GCC Code Coverage Report | |||||||||||||||||||||
|
|||||||||||||||||||||
Line | Branch | Exec | Source |
1 |
/* $OpenBSD: des_enc.c,v 1.12 2014/10/28 07:35:58 jsg Exp $ */ |
||
2 |
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
||
3 |
* All rights reserved. |
||
4 |
* |
||
5 |
* This package is an SSL implementation written |
||
6 |
* by Eric Young (eay@cryptsoft.com). |
||
7 |
* The implementation was written so as to conform with Netscapes SSL. |
||
8 |
* |
||
9 |
* This library is free for commercial and non-commercial use as long as |
||
10 |
* the following conditions are aheared to. The following conditions |
||
11 |
* apply to all code found in this distribution, be it the RC4, RSA, |
||
12 |
* lhash, DES, etc., code; not just the SSL code. The SSL documentation |
||
13 |
* included with this distribution is covered by the same copyright terms |
||
14 |
* except that the holder is Tim Hudson (tjh@cryptsoft.com). |
||
15 |
* |
||
16 |
* Copyright remains Eric Young's, and as such any Copyright notices in |
||
17 |
* the code are not to be removed. |
||
18 |
* If this package is used in a product, Eric Young should be given attribution |
||
19 |
* as the author of the parts of the library used. |
||
20 |
* This can be in the form of a textual message at program startup or |
||
21 |
* in documentation (online or textual) provided with the package. |
||
22 |
* |
||
23 |
* Redistribution and use in source and binary forms, with or without |
||
24 |
* modification, are permitted provided that the following conditions |
||
25 |
* are met: |
||
26 |
* 1. Redistributions of source code must retain the copyright |
||
27 |
* notice, this list of conditions and the following disclaimer. |
||
28 |
* 2. Redistributions in binary form must reproduce the above copyright |
||
29 |
* notice, this list of conditions and the following disclaimer in the |
||
30 |
* documentation and/or other materials provided with the distribution. |
||
31 |
* 3. All advertising materials mentioning features or use of this software |
||
32 |
* must display the following acknowledgement: |
||
33 |
* "This product includes cryptographic software written by |
||
34 |
* Eric Young (eay@cryptsoft.com)" |
||
35 |
* The word 'cryptographic' can be left out if the rouines from the library |
||
36 |
* being used are not cryptographic related :-). |
||
37 |
* 4. If you include any Windows specific code (or a derivative thereof) from |
||
38 |
* the apps directory (application code) you must include an acknowledgement: |
||
39 |
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
||
40 |
* |
||
41 |
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
||
42 |
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
||
43 |
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
||
44 |
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
||
45 |
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
||
46 |
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
||
47 |
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
||
48 |
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
||
49 |
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
||
50 |
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
||
51 |
* SUCH DAMAGE. |
||
52 |
* |
||
53 |
* The licence and distribution terms for any publically available version or |
||
54 |
* derivative of this code cannot be changed. i.e. this code cannot simply be |
||
55 |
* copied and put under another distribution licence |
||
56 |
* [including the GNU Public Licence.] |
||
57 |
*/ |
||
58 |
|||
59 |
#include "des_locl.h" |
||
60 |
#include "spr.h" |
||
61 |
|||
62 |
#ifndef OPENBSD_DES_ASM |
||
63 |
|||
64 |
void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc) |
||
65 |
{ |
||
66 |
DES_LONG l,r,t,u; |
||
67 |
#ifdef DES_PTR |
||
68 |
const unsigned char *des_SP=(const unsigned char *)DES_SPtrans; |
||
69 |
#endif |
||
70 |
#ifndef DES_UNROLL |
||
71 |
int i; |
||
72 |
#endif |
||
73 |
DES_LONG *s; |
||
74 |
|||
75 |
26860 |
r=data[0]; |
|
76 |
13430 |
l=data[1]; |
|
77 |
|||
78 |
13430 |
IP(r,l); |
|
79 |
/* Things have been modified so that the initial rotate is |
||
80 |
* done outside the loop. This required the |
||
81 |
* DES_SPtrans values in sp.h to be rotated 1 bit to the right. |
||
82 |
* One perl script later and things have a 5% speed up on a sparc2. |
||
83 |
* Thanks to Richard Outerbridge <71755.204@CompuServe.COM> |
||
84 |
* for pointing this out. */ |
||
85 |
/* clear the top bits on machines with 8byte longs */ |
||
86 |
/* shift left by 2 */ |
||
87 |
13430 |
r=ROTATE(r,29)&0xffffffffL; |
|
88 |
13430 |
l=ROTATE(l,29)&0xffffffffL; |
|
89 |
|||
90 |
13430 |
s=ks->ks->deslong; |
|
91 |
/* I don't know if it is worth the effort of loop unrolling the |
||
92 |
* inner loop */ |
||
93 |
✓✓ | 13430 |
if (enc) |
94 |
{ |
||
95 |
#ifdef DES_UNROLL |
||
96 |
11335 |
D_ENCRYPT(l,r, 0); /* 1 */ |
|
97 |
11335 |
D_ENCRYPT(r,l, 2); /* 2 */ |
|
98 |
11335 |
D_ENCRYPT(l,r, 4); /* 3 */ |
|
99 |
11335 |
D_ENCRYPT(r,l, 6); /* 4 */ |
|
100 |
11335 |
D_ENCRYPT(l,r, 8); /* 5 */ |
|
101 |
11335 |
D_ENCRYPT(r,l,10); /* 6 */ |
|
102 |
11335 |
D_ENCRYPT(l,r,12); /* 7 */ |
|
103 |
11335 |
D_ENCRYPT(r,l,14); /* 8 */ |
|
104 |
11335 |
D_ENCRYPT(l,r,16); /* 9 */ |
|
105 |
11335 |
D_ENCRYPT(r,l,18); /* 10 */ |
|
106 |
11335 |
D_ENCRYPT(l,r,20); /* 11 */ |
|
107 |
11335 |
D_ENCRYPT(r,l,22); /* 12 */ |
|
108 |
11335 |
D_ENCRYPT(l,r,24); /* 13 */ |
|
109 |
11335 |
D_ENCRYPT(r,l,26); /* 14 */ |
|
110 |
11335 |
D_ENCRYPT(l,r,28); /* 15 */ |
|
111 |
11335 |
D_ENCRYPT(r,l,30); /* 16 */ |
|
112 |
#else |
||
113 |
for (i=0; i<32; i+=4) |
||
114 |
{ |
||
115 |
D_ENCRYPT(l,r,i+0); /* 1 */ |
||
116 |
D_ENCRYPT(r,l,i+2); /* 2 */ |
||
117 |
} |
||
118 |
#endif |
||
119 |
11335 |
} |
|
120 |
else |
||
121 |
{ |
||
122 |
#ifdef DES_UNROLL |
||
123 |
2095 |
D_ENCRYPT(l,r,30); /* 16 */ |
|
124 |
2095 |
D_ENCRYPT(r,l,28); /* 15 */ |
|
125 |
2095 |
D_ENCRYPT(l,r,26); /* 14 */ |
|
126 |
2095 |
D_ENCRYPT(r,l,24); /* 13 */ |
|
127 |
2095 |
D_ENCRYPT(l,r,22); /* 12 */ |
|
128 |
2095 |
D_ENCRYPT(r,l,20); /* 11 */ |
|
129 |
2095 |
D_ENCRYPT(l,r,18); /* 10 */ |
|
130 |
2095 |
D_ENCRYPT(r,l,16); /* 9 */ |
|
131 |
2095 |
D_ENCRYPT(l,r,14); /* 8 */ |
|
132 |
2095 |
D_ENCRYPT(r,l,12); /* 7 */ |
|
133 |
2095 |
D_ENCRYPT(l,r,10); /* 6 */ |
|
134 |
2095 |
D_ENCRYPT(r,l, 8); /* 5 */ |
|
135 |
2095 |
D_ENCRYPT(l,r, 6); /* 4 */ |
|
136 |
2095 |
D_ENCRYPT(r,l, 4); /* 3 */ |
|
137 |
2095 |
D_ENCRYPT(l,r, 2); /* 2 */ |
|
138 |
2095 |
D_ENCRYPT(r,l, 0); /* 1 */ |
|
139 |
#else |
||
140 |
for (i=30; i>0; i-=4) |
||
141 |
{ |
||
142 |
D_ENCRYPT(l,r,i-0); /* 16 */ |
||
143 |
D_ENCRYPT(r,l,i-2); /* 15 */ |
||
144 |
} |
||
145 |
#endif |
||
146 |
} |
||
147 |
|||
148 |
/* rotate and clear the top bits on machines with 8byte longs */ |
||
149 |
13430 |
l=ROTATE(l,3)&0xffffffffL; |
|
150 |
13430 |
r=ROTATE(r,3)&0xffffffffL; |
|
151 |
|||
152 |
13430 |
FP(r,l); |
|
153 |
13430 |
data[0]=l; |
|
154 |
13430 |
data[1]=r; |
|
155 |
l=r=t=u=0; |
||
156 |
13430 |
} |
|
157 |
|||
158 |
void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc) |
||
159 |
{ |
||
160 |
DES_LONG l,r,t,u; |
||
161 |
#ifdef DES_PTR |
||
162 |
const unsigned char *des_SP=(const unsigned char *)DES_SPtrans; |
||
163 |
#endif |
||
164 |
#ifndef DES_UNROLL |
||
165 |
int i; |
||
166 |
#endif |
||
167 |
DES_LONG *s; |
||
168 |
|||
169 |
50052 |
r=data[0]; |
|
170 |
25026 |
l=data[1]; |
|
171 |
|||
172 |
/* Things have been modified so that the initial rotate is |
||
173 |
* done outside the loop. This required the |
||
174 |
* DES_SPtrans values in sp.h to be rotated 1 bit to the right. |
||
175 |
* One perl script later and things have a 5% speed up on a sparc2. |
||
176 |
* Thanks to Richard Outerbridge <71755.204@CompuServe.COM> |
||
177 |
* for pointing this out. */ |
||
178 |
/* clear the top bits on machines with 8byte longs */ |
||
179 |
25026 |
r=ROTATE(r,29)&0xffffffffL; |
|
180 |
25026 |
l=ROTATE(l,29)&0xffffffffL; |
|
181 |
|||
182 |
25026 |
s=ks->ks->deslong; |
|
183 |
/* I don't know if it is worth the effort of loop unrolling the |
||
184 |
* inner loop */ |
||
185 |
✓✓ | 25026 |
if (enc) |
186 |
{ |
||
187 |
#ifdef DES_UNROLL |
||
188 |
14480 |
D_ENCRYPT(l,r, 0); /* 1 */ |
|
189 |
14480 |
D_ENCRYPT(r,l, 2); /* 2 */ |
|
190 |
14480 |
D_ENCRYPT(l,r, 4); /* 3 */ |
|
191 |
14480 |
D_ENCRYPT(r,l, 6); /* 4 */ |
|
192 |
14480 |
D_ENCRYPT(l,r, 8); /* 5 */ |
|
193 |
14480 |
D_ENCRYPT(r,l,10); /* 6 */ |
|
194 |
14480 |
D_ENCRYPT(l,r,12); /* 7 */ |
|
195 |
14480 |
D_ENCRYPT(r,l,14); /* 8 */ |
|
196 |
14480 |
D_ENCRYPT(l,r,16); /* 9 */ |
|
197 |
14480 |
D_ENCRYPT(r,l,18); /* 10 */ |
|
198 |
14480 |
D_ENCRYPT(l,r,20); /* 11 */ |
|
199 |
14480 |
D_ENCRYPT(r,l,22); /* 12 */ |
|
200 |
14480 |
D_ENCRYPT(l,r,24); /* 13 */ |
|
201 |
14480 |
D_ENCRYPT(r,l,26); /* 14 */ |
|
202 |
14480 |
D_ENCRYPT(l,r,28); /* 15 */ |
|
203 |
14480 |
D_ENCRYPT(r,l,30); /* 16 */ |
|
204 |
#else |
||
205 |
for (i=0; i<32; i+=4) |
||
206 |
{ |
||
207 |
D_ENCRYPT(l,r,i+0); /* 1 */ |
||
208 |
D_ENCRYPT(r,l,i+2); /* 2 */ |
||
209 |
} |
||
210 |
#endif |
||
211 |
14480 |
} |
|
212 |
else |
||
213 |
{ |
||
214 |
#ifdef DES_UNROLL |
||
215 |
10546 |
D_ENCRYPT(l,r,30); /* 16 */ |
|
216 |
10546 |
D_ENCRYPT(r,l,28); /* 15 */ |
|
217 |
10546 |
D_ENCRYPT(l,r,26); /* 14 */ |
|
218 |
10546 |
D_ENCRYPT(r,l,24); /* 13 */ |
|
219 |
10546 |
D_ENCRYPT(l,r,22); /* 12 */ |
|
220 |
10546 |
D_ENCRYPT(r,l,20); /* 11 */ |
|
221 |
10546 |
D_ENCRYPT(l,r,18); /* 10 */ |
|
222 |
10546 |
D_ENCRYPT(r,l,16); /* 9 */ |
|
223 |
10546 |
D_ENCRYPT(l,r,14); /* 8 */ |
|
224 |
10546 |
D_ENCRYPT(r,l,12); /* 7 */ |
|
225 |
10546 |
D_ENCRYPT(l,r,10); /* 6 */ |
|
226 |
10546 |
D_ENCRYPT(r,l, 8); /* 5 */ |
|
227 |
10546 |
D_ENCRYPT(l,r, 6); /* 4 */ |
|
228 |
10546 |
D_ENCRYPT(r,l, 4); /* 3 */ |
|
229 |
10546 |
D_ENCRYPT(l,r, 2); /* 2 */ |
|
230 |
10546 |
D_ENCRYPT(r,l, 0); /* 1 */ |
|
231 |
#else |
||
232 |
for (i=30; i>0; i-=4) |
||
233 |
{ |
||
234 |
D_ENCRYPT(l,r,i-0); /* 16 */ |
||
235 |
D_ENCRYPT(r,l,i-2); /* 15 */ |
||
236 |
} |
||
237 |
#endif |
||
238 |
} |
||
239 |
/* rotate and clear the top bits on machines with 8byte longs */ |
||
240 |
25026 |
data[0]=ROTATE(l,3)&0xffffffffL; |
|
241 |
25026 |
data[1]=ROTATE(r,3)&0xffffffffL; |
|
242 |
l=r=t=u=0; |
||
243 |
25026 |
} |
|
244 |
|||
245 |
#endif /* OPENBSD_DES_ASM */ |
||
246 |
|||
247 |
void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1, |
||
248 |
DES_key_schedule *ks2, DES_key_schedule *ks3) |
||
249 |
{ |
||
250 |
DES_LONG l,r; |
||
251 |
|||
252 |
12276 |
l=data[0]; |
|
253 |
6138 |
r=data[1]; |
|
254 |
6138 |
IP(l,r); |
|
255 |
6138 |
data[0]=l; |
|
256 |
6138 |
data[1]=r; |
|
257 |
6138 |
DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT); |
|
258 |
6138 |
DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT); |
|
259 |
6138 |
DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT); |
|
260 |
6138 |
l=data[0]; |
|
261 |
6138 |
r=data[1]; |
|
262 |
6138 |
FP(r,l); |
|
263 |
6138 |
data[0]=l; |
|
264 |
6138 |
data[1]=r; |
|
265 |
6138 |
} |
|
266 |
|||
267 |
void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1, |
||
268 |
DES_key_schedule *ks2, DES_key_schedule *ks3) |
||
269 |
{ |
||
270 |
DES_LONG l,r; |
||
271 |
|||
272 |
4408 |
l=data[0]; |
|
273 |
2204 |
r=data[1]; |
|
274 |
2204 |
IP(l,r); |
|
275 |
2204 |
data[0]=l; |
|
276 |
2204 |
data[1]=r; |
|
277 |
2204 |
DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT); |
|
278 |
2204 |
DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT); |
|
279 |
2204 |
DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT); |
|
280 |
2204 |
l=data[0]; |
|
281 |
2204 |
r=data[1]; |
|
282 |
2204 |
FP(r,l); |
|
283 |
2204 |
data[0]=l; |
|
284 |
2204 |
data[1]=r; |
|
285 |
2204 |
} |
|
286 |
|||
287 |
#ifndef DES_DEFAULT_OPTIONS |
||
288 |
|||
289 |
#undef CBC_ENC_C__DONT_UPDATE_IV |
||
290 |
#include "ncbc_enc.c" /* DES_ncbc_encrypt */ |
||
291 |
|||
292 |
void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output, |
||
293 |
long length, DES_key_schedule *ks1, |
||
294 |
DES_key_schedule *ks2, DES_key_schedule *ks3, |
||
295 |
DES_cblock *ivec, int enc) |
||
296 |
{ |
||
297 |
DES_LONG tin0,tin1; |
||
298 |
DES_LONG tout0,tout1,xor0,xor1; |
||
299 |
const unsigned char *in; |
||
300 |
unsigned char *out; |
||
301 |
long l=length; |
||
302 |
582 |
DES_LONG tin[2]; |
|
303 |
unsigned char *iv; |
||
304 |
|||
305 |
in=input; |
||
306 |
out=output; |
||
307 |
291 |
iv = &(*ivec)[0]; |
|
308 |
|||
309 |
✓✓ | 291 |
if (enc) |
310 |
{ |
||
311 |
177 |
c2l(iv,tout0); |
|
312 |
177 |
c2l(iv,tout1); |
|
313 |
✓✓ | 3600 |
for (l-=8; l>=0; l-=8) |
314 |
{ |
||
315 |
1623 |
c2l(in,tin0); |
|
316 |
1623 |
c2l(in,tin1); |
|
317 |
1623 |
tin0^=tout0; |
|
318 |
1623 |
tin1^=tout1; |
|
319 |
|||
320 |
1623 |
tin[0]=tin0; |
|
321 |
1623 |
tin[1]=tin1; |
|
322 |
1623 |
DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3); |
|
323 |
1623 |
tout0=tin[0]; |
|
324 |
1623 |
tout1=tin[1]; |
|
325 |
|||
326 |
1623 |
l2c(tout0,out); |
|
327 |
1623 |
l2c(tout1,out); |
|
328 |
} |
||
329 |
✓✓ | 177 |
if (l != -8) |
330 |
{ |
||
331 |
✗✗✗✓ ✓✓✓✓ ✓ |
33 |
c2ln(in,tin0,tin1,l+8); |
332 |
3 |
tin0^=tout0; |
|
333 |
3 |
tin1^=tout1; |
|
334 |
|||
335 |
3 |
tin[0]=tin0; |
|
336 |
3 |
tin[1]=tin1; |
|
337 |
3 |
DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3); |
|
338 |
3 |
tout0=tin[0]; |
|
339 |
3 |
tout1=tin[1]; |
|
340 |
|||
341 |
3 |
l2c(tout0,out); |
|
342 |
3 |
l2c(tout1,out); |
|
343 |
3 |
} |
|
344 |
iv = &(*ivec)[0]; |
||
345 |
177 |
l2c(tout0,iv); |
|
346 |
177 |
l2c(tout1,iv); |
|
347 |
177 |
} |
|
348 |
else |
||
349 |
{ |
||
350 |
DES_LONG t0,t1; |
||
351 |
|||
352 |
114 |
c2l(iv,xor0); |
|
353 |
114 |
c2l(iv,xor1); |
|
354 |
✓✓ | 2686 |
for (l-=8; l>=0; l-=8) |
355 |
{ |
||
356 |
1229 |
c2l(in,tin0); |
|
357 |
1229 |
c2l(in,tin1); |
|
358 |
|||
359 |
t0=tin0; |
||
360 |
t1=tin1; |
||
361 |
|||
362 |
1229 |
tin[0]=tin0; |
|
363 |
1229 |
tin[1]=tin1; |
|
364 |
1229 |
DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3); |
|
365 |
1229 |
tout0=tin[0]; |
|
366 |
1229 |
tout1=tin[1]; |
|
367 |
|||
368 |
1229 |
tout0^=xor0; |
|
369 |
1229 |
tout1^=xor1; |
|
370 |
1229 |
l2c(tout0,out); |
|
371 |
1229 |
l2c(tout1,out); |
|
372 |
xor0=t0; |
||
373 |
xor1=t1; |
||
374 |
} |
||
375 |
✓✓ | 114 |
if (l != -8) |
376 |
{ |
||
377 |
18 |
c2l(in,tin0); |
|
378 |
18 |
c2l(in,tin1); |
|
379 |
|||
380 |
t0=tin0; |
||
381 |
t1=tin1; |
||
382 |
|||
383 |
18 |
tin[0]=tin0; |
|
384 |
18 |
tin[1]=tin1; |
|
385 |
18 |
DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3); |
|
386 |
18 |
tout0=tin[0]; |
|
387 |
18 |
tout1=tin[1]; |
|
388 |
|||
389 |
18 |
tout0^=xor0; |
|
390 |
18 |
tout1^=xor1; |
|
391 |
✗✗✗✓ ✓✓✓✓ ✓ |
33 |
l2cn(tout0,tout1,out,l+8); |
392 |
xor0=t0; |
||
393 |
xor1=t1; |
||
394 |
3 |
} |
|
395 |
|||
396 |
iv = &(*ivec)[0]; |
||
397 |
114 |
l2c(xor0,iv); |
|
398 |
114 |
l2c(xor1,iv); |
|
399 |
} |
||
400 |
tin0=tin1=tout0=tout1=xor0=xor1=0; |
||
401 |
291 |
tin[0]=tin[1]=0; |
|
402 |
291 |
} |
|
403 |
|||
404 |
#endif /* DES_DEFAULT_OPTIONS */ |
Generated by: GCOVR (Version 3.3) |