) { \ - kb[i] = HMAC_IPAD; \ - } \ - func_init(&hctx->ictx); \ - func_update(&hctx->ictx, kb, blocksize); \ - for (i = 0; i < blocksize; i++) { \ - kb[i] ^= (HMAC_IPAD ^ HMAC_OPAD); \ - } \ - func_init(&hctx->octx); \ - func_update(&hctx->octx, kb, blocksize); \ -} -#define HMAC_HASH_IMPL(func_name, hctx_t, ctx_t, ahlen, func_update, func_result ) \ -void func_name(hctx_t *hctx, const u_int8_t * dat, int len, u_int8_t * hash, int hashlen) { \ - ctx_t ctx; \ - ctx=hctx->ictx; \ - if (dat) func_update(&ctx, dat, len); \ - if (hash) { \ - u_int8_t hash_buf[ahlen]; \ - func_result(&ctx, hash_buf, ahlen); \ - ctx=hctx->octx; \ - func_update(&ctx, hash_buf, ahlen); \ - func_result(&ctx, hash, hashlen); \ - memset(&ctx, 0, sizeof (ctx)); \ - memset(&hash_buf, 0, sizeof (hash_buf));\ - } \ -} -#endif /* _HMAC_GENERIC_H */ diff --git a/src/libcrypto/include/md32_common.h b/src/libcrypto/include/md32_common.h deleted file mode 100644 index 1a404a458..000000000 --- a/src/libcrypto/include/md32_common.h +++ /dev/null @@ -1,607 +0,0 @@ -/* crypto/md32_common.h */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * This is a generic 32 bit "collector" for message digest algorithms. - * Whenever needed it collects input character stream into chunks of - * 32 bit values and invokes a block function that performs actual hash - * calculations. - * - * Porting guide. - * - * Obligatory macros: - * - * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN - * this macro defines byte order of input stream. - * HASH_CBLOCK - * size of a unit chunk HASH_BLOCK operates on. - * HASH_LONG - * has to be at lest 32 bit wide, if it's wider, then - * HASH_LONG_LOG2 *has to* be defined along - * HASH_CTX - * context structure that at least contains following - * members: - * typedef struct { - * ... - * HASH_LONG Nl,Nh; - * HASH_LONG data[HASH_LBLOCK]; - * int num; - * ... - * } HASH_CTX; - * HASH_UPDATE - * name of "Update" function, implemented here. - * HASH_TRANSFORM - * name of "Transform" function, implemented here. - * HASH_FINAL - * name of "Final" function, implemented here. - * HASH_BLOCK_HOST_ORDER - * name of "block" function treating *aligned* input message - * in host byte order, implemented externally. - * HASH_BLOCK_DATA_ORDER - * name of "block" function treating *unaligned* input message - * in original (data) byte order, implemented externally (it - * actually is optional if data and host are of the same - * "endianess"). - * HASH_MAKE_STRING - * macro convering context variables to an ASCII hash string. - * - * Optional macros: - * - * B_ENDIAN or L_ENDIAN - * defines host byte-order. - * HASH_LONG_LOG2 - * defaults to 2 if not states otherwise. - * HASH_LBLOCK - * assumed to be HASH_CBLOCK/4 if not stated otherwise. - * HASH_BLOCK_DATA_ORDER_ALIGNED - * alternative "block" function capable of treating - * aligned input message in original (data) order, - * implemented externally. - * - * MD5 example: - * - * #define DATA_ORDER_IS_LITTLE_ENDIAN - * - * #define HASH_LONG MD5_LONG - * #define HASH_LONG_LOG2 MD5_LONG_LOG2 - * #define HASH_CTX MD5_CTX - * #define HASH_CBLOCK MD5_CBLOCK - * #define HASH_LBLOCK MD5_LBLOCK - * #define HASH_UPDATE MD5_Update - * #define HASH_TRANSFORM MD5_Transform - * #define HASH_FINAL MD5_Final - * #define HASH_BLOCK_HOST_ORDER md5_block_host_order - * #define HASH_BLOCK_DATA_ORDER md5_block_data_order - * - * <appro@fy.chalmers.se> - */ - -#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN) -#error "DATA_ORDER must be defined!" -#endif - -#ifndef HASH_CBLOCK -#error "HASH_CBLOCK must be defined!" -#endif -#ifndef HASH_LONG -#error "HASH_LONG must be defined!" -#endif -#ifndef HASH_CTX -#error "HASH_CTX must be defined!" -#endif - -#ifndef HASH_UPDATE -#error "HASH_UPDATE must be defined!" -#endif -#ifndef HASH_TRANSFORM -#error "HASH_TRANSFORM must be defined!" -#endif -#ifndef HASH_FINAL -#error "HASH_FINAL must be defined!" -#endif - -#ifndef HASH_BLOCK_HOST_ORDER -#error "HASH_BLOCK_HOST_ORDER must be defined!" -#endif - -#if 0 -/* - * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED - * isn't defined. - */ -#ifndef HASH_BLOCK_DATA_ORDER -#error "HASH_BLOCK_DATA_ORDER must be defined!" -#endif -#endif - -#ifndef HASH_LBLOCK -#define HASH_LBLOCK (HASH_CBLOCK/4) -#endif - -#ifndef HASH_LONG_LOG2 -#define HASH_LONG_LOG2 2 -#endif - -/* - * Engage compiler specific rotate intrinsic function if available. - */ -#undef ROTATE -#ifndef PEDANTIC -# if defined(_MSC_VER) -# define ROTATE(a,n) _lrotl(a,n) -# elif defined(__MWERKS__) -# if defined(__POWERPC__) -# define ROTATE(a,n) __rlwinm(a,n,0,31) -# elif defined(__MC68K__) - /* Motorola specific tweak. <appro@fy.chalmers.se> */ -# define ROTATE(a,n) ( n<24 ? __rol(a,n) : __ror(a,32-n) ) -# else -# define ROTATE(a,n) __rol(a,n) -# endif -# elif defined(__GNUC__) && __GNUC__>=2 && !defined(NO_ASM) && !defined(NO_INLINE_ASM) - /* - * Some GNU C inline assembler templates. Note that these are - * rotates by *constant* number of bits! But that's exactly - * what we need here... - * - * <appro@fy.chalmers.se> - */ -# if defined(__i386) -# define ROTATE(a,n) ({ register unsigned int ret; \ - asm ( \ - "roll %1,%0" \ - : "=r"(ret) \ - : "I"(n), "0"(a) \ - : "cc"); \ - ret; \ - }) -# elif defined(__powerpc) || defined(__ppc) -# define ROTATE(a,n) ({ register unsigned int ret; \ - asm ( \ - "rlwinm %0,%1,%2,0,31" \ - : "=r"(ret) \ - : "r"(a), "I"(n)); \ - ret; \ - }) -# endif -# endif - -/* - * Engage compiler specific "fetch in reverse byte order" - * intrinsic function if available. - */ -# if defined(__GNUC__) && __GNUC__>=2 && !defined(NO_ASM) && !defined(NO_INLINE_ASM) - /* some GNU C inline assembler templates by <appro@fy.chalmers.se> */ -# if defined(__i386) && !defined(I386_ONLY) -# define BE_FETCH32(a) ({ register unsigned int l=(a);\ - asm ( \ - "bswapl %0" \ - : "=r"(l) : "0"(l)); \ - l; \ - }) -# elif defined(__powerpc) -# define LE_FETCH32(a) ({ register unsigned int l; \ - asm ( \ - "lwbrx %0,0,%1" \ - : "=r"(l) \ - : "r"(a)); \ - l; \ - }) - -# elif defined(__sparc) && defined(ULTRASPARC) -# define LE_FETCH32(a) ({ register unsigned int l; \ - asm ( \ - "lda [%1]#ASI_PRIMARY_LITTLE,%0"\ - : "=r"(l) \ - : "r"(a)); \ - l; \ - }) -# endif -# endif -#endif /* PEDANTIC */ - -#if HASH_LONG_LOG2==2 /* Engage only if sizeof(HASH_LONG)== 4 */ -/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */ -#ifdef ROTATE -/* 5 instructions with rotate instruction, else 9 */ -#define REVERSE_FETCH32(a,l) ( \ - l=*(const HASH_LONG *)(a), \ - ((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24))) \ - ) -#else -/* 6 instructions with rotate instruction, else 8 */ -#define REVERSE_FETCH32(a,l) ( \ - l=*(const HASH_LONG *)(a), \ - l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)), \ - ROTATE(l,16) \ - ) -/* - * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|... - * It's rewritten as above for two reasons: - * - RISCs aren't good at long constants and have to explicitely - * compose 'em with several (well, usually 2) instructions in a - * register before performing the actual operation and (as you - * already realized:-) having same constant should inspire the - * compiler to permanently allocate the only register for it; - * - most modern CPUs have two ALUs, but usually only one has - * circuitry for shifts:-( this minor tweak inspires compiler - * to schedule shift instructions in a better way... - * - * <appro@fy.chalmers.se> - */ -#endif -#endif - -#ifndef ROTATE -#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) -#endif - -/* - * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED - * and HASH_BLOCK_HOST_ORDER ought to be the same if input data - * and host are of the same "endianess". It's possible to mask - * this with blank #define HASH_BLOCK_DATA_ORDER though... - * - * <appro@fy.chalmers.se> - */ -#if defined(B_ENDIAN) -# if defined(DATA_ORDER_IS_BIG_ENDIAN) -# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2 -# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER -# endif -# elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) -# ifndef HOST_FETCH32 -# ifdef LE_FETCH32 -# define HOST_FETCH32(p,l) LE_FETCH32(p) -# elif defined(REVERSE_FETCH32) -# define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l) -# endif -# endif -# endif -#elif defined(L_ENDIAN) -# if defined(DATA_ORDER_IS_LITTLE_ENDIAN) -# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2 -# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER -# endif -# elif defined(DATA_ORDER_IS_BIG_ENDIAN) -# ifndef HOST_FETCH32 -# ifdef BE_FETCH32 -# define HOST_FETCH32(p,l) BE_FETCH32(p) -# elif defined(REVERSE_FETCH32) -# define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l) -# endif -# endif -# endif -#endif - -#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) -#ifndef HASH_BLOCK_DATA_ORDER -#error "HASH_BLOCK_DATA_ORDER must be defined!" -#endif -#endif - -#if defined(DATA_ORDER_IS_BIG_ENDIAN) - -#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ - l|=(((unsigned long)(*((c)++)))<<16), \ - l|=(((unsigned long)(*((c)++)))<< 8), \ - l|=(((unsigned long)(*((c)++))) ), \ - l) -#define HOST_p_c2l(c,l,n) { \ - switch (n) { \ - case 0: l =((unsigned long)(*((c)++)))<<24; \ - case 1: l|=((unsigned long)(*((c)++)))<<16; \ - case 2: l|=((unsigned long)(*((c)++)))<< 8; \ - case 3: l|=((unsigned long)(*((c)++))); \ - } } -#define HOST_p_c2l_p(c,l,sc,len) { \ - switch (sc) { \ - case 0: l =((unsigned long)(*((c)++)))<<24; \ - if (--len == 0) break; \ - case 1: l|=((unsigned long)(*((c)++)))<<16; \ - if (--len == 0) break; \ - case 2: l|=((unsigned long)(*((c)++)))<< 8; \ - } } -/* NOTE the pointer is not incremented at the end of this */ -#define HOST_c2l_p(c,l,n) { \ - l=0; (c)+=n; \ - switch (n) { \ - case 3: l =((unsigned long)(*(--(c))))<< 8; \ - case 2: l|=((unsigned long)(*(--(c))))<<16; \ - case 1: l|=((unsigned long)(*(--(c))))<<24; \ - } } -#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff), \ - l) - -#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) - -#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ - l|=(((unsigned long)(*((c)++)))<< 8), \ - l|=(((unsigned long)(*((c)++)))<<16), \ - l|=(((unsigned long)(*((c)++)))<<24), \ - l) -#define HOST_p_c2l(c,l,n) { \ - switch (n) { \ - case 0: l =((unsigned long)(*((c)++))); \ - case 1: l|=((unsigned long)(*((c)++)))<< 8; \ - case 2: l|=((unsigned long)(*((c)++)))<<16; \ - case 3: l|=((unsigned long)(*((c)++)))<<24; \ - } } -#define HOST_p_c2l_p(c,l,sc,len) { \ - switch (sc) { \ - case 0: l =((unsigned long)(*((c)++))); \ - if (--len == 0) break; \ - case 1: l|=((unsigned long)(*((c)++)))<< 8; \ - if (--len == 0) break; \ - case 2: l|=((unsigned long)(*((c)++)))<<16; \ - } } -/* NOTE the pointer is not incremented at the end of this */ -#define HOST_c2l_p(c,l,n) { \ - l=0; (c)+=n; \ - switch (n) { \ - case 3: l =((unsigned long)(*(--(c))))<<16; \ - case 2: l|=((unsigned long)(*(--(c))))<< 8; \ - case 1: l|=((unsigned long)(*(--(c)))); \ - } } -#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24)&0xff), \ - l) - -#endif - -/* - * Time for some action:-) - */ - -void HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len) - { - const unsigned char *data=data_; - register HASH_LONG * p; - register unsigned long l; - int sw,sc,ew,ec; - - if (len==0) return; - - l=(c->Nl+(len<<3))&0xffffffffL; - /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to - * Wei Dai <weidai@eskimo.com> for pointing it out. */ - if (l < c->Nl) /* overflow */ - c->Nh++; - c->Nh+=(len>>29); - c->Nl=l; - - if (c->num != 0) - { - p=c->data; - sw=c->num>>2; - sc=c->num&0x03; - - if ((c->num+len) >= HASH_CBLOCK) - { - l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l; - for (; sw<HASH_LBLOCK; sw++) - { - HOST_c2l(data,l); p[sw]=l; - } - HASH_BLOCK_HOST_ORDER (c,p,1); - len-=(HASH_CBLOCK-c->num); - c->num=0; - /* drop through and do the rest */ - } - else - { - c->num+=len; - if ((sc+len) < 4) /* ugly, add char's to a word */ - { - l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l; - } - else - { - ew=(c->num>>2); - ec=(c->num&0x03); - l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l; - for (; sw < ew; sw++) - { - HOST_c2l(data,l); p[sw]=l; - } - if (ec) - { - HOST_c2l_p(data,l,ec); p[sw]=l; - } - } - return; - } - } - - sw=len/HASH_CBLOCK; - if (sw > 0) - { -#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED) - /* - * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined - * only if sizeof(HASH_LONG)==4. - */ - if ((((unsigned long)data)%4) == 0) - { - /* data is properly aligned so that we can cast it: */ - HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,sw); - sw*=HASH_CBLOCK; - data+=sw; - len-=sw; - } - else -#if !defined(HASH_BLOCK_DATA_ORDER) - while (sw--) - { - memcpy (p=c->data,data,HASH_CBLOCK); - HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1); - data+=HASH_CBLOCK; - len-=HASH_CBLOCK; - } -#endif -#endif -#if defined(HASH_BLOCK_DATA_ORDER) - { - HASH_BLOCK_DATA_ORDER(c,data,sw); - sw*=HASH_CBLOCK; - data+=sw; - len-=sw; - } -#endif - } - - if (len!=0) - { - p = c->data; - c->num = len; - ew=len>>2; /* words to copy */ - ec=len&0x03; - for (; ew; ew--,p++) - { - HOST_c2l(data,l); *p=l; - } - HOST_c2l_p(data,l,ec); - *p=l; - } - } - - -void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data) - { -#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED) - if ((((unsigned long)data)%4) == 0) - /* data is properly aligned so that we can cast it: */ - HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,1); - else -#if !defined(HASH_BLOCK_DATA_ORDER) - { - memcpy (c->data,data,HASH_CBLOCK); - HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1); - } -#endif -#endif -#if defined(HASH_BLOCK_DATA_ORDER) - HASH_BLOCK_DATA_ORDER (c,data,1); -#endif - } - - -void HASH_FINAL (unsigned char *md, HASH_CTX *c) - { - register HASH_LONG *p; - register unsigned long l; - register int i,j; - static const unsigned char end[4]={0x80,0x00,0x00,0x00}; - const unsigned char *cp=end; - - /* c->num should definitly have room for at least one more byte. */ - p=c->data; - i=c->num>>2; - j=c->num&0x03; - -#if 0 - /* purify often complains about the following line as an - * Uninitialized Memory Read. While this can be true, the - * following p_c2l macro will reset l when that case is true. - * This is because j&0x03 contains the number of 'valid' bytes - * already in p[i]. If and only if j&0x03 == 0, the UMR will - * occur but this is also the only time p_c2l will do - * l= *(cp++) instead of l|= *(cp++) - * Many thanks to Alex Tang <altitude@cic.net> for pickup this - * 'potential bug' */ -#ifdef PURIFY - if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */ -#endif - l=p[i]; -#else - l = (j==0) ? 0 : p[i]; -#endif - HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */ - - if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */ - { - if (i<HASH_LBLOCK) p[i]=0; - HASH_BLOCK_HOST_ORDER (c,p,1); - i=0; - } - for (; i<(HASH_LBLOCK-2); i++) - p[i]=0; - -#if defined(DATA_ORDER_IS_BIG_ENDIAN) - p[HASH_LBLOCK-2]=c->Nh; - p[HASH_LBLOCK-1]=c->Nl; -#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) - p[HASH_LBLOCK-2]=c->Nl; - p[HASH_LBLOCK-1]=c->Nh; -#endif - HASH_BLOCK_HOST_ORDER (c,p,1); - -#ifndef HASH_MAKE_STRING -#error "HASH_MAKE_STRING must be defined!" -#else - HASH_MAKE_STRING(c,md); -#endif - - c->num=0; - /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack - * but I'm not worried :-) - memset((void *)c,0,sizeof(HASH_CTX)); - */ - } diff --git a/src/libcrypto/libaes/Makefile.old b/src/libcrypto/libaes/Makefile.old deleted file mode 100644 index 7e4cff6e8..000000000 --- a/src/libcrypto/libaes/Makefile.old +++ /dev/null @@ -1,40 +0,0 @@ -CFLAGS=-O3 -fomit-frame-pointer -D__KERNEL__ -Wall -Wcast-qual $(EXTRA_CFLAGS) -INC=-I../include - -AES_CORE_OBJ:=aes.o - -ASM-$(ARCH_ASM):=1 -ASM_X86:=$(ASM-i586)$(ASM-i686) -ifneq ($(strip $(ASM_X86)),) -AES_CORE_OBJ:= asm/aes-i586.o -endif - -LIBOBJ := aes_xcbc_mac.o aes_cbc.o $(AES_CORE_OBJ) -LDLIBS := -laes -LDFLAGS := -L. - -BLIB := libaes.a - -L_TARGET := $(BLIB) - -.c.o: - $(CC) $(CPPFLAGS) $(CFLAGS) $(INC) -c $< -o $@ - -.S.o: - $(CC) $(AFLAGS) -c $< -o $@ - -$(BLIB): $(LIBOBJ) - /bin/rm -f $(BLIB) - ar cr $(BLIB) $(LIBOBJ) - -if test -s /bin/ranlib; then /bin/ranlib $(BLIB); \ - else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(BLIB); \ - else exit 0; fi; fi - -testx: test_main_mac.o $(BLIB) - $(CC) -o $@ $^ - -test: test_main.o $(BLIB) - $(CC) -o $@ $^ - -clean: - rm -f *.[oa] asm/*.o core $(TARGET) test testx diff --git a/src/libcrypto/libaes/aes.c b/src/libcrypto/libaes/aes.c deleted file mode 100644 index 1748119ac..000000000 --- a/src/libcrypto/libaes/aes.c +++ /dev/null @@ -1,1415 +0,0 @@ -// I retain copyright in this code but I encourage its free use provided -// that I don't carry any responsibility for the results. I am especially -// happy to see it used in free and open source software. If you do use -// it I would appreciate an acknowledgement of its origin in the code or -// the product that results and I would also appreciate knowing a little -// about the use to which it is being put. I am grateful to Frank Yellin -// for some ideas that are used in this implementation. -// -// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001. -// -// This is an implementation of the AES encryption algorithm (Rijndael) -// designed by Joan Daemen and Vincent Rijmen. This version is designed -// to provide both fixed and dynamic block and key lengths and can also -// run with either big or little endian internal byte order (see aes.h). -// It inputs block and key lengths in bytes with the legal values being -// 16, 24 and 32. - -/* - * Modified by Jari Ruusu, May 1 2001 - * - Fixed some compile warnings, code was ok but gcc warned anyway. - * - Changed basic types: byte -> unsigned char, word -> u_int32_t - * - Major name space cleanup: Names visible to outside now begin - * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c - * - Removed C++ and DLL support as part of name space cleanup. - * - Eliminated unnecessary recomputation of tables. (actual bug fix) - * - Merged precomputed constant tables to aes.c file. - * - Removed data alignment restrictions for portability reasons. - * - Made block and key lengths accept bit count (128/192/256) - * as well byte count (16/24/32). - * - Removed all error checks. This change also eliminated the need - * to preinitialize the context struct to zero. - * - Removed some totally unused constants. - */ - -#include "aes.h" - -// CONFIGURATION OPTIONS (see also aes.h) -// -// 1. Define UNROLL for full loop unrolling in encryption and decryption. -// 2. Define PARTIAL_UNROLL to unroll two loops in encryption and decryption. -// 3. Define FIXED_TABLES for compiled rather than dynamic tables. -// 4. Define FF_TABLES to use tables for field multiplies and inverses. -// Do not enable this without understanding stack space requirements. -// 5. Define ARRAYS to use arrays to hold the local state block. If this -// is not defined, individually declared 32-bit words are used. -// 6. Define FAST_VARIABLE if a high speed variable block implementation -// is needed (essentially three separate fixed block size code sequences) -// 7. Define either ONE_TABLE or FOUR_TABLES for a fast table driven -// version using 1 table (2 kbytes of table space) or 4 tables (8 -// kbytes of table space) for higher speed. -// 8. Define either ONE_LR_TABLE or FOUR_LR_TABLES for a further speed -// increase by using tables for the last rounds but with more table -// space (2 or 8 kbytes extra). -// 9. If neither ONE_TABLE nor FOUR_TABLES is defined, a compact but -// slower version is provided. -// 10. If fast decryption key scheduling is needed define ONE_IM_TABLE -// or FOUR_IM_TABLES for higher speed (2 or 8 kbytes extra). - -#define UNROLL -//#define PARTIAL_UNROLL - -#define FIXED_TABLES -//#define FF_TABLES -//#define ARRAYS -#define FAST_VARIABLE - -//#define ONE_TABLE -#define FOUR_TABLES - -//#define ONE_LR_TABLE -#define FOUR_LR_TABLES - -//#define ONE_IM_TABLE -#define FOUR_IM_TABLES - -#if defined(UNROLL) && defined (PARTIAL_UNROLL) -#error both UNROLL and PARTIAL_UNROLL are defined -#endif - -#if defined(ONE_TABLE) && defined (FOUR_TABLES) -#error both ONE_TABLE and FOUR_TABLES are defined -#endif - -#if defined(ONE_LR_TABLE) && defined (FOUR_LR_TABLES) -#error both ONE_LR_TABLE and FOUR_LR_TABLES are defined -#endif - -#if defined(ONE_IM_TABLE) && defined (FOUR_IM_TABLES) -#error both ONE_IM_TABLE and FOUR_IM_TABLES are defined -#endif - -#if defined(AES_BLOCK_SIZE) && AES_BLOCK_SIZE != 16 && AES_BLOCK_SIZE != 24 && AES_BLOCK_SIZE != 32 -#error an illegal block size has been specified -#endif - -// upr(x,n): rotates bytes within words by n positions, moving bytes -// to higher index positions with wrap around into low positions -// ups(x,n): moves bytes by n positions to higher index positions in -// words but without wrap around -// bval(x,n): extracts a byte from a word - -#define upr(x,n) (((x) << 8 * (n)) | ((x) >> (32 - 8 * (n)))) -#define ups(x,n) ((x) << 8 * (n)) -#define bval(x,n) ((unsigned char)((x) >> 8 * (n))) -#define bytes2word(b0, b1, b2, b3) \ - ((u_int32_t)(b3) << 24 | (u_int32_t)(b2) << 16 | (u_int32_t)(b1) << 8 | (b0)) - - -/* little endian processor without data alignment restrictions: AES_LE_OK */ -/* original code: i386 */ -#if defined(i386) || defined(_I386) || defined(__i386__) || defined(__i386) -#define AES_LE_OK 1 -/* added (tested): alpha --jjo */ -#elif defined(__alpha__)|| defined (__alpha) -#define AES_LE_OK 1 -/* added (tested): ia64 --jjo */ -#elif defined(__ia64__)|| defined (__ia64) -#define AES_LE_OK 1 -#endif - -#ifdef AES_LE_OK -/* little endian processor without data alignment restrictions */ -#define word_in(x) *(u_int32_t*)(x) -#define const_word_in(x) *(const u_int32_t*)(x) -#define word_out(x,v) *(u_int32_t*)(x) = (v) -#define const_word_out(x,v) *(const u_int32_t*)(x) = (v) -#else -/* slower but generic big endian or with data alignment restrictions */ -/* some additional "const" touches to stop "gcc -Wcast-qual" complains --jjo */ -#define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24)) -#define const_word_in(x) ((const u_int32_t)(((const unsigned char *)(x))[0])|((const u_int32_t)(((const unsigned char *)(x))[1])<<8)|((const u_int32_t)(((const unsigned char *)(x))[2])<<16)|((const u_int32_t)(((const unsigned char *)(x))[3])<<24)) -#define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24) -#define const_word_out(x,v) ((const unsigned char *)(x))[0]=(v),((const unsigned char *)(x))[1]=((v)>>8),((const unsigned char *)(x))[2]=((v)>>16),((const unsigned char *)(x))[3]=((v)>>24) -#endif - -// Disable at least some poor combinations of options - -#if !defined(ONE_TABLE) && !defined(FOUR_TABLES) -#define FIXED_TABLES -#undef UNROLL -#undef ONE_LR_TABLE -#undef FOUR_LR_TABLES -#undef ONE_IM_TABLE -#undef FOUR_IM_TABLES -#elif !defined(FOUR_TABLES) -#ifdef FOUR_LR_TABLES -#undef FOUR_LR_TABLES -#define ONE_LR_TABLE -#endif -#ifdef FOUR_IM_TABLES -#undef FOUR_IM_TABLES -#define ONE_IM_TABLE -#endif -#elif !defined(AES_BLOCK_SIZE) -#if defined(UNROLL) -#define PARTIAL_UNROLL -#undef UNROLL -#endif -#endif - -// the finite field modular polynomial and elements - -#define ff_poly 0x011b -#define ff_hi 0x80 - -// multiply four bytes in GF(2^8) by 'x' {02} in parallel - -#define m1 0x80808080 -#define m2 0x7f7f7f7f -#define m3 0x0000001b -#define FFmulX(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * m3)) - -// The following defines provide alternative definitions of FFmulX that might -// give improved performance if a fast 32-bit multiply is not available. Note -// that a temporary variable u needs to be defined where FFmulX is used. - -// #define FFmulX(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6)) -// #define m4 0x1b1b1b1b -// #define FFmulX(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4) - -// perform column mix operation on four bytes in parallel - -#define fwd_mcol(x) (f2 = FFmulX(x), f2 ^ upr(x ^ f2,3) ^ upr(x,2) ^ upr(x,1)) - -#if defined(FIXED_TABLES) - -// the S-Box table - -static const unsigned char s_box[256] = -{ - 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, - 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, - 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, - 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, - 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, - 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, - 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, - 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, - 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, - 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, - 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, - 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, - 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, - 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, - 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, - 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, - 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, - 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, - 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, - 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, - 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, - 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, - 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, - 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, - 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, - 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, - 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, - 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, - 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, - 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, - 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, - 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 -}; - -// the inverse S-Box table - -static const unsigned char inv_s_box[256] = -{ - 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, - 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, - 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, - 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, - 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, - 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, - 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, - 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, - 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, - 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, - 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, - 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, - 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, - 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, - 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, - 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, - 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, - 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, - 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, - 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e, - 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, - 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, - 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, - 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4, - 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, - 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, - 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, - 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, - 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, - 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, - 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, - 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d -}; - -#define w0(p) 0x000000##p - -// Number of elements required in this table for different -// block and key lengths is: -// -// Nk = 4 6 8 -// ---------- -// Nb = 4 | 10 8 7 -// 6 | 19 12 11 -// 8 | 29 19 14 -// -// this table can be a table of bytes if the key schedule -// code is adjusted accordingly - -static const u_int32_t rcon_tab[29] = -{ - w0(01), w0(02), w0(04), w0(08), - w0(10), w0(20), w0(40), w0(80), - w0(1b), w0(36), w0(6c), w0(d8), - w0(ab), w0(4d), w0(9a), w0(2f), - w0(5e), w0(bc), w0(63), w0(c6), - w0(97), w0(35), w0(6a), w0(d4), - w0(b3), w0(7d), w0(fa), w0(ef), - w0(c5) -}; - -#undef w0 - -#define r0(p,q,r,s) 0x##p##q##r##s -#define r1(p,q,r,s) 0x##q##r##s##p -#define r2(p,q,r,s) 0x##r##s##p##q -#define r3(p,q,r,s) 0x##s##p##q##r -#define w0(p) 0x000000##p -#define w1(p) 0x0000##p##00 -#define w2(p) 0x00##p##0000 -#define w3(p) 0x##p##000000 - -#if defined(FIXED_TABLES) && (defined(ONE_TABLE) || defined(FOUR_TABLES)) - -// data for forward tables (other than last round) - -#define f_table \ - r(a5,63,63,c6), r(84,7c,7c,f8), r(99,77,77,ee), r(8d,7b,7b,f6),\ - r(0d,f2,f2,ff), r(bd,6b,6b,d6), r(b1,6f,6f,de), r(54,c5,c5,91),\ - r(50,30,30,60), r(03,01,01,02), r(a9,67,67,ce), r(7d,2b,2b,56),\ - r(19,fe,fe,e7), r(62,d7,d7,b5), r(e6,ab,ab,4d), r(9a,76,76,ec),\ - r(45,ca,ca,8f), r(9d,82,82,1f), r(40,c9,c9,89), r(87,7d,7d,fa),\ - r(15,fa,fa,ef), r(eb,59,59,b2), r(c9,47,47,8e), r(0b,f0,f0,fb),\ - r(ec,ad,ad,41), r(67,d4,d4,b3), r(fd,a2,a2,5f), r(ea,af,af,45),\ - r(bf,9c,9c,23), r(f7,a4,a4,53), r(96,72,72,e4), r(5b,c0,c0,9b),\ - r(c2,b7,b7,75), r(1c,fd,fd,e1), r(ae,93,93,3d), r(6a,26,26,4c),\ - r(5a,36,36,6c), r(41,3f,3f,7e), r(02,f7,f7,f5), r(4f,cc,cc,83),\ - r(5c,34,34,68), r(f4,a5,a5,51), r(34,e5,e5,d1), r(08,f1,f1,f9),\ - r(93,71,71,e2), r(73,d8,d8,ab), r(53,31,31,62), r(3f,15,15,2a),\ - r(0c,04,04,08), r(52,c7,c7,95), r(65,23,23,46), r(5e,c3,c3,9d),\ - r(28,18,18,30), r(a1,96,96,37), r(0f,05,05,0a), r(b5,9a,9a,2f),\ - r(09,07,07,0e), r(36,12,12,24), r(9b,80,80,1b), r(3d,e2,e2,df),\ - r(26,eb,eb,cd), r(69,27,27,4e), r(cd,b2,b2,7f), r(9f,75,75,ea),\ - r(1b,09,09,12), r(9e,83,83,1d), r(74,2c,2c,58), r(2e,1a,1a,34),\ - r(2d,1b,1b,36), r(b2,6e,6e,dc), r(ee,5a,5a,b4), r(fb,a0,a0,5b),\ - r(f6,52,52,a4), r(4d,3b,3b,76), r(61,d6,d6,b7), r(ce,b3,b3,7d),\ - r(7b,29,29,52), r(3e,e3,e3,dd), r(71,2f,2f,5e), r(97,84,84,13),\ - r(f5,53,53,a6), r(68,d1,d1,b9), r(00,00,00,00), r(2c,ed,ed,c1),\ - r(60,20,20,40), r(1f,fc,fc,e3), r(c8,b1,b1,79), r(ed,5b,5b,b6),\ - r(be,6a,6a,d4), r(46,cb,cb,8d), r(d9,be,be,67), r(4b,39,39,72),\ - r(de,4a,4a,94), r(d4,4c,4c,98), r(e8,58,58,b0), r(4a,cf,cf,85),\ - r(6b,d0,d0,bb), r(2a,ef,ef,c5), r(e5,aa,aa,4f), r(16,fb,fb,ed),\ - r(c5,43,43,86), r(d7,4d,4d,9a), r(55,33,33,66), r(94,85,85,11),\ - r(cf,45,45,8a), r(10,f9,f9,e9), r(06,02,02,04), r(81,7f,7f,fe),\ - r(f0,50,50,a0), r(44,3c,3c,78), r(ba,9f,9f,25), r(e3,a8,a8,4b),\ - r(f3,51,51,a2), r(fe,a3,a3,5d), r(c0,40,40,80), r(8a,8f,8f,05),\ - r(ad,92,92,3f), r(bc,9d,9d,21), r(48,38,38,70), r(04,f5,f5,f1),\ - r(df,bc,bc,63), r(c1,b6,b6,77), r(75,da,da,af), r(63,21,21,42),\ - r(30,10,10,20), r(1a,ff,ff,e5), r(0e,f3,f3,fd), r(6d,d2,d2,bf),\ - r(4c,cd,cd,81), r(14,0c,0c,18), r(35,13,13,26), r(2f,ec,ec,c3),\ - r(e1,5f,5f,be), r(a2,97,97,35), r(cc,44,44,88), r(39,17,17,2e),\ - r(57,c4,c4,93), r(f2,a7,a7,55), r(82,7e,7e,fc), r(47,3d,3d,7a),\ - r(ac,64,64,c8), r(e7,5d,5d,ba), r(2b,19,19,32), r(95,73,73,e6),\ - r(a0,60,60,c0), r(98,81,81,19), r(d1,4f,4f,9e), r(7f,dc,dc,a3),\ - r(66,22,22,44), r(7e,2a,2a,54), r(ab,90,90,3b), r(83,88,88,0b),\ - r(ca,46,46,8c), r(29,ee,ee,c7), r(d3,b8,b8,6b), r(3c,14,14,28),\ - r(79,de,de,a7), r(e2,5e,5e,bc), r(1d,0b,0b,16), r(76,db,db,ad),\ - r(3b,e0,e0,db), r(56,32,32,64), r(4e,3a,3a,74), r(1e,0a,0a,14),\ - r(db,49,49,92), r(0a,06,06,0c), r(6c,24,24,48), r(e4,5c,5c,b8),\ - r(5d,c2,c2,9f), r(6e,d3,d3,bd), r(ef,ac,ac,43), r(a6,62,62,c4),\ - r(a8,91,91,39), r(a4,95,95,31), r(37,e4,e4,d3), r(8b,79,79,f2),\ - r(32,e7,e7,d5), r(43,c8,c8,8b), r(59,37,37,6e), r(b7,6d,6d,da),\ - r(8c,8d,8d,01), r(64,d5,d5,b1), r(d2,4e,4e,9c), r(e0,a9,a9,49),\ - r(b4,6c,6c,d8), r(fa,56,56,ac), r(07,f4,f4,f3), r(25,ea,ea,cf),\ - r(af,65,65,ca), r(8e,7a,7a,f4), r(e9,ae,ae,47), r(18,08,08,10),\ - r(d5,ba,ba,6f), r(88,78,78,f0), r(6f,25,25,4a), r(72,2e,2e,5c),\ - r(24,1c,1c,38), r(f1,a6,a6,57), r(c7,b4,b4,73), r(51,c6,c6,97),\ - r(23,e8,e8,cb), r(7c,dd,dd,a1), r(9c,74,74,e8), r(21,1f,1f,3e),\ - r(dd,4b,4b,96), r(dc,bd,bd,61), r(86,8b,8b,0d), r(85,8a,8a,0f),\ - r(90,70,70,e0), r(42,3e,3e,7c), r(c4,b5,b5,71), r(aa,66,66,cc),\ - r(d8,48,48,90), r(05,03,03,06), r(01,f6,f6,f7), r(12,0e,0e,1c),\ - r(a3,61,61,c2), r(5f,35,35,6a), r(f9,57,57,ae), r(d0,b9,b9,69),\ - r(91,86,86,17), r(58,c1,c1,99), r(27,1d,1d,3a), r(b9,9e,9e,27),\ - r(38,e1,e1,d9), r(13,f8,f8,eb), r(b3,98,98,2b), r(33,11,11,22),\ - r(bb,69,69,d2), r(70,d9,d9,a9), r(89,8e,8e,07), r(a7,94,94,33),\ - r(b6,9b,9b,2d), r(22,1e,1e,3c), r(92,87,87,15), r(20,e9,e9,c9),\ - r(49,ce,ce,87), r(ff,55,55,aa), r(78,28,28,50), r(7a,df,df,a5),\ - r(8f,8c,8c,03), r(f8,a1,a1,59), r(80,89,89,09), r(17,0d,0d,1a),\ - r(da,bf,bf,65), r(31,e6,e6,d7), r(c6,42,42,84), r(b8,68,68,d0),\ - r(c3,41,41,82), r(b0,99,99,29), r(77,2d,2d,5a), r(11,0f,0f,1e),\ - r(cb,b0,b0,7b), r(fc,54,54,a8), r(d6,bb,bb,6d), r(3a,16,16,2c) - -// data for inverse tables (other than last round) - -#define i_table \ - r(50,a7,f4,51), r(53,65,41,7e), r(c3,a4,17,1a), r(96,5e,27,3a),\ - r(cb,6b,ab,3b), r(f1,45,9d,1f), r(ab,58,fa,ac), r(93,03,e3,4b),\ - r(55,fa,30,20), r(f6,6d,76,ad), r(91,76,cc,88), r(25,4c,02,f5),\ - r(fc,d7,e5,4f), r(d7,cb,2a,c5), r(80,44,35,26), r(8f,a3,62,b5),\ - r(49,5a,b1,de), r(67,1b,ba,25), r(98,0e,ea,45), r(e1,c0,fe,5d),\ - r(02,75,2f,c3), r(12,f0,4c,81), r(a3,97,46,8d), r(c6,f9,d3,6b),\ - r(e7,5f,8f,03), r(95,9c,92,15), r(eb,7a,6d,bf), r(da,59,52,95),\ - r(2d,83,be,d4), r(d3,21,74,58), r(29,69,e0,49), r(44,c8,c9,8e),\ - r(6a,89,c2,75), r(78,79,8e,f4), r(6b,3e,58,99), r(dd,71,b9,27),\ - r(b6,4f,e1,be), r(17,ad,88,f0), r(66,ac,20,c9), r(b4,3a,ce,7d),\ - r(18,4a,df,63), r(82,31,1a,e5), r(60,33,51,97), r(45,7f,53,62),\ - r(e0,77,64,b1), r(84,ae,6b,bb), r(1c,a0,81,fe), r(94,2b,08,f9),\ - r(58,68,48,70), r(19,fd,45,8f), r(87,6c,de,94), r(b7,f8,7b,52),\ - r(23,d3,73,ab), r(e2,02,4b,72), r(57,8f,1f,e3), r(2a,ab,55,66),\ - r(07,28,eb,b2), r(03,c2,b5,2f), r(9a,7b,c5,86), r(a5,08,37,d3),\ - r(f2,87,28,30), r(b2,a5,bf,23), r(ba,6a,03,02), r(5c,82,16,ed),\ - r(2b,1c,cf,8a), r(92,b4,79,a7), r(f0,f2,07,f3), r(a1,e2,69,4e),\ - r(cd,f4,da,65), r(d5,be,05,06), r(1f,62,34,d1), r(8a,fe,a6,c4),\ - r(9d,53,2e,34), r(a0,55,f3,a2), r(32,e1,8a,05), r(75,eb,f6,a4),\ - r(39,ec,83,0b), r(aa,ef,60,40), r(06,9f,71,5e), r(51,10,6e,bd),\ - r(f9,8a,21,3e), r(3d,06,dd,96), r(ae,05,3e,dd), r(46,bd,e6,4d),\ - r(b5,8d,54,91), r(05,5d,c4,71), r(6f,d4,06,04), r(ff,15,50,60),\ - r(24,fb,98,19), r(97,e9,bd,d6), r(cc,43,40,89), r(77,9e,d9,67),\ - r(bd,42,e8,b0), r(88,8b,89,07), r(38,5b,19,e7), r(db,ee,c8,79),\ - r(47,0a,7c,a1), r(e9,0f,42,7c), r(c9,1e,84,f8), r(00,00,00,00),\ - r(83,86,80,09), r(48,ed,2b,32), r(ac,70,11,1e), r(4e,72,5a,6c),\ - r(fb,ff,0e,fd), r(56,38,85,0f), r(1e,d5,ae,3d), r(27,39,2d,36),\ - r(64,d9,0f,0a), r(21,a6,5c,68), r(d1,54,5b,9b), r(3a,2e,36,24),\ - r(b1,67,0a,0c), r(0f,e7,57,93), r(d2,96,ee,b4), r(9e,91,9b,1b),\ - r(4f,c5,c0,80), r(a2,20,dc,61), r(69,4b,77,5a), r(16,1a,12,1c),\ - r(0a,ba,93,e2), r(e5,2a,a0,c0), r(43,e0,22,3c), r(1d,17,1b,12),\ - r(0b,0d,09,0e), r(ad,c7,8b,f2), r(b9,a8,b6,2d), r(c8,a9,1e,14),\ - r(85,19,f1,57), r(4c,07,75,af), r(bb,dd,99,ee), r(fd,60,7f,a3),\ - r(9f,26,01,f7), r(bc,f5,72,5c), r(c5,3b,66,44), r(34,7e,fb,5b),\ - r(76,29,43,8b), r(dc,c6,23,cb), r(68,fc,ed,b6), r(63,f1,e4,b8),\ - r(ca,dc,31,d7), r(10,85,63,42), r(40,22,97,13), r(20,11,c6,84),\ - r(7d,24,4a,85), r(f8,3d,bb,d2), r(11,32,f9,ae), r(6d,a1,29,c7),\ - r(4b,2f,9e,1d), r(f3,30,b2,dc), r(ec,52,86,0d), r(d0,e3,c1,77),\ - r(6c,16,b3,2b), r(99,b9,70,a9), r(fa,48,94,11), r(22,64,e9,47),\ - r(c4,8c,fc,a8), r(1a,3f,f0,a0), r(d8,2c,7d,56), r(ef,90,33,22),\ - r(c7,4e,49,87), r(c1,d1,38,d9), r(fe,a2,ca,8c), r(36,0b,d4,98),\ - r(cf,81,f5,a6), r(28,de,7a,a5), r(26,8e,b7,da), r(a4,bf,ad,3f),\ - r(e4,9d,3a,2c), r(0d,92,78,50), r(9b,cc,5f,6a), r(62,46,7e,54),\ - r(c2,13,8d,f6), r(e8,b8,d8,90), r(5e,f7,39,2e), r(f5,af,c3,82),\ - r(be,80,5d,9f), r(7c,93,d0,69), r(a9,2d,d5,6f), r(b3,12,25,cf),\ - r(3b,99,ac,c8), r(a7,7d,18,10), r(6e,63,9c,e8), r(7b,bb,3b,db),\ - r(09,78,26,cd), r(f4,18,59,6e), r(01,b7,9a,ec), r(a8,9a,4f,83),\ - r(65,6e,95,e6), r(7e,e6,ff,aa), r(08,cf,bc,21), r(e6,e8,15,ef),\ - r(d9,9b,e7,ba), r(ce,36,6f,4a), r(d4,09,9f,ea), r(d6,7c,b0,29),\ - r(af,b2,a4,31), r(31,23,3f,2a), r(30,94,a5,c6), r(c0,66,a2,35),\ - r(37,bc,4e,74), r(a6,ca,82,fc), r(b0,d0,90,e0), r(15,d8,a7,33),\ - r(4a,98,04,f1), r(f7,da,ec,41), r(0e,50,cd,7f), r(2f,f6,91,17),\ - r(8d,d6,4d,76), r(4d,b0,ef,43), r(54,4d,aa,cc), r(df,04,96,e4),\ - r(e3,b5,d1,9e), r(1b,88,6a,4c), r(b8,1f,2c,c1), r(7f,51,65,46),\ - r(04,ea,5e,9d), r(5d,35,8c,01), r(73,74,87,fa), r(2e,41,0b,fb),\ - r(5a,1d,67,b3), r(52,d2,db,92), r(33,56,10,e9), r(13,47,d6,6d),\ - r(8c,61,d7,9a), r(7a,0c,a1,37), r(8e,14,f8,59), r(89,3c,13,eb),\ - r(ee,27,a9,ce), r(35,c9,61,b7), r(ed,e5,1c,e1), r(3c,b1,47,7a),\ - r(59,df,d2,9c), r(3f,73,f2,55), r(79,ce,14,18), r(bf,37,c7,73),\ - r(ea,cd,f7,53), r(5b,aa,fd,5f), r(14,6f,3d,df), r(86,db,44,78),\ - r(81,f3,af,ca), r(3e,c4,68,b9), r(2c,34,24,38), r(5f,40,a3,c2),\ - r(72,c3,1d,16), r(0c,25,e2,bc), r(8b,49,3c,28), r(41,95,0d,ff),\ - r(71,01,a8,39), r(de,b3,0c,08), r(9c,e4,b4,d8), r(90,c1,56,64),\ - r(61,84,cb,7b), r(70,b6,32,d5), r(74,5c,6c,48), r(42,57,b8,d0) - -// generate the required tables in the desired endian format - -#undef r -#define r r0 - -#if defined(ONE_TABLE) -static const u_int32_t ft_tab[256] = - { f_table }; -#elif defined(FOUR_TABLES) -static const u_int32_t ft_tab[4][256] = -{ { f_table }, -#undef r -#define r r1 - { f_table }, -#undef r -#define r r2 - { f_table }, -#undef r -#define r r3 - { f_table } -}; -#endif - -#undef r -#define r r0 -#if defined(ONE_TABLE) -static const u_int32_t it_tab[256] = - { i_table }; -#elif defined(FOUR_TABLES) -static const u_int32_t it_tab[4][256] = -{ { i_table }, -#undef r -#define r r1 - { i_table }, -#undef r -#define r r2 - { i_table }, -#undef r -#define r r3 - { i_table } -}; -#endif - -#endif - -#if defined(FIXED_TABLES) && (defined(ONE_LR_TABLE) || defined(FOUR_LR_TABLES)) - -// data for inverse tables (last round) - -#define li_table \ - w(52), w(09), w(6a), w(d5), w(30), w(36), w(a5), w(38),\ - w(bf), w(40), w(a3), w(9e), w(81), w(f3), w(d7), w(fb),\ - w(7c), w(e3), w(39), w(82), w(9b), w(2f), w(ff), w(87),\ - w(34), w(8e), w(43), w(44), w(c4), w(de), w(e9), w(cb),\ - w(54), w(7b), w(94), w(32), w(a6), w(c2), w(23), w(3d),\ - w(ee), w(4c), w(95), w(0b), w(42), w(fa), w(c3), w(4e),\ - w(08), w(2e), w(a1), w(66), w(28), w(d9), w(24), w(b2),\ - w(76), w(5b), w(a2), w(49), w(6d), w(8b), w(d1), w(25),\ - w(72), w(f8), w(f6), w(64), w(86), w(68), w(98), w(16),\ - w(d4), w(a4), w(5c), w(cc), w(5d), w(65), w(b6), w(92),\ - w(6c), w(70), w(48), w(50), w(fd), w(ed), w(b9), w(da),\ - w(5e), w(15), w(46), w(57), w(a7), w(8d), w(9d), w(84),\ - w(90), w(d8), w(ab), w(00), w(8c), w(bc), w(d3), w(0a),\ - w(f7), w(e4), w(58), w(05), w(b8), w(b3), w(45), w(06),\ - w(d0), w(2c), w(1e), w(8f), w(ca), w(3f), w(0f), w(02),\ - w(c1), w(af), w(bd), w(03), w(01), w(13), w(8a), w(6b),\ - w(3a), w(91), w(11), w(41), w(4f), w(67), w(dc), w(ea),\ - w(97), w(f2), w(cf), w(ce), w(f0), w(b4), w(e6), w(73),\ - w(96), w(ac), w(74), w(22), w(e7), w(ad), w(35), w(85),\ - w(e2), w(f9), w(37), w(e8), w(1c), w(75), w(df), w(6e),\ - w(47), w(f1), w(1a), w(71), w(1d), w(29), w(c5), w(89),\ - w(6f), w(b7), w(62), w(0e), w(aa), w(18), w(be), w(1b),\ - w(fc), w(56), w(3e), w(4b), w(c6), w(d2), w(79), w(20),\ - w(9a), w(db), w(c0), w(fe), w(78), w(cd), w(5a), w(f4),\ - w(1f), w(dd), w(a8), w(33), w(88), w(07), w(c7), w(31),\ - w(b1), w(12), w(10), w(59), w(27), w(80), w(ec), w(5f),\ - w(60), w(51), w(7f), w(a9), w(19), w(b5), w(4a), w(0d),\ - w(2d), w(e5), w(7a), w(9f), w(93), w(c9), w(9c), w(ef),\ - w(a0), w(e0), w(3b), w(4d), w(ae), w(2a), w(f5), w(b0),\ - w(c8), w(eb), w(bb), w(3c), w(83), w(53), w(99), w(61),\ - w(17), w(2b), w(04), w(7e), w(ba), w(77), w(d6), w(26),\ - w(e1), w(69), w(14), w(63), w(55), w(21), w(0c), w(7d), - -// generate the required tables in the desired endian format - -#undef r -#define r(p,q,r,s) w0(q) -#if defined(ONE_LR_TABLE) -static const u_int32_t fl_tab[256] = - { f_table }; -#elif defined(FOUR_LR_TABLES) -static const u_int32_t fl_tab[4][256] = -{ { f_table }, -#undef r -#define r(p,q,r,s) w1(q) - { f_table }, -#undef r -#define r(p,q,r,s) w2(q) - { f_table }, -#undef r -#define r(p,q,r,s) w3(q) - { f_table } -}; -#endif - -#undef w -#define w w0 -#if defined(ONE_LR_TABLE) -static const u_int32_t il_tab[256] = - { li_table }; -#elif defined(FOUR_LR_TABLES) -static const u_int32_t il_tab[4][256] = -{ { li_table }, -#undef w -#define w w1 - { li_table }, -#undef w -#define w w2 - { li_table }, -#undef w -#define w w3 - { li_table } -}; -#endif - -#endif - -#if defined(FIXED_TABLES) && (defined(ONE_IM_TABLE) || defined(FOUR_IM_TABLES)) - -#define m_table \ - r(00,00,00,00), r(0b,0d,09,0e), r(16,1a,12,1c), r(1d,17,1b,12),\ - r(2c,34,24,38), r(27,39,2d,36), r(3a,2e,36,24), r(31,23,3f,2a),\ - r(58,68,48,70), r(53,65,41,7e), r(4e,72,5a,6c), r(45,7f,53,62),\ - r(74,5c,6c,48), r(7f,51,65,46), r(62,46,7e,54), r(69,4b,77,5a),\ - r(b0,d0,90,e0), r(bb,dd,99,ee), r(a6,ca,82,fc), r(ad,c7,8b,f2),\ - r(9c,e4,b4,d8), r(97,e9,bd,d6), r(8a,fe,a6,c4), r(81,f3,af,ca),\ - r(e8,b8,d8,90), r(e3,b5,d1,9e), r(fe,a2,ca,8c), r(f5,af,c3,82),\ - r(c4,8c,fc,a8), r(cf,81,f5,a6), r(d2,96,ee,b4), r(d9,9b,e7,ba),\ - r(7b,bb,3b,db), r(70,b6,32,d5), r(6d,a1,29,c7), r(66,ac,20,c9),\ - r(57,8f,1f,e3), r(5c,82,16,ed), r(41,95,0d,ff), r(4a,98,04,f1),\ - r(23,d3,73,ab), r(28,de,7a,a5), r(35,c9,61,b7), r(3e,c4,68,b9),\ - r(0f,e7,57,93), r(04,ea,5e,9d), r(19,fd,45,8f), r(12,f0,4c,81),\ - r(cb,6b,ab,3b), r(c0,66,a2,35), r(dd,71,b9,27), r(d6,7c,b0,29),\ - r(e7,5f,8f,03), r(ec,52,86,0d), r(f1,45,9d,1f), r(fa,48,94,11),\ - r(93,03,e3,4b), r(98,0e,ea,45), r(85,19,f1,57), r(8e,14,f8,59),\ - r(bf,37,c7,73), r(b4,3a,ce,7d), r(a9,2d,d5,6f), r(a2,20,dc,61),\ - r(f6,6d,76,ad), r(fd,60,7f,a3), r(e0,77,64,b1), r(eb,7a,6d,bf),\ - r(da,59,52,95), r(d1,54,5b,9b), r(cc,43,40,89), r(c7,4e,49,87),\ - r(ae,05,3e,dd), r(a5,08,37,d3), r(b8,1f,2c,c1), r(b3,12,25,cf),\ - r(82,31,1a,e5), r(89,3c,13,eb), r(94,2b,08,f9), r(9f,26,01,f7),\ - r(46,bd,e6,4d), r(4d,b0,ef,43), r(50,a7,f4,51), r(5b,aa,fd,5f),\ - r(6a,89,c2,75), r(61,84,cb,7b), r(7c,93,d0,69), r(77,9e,d9,67),\ - r(1e,d5,ae,3d), r(15,d8,a7,33), r(08,cf,bc,21), r(03,c2,b5,2f),\ - r(32,e1,8a,05), r(39,ec,83,0b), r(24,fb,98,19), r(2f,f6,91,17),\ - r(8d,d6,4d,76), r(86,db,44,78), r(9b,cc,5f,6a), r(90,c1,56,64),\ - r(a1,e2,69,4e), r(aa,ef,60,40), r(b7,f8,7b,52), r(bc,f5,72,5c),\ - r(d5,be,05,06), r(de,b3,0c,08), r(c3,a4,17,1a), r(c8,a9,1e,14),\ - r(f9,8a,21,3e), r(f2,87,28,30), r(ef,90,33,22), r(e4,9d,3a,2c),\ - r(3d,06,dd,96), r(36,0b,d4,98), r(2b,1c,cf,8a), r(20,11,c6,84),\ - r(11,32,f9,ae), r(1a,3f,f0,a0), r(07,28,eb,b2), r(0c,25,e2,bc),\ - r(65,6e,95,e6), r(6e,63,9c,e8), r(73,74,87,fa), r(78,79,8e,f4),\ - r(49,5a,b1,de), r(42,57,b8,d0), r(5f,40,a3,c2), r(54,4d,aa,cc),\ - r(f7,da,ec,41), r(fc,d7,e5,4f), r(e1,c0,fe,5d), r(ea,cd,f7,53),\ - r(db,ee,c8,79), r(d0,e3,c1,77), r(cd,f4,da,65), r(c6,f9,d3,6b),\ - r(af,b2,a4,31), r(a4,bf,ad,3f), r(b9,a8,b6,2d), r(b2,a5,bf,23),\ - r(83,86,80,09), r(88,8b,89,07), r(95,9c,92,15), r(9e,91,9b,1b),\ - r(47,0a,7c,a1), r(4c,07,75,af), r(51,10,6e,bd), r(5a,1d,67,b3),\ - r(6b,3e,58,99), r(60,33,51,97), r(7d,24,4a,85), r(76,29,43,8b),\ - r(1f,62,34,d1), r(14,6f,3d,df), r(09,78,26,cd), r(02,75,2f,c3),\ - r(33,56,10,e9), r(38,5b,19,e7), r(25,4c,02,f5), r(2e,41,0b,fb),\ - r(8c,61,d7,9a), r(87,6c,de,94), r(9a,7b,c5,86), r(91,76,cc,88),\ - r(a0,55,f3,a2), r(ab,58,fa,ac), r(b6,4f,e1,be), r(bd,42,e8,b0),\ - r(d4,09,9f,ea), r(df,04,96,e4), r(c2,13,8d,f6), r(c9,1e,84,f8),\ - r(f8,3d,bb,d2), r(f3,30,b2,dc), r(ee,27,a9,ce), r(e5,2a,a0,c0),\ - r(3c,b1,47,7a), r(37,bc,4e,74), r(2a,ab,55,66), r(21,a6,5c,68),\ - r(10,85,63,42), r(1b,88,6a,4c), r(06,9f,71,5e), r(0d,92,78,50),\ - r(64,d9,0f,0a), r(6f,d4,06,04), r(72,c3,1d,16), r(79,ce,14,18),\ - r(48,ed,2b,32), r(43,e0,22,3c), r(5e,f7,39,2e), r(55,fa,30,20),\ - r(01,b7,9a,ec), r(0a,ba,93,e2), r(17,ad,88,f0), r(1c,a0,81,fe),\ - r(2d,83,be,d4), r(26,8e,b7,da), r(3b,99,ac,c8), r(30,94,a5,c6),\ - r(59,df,d2,9c), r(52,d2,db,92), r(4f,c5,c0,80), r(44,c8,c9,8e),\ - r(75,eb,f6,a4), r(7e,e6,ff,aa), r(63,f1,e4,b8), r(68,fc,ed,b6),\ - r(b1,67,0a,0c), r(ba,6a,03,02), r(a7,7d,18,10), r(ac,70,11,1e),\ - r(9d,53,2e,34), r(96,5e,27,3a), r(8b,49,3c,28), r(80,44,35,26),\ - r(e9,0f,42,7c), r(e2,02,4b,72), r(ff,15,50,60), r(f4,18,59,6e),\ - r(c5,3b,66,44), r(ce,36,6f,4a), r(d3,21,74,58), r(d8,2c,7d,56),\ - r(7a,0c,a1,37), r(71,01,a8,39), r(6c,16,b3,2b), r(67,1b,ba,25),\ - r(56,38,85,0f), r(5d,35,8c,01), r(40,22,97,13), r(4b,2f,9e,1d),\ - r(22,64,e9,47), r(29,69,e0,49), r(34,7e,fb,5b), r(3f,73,f2,55),\ - r(0e,50,cd,7f), r(05,5d,c4,71), r(18,4a,df,63), r(13,47,d6,6d),\ - r(ca,dc,31,d7), r(c1,d1,38,d9), r(dc,c6,23,cb), r(d7,cb,2a,c5),\ - r(e6,e8,15,ef), r(ed,e5,1c,e1), r(f0,f2,07,f3), r(fb,ff,0e,fd),\ - r(92,b4,79,a7), r(99,b9,70,a9), r(84,ae,6b,bb), r(8f,a3,62,b5),\ - r(be,80,5d,9f), r(b5,8d,54,91), r(a8,9a,4f,83), r(a3,97,46,8d) - -#undef r -#define r r0 - -#if defined(ONE_IM_TABLE) -static const u_int32_t im_tab[256] = - { m_table }; -#elif defined(FOUR_IM_TABLES) -static const u_int32_t im_tab[4][256] = -{ { m_table }, -#undef r -#define r r1 - { m_table }, -#undef r -#define r r2 - { m_table }, -#undef r -#define r r3 - { m_table } -}; -#endif - -#endif - -#else - -static int tab_gen = 0; - -static unsigned char s_box[256]; // the S box -static unsigned char inv_s_box[256]; // the inverse S box -static u_int32_t rcon_tab[AES_RC_LENGTH]; // table of round constants - -#if defined(ONE_TABLE) -static u_int32_t ft_tab[256]; -static u_int32_t it_tab[256]; -#elif defined(FOUR_TABLES) -static u_int32_t ft_tab[4][256]; -static u_int32_t it_tab[4][256]; -#endif - -#if defined(ONE_LR_TABLE) -static u_int32_t fl_tab[256]; -static u_int32_t il_tab[256]; -#elif defined(FOUR_LR_TABLES) -static u_int32_t fl_tab[4][256]; -static u_int32_t il_tab[4][256]; -#endif - -#if defined(ONE_IM_TABLE) -static u_int32_t im_tab[256]; -#elif defined(FOUR_IM_TABLES) -static u_int32_t im_tab[4][256]; -#endif - -// Generate the tables for the dynamic table option - -#if !defined(FF_TABLES) - -// It will generally be sensible to use tables to compute finite -// field multiplies and inverses but where memory is scarse this -// code might sometimes be better. - -// return 2 ^ (n - 1) where n is the bit number of the highest bit -// set in x with x in the range 1 < x < 0x00000200. This form is -// used so that locals within FFinv can be bytes rather than words - -static unsigned char hibit(const u_int32_t x) -{ unsigned char r = (unsigned char)((x >> 1) | (x >> 2)); - - r |= (r >> 2); - r |= (r >> 4); - return (r + 1) >> 1; -} - -// return the inverse of the finite field element x - -static unsigned char FFinv(const unsigned char x) -{ unsigned char p1 = x, p2 = 0x1b, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0; - - if(x < 2) return x; - - for(;;) - { - if(!n1) return v1; - - while(n2 >= n1) - { - n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2); - } - - if(!n2) return v2; - - while(n1 >= n2) - { - n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1); - } - } -} - -// define the finite field multiplies required for Rijndael - -#define FFmul02(x) ((((x) & 0x7f) << 1) ^ ((x) & 0x80 ? 0x1b : 0)) -#define FFmul03(x) ((x) ^ FFmul02(x)) -#define FFmul09(x) ((x) ^ FFmul02(FFmul02(FFmul02(x)))) -#define FFmul0b(x) ((x) ^ FFmul02((x) ^ FFmul02(FFmul02(x)))) -#define FFmul0d(x) ((x) ^ FFmul02(FFmul02((x) ^ FFmul02(x)))) -#define FFmul0e(x) FFmul02((x) ^ FFmul02((x) ^ FFmul02(x))) - -#else - -#define FFinv(x) ((x) ? pow[255 - log[x]]: 0) - -#define FFmul02(x) (x ? pow[log[x] + 0x19] : 0) -#define FFmul03(x) (x ? pow[log[x] + 0x01] : 0) -#define FFmul09(x) (x ? pow[log[x] + 0xc7] : 0) -#define FFmul0b(x) (x ? pow[log[x] + 0x68] : 0) -#define FFmul0d(x) (x ? pow[log[x] + 0xee] : 0) -#define FFmul0e(x) (x ? pow[log[x] + 0xdf] : 0) - -#endif - -// The forward and inverse affine transformations used in the S-box - -#define fwd_affine(x) \ - (w = (u_int32_t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(unsigned char)(w^(w>>8))) - -#define inv_affine(x) \ - (w = (u_int32_t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(unsigned char)(w^(w>>8))) - -static void gen_tabs(void) -{ u_int32_t i, w; - -#if defined(FF_TABLES) - - unsigned char pow[512], log[256]; - - // log and power tables for GF(2^8) finite field with - // 0x011b as modular polynomial - the simplest primitive - // root is 0x03, used here to generate the tables - - i = 0; w = 1; - do - { - pow[i] = (unsigned char)w; - pow[i + 255] = (unsigned char)w; - log[w] = (unsigned char)i++; - w ^= (w << 1) ^ (w & ff_hi ? ff_poly : 0); - } - while (w != 1); - -#endif - - for(i = 0, w = 1; i < AES_RC_LENGTH; ++i) - { - rcon_tab[i] = bytes2word(w, 0, 0, 0); - w = (w << 1) ^ (w & ff_hi ? ff_poly : 0); - } - - for(i = 0; i < 256; ++i) - { unsigned char b; - - s_box[i] = b = fwd_affine(FFinv((unsigned char)i)); - - w = bytes2word(b, 0, 0, 0); -#if defined(ONE_LR_TABLE) - fl_tab[i] = w; -#elif defined(FOUR_LR_TABLES) - fl_tab[0][i] = w; - fl_tab[1][i] = upr(w,1); - fl_tab[2][i] = upr(w,2); - fl_tab[3][i] = upr(w,3); -#endif - w = bytes2word(FFmul02(b), b, b, FFmul03(b)); -#if defined(ONE_TABLE) - ft_tab[i] = w; -#elif defined(FOUR_TABLES) - ft_tab[0][i] = w; - ft_tab[1][i] = upr(w,1); - ft_tab[2][i] = upr(w,2); - ft_tab[3][i] = upr(w,3); -#endif - inv_s_box[i] = b = FFinv(inv_affine((unsigned char)i)); - - w = bytes2word(b, 0, 0, 0); -#if defined(ONE_LR_TABLE) - il_tab[i] = w; -#elif defined(FOUR_LR_TABLES) - il_tab[0][i] = w; - il_tab[1][i] = upr(w,1); - il_tab[2][i] = upr(w,2); - il_tab[3][i] = upr(w,3); -#endif - w = bytes2word(FFmul0e(b), FFmul09(b), FFmul0d(b), FFmul0b(b)); -#if defined(ONE_TABLE) - it_tab[i] = w; -#elif defined(FOUR_TABLES) - it_tab[0][i] = w; - it_tab[1][i] = upr(w,1); - it_tab[2][i] = upr(w,2); - it_tab[3][i] = upr(w,3); -#endif -#if defined(ONE_IM_TABLE) - im_tab[b] = w; -#elif defined(FOUR_IM_TABLES) - im_tab[0][b] = w; - im_tab[1][b] = upr(w,1); - im_tab[2][b] = upr(w,2); - im_tab[3][b] = upr(w,3); -#endif - - } -} - -#endif - -#define no_table(x,box,vf,rf,c) bytes2word( \ - box[bval(vf(x,0,c),rf(0,c))], \ - box[bval(vf(x,1,c),rf(1,c))], \ - box[bval(vf(x,2,c),rf(2,c))], \ - box[bval(vf(x,3,c),rf(3,c))]) - -#define one_table(x,op,tab,vf,rf,c) \ - ( tab[bval(vf(x,0,c),rf(0,c))] \ - ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \ - ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \ - ^ op(tab[bval(vf(x,3,c),rf(3,c))],3)) - -#define four_tables(x,tab,vf,rf,c) \ - ( tab[0][bval(vf(x,0,c),rf(0,c))] \ - ^ tab[1][bval(vf(x,1,c),rf(1,c))] \ - ^ tab[2][bval(vf(x,2,c),rf(2,c))] \ - ^ tab[3][bval(vf(x,3,c),rf(3,c))]) - -#define vf1(x,r,c) (x) -#define rf1(r,c) (r) -#define rf2(r,c) ((r-c)&3) - -#if defined(FOUR_LR_TABLES) -#define ls_box(x,c) four_tables(x,fl_tab,vf1,rf2,c) -#elif defined(ONE_LR_TABLE) -#define ls_box(x,c) one_table(x,upr,fl_tab,vf1,rf2,c) -#else -#define ls_box(x,c) no_table(x,s_box,vf1,rf2,c) -#endif - -#if defined(FOUR_IM_TABLES) -#define inv_mcol(x) four_tables(x,im_tab,vf1,rf1,0) -#elif defined(ONE_IM_TABLE) -#define inv_mcol(x) one_table(x,upr,im_tab,vf1,rf1,0) -#else -#define inv_mcol(x) \ - (f9 = (x),f2 = FFmulX(f9), f4 = FFmulX(f2), f8 = FFmulX(f4), f9 ^= f8, \ - f2 ^= f4 ^ f8 ^ upr(f2 ^ f9,3) ^ upr(f4 ^ f9,2) ^ upr(f9,1)) -#endif - -// Subroutine to set the block size (if variable) in bytes, legal -// values being 16, 24 and 32. - -#if defined(AES_BLOCK_SIZE) -#define nc (AES_BLOCK_SIZE / 4) -#else -#define nc (cx->aes_Ncol) - -void aes_set_blk(aes_context *cx, int n_bytes) -{ -#if !defined(FIXED_TABLES) - if(!tab_gen) { gen_tabs(); tab_gen = 1; } -#endif - - switch(n_bytes) { - case 32: /* bytes */ - case 256: /* bits */ - nc = 8; - break; - case 24: /* bytes */ - case 192: /* bits */ - nc = 6; - break; - case 16: /* bytes */ - case 128: /* bits */ - default: - nc = 4; - break; - } -} - -#endif - -// Initialise the key schedule from the user supplied key. The key -// length is now specified in bytes - 16, 24 or 32 as appropriate. -// This corresponds to bit lengths of 128, 192 and 256 bits, and -// to Nk values of 4, 6 and 8 respectively. - -#define mx(t,f) (*t++ = inv_mcol(*f),f++) -#define cp(t,f) *t++ = *f++ - -#if AES_BLOCK_SIZE == 16 -#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s) -#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s) -#elif AES_BLOCK_SIZE == 24 -#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \ - cp(d,s); cp(d,s) -#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \ - mx(d,s); mx(d,s) -#elif AES_BLOCK_SIZE == 32 -#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \ - cp(d,s); cp(d,s); cp(d,s); cp(d,s) -#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \ - mx(d,s); mx(d,s); mx(d,s); mx(d,s) -#else - -#define cpy(d,s) \ -switch(nc) \ -{ case 8: cp(d,s); cp(d,s); \ - case 6: cp(d,s); cp(d,s); \ - case 4: cp(d,s); cp(d,s); \ - cp(d,s); cp(d,s); \ -} - -#define mix(d,s) \ -switch(nc) \ -{ case 8: mx(d,s); mx(d,s); \ - case 6: mx(d,s); mx(d,s); \ - case 4: mx(d,s); mx(d,s); \ - mx(d,s); mx(d,s); \ -} - -#endif - -void aes_set_key(aes_context *cx, const unsigned char in_key[], int n_bytes, const int f) -{ u_int32_t *kf, *kt, rci; - -#if !defined(FIXED_TABLES) - if(!tab_gen) { gen_tabs(); tab_gen = 1; } -#endif - - switch(n_bytes) { - case 32: /* bytes */ - case 256: /* bits */ - cx->aes_Nkey = 8; - break; - case 24: /* bytes */ - case 192: /* bits */ - cx->aes_Nkey = 6; - break; - case 16: /* bytes */ - case 128: /* bits */ - default: - cx->aes_Nkey = 4; - break; - } - - cx->aes_Nrnd = (cx->aes_Nkey > nc ? cx->aes_Nkey : nc) + 6; - - cx->aes_e_key[0] = const_word_in(in_key ); - cx->aes_e_key[1] = const_word_in(in_key + 4); - cx->aes_e_key[2] = const_word_in(in_key + 8); - cx->aes_e_key[3] = const_word_in(in_key + 12); - - kf = cx->aes_e_key; - kt = kf + nc * (cx->aes_Nrnd + 1) - cx->aes_Nkey; - rci = 0; - - switch(cx->aes_Nkey) - { - case 4: do - { kf[4] = kf[0] ^ ls_box(kf[3],3) ^ rcon_tab[rci++]; - kf[5] = kf[1] ^ kf[4]; - kf[6] = kf[2] ^ kf[5]; - kf[7] = kf[3] ^ kf[6]; - kf += 4; - } - while(kf < kt); - break; - - case 6: cx->aes_e_key[4] = const_word_in(in_key + 16); - cx->aes_e_key[5] = const_word_in(in_key + 20); - do - { kf[ 6] = kf[0] ^ ls_box(kf[5],3) ^ rcon_tab[rci++]; - kf[ 7] = kf[1] ^ kf[ 6]; - kf[ 8] = kf[2] ^ kf[ 7]; - kf[ 9] = kf[3] ^ kf[ 8]; - kf[10] = kf[4] ^ kf[ 9]; - kf[11] = kf[5] ^ kf[10]; - kf += 6; - } - while(kf < kt); - break; - - case 8: cx->aes_e_key[4] = const_word_in(in_key + 16); - cx->aes_e_key[5] = const_word_in(in_key + 20); - cx->aes_e_key[6] = const_word_in(in_key + 24); - cx->aes_e_key[7] = const_word_in(in_key + 28); - do - { kf[ 8] = kf[0] ^ ls_box(kf[7],3) ^ rcon_tab[rci++]; - kf[ 9] = kf[1] ^ kf[ 8]; - kf[10] = kf[2] ^ kf[ 9]; - kf[11] = kf[3] ^ kf[10]; - kf[12] = kf[4] ^ ls_box(kf[11],0); - kf[13] = kf[5] ^ kf[12]; - kf[14] = kf[6] ^ kf[13]; - kf[15] = kf[7] ^ kf[14]; - kf += 8; - } - while (kf < kt); - break; - } - - if(!f) - { u_int32_t i; - - kt = cx->aes_d_key + nc * cx->aes_Nrnd; - kf = cx->aes_e_key; - - cpy(kt, kf); kt -= 2 * nc; - - for(i = 1; i < cx->aes_Nrnd; ++i) - { -#if defined(ONE_TABLE) || defined(FOUR_TABLES) -#if !defined(ONE_IM_TABLE) && !defined(FOUR_IM_TABLES) - u_int32_t f2, f4, f8, f9; -#endif - mix(kt, kf); -#else - cpy(kt, kf); -#endif - kt -= 2 * nc; - } - - cpy(kt, kf); - } -} - -// y = output word, x = input word, r = row, c = column -// for r = 0, 1, 2 and 3 = column accessed for row r - -#if defined(ARRAYS) -#define s(x,c) x[c] -#else -#define s(x,c) x##c -#endif - -// I am grateful to Frank Yellin for the following constructions -// which, given the column (c) of the output state variable that -// is being computed, return the input state variables which are -// needed for each row (r) of the state - -// For the fixed block size options, compilers reduce these two -// expressions to fixed variable references. For variable block -// size code conditional clauses will sometimes be returned - -#define unused 77 // Sunset Strip - -#define fwd_var(x,r,c) \ - ( r==0 ? \ - ( c==0 ? s(x,0) \ - : c==1 ? s(x,1) \ - : c==2 ? s(x,2) \ - : c==3 ? s(x,3) \ - : c==4 ? s(x,4) \ - : c==5 ? s(x,5) \ - : c==6 ? s(x,6) \ - : s(x,7)) \ - : r==1 ? \ - ( c==0 ? s(x,1) \ - : c==1 ? s(x,2) \ - : c==2 ? s(x,3) \ - : c==3 ? nc==4 ? s(x,0) : s(x,4) \ - : c==4 ? s(x,5) \ - : c==5 ? nc==8 ? s(x,6) : s(x,0) \ - : c==6 ? s(x,7) \ - : s(x,0)) \ - : r==2 ? \ - ( c==0 ? nc==8 ? s(x,3) : s(x,2) \ - : c==1 ? nc==8 ? s(x,4) : s(x,3) \ - : c==2 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \ - : c==3 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \ - : c==4 ? nc==8 ? s(x,7) : s(x,0) \ - : c==5 ? nc==8 ? s(x,0) : s(x,1) \ - : c==6 ? s(x,1) \ - : s(x,2)) \ - : \ - ( c==0 ? nc==8 ? s(x,4) : s(x,3) \ - : c==1 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \ - : c==2 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \ - : c==3 ? nc==4 ? s(x,2) : nc==8 ? s(x,7) : s(x,0) \ - : c==4 ? nc==8 ? s(x,0) : s(x,1) \ - : c==5 ? nc==8 ? s(x,1) : s(x,2) \ - : c==6 ? s(x,2) \ - : s(x,3))) - -#define inv_var(x,r,c) \ - ( r==0 ? \ - ( c==0 ? s(x,0) \ - : c==1 ? s(x,1) \ - : c==2 ? s(x,2) \ - : c==3 ? s(x,3) \ - : c==4 ? s(x,4) \ - : c==5 ? s(x,5) \ - : c==6 ? s(x,6) \ - : s(x,7)) \ - : r==1 ? \ - ( c==0 ? nc==4 ? s(x,3) : nc==8 ? s(x,7) : s(x,5) \ - : c==1 ? s(x,0) \ - : c==2 ? s(x,1) \ - : c==3 ? s(x,2) \ - : c==4 ? s(x,3) \ - : c==5 ? s(x,4) \ - : c==6 ? s(x,5) \ - : s(x,6)) \ - : r==2 ? \ - ( c==0 ? nc==4 ? s(x,2) : nc==8 ? s(x,5) : s(x,4) \ - : c==1 ? nc==4 ? s(x,3) : nc==8 ? s(x,6) : s(x,5) \ - : c==2 ? nc==8 ? s(x,7) : s(x,0) \ - : c==3 ? nc==8 ? s(x,0) : s(x,1) \ - : c==4 ? nc==8 ? s(x,1) : s(x,2) \ - : c==5 ? nc==8 ? s(x,2) : s(x,3) \ - : c==6 ? s(x,3) \ - : s(x,4)) \ - : \ - ( c==0 ? nc==4 ? s(x,1) : nc==8 ? s(x,4) : s(x,3) \ - : c==1 ? nc==4 ? s(x,2) : nc==8 ? s(x,5) : s(x,4) \ - : c==2 ? nc==4 ? s(x,3) : nc==8 ? s(x,6) : s(x,5) \ - : c==3 ? nc==8 ? s(x,7) : s(x,0) \ - : c==4 ? nc==8 ? s(x,0) : s(x,1) \ - : c==5 ? nc==8 ? s(x,1) : s(x,2) \ - : c==6 ? s(x,2) \ - : s(x,3))) - -#define si(y,x,k,c) s(y,c) = const_word_in(x + 4 * c) ^ k[c] -#define so(y,x,c) word_out(y + 4 * c, s(x,c)) - -#if defined(FOUR_TABLES) -#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,ft_tab,fwd_var,rf1,c) -#define inv_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,it_tab,inv_var,rf1,c) -#elif defined(ONE_TABLE) -#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,upr,ft_tab,fwd_var,rf1,c) -#define inv_rnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,upr,it_tab,inv_var,rf1,c) -#else -#define fwd_rnd(y,x,k,c) s(y,c) = fwd_mcol(no_table(x,s_box,fwd_var,rf1,c)) ^ (k)[c] -#define inv_rnd(y,x,k,c) s(y,c) = inv_mcol(no_table(x,inv_s_box,inv_var,rf1,c) ^ (k)[c]) -#endif - -#if defined(FOUR_LR_TABLES) -#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,fl_tab,fwd_var,rf1,c) -#define inv_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,il_tab,inv_var,rf1,c) -#elif defined(ONE_LR_TABLE) -#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,ups,fl_tab,fwd_var,rf1,c) -#define inv_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,ups,il_tab,inv_var,rf1,c) -#else -#define fwd_lrnd(y,x,k,c) s(y,c) = no_table(x,s_box,fwd_var,rf1,c) ^ (k)[c] -#define inv_lrnd(y,x,k,c) s(y,c) = no_table(x,inv_s_box,inv_var,rf1,c) ^ (k)[c] -#endif - -#if AES_BLOCK_SIZE == 16 - -#if defined(ARRAYS) -#define locals(y,x) x[4],y[4] -#else -#define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3 -// the following defines prevent the compiler requiring the declaration -// of generated but unused variables in the fwd_var and inv_var macros -#define b04 unused -#define b05 unused -#define b06 unused -#define b07 unused -#define b14 unused -#define b15 unused -#define b16 unused -#define b17 unused -#endif -#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ - s(y,2) = s(x,2); s(y,3) = s(x,3); -#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3) -#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3) -#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3) - -#elif AES_BLOCK_SIZE == 24 - -#if defined(ARRAYS) -#define locals(y,x) x[6],y[6] -#else -#define locals(y,x) x##0,x##1,x##2,x##3,x##4,x##5, \ - y##0,y##1,y##2,y##3,y##4,y##5 -#define b06 unused -#define b07 unused -#define b16 unused -#define b17 unused -#endif -#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ - s(y,2) = s(x,2); s(y,3) = s(x,3); \ - s(y,4) = s(x,4); s(y,5) = s(x,5); -#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); \ - si(y,x,k,3); si(y,x,k,4); si(y,x,k,5) -#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); \ - so(y,x,3); so(y,x,4); so(y,x,5) -#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); \ - rm(y,x,k,3); rm(y,x,k,4); rm(y,x,k,5) -#else - -#if defined(ARRAYS) -#define locals(y,x) x[8],y[8] -#else -#define locals(y,x) x##0,x##1,x##2,x##3,x##4,x##5,x##6,x##7, \ - y##0,y##1,y##2,y##3,y##4,y##5,y##6,y##7 -#endif -#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \ - s(y,2) = s(x,2); s(y,3) = s(x,3); \ - s(y,4) = s(x,4); s(y,5) = s(x,5); \ - s(y,6) = s(x,6); s(y,7) = s(x,7); - -#if AES_BLOCK_SIZE == 32 - -#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3); \ - si(y,x,k,4); si(y,x,k,5); si(y,x,k,6); si(y,x,k,7) -#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3); \ - so(y,x,4); so(y,x,5); so(y,x,6); so(y,x,7) -#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3); \ - rm(y,x,k,4); rm(y,x,k,5); rm(y,x,k,6); rm(y,x,k,7) -#else - -#define state_in(y,x,k) \ -switch(nc) \ -{ case 8: si(y,x,k,7); si(y,x,k,6); \ - case 6: si(y,x,k,5); si(y,x,k,4); \ - case 4: si(y,x,k,3); si(y,x,k,2); \ - si(y,x,k,1); si(y,x,k,0); \ -} - -#define state_out(y,x) \ -switch(nc) \ -{ case 8: so(y,x,7); so(y,x,6); \ - case 6: so(y,x,5); so(y,x,4); \ - case 4: so(y,x,3); so(y,x,2); \ - so(y,x,1); so(y,x,0); \ -} - -#if defined(FAST_VARIABLE) - -#define round(rm,y,x,k) \ -switch(nc) \ -{ case 8: rm(y,x,k,7); rm(y,x,k,6); \ - rm(y,x,k,5); rm(y,x,k,4); \ - rm(y,x,k,3); rm(y,x,k,2); \ - rm(y,x,k,1); rm(y,x,k,0); \ - break; \ - case 6: rm(y,x,k,5); rm(y,x,k,4); \ - rm(y,x,k,3); rm(y,x,k,2); \ - rm(y,x,k,1); rm(y,x,k,0); \ - break; \ - case 4: rm(y,x,k,3); rm(y,x,k,2); \ - rm(y,x,k,1); rm(y,x,k,0); \ - break; \ -} -#else - -#define round(rm,y,x,k) \ -switch(nc) \ -{ case 8: rm(y,x,k,7); rm(y,x,k,6); \ - case 6: rm(y,x,k,5); rm(y,x,k,4); \ - case 4: rm(y,x,k,3); rm(y,x,k,2); \ - rm(y,x,k,1); rm(y,x,k,0); \ -} - -#endif - -#endif -#endif - -void aes_encrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[]) -{ u_int32_t locals(b0, b1); - const u_int32_t *kp = cx->aes_e_key; - -#if !defined(ONE_TABLE) && !defined(FOUR_TABLES) - u_int32_t f2; -#endif - - state_in(b0, in_blk, kp); kp += nc; - -#if defined(UNROLL) - - switch(cx->aes_Nrnd) - { - case 14: round(fwd_rnd, b1, b0, kp ); - round(fwd_rnd, b0, b1, kp + nc ); kp += 2 * nc; - case 12: round(fwd_rnd, b1, b0, kp ); - round(fwd_rnd, b0, b1, kp + nc ); kp += 2 * nc; - case 10: round(fwd_rnd, b1, b0, kp ); - round(fwd_rnd, b0, b1, kp + nc); - round(fwd_rnd, b1, b0, kp + 2 * nc); - round(fwd_rnd, b0, b1, kp + 3 * nc); - round(fwd_rnd, b1, b0, kp + 4 * nc); - round(fwd_rnd, b0, b1, kp + 5 * nc); - round(fwd_rnd, b1, b0, kp + 6 * nc); - round(fwd_rnd, b0, b1, kp + 7 * nc); - round(fwd_rnd, b1, b0, kp + 8 * nc); - round(fwd_lrnd, b0, b1, kp + 9 * nc); - } - -#elif defined(PARTIAL_UNROLL) - { u_int32_t rnd; - - for(rnd = 0; rnd < (cx->aes_Nrnd >> 1) - 1; ++rnd) - { - round(fwd_rnd, b1, b0, kp); - round(fwd_rnd, b0, b1, kp + nc); kp += 2 * nc; - } - - round(fwd_rnd, b1, b0, kp); - round(fwd_lrnd, b0, b1, kp + nc); - } -#else - { u_int32_t rnd; - - for(rnd = 0; rnd < cx->aes_Nrnd - 1; ++rnd) - { - round(fwd_rnd, b1, b0, kp); - l_copy(b0, b1); kp += nc; - } - - round(fwd_lrnd, b0, b1, kp); - } -#endif - - state_out(out_blk, b0); -} - -void aes_decrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[]) -{ u_int32_t locals(b0, b1); - const u_int32_t *kp = cx->aes_d_key; - -#if !defined(ONE_TABLE) && !defined(FOUR_TABLES) - u_int32_t f2, f4, f8, f9; -#endif - - state_in(b0, in_blk, kp); kp += nc; - -#if defined(UNROLL) - - switch(cx->aes_Nrnd) - { - case 14: round(inv_rnd, b1, b0, kp ); - round(inv_rnd, b0, b1, kp + nc ); kp += 2 * nc; - case 12: round(inv_rnd, b1, b0, kp ); - round(inv_rnd, b0, b1, kp + nc ); kp += 2 * nc; - case 10: round(inv_rnd, b1, b0, kp ); - round(inv_rnd, b0, b1, kp + nc); - round(inv_rnd, b1, b0, kp + 2 * nc); - round(inv_rnd, b0, b1, kp + 3 * nc); - round(inv_rnd, b1, b0, kp + 4 * nc); - round(inv_rnd, b0, b1, kp + 5 * nc); - round(inv_rnd, b1, b0, kp + 6 * nc); - round(inv_rnd, b0, b1, kp + 7 * nc); - round(inv_rnd, b1, b0, kp + 8 * nc); - round(inv_lrnd, b0, b1, kp + 9 * nc); - } - -#elif defined(PARTIAL_UNROLL) - { u_int32_t rnd; - - for(rnd = 0; rnd < (cx->aes_Nrnd >> 1) - 1; ++rnd) - { - round(inv_rnd, b1, b0, kp); - round(inv_rnd, b0, b1, kp + nc); kp += 2 * nc; - } - - round(inv_rnd, b1, b0, kp); - round(inv_lrnd, b0, b1, kp + nc); - } -#else - { u_int32_t rnd; - - for(rnd = 0; rnd < cx->aes_Nrnd - 1; ++rnd) - { - round(inv_rnd, b1, b0, kp); - l_copy(b0, b1); kp += nc; - } - - round(inv_lrnd, b0, b1, kp); - } -#endif - - state_out(out_blk, b0); -} diff --git a/src/libcrypto/libaes/aes.h b/src/libcrypto/libaes/aes.h deleted file mode 100644 index 4f1e3b335..000000000 --- a/src/libcrypto/libaes/aes.h +++ /dev/null @@ -1,97 +0,0 @@ -// I retain copyright in this code but I encourage its free use provided -// that I don't carry any responsibility for the results. I am especially -// happy to see it used in free and open source software. If you do use -// it I would appreciate an acknowledgement of its origin in the code or -// the product that results and I would also appreciate knowing a little -// about the use to which it is being put. I am grateful to Frank Yellin -// for some ideas that are used in this implementation. -// -// Dr B. R. Gladman <brg@gladman.uk.net> 6th April 2001. -// -// This is an implementation of the AES encryption algorithm (Rijndael) -// designed by Joan Daemen and Vincent Rijmen. This version is designed -// to provide both fixed and dynamic block and key lengths and can also -// run with either big or little endian internal byte order (see aes.h). -// It inputs block and key lengths in bytes with the legal values being -// 16, 24 and 32. - -/* - * Modified by Jari Ruusu, May 1 2001 - * - Fixed some compile warnings, code was ok but gcc warned anyway. - * - Changed basic types: byte -> unsigned char, word -> u_int32_t - * - Major name space cleanup: Names visible to outside now begin - * with "aes_" or "AES_". A lot of stuff moved from aes.h to aes.c - * - Removed C++ and DLL support as part of name space cleanup. - * - Eliminated unnecessary recomputation of tables. (actual bug fix) - * - Merged precomputed constant tables to aes.c file. - * - Removed data alignment restrictions for portability reasons. - * - Made block and key lengths accept bit count (128/192/256) - * as well byte count (16/24/32). - * - Removed all error checks. This change also eliminated the need - * to preinitialize the context struct to zero. - * - Removed some totally unused constants. - */ - -#ifndef _AES_H -#define _AES_H - -#if defined(__linux__) && defined(__KERNEL__) -# include <linux/types.h> -#else -# include <sys/types.h> -#endif - -// CONFIGURATION OPTIONS (see also aes.c) -// -// Define AES_BLOCK_SIZE to set the cipher block size (16, 24 or 32) or -// leave this undefined for dynamically variable block size (this will -// result in much slower code). -// IMPORTANT NOTE: AES_BLOCK_SIZE is in BYTES (16, 24, 32 or undefined). If -// left undefined a slower version providing variable block length is compiled - -#define AES_BLOCK_SIZE 16 - -// The number of key schedule words for different block and key lengths -// allowing for method of computation which requires the length to be a -// multiple of the key length -// -// Nk = 4 6 8 -// ------------- -// Nb = 4 | 60 60 64 -// 6 | 96 90 96 -// 8 | 120 120 120 - -#if !defined(AES_BLOCK_SIZE) || (AES_BLOCK_SIZE == 32) -#define AES_KS_LENGTH 120 -#define AES_RC_LENGTH 29 -#else -#define AES_KS_LENGTH 4 * AES_BLOCK_SIZE -#define AES_RC_LENGTH (9 * AES_BLOCK_SIZE) / 8 - 8 -#endif - -typedef struct -{ - u_int32_t aes_Nkey; // the number of words in the key input block - u_int32_t aes_Nrnd; // the number of cipher rounds - u_int32_t aes_e_key[AES_KS_LENGTH]; // the encryption key schedule - u_int32_t aes_d_key[AES_KS_LENGTH]; // the decryption key schedule -#if !defined(AES_BLOCK_SIZE) - u_int32_t aes_Ncol; // the number of columns in the cipher state -#endif -} aes_context; - -// THE CIPHER INTERFACE - -#if !defined(AES_BLOCK_SIZE) -extern void aes_set_blk(aes_context *, const int); -#endif -extern void aes_set_key(aes_context *, const unsigned char [], const int, const int); -extern void aes_encrypt(const aes_context *, const unsigned char [], unsigned char []); -extern void aes_decrypt(const aes_context *, const unsigned char [], unsigned char []); - -// The block length inputs to aes_set_block and aes_set_key are in numbers -// of bytes or bits. The calls to subroutines must be made in the above -// order but multiple calls can be made without repeating earlier calls -// if their parameters have not changed. - -#endif // _AES_H diff --git a/src/libcrypto/libaes/aes_cbc.c b/src/libcrypto/libaes/aes_cbc.c deleted file mode 100644 index c406b1622..000000000 --- a/src/libcrypto/libaes/aes_cbc.c +++ /dev/null @@ -1,13 +0,0 @@ -#ifdef __KERNEL__ -#include <linux/types.h> -#else -#include <sys/types.h> -#endif -#include "aes_cbc.h" -#include "cbc_generic.h" -/* returns bool success */ -int SS_AES_set_key(aes_context *aes_ctx, const u_int8_t *key, int keysize) { - aes_set_key(aes_ctx, key, keysize, 0); - return 1; -} -CBC_IMPL_BLK16(SS_AES_cbc_encrypt, aes_context, u_int8_t *, aes_encrypt, aes_decrypt); diff --git a/src/libcrypto/libaes/aes_cbc.h b/src/libcrypto/libaes/aes_cbc.h deleted file mode 100644 index 65015da6e..000000000 --- a/src/libcrypto/libaes/aes_cbc.h +++ /dev/null @@ -1,4 +0,0 @@ -/* Glue header */ -#include "aes.h" -int SS_AES_set_key(aes_context *aes_ctx, const u_int8_t * key, int keysize); -int SS_AES_cbc_encrypt(aes_context *ctx, const u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt); diff --git a/src/libcrypto/libaes/aes_xcbc_mac.c b/src/libcrypto/libaes/aes_xcbc_mac.c deleted file mode 100644 index 89d7bc067..000000000 --- a/src/libcrypto/libaes/aes_xcbc_mac.c +++ /dev/null @@ -1,67 +0,0 @@ -#ifdef __KERNEL__ -#include <linux/types.h> -#include <linux/kernel.h> -#define DEBUG(x) -#else -#include <stdio.h> -#include <sys/types.h> -#define DEBUG(x) x -#endif - -#include "aes.h" -#include "aes_xcbc_mac.h" - -int AES_xcbc_mac_set_key(aes_context_mac *ctxm, const u_int8_t *key, int keylen) -{ - int ret=1; - aes_block kn[3] = { - { 0x01010101, 0x01010101, 0x01010101, 0x01010101 }, - { 0x02020202, 0x02020202, 0x02020202, 0x02020202 }, - { 0x03030303, 0x03030303, 0x03030303, 0x03030303 }, - }; - aes_set_key(&ctxm->ctx_k1, key, keylen, 0); - aes_encrypt(&ctxm->ctx_k1, (u_int8_t *) kn[0], (u_int8_t *) kn[0]); - aes_encrypt(&ctxm->ctx_k1, (u_int8_t *) kn[1], (u_int8_t *) ctxm->k2); - aes_encrypt(&ctxm->ctx_k1, (u_int8_t *) kn[2], (u_int8_t *) ctxm->k3); - aes_set_key(&ctxm->ctx_k1, (u_int8_t *) kn[0], 16, 0); - return ret; -} -static void do_pad_xor(u_int8_t *out, const u_int8_t *in, int len) { - int pos=0; - for (pos=1; pos <= 16; pos++, in++, out++) { - if (pos <= len) - *out ^= *in; - if (pos > len) { - DEBUG(printf("put 0x80 at pos=%d\n", pos)); - *out ^= 0x80; - break; - } - } -} -static void xor_block(aes_block res, const aes_block op) { - res[0] ^= op[0]; - res[1] ^= op[1]; - res[2] ^= op[2]; - res[3] ^= op[3]; -} -int AES_xcbc_mac_hash(const aes_context_mac *ctxm, const u_int8_t * in, int ilen, u_int8_t hash[16]) { - int ret=ilen; - u_int32_t out[4] = { 0, 0, 0, 0 }; - for (; ilen > 16 ; ilen-=16) { - xor_block(out, (const u_int32_t*) &in[0]); - aes_encrypt(&ctxm->ctx_k1, in, (u_int8_t *)&out[0]); - in+=16; - } - do_pad_xor((u_int8_t *)&out, in, ilen); - if (ilen==16) { - DEBUG(printf("using k3\n")); - xor_block(out, ctxm->k3); - } - else - { - DEBUG(printf("using k2\n")); - xor_block(out, ctxm->k2); - } - aes_encrypt(&ctxm->ctx_k1, (u_int8_t *)out, hash); - return ret; -} diff --git a/src/libcrypto/libaes/aes_xcbc_mac.h b/src/libcrypto/libaes/aes_xcbc_mac.h deleted file mode 100644 index baf438cd4..000000000 --- a/src/libcrypto/libaes/aes_xcbc_mac.h +++ /dev/null @@ -1,12 +0,0 @@ -#ifndef _AES_XCBC_MAC_H -#define _AES_XCBC_MAC_H - -typedef u_int32_t aes_block[4]; -typedef struct { - aes_context ctx_k1; - aes_block k2; - aes_block k3; -} aes_context_mac; -int AES_xcbc_mac_set_key(aes_context_mac *ctxm, const u_int8_t *key, int keylen); -int AES_xcbc_mac_hash(const aes_context_mac *ctxm, const u_int8_t * in, int ilen, u_int8_t hash[16]); -#endif /* _AES_XCBC_MAC_H */ diff --git a/src/libcrypto/libaes/asm/aes-i586.S b/src/libcrypto/libaes/asm/aes-i586.S deleted file mode 100644 index df19d0d62..000000000 --- a/src/libcrypto/libaes/asm/aes-i586.S +++ /dev/null @@ -1,892 +0,0 @@ -// -// Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK. -// All rights reserved. -// -// TERMS -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted subject to the following conditions: -// -// 1. Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// -// 2. Redistributions in binary form must reproduce the above copyright -// notice, this list of conditions and the following disclaimer in the -// documentation and/or other materials provided with the distribution. -// -// 3. The copyright holder's name must not be used to endorse or promote -// any products derived from this software without his specific prior -// written permission. -// -// This software is provided 'as is' with no express or implied warranties -// of correctness or fitness for purpose. - -// Modified by Jari Ruusu, December 24 2001 -// - Converted syntax to GNU CPP/assembler syntax -// - C programming interface converted back to "old" API -// - Minor portability cleanups and speed optimizations - -// An AES (Rijndael) implementation for the Pentium. This version only -// implements the standard AES block length (128 bits, 16 bytes). This code -// does not preserve the eax, ecx or edx registers or the artihmetic status -// flags. However, the ebx, esi, edi, and ebp registers are preserved across -// calls. - -// void aes_set_key(aes_context *cx, const unsigned char key[], const int key_len, const int f) -// void aes_encrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[]) -// void aes_decrypt(const aes_context *cx, const unsigned char in_blk[], unsigned char out_blk[]) - -#if defined(USE_UNDERLINE) -# define aes_set_key _aes_set_key -# define aes_encrypt _aes_encrypt -# define aes_decrypt _aes_decrypt -#endif -#if !defined(ALIGN32BYTES) -# define ALIGN32BYTES 32 -#endif - - .file "aes-i586.S" - .globl aes_set_key - .globl aes_encrypt - .globl aes_decrypt - -#define tlen 1024 // length of each of 4 'xor' arrays (256 32-bit words) - -// offsets to parameters with one register pushed onto stack - -#define ctx 8 // AES context structure -#define in_blk 12 // input byte array address parameter -#define out_blk 16 // output byte array address parameter - -// offsets in context structure - -#define nkey 0 // key length, size 4 -#define nrnd 4 // number of rounds, size 4 -#define ekey 8 // encryption key schedule base address, size 256 -#define dkey 264 // decryption key schedule base address, size 256 - -// This macro performs a forward encryption cycle. It is entered with -// the first previous round column values in %eax, %ebx, %esi and %edi and -// exits with the final values in the same registers. - -#define fwd_rnd(p1,p2) \ - mov %ebx,(%esp) ;\ - movzbl %al,%edx ;\ - mov %eax,%ecx ;\ - mov p2(%ebp),%eax ;\ - mov %edi,4(%esp) ;\ - mov p2+12(%ebp),%edi ;\ - xor p1(,%edx,4),%eax ;\ - movzbl %ch,%edx ;\ - shr $16,%ecx ;\ - mov p2+4(%ebp),%ebx ;\ - xor p1+tlen(,%edx,4),%edi ;\ - movzbl %cl,%edx ;\ - movzbl %ch,%ecx ;\ - xor p1+3*tlen(,%ecx,4),%ebx ;\ - mov %esi,%ecx ;\ - mov p1+2*tlen(,%edx,4),%esi ;\ - movzbl %cl,%edx ;\ - xor p1(,%edx,4),%esi ;\ - movzbl %ch,%edx ;\ - shr $16,%ecx ;\ - xor p1+tlen(,%edx,4),%ebx ;\ - movzbl %cl,%edx ;\ - movzbl %ch,%ecx ;\ - xor p1+2*tlen(,%edx,4),%eax ;\ - mov (%esp),%edx ;\ - xor p1+3*tlen(,%ecx,4),%edi ;\ - movzbl %dl,%ecx ;\ - xor p2+8(%ebp),%esi ;\ - xor p1(,%ecx,4),%ebx ;\ - movzbl %dh,%ecx ;\ - shr $16,%edx ;\ - xor p1+tlen(,%ecx,4),%eax ;\ - movzbl %dl,%ecx ;\ - movzbl %dh,%edx ;\ - xor p1+2*tlen(,%ecx,4),%edi ;\ - mov 4(%esp),%ecx ;\ - xor p1+3*tlen(,%edx,4),%esi ;\ - movzbl %cl,%edx ;\ - xor p1(,%edx,4),%edi ;\ - movzbl %ch,%edx ;\ - shr $16,%ecx ;\ - xor p1+tlen(,%edx,4),%esi ;\ - movzbl %cl,%edx ;\ - movzbl %ch,%ecx ;\ - xor p1+2*tlen(,%edx,4),%ebx ;\ - xor p1+3*tlen(,%ecx,4),%eax - -// This macro performs an inverse encryption cycle. It is entered with -// the first previous round column values in %eax, %ebx, %esi and %edi and -// exits with the final values in the same registers. - -#define inv_rnd(p1,p2) \ - movzbl %al,%edx ;\ - mov %ebx,(%esp) ;\ - mov %eax,%ecx ;\ - mov p2(%ebp),%eax ;\ - mov %edi,4(%esp) ;\ - mov p2+4(%ebp),%ebx ;\ - xor p1(,%edx,4),%eax ;\ - movzbl %ch,%edx ;\ - shr $16,%ecx ;\ - mov p2+12(%ebp),%edi ;\ - xor p1+tlen(,%edx,4),%ebx ;\ - movzbl %cl,%edx ;\ - movzbl %ch,%ecx ;\ - xor p1+3*tlen(,%ecx,4),%edi ;\ - mov %esi,%ecx ;\ - mov p1+2*tlen(,%edx,4),%esi ;\ - movzbl %cl,%edx ;\ - xor p1(,%edx,4),%esi ;\ - movzbl %ch,%edx ;\ - shr $16,%ecx ;\ - xor p1+tlen(,%edx,4),%edi ;\ - movzbl %cl,%edx ;\ - movzbl %ch,%ecx ;\ - xor p1+2*tlen(,%edx,4),%eax ;\ - mov (%esp),%edx ;\ - xor p1+3*tlen(,%ecx,4),%ebx ;\ - movzbl %dl,%ecx ;\ - xor p2+8(%ebp),%esi ;\ - xor p1(,%ecx,4),%ebx ;\ - movzbl %dh,%ecx ;\ - shr $16,%edx ;\ - xor p1+tlen(,%ecx,4),%esi ;\ - movzbl %dl,%ecx ;\ - movzbl %dh,%edx ;\ - xor p1+2*tlen(,%ecx,4),%edi ;\ - mov 4(%esp),%ecx ;\ - xor p1+3*tlen(,%edx,4),%eax ;\ - movzbl %cl,%edx ;\ - xor p1(,%edx,4),%edi ;\ - movzbl %ch,%edx ;\ - shr $16,%ecx ;\ - xor p1+tlen(,%edx,4),%eax ;\ - movzbl %cl,%edx ;\ - movzbl %ch,%ecx ;\ - xor p1+2*tlen(,%edx,4),%ebx ;\ - xor p1+3*tlen(,%ecx,4),%esi - -// AES (Rijndael) Encryption Subroutine - - .text - .align ALIGN32BYTES -aes_encrypt: - push %ebp - mov ctx(%esp),%ebp // pointer to context - mov in_blk(%esp),%ecx - push %ebx - push %esi - push %edi - mov nrnd(%ebp),%edx // number of rounds - lea ekey+16(%ebp),%ebp // key pointer - -// input four columns and xor in first round key - - mov (%ecx),%eax - mov 4(%ecx),%ebx - mov 8(%ecx),%esi - mov 12(%ecx),%edi - xor -16(%ebp),%eax - xor -12(%ebp),%ebx - xor -8(%ebp),%esi - xor -4(%ebp),%edi - - sub $8,%esp // space for register saves on stack - - sub $10,%edx - je aes_15 - add $32,%ebp - sub $2,%edx - je aes_13 - add $32,%ebp - - fwd_rnd(aes_ft_tab,-64) // 14 rounds for 256-bit key - fwd_rnd(aes_ft_tab,-48) -aes_13: fwd_rnd(aes_ft_tab,-32) // 12 rounds for 192-bit key - fwd_rnd(aes_ft_tab,-16) -aes_15: fwd_rnd(aes_ft_tab,0) // 10 rounds for 128-bit key - fwd_rnd(aes_ft_tab,16) - fwd_rnd(aes_ft_tab,32) - fwd_rnd(aes_ft_tab,48) - fwd_rnd(aes_ft_tab,64) - fwd_rnd(aes_ft_tab,80) - fwd_rnd(aes_ft_tab,96) - fwd_rnd(aes_ft_tab,112) - fwd_rnd(aes_ft_tab,128) - fwd_rnd(aes_fl_tab,144) // last round uses a different table - -// move final values to the output array. - - mov out_blk+20(%esp),%ebp - add $8,%esp - mov %eax,(%ebp) - mov %ebx,4(%ebp) - mov %esi,8(%ebp) - mov %edi,12(%ebp) - pop %edi - pop %esi - pop %ebx - pop %ebp - ret - - -// AES (Rijndael) Decryption Subroutine - - .align ALIGN32BYTES -aes_decrypt: - push %ebp - mov ctx(%esp),%ebp // pointer to context - mov in_blk(%esp),%ecx - push %ebx - push %esi - push %edi - mov nrnd(%ebp),%edx // number of rounds - lea dkey+16(%ebp),%ebp // key pointer - -// input four columns and xor in first round key - - mov (%ecx),%eax - mov 4(%ecx),%ebx - mov 8(%ecx),%esi - mov 12(%ecx),%edi - xor -16(%ebp),%eax - xor -12(%ebp),%ebx - xor -8(%ebp),%esi - xor -4(%ebp),%edi - - sub $8,%esp // space for register saves on stack - - sub $10,%edx - je aes_25 - add $32,%ebp - sub $2,%edx - je aes_23 - add $32,%ebp - - inv_rnd(aes_it_tab,-64) // 14 rounds for 256-bit key - inv_rnd(aes_it_tab,-48) -aes_23: inv_rnd(aes_it_tab,-32) // 12 rounds for 192-bit key - inv_rnd(aes_it_tab,-16) -aes_25: inv_rnd(aes_it_tab,0) // 10 rounds for 128-bit key - inv_rnd(aes_it_tab,16) - inv_rnd(aes_it_tab,32) - inv_rnd(aes_it_tab,48) - inv_rnd(aes_it_tab,64) - inv_rnd(aes_it_tab,80) - inv_rnd(aes_it_tab,96) - inv_rnd(aes_it_tab,112) - inv_rnd(aes_it_tab,128) - inv_rnd(aes_il_tab,144) // last round uses a different table - -// move final values to the output array. - - mov out_blk+20(%esp),%ebp - add $8,%esp - mov %eax,(%ebp) - mov %ebx,4(%ebp) - mov %esi,8(%ebp) - mov %edi,12(%ebp) - pop %edi - pop %esi - pop %ebx - pop %ebp - ret - -// AES (Rijndael) Key Schedule Subroutine - -// input/output parameters - -#define aes_cx 12 // AES context -#define in_key 16 // key input array address -#define key_ln 20 // key length, bytes (16,24,32) or bits (128,192,256) -#define ed_flg 24 // 0=create both encr/decr keys, 1=create encr key only - -// offsets for locals - -#define cnt -4 -#define kpf -8 -#define slen 8 - -// This macro performs a column mixing operation on an input 32-bit -// word to give a 32-bit result. It uses each of the 4 bytes in the -// the input column to index 4 different tables of 256 32-bit words -// that are xored together to form the output value. - -#define mix_col(p1) \ - movzbl %bl,%ecx ;\ - mov p1(,%ecx,4),%eax ;\ - movzbl %bh,%ecx ;\ - ror $16,%ebx ;\ - xor p1+tlen(,%ecx,4),%eax ;\ - movzbl %bl,%ecx ;\ - xor p1+2*tlen(,%ecx,4),%eax ;\ - movzbl %bh,%ecx ;\ - xor p1+3*tlen(,%ecx,4),%eax - -// Key Schedule Macros - -#define ksc4(p1) \ - rol $24,%ebx ;\ - mix_col(aes_fl_tab) ;\ - ror $8,%ebx ;\ - xor 4*p1+aes_rcon_tab,%eax ;\ - xor %eax,%esi ;\ - xor %esi,%ebp ;\ - mov %esi,16*p1(%edi) ;\ - mov %ebp,16*p1+4(%edi) ;\ - xor %ebp,%edx ;\ - xor %edx,%ebx ;\ - mov %edx,16*p1+8(%edi) ;\ - mov %ebx,16*p1+12(%edi) - -#define ksc6(p1) \ - rol $24,%ebx ;\ - mix_col(aes_fl_tab) ;\ - ror $8,%ebx ;\ - xor 4*p1+aes_rcon_tab,%eax ;\ - xor 24*p1-24(%edi),%eax ;\ - mov %eax,24*p1(%edi) ;\ - xor 24*p1-20(%edi),%eax ;\ - mov %eax,24*p1+4(%edi) ;\ - xor %eax,%esi ;\ - xor %esi,%ebp ;\ - mov %esi,24*p1+8(%edi) ;\ - mov %ebp,24*p1+12(%edi) ;\ - xor %ebp,%edx ;\ - xor %edx,%ebx ;\ - mov %edx,24*p1+16(%edi) ;\ - mov %ebx,24*p1+20(%edi) - -#define ksc8(p1) \ - rol $24,%ebx ;\ - mix_col(aes_fl_tab) ;\ - ror $8,%ebx ;\ - xor 4*p1+aes_rcon_tab,%eax ;\ - xor 32*p1-32(%edi),%eax ;\ - mov %eax,32*p1(%edi) ;\ - xor 32*p1-28(%edi),%eax ;\ - mov %eax,32*p1+4(%edi) ;\ - xor 32*p1-24(%edi),%eax ;\ - mov %eax,32*p1+8(%edi) ;\ - xor 32*p1-20(%edi),%eax ;\ - mov %eax,32*p1+12(%edi) ;\ - push %ebx ;\ - mov %eax,%ebx ;\ - mix_col(aes_fl_tab) ;\ - pop %ebx ;\ - xor %eax,%esi ;\ - xor %esi,%ebp ;\ - mov %esi,32*p1+16(%edi) ;\ - mov %ebp,32*p1+20(%edi) ;\ - xor %ebp,%edx ;\ - xor %edx,%ebx ;\ - mov %edx,32*p1+24(%edi) ;\ - mov %ebx,32*p1+28(%edi) - - .align ALIGN32BYTES -aes_set_key: - pushfl - push %ebp - mov %esp,%ebp - sub $slen,%esp - push %ebx - push %esi - push %edi - - mov aes_cx(%ebp),%edx // edx -> AES context - - mov key_ln(%ebp),%ecx // key length - cmpl $128,%ecx - jb aes_30 - shr $3,%ecx -aes_30: cmpl $32,%ecx - je aes_32 - cmpl $24,%ecx - je aes_32 - mov $16,%ecx -aes_32: shr $2,%ecx - mov %ecx,nkey(%edx) - - lea 6(%ecx),%eax // 10/12/14 for 4/6/8 32-bit key length - mov %eax,nrnd(%edx) - - mov in_key(%ebp),%esi // key input array - lea ekey(%edx),%edi // key position in AES context - cld - push %ebp - mov %ecx,%eax // save key length in eax - rep ; movsl // words in the key schedule - mov -4(%esi),%ebx // put some values in registers - mov -8(%esi),%edx // to allow faster code - mov -12(%esi),%ebp - mov -16(%esi),%esi - - cmpl $4,%eax // jump on key size - je aes_36 - cmpl $6,%eax - je aes_35 - - ksc8(0) - ksc8(1) - ksc8(2) - ksc8(3) - ksc8(4) - ksc8(5) - ksc8(6) - jmp aes_37 -aes_35: ksc6(0) - ksc6(1) - ksc6(2) - ksc6(3) - ksc6(4) - ksc6(5) - ksc6(6) - ksc6(7) - jmp aes_37 -aes_36: ksc4(0) - ksc4(1) - ksc4(2) - ksc4(3) - ksc4(4) - ksc4(5) - ksc4(6) - ksc4(7) - ksc4(8) - ksc4(9) -aes_37: pop %ebp - mov aes_cx(%ebp),%edx // edx -> AES context - cmpl $0,ed_flg(%ebp) - jne aes_39 - -// compile decryption key schedule from encryption schedule - reverse -// order and do mix_column operation on round keys except first and last - - mov nrnd(%edx),%eax // kt = cx->d_key + nc * cx->Nrnd - shl $2,%eax - lea dkey(%edx,%eax,4),%edi - lea ekey(%edx),%esi // kf = cx->e_key - - movsl // copy first round key (unmodified) - movsl - movsl - movsl - sub $32,%edi - movl $1,cnt(%ebp) -aes_38: // do mix column on each column of - lodsl // each round key - mov %eax,%ebx - mix_col(aes_im_tab) - stosl - lodsl - mov %eax,%ebx - mix_col(aes_im_tab) - stosl - lodsl - mov %eax,%ebx - mix_col(aes_im_tab) - stosl - lodsl - mov %eax,%ebx - mix_col(aes_im_tab) - stosl - sub $32,%edi - - incl cnt(%ebp) - mov cnt(%ebp),%eax - cmp nrnd(%edx),%eax - jb aes_38 - - movsl // copy last round key (unmodified) - movsl - movsl - movsl -aes_39: pop %edi - pop %esi - pop %ebx - mov %ebp,%esp - pop %ebp - popfl - ret - - -// finite field multiplies by {02}, {04} and {08} - -#define f2(x) ((x<<1)^(((x>>7)&1)*0x11b)) -#define f4(x) ((x<<2)^(((x>>6)&1)*0x11b)^(((x>>6)&2)*0x11b)) -#define f8(x) ((x<<3)^(((x>>5)&1)*0x11b)^(((x>>5)&2)*0x11b)^(((x>>5)&4)*0x11b)) - -// finite field multiplies required in table generation - -#define f3(x) (f2(x) ^ x) -#define f9(x) (f8(x) ^ x) -#define fb(x) (f8(x) ^ f2(x) ^ x) -#define fd(x) (f8(x) ^ f4(x) ^ x) -#define fe(x) (f8(x) ^ f4(x) ^ f2(x)) - -// These defines generate the forward table entries - -#define u0(x) ((f3(x) << 24) | (x << 16) | (x << 8) | f2(x)) -#define u1(x) ((x << 24) | (x << 16) | (f2(x) << 8) | f3(x)) -#define u2(x) ((x << 24) | (f2(x) << 16) | (f3(x) << 8) | x) -#define u3(x) ((f2(x) << 24) | (f3(x) << 16) | (x << 8) | x) - -// These defines generate the inverse table entries - -#define v0(x) ((fb(x) << 24) | (fd(x) << 16) | (f9(x) << 8) | fe(x)) -#define v1(x) ((fd(x) << 24) | (f9(x) << 16) | (fe(x) << 8) | fb(x)) -#define v2(x) ((f9(x) << 24) | (fe(x) << 16) | (fb(x) << 8) | fd(x)) -#define v3(x) ((fe(x) << 24) | (fb(x) << 16) | (fd(x) << 8) | f9(x)) - -// These defines generate entries for the last round tables - -#define w0(x) (x) -#define w1(x) (x << 8) -#define w2(x) (x << 16) -#define w3(x) (x << 24) - -// macro to generate inverse mix column tables (needed for the key schedule) - -#define im_data0(p1) \ - .long p1(0x00),p1(0x01),p1(0x02),p1(0x03),p1(0x04),p1(0x05),p1(0x06),p1(0x07) ;\ - .long p1(0x08),p1(0x09),p1(0x0a),p1(0x0b),p1(0x0c),p1(0x0d),p1(0x0e),p1(0x0f) ;\ - .long p1(0x10),p1(0x11),p1(0x12),p1(0x13),p1(0x14),p1(0x15),p1(0x16),p1(0x17) ;\ - .long p1(0x18),p1(0x19),p1(0x1a),p1(0x1b),p1(0x1c),p1(0x1d),p1(0x1e),p1(0x1f) -#define im_data1(p1) \ - .long p1(0x20),p1(0x21),p1(0x22),p1(0x23),p1(0x24),p1(0x25),p1(0x26),p1(0x27) ;\ - .long p1(0x28),p1(0x29),p1(0x2a),p1(0x2b),p1(0x2c),p1(0x2d),p1(0x2e),p1(0x2f) ;\ - .long p1(0x30),p1(0x31),p1(0x32),p1(0x33),p1(0x34),p1(0x35),p1(0x36),p1(0x37) ;\ - .long p1(0x38),p1(0x39),p1(0x3a),p1(0x3b),p1(0x3c),p1(0x3d),p1(0x3e),p1(0x3f) -#define im_data2(p1) \ - .long p1(0x40),p1(0x41),p1(0x42),p1(0x43),p1(0x44),p1(0x45),p1(0x46),p1(0x47) ;\ - .long p1(0x48),p1(0x49),p1(0x4a),p1(0x4b),p1(0x4c),p1(0x4d),p1(0x4e),p1(0x4f) ;\ - .long p1(0x50),p1(0x51),p1(0x52),p1(0x53),p1(0x54),p1(0x55),p1(0x56),p1(0x57) ;\ - .long p1(0x58),p1(0x59),p1(0x5a),p1(0x5b),p1(0x5c),p1(0x5d),p1(0x5e),p1(0x5f) -#define im_data3(p1) \ - .long p1(0x60),p1(0x61),p1(0x62),p1(0x63),p1(0x64),p1(0x65),p1(0x66),p1(0x67) ;\ - .long p1(0x68),p1(0x69),p1(0x6a),p1(0x6b),p1(0x6c),p1(0x6d),p1(0x6e),p1(0x6f) ;\ - .long p1(0x70),p1(0x71),p1(0x72),p1(0x73),p1(0x74),p1(0x75),p1(0x76),p1(0x77) ;\ - .long p1(0x78),p1(0x79),p1(0x7a),p1(0x7b),p1(0x7c),p1(0x7d),p1(0x7e),p1(0x7f) -#define im_data4(p1) \ - .long p1(0x80),p1(0x81),p1(0x82),p1(0x83),p1(0x84),p1(0x85),p1(0x86),p1(0x87) ;\ - .long p1(0x88),p1(0x89),p1(0x8a),p1(0x8b),p1(0x8c),p1(0x8d),p1(0x8e),p1(0x8f) ;\ - .long p1(0x90),p1(0x91),p1(0x92),p1(0x93),p1(0x94),p1(0x95),p1(0x96),p1(0x97) ;\ - .long p1(0x98),p1(0x99),p1(0x9a),p1(0x9b),p1(0x9c),p1(0x9d),p1(0x9e),p1(0x9f) -#define im_data5(p1) \ - .long p1(0xa0),p1(0xa1),p1(0xa2),p1(0xa3),p1(0xa4),p1(0xa5),p1(0xa6),p1(0xa7) ;\ - .long p1(0xa8),p1(0xa9),p1(0xaa),p1(0xab),p1(0xac),p1(0xad),p1(0xae),p1(0xaf) ;\ - .long p1(0xb0),p1(0xb1),p1(0xb2),p1(0xb3),p1(0xb4),p1(0xb5),p1(0xb6),p1(0xb7) ;\ - .long p1(0xb8),p1(0xb9),p1(0xba),p1(0xbb),p1(0xbc),p1(0xbd),p1(0xbe),p1(0xbf) -#define im_data6(p1) \ - .long p1(0xc0),p1(0xc1),p1(0xc2),p1(0xc3),p1(0xc4),p1(0xc5),p1(0xc6),p1(0xc7) ;\ - .long p1(0xc8),p1(0xc9),p1(0xca),p1(0xcb),p1(0xcc),p1(0xcd),p1(0xce),p1(0xcf) ;\ - .long p1(0xd0),p1(0xd1),p1(0xd2),p1(0xd3),p1(0xd4),p1(0xd5),p1(0xd6),p1(0xd7) ;\ - .long p1(0xd8),p1(0xd9),p1(0xda),p1(0xdb),p1(0xdc),p1(0xdd),p1(0xde),p1(0xdf) -#define im_data7(p1) \ - .long p1(0xe0),p1(0xe1),p1(0xe2),p1(0xe3),p1(0xe4),p1(0xe5),p1(0xe6),p1(0xe7) ;\ - .long p1(0xe8),p1(0xe9),p1(0xea),p1(0xeb),p1(0xec),p1(0xed),p1(0xee),p1(0xef) ;\ - .long p1(0xf0),p1(0xf1),p1(0xf2),p1(0xf3),p1(0xf4),p1(0xf5),p1(0xf6),p1(0xf7) ;\ - .long p1(0xf8),p1(0xf9),p1(0xfa),p1(0xfb),p1(0xfc),p1(0xfd),p1(0xfe),p1(0xff) - -// S-box data - 256 entries - -#define sb_data0(p1) \ - .long p1(0x63),p1(0x7c),p1(0x77),p1(0x7b),p1(0xf2),p1(0x6b),p1(0x6f),p1(0xc5) ;\ - .long p1(0x30),p1(0x01),p1(0x67),p1(0x2b),p1(0xfe),p1(0xd7),p1(0xab),p1(0x76) ;\ - .long p1(0xca),p1(0x82),p1(0xc9),p1(0x7d),p1(0xfa),p1(0x59),p1(0x47),p1(0xf0) ;\ - .long p1(0xad),p1(0xd4),p1(0xa2),p1(0xaf),p1(0x9c),p1(0xa4),p1(0x72),p1(0xc0) -#define sb_data1(p1) \ - .long p1(0xb7),p1(0xfd),p1(0x93),p1(0x26),p1(0x36),p1(0x3f),p1(0xf7),p1(0xcc) ;\ - .long p1(0x34),p1(0xa5),p1(0xe5),p1(0xf1),p1(0x71),p1(0xd8),p1(0x31),p1(0x15) ;\ - .long p1(0x04),p1(0xc7),p1(0x23),p1(0xc3),p1(0x18),p1(0x96),p1(0x05),p1(0x9a) ;\ - .long p1(0x07),p1(0x12),p1(0x80),p1(0xe2),p1(0xeb),p1(0x27),p1(0xb2),p1(0x75) -#define sb_data2(p1) \ - .long p1(0x09),p1(0x83),p1(0x2c),p1(0x1a),p1(0x1b),p1(0x6e),p1(0x5a),p1(0xa0) ;\ - .long p1(0x52),p1(0x3b),p1(0xd6),p1(0xb3),p1(0x29),p1(0xe3),p1(0x2f),p1(0x84) ;\ - .long p1(0x53),p1(0xd1),p1(0x00),p1(0xed),p1(0x20),p1(0xfc),p1(0xb1),p1(0x5b) ;\ - .long p1(0x6a),p1(0xcb),p1(0xbe),p1(0x39),p1(0x4a),p1(0x4c),p1(0x58),p1(0xcf) -#define sb_data3(p1) \ - .long p1(0xd0),p1(0xef),p1(0xaa),p1(0xfb),p1(0x43),p1(0x4d),p1(0x33),p1(0x85) ;\ - .long p1(0x45),p1(0xf9),p1(0x02),p1(0x7f),p1(0x50),p1(0x3c),p1(0x9f),p1(0xa8) ;\ - .long p1(0x51),p1(0xa3),p1(0x40),p1(0x8f),p1(0x92),p1(0x9d),p1(0x38),p1(0xf5) ;\ - .long p1(0xbc),p1(0xb6),p1(0xda),p1(0x21),p1(0x10),p1(0xff),p1(0xf3),p1(0xd2) -#define sb_data4(p1) \ - .long p1(0xcd),p1(0x0c),p1(0x13),p1(0xec),p1(0x5f),p1(0x97),p1(0x44),p1(0x17) ;\ - .long p1(0xc4),p1(0xa7),p1(0x7e),p1(0x3d),p1(0x64),p1(0x5d),p1(0x19),p1(0x73) ;\ - .long p1(0x60),p1(0x81),p1(0x4f),p1(0xdc),p1(0x22),p1(0x2a),p1(0x90),p1(0x88) ;\ - .long p1(0x46),p1(0xee),p1(0xb8),p1(0x14),p1(0xde),p1(0x5e),p1(0x0b),p1(0xdb) -#define sb_data5(p1) \ - .long p1(0xe0),p1(0x32),p1(0x3a),p1(0x0a),p1(0x49),p1(0x06),p1(0x24),p1(0x5c) ;\ - .long p1(0xc2),p1(0xd3),p1(0xac),p1(0x62),p1(0x91),p1(0x95),p1(0xe4),p1(0x79) ;\ - .long p1(0xe7),p1(0xc8),p1(0x37),p1(0x6d),p1(0x8d),p1(0xd5),p1(0x4e),p1(0xa9) ;\ - .long p1(0x6c),p1(0x56),p1(0xf4),p1(0xea),p1(0x65),p1(0x7a),p1(0xae),p1(0x08) -#define sb_data6(p1) \ - .long p1(0xba),p1(0x78),p1(0x25),p1(0x2e),p1(0x1c),p1(0xa6),p1(0xb4),p1(0xc6) ;\ - .long p1(0xe8),p1(0xdd),p1(0x74),p1(0x1f),p1(0x4b),p1(0xbd),p1(0x8b),p1(0x8a) ;\ - .long p1(0x70),p1(0x3e),p1(0xb5),p1(0x66),p1(0x48),p1(0x03),p1(0xf6),p1(0x0e) ;\ - .long p1(0x61),p1(0x35),p1(0x57),p1(0xb9),p1(0x86),p1(0xc1),p1(0x1d),p1(0x9e) -#define sb_data7(p1) \ - .long p1(0xe1),p1(0xf8),p1(0x98),p1(0x11),p1(0x69),p1(0xd9),p1(0x8e),p1(0x94) ;\ - .long p1(0x9b),p1(0x1e),p1(0x87),p1(0xe9),p1(0xce),p1(0x55),p1(0x28),p1(0xdf) ;\ - .long p1(0x8c),p1(0xa1),p1(0x89),p1(0x0d),p1(0xbf),p1(0xe6),p1(0x42),p1(0x68) ;\ - .long p1(0x41),p1(0x99),p1(0x2d),p1(0x0f),p1(0xb0),p1(0x54),p1(0xbb),p1(0x16) - -// Inverse S-box data - 256 entries - -#define ib_data0(p1) \ - .long p1(0x52),p1(0x09),p1(0x6a),p1(0xd5),p1(0x30),p1(0x36),p1(0xa5),p1(0x38) ;\ - .long p1(0xbf),p1(0x40),p1(0xa3),p1(0x9e),p1(0x81),p1(0xf3),p1(0xd7),p1(0xfb) ;\ - .long p1(0x7c),p1(0xe3),p1(0x39),p1(0x82),p1(0x9b),p1(0x2f),p1(0xff),p1(0x87) ;\ - .long p1(0x34),p1(0x8e),p1(0x43),p1(0x44),p1(0xc4),p1(0xde),p1(0xe9),p1(0xcb) -#define ib_data1(p1) \ - .long p1(0x54),p1(0x7b),p1(0x94),p1(0x32),p1(0xa6),p1(0xc2),p1(0x23),p1(0x3d) ;\ - .long p1(0xee),p1(0x4c),p1(0x95),p1(0x0b),p1(0x42),p1(0xfa),p1(0xc3),p1(0x4e) ;\ - .long p1(0x08),p1(0x2e),p1(0xa1),p1(0x66),p1(0x28),p1(0xd9),p1(0x24),p1(0xb2) ;\ - .long p1(0x76),p1(0x5b),p1(0xa2),p1(0x49),p1(0x6d),p1(0x8b),p1(0xd1),p1(0x25) -#define ib_data2(p1) \ - .long p1(0x72),p1(0xf8),p1(0xf6),p1(0x64),p1(0x86),p1(0x68),p1(0x98),p1(0x16) ;\ - .long p1(0xd4),p1(0xa4),p1(0x5c),p1(0xcc),p1(0x5d),p1(0x65),p1(0xb6),p1(0x92) ;\ - .long p1(0x6c),p1(0x70),p1(0x48),p1(0x50),p1(0xfd),p1(0xed),p1(0xb9),p1(0xda) ;\ - .long p1(0x5e),p1(0x15),p1(0x46),p1(0x57),p1(0xa7),p1(0x8d),p1(0x9d),p1(0x84) -#define ib_data3(p1) \ - .long p1(0x90),p1(0xd8),p1(0xab),p1(0x00),p1(0x8c),p1(0xbc),p1(0xd3),p1(0x0a) ;\ - .long p1(0xf7),p1(0xe4),p1(0x58),p1(0x05),p1(0xb8),p1(0xb3),p1(0x45),p1(0x06) ;\ - .long p1(0xd0),p1(0x2c),p1(0x1e),p1(0x8f),p1(0xca),p1(0x3f),p1(0x0f),p1(0x02) ;\ - .long p1(0xc1),p1(0xaf),p1(0xbd),p1(0x03),p1(0x01),p1(0x13),p1(0x8a),p1(0x6b) -#define ib_data4(p1) \ - .long p1(0x3a),p1(0x91),p1(0x11),p1(0x41),p1(0x4f),p1(0x67),p1(0xdc),p1(0xea) ;\ - .long p1(0x97),p1(0xf2),p1(0xcf),p1(0xce),p1(0xf0),p1(0xb4),p1(0xe6),p1(0x73) ;\ - .long p1(0x96),p1(0xac),p1(0x74),p1(0x22),p1(0xe7),p1(0xad),p1(0x35),p1(0x85) ;\ - .long p1(0xe2),p1(0xf9),p1(0x37),p1(0xe8),p1(0x1c),p1(0x75),p1(0xdf),p1(0x6e) -#define ib_data5(p1) \ - .long p1(0x47),p1(0xf1),p1(0x1a),p1(0x71),p1(0x1d),p1(0x29),p1(0xc5),p1(0x89) ;\ - .long p1(0x6f),p1(0xb7),p1(0x62),p1(0x0e),p1(0xaa),p1(0x18),p1(0xbe),p1(0x1b) ;\ - .long p1(0xfc),p1(0x56),p1(0x3e),p1(0x4b),p1(0xc6),p1(0xd2),p1(0x79),p1(0x20) ;\ - .long p1(0x9a),p1(0xdb),p1(0xc0),p1(0xfe),p1(0x78),p1(0xcd),p1(0x5a),p1(0xf4) -#define ib_data6(p1) \ - .long p1(0x1f),p1(0xdd),p1(0xa8),p1(0x33),p1(0x88),p1(0x07),p1(0xc7),p1(0x31) ;\ - .long p1(0xb1),p1(0x12),p1(0x10),p1(0x59),p1(0x27),p1(0x80),p1(0xec),p1(0x5f) ;\ - .long p1(0x60),p1(0x51),p1(0x7f),p1(0xa9),p1(0x19),p1(0xb5),p1(0x4a),p1(0x0d) ;\ - .long p1(0x2d),p1(0xe5),p1(0x7a),p1(0x9f),p1(0x93),p1(0xc9),p1(0x9c),p1(0xef) -#define ib_data7(p1) \ - .long p1(0xa0),p1(0xe0),p1(0x3b),p1(0x4d),p1(0xae),p1(0x2a),p1(0xf5),p1(0xb0) ;\ - .long p1(0xc8),p1(0xeb),p1(0xbb),p1(0x3c),p1(0x83),p1(0x53),p1(0x99),p1(0x61) ;\ - .long p1(0x17),p1(0x2b),p1(0x04),p1(0x7e),p1(0xba),p1(0x77),p1(0xd6),p1(0x26) ;\ - .long p1(0xe1),p1(0x69),p1(0x14),p1(0x63),p1(0x55),p1(0x21),p1(0x0c),p1(0x7d) - -// The rcon_table (needed for the key schedule) -// -// Here is original Dr Brian Gladman's source code: -// _rcon_tab: -// %assign x 1 -// %rep 29 -// dd x -// %assign x f2(x) -// %endrep -// -// Here is precomputed output (it's more portable this way): - - .align ALIGN32BYTES -aes_rcon_tab: - .long 0x01,0x02,0x04,0x08,0x10,0x20,0x40,0x80 - .long 0x1b,0x36,0x6c,0xd8,0xab,0x4d,0x9a,0x2f - .long 0x5e,0xbc,0x63,0xc6,0x97,0x35,0x6a,0xd4 - .long 0xb3,0x7d,0xfa,0xef,0xc5 - -// The forward xor tables - - .align ALIGN32BYTES -aes_ft_tab: - sb_data0(u0) - sb_data1(u0) - sb_data2(u0) - sb_data3(u0) - sb_data4(u0) - sb_data5(u0) - sb_data6(u0) - sb_data7(u0) - - sb_data0(u1) - sb_data1(u1) - sb_data2(u1) - sb_data3(u1) - sb_data4(u1) - sb_data5(u1) - sb_data6(u1) - sb_data7(u1) - - sb_data0(u2) - sb_data1(u2) - sb_data2(u2) - sb_data3(u2) - sb_data4(u2) - sb_data5(u2) - sb_data6(u2) - sb_data7(u2) - - sb_data0(u3) - sb_data1(u3) - sb_data2(u3) - sb_data3(u3) - sb_data4(u3) - sb_data5(u3) - sb_data6(u3) - sb_data7(u3) - - .align ALIGN32BYTES -aes_fl_tab: - sb_data0(w0) - sb_data1(w0) - sb_data2(w0) - sb_data3(w0) - sb_data4(w0) - sb_data5(w0) - sb_data6(w0) - sb_data7(w0) - - sb_data0(w1) - sb_data1(w1) - sb_data2(w1) - sb_data3(w1) - sb_data4(w1) - sb_data5(w1) - sb_data6(w1) - sb_data7(w1) - - sb_data0(w2) - sb_data1(w2) - sb_data2(w2) - sb_data3(w2) - sb_data4(w2) - sb_data5(w2) - sb_data6(w2) - sb_data7(w2) - - sb_data0(w3) - sb_data1(w3) - sb_data2(w3) - sb_data3(w3) - sb_data4(w3) - sb_data5(w3) - sb_data6(w3) - sb_data7(w3) - -// The inverse xor tables - - .align ALIGN32BYTES -aes_it_tab: - ib_data0(v0) - ib_data1(v0) - ib_data2(v0) - ib_data3(v0) - ib_data4(v0) - ib_data5(v0) - ib_data6(v0) - ib_data7(v0) - - ib_data0(v1) - ib_data1(v1) - ib_data2(v1) - ib_data3(v1) - ib_data4(v1) - ib_data5(v1) - ib_data6(v1) - ib_data7(v1) - - ib_data0(v2) - ib_data1(v2) - ib_data2(v2) - ib_data3(v2) - ib_data4(v2) - ib_data5(v2) - ib_data6(v2) - ib_data7(v2) - - ib_data0(v3) - ib_data1(v3) - ib_data2(v3) - ib_data3(v3) - ib_data4(v3) - ib_data5(v3) - ib_data6(v3) - ib_data7(v3) - - .align ALIGN32BYTES -aes_il_tab: - ib_data0(w0) - ib_data1(w0) - ib_data2(w0) - ib_data3(w0) - ib_data4(w0) - ib_data5(w0) - ib_data6(w0) - ib_data7(w0) - - ib_data0(w1) - ib_data1(w1) - ib_data2(w1) - ib_data3(w1) - ib_data4(w1) - ib_data5(w1) - ib_data6(w1) - ib_data7(w1) - - ib_data0(w2) - ib_data1(w2) - ib_data2(w2) - ib_data3(w2) - ib_data4(w2) - ib_data5(w2) - ib_data6(w2) - ib_data7(w2) - - ib_data0(w3) - ib_data1(w3) - ib_data2(w3) - ib_data3(w3) - ib_data4(w3) - ib_data5(w3) - ib_data6(w3) - ib_data7(w3) - -// The inverse mix column tables - - .align ALIGN32BYTES -aes_im_tab: - im_data0(v0) - im_data1(v0) - im_data2(v0) - im_data3(v0) - im_data4(v0) - im_data5(v0) - im_data6(v0) - im_data7(v0) - - im_data0(v1) - im_data1(v1) - im_data2(v1) - im_data3(v1) - im_data4(v1) - im_data5(v1) - im_data6(v1) - im_data7(v1) - - im_data0(v2) - im_data1(v2) - im_data2(v2) - im_data3(v2) - im_data4(v2) - im_data5(v2) - im_data6(v2) - im_data7(v2) - - im_data0(v3) - im_data1(v3) - im_data2(v3) - im_data3(v3) - im_data4(v3) - im_data5(v3) - im_data6(v3) - im_data7(v3) diff --git a/src/libcrypto/libaes/test_main.c b/src/libcrypto/libaes/test_main.c deleted file mode 100644 index 5fd4599be..000000000 --- a/src/libcrypto/libaes/test_main.c +++ /dev/null @@ -1,41 +0,0 @@ -#include <stdio.h> -#include <string.h> -#include <sys/types.h> -#include "aes_cbc.h" -#define AES_BLOCK_SIZE 16 -#define KEY_SIZE 128 /* bits */ -#define KEY "1234567890123456" -#define STR "hola guaso como estaisss ... 012" -#define STRSZ (sizeof(STR)-1) - -#define EMT_AESCBC_BLKLEN AES_BLOCK_SIZE -#define AES_CONTEXT_T aes_context -#define EMT_ESPAES_KEY_SZ 16 -int pretty_print(const unsigned char *buf, int count) { - int i=0; - for (;i<count;i++) { - if (i%8==0) putchar(' '); - if (i%16==0) putchar('\n'); - printf ("%02hhx ", buf[i]); - } - putchar('\n'); - return i; -} -//#define SIZE STRSZ/2 -#define SIZE STRSZ -int main() { - int ret; - char buf0[SIZE+1], buf1[SIZE+1]; - char IV[AES_BLOCK_SIZE]="\0\0\0\0\0\0\0\0" "\0\0\0\0\0\0\0\0"; - aes_context ac; - AES_set_key(&ac, KEY, KEY_SIZE); - //pretty_print((char *)&ac.aes_e_key, sizeof(ac.aes_e_key)); - memset(buf0, 0, sizeof (buf0)); - memset(buf1, 0, sizeof (buf1)); - ret=AES_cbc_encrypt(&ac, STR, buf0, SIZE, IV, 1); - pretty_print(buf0, SIZE); - printf("size=%d ret=%d\n%s\n", SIZE, ret, buf0); - ret=AES_cbc_encrypt(&ac, buf0, buf1, SIZE, IV, 0); - printf("size=%d ret=%d\n%s\n", SIZE, ret, buf1); - return 0; -} diff --git a/src/libcrypto/libaes/test_main_mac.c b/src/libcrypto/libaes/test_main_mac.c deleted file mode 100644 index eea47dc9c..000000000 --- a/src/libcrypto/libaes/test_main_mac.c +++ /dev/null @@ -1,30 +0,0 @@ -#include <stdio.h> -#include <sys/types.h> -#include <string.h> -#include "aes.h" -#include "aes_xcbc_mac.h" -#define STR "Hola guasssso c|mo estais ...012" -void print_hash(const __u8 *hash) { - printf("%08x %08x %08x %08x\n", - *(__u32*)(&hash[0]), - *(__u32*)(&hash[4]), - *(__u32*)(&hash[8]), - *(__u32*)(&hash[12])); -} -int main(int argc, char *argv[]) { - aes_block key= { 0xdeadbeef, 0xceedcaca, 0xcafebabe, 0xff010204 }; - __u8 hash[16]; - char *str = argv[1]; - aes_context_mac ctx; - if (str==NULL) { - fprintf(stderr, "pasame el str\n"); - return 255; - } - AES_xcbc_mac_set_key(&ctx, (__u8 *)&key, sizeof(key)); - AES_xcbc_mac_hash(&ctx, str, strlen(str), hash); - print_hash(hash); - str[2]='x'; - AES_xcbc_mac_hash(&ctx, str, strlen(str), hash); - print_hash(hash); - return 0; -} diff --git a/src/libcrypto/libblowfish/COPYRIGHT b/src/libcrypto/libblowfish/COPYRIGHT deleted file mode 100644 index 685722350..000000000 --- a/src/libcrypto/libblowfish/COPYRIGHT +++ /dev/null @@ -1,46 +0,0 @@ -Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) -All rights reserved. - -This package is an Blowfish implementation written -by Eric Young (eay@cryptsoft.com). - -This library is free for commercial and non-commercial use as long as -the following conditions are aheared to. The following conditions -apply to all code found in this distribution. - -Copyright remains Eric Young's, and as such any Copyright notices in -the code are not to be removed. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. -3. All advertising materials mentioning features or use of this software - must display the following acknowledgement: - This product includes software developed by Eric Young (eay@cryptsoft.com) - -THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -The license and distribution terms for any publically available version or -derivative of this code cannot be changed. i.e. this code cannot simply be -copied and put under another distrubution license -[including the GNU Public License.] - -The reason behind this being stated in this direct manner is past -experience in code simply being copied and the attribution removed -from it and then being distributed as part of other packages. This -implementation was a non-trivial and unpaid effort. diff --git a/src/libcrypto/libblowfish/INSTALL b/src/libcrypto/libblowfish/INSTALL deleted file mode 100644 index 3b2592353..000000000 --- a/src/libcrypto/libblowfish/INSTALL +++ /dev/null @@ -1,14 +0,0 @@ -This Eric Young's blowfish implementation, taken from his SSLeay library -and made available as a separate library. - -The version number (0.7.2m) is the SSLeay version that this library was -taken from. - -To build, just unpack and type make. -If you are not using gcc, edit the Makefile. -If you are compiling for an x86 box, try the assembler (it needs improving). -There are also some compile time options that can improve performance, -these are documented in the Makefile. - -eric 15-Apr-1997 - diff --git a/src/libcrypto/libblowfish/Makefile.old b/src/libcrypto/libblowfish/Makefile.old deleted file mode 100644 index 62724042b..000000000 --- a/src/libcrypto/libblowfish/Makefile.old +++ /dev/null @@ -1,121 +0,0 @@ -# -# SSLeay/crypto/blowfish/Makefile -# - -DIR= bf -TOP= ../.. -CC= cc -CPP= $(CC) -E -INC=-I ../include -CFLAG=-g -D__KERNEL__ -I/usr/src/linux/include -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MAKEFILE= Makefile.ssl -AR= ar r -RANLIB= ranlib -PERL= perl - -CFLAGS= $(INC) $(CFLAG) - -.c.o: - $(CC) $(CPPFLAGS) $(CFLAGS) $(INC) -c $< -o $@ - -BF_ASM-i586 := bf-586.pl -BF_ASM-i686 := bf-686.pl -BF_ENC := bf_enc.o - -ASM-$(ARCH_ASM):=1 -ASM_X86:=$(ASM-i586)$(ASM-i686) -ifneq ($(strip $(ASM_X86)),) - BF_ENC= asm/bx86-elf.o - BF_ASM= $(BF_ASM-$(ARCH_ASM)) -endif - - -GENERAL=Makefile -TEST=bftest.c -APPS= - -LIB=libblowfish.a -LIBSRC=bf_skey.c bf_enc.c -LIBOBJ=bf_skey.o $(BF_ENC) - -SRC= $(LIBSRC) - -EXHEADER= blowfish.h -HEADER= bf_pi.h bf_locl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -#top: -# (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIB) - -$(LIB): $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) - -# elf -asm/bx86-elf.o: asm/bx86unix.cpp - $(CPP) -DELF -x c asm/bx86unix.cpp | as -o asm/bx86-elf.o - -# solaris -asm/bx86-sol.o: asm/bx86unix.cpp - $(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s - as -o asm/bx86-sol.o asm/bx86-sol.s - rm -f asm/bx86-sol.s - -# a.out -asm/bx86-out.o: asm/bx86unix.cpp - $(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o - -# bsdi -asm/bx86bsdi.o: asm/bx86unix.cpp - $(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o - -asm/bx86unix.cpp: asm/$(BF_ASM) ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) $(BF_ASM) cpp $(PROCESSOR) >bx86unix.cpp) - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @$(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: installs - -installs: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/bx86unix.cpp *.o asm/*.o *.obj $(LIB) tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/src/libcrypto/libblowfish/Makefile.ssl b/src/libcrypto/libblowfish/Makefile.ssl deleted file mode 100644 index adc9eec3c..000000000 --- a/src/libcrypto/libblowfish/Makefile.ssl +++ /dev/null @@ -1,118 +0,0 @@ -# -# SSLeay/crypto/blowfish/Makefile -# - -DIR= bf -TOP= ../.. -CC= cc -CPP= $(CC) -E -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKE= make -f Makefile.ssl -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MAKEFILE= Makefile.ssl -AR= ar r - -BF_ENC= bf_enc.o -# or use -#DES_ENC= bx86-elf.o - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=bftest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c -LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o - -SRC= $(LIBSRC) - -EXHEADER= blowfish.h -HEADER= bf_pi.h bf_locl.h $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) - @touch lib - -# elf -asm/bx86-elf.o: asm/bx86unix.cpp - $(CPP) -DELF -x c asm/bx86unix.cpp | as -o asm/bx86-elf.o - -# solaris -asm/bx86-sol.o: asm/bx86unix.cpp - $(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s - as -o asm/bx86-sol.o asm/bx86-sol.s - rm -f asm/bx86-sol.s - -# a.out -asm/bx86-out.o: asm/bx86unix.cpp - $(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o - -# bsdi -asm/bx86bsdi.o: asm/bx86unix.cpp - $(CPP) -DBSDI asm/bx86unix.cpp | sed 's/ :/:/' | as -o asm/bx86bsdi.o - -asm/bx86unix.cpp: asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl - (cd asm; $(PERL) bf-586.pl cpp $(PROCESSOR) >bx86unix.cpp) - -files: - $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO - -links: - @$(TOP)/util/point.sh Makefile.ssl Makefile - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: installs - -installs: - @for i in $(EXHEADER) ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f asm/bx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -bf_cfb64.o: ../../include/openssl/blowfish.h -bf_cfb64.o: ../../include/openssl/opensslconf.h bf_locl.h -bf_ecb.o: ../../include/openssl/blowfish.h ../../include/openssl/opensslconf.h -bf_ecb.o: ../../include/openssl/opensslv.h bf_locl.h -bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/opensslconf.h -bf_enc.o: bf_locl.h -bf_ofb64.o: ../../include/openssl/blowfish.h -bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h -bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/opensslconf.h -bf_skey.o: bf_locl.h bf_pi.h diff --git a/src/libcrypto/libblowfish/README b/src/libcrypto/libblowfish/README deleted file mode 100644 index f2712fd0e..000000000 --- a/src/libcrypto/libblowfish/README +++ /dev/null @@ -1,8 +0,0 @@ -This is a quick packaging up of my blowfish code into a library. -It has been lifted from SSLeay. -The copyright notices seem a little harsh because I have not spent the -time to rewrite the conditions from the normal SSLeay ones. - -Basically if you just want to play with the library, not a problem. - -eric 15-Apr-1997 diff --git a/src/libcrypto/libblowfish/VERSION b/src/libcrypto/libblowfish/VERSION deleted file mode 100644 index be995855e..000000000 --- a/src/libcrypto/libblowfish/VERSION +++ /dev/null @@ -1,6 +0,0 @@ -The version numbers will follow my SSL implementation - -0.7.2r - Some reasonable default compiler options from - Peter Gutman <pgut001@cs.auckland.ac.nz> - -0.7.2m - the first release diff --git a/src/libcrypto/libblowfish/asm/bf-586.pl b/src/libcrypto/libblowfish/asm/bf-586.pl deleted file mode 100644 index f00f3f4bf..000000000 --- a/src/libcrypto/libblowfish/asm/bf-586.pl +++ /dev/null @@ -1,136 +0,0 @@ -#!/usr/bin/perl - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; -require "cbc.pl"; - -&asm_init($ARGV[0],"bf-586.pl",$ARGV[$#ARGV] eq "386"); - -$BF_ROUNDS=16; -$BF_OFF=($BF_ROUNDS+2)*4; -$L="edi"; -$R="esi"; -$P="ebp"; -$tmp1="eax"; -$tmp2="ebx"; -$tmp3="ecx"; -$tmp4="edx"; - -&BF_encrypt("BF_encrypt",1); -&BF_encrypt("BF_decrypt",0); -&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1); -&asm_finish(); - -sub BF_encrypt - { - local($name,$enc)=@_; - - &function_begin_B($name,""); - - &comment(""); - - &push("ebp"); - &push("ebx"); - &mov($tmp2,&wparam(0)); - &mov($P,&wparam(1)); - &push("esi"); - &push("edi"); - - &comment("Load the 2 words"); - &mov($L,&DWP(0,$tmp2,"",0)); - &mov($R,&DWP(4,$tmp2,"",0)); - - &xor( $tmp1, $tmp1); - - # encrypting part - - if ($enc) - { - &mov($tmp2,&DWP(0,$P,"",0)); - &xor( $tmp3, $tmp3); - - &xor($L,$tmp2); - for ($i=0; $i<$BF_ROUNDS; $i+=2) - { - &comment(""); - &comment("Round $i"); - &BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1); - } - # &mov($tmp1,&wparam(0)); In last loop - &mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); - } - else - { - &mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); - &xor( $tmp3, $tmp3); - - &xor($L,$tmp2); - for ($i=$BF_ROUNDS; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0); - } - # &mov($tmp1,&wparam(0)); In last loop - &mov($tmp4,&DWP(0,$P,"",0)); - } - - &xor($R,$tmp4); - &mov(&DWP(4,$tmp1,"",0),$L); - - &mov(&DWP(0,$tmp1,"",0),$R); - &function_end($name); - } - -sub BF_ENCRYPT - { - local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_; - - &mov( $tmp4, &DWP(&n2a($i*4),$P,"",0)); # for next round - - &mov( $tmp2, $R); - &xor( $L, $tmp4); - - &shr( $tmp2, 16); - &mov( $tmp4, $R); - - &movb( &LB($tmp1), &HB($tmp2)); # A - &and( $tmp2, 0xff); # B - - &movb( &LB($tmp3), &HB($tmp4)); # C - &and( $tmp4, 0xff); # D - - &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4)); - &mov( $tmp2, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4)); - - &add( $tmp2, $tmp1); - &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4)); - - &xor( $tmp2, $tmp1); - &mov( $tmp4, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4)); - - &add( $tmp2, $tmp4); - if (($enc && ($i != 16)) || ((!$enc) && ($i != 1))) - { &xor( $tmp1, $tmp1); } - else - { - &comment("Load parameter 0 ($i) enc=$enc"); - &mov($tmp1,&wparam(0)); - } # In last loop - - &xor( $L, $tmp2); - # delay - } - -sub n2a - { - sprintf("%d",$_[0]); - } - diff --git a/src/libcrypto/libblowfish/asm/bf-686.pl b/src/libcrypto/libblowfish/asm/bf-686.pl deleted file mode 100644 index 9222f5e7a..000000000 --- a/src/libcrypto/libblowfish/asm/bf-686.pl +++ /dev/null @@ -1,127 +0,0 @@ -#!/usr/bin/perl - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; -require "cbc.pl"; - -&asm_init($ARGV[0],"bf-686.pl"); - -$BF_ROUNDS=16; -$BF_OFF=($BF_ROUNDS+2)*4; -$L="ecx"; -$R="edx"; -$P="edi"; -$tot="esi"; -$tmp1="eax"; -$tmp2="ebx"; -$tmp3="ebp"; - -&des_encrypt("BF_encrypt",1); -&des_encrypt("BF_decrypt",0); -&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1); - -&asm_finish(); - -&file_end(); - -sub des_encrypt - { - local($name,$enc)=@_; - - &function_begin($name,""); - - &comment(""); - &comment("Load the 2 words"); - &mov("eax",&wparam(0)); - &mov($L,&DWP(0,"eax","",0)); - &mov($R,&DWP(4,"eax","",0)); - - &comment(""); - &comment("P pointer, s and enc flag"); - &mov($P,&wparam(1)); - - &xor( $tmp1, $tmp1); - &xor( $tmp2, $tmp2); - - # encrypting part - - if ($enc) - { - &xor($L,&DWP(0,$P,"",0)); - for ($i=0; $i<$BF_ROUNDS; $i+=2) - { - &comment(""); - &comment("Round $i"); - &BF_ENCRYPT($i+1,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &BF_ENCRYPT($i+2,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3); - } - &xor($R,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); - - &mov("eax",&wparam(0)); - &mov(&DWP(0,"eax","",0),$R); - &mov(&DWP(4,"eax","",0),$L); - &function_end_A($name); - } - else - { - &xor($L,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); - for ($i=$BF_ROUNDS; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &BF_ENCRYPT($i,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &BF_ENCRYPT($i-1,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3); - } - &xor($R,&DWP(0,$P,"",0)); - - &mov("eax",&wparam(0)); - &mov(&DWP(0,"eax","",0),$R); - &mov(&DWP(4,"eax","",0),$L); - &function_end_A($name); - } - - &function_end_B($name); - } - -sub BF_ENCRYPT - { - local($i,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3)=@_; - - &rotr( $R, 16); - &mov( $tot, &DWP(&n2a($i*4),$P,"",0)); - - &movb( &LB($tmp1), &HB($R)); - &movb( &LB($tmp2), &LB($R)); - - &rotr( $R, 16); - &xor( $L, $tot); - - &mov( $tot, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4)); - &mov( $tmp3, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4)); - - &movb( &LB($tmp1), &HB($R)); - &movb( &LB($tmp2), &LB($R)); - - &add( $tot, $tmp3); - &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp1,4)); # delay - - &xor( $tot, $tmp1); - &mov( $tmp3, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp2,4)); - - &add( $tot, $tmp3); - &xor( $tmp1, $tmp1); - - &xor( $L, $tot); - # delay - } - -sub n2a - { - sprintf("%d",$_[0]); - } - diff --git a/src/libcrypto/libblowfish/asm/readme b/src/libcrypto/libblowfish/asm/readme deleted file mode 100644 index 2385fa381..000000000 --- a/src/libcrypto/libblowfish/asm/readme +++ /dev/null @@ -1,10 +0,0 @@ -There are blowfish assembler generation scripts. -bf-586.pl version is for the pentium and -bf-686.pl is my original version, which is faster on the pentium pro. - -When using a bf-586.pl, the pentium pro/II is %8 slower than using -bf-686.pl. When using a bf-686.pl, the pentium is %16 slower -than bf-586.pl - -So the default is bf-586.pl - diff --git a/src/libcrypto/libblowfish/bf_enc.c b/src/libcrypto/libblowfish/bf_enc.c deleted file mode 100644 index aa6c79812..000000000 --- a/src/libcrypto/libblowfish/bf_enc.c +++ /dev/null @@ -1,306 +0,0 @@ -/* crypto/bf/bf_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "blowfish.h" -#include "bf_locl.h" - -/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper' - * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, - * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) - */ - -#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20) -#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \ -to modify the code. -#endif - -void BF_encrypt(BF_LONG *data, const BF_KEY *key) - { -#ifndef BF_PTR2 - const BF_LONG *p,*s; - BF_LONG l,r; - - p=key->P; - s= &(key->S[0]); - l=data[0]; - r=data[1]; - - l^=p[0]; - BF_ENC(r,l,s,p[ 1]); - BF_ENC(l,r,s,p[ 2]); - BF_ENC(r,l,s,p[ 3]); - BF_ENC(l,r,s,p[ 4]); - BF_ENC(r,l,s,p[ 5]); - BF_ENC(l,r,s,p[ 6]); - BF_ENC(r,l,s,p[ 7]); - BF_ENC(l,r,s,p[ 8]); - BF_ENC(r,l,s,p[ 9]); - BF_ENC(l,r,s,p[10]); - BF_ENC(r,l,s,p[11]); - BF_ENC(l,r,s,p[12]); - BF_ENC(r,l,s,p[13]); - BF_ENC(l,r,s,p[14]); - BF_ENC(r,l,s,p[15]); - BF_ENC(l,r,s,p[16]); -#if BF_ROUNDS == 20 - BF_ENC(r,l,s,p[17]); - BF_ENC(l,r,s,p[18]); - BF_ENC(r,l,s,p[19]); - BF_ENC(l,r,s,p[20]); -#endif - r^=p[BF_ROUNDS+1]; - - data[1]=l&0xffffffffL; - data[0]=r&0xffffffffL; -#else - BF_LONG l,r,t,*k; - - l=data[0]; - r=data[1]; - k=(BF_LONG*)key; - - l^=k[0]; - BF_ENC(r,l,k, 1); - BF_ENC(l,r,k, 2); - BF_ENC(r,l,k, 3); - BF_ENC(l,r,k, 4); - BF_ENC(r,l,k, 5); - BF_ENC(l,r,k, 6); - BF_ENC(r,l,k, 7); - BF_ENC(l,r,k, 8); - BF_ENC(r,l,k, 9); - BF_ENC(l,r,k,10); - BF_ENC(r,l,k,11); - BF_ENC(l,r,k,12); - BF_ENC(r,l,k,13); - BF_ENC(l,r,k,14); - BF_ENC(r,l,k,15); - BF_ENC(l,r,k,16); -#if BF_ROUNDS == 20 - BF_ENC(r,l,k,17); - BF_ENC(l,r,k,18); - BF_ENC(r,l,k,19); - BF_ENC(l,r,k,20); -#endif - r^=k[BF_ROUNDS+1]; - - data[1]=l&0xffffffffL; - data[0]=r&0xffffffffL; -#endif - } - -#ifndef BF_DEFAULT_OPTIONS - -void BF_decrypt(BF_LONG *data, const BF_KEY *key) - { -#ifndef BF_PTR2 - const BF_LONG *p,*s; - BF_LONG l,r; - - p=key->P; - s= &(key->S[0]); - l=data[0]; - r=data[1]; - - l^=p[BF_ROUNDS+1]; -#if BF_ROUNDS == 20 - BF_ENC(r,l,s,p[20]); - BF_ENC(l,r,s,p[19]); - BF_ENC(r,l,s,p[18]); - BF_ENC(l,r,s,p[17]); -#endif - BF_ENC(r,l,s,p[16]); - BF_ENC(l,r,s,p[15]); - BF_ENC(r,l,s,p[14]); - BF_ENC(l,r,s,p[13]); - BF_ENC(r,l,s,p[12]); - BF_ENC(l,r,s,p[11]); - BF_ENC(r,l,s,p[10]); - BF_ENC(l,r,s,p[ 9]); - BF_ENC(r,l,s,p[ 8]); - BF_ENC(l,r,s,p[ 7]); - BF_ENC(r,l,s,p[ 6]); - BF_ENC(l,r,s,p[ 5]); - BF_ENC(r,l,s,p[ 4]); - BF_ENC(l,r,s,p[ 3]); - BF_ENC(r,l,s,p[ 2]); - BF_ENC(l,r,s,p[ 1]); - r^=p[0]; - - data[1]=l&0xffffffffL; - data[0]=r&0xffffffffL; -#else - BF_LONG l,r,t,*k; - - l=data[0]; - r=data[1]; - k=(BF_LONG *)key; - - l^=k[BF_ROUNDS+1]; -#if BF_ROUNDS == 20 - BF_ENC(r,l,k,20); - BF_ENC(l,r,k,19); - BF_ENC(r,l,k,18); - BF_ENC(l,r,k,17); -#endif - BF_ENC(r,l,k,16); - BF_ENC(l,r,k,15); - BF_ENC(r,l,k,14); - BF_ENC(l,r,k,13); - BF_ENC(r,l,k,12); - BF_ENC(l,r,k,11); - BF_ENC(r,l,k,10); - BF_ENC(l,r,k, 9); - BF_ENC(r,l,k, 8); - BF_ENC(l,r,k, 7); - BF_ENC(r,l,k, 6); - BF_ENC(l,r,k, 5); - BF_ENC(r,l,k, 4); - BF_ENC(l,r,k, 3); - BF_ENC(r,l,k, 2); - BF_ENC(l,r,k, 1); - r^=k[0]; - - data[1]=l&0xffffffffL; - data[0]=r&0xffffffffL; -#endif - } - -void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int encrypt) - { - BF_LONG tin0,tin1; - BF_LONG tout0,tout1,xor0,xor1; - long l=length; - BF_LONG tin[2]; - - if (encrypt) - { - n2l(ivec,tout0); - n2l(ivec,tout1); - ivec-=8; - for (l-=8; l>=0; l-=8) - { - n2l(in,tin0); - n2l(in,tin1); - tin0^=tout0; - tin1^=tout1; - tin[0]=tin0; - tin[1]=tin1; - BF_encrypt(tin,schedule); - tout0=tin[0]; - tout1=tin[1]; - l2n(tout0,out); - l2n(tout1,out); - } - if (l != -8) - { - n2ln(in,tin0,tin1,l+8); - tin0^=tout0; - tin1^=tout1; - tin[0]=tin0; - tin[1]=tin1; - BF_encrypt(tin,schedule); - tout0=tin[0]; - tout1=tin[1]; - l2n(tout0,out); - l2n(tout1,out); - } - l2n(tout0,ivec); - l2n(tout1,ivec); - } - else - { - n2l(ivec,xor0); - n2l(ivec,xor1); - ivec-=8; - for (l-=8; l>=0; l-=8) - { - n2l(in,tin0); - n2l(in,tin1); - tin[0]=tin0; - tin[1]=tin1; - BF_decrypt(tin,schedule); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2n(tout0,out); - l2n(tout1,out); - xor0=tin0; - xor1=tin1; - } - if (l != -8) - { - n2l(in,tin0); - n2l(in,tin1); - tin[0]=tin0; - tin[1]=tin1; - BF_decrypt(tin,schedule); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2nn(tout0,tout1,out,l+8); - xor0=tin0; - xor1=tin1; - } - l2n(xor0,ivec); - l2n(xor1,ivec); - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; - } - -#endif diff --git a/src/libcrypto/libblowfish/bf_locl.h b/src/libcrypto/libblowfish/bf_locl.h deleted file mode 100644 index 283bf4c43..000000000 --- a/src/libcrypto/libblowfish/bf_locl.h +++ /dev/null @@ -1,218 +0,0 @@ -/* crypto/bf/bf_locl.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BF_LOCL_H -#define HEADER_BF_LOCL_H - -#undef c2l -#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<<24L) - -/* NOTE - c is not incremented as per c2l */ -#undef c2ln -#define c2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ - case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ - case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ - case 5: l2|=((unsigned long)(*(--(c)))); \ - case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ - case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ - case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ - case 1: l1|=((unsigned long)(*(--(c)))); \ - } \ - } - -#undef l2c -#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24L)&0xff)) - -/* NOTE - c is not incremented as per l2c */ -#undef l2cn -#define l2cn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ - } \ - } - -/* NOTE - c is not incremented as per n2l */ -#define n2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c)))) ; \ - case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ - case 6: l2|=((unsigned long)(*(--(c))))<<16; \ - case 5: l2|=((unsigned long)(*(--(c))))<<24; \ - case 4: l1 =((unsigned long)(*(--(c)))) ; \ - case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ - case 2: l1|=((unsigned long)(*(--(c))))<<16; \ - case 1: l1|=((unsigned long)(*(--(c))))<<24; \ - } \ - } - -/* NOTE - c is not incremented as per l2n */ -#define l2nn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ - } \ - } - -#undef n2l -#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))) - -#undef l2n -#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -/* This is actually a big endian algorithm, the most significant byte - * is used to lookup array 0 */ - -#if defined(BF_PTR2) - -/* - * This is basically a special Intel version. Point is that Intel - * doesn't have many registers, but offers a reach choice of addressing - * modes. So we spare some registers by directly traversing BF_KEY - * structure and hiring the most decorated addressing mode. The code - * generated by EGCS is *perfectly* competitive with assembler - * implementation! - */ -#define BF_ENC(LL,R,KEY,Pi) (\ - LL^=KEY[Pi], \ - t= KEY[BF_ROUNDS+2 + 0 + ((R>>24)&0xFF)], \ - t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \ - t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \ - t+= KEY[BF_ROUNDS+2 + 768 + ((R )&0xFF)], \ - LL^=t \ - ) - -#elif defined(BF_PTR) - -#ifndef BF_LONG_LOG2 -#define BF_LONG_LOG2 2 /* default to BF_LONG being 32 bits */ -#endif -#define BF_M (0xFF<<BF_LONG_LOG2) -#define BF_0 (24-BF_LONG_LOG2) -#define BF_1 (16-BF_LONG_LOG2) -#define BF_2 ( 8-BF_LONG_LOG2) -#define BF_3 BF_LONG_LOG2 /* left shift */ - -/* - * This is normally very good on RISC platforms where normally you - * have to explicitly "multiply" array index by sizeof(BF_LONG) - * in order to calculate the effective address. This implementation - * excuses CPU from this extra work. Power[PC] uses should have most - * fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely - * rlwinm. So let'em double-check if their compiler does it. - */ - -#define BF_ENC(LL,R,S,P) ( \ - LL^=P, \ - LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \ - *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \ - *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \ - *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M))) \ - ) -#else - -/* - * This is a *generic* version. Seem to perform best on platforms that - * offer explicit support for extraction of 8-bit nibbles preferably - * complemented with "multiplying" of array index by sizeof(BF_LONG). - * For the moment of this writing the list comprises Alpha CPU featuring - * extbl and s[48]addq instructions. - */ - -#define BF_ENC(LL,R,S,P) ( \ - LL^=P, \ - LL^=((( S[ ((int)(R>>24)&0xff)] + \ - S[0x0100+((int)(R>>16)&0xff)])^ \ - S[0x0200+((int)(R>> 8)&0xff)])+ \ - S[0x0300+((int)(R )&0xff)])&0xffffffffL \ - ) -#endif - -#endif diff --git a/src/libcrypto/libblowfish/bf_pi.h b/src/libcrypto/libblowfish/bf_pi.h deleted file mode 100644 index 9949513c6..000000000 --- a/src/libcrypto/libblowfish/bf_pi.h +++ /dev/null @@ -1,325 +0,0 @@ -/* crypto/bf/bf_pi.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -static const BF_KEY bf_init= { - { - 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L, - 0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L, - 0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL, - 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L, - 0x9216d5d9L, 0x8979fb1b - },{ - 0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L, - 0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L, - 0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L, - 0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL, - 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL, - 0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L, - 0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL, - 0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL, - 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L, - 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L, - 0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL, - 0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL, - 0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL, - 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L, - 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L, - 0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L, - 0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L, - 0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L, - 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL, - 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L, - 0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L, - 0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L, - 0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L, - 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL, - 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L, - 0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL, - 0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL, - 0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L, - 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL, - 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L, - 0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL, - 0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L, - 0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L, - 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL, - 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L, - 0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L, - 0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL, - 0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L, - 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL, - 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L, - 0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L, - 0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL, - 0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L, - 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L, - 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L, - 0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L, - 0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L, - 0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL, - 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL, - 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L, - 0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L, - 0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L, - 0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L, - 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL, - 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L, - 0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL, - 0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL, - 0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L, - 0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L, - 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L, - 0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L, - 0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L, - 0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L, - 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL, - 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L, - 0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L, - 0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L, - 0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL, - 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L, - 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L, - 0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL, - 0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L, - 0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L, - 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L, - 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL, - 0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL, - 0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L, - 0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L, - 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L, - 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L, - 0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL, - 0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL, - 0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL, - 0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L, - 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL, - 0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L, - 0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L, - 0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL, - 0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL, - 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L, - 0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL, - 0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L, - 0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL, - 0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL, - 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L, - 0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L, - 0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L, - 0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L, - 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L, - 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L, - 0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L, - 0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL, - 0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L, - 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL, - 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L, - 0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L, - 0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L, - 0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L, - 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L, - 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L, - 0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L, - 0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L, - 0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L, - 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L, - 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L, - 0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L, - 0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L, - 0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L, - 0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L, - 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L, - 0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL, - 0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL, - 0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L, - 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL, - 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L, - 0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L, - 0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L, - 0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L, - 0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L, - 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L, - 0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL, - 0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L, - 0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L, - 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L, - 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL, - 0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL, - 0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL, - 0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L, - 0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L, - 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL, - 0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L, - 0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL, - 0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L, - 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL, - 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L, - 0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL, - 0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L, - 0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL, - 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L, - 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L, - 0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL, - 0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L, - 0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L, - 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L, - 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L, - 0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL, - 0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L, - 0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL, - 0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L, - 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL, - 0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L, - 0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL, - 0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL, - 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL, - 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L, - 0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L, - 0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL, - 0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL, - 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL, - 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL, - 0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL, - 0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L, - 0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L, - 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L, - 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L, - 0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL, - 0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL, - 0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L, - 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L, - 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L, - 0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L, - 0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L, - 0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L, - 0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L, - 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L, - 0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L, - 0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L, - 0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL, - 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L, - 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL, - 0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L, - 0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L, - 0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL, - 0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL, - 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL, - 0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L, - 0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L, - 0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L, - 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L, - 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L, - 0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L, - 0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L, - 0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L, - 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L, - 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L, - 0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L, - 0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L, - 0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL, - 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL, - 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L, - 0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL, - 0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL, - 0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL, - 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L, - 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL, - 0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL, - 0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L, - 0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L, - 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L, - 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L, - 0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL, - 0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL, - 0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L, - 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L, - 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L, - 0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL, - 0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L, - 0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L, - 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L, - 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL, - 0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L, - 0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L, - 0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L, - 0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL, - 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL, - 0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L, - 0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L, - 0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L, - 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L, - 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL, - 0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L, - 0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL, - 0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL, - 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L, - 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L, - 0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL, - 0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L, - 0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL, - 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L, - 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL, - 0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L, - 0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L, - 0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL, - 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L, - 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL, - 0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L, - } - }; - diff --git a/src/libcrypto/libblowfish/bf_skey.c b/src/libcrypto/libblowfish/bf_skey.c deleted file mode 100644 index 8cdbbd283..000000000 --- a/src/libcrypto/libblowfish/bf_skey.c +++ /dev/null @@ -1,122 +0,0 @@ -/* crypto/bf/bf_skey.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifdef __KERNEL__ -#include <linux/types.h> -#include <linux/string.h> -#else -#include <stdio.h> -#include <string.h> -#endif - -#include "blowfish.h" -#include "bf_locl.h" -#include "bf_pi.h" - -void BF_set_key(BF_KEY *key, int len, const unsigned char *data) - { - int i; - BF_LONG *p,ri,in[2]; - const unsigned char *d,*end; - - - memcpy((char *)key,(const char *)&bf_init,sizeof(BF_KEY)); - p=key->P; - - if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4; - - d=data; - end= &(data[len]); - for (i=0; i<(BF_ROUNDS+2); i++) - { - ri= *(d++); - if (d >= end) d=data; - - ri<<=8; - ri|= *(d++); - if (d >= end) d=data; - - ri<<=8; - ri|= *(d++); - if (d >= end) d=data; - - ri<<=8; - ri|= *(d++); - if (d >= end) d=data; - - p[i]^=ri; - } - - in[0]=0L; - in[1]=0L; - for (i=0; i<(BF_ROUNDS+2); i+=2) - { - BF_encrypt(in,key); - p[i ]=in[0]; - p[i+1]=in[1]; - } - - p=key->S; - for (i=0; i<4*256; i+=2) - { - BF_encrypt(in,key); - p[i ]=in[0]; - p[i+1]=in[1]; - } - } - diff --git a/src/libcrypto/libblowfish/blowfish.h b/src/libcrypto/libblowfish/blowfish.h deleted file mode 100644 index ccb97e272..000000000 --- a/src/libcrypto/libblowfish/blowfish.h +++ /dev/null @@ -1,133 +0,0 @@ -/* crypto/bf/blowfish.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BLOWFISH_H -#define HEADER_BLOWFISH_H - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef NO_BF -#error BF is disabled. -#endif - -#define BF_ENCRYPT 1 -#define BF_DECRYPT 0 - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! BF_LONG has to be at least 32 bits wide. If it's wider, then ! - * ! BF_LONG_LOG2 has to be defined along. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#if defined(WIN16) || defined(__LP32__) -#define BF_LONG unsigned long -#elif defined(_CRAY) || defined(__ILP64__) -#define BF_LONG unsigned long -#define BF_LONG_LOG2 3 -#endif -/* - * _CRAY note. I could declare short, but I have no idea what impact - * does it have on performance on none-T3E machines. I could declare - * int, but at least on C90 sizeof(int) can be chosen at compile time. - * So I've chosen long... - * <appro@fy.chalmers.se> - */ - -/* des.h-like hack <jjo-ipsec@mendoza.gov.ar> */ -#ifndef BF_LONG -#ifdef __KERNEL__ -#include <linux/types.h> -#else -#include <sys/types.h> -#endif -#define BF_LONG u_int32_t -#endif - -#define BF_ROUNDS 16 -#define BF_BLOCK 8 - -typedef struct bf_key_st - { - BF_LONG P[BF_ROUNDS+2]; - BF_LONG S[4*256]; - } BF_KEY; - - -void BF_set_key(BF_KEY *key, int len, const unsigned char *data); - -void BF_encrypt(BF_LONG *data,const BF_KEY *key); -void BF_decrypt(BF_LONG *data,const BF_KEY *key); - -void BF_ecb_encrypt(const unsigned char *in, unsigned char *out, - const BF_KEY *key, int enc); -void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int enc); -void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num, int enc); -void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num); -const char *BF_options(void); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/libcrypto/libdes/COPYRIGHT b/src/libcrypto/libdes/COPYRIGHT deleted file mode 100644 index 5469e1e46..000000000 --- a/src/libcrypto/libdes/COPYRIGHT +++ /dev/null @@ -1,50 +0,0 @@ -Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) -All rights reserved. - -This package is an DES implementation written by Eric Young (eay@cryptsoft.com). -The implementation was written so as to conform with MIT's libdes. - -This library is free for commercial and non-commercial use as long as -the following conditions are aheared to. The following conditions -apply to all code found in this distribution. - -Copyright remains Eric Young's, and as such any Copyright notices in -the code are not to be removed. -If this package is used in a product, Eric Young should be given attribution -as the author of that the SSL library. This can be in the form of a textual -message at program startup or in documentation (online or textual) provided -with the package. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. -3. All advertising materials mentioning features or use of this software - must display the following acknowledgement: - This product includes software developed by Eric Young (eay@cryptsoft.com) - -THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -The license and distribution terms for any publically available version or -derivative of this code cannot be changed. i.e. this code cannot simply be -copied and put under another distrubution license -[including the GNU Public License.] - -The reason behind this being stated in this direct manner is past -experience in code simply being copied and the attribution removed -from it and then being distributed as part of other packages. This -implementation was a non-trivial and unpaid effort. diff --git a/src/libcrypto/libdes/README b/src/libcrypto/libdes/README deleted file mode 100644 index 621a5ab46..000000000 --- a/src/libcrypto/libdes/README +++ /dev/null @@ -1,54 +0,0 @@ - - libdes, Version 4.01 10-Jan-97 - - Copyright (c) 1997, Eric Young - All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms specified in COPYRIGHT. - --- -The primary ftp site for this library is -ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz -libdes is now also shipped with SSLeay. Primary ftp site of -ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz - -The best way to build this library is to build it as part of SSLeay. - -This kit builds a DES encryption library and a DES encryption program. -It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb, -triple cfb, desx, and MIT's pcbc encryption modes and also has a fast -implementation of crypt(3). -It contains support routines to read keys from a terminal, -generate a random key, generate a key from an arbitrary length string, -read/write encrypted data from/to a file descriptor. - -The implementation was written so as to conform with the manual entry -for the des_crypt(3) library routines from MIT's project Athena. - -destest should be run after compilation to test the des routines. -rpw should be run after compilation to test the read password routines. -The des program is a replacement for the sun des command. I believe it -conforms to the sun version. - -The Imakefile is setup for use in the kerberos distribution. - -These routines are best compiled with gcc or any other good -optimising compiler. -Just turn you optimiser up to the highest settings and run destest -after the build to make sure everything works. - -I believe these routines are close to the fastest and most portable DES -routines that use small lookup tables (4.5k) that are publicly available. -The fcrypt routine is faster than ufc's fcrypt (when compiling with -gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines -(on a sun3/260 168 vs 336). It is a function of CPU on chip cache size. -[ 10-Jan-97 and a function of an incorrect speed testing program in - ufc which gave much better test figures that reality ]. - -It is worth noting that on sparc and Alpha CPUs, performance of the DES -library can vary by upto %10 due to the positioning of files after application -linkage. - -Eric Young (eay@cryptsoft.com) - diff --git a/src/libcrypto/libdes/README.freeswan b/src/libcrypto/libdes/README.freeswan deleted file mode 100644 index 589f01059..000000000 --- a/src/libcrypto/libdes/README.freeswan +++ /dev/null @@ -1,31 +0,0 @@ -The only changes the FreeS/WAN project has made to libdes-lite 4.04b are: - -We #ifdef-ed the declaration of DES_LONG in des.h, so it's more efficient -on the Alpha, instead of just noting the issue in a comment. - -We #ifdef-ed out the des_options() function in ecb_enc.c, because we don't -use it, and its call to sprintf() can cause subtle difficulties when KLIPS -is built as a module (depending on details of Linux configuration options). - -We changed some instances of CC=$(CC) in the Makefile to CC='$(CC)' to make -it cope better with Linux kernel Makefile stupidities, and took out an -explicit CC=gcc (unwise on systems with strange compilers). - -We deleted some references to <stdio.h> and <stdlib.h>, and a declaration -of one function found only in the full libdes (not in libdes-lite), to -avoid dragging in bits of stdio/stdlib unnecessarily. (Our thanks to Hans -Schultz for spotting this and pointing out the fixes.) - -We deleted a couple of .obj files in the asm subdirectory, which appear to -have been included in the original library by accident. - -We have added an include of our Makefile.inc file, to permit overriding -things like choice of compiler (although the libdes Makefile would -probably need some work to make this effective). - - - -Note that Eric Young is no longer at the email address listed in these -files, and is (alas) no longer working on free crypto software. - - diff --git a/src/libcrypto/libdes/VERSION b/src/libcrypto/libdes/VERSION deleted file mode 100644 index 345035195..000000000 --- a/src/libcrypto/libdes/VERSION +++ /dev/null @@ -1,406 +0,0 @@ -Version 4.04 - Fixed a few tests in destest. Also added x86 assember for - des_ncbc_encrypt() which is the standard cbc mode function. - This makes a very very large performace difference. - Ariel Glenn ariel@columbia.edu reports that the terminal - 'turn echo off' can return (errno == EINVAL) under solaris - when redirection is used. So I now catch that as well as ENOTTY. - - -Version 4.03 - Left a static out of enc_write.c, which caused to buffer to be - continiously malloc()ed. Does anyone use these functions? I keep - on feeling like removing them since I only had these in there - for a version of kerberised login. Anyway, this was pointed out - by Theo de Raadt <deraadt@cvs.openbsd.org> - The 'n' bit ofb code was wrong, it was not shifting the shift - register. It worked correctly for n == 64. Thanks to - Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out. - -Version 4.02 - I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)' - when checking for weak keys which is wrong :-(, pointed out by - Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>. - -Version 4.01 - Even faster inner loop in the DES assembler for x86 and a modification - for IP/FP which is faster on x86. Both of these changes are - from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. His - changes make the assembler run %40 faster on a pentium. This is just - a case of getting the instruction sequence 'just right'. - All credit to 'Svend' :-) - Quite a few special x86 'make' targets. - A libdes-l (lite) distribution. - -Version 4.00 - After a bit of a pause, I'll up the major version number since this - is mostly a performace release. I've added x86 assembler and - added more options for performance. A %28 speedup for gcc - on a pentium and the assembler is a %50 speedup. - MIPS CPU's, sparc and Alpha are the main CPU's with speedups. - Run des_opts to work out which options should be used. - DES_RISC1/DES_RISC2 use alternative inner loops which use - more registers but should give speedups on any CPU that does - dual issue (pentium). DES_UNROLL unrolls the inner loop, - which costs in code size. - -Version 3.26 - I've finally removed one of the shifts in D_ENCRYPT. This - meant I've changed the des_SPtrans table (spr.h), the set_key() - function and some things in des_enc.c. This has definitly - made things faster :-). I've known about this one for some - time but I've been too lazy to follow it up :-). - Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^.. - instead of L^=((..)|(..)|(..).. This should save a register at - least. - Assember for x86. The file to replace is des_enc.c, which is replaced - by one of the assembler files found in asm. Look at des/asm/readme - for more info. - - /* Modification to fcrypt so it can be compiled to support - HPUX 10.x's long password format, define -DLONGCRYPT to use this. - Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */ - - SIGWINCH case put in des_read_passwd() so the function does not - 'exit' if this function is recieved. - -Version 3.25 17/07/96 - Modified read_pwd.c so that stdin can be read if not a tty. - Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches. - des_init_random_number_generator() shortened due to VMS linker - limits. - Added RSA's DESX cbc mode. It is a form of cbc encryption, with 2 - 8 byte quantites xored before and after encryption. - des_xcbc_encryption() - the name is funny to preserve the des_ - prefix on all functions. - -Version 3.24 20/04/96 - The DES_PTR macro option checked and used by SSLeay configuration - -Version 3.23 11/04/96 - Added DES_LONG. If defined to 'unsigned int' on the DEC Alpha, - it gives a %20 speedup :-) - Fixed the problem with des.pl under perl5. The patches were - sent by Ed Kubaitis (ejk@uiuc.edu). - if fcrypt.c, changed values to handle illegal salt values the way - normal crypt() implementations do. Some programs apparently use - them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se> - -Version 3.22 29/11/95 - Bug in des(1), an error with the uuencoding stuff when the - 'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au> - for the patch. - -Version 3.21 22/11/95 - After some emailing back and forth with - Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things - and in a future version I will probably put in some of the - optimisation he suggested for use with the DES_USE_PTR option. - Extra routines from Mark Murray <mark@grondar.za> for use in - freeBSD. They mostly involve random number generation for use - with kerberos. They involve evil machine specific system calls - etc so I would normally suggest pushing this stuff into the - application and/or using RAND_seed()/RAND_bytes() if you are - using this DES library as part of SSLeay. - Redone the read_pw() function so that it is cleaner and - supports termios, thanks to Sameer Parekh <sameer@c2.org> - for the initial patches for this. - Renamed 3ecb_encrypt() to ecb3_encrypt(). This has been - done just to make things more consistent. - I have also now added triple DES versions of cfb and ofb. - -Version 3.20 - Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com, - my des_random_seed() function was only copying 4 bytes of the - passed seed into the init structure. It is now fixed to copy 8. - My own suggestion is to used something like MD5 :-) - -Version 3.19 - While looking at my code one day, I though, why do I keep on - calling des_encrypt(in,out,ks,enc) when every function that - calls it has in and out the same. So I dropped the 'out' - parameter, people should not be using this function. - -Version 3.18 30/08/95 - Fixed a few bit with the distribution and the filenames. - 3.17 had been munged via a move to DOS and back again. - NO CODE CHANGES - -Version 3.17 14/07/95 - Fixed ede3 cbc which I had broken in 3.16. I have also - removed some unneeded variables in 7-8 of the routines. - -Version 3.16 26/06/95 - Added des_encrypt2() which does not use IP/FP, used by triple - des routines. Tweaked things a bit elsewhere. %13 speedup on - sparc and %6 on a R4400 for ede3 cbc mode. - -Version 3.15 06/06/95 - Added des_ncbc_encrypt(), it is des_cbc mode except that it is - 'normal' and copies the new iv value back over the top of the - passed parameter. - CHANGED des_ede3_cbc_encrypt() so that it too now overwrites - the iv. THIS WILL BREAK EXISTING CODE, but since this function - only new, I feel I can change it, not so with des_cbc_encrypt :-(. - I need to update the documentation. - -Version 3.14 31/05/95 - New release upon the world, as part of my SSL implementation. - New copyright and usage stuff. Basically free for all to use - as long as you say it came from me :-) - -Version 3.13 31/05/95 - A fix in speed.c, if HZ is not defined, I set it to 100.0 - which is reasonable for most unixes except SunOS 4.x. - I now have a #ifdef sun but timing for SunOS 4.x looked very - good :-(. At my last job where I used SunOS 4.x, it was - defined to be 60.0 (look at the old INSTALL documentation), at - the last release had it changed to 100.0 since I now work with - Solaris2 and SVR4 boxes. - Thanks to Rory Chisholm <rchishol@math.ethz.ch> for pointing this - one out. - -Version 3.12 08/05/95 - As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>, - my D_ENCRYPT macro in crypt() had an un-necessary variable. - It has been removed. - -Version 3.11 03/05/95 - Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys - and one iv. It is a standard and I needed it for my SSL code. - It makes more sense to use this for triple DES than - 3cbc_encrypt(). I have also added (or should I say tested :-) - cfb64_encrypt() which is cfb64 but it will encrypt a partial - number of bytes - 3 bytes in 3 bytes out. Again this is for - my SSL library, as a form of encryption to use with SSL - telnet. - -Version 3.10 22/03/95 - Fixed a bug in 3cbc_encrypt() :-(. When making repeated calls - to cbc3_encrypt, the 2 iv values that were being returned to - be used in the next call were reversed :-(. - Many thanks to Bill Wade <wade@Stoner.COM> for pointing out - this error. - -Version 3.09 01/02/95 - Fixed des_random_key to far more random, it was rather feeble - with regards to picking the initial seed. The problem was - pointed out by Olaf Kirch <okir@monad.swb.de>. - -Version 3.08 14/12/94 - Added Makefile.PL so libdes can be built into perl5. - Changed des_locl.h so RAND is always defined. - -Version 3.07 05/12/94 - Added GNUmake and stuff so the library can be build with - glibc. - -Version 3.06 30/08/94 - Added rpc_enc.c which contains _des_crypt. This is for use in - secure_rpc v 4.0 - Finally fixed the cfb_enc problems. - Fixed a few parameter parsing bugs in des (-3 and -b), thanks - to Rob McMillan <R.McMillan@its.gu.edu.au> - -Version 3.05 21/04/94 - for unsigned long l; gcc does not produce ((l>>34) == 0) - This causes bugs in cfb_enc. - Thanks to Hadmut Danisch <danisch@ira.uka.de> - -Version 3.04 20/04/94 - Added a version number to des.c and libdes.a - -Version 3.03 12/01/94 - Fixed a bug in non zero iv in 3cbc_enc. - -Version 3.02 29/10/93 - I now work in a place where there are 6+ architectures and 14+ - OS versions :-). - Fixed TERMIO definition so the most sys V boxes will work :-) - -Release upon comp.sources.misc -Version 3.01 08/10/93 - Added des_3cbc_encrypt() - -Version 3.00 07/10/93 - Fixed up documentation. - quad_cksum definitely compatible with MIT's now. - -Version 2.30 24/08/93 - Triple DES now defaults to triple cbc but can do triple ecb - with the -b flag. - Fixed some MSDOS uuen/uudecoding problems, thanks to - Added prototypes. - -Version 2.22 29/06/93 - Fixed a bug in des_is_weak_key() which stopped it working :-( - thanks to engineering@MorningStar.Com. - -Version 2.21 03/06/93 - des(1) with no arguments gives quite a bit of help. - Added -c (generate ckecksum) flag to des(1). - Added -3 (triple DES) flag to des(1). - Added cfb and ofb routines to the library. - -Version 2.20 11/03/93 - Added -u (uuencode) flag to des(1). - I have been playing with byte order in quad_cksum to make it - compatible with MIT's version. All I can say is avid this - function if possible since MIT's output is endian dependent. - -Version 2.12 14/10/92 - Added MSDOS specific macro in ecb_encrypt which gives a %70 - speed up when the code is compiled with turbo C. - -Version 2.11 12/10/92 - Speedup in set_key (recoding of PC-1) - I now do it in 47 simple operations, down from 60. - Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov) - for motivating me to look for a faster system :-) - The speedup is probably less that 1% but it is still 13 - instructions less :-). - -Version 2.10 06/10/92 - The code now works on the 64bit ETA10 and CRAY without modifications or - #defines. I believe the code should work on any machine that - defines long, int or short to be 8 bytes long. - Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu) - for helping me fix the code to run on 64bit machines (he had - access to an ETA10). - Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov> - for testing the routines on a CRAY. - read_password.c has been renamed to read_passwd.c - string_to_key.c has been renamed to string2key.c - -Version 2.00 14/09/92 - Made mods so that the library should work on 64bit CPU's. - Removed all my uchar and ulong defs. To many different - versions of unix define them in their header files in too many - different combinations :-) - IRIX - Sillicon Graphics mods (mostly in read_password.c). - Thanks to Andrew Daviel (advax@erich.triumf.ca) - -Version 1.99 26/08/92 - Fixed a bug or 2 in enc_read.c - Fixed a bug in enc_write.c - Fixed a pseudo bug in fcrypt.c (very obscure). - -Version 1.98 31/07/92 - Support for the ETA10. This is a strange machine that defines - longs and ints as 8 bytes and shorts as 4 bytes. - Since I do evil things with long * that assume that they are 4 - bytes. Look in the Makefile for the option to compile for - this machine. quad_cksum appears to have problems but I - will don't have the time to fix it right now, and this is not - a function that uses DES and so will not effect the main uses - of the library. - -Version 1.97 20/05/92 eay - Fixed the Imakefile and made some changes to des.h to fix some - problems when building this package with Kerberos v 4. - -Version 1.96 18/05/92 eay - Fixed a small bug in string_to_key() where problems could - occur if des_check_key was set to true and the string - generated a weak key. - -Patch2 posted to comp.sources.misc -Version 1.95 13/05/92 eay - Added an alternative version of the D_ENCRYPT macro in - ecb_encrypt and fcrypt. Depending on the compiler, one version or the - other will be faster. This was inspired by - Dana How <how@isl.stanford.edu>, and her pointers about doing the - *(ulong *)((uchar *)ptr+(value&0xfc)) - vs - ptr[value&0x3f] - to stop the C compiler doing a <<2 to convert the long array index. - -Version 1.94 05/05/92 eay - Fixed an incompatibility between my string_to_key and the MIT - version. When the key is longer than 8 chars, I was wrapping - with a different method. To use the old version, define - OLD_STR_TO_KEY in the makefile. Thanks to - viktor@newsu.shearson.com (Viktor Dukhovni). - -Version 1.93 28/04/92 eay - Fixed the VMS mods so that echo is now turned off in - read_password. Thanks again to brennan@coco.cchs.su.oz.AU. - MSDOS support added. The routines can be compiled with - Turbo C (v2.0) and MSC (v5.1). Make sure MSDOS is defined. - -Patch1 posted to comp.sources.misc -Version 1.92 13/04/92 eay - Changed D_ENCRYPT so that the rotation of R occurs outside of - the loop. This required rotating all the longs in sp.h (now - called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM> - speed.c has been changed so it will work without SIGALRM. If - times(3) is not present it will try to use ftime() instead. - -Version 1.91 08/04/92 eay - Added -E/-D options to des(1) so it can use string_to_key. - Added SVR4 mods suggested by witr@rwwa.COM - Added VMS mods suggested by brennan@coco.cchs.su.oz.AU. If - anyone knows how to turn of tty echo in VMS please tell me or - implement it yourself :-). - Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS - does not like IN/OUT being used. - -Libdes posted to comp.sources.misc -Version 1.9 24/03/92 eay - Now contains a fast small crypt replacement. - Added des(1) command. - Added des_rw_mode so people can use cbc encryption with - enc_read and enc_write. - -Version 1.8 15/10/91 eay - Bug in cbc_cksum. - Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this - one out. - -Version 1.7 24/09/91 eay - Fixed set_key :-) - set_key is 4 times faster and takes less space. - There are a few minor changes that could be made. - -Version 1.6 19/09/1991 eay - Finally go IP and FP finished. - Now I need to fix set_key. - This version is quite a bit faster that 1.51 - -Version 1.52 15/06/1991 eay - 20% speedup in ecb_encrypt by changing the E bit selection - to use 2 32bit words. This also required modification of the - sp table. There is still a way to speedup the IP and IP-1 - (hints from outer@sq.com) still working on this one :-(. - -Version 1.51 07/06/1991 eay - Faster des_encrypt by loop unrolling - Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu) - -Version 1.50 28/05/1991 eay - Optimised the code a bit more for the sparc. I have improved the - speed of the inner des_encrypt by speeding up the initial and - final permutations. - -Version 1.40 23/10/1990 eay - Fixed des_random_key, it did not produce a random key :-( - -Version 1.30 2/10/1990 eay - Have made des_quad_cksum the same as MIT's, the full package - should be compatible with MIT's - Have tested on a DECstation 3100 - Still need to fix des_set_key (make it faster). - Does des_cbc_encrypts at 70.5k/sec on a 3100. - -Version 1.20 18/09/1990 eay - Fixed byte order dependencies. - Fixed (I hope) all the word alignment problems. - Speedup in des_ecb_encrypt. - -Version 1.10 11/09/1990 eay - Added des_enc_read and des_enc_write. - Still need to fix des_quad_cksum. - Still need to document des_enc_read and des_enc_write. - -Version 1.00 27/08/1990 eay - diff --git a/src/libcrypto/libdes/asm/crypt586.pl b/src/libcrypto/libdes/asm/crypt586.pl deleted file mode 100644 index 297e38dec..000000000 --- a/src/libcrypto/libdes/asm/crypt586.pl +++ /dev/null @@ -1,204 +0,0 @@ -#!/usr/bin/perl -# -# The inner loop instruction sequence and the IP/FP modifications are from -# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> -# I've added the stuff needed for crypt() but I've not worried about making -# things perfect. -# - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"crypt586.pl"); - -$L="edi"; -$R="esi"; - -&external_label("des_SPtrans"); -&fcrypt_body("fcrypt_body"); -&asm_finish(); - -sub fcrypt_body - { - local($name,$do_ip)=@_; - - &function_begin($name,"EXTRN _des_SPtrans:DWORD"); - - &comment(""); - &comment("Load the 2 words"); - $ks="ebp"; - - &xor( $L, $L); - &xor( $R, $R); - &mov($ks,&wparam(1)); - - &push(25); # add a variable - - &set_label("start"); - for ($i=0; $i<16; $i+=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - } - &mov("ebx", &swtmp(0)); - &mov("eax", $L); - &dec("ebx"); - &mov($L, $R); - &mov($R, "eax"); - &mov(&swtmp(0), "ebx"); - &jnz(&label("start")); - - &comment(""); - &comment("FP"); - &mov("edx",&wparam(0)); - - &FP_new($R,$L,"eax",3); - &mov(&DWP(0,"edx","",0),"eax"); - &mov(&DWP(4,"edx","",0),$L); - - &pop("ecx"); # remove variable - - &function_end($name); - } - -sub D_ENCRYPT - { - local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_; - - &mov( $u, &wparam(2)); # 2 - &mov( $t, $R); - &shr( $t, 16); # 1 - &mov( $tmp2, &wparam(3)); # 2 - &xor( $t, $R); # 1 - - &and( $u, $t); # 2 - &and( $t, $tmp2); # 2 - - &mov( $tmp1, $u); - &shl( $tmp1, 16); # 1 - &mov( $tmp2, $t); - &shl( $tmp2, 16); # 1 - &xor( $u, $tmp1); # 2 - &xor( $t, $tmp2); # 2 - &mov( $tmp1, &DWP(&n2a($S*4),$ks,"",0)); # 2 - &xor( $u, $tmp1); - &mov( $tmp2, &DWP(&n2a(($S+1)*4),$ks,"",0)); # 2 - &xor( $u, $R); - &xor( $t, $R); - &xor( $t, $tmp2); - - &and( $u, "0xfcfcfcfc" ); # 2 - &xor( $tmp1, $tmp1); # 1 - &and( $t, "0xcfcfcfcf" ); # 2 - &xor( $tmp2, $tmp2); - &movb( &LB($tmp1), &LB($u) ); - &movb( &LB($tmp2), &HB($u) ); - &rotr( $t, 4 ); - &mov( $ks, &DWP(" $desSP",$tmp1,"",0)); - &movb( &LB($tmp1), &LB($t) ); - &xor( $L, $ks); - &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0)); - &xor( $L, $ks); - &movb( &LB($tmp2), &HB($t) ); - &shr( $u, 16); - &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0)); - &xor( $L, $ks); - &movb( &LB($tmp1), &HB($u) ); - &shr( $t, 16); - &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0)); - &xor( $L, $ks); - &mov( $ks, &wparam(1)); - &movb( &LB($tmp2), &HB($t) ); - &and( $u, "0xff" ); - &and( $t, "0xff" ); - &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0)); - &xor( $L, $tmp1); - } - -sub n2a - { - sprintf("%d",$_[0]); - } - -# now has a side affect of rotating $a by $shift -sub R_PERM_OP - { - local($a,$b,$tt,$shift,$mask,$last)=@_; - - &rotl( $a, $shift ) if ($shift != 0); - &mov( $tt, $a ); - &xor( $a, $b ); - &and( $a, $mask ); - if ($notlast eq $b) - { - &xor( $b, $a ); - &xor( $tt, $a ); - } - else - { - &xor( $tt, $a ); - &xor( $b, $a ); - } - &comment(""); - } - -sub IP_new - { - local($l,$r,$tt,$lr)=@_; - - &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l); - &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r); - &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r); - - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotr($tt, 3-$lr); } - else { &rotl($tt, $lr-3); } - } - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotr($r, 2-$lr); } - else { &rotl($r, $lr-2); } - } - } - -sub FP_new - { - local($l,$r,$tt,$lr)=@_; - - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotl($r, 2-$lr); } - else { &rotr($r, $lr-2); } - } - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotl($l, 3-$lr); } - else { &rotr($l, $lr-3); } - } - - &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r); - &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l); - &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r); - &rotr($tt , 4); - } - diff --git a/src/libcrypto/libdes/asm/des-586.pl b/src/libcrypto/libdes/asm/des-586.pl deleted file mode 100644 index 7f2e09fa7..000000000 --- a/src/libcrypto/libdes/asm/des-586.pl +++ /dev/null @@ -1,251 +0,0 @@ -#!/usr/bin/perl -# -# The inner loop instruction sequence and the IP/FP modifications are from -# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> -# - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; -require "cbc.pl"; -require "desboth.pl"; - -# base code is in microsft -# op dest, source -# format. -# - -&asm_init($ARGV[0],"des-586.pl"); - -$L="edi"; -$R="esi"; - -&external_label("des_SPtrans"); -&des_encrypt("des_encrypt",1); -&des_encrypt("des_encrypt2",0); -&des_encrypt3("des_encrypt3",1); -&des_encrypt3("des_decrypt3",0); -&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1); -&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5); - -&asm_finish(); - -sub des_encrypt - { - local($name,$do_ip)=@_; - - &function_begin_B($name,"EXTRN _des_SPtrans:DWORD"); - - &push("esi"); - &push("edi"); - - &comment(""); - &comment("Load the 2 words"); - $ks="ebp"; - - if ($do_ip) - { - &mov($R,&wparam(0)); - &xor( "ecx", "ecx" ); - - &push("ebx"); - &push("ebp"); - - &mov("eax",&DWP(0,$R,"",0)); - &mov("ebx",&wparam(2)); # get encrypt flag - &mov($L,&DWP(4,$R,"",0)); - &comment(""); - &comment("IP"); - &IP_new("eax",$L,$R,3); - } - else - { - &mov("eax",&wparam(0)); - &xor( "ecx", "ecx" ); - - &push("ebx"); - &push("ebp"); - - &mov($R,&DWP(0,"eax","",0)); - &mov("ebx",&wparam(2)); # get encrypt flag - &rotl($R,3); - &mov($L,&DWP(4,"eax","",0)); - &rotl($L,3); - } - - &mov( $ks, &wparam(1) ); - &cmp("ebx","0"); - &je(&label("start_decrypt")); - - for ($i=0; $i<16; $i+=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - } - &jmp(&label("end")); - - &set_label("start_decrypt"); - - for ($i=15; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - } - - &set_label("end"); - - if ($do_ip) - { - &comment(""); - &comment("FP"); - &mov("edx",&wparam(0)); - &FP_new($L,$R,"eax",3); - - &mov(&DWP(0,"edx","",0),"eax"); - &mov(&DWP(4,"edx","",0),$R); - } - else - { - &comment(""); - &comment("Fixup"); - &rotr($L,3); # r - &mov("eax",&wparam(0)); - &rotr($R,3); # l - &mov(&DWP(0,"eax","",0),$L); - &mov(&DWP(4,"eax","",0),$R); - } - - &pop("ebp"); - &pop("ebx"); - &pop("edi"); - &pop("esi"); - &ret(); - - &function_end_B($name); - } - -sub D_ENCRYPT - { - local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_; - - &mov( $u, &DWP(&n2a($S*4),$ks,"",0)); - &xor( $tmp1, $tmp1); - &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0)); - &xor( $u, $R); - &xor( $t, $R); - &and( $u, "0xfcfcfcfc" ); - &and( $t, "0xcfcfcfcf" ); - &movb( &LB($tmp1), &LB($u) ); - &movb( &LB($tmp2), &HB($u) ); - &rotr( $t, 4 ); - &mov( $ks, &DWP(" $desSP",$tmp1,"",0)); - &movb( &LB($tmp1), &LB($t) ); - &xor( $L, $ks); - &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0)); - &xor( $L, $ks); ###### - &movb( &LB($tmp2), &HB($t) ); - &shr( $u, 16); - &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0)); - &xor( $L, $ks); ###### - &movb( &LB($tmp1), &HB($u) ); - &shr( $t, 16); - &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0)); - &xor( $L, $ks); - &mov( $ks, &wparam(1) ); - &movb( &LB($tmp2), &HB($t) ); - &and( $u, "0xff" ); - &and( $t, "0xff" ); - &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0)); - &xor( $L, $tmp1); - } - -sub n2a - { - sprintf("%d",$_[0]); - } - -# now has a side affect of rotating $a by $shift -sub R_PERM_OP - { - local($a,$b,$tt,$shift,$mask,$last)=@_; - - &rotl( $a, $shift ) if ($shift != 0); - &mov( $tt, $a ); - &xor( $a, $b ); - &and( $a, $mask ); - if (!$last eq $b) - { - &xor( $b, $a ); - &xor( $tt, $a ); - } - else - { - &xor( $tt, $a ); - &xor( $b, $a ); - } - &comment(""); - } - -sub IP_new - { - local($l,$r,$tt,$lr)=@_; - - &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l); - &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r); - &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r); - - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotr($tt, 3-$lr); } - else { &rotl($tt, $lr-3); } - } - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotr($r, 2-$lr); } - else { &rotl($r, $lr-2); } - } - } - -sub FP_new - { - local($l,$r,$tt,$lr)=@_; - - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotl($r, 2-$lr); } - else { &rotr($r, $lr-2); } - } - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotl($l, 3-$lr); } - else { &rotr($l, $lr-3); } - } - - &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r); - &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l); - &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r); - &rotr($tt , 4); - } - diff --git a/src/libcrypto/libdes/asm/des686.pl b/src/libcrypto/libdes/asm/des686.pl deleted file mode 100644 index cf1a82fb5..000000000 --- a/src/libcrypto/libdes/asm/des686.pl +++ /dev/null @@ -1,230 +0,0 @@ -#!/usr/bin/perl - -$prog="des686.pl"; - -# base code is in microsft -# op dest, source -# format. -# - -# WILL NOT WORK ANYMORE WITH desboth.pl -require "desboth.pl"; - -if ( ($ARGV[0] eq "elf")) - { require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "a.out")) - { $aout=1; require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "sol")) - { $sol=1; require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "cpp")) - { $cpp=1; require "x86unix.pl"; } -elsif ( ($ARGV[0] eq "win32")) - { require "x86ms.pl"; } -else - { - print STDERR <<"EOF"; -Pick one target type from - elf - linux, FreeBSD etc - a.out - old linux - sol - x86 solaris - cpp - format so x86unix.cpp can be used - win32 - Windows 95/Windows NT -EOF - exit(1); - } - -&comment("Don't even think of reading this code"); -&comment("It was automatically generated by $prog"); -&comment("Which is a perl program used to generate the x86 assember for"); -&comment("any of elf, a.out, Win32, or Solaris"); -&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+"); -&comment("eric <eay\@cryptsoft.com>"); -&comment(""); - -&file("dx86xxxx"); - -$L="edi"; -$R="esi"; - -&des_encrypt("des_encrypt",1); -&des_encrypt("des_encrypt2",0); - -&des_encrypt3("des_encrypt3",1); -&des_encrypt3("des_decrypt3",0); - -&file_end(); - -sub des_encrypt - { - local($name,$do_ip)=@_; - - &function_begin($name,"EXTRN _des_SPtrans:DWORD"); - - &comment(""); - &comment("Load the 2 words"); - &mov("eax",&wparam(0)); - &mov($L,&DWP(0,"eax","",0)); - &mov($R,&DWP(4,"eax","",0)); - - $ksp=&wparam(1); - - if ($do_ip) - { - &comment(""); - &comment("IP"); - &IP_new($L,$R,"eax"); - } - - &comment(""); - &comment("fixup rotate"); - &rotl($R,3); - &rotl($L,3); - &exch($L,$R); - - &comment(""); - &comment("load counter, key_schedule and enc flag"); - &mov("eax",&wparam(2)); # get encrypt flag - &mov("ebp",&wparam(1)); # get ks - &cmp("eax","0"); - &je(&label("start_decrypt")); - - # encrypting part - - for ($i=0; $i<16; $i+=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx"); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &D_ENCRYPT($R,$L,($i+1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx"); - } - &jmp(&label("end")); - - &set_label("start_decrypt"); - - for ($i=15; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx"); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &D_ENCRYPT($R,$L,($i-1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx"); - } - - &set_label("end"); - - &comment(""); - &comment("Fixup"); - &rotr($L,3); # r - &rotr($R,3); # l - - if ($do_ip) - { - &comment(""); - &comment("FP"); - &FP_new($R,$L,"eax"); - } - - &mov("eax",&wparam(0)); - &mov(&DWP(0,"eax","",0),$L); - &mov(&DWP(4,"eax","",0),$R); - - &function_end($name); - } - - -# The logic is to load R into 2 registers and operate on both at the same time. -# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte' -# while also masking the other copy and doing a lookup. We then also accumulate the -# L value in 2 registers then combine them at the end. -sub D_ENCRYPT - { - local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_; - - &mov( $u, &DWP(&n2a($S*4),$ks,"",0)); - &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0)); - &xor( $u, $R ); - &xor( $t, $R ); - &rotr( $t, 4 ); - - # the numbers at the end of the line are origional instruction order - &mov( $tmp2, $u ); # 1 2 - &mov( $tmp1, $t ); # 1 1 - &and( $tmp2, "0xfc" ); # 1 4 - &and( $tmp1, "0xfc" ); # 1 3 - &shr( $t, 8 ); # 1 5 - &xor( $L, &DWP("0x100+$desSP",$tmp1,"",0)); # 1 7 - &shr( $u, 8 ); # 1 6 - &mov( $tmp1, &DWP(" $desSP",$tmp2,"",0)); # 1 8 - - &mov( $tmp2, $u ); # 2 2 - &xor( $L, $tmp1 ); # 1 9 - &and( $tmp2, "0xfc" ); # 2 4 - &mov( $tmp1, $t ); # 2 1 - &and( $tmp1, "0xfc" ); # 2 3 - &shr( $t, 8 ); # 2 5 - &xor( $L, &DWP("0x300+$desSP",$tmp1,"",0)); # 2 7 - &shr( $u, 8 ); # 2 6 - &mov( $tmp1, &DWP("0x200+$desSP",$tmp2,"",0)); # 2 8 - &mov( $tmp2, $u ); # 3 2 - - &xor( $L, $tmp1 ); # 2 9 - &and( $tmp2, "0xfc" ); # 3 4 - - &mov( $tmp1, $t ); # 3 1 - &shr( $u, 8 ); # 3 6 - &and( $tmp1, "0xfc" ); # 3 3 - &shr( $t, 8 ); # 3 5 - &xor( $L, &DWP("0x500+$desSP",$tmp1,"",0)); # 3 7 - &mov( $tmp1, &DWP("0x400+$desSP",$tmp2,"",0)); # 3 8 - - &and( $t, "0xfc" ); # 4 1 - &xor( $L, $tmp1 ); # 3 9 - - &and( $u, "0xfc" ); # 4 2 - &xor( $L, &DWP("0x700+$desSP",$t,"",0)); # 4 3 - &xor( $L, &DWP("0x600+$desSP",$u,"",0)); # 4 4 - } - -sub PERM_OP - { - local($a,$b,$tt,$shift,$mask)=@_; - - &mov( $tt, $a ); - &shr( $tt, $shift ); - &xor( $tt, $b ); - &and( $tt, $mask ); - &xor( $b, $tt ); - &shl( $tt, $shift ); - &xor( $a, $tt ); - } - -sub IP_new - { - local($l,$r,$tt)=@_; - - &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f"); - &PERM_OP($l,$r,$tt,16,"0x0000ffff"); - &PERM_OP($r,$l,$tt, 2,"0x33333333"); - &PERM_OP($l,$r,$tt, 8,"0x00ff00ff"); - &PERM_OP($r,$l,$tt, 1,"0x55555555"); - } - -sub FP_new - { - local($l,$r,$tt)=@_; - - &PERM_OP($l,$r,$tt, 1,"0x55555555"); - &PERM_OP($r,$l,$tt, 8,"0x00ff00ff"); - &PERM_OP($l,$r,$tt, 2,"0x33333333"); - &PERM_OP($r,$l,$tt,16,"0x0000ffff"); - &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f"); - } - -sub n2a - { - sprintf("%d",$_[0]); - } diff --git a/src/libcrypto/libdes/asm/desboth.pl b/src/libcrypto/libdes/asm/desboth.pl deleted file mode 100644 index 8f939953a..000000000 --- a/src/libcrypto/libdes/asm/desboth.pl +++ /dev/null @@ -1,79 +0,0 @@ -#!/usr/bin/perl - -$L="edi"; -$R="esi"; - -sub des_encrypt3 - { - local($name,$enc)=@_; - - &function_begin_B($name,""); - &push("ebx"); - &mov("ebx",&wparam(0)); - - &push("ebp"); - &push("esi"); - - &push("edi"); - - &comment(""); - &comment("Load the data words"); - &mov($L,&DWP(0,"ebx","",0)); - &mov($R,&DWP(4,"ebx","",0)); - &stack_push(3); - - &comment(""); - &comment("IP"); - &IP_new($L,$R,"edx",0); - - # put them back - - if ($enc) - { - &mov(&DWP(4,"ebx","",0),$R); - &mov("eax",&wparam(1)); - &mov(&DWP(0,"ebx","",0),"edx"); - &mov("edi",&wparam(2)); - &mov("esi",&wparam(3)); - } - else - { - &mov(&DWP(4,"ebx","",0),$R); - &mov("esi",&wparam(1)); - &mov(&DWP(0,"ebx","",0),"edx"); - &mov("edi",&wparam(2)); - &mov("eax",&wparam(3)); - } - &mov(&swtmp(2), (($enc)?"1":"0")); - &mov(&swtmp(1), "eax"); - &mov(&swtmp(0), "ebx"); - &call("des_encrypt2"); - &mov(&swtmp(2), (($enc)?"0":"1")); - &mov(&swtmp(1), "edi"); - &mov(&swtmp(0), "ebx"); - &call("des_encrypt2"); - &mov(&swtmp(2), (($enc)?"1":"0")); - &mov(&swtmp(1), "esi"); - &mov(&swtmp(0), "ebx"); - &call("des_encrypt2"); - - &stack_pop(3); - &mov($L,&DWP(0,"ebx","",0)); - &mov($R,&DWP(4,"ebx","",0)); - - &comment(""); - &comment("FP"); - &FP_new($L,$R,"eax",0); - - &mov(&DWP(0,"ebx","",0),"eax"); - &mov(&DWP(4,"ebx","",0),$R); - - &pop("edi"); - &pop("esi"); - &pop("ebp"); - &pop("ebx"); - &ret(); - &function_end_B($name); - } - - diff --git a/src/libcrypto/libdes/asm/perlasm/cbc.pl b/src/libcrypto/libdes/asm/perlasm/cbc.pl deleted file mode 100644 index 278930579..000000000 --- a/src/libcrypto/libdes/asm/perlasm/cbc.pl +++ /dev/null @@ -1,342 +0,0 @@ -#!/usr/bin/perl - -# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc) -# des_cblock (*input); -# des_cblock (*output); -# long length; -# des_key_schedule schedule; -# des_cblock (*ivec); -# int enc; -# -# calls -# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); -# - -#&cbc("des_ncbc_encrypt","des_encrypt",0); -#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt", -# 1,4,5,3,5,-1); -#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt", -# 0,4,5,3,5,-1); -#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3", -# 0,6,7,3,4,5); -# -# When doing a cipher that needs bigendian order, -# for encrypt, the iv is kept in bigendian form, -# while for decrypt, it is kept in little endian. -sub cbc - { - local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_; - # name is the function name - # enc_func and dec_func and the functions to call for encrypt/decrypt - # swap is true if byte order needs to be reversed - # iv_off is parameter number for the iv - # enc_off is parameter number for the encrypt/decrypt flag - # p1,p2,p3 are the offsets for parameters to be passed to the - # underlying calls. - - &function_begin_B($name,""); - &comment(""); - - $in="esi"; - $out="edi"; - $count="ebp"; - - &push("ebp"); - &push("ebx"); - &push("esi"); - &push("edi"); - - $data_off=4; - $data_off+=4 if ($p1 > 0); - $data_off+=4 if ($p2 > 0); - $data_off+=4 if ($p3 > 0); - - &mov($count, &wparam(2)); # length - - &comment("getting iv ptr from parameter $iv_off"); - &mov("ebx", &wparam($iv_off)); # Get iv ptr - - &mov($in, &DWP(0,"ebx","",0));# iv[0] - &mov($out, &DWP(4,"ebx","",0));# iv[1] - - &push($out); - &push($in); - &push($out); # used in decrypt for iv[1] - &push($in); # used in decrypt for iv[0] - - &mov("ebx", "esp"); # This is the address of tin[2] - - &mov($in, &wparam(0)); # in - &mov($out, &wparam(1)); # out - - # We have loaded them all, how lets push things - &comment("getting encrypt flag from parameter $enc_off"); - &mov("ecx", &wparam($enc_off)); # Get enc flag - if ($p3 > 0) - { - &comment("get and push parameter $p3"); - if ($enc_off != $p3) - { &mov("eax", &wparam($p3)); &push("eax"); } - else { &push("ecx"); } - } - if ($p2 > 0) - { - &comment("get and push parameter $p2"); - if ($enc_off != $p2) - { &mov("eax", &wparam($p2)); &push("eax"); } - else { &push("ecx"); } - } - if ($p1 > 0) - { - &comment("get and push parameter $p1"); - if ($enc_off != $p1) - { &mov("eax", &wparam($p1)); &push("eax"); } - else { &push("ecx"); } - } - &push("ebx"); # push data/iv - - &cmp("ecx",0); - &jz(&label("decrypt")); - - &and($count,0xfffffff8); - &mov("eax", &DWP($data_off,"esp","",0)); # load iv[0] - &mov("ebx", &DWP($data_off+4,"esp","",0)); # load iv[1] - - &jz(&label("encrypt_finish")); - - ############################################################# - - &set_label("encrypt_loop"); - # encrypt start - # "eax" and "ebx" hold iv (or the last cipher text) - - &mov("ecx", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("edx", &DWP(4,$in,"",0)); # second 4 bytes - - &xor("eax", "ecx"); - &xor("ebx", "edx"); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($enc_func); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP(0,$out,"",0),"eax"); - &mov(&DWP(4,$out,"",0),"ebx"); - - # eax and ebx are the next iv. - - &add($in, 8); - &add($out, 8); - - &sub($count, 8); - &jnz(&label("encrypt_loop")); - -###################################################################3 - &set_label("encrypt_finish"); - &mov($count, &wparam(2)); # length - &and($count, 7); - &jz(&label("finish")); - &xor("ecx","ecx"); - &xor("edx","edx"); - &mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4)); - &jmp_ptr($count); - -&set_label("ej7"); - &xor("edx", "edx") if $ppro; # ppro friendly - &movb(&HB("edx"), &BP(6,$in,"",0)); - &shl("edx",8); -&set_label("ej6"); - &movb(&HB("edx"), &BP(5,$in,"",0)); -&set_label("ej5"); - &movb(&LB("edx"), &BP(4,$in,"",0)); -&set_label("ej4"); - &mov("ecx", &DWP(0,$in,"",0)); - &jmp(&label("ejend")); -&set_label("ej3"); - &movb(&HB("ecx"), &BP(2,$in,"",0)); - &xor("ecx", "ecx") if $ppro; # ppro friendly - &shl("ecx",8); -&set_label("ej2"); - &movb(&HB("ecx"), &BP(1,$in,"",0)); -&set_label("ej1"); - &movb(&LB("ecx"), &BP(0,$in,"",0)); -&set_label("ejend"); - - &xor("eax", "ecx"); - &xor("ebx", "edx"); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($enc_func); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP(0,$out,"",0),"eax"); - &mov(&DWP(4,$out,"",0),"ebx"); - - &jmp(&label("finish")); - - ############################################################# - ############################################################# - &set_label("decrypt",1); - # decrypt start - &and($count,0xfffffff8); - # The next 2 instructions are only for if the jz is taken - &mov("eax", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("ebx", &DWP($data_off+12,"esp","",0)); # get iv[1] - &jz(&label("decrypt_finish")); - - &set_label("decrypt_loop"); - &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($dec_func); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] - - &xor("ecx", "eax"); - &xor("edx", "ebx"); - - &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, - &mov("ebx", &DWP(4,$in,"",0)); # next iv actually - - &mov(&DWP(0,$out,"",0),"ecx"); - &mov(&DWP(4,$out,"",0),"edx"); - - &mov(&DWP($data_off+8,"esp","",0), "eax"); # save iv - &mov(&DWP($data_off+12,"esp","",0), "ebx"); # - - &add($in, 8); - &add($out, 8); - - &sub($count, 8); - &jnz(&label("decrypt_loop")); -############################ ENDIT #######################3 - &set_label("decrypt_finish"); - &mov($count, &wparam(2)); # length - &and($count, 7); - &jz(&label("finish")); - - &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($dec_func); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] - - &xor("ecx", "eax"); - &xor("edx", "ebx"); - - # this is for when we exit - &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, - &mov("ebx", &DWP(4,$in,"",0)); # next iv actually - -&set_label("dj7"); - &rotr("edx", 16); - &movb(&BP(6,$out,"",0), &LB("edx")); - &shr("edx",16); -&set_label("dj6"); - &movb(&BP(5,$out,"",0), &HB("edx")); -&set_label("dj5"); - &movb(&BP(4,$out,"",0), &LB("edx")); -&set_label("dj4"); - &mov(&DWP(0,$out,"",0), "ecx"); - &jmp(&label("djend")); -&set_label("dj3"); - &rotr("ecx", 16); - &movb(&BP(2,$out,"",0), &LB("ecx")); - &shl("ecx",16); -&set_label("dj2"); - &movb(&BP(1,$in,"",0), &HB("ecx")); -&set_label("dj1"); - &movb(&BP(0,$in,"",0), &LB("ecx")); -&set_label("djend"); - - # final iv is still in eax:ebx - &jmp(&label("finish")); - - -############################ FINISH #######################3 - &set_label("finish",1); - &mov("ecx", &wparam($iv_off)); # Get iv ptr - - ################################################# - $total=16+4; - $total+=4 if ($p1 > 0); - $total+=4 if ($p2 > 0); - $total+=4 if ($p3 > 0); - &add("esp",$total); - - &mov(&DWP(0,"ecx","",0), "eax"); # save iv - &mov(&DWP(4,"ecx","",0), "ebx"); # save iv - - &function_end_A($name); - - &set_label("cbc_enc_jmp_table",1); - &data_word("0"); - &data_word(&label("ej1")); - &data_word(&label("ej2")); - &data_word(&label("ej3")); - &data_word(&label("ej4")); - &data_word(&label("ej5")); - &data_word(&label("ej6")); - &data_word(&label("ej7")); - &set_label("cbc_dec_jmp_table",1); - &data_word("0"); - &data_word(&label("dj1")); - &data_word(&label("dj2")); - &data_word(&label("dj3")); - &data_word(&label("dj4")); - &data_word(&label("dj5")); - &data_word(&label("dj6")); - &data_word(&label("dj7")); - - &function_end_B($name); - - } - -1; diff --git a/src/libcrypto/libdes/asm/perlasm/readme b/src/libcrypto/libdes/asm/perlasm/readme deleted file mode 100644 index f02bbee75..000000000 --- a/src/libcrypto/libdes/asm/perlasm/readme +++ /dev/null @@ -1,124 +0,0 @@ -The perl scripts in this directory are my 'hack' to generate -multiple different assembler formats via the one origional script. - -The way to use this library is to start with adding the path to this directory -and then include it. - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -The first thing we do is setup the file and type of assember - -&asm_init($ARGV[0],$0); - -The first argument is the 'type'. Currently -'cpp', 'sol', 'a.out', 'elf' or 'win32'. -Argument 2 is the file name. - -The reciprocal function is -&asm_finish() which should be called at the end. - -There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler, -and x86unix.pl which is the unix (gas) version. - -Functions of interest are: -&external_label("des_SPtrans"); declare and external variable -&LB(reg); Low byte for a register -&HB(reg); High byte for a register -&BP(off,base,index,scale) Byte pointer addressing -&DWP(off,base,index,scale) Word pointer addressing -&stack_push(num) Basically a 'sub esp, num*4' with extra -&stack_pop(num) inverse of stack_push -&function_begin(name,extra) Start a function with pushing of - edi, esi, ebx and ebp. extra is extra win32 - external info that may be required. -&function_begin_B(name,extra) Same as norma function_begin but no pushing. -&function_end(name) Call at end of function. -&function_end_A(name) Standard pop and ret, for use inside functions -&function_end_B(name) Call at end but with poping or 'ret'. -&swtmp(num) Address on stack temp word. -&wparam(num) Parameter number num, that was push - in C convention. This all works over pushes - and pops. -&comment("hello there") Put in a comment. -&label("loop") Refer to a label, normally a jmp target. -&set_label("loop") Set a label at this point. -&data_word(word) Put in a word of data. - -So how does this all hold together? Given - -int calc(int len, int *data) - { - int i,j=0; - - for (i=0; i<len; i++) - { - j+=other(data[i]); - } - } - -So a very simple version of this function could be coded as - - push(@INC,"perlasm","../../perlasm"); - require "x86asm.pl"; - - &asm_init($ARGV[0],"cacl.pl"); - - &external_label("other"); - - $tmp1= "eax"; - $j= "edi"; - $data= "esi"; - $i= "ebp"; - - &comment("a simple function"); - &function_begin("calc"); - &mov( $data, &wparam(1)); # data - &xor( $j, $j); - &xor( $i, $i); - - &set_label("loop"); - &cmp( $i, &wparam(0)); - &jge( &label("end")); - - &mov( $tmp1, &DWP(0,$data,$i,4)); - &push( $tmp1); - &call( "other"); - &add( $j, "eax"); - &pop( $tmp1); - &inc( $i); - &jmp( &label("loop")); - - &set_label("end"); - &mov( "eax", $j); - - &function_end("calc"); - - &asm_finish(); - -The above example is very very unoptimised but gives an idea of how -things work. - -There is also a cbc mode function generator in cbc.pl - -&cbc( $name, - $encrypt_function_name, - $decrypt_function_name, - $true_if_byte_swap_needed, - $parameter_number_for_iv, - $parameter_number_for_encrypt_flag, - $first_parameter_to_pass, - $second_parameter_to_pass, - $third_parameter_to_pass); - -So for example, given -void BF_encrypt(BF_LONG *data,BF_KEY *key); -void BF_decrypt(BF_LONG *data,BF_KEY *key); -void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length, - BF_KEY *ks, unsigned char *iv, int enc); - -&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",1,4,5,3,-1,-1); - -&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1); -&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5); - diff --git a/src/libcrypto/libdes/asm/perlasm/x86asm.pl b/src/libcrypto/libdes/asm/perlasm/x86asm.pl deleted file mode 100644 index 164a942c5..000000000 --- a/src/libcrypto/libdes/asm/perlasm/x86asm.pl +++ /dev/null @@ -1,111 +0,0 @@ -#!/usr/bin/perl - -# require 'x86asm.pl'; -# &asm_init("cpp","des-586.pl"); -# XXX -# XXX -# main'asm_finish - -sub main'asm_finish - { - &file_end(); - &asm_finish_cpp() if $cpp; - print &asm_get_output(); - } - -sub main'asm_init - { - ($type,$fn)=@_; - $filename=$fn; - - $cpp=$sol=$aout=$win32=0; - if ( ($type eq "elf")) - { require "x86unix.pl"; } - elsif ( ($type eq "a.out")) - { $aout=1; require "x86unix.pl"; } - elsif ( ($type eq "sol")) - { $sol=1; require "x86unix.pl"; } - elsif ( ($type eq "cpp")) - { $cpp=1; require "x86unix.pl"; } - elsif ( ($type eq "win32")) - { $win32=1; require "x86ms.pl"; } - else - { - print STDERR <<"EOF"; -Pick one target type from - elf - linux, FreeBSD etc - a.out - old linux - sol - x86 solaris - cpp - format so x86unix.cpp can be used - win32 - Windows 95/Windows NT -EOF - exit(1); - } - - &asm_init_output(); - -&comment("Don't even think of reading this code"); -&comment("It was automatically generated by $filename"); -&comment("Which is a perl program used to generate the x86 assember for"); -&comment("any of elf, a.out, BSDI,Win32, or Solaris"); -&comment("eric <eay\@cryptsoft.com>"); -&comment(""); - - $filename =~ s/\.pl$//; - &file($filename); - } - -sub asm_finish_cpp - { - return unless $cpp; - - local($tmp,$i); - foreach $i (&get_labels()) - { - $tmp.="#define $i _$i\n"; - } - print <<"EOF"; -/* Run the C pre-processor over this file with one of the following defined - * ELF - elf object files, - * OUT - a.out object files, - * BSDI - BSDI style a.out object files - * SOL - Solaris style elf - */ - -#define TYPE(a,b) .type a,b -#define SIZE(a,b) .size a,b - -#if defined(OUT) || defined(BSDI) -$tmp -#endif - -#ifdef OUT -#define OK 1 -#define ALIGN 4 -#endif - -#ifdef BSDI -#define OK 1 -#define ALIGN 4 -#undef SIZE -#undef TYPE -#endif - -#if defined(ELF) || defined(SOL) -#define OK 1 -#define ALIGN 16 -#endif - -#ifndef OK -You need to define one of -ELF - elf systems - linux-elf, NetBSD and DG-UX -OUT - a.out systems - linux-a.out and FreeBSD -SOL - solaris systems, which are elf with strange comment lines -BSDI - a.out with a very primative version of as. -#endif - -/* Let the Assembler begin :-) */ -EOF - } - -1; diff --git a/src/libcrypto/libdes/asm/perlasm/x86ms.pl b/src/libcrypto/libdes/asm/perlasm/x86ms.pl deleted file mode 100644 index 0681ea18c..000000000 --- a/src/libcrypto/libdes/asm/perlasm/x86ms.pl +++ /dev/null @@ -1,345 +0,0 @@ -#!/usr/bin/perl - -package x86ms; - -$label="L000"; - -%lb=( 'eax', 'al', - 'ebx', 'bl', - 'ecx', 'cl', - 'edx', 'dl', - 'ax', 'al', - 'bx', 'bl', - 'cx', 'cl', - 'dx', 'dl', - ); - -%hb=( 'eax', 'ah', - 'ebx', 'bh', - 'ecx', 'ch', - 'edx', 'dh', - 'ax', 'ah', - 'bx', 'bh', - 'cx', 'ch', - 'dx', 'dh', - ); - -sub main'asm_init_output { @out=(); } -sub main'asm_get_output { return(@out); } -sub main'get_labels { return(@labels); } -sub main'external_label { push(@labels,@_); } - -sub main'LB - { - (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n"; - return($lb{$_[0]}); - } - -sub main'HB - { - (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n"; - return($hb{$_[0]}); - } - -sub main'BP - { - &get_mem("BYTE",@_); - } - -sub main'DWP - { - &get_mem("DWORD",@_); - } - -sub main'stack_push - { - local($num)=@_; - $stack+=$num*4; - &main'sub("esp",$num*4); - } - -sub main'stack_pop - { - local($num)=@_; - $stack-=$num*4; - &main'add("esp",$num*4); - } - -sub get_mem - { - local($size,$addr,$reg1,$reg2,$idx)=@_; - local($t,$post); - local($ret)="$size PTR "; - - $addr =~ s/^\s+//; - if ($addr =~ /^(.+)\+(.+)$/) - { - $reg2=&conv($1); - $addr="_$2"; - } - elsif ($addr =~ /^[_a-zA-Z]/) - { - $addr="_$addr"; - } - - $reg1="$regs{$reg1}" if defined($regs{$reg1}); - $reg2="$regs{$reg2}" if defined($regs{$reg2}); - if (($addr ne "") && ($addr ne 0)) - { - if ($addr !~ /^-/) - { $ret.=$addr; } - else { $post=$addr; } - } - if ($reg2 ne "") - { - $t=""; - $t="*$idx" if ($idx != 0); - $reg1="+".$reg1 if ("$reg1$post" ne ""); - $ret.="[$reg2$t$reg1$post]"; - } - else - { - $ret.="[$reg1$post]" - } - return($ret); - } - -sub main'mov { &out2("mov",@_); } -sub main'movb { &out2("mov",@_); } -sub main'and { &out2("and",@_); } -sub main'or { &out2("or",@_); } -sub main'shl { &out2("shl",@_); } -sub main'shr { &out2("shr",@_); } -sub main'xor { &out2("xor",@_); } -sub main'xorb { &out2("xor",@_); } -sub main'add { &out2("add",@_); } -sub main'adc { &out2("adc",@_); } -sub main'sub { &out2("sub",@_); } -sub main'rotl { &out2("rol",@_); } -sub main'rotr { &out2("ror",@_); } -sub main'exch { &out2("xchg",@_); } -sub main'cmp { &out2("cmp",@_); } -sub main'lea { &out2("lea",@_); } -sub main'mul { &out1("mul",@_); } -sub main'div { &out1("div",@_); } -sub main'dec { &out1("dec",@_); } -sub main'inc { &out1("inc",@_); } -sub main'jmp { &out1("jmp",@_); } -sub main'jmp_ptr { &out1p("jmp",@_); } -sub main'je { &out1("je",@_); } -sub main'jle { &out1("jle",@_); } -sub main'jz { &out1("jz",@_); } -sub main'jge { &out1("jge",@_); } -sub main'jl { &out1("jl",@_); } -sub main'jb { &out1("jb",@_); } -sub main'jnz { &out1("jnz",@_); } -sub main'jne { &out1("jne",@_); } -sub main'push { &out1("push",@_); $stack+=4; } -sub main'pop { &out1("pop",@_); $stack-=4; } -sub main'bswap { &out1("bswap",@_); &using486(); } -sub main'not { &out1("not",@_); } -sub main'call { &out1("call",'_'.$_[0]); } -sub main'ret { &out0("ret"); } -sub main'nop { &out0("nop"); } - -sub out2 - { - local($name,$p1,$p2)=@_; - local($l,$t); - - push(@out,"\t$name\t"); - $t=&conv($p1).","; - $l=length($t); - push(@out,$t); - $l=4-($l+9)/8; - push(@out,"\t" x $l); - push(@out,&conv($p2)); - push(@out,"\n"); - } - -sub out0 - { - local($name)=@_; - - push(@out,"\t$name\n"); - } - -sub out1 - { - local($name,$p1)=@_; - local($l,$t); - - push(@out,"\t$name\t".&conv($p1)."\n"); - } - -sub conv - { - local($p)=@_; - - $p =~ s/0x([0-9A-Fa-f]+)/0$1h/; - return $p; - } - -sub using486 - { - return if $using486; - $using486++; - grep(s/\.386/\.486/,@out); - } - -sub main'file - { - local($file)=@_; - - local($tmp)=<<"EOF"; - TITLE $file.asm - .386 -.model FLAT -EOF - push(@out,$tmp); - } - -sub main'function_begin - { - local($func,$extra)=@_; - - push(@labels,$func); - - local($tmp)=<<"EOF"; -_TEXT SEGMENT -PUBLIC _$func -$extra -_$func PROC NEAR - push ebp - push ebx - push esi - push edi -EOF - push(@out,$tmp); - $stack=20; - } - -sub main'function_begin_B - { - local($func,$extra)=@_; - - local($tmp)=<<"EOF"; -_TEXT SEGMENT -PUBLIC _$func -$extra -_$func PROC NEAR -EOF - push(@out,$tmp); - $stack=4; - } - -sub main'function_end - { - local($func)=@_; - - local($tmp)=<<"EOF"; - pop edi - pop esi - pop ebx - pop ebp - ret -_$func ENDP -_TEXT ENDS -EOF - push(@out,$tmp); - $stack=0; - %label=(); - } - -sub main'function_end_B - { - local($func)=@_; - - local($tmp)=<<"EOF"; -_$func ENDP -_TEXT ENDS -EOF - push(@out,$tmp); - $stack=0; - %label=(); - } - -sub main'function_end_A - { - local($func)=@_; - - local($tmp)=<<"EOF"; - pop edi - pop esi - pop ebx - pop ebp - ret -EOF - push(@out,$tmp); - } - -sub main'file_end - { - push(@out,"END\n"); - } - -sub main'wparam - { - local($num)=@_; - - return(&main'DWP($stack+$num*4,"esp","",0)); - } - -sub main'swtmp - { - return(&main'DWP($_[0]*4,"esp","",0)); - } - -# Should use swtmp, which is above esp. Linix can trash the stack above esp -#sub main'wtmp -# { -# local($num)=@_; -# -# return(&main'DWP(-(($num+1)*4),"esp","",0)); -# } - -sub main'comment - { - foreach (@_) - { - push(@out,"\t; $_\n"); - } - } - -sub main'label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="\$${label}${_[0]}"; - $label++; - } - return($label{$_[0]}); - } - -sub main'set_label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="${label}${_[0]}"; - $label++; - } - push(@out,"$label{$_[0]}:\n"); - } - -sub main'data_word - { - push(@out,"\tDD\t$_[0]\n"); - } - -sub out1p - { - local($name,$p1)=@_; - local($l,$t); - - push(@out,"\t$name\t ".&conv($p1)."\n"); - } diff --git a/src/libcrypto/libdes/asm/perlasm/x86unix.pl b/src/libcrypto/libdes/asm/perlasm/x86unix.pl deleted file mode 100644 index 1d661221c..000000000 --- a/src/libcrypto/libdes/asm/perlasm/x86unix.pl +++ /dev/null @@ -1,403 +0,0 @@ -#!/usr/bin/perl - -package x86unix; - -$label="L000"; - -$align=($main'aout)?"4":"16"; -$under=($main'aout)?"_":""; -$com_start=($main'sol)?"/":"#"; - -sub main'asm_init_output { @out=(); } -sub main'asm_get_output { return(@out); } -sub main'get_labels { return(@labels); } -sub main'external_label { push(@labels,@_); } - -if ($main'cpp) - { - $align="ALIGN"; - $under=""; - $com_start='/*'; - $com_end='*/'; - } - -%lb=( 'eax', '%al', - 'ebx', '%bl', - 'ecx', '%cl', - 'edx', '%dl', - 'ax', '%al', - 'bx', '%bl', - 'cx', '%cl', - 'dx', '%dl', - ); - -%hb=( 'eax', '%ah', - 'ebx', '%bh', - 'ecx', '%ch', - 'edx', '%dh', - 'ax', '%ah', - 'bx', '%bh', - 'cx', '%ch', - 'dx', '%dh', - ); - -%regs=( 'eax', '%eax', - 'ebx', '%ebx', - 'ecx', '%ecx', - 'edx', '%edx', - 'esi', '%esi', - 'edi', '%edi', - 'ebp', '%ebp', - 'esp', '%esp', - ); - -%reg_val=( - 'eax', 0x00, - 'ebx', 0x03, - 'ecx', 0x01, - 'edx', 0x02, - 'esi', 0x06, - 'edi', 0x07, - 'ebp', 0x05, - 'esp', 0x04, - ); - -sub main'LB - { - (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n"; - return($lb{$_[0]}); - } - -sub main'HB - { - (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n"; - return($hb{$_[0]}); - } - -sub main'DWP - { - local($addr,$reg1,$reg2,$idx)=@_; - - $ret=""; - $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/; - $reg1="$regs{$reg1}" if defined($regs{$reg1}); - $reg2="$regs{$reg2}" if defined($regs{$reg2}); - $ret.=$addr if ($addr ne "") && ($addr ne 0); - if ($reg2 ne "") - { $ret.="($reg1,$reg2,$idx)"; } - else - { $ret.="($reg1)" } - return($ret); - } - -sub main'BP - { - return(&main'DWP(@_)); - } - -#sub main'BP -# { -# local($addr,$reg1,$reg2,$idx)=@_; -# -# $ret=""; -# -# $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/; -# $reg1="$regs{$reg1}" if defined($regs{$reg1}); -# $reg2="$regs{$reg2}" if defined($regs{$reg2}); -# $ret.=$addr if ($addr ne "") && ($addr ne 0); -# if ($reg2 ne "") -# { $ret.="($reg1,$reg2,$idx)"; } -# else -# { $ret.="($reg1)" } -# return($ret); -# } - -sub main'mov { &out2("movl",@_); } -sub main'movb { &out2("movb",@_); } -sub main'and { &out2("andl",@_); } -sub main'or { &out2("orl",@_); } -sub main'shl { &out2("sall",@_); } -sub main'shr { &out2("shrl",@_); } -sub main'xor { &out2("xorl",@_); } -sub main'xorb { &out2("xorb",@_); } -sub main'add { &out2("addl",@_); } -sub main'adc { &out2("adcl",@_); } -sub main'sub { &out2("subl",@_); } -sub main'rotl { &out2("roll",@_); } -sub main'rotr { &out2("rorl",@_); } -sub main'exch { &out2("xchg",@_); } -sub main'cmp { &out2("cmpl",@_); } -sub main'lea { &out2("leal",@_); } -sub main'mul { &out1("mull",@_); } -sub main'div { &out1("divl",@_); } -sub main'jmp { &out1("jmp",@_); } -sub main'jmp_ptr { &out1p("jmp",@_); } -sub main'je { &out1("je",@_); } -sub main'jle { &out1("jle",@_); } -sub main'jne { &out1("jne",@_); } -sub main'jnz { &out1("jnz",@_); } -sub main'jz { &out1("jz",@_); } -sub main'jge { &out1("jge",@_); } -sub main'jl { &out1("jl",@_); } -sub main'jb { &out1("jb",@_); } -sub main'dec { &out1("decl",@_); } -sub main'inc { &out1("incl",@_); } -sub main'push { &out1("pushl",@_); $stack+=4; } -sub main'pop { &out1("popl",@_); $stack-=4; } -sub main'bswap { &out1("bswapl",@_); } -sub main'not { &out1("notl",@_); } -sub main'call { &out1("call",$under.$_[0]); } -sub main'ret { &out0("ret"); } -sub main'nop { &out0("nop"); } - -sub out2 - { - local($name,$p1,$p2)=@_; - local($l,$ll,$t); - local(%special)=( "roll",0xD1C0,"rorl",0xD1C8, - "rcll",0xD1D0,"rcrl",0xD1D8, - "shll",0xD1E0,"shrl",0xD1E8, - "sarl",0xD1F8); - - if ((defined($special{$name})) && defined($regs{$p1}) && ($p2 == 1)) - { - $op=$special{$name}|$reg_val{$p1}; - $tmp1=sprintf ".byte %d\n",($op>>8)&0xff; - $tmp2=sprintf ".byte %d\t",$op &0xff; - push(@out,$tmp1); - push(@out,$tmp2); - - $p2=&conv($p2); - $p1=&conv($p1); - &main'comment("$name $p2 $p1"); - return; - } - - push(@out,"\t$name\t"); - $t=&conv($p2).","; - $l=length($t); - push(@out,$t); - $ll=4-($l+9)/8; - $tmp1=sprintf "\t" x $ll; - push(@out,$tmp1); - push(@out,&conv($p1)."\n"); - } - -sub out1 - { - local($name,$p1)=@_; - local($l,$t); - - push(@out,"\t$name\t".&conv($p1)."\n"); - } - -sub out1p - { - local($name,$p1)=@_; - local($l,$t); - - push(@out,"\t$name\t*".&conv($p1)."\n"); - } - -sub out0 - { - push(@out,"\t$_[0]\n"); - } - -sub conv - { - local($p)=@_; - -# $p =~ s/0x([0-9A-Fa-f]+)/0$1h/; - - $p=$regs{$p} if (defined($regs{$p})); - - $p =~ s/^(-{0,1}[0-9A-Fa-f]+)$/\$$1/; - $p =~ s/^(0x[0-9A-Fa-f]+)$/\$$1/; - return $p; - } - -sub main'file - { - local($file)=@_; - - local($tmp)=<<"EOF"; - .file "$file.s" - .version "01.01" -gcc2_compiled.: -EOF - push(@out,$tmp); - } - -sub main'function_begin - { - local($func)=@_; - - $func=$under.$func; - - local($tmp)=<<"EOF"; -.text - .align $align -.globl $func -EOF - push(@out,$tmp); - if ($main'cpp) - { $tmp=push(@out,"\tTYPE($func,\@function)\n"); } - else { $tmp=push(@out,"\t.type\t$func,\@function\n"); } - push(@out,"$func:\n"); - $tmp=<<"EOF"; - pushl %ebp - pushl %ebx - pushl %esi - pushl %edi - -EOF - push(@out,$tmp); - $stack=20; - } - -sub main'function_begin_B - { - local($func,$extra)=@_; - - $func=$under.$func; - - local($tmp)=<<"EOF"; -.text - .align $align -.globl $func -EOF - push(@out,$tmp); - if ($main'cpp) - { push(@out,"\tTYPE($func,\@function)\n"); } - else { push(@out,"\t.type $func,\@function\n"); } - push(@out,"$func:\n"); - $stack=4; - } - -sub main'function_end - { - local($func)=@_; - - $func=$under.$func; - - local($tmp)=<<"EOF"; - popl %edi - popl %esi - popl %ebx - popl %ebp - ret -.${func}_end: -EOF - push(@out,$tmp); - if ($main'cpp) - { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); } - else { push(@out,"\t.size\t$func,.${func}_end-$func\n"); } - push(@out,".ident \"$func\"\n"); - $stack=0; - %label=(); - } - -sub main'function_end_A - { - local($func)=@_; - - local($tmp)=<<"EOF"; - popl %edi - popl %esi - popl %ebx - popl %ebp - ret -EOF - push(@out,$tmp); - } - -sub main'function_end_B - { - local($func)=@_; - - $func=$under.$func; - - push(@out,".${func}_end:\n"); - if ($main'cpp) - { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); } - else { push(@out,"\t.size\t$func,.${func}_end-$func\n"); } - push(@out,".ident \"desasm.pl\"\n"); - $stack=0; - %label=(); - } - -sub main'wparam - { - local($num)=@_; - - return(&main'DWP($stack+$num*4,"esp","",0)); - } - -sub main'stack_push - { - local($num)=@_; - $stack+=$num*4; - &main'sub("esp",$num*4); - } - -sub main'stack_pop - { - local($num)=@_; - $stack-=$num*4; - &main'add("esp",$num*4); - } - -sub main'swtmp - { - return(&main'DWP($_[0]*4,"esp","",0)); - } - -# Should use swtmp, which is above esp. Linix can trash the stack above esp -#sub main'wtmp -# { -# local($num)=@_; -# -# return(&main'DWP(-($num+1)*4,"esp","",0)); -# } - -sub main'comment - { - foreach (@_) - { - if (/^\s*$/) - { push(@out,"\n"); } - else - { push(@out,"\t$com_start $_ $com_end\n"); } - } - } - -sub main'label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}=".${label}${_[0]}"; - $label++; - } - return($label{$_[0]}); - } - -sub main'set_label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}=".${label}${_[0]}"; - $label++; - } - push(@out,".align $align\n") if ($_[1] != 0); - push(@out,"$label{$_[0]}:\n"); - } - -sub main'file_end - { - } - -sub main'data_word - { - push(@out,"\t.long $_[0]\n"); - } diff --git a/src/libcrypto/libdes/asm/readme b/src/libcrypto/libdes/asm/readme deleted file mode 100644 index f8529d930..000000000 --- a/src/libcrypto/libdes/asm/readme +++ /dev/null @@ -1,131 +0,0 @@ -First up, let me say I don't like writing in assembler. It is not portable, -dependant on the particular CPU architecture release and is generally a pig -to debug and get right. Having said that, the x86 architecture is probably -the most important for speed due to number of boxes and since -it appears to be the worst architecture to to get -good C compilers for. So due to this, I have lowered myself to do -assembler for the inner DES routines in libdes :-). - -The file to implement in assembler is des_enc.c. Replace the following -4 functions -des_encrypt(DES_LONG data[2],des_key_schedule ks, int encrypt); -des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt); -des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3); -des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3); - -They encrypt/decrypt the 64 bits held in 'data' using -the 'ks' key schedules. The only difference between the 4 functions is that -des_encrypt2() does not perform IP() or FP() on the data (this is an -optimization for when doing triple DES and des_encrypt3() and des_decrypt3() -perform triple des. The triple DES routines are in here because it does -make a big difference to have them located near the des_encrypt2 function -at link time.. - -Now as we all know, there are lots of different operating systems running on -x86 boxes, and unfortunately they normally try to make sure their assembler -formating is not the same as the other peoples. -The 4 main formats I know of are -Microsoft Windows 95/Windows NT -Elf Includes Linux and FreeBSD(?). -a.out The older Linux. -Solaris Same as Elf but different comments :-(. - -Now I was not overly keen to write 4 different copies of the same code, -so I wrote a few perl routines to output the correct assembler, given -a target assembler type. This code is ugly and is just a hack. -The libraries are x86unix.pl and x86ms.pl. -des586.pl, des686.pl and des-som[23].pl are the programs to actually -generate the assembler. - -So to generate elf assembler -perl des-som3.pl elf >dx86-elf.s -For Windows 95/NT -perl des-som2.pl win32 >win32.asm - -[ update 4 Jan 1996 ] -I have added another way to do things. -perl des-som3.pl cpp >dx86-cpp.s -generates a file that will be included by dx86unix.cpp when it is compiled. -To build for elf, a.out, solaris, bsdi etc, -cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o -cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o -cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o -cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o -This was done to cut down the number of files in the distribution. - -Now the ugly part. I acquired my copy of Intels -"Optimization's For Intel's 32-Bit Processors" and found a few interesting -things. First, the aim of the exersize is to 'extract' one byte at a time -from a word and do an array lookup. This involves getting the byte from -the 4 locations in the word and moving it to a new word and doing the lookup. -The most obvious way to do this is -xor eax, eax # clear word -movb al, cl # get low byte -xor edi DWORD PTR 0x100+des_SP[eax] # xor in word -movb al, ch # get next byte -xor edi DWORD PTR 0x300+des_SP[eax] # xor in word -shr ecx 16 -which seems ok. For the pentium, this system appears to be the best. -One has to do instruction interleaving to keep both functional units -operating, but it is basically very efficient. - -Now the crunch. When a full register is used after a partial write, eg. -mov al, cl -xor edi, DWORD PTR 0x100+des_SP[eax] -386 - 1 cycle stall -486 - 1 cycle stall -586 - 0 cycle stall -686 - at least 7 cycle stall (page 22 of the above mentioned document). - -So the technique that produces the best results on a pentium, according to -the documentation, will produce hideous results on a pentium pro. - -To get around this, des686.pl will generate code that is not as fast on -a pentium, should be very good on a pentium pro. -mov eax, ecx # copy word -shr ecx, 8 # line up next byte -and eax, 0fch # mask byte -xor edi DWORD PTR 0x100+des_SP[eax] # xor in array lookup -mov eax, ecx # get word -shr ecx 8 # line up next byte -and eax, 0fch # mask byte -xor edi DWORD PTR 0x300+des_SP[eax] # xor in array lookup - -Due to the execution units in the pentium, this actually works quite well. -For a pentium pro it should be very good. This is the type of output -Visual C++ generates. - -There is a third option. instead of using -mov al, ch -which is bad on the pentium pro, one may be able to use -movzx eax, ch -which may not incur the partial write penalty. On the pentium, -this instruction takes 4 cycles so is not worth using but on the -pentium pro it appears it may be worth while. I need access to one to -experiment :-). - -eric (20 Oct 1996) - -22 Nov 1996 - I have asked people to run the 2 different version on pentium -pros and it appears that the intel documentation is wrong. The -mov al,bh is still faster on a pentium pro, so just use the des586.pl -install des686.pl - -3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these -functions into des_enc.c because it does make a massive performance -difference on some boxes to have the functions code located close to -the des_encrypt2() function. - -9 Jan 1997 - des-som2.pl is now the correct perl script to use for -pentiums. It contains an inner loop from -Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at -273,000 per second. He had a previous version at 250,000 and the best -I was able to get was 203,000. The content has not changed, this is all -due to instruction sequencing (and actual instructions choice) which is able -to keep both functional units of the pentium going. -We may have lost the ugly register usage restrictions when x86 went 32 bit -but for the pentium it has been replaced by evil instruction ordering tricks. - -13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf. -raw DES at 281,000 per second on a pentium 100. - diff --git a/src/libcrypto/libdes/cbc_enc.c b/src/libcrypto/libdes/cbc_enc.c deleted file mode 100644 index a06f9f99e..000000000 --- a/src/libcrypto/libdes/cbc_enc.c +++ /dev/null @@ -1,135 +0,0 @@ -/* crypto/des/cbc_enc.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -void des_cbc_encrypt(input, output, length, schedule, ivec, enc) -des_cblock (*input); -des_cblock (*output); -long length; -des_key_schedule schedule; -des_cblock (*ivec); -int enc; - { - register DES_LONG tin0,tin1; - register DES_LONG tout0,tout1,xor0,xor1; - register unsigned char *in,*out; - register long l=length; - DES_LONG tin[2]; - unsigned char *iv; - - in=(unsigned char *)input; - out=(unsigned char *)output; - iv=(unsigned char *)ivec; - - if (enc) - { - c2l(iv,tout0); - c2l(iv,tout1); - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); - c2l(in,tin1); - tin0^=tout0; tin[0]=tin0; - tin1^=tout1; tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); - tout0=tin[0]; l2c(tout0,out); - tout1=tin[1]; l2c(tout1,out); - } - if (l != -8) - { - c2ln(in,tin0,tin1,l+8); - tin0^=tout0; tin[0]=tin0; - tin1^=tout1; tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); - tout0=tin[0]; l2c(tout0,out); - tout1=tin[1]; l2c(tout1,out); - } - } - else - { - c2l(iv,xor0); - c2l(iv,xor1); - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); tin[0]=tin0; - c2l(in,tin1); tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2c(tout0,out); - l2c(tout1,out); - xor0=tin0; - xor1=tin1; - } - if (l != -8) - { - c2l(in,tin0); tin[0]=tin0; - c2l(in,tin1); tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2cn(tout0,tout1,out,l+8); - /* xor0=tin0; - xor1=tin1; */ - } - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; - } - diff --git a/src/libcrypto/libdes/des.doc b/src/libcrypto/libdes/des.doc deleted file mode 100644 index 1e3015812..000000000 --- a/src/libcrypto/libdes/des.doc +++ /dev/null @@ -1,505 +0,0 @@ -The DES library. - -Please note that this library was originally written to operate with -eBones, a version of Kerberos that had had encryption removed when it left -the USA and then put back in. As such there are some routines that I will -advise not using but they are still in the library for historical reasons. -For all calls that have an 'input' and 'output' variables, they can be the -same. - -This library requires the inclusion of 'des.h'. - -All of the encryption functions take what is called a des_key_schedule as an -argument. A des_key_schedule is an expanded form of the des key. -A des_key is 8 bytes of odd parity, the type used to hold the key is a -des_cblock. A des_cblock is an array of 8 bytes, often in this library -description I will refer to input bytes when the function specifies -des_cblock's as input or output, this just means that the variable should -be a multiple of 8 bytes. - -The define DES_ENCRYPT is passed to specify encryption, DES_DECRYPT to -specify decryption. The functions and global variable are as follows: - -int des_check_key; - DES keys are supposed to be odd parity. If this variable is set to - a non-zero value, des_set_key() will check that the key has odd - parity and is not one of the known weak DES keys. By default this - variable is turned off; - -void des_set_odd_parity( -des_cblock *key ); - This function takes a DES key (8 bytes) and sets the parity to odd. - -int des_is_weak_key( -des_cblock *key ); - This function returns a non-zero value if the DES key passed is a - weak, DES key. If it is a weak key, don't use it, try a different - one. If you are using 'random' keys, the chances of hitting a weak - key are 1/2^52 so it is probably not worth checking for them. - -int des_set_key( -des_cblock *key, -des_key_schedule schedule); - Des_set_key converts an 8 byte DES key into a des_key_schedule. - A des_key_schedule is an expanded form of the key which is used to - perform actual encryption. It can be regenerated from the DES key - so it only needs to be kept when encryption or decryption is about - to occur. Don't save or pass around des_key_schedule's since they - are CPU architecture dependent, DES keys are not. If des_check_key - is non zero, zero is returned if the key has the wrong parity or - the key is a weak key, else 1 is returned. - -int des_key_sched( -des_cblock *key, -des_key_schedule schedule); - An alternative name for des_set_key(). - -int des_rw_mode; /* defaults to DES_PCBC_MODE */ - This flag holds either DES_CBC_MODE or DES_PCBC_MODE (default). - This specifies the function to use in the enc_read() and enc_write() - functions. - -void des_encrypt( -unsigned long *data, -des_key_schedule ks, -int enc); - This is the DES encryption function that gets called by just about - every other DES routine in the library. You should not use this - function except to implement 'modes' of DES. I say this because the - functions that call this routine do the conversion from 'char *' to - long, and this needs to be done to make sure 'non-aligned' memory - access do not occur. The characters are loaded 'little endian', - have a look at my source code for more details on how I use this - function. - Data is a pointer to 2 unsigned long's and ks is the - des_key_schedule to use. enc, is non zero specifies encryption, - zero if decryption. - -void des_encrypt2( -unsigned long *data, -des_key_schedule ks, -int enc); - This functions is the same as des_encrypt() except that the DES - initial permutation (IP) and final permutation (FP) have been left - out. As for des_encrypt(), you should not use this function. - It is used by the routines in my library that implement triple DES. - IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same - as des_encrypt() des_encrypt() des_encrypt() except faster :-). - -void des_ecb_encrypt( -des_cblock *input, -des_cblock *output, -des_key_schedule ks, -int enc); - This is the basic Electronic Code Book form of DES, the most basic - form. Input is encrypted into output using the key represented by - ks. If enc is non zero (DES_ENCRYPT), encryption occurs, otherwise - decryption occurs. Input is 8 bytes long and output is 8 bytes. - (the des_cblock structure is 8 chars). - -void des_ecb3_encrypt( -des_cblock *input, -des_cblock *output, -des_key_schedule ks1, -des_key_schedule ks2, -des_key_schedule ks3, -int enc); - This is the 3 key EDE mode of ECB DES. What this means is that - the 8 bytes of input is encrypted with ks1, decrypted with ks2 and - then encrypted again with ks3, before being put into output; - C=E(ks3,D(ks2,E(ks1,M))). There is a macro, des_ecb2_encrypt() - that only takes 2 des_key_schedules that implements, - C=E(ks1,D(ks2,E(ks1,M))) in that the final encrypt is done with ks1. - -void des_cbc_encrypt( -des_cblock *input, -des_cblock *output, -long length, -des_key_schedule ks, -des_cblock *ivec, -int enc); - This routine implements DES in Cipher Block Chaining mode. - Input, which should be a multiple of 8 bytes is encrypted - (or decrypted) to output which will also be a multiple of 8 bytes. - The number of bytes is in length (and from what I've said above, - should be a multiple of 8). If length is not a multiple of 8, I'm - not being held responsible :-). ivec is the initialisation vector. - This function does not modify this variable. To correctly implement - cbc mode, you need to do one of 2 things; copy the last 8 bytes of - cipher text for use as the next ivec in your application, - or use des_ncbc_encrypt(). - Only this routine has this problem with updating the ivec, all - other routines that are implementing cbc mode update ivec. - -void des_ncbc_encrypt( -des_cblock *input, -des_cblock *output, -long length, -des_key_schedule sk, -des_cblock *ivec, -int enc); - For historical reasons, des_cbc_encrypt() did not update the - ivec with the value requires so that subsequent calls to - des_cbc_encrypt() would 'chain'. This was needed so that the same - 'length' values would not need to be used when decrypting. - des_ncbc_encrypt() does the right thing. It is the same as - des_cbc_encrypt accept that ivec is updates with the correct value - to pass in subsequent calls to des_ncbc_encrypt(). I advise using - des_ncbc_encrypt() instead of des_cbc_encrypt(); - -void des_xcbc_encrypt( -des_cblock *input, -des_cblock *output, -long length, -des_key_schedule sk, -des_cblock *ivec, -des_cblock *inw, -des_cblock *outw, -int enc); - This is RSA's DESX mode of DES. It uses inw and outw to - 'whiten' the encryption. inw and outw are secret (unlike the iv) - and are as such, part of the key. So the key is sort of 24 bytes. - This is much better than cbc des. - -void des_3cbc_encrypt( -des_cblock *input, -des_cblock *output, -long length, -des_key_schedule sk1, -des_key_schedule sk2, -des_cblock *ivec1, -des_cblock *ivec2, -int enc); - This function is flawed, do not use it. I have left it in the - library because it is used in my des(1) program and will function - correctly when used by des(1). If I removed the function, people - could end up unable to decrypt files. - This routine implements outer triple cbc encryption using 2 ks and - 2 ivec's. Use des_ede2_cbc_encrypt() instead. - -void des_ede3_cbc_encrypt( -des_cblock *input, -des_cblock *output, -long length, -des_key_schedule ks1, -des_key_schedule ks2, -des_key_schedule ks3, -des_cblock *ivec, -int enc); - This function implements inner triple CBC DES encryption with 3 - keys. What this means is that each 'DES' operation - inside the cbc mode is really an C=E(ks3,D(ks2,E(ks1,M))). - Again, this is cbc mode so an ivec is requires. - This mode is used by SSL. - There is also a des_ede2_cbc_encrypt() that only uses 2 - des_key_schedule's, the first being reused for the final - encryption. C=E(ks1,D(ks2,E(ks1,M))). This form of triple DES - is used by the RSAref library. - -void des_pcbc_encrypt( -des_cblock *input, -des_cblock *output, -long length, -des_key_schedule ks, -des_cblock *ivec, -int enc); - This is Propagating Cipher Block Chaining mode of DES. It is used - by Kerberos v4. It's parameters are the same as des_ncbc_encrypt(). - -void des_cfb_encrypt( -unsigned char *in, -unsigned char *out, -int numbits, -long length, -des_key_schedule ks, -des_cblock *ivec, -int enc); - Cipher Feedback Back mode of DES. This implementation 'feeds back' - in numbit blocks. The input (and output) is in multiples of numbits - bits. numbits should to be a multiple of 8 bits. Length is the - number of bytes input. If numbits is not a multiple of 8 bits, - the extra bits in the bytes will be considered padding. So if - numbits is 12, for each 2 input bytes, the 4 high bits of the - second byte will be ignored. So to encode 72 bits when using - a numbits of 12 take 12 bytes. To encode 72 bits when using - numbits of 9 will take 16 bytes. To encode 80 bits when using - numbits of 16 will take 10 bytes. etc, etc. This padding will - apply to both input and output. - - -void des_cfb64_encrypt( -unsigned char *in, -unsigned char *out, -long length, -des_key_schedule ks, -des_cblock *ivec, -int *num, -int enc); - This is one of the more useful functions in this DES library, it - implements CFB mode of DES with 64bit feedback. Why is this - useful you ask? Because this routine will allow you to encrypt an - arbitrary number of bytes, no 8 byte padding. Each call to this - routine will encrypt the input bytes to output and then update ivec - and num. num contains 'how far' we are though ivec. If this does - not make much sense, read more about cfb mode of DES :-). - -void des_ede3_cfb64_encrypt( -unsigned char *in, -unsigned char *out, -long length, -des_key_schedule ks1, -des_key_schedule ks2, -des_key_schedule ks3, -des_cblock *ivec, -int *num, -int enc); - Same as des_cfb64_encrypt() accept that the DES operation is - triple DES. As usual, there is a macro for - des_ede2_cfb64_encrypt() which reuses ks1. - -void des_ofb_encrypt( -unsigned char *in, -unsigned char *out, -int numbits, -long length, -des_key_schedule ks, -des_cblock *ivec); - This is a implementation of Output Feed Back mode of DES. It is - the same as des_cfb_encrypt() in that numbits is the size of the - units dealt with during input and output (in bits). - -void des_ofb64_encrypt( -unsigned char *in, -unsigned char *out, -long length, -des_key_schedule ks, -des_cblock *ivec, -int *num); - The same as des_cfb64_encrypt() except that it is Output Feed Back - mode. - -void des_ede3_ofb64_encrypt( -unsigned char *in, -unsigned char *out, -long length, -des_key_schedule ks1, -des_key_schedule ks2, -des_key_schedule ks3, -des_cblock *ivec, -int *num); - Same as des_ofb64_encrypt() accept that the DES operation is - triple DES. As usual, there is a macro for - des_ede2_ofb64_encrypt() which reuses ks1. - -int des_read_pw_string( -char *buf, -int length, -char *prompt, -int verify); - This routine is used to get a password from the terminal with echo - turned off. Buf is where the string will end up and length is the - size of buf. Prompt is a string presented to the 'user' and if - verify is set, the key is asked for twice and unless the 2 copies - match, an error is returned. A return code of -1 indicates a - system error, 1 failure due to use interaction, and 0 is success. - -unsigned long des_cbc_cksum( -des_cblock *input, -des_cblock *output, -long length, -des_key_schedule ks, -des_cblock *ivec); - This function produces an 8 byte checksum from input that it puts in - output and returns the last 4 bytes as a long. The checksum is - generated via cbc mode of DES in which only the last 8 byes are - kept. I would recommend not using this function but instead using - the EVP_Digest routines, or at least using MD5 or SHA. This - function is used by Kerberos v4 so that is why it stays in the - library. - -char *des_fcrypt( -const char *buf, -const char *salt -char *ret); - This is my fast version of the unix crypt(3) function. This version - takes only a small amount of space relative to other fast - crypt() implementations. This is different to the normal crypt - in that the third parameter is the buffer that the return value - is written into. It needs to be at least 14 bytes long. This - function is thread safe, unlike the normal crypt. - -char *crypt( -const char *buf, -const char *salt); - This function calls des_fcrypt() with a static array passed as the - third parameter. This emulates the normal non-thread safe semantics - of crypt(3). - -void des_string_to_key( -char *str, -des_cblock *key); - This function takes str and converts it into a DES key. I would - recommend using MD5 instead and use the first 8 bytes of output. - When I wrote the first version of these routines back in 1990, MD5 - did not exist but I feel these routines are still sound. This - routines is compatible with the one in MIT's libdes. - -void des_string_to_2keys( -char *str, -des_cblock *key1, -des_cblock *key2); - This function takes str and converts it into 2 DES keys. - I would recommend using MD5 and using the 16 bytes as the 2 keys. - I have nothing against these 2 'string_to_key' routines, it's just - that if you say that your encryption key is generated by using the - 16 bytes of an MD5 hash, every-one knows how you generated your - keys. - -int des_read_password( -des_cblock *key, -char *prompt, -int verify); - This routine combines des_read_pw_string() with des_string_to_key(). - -int des_read_2passwords( -des_cblock *key1, -des_cblock *key2, -char *prompt, -int verify); - This routine combines des_read_pw_string() with des_string_to_2key(). - -void des_random_seed( -des_cblock key); - This routine sets a starting point for des_random_key(). - -void des_random_key( -des_cblock ret); - This function return a random key. Make sure to 'seed' the random - number generator (with des_random_seed()) before using this function. - I personally now use a MD5 based random number system. - -int des_enc_read( -int fd, -char *buf, -int len, -des_key_schedule ks, -des_cblock *iv); - This function will write to a file descriptor the encrypted data - from buf. This data will be preceded by a 4 byte 'byte count' and - will be padded out to 8 bytes. The encryption is either CBC of - PCBC depending on the value of des_rw_mode. If it is DES_PCBC_MODE, - pcbc is used, if DES_CBC_MODE, cbc is used. The default is to use - DES_PCBC_MODE. - -int des_enc_write( -int fd, -char *buf, -int len, -des_key_schedule ks, -des_cblock *iv); - This routines read stuff written by des_enc_read() and decrypts it. - I have used these routines quite a lot but I don't believe they are - suitable for non-blocking io. If you are after a full - authentication/encryption over networks, have a look at SSL instead. - -unsigned long des_quad_cksum( -des_cblock *input, -des_cblock *output, -long length, -int out_count, -des_cblock *seed); - This is a function from Kerberos v4 that is not anything to do with - DES but was needed. It is a cksum that is quicker to generate than - des_cbc_cksum(); I personally would use MD5 routines now. -===== -Modes of DES -Quite a bit of the following information has been taken from - AS 2805.5.2 - Australian Standard - Electronic funds transfer - Requirements for interfaces, - Part 5.2: Modes of operation for an n-bit block cipher algorithm - Appendix A - -There are several different modes in which DES can be used, they are -as follows. - -Electronic Codebook Mode (ECB) (des_ecb_encrypt()) -- 64 bits are enciphered at a time. -- The order of the blocks can be rearranged without detection. -- The same plaintext block always produces the same ciphertext block - (for the same key) making it vulnerable to a 'dictionary attack'. -- An error will only affect one ciphertext block. - -Cipher Block Chaining Mode (CBC) (des_cbc_encrypt()) -- a multiple of 64 bits are enciphered at a time. -- The CBC mode produces the same ciphertext whenever the same - plaintext is encrypted using the same key and starting variable. -- The chaining operation makes the ciphertext blocks dependent on the - current and all preceding plaintext blocks and therefore blocks can not - be rearranged. -- The use of different starting variables prevents the same plaintext - enciphering to the same ciphertext. -- An error will affect the current and the following ciphertext blocks. - -Cipher Feedback Mode (CFB) (des_cfb_encrypt()) -- a number of bits (j) <= 64 are enciphered at a time. -- The CFB mode produces the same ciphertext whenever the same - plaintext is encrypted using the same key and starting variable. -- The chaining operation makes the ciphertext variables dependent on the - current and all preceding variables and therefore j-bit variables are - chained together and can not be rearranged. -- The use of different starting variables prevents the same plaintext - enciphering to the same ciphertext. -- The strength of the CFB mode depends on the size of k (maximal if - j == k). In my implementation this is always the case. -- Selection of a small value for j will require more cycles through - the encipherment algorithm per unit of plaintext and thus cause - greater processing overheads. -- Only multiples of j bits can be enciphered. -- An error will affect the current and the following ciphertext variables. - -Output Feedback Mode (OFB) (des_ofb_encrypt()) -- a number of bits (j) <= 64 are enciphered at a time. -- The OFB mode produces the same ciphertext whenever the same - plaintext enciphered using the same key and starting variable. More - over, in the OFB mode the same key stream is produced when the same - key and start variable are used. Consequently, for security reasons - a specific start variable should be used only once for a given key. -- The absence of chaining makes the OFB more vulnerable to specific attacks. -- The use of different start variables values prevents the same - plaintext enciphering to the same ciphertext, by producing different - key streams. -- Selection of a small value for j will require more cycles through - the encipherment algorithm per unit of plaintext and thus cause - greater processing overheads. -- Only multiples of j bits can be enciphered. -- OFB mode of operation does not extend ciphertext errors in the - resultant plaintext output. Every bit error in the ciphertext causes - only one bit to be in error in the deciphered plaintext. -- OFB mode is not self-synchronising. If the two operation of - encipherment and decipherment get out of synchronism, the system needs - to be re-initialised. -- Each re-initialisation should use a value of the start variable - different from the start variable values used before with the same - key. The reason for this is that an identical bit stream would be - produced each time from the same parameters. This would be - susceptible to a ' known plaintext' attack. - -Triple ECB Mode (des_ecb3_encrypt()) -- Encrypt with key1, decrypt with key2 and encrypt with key3 again. -- As for ECB encryption but increases the key length to 168 bits. - There are theoretic attacks that can be used that make the effective - key length 112 bits, but this attack also requires 2^56 blocks of - memory, not very likely, even for the NSA. -- If both keys are the same it is equivalent to encrypting once with - just one key. -- If the first and last key are the same, the key length is 112 bits. - There are attacks that could reduce the key space to 55 bit's but it - requires 2^56 blocks of memory. -- If all 3 keys are the same, this is effectively the same as normal - ecb mode. - -Triple CBC Mode (des_ede3_cbc_encrypt()) -- Encrypt with key1, decrypt with key2 and then encrypt with key3. -- As for CBC encryption but increases the key length to 168 bits with - the same restrictions as for triple ecb mode. diff --git a/src/libcrypto/libdes/des.h b/src/libcrypto/libdes/des.h deleted file mode 100644 index baddf8647..000000000 --- a/src/libcrypto/libdes/des.h +++ /dev/null @@ -1,308 +0,0 @@ -/* crypto/des/des.org */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING - * - * Always modify des.org since des.h is automatically generated from - * it during SSLeay configuration. - * - * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING - */ - -#ifndef HEADER_DES_H -#define HEADER_DES_H - -#ifdef __cplusplus -extern "C" { -#endif - - -/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a - * %20 speed up (longs are 8 bytes, int's are 4). */ -/* Must be unsigned int on ia64/Itanium or DES breaks badly */ - -#ifdef __KERNEL__ -#include <linux/types.h> -#else -#include <sys/types.h> -#endif - -#ifndef DES_LONG -#define DES_LONG u_int32_t -#endif - -typedef unsigned char des_cblock[8]; -typedef struct des_ks_struct - { - union { - des_cblock _; - /* make sure things are correct size on machines with - * 8 byte longs */ - DES_LONG pad[2]; - } ks; -#undef _ -#define _ ks._ - } des_key_schedule[16]; - -#define DES_KEY_SZ (sizeof(des_cblock)) -#define DES_SCHEDULE_SZ (sizeof(des_key_schedule)) - -#define DES_ENCRYPT 1 -#define DES_DECRYPT 0 - -#define DES_CBC_MODE 0 -#define DES_PCBC_MODE 1 - -#define des_ecb2_encrypt(i,o,k1,k2,e) \ - des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e)) - -#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \ - des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e)) - -#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \ - des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e)) - -#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \ - des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n)) - -#define C_Block des_cblock -#define Key_schedule des_key_schedule -#ifdef KERBEROS -#define ENCRYPT DES_ENCRYPT -#define DECRYPT DES_DECRYPT -#endif -#define KEY_SZ DES_KEY_SZ -#define string_to_key des_string_to_key -#define read_pw_string des_read_pw_string -#define random_key des_random_key -#define pcbc_encrypt des_pcbc_encrypt -#define set_key des_set_key -#define key_sched des_key_sched -#define ecb_encrypt des_ecb_encrypt -#define cbc_encrypt des_cbc_encrypt -#define ncbc_encrypt des_ncbc_encrypt -#define xcbc_encrypt des_xcbc_encrypt -#define cbc_cksum des_cbc_cksum -#define quad_cksum des_quad_cksum - -/* For compatibility with the MIT lib - eay 20/05/92 */ -typedef des_key_schedule bit_64; -#define des_fixup_key_parity des_set_odd_parity -#define des_check_key_parity check_parity - -extern int des_check_key; /* defaults to false */ -extern int des_rw_mode; /* defaults to DES_PCBC_MODE */ - -/* The next line is used to disable full ANSI prototypes, if your - * compiler has problems with the prototypes, make sure this line always - * evaluates to true :-) */ -#if defined(MSDOS) || defined(__STDC__) -#undef NOPROTO -#endif -#ifndef NOPROTO -char *des_options(void); -void des_ecb3_encrypt(des_cblock *input,des_cblock *output, - des_key_schedule ks1,des_key_schedule ks2, - des_key_schedule ks3, int enc); -DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output, - long length,des_key_schedule schedule,des_cblock *ivec); -void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length, - des_key_schedule schedule,des_cblock *ivec,int enc); -void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length, - des_key_schedule schedule,des_cblock *ivec,int enc); -void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length, - des_key_schedule schedule,des_cblock *ivec, - des_cblock *inw,des_cblock *outw,int enc); -void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits, - long length,des_key_schedule schedule,des_cblock *ivec,int enc); -void des_ecb_encrypt(des_cblock *input,des_cblock *output, - des_key_schedule ks,int enc); -void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc); -void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc); -void des_encrypt3(DES_LONG *data, des_key_schedule ks1, - des_key_schedule ks2, des_key_schedule ks3); -void des_decrypt3(DES_LONG *data, des_key_schedule ks1, - des_key_schedule ks2, des_key_schedule ks3); -void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output, - long length, des_key_schedule ks1, des_key_schedule ks2, - des_key_schedule ks3, des_cblock *ivec, int enc); -void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out, - long length, des_key_schedule ks1, des_key_schedule ks2, - des_key_schedule ks3, des_cblock *ivec, int *num, int enc); -void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out, - long length, des_key_schedule ks1, des_key_schedule ks2, - des_key_schedule ks3, des_cblock *ivec, int *num); - -void des_xwhite_in2out(des_cblock (*des_key), des_cblock (*in_white), - des_cblock (*out_white)); - -int des_enc_read(int fd,char *buf,int len,des_key_schedule sched, - des_cblock *iv); -int des_enc_write(int fd,char *buf,int len,des_key_schedule sched, - des_cblock *iv); -char *des_fcrypt(const char *buf,const char *salt, char *ret); -#ifdef PERL5 -char *des_crypt(const char *buf,const char *salt); -#else -/* some stupid compilers complain because I have declared char instead - * of const char */ -#ifndef __KERNEL__ -#ifdef HEADER_DES_LOCL_H -char *crypt(const char *buf,const char *salt); -#else /* HEADER_DES_LOCL_H */ -char *crypt(void); -#endif /* HEADER_DES_LOCL_H */ -#endif /* __KERNEL__ */ -#endif /* PERL5 */ -void des_ofb_encrypt(unsigned char *in,unsigned char *out, - int numbits,long length,des_key_schedule schedule,des_cblock *ivec); -void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length, - des_key_schedule schedule,des_cblock *ivec,int enc); -DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output, - long length,int out_count,des_cblock *seed); -void des_random_seed(des_cblock key); -void des_random_key(des_cblock ret); -int des_read_password(des_cblock *key,char *prompt,int verify); -int des_read_2passwords(des_cblock *key1,des_cblock *key2, - char *prompt,int verify); -int des_read_pw_string(char *buf,int length,char *prompt,int verify); -void des_set_odd_parity(des_cblock *key); -int des_is_weak_key(des_cblock *key); -int des_set_key(des_cblock *key,des_key_schedule schedule); -int des_key_sched(des_cblock *key,des_key_schedule schedule); -void des_string_to_key(char *str,des_cblock *key); -void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2); -void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - des_key_schedule schedule, des_cblock *ivec, int *num, int enc); -void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, - des_key_schedule schedule, des_cblock *ivec, int *num); -int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify); - -/* Extra functions from Mark Murray <mark@grondar.za> */ -/* The following functions are not in the normal unix build or the - * SSLeay build. When using the SSLeay build, use RAND_seed() - * and RAND_bytes() instead. */ -int des_new_random_key(des_cblock *key); -void des_init_random_number_generator(des_cblock *key); -void des_set_random_generator_seed(des_cblock *key); -void des_set_sequence_number(des_cblock new_sequence_number); -void des_generate_random_block(des_cblock *block); - -#else - -char *des_options(); -void des_ecb3_encrypt(); -DES_LONG des_cbc_cksum(); -void des_cbc_encrypt(); -void des_ncbc_encrypt(); -void des_xcbc_encrypt(); -void des_cfb_encrypt(); -void des_ede3_cfb64_encrypt(); -void des_ede3_ofb64_encrypt(); -void des_ecb_encrypt(); -void des_encrypt(); -void des_encrypt2(); -void des_encrypt3(); -void des_decrypt3(); -void des_ede3_cbc_encrypt(); -int des_enc_read(); -int des_enc_write(); -char *des_fcrypt(); -#ifdef PERL5 -char *des_crypt(); -#else -char *crypt(); -#endif -void des_ofb_encrypt(); -void des_pcbc_encrypt(); -DES_LONG des_quad_cksum(); -void des_random_seed(); -void des_random_key(); -int des_read_password(); -int des_read_2passwords(); -int des_read_pw_string(); -void des_set_odd_parity(); -int des_is_weak_key(); -int des_set_key(); -int des_key_sched(); -void des_string_to_key(); -void des_string_to_2keys(); -void des_cfb64_encrypt(); -void des_ofb64_encrypt(); -int des_read_pw(); -void des_xwhite_in2out(); - -/* Extra functions from Mark Murray <mark@grondar.za> */ -/* The following functions are not in the normal unix build or the - * SSLeay build. When using the SSLeay build, use RAND_seed() - * and RAND_bytes() instead. */ -#ifdef FreeBSD -int des_new_random_key(); -void des_init_random_number_generator(); -void des_set_random_generator_seed(); -void des_set_sequence_number(); -void des_generate_random_block(); -#endif - -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/libcrypto/libdes/des_crypt.man b/src/libcrypto/libdes/des_crypt.man deleted file mode 100644 index 0ecc41687..000000000 --- a/src/libcrypto/libdes/des_crypt.man +++ /dev/null @@ -1,508 +0,0 @@ -.TH DES_CRYPT 3 -.SH NAME -des_read_password, des_read_2password, -des_string_to_key, des_string_to_2key, des_read_pw_string, -des_random_key, des_set_key, -des_key_sched, des_ecb_encrypt, des_ecb3_encrypt, des_cbc_encrypt, -des_3cbc_encrypt, -des_pcbc_encrypt, des_cfb_encrypt, des_ofb_encrypt, -des_cbc_cksum, des_quad_cksum, -des_enc_read, des_enc_write, des_set_odd_parity, -des_is_weak_key, crypt \- (non USA) DES encryption -.SH SYNOPSIS -.nf -.nj -.ft B -#include <des.h> -.PP -.B int des_read_password(key,prompt,verify) -des_cblock *key; -char *prompt; -int verify; -.PP -.B int des_read_2password(key1,key2,prompt,verify) -des_cblock *key1,*key2; -char *prompt; -int verify; -.PP -.B int des_string_to_key(str,key) -char *str; -des_cblock *key; -.PP -.B int des_string_to_2keys(str,key1,key2) -char *str; -des_cblock *key1,*key2; -.PP -.B int des_read_pw_string(buf,length,prompt,verify) -char *buf; -int length; -char *prompt; -int verify; -.PP -.B int des_random_key(key) -des_cblock *key; -.PP -.B int des_set_key(key,schedule) -des_cblock *key; -des_key_schedule schedule; -.PP -.B int des_key_sched(key,schedule) -des_cblock *key; -des_key_schedule schedule; -.PP -.B int des_ecb_encrypt(input,output,schedule,encrypt) -des_cblock *input; -des_cblock *output; -des_key_schedule schedule; -int encrypt; -.PP -.B int des_ecb3_encrypt(input,output,ks1,ks2,encrypt) -des_cblock *input; -des_cblock *output; -des_key_schedule ks1,ks2; -int encrypt; -.PP -.B int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt) -des_cblock *input; -des_cblock *output; -long length; -des_key_schedule schedule; -des_cblock *ivec; -int encrypt; -.PP -.B int des_3cbc_encrypt(input,output,length,sk1,sk2,ivec1,ivec2,encrypt) -des_cblock *input; -des_cblock *output; -long length; -des_key_schedule sk1; -des_key_schedule sk2; -des_cblock *ivec1; -des_cblock *ivec2; -int encrypt; -.PP -.B int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt) -des_cblock *input; -des_cblock *output; -long length; -des_key_schedule schedule; -des_cblock *ivec; -int encrypt; -.PP -.B int des_cfb_encrypt(input,output,numbits,length,schedule,ivec,encrypt) -unsigned char *input; -unsigned char *output; -int numbits; -long length; -des_key_schedule schedule; -des_cblock *ivec; -int encrypt; -.PP -.B int des_ofb_encrypt(input,output,numbits,length,schedule,ivec) -unsigned char *input,*output; -int numbits; -long length; -des_key_schedule schedule; -des_cblock *ivec; -.PP -.B unsigned long des_cbc_cksum(input,output,length,schedule,ivec) -des_cblock *input; -des_cblock *output; -long length; -des_key_schedule schedule; -des_cblock *ivec; -.PP -.B unsigned long des_quad_cksum(input,output,length,out_count,seed) -des_cblock *input; -des_cblock *output; -long length; -int out_count; -des_cblock *seed; -.PP -.B int des_check_key; -.PP -.B int des_enc_read(fd,buf,len,sched,iv) -int fd; -char *buf; -int len; -des_key_schedule sched; -des_cblock *iv; -.PP -.B int des_enc_write(fd,buf,len,sched,iv) -int fd; -char *buf; -int len; -des_key_schedule sched; -des_cblock *iv; -.PP -.B extern int des_rw_mode; -.PP -.B void des_set_odd_parity(key) -des_cblock *key; -.PP -.B int des_is_weak_key(key) -des_cblock *key; -.PP -.B char *crypt(passwd,salt) -char *passwd; -char *salt; -.PP -.fi -.SH DESCRIPTION -This library contains a fast implementation of the DES encryption -algorithm. -.PP -There are two phases to the use of DES encryption. -The first is the generation of a -.I des_key_schedule -from a key, -the second is the actual encryption. -A des key is of type -.I des_cblock. -This type is made from 8 characters with odd parity. -The least significant bit in the character is the parity bit. -The key schedule is an expanded form of the key; it is used to speed the -encryption process. -.PP -.I des_read_password -writes the string specified by prompt to the standard output, -turns off echo and reads an input string from standard input -until terminated with a newline. -If verify is non-zero, it prompts and reads the input again and verifies -that both entered passwords are the same. -The entered string is converted into a des key by using the -.I des_string_to_key -routine. -The new key is placed in the -.I des_cblock -that was passed (by reference) to the routine. -If there were no errors, -.I des_read_password -returns 0, --1 is returned if there was a terminal error and 1 is returned for -any other error. -.PP -.I des_read_2password -operates in the same way as -.I des_read_password -except that it generates 2 keys by using the -.I des_string_to_2key -function. -.PP -.I des_read_pw_string -is called by -.I des_read_password -to read and verify a string from a terminal device. -The string is returned in -.I buf. -The size of -.I buf -is passed to the routine via the -.I length -parameter. -.PP -.I des_string_to_key -converts a string into a valid des key. -.PP -.I des_string_to_2key -converts a string into 2 valid des keys. -This routine is best suited for used to generate keys for use with -.I des_ecb3_encrypt. -.PP -.I des_random_key -returns a random key that is made of a combination of process id, -time and an increasing counter. -.PP -Before a des key can be used it is converted into a -.I des_key_schedule -via the -.I des_set_key -routine. -If the -.I des_check_key -flag is non-zero, -.I des_set_key -will check that the key passed is of odd parity and is not a week or -semi-weak key. -If the parity is wrong, -then -1 is returned. -If the key is a weak key, -then -2 is returned. -If an error is returned, -the key schedule is not generated. -.PP -.I des_key_sched -is another name for the -.I des_set_key -function. -.PP -The following routines mostly operate on an input and output stream of -.I des_cblock's. -.PP -.I des_ecb_encrypt -is the basic DES encryption routine that encrypts or decrypts a single 8-byte -.I des_cblock -in -.I electronic code book -mode. -It always transforms the input data, pointed to by -.I input, -into the output data, -pointed to by the -.I output -argument. -If the -.I encrypt -argument is non-zero (DES_ENCRYPT), -the -.I input -(cleartext) is encrypted in to the -.I output -(ciphertext) using the key_schedule specified by the -.I schedule -argument, -previously set via -.I des_set_key. -If -.I encrypt -is zero (DES_DECRYPT), -the -.I input -(now ciphertext) -is decrypted into the -.I output -(now cleartext). -Input and output may overlap. -No meaningful value is returned. -.PP -.I des_ecb3_encrypt -encrypts/decrypts the -.I input -block by using triple ecb DES encryption. -This involves encrypting the input with -.I ks1, -decryption with the key schedule -.I ks2, -and then encryption with the first again. -This routine greatly reduces the chances of brute force breaking of -DES and has the advantage of if -.I ks1 -and -.I ks2 -are the same, it is equivalent to just encryption using ecb mode and -.I ks1 -as the key. -.PP -.I des_cbc_encrypt -encrypts/decrypts using the -.I cipher-block-chaining -mode of DES. -If the -.I encrypt -argument is non-zero, -the routine cipher-block-chain encrypts the cleartext data pointed to by the -.I input -argument into the ciphertext pointed to by the -.I output -argument, -using the key schedule provided by the -.I schedule -argument, -and initialisation vector provided by the -.I ivec -argument. -If the -.I length -argument is not an integral multiple of eight bytes, -the last block is copied to a temporary area and zero filled. -The output is always -an integral multiple of eight bytes. -To make multiple cbc encrypt calls on a large amount of data appear to -be one -.I des_cbc_encrypt -call, the -.I ivec -of subsequent calls should be the last 8 bytes of the output. -.PP -.I des_3cbc_encrypt -encrypts/decrypts the -.I input -block by using triple cbc DES encryption. -This involves encrypting the input with key schedule -.I ks1, -decryption with the key schedule -.I ks2, -and then encryption with the first again. -2 initialisation vectors are required, -.I ivec1 -and -.I ivec2. -Unlike -.I des_cbc_encrypt, -these initialisation vectors are modified by the subroutine. -This routine greatly reduces the chances of brute force breaking of -DES and has the advantage of if -.I ks1 -and -.I ks2 -are the same, it is equivalent to just encryption using cbc mode and -.I ks1 -as the key. -.PP -.I des_pcbc_encrypt -encrypt/decrypts using a modified block chaining mode. -It provides better error propagation characteristics than cbc -encryption. -.PP -.I des_cfb_encrypt -encrypt/decrypts using cipher feedback mode. This method takes an -array of characters as input and outputs and array of characters. It -does not require any padding to 8 character groups. Note: the ivec -variable is changed and the new changed value needs to be passed to -the next call to this function. Since this function runs a complete -DES ecb encryption per numbits, this function is only suggested for -use when sending small numbers of characters. -.PP -.I des_ofb_encrypt -encrypt using output feedback mode. This method takes an -array of characters as input and outputs and array of characters. It -does not require any padding to 8 character groups. Note: the ivec -variable is changed and the new changed value needs to be passed to -the next call to this function. Since this function runs a complete -DES ecb encryption per numbits, this function is only suggested for -use when sending small numbers of characters. -.PP -.I des_cbc_cksum -produces an 8 byte checksum based on the input stream (via cbc encryption). -The last 4 bytes of the checksum is returned and the complete 8 bytes is -placed in -.I output. -.PP -.I des_quad_cksum -returns a 4 byte checksum from the input bytes. -The algorithm can be iterated over the input, -depending on -.I out_count, -1, 2, 3 or 4 times. -If -.I output -is non-NULL, -the 8 bytes generated by each pass are written into -.I output. -.PP -.I des_enc_write -is used to write -.I len -bytes -to file descriptor -.I fd -from buffer -.I buf. -The data is encrypted via -.I pcbc_encrypt -(default) using -.I sched -for the key and -.I iv -as a starting vector. -The actual data send down -.I fd -consists of 4 bytes (in network byte order) containing the length of the -following encrypted data. The encrypted data then follows, padded with random -data out to a multiple of 8 bytes. -.PP -.I des_enc_read -is used to read -.I len -bytes -from file descriptor -.I fd -into buffer -.I buf. -The data being read from -.I fd -is assumed to have come from -.I des_enc_write -and is decrypted using -.I sched -for the key schedule and -.I iv -for the initial vector. -The -.I des_enc_read/des_enc_write -pair can be used to read/write to files, pipes and sockets. -I have used them in implementing a version of rlogin in which all -data is encrypted. -.PP -.I des_rw_mode -is used to specify the encryption mode to use with -.I des_enc_read -and -.I des_end_write. -If set to -.I DES_PCBC_MODE -(the default), des_pcbc_encrypt is used. -If set to -.I DES_CBC_MODE -des_cbc_encrypt is used. -These two routines and the variable are not part of the normal MIT library. -.PP -.I des_set_odd_parity -sets the parity of the passed -.I key -to odd. This routine is not part of the standard MIT library. -.PP -.I des_is_weak_key -returns 1 is the passed key is a weak key (pick again :-), -0 if it is ok. -This routine is not part of the standard MIT library. -.PP -.I crypt -is a replacement for the normal system crypt. -It is much faster than the system crypt. -.PP -.SH FILES -/usr/include/des.h -.br -/usr/lib/libdes.a -.PP -The encryption routines have been tested on 16bit, 32bit and 64bit -machines of various endian and even works under VMS. -.PP -.SH BUGS -.PP -If you think this manual is sparse, -read the des_crypt(3) manual from the MIT kerberos (or bones outside -of the USA) distribution. -.PP -.I des_cfb_encrypt -and -.I des_ofb_encrypt -operates on input of 8 bits. What this means is that if you set -numbits to 12, and length to 2, the first 12 bits will come from the 1st -input byte and the low half of the second input byte. The second 12 -bits will have the low 8 bits taken from the 3rd input byte and the -top 4 bits taken from the 4th input byte. The same holds for output. -This function has been implemented this way because most people will -be using a multiple of 8 and because once you get into pulling bytes input -bytes apart things get ugly! -.PP -.I des_read_pw_string -is the most machine/OS dependent function and normally generates the -most problems when porting this code. -.PP -.I des_string_to_key -is probably different from the MIT version since there are lots -of fun ways to implement one-way encryption of a text string. -.PP -The routines are optimised for 32 bit machines and so are not efficient -on IBM PCs. -.PP -NOTE: extensive work has been done on this library since this document -was origionally written. Please try to read des.doc from the libdes -distribution since it is far more upto date and documents more of the -functions. Libdes is now also being shipped as part of SSLeay, a -general cryptographic library that amonst other things implements -netscapes SSL protocoll. The most recent version can be found in -SSLeay distributions. -.SH AUTHOR -Eric Young (eay@cryptsoft.com) diff --git a/src/libcrypto/libdes/des_enc.c b/src/libcrypto/libdes/des_enc.c deleted file mode 100644 index 1e1906d25..000000000 --- a/src/libcrypto/libdes/des_enc.c +++ /dev/null @@ -1,502 +0,0 @@ -/* crypto/des/des_enc.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -void des_encrypt(data, ks, enc) -DES_LONG *data; -des_key_schedule ks; -int enc; - { - register DES_LONG l,r,t,u; -#ifdef DES_PTR - register unsigned char *des_SP=(unsigned char *)des_SPtrans; -#endif -#ifndef DES_UNROLL - register int i; -#endif - register DES_LONG *s; - - r=data[0]; - l=data[1]; - - IP(r,l); - /* Things have been modified so that the initial rotate is - * done outside the loop. This required the - * des_SPtrans values in sp.h to be rotated 1 bit to the right. - * One perl script later and things have a 5% speed up on a sparc2. - * Thanks to Richard Outerbridge <71755.204@CompuServe.COM> - * for pointing this out. */ - /* clear the top bits on machines with 8byte longs */ - /* shift left by 2 */ - r=ROTATE(r,29)&0xffffffffL; - l=ROTATE(l,29)&0xffffffffL; - - s=(DES_LONG *)ks; - /* I don't know if it is worth the effort of loop unrolling the - * inner loop */ - if (enc) - { -#ifdef DES_UNROLL - D_ENCRYPT(l,r, 0); /* 1 */ - D_ENCRYPT(r,l, 2); /* 2 */ - D_ENCRYPT(l,r, 4); /* 3 */ - D_ENCRYPT(r,l, 6); /* 4 */ - D_ENCRYPT(l,r, 8); /* 5 */ - D_ENCRYPT(r,l,10); /* 6 */ - D_ENCRYPT(l,r,12); /* 7 */ - D_ENCRYPT(r,l,14); /* 8 */ - D_ENCRYPT(l,r,16); /* 9 */ - D_ENCRYPT(r,l,18); /* 10 */ - D_ENCRYPT(l,r,20); /* 11 */ - D_ENCRYPT(r,l,22); /* 12 */ - D_ENCRYPT(l,r,24); /* 13 */ - D_ENCRYPT(r,l,26); /* 14 */ - D_ENCRYPT(l,r,28); /* 15 */ - D_ENCRYPT(r,l,30); /* 16 */ -#else - for (i=0; i<32; i+=8) - { - D_ENCRYPT(l,r,i+0); /* 1 */ - D_ENCRYPT(r,l,i+2); /* 2 */ - D_ENCRYPT(l,r,i+4); /* 3 */ - D_ENCRYPT(r,l,i+6); /* 4 */ - } -#endif - } - else - { -#ifdef DES_UNROLL - D_ENCRYPT(l,r,30); /* 16 */ - D_ENCRYPT(r,l,28); /* 15 */ - D_ENCRYPT(l,r,26); /* 14 */ - D_ENCRYPT(r,l,24); /* 13 */ - D_ENCRYPT(l,r,22); /* 12 */ - D_ENCRYPT(r,l,20); /* 11 */ - D_ENCRYPT(l,r,18); /* 10 */ - D_ENCRYPT(r,l,16); /* 9 */ - D_ENCRYPT(l,r,14); /* 8 */ - D_ENCRYPT(r,l,12); /* 7 */ - D_ENCRYPT(l,r,10); /* 6 */ - D_ENCRYPT(r,l, 8); /* 5 */ - D_ENCRYPT(l,r, 6); /* 4 */ - D_ENCRYPT(r,l, 4); /* 3 */ - D_ENCRYPT(l,r, 2); /* 2 */ - D_ENCRYPT(r,l, 0); /* 1 */ -#else - for (i=30; i>0; i-=8) - { - D_ENCRYPT(l,r,i-0); /* 16 */ - D_ENCRYPT(r,l,i-2); /* 15 */ - D_ENCRYPT(l,r,i-4); /* 14 */ - D_ENCRYPT(r,l,i-6); /* 13 */ - } -#endif - } - - /* rotate and clear the top bits on machines with 8byte longs */ - l=ROTATE(l,3)&0xffffffffL; - r=ROTATE(r,3)&0xffffffffL; - - FP(r,l); - data[0]=l; - data[1]=r; - l=r=t=u=0; - } - -void des_encrypt2(data, ks, enc) -DES_LONG *data; -des_key_schedule ks; -int enc; - { - register DES_LONG l,r,t,u; -#ifdef DES_PTR - register unsigned char *des_SP=(unsigned char *)des_SPtrans; -#endif -#ifndef DES_UNROLL - register int i; -#endif - register DES_LONG *s; - - r=data[0]; - l=data[1]; - - /* Things have been modified so that the initial rotate is - * done outside the loop. This required the - * des_SPtrans values in sp.h to be rotated 1 bit to the right. - * One perl script later and things have a 5% speed up on a sparc2. - * Thanks to Richard Outerbridge <71755.204@CompuServe.COM> - * for pointing this out. */ - /* clear the top bits on machines with 8byte longs */ - r=ROTATE(r,29)&0xffffffffL; - l=ROTATE(l,29)&0xffffffffL; - - s=(DES_LONG *)ks; - /* I don't know if it is worth the effort of loop unrolling the - * inner loop */ - if (enc) - { -#ifdef DES_UNROLL - D_ENCRYPT(l,r, 0); /* 1 */ - D_ENCRYPT(r,l, 2); /* 2 */ - D_ENCRYPT(l,r, 4); /* 3 */ - D_ENCRYPT(r,l, 6); /* 4 */ - D_ENCRYPT(l,r, 8); /* 5 */ - D_ENCRYPT(r,l,10); /* 6 */ - D_ENCRYPT(l,r,12); /* 7 */ - D_ENCRYPT(r,l,14); /* 8 */ - D_ENCRYPT(l,r,16); /* 9 */ - D_ENCRYPT(r,l,18); /* 10 */ - D_ENCRYPT(l,r,20); /* 11 */ - D_ENCRYPT(r,l,22); /* 12 */ - D_ENCRYPT(l,r,24); /* 13 */ - D_ENCRYPT(r,l,26); /* 14 */ - D_ENCRYPT(l,r,28); /* 15 */ - D_ENCRYPT(r,l,30); /* 16 */ -#else - for (i=0; i<32; i+=8) - { - D_ENCRYPT(l,r,i+0); /* 1 */ - D_ENCRYPT(r,l,i+2); /* 2 */ - D_ENCRYPT(l,r,i+4); /* 3 */ - D_ENCRYPT(r,l,i+6); /* 4 */ - } -#endif - } - else - { -#ifdef DES_UNROLL - D_ENCRYPT(l,r,30); /* 16 */ - D_ENCRYPT(r,l,28); /* 15 */ - D_ENCRYPT(l,r,26); /* 14 */ - D_ENCRYPT(r,l,24); /* 13 */ - D_ENCRYPT(l,r,22); /* 12 */ - D_ENCRYPT(r,l,20); /* 11 */ - D_ENCRYPT(l,r,18); /* 10 */ - D_ENCRYPT(r,l,16); /* 9 */ - D_ENCRYPT(l,r,14); /* 8 */ - D_ENCRYPT(r,l,12); /* 7 */ - D_ENCRYPT(l,r,10); /* 6 */ - D_ENCRYPT(r,l, 8); /* 5 */ - D_ENCRYPT(l,r, 6); /* 4 */ - D_ENCRYPT(r,l, 4); /* 3 */ - D_ENCRYPT(l,r, 2); /* 2 */ - D_ENCRYPT(r,l, 0); /* 1 */ -#else - for (i=30; i>0; i-=8) - { - D_ENCRYPT(l,r,i-0); /* 16 */ - D_ENCRYPT(r,l,i-2); /* 15 */ - D_ENCRYPT(l,r,i-4); /* 14 */ - D_ENCRYPT(r,l,i-6); /* 13 */ - } -#endif - } - /* rotate and clear the top bits on machines with 8byte longs */ - data[0]=ROTATE(l,3)&0xffffffffL; - data[1]=ROTATE(r,3)&0xffffffffL; - l=r=t=u=0; - } - -void des_encrypt3(data,ks1,ks2,ks3) -DES_LONG *data; -des_key_schedule ks1; -des_key_schedule ks2; -des_key_schedule ks3; - { - register DES_LONG l,r; - - l=data[0]; - r=data[1]; - IP(l,r); - data[0]=l; - data[1]=r; - des_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT); - des_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT); - des_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT); - l=data[0]; - r=data[1]; - FP(r,l); - data[0]=l; - data[1]=r; - } - -void des_decrypt3(data,ks1,ks2,ks3) -DES_LONG *data; -des_key_schedule ks1; -des_key_schedule ks2; -des_key_schedule ks3; - { - register DES_LONG l,r; - - l=data[0]; - r=data[1]; - IP(l,r); - data[0]=l; - data[1]=r; - des_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT); - des_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT); - des_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT); - l=data[0]; - r=data[1]; - FP(r,l); - data[0]=l; - data[1]=r; - } - -#ifndef DES_DEFAULT_OPTIONS - -void des_ncbc_encrypt(input, output, length, schedule, ivec, enc) -des_cblock (*input); -des_cblock (*output); -long length; -des_key_schedule schedule; -des_cblock (*ivec); -int enc; - { - register DES_LONG tin0,tin1; - register DES_LONG tout0,tout1,xor0,xor1; - register unsigned char *in,*out; - register long l=length; - DES_LONG tin[2]; - unsigned char *iv; - - in=(unsigned char *)input; - out=(unsigned char *)output; - iv=(unsigned char *)ivec; - - if (enc) - { - c2l(iv,tout0); - c2l(iv,tout1); - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); - c2l(in,tin1); - tin0^=tout0; tin[0]=tin0; - tin1^=tout1; tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); - tout0=tin[0]; l2c(tout0,out); - tout1=tin[1]; l2c(tout1,out); - } - if (l != -8) - { - c2ln(in,tin0,tin1,l+8); - tin0^=tout0; tin[0]=tin0; - tin1^=tout1; tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); - tout0=tin[0]; l2c(tout0,out); - tout1=tin[1]; l2c(tout1,out); - } - iv=(unsigned char *)ivec; - l2c(tout0,iv); - l2c(tout1,iv); - } - else - { - c2l(iv,xor0); - c2l(iv,xor1); - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); tin[0]=tin0; - c2l(in,tin1); tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2c(tout0,out); - l2c(tout1,out); - xor0=tin0; - xor1=tin1; - } - if (l != -8) - { - c2l(in,tin0); tin[0]=tin0; - c2l(in,tin1); tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2cn(tout0,tout1,out,l+8); - xor0=tin0; - xor1=tin1; - } - - iv=(unsigned char *)ivec; - l2c(xor0,iv); - l2c(xor1,iv); - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; - } - -void des_ede3_cbc_encrypt(input, output, length, ks1, ks2, ks3, ivec, enc) -des_cblock (*input); -des_cblock (*output); -long length; -des_key_schedule ks1; -des_key_schedule ks2; -des_key_schedule ks3; -des_cblock (*ivec); -int enc; - { - register DES_LONG tin0,tin1; - register DES_LONG tout0,tout1,xor0,xor1; - register unsigned char *in,*out; - register long l=length; - DES_LONG tin[2]; - unsigned char *iv; - - in=(unsigned char *)input; - out=(unsigned char *)output; - iv=(unsigned char *)ivec; - - if (enc) - { - c2l(iv,tout0); - c2l(iv,tout1); - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); - c2l(in,tin1); - tin0^=tout0; - tin1^=tout1; - - tin[0]=tin0; - tin[1]=tin1; - des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3); - tout0=tin[0]; - tout1=tin[1]; - - l2c(tout0,out); - l2c(tout1,out); - } - if (l != -8) - { - c2ln(in,tin0,tin1,l+8); - tin0^=tout0; - tin1^=tout1; - - tin[0]=tin0; - tin[1]=tin1; - des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3); - tout0=tin[0]; - tout1=tin[1]; - - l2c(tout0,out); - l2c(tout1,out); - } - iv=(unsigned char *)ivec; - l2c(tout0,iv); - l2c(tout1,iv); - } - else - { - register DES_LONG t0,t1; - - c2l(iv,xor0); - c2l(iv,xor1); - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); - c2l(in,tin1); - - t0=tin0; - t1=tin1; - - tin[0]=tin0; - tin[1]=tin1; - des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3); - tout0=tin[0]; - tout1=tin[1]; - - tout0^=xor0; - tout1^=xor1; - l2c(tout0,out); - l2c(tout1,out); - xor0=t0; - xor1=t1; - } - if (l != -8) - { - c2l(in,tin0); - c2l(in,tin1); - - t0=tin0; - t1=tin1; - - tin[0]=tin0; - tin[1]=tin1; - des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3); - tout0=tin[0]; - tout1=tin[1]; - - tout0^=xor0; - tout1^=xor1; - l2cn(tout0,tout1,out,l+8); - xor0=t0; - xor1=t1; - } - - iv=(unsigned char *)ivec; - l2c(xor0,iv); - l2c(xor1,iv); - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; - } - -#endif /* DES_DEFAULT_OPTIONS */ diff --git a/src/libcrypto/libdes/des_locl.h b/src/libcrypto/libdes/des_locl.h deleted file mode 100644 index 4e0b3662f..000000000 --- a/src/libcrypto/libdes/des_locl.h +++ /dev/null @@ -1,515 +0,0 @@ -/* crypto/des/des_locl.org */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING - * - * Always modify des_locl.org since des_locl.h is automatically generated from - * it during SSLeay configuration. - * - * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING - */ - -#ifndef HEADER_DES_LOCL_H -#define HEADER_DES_LOCL_H - -#if defined(WIN32) || defined(WIN16) -#ifndef MSDOS -#define MSDOS -#endif -#endif - -#include "des.h" - -#ifndef DES_DEFAULT_OPTIONS -/* the following is tweaked from a config script, that is why it is a - * protected undef/define */ -#ifndef DES_PTR -#define DES_PTR -#endif - -/* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more - * registers */ -#ifndef DES_RISC1 -#define DES_RISC1 -#endif - -#ifndef DES_RISC2 -#undef DES_RISC2 -#endif - -#if defined(DES_RISC1) && defined(DES_RISC2) -YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! -#endif - -/* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ -#ifndef DES_UNROLL -#define DES_UNROLL -#endif - -/* These default values were supplied by - * Peter Gutman <pgut001@cs.auckland.ac.nz> - * They are only used if nothing else has been defined */ -#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) -/* Special defines which change the way the code is built depending on the - CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find - even newer MIPS CPU's, but at the moment one size fits all for - optimization options. Older Sparc's work better with only UNROLL, but - there's no way to tell at compile time what it is you're running on */ - -#if defined( sun ) /* Newer Sparc's */ - #define DES_PTR - #define DES_RISC1 - #define DES_UNROLL -#elif defined( __ultrix ) /* Older MIPS */ - #define DES_PTR - #define DES_RISC2 - #define DES_UNROLL -#elif defined( __osf1__ ) /* Alpha */ - #define DES_PTR - #define DES_RISC2 -#elif defined ( _AIX ) /* RS6000 */ - /* Unknown */ -#elif defined( __hpux ) /* HP-PA */ - /* Unknown */ -#elif defined( __aux ) /* 68K */ - /* Unknown */ -#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ - #define DES_UNROLL -#elif defined( __sgi ) /* Newer MIPS */ - #define DES_PTR - #define DES_RISC2 - #define DES_UNROLL -#elif defined( i386 ) /* x86 boxes, should be gcc */ - #define DES_PTR - #define DES_RISC1 - #define DES_UNROLL -#endif /* Systems-specific speed defines */ -#endif - -#endif /* DES_DEFAULT_OPTIONS */ - -#ifdef MSDOS /* Visual C++ 2.1 (Windows NT/95) */ -#include <stdlib.h> -#include <errno.h> -#include <time.h> -#include <io.h> -#ifndef RAND -#define RAND -#endif -#undef NOPROTO -#endif - -#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS) -#ifndef __KERNEL__ -#include <string.h> -#else -#include <linux/string.h> -#endif -#endif - -#ifndef RAND -#define RAND -#endif - -#ifdef linux -#undef RAND -#endif - -#ifdef MSDOS -#define getpid() 2 -#define RAND -#undef NOPROTO -#endif - -#if defined(NOCONST) -#define const -#endif - -#ifdef __STDC__ -#undef NOPROTO -#endif - -#ifdef RAND -#define srandom(s) srand(s) -#define random rand -#endif - -#define ITERATIONS 16 -#define HALF_ITERATIONS 8 - -/* used in des_read and des_write */ -#define MAXWRITE (1024*16) -#define BSIZE (MAXWRITE+4) - -#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \ - l|=((DES_LONG)(*((c)++)))<< 8L, \ - l|=((DES_LONG)(*((c)++)))<<16L, \ - l|=((DES_LONG)(*((c)++)))<<24L) - -/* NOTE - c is not incremented as per c2l */ -#define c2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \ - case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \ - case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \ - case 5: l2|=((DES_LONG)(*(--(c)))); \ - case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \ - case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \ - case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \ - case 1: l1|=((DES_LONG)(*(--(c)))); \ - } \ - } - -#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24L)&0xff)) - -/* replacements for htonl and ntohl since I have no idea what to do - * when faced with machines with 8 byte longs. */ -#define HDRSIZE 4 - -#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \ - l|=((DES_LONG)(*((c)++)))<<16L, \ - l|=((DES_LONG)(*((c)++)))<< 8L, \ - l|=((DES_LONG)(*((c)++)))) - -#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -/* NOTE - c is not incremented as per l2c */ -#define l2cn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ - } \ - } - -#if defined(WIN32) -#define ROTATE(a,n) (_lrotr(a,n)) -#else -#define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n)))) -#endif - -/* Don't worry about the LOAD_DATA() stuff, that is used by - * fcrypt() to add it's little bit to the front */ - -#ifdef DES_FCRYPT - -#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \ - { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); } - -#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \ - t=R^(R>>16L); \ - u=t&E0; t&=E1; \ - tmp=(u<<16); u^=R^s[S ]; u^=tmp; \ - tmp=(t<<16); t^=R^s[S+1]; t^=tmp -#else -#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g) -#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \ - u=R^s[S ]; \ - t=R^s[S+1] -#endif - -/* The changes to this macro may help or hinder, depending on the - * compiler and the achitecture. gcc2 always seems to do well :-). - * Inspired by Dana How <how@isl.stanford.edu> - * DO NOT use the alternative version on machines with 8 byte longs. - * It does not seem to work on the Alpha, even when DES_LONG is 4 - * bytes, probably an issue of accessing non-word aligned objects :-( */ -#ifdef DES_PTR - -/* It recently occured to me that 0^0^0^0^0^0^0 == 0, so there - * is no reason to not xor all the sub items together. This potentially - * saves a register since things can be xored directly into L */ - -#if defined(DES_RISC1) || defined(DES_RISC2) -#ifdef DES_RISC1 -#define D_ENCRYPT(LL,R,S) { \ - unsigned int u1,u2,u3; \ - LOAD_DATA(R,S,u,t,E0,E1,u1); \ - u2=(int)u>>8L; \ - u1=(int)u&0xfc; \ - u2&=0xfc; \ - t=ROTATE(t,4); \ - u>>=16L; \ - LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \ - u3=(int)(u>>8L); \ - u1=(int)u&0xfc; \ - u3&=0xfc; \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+u1); \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+u3); \ - u2=(int)t>>8L; \ - u1=(int)t&0xfc; \ - u2&=0xfc; \ - t>>=16L; \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \ - u3=(int)t>>8L; \ - u1=(int)t&0xfc; \ - u3&=0xfc; \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+u1); \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+u3); } -#endif -#ifdef DES_RISC2 -#define D_ENCRYPT(LL,R,S) { \ - unsigned int u1,u2,s1,s2; \ - LOAD_DATA(R,S,u,t,E0,E1,u1); \ - u2=(int)u>>8L; \ - u1=(int)u&0xfc; \ - u2&=0xfc; \ - t=ROTATE(t,4); \ - LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \ - s1=(int)(u>>16L); \ - s2=(int)(u>>24L); \ - s1&=0xfc; \ - s2&=0xfc; \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+s1); \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+s2); \ - u2=(int)t>>8L; \ - u1=(int)t&0xfc; \ - u2&=0xfc; \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \ - s1=(int)(t>>16L); \ - s2=(int)(t>>24L); \ - s1&=0xfc; \ - s2&=0xfc; \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+s1); \ - LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+s2); } -#endif -#else -#define D_ENCRYPT(LL,R,S) { \ - LOAD_DATA_tmp(R,S,u,t,E0,E1); \ - t=ROTATE(t,4); \ - LL^= \ - *(DES_LONG *)((unsigned char *)des_SP +((u )&0xfc))^ \ - *(DES_LONG *)((unsigned char *)des_SP+0x200+((u>> 8L)&0xfc))^ \ - *(DES_LONG *)((unsigned char *)des_SP+0x400+((u>>16L)&0xfc))^ \ - *(DES_LONG *)((unsigned char *)des_SP+0x600+((u>>24L)&0xfc))^ \ - *(DES_LONG *)((unsigned char *)des_SP+0x100+((t )&0xfc))^ \ - *(DES_LONG *)((unsigned char *)des_SP+0x300+((t>> 8L)&0xfc))^ \ - *(DES_LONG *)((unsigned char *)des_SP+0x500+((t>>16L)&0xfc))^ \ - *(DES_LONG *)((unsigned char *)des_SP+0x700+((t>>24L)&0xfc)); } -#endif - -#else /* original version */ - -#if defined(DES_RISC1) || defined(DES_RISC2) -#ifdef DES_RISC1 -#define D_ENCRYPT(LL,R,S) {\ - unsigned int u1,u2,u3; \ - LOAD_DATA(R,S,u,t,E0,E1,u1); \ - u>>=2L; \ - t=ROTATE(t,6); \ - u2=(int)u>>8L; \ - u1=(int)u&0x3f; \ - u2&=0x3f; \ - u>>=16L; \ - LL^=des_SPtrans[0][u1]; \ - LL^=des_SPtrans[2][u2]; \ - u3=(int)u>>8L; \ - u1=(int)u&0x3f; \ - u3&=0x3f; \ - LL^=des_SPtrans[4][u1]; \ - LL^=des_SPtrans[6][u3]; \ - u2=(int)t>>8L; \ - u1=(int)t&0x3f; \ - u2&=0x3f; \ - t>>=16L; \ - LL^=des_SPtrans[1][u1]; \ - LL^=des_SPtrans[3][u2]; \ - u3=(int)t>>8L; \ - u1=(int)t&0x3f; \ - u3&=0x3f; \ - LL^=des_SPtrans[5][u1]; \ - LL^=des_SPtrans[7][u3]; } -#endif -#ifdef DES_RISC2 -#define D_ENCRYPT(LL,R,S) {\ - unsigned int u1,u2,s1,s2; \ - LOAD_DATA(R,S,u,t,E0,E1,u1); \ - u>>=2L; \ - t=ROTATE(t,6); \ - u2=(int)u>>8L; \ - u1=(int)u&0x3f; \ - u2&=0x3f; \ - LL^=des_SPtrans[0][u1]; \ - LL^=des_SPtrans[2][u2]; \ - s1=(int)u>>16L; \ - s2=(int)u>>24L; \ - s1&=0x3f; \ - s2&=0x3f; \ - LL^=des_SPtrans[4][s1]; \ - LL^=des_SPtrans[6][s2]; \ - u2=(int)t>>8L; \ - u1=(int)t&0x3f; \ - u2&=0x3f; \ - LL^=des_SPtrans[1][u1]; \ - LL^=des_SPtrans[3][u2]; \ - s1=(int)t>>16; \ - s2=(int)t>>24L; \ - s1&=0x3f; \ - s2&=0x3f; \ - LL^=des_SPtrans[5][s1]; \ - LL^=des_SPtrans[7][s2]; } -#endif - -#else - -#define D_ENCRYPT(LL,R,S) {\ - LOAD_DATA_tmp(R,S,u,t,E0,E1); \ - t=ROTATE(t,4); \ - LL^=\ - des_SPtrans[0][(u>> 2L)&0x3f]^ \ - des_SPtrans[2][(u>>10L)&0x3f]^ \ - des_SPtrans[4][(u>>18L)&0x3f]^ \ - des_SPtrans[6][(u>>26L)&0x3f]^ \ - des_SPtrans[1][(t>> 2L)&0x3f]^ \ - des_SPtrans[3][(t>>10L)&0x3f]^ \ - des_SPtrans[5][(t>>18L)&0x3f]^ \ - des_SPtrans[7][(t>>26L)&0x3f]; } -#endif -#endif - - /* IP and FP - * The problem is more of a geometric problem that random bit fiddling. - 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6 - 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4 - 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2 - 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0 - - 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7 - 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5 - 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3 - 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1 - - The output has been subject to swaps of the form - 0 1 -> 3 1 but the odd and even bits have been put into - 2 3 2 0 - different words. The main trick is to remember that - t=((l>>size)^r)&(mask); - r^=t; - l^=(t<<size); - can be used to swap and move bits between words. - - So l = 0 1 2 3 r = 16 17 18 19 - 4 5 6 7 20 21 22 23 - 8 9 10 11 24 25 26 27 - 12 13 14 15 28 29 30 31 - becomes (for size == 2 and mask == 0x3333) - t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19 - 6^20 7^21 -- -- 4 5 20 21 6 7 22 23 - 10^24 11^25 -- -- 8 9 24 25 10 11 24 25 - 14^28 15^29 -- -- 12 13 28 29 14 15 28 29 - - Thanks for hints from Richard Outerbridge - he told me IP&FP - could be done in 15 xor, 10 shifts and 5 ands. - When I finally started to think of the problem in 2D - I first got ~42 operations without xors. When I remembered - how to use xors :-) I got it to its final state. - */ -#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\ - (b)^=(t),\ - (a)^=((t)<<(n))) - -#define IP(l,r) \ - { \ - register DES_LONG tt; \ - PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \ - PERM_OP(l,r,tt,16,0x0000ffffL); \ - PERM_OP(r,l,tt, 2,0x33333333L); \ - PERM_OP(l,r,tt, 8,0x00ff00ffL); \ - PERM_OP(r,l,tt, 1,0x55555555L); \ - } - -#define FP(l,r) \ - { \ - register DES_LONG tt; \ - PERM_OP(l,r,tt, 1,0x55555555L); \ - PERM_OP(r,l,tt, 8,0x00ff00ffL); \ - PERM_OP(l,r,tt, 2,0x33333333L); \ - PERM_OP(r,l,tt,16,0x0000ffffL); \ - PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \ - } - -extern const DES_LONG des_SPtrans[8][64]; - -#ifndef NOPROTO -void fcrypt_body(DES_LONG *out,des_key_schedule ks, - DES_LONG Eswap0, DES_LONG Eswap1); -#else -void fcrypt_body(); -#endif - -#endif diff --git a/src/libcrypto/libdes/des_ver.h b/src/libcrypto/libdes/des_ver.h deleted file mode 100644 index 98352bc0d..000000000 --- a/src/libcrypto/libdes/des_ver.h +++ /dev/null @@ -1,60 +0,0 @@ -/* crypto/des/des_ver.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -extern char *DES_version; /* SSLeay version string */ -extern char *libdes_version; /* old libdes version string */ diff --git a/src/libcrypto/libdes/destest.c b/src/libcrypto/libdes/destest.c deleted file mode 100644 index ae896499e..000000000 --- a/src/libcrypto/libdes/destest.c +++ /dev/null @@ -1,871 +0,0 @@ -/* crypto/des/destest.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#if defined(WIN32) || defined(WIN16) || defined(WINDOWS) -#ifndef MSDOS -#define MSDOS -#endif -#endif - -#include <stdio.h> -#include <stdlib.h> -#ifndef MSDOS -#include <unistd.h> -#else -#include <io.h> -#endif -#include <string.h> -#include "des_locl.h" - -/* tisk tisk - the test keys don't all have odd parity :-( */ -/* test data */ -#define NUM_TESTS 34 -static unsigned char key_data[NUM_TESTS][8]={ - {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, - {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}, - {0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, - {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11}, - {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, - {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11}, - {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, - {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}, - {0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57}, - {0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E}, - {0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86}, - {0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E}, - {0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6}, - {0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE}, - {0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6}, - {0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE}, - {0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16}, - {0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F}, - {0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46}, - {0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E}, - {0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76}, - {0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07}, - {0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F}, - {0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7}, - {0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF}, - {0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6}, - {0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF}, - {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, - {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E}, - {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE}, - {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, - {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}, - {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, - {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}}; - -static unsigned char plain_data[NUM_TESTS][8]={ - {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, - {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}, - {0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01}, - {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11}, - {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11}, - {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, - {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, - {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, - {0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42}, - {0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA}, - {0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72}, - {0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A}, - {0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2}, - {0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A}, - {0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2}, - {0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A}, - {0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02}, - {0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A}, - {0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32}, - {0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA}, - {0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62}, - {0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2}, - {0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA}, - {0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92}, - {0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A}, - {0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2}, - {0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A}, - {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, - {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, - {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, - {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}, - {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, - {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, - {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}}; - -static unsigned char cipher_data[NUM_TESTS][8]={ - {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7}, - {0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58}, - {0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B}, - {0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33}, - {0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D}, - {0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD}, - {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7}, - {0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4}, - {0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B}, - {0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71}, - {0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A}, - {0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A}, - {0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95}, - {0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B}, - {0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09}, - {0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A}, - {0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F}, - {0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88}, - {0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77}, - {0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A}, - {0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56}, - {0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56}, - {0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56}, - {0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC}, - {0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A}, - {0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41}, - {0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93}, - {0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00}, - {0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06}, - {0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7}, - {0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51}, - {0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE}, - {0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D}, - {0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2}}; - -static unsigned char cipher_ecb2[NUM_TESTS-1][8]={ - {0x92,0x95,0xB5,0x9B,0xB3,0x84,0x73,0x6E}, - {0x19,0x9E,0x9D,0x6D,0xF3,0x9A,0xA8,0x16}, - {0x2A,0x4B,0x4D,0x24,0x52,0x43,0x84,0x27}, - {0x35,0x84,0x3C,0x01,0x9D,0x18,0xC5,0xB6}, - {0x4A,0x5B,0x2F,0x42,0xAA,0x77,0x19,0x25}, - {0xA0,0x6B,0xA9,0xB8,0xCA,0x5B,0x17,0x8A}, - {0xAB,0x9D,0xB7,0xFB,0xED,0x95,0xF2,0x74}, - {0x3D,0x25,0x6C,0x23,0xA7,0x25,0x2F,0xD6}, - {0xB7,0x6F,0xAB,0x4F,0xBD,0xBD,0xB7,0x67}, - {0x8F,0x68,0x27,0xD6,0x9C,0xF4,0x1A,0x10}, - {0x82,0x57,0xA1,0xD6,0x50,0x5E,0x81,0x85}, - {0xA2,0x0F,0x0A,0xCD,0x80,0x89,0x7D,0xFA}, - {0xCD,0x2A,0x53,0x3A,0xDB,0x0D,0x7E,0xF3}, - {0xD2,0xC2,0xBE,0x27,0xE8,0x1B,0x68,0xE3}, - {0xE9,0x24,0xCF,0x4F,0x89,0x3C,0x5B,0x0A}, - {0xA7,0x18,0xC3,0x9F,0xFA,0x9F,0xD7,0x69}, - {0x77,0x2C,0x79,0xB1,0xD2,0x31,0x7E,0xB1}, - {0x49,0xAB,0x92,0x7F,0xD0,0x22,0x00,0xB7}, - {0xCE,0x1C,0x6C,0x7D,0x85,0xE3,0x4A,0x6F}, - {0xBE,0x91,0xD6,0xE1,0x27,0xB2,0xE9,0x87}, - {0x70,0x28,0xAE,0x8F,0xD1,0xF5,0x74,0x1A}, - {0xAA,0x37,0x80,0xBB,0xF3,0x22,0x1D,0xDE}, - {0xA6,0xC4,0xD2,0x5E,0x28,0x93,0xAC,0xB3}, - {0x22,0x07,0x81,0x5A,0xE4,0xB7,0x1A,0xAD}, - {0xDC,0xCE,0x05,0xE7,0x07,0xBD,0xF5,0x84}, - {0x26,0x1D,0x39,0x2C,0xB3,0xBA,0xA5,0x85}, - {0xB4,0xF7,0x0F,0x72,0xFB,0x04,0xF0,0xDC}, - {0x95,0xBA,0xA9,0x4E,0x87,0x36,0xF2,0x89}, - {0xD4,0x07,0x3A,0xF1,0x5A,0x17,0x82,0x0E}, - {0xEF,0x6F,0xAF,0xA7,0x66,0x1A,0x7E,0x89}, - {0xC1,0x97,0xF5,0x58,0x74,0x8A,0x20,0xE7}, - {0x43,0x34,0xCF,0xDA,0x22,0xC4,0x86,0xC8}, - {0x08,0xD7,0xB4,0xFB,0x62,0x9D,0x08,0x85}}; - -static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}; -static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87}; -static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10}; -static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10}; -static char cbc_data[40]="7654321 Now is the time for \0001"; - -static unsigned char cbc_ok[32]={ - 0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4, - 0xac,0xd8,0xae,0xfd,0xdf,0xd8,0xa1,0xeb, - 0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68, - 0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4}; - -static unsigned char xcbc_ok[32]={ - 0x86,0x74,0x81,0x0D,0x61,0xA4,0xA5,0x48, - 0xB9,0x93,0x03,0xE1,0xB8,0xBB,0xBD,0xBD, - 0x64,0x30,0x0B,0xB9,0x06,0x65,0x81,0x76, - 0x04,0x1D,0x77,0x62,0x17,0xCA,0x2B,0xD2, - }; - -static unsigned char cbc3_ok[32]={ - 0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0, - 0x22,0x13,0x76,0x3C,0x1C,0xBD,0x4C,0xDC, - 0x79,0x96,0x57,0xC0,0x64,0xEC,0xF5,0xD4, - 0x1C,0x67,0x38,0x12,0xCF,0xDE,0x96,0x75}; - -static unsigned char pcbc_ok[32]={ - 0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4, - 0x6d,0xec,0xb4,0x70,0xa0,0xe5,0x6b,0x15, - 0xae,0xa6,0xbf,0x61,0xed,0x7d,0x9c,0x9f, - 0xf7,0x17,0x46,0x3b,0x8a,0xb3,0xcc,0x88}; - -static unsigned char cfb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}; -static unsigned char cfb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef}; -static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8]; -static unsigned char plain[24]= - { - 0x4e,0x6f,0x77,0x20,0x69,0x73, - 0x20,0x74,0x68,0x65,0x20,0x74, - 0x69,0x6d,0x65,0x20,0x66,0x6f, - 0x72,0x20,0x61,0x6c,0x6c,0x20 - }; -static unsigned char cfb_cipher8[24]= { - 0xf3,0x1f,0xda,0x07,0x01,0x14, 0x62,0xee,0x18,0x7f,0x43,0xd8, - 0x0a,0x7c,0xd9,0xb5,0xb0,0xd2, 0x90,0xda,0x6e,0x5b,0x9a,0x87 }; -static unsigned char cfb_cipher16[24]={ - 0xF3,0x09,0x87,0x87,0x7F,0x57, 0xF7,0x3C,0x36,0xB6,0xDB,0x70, - 0xD8,0xD5,0x34,0x19,0xD3,0x86, 0xB2,0x23,0xB7,0xB2,0xAD,0x1B }; -static unsigned char cfb_cipher32[24]={ - 0xF3,0x09,0x62,0x49,0xA4,0xDF, 0xA4,0x9F,0x33,0xDC,0x7B,0xAD, - 0x4C,0xC8,0x9F,0x64,0xE4,0x53, 0xE5,0xEC,0x67,0x20,0xDA,0xB6 }; -static unsigned char cfb_cipher48[24]={ - 0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x30,0xB5,0x15,0xEC,0xBB,0x85, - 0x97,0x5A,0x13,0x8C,0x68,0x60, 0xE2,0x38,0x34,0x3C,0xDC,0x1F }; -static unsigned char cfb_cipher64[24]={ - 0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x6E,0x51,0xA6,0x9E,0x83,0x9B, - 0x1A,0x92,0xF7,0x84,0x03,0x46, 0x71,0x33,0x89,0x8E,0xA6,0x22 }; - -static unsigned char ofb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}; -static unsigned char ofb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef}; -static unsigned char ofb_buf1[24],ofb_buf2[24],ofb_tmp[8]; -static unsigned char ofb_cipher[24]= - { - 0xf3,0x09,0x62,0x49,0xc7,0xf4,0x6e,0x51, - 0x35,0xf2,0x4a,0x24,0x2e,0xeb,0x3d,0x3f, - 0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3 - }; - -DES_LONG cbc_cksum_ret=0xB462FEF7L; -unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4}; - -#ifndef NOPROTO -static char *pt(unsigned char *p); -static int cfb_test(int bits, unsigned char *cfb_cipher); -static int cfb64_test(unsigned char *cfb_cipher); -static int ede_cfb64_test(unsigned char *cfb_cipher); -#else -static char *pt(); -static int cfb_test(); -static int cfb64_test(); -static int ede_cfb64_test(); -#endif - -int main(argc,argv) -int argc; -char *argv[]; - { - int i,j,err=0; - des_cblock in,out,outin,iv3; - des_key_schedule ks,ks2,ks3; - unsigned char cbc_in[40]; - unsigned char cbc_out[40]; - DES_LONG cs; - unsigned char qret[4][4],cret[8]; - DES_LONG lqret[4]; - int num; - char *str; - - printf("Doing ecb\n"); - for (i=0; i<NUM_TESTS; i++) - { - if ((j=des_key_sched((C_Block *)(key_data[i]),ks)) != 0) - { - printf("Key error %2d:%d\n",i+1,j); - err=1; - } - memcpy(in,plain_data[i],8); - memset(out,0,8); - memset(outin,0,8); - des_ecb_encrypt((C_Block *)in,(C_Block *)out,ks,DES_ENCRYPT); - des_ecb_encrypt((C_Block *)out,(C_Block *)outin,ks,DES_DECRYPT); - - if (memcmp(out,cipher_data[i],8) != 0) - { - printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n", - i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]), - pt(out)); - err=1; - } - if (memcmp(in,outin,8) != 0) - { - printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n", - i+1,pt(key_data[i]),pt(out),pt(in),pt(outin)); - err=1; - } - } - -#ifndef LIBDES_LIT - printf("Doing ede ecb\n"); - for (i=0; i<(NUM_TESTS-1); i++) - { - if ((j=des_key_sched((C_Block *)(key_data[i]),ks)) != 0) - { - err=1; - printf("Key error %2d:%d\n",i+1,j); - } - if ((j=des_key_sched((C_Block *)(key_data[i+1]),ks2)) != 0) - { - printf("Key error %2d:%d\n",i+2,j); - err=1; - } - if ((j=des_key_sched((C_Block *)(key_data[i+2]),ks3)) != 0) - { - printf("Key error %2d:%d\n",i+3,j); - err=1; - } - memcpy(in,plain_data[i],8); - memset(out,0,8); - memset(outin,0,8); - des_ecb2_encrypt((C_Block *)in,(C_Block *)out,ks,ks2, - DES_ENCRYPT); - des_ecb2_encrypt((C_Block *)out,(C_Block *)outin,ks,ks2, - DES_DECRYPT); - - if (memcmp(out,cipher_ecb2[i],8) != 0) - { - printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n", - i+1,pt(key_data[i]),pt(in),pt(cipher_ecb2[i]), - pt(out)); - err=1; - } - if (memcmp(in,outin,8) != 0) - { - printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n", - i+1,pt(key_data[i]),pt(out),pt(in),pt(outin)); - err=1; - } - } -#endif - - printf("Doing cbc\n"); - if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0) - { - printf("Key error %d\n",j); - err=1; - } - memset(cbc_out,0,40); - memset(cbc_in,0,40); - memcpy(iv3,cbc_iv,sizeof(cbc_iv)); - des_ncbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out, - (long)strlen((char *)cbc_data)+1,ks, - (C_Block *)iv3,DES_ENCRYPT); - if (memcmp(cbc_out,cbc_ok,32) != 0) - printf("cbc_encrypt encrypt error\n"); - - memcpy(iv3,cbc_iv,sizeof(cbc_iv)); - des_ncbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in, - (long)strlen((char *)cbc_data)+1,ks, - (C_Block *)iv3,DES_DECRYPT); - if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)) != 0) - { - printf("cbc_encrypt decrypt error\n"); - err=1; - } - -#ifndef LIBDES_LIT - printf("Doing desx cbc\n"); - if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0) - { - printf("Key error %d\n",j); - err=1; - } - memset(cbc_out,0,40); - memset(cbc_in,0,40); - memcpy(iv3,cbc_iv,sizeof(cbc_iv)); - des_xcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out, - (long)strlen((char *)cbc_data)+1,ks, - (C_Block *)iv3, - (C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_ENCRYPT); - if (memcmp(cbc_out,xcbc_ok,32) != 0) - { - printf("des_xcbc_encrypt encrypt error\n"); - } - memcpy(iv3,cbc_iv,sizeof(cbc_iv)); - des_xcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in, - (long)strlen((char *)cbc_data)+1,ks, - (C_Block *)iv3, - (C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_DECRYPT); - if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) - { - printf("des_xcbc_encrypt decrypt error\n"); - err=1; - } -#endif - - printf("Doing ede cbc\n"); - if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0) - { - printf("Key error %d\n",j); - err=1; - } - if ((j=des_key_sched((C_Block *)cbc2_key,ks2)) != 0) - { - printf("Key error %d\n",j); - err=1; - } - if ((j=des_key_sched((C_Block *)cbc3_key,ks3)) != 0) - { - printf("Key error %d\n",j); - err=1; - } - memset(cbc_out,0,40); - memset(cbc_in,0,40); - i=strlen((char *)cbc_data)+1; - /* i=((i+7)/8)*8; */ - memcpy(iv3,cbc_iv,sizeof(cbc_iv)); - - des_ede3_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out, - 16L,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT); - des_ede3_cbc_encrypt((C_Block *)&(cbc_data[16]), - (C_Block *)&(cbc_out[16]), - (long)i-16,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT); - if (memcmp(cbc_out,cbc3_ok, - (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0) - { - printf("des_ede3_cbc_encrypt encrypt error\n"); - err=1; - } - - memcpy(iv3,cbc_iv,sizeof(cbc_iv)); - des_ede3_cbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in, - (long)i,ks,ks2,ks3,(C_Block *)iv3,DES_DECRYPT); - if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0) - { - printf("des_ede3_cbc_encrypt decrypt error\n"); - err=1; - } - -#ifndef LIBDES_LIT - printf("Doing pcbc\n"); - if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0) - { - printf("Key error %d\n",j); - err=1; - } - memset(cbc_out,0,40); - memset(cbc_in,0,40); - des_pcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out, - (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_ENCRYPT); - if (memcmp(cbc_out,pcbc_ok,32) != 0) - { - printf("pcbc_encrypt encrypt error\n"); - err=1; - } - des_pcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in, - (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_DECRYPT); - if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0) - { - printf("pcbc_encrypt decrypt error\n"); - err=1; - } - - printf("Doing "); - printf("cfb8 "); - err+=cfb_test(8,cfb_cipher8); - printf("cfb16 "); - err+=cfb_test(16,cfb_cipher16); - printf("cfb32 "); - err+=cfb_test(32,cfb_cipher32); - printf("cfb48 "); - err+=cfb_test(48,cfb_cipher48); - printf("cfb64 "); - err+=cfb_test(64,cfb_cipher64); - - printf("cfb64() "); - err+=cfb64_test(cfb_cipher64); - - memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); - for (i=0; i<sizeof(plain); i++) - des_cfb_encrypt(&(plain[i]),&(cfb_buf1[i]), - 8,(long)1,ks,(C_Block *)cfb_tmp,DES_ENCRYPT); - if (memcmp(cfb_cipher8,cfb_buf1,sizeof(plain)) != 0) - { - printf("cfb_encrypt small encrypt error\n"); - err=1; - } - - memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); - for (i=0; i<sizeof(plain); i++) - des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]), - 8,(long)1,ks,(C_Block *)cfb_tmp,DES_DECRYPT); - if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0) - { - printf("cfb_encrypt small decrypt error\n"); - err=1; - } - - printf("ede_cfb64() "); - err+=ede_cfb64_test(cfb_cipher64); - - printf("done\n"); - - printf("Doing ofb\n"); - des_key_sched((C_Block *)ofb_key,ks); - memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); - des_ofb_encrypt(plain,ofb_buf1,64,(long)sizeof(plain)/8,ks, - (C_Block *)ofb_tmp); - if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0) - { - printf("ofb_encrypt encrypt error\n"); -printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", -ofb_buf1[8+0], ofb_buf1[8+1], ofb_buf1[8+2], ofb_buf1[8+3], -ofb_buf1[8+4], ofb_buf1[8+5], ofb_buf1[8+6], ofb_buf1[8+7]); -printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", -ofb_buf1[8+0], ofb_cipher[8+1], ofb_cipher[8+2], ofb_cipher[8+3], -ofb_buf1[8+4], ofb_cipher[8+5], ofb_cipher[8+6], ofb_cipher[8+7]); - err=1; - } - memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); - des_ofb_encrypt(ofb_buf1,ofb_buf2,64,(long)sizeof(ofb_buf1)/8,ks, - (C_Block *)ofb_tmp); - if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0) - { - printf("ofb_encrypt decrypt error\n"); -printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", -ofb_buf2[8+0], ofb_buf2[8+1], ofb_buf2[8+2], ofb_buf2[8+3], -ofb_buf2[8+4], ofb_buf2[8+5], ofb_buf2[8+6], ofb_buf2[8+7]); -printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", -plain[8+0], plain[8+1], plain[8+2], plain[8+3], -plain[8+4], plain[8+5], plain[8+6], plain[8+7]); - err=1; - } - - printf("Doing ofb64\n"); - des_key_sched((C_Block *)ofb_key,ks); - memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); - memset(ofb_buf1,0,sizeof(ofb_buf1)); - memset(ofb_buf2,0,sizeof(ofb_buf1)); - num=0; - for (i=0; i<sizeof(plain); i++) - { - des_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks, - (C_Block *)ofb_tmp,&num); - } - if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0) - { - printf("ofb64_encrypt encrypt error\n"); - err=1; - } - memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); - num=0; - des_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks, - (C_Block *)ofb_tmp,&num); - if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0) - { - printf("ofb64_encrypt decrypt error\n"); - err=1; - } - - printf("Doing ede_ofb64\n"); - des_key_sched((C_Block *)ofb_key,ks); - memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); - memset(ofb_buf1,0,sizeof(ofb_buf1)); - memset(ofb_buf2,0,sizeof(ofb_buf1)); - num=0; - for (i=0; i<sizeof(plain); i++) - { - des_ede3_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,ks,ks, - (C_Block *)ofb_tmp,&num); - } - if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0) - { - printf("ede_ofb64_encrypt encrypt error\n"); - err=1; - } - memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); - num=0; - des_ede3_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks, - ks,ks,(C_Block *)ofb_tmp,&num); - if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0) - { - printf("ede_ofb64_encrypt decrypt error\n"); - err=1; - } - - printf("Doing cbc_cksum\n"); - des_key_sched((C_Block *)cbc_key,ks); - cs=des_cbc_cksum((C_Block *)cbc_data,(C_Block *)cret, - (long)strlen(cbc_data),ks,(C_Block *)cbc_iv); - if (cs != cbc_cksum_ret) - { - printf("bad return value (%08lX), should be %08lX\n", - (unsigned long)cs,(unsigned long)cbc_cksum_ret); - err=1; - } - if (memcmp(cret,cbc_cksum_data,8) != 0) - { - printf("bad cbc_cksum block returned\n"); - err=1; - } - - printf("Doing quad_cksum\n"); - cs=quad_cksum((C_Block *)cbc_data,(C_Block *)qret, - (long)strlen(cbc_data),2,(C_Block *)cbc_iv); - for (i=0; i<4; i++) - { - lqret[i]=0; - memcpy(&(lqret[i]),&(qret[i][0]),4); - } - { /* Big-endian fix */ - static DES_LONG l=1; - static unsigned char *c=(unsigned char *)&l; - DES_LONG ll; - - if (!c[0]) - { - ll=lqret[0]^lqret[3]; - lqret[0]^=ll; - lqret[3]^=ll; - ll=lqret[1]^lqret[2]; - lqret[1]^=ll; - lqret[2]^=ll; - } - } - if (cs != 0x70d7a63aL) - { - printf("quad_cksum error, ret %08lx should be 70d7a63a\n", - (unsigned long)cs); - err=1; - } - if (lqret[0] != 0x327eba8dL) - { - printf("quad_cksum error, out[0] %08lx is not %08lx\n", - (unsigned long)lqret[0],0x327eba8dL); - err=1; - } - if (lqret[1] != 0x201a49ccL) - { - printf("quad_cksum error, out[1] %08lx is not %08lx\n", - (unsigned long)lqret[1],0x201a49ccL); - err=1; - } - if (lqret[2] != 0x70d7a63aL) - { - printf("quad_cksum error, out[2] %08lx is not %08lx\n", - (unsigned long)lqret[2],0x70d7a63aL); - err=1; - } - if (lqret[3] != 0x501c2c26L) - { - printf("quad_cksum error, out[3] %08lx is not %08lx\n", - (unsigned long)lqret[3],0x501c2c26L); - err=1; - } -#endif - - printf("input word alignment test"); - for (i=0; i<4; i++) - { - printf(" %d",i); - des_ncbc_encrypt((C_Block *)&(cbc_out[i]),(C_Block *)cbc_in, - (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv, - DES_ENCRYPT); - } - printf("\noutput word alignment test"); - for (i=0; i<4; i++) - { - printf(" %d",i); - des_ncbc_encrypt((C_Block *)cbc_out,(C_Block *)&(cbc_in[i]), - (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv, - DES_ENCRYPT); - } - printf("\n"); - printf("fast crypt test "); - str=crypt("testing","ef"); - if (strcmp("efGnQx2725bI2",str) != 0) - { - printf("fast crypt error, %s should be efGnQx2725bI2\n",str); - err=1; - } - str=crypt("bca76;23","yA"); - if (strcmp("yA1Rp/1hZXIJk",str) != 0) - { - printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str); - err=1; - } - printf("\n"); - exit(err); - return(0); - } - -static char *pt(p) -unsigned char *p; - { - static char bufs[10][20]; - static int bnum=0; - char *ret; - int i; - static char *f="0123456789ABCDEF"; - - ret= &(bufs[bnum++][0]); - bnum%=10; - for (i=0; i<8; i++) - { - ret[i*2]=f[(p[i]>>4)&0xf]; - ret[i*2+1]=f[p[i]&0xf]; - } - ret[16]='\0'; - return(ret); - } - -#ifndef LIBDES_LIT - -static int cfb_test(bits, cfb_cipher) -int bits; -unsigned char *cfb_cipher; - { - des_key_schedule ks; - int i,err=0; - - des_key_sched((C_Block *)cfb_key,ks); - memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); - des_cfb_encrypt(plain,cfb_buf1,bits,(long)sizeof(plain),ks, - (C_Block *)cfb_tmp,DES_ENCRYPT); - if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0) - { - err=1; - printf("cfb_encrypt encrypt error\n"); - for (i=0; i<24; i+=8) - printf("%s\n",pt(&(cfb_buf1[i]))); - } - memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); - des_cfb_encrypt(cfb_buf1,cfb_buf2,bits,(long)sizeof(plain),ks, - (C_Block *)cfb_tmp,DES_DECRYPT); - if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0) - { - err=1; - printf("cfb_encrypt decrypt error\n"); - for (i=0; i<24; i+=8) - printf("%s\n",pt(&(cfb_buf1[i]))); - } - return(err); - } - -static int cfb64_test(cfb_cipher) -unsigned char *cfb_cipher; - { - des_key_schedule ks; - int err=0,i,n; - - des_key_sched((C_Block *)cfb_key,ks); - memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); - n=0; - des_cfb64_encrypt(plain,cfb_buf1,(long)12,ks, - (C_Block *)cfb_tmp,&n,DES_ENCRYPT); - des_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]), - (long)sizeof(plain)-12,ks, - (C_Block *)cfb_tmp,&n,DES_ENCRYPT); - if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0) - { - err=1; - printf("cfb_encrypt encrypt error\n"); - for (i=0; i<24; i+=8) - printf("%s\n",pt(&(cfb_buf1[i]))); - } - memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); - n=0; - des_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks, - (C_Block *)cfb_tmp,&n,DES_DECRYPT); - des_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]), - (long)sizeof(plain)-17,ks, - (C_Block *)cfb_tmp,&n,DES_DECRYPT); - if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0) - { - err=1; - printf("cfb_encrypt decrypt error\n"); - for (i=0; i<24; i+=8) - printf("%s\n",pt(&(cfb_buf2[i]))); - } - return(err); - } - -static int ede_cfb64_test(cfb_cipher) -unsigned char *cfb_cipher; - { - des_key_schedule ks; - int err=0,i,n; - - des_key_sched((C_Block *)cfb_key,ks); - memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); - n=0; - des_ede3_cfb64_encrypt(plain,cfb_buf1,(long)12,ks,ks,ks, - (C_Block *)cfb_tmp,&n,DES_ENCRYPT); - des_ede3_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]), - (long)sizeof(plain)-12,ks,ks,ks, - (C_Block *)cfb_tmp,&n,DES_ENCRYPT); - if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0) - { - err=1; - printf("ede_cfb_encrypt encrypt error\n"); - for (i=0; i<24; i+=8) - printf("%s\n",pt(&(cfb_buf1[i]))); - } - memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); - n=0; - des_ede3_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,ks,ks, - (C_Block *)cfb_tmp,&n,DES_DECRYPT); - des_ede3_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]), - (long)sizeof(plain)-17,ks,ks,ks, - (C_Block *)cfb_tmp,&n,DES_DECRYPT); - if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0) - { - err=1; - printf("ede_cfb_encrypt decrypt error\n"); - for (i=0; i<24; i+=8) - printf("%s\n",pt(&(cfb_buf2[i]))); - } - return(err); - } - -#endif - diff --git a/src/libcrypto/libdes/dx86unix.S b/src/libcrypto/libdes/dx86unix.S deleted file mode 100644 index 31dc0d0e1..000000000 --- a/src/libcrypto/libdes/dx86unix.S +++ /dev/null @@ -1,3160 +0,0 @@ -/* - * This file was originally generated by Michael Richardson <mcr@freeswan.org> - * via the perl scripts found in the ASM subdir. It remains copyright of - * Eric Young, see the file COPYRIGHT. - * - * This was last done on October 9, 2002. - * - * While this file does not need to go through cpp, we pass it through - * CPP by naming it dx86unix.S instead of dx86unix.s because there is - * a bug in Rules.make for .s builds - specifically it references EXTRA_CFLAGS - * which may contain stuff that AS doesn't understand instead of - * referencing EXTRA_AFLAGS. - */ - - .file "dx86unix.S" - .version "01.01" -.text - .align 16 -.globl des_encrypt - .type des_encrypt , @function -des_encrypt: - pushl %esi - pushl %edi - - - movl 12(%esp), %esi - xorl %ecx, %ecx - pushl %ebx - pushl %ebp - movl (%esi), %eax - movl 28(%esp), %ebx - movl 4(%esi), %edi - - - roll $4, %eax - movl %eax, %esi - xorl %edi, %eax - andl $0xf0f0f0f0, %eax - xorl %eax, %esi - xorl %eax, %edi - - roll $20, %edi - movl %edi, %eax - xorl %esi, %edi - andl $0xfff0000f, %edi - xorl %edi, %eax - xorl %edi, %esi - - roll $14, %eax - movl %eax, %edi - xorl %esi, %eax - andl $0x33333333, %eax - xorl %eax, %edi - xorl %eax, %esi - - roll $22, %esi - movl %esi, %eax - xorl %edi, %esi - andl $0x03fc03fc, %esi - xorl %esi, %eax - xorl %esi, %edi - - roll $9, %eax - movl %eax, %esi - xorl %edi, %eax - andl $0xaaaaaaaa, %eax - xorl %eax, %esi - xorl %eax, %edi - -.byte 209 -.byte 199 - movl 24(%esp), %ebp - cmpl $0, %ebx - je .L000start_decrypt - - - movl (%ebp), %eax - xorl %ebx, %ebx - movl 4(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 8(%ebp), %eax - xorl %ebx, %ebx - movl 12(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 16(%ebp), %eax - xorl %ebx, %ebx - movl 20(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 24(%ebp), %eax - xorl %ebx, %ebx - movl 28(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 32(%ebp), %eax - xorl %ebx, %ebx - movl 36(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 40(%ebp), %eax - xorl %ebx, %ebx - movl 44(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 48(%ebp), %eax - xorl %ebx, %ebx - movl 52(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 56(%ebp), %eax - xorl %ebx, %ebx - movl 60(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 64(%ebp), %eax - xorl %ebx, %ebx - movl 68(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 72(%ebp), %eax - xorl %ebx, %ebx - movl 76(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 80(%ebp), %eax - xorl %ebx, %ebx - movl 84(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 88(%ebp), %eax - xorl %ebx, %ebx - movl 92(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 96(%ebp), %eax - xorl %ebx, %ebx - movl 100(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 104(%ebp), %eax - xorl %ebx, %ebx - movl 108(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 112(%ebp), %eax - xorl %ebx, %ebx - movl 116(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 120(%ebp), %eax - xorl %ebx, %ebx - movl 124(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - jmp .L001end -.L000start_decrypt: - - - movl 120(%ebp), %eax - xorl %ebx, %ebx - movl 124(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 112(%ebp), %eax - xorl %ebx, %ebx - movl 116(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 104(%ebp), %eax - xorl %ebx, %ebx - movl 108(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 96(%ebp), %eax - xorl %ebx, %ebx - movl 100(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 88(%ebp), %eax - xorl %ebx, %ebx - movl 92(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 80(%ebp), %eax - xorl %ebx, %ebx - movl 84(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 72(%ebp), %eax - xorl %ebx, %ebx - movl 76(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 64(%ebp), %eax - xorl %ebx, %ebx - movl 68(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 56(%ebp), %eax - xorl %ebx, %ebx - movl 60(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 48(%ebp), %eax - xorl %ebx, %ebx - movl 52(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 40(%ebp), %eax - xorl %ebx, %ebx - movl 44(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 32(%ebp), %eax - xorl %ebx, %ebx - movl 36(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 24(%ebp), %eax - xorl %ebx, %ebx - movl 28(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 16(%ebp), %eax - xorl %ebx, %ebx - movl 20(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 8(%ebp), %eax - xorl %ebx, %ebx - movl 12(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl (%ebp), %eax - xorl %ebx, %ebx - movl 4(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi -.L001end: - - - movl 20(%esp), %edx -.byte 209 -.byte 206 - movl %edi, %eax - xorl %esi, %edi - andl $0xaaaaaaaa, %edi - xorl %edi, %eax - xorl %edi, %esi - - roll $23, %eax - movl %eax, %edi - xorl %esi, %eax - andl $0x03fc03fc, %eax - xorl %eax, %edi - xorl %eax, %esi - - roll $10, %edi - movl %edi, %eax - xorl %esi, %edi - andl $0x33333333, %edi - xorl %edi, %eax - xorl %edi, %esi - - roll $18, %esi - movl %esi, %edi - xorl %eax, %esi - andl $0xfff0000f, %esi - xorl %esi, %edi - xorl %esi, %eax - - roll $12, %edi - movl %edi, %esi - xorl %eax, %edi - andl $0xf0f0f0f0, %edi - xorl %edi, %esi - xorl %edi, %eax - - rorl $4, %eax - movl %eax, (%edx) - movl %esi, 4(%edx) - popl %ebp - popl %ebx - popl %edi - popl %esi - ret -.des_encrypt_end: - .size des_encrypt , .des_encrypt_end-des_encrypt -.ident "desasm.pl" -.text - .align 16 -.globl des_encrypt2 - .type des_encrypt2 , @function -des_encrypt2: - pushl %esi - pushl %edi - - - movl 12(%esp), %eax - xorl %ecx, %ecx - pushl %ebx - pushl %ebp - movl (%eax), %esi - movl 28(%esp), %ebx - roll $3, %esi - movl 4(%eax), %edi - roll $3, %edi - movl 24(%esp), %ebp - cmpl $0, %ebx - je .L002start_decrypt - - - movl (%ebp), %eax - xorl %ebx, %ebx - movl 4(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 8(%ebp), %eax - xorl %ebx, %ebx - movl 12(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 16(%ebp), %eax - xorl %ebx, %ebx - movl 20(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 24(%ebp), %eax - xorl %ebx, %ebx - movl 28(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 32(%ebp), %eax - xorl %ebx, %ebx - movl 36(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 40(%ebp), %eax - xorl %ebx, %ebx - movl 44(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 48(%ebp), %eax - xorl %ebx, %ebx - movl 52(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 56(%ebp), %eax - xorl %ebx, %ebx - movl 60(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 64(%ebp), %eax - xorl %ebx, %ebx - movl 68(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 72(%ebp), %eax - xorl %ebx, %ebx - movl 76(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 80(%ebp), %eax - xorl %ebx, %ebx - movl 84(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 88(%ebp), %eax - xorl %ebx, %ebx - movl 92(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 96(%ebp), %eax - xorl %ebx, %ebx - movl 100(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 104(%ebp), %eax - xorl %ebx, %ebx - movl 108(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 112(%ebp), %eax - xorl %ebx, %ebx - movl 116(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 120(%ebp), %eax - xorl %ebx, %ebx - movl 124(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - jmp .L003end -.L002start_decrypt: - - - movl 120(%ebp), %eax - xorl %ebx, %ebx - movl 124(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 112(%ebp), %eax - xorl %ebx, %ebx - movl 116(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 104(%ebp), %eax - xorl %ebx, %ebx - movl 108(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 96(%ebp), %eax - xorl %ebx, %ebx - movl 100(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 88(%ebp), %eax - xorl %ebx, %ebx - movl 92(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 80(%ebp), %eax - xorl %ebx, %ebx - movl 84(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 72(%ebp), %eax - xorl %ebx, %ebx - movl 76(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 64(%ebp), %eax - xorl %ebx, %ebx - movl 68(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 56(%ebp), %eax - xorl %ebx, %ebx - movl 60(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 48(%ebp), %eax - xorl %ebx, %ebx - movl 52(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 40(%ebp), %eax - xorl %ebx, %ebx - movl 44(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 32(%ebp), %eax - xorl %ebx, %ebx - movl 36(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 24(%ebp), %eax - xorl %ebx, %ebx - movl 28(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl 16(%ebp), %eax - xorl %ebx, %ebx - movl 20(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi - - - movl 8(%ebp), %eax - xorl %ebx, %ebx - movl 12(%ebp), %edx - xorl %esi, %eax - xorl %esi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %edi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %edi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %edi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %edi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %edi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %edi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %edi - - - movl (%ebp), %eax - xorl %ebx, %ebx - movl 4(%ebp), %edx - xorl %edi, %eax - xorl %edi, %edx - andl $0xfcfcfcfc, %eax - andl $0xcfcfcfcf, %edx - movb %al, %bl - movb %ah, %cl - rorl $4, %edx - movl des_SPtrans(%ebx),%ebp - movb %dl, %bl - xorl %ebp, %esi - movl 0x200+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movb %dh, %cl - shrl $16, %eax - movl 0x100+des_SPtrans(%ebx),%ebp - xorl %ebp, %esi - movb %ah, %bl - shrl $16, %edx - movl 0x300+des_SPtrans(%ecx),%ebp - xorl %ebp, %esi - movl 24(%esp), %ebp - movb %dh, %cl - andl $0xff, %eax - andl $0xff, %edx - movl 0x600+des_SPtrans(%ebx),%ebx - xorl %ebx, %esi - movl 0x700+des_SPtrans(%ecx),%ebx - xorl %ebx, %esi - movl 0x400+des_SPtrans(%eax),%ebx - xorl %ebx, %esi - movl 0x500+des_SPtrans(%edx),%ebx - xorl %ebx, %esi -.L003end: - - - rorl $3, %edi - movl 20(%esp), %eax - rorl $3, %esi - movl %edi, (%eax) - movl %esi, 4(%eax) - popl %ebp - popl %ebx - popl %edi - popl %esi - ret -.des_encrypt2_end: - .size des_encrypt2 , .des_encrypt2_end-des_encrypt2 -.ident "desasm.pl" -.text - .align 16 -.globl des_encrypt3 - .type des_encrypt3 , @function -des_encrypt3: - pushl %ebx - movl 8(%esp), %ebx - pushl %ebp - pushl %esi - pushl %edi - - - movl (%ebx), %edi - movl 4(%ebx), %esi - subl $12, %esp - - - roll $4, %edi - movl %edi, %edx - xorl %esi, %edi - andl $0xf0f0f0f0, %edi - xorl %edi, %edx - xorl %edi, %esi - - roll $20, %esi - movl %esi, %edi - xorl %edx, %esi - andl $0xfff0000f, %esi - xorl %esi, %edi - xorl %esi, %edx - - roll $14, %edi - movl %edi, %esi - xorl %edx, %edi - andl $0x33333333, %edi - xorl %edi, %esi - xorl %edi, %edx - - roll $22, %edx - movl %edx, %edi - xorl %esi, %edx - andl $0x03fc03fc, %edx - xorl %edx, %edi - xorl %edx, %esi - - roll $9, %edi - movl %edi, %edx - xorl %esi, %edi - andl $0xaaaaaaaa, %edi - xorl %edi, %edx - xorl %edi, %esi - - rorl $3, %edx - rorl $2, %esi - movl %esi, 4(%ebx) - movl 36(%esp), %eax - movl %edx, (%ebx) - movl 40(%esp), %edi - movl 44(%esp), %esi - movl $1, 8(%esp) - movl %eax, 4(%esp) - movl %ebx, (%esp) - call des_encrypt2 - movl $0, 8(%esp) - movl %edi, 4(%esp) - movl %ebx, (%esp) - call des_encrypt2 - movl $1, 8(%esp) - movl %esi, 4(%esp) - movl %ebx, (%esp) - call des_encrypt2 - addl $12, %esp - movl (%ebx), %edi - movl 4(%ebx), %esi - - - roll $2, %esi - roll $3, %edi - movl %edi, %eax - xorl %esi, %edi - andl $0xaaaaaaaa, %edi - xorl %edi, %eax - xorl %edi, %esi - - roll $23, %eax - movl %eax, %edi - xorl %esi, %eax - andl $0x03fc03fc, %eax - xorl %eax, %edi - xorl %eax, %esi - - roll $10, %edi - movl %edi, %eax - xorl %esi, %edi - andl $0x33333333, %edi - xorl %edi, %eax - xorl %edi, %esi - - roll $18, %esi - movl %esi, %edi - xorl %eax, %esi - andl $0xfff0000f, %esi - xorl %esi, %edi - xorl %esi, %eax - - roll $12, %edi - movl %edi, %esi - xorl %eax, %edi - andl $0xf0f0f0f0, %edi - xorl %edi, %esi - xorl %edi, %eax - - rorl $4, %eax - movl %eax, (%ebx) - movl %esi, 4(%ebx) - popl %edi - popl %esi - popl %ebp - popl %ebx - ret -.des_encrypt3_end: - .size des_encrypt3 , .des_encrypt3_end-des_encrypt3 -.ident "desasm.pl" -.text - .align 16 -.globl des_decrypt3 - .type des_decrypt3 , @function -des_decrypt3: - pushl %ebx - movl 8(%esp), %ebx - pushl %ebp - pushl %esi - pushl %edi - - - movl (%ebx), %edi - movl 4(%ebx), %esi - subl $12, %esp - - - roll $4, %edi - movl %edi, %edx - xorl %esi, %edi - andl $0xf0f0f0f0, %edi - xorl %edi, %edx - xorl %edi, %esi - - roll $20, %esi - movl %esi, %edi - xorl %edx, %esi - andl $0xfff0000f, %esi - xorl %esi, %edi - xorl %esi, %edx - - roll $14, %edi - movl %edi, %esi - xorl %edx, %edi - andl $0x33333333, %edi - xorl %edi, %esi - xorl %edi, %edx - - roll $22, %edx - movl %edx, %edi - xorl %esi, %edx - andl $0x03fc03fc, %edx - xorl %edx, %edi - xorl %edx, %esi - - roll $9, %edi - movl %edi, %edx - xorl %esi, %edi - andl $0xaaaaaaaa, %edi - xorl %edi, %edx - xorl %edi, %esi - - rorl $3, %edx - rorl $2, %esi - movl %esi, 4(%ebx) - movl 36(%esp), %esi - movl %edx, (%ebx) - movl 40(%esp), %edi - movl 44(%esp), %eax - movl $0, 8(%esp) - movl %eax, 4(%esp) - movl %ebx, (%esp) - call des_encrypt2 - movl $1, 8(%esp) - movl %edi, 4(%esp) - movl %ebx, (%esp) - call des_encrypt2 - movl $0, 8(%esp) - movl %esi, 4(%esp) - movl %ebx, (%esp) - call des_encrypt2 - addl $12, %esp - movl (%ebx), %edi - movl 4(%ebx), %esi - - - roll $2, %esi - roll $3, %edi - movl %edi, %eax - xorl %esi, %edi - andl $0xaaaaaaaa, %edi - xorl %edi, %eax - xorl %edi, %esi - - roll $23, %eax - movl %eax, %edi - xorl %esi, %eax - andl $0x03fc03fc, %eax - xorl %eax, %edi - xorl %eax, %esi - - roll $10, %edi - movl %edi, %eax - xorl %esi, %edi - andl $0x33333333, %edi - xorl %edi, %eax - xorl %edi, %esi - - roll $18, %esi - movl %esi, %edi - xorl %eax, %esi - andl $0xfff0000f, %esi - xorl %esi, %edi - xorl %esi, %eax - - roll $12, %edi - movl %edi, %esi - xorl %eax, %edi - andl $0xf0f0f0f0, %edi - xorl %edi, %esi - xorl %edi, %eax - - rorl $4, %eax - movl %eax, (%ebx) - movl %esi, 4(%ebx) - popl %edi - popl %esi - popl %ebp - popl %ebx - ret -.des_decrypt3_end: - .size des_decrypt3 , .des_decrypt3_end-des_decrypt3 -.ident "desasm.pl" -.text - .align 16 -.globl des_ncbc_encrypt - .type des_ncbc_encrypt , @function -des_ncbc_encrypt: - - pushl %ebp - pushl %ebx - pushl %esi - pushl %edi - movl 28(%esp), %ebp - - movl 36(%esp), %ebx - movl (%ebx), %esi - movl 4(%ebx), %edi - pushl %edi - pushl %esi - pushl %edi - pushl %esi - movl %esp, %ebx - movl 36(%esp), %esi - movl 40(%esp), %edi - - movl 56(%esp), %ecx - - pushl %ecx - - movl 52(%esp), %eax - pushl %eax - pushl %ebx - cmpl $0, %ecx - jz .L004decrypt - andl $4294967288, %ebp - movl 12(%esp), %eax - movl 16(%esp), %ebx - jz .L005encrypt_finish -.L006encrypt_loop: - movl (%esi), %ecx - movl 4(%esi), %edx - xorl %ecx, %eax - xorl %edx, %ebx - movl %eax, 12(%esp) - movl %ebx, 16(%esp) - call des_encrypt - movl 12(%esp), %eax - movl 16(%esp), %ebx - movl %eax, (%edi) - movl %ebx, 4(%edi) - addl $8, %esi - addl $8, %edi - subl $8, %ebp - jnz .L006encrypt_loop -.L005encrypt_finish: - movl 56(%esp), %ebp - andl $7, %ebp - jz .L007finish - xorl %ecx, %ecx - xorl %edx, %edx - movl .L008cbc_enc_jmp_table(,%ebp,4),%ebp - jmp *%ebp -.L009ej7: - movb 6(%esi), %dh - sall $8, %edx -.L010ej6: - movb 5(%esi), %dh -.L011ej5: - movb 4(%esi), %dl -.L012ej4: - movl (%esi), %ecx - jmp .L013ejend -.L014ej3: - movb 2(%esi), %ch - sall $8, %ecx -.L015ej2: - movb 1(%esi), %ch -.L016ej1: - movb (%esi), %cl -.L013ejend: - xorl %ecx, %eax - xorl %edx, %ebx - movl %eax, 12(%esp) - movl %ebx, 16(%esp) - call des_encrypt - movl 12(%esp), %eax - movl 16(%esp), %ebx - movl %eax, (%edi) - movl %ebx, 4(%edi) - jmp .L007finish -.align 16 -.L004decrypt: - andl $4294967288, %ebp - movl 20(%esp), %eax - movl 24(%esp), %ebx - jz .L017decrypt_finish -.L018decrypt_loop: - movl (%esi), %eax - movl 4(%esi), %ebx - movl %eax, 12(%esp) - movl %ebx, 16(%esp) - call des_encrypt - movl 12(%esp), %eax - movl 16(%esp), %ebx - movl 20(%esp), %ecx - movl 24(%esp), %edx - xorl %eax, %ecx - xorl %ebx, %edx - movl (%esi), %eax - movl 4(%esi), %ebx - movl %ecx, (%edi) - movl %edx, 4(%edi) - movl %eax, 20(%esp) - movl %ebx, 24(%esp) - addl $8, %esi - addl $8, %edi - subl $8, %ebp - jnz .L018decrypt_loop -.L017decrypt_finish: - movl 56(%esp), %ebp - andl $7, %ebp - jz .L007finish - movl (%esi), %eax - movl 4(%esi), %ebx - movl %eax, 12(%esp) - movl %ebx, 16(%esp) - call des_encrypt - movl 12(%esp), %eax - movl 16(%esp), %ebx - movl 20(%esp), %ecx - movl 24(%esp), %edx - xorl %eax, %ecx - xorl %ebx, %edx - movl (%esi), %eax - movl 4(%esi), %ebx -.L019dj7: - rorl $16, %edx - movb %dl, 6(%edi) - shrl $16, %edx -.L020dj6: - movb %dh, 5(%edi) -.L021dj5: - movb %dl, 4(%edi) -.L022dj4: - movl %ecx, (%edi) - jmp .L023djend -.L024dj3: - rorl $16, %ecx - movb %cl, 2(%edi) - sall $16, %ecx -.L025dj2: - movb %ch, 1(%esi) -.L026dj1: - movb %cl, (%esi) -.L023djend: - jmp .L007finish -.align 16 -.L007finish: - movl 64(%esp), %ecx - addl $28, %esp - movl %eax, (%ecx) - movl %ebx, 4(%ecx) - popl %edi - popl %esi - popl %ebx - popl %ebp - ret -.align 16 -.L008cbc_enc_jmp_table: - .long 0 - .long .L016ej1 - .long .L015ej2 - .long .L014ej3 - .long .L012ej4 - .long .L011ej5 - .long .L010ej6 - .long .L009ej7 -.align 16 -.L027cbc_dec_jmp_table: - .long 0 - .long .L026dj1 - .long .L025dj2 - .long .L024dj3 - .long .L022dj4 - .long .L021dj5 - .long .L020dj6 - .long .L019dj7 -.des_ncbc_encrypt_end: - .size des_ncbc_encrypt , .des_ncbc_encrypt_end-des_ncbc_encrypt -.ident "desasm.pl" -.text - .align 16 -.globl des_ede3_cbc_encrypt - .type des_ede3_cbc_encrypt , @function -des_ede3_cbc_encrypt: - - pushl %ebp - pushl %ebx - pushl %esi - pushl %edi - movl 28(%esp), %ebp - - movl 44(%esp), %ebx - movl (%ebx), %esi - movl 4(%ebx), %edi - pushl %edi - pushl %esi - pushl %edi - pushl %esi - movl %esp, %ebx - movl 36(%esp), %esi - movl 40(%esp), %edi - - movl 64(%esp), %ecx - - movl 56(%esp), %eax - pushl %eax - - movl 56(%esp), %eax - pushl %eax - - movl 56(%esp), %eax - pushl %eax - pushl %ebx - cmpl $0, %ecx - jz .L028decrypt - andl $4294967288, %ebp - movl 16(%esp), %eax - movl 20(%esp), %ebx - jz .L029encrypt_finish -.L030encrypt_loop: - movl (%esi), %ecx - movl 4(%esi), %edx - xorl %ecx, %eax - xorl %edx, %ebx - movl %eax, 16(%esp) - movl %ebx, 20(%esp) - call des_encrypt3 - movl 16(%esp), %eax - movl 20(%esp), %ebx - movl %eax, (%edi) - movl %ebx, 4(%edi) - addl $8, %esi - addl $8, %edi - subl $8, %ebp - jnz .L030encrypt_loop -.L029encrypt_finish: - movl 60(%esp), %ebp - andl $7, %ebp - jz .L031finish - xorl %ecx, %ecx - xorl %edx, %edx - movl .L032cbc_enc_jmp_table(,%ebp,4),%ebp - jmp *%ebp -.L033ej7: - movb 6(%esi), %dh - sall $8, %edx -.L034ej6: - movb 5(%esi), %dh -.L035ej5: - movb 4(%esi), %dl -.L036ej4: - movl (%esi), %ecx - jmp .L037ejend -.L038ej3: - movb 2(%esi), %ch - sall $8, %ecx -.L039ej2: - movb 1(%esi), %ch -.L040ej1: - movb (%esi), %cl -.L037ejend: - xorl %ecx, %eax - xorl %edx, %ebx - movl %eax, 16(%esp) - movl %ebx, 20(%esp) - call des_encrypt3 - movl 16(%esp), %eax - movl 20(%esp), %ebx - movl %eax, (%edi) - movl %ebx, 4(%edi) - jmp .L031finish -.align 16 -.L028decrypt: - andl $4294967288, %ebp - movl 24(%esp), %eax - movl 28(%esp), %ebx - jz .L041decrypt_finish -.L042decrypt_loop: - movl (%esi), %eax - movl 4(%esi), %ebx - movl %eax, 16(%esp) - movl %ebx, 20(%esp) - call des_decrypt3 - movl 16(%esp), %eax - movl 20(%esp), %ebx - movl 24(%esp), %ecx - movl 28(%esp), %edx - xorl %eax, %ecx - xorl %ebx, %edx - movl (%esi), %eax - movl 4(%esi), %ebx - movl %ecx, (%edi) - movl %edx, 4(%edi) - movl %eax, 24(%esp) - movl %ebx, 28(%esp) - addl $8, %esi - addl $8, %edi - subl $8, %ebp - jnz .L042decrypt_loop -.L041decrypt_finish: - movl 60(%esp), %ebp - andl $7, %ebp - jz .L031finish - movl (%esi), %eax - movl 4(%esi), %ebx - movl %eax, 16(%esp) - movl %ebx, 20(%esp) - call des_decrypt3 - movl 16(%esp), %eax - movl 20(%esp), %ebx - movl 24(%esp), %ecx - movl 28(%esp), %edx - xorl %eax, %ecx - xorl %ebx, %edx - movl (%esi), %eax - movl 4(%esi), %ebx -.L043dj7: - rorl $16, %edx - movb %dl, 6(%edi) - shrl $16, %edx -.L044dj6: - movb %dh, 5(%edi) -.L045dj5: - movb %dl, 4(%edi) -.L046dj4: - movl %ecx, (%edi) - jmp .L047djend -.L048dj3: - rorl $16, %ecx - movb %cl, 2(%edi) - sall $16, %ecx -.L049dj2: - movb %ch, 1(%esi) -.L050dj1: - movb %cl, (%esi) -.L047djend: - jmp .L031finish -.align 16 -.L031finish: - movl 76(%esp), %ecx - addl $32, %esp - movl %eax, (%ecx) - movl %ebx, 4(%ecx) - popl %edi - popl %esi - popl %ebx - popl %ebp - ret -.align 16 -.L032cbc_enc_jmp_table: - .long 0 - .long .L040ej1 - .long .L039ej2 - .long .L038ej3 - .long .L036ej4 - .long .L035ej5 - .long .L034ej6 - .long .L033ej7 -.align 16 -.L051cbc_dec_jmp_table: - .long 0 - .long .L050dj1 - .long .L049dj2 - .long .L048dj3 - .long .L046dj4 - .long .L045dj5 - .long .L044dj6 - .long .L043dj7 -.des_ede3_cbc_encrypt_end: - .size des_ede3_cbc_encrypt , .des_ede3_cbc_encrypt_end-des_ede3_cbc_encrypt -.ident "desasm.pl" diff --git a/src/libcrypto/libdes/ecb_enc.c b/src/libcrypto/libdes/ecb_enc.c deleted file mode 100644 index fb06cf49a..000000000 --- a/src/libcrypto/libdes/ecb_enc.c +++ /dev/null @@ -1,127 +0,0 @@ -/* crypto/des/ecb_enc.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" -#include "spr.h" - -char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay"; -char *DES_version="DES part of SSLeay 0.8.2b 08-Jan-1998"; - -/* This function ifdef'ed out for FreeS/WAN project. */ -#ifdef notdef -char *des_options() - { - static int init=1; - static char buf[32]; - - if (init) - { - char *ptr,*unroll,*risc,*size; - - init=0; -#ifdef DES_PTR - ptr="ptr"; -#else - ptr="idx"; -#endif -#if defined(DES_RISC1) || defined(DES_RISC2) -#ifdef DES_RISC1 - risc="risc1"; -#endif -#ifdef DES_RISC2 - risc="risc2"; -#endif -#else - risc="cisc"; -#endif -#ifdef DES_UNROLL - unroll="16"; -#else - unroll="4"; -#endif - if (sizeof(DES_LONG) != sizeof(long)) - size="int"; - else - size="long"; - sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size); - } - return(buf); - } -#endif - - -void des_ecb_encrypt(input, output, ks, enc) -des_cblock (*input); -des_cblock (*output); -des_key_schedule ks; -int enc; - { - register DES_LONG l; - register unsigned char *in,*out; - DES_LONG ll[2]; - - in=(unsigned char *)input; - out=(unsigned char *)output; - c2l(in,l); ll[0]=l; - c2l(in,l); ll[1]=l; - des_encrypt(ll,ks,enc); - l=ll[0]; l2c(l,out); - l=ll[1]; l2c(l,out); - l=ll[0]=ll[1]=0; - } - diff --git a/src/libcrypto/libdes/fcrypt.c b/src/libcrypto/libdes/fcrypt.c deleted file mode 100644 index 8b9d0495b..000000000 --- a/src/libcrypto/libdes/fcrypt.c +++ /dev/null @@ -1,152 +0,0 @@ -/* NOCW */ - -/* This version of crypt has been developed from my MIT compatable - * DES library. - * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au - * Eric Young (eay@cryptsoft.com) - */ - -/* Modification by Jens Kupferschmidt (Cu) - * I have included directive PARA for shared memory computers. - * I have included a directive LONGCRYPT to using this routine to cipher - * passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN - * definition is the maximum of lenght of password and can changed. I have - * defined 24. - */ - -#include "des_locl.h" - -/* Added more values to handle illegal salt values the way normal - * crypt() implementations do. The patch was sent by - * Bjorn Gronvall <bg@sics.se> - */ -static unsigned const char con_salt[128]={ -0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9, -0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,0xE0,0xE1, -0xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9, -0xEA,0xEB,0xEC,0xED,0xEE,0xEF,0xF0,0xF1, -0xF2,0xF3,0xF4,0xF5,0xF6,0xF7,0xF8,0xF9, -0xFA,0xFB,0xFC,0xFD,0xFE,0xFF,0x00,0x01, -0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09, -0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A, -0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12, -0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A, -0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22, -0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24, -0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C, -0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34, -0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C, -0x3D,0x3E,0x3F,0x40,0x41,0x42,0x43,0x44, -}; - -static unsigned const char cov_2char[64]={ -0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35, -0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44, -0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C, -0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54, -0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62, -0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A, -0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72, -0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A -}; - -#ifndef NOPROTO -void fcrypt_body(DES_LONG *out,des_key_schedule ks, - DES_LONG Eswap0, DES_LONG Eswap1); - -#ifdef PERL5 -char *des_crypt(const char *buf,const char *salt); -#else -char *crypt(const char *buf,const char *salt); -#endif -#else -void fcrypt_body(); -#ifdef PERL5 -char *des_crypt(); -#else -char *crypt(); -#endif -#endif - -#ifdef PERL5 -char *des_crypt(buf,salt) -#else -char *crypt(buf,salt) -#endif -const char *buf; -const char *salt; - { - static char buff[14]; - - return(des_fcrypt(buf,salt,buff)); - } - - -char *des_fcrypt(buf,salt,ret) -const char *buf; -const char *salt; -char *ret; - { - unsigned int i,j,x,y; - DES_LONG Eswap0,Eswap1; - DES_LONG out[2],ll; - des_cblock key; - des_key_schedule ks; - unsigned char bb[9]; - unsigned char *b=bb; - unsigned char c,u; - - /* eay 25/08/92 - * If you call crypt("pwd","*") as often happens when you - * have * as the pwd field in /etc/passwd, the function - * returns *\0XXXXXXXXX - * The \0 makes the string look like * so the pwd "*" would - * crypt to "*". This was found when replacing the crypt in - * our shared libraries. People found that the disbled - * accounts effectivly had no passwd :-(. */ - x=ret[0]=((salt[0] == '\0')?'A':salt[0]); - Eswap0=con_salt[x]<<2; - x=ret[1]=((salt[1] == '\0')?'A':salt[1]); - Eswap1=con_salt[x]<<6; - -/* EAY -r=strlen(buf); -r=(r+7)/8; -*/ - for (i=0; i<8; i++) - { - c= *(buf++); - if (!c) break; - key[i]=(c<<1); - } - for (; i<8; i++) - key[i]=0; - - des_set_key((des_cblock *)(key),ks); - fcrypt_body(&(out[0]),ks,Eswap0,Eswap1); - - ll=out[0]; l2c(ll,b); - ll=out[1]; l2c(ll,b); - y=0; - u=0x80; - bb[8]=0; - for (i=2; i<13; i++) - { - c=0; - for (j=0; j<6; j++) - { - c<<=1; - if (bb[y] & u) c|=1; - u>>=1; - if (!u) - { - y++; - u=0x80; - } - } - ret[i]=cov_2char[c]; - } - ret[13]='\0'; - return(ret); - } - diff --git a/src/libcrypto/libdes/fcrypt_b.c b/src/libcrypto/libdes/fcrypt_b.c deleted file mode 100644 index 5900645e7..000000000 --- a/src/libcrypto/libdes/fcrypt_b.c +++ /dev/null @@ -1,148 +0,0 @@ -/* crypto/des/fcrypt_b.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* #include <stdio.h> */ - -/* This version of crypt has been developed from my MIT compatable - * DES library. - * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au - * Eric Young (eay@cryptsoft.com) - */ - -#define DES_FCRYPT -#include "des_locl.h" -#undef DES_FCRYPT - -#undef PERM_OP -#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\ - (b)^=(t),\ - (a)^=((t)<<(n))) - -#undef HPERM_OP -#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\ - (a)=(a)^(t)^(t>>(16-(n))))\ - -void fcrypt_body(out, ks, Eswap0, Eswap1) -DES_LONG *out; -des_key_schedule ks; -DES_LONG Eswap0; -DES_LONG Eswap1; - { - register DES_LONG l,r,t,u; -#ifdef DES_PTR - register unsigned char *des_SP=(unsigned char *)des_SPtrans; -#endif - register DES_LONG *s; - register int j; - register DES_LONG E0,E1; - - l=0; - r=0; - - s=(DES_LONG *)ks; - E0=Eswap0; - E1=Eswap1; - - for (j=0; j<25; j++) - { -#ifdef DES_UNROLL - register int i; - - for (i=0; i<32; i+=8) - { - D_ENCRYPT(l,r,i+0); /* 1 */ - D_ENCRYPT(r,l,i+2); /* 2 */ - D_ENCRYPT(l,r,i+4); /* 1 */ - D_ENCRYPT(r,l,i+6); /* 2 */ - } -#else - D_ENCRYPT(l,r, 0); /* 1 */ - D_ENCRYPT(r,l, 2); /* 2 */ - D_ENCRYPT(l,r, 4); /* 3 */ - D_ENCRYPT(r,l, 6); /* 4 */ - D_ENCRYPT(l,r, 8); /* 5 */ - D_ENCRYPT(r,l,10); /* 6 */ - D_ENCRYPT(l,r,12); /* 7 */ - D_ENCRYPT(r,l,14); /* 8 */ - D_ENCRYPT(l,r,16); /* 9 */ - D_ENCRYPT(r,l,18); /* 10 */ - D_ENCRYPT(l,r,20); /* 11 */ - D_ENCRYPT(r,l,22); /* 12 */ - D_ENCRYPT(l,r,24); /* 13 */ - D_ENCRYPT(r,l,26); /* 14 */ - D_ENCRYPT(l,r,28); /* 15 */ - D_ENCRYPT(r,l,30); /* 16 */ -#endif - - t=l; - l=r; - r=t; - } - l=ROTATE(l,3)&0xffffffffL; - r=ROTATE(r,3)&0xffffffffL; - - PERM_OP(l,r,t, 1,0x55555555L); - PERM_OP(r,l,t, 8,0x00ff00ffL); - PERM_OP(l,r,t, 2,0x33333333L); - PERM_OP(r,l,t,16,0x0000ffffL); - PERM_OP(l,r,t, 4,0x0f0f0f0fL); - - out[0]=r; - out[1]=l; - } - diff --git a/src/libcrypto/libdes/options.txt b/src/libcrypto/libdes/options.txt deleted file mode 100644 index 6e2b50f76..000000000 --- a/src/libcrypto/libdes/options.txt +++ /dev/null @@ -1,39 +0,0 @@ -Note that the UNROLL option makes the 'inner' des loop unroll all 16 rounds -instead of the default 4. -RISC1 and RISC2 are 2 alternatives for the inner loop and -PTR means to use pointers arithmatic instead of arrays. - -FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assembler 577,000 4620k/s -IRIX 6.2 - R10000 195mhz - cc (-O3 -n32) - UNROLL RISC2 PTR 496,000 3968k/s -solaris 2.5.1 usparc 167mhz?? - SC4.0 - UNROLL RISC1 PTR [1] 459,400 3672k/s -FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - UNROLL RISC1 433,000 3468k/s -solaris 2.5.1 usparc 167mhz?? - gcc 2.7.2 - UNROLL 380,000 3041k/s -linux - pentium 100mhz - gcc 2.7.0 - assembler 281,000 2250k/s -NT 4.0 - pentium 100mhz - VC 4.2 - assembler 281,000 2250k/s -AIX 4.1? - PPC604 100mhz - cc - UNROLL 275,000 2200k/s -IRIX 5.3 - R4400 200mhz - gcc 2.6.3 - UNROLL RISC2 PTR 235,300 1882k/s -IRIX 5.3 - R4400 200mhz - cc - UNROLL RISC2 PTR 233,700 1869k/s -NT 4.0 - pentium 100mhz - VC 4.2 - UNROLL RISC1 PTR 191,000 1528k/s -DEC Alpha 165mhz?? - cc - RISC2 PTR [2] 181,000 1448k/s -linux - pentium 100mhz - gcc 2.7.0 - UNROLL RISC1 PTR 158,500 1268k/s -HPUX 10 - 9000/887 - cc - UNROLL [3] 148,000 1190k/s -solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2 - UNROLL 123,600 989k/s -IRIX 5.3 - R4000 100mhz - cc - UNROLL RISC2 PTR 101,000 808k/s -DGUX - 88100 50mhz(?) - gcc 2.6.3 - UNROLL 81,000 648k/s -solaris 2.4 486 50mhz - gcc 2.6.3 - assembler 65,000 522k/s -HPUX 10 - 9000/887 - k&r cc (default compiler) - UNROLL PTR 76,000 608k/s -solaris 2.4 486 50mhz - gcc 2.6.3 - UNROLL RISC2 43,500 344k/s -AIX - old slow one :-) - cc - 39,000 312k/s - -Notes. -[1] For the ultra sparc, SunC 4.0 - cc -xtarget=ultra -xarch=v8plus -Xa -xO5, running 'des_opts' - gives a speed of 344,000 des/s while 'speed' gives 459,000 des/s. - I'll record the higher since it is coming from the library but it - is all rather weird. -[2] Similar to the ultra sparc ([1]), 181,000 for 'des_opts' vs 175,000. -[3] I was unable to get access to this machine when it was not heavily loaded. - As such, my timing program was never able to get more that %30 of the CPU. - This would cause the program to give much lower speed numbers because - it would be 'fighting' to stay in the cache with the other CPU burning - processes. diff --git a/src/libcrypto/libdes/podd.h b/src/libcrypto/libdes/podd.h deleted file mode 100644 index c00cd6ba0..000000000 --- a/src/libcrypto/libdes/podd.h +++ /dev/null @@ -1,75 +0,0 @@ -/* crypto/des/podd.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -static const unsigned char odd_parity[256]={ - 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14, - 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31, - 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47, - 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62, - 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79, - 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94, - 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110, -112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127, -128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143, -145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158, -161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174, -176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191, -193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206, -208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223, -224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239, -241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254}; diff --git a/src/libcrypto/libdes/set_key.c b/src/libcrypto/libdes/set_key.c deleted file mode 100644 index 99ac27348..000000000 --- a/src/libcrypto/libdes/set_key.c +++ /dev/null @@ -1,246 +0,0 @@ -/* crypto/des/set_key.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* set_key.c v 1.4 eay 24/9/91 - * 1.4 Speed up by 400% :-) - * 1.3 added register declarations. - * 1.2 unrolled make_key_sched a bit more - * 1.1 added norm_expand_bits - * 1.0 First working version - */ -#include "des_locl.h" -#include "podd.h" -#include "sk.h" - -#ifndef NOPROTO -static int check_parity(des_cblock (*key)); -#else -static int check_parity(); -#endif - -int des_check_key=0; - -void des_set_odd_parity(key) -des_cblock (*key); - { - int i; - - for (i=0; i<DES_KEY_SZ; i++) - (*key)[i]=odd_parity[(*key)[i]]; - } - -static int check_parity(key) -des_cblock (*key); - { - int i; - - for (i=0; i<DES_KEY_SZ; i++) - { - if ((*key)[i] != odd_parity[(*key)[i]]) - return(0); - } - return(1); - } - -/* Weak and semi week keys as take from - * %A D.W. Davies - * %A W.L. Price - * %T Security for Computer Networks - * %I John Wiley & Sons - * %D 1984 - * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference - * (and actual cblock values). - */ -#define NUM_WEAK_KEY 16 -static des_cblock weak_keys[NUM_WEAK_KEY]={ - /* weak keys */ - {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, - {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE}, - {0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F}, - {0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0}, - /* semi-weak keys */ - {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE}, - {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01}, - {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1}, - {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E}, - {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1}, - {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01}, - {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE}, - {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E}, - {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E}, - {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01}, - {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE}, - {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}}; - -int des_is_weak_key(key) -des_cblock (*key); - { - int i; - - for (i=0; i<NUM_WEAK_KEY; i++) - /* Added == 0 to comparision, I obviously don't run - * this section very often :-(, thanks to - * engineering@MorningStar.Com for the fix - * eay 93/06/29 - * Another problem, I was comparing only the first 4 - * bytes, 97/03/18 */ - if (memcmp(weak_keys[i],key,sizeof(des_cblock)) == 0) return(1); - return(0); - } - -/* NOW DEFINED IN des_local.h - * See ecb_encrypt.c for a pseudo description of these macros. - * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\ - * (b)^=(t),\ - * (a)=((a)^((t)<<(n)))) - */ - -#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\ - (a)=(a)^(t)^(t>>(16-(n)))) - -/* return 0 if key parity is odd (correct), - * return -1 if key parity error, - * return -2 if illegal weak key. - */ -int des_set_key(key, schedule) -des_cblock (*key); -des_key_schedule schedule; - { - static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0}; - register DES_LONG c,d,t,s,t2; - register unsigned char *in; - register DES_LONG *k; - register int i; - - if (des_check_key) - { - if (!check_parity(key)) - return(-1); - - if (des_is_weak_key(key)) - return(-2); - } - - k=(DES_LONG *)schedule; - in=(unsigned char *)key; - - c2l(in,c); - c2l(in,d); - - /* do PC1 in 60 simple operations */ -/* PERM_OP(d,c,t,4,0x0f0f0f0fL); - HPERM_OP(c,t,-2, 0xcccc0000L); - HPERM_OP(c,t,-1, 0xaaaa0000L); - HPERM_OP(c,t, 8, 0x00ff0000L); - HPERM_OP(c,t,-1, 0xaaaa0000L); - HPERM_OP(d,t,-8, 0xff000000L); - HPERM_OP(d,t, 8, 0x00ff0000L); - HPERM_OP(d,t, 2, 0x33330000L); - d=((d&0x00aa00aaL)<<7L)|((d&0x55005500L)>>7L)|(d&0xaa55aa55L); - d=(d>>8)|((c&0xf0000000L)>>4); - c&=0x0fffffffL; */ - - /* I now do it in 47 simple operations :-) - * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov) - * for the inspiration. :-) */ - PERM_OP (d,c,t,4,0x0f0f0f0fL); - HPERM_OP(c,t,-2,0xcccc0000L); - HPERM_OP(d,t,-2,0xcccc0000L); - PERM_OP (d,c,t,1,0x55555555L); - PERM_OP (c,d,t,8,0x00ff00ffL); - PERM_OP (d,c,t,1,0x55555555L); - d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) | - ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L)); - c&=0x0fffffffL; - - for (i=0; i<ITERATIONS; i++) - { - if (shifts2[i]) - { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); } - else - { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); } - c&=0x0fffffffL; - d&=0x0fffffffL; - /* could be a few less shifts but I am to lazy at this - * point in time to investigate */ - s= des_skb[0][ (c )&0x3f ]| - des_skb[1][((c>> 6)&0x03)|((c>> 7L)&0x3c)]| - des_skb[2][((c>>13)&0x0f)|((c>>14L)&0x30)]| - des_skb[3][((c>>20)&0x01)|((c>>21L)&0x06) | - ((c>>22L)&0x38)]; - t= des_skb[4][ (d )&0x3f ]| - des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]| - des_skb[6][ (d>>15L)&0x3f ]| - des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)]; - - /* table contained 0213 4657 */ - t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL; - *(k++)=ROTATE(t2,30)&0xffffffffL; - - t2=((s>>16L)|(t&0xffff0000L)); - *(k++)=ROTATE(t2,26)&0xffffffffL; - } - return(0); - } - -int des_key_sched(key, schedule) -des_cblock (*key); -des_key_schedule schedule; - { - return(des_set_key(key,schedule)); - } diff --git a/src/libcrypto/libdes/sk.h b/src/libcrypto/libdes/sk.h deleted file mode 100644 index 240703070..000000000 --- a/src/libcrypto/libdes/sk.h +++ /dev/null @@ -1,204 +0,0 @@ -/* crypto/des/sk.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -static const DES_LONG des_skb[8][64]={ -{ -/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */ -0x00000000L,0x00000010L,0x20000000L,0x20000010L, -0x00010000L,0x00010010L,0x20010000L,0x20010010L, -0x00000800L,0x00000810L,0x20000800L,0x20000810L, -0x00010800L,0x00010810L,0x20010800L,0x20010810L, -0x00000020L,0x00000030L,0x20000020L,0x20000030L, -0x00010020L,0x00010030L,0x20010020L,0x20010030L, -0x00000820L,0x00000830L,0x20000820L,0x20000830L, -0x00010820L,0x00010830L,0x20010820L,0x20010830L, -0x00080000L,0x00080010L,0x20080000L,0x20080010L, -0x00090000L,0x00090010L,0x20090000L,0x20090010L, -0x00080800L,0x00080810L,0x20080800L,0x20080810L, -0x00090800L,0x00090810L,0x20090800L,0x20090810L, -0x00080020L,0x00080030L,0x20080020L,0x20080030L, -0x00090020L,0x00090030L,0x20090020L,0x20090030L, -0x00080820L,0x00080830L,0x20080820L,0x20080830L, -0x00090820L,0x00090830L,0x20090820L,0x20090830L, -},{ -/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */ -0x00000000L,0x02000000L,0x00002000L,0x02002000L, -0x00200000L,0x02200000L,0x00202000L,0x02202000L, -0x00000004L,0x02000004L,0x00002004L,0x02002004L, -0x00200004L,0x02200004L,0x00202004L,0x02202004L, -0x00000400L,0x02000400L,0x00002400L,0x02002400L, -0x00200400L,0x02200400L,0x00202400L,0x02202400L, -0x00000404L,0x02000404L,0x00002404L,0x02002404L, -0x00200404L,0x02200404L,0x00202404L,0x02202404L, -0x10000000L,0x12000000L,0x10002000L,0x12002000L, -0x10200000L,0x12200000L,0x10202000L,0x12202000L, -0x10000004L,0x12000004L,0x10002004L,0x12002004L, -0x10200004L,0x12200004L,0x10202004L,0x12202004L, -0x10000400L,0x12000400L,0x10002400L,0x12002400L, -0x10200400L,0x12200400L,0x10202400L,0x12202400L, -0x10000404L,0x12000404L,0x10002404L,0x12002404L, -0x10200404L,0x12200404L,0x10202404L,0x12202404L, -},{ -/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */ -0x00000000L,0x00000001L,0x00040000L,0x00040001L, -0x01000000L,0x01000001L,0x01040000L,0x01040001L, -0x00000002L,0x00000003L,0x00040002L,0x00040003L, -0x01000002L,0x01000003L,0x01040002L,0x01040003L, -0x00000200L,0x00000201L,0x00040200L,0x00040201L, -0x01000200L,0x01000201L,0x01040200L,0x01040201L, -0x00000202L,0x00000203L,0x00040202L,0x00040203L, -0x01000202L,0x01000203L,0x01040202L,0x01040203L, -0x08000000L,0x08000001L,0x08040000L,0x08040001L, -0x09000000L,0x09000001L,0x09040000L,0x09040001L, -0x08000002L,0x08000003L,0x08040002L,0x08040003L, -0x09000002L,0x09000003L,0x09040002L,0x09040003L, -0x08000200L,0x08000201L,0x08040200L,0x08040201L, -0x09000200L,0x09000201L,0x09040200L,0x09040201L, -0x08000202L,0x08000203L,0x08040202L,0x08040203L, -0x09000202L,0x09000203L,0x09040202L,0x09040203L, -},{ -/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */ -0x00000000L,0x00100000L,0x00000100L,0x00100100L, -0x00000008L,0x00100008L,0x00000108L,0x00100108L, -0x00001000L,0x00101000L,0x00001100L,0x00101100L, -0x00001008L,0x00101008L,0x00001108L,0x00101108L, -0x04000000L,0x04100000L,0x04000100L,0x04100100L, -0x04000008L,0x04100008L,0x04000108L,0x04100108L, -0x04001000L,0x04101000L,0x04001100L,0x04101100L, -0x04001008L,0x04101008L,0x04001108L,0x04101108L, -0x00020000L,0x00120000L,0x00020100L,0x00120100L, -0x00020008L,0x00120008L,0x00020108L,0x00120108L, -0x00021000L,0x00121000L,0x00021100L,0x00121100L, -0x00021008L,0x00121008L,0x00021108L,0x00121108L, -0x04020000L,0x04120000L,0x04020100L,0x04120100L, -0x04020008L,0x04120008L,0x04020108L,0x04120108L, -0x04021000L,0x04121000L,0x04021100L,0x04121100L, -0x04021008L,0x04121008L,0x04021108L,0x04121108L, -},{ -/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */ -0x00000000L,0x10000000L,0x00010000L,0x10010000L, -0x00000004L,0x10000004L,0x00010004L,0x10010004L, -0x20000000L,0x30000000L,0x20010000L,0x30010000L, -0x20000004L,0x30000004L,0x20010004L,0x30010004L, -0x00100000L,0x10100000L,0x00110000L,0x10110000L, -0x00100004L,0x10100004L,0x00110004L,0x10110004L, -0x20100000L,0x30100000L,0x20110000L,0x30110000L, -0x20100004L,0x30100004L,0x20110004L,0x30110004L, -0x00001000L,0x10001000L,0x00011000L,0x10011000L, -0x00001004L,0x10001004L,0x00011004L,0x10011004L, -0x20001000L,0x30001000L,0x20011000L,0x30011000L, -0x20001004L,0x30001004L,0x20011004L,0x30011004L, -0x00101000L,0x10101000L,0x00111000L,0x10111000L, -0x00101004L,0x10101004L,0x00111004L,0x10111004L, -0x20101000L,0x30101000L,0x20111000L,0x30111000L, -0x20101004L,0x30101004L,0x20111004L,0x30111004L, -},{ -/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */ -0x00000000L,0x08000000L,0x00000008L,0x08000008L, -0x00000400L,0x08000400L,0x00000408L,0x08000408L, -0x00020000L,0x08020000L,0x00020008L,0x08020008L, -0x00020400L,0x08020400L,0x00020408L,0x08020408L, -0x00000001L,0x08000001L,0x00000009L,0x08000009L, -0x00000401L,0x08000401L,0x00000409L,0x08000409L, -0x00020001L,0x08020001L,0x00020009L,0x08020009L, -0x00020401L,0x08020401L,0x00020409L,0x08020409L, -0x02000000L,0x0A000000L,0x02000008L,0x0A000008L, -0x02000400L,0x0A000400L,0x02000408L,0x0A000408L, -0x02020000L,0x0A020000L,0x02020008L,0x0A020008L, -0x02020400L,0x0A020400L,0x02020408L,0x0A020408L, -0x02000001L,0x0A000001L,0x02000009L,0x0A000009L, -0x02000401L,0x0A000401L,0x02000409L,0x0A000409L, -0x02020001L,0x0A020001L,0x02020009L,0x0A020009L, -0x02020401L,0x0A020401L,0x02020409L,0x0A020409L, -},{ -/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */ -0x00000000L,0x00000100L,0x00080000L,0x00080100L, -0x01000000L,0x01000100L,0x01080000L,0x01080100L, -0x00000010L,0x00000110L,0x00080010L,0x00080110L, -0x01000010L,0x01000110L,0x01080010L,0x01080110L, -0x00200000L,0x00200100L,0x00280000L,0x00280100L, -0x01200000L,0x01200100L,0x01280000L,0x01280100L, -0x00200010L,0x00200110L,0x00280010L,0x00280110L, -0x01200010L,0x01200110L,0x01280010L,0x01280110L, -0x00000200L,0x00000300L,0x00080200L,0x00080300L, -0x01000200L,0x01000300L,0x01080200L,0x01080300L, -0x00000210L,0x00000310L,0x00080210L,0x00080310L, -0x01000210L,0x01000310L,0x01080210L,0x01080310L, -0x00200200L,0x00200300L,0x00280200L,0x00280300L, -0x01200200L,0x01200300L,0x01280200L,0x01280300L, -0x00200210L,0x00200310L,0x00280210L,0x00280310L, -0x01200210L,0x01200310L,0x01280210L,0x01280310L, -},{ -/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */ -0x00000000L,0x04000000L,0x00040000L,0x04040000L, -0x00000002L,0x04000002L,0x00040002L,0x04040002L, -0x00002000L,0x04002000L,0x00042000L,0x04042000L, -0x00002002L,0x04002002L,0x00042002L,0x04042002L, -0x00000020L,0x04000020L,0x00040020L,0x04040020L, -0x00000022L,0x04000022L,0x00040022L,0x04040022L, -0x00002020L,0x04002020L,0x00042020L,0x04042020L, -0x00002022L,0x04002022L,0x00042022L,0x04042022L, -0x00000800L,0x04000800L,0x00040800L,0x04040800L, -0x00000802L,0x04000802L,0x00040802L,0x04040802L, -0x00002800L,0x04002800L,0x00042800L,0x04042800L, -0x00002802L,0x04002802L,0x00042802L,0x04042802L, -0x00000820L,0x04000820L,0x00040820L,0x04040820L, -0x00000822L,0x04000822L,0x00040822L,0x04040822L, -0x00002820L,0x04002820L,0x00042820L,0x04042820L, -0x00002822L,0x04002822L,0x00042822L,0x04042822L, -}}; diff --git a/src/libcrypto/libdes/spr.h b/src/libcrypto/libdes/spr.h deleted file mode 100644 index a84d6a723..000000000 --- a/src/libcrypto/libdes/spr.h +++ /dev/null @@ -1,204 +0,0 @@ -/* crypto/des/spr.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -const DES_LONG des_SPtrans[8][64]={ -{ -/* nibble 0 */ -0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L, -0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L, -0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L, -0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L, -0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L, -0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L, -0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L, -0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L, -0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L, -0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L, -0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L, -0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L, -0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L, -0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L, -0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L, -0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L, -},{ -/* nibble 1 */ -0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L, -0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L, -0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L, -0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L, -0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L, -0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L, -0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L, -0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L, -0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L, -0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L, -0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L, -0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L, -0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L, -0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L, -0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L, -0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L, -},{ -/* nibble 2 */ -0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L, -0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L, -0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L, -0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L, -0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L, -0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L, -0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L, -0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L, -0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L, -0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L, -0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L, -0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L, -0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L, -0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L, -0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L, -0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L, -},{ -/* nibble 3 */ -0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L, -0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L, -0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L, -0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L, -0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L, -0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L, -0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L, -0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L, -0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L, -0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L, -0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L, -0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L, -0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L, -0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L, -0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L, -0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L, -},{ -/* nibble 4 */ -0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L, -0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L, -0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L, -0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L, -0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L, -0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L, -0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L, -0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L, -0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L, -0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L, -0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L, -0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L, -0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L, -0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L, -0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L, -0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L, -},{ -/* nibble 5 */ -0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L, -0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L, -0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L, -0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L, -0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L, -0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L, -0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L, -0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L, -0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L, -0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L, -0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L, -0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L, -0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L, -0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L, -0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L, -0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L, -},{ -/* nibble 6 */ -0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L, -0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L, -0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L, -0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L, -0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L, -0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L, -0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L, -0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L, -0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L, -0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L, -0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L, -0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L, -0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L, -0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L, -0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L, -0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L, -},{ -/* nibble 7 */ -0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L, -0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L, -0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L, -0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L, -0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L, -0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L, -0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L, -0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L, -0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L, -0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L, -0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L, -0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L, -0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L, -0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L, -0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L, -0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L, -}}; diff --git a/src/libcrypto/libserpent/Makefile.old b/src/libcrypto/libserpent/Makefile.old deleted file mode 100644 index 51a1e0582..000000000 --- a/src/libcrypto/libserpent/Makefile.old +++ /dev/null @@ -1,20 +0,0 @@ -CFLAGS=-O3 -fomit-frame-pointer -D__KERNEL__ -Wall $(EXTRA_CFLAGS) -INC=-I../include -LIBOBJ=serpent.o serpent_cbc.o -BLIB=libserpent.a - -.c.o: - $(CC) $(CPPFLAGS) $(CFLAGS) $(INC) -c $< -o $@ - -$(BLIB): $(LIBOBJ) - /bin/rm -f $(BLIB) - ar cr $(BLIB) $(LIBOBJ) - -if test -s /bin/ranlib; then /bin/ranlib $(BLIB); \ - else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(BLIB); \ - else exit 0; fi; fi - -test: test_main.o $(BLIB) - $(CC) -o $@ $^ - -clean: - rm -f *.[oa] core $(TARGET) test diff --git a/src/libcrypto/libserpent/serpent.c b/src/libcrypto/libserpent/serpent.c deleted file mode 100644 index f2cea250e..000000000 --- a/src/libcrypto/libserpent/serpent.c +++ /dev/null @@ -1,995 +0,0 @@ - -/* Optimized implementation of the Serpent AES candidate algorithm - * Designed by Anderson, Biham and Knudsen and Implemented by - * Gisle Sælensminde 2000. - * - * The implementation is based on the pentium optimised sboxes of - * Dag Arne Osvik. Even these sboxes are designed to be optimal for x86 - * processors they are efficient on other processors as well, but the speedup - * isn't so impressive compared to other implementations. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Library General Public License - * as published by the Free Software Foundation; either version 2 of - * the License, or (at your option) any later version. - */ - -#ifdef __KERNEL__ -#include <linux/init.h> -#include <linux/types.h> - -#include <asm/byteorder.h> -#else -#include <sys/types.h> -#include <asm/byteorder.h> -#endif - -#include "serpent.h" - -#define rotl(reg, val) ((reg << val) | (reg >> (32 - val))) -#define rotr(reg, val) ((reg >> val) | (reg << (32 - val))) - -#ifdef __cpu_to_be32 -#define BLOCK_SWAP -#define io_swap(x) __cpu_to_be32(x) -#else -#undef BLOCK_SWAP -#endif - -/* The sbox functions. The first four parameters is the input bits, and - * the last is a tempoary. These parameters are also used for output, but - * the bit order is permuted. The output bit order from S0 is - * (1 4 2 0 3), where 3 is the (now useless) tempoary. - */ - -#define S0(r0,r1,r2,r3,r4) \ - r3 = r3 ^ r0; \ - r4 = r1; \ - r1 = r1 & r3; \ - r4 = r4 ^ r2; \ - r1 = r1 ^ r0; \ - r0 = r0 | r3; \ - r0 = r0 ^ r4; \ - r4 = r4 ^ r3; \ - r3 = r3 ^ r2; \ - r2 = r2 | r1; \ - r2 = r2 ^ r4; \ - r4 = -1 ^ r4; \ - r4 = r4 | r1; \ - r1 = r1 ^ r3; \ - r1 = r1 ^ r4; \ - r3 = r3 | r0; \ - r1 = r1 ^ r3; \ - r4 = r4 ^ r3; - -#define S1(r0,r1,r2,r3,r4) \ - r1 = -1 ^ r1; \ - r4 = r0; \ - r0 = r0 ^ r1; \ - r4 = r4 | r1; \ - r4 = r4 ^ r3; \ - r3 = r3 & r0; \ - r2 = r2 ^ r4; \ - r3 = r3 ^ r1; \ - r3 = r3 | r2; \ - r0 = r0 ^ r4; \ - r3 = r3 ^ r0; \ - r1 = r1 & r2; \ - r0 = r0 | r1; \ - r1 = r1 ^ r4; \ - r0 = r0 ^ r2; \ - r4 = r4 | r3; \ - r0 = r0 ^ r4; \ - r4 = -1 ^ r4; \ - r1 = r1 ^ r3; \ - r4 = r4 & r2; \ - r1 = -1 ^ r1; \ - r4 = r4 ^ r0; \ - r1 = r1 ^ r4; - -#define S2(r0,r1,r2,r3,r4) \ - r4 = r0; \ - r0 = r0 & r2; \ - r0 = r0 ^ r3; \ - r2 = r2 ^ r1; \ - r2 = r2 ^ r0; \ - r3 = r3 | r4; \ - r3 = r3 ^ r1; \ - r4 = r4 ^ r2; \ - r1 = r3; \ - r3 = r3 | r4; \ - r3 = r3 ^ r0; \ - r0 = r0 & r1; \ - r4 = r4 ^ r0; \ - r1 = r1 ^ r3; \ - r1 = r1 ^ r4; \ - r4 = -1 ^ r4; - -#define S3(r0,r1,r2,r3,r4) \ - r4 = r0 ; \ - r0 = r0 | r3; \ - r3 = r3 ^ r1; \ - r1 = r1 & r4; \ - r4 = r4 ^ r2; \ - r2 = r2 ^ r3; \ - r3 = r3 & r0; \ - r4 = r4 | r1; \ - r3 = r3 ^ r4; \ - r0 = r0 ^ r1; \ - r4 = r4 & r0; \ - r1 = r1 ^ r3; \ - r4 = r4 ^ r2; \ - r1 = r1 | r0; \ - r1 = r1 ^ r2; \ - r0 = r0 ^ r3; \ - r2 = r1; \ - r1 = r1 | r3; \ - r1 = r1 ^ r0; - -#define S4(r0,r1,r2,r3,r4) \ - r1 = r1 ^ r3; \ - r3 = -1 ^ r3; \ - r2 = r2 ^ r3; \ - r3 = r3 ^ r0; \ - r4 = r1; \ - r1 = r1 & r3; \ - r1 = r1 ^ r2; \ - r4 = r4 ^ r3; \ - r0 = r0 ^ r4; \ - r2 = r2 & r4; \ - r2 = r2 ^ r0; \ - r0 = r0 & r1; \ - r3 = r3 ^ r0; \ - r4 = r4 | r1; \ - r4 = r4 ^ r0; \ - r0 = r0 | r3; \ - r0 = r0 ^ r2; \ - r2 = r2 & r3; \ - r0 = -1 ^ r0; \ - r4 = r4 ^ r2; - -#define S5(r0,r1,r2,r3,r4) \ - r0 = r0 ^ r1; \ - r1 = r1 ^ r3; \ - r3 = -1 ^ r3; \ - r4 = r1; \ - r1 = r1 & r0; \ - r2 = r2 ^ r3; \ - r1 = r1 ^ r2; \ - r2 = r2 | r4; \ - r4 = r4 ^ r3; \ - r3 = r3 & r1; \ - r3 = r3 ^ r0; \ - r4 = r4 ^ r1; \ - r4 = r4 ^ r2; \ - r2 = r2 ^ r0; \ - r0 = r0 & r3; \ - r2 = -1 ^ r2; \ - r0 = r0 ^ r4; \ - r4 = r4 | r3; \ - r2 = r2 ^ r4; - -#define S6(r0,r1,r2,r3,r4) \ - r2 = -1 ^ r2; \ - r4 = r3; \ - r3 = r3 & r0; \ - r0 = r0 ^ r4; \ - r3 = r3 ^ r2; \ - r2 = r2 | r4; \ - r1 = r1 ^ r3; \ - r2 = r2 ^ r0; \ - r0 = r0 | r1; \ - r2 = r2 ^ r1; \ - r4 = r4 ^ r0; \ - r0 = r0 | r3; \ - r0 = r0 ^ r2; \ - r4 = r4 ^ r3; \ - r4 = r4 ^ r0; \ - r3 = -1 ^ r3; \ - r2 = r2 & r4; \ - r2 = r2 ^ r3; - -#define S7(r0,r1,r2,r3,r4) \ - r4 = r2; \ - r2 = r2 & r1; \ - r2 = r2 ^ r3; \ - r3 = r3 & r1; \ - r4 = r4 ^ r2; \ - r2 = r2 ^ r1; \ - r1 = r1 ^ r0; \ - r0 = r0 | r4; \ - r0 = r0 ^ r2; \ - r3 = r3 ^ r1; \ - r2 = r2 ^ r3; \ - r3 = r3 & r0; \ - r3 = r3 ^ r4; \ - r4 = r4 ^ r2; \ - r2 = r2 & r0; \ - r4 = -1 ^ r4; \ - r2 = r2 ^ r4; \ - r4 = r4 & r0; \ - r1 = r1 ^ r3; \ - r4 = r4 ^ r1; - -/* The inverse sboxes */ - -#define I0(r0,r1,r2,r3,r4) \ - r2 = r2 ^ -1; \ - r4 = r1; \ - r1 = r1 | r0; \ - r4 = r4 ^ -1; \ - r1 = r1 ^ r2; \ - r2 = r2 | r4; \ - r1 = r1 ^ r3; \ - r0 = r0 ^ r4; \ - r2 = r2 ^ r0; \ - r0 = r0 & r3; \ - r4 = r4 ^ r0; \ - r0 = r0 | r1; \ - r0 = r0 ^ r2; \ - r3 = r3 ^ r4; \ - r2 = r2 ^ r1; \ - r3 = r3 ^ r0; \ - r3 = r3 ^ r1; \ - r2 = r2 & r3; \ - r4 = r4 ^ r2; - -#define I1(r0,r1,r2,r3,r4) \ - r4 = r1; \ - r1 = r1 ^ r3; \ - r3 = r3 & r1; \ - r4 = r4 ^ r2; \ - r3 = r3 ^ r0; \ - r0 = r0 | r1; \ - r2 = r2 ^ r3; \ - r0 = r0 ^ r4; \ - r0 = r0 | r2; \ - r1 = r1 ^ r3; \ - r0 = r0 ^ r1; \ - r1 = r1 | r3; \ - r1 = r1 ^ r0; \ - r4 = r4 ^ -1; \ - r4 = r4 ^ r1; \ - r1 = r1 | r0; \ - r1 = r1 ^ r0; \ - r1 = r1 | r4; \ - r3 = r3 ^ r1; - -#define I2(r0,r1,r2,r3,r4) \ - r2 = r2 ^ r3; \ - r3 = r3 ^ r0; \ - r4 = r3; \ - r3 = r3 & r2; \ - r3 = r3 ^ r1; \ - r1 = r1 | r2; \ - r1 = r1 ^ r4; \ - r4 = r4 & r3; \ - r2 = r2 ^ r3; \ - r4 = r4 & r0; \ - r4 = r4 ^ r2; \ - r2 = r2 & r1; \ - r2 = r2 | r0; \ - r3 = r3 ^ -1; \ - r2 = r2 ^ r3; \ - r0 = r0 ^ r3; \ - r0 = r0 & r1; \ - r3 = r3 ^ r4; \ - r3 = r3 ^ r0; - -#define I3(r0,r1,r2,r3,r4) \ - r4 = r2; \ - r2 = r2 ^ r1; \ - r0 = r0 ^ r2; \ - r4 = r4 & r2; \ - r4 = r4 ^ r0; \ - r0 = r0 & r1; \ - r1 = r1 ^ r3; \ - r3 = r3 | r4; \ - r2 = r2 ^ r3; \ - r0 = r0 ^ r3; \ - r1 = r1 ^ r4; \ - r3 = r3 & r2; \ - r3 = r3 ^ r1; \ - r1 = r1 ^ r0; \ - r1 = r1 | r2; \ - r0 = r0 ^ r3; \ - r1 = r1 ^ r4; \ - r0 = r0 ^ r1; - -#define I4(r0,r1,r2,r3,r4) \ - r4 = r2; \ - r2 = r2 & r3; \ - r2 = r2 ^ r1; \ - r1 = r1 | r3; \ - r1 = r1 & r0; \ - r4 = r4 ^ r2; \ - r4 = r4 ^ r1; \ - r1 = r1 & r2; \ - r0 = r0 ^ -1; \ - r3 = r3 ^ r4; \ - r1 = r1 ^ r3; \ - r3 = r3 & r0; \ - r3 = r3 ^ r2; \ - r0 = r0 ^ r1; \ - r2 = r2 & r0; \ - r3 = r3 ^ r0; \ - r2 = r2 ^ r4; \ - r2 = r2 | r3; \ - r3 = r3 ^ r0; \ - r2 = r2 ^ r1; - -#define I5(r0,r1,r2,r3,r4) \ - r1 = r1 ^ -1; \ - r4 = r3; \ - r2 = r2 ^ r1; \ - r3 = r3 | r0; \ - r3 = r3 ^ r2; \ - r2 = r2 | r1; \ - r2 = r2 & r0; \ - r4 = r4 ^ r3; \ - r2 = r2 ^ r4; \ - r4 = r4 | r0; \ - r4 = r4 ^ r1; \ - r1 = r1 & r2; \ - r1 = r1 ^ r3; \ - r4 = r4 ^ r2; \ - r3 = r3 & r4; \ - r4 = r4 ^ r1; \ - r3 = r3 ^ r0; \ - r3 = r3 ^ r4; \ - r4 = r4 ^ -1; - - -#define I6(r0,r1,r2,r3,r4) \ - r0 = r0 ^ r2; \ - r4 = r2; \ - r2 = r2 & r0; \ - r4 = r4 ^ r3; \ - r2 = r2 ^ -1; \ - r3 = r3 ^ r1; \ - r2 = r2 ^ r3; \ - r4 = r4 | r0; \ - r0 = r0 ^ r2; \ - r3 = r3 ^ r4; \ - r4 = r4 ^ r1; \ - r1 = r1 & r3; \ - r1 = r1 ^ r0; \ - r0 = r0 ^ r3; \ - r0 = r0 | r2; \ - r3 = r3 ^ r1; \ - r4 = r4 ^ r0; - -#define I7(r0,r1,r2,r3,r4) \ - r4 = r2; \ - r2 = r2 ^ r0; \ - r0 = r0 & r3; \ - r4 = r4 | r3; \ - r2 = r2 ^ -1; \ - r3 = r3 ^ r1; \ - r1 = r1 | r0; \ - r0 = r0 ^ r2; \ - r2 = r2 & r4; \ - r3 = r3 & r4; \ - r1 = r1 ^ r2; \ - r2 = r2 ^ r0; \ - r0 = r0 | r2; \ - r4 = r4 ^ r1; \ - r0 = r0 ^ r3; \ - r3 = r3 ^ r4; \ - r4 = r4 | r0; \ - r3 = r3 ^ r2; \ - r4 = r4 ^ r2; - -/* forward and inverse linear transformations */ - -#define LINTRANS(r0,r1,r2,r3,r4) \ - r0 = rotl(r0, 13); \ - r2 = rotl(r2, 3); \ - r3 = r3 ^ r2; \ - r4 = r0 << 3; \ - r1 = r1 ^ r0; \ - r3 = r3 ^ r4; \ - r1 = r1 ^ r2; \ - r3 = rotl(r3, 7); \ - r1 = rotl(r1, 1); \ - r2 = r2 ^ r3; \ - r4 = r1 << 7; \ - r0 = r0 ^ r1; \ - r2 = r2 ^ r4; \ - r0 = r0 ^ r3; \ - r2 = rotl(r2, 22); \ - r0 = rotl(r0, 5); - -#define ILINTRANS(r0,r1,r2,r3,r4) \ - r2 = rotr(r2, 22); \ - r0 = rotr(r0, 5); \ - r2 = r2 ^ r3; \ - r4 = r1 << 7; \ - r0 = r0 ^ r1; \ - r2 = r2 ^ r4; \ - r0 = r0 ^ r3; \ - r3 = rotr(r3, 7); \ - r1 = rotr(r1, 1); \ - r3 = r3 ^ r2; \ - r4 = r0 << 3; \ - r1 = r1 ^ r0; \ - r3 = r3 ^ r4; \ - r1 = r1 ^ r2; \ - r2 = rotr(r2, 3); \ - r0 = rotr(r0, 13); - - -#define KEYMIX(r0,r1,r2,r3,r4,IN) \ - r0 = r0 ^ l_key[IN+8]; \ - r1 = r1 ^ l_key[IN+9]; \ - r2 = r2 ^ l_key[IN+10]; \ - r3 = r3 ^ l_key[IN+11]; - -#define GETKEY(r0, r1, r2, r3, IN) \ - r0 = l_key[IN+8]; \ - r1 = l_key[IN+9]; \ - r2 = l_key[IN+10]; \ - r3 = l_key[IN+11]; - -#define SETKEY(r0, r1, r2, r3, IN) \ - l_key[IN+8] = r0; \ - l_key[IN+9] = r1; \ - l_key[IN+10] = r2; \ - l_key[IN+11] = r3; - -/* initialise the key schedule from the user supplied key */ - -int serpent_set_key(serpent_context *cx, const unsigned char *key, int key_len) -{ const u32 *in_key = (const u32 *)key; - /* l_key - storage for the key schedule */ - u32 *l_key = cx->keyinfo; - u32 i,lk,r0,r1,r2,r3,r4; - - if (key_len != 16 && key_len != 24 && key_len != 32) - return -1; /* unsupported key length */ - - key_len *= 8; - - i = 0; lk = (key_len + 31) / 32; - - while(i < lk) - { -#ifdef BLOCK_SWAP - l_key[i] = io_swap(in_key[lk - i - 1]); -#else - l_key[i] = in_key[i]; -#endif - i++; - } - - if (key_len < 256) - { - while(i < 8) - - l_key[i++] = 0; - - i = key_len / 32; lk = 1 << key_len % 32; - - l_key[i] &= lk - 1; - l_key[i] |= lk; - } - - for(i = 0; i < 132; ++i) - { - lk = l_key[i] ^ l_key[i + 3] ^ l_key[i + 5] - ^ l_key[i + 7] ^ 0x9e3779b9 ^ i; - - l_key[i + 8] = (lk << 11) | (lk >> 21); - } - - GETKEY(r0, r1, r2, r3, 0); - S3(r0,r1,r2,r3,r4); - SETKEY(r1, r2, r3, r4, 0) - - GETKEY(r0, r1, r2, r3, 4); - S2(r0,r1,r2,r3,r4); - SETKEY(r2, r3, r1, r4, 4) - - GETKEY(r0, r1, r2, r3, 8); - S1(r0,r1,r2,r3,r4); - SETKEY(r3, r1, r2, r0, 8) - - GETKEY(r0, r1, r2, r3, 12); - S0(r0,r1,r2,r3,r4); - SETKEY(r1, r4, r2, r0, 12) - - GETKEY(r0, r1, r2, r3, 16); - S7(r0,r1,r2,r3,r4); - SETKEY(r2, r4, r3, r0, 16) - - GETKEY(r0, r1, r2, r3, 20); - S6(r0,r1,r2,r3,r4) - SETKEY(r0, r1, r4, r2, 20) - - GETKEY(r0, r1, r2, r3, 24); - S5(r0,r1,r2,r3,r4); - SETKEY(r1, r3, r0, r2, 24) - - GETKEY(r0, r1, r2, r3, 28); - S4(r0,r1,r2,r3,r4) - SETKEY(r1, r4, r0, r3, 28) - - GETKEY(r0, r1, r2, r3, 32); - S3(r0,r1,r2,r3,r4); - SETKEY(r1, r2, r3, r4, 32) - - GETKEY(r0, r1, r2, r3, 36); - S2(r0,r1,r2,r3,r4); - SETKEY(r2, r3, r1, r4, 36) - - GETKEY(r0, r1, r2, r3, 40); - S1(r0,r1,r2,r3,r4); - SETKEY(r3, r1, r2, r0, 40) - - GETKEY(r0, r1, r2, r3, 44); - S0(r0,r1,r2,r3,r4); - SETKEY(r1, r4, r2, r0, 44) - - GETKEY(r0, r1, r2, r3, 48); - S7(r0,r1,r2,r3,r4); - SETKEY(r2, r4, r3, r0, 48) - - GETKEY(r0, r1, r2, r3, 52); - S6(r0,r1,r2,r3,r4) - SETKEY(r0, r1, r4, r2, 52) - - GETKEY(r0, r1, r2, r3, 56); - S5(r0,r1,r2,r3,r4); - SETKEY(r1, r3, r0, r2, 56) - - GETKEY(r0, r1, r2, r3, 60); - S4(r0,r1,r2,r3,r4) - SETKEY(r1, r4, r0, r3, 60) - - GETKEY(r0, r1, r2, r3, 64); - S3(r0,r1,r2,r3,r4); - SETKEY(r1, r2, r3, r4, 64) - - GETKEY(r0, r1, r2, r3, 68); - S2(r0,r1,r2,r3,r4); - SETKEY(r2, r3, r1, r4, 68) - - GETKEY(r0, r1, r2, r3, 72); - S1(r0,r1,r2,r3,r4); - SETKEY(r3, r1, r2, r0, 72) - - GETKEY(r0, r1, r2, r3, 76); - S0(r0,r1,r2,r3,r4); - SETKEY(r1, r4, r2, r0, 76) - - GETKEY(r0, r1, r2, r3, 80); - S7(r0,r1,r2,r3,r4); - SETKEY(r2, r4, r3, r0, 80) - - GETKEY(r0, r1, r2, r3, 84); - S6(r0,r1,r2,r3,r4) - SETKEY(r0, r1, r4, r2, 84) - - GETKEY(r0, r1, r2, r3, 88); - S5(r0,r1,r2,r3,r4); - SETKEY(r1, r3, r0, r2, 88) - - GETKEY(r0, r1, r2, r3, 92); - S4(r0,r1,r2,r3,r4) - SETKEY(r1, r4, r0, r3, 92) - - GETKEY(r0, r1, r2, r3, 96); - S3(r0,r1,r2,r3,r4); - SETKEY(r1, r2, r3, r4, 96) - - GETKEY(r0, r1, r2, r3, 100); - S2(r0,r1,r2,r3,r4); - SETKEY(r2, r3, r1, r4, 100) - - GETKEY(r0, r1, r2, r3, 104); - S1(r0,r1,r2,r3,r4); - SETKEY(r3, r1, r2, r0, 104) - - GETKEY(r0, r1, r2, r3, 108); - S0(r0,r1,r2,r3,r4); - SETKEY(r1, r4, r2, r0, 108) - - GETKEY(r0, r1, r2, r3, 112); - S7(r0,r1,r2,r3,r4); - SETKEY(r2, r4, r3, r0, 112) - - GETKEY(r0, r1, r2, r3, 116); - S6(r0,r1,r2,r3,r4) - SETKEY(r0, r1, r4, r2, 116) - - GETKEY(r0, r1, r2, r3, 120); - S5(r0,r1,r2,r3,r4); - SETKEY(r1, r3, r0, r2, 120) - - GETKEY(r0, r1, r2, r3, 124); - S4(r0,r1,r2,r3,r4) - SETKEY(r1, r4, r0, r3, 124) - - GETKEY(r0, r1, r2, r3, 128); - S3(r0,r1,r2,r3,r4); - SETKEY(r1, r2, r3, r4, 128) - - return 0; -}; - -/* Encryption and decryption functions. The rounds are fully inlined. - * The sboxes alters the bit order of the output, and the altered - * bit ordrer is used progressivly. */ - -/* encrypt a block of text */ - -int serpent_encrypt(serpent_context *cx, const u8 *in, - u8 *out) -{ u32 *l_key = cx->keyinfo; - const u32 *in_blk = (const u32 *) in; - u32 *out_blk = (u32 *) out; - u32 r0,r1,r2,r3,r4; - -#ifdef BLOCK_SWAP - r0 = io_swap(in_blk[3]); r1 = io_swap(in_blk[2]); - r2 = io_swap(in_blk[1]); r3 = io_swap(in_blk[0]); -#else - r0 = in_blk[0]; r1 = in_blk[1]; r2 = in_blk[2]; r3 = in_blk[3]; -#endif - - /* round 1 */ - KEYMIX(r0,r1,r2,r3,r4,0); - S0(r0,r1,r2,r3,r4); - LINTRANS(r1,r4,r2,r0,r3); - - /* round 2 */ - KEYMIX(r1,r4,r2,r0,r3,4); - S1(r1,r4,r2,r0,r3); - LINTRANS(r0,r4,r2,r1,r3); - - /* round 3 */ - KEYMIX(r0,r4,r2,r1,r3,8); - S2(r0,r4,r2,r1,r3); - LINTRANS(r2,r1,r4,r3,r0); - - /* round 4 */ - KEYMIX(r2,r1,r4,r3,r0,12); - S3(r2,r1,r4,r3,r0); - LINTRANS(r1,r4,r3,r0,r2); - - /* round 5 */ - KEYMIX(r1,r4,r3,r0,r2,16); - S4(r1,r4,r3,r0,r2) - LINTRANS(r4,r2,r1,r0,r3); - - /* round 6 */ - KEYMIX(r4,r2,r1,r0,r3,20); - S5(r4,r2,r1,r0,r3); - LINTRANS(r2,r0,r4,r1,r3); - - /* round 7 */ - KEYMIX(r2,r0,r4,r1,r3,24); - S6(r2,r0,r4,r1,r3) - LINTRANS(r2,r0,r3,r4,r1); - - /* round 8 */ - KEYMIX(r2,r0,r3,r4,r1,28); - S7(r2,r0,r3,r4,r1); - LINTRANS(r3,r1,r4,r2,r0); - - /* round 9 */ - KEYMIX(r3,r1,r4,r2,r0,32); - S0(r3,r1,r4,r2,r0); - LINTRANS(r1,r0,r4,r3,r2); - - /* round 10 */ - KEYMIX(r1,r0,r4,r3,r2,36); - S1(r1,r0,r4,r3,r2); - LINTRANS(r3,r0,r4,r1,r2); - - /* round 11 */ - KEYMIX(r3,r0,r4,r1,r2,40); - S2(r3,r0,r4,r1,r2); - LINTRANS(r4,r1,r0,r2,r3); - - /* round 12 */ - KEYMIX(r4,r1,r0,r2,r3,44); - S3(r4,r1,r0,r2,r3); - LINTRANS(r1,r0,r2,r3,r4); - - /* round 13 */ - KEYMIX(r1,r0,r2,r3,r4,48); - S4(r1,r0,r2,r3,r4) - LINTRANS(r0,r4,r1,r3,r2); - - /* round 14 */ - KEYMIX(r0,r4,r1,r3,r2,52); - S5(r0,r4,r1,r3,r2); - LINTRANS(r4,r3,r0,r1,r2); - - /* round 15 */ - KEYMIX(r4,r3,r0,r1,r2,56); - S6(r4,r3,r0,r1,r2) - LINTRANS(r4,r3,r2,r0,r1); - - /* round 16 */ - KEYMIX(r4,r3,r2,r0,r1,60); - S7(r4,r3,r2,r0,r1); - LINTRANS(r2,r1,r0,r4,r3); - - /* round 17 */ - KEYMIX(r2,r1,r0,r4,r3,64); - S0(r2,r1,r0,r4,r3); - LINTRANS(r1,r3,r0,r2,r4); - - /* round 18 */ - KEYMIX(r1,r3,r0,r2,r4,68); - S1(r1,r3,r0,r2,r4); - LINTRANS(r2,r3,r0,r1,r4); - - /* round 19 */ - KEYMIX(r2,r3,r0,r1,r4,72); - S2(r2,r3,r0,r1,r4); - LINTRANS(r0,r1,r3,r4,r2); - - /* round 20 */ - KEYMIX(r0,r1,r3,r4,r2,76); - S3(r0,r1,r3,r4,r2); - LINTRANS(r1,r3,r4,r2,r0); - - /* round 21 */ - KEYMIX(r1,r3,r4,r2,r0,80); - S4(r1,r3,r4,r2,r0) - LINTRANS(r3,r0,r1,r2,r4); - - /* round 22 */ - KEYMIX(r3,r0,r1,r2,r4,84); - S5(r3,r0,r1,r2,r4); - LINTRANS(r0,r2,r3,r1,r4); - - /* round 23 */ - KEYMIX(r0,r2,r3,r1,r4,88); - S6(r0,r2,r3,r1,r4) - LINTRANS(r0,r2,r4,r3,r1); - - /* round 24 */ - KEYMIX(r0,r2,r4,r3,r1,92); - S7(r0,r2,r4,r3,r1); - LINTRANS(r4,r1,r3,r0,r2); - - /* round 25 */ - KEYMIX(r4,r1,r3,r0,r2,96); - S0(r4,r1,r3,r0,r2); - LINTRANS(r1,r2,r3,r4,r0); - - /* round 26 */ - KEYMIX(r1,r2,r3,r4,r0,100); - S1(r1,r2,r3,r4,r0); - LINTRANS(r4,r2,r3,r1,r0); - - /* round 27 */ - KEYMIX(r4,r2,r3,r1,r0,104); - S2(r4,r2,r3,r1,r0); - LINTRANS(r3,r1,r2,r0,r4); - - /* round 28 */ - KEYMIX(r3,r1,r2,r0,r4,108); - S3(r3,r1,r2,r0,r4); - LINTRANS(r1,r2,r0,r4,r3); - - /* round 29 */ - KEYMIX(r1,r2,r0,r4,r3,112); - S4(r1,r2,r0,r4,r3) - LINTRANS(r2,r3,r1,r4,r0); - - /* round 30 */ - KEYMIX(r2,r3,r1,r4,r0,116); - S5(r2,r3,r1,r4,r0); - LINTRANS(r3,r4,r2,r1,r0); - - /* round 31 */ - KEYMIX(r3,r4,r2,r1,r0,120); - S6(r3,r4,r2,r1,r0) - LINTRANS(r3,r4,r0,r2,r1); - - /* round 32 */ - KEYMIX(r3,r4,r0,r2,r1,124); - S7(r3,r4,r0,r2,r1); - KEYMIX(r0,r1,r2,r3,r4,128); - - -#ifdef BLOCK_SWAP - out_blk[3] = io_swap(r0); out_blk[2] = io_swap(r1); - out_blk[1] = io_swap(r2); out_blk[0] = io_swap(r3); -#else - out_blk[0] = r0; out_blk[1] = r1; out_blk[2] = r2; out_blk[3] = r3; -#endif - return 0; -}; - -/* decrypt a block of text */ - -int serpent_decrypt(serpent_context *cx, const u8 *in, - u8 *out) -{ u32 *l_key = cx->keyinfo; - const u32 *in_blk = (const u32 *)in; - u32 *out_blk = (u32 *)out; - u32 r0,r1,r2,r3,r4; - -#ifdef BLOCK_SWAP - r0 = io_swap(in_blk[3]); r1 = io_swap(in_blk[2]); - r2 = io_swap(in_blk[1]); r3 = io_swap(in_blk[0]); -#else - r0 = in_blk[0]; r1 = in_blk[1]; r2 = in_blk[2]; r3 = in_blk[3]; -#endif - - /* round 1 */ - KEYMIX(r0,r1,r2,r3,r4,128); - I7(r0,r1,r2,r3,r4); - KEYMIX(r3,r0,r1,r4,r2,124); - - /* round 2 */ - ILINTRANS(r3,r0,r1,r4,r2); - I6(r3,r0,r1,r4,r2); - KEYMIX(r0,r1,r2,r4,r3,120); - - /* round 3 */ - ILINTRANS(r0,r1,r2,r4,r3); - I5(r0,r1,r2,r4,r3); - KEYMIX(r1,r3,r4,r2,r0,116); - - /* round 4 */ - ILINTRANS(r1,r3,r4,r2,r0); - I4(r1,r3,r4,r2,r0); - KEYMIX(r1,r2,r4,r0,r3,112); - - /* round 5 */ - ILINTRANS(r1,r2,r4,r0,r3); - I3(r1,r2,r4,r0,r3); - KEYMIX(r4,r2,r0,r1,r3,108); - - /* round 6 */ - ILINTRANS(r4,r2,r0,r1,r3); - I2(r4,r2,r0,r1,r3); - KEYMIX(r2,r3,r0,r1,r4,104); - - /* round 7 */ - ILINTRANS(r2,r3,r0,r1,r4); - I1(r2,r3,r0,r1,r4); - KEYMIX(r4,r2,r1,r0,r3,100); - - /* round 8 */ - ILINTRANS(r4,r2,r1,r0,r3); - I0(r4,r2,r1,r0,r3); - KEYMIX(r4,r3,r2,r0,r1,96); - - /* round 9 */ - ILINTRANS(r4,r3,r2,r0,r1); - I7(r4,r3,r2,r0,r1); - KEYMIX(r0,r4,r3,r1,r2,92); - - /* round 10 */ - ILINTRANS(r0,r4,r3,r1,r2); - I6(r0,r4,r3,r1,r2); - KEYMIX(r4,r3,r2,r1,r0,88); - - /* round 11 */ - ILINTRANS(r4,r3,r2,r1,r0); - I5(r4,r3,r2,r1,r0); - KEYMIX(r3,r0,r1,r2,r4,84); - - /* round 12 */ - ILINTRANS(r3,r0,r1,r2,r4); - I4(r3,r0,r1,r2,r4); - KEYMIX(r3,r2,r1,r4,r0,80); - - /* round 13 */ - ILINTRANS(r3,r2,r1,r4,r0); - I3(r3,r2,r1,r4,r0); - KEYMIX(r1,r2,r4,r3,r0,76); - - /* round 14 */ - ILINTRANS(r1,r2,r4,r3,r0); - I2(r1,r2,r4,r3,r0); - KEYMIX(r2,r0,r4,r3,r1,72); - - /* round 15 */ - ILINTRANS(r2,r0,r4,r3,r1); - I1(r2,r0,r4,r3,r1); - KEYMIX(r1,r2,r3,r4,r0,68); - - /* round 16 */ - ILINTRANS(r1,r2,r3,r4,r0); - I0(r1,r2,r3,r4,r0); - KEYMIX(r1,r0,r2,r4,r3,64); - - /* round 17 */ - ILINTRANS(r1,r0,r2,r4,r3); - I7(r1,r0,r2,r4,r3); - KEYMIX(r4,r1,r0,r3,r2,60); - - /* round 18 */ - ILINTRANS(r4,r1,r0,r3,r2); - I6(r4,r1,r0,r3,r2); - KEYMIX(r1,r0,r2,r3,r4,56); - - /* round 19 */ - ILINTRANS(r1,r0,r2,r3,r4); - I5(r1,r0,r2,r3,r4); - KEYMIX(r0,r4,r3,r2,r1,52); - - /* round 20 */ - ILINTRANS(r0,r4,r3,r2,r1); - I4(r0,r4,r3,r2,r1); - KEYMIX(r0,r2,r3,r1,r4,48); - - /* round 21 */ - ILINTRANS(r0,r2,r3,r1,r4); - I3(r0,r2,r3,r1,r4); - KEYMIX(r3,r2,r1,r0,r4,44); - - /* round 22 */ - ILINTRANS(r3,r2,r1,r0,r4); - I2(r3,r2,r1,r0,r4); - KEYMIX(r2,r4,r1,r0,r3,40); - - /* round 23 */ - ILINTRANS(r2,r4,r1,r0,r3); - I1(r2,r4,r1,r0,r3); - KEYMIX(r3,r2,r0,r1,r4,36); - - /* round 24 */ - ILINTRANS(r3,r2,r0,r1,r4); - I0(r3,r2,r0,r1,r4); - KEYMIX(r3,r4,r2,r1,r0,32); - - /* round 25 */ - ILINTRANS(r3,r4,r2,r1,r0); - I7(r3,r4,r2,r1,r0); - KEYMIX(r1,r3,r4,r0,r2,28); - - /* round 26 */ - ILINTRANS(r1,r3,r4,r0,r2); - I6(r1,r3,r4,r0,r2); - KEYMIX(r3,r4,r2,r0,r1,24); - - /* round 27 */ - ILINTRANS(r3,r4,r2,r0,r1); - I5(r3,r4,r2,r0,r1); - KEYMIX(r4,r1,r0,r2,r3,20); - - /* round 28 */ - ILINTRANS(r4,r1,r0,r2,r3); - I4(r4,r1,r0,r2,r3); - KEYMIX(r4,r2,r0,r3,r1,16); - - /* round 29 */ - ILINTRANS(r4,r2,r0,r3,r1); - I3(r4,r2,r0,r3,r1); - KEYMIX(r0,r2,r3,r4,r1,12); - - /* round 30 */ - ILINTRANS(r0,r2,r3,r4,r1); - I2(r0,r2,r3,r4,r1); - KEYMIX(r2,r1,r3,r4,r0,8); - - /* round 31 */ - ILINTRANS(r2,r1,r3,r4,r0); - I1(r2,r1,r3,r4,r0); - KEYMIX(r0,r2,r4,r3,r1,4); - - /* round 32 */ - ILINTRANS(r0,r2,r4,r3,r1); - I0(r0,r2,r4,r3,r1); - KEYMIX(r0,r1,r2,r3,r4,0); - -#ifdef BLOCK_SWAP - out_blk[3] = io_swap(r0); out_blk[2] = io_swap(r1); - out_blk[1] = io_swap(r2); out_blk[0] = io_swap(r3); -#else - out_blk[0] = r0; out_blk[1] = r1; out_blk[2] = r2; out_blk[3] = r3; -#endif - return 0; -}; - - diff --git a/src/libcrypto/libserpent/serpent.h b/src/libcrypto/libserpent/serpent.h deleted file mode 100644 index 6357f5bfa..000000000 --- a/src/libcrypto/libserpent/serpent.h +++ /dev/null @@ -1,17 +0,0 @@ -#ifndef SERPENT_H -#define SERPENT_H -#ifdef __KERNEL__ -#include <linux/types.h> -#else -#include <sys/types.h> -#define u32 u_int32_t -#define u8 u_int8_t -#endif -struct serpent_context { - u32 keyinfo[140]; /* storage for the key schedule */ -}; -typedef struct serpent_context serpent_context; -int serpent_set_key(serpent_context *ctx, const u8 * in_key, int key_len); -int serpent_decrypt(serpent_context *ctx, const u8 * in_blk, u8 * out_blk); -int serpent_encrypt(serpent_context *ctx, const u8 * in_blk, u8 * out_blk); -#endif /* SERPENT_H */ diff --git a/src/libcrypto/libserpent/serpent_cbc.c b/src/libcrypto/libserpent/serpent_cbc.c deleted file mode 100644 index 3b546278a..000000000 --- a/src/libcrypto/libserpent/serpent_cbc.c +++ /dev/null @@ -1,8 +0,0 @@ -#ifdef __KERNEL__ -#include <linux/types.h> -#else -#include <sys/types.h> -#endif -#include "serpent_cbc.h" -#include "cbc_generic.h" -CBC_IMPL_BLK16(serpent_cbc_encrypt, serpent_context, u_int8_t *, serpent_encrypt, serpent_decrypt); diff --git a/src/libcrypto/libserpent/serpent_cbc.h b/src/libcrypto/libserpent/serpent_cbc.h deleted file mode 100644 index 3064fa3bc..000000000 --- a/src/libcrypto/libserpent/serpent_cbc.h +++ /dev/null @@ -1,3 +0,0 @@ -/* Glue header */ -#include "serpent.h" -int serpent_cbc_encrypt(serpent_context *ctx, const u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t * iv, int encrypt); diff --git a/src/libcrypto/libserpent/test_main.c b/src/libcrypto/libserpent/test_main.c deleted file mode 100644 index 350068e60..000000000 --- a/src/libcrypto/libserpent/test_main.c +++ /dev/null @@ -1,34 +0,0 @@ -#include <stdio.h> -#include <string.h> -#include "serpent_cbc.h" -#define BLOCK_SIZE 16 -#define KEY_SIZE 128 /* bits */ -#define KEY "1234567890123456" -#define STR "hola guaso como estaisss ... 012" -#define STRSZ (sizeof(STR)-1) - -#define BLKLEN BLOCK_SIZE -#define CONTEXT_T serpent_context -static int pretty_print(const unsigned char *buf, int count) { - int i=0; - for (;i<count;i++) printf ("%02hhx ", buf[i]); - putchar('\n'); - return i; -} -//#define SIZE STRSZ/2 -#define SIZE STRSZ -int main() { - int ret; - char buf0[SIZE+1], buf1[SIZE+1]; - char IV[BLOCK_SIZE]; - CONTEXT_T ac; - serpent_set_key(&ac, (void *)KEY, KEY_SIZE); - memset(buf0, 0, sizeof (buf0)); - memset(buf1, 0, sizeof (buf1)); - serpent_cbc_encrypt(&ac, STR, buf0, SIZE, IV, 1); - pretty_print(buf0, SIZE); - printf("size=%d ret=%d\n%s\n", SIZE, ret, buf0); - ret=serpent_cbc_encrypt(&ac, buf0, buf1, SIZE, IV, 0); - printf("size=%d ret=%d\n%s\n", SIZE, ret, buf1); - return 0; -} diff --git a/src/libcrypto/libtwofish/Makefile.old b/src/libcrypto/libtwofish/Makefile.old deleted file mode 100644 index 714fd6115..000000000 --- a/src/libcrypto/libtwofish/Makefile.old +++ /dev/null @@ -1,21 +0,0 @@ -CFLAGS=-O3 -fomit-frame-pointer -D__KERNEL__ -Wall $(EXTRA_CFLAGS) -INC=-I../include - -LIBOBJ=twofish.o twofish_cbc.o -BLIB=libtwofish.a - -.c.o: - $(CC) $(CPPFLAGS) $(CFLAGS) $(INC) -c $< -o $@ - -$(BLIB): $(LIBOBJ) - /bin/rm -f $(BLIB) - ar cr $(BLIB) $(LIBOBJ) - -if test -s /bin/ranlib; then /bin/ranlib $(BLIB); \ - else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(BLIB); \ - else exit 0; fi; fi - -test: test_main.o $(BLIB) - $(CC) -o $@ $^ - -clean: - rm -f *.[oa] core $(TARGET) test diff --git a/src/libcrypto/libtwofish/test_main.c b/src/libcrypto/libtwofish/test_main.c deleted file mode 100644 index 1e8b0db56..000000000 --- a/src/libcrypto/libtwofish/test_main.c +++ /dev/null @@ -1,34 +0,0 @@ -#include <stdio.h> -#include <string.h> -#include "twofish_cbc.h" -#define BLOCK_SIZE 16 -#define KEY_SIZE 128 /* bits */ -#define KEY "1234567890123456" -#define STR "hola guaso como estaisss ... 012" -#define STRSZ (sizeof(STR)-1) - -#define BLKLEN BLOCK_SIZE -#define CONTEXT_T twofish_context -static int pretty_print(const unsigned char *buf, int count) { - int i=0; - for (;i<count;i++) printf ("%02hhx ", buf[i]); - putchar('\n'); - return i; -} -//#define SIZE STRSZ/2 -#define SIZE STRSZ -int main() { - int ret; - char buf0[SIZE+1], buf1[SIZE+1]; - char IV[BLOCK_SIZE]; - CONTEXT_T ac; - twofish_set_key(&ac, (void *)KEY, KEY_SIZE); - memset(buf0, 0, sizeof (buf0)); - memset(buf1, 0, sizeof (buf1)); - twofish_cbc_encrypt(&ac, STR, buf0, SIZE, IV, 1); - pretty_print(buf0, SIZE); - printf("size=%d ret=%d\n%s\n", SIZE, ret, buf0); - ret=twofish_cbc_encrypt(&ac, buf0, buf1, SIZE, IV, 0); - printf("size=%d ret=%d\n%s\n", SIZE, ret, buf1); - return 0; -} diff --git a/src/libcrypto/libtwofish/twofish.c b/src/libcrypto/libtwofish/twofish.c deleted file mode 100644 index 0e01a92d2..000000000 --- a/src/libcrypto/libtwofish/twofish.c +++ /dev/null @@ -1,861 +0,0 @@ -/* NOTE: This implementation has been changed from the original - * source. See ChangeLog for more information. - * Maintained by Marc Mutz <Marc@Mutz.com> - */ - -/* Twofish for GPG - * By Matthew Skala <mskala@ansuz.sooke.bc.ca>, July 26, 1998 - * 256-bit key length added March 20, 1999 - * Some modifications to reduce the text size by Werner Koch, April, 1998 - * - * The original author has disclaimed all copyright interest in this - * code and thus putting it in the public domain. - * - * This code is a "clean room" implementation, written from the paper - * _Twofish: A 128-Bit Block Cipher_ by Bruce Schneier, John Kelsey, - * Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson, available - * through http://www.counterpane.com/twofish.html - * - * For background information on multiplication in finite fields, used for - * the matrix operations in the key schedule, see the book _Contemporary - * Abstract Algebra_ by Joseph A. Gallian, especially chapter 22 in the - * Third Edition. - * - * Only the 128- and 256-bit key sizes are supported. This code is intended - * for GNU C on a 32-bit system, but it should work almost anywhere. Loops - * are unrolled, precomputation tables are used, etc., for maximum speed at - * some cost in memory consumption. */ - -#ifdef __KERNEL__ -#include <linux/init.h> -#include <linux/types.h> -#else -#include <sys/types.h> -#define u8 u_int8_t -#define u32 u_int32_t -#endif - -#if 0 /* shouldn't this be #ifdef rotl32 ? - * Look at wordops.h: It includes asm/wordops.h. - * Anyway, we have to search in the macros for rot's, - * since they seem to be defined in a generic way. */ -#define rotl rotl32 -#define rotr rotr32 -#else -#define rotl generic_rotl32 -#define rotr generic_rotr32 -#endif - -#include "twofish.h" -/* The large precomputed tables for the Twofish cipher (twofish.c) - * Taken from the same source as twofish.c - * Marc Mutz <Marc@Mutz.com> - */ - -/* These two tables are the q0 and q1 permutations, exactly as described in - * the Twofish paper. */ - -static const u8 q0[256] = { - 0xA9, 0x67, 0xB3, 0xE8, 0x04, 0xFD, 0xA3, 0x76, 0x9A, 0x92, 0x80, 0x78, - 0xE4, 0xDD, 0xD1, 0x38, 0x0D, 0xC6, 0x35, 0x98, 0x18, 0xF7, 0xEC, 0x6C, - 0x43, 0x75, 0x37, 0x26, 0xFA, 0x13, 0x94, 0x48, 0xF2, 0xD0, 0x8B, 0x30, - 0x84, 0x54, 0xDF, 0x23, 0x19, 0x5B, 0x3D, 0x59, 0xF3, 0xAE, 0xA2, 0x82, - 0x63, 0x01, 0x83, 0x2E, 0xD9, 0x51, 0x9B, 0x7C, 0xA6, 0xEB, 0xA5, 0xBE, - 0x16, 0x0C, 0xE3, 0x61, 0xC0, 0x8C, 0x3A, 0xF5, 0x73, 0x2C, 0x25, 0x0B, - 0xBB, 0x4E, 0x89, 0x6B, 0x53, 0x6A, 0xB4, 0xF1, 0xE1, 0xE6, 0xBD, 0x45, - 0xE2, 0xF4, 0xB6, 0x66, 0xCC, 0x95, 0x03, 0x56, 0xD4, 0x1C, 0x1E, 0xD7, - 0xFB, 0xC3, 0x8E, 0xB5, 0xE9, 0xCF, 0xBF, 0xBA, 0xEA, 0x77, 0x39, 0xAF, - 0x33, 0xC9, 0x62, 0x71, 0x81, 0x79, 0x09, 0xAD, 0x24, 0xCD, 0xF9, 0xD8, - 0xE5, 0xC5, 0xB9, 0x4D, 0x44, 0x08, 0x86, 0xE7, 0xA1, 0x1D, 0xAA, 0xED, - 0x06, 0x70, 0xB2, 0xD2, 0x41, 0x7B, 0xA0, 0x11, 0x31, 0xC2, 0x27, 0x90, - 0x20, 0xF6, 0x60, 0xFF, 0x96, 0x5C, 0xB1, 0xAB, 0x9E, 0x9C, 0x52, 0x1B, - 0x5F, 0x93, 0x0A, 0xEF, 0x91, 0x85, 0x49, 0xEE, 0x2D, 0x4F, 0x8F, 0x3B, - 0x47, 0x87, 0x6D, 0x46, 0xD6, 0x3E, 0x69, 0x64, 0x2A, 0xCE, 0xCB, 0x2F, - 0xFC, 0x97, 0x05, 0x7A, 0xAC, 0x7F, 0xD5, 0x1A, 0x4B, 0x0E, 0xA7, 0x5A, - 0x28, 0x14, 0x3F, 0x29, 0x88, 0x3C, 0x4C, 0x02, 0xB8, 0xDA, 0xB0, 0x17, - 0x55, 0x1F, 0x8A, 0x7D, 0x57, 0xC7, 0x8D, 0x74, 0xB7, 0xC4, 0x9F, 0x72, - 0x7E, 0x15, 0x22, 0x12, 0x58, 0x07, 0x99, 0x34, 0x6E, 0x50, 0xDE, 0x68, - 0x65, 0xBC, 0xDB, 0xF8, 0xC8, 0xA8, 0x2B, 0x40, 0xDC, 0xFE, 0x32, 0xA4, - 0xCA, 0x10, 0x21, 0xF0, 0xD3, 0x5D, 0x0F, 0x00, 0x6F, 0x9D, 0x36, 0x42, - 0x4A, 0x5E, 0xC1, 0xE0 -}; - -static const u8 q1[256] = { - 0x75, 0xF3, 0xC6, 0xF4, 0xDB, 0x7B, 0xFB, 0xC8, 0x4A, 0xD3, 0xE6, 0x6B, - 0x45, 0x7D, 0xE8, 0x4B, 0xD6, 0x32, 0xD8, 0xFD, 0x37, 0x71, 0xF1, 0xE1, - 0x30, 0x0F, 0xF8, 0x1B, 0x87, 0xFA, 0x06, 0x3F, 0x5E, 0xBA, 0xAE, 0x5B, - 0x8A, 0x00, 0xBC, 0x9D, 0x6D, 0xC1, 0xB1, 0x0E, 0x80, 0x5D, 0xD2, 0xD5, - 0xA0, 0x84, 0x07, 0x14, 0xB5, 0x90, 0x2C, 0xA3, 0xB2, 0x73, 0x4C, 0x54, - 0x92, 0x74, 0x36, 0x51, 0x38, 0xB0, 0xBD, 0x5A, 0xFC, 0x60, 0x62, 0x96, - 0x6C, 0x42, 0xF7, 0x10, 0x7C, 0x28, 0x27, 0x8C, 0x13, 0x95, 0x9C, 0xC7, - 0x24, 0x46, 0x3B, 0x70, 0xCA, 0xE3, 0x85, 0xCB, 0x11, 0xD0, 0x93, 0xB8, - 0xA6, 0x83, 0x20, 0xFF, 0x9F, 0x77, 0xC3, 0xCC, 0x03, 0x6F, 0x08, 0xBF, - 0x40, 0xE7, 0x2B, 0xE2, 0x79, 0x0C, 0xAA, 0x82, 0x41, 0x3A, 0xEA, 0xB9, - 0xE4, 0x9A, 0xA4, 0x97, 0x7E, 0xDA, 0x7A, 0x17, 0x66, 0x94, 0xA1, 0x1D, - 0x3D, 0xF0, 0xDE, 0xB3, 0x0B, 0x72, 0xA7, 0x1C, 0xEF, 0xD1, 0x53, 0x3E, - 0x8F, 0x33, 0x26, 0x5F, 0xEC, 0x76, 0x2A, 0x49, 0x81, 0x88, 0xEE, 0x21, - 0xC4, 0x1A, 0xEB, 0xD9, 0xC5, 0x39, 0x99, 0xCD, 0xAD, 0x31, 0x8B, 0x01, - 0x18, 0x23, 0xDD, 0x1F, 0x4E, 0x2D, 0xF9, 0x48, 0x4F, 0xF2, 0x65, 0x8E, - 0x78, 0x5C, 0x58, 0x19, 0x8D, 0xE5, 0x98, 0x57, 0x67, 0x7F, 0x05, 0x64, - 0xAF, 0x63, 0xB6, 0xFE, 0xF5, 0xB7, 0x3C, 0xA5, 0xCE, 0xE9, 0x68, 0x44, - 0xE0, 0x4D, 0x43, 0x69, 0x29, 0x2E, 0xAC, 0x15, 0x59, 0xA8, 0x0A, 0x9E, - 0x6E, 0x47, 0xDF, 0x34, 0x35, 0x6A, 0xCF, 0xDC, 0x22, 0xC9, 0xC0, 0x9B, - 0x89, 0xD4, 0xED, 0xAB, 0x12, 0xA2, 0x0D, 0x52, 0xBB, 0x02, 0x2F, 0xA9, - 0xD7, 0x61, 0x1E, 0xB4, 0x50, 0x04, 0xF6, 0xC2, 0x16, 0x25, 0x86, 0x56, - 0x55, 0x09, 0xBE, 0x91 -}; - -/* These MDS tables are actually tables of MDS composed with q0 and q1, - * because it is only ever used that way and we can save some time by - * precomputing. Of course the main saving comes from precomputing the - * GF(2^8) multiplication involved in the MDS matrix multiply; by looking - * things up in these tables we reduce the matrix multiply to four lookups - * and three XORs. Semi-formally, the definition of these tables is: - * mds[0][i] = MDS (q1[i] 0 0 0)^T mds[1][i] = MDS (0 q0[i] 0 0)^T - * mds[2][i] = MDS (0 0 q1[i] 0)^T mds[3][i] = MDS (0 0 0 q0[i])^T - * where ^T means "transpose", the matrix multiply is performed in GF(2^8) - * represented as GF(2)[x]/v(x) where v(x)=x^8+x^6+x^5+x^3+1 as described - * by Schneier et al, and I'm casually glossing over the byte/word - * conversion issues. */ - -static const u32 mds[4][256] = { - {0xBCBC3275, 0xECEC21F3, 0x202043C6, 0xB3B3C9F4, 0xDADA03DB, 0x02028B7B, - 0xE2E22BFB, 0x9E9EFAC8, 0xC9C9EC4A, 0xD4D409D3, 0x18186BE6, 0x1E1E9F6B, - 0x98980E45, 0xB2B2387D, 0xA6A6D2E8, 0x2626B74B, 0x3C3C57D6, 0x93938A32, - 0x8282EED8, 0x525298FD, 0x7B7BD437, 0xBBBB3771, 0x5B5B97F1, 0x474783E1, - 0x24243C30, 0x5151E20F, 0xBABAC6F8, 0x4A4AF31B, 0xBFBF4887, 0x0D0D70FA, - 0xB0B0B306, 0x7575DE3F, 0xD2D2FD5E, 0x7D7D20BA, 0x666631AE, 0x3A3AA35B, - 0x59591C8A, 0x00000000, 0xCDCD93BC, 0x1A1AE09D, 0xAEAE2C6D, 0x7F7FABC1, - 0x2B2BC7B1, 0xBEBEB90E, 0xE0E0A080, 0x8A8A105D, 0x3B3B52D2, 0x6464BAD5, - 0xD8D888A0, 0xE7E7A584, 0x5F5FE807, 0x1B1B1114, 0x2C2CC2B5, 0xFCFCB490, - 0x3131272C, 0x808065A3, 0x73732AB2, 0x0C0C8173, 0x79795F4C, 0x6B6B4154, - 0x4B4B0292, 0x53536974, 0x94948F36, 0x83831F51, 0x2A2A3638, 0xC4C49CB0, - 0x2222C8BD, 0xD5D5F85A, 0xBDBDC3FC, 0x48487860, 0xFFFFCE62, 0x4C4C0796, - 0x4141776C, 0xC7C7E642, 0xEBEB24F7, 0x1C1C1410, 0x5D5D637C, 0x36362228, - 0x6767C027, 0xE9E9AF8C, 0x4444F913, 0x1414EA95, 0xF5F5BB9C, 0xCFCF18C7, - 0x3F3F2D24, 0xC0C0E346, 0x7272DB3B, 0x54546C70, 0x29294CCA, 0xF0F035E3, - 0x0808FE85, 0xC6C617CB, 0xF3F34F11, 0x8C8CE4D0, 0xA4A45993, 0xCACA96B8, - 0x68683BA6, 0xB8B84D83, 0x38382820, 0xE5E52EFF, 0xADAD569F, 0x0B0B8477, - 0xC8C81DC3, 0x9999FFCC, 0x5858ED03, 0x19199A6F, 0x0E0E0A08, 0x95957EBF, - 0x70705040, 0xF7F730E7, 0x6E6ECF2B, 0x1F1F6EE2, 0xB5B53D79, 0x09090F0C, - 0x616134AA, 0x57571682, 0x9F9F0B41, 0x9D9D803A, 0x111164EA, 0x2525CDB9, - 0xAFAFDDE4, 0x4545089A, 0xDFDF8DA4, 0xA3A35C97, 0xEAEAD57E, 0x353558DA, - 0xEDEDD07A, 0x4343FC17, 0xF8F8CB66, 0xFBFBB194, 0x3737D3A1, 0xFAFA401D, - 0xC2C2683D, 0xB4B4CCF0, 0x32325DDE, 0x9C9C71B3, 0x5656E70B, 0xE3E3DA72, - 0x878760A7, 0x15151B1C, 0xF9F93AEF, 0x6363BFD1, 0x3434A953, 0x9A9A853E, - 0xB1B1428F, 0x7C7CD133, 0x88889B26, 0x3D3DA65F, 0xA1A1D7EC, 0xE4E4DF76, - 0x8181942A, 0x91910149, 0x0F0FFB81, 0xEEEEAA88, 0x161661EE, 0xD7D77321, - 0x9797F5C4, 0xA5A5A81A, 0xFEFE3FEB, 0x6D6DB5D9, 0x7878AEC5, 0xC5C56D39, - 0x1D1DE599, 0x7676A4CD, 0x3E3EDCAD, 0xCBCB6731, 0xB6B6478B, 0xEFEF5B01, - 0x12121E18, 0x6060C523, 0x6A6AB0DD, 0x4D4DF61F, 0xCECEE94E, 0xDEDE7C2D, - 0x55559DF9, 0x7E7E5A48, 0x2121B24F, 0x03037AF2, 0xA0A02665, 0x5E5E198E, - 0x5A5A6678, 0x65654B5C, 0x62624E58, 0xFDFD4519, 0x0606F48D, 0x404086E5, - 0xF2F2BE98, 0x3333AC57, 0x17179067, 0x05058E7F, 0xE8E85E05, 0x4F4F7D64, - 0x89896AAF, 0x10109563, 0x74742FB6, 0x0A0A75FE, 0x5C5C92F5, 0x9B9B74B7, - 0x2D2D333C, 0x3030D6A5, 0x2E2E49CE, 0x494989E9, 0x46467268, 0x77775544, - 0xA8A8D8E0, 0x9696044D, 0x2828BD43, 0xA9A92969, 0xD9D97929, 0x8686912E, - 0xD1D187AC, 0xF4F44A15, 0x8D8D1559, 0xD6D682A8, 0xB9B9BC0A, 0x42420D9E, - 0xF6F6C16E, 0x2F2FB847, 0xDDDD06DF, 0x23233934, 0xCCCC6235, 0xF1F1C46A, - 0xC1C112CF, 0x8585EBDC, 0x8F8F9E22, 0x7171A1C9, 0x9090F0C0, 0xAAAA539B, - 0x0101F189, 0x8B8BE1D4, 0x4E4E8CED, 0x8E8E6FAB, 0xABABA212, 0x6F6F3EA2, - 0xE6E6540D, 0xDBDBF252, 0x92927BBB, 0xB7B7B602, 0x6969CA2F, 0x3939D9A9, - 0xD3D30CD7, 0xA7A72361, 0xA2A2AD1E, 0xC3C399B4, 0x6C6C4450, 0x07070504, - 0x04047FF6, 0x272746C2, 0xACACA716, 0xD0D07625, 0x50501386, 0xDCDCF756, - 0x84841A55, 0xE1E15109, 0x7A7A25BE, 0x1313EF91}, - - {0xA9D93939, 0x67901717, 0xB3719C9C, 0xE8D2A6A6, 0x04050707, 0xFD985252, - 0xA3658080, 0x76DFE4E4, 0x9A084545, 0x92024B4B, 0x80A0E0E0, 0x78665A5A, - 0xE4DDAFAF, 0xDDB06A6A, 0xD1BF6363, 0x38362A2A, 0x0D54E6E6, 0xC6432020, - 0x3562CCCC, 0x98BEF2F2, 0x181E1212, 0xF724EBEB, 0xECD7A1A1, 0x6C774141, - 0x43BD2828, 0x7532BCBC, 0x37D47B7B, 0x269B8888, 0xFA700D0D, 0x13F94444, - 0x94B1FBFB, 0x485A7E7E, 0xF27A0303, 0xD0E48C8C, 0x8B47B6B6, 0x303C2424, - 0x84A5E7E7, 0x54416B6B, 0xDF06DDDD, 0x23C56060, 0x1945FDFD, 0x5BA33A3A, - 0x3D68C2C2, 0x59158D8D, 0xF321ECEC, 0xAE316666, 0xA23E6F6F, 0x82165757, - 0x63951010, 0x015BEFEF, 0x834DB8B8, 0x2E918686, 0xD9B56D6D, 0x511F8383, - 0x9B53AAAA, 0x7C635D5D, 0xA63B6868, 0xEB3FFEFE, 0xA5D63030, 0xBE257A7A, - 0x16A7ACAC, 0x0C0F0909, 0xE335F0F0, 0x6123A7A7, 0xC0F09090, 0x8CAFE9E9, - 0x3A809D9D, 0xF5925C5C, 0x73810C0C, 0x2C273131, 0x2576D0D0, 0x0BE75656, - 0xBB7B9292, 0x4EE9CECE, 0x89F10101, 0x6B9F1E1E, 0x53A93434, 0x6AC4F1F1, - 0xB499C3C3, 0xF1975B5B, 0xE1834747, 0xE66B1818, 0xBDC82222, 0x450E9898, - 0xE26E1F1F, 0xF4C9B3B3, 0xB62F7474, 0x66CBF8F8, 0xCCFF9999, 0x95EA1414, - 0x03ED5858, 0x56F7DCDC, 0xD4E18B8B, 0x1C1B1515, 0x1EADA2A2, 0xD70CD3D3, - 0xFB2BE2E2, 0xC31DC8C8, 0x8E195E5E, 0xB5C22C2C, 0xE9894949, 0xCF12C1C1, - 0xBF7E9595, 0xBA207D7D, 0xEA641111, 0x77840B0B, 0x396DC5C5, 0xAF6A8989, - 0x33D17C7C, 0xC9A17171, 0x62CEFFFF, 0x7137BBBB, 0x81FB0F0F, 0x793DB5B5, - 0x0951E1E1, 0xADDC3E3E, 0x242D3F3F, 0xCDA47676, 0xF99D5555, 0xD8EE8282, - 0xE5864040, 0xC5AE7878, 0xB9CD2525, 0x4D049696, 0x44557777, 0x080A0E0E, - 0x86135050, 0xE730F7F7, 0xA1D33737, 0x1D40FAFA, 0xAA346161, 0xED8C4E4E, - 0x06B3B0B0, 0x706C5454, 0xB22A7373, 0xD2523B3B, 0x410B9F9F, 0x7B8B0202, - 0xA088D8D8, 0x114FF3F3, 0x3167CBCB, 0xC2462727, 0x27C06767, 0x90B4FCFC, - 0x20283838, 0xF67F0404, 0x60784848, 0xFF2EE5E5, 0x96074C4C, 0x5C4B6565, - 0xB1C72B2B, 0xAB6F8E8E, 0x9E0D4242, 0x9CBBF5F5, 0x52F2DBDB, 0x1BF34A4A, - 0x5FA63D3D, 0x9359A4A4, 0x0ABCB9B9, 0xEF3AF9F9, 0x91EF1313, 0x85FE0808, - 0x49019191, 0xEE611616, 0x2D7CDEDE, 0x4FB22121, 0x8F42B1B1, 0x3BDB7272, - 0x47B82F2F, 0x8748BFBF, 0x6D2CAEAE, 0x46E3C0C0, 0xD6573C3C, 0x3E859A9A, - 0x6929A9A9, 0x647D4F4F, 0x2A948181, 0xCE492E2E, 0xCB17C6C6, 0x2FCA6969, - 0xFCC3BDBD, 0x975CA3A3, 0x055EE8E8, 0x7AD0EDED, 0xAC87D1D1, 0x7F8E0505, - 0xD5BA6464, 0x1AA8A5A5, 0x4BB72626, 0x0EB9BEBE, 0xA7608787, 0x5AF8D5D5, - 0x28223636, 0x14111B1B, 0x3FDE7575, 0x2979D9D9, 0x88AAEEEE, 0x3C332D2D, - 0x4C5F7979, 0x02B6B7B7, 0xB896CACA, 0xDA583535, 0xB09CC4C4, 0x17FC4343, - 0x551A8484, 0x1FF64D4D, 0x8A1C5959, 0x7D38B2B2, 0x57AC3333, 0xC718CFCF, - 0x8DF40606, 0x74695353, 0xB7749B9B, 0xC4F59797, 0x9F56ADAD, 0x72DAE3E3, - 0x7ED5EAEA, 0x154AF4F4, 0x229E8F8F, 0x12A2ABAB, 0x584E6262, 0x07E85F5F, - 0x99E51D1D, 0x34392323, 0x6EC1F6F6, 0x50446C6C, 0xDE5D3232, 0x68724646, - 0x6526A0A0, 0xBC93CDCD, 0xDB03DADA, 0xF8C6BABA, 0xC8FA9E9E, 0xA882D6D6, - 0x2BCF6E6E, 0x40507070, 0xDCEB8585, 0xFE750A0A, 0x328A9393, 0xA48DDFDF, - 0xCA4C2929, 0x10141C1C, 0x2173D7D7, 0xF0CCB4B4, 0xD309D4D4, 0x5D108A8A, - 0x0FE25151, 0x00000000, 0x6F9A1919, 0x9DE01A1A, 0x368F9494, 0x42E6C7C7, - 0x4AECC9C9, 0x5EFDD2D2, 0xC1AB7F7F, 0xE0D8A8A8}, - - {0xBC75BC32, 0xECF3EC21, 0x20C62043, 0xB3F4B3C9, 0xDADBDA03, 0x027B028B, - 0xE2FBE22B, 0x9EC89EFA, 0xC94AC9EC, 0xD4D3D409, 0x18E6186B, 0x1E6B1E9F, - 0x9845980E, 0xB27DB238, 0xA6E8A6D2, 0x264B26B7, 0x3CD63C57, 0x9332938A, - 0x82D882EE, 0x52FD5298, 0x7B377BD4, 0xBB71BB37, 0x5BF15B97, 0x47E14783, - 0x2430243C, 0x510F51E2, 0xBAF8BAC6, 0x4A1B4AF3, 0xBF87BF48, 0x0DFA0D70, - 0xB006B0B3, 0x753F75DE, 0xD25ED2FD, 0x7DBA7D20, 0x66AE6631, 0x3A5B3AA3, - 0x598A591C, 0x00000000, 0xCDBCCD93, 0x1A9D1AE0, 0xAE6DAE2C, 0x7FC17FAB, - 0x2BB12BC7, 0xBE0EBEB9, 0xE080E0A0, 0x8A5D8A10, 0x3BD23B52, 0x64D564BA, - 0xD8A0D888, 0xE784E7A5, 0x5F075FE8, 0x1B141B11, 0x2CB52CC2, 0xFC90FCB4, - 0x312C3127, 0x80A38065, 0x73B2732A, 0x0C730C81, 0x794C795F, 0x6B546B41, - 0x4B924B02, 0x53745369, 0x9436948F, 0x8351831F, 0x2A382A36, 0xC4B0C49C, - 0x22BD22C8, 0xD55AD5F8, 0xBDFCBDC3, 0x48604878, 0xFF62FFCE, 0x4C964C07, - 0x416C4177, 0xC742C7E6, 0xEBF7EB24, 0x1C101C14, 0x5D7C5D63, 0x36283622, - 0x672767C0, 0xE98CE9AF, 0x441344F9, 0x149514EA, 0xF59CF5BB, 0xCFC7CF18, - 0x3F243F2D, 0xC046C0E3, 0x723B72DB, 0x5470546C, 0x29CA294C, 0xF0E3F035, - 0x088508FE, 0xC6CBC617, 0xF311F34F, 0x8CD08CE4, 0xA493A459, 0xCAB8CA96, - 0x68A6683B, 0xB883B84D, 0x38203828, 0xE5FFE52E, 0xAD9FAD56, 0x0B770B84, - 0xC8C3C81D, 0x99CC99FF, 0x580358ED, 0x196F199A, 0x0E080E0A, 0x95BF957E, - 0x70407050, 0xF7E7F730, 0x6E2B6ECF, 0x1FE21F6E, 0xB579B53D, 0x090C090F, - 0x61AA6134, 0x57825716, 0x9F419F0B, 0x9D3A9D80, 0x11EA1164, 0x25B925CD, - 0xAFE4AFDD, 0x459A4508, 0xDFA4DF8D, 0xA397A35C, 0xEA7EEAD5, 0x35DA3558, - 0xED7AEDD0, 0x431743FC, 0xF866F8CB, 0xFB94FBB1, 0x37A137D3, 0xFA1DFA40, - 0xC23DC268, 0xB4F0B4CC, 0x32DE325D, 0x9CB39C71, 0x560B56E7, 0xE372E3DA, - 0x87A78760, 0x151C151B, 0xF9EFF93A, 0x63D163BF, 0x345334A9, 0x9A3E9A85, - 0xB18FB142, 0x7C337CD1, 0x8826889B, 0x3D5F3DA6, 0xA1ECA1D7, 0xE476E4DF, - 0x812A8194, 0x91499101, 0x0F810FFB, 0xEE88EEAA, 0x16EE1661, 0xD721D773, - 0x97C497F5, 0xA51AA5A8, 0xFEEBFE3F, 0x6DD96DB5, 0x78C578AE, 0xC539C56D, - 0x1D991DE5, 0x76CD76A4, 0x3EAD3EDC, 0xCB31CB67, 0xB68BB647, 0xEF01EF5B, - 0x1218121E, 0x602360C5, 0x6ADD6AB0, 0x4D1F4DF6, 0xCE4ECEE9, 0xDE2DDE7C, - 0x55F9559D, 0x7E487E5A, 0x214F21B2, 0x03F2037A, 0xA065A026, 0x5E8E5E19, - 0x5A785A66, 0x655C654B, 0x6258624E, 0xFD19FD45, 0x068D06F4, 0x40E54086, - 0xF298F2BE, 0x335733AC, 0x17671790, 0x057F058E, 0xE805E85E, 0x4F644F7D, - 0x89AF896A, 0x10631095, 0x74B6742F, 0x0AFE0A75, 0x5CF55C92, 0x9BB79B74, - 0x2D3C2D33, 0x30A530D6, 0x2ECE2E49, 0x49E94989, 0x46684672, 0x77447755, - 0xA8E0A8D8, 0x964D9604, 0x284328BD, 0xA969A929, 0xD929D979, 0x862E8691, - 0xD1ACD187, 0xF415F44A, 0x8D598D15, 0xD6A8D682, 0xB90AB9BC, 0x429E420D, - 0xF66EF6C1, 0x2F472FB8, 0xDDDFDD06, 0x23342339, 0xCC35CC62, 0xF16AF1C4, - 0xC1CFC112, 0x85DC85EB, 0x8F228F9E, 0x71C971A1, 0x90C090F0, 0xAA9BAA53, - 0x018901F1, 0x8BD48BE1, 0x4EED4E8C, 0x8EAB8E6F, 0xAB12ABA2, 0x6FA26F3E, - 0xE60DE654, 0xDB52DBF2, 0x92BB927B, 0xB702B7B6, 0x692F69CA, 0x39A939D9, - 0xD3D7D30C, 0xA761A723, 0xA21EA2AD, 0xC3B4C399, 0x6C506C44, 0x07040705, - 0x04F6047F, 0x27C22746, 0xAC16ACA7, 0xD025D076, 0x50865013, 0xDC56DCF7, - 0x8455841A, 0xE109E151, 0x7ABE7A25, 0x139113EF}, - - {0xD939A9D9, 0x90176790, 0x719CB371, 0xD2A6E8D2, 0x05070405, 0x9852FD98, - 0x6580A365, 0xDFE476DF, 0x08459A08, 0x024B9202, 0xA0E080A0, 0x665A7866, - 0xDDAFE4DD, 0xB06ADDB0, 0xBF63D1BF, 0x362A3836, 0x54E60D54, 0x4320C643, - 0x62CC3562, 0xBEF298BE, 0x1E12181E, 0x24EBF724, 0xD7A1ECD7, 0x77416C77, - 0xBD2843BD, 0x32BC7532, 0xD47B37D4, 0x9B88269B, 0x700DFA70, 0xF94413F9, - 0xB1FB94B1, 0x5A7E485A, 0x7A03F27A, 0xE48CD0E4, 0x47B68B47, 0x3C24303C, - 0xA5E784A5, 0x416B5441, 0x06DDDF06, 0xC56023C5, 0x45FD1945, 0xA33A5BA3, - 0x68C23D68, 0x158D5915, 0x21ECF321, 0x3166AE31, 0x3E6FA23E, 0x16578216, - 0x95106395, 0x5BEF015B, 0x4DB8834D, 0x91862E91, 0xB56DD9B5, 0x1F83511F, - 0x53AA9B53, 0x635D7C63, 0x3B68A63B, 0x3FFEEB3F, 0xD630A5D6, 0x257ABE25, - 0xA7AC16A7, 0x0F090C0F, 0x35F0E335, 0x23A76123, 0xF090C0F0, 0xAFE98CAF, - 0x809D3A80, 0x925CF592, 0x810C7381, 0x27312C27, 0x76D02576, 0xE7560BE7, - 0x7B92BB7B, 0xE9CE4EE9, 0xF10189F1, 0x9F1E6B9F, 0xA93453A9, 0xC4F16AC4, - 0x99C3B499, 0x975BF197, 0x8347E183, 0x6B18E66B, 0xC822BDC8, 0x0E98450E, - 0x6E1FE26E, 0xC9B3F4C9, 0x2F74B62F, 0xCBF866CB, 0xFF99CCFF, 0xEA1495EA, - 0xED5803ED, 0xF7DC56F7, 0xE18BD4E1, 0x1B151C1B, 0xADA21EAD, 0x0CD3D70C, - 0x2BE2FB2B, 0x1DC8C31D, 0x195E8E19, 0xC22CB5C2, 0x8949E989, 0x12C1CF12, - 0x7E95BF7E, 0x207DBA20, 0x6411EA64, 0x840B7784, 0x6DC5396D, 0x6A89AF6A, - 0xD17C33D1, 0xA171C9A1, 0xCEFF62CE, 0x37BB7137, 0xFB0F81FB, 0x3DB5793D, - 0x51E10951, 0xDC3EADDC, 0x2D3F242D, 0xA476CDA4, 0x9D55F99D, 0xEE82D8EE, - 0x8640E586, 0xAE78C5AE, 0xCD25B9CD, 0x04964D04, 0x55774455, 0x0A0E080A, - 0x13508613, 0x30F7E730, 0xD337A1D3, 0x40FA1D40, 0x3461AA34, 0x8C4EED8C, - 0xB3B006B3, 0x6C54706C, 0x2A73B22A, 0x523BD252, 0x0B9F410B, 0x8B027B8B, - 0x88D8A088, 0x4FF3114F, 0x67CB3167, 0x4627C246, 0xC06727C0, 0xB4FC90B4, - 0x28382028, 0x7F04F67F, 0x78486078, 0x2EE5FF2E, 0x074C9607, 0x4B655C4B, - 0xC72BB1C7, 0x6F8EAB6F, 0x0D429E0D, 0xBBF59CBB, 0xF2DB52F2, 0xF34A1BF3, - 0xA63D5FA6, 0x59A49359, 0xBCB90ABC, 0x3AF9EF3A, 0xEF1391EF, 0xFE0885FE, - 0x01914901, 0x6116EE61, 0x7CDE2D7C, 0xB2214FB2, 0x42B18F42, 0xDB723BDB, - 0xB82F47B8, 0x48BF8748, 0x2CAE6D2C, 0xE3C046E3, 0x573CD657, 0x859A3E85, - 0x29A96929, 0x7D4F647D, 0x94812A94, 0x492ECE49, 0x17C6CB17, 0xCA692FCA, - 0xC3BDFCC3, 0x5CA3975C, 0x5EE8055E, 0xD0ED7AD0, 0x87D1AC87, 0x8E057F8E, - 0xBA64D5BA, 0xA8A51AA8, 0xB7264BB7, 0xB9BE0EB9, 0x6087A760, 0xF8D55AF8, - 0x22362822, 0x111B1411, 0xDE753FDE, 0x79D92979, 0xAAEE88AA, 0x332D3C33, - 0x5F794C5F, 0xB6B702B6, 0x96CAB896, 0x5835DA58, 0x9CC4B09C, 0xFC4317FC, - 0x1A84551A, 0xF64D1FF6, 0x1C598A1C, 0x38B27D38, 0xAC3357AC, 0x18CFC718, - 0xF4068DF4, 0x69537469, 0x749BB774, 0xF597C4F5, 0x56AD9F56, 0xDAE372DA, - 0xD5EA7ED5, 0x4AF4154A, 0x9E8F229E, 0xA2AB12A2, 0x4E62584E, 0xE85F07E8, - 0xE51D99E5, 0x39233439, 0xC1F66EC1, 0x446C5044, 0x5D32DE5D, 0x72466872, - 0x26A06526, 0x93CDBC93, 0x03DADB03, 0xC6BAF8C6, 0xFA9EC8FA, 0x82D6A882, - 0xCF6E2BCF, 0x50704050, 0xEB85DCEB, 0x750AFE75, 0x8A93328A, 0x8DDFA48D, - 0x4C29CA4C, 0x141C1014, 0x73D72173, 0xCCB4F0CC, 0x09D4D309, 0x108A5D10, - 0xE2510FE2, 0x00000000, 0x9A196F9A, 0xE01A9DE0, 0x8F94368F, 0xE6C742E6, - 0xECC94AEC, 0xFDD25EFD, 0xAB7FC1AB, 0xD8A8E0D8} -}; - -/* The exp_to_poly and poly_to_exp tables are used to perform efficient - * operations in GF(2^8) represented as GF(2)[x]/w(x) where - * w(x)=x^8+x^6+x^3+x^2+1. We care about doing that because it's part of the - * definition of the RS matrix in the key schedule. Elements of that field - * are polynomials of degree not greater than 7 and all coefficients 0 or 1, - * which can be represented naturally by bytes (just substitute x=2). In that - * form, GF(2^8) addition is the same as bitwise XOR, but GF(2^8) - * multiplication is inefficient without hardware support. To multiply - * faster, I make use of the fact x is a generator for the nonzero elements, - * so that every element p of GF(2)[x]/w(x) is either 0 or equal to (x)^n for - * some n in 0..254. Note that that caret is exponentiation in GF(2^8), - * *not* polynomial notation. So if I want to compute pq where p and q are - * in GF(2^8), I can just say: - * 1. if p=0 or q=0 then pq=0 - * 2. otherwise, find m and n such that p=x^m and q=x^n - * 3. pq=(x^m)(x^n)=x^(m+n), so add m and n and find pq - * The translations in steps 2 and 3 are looked up in the tables - * poly_to_exp (for step 2) and exp_to_poly (for step 3). To see this - * in action, look at the CALC_S macro. As additional wrinkles, note that - * one of my operands is always a constant, so the poly_to_exp lookup on it - * is done in advance; I included the original values in the comments so - * readers can have some chance of recognizing that this *is* the RS matrix - * from the Twofish paper. I've only included the table entries I actually - * need; I never do a lookup on a variable input of zero and the biggest - * exponents I'll ever see are 254 (variable) and 237 (constant), so they'll - * never sum to more than 491. I'm repeating part of the exp_to_poly table - * so that I don't have to do mod-255 reduction in the exponent arithmetic. - * Since I know my constant operands are never zero, I only have to worry - * about zero values in the variable operand, and I do it with a simple - * conditional branch. I know conditionals are expensive, but I couldn't - * see a non-horrible way of avoiding them, and I did manage to group the - * statements so that each if covers four group multiplications. */ - -static const u8 poly_to_exp[255] = { - 0x00, 0x01, 0x17, 0x02, 0x2E, 0x18, 0x53, 0x03, 0x6A, 0x2F, 0x93, 0x19, - 0x34, 0x54, 0x45, 0x04, 0x5C, 0x6B, 0xB6, 0x30, 0xA6, 0x94, 0x4B, 0x1A, - 0x8C, 0x35, 0x81, 0x55, 0xAA, 0x46, 0x0D, 0x05, 0x24, 0x5D, 0x87, 0x6C, - 0x9B, 0xB7, 0xC1, 0x31, 0x2B, 0xA7, 0xA3, 0x95, 0x98, 0x4C, 0xCA, 0x1B, - 0xE6, 0x8D, 0x73, 0x36, 0xCD, 0x82, 0x12, 0x56, 0x62, 0xAB, 0xF0, 0x47, - 0x4F, 0x0E, 0xBD, 0x06, 0xD4, 0x25, 0xD2, 0x5E, 0x27, 0x88, 0x66, 0x6D, - 0xD6, 0x9C, 0x79, 0xB8, 0x08, 0xC2, 0xDF, 0x32, 0x68, 0x2C, 0xFD, 0xA8, - 0x8A, 0xA4, 0x5A, 0x96, 0x29, 0x99, 0x22, 0x4D, 0x60, 0xCB, 0xE4, 0x1C, - 0x7B, 0xE7, 0x3B, 0x8E, 0x9E, 0x74, 0xF4, 0x37, 0xD8, 0xCE, 0xF9, 0x83, - 0x6F, 0x13, 0xB2, 0x57, 0xE1, 0x63, 0xDC, 0xAC, 0xC4, 0xF1, 0xAF, 0x48, - 0x0A, 0x50, 0x42, 0x0F, 0xBA, 0xBE, 0xC7, 0x07, 0xDE, 0xD5, 0x78, 0x26, - 0x65, 0xD3, 0xD1, 0x5F, 0xE3, 0x28, 0x21, 0x89, 0x59, 0x67, 0xFC, 0x6E, - 0xB1, 0xD7, 0xF8, 0x9D, 0xF3, 0x7A, 0x3A, 0xB9, 0xC6, 0x09, 0x41, 0xC3, - 0xAE, 0xE0, 0xDB, 0x33, 0x44, 0x69, 0x92, 0x2D, 0x52, 0xFE, 0x16, 0xA9, - 0x0C, 0x8B, 0x80, 0xA5, 0x4A, 0x5B, 0xB5, 0x97, 0xC9, 0x2A, 0xA2, 0x9A, - 0xC0, 0x23, 0x86, 0x4E, 0xBC, 0x61, 0xEF, 0xCC, 0x11, 0xE5, 0x72, 0x1D, - 0x3D, 0x7C, 0xEB, 0xE8, 0xE9, 0x3C, 0xEA, 0x8F, 0x7D, 0x9F, 0xEC, 0x75, - 0x1E, 0xF5, 0x3E, 0x38, 0xF6, 0xD9, 0x3F, 0xCF, 0x76, 0xFA, 0x1F, 0x84, - 0xA0, 0x70, 0xED, 0x14, 0x90, 0xB3, 0x7E, 0x58, 0xFB, 0xE2, 0x20, 0x64, - 0xD0, 0xDD, 0x77, 0xAD, 0xDA, 0xC5, 0x40, 0xF2, 0x39, 0xB0, 0xF7, 0x49, - 0xB4, 0x0B, 0x7F, 0x51, 0x15, 0x43, 0x91, 0x10, 0x71, 0xBB, 0xEE, 0xBF, - 0x85, 0xC8, 0xA1 -}; - -static const u8 exp_to_poly[492] = { - 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x4D, 0x9A, 0x79, 0xF2, - 0xA9, 0x1F, 0x3E, 0x7C, 0xF8, 0xBD, 0x37, 0x6E, 0xDC, 0xF5, 0xA7, 0x03, - 0x06, 0x0C, 0x18, 0x30, 0x60, 0xC0, 0xCD, 0xD7, 0xE3, 0x8B, 0x5B, 0xB6, - 0x21, 0x42, 0x84, 0x45, 0x8A, 0x59, 0xB2, 0x29, 0x52, 0xA4, 0x05, 0x0A, - 0x14, 0x28, 0x50, 0xA0, 0x0D, 0x1A, 0x34, 0x68, 0xD0, 0xED, 0x97, 0x63, - 0xC6, 0xC1, 0xCF, 0xD3, 0xEB, 0x9B, 0x7B, 0xF6, 0xA1, 0x0F, 0x1E, 0x3C, - 0x78, 0xF0, 0xAD, 0x17, 0x2E, 0x5C, 0xB8, 0x3D, 0x7A, 0xF4, 0xA5, 0x07, - 0x0E, 0x1C, 0x38, 0x70, 0xE0, 0x8D, 0x57, 0xAE, 0x11, 0x22, 0x44, 0x88, - 0x5D, 0xBA, 0x39, 0x72, 0xE4, 0x85, 0x47, 0x8E, 0x51, 0xA2, 0x09, 0x12, - 0x24, 0x48, 0x90, 0x6D, 0xDA, 0xF9, 0xBF, 0x33, 0x66, 0xCC, 0xD5, 0xE7, - 0x83, 0x4B, 0x96, 0x61, 0xC2, 0xC9, 0xDF, 0xF3, 0xAB, 0x1B, 0x36, 0x6C, - 0xD8, 0xFD, 0xB7, 0x23, 0x46, 0x8C, 0x55, 0xAA, 0x19, 0x32, 0x64, 0xC8, - 0xDD, 0xF7, 0xA3, 0x0B, 0x16, 0x2C, 0x58, 0xB0, 0x2D, 0x5A, 0xB4, 0x25, - 0x4A, 0x94, 0x65, 0xCA, 0xD9, 0xFF, 0xB3, 0x2B, 0x56, 0xAC, 0x15, 0x2A, - 0x54, 0xA8, 0x1D, 0x3A, 0x74, 0xE8, 0x9D, 0x77, 0xEE, 0x91, 0x6F, 0xDE, - 0xF1, 0xAF, 0x13, 0x26, 0x4C, 0x98, 0x7D, 0xFA, 0xB9, 0x3F, 0x7E, 0xFC, - 0xB5, 0x27, 0x4E, 0x9C, 0x75, 0xEA, 0x99, 0x7F, 0xFE, 0xB1, 0x2F, 0x5E, - 0xBC, 0x35, 0x6A, 0xD4, 0xE5, 0x87, 0x43, 0x86, 0x41, 0x82, 0x49, 0x92, - 0x69, 0xD2, 0xE9, 0x9F, 0x73, 0xE6, 0x81, 0x4F, 0x9E, 0x71, 0xE2, 0x89, - 0x5F, 0xBE, 0x31, 0x62, 0xC4, 0xC5, 0xC7, 0xC3, 0xCB, 0xDB, 0xFB, 0xBB, - 0x3B, 0x76, 0xEC, 0x95, 0x67, 0xCE, 0xD1, 0xEF, 0x93, 0x6B, 0xD6, 0xE1, - 0x8F, 0x53, 0xA6, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x4D, - 0x9A, 0x79, 0xF2, 0xA9, 0x1F, 0x3E, 0x7C, 0xF8, 0xBD, 0x37, 0x6E, 0xDC, - 0xF5, 0xA7, 0x03, 0x06, 0x0C, 0x18, 0x30, 0x60, 0xC0, 0xCD, 0xD7, 0xE3, - 0x8B, 0x5B, 0xB6, 0x21, 0x42, 0x84, 0x45, 0x8A, 0x59, 0xB2, 0x29, 0x52, - 0xA4, 0x05, 0x0A, 0x14, 0x28, 0x50, 0xA0, 0x0D, 0x1A, 0x34, 0x68, 0xD0, - 0xED, 0x97, 0x63, 0xC6, 0xC1, 0xCF, 0xD3, 0xEB, 0x9B, 0x7B, 0xF6, 0xA1, - 0x0F, 0x1E, 0x3C, 0x78, 0xF0, 0xAD, 0x17, 0x2E, 0x5C, 0xB8, 0x3D, 0x7A, - 0xF4, 0xA5, 0x07, 0x0E, 0x1C, 0x38, 0x70, 0xE0, 0x8D, 0x57, 0xAE, 0x11, - 0x22, 0x44, 0x88, 0x5D, 0xBA, 0x39, 0x72, 0xE4, 0x85, 0x47, 0x8E, 0x51, - 0xA2, 0x09, 0x12, 0x24, 0x48, 0x90, 0x6D, 0xDA, 0xF9, 0xBF, 0x33, 0x66, - 0xCC, 0xD5, 0xE7, 0x83, 0x4B, 0x96, 0x61, 0xC2, 0xC9, 0xDF, 0xF3, 0xAB, - 0x1B, 0x36, 0x6C, 0xD8, 0xFD, 0xB7, 0x23, 0x46, 0x8C, 0x55, 0xAA, 0x19, - 0x32, 0x64, 0xC8, 0xDD, 0xF7, 0xA3, 0x0B, 0x16, 0x2C, 0x58, 0xB0, 0x2D, - 0x5A, 0xB4, 0x25, 0x4A, 0x94, 0x65, 0xCA, 0xD9, 0xFF, 0xB3, 0x2B, 0x56, - 0xAC, 0x15, 0x2A, 0x54, 0xA8, 0x1D, 0x3A, 0x74, 0xE8, 0x9D, 0x77, 0xEE, - 0x91, 0x6F, 0xDE, 0xF1, 0xAF, 0x13, 0x26, 0x4C, 0x98, 0x7D, 0xFA, 0xB9, - 0x3F, 0x7E, 0xFC, 0xB5, 0x27, 0x4E, 0x9C, 0x75, 0xEA, 0x99, 0x7F, 0xFE, - 0xB1, 0x2F, 0x5E, 0xBC, 0x35, 0x6A, 0xD4, 0xE5, 0x87, 0x43, 0x86, 0x41, - 0x82, 0x49, 0x92, 0x69, 0xD2, 0xE9, 0x9F, 0x73, 0xE6, 0x81, 0x4F, 0x9E, - 0x71, 0xE2, 0x89, 0x5F, 0xBE, 0x31, 0x62, 0xC4, 0xC5, 0xC7, 0xC3, 0xCB -}; - - -/* The table constants are indices of - * S-box entries, preprocessed through q0 and q1. */ -static const u8 calc_sb_tbl[512] = { - 0xA9, 0x75, 0x67, 0xF3, 0xB3, 0xC6, 0xE8, 0xF4, - 0x04, 0xDB, 0xFD, 0x7B, 0xA3, 0xFB, 0x76, 0xC8, - 0x9A, 0x4A, 0x92, 0xD3, 0x80, 0xE6, 0x78, 0x6B, - 0xE4, 0x45, 0xDD, 0x7D, 0xD1, 0xE8, 0x38, 0x4B, - 0x0D, 0xD6, 0xC6, 0x32, 0x35, 0xD8, 0x98, 0xFD, - 0x18, 0x37, 0xF7, 0x71, 0xEC, 0xF1, 0x6C, 0xE1, - 0x43, 0x30, 0x75, 0x0F, 0x37, 0xF8, 0x26, 0x1B, - 0xFA, 0x87, 0x13, 0xFA, 0x94, 0x06, 0x48, 0x3F, - 0xF2, 0x5E, 0xD0, 0xBA, 0x8B, 0xAE, 0x30, 0x5B, - 0x84, 0x8A, 0x54, 0x00, 0xDF, 0xBC, 0x23, 0x9D, - 0x19, 0x6D, 0x5B, 0xC1, 0x3D, 0xB1, 0x59, 0x0E, - 0xF3, 0x80, 0xAE, 0x5D, 0xA2, 0xD2, 0x82, 0xD5, - 0x63, 0xA0, 0x01, 0x84, 0x83, 0x07, 0x2E, 0x14, - 0xD9, 0xB5, 0x51, 0x90, 0x9B, 0x2C, 0x7C, 0xA3, - 0xA6, 0xB2, 0xEB, 0x73, 0xA5, 0x4C, 0xBE, 0x54, - 0x16, 0x92, 0x0C, 0x74, 0xE3, 0x36, 0x61, 0x51, - 0xC0, 0x38, 0x8C, 0xB0, 0x3A, 0xBD, 0xF5, 0x5A, - 0x73, 0xFC, 0x2C, 0x60, 0x25, 0x62, 0x0B, 0x96, - 0xBB, 0x6C, 0x4E, 0x42, 0x89, 0xF7, 0x6B, 0x10, - 0x53, 0x7C, 0x6A, 0x28, 0xB4, 0x27, 0xF1, 0x8C, - 0xE1, 0x13, 0xE6, 0x95, 0xBD, 0x9C, 0x45, 0xC7, - 0xE2, 0x24, 0xF4, 0x46, 0xB6, 0x3B, 0x66, 0x70, - 0xCC, 0xCA, 0x95, 0xE3, 0x03, 0x85, 0x56, 0xCB, - 0xD4, 0x11, 0x1C, 0xD0, 0x1E, 0x93, 0xD7, 0xB8, - 0xFB, 0xA6, 0xC3, 0x83, 0x8E, 0x20, 0xB5, 0xFF, - 0xE9, 0x9F, 0xCF, 0x77, 0xBF, 0xC3, 0xBA, 0xCC, - 0xEA, 0x03, 0x77, 0x6F, 0x39, 0x08, 0xAF, 0xBF, - 0x33, 0x40, 0xC9, 0xE7, 0x62, 0x2B, 0x71, 0xE2, - 0x81, 0x79, 0x79, 0x0C, 0x09, 0xAA, 0xAD, 0x82, - 0x24, 0x41, 0xCD, 0x3A, 0xF9, 0xEA, 0xD8, 0xB9, - 0xE5, 0xE4, 0xC5, 0x9A, 0xB9, 0xA4, 0x4D, 0x97, - 0x44, 0x7E, 0x08, 0xDA, 0x86, 0x7A, 0xE7, 0x17, - 0xA1, 0x66, 0x1D, 0x94, 0xAA, 0xA1, 0xED, 0x1D, - 0x06, 0x3D, 0x70, 0xF0, 0xB2, 0xDE, 0xD2, 0xB3, - 0x41, 0x0B, 0x7B, 0x72, 0xA0, 0xA7, 0x11, 0x1C, - 0x31, 0xEF, 0xC2, 0xD1, 0x27, 0x53, 0x90, 0x3E, - 0x20, 0x8F, 0xF6, 0x33, 0x60, 0x26, 0xFF, 0x5F, - 0x96, 0xEC, 0x5C, 0x76, 0xB1, 0x2A, 0xAB, 0x49, - 0x9E, 0x81, 0x9C, 0x88, 0x52, 0xEE, 0x1B, 0x21, - 0x5F, 0xC4, 0x93, 0x1A, 0x0A, 0xEB, 0xEF, 0xD9, - 0x91, 0xC5, 0x85, 0x39, 0x49, 0x99, 0xEE, 0xCD, - 0x2D, 0xAD, 0x4F, 0x31, 0x8F, 0x8B, 0x3B, 0x01, - 0x47, 0x18, 0x87, 0x23, 0x6D, 0xDD, 0x46, 0x1F, - 0xD6, 0x4E, 0x3E, 0x2D, 0x69, 0xF9, 0x64, 0x48, - 0x2A, 0x4F, 0xCE, 0xF2, 0xCB, 0x65, 0x2F, 0x8E, - 0xFC, 0x78, 0x97, 0x5C, 0x05, 0x58, 0x7A, 0x19, - 0xAC, 0x8D, 0x7F, 0xE5, 0xD5, 0x98, 0x1A, 0x57, - 0x4B, 0x67, 0x0E, 0x7F, 0xA7, 0x05, 0x5A, 0x64, - 0x28, 0xAF, 0x14, 0x63, 0x3F, 0xB6, 0x29, 0xFE, - 0x88, 0xF5, 0x3C, 0xB7, 0x4C, 0x3C, 0x02, 0xA5, - 0xB8, 0xCE, 0xDA, 0xE9, 0xB0, 0x68, 0x17, 0x44, - 0x55, 0xE0, 0x1F, 0x4D, 0x8A, 0x43, 0x7D, 0x69, - 0x57, 0x29, 0xC7, 0x2E, 0x8D, 0xAC, 0x74, 0x15, - 0xB7, 0x59, 0xC4, 0xA8, 0x9F, 0x0A, 0x72, 0x9E, - 0x7E, 0x6E, 0x15, 0x47, 0x22, 0xDF, 0x12, 0x34, - 0x58, 0x35, 0x07, 0x6A, 0x99, 0xCF, 0x34, 0xDC, - 0x6E, 0x22, 0x50, 0xC9, 0xDE, 0xC0, 0x68, 0x9B, - 0x65, 0x89, 0xBC, 0xD4, 0xDB, 0xED, 0xF8, 0xAB, - 0xC8, 0x12, 0xA8, 0xA2, 0x2B, 0x0D, 0x40, 0x52, - 0xDC, 0xBB, 0xFE, 0x02, 0x32, 0x2F, 0xA4, 0xA9, - 0xCA, 0xD7, 0x10, 0x61, 0x21, 0x1E, 0xF0, 0xB4, - 0xD3, 0x50, 0x5D, 0x04, 0x0F, 0xF6, 0x00, 0xC2, - 0x6F, 0x16, 0x9D, 0x25, 0x36, 0x86, 0x42, 0x56, - 0x4A, 0x55, 0x5E, 0x09, 0xC1, 0xBE, 0xE0, 0x91 -}; - -/* Macro to perform one column of the RS matrix multiplication. The - * parameters a, b, c, and d are the four bytes of output; i is the index - * of the key bytes, and w, x, y, and z, are the column of constants from - * the RS matrix, preprocessed through the poly_to_exp table. */ - -#define CALC_S(a, b, c, d, i, w, x, y, z) \ - if (key[i]) { \ - tmp = poly_to_exp[key[i] - 1]; \ - (a) ^= exp_to_poly[tmp + (w)]; \ - (b) ^= exp_to_poly[tmp + (x)]; \ - (c) ^= exp_to_poly[tmp + (y)]; \ - (d) ^= exp_to_poly[tmp + (z)]; \ - } - -/* Macros to calculate the key-dependent S-boxes for a 128-bit key using - * the S vector from CALC_S. CALC_SB_2 computes a single entry in all - * four S-boxes, where i is the index of the entry to compute, and a and b - * are the index numbers preprocessed through the q0 and q1 tables - * respectively. */ - -#define CALC_SB_2(i, a, b) \ - ctx->s[0][i] = mds[0][q0[(a) ^ sa] ^ se]; \ - ctx->s[1][i] = mds[1][q0[(b) ^ sb] ^ sf]; \ - ctx->s[2][i] = mds[2][q1[(a) ^ sc] ^ sg]; \ - ctx->s[3][i] = mds[3][q1[(b) ^ sd] ^ sh] - -/* Macro exactly like CALC_SB_2, but for 192-bit keys. */ - -#define CALC_SB192_2(i, a, b) \ - ctx->s[0][i] = mds[0][q0[q0[(b) ^ sa] ^ se] ^ si]; \ - ctx->s[1][i] = mds[1][q0[q1[(b) ^ sb] ^ sf] ^ sj]; \ - ctx->s[2][i] = mds[2][q1[q0[(a) ^ sc] ^ sg] ^ sk]; \ - ctx->s[3][i] = mds[3][q1[q1[(a) ^ sd] ^ sh] ^ sl]; - -/* Macro exactly like CALC_SB_2, but for 256-bit keys. */ - -#define CALC_SB256_2(i, a, b) \ - ctx->s[0][i] = mds[0][q0[q0[q1[(b) ^ sa] ^ se] ^ si] ^ sm]; \ - ctx->s[1][i] = mds[1][q0[q1[q1[(a) ^ sb] ^ sf] ^ sj] ^ sn]; \ - ctx->s[2][i] = mds[2][q1[q0[q0[(a) ^ sc] ^ sg] ^ sk] ^ so]; \ - ctx->s[3][i] = mds[3][q1[q1[q0[(b) ^ sd] ^ sh] ^ sl] ^ sp]; - -/* Macros to calculate the whitening and round subkeys. CALC_K_2 computes the - * last two stages of the h() function for a given index (either 2i or 2i+1). - * a, b, c, and d are the four bytes going into the last two stages. For - * 128-bit keys, this is the entire h() function and a and c are the index - * preprocessed through q0 and q1 respectively; for longer keys they are the - * output of previous stages. j is the index of the first key byte to use. - * CALC_K computes a pair of subkeys for 128-bit Twofish, by calling CALC_K_2 - * twice, doing the Psuedo-Hadamard Transform, and doing the necessary - * rotations. Its parameters are: a, the array to write the results into, - * j, the index of the first output entry, k and l, the preprocessed indices - * for index 2i, and m and n, the preprocessed indices for index 2i+1. - * CALC_K192_2 expands CALC_K_2 to handle 192-bit keys, by doing an - * additional lookup-and-XOR stage. The parameters a, b, c and d are the - * four bytes going into the last three stages. For 192-bit keys, c = d - * are the index preprocessed through q0, and a = b are the index - * preprocessed through q1; j is the index of the first key byte to use. - * CALC_K192 is identical to CALC_K but for using the CALC_K192_2 macro - * instead of CALC_K_2. - * CALC_K256_2 expands CALC_K192_2 to handle 256-bit keys, by doing an - * additional lookup-and-XOR stage. The parameters a and b are the index - * preprocessed through q0 and q1 respectively; j is the index of the first - * key byte to use. CALC_K256 is identical to CALC_K but for using the - * CALC_K256_2 macro instead of CALC_K_2. */ - -#define CALC_K_2(a, b, c, d, j) \ - mds[0][q0[a ^ key[(j) + 8]] ^ key[j]] \ - ^ mds[1][q0[b ^ key[(j) + 9]] ^ key[(j) + 1]] \ - ^ mds[2][q1[c ^ key[(j) + 10]] ^ key[(j) + 2]] \ - ^ mds[3][q1[d ^ key[(j) + 11]] ^ key[(j) + 3]] - -#define CALC_K(a, j, k, l, m, n) \ - x = CALC_K_2 (k, l, k, l, 0); \ - y = CALC_K_2 (m, n, m, n, 4); \ - y = (y << 8) + (y >> 24); \ - x += y; y += x; ctx->a[j] = x; \ - ctx->a[(j) + 1] = (y << 9) + (y >> 23) - -#define CALC_K192_2(a, b, c, d, j) \ - CALC_K_2 (q0[a ^ key[(j) + 16]], \ - q1[b ^ key[(j) + 17]], \ - q0[c ^ key[(j) + 18]], \ - q1[d ^ key[(j) + 19]], j) - -#define CALC_K192(a, j, k, l, m, n) \ - x = CALC_K192_2 (l, l, k, k, 0); \ - y = CALC_K192_2 (n, n, m, m, 4); \ - y = (y << 8) + (y >> 24); \ - x += y; y += x; ctx->a[j] = x; \ - ctx->a[(j) + 1] = (y << 9) + (y >> 23) - -#define CALC_K256_2(a, b, j) \ - CALC_K192_2 (q1[b ^ key[(j) + 24]], \ - q1[a ^ key[(j) + 25]], \ - q0[a ^ key[(j) + 26]], \ - q0[b ^ key[(j) + 27]], j) - -#define CALC_K256(a, j, k, l, m, n) \ - x = CALC_K256_2 (k, l, 0); \ - y = CALC_K256_2 (m, n, 4); \ - y = (y << 8) + (y >> 24); \ - x += y; y += x; ctx->a[j] = x; \ - ctx->a[(j) + 1] = (y << 9) + (y >> 23) - -/* Perform the key setup. */ - -int twofish_set_key (TWOFISH_context *ctx, - const unsigned char *key, int key_len) -{ - - int i, j, k; - - /* Temporaries for CALC_K. */ - u32 x, y; - - /* The S vector used to key the S-boxes, split up into individual bytes. - * 128-bit keys use only sa through sh; 256-bit use all of them. */ - u8 sa = 0, sb = 0, sc = 0, sd = 0, se = 0, sf = 0, sg = 0, sh = 0; - u8 si = 0, sj = 0, sk = 0, sl = 0, sm = 0, sn = 0, so = 0, sp = 0; - - /* Temporary for CALC_S. */ - u8 tmp; - - /* Check key length. */ - if (key_len != 16 && key_len != 24 && key_len != 32) - return -1; /* unsupported key length */ - - /* Compute the first two words of the S vector. The magic numbers are - * the entries of the RS matrix, preprocessed through poly_to_exp. The - * numbers in the comments are the original (polynomial form) matrix - * entries. */ - CALC_S (sa, sb, sc, sd, 0, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ - CALC_S (sa, sb, sc, sd, 1, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ - CALC_S (sa, sb, sc, sd, 2, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ - CALC_S (sa, sb, sc, sd, 3, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ - CALC_S (sa, sb, sc, sd, 4, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ - CALC_S (sa, sb, sc, sd, 5, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ - CALC_S (sa, sb, sc, sd, 6, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ - CALC_S (sa, sb, sc, sd, 7, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ - CALC_S (se, sf, sg, sh, 8, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ - CALC_S (se, sf, sg, sh, 9, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ - CALC_S (se, sf, sg, sh, 10, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ - CALC_S (se, sf, sg, sh, 11, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ - CALC_S (se, sf, sg, sh, 12, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ - CALC_S (se, sf, sg, sh, 13, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ - CALC_S (se, sf, sg, sh, 14, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ - CALC_S (se, sf, sg, sh, 15, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ - - if (key_len == 24 || key_len == 32) { /* 192- or 256-bit key */ - /* Calculate the third word of the S vector */ - CALC_S (si, sj, sk, sl, 16, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ - CALC_S (si, sj, sk, sl, 17, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ - CALC_S (si, sj, sk, sl, 18, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ - CALC_S (si, sj, sk, sl, 19, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ - CALC_S (si, sj, sk, sl, 20, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ - CALC_S (si, sj, sk, sl, 21, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ - CALC_S (si, sj, sk, sl, 22, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ - CALC_S (si, sj, sk, sl, 23, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ - } - - if (key_len == 32) { /* 256-bit key */ - /* Calculate the fourth word of the S vector */ - CALC_S (sm, sn, so, sp, 24, 0x00, 0x2D, 0x01, 0x2D); /* 01 A4 02 A4 */ - CALC_S (sm, sn, so, sp, 25, 0x2D, 0xA4, 0x44, 0x8A); /* A4 56 A1 55 */ - CALC_S (sm, sn, so, sp, 26, 0x8A, 0xD5, 0xBF, 0xD1); /* 55 82 FC 87 */ - CALC_S (sm, sn, so, sp, 27, 0xD1, 0x7F, 0x3D, 0x99); /* 87 F3 C1 5A */ - CALC_S (sm, sn, so, sp, 28, 0x99, 0x46, 0x66, 0x96); /* 5A 1E 47 58 */ - CALC_S (sm, sn, so, sp, 29, 0x96, 0x3C, 0x5B, 0xED); /* 58 C6 AE DB */ - CALC_S (sm, sn, so, sp, 30, 0xED, 0x37, 0x4F, 0xE0); /* DB 68 3D 9E */ - CALC_S (sm, sn, so, sp, 31, 0xE0, 0xD0, 0x8C, 0x17); /* 9E E5 19 03 */ - - /* Compute the S-boxes. */ - for ( i = j = 0, k = 1; i < 256; i++, j += 2, k += 2 ) { - CALC_SB256_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); - } - - /* Calculate whitening and round subkeys. The constants are - * indices of subkeys, preprocessed through q0 and q1. */ - CALC_K256 (w, 0, 0xA9, 0x75, 0x67, 0xF3); - CALC_K256 (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); - CALC_K256 (w, 4, 0x04, 0xDB, 0xFD, 0x7B); - CALC_K256 (w, 6, 0xA3, 0xFB, 0x76, 0xC8); - CALC_K256 (k, 0, 0x9A, 0x4A, 0x92, 0xD3); - CALC_K256 (k, 2, 0x80, 0xE6, 0x78, 0x6B); - CALC_K256 (k, 4, 0xE4, 0x45, 0xDD, 0x7D); - CALC_K256 (k, 6, 0xD1, 0xE8, 0x38, 0x4B); - CALC_K256 (k, 8, 0x0D, 0xD6, 0xC6, 0x32); - CALC_K256 (k, 10, 0x35, 0xD8, 0x98, 0xFD); - CALC_K256 (k, 12, 0x18, 0x37, 0xF7, 0x71); - CALC_K256 (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); - CALC_K256 (k, 16, 0x43, 0x30, 0x75, 0x0F); - CALC_K256 (k, 18, 0x37, 0xF8, 0x26, 0x1B); - CALC_K256 (k, 20, 0xFA, 0x87, 0x13, 0xFA); - CALC_K256 (k, 22, 0x94, 0x06, 0x48, 0x3F); - CALC_K256 (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); - CALC_K256 (k, 26, 0x8B, 0xAE, 0x30, 0x5B); - CALC_K256 (k, 28, 0x84, 0x8A, 0x54, 0x00); - CALC_K256 (k, 30, 0xDF, 0xBC, 0x23, 0x9D); - } else if (key_len == 24) { /* 192-bit key */ - /* Compute the S-boxes. */ - for ( i = j = 0, k = 1; i < 256; i++, j += 2, k += 2 ) { - CALC_SB192_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); - } - - /* Calculate whitening and round subkeys. The constants are - * indices of subkeys, preprocessed through q0 and q1. */ - CALC_K192 (w, 0, 0xA9, 0x75, 0x67, 0xF3); - CALC_K192 (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); - CALC_K192 (w, 4, 0x04, 0xDB, 0xFD, 0x7B); - CALC_K192 (w, 6, 0xA3, 0xFB, 0x76, 0xC8); - CALC_K192 (k, 0, 0x9A, 0x4A, 0x92, 0xD3); - CALC_K192 (k, 2, 0x80, 0xE6, 0x78, 0x6B); - CALC_K192 (k, 4, 0xE4, 0x45, 0xDD, 0x7D); - CALC_K192 (k, 6, 0xD1, 0xE8, 0x38, 0x4B); - CALC_K192 (k, 8, 0x0D, 0xD6, 0xC6, 0x32); - CALC_K192 (k, 10, 0x35, 0xD8, 0x98, 0xFD); - CALC_K192 (k, 12, 0x18, 0x37, 0xF7, 0x71); - CALC_K192 (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); - CALC_K192 (k, 16, 0x43, 0x30, 0x75, 0x0F); - CALC_K192 (k, 18, 0x37, 0xF8, 0x26, 0x1B); - CALC_K192 (k, 20, 0xFA, 0x87, 0x13, 0xFA); - CALC_K192 (k, 22, 0x94, 0x06, 0x48, 0x3F); - CALC_K192 (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); - CALC_K192 (k, 26, 0x8B, 0xAE, 0x30, 0x5B); - CALC_K192 (k, 28, 0x84, 0x8A, 0x54, 0x00); - CALC_K192 (k, 30, 0xDF, 0xBC, 0x23, 0x9D); - } else { /* 128-bit key */ - /* Compute the S-boxes. */ - for ( i = j = 0, k = 1; i < 256; i++, j += 2, k += 2 ) { - CALC_SB_2( i, calc_sb_tbl[j], calc_sb_tbl[k] ); - } - - /* Calculate whitening and round subkeys. The constants are - * indices of subkeys, preprocessed through q0 and q1. */ - CALC_K (w, 0, 0xA9, 0x75, 0x67, 0xF3); - CALC_K (w, 2, 0xB3, 0xC6, 0xE8, 0xF4); - CALC_K (w, 4, 0x04, 0xDB, 0xFD, 0x7B); - CALC_K (w, 6, 0xA3, 0xFB, 0x76, 0xC8); - CALC_K (k, 0, 0x9A, 0x4A, 0x92, 0xD3); - CALC_K (k, 2, 0x80, 0xE6, 0x78, 0x6B); - CALC_K (k, 4, 0xE4, 0x45, 0xDD, 0x7D); - CALC_K (k, 6, 0xD1, 0xE8, 0x38, 0x4B); - CALC_K (k, 8, 0x0D, 0xD6, 0xC6, 0x32); - CALC_K (k, 10, 0x35, 0xD8, 0x98, 0xFD); - CALC_K (k, 12, 0x18, 0x37, 0xF7, 0x71); - CALC_K (k, 14, 0xEC, 0xF1, 0x6C, 0xE1); - CALC_K (k, 16, 0x43, 0x30, 0x75, 0x0F); - CALC_K (k, 18, 0x37, 0xF8, 0x26, 0x1B); - CALC_K (k, 20, 0xFA, 0x87, 0x13, 0xFA); - CALC_K (k, 22, 0x94, 0x06, 0x48, 0x3F); - CALC_K (k, 24, 0xF2, 0x5E, 0xD0, 0xBA); - CALC_K (k, 26, 0x8B, 0xAE, 0x30, 0x5B); - CALC_K (k, 28, 0x84, 0x8A, 0x54, 0x00); - CALC_K (k, 30, 0xDF, 0xBC, 0x23, 0x9D); - } - - return 0; -} - -/* Macros to compute the g() function in the encryption and decryption - * rounds. G1 is the straight g() function; G2 includes the 8-bit - * rotation for the high 32-bit word. */ - -#define G1(a) \ - (ctx->s[0][(a) & 0xFF]) ^ (ctx->s[1][((a) >> 8) & 0xFF]) \ - ^ (ctx->s[2][((a) >> 16) & 0xFF]) ^ (ctx->s[3][(a) >> 24]) - -#define G2(b) \ - (ctx->s[1][(b) & 0xFF]) ^ (ctx->s[2][((b) >> 8) & 0xFF]) \ - ^ (ctx->s[3][((b) >> 16) & 0xFF]) ^ (ctx->s[0][(b) >> 24]) - -/* Encryption and decryption Feistel rounds. Each one calls the two g() - * macros, does the PHT, and performs the XOR and the appropriate bit - * rotations. The parameters are the round number (used to select subkeys), - * and the four 32-bit chunks of the text. */ - -#define ENCROUND(n, a, b, c, d) \ - x = G1 (a); y = G2 (b); \ - x += y; y += x + ctx->k[2 * (n) + 1]; \ - (c) ^= x + ctx->k[2 * (n)]; \ - (c) = ((c) >> 1) + ((c) << 31); \ - (d) = (((d) << 1)+((d) >> 31)) ^ y - -#define DECROUND(n, a, b, c, d) \ - x = G1 (a); y = G2 (b); \ - x += y; y += x; \ - (d) ^= y + ctx->k[2 * (n) + 1]; \ - (d) = ((d) >> 1) + ((d) << 31); \ - (c) = (((c) << 1)+((c) >> 31)); \ - (c) ^= (x + ctx->k[2 * (n)]) - -/* Encryption and decryption cycles; each one is simply two Feistel rounds - * with the 32-bit chunks re-ordered to simulate the "swap" */ - -#define ENCCYCLE(n) \ - ENCROUND (2 * (n), a, b, c, d); \ - ENCROUND (2 * (n) + 1, c, d, a, b) - -#define DECCYCLE(n) \ - DECROUND (2 * (n) + 1, c, d, a, b); \ - DECROUND (2 * (n), a, b, c, d) - -/* Macros to convert the input and output bytes into 32-bit words, - * and simultaneously perform the whitening step. INPACK packs word - * number n into the variable named by x, using whitening subkey number m. - * OUTUNPACK unpacks word number n from the variable named by x, using - * whitening subkey number m. */ - -#define INPACK(n, x, m) \ - x = in[4 * (n)] ^ (in[4 * (n) + 1] << 8) \ - ^ (in[4 * (n) + 2] << 16) ^ (in[4 * (n) + 3] << 24) ^ ctx->w[m] - -#define OUTUNPACK(n, x, m) \ - x ^= ctx->w[m]; \ - out[4 * (n)] = x; out[4 * (n) + 1] = x >> 8; \ - out[4 * (n) + 2] = x >> 16; out[4 * (n) + 3] = x >> 24 - -/* Encrypt one block. in and out may be the same. */ - -int twofish_encrypt (TWOFISH_context *ctx, - const u8 *in, u8 *out) -{ - /* The four 32-bit chunks of the text. */ - u32 a, b, c, d; - - /* Temporaries used by the round function. */ - u32 x, y; - - /* Input whitening and packing. */ - INPACK (0, a, 0); - INPACK (1, b, 1); - INPACK (2, c, 2); - INPACK (3, d, 3); - - /* Encryption Feistel cycles. */ - ENCCYCLE (0); - ENCCYCLE (1); - ENCCYCLE (2); - ENCCYCLE (3); - ENCCYCLE (4); - ENCCYCLE (5); - ENCCYCLE (6); - ENCCYCLE (7); - - /* Output whitening and unpacking. */ - OUTUNPACK (0, c, 4); - OUTUNPACK (1, d, 5); - OUTUNPACK (2, a, 6); - OUTUNPACK (3, b, 7); - - return 0; -} - -/* Decrypt one block. in and out may be the same. */ - -int twofish_decrypt (TWOFISH_context *ctx, - const u8 *in, u8 *out) -{ - /* The four 32-bit chunks of the text. */ - u32 a, b, c, d; - - /* Temporaries used by the round function. */ - u32 x, y; - - /* Input whitening and packing. */ - INPACK (0, c, 4); - INPACK (1, d, 5); - INPACK (2, a, 6); - INPACK (3, b, 7); - - /* Encryption Feistel cycles. */ - DECCYCLE (7); - DECCYCLE (6); - DECCYCLE (5); - DECCYCLE (4); - DECCYCLE (3); - DECCYCLE (2); - DECCYCLE (1); - DECCYCLE (0); - - /* Output whitening and unpacking. */ - OUTUNPACK (0, a, 0); - OUTUNPACK (1, b, 1); - OUTUNPACK (2, c, 2); - OUTUNPACK (3, d, 3); - - return 0; -} - -/* eof */ diff --git a/src/libcrypto/libtwofish/twofish.h b/src/libcrypto/libtwofish/twofish.h deleted file mode 100644 index 9b289f265..000000000 --- a/src/libcrypto/libtwofish/twofish.h +++ /dev/null @@ -1,20 +0,0 @@ -#ifndef TWOFISH_H -#define TWOFISH_H -#ifdef __KERNEL__ -#include <linux/types.h> -#else -#include <sys/types.h> -#endif -/* Structure for an expanded Twofish key. s contains the key-dependent - * S-boxes composed with the MDS matrix; w contains the eight "whitening" - * subkeys, K[0] through K[7]. k holds the remaining, "round" subkeys. Note - * that k[i] corresponds to what the Twofish paper calls K[i+8]. */ -typedef struct { - u_int32_t s[4][256], w[8], k[32]; -} TWOFISH_context; - -typedef TWOFISH_context twofish_context; -int twofish_set_key(twofish_context *tf_ctx, const u_int8_t * in_key, int key_len); -int twofish_encrypt(twofish_context *tf_ctx, const u_int8_t * in, u_int8_t * out); -int twofish_decrypt(twofish_context * tf_ctx, const u_int8_t * in, u_int8_t * out); -#endif /* TWOFISH_H */ diff --git a/src/libcrypto/libtwofish/twofish_cbc.c b/src/libcrypto/libtwofish/twofish_cbc.c deleted file mode 100644 index 6e5cf9025..000000000 --- a/src/libcrypto/libtwofish/twofish_cbc.c +++ /dev/null @@ -1,8 +0,0 @@ -#ifdef __KERNEL__ -#include <linux/types.h> -#else -#include <sys/types.h> -#endif -#include "twofish_cbc.h" -#include "cbc_generic.h" -CBC_IMPL_BLK16(twofish_cbc_encrypt, twofish_context, u_int8_t *, twofish_encrypt, twofish_decrypt); diff --git a/src/libcrypto/libtwofish/twofish_cbc.h b/src/libcrypto/libtwofish/twofish_cbc.h deleted file mode 100644 index 9fdea3526..000000000 --- a/src/libcrypto/libtwofish/twofish_cbc.h +++ /dev/null @@ -1,3 +0,0 @@ -/* Glue header */ -#include "twofish.h" -int twofish_cbc_encrypt(twofish_context *ctx, const u_int8_t * in, u_int8_t * out, int ilen, const u_int8_t* iv, int encrypt); diff --git a/src/libcrypto/perlasm/LICENSE b/src/libcrypto/perlasm/LICENSE deleted file mode 100644 index 3fd259ac3..000000000 --- a/src/libcrypto/perlasm/LICENSE +++ /dev/null @@ -1,127 +0,0 @@ - - LICENSE ISSUES - ============== - - The OpenSSL toolkit stays under a dual license, i.e. both the conditions of - the OpenSSL License and the original SSLeay license apply to the toolkit. - See below for the actual license texts. Actually both licenses are BSD-style - Open Source licenses. In case of any license issues related to OpenSSL - please contact openssl-core@openssl.org. - - OpenSSL License - --------------- - -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - Original SSLeay License - ----------------------- - -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - diff --git a/src/libcrypto/perlasm/alpha.pl b/src/libcrypto/perlasm/alpha.pl deleted file mode 100644 index fe69ca5a3..000000000 --- a/src/libcrypto/perlasm/alpha.pl +++ /dev/null @@ -1,434 +0,0 @@ -#!/usr/bin/perl - -package alpha; -use Carp qw(croak cluck); - -$label="100"; - -$n_debug=0; -$smear_regs=1; -$reg_alloc=1; - -$align="3"; -$com_start="#"; - -sub main'asm_init_output { @out=(); } -sub main'asm_get_output { return(@out); } -sub main'get_labels { return(@labels); } -sub main'external_label { push(@labels,@_); } - -# General registers - -%regs=( 'r0', '$0', - 'r1', '$1', - 'r2', '$2', - 'r3', '$3', - 'r4', '$4', - 'r5', '$5', - 'r6', '$6', - 'r7', '$7', - 'r8', '$8', - 'r9', '$22', - 'r10', '$23', - 'r11', '$24', - 'r12', '$25', - 'r13', '$27', - 'r14', '$28', - 'r15', '$21', # argc == 5 - 'r16', '$20', # argc == 4 - 'r17', '$19', # argc == 3 - 'r18', '$18', # argc == 2 - 'r19', '$17', # argc == 1 - 'r20', '$16', # argc == 0 - 'r21', '$9', # save 0 - 'r22', '$10', # save 1 - 'r23', '$11', # save 2 - 'r24', '$12', # save 3 - 'r25', '$13', # save 4 - 'r26', '$14', # save 5 - - 'a0', '$16', - 'a1', '$17', - 'a2', '$18', - 'a3', '$19', - 'a4', '$20', - 'a5', '$21', - - 's0', '$9', - 's1', '$10', - 's2', '$11', - 's3', '$12', - 's4', '$13', - 's5', '$14', - 'zero', '$31', - 'sp', '$30', - ); - -$main'reg_s0="r21"; -$main'reg_s1="r22"; -$main'reg_s2="r23"; -$main'reg_s3="r24"; -$main'reg_s4="r25"; -$main'reg_s5="r26"; - -@reg=( '$0', '$1' ,'$2' ,'$3' ,'$4' ,'$5' ,'$6' ,'$7' ,'$8', - '$22','$23','$24','$25','$20','$21','$27','$28'); - - -sub main'sub { &out3("subq",@_); } -sub main'add { &out3("addq",@_); } -sub main'mov { &out3("bis",$_[0],$_[0],$_[1]); } -sub main'or { &out3("bis",@_); } -sub main'bis { &out3("bis",@_); } -sub main'br { &out1("br",@_); } -sub main'ld { &out2("ldq",@_); } -sub main'st { &out2("stq",@_); } -sub main'cmpult { &out3("cmpult",@_); } -sub main'cmplt { &out3("cmplt",@_); } -sub main'bgt { &out2("bgt",@_); } -sub main'ble { &out2("ble",@_); } -sub main'blt { &out2("blt",@_); } -sub main'mul { &out3("mulq",@_); } -sub main'muh { &out3("umulh",@_); } - -$main'QWS=8; - -sub main'asm_add - { - push(@out,@_); - } - -sub main'asm_finish - { - &main'file_end(); - print &main'asm_get_output(); - } - -sub main'asm_init - { - ($type,$fn)=@_; - $filename=$fn; - - &main'asm_init_output(); - &main'comment("Don't even think of reading this code"); - &main'comment("It was automatically generated by $filename"); - &main'comment("Which is a perl program used to generate the alpha assember."); - &main'comment("eric <eay\@cryptsoft.com>"); - &main'comment(""); - - $filename =~ s/\.pl$//; - &main'file($filename); - } - -sub conv - { - local($r)=@_; - local($v); - - return($regs{$r}) if defined($regs{$r}); - return($r); - } - -sub main'QWPw - { - local($off,$reg)=@_; - - return(&main'QWP($off*8,$reg)); - } - -sub main'QWP - { - local($off,$reg)=@_; - - $ret="$off(".&conv($reg).")"; - return($ret); - } - -sub out3 - { - local($name,$p1,$p2,$p3)=@_; - - $p1=&conv($p1); - $p2=&conv($p2); - $p3=&conv($p3); - push(@out,"\t$name\t"); - $l=length($p1)+1; - push(@out,$p1.","); - $ll=3-($l+9)/8; - $tmp1=sprintf("\t" x $ll); - push(@out,$tmp1); - - $l=length($p2)+1; - push(@out,$p2.","); - $ll=3-($l+9)/8; - $tmp1=sprintf("\t" x $ll); - push(@out,$tmp1); - - push(@out,&conv($p3)."\n"); - } - -sub out2 - { - local($name,$p1,$p2,$p3)=@_; - - $p1=&conv($p1); - $p2=&conv($p2); - push(@out,"\t$name\t"); - $l=length($p1)+1; - push(@out,$p1.","); - $ll=3-($l+9)/8; - $tmp1=sprintf("\t" x $ll); - push(@out,$tmp1); - - push(@out,&conv($p2)."\n"); - } - -sub out1 - { - local($name,$p1)=@_; - - $p1=&conv($p1); - push(@out,"\t$name\t".$p1."\n"); - } - -sub out0 - { - push(@out,"\t$_[0]\n"); - } - -sub main'file - { - local($file)=@_; - - local($tmp)=<<"EOF"; - # DEC Alpha assember - # Generated from perl scripts contains in SSLeay - .file 1 "$file.s" - .set noat -EOF - push(@out,$tmp); - } - -sub main'function_begin - { - local($func)=@_; - -print STDERR "$func\n"; - local($tmp)=<<"EOF"; - .text - .align $align - .globl $func - .ent $func -${func}: -${func}..ng: - .frame \$30,0,\$26,0 - .prologue 0 -EOF - push(@out,$tmp); - $stack=0; - } - -sub main'function_end - { - local($func)=@_; - - local($tmp)=<<"EOF"; - ret \$31,(\$26),1 - .end $func -EOF - push(@out,$tmp); - $stack=0; - %label=(); - } - -sub main'function_end_A - { - local($func)=@_; - - local($tmp)=<<"EOF"; - ret \$31,(\$26),1 -EOF - push(@out,$tmp); - } - -sub main'function_end_B - { - local($func)=@_; - - $func=$under.$func; - - push(@out,"\t.end $func\n"); - $stack=0; - %label=(); - } - -sub main'wparam - { - local($num)=@_; - - if ($num < 6) - { - $num=20-$num; - return("r$num"); - } - else - { return(&main'QWP($stack+$num*8,"sp")); } - } - -sub main'stack_push - { - local($num)=@_; - $stack+=$num*8; - &main'sub("sp",$num*8,"sp"); - } - -sub main'stack_pop - { - local($num)=@_; - $stack-=$num*8; - &main'add("sp",$num*8,"sp"); - } - -sub main'swtmp - { - return(&main'QWP(($_[0])*8,"sp")); - } - -# Should use swtmp, which is above sp. Linix can trash the stack above esp -#sub main'wtmp -# { -# local($num)=@_; -# -# return(&main'QWP(-($num+1)*4,"esp","",0)); -# } - -sub main'comment - { - foreach (@_) - { - if (/^\s*$/) - { push(@out,"\n"); } - else - { push(@out,"\t$com_start $_ $com_end\n"); } - } - } - -sub main'label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}=$label; - $label++; - } - return('$'.$label{$_[0]}); - } - -sub main'set_label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}=$label; - $label++; - } -# push(@out,".align $align\n") if ($_[1] != 0); - push(@out,'$'."$label{$_[0]}:\n"); - } - -sub main'file_end - { - } - -sub main'data_word - { - push(@out,"\t.long $_[0]\n"); - } - -@pool_free=(); -@pool_taken=(); -$curr_num=0; -$max=0; - -sub main'init_pool - { - local($args)=@_; - local($i); - - @pool_free=(); - for ($i=(14+(6-$args)); $i >= 0; $i--) - { - push(@pool_free,"r$i"); - } - print STDERR "START :register pool:@pool_free\n"; - $curr_num=$max=0; - } - -sub main'fin_pool - { - printf STDERR "END %2d:register pool:@pool_free\n",$max; - } - -sub main'GR - { - local($r)=@_; - local($i,@n,$_); - - foreach (@pool_free) - { - if ($r ne $_) - { push(@n,$_); } - else - { - $curr_num++; - $max=$curr_num if ($curr_num > $max); - } - } - @pool_free=@n; -print STDERR "GR:@pool_free\n" if $reg_alloc; - return(@_); - } - -sub main'NR - { - local($num)=@_; - local(@ret); - - $num=1 if $num == 0; - ($#pool_free >= ($num-1)) || croak "out of registers: want $num, have @pool_free"; - while ($num > 0) - { - push(@ret,pop @pool_free); - $curr_num++; - $max=$curr_num if ($curr_num > $max); - $num-- - } - print STDERR "nr @ret\n" if $n_debug; -print STDERR "NR:@pool_free\n" if $reg_alloc; - return(@ret); - - } - -sub main'FR - { - local(@r)=@_; - local(@a,$v,$w); - - print STDERR "fr @r\n" if $n_debug; -# cluck "fr @r"; - for $w (@pool_free) - { - foreach $v (@r) - { - croak "double register free of $v (@pool_free)" if $w eq $v; - } - } - foreach $v (@r) - { - croak "bad argument to FR" if ($v !~ /^r\d+$/); - if ($smear_regs) - { unshift(@pool_free,$v); } - else { push(@pool_free,$v); } - $curr_num--; - } -print STDERR "FR:@pool_free\n" if $reg_alloc; - } -1; diff --git a/src/libcrypto/perlasm/cbc.pl b/src/libcrypto/perlasm/cbc.pl deleted file mode 100644 index 278930579..000000000 --- a/src/libcrypto/perlasm/cbc.pl +++ /dev/null @@ -1,342 +0,0 @@ -#!/usr/bin/perl - -# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc) -# des_cblock (*input); -# des_cblock (*output); -# long length; -# des_key_schedule schedule; -# des_cblock (*ivec); -# int enc; -# -# calls -# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); -# - -#&cbc("des_ncbc_encrypt","des_encrypt",0); -#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt", -# 1,4,5,3,5,-1); -#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt", -# 0,4,5,3,5,-1); -#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3", -# 0,6,7,3,4,5); -# -# When doing a cipher that needs bigendian order, -# for encrypt, the iv is kept in bigendian form, -# while for decrypt, it is kept in little endian. -sub cbc - { - local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_; - # name is the function name - # enc_func and dec_func and the functions to call for encrypt/decrypt - # swap is true if byte order needs to be reversed - # iv_off is parameter number for the iv - # enc_off is parameter number for the encrypt/decrypt flag - # p1,p2,p3 are the offsets for parameters to be passed to the - # underlying calls. - - &function_begin_B($name,""); - &comment(""); - - $in="esi"; - $out="edi"; - $count="ebp"; - - &push("ebp"); - &push("ebx"); - &push("esi"); - &push("edi"); - - $data_off=4; - $data_off+=4 if ($p1 > 0); - $data_off+=4 if ($p2 > 0); - $data_off+=4 if ($p3 > 0); - - &mov($count, &wparam(2)); # length - - &comment("getting iv ptr from parameter $iv_off"); - &mov("ebx", &wparam($iv_off)); # Get iv ptr - - &mov($in, &DWP(0,"ebx","",0));# iv[0] - &mov($out, &DWP(4,"ebx","",0));# iv[1] - - &push($out); - &push($in); - &push($out); # used in decrypt for iv[1] - &push($in); # used in decrypt for iv[0] - - &mov("ebx", "esp"); # This is the address of tin[2] - - &mov($in, &wparam(0)); # in - &mov($out, &wparam(1)); # out - - # We have loaded them all, how lets push things - &comment("getting encrypt flag from parameter $enc_off"); - &mov("ecx", &wparam($enc_off)); # Get enc flag - if ($p3 > 0) - { - &comment("get and push parameter $p3"); - if ($enc_off != $p3) - { &mov("eax", &wparam($p3)); &push("eax"); } - else { &push("ecx"); } - } - if ($p2 > 0) - { - &comment("get and push parameter $p2"); - if ($enc_off != $p2) - { &mov("eax", &wparam($p2)); &push("eax"); } - else { &push("ecx"); } - } - if ($p1 > 0) - { - &comment("get and push parameter $p1"); - if ($enc_off != $p1) - { &mov("eax", &wparam($p1)); &push("eax"); } - else { &push("ecx"); } - } - &push("ebx"); # push data/iv - - &cmp("ecx",0); - &jz(&label("decrypt")); - - &and($count,0xfffffff8); - &mov("eax", &DWP($data_off,"esp","",0)); # load iv[0] - &mov("ebx", &DWP($data_off+4,"esp","",0)); # load iv[1] - - &jz(&label("encrypt_finish")); - - ############################################################# - - &set_label("encrypt_loop"); - # encrypt start - # "eax" and "ebx" hold iv (or the last cipher text) - - &mov("ecx", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("edx", &DWP(4,$in,"",0)); # second 4 bytes - - &xor("eax", "ecx"); - &xor("ebx", "edx"); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($enc_func); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP(0,$out,"",0),"eax"); - &mov(&DWP(4,$out,"",0),"ebx"); - - # eax and ebx are the next iv. - - &add($in, 8); - &add($out, 8); - - &sub($count, 8); - &jnz(&label("encrypt_loop")); - -###################################################################3 - &set_label("encrypt_finish"); - &mov($count, &wparam(2)); # length - &and($count, 7); - &jz(&label("finish")); - &xor("ecx","ecx"); - &xor("edx","edx"); - &mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4)); - &jmp_ptr($count); - -&set_label("ej7"); - &xor("edx", "edx") if $ppro; # ppro friendly - &movb(&HB("edx"), &BP(6,$in,"",0)); - &shl("edx",8); -&set_label("ej6"); - &movb(&HB("edx"), &BP(5,$in,"",0)); -&set_label("ej5"); - &movb(&LB("edx"), &BP(4,$in,"",0)); -&set_label("ej4"); - &mov("ecx", &DWP(0,$in,"",0)); - &jmp(&label("ejend")); -&set_label("ej3"); - &movb(&HB("ecx"), &BP(2,$in,"",0)); - &xor("ecx", "ecx") if $ppro; # ppro friendly - &shl("ecx",8); -&set_label("ej2"); - &movb(&HB("ecx"), &BP(1,$in,"",0)); -&set_label("ej1"); - &movb(&LB("ecx"), &BP(0,$in,"",0)); -&set_label("ejend"); - - &xor("eax", "ecx"); - &xor("ebx", "edx"); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($enc_func); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP(0,$out,"",0),"eax"); - &mov(&DWP(4,$out,"",0),"ebx"); - - &jmp(&label("finish")); - - ############################################################# - ############################################################# - &set_label("decrypt",1); - # decrypt start - &and($count,0xfffffff8); - # The next 2 instructions are only for if the jz is taken - &mov("eax", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("ebx", &DWP($data_off+12,"esp","",0)); # get iv[1] - &jz(&label("decrypt_finish")); - - &set_label("decrypt_loop"); - &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($dec_func); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] - - &xor("ecx", "eax"); - &xor("edx", "ebx"); - - &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, - &mov("ebx", &DWP(4,$in,"",0)); # next iv actually - - &mov(&DWP(0,$out,"",0),"ecx"); - &mov(&DWP(4,$out,"",0),"edx"); - - &mov(&DWP($data_off+8,"esp","",0), "eax"); # save iv - &mov(&DWP($data_off+12,"esp","",0), "ebx"); # - - &add($in, 8); - &add($out, 8); - - &sub($count, 8); - &jnz(&label("decrypt_loop")); -############################ ENDIT #######################3 - &set_label("decrypt_finish"); - &mov($count, &wparam(2)); # length - &and($count, 7); - &jz(&label("finish")); - - &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($dec_func); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] - - &xor("ecx", "eax"); - &xor("edx", "ebx"); - - # this is for when we exit - &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, - &mov("ebx", &DWP(4,$in,"",0)); # next iv actually - -&set_label("dj7"); - &rotr("edx", 16); - &movb(&BP(6,$out,"",0), &LB("edx")); - &shr("edx",16); -&set_label("dj6"); - &movb(&BP(5,$out,"",0), &HB("edx")); -&set_label("dj5"); - &movb(&BP(4,$out,"",0), &LB("edx")); -&set_label("dj4"); - &mov(&DWP(0,$out,"",0), "ecx"); - &jmp(&label("djend")); -&set_label("dj3"); - &rotr("ecx", 16); - &movb(&BP(2,$out,"",0), &LB("ecx")); - &shl("ecx",16); -&set_label("dj2"); - &movb(&BP(1,$in,"",0), &HB("ecx")); -&set_label("dj1"); - &movb(&BP(0,$in,"",0), &LB("ecx")); -&set_label("djend"); - - # final iv is still in eax:ebx - &jmp(&label("finish")); - - -############################ FINISH #######################3 - &set_label("finish",1); - &mov("ecx", &wparam($iv_off)); # Get iv ptr - - ################################################# - $total=16+4; - $total+=4 if ($p1 > 0); - $total+=4 if ($p2 > 0); - $total+=4 if ($p3 > 0); - &add("esp",$total); - - &mov(&DWP(0,"ecx","",0), "eax"); # save iv - &mov(&DWP(4,"ecx","",0), "ebx"); # save iv - - &function_end_A($name); - - &set_label("cbc_enc_jmp_table",1); - &data_word("0"); - &data_word(&label("ej1")); - &data_word(&label("ej2")); - &data_word(&label("ej3")); - &data_word(&label("ej4")); - &data_word(&label("ej5")); - &data_word(&label("ej6")); - &data_word(&label("ej7")); - &set_label("cbc_dec_jmp_table",1); - &data_word("0"); - &data_word(&label("dj1")); - &data_word(&label("dj2")); - &data_word(&label("dj3")); - &data_word(&label("dj4")); - &data_word(&label("dj5")); - &data_word(&label("dj6")); - &data_word(&label("dj7")); - - &function_end_B($name); - - } - -1; diff --git a/src/libcrypto/perlasm/readme b/src/libcrypto/perlasm/readme deleted file mode 100644 index f02bbee75..000000000 --- a/src/libcrypto/perlasm/readme +++ /dev/null @@ -1,124 +0,0 @@ -The perl scripts in this directory are my 'hack' to generate -multiple different assembler formats via the one origional script. - -The way to use this library is to start with adding the path to this directory -and then include it. - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -The first thing we do is setup the file and type of assember - -&asm_init($ARGV[0],$0); - -The first argument is the 'type'. Currently -'cpp', 'sol', 'a.out', 'elf' or 'win32'. -Argument 2 is the file name. - -The reciprocal function is -&asm_finish() which should be called at the end. - -There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler, -and x86unix.pl which is the unix (gas) version. - -Functions of interest are: -&external_label("des_SPtrans"); declare and external variable -&LB(reg); Low byte for a register -&HB(reg); High byte for a register -&BP(off,base,index,scale) Byte pointer addressing -&DWP(off,base,index,scale) Word pointer addressing -&stack_push(num) Basically a 'sub esp, num*4' with extra -&stack_pop(num) inverse of stack_push -&function_begin(name,extra) Start a function with pushing of - edi, esi, ebx and ebp. extra is extra win32 - external info that may be required. -&function_begin_B(name,extra) Same as norma function_begin but no pushing. -&function_end(name) Call at end of function. -&function_end_A(name) Standard pop and ret, for use inside functions -&function_end_B(name) Call at end but with poping or 'ret'. -&swtmp(num) Address on stack temp word. -&wparam(num) Parameter number num, that was push - in C convention. This all works over pushes - and pops. -&comment("hello there") Put in a comment. -&label("loop") Refer to a label, normally a jmp target. -&set_label("loop") Set a label at this point. -&data_word(word) Put in a word of data. - -So how does this all hold together? Given - -int calc(int len, int *data) - { - int i,j=0; - - for (i=0; i<len; i++) - { - j+=other(data[i]); - } - } - -So a very simple version of this function could be coded as - - push(@INC,"perlasm","../../perlasm"); - require "x86asm.pl"; - - &asm_init($ARGV[0],"cacl.pl"); - - &external_label("other"); - - $tmp1= "eax"; - $j= "edi"; - $data= "esi"; - $i= "ebp"; - - &comment("a simple function"); - &function_begin("calc"); - &mov( $data, &wparam(1)); # data - &xor( $j, $j); - &xor( $i, $i); - - &set_label("loop"); - &cmp( $i, &wparam(0)); - &jge( &label("end")); - - &mov( $tmp1, &DWP(0,$data,$i,4)); - &push( $tmp1); - &call( "other"); - &add( $j, "eax"); - &pop( $tmp1); - &inc( $i); - &jmp( &label("loop")); - - &set_label("end"); - &mov( "eax", $j); - - &function_end("calc"); - - &asm_finish(); - -The above example is very very unoptimised but gives an idea of how -things work. - -There is also a cbc mode function generator in cbc.pl - -&cbc( $name, - $encrypt_function_name, - $decrypt_function_name, - $true_if_byte_swap_needed, - $parameter_number_for_iv, - $parameter_number_for_encrypt_flag, - $first_parameter_to_pass, - $second_parameter_to_pass, - $third_parameter_to_pass); - -So for example, given -void BF_encrypt(BF_LONG *data,BF_KEY *key); -void BF_decrypt(BF_LONG *data,BF_KEY *key); -void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length, - BF_KEY *ks, unsigned char *iv, int enc); - -&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",1,4,5,3,-1,-1); - -&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1); -&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5); - diff --git a/src/libcrypto/perlasm/version b/src/libcrypto/perlasm/version deleted file mode 100644 index 5e62822b4..000000000 --- a/src/libcrypto/perlasm/version +++ /dev/null @@ -1,5 +0,0 @@ -version,v 1.1.2.1 2003/11/21 18:12:23 jjo Exp - -This version of perlasm was copied from the openssl 0.9.6c distribution - -The license applying to it is enclose in the LICENSE file diff --git a/src/libcrypto/perlasm/x86asm.pl b/src/libcrypto/perlasm/x86asm.pl deleted file mode 100644 index 8af0fd17f..000000000 --- a/src/libcrypto/perlasm/x86asm.pl +++ /dev/null @@ -1,118 +0,0 @@ -#!/usr/bin/perl - -# require 'x86asm.pl'; -# &asm_init("cpp","des-586.pl"); -# XXX -# XXX -# main'asm_finish - -sub main'asm_finish - { - &file_end(); - &asm_finish_cpp() if $cpp; - print &asm_get_output(); - } - -sub main'asm_init - { - ($type,$fn,$i386)=@_; - $filename=$fn; - - $cpp=$sol=$aout=$win32=$gaswin=0; - if ( ($type eq "elf")) - { require "x86unix.pl"; } - elsif ( ($type eq "a.out")) - { $aout=1; require "x86unix.pl"; } - elsif ( ($type eq "gaswin")) - { $gaswin=1; $aout=1; require "x86unix.pl"; } - elsif ( ($type eq "sol")) - { $sol=1; require "x86unix.pl"; } - elsif ( ($type eq "cpp")) - { $cpp=1; require "x86unix.pl"; } - elsif ( ($type eq "win32")) - { $win32=1; require "x86ms.pl"; } - elsif ( ($type eq "win32n")) - { $win32=1; require "x86nasm.pl"; } - else - { - print STDERR <<"EOF"; -Pick one target type from - elf - linux, FreeBSD etc - a.out - old linux - sol - x86 solaris - cpp - format so x86unix.cpp can be used - win32 - Windows 95/Windows NT - win32n - Windows 95/Windows NT NASM format -EOF - exit(1); - } - - &asm_init_output(); - -&comment("Don't even think of reading this code"); -&comment("It was automatically generated by $filename"); -&comment("Which is a perl program used to generate the x86 assember for"); -&comment("any of elf, a.out, BSDI, Win32, gaswin (for GNU as on Win32) or Solaris"); -&comment("eric <eay\@cryptsoft.com>"); -&comment(""); - - $filename =~ s/\.pl$//; - &file($filename); - } - -sub asm_finish_cpp - { - return unless $cpp; - - local($tmp,$i); - foreach $i (&get_labels()) - { - $tmp.="#define $i _$i\n"; - } - print <<"EOF"; -/* Run the C pre-processor over this file with one of the following defined - * ELF - elf object files, - * OUT - a.out object files, - * BSDI - BSDI style a.out object files - * SOL - Solaris style elf - */ - -#define TYPE(a,b) .type a,b -#define SIZE(a,b) .size a,b - -#if defined(OUT) || (defined(BSDI) && !defined(ELF)) -$tmp -#endif - -#ifdef OUT -#define OK 1 -#define ALIGN 4 -#endif - -#if defined(BSDI) && !defined(ELF) -#define OK 1 -#define ALIGN 4 -#undef SIZE -#undef TYPE -#define SIZE(a,b) -#define TYPE(a,b) -#endif - -#if defined(ELF) || defined(SOL) -#define OK 1 -#define ALIGN 16 -#endif - -#ifndef OK -You need to define one of -ELF - elf systems - linux-elf, NetBSD and DG-UX -OUT - a.out systems - linux-a.out and FreeBSD -SOL - solaris systems, which are elf with strange comment lines -BSDI - a.out with a very primative version of as. -#endif - -/* Let the Assembler begin :-) */ -EOF - } - -1; diff --git a/src/libcrypto/perlasm/x86ms.pl b/src/libcrypto/perlasm/x86ms.pl deleted file mode 100644 index c6212f434..000000000 --- a/src/libcrypto/perlasm/x86ms.pl +++ /dev/null @@ -1,365 +0,0 @@ -#!/usr/bin/perl - -package x86ms; - -$label="L000"; - -%lb=( 'eax', 'al', - 'ebx', 'bl', - 'ecx', 'cl', - 'edx', 'dl', - 'ax', 'al', - 'bx', 'bl', - 'cx', 'cl', - 'dx', 'dl', - ); - -%hb=( 'eax', 'ah', - 'ebx', 'bh', - 'ecx', 'ch', - 'edx', 'dh', - 'ax', 'ah', - 'bx', 'bh', - 'cx', 'ch', - 'dx', 'dh', - ); - -sub main'asm_init_output { @out=(); } -sub main'asm_get_output { return(@out); } -sub main'get_labels { return(@labels); } -sub main'external_label { push(@labels,@_); } - -sub main'LB - { - (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n"; - return($lb{$_[0]}); - } - -sub main'HB - { - (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n"; - return($hb{$_[0]}); - } - -sub main'BP - { - &get_mem("BYTE",@_); - } - -sub main'DWP - { - &get_mem("DWORD",@_); - } - -sub main'BC - { - return @_; - } - -sub main'DWC - { - return @_; - } - -sub main'stack_push - { - local($num)=@_; - $stack+=$num*4; - &main'sub("esp",$num*4); - } - -sub main'stack_pop - { - local($num)=@_; - $stack-=$num*4; - &main'add("esp",$num*4); - } - -sub get_mem - { - local($size,$addr,$reg1,$reg2,$idx)=@_; - local($t,$post); - local($ret)="$size PTR "; - - $addr =~ s/^\s+//; - if ($addr =~ /^(.+)\+(.+)$/) - { - $reg2=&conv($1); - $addr="_$2"; - } - elsif ($addr =~ /^[_a-zA-Z]/) - { - $addr="_$addr"; - } - - $reg1="$regs{$reg1}" if defined($regs{$reg1}); - $reg2="$regs{$reg2}" if defined($regs{$reg2}); - if (($addr ne "") && ($addr ne 0)) - { - if ($addr !~ /^-/) - { $ret.=$addr; } - else { $post=$addr; } - } - if ($reg2 ne "") - { - $t=""; - $t="*$idx" if ($idx != 0); - $reg1="+".$reg1 if ("$reg1$post" ne ""); - $ret.="[$reg2$t$reg1$post]"; - } - else - { - $ret.="[$reg1$post]" - } - return($ret); - } - -sub main'mov { &out2("mov",@_); } -sub main'movb { &out2("mov",@_); } -sub main'and { &out2("and",@_); } -sub main'or { &out2("or",@_); } -sub main'shl { &out2("shl",@_); } -sub main'shr { &out2("shr",@_); } -sub main'xor { &out2("xor",@_); } -sub main'xorb { &out2("xor",@_); } -sub main'add { &out2("add",@_); } -sub main'adc { &out2("adc",@_); } -sub main'sub { &out2("sub",@_); } -sub main'rotl { &out2("rol",@_); } -sub main'rotr { &out2("ror",@_); } -sub main'exch { &out2("xchg",@_); } -sub main'cmp { &out2("cmp",@_); } -sub main'lea { &out2("lea",@_); } -sub main'mul { &out1("mul",@_); } -sub main'div { &out1("div",@_); } -sub main'dec { &out1("dec",@_); } -sub main'inc { &out1("inc",@_); } -sub main'jmp { &out1("jmp",@_); } -sub main'jmp_ptr { &out1p("jmp",@_); } -sub main'je { &out1("je",@_); } -sub main'jle { &out1("jle",@_); } -sub main'jz { &out1("jz",@_); } -sub main'jge { &out1("jge",@_); } -sub main'jl { &out1("jl",@_); } -sub main'jb { &out1("jb",@_); } -sub main'jc { &out1("jc",@_); } -sub main'jnc { &out1("jnc",@_); } -sub main'jnz { &out1("jnz",@_); } -sub main'jne { &out1("jne",@_); } -sub main'jno { &out1("jno",@_); } -sub main'push { &out1("push",@_); $stack+=4; } -sub main'pop { &out1("pop",@_); $stack-=4; } -sub main'bswap { &out1("bswap",@_); &using486(); } -sub main'not { &out1("not",@_); } -sub main'call { &out1("call",'_'.$_[0]); } -sub main'ret { &out0("ret"); } -sub main'nop { &out0("nop"); } - -sub out2 - { - local($name,$p1,$p2)=@_; - local($l,$t); - - push(@out,"\t$name\t"); - $t=&conv($p1).","; - $l=length($t); - push(@out,$t); - $l=4-($l+9)/8; - push(@out,"\t" x $l); - push(@out,&conv($p2)); - push(@out,"\n"); - } - -sub out0 - { - local($name)=@_; - - push(@out,"\t$name\n"); - } - -sub out1 - { - local($name,$p1)=@_; - local($l,$t); - - push(@out,"\t$name\t".&conv($p1)."\n"); - } - -sub conv - { - local($p)=@_; - - $p =~ s/0x([0-9A-Fa-f]+)/0$1h/; - return $p; - } - -sub using486 - { - return if $using486; - $using486++; - grep(s/\.386/\.486/,@out); - } - -sub main'file - { - local($file)=@_; - - local($tmp)=<<"EOF"; - TITLE $file.asm - .386 -.model FLAT -EOF - push(@out,$tmp); - } - -sub main'function_begin - { - local($func,$extra)=@_; - - push(@labels,$func); - - local($tmp)=<<"EOF"; -_TEXT SEGMENT -PUBLIC _$func -$extra -_$func PROC NEAR - push ebp - push ebx - push esi - push edi -EOF - push(@out,$tmp); - $stack=20; - } - -sub main'function_begin_B - { - local($func,$extra)=@_; - - local($tmp)=<<"EOF"; -_TEXT SEGMENT -PUBLIC _$func -$extra -_$func PROC NEAR -EOF - push(@out,$tmp); - $stack=4; - } - -sub main'function_end - { - local($func)=@_; - - local($tmp)=<<"EOF"; - pop edi - pop esi - pop ebx - pop ebp - ret -_$func ENDP -_TEXT ENDS -EOF - push(@out,$tmp); - $stack=0; - %label=(); - } - -sub main'function_end_B - { - local($func)=@_; - - local($tmp)=<<"EOF"; -_$func ENDP -_TEXT ENDS -EOF - push(@out,$tmp); - $stack=0; - %label=(); - } - -sub main'function_end_A - { - local($func)=@_; - - local($tmp)=<<"EOF"; - pop edi - pop esi - pop ebx - pop ebp - ret -EOF - push(@out,$tmp); - } - -sub main'file_end - { - push(@out,"END\n"); - } - -sub main'wparam - { - local($num)=@_; - - return(&main'DWP($stack+$num*4,"esp","",0)); - } - -sub main'swtmp - { - return(&main'DWP($_[0]*4,"esp","",0)); - } - -# Should use swtmp, which is above esp. Linix can trash the stack above esp -#sub main'wtmp -# { -# local($num)=@_; -# -# return(&main'DWP(-(($num+1)*4),"esp","",0)); -# } - -sub main'comment - { - foreach (@_) - { - push(@out,"\t; $_\n"); - } - } - -sub main'label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="\$${label}${_[0]}"; - $label++; - } - return($label{$_[0]}); - } - -sub main'set_label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="${label}${_[0]}"; - $label++; - } - if((defined $_[2]) && ($_[2] == 1)) - { - push(@out,"$label{$_[0]}::\n"); - } - else - { - push(@out,"$label{$_[0]}:\n"); - } - } - -sub main'data_word - { - push(@out,"\tDD\t$_[0]\n"); - } - -sub out1p - { - local($name,$p1)=@_; - local($l,$t); - - push(@out,"\t$name\t ".&conv($p1)."\n"); - } diff --git a/src/libcrypto/perlasm/x86nasm.pl b/src/libcrypto/perlasm/x86nasm.pl deleted file mode 100644 index 90d27fca9..000000000 --- a/src/libcrypto/perlasm/x86nasm.pl +++ /dev/null @@ -1,366 +0,0 @@ -#!/usr/bin/perl - -package x86nasm; - -$label="L000"; - -%lb=( 'eax', 'al', - 'ebx', 'bl', - 'ecx', 'cl', - 'edx', 'dl', - 'ax', 'al', - 'bx', 'bl', - 'cx', 'cl', - 'dx', 'dl', - ); - -%hb=( 'eax', 'ah', - 'ebx', 'bh', - 'ecx', 'ch', - 'edx', 'dh', - 'ax', 'ah', - 'bx', 'bh', - 'cx', 'ch', - 'dx', 'dh', - ); - -%regs=( 'eax', 'eax', - 'ebx', 'ebx', - 'ecx', 'ecx', - 'edx', 'edx', - 'esi', 'esi', - 'edi', 'edi', - 'ebp', 'ebp', - 'esp', 'esp', - 'mm0', 'mm0', - 'mm1', 'mm1', - ); - -sub main::asm_init_output { @out=(); } -sub main::asm_get_output { return(@out); } -sub main::get_labels { return(@labels); } - -sub main::external_label -{ - push(@labels,@_); - foreach (@_) { - push(@out, "extern\t_$_\n"); - } -} - -sub main::LB - { - (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n"; - return($lb{$_[0]}); - } - -sub main::HB - { - (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n"; - return($hb{$_[0]}); - } - -sub main::BP - { - &get_mem("BYTE",@_); - } - -sub main::DWP - { - &get_mem("DWORD",@_); - } - -sub main::BC - { - return "BYTE @_"; - } - -sub main::DWC - { - return "DWORD @_"; - } - -sub main::stack_push - { - my($num)=@_; - $stack+=$num*4; - &main::sub("esp",$num*4); - } - -sub main::stack_pop - { - my($num)=@_; - $stack-=$num*4; - &main::add("esp",$num*4); - } - -sub get_mem - { - my($size,$addr,$reg1,$reg2,$idx)=@_; - my($t,$post); - my($ret)="["; - $addr =~ s/^\s+//; - if ($addr =~ /^(.+)\+(.+)$/) - { - if (defined($regs{$reg2})) { - $addr=join('+', &conv($1), "_$2"); - } else { - $reg2=&conv($1); - $addr="_$2"; - } - } - elsif ($addr =~ /^[_a-zA-Z]/) - { - $addr="_$addr"; - } - - $reg1="$regs{$reg1}" if defined($regs{$reg1}); - $reg2="$regs{$reg2}" if defined($regs{$reg2}); - if (($addr ne "") && ($addr ne 0)) - { - if ($addr !~ /^-/) - { $ret.="${addr}+"; } - else { $post=$addr; } - } - if ($reg2 ne "") - { - $t=""; - $t="*$idx" if ($idx != 0); - $reg1="+".$reg1 if ("$reg1$post" ne ""); - $ret.="$reg2$t$reg1$post]"; - } - else - { - $ret.="$reg1$post]" - } - return($ret); - } - -sub main::mov { &out2("mov",@_); } -sub main::movb { &out2("mov",@_); } -sub main::and { &out2("and",@_); } -sub main::or { &out2("or",@_); } -sub main::shl { &out2("shl",@_); } -sub main::shr { &out2("shr",@_); } -sub main::xor { &out2("xor",@_); } -sub main::xorb { &out2("xor",@_); } -sub main::add { &out2("add",@_); } -sub main::adc { &out2("adc",@_); } -sub main::sub { &out2("sub",@_); } -sub main::rotl { &out2("rol",@_); } -sub main::rotr { &out2("ror",@_); } -sub main::exch { &out2("xchg",@_); } -sub main::cmp { &out2("cmp",@_); } -sub main::lea { &out2("lea",@_); } -sub main::mul { &out1("mul",@_); } -sub main::div { &out1("div",@_); } -sub main::dec { &out1("dec",@_); } -sub main::inc { &out1("inc",@_); } -sub main::jmp { &out1("jmp",@_); } -sub main::jmp_ptr { &out1p("jmp",@_); } - -# This is a bit of a kludge: declare all branches as NEAR. -sub main::je { &out1("je NEAR",@_); } -sub main::jle { &out1("jle NEAR",@_); } -sub main::jz { &out1("jz NEAR",@_); } -sub main::jge { &out1("jge NEAR",@_); } -sub main::jl { &out1("jl NEAR",@_); } -sub main::jb { &out1("jb NEAR",@_); } -sub main::jc { &out1("jc NEAR",@_); } -sub main::jnc { &out1("jnc NEAR",@_); } -sub main::jnz { &out1("jnz NEAR",@_); } -sub main::jne { &out1("jne NEAR",@_); } -sub main::jno { &out1("jno NEAR",@_); } - -sub main::push { &out1("push",@_); $stack+=4; } -sub main::pop { &out1("pop",@_); $stack-=4; } -sub main::bswap { &out1("bswap",@_); &using486(); } -sub main::not { &out1("not",@_); } -sub main::call { &out1("call",'_'.$_[0]); } -sub main::ret { &out0("ret"); } -sub main::nop { &out0("nop"); } - -sub out2 - { - my($name,$p1,$p2)=@_; - my($l,$t); - - push(@out,"\t$name\t"); - $t=&conv($p1).","; - $l=length($t); - push(@out,$t); - $l=4-($l+9)/8; - push(@out,"\t" x $l); - push(@out,&conv($p2)); - push(@out,"\n"); - } - -sub out0 - { - my($name)=@_; - - push(@out,"\t$name\n"); - } - -sub out1 - { - my($name,$p1)=@_; - my($l,$t); - push(@out,"\t$name\t".&conv($p1)."\n"); - } - -sub conv - { - my($p)=@_; - $p =~ s/0x([0-9A-Fa-f]+)/0$1h/; - return $p; - } - -sub using486 - { - return if $using486; - $using486++; - grep(s/\.386/\.486/,@out); - } - -sub main::file - { - push(@out, "segment .text\n"); - } - -sub main::function_begin - { - my($func,$extra)=@_; - - push(@labels,$func); - my($tmp)=<<"EOF"; -global _$func -_$func: - push ebp - push ebx - push esi - push edi -EOF - push(@out,$tmp); - $stack=20; - } - -sub main::function_begin_B - { - my($func,$extra)=@_; - my($tmp)=<<"EOF"; -global _$func -_$func: -EOF - push(@out,$tmp); - $stack=4; - } - -sub main::function_end - { - my($func)=@_; - - my($tmp)=<<"EOF"; - pop edi - pop esi - pop ebx - pop ebp - ret -EOF - push(@out,$tmp); - $stack=0; - %label=(); - } - -sub main::function_end_B - { - $stack=0; - %label=(); - } - -sub main::function_end_A - { - my($func)=@_; - - my($tmp)=<<"EOF"; - pop edi - pop esi - pop ebx - pop ebp - ret -EOF - push(@out,$tmp); - } - -sub main::file_end - { - } - -sub main::wparam - { - my($num)=@_; - - return(&main::DWP($stack+$num*4,"esp","",0)); - } - -sub main::swtmp - { - return(&main::DWP($_[0]*4,"esp","",0)); - } - -# Should use swtmp, which is above esp. Linix can trash the stack above esp -#sub main::wtmp -# { -# my($num)=@_; -# -# return(&main::DWP(-(($num+1)*4),"esp","",0)); -# } - -sub main::comment - { - foreach (@_) - { - push(@out,"\t; $_\n"); - } - } - -sub main::label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="\$${label}${_[0]}"; - $label++; - } - return($label{$_[0]}); - } - -sub main::set_label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}="${label}${_[0]}"; - $label++; - } - push(@out,"$label{$_[0]}:\n"); - } - -sub main::data_word - { - push(@out,"\tDD\t$_[0]\n"); - } - -sub out1p - { - my($name,$p1)=@_; - my($l,$t); - - push(@out,"\t$name\t ".&conv($p1)."\n"); - } - -## -## Additional functions required for MMX and other ops -## -sub main::testb { &out2('test', @_) } -sub main::movzx { &out2('movzx', @_) } -sub main::movd { &out2('movd', @_) } -sub main::emms { &out0('emms', @_) } diff --git a/src/libcrypto/perlasm/x86unix.pl b/src/libcrypto/perlasm/x86unix.pl deleted file mode 100644 index f804b91c9..000000000 --- a/src/libcrypto/perlasm/x86unix.pl +++ /dev/null @@ -1,472 +0,0 @@ -#!/usr/bin/perl - -package x86unix; - -$label="L000"; - -$align=($main::aout)?"4":"16"; -$under=($main::aout)?"_":""; -$com_start=($main::sol)?"/":"#"; - -sub main::asm_init_output { @out=(); } -sub main::asm_get_output { return(@out); } -sub main::get_labels { return(@labels); } -sub main::external_label { push(@labels,@_); } - -if ($main::cpp) - { - $align="ALIGN"; - $under=""; - $com_start='/*'; - $com_end='*/'; - } - -%lb=( 'eax', '%al', - 'ebx', '%bl', - 'ecx', '%cl', - 'edx', '%dl', - 'ax', '%al', - 'bx', '%bl', - 'cx', '%cl', - 'dx', '%dl', - ); - -%hb=( 'eax', '%ah', - 'ebx', '%bh', - 'ecx', '%ch', - 'edx', '%dh', - 'ax', '%ah', - 'bx', '%bh', - 'cx', '%ch', - 'dx', '%dh', - ); - -%regs=( 'eax', '%eax', - 'ebx', '%ebx', - 'ecx', '%ecx', - 'edx', '%edx', - 'esi', '%esi', - 'edi', '%edi', - 'ebp', '%ebp', - 'esp', '%esp', - 'mm0', '%mm0', - 'mm1', '%mm1', - ); - -%reg_val=( - 'eax', 0x00, - 'ebx', 0x03, - 'ecx', 0x01, - 'edx', 0x02, - 'esi', 0x06, - 'edi', 0x07, - 'ebp', 0x05, - 'esp', 0x04, - ); - -sub main::LB - { - (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n"; - return($lb{$_[0]}); - } - -sub main::HB - { - (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n"; - return($hb{$_[0]}); - } - -sub main::DWP - { - local($addr,$reg1,$reg2,$idx)=@_; - - $ret=""; - $addr =~ s/(^|[+ \t])([A-Za-z_]+[A-Za-z0-9_]+)($|[+ \t])/$1$under$2$3/; - $reg1="$regs{$reg1}" if defined($regs{$reg1}); - $reg2="$regs{$reg2}" if defined($regs{$reg2}); - $ret.=$addr if ($addr ne "") && ($addr ne 0); - if ($reg2 ne "") - { - if($idx ne "") - { $ret.="($reg1,$reg2,$idx)"; } - else - { $ret.="($reg1,$reg2)"; } - } - else - { $ret.="($reg1)" } - return($ret); - } - -sub main::BP - { - return(&main::DWP(@_)); - } - -sub main::BC - { - return @_; - } - -sub main::DWC - { - return @_; - } - -#sub main::BP -# { -# local($addr,$reg1,$reg2,$idx)=@_; -# -# $ret=""; -# -# $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/; -# $reg1="$regs{$reg1}" if defined($regs{$reg1}); -# $reg2="$regs{$reg2}" if defined($regs{$reg2}); -# $ret.=$addr if ($addr ne "") && ($addr ne 0); -# if ($reg2 ne "") -# { $ret.="($reg1,$reg2,$idx)"; } -# else -# { $ret.="($reg1)" } -# return($ret); -# } - -sub main::mov { &out2("movl",@_); } -sub main::movb { &out2("movb",@_); } -sub main::and { &out2("andl",@_); } -sub main::or { &out2("orl",@_); } -sub main::shl { &out2("sall",@_); } -sub main::shr { &out2("shrl",@_); } -sub main::xor { &out2("xorl",@_); } -sub main::xorb { &out2("xorb",@_); } -sub main::add { &out2("addl",@_); } -sub main::adc { &out2("adcl",@_); } -sub main::sub { &out2("subl",@_); } -sub main::rotl { &out2("roll",@_); } -sub main::rotr { &out2("rorl",@_); } -sub main::exch { &out2("xchg",@_); } -sub main::cmp { &out2("cmpl",@_); } -sub main::lea { &out2("leal",@_); } -sub main::mul { &out1("mull",@_); } -sub main::div { &out1("divl",@_); } -sub main::jmp { &out1("jmp",@_); } -sub main::jmp_ptr { &out1p("jmp",@_); } -sub main::je { &out1("je",@_); } -sub main::jle { &out1("jle",@_); } -sub main::jne { &out1("jne",@_); } -sub main::jnz { &out1("jnz",@_); } -sub main::jz { &out1("jz",@_); } -sub main::jge { &out1("jge",@_); } -sub main::jl { &out1("jl",@_); } -sub main::jb { &out1("jb",@_); } -sub main::jc { &out1("jc",@_); } -sub main::jnc { &out1("jnc",@_); } -sub main::jno { &out1("jno",@_); } -sub main::dec { &out1("decl",@_); } -sub main::inc { &out1("incl",@_); } -sub main::push { &out1("pushl",@_); $stack+=4; } -sub main::pop { &out1("popl",@_); $stack-=4; } -sub main::not { &out1("notl",@_); } -sub main::call { &out1("call",$under.$_[0]); } -sub main::ret { &out0("ret"); } -sub main::nop { &out0("nop"); } - -# The bswapl instruction is new for the 486. Emulate if i386. -sub main::bswap - { - if ($main::i386) - { - &main::comment("bswapl @_"); - &main::exch(main::HB(@_),main::LB(@_)); - &main::rotr(@_,16); - &main::exch(main::HB(@_),main::LB(@_)); - } - else - { - &out1("bswapl",@_); - } - } - -sub out2 - { - local($name,$p1,$p2)=@_; - local($l,$ll,$t); - local(%special)=( "roll",0xD1C0,"rorl",0xD1C8, - "rcll",0xD1D0,"rcrl",0xD1D8, - "shll",0xD1E0,"shrl",0xD1E8, - "sarl",0xD1F8); - - if ((defined($special{$name})) && defined($regs{$p1}) && ($p2 == 1)) - { - $op=$special{$name}|$reg_val{$p1}; - $tmp1=sprintf(".byte %d\n",($op>>8)&0xff); - $tmp2=sprintf(".byte %d\t",$op &0xff); - push(@out,$tmp1); - push(@out,$tmp2); - - $p2=&conv($p2); - $p1=&conv($p1); - &main::comment("$name $p2 $p1"); - return; - } - - push(@out,"\t$name\t"); - $t=&conv($p2).","; - $l=length($t); - push(@out,$t); - $ll=4-($l+9)/8; - $tmp1=sprintf("\t" x $ll); - push(@out,$tmp1); - push(@out,&conv($p1)."\n"); - } - -sub out1 - { - local($name,$p1)=@_; - local($l,$t); - local(%special)=("bswapl",0x0FC8); - - if ((defined($special{$name})) && defined($regs{$p1})) - { - $op=$special{$name}|$reg_val{$p1}; - $tmp1=sprintf(".byte %d\n",($op>>8)&0xff); - $tmp2=sprintf(".byte %d\t",$op &0xff); - push(@out,$tmp1); - push(@out,$tmp2); - - $p2=&conv($p2); - $p1=&conv($p1); - &main::comment("$name $p2 $p1"); - return; - } - - push(@out,"\t$name\t".&conv($p1)."\n"); - } - -sub out1p - { - local($name,$p1)=@_; - local($l,$t); - - push(@out,"\t$name\t*".&conv($p1)."\n"); - } - -sub out0 - { - push(@out,"\t$_[0]\n"); - } - -sub conv - { - local($p)=@_; - -# $p =~ s/0x([0-9A-Fa-f]+)/0$1h/; - - $p=$regs{$p} if (defined($regs{$p})); - - $p =~ s/^(-{0,1}[0-9A-Fa-f]+)$/\$$1/; - $p =~ s/^(0x[0-9A-Fa-f]+)$/\$$1/; - return $p; - } - -sub main::file - { - local($file)=@_; - - local($tmp)=<<"EOF"; - .file "$file.s" - .version "01.01" -EOF -# Removed the next line from previous infile -#gcc2_compiled.: - push(@out,$tmp); - } - -sub main::function_begin - { - local($func)=@_; - - &main::external_label($func); - $func=$under.$func; - - local($tmp)=<<"EOF"; -.text - .align $align -.globl $func -EOF - push(@out,$tmp); - if ($main::cpp) - { $tmp=push(@out,"\tTYPE($func,\@function)\n"); } - elsif ($main::gaswin) - { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } - else { $tmp=push(@out,"\t.type\t$func,\@function\n"); } - push(@out,"$func:\n"); - $tmp=<<"EOF"; - pushl %ebp - pushl %ebx - pushl %esi - pushl %edi - -EOF - push(@out,$tmp); - $stack=20; - } - -sub main::function_begin_B - { - local($func,$extra)=@_; - - &main::external_label($func); - $func=$under.$func; - - local($tmp)=<<"EOF"; -.text - .align $align -.globl $func -EOF - push(@out,$tmp); - if ($main::cpp) - { push(@out,"\tTYPE($func,\@function)\n"); } - elsif ($main::gaswin) - { $tmp=push(@out,"\t.def\t$func;\t.scl\t2;\t.type\t32;\t.endef\n"); } - else { push(@out,"\t.type $func,\@function\n"); } - push(@out,"$func:\n"); - $stack=4; - } - -sub main::function_end - { - local($func)=@_; - - $func=$under.$func; - - local($tmp)=<<"EOF"; - popl %edi - popl %esi - popl %ebx - popl %ebp - ret -.${func}_end: -EOF - push(@out,$tmp); - if ($main::cpp) - { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); } - elsif ($main::gaswin) - { $tmp=push(@out,"\t.align 4\n"); } - else { push(@out,"\t.size\t$func,.${func}_end-$func\n"); } - push(@out,".ident \"$func\"\n"); - $stack=0; - %label=(); - } - -sub main::function_end_A - { - local($func)=@_; - - local($tmp)=<<"EOF"; - popl %edi - popl %esi - popl %ebx - popl %ebp - ret -EOF - push(@out,$tmp); - } - -sub main::function_end_B - { - local($func)=@_; - - $func=$under.$func; - - push(@out,".L_${func}_end:\n"); - if ($main::cpp) - { push(@out,"\tSIZE($func,.L_${func}_end-$func)\n"); } - elsif ($main::gaswin) - { push(@out,"\t.align 4\n"); } - else { push(@out,"\t.size\t$func,.L_${func}_end-$func\n"); } - push(@out,".ident \"desasm.pl\"\n"); - $stack=0; - %label=(); - } - -sub main::wparam - { - local($num)=@_; - - return(&main::DWP($stack+$num*4,"esp","",0)); - } - -sub main::stack_push - { - local($num)=@_; - $stack+=$num*4; - &main::sub("esp",$num*4); - } - -sub main::stack_pop - { - local($num)=@_; - $stack-=$num*4; - &main::add("esp",$num*4); - } - -sub main::swtmp - { - return(&main::DWP($_[0]*4,"esp","",0)); - } - -# Should use swtmp, which is above esp. Linix can trash the stack above esp -#sub main::wtmp -# { -# local($num)=@_; -# -# return(&main::DWP(-($num+1)*4,"esp","",0)); -# } - -sub main::comment - { - foreach (@_) - { - if (/^\s*$/) - { push(@out,"\n"); } - else - { push(@out,"\t$com_start $_ $com_end\n"); } - } - } - -sub main::label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}=".${label}${_[0]}"; - $label++; - } - return($label{$_[0]}); - } - -sub main::set_label - { - if (!defined($label{$_[0]})) - { - $label{$_[0]}=".${label}${_[0]}"; - $label++; - } - push(@out,".align $align\n") if ($_[1] != 0); - push(@out,"$label{$_[0]}:\n"); - } - -sub main::file_end - { - } - -sub main::data_word - { - push(@out,"\t.long $_[0]\n"); - } - -## -## Additional functions required for MMX and other ops -## -sub main::testb { &out2('testb', @_) } -sub main::movzx { &out2('movzx', @_) } -sub main::movd { &out2('movd', @_) } -sub main::emms { &out0('emms', @_) } |