Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
torvalds
GitHub Repository: torvalds/linux
 Path: blob/master/lib/crypto/des.c
26282 views
1
// SPDX-License-Identifier: GPL-2.0-or-later

2
/*

3
 * Cryptographic API.

4
 *

5
 * DES & Triple DES EDE Cipher Algorithms.

6
 *

7
 * Copyright (c) 2005 Dag Arne Osvik <[email protected]>

8
 */

9


10
#include <crypto/des.h>

11
#include <crypto/internal/des.h>

12
#include <linux/bitops.h>

13
#include <linux/compiler.h>

14
#include <linux/crypto.h>

15
#include <linux/errno.h>

16
#include <linux/export.h>

17
#include <linux/fips.h>

18
#include <linux/init.h>

19
#include <linux/module.h>

20
#include <linux/string.h>

21
#include <linux/types.h>

22
#include <linux/unaligned.h>

23


24
#define ROL(x, r) ((x) = rol32((x), (r)))

25
#define ROR(x, r) ((x) = ror32((x), (r)))

26


27
/* Lookup tables for key expansion */

28


29
static const u8 pc1[256] = {

30
	0x00, 0x00, 0x40, 0x04, 0x10, 0x10, 0x50, 0x14,

31
	0x04, 0x40, 0x44, 0x44, 0x14, 0x50, 0x54, 0x54,

32
	0x02, 0x02, 0x42, 0x06, 0x12, 0x12, 0x52, 0x16,

33
	0x06, 0x42, 0x46, 0x46, 0x16, 0x52, 0x56, 0x56,

34
	0x80, 0x08, 0xc0, 0x0c, 0x90, 0x18, 0xd0, 0x1c,

35
	0x84, 0x48, 0xc4, 0x4c, 0x94, 0x58, 0xd4, 0x5c,

36
	0x82, 0x0a, 0xc2, 0x0e, 0x92, 0x1a, 0xd2, 0x1e,

37
	0x86, 0x4a, 0xc6, 0x4e, 0x96, 0x5a, 0xd6, 0x5e,

38
	0x20, 0x20, 0x60, 0x24, 0x30, 0x30, 0x70, 0x34,

39
	0x24, 0x60, 0x64, 0x64, 0x34, 0x70, 0x74, 0x74,

40
	0x22, 0x22, 0x62, 0x26, 0x32, 0x32, 0x72, 0x36,

41
	0x26, 0x62, 0x66, 0x66, 0x36, 0x72, 0x76, 0x76,

42
	0xa0, 0x28, 0xe0, 0x2c, 0xb0, 0x38, 0xf0, 0x3c,

43
	0xa4, 0x68, 0xe4, 0x6c, 0xb4, 0x78, 0xf4, 0x7c,

44
	0xa2, 0x2a, 0xe2, 0x2e, 0xb2, 0x3a, 0xf2, 0x3e,

45
	0xa6, 0x6a, 0xe6, 0x6e, 0xb6, 0x7a, 0xf6, 0x7e,

46
	0x08, 0x80, 0x48, 0x84, 0x18, 0x90, 0x58, 0x94,

47
	0x0c, 0xc0, 0x4c, 0xc4, 0x1c, 0xd0, 0x5c, 0xd4,

48
	0x0a, 0x82, 0x4a, 0x86, 0x1a, 0x92, 0x5a, 0x96,

49
	0x0e, 0xc2, 0x4e, 0xc6, 0x1e, 0xd2, 0x5e, 0xd6,

50
	0x88, 0x88, 0xc8, 0x8c, 0x98, 0x98, 0xd8, 0x9c,

51
	0x8c, 0xc8, 0xcc, 0xcc, 0x9c, 0xd8, 0xdc, 0xdc,

52
	0x8a, 0x8a, 0xca, 0x8e, 0x9a, 0x9a, 0xda, 0x9e,

53
	0x8e, 0xca, 0xce, 0xce, 0x9e, 0xda, 0xde, 0xde,

54
	0x28, 0xa0, 0x68, 0xa4, 0x38, 0xb0, 0x78, 0xb4,

55
	0x2c, 0xe0, 0x6c, 0xe4, 0x3c, 0xf0, 0x7c, 0xf4,

56
	0x2a, 0xa2, 0x6a, 0xa6, 0x3a, 0xb2, 0x7a, 0xb6,

57
	0x2e, 0xe2, 0x6e, 0xe6, 0x3e, 0xf2, 0x7e, 0xf6,

58
	0xa8, 0xa8, 0xe8, 0xac, 0xb8, 0xb8, 0xf8, 0xbc,

59
	0xac, 0xe8, 0xec, 0xec, 0xbc, 0xf8, 0xfc, 0xfc,

60
	0xaa, 0xaa, 0xea, 0xae, 0xba, 0xba, 0xfa, 0xbe,

61
	0xae, 0xea, 0xee, 0xee, 0xbe, 0xfa, 0xfe, 0xfe

62
};

63


64
static const u8 rs[256] = {

65
	0x00, 0x00, 0x80, 0x80, 0x02, 0x02, 0x82, 0x82,

66
	0x04, 0x04, 0x84, 0x84, 0x06, 0x06, 0x86, 0x86,

67
	0x08, 0x08, 0x88, 0x88, 0x0a, 0x0a, 0x8a, 0x8a,

68
	0x0c, 0x0c, 0x8c, 0x8c, 0x0e, 0x0e, 0x8e, 0x8e,

69
	0x10, 0x10, 0x90, 0x90, 0x12, 0x12, 0x92, 0x92,

70
	0x14, 0x14, 0x94, 0x94, 0x16, 0x16, 0x96, 0x96,

71
	0x18, 0x18, 0x98, 0x98, 0x1a, 0x1a, 0x9a, 0x9a,

72
	0x1c, 0x1c, 0x9c, 0x9c, 0x1e, 0x1e, 0x9e, 0x9e,

73
	0x20, 0x20, 0xa0, 0xa0, 0x22, 0x22, 0xa2, 0xa2,

74
	0x24, 0x24, 0xa4, 0xa4, 0x26, 0x26, 0xa6, 0xa6,

75
	0x28, 0x28, 0xa8, 0xa8, 0x2a, 0x2a, 0xaa, 0xaa,

76
	0x2c, 0x2c, 0xac, 0xac, 0x2e, 0x2e, 0xae, 0xae,

77
	0x30, 0x30, 0xb0, 0xb0, 0x32, 0x32, 0xb2, 0xb2,

78
	0x34, 0x34, 0xb4, 0xb4, 0x36, 0x36, 0xb6, 0xb6,

79
	0x38, 0x38, 0xb8, 0xb8, 0x3a, 0x3a, 0xba, 0xba,

80
	0x3c, 0x3c, 0xbc, 0xbc, 0x3e, 0x3e, 0xbe, 0xbe,

81
	0x40, 0x40, 0xc0, 0xc0, 0x42, 0x42, 0xc2, 0xc2,

82
	0x44, 0x44, 0xc4, 0xc4, 0x46, 0x46, 0xc6, 0xc6,

83
	0x48, 0x48, 0xc8, 0xc8, 0x4a, 0x4a, 0xca, 0xca,

84
	0x4c, 0x4c, 0xcc, 0xcc, 0x4e, 0x4e, 0xce, 0xce,

85
	0x50, 0x50, 0xd0, 0xd0, 0x52, 0x52, 0xd2, 0xd2,

86
	0x54, 0x54, 0xd4, 0xd4, 0x56, 0x56, 0xd6, 0xd6,

87
	0x58, 0x58, 0xd8, 0xd8, 0x5a, 0x5a, 0xda, 0xda,

88
	0x5c, 0x5c, 0xdc, 0xdc, 0x5e, 0x5e, 0xde, 0xde,

89
	0x60, 0x60, 0xe0, 0xe0, 0x62, 0x62, 0xe2, 0xe2,

90
	0x64, 0x64, 0xe4, 0xe4, 0x66, 0x66, 0xe6, 0xe6,

91
	0x68, 0x68, 0xe8, 0xe8, 0x6a, 0x6a, 0xea, 0xea,

92
	0x6c, 0x6c, 0xec, 0xec, 0x6e, 0x6e, 0xee, 0xee,

93
	0x70, 0x70, 0xf0, 0xf0, 0x72, 0x72, 0xf2, 0xf2,

94
	0x74, 0x74, 0xf4, 0xf4, 0x76, 0x76, 0xf6, 0xf6,

95
	0x78, 0x78, 0xf8, 0xf8, 0x7a, 0x7a, 0xfa, 0xfa,

96
	0x7c, 0x7c, 0xfc, 0xfc, 0x7e, 0x7e, 0xfe, 0xfe

97
};

98


99
static const u32 pc2[1024] = {

100
	0x00000000, 0x00000000, 0x00000000, 0x00000000,

101
	0x00040000, 0x00000000, 0x04000000, 0x00100000,

102
	0x00400000, 0x00000008, 0x00000800, 0x40000000,

103
	0x00440000, 0x00000008, 0x04000800, 0x40100000,

104
	0x00000400, 0x00000020, 0x08000000, 0x00000100,

105
	0x00040400, 0x00000020, 0x0c000000, 0x00100100,

106
	0x00400400, 0x00000028, 0x08000800, 0x40000100,

107
	0x00440400, 0x00000028, 0x0c000800, 0x40100100,

108
	0x80000000, 0x00000010, 0x00000000, 0x00800000,

109
	0x80040000, 0x00000010, 0x04000000, 0x00900000,

110
	0x80400000, 0x00000018, 0x00000800, 0x40800000,

111
	0x80440000, 0x00000018, 0x04000800, 0x40900000,

112
	0x80000400, 0x00000030, 0x08000000, 0x00800100,

113
	0x80040400, 0x00000030, 0x0c000000, 0x00900100,

114
	0x80400400, 0x00000038, 0x08000800, 0x40800100,

115
	0x80440400, 0x00000038, 0x0c000800, 0x40900100,

116
	0x10000000, 0x00000000, 0x00200000, 0x00001000,

117
	0x10040000, 0x00000000, 0x04200000, 0x00101000,

118
	0x10400000, 0x00000008, 0x00200800, 0x40001000,

119
	0x10440000, 0x00000008, 0x04200800, 0x40101000,

120
	0x10000400, 0x00000020, 0x08200000, 0x00001100,

121
	0x10040400, 0x00000020, 0x0c200000, 0x00101100,

122
	0x10400400, 0x00000028, 0x08200800, 0x40001100,

123
	0x10440400, 0x00000028, 0x0c200800, 0x40101100,

124
	0x90000000, 0x00000010, 0x00200000, 0x00801000,

125
	0x90040000, 0x00000010, 0x04200000, 0x00901000,

126
	0x90400000, 0x00000018, 0x00200800, 0x40801000,

127
	0x90440000, 0x00000018, 0x04200800, 0x40901000,

128
	0x90000400, 0x00000030, 0x08200000, 0x00801100,

129
	0x90040400, 0x00000030, 0x0c200000, 0x00901100,

130
	0x90400400, 0x00000038, 0x08200800, 0x40801100,

131
	0x90440400, 0x00000038, 0x0c200800, 0x40901100,

132
	0x00000200, 0x00080000, 0x00000000, 0x00000004,

133
	0x00040200, 0x00080000, 0x04000000, 0x00100004,

134
	0x00400200, 0x00080008, 0x00000800, 0x40000004,

135
	0x00440200, 0x00080008, 0x04000800, 0x40100004,

136
	0x00000600, 0x00080020, 0x08000000, 0x00000104,

137
	0x00040600, 0x00080020, 0x0c000000, 0x00100104,

138
	0x00400600, 0x00080028, 0x08000800, 0x40000104,

139
	0x00440600, 0x00080028, 0x0c000800, 0x40100104,

140
	0x80000200, 0x00080010, 0x00000000, 0x00800004,

141
	0x80040200, 0x00080010, 0x04000000, 0x00900004,

142
	0x80400200, 0x00080018, 0x00000800, 0x40800004,

143
	0x80440200, 0x00080018, 0x04000800, 0x40900004,

144
	0x80000600, 0x00080030, 0x08000000, 0x00800104,

145
	0x80040600, 0x00080030, 0x0c000000, 0x00900104,

146
	0x80400600, 0x00080038, 0x08000800, 0x40800104,

147
	0x80440600, 0x00080038, 0x0c000800, 0x40900104,

148
	0x10000200, 0x00080000, 0x00200000, 0x00001004,

149
	0x10040200, 0x00080000, 0x04200000, 0x00101004,

150
	0x10400200, 0x00080008, 0x00200800, 0x40001004,

151
	0x10440200, 0x00080008, 0x04200800, 0x40101004,

152
	0x10000600, 0x00080020, 0x08200000, 0x00001104,

153
	0x10040600, 0x00080020, 0x0c200000, 0x00101104,

154
	0x10400600, 0x00080028, 0x08200800, 0x40001104,

155
	0x10440600, 0x00080028, 0x0c200800, 0x40101104,

156
	0x90000200, 0x00080010, 0x00200000, 0x00801004,

157
	0x90040200, 0x00080010, 0x04200000, 0x00901004,

158
	0x90400200, 0x00080018, 0x00200800, 0x40801004,

159
	0x90440200, 0x00080018, 0x04200800, 0x40901004,

160
	0x90000600, 0x00080030, 0x08200000, 0x00801104,

161
	0x90040600, 0x00080030, 0x0c200000, 0x00901104,

162
	0x90400600, 0x00080038, 0x08200800, 0x40801104,

163
	0x90440600, 0x00080038, 0x0c200800, 0x40901104,

164
	0x00000002, 0x00002000, 0x20000000, 0x00000001,

165
	0x00040002, 0x00002000, 0x24000000, 0x00100001,

166
	0x00400002, 0x00002008, 0x20000800, 0x40000001,

167
	0x00440002, 0x00002008, 0x24000800, 0x40100001,

168
	0x00000402, 0x00002020, 0x28000000, 0x00000101,

169
	0x00040402, 0x00002020, 0x2c000000, 0x00100101,

170
	0x00400402, 0x00002028, 0x28000800, 0x40000101,

171
	0x00440402, 0x00002028, 0x2c000800, 0x40100101,

172
	0x80000002, 0x00002010, 0x20000000, 0x00800001,

173
	0x80040002, 0x00002010, 0x24000000, 0x00900001,

174
	0x80400002, 0x00002018, 0x20000800, 0x40800001,

175
	0x80440002, 0x00002018, 0x24000800, 0x40900001,

176
	0x80000402, 0x00002030, 0x28000000, 0x00800101,

177
	0x80040402, 0x00002030, 0x2c000000, 0x00900101,

178
	0x80400402, 0x00002038, 0x28000800, 0x40800101,

179
	0x80440402, 0x00002038, 0x2c000800, 0x40900101,

180
	0x10000002, 0x00002000, 0x20200000, 0x00001001,

181
	0x10040002, 0x00002000, 0x24200000, 0x00101001,

182
	0x10400002, 0x00002008, 0x20200800, 0x40001001,

183
	0x10440002, 0x00002008, 0x24200800, 0x40101001,

184
	0x10000402, 0x00002020, 0x28200000, 0x00001101,

185
	0x10040402, 0x00002020, 0x2c200000, 0x00101101,

186
	0x10400402, 0x00002028, 0x28200800, 0x40001101,

187
	0x10440402, 0x00002028, 0x2c200800, 0x40101101,

188
	0x90000002, 0x00002010, 0x20200000, 0x00801001,

189
	0x90040002, 0x00002010, 0x24200000, 0x00901001,

190
	0x90400002, 0x00002018, 0x20200800, 0x40801001,

191
	0x90440002, 0x00002018, 0x24200800, 0x40901001,

192
	0x90000402, 0x00002030, 0x28200000, 0x00801101,

193
	0x90040402, 0x00002030, 0x2c200000, 0x00901101,

194
	0x90400402, 0x00002038, 0x28200800, 0x40801101,

195
	0x90440402, 0x00002038, 0x2c200800, 0x40901101,

196
	0x00000202, 0x00082000, 0x20000000, 0x00000005,

197
	0x00040202, 0x00082000, 0x24000000, 0x00100005,

198
	0x00400202, 0x00082008, 0x20000800, 0x40000005,

199
	0x00440202, 0x00082008, 0x24000800, 0x40100005,

200
	0x00000602, 0x00082020, 0x28000000, 0x00000105,

201
	0x00040602, 0x00082020, 0x2c000000, 0x00100105,

202
	0x00400602, 0x00082028, 0x28000800, 0x40000105,

203
	0x00440602, 0x00082028, 0x2c000800, 0x40100105,

204
	0x80000202, 0x00082010, 0x20000000, 0x00800005,

205
	0x80040202, 0x00082010, 0x24000000, 0x00900005,

206
	0x80400202, 0x00082018, 0x20000800, 0x40800005,

207
	0x80440202, 0x00082018, 0x24000800, 0x40900005,

208
	0x80000602, 0x00082030, 0x28000000, 0x00800105,

209
	0x80040602, 0x00082030, 0x2c000000, 0x00900105,

210
	0x80400602, 0x00082038, 0x28000800, 0x40800105,

211
	0x80440602, 0x00082038, 0x2c000800, 0x40900105,

212
	0x10000202, 0x00082000, 0x20200000, 0x00001005,

213
	0x10040202, 0x00082000, 0x24200000, 0x00101005,

214
	0x10400202, 0x00082008, 0x20200800, 0x40001005,

215
	0x10440202, 0x00082008, 0x24200800, 0x40101005,

216
	0x10000602, 0x00082020, 0x28200000, 0x00001105,

217
	0x10040602, 0x00082020, 0x2c200000, 0x00101105,

218
	0x10400602, 0x00082028, 0x28200800, 0x40001105,

219
	0x10440602, 0x00082028, 0x2c200800, 0x40101105,

220
	0x90000202, 0x00082010, 0x20200000, 0x00801005,

221
	0x90040202, 0x00082010, 0x24200000, 0x00901005,

222
	0x90400202, 0x00082018, 0x20200800, 0x40801005,

223
	0x90440202, 0x00082018, 0x24200800, 0x40901005,

224
	0x90000602, 0x00082030, 0x28200000, 0x00801105,

225
	0x90040602, 0x00082030, 0x2c200000, 0x00901105,

226
	0x90400602, 0x00082038, 0x28200800, 0x40801105,

227
	0x90440602, 0x00082038, 0x2c200800, 0x40901105,

228


229
	0x00000000, 0x00000000, 0x00000000, 0x00000000,

230
	0x00000000, 0x00000008, 0x00080000, 0x10000000,

231
	0x02000000, 0x00000000, 0x00000080, 0x00001000,

232
	0x02000000, 0x00000008, 0x00080080, 0x10001000,

233
	0x00004000, 0x00000000, 0x00000040, 0x00040000,

234
	0x00004000, 0x00000008, 0x00080040, 0x10040000,

235
	0x02004000, 0x00000000, 0x000000c0, 0x00041000,

236
	0x02004000, 0x00000008, 0x000800c0, 0x10041000,

237
	0x00020000, 0x00008000, 0x08000000, 0x00200000,

238
	0x00020000, 0x00008008, 0x08080000, 0x10200000,

239
	0x02020000, 0x00008000, 0x08000080, 0x00201000,

240
	0x02020000, 0x00008008, 0x08080080, 0x10201000,

241
	0x00024000, 0x00008000, 0x08000040, 0x00240000,

242
	0x00024000, 0x00008008, 0x08080040, 0x10240000,

243
	0x02024000, 0x00008000, 0x080000c0, 0x00241000,

244
	0x02024000, 0x00008008, 0x080800c0, 0x10241000,

245
	0x00000000, 0x01000000, 0x00002000, 0x00000020,

246
	0x00000000, 0x01000008, 0x00082000, 0x10000020,

247
	0x02000000, 0x01000000, 0x00002080, 0x00001020,

248
	0x02000000, 0x01000008, 0x00082080, 0x10001020,

249
	0x00004000, 0x01000000, 0x00002040, 0x00040020,

250
	0x00004000, 0x01000008, 0x00082040, 0x10040020,

251
	0x02004000, 0x01000000, 0x000020c0, 0x00041020,

252
	0x02004000, 0x01000008, 0x000820c0, 0x10041020,

253
	0x00020000, 0x01008000, 0x08002000, 0x00200020,

254
	0x00020000, 0x01008008, 0x08082000, 0x10200020,

255
	0x02020000, 0x01008000, 0x08002080, 0x00201020,

256
	0x02020000, 0x01008008, 0x08082080, 0x10201020,

257
	0x00024000, 0x01008000, 0x08002040, 0x00240020,

258
	0x00024000, 0x01008008, 0x08082040, 0x10240020,

259
	0x02024000, 0x01008000, 0x080020c0, 0x00241020,

260
	0x02024000, 0x01008008, 0x080820c0, 0x10241020,

261
	0x00000400, 0x04000000, 0x00100000, 0x00000004,

262
	0x00000400, 0x04000008, 0x00180000, 0x10000004,

263
	0x02000400, 0x04000000, 0x00100080, 0x00001004,

264
	0x02000400, 0x04000008, 0x00180080, 0x10001004,

265
	0x00004400, 0x04000000, 0x00100040, 0x00040004,

266
	0x00004400, 0x04000008, 0x00180040, 0x10040004,

267
	0x02004400, 0x04000000, 0x001000c0, 0x00041004,

268
	0x02004400, 0x04000008, 0x001800c0, 0x10041004,

269
	0x00020400, 0x04008000, 0x08100000, 0x00200004,

270
	0x00020400, 0x04008008, 0x08180000, 0x10200004,

271
	0x02020400, 0x04008000, 0x08100080, 0x00201004,

272
	0x02020400, 0x04008008, 0x08180080, 0x10201004,

273
	0x00024400, 0x04008000, 0x08100040, 0x00240004,

274
	0x00024400, 0x04008008, 0x08180040, 0x10240004,

275
	0x02024400, 0x04008000, 0x081000c0, 0x00241004,

276
	0x02024400, 0x04008008, 0x081800c0, 0x10241004,

277
	0x00000400, 0x05000000, 0x00102000, 0x00000024,

278
	0x00000400, 0x05000008, 0x00182000, 0x10000024,

279
	0x02000400, 0x05000000, 0x00102080, 0x00001024,

280
	0x02000400, 0x05000008, 0x00182080, 0x10001024,

281
	0x00004400, 0x05000000, 0x00102040, 0x00040024,

282
	0x00004400, 0x05000008, 0x00182040, 0x10040024,

283
	0x02004400, 0x05000000, 0x001020c0, 0x00041024,

284
	0x02004400, 0x05000008, 0x001820c0, 0x10041024,

285
	0x00020400, 0x05008000, 0x08102000, 0x00200024,

286
	0x00020400, 0x05008008, 0x08182000, 0x10200024,

287
	0x02020400, 0x05008000, 0x08102080, 0x00201024,

288
	0x02020400, 0x05008008, 0x08182080, 0x10201024,

289
	0x00024400, 0x05008000, 0x08102040, 0x00240024,

290
	0x00024400, 0x05008008, 0x08182040, 0x10240024,

291
	0x02024400, 0x05008000, 0x081020c0, 0x00241024,

292
	0x02024400, 0x05008008, 0x081820c0, 0x10241024,

293
	0x00000800, 0x00010000, 0x20000000, 0x00000010,

294
	0x00000800, 0x00010008, 0x20080000, 0x10000010,

295
	0x02000800, 0x00010000, 0x20000080, 0x00001010,

296
	0x02000800, 0x00010008, 0x20080080, 0x10001010,

297
	0x00004800, 0x00010000, 0x20000040, 0x00040010,

298
	0x00004800, 0x00010008, 0x20080040, 0x10040010,

299
	0x02004800, 0x00010000, 0x200000c0, 0x00041010,

300
	0x02004800, 0x00010008, 0x200800c0, 0x10041010,

301
	0x00020800, 0x00018000, 0x28000000, 0x00200010,

302
	0x00020800, 0x00018008, 0x28080000, 0x10200010,

303
	0x02020800, 0x00018000, 0x28000080, 0x00201010,

304
	0x02020800, 0x00018008, 0x28080080, 0x10201010,

305
	0x00024800, 0x00018000, 0x28000040, 0x00240010,

306
	0x00024800, 0x00018008, 0x28080040, 0x10240010,

307
	0x02024800, 0x00018000, 0x280000c0, 0x00241010,

308
	0x02024800, 0x00018008, 0x280800c0, 0x10241010,

309
	0x00000800, 0x01010000, 0x20002000, 0x00000030,

310
	0x00000800, 0x01010008, 0x20082000, 0x10000030,

311
	0x02000800, 0x01010000, 0x20002080, 0x00001030,

312
	0x02000800, 0x01010008, 0x20082080, 0x10001030,

313
	0x00004800, 0x01010000, 0x20002040, 0x00040030,

314
	0x00004800, 0x01010008, 0x20082040, 0x10040030,

315
	0x02004800, 0x01010000, 0x200020c0, 0x00041030,

316
	0x02004800, 0x01010008, 0x200820c0, 0x10041030,

317
	0x00020800, 0x01018000, 0x28002000, 0x00200030,

318
	0x00020800, 0x01018008, 0x28082000, 0x10200030,

319
	0x02020800, 0x01018000, 0x28002080, 0x00201030,

320
	0x02020800, 0x01018008, 0x28082080, 0x10201030,

321
	0x00024800, 0x01018000, 0x28002040, 0x00240030,

322
	0x00024800, 0x01018008, 0x28082040, 0x10240030,

323
	0x02024800, 0x01018000, 0x280020c0, 0x00241030,

324
	0x02024800, 0x01018008, 0x280820c0, 0x10241030,

325
	0x00000c00, 0x04010000, 0x20100000, 0x00000014,

326
	0x00000c00, 0x04010008, 0x20180000, 0x10000014,

327
	0x02000c00, 0x04010000, 0x20100080, 0x00001014,

328
	0x02000c00, 0x04010008, 0x20180080, 0x10001014,

329
	0x00004c00, 0x04010000, 0x20100040, 0x00040014,

330
	0x00004c00, 0x04010008, 0x20180040, 0x10040014,

331
	0x02004c00, 0x04010000, 0x201000c0, 0x00041014,

332
	0x02004c00, 0x04010008, 0x201800c0, 0x10041014,

333
	0x00020c00, 0x04018000, 0x28100000, 0x00200014,

334
	0x00020c00, 0x04018008, 0x28180000, 0x10200014,

335
	0x02020c00, 0x04018000, 0x28100080, 0x00201014,

336
	0x02020c00, 0x04018008, 0x28180080, 0x10201014,

337
	0x00024c00, 0x04018000, 0x28100040, 0x00240014,

338
	0x00024c00, 0x04018008, 0x28180040, 0x10240014,

339
	0x02024c00, 0x04018000, 0x281000c0, 0x00241014,

340
	0x02024c00, 0x04018008, 0x281800c0, 0x10241014,

341
	0x00000c00, 0x05010000, 0x20102000, 0x00000034,

342
	0x00000c00, 0x05010008, 0x20182000, 0x10000034,

343
	0x02000c00, 0x05010000, 0x20102080, 0x00001034,

344
	0x02000c00, 0x05010008, 0x20182080, 0x10001034,

345
	0x00004c00, 0x05010000, 0x20102040, 0x00040034,

346
	0x00004c00, 0x05010008, 0x20182040, 0x10040034,

347
	0x02004c00, 0x05010000, 0x201020c0, 0x00041034,

348
	0x02004c00, 0x05010008, 0x201820c0, 0x10041034,

349
	0x00020c00, 0x05018000, 0x28102000, 0x00200034,

350
	0x00020c00, 0x05018008, 0x28182000, 0x10200034,

351
	0x02020c00, 0x05018000, 0x28102080, 0x00201034,

352
	0x02020c00, 0x05018008, 0x28182080, 0x10201034,

353
	0x00024c00, 0x05018000, 0x28102040, 0x00240034,

354
	0x00024c00, 0x05018008, 0x28182040, 0x10240034,

355
	0x02024c00, 0x05018000, 0x281020c0, 0x00241034,

356
	0x02024c00, 0x05018008, 0x281820c0, 0x10241034

357
};

358


359
/* S-box lookup tables */

360


361
static const u32 S1[64] = {

362
	0x01010400, 0x00000000, 0x00010000, 0x01010404,

363
	0x01010004, 0x00010404, 0x00000004, 0x00010000,

364
	0x00000400, 0x01010400, 0x01010404, 0x00000400,

365
	0x01000404, 0x01010004, 0x01000000, 0x00000004,

366
	0x00000404, 0x01000400, 0x01000400, 0x00010400,

367
	0x00010400, 0x01010000, 0x01010000, 0x01000404,

368
	0x00010004, 0x01000004, 0x01000004, 0x00010004,

369
	0x00000000, 0x00000404, 0x00010404, 0x01000000,

370
	0x00010000, 0x01010404, 0x00000004, 0x01010000,

371
	0x01010400, 0x01000000, 0x01000000, 0x00000400,

372
	0x01010004, 0x00010000, 0x00010400, 0x01000004,

373
	0x00000400, 0x00000004, 0x01000404, 0x00010404,

374
	0x01010404, 0x00010004, 0x01010000, 0x01000404,

375
	0x01000004, 0x00000404, 0x00010404, 0x01010400,

376
	0x00000404, 0x01000400, 0x01000400, 0x00000000,

377
	0x00010004, 0x00010400, 0x00000000, 0x01010004

378
};

379


380
static const u32 S2[64] = {

381
	0x80108020, 0x80008000, 0x00008000, 0x00108020,

382
	0x00100000, 0x00000020, 0x80100020, 0x80008020,

383
	0x80000020, 0x80108020, 0x80108000, 0x80000000,

384
	0x80008000, 0x00100000, 0x00000020, 0x80100020,

385
	0x00108000, 0x00100020, 0x80008020, 0x00000000,

386
	0x80000000, 0x00008000, 0x00108020, 0x80100000,

387
	0x00100020, 0x80000020, 0x00000000, 0x00108000,

388
	0x00008020, 0x80108000, 0x80100000, 0x00008020,

389
	0x00000000, 0x00108020, 0x80100020, 0x00100000,

390
	0x80008020, 0x80100000, 0x80108000, 0x00008000,

391
	0x80100000, 0x80008000, 0x00000020, 0x80108020,

392
	0x00108020, 0x00000020, 0x00008000, 0x80000000,

393
	0x00008020, 0x80108000, 0x00100000, 0x80000020,

394
	0x00100020, 0x80008020, 0x80000020, 0x00100020,

395
	0x00108000, 0x00000000, 0x80008000, 0x00008020,

396
	0x80000000, 0x80100020, 0x80108020, 0x00108000

397
};

398


399
static const u32 S3[64] = {

400
	0x00000208, 0x08020200, 0x00000000, 0x08020008,

401
	0x08000200, 0x00000000, 0x00020208, 0x08000200,

402
	0x00020008, 0x08000008, 0x08000008, 0x00020000,

403
	0x08020208, 0x00020008, 0x08020000, 0x00000208,

404
	0x08000000, 0x00000008, 0x08020200, 0x00000200,

405
	0x00020200, 0x08020000, 0x08020008, 0x00020208,

406
	0x08000208, 0x00020200, 0x00020000, 0x08000208,

407
	0x00000008, 0x08020208, 0x00000200, 0x08000000,

408
	0x08020200, 0x08000000, 0x00020008, 0x00000208,

409
	0x00020000, 0x08020200, 0x08000200, 0x00000000,

410
	0x00000200, 0x00020008, 0x08020208, 0x08000200,

411
	0x08000008, 0x00000200, 0x00000000, 0x08020008,

412
	0x08000208, 0x00020000, 0x08000000, 0x08020208,

413
	0x00000008, 0x00020208, 0x00020200, 0x08000008,

414
	0x08020000, 0x08000208, 0x00000208, 0x08020000,

415
	0x00020208, 0x00000008, 0x08020008, 0x00020200

416
};

417


418
static const u32 S4[64] = {

419
	0x00802001, 0x00002081, 0x00002081, 0x00000080,

420
	0x00802080, 0x00800081, 0x00800001, 0x00002001,

421
	0x00000000, 0x00802000, 0x00802000, 0x00802081,

422
	0x00000081, 0x00000000, 0x00800080, 0x00800001,

423
	0x00000001, 0x00002000, 0x00800000, 0x00802001,

424
	0x00000080, 0x00800000, 0x00002001, 0x00002080,

425
	0x00800081, 0x00000001, 0x00002080, 0x00800080,

426
	0x00002000, 0x00802080, 0x00802081, 0x00000081,

427
	0x00800080, 0x00800001, 0x00802000, 0x00802081,

428
	0x00000081, 0x00000000, 0x00000000, 0x00802000,

429
	0x00002080, 0x00800080, 0x00800081, 0x00000001,

430
	0x00802001, 0x00002081, 0x00002081, 0x00000080,

431
	0x00802081, 0x00000081, 0x00000001, 0x00002000,

432
	0x00800001, 0x00002001, 0x00802080, 0x00800081,

433
	0x00002001, 0x00002080, 0x00800000, 0x00802001,

434
	0x00000080, 0x00800000, 0x00002000, 0x00802080

435
};

436


437
static const u32 S5[64] = {

438
	0x00000100, 0x02080100, 0x02080000, 0x42000100,

439
	0x00080000, 0x00000100, 0x40000000, 0x02080000,

440
	0x40080100, 0x00080000, 0x02000100, 0x40080100,

441
	0x42000100, 0x42080000, 0x00080100, 0x40000000,

442
	0x02000000, 0x40080000, 0x40080000, 0x00000000,

443
	0x40000100, 0x42080100, 0x42080100, 0x02000100,

444
	0x42080000, 0x40000100, 0x00000000, 0x42000000,

445
	0x02080100, 0x02000000, 0x42000000, 0x00080100,

446
	0x00080000, 0x42000100, 0x00000100, 0x02000000,

447
	0x40000000, 0x02080000, 0x42000100, 0x40080100,

448
	0x02000100, 0x40000000, 0x42080000, 0x02080100,

449
	0x40080100, 0x00000100, 0x02000000, 0x42080000,

450
	0x42080100, 0x00080100, 0x42000000, 0x42080100,

451
	0x02080000, 0x00000000, 0x40080000, 0x42000000,

452
	0x00080100, 0x02000100, 0x40000100, 0x00080000,

453
	0x00000000, 0x40080000, 0x02080100, 0x40000100

454
};

455


456
static const u32 S6[64] = {

457
	0x20000010, 0x20400000, 0x00004000, 0x20404010,

458
	0x20400000, 0x00000010, 0x20404010, 0x00400000,

459
	0x20004000, 0x00404010, 0x00400000, 0x20000010,

460
	0x00400010, 0x20004000, 0x20000000, 0x00004010,

461
	0x00000000, 0x00400010, 0x20004010, 0x00004000,

462
	0x00404000, 0x20004010, 0x00000010, 0x20400010,

463
	0x20400010, 0x00000000, 0x00404010, 0x20404000,

464
	0x00004010, 0x00404000, 0x20404000, 0x20000000,

465
	0x20004000, 0x00000010, 0x20400010, 0x00404000,

466
	0x20404010, 0x00400000, 0x00004010, 0x20000010,

467
	0x00400000, 0x20004000, 0x20000000, 0x00004010,

468
	0x20000010, 0x20404010, 0x00404000, 0x20400000,

469
	0x00404010, 0x20404000, 0x00000000, 0x20400010,

470
	0x00000010, 0x00004000, 0x20400000, 0x00404010,

471
	0x00004000, 0x00400010, 0x20004010, 0x00000000,

472
	0x20404000, 0x20000000, 0x00400010, 0x20004010

473
};

474


475
static const u32 S7[64] = {

476
	0x00200000, 0x04200002, 0x04000802, 0x00000000,

477
	0x00000800, 0x04000802, 0x00200802, 0x04200800,

478
	0x04200802, 0x00200000, 0x00000000, 0x04000002,

479
	0x00000002, 0x04000000, 0x04200002, 0x00000802,

480
	0x04000800, 0x00200802, 0x00200002, 0x04000800,

481
	0x04000002, 0x04200000, 0x04200800, 0x00200002,

482
	0x04200000, 0x00000800, 0x00000802, 0x04200802,

483
	0x00200800, 0x00000002, 0x04000000, 0x00200800,

484
	0x04000000, 0x00200800, 0x00200000, 0x04000802,

485
	0x04000802, 0x04200002, 0x04200002, 0x00000002,

486
	0x00200002, 0x04000000, 0x04000800, 0x00200000,

487
	0x04200800, 0x00000802, 0x00200802, 0x04200800,

488
	0x00000802, 0x04000002, 0x04200802, 0x04200000,

489
	0x00200800, 0x00000000, 0x00000002, 0x04200802,

490
	0x00000000, 0x00200802, 0x04200000, 0x00000800,

491
	0x04000002, 0x04000800, 0x00000800, 0x00200002

492
};

493


494
static const u32 S8[64] = {

495
	0x10001040, 0x00001000, 0x00040000, 0x10041040,

496
	0x10000000, 0x10001040, 0x00000040, 0x10000000,

497
	0x00040040, 0x10040000, 0x10041040, 0x00041000,

498
	0x10041000, 0x00041040, 0x00001000, 0x00000040,

499
	0x10040000, 0x10000040, 0x10001000, 0x00001040,

500
	0x00041000, 0x00040040, 0x10040040, 0x10041000,

501
	0x00001040, 0x00000000, 0x00000000, 0x10040040,

502
	0x10000040, 0x10001000, 0x00041040, 0x00040000,

503
	0x00041040, 0x00040000, 0x10041000, 0x00001000,

504
	0x00000040, 0x10040040, 0x00001000, 0x00041040,

505
	0x10001000, 0x00000040, 0x10000040, 0x10040000,

506
	0x10040040, 0x10000000, 0x00040000, 0x10001040,

507
	0x00000000, 0x10041040, 0x00040040, 0x10000040,

508
	0x10040000, 0x10001000, 0x10001040, 0x00000000,

509
	0x10041040, 0x00041000, 0x00041000, 0x00001040,

510
	0x00001040, 0x00040040, 0x10000000, 0x10041000

511
};

512


513
/* Encryption components: IP, FP, and round function */

514


515
#define IP(L, R, T)		\

516
	ROL(R, 4);		\

517
	T  = L;			\

518
	L ^= R;			\

519
	L &= 0xf0f0f0f0;	\

520
	R ^= L;			\

521
	L ^= T;			\

522
	ROL(R, 12);		\

523
	T  = L;			\

524
	L ^= R;			\

525
	L &= 0xffff0000;	\

526
	R ^= L;			\

527
	L ^= T;			\

528
	ROR(R, 14);		\

529
	T  = L;			\

530
	L ^= R;			\

531
	L &= 0xcccccccc;	\

532
	R ^= L;			\

533
	L ^= T;			\

534
	ROL(R, 6);		\

535
	T  = L;			\

536
	L ^= R;			\

537
	L &= 0xff00ff00;	\

538
	R ^= L;			\

539
	L ^= T;			\

540
	ROR(R, 7);		\

541
	T  = L;			\

542
	L ^= R;			\

543
	L &= 0xaaaaaaaa;	\

544
	R ^= L;			\

545
	L ^= T;			\

546
	ROL(L, 1);

547


548
#define FP(L, R, T)		\

549
	ROR(L, 1);		\

550
	T  = L;			\

551
	L ^= R;			\

552
	L &= 0xaaaaaaaa;	\

553
	R ^= L;			\

554
	L ^= T;			\

555
	ROL(R, 7);		\

556
	T  = L;			\

557
	L ^= R;			\

558
	L &= 0xff00ff00;	\

559
	R ^= L;			\

560
	L ^= T;			\

561
	ROR(R, 6);		\

562
	T  = L;			\

563
	L ^= R;			\

564
	L &= 0xcccccccc;	\

565
	R ^= L;			\

566
	L ^= T;			\

567
	ROL(R, 14);		\

568
	T  = L;			\

569
	L ^= R;			\

570
	L &= 0xffff0000;	\

571
	R ^= L;			\

572
	L ^= T;			\

573
	ROR(R, 12);		\

574
	T  = L;			\

575
	L ^= R;			\

576
	L &= 0xf0f0f0f0;	\

577
	R ^= L;			\

578
	L ^= T;			\

579
	ROR(R, 4);

580


581
#define ROUND(L, R, A, B, K, d)					\

582
	B = K[0];			A = K[1];	K += d;	\

583
	B ^= R;				A ^= R;			\

584
	B &= 0x3f3f3f3f;		ROR(A, 4);		\

585
	L ^= S8[0xff & B];		A &= 0x3f3f3f3f;	\

586
	L ^= S6[0xff & (B >> 8)];	B >>= 16;		\

587
	L ^= S7[0xff & A];					\

588
	L ^= S5[0xff & (A >> 8)];	A >>= 16;		\

589
	L ^= S4[0xff & B];					\

590
	L ^= S2[0xff & (B >> 8)];				\

591
	L ^= S3[0xff & A];					\

592
	L ^= S1[0xff & (A >> 8)];

593


594
/*

595
 * PC2 lookup tables are organized as 2 consecutive sets of 4 interleaved

596
 * tables of 128 elements.  One set is for C_i and the other for D_i, while

597
 * the 4 interleaved tables correspond to four 7-bit subsets of C_i or D_i.

598
 *

599
 * After PC1 each of the variables a,b,c,d contains a 7 bit subset of C_i

600
 * or D_i in bits 7-1 (bit 0 being the least significant).

601
 */

602


603
#define T1(x) pt[2 * (x) + 0]

604
#define T2(x) pt[2 * (x) + 1]

605
#define T3(x) pt[2 * (x) + 2]

606
#define T4(x) pt[2 * (x) + 3]

607


608
#define DES_PC2(a, b, c, d) (T4(d) | T3(c) | T2(b) | T1(a))

609


610
/*

611
 * Encryption key expansion

612
 *

613
 * RFC2451: Weak key checks SHOULD be performed.

614
 *

615
 * FIPS 74:

616
 *

617
 *   Keys having duals are keys which produce all zeros, all ones, or

618
 *   alternating zero-one patterns in the C and D registers after Permuted

619
 *   Choice 1 has operated on the key.

620
 *

621
 */

622
static unsigned long des_ekey(u32 *pe, const u8 *k)

623
{

624
	/* K&R: long is at least 32 bits */

625
	unsigned long a, b, c, d, w;

626
	const u32 *pt = pc2;

627


628
	d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d];

629
	c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c];

630
	b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b];

631
	a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a];

632


633
	pe[15 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d];

634
	pe[14 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

635
	pe[13 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

636
	pe[12 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

637
	pe[11 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

638
	pe[10 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

639
	pe[ 9 * 2 + 0] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

640
	pe[ 8 * 2 + 0] = DES_PC2(d, a, b, c); c = rs[c];

641
	pe[ 7 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

642
	pe[ 6 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

643
	pe[ 5 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

644
	pe[ 4 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

645
	pe[ 3 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

646
	pe[ 2 * 2 + 0] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

647
	pe[ 1 * 2 + 0] = DES_PC2(c, d, a, b); b = rs[b];

648
	pe[ 0 * 2 + 0] = DES_PC2(b, c, d, a);

649


650
	/* Check if first half is weak */

651
	w  = (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]);

652


653
	/* Skip to next table set */

654
	pt += 512;

655


656
	d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1];

657
	c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1];

658
	b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1];

659
	a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1];

660


661
	/* Check if second half is weak */

662
	w |= (a ^ c) | (b ^ d) | (rs[a] ^ c) | (b ^ rs[d]);

663


664
	pe[15 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d];

665
	pe[14 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

666
	pe[13 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

667
	pe[12 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

668
	pe[11 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

669
	pe[10 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

670
	pe[ 9 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

671
	pe[ 8 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c];

672
	pe[ 7 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

673
	pe[ 6 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

674
	pe[ 5 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

675
	pe[ 4 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

676
	pe[ 3 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

677
	pe[ 2 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

678
	pe[ 1 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b];

679
	pe[ 0 * 2 + 1] = DES_PC2(b, c, d, a);

680


681
	/* Fixup: 2413 5768 -> 1357 2468 */

682
	for (d = 0; d < 16; ++d) {

683
		a = pe[2 * d];

684
		b = pe[2 * d + 1];

685
		c = a ^ b;

686
		c &= 0xffff0000;

687
		a ^= c;

688
		b ^= c;

689
		ROL(b, 18);

690
		pe[2 * d] = a;

691
		pe[2 * d + 1] = b;

692
	}

693


694
	/* Zero if weak key */

695
	return w;

696
}

697


698
int des_expand_key(struct des_ctx *ctx, const u8 *key, unsigned int keylen)

699
{

700
	if (keylen != DES_KEY_SIZE)

701
		return -EINVAL;

702


703
	return des_ekey(ctx->expkey, key) ? 0 : -ENOKEY;

704
}

705
EXPORT_SYMBOL_GPL(des_expand_key);

706


707
/*

708
 * Decryption key expansion

709
 *

710
 * No weak key checking is performed, as this is only used by triple DES

711
 *

712
 */

713
static void dkey(u32 *pe, const u8 *k)

714
{

715
	/* K&R: long is at least 32 bits */

716
	unsigned long a, b, c, d;

717
	const u32 *pt = pc2;

718


719
	d = k[4]; d &= 0x0e; d <<= 4; d |= k[0] & 0x1e; d = pc1[d];

720
	c = k[5]; c &= 0x0e; c <<= 4; c |= k[1] & 0x1e; c = pc1[c];

721
	b = k[6]; b &= 0x0e; b <<= 4; b |= k[2] & 0x1e; b = pc1[b];

722
	a = k[7]; a &= 0x0e; a <<= 4; a |= k[3] & 0x1e; a = pc1[a];

723


724
	pe[ 0 * 2] = DES_PC2(a, b, c, d); d = rs[d];

725
	pe[ 1 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

726
	pe[ 2 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

727
	pe[ 3 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

728
	pe[ 4 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

729
	pe[ 5 * 2] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

730
	pe[ 6 * 2] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

731
	pe[ 7 * 2] = DES_PC2(d, a, b, c); c = rs[c];

732
	pe[ 8 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

733
	pe[ 9 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

734
	pe[10 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

735
	pe[11 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

736
	pe[12 * 2] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

737
	pe[13 * 2] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

738
	pe[14 * 2] = DES_PC2(c, d, a, b); b = rs[b];

739
	pe[15 * 2] = DES_PC2(b, c, d, a);

740


741
	/* Skip to next table set */

742
	pt += 512;

743


744
	d = k[0]; d &= 0xe0; d >>= 4; d |= k[4] & 0xf0; d = pc1[d + 1];

745
	c = k[1]; c &= 0xe0; c >>= 4; c |= k[5] & 0xf0; c = pc1[c + 1];

746
	b = k[2]; b &= 0xe0; b >>= 4; b |= k[6] & 0xf0; b = pc1[b + 1];

747
	a = k[3]; a &= 0xe0; a >>= 4; a |= k[7] & 0xf0; a = pc1[a + 1];

748


749
	pe[ 0 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d];

750
	pe[ 1 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

751
	pe[ 2 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

752
	pe[ 3 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

753
	pe[ 4 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

754
	pe[ 5 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c]; b = rs[b];

755
	pe[ 6 * 2 + 1] = DES_PC2(b, c, d, a); a = rs[a]; d = rs[d];

756
	pe[ 7 * 2 + 1] = DES_PC2(d, a, b, c); c = rs[c];

757
	pe[ 8 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

758
	pe[ 9 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

759
	pe[10 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

760
	pe[11 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

761
	pe[12 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b]; a = rs[a];

762
	pe[13 * 2 + 1] = DES_PC2(a, b, c, d); d = rs[d]; c = rs[c];

763
	pe[14 * 2 + 1] = DES_PC2(c, d, a, b); b = rs[b];

764
	pe[15 * 2 + 1] = DES_PC2(b, c, d, a);

765


766
	/* Fixup: 2413 5768 -> 1357 2468 */

767
	for (d = 0; d < 16; ++d) {

768
		a = pe[2 * d];

769
		b = pe[2 * d + 1];

770
		c = a ^ b;

771
		c &= 0xffff0000;

772
		a ^= c;

773
		b ^= c;

774
		ROL(b, 18);

775
		pe[2 * d] = a;

776
		pe[2 * d + 1] = b;

777
	}

778
}

779


780
void des_encrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src)

781
{

782
	const u32 *K = ctx->expkey;

783
	u32 L, R, A, B;

784
	int i;

785


786
	L = get_unaligned_le32(src);

787
	R = get_unaligned_le32(src + 4);

788


789
	IP(L, R, A);

790
	for (i = 0; i < 8; i++) {

791
		ROUND(L, R, A, B, K, 2);

792
		ROUND(R, L, A, B, K, 2);

793
	}

794
	FP(R, L, A);

795


796
	put_unaligned_le32(R, dst);

797
	put_unaligned_le32(L, dst + 4);

798
}

799
EXPORT_SYMBOL_GPL(des_encrypt);

800


801
void des_decrypt(const struct des_ctx *ctx, u8 *dst, const u8 *src)

802
{

803
	const u32 *K = ctx->expkey + DES_EXPKEY_WORDS - 2;

804
	u32 L, R, A, B;

805
	int i;

806


807
	L = get_unaligned_le32(src);

808
	R = get_unaligned_le32(src + 4);

809


810
	IP(L, R, A);

811
	for (i = 0; i < 8; i++) {

812
		ROUND(L, R, A, B, K, -2);

813
		ROUND(R, L, A, B, K, -2);

814
	}

815
	FP(R, L, A);

816


817
	put_unaligned_le32(R, dst);

818
	put_unaligned_le32(L, dst + 4);

819
}

820
EXPORT_SYMBOL_GPL(des_decrypt);

821


822
int des3_ede_expand_key(struct des3_ede_ctx *ctx, const u8 *key,

823
			unsigned int keylen)

824
{

825
	u32 *pe = ctx->expkey;

826
	int err;

827


828
	if (keylen != DES3_EDE_KEY_SIZE)

829
		return -EINVAL;

830


831
	err = des3_ede_verify_key(key, keylen, true);

832
	if (err && err != -ENOKEY)

833
		return err;

834


835
	des_ekey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE;

836
	dkey(pe, key); pe += DES_EXPKEY_WORDS; key += DES_KEY_SIZE;

837
	des_ekey(pe, key);

838


839
	return err;

840
}

841
EXPORT_SYMBOL_GPL(des3_ede_expand_key);

842


843
void des3_ede_encrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src)

844
{

845
	const u32 *K = dctx->expkey;

846
	u32 L, R, A, B;

847
	int i;

848


849
	L = get_unaligned_le32(src);

850
	R = get_unaligned_le32(src + 4);

851


852
	IP(L, R, A);

853
	for (i = 0; i < 8; i++) {

854
		ROUND(L, R, A, B, K, 2);

855
		ROUND(R, L, A, B, K, 2);

856
	}

857
	for (i = 0; i < 8; i++) {

858
		ROUND(R, L, A, B, K, 2);

859
		ROUND(L, R, A, B, K, 2);

860
	}

861
	for (i = 0; i < 8; i++) {

862
		ROUND(L, R, A, B, K, 2);

863
		ROUND(R, L, A, B, K, 2);

864
	}

865
	FP(R, L, A);

866


867
	put_unaligned_le32(R, dst);

868
	put_unaligned_le32(L, dst + 4);

869
}

870
EXPORT_SYMBOL_GPL(des3_ede_encrypt);

871


872
void des3_ede_decrypt(const struct des3_ede_ctx *dctx, u8 *dst, const u8 *src)

873
{

874
	const u32 *K = dctx->expkey + DES3_EDE_EXPKEY_WORDS - 2;

875
	u32 L, R, A, B;

876
	int i;

877


878
	L = get_unaligned_le32(src);

879
	R = get_unaligned_le32(src + 4);

880


881
	IP(L, R, A);

882
	for (i = 0; i < 8; i++) {

883
		ROUND(L, R, A, B, K, -2);

884
		ROUND(R, L, A, B, K, -2);

885
	}

886
	for (i = 0; i < 8; i++) {

887
		ROUND(R, L, A, B, K, -2);

888
		ROUND(L, R, A, B, K, -2);

889
	}

890
	for (i = 0; i < 8; i++) {

891
		ROUND(L, R, A, B, K, -2);

892
		ROUND(R, L, A, B, K, -2);

893
	}

894
	FP(R, L, A);

895


896
	put_unaligned_le32(R, dst);

897
	put_unaligned_le32(L, dst + 4);

898
}

899
EXPORT_SYMBOL_GPL(des3_ede_decrypt);

900


901
MODULE_DESCRIPTION("DES & Triple DES EDE Cipher Algorithms");

902
MODULE_LICENSE("GPL");

903


904