source: UsbWattMeter/trunk/wolfssl-3.7.0/wolfcrypt/src/des3.c@ 164

Last change on this file since 164 was 164, checked in by coas-nagasima, 7 years ago

TOPPERS/ECNLサンプルアプリ「USB充電器電力計」を追加

  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
  • Property svn:mime-type set to text/x-csrc
File size: 47.5 KB
Line 
1/* des3.c
2 *
3 * Copyright (C) 2006-2015 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL. (formerly known as CyaSSL)
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
20 */
21
22#ifdef HAVE_CONFIG_H
23 #include <config.h>
24#endif
25
26#include <wolfssl/wolfcrypt/settings.h>
27
28#ifndef NO_DES3
29
30#include <wolfssl/wolfcrypt/des3.h>
31
32#ifdef HAVE_FIPS
33#ifdef HAVE_CAVIUM
34 static int wc_Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv);
35 static int wc_Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in,
36 word32 length);
37 static int wc_Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in,
38 word32 length);
39#endif
40
41int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
42{
43 return Des_SetKey(des, key, iv, dir);
44}
45
46
47int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
48{
49 return Des3_SetKey_fips(des, key, iv, dir);
50}
51
52
53int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
54{
55 return Des_CbcEncrypt(des, out, in, sz);
56}
57
58
59int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
60{
61 return Des_CbcDecrypt(des, out, in, sz);
62}
63
64
65int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
66{
67 return Des3_CbcEncrypt_fips(des, out, in, sz);
68}
69
70
71int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
72{
73 return Des3_CbcDecrypt_fips(des, out, in, sz);
74}
75
76
77#ifdef WOLFSSL_DES_ECB
78
79/* One block, compatibility only */
80int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
81{
82 return Des_EcbEncrypt(des, out, in, sz);
83}
84
85#endif /* WOLFSSL_DES_ECB */
86
87
88void wc_Des_SetIV(Des* des, const byte* iv)
89{
90 Des_SetIV(des, iv);
91}
92
93
94int wc_Des3_SetIV(Des3* des, const byte* iv)
95{
96 return Des3_SetIV_fips(des, iv);
97}
98
99
100#ifdef HAVE_CAVIUM
101
102/* Initiliaze Des3 for use with Nitrox device */
103int wc_Des3_InitCavium(Des3* des3, int devId)
104{
105 return Des3_InitCavium(des3, devId);
106}
107
108
109/* Free Des3 from use with Nitrox device */
110void wc_Des3_FreeCavium(Des3* des3)
111{
112 Des3_FreeCavium(des3);
113}
114
115
116#endif /* HAVE_CAVIUM */
117#else /* build without fips */
118
119#if defined(WOLFSSL_TI_CRYPT)
120 #include <wolfcrypt/src/port/ti/ti-des3.c>
121#else
122
123#include <wolfssl/wolfcrypt/error-crypt.h>
124#include <wolfssl/wolfcrypt/logging.h>
125
126#ifdef NO_INLINE
127 #include <wolfssl/wolfcrypt/misc.h>
128#else
129 #include <wolfcrypt/src/misc.c>
130#endif
131
132
133#ifdef HAVE_CAVIUM
134 static int wc_Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv);
135 static int wc_Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in,
136 word32 length);
137 static int wc_Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in,
138 word32 length);
139#endif
140
141
142
143
144#ifdef STM32F2_CRYPTO
145 /*
146 * STM32F2 hardware DES/3DES support through the STM32F2 standard
147 * peripheral library. Documentation located in STM32F2xx Standard
148 * Peripheral Library document (See note in README).
149 */
150 #include "stm32f2xx.h"
151 #include "stm32f2xx_cryp.h"
152
153 int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
154 {
155 word32 *dkey = des->key;
156
157 XMEMCPY(dkey, key, 8);
158 ByteReverseWords(dkey, dkey, 8);
159
160 wc_Des_SetIV(des, iv);
161
162 return 0;
163 }
164
165 int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
166 {
167 word32 *dkey1 = des->key[0];
168 word32 *dkey2 = des->key[1];
169 word32 *dkey3 = des->key[2];
170
171 XMEMCPY(dkey1, key, 8); /* set key 1 */
172 XMEMCPY(dkey2, key + 8, 8); /* set key 2 */
173 XMEMCPY(dkey3, key + 16, 8); /* set key 3 */
174
175 ByteReverseWords(dkey1, dkey1, 8);
176 ByteReverseWords(dkey2, dkey2, 8);
177 ByteReverseWords(dkey3, dkey3, 8);
178
179 return wc_Des3_SetIV(des, iv);
180 }
181
182 void DesCrypt(Des* des, byte* out, const byte* in, word32 sz,
183 int dir, int mode)
184 {
185 word32 *dkey, *iv;
186 CRYP_InitTypeDef DES_CRYP_InitStructure;
187 CRYP_KeyInitTypeDef DES_CRYP_KeyInitStructure;
188 CRYP_IVInitTypeDef DES_CRYP_IVInitStructure;
189
190 dkey = des->key;
191 iv = des->reg;
192
193 /* crypto structure initialization */
194 CRYP_KeyStructInit(&DES_CRYP_KeyInitStructure);
195 CRYP_StructInit(&DES_CRYP_InitStructure);
196 CRYP_IVStructInit(&DES_CRYP_IVInitStructure);
197
198 /* reset registers to their default values */
199 CRYP_DeInit();
200
201 /* set direction, mode, and datatype */
202 if (dir == DES_ENCRYPTION) {
203 DES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt;
204 } else { /* DES_DECRYPTION */
205 DES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt;
206 }
207
208 if (mode == DES_CBC) {
209 DES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_DES_CBC;
210 } else { /* DES_ECB */
211 DES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_DES_ECB;
212 }
213
214 DES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
215 CRYP_Init(&DES_CRYP_InitStructure);
216
217 /* load key into correct registers */
218 DES_CRYP_KeyInitStructure.CRYP_Key1Left = dkey[0];
219 DES_CRYP_KeyInitStructure.CRYP_Key1Right = dkey[1];
220 CRYP_KeyInit(&DES_CRYP_KeyInitStructure);
221
222 /* set iv */
223 ByteReverseWords(iv, iv, DES_BLOCK_SIZE);
224 DES_CRYP_IVInitStructure.CRYP_IV0Left = iv[0];
225 DES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1];
226 CRYP_IVInit(&DES_CRYP_IVInitStructure);
227
228 /* enable crypto processor */
229 CRYP_Cmd(ENABLE);
230
231 while (sz > 0)
232 {
233 /* flush IN/OUT FIFOs */
234 CRYP_FIFOFlush();
235
236 /* if input and output same will overwrite input iv */
237 XMEMCPY(des->tmp, in + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
238
239 CRYP_DataIn(*(uint32_t*)&in[0]);
240 CRYP_DataIn(*(uint32_t*)&in[4]);
241
242 /* wait until the complete message has been processed */
243 while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
244
245 *(uint32_t*)&out[0] = CRYP_DataOut();
246 *(uint32_t*)&out[4] = CRYP_DataOut();
247
248 /* store iv for next call */
249 XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE);
250
251 sz -= DES_BLOCK_SIZE;
252 in += DES_BLOCK_SIZE;
253 out += DES_BLOCK_SIZE;
254 }
255
256 /* disable crypto processor */
257 CRYP_Cmd(DISABLE);
258 }
259
260 int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
261 {
262 DesCrypt(des, out, in, sz, DES_ENCRYPTION, DES_CBC);
263 return 0;
264 }
265
266 int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
267 {
268 DesCrypt(des, out, in, sz, DES_DECRYPTION, DES_CBC);
269 return 0;
270 }
271
272 int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
273 {
274 DesCrypt(des, out, in, sz, DES_ENCRYPTION, DES_ECB);
275 return 0;
276 }
277
278 void Des3Crypt(Des3* des, byte* out, const byte* in, word32 sz,
279 int dir)
280 {
281 word32 *dkey1, *dkey2, *dkey3, *iv;
282 CRYP_InitTypeDef DES3_CRYP_InitStructure;
283 CRYP_KeyInitTypeDef DES3_CRYP_KeyInitStructure;
284 CRYP_IVInitTypeDef DES3_CRYP_IVInitStructure;
285
286 dkey1 = des->key[0];
287 dkey2 = des->key[1];
288 dkey3 = des->key[2];
289 iv = des->reg;
290
291 /* crypto structure initialization */
292 CRYP_KeyStructInit(&DES3_CRYP_KeyInitStructure);
293 CRYP_StructInit(&DES3_CRYP_InitStructure);
294 CRYP_IVStructInit(&DES3_CRYP_IVInitStructure);
295
296 /* reset registers to their default values */
297 CRYP_DeInit();
298
299 /* set direction, mode, and datatype */
300 if (dir == DES_ENCRYPTION) {
301 DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt;
302 } else {
303 DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt;
304 }
305
306 DES3_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_TDES_CBC;
307 DES3_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
308 CRYP_Init(&DES3_CRYP_InitStructure);
309
310 /* load key into correct registers */
311 DES3_CRYP_KeyInitStructure.CRYP_Key1Left = dkey1[0];
312 DES3_CRYP_KeyInitStructure.CRYP_Key1Right = dkey1[1];
313 DES3_CRYP_KeyInitStructure.CRYP_Key2Left = dkey2[0];
314 DES3_CRYP_KeyInitStructure.CRYP_Key2Right = dkey2[1];
315 DES3_CRYP_KeyInitStructure.CRYP_Key3Left = dkey3[0];
316 DES3_CRYP_KeyInitStructure.CRYP_Key3Right = dkey3[1];
317 CRYP_KeyInit(&DES3_CRYP_KeyInitStructure);
318
319 /* set iv */
320 ByteReverseWords(iv, iv, DES_BLOCK_SIZE);
321 DES3_CRYP_IVInitStructure.CRYP_IV0Left = iv[0];
322 DES3_CRYP_IVInitStructure.CRYP_IV0Right = iv[1];
323 CRYP_IVInit(&DES3_CRYP_IVInitStructure);
324
325 /* enable crypto processor */
326 CRYP_Cmd(ENABLE);
327
328 while (sz > 0)
329 {
330 /* flush IN/OUT FIFOs */
331 CRYP_FIFOFlush();
332
333 CRYP_DataIn(*(uint32_t*)&in[0]);
334 CRYP_DataIn(*(uint32_t*)&in[4]);
335
336 /* wait until the complete message has been processed */
337 while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
338
339 *(uint32_t*)&out[0] = CRYP_DataOut();
340 *(uint32_t*)&out[4] = CRYP_DataOut();
341
342 /* store iv for next call */
343 XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
344
345 sz -= DES_BLOCK_SIZE;
346 in += DES_BLOCK_SIZE;
347 out += DES_BLOCK_SIZE;
348 }
349
350 /* disable crypto processor */
351 CRYP_Cmd(DISABLE);
352
353 }
354
355 int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
356 {
357 Des3Crypt(des, out, in, sz, DES_ENCRYPTION);
358 return 0;
359 }
360
361 int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
362 {
363 Des3Crypt(des, out, in, sz, DES_DECRYPTION);
364 return 0;
365 }
366
367#elif defined(HAVE_COLDFIRE_SEC)
368
369#include <wolfssl/ctaocrypt/types.h>
370
371#include "sec.h"
372#include "mcf5475_sec.h"
373#include "mcf5475_siu.h"
374
375#if defined (HAVE_THREADX)
376#include "memory_pools.h"
377extern TX_BYTE_POOL mp_ncached; /* Non Cached memory pool */
378#endif
379
380#define DES_BUFFER_SIZE (DES_BLOCK_SIZE * 64)
381static unsigned char *desBuffIn = NULL ;
382static unsigned char *desBuffOut = NULL ;
383static byte *secIV ;
384static byte *secKey ;
385static volatile SECdescriptorType *secDesc ;
386
387static wolfSSL_Mutex Mutex_DesSEC ;
388
389#define SEC_DESC_DES_CBC_ENCRYPT 0x20500010
390#define SEC_DESC_DES_CBC_DECRYPT 0x20400010
391#define SEC_DESC_DES3_CBC_ENCRYPT 0x20700010
392#define SEC_DESC_DES3_CBC_DECRYPT 0x20600010
393
394#define DES_IVLEN 8
395#define DES_KEYLEN 8
396#define DES3_IVLEN 8
397#define DES3_KEYLEN 24
398
399extern volatile unsigned char __MBAR[];
400
401static void wc_Des_Cbc(byte* out, const byte* in, word32 sz,
402 byte *key, byte *iv, word32 desc)
403{
404 #ifdef DEBUG_WOLFSSL
405 int ret ; int stat1,stat2 ;
406 #endif
407 int size ;
408 volatile int v ;
409
410 LockMutex(&Mutex_DesSEC) ;
411
412 secDesc->length1 = 0x0;
413 secDesc->pointer1 = NULL;
414 if((desc==SEC_DESC_DES_CBC_ENCRYPT)||(desc==SEC_DESC_DES_CBC_DECRYPT)){
415 secDesc->length2 = DES_IVLEN ;
416 secDesc->length3 = DES_KEYLEN ;
417 } else {
418 secDesc->length2 = DES3_IVLEN ;
419 secDesc->length3 = DES3_KEYLEN ;
420 }
421 secDesc->pointer2 = secIV ;
422 secDesc->pointer3 = secKey;
423 secDesc->pointer4 = desBuffIn ;
424 secDesc->pointer5 = desBuffOut ;
425 secDesc->length6 = 0;
426 secDesc->pointer6 = NULL;
427 secDesc->length7 = 0x0;
428 secDesc->pointer7 = NULL;
429 secDesc->nextDescriptorPtr = NULL ;
430
431 while(sz) {
432 XMEMCPY(secIV, iv, secDesc->length2) ;
433 if((sz%DES_BUFFER_SIZE) == sz) {
434 size = sz ;
435 sz = 0 ;
436 } else {
437 size = DES_BUFFER_SIZE ;
438 sz -= DES_BUFFER_SIZE ;
439 }
440
441 XMEMCPY(desBuffIn, in, size) ;
442 XMEMCPY(secKey, key, secDesc->length3) ;
443
444 secDesc->header = desc ;
445 secDesc->length4 = size;
446 secDesc->length5 = size;
447 /* Point SEC to the location of the descriptor */
448 MCF_SEC_FR0 = (uint32)secDesc;
449 /* Initialize SEC and wait for encryption to complete */
450 MCF_SEC_CCCR0 = 0x0000001a;
451 /* poll SISR to determine when channel is complete */
452 v=0 ;
453 while((secDesc->header>> 24) != 0xff) {
454 if(v++ > 1000)break ;
455 }
456
457#ifdef DEBUG_WOLFSSL
458 ret = MCF_SEC_SISRH;
459 stat1 = MCF_SEC_DSR ;
460 stat2 = MCF_SEC_DISR ;
461 if(ret & 0xe0000000) {
462 /* db_printf("Des_Cbc(%x):ISRH=%08x, DSR=%08x, DISR=%08x\n", desc, ret, stat1, stat2) ; */
463 }
464#endif
465
466 XMEMCPY(out, desBuffOut, size) ;
467
468 if((desc==SEC_DESC_DES3_CBC_ENCRYPT)||(desc==SEC_DESC_DES_CBC_ENCRYPT)) {
469 XMEMCPY((void*)iv, (void*)&(out[size-secDesc->length2]), secDesc->length2) ;
470 } else {
471 XMEMCPY((void*)iv, (void*)&(in[size-secDesc->length2]), secDesc->length2) ;
472 }
473
474 in += size ;
475 out += size ;
476
477 }
478 UnLockMutex(&Mutex_DesSEC) ;
479
480}
481
482
483int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
484{
485 wc_Des_Cbc(out, in, sz, (byte *)des->key, (byte *)des->reg, SEC_DESC_DES_CBC_ENCRYPT) ;
486 return 0;
487}
488
489int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
490{
491 wc_Des_Cbc(out, in, sz, (byte *)des->key, (byte *)des->reg, SEC_DESC_DES_CBC_DECRYPT) ;
492 return 0;
493}
494
495int wc_Des3_CbcEncrypt(Des3* des3, byte* out, const byte* in, word32 sz)
496{
497 wc_Des_Cbc(out, in, sz, (byte *)des3->key, (byte *)des3->reg, SEC_DESC_DES3_CBC_ENCRYPT) ;
498 return 0;
499}
500
501
502int wc_Des3_CbcDecrypt(Des3* des3, byte* out, const byte* in, word32 sz)
503{
504 wc_Des_Cbc(out, in, sz, (byte *)des3->key, (byte *)des3->reg, SEC_DESC_DES3_CBC_DECRYPT) ;
505 return 0;
506}
507
508static void setParity(byte *buf, int len)
509{
510 int i, j ;
511 byte v ;
512 int bits ;
513
514 for(i=0; i<len; i++)
515 {
516 v = buf[i] >> 1 ;
517 buf[i] = v << 1 ;
518 bits = 0 ;
519 for(j=0; j<7; j++)
520 {
521 bits += (v&0x1) ;
522 v = v >> 1 ;
523 }
524 buf[i] |= (1 - (bits&0x1)) ;
525 }
526
527}
528
529
530int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
531{
532 if(desBuffIn == NULL) {
533 #if defined (HAVE_THREADX)
534 int s1, s2, s3, s4, s5 ;
535 s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc,
536 sizeof(SECdescriptorType), TX_NO_WAIT);
537 s1 = tx_byte_allocate(&mp_ncached,(void *)&desBuffIn, DES_BUFFER_SIZE, TX_NO_WAIT);
538 s2 = tx_byte_allocate(&mp_ncached,(void *)&desBuffOut, DES_BUFFER_SIZE, TX_NO_WAIT);
539 /* Don't know des or des3 to be used. Allocate larger buffers */
540 s3 = tx_byte_allocate(&mp_ncached,(void *)&secKey, DES3_KEYLEN,TX_NO_WAIT);
541 s4 = tx_byte_allocate(&mp_ncached,(void *)&secIV, DES3_IVLEN, TX_NO_WAIT);
542 #else
543 #warning "Allocate non-Cache buffers"
544 #endif
545
546 InitMutex(&Mutex_DesSEC) ;
547 }
548
549 XMEMCPY(des->key, key, DES_KEYLEN);
550 setParity((byte *)des->key, DES_KEYLEN) ;
551
552 if (iv) {
553 XMEMCPY(des->reg, iv, DES_IVLEN);
554 } else {
555 XMEMSET(des->reg, 0x0, DES_IVLEN) ;
556 }
557 return 0;
558}
559
560int wc_Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
561{
562
563 if(desBuffIn == NULL) {
564 #if defined (HAVE_THREADX)
565 int s1, s2, s3, s4, s5 ;
566 s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc,
567 sizeof(SECdescriptorType), TX_NO_WAIT);
568 s1 = tx_byte_allocate(&mp_ncached,(void *)&desBuffIn, DES_BUFFER_SIZE, TX_NO_WAIT);
569 s2 = tx_byte_allocate(&mp_ncached,(void *)&desBuffOut, DES_BUFFER_SIZE, TX_NO_WAIT);
570 s3 = tx_byte_allocate(&mp_ncached,(void *)&secKey, DES3_KEYLEN,TX_NO_WAIT);
571 s4 = tx_byte_allocate(&mp_ncached,(void *)&secIV, DES3_IVLEN, TX_NO_WAIT);
572 #else
573 #warning "Allocate non-Cache buffers"
574 #endif
575
576 InitMutex(&Mutex_DesSEC) ;
577 }
578
579 XMEMCPY(des3->key[0], key, DES3_KEYLEN);
580 setParity((byte *)des3->key[0], DES3_KEYLEN) ;
581
582 if (iv) {
583 XMEMCPY(des3->reg, iv, DES3_IVLEN);
584 } else {
585 XMEMSET(des3->reg, 0x0, DES3_IVLEN) ;
586 }
587 return 0;
588
589}
590
591#elif defined FREESCALE_MMCAU
592 /*
593 * Freescale mmCAU hardware DES/3DES support through the CAU/mmCAU library.
594 * Documentation located in ColdFire/ColdFire+ CAU and Kinetis mmCAU
595 * Software Library User Guide (See note in README).
596 */
597 #include "cau_api.h"
598
599 const unsigned char parityLookup[128] =
600 {
601 1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,
602 0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,
603 0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,
604 1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0
605 };
606
607 int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
608 {
609 int i = 0;
610 byte* dkey = (byte*)des->key;
611
612 XMEMCPY(dkey, key, 8);
613
614 wc_Des_SetIV(des, iv);
615
616 /* fix key parity, if needed */
617 for (i = 0; i < 8; i++) {
618 dkey[i] = ((dkey[i] & 0xFE) | parityLookup[dkey[i] >> 1]);
619 }
620
621 return 0;
622 }
623
624 int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
625 {
626 int i = 0, ret = 0;
627 byte* dkey1 = (byte*)des->key[0];
628 byte* dkey2 = (byte*)des->key[1];
629 byte* dkey3 = (byte*)des->key[2];
630
631 XMEMCPY(dkey1, key, 8); /* set key 1 */
632 XMEMCPY(dkey2, key + 8, 8); /* set key 2 */
633 XMEMCPY(dkey3, key + 16, 8); /* set key 3 */
634
635 ret = wc_Des3_SetIV(des, iv);
636 if (ret != 0)
637 return ret;
638
639 /* fix key parity if needed */
640 for (i = 0; i < 8; i++)
641 dkey1[i] = ((dkey1[i] & 0xFE) | parityLookup[dkey1[i] >> 1]);
642
643 for (i = 0; i < 8; i++)
644 dkey2[i] = ((dkey2[i] & 0xFE) | parityLookup[dkey2[i] >> 1]);
645
646 for (i = 0; i < 8; i++)
647 dkey3[i] = ((dkey3[i] & 0xFE) | parityLookup[dkey3[i] >> 1]);
648
649 return ret;
650 }
651
652 int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
653 {
654 int i;
655 int offset = 0;
656 int len = sz;
657 int ret = 0;
658 byte *iv;
659 byte temp_block[DES_BLOCK_SIZE];
660
661 iv = (byte*)des->reg;
662
663 if ((wolfssl_word)out % WOLFSSL_MMCAU_ALIGNMENT) {
664 WOLFSSL_MSG("Bad cau_des_encrypt alignment");
665 return BAD_ALIGN_E;
666 }
667
668 while (len > 0)
669 {
670 XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
671
672 /* XOR block with IV for CBC */
673 for (i = 0; i < DES_BLOCK_SIZE; i++)
674 temp_block[i] ^= iv[i];
675
676 ret = wolfSSL_CryptHwMutexLock();
677 if(ret != 0) {
678 return ret;
679 }
680 cau_des_encrypt(temp_block, (byte*)des->key, out + offset);
681 wolfSSL_CryptHwMutexUnLock();
682
683 len -= DES_BLOCK_SIZE;
684 offset += DES_BLOCK_SIZE;
685
686 /* store IV for next block */
687 XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
688 }
689
690 return ret;
691 }
692
693 int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
694 {
695 int i;
696 int offset = 0;
697 int len = sz;
698 int ret = 0;
699 byte* iv;
700 byte temp_block[DES_BLOCK_SIZE];
701
702 iv = (byte*)des->reg;
703
704 if ((wolfssl_word)out % WOLFSSL_MMCAU_ALIGNMENT) {
705 WOLFSSL_MSG("Bad cau_des_decrypt alignment");
706 return BAD_ALIGN_E;
707 }
708
709 while (len > 0)
710 {
711 XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
712
713 ret = wolfSSL_CryptHwMutexLock();
714 if(ret != 0) {
715 return ret;
716 }
717 cau_des_decrypt(in + offset, (byte*)des->key, out + offset);
718 wolfSSL_CryptHwMutexUnLock();
719
720 /* XOR block with IV for CBC */
721 for (i = 0; i < DES_BLOCK_SIZE; i++)
722 (out + offset)[i] ^= iv[i];
723
724 /* store IV for next block */
725 XMEMCPY(iv, temp_block, DES_BLOCK_SIZE);
726
727 len -= DES_BLOCK_SIZE;
728 offset += DES_BLOCK_SIZE;
729 }
730
731 return ret;
732 }
733
734 int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
735 {
736 int i;
737 int offset = 0;
738 int len = sz;
739 int ret = 0;
740
741 byte *iv;
742 byte temp_block[DES_BLOCK_SIZE];
743
744 iv = (byte*)des->reg;
745
746 if ((wolfssl_word)out % WOLFSSL_MMCAU_ALIGNMENT) {
747 WOLFSSL_MSG("Bad 3ede cau_des_encrypt alignment");
748 return BAD_ALIGN_E;
749 }
750
751 while (len > 0)
752 {
753 XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
754
755 /* XOR block with IV for CBC */
756 for (i = 0; i < DES_BLOCK_SIZE; i++)
757 temp_block[i] ^= iv[i];
758
759 ret = wolfSSL_CryptHwMutexLock();
760 if(ret != 0) {
761 return ret;
762 }
763 cau_des_encrypt(temp_block , (byte*)des->key[0], out + offset);
764 cau_des_decrypt(out + offset, (byte*)des->key[1], out + offset);
765 cau_des_encrypt(out + offset, (byte*)des->key[2], out + offset);
766 wolfSSL_CryptHwMutexUnLock();
767
768 len -= DES_BLOCK_SIZE;
769 offset += DES_BLOCK_SIZE;
770
771 /* store IV for next block */
772 XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
773 }
774
775 return ret;
776 }
777
778 int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
779 {
780 int i;
781 int offset = 0;
782 int len = sz;
783 int ret = 0;
784
785 byte* iv;
786 byte temp_block[DES_BLOCK_SIZE];
787
788 iv = (byte*)des->reg;
789
790 if ((wolfssl_word)out % WOLFSSL_MMCAU_ALIGNMENT) {
791 WOLFSSL_MSG("Bad 3ede cau_des_decrypt alignment");
792 return BAD_ALIGN_E;
793 }
794
795 while (len > 0)
796 {
797 XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
798
799 ret = wolfSSL_CryptHwMutexLock();
800 if(ret != 0) {
801 return ret;
802 }
803 cau_des_decrypt(in + offset , (byte*)des->key[2], out + offset);
804 cau_des_encrypt(out + offset, (byte*)des->key[1], out + offset);
805 cau_des_decrypt(out + offset, (byte*)des->key[0], out + offset);
806 wolfSSL_CryptHwMutexUnLock();
807
808 /* XOR block with IV for CBC */
809 for (i = 0; i < DES_BLOCK_SIZE; i++)
810 (out + offset)[i] ^= iv[i];
811
812 /* store IV for next block */
813 XMEMCPY(iv, temp_block, DES_BLOCK_SIZE);
814
815 len -= DES_BLOCK_SIZE;
816 offset += DES_BLOCK_SIZE;
817 }
818
819 return ret;
820 }
821
822
823#elif defined(WOLFSSL_PIC32MZ_CRYPT)
824
825 #include "wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h"
826
827void wc_Des_SetIV(Des* des, const byte* iv);
828int wc_Des3_SetIV(Des3* des, const byte* iv);
829
830 int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
831 {
832 word32 *dkey = des->key ;
833 word32 *dreg = des->reg ;
834
835 XMEMCPY((byte *)dkey, (byte *)key, 8);
836 ByteReverseWords(dkey, dkey, 8);
837 XMEMCPY((byte *)dreg, (byte *)iv, 8);
838 ByteReverseWords(dreg, dreg, 8);
839
840 return 0;
841 }
842
843 int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
844 {
845 word32 *dkey1 = des->key[0];
846 word32 *dreg = des->reg ;
847
848 XMEMCPY(dkey1, key, 24);
849 ByteReverseWords(dkey1, dkey1, 24);
850 XMEMCPY(dreg, iv, 8);
851 ByteReverseWords(dreg, dreg, 8) ;
852
853 return 0;
854 }
855
856 void DesCrypt(word32 *key, word32 *iv, byte* out, const byte* in, word32 sz,
857 int dir, int algo, int cryptoalgo)
858 {
859 securityAssociation *sa_p ;
860 bufferDescriptor *bd_p ;
861 const byte *in_p, *in_l ;
862 byte *out_p, *out_l ;
863 volatile securityAssociation sa __attribute__((aligned (8)));
864 volatile bufferDescriptor bd __attribute__((aligned (8)));
865 volatile int k ;
866
867 /* get uncached address */
868
869 in_l = in;
870 out_l = out ;
871 sa_p = KVA0_TO_KVA1(&sa) ;
872 bd_p = KVA0_TO_KVA1(&bd) ;
873 in_p = KVA0_TO_KVA1(in_l) ;
874 out_p= KVA0_TO_KVA1(out_l);
875
876 if(PIC32MZ_IF_RAM(in_p))
877 XMEMCPY((void *)in_p, (void *)in, sz);
878 XMEMSET((void *)out_p, 0, sz);
879
880 /* Set up the Security Association */
881 XMEMSET((byte *)KVA0_TO_KVA1(&sa), 0, sizeof(sa));
882 sa_p->SA_CTRL.ALGO = algo ;
883 sa_p->SA_CTRL.LNC = 1;
884 sa_p->SA_CTRL.LOADIV = 1;
885 sa_p->SA_CTRL.FB = 1;
886 sa_p->SA_CTRL.ENCTYPE = dir ; /* Encryption/Decryption */
887 sa_p->SA_CTRL.CRYPTOALGO = cryptoalgo;
888 sa_p->SA_CTRL.KEYSIZE = 1 ; /* KEY is 192 bits */
889 XMEMCPY((byte *)KVA0_TO_KVA1(&sa.SA_ENCKEY[algo==PIC32_ALGO_TDES ? 2 : 6]),
890 (byte *)key, algo==PIC32_ALGO_TDES ? 24 : 8);
891 XMEMCPY((byte *)KVA0_TO_KVA1(&sa.SA_ENCIV[2]), (byte *)iv, 8);
892
893 XMEMSET((byte *)KVA0_TO_KVA1(&bd), 0, sizeof(bd));
894 /* Set up the Buffer Descriptor */
895 bd_p->BD_CTRL.BUFLEN = sz;
896 bd_p->BD_CTRL.LIFM = 1;
897 bd_p->BD_CTRL.SA_FETCH_EN = 1;
898 bd_p->BD_CTRL.LAST_BD = 1;
899 bd_p->BD_CTRL.DESC_EN = 1;
900
901 bd_p->SA_ADDR = (unsigned int)KVA_TO_PA(&sa) ; /* (unsigned int)sa_p; */
902 bd_p->SRCADDR = (unsigned int)KVA_TO_PA(in) ; /* (unsigned int)in_p; */
903 bd_p->DSTADDR = (unsigned int)KVA_TO_PA(out); /* (unsigned int)out_p; */
904 bd_p->NXTPTR = (unsigned int)KVA_TO_PA(&bd);
905 bd_p->MSGLEN = sz ;
906
907 /* Fire in the hole! */
908 CECON = 1 << 6;
909 while (CECON);
910
911 /* Run the engine */
912 CEBDPADDR = (unsigned int)KVA_TO_PA(&bd) ; /* (unsigned int)bd_p ; */
913 CEINTEN = 0x07;
914 CECON = 0x27;
915
916 WAIT_ENGINE ;
917
918 if((cryptoalgo == PIC32_CRYPTOALGO_CBC) ||
919 (cryptoalgo == PIC32_CRYPTOALGO_TCBC)||
920 (cryptoalgo == PIC32_CRYPTOALGO_RCBC)) {
921 /* set iv for the next call */
922 if(dir == PIC32_ENCRYPTION) {
923 XMEMCPY((void *)iv, (void*)&(out_p[sz-DES_IVLEN]), DES_IVLEN) ;
924 } else {
925 ByteReverseWords((word32*)iv, (word32 *)&(in_p[sz-DES_IVLEN]),
926 DES_IVLEN);
927 }
928
929 }
930
931 ByteReverseWords((word32*)out, (word32 *)KVA0_TO_KVA1(out), sz);
932 }
933
934 int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
935 {
936 DesCrypt(des->key, des->reg, out, in, sz,
937 PIC32_ENCRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC );
938 return 0;
939 }
940
941 int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
942 {
943 DesCrypt(des->key, des->reg, out, in, sz,
944 PIC32_DECRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC);
945 return 0;
946 }
947
948 int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
949 {
950 DesCrypt(des->key[0], des->reg, out, in, sz,
951 PIC32_ENCRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC);
952 return 0;
953 }
954
955 int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
956 {
957 DesCrypt(des->key[0], des->reg, out, in, sz,
958 PIC32_DECRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC);
959 return 0;
960 }
961
962#else /* CTaoCrypt software implementation */
963
964/* permuted choice table (key) */
965static const byte pc1[] = {
966 57, 49, 41, 33, 25, 17, 9,
967 1, 58, 50, 42, 34, 26, 18,
968 10, 2, 59, 51, 43, 35, 27,
969 19, 11, 3, 60, 52, 44, 36,
970
971 63, 55, 47, 39, 31, 23, 15,
972 7, 62, 54, 46, 38, 30, 22,
973 14, 6, 61, 53, 45, 37, 29,
974 21, 13, 5, 28, 20, 12, 4
975};
976
977/* number left rotations of pc1 */
978static const byte totrot[] = {
979 1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28
980};
981
982/* permuted choice key (table) */
983static const byte pc2[] = {
984 14, 17, 11, 24, 1, 5,
985 3, 28, 15, 6, 21, 10,
986 23, 19, 12, 4, 26, 8,
987 16, 7, 27, 20, 13, 2,
988 41, 52, 31, 37, 47, 55,
989 30, 40, 51, 45, 33, 48,
990 44, 49, 39, 56, 34, 53,
991 46, 42, 50, 36, 29, 32
992};
993
994/* End of DES-defined tables */
995
996/* bit 0 is left-most in byte */
997static const int bytebit[] = {
998 0200,0100,040,020,010,04,02,01
999};
1000
1001static const word32 Spbox[8][64] = {
1002{
10030x01010400,0x00000000,0x00010000,0x01010404,
10040x01010004,0x00010404,0x00000004,0x00010000,
10050x00000400,0x01010400,0x01010404,0x00000400,
10060x01000404,0x01010004,0x01000000,0x00000004,
10070x00000404,0x01000400,0x01000400,0x00010400,
10080x00010400,0x01010000,0x01010000,0x01000404,
10090x00010004,0x01000004,0x01000004,0x00010004,
10100x00000000,0x00000404,0x00010404,0x01000000,
10110x00010000,0x01010404,0x00000004,0x01010000,
10120x01010400,0x01000000,0x01000000,0x00000400,
10130x01010004,0x00010000,0x00010400,0x01000004,
10140x00000400,0x00000004,0x01000404,0x00010404,
10150x01010404,0x00010004,0x01010000,0x01000404,
10160x01000004,0x00000404,0x00010404,0x01010400,
10170x00000404,0x01000400,0x01000400,0x00000000,
10180x00010004,0x00010400,0x00000000,0x01010004},
1019{
10200x80108020,0x80008000,0x00008000,0x00108020,
10210x00100000,0x00000020,0x80100020,0x80008020,
10220x80000020,0x80108020,0x80108000,0x80000000,
10230x80008000,0x00100000,0x00000020,0x80100020,
10240x00108000,0x00100020,0x80008020,0x00000000,
10250x80000000,0x00008000,0x00108020,0x80100000,
10260x00100020,0x80000020,0x00000000,0x00108000,
10270x00008020,0x80108000,0x80100000,0x00008020,
10280x00000000,0x00108020,0x80100020,0x00100000,
10290x80008020,0x80100000,0x80108000,0x00008000,
10300x80100000,0x80008000,0x00000020,0x80108020,
10310x00108020,0x00000020,0x00008000,0x80000000,
10320x00008020,0x80108000,0x00100000,0x80000020,
10330x00100020,0x80008020,0x80000020,0x00100020,
10340x00108000,0x00000000,0x80008000,0x00008020,
10350x80000000,0x80100020,0x80108020,0x00108000},
1036{
10370x00000208,0x08020200,0x00000000,0x08020008,
10380x08000200,0x00000000,0x00020208,0x08000200,
10390x00020008,0x08000008,0x08000008,0x00020000,
10400x08020208,0x00020008,0x08020000,0x00000208,
10410x08000000,0x00000008,0x08020200,0x00000200,
10420x00020200,0x08020000,0x08020008,0x00020208,
10430x08000208,0x00020200,0x00020000,0x08000208,
10440x00000008,0x08020208,0x00000200,0x08000000,
10450x08020200,0x08000000,0x00020008,0x00000208,
10460x00020000,0x08020200,0x08000200,0x00000000,
10470x00000200,0x00020008,0x08020208,0x08000200,
10480x08000008,0x00000200,0x00000000,0x08020008,
10490x08000208,0x00020000,0x08000000,0x08020208,
10500x00000008,0x00020208,0x00020200,0x08000008,
10510x08020000,0x08000208,0x00000208,0x08020000,
10520x00020208,0x00000008,0x08020008,0x00020200},
1053{
10540x00802001,0x00002081,0x00002081,0x00000080,
10550x00802080,0x00800081,0x00800001,0x00002001,
10560x00000000,0x00802000,0x00802000,0x00802081,
10570x00000081,0x00000000,0x00800080,0x00800001,
10580x00000001,0x00002000,0x00800000,0x00802001,
10590x00000080,0x00800000,0x00002001,0x00002080,
10600x00800081,0x00000001,0x00002080,0x00800080,
10610x00002000,0x00802080,0x00802081,0x00000081,
10620x00800080,0x00800001,0x00802000,0x00802081,
10630x00000081,0x00000000,0x00000000,0x00802000,
10640x00002080,0x00800080,0x00800081,0x00000001,
10650x00802001,0x00002081,0x00002081,0x00000080,
10660x00802081,0x00000081,0x00000001,0x00002000,
10670x00800001,0x00002001,0x00802080,0x00800081,
10680x00002001,0x00002080,0x00800000,0x00802001,
10690x00000080,0x00800000,0x00002000,0x00802080},
1070{
10710x00000100,0x02080100,0x02080000,0x42000100,
10720x00080000,0x00000100,0x40000000,0x02080000,
10730x40080100,0x00080000,0x02000100,0x40080100,
10740x42000100,0x42080000,0x00080100,0x40000000,
10750x02000000,0x40080000,0x40080000,0x00000000,
10760x40000100,0x42080100,0x42080100,0x02000100,
10770x42080000,0x40000100,0x00000000,0x42000000,
10780x02080100,0x02000000,0x42000000,0x00080100,
10790x00080000,0x42000100,0x00000100,0x02000000,
10800x40000000,0x02080000,0x42000100,0x40080100,
10810x02000100,0x40000000,0x42080000,0x02080100,
10820x40080100,0x00000100,0x02000000,0x42080000,
10830x42080100,0x00080100,0x42000000,0x42080100,
10840x02080000,0x00000000,0x40080000,0x42000000,
10850x00080100,0x02000100,0x40000100,0x00080000,
10860x00000000,0x40080000,0x02080100,0x40000100},
1087{
10880x20000010,0x20400000,0x00004000,0x20404010,
10890x20400000,0x00000010,0x20404010,0x00400000,
10900x20004000,0x00404010,0x00400000,0x20000010,
10910x00400010,0x20004000,0x20000000,0x00004010,
10920x00000000,0x00400010,0x20004010,0x00004000,
10930x00404000,0x20004010,0x00000010,0x20400010,
10940x20400010,0x00000000,0x00404010,0x20404000,
10950x00004010,0x00404000,0x20404000,0x20000000,
10960x20004000,0x00000010,0x20400010,0x00404000,
10970x20404010,0x00400000,0x00004010,0x20000010,
10980x00400000,0x20004000,0x20000000,0x00004010,
10990x20000010,0x20404010,0x00404000,0x20400000,
11000x00404010,0x20404000,0x00000000,0x20400010,
11010x00000010,0x00004000,0x20400000,0x00404010,
11020x00004000,0x00400010,0x20004010,0x00000000,
11030x20404000,0x20000000,0x00400010,0x20004010},
1104{
11050x00200000,0x04200002,0x04000802,0x00000000,
11060x00000800,0x04000802,0x00200802,0x04200800,
11070x04200802,0x00200000,0x00000000,0x04000002,
11080x00000002,0x04000000,0x04200002,0x00000802,
11090x04000800,0x00200802,0x00200002,0x04000800,
11100x04000002,0x04200000,0x04200800,0x00200002,
11110x04200000,0x00000800,0x00000802,0x04200802,
11120x00200800,0x00000002,0x04000000,0x00200800,
11130x04000000,0x00200800,0x00200000,0x04000802,
11140x04000802,0x04200002,0x04200002,0x00000002,
11150x00200002,0x04000000,0x04000800,0x00200000,
11160x04200800,0x00000802,0x00200802,0x04200800,
11170x00000802,0x04000002,0x04200802,0x04200000,
11180x00200800,0x00000000,0x00000002,0x04200802,
11190x00000000,0x00200802,0x04200000,0x00000800,
11200x04000002,0x04000800,0x00000800,0x00200002},
1121{
11220x10001040,0x00001000,0x00040000,0x10041040,
11230x10000000,0x10001040,0x00000040,0x10000000,
11240x00040040,0x10040000,0x10041040,0x00041000,
11250x10041000,0x00041040,0x00001000,0x00000040,
11260x10040000,0x10000040,0x10001000,0x00001040,
11270x00041000,0x00040040,0x10040040,0x10041000,
11280x00001040,0x00000000,0x00000000,0x10040040,
11290x10000040,0x10001000,0x00041040,0x00040000,
11300x00041040,0x00040000,0x10041000,0x00001000,
11310x00000040,0x10040040,0x00001000,0x00041040,
11320x10001000,0x00000040,0x10000040,0x10040000,
11330x10040040,0x10000000,0x00040000,0x10001040,
11340x00000000,0x10041040,0x00040040,0x10000040,
11350x10040000,0x10001000,0x10001040,0x00000000,
11360x10041040,0x00041000,0x00041000,0x00001040,
11370x00001040,0x00040040,0x10000000,0x10041000}
1138};
1139
1140
1141static INLINE void IPERM(word32* left, word32* right)
1142{
1143 word32 work;
1144
1145 *right = rotlFixed(*right, 4U);
1146 work = (*left ^ *right) & 0xf0f0f0f0;
1147 *left ^= work;
1148
1149 *right = rotrFixed(*right^work, 20U);
1150 work = (*left ^ *right) & 0xffff0000;
1151 *left ^= work;
1152
1153 *right = rotrFixed(*right^work, 18U);
1154 work = (*left ^ *right) & 0x33333333;
1155 *left ^= work;
1156
1157 *right = rotrFixed(*right^work, 6U);
1158 work = (*left ^ *right) & 0x00ff00ff;
1159 *left ^= work;
1160
1161 *right = rotlFixed(*right^work, 9U);
1162 work = (*left ^ *right) & 0xaaaaaaaa;
1163 *left = rotlFixed(*left^work, 1U);
1164 *right ^= work;
1165}
1166
1167
1168static INLINE void FPERM(word32* left, word32* right)
1169{
1170 word32 work;
1171
1172 *right = rotrFixed(*right, 1U);
1173 work = (*left ^ *right) & 0xaaaaaaaa;
1174 *right ^= work;
1175
1176 *left = rotrFixed(*left^work, 9U);
1177 work = (*left ^ *right) & 0x00ff00ff;
1178 *right ^= work;
1179
1180 *left = rotlFixed(*left^work, 6U);
1181 work = (*left ^ *right) & 0x33333333;
1182 *right ^= work;
1183
1184 *left = rotlFixed(*left^work, 18U);
1185 work = (*left ^ *right) & 0xffff0000;
1186 *right ^= work;
1187
1188 *left = rotlFixed(*left^work, 20U);
1189 work = (*left ^ *right) & 0xf0f0f0f0;
1190 *right ^= work;
1191
1192 *left = rotrFixed(*left^work, 4U);
1193}
1194
1195
1196static int DesSetKey(const byte* key, int dir, word32* out)
1197{
1198#ifdef WOLFSSL_SMALL_STACK
1199 byte* buffer = (byte*)XMALLOC(56+56+8, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1200
1201 if (buffer == NULL)
1202 return MEMORY_E;
1203#else
1204 byte buffer[56+56+8];
1205#endif
1206
1207 {
1208 byte* const pc1m = buffer; /* place to modify pc1 into */
1209 byte* const pcr = pc1m + 56; /* place to rotate pc1 into */
1210 byte* const ks = pcr + 56;
1211 register int i, j, l;
1212 int m;
1213
1214 for (j = 0; j < 56; j++) { /* convert pc1 to bits of key */
1215 l = pc1[j] - 1; /* integer bit location */
1216 m = l & 07; /* find bit */
1217 pc1m[j] = (key[l >> 3] & /* find which key byte l is in */
1218 bytebit[m]) /* and which bit of that byte */
1219 ? 1 : 0; /* and store 1-bit result */
1220 }
1221
1222 for (i = 0; i < 16; i++) { /* key chunk for each iteration */
1223 XMEMSET(ks, 0, 8); /* Clear key schedule */
1224
1225 for (j = 0; j < 56; j++) /* rotate pc1 the right amount */
1226 pcr[j] =
1227 pc1m[(l = j + totrot[i]) < (j < 28 ? 28 : 56) ? l : l-28];
1228
1229 /* rotate left and right halves independently */
1230 for (j = 0; j < 48; j++) { /* select bits individually */
1231 if (pcr[pc2[j] - 1]) { /* check bit that goes to ks[j] */
1232 l= j % 6; /* mask it in if it's there */
1233 ks[j/6] |= bytebit[l] >> 2;
1234 }
1235 }
1236
1237 /* Now convert to odd/even interleaved form for use in F */
1238 out[2*i] = ((word32) ks[0] << 24)
1239 | ((word32) ks[2] << 16)
1240 | ((word32) ks[4] << 8)
1241 | ((word32) ks[6]);
1242
1243 out[2*i + 1] = ((word32) ks[1] << 24)
1244 | ((word32) ks[3] << 16)
1245 | ((word32) ks[5] << 8)
1246 | ((word32) ks[7]);
1247 }
1248
1249 /* reverse key schedule order */
1250 if (dir == DES_DECRYPTION) {
1251 for (i = 0; i < 16; i += 2) {
1252 word32 swap = out[i];
1253 out[i] = out[DES_KS_SIZE - 2 - i];
1254 out[DES_KS_SIZE - 2 - i] = swap;
1255
1256 swap = out[i + 1];
1257 out[i + 1] = out[DES_KS_SIZE - 1 - i];
1258 out[DES_KS_SIZE - 1 - i] = swap;
1259 }
1260 }
1261
1262#ifdef WOLFSSL_SMALL_STACK
1263 XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
1264#endif
1265 }
1266
1267 return 0;
1268}
1269
1270
1271static INLINE int Reverse(int dir)
1272{
1273 return !dir;
1274}
1275
1276
1277int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
1278{
1279 wc_Des_SetIV(des, iv);
1280
1281 return DesSetKey(key, dir, des->key);
1282}
1283
1284
1285int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
1286{
1287 int ret;
1288
1289#ifdef HAVE_CAVIUM
1290 if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC)
1291 return wc_Des3_CaviumSetKey(des, key, iv);
1292#endif
1293
1294 ret = DesSetKey(key + (dir == DES_ENCRYPTION ? 0:16), dir, des->key[0]);
1295 if (ret != 0)
1296 return ret;
1297
1298 ret = DesSetKey(key + 8, Reverse(dir), des->key[1]);
1299 if (ret != 0)
1300 return ret;
1301
1302 ret = DesSetKey(key + (dir == DES_DECRYPTION ? 0:16), dir, des->key[2]);
1303 if (ret != 0)
1304 return ret;
1305
1306 return wc_Des3_SetIV(des, iv);
1307}
1308
1309
1310static void DesRawProcessBlock(word32* lIn, word32* rIn, const word32* kptr)
1311{
1312 word32 l = *lIn, r = *rIn, i;
1313
1314 for (i=0; i<8; i++)
1315 {
1316 word32 work = rotrFixed(r, 4U) ^ kptr[4*i+0];
1317 l ^= Spbox[6][(work) & 0x3f]
1318 ^ Spbox[4][(work >> 8) & 0x3f]
1319 ^ Spbox[2][(work >> 16) & 0x3f]
1320 ^ Spbox[0][(work >> 24) & 0x3f];
1321 work = r ^ kptr[4*i+1];
1322 l ^= Spbox[7][(work) & 0x3f]
1323 ^ Spbox[5][(work >> 8) & 0x3f]
1324 ^ Spbox[3][(work >> 16) & 0x3f]
1325 ^ Spbox[1][(work >> 24) & 0x3f];
1326
1327 work = rotrFixed(l, 4U) ^ kptr[4*i+2];
1328 r ^= Spbox[6][(work) & 0x3f]
1329 ^ Spbox[4][(work >> 8) & 0x3f]
1330 ^ Spbox[2][(work >> 16) & 0x3f]
1331 ^ Spbox[0][(work >> 24) & 0x3f];
1332 work = l ^ kptr[4*i+3];
1333 r ^= Spbox[7][(work) & 0x3f]
1334 ^ Spbox[5][(work >> 8) & 0x3f]
1335 ^ Spbox[3][(work >> 16) & 0x3f]
1336 ^ Spbox[1][(work >> 24) & 0x3f];
1337 }
1338
1339 *lIn = l; *rIn = r;
1340}
1341
1342
1343static void DesProcessBlock(Des* des, const byte* in, byte* out)
1344{
1345 word32 l, r;
1346
1347 XMEMCPY(&l, in, sizeof(l));
1348 XMEMCPY(&r, in + sizeof(l), sizeof(r));
1349 #ifdef LITTLE_ENDIAN_ORDER
1350 l = ByteReverseWord32(l);
1351 r = ByteReverseWord32(r);
1352 #endif
1353 IPERM(&l,&r);
1354
1355 DesRawProcessBlock(&l, &r, des->key);
1356
1357 FPERM(&l,&r);
1358 #ifdef LITTLE_ENDIAN_ORDER
1359 l = ByteReverseWord32(l);
1360 r = ByteReverseWord32(r);
1361 #endif
1362 XMEMCPY(out, &r, sizeof(r));
1363 XMEMCPY(out + sizeof(r), &l, sizeof(l));
1364}
1365
1366
1367static void Des3ProcessBlock(Des3* des, const byte* in, byte* out)
1368{
1369 word32 l, r;
1370
1371 XMEMCPY(&l, in, sizeof(l));
1372 XMEMCPY(&r, in + sizeof(l), sizeof(r));
1373 #ifdef LITTLE_ENDIAN_ORDER
1374 l = ByteReverseWord32(l);
1375 r = ByteReverseWord32(r);
1376 #endif
1377 IPERM(&l,&r);
1378
1379 DesRawProcessBlock(&l, &r, des->key[0]);
1380 DesRawProcessBlock(&r, &l, des->key[1]);
1381 DesRawProcessBlock(&l, &r, des->key[2]);
1382
1383 FPERM(&l,&r);
1384 #ifdef LITTLE_ENDIAN_ORDER
1385 l = ByteReverseWord32(l);
1386 r = ByteReverseWord32(r);
1387 #endif
1388 XMEMCPY(out, &r, sizeof(r));
1389 XMEMCPY(out + sizeof(r), &l, sizeof(l));
1390}
1391
1392
1393int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
1394{
1395 word32 blocks = sz / DES_BLOCK_SIZE;
1396
1397 while (blocks--) {
1398 xorbuf((byte*)des->reg, in, DES_BLOCK_SIZE);
1399 DesProcessBlock(des, (byte*)des->reg, (byte*)des->reg);
1400 XMEMCPY(out, des->reg, DES_BLOCK_SIZE);
1401
1402 out += DES_BLOCK_SIZE;
1403 in += DES_BLOCK_SIZE;
1404 }
1405 return 0;
1406}
1407
1408
1409int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
1410{
1411 word32 blocks = sz / DES_BLOCK_SIZE;
1412
1413 while (blocks--) {
1414 XMEMCPY(des->tmp, in, DES_BLOCK_SIZE);
1415 DesProcessBlock(des, (byte*)des->tmp, out);
1416 xorbuf(out, (byte*)des->reg, DES_BLOCK_SIZE);
1417 XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE);
1418
1419 out += DES_BLOCK_SIZE;
1420 in += DES_BLOCK_SIZE;
1421 }
1422 return 0;
1423}
1424
1425
1426int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
1427{
1428 word32 blocks;
1429
1430#ifdef HAVE_CAVIUM
1431 if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC)
1432 return wc_Des3_CaviumCbcEncrypt(des, out, in, sz);
1433#endif
1434
1435 blocks = sz / DES_BLOCK_SIZE;
1436 while (blocks--) {
1437 xorbuf((byte*)des->reg, in, DES_BLOCK_SIZE);
1438 Des3ProcessBlock(des, (byte*)des->reg, (byte*)des->reg);
1439 XMEMCPY(out, des->reg, DES_BLOCK_SIZE);
1440
1441 out += DES_BLOCK_SIZE;
1442 in += DES_BLOCK_SIZE;
1443 }
1444 return 0;
1445}
1446
1447
1448int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
1449{
1450 word32 blocks;
1451
1452#ifdef HAVE_CAVIUM
1453 if (des->magic == WOLFSSL_3DES_CAVIUM_MAGIC)
1454 return wc_Des3_CaviumCbcDecrypt(des, out, in, sz);
1455#endif
1456
1457 blocks = sz / DES_BLOCK_SIZE;
1458 while (blocks--) {
1459 XMEMCPY(des->tmp, in, DES_BLOCK_SIZE);
1460 Des3ProcessBlock(des, (byte*)des->tmp, out);
1461 xorbuf(out, (byte*)des->reg, DES_BLOCK_SIZE);
1462 XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE);
1463
1464 out += DES_BLOCK_SIZE;
1465 in += DES_BLOCK_SIZE;
1466 }
1467 return 0;
1468}
1469
1470#ifdef WOLFSSL_DES_ECB
1471
1472/* One block, compatibility only */
1473int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
1474{
1475 word32 blocks = sz / DES_BLOCK_SIZE;
1476
1477 while (blocks--) {
1478 DesProcessBlock(des, in, out);
1479
1480 out += DES_BLOCK_SIZE;
1481 in += DES_BLOCK_SIZE;
1482 }
1483 return 0;
1484}
1485
1486#endif /* WOLFSSL_DES_ECB */
1487
1488#endif /* STM32F2_CRYPTO */
1489
1490void wc_Des_SetIV(Des* des, const byte* iv)
1491{
1492 if (des && iv)
1493 XMEMCPY(des->reg, iv, DES_BLOCK_SIZE);
1494 else if (des)
1495 XMEMSET(des->reg, 0, DES_BLOCK_SIZE);
1496}
1497
1498
1499int wc_Des3_SetIV(Des3* des, const byte* iv)
1500{
1501 if (des && iv)
1502 XMEMCPY(des->reg, iv, DES_BLOCK_SIZE);
1503 else if (des)
1504 XMEMSET(des->reg, 0, DES_BLOCK_SIZE);
1505
1506 return 0;
1507}
1508
1509
1510#ifdef HAVE_CAVIUM
1511
1512#include "cavium_common.h"
1513
1514/* Initiliaze Des3 for use with Nitrox device */
1515int wc_Des3_InitCavium(Des3* des3, int devId)
1516{
1517 if (des3 == NULL)
1518 return -1;
1519
1520 if (CspAllocContext(CONTEXT_SSL, &des3->contextHandle, devId) != 0)
1521 return -1;
1522
1523 des3->devId = devId;
1524 des3->magic = WOLFSSL_3DES_CAVIUM_MAGIC;
1525
1526 return 0;
1527}
1528
1529
1530/* Free Des3 from use with Nitrox device */
1531void wc_Des3_FreeCavium(Des3* des3)
1532{
1533 if (des3 == NULL)
1534 return;
1535
1536 if (des3->magic != WOLFSSL_3DES_CAVIUM_MAGIC)
1537 return;
1538
1539 CspFreeContext(CONTEXT_SSL, des3->contextHandle, des3->devId);
1540 des3->magic = 0;
1541}
1542
1543
1544static int wc_Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv)
1545{
1546 if (des3 == NULL)
1547 return -1;
1548
1549 /* key[0] holds key, iv in reg */
1550 XMEMCPY(des3->key[0], key, DES_BLOCK_SIZE*3);
1551
1552 return wc_Des3_SetIV(des3, iv);
1553}
1554
1555
1556static int wc_Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in,
1557 word32 length)
1558{
1559 wolfssl_word offset = 0;
1560 word32 requestId;
1561
1562 while (length > WOLFSSL_MAX_16BIT) {
1563 word16 slen = (word16)WOLFSSL_MAX_16BIT;
1564 if (CspEncrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
1565 CAVIUM_NO_UPDATE, slen, (byte*)in + offset,
1566 out + offset, (byte*)des3->reg, (byte*)des3->key[0],
1567 &requestId, des3->devId) != 0) {
1568 WOLFSSL_MSG("Bad Cavium 3DES Cbc Encrypt");
1569 return -1;
1570 }
1571 length -= WOLFSSL_MAX_16BIT;
1572 offset += WOLFSSL_MAX_16BIT;
1573 XMEMCPY(des3->reg, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
1574 }
1575 if (length) {
1576 word16 slen = (word16)length;
1577
1578 if (CspEncrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
1579 CAVIUM_NO_UPDATE, slen, (byte*)in + offset,
1580 out + offset, (byte*)des3->reg, (byte*)des3->key[0],
1581 &requestId, des3->devId) != 0) {
1582 WOLFSSL_MSG("Bad Cavium 3DES Cbc Encrypt");
1583 return -1;
1584 }
1585 XMEMCPY(des3->reg, out+offset+length - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
1586 }
1587 return 0;
1588}
1589
1590static int wc_Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in,
1591 word32 length)
1592{
1593 word32 requestId;
1594 wolfssl_word offset = 0;
1595
1596 while (length > WOLFSSL_MAX_16BIT) {
1597 word16 slen = (word16)WOLFSSL_MAX_16BIT;
1598 XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
1599 if (CspDecrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
1600 CAVIUM_NO_UPDATE, slen, (byte*)in+offset, out+offset,
1601 (byte*)des3->reg, (byte*)des3->key[0], &requestId,
1602 des3->devId) != 0) {
1603 WOLFSSL_MSG("Bad Cavium 3Des Decrypt");
1604 return -1;
1605 }
1606 length -= WOLFSSL_MAX_16BIT;
1607 offset += WOLFSSL_MAX_16BIT;
1608 XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE);
1609 }
1610 if (length) {
1611 word16 slen = (word16)length;
1612 XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE,DES_BLOCK_SIZE);
1613 if (CspDecrypt3Des(CAVIUM_BLOCKING, des3->contextHandle,
1614 CAVIUM_NO_UPDATE, slen, (byte*)in+offset, out+offset,
1615 (byte*)des3->reg, (byte*)des3->key[0], &requestId,
1616 des3->devId) != 0) {
1617 WOLFSSL_MSG("Bad Cavium 3Des Decrypt");
1618 return -1;
1619 }
1620 XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE);
1621 }
1622 return 0;
1623}
1624
1625#endif /* HAVE_CAVIUM */
1626#endif /* WOLFSSL_TI_CRYPT */
1627#endif /* HAVE_FIPS */
1628#endif /* NO_DES3 */
Note: See TracBrowser for help on using the repository browser.