summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2024-08-31 15:56:09 +0000
committerjsing <>2024-08-31 15:56:09 +0000
commitf9b9e21742d3301ba7b9599b7dce4b24758771df (patch)
tree5be74158601e3b85e402eb7beaf58bd8a48fccb6
parent3c39830fa152936fa313a77ccae2d45e94a01253 (diff)
downloadopenbsd-f9b9e21742d3301ba7b9599b7dce4b24758771df.tar.gz
openbsd-f9b9e21742d3301ba7b9599b7dce4b24758771df.tar.bz2
openbsd-f9b9e21742d3301ba7b9599b7dce4b24758771df.zip
Combine DES code into a smaller set of files.
Discussed with tb@
Diffstat
-rw-r--r--src/lib/libcrypto/Makefile23
-rw-r--r--src/lib/libcrypto/des/cbc_cksm.c106
-rw-r--r--src/lib/libcrypto/des/cbc_enc.c131
-rw-r--r--src/lib/libcrypto/des/cfb64ede.c242
-rw-r--r--src/lib/libcrypto/des/cfb64enc.c123
-rw-r--r--src/lib/libcrypto/des/cfb_enc.c190
-rw-r--r--src/lib/libcrypto/des/des.c1022
-rw-r--r--src/lib/libcrypto/des/des_cksum.c (renamed from src/lib/libcrypto/des/qud_cksm.c)49
-rw-r--r--src/lib/libcrypto/des/des_fcrypt.c (renamed from src/lib/libcrypto/des/fcrypt.c)2
-rw-r--r--src/lib/libcrypto/des/des_key.c (renamed from src/lib/libcrypto/des/set_key.c)110
-rw-r--r--src/lib/libcrypto/des/ecb3_enc.c85
-rw-r--r--src/lib/libcrypto/des/ecb_enc.c83
-rw-r--r--src/lib/libcrypto/des/ede_cbcm_enc.c190
-rw-r--r--src/lib/libcrypto/des/ofb64ede.c113
-rw-r--r--src/lib/libcrypto/des/ofb64enc.c110
-rw-r--r--src/lib/libcrypto/des/ofb_enc.c134
-rw-r--r--src/lib/libcrypto/des/pcbc_enc.c117
-rw-r--r--src/lib/libcrypto/des/str2key.c168
-rw-r--r--src/lib/libcrypto/des/xcbc_enc.c154
19 files changed, 1185 insertions, 1967 deletions
diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile
index 2b8fe88fcf..dfbb38b845 100644
--- a/src/lib/libcrypto/Makefile
+++ b/src/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.210 2024/08/31 15:39:33 jsing Exp $ 1# $OpenBSD: Makefile,v 1.211 2024/08/31 15:56:09 jsing Exp $
2 2
3LIB= crypto 3LIB= crypto
4LIBREBUILD=y 4LIBREBUILD=y
@@ -251,24 +251,11 @@ SRCS+= curve25519-generic.c
251SRCS+= curve25519.c 251SRCS+= curve25519.c
252 252
253# des/ 253# des/
254SRCS+= cbc_cksm.c 254SRCS+= des.c
255SRCS+= cbc_enc.c 255SRCS+= des_cksum.c
256SRCS+= cfb64ede.c
257SRCS+= cfb64enc.c
258SRCS+= cfb_enc.c
259SRCS+= des_enc.c 256SRCS+= des_enc.c
260SRCS+= ecb3_enc.c 257SRCS+= des_fcrypt.c
261SRCS+= ecb_enc.c 258SRCS+= des_key.c
262SRCS+= ede_cbcm_enc.c
263SRCS+= fcrypt.c
264SRCS+= ofb64ede.c
265SRCS+= ofb64enc.c
266SRCS+= ofb_enc.c
267SRCS+= pcbc_enc.c
268SRCS+= qud_cksm.c
269SRCS+= set_key.c
270SRCS+= str2key.c
271SRCS+= xcbc_enc.c
272 259
273# dh/ 260# dh/
274SRCS+= dh_ameth.c 261SRCS+= dh_ameth.c
diff --git a/src/lib/libcrypto/des/cbc_cksm.c b/src/lib/libcrypto/des/cbc_cksm.c
deleted file mode 100644
index acb0bac110..0000000000
--- a/src/lib/libcrypto/des/cbc_cksm.c
+++ /dev/null
@@ -1,106 +0,0 @@
1/* $OpenBSD: cbc_cksm.c,v 1.11 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60
61DES_LONG
62DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
63 long length, DES_key_schedule *schedule,
64 const_DES_cblock *ivec)
65{
66 DES_LONG tout0, tout1, tin0, tin1;
67 long l = length;
68 DES_LONG tin[2];
69 unsigned char *out = &(*output)[0];
70 const unsigned char *iv = &(*ivec)[0];
71
72 c2l(iv, tout0);
73 c2l(iv, tout1);
74 for (; l > 0; l -= 8) {
75 if (l >= 8) {
76 c2l(in, tin0);
77 c2l(in, tin1);
78 } else
79 c2ln(in, tin0, tin1, l);
80
81 tin0 ^= tout0;
82 tin[0] = tin0;
83 tin1 ^= tout1;
84 tin[1] = tin1;
85 DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
86 /* fix 15/10/91 eay - thanks to keithr@sco.COM */
87 tout0 = tin[0];
88 tout1 = tin[1];
89 }
90 if (out != NULL) {
91 l2c(tout0, out);
92 l2c(tout1, out);
93 }
94 tout0 = tin0 = tin1 = tin[0] = tin[1] = 0;
95 /*
96 Transform the data in tout1 so that it will
97 match the return value that the MIT Kerberos
98 mit_des_cbc_cksum API returns.
99 */
100 tout1 = ((tout1 >> 24L) & 0x000000FF) |
101 ((tout1 >> 8L) & 0x0000FF00) |
102 ((tout1 << 8L) & 0x00FF0000) |
103 ((tout1 << 24L) & 0xFF000000);
104 return (tout1);
105}
106LCRYPTO_ALIAS(DES_cbc_cksum);
diff --git a/src/lib/libcrypto/des/cbc_enc.c b/src/lib/libcrypto/des/cbc_enc.c
deleted file mode 100644
index 1f11cc3600..0000000000
--- a/src/lib/libcrypto/des/cbc_enc.c
+++ /dev/null
@@ -1,131 +0,0 @@
1/* $OpenBSD: cbc_enc.c,v 1.5 2024/08/31 14:25:04 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60
61void
62DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
63 DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
64{
65 DES_LONG tin0, tin1;
66 DES_LONG tout0, tout1, xor0, xor1;
67 long l = length;
68 DES_LONG tin[2];
69 unsigned char *iv;
70
71 iv = &(*ivec)[0];
72
73 if (enc) {
74 c2l(iv, tout0);
75 c2l(iv, tout1);
76 for (l -= 8; l >= 0; l -= 8) {
77 c2l(in, tin0);
78 c2l(in, tin1);
79 tin0 ^= tout0;
80 tin[0] = tin0;
81 tin1 ^= tout1;
82 tin[1] = tin1;
83 DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
84 tout0 = tin[0];
85 l2c(tout0, out);
86 tout1 = tin[1];
87 l2c(tout1, out);
88 }
89 if (l != -8) {
90 c2ln(in, tin0, tin1, l + 8);
91 tin0 ^= tout0;
92 tin[0] = tin0;
93 tin1 ^= tout1;
94 tin[1] = tin1;
95 DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
96 tout0 = tin[0];
97 l2c(tout0, out);
98 tout1 = tin[1];
99 l2c(tout1, out);
100 }
101 } else {
102 c2l(iv, xor0);
103 c2l(iv, xor1);
104 for (l -= 8; l >= 0; l -= 8) {
105 c2l(in, tin0);
106 tin[0] = tin0;
107 c2l(in, tin1);
108 tin[1] = tin1;
109 DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
110 tout0 = tin[0] ^ xor0;
111 tout1 = tin[1] ^ xor1;
112 l2c(tout0, out);
113 l2c(tout1, out);
114 xor0 = tin0;
115 xor1 = tin1;
116 }
117 if (l != -8) {
118 c2l(in, tin0);
119 tin[0] = tin0;
120 c2l(in, tin1);
121 tin[1] = tin1;
122 DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
123 tout0 = tin[0] ^ xor0;
124 tout1 = tin[1] ^ xor1;
125 l2cn(tout0, tout1, out, l + 8);
126 }
127 }
128 tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
129 tin[0] = tin[1] = 0;
130}
131LCRYPTO_ALIAS(DES_cbc_encrypt);
diff --git a/src/lib/libcrypto/des/cfb64ede.c b/src/lib/libcrypto/des/cfb64ede.c
deleted file mode 100644
index 69a6c25408..0000000000
--- a/src/lib/libcrypto/des/cfb64ede.c
+++ /dev/null
@@ -1,242 +0,0 @@
1/* $OpenBSD: cfb64ede.c,v 1.13 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60
61/* The input and output encrypted as though 64bit cfb mode is being
62 * used. The extra state information to record how much of the
63 * 64bit block we have used is contained in *num;
64 */
65
66void
67DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
68 long length, DES_key_schedule *ks1,
69 DES_key_schedule *ks2, DES_key_schedule *ks3,
70 DES_cblock *ivec, int *num, int enc)
71{
72 DES_LONG v0, v1;
73 long l = length;
74 int n = *num;
75 DES_LONG ti[2];
76 unsigned char *iv, c, cc;
77
78 iv = &(*ivec)[0];
79 if (enc) {
80 while (l--) {
81 if (n == 0) {
82 c2l(iv, v0);
83 c2l(iv, v1);
84
85 ti[0] = v0;
86 ti[1] = v1;
87 DES_encrypt3(ti, ks1, ks2, ks3);
88 v0 = ti[0];
89 v1 = ti[1];
90
91 iv = &(*ivec)[0];
92 l2c(v0, iv);
93 l2c(v1, iv);
94 iv = &(*ivec)[0];
95 }
96 c = *(in++) ^ iv[n];
97 *(out++) = c;
98 iv[n] = c;
99 n = (n + 1) & 0x07;
100 }
101 } else {
102 while (l--) {
103 if (n == 0) {
104 c2l(iv, v0);
105 c2l(iv, v1);
106
107 ti[0] = v0;
108 ti[1] = v1;
109 DES_encrypt3(ti, ks1, ks2, ks3);
110 v0 = ti[0];
111 v1 = ti[1];
112
113 iv = &(*ivec)[0];
114 l2c(v0, iv);
115 l2c(v1, iv);
116 iv = &(*ivec)[0];
117 }
118 cc = *(in++);
119 c = iv[n];
120 iv[n] = cc;
121 *(out++) = c ^ cc;
122 n = (n + 1) & 0x07;
123 }
124 }
125 v0 = v1 = ti[0] = ti[1] = c = cc = 0;
126 *num = n;
127}
128LCRYPTO_ALIAS(DES_ede3_cfb64_encrypt);
129
130/* This is compatible with the single key CFB-r for DES, even thought that's
131 * not what EVP needs.
132 */
133
134void
135DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
136 int numbits, long length, DES_key_schedule *ks1,
137 DES_key_schedule *ks2, DES_key_schedule *ks3,
138 DES_cblock *ivec, int enc)
139{
140 DES_LONG d0, d1, v0, v1;
141 unsigned long l = length, n = ((unsigned int)numbits + 7)/8;
142 int num = numbits, i;
143 DES_LONG ti[2];
144 unsigned char *iv;
145 unsigned char ovec[16];
146
147 if (num > 64)
148 return;
149 iv = &(*ivec)[0];
150 c2l(iv, v0);
151 c2l(iv, v1);
152 if (enc) {
153 while (l >= n) {
154 l -= n;
155 ti[0] = v0;
156 ti[1] = v1;
157 DES_encrypt3(ti, ks1, ks2, ks3);
158 c2ln(in, d0, d1, n);
159 in += n;
160 d0 ^= ti[0];
161 d1 ^= ti[1];
162 l2cn(d0, d1, out, n);
163 out += n;
164 /* 30-08-94 - eay - changed because l>>32 and
165 * l<<32 are bad under gcc :-( */
166 if (num == 32) {
167 v0 = v1;
168 v1 = d0;
169 } else if (num == 64) {
170 v0 = d0;
171 v1 = d1;
172 } else {
173 iv = &ovec[0];
174 l2c(v0, iv);
175 l2c(v1, iv);
176 l2c(d0, iv);
177 l2c(d1, iv);
178 /* shift ovec left most of the bits... */
179 memmove(ovec, ovec + num/8,
180 8 + (num % 8 ? 1 : 0));
181 /* now the remaining bits */
182 if (num % 8 != 0) {
183 for (i = 0; i < 8; ++i) {
184 ovec[i] <<= num % 8;
185 ovec[i] |= ovec[i + 1] >>
186 (8 - num % 8);
187 }
188 }
189 iv = &ovec[0];
190 c2l(iv, v0);
191 c2l(iv, v1);
192 }
193 }
194 } else {
195 while (l >= n) {
196 l -= n;
197 ti[0] = v0;
198 ti[1] = v1;
199 DES_encrypt3(ti, ks1, ks2, ks3);
200 c2ln(in, d0, d1, n);
201 in += n;
202 /* 30-08-94 - eay - changed because l>>32 and
203 * l<<32 are bad under gcc :-( */
204 if (num == 32) {
205 v0 = v1;
206 v1 = d0;
207 } else if (num == 64) {
208 v0 = d0;
209 v1 = d1;
210 } else {
211 iv = &ovec[0];
212 l2c(v0, iv);
213 l2c(v1, iv);
214 l2c(d0, iv);
215 l2c(d1, iv);
216 /* shift ovec left most of the bits... */
217 memmove(ovec, ovec + num/8,
218 8 + (num % 8 ? 1 : 0));
219 /* now the remaining bits */
220 if (num % 8 != 0) {
221 for (i = 0; i < 8; ++i) {
222 ovec[i] <<= num % 8;
223 ovec[i] |= ovec[i + 1] >>
224 (8 - num % 8);
225 }
226 }
227 iv = &ovec[0];
228 c2l(iv, v0);
229 c2l(iv, v1);
230 }
231 d0 ^= ti[0];
232 d1 ^= ti[1];
233 l2cn(d0, d1, out, n);
234 out += n;
235 }
236 }
237 iv = &(*ivec)[0];
238 l2c(v0, iv);
239 l2c(v1, iv);
240 v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
241}
242LCRYPTO_ALIAS(DES_ede3_cfb_encrypt);
diff --git a/src/lib/libcrypto/des/cfb64enc.c b/src/lib/libcrypto/des/cfb64enc.c
deleted file mode 100644
index d2d0dadf11..0000000000
--- a/src/lib/libcrypto/des/cfb64enc.c
+++ /dev/null
@@ -1,123 +0,0 @@
1/* $OpenBSD: cfb64enc.c,v 1.9 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60
61/* The input and output encrypted as though 64bit cfb mode is being
62 * used. The extra state information to record how much of the
63 * 64bit block we have used is contained in *num;
64 */
65
66void
67DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
68 long length, DES_key_schedule *schedule,
69 DES_cblock *ivec, int *num, int enc)
70{
71 DES_LONG v0, v1;
72 long l = length;
73 int n = *num;
74 DES_LONG ti[2];
75 unsigned char *iv, c, cc;
76
77 iv = &(*ivec)[0];
78 if (enc) {
79 while (l--) {
80 if (n == 0) {
81 c2l(iv, v0);
82 ti[0] = v0;
83 c2l(iv, v1);
84 ti[1] = v1;
85 DES_encrypt1(ti, schedule, DES_ENCRYPT);
86 iv = &(*ivec)[0];
87 v0 = ti[0];
88 l2c(v0, iv);
89 v0 = ti[1];
90 l2c(v0, iv);
91 iv = &(*ivec)[0];
92 }
93 c = *(in++) ^ iv[n];
94 *(out++) = c;
95 iv[n] = c;
96 n = (n + 1) & 0x07;
97 }
98 } else {
99 while (l--) {
100 if (n == 0) {
101 c2l(iv, v0);
102 ti[0] = v0;
103 c2l(iv, v1);
104 ti[1] = v1;
105 DES_encrypt1(ti, schedule, DES_ENCRYPT);
106 iv = &(*ivec)[0];
107 v0 = ti[0];
108 l2c(v0, iv);
109 v0 = ti[1];
110 l2c(v0, iv);
111 iv = &(*ivec)[0];
112 }
113 cc = *(in++);
114 c = iv[n];
115 iv[n] = cc;
116 *(out++) = c ^ cc;
117 n = (n + 1) & 0x07;
118 }
119 }
120 v0 = v1 = ti[0] = ti[1] = c = cc = 0;
121 *num = n;
122}
123LCRYPTO_ALIAS(DES_cfb64_encrypt);
diff --git a/src/lib/libcrypto/des/cfb_enc.c b/src/lib/libcrypto/des/cfb_enc.c
deleted file mode 100644
index ae41c9d079..0000000000
--- a/src/lib/libcrypto/des/cfb_enc.c
+++ /dev/null
@@ -1,190 +0,0 @@
1/* $OpenBSD: cfb_enc.c,v 1.17 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60#include <endian.h>
61
62/* The input and output are loaded in multiples of 8 bits.
63 * What this means is that if you hame numbits=12 and length=2
64 * the first 12 bits will be retrieved from the first byte and half
65 * the second. The second 12 bits will come from the 3rd and half the 4th
66 * byte.
67 */
68/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
69 * will not be compatible with any encryption prior to that date. Ben. */
70void
71DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
72 long length, DES_key_schedule *schedule, DES_cblock *ivec,
73 int enc)
74{
75 DES_LONG d0, d1, v0, v1;
76 unsigned long l = length;
77 int num = numbits/8, n = (numbits + 7)/8, i, rem = numbits % 8;
78 DES_LONG ti[2];
79 unsigned char *iv;
80#if BYTE_ORDER != LITTLE_ENDIAN
81 unsigned char ovec[16];
82#else
83 unsigned int sh[4];
84 unsigned char *ovec = (unsigned char *)sh;
85#endif
86
87 if (numbits <= 0 || numbits > 64)
88 return;
89 iv = &(*ivec)[0];
90 c2l(iv, v0);
91 c2l(iv, v1);
92 if (enc) {
93 while (l >= (unsigned long)n) {
94 l -= n;
95 ti[0] = v0;
96 ti[1] = v1;
97 DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
98 c2ln(in, d0, d1, n);
99 in += n;
100 d0 ^= ti[0];
101 d1 ^= ti[1];
102 l2cn(d0, d1, out, n);
103 out += n;
104 /* 30-08-94 - eay - changed because l>>32 and
105 * l<<32 are bad under gcc :-( */
106 if (numbits == 32) {
107 v0 = v1;
108 v1 = d0;
109 } else if (numbits == 64) {
110 v0 = d0;
111 v1 = d1;
112 } else {
113#if BYTE_ORDER != LITTLE_ENDIAN
114 iv = &ovec[0];
115 l2c(v0, iv);
116 l2c(v1, iv);
117 l2c(d0, iv);
118 l2c(d1, iv);
119#else
120 sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
121#endif
122 if (rem == 0)
123 memmove(ovec, ovec + num, 8);
124 else
125 for (i = 0; i < 8; ++i)
126 ovec[i] = ovec[i + num] << rem |
127 ovec[i + num + 1] >> (8 -
128 rem);
129#if BYTE_ORDER == LITTLE_ENDIAN
130 v0 = sh[0], v1 = sh[1];
131#else
132 iv = &ovec[0];
133 c2l(iv, v0);
134 c2l(iv, v1);
135#endif
136 }
137 }
138 } else {
139 while (l >= (unsigned long)n) {
140 l -= n;
141 ti[0] = v0;
142 ti[1] = v1;
143 DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
144 c2ln(in, d0, d1, n);
145 in += n;
146 /* 30-08-94 - eay - changed because l>>32 and
147 * l<<32 are bad under gcc :-( */
148 if (numbits == 32) {
149 v0 = v1;
150 v1 = d0;
151 } else if (numbits == 64) {
152 v0 = d0;
153 v1 = d1;
154 } else {
155#if BYTE_ORDER != LITTLE_ENDIAN
156 iv = &ovec[0];
157 l2c(v0, iv);
158 l2c(v1, iv);
159 l2c(d0, iv);
160 l2c(d1, iv);
161#else
162 sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
163#endif
164 if (rem == 0)
165 memmove(ovec, ovec + num, 8);
166 else
167 for (i = 0; i < 8; ++i)
168 ovec[i] = ovec[i + num] << rem |
169 ovec[i + num + 1] >> (8 -
170 rem);
171#if BYTE_ORDER == LITTLE_ENDIAN
172 v0 = sh[0], v1 = sh[1];
173#else
174 iv = &ovec[0];
175 c2l(iv, v0);
176 c2l(iv, v1);
177#endif
178 }
179 d0 ^= ti[0];
180 d1 ^= ti[1];
181 l2cn(d0, d1, out, n);
182 out += n;
183 }
184 }
185 iv = &(*ivec)[0];
186 l2c(v0, iv);
187 l2c(v1, iv);
188 v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
189}
190LCRYPTO_ALIAS(DES_cfb_encrypt);
diff --git a/src/lib/libcrypto/des/des.c b/src/lib/libcrypto/des/des.c
new file mode 100644
index 0000000000..113fc4b9f9
--- /dev/null
+++ b/src/lib/libcrypto/des/des.c
@@ -0,0 +1,1022 @@
1/* $OpenBSD: des.c,v 1.9 2024/08/31 15:56:09 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <endian.h>
60
61#include <openssl/opensslconf.h>
62
63#include "des_local.h"
64
65void
66DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
67 DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
68{
69 DES_LONG tin0, tin1;
70 DES_LONG tout0, tout1, xor0, xor1;
71 long l = length;
72 DES_LONG tin[2];
73 unsigned char *iv;
74
75 iv = &(*ivec)[0];
76
77 if (enc) {
78 c2l(iv, tout0);
79 c2l(iv, tout1);
80 for (l -= 8; l >= 0; l -= 8) {
81 c2l(in, tin0);
82 c2l(in, tin1);
83 tin0 ^= tout0;
84 tin[0] = tin0;
85 tin1 ^= tout1;
86 tin[1] = tin1;
87 DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
88 tout0 = tin[0];
89 l2c(tout0, out);
90 tout1 = tin[1];
91 l2c(tout1, out);
92 }
93 if (l != -8) {
94 c2ln(in, tin0, tin1, l + 8);
95 tin0 ^= tout0;
96 tin[0] = tin0;
97 tin1 ^= tout1;
98 tin[1] = tin1;
99 DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
100 tout0 = tin[0];
101 l2c(tout0, out);
102 tout1 = tin[1];
103 l2c(tout1, out);
104 }
105 } else {
106 c2l(iv, xor0);
107 c2l(iv, xor1);
108 for (l -= 8; l >= 0; l -= 8) {
109 c2l(in, tin0);
110 tin[0] = tin0;
111 c2l(in, tin1);
112 tin[1] = tin1;
113 DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
114 tout0 = tin[0] ^ xor0;
115 tout1 = tin[1] ^ xor1;
116 l2c(tout0, out);
117 l2c(tout1, out);
118 xor0 = tin0;
119 xor1 = tin1;
120 }
121 if (l != -8) {
122 c2l(in, tin0);
123 tin[0] = tin0;
124 c2l(in, tin1);
125 tin[1] = tin1;
126 DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
127 tout0 = tin[0] ^ xor0;
128 tout1 = tin[1] ^ xor1;
129 l2cn(tout0, tout1, out, l + 8);
130 }
131 }
132 tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
133 tin[0] = tin[1] = 0;
134}
135LCRYPTO_ALIAS(DES_cbc_encrypt);
136
137/* The input and output encrypted as though 64bit cfb mode is being
138 * used. The extra state information to record how much of the
139 * 64bit block we have used is contained in *num;
140 */
141
142void
143DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
144 long length, DES_key_schedule *ks1,
145 DES_key_schedule *ks2, DES_key_schedule *ks3,
146 DES_cblock *ivec, int *num, int enc)
147{
148 DES_LONG v0, v1;
149 long l = length;
150 int n = *num;
151 DES_LONG ti[2];
152 unsigned char *iv, c, cc;
153
154 iv = &(*ivec)[0];
155 if (enc) {
156 while (l--) {
157 if (n == 0) {
158 c2l(iv, v0);
159 c2l(iv, v1);
160
161 ti[0] = v0;
162 ti[1] = v1;
163 DES_encrypt3(ti, ks1, ks2, ks3);
164 v0 = ti[0];
165 v1 = ti[1];
166
167 iv = &(*ivec)[0];
168 l2c(v0, iv);
169 l2c(v1, iv);
170 iv = &(*ivec)[0];
171 }
172 c = *(in++) ^ iv[n];
173 *(out++) = c;
174 iv[n] = c;
175 n = (n + 1) & 0x07;
176 }
177 } else {
178 while (l--) {
179 if (n == 0) {
180 c2l(iv, v0);
181 c2l(iv, v1);
182
183 ti[0] = v0;
184 ti[1] = v1;
185 DES_encrypt3(ti, ks1, ks2, ks3);
186 v0 = ti[0];
187 v1 = ti[1];
188
189 iv = &(*ivec)[0];
190 l2c(v0, iv);
191 l2c(v1, iv);
192 iv = &(*ivec)[0];
193 }
194 cc = *(in++);
195 c = iv[n];
196 iv[n] = cc;
197 *(out++) = c ^ cc;
198 n = (n + 1) & 0x07;
199 }
200 }
201 v0 = v1 = ti[0] = ti[1] = c = cc = 0;
202 *num = n;
203}
204LCRYPTO_ALIAS(DES_ede3_cfb64_encrypt);
205
206/* This is compatible with the single key CFB-r for DES, even thought that's
207 * not what EVP needs.
208 */
209
210void
211DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
212 int numbits, long length, DES_key_schedule *ks1,
213 DES_key_schedule *ks2, DES_key_schedule *ks3,
214 DES_cblock *ivec, int enc)
215{
216 DES_LONG d0, d1, v0, v1;
217 unsigned long l = length, n = ((unsigned int)numbits + 7)/8;
218 int num = numbits, i;
219 DES_LONG ti[2];
220 unsigned char *iv;
221 unsigned char ovec[16];
222
223 if (num > 64)
224 return;
225 iv = &(*ivec)[0];
226 c2l(iv, v0);
227 c2l(iv, v1);
228 if (enc) {
229 while (l >= n) {
230 l -= n;
231 ti[0] = v0;
232 ti[1] = v1;
233 DES_encrypt3(ti, ks1, ks2, ks3);
234 c2ln(in, d0, d1, n);
235 in += n;
236 d0 ^= ti[0];
237 d1 ^= ti[1];
238 l2cn(d0, d1, out, n);
239 out += n;
240 /* 30-08-94 - eay - changed because l>>32 and
241 * l<<32 are bad under gcc :-( */
242 if (num == 32) {
243 v0 = v1;
244 v1 = d0;
245 } else if (num == 64) {
246 v0 = d0;
247 v1 = d1;
248 } else {
249 iv = &ovec[0];
250 l2c(v0, iv);
251 l2c(v1, iv);
252 l2c(d0, iv);
253 l2c(d1, iv);
254 /* shift ovec left most of the bits... */
255 memmove(ovec, ovec + num/8,
256 8 + (num % 8 ? 1 : 0));
257 /* now the remaining bits */
258 if (num % 8 != 0) {
259 for (i = 0; i < 8; ++i) {
260 ovec[i] <<= num % 8;
261 ovec[i] |= ovec[i + 1] >>
262 (8 - num % 8);
263 }
264 }
265 iv = &ovec[0];
266 c2l(iv, v0);
267 c2l(iv, v1);
268 }
269 }
270 } else {
271 while (l >= n) {
272 l -= n;
273 ti[0] = v0;
274 ti[1] = v1;
275 DES_encrypt3(ti, ks1, ks2, ks3);
276 c2ln(in, d0, d1, n);
277 in += n;
278 /* 30-08-94 - eay - changed because l>>32 and
279 * l<<32 are bad under gcc :-( */
280 if (num == 32) {
281 v0 = v1;
282 v1 = d0;
283 } else if (num == 64) {
284 v0 = d0;
285 v1 = d1;
286 } else {
287 iv = &ovec[0];
288 l2c(v0, iv);
289 l2c(v1, iv);
290 l2c(d0, iv);
291 l2c(d1, iv);
292 /* shift ovec left most of the bits... */
293 memmove(ovec, ovec + num/8,
294 8 + (num % 8 ? 1 : 0));
295 /* now the remaining bits */
296 if (num % 8 != 0) {
297 for (i = 0; i < 8; ++i) {
298 ovec[i] <<= num % 8;
299 ovec[i] |= ovec[i + 1] >>
300 (8 - num % 8);
301 }
302 }
303 iv = &ovec[0];
304 c2l(iv, v0);
305 c2l(iv, v1);
306 }
307 d0 ^= ti[0];
308 d1 ^= ti[1];
309 l2cn(d0, d1, out, n);
310 out += n;
311 }
312 }
313 iv = &(*ivec)[0];
314 l2c(v0, iv);
315 l2c(v1, iv);
316 v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
317}
318LCRYPTO_ALIAS(DES_ede3_cfb_encrypt);
319
320/* The input and output encrypted as though 64bit cfb mode is being
321 * used. The extra state information to record how much of the
322 * 64bit block we have used is contained in *num;
323 */
324
325void
326DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
327 long length, DES_key_schedule *schedule,
328 DES_cblock *ivec, int *num, int enc)
329{
330 DES_LONG v0, v1;
331 long l = length;
332 int n = *num;
333 DES_LONG ti[2];
334 unsigned char *iv, c, cc;
335
336 iv = &(*ivec)[0];
337 if (enc) {
338 while (l--) {
339 if (n == 0) {
340 c2l(iv, v0);
341 ti[0] = v0;
342 c2l(iv, v1);
343 ti[1] = v1;
344 DES_encrypt1(ti, schedule, DES_ENCRYPT);
345 iv = &(*ivec)[0];
346 v0 = ti[0];
347 l2c(v0, iv);
348 v0 = ti[1];
349 l2c(v0, iv);
350 iv = &(*ivec)[0];
351 }
352 c = *(in++) ^ iv[n];
353 *(out++) = c;
354 iv[n] = c;
355 n = (n + 1) & 0x07;
356 }
357 } else {
358 while (l--) {
359 if (n == 0) {
360 c2l(iv, v0);
361 ti[0] = v0;
362 c2l(iv, v1);
363 ti[1] = v1;
364 DES_encrypt1(ti, schedule, DES_ENCRYPT);
365 iv = &(*ivec)[0];
366 v0 = ti[0];
367 l2c(v0, iv);
368 v0 = ti[1];
369 l2c(v0, iv);
370 iv = &(*ivec)[0];
371 }
372 cc = *(in++);
373 c = iv[n];
374 iv[n] = cc;
375 *(out++) = c ^ cc;
376 n = (n + 1) & 0x07;
377 }
378 }
379 v0 = v1 = ti[0] = ti[1] = c = cc = 0;
380 *num = n;
381}
382LCRYPTO_ALIAS(DES_cfb64_encrypt);
383
384/* The input and output are loaded in multiples of 8 bits.
385 * What this means is that if you hame numbits=12 and length=2
386 * the first 12 bits will be retrieved from the first byte and half
387 * the second. The second 12 bits will come from the 3rd and half the 4th
388 * byte.
389 */
390/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
391 * will not be compatible with any encryption prior to that date. Ben. */
392void
393DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
394 long length, DES_key_schedule *schedule, DES_cblock *ivec,
395 int enc)
396{
397 DES_LONG d0, d1, v0, v1;
398 unsigned long l = length;
399 int num = numbits/8, n = (numbits + 7)/8, i, rem = numbits % 8;
400 DES_LONG ti[2];
401 unsigned char *iv;
402#if BYTE_ORDER != LITTLE_ENDIAN
403 unsigned char ovec[16];
404#else
405 unsigned int sh[4];
406 unsigned char *ovec = (unsigned char *)sh;
407#endif
408
409 if (numbits <= 0 || numbits > 64)
410 return;
411 iv = &(*ivec)[0];
412 c2l(iv, v0);
413 c2l(iv, v1);
414 if (enc) {
415 while (l >= (unsigned long)n) {
416 l -= n;
417 ti[0] = v0;
418 ti[1] = v1;
419 DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
420 c2ln(in, d0, d1, n);
421 in += n;
422 d0 ^= ti[0];
423 d1 ^= ti[1];
424 l2cn(d0, d1, out, n);
425 out += n;
426 /* 30-08-94 - eay - changed because l>>32 and
427 * l<<32 are bad under gcc :-( */
428 if (numbits == 32) {
429 v0 = v1;
430 v1 = d0;
431 } else if (numbits == 64) {
432 v0 = d0;
433 v1 = d1;
434 } else {
435#if BYTE_ORDER != LITTLE_ENDIAN
436 iv = &ovec[0];
437 l2c(v0, iv);
438 l2c(v1, iv);
439 l2c(d0, iv);
440 l2c(d1, iv);
441#else
442 sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
443#endif
444 if (rem == 0)
445 memmove(ovec, ovec + num, 8);
446 else
447 for (i = 0; i < 8; ++i)
448 ovec[i] = ovec[i + num] << rem |
449 ovec[i + num + 1] >> (8 -
450 rem);
451#if BYTE_ORDER == LITTLE_ENDIAN
452 v0 = sh[0], v1 = sh[1];
453#else
454 iv = &ovec[0];
455 c2l(iv, v0);
456 c2l(iv, v1);
457#endif
458 }
459 }
460 } else {
461 while (l >= (unsigned long)n) {
462 l -= n;
463 ti[0] = v0;
464 ti[1] = v1;
465 DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
466 c2ln(in, d0, d1, n);
467 in += n;
468 /* 30-08-94 - eay - changed because l>>32 and
469 * l<<32 are bad under gcc :-( */
470 if (numbits == 32) {
471 v0 = v1;
472 v1 = d0;
473 } else if (numbits == 64) {
474 v0 = d0;
475 v1 = d1;
476 } else {
477#if BYTE_ORDER != LITTLE_ENDIAN
478 iv = &ovec[0];
479 l2c(v0, iv);
480 l2c(v1, iv);
481 l2c(d0, iv);
482 l2c(d1, iv);
483#else
484 sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
485#endif
486 if (rem == 0)
487 memmove(ovec, ovec + num, 8);
488 else
489 for (i = 0; i < 8; ++i)
490 ovec[i] = ovec[i + num] << rem |
491 ovec[i + num + 1] >> (8 -
492 rem);
493#if BYTE_ORDER == LITTLE_ENDIAN
494 v0 = sh[0], v1 = sh[1];
495#else
496 iv = &ovec[0];
497 c2l(iv, v0);
498 c2l(iv, v1);
499#endif
500 }
501 d0 ^= ti[0];
502 d1 ^= ti[1];
503 l2cn(d0, d1, out, n);
504 out += n;
505 }
506 }
507 iv = &(*ivec)[0];
508 l2c(v0, iv);
509 l2c(v1, iv);
510 v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
511}
512LCRYPTO_ALIAS(DES_cfb_encrypt);
513
514void
515DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
516 DES_key_schedule *ks1, DES_key_schedule *ks2,
517 DES_key_schedule *ks3,
518 int enc)
519{
520 DES_LONG l0, l1;
521 DES_LONG ll[2];
522 const unsigned char *in = &(*input)[0];
523 unsigned char *out = &(*output)[0];
524
525 c2l(in, l0);
526 c2l(in, l1);
527 ll[0] = l0;
528 ll[1] = l1;
529 if (enc)
530 DES_encrypt3(ll, ks1, ks2, ks3);
531 else
532 DES_decrypt3(ll, ks1, ks2, ks3);
533 l0 = ll[0];
534 l1 = ll[1];
535 l2c(l0, out);
536 l2c(l1, out);
537}
538LCRYPTO_ALIAS(DES_ecb3_encrypt);
539
540void
541DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
542 DES_key_schedule *ks, int enc)
543{
544 DES_LONG l;
545 DES_LONG ll[2];
546 const unsigned char *in = &(*input)[0];
547 unsigned char *out = &(*output)[0];
548
549 c2l(in, l);
550 ll[0] = l;
551 c2l(in, l);
552 ll[1] = l;
553 DES_encrypt1(ll, ks, enc);
554 l = ll[0];
555 l2c(l, out);
556 l = ll[1];
557 l2c(l, out);
558 l = ll[0] = ll[1] = 0;
559}
560LCRYPTO_ALIAS(DES_ecb_encrypt);
561
562/*
563
564This is an implementation of Triple DES Cipher Block Chaining with Output
565Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
566
567Note that there is a known attack on this by Biham and Knudsen but it takes
568a lot of work:
569
570http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
571
572*/
573
574#ifndef OPENSSL_NO_DESCBCM
575void
576DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
577 long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
578 DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
579 int enc)
580{
581 DES_LONG tin0, tin1;
582 DES_LONG tout0, tout1, xor0, xor1, m0, m1;
583 long l = length;
584 DES_LONG tin[2];
585 unsigned char *iv1, *iv2;
586
587 iv1 = &(*ivec1)[0];
588 iv2 = &(*ivec2)[0];
589
590 if (enc) {
591 c2l(iv1, m0);
592 c2l(iv1, m1);
593 c2l(iv2, tout0);
594 c2l(iv2, tout1);
595 for (l -= 8; l >= -7; l -= 8) {
596 tin[0] = m0;
597 tin[1] = m1;
598 DES_encrypt1(tin, ks3, 1);
599 m0 = tin[0];
600 m1 = tin[1];
601
602 if (l < 0) {
603 c2ln(in, tin0, tin1, l + 8);
604 } else {
605 c2l(in, tin0);
606 c2l(in, tin1);
607 }
608 tin0 ^= tout0;
609 tin1 ^= tout1;
610
611 tin[0] = tin0;
612 tin[1] = tin1;
613 DES_encrypt1(tin, ks1, 1);
614 tin[0] ^= m0;
615 tin[1] ^= m1;
616 DES_encrypt1(tin, ks2, 0);
617 tin[0] ^= m0;
618 tin[1] ^= m1;
619 DES_encrypt1(tin, ks1, 1);
620 tout0 = tin[0];
621 tout1 = tin[1];
622
623 l2c(tout0, out);
624 l2c(tout1, out);
625 }
626 iv1 = &(*ivec1)[0];
627 l2c(m0, iv1);
628 l2c(m1, iv1);
629
630 iv2 = &(*ivec2)[0];
631 l2c(tout0, iv2);
632 l2c(tout1, iv2);
633 } else {
634 DES_LONG t0, t1;
635
636 c2l(iv1, m0);
637 c2l(iv1, m1);
638 c2l(iv2, xor0);
639 c2l(iv2, xor1);
640 for (l -= 8; l >= -7; l -= 8) {
641 tin[0] = m0;
642 tin[1] = m1;
643 DES_encrypt1(tin, ks3, 1);
644 m0 = tin[0];
645 m1 = tin[1];
646
647 c2l(in, tin0);
648 c2l(in, tin1);
649
650 t0 = tin0;
651 t1 = tin1;
652
653 tin[0] = tin0;
654 tin[1] = tin1;
655 DES_encrypt1(tin, ks1, 0);
656 tin[0] ^= m0;
657 tin[1] ^= m1;
658 DES_encrypt1(tin, ks2, 1);
659 tin[0] ^= m0;
660 tin[1] ^= m1;
661 DES_encrypt1(tin, ks1, 0);
662 tout0 = tin[0];
663 tout1 = tin[1];
664
665 tout0 ^= xor0;
666 tout1 ^= xor1;
667 if (l < 0) {
668 l2cn(tout0, tout1, out, l + 8);
669 } else {
670 l2c(tout0, out);
671 l2c(tout1, out);
672 }
673 xor0 = t0;
674 xor1 = t1;
675 }
676
677 iv1 = &(*ivec1)[0];
678 l2c(m0, iv1);
679 l2c(m1, iv1);
680
681 iv2 = &(*ivec2)[0];
682 l2c(xor0, iv2);
683 l2c(xor1, iv2);
684 }
685 tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
686 tin[0] = tin[1] = 0;
687}
688LCRYPTO_ALIAS(DES_ede3_cbcm_encrypt);
689#endif
690
691/* The input and output encrypted as though 64bit ofb mode is being
692 * used. The extra state information to record how much of the
693 * 64bit block we have used is contained in *num;
694 */
695void
696DES_ede3_ofb64_encrypt(const unsigned char *in,
697 unsigned char *out, long length,
698 DES_key_schedule *k1, DES_key_schedule *k2,
699 DES_key_schedule *k3, DES_cblock *ivec,
700 int *num)
701{
702 DES_LONG v0, v1;
703 int n = *num;
704 long l = length;
705 DES_cblock d;
706 char *dp;
707 DES_LONG ti[2];
708 unsigned char *iv;
709 int save = 0;
710
711 iv = &(*ivec)[0];
712 c2l(iv, v0);
713 c2l(iv, v1);
714 ti[0] = v0;
715 ti[1] = v1;
716 dp = (char *)d;
717 l2c(v0, dp);
718 l2c(v1, dp);
719 while (l--) {
720 if (n == 0) {
721 /* ti[0]=v0; */
722 /* ti[1]=v1; */
723 DES_encrypt3(ti, k1, k2, k3);
724 v0 = ti[0];
725 v1 = ti[1];
726
727 dp = (char *)d;
728 l2c(v0, dp);
729 l2c(v1, dp);
730 save++;
731 }
732 *(out++) = *(in++) ^ d[n];
733 n = (n + 1) & 0x07;
734 }
735 if (save) {
736 iv = &(*ivec)[0];
737 l2c(v0, iv);
738 l2c(v1, iv);
739 }
740 v0 = v1 = ti[0] = ti[1] = 0;
741 *num = n;
742}
743LCRYPTO_ALIAS(DES_ede3_ofb64_encrypt);
744
745/* The input and output encrypted as though 64bit ofb mode is being
746 * used. The extra state information to record how much of the
747 * 64bit block we have used is contained in *num;
748 */
749void
750DES_ofb64_encrypt(const unsigned char *in,
751 unsigned char *out, long length,
752 DES_key_schedule *schedule, DES_cblock *ivec, int *num)
753{
754 DES_LONG v0, v1, t;
755 int n = *num;
756 long l = length;
757 DES_cblock d;
758 unsigned char *dp;
759 DES_LONG ti[2];
760 unsigned char *iv;
761 int save = 0;
762
763 iv = &(*ivec)[0];
764 c2l(iv, v0);
765 c2l(iv, v1);
766 ti[0] = v0;
767 ti[1] = v1;
768 dp = d;
769 l2c(v0, dp);
770 l2c(v1, dp);
771 while (l--) {
772 if (n == 0) {
773 DES_encrypt1(ti, schedule, DES_ENCRYPT);
774 dp = d;
775 t = ti[0];
776 l2c(t, dp);
777 t = ti[1];
778 l2c(t, dp);
779 save++;
780 }
781 *(out++) = *(in++) ^ d[n];
782 n = (n + 1) & 0x07;
783 }
784 if (save) {
785 v0 = ti[0];
786 v1 = ti[1];
787 iv = &(*ivec)[0];
788 l2c(v0, iv);
789 l2c(v1, iv);
790 }
791 t = v0 = v1 = ti[0] = ti[1] = 0;
792 *num = n;
793}
794LCRYPTO_ALIAS(DES_ofb64_encrypt);
795
796/* The input and output are loaded in multiples of 8 bits.
797 * What this means is that if you hame numbits=12 and length=2
798 * the first 12 bits will be retrieved from the first byte and half
799 * the second. The second 12 bits will come from the 3rd and half the 4th
800 * byte.
801 */
802void
803DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
804 long length, DES_key_schedule *schedule,
805 DES_cblock *ivec)
806{
807 DES_LONG d0, d1, vv0, vv1, v0, v1, n = (numbits + 7)/8;
808 DES_LONG mask0, mask1;
809 long l = length;
810 int num = numbits;
811 DES_LONG ti[2];
812 unsigned char *iv;
813
814 if (num > 64)
815 return;
816 if (num > 32) {
817 mask0 = 0xffffffffL;
818 if (num >= 64)
819 mask1 = mask0;
820 else
821 mask1 = (1L << (num - 32)) - 1;
822 } else {
823 if (num == 32)
824 mask0 = 0xffffffffL;
825 else
826 mask0 = (1L << num) - 1;
827 mask1 = 0x00000000L;
828 }
829
830 iv = &(*ivec)[0];
831 c2l(iv, v0);
832 c2l(iv, v1);
833 ti[0] = v0;
834 ti[1] = v1;
835 while (l-- > 0) {
836 ti[0] = v0;
837 ti[1] = v1;
838 DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
839 vv0 = ti[0];
840 vv1 = ti[1];
841 c2ln(in, d0, d1, n);
842 in += n;
843 d0 = (d0 ^ vv0) & mask0;
844 d1 = (d1 ^ vv1) & mask1;
845 l2cn(d0, d1, out, n);
846 out += n;
847
848 if (num == 32) {
849 v0 = v1;
850 v1 = vv0;
851 } else if (num == 64) {
852 v0 = vv0;
853 v1 = vv1;
854 } else if (num > 32) { /* && num != 64 */
855 v0 = ((v1 >> (num - 32))|(vv0 << (64 - num))) &
856 0xffffffffL;
857 v1 = ((vv0 >> (num - 32))|(vv1 << (64 - num))) &
858 0xffffffffL;
859 } else /* num < 32 */ {
860 v0 = ((v0 >> num)|(v1 << (32 - num))) & 0xffffffffL;
861 v1 = ((v1 >> num)|(vv0 << (32 - num))) & 0xffffffffL;
862 }
863 }
864 iv = &(*ivec)[0];
865 l2c(v0, iv);
866 l2c(v1, iv);
867 v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
868}
869LCRYPTO_ALIAS(DES_ofb_encrypt);
870
871void
872DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
873 long length, DES_key_schedule *schedule,
874 DES_cblock *ivec, int enc)
875{
876 DES_LONG sin0, sin1, xor0, xor1, tout0, tout1;
877 DES_LONG tin[2];
878 const unsigned char *in;
879 unsigned char *out, *iv;
880
881 in = input;
882 out = output;
883 iv = &(*ivec)[0];
884
885 if (enc) {
886 c2l(iv, xor0);
887 c2l(iv, xor1);
888 for (; length > 0; length -= 8) {
889 if (length >= 8) {
890 c2l(in, sin0);
891 c2l(in, sin1);
892 } else
893 c2ln(in, sin0, sin1, length);
894 tin[0] = sin0 ^ xor0;
895 tin[1] = sin1 ^ xor1;
896 DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
897 tout0 = tin[0];
898 tout1 = tin[1];
899 xor0 = sin0 ^ tout0;
900 xor1 = sin1 ^ tout1;
901 l2c(tout0, out);
902 l2c(tout1, out);
903 }
904 } else {
905 c2l(iv, xor0);
906 c2l(iv, xor1);
907 for (; length > 0; length -= 8) {
908 c2l(in, sin0);
909 c2l(in, sin1);
910 tin[0] = sin0;
911 tin[1] = sin1;
912 DES_encrypt1((DES_LONG *)tin, schedule, DES_DECRYPT);
913 tout0 = tin[0] ^ xor0;
914 tout1 = tin[1] ^ xor1;
915 if (length >= 8) {
916 l2c(tout0, out);
917 l2c(tout1, out);
918 } else
919 l2cn(tout0, tout1, out, length);
920 xor0 = tout0 ^ sin0;
921 xor1 = tout1 ^ sin1;
922 }
923 }
924 tin[0] = tin[1] = 0;
925 sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
926}
927LCRYPTO_ALIAS(DES_pcbc_encrypt);
928
929/* RSA's DESX */
930
931void
932DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
933 long length, DES_key_schedule *schedule,
934 DES_cblock *ivec, const_DES_cblock *inw,
935 const_DES_cblock *outw, int enc)
936{
937 DES_LONG tin0, tin1;
938 DES_LONG tout0, tout1, xor0, xor1;
939 DES_LONG inW0, inW1, outW0, outW1;
940 const unsigned char *in2;
941 long l = length;
942 DES_LONG tin[2];
943 unsigned char *iv;
944
945 in2 = &(*inw)[0];
946 c2l(in2, inW0);
947 c2l(in2, inW1);
948 in2 = &(*outw)[0];
949 c2l(in2, outW0);
950 c2l(in2, outW1);
951
952 iv = &(*ivec)[0];
953
954 if (enc) {
955 c2l(iv, tout0);
956 c2l(iv, tout1);
957 for (l -= 8; l >= 0; l -= 8) {
958 c2l(in, tin0);
959 c2l(in, tin1);
960 tin0 ^= tout0 ^ inW0;
961 tin[0] = tin0;
962 tin1 ^= tout1 ^ inW1;
963 tin[1] = tin1;
964 DES_encrypt1(tin, schedule, DES_ENCRYPT);
965 tout0 = tin[0] ^ outW0;
966 l2c(tout0, out);
967 tout1 = tin[1] ^ outW1;
968 l2c(tout1, out);
969 }
970 if (l != -8) {
971 c2ln(in, tin0, tin1, l + 8);
972 tin0 ^= tout0 ^ inW0;
973 tin[0] = tin0;
974 tin1 ^= tout1 ^ inW1;
975 tin[1] = tin1;
976 DES_encrypt1(tin, schedule, DES_ENCRYPT);
977 tout0 = tin[0] ^ outW0;
978 l2c(tout0, out);
979 tout1 = tin[1] ^ outW1;
980 l2c(tout1, out);
981 }
982 iv = &(*ivec)[0];
983 l2c(tout0, iv);
984 l2c(tout1, iv);
985 } else {
986 c2l(iv, xor0);
987 c2l(iv, xor1);
988 for (l -= 8; l > 0; l -= 8) {
989 c2l(in, tin0);
990 tin[0] = tin0 ^ outW0;
991 c2l(in, tin1);
992 tin[1] = tin1 ^ outW1;
993 DES_encrypt1(tin, schedule, DES_DECRYPT);
994 tout0 = tin[0] ^ xor0 ^ inW0;
995 tout1 = tin[1] ^ xor1 ^ inW1;
996 l2c(tout0, out);
997 l2c(tout1, out);
998 xor0 = tin0;
999 xor1 = tin1;
1000 }
1001 if (l != -8) {
1002 c2l(in, tin0);
1003 tin[0] = tin0 ^ outW0;
1004 c2l(in, tin1);
1005 tin[1] = tin1 ^ outW1;
1006 DES_encrypt1(tin, schedule, DES_DECRYPT);
1007 tout0 = tin[0] ^ xor0 ^ inW0;
1008 tout1 = tin[1] ^ xor1 ^ inW1;
1009 l2cn(tout0, tout1, out, l + 8);
1010 xor0 = tin0;
1011 xor1 = tin1;
1012 }
1013
1014 iv = &(*ivec)[0];
1015 l2c(xor0, iv);
1016 l2c(xor1, iv);
1017 }
1018 tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
1019 inW0 = inW1 = outW0 = outW1 = 0;
1020 tin[0] = tin[1] = 0;
1021}
1022LCRYPTO_ALIAS(DES_xcbc_encrypt);
diff --git a/src/lib/libcrypto/des/qud_cksm.c b/src/lib/libcrypto/des/des_cksum.c
index 4ded2a05b0..6dfb8a0340 100644
--- a/src/lib/libcrypto/des/qud_cksm.c
+++ b/src/lib/libcrypto/des/des_cksum.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: qud_cksm.c,v 1.11 2024/03/29 01:47:29 joshua Exp $ */ 1/* $OpenBSD: des_cksum.c,v 1.1 2024/08/31 15:56:09 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -74,6 +74,53 @@
74#define NOISE ((DES_LONG)83653421L) 74#define NOISE ((DES_LONG)83653421L)
75 75
76DES_LONG 76DES_LONG
77DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
78 long length, DES_key_schedule *schedule,
79 const_DES_cblock *ivec)
80{
81 DES_LONG tout0, tout1, tin0, tin1;
82 long l = length;
83 DES_LONG tin[2];
84 unsigned char *out = &(*output)[0];
85 const unsigned char *iv = &(*ivec)[0];
86
87 c2l(iv, tout0);
88 c2l(iv, tout1);
89 for (; l > 0; l -= 8) {
90 if (l >= 8) {
91 c2l(in, tin0);
92 c2l(in, tin1);
93 } else
94 c2ln(in, tin0, tin1, l);
95
96 tin0 ^= tout0;
97 tin[0] = tin0;
98 tin1 ^= tout1;
99 tin[1] = tin1;
100 DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
101 /* fix 15/10/91 eay - thanks to keithr@sco.COM */
102 tout0 = tin[0];
103 tout1 = tin[1];
104 }
105 if (out != NULL) {
106 l2c(tout0, out);
107 l2c(tout1, out);
108 }
109 tout0 = tin0 = tin1 = tin[0] = tin[1] = 0;
110 /*
111 Transform the data in tout1 so that it will
112 match the return value that the MIT Kerberos
113 mit_des_cbc_cksum API returns.
114 */
115 tout1 = ((tout1 >> 24L) & 0x000000FF) |
116 ((tout1 >> 8L) & 0x0000FF00) |
117 ((tout1 << 8L) & 0x00FF0000) |
118 ((tout1 << 24L) & 0xFF000000);
119 return (tout1);
120}
121LCRYPTO_ALIAS(DES_cbc_cksum);
122
123DES_LONG
77DES_quad_cksum(const unsigned char *input, DES_cblock output[], 124DES_quad_cksum(const unsigned char *input, DES_cblock output[],
78 long length, int out_count, DES_cblock *seed) 125 long length, int out_count, DES_cblock *seed)
79{ 126{
diff --git a/src/lib/libcrypto/des/fcrypt.c b/src/lib/libcrypto/des/des_fcrypt.c
index c970ef4c55..877ffdbc83 100644
--- a/src/lib/libcrypto/des/fcrypt.c
+++ b/src/lib/libcrypto/des/des_fcrypt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: fcrypt.c,v 1.17 2024/08/31 15:39:33 jsing Exp $ */ 1/* $OpenBSD: des_fcrypt.c,v 1.1 2024/08/31 15:56:09 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
diff --git a/src/lib/libcrypto/des/set_key.c b/src/lib/libcrypto/des/des_key.c
index 9a9dcf7c52..eee8a7e127 100644
--- a/src/lib/libcrypto/des/set_key.c
+++ b/src/lib/libcrypto/des/des_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: set_key.c,v 1.28 2024/07/09 07:16:13 beck Exp $ */ 1/* $OpenBSD: des_key.c,v 1.1 2024/08/31 15:56:09 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -413,3 +413,111 @@ DES_random_key(DES_cblock *ret)
413 return (1); 413 return (1);
414} 414}
415LCRYPTO_ALIAS(DES_random_key); 415LCRYPTO_ALIAS(DES_random_key);
416
417void
418DES_string_to_key(const char *str, DES_cblock *key)
419{
420 DES_key_schedule ks;
421 int i, length;
422 unsigned char j;
423
424 memset(key, 0, 8);
425 length = strlen(str);
426#ifdef OLD_STR_TO_KEY
427 for (i = 0; i < length; i++)
428 (*key)[i % 8] ^= (str[i] << 1);
429#else /* MIT COMPATIBLE */
430 for (i = 0; i < length; i++) {
431 j = str[i];
432 if ((i % 16) < 8)
433 (*key)[i % 8] ^= (j << 1);
434 else {
435 /* Reverse the bit order 05/05/92 eay */
436 j = ((j << 4) & 0xf0)|((j >> 4) & 0x0f);
437 j = ((j << 2) & 0xcc)|((j >> 2) & 0x33);
438 j = ((j << 1) & 0xaa)|((j >> 1) & 0x55);
439 (*key)[7 - (i % 8)] ^= j;
440 }
441 }
442#endif
443 DES_set_odd_parity(key);
444#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
445 if (DES_is_weak_key(key))
446 (*key)[7] ^= 0xF0;
447 DES_set_key(key, &ks);
448#else
449 DES_set_key_unchecked(key, &ks);
450#endif
451 DES_cbc_cksum((const unsigned char *)str, key, length, &ks, key);
452 explicit_bzero(&ks, sizeof(ks));
453 DES_set_odd_parity(key);
454}
455LCRYPTO_ALIAS(DES_string_to_key);
456
457void
458DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
459{
460 DES_key_schedule ks;
461 int i, length;
462 unsigned char j;
463
464 memset(key1, 0, 8);
465 memset(key2, 0, 8);
466 length = strlen(str);
467#ifdef OLD_STR_TO_KEY
468 if (length <= 8) {
469 for (i = 0; i < length; i++) {
470 (*key2)[i] = (*key1)[i] = (str[i] << 1);
471 }
472 } else {
473 for (i = 0; i < length; i++) {
474 if ((i/8) & 1)
475 (*key2)[i % 8] ^= (str[i] << 1);
476 else
477 (*key1)[i % 8] ^= (str[i] << 1);
478 }
479 }
480#else /* MIT COMPATIBLE */
481 for (i = 0; i < length; i++) {
482 j = str[i];
483 if ((i % 32) < 16) {
484 if ((i % 16) < 8)
485 (*key1)[i % 8] ^= (j << 1);
486 else
487 (*key2)[i % 8] ^= (j << 1);
488 } else {
489 j = ((j << 4) & 0xf0)|((j >> 4) & 0x0f);
490 j = ((j << 2) & 0xcc)|((j >> 2) & 0x33);
491 j = ((j << 1) & 0xaa)|((j >> 1) & 0x55);
492 if ((i % 16) < 8)
493 (*key1)[7 - (i % 8)] ^= j;
494 else
495 (*key2)[7 - (i % 8)] ^= j;
496 }
497 }
498 if (length <= 8)
499 memcpy(key2, key1, 8);
500#endif
501 DES_set_odd_parity(key1);
502 DES_set_odd_parity(key2);
503#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
504 if (DES_is_weak_key(key1))
505 (*key1)[7] ^= 0xF0;
506 DES_set_key(key1, &ks);
507#else
508 DES_set_key_unchecked(key1, &ks);
509#endif
510 DES_cbc_cksum((const unsigned char *)str, key1, length, &ks, key1);
511#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
512 if (DES_is_weak_key(key2))
513 (*key2)[7] ^= 0xF0;
514 DES_set_key(key2, &ks);
515#else
516 DES_set_key_unchecked(key2, &ks);
517#endif
518 DES_cbc_cksum((const unsigned char *)str, key2, length, &ks, key2);
519 explicit_bzero(&ks, sizeof(ks));
520 DES_set_odd_parity(key1);
521 DES_set_odd_parity(key2);
522}
523LCRYPTO_ALIAS(DES_string_to_2keys);
diff --git a/src/lib/libcrypto/des/ecb3_enc.c b/src/lib/libcrypto/des/ecb3_enc.c
deleted file mode 100644
index 2aa63726e5..0000000000
--- a/src/lib/libcrypto/des/ecb3_enc.c
+++ /dev/null
@@ -1,85 +0,0 @@
1/* $OpenBSD: ecb3_enc.c,v 1.10 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60
61void
62DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
63 DES_key_schedule *ks1, DES_key_schedule *ks2,
64 DES_key_schedule *ks3,
65 int enc)
66{
67 DES_LONG l0, l1;
68 DES_LONG ll[2];
69 const unsigned char *in = &(*input)[0];
70 unsigned char *out = &(*output)[0];
71
72 c2l(in, l0);
73 c2l(in, l1);
74 ll[0] = l0;
75 ll[1] = l1;
76 if (enc)
77 DES_encrypt3(ll, ks1, ks2, ks3);
78 else
79 DES_decrypt3(ll, ks1, ks2, ks3);
80 l0 = ll[0];
81 l1 = ll[1];
82 l2c(l0, out);
83 l2c(l1, out);
84}
85LCRYPTO_ALIAS(DES_ecb3_encrypt);
diff --git a/src/lib/libcrypto/des/ecb_enc.c b/src/lib/libcrypto/des/ecb_enc.c
deleted file mode 100644
index 2491c43183..0000000000
--- a/src/lib/libcrypto/des/ecb_enc.c
+++ /dev/null
@@ -1,83 +0,0 @@
1/* $OpenBSD: ecb_enc.c,v 1.20 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60#include <openssl/opensslv.h>
61#include <openssl/bio.h>
62
63void
64DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
65 DES_key_schedule *ks, int enc)
66{
67 DES_LONG l;
68 DES_LONG ll[2];
69 const unsigned char *in = &(*input)[0];
70 unsigned char *out = &(*output)[0];
71
72 c2l(in, l);
73 ll[0] = l;
74 c2l(in, l);
75 ll[1] = l;
76 DES_encrypt1(ll, ks, enc);
77 l = ll[0];
78 l2c(l, out);
79 l = ll[1];
80 l2c(l, out);
81 l = ll[0] = ll[1] = 0;
82}
83LCRYPTO_ALIAS(DES_ecb_encrypt);
diff --git a/src/lib/libcrypto/des/ede_cbcm_enc.c b/src/lib/libcrypto/des/ede_cbcm_enc.c
deleted file mode 100644
index 979600e549..0000000000
--- a/src/lib/libcrypto/des/ede_cbcm_enc.c
+++ /dev/null
@@ -1,190 +0,0 @@
1/* $OpenBSD: ede_cbcm_enc.c,v 1.10 2024/03/29 01:47:29 joshua Exp $ */
2/* Written by Ben Laurie <ben@algroup.co.uk> for the OpenSSL
3 * project 13 Feb 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59/*
60
61This is an implementation of Triple DES Cipher Block Chaining with Output
62Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
63
64Note that there is a known attack on this by Biham and Knudsen but it takes
65a lot of work:
66
67http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
68
69*/
70
71#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_DESCBCM is defined */
72
73#ifndef OPENSSL_NO_DESCBCM
74#include "des_local.h"
75
76void
77DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
78 long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
79 DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
80 int enc)
81{
82 DES_LONG tin0, tin1;
83 DES_LONG tout0, tout1, xor0, xor1, m0, m1;
84 long l = length;
85 DES_LONG tin[2];
86 unsigned char *iv1, *iv2;
87
88 iv1 = &(*ivec1)[0];
89 iv2 = &(*ivec2)[0];
90
91 if (enc) {
92 c2l(iv1, m0);
93 c2l(iv1, m1);
94 c2l(iv2, tout0);
95 c2l(iv2, tout1);
96 for (l -= 8; l >= -7; l -= 8) {
97 tin[0] = m0;
98 tin[1] = m1;
99 DES_encrypt1(tin, ks3, 1);
100 m0 = tin[0];
101 m1 = tin[1];
102
103 if (l < 0) {
104 c2ln(in, tin0, tin1, l + 8);
105 } else {
106 c2l(in, tin0);
107 c2l(in, tin1);
108 }
109 tin0 ^= tout0;
110 tin1 ^= tout1;
111
112 tin[0] = tin0;
113 tin[1] = tin1;
114 DES_encrypt1(tin, ks1, 1);
115 tin[0] ^= m0;
116 tin[1] ^= m1;
117 DES_encrypt1(tin, ks2, 0);
118 tin[0] ^= m0;
119 tin[1] ^= m1;
120 DES_encrypt1(tin, ks1, 1);
121 tout0 = tin[0];
122 tout1 = tin[1];
123
124 l2c(tout0, out);
125 l2c(tout1, out);
126 }
127 iv1 = &(*ivec1)[0];
128 l2c(m0, iv1);
129 l2c(m1, iv1);
130
131 iv2 = &(*ivec2)[0];
132 l2c(tout0, iv2);
133 l2c(tout1, iv2);
134 } else {
135 DES_LONG t0, t1;
136
137 c2l(iv1, m0);
138 c2l(iv1, m1);
139 c2l(iv2, xor0);
140 c2l(iv2, xor1);
141 for (l -= 8; l >= -7; l -= 8) {
142 tin[0] = m0;
143 tin[1] = m1;
144 DES_encrypt1(tin, ks3, 1);
145 m0 = tin[0];
146 m1 = tin[1];
147
148 c2l(in, tin0);
149 c2l(in, tin1);
150
151 t0 = tin0;
152 t1 = tin1;
153
154 tin[0] = tin0;
155 tin[1] = tin1;
156 DES_encrypt1(tin, ks1, 0);
157 tin[0] ^= m0;
158 tin[1] ^= m1;
159 DES_encrypt1(tin, ks2, 1);
160 tin[0] ^= m0;
161 tin[1] ^= m1;
162 DES_encrypt1(tin, ks1, 0);
163 tout0 = tin[0];
164 tout1 = tin[1];
165
166 tout0 ^= xor0;
167 tout1 ^= xor1;
168 if (l < 0) {
169 l2cn(tout0, tout1, out, l + 8);
170 } else {
171 l2c(tout0, out);
172 l2c(tout1, out);
173 }
174 xor0 = t0;
175 xor1 = t1;
176 }
177
178 iv1 = &(*ivec1)[0];
179 l2c(m0, iv1);
180 l2c(m1, iv1);
181
182 iv2 = &(*ivec2)[0];
183 l2c(xor0, iv2);
184 l2c(xor1, iv2);
185 }
186 tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
187 tin[0] = tin[1] = 0;
188}
189LCRYPTO_ALIAS(DES_ede3_cbcm_encrypt);
190#endif
diff --git a/src/lib/libcrypto/des/ofb64ede.c b/src/lib/libcrypto/des/ofb64ede.c
deleted file mode 100644
index 949b220478..0000000000
--- a/src/lib/libcrypto/des/ofb64ede.c
+++ /dev/null
@@ -1,113 +0,0 @@
1/* $OpenBSD: ofb64ede.c,v 1.9 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60
61/* The input and output encrypted as though 64bit ofb mode is being
62 * used. The extra state information to record how much of the
63 * 64bit block we have used is contained in *num;
64 */
65void
66DES_ede3_ofb64_encrypt(const unsigned char *in,
67 unsigned char *out, long length,
68 DES_key_schedule *k1, DES_key_schedule *k2,
69 DES_key_schedule *k3, DES_cblock *ivec,
70 int *num)
71{
72 DES_LONG v0, v1;
73 int n = *num;
74 long l = length;
75 DES_cblock d;
76 char *dp;
77 DES_LONG ti[2];
78 unsigned char *iv;
79 int save = 0;
80
81 iv = &(*ivec)[0];
82 c2l(iv, v0);
83 c2l(iv, v1);
84 ti[0] = v0;
85 ti[1] = v1;
86 dp = (char *)d;
87 l2c(v0, dp);
88 l2c(v1, dp);
89 while (l--) {
90 if (n == 0) {
91 /* ti[0]=v0; */
92 /* ti[1]=v1; */
93 DES_encrypt3(ti, k1, k2, k3);
94 v0 = ti[0];
95 v1 = ti[1];
96
97 dp = (char *)d;
98 l2c(v0, dp);
99 l2c(v1, dp);
100 save++;
101 }
102 *(out++) = *(in++) ^ d[n];
103 n = (n + 1) & 0x07;
104 }
105 if (save) {
106 iv = &(*ivec)[0];
107 l2c(v0, iv);
108 l2c(v1, iv);
109 }
110 v0 = v1 = ti[0] = ti[1] = 0;
111 *num = n;
112}
113LCRYPTO_ALIAS(DES_ede3_ofb64_encrypt);
diff --git a/src/lib/libcrypto/des/ofb64enc.c b/src/lib/libcrypto/des/ofb64enc.c
deleted file mode 100644
index 5e524dd9e2..0000000000
--- a/src/lib/libcrypto/des/ofb64enc.c
+++ /dev/null
@@ -1,110 +0,0 @@
1/* $OpenBSD: ofb64enc.c,v 1.9 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60
61/* The input and output encrypted as though 64bit ofb mode is being
62 * used. The extra state information to record how much of the
63 * 64bit block we have used is contained in *num;
64 */
65void
66DES_ofb64_encrypt(const unsigned char *in,
67 unsigned char *out, long length,
68 DES_key_schedule *schedule, DES_cblock *ivec, int *num)
69{
70 DES_LONG v0, v1, t;
71 int n = *num;
72 long l = length;
73 DES_cblock d;
74 unsigned char *dp;
75 DES_LONG ti[2];
76 unsigned char *iv;
77 int save = 0;
78
79 iv = &(*ivec)[0];
80 c2l(iv, v0);
81 c2l(iv, v1);
82 ti[0] = v0;
83 ti[1] = v1;
84 dp = d;
85 l2c(v0, dp);
86 l2c(v1, dp);
87 while (l--) {
88 if (n == 0) {
89 DES_encrypt1(ti, schedule, DES_ENCRYPT);
90 dp = d;
91 t = ti[0];
92 l2c(t, dp);
93 t = ti[1];
94 l2c(t, dp);
95 save++;
96 }
97 *(out++) = *(in++) ^ d[n];
98 n = (n + 1) & 0x07;
99 }
100 if (save) {
101 v0 = ti[0];
102 v1 = ti[1];
103 iv = &(*ivec)[0];
104 l2c(v0, iv);
105 l2c(v1, iv);
106 }
107 t = v0 = v1 = ti[0] = ti[1] = 0;
108 *num = n;
109}
110LCRYPTO_ALIAS(DES_ofb64_encrypt);
diff --git a/src/lib/libcrypto/des/ofb_enc.c b/src/lib/libcrypto/des/ofb_enc.c
deleted file mode 100644
index 96dc25ee2c..0000000000
--- a/src/lib/libcrypto/des/ofb_enc.c
+++ /dev/null
@@ -1,134 +0,0 @@
1/* $OpenBSD: ofb_enc.c,v 1.9 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60
61/* The input and output are loaded in multiples of 8 bits.
62 * What this means is that if you hame numbits=12 and length=2
63 * the first 12 bits will be retrieved from the first byte and half
64 * the second. The second 12 bits will come from the 3rd and half the 4th
65 * byte.
66 */
67void
68DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
69 long length, DES_key_schedule *schedule,
70 DES_cblock *ivec)
71{
72 DES_LONG d0, d1, vv0, vv1, v0, v1, n = (numbits + 7)/8;
73 DES_LONG mask0, mask1;
74 long l = length;
75 int num = numbits;
76 DES_LONG ti[2];
77 unsigned char *iv;
78
79 if (num > 64)
80 return;
81 if (num > 32) {
82 mask0 = 0xffffffffL;
83 if (num >= 64)
84 mask1 = mask0;
85 else
86 mask1 = (1L << (num - 32)) - 1;
87 } else {
88 if (num == 32)
89 mask0 = 0xffffffffL;
90 else
91 mask0 = (1L << num) - 1;
92 mask1 = 0x00000000L;
93 }
94
95 iv = &(*ivec)[0];
96 c2l(iv, v0);
97 c2l(iv, v1);
98 ti[0] = v0;
99 ti[1] = v1;
100 while (l-- > 0) {
101 ti[0] = v0;
102 ti[1] = v1;
103 DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
104 vv0 = ti[0];
105 vv1 = ti[1];
106 c2ln(in, d0, d1, n);
107 in += n;
108 d0 = (d0 ^ vv0) & mask0;
109 d1 = (d1 ^ vv1) & mask1;
110 l2cn(d0, d1, out, n);
111 out += n;
112
113 if (num == 32) {
114 v0 = v1;
115 v1 = vv0;
116 } else if (num == 64) {
117 v0 = vv0;
118 v1 = vv1;
119 } else if (num > 32) { /* && num != 64 */
120 v0 = ((v1 >> (num - 32))|(vv0 << (64 - num))) &
121 0xffffffffL;
122 v1 = ((vv0 >> (num - 32))|(vv1 << (64 - num))) &
123 0xffffffffL;
124 } else /* num < 32 */ {
125 v0 = ((v0 >> num)|(v1 << (32 - num))) & 0xffffffffL;
126 v1 = ((v1 >> num)|(vv0 << (32 - num))) & 0xffffffffL;
127 }
128 }
129 iv = &(*ivec)[0];
130 l2c(v0, iv);
131 l2c(v1, iv);
132 v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
133}
134LCRYPTO_ALIAS(DES_ofb_encrypt);
diff --git a/src/lib/libcrypto/des/pcbc_enc.c b/src/lib/libcrypto/des/pcbc_enc.c
deleted file mode 100644
index defd628d4d..0000000000
--- a/src/lib/libcrypto/des/pcbc_enc.c
+++ /dev/null
@@ -1,117 +0,0 @@
1/* $OpenBSD: pcbc_enc.c,v 1.10 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60
61void
62DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
63 long length, DES_key_schedule *schedule,
64 DES_cblock *ivec, int enc)
65{
66 DES_LONG sin0, sin1, xor0, xor1, tout0, tout1;
67 DES_LONG tin[2];
68 const unsigned char *in;
69 unsigned char *out, *iv;
70
71 in = input;
72 out = output;
73 iv = &(*ivec)[0];
74
75 if (enc) {
76 c2l(iv, xor0);
77 c2l(iv, xor1);
78 for (; length > 0; length -= 8) {
79 if (length >= 8) {
80 c2l(in, sin0);
81 c2l(in, sin1);
82 } else
83 c2ln(in, sin0, sin1, length);
84 tin[0] = sin0 ^ xor0;
85 tin[1] = sin1 ^ xor1;
86 DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
87 tout0 = tin[0];
88 tout1 = tin[1];
89 xor0 = sin0 ^ tout0;
90 xor1 = sin1 ^ tout1;
91 l2c(tout0, out);
92 l2c(tout1, out);
93 }
94 } else {
95 c2l(iv, xor0);
96 c2l(iv, xor1);
97 for (; length > 0; length -= 8) {
98 c2l(in, sin0);
99 c2l(in, sin1);
100 tin[0] = sin0;
101 tin[1] = sin1;
102 DES_encrypt1((DES_LONG *)tin, schedule, DES_DECRYPT);
103 tout0 = tin[0] ^ xor0;
104 tout1 = tin[1] ^ xor1;
105 if (length >= 8) {
106 l2c(tout0, out);
107 l2c(tout1, out);
108 } else
109 l2cn(tout0, tout1, out, length);
110 xor0 = tout0 ^ sin0;
111 xor1 = tout1 ^ sin1;
112 }
113 }
114 tin[0] = tin[1] = 0;
115 sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
116}
117LCRYPTO_ALIAS(DES_pcbc_encrypt);
diff --git a/src/lib/libcrypto/des/str2key.c b/src/lib/libcrypto/des/str2key.c
deleted file mode 100644
index cc5bc91b4d..0000000000
--- a/src/lib/libcrypto/des/str2key.c
+++ /dev/null
@@ -1,168 +0,0 @@
1/* $OpenBSD: str2key.c,v 1.14 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/crypto.h>
60#include "des_local.h"
61
62void
63DES_string_to_key(const char *str, DES_cblock *key)
64{
65 DES_key_schedule ks;
66 int i, length;
67 unsigned char j;
68
69 memset(key, 0, 8);
70 length = strlen(str);
71#ifdef OLD_STR_TO_KEY
72 for (i = 0; i < length; i++)
73 (*key)[i % 8] ^= (str[i] << 1);
74#else /* MIT COMPATIBLE */
75 for (i = 0; i < length; i++) {
76 j = str[i];
77 if ((i % 16) < 8)
78 (*key)[i % 8] ^= (j << 1);
79 else {
80 /* Reverse the bit order 05/05/92 eay */
81 j = ((j << 4) & 0xf0)|((j >> 4) & 0x0f);
82 j = ((j << 2) & 0xcc)|((j >> 2) & 0x33);
83 j = ((j << 1) & 0xaa)|((j >> 1) & 0x55);
84 (*key)[7 - (i % 8)] ^= j;
85 }
86 }
87#endif
88 DES_set_odd_parity(key);
89#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
90 if (DES_is_weak_key(key))
91 (*key)[7] ^= 0xF0;
92 DES_set_key(key, &ks);
93#else
94 DES_set_key_unchecked(key, &ks);
95#endif
96 DES_cbc_cksum((const unsigned char *)str, key, length, &ks, key);
97 explicit_bzero(&ks, sizeof(ks));
98 DES_set_odd_parity(key);
99}
100LCRYPTO_ALIAS(DES_string_to_key);
101
102void
103DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
104{
105 DES_key_schedule ks;
106 int i, length;
107 unsigned char j;
108
109 memset(key1, 0, 8);
110 memset(key2, 0, 8);
111 length = strlen(str);
112#ifdef OLD_STR_TO_KEY
113 if (length <= 8) {
114 for (i = 0; i < length; i++) {
115 (*key2)[i] = (*key1)[i] = (str[i] << 1);
116 }
117 } else {
118 for (i = 0; i < length; i++) {
119 if ((i/8) & 1)
120 (*key2)[i % 8] ^= (str[i] << 1);
121 else
122 (*key1)[i % 8] ^= (str[i] << 1);
123 }
124 }
125#else /* MIT COMPATIBLE */
126 for (i = 0; i < length; i++) {
127 j = str[i];
128 if ((i % 32) < 16) {
129 if ((i % 16) < 8)
130 (*key1)[i % 8] ^= (j << 1);
131 else
132 (*key2)[i % 8] ^= (j << 1);
133 } else {
134 j = ((j << 4) & 0xf0)|((j >> 4) & 0x0f);
135 j = ((j << 2) & 0xcc)|((j >> 2) & 0x33);
136 j = ((j << 1) & 0xaa)|((j >> 1) & 0x55);
137 if ((i % 16) < 8)
138 (*key1)[7 - (i % 8)] ^= j;
139 else
140 (*key2)[7 - (i % 8)] ^= j;
141 }
142 }
143 if (length <= 8)
144 memcpy(key2, key1, 8);
145#endif
146 DES_set_odd_parity(key1);
147 DES_set_odd_parity(key2);
148#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
149 if (DES_is_weak_key(key1))
150 (*key1)[7] ^= 0xF0;
151 DES_set_key(key1, &ks);
152#else
153 DES_set_key_unchecked(key1, &ks);
154#endif
155 DES_cbc_cksum((const unsigned char *)str, key1, length, &ks, key1);
156#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
157 if (DES_is_weak_key(key2))
158 (*key2)[7] ^= 0xF0;
159 DES_set_key(key2, &ks);
160#else
161 DES_set_key_unchecked(key2, &ks);
162#endif
163 DES_cbc_cksum((const unsigned char *)str, key2, length, &ks, key2);
164 explicit_bzero(&ks, sizeof(ks));
165 DES_set_odd_parity(key1);
166 DES_set_odd_parity(key2);
167}
168LCRYPTO_ALIAS(DES_string_to_2keys);
diff --git a/src/lib/libcrypto/des/xcbc_enc.c b/src/lib/libcrypto/des/xcbc_enc.c
deleted file mode 100644
index 90607cad33..0000000000
--- a/src/lib/libcrypto/des/xcbc_enc.c
+++ /dev/null
@@ -1,154 +0,0 @@
1/* $OpenBSD: xcbc_enc.c,v 1.13 2024/03/29 01:47:29 joshua Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include "des_local.h"
60
61/* RSA's DESX */
62
63void
64DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
65 long length, DES_key_schedule *schedule,
66 DES_cblock *ivec, const_DES_cblock *inw,
67 const_DES_cblock *outw, int enc)
68{
69 DES_LONG tin0, tin1;
70 DES_LONG tout0, tout1, xor0, xor1;
71 DES_LONG inW0, inW1, outW0, outW1;
72 const unsigned char *in2;
73 long l = length;
74 DES_LONG tin[2];
75 unsigned char *iv;
76
77 in2 = &(*inw)[0];
78 c2l(in2, inW0);
79 c2l(in2, inW1);
80 in2 = &(*outw)[0];
81 c2l(in2, outW0);
82 c2l(in2, outW1);
83
84 iv = &(*ivec)[0];
85
86 if (enc) {
87 c2l(iv, tout0);
88 c2l(iv, tout1);
89 for (l -= 8; l >= 0; l -= 8) {
90 c2l(in, tin0);
91 c2l(in, tin1);
92 tin0 ^= tout0 ^ inW0;
93 tin[0] = tin0;
94 tin1 ^= tout1 ^ inW1;
95 tin[1] = tin1;
96 DES_encrypt1(tin, schedule, DES_ENCRYPT);
97 tout0 = tin[0] ^ outW0;
98 l2c(tout0, out);
99 tout1 = tin[1] ^ outW1;
100 l2c(tout1, out);
101 }
102 if (l != -8) {
103 c2ln(in, tin0, tin1, l + 8);
104 tin0 ^= tout0 ^ inW0;
105 tin[0] = tin0;
106 tin1 ^= tout1 ^ inW1;
107 tin[1] = tin1;
108 DES_encrypt1(tin, schedule, DES_ENCRYPT);
109 tout0 = tin[0] ^ outW0;
110 l2c(tout0, out);
111 tout1 = tin[1] ^ outW1;
112 l2c(tout1, out);
113 }
114 iv = &(*ivec)[0];
115 l2c(tout0, iv);
116 l2c(tout1, iv);
117 } else {
118 c2l(iv, xor0);
119 c2l(iv, xor1);
120 for (l -= 8; l > 0; l -= 8) {
121 c2l(in, tin0);
122 tin[0] = tin0 ^ outW0;
123 c2l(in, tin1);
124 tin[1] = tin1 ^ outW1;
125 DES_encrypt1(tin, schedule, DES_DECRYPT);
126 tout0 = tin[0] ^ xor0 ^ inW0;
127 tout1 = tin[1] ^ xor1 ^ inW1;
128 l2c(tout0, out);
129 l2c(tout1, out);
130 xor0 = tin0;
131 xor1 = tin1;
132 }
133 if (l != -8) {
134 c2l(in, tin0);
135 tin[0] = tin0 ^ outW0;
136 c2l(in, tin1);
137 tin[1] = tin1 ^ outW1;
138 DES_encrypt1(tin, schedule, DES_DECRYPT);
139 tout0 = tin[0] ^ xor0 ^ inW0;
140 tout1 = tin[1] ^ xor1 ^ inW1;
141 l2cn(tout0, tout1, out, l + 8);
142 xor0 = tin0;
143 xor1 = tin1;
144 }
145
146 iv = &(*ivec)[0];
147 l2c(xor0, iv);
148 l2c(xor1, iv);
149 }
150 tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
151 inW0 = inW1 = outW0 = outW1 = 0;
152 tin[0] = tin[1] = 0;
153}
154LCRYPTO_ALIAS(DES_xcbc_encrypt);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 20:47:51 +0000