Coverage Report

Created: 2024-11-21 07:03

/src/nss-nspr/nss/lib/freebl/deprecated/seed.c
Line
Count
Source (jump to first uncovered line)
1
/* This Source Code Form is subject to the terms of the Mozilla Public
2
 * License, v. 2.0. If a copy of the MPL was not distributed with this
3
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5
#ifdef FREEBL_NO_DEPEND
6
#include "../stubs.h"
7
#endif
8
9
#include <stdio.h>
10
#include <stdlib.h>
11
#include <string.h>
12
#include <stddef.h>
13
#ifdef WIN32
14
#include <memory.h>
15
#endif
16
17
#include "seed.h"
18
#include "secerr.h"
19
20
static const seed_word SS[4][256] = {
21
    { 0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0,
22
      0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
23
      0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c,
24
      0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
25
      0x28082028, 0x04444044, 0x20002020, 0x1d8d919c,
26
      0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314,
27
      0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378,
28
      0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec,
29
      0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8,
30
      0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074,
31
      0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354,
32
      0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100,
33
      0x24042024, 0x1c0c101c, 0x33437370, 0x18889098,
34
      0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8,
35
      0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380,
36
      0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8,
37
      0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8,
38
      0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c,
39
      0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078,
40
      0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4,
41
      0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140,
42
      0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008,
43
      0x1f0f131c, 0x19899198, 0x00000000, 0x19091118,
44
      0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0,
45
      0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324,
46
      0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8,
47
      0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c,
48
      0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208,
49
      0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4,
50
      0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064,
51
      0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218,
52
      0x06060204, 0x21012120, 0x2b4b6368, 0x26466264,
53
      0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288,
54
      0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0,
55
      0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4,
56
      0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc,
57
      0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac,
58
      0x36063234, 0x15051114, 0x22022220, 0x38083038,
59
      0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c,
60
      0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394,
61
      0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c,
62
      0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188,
63
      0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8,
64
      0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4,
65
      0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364,
66
      0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8,
67
      0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320,
68
      0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4,
69
      0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0,
70
      0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040,
71
      0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0,
72
      0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154,
73
      0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c,
74
      0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254,
75
      0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244,
76
      0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8,
77
      0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c,
78
      0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0,
79
      0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c,
80
      0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088,
81
      0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4,
82
      0x22426260, 0x29092128, 0x07070304, 0x33033330,
83
      0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178,
84
      0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298 },
85
    { 0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2,
86
      0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0,
87
      0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3,
88
      0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53,
89
      0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1,
90
      0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3,
91
      0xd013c3d3, 0x90118191, 0x10110111, 0x04060602,
92
      0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43,
93
      0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0,
94
      0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0,
95
      0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2,
96
      0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890,
97
      0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32,
98
      0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3,
99
      0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72,
100
      0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272,
101
      0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0,
102
      0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83,
103
      0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13,
104
      0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430,
105
      0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1,
106
      0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0,
107
      0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1,
108
      0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1,
109
      0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131,
110
      0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1,
111
      0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202,
112
      0x20220222, 0x04040400, 0x68284860, 0x70314171,
113
      0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991,
114
      0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951,
115
      0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0,
116
      0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0,
117
      0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12,
118
      0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3,
119
      0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2,
120
      0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41,
121
      0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32,
122
      0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62,
123
      0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292,
124
      0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0,
125
      0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571,
126
      0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303,
127
      0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470,
128
      0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901,
129
      0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040,
130
      0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501,
131
      0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22,
132
      0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343,
133
      0x84058581, 0x14140410, 0x88098981, 0x981b8b93,
134
      0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971,
135
      0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282,
136
      0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53,
137
      0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11,
138
      0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642,
139
      0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3,
140
      0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1,
141
      0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30,
142
      0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70,
143
      0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622,
144
      0x30320232, 0x84048480, 0x68294961, 0x90138393,
145
      0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0,
146
      0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783,
147
      0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83,
148
      0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3 },
149
    { 0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3,
150
      0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505,
151
      0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e,
152
      0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343,
153
      0x20282808, 0x40440444, 0x20202000, 0x919c1d8d,
154
      0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707,
155
      0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b,
156
      0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece,
157
      0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888,
158
      0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444,
159
      0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747,
160
      0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101,
161
      0x20242404, 0x101c1c0c, 0x73703343, 0x90981888,
162
      0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9,
163
      0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383,
164
      0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9,
165
      0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb,
166
      0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f,
167
      0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848,
168
      0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5,
169
      0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141,
170
      0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808,
171
      0x131c1f0f, 0x91981989, 0x00000000, 0x11181909,
172
      0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1,
173
      0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707,
174
      0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b,
175
      0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d,
176
      0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a,
177
      0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5,
178
      0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444,
179
      0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a,
180
      0x02040606, 0x21202101, 0x63682b4b, 0x62642646,
181
      0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a,
182
      0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0,
183
      0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5,
184
      0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf,
185
      0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e,
186
      0x32343606, 0x11141505, 0x22202202, 0x30383808,
187
      0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c,
188
      0x81800181, 0xe1e829c9, 0x80840484, 0x93941787,
189
      0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c,
190
      0x71703141, 0x11101101, 0xc3c407c7, 0x81880989,
191
      0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8,
192
      0x90941484, 0x51581949, 0x82800282, 0xc0c404c4,
193
      0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747,
194
      0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888,
195
      0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303,
196
      0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484,
197
      0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2,
198
      0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040,
199
      0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1,
200
      0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545,
201
      0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f,
202
      0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646,
203
      0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646,
204
      0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca,
205
      0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f,
206
      0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282,
207
      0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f,
208
      0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888,
209
      0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4,
210
      0x62602242, 0x21282909, 0x03040707, 0x33303303,
211
      0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949,
212
      0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a },
213
    { 0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426,
214
      0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
215
      0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407,
216
      0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
217
      0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435,
218
      0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
219
      0xc3d3d013, 0x81919011, 0x01111011, 0x06020406,
220
      0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
221
      0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828,
222
      0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
223
      0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416,
224
      0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
225
      0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e,
226
      0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
227
      0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a,
228
      0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
229
      0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000,
230
      0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
231
      0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f,
232
      0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
233
      0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829,
234
      0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
235
      0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405,
236
      0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
237
      0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031,
238
      0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
239
      0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002,
240
      0x02222022, 0x04000404, 0x48606828, 0x41717031,
241
      0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819,
242
      0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
243
      0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c,
244
      0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
245
      0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a,
246
      0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
247
      0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022,
248
      0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
249
      0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a,
250
      0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
251
      0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012,
252
      0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
253
      0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435,
254
      0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
255
      0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434,
256
      0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
257
      0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000,
258
      0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
259
      0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a,
260
      0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
261
      0x85818405, 0x04101414, 0x89818809, 0x8b93981b,
262
      0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
263
      0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002,
264
      0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
265
      0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d,
266
      0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
267
      0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b,
268
      0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
269
      0x00303030, 0x85919415, 0x45616425, 0x0c303c3c,
270
      0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
271
      0x0e020c0e, 0x40505010, 0x09313839, 0x06222426,
272
      0x02323032, 0x84808404, 0x49616829, 0x83939013,
273
      0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424,
274
      0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
275
      0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f,
276
      0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437 }
277
};
278
279
/* key schedule constants - golden ratio */
280
14
#define KC0 0x9e3779b9
281
#define KC1 0x3c6ef373
282
#define KC2 0x78dde6e6
283
#define KC3 0xf1bbcdcc
284
#define KC4 0xe3779b99
285
#define KC5 0xc6ef3733
286
#define KC6 0x8dde6e67
287
#define KC7 0x1bbcdccf
288
#define KC8 0x3779b99e
289
#define KC9 0x6ef3733c
290
#define KC10 0xdde6e678
291
#define KC11 0xbbcdccf1
292
#define KC12 0x779b99e3
293
#define KC13 0xef3733c6
294
#define KC14 0xde6e678d
295
#define KC15 0xbcdccf1b
296
297
void
298
SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
299
             SEED_KEY_SCHEDULE *ks)
300
7
{
301
7
    seed_word K0, K1, K2, K3;
302
7
    seed_word t0, t1;
303
304
7
    char2word(rawkey, K0);
305
7
    char2word(rawkey + 4, K1);
306
7
    char2word(rawkey + 8, K2);
307
7
    char2word(rawkey + 12, K3);
308
309
7
    t0 = (K0 + K2 - KC0);
310
7
    t1 = (K1 - K3 + KC0);
311
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[0]);
312
7
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC1);
313
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[2]);
314
7
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC2);
315
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[4]);
316
7
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC3);
317
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[6]);
318
7
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC4);
319
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[8]);
320
7
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC5);
321
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[10]);
322
7
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC6);
323
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[12]);
324
7
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC7);
325
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[14]);
326
7
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC8);
327
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[16]);
328
7
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC9);
329
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[18]);
330
7
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC10);
331
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[20]);
332
7
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC11);
333
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[22]);
334
7
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC12);
335
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[24]);
336
7
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC13);
337
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[26]);
338
7
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC14);
339
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[28]);
340
7
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC15);
341
7
    KEYUPDATE_TEMP(t0, t1, &ks->data[30]);
342
7
}
343
344
void
345
SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
346
             unsigned char d[SEED_BLOCK_SIZE],
347
             const SEED_KEY_SCHEDULE *ks)
348
0
{
349
0
    seed_word L0, L1, R0, R1;
350
0
    seed_word t0, t1;
351
352
0
    char2word(s, L0);
353
0
    char2word(s + 4, L1);
354
0
    char2word(s + 8, R0);
355
0
    char2word(s + 12, R1);
356
357
0
    E_SEED(t0, t1, L0, L1, R0, R1, 0);
358
0
    E_SEED(t0, t1, R0, R1, L0, L1, 2);
359
0
    E_SEED(t0, t1, L0, L1, R0, R1, 4);
360
0
    E_SEED(t0, t1, R0, R1, L0, L1, 6);
361
0
    E_SEED(t0, t1, L0, L1, R0, R1, 8);
362
0
    E_SEED(t0, t1, R0, R1, L0, L1, 10);
363
0
    E_SEED(t0, t1, L0, L1, R0, R1, 12);
364
0
    E_SEED(t0, t1, R0, R1, L0, L1, 14);
365
0
    E_SEED(t0, t1, L0, L1, R0, R1, 16);
366
0
    E_SEED(t0, t1, R0, R1, L0, L1, 18);
367
0
    E_SEED(t0, t1, L0, L1, R0, R1, 20);
368
0
    E_SEED(t0, t1, R0, R1, L0, L1, 22);
369
0
    E_SEED(t0, t1, L0, L1, R0, R1, 24);
370
0
    E_SEED(t0, t1, R0, R1, L0, L1, 26);
371
0
    E_SEED(t0, t1, L0, L1, R0, R1, 28);
372
0
    E_SEED(t0, t1, R0, R1, L0, L1, 30);
373
374
0
    word2char(R0, d);
375
0
    word2char(R1, d + 4);
376
0
    word2char(L0, d + 8);
377
0
    word2char(L1, d + 12);
378
0
}
379
380
void
381
SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
382
             unsigned char d[SEED_BLOCK_SIZE],
383
             const SEED_KEY_SCHEDULE *ks)
384
1
{
385
1
    seed_word L0, L1, R0, R1;
386
1
    seed_word t0, t1;
387
388
1
    char2word(s, L0);
389
1
    char2word(s + 4, L1);
390
1
    char2word(s + 8, R0);
391
1
    char2word(s + 12, R1);
392
393
1
    E_SEED(t0, t1, L0, L1, R0, R1, 30);
394
1
    E_SEED(t0, t1, R0, R1, L0, L1, 28);
395
1
    E_SEED(t0, t1, L0, L1, R0, R1, 26);
396
1
    E_SEED(t0, t1, R0, R1, L0, L1, 24);
397
1
    E_SEED(t0, t1, L0, L1, R0, R1, 22);
398
1
    E_SEED(t0, t1, R0, R1, L0, L1, 20);
399
1
    E_SEED(t0, t1, L0, L1, R0, R1, 18);
400
1
    E_SEED(t0, t1, R0, R1, L0, L1, 16);
401
1
    E_SEED(t0, t1, L0, L1, R0, R1, 14);
402
1
    E_SEED(t0, t1, R0, R1, L0, L1, 12);
403
1
    E_SEED(t0, t1, L0, L1, R0, R1, 10);
404
1
    E_SEED(t0, t1, R0, R1, L0, L1, 8);
405
1
    E_SEED(t0, t1, L0, L1, R0, R1, 6);
406
1
    E_SEED(t0, t1, R0, R1, L0, L1, 4);
407
1
    E_SEED(t0, t1, L0, L1, R0, R1, 2);
408
1
    E_SEED(t0, t1, R0, R1, L0, L1, 0);
409
410
1
    word2char(R0, d);
411
1
    word2char(R1, d + 4);
412
1
    word2char(L0, d + 8);
413
1
    word2char(L1, d + 12);
414
1
}
415
416
void
417
SEED_ecb_encrypt(const unsigned char *in,
418
                 unsigned char *out,
419
                 size_t inLen,
420
                 const SEED_KEY_SCHEDULE *ks, int enc)
421
0
{
422
0
    if (enc) {
423
0
        while (inLen > 0) {
424
0
            SEED_encrypt(in, out, ks);
425
0
            out += SEED_BLOCK_SIZE;
426
0
            in += SEED_BLOCK_SIZE;
427
0
            inLen -= SEED_BLOCK_SIZE;
428
0
        }
429
0
    } else {
430
0
        while (inLen > 0) {
431
0
            SEED_decrypt(in, out, ks);
432
0
            out += SEED_BLOCK_SIZE;
433
0
            in += SEED_BLOCK_SIZE;
434
0
            inLen -= SEED_BLOCK_SIZE;
435
0
        }
436
0
    }
437
0
}
438
439
void
440
SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
441
                 size_t len, const SEED_KEY_SCHEDULE *ks,
442
                 unsigned char ivec[SEED_BLOCK_SIZE], int enc)
443
1
{
444
1
    size_t n;
445
1
    unsigned char tmp[SEED_BLOCK_SIZE];
446
1
    const unsigned char *iv = ivec;
447
448
1
    if (enc) {
449
0
        while (len >= SEED_BLOCK_SIZE) {
450
0
            for (n = 0; n < SEED_BLOCK_SIZE; ++n) {
451
0
                out[n] = in[n] ^ iv[n];
452
0
            }
453
454
0
            SEED_encrypt(out, out, ks);
455
0
            iv = out;
456
0
            len -= SEED_BLOCK_SIZE;
457
0
            in += SEED_BLOCK_SIZE;
458
0
            out += SEED_BLOCK_SIZE;
459
0
        }
460
461
0
        if (len) {
462
0
            for (n = 0; n < len; ++n) {
463
0
                out[n] = in[n] ^ iv[n];
464
0
            }
465
466
0
            for (n = len; n < SEED_BLOCK_SIZE; ++n) {
467
0
                out[n] = iv[n];
468
0
            }
469
470
0
            SEED_encrypt(out, out, ks);
471
0
            iv = out;
472
0
        }
473
474
0
        memcpy(ivec, iv, SEED_BLOCK_SIZE);
475
1
    } else if (in != out) {
476
2
        while (len >= SEED_BLOCK_SIZE) {
477
1
            SEED_decrypt(in, out, ks);
478
479
17
            for (n = 0; n < SEED_BLOCK_SIZE; ++n) {
480
16
                out[n] ^= iv[n];
481
16
            }
482
483
1
            iv = in;
484
1
            len -= SEED_BLOCK_SIZE;
485
1
            in += SEED_BLOCK_SIZE;
486
1
            out += SEED_BLOCK_SIZE;
487
1
        }
488
489
1
        if (len) {
490
0
            SEED_decrypt(in, tmp, ks);
491
492
0
            for (n = 0; n < len; ++n) {
493
0
                out[n] = tmp[n] ^ iv[n];
494
0
            }
495
496
0
            iv = in;
497
0
        }
498
499
1
        memcpy(ivec, iv, SEED_BLOCK_SIZE);
500
1
    } else {
501
0
        while (len >= SEED_BLOCK_SIZE) {
502
0
            memcpy(tmp, in, SEED_BLOCK_SIZE);
503
0
            SEED_decrypt(in, out, ks);
504
505
0
            for (n = 0; n < SEED_BLOCK_SIZE; ++n) {
506
0
                out[n] ^= ivec[n];
507
0
            }
508
509
0
            memcpy(ivec, tmp, SEED_BLOCK_SIZE);
510
0
            len -= SEED_BLOCK_SIZE;
511
0
            in += SEED_BLOCK_SIZE;
512
0
            out += SEED_BLOCK_SIZE;
513
0
        }
514
515
0
        if (len) {
516
0
            memcpy(tmp, in, SEED_BLOCK_SIZE);
517
0
            SEED_decrypt(tmp, tmp, ks);
518
519
0
            for (n = 0; n < len; ++n) {
520
0
                out[n] = tmp[n] ^ ivec[n];
521
0
            }
522
523
0
            memcpy(ivec, tmp, SEED_BLOCK_SIZE);
524
0
        }
525
0
    }
526
1
}
527
528
SEEDContext *
529
SEED_AllocateContext(void)
530
0
{
531
0
    return PORT_ZNew(SEEDContext);
532
0
}
533
534
SECStatus
535
SEED_InitContext(SEEDContext *cx, const unsigned char *key,
536
                 unsigned int keylen, const unsigned char *iv,
537
                 int mode, unsigned int encrypt, unsigned int unused)
538
7
{
539
7
    if (!cx) {
540
0
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
541
0
        return SECFailure;
542
0
    }
543
544
7
    switch (mode) {
545
5
        case NSS_SEED:
546
5
            SEED_set_key(key, &cx->ks);
547
5
            cx->mode = NSS_SEED;
548
5
            cx->encrypt = encrypt;
549
5
            break;
550
551
2
        case NSS_SEED_CBC:
552
2
            memcpy(cx->iv, iv, 16);
553
2
            SEED_set_key(key, &cx->ks);
554
2
            cx->mode = NSS_SEED_CBC;
555
2
            cx->encrypt = encrypt;
556
2
            break;
557
558
0
        default:
559
0
            PORT_SetError(SEC_ERROR_INVALID_ARGS);
560
0
            return SECFailure;
561
7
    }
562
563
7
    return SECSuccess;
564
7
}
565
566
SEEDContext *
567
SEED_CreateContext(const unsigned char *key, const unsigned char *iv,
568
                   int mode, PRBool encrypt)
569
7
{
570
7
    SEEDContext *cx = PORT_ZNew(SEEDContext);
571
7
    SECStatus rv = SEED_InitContext(cx, key, SEED_KEY_LENGTH, iv, mode,
572
7
                                    encrypt, 0);
573
574
7
    if (rv != SECSuccess) {
575
0
        PORT_ZFree(cx, sizeof *cx);
576
0
        cx = NULL;
577
0
    }
578
579
7
    return cx;
580
7
}
581
582
void
583
SEED_DestroyContext(SEEDContext *cx, PRBool freeit)
584
7
{
585
7
    if (cx) {
586
7
        memset(cx, 0, sizeof *cx);
587
588
7
        if (freeit)
589
7
            PORT_Free(cx);
590
7
    }
591
7
}
592
593
SECStatus
594
SEED_Encrypt(SEEDContext *cx, unsigned char *out, unsigned int *outLen,
595
             unsigned int maxOutLen, const unsigned char *in,
596
             unsigned int inLen)
597
4
{
598
4
    if (!cx) {
599
0
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
600
0
        return SECFailure;
601
0
    }
602
603
4
    if ((inLen % SEED_BLOCK_SIZE) != 0 || maxOutLen < SEED_BLOCK_SIZE ||
604
4
        maxOutLen < inLen) {
605
4
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
606
4
        return SECFailure;
607
4
    }
608
609
0
    if (!cx->encrypt) {
610
0
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
611
0
        return SECFailure;
612
0
    }
613
614
0
    switch (cx->mode) {
615
0
        case NSS_SEED:
616
0
            SEED_ecb_encrypt(in, out, inLen, &cx->ks, 1);
617
0
            *outLen = inLen;
618
0
            break;
619
620
0
        case NSS_SEED_CBC:
621
0
            SEED_cbc_encrypt(in, out, inLen, &cx->ks, cx->iv, 1);
622
0
            *outLen = inLen;
623
0
            break;
624
625
0
        default:
626
0
            PORT_SetError(SEC_ERROR_INVALID_ARGS);
627
0
            return SECFailure;
628
0
    }
629
630
0
    return SECSuccess;
631
0
}
632
633
SECStatus
634
SEED_Decrypt(SEEDContext *cx, unsigned char *out, unsigned int *outLen,
635
             unsigned int maxOutLen, const unsigned char *in,
636
             unsigned int inLen)
637
3
{
638
3
    if (!cx) {
639
0
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
640
0
        return SECFailure;
641
0
    }
642
643
3
    if ((inLen % SEED_BLOCK_SIZE) != 0 || maxOutLen < SEED_BLOCK_SIZE ||
644
3
        maxOutLen < inLen) {
645
2
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
646
2
        return SECFailure;
647
2
    }
648
649
1
    if (cx->encrypt) {
650
0
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
651
0
        return SECFailure;
652
0
    }
653
654
1
    switch (cx->mode) {
655
0
        case NSS_SEED:
656
0
            SEED_ecb_encrypt(in, out, inLen, &cx->ks, 0);
657
0
            *outLen = inLen;
658
0
            break;
659
660
1
        case NSS_SEED_CBC:
661
1
            SEED_cbc_encrypt(in, out, inLen, &cx->ks, cx->iv, 0);
662
1
            *outLen = inLen;
663
1
            break;
664
665
0
        default:
666
0
            PORT_SetError(SEC_ERROR_INVALID_ARGS);
667
0
            return SECFailure;
668
1
    }
669
670
1
    return SECSuccess;
671
1
}