2N/A/*
2N/A * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved.
2N/A */
2N/A
2N/A/*
2N/A * lib/crypto/des/string2key.c
2N/A *
2N/A * based on lib/crypto/des/string2key.c from MIT V5
2N/A * and on lib/des/afs_string_to_key.c from UMD.
2N/A * constructed by Mark Eichin, Cygnus Support, 1995.
2N/A * made thread-safe by Ken Raeburn, MIT, 2001.
2N/A */
2N/A
2N/A/*
2N/A * Copyright 2001 by the Massachusetts Institute of Technology.
2N/A * All Rights Reserved.
2N/A *
2N/A * Export of this software from the United States of America may
2N/A * require a specific license from the United States Government.
2N/A * It is the responsibility of any person or organization contemplating
2N/A * export to obtain such a license before exporting.
2N/A *
2N/A * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
2N/A * distribute this software and its documentation for any purpose and
2N/A * without fee is hereby granted, provided that the above copyright
2N/A * notice appear in all copies and that both that copyright notice and
2N/A * this permission notice appear in supporting documentation, and that
2N/A * the name of M.I.T. not be used in advertising or publicity pertaining
2N/A * to distribution of the software without specific, written prior
2N/A * permission. Furthermore if you modify this software you must label
2N/A * your software as modified software and not distribute it in such a
2N/A * fashion that it might be confused with the original M.I.T. software.
2N/A * M.I.T. makes no representations about the suitability of
2N/A * this software for any purpose. It is provided "as is" without express
2N/A * or implied warranty.
2N/A */
2N/A
2N/A/*
2N/A * Copyright (C) 1998 by the FundsXpress, INC.
2N/A *
2N/A * All rights reserved.
2N/A *
2N/A * Export of this software from the United States of America may require
2N/A * a specific license from the United States Government. It is the
2N/A * responsibility of any person or organization contemplating export to
2N/A * obtain such a license before exporting.
2N/A *
2N/A * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
2N/A * distribute this software and its documentation for any purpose and
2N/A * without fee is hereby granted, provided that the above copyright
2N/A * notice appear in all copies and that both that copyright notice and
2N/A * this permission notice appear in supporting documentation, and that
2N/A * the name of FundsXpress. not be used in advertising or publicity pertaining
2N/A * to distribution of the software without specific, written prior
2N/A * permission. FundsXpress makes no representations about the suitability of
2N/A * this software for any purpose. It is provided "as is" without express
2N/A * or implied warranty.
2N/A *
2N/A * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
2N/A * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
2N/A * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
2N/A */
2N/A
2N/A#include "k5-int.h"
2N/A#include "des_int.h"
2N/A#include <ctype.h>
2N/A
2N/A#define afs_crypt mit_afs_crypt
2N/Achar *afs_crypt (const char *, const char *, char *);
2N/A
2N/A#undef min
2N/A#define min(a,b) ((a)>(b)?(b):(a))
2N/A
2N/A/*ARGSUSED*/
2N/Akrb5_error_code
2N/Amit_afs_string_to_key (krb5_context context,
2N/A krb5_keyblock *keyblock, const krb5_data *data,
2N/A const krb5_data *salt)
2N/A{
2N/A /* Solaris Kerberos */
2N/A krb5_error_code retval = KRB5_PROG_ETYPE_NOSUPP;
2N/A/* EXPORT DELETE START */
2N/A /* totally different approach from MIT string2key. */
2N/A /* much of the work has already been done by the only caller
2N/A which is mit_des_string_to_key; in particular, *keyblock is already
2N/A set up. */
2N/A
2N/A char *realm = salt->data;
2N/A unsigned int i, j;
2N/A krb5_octet *key = keyblock->contents;
2N/A /* Solaris Kerberos */
2N/A krb5_keyblock usekey;
2N/A memset(&usekey, 0, sizeof (krb5_keyblock));
2N/A
2N/A
2N/A if (data->length <= 8) {
2N/A /* One block only. Run afs_crypt and use the first eight
2N/A returned bytes after the copy of the (fixed) salt.
2N/A
2N/A Since the returned bytes are alphanumeric, the output is
2N/A limited to 2**48 possibilities; for each byte, only 64
2N/A possible values can be used. */
2N/A unsigned char password[9]; /* trailing nul for crypt() */
2N/A char afs_crypt_buf[16];
2N/A
2N/A memset (password, 0, sizeof (password));
2N/A memcpy (password, realm, min (salt->length, 8));
2N/A for (i=0; i<8; i++)
2N/A if (isupper(password[i]))
2N/A password[i] = tolower(password[i]);
2N/A for (i=0; i<data->length; i++)
2N/A password[i] ^= data->data[i];
2N/A for (i=0; i<8; i++)
2N/A if (password[i] == '\0')
2N/A password[i] = 'X';
2N/A password[8] = '\0';
2N/A /* Out-of-bounds salt characters are equivalent to a salt string
2N/A of "p1". */
2N/A strncpy((char *) key,
2N/A (char *) afs_crypt((char *) password, "#~", afs_crypt_buf) + 2,
2N/A 8);
2N/A for (i=0; i<8; i++)
2N/A key[i] <<= 1;
2N/A /* now fix up key parity again */
2N/A mit_des_fixup_key_parity(key);
2N/A /* clean & free the input string */
2N/A memset(password, 0, (size_t) sizeof(password));
2N/A
2N/A /* Solaris Kerberos: Success */
2N/A retval = 0;
2N/A } else {
2N/A /* Multiple blocks. Do a CBC checksum, twice, and use the
2N/A result as the new key. */
2N/A mit_des_cblock ikey, tkey;
2N/A unsigned int pw_len = salt->length+data->length;
2N/A unsigned char *password = malloc(pw_len+1);
2N/A if (!password) return ENOMEM;
2N/A
2N/A /* Some bound checks from the original code are elided here as
2N/A the malloc above makes sure we have enough storage. */
2N/A memcpy (password, data->data, data->length);
2N/A for (i=data->length, j = 0; j < salt->length; i++, j++) {
2N/A password[i] = realm[j];
2N/A if (isupper(password[i]))
2N/A password[i] = tolower(password[i]);
2N/A }
2N/A
2N/A memcpy (ikey, "kerberos", sizeof(ikey));
2N/A memcpy (tkey, ikey, sizeof(tkey));
2N/A mit_des_fixup_key_parity (tkey);
2N/A
2N/A /* Solaris Kerberos */
2N/A usekey.enctype = ENCTYPE_DES_CBC_CRC;
2N/A usekey.contents = tkey;
2N/A usekey.length = 8;
2N/A retval = mit_des_cbc_cksum (context, (unsigned char *)password,
2N/A tkey, i, &usekey, ikey);
2N/A
2N/A memcpy (ikey, tkey, sizeof(ikey));
2N/A mit_des_fixup_key_parity (tkey);
2N/A /* Solaris Kerberos */
2N/A if (usekey.hKey != CK_INVALID_HANDLE) {
2N/A (void) C_DestroyObject(krb_ctx_hSession(context), usekey.hKey);
2N/A usekey.hKey = CK_INVALID_HANDLE;
2N/A }
2N/A usekey.contents = tkey;
2N/A usekey.length = 8;
2N/A retval = mit_des_cbc_cksum (context, (unsigned char *) password,
2N/A key, i, &usekey, ikey);
2N/A
2N/A /* now fix up key parity again */
2N/A mit_des_fixup_key_parity(key);
2N/A
2N/A /* Solaris Kerberos */
2N/A if (usekey.hKey != CK_INVALID_HANDLE) {
2N/A (void) C_DestroyObject(krb_ctx_hSession(context), usekey.hKey);
2N/A usekey.hKey = CK_INVALID_HANDLE;
2N/A }
2N/A /* clean & free the input string */
2N/A memset(password, 0, (size_t) pw_len);
2N/A krb5_xfree(password);
2N/A }
2N/A#if 0
2N/A /* must free here because it was copied for this special case */
2N/A krb5_xfree(salt->data);
2N/A#endif
2N/A
2N/A/* EXPORT DELETE END */
2N/A return retval;
2N/A}
2N/A
2N/A
2N/A/* Portions of this code:
2N/A Copyright 1989 by the Massachusetts Institute of Technology
2N/A */
2N/A
2N/A/*
2N/A * Copyright (c) 1990 Regents of The University of Michigan.
2N/A * All Rights Reserved.
2N/A *
2N/A * Permission to use, copy, modify, and distribute this software
2N/A * and its documentation for any purpose and without fee is hereby
2N/A * granted, provided that the above copyright notice appears in all
2N/A * copies and that both that copyright notice and this permission
2N/A * notice appear in supporting documentation, and that the name of
2N/A * The University of Michigan not be used in advertising or
2N/A * publicity pertaining to distribution of the software without
2N/A * specific, written prior permission. This software is supplied as
2N/A * is without expressed or implied warranties of any kind.
2N/A *
2N/A * ITD Research Systems
2N/A * University of Michigan
2N/A * 535 W. William Street
2N/A * Ann Arbor, Michigan
2N/A * +1-313-936-2652
2N/A * netatalk@terminator.cc.umich.edu
2N/A */
2N/A
2N/A/* EXPORT DELETE START */
2N/A
2N/Astatic void krb5_afs_crypt_setkey (char*, char*, char(*)[48]);
2N/Astatic void krb5_afs_encrypt (char*,char*,char (*)[48]);
2N/A
2N/A/*
2N/A * Initial permutation,
2N/A */
2N/Astatic const char IP[] = {
2N/A 58,50,42,34,26,18,10, 2,
2N/A 60,52,44,36,28,20,12, 4,
2N/A 62,54,46,38,30,22,14, 6,
2N/A 64,56,48,40,32,24,16, 8,
2N/A 57,49,41,33,25,17, 9, 1,
2N/A 59,51,43,35,27,19,11, 3,
2N/A 61,53,45,37,29,21,13, 5,
2N/A 63,55,47,39,31,23,15, 7,
2N/A};
2N/A
2N/A/*
2N/A * Final permutation, FP = IP^(-1)
2N/A */
2N/Astatic const char FP[] = {
2N/A 40, 8,48,16,56,24,64,32,
2N/A 39, 7,47,15,55,23,63,31,
2N/A 38, 6,46,14,54,22,62,30,
2N/A 37, 5,45,13,53,21,61,29,
2N/A 36, 4,44,12,52,20,60,28,
2N/A 35, 3,43,11,51,19,59,27,
2N/A 34, 2,42,10,50,18,58,26,
2N/A 33, 1,41, 9,49,17,57,25,
2N/A};
2N/A
2N/A/*
2N/A * Permuted-choice 1 from the key bits to yield C and D.
2N/A * Note that bits 8,16... are left out: They are intended for a parity check.
2N/A */
2N/Astatic const char PC1_C[] = {
2N/A 57,49,41,33,25,17, 9,
2N/A 1,58,50,42,34,26,18,
2N/A 10, 2,59,51,43,35,27,
2N/A 19,11, 3,60,52,44,36,
2N/A};
2N/A
2N/Astatic const char PC1_D[] = {
2N/A 63,55,47,39,31,23,15,
2N/A 7,62,54,46,38,30,22,
2N/A 14, 6,61,53,45,37,29,
2N/A 21,13, 5,28,20,12, 4,
2N/A};
2N/A
2N/A/*
2N/A * Sequence of shifts used for the key schedule.
2N/A */
2N/Astatic const char shifts[] = {
2N/A 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1,
2N/A};
2N/A
2N/A/*
2N/A * Permuted-choice 2, to pick out the bits from
2N/A * the CD array that generate the key schedule.
2N/A */
2N/Astatic const char PC2_C[] = {
2N/A 14,17,11,24, 1, 5,
2N/A 3,28,15, 6,21,10,
2N/A 23,19,12, 4,26, 8,
2N/A 16, 7,27,20,13, 2,
2N/A};
2N/A
2N/Astatic const char PC2_D[] = {
2N/A 41,52,31,37,47,55,
2N/A 30,40,51,45,33,48,
2N/A 44,49,39,56,34,53,
2N/A 46,42,50,36,29,32,
2N/A};
2N/A
2N/A/*
2N/A * The E bit-selection table.
2N/A */
2N/Astatic const char e[] = {
2N/A 32, 1, 2, 3, 4, 5,
2N/A 4, 5, 6, 7, 8, 9,
2N/A 8, 9,10,11,12,13,
2N/A 12,13,14,15,16,17,
2N/A 16,17,18,19,20,21,
2N/A 20,21,22,23,24,25,
2N/A 24,25,26,27,28,29,
2N/A 28,29,30,31,32, 1,
2N/A};
2N/A
2N/A/*
2N/A * P is a permutation on the selected combination
2N/A * of the current L and key.
2N/A */
2N/Astatic const char P[] = {
2N/A 16, 7,20,21,
2N/A 29,12,28,17,
2N/A 1,15,23,26,
2N/A 5,18,31,10,
2N/A 2, 8,24,14,
2N/A 32,27, 3, 9,
2N/A 19,13,30, 6,
2N/A 22,11, 4,25,
2N/A};
2N/A
2N/A/*
2N/A * The 8 selection functions.
2N/A * For some reason, they give a 0-origin
2N/A * index, unlike everything else.
2N/A */
2N/Astatic const char S[8][64] = {
2N/A {14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7,
2N/A 0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8,
2N/A 4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0,
2N/A 15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13},
2N/A
2N/A {15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10,
2N/A 3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5,
2N/A 0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15,
2N/A 13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9},
2N/A
2N/A {10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8,
2N/A 13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1,
2N/A 13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7,
2N/A 1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12},
2N/A
2N/A { 7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15,
2N/A 13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9,
2N/A 10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4,
2N/A 3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14},
2N/A
2N/A { 2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9,
2N/A 14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6,
2N/A 4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14,
2N/A 11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3},
2N/A
2N/A {12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11,
2N/A 10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8,
2N/A 9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6,
2N/A 4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13},
2N/A
2N/A { 4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1,
2N/A 13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6,
2N/A 1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2,
2N/A 6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12},
2N/A
2N/A {13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7,
2N/A 1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2,
2N/A 7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8,
2N/A 2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11},
2N/A};
2N/A
2N/A
2N/Achar *afs_crypt(const char *pw, const char *salt,
2N/A /* must be at least 16 bytes */
2N/A char *iobuf)
2N/A{
2N/A int i, j, c;
2N/A int temp;
2N/A char block[66];
2N/A char E[48];
2N/A /*
2N/A * The key schedule.
2N/A * Generated from the key.
2N/A */
2N/A char KS[16][48];
2N/A
2N/A for(i=0; i<66; i++)
2N/A block[i] = 0;
2N/A /* Solaris Kerberos */
2N/A for(i=0; ((c= *pw) != NULL) && i<64; pw++){
2N/A for(j=0; j<7; j++, i++)
2N/A block[i] = (c>>(6-j)) & 01;
2N/A i++;
2N/A }
2N/A
2N/A krb5_afs_crypt_setkey(block, E, KS);
2N/A
2N/A for(i=0; i<66; i++)
2N/A block[i] = 0;
2N/A
2N/A for(i=0;i<2;i++){
2N/A c = *salt++;
2N/A iobuf[i] = c;
2N/A if(c>'Z') c -= 6;
2N/A if(c>'9') c -= 7;
2N/A c -= '.';
2N/A for(j=0;j<6;j++){
2N/A if((c>>j) & 01){
2N/A temp = E[6*i+j];
2N/A E[6*i+j] = E[6*i+j+24];
2N/A E[6*i+j+24] = temp;
2N/A }
2N/A }
2N/A }
2N/A
2N/A for(i=0; i<25; i++)
2N/A krb5_afs_encrypt(block,E,KS);
2N/A
2N/A for(i=0; i<11; i++){
2N/A c = 0;
2N/A for(j=0; j<6; j++){
2N/A c <<= 1;
2N/A c |= block[6*i+j];
2N/A }
2N/A c += '.';
2N/A if(c>'9') c += 7;
2N/A if(c>'Z') c += 6;
2N/A iobuf[i+2] = c;
2N/A }
2N/A iobuf[i+2] = 0;
2N/A if(iobuf[1]==0)
2N/A iobuf[1] = iobuf[0];
2N/A return(iobuf);
2N/A}
2N/A
2N/A/*
2N/A * Set up the key schedule from the key.
2N/A */
2N/A
2N/Astatic void krb5_afs_crypt_setkey(char *key, char *E, char (*KS)[48])
2N/A{
2N/A register int i, j, k;
2N/A int t;
2N/A /*
2N/A * The C and D arrays used to calculate the key schedule.
2N/A */
2N/A char C[28], D[28];
2N/A
2N/A /*
2N/A * First, generate C and D by permuting
2N/A * the key. The low order bit of each
2N/A * 8-bit char is not used, so C and D are only 28
2N/A * bits apiece.
2N/A */
2N/A for (i=0; i<28; i++) {
2N/A C[i] = key[PC1_C[i]-1];
2N/A D[i] = key[PC1_D[i]-1];
2N/A }
2N/A /*
2N/A * To generate Ki, rotate C and D according
2N/A * to schedule and pick up a permutation
2N/A * using PC2.
2N/A */
2N/A for (i=0; i<16; i++) {
2N/A /*
2N/A * rotate.
2N/A */
2N/A for (k=0; k<shifts[i]; k++) {
2N/A t = C[0];
2N/A for (j=0; j<28-1; j++)
2N/A C[j] = C[j+1];
2N/A C[27] = t;
2N/A t = D[0];
2N/A for (j=0; j<28-1; j++)
2N/A D[j] = D[j+1];
2N/A D[27] = t;
2N/A }
2N/A /*
2N/A * get Ki. Note C and D are concatenated.
2N/A */
2N/A for (j=0; j<24; j++) {
2N/A KS[i][j] = C[PC2_C[j]-1];
2N/A KS[i][j+24] = D[PC2_D[j]-28-1];
2N/A }
2N/A }
2N/A
2N/A#if 0
2N/A for(i=0;i<48;i++) {
2N/A E[i] = e[i];
2N/A }
2N/A#else
2N/A memcpy(E, e, 48);
2N/A#endif
2N/A}
2N/A
2N/A/*
2N/A * The payoff: encrypt a block.
2N/A */
2N/A
2N/Astatic void krb5_afs_encrypt(char *block, char *E, char (*KS)[48])
2N/A{
2N/A const long edflag = 0;
2N/A int i, ii;
2N/A int t, j, k;
2N/A char tempL[32];
2N/A char f[32];
2N/A /*
2N/A * The current block, divided into 2 halves.
2N/A */
2N/A char L[64];
2N/A char *const R = &L[32];
2N/A /*
2N/A * The combination of the key and the input, before selection.
2N/A */
2N/A char preS[48];
2N/A
2N/A /*
2N/A * First, permute the bits in the input
2N/A */
2N/A for (j=0; j<64; j++)
2N/A L[j] = block[IP[j]-1];
2N/A /*
2N/A * Perform an encryption operation 16 times.
2N/A */
2N/A for (ii=0; ii<16; ii++) {
2N/A /*
2N/A * Set direction
2N/A */
2N/A if (edflag)
2N/A i = 15-ii;
2N/A else
2N/A i = ii;
2N/A /*
2N/A * Save the R array,
2N/A * which will be the new L.
2N/A */
2N/A#if 0
2N/A for (j=0; j<32; j++)
2N/A tempL[j] = R[j];
2N/A#else
2N/A memcpy(tempL, R, 32);
2N/A#endif
2N/A /*
2N/A * Expand R to 48 bits using the E selector;
2N/A * exclusive-or with the current key bits.
2N/A */
2N/A for (j=0; j<48; j++)
2N/A preS[j] = R[E[j]-1] ^ KS[i][j];
2N/A /*
2N/A * The pre-select bits are now considered
2N/A * in 8 groups of 6 bits each.
2N/A * The 8 selection functions map these
2N/A * 6-bit quantities into 4-bit quantities
2N/A * and the results permuted
2N/A * to make an f(R, K).
2N/A * The indexing into the selection functions
2N/A * is peculiar; it could be simplified by
2N/A * rewriting the tables.
2N/A */
2N/A for (j=0; j<8; j++) {
2N/A t = 6*j;
2N/A k = S[j][(preS[t+0]<<5)+
2N/A (preS[t+1]<<3)+
2N/A (preS[t+2]<<2)+
2N/A (preS[t+3]<<1)+
2N/A (preS[t+4]<<0)+
2N/A (preS[t+5]<<4)];
2N/A t = 4*j;
2N/A f[t+0] = (k>>3)&01;
2N/A f[t+1] = (k>>2)&01;
2N/A f[t+2] = (k>>1)&01;
2N/A f[t+3] = (k>>0)&01;
2N/A }
2N/A /*
2N/A * The new R is L ^ f(R, K).
2N/A * The f here has to be permuted first, though.
2N/A */
2N/A for (j=0; j<32; j++)
2N/A R[j] = L[j] ^ f[P[j]-1];
2N/A /*
2N/A * Finally, the new L (the original R)
2N/A * is copied back.
2N/A */
2N/A#if 0
2N/A for (j=0; j<32; j++)
2N/A L[j] = tempL[j];
2N/A#else
2N/A memcpy(L, tempL, 32);
2N/A#endif
2N/A }
2N/A /*
2N/A * The output L and R are reversed.
2N/A */
2N/A for (j=0; j<32; j++) {
2N/A t = L[j];
2N/A L[j] = R[j];
2N/A R[j] = t;
2N/A }
2N/A /*
2N/A * The final output
2N/A * gets the inverse permutation of the very original.
2N/A */
2N/A for (j=0; j<64; j++)
2N/A block[j] = L[FP[j]-1];
2N/A}
2N/A/* EXPORT DELETE END */