/src/libressl/crypto/evp/e_des3.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* $OpenBSD: e_des3.c,v 1.20 2019/05/14 15:40:44 beck Exp $ */ |
2 | | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | | * All rights reserved. |
4 | | * |
5 | | * This package is an SSL implementation written |
6 | | * by Eric Young (eay@cryptsoft.com). |
7 | | * The implementation was written so as to conform with Netscapes SSL. |
8 | | * |
9 | | * This library is free for commercial and non-commercial use as long as |
10 | | * the following conditions are aheared to. The following conditions |
11 | | * apply to all code found in this distribution, be it the RC4, RSA, |
12 | | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
13 | | * included with this distribution is covered by the same copyright terms |
14 | | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
15 | | * |
16 | | * Copyright remains Eric Young's, and as such any Copyright notices in |
17 | | * the code are not to be removed. |
18 | | * If this package is used in a product, Eric Young should be given attribution |
19 | | * as the author of the parts of the library used. |
20 | | * This can be in the form of a textual message at program startup or |
21 | | * in documentation (online or textual) provided with the package. |
22 | | * |
23 | | * Redistribution and use in source and binary forms, with or without |
24 | | * modification, are permitted provided that the following conditions |
25 | | * are met: |
26 | | * 1. Redistributions of source code must retain the copyright |
27 | | * notice, this list of conditions and the following disclaimer. |
28 | | * 2. Redistributions in binary form must reproduce the above copyright |
29 | | * notice, this list of conditions and the following disclaimer in the |
30 | | * documentation and/or other materials provided with the distribution. |
31 | | * 3. All advertising materials mentioning features or use of this software |
32 | | * must display the following acknowledgement: |
33 | | * "This product includes cryptographic software written by |
34 | | * Eric Young (eay@cryptsoft.com)" |
35 | | * The word 'cryptographic' can be left out if the rouines from the library |
36 | | * being used are not cryptographic related :-). |
37 | | * 4. If you include any Windows specific code (or a derivative thereof) from |
38 | | * the apps directory (application code) you must include an acknowledgement: |
39 | | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
40 | | * |
41 | | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
42 | | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
43 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
44 | | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
45 | | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
46 | | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
47 | | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
48 | | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
49 | | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
50 | | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
51 | | * SUCH DAMAGE. |
52 | | * |
53 | | * The licence and distribution terms for any publically available version or |
54 | | * derivative of this code cannot be changed. i.e. this code cannot simply be |
55 | | * copied and put under another distribution licence |
56 | | * [including the GNU Public Licence.] |
57 | | */ |
58 | | |
59 | | #include <stdio.h> |
60 | | #include <string.h> |
61 | | |
62 | | #include <openssl/opensslconf.h> |
63 | | |
64 | | #ifndef OPENSSL_NO_DES |
65 | | |
66 | | #include <openssl/des.h> |
67 | | #include <openssl/evp.h> |
68 | | #include <openssl/objects.h> |
69 | | |
70 | | #include "evp_locl.h" |
71 | | |
72 | | static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
73 | | const unsigned char *iv, int enc); |
74 | | |
75 | | static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
76 | | const unsigned char *iv, int enc); |
77 | | |
78 | | static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); |
79 | | |
80 | | typedef struct { |
81 | | DES_key_schedule ks1;/* key schedule */ |
82 | | DES_key_schedule ks2;/* key schedule (for ede) */ |
83 | | DES_key_schedule ks3;/* key schedule (for ede3) */ |
84 | | } DES_EDE_KEY; |
85 | | |
86 | 0 | #define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data) |
87 | | |
88 | | /* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */ |
89 | | |
90 | | static int |
91 | | des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, |
92 | | const unsigned char *in, size_t inl) |
93 | 0 | { |
94 | 0 | BLOCK_CIPHER_ecb_loop() |
95 | 0 | DES_ecb3_encrypt((const_DES_cblock *)(in + i), (DES_cblock *)(out + i), |
96 | 0 | &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, ctx->encrypt); |
97 | 0 | return 1; |
98 | 0 | } |
99 | | |
100 | | static int |
101 | | des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, |
102 | | const unsigned char *in, size_t inl) |
103 | 0 | { |
104 | 0 | while (inl >= EVP_MAXCHUNK) { |
105 | 0 | DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, |
106 | 0 | &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, |
107 | 0 | (DES_cblock *)ctx->iv, &ctx->num); |
108 | 0 | inl -= EVP_MAXCHUNK; |
109 | 0 | in += EVP_MAXCHUNK; |
110 | 0 | out += EVP_MAXCHUNK; |
111 | 0 | } |
112 | 0 | if (inl) |
113 | 0 | DES_ede3_ofb64_encrypt(in, out, (long)inl, |
114 | 0 | &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, |
115 | 0 | (DES_cblock *)ctx->iv, &ctx->num); |
116 | |
|
117 | 0 | return 1; |
118 | 0 | } |
119 | | |
120 | | static int |
121 | | des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, |
122 | | const unsigned char *in, size_t inl) |
123 | 0 | { |
124 | 0 | while (inl >= EVP_MAXCHUNK) { |
125 | 0 | DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, |
126 | 0 | &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, |
127 | 0 | (DES_cblock *)ctx->iv, ctx->encrypt); |
128 | 0 | inl -= EVP_MAXCHUNK; |
129 | 0 | in += EVP_MAXCHUNK; |
130 | 0 | out += EVP_MAXCHUNK; |
131 | 0 | } |
132 | 0 | if (inl) |
133 | 0 | DES_ede3_cbc_encrypt(in, out, (long)inl, |
134 | 0 | &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, |
135 | 0 | (DES_cblock *)ctx->iv, ctx->encrypt); |
136 | 0 | return 1; |
137 | 0 | } |
138 | | |
139 | | static int |
140 | | des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, |
141 | | const unsigned char *in, size_t inl) |
142 | 0 | { |
143 | 0 | while (inl >= EVP_MAXCHUNK) { |
144 | 0 | DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, |
145 | 0 | &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, |
146 | 0 | (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); |
147 | 0 | inl -= EVP_MAXCHUNK; |
148 | 0 | in += EVP_MAXCHUNK; |
149 | 0 | out += EVP_MAXCHUNK; |
150 | 0 | } |
151 | 0 | if (inl) |
152 | 0 | DES_ede3_cfb64_encrypt(in, out, (long)inl, |
153 | 0 | &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, |
154 | 0 | (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt); |
155 | 0 | return 1; |
156 | 0 | } |
157 | | |
158 | | /* Although we have a CFB-r implementation for 3-DES, it doesn't pack the right |
159 | | way, so wrap it here */ |
160 | | static int |
161 | | des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, |
162 | | const unsigned char *in, size_t inl) |
163 | 0 | { |
164 | 0 | size_t n; |
165 | 0 | unsigned char c[1], d[1]; |
166 | 0 | if (!(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS)) |
167 | 0 | inl *= 8; |
168 | |
|
169 | 0 | for (n = 0; n < inl; ++n) { |
170 | 0 | c[0] = (in[n/8]&(1 << (7 - n % 8))) ? 0x80 : 0; |
171 | 0 | DES_ede3_cfb_encrypt(c, d, 1, 1, |
172 | 0 | &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, |
173 | 0 | (DES_cblock *)ctx->iv, ctx->encrypt); |
174 | 0 | out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) | |
175 | 0 | ((d[0] & 0x80) >> (unsigned int)(n % 8)); |
176 | 0 | } |
177 | |
|
178 | 0 | return 1; |
179 | 0 | } |
180 | | |
181 | | static int |
182 | | des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, |
183 | | const unsigned char *in, size_t inl) |
184 | 0 | { |
185 | 0 | while (inl >= EVP_MAXCHUNK) { |
186 | 0 | DES_ede3_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK, |
187 | 0 | &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, |
188 | 0 | (DES_cblock *)ctx->iv, ctx->encrypt); |
189 | 0 | inl -= EVP_MAXCHUNK; |
190 | 0 | in += EVP_MAXCHUNK; |
191 | 0 | out += EVP_MAXCHUNK; |
192 | 0 | } |
193 | 0 | if (inl) |
194 | 0 | DES_ede3_cfb_encrypt(in, out, 8, (long)inl, |
195 | 0 | &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, |
196 | 0 | (DES_cblock *)ctx->iv, ctx->encrypt); |
197 | 0 | return 1; |
198 | 0 | } |
199 | | |
200 | | BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, |
201 | | EVP_CIPH_RAND_KEY, des_ede_init_key, NULL, |
202 | | EVP_CIPHER_set_asn1_iv, |
203 | | EVP_CIPHER_get_asn1_iv, |
204 | | des3_ctrl) |
205 | | |
206 | | #define des_ede3_cfb64_cipher des_ede_cfb64_cipher |
207 | | #define des_ede3_ofb_cipher des_ede_ofb_cipher |
208 | | #define des_ede3_cbc_cipher des_ede_cbc_cipher |
209 | | #define des_ede3_ecb_cipher des_ede_ecb_cipher |
210 | | |
211 | | BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, |
212 | | EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL, |
213 | | EVP_CIPHER_set_asn1_iv, |
214 | | EVP_CIPHER_get_asn1_iv, |
215 | | des3_ctrl) |
216 | | |
217 | | BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1, |
218 | | EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL, |
219 | | EVP_CIPHER_set_asn1_iv, |
220 | | EVP_CIPHER_get_asn1_iv, |
221 | | des3_ctrl) |
222 | | |
223 | | BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8, |
224 | | EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL, |
225 | | EVP_CIPHER_set_asn1_iv, |
226 | | EVP_CIPHER_get_asn1_iv, |
227 | | des3_ctrl) |
228 | | |
229 | | static int |
230 | | des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
231 | | const unsigned char *iv, int enc) |
232 | 0 | { |
233 | 0 | DES_cblock *deskey = (DES_cblock *)key; |
234 | |
|
235 | 0 | DES_set_key_unchecked(&deskey[0], &data(ctx)->ks1); |
236 | 0 | DES_set_key_unchecked(&deskey[1], &data(ctx)->ks2); |
237 | 0 | memcpy(&data(ctx)->ks3, &data(ctx)->ks1, |
238 | 0 | sizeof(data(ctx)->ks1)); |
239 | 0 | return 1; |
240 | 0 | } |
241 | | |
242 | | static int |
243 | | des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
244 | | const unsigned char *iv, int enc) |
245 | 0 | { |
246 | 0 | DES_cblock *deskey = (DES_cblock *)key; |
247 | | |
248 | |
|
249 | 0 | DES_set_key_unchecked(&deskey[0], &data(ctx)->ks1); |
250 | 0 | DES_set_key_unchecked(&deskey[1], &data(ctx)->ks2); |
251 | 0 | DES_set_key_unchecked(&deskey[2], &data(ctx)->ks3); |
252 | 0 | return 1; |
253 | 0 | } |
254 | | |
255 | | static int |
256 | | des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) |
257 | 0 | { |
258 | 0 | DES_cblock *deskey = ptr; |
259 | |
|
260 | 0 | switch (type) { |
261 | 0 | case EVP_CTRL_RAND_KEY: |
262 | 0 | if (DES_random_key(deskey) == 0) |
263 | 0 | return 0; |
264 | 0 | if (c->key_len >= 16 && DES_random_key(deskey + 1) == 0) |
265 | 0 | return 0; |
266 | 0 | if (c->key_len >= 24 && DES_random_key(deskey + 2) == 0) |
267 | 0 | return 0; |
268 | 0 | return 1; |
269 | | |
270 | 0 | default: |
271 | 0 | return -1; |
272 | 0 | } |
273 | 0 | } |
274 | | |
275 | | const EVP_CIPHER * |
276 | | EVP_des_ede(void) |
277 | 2 | { |
278 | 2 | return &des_ede_ecb; |
279 | 2 | } |
280 | | |
281 | | const EVP_CIPHER * |
282 | | EVP_des_ede3(void) |
283 | 2 | { |
284 | 2 | return &des_ede3_ecb; |
285 | 2 | } |
286 | | #endif |