source: trunk/cscrypt/des.c@ 3181

Last change on this file since 3181 was 3181, checked in by dingo35, 10 years ago

Adding threadsafety FIXMEs, feel free to join checking..

File size: 12.2 KB
Line 
1//FIXME Not checked on threadsafety yet; after checking please remove this line
2#include <stdlib.h>
3#include <stdio.h>
4#include <string.h>
5#include "des.h"
6
7static byte PC2[8][6] =
8{
9 { 14, 17, 11, 24, 1, 5 },
10 { 3, 28, 15, 6, 21, 10 },
11 { 23, 19, 12, 4, 26, 8 },
12 { 16, 7, 27, 20, 13, 2 },
13 { 41, 52, 31, 37, 47, 55 },
14 { 30, 40, 51, 45, 33, 48 },
15 { 44, 49, 39, 56, 34, 53 },
16 { 46, 42, 50, 36, 29, 32 }
17};
18
19
20static byte E[8][6] =
21{
22 { 32, 1, 2, 3, 4, 5 },
23 { 4, 5, 6, 7, 8, 9 },
24 { 8, 9, 10, 11, 12, 13 },
25 { 12, 13, 14, 15, 16, 17 },
26 { 16, 17, 18, 19, 20, 21 },
27 { 20, 21, 22, 23, 24, 25 },
28 { 24, 25, 26, 27, 28, 29 },
29 { 28, 29, 30, 31, 32, 1 }
30};
31
32
33
34static byte P[32] =
35{
36 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
37 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
38};
39
40
41static byte SBOXES[4][64] =
42{
43 {
44 0x2e, 0xe0, 0xc4, 0xbf, 0x4d, 0x27, 0x11, 0xc4,
45 0x72, 0x4e, 0xaf, 0x72, 0xbb, 0xdd, 0x68, 0x11,
46 0x83, 0x5a, 0x5a, 0x06, 0x36, 0xfc, 0xfc, 0xab,
47 0xd5, 0x39, 0x09, 0x95, 0xe0, 0x83, 0x97, 0x68,
48 0x44, 0xbf, 0x21, 0x8c, 0x1e, 0xc8, 0xb8, 0x72,
49 0xad, 0x14, 0xd6, 0xe9, 0x72, 0x21, 0x8b, 0xd7,
50 0xff, 0x65, 0x9c, 0xfb, 0xc9, 0x03, 0x57, 0x9e,
51 0x63, 0xaa, 0x3a, 0x40, 0x05, 0x56, 0xe0, 0x3d
52 },
53 {
54 0xcf, 0xa3, 0x11, 0xfd, 0xa8, 0x44, 0xfe, 0x27,
55 0x96, 0x7f, 0x2b, 0xc2, 0x63, 0x98, 0x84, 0x5e,
56 0x09, 0x6c, 0xd7, 0x10, 0x32, 0xd1, 0x4d, 0xea,
57 0xec, 0x06, 0x70, 0xb9, 0x55, 0x3b, 0xba, 0x85,
58 0x90, 0x4d, 0xee, 0x38, 0xf7, 0x2a, 0x5b, 0xc1,
59 0x2a, 0x93, 0x84, 0x5f, 0xcd, 0xf4, 0x31, 0xa2,
60 0x75, 0xbb, 0x08, 0xe6, 0x4c, 0x17, 0xa6, 0x7c,
61 0x19, 0x60, 0xd3, 0x05, 0xb2, 0x8e, 0x6f, 0xd9
62 },
63 {
64 0x4a, 0xdd, 0xb0, 0x07, 0x29, 0xb0, 0xee, 0x79,
65 0xf6, 0x43, 0x03, 0x94, 0x8f, 0x16, 0xd5, 0xaa,
66 0x31, 0xe2, 0xcd, 0x38, 0x9c, 0x55, 0x77, 0xce,
67 0x5b, 0x2c, 0xa4, 0xfb, 0x62, 0x8f, 0x18, 0x61,
68 0x1d, 0x61, 0x46, 0xba, 0xb4, 0xdd, 0xd9, 0x80,
69 0xc8, 0x16, 0x3f, 0x49, 0x73, 0xa8, 0xe0, 0x77,
70 0xab, 0x94, 0xf1, 0x5f, 0x62, 0x0e, 0x8c, 0xf3,
71 0x05, 0xeb, 0x5a, 0x25, 0x9e, 0x32, 0x27, 0xcc
72 },
73 {
74 0xd7, 0x1d, 0x2d, 0xf8, 0x8e, 0xdb, 0x43, 0x85,
75 0x60, 0xa6, 0xf6, 0x3f, 0xb9, 0x70, 0x1a, 0x43,
76 0xa1, 0xc4, 0x92, 0x57, 0x38, 0x62, 0xe5, 0xbc,
77 0x5b, 0x01, 0x0c, 0xea, 0xc4, 0x9e, 0x7f, 0x29,
78 0x7a, 0x23, 0xb6, 0x1f, 0x49, 0xe0, 0x10, 0x76,
79 0x9c, 0x4a, 0xcb, 0xa1, 0xe7, 0x8d, 0x2d, 0xd8,
80 0x0f, 0xf9, 0x61, 0xc4, 0xa3, 0x95, 0xde, 0x0b,
81 0xf5, 0x3c, 0x32, 0x57, 0x58, 0x62, 0x84, 0xbe
82 }
83};
84
85
86
87static byte PC1[][8] =
88{
89 {57, 49, 41, 33, 25, 17, 9, 1},
90 {58, 50, 42, 34, 26, 18, 10, 2},
91 {59, 51, 43, 35, 27, 19, 11, 3},
92 {60, 52, 44, 36, 63, 55, 47,39},
93 {31, 23, 15, 7, 62, 54, 46,38},
94 {30, 22, 14, 6, 61, 53, 45,37},
95 {29, 21, 13, 5, 28, 20, 12, 4}
96};
97
98
99void doPC1(byte data[])
100{
101 byte buf[8];
102 byte i, j;
103
104 memset(buf, 0, 8);
105
106 for(j=0; j<7; j++) {
107 for(i=0; i<8; i++) {
108 byte lookup = PC1[j][i];
109 buf[j] |= ((data[(lookup>>3)]>>(8-(lookup & 7))) & 1) << (7-i);
110 }
111 }
112
113 memcpy(data, buf, 8);
114}
115
116static void doIp(byte data[])
117{
118 unsigned char j, k;
119 byte val;
120 byte buf[8];
121 byte *p;
122 byte i = 8;
123
124 for(i=0; i<8; i++)
125 {
126 val = data[i];
127 p = &buf[3];
128 j = 4;
129
130 do
131 {
132 for(k=0; k<=4; k+=4)
133 {
134 p[k] >>= 1;
135 if(val & 1) p[k] |= 0x80;
136 val >>= 1;
137 }
138 p--;
139 } while(--j);
140 }
141
142 memcpy(data, buf, 8);
143}
144
145static void doIp_1(byte data[])
146{
147 unsigned char j, k;
148 byte r = 0;
149 byte buf[8];
150 byte *p;
151 byte i = 8;
152
153 for(i=0; i<8; i++)
154 {
155 p = &data[3];
156 j = 4;
157
158 do
159 {
160 for(k=0; k<=4; k+=4)
161 {
162 r >>= 1;
163 if(p[k] & 1) r |= 0x80;
164 p[k] >>= 1;
165 }
166 p--;
167 } while(--j);
168 buf[i] = r;
169 }
170
171 memcpy(data, buf, 8);
172}
173
174
175
176static void makeK(byte *left, byte *right, byte *K)
177{
178 byte i, j;
179 byte bit, val;
180 byte *p;
181
182 for(i=0; i<8; i++)
183 {
184 val = 0;
185 for(j=0; j<6; j++)
186 {
187 bit = PC2[i][j];
188 if(bit < 29)
189 {
190 bit = 28-bit;
191 p = left;
192 }
193 else
194 {
195 bit = 56-bit;
196 p = right;
197 }
198 val <<= 1;
199 if( p[bit >> 3] & (1 << (bit & 7)) ) val |= 1;
200 }
201 *K = val;
202 K++;
203 }
204}
205
206static void rightRot(byte key[])
207{
208 byte *p = key;
209 byte i = 3;
210 byte carry = 0;
211
212 carry = 0;
213
214 if(*p & 1) carry = 0x08;
215
216 do {
217 *p = (*p >> 1) | ((p[1] & 1) ? 0x80 : 0);
218 p++;
219 } while(--i);
220
221 *p = (*p >> 1) | carry;
222}
223
224static void rightRotKeys(byte left[], byte right[])
225{
226 rightRot(left);
227 rightRot(right);
228}
229
230static void leftRot(byte key[])
231{
232 byte i = 27;
233
234 do {
235 rightRot(key);
236 } while(--i);
237}
238
239static void leftRotKeys(byte left[], byte right[])
240{
241 leftRot(left);
242 leftRot(right);
243}
244
245static void desCore(byte data[], byte K[], byte result[])
246{
247 byte i, j;
248 byte bit, val;
249
250 memset(result, 0, 4);
251
252 for(i=0; i<8; i++)
253 {
254 val = 0;
255 for(j=0; j<6; j++)
256 {
257 bit = 32-E[i][j];
258 val <<= 1;
259 if( data[3 - (bit >> 3)] & (1 << (bit & 7)) ) val |= 1;
260 }
261 val ^= K[i];
262 val = SBOXES[i & 3][val];
263 if(i > 3)
264 {
265 val >>= 4;
266 }
267 val &= 0x0f;
268 result[i >> 1] |= (i & 1) ? val : (val << 4);
269 }
270}
271
272static void permut32(byte data[])
273{
274 byte i, j;
275 byte bit;
276 byte r[4];
277 byte *p;
278
279 for(i=0; i<32; i++)
280 {
281 bit = 32-P[i];
282 p = r;
283 for(j=0; j<3; j++)
284 {
285 *p = (*p << 1) | ((p[1] & 0x80) ? 1 : 0);
286 p++;
287 }
288 *p <<= 1;
289 if( data[3 - (bit >> 3)] & (1 << (bit & 7)) ) *p |= 1;
290 }
291
292 memcpy(data, r, 4);
293}
294
295static void swap(byte left[], byte right[])
296{
297 byte x[4];
298
299 memcpy(x, right, 4);
300 memcpy(right, left, 4);
301 memcpy(left, x, 4);
302}
303
304static void desRound(byte left[], byte right[], byte data[], byte mode, byte k8)
305{
306 byte i;
307 byte K[8];
308 byte r[4];
309 byte tempr[4];
310 unsigned short temp;
311
312 memcpy(tempr, data+4, 4);
313
314 /* Viaccess */
315 temp = (short)k8*(short)tempr[0]+(short)k8+(short)tempr[0];
316 tempr[0] = (temp & 0xff) - ((temp>>8) & 0xff);
317 if((temp & 0xff) - (temp>>8) < 0)
318 tempr[0]++;
319
320 makeK(left, right, K);
321 desCore(tempr, K, r);
322 permut32(r);
323
324 if(mode & DES_HASH)
325 {
326 i = r[0];
327 r[0] = r[1];
328 r[1] = i;
329 }
330
331 for(i=0; i<4; i++)
332 {
333 *data ^= r[i];
334 data++;
335 }
336
337 swap(data-4, data);
338}
339
340void des(byte key[], byte mode, byte data[])
341{
342 byte i;
343 byte left[8];
344 byte right[8];
345 byte *p = left;
346
347 short DESShift = (mode & DES_RIGHT) ? 0x8103 : 0xc081;
348
349 for(i=3; i>0; i--)
350 {
351 *p = (key[i-1] << 4) | (key[i] >> 4);
352 p++;
353 }
354 left[3] = key[0] >> 4;
355 right[0] = key[6];
356 right[1] = key[5];
357 right[2] = key[4];
358 right[3] = key[3] & 0x0f;
359
360 if(mode & DES_IP) doIp(data);
361
362 do {
363 if(!(mode & DES_RIGHT))
364 {
365 leftRotKeys(left, right);
366 if(!(DESShift & 0x8000)) leftRotKeys(left, right);
367 }
368 desRound(left, right, data, mode, key[7]);
369
370 if(mode & DES_RIGHT)
371 {
372 rightRotKeys(left, right);
373 if(!(DESShift & 0x8000)) rightRotKeys(left, right);
374 }
375 DESShift <<= 1;
376 } while(DESShift);
377
378 swap(data, data+4);
379 if(mode & DES_IP_1) doIp_1(data);
380
381}
382
383static byte getmask(byte *OutData, byte *Mask, byte I, byte J)
384{
385 byte K, B, M, M1 , D, DI, MI;
386
387 K = I ^ J;
388 DI = 7;
389 if ((K & 4) == 4) {
390 K ^= 7;
391 DI ^= 7;
392 }
393 MI = 3;
394 MI &= J;
395 K ^= MI;
396 K += MI;
397 if ((K & 4) == 4) {
398 return 0;
399 }
400 DI ^= J;
401 D = OutData[DI];
402 MI = 0;
403 MI += J;
404 M1 = Mask[MI];
405 MI ^= 4;
406 M = Mask[MI];
407 B = 0;
408 for(K = 0; K <=7; K++)
409 {
410 if ((D & 1) == 1) B += M;
411 D = (D >> 1) + ((B & 1) << 7);
412 B = B >> 1;
413 }
414 return D ^ M1;
415}
416
417static void v2mask(byte *cw, byte *mask)
418{
419 int i, j;
420
421 for(i = 7; i >= 0; i--)
422 for(j = 7; j >=4; j--)
423 cw[i] ^= getmask(cw, mask, i, j);
424 for(i = 0; i <= 7; i++)
425 for(j = 0; j <=3; j++)
426 cw[i] ^= getmask(cw, mask, i, j);
427}
428
429
430void EuroDes(byte key1[], byte key2[], byte desMode, byte operatingMode, byte data[])
431{
432 byte mode;
433
434 if(key1[7]) { /* Viaccess */
435 mode = (operatingMode == HASH) ? DES_ECM_HASH : DES_ECM_CRYPT;
436
437 if(key2 != NULL)
438 v2mask(data, key2);
439 des(key1, mode, data);
440 if(key2 != NULL)
441 v2mask(data, key2);
442 }
443 else if(TestBit(desMode, F_TRIPLE_DES))
444 {
445 /* Eurocrypt 3-DES */
446 mode = (operatingMode == HASH) ? 0 : DES_RIGHT;
447 des(key1, (byte)(DES_IP | mode), data);
448
449 mode ^= DES_RIGHT;
450 des(key2, mode, data);
451
452 mode ^= DES_RIGHT;
453 des(key1, (byte)(mode | DES_IP_1), data);
454 }
455 else
456 {
457 if(TestBit(desMode, F_EURO_S2))
458 {
459 /* Eurocrypt S2 */
460 mode = (operatingMode == HASH) ? DES_ECS2_CRYPT : DES_ECS2_DECRYPT;
461 }
462 else
463 {
464 /* Eurocrypt M */
465 mode = (operatingMode == HASH) ? DES_ECM_HASH : DES_ECM_CRYPT;
466 }
467 des(key1, mode, data);
468 }
469}
470
471/*------------------------------------------------------------------------*/
472static void des_key_parity_adjust(byte *key, byte len)
473{
474 byte i, j, parity;
475
476 for (i = 0; i < len; i++)
477 {
478 parity = 1;
479 for (j = 1; j < 8; j++) if ((key[i] >> j) & 0x1) parity = ~parity & 0x01;
480 key[i] |= parity;
481 }
482}
483
484static byte *des_key_spread(byte *normal)
485{
486 static byte spread[16];
487
488 spread[ 0] = normal[ 0] & 0xfe;
489 spread[ 1] = ((normal[ 0] << 7) | (normal[ 1] >> 1)) & 0xfe;
490 spread[ 2] = ((normal[ 1] << 6) | (normal[ 2] >> 2)) & 0xfe;
491 spread[ 3] = ((normal[ 2] << 5) | (normal[ 3] >> 3)) & 0xfe;
492 spread[ 4] = ((normal[ 3] << 4) | (normal[ 4] >> 4)) & 0xfe;
493 spread[ 5] = ((normal[ 4] << 3) | (normal[ 5] >> 5)) & 0xfe;
494 spread[ 6] = ((normal[ 5] << 2) | (normal[ 6] >> 6)) & 0xfe;
495 spread[ 7] = normal[ 6] << 1;
496 spread[ 8] = normal[ 7] & 0xfe;
497 spread[ 9] = ((normal[ 7] << 7) | (normal[ 8] >> 1)) & 0xfe;
498 spread[10] = ((normal[ 8] << 6) | (normal[ 9] >> 2)) & 0xfe;
499 spread[11] = ((normal[ 9] << 5) | (normal[10] >> 3)) & 0xfe;
500 spread[12] = ((normal[10] << 4) | (normal[11] >> 4)) & 0xfe;
501 spread[13] = ((normal[11] << 3) | (normal[12] >> 5)) & 0xfe;
502 spread[14] = ((normal[12] << 2) | (normal[13] >> 6)) & 0xfe;
503 spread[15] = normal[13] << 1;
504
505 des_key_parity_adjust(spread, 16);
506 return spread;
507}
508
509static void des_random_get(byte *buffer, byte len)
510{
511 byte idx = 0;
512 int randomNo = 0;
513
514 for (idx = 0; idx < len; idx++)
515 {
516 if (!(idx % 3)) randomNo = rand();
517 buffer[idx] = (randomNo >> ((idx % 3) << 3)) & 0xff;
518 }
519}
520
521#define CWS_NETMSGSIZE 272
522
523int des_encrypt(byte *buffer, int len, byte *deskey)
524{
525 byte checksum = 0;
526 byte noPadBytes;
527 byte padBytes[7];
528 char ivec[8];
529 short i;
530
531 if (!deskey) return len;
532 noPadBytes = (8 - ((len - 1) % 8)) % 8;
533 if (len + noPadBytes + 1 >= CWS_NETMSGSIZE-8) return -1;
534 des_random_get(padBytes, noPadBytes);
535 for (i = 0; i < noPadBytes; i++) buffer[len++] = padBytes[i];
536 for (i = 2; i < len; i++) checksum ^= buffer[i];
537 buffer[len++] = checksum;
538 des_random_get((byte *)ivec, 8);
539 memcpy(buffer+len, ivec, 8);
540 for (i = 2; i < len; i += 8)
541 {
542 byte j;
543 const byte flags = (1 << F_EURO_S2) | (1 << F_TRIPLE_DES);
544 for(j=0; j<8; j++) buffer[i+j] ^= ivec[j];
545 EuroDes(deskey, deskey+8, flags, 1, buffer+i);
546 memcpy(ivec, buffer+i, 8);
547 }
548 len += 8;
549 return len;
550}
551
552int des_decrypt(byte *buffer, int len, byte *deskey)
553{
554 char ivec[8];
555 char nextIvec[8];
556 int i;
557 byte checksum = 0;
558
559 if (!deskey) return len;
560 if ((len-2) % 8 || (len-2) < 16) return -1;
561 len -= 8;
562 memcpy(nextIvec, buffer+len, 8);
563 for (i = 2; i < len; i += 8)
564 {
565 byte j;
566 const byte flags = (1 << F_EURO_S2) | (1 << F_TRIPLE_DES);
567
568 memcpy(ivec, nextIvec, 8);
569 memcpy(nextIvec, buffer+i, 8);
570 EuroDes(deskey, deskey+8, flags, 0, buffer+i);
571 for(j=0; j<8; j++)
572 buffer[i+j] ^= ivec[j];
573 }
574 for (i = 2; i < len; i++) checksum ^= buffer[i];
575 if (checksum) return -1;
576 return len;
577}
578
579byte *des_login_key_get(byte *key1, byte *key2, int len)
580{
581 byte des14[14];
582 static byte *des16;
583 int i;
584
585 memcpy(des14, key1, sizeof(des14));
586 for (i = 0; i < len; i++) des14[i%14] ^= key2[i];
587 des16 = des_key_spread(des14);
588 doPC1(des16);
589 doPC1(des16+8);
590 return des16;
591}
Note: See TracBrowser for help on using the repository browser.