cirno/plan9port
1
0
Fork 0
mirror of https://github.com/9fans/plan9port.git synced 2025-01-24 11:41:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add libsec

Browse source
This commit is contained in:
rsc 2003-11-23 18:21:42 +00:00
parent 056fe1ba7f
commit db6608bd81
12 changed files with 2916 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/libsec/mkfile Normal file
View file

@ -0,0 +1,10 @@
PLAN9=../..
<$PLAN9/src/mkhdr
DIRS=\
# fmt\
port\
# unix\
# $systype-$objtype\
<$PLAN9/src/mkdirs

1544
src/libsec/port/aes.c Normal file
View file

File diff suppressed because it is too large Load diff

480
src/libsec/port/des.c Normal file
View file

@ -0,0 +1,480 @@
#include "os.h"
#include <libsec.h>
/*
* integrated sbox & p perm
*/
static u32int spbox[] = {
0x00808200,0x00000000,0x00008000,0x00808202,0x00808002,0x00008202,0x00000002,0x00008000,
0x00000200,0x00808200,0x00808202,0x00000200,0x00800202,0x00808002,0x00800000,0x00000002,
0x00000202,0x00800200,0x00800200,0x00008200,0x00008200,0x00808000,0x00808000,0x00800202,
0x00008002,0x00800002,0x00800002,0x00008002,0x00000000,0x00000202,0x00008202,0x00800000,
0x00008000,0x00808202,0x00000002,0x00808000,0x00808200,0x00800000,0x00800000,0x00000200,
0x00808002,0x00008000,0x00008200,0x00800002,0x00000200,0x00000002,0x00800202,0x00008202,
0x00808202,0x00008002,0x00808000,0x00800202,0x00800002,0x00000202,0x00008202,0x00808200,
0x00000202,0x00800200,0x00800200,0x00000000,0x00008002,0x00008200,0x00000000,0x00808002,
0x40084010,0x40004000,0x00004000,0x00084010,0x00080000,0x00000010,0x40080010,0x40004010,
0x40000010,0x40084010,0x40084000,0x40000000,0x40004000,0x00080000,0x00000010,0x40080010,
0x00084000,0x00080010,0x40004010,0x00000000,0x40000000,0x00004000,0x00084010,0x40080000,
0x00080010,0x40000010,0x00000000,0x00084000,0x00004010,0x40084000,0x40080000,0x00004010,
0x00000000,0x00084010,0x40080010,0x00080000,0x40004010,0x40080000,0x40084000,0x00004000,
0x40080000,0x40004000,0x00000010,0x40084010,0x00084010,0x00000010,0x00004000,0x40000000,
0x00004010,0x40084000,0x00080000,0x40000010,0x00080010,0x40004010,0x40000010,0x00080010,
0x00084000,0x00000000,0x40004000,0x00004010,0x40000000,0x40080010,0x40084010,0x00084000,
0x00000104,0x04010100,0x00000000,0x04010004,0x04000100,0x00000000,0x00010104,0x04000100,
0x00010004,0x04000004,0x04000004,0x00010000,0x04010104,0x00010004,0x04010000,0x00000104,
0x04000000,0x00000004,0x04010100,0x00000100,0x00010100,0x04010000,0x04010004,0x00010104,
0x04000104,0x00010100,0x00010000,0x04000104,0x00000004,0x04010104,0x00000100,0x04000000,
0x04010100,0x04000000,0x00010004,0x00000104,0x00010000,0x04010100,0x04000100,0x00000000,
0x00000100,0x00010004,0x04010104,0x04000100,0x04000004,0x00000100,0x00000000,0x04010004,
0x04000104,0x00010000,0x04000000,0x04010104,0x00000004,0x00010104,0x00010100,0x04000004,
0x04010000,0x04000104,0x00000104,0x04010000,0x00010104,0x00000004,0x04010004,0x00010100,
0x80401000,0x80001040,0x80001040,0x00000040,0x00401040,0x80400040,0x80400000,0x80001000,
0x00000000,0x00401000,0x00401000,0x80401040,0x80000040,0x00000000,0x00400040,0x80400000,
0x80000000,0x00001000,0x00400000,0x80401000,0x00000040,0x00400000,0x80001000,0x00001040,
0x80400040,0x80000000,0x00001040,0x00400040,0x00001000,0x00401040,0x80401040,0x80000040,
0x00400040,0x80400000,0x00401000,0x80401040,0x80000040,0x00000000,0x00000000,0x00401000,
0x00001040,0x00400040,0x80400040,0x80000000,0x80401000,0x80001040,0x80001040,0x00000040,
0x80401040,0x80000040,0x80000000,0x00001000,0x80400000,0x80001000,0x00401040,0x80400040,
0x80001000,0x00001040,0x00400000,0x80401000,0x00000040,0x00400000,0x00001000,0x00401040,
0x00000080,0x01040080,0x01040000,0x21000080,0x00040000,0x00000080,0x20000000,0x01040000,
0x20040080,0x00040000,0x01000080,0x20040080,0x21000080,0x21040000,0x00040080,0x20000000,
0x01000000,0x20040000,0x20040000,0x00000000,0x20000080,0x21040080,0x21040080,0x01000080,
0x21040000,0x20000080,0x00000000,0x21000000,0x01040080,0x01000000,0x21000000,0x00040080,
0x00040000,0x21000080,0x00000080,0x01000000,0x20000000,0x01040000,0x21000080,0x20040080,
0x01000080,0x20000000,0x21040000,0x01040080,0x20040080,0x00000080,0x01000000,0x21040000,
0x21040080,0x00040080,0x21000000,0x21040080,0x01040000,0x00000000,0x20040000,0x21000000,
0x00040080,0x01000080,0x20000080,0x00040000,0x00000000,0x20040000,0x01040080,0x20000080,
0x10000008,0x10200000,0x00002000,0x10202008,0x10200000,0x00000008,0x10202008,0x00200000,
0x10002000,0x00202008,0x00200000,0x10000008,0x00200008,0x10002000,0x10000000,0x00002008,
0x00000000,0x00200008,0x10002008,0x00002000,0x00202000,0x10002008,0x00000008,0x10200008,
0x10200008,0x00000000,0x00202008,0x10202000,0x00002008,0x00202000,0x10202000,0x10000000,
0x10002000,0x00000008,0x10200008,0x00202000,0x10202008,0x00200000,0x00002008,0x10000008,
0x00200000,0x10002000,0x10000000,0x00002008,0x10000008,0x10202008,0x00202000,0x10200000,
0x00202008,0x10202000,0x00000000,0x10200008,0x00000008,0x00002000,0x10200000,0x00202008,
0x00002000,0x00200008,0x10002008,0x00000000,0x10202000,0x10000000,0x00200008,0x10002008,
0x00100000,0x02100001,0x02000401,0x00000000,0x00000400,0x02000401,0x00100401,0x02100400,
0x02100401,0x00100000,0x00000000,0x02000001,0x00000001,0x02000000,0x02100001,0x00000401,
0x02000400,0x00100401,0x00100001,0x02000400,0x02000001,0x02100000,0x02100400,0x00100001,
0x02100000,0x00000400,0x00000401,0x02100401,0x00100400,0x00000001,0x02000000,0x00100400,
0x02000000,0x00100400,0x00100000,0x02000401,0x02000401,0x02100001,0x02100001,0x00000001,
0x00100001,0x02000000,0x02000400,0x00100000,0x02100400,0x00000401,0x00100401,0x02100400,
0x00000401,0x02000001,0x02100401,0x02100000,0x00100400,0x00000000,0x00000001,0x02100401,
0x00000000,0x00100401,0x02100000,0x00000400,0x02000001,0x02000400,0x00000400,0x00100001,
0x08000820,0x00000800,0x00020000,0x08020820,0x08000000,0x08000820,0x00000020,0x08000000,
0x00020020,0x08020000,0x08020820,0x00020800,0x08020800,0x00020820,0x00000800,0x00000020,
0x08020000,0x08000020,0x08000800,0x00000820,0x00020800,0x00020020,0x08020020,0x08020800,
0x00000820,0x00000000,0x00000000,0x08020020,0x08000020,0x08000800,0x00020820,0x00020000,
0x00020820,0x00020000,0x08020800,0x00000800,0x00000020,0x08020020,0x00000800,0x00020820,
0x08000800,0x00000020,0x08000020,0x08020000,0x08020020,0x08000000,0x00020000,0x08000820,
0x00000000,0x08020820,0x00020020,0x08000020,0x08020000,0x08000800,0x08000820,0x00000000,
0x08020820,0x00020800,0x00020800,0x00000820,0x00000820,0x00020020,0x08000000,0x08020800,
};
/*
* for manual index calculation
* #define fetch(box, i, sh) (*((u32int*)((uchar*)spbox + (box << 8) + ((i >> (sh)) & 0xfc))))
*/
#define fetch(box, i, sh) ((spbox+(box << 6))[((i >> (sh + 2)) & 0x3f)])
/*
* DES electronic codebook encryption of one block
*/
void
block_cipher(ulong key[32], uchar text[8], int decrypting)
{
u32int right, left, v0, v1;
int i, keystep;
/*
* initial permutation
*/
v0 = text[0] | ((u32int)text[2]<<8) | ((u32int)text[4]<<16) | ((u32int)text[6]<<24);
left = text[1] | ((u32int)text[3]<<8) | ((u32int)text[5]<<16) | ((u32int)text[7]<<24);
right = (left & 0xaaaaaaaa) | ((v0 >> 1) & 0x55555555);
left = ((left << 1) & 0xaaaaaaaa) | (v0 & 0x55555555);
left = ((left << 6) & 0x33003300)
| (left & 0xcc33cc33)
| ((left >> 6) & 0x00cc00cc);
left = ((left << 12) & 0x0f0f0000)
| (left & 0xf0f00f0f)
| ((left >> 12) & 0x0000f0f0);
right = ((right << 6) & 0x33003300)
| (right & 0xcc33cc33)
| ((right >> 6) & 0x00cc00cc);
right = ((right << 12) & 0x0f0f0000)
| (right & 0xf0f00f0f)
| ((right >> 12) & 0x0000f0f0);
if (decrypting) {
keystep = -2;
key = key + 32 - 2;
} else
keystep = 2;
for (i = 0; i < 8; i++) {
v0 = key[0];
v0 ^= (right >> 1) | (right << 31);
left ^= fetch(0, v0, 24)
^ fetch(2, v0, 16)
^ fetch(4, v0, 8)
^ fetch(6, v0, 0);
v1 = key[1];
v1 ^= (right << 3) | (right >> 29);
left ^= fetch(1, v1, 24)
^ fetch(3, v1, 16)
^ fetch(5, v1, 8)
^ fetch(7, v1, 0);
key += keystep;
v0 = key[0];
v0 ^= (left >> 1) | (left << 31);
right ^= fetch(0, v0, 24)
^ fetch(2, v0, 16)
^ fetch(4, v0, 8)
^ fetch(6, v0, 0);
v1 = key[1];
v1 ^= (left << 3) | (left >> 29);
right ^= fetch(1, v1, 24)
^ fetch(3, v1, 16)
^ fetch(5, v1, 8)
^ fetch(7, v1, 0);
key += keystep;
}
/*
* final permutation, inverse initial permutation
*/
v0 = ((left << 1) & 0xaaaaaaaa) | (right & 0x55555555);
v1 = (left & 0xaaaaaaaa) | ((right >> 1) & 0x55555555);
v1 = ((v1 << 6) & 0x33003300)
| (v1 & 0xcc33cc33)
| ((v1 >> 6) & 0x00cc00cc);
v1 = ((v1 << 12) & 0x0f0f0000)
| (v1 & 0xf0f00f0f)
| ((v1 >> 12) & 0x0000f0f0);
v0 = ((v0 << 6) & 0x33003300)
| (v0 & 0xcc33cc33)
| ((v0 >> 6) & 0x00cc00cc);
v0 = ((v0 << 12) & 0x0f0f0000)
| (v0 & 0xf0f00f0f)
| ((v0 >> 12) & 0x0000f0f0);
text[0] = v0;
text[2] = v0 >> 8;
text[4] = v0 >> 16;
text[6] = v0 >> 24;
text[1] = v1;
text[3] = v1 >> 8;
text[5] = v1 >> 16;
text[7] = v1 >> 24;
}
/*
* triple DES electronic codebook encryption of one block
*/
void
triple_block_cipher(ulong expanded_key[3][32], uchar text[8], int ende)
{
ulong *key;
u32int right, left, v0, v1;
int i, j, keystep;
/*
* initial permutation
*/
v0 = text[0] | ((u32int)text[2]<<8) | ((u32int)text[4]<<16) | ((u32int)text[6]<<24);
left = text[1] | ((u32int)text[3]<<8) | ((u32int)text[5]<<16) | ((u32int)text[7]<<24);
right = (left & 0xaaaaaaaa) | ((v0 >> 1) & 0x55555555);
left = ((left << 1) & 0xaaaaaaaa) | (v0 & 0x55555555);
left = ((left << 6) & 0x33003300)
| (left & 0xcc33cc33)
| ((left >> 6) & 0x00cc00cc);
left = ((left << 12) & 0x0f0f0000)
| (left & 0xf0f00f0f)
| ((left >> 12) & 0x0000f0f0);
right = ((right << 6) & 0x33003300)
| (right & 0xcc33cc33)
| ((right >> 6) & 0x00cc00cc);
right = ((right << 12) & 0x0f0f0000)
| (right & 0xf0f00f0f)
| ((right >> 12) & 0x0000f0f0);
for(j = 0; j < 3; j++){
if((ende & 1) == DES3D) {
key = &expanded_key[2-j][32-2];
keystep = -2;
} else {
key = &expanded_key[j][0];
keystep = 2;
}
ende >>= 1;
for (i = 0; i < 8; i++) {
v0 = key[0];
v0 ^= (right >> 1) | (right << 31);
left ^= fetch(0, v0, 24)
^ fetch(2, v0, 16)
^ fetch(4, v0, 8)
^ fetch(6, v0, 0);
v1 = key[1];
v1 ^= (right << 3) | (right >> 29);
left ^= fetch(1, v1, 24)
^ fetch(3, v1, 16)
^ fetch(5, v1, 8)
^ fetch(7, v1, 0);
key += keystep;
v0 = key[0];
v0 ^= (left >> 1) | (left << 31);
right ^= fetch(0, v0, 24)
^ fetch(2, v0, 16)
^ fetch(4, v0, 8)
^ fetch(6, v0, 0);
v1 = key[1];
v1 ^= (left << 3) | (left >> 29);
right ^= fetch(1, v1, 24)
^ fetch(3, v1, 16)
^ fetch(5, v1, 8)
^ fetch(7, v1, 0);
key += keystep;
}
v0 = left;
left = right;
right = v0;
}
/*
* final permutation, inverse initial permutation
* left and right are swapped here
*/
v0 = ((right << 1) & 0xaaaaaaaa) | (left & 0x55555555);
v1 = (right & 0xaaaaaaaa) | ((left >> 1) & 0x55555555);
v1 = ((v1 << 6) & 0x33003300)
| (v1 & 0xcc33cc33)
| ((v1 >> 6) & 0x00cc00cc);
v1 = ((v1 << 12) & 0x0f0f0000)
| (v1 & 0xf0f00f0f)
| ((v1 >> 12) & 0x0000f0f0);
v0 = ((v0 << 6) & 0x33003300)
| (v0 & 0xcc33cc33)
| ((v0 >> 6) & 0x00cc00cc);
v0 = ((v0 << 12) & 0x0f0f0000)
| (v0 & 0xf0f00f0f)
| ((v0 >> 12) & 0x0000f0f0);
text[0] = v0;
text[2] = v0 >> 8;
text[4] = v0 >> 16;
text[6] = v0 >> 24;
text[1] = v1;
text[3] = v1 >> 8;
text[5] = v1 >> 16;
text[7] = v1 >> 24;
}
/*
* key compression permutation, 4 bits at a time
*/
static u32int comptab[] = {
0x000000,0x010000,0x000008,0x010008,0x000080,0x010080,0x000088,0x010088,
0x000000,0x010000,0x000008,0x010008,0x000080,0x010080,0x000088,0x010088,
0x000000,0x100000,0x000800,0x100800,0x000000,0x100000,0x000800,0x100800,
0x002000,0x102000,0x002800,0x102800,0x002000,0x102000,0x002800,0x102800,
0x000000,0x000004,0x000400,0x000404,0x000000,0x000004,0x000400,0x000404,
0x400000,0x400004,0x400400,0x400404,0x400000,0x400004,0x400400,0x400404,
0x000000,0x000020,0x008000,0x008020,0x800000,0x800020,0x808000,0x808020,
0x000002,0x000022,0x008002,0x008022,0x800002,0x800022,0x808002,0x808022,
0x000000,0x000200,0x200000,0x200200,0x001000,0x001200,0x201000,0x201200,
0x000000,0x000200,0x200000,0x200200,0x001000,0x001200,0x201000,0x201200,
0x000000,0x000040,0x000010,0x000050,0x004000,0x004040,0x004010,0x004050,
0x040000,0x040040,0x040010,0x040050,0x044000,0x044040,0x044010,0x044050,
0x000000,0x000100,0x020000,0x020100,0x000001,0x000101,0x020001,0x020101,
0x080000,0x080100,0x0a0000,0x0a0100,0x080001,0x080101,0x0a0001,0x0a0101,
0x000000,0x000100,0x040000,0x040100,0x000000,0x000100,0x040000,0x040100,
0x000040,0x000140,0x040040,0x040140,0x000040,0x000140,0x040040,0x040140,
0x000000,0x400000,0x008000,0x408000,0x000008,0x400008,0x008008,0x408008,
0x000400,0x400400,0x008400,0x408400,0x000408,0x400408,0x008408,0x408408,
0x000000,0x001000,0x080000,0x081000,0x000020,0x001020,0x080020,0x081020,
0x004000,0x005000,0x084000,0x085000,0x004020,0x005020,0x084020,0x085020,
0x000000,0x000800,0x000000,0x000800,0x000010,0x000810,0x000010,0x000810,
0x800000,0x800800,0x800000,0x800800,0x800010,0x800810,0x800010,0x800810,
0x000000,0x010000,0x000200,0x010200,0x000000,0x010000,0x000200,0x010200,
0x100000,0x110000,0x100200,0x110200,0x100000,0x110000,0x100200,0x110200,
0x000000,0x000004,0x000000,0x000004,0x000080,0x000084,0x000080,0x000084,
0x002000,0x002004,0x002000,0x002004,0x002080,0x002084,0x002080,0x002084,
0x000000,0x000001,0x200000,0x200001,0x020000,0x020001,0x220000,0x220001,
0x000002,0x000003,0x200002,0x200003,0x020002,0x020003,0x220002,0x220003,
};
static int keysh[] =
{
1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1,
};
static void
keycompperm(u32int left, u32int right, ulong *ek)
{
u32int v0, v1;
int i;
for(i = 0; i < 16; i++){
left = (left << keysh[i]) | (left >> (28 - keysh[i]));
left &= 0xfffffff0;
right = (right << keysh[i]) | (right >> (28 - keysh[i]));
right &= 0xfffffff0;
v0 = comptab[6 * (1 << 4) + ((left >> (32-4)) & 0xf)]
| comptab[5 * (1 << 4) + ((left >> (32-8)) & 0xf)]
| comptab[4 * (1 << 4) + ((left >> (32-12)) & 0xf)]
| comptab[3 * (1 << 4) + ((left >> (32-16)) & 0xf)]
| comptab[2 * (1 << 4) + ((left >> (32-20)) & 0xf)]
| comptab[1 * (1 << 4) + ((left >> (32-24)) & 0xf)]
| comptab[0 * (1 << 4) + ((left >> (32-28)) & 0xf)];
v1 = comptab[13 * (1 << 4) + ((right >> (32-4)) & 0xf)]
| comptab[12 * (1 << 4) + ((right >> (32-8)) & 0xf)]
| comptab[11 * (1 << 4) + ((right >> (32-12)) & 0xf)]
| comptab[10 * (1 << 4) + ((right >> (32-16)) & 0xf)]
| comptab[9 * (1 << 4) + ((right >> (32-20)) & 0xf)]
| comptab[8 * (1 << 4) + ((right >> (32-24)) & 0xf)]
| comptab[7 * (1 << 4) + ((right >> (32-28)) & 0xf)];
ek[0] = (((v0 >> (24-6)) & 0x3f) << 26)
| (((v0 >> (24-18)) & 0x3f) << 18)
| (((v1 >> (24-6)) & 0x3f) << 10)
| (((v1 >> (24-18)) & 0x3f) << 2);
ek[1] = (((v0 >> (24-12)) & 0x3f) << 26)
| (((v0 >> (24-24)) & 0x3f) << 18)
| (((v1 >> (24-12)) & 0x3f) << 10)
| (((v1 >> (24-24)) & 0x3f) << 2);
ek += 2;
}
}
void
des_key_setup(uchar key[8], ulong *ek)
{
u32int left, right, v0, v1;
v0 = key[0] | ((u32int)key[2] << 8) | ((u32int)key[4] << 16) | ((u32int)key[6] << 24);
v1 = key[1] | ((u32int)key[3] << 8) | ((u32int)key[5] << 16) | ((u32int)key[7] << 24);
left = ((v0 >> 1) & 0x40404040)
| ((v0 >> 2) & 0x10101010)
| ((v0 >> 3) & 0x04040404)
| ((v0 >> 4) & 0x01010101)
| ((v1 >> 0) & 0x80808080)
| ((v1 >> 1) & 0x20202020)
| ((v1 >> 2) & 0x08080808)
| ((v1 >> 3) & 0x02020202);
right = ((v0 >> 1) & 0x04040404)
| ((v0 << 2) & 0x10101010)
| ((v0 << 5) & 0x40404040)
| ((v1 << 0) & 0x08080808)
| ((v1 << 3) & 0x20202020)
| ((v1 << 6) & 0x80808080);
left = ((left << 6) & 0x33003300)
| (left & 0xcc33cc33)
| ((left >> 6) & 0x00cc00cc);
v0 = ((left << 12) & 0x0f0f0000)
| (left & 0xf0f00f0f)
| ((left >> 12) & 0x0000f0f0);
right = ((right << 6) & 0x33003300)
| (right & 0xcc33cc33)
| ((right >> 6) & 0x00cc00cc);
v1 = ((right << 12) & 0x0f0f0000)
| (right & 0xf0f00f0f)
| ((right >> 12) & 0x0000f0f0);
left = v0 & 0xfffffff0;
right = (v1 & 0xffffff00) | ((v0 << 4) & 0xf0);
keycompperm(left, right, ek);
}
static uchar parity[128] =
{
0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e,
0x10, 0x13, 0x15, 0x16, 0x19, 0x1a, 0x1c, 0x1f,
0x20, 0x23, 0x25, 0x26, 0x29, 0x2a, 0x2c, 0x2f,
0x31, 0x32, 0x34, 0x37, 0x38, 0x3b, 0x3d, 0x3e,
0x40, 0x43, 0x45, 0x46, 0x49, 0x4a, 0x4c, 0x4f,
0x51, 0x52, 0x54, 0x57, 0x58, 0x5b, 0x5d, 0x5e,
0x61, 0x62, 0x64, 0x67, 0x68, 0x6b, 0x6d, 0x6e,
0x70, 0x73, 0x75, 0x76, 0x79, 0x7a, 0x7c, 0x7f,
0x80, 0x83, 0x85, 0x86, 0x89, 0x8a, 0x8c, 0x8f,
0x91, 0x92, 0x94, 0x97, 0x98, 0x9b, 0x9d, 0x9e,
0xa1, 0xa2, 0xa4, 0xa7, 0xa8, 0xab, 0xad, 0xae,
0xb0, 0xb3, 0xb5, 0xb6, 0xb9, 0xba, 0xbc, 0xbf,
0xc1, 0xc2, 0xc4, 0xc7, 0xc8, 0xcb, 0xcd, 0xce,
0xd0, 0xd3, 0xd5, 0xd6, 0xd9, 0xda, 0xdc, 0xdf,
0xe0, 0xe3, 0xe5, 0xe6, 0xe9, 0xea, 0xec, 0xef,
0xf1, 0xf2, 0xf4, 0xf7, 0xf8, 0xfb, 0xfd, 0xfe,
};
/*
* convert a 7 byte key to an 8 byte one
*/
void
des56to64(uchar *k56, uchar *k64)
{
u32int hi, lo;
hi = ((u32int)k56[0]<<24)|((u32int)k56[1]<<16)|((u32int)k56[2]<<8)|k56[3];
lo = ((u32int)k56[4]<<24)|((u32int)k56[5]<<16)|((u32int)k56[6]<<8);
k64[0] = parity[(hi>>25)&0x7f];
k64[1] = parity[(hi>>18)&0x7f];
k64[2] = parity[(hi>>11)&0x7f];
k64[3] = parity[(hi>>4)&0x7f];
k64[4] = parity[((hi<<3)|(lo>>29))&0x7f];
k64[5] = parity[(lo>>22)&0x7f];
k64[6] = parity[(lo>>15)&0x7f];
k64[7] = parity[(lo>>8)&0x7f];
}
/*
* convert an 8 byte key to a 7 byte one
*/
void
des64to56(uchar *k64, uchar *k56)
{
u32int hi, lo;
hi = (((u32int)k64[0]&0xfe)<<24)|(((u32int)k64[1]&0xfe)<<17)|(((u32int)k64[2]&0xfe)<<10)
|((k64[3]&0xfe)<<3)|(k64[4]>>4);
lo = (((u32int)k64[4]&0xfe)<<28)|(((u32int)k64[5]&0xfe)<<21)|(((u32int)k64[6]&0xfe)<<14)
|(((u32int)k64[7]&0xfe)<<7);
k56[0] = hi>>24;
k56[1] = hi>>16;
k56[2] = hi>>8;
k56[3] = hi>>0;
k56[4] = lo>>24;
k56[5] = lo>>16;
k56[6] = lo>>8;
}
void
key_setup(uchar key[7], ulong *ek)
{
uchar k64[8];
des56to64(key, k64);
des_key_setup(k64, ek);
}

31
src/libsec/port/desmodes.c Normal file
View file

@ -0,0 +1,31 @@
#include "os.h"
#include <libsec.h>
/*
* these routines use the 64bit format for
* DES keys.
*/
void
setupDESstate(DESstate *s, uchar key[8], uchar *ivec)
{
memset(s, 0, sizeof(*s));
memmove(s->key, key, sizeof(s->key));
des_key_setup(key, s->expanded);
if(ivec)
memmove(s->ivec, ivec, 8);
s->setup = 0xdeadbeef;
}
void
setupDES3state(DES3state *s, uchar key[3][8], uchar *ivec)
{
memset(s, 0, sizeof(*s));
memmove(s->key, key, sizeof(s->key));
des_key_setup(key[0], s->expanded[0]);
des_key_setup(key[1], s->expanded[1]);
des_key_setup(key[2], s->expanded[2]);
if(ivec)
memmove(s->ivec, ivec, 8);
s->setup = 0xdeadbeef;
}

16
src/libsec/port/fastrand.c Normal file
View file

@ -0,0 +1,16 @@
#include <u.h>
#include <libc.h>
#include <libsec.h>
/*
* use the X917 random number generator to create random
* numbers (faster than truerand() but not as random).
*/
ulong
fastrand(void)
{
ulong x;
genrandom((uchar*)&x, sizeof x);
return x;
}

61
src/libsec/port/genrandom.c Normal file
View file

@ -0,0 +1,61 @@
#include "os.h"
#include <libsec.h>
typedef struct State{
QLock lock;
int seeded;
uvlong seed;
DES3state des3;
} State;
static State x917state;
static void
X917(uchar *rand, int nrand)
{
int i, m, n8;
uvlong I, x;
/* 1. Compute intermediate value I = Ek(time). */
I = nsec();
triple_block_cipher(x917state.des3.expanded, (uchar*)&I, 0); /* two-key EDE */
/* 2. x[i] = Ek(I^seed); seed = Ek(x[i]^I); */
m = (nrand+7)/8;
for(i=0; i<m; i++){
x = I ^ x917state.seed;
triple_block_cipher(x917state.des3.expanded, (uchar*)&x, 0);
n8 = (nrand>8) ? 8 : nrand;
memcpy(rand, (uchar*)&x, n8);
rand += 8;
nrand -= 8;
x ^= I;
triple_block_cipher(x917state.des3.expanded, (uchar*)&x, 0);
x917state.seed = x;
}
}
static void
X917init(void)
{
int n;
uchar mix[128];
uchar key3[3][8];
ulong *ulp;
ulp = (ulong*)key3;
for(n = 0; n < sizeof(key3)/sizeof(ulong); n++)
ulp[n] = truerand();
setupDES3state(&x917state.des3, key3, nil);
X917(mix, sizeof mix);
x917state.seeded = 1;
}
void
genrandom(uchar *p, int n)
{
qlock(&x917state.lock);
if(x917state.seeded == 0)
X917init();
X917(p, n);
qunlock(&x917state.lock);
}

148
src/libsec/port/md5.c Normal file
View file

@ -0,0 +1,148 @@
#include "os.h"
#include <libsec.h>
/*
* rfc1321 requires that I include this. The code is new. The constants
* all come from the rfc (hence the copyright). We trade a table for the
* macros in rfc. The total size is a lot less. -- presotto
*
* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
* rights reserved.
*
* License to copy and use this software is granted provided that it
* is identified as the "RSA Data Security, Inc. MD5 Message-Digest
* Algorithm" in all material mentioning or referencing this software
* or this function.
*
* License is also granted to make and use derivative works provided
* that such works are identified as "derived from the RSA Data
* Security, Inc. MD5 Message-Digest Algorithm" in all material
* mentioning or referencing the derived work.
*
* RSA Data Security, Inc. makes no representations concerning either
* the merchantability of this software or the suitability of this
* software forany particular purpose. It is provided "as is"
* without express or implied warranty of any kind.
* These notices must be retained in any copies of any part of this
* documentation and/or software.
*/
static void encode(uchar*, u32int*, ulong);
static void decode(u32int*, uchar*, ulong);
extern void _md5block(uchar*, ulong, u32int*);
MD5state*
md5(uchar *p, ulong len, uchar *digest, MD5state *s)
{
u32int x[16];
uchar buf[128];
int i;
uchar *e;
if(s == nil){
s = malloc(sizeof(*s));
if(s == nil)
return nil;
memset(s, 0, sizeof(*s));
s->malloced = 1;
}
if(s->seeded == 0){
/* seed the state, these constants would look nicer big-endian */
s->state[0] = 0x67452301;
s->state[1] = 0xefcdab89;
s->state[2] = 0x98badcfe;
s->state[3] = 0x10325476;
s->seeded = 1;
}
/* fill out the partial 64 byte block from previous calls */
if(s->blen){
i = 64 - s->blen;
if(len < i)
i = len;
memmove(s->buf + s->blen, p, i);
len -= i;
s->blen += i;
p += i;
if(s->blen == 64){
_md5block(s->buf, s->blen, s->state);
s->len += s->blen;
s->blen = 0;
}
}
/* do 64 byte blocks */
i = len & ~0x3f;
if(i){
_md5block(p, i, s->state);
s->len += i;
len -= i;
p += i;
}
/* save the left overs if not last call */
if(digest == 0){
if(len){
memmove(s->buf, p, len);
s->blen += len;
}
return s;
}
/*
* this is the last time through, pad what's left with 0x80,
* 0's, and the input count to create a multiple of 64 bytes
*/
if(s->blen){
p = s->buf;
len = s->blen;
} else {
memmove(buf, p, len);
p = buf;
}
s->len += len;
e = p + len;
if(len < 56)
i = 56 - len;
else
i = 120 - len;
memset(e, 0, i);
*e = 0x80;
len += i;
/* append the count */
x[0] = s->len<<3;
x[1] = s->len>>29;
encode(p+len, x, 8);
/* digest the last part */
_md5block(p, len+8, s->state);
s->len += len;
/* return result and free state */
encode(digest, s->state, MD5dlen);
if(s->malloced == 1)
free(s);
return nil;
}
/*
* encodes input (u32int) into output (uchar). Assumes len is
* a multiple of 4.
*/
static void
encode(uchar *output, u32int *input, ulong len)
{
u32int x;
uchar *e;
for(e = output + len; output < e;) {
x = *input++;
*output++ = x;
*output++ = x >> 8;
*output++ = x >> 16;
*output++ = x >> 24;
}
}

267
src/libsec/port/md5block.c Normal file
View file

@ -0,0 +1,267 @@
#include "os.h"
#include <libsec.h>
/*
* rfc1321 requires that I include this. The code is new. The constants
* all come from the rfc (hence the copyright). We trade a table for the
* macros in rfc. The total size is a lot less. -- presotto
*
* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
* rights reserved.
*
* License to copy and use this software is granted provided that it
* is identified as the "RSA Data Security, Inc. MD5 Message-Digest
* Algorithm" in all material mentioning or referencing this software
* or this function.
*
* License is also granted to make and use derivative works provided
* that such works are identified as "derived from the RSA Data
* Security, Inc. MD5 Message-Digest Algorithm" in all material
* mentioning or referencing the derived work.
*
* RSA Data Security, Inc. makes no representations concerning either
* the merchantability of this software or the suitability of this
* software forany particular purpose. It is provided "as is"
* without express or implied warranty of any kind.
* These notices must be retained in any copies of any part of this
* documentation and/or software.
*/
/*
* Rotate ammounts used in the algorithm
*/
enum
{
S11= 7,
S12= 12,
S13= 17,
S14= 22,
S21= 5,
S22= 9,
S23= 14,
S24= 20,
S31= 4,
S32= 11,
S33= 16,
S34= 23,
S41= 6,
S42= 10,
S43= 15,
S44= 21,
};
static u32int md5tab[] =
{
/* round 1 */
/*[0]*/ 0xd76aa478,
0xe8c7b756,
0x242070db,
0xc1bdceee,
0xf57c0faf,
0x4787c62a,
0xa8304613,
0xfd469501,
0x698098d8,
0x8b44f7af,
0xffff5bb1,
0x895cd7be,
0x6b901122,
0xfd987193,
0xa679438e,
0x49b40821,
/* round 2 */
/*[16]*/0xf61e2562,
0xc040b340,
0x265e5a51,
0xe9b6c7aa,
0xd62f105d,
0x2441453,
0xd8a1e681,
0xe7d3fbc8,
0x21e1cde6,
0xc33707d6,
0xf4d50d87,
0x455a14ed,
0xa9e3e905,
0xfcefa3f8,
0x676f02d9,
0x8d2a4c8a,
/* round 3 */
/*[32]*/0xfffa3942,
0x8771f681,
0x6d9d6122,
0xfde5380c,
0xa4beea44,
0x4bdecfa9,
0xf6bb4b60,
0xbebfbc70,
0x289b7ec6,
0xeaa127fa,
0xd4ef3085,
0x4881d05,
0xd9d4d039,
0xe6db99e5,
0x1fa27cf8,
0xc4ac5665,
/* round 4 */
/*[48]*/0xf4292244,
0x432aff97,
0xab9423a7,
0xfc93a039,
0x655b59c3,
0x8f0ccc92,
0xffeff47d,
0x85845dd1,
0x6fa87e4f,
0xfe2ce6e0,
0xa3014314,
0x4e0811a1,
0xf7537e82,
0xbd3af235,
0x2ad7d2bb,
0xeb86d391,
};
static void decode(u32int*, uchar*, ulong);
extern void _md5block(uchar *p, ulong len, u32int *s);
void
_md5block(uchar *p, ulong len, u32int *s)
{
u32int a, b, c, d, sh;
u32int *t;
uchar *end;
u32int x[16];
for(end = p+len; p < end; p += 64){
a = s[0];
b = s[1];
c = s[2];
d = s[3];
decode(x, p, 64);
t = md5tab;
sh = 0;
for(; sh != 16; t += 4){
a += ((c ^ d) & b) ^ d;
a += x[sh] + t[0];
a = (a << S11) | (a >> (32 - S11));
a += b;
d += ((b ^ c) & a) ^ c;
d += x[sh + 1] + t[1];
d = (d << S12) | (d >> (32 - S12));
d += a;
c += ((a ^ b) & d) ^ b;
c += x[sh + 2] + t[2];
c = (c << S13) | (c >> (32 - S13));
c += d;
b += ((d ^ a) & c) ^ a;
b += x[sh + 3] + t[3];
b = (b << S14) | (b >> (32 - S14));
b += c;
sh += 4;
}
sh = 1;
for(; sh != 1+20*4; t += 4){
a += ((b ^ c) & d) ^ c;
a += x[sh & 0xf] + t[0];
a = (a << S21) | (a >> (32 - S21));
a += b;
d += ((a ^ b) & c) ^ b;
d += x[(sh + 5) & 0xf] + t[1];
d = (d << S22) | (d >> (32 - S22));
d += a;
c += ((d ^ a) & b) ^ a;
c += x[(sh + 10) & 0xf] + t[2];
c = (c << S23) | (c >> (32 - S23));
c += d;
b += ((c ^ d) & a) ^ d;
b += x[(sh + 15) & 0xf] + t[3];
b = (b << S24) | (b >> (32 - S24));
b += c;
sh += 20;
}
sh = 5;
for(; sh != 5+12*4; t += 4){
a += b ^ c ^ d;
a += x[sh & 0xf] + t[0];
a = (a << S31) | (a >> (32 - S31));
a += b;
d += a ^ b ^ c;
d += x[(sh + 3) & 0xf] + t[1];
d = (d << S32) | (d >> (32 - S32));
d += a;
c += d ^ a ^ b;
c += x[(sh + 6) & 0xf] + t[2];
c = (c << S33) | (c >> (32 - S33));
c += d;
b += c ^ d ^ a;
b += x[(sh + 9) & 0xf] + t[3];
b = (b << S34) | (b >> (32 - S34));
b += c;
sh += 12;
}
sh = 0;
for(; sh != 28*4; t += 4){
a += c ^ (b | ~d);
a += x[sh & 0xf] + t[0];
a = (a << S41) | (a >> (32 - S41));
a += b;
d += b ^ (a | ~c);
d += x[(sh + 7) & 0xf] + t[1];
d = (d << S42) | (d >> (32 - S42));
d += a;
c += a ^ (d | ~b);
c += x[(sh + 14) & 0xf] + t[2];
c = (c << S43) | (c >> (32 - S43));
c += d;
b += d ^ (c | ~a);
b += x[(sh + 21) & 0xf] + t[3];
b = (b << S44) | (b >> (32 - S44));
b += c;
sh += 28;
}
s[0] += a;
s[1] += b;
s[2] += c;
s[3] += d;
}
}
/*
* decodes input (uchar) into output (u32int). Assumes len is
* a multiple of 4.
*/
static void
decode(u32int *output, uchar *input, ulong len)
{
uchar *e;
for(e = input+len; input < e; input += 4)
*output++ = input[0] | (input[1] << 8) |
(input[2] << 16) | (input[3] << 24);
}

20
src/libsec/port/mkfile Normal file
View file

@ -0,0 +1,20 @@
PLAN9=../../..
<$PLAN9/src/mkhdr
LIB=libsec.a
OFILES=\
aes.$O\
des.$O\
desmodes.$O\
fastrand.$O\
genrandom.$O\
md5.$O\
md5block.$O\
sha1.$O\
sha1block.$O\
HFILES=$PLAN9/include/libsec.h
<$PLAN9/src/mksyslib

2
src/libsec/port/os.h Normal file
View file

@ -0,0 +1,2 @@
#include <u.h>
#include <libc.h>

138
src/libsec/port/sha1.c Normal file
View file

@ -0,0 +1,138 @@
#include <u.h>
#include <libc.h>
#include <libsec.h>
static void encode(uchar*, u32int*, ulong);
extern void _sha1block(uchar*, ulong, u32int*);
/*
* we require len to be a multiple of 64 for all but
* the last call. There must be room in the input buffer
* to pad.
*/
ulong lastlen;
SHA1state*
sha1(uchar *p, ulong len, uchar *digest, SHA1state *s)
{
uchar buf[128];
u32int x[16];
int i;
uchar *e;
lastlen = len;
if(s == nil){
s = malloc(sizeof(*s));
if(s == nil)
return nil;
memset(s, 0, sizeof(*s));
s->malloced = 1;
assert(!s->seeded);
assert(!s->blen);
}
if(s->seeded == 0){
/* seed the state, these constants would look nicer big-endian */
s->state[0] = 0x67452301;
s->state[1] = 0xefcdab89;
s->state[2] = 0x98badcfe;
s->state[3] = 0x10325476;
s->state[4] = 0xc3d2e1f0;
s->seeded = 1;
}
assert(len < 100000);
/* fill out the partial 64 byte block from previous calls */
if(s->blen){
assert(s);
i = 64 - s->blen;
if(len < i)
i = len;
memmove(s->buf + s->blen, p, i);
len -= i;
s->blen += i;
p += i;
if(s->blen == 64){
_sha1block(s->buf, s->blen, s->state);
s->len += s->blen;
s->blen = 0;
}
}
assert(len < 1000000);
/* do 64 byte blocks */
i = len & ~0x3f;
if(i){
assert(i < 1000000);
_sha1block(p, i, s->state);
s->len += i;
len -= i;
p += i;
}
/* save the left overs if not last call */
if(digest == 0){
if(len){
memmove(s->buf, p, len);
s->blen += len;
}
return s;
}
/*
* this is the last time through, pad what's left with 0x80,
* 0's, and the input count to create a multiple of 64 bytes
*/
if(s->blen){
p = s->buf;
len = s->blen;
} else {
memmove(buf, p, len);
p = buf;
}
s->len += len;
e = p + len;
if(len < 56)
i = 56 - len;
else
i = 120 - len;
memset(e, 0, i);
*e = 0x80;
len += i;
/* append the count */
x[0] = s->len>>29;
x[1] = s->len<<3;
encode(p+len, x, 8);
/* digest the last part */
_sha1block(p, len+8, s->state);
s->len += len+8;
/* return result and free state */
encode(digest, s->state, SHA1dlen);
if(s->malloced == 1)
free(s);
return nil;
}
/*
* encodes input (ulong) into output (uchar). Assumes len is
* a multiple of 4.
*/
static void
encode(uchar *output, u32int *input, ulong len)
{
u32int x;
uchar *e;
for(e = output + len; output < e;) {
x = *input++;
*output++ = x >> 24;
*output++ = x >> 16;
*output++ = x >> 8;
*output++ = x;
}
}

199
src/libsec/port/sha1block.c Normal file
View file

@ -0,0 +1,199 @@
#include <u.h>
#include <libc.h>
uchar* lastsbp;
ulong lastsblen;
u32int* lastsbs;
Lock slock;
void
_sha1block(uchar *p, ulong len, u32int *s)
{
u32int a, b, c, d, e, x;
uchar *end;
u32int *wp, *wend;
u32int w[80];
lock(&slock);
lastsbp=p;
lastsblen=len;
lastsbs=s;
/* at this point, we have a multiple of 64 bytes */
for(end = p+len; p < end;){
a = s[0];
b = s[1];
c = s[2];
d = s[3];
e = s[4];
wend = w + 15;
for(wp = w; wp < wend; wp += 5){
wp[0] = (p[0]<<24) | (p[1]<<16) | (p[2]<<8) | p[3];
e += ((a<<5) | (a>>27)) + wp[0];
e += 0x5a827999 + (((c^d)&b)^d);
b = (b<<30)|(b>>2);
wp[1] = (p[4]<<24) | (p[5]<<16) | (p[6]<<8) | p[7];
d += ((e<<5) | (e>>27)) + wp[1];
d += 0x5a827999 + (((b^c)&a)^c);
a = (a<<30)|(a>>2);
wp[2] = (p[8]<<24) | (p[9]<<16) | (p[10]<<8) | p[11];
c += ((d<<5) | (d>>27)) + wp[2];
c += 0x5a827999 + (((a^b)&e)^b);
e = (e<<30)|(e>>2);
wp[3] = (p[12]<<24) | (p[13]<<16) | (p[14]<<8) | p[15];
b += ((c<<5) | (c>>27)) + wp[3];
b += 0x5a827999 + (((e^a)&d)^a);
d = (d<<30)|(d>>2);
wp[4] = (p[16]<<24) | (p[17]<<16) | (p[18]<<8) | p[19];
a += ((b<<5) | (b>>27)) + wp[4];
a += 0x5a827999 + (((d^e)&c)^e);
c = (c<<30)|(c>>2);
p += 20;
}
wp[0] = (p[0]<<24) | (p[1]<<16) | (p[2]<<8) | p[3];
e += ((a<<5) | (a>>27)) + wp[0];
e += 0x5a827999 + (((c^d)&b)^d);
b = (b<<30)|(b>>2);
x = wp[-2] ^ wp[-7] ^ wp[-13] ^ wp[-15];
wp[1] = (x<<1) | (x>>31);
d += ((e<<5) | (e>>27)) + wp[1];
d += 0x5a827999 + (((b^c)&a)^c);
a = (a<<30)|(a>>2);
x = wp[-1] ^ wp[-6] ^ wp[-12] ^ wp[-14];
wp[2] = (x<<1) | (x>>31);
c += ((d<<5) | (d>>27)) + wp[2];
c += 0x5a827999 + (((a^b)&e)^b);
e = (e<<30)|(e>>2);
x = wp[0] ^ wp[-5] ^ wp[-11] ^ wp[-13];
wp[3] = (x<<1) | (x>>31);
b += ((c<<5) | (c>>27)) + wp[3];
b += 0x5a827999 + (((e^a)&d)^a);
d = (d<<30)|(d>>2);
x = wp[1] ^ wp[-4] ^ wp[-10] ^ wp[-12];
wp[4] = (x<<1) | (x>>31);
a += ((b<<5) | (b>>27)) + wp[4];
a += 0x5a827999 + (((d^e)&c)^e);
c = (c<<30)|(c>>2);
wp += 5;
p += 4;
wend = w + 40;
for(; wp < wend; wp += 5){
x = wp[-3] ^ wp[-8] ^ wp[-14] ^ wp[-16];
wp[0] = (x<<1) | (x>>31);
e += ((a<<5) | (a>>27)) + wp[0];
e += 0x6ed9eba1 + (b^c^d);
b = (b<<30)|(b>>2);
x = wp[-2] ^ wp[-7] ^ wp[-13] ^ wp[-15];
wp[1] = (x<<1) | (x>>31);
d += ((e<<5) | (e>>27)) + wp[1];
d += 0x6ed9eba1 + (a^b^c);
a = (a<<30)|(a>>2);
x = wp[-1] ^ wp[-6] ^ wp[-12] ^ wp[-14];
wp[2] = (x<<1) | (x>>31);
c += ((d<<5) | (d>>27)) + wp[2];
c += 0x6ed9eba1 + (e^a^b);
e = (e<<30)|(e>>2);
x = wp[0] ^ wp[-5] ^ wp[-11] ^ wp[-13];
wp[3] = (x<<1) | (x>>31);
b += ((c<<5) | (c>>27)) + wp[3];
b += 0x6ed9eba1 + (d^e^a);
d = (d<<30)|(d>>2);
x = wp[1] ^ wp[-4] ^ wp[-10] ^ wp[-12];
wp[4] = (x<<1) | (x>>31);
a += ((b<<5) | (b>>27)) + wp[4];
a += 0x6ed9eba1 + (c^d^e);
c = (c<<30)|(c>>2);
}
wend = w + 60;
for(; wp < wend; wp += 5){
x = wp[-3] ^ wp[-8] ^ wp[-14] ^ wp[-16];
wp[0] = (x<<1) | (x>>31);
e += ((a<<5) | (a>>27)) + wp[0];
e += 0x8f1bbcdc + ((b&c)|((b|c)&d));
b = (b<<30)|(b>>2);
x = wp[-2] ^ wp[-7] ^ wp[-13] ^ wp[-15];
wp[1] = (x<<1) | (x>>31);
d += ((e<<5) | (e>>27)) + wp[1];
d += 0x8f1bbcdc + ((a&b)|((a|b)&c));
a = (a<<30)|(a>>2);
x = wp[-1] ^ wp[-6] ^ wp[-12] ^ wp[-14];
wp[2] = (x<<1) | (x>>31);
c += ((d<<5) | (d>>27)) + wp[2];
c += 0x8f1bbcdc + ((e&a)|((e|a)&b));
e = (e<<30)|(e>>2);
x = wp[0] ^ wp[-5] ^ wp[-11] ^ wp[-13];
wp[3] = (x<<1) | (x>>31);
b += ((c<<5) | (c>>27)) + wp[3];
b += 0x8f1bbcdc + ((d&e)|((d|e)&a));
d = (d<<30)|(d>>2);
x = wp[1] ^ wp[-4] ^ wp[-10] ^ wp[-12];
wp[4] = (x<<1) | (x>>31);
a += ((b<<5) | (b>>27)) + wp[4];
a += 0x8f1bbcdc + ((c&d)|((c|d)&e));
c = (c<<30)|(c>>2);
}
wend = w + 80;
for(; wp < wend; wp += 5){
x = wp[-3] ^ wp[-8] ^ wp[-14] ^ wp[-16];
wp[0] = (x<<1) | (x>>31);
e += ((a<<5) | (a>>27)) + wp[0];
e += 0xca62c1d6 + (b^c^d);
b = (b<<30)|(b>>2);
x = wp[-2] ^ wp[-7] ^ wp[-13] ^ wp[-15];
wp[1] = (x<<1) | (x>>31);
d += ((e<<5) | (e>>27)) + wp[1];
d += 0xca62c1d6 + (a^b^c);
a = (a<<30)|(a>>2);
x = wp[-1] ^ wp[-6] ^ wp[-12] ^ wp[-14];
wp[2] = (x<<1) | (x>>31);
c += ((d<<5) | (d>>27)) + wp[2];
c += 0xca62c1d6 + (e^a^b);
e = (e<<30)|(e>>2);
x = wp[0] ^ wp[-5] ^ wp[-11] ^ wp[-13];
wp[3] = (x<<1) | (x>>31);
b += ((c<<5) | (c>>27)) + wp[3];
b += 0xca62c1d6 + (d^e^a);
d = (d<<30)|(d>>2);
x = wp[1] ^ wp[-4] ^ wp[-10] ^ wp[-12];
wp[4] = (x<<1) | (x>>31);
a += ((b<<5) | (b>>27)) + wp[4];
a += 0xca62c1d6 + (c^d^e);
c = (c<<30)|(c>>2);
}
/* save state */
s[0] += a;
s[1] += b;
s[2] += c;
s[3] += d;
s[4] += e;
}
unlock(&slock);
}