4 * DES & Triple DES EDE Cipher Algorithms.
6 * Originally released as descore by Dana L. How <how@isl.stanford.edu>.
7 * Modified by Raimar Falke <rf13@inf.tu-dresden.de> for the Linux-Kernel.
8 * Derived from Cryptoapi and Nettle implementations, adapted for in-place
9 * scatterlist interface. Changed LGPL to GPL per section 3 of the LGPL.
11 * Copyright (c) 1992 Dana L. How.
12 * Copyright (c) Raimar Falke <rf13@inf.tu-dresden.de>
13 * Copyright (c) Gisle Sælensminde <gisle@ii.uib.no>
14 * Copyright (C) 2001 Niels Möller.
15 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
17 * This program is free software; you can redistribute it and/or modify
18 * it under the terms of the GNU General Public License as published by
19 * the Free Software Foundation; either version 2 of the License, or
20 * (at your option) any later version.
23 #include <linux/init.h>
24 #include <linux/module.h>
26 #include <linux/errno.h>
27 #include <asm/scatterlist.h>
28 #include <linux/crypto.h>
30 #define DES_KEY_SIZE 8
31 #define DES_EXPKEY_WORDS 32
32 #define DES_BLOCK_SIZE 8
34 #define DES3_EDE_KEY_SIZE (3 * DES_KEY_SIZE)
35 #define DES3_EDE_EXPKEY_WORDS (3 * DES_EXPKEY_WORDS)
36 #define DES3_EDE_BLOCK_SIZE DES_BLOCK_SIZE
38 #define ROR(d,c,o) ((d) = (d) >> (c) | (d) << (o))
41 u32 expkey[DES_EXPKEY_WORDS];
45 u32 expkey[DES3_EDE_EXPKEY_WORDS];
48 static const u32 des_keymap[] = {
49 0x02080008, 0x02082000, 0x00002008, 0x00000000,
50 0x02002000, 0x00080008, 0x02080000, 0x02082008,
51 0x00000008, 0x02000000, 0x00082000, 0x00002008,
52 0x00082008, 0x02002008, 0x02000008, 0x02080000,
53 0x00002000, 0x00082008, 0x00080008, 0x02002000,
54 0x02082008, 0x02000008, 0x00000000, 0x00082000,
55 0x02000000, 0x00080000, 0x02002008, 0x02080008,
56 0x00080000, 0x00002000, 0x02082000, 0x00000008,
57 0x00080000, 0x00002000, 0x02000008, 0x02082008,
58 0x00002008, 0x02000000, 0x00000000, 0x00082000,
59 0x02080008, 0x02002008, 0x02002000, 0x00080008,
60 0x02082000, 0x00000008, 0x00080008, 0x02002000,
61 0x02082008, 0x00080000, 0x02080000, 0x02000008,
62 0x00082000, 0x00002008, 0x02002008, 0x02080000,
63 0x00000008, 0x02082000, 0x00082008, 0x00000000,
64 0x02000000, 0x02080008, 0x00002000, 0x00082008,
66 0x08000004, 0x00020004, 0x00000000, 0x08020200,
67 0x00020004, 0x00000200, 0x08000204, 0x00020000,
68 0x00000204, 0x08020204, 0x00020200, 0x08000000,
69 0x08000200, 0x08000004, 0x08020000, 0x00020204,
70 0x00020000, 0x08000204, 0x08020004, 0x00000000,
71 0x00000200, 0x00000004, 0x08020200, 0x08020004,
72 0x08020204, 0x08020000, 0x08000000, 0x00000204,
73 0x00000004, 0x00020200, 0x00020204, 0x08000200,
74 0x00000204, 0x08000000, 0x08000200, 0x00020204,
75 0x08020200, 0x00020004, 0x00000000, 0x08000200,
76 0x08000000, 0x00000200, 0x08020004, 0x00020000,
77 0x00020004, 0x08020204, 0x00020200, 0x00000004,
78 0x08020204, 0x00020200, 0x00020000, 0x08000204,
79 0x08000004, 0x08020000, 0x00020204, 0x00000000,
80 0x00000200, 0x08000004, 0x08000204, 0x08020200,
81 0x08020000, 0x00000204, 0x00000004, 0x08020004,
83 0x80040100, 0x01000100, 0x80000000, 0x81040100,
84 0x00000000, 0x01040000, 0x81000100, 0x80040000,
85 0x01040100, 0x81000000, 0x01000000, 0x80000100,
86 0x81000000, 0x80040100, 0x00040000, 0x01000000,
87 0x81040000, 0x00040100, 0x00000100, 0x80000000,
88 0x00040100, 0x81000100, 0x01040000, 0x00000100,
89 0x80000100, 0x00000000, 0x80040000, 0x01040100,
90 0x01000100, 0x81040000, 0x81040100, 0x00040000,
91 0x81040000, 0x80000100, 0x00040000, 0x81000000,
92 0x00040100, 0x01000100, 0x80000000, 0x01040000,
93 0x81000100, 0x00000000, 0x00000100, 0x80040000,
94 0x00000000, 0x81040000, 0x01040100, 0x00000100,
95 0x01000000, 0x81040100, 0x80040100, 0x00040000,
96 0x81040100, 0x80000000, 0x01000100, 0x80040100,
97 0x80040000, 0x00040100, 0x01040000, 0x81000100,
98 0x80000100, 0x01000000, 0x81000000, 0x01040100,
100 0x04010801, 0x00000000, 0x00010800, 0x04010000,
101 0x04000001, 0x00000801, 0x04000800, 0x00010800,
102 0x00000800, 0x04010001, 0x00000001, 0x04000800,
103 0x00010001, 0x04010800, 0x04010000, 0x00000001,
104 0x00010000, 0x04000801, 0x04010001, 0x00000800,
105 0x00010801, 0x04000000, 0x00000000, 0x00010001,
106 0x04000801, 0x00010801, 0x04010800, 0x04000001,
107 0x04000000, 0x00010000, 0x00000801, 0x04010801,
108 0x00010001, 0x04010800, 0x04000800, 0x00010801,
109 0x04010801, 0x00010001, 0x04000001, 0x00000000,
110 0x04000000, 0x00000801, 0x00010000, 0x04010001,
111 0x00000800, 0x04000000, 0x00010801, 0x04000801,
112 0x04010800, 0x00000800, 0x00000000, 0x04000001,
113 0x00000001, 0x04010801, 0x00010800, 0x04010000,
114 0x04010001, 0x00010000, 0x00000801, 0x04000800,
115 0x04000801, 0x00000001, 0x04010000, 0x00010800,
117 0x00000400, 0x00000020, 0x00100020, 0x40100000,
118 0x40100420, 0x40000400, 0x00000420, 0x00000000,
119 0x00100000, 0x40100020, 0x40000020, 0x00100400,
120 0x40000000, 0x00100420, 0x00100400, 0x40000020,
121 0x40100020, 0x00000400, 0x40000400, 0x40100420,
122 0x00000000, 0x00100020, 0x40100000, 0x00000420,
123 0x40100400, 0x40000420, 0x00100420, 0x40000000,
124 0x40000420, 0x40100400, 0x00000020, 0x00100000,
125 0x40000420, 0x00100400, 0x40100400, 0x40000020,
126 0x00000400, 0x00000020, 0x00100000, 0x40100400,
127 0x40100020, 0x40000420, 0x00000420, 0x00000000,
128 0x00000020, 0x40100000, 0x40000000, 0x00100020,
129 0x00000000, 0x40100020, 0x00100020, 0x00000420,
130 0x40000020, 0x00000400, 0x40100420, 0x00100000,
131 0x00100420, 0x40000000, 0x40000400, 0x40100420,
132 0x40100000, 0x00100420, 0x00100400, 0x40000400,
134 0x00800000, 0x00001000, 0x00000040, 0x00801042,
135 0x00801002, 0x00800040, 0x00001042, 0x00801000,
136 0x00001000, 0x00000002, 0x00800002, 0x00001040,
137 0x00800042, 0x00801002, 0x00801040, 0x00000000,
138 0x00001040, 0x00800000, 0x00001002, 0x00000042,
139 0x00800040, 0x00001042, 0x00000000, 0x00800002,
140 0x00000002, 0x00800042, 0x00801042, 0x00001002,
141 0x00801000, 0x00000040, 0x00000042, 0x00801040,
142 0x00801040, 0x00800042, 0x00001002, 0x00801000,
143 0x00001000, 0x00000002, 0x00800002, 0x00800040,
144 0x00800000, 0x00001040, 0x00801042, 0x00000000,
145 0x00001042, 0x00800000, 0x00000040, 0x00001002,
146 0x00800042, 0x00000040, 0x00000000, 0x00801042,
147 0x00801002, 0x00801040, 0x00000042, 0x00001000,
148 0x00001040, 0x00801002, 0x00800040, 0x00000042,
149 0x00000002, 0x00001042, 0x00801000, 0x00800002,
151 0x10400000, 0x00404010, 0x00000010, 0x10400010,
152 0x10004000, 0x00400000, 0x10400010, 0x00004010,
153 0x00400010, 0x00004000, 0x00404000, 0x10000000,
154 0x10404010, 0x10000010, 0x10000000, 0x10404000,
155 0x00000000, 0x10004000, 0x00404010, 0x00000010,
156 0x10000010, 0x10404010, 0x00004000, 0x10400000,
157 0x10404000, 0x00400010, 0x10004010, 0x00404000,
158 0x00004010, 0x00000000, 0x00400000, 0x10004010,
159 0x00404010, 0x00000010, 0x10000000, 0x00004000,
160 0x10000010, 0x10004000, 0x00404000, 0x10400010,
161 0x00000000, 0x00404010, 0x00004010, 0x10404000,
162 0x10004000, 0x00400000, 0x10404010, 0x10000000,
163 0x10004010, 0x10400000, 0x00400000, 0x10404010,
164 0x00004000, 0x00400010, 0x10400010, 0x00004010,
165 0x00400010, 0x00000000, 0x10404000, 0x10000010,
166 0x10400000, 0x10004010, 0x00000010, 0x00404000,
168 0x00208080, 0x00008000, 0x20200000, 0x20208080,
169 0x00200000, 0x20008080, 0x20008000, 0x20200000,
170 0x20008080, 0x00208080, 0x00208000, 0x20000080,
171 0x20200080, 0x00200000, 0x00000000, 0x20008000,
172 0x00008000, 0x20000000, 0x00200080, 0x00008080,
173 0x20208080, 0x00208000, 0x20000080, 0x00200080,
174 0x20000000, 0x00000080, 0x00008080, 0x20208000,
175 0x00000080, 0x20200080, 0x20208000, 0x00000000,
176 0x00000000, 0x20208080, 0x00200080, 0x20008000,
177 0x00208080, 0x00008000, 0x20000080, 0x00200080,
178 0x20208000, 0x00000080, 0x00008080, 0x20200000,
179 0x20008080, 0x20000000, 0x20200000, 0x00208000,
180 0x20208080, 0x00008080, 0x00208000, 0x20200080,
181 0x00200000, 0x20000080, 0x20008000, 0x00000000,
182 0x00008000, 0x00200000, 0x20200080, 0x00208080,
183 0x20000000, 0x20208000, 0x00000080, 0x20008080,
186 static const u8 rotors[] = {
187 34, 13, 5, 46, 47, 18, 32, 41, 11, 53, 33, 20,
188 14, 36, 30, 24, 49, 2, 15, 37, 42, 50, 0, 21,
189 38, 48, 6, 26, 39, 4, 52, 25, 12, 27, 31, 40,
190 1, 17, 28, 29, 23, 51, 35, 7, 3, 22, 9, 43,
192 41, 20, 12, 53, 54, 25, 39, 48, 18, 31, 40, 27,
193 21, 43, 37, 0, 1, 9, 22, 44, 49, 2, 7, 28,
194 45, 55, 13, 33, 46, 11, 6, 32, 19, 34, 38, 47,
195 8, 24, 35, 36, 30, 3, 42, 14, 10, 29, 16, 50,
197 55, 34, 26, 38, 11, 39, 53, 5, 32, 45, 54, 41,
198 35, 2, 51, 14, 15, 23, 36, 3, 8, 16, 21, 42,
199 6, 12, 27, 47, 31, 25, 20, 46, 33, 48, 52, 4,
200 22, 7, 49, 50, 44, 17, 1, 28, 24, 43, 30, 9,
202 12, 48, 40, 52, 25, 53, 38, 19, 46, 6, 11, 55,
203 49, 16, 10, 28, 29, 37, 50, 17, 22, 30, 35, 1,
204 20, 26, 41, 4, 45, 39, 34, 31, 47, 5, 13, 18,
205 36, 21, 8, 9, 3, 0, 15, 42, 7, 2, 44, 23,
207 26, 5, 54, 13, 39, 38, 52, 33, 31, 20, 25, 12,
208 8, 30, 24, 42, 43, 51, 9, 0, 36, 44, 49, 15,
209 34, 40, 55, 18, 6, 53, 48, 45, 4, 19, 27, 32,
210 50, 35, 22, 23, 17, 14, 29, 1, 21, 16, 3, 37,
212 40, 19, 11, 27, 53, 52, 13, 47, 45, 34, 39, 26,
213 22, 44, 7, 1, 2, 10, 23, 14, 50, 3, 8, 29,
214 48, 54, 12, 32, 20, 38, 5, 6, 18, 33, 41, 46,
215 9, 49, 36, 37, 0, 28, 43, 15, 35, 30, 17, 51,
217 54, 33, 25, 41, 38, 13, 27, 4, 6, 48, 53, 40,
218 36, 3, 21, 15, 16, 24, 37, 28, 9, 17, 22, 43,
219 5, 11, 26, 46, 34, 52, 19, 20, 32, 47, 55, 31,
220 23, 8, 50, 51, 14, 42, 2, 29, 49, 44, 0, 10,
222 11, 47, 39, 55, 52, 27, 41, 18, 20, 5, 38, 54,
223 50, 17, 35, 29, 30, 7, 51, 42, 23, 0, 36, 2,
224 19, 25, 40, 31, 48, 13, 33, 34, 46, 4, 12, 45,
225 37, 22, 9, 10, 28, 1, 16, 43, 8, 3, 14, 24,
227 18, 54, 46, 5, 6, 34, 48, 25, 27, 12, 45, 4,
228 2, 24, 42, 36, 37, 14, 3, 49, 30, 7, 43, 9,
229 26, 32, 47, 38, 55, 20, 40, 41, 53, 11, 19, 52,
230 44, 29, 16, 17, 35, 8, 23, 50, 15, 10, 21, 0,
232 32, 11, 31, 19, 20, 48, 5, 39, 41, 26, 6, 18,
233 16, 7, 1, 50, 51, 28, 17, 8, 44, 21, 2, 23,
234 40, 46, 4, 52, 12, 34, 54, 55, 38, 25, 33, 13,
235 3, 43, 30, 0, 49, 22, 37, 9, 29, 24, 35, 14,
237 46, 25, 45, 33, 34, 5, 19, 53, 55, 40, 20, 32,
238 30, 21, 15, 9, 10, 42, 0, 22, 3, 35, 16, 37,
239 54, 31, 18, 13, 26, 48, 11, 12, 52, 39, 47, 27,
240 17, 2, 44, 14, 8, 36, 51, 23, 43, 7, 49, 28,
242 31, 39, 6, 47, 48, 19, 33, 38, 12, 54, 34, 46,
243 44, 35, 29, 23, 24, 1, 14, 36, 17, 49, 30, 51,
244 11, 45, 32, 27, 40, 5, 25, 26, 13, 53, 4, 41,
245 0, 16, 3, 28, 22, 50, 10, 37, 2, 21, 8, 42,
247 45, 53, 20, 4, 5, 33, 47, 52, 26, 11, 48, 31,
248 3, 49, 43, 37, 7, 15, 28, 50, 0, 8, 44, 10,
249 25, 6, 46, 41, 54, 19, 39, 40, 27, 38, 18, 55,
250 14, 30, 17, 42, 36, 9, 24, 51, 16, 35, 22, 1,
252 6, 38, 34, 18, 19, 47, 4, 13, 40, 25, 5, 45,
253 17, 8, 2, 51, 21, 29, 42, 9, 14, 22, 3, 24,
254 39, 20, 31, 55, 11, 33, 53, 54, 41, 52, 32, 12,
255 28, 44, 0, 1, 50, 23, 7, 10, 30, 49, 36, 15,
257 20, 52, 48, 32, 33, 4, 18, 27, 54, 39, 19, 6,
258 0, 22, 16, 10, 35, 43, 1, 23, 28, 36, 17, 7,
259 53, 34, 45, 12, 25, 47, 38, 11, 55, 13, 46, 26,
260 42, 3, 14, 15, 9, 37, 21, 24, 44, 8, 50, 29,
262 27, 6, 55, 39, 40, 11, 25, 34, 4, 46, 26, 13,
263 7, 29, 23, 17, 42, 50, 8, 30, 35, 43, 24, 14,
264 31, 41, 52, 19, 32, 54, 45, 18, 5, 20, 53, 33,
265 49, 10, 21, 22, 16, 44, 28, 0, 51, 15, 2, 36,
268 static const u8 parity[] = {
269 8,1,0,8,0,8,8,0,0,8,8,0,8,0,2,8,0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,3,
270 0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0,8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8,
271 0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0,8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8,
272 8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8,0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0,
273 0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0,8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8,
274 8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8,0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0,
275 8,0,0,8,0,8,8,0,0,8,8,0,8,0,0,8,0,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0,
276 4,8,8,0,8,0,0,8,8,0,0,8,0,8,8,0,8,5,0,8,0,8,8,0,0,8,8,0,8,0,6,8,
280 static void des_small_fips_encrypt(u32 *expkey, u8 *dst, const u8 *src)
298 z = ((x >> 004) ^ y) & 0x0F0F0F0FL;
301 z = ((y >> 020) ^ x) & 0x0000FFFFL;
304 z = ((x >> 002) ^ y) & 0x33333333L;
307 z = ((y >> 010) ^ x) & 0x00FF00FFL;
310 x = x >> 1 | x << 31;
311 z = (x ^ y) & 0x55555555L;
314 y = y >> 1 | y << 31;
317 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
319 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
321 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
323 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
326 z = z << 4 | z >> 28;
327 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
329 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
331 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
333 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
336 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
338 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
340 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
342 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
345 z = z << 4 | z >> 28;
346 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
348 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
350 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
352 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
355 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
357 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
359 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
361 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
364 z = z << 4 | z >> 28;
365 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
367 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
369 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
371 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
374 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
376 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
378 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
380 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
383 z = z << 4 | z >> 28;
384 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
386 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
388 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
390 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
393 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
395 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
397 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
399 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
402 z = z << 4 | z >> 28;
403 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
405 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
407 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
409 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
412 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
414 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
416 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
418 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
421 z = z << 4 | z >> 28;
422 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
424 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
426 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
428 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
431 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
433 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
435 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
437 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
440 z = z << 4 | z >> 28;
441 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
443 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
445 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
447 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
450 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
452 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
454 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
456 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
459 z = z << 4 | z >> 28;
460 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
462 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
464 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
466 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
469 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
471 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
473 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
475 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
478 z = z << 4 | z >> 28;
479 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
481 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
483 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
485 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
488 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
490 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
492 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
494 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
497 z = z << 4 | z >> 28;
498 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
500 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
502 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
504 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
507 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
509 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
511 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
513 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
516 z = z << 4 | z >> 28;
517 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
519 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
521 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
523 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
526 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
528 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
530 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
532 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
535 z = z << 4 | z >> 28;
536 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
538 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
540 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
542 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
545 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
547 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
549 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
551 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
554 z = z << 4 | z >> 28;
555 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
557 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
559 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
561 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
564 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
566 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
568 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
570 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
573 z = z << 4 | z >> 28;
574 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
576 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
578 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
580 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
583 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
585 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
587 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
589 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
592 z = z << 4 | z >> 28;
593 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
595 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
597 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
599 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
602 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
604 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
606 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
608 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
611 z = z << 4 | z >> 28;
612 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
614 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
616 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
618 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
619 x = x << 1 | x >> 31;
620 z = (x ^ y) & 0x55555555L;
623 y = y << 1 | y >> 31;
624 z = ((x >> 010) ^ y) & 0x00FF00FFL;
627 z = ((y >> 002) ^ x) & 0x33333333L;
630 z = ((x >> 020) ^ y) & 0x0000FFFFL;
633 z = ((y >> 004) ^ x) & 0x0F0F0F0FL;
652 static void des_small_fips_decrypt(u32 *expkey, u8 *dst, const u8 *src)
670 z = ((x >> 004) ^ y) & 0x0F0F0F0FL;
673 z = ((y >> 020) ^ x) & 0x0000FFFFL;
676 z = ((x >> 002) ^ y) & 0x33333333L;
679 z = ((y >> 010) ^ x) & 0x00FF00FFL;
682 x = x >> 1 | x << 31;
683 z = (x ^ y) & 0x55555555L;
686 y = y >> 1 | y << 31;
689 z = z << 4 | z >> 28;
690 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
692 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
694 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
696 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
699 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
701 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
703 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
705 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
708 z = z << 4 | z >> 28;
709 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
711 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
713 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
715 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
718 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
720 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
722 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
724 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
727 z = z << 4 | z >> 28;
728 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
730 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
732 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
734 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
737 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
739 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
741 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
743 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
746 z = z << 4 | z >> 28;
747 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
749 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
751 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
753 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
756 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
758 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
760 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
762 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
765 z = z << 4 | z >> 28;
766 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
768 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
770 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
772 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
775 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
777 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
779 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
781 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
784 z = z << 4 | z >> 28;
785 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
787 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
789 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
791 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
794 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
796 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
798 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
800 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
803 z = z << 4 | z >> 28;
804 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
806 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
808 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
810 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
813 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
815 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
817 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
819 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
822 z = z << 4 | z >> 28;
823 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
825 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
827 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
829 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
832 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
834 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
836 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
838 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
841 z = z << 4 | z >> 28;
842 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
844 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
846 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
848 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
851 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
853 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
855 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
857 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
860 z = z << 4 | z >> 28;
861 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
863 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
865 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
867 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
870 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
872 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
874 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
876 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
879 z = z << 4 | z >> 28;
880 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
882 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
884 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
886 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
889 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
891 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
893 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
895 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
898 z = z << 4 | z >> 28;
899 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
901 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
903 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
905 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
908 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
910 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
912 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
914 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
917 z = z << 4 | z >> 28;
918 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
920 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
922 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
924 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
927 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
929 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
931 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
933 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
936 z = z << 4 | z >> 28;
937 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
939 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
941 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
943 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
946 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
948 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
950 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
952 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
955 z = z << 4 | z >> 28;
956 x ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
958 x ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
960 x ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
962 x ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
965 x ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
967 x ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
969 x ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
971 x ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
974 z = z << 4 | z >> 28;
975 y ^= * (u32 *) ((u8 *) (des_keymap + 448) + (0xFC & z));
977 y ^= * (u32 *) ((u8 *) (des_keymap + 384) + (0xFC & z));
979 y ^= * (u32 *) ((u8 *) (des_keymap + 320) + (0xFC & z));
981 y ^= * (u32 *) ((u8 *) (des_keymap + 256) + (0xFC & z));
984 y ^= * (u32 *) ((u8 *) (des_keymap + 192) + (0xFC & z));
986 y ^= * (u32 *) ((u8 *) (des_keymap + 128) + (0xFC & z));
988 y ^= * (u32 *) ((u8 *) (des_keymap + 64) + (0xFC & z));
990 y ^= * (u32 *) ((u8 *) des_keymap + (0xFC & z));
991 x = x << 1 | x >> 31;
992 z = (x ^ y) & 0x55555555L;
995 y = y << 1 | y >> 31;
996 z = ((x >> 010) ^ y) & 0x00FF00FFL;
999 z = ((y >> 002) ^ x) & 0x33333333L;
1002 z = ((x >> 020) ^ y) & 0x0000FFFFL;
1005 z = ((y >> 004) ^ x) & 0x0F0F0F0FL;
1025 * RFC2451: Weak key checks SHOULD be performed.
1027 static int setkey(u32 *expkey, const u8 *key, unsigned int keylen, u32 *flags)
1032 u8 bits0[56], bits1[56];
1034 n = parity[key[0]]; n <<= 4;
1035 n |= parity[key[1]]; n <<= 4;
1036 n |= parity[key[2]]; n <<= 4;
1037 n |= parity[key[3]]; n <<= 4;
1038 n |= parity[key[4]]; n <<= 4;
1039 n |= parity[key[5]]; n <<= 4;
1040 n |= parity[key[6]]; n <<= 4;
1041 n |= parity[key[7]];
1044 if ((*flags & CRYPTO_TFM_REQ_WEAK_KEY)
1045 && !((n - (w >> 3)) & w)) { /* 1 in 10^10 keys passes this test */
1046 if (n < 0x41415151) {
1047 if (n < 0x31312121) {
1048 if (n < 0x14141515) {
1049 /* 01 01 01 01 01 01 01 01 */
1050 if (n == 0x11111111) goto weak;
1051 /* 01 1F 01 1F 01 0E 01 0E */
1052 if (n == 0x13131212) goto weak;
1054 /* 01 E0 01 E0 01 F1 01 F1 */
1055 if (n == 0x14141515) goto weak;
1056 /* 01 FE 01 FE 01 FE 01 FE */
1057 if (n == 0x16161616) goto weak;
1060 if (n < 0x34342525) {
1061 /* 1F 01 1F 01 0E 01 0E 01 */
1062 if (n == 0x31312121) goto weak;
1063 /* 1F 1F 1F 1F 0E 0E 0E 0E (?) */
1064 if (n == 0x33332222) goto weak;
1066 /* 1F E0 1F E0 0E F1 0E F1 */
1067 if (n == 0x34342525) goto weak;
1068 /* 1F FE 1F FE 0E FE 0E FE */
1069 if (n == 0x36362626) goto weak;
1073 if (n < 0x61616161) {
1074 if (n < 0x44445555) {
1075 /* E0 01 E0 01 F1 01 F1 01 */
1076 if (n == 0x41415151) goto weak;
1077 /* E0 1F E0 1F F1 0E F1 0E */
1078 if (n == 0x43435252) goto weak;
1080 /* E0 E0 E0 E0 F1 F1 F1 F1 (?) */
1081 if (n == 0x44445555) goto weak;
1082 /* E0 FE E0 FE F1 FE F1 FE */
1083 if (n == 0x46465656) goto weak;
1086 if (n < 0x64646565) {
1087 /* FE 01 FE 01 FE 01 FE 01 */
1088 if (n == 0x61616161) goto weak;
1089 /* FE 1F FE 1F FE 0E FE 0E */
1090 if (n == 0x63636262) goto weak;
1092 /* FE E0 FE E0 FE F1 FE F1 */
1093 if (n == 0x64646565) goto weak;
1094 /* FE FE FE FE FE FE FE FE */
1095 if (n == 0x66666666) goto weak;
1102 *flags |= CRYPTO_TFM_RES_WEAK_KEY;
1108 /* explode the bits */
1114 w = (256 | *key++) << 2;
1120 } while ( w >= 16 );
1123 /* put the bits in the correct places */
1128 w = (b1[k[ 0 ]] | b0[k[ 1 ]]) << 4;
1129 w |= (b1[k[ 2 ]] | b0[k[ 3 ]]) << 2;
1130 w |= b1[k[ 4 ]] | b0[k[ 5 ]];
1132 w |= (b1[k[ 6 ]] | b0[k[ 7 ]]) << 4;
1133 w |= (b1[k[ 8 ]] | b0[k[ 9 ]]) << 2;
1134 w |= b1[k[10 ]] | b0[k[11 ]];
1136 w |= (b1[k[12 ]] | b0[k[13 ]]) << 4;
1137 w |= (b1[k[14 ]] | b0[k[15 ]]) << 2;
1138 w |= b1[k[16 ]] | b0[k[17 ]];
1140 w |= (b1[k[18 ]] | b0[k[19 ]]) << 4;
1141 w |= (b1[k[20 ]] | b0[k[21 ]]) << 2;
1142 w |= b1[k[22 ]] | b0[k[23 ]];
1145 w = (b1[k[ 0+24]] | b0[k[ 1+24]]) << 4;
1146 w |= (b1[k[ 2+24]] | b0[k[ 3+24]]) << 2;
1147 w |= b1[k[ 4+24]] | b0[k[ 5+24]];
1149 w |= (b1[k[ 6+24]] | b0[k[ 7+24]]) << 4;
1150 w |= (b1[k[ 8+24]] | b0[k[ 9+24]]) << 2;
1151 w |= b1[k[10+24]] | b0[k[11+24]];
1153 w |= (b1[k[12+24]] | b0[k[13+24]]) << 4;
1154 w |= (b1[k[14+24]] | b0[k[15+24]]) << 2;
1155 w |= b1[k[16+24]] | b0[k[17+24]];
1157 w |= (b1[k[18+24]] | b0[k[19+24]]) << 4;
1158 w |= (b1[k[20+24]] | b0[k[21+24]]) << 2;
1159 w |= b1[k[22+24]] | b0[k[23+24]];
1161 ROR(w, 4, 28); /* could be eliminated */
1171 static int des_setkey(void *ctx, const u8 *key, unsigned int keylen, u32 *flags)
1173 return setkey(((struct des_ctx *)ctx)->expkey, key, keylen, flags);
1176 static void des_encrypt(void *ctx, u8 *dst, const u8 *src)
1178 des_small_fips_encrypt(((struct des_ctx *)ctx)->expkey, dst, src);
1181 static void des_decrypt(void *ctx, u8 *dst, const u8 *src)
1183 des_small_fips_decrypt(((struct des_ctx *)ctx)->expkey, dst, src);
1189 * For DES-EDE3, there is no known need to reject weak or
1190 * complementation keys. Any weakness is obviated by the use of
1193 * However, if the first two or last two independent 64-bit keys are
1194 * equal (k1 == k2 or k2 == k3), then the DES3 operation is simply the
1195 * same as DES. Implementers MUST reject keys that exhibit this
1199 static int des3_ede_setkey(void *ctx, const u8 *key,
1200 unsigned int keylen, u32 *flags)
1202 unsigned int i, off;
1203 struct des3_ede_ctx *dctx = ctx;
1205 if (!(memcmp(key, &key[DES_KEY_SIZE], DES_KEY_SIZE) &&
1206 memcmp(&key[DES_KEY_SIZE], &key[DES_KEY_SIZE * 2],
1209 *flags |= CRYPTO_TFM_RES_BAD_KEY_SCHED;
1213 for (i = 0, off = 0; i < 3; i++, off += DES_EXPKEY_WORDS,
1214 key += DES_KEY_SIZE) {
1215 int ret = setkey(&dctx->expkey[off], key, DES_KEY_SIZE, flags);
1222 static void des3_ede_encrypt(void *ctx, u8 *dst, const u8 *src)
1224 struct des3_ede_ctx *dctx = ctx;
1226 des_small_fips_encrypt(dctx->expkey, dst, src);
1227 des_small_fips_decrypt(&dctx->expkey[DES_EXPKEY_WORDS], dst, dst);
1228 des_small_fips_encrypt(&dctx->expkey[DES_EXPKEY_WORDS * 2], dst, dst);
1231 static void des3_ede_decrypt(void *ctx, u8 *dst, const u8 *src)
1233 struct des3_ede_ctx *dctx = ctx;
1235 des_small_fips_decrypt(&dctx->expkey[DES_EXPKEY_WORDS * 2], dst, src);
1236 des_small_fips_encrypt(&dctx->expkey[DES_EXPKEY_WORDS], dst, dst);
1237 des_small_fips_decrypt(dctx->expkey, dst, dst);
1240 static struct crypto_alg des_alg = {
1242 .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
1243 .cra_blocksize = DES_BLOCK_SIZE,
1244 .cra_ctxsize = sizeof(struct des_ctx),
1245 .cra_module = THIS_MODULE,
1246 .cra_list = LIST_HEAD_INIT(des_alg.cra_list),
1247 .cra_u = { .cipher = {
1248 .cia_min_keysize = DES_KEY_SIZE,
1249 .cia_max_keysize = DES_KEY_SIZE,
1250 .cia_setkey = des_setkey,
1251 .cia_encrypt = des_encrypt,
1252 .cia_decrypt = des_decrypt } }
1255 static struct crypto_alg des3_ede_alg = {
1256 .cra_name = "des3_ede",
1257 .cra_flags = CRYPTO_ALG_TYPE_CIPHER,
1258 .cra_blocksize = DES3_EDE_BLOCK_SIZE,
1259 .cra_ctxsize = sizeof(struct des3_ede_ctx),
1260 .cra_module = THIS_MODULE,
1261 .cra_list = LIST_HEAD_INIT(des3_ede_alg.cra_list),
1262 .cra_u = { .cipher = {
1263 .cia_min_keysize = DES3_EDE_KEY_SIZE,
1264 .cia_max_keysize = DES3_EDE_KEY_SIZE,
1265 .cia_setkey = des3_ede_setkey,
1266 .cia_encrypt = des3_ede_encrypt,
1267 .cia_decrypt = des3_ede_decrypt } }
1270 MODULE_ALIAS("des3_ede");
1272 static int __init init(void)
1276 ret = crypto_register_alg(&des_alg);
1280 ret = crypto_register_alg(&des3_ede_alg);
1282 crypto_unregister_alg(&des_alg);
1287 static void __exit fini(void)
1289 crypto_unregister_alg(&des3_ede_alg);
1290 crypto_unregister_alg(&des_alg);
1296 MODULE_LICENSE("GPL");
1297 MODULE_DESCRIPTION("DES & Triple DES EDE Cipher Algorithms");