1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License, Version 1.0 only
   6  * (the "License").  You may not use this file except in compliance
   7  * with the License.
   8  *
   9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10  * or http://www.opensolaris.org/os/licensing.
  11  * See the License for the specific language governing permissions
  12  * and limitations under the License.
  13  *
  14  * When distributing Covered Code, include this CDDL HEADER in each
  15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16  * If applicable, add the following below this CDDL HEADER, with the
  17  * fields enclosed by brackets "[]" replaced with your own identifying
  18  * information: Portions Copyright [yyyy] [name of copyright owner]
  19  *
  20  * CDDL HEADER END
  21  */
  22 /*      Copyright (c) 1988 AT&T     */
  23 /*        All Rights Reserved   */
  24 
  25 
  26 /*
  27  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
  28  * Use is subject to license terms.
  29  */
  30 
  31 #pragma ident   "%Z%%M% %I%     %E% SMI"
  32 /*LINTLIBRARY*/
  33 
  34 #include <sys/types.h>
  35 
  36 void
  37 _des_decrypt1(char *block, char *L, char *IP, char *R, char *preS, char *E, char KS[][48], char S[][64], char *f, char *tempL, char *P, char *FP)
  38 {
  39         int     i, ii;
  40         int     t, j, k;
  41         char    t2;
  42 
  43         /*
  44          * First, permute the bits in the input
  45          */
  46         for (j = 0; j < 64; j++)
  47                 L[j] = block[IP[j]-1];
  48         /*
  49          * Perform a decryption operation 16 times.
  50          */
  51         for (ii = 0; ii < 16; ii++) {
  52                 i = 15-ii;
  53                 /*
  54                  * Save the R array,
  55                  * which will be the new L.
  56                  */
  57                 for (j = 0; j < 32; j++)
  58                         tempL[j] = R[j];
  59                 /*
  60                  * Expand R to 48 bits using the E selector;
  61                  * exclusive-or with the current key bits.
  62                  */
  63                 for (j = 0; j < 48; j++)
  64                         preS[j] = R[E[j]-1] ^ KS[i][j];
  65                 /*
  66                  * The pre-select bits are now considered
  67                  * in 8 groups of 6 bits each.
  68                  * The 8 selection functions map these
  69                  * 6-bit quantities into 4-bit quantities
  70                  * and the results permuted
  71                  * to make an f(R, K).
  72                  * The indexing into the selection functions
  73                  * is peculiar; it could be simplified by
  74                  * rewriting the tables.
  75                  */
  76                 for (j = 0; j < 8; j++) {
  77                         t = 6*j;
  78                         k = S[j][(preS[t+0]<<5)+
  79                                 (preS[t+1]<<3)+
  80                                 (preS[t+2]<<2)+
  81                                 (preS[t+3]<<1)+
  82                                 (preS[t+4]<<0)+
  83                                 (preS[t+5]<<4)];
  84                         t = 4*j;
  85                         f[t+0] = (k>>3)&01;
  86                         f[t+1] = (k>>2)&01;
  87                         f[t+2] = (k>>1)&01;
  88                         f[t+3] = (k>>0)&01;
  89                 }
  90                 /*
  91                  * The new R is L ^ f(R, K).
  92                  * The f here has to be permuted first, though.
  93                  */
  94                 for (j = 0; j < 32; j++)
  95                         R[j] = L[j] ^ f[P[j]-1];
  96                 /*
  97                  * Finally, the new L (the original R)
  98                  * is copied back.
  99                  */
 100                 for (j = 0; j < 32; j++)
 101                         L[j] = tempL[j];
 102         }
 103         /*
 104          * The output L and R are reversed.
 105          */
 106         for (j = 0; j < 32; j++) {
 107                 t2 = L[j];
 108                 L[j] = R[j];
 109                 R[j] = t2;
 110         }
 111         /*
 112          * The final output
 113          * gets the inverse permutation of the very original.
 114          */
 115         for (j = 0; j < 64; j++)
 116                 block[j] = L[FP[j]-1];
 117 }