Coverage Report

Created: 2026-01-22 06:19

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/nss/lib/freebl/deprecated/seed.c
Line
Count
Source
1
/* This Source Code Form is subject to the terms of the Mozilla Public
2
 * License, v. 2.0. If a copy of the MPL was not distributed with this
3
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5
#ifdef FREEBL_NO_DEPEND
6
#include "../stubs.h"
7
#endif
8
9
#include <stdio.h>
10
#include <stdlib.h>
11
#include <string.h>
12
#include <stddef.h>
13
#ifdef WIN32
14
#include <memory.h>
15
#endif
16
17
#include "seed.h"
18
#include "secerr.h"
19
20
static const seed_word SS[4][256] = {
21
    { 0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0,
22
      0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
23
      0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c,
24
      0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
25
      0x28082028, 0x04444044, 0x20002020, 0x1d8d919c,
26
      0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314,
27
      0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378,
28
      0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec,
29
      0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8,
30
      0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074,
31
      0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354,
32
      0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100,
33
      0x24042024, 0x1c0c101c, 0x33437370, 0x18889098,
34
      0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8,
35
      0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380,
36
      0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8,
37
      0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8,
38
      0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c,
39
      0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078,
40
      0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4,
41
      0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140,
42
      0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008,
43
      0x1f0f131c, 0x19899198, 0x00000000, 0x19091118,
44
      0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0,
45
      0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324,
46
      0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8,
47
      0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c,
48
      0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208,
49
      0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4,
50
      0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064,
51
      0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218,
52
      0x06060204, 0x21012120, 0x2b4b6368, 0x26466264,
53
      0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288,
54
      0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0,
55
      0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4,
56
      0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc,
57
      0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac,
58
      0x36063234, 0x15051114, 0x22022220, 0x38083038,
59
      0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c,
60
      0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394,
61
      0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c,
62
      0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188,
63
      0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8,
64
      0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4,
65
      0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364,
66
      0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8,
67
      0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320,
68
      0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4,
69
      0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0,
70
      0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040,
71
      0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0,
72
      0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154,
73
      0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c,
74
      0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254,
75
      0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244,
76
      0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8,
77
      0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c,
78
      0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0,
79
      0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c,
80
      0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088,
81
      0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4,
82
      0x22426260, 0x29092128, 0x07070304, 0x33033330,
83
      0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178,
84
      0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298 },
85
    { 0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2,
86
      0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0,
87
      0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3,
88
      0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53,
89
      0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1,
90
      0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3,
91
      0xd013c3d3, 0x90118191, 0x10110111, 0x04060602,
92
      0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43,
93
      0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0,
94
      0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0,
95
      0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2,
96
      0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890,
97
      0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32,
98
      0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3,
99
      0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72,
100
      0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272,
101
      0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0,
102
      0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83,
103
      0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13,
104
      0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430,
105
      0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1,
106
      0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0,
107
      0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1,
108
      0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1,
109
      0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131,
110
      0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1,
111
      0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202,
112
      0x20220222, 0x04040400, 0x68284860, 0x70314171,
113
      0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991,
114
      0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951,
115
      0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0,
116
      0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0,
117
      0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12,
118
      0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3,
119
      0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2,
120
      0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41,
121
      0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32,
122
      0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62,
123
      0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292,
124
      0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0,
125
      0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571,
126
      0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303,
127
      0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470,
128
      0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901,
129
      0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040,
130
      0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501,
131
      0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22,
132
      0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343,
133
      0x84058581, 0x14140410, 0x88098981, 0x981b8b93,
134
      0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971,
135
      0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282,
136
      0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53,
137
      0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11,
138
      0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642,
139
      0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3,
140
      0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1,
141
      0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30,
142
      0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70,
143
      0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622,
144
      0x30320232, 0x84048480, 0x68294961, 0x90138393,
145
      0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0,
146
      0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783,
147
      0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83,
148
      0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3 },
149
    { 0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3,
150
      0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505,
151
      0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e,
152
      0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343,
153
      0x20282808, 0x40440444, 0x20202000, 0x919c1d8d,
154
      0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707,
155
      0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b,
156
      0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece,
157
      0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888,
158
      0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444,
159
      0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747,
160
      0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101,
161
      0x20242404, 0x101c1c0c, 0x73703343, 0x90981888,
162
      0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9,
163
      0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383,
164
      0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9,
165
      0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb,
166
      0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f,
167
      0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848,
168
      0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5,
169
      0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141,
170
      0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808,
171
      0x131c1f0f, 0x91981989, 0x00000000, 0x11181909,
172
      0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1,
173
      0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707,
174
      0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b,
175
      0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d,
176
      0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a,
177
      0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5,
178
      0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444,
179
      0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a,
180
      0x02040606, 0x21202101, 0x63682b4b, 0x62642646,
181
      0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a,
182
      0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0,
183
      0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5,
184
      0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf,
185
      0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e,
186
      0x32343606, 0x11141505, 0x22202202, 0x30383808,
187
      0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c,
188
      0x81800181, 0xe1e829c9, 0x80840484, 0x93941787,
189
      0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c,
190
      0x71703141, 0x11101101, 0xc3c407c7, 0x81880989,
191
      0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8,
192
      0x90941484, 0x51581949, 0x82800282, 0xc0c404c4,
193
      0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747,
194
      0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888,
195
      0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303,
196
      0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484,
197
      0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2,
198
      0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040,
199
      0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1,
200
      0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545,
201
      0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f,
202
      0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646,
203
      0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646,
204
      0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca,
205
      0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f,
206
      0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282,
207
      0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f,
208
      0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888,
209
      0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4,
210
      0x62602242, 0x21282909, 0x03040707, 0x33303303,
211
      0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949,
212
      0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a },
213
    { 0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426,
214
      0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
215
      0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407,
216
      0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
217
      0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435,
218
      0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
219
      0xc3d3d013, 0x81919011, 0x01111011, 0x06020406,
220
      0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
221
      0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828,
222
      0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
223
      0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416,
224
      0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
225
      0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e,
226
      0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
227
      0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a,
228
      0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
229
      0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000,
230
      0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
231
      0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f,
232
      0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
233
      0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829,
234
      0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
235
      0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405,
236
      0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
237
      0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031,
238
      0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
239
      0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002,
240
      0x02222022, 0x04000404, 0x48606828, 0x41717031,
241
      0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819,
242
      0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
243
      0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c,
244
      0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
245
      0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a,
246
      0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
247
      0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022,
248
      0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
249
      0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a,
250
      0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
251
      0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012,
252
      0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
253
      0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435,
254
      0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
255
      0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434,
256
      0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
257
      0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000,
258
      0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
259
      0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a,
260
      0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
261
      0x85818405, 0x04101414, 0x89818809, 0x8b93981b,
262
      0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
263
      0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002,
264
      0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
265
      0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d,
266
      0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
267
      0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b,
268
      0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
269
      0x00303030, 0x85919415, 0x45616425, 0x0c303c3c,
270
      0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
271
      0x0e020c0e, 0x40505010, 0x09313839, 0x06222426,
272
      0x02323032, 0x84808404, 0x49616829, 0x83939013,
273
      0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424,
274
      0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
275
      0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f,
276
      0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437 }
277
};
278
279
/* key schedule constants - golden ratio */
280
22.2k
#define KC0 0x9e3779b9
281
#define KC1 0x3c6ef373
282
#define KC2 0x78dde6e6
283
#define KC3 0xf1bbcdcc
284
#define KC4 0xe3779b99
285
#define KC5 0xc6ef3733
286
#define KC6 0x8dde6e67
287
#define KC7 0x1bbcdccf
288
#define KC8 0x3779b99e
289
#define KC9 0x6ef3733c
290
#define KC10 0xdde6e678
291
#define KC11 0xbbcdccf1
292
#define KC12 0x779b99e3
293
#define KC13 0xef3733c6
294
#define KC14 0xde6e678d
295
#define KC15 0xbcdccf1b
296
297
void
298
SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
299
             SEED_KEY_SCHEDULE *ks)
300
11.1k
{
301
11.1k
    seed_word K0, K1, K2, K3;
302
11.1k
    seed_word t0, t1;
303
304
11.1k
    char2word(rawkey, K0);
305
11.1k
    char2word(rawkey + 4, K1);
306
11.1k
    char2word(rawkey + 8, K2);
307
11.1k
    char2word(rawkey + 12, K3);
308
309
11.1k
    t0 = (K0 + K2 - KC0);
310
11.1k
    t1 = (K1 - K3 + KC0);
311
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[0]);
312
11.1k
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC1);
313
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[2]);
314
11.1k
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC2);
315
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[4]);
316
11.1k
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC3);
317
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[6]);
318
11.1k
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC4);
319
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[8]);
320
11.1k
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC5);
321
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[10]);
322
11.1k
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC6);
323
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[12]);
324
11.1k
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC7);
325
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[14]);
326
11.1k
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC8);
327
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[16]);
328
11.1k
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC9);
329
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[18]);
330
11.1k
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC10);
331
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[20]);
332
11.1k
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC11);
333
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[22]);
334
11.1k
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC12);
335
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[24]);
336
11.1k
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC13);
337
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[26]);
338
11.1k
    KEYSCHEDULE_UPDATE0(t0, t1, K0, K1, K2, K3, KC14);
339
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[28]);
340
11.1k
    KEYSCHEDULE_UPDATE1(t0, t1, K0, K1, K2, K3, KC15);
341
11.1k
    KEYUPDATE_TEMP(t0, t1, &ks->data[30]);
342
11.1k
}
343
344
void
345
SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
346
             unsigned char d[SEED_BLOCK_SIZE],
347
             const SEED_KEY_SCHEDULE *ks)
348
1.13k
{
349
1.13k
    seed_word L0, L1, R0, R1;
350
1.13k
    seed_word t0, t1;
351
352
1.13k
    char2word(s, L0);
353
1.13k
    char2word(s + 4, L1);
354
1.13k
    char2word(s + 8, R0);
355
1.13k
    char2word(s + 12, R1);
356
357
1.13k
    E_SEED(t0, t1, L0, L1, R0, R1, 0);
358
1.13k
    E_SEED(t0, t1, R0, R1, L0, L1, 2);
359
1.13k
    E_SEED(t0, t1, L0, L1, R0, R1, 4);
360
1.13k
    E_SEED(t0, t1, R0, R1, L0, L1, 6);
361
1.13k
    E_SEED(t0, t1, L0, L1, R0, R1, 8);
362
1.13k
    E_SEED(t0, t1, R0, R1, L0, L1, 10);
363
1.13k
    E_SEED(t0, t1, L0, L1, R0, R1, 12);
364
1.13k
    E_SEED(t0, t1, R0, R1, L0, L1, 14);
365
1.13k
    E_SEED(t0, t1, L0, L1, R0, R1, 16);
366
1.13k
    E_SEED(t0, t1, R0, R1, L0, L1, 18);
367
1.13k
    E_SEED(t0, t1, L0, L1, R0, R1, 20);
368
1.13k
    E_SEED(t0, t1, R0, R1, L0, L1, 22);
369
1.13k
    E_SEED(t0, t1, L0, L1, R0, R1, 24);
370
1.13k
    E_SEED(t0, t1, R0, R1, L0, L1, 26);
371
1.13k
    E_SEED(t0, t1, L0, L1, R0, R1, 28);
372
1.13k
    E_SEED(t0, t1, R0, R1, L0, L1, 30);
373
374
1.13k
    word2char(R0, d);
375
1.13k
    word2char(R1, d + 4);
376
1.13k
    word2char(L0, d + 8);
377
1.13k
    word2char(L1, d + 12);
378
1.13k
}
379
380
void
381
SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
382
             unsigned char d[SEED_BLOCK_SIZE],
383
             const SEED_KEY_SCHEDULE *ks)
384
29.0k
{
385
29.0k
    seed_word L0, L1, R0, R1;
386
29.0k
    seed_word t0, t1;
387
388
29.0k
    char2word(s, L0);
389
29.0k
    char2word(s + 4, L1);
390
29.0k
    char2word(s + 8, R0);
391
29.0k
    char2word(s + 12, R1);
392
393
29.0k
    E_SEED(t0, t1, L0, L1, R0, R1, 30);
394
29.0k
    E_SEED(t0, t1, R0, R1, L0, L1, 28);
395
29.0k
    E_SEED(t0, t1, L0, L1, R0, R1, 26);
396
29.0k
    E_SEED(t0, t1, R0, R1, L0, L1, 24);
397
29.0k
    E_SEED(t0, t1, L0, L1, R0, R1, 22);
398
29.0k
    E_SEED(t0, t1, R0, R1, L0, L1, 20);
399
29.0k
    E_SEED(t0, t1, L0, L1, R0, R1, 18);
400
29.0k
    E_SEED(t0, t1, R0, R1, L0, L1, 16);
401
29.0k
    E_SEED(t0, t1, L0, L1, R0, R1, 14);
402
29.0k
    E_SEED(t0, t1, R0, R1, L0, L1, 12);
403
29.0k
    E_SEED(t0, t1, L0, L1, R0, R1, 10);
404
29.0k
    E_SEED(t0, t1, R0, R1, L0, L1, 8);
405
29.0k
    E_SEED(t0, t1, L0, L1, R0, R1, 6);
406
29.0k
    E_SEED(t0, t1, R0, R1, L0, L1, 4);
407
29.0k
    E_SEED(t0, t1, L0, L1, R0, R1, 2);
408
29.0k
    E_SEED(t0, t1, R0, R1, L0, L1, 0);
409
410
29.0k
    word2char(R0, d);
411
29.0k
    word2char(R1, d + 4);
412
29.0k
    word2char(L0, d + 8);
413
29.0k
    word2char(L1, d + 12);
414
29.0k
}
415
416
void
417
SEED_ecb_encrypt(const unsigned char *in,
418
                 unsigned char *out,
419
                 size_t inLen,
420
                 const SEED_KEY_SCHEDULE *ks, int enc)
421
376
{
422
376
    if (enc) {
423
580
        while (inLen > 0) {
424
397
            SEED_encrypt(in, out, ks);
425
397
            out += SEED_BLOCK_SIZE;
426
397
            in += SEED_BLOCK_SIZE;
427
397
            inLen -= SEED_BLOCK_SIZE;
428
397
        }
429
193
    } else {
430
601
        while (inLen > 0) {
431
408
            SEED_decrypt(in, out, ks);
432
408
            out += SEED_BLOCK_SIZE;
433
408
            in += SEED_BLOCK_SIZE;
434
408
            inLen -= SEED_BLOCK_SIZE;
435
408
        }
436
193
    }
437
376
}
438
439
void
440
SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
441
                 size_t len, const SEED_KEY_SCHEDULE *ks,
442
                 unsigned char ivec[SEED_BLOCK_SIZE], int enc)
443
2.08k
{
444
2.08k
    size_t n;
445
2.08k
    unsigned char tmp[SEED_BLOCK_SIZE];
446
2.08k
    const unsigned char *iv = ivec;
447
448
2.08k
    if (enc) {
449
1.08k
        while (len >= SEED_BLOCK_SIZE) {
450
12.4k
            for (n = 0; n < SEED_BLOCK_SIZE; ++n) {
451
11.7k
                out[n] = in[n] ^ iv[n];
452
11.7k
            }
453
454
734
            SEED_encrypt(out, out, ks);
455
734
            iv = out;
456
734
            len -= SEED_BLOCK_SIZE;
457
734
            in += SEED_BLOCK_SIZE;
458
734
            out += SEED_BLOCK_SIZE;
459
734
        }
460
461
353
        if (len) {
462
0
            for (n = 0; n < len; ++n) {
463
0
                out[n] = in[n] ^ iv[n];
464
0
            }
465
466
0
            for (n = len; n < SEED_BLOCK_SIZE; ++n) {
467
0
                out[n] = iv[n];
468
0
            }
469
470
0
            SEED_encrypt(out, out, ks);
471
0
            iv = out;
472
0
        }
473
474
353
        memcpy(ivec, iv, SEED_BLOCK_SIZE);
475
1.72k
    } else if (in != out) {
476
30.3k
        while (len >= SEED_BLOCK_SIZE) {
477
28.6k
            SEED_decrypt(in, out, ks);
478
479
486k
            for (n = 0; n < SEED_BLOCK_SIZE; ++n) {
480
457k
                out[n] ^= iv[n];
481
457k
            }
482
483
28.6k
            iv = in;
484
28.6k
            len -= SEED_BLOCK_SIZE;
485
28.6k
            in += SEED_BLOCK_SIZE;
486
28.6k
            out += SEED_BLOCK_SIZE;
487
28.6k
        }
488
489
1.72k
        if (len) {
490
0
            SEED_decrypt(in, tmp, ks);
491
492
0
            for (n = 0; n < len; ++n) {
493
0
                out[n] = tmp[n] ^ iv[n];
494
0
            }
495
496
0
            iv = in;
497
0
        }
498
499
1.72k
        memcpy(ivec, iv, SEED_BLOCK_SIZE);
500
1.72k
    } else {
501
0
        while (len >= SEED_BLOCK_SIZE) {
502
0
            memcpy(tmp, in, SEED_BLOCK_SIZE);
503
0
            SEED_decrypt(in, out, ks);
504
505
0
            for (n = 0; n < SEED_BLOCK_SIZE; ++n) {
506
0
                out[n] ^= ivec[n];
507
0
            }
508
509
0
            memcpy(ivec, tmp, SEED_BLOCK_SIZE);
510
0
            len -= SEED_BLOCK_SIZE;
511
0
            in += SEED_BLOCK_SIZE;
512
0
            out += SEED_BLOCK_SIZE;
513
0
        }
514
515
0
        if (len) {
516
0
            memcpy(tmp, in, SEED_BLOCK_SIZE);
517
0
            SEED_decrypt(tmp, tmp, ks);
518
519
0
            for (n = 0; n < len; ++n) {
520
0
                out[n] = tmp[n] ^ ivec[n];
521
0
            }
522
523
0
            memcpy(ivec, tmp, SEED_BLOCK_SIZE);
524
0
        }
525
0
    }
526
2.08k
}
527
528
SEEDContext *
529
SEED_AllocateContext(void)
530
0
{
531
0
    return PORT_ZNew(SEEDContext);
532
0
}
533
534
SECStatus
535
SEED_InitContext(SEEDContext *cx, const unsigned char *key,
536
                 unsigned int keylen, const unsigned char *iv,
537
                 int mode, unsigned int encrypt, unsigned int unused)
538
11.1k
{
539
11.1k
    if (!cx) {
540
0
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
541
0
        return SECFailure;
542
0
    }
543
544
11.1k
    switch (mode) {
545
502
        case NSS_SEED:
546
502
            SEED_set_key(key, &cx->ks);
547
502
            cx->mode = NSS_SEED;
548
502
            cx->encrypt = encrypt;
549
502
            break;
550
551
10.6k
        case NSS_SEED_CBC:
552
10.6k
            memcpy(cx->iv, iv, 16);
553
10.6k
            SEED_set_key(key, &cx->ks);
554
10.6k
            cx->mode = NSS_SEED_CBC;
555
10.6k
            cx->encrypt = encrypt;
556
10.6k
            break;
557
558
0
        default:
559
0
            PORT_SetError(SEC_ERROR_INVALID_ARGS);
560
0
            return SECFailure;
561
11.1k
    }
562
563
11.1k
    return SECSuccess;
564
11.1k
}
565
566
SEEDContext *
567
SEED_CreateContext(const unsigned char *key, const unsigned char *iv,
568
                   int mode, PRBool encrypt)
569
11.1k
{
570
11.1k
    SEEDContext *cx = PORT_ZNew(SEEDContext);
571
11.1k
    SECStatus rv = SEED_InitContext(cx, key, SEED_KEY_LENGTH, iv, mode,
572
11.1k
                                    encrypt, 0);
573
574
11.1k
    if (rv != SECSuccess) {
575
0
        PORT_ZFree(cx, sizeof *cx);
576
0
        cx = NULL;
577
0
    }
578
579
11.1k
    return cx;
580
11.1k
}
581
582
void
583
SEED_DestroyContext(SEEDContext *cx, PRBool freeit)
584
11.1k
{
585
11.1k
    if (cx) {
586
11.1k
        memset(cx, 0, sizeof *cx);
587
588
11.1k
        if (freeit)
589
11.1k
            PORT_Free(cx);
590
11.1k
    }
591
11.1k
}
592
593
SECStatus
594
SEED_Encrypt(SEEDContext *cx, unsigned char *out, unsigned int *outLen,
595
             unsigned int maxOutLen, const unsigned char *in,
596
             unsigned int inLen)
597
640
{
598
640
    if (!cx) {
599
0
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
600
0
        return SECFailure;
601
0
    }
602
603
640
    if ((inLen % SEED_BLOCK_SIZE) != 0 || maxOutLen < SEED_BLOCK_SIZE ||
604
546
        maxOutLen < inLen) {
605
104
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
606
104
        return SECFailure;
607
104
    }
608
609
536
    if (!cx->encrypt) {
610
0
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
611
0
        return SECFailure;
612
0
    }
613
614
536
    switch (cx->mode) {
615
183
        case NSS_SEED:
616
183
            SEED_ecb_encrypt(in, out, inLen, &cx->ks, 1);
617
183
            *outLen = inLen;
618
183
            break;
619
620
353
        case NSS_SEED_CBC:
621
353
            SEED_cbc_encrypt(in, out, inLen, &cx->ks, cx->iv, 1);
622
353
            *outLen = inLen;
623
353
            break;
624
625
0
        default:
626
0
            PORT_SetError(SEC_ERROR_INVALID_ARGS);
627
0
            return SECFailure;
628
536
    }
629
630
536
    return SECSuccess;
631
536
}
632
633
SECStatus
634
SEED_Decrypt(SEEDContext *cx, unsigned char *out, unsigned int *outLen,
635
             unsigned int maxOutLen, const unsigned char *in,
636
             unsigned int inLen)
637
1.96k
{
638
1.96k
    if (!cx) {
639
0
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
640
0
        return SECFailure;
641
0
    }
642
643
1.96k
    if ((inLen % SEED_BLOCK_SIZE) != 0 || maxOutLen < SEED_BLOCK_SIZE ||
644
1.92k
        maxOutLen < inLen) {
645
42
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
646
42
        return SECFailure;
647
42
    }
648
649
1.92k
    if (cx->encrypt) {
650
0
        PORT_SetError(SEC_ERROR_INVALID_ARGS);
651
0
        return SECFailure;
652
0
    }
653
654
1.92k
    switch (cx->mode) {
655
193
        case NSS_SEED:
656
193
            SEED_ecb_encrypt(in, out, inLen, &cx->ks, 0);
657
193
            *outLen = inLen;
658
193
            break;
659
660
1.72k
        case NSS_SEED_CBC:
661
1.72k
            SEED_cbc_encrypt(in, out, inLen, &cx->ks, cx->iv, 0);
662
1.72k
            *outLen = inLen;
663
1.72k
            break;
664
665
0
        default:
666
0
            PORT_SetError(SEC_ERROR_INVALID_ARGS);
667
0
            return SECFailure;
668
1.92k
    }
669
670
1.92k
    return SECSuccess;
671
1.92k
}