1 files changed, 47 insertions, 37 deletions

diff --git a/src/lib/libcrypto/des/cfb_enc.c b/src/lib/libcrypto/des/cfb_enc.c
index 17bf77ca9e..2600bdfc93 100644
--- a/src/lib/libcrypto/des/cfb_enc.c
+++ b/src/lib/libcrypto/des/cfb_enc.c
@@ -64,32 +64,22 @@
  * the second.  The second 12 bits will come from the 3rd and half the 4th
  * byte.
  */
+/* WARNING WARNING: this uses in and out in 8-byte chunks regardless of
+ * length */
+/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
+ * will not be compatible with any encryption prior to that date. Ben. */
 void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-                     long length, DES_key_schedule *schedule, DES_cblock *ivec, int enc)
+                     long length, DES_key_schedule *schedule, DES_cblock *ivec,
+                     int enc)
         {
         register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
-        register DES_LONG mask0,mask1;
         register unsigned long l=length;
         register int num=numbits;
         DES_LONG ti[2];
         unsigned char *iv;
+        unsigned char ovec[16];
 
         if (num > 64) return;
-        if (num > 32)
-                {
-                mask0=0xffffffffL;
-                if (num == 64)
-                        mask1=mask0;
-                else    mask1=(1L<<(num-32))-1;
-                }
-        else
-                {
-                if (num == 32)
-                        mask0=0xffffffffL;
-                else    mask0=(1L<<num)-1;
-                mask1=0x00000000L;
-                }
-
         iv = &(*ivec)[0];
         c2l(iv,v0);
         c2l(iv,v1);
@@ -103,8 +93,8 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
                         DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
                         c2ln(in,d0,d1,n);
                         in+=n;
-                        d0=(d0^ti[0])&mask0;
-                        d1=(d1^ti[1])&mask1;
+                        d0^=ti[0];
+                        d1^=ti[1];
                         l2cn(d0,d1,out,n);
                         out+=n;
                         /* 30-08-94 - eay - changed because l>>32 and
@@ -113,15 +103,25 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
                                 { v0=v1; v1=d0; }
                         else if (num == 64)
                                 { v0=d0; v1=d1; }
-                        else if (num > 32) /* && num != 64 */
-                                {
-                                v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
-                                v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
-                                }
-                        else /* num < 32 */
+                        else
                                 {
-                                v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
-                                v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
+                                iv=&ovec[0];
+                                l2c(v0,iv);
+                                l2c(v1,iv);
+                                l2c(d0,iv);
+                                l2c(d1,iv);
+                                /* shift ovec left most of the bits... */
+                                memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
+                                /* now the remaining bits */
+                                if(num%8 != 0)
+                                        for(n=0 ; n < 8 ; ++n)
+                                                {
+                                                ovec[n]<<=num%8;
+                                                ovec[n]|=ovec[n+1]>>(8-num%8);
+                                                }
+                                iv=&ovec[0];
+                                c2l(iv,v0);
+                                c2l(iv,v1);
                                 }
                         }
                 }
@@ -141,18 +141,28 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
                                 { v0=v1; v1=d0; }
                         else if (num == 64)
                                 { v0=d0; v1=d1; }
-                        else if (num > 32) /* && num != 64 */
-                                {
-                                v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
-                                v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
-                                }
-                        else /* num < 32 */
+                        else
                                 {
-                                v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
-                                v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
+                                iv=&ovec[0];
+                                l2c(v0,iv);
+                                l2c(v1,iv);
+                                l2c(d0,iv);
+                                l2c(d1,iv);
+                                /* shift ovec left most of the bits... */
+                                memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
+                                /* now the remaining bits */
+                                if(num%8 != 0)
+                                        for(n=0 ; n < 8 ; ++n)
+                                                {
+                                                ovec[n]<<=num%8;
+                                                ovec[n]|=ovec[n+1]>>(8-num%8);
+                                                }
+                                iv=&ovec[0];
+                                c2l(iv,v0);
+                                c2l(iv,v1);
                                 }
-                        d0=(d0^ti[0])&mask0;
-                        d1=(d1^ti[1])&mask1;
+                        d0^=ti[0];
+                        d1^=ti[1];
                         l2cn(d0,d1,out,n);
                         out+=n;
                         }