1 // Copyright 2010 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // Package des implements the Data Encryption Standard (DES) and the 6 // Triple Data Encryption Algorithm (TDEA) as defined 7 // in U.S. Federal Information Processing Standards Publication 46-3. 8 package des 9 10 // Used to perform an initial permutation of a 64-bit input block. 11 var initialPermutation = [64]byte{ 12 6, 14, 22, 30, 38, 46, 54, 62, 13 4, 12, 20, 28, 36, 44, 52, 60, 14 2, 10, 18, 26, 34, 42, 50, 58, 15 0, 8, 16, 24, 32, 40, 48, 56, 16 7, 15, 23, 31, 39, 47, 55, 63, 17 5, 13, 21, 29, 37, 45, 53, 61, 18 3, 11, 19, 27, 35, 43, 51, 59, 19 1, 9, 17, 25, 33, 41, 49, 57, 20 } 21 22 // Used to perform a final permutation of a 4-bit preoutput block. This is the 23 // inverse of initialPermutation 24 var finalPermutation = [64]byte{ 25 24, 56, 16, 48, 8, 40, 0, 32, 26 25, 57, 17, 49, 9, 41, 1, 33, 27 26, 58, 18, 50, 10, 42, 2, 34, 28 27, 59, 19, 51, 11, 43, 3, 35, 29 28, 60, 20, 52, 12, 44, 4, 36, 30 29, 61, 21, 53, 13, 45, 5, 37, 31 30, 62, 22, 54, 14, 46, 6, 38, 32 31, 63, 23, 55, 15, 47, 7, 39, 33 } 34 35 // Used to expand an input block of 32 bits, producing an output block of 48 36 // bits. 37 var expansionFunction = [48]byte{ 38 0, 31, 30, 29, 28, 27, 28, 27, 39 26, 25, 24, 23, 24, 23, 22, 21, 40 20, 19, 20, 19, 18, 17, 16, 15, 41 16, 15, 14, 13, 12, 11, 12, 11, 42 10, 9, 8, 7, 8, 7, 6, 5, 43 4, 3, 4, 3, 2, 1, 0, 31, 44 } 45 46 // Yields a 32-bit output from a 32-bit input 47 var permutationFunction = [32]byte{ 48 16, 25, 12, 11, 3, 20, 4, 15, 49 31, 17, 9, 6, 27, 14, 1, 22, 50 30, 24, 8, 18, 0, 5, 29, 23, 51 13, 19, 2, 26, 10, 21, 28, 7, 52 } 53 54 // Used in the key schedule to select 56 bits 55 // from a 64-bit input. 56 var permutedChoice1 = [56]byte{ 57 7, 15, 23, 31, 39, 47, 55, 63, 58 6, 14, 22, 30, 38, 46, 54, 62, 59 5, 13, 21, 29, 37, 45, 53, 61, 60 4, 12, 20, 28, 1, 9, 17, 25, 61 33, 41, 49, 57, 2, 10, 18, 26, 62 34, 42, 50, 58, 3, 11, 19, 27, 63 35, 43, 51, 59, 36, 44, 52, 60, 64 } 65 66 // Used in the key schedule to produce each subkey by selecting 48 bits from 67 // the 56-bit input 68 var permutedChoice2 = [48]byte{ 69 42, 39, 45, 32, 55, 51, 53, 28, 70 41, 50, 35, 46, 33, 37, 44, 52, 71 30, 48, 40, 49, 29, 36, 43, 54, 72 15, 4, 25, 19, 9, 1, 26, 16, 73 5, 11, 23, 8, 12, 7, 17, 0, 74 22, 3, 10, 14, 6, 20, 27, 24, 75 } 76 77 // 8 S-boxes composed of 4 rows and 16 columns 78 // Used in the DES cipher function 79 var sBoxes = [8][4][16]uint8{ 80 // S-box 1 81 { 82 {14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7}, 83 {0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8}, 84 {4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0}, 85 {15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13}, 86 }, 87 // S-box 2 88 { 89 {15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10}, 90 {3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5}, 91 {0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15}, 92 {13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}, 93 }, 94 // S-box 3 95 { 96 {10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8}, 97 {13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1}, 98 {13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7}, 99 {1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}, 100 }, 101 // S-box 4 102 { 103 {7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15}, 104 {13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9}, 105 {10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4}, 106 {3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}, 107 }, 108 // S-box 5 109 { 110 {2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9}, 111 {14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6}, 112 {4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14}, 113 {11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}, 114 }, 115 // S-box 6 116 { 117 {12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11}, 118 {10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8}, 119 {9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6}, 120 {4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}, 121 }, 122 // S-box 7 123 { 124 {4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1}, 125 {13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6}, 126 {1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2}, 127 {6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}, 128 }, 129 // S-box 8 130 { 131 {13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7}, 132 {1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2}, 133 {7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8}, 134 {2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}, 135 }, 136 } 137 138 // Size of left rotation per round in each half of the key schedule 139 var ksRotations = [16]uint8{1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1} 140
