summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rc2
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/rc2')
-rw-r--r--src/lib/libcrypto/rc2/rc2.h96
-rw-r--r--src/lib/libcrypto/rc2/rc2_cbc.c236
-rw-r--r--src/lib/libcrypto/rc2/rc2_ecb.c91
-rw-r--r--src/lib/libcrypto/rc2/rc2_local.h112
-rw-r--r--src/lib/libcrypto/rc2/rc2_skey.c142
-rw-r--r--src/lib/libcrypto/rc2/rc2cfb64.c124
-rw-r--r--src/lib/libcrypto/rc2/rc2ofb64.c111
-rw-r--r--src/lib/libcrypto/rc2/rrc2.doc219
-rw-r--r--src/lib/libcrypto/rc2/version22
9 files changed, 0 insertions, 1153 deletions
diff --git a/src/lib/libcrypto/rc2/rc2.h b/src/lib/libcrypto/rc2/rc2.h
deleted file mode 100644
index 96e395f32d..0000000000
--- a/src/lib/libcrypto/rc2/rc2.h
+++ /dev/null
@@ -1,96 +0,0 @@
1/* $OpenBSD: rc2.h,v 1.13 2025/01/25 17:59:44 tb Exp $ */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_RC2_H
60#define HEADER_RC2_H
61
62#include <openssl/opensslconf.h> /* OPENSSL_NO_RC2, RC2_INT */
63
64#define RC2_ENCRYPT 1
65#define RC2_DECRYPT 0
66
67#define RC2_BLOCK 8
68#define RC2_KEY_LENGTH 16
69
70#ifdef __cplusplus
71extern "C" {
72#endif
73
74typedef struct rc2_key_st {
75 RC2_INT data[64];
76} RC2_KEY;
77
78void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits);
79void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *key,
80 int enc);
81void RC2_encrypt(unsigned long *data, RC2_KEY *key);
82void RC2_decrypt(unsigned long *data, RC2_KEY *key);
83void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
84 RC2_KEY *ks, unsigned char *iv, int enc);
85void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
86 long length, RC2_KEY *schedule, unsigned char *ivec,
87 int *num, int enc);
88void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
89 long length, RC2_KEY *schedule, unsigned char *ivec,
90 int *num);
91
92#ifdef __cplusplus
93}
94#endif
95
96#endif
diff --git a/src/lib/libcrypto/rc2/rc2_cbc.c b/src/lib/libcrypto/rc2/rc2_cbc.c
deleted file mode 100644
index 1d8e2def99..0000000000
--- a/src/lib/libcrypto/rc2/rc2_cbc.c
+++ /dev/null
@@ -1,236 +0,0 @@
1/* $OpenBSD: rc2_cbc.c,v 1.8 2023/07/07 13:40:44 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc2.h>
60#include "rc2_local.h"
61
62void
63RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
64 RC2_KEY *ks, unsigned char *iv, int encrypt)
65{
66 unsigned long tin0, tin1;
67 unsigned long tout0, tout1, xor0, xor1;
68 long l = length;
69 unsigned long tin[2];
70
71 if (encrypt) {
72 c2l(iv, tout0);
73 c2l(iv, tout1);
74 iv -= 8;
75 for (l -= 8; l >= 0; l -= 8)
76 {
77 c2l(in, tin0);
78 c2l(in, tin1);
79 tin0 ^= tout0;
80 tin1 ^= tout1;
81 tin[0] = tin0;
82 tin[1] = tin1;
83 RC2_encrypt(tin, ks);
84 tout0 = tin[0];
85 l2c(tout0, out);
86 tout1 = tin[1];
87 l2c(tout1, out);
88 }
89 if (l != -8) {
90 c2ln(in, tin0, tin1, l + 8);
91 tin0 ^= tout0;
92 tin1 ^= tout1;
93 tin[0] = tin0;
94 tin[1] = tin1;
95 RC2_encrypt(tin, ks);
96 tout0 = tin[0];
97 l2c(tout0, out);
98 tout1 = tin[1];
99 l2c(tout1, out);
100 }
101 l2c(tout0, iv);
102 l2c(tout1, iv);
103 } else {
104 c2l(iv, xor0);
105 c2l(iv, xor1);
106 iv -= 8;
107 for (l -= 8; l >= 0; l -= 8)
108 {
109 c2l(in, tin0);
110 tin[0] = tin0;
111 c2l(in, tin1);
112 tin[1] = tin1;
113 RC2_decrypt(tin, ks);
114 tout0 = tin[0] ^ xor0;
115 tout1 = tin[1] ^ xor1;
116 l2c(tout0, out);
117 l2c(tout1, out);
118 xor0 = tin0;
119 xor1 = tin1;
120 }
121 if (l != -8) {
122 c2l(in, tin0);
123 tin[0] = tin0;
124 c2l(in, tin1);
125 tin[1] = tin1;
126 RC2_decrypt(tin, ks);
127 tout0 = tin[0] ^ xor0;
128 tout1 = tin[1] ^ xor1;
129 l2cn(tout0, tout1, out, l + 8);
130 xor0 = tin0;
131 xor1 = tin1;
132 }
133 l2c(xor0, iv);
134 l2c(xor1, iv);
135 }
136 tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
137 tin[0] = tin[1] = 0;
138}
139LCRYPTO_ALIAS(RC2_cbc_encrypt);
140
141void
142RC2_encrypt(unsigned long *d, RC2_KEY *key)
143{
144 int i, n;
145 RC2_INT *p0, *p1;
146 RC2_INT x0, x1, x2, x3, t;
147 unsigned long l;
148
149 l = d[0];
150 x0 = (RC2_INT)l & 0xffff;
151 x1 = (RC2_INT)(l >> 16L);
152 l = d[1];
153 x2 = (RC2_INT)l & 0xffff;
154 x3 = (RC2_INT)(l >> 16L);
155
156 n = 3;
157 i = 5;
158
159 p0 = p1 = &(key->data[0]);
160 for (;;) {
161 t = (x0 + (x1 & ~x3) + (x2 & x3) + *(p0++)) & 0xffff;
162 x0 = (t << 1)|(t >> 15);
163 t = (x1 + (x2 & ~x0) + (x3 & x0) + *(p0++)) & 0xffff;
164 x1 = (t << 2)|(t >> 14);
165 t = (x2 + (x3 & ~x1) + (x0 & x1) + *(p0++)) & 0xffff;
166 x2 = (t << 3)|(t >> 13);
167 t = (x3 + (x0 & ~x2) + (x1 & x2) + *(p0++)) & 0xffff;
168 x3 = (t << 5)|(t >> 11);
169
170 if (--i == 0) {
171 if (--n == 0)
172 break;
173 i = (n == 2) ? 6 : 5;
174
175 x0 += p1[x3 & 0x3f];
176 x1 += p1[x0 & 0x3f];
177 x2 += p1[x1 & 0x3f];
178 x3 += p1[x2 & 0x3f];
179 }
180 }
181
182 d[0] = (unsigned long)(x0 & 0xffff)|((unsigned long)(x1 & 0xffff) <<
183 16L);
184 d[1] = (unsigned long)(x2 & 0xffff)|((unsigned long)(x3 & 0xffff) <<
185 16L);
186}
187LCRYPTO_ALIAS(RC2_encrypt);
188
189void
190RC2_decrypt(unsigned long *d, RC2_KEY *key)
191{
192 int i, n;
193 RC2_INT *p0, *p1;
194 RC2_INT x0, x1, x2, x3, t;
195 unsigned long l;
196
197 l = d[0];
198 x0 = (RC2_INT)l & 0xffff;
199 x1 = (RC2_INT)(l >> 16L);
200 l = d[1];
201 x2 = (RC2_INT)l & 0xffff;
202 x3 = (RC2_INT)(l >> 16L);
203
204 n = 3;
205 i = 5;
206
207 p0 = &(key->data[63]);
208 p1 = &(key->data[0]);
209 for (;;) {
210 t = ((x3 << 11)|(x3 >> 5)) & 0xffff;
211 x3 = (t - (x0 & ~x2) - (x1 & x2) - *(p0--)) & 0xffff;
212 t = ((x2 << 13)|(x2 >> 3)) & 0xffff;
213 x2 = (t - (x3 & ~x1) - (x0 & x1) - *(p0--)) & 0xffff;
214 t = ((x1 << 14)|(x1 >> 2)) & 0xffff;
215 x1 = (t - (x2 & ~x0) - (x3 & x0) - *(p0--)) & 0xffff;
216 t = ((x0 << 15)|(x0 >> 1)) & 0xffff;
217 x0 = (t - (x1 & ~x3) - (x2 & x3) - *(p0--)) & 0xffff;
218
219 if (--i == 0) {
220 if (--n == 0)
221 break;
222 i = (n == 2) ? 6 : 5;
223
224 x3 = (x3 - p1[x2 & 0x3f]) & 0xffff;
225 x2 = (x2 - p1[x1 & 0x3f]) & 0xffff;
226 x1 = (x1 - p1[x0 & 0x3f]) & 0xffff;
227 x0 = (x0 - p1[x3 & 0x3f]) & 0xffff;
228 }
229 }
230
231 d[0] = (unsigned long)(x0 & 0xffff)|((unsigned long)(x1 & 0xffff) <<
232 16L);
233 d[1] = (unsigned long)(x2 & 0xffff)|((unsigned long)(x3 & 0xffff) <<
234 16L);
235}
236LCRYPTO_ALIAS(RC2_decrypt);
diff --git a/src/lib/libcrypto/rc2/rc2_ecb.c b/src/lib/libcrypto/rc2/rc2_ecb.c
deleted file mode 100644
index 6a3c8098eb..0000000000
--- a/src/lib/libcrypto/rc2/rc2_ecb.c
+++ /dev/null
@@ -1,91 +0,0 @@
1/* $OpenBSD: rc2_ecb.c,v 1.9 2023/07/07 13:40:44 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc2.h>
60#include "rc2_local.h"
61#include <openssl/opensslv.h>
62
63/* RC2 as implemented frm a posting from
64 * Newsgroups: sci.crypt
65 * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
66 * Subject: Specification for Ron Rivests Cipher No.2
67 * Message-ID: <4fk39f$f70@net.auckland.ac.nz>
68 * Date: 11 Feb 1996 06:45:03 GMT
69 */
70
71void
72RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks,
73 int encrypt)
74{
75 unsigned long l, d[2];
76
77 c2l(in, l);
78 d[0] = l;
79 c2l(in, l);
80 d[1] = l;
81 if (encrypt)
82 RC2_encrypt(d, ks);
83 else
84 RC2_decrypt(d, ks);
85 l = d[0];
86 l2c(l, out);
87 l = d[1];
88 l2c(l, out);
89 l = d[0] = d[1] = 0;
90}
91LCRYPTO_ALIAS(RC2_ecb_encrypt);
diff --git a/src/lib/libcrypto/rc2/rc2_local.h b/src/lib/libcrypto/rc2/rc2_local.h
deleted file mode 100644
index dd5598760e..0000000000
--- a/src/lib/libcrypto/rc2/rc2_local.h
+++ /dev/null
@@ -1,112 +0,0 @@
1/* $OpenBSD: rc2_local.h,v 1.3 2024/03/29 05:03:48 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#undef c2l
60#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
61 l|=((unsigned long)(*((c)++)))<< 8L, \
62 l|=((unsigned long)(*((c)++)))<<16L, \
63 l|=((unsigned long)(*((c)++)))<<24L)
64
65/* NOTE - c is not incremented as per c2l */
66#undef c2ln
67#define c2ln(c,l1,l2,n) { \
68 c+=n; \
69 l1=l2=0; \
70 switch (n) { \
71 case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
72 case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
73 case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
74 case 5: l2|=((unsigned long)(*(--(c)))); \
75 case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
76 case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
77 case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
78 case 1: l1|=((unsigned long)(*(--(c)))); \
79 } \
80 }
81
82#undef l2c
83#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
84 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
85 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
86 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
87
88/* NOTE - c is not incremented as per l2c */
89#undef l2cn
90#define l2cn(l1,l2,c,n) { \
91 c+=n; \
92 switch (n) { \
93 case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff);\
94 case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff);\
95 case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff);\
96 case 5: *(--(c))=(unsigned char)(((l2) )&0xff);\
97 case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff);\
98 case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff);\
99 case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff);\
100 case 1: *(--(c))=(unsigned char)(((l1) )&0xff);\
101 } \
102 }
103
104#define C_RC2(n) \
105 t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \
106 x0=(t<<1)|(t>>15); \
107 t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \
108 x1=(t<<2)|(t>>14); \
109 t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \
110 x2=(t<<3)|(t>>13); \
111 t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \
112 x3=(t<<5)|(t>>11);
diff --git a/src/lib/libcrypto/rc2/rc2_skey.c b/src/lib/libcrypto/rc2/rc2_skey.c
deleted file mode 100644
index d33c02da8c..0000000000
--- a/src/lib/libcrypto/rc2/rc2_skey.c
+++ /dev/null
@@ -1,142 +0,0 @@
1/* $OpenBSD: rc2_skey.c,v 1.15 2023/07/07 13:40:44 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/crypto.h>
60#include <openssl/rc2.h>
61#include "rc2_local.h"
62
63static const unsigned char key_table[256]={
64 0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79,
65 0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e,
66 0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5,
67 0x87,0xb3,0x4f,0x13,0x61,0x45,0x6d,0x8d,0x09,0x81,0x7d,0x32,
68 0xbd,0x8f,0x40,0xeb,0x86,0xb7,0x7b,0x0b,0xf0,0x95,0x21,0x22,
69 0x5c,0x6b,0x4e,0x82,0x54,0xd6,0x65,0x93,0xce,0x60,0xb2,0x1c,
70 0x73,0x56,0xc0,0x14,0xa7,0x8c,0xf1,0xdc,0x12,0x75,0xca,0x1f,
71 0x3b,0xbe,0xe4,0xd1,0x42,0x3d,0xd4,0x30,0xa3,0x3c,0xb6,0x26,
72 0x6f,0xbf,0x0e,0xda,0x46,0x69,0x07,0x57,0x27,0xf2,0x1d,0x9b,
73 0xbc,0x94,0x43,0x03,0xf8,0x11,0xc7,0xf6,0x90,0xef,0x3e,0xe7,
74 0x06,0xc3,0xd5,0x2f,0xc8,0x66,0x1e,0xd7,0x08,0xe8,0xea,0xde,
75 0x80,0x52,0xee,0xf7,0x84,0xaa,0x72,0xac,0x35,0x4d,0x6a,0x2a,
76 0x96,0x1a,0xd2,0x71,0x5a,0x15,0x49,0x74,0x4b,0x9f,0xd0,0x5e,
77 0x04,0x18,0xa4,0xec,0xc2,0xe0,0x41,0x6e,0x0f,0x51,0xcb,0xcc,
78 0x24,0x91,0xaf,0x50,0xa1,0xf4,0x70,0x39,0x99,0x7c,0x3a,0x85,
79 0x23,0xb8,0xb4,0x7a,0xfc,0x02,0x36,0x5b,0x25,0x55,0x97,0x31,
80 0x2d,0x5d,0xfa,0x98,0xe3,0x8a,0x92,0xae,0x05,0xdf,0x29,0x10,
81 0x67,0x6c,0xba,0xc9,0xd3,0x00,0xe6,0xcf,0xe1,0x9e,0xa8,0x2c,
82 0x63,0x16,0x01,0x3f,0x58,0xe2,0x89,0xa9,0x0d,0x38,0x34,0x1b,
83 0xab,0x33,0xff,0xb0,0xbb,0x48,0x0c,0x5f,0xb9,0xb1,0xcd,0x2e,
84 0xc5,0xf3,0xdb,0x47,0xe5,0xa5,0x9c,0x77,0x0a,0xa6,0x20,0x68,
85 0xfe,0x7f,0xc1,0xad,
86 };
87
88/* It has come to my attention that there are 2 versions of the RC2
89 * key schedule. One which is normal, and anther which has a hook to
90 * use a reduced key length.
91 * BSAFE uses the 'retarded' version. What I previously shipped is
92 * the same as specifying 1024 for the 'bits' parameter. Bsafe uses
93 * a version where the bits parameter is the same as len*8 */
94void
95RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
96{
97 int i, j;
98 unsigned char *k;
99 RC2_INT *ki;
100 unsigned int c, d;
101
102 k = (unsigned char *)&(key->data[0]);
103 *k = 0; /* for if there is a zero length key */
104
105 if (len > 128)
106 len = 128;
107 if (bits <= 0)
108 bits = 1024;
109 if (bits > 1024)
110 bits = 1024;
111
112 for (i = 0; i < len; i++)
113 k[i] = data[i];
114
115 /* expand table */
116 d = k[len - 1];
117 j = 0;
118 for (i = len; i < 128; i++, j++)
119 {
120 d = key_table[(k[j] + d) & 0xff];
121 k[i] = d;
122 }
123
124 /* hmm.... key reduction to 'bits' bits */
125
126 j = (bits + 7) >> 3;
127 i = 128 - j;
128 c = (0xff >> (-bits & 0x07));
129
130 d = key_table[k[i] & c];
131 k[i] = d;
132 while (i--) {
133 d = key_table[k[i + j] ^ d];
134 k[i] = d;
135 }
136
137 /* copy from bytes into RC2_INT's */
138 ki = &(key->data[63]);
139 for (i = 127; i >= 0; i -= 2)
140 *(ki--) = ((k[i] << 8)|k[i - 1]) & 0xffff;
141}
142LCRYPTO_ALIAS(RC2_set_key);
diff --git a/src/lib/libcrypto/rc2/rc2cfb64.c b/src/lib/libcrypto/rc2/rc2cfb64.c
deleted file mode 100644
index 21266c430b..0000000000
--- a/src/lib/libcrypto/rc2/rc2cfb64.c
+++ /dev/null
@@ -1,124 +0,0 @@
1/* $OpenBSD: rc2cfb64.c,v 1.8 2023/07/07 13:40:44 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc2.h>
60#include "rc2_local.h"
61
62/* The input and output encrypted as though 64bit cfb mode is being
63 * used. The extra state information to record how much of the
64 * 64bit block we have used is contained in *num;
65 */
66
67void
68RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
69 long length, RC2_KEY *schedule, unsigned char *ivec,
70 int *num, int encrypt)
71{
72 unsigned long v0, v1, t;
73 int n = *num;
74 long l = length;
75 unsigned long ti[2];
76 unsigned char *iv, c, cc;
77
78 iv = (unsigned char *)ivec;
79 if (encrypt) {
80 while (l--) {
81 if (n == 0) {
82 c2l(iv, v0);
83 ti[0] = v0;
84 c2l(iv, v1);
85 ti[1] = v1;
86 RC2_encrypt((unsigned long *)ti, schedule);
87 iv = (unsigned char *)ivec;
88 t = ti[0];
89 l2c(t, iv);
90 t = ti[1];
91 l2c(t, iv);
92 iv = (unsigned char *)ivec;
93 }
94 c = *(in++) ^ iv[n];
95 *(out++) = c;
96 iv[n] = c;
97 n = (n + 1) & 0x07;
98 }
99 } else {
100 while (l--) {
101 if (n == 0) {
102 c2l(iv, v0);
103 ti[0] = v0;
104 c2l(iv, v1);
105 ti[1] = v1;
106 RC2_encrypt((unsigned long *)ti, schedule);
107 iv = (unsigned char *)ivec;
108 t = ti[0];
109 l2c(t, iv);
110 t = ti[1];
111 l2c(t, iv);
112 iv = (unsigned char *)ivec;
113 }
114 cc = *(in++);
115 c = iv[n];
116 iv[n] = cc;
117 *(out++) = c ^ cc;
118 n = (n + 1) & 0x07;
119 }
120 }
121 v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
122 *num = n;
123}
124LCRYPTO_ALIAS(RC2_cfb64_encrypt);
diff --git a/src/lib/libcrypto/rc2/rc2ofb64.c b/src/lib/libcrypto/rc2/rc2ofb64.c
deleted file mode 100644
index 73d8323e92..0000000000
--- a/src/lib/libcrypto/rc2/rc2ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
1/* $OpenBSD: rc2ofb64.c,v 1.8 2023/07/07 13:40:44 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <openssl/rc2.h>
60#include "rc2_local.h"
61
62/* The input and output encrypted as though 64bit ofb mode is being
63 * used. The extra state information to record how much of the
64 * 64bit block we have used is contained in *num;
65 */
66void
67RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
68 long length, RC2_KEY *schedule, unsigned char *ivec,
69 int *num)
70{
71 unsigned long v0, v1, t;
72 int n = *num;
73 long l = length;
74 unsigned char d[8];
75 char *dp;
76 unsigned long ti[2];
77 unsigned char *iv;
78 int save = 0;
79
80 iv = (unsigned char *)ivec;
81 c2l(iv, v0);
82 c2l(iv, v1);
83 ti[0] = v0;
84 ti[1] = v1;
85 dp = (char *)d;
86 l2c(v0, dp);
87 l2c(v1, dp);
88 while (l--) {
89 if (n == 0) {
90 RC2_encrypt((unsigned long *)ti, schedule);
91 dp = (char *)d;
92 t = ti[0];
93 l2c(t, dp);
94 t = ti[1];
95 l2c(t, dp);
96 save++;
97 }
98 *(out++) = *(in++) ^ d[n];
99 n = (n + 1) & 0x07;
100 }
101 if (save) {
102 v0 = ti[0];
103 v1 = ti[1];
104 iv = (unsigned char *)ivec;
105 l2c(v0, iv);
106 l2c(v1, iv);
107 }
108 t = v0 = v1 = ti[0] = ti[1] = 0;
109 *num = n;
110}
111LCRYPTO_ALIAS(RC2_ofb64_encrypt);
diff --git a/src/lib/libcrypto/rc2/rrc2.doc b/src/lib/libcrypto/rc2/rrc2.doc
deleted file mode 100644
index f93ee003d2..0000000000
--- a/src/lib/libcrypto/rc2/rrc2.doc
+++ /dev/null
@@ -1,219 +0,0 @@
1>From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996
2Article 23601 of sci.crypt:
3Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news
4>From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
5Newsgroups: sci.crypt
6Subject: Specification for Ron Rivests Cipher No.2
7Date: 11 Feb 1996 06:45:03 GMT
8Organization: University of Auckland
9Lines: 203
10Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
11Message-ID: <4fk39f$f70@net.auckland.ac.nz>
12NNTP-Posting-Host: cs26.cs.auckland.ac.nz
13X-Newsreader: NN version 6.5.0 #3 (NOV)
14
15
16
17
18 Ron Rivest's Cipher No.2
19 ------------------------
20
21Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may
22refer to it by other names) is word oriented, operating on a block of 64 bits
23divided into four 16-bit words, with a key table of 64 words. All data units
24are little-endian. This functional description of the algorithm is based in
25the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using
26the same general layout, terminology, and pseudocode style.
27
28
29Notation and RRC.2 Primitive Operations
30
31RRC.2 uses the following primitive operations:
32
331. Two's-complement addition of words, denoted by "+". The inverse operation,
34 subtraction, is denoted by "-".
352. Bitwise exclusive OR, denoted by "^".
363. Bitwise AND, denoted by "&".
374. Bitwise NOT, denoted by "~".
385. A left-rotation of words; the rotation of word x left by y is denoted
39 x <<< y. The inverse operation, right-rotation, is denoted x >>> y.
40
41These operations are directly and efficiently supported by most processors.
42
43
44The RRC.2 Algorithm
45
46RRC.2 consists of three components, a *key expansion* algorithm, an
47*encryption* algorithm, and a *decryption* algorithm.
48
49
50Key Expansion
51
52The purpose of the key-expansion routine is to expand the user's key K to fill
53the expanded key array S, so S resembles an array of random binary words
54determined by the user's secret key K.
55
56Initialising the S-box
57
58RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of
59Beale Cipher No.1 XOR'd with a one-time pad. The Beale Ciphers predate modern
60cryptography by enough time that there should be no concerns about trapdoors
61hidden in the data. They have been published widely, and the S-box can be
62easily recreated from the one-time pad values and the Beale Cipher data taken
63from a standard source. To initialise the S-box:
64
65 for i = 0 to 255 do
66 sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ]
67
68The contents of Beale Cipher No.1 and the necessary one-time pad are given as
69an appendix at the end of this document. For efficiency, implementors may wish
70to skip the Beale Cipher expansion and store the sBox table directly.
71
72Expanding the Secret Key to 128 Bytes
73
74The secret key is first expanded to fill 128 bytes (64 words). The expansion
75consists of taking the sum of the first and last bytes in the user key, looking
76up the sum (modulo 256) in the S-box, and appending the result to the key. The
77operation is repeated with the second byte and new last byte of the key until
78all 128 bytes have been generated. Note that the following pseudocode treats
79the S array as an array of 128 bytes rather than 64 words.
80
81 for j = 0 to length-1 do
82 S[ j ] = K[ j ]
83 for j = length to 127 do
84 s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ];
85
86At this point it is possible to perform a truncation of the effective key
87length to ease the creation of espionage-enabled software products. However
88since the author cannot conceive why anyone would want to do this, it will not
89be considered further.
90
91The final phase of the key expansion involves replacing the first byte of S
92with the entry selected from the S-box:
93
94 S[ 0 ] = sBox[ S[ 0 ] ]
95
96
97Encryption
98
99The cipher has 16 full rounds, each divided into 4 subrounds. Two of the full
100rounds perform an additional transformation on the data. Note that the
101following pseudocode treats the S array as an array of 64 words rather than 128
102bytes.
103
104 for i = 0 to 15 do
105 j = i * 4;
106 word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1
107 word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2
108 word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3
109 word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5
110
111In addition the fifth and eleventh rounds add the contents of the S-box indexed
112by one of the data words to another of the data words following the four
113subrounds as follows:
114
115 word0 = word0 + S[ word3 & 63 ];
116 word1 = word1 + S[ word0 & 63 ];
117 word2 = word2 + S[ word1 & 63 ];
118 word3 = word3 + S[ word2 & 63 ];
119
120
121Decryption
122
123The decryption operation is simply the inverse of the encryption operation.
124Note that the following pseudocode treats the S array as an array of 64 words
125rather than 128 bytes.
126
127 for i = 15 downto 0 do
128 j = i * 4;
129 word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ]
130 word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ]
131 word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ]
132 word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ]
133
134In addition the fifth and eleventh rounds subtract the contents of the S-box
135indexed by one of the data words from another one of the data words following
136the four subrounds as follows:
137
138 word3 = word3 - S[ word2 & 63 ]
139 word2 = word2 - S[ word1 & 63 ]
140 word1 = word1 - S[ word0 & 63 ]
141 word0 = word0 - S[ word3 & 63 ]
142
143
144Test Vectors
145
146The following test vectors may be used to test the correctness of an RRC.2
147implementation:
148
149 Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
150 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
151 Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
152 Cipher: 0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7
153
154 Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
155 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
156 Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
157 Cipher: 0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74
158
159 Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
160 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
161 Plain: 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
162 Cipher: 0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E
163
164 Key: 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
165 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
166 Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
167 Cipher: 0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31
168
169
170Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for
171 Creating the S-Box
172
173Beale Cipher No.1.
174
175 71, 194, 38,1701, 89, 76, 11, 83,1629, 48, 94, 63, 132, 16, 111, 95,
176 84, 341, 975, 14, 40, 64, 27, 81, 139, 213, 63, 90,1120, 8, 15, 3,
177 126,2018, 40, 74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231,
178 124, 211, 486, 225, 401, 370, 11, 101, 305, 139, 189, 17, 33, 88, 208, 193,
179 145, 1, 94, 73, 416, 918, 263, 28, 500, 538, 356, 117, 136, 219, 27, 176,
180 130, 10, 460, 25, 485, 18, 436, 65, 84, 200, 283, 118, 320, 138, 36, 416,
181 280, 15, 71, 224, 961, 44, 16, 401, 39, 88, 61, 304, 12, 21, 24, 283,
182 134, 92, 63, 246, 486, 682, 7, 219, 184, 360, 780, 18, 64, 463, 474, 131,
183 160, 79, 73, 440, 95, 18, 64, 581, 34, 69, 128, 367, 460, 17, 81, 12,
184 103, 820, 62, 110, 97, 103, 862, 70, 60,1317, 471, 540, 208, 121, 890, 346,
185 36, 150, 59, 568, 614, 13, 120, 63, 219, 812,2160,1780, 99, 35, 18, 21,
186 136, 872, 15, 28, 170, 88, 4, 30, 44, 112, 18, 147, 436, 195, 320, 37,
187 122, 113, 6, 140, 8, 120, 305, 42, 58, 461, 44, 106, 301, 13, 408, 680,
188 93, 86, 116, 530, 82, 568, 9, 102, 38, 416, 89, 71, 216, 728, 965, 818,
189 2, 38, 121, 195, 14, 326, 148, 234, 18, 55, 131, 234, 361, 824, 5, 81,
190 623, 48, 961, 19, 26, 33, 10,1101, 365, 92, 88, 181, 275, 346, 201, 206
191
192One-time Pad.
193
194 158, 186, 223, 97, 64, 145, 190, 190, 117, 217, 163, 70, 206, 176, 183, 194,
195 146, 43, 248, 141, 3, 54, 72, 223, 233, 153, 91, 210, 36, 131, 244, 161,
196 105, 120, 113, 191, 113, 86, 19, 245, 213, 221, 43, 27, 242, 157, 73, 213,
197 193, 92, 166, 10, 23, 197, 112, 110, 193, 30, 156, 51, 125, 51, 158, 67,
198 197, 215, 59, 218, 110, 246, 181, 0, 135, 76, 164, 97, 47, 87, 234, 108,
199 144, 127, 6, 6, 222, 172, 80, 144, 22, 245, 207, 70, 227, 182, 146, 134,
200 119, 176, 73, 58, 135, 69, 23, 198, 0, 170, 32, 171, 176, 129, 91, 24,
201 126, 77, 248, 0, 118, 69, 57, 60, 190, 171, 217, 61, 136, 169, 196, 84,
202 168, 167, 163, 102, 223, 64, 174, 178, 166, 239, 242, 195, 249, 92, 59, 38,
203 241, 46, 236, 31, 59, 114, 23, 50, 119, 186, 7, 66, 212, 97, 222, 182,
204 230, 118, 122, 86, 105, 92, 179, 243, 255, 189, 223, 164, 194, 215, 98, 44,
205 17, 20, 53, 153, 137, 224, 176, 100, 208, 114, 36, 200, 145, 150, 215, 20,
206 87, 44, 252, 20, 235, 242, 163, 132, 63, 18, 5, 122, 74, 97, 34, 97,
207 142, 86, 146, 221, 179, 166, 161, 74, 69, 182, 88, 120, 128, 58, 76, 155,
208 15, 30, 77, 216, 165, 117, 107, 90, 169, 127, 143, 181, 208, 137, 200, 127,
209 170, 195, 26, 84, 255, 132, 150, 58, 103, 250, 120, 221, 237, 37, 8, 99
210
211
212Implementation
213
214A non-US based programmer who has never seen any encryption code before will
215shortly be implementing RRC.2 based solely on this specification and not on
216knowledge of any other encryption algorithms. Stand by.
217
218
219
diff --git a/src/lib/libcrypto/rc2/version b/src/lib/libcrypto/rc2/version
deleted file mode 100644
index 8ca161a613..0000000000
--- a/src/lib/libcrypto/rc2/version
+++ /dev/null
@@ -1,22 +0,0 @@
11.1 23/08/96 - eay
2 Changed RC2_set_key() so it now takes another argument. Many
3 thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
4 clarification and original specification of RC2. BSAFE uses
5 this last parameter, 'bits'. It the key is 128 bits, BSAFE
6 also sets this parameter to 128. The old behaviour can be
7 duplicated by setting this parameter to 1024.
8
91.0 08/04/96 - eay
10 First version of SSLeay with rc2. This has been written from the spec
11 posted sci.crypt. It is in this directory under rrc2.doc
12 I have no test values for any mode other than ecb, my wrappers for the
13 other modes should be ok since they are basically the same as
14 the ones taken from idea and des :-). I have implemented them as
15 little-endian operators.
16 While rc2 is included because it is used with SSL, I don't know how
17 far I trust it. It is about the same speed as IDEA and DES.
18 So if you are paranoid, used Triple DES, else IDEA. If RC2
19 does get used more, perhaps more people will look for weaknesses in
20 it.
21
22
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-06 19:31:07 +0000