1249130Sneel/* crypto/bf/bf_locl.h */ 2249130Sneel/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 3249130Sneel * All rights reserved. 4249130Sneel * 5249130Sneel * This package is an SSL implementation written 6249130Sneel * by Eric Young (eay@cryptsoft.com). 7249130Sneel * The implementation was written so as to conform with Netscapes SSL. 8249130Sneel * 9249967Sneel * This library is free for commercial and non-commercial use as long as 10249967Sneel * the following conditions are aheared to. The following conditions 11249130Sneel * apply to all code found in this distribution, be it the RC4, RSA, 12249130Sneel * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13249130Sneel * included with this distribution is covered by the same copyright terms 14249130Sneel * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15249967Sneel * 16249967Sneel * Copyright remains Eric Young's, and as such any Copyright notices in 17249967Sneel * the code are not to be removed. 18249967Sneel * If this package is used in a product, Eric Young should be given attribution 19249967Sneel * as the author of the parts of the library used. 20249967Sneel * This can be in the form of a textual message at program startup or 21249967Sneel * in documentation (online or textual) provided with the package. 22249967Sneel * 23249967Sneel * Redistribution and use in source and binary forms, with or without 24249967Sneel * modification, are permitted provided that the following conditions 25249130Sneel * are met: 26249130Sneel * 1. Redistributions of source code must retain the copyright 27249130Sneel * notice, this list of conditions and the following disclaimer. 28249130Sneel * 2. Redistributions in binary form must reproduce the above copyright 29249130Sneel * notice, this list of conditions and the following disclaimer in the 30249130Sneel * documentation and/or other materials provided with the distribution. 31249130Sneel * 3. All advertising materials mentioning features or use of this software 32271939Sneel * must display the following acknowledgement: 33271939Sneel * "This product includes cryptographic software written by 34272929Sneel * Eric Young (eay@cryptsoft.com)" 35272929Sneel * The word 'cryptographic' can be left out if the rouines from the library 36249130Sneel * being used are not cryptographic related :-). 37249130Sneel * 4. If you include any Windows specific code (or a derivative thereof) from 38249130Sneel * the apps directory (application code) you must include an acknowledgement: 39249130Sneel * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40249130Sneel * 41271348Sneel * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42271348Sneel * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43271348Sneel * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44271348Sneel * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45271348Sneel * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46271348Sneel * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47271348Sneel * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48271348Sneel * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49249130Sneel * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50249130Sneel * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51249130Sneel * SUCH DAMAGE. 52249130Sneel * 53249130Sneel * The licence and distribution terms for any publically available version or 54249130Sneel * derivative of this code cannot be changed. i.e. this code cannot simply be 55249130Sneel * copied and put under another distribution licence 56249130Sneel * [including the GNU Public Licence.] 57249130Sneel */ 58249130Sneel 59249130Sneel#ifndef HEADER_BF_LOCL_H 60249130Sneel# define HEADER_BF_LOCL_H 61249130Sneel# include <openssl/opensslconf.h>/* BF_PTR, BF_PTR2 */ 62249130Sneel 63249130Sneel# undef c2l 64249130Sneel# define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ 65249130Sneel l|=((unsigned long)(*((c)++)))<< 8L, \ 66249130Sneel l|=((unsigned long)(*((c)++)))<<16L, \ 67249130Sneel l|=((unsigned long)(*((c)++)))<<24L) 68249130Sneel 69249130Sneel/* NOTE - c is not incremented as per c2l */ 70249130Sneel# undef c2ln 71249130Sneel# define c2ln(c,l1,l2,n) { \ 72249130Sneel c+=n; \ 73249130Sneel l1=l2=0; \ 74249130Sneel switch (n) { \ 75249130Sneel case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ 76249130Sneel case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ 77249130Sneel case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ 78249130Sneel case 5: l2|=((unsigned long)(*(--(c)))); \ 79249130Sneel case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ 80249130Sneel case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ 81249130Sneel case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ 82271348Sneel case 1: l1|=((unsigned long)(*(--(c)))); \ 83249130Sneel } \ 84249130Sneel } 85249130Sneel 86249130Sneel# undef l2c 87249130Sneel# define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ 88249130Sneel *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ 89249130Sneel *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ 90249130Sneel *((c)++)=(unsigned char)(((l)>>24L)&0xff)) 91249130Sneel 92249130Sneel/* NOTE - c is not incremented as per l2c */ 93249130Sneel# undef l2cn 94249130Sneel# define l2cn(l1,l2,c,n) { \ 95249130Sneel c+=n; \ 96249130Sneel switch (n) { \ 97249130Sneel case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ 98249130Sneel case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ 99249130Sneel case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ 100259579Sgrehan case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ 101249130Sneel case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ 102249130Sneel case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ 103249130Sneel case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ 104249130Sneel case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ 105271348Sneel } \ 106271348Sneel } 107271348Sneel 108271348Sneel/* NOTE - c is not incremented as per n2l */ 109271348Sneel# define n2ln(c,l1,l2,n) { \ 110271348Sneel c+=n; \ 111271348Sneel l1=l2=0; \ 112271348Sneel switch (n) { \ 113271348Sneel case 8: l2 =((unsigned long)(*(--(c)))) ; \ 114271348Sneel case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ 115271348Sneel case 6: l2|=((unsigned long)(*(--(c))))<<16; \ 116271348Sneel case 5: l2|=((unsigned long)(*(--(c))))<<24; \ 117249130Sneel case 4: l1 =((unsigned long)(*(--(c)))) ; \ 118249130Sneel case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ 119249130Sneel case 2: l1|=((unsigned long)(*(--(c))))<<16; \ 120249130Sneel case 1: l1|=((unsigned long)(*(--(c))))<<24; \ 121249130Sneel } \ 122249130Sneel } 123249130Sneel 124249130Sneel/* NOTE - c is not incremented as per l2n */ 125249130Sneel# define l2nn(l1,l2,c,n) { \ 126249130Sneel c+=n; \ 127249130Sneel switch (n) { \ 128249130Sneel case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \ 129249130Sneel case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ 130249130Sneel case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ 131271559Sneel case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ 132271343Sneel case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \ 133249130Sneel case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ 134249130Sneel case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ 135249130Sneel case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ 136249130Sneel } \ 137249130Sneel } 138249130Sneel 139249130Sneel# undef n2l 140249130Sneel# define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ 141249130Sneel l|=((unsigned long)(*((c)++)))<<16L, \ 142249130Sneel l|=((unsigned long)(*((c)++)))<< 8L, \ 143276403Sneel l|=((unsigned long)(*((c)++)))) 144276403Sneel 145249130Sneel# undef l2n 146249130Sneel# define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ 147249130Sneel *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ 148249130Sneel *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ 149249130Sneel *((c)++)=(unsigned char)(((l) )&0xff)) 150249130Sneel 151249130Sneel/* 152249130Sneel * This is actually a big endian algorithm, the most significant byte is used 153249130Sneel * to lookup array 0 154249130Sneel */ 155249130Sneel 156249130Sneel# if defined(BF_PTR2) 157249130Sneel 158249130Sneel/* 159249130Sneel * This is basically a special Intel version. Point is that Intel 160249130Sneel * doesn't have many registers, but offers a reach choice of addressing 161259579Sgrehan * modes. So we spare some registers by directly traversing BF_KEY 162259579Sgrehan * structure and hiring the most decorated addressing mode. The code 163259579Sgrehan * generated by EGCS is *perfectly* competitive with assembler 164259579Sgrehan * implementation! 165270511Sneel */ 166270511Sneel# define BF_ENC(LL,R,KEY,Pi) (\ 167270511Sneel LL^=KEY[Pi], \ 168270511Sneel t= KEY[BF_ROUNDS+2 + 0 + ((R>>24)&0xFF)], \ 169270511Sneel t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \ 170259579Sgrehan t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \ 171272916Sneel t+= KEY[BF_ROUNDS+2 + 768 + ((R )&0xFF)], \ 172272916Sneel LL^=t \ 173272916Sneel ) 174272916Sneel 175272916Sneel# elif defined(BF_PTR) 176272916Sneel 177272916Sneel# ifndef BF_LONG_LOG2 178272916Sneel# define BF_LONG_LOG2 2 /* default to BF_LONG being 32 bits */ 179272916Sneel# endif 180272916Sneel# define BF_M (0xFF<<BF_LONG_LOG2) 181272916Sneel# define BF_0 (24-BF_LONG_LOG2) 182272916Sneel# define BF_1 (16-BF_LONG_LOG2) 183272916Sneel# define BF_2 ( 8-BF_LONG_LOG2) 184272916Sneel# define BF_3 BF_LONG_LOG2 /* left shift */ 185272916Sneel 186272916Sneel/* 187272916Sneel * This is normally very good on RISC platforms where normally you 188272916Sneel * have to explicitly "multiply" array index by sizeof(BF_LONG) 189272916Sneel * in order to calculate the effective address. This implementation 190272916Sneel * excuses CPU from this extra work. Power[PC] uses should have most 191272916Sneel * fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely 192272916Sneel * rlwinm. So let'em double-check if their compiler does it. 193272916Sneel */ 194272916Sneel 195272916Sneel# define BF_ENC(LL,R,S,P) ( \ 196272916Sneel LL^=P, \ 197272916Sneel LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \ 198272916Sneel *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \ 199272916Sneel *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \ 200272916Sneel *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M))) \ 201272916Sneel ) 202272916Sneel# else 203272916Sneel 204272916Sneel/* 205272916Sneel * This is a *generic* version. Seem to perform best on platforms that 206272916Sneel * offer explicit support for extraction of 8-bit nibbles preferably 207272916Sneel * complemented with "multiplying" of array index by sizeof(BF_LONG). 208272916Sneel * For the moment of this writing the list comprises Alpha CPU featuring 209272916Sneel * extbl and s[48]addq instructions. 210249130Sneel */ 211249130Sneel 212249130Sneel# define BF_ENC(LL,R,S,P) ( \ 213249130Sneel LL^=P, \ 214249130Sneel LL^=((( S[ ((int)(R>>24)&0xff)] + \ 215249130Sneel S[0x0100+((int)(R>>16)&0xff)])^ \ 216249130Sneel S[0x0200+((int)(R>> 8)&0xff)])+ \ 217249130Sneel S[0x0300+((int)(R )&0xff)])&0xffffffffL \ 218249130Sneel ) 219270962Sneel# endif 220270962Sneel 221270962Sneel#endif 222270962Sneel