|
1 /* |
|
2 * Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #include "des.h" |
|
20 #include "destables.h" |
|
21 #include "../common/inlines.h" |
|
22 #include "des.inl" |
|
23 #include <cryptostrength.h> |
|
24 |
|
25 const TInt KDESBlockBytes = 8; |
|
26 const TInt KDESKeyBytes = 8; |
|
27 |
|
28 // bit 0 is left-most in byte |
|
29 static const TInt bytebit[] = {0200,0100,040,020,010,04,02,01}; |
|
30 |
|
31 void CDES::Transform(TDes8& aBlock) |
|
32 { |
|
33 assert(aBlock.Size() == KDESBlockBytes); |
|
34 |
|
35 TUint32 l, r; |
|
36 // Split the block into 2 word-sized big endian portions |
|
37 GetBlockBigEndian((TUint8*)&aBlock[0], l, r); |
|
38 |
|
39 IPerm(l,r); |
|
40 |
|
41 CDES::DoTransform(l, r, iK1); |
|
42 |
|
43 FPerm(l,r); |
|
44 |
|
45 // Put the portions back into the block as little endian |
|
46 PutBlockBigEndian((TUint8*)&aBlock[0], r, l); |
|
47 } |
|
48 |
|
49 void CDES::DoTransform(TUint32& l, TUint32& r, const TUint32* aKey) |
|
50 { |
|
51 TInt i = 0; |
|
52 for (; i<8; i++) |
|
53 { |
|
54 TUint32 work = rotrFixed(r, 4U) ^ aKey[4*i+0]; |
|
55 l ^= DES_TABLE::sbox[6][(work) & 0x3f] |
|
56 ^ DES_TABLE::sbox[4][(work >> 8) & 0x3f] |
|
57 ^ DES_TABLE::sbox[2][(work >> 16) & 0x3f] |
|
58 ^ DES_TABLE::sbox[0][(work >> 24) & 0x3f]; |
|
59 work = r ^ aKey[4*i+1]; |
|
60 l ^= DES_TABLE::sbox[7][(work) & 0x3f] |
|
61 ^ DES_TABLE::sbox[5][(work >> 8) & 0x3f] |
|
62 ^ DES_TABLE::sbox[3][(work >> 16) & 0x3f] |
|
63 ^ DES_TABLE::sbox[1][(work >> 24) & 0x3f]; |
|
64 |
|
65 work = rotrFixed(l, 4U) ^ aKey[4*i+2]; |
|
66 r ^= DES_TABLE::sbox[6][(work) & 0x3f] |
|
67 ^ DES_TABLE::sbox[4][(work >> 8) & 0x3f] |
|
68 ^ DES_TABLE::sbox[2][(work >> 16) & 0x3f] |
|
69 ^ DES_TABLE::sbox[0][(work >> 24) & 0x3f]; |
|
70 work = l ^ aKey[4*i+3]; |
|
71 r ^= DES_TABLE::sbox[7][(work) & 0x3f] |
|
72 ^ DES_TABLE::sbox[5][(work >> 8) & 0x3f] |
|
73 ^ DES_TABLE::sbox[3][(work >> 16) & 0x3f] |
|
74 ^ DES_TABLE::sbox[1][(work >> 24) & 0x3f]; |
|
75 } |
|
76 } |
|
77 |
|
78 |
|
79 TInt CDES::BlockSize() const |
|
80 { |
|
81 return KDESBlockBytes; |
|
82 } |
|
83 |
|
84 TInt CDES::KeySize() const |
|
85 { |
|
86 return KDESKeyBytes; |
|
87 } |
|
88 |
|
89 CDES::~CDES() |
|
90 { |
|
91 delete iKey; |
|
92 } |
|
93 |
|
94 void CDES::ConstructL(const TDesC8& aKey, TBool /*aCheckWeakKey*/) |
|
95 { |
|
96 assert(aKey.Size() == KDESKeyBytes); |
|
97 |
|
98 iKey = aKey.AllocL(); |
|
99 SetKey(aKey, iK1); |
|
100 } |
|
101 |
|
102 CDES::CDES() |
|
103 { |
|
104 } |
|
105 |
|
106 typedef TUint8 TKeyDES[KDESKeyBytes]; |
|
107 const TInt KKnownWeakKeysCount = 16; |
|
108 const TKeyDES weak_keys[KKnownWeakKeysCount] = |
|
109 { |
|
110 /* weak keys */ |
|
111 {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, |
|
112 {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE}, |
|
113 {0x1E,0x1E,0x1E,0x1E,0x0E,0x0E,0x0E,0x0E}, |
|
114 {0xE0,0xE0,0xE0,0xE0,0xF0,0xF0,0xF0,0xF0}, |
|
115 {0x00,0xFE,0x00,0xFE,0x00,0xFE,0x00,0xFE}, |
|
116 {0xFE,0x00,0xFE,0x00,0xFE,0x00,0xFE,0x00}, |
|
117 {0x1E,0xE0,0x1E,0xE0,0x0E,0xF0,0x0E,0xF0}, |
|
118 {0xE0,0x1E,0xE0,0x1E,0xF0,0x0E,0xF0,0x0E}, |
|
119 {0x00,0xE0,0x00,0xE0,0x00,0xF0,0x00,0xF0}, |
|
120 {0xE0,0x00,0xE0,0x00,0xF0,0x00,0xF0,0x00}, |
|
121 {0x1E,0xFE,0x1E,0xFE,0x0E,0xFE,0x0E,0xFE}, |
|
122 {0xFE,0x1E,0xFE,0x1E,0xFE,0x0E,0xFE,0x0E}, |
|
123 {0x00,0x1E,0x00,0x1E,0x00,0x0E,0x00,0x0E}, |
|
124 {0x1E,0x00,0x1E,0x00,0x0E,0x00,0x0E,0x00}, |
|
125 {0xE0,0xFE,0xE0,0xFE,0xF0,0xFE,0xF0,0xFE}, |
|
126 {0xFE,0xE0,0xFE,0xE0,0xFE,0xF0,0xFE,0xF0} |
|
127 }; |
|
128 |
|
129 void CDES::SetKey(const TDesC8& aKey, TUint32* aKeyBuffer) |
|
130 { |
|
131 TInt i=0, j=0, l=0, m=0; |
|
132 |
|
133 // Form a byte array from aKey, taking endianess into account (little->big) |
|
134 TUint8 key[8]; // For big endian byte array |
|
135 Mem::Copy(&key, &aKey[0], 8); |
|
136 |
|
137 TUint8 buffer[56+56+8]; |
|
138 TUint8* const pc1m = &buffer[0]; /* place to modify pc1 into */ |
|
139 TUint8* const pcr = pc1m + 56; /* place to rotate pc1 into */ |
|
140 TUint8* const ks = pcr + 56; |
|
141 |
|
142 for (j=0; j<56; j++) |
|
143 {/* convert pc1 to bits of key */ |
|
144 l = DES_TABLE::pc1[j]-1; /* integer bit location */ |
|
145 m = l & 07; /* find bit */ |
|
146 pc1m[j]=(key[l>>3] & /* find which key byte l is in */ |
|
147 bytebit[m]) /* and which bit of that byte */ |
|
148 ? (TUint8)1 : (TUint8)0; /* and store 1-bit result */ |
|
149 } |
|
150 |
|
151 for (i=0; i<16; i++) |
|
152 {/* key chunk for each iteration */ |
|
153 Mem::FillZ(ks,8); /* Clear key schedule */ |
|
154 for (j=0; j<56; j++) |
|
155 /* rotate pc1 the right amount */ |
|
156 pcr[j] = pc1m[(l=j+DES_TABLE::totrot[i])<(j<28? 28 : 56) ? l: l-28]; |
|
157 |
|
158 /* rotate left and right halves independently */ |
|
159 |
|
160 for (j=0; j<48; j++) |
|
161 {/* select bits individually */ |
|
162 /* check bit that goes to ks[j] */ |
|
163 if (pcr[DES_TABLE::pc2[j]-1]) |
|
164 {/* mask it in if it's there */ |
|
165 l= j % 6; |
|
166 ks[j/6] |= bytebit[l] >> 2; |
|
167 } |
|
168 } |
|
169 |
|
170 /* Now convert to odd/even interleaved form for use in F */ |
|
171 (*(aKeyBuffer+(2*i))) = ((TUint32)ks[0] << 24) |
|
172 | ((TUint32)ks[2] << 16) |
|
173 | ((TUint32)ks[4] << 8) |
|
174 | ((TUint32)ks[6]); |
|
175 |
|
176 (*(aKeyBuffer+(2*i+1))) = ((TUint32)ks[1] << 24) |
|
177 | ((TUint32)ks[3] << 16) |
|
178 | ((TUint32)ks[5] << 8) |
|
179 | ((TUint32)ks[7]); |
|
180 } |
|
181 } |
|
182 |
|
183 void CDES::Reset() |
|
184 { |
|
185 SetKey(*iKey, iK1); |
|
186 } |
|
187 |
|
188 |
|
189 /* CDESEncryptor */ |
|
190 |
|
191 EXPORT_C CDESEncryptor* CDESEncryptor::NewL(const TDesC8& aKey, |
|
192 TBool aCheckWeakKey) |
|
193 { |
|
194 CDESEncryptor* me = CDESEncryptor::NewLC(aKey, aCheckWeakKey); |
|
195 CleanupStack::Pop(me); |
|
196 return (me); |
|
197 } |
|
198 |
|
199 EXPORT_C CDESEncryptor* CDESEncryptor::NewLC(const TDesC8& aKey, |
|
200 TBool aCheckWeakKey) |
|
201 { |
|
202 CDESEncryptor* me = new (ELeave) CDESEncryptor(); |
|
203 CleanupStack::PushL(me); |
|
204 me->ConstructL(aKey, aCheckWeakKey); |
|
205 // DES only used 7 bits out of every key byte |
|
206 TCrypto::IsSymmetricWeakEnoughL(BytesToBits(aKey.Size()) - aKey.Size()); |
|
207 return (me); |
|
208 } |
|
209 |
|
210 CDESEncryptor::CDESEncryptor() |
|
211 { |
|
212 } |
|
213 |
|
214 /* CDESDecryptor */ |
|
215 |
|
216 EXPORT_C CDESDecryptor* CDESDecryptor::NewL(const TDesC8& aKey, |
|
217 TBool aCheckWeakKey) |
|
218 { |
|
219 CDESDecryptor* me = CDESDecryptor::NewLC(aKey, aCheckWeakKey); |
|
220 CleanupStack::Pop(me); |
|
221 return (me); |
|
222 } |
|
223 |
|
224 EXPORT_C CDESDecryptor* CDESDecryptor::NewLC(const TDesC8& aKey, |
|
225 TBool aCheckWeakKey) |
|
226 { |
|
227 CDESDecryptor* me = new (ELeave) CDESDecryptor(); |
|
228 CleanupStack::PushL(me); |
|
229 me->ConstructL(aKey, aCheckWeakKey); |
|
230 // DES only used 7 bits out of every key byte |
|
231 TCrypto::IsSymmetricWeakEnoughL(BytesToBits(aKey.Size()) - aKey.Size()); |
|
232 return (me); |
|
233 } |
|
234 |
|
235 |
|
236 CDESDecryptor::CDESDecryptor() |
|
237 { |
|
238 } |
|
239 |
|
240 void CDESDecryptor::SetKey(const TDesC8& aKey, TUint32* aKeyBuffer) |
|
241 { |
|
242 CDES::SetKey(aKey, aKeyBuffer); |
|
243 |
|
244 ReverseKeySchedule(iK1); |
|
245 } |
|
246 |
|
247 EXPORT_C TBool CDES::IsWeakKey(const TDesC8& aKey) |
|
248 { |
|
249 TKeyDES key; |
|
250 TInt index = 0; |
|
251 //Reset parity bits |
|
252 for(; index < KDESKeyBytes; index++) |
|
253 { |
|
254 key[index] = aKey[index] & 0xFE; |
|
255 } |
|
256 |
|
257 TBool weak = EFalse; |
|
258 //Compare key with potential weak keys without parity |
|
259 for (index=0; index < KKnownWeakKeysCount; index++) |
|
260 { |
|
261 if (Mem::Compare(weak_keys[index], KDESKeyBytes, &key[0], KDESKeyBytes)==0) |
|
262 { |
|
263 weak = ETrue; |
|
264 break; |
|
265 } |
|
266 } |
|
267 return weak; |
|
268 } |