/src/openssl/crypto/des/cfb64ede.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* |
11 | | * DES low level APIs are deprecated for public use, but still ok for internal |
12 | | * use. |
13 | | */ |
14 | | #include "internal/deprecated.h" |
15 | | |
16 | | #include "des_local.h" |
17 | | |
18 | | /* |
19 | | * The input and output encrypted as though 64bit cfb mode is being used. |
20 | | * The extra state information to record how much of the 64bit block we have |
21 | | * used is contained in *num; |
22 | | */ |
23 | | |
24 | | void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, |
25 | | long length, DES_key_schedule *ks1, |
26 | | DES_key_schedule *ks2, DES_key_schedule *ks3, |
27 | | DES_cblock *ivec, int *num, int enc) |
28 | 0 | { |
29 | 0 | register DES_LONG v0, v1; |
30 | 0 | register long l = length; |
31 | 0 | register int n = *num; |
32 | 0 | DES_LONG ti[2]; |
33 | 0 | unsigned char *iv, c, cc; |
34 | |
|
35 | 0 | iv = &(*ivec)[0]; |
36 | 0 | if (enc) { |
37 | 0 | while (l--) { |
38 | 0 | if (n == 0) { |
39 | 0 | c2l(iv, v0); |
40 | 0 | c2l(iv, v1); |
41 | |
|
42 | 0 | ti[0] = v0; |
43 | 0 | ti[1] = v1; |
44 | 0 | DES_encrypt3(ti, ks1, ks2, ks3); |
45 | 0 | v0 = ti[0]; |
46 | 0 | v1 = ti[1]; |
47 | |
|
48 | 0 | iv = &(*ivec)[0]; |
49 | 0 | l2c(v0, iv); |
50 | 0 | l2c(v1, iv); |
51 | 0 | iv = &(*ivec)[0]; |
52 | 0 | } |
53 | 0 | c = *(in++) ^ iv[n]; |
54 | 0 | *(out++) = c; |
55 | 0 | iv[n] = c; |
56 | 0 | n = (n + 1) & 0x07; |
57 | 0 | } |
58 | 0 | } else { |
59 | 0 | while (l--) { |
60 | 0 | if (n == 0) { |
61 | 0 | c2l(iv, v0); |
62 | 0 | c2l(iv, v1); |
63 | |
|
64 | 0 | ti[0] = v0; |
65 | 0 | ti[1] = v1; |
66 | 0 | DES_encrypt3(ti, ks1, ks2, ks3); |
67 | 0 | v0 = ti[0]; |
68 | 0 | v1 = ti[1]; |
69 | |
|
70 | 0 | iv = &(*ivec)[0]; |
71 | 0 | l2c(v0, iv); |
72 | 0 | l2c(v1, iv); |
73 | 0 | iv = &(*ivec)[0]; |
74 | 0 | } |
75 | 0 | cc = *(in++); |
76 | 0 | c = iv[n]; |
77 | 0 | iv[n] = cc; |
78 | 0 | *(out++) = c ^ cc; |
79 | 0 | n = (n + 1) & 0x07; |
80 | 0 | } |
81 | 0 | } |
82 | 0 | v0 = v1 = ti[0] = ti[1] = c = cc = 0; |
83 | 0 | *num = n; |
84 | 0 | } |
85 | | |
86 | | /* |
87 | | * This is compatible with the single key CFB-r for DES, even thought that's |
88 | | * not what EVP needs. |
89 | | */ |
90 | | |
91 | | void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out, |
92 | | int numbits, long length, DES_key_schedule *ks1, |
93 | | DES_key_schedule *ks2, DES_key_schedule *ks3, |
94 | | DES_cblock *ivec, int enc) |
95 | 0 | { |
96 | 0 | register DES_LONG d0, d1, v0, v1; |
97 | 0 | register unsigned long l = length, n = ((unsigned int)numbits + 7) / 8; |
98 | 0 | register int num = numbits, i; |
99 | 0 | DES_LONG ti[2]; |
100 | 0 | unsigned char *iv; |
101 | 0 | unsigned char ovec[16]; |
102 | |
|
103 | 0 | if (num > 64) |
104 | 0 | return; |
105 | 0 | iv = &(*ivec)[0]; |
106 | 0 | c2l(iv, v0); |
107 | 0 | c2l(iv, v1); |
108 | 0 | if (enc) { |
109 | 0 | while (l >= n) { |
110 | 0 | l -= n; |
111 | 0 | ti[0] = v0; |
112 | 0 | ti[1] = v1; |
113 | 0 | DES_encrypt3(ti, ks1, ks2, ks3); |
114 | 0 | c2ln(in, d0, d1, n); |
115 | 0 | in += n; |
116 | 0 | d0 ^= ti[0]; |
117 | 0 | d1 ^= ti[1]; |
118 | 0 | l2cn(d0, d1, out, n); |
119 | 0 | out += n; |
120 | | /* |
121 | | * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under |
122 | | * gcc :-( |
123 | | */ |
124 | 0 | if (num == 32) { |
125 | 0 | v0 = v1; |
126 | 0 | v1 = d0; |
127 | 0 | } else if (num == 64) { |
128 | 0 | v0 = d0; |
129 | 0 | v1 = d1; |
130 | 0 | } else { |
131 | 0 | iv = &ovec[0]; |
132 | 0 | l2c(v0, iv); |
133 | 0 | l2c(v1, iv); |
134 | 0 | l2c(d0, iv); |
135 | 0 | l2c(d1, iv); |
136 | | /* shift ovec left most of the bits... */ |
137 | 0 | memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0)); |
138 | | /* now the remaining bits */ |
139 | 0 | if (num % 8 != 0) |
140 | 0 | for (i = 0; i < 8; ++i) { |
141 | 0 | ovec[i] <<= num % 8; |
142 | 0 | ovec[i] |= ovec[i + 1] >> (8 - num % 8); |
143 | 0 | } |
144 | 0 | iv = &ovec[0]; |
145 | 0 | c2l(iv, v0); |
146 | 0 | c2l(iv, v1); |
147 | 0 | } |
148 | 0 | } |
149 | 0 | } else { |
150 | 0 | while (l >= n) { |
151 | 0 | l -= n; |
152 | 0 | ti[0] = v0; |
153 | 0 | ti[1] = v1; |
154 | 0 | DES_encrypt3(ti, ks1, ks2, ks3); |
155 | 0 | c2ln(in, d0, d1, n); |
156 | 0 | in += n; |
157 | | /* |
158 | | * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under |
159 | | * gcc :-( |
160 | | */ |
161 | 0 | if (num == 32) { |
162 | 0 | v0 = v1; |
163 | 0 | v1 = d0; |
164 | 0 | } else if (num == 64) { |
165 | 0 | v0 = d0; |
166 | 0 | v1 = d1; |
167 | 0 | } else { |
168 | 0 | iv = &ovec[0]; |
169 | 0 | l2c(v0, iv); |
170 | 0 | l2c(v1, iv); |
171 | 0 | l2c(d0, iv); |
172 | 0 | l2c(d1, iv); |
173 | | /* shift ovec left most of the bits... */ |
174 | 0 | memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0)); |
175 | | /* now the remaining bits */ |
176 | 0 | if (num % 8 != 0) |
177 | 0 | for (i = 0; i < 8; ++i) { |
178 | 0 | ovec[i] <<= num % 8; |
179 | 0 | ovec[i] |= ovec[i + 1] >> (8 - num % 8); |
180 | 0 | } |
181 | 0 | iv = &ovec[0]; |
182 | 0 | c2l(iv, v0); |
183 | 0 | c2l(iv, v1); |
184 | 0 | } |
185 | 0 | d0 ^= ti[0]; |
186 | 0 | d1 ^= ti[1]; |
187 | 0 | l2cn(d0, d1, out, n); |
188 | 0 | out += n; |
189 | 0 | } |
190 | 0 | } |
191 | 0 | iv = &(*ivec)[0]; |
192 | 0 | l2c(v0, iv); |
193 | 0 | l2c(v1, iv); |
194 | 0 | v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0; |
195 | 0 | } |