search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Use IFUNC on x86-64 memset
[glibc.git] / crypt / crypt_util.c
blob7999a3067294f9cc7c2509a607bb70bdbd25e8b7
1 /*
2 * UFC-crypt: ultra fast crypt(3) implementation
3 *
4 * Copyright (C) 1991-1993,1996-1998,2000,2010 Free Software Foundation, Inc.
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; see the file COPYING.LIB. If not,
18 * write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
19 * Boston, MA 02111-1307, USA.
20 *
21 * @(#)crypt_util.c 2.56 12/20/96
22 *
23 * Support routines
24 *
25 */
26
27 #ifdef DEBUG
28 #include <stdio.h>
29 #endif
30 #include <atomic.h>
31 #include <string.h>
32
33 #ifndef STATIC
34 #define STATIC static
35 #endif
36
37 #ifndef DOS
38 #include "ufc-crypt.h"
39 #else
40 /*
41 * Thanks to greg%wind@plains.NoDak.edu (Greg W. Wettstein)
42 * for DOS patches
43 */
44 #include "pl.h"
45 #include "ufc.h"
46 #endif
47 #include "crypt.h"
48 #include "crypt-private.h"
49
50 /* Prototypes for local functions. */
51 #if __STDC__ - 0
52 #ifndef __GNU_LIBRARY__
53 void _ufc_clearmem (char *start, int cnt);
54 void _ufc_copymem (char *from, char *to, int cnt);
55 #endif
56 #ifdef _UFC_32_
57 STATIC void shuffle_sb (long32 *k, ufc_long saltbits);
58 #else
59 STATIC void shuffle_sb (long64 *k, ufc_long saltbits);
60 #endif
61 #endif
62
63
64 /*
65 * Permutation done once on the 56 bit
66 * key derived from the original 8 byte ASCII key.
67 */
68 static const int pc1[56] = {
69 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18,
70 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36,
71 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22,
72 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4
73 };
74
75 /*
76 * How much to rotate each 28 bit half of the pc1 permutated
77 * 56 bit key before using pc2 to give the i' key
78 */
79 static const int rots[16] = {
80 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
81 };
82
83 /*
84 * Permutation giving the key
85 * of the i' DES round
86 */
87 static const int pc2[48] = {
88 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10,
89 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2,
90 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48,
91 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32
92 };
93
94 /*
95 * The E expansion table which selects
96 * bits from the 32 bit intermediate result.
97 */
98 static const int esel[48] = {
99 32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9,
100 8, 9, 10, 11, 12, 13, 12, 13, 14, 15, 16, 17,
101 16, 17, 18, 19, 20, 21, 20, 21, 22, 23, 24, 25,
102 24, 25, 26, 27, 28, 29, 28, 29, 30, 31, 32, 1
103 };
104
105 /*
106 * Permutation done on the
107 * result of sbox lookups
108 */
109 static const int perm32[32] = {
110 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
111 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
112 };
113
114 /*
115 * The sboxes
116 */
117 static const int sbox[8][4][16]= {
118 { { 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7 },
119 { 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8 },
120 { 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0 },
121 { 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13 }
122 },
123
124 { { 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10 },
125 { 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5 },
126 { 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15 },
127 { 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9 }
128 },
129
130 { { 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8 },
131 { 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1 },
132 { 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7 },
133 { 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12 }
134 },
135
136 { { 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15 },
137 { 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9 },
138 { 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4 },
139 { 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14 }
140 },
141
142 { { 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9 },
143 { 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6 },
144 { 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14 },
145 { 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3 }
146 },
147
148 { { 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11 },
149 { 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8 },
150 { 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6 },
151 { 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13 }
152 },
153
154 { { 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1 },
155 { 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6 },
156 { 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2 },
157 { 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12 }
158 },
159
160 { { 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7 },
161 { 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2 },
162 { 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8 },
163 { 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 }
164 }
165 };
166
167 /*
168 * This is the initial
169 * permutation matrix
170 */
171 static const int initial_perm[64] = {
172 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4,
173 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8,
174 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3,
175 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7
176 };
177
178 /*
179 * This is the final
180 * permutation matrix
181 */
182 static const int final_perm[64] = {
183 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31,
184 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29,
185 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27,
186 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25
187 };
188
189 #define ascii_to_bin(c) ((c)>='a'?(c-59):(c)>='A'?((c)-53):(c)-'.')
190 #define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.')
191
192 static const ufc_long BITMASK[24] = {
193 0x40000000, 0x20000000, 0x10000000, 0x08000000, 0x04000000, 0x02000000,
194 0x01000000, 0x00800000, 0x00400000, 0x00200000, 0x00100000, 0x00080000,
195 0x00004000, 0x00002000, 0x00001000, 0x00000800, 0x00000400, 0x00000200,
196 0x00000100, 0x00000080, 0x00000040, 0x00000020, 0x00000010, 0x00000008
197 };
198
199 static const unsigned char bytemask[8] = {
200 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01
201 };
202
203 static const ufc_long longmask[32] = {
204 0x80000000, 0x40000000, 0x20000000, 0x10000000,
205 0x08000000, 0x04000000, 0x02000000, 0x01000000,
206 0x00800000, 0x00400000, 0x00200000, 0x00100000,
207 0x00080000, 0x00040000, 0x00020000, 0x00010000,
208 0x00008000, 0x00004000, 0x00002000, 0x00001000,
209 0x00000800, 0x00000400, 0x00000200, 0x00000100,
210 0x00000080, 0x00000040, 0x00000020, 0x00000010,
211 0x00000008, 0x00000004, 0x00000002, 0x00000001
212 };
213
214 /*
215 * do_pc1: permform pc1 permutation in the key schedule generation.
216 *
217 * The first index is the byte number in the 8 byte ASCII key
218 * - second - - the two 28 bits halfs of the result
219 * - third - selects the 7 bits actually used of each byte
220 *
221 * The result is kept with 28 bit per 32 bit with the 4 most significant
222 * bits zero.
223 */
224 static ufc_long do_pc1[8][2][128];
225
226 /*
227 * do_pc2: permform pc2 permutation in the key schedule generation.
228 *
229 * The first index is the septet number in the two 28 bit intermediate values
230 * - second - - - septet values
231 *
232 * Knowledge of the structure of the pc2 permutation is used.
233 *
234 * The result is kept with 28 bit per 32 bit with the 4 most significant
235 * bits zero.
236 */
237 static ufc_long do_pc2[8][128];
238
239 /*
240 * eperm32tab: do 32 bit permutation and E selection
241 *
242 * The first index is the byte number in the 32 bit value to be permuted
243 * - second - is the value of this byte
244 * - third - selects the two 32 bit values
245 *
246 * The table is used and generated internally in init_des to speed it up
247 */
248 static ufc_long eperm32tab[4][256][2];
249
250 /*
251 * efp: undo an extra e selection and do final
252 * permutation giving the DES result.
253 *
254 * Invoked 6 bit a time on two 48 bit values
255 * giving two 32 bit longs.
256 */
257 static ufc_long efp[16][64][2];
258
259 /*
260 * For use by the old, non-reentrant routines
261 * (crypt/encrypt/setkey)
262 */
263 struct crypt_data _ufc_foobar;
264
265 #ifdef __GNU_LIBRARY__
266 #include <bits/libc-lock.h>
267
268 __libc_lock_define_initialized (static, _ufc_tables_lock)
269 #endif
270
271 #ifdef DEBUG
272
273 void
274 _ufc_prbits(a, n)
275 ufc_long *a;
276 int n;
277 {
278 ufc_long i, j, t, tmp;
279 n /= 8;
280 for(i = 0; i < n; i++) {
281 tmp=0;
282 for(j = 0; j < 8; j++) {
283 t=8*i+j;
284 tmp|=(a[t/24] & BITMASK[t % 24])?bytemask[j]:0;
285 }
286 (void)printf("%02x ",tmp);
287 }
288 printf(" ");
289 }
290
291 static void
292 _ufc_set_bits(v, b)
293 ufc_long v;
294 ufc_long *b;
295 {
296 ufc_long i;
297 *b = 0;
298 for(i = 0; i < 24; i++) {
299 if(v & longmask[8 + i])
300 *b |= BITMASK[i];
301 }
302 }
303
304 #endif
305
306 #ifndef __GNU_LIBRARY__
307 /*
308 * Silly rewrites of 'bzero'/'memset'. I do so
309 * because some machines don't have
310 * bzero and some don't have memset.
311 */
312
313 void
314 _ufc_clearmem(start, cnt)
315 char *start;
316 int cnt;
317 {
318 while(cnt--)
319 *start++ = '\0';
320 }
321
322 void
323 _ufc_copymem(from, to, cnt)
324 char *from, *to;
325 int cnt;
326 {
327 while(cnt--)
328 *to++ = *from++;
329 }
330 #else
331 #define _ufc_clearmem(start, cnt) memset(start, 0, cnt)
332 #define _ufc_copymem(from, to, cnt) memcpy(to, from, cnt)
333 #endif
334
335 /* lookup a 6 bit value in sbox */
336
337 #define s_lookup(i,s) sbox[(i)][(((s)>>4) & 0x2)|((s) & 0x1)][((s)>>1) & 0xf];
338
339 /*
340 * Initialize unit - may be invoked directly
341 * by fcrypt users.
342 */
343
344 void
345 __init_des_r(__data)
346 struct crypt_data * __restrict __data;
347 {
348 int comes_from_bit;
349 int bit, sg;
350 ufc_long j;
351 ufc_long mask1, mask2;
352 int e_inverse[64];
353 static volatile int small_tables_initialized = 0;
354
355 #ifdef _UFC_32_
356 long32 *sb[4];
357 sb[0] = (long32*)__data->sb0; sb[1] = (long32*)__data->sb1;
358 sb[2] = (long32*)__data->sb2; sb[3] = (long32*)__data->sb3;
359 #endif
360 #ifdef _UFC_64_
361 long64 *sb[4];
362 sb[0] = (long64*)__data->sb0; sb[1] = (long64*)__data->sb1;
363 sb[2] = (long64*)__data->sb2; sb[3] = (long64*)__data->sb3;
364 #endif
365
366 if(small_tables_initialized == 0) {
367 #ifdef __GNU_LIBRARY__
368 __libc_lock_lock (_ufc_tables_lock);
369 if(small_tables_initialized)
370 goto small_tables_done;
371 #endif
372
373 /*
374 * Create the do_pc1 table used
375 * to affect pc1 permutation
376 * when generating keys
377 */
378 _ufc_clearmem((char*)do_pc1, (int)sizeof(do_pc1));
379 for(bit = 0; bit < 56; bit++) {
380 comes_from_bit = pc1[bit] - 1;
381 mask1 = bytemask[comes_from_bit % 8 + 1];
382 mask2 = longmask[bit % 28 + 4];
383 for(j = 0; j < 128; j++) {
384 if(j & mask1)
385 do_pc1[comes_from_bit / 8][bit / 28][j] |= mask2;
386 }
387 }
388
389 /*
390 * Create the do_pc2 table used
391 * to affect pc2 permutation when
392 * generating keys
393 */
394 _ufc_clearmem((char*)do_pc2, (int)sizeof(do_pc2));
395 for(bit = 0; bit < 48; bit++) {
396 comes_from_bit = pc2[bit] - 1;
397 mask1 = bytemask[comes_from_bit % 7 + 1];
398 mask2 = BITMASK[bit % 24];
399 for(j = 0; j < 128; j++) {
400 if(j & mask1)
401 do_pc2[comes_from_bit / 7][j] |= mask2;
402 }
403 }
404
405 /*
406 * Now generate the table used to do combined
407 * 32 bit permutation and e expansion
408 *
409 * We use it because we have to permute 16384 32 bit
410 * longs into 48 bit in order to initialize sb.
411 *
412 * Looping 48 rounds per permutation becomes
413 * just too slow...
414 *
415 */
416
417 _ufc_clearmem((char*)eperm32tab, (int)sizeof(eperm32tab));
418 for(bit = 0; bit < 48; bit++) {
419 ufc_long mask1,comes_from;
420 comes_from = perm32[esel[bit]-1]-1;
421 mask1 = bytemask[comes_from % 8];
422 for(j = 256; j--;) {
423 if(j & mask1)
424 eperm32tab[comes_from / 8][j][bit / 24] |= BITMASK[bit % 24];
425 }
426 }
427
428 /*
429 * Create an inverse matrix for esel telling
430 * where to plug out bits if undoing it
431 */
432 for(bit=48; bit--;) {
433 e_inverse[esel[bit] - 1 ] = bit;
434 e_inverse[esel[bit] - 1 + 32] = bit + 48;
435 }
436
437 /*
438 * create efp: the matrix used to
439 * undo the E expansion and effect final permutation
440 */
441 _ufc_clearmem((char*)efp, (int)sizeof efp);
442 for(bit = 0; bit < 64; bit++) {
443 int o_bit, o_long;
444 ufc_long word_value, mask1, mask2;
445 int comes_from_f_bit, comes_from_e_bit;
446 int comes_from_word, bit_within_word;
447
448 /* See where bit i belongs in the two 32 bit long's */
449 o_long = bit / 32; /* 0..1 */
450 o_bit = bit % 32; /* 0..31 */
451
452 /*
453 * And find a bit in the e permutated value setting this bit.
454 *
455 * Note: the e selection may have selected the same bit several
456 * times. By the initialization of e_inverse, we only look
457 * for one specific instance.
458 */
459 comes_from_f_bit = final_perm[bit] - 1; /* 0..63 */
460 comes_from_e_bit = e_inverse[comes_from_f_bit]; /* 0..95 */
461 comes_from_word = comes_from_e_bit / 6; /* 0..15 */
462 bit_within_word = comes_from_e_bit % 6; /* 0..5 */
463
464 mask1 = longmask[bit_within_word + 26];
465 mask2 = longmask[o_bit];
466
467 for(word_value = 64; word_value--;) {
468 if(word_value & mask1)
469 efp[comes_from_word][word_value][o_long] |= mask2;
470 }
471 }
472 atomic_write_barrier ();
473 small_tables_initialized = 1;
474 #ifdef __GNU_LIBRARY__
475 small_tables_done:
476 __libc_lock_unlock(_ufc_tables_lock);
477 #endif
478 }
479
480 /*
481 * Create the sb tables:
482 *
483 * For each 12 bit segment of an 48 bit intermediate
484 * result, the sb table precomputes the two 4 bit
485 * values of the sbox lookups done with the two 6
486 * bit halves, shifts them to their proper place,
487 * sends them through perm32 and finally E expands
488 * them so that they are ready for the next
489 * DES round.
490 *
491 */
492
493 _ufc_clearmem((char*)__data->sb0, (int)sizeof(__data->sb0));
494 _ufc_clearmem((char*)__data->sb1, (int)sizeof(__data->sb1));
495 _ufc_clearmem((char*)__data->sb2, (int)sizeof(__data->sb2));
496 _ufc_clearmem((char*)__data->sb3, (int)sizeof(__data->sb3));
497
498 for(sg = 0; sg < 4; sg++) {
499 int j1, j2;
500 int s1, s2;
501
502 for(j1 = 0; j1 < 64; j1++) {
503 s1 = s_lookup(2 * sg, j1);
504 for(j2 = 0; j2 < 64; j2++) {
505 ufc_long to_permute, inx;
506
507 s2 = s_lookup(2 * sg + 1, j2);
508 to_permute = (((ufc_long)s1 << 4) |
509 (ufc_long)s2) << (24 - 8 * (ufc_long)sg);
510
511 #ifdef _UFC_32_
512 inx = ((j1 << 6) | j2) << 1;
513 sb[sg][inx ] = eperm32tab[0][(to_permute >> 24) & 0xff][0];
514 sb[sg][inx+1] = eperm32tab[0][(to_permute >> 24) & 0xff][1];
515 sb[sg][inx ] |= eperm32tab[1][(to_permute >> 16) & 0xff][0];
516 sb[sg][inx+1] |= eperm32tab[1][(to_permute >> 16) & 0xff][1];
517 sb[sg][inx ] |= eperm32tab[2][(to_permute >> 8) & 0xff][0];
518 sb[sg][inx+1] |= eperm32tab[2][(to_permute >> 8) & 0xff][1];
519 sb[sg][inx ] |= eperm32tab[3][(to_permute) & 0xff][0];
520 sb[sg][inx+1] |= eperm32tab[3][(to_permute) & 0xff][1];
521 #endif
522 #ifdef _UFC_64_
523 inx = ((j1 << 6) | j2);
524 sb[sg][inx] =
525 ((long64)eperm32tab[0][(to_permute >> 24) & 0xff][0] << 32) |
526 (long64)eperm32tab[0][(to_permute >> 24) & 0xff][1];
527 sb[sg][inx] |=
528 ((long64)eperm32tab[1][(to_permute >> 16) & 0xff][0] << 32) |
529 (long64)eperm32tab[1][(to_permute >> 16) & 0xff][1];
530 sb[sg][inx] |=
531 ((long64)eperm32tab[2][(to_permute >> 8) & 0xff][0] << 32) |
532 (long64)eperm32tab[2][(to_permute >> 8) & 0xff][1];
533 sb[sg][inx] |=
534 ((long64)eperm32tab[3][(to_permute) & 0xff][0] << 32) |
535 (long64)eperm32tab[3][(to_permute) & 0xff][1];
536 #endif
537 }
538 }
539 }
540
541 __data->current_saltbits = 0;
542 __data->current_salt[0] = 0;
543 __data->current_salt[1] = 0;
544 __data->initialized++;
545 }
546
547 void
548 __init_des()
549 {
550 __init_des_r(&_ufc_foobar);
551 }
552
553 /*
554 * Process the elements of the sb table permuting the
555 * bits swapped in the expansion by the current salt.
556 */
557
558 #ifdef _UFC_32_
559 STATIC void
560 shuffle_sb(k, saltbits)
561 long32 *k;
562 ufc_long saltbits;
563 {
564 ufc_long j;
565 long32 x;
566 for(j=4096; j--;) {
567 x = (k[0] ^ k[1]) & (long32)saltbits;
568 *k++ ^= x;
569 *k++ ^= x;
570 }
571 }
572 #endif
573
574 #ifdef _UFC_64_
575 STATIC void
576 shuffle_sb(k, saltbits)
577 long64 *k;
578 ufc_long saltbits;
579 {
580 ufc_long j;
581 long64 x;
582 for(j=4096; j--;) {
583 x = ((*k >> 32) ^ *k) & (long64)saltbits;
584 *k++ ^= (x << 32) | x;
585 }
586 }
587 #endif
588
589 /*
590 * Setup the unit for a new salt
591 * Hopefully we'll not see a new salt in each crypt call.
592 */
593
594 void
595 _ufc_setup_salt_r(s, __data)
596 __const char *s;
597 struct crypt_data * __restrict __data;
598 {
599 ufc_long i, j, saltbits;
600
601 if(__data->initialized == 0)
602 __init_des_r(__data);
603
604 if(s[0] == __data->current_salt[0] && s[1] == __data->current_salt[1])
605 return;
606 __data->current_salt[0] = s[0]; __data->current_salt[1] = s[1];
607
608 /*
609 * This is the only crypt change to DES:
610 * entries are swapped in the expansion table
611 * according to the bits set in the salt.
612 */
613 saltbits = 0;
614 for(i = 0; i < 2; i++) {
615 long c=ascii_to_bin(s[i]);
616 for(j = 0; j < 6; j++) {
617 if((c >> j) & 0x1)
618 saltbits |= BITMASK[6 * i + j];
619 }
620 }
621
622 /*
623 * Permute the sb table values
624 * to reflect the changed e
625 * selection table
626 */
627 #ifdef _UFC_32_
628 #define LONGG long32*
629 #endif
630 #ifdef _UFC_64_
631 #define LONGG long64*
632 #endif
633
634 shuffle_sb((LONGG)__data->sb0, __data->current_saltbits ^ saltbits);
635 shuffle_sb((LONGG)__data->sb1, __data->current_saltbits ^ saltbits);
636 shuffle_sb((LONGG)__data->sb2, __data->current_saltbits ^ saltbits);
637 shuffle_sb((LONGG)__data->sb3, __data->current_saltbits ^ saltbits);
638
639 __data->current_saltbits = saltbits;
640 }
641
642 void
643 _ufc_mk_keytab_r(key, __data)
644 const char *key;
645 struct crypt_data * __restrict __data;
646 {
647 ufc_long v1, v2, *k1;
648 int i;
649 #ifdef _UFC_32_
650 long32 v, *k2;
651 k2 = (long32*)__data->keysched;
652 #endif
653 #ifdef _UFC_64_
654 long64 v, *k2;
655 k2 = (long64*)__data->keysched;
656 #endif
657
658 v1 = v2 = 0; k1 = &do_pc1[0][0][0];
659 for(i = 8; i--;) {
660 v1 |= k1[*key & 0x7f]; k1 += 128;
661 v2 |= k1[*key++ & 0x7f]; k1 += 128;
662 }
663
664 for(i = 0; i < 16; i++) {
665 k1 = &do_pc2[0][0];
666
667 v1 = (v1 << rots[i]) | (v1 >> (28 - rots[i]));
668 v = k1[(v1 >> 21) & 0x7f]; k1 += 128;
669 v |= k1[(v1 >> 14) & 0x7f]; k1 += 128;
670 v |= k1[(v1 >> 7) & 0x7f]; k1 += 128;
671 v |= k1[(v1 ) & 0x7f]; k1 += 128;
672
673 #ifdef _UFC_32_
674 *k2++ = (v | 0x00008000);
675 v = 0;
676 #endif
677 #ifdef _UFC_64_
678 v = (v << 32);
679 #endif
680
681 v2 = (v2 << rots[i]) | (v2 >> (28 - rots[i]));
682 v |= k1[(v2 >> 21) & 0x7f]; k1 += 128;
683 v |= k1[(v2 >> 14) & 0x7f]; k1 += 128;
684 v |= k1[(v2 >> 7) & 0x7f]; k1 += 128;
685 v |= k1[(v2 ) & 0x7f];
686
687 #ifdef _UFC_32_
688 *k2++ = (v | 0x00008000);
689 #endif
690 #ifdef _UFC_64_
691 *k2++ = v | 0x0000800000008000l;
692 #endif
693 }
694
695 __data->direction = 0;
696 }
697
698 /*
699 * Undo an extra E selection and do final permutations
700 */
701
702 void
703 _ufc_dofinalperm_r(res, __data)
704 ufc_long *res;
705 struct crypt_data * __restrict __data;
706 {
707 ufc_long v1, v2, x;
708 ufc_long l1,l2,r1,r2;
709
710 l1 = res[0]; l2 = res[1];
711 r1 = res[2]; r2 = res[3];
712
713 x = (l1 ^ l2) & __data->current_saltbits; l1 ^= x; l2 ^= x;
714 x = (r1 ^ r2) & __data->current_saltbits; r1 ^= x; r2 ^= x;
715
716 v1=v2=0; l1 >>= 3; l2 >>= 3; r1 >>= 3; r2 >>= 3;
717
718 v1 |= efp[15][ r2 & 0x3f][0]; v2 |= efp[15][ r2 & 0x3f][1];
719 v1 |= efp[14][(r2 >>= 6) & 0x3f][0]; v2 |= efp[14][ r2 & 0x3f][1];
720 v1 |= efp[13][(r2 >>= 10) & 0x3f][0]; v2 |= efp[13][ r2 & 0x3f][1];
721 v1 |= efp[12][(r2 >>= 6) & 0x3f][0]; v2 |= efp[12][ r2 & 0x3f][1];
722
723 v1 |= efp[11][ r1 & 0x3f][0]; v2 |= efp[11][ r1 & 0x3f][1];
724 v1 |= efp[10][(r1 >>= 6) & 0x3f][0]; v2 |= efp[10][ r1 & 0x3f][1];
725 v1 |= efp[ 9][(r1 >>= 10) & 0x3f][0]; v2 |= efp[ 9][ r1 & 0x3f][1];
726 v1 |= efp[ 8][(r1 >>= 6) & 0x3f][0]; v2 |= efp[ 8][ r1 & 0x3f][1];
727
728 v1 |= efp[ 7][ l2 & 0x3f][0]; v2 |= efp[ 7][ l2 & 0x3f][1];
729 v1 |= efp[ 6][(l2 >>= 6) & 0x3f][0]; v2 |= efp[ 6][ l2 & 0x3f][1];
730 v1 |= efp[ 5][(l2 >>= 10) & 0x3f][0]; v2 |= efp[ 5][ l2 & 0x3f][1];
731 v1 |= efp[ 4][(l2 >>= 6) & 0x3f][0]; v2 |= efp[ 4][ l2 & 0x3f][1];
732
733 v1 |= efp[ 3][ l1 & 0x3f][0]; v2 |= efp[ 3][ l1 & 0x3f][1];
734 v1 |= efp[ 2][(l1 >>= 6) & 0x3f][0]; v2 |= efp[ 2][ l1 & 0x3f][1];
735 v1 |= efp[ 1][(l1 >>= 10) & 0x3f][0]; v2 |= efp[ 1][ l1 & 0x3f][1];
736 v1 |= efp[ 0][(l1 >>= 6) & 0x3f][0]; v2 |= efp[ 0][ l1 & 0x3f][1];
737
738 res[0] = v1; res[1] = v2;
739 }
740
741 /*
742 * crypt only: convert from 64 bit to 11 bit ASCII
743 * prefixing with the salt
744 */
745
746 void
747 _ufc_output_conversion_r(v1, v2, salt, __data)
748 ufc_long v1, v2;
749 __const char *salt;
750 struct crypt_data * __restrict __data;
751 {
752 int i, s, shf;
753
754 __data->crypt_3_buf[0] = salt[0];
755 __data->crypt_3_buf[1] = salt[1] ? salt[1] : salt[0];
756
757 for(i = 0; i < 5; i++) {
758 shf = (26 - 6 * i); /* to cope with MSC compiler bug */
759 __data->crypt_3_buf[i + 2] = bin_to_ascii((v1 >> shf) & 0x3f);
760 }
761
762 s = (v2 & 0xf) << 2;
763 v2 = (v2 >> 2) | ((v1 & 0x3) << 30);
764
765 for(i = 5; i < 10; i++) {
766 shf = (56 - 6 * i);
767 __data->crypt_3_buf[i + 2] = bin_to_ascii((v2 >> shf) & 0x3f);
768 }
769
770 __data->crypt_3_buf[12] = bin_to_ascii(s);
771 __data->crypt_3_buf[13] = 0;
772 }
773
774
775 /*
776 * UNIX encrypt function. Takes a bitvector
777 * represented by one byte per bit and
778 * encrypt/decrypt according to edflag
779 */
780
781 void
782 __encrypt_r(__block, __edflag, __data)
783 char *__block;
784 int __edflag;
785 struct crypt_data * __restrict __data;
786 {
787 ufc_long l1, l2, r1, r2, res[4];
788 int i;
789 #ifdef _UFC_32_
790 long32 *kt;
791 kt = (long32*)__data->keysched;
792 #endif
793 #ifdef _UFC_64_
794 long64 *kt;
795 kt = (long64*)__data->keysched;
796 #endif
797
798 /*
799 * Undo any salt changes to E expansion
800 */
801 _ufc_setup_salt_r("..", __data);
802
803 /*
804 * Reverse key table if
805 * changing operation (encrypt/decrypt)
806 */
807 if((__edflag == 0) != (__data->direction == 0)) {
808 for(i = 0; i < 8; i++) {
809 #ifdef _UFC_32_
810 long32 x;
811 x = kt[2 * (15-i)];
812 kt[2 * (15-i)] = kt[2 * i];
813 kt[2 * i] = x;
814
815 x = kt[2 * (15-i) + 1];
816 kt[2 * (15-i) + 1] = kt[2 * i + 1];
817 kt[2 * i + 1] = x;
818 #endif
819 #ifdef _UFC_64_
820 long64 x;
821 x = kt[15-i];
822 kt[15-i] = kt[i];
823 kt[i] = x;
824 #endif
825 }
826 __data->direction = __edflag;
827 }
828
829 /*
830 * Do initial permutation + E expansion
831 */
832 i = 0;
833 for(l1 = 0; i < 24; i++) {
834 if(__block[initial_perm[esel[i]-1]-1])
835 l1 |= BITMASK[i];
836 }
837 for(l2 = 0; i < 48; i++) {
838 if(__block[initial_perm[esel[i]-1]-1])
839 l2 |= BITMASK[i-24];
840 }
841
842 i = 0;
843 for(r1 = 0; i < 24; i++) {
844 if(__block[initial_perm[esel[i]-1+32]-1])
845 r1 |= BITMASK[i];
846 }
847 for(r2 = 0; i < 48; i++) {
848 if(__block[initial_perm[esel[i]-1+32]-1])
849 r2 |= BITMASK[i-24];
850 }
851
852 /*
853 * Do DES inner loops + final conversion
854 */
855 res[0] = l1; res[1] = l2;
856 res[2] = r1; res[3] = r2;
857 _ufc_doit_r((ufc_long)1, __data, &res[0]);
858
859 /*
860 * Do final permutations
861 */
862 _ufc_dofinalperm_r(res, __data);
863
864 /*
865 * And convert to bit array
866 */
867 l1 = res[0]; r1 = res[1];
868 for(i = 0; i < 32; i++) {
869 *__block++ = (l1 & longmask[i]) != 0;
870 }
871 for(i = 0; i < 32; i++) {
872 *__block++ = (r1 & longmask[i]) != 0;
873 }
874 }
875 weak_alias (__encrypt_r, encrypt_r)
876
877 void
878 encrypt(__block, __edflag)
879 char *__block;
880 int __edflag;
881 {
882 __encrypt_r(__block, __edflag, &_ufc_foobar);
883 }
884
885
886 /*
887 * UNIX setkey function. Take a 64 bit DES
888 * key and setup the machinery.
889 */
890
891 void
892 __setkey_r(__key, __data)
893 __const char *__key;
894 struct crypt_data * __restrict __data;
895 {
896 int i,j;
897 unsigned char c;
898 unsigned char ktab[8];
899
900 _ufc_setup_salt_r("..", __data); /* be sure we're initialized */
901
902 for(i = 0; i < 8; i++) {
903 for(j = 0, c = 0; j < 8; j++)
904 c = c << 1 | *__key++;
905 ktab[i] = c >> 1;
906 }
907 _ufc_mk_keytab_r((char *) ktab, __data);
908 }
909 weak_alias (__setkey_r, setkey_r)
910
911 void
912 setkey(__key)
913 __const char *__key;
914 {
915 __setkey_r(__key, &_ufc_foobar);
916 }
sources.redhat.com git mirror of glibc CVS