//
// This DES class has been extracted from package Acme.Crypto for use in VNC.
// The bytebit[] array has been reversed so that the most significant bit
// in each byte of the key is ignored, not the least significant.  Also the
// unnecessary odd parity code has been removed.
//
// These changes are:
//  Copyright (C) 1999 AT&T Laboratories Cambridge.  All Rights Reserved.
//
// This software is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
//

// DesCipher - the DES encryption method
//
// The meat of this code is by Dave Zimmerman <dzimm@widget.com>, and is:
//
// Copyright (c) 1996 Widget Workshop, Inc. All Rights Reserved.
//
// Permission to use, copy, modify, and distribute this software
// and its documentation for NON-COMMERCIAL or COMMERCIAL purposes and
// without fee is hereby granted, provided that this copyright notice is kept 
// intact. 
// 
// WIDGET WORKSHOP MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY
// OF THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
// TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
// PARTICULAR PURPOSE, OR NON-INFRINGEMENT. WIDGET WORKSHOP SHALL NOT BE LIABLE
// FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING, MODIFYING OR
// DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES.
// 
// THIS SOFTWARE IS NOT DESIGNED OR INTENDED FOR USE OR RESALE AS ON-LINE
// CONTROL EQUIPMENT IN HAZARDOUS ENVIRONMENTS REQUIRING FAIL-SAFE
// PERFORMANCE, SUCH AS IN THE OPERATION OF NUCLEAR FACILITIES, AIRCRAFT
// NAVIGATION OR COMMUNICATION SYSTEMS, AIR TRAFFIC CONTROL, DIRECT LIFE
// SUPPORT MACHINES, OR WEAPONS SYSTEMS, IN WHICH THE FAILURE OF THE
// SOFTWARE COULD LEAD DIRECTLY TO DEATH, PERSONAL INJURY, OR SEVERE
// PHYSICAL OR ENVIRONMENTAL DAMAGE ("HIGH RISK ACTIVITIES").  WIDGET WORKSHOP
// SPECIFICALLY DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY OF FITNESS FOR
// HIGH RISK ACTIVITIES.
//
//
// The rest is:
//
// Copyright (C) 1996 by Jef Poskanzer <jef@acme.com>.  All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions
// are met:
// 1. Redistributions of source code must retain the above copyright
//    notice, this list of conditions and the following disclaimer.
// 2. Redistributions in binary form must reproduce the above copyright
//    notice, this list of conditions and the following disclaimer in the
//    documentation and/or other materials provided with the distribution.
//
// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
// ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
// SUCH DAMAGE.
//
// Visit the ACME Labs Java page for up-to-date versions of this and other
// fine Java utilities: http://www.acme.com/java/


import java.io.*;

/// The DES encryption method.
// <P>
// This is surprisingly fast, for pure Java.  On a SPARC 20, wrapped
// in Acme.Crypto.EncryptedOutputStream or Acme.Crypto.EncryptedInputStream,
// it does around 7000 bytes/second.
// <P>
// Most of this code is by Dave Zimmerman <dzimm@widget.com>, and is
// Copyright (c) 1996 Widget Workshop, Inc.  See the source file for details.
// <P>
// <A HREF="/resources/classes/Acme/Crypto/DesCipher.java">Fetch the software.</A><BR>
// <A HREF="/resources/classes/Acme.tar.Z">Fetch the entire Acme package.</A>
// <P>
// @see Des3Cipher
// @see EncryptedOutputStream
// @see EncryptedInputStream

public class DesCipher
    {

    // Constructor, byte-array key.
    public DesCipher( byte[] key )
	{
	setKey( key );
	}

    // Key routines.

    private int[] encryptKeys = new int[32];
    private int[] decryptKeys = new int[32];

    /// Set the key.
    public void setKey( byte[] key )
	{
	deskey( key, true, encryptKeys );
	deskey( key, false, decryptKeys );
	}

    // Turn an 8-byte key into internal keys.
    private void deskey( byte[] keyBlock, boolean encrypting, int[] KnL )
	{
	int i, j, l, m, n;
	int[] pc1m = new int[56];
	int[] pcr = new int[56];
	int[] kn = new int[32];

	for ( j = 0; j < 56; ++j )
	    {
	    l = pc1[j];
	    m = l & 07;
	    pc1m[j] = ( (keyBlock[l >>> 3] & bytebit[m]) != 0 )? 1: 0;
	    }

	for ( i = 0; i < 16; ++i )
	    {
	    if ( encrypting )
		m = i << 1;
	    else
		m = (15-i) << 1;
	    n = m+1;
	    kn[m] = kn[n] = 0;
	    for ( j = 0; j < 28; ++j )
		{
		l = j+totrot[i];
		if ( l < 28 )
		    pcr[j] = pc1m[l];
		else
		    pcr[j] = pc1m[l-28];
		}
	    for ( j=28; j < 56; ++j )
		{
		l = j+totrot[i];
		if ( l < 56 )
		    pcr[j] = pc1m[l];
		else
		    pcr[j] = pc1m[l-28];
		}
	    for ( j = 0; j < 24; ++j )
		{
		if ( pcr[pc2[j]] != 0 )
		    kn[m] |= bigbyte[j];
		if ( pcr[pc2[j+24]] != 0 )
		    kn[n] |= bigbyte[j];
		}
	    }
	cookey( kn, KnL );
	}

    private void cookey( int[] raw, int KnL[] )
	{
	int raw0, raw1;
	int rawi, KnLi;
	int i;

	for ( i = 0, rawi = 0, KnLi = 0; i < 16; ++i )
	    {
	    raw0 = raw[rawi++];
	    raw1 = raw[rawi++];
	    KnL[KnLi]  = (raw0 & 0x00fc0000) <<   6;
	    KnL[KnLi] |= (raw0 & 0x00000fc0) <<  10;
	    KnL[KnLi] |= (raw1 & 0x00fc0000) >>> 10;
	    KnL[KnLi] |= (raw1 & 0x00000fc0) >>>  6;
	    ++KnLi;
	    KnL[KnLi]  = (raw0 & 0x0003f000) <<  12;
	    KnL[KnLi] |= (raw0 & 0x0000003f) <<  16;
	    KnL[KnLi] |= (raw1 & 0x0003f000) >>>  4;
	    KnL[KnLi] |= (raw1 & 0x0000003f);
	    ++KnLi;
	    }
	}


    // Block encryption routines.

    private int[] tempInts = new int[2];

    /// Encrypt a block of eight bytes.
    public void encrypt( byte[] clearText, int clearOff, byte[] cipherText, int cipherOff )
	{
	squashBytesToInts( clearText, clearOff, tempInts, 0, 2 );
	des( tempInts, tempInts, encryptKeys );
	spreadIntsToBytes( tempInts, 0, cipherText, cipherOff, 2 );
	}

    /// Decrypt a block of eight bytes.
    public void decrypt( byte[] cipherText, int cipherOff, byte[] clearText, int clearOff )
	{
	squashBytesToInts( cipherText, cipherOff, tempInts, 0, 2 );
	des( tempInts, tempInts, decryptKeys );
	spreadIntsToBytes( tempInts, 0, clearText, clearOff, 2 );
	}

    // The DES function.
    private void des( int[] inInts, int[] outInts, int[] keys )
	{
	int fval, work, right, leftt;
	int round;
	int keysi = 0;

	leftt = inInts[0];
	right = inInts[1];

	work   = ((leftt >>>  4) ^ right) & 0x0f0f0f0f;
	right ^= work;
	leftt ^= (work << 4);

	work   = ((leftt >>> 16) ^ right) & 0x0000ffff;
	right ^= work;
	leftt ^= (work << 16);

	work   = ((right >>>  2) ^ leftt) & 0x33333333;
	leftt ^= work;
	right ^= (work << 2);

	work   = ((right >>>  8) ^ leftt) & 0x00ff00ff;
	leftt ^= work;
	right ^= (work << 8);
	right  = (right << 1) | ((right >>> 31) & 1);

	work   = (leftt ^ right) & 0xaaaaaaaa;
	leftt ^= work;
	right ^= work;
	leftt  = (leftt << 1) | ((leftt >>> 31) & 1);

	for ( round = 0; round < 8; ++round )
	    {
	    work   = (right << 28) | (right >>> 4);
	    work  ^= keys[keysi++];
	    fval   = SP7[ work	       & 0x0000003f ];
	    fval  |= SP5[(work >>>  8) & 0x0000003f ];
	    fval  |= SP3[(work >>> 16) & 0x0000003f ];
	    fval  |= SP1[(work >>> 24) & 0x0000003f ];
	    work   = right ^ keys[keysi++];
	    fval  |= SP8[ work         & 0x0000003f ];
	    fval  |= SP6[(work >>>  8) & 0x0000003f ];
	    fval  |= SP4[(work >>> 16) & 0x0000003f ];