/src/libressl/crypto/des/cfb_enc.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* $OpenBSD: cfb_enc.c,v 1.14 2021/11/09 18:40:21 bcook Exp $ */ |
2 | | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | | * All rights reserved. |
4 | | * |
5 | | * This package is an SSL implementation written |
6 | | * by Eric Young (eay@cryptsoft.com). |
7 | | * The implementation was written so as to conform with Netscapes SSL. |
8 | | * |
9 | | * This library is free for commercial and non-commercial use as long as |
10 | | * the following conditions are aheared to. The following conditions |
11 | | * apply to all code found in this distribution, be it the RC4, RSA, |
12 | | * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
13 | | * included with this distribution is covered by the same copyright terms |
14 | | * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
15 | | * |
16 | | * Copyright remains Eric Young's, and as such any Copyright notices in |
17 | | * the code are not to be removed. |
18 | | * If this package is used in a product, Eric Young should be given attribution |
19 | | * as the author of the parts of the library used. |
20 | | * This can be in the form of a textual message at program startup or |
21 | | * in documentation (online or textual) provided with the package. |
22 | | * |
23 | | * Redistribution and use in source and binary forms, with or without |
24 | | * modification, are permitted provided that the following conditions |
25 | | * are met: |
26 | | * 1. Redistributions of source code must retain the copyright |
27 | | * notice, this list of conditions and the following disclaimer. |
28 | | * 2. Redistributions in binary form must reproduce the above copyright |
29 | | * notice, this list of conditions and the following disclaimer in the |
30 | | * documentation and/or other materials provided with the distribution. |
31 | | * 3. All advertising materials mentioning features or use of this software |
32 | | * must display the following acknowledgement: |
33 | | * "This product includes cryptographic software written by |
34 | | * Eric Young (eay@cryptsoft.com)" |
35 | | * The word 'cryptographic' can be left out if the rouines from the library |
36 | | * being used are not cryptographic related :-). |
37 | | * 4. If you include any Windows specific code (or a derivative thereof) from |
38 | | * the apps directory (application code) you must include an acknowledgement: |
39 | | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
40 | | * |
41 | | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
42 | | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
43 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
44 | | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
45 | | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
46 | | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
47 | | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
48 | | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
49 | | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
50 | | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
51 | | * SUCH DAMAGE. |
52 | | * |
53 | | * The licence and distribution terms for any publically available version or |
54 | | * derivative of this code cannot be changed. i.e. this code cannot simply be |
55 | | * copied and put under another distribution licence |
56 | | * [including the GNU Public Licence.] |
57 | | */ |
58 | | |
59 | | #include "des_locl.h" |
60 | | #include <endian.h> |
61 | | |
62 | | /* The input and output are loaded in multiples of 8 bits. |
63 | | * What this means is that if you hame numbits=12 and length=2 |
64 | | * the first 12 bits will be retrieved from the first byte and half |
65 | | * the second. The second 12 bits will come from the 3rd and half the 4th |
66 | | * byte. |
67 | | */ |
68 | | /* Until Aug 1 2003 this function did not correctly implement CFB-r, so it |
69 | | * will not be compatible with any encryption prior to that date. Ben. */ |
70 | | void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, |
71 | | long length, DES_key_schedule *schedule, DES_cblock *ivec, |
72 | | int enc) |
73 | 231k | { |
74 | 231k | DES_LONG d0,d1,v0,v1; |
75 | 231k | unsigned long l=length; |
76 | 231k | int num=numbits/8,n=(numbits+7)/8,i,rem=numbits%8; |
77 | 231k | DES_LONG ti[2]; |
78 | 231k | unsigned char *iv; |
79 | | #if BYTE_ORDER != LITTLE_ENDIAN |
80 | | unsigned char ovec[16]; |
81 | | #else |
82 | 231k | unsigned int sh[4]; |
83 | 231k | unsigned char *ovec=(unsigned char *)sh; |
84 | 231k | #endif |
85 | | |
86 | 231k | if (numbits<=0 || numbits > 64) return; |
87 | 231k | iv = &(*ivec)[0]; |
88 | 231k | c2l(iv,v0); |
89 | 231k | c2l(iv,v1); |
90 | 231k | if (enc) |
91 | 231k | { |
92 | 462k | while (l >= (unsigned long)n) |
93 | 231k | { |
94 | 231k | l-=n; |
95 | 231k | ti[0]=v0; |
96 | 231k | ti[1]=v1; |
97 | 231k | DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT); |
98 | 231k | c2ln(in,d0,d1,n); |
99 | 231k | in+=n; |
100 | 231k | d0^=ti[0]; |
101 | 231k | d1^=ti[1]; |
102 | 231k | l2cn(d0,d1,out,n); |
103 | 231k | out+=n; |
104 | | /* 30-08-94 - eay - changed because l>>32 and |
105 | | * l<<32 are bad under gcc :-( */ |
106 | 231k | if (numbits == 32) |
107 | 0 | { v0=v1; v1=d0; } |
108 | 231k | else if (numbits == 64) |
109 | 0 | { v0=d0; v1=d1; } |
110 | 231k | else |
111 | 231k | { |
112 | | #if BYTE_ORDER != LITTLE_ENDIAN |
113 | | iv=&ovec[0]; |
114 | | l2c(v0,iv); |
115 | | l2c(v1,iv); |
116 | | l2c(d0,iv); |
117 | | l2c(d1,iv); |
118 | | #else |
119 | 231k | sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1; |
120 | 231k | #endif |
121 | 231k | if (rem==0) |
122 | 8.97k | memmove(ovec,ovec+num,8); |
123 | 222k | else |
124 | 1.99M | for(i=0 ; i < 8 ; ++i) |
125 | 1.77M | ovec[i]=ovec[i+num]<<rem | |
126 | 1.77M | ovec[i+num+1]>>(8-rem); |
127 | 231k | #if BYTE_ORDER == LITTLE_ENDIAN |
128 | 231k | v0=sh[0], v1=sh[1]; |
129 | | #else |
130 | | iv=&ovec[0]; |
131 | | c2l(iv,v0); |
132 | | c2l(iv,v1); |
133 | | #endif |
134 | 231k | } |
135 | 231k | } |
136 | 231k | } |
137 | 130 | else |
138 | 130 | { |
139 | 262 | while (l >= (unsigned long)n) |
140 | 132 | { |
141 | 132 | l-=n; |
142 | 132 | ti[0]=v0; |
143 | 132 | ti[1]=v1; |
144 | 132 | DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT); |
145 | 132 | c2ln(in,d0,d1,n); |
146 | 132 | in+=n; |
147 | | /* 30-08-94 - eay - changed because l>>32 and |
148 | | * l<<32 are bad under gcc :-( */ |
149 | 132 | if (numbits == 32) |
150 | 0 | { v0=v1; v1=d0; } |
151 | 132 | else if (numbits == 64) |
152 | 0 | { v0=d0; v1=d1; } |
153 | 132 | else |
154 | 132 | { |
155 | | #if BYTE_ORDER != LITTLE_ENDIAN |
156 | | iv=&ovec[0]; |
157 | | l2c(v0,iv); |
158 | | l2c(v1,iv); |
159 | | l2c(d0,iv); |
160 | | l2c(d1,iv); |
161 | | #else |
162 | 132 | sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1; |
163 | 132 | #endif |
164 | 132 | if (rem==0) |
165 | 4 | memmove(ovec,ovec+num,8); |
166 | 128 | else |
167 | 1.15k | for(i=0 ; i < 8 ; ++i) |
168 | 1.02k | ovec[i]=ovec[i+num]<<rem | |
169 | 1.02k | ovec[i+num+1]>>(8-rem); |
170 | 132 | #if BYTE_ORDER == LITTLE_ENDIAN |
171 | 132 | v0=sh[0], v1=sh[1]; |
172 | | #else |
173 | | iv=&ovec[0]; |
174 | | c2l(iv,v0); |
175 | | c2l(iv,v1); |
176 | | #endif |
177 | 132 | } |
178 | 132 | d0^=ti[0]; |
179 | 132 | d1^=ti[1]; |
180 | 132 | l2cn(d0,d1,out,n); |
181 | 132 | out+=n; |
182 | 132 | } |
183 | 130 | } |
184 | 231k | iv = &(*ivec)[0]; |
185 | 231k | l2c(v0,iv); |
186 | 231k | l2c(v1,iv); |
187 | 231k | v0=v1=d0=d1=ti[0]=ti[1]=0; |
188 | 231k | } |
189 | | |