iPXE
Data Structures | Macros | Functions | Variables
des.c File Reference

DES algorithm. More...

#include <stdint.h>
#include <string.h>
#include <errno.h>
#include <byteswap.h>
#include <ipxe/rotate.h>
#include <ipxe/crypto.h>
#include <ipxe/ecb.h>
#include <ipxe/cbc.h>
#include <ipxe/init.h>
#include <ipxe/des.h>

Go to the source code of this file.

Data Structures

struct  des_generator
 A DES systematic permutation generator. More...
 

Macros

#define DES_SCHEDULE   0x0d556aab
 DES shift schedule. More...
 
#define SBYTE(x, y)   ( ( (y) << 4 ) | (x) )
 Define an element pair in a DES S-box. More...
 
#define SBOX(x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, xa, xb, xc, xd, xe, xf, y0, y1, y2, y3, y4, y5, y6, y7, y8, y9, ya, yb, yc, yd, ye, yf)
 Define a row pair in a DES S-box. More...
 
#define DES_PC2(x)   ( (x) + ( ( (x) > 28 ) ? 4 : 0 ) )
 Define a bit index within permuted choice 2 (PC2) More...
 
#define DES_PC2R(r1, c3, c2, c1, c0, r0)
 Define six bits of permuted choice 2 (PC2) More...
 
#define DES_GENERATOR(PERMUTATION, OFFSET, INV5, BIT5, INV4, BIT4, INV3, BIT3, INV2, BIT2, INV1, BIT1, INV0, BIT0)
 Define a DES permutation generator. More...
 

Functions

 FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
 
static void des_generate (struct des_generator *generator)
 Generate DES permutation. More...
 
static void des_init (void)
 Initialise permutations. More...
 
struct init_fn des_init_fn __init_fn (INIT_NORMAL)
 Initialisation function. More...
 
static void des_permute (const uint8_t *permutation, const uint8_t *in, uint8_t *out)
 Perform bit permutation. More...
 
static uint32_t des_sbox (uint32_t in, const union des_round_key *rkey)
 Perform DES S-box substitution. More...
 
static void des_round (union des_block *block, const union des_round_key *rkey)
 Perform a single DES round. More...
 
static void des_rounds (const union des_block *in, union des_block *out, const union des_round_key *rkey, ssize_t offset)
 Perform all DES rounds. More...
 
static uint32_t des_rol28 (uint32_t dword)
 Rotate 28-bit word. More...
 
static int des_setkey (void *ctx, const void *key, size_t keylen)
 Set key. More...
 
static void des_encrypt (void *ctx, const void *src, void *dst, size_t len)
 Encrypt data. More...
 
static void des_decrypt (void *ctx, const void *src, void *dst, size_t len)
 Decrypt data. More...
 
 ECB_CIPHER (des_ecb, des_ecb_algorithm, des_algorithm, struct des_context, DES_BLOCKSIZE)
 
 CBC_CIPHER (des_cbc, des_cbc_algorithm, des_algorithm, struct des_context, DES_BLOCKSIZE)
 

Variables

static const uint8_t des_s [8][32]
 DES S-boxes S1..S8. More...
 
static uint8_t des_pc1c [29]
 DES permuted choice 1 (PC1) "C" register. More...
 
static uint8_t des_pc1d [33]
 DES permuted choice 1 (PC1) "D" register. More...
 
static const uint8_t des_pc2 [65]
 DES permuted choice 2 (PC2) More...
 
static uint8_t des_ip [65]
 DES initial permutation (IP) More...
 
static const uint8_t des_p [33]
 DES data permutation (P) More...
 
static uint8_t des_fp [65]
 DES final / inverse initial permutation (FP / IP^-1) More...
 
static struct des_generator des_generators []
 DES permutation generators. More...
 
struct cipher_algorithm des_algorithm
 Basic DES algorithm. More...
 

Detailed Description

DES algorithm.

DES was not designed to be implemented in software, and therefore contains a large number of bit permutation operations that are essentially free in hardware (requiring only wires, no gates) but expensive in software.

Since DES is no longer used as a practical block cipher for large volumes of data, we optimise for code size, and do not attempt to obtain fast throughput.

The algorithm is specified in NIST SP 800-67, downloadable from https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-67r2.pdf

Definition in file des.c.

Macro Definition Documentation

◆ DES_SCHEDULE

#define DES_SCHEDULE   0x0d556aab

DES shift schedule.

The DES shift schedule (ordered from round 16 down to round 1) is {1,2,2,2,2,2,2,1,2,2,2,2,2,2,1,1}. In binary, this may be represented as {1,10,10,10,10,10,10,1,10,10,10,10,10,10,1,1} and concatenated (without padding) to produce a single binary integer 1101010101010110101010101011 (equal to 0x0d556aab in hexadecimal).

This integer may then be consumed LSB-first, where a 1 bit indicates a shift and the generation of a round key, and a 0 bit indicates a shift without the generation of a round key.

Definition at line 67 of file des.c.

◆ SBYTE

#define SBYTE (   x,
  y 
)    ( ( (y) << 4 ) | (x) )

Define an element pair in a DES S-box.

Parameters
xUpper element of element pair
yLower element of element pair

DES S-box elements are 4-bit values. We encode two values per byte, ordering the elements so that the six-bit input value may be used directly as a lookup index.

Specifically, if the input value is {r1,c3,c2,c1,c0,r0}, where {r1,r0} is the table row index and {c3,c2,c1,c0} is the table column index (as used in the DES specification), then:

  • {r1,c3,c2,c1,c0} is the byte index into the table
  • (4*r0) is the required bit shift to extract the 4-bit value

Definition at line 87 of file des.c.

◆ SBOX

#define SBOX (   x0,
  x1,
  x2,
  x3,
  x4,
  x5,
  x6,
  x7,
  x8,
  x9,
  xa,
  xb,
  xc,
  xd,
  xe,
  xf,
  y0,
  y1,
  y2,
  y3,
  y4,
  y5,
  y6,
  y7,
  y8,
  y9,
  ya,
  yb,
  yc,
  yd,
  ye,
  yf 
)
Value:
SBYTE ( x0, y0 ), SBYTE ( x1, y1 ), SBYTE ( x2, y2 ), SBYTE ( x3, y3 ),\
SBYTE ( x4, y4 ), SBYTE ( x5, y5 ), SBYTE ( x6, y6 ), SBYTE ( x7, y7 ),\
SBYTE ( x8, y8 ), SBYTE ( x9, y9 ), SBYTE ( xa, ya ), SBYTE ( xb, yb ),\
SBYTE ( xc, yc ), SBYTE ( xd, yd ), SBYTE ( xe, ye ), SBYTE ( xf, yf )
SBYTE
#define SBYTE(x, y)
Define an element pair in a DES S-box.
Definition: des.c:87

Define a row pair in a DES S-box.

Parameters
x0..xfUpper row of row pair
y0..yfLower row of row pair

Definition at line 95 of file des.c.

◆ DES_PC2

#define DES_PC2 (   x)    ( (x) + ( ( (x) > 28 ) ? 4 : 0 ) )

Define a bit index within permuted choice 2 (PC2)

Parameters
bitBit index

Permuted choice 2 (PC2) is used to select bits from a concatenated pair of 28-bit registers ("C" and "D") as part of the key schedule. We store these as 32-bit registers and so must add 4 to indexes above 28.

Definition at line 163 of file des.c.

◆ DES_PC2R

#define DES_PC2R (   r1,
  c3,
  c2,
  c1,
  c0,
  r0 
)
Value:
DES_PC2 ( r0 ), /* LSB stored in sign bit */ \
DES_PC2 ( r0 ), /* Unused bit */ \
DES_PC2 ( r0 ), /* Unused bit */ \
DES_PC2 ( r1 ), /* Remaining 5 bits */ \
DES_PC2 ( c3 ), /* ... */ \
DES_PC2 ( c2 ), /* ... */ \
DES_PC2 ( c1 ), /* ... */ \
DES_PC2 ( c0 ) /* ... */
DES_PC2
#define DES_PC2(x)
Define a bit index within permuted choice 2 (PC2)
Definition: des.c:163

Define six bits of permuted choice 2 (PC2)

Parameters
r1:r0Bits corresponding to S-box row index
c3:c0Bits corresponding to S-box column index

There are 8 steps within a DES round (one step per S-box). Each step requires six bits of the round key, corresponding to the S-box input value {r1,c3,c2,c1,c0,r0}, where {r1,r0} is the table row index and {c3,c2,c1,c0} is the table column index.

As an optimisation, we store the least significant of the 6 bits in the sign bit of a signed 8-bit value, and the remaining 5 bits in the least significant 5 bits of the 8-bit value. See the comments in des_sbox() for further details.

Definition at line 181 of file des.c.

◆ DES_GENERATOR

#define DES_GENERATOR (   PERMUTATION,
  OFFSET,
  INV5,
  BIT5,
  INV4,
  BIT4,
  INV3,
  BIT3,
  INV2,
  BIT2,
  INV1,
  BIT1,
  INV0,
  BIT0 
)
Value:
{ \
.permutation = (PERMUTATION), \
.seed = ( ( (INV0) << 31 ) | ( (BIT0) << 28 ) | \
( (INV1) << 27 ) | ( (BIT1) << 24 ) | \
( (INV2) << 23 ) | ( (BIT2) << 20 ) | \
( (INV3) << 19 ) | ( (BIT3) << 16 ) | \
( (INV4) << 15 ) | ( (BIT4) << 12 ) | \
( (INV5) << 11 ) | ( (BIT5) << 8 ) | \
( ( uint32_t ) sizeof (PERMUTATION) - 1 ) | \
(OFFSET) ), \
}
BIT3
#define BIT3
Definition: wlan_compat.h:199
BIT4
#define BIT4
Definition: wlan_compat.h:200
uint32_t
unsigned int uint32_t
Definition: stdint.h:12
BIT5
#define BIT5
Definition: wlan_compat.h:201
BIT0
#define BIT0
Definition: wlan_compat.h:196
BIT2
#define BIT2
Definition: wlan_compat.h:198
BIT1
#define BIT1
Definition: wlan_compat.h:197

Define a DES permutation generator.

Parameters
PERMUTATIONPermutation
OFFSETFixed input bit offset (0 or 1)
INV<n>Input bit index bit <n> should be inverted
BIT<n>Source bit for input bit index bit <n>
Return values
generatorPermutation generator

Definition at line 214 of file des.c.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL  )

◆ des_generate()

static void des_generate ( struct des_generator generator)
static

Generate DES permutation.

Parameters
generatorGenerator

Definition at line 306 of file des.c.

306  {
307  uint8_t *permutation = generator->permutation;
308  uint32_t seed = generator->seed;
309  unsigned int index = 0;
310  uint8_t accum;
311  uint8_t bit;
312 
313  /* Generate permutations
314  *
315  * This loop is optimised for code size on a
316  * register-constrained architecture such as i386.
317  */
318  do {
319  /* Rotate seed to access MSB's bit descriptor */
320  seed = ror32 ( seed, 8 );
321 
322  /* Initialise accumulator with six flag bits */
323  accum = 0xfc;
324 
325  /* Accumulate bits until all six flag bits are cleared */
326  do {
327  /* Extract specified bit from index. Use a
328  * rotation instead of a shift, since this
329  * will allow the mask to be elided.
330  */
331  bit = ror8 ( index, ( seed & 0x07 ) );
332  seed = ror32 ( seed, 3 );
333 
334  /* Toggle bit if applicable */
335  bit ^= seed;
336  seed = ror32 ( seed, 1 );
337 
338  /* Add bit to accumulator and clear one flag bit */
339  accum <<= 1;
340  accum |= ( bit & 0x01 );
341 
342  } while ( accum & 0x80 );
343 
344  /* Add constant offset if applicable */
345  accum += ( seed & 0x01 );
346 
347  /* Store permutation */
348  permutation[index] = accum;
349 
350  /* Loop until reaching length (which is always even) */
351  } while ( ++index < ( seed & 0xfe ) );
352  DBGC2 ( permutation, "DES generated permutation %p:\n", permutation );
353  DBGC2_HDA ( permutation, 0, permutation,
354  ( ( seed & 0xfe ) + 1 /* zero terminator */ ) );
355 }
index
long index
Definition: bigint.h:62
bit
static unsigned int unsigned int bit
Definition: bigint.h:391
ror32
static u32 ror32(u32 v, int bits)
Rotate 32-bit value right.
Definition: wpa_tkip.c:161
des_generator::seed
uint32_t seed
Seed value.
Definition: des.c:202
DBGC2_HDA
#define DBGC2_HDA(...)
Definition: compiler.h:523
uint8_t
unsigned char uint8_t
Definition: stdint.h:10
uint32_t
unsigned int uint32_t
Definition: stdint.h:12
des_generator::permutation
uint8_t * permutation
Permutation.
Definition: des.c:200
DBGC2
#define DBGC2(...)
Definition: compiler.h:522

References bit, DBGC2, DBGC2_HDA, index, des_generator::permutation, ror32(), and des_generator::seed.

Referenced by des_init().

◆ des_init()

static void des_init ( void  )
static

Initialise permutations.

Definition at line 360 of file des.c.

360  {
361  unsigned int i;
362 
363  /* Generate all generated permutations */
364  for ( i = 0 ; i < ( sizeof ( des_generators ) /
365  sizeof ( des_generators[0] ) ) ; i++ ) {
366  des_generate ( &des_generators[i] );
367  }
368 }
des_generate
static void des_generate(struct des_generator *generator)
Generate DES permutation.
Definition: des.c:306
des_generators
static struct des_generator des_generators[]
DES permutation generators.
Definition: des.c:261

References des_generate(), and des_generators.

◆ __init_fn()

struct init_fn des_init_fn __init_fn ( INIT_NORMAL  )

Initialisation function.

◆ des_permute()

static void des_permute ( const uint8_t permutation,
const uint8_t in,
uint8_t out 
)
static

Perform bit permutation.

Parameters
permutationBit permutation (zero-terminated)
inInput value
outOutput value

Definition at line 383 of file des.c.

384  {
385  uint8_t mask = 0x80;
386  uint8_t accum = 0;
387  unsigned int bit;
388 
389  /* Extract individual input bits to construct output value */
390  while ( ( bit = *(permutation++) ) ) {
391  bit--;
392  if ( in[ bit / 8 ] & ( 0x80 >> ( bit % 8 ) ) )
393  accum |= mask;
394  *out = accum;
395  mask = ror8 ( mask, 1 );
396  if ( mask == 0x80 ) {
397  out++;
398  accum = 0;
399  }
400  }
401 }
in
__be32 in[4]
Definition: CIB_PRM.h:35
bit
static unsigned int unsigned int bit
Definition: bigint.h:391
out
__be32 out[4]
Definition: CIB_PRM.h:36
uint8_t
unsigned char uint8_t
Definition: stdint.h:10

References bit, in, and out.

Referenced by des_round(), des_rounds(), and des_setkey().

◆ des_sbox()

static uint32_t des_sbox ( uint32_t  in,
const union des_round_key rkey 
)
static

Perform DES S-box substitution.

Parameters
in32-bit input value (native endian)
rkey48-bit round key
Return values
out32-bit output value (native endian)

Definition at line 410 of file des.c.

410  {
411  uint32_t out = 0;
412  uint32_t lookup;
413  int32_t key;
414  uint8_t sub;
415  unsigned int i;
416 
417  /* Perform input expansion, key addition, and S-box substitution */
418  for ( i = 0 ; i < 8 ; i++ ) {
419 
420  /* Rotate input and output */
421  out = rol32 ( out, 4 );
422  in = rol32 ( in, 4 );
423 
424  /* Extract step key from relevant 6 bits of round key
425  *
426  * The least significant of the 6 bits (corresponding
427  * to bit r0 in the S-box lookup index) is stored in
428  * the sign bit of the step key byte. It will
429  * therefore be propagated via sign extension to the
430  * MSB of the 32-bit step key.
431  *
432  * The remaining 5 of the 6 bits (corresponding to
433  * bits {r1,c3,c2,c1,c0} in the S-box lookup index)
434  * are stored in the least significant 5 bits of the
435  * step key byte and will end up in the least
436  * significant 5 bits of the 32-bit step key.
437  */
438  key = rkey->step[i];
439 
440  /* Add step key to input to produce S-box lookup index
441  *
442  * We do not ever perform an explicit expansion of the
443  * input value from 32 to 48 bits. Instead, we rotate
444  * the 32-bit input value by 4 bits on each step, and
445  * extract the relevant 6 bits.
446  *
447  * The least significant of the 6 bits (corresponding
448  * to bit r0 in the S-box lookup index) is currently
449  * in the MSB of the 32-bit (rotated) input value.
450  *
451  * The remaining 5 of the 6 bits (corresponding to
452  * bits {r1,c3,c2,c1,c0} in the S-box lookup index)
453  * are currently in the least significant 5 bits of
454  * the 32-bit (rotated) input value.
455  *
456  * This aligns with the placement of the bits in the
457  * step key (see above), and we can therefore perform
458  * a single XOR to add the 6-bit step key to the
459  * relevant 6 bits of the input value.
460  */
461  lookup = ( in ^ key );
462 
463  /* Look up S[i][in ^ key] from S-box
464  *
465  * We have bits {r1,c3,c2,c1,c0} in the least
466  * significant 5 bits of the lookup index, and so can
467  * use the masked lookup index directly as a byte
468  * index into the relevant S-box to extract the byte
469  * containing both {r1,c3,c2,c1,c0,'0'} and
470  * {r1,c3,c2,c1,c0,'1'}.
471  *
472  * We then use the MSB of the 32-bit lookup index to
473  * extract the relevant nibble for the full lookup
474  * index {r1,c3,c2,c1,c0,r0}.
475  */
476  sub = des_s[i][ lookup & 0x1f ];
477  sub >>= ( ( lookup >> 29 ) & 4 );
478  sub &= 0x0f;
479 
480  /* Substitute S[i][input ^ key] into output */
481  out |= sub;
482  }
483 
484  return out;
485 }
in
__be32 in[4]
Definition: CIB_PRM.h:35
rol32
static u32 rol32(u32 v, int bits)
Rotate 32-bit value left.
Definition: wpa_tkip.c:173
out
__be32 out[4]
Definition: CIB_PRM.h:36
des_s
static const uint8_t des_s[8][32]
DES S-boxes S1..S8.
Definition: des.c:103
uint8_t
unsigned char uint8_t
Definition: stdint.h:10
uint32_t
unsigned int uint32_t
Definition: stdint.h:12
des_round_key::step
int8_t step[8]
6-bit step key byte
Definition: des.h:72
int32_t
signed int int32_t
Definition: stdint.h:17
key
union @391 key
Sense key.
Definition: scsi.h:17

References des_s, in, key, out, rol32(), and des_round_key::step.

Referenced by des_round().

◆ des_round()

static void des_round ( union des_block block,
const union des_round_key rkey 
)
static

Perform a single DES round.

Parameters
blockDES block
rkey48-bit round key

Definition at line 493 of file des.c.

494  {
495  union des_dword sbox;
496  uint32_t left;
497  uint32_t right;
498 
499  /* Extract left and right halves L[n-1] and R[n-1] */
500  left = block->left.dword;
501  right = block->right.dword;
502  DBGC2 ( block, "DES L=%08x R=%08x K=%08x%08x", be32_to_cpu ( left ),
503  be32_to_cpu ( right ), be32_to_cpu ( rkey->dword[0] ),
504  be32_to_cpu ( rkey->dword[1] ) );
505 
506  /* L[n] = R[n-1] */
507  block->left.dword = right;
508 
509  /* Calculate Feistel function f(R[n-1], K[n]) */
510  sbox.dword = cpu_to_be32 ( des_sbox ( be32_to_cpu ( right ), rkey ) );
511  des_permute ( des_p, sbox.byte, block->right.byte );
512 
513  /* R[n] = L[n-1] + f(R[n-1], K[n]) */
514  block->right.dword ^= left;
515  DBGC2 ( block, " => L=%08x R=%08x\n",
516  be32_to_cpu ( block->left.dword ),
517  be32_to_cpu ( block->right.dword ) );
518 }
des_p
static const uint8_t des_p[33]
DES data permutation (P)
Definition: des.c:251
des_dword
A DES 32-bit dword value.
Definition: des.h:19
des_permute
static void des_permute(const uint8_t *permutation, const uint8_t *in, uint8_t *out)
Perform bit permutation.
Definition: des.c:383
be32_to_cpu
#define be32_to_cpu(value)
Definition: byteswap.h:116
des_round_key::dword
uint32_t dword[2]
32-bit big-endian dwords
Definition: des.h:60
uint32_t
unsigned int uint32_t
Definition: stdint.h:12
cpu_to_be32
#define cpu_to_be32(value)
Definition: byteswap.h:110
DBGC2
#define DBGC2(...)
Definition: compiler.h:522
block
uint8_t block[3][8]
DES-encrypted blocks.
Definition: mschapv2.h:12
des_sbox
static uint32_t des_sbox(uint32_t in, const union des_round_key *rkey)
Perform DES S-box substitution.
Definition: des.c:410

References be32_to_cpu, block, des_dword::byte, cpu_to_be32, DBGC2, des_p, des_permute(), des_sbox(), des_dword::dword, and des_round_key::dword.

Referenced by des_rounds().

◆ des_rounds()

static void des_rounds ( const union des_block in,
union des_block out,
const union des_round_key rkey,
ssize_t  offset 
)
static

Perform all DES rounds.

Parameters
inInput DES block
outOutput DES block
rkeyStarting 48-bit round key
offsetByte offset between round keys

Definition at line 528 of file des.c.

530  {
531  union des_block tmp;
532  unsigned int i;
533 
534  /* Apply initial permutation */
535  des_permute ( des_ip, in->byte, tmp.byte );
536 
537  /* Perform all DES rounds, consuming keys in the specified order */
538  for ( i = 0 ; i < DES_ROUNDS ; i++ ) {
539  des_round ( &tmp, rkey );
540  rkey = ( ( ( void * ) rkey ) + offset );
541  }
542 
543  /* Apply final permutation */
544  DBGC ( &tmp, "DES %scrypted %08x%08x => ",
545  ( ( offset > 0 ) ? "en" : "de" ), be32_to_cpu ( in->dword[0] ),
546  be32_to_cpu ( in->dword[1] ) );
547  des_permute ( des_fp, tmp.byte, out->byte );
548  DBGC ( &tmp, "%08x%08x\n", be32_to_cpu ( out->dword[0] ),
549  be32_to_cpu ( out->dword[1] ) );
550 }
des_block
A DES 64-bit block.
Definition: des.h:27
in
__be32 in[4]
Definition: CIB_PRM.h:35
DBGC
#define DBGC(...)
Definition: compiler.h:505
des_permute
static void des_permute(const uint8_t *permutation, const uint8_t *in, uint8_t *out)
Perform bit permutation.
Definition: des.c:383
out
__be32 out[4]
Definition: CIB_PRM.h:36
tmp
unsigned long tmp
Definition: linux_pci.h:64
DES_ROUNDS
#define DES_ROUNDS
Number of DES rounds.
Definition: des.h:76
be32_to_cpu
#define be32_to_cpu(value)
Definition: byteswap.h:116
des_round
static void des_round(union des_block *block, const union des_round_key *rkey)
Perform a single DES round.
Definition: des.c:493
offset
uint16_t offset
Offset to command line.
Definition: bzimage.h:8
des_fp
static uint8_t des_fp[65]
DES final / inverse initial permutation (FP / IP^-1)
Definition: des.c:258
des_ip
static uint8_t des_ip[65]
DES initial permutation (IP)
Definition: des.c:248

References be32_to_cpu, DBGC, des_fp, des_ip, des_permute(), des_round(), DES_ROUNDS, in, offset, out, and tmp.

Referenced by des_decrypt(), and des_encrypt().

◆ des_rol28()

static uint32_t des_rol28 ( uint32_t  dword)
static

Rotate 28-bit word.

Parameters
dword28-bit dword value
Return values
dwordRotated 28-bit dword value

Definition at line 558 of file des.c.

558  {
559  int32_t sdword;
560 
561  /* Convert to native-endian */
562  sdword = be32_to_cpu ( dword );
563 
564  /* Signed shift right by 4 places to copy bit 31 to bits 27:31 */
565  sdword >>= 4;
566 
567  /* Rotate left */
568  sdword = rol32 ( sdword, 1 );
569 
570  /* Shift left by 4 places to restore bit positions */
571  sdword <<= 4;
572 
573  /* Convert back to big-endian */
574  dword = cpu_to_be32 ( sdword );
575 
576  return dword;
577 }
rol32
static u32 rol32(u32 v, int bits)
Rotate 32-bit value left.
Definition: wpa_tkip.c:173
be32_to_cpu
#define be32_to_cpu(value)
Definition: byteswap.h:116
cpu_to_be32
#define cpu_to_be32(value)
Definition: byteswap.h:110
int32_t
signed int int32_t
Definition: stdint.h:17
dword
unsigned long int dword
Definition: smc9000.h:40

References be32_to_cpu, cpu_to_be32, and rol32().

Referenced by des_setkey().

◆ des_setkey()

static int des_setkey ( void *  ctx,
const void *  key,
size_t  keylen 
)
static

Set key.

Parameters
ctxContext
keyKey
keylenKey length
Return values
rcReturn status code

Definition at line 587 of file des.c.

587  {
588  struct des_context *des = ctx;
589  union des_round_key *rkey = des->rkey;
590  union des_block reg;
591  uint32_t schedule;
592 
593  /* Validate key length */
594  if ( keylen != DES_BLOCKSIZE )
595  return -EINVAL;
596  DBGC ( des, "DES %p new key:\n", des );
597  DBGC_HDA ( des, 0, key, keylen );
598 
599  /* Apply permuted choice 1 */
600  des_permute ( des_pc1c, key, reg.c.byte );
601  des_permute ( des_pc1d, key, reg.d.byte );
602  reg.d.byte[3] <<= 4; /* see comment for @c des_pc1d */
603  DBGC2 ( des, "DES %p C[ 0]=%07x D[ 0]=%07x\n",
604  des, ( be32_to_cpu ( reg.c.dword ) >> 4 ),
605  ( be32_to_cpu ( reg.d.dword ) >> 4 ) );
606 
607  /* Generate round keys */
608  for ( schedule = DES_SCHEDULE ; schedule ; schedule >>= 1 ) {
609 
610  /* Shift 28-bit words */
611  reg.c.dword = des_rol28 ( reg.c.dword );
612  reg.d.dword = des_rol28 ( reg.d.dword );
613 
614  /* Skip rounds according to shift schedule */
615  if ( ! ( schedule & 1 ) )
616  continue;
617 
618  /* Apply permuted choice 2 */
619  des_permute ( des_pc2, reg.byte, rkey->byte );
620  DBGC2 ( des, "DES %p C[%2zd]=%07x D[%2zd]=%07x K[%2zd]="
621  "%08x%08x\n", des, ( ( rkey - des->rkey ) + 1 ),
622  ( be32_to_cpu ( reg.c.dword ) >> 4 ),
623  ( ( rkey - des->rkey ) + 1 ),
624  ( be32_to_cpu ( reg.d.dword ) >> 4 ),
625  ( ( rkey - des->rkey ) + 1 ),
626  be32_to_cpu ( rkey->dword[0] ),
627  be32_to_cpu ( rkey->dword[1] ) );
628 
629  /* Move to next key */
630  rkey++;
631  }
632 
633  /* Sanity check */
634  assert ( rkey == &des->rkey[DES_ROUNDS] );
635 
636  return 0;
637 }
EINVAL
#define EINVAL
Invalid argument.
Definition: errno.h:428
reg
static unsigned int unsigned int reg
Definition: myson.h:162
des_block
A DES 64-bit block.
Definition: des.h:27
DBGC
#define DBGC(...)
Definition: compiler.h:505
des_pc1d
static uint8_t des_pc1d[33]
DES permuted choice 1 (PC1) "D" register.
Definition: des.c:232
des_permute
static void des_permute(const uint8_t *permutation, const uint8_t *in, uint8_t *out)
Perform bit permutation.
Definition: des.c:383
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
DES_SCHEDULE
#define DES_SCHEDULE
DES shift schedule.
Definition: des.c:67
des_context
DES context.
Definition: des.h:79
des_pc1c
static uint8_t des_pc1c[29]
DES permuted choice 1 (PC1) "C" register.
Definition: des.c:229
des_context::rkey
union des_round_key rkey[DES_ROUNDS]
Round keys.
Definition: des.h:81
DES_ROUNDS
#define DES_ROUNDS
Number of DES rounds.
Definition: des.h:76
be32_to_cpu
#define be32_to_cpu(value)
Definition: byteswap.h:116
assert
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
DBGC_HDA
#define DBGC_HDA(...)
Definition: compiler.h:506
des_round_key
A DES round key.
Definition: des.h:56
des_round_key::dword
uint32_t dword[2]
32-bit big-endian dwords
Definition: des.h:60
uint32_t
unsigned int uint32_t
Definition: stdint.h:12
des_rol28
static uint32_t des_rol28(uint32_t dword)
Rotate 28-bit word.
Definition: des.c:558
des_round_key::byte
uint8_t byte[8]
Raw bytes.
Definition: des.h:58
DBGC2
#define DBGC2(...)
Definition: compiler.h:522
des_pc2
static const uint8_t des_pc2[65]
DES permuted choice 2 (PC2)
Definition: des.c:235
DES_BLOCKSIZE
#define DES_BLOCKSIZE
DES blocksize.
Definition: des.h:49
key
union @391 key
Sense key.
Definition: scsi.h:17

References assert(), be32_to_cpu, des_round_key::byte, ctx, DBGC, DBGC2, DBGC_HDA, DES_BLOCKSIZE, des_pc1c, des_pc1d, des_pc2, des_permute(), des_rol28(), DES_ROUNDS, DES_SCHEDULE, des_round_key::dword, EINVAL, key, reg, and des_context::rkey.

◆ des_encrypt()

static void des_encrypt ( void *  ctx,
const void *  src,
void *  dst,
size_t  len 
)
static

Encrypt data.

Parameters
ctxContext
srcData to encrypt
dstBuffer for encrypted data
lenLength of data

Definition at line 647 of file des.c.

647  {
648  struct des_context *des = ctx;
649 
650  /* Sanity check */
651  assert ( len == DES_BLOCKSIZE );
652 
653  /* Cipher using keys in forward direction */
654  des_rounds ( src, dst, &des->rkey[0], sizeof ( des->rkey[0] ) );
655 }
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
des_context
DES context.
Definition: des.h:79
des_context::rkey
union des_round_key rkey[DES_ROUNDS]
Round keys.
Definition: des.h:81
assert
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
src
static const void * src
Definition: string.h:47
len
ring len
Length.
Definition: dwmac.h:231
DES_BLOCKSIZE
#define DES_BLOCKSIZE
DES blocksize.
Definition: des.h:49
des_rounds
static void des_rounds(const union des_block *in, union des_block *out, const union des_round_key *rkey, ssize_t offset)
Perform all DES rounds.
Definition: des.c:528

References assert(), ctx, DES_BLOCKSIZE, des_rounds(), len, des_context::rkey, and src.

◆ des_decrypt()

static void des_decrypt ( void *  ctx,
const void *  src,
void *  dst,
size_t  len 
)
static

Decrypt data.

Parameters
ctxContext
srcData to decrypt
dstBuffer for decrypted data
lenLength of data

Definition at line 665 of file des.c.

665  {
666  struct des_context *des = ctx;
667 
668  /* Sanity check */
669  assert ( len == DES_BLOCKSIZE );
670 
671  /* Cipher using keys in reverse direction */
672  des_rounds ( src, dst, &des->rkey[ DES_ROUNDS - 1 ],
673  -sizeof ( des->rkey[0] ) );
674 }
ctx
struct golan_eq_context ctx
Definition: CIB_PRM.h:28
des_context
DES context.
Definition: des.h:79
des_context::rkey
union des_round_key rkey[DES_ROUNDS]
Round keys.
Definition: des.h:81
DES_ROUNDS
#define DES_ROUNDS
Number of DES rounds.
Definition: des.h:76
assert
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
src
static const void * src
Definition: string.h:47
len
ring len
Length.
Definition: dwmac.h:231
DES_BLOCKSIZE
#define DES_BLOCKSIZE
DES blocksize.
Definition: des.h:49
des_rounds
static void des_rounds(const union des_block *in, union des_block *out, const union des_round_key *rkey, ssize_t offset)
Perform all DES rounds.
Definition: des.c:528

References assert(), ctx, DES_BLOCKSIZE, DES_ROUNDS, des_rounds(), len, des_context::rkey, and src.

◆ ECB_CIPHER()

ECB_CIPHER ( des_ecb  ,
des_ecb_algorithm  ,
des_algorithm  ,
struct des_context  ,
DES_BLOCKSIZE   
)

◆ CBC_CIPHER()

CBC_CIPHER ( des_cbc  ,
des_cbc_algorithm  ,
des_algorithm  ,
struct des_context  ,
DES_BLOCKSIZE   
)

Variable Documentation

◆ des_s

const uint8_t des_s[8][32]
static

DES S-boxes S1..S8.

Definition at line 103 of file des.c.

Referenced by des_sbox().

◆ des_pc1c

uint8_t des_pc1c[29]
static

DES permuted choice 1 (PC1) "C" register.

Definition at line 229 of file des.c.

Referenced by des_setkey().

◆ des_pc1d

uint8_t des_pc1d[33]
static

DES permuted choice 1 (PC1) "D" register.

Definition at line 232 of file des.c.

Referenced by des_setkey().

◆ des_pc2

const uint8_t des_pc2[65]
static
Initial value:
= {
DES_PC2R ( 14, 17, 11, 24, 1, 5 ),
DES_PC2R ( 3, 28, 15, 6, 21, 10 ),
DES_PC2R ( 23, 19, 12, 4, 26, 8 ),
DES_PC2R ( 16, 7, 27, 20, 13, 2 ),
DES_PC2R ( 41, 52, 31, 37, 47, 55 ),
DES_PC2R ( 30, 40, 51, 45, 33, 48 ),
DES_PC2R ( 44, 49, 39, 56, 34, 53 ),
DES_PC2R ( 46, 42, 50, 36, 29, 32 ),
0
}
DES_PC2R
#define DES_PC2R(r1, c3, c2, c1, c0, r0)
Define six bits of permuted choice 2 (PC2)
Definition: des.c:181

DES permuted choice 2 (PC2)

Definition at line 235 of file des.c.

Referenced by des_setkey().

◆ des_ip

uint8_t des_ip[65]
static

DES initial permutation (IP)

Definition at line 248 of file des.c.

Referenced by des_rounds().

◆ des_p

const uint8_t des_p[33]
static
Initial value:
= {
16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25,
0
}

DES data permutation (P)

Definition at line 251 of file des.c.

Referenced by des_round().

◆ des_fp

uint8_t des_fp[65]
static

DES final / inverse initial permutation (FP / IP^-1)

Definition at line 258 of file des.c.

Referenced by des_rounds().

◆ des_generators

struct des_generator des_generators[]
static
Initial value:
= {
DES_GENERATOR ( des_ip, 1, 1, 2, 1, 1, 1, 0, 0, 4, 0, 3, 1, 5 ),
DES_GENERATOR ( des_fp, 1, 0, 0, 0, 2, 0, 1, 1, 5, 1, 4, 1, 3 ),
DES_GENERATOR ( des_pc1c, 1, 1, 2, 1, 1, 1, 0, 0, 5, 0, 4, 0, 3 ),
DES_GENERATOR ( des_pc1d, 0, 1, 2, 1, 1, 1, 0, 1, 5, 1, 4, 1, 3 ),
}
des_pc1d
static uint8_t des_pc1d[33]
DES permuted choice 1 (PC1) "D" register.
Definition: des.c:232
des_pc1c
static uint8_t des_pc1c[29]
DES permuted choice 1 (PC1) "C" register.
Definition: des.c:229
DES_GENERATOR
#define DES_GENERATOR(PERMUTATION, OFFSET, INV5, BIT5, INV4, BIT4, INV3, BIT3, INV2, BIT2, INV1, BIT1, INV0, BIT0)
Define a DES permutation generator.
Definition: des.c:214
des_fp
static uint8_t des_fp[65]
DES final / inverse initial permutation (FP / IP^-1)
Definition: des.c:258
des_ip
static uint8_t des_ip[65]
DES initial permutation (IP)
Definition: des.c:248

DES permutation generators.

Definition at line 261 of file des.c.

Referenced by des_init().

◆ des_algorithm

struct cipher_algorithm des_algorithm
Initial value:
= {
.name = "des",
.ctxsize = sizeof ( struct des_context ),
.blocksize = DES_BLOCKSIZE,
.alignsize = 0,
.authsize = 0,
.setkey = des_setkey,
.setiv = cipher_null_setiv,
.encrypt = des_encrypt,
.decrypt = des_decrypt,
.auth = cipher_null_auth,
}
cipher_null_setiv
void cipher_null_setiv(void *ctx __unused, const void *iv __unused, size_t ivlen __unused)
Definition: crypto_null.c:64
des_encrypt
static void des_encrypt(void *ctx, const void *src, void *dst, size_t len)
Encrypt data.
Definition: des.c:647
des_context
DES context.
Definition: des.h:79
des_decrypt
static void des_decrypt(void *ctx, const void *src, void *dst, size_t len)
Decrypt data.
Definition: des.c:665
DES_BLOCKSIZE
#define DES_BLOCKSIZE
DES blocksize.
Definition: des.h:49
cipher_null_auth
void cipher_null_auth(void *ctx __unused, void *auth __unused)
Definition: crypto_null.c:79
des_setkey
static int des_setkey(void *ctx, const void *key, size_t keylen)
Set key.
Definition: des.c:587

Basic DES algorithm.

Definition at line 677 of file des.c.

Referenced by mschapv2_challenge_response().

Generated by   doxygen 1.8.15