IPSEC support in the kernel.

pr_input() routines prototype is also changed to support IPSEC and IPV6
chained protocol headers.

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project

9 files changed, 2126 insertions, 0 deletions

diff --git a/sys/crypto/des/des.h b/sys/crypto/des/des.h
new file mode 100644
index 0000000..16a8129
--- /dev/null
+++ b/sys/crypto/des/des.h
@@ -0,0 +1,280 @@
+/* lib/des/des.h */
+/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ *
+ * This file is part of an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL
+ * specification.  This library and applications are
+ * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
+ * as long as the following conditions are aheared to.
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.  If this code is used in a product,
+ * Eric Young should be given attribution as the author of the parts used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    This product includes software developed by Eric Young (eay@mincom.oz.au)
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ *
+ * $FreeBSD$
+ */
+
+#ifndef HEADER_DES_H
+#define	HEADER_DES_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define	DES_LONG unsigned long
+#endif
+
+typedef unsigned char des_cblock[8];
+typedef struct des_ks_struct
+	{
+	union	{
+		des_cblock _;
+		/* make sure things are correct size on machines with
+		 * 8 byte longs */
+		DES_LONG pad[2];
+		} ks;
+#undef _
+#define	_	ks._
+	} des_key_schedule[16];
+
+#define	DES_KEY_SZ 	(sizeof(des_cblock))
+#define	DES_SCHEDULE_SZ (sizeof(des_key_schedule))
+
+#define	DES_ENCRYPT	1
+#define	DES_DECRYPT	0
+
+#define	DES_CBC_MODE	0
+#define	DES_PCBC_MODE	1
+
+#define	des_ecb2_encrypt(i,o,k1,k2,e) \
+	des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define	des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+	des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define	des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+	des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define	des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+	des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define	C_Block des_cblock
+#define	Key_schedule des_key_schedule
+#ifdef KERBEROS
+#define	ENCRYPT DES_ENCRYPT
+#define	DECRYPT DES_DECRYPT
+#endif
+#define	KEY_SZ DES_KEY_SZ
+#define	string_to_key des_string_to_key
+#define	read_pw_string des_read_pw_string
+#define	random_key des_random_key
+#define	pcbc_encrypt des_pcbc_encrypt
+#define	set_key des_set_key
+#define	key_sched des_key_sched
+#define	ecb_encrypt des_ecb_encrypt
+#define	cbc_encrypt des_cbc_encrypt
+#define	ncbc_encrypt des_ncbc_encrypt
+#define	xcbc_encrypt des_xcbc_encrypt
+#define	cbc_cksum des_cbc_cksum
+#define	quad_cksum des_quad_cksum
+
+/* For compatibility with the MIT lib - eay 20/05/92 */
+typedef des_key_schedule bit_64;
+#define	des_fixup_key_parity des_set_odd_parity
+#define	des_check_key_parity check_parity
+
+extern int des_check_key;	/* defaults to false */
+extern int des_rw_mode;		/* defaults to DES_PCBC_MODE */
+
+/* The next line is used to disable full ANSI prototypes, if your
+ * compiler has problems with the prototypes, make sure this line always
+ * evaluates to true :-) */
+#if defined(MSDOS) || defined(__STDC__)
+#undef NOPROTO
+#endif
+#ifndef NOPROTO
+char *des_options(void);
+void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
+	des_key_schedule ks1,des_key_schedule ks2,
+	des_key_schedule ks3, int enc);
+DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
+	long length,des_key_schedule schedule,des_cblock *ivec);
+/*
+void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+*/
+void des_cbc_encrypt(struct mbuf *, size_t, size_t,
+	des_key_schedule schedule,des_cblock *ivec, int enc);
+void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,
+	des_cblock *inw,des_cblock *outw,int enc);
+void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule sk1,des_key_schedule sk2,
+	des_cblock *ivec1,des_cblock *ivec2,int enc);
+extern void des_3cbc_process(struct mbuf *, size_t, size_t,
+	des_key_schedule *schedule, des_cblock *ivec, int mode);
+void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+	long length,des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ecb_encrypt(des_cblock *input,des_cblock *output,
+	des_key_schedule ks,int enc);
+void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
+void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output,
+	long length, des_key_schedule ks1, des_key_schedule ks2,
+	des_key_schedule ks3, des_cblock *ivec, int enc);
+void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, des_key_schedule ks1, des_key_schedule ks2,
+	des_key_schedule ks3, des_cblock *ivec, int *num, int encrypt);
+void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+	long length, des_key_schedule ks1, des_key_schedule ks2,
+	des_key_schedule ks3, des_cblock *ivec, int *num);
+
+int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
+	des_cblock *iv);
+int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
+	des_cblock *iv);
+#ifdef PERL5
+char *des_crypt(const char *buf,const char *salt);
+#else
+/* some stupid compilers complain because I have declared char instead
+ * of const char */
+#if 1
+char *crypt(const char *buf,const char *salt);
+#else
+char *crypt();
+#endif
+#endif
+void des_ofb_encrypt(unsigned char *in,unsigned char *out,
+	int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
+void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+	des_key_schedule schedule,des_cblock *ivec,int enc);
+DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
+	long length,int out_count,des_cblock *seed);
+void des_random_seed(des_cblock key);
+void des_random_key(des_cblock ret);
+int des_read_password(des_cblock *key,char *prompt,int verify);
+int des_read_2passwords(des_cblock *key1,des_cblock *key2,
+	char *prompt,int verify);
+int des_read_pw_string(char *buf,int length,char *prompt,int verify);
+void des_set_odd_parity(des_cblock *key);
+int des_is_weak_key(des_cblock *key);
+int des_set_key(des_cblock *key,des_key_schedule schedule);
+int des_key_sched(des_cblock *key,des_key_schedule schedule);
+void des_string_to_key(char *str,des_cblock *key);
+void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
+void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
+void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+	des_key_schedule schedule, des_cblock *ivec, int *num);
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+/*
+void des_cblock_print_file(des_cblock *cb, FILE *fp);
+*/
+/* The following functions are not in the normal unix build or the
+ * SSLeay build.  When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+int des_new_random_key(des_cblock *key);
+void des_init_random_number_generator(des_cblock *key);
+void des_set_random_generator_seed(des_cblock *key);
+void des_set_sequence_number(des_cblock new_sequence_number);
+void des_generate_random_block(des_cblock *block);
+
+#else
+
+char *des_options();
+void des_ecb3_encrypt();
+DES_LONG des_cbc_cksum();
+void des_cbc_encrypt();
+void des_ncbc_encrypt();
+void des_xcbc_encrypt();
+void des_3cbc_encrypt();
+void des_cfb_encrypt();
+void des_ede3_cfb64_encrypt();
+void des_ede3_ofb64_encrypt();
+void des_ecb_encrypt();
+void des_encrypt();
+void des_encrypt2();
+void des_ede3_cbc_encrypt();
+int des_enc_read();
+int des_enc_write();
+#ifdef PERL5
+char *des_crypt();
+#else
+char *crypt();
+#endif
+void des_ofb_encrypt();
+void des_pcbc_encrypt();
+DES_LONG des_quad_cksum();
+void des_random_seed();
+void des_random_key();
+int des_read_password();
+int des_read_2passwords();
+int des_read_pw_string();
+void des_set_odd_parity();
+int des_is_weak_key();
+int des_set_key();
+int des_key_sched();
+void des_string_to_key();
+void des_string_to_2keys();
+void des_cfb64_encrypt();
+void des_ofb64_encrypt();
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file();
+/* The following functions are not in the normal unix build or the
+ * SSLeay build.  When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+#ifdef FreeBSD
+int des_new_random_key();
+void des_init_random_number_generator();
+void des_set_random_generator_seed();
+void des_set_sequence_number();
+void des_generate_random_block();
+#endif
+
+#endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/sys/crypto/des/des_3cbc.c b/sys/crypto/des/des_3cbc.c
new file mode 100644
index 0000000..7ddb06c
--- /dev/null
+++ b/sys/crypto/des/des_3cbc.c
@@ -0,0 +1,246 @@
+/*
+ * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the project nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+/*
+ * based on sys/crypto/des/des_cbc.c, rewrote by Tomomi Suzuki
+ */
+#include <crypto/des/des_locl.h>
+
+
+void des_3cbc_process(m0, skip, length, schedule, ivec, mode)
+	struct mbuf *m0;
+	size_t skip;
+	size_t length;
+	des_key_schedule *schedule;
+	des_cblock (*ivec);
+	int mode;
+{
+	u_int8_t inbuf[8], outbuf[8];
+	struct mbuf *m;
+	size_t off;
+	DES_LONG tin0, tin1;
+	DES_LONG tout0, tout1;
+	DES_LONG tin[2];
+	DES_LONG xor0 = 0, xor1 = 0;
+	u_int8_t *iv;
+	u_int8_t *in, *out;
+
+	/* sanity check */
+	if (m0->m_pkthdr.len < skip) {
+		printf("des_3cbc_process: mbuf length < skip\n");
+		return;
+	}
+	if (m0->m_pkthdr.len < length) {
+		printf("des_3cbc_process: mbuf length < encrypt length\n");
+		return;
+	}
+	if (m0->m_pkthdr.len < skip + length) {
+		printf("des_3cbc_process: mbuf length < "
+			"skip + encrypt length\n");
+		return;
+	}
+	if (length % 8) {
+		printf("des_3cbc_process: length(%lu) is not multiple of 8\n",
+			(u_long)length);
+		return;
+	}
+
+	m = m0;
+	off = 0;
+
+	/* skip over the header */
+	while (skip) {
+		if (!m)
+			panic("des_3cbc_process: mbuf chain?\n");
+		if (m->m_len <= skip) {
+			skip -= m->m_len;
+			m = m->m_next;
+			off = 0;
+		} else {
+			off = skip;
+			skip = 0;
+		}
+	}
+
+	/* initialize */
+	tin0 = tin1 = tout0 = tout1 = 0;
+	tin[0] = tin[1] = 0;
+
+	switch (mode) {
+	case DES_ENCRYPT:
+		iv = (u_int8_t *)ivec;
+		c2l(iv, tout0);
+		c2l(iv, tout1);
+		break;
+	case DES_DECRYPT:
+		xor0 = xor1 = 0;
+		iv = (u_int8_t *)ivec;
+		c2l(iv, xor0);
+		c2l(iv, xor1);
+		break;
+	}
+
+	/*
+	 * encrypt/decrypt packet
+	 */
+	while (length > 0) {
+		if (!m)
+			panic("des_3cbc_process: mbuf chain?\n");
+
+		/*
+		 * copy the source into input buffer.
+		 * don't update off or m, since we need to use them
+		 * later.
+		 */
+		if (off + 8 <= m->m_len)
+			bcopy(mtod(m, u_int8_t *) + off, &inbuf[0], 8);
+		else {
+			struct mbuf *n;
+			size_t noff;
+			u_int8_t *p;
+			u_int8_t *in;
+
+			n = m;
+			noff = off;
+			p = mtod(n, u_int8_t *) + noff;
+
+			in = &inbuf[0];
+			while (in - &inbuf[0] < 8) {
+				if (!p) {
+					panic("des_3cbc_process: "
+						"mbuf chain?\n");
+				}
+				*in++ = *p++;
+				noff++;
+				if (noff < n->m_len)
+					continue;
+				do {
+					n = n->m_next;
+				} while (n && !n->m_len);
+				noff = 0;
+				if (n)
+					p = mtod(n, u_int8_t *) + noff;
+				else
+					p = NULL;
+			}
+		}
+
+		/* encrypt/decrypt */
+		switch (mode) {
+		case DES_ENCRYPT:
+			in = &inbuf[0];
+			out = &outbuf[0];
+			c2l(in, tin0);
+			c2l(in, tin1);
+
+			/* XOR */
+			tin0 ^= tout0; tin[0] = tin0;
+			tin1 ^= tout1; tin[1] = tin1;
+
+			des_encrypt((DES_LONG *)tin, schedule[0], DES_ENCRYPT);
+			des_encrypt((DES_LONG *)tin, schedule[1], DES_DECRYPT);
+			des_encrypt((DES_LONG *)tin, schedule[2], DES_ENCRYPT);
+
+			tout0 = tin[0]; l2c(tout0, out);
+			tout1 = tin[1]; l2c(tout1, out);
+			break;
+		case DES_DECRYPT:
+			in = &inbuf[0];
+			out = &outbuf[0];
+			c2l(in, tin0); tin[0] = tin0;
+			c2l(in, tin1); tin[1] = tin1;
+
+			des_encrypt((DES_LONG *)tin, schedule[2], DES_DECRYPT);
+			des_encrypt((DES_LONG *)tin, schedule[1], DES_ENCRYPT);
+			des_encrypt((DES_LONG *)tin, schedule[0], DES_DECRYPT);
+
+			/* XOR */
+			tout0 = tin[0] ^ xor0;
+			tout1 = tin[1] ^ xor1;
+			l2c(tout0, out);
+			l2c(tout1, out);
+
+			/* for next iv */
+			xor0 = tin0;
+			xor1 = tin1;
+			break;
+		}
+
+		/*
+		 * copy the output buffer int the result.
+		 * need to update off and m.
+		 */
+		if (off + 8 < m->m_len) {
+			bcopy(&outbuf[0], mtod(m, u_int8_t *) + off, 8);
+			off += 8;
+		} else if (off + 8 == m->m_len) {
+			bcopy(&outbuf[0], mtod(m, u_int8_t *) + off, 8);
+			do {
+				m = m->m_next;
+			} while (m && !m->m_len);
+			off = 0;
+		} else {
+			struct mbuf *n;
+			size_t noff;
+			u_int8_t *p;
+			u_int8_t *out;
+
+			n = m;
+			noff = off;
+			p = mtod(n, u_int8_t *) + noff;
+
+			out = &outbuf[0];
+			while (out - &outbuf[0] < 8) {
+				if (!p) {
+					panic("des_3cbc_process: "
+						"mbuf chain?\n");
+				}
+				*p++ = *out++;
+				noff++;
+				if (noff < n->m_len)
+					continue;
+				do {
+					n = n->m_next;
+				} while (n && !n->m_len);
+				noff = 0;
+				if (n)
+					p = mtod(n, u_int8_t *) + noff;
+				else
+					p = NULL;
+			}
+
+			m = n;
+			off = noff;
+		}
+
+		length -= 8;
+	}
+}
+
diff --git a/sys/crypto/des/des_cbc.c b/sys/crypto/des/des_cbc.c
new file mode 100644
index 0000000..665352a
--- /dev/null
+++ b/sys/crypto/des/des_cbc.c
@@ -0,0 +1,328 @@
+/*
+ * heavily modified by Yoshifumi Nishida <nishida@sfc.wide.ad.jp>.
+ * then, completely rewrote by Jun-ichiro itojun Itoh <itojun@itojun.org>,
+ * 1997.
+ */
+/* crypto/des/cbc_enc.c */
+/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ *
+ * This file is part of an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL
+ * specification.  This library and applications are
+ * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
+ * as long as the following conditions are aheared to.
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.  If this code is used in a product,
+ * Eric Young should be given attribution as the author of the parts used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    This product includes software developed by Eric Young (eay@mincom.oz.au)
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ *
+ * $FreeBSD$
+ */
+
+#include <crypto/des/des_locl.h>
+
+#define	panic(x) {printf(x); return;}
+
+void des_cbc_encrypt(m0, skip, length, schedule, ivec, mode)
+	struct mbuf *m0;
+	size_t skip;
+	size_t length;
+	des_key_schedule schedule;
+	des_cblock (*ivec);
+	int mode;
+{
+	u_int8_t inbuf[8], outbuf[8];
+	struct mbuf *m;
+	size_t off;
+	register DES_LONG tin0, tin1;
+	register DES_LONG tout0, tout1;
+	DES_LONG tin[2];
+	u_int8_t *iv;
+
+	/* sanity checks */
+	if (m0->m_pkthdr.len < skip) {
+		printf("mbuf length < skip\n");
+		return;
+	}
+	if (m0->m_pkthdr.len < length) {
+		printf("mbuf length < encrypt length\n");
+		return;
+	}
+	if (m0->m_pkthdr.len < skip + length) {
+		printf("mbuf length < skip + encrypt length\n");
+		return;
+	}
+	if (length % 8) {
+		printf("length is not multiple of 8\n");
+		return;
+	}
+
+	m = m0;
+	off = 0;
+
+	/* skip over the header */
+	while (skip) {
+		if (!m)
+			panic("mbuf chain?\n");
+		if (m->m_len <= skip) {
+			skip -= m->m_len;
+			m = m->m_next;
+			off = 0;
+		} else {
+			off = skip;
+			skip = 0;
+		}
+	}
+
+	/* initialize */
+	tin0 = tin1 = tout0 = tout1 = 0;
+	tin[0] = tin[1] = 0;
+
+	if (mode == DES_ENCRYPT) {
+		u_int8_t *in, *out;
+
+		iv = (u_int8_t *)ivec;
+		c2l(iv, tout0);
+		c2l(iv, tout1);
+
+		while (0 < length) {
+			if (!m)
+				panic("mbuf chain?\n");
+
+			/*
+			 * copy the source into input buffer.
+			 * don't update off or m, since we need to use them				 * later.
+			 */
+			if (off + 8 <= m->m_len)
+				bcopy(mtod(m, u_int8_t *) + off, &inbuf[0], 8);
+			else {
+				struct mbuf *n;
+				size_t noff;
+				u_int8_t *p;
+				u_int8_t *in;
+
+				n = m;
+				noff = off;
+				p = mtod(n, u_int8_t *) + noff;
+
+				in = &inbuf[0];
+				while (in - &inbuf[0] < 8) {
+					if (!p)
+						panic("mbuf chain?\n");
+
+					*in++ = *p++;
+					noff++;
+					if (noff < n->m_len)
+						continue;
+					do {
+						n = n->m_next;
+					} while (n && ! n->m_len);
+					noff = 0;
+					if (n)
+						p = mtod(n, u_int8_t *) + noff;
+					else
+						p = NULL;
+				}
+			}
+
+			in = &inbuf[0];
+			out = &outbuf[0];
+			c2l(in, tin0);
+			c2l(in, tin1);
+
+			tin0 ^= tout0; tin[0] = tin0;
+			tin1 ^= tout1; tin[1] = tin1;
+			des_encrypt((DES_LONG *)tin, schedule, DES_ENCRYPT);
+			tout0 = tin[0]; l2c(tout0, out);
+			tout1 = tin[1]; l2c(tout1, out);
+
+			/*
+			 * copy the output buffer into the result.
+			 * need to update off and m.
+			 */
+			if (off + 8 < m->m_len) {
+				bcopy(&outbuf[0], mtod(m, u_int8_t *) + off, 8);
+				off += 8;
+			} else if (off + 8 == m->m_len) {
+				bcopy(&outbuf[0], mtod(m, u_int8_t *) + off, 8);
+				do {
+					m = m->m_next;
+				} while (m && ! m->m_len);
+				off = 0;
+			} else {
+				struct mbuf *n;
+				size_t noff;
+				u_int8_t *p;
+				u_int8_t *out;
+
+				n = m;
+				noff = off;
+				p = mtod(n, u_int8_t *) + noff;
+
+				out = &outbuf[0];
+				while (out - &outbuf[0] < 8) {
+					if (!p)
+						panic("mbuf chain?");
+					*p++ = *out++;
+					noff++;
+					if (noff < n->m_len)
+						continue;
+					do {
+						n = n->m_next;
+					} while (n && ! n->m_len);
+					noff = 0;
+					if (n)
+						p = mtod(n, u_int8_t *) + noff;
+					else
+						p = NULL;
+				}
+
+				m = n;
+				off = noff;
+			}
+
+			length -= 8;
+		}
+	} else if (mode == DES_DECRYPT) {
+		register DES_LONG xor0, xor1;
+		u_int8_t *in, *out;
+
+		xor0 = xor1 = 0;
+		iv = (u_int8_t *)ivec;
+		c2l(iv, xor0);
+		c2l(iv, xor1);
+
+		while (0 < length) {
+			if (!m)
+				panic("mbuf chain?\n");
+
+			/*
+			 * copy the source into input buffer.
+			 * don't update off or m, since we need to use them				 * later.
+			 */
+			if (off + 8 <= m->m_len)
+				bcopy(mtod(m, u_int8_t *) + off, &inbuf[0], 8);
+			else {
+				struct mbuf *n;
+				size_t noff;
+				u_int8_t *p;
+				u_int8_t *in;
+
+				n = m;
+				noff = off;
+				p = mtod(n, u_int8_t *) + noff;
+
+				in = &inbuf[0];
+				while (in - &inbuf[0] < 8) {
+					if (!p)
+						panic("mbuf chain?\n");
+					*in++ = *p++;
+					noff++;
+					if (noff < n->m_len)
+						continue;
+					do {
+						n = n->m_next;
+					} while (n && ! n->m_len);
+					noff = 0;
+					if (n)
+						p = mtod(n, u_int8_t *) + noff;
+					else
+						p = NULL;
+				}
+			}
+
+			in = &inbuf[0];
+			out = &outbuf[0];
+			c2l(in, tin0); tin[0] = tin0;
+			c2l(in, tin1); tin[1] = tin1;
+			des_encrypt((DES_LONG *)tin, schedule, DES_DECRYPT);
+			tout0 = tin[0] ^ xor0;
+			tout1 = tin[1] ^ xor1;
+			l2c(tout0, out);
+			l2c(tout1, out);
+			xor0 = tin0;
+			xor1 = tin1;
+
+
+			/*
+			 * copy the output buffer into the result.
+			 * need to update off and m.
+			 */
+			if (off + 8 < m->m_len) {
+				bcopy(&outbuf[0], mtod(m, u_int8_t *) + off, 8);
+				off += 8;
+			} else if (off + 8 == m->m_len) {
+				bcopy(&outbuf[0], mtod(m, u_int8_t *) + off, 8);
+				do {
+					m = m->m_next;
+				} while (m && ! m->m_len);
+				off = 0;
+			} else {
+				struct mbuf *n;
+				size_t noff;
+				u_int8_t *p;
+				u_int8_t *out;
+
+				n = m;
+				noff = off;
+				p = mtod(n, u_int8_t *) + noff;
+
+				out = &outbuf[0];
+				while (out - &outbuf[0] < 8) {
+					if (!p)
+						panic("mbuf chain?\n");
+					*p++ = *out++;
+					noff++;
+					if (noff < n->m_len)
+						continue;
+					do {
+						n = n->m_next;
+					} while (n && ! n->m_len);
+					noff = 0;
+					if (n)
+						p = mtod(n, u_int8_t *) + noff;
+					else
+						p = NULL;
+				}
+
+				m = n;
+				off = noff;
+			}
+
+			length -= 8;
+		}
+	}
+}
diff --git a/sys/crypto/des/des_ecb.c b/sys/crypto/des/des_ecb.c
new file mode 100644
index 0000000..9e74d6c
--- /dev/null
+++ b/sys/crypto/des/des_ecb.c
@@ -0,0 +1,231 @@
+/* crypto/des/ecb_enc.c */
+/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ *
+ * This file is part of an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL
+ * specification.  This library and applications are
+ * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
+ * as long as the following conditions are aheared to.
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.  If this code is used in a product,
+ * Eric Young should be given attribution as the author of the parts used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    This product includes software developed by Eric Young (eay@mincom.oz.au)
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ *
+ * $FreeBSD$
+ */
+
+#include <crypto/des/des_locl.h>
+#include <crypto/des/spr.h>
+
+char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay";
+char *DES_version="DES part of SSLeay 0.6.4 30-Aug-1996";
+
+char *des_options()
+	{
+#ifdef DES_PTR
+	if (sizeof(DES_LONG) != sizeof(long))
+		return("des(ptr,int)");
+	else
+		return("des(ptr,long)");
+#else
+	if (sizeof(DES_LONG) != sizeof(long))
+		return("des(idx,int)");
+	else
+		return("des(idx,long)");
+#endif
+	}
+
+
+void des_ecb_encrypt(input, output, ks, encrypt)
+des_cblock (*input);
+des_cblock (*output);
+des_key_schedule ks;
+int encrypt;
+	{
+	register DES_LONG l;
+	register unsigned char *in,*out;
+	DES_LONG ll[2];
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	c2l(in,l); ll[0]=l;
+	c2l(in,l); ll[1]=l;
+	des_encrypt(ll,ks,encrypt);
+	l=ll[0]; l2c(l,out);
+	l=ll[1]; l2c(l,out);
+	l=ll[0]=ll[1]=0;
+	}
+
+void des_encrypt(data, ks, encrypt)
+DES_LONG *data;
+des_key_schedule ks;
+int encrypt;
+	{
+	register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+	register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+#ifdef undef
+	union fudge {
+		DES_LONG  l;
+		unsigned short s[2];
+		unsigned char  c[4];
+		} U,T;
+#endif
+	register int i;
+	register DES_LONG *s;
+
+	u=data[0];
+	r=data[1];
+
+	IP(u,r);
+	/* Things have been modified so that the initial rotate is
+	 * done outside the loop.  This required the
+	 * des_SPtrans values in sp.h to be rotated 1 bit to the right.
+	 * One perl script later and things have a 5% speed up on a sparc2.
+	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+	 * for pointing this out. */
+	l=(r<<1)|(r>>31);
+	r=(u<<1)|(u>>31);
+
+	/* clear the top bits on machines with 8byte longs */
+	l&=0xffffffffL;
+	r&=0xffffffffL;
+
+	s=(DES_LONG *)ks;
+	/* I don't know if it is worth the effort of loop unrolling the
+	 * inner loop
+	 */
+	if (encrypt)
+		{
+		for (i=0; i<32; i+=8)
+			{
+			D_ENCRYPT(l,r,i+0); /*  1 */
+			D_ENCRYPT(r,l,i+2); /*  2 */
+			D_ENCRYPT(l,r,i+4); /*  3 */
+			D_ENCRYPT(r,l,i+6); /*  4 */
+			}
+		}
+	else
+		{
+		for (i=30; i>0; i-=8)
+			{
+			D_ENCRYPT(l,r,i-0); /* 16 */
+			D_ENCRYPT(r,l,i-2); /* 15 */
+			D_ENCRYPT(l,r,i-4); /* 14 */
+			D_ENCRYPT(r,l,i-6); /* 13 */
+			}
+		}
+	l=(l>>1)|(l<<31);
+	r=(r>>1)|(r<<31);
+	/* clear the top bits on machines with 8byte longs */
+	l&=0xffffffffL;
+	r&=0xffffffffL;
+
+	FP(r,l);
+	data[0]=l;
+	data[1]=r;
+	l=r=t=u=0;
+	}
+
+void des_encrypt2(data, ks, encrypt)
+DES_LONG *data;
+des_key_schedule ks;
+int encrypt;
+	{
+	register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+	register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+#ifdef undef
+	union fudge {
+		DES_LONG  l;
+		unsigned short s[2];
+		unsigned char  c[4];
+		} U,T;
+#endif
+	register int i;
+	register DES_LONG *s;
+
+	u=data[0];
+	r=data[1];
+
+	/* Things have been modified so that the initial rotate is
+	 * done outside the loop.  This required the
+	 * des_SPtrans values in sp.h to be rotated 1 bit to the right.
+	 * One perl script later and things have a 5% speed up on a sparc2.
+	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+	 * for pointing this out. */
+	l=(r<<1)|(r>>31);
+	r=(u<<1)|(u>>31);
+
+	/* clear the top bits on machines with 8byte longs */
+	l&=0xffffffffL;
+	r&=0xffffffffL;
+
+	s=(DES_LONG *)ks;
+	/* I don't know if it is worth the effort of loop unrolling the
+	 * inner loop */
+	if (encrypt)
+		{
+		for (i=0; i<32; i+=8)
+			{
+			D_ENCRYPT(l,r,i+0); /*  1 */
+			D_ENCRYPT(r,l,i+2); /*  2 */
+			D_ENCRYPT(l,r,i+4); /*  3 */
+			D_ENCRYPT(r,l,i+6); /*  4 */
+			}
+		}
+	else
+		{
+		for (i=30; i>0; i-=8)
+			{
+			D_ENCRYPT(l,r,i-0); /* 16 */
+			D_ENCRYPT(r,l,i-2); /* 15 */
+			D_ENCRYPT(l,r,i-4); /* 14 */
+			D_ENCRYPT(r,l,i-6); /* 13 */
+			}
+		}
+	l=(l>>1)|(l<<31);
+	r=(r>>1)|(r<<31);
+	/* clear the top bits on machines with 8byte longs */
+	l&=0xffffffffL;
+	r&=0xffffffffL;
+
+	data[0]=l;
+	data[1]=r;
+	l=r=t=u=0;
+	}
diff --git a/sys/crypto/des/des_locl.h b/sys/crypto/des/des_locl.h
new file mode 100644
index 0000000..4f23984
--- /dev/null
+++ b/sys/crypto/des/des_locl.h
@@ -0,0 +1,347 @@
+/* lib/des/des_locl.h */
+/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ *
+ * This file is part of an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL
+ * specification.  This library and applications are
+ * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
+ * as long as the following conditions are aheared to.
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.  If this code is used in a product,
+ * Eric Young should be given attribution as the author of the parts used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    This product includes software developed by Eric Young (eay@mincom.oz.au)
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ *
+ * $FreeBSD$
+ */
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify des_locl.org since des_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#include <sys/param.h>
+#include <sys/malloc.h>
+#include <sys/mbuf.h>
+#include <sys/systm.h>
+
+#ifndef HEADER_DES_LOCL_H
+#define	HEADER_DES_LOCL_H
+
+#if defined(WIN32) || defined(WIN16)
+#ifndef MSDOS
+#define	MSDOS
+#endif
+#endif
+
+/*
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#endif
+*/
+#include <crypto/des/des.h>
+
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+#ifdef MSDOS		/* Visual C++ 2.1 (Windows NT/95) */
+#include <stdlib.h>
+#include <errno.h>
+#include <time.h>
+#include <io.h>
+#ifndef RAND
+#define	RAND
+#endif
+#undef NOPROTO
+#endif
+
+#if !defined(KERNEL) && (defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS))
+#ifndef __NetBSD__
+#include <string.h>
+#endif
+#endif
+
+#ifdef __NetBSD__
+#include <sys/systm.h>
+#endif
+
+#ifndef RAND
+#define	RAND
+#endif
+
+#ifdef linux
+#undef RAND
+#endif
+
+#ifdef MSDOS
+#define	getpid() 2
+#define	RAND
+#undef NOPROTO
+#endif
+
+#if defined(NOCONST)
+#define	const
+#endif
+
+#ifdef __STDC__
+#undef NOPROTO
+#endif
+
+#ifdef RAND
+#define	srandom(s) srand(s)
+#define	random rand
+#endif
+
+#define	ITERATIONS 16
+#define	HALF_ITERATIONS 8
+
+/* used in des_read and des_write */
+#define	MAXWRITE	(1024*16)
+#define	BSIZE		(MAXWRITE+4)
+
+#define	c2l(c,l)	(l =((DES_LONG)(*((c)++)))    , \
+			 l|=((DES_LONG)(*((c)++)))<< 8L, \
+			 l|=((DES_LONG)(*((c)++)))<<16L, \
+			 l|=((DES_LONG)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#define	c2ln(c,l1,l2,n)	{ \
+			c+=n; \
+			l1=l2=0; \
+			switch (n) { \
+			case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
+			case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
+			case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
+			case 5: l2|=((DES_LONG)(*(--(c))));     \
+			case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
+			case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
+			case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
+			case 1: l1|=((DES_LONG)(*(--(c))));     \
+				} \
+			}
+
+#define	l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* replacements for htonl and ntohl since I have no idea what to do
+ * when faced with machines with 8 byte longs. */
+#define	HDRSIZE 4
+
+#define	n2l(c,l)	(l =((DES_LONG)(*((c)++)))<<24L, \
+			 l|=((DES_LONG)(*((c)++)))<<16L, \
+			 l|=((DES_LONG)(*((c)++)))<< 8L, \
+			 l|=((DES_LONG)(*((c)++))))
+
+#define	l2n(l,c)	(*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+			 *((c)++)=(unsigned char)(((l)     )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define	l2cn(l1,l2,c,n)	{ \
+			c+=n; \
+			switch (n) { \
+			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+				} \
+			}
+
+#if defined(WIN32)
+#define	ROTATE(a,n)	(_lrotr(a,n))
+#else
+#define	ROTATE(a,n)	(((a)>>(n))+((a)<<(32-(n))))
+#endif
+
+/* The changes to this macro may help or hinder, depending on the
+ * compiler and the achitecture.  gcc2 always seems to do well :-).
+ * Inspired by Dana How <how@isl.stanford.edu>
+ * DO NOT use the alternative version on machines with 8 byte longs.
+ * It does not seem to work on the Alpha, even when DES_LONG is 4
+ * bytes, probably an issue of accessing non-word aligned objects :-( */
+#ifdef DES_PTR
+
+#define	D_ENCRYPT(L,R,S) { \
+	u=((R^s[S  ])<<2);	\
+	t= R^s[S+1]; \
+	t=ROTATE(t,2); \
+	L^= (\
+	*(DES_LONG *)((unsigned char *)des_SP+0x100+((t    )&0xfc))+ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x300+((t>> 8)&0xfc))+ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x500+((t>>16)&0xfc))+ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x700+((t>>24)&0xfc))+ \
+	*(DES_LONG *)((unsigned char *)des_SP      +((u    )&0xfc))+ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x200+((u>> 8)&0xfc))+ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x400+((u>>16)&0xfc))+ \
+	*(DES_LONG *)((unsigned char *)des_SP+0x600+((u>>24)&0xfc))); }
+#else /* original version */
+#ifdef undef
+#define	D_ENCRYPT(L,R,S)	\
+	U.l=R^s[S+1]; \
+	T.s[0]=((U.s[0]>>4)|(U.s[1]<<12))&0x3f3f; \
+	T.s[1]=((U.s[1]>>4)|(U.s[0]<<12))&0x3f3f; \
+	U.l=(R^s[S  ])&0x3f3f3f3fL; \
+	L^=	des_SPtrans[1][(T.c[0])]| \
+		des_SPtrans[3][(T.c[1])]| \
+		des_SPtrans[5][(T.c[2])]| \
+		des_SPtrans[7][(T.c[3])]| \
+		des_SPtrans[0][(U.c[0])]| \
+		des_SPtrans[2][(U.c[1])]| \
+		des_SPtrans[4][(U.c[2])]| \
+		des_SPtrans[6][(U.c[3])];
+#else
+#define	D_ENCRYPT(Q,R,S) {\
+	u=(R^s[S  ]); \
+	t=R^s[S+1]; \
+	t=ROTATE(t,4); \
+	Q^=	des_SPtrans[1][(t     )&0x3f]| \
+		des_SPtrans[3][(t>> 8L)&0x3f]| \
+		des_SPtrans[5][(t>>16L)&0x3f]| \
+		des_SPtrans[7][(t>>24L)&0x3f]| \
+		des_SPtrans[0][(u     )&0x3f]| \
+		des_SPtrans[2][(u>> 8L)&0x3f]| \
+		des_SPtrans[4][(u>>16L)&0x3f]| \
+		des_SPtrans[6][(u>>24L)&0x3f]; }
+#endif
+#endif
+
+	/* IP and FP
+	 * The problem is more of a geometric problem that random bit fiddling.
+	 0  1  2  3  4  5  6  7      62 54 46 38 30 22 14  6
+	 8  9 10 11 12 13 14 15      60 52 44 36 28 20 12  4
+	16 17 18 19 20 21 22 23      58 50 42 34 26 18 10  2
+	24 25 26 27 28 29 30 31  to  56 48 40 32 24 16  8  0
+
+	32 33 34 35 36 37 38 39      63 55 47 39 31 23 15  7
+	40 41 42 43 44 45 46 47      61 53 45 37 29 21 13  5
+	48 49 50 51 52 53 54 55      59 51 43 35 27 19 11  3
+	56 57 58 59 60 61 62 63      57 49 41 33 25 17  9  1
+
+	The output has been subject to swaps of the form
+	0 1 -> 3 1 but the odd and even bits have been put into
+	2 3    2 0
+	different words.  The main trick is to remember that
+	t=((l>>size)^r)&(mask);
+	r^=t;
+	l^=(t<<size);
+	can be used to swap and move bits between words.
+
+	So l =  0  1  2  3  r = 16 17 18 19
+	        4  5  6  7      20 21 22 23
+	        8  9 10 11      24 25 26 27
+	       12 13 14 15      28 29 30 31
+	becomes (for size == 2 and mask == 0x3333)
+	   t =   2^16  3^17 -- --   l =  0  1 16 17  r =  2  3 18 19
+		 6^20  7^21 -- --        4  5 20 21       6  7 22 23
+		10^24 11^25 -- --        8  9 24 25      10 11 24 25
+		14^28 15^29 -- --       12 13 28 29      14 15 28 29
+
+	Thanks for hints from Richard Outerbridge - he told me IP&FP
+	could be done in 15 xor, 10 shifts and 5 ands.
+	When I finally started to think of the problem in 2D
+	I first got ~42 operations without xors.  When I remembered
+	how to use xors :-) I got it to its final state.
+	*/
+#define	PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+	(b)^=(t),\
+	(a)^=((t)<<(n)))
+
+#define	IP(l,r) \
+	{ \
+	register DES_LONG tt; \
+	PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
+	PERM_OP(l,r,tt,16,0x0000ffffL); \
+	PERM_OP(r,l,tt, 2,0x33333333L); \
+	PERM_OP(l,r,tt, 8,0x00ff00ffL); \
+	PERM_OP(r,l,tt, 1,0x55555555L); \
+	}
+
+#define	FP(l,r) \
+	{ \
+	register DES_LONG tt; \
+	PERM_OP(l,r,tt, 1,0x55555555L); \
+	PERM_OP(r,l,tt, 8,0x00ff00ffL); \
+	PERM_OP(l,r,tt, 2,0x33333333L); \
+	PERM_OP(r,l,tt,16,0x0000ffffL); \
+	PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
+	}
+#endif
+
+
+/*
+#define	mbuf2char(i_mbuf, i_index, in) \
+	{					\
+	register int	i;			\
+	struct	mbuf	*m;			\
+	char		*buf;			\
+	m = i_mbuf;				\
+	for (i = 0; i < 8; i ++){		\
+		if (i_index + i == m->m_len){	\
+			m = m->m_next;		\
+		}				\
+		buf = mtod(m, char *);		\
+		in[i] = *(buf + i);		\
+	}
+
+
+#define	char2mbuf(o_mbuf, o_index, out) \
+	{					\
+	register int	i;			\
+	struct	mbuf	*m;			\
+	char		*buf;			\
+	m = o_mbuf;				\
+	for (i = 0; i < 8; i ++){		\
+		if (i_index + i == m->m_len){	\
+			m = m->m_next;		\
+		}				\
+		buf = mtod(m, char *);		\
+		*(buf + i) = out[i];		\
+	}
+*/
+
diff --git a/sys/crypto/des/des_setkey.c b/sys/crypto/des/des_setkey.c
new file mode 100644
index 0000000..9747b52
--- /dev/null
+++ b/sys/crypto/des/des_setkey.c
@@ -0,0 +1,238 @@
+/* crypto/des/set_key.c */
+/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ *
+ * This file is part of an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL
+ * specification.  This library and applications are
+ * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
+ * as long as the following conditions are aheared to.
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.  If this code is used in a product,
+ * Eric Young should be given attribution as the author of the parts used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    This product includes software developed by Eric Young (eay@mincom.oz.au)
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ *
+ * $FreeBSD$
+ */
+
+/* set_key.c v 1.4 eay 24/9/91
+ * 1.4 Speed up by 400% :-)
+ * 1.3 added register declarations.
+ * 1.2 unrolled make_key_sched a bit more
+ * 1.1 added norm_expand_bits
+ * 1.0 First working version
+ */
+#include <crypto/des/des_locl.h>
+#include <crypto/des/podd.h>
+#include <crypto/des/sk.h>
+
+#ifndef NOPROTO
+static int check_parity(des_cblock (*key));
+#else
+static int check_parity();
+#endif
+
+int des_check_key=0;
+
+void des_set_odd_parity(key)
+des_cblock (*key);
+	{
+	int i;
+
+	for (i=0; i<DES_KEY_SZ; i++)
+		(*key)[i]=odd_parity[(*key)[i]];
+	}
+
+static int check_parity(key)
+des_cblock (*key);
+	{
+	int i;
+
+	for (i=0; i<DES_KEY_SZ; i++)
+		{
+		if ((*key)[i] != odd_parity[(*key)[i]])
+			return(0);
+		}
+	return(1);
+	}
+
+/* Weak and semi week keys as take from
+ * %A D.W. Davies
+ * %A W.L. Price
+ * %T Security for Computer Networks
+ * %I John Wiley & Sons
+ * %D 1984
+ * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
+ * (and actual cblock values).
+ */
+#define	NUM_WEAK_KEY	16
+static des_cblock weak_keys[NUM_WEAK_KEY]={
+	/* weak keys */
+	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+	{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
+	{0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F},
+	{0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0},
+	/* semi-weak keys */
+	{0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
+	{0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
+	{0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
+	{0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
+	{0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
+	{0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
+	{0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
+	{0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
+	{0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
+	{0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
+	{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+	{0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
+
+int des_is_weak_key(key)
+des_cblock (*key);
+	{
+	int i;
+
+	for (i=0; i<NUM_WEAK_KEY; i++)
+		/* Added == 0 to comparision, I obviously don't run
+		 * this section very often :-(, thanks to
+		 * engineering@MorningStar.Com for the fix
+		 * eay 93/06/29 */
+/*
+		if (memcmp(weak_keys[i],key,sizeof(key)) == 0) return(1);
+*/
+		if (bcmp(weak_keys[i],key,sizeof(key)) == 0) return(1);
+	return(0);
+	}
+
+/* NOW DEFINED IN des_local.h
+ * See ecb_encrypt.c for a pseudo description of these macros.
+ * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ * 	(b)^=(t),\
+ * 	(a)=((a)^((t)<<(n))))
+ */
+
+#define	HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+	(a)=(a)^(t)^(t>>(16-(n))))
+
+/* return 0 if key parity is odd (correct),
+ * return -1 if key parity error,
+ * return -2 if illegal weak key.
+ */
+int des_set_key(key, schedule)
+des_cblock (*key);
+des_key_schedule schedule;
+	{
+	static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
+	register DES_LONG c,d,t,s;
+	register unsigned char *in;
+	register DES_LONG *k;
+	register int i;
+
+	if (des_check_key)
+		{
+		if (!check_parity(key))
+			return(-1);
+
+		if (des_is_weak_key(key))
+			return(-2);
+		}
+
+	k=(DES_LONG *)schedule;
+	in=(unsigned char *)key;
+
+	c2l(in,c);
+	c2l(in,d);
+
+	/* do PC1 in 60 simple operations */
+/*	PERM_OP(d,c,t,4,0x0f0f0f0fL);
+	HPERM_OP(c,t,-2, 0xcccc0000L);
+	HPERM_OP(c,t,-1, 0xaaaa0000L);
+	HPERM_OP(c,t, 8, 0x00ff0000L);
+	HPERM_OP(c,t,-1, 0xaaaa0000L);
+	HPERM_OP(d,t,-8, 0xff000000L);
+	HPERM_OP(d,t, 8, 0x00ff0000L);
+	HPERM_OP(d,t, 2, 0x33330000L);
+	d=((d&0x00aa00aaL)<<7L)|((d&0x55005500L)>>7L)|(d&0xaa55aa55L);
+	d=(d>>8)|((c&0xf0000000L)>>4);
+	c&=0x0fffffffL; */
+
+	/* I now do it in 47 simple operations :-)
+	 * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+	 * for the inspiration. :-) */
+	PERM_OP (d,c,t,4,0x0f0f0f0fL);
+	HPERM_OP(c,t,-2,0xcccc0000L);
+	HPERM_OP(d,t,-2,0xcccc0000L);
+	PERM_OP (d,c,t,1,0x55555555L);
+	PERM_OP (c,d,t,8,0x00ff00ffL);
+	PERM_OP (d,c,t,1,0x55555555L);
+	d=	(((d&0x000000ffL)<<16L)| (d&0x0000ff00L)     |
+		 ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
+	c&=0x0fffffffL;
+
+	for (i=0; i<ITERATIONS; i++)
+		{
+		if (shifts2[i])
+			{ c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
+		else
+			{ c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
+		c&=0x0fffffffL;
+		d&=0x0fffffffL;
+		/* could be a few less shifts but I am to lazy at this
+		 * point in time to investigate */
+		s=	des_skb[0][ (c    )&0x3f                ]|
+			des_skb[1][((c>> 6)&0x03)|((c>> 7L)&0x3c)]|
+			des_skb[2][((c>>13)&0x0f)|((c>>14L)&0x30)]|
+			des_skb[3][((c>>20)&0x01)|((c>>21L)&0x06) |
+						  ((c>>22L)&0x38)];
+		t=	des_skb[4][ (d    )&0x3f                ]|
+			des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
+			des_skb[6][ (d>>15L)&0x3f                ]|
+			des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
+
+		/* table contained 0213 4657 */
+		*(k++)=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
+		s=     ((s>>16L)|(t&0xffff0000L));
+
+		s=(s<<4L)|(s>>28L);
+		*(k++)=s&0xffffffffL;
+		}
+	return(0);
+	}
+
+int des_key_sched(key, schedule)
+des_cblock (*key);
+des_key_schedule schedule;
+	{
+	return(des_set_key(key,schedule));
+	}
diff --git a/sys/crypto/des/podd.h b/sys/crypto/des/podd.h
new file mode 100644
index 0000000..a0efc55
--- /dev/null
+++ b/sys/crypto/des/podd.h
@@ -0,0 +1,66 @@
+/* crypto/des/podd.h */
+/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ *
+ * This file is part of an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL
+ * specification.  This library and applications are
+ * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
+ * as long as the following conditions are aheared to.
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.  If this code is used in a product,
+ * Eric Young should be given attribution as the author of the parts used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    This product includes software developed by Eric Young (eay@mincom.oz.au)
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ *
+ * $FreeBSD$
+ */
+
+static const unsigned char odd_parity[256]={
+  1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
+ 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
+ 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
+ 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
+ 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
+ 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
+ 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
+112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
+128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
+145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
+161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
+176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
+193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
+208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
+224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
+241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
diff --git a/sys/crypto/des/sk.h b/sys/crypto/des/sk.h
new file mode 100644
index 0000000..1a1469c
--- /dev/null
+++ b/sys/crypto/des/sk.h
@@ -0,0 +1,195 @@
+/* crypto/des/sk.h */
+/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ *
+ * This file is part of an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL
+ * specification.  This library and applications are
+ * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
+ * as long as the following conditions are aheared to.
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.  If this code is used in a product,
+ * Eric Young should be given attribution as the author of the parts used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    This product includes software developed by Eric Young (eay@mincom.oz.au)
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ *
+ * $FreeBSD$
+ */
+
+static const DES_LONG des_skb[8][64]={
+{
+/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+0x00000000L,0x00000010L,0x20000000L,0x20000010L,
+0x00010000L,0x00010010L,0x20010000L,0x20010010L,
+0x00000800L,0x00000810L,0x20000800L,0x20000810L,
+0x00010800L,0x00010810L,0x20010800L,0x20010810L,
+0x00000020L,0x00000030L,0x20000020L,0x20000030L,
+0x00010020L,0x00010030L,0x20010020L,0x20010030L,
+0x00000820L,0x00000830L,0x20000820L,0x20000830L,
+0x00010820L,0x00010830L,0x20010820L,0x20010830L,
+0x00080000L,0x00080010L,0x20080000L,0x20080010L,
+0x00090000L,0x00090010L,0x20090000L,0x20090010L,
+0x00080800L,0x00080810L,0x20080800L,0x20080810L,
+0x00090800L,0x00090810L,0x20090800L,0x20090810L,
+0x00080020L,0x00080030L,0x20080020L,0x20080030L,
+0x00090020L,0x00090030L,0x20090020L,0x20090030L,
+0x00080820L,0x00080830L,0x20080820L,0x20080830L,
+0x00090820L,0x00090830L,0x20090820L,0x20090830L,
+},{
+/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
+0x00000000L,0x02000000L,0x00002000L,0x02002000L,
+0x00200000L,0x02200000L,0x00202000L,0x02202000L,
+0x00000004L,0x02000004L,0x00002004L,0x02002004L,
+0x00200004L,0x02200004L,0x00202004L,0x02202004L,
+0x00000400L,0x02000400L,0x00002400L,0x02002400L,
+0x00200400L,0x02200400L,0x00202400L,0x02202400L,
+0x00000404L,0x02000404L,0x00002404L,0x02002404L,
+0x00200404L,0x02200404L,0x00202404L,0x02202404L,
+0x10000000L,0x12000000L,0x10002000L,0x12002000L,
+0x10200000L,0x12200000L,0x10202000L,0x12202000L,
+0x10000004L,0x12000004L,0x10002004L,0x12002004L,
+0x10200004L,0x12200004L,0x10202004L,0x12202004L,
+0x10000400L,0x12000400L,0x10002400L,0x12002400L,
+0x10200400L,0x12200400L,0x10202400L,0x12202400L,
+0x10000404L,0x12000404L,0x10002404L,0x12002404L,
+0x10200404L,0x12200404L,0x10202404L,0x12202404L,
+},{
+/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
+0x00000000L,0x00000001L,0x00040000L,0x00040001L,
+0x01000000L,0x01000001L,0x01040000L,0x01040001L,
+0x00000002L,0x00000003L,0x00040002L,0x00040003L,
+0x01000002L,0x01000003L,0x01040002L,0x01040003L,
+0x00000200L,0x00000201L,0x00040200L,0x00040201L,
+0x01000200L,0x01000201L,0x01040200L,0x01040201L,
+0x00000202L,0x00000203L,0x00040202L,0x00040203L,
+0x01000202L,0x01000203L,0x01040202L,0x01040203L,
+0x08000000L,0x08000001L,0x08040000L,0x08040001L,
+0x09000000L,0x09000001L,0x09040000L,0x09040001L,
+0x08000002L,0x08000003L,0x08040002L,0x08040003L,
+0x09000002L,0x09000003L,0x09040002L,0x09040003L,
+0x08000200L,0x08000201L,0x08040200L,0x08040201L,
+0x09000200L,0x09000201L,0x09040200L,0x09040201L,
+0x08000202L,0x08000203L,0x08040202L,0x08040203L,
+0x09000202L,0x09000203L,0x09040202L,0x09040203L,
+},{
+/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
+0x00000000L,0x00100000L,0x00000100L,0x00100100L,
+0x00000008L,0x00100008L,0x00000108L,0x00100108L,
+0x00001000L,0x00101000L,0x00001100L,0x00101100L,
+0x00001008L,0x00101008L,0x00001108L,0x00101108L,
+0x04000000L,0x04100000L,0x04000100L,0x04100100L,
+0x04000008L,0x04100008L,0x04000108L,0x04100108L,
+0x04001000L,0x04101000L,0x04001100L,0x04101100L,
+0x04001008L,0x04101008L,0x04001108L,0x04101108L,
+0x00020000L,0x00120000L,0x00020100L,0x00120100L,
+0x00020008L,0x00120008L,0x00020108L,0x00120108L,
+0x00021000L,0x00121000L,0x00021100L,0x00121100L,
+0x00021008L,0x00121008L,0x00021108L,0x00121108L,
+0x04020000L,0x04120000L,0x04020100L,0x04120100L,
+0x04020008L,0x04120008L,0x04020108L,0x04120108L,
+0x04021000L,0x04121000L,0x04021100L,0x04121100L,
+0x04021008L,0x04121008L,0x04021108L,0x04121108L,
+},{
+/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+0x00000000L,0x10000000L,0x00010000L,0x10010000L,
+0x00000004L,0x10000004L,0x00010004L,0x10010004L,
+0x20000000L,0x30000000L,0x20010000L,0x30010000L,
+0x20000004L,0x30000004L,0x20010004L,0x30010004L,
+0x00100000L,0x10100000L,0x00110000L,0x10110000L,
+0x00100004L,0x10100004L,0x00110004L,0x10110004L,
+0x20100000L,0x30100000L,0x20110000L,0x30110000L,
+0x20100004L,0x30100004L,0x20110004L,0x30110004L,
+0x00001000L,0x10001000L,0x00011000L,0x10011000L,
+0x00001004L,0x10001004L,0x00011004L,0x10011004L,
+0x20001000L,0x30001000L,0x20011000L,0x30011000L,
+0x20001004L,0x30001004L,0x20011004L,0x30011004L,
+0x00101000L,0x10101000L,0x00111000L,0x10111000L,
+0x00101004L,0x10101004L,0x00111004L,0x10111004L,
+0x20101000L,0x30101000L,0x20111000L,0x30111000L,
+0x20101004L,0x30101004L,0x20111004L,0x30111004L,
+},{
+/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
+0x00000000L,0x08000000L,0x00000008L,0x08000008L,
+0x00000400L,0x08000400L,0x00000408L,0x08000408L,
+0x00020000L,0x08020000L,0x00020008L,0x08020008L,
+0x00020400L,0x08020400L,0x00020408L,0x08020408L,
+0x00000001L,0x08000001L,0x00000009L,0x08000009L,
+0x00000401L,0x08000401L,0x00000409L,0x08000409L,
+0x00020001L,0x08020001L,0x00020009L,0x08020009L,
+0x00020401L,0x08020401L,0x00020409L,0x08020409L,
+0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
+0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
+0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
+0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
+0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
+0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
+0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
+0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
+},{
+/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
+0x00000000L,0x00000100L,0x00080000L,0x00080100L,
+0x01000000L,0x01000100L,0x01080000L,0x01080100L,
+0x00000010L,0x00000110L,0x00080010L,0x00080110L,
+0x01000010L,0x01000110L,0x01080010L,0x01080110L,
+0x00200000L,0x00200100L,0x00280000L,0x00280100L,
+0x01200000L,0x01200100L,0x01280000L,0x01280100L,
+0x00200010L,0x00200110L,0x00280010L,0x00280110L,
+0x01200010L,0x01200110L,0x01280010L,0x01280110L,
+0x00000200L,0x00000300L,0x00080200L,0x00080300L,
+0x01000200L,0x01000300L,0x01080200L,0x01080300L,
+0x00000210L,0x00000310L,0x00080210L,0x00080310L,
+0x01000210L,0x01000310L,0x01080210L,0x01080310L,
+0x00200200L,0x00200300L,0x00280200L,0x00280300L,
+0x01200200L,0x01200300L,0x01280200L,0x01280300L,
+0x00200210L,0x00200310L,0x00280210L,0x00280310L,
+0x01200210L,0x01200310L,0x01280210L,0x01280310L,
+},{
+/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
+0x00000000L,0x04000000L,0x00040000L,0x04040000L,
+0x00000002L,0x04000002L,0x00040002L,0x04040002L,
+0x00002000L,0x04002000L,0x00042000L,0x04042000L,
+0x00002002L,0x04002002L,0x00042002L,0x04042002L,
+0x00000020L,0x04000020L,0x00040020L,0x04040020L,
+0x00000022L,0x04000022L,0x00040022L,0x04040022L,
+0x00002020L,0x04002020L,0x00042020L,0x04042020L,
+0x00002022L,0x04002022L,0x00042022L,0x04042022L,
+0x00000800L,0x04000800L,0x00040800L,0x04040800L,
+0x00000802L,0x04000802L,0x00040802L,0x04040802L,
+0x00002800L,0x04002800L,0x00042800L,0x04042800L,
+0x00002802L,0x04002802L,0x00042802L,0x04042802L,
+0x00000820L,0x04000820L,0x00040820L,0x04040820L,
+0x00000822L,0x04000822L,0x00040822L,0x04040822L,
+0x00002820L,0x04002820L,0x00042820L,0x04042820L,
+0x00002822L,0x04002822L,0x00042822L,0x04042822L,
+}};
diff --git a/sys/crypto/des/spr.h b/sys/crypto/des/spr.h
new file mode 100644
index 0000000..c340f58
--- /dev/null
+++ b/sys/crypto/des/spr.h
@@ -0,0 +1,195 @@
+/* crypto/des/spr.h */
+/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ *
+ * This file is part of an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL
+ * specification.  This library and applications are
+ * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
+ * as long as the following conditions are aheared to.
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.  If this code is used in a product,
+ * Eric Young should be given attribution as the author of the parts used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    This product includes software developed by Eric Young (eay@mincom.oz.au)
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ *
+ * $FreeBSD$
+ */
+
+static const DES_LONG des_SPtrans[8][64]={
+{
+/* nibble 0 */
+0x00820200L, 0x00020000L, 0x80800000L, 0x80820200L,
+0x00800000L, 0x80020200L, 0x80020000L, 0x80800000L,
+0x80020200L, 0x00820200L, 0x00820000L, 0x80000200L,
+0x80800200L, 0x00800000L, 0x00000000L, 0x80020000L,
+0x00020000L, 0x80000000L, 0x00800200L, 0x00020200L,
+0x80820200L, 0x00820000L, 0x80000200L, 0x00800200L,
+0x80000000L, 0x00000200L, 0x00020200L, 0x80820000L,
+0x00000200L, 0x80800200L, 0x80820000L, 0x00000000L,
+0x00000000L, 0x80820200L, 0x00800200L, 0x80020000L,
+0x00820200L, 0x00020000L, 0x80000200L, 0x00800200L,
+0x80820000L, 0x00000200L, 0x00020200L, 0x80800000L,
+0x80020200L, 0x80000000L, 0x80800000L, 0x00820000L,
+0x80820200L, 0x00020200L, 0x00820000L, 0x80800200L,
+0x00800000L, 0x80000200L, 0x80020000L, 0x00000000L,
+0x00020000L, 0x00800000L, 0x80800200L, 0x00820200L,
+0x80000000L, 0x80820000L, 0x00000200L, 0x80020200L,
+},{
+/* nibble 1 */
+0x10042004L, 0x00000000L, 0x00042000L, 0x10040000L,
+0x10000004L, 0x00002004L, 0x10002000L, 0x00042000L,
+0x00002000L, 0x10040004L, 0x00000004L, 0x10002000L,
+0x00040004L, 0x10042000L, 0x10040000L, 0x00000004L,
+0x00040000L, 0x10002004L, 0x10040004L, 0x00002000L,
+0x00042004L, 0x10000000L, 0x00000000L, 0x00040004L,
+0x10002004L, 0x00042004L, 0x10042000L, 0x10000004L,
+0x10000000L, 0x00040000L, 0x00002004L, 0x10042004L,
+0x00040004L, 0x10042000L, 0x10002000L, 0x00042004L,
+0x10042004L, 0x00040004L, 0x10000004L, 0x00000000L,
+0x10000000L, 0x00002004L, 0x00040000L, 0x10040004L,
+0x00002000L, 0x10000000L, 0x00042004L, 0x10002004L,
+0x10042000L, 0x00002000L, 0x00000000L, 0x10000004L,
+0x00000004L, 0x10042004L, 0x00042000L, 0x10040000L,
+0x10040004L, 0x00040000L, 0x00002004L, 0x10002000L,
+0x10002004L, 0x00000004L, 0x10040000L, 0x00042000L,
+},{
+/* nibble 2 */
+0x41000000L, 0x01010040L, 0x00000040L, 0x41000040L,
+0x40010000L, 0x01000000L, 0x41000040L, 0x00010040L,
+0x01000040L, 0x00010000L, 0x01010000L, 0x40000000L,
+0x41010040L, 0x40000040L, 0x40000000L, 0x41010000L,
+0x00000000L, 0x40010000L, 0x01010040L, 0x00000040L,
+0x40000040L, 0x41010040L, 0x00010000L, 0x41000000L,
+0x41010000L, 0x01000040L, 0x40010040L, 0x01010000L,
+0x00010040L, 0x00000000L, 0x01000000L, 0x40010040L,
+0x01010040L, 0x00000040L, 0x40000000L, 0x00010000L,
+0x40000040L, 0x40010000L, 0x01010000L, 0x41000040L,
+0x00000000L, 0x01010040L, 0x00010040L, 0x41010000L,
+0x40010000L, 0x01000000L, 0x41010040L, 0x40000000L,
+0x40010040L, 0x41000000L, 0x01000000L, 0x41010040L,
+0x00010000L, 0x01000040L, 0x41000040L, 0x00010040L,
+0x01000040L, 0x00000000L, 0x41010000L, 0x40000040L,
+0x41000000L, 0x40010040L, 0x00000040L, 0x01010000L,
+},{
+/* nibble 3 */
+0x00100402L, 0x04000400L, 0x00000002L, 0x04100402L,
+0x00000000L, 0x04100000L, 0x04000402L, 0x00100002L,
+0x04100400L, 0x04000002L, 0x04000000L, 0x00000402L,
+0x04000002L, 0x00100402L, 0x00100000L, 0x04000000L,
+0x04100002L, 0x00100400L, 0x00000400L, 0x00000002L,
+0x00100400L, 0x04000402L, 0x04100000L, 0x00000400L,
+0x00000402L, 0x00000000L, 0x00100002L, 0x04100400L,
+0x04000400L, 0x04100002L, 0x04100402L, 0x00100000L,
+0x04100002L, 0x00000402L, 0x00100000L, 0x04000002L,
+0x00100400L, 0x04000400L, 0x00000002L, 0x04100000L,
+0x04000402L, 0x00000000L, 0x00000400L, 0x00100002L,
+0x00000000L, 0x04100002L, 0x04100400L, 0x00000400L,
+0x04000000L, 0x04100402L, 0x00100402L, 0x00100000L,
+0x04100402L, 0x00000002L, 0x04000400L, 0x00100402L,
+0x00100002L, 0x00100400L, 0x04100000L, 0x04000402L,
+0x00000402L, 0x04000000L, 0x04000002L, 0x04100400L,
+},{
+/* nibble 4 */
+0x02000000L, 0x00004000L, 0x00000100L, 0x02004108L,
+0x02004008L, 0x02000100L, 0x00004108L, 0x02004000L,
+0x00004000L, 0x00000008L, 0x02000008L, 0x00004100L,
+0x02000108L, 0x02004008L, 0x02004100L, 0x00000000L,
+0x00004100L, 0x02000000L, 0x00004008L, 0x00000108L,
+0x02000100L, 0x00004108L, 0x00000000L, 0x02000008L,
+0x00000008L, 0x02000108L, 0x02004108L, 0x00004008L,
+0x02004000L, 0x00000100L, 0x00000108L, 0x02004100L,
+0x02004100L, 0x02000108L, 0x00004008L, 0x02004000L,
+0x00004000L, 0x00000008L, 0x02000008L, 0x02000100L,
+0x02000000L, 0x00004100L, 0x02004108L, 0x00000000L,
+0x00004108L, 0x02000000L, 0x00000100L, 0x00004008L,
+0x02000108L, 0x00000100L, 0x00000000L, 0x02004108L,
+0x02004008L, 0x02004100L, 0x00000108L, 0x00004000L,
+0x00004100L, 0x02004008L, 0x02000100L, 0x00000108L,
+0x00000008L, 0x00004108L, 0x02004000L, 0x02000008L,
+},{
+/* nibble 5 */
+0x20000010L, 0x00080010L, 0x00000000L, 0x20080800L,
+0x00080010L, 0x00000800L, 0x20000810L, 0x00080000L,
+0x00000810L, 0x20080810L, 0x00080800L, 0x20000000L,
+0x20000800L, 0x20000010L, 0x20080000L, 0x00080810L,
+0x00080000L, 0x20000810L, 0x20080010L, 0x00000000L,
+0x00000800L, 0x00000010L, 0x20080800L, 0x20080010L,
+0x20080810L, 0x20080000L, 0x20000000L, 0x00000810L,
+0x00000010L, 0x00080800L, 0x00080810L, 0x20000800L,
+0x00000810L, 0x20000000L, 0x20000800L, 0x00080810L,
+0x20080800L, 0x00080010L, 0x00000000L, 0x20000800L,
+0x20000000L, 0x00000800L, 0x20080010L, 0x00080000L,
+0x00080010L, 0x20080810L, 0x00080800L, 0x00000010L,
+0x20080810L, 0x00080800L, 0x00080000L, 0x20000810L,
+0x20000010L, 0x20080000L, 0x00080810L, 0x00000000L,
+0x00000800L, 0x20000010L, 0x20000810L, 0x20080800L,
+0x20080000L, 0x00000810L, 0x00000010L, 0x20080010L,
+},{
+/* nibble 6 */
+0x00001000L, 0x00000080L, 0x00400080L, 0x00400001L,
+0x00401081L, 0x00001001L, 0x00001080L, 0x00000000L,
+0x00400000L, 0x00400081L, 0x00000081L, 0x00401000L,
+0x00000001L, 0x00401080L, 0x00401000L, 0x00000081L,
+0x00400081L, 0x00001000L, 0x00001001L, 0x00401081L,
+0x00000000L, 0x00400080L, 0x00400001L, 0x00001080L,
+0x00401001L, 0x00001081L, 0x00401080L, 0x00000001L,
+0x00001081L, 0x00401001L, 0x00000080L, 0x00400000L,
+0x00001081L, 0x00401000L, 0x00401001L, 0x00000081L,
+0x00001000L, 0x00000080L, 0x00400000L, 0x00401001L,
+0x00400081L, 0x00001081L, 0x00001080L, 0x00000000L,
+0x00000080L, 0x00400001L, 0x00000001L, 0x00400080L,
+0x00000000L, 0x00400081L, 0x00400080L, 0x00001080L,
+0x00000081L, 0x00001000L, 0x00401081L, 0x00400000L,
+0x00401080L, 0x00000001L, 0x00001001L, 0x00401081L,
+0x00400001L, 0x00401080L, 0x00401000L, 0x00001001L,
+},{
+/* nibble 7 */
+0x08200020L, 0x08208000L, 0x00008020L, 0x00000000L,
+0x08008000L, 0x00200020L, 0x08200000L, 0x08208020L,
+0x00000020L, 0x08000000L, 0x00208000L, 0x00008020L,
+0x00208020L, 0x08008020L, 0x08000020L, 0x08200000L,
+0x00008000L, 0x00208020L, 0x00200020L, 0x08008000L,
+0x08208020L, 0x08000020L, 0x00000000L, 0x00208000L,
+0x08000000L, 0x00200000L, 0x08008020L, 0x08200020L,
+0x00200000L, 0x00008000L, 0x08208000L, 0x00000020L,
+0x00200000L, 0x00008000L, 0x08000020L, 0x08208020L,
+0x00008020L, 0x08000000L, 0x00000000L, 0x00208000L,
+0x08200020L, 0x08008020L, 0x08008000L, 0x00200020L,
+0x08208000L, 0x00000020L, 0x00200020L, 0x08008000L,
+0x08208020L, 0x00200000L, 0x08200000L, 0x08000020L,
+0x00208000L, 0x00008020L, 0x08008020L, 0x08200000L,
+0x00000020L, 0x08208000L, 0x00208020L, 0x00000000L,
+0x08000000L, 0x08200020L, 0x00008000L, 0x00208020L,
+}};