Head

GCC Code Coverage Report

Directory:	./		Exec	Total	Coverage
File:	lib/libcrypto/des/des_enc.c	Lines:	178	178	100.0 %
Date:	2017-11-13	Branches:	26	32	81.3 %


/* $OpenBSD: des_enc.c,v 1.12 2014/10/28 07:35:58 jsg Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 *
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 *
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 *
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include "des_locl.h"
#include "spr.h"

#ifndef OPENBSD_DES_ASM

void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
	{
	DES_LONG l,r,t,u;
#ifdef DES_PTR
	const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
#endif
#ifndef DES_UNROLL
	int i;
#endif
	DES_LONG *s;

	r=data[0];
	l=data[1];

	IP(r,l);
	/* Things have been modified so that the initial rotate is
	 * done outside the loop.  This required the
	 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
	 * One perl script later and things have a 5% speed up on a sparc2.
	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
	 * for pointing this out. */
	/* clear the top bits on machines with 8byte longs */
	/* shift left by 2 */
	r=ROTATE(r,29)&0xffffffffL;
	l=ROTATE(l,29)&0xffffffffL;

	s=ks->ks->deslong;
	/* I don't know if it is worth the effort of loop unrolling the
	 * inner loop */
	if (enc)
		{
#ifdef DES_UNROLL
		D_ENCRYPT(l,r, 0); /*  1 */
		D_ENCRYPT(r,l, 2); /*  2 */
		D_ENCRYPT(l,r, 4); /*  3 */
		D_ENCRYPT(r,l, 6); /*  4 */
		D_ENCRYPT(l,r, 8); /*  5 */
		D_ENCRYPT(r,l,10); /*  6 */
		D_ENCRYPT(l,r,12); /*  7 */
		D_ENCRYPT(r,l,14); /*  8 */
		D_ENCRYPT(l,r,16); /*  9 */
		D_ENCRYPT(r,l,18); /*  10 */
		D_ENCRYPT(l,r,20); /*  11 */
		D_ENCRYPT(r,l,22); /*  12 */
		D_ENCRYPT(l,r,24); /*  13 */
		D_ENCRYPT(r,l,26); /*  14 */
		D_ENCRYPT(l,r,28); /*  15 */
		D_ENCRYPT(r,l,30); /*  16 */
#else
		for (i=0; i<32; i+=4)
			{
			D_ENCRYPT(l,r,i+0); /*  1 */
			D_ENCRYPT(r,l,i+2); /*  2 */
			}
#endif
		}
	else
		{
#ifdef DES_UNROLL
		D_ENCRYPT(l,r,30); /* 16 */
		D_ENCRYPT(r,l,28); /* 15 */
		D_ENCRYPT(l,r,26); /* 14 */
		D_ENCRYPT(r,l,24); /* 13 */
		D_ENCRYPT(l,r,22); /* 12 */
		D_ENCRYPT(r,l,20); /* 11 */
		D_ENCRYPT(l,r,18); /* 10 */
		D_ENCRYPT(r,l,16); /*  9 */
		D_ENCRYPT(l,r,14); /*  8 */
		D_ENCRYPT(r,l,12); /*  7 */
		D_ENCRYPT(l,r,10); /*  6 */
		D_ENCRYPT(r,l, 8); /*  5 */
		D_ENCRYPT(l,r, 6); /*  4 */
		D_ENCRYPT(r,l, 4); /*  3 */
		D_ENCRYPT(l,r, 2); /*  2 */
		D_ENCRYPT(r,l, 0); /*  1 */
#else
		for (i=30; i>0; i-=4)
			{
			D_ENCRYPT(l,r,i-0); /* 16 */
			D_ENCRYPT(r,l,i-2); /* 15 */
			}
#endif
		}

	/* rotate and clear the top bits on machines with 8byte longs */
	l=ROTATE(l,3)&0xffffffffL;
	r=ROTATE(r,3)&0xffffffffL;

	FP(r,l);
	data[0]=l;
	data[1]=r;
	l=r=t=u=0;
	}

void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
	{
	DES_LONG l,r,t,u;
#ifdef DES_PTR
	const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
#endif
#ifndef DES_UNROLL
	int i;
#endif
	DES_LONG *s;

	r=data[0];
	l=data[1];

	/* Things have been modified so that the initial rotate is
	 * done outside the loop.  This required the
	 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
	 * One perl script later and things have a 5% speed up on a sparc2.
	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
	 * for pointing this out. */
	/* clear the top bits on machines with 8byte longs */
	r=ROTATE(r,29)&0xffffffffL;
	l=ROTATE(l,29)&0xffffffffL;

	s=ks->ks->deslong;
	/* I don't know if it is worth the effort of loop unrolling the
	 * inner loop */
	if (enc)
		{
#ifdef DES_UNROLL
		D_ENCRYPT(l,r, 0); /*  1 */
		D_ENCRYPT(r,l, 2); /*  2 */
		D_ENCRYPT(l,r, 4); /*  3 */
		D_ENCRYPT(r,l, 6); /*  4 */
		D_ENCRYPT(l,r, 8); /*  5 */
		D_ENCRYPT(r,l,10); /*  6 */
		D_ENCRYPT(l,r,12); /*  7 */
		D_ENCRYPT(r,l,14); /*  8 */
		D_ENCRYPT(l,r,16); /*  9 */
		D_ENCRYPT(r,l,18); /*  10 */
		D_ENCRYPT(l,r,20); /*  11 */
		D_ENCRYPT(r,l,22); /*  12 */
		D_ENCRYPT(l,r,24); /*  13 */
		D_ENCRYPT(r,l,26); /*  14 */
		D_ENCRYPT(l,r,28); /*  15 */
		D_ENCRYPT(r,l,30); /*  16 */
#else
		for (i=0; i<32; i+=4)
			{
			D_ENCRYPT(l,r,i+0); /*  1 */
			D_ENCRYPT(r,l,i+2); /*  2 */
			}
#endif
		}
	else
		{
#ifdef DES_UNROLL
		D_ENCRYPT(l,r,30); /* 16 */
		D_ENCRYPT(r,l,28); /* 15 */
		D_ENCRYPT(l,r,26); /* 14 */
		D_ENCRYPT(r,l,24); /* 13 */
		D_ENCRYPT(l,r,22); /* 12 */
		D_ENCRYPT(r,l,20); /* 11 */
		D_ENCRYPT(l,r,18); /* 10 */
		D_ENCRYPT(r,l,16); /*  9 */
		D_ENCRYPT(l,r,14); /*  8 */
		D_ENCRYPT(r,l,12); /*  7 */
		D_ENCRYPT(l,r,10); /*  6 */
		D_ENCRYPT(r,l, 8); /*  5 */
		D_ENCRYPT(l,r, 6); /*  4 */
		D_ENCRYPT(r,l, 4); /*  3 */
		D_ENCRYPT(l,r, 2); /*  2 */
		D_ENCRYPT(r,l, 0); /*  1 */
#else
		for (i=30; i>0; i-=4)
			{
			D_ENCRYPT(l,r,i-0); /* 16 */
			D_ENCRYPT(r,l,i-2); /* 15 */
			}
#endif
		}
	/* rotate and clear the top bits on machines with 8byte longs */
	data[0]=ROTATE(l,3)&0xffffffffL;
	data[1]=ROTATE(r,3)&0xffffffffL;
	l=r=t=u=0;
	}

#endif /* OPENBSD_DES_ASM */

void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
		  DES_key_schedule *ks2, DES_key_schedule *ks3)
	{
	DES_LONG l,r;

	l=data[0];
	r=data[1];
	IP(l,r);
	data[0]=l;
	data[1]=r;
	DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
	DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
	DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
	l=data[0];
	r=data[1];
	FP(r,l);
	data[0]=l;
	data[1]=r;
	}

void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
		  DES_key_schedule *ks2, DES_key_schedule *ks3)
	{
	DES_LONG l,r;

	l=data[0];
	r=data[1];
	IP(l,r);
	data[0]=l;
	data[1]=r;
	DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
	DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
	DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
	l=data[0];
	r=data[1];
	FP(r,l);
	data[0]=l;
	data[1]=r;
	}

#ifndef DES_DEFAULT_OPTIONS

#undef CBC_ENC_C__DONT_UPDATE_IV
#include "ncbc_enc.c" /* DES_ncbc_encrypt */

void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
			  long length, DES_key_schedule *ks1,
			  DES_key_schedule *ks2, DES_key_schedule *ks3,
			  DES_cblock *ivec, int enc)
	{
	DES_LONG tin0,tin1;
	DES_LONG tout0,tout1,xor0,xor1;
	const unsigned char *in;
	unsigned char *out;
	long l=length;
	DES_LONG tin[2];
	unsigned char *iv;

	in=input;
	out=output;
	iv = &(*ivec)[0];

	if (enc)
		{
		c2l(iv,tout0);
		c2l(iv,tout1);
		for (l-=8; l>=0; l-=8)
			{
			c2l(in,tin0);
			c2l(in,tin1);
			tin0^=tout0;
			tin1^=tout1;

			tin[0]=tin0;
			tin[1]=tin1;
			DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
			tout0=tin[0];
			tout1=tin[1];

			l2c(tout0,out);
			l2c(tout1,out);
			}
		if (l != -8)
			{
			c2ln(in,tin0,tin1,l+8);
			tin0^=tout0;
			tin1^=tout1;

			tin[0]=tin0;
			tin[1]=tin1;
			DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
			tout0=tin[0];
			tout1=tin[1];

			l2c(tout0,out);
			l2c(tout1,out);
			}
		iv = &(*ivec)[0];
		l2c(tout0,iv);
		l2c(tout1,iv);
		}
	else
		{
		DES_LONG t0,t1;

		c2l(iv,xor0);
		c2l(iv,xor1);
		for (l-=8; l>=0; l-=8)
			{
			c2l(in,tin0);
			c2l(in,tin1);

			t0=tin0;
			t1=tin1;

			tin[0]=tin0;
			tin[1]=tin1;
			DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
			tout0=tin[0];
			tout1=tin[1];

			tout0^=xor0;
			tout1^=xor1;
			l2c(tout0,out);
			l2c(tout1,out);
			xor0=t0;
			xor1=t1;
			}
		if (l != -8)
			{
			c2l(in,tin0);
			c2l(in,tin1);

			t0=tin0;
			t1=tin1;

			tin[0]=tin0;
			tin[1]=tin1;
			DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
			tout0=tin[0];
			tout1=tin[1];

			tout0^=xor0;
			tout1^=xor1;
			l2cn(tout0,tout1,out,l+8);
			xor0=t0;
			xor1=t1;
			}

		iv = &(*ivec)[0];
		l2c(xor0,iv);
		l2c(xor1,iv);
		}
	tin0=tin1=tout0=tout1=xor0=xor1=0;
	tin[0]=tin[1]=0;
	}

#endif /* DES_DEFAULT_OPTIONS */


Generated by: GCOVR (Version 3.3)

Line	Branch	Exec	Source
1			/* $OpenBSD: des_enc.c,v 1.12 2014/10/28 07:35:58 jsg Exp $ */
2			/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3			* All rights reserved.
4			*
5			* This package is an SSL implementation written
6			* by Eric Young (eay@cryptsoft.com).
7			* The implementation was written so as to conform with Netscapes SSL.
8			*
9			* This library is free for commercial and non-commercial use as long as
10			* the following conditions are aheared to. The following conditions
11			* apply to all code found in this distribution, be it the RC4, RSA,
12			* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13			* included with this distribution is covered by the same copyright terms
14			* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15			*
16			* Copyright remains Eric Young's, and as such any Copyright notices in
17			* the code are not to be removed.
18			* If this package is used in a product, Eric Young should be given attribution
19			* as the author of the parts of the library used.
20			* This can be in the form of a textual message at program startup or
21			* in documentation (online or textual) provided with the package.
22			*
23			* Redistribution and use in source and binary forms, with or without
24			* modification, are permitted provided that the following conditions
25			* are met:
26			* 1. Redistributions of source code must retain the copyright
27			* notice, this list of conditions and the following disclaimer.
28			* 2. Redistributions in binary form must reproduce the above copyright
29			* notice, this list of conditions and the following disclaimer in the
30			* documentation and/or other materials provided with the distribution.
31			* 3. All advertising materials mentioning features or use of this software
32			* must display the following acknowledgement:
33			* "This product includes cryptographic software written by
34			* Eric Young (eay@cryptsoft.com)"
35			* The word 'cryptographic' can be left out if the rouines from the library
36			* being used are not cryptographic related :-).
37			* 4. If you include any Windows specific code (or a derivative thereof) from
38			* the apps directory (application code) you must include an acknowledgement:
39			* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40			*
41			* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42			* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43			* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44			* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45			* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46			* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47			* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48			* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49			* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50			* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51			* SUCH DAMAGE.
52			*
53			* The licence and distribution terms for any publically available version or
54			* derivative of this code cannot be changed. i.e. this code cannot simply be
55			* copied and put under another distribution licence
56			* [including the GNU Public Licence.]
57			*/
58
59			#include "des_locl.h"
60			#include "spr.h"
61
62			#ifndef OPENBSD_DES_ASM
63
64			void DES_encrypt1(DES_LONG data, DES_key_schedule ks, int enc)
65			{
66			DES_LONG l,r,t,u;
67			#ifdef DES_PTR
68			const unsigned char des_SP=(const unsigned char )DES_SPtrans;
69			#endif
70			#ifndef DES_UNROLL
71			int i;
72			#endif
73			DES_LONG *s;
74
75		26860	r=data[0];
76		13430	l=data[1];
77
78		13430	IP(r,l);
79			/* Things have been modified so that the initial rotate is
80			* done outside the loop. This required the
81			* DES_SPtrans values in sp.h to be rotated 1 bit to the right.
82			* One perl script later and things have a 5% speed up on a sparc2.
83			* Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
84			* for pointing this out. */
85			/* clear the top bits on machines with 8byte longs */
86			/* shift left by 2 */
87		13430	r=ROTATE(r,29)&0xffffffffL;
88		13430	l=ROTATE(l,29)&0xffffffffL;
89
90		13430	s=ks->ks->deslong;
91			/* I don't know if it is worth the effort of loop unrolling the
92			* inner loop */
93	✓✓	13430	if (enc)
94			{
95			#ifdef DES_UNROLL
96		11335	D_ENCRYPT(l,r, 0); /* 1 */
97		11335	D_ENCRYPT(r,l, 2); /* 2 */
98		11335	D_ENCRYPT(l,r, 4); /* 3 */
99		11335	D_ENCRYPT(r,l, 6); /* 4 */
100		11335	D_ENCRYPT(l,r, 8); /* 5 */
101		11335	D_ENCRYPT(r,l,10); /* 6 */
102		11335	D_ENCRYPT(l,r,12); /* 7 */
103		11335	D_ENCRYPT(r,l,14); /* 8 */
104		11335	D_ENCRYPT(l,r,16); /* 9 */
105		11335	D_ENCRYPT(r,l,18); /* 10 */
106		11335	D_ENCRYPT(l,r,20); /* 11 */
107		11335	D_ENCRYPT(r,l,22); /* 12 */
108		11335	D_ENCRYPT(l,r,24); /* 13 */
109		11335	D_ENCRYPT(r,l,26); /* 14 */
110		11335	D_ENCRYPT(l,r,28); /* 15 */
111		11335	D_ENCRYPT(r,l,30); /* 16 */
112			#else
113			for (i=0; i<32; i+=4)
114			{
115			D_ENCRYPT(l,r,i+0); /* 1 */
116			D_ENCRYPT(r,l,i+2); /* 2 */
117			}
118			#endif
119		11335	}
120			else
121			{
122			#ifdef DES_UNROLL
123		2095	D_ENCRYPT(l,r,30); /* 16 */
124		2095	D_ENCRYPT(r,l,28); /* 15 */
125		2095	D_ENCRYPT(l,r,26); /* 14 */
126		2095	D_ENCRYPT(r,l,24); /* 13 */
127		2095	D_ENCRYPT(l,r,22); /* 12 */
128		2095	D_ENCRYPT(r,l,20); /* 11 */
129		2095	D_ENCRYPT(l,r,18); /* 10 */
130		2095	D_ENCRYPT(r,l,16); /* 9 */
131		2095	D_ENCRYPT(l,r,14); /* 8 */
132		2095	D_ENCRYPT(r,l,12); /* 7 */
133		2095	D_ENCRYPT(l,r,10); /* 6 */
134		2095	D_ENCRYPT(r,l, 8); /* 5 */
135		2095	D_ENCRYPT(l,r, 6); /* 4 */
136		2095	D_ENCRYPT(r,l, 4); /* 3 */
137		2095	D_ENCRYPT(l,r, 2); /* 2 */
138		2095	D_ENCRYPT(r,l, 0); /* 1 */
139			#else
140			for (i=30; i>0; i-=4)
141			{
142			D_ENCRYPT(l,r,i-0); /* 16 */
143			D_ENCRYPT(r,l,i-2); /* 15 */
144			}
145			#endif
146			}
147
148			/* rotate and clear the top bits on machines with 8byte longs */
149		13430	l=ROTATE(l,3)&0xffffffffL;
150		13430	r=ROTATE(r,3)&0xffffffffL;
151
152		13430	FP(r,l);
153		13430	data[0]=l;
154		13430	data[1]=r;
155			l=r=t=u=0;
156		13430	}
157
158			void DES_encrypt2(DES_LONG data, DES_key_schedule ks, int enc)
159			{
160			DES_LONG l,r,t,u;
161			#ifdef DES_PTR
162			const unsigned char des_SP=(const unsigned char )DES_SPtrans;
163			#endif
164			#ifndef DES_UNROLL
165			int i;
166			#endif
167			DES_LONG *s;
168
169		50052	r=data[0];
170		25026	l=data[1];
171
172			/* Things have been modified so that the initial rotate is
173			* done outside the loop. This required the
174			* DES_SPtrans values in sp.h to be rotated 1 bit to the right.
175			* One perl script later and things have a 5% speed up on a sparc2.
176			* Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
177			* for pointing this out. */
178			/* clear the top bits on machines with 8byte longs */
179		25026	r=ROTATE(r,29)&0xffffffffL;
180		25026	l=ROTATE(l,29)&0xffffffffL;
181
182		25026	s=ks->ks->deslong;
183			/* I don't know if it is worth the effort of loop unrolling the
184			* inner loop */
185	✓✓	25026	if (enc)
186			{
187			#ifdef DES_UNROLL
188		14480	D_ENCRYPT(l,r, 0); /* 1 */
189		14480	D_ENCRYPT(r,l, 2); /* 2 */
190		14480	D_ENCRYPT(l,r, 4); /* 3 */
191		14480	D_ENCRYPT(r,l, 6); /* 4 */
192		14480	D_ENCRYPT(l,r, 8); /* 5 */
193		14480	D_ENCRYPT(r,l,10); /* 6 */
194		14480	D_ENCRYPT(l,r,12); /* 7 */
195		14480	D_ENCRYPT(r,l,14); /* 8 */
196		14480	D_ENCRYPT(l,r,16); /* 9 */
197		14480	D_ENCRYPT(r,l,18); /* 10 */
198		14480	D_ENCRYPT(l,r,20); /* 11 */
199		14480	D_ENCRYPT(r,l,22); /* 12 */
200		14480	D_ENCRYPT(l,r,24); /* 13 */
201		14480	D_ENCRYPT(r,l,26); /* 14 */
202		14480	D_ENCRYPT(l,r,28); /* 15 */
203		14480	D_ENCRYPT(r,l,30); /* 16 */
204			#else
205			for (i=0; i<32; i+=4)
206			{
207			D_ENCRYPT(l,r,i+0); /* 1 */
208			D_ENCRYPT(r,l,i+2); /* 2 */
209			}
210			#endif
211		14480	}
212			else
213			{
214			#ifdef DES_UNROLL
215		10546	D_ENCRYPT(l,r,30); /* 16 */
216		10546	D_ENCRYPT(r,l,28); /* 15 */
217		10546	D_ENCRYPT(l,r,26); /* 14 */
218		10546	D_ENCRYPT(r,l,24); /* 13 */
219		10546	D_ENCRYPT(l,r,22); /* 12 */
220		10546	D_ENCRYPT(r,l,20); /* 11 */
221		10546	D_ENCRYPT(l,r,18); /* 10 */
222		10546	D_ENCRYPT(r,l,16); /* 9 */
223		10546	D_ENCRYPT(l,r,14); /* 8 */
224		10546	D_ENCRYPT(r,l,12); /* 7 */
225		10546	D_ENCRYPT(l,r,10); /* 6 */
226		10546	D_ENCRYPT(r,l, 8); /* 5 */
227		10546	D_ENCRYPT(l,r, 6); /* 4 */
228		10546	D_ENCRYPT(r,l, 4); /* 3 */
229		10546	D_ENCRYPT(l,r, 2); /* 2 */
230		10546	D_ENCRYPT(r,l, 0); /* 1 */
231			#else
232			for (i=30; i>0; i-=4)
233			{
234			D_ENCRYPT(l,r,i-0); /* 16 */
235			D_ENCRYPT(r,l,i-2); /* 15 */
236			}
237			#endif
238			}
239			/* rotate and clear the top bits on machines with 8byte longs */
240		25026	data[0]=ROTATE(l,3)&0xffffffffL;
241		25026	data[1]=ROTATE(r,3)&0xffffffffL;
242			l=r=t=u=0;
243		25026	}
244
245			#endif /* OPENBSD_DES_ASM */
246
247			void DES_encrypt3(DES_LONG data, DES_key_schedule ks1,
248			DES_key_schedule ks2, DES_key_schedule ks3)
249			{
250			DES_LONG l,r;
251
252		12276	l=data[0];
253		6138	r=data[1];
254		6138	IP(l,r);
255		6138	data[0]=l;
256		6138	data[1]=r;
257		6138	DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
258		6138	DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
259		6138	DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
260		6138	l=data[0];
261		6138	r=data[1];
262		6138	FP(r,l);
263		6138	data[0]=l;
264		6138	data[1]=r;
265		6138	}
266
267			void DES_decrypt3(DES_LONG data, DES_key_schedule ks1,
268			DES_key_schedule ks2, DES_key_schedule ks3)
269			{
270			DES_LONG l,r;
271
272		4408	l=data[0];
273		2204	r=data[1];
274		2204	IP(l,r);
275		2204	data[0]=l;
276		2204	data[1]=r;
277		2204	DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
278		2204	DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
279		2204	DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
280		2204	l=data[0];
281		2204	r=data[1];
282		2204	FP(r,l);
283		2204	data[0]=l;
284		2204	data[1]=r;
285		2204	}
286
287			#ifndef DES_DEFAULT_OPTIONS
288
289			#undef CBC_ENC_C__DONT_UPDATE_IV
290			#include "ncbc_enc.c" /* DES_ncbc_encrypt */
291
292			void DES_ede3_cbc_encrypt(const unsigned char input, unsigned char output,
293			long length, DES_key_schedule *ks1,
294			DES_key_schedule ks2, DES_key_schedule ks3,
295			DES_cblock *ivec, int enc)
296			{
297			DES_LONG tin0,tin1;
298			DES_LONG tout0,tout1,xor0,xor1;
299			const unsigned char *in;
300			unsigned char *out;
301			long l=length;
302		582	DES_LONG tin[2];
303			unsigned char *iv;
304
305			in=input;
306			out=output;
307		291	iv = &(*ivec)[0];
308
309	✓✓	291	if (enc)
310			{
311		177	c2l(iv,tout0);
312		177	c2l(iv,tout1);
313	✓✓	3600	for (l-=8; l>=0; l-=8)
314			{
315		1623	c2l(in,tin0);
316		1623	c2l(in,tin1);
317		1623	tin0^=tout0;
318		1623	tin1^=tout1;
319
320		1623	tin[0]=tin0;
321		1623	tin[1]=tin1;
322		1623	DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
323		1623	tout0=tin[0];
324		1623	tout1=tin[1];
325
326		1623	l2c(tout0,out);
327		1623	l2c(tout1,out);
328			}
329	✓✓	177	if (l != -8)
330			{
331	✗✗✗✓ ✓✓✓✓ ✓	33	c2ln(in,tin0,tin1,l+8);
332		3	tin0^=tout0;
333		3	tin1^=tout1;
334
335		3	tin[0]=tin0;
336		3	tin[1]=tin1;
337		3	DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
338		3	tout0=tin[0];
339		3	tout1=tin[1];
340
341		3	l2c(tout0,out);
342		3	l2c(tout1,out);
343		3	}
344			iv = &(*ivec)[0];
345		177	l2c(tout0,iv);
346		177	l2c(tout1,iv);
347		177	}
348			else
349			{
350			DES_LONG t0,t1;
351
352		114	c2l(iv,xor0);
353		114	c2l(iv,xor1);
354	✓✓	2686	for (l-=8; l>=0; l-=8)
355			{
356		1229	c2l(in,tin0);
357		1229	c2l(in,tin1);
358
359			t0=tin0;
360			t1=tin1;
361
362		1229	tin[0]=tin0;
363		1229	tin[1]=tin1;
364		1229	DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
365		1229	tout0=tin[0];
366		1229	tout1=tin[1];
367
368		1229	tout0^=xor0;
369		1229	tout1^=xor1;
370		1229	l2c(tout0,out);
371		1229	l2c(tout1,out);
372			xor0=t0;
373			xor1=t1;
374			}
375	✓✓	114	if (l != -8)
376			{
377		18	c2l(in,tin0);
378		18	c2l(in,tin1);
379
380			t0=tin0;
381			t1=tin1;
382
383		18	tin[0]=tin0;
384		18	tin[1]=tin1;
385		18	DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
386		18	tout0=tin[0];
387		18	tout1=tin[1];
388
389		18	tout0^=xor0;
390		18	tout1^=xor1;
391	✗✗✗✓ ✓✓✓✓ ✓	33	l2cn(tout0,tout1,out,l+8);
392			xor0=t0;
393			xor1=t1;
394		3	}
395
396			iv = &(*ivec)[0];
397		114	l2c(xor0,iv);
398		114	l2c(xor1,iv);
399			}
400			tin0=tin1=tout0=tout1=xor0=xor1=0;
401		291	tin[0]=tin[1]=0;
402		291	}
403
404			#endif /* DES_DEFAULT_OPTIONS */