From f9b9e21742d3301ba7b9599b7dce4b24758771df Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sat, 31 Aug 2024 15:56:09 +0000
Subject: Combine DES code into a smaller set of files.
Discussed with tb@
---
src/lib/libcrypto/Makefile | 23 +-
src/lib/libcrypto/des/cbc_cksm.c | 106 ----
src/lib/libcrypto/des/cbc_enc.c | 131 -----
src/lib/libcrypto/des/cfb64ede.c | 242 --------
src/lib/libcrypto/des/cfb64enc.c | 123 ----
src/lib/libcrypto/des/cfb_enc.c | 190 -------
src/lib/libcrypto/des/des.c | 1022 ++++++++++++++++++++++++++++++++++
src/lib/libcrypto/des/des_cksum.c | 173 ++++++
src/lib/libcrypto/des/des_fcrypt.c | 261 +++++++++
src/lib/libcrypto/des/des_key.c | 523 +++++++++++++++++
src/lib/libcrypto/des/ecb3_enc.c | 85 ---
src/lib/libcrypto/des/ecb_enc.c | 83 ---
src/lib/libcrypto/des/ede_cbcm_enc.c | 190 -------
src/lib/libcrypto/des/fcrypt.c | 261 ---------
src/lib/libcrypto/des/ofb64ede.c | 113 ----
src/lib/libcrypto/des/ofb64enc.c | 110 ----
src/lib/libcrypto/des/ofb_enc.c | 134 -----
src/lib/libcrypto/des/pcbc_enc.c | 117 ----
src/lib/libcrypto/des/qud_cksm.c | 126 -----
src/lib/libcrypto/des/set_key.c | 415 --------------
src/lib/libcrypto/des/str2key.c | 168 ------
src/lib/libcrypto/des/xcbc_enc.c | 154 -----
22 files changed, 1984 insertions(+), 2766 deletions(-)
delete mode 100644 src/lib/libcrypto/des/cbc_cksm.c
delete mode 100644 src/lib/libcrypto/des/cbc_enc.c
delete mode 100644 src/lib/libcrypto/des/cfb64ede.c
delete mode 100644 src/lib/libcrypto/des/cfb64enc.c
delete mode 100644 src/lib/libcrypto/des/cfb_enc.c
create mode 100644 src/lib/libcrypto/des/des.c
create mode 100644 src/lib/libcrypto/des/des_cksum.c
create mode 100644 src/lib/libcrypto/des/des_fcrypt.c
create mode 100644 src/lib/libcrypto/des/des_key.c
delete mode 100644 src/lib/libcrypto/des/ecb3_enc.c
delete mode 100644 src/lib/libcrypto/des/ecb_enc.c
delete mode 100644 src/lib/libcrypto/des/ede_cbcm_enc.c
delete mode 100644 src/lib/libcrypto/des/fcrypt.c
delete mode 100644 src/lib/libcrypto/des/ofb64ede.c
delete mode 100644 src/lib/libcrypto/des/ofb64enc.c
delete mode 100644 src/lib/libcrypto/des/ofb_enc.c
delete mode 100644 src/lib/libcrypto/des/pcbc_enc.c
delete mode 100644 src/lib/libcrypto/des/qud_cksm.c
delete mode 100644 src/lib/libcrypto/des/set_key.c
delete mode 100644 src/lib/libcrypto/des/str2key.c
delete mode 100644 src/lib/libcrypto/des/xcbc_enc.c
(limited to 'src')
diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile
index 2b8fe88fcf..dfbb38b845 100644
--- a/src/lib/libcrypto/Makefile
+++ b/src/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.210 2024/08/31 15:39:33 jsing Exp $
+# $OpenBSD: Makefile,v 1.211 2024/08/31 15:56:09 jsing Exp $
LIB= crypto
LIBREBUILD=y
@@ -251,24 +251,11 @@ SRCS+= curve25519-generic.c
SRCS+= curve25519.c
# des/
-SRCS+= cbc_cksm.c
-SRCS+= cbc_enc.c
-SRCS+= cfb64ede.c
-SRCS+= cfb64enc.c
-SRCS+= cfb_enc.c
+SRCS+= des.c
+SRCS+= des_cksum.c
SRCS+= des_enc.c
-SRCS+= ecb3_enc.c
-SRCS+= ecb_enc.c
-SRCS+= ede_cbcm_enc.c
-SRCS+= fcrypt.c
-SRCS+= ofb64ede.c
-SRCS+= ofb64enc.c
-SRCS+= ofb_enc.c
-SRCS+= pcbc_enc.c
-SRCS+= qud_cksm.c
-SRCS+= set_key.c
-SRCS+= str2key.c
-SRCS+= xcbc_enc.c
+SRCS+= des_fcrypt.c
+SRCS+= des_key.c
# dh/
SRCS+= dh_ameth.c
diff --git a/src/lib/libcrypto/des/cbc_cksm.c b/src/lib/libcrypto/des/cbc_cksm.c
deleted file mode 100644
index acb0bac110..0000000000
--- a/src/lib/libcrypto/des/cbc_cksm.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* $OpenBSD: cbc_cksm.c,v 1.11 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-
-DES_LONG
-DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
- long length, DES_key_schedule *schedule,
- const_DES_cblock *ivec)
-{
- DES_LONG tout0, tout1, tin0, tin1;
- long l = length;
- DES_LONG tin[2];
- unsigned char *out = &(*output)[0];
- const unsigned char *iv = &(*ivec)[0];
-
- c2l(iv, tout0);
- c2l(iv, tout1);
- for (; l > 0; l -= 8) {
- if (l >= 8) {
- c2l(in, tin0);
- c2l(in, tin1);
- } else
- c2ln(in, tin0, tin1, l);
-
- tin0 ^= tout0;
- tin[0] = tin0;
- tin1 ^= tout1;
- tin[1] = tin1;
- DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
- /* fix 15/10/91 eay - thanks to keithr@sco.COM */
- tout0 = tin[0];
- tout1 = tin[1];
- }
- if (out != NULL) {
- l2c(tout0, out);
- l2c(tout1, out);
- }
- tout0 = tin0 = tin1 = tin[0] = tin[1] = 0;
- /*
- Transform the data in tout1 so that it will
- match the return value that the MIT Kerberos
- mit_des_cbc_cksum API returns.
- */
- tout1 = ((tout1 >> 24L) & 0x000000FF) |
- ((tout1 >> 8L) & 0x0000FF00) |
- ((tout1 << 8L) & 0x00FF0000) |
- ((tout1 << 24L) & 0xFF000000);
- return (tout1);
-}
-LCRYPTO_ALIAS(DES_cbc_cksum);
diff --git a/src/lib/libcrypto/des/cbc_enc.c b/src/lib/libcrypto/des/cbc_enc.c
deleted file mode 100644
index 1f11cc3600..0000000000
--- a/src/lib/libcrypto/des/cbc_enc.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* $OpenBSD: cbc_enc.c,v 1.5 2024/08/31 14:25:04 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-
-void
-DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
-{
- DES_LONG tin0, tin1;
- DES_LONG tout0, tout1, xor0, xor1;
- long l = length;
- DES_LONG tin[2];
- unsigned char *iv;
-
- iv = &(*ivec)[0];
-
- if (enc) {
- c2l(iv, tout0);
- c2l(iv, tout1);
- for (l -= 8; l >= 0; l -= 8) {
- c2l(in, tin0);
- c2l(in, tin1);
- tin0 ^= tout0;
- tin[0] = tin0;
- tin1 ^= tout1;
- tin[1] = tin1;
- DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
- tout0 = tin[0];
- l2c(tout0, out);
- tout1 = tin[1];
- l2c(tout1, out);
- }
- if (l != -8) {
- c2ln(in, tin0, tin1, l + 8);
- tin0 ^= tout0;
- tin[0] = tin0;
- tin1 ^= tout1;
- tin[1] = tin1;
- DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
- tout0 = tin[0];
- l2c(tout0, out);
- tout1 = tin[1];
- l2c(tout1, out);
- }
- } else {
- c2l(iv, xor0);
- c2l(iv, xor1);
- for (l -= 8; l >= 0; l -= 8) {
- c2l(in, tin0);
- tin[0] = tin0;
- c2l(in, tin1);
- tin[1] = tin1;
- DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
- tout0 = tin[0] ^ xor0;
- tout1 = tin[1] ^ xor1;
- l2c(tout0, out);
- l2c(tout1, out);
- xor0 = tin0;
- xor1 = tin1;
- }
- if (l != -8) {
- c2l(in, tin0);
- tin[0] = tin0;
- c2l(in, tin1);
- tin[1] = tin1;
- DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
- tout0 = tin[0] ^ xor0;
- tout1 = tin[1] ^ xor1;
- l2cn(tout0, tout1, out, l + 8);
- }
- }
- tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
- tin[0] = tin[1] = 0;
-}
-LCRYPTO_ALIAS(DES_cbc_encrypt);
diff --git a/src/lib/libcrypto/des/cfb64ede.c b/src/lib/libcrypto/des/cfb64ede.c
deleted file mode 100644
index 69a6c25408..0000000000
--- a/src/lib/libcrypto/des/cfb64ede.c
+++ /dev/null
@@ -1,242 +0,0 @@
-/* $OpenBSD: cfb64ede.c,v 1.13 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void
-DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3,
- DES_cblock *ivec, int *num, int enc)
-{
- DES_LONG v0, v1;
- long l = length;
- int n = *num;
- DES_LONG ti[2];
- unsigned char *iv, c, cc;
-
- iv = &(*ivec)[0];
- if (enc) {
- while (l--) {
- if (n == 0) {
- c2l(iv, v0);
- c2l(iv, v1);
-
- ti[0] = v0;
- ti[1] = v1;
- DES_encrypt3(ti, ks1, ks2, ks3);
- v0 = ti[0];
- v1 = ti[1];
-
- iv = &(*ivec)[0];
- l2c(v0, iv);
- l2c(v1, iv);
- iv = &(*ivec)[0];
- }
- c = *(in++) ^ iv[n];
- *(out++) = c;
- iv[n] = c;
- n = (n + 1) & 0x07;
- }
- } else {
- while (l--) {
- if (n == 0) {
- c2l(iv, v0);
- c2l(iv, v1);
-
- ti[0] = v0;
- ti[1] = v1;
- DES_encrypt3(ti, ks1, ks2, ks3);
- v0 = ti[0];
- v1 = ti[1];
-
- iv = &(*ivec)[0];
- l2c(v0, iv);
- l2c(v1, iv);
- iv = &(*ivec)[0];
- }
- cc = *(in++);
- c = iv[n];
- iv[n] = cc;
- *(out++) = c ^ cc;
- n = (n + 1) & 0x07;
- }
- }
- v0 = v1 = ti[0] = ti[1] = c = cc = 0;
- *num = n;
-}
-LCRYPTO_ALIAS(DES_ede3_cfb64_encrypt);
-
-/* This is compatible with the single key CFB-r for DES, even thought that's
- * not what EVP needs.
- */
-
-void
-DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
- int numbits, long length, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3,
- DES_cblock *ivec, int enc)
-{
- DES_LONG d0, d1, v0, v1;
- unsigned long l = length, n = ((unsigned int)numbits + 7)/8;
- int num = numbits, i;
- DES_LONG ti[2];
- unsigned char *iv;
- unsigned char ovec[16];
-
- if (num > 64)
- return;
- iv = &(*ivec)[0];
- c2l(iv, v0);
- c2l(iv, v1);
- if (enc) {
- while (l >= n) {
- l -= n;
- ti[0] = v0;
- ti[1] = v1;
- DES_encrypt3(ti, ks1, ks2, ks3);
- c2ln(in, d0, d1, n);
- in += n;
- d0 ^= ti[0];
- d1 ^= ti[1];
- l2cn(d0, d1, out, n);
- out += n;
- /* 30-08-94 - eay - changed because l>>32 and
- * l<<32 are bad under gcc :-( */
- if (num == 32) {
- v0 = v1;
- v1 = d0;
- } else if (num == 64) {
- v0 = d0;
- v1 = d1;
- } else {
- iv = &ovec[0];
- l2c(v0, iv);
- l2c(v1, iv);
- l2c(d0, iv);
- l2c(d1, iv);
- /* shift ovec left most of the bits... */
- memmove(ovec, ovec + num/8,
- 8 + (num % 8 ? 1 : 0));
- /* now the remaining bits */
- if (num % 8 != 0) {
- for (i = 0; i < 8; ++i) {
- ovec[i] <<= num % 8;
- ovec[i] |= ovec[i + 1] >>
- (8 - num % 8);
- }
- }
- iv = &ovec[0];
- c2l(iv, v0);
- c2l(iv, v1);
- }
- }
- } else {
- while (l >= n) {
- l -= n;
- ti[0] = v0;
- ti[1] = v1;
- DES_encrypt3(ti, ks1, ks2, ks3);
- c2ln(in, d0, d1, n);
- in += n;
- /* 30-08-94 - eay - changed because l>>32 and
- * l<<32 are bad under gcc :-( */
- if (num == 32) {
- v0 = v1;
- v1 = d0;
- } else if (num == 64) {
- v0 = d0;
- v1 = d1;
- } else {
- iv = &ovec[0];
- l2c(v0, iv);
- l2c(v1, iv);
- l2c(d0, iv);
- l2c(d1, iv);
- /* shift ovec left most of the bits... */
- memmove(ovec, ovec + num/8,
- 8 + (num % 8 ? 1 : 0));
- /* now the remaining bits */
- if (num % 8 != 0) {
- for (i = 0; i < 8; ++i) {
- ovec[i] <<= num % 8;
- ovec[i] |= ovec[i + 1] >>
- (8 - num % 8);
- }
- }
- iv = &ovec[0];
- c2l(iv, v0);
- c2l(iv, v1);
- }
- d0 ^= ti[0];
- d1 ^= ti[1];
- l2cn(d0, d1, out, n);
- out += n;
- }
- }
- iv = &(*ivec)[0];
- l2c(v0, iv);
- l2c(v1, iv);
- v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
-}
-LCRYPTO_ALIAS(DES_ede3_cfb_encrypt);
diff --git a/src/lib/libcrypto/des/cfb64enc.c b/src/lib/libcrypto/des/cfb64enc.c
deleted file mode 100644
index d2d0dadf11..0000000000
--- a/src/lib/libcrypto/des/cfb64enc.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* $OpenBSD: cfb64enc.c,v 1.9 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void
-DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec, int *num, int enc)
-{
- DES_LONG v0, v1;
- long l = length;
- int n = *num;
- DES_LONG ti[2];
- unsigned char *iv, c, cc;
-
- iv = &(*ivec)[0];
- if (enc) {
- while (l--) {
- if (n == 0) {
- c2l(iv, v0);
- ti[0] = v0;
- c2l(iv, v1);
- ti[1] = v1;
- DES_encrypt1(ti, schedule, DES_ENCRYPT);
- iv = &(*ivec)[0];
- v0 = ti[0];
- l2c(v0, iv);
- v0 = ti[1];
- l2c(v0, iv);
- iv = &(*ivec)[0];
- }
- c = *(in++) ^ iv[n];
- *(out++) = c;
- iv[n] = c;
- n = (n + 1) & 0x07;
- }
- } else {
- while (l--) {
- if (n == 0) {
- c2l(iv, v0);
- ti[0] = v0;
- c2l(iv, v1);
- ti[1] = v1;
- DES_encrypt1(ti, schedule, DES_ENCRYPT);
- iv = &(*ivec)[0];
- v0 = ti[0];
- l2c(v0, iv);
- v0 = ti[1];
- l2c(v0, iv);
- iv = &(*ivec)[0];
- }
- cc = *(in++);
- c = iv[n];
- iv[n] = cc;
- *(out++) = c ^ cc;
- n = (n + 1) & 0x07;
- }
- }
- v0 = v1 = ti[0] = ti[1] = c = cc = 0;
- *num = n;
-}
-LCRYPTO_ALIAS(DES_cfb64_encrypt);
diff --git a/src/lib/libcrypto/des/cfb_enc.c b/src/lib/libcrypto/des/cfb_enc.c
deleted file mode 100644
index ae41c9d079..0000000000
--- a/src/lib/libcrypto/des/cfb_enc.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/* $OpenBSD: cfb_enc.c,v 1.17 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-#include <endian.h>
-
-/* The input and output are loaded in multiples of 8 bits.
- * What this means is that if you hame numbits=12 and length=2
- * the first 12 bits will be retrieved from the first byte and half
- * the second. The second 12 bits will come from the 3rd and half the 4th
- * byte.
- */
-/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
- * will not be compatible with any encryption prior to that date. Ben. */
-void
-DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
- long length, DES_key_schedule *schedule, DES_cblock *ivec,
- int enc)
-{
- DES_LONG d0, d1, v0, v1;
- unsigned long l = length;
- int num = numbits/8, n = (numbits + 7)/8, i, rem = numbits % 8;
- DES_LONG ti[2];
- unsigned char *iv;
-#if BYTE_ORDER != LITTLE_ENDIAN
- unsigned char ovec[16];
-#else
- unsigned int sh[4];
- unsigned char *ovec = (unsigned char *)sh;
-#endif
-
- if (numbits <= 0 || numbits > 64)
- return;
- iv = &(*ivec)[0];
- c2l(iv, v0);
- c2l(iv, v1);
- if (enc) {
- while (l >= (unsigned long)n) {
- l -= n;
- ti[0] = v0;
- ti[1] = v1;
- DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
- c2ln(in, d0, d1, n);
- in += n;
- d0 ^= ti[0];
- d1 ^= ti[1];
- l2cn(d0, d1, out, n);
- out += n;
- /* 30-08-94 - eay - changed because l>>32 and
- * l<<32 are bad under gcc :-( */
- if (numbits == 32) {
- v0 = v1;
- v1 = d0;
- } else if (numbits == 64) {
- v0 = d0;
- v1 = d1;
- } else {
-#if BYTE_ORDER != LITTLE_ENDIAN
- iv = &ovec[0];
- l2c(v0, iv);
- l2c(v1, iv);
- l2c(d0, iv);
- l2c(d1, iv);
-#else
- sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
-#endif
- if (rem == 0)
- memmove(ovec, ovec + num, 8);
- else
- for (i = 0; i < 8; ++i)
- ovec[i] = ovec[i + num] << rem |
- ovec[i + num + 1] >> (8 -
- rem);
-#if BYTE_ORDER == LITTLE_ENDIAN
- v0 = sh[0], v1 = sh[1];
-#else
- iv = &ovec[0];
- c2l(iv, v0);
- c2l(iv, v1);
-#endif
- }
- }
- } else {
- while (l >= (unsigned long)n) {
- l -= n;
- ti[0] = v0;
- ti[1] = v1;
- DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
- c2ln(in, d0, d1, n);
- in += n;
- /* 30-08-94 - eay - changed because l>>32 and
- * l<<32 are bad under gcc :-( */
- if (numbits == 32) {
- v0 = v1;
- v1 = d0;
- } else if (numbits == 64) {
- v0 = d0;
- v1 = d1;
- } else {
-#if BYTE_ORDER != LITTLE_ENDIAN
- iv = &ovec[0];
- l2c(v0, iv);
- l2c(v1, iv);
- l2c(d0, iv);
- l2c(d1, iv);
-#else
- sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
-#endif
- if (rem == 0)
- memmove(ovec, ovec + num, 8);
- else
- for (i = 0; i < 8; ++i)
- ovec[i] = ovec[i + num] << rem |
- ovec[i + num + 1] >> (8 -
- rem);
-#if BYTE_ORDER == LITTLE_ENDIAN
- v0 = sh[0], v1 = sh[1];
-#else
- iv = &ovec[0];
- c2l(iv, v0);
- c2l(iv, v1);
-#endif
- }
- d0 ^= ti[0];
- d1 ^= ti[1];
- l2cn(d0, d1, out, n);
- out += n;
- }
- }
- iv = &(*ivec)[0];
- l2c(v0, iv);
- l2c(v1, iv);
- v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
-}
-LCRYPTO_ALIAS(DES_cfb_encrypt);
diff --git a/src/lib/libcrypto/des/des.c b/src/lib/libcrypto/des/des.c
new file mode 100644
index 0000000000..113fc4b9f9
--- /dev/null
+++ b/src/lib/libcrypto/des/des.c
@@ -0,0 +1,1022 @@
+/* $OpenBSD: des.c,v 1.9 2024/08/31 15:56:09 jsing Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <endian.h>
+
+#include <openssl/opensslconf.h>
+
+#include "des_local.h"
+
+void
+DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+ DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
+{
+ DES_LONG tin0, tin1;
+ DES_LONG tout0, tout1, xor0, xor1;
+ long l = length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ iv = &(*ivec)[0];
+
+ if (enc) {
+ c2l(iv, tout0);
+ c2l(iv, tout1);
+ for (l -= 8; l >= 0; l -= 8) {
+ c2l(in, tin0);
+ c2l(in, tin1);
+ tin0 ^= tout0;
+ tin[0] = tin0;
+ tin1 ^= tout1;
+ tin[1] = tin1;
+ DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
+ tout0 = tin[0];
+ l2c(tout0, out);
+ tout1 = tin[1];
+ l2c(tout1, out);
+ }
+ if (l != -8) {
+ c2ln(in, tin0, tin1, l + 8);
+ tin0 ^= tout0;
+ tin[0] = tin0;
+ tin1 ^= tout1;
+ tin[1] = tin1;
+ DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
+ tout0 = tin[0];
+ l2c(tout0, out);
+ tout1 = tin[1];
+ l2c(tout1, out);
+ }
+ } else {
+ c2l(iv, xor0);
+ c2l(iv, xor1);
+ for (l -= 8; l >= 0; l -= 8) {
+ c2l(in, tin0);
+ tin[0] = tin0;
+ c2l(in, tin1);
+ tin[1] = tin1;
+ DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
+ tout0 = tin[0] ^ xor0;
+ tout1 = tin[1] ^ xor1;
+ l2c(tout0, out);
+ l2c(tout1, out);
+ xor0 = tin0;
+ xor1 = tin1;
+ }
+ if (l != -8) {
+ c2l(in, tin0);
+ tin[0] = tin0;
+ c2l(in, tin1);
+ tin[1] = tin1;
+ DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
+ tout0 = tin[0] ^ xor0;
+ tout1 = tin[1] ^ xor1;
+ l2cn(tout0, tout1, out, l + 8);
+ }
+ }
+ tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+ tin[0] = tin[1] = 0;
+}
+LCRYPTO_ALIAS(DES_cbc_encrypt);
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void
+DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num, int enc)
+{
+ DES_LONG v0, v1;
+ long l = length;
+ int n = *num;
+ DES_LONG ti[2];
+ unsigned char *iv, c, cc;
+
+ iv = &(*ivec)[0];
+ if (enc) {
+ while (l--) {
+ if (n == 0) {
+ c2l(iv, v0);
+ c2l(iv, v1);
+
+ ti[0] = v0;
+ ti[1] = v1;
+ DES_encrypt3(ti, ks1, ks2, ks3);
+ v0 = ti[0];
+ v1 = ti[1];
+
+ iv = &(*ivec)[0];
+ l2c(v0, iv);
+ l2c(v1, iv);
+ iv = &(*ivec)[0];
+ }
+ c = *(in++) ^ iv[n];
+ *(out++) = c;
+ iv[n] = c;
+ n = (n + 1) & 0x07;
+ }
+ } else {
+ while (l--) {
+ if (n == 0) {
+ c2l(iv, v0);
+ c2l(iv, v1);
+
+ ti[0] = v0;
+ ti[1] = v1;
+ DES_encrypt3(ti, ks1, ks2, ks3);
+ v0 = ti[0];
+ v1 = ti[1];
+
+ iv = &(*ivec)[0];
+ l2c(v0, iv);
+ l2c(v1, iv);
+ iv = &(*ivec)[0];
+ }
+ cc = *(in++);
+ c = iv[n];
+ iv[n] = cc;
+ *(out++) = c ^ cc;
+ n = (n + 1) & 0x07;
+ }
+ }
+ v0 = v1 = ti[0] = ti[1] = c = cc = 0;
+ *num = n;
+}
+LCRYPTO_ALIAS(DES_ede3_cfb64_encrypt);
+
+/* This is compatible with the single key CFB-r for DES, even thought that's
+ * not what EVP needs.
+ */
+
+void
+DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
+ int numbits, long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int enc)
+{
+ DES_LONG d0, d1, v0, v1;
+ unsigned long l = length, n = ((unsigned int)numbits + 7)/8;
+ int num = numbits, i;
+ DES_LONG ti[2];
+ unsigned char *iv;
+ unsigned char ovec[16];
+
+ if (num > 64)
+ return;
+ iv = &(*ivec)[0];
+ c2l(iv, v0);
+ c2l(iv, v1);
+ if (enc) {
+ while (l >= n) {
+ l -= n;
+ ti[0] = v0;
+ ti[1] = v1;
+ DES_encrypt3(ti, ks1, ks2, ks3);
+ c2ln(in, d0, d1, n);
+ in += n;
+ d0 ^= ti[0];
+ d1 ^= ti[1];
+ l2cn(d0, d1, out, n);
+ out += n;
+ /* 30-08-94 - eay - changed because l>>32 and
+ * l<<32 are bad under gcc :-( */
+ if (num == 32) {
+ v0 = v1;
+ v1 = d0;
+ } else if (num == 64) {
+ v0 = d0;
+ v1 = d1;
+ } else {
+ iv = &ovec[0];
+ l2c(v0, iv);
+ l2c(v1, iv);
+ l2c(d0, iv);
+ l2c(d1, iv);
+ /* shift ovec left most of the bits... */
+ memmove(ovec, ovec + num/8,
+ 8 + (num % 8 ? 1 : 0));
+ /* now the remaining bits */
+ if (num % 8 != 0) {
+ for (i = 0; i < 8; ++i) {
+ ovec[i] <<= num % 8;
+ ovec[i] |= ovec[i + 1] >>
+ (8 - num % 8);
+ }
+ }
+ iv = &ovec[0];
+ c2l(iv, v0);
+ c2l(iv, v1);
+ }
+ }
+ } else {
+ while (l >= n) {
+ l -= n;
+ ti[0] = v0;
+ ti[1] = v1;
+ DES_encrypt3(ti, ks1, ks2, ks3);
+ c2ln(in, d0, d1, n);
+ in += n;
+ /* 30-08-94 - eay - changed because l>>32 and
+ * l<<32 are bad under gcc :-( */
+ if (num == 32) {
+ v0 = v1;
+ v1 = d0;
+ } else if (num == 64) {
+ v0 = d0;
+ v1 = d1;
+ } else {
+ iv = &ovec[0];
+ l2c(v0, iv);
+ l2c(v1, iv);
+ l2c(d0, iv);
+ l2c(d1, iv);
+ /* shift ovec left most of the bits... */
+ memmove(ovec, ovec + num/8,
+ 8 + (num % 8 ? 1 : 0));
+ /* now the remaining bits */
+ if (num % 8 != 0) {
+ for (i = 0; i < 8; ++i) {
+ ovec[i] <<= num % 8;
+ ovec[i] |= ovec[i + 1] >>
+ (8 - num % 8);
+ }
+ }
+ iv = &ovec[0];
+ c2l(iv, v0);
+ c2l(iv, v1);
+ }
+ d0 ^= ti[0];
+ d1 ^= ti[1];
+ l2cn(d0, d1, out, n);
+ out += n;
+ }
+ }
+ iv = &(*ivec)[0];
+ l2c(v0, iv);
+ l2c(v1, iv);
+ v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
+}
+LCRYPTO_ALIAS(DES_ede3_cfb_encrypt);
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void
+DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int *num, int enc)
+{
+ DES_LONG v0, v1;
+ long l = length;
+ int n = *num;
+ DES_LONG ti[2];
+ unsigned char *iv, c, cc;
+
+ iv = &(*ivec)[0];
+ if (enc) {
+ while (l--) {
+ if (n == 0) {
+ c2l(iv, v0);
+ ti[0] = v0;
+ c2l(iv, v1);
+ ti[1] = v1;
+ DES_encrypt1(ti, schedule, DES_ENCRYPT);
+ iv = &(*ivec)[0];
+ v0 = ti[0];
+ l2c(v0, iv);
+ v0 = ti[1];
+ l2c(v0, iv);
+ iv = &(*ivec)[0];
+ }
+ c = *(in++) ^ iv[n];
+ *(out++) = c;
+ iv[n] = c;
+ n = (n + 1) & 0x07;
+ }
+ } else {
+ while (l--) {
+ if (n == 0) {
+ c2l(iv, v0);
+ ti[0] = v0;
+ c2l(iv, v1);
+ ti[1] = v1;
+ DES_encrypt1(ti, schedule, DES_ENCRYPT);
+ iv = &(*ivec)[0];
+ v0 = ti[0];
+ l2c(v0, iv);
+ v0 = ti[1];
+ l2c(v0, iv);
+ iv = &(*ivec)[0];
+ }
+ cc = *(in++);
+ c = iv[n];
+ iv[n] = cc;
+ *(out++) = c ^ cc;
+ n = (n + 1) & 0x07;
+ }
+ }
+ v0 = v1 = ti[0] = ti[1] = c = cc = 0;
+ *num = n;
+}
+LCRYPTO_ALIAS(DES_cfb64_encrypt);
+
+/* The input and output are loaded in multiples of 8 bits.
+ * What this means is that if you hame numbits=12 and length=2
+ * the first 12 bits will be retrieved from the first byte and half
+ * the second. The second 12 bits will come from the 3rd and half the 4th
+ * byte.
+ */
+/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
+ * will not be compatible with any encryption prior to that date. Ben. */
+void
+DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+ long length, DES_key_schedule *schedule, DES_cblock *ivec,
+ int enc)
+{
+ DES_LONG d0, d1, v0, v1;
+ unsigned long l = length;
+ int num = numbits/8, n = (numbits + 7)/8, i, rem = numbits % 8;
+ DES_LONG ti[2];
+ unsigned char *iv;
+#if BYTE_ORDER != LITTLE_ENDIAN
+ unsigned char ovec[16];
+#else
+ unsigned int sh[4];
+ unsigned char *ovec = (unsigned char *)sh;
+#endif
+
+ if (numbits <= 0 || numbits > 64)
+ return;
+ iv = &(*ivec)[0];
+ c2l(iv, v0);
+ c2l(iv, v1);
+ if (enc) {
+ while (l >= (unsigned long)n) {
+ l -= n;
+ ti[0] = v0;
+ ti[1] = v1;
+ DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
+ c2ln(in, d0, d1, n);
+ in += n;
+ d0 ^= ti[0];
+ d1 ^= ti[1];
+ l2cn(d0, d1, out, n);
+ out += n;
+ /* 30-08-94 - eay - changed because l>>32 and
+ * l<<32 are bad under gcc :-( */
+ if (numbits == 32) {
+ v0 = v1;
+ v1 = d0;
+ } else if (numbits == 64) {
+ v0 = d0;
+ v1 = d1;
+ } else {
+#if BYTE_ORDER != LITTLE_ENDIAN
+ iv = &ovec[0];
+ l2c(v0, iv);
+ l2c(v1, iv);
+ l2c(d0, iv);
+ l2c(d1, iv);
+#else
+ sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
+#endif
+ if (rem == 0)
+ memmove(ovec, ovec + num, 8);
+ else
+ for (i = 0; i < 8; ++i)
+ ovec[i] = ovec[i + num] << rem |
+ ovec[i + num + 1] >> (8 -
+ rem);
+#if BYTE_ORDER == LITTLE_ENDIAN
+ v0 = sh[0], v1 = sh[1];
+#else
+ iv = &ovec[0];
+ c2l(iv, v0);
+ c2l(iv, v1);
+#endif
+ }
+ }
+ } else {
+ while (l >= (unsigned long)n) {
+ l -= n;
+ ti[0] = v0;
+ ti[1] = v1;
+ DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
+ c2ln(in, d0, d1, n);
+ in += n;
+ /* 30-08-94 - eay - changed because l>>32 and
+ * l<<32 are bad under gcc :-( */
+ if (numbits == 32) {
+ v0 = v1;
+ v1 = d0;
+ } else if (numbits == 64) {
+ v0 = d0;
+ v1 = d1;
+ } else {
+#if BYTE_ORDER != LITTLE_ENDIAN
+ iv = &ovec[0];
+ l2c(v0, iv);
+ l2c(v1, iv);
+ l2c(d0, iv);
+ l2c(d1, iv);
+#else
+ sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
+#endif
+ if (rem == 0)
+ memmove(ovec, ovec + num, 8);
+ else
+ for (i = 0; i < 8; ++i)
+ ovec[i] = ovec[i + num] << rem |
+ ovec[i + num + 1] >> (8 -
+ rem);
+#if BYTE_ORDER == LITTLE_ENDIAN
+ v0 = sh[0], v1 = sh[1];
+#else
+ iv = &ovec[0];
+ c2l(iv, v0);
+ c2l(iv, v1);
+#endif
+ }
+ d0 ^= ti[0];
+ d1 ^= ti[1];
+ l2cn(d0, d1, out, n);
+ out += n;
+ }
+ }
+ iv = &(*ivec)[0];
+ l2c(v0, iv);
+ l2c(v1, iv);
+ v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
+}
+LCRYPTO_ALIAS(DES_cfb_encrypt);
+
+void
+DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+ DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3,
+ int enc)
+{
+ DES_LONG l0, l1;
+ DES_LONG ll[2];
+ const unsigned char *in = &(*input)[0];
+ unsigned char *out = &(*output)[0];
+
+ c2l(in, l0);
+ c2l(in, l1);
+ ll[0] = l0;
+ ll[1] = l1;
+ if (enc)
+ DES_encrypt3(ll, ks1, ks2, ks3);
+ else
+ DES_decrypt3(ll, ks1, ks2, ks3);
+ l0 = ll[0];
+ l1 = ll[1];
+ l2c(l0, out);
+ l2c(l1, out);
+}
+LCRYPTO_ALIAS(DES_ecb3_encrypt);
+
+void
+DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+ DES_key_schedule *ks, int enc)
+{
+ DES_LONG l;
+ DES_LONG ll[2];
+ const unsigned char *in = &(*input)[0];
+ unsigned char *out = &(*output)[0];
+
+ c2l(in, l);
+ ll[0] = l;
+ c2l(in, l);
+ ll[1] = l;
+ DES_encrypt1(ll, ks, enc);
+ l = ll[0];
+ l2c(l, out);
+ l = ll[1];
+ l2c(l, out);
+ l = ll[0] = ll[1] = 0;
+}
+LCRYPTO_ALIAS(DES_ecb_encrypt);
+
+/*
+
+This is an implementation of Triple DES Cipher Block Chaining with Output
+Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
+
+Note that there is a known attack on this by Biham and Knudsen but it takes
+a lot of work:
+
+http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
+
+*/
+
+#ifndef OPENSSL_NO_DESCBCM
+void
+DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
+ int enc)
+{
+ DES_LONG tin0, tin1;
+ DES_LONG tout0, tout1, xor0, xor1, m0, m1;
+ long l = length;
+ DES_LONG tin[2];
+ unsigned char *iv1, *iv2;
+
+ iv1 = &(*ivec1)[0];
+ iv2 = &(*ivec2)[0];
+
+ if (enc) {
+ c2l(iv1, m0);
+ c2l(iv1, m1);
+ c2l(iv2, tout0);
+ c2l(iv2, tout1);
+ for (l -= 8; l >= -7; l -= 8) {
+ tin[0] = m0;
+ tin[1] = m1;
+ DES_encrypt1(tin, ks3, 1);
+ m0 = tin[0];
+ m1 = tin[1];
+
+ if (l < 0) {
+ c2ln(in, tin0, tin1, l + 8);
+ } else {
+ c2l(in, tin0);
+ c2l(in, tin1);
+ }
+ tin0 ^= tout0;
+ tin1 ^= tout1;
+
+ tin[0] = tin0;
+ tin[1] = tin1;
+ DES_encrypt1(tin, ks1, 1);
+ tin[0] ^= m0;
+ tin[1] ^= m1;
+ DES_encrypt1(tin, ks2, 0);
+ tin[0] ^= m0;
+ tin[1] ^= m1;
+ DES_encrypt1(tin, ks1, 1);
+ tout0 = tin[0];
+ tout1 = tin[1];
+
+ l2c(tout0, out);
+ l2c(tout1, out);
+ }
+ iv1 = &(*ivec1)[0];
+ l2c(m0, iv1);
+ l2c(m1, iv1);
+
+ iv2 = &(*ivec2)[0];
+ l2c(tout0, iv2);
+ l2c(tout1, iv2);
+ } else {
+ DES_LONG t0, t1;
+
+ c2l(iv1, m0);
+ c2l(iv1, m1);
+ c2l(iv2, xor0);
+ c2l(iv2, xor1);
+ for (l -= 8; l >= -7; l -= 8) {
+ tin[0] = m0;
+ tin[1] = m1;
+ DES_encrypt1(tin, ks3, 1);
+ m0 = tin[0];
+ m1 = tin[1];
+
+ c2l(in, tin0);
+ c2l(in, tin1);
+
+ t0 = tin0;
+ t1 = tin1;
+
+ tin[0] = tin0;
+ tin[1] = tin1;
+ DES_encrypt1(tin, ks1, 0);
+ tin[0] ^= m0;
+ tin[1] ^= m1;
+ DES_encrypt1(tin, ks2, 1);
+ tin[0] ^= m0;
+ tin[1] ^= m1;
+ DES_encrypt1(tin, ks1, 0);
+ tout0 = tin[0];
+ tout1 = tin[1];
+
+ tout0 ^= xor0;
+ tout1 ^= xor1;
+ if (l < 0) {
+ l2cn(tout0, tout1, out, l + 8);
+ } else {
+ l2c(tout0, out);
+ l2c(tout1, out);
+ }
+ xor0 = t0;
+ xor1 = t1;
+ }
+
+ iv1 = &(*ivec1)[0];
+ l2c(m0, iv1);
+ l2c(m1, iv1);
+
+ iv2 = &(*ivec2)[0];
+ l2c(xor0, iv2);
+ l2c(xor1, iv2);
+ }
+ tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+ tin[0] = tin[1] = 0;
+}
+LCRYPTO_ALIAS(DES_ede3_cbcm_encrypt);
+#endif
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void
+DES_ede3_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ DES_key_schedule *k1, DES_key_schedule *k2,
+ DES_key_schedule *k3, DES_cblock *ivec,
+ int *num)
+{
+ DES_LONG v0, v1;
+ int n = *num;
+ long l = length;
+ DES_cblock d;
+ char *dp;
+ DES_LONG ti[2];
+ unsigned char *iv;
+ int save = 0;
+
+ iv = &(*ivec)[0];
+ c2l(iv, v0);
+ c2l(iv, v1);
+ ti[0] = v0;
+ ti[1] = v1;
+ dp = (char *)d;
+ l2c(v0, dp);
+ l2c(v1, dp);
+ while (l--) {
+ if (n == 0) {
+ /* ti[0]=v0; */
+ /* ti[1]=v1; */
+ DES_encrypt3(ti, k1, k2, k3);
+ v0 = ti[0];
+ v1 = ti[1];
+
+ dp = (char *)d;
+ l2c(v0, dp);
+ l2c(v1, dp);
+ save++;
+ }
+ *(out++) = *(in++) ^ d[n];
+ n = (n + 1) & 0x07;
+ }
+ if (save) {
+ iv = &(*ivec)[0];
+ l2c(v0, iv);
+ l2c(v1, iv);
+ }
+ v0 = v1 = ti[0] = ti[1] = 0;
+ *num = n;
+}
+LCRYPTO_ALIAS(DES_ede3_ofb64_encrypt);
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void
+DES_ofb64_encrypt(const unsigned char *in,
+ unsigned char *out, long length,
+ DES_key_schedule *schedule, DES_cblock *ivec, int *num)
+{
+ DES_LONG v0, v1, t;
+ int n = *num;
+ long l = length;
+ DES_cblock d;
+ unsigned char *dp;
+ DES_LONG ti[2];
+ unsigned char *iv;
+ int save = 0;
+
+ iv = &(*ivec)[0];
+ c2l(iv, v0);
+ c2l(iv, v1);
+ ti[0] = v0;
+ ti[1] = v1;
+ dp = d;
+ l2c(v0, dp);
+ l2c(v1, dp);
+ while (l--) {
+ if (n == 0) {
+ DES_encrypt1(ti, schedule, DES_ENCRYPT);
+ dp = d;
+ t = ti[0];
+ l2c(t, dp);
+ t = ti[1];
+ l2c(t, dp);
+ save++;
+ }
+ *(out++) = *(in++) ^ d[n];
+ n = (n + 1) & 0x07;
+ }
+ if (save) {
+ v0 = ti[0];
+ v1 = ti[1];
+ iv = &(*ivec)[0];
+ l2c(v0, iv);
+ l2c(v1, iv);
+ }
+ t = v0 = v1 = ti[0] = ti[1] = 0;
+ *num = n;
+}
+LCRYPTO_ALIAS(DES_ofb64_encrypt);
+
+/* The input and output are loaded in multiples of 8 bits.
+ * What this means is that if you hame numbits=12 and length=2
+ * the first 12 bits will be retrieved from the first byte and half
+ * the second. The second 12 bits will come from the 3rd and half the 4th
+ * byte.
+ */
+void
+DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec)
+{
+ DES_LONG d0, d1, vv0, vv1, v0, v1, n = (numbits + 7)/8;
+ DES_LONG mask0, mask1;
+ long l = length;
+ int num = numbits;
+ DES_LONG ti[2];
+ unsigned char *iv;
+
+ if (num > 64)
+ return;
+ if (num > 32) {
+ mask0 = 0xffffffffL;
+ if (num >= 64)
+ mask1 = mask0;
+ else
+ mask1 = (1L << (num - 32)) - 1;
+ } else {
+ if (num == 32)
+ mask0 = 0xffffffffL;
+ else
+ mask0 = (1L << num) - 1;
+ mask1 = 0x00000000L;
+ }
+
+ iv = &(*ivec)[0];
+ c2l(iv, v0);
+ c2l(iv, v1);
+ ti[0] = v0;
+ ti[1] = v1;
+ while (l-- > 0) {
+ ti[0] = v0;
+ ti[1] = v1;
+ DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
+ vv0 = ti[0];
+ vv1 = ti[1];
+ c2ln(in, d0, d1, n);
+ in += n;
+ d0 = (d0 ^ vv0) & mask0;
+ d1 = (d1 ^ vv1) & mask1;
+ l2cn(d0, d1, out, n);
+ out += n;
+
+ if (num == 32) {
+ v0 = v1;
+ v1 = vv0;
+ } else if (num == 64) {
+ v0 = vv0;
+ v1 = vv1;
+ } else if (num > 32) { /* && num != 64 */
+ v0 = ((v1 >> (num - 32))|(vv0 << (64 - num))) &
+ 0xffffffffL;
+ v1 = ((vv0 >> (num - 32))|(vv1 << (64 - num))) &
+ 0xffffffffL;
+ } else /* num < 32 */ {
+ v0 = ((v0 >> num)|(v1 << (32 - num))) & 0xffffffffL;
+ v1 = ((v1 >> num)|(vv0 << (32 - num))) & 0xffffffffL;
+ }
+ }
+ iv = &(*ivec)[0];
+ l2c(v0, iv);
+ l2c(v1, iv);
+ v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
+}
+LCRYPTO_ALIAS(DES_ofb_encrypt);
+
+void
+DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc)
+{
+ DES_LONG sin0, sin1, xor0, xor1, tout0, tout1;
+ DES_LONG tin[2];
+ const unsigned char *in;
+ unsigned char *out, *iv;
+
+ in = input;
+ out = output;
+ iv = &(*ivec)[0];
+
+ if (enc) {
+ c2l(iv, xor0);
+ c2l(iv, xor1);
+ for (; length > 0; length -= 8) {
+ if (length >= 8) {
+ c2l(in, sin0);
+ c2l(in, sin1);
+ } else
+ c2ln(in, sin0, sin1, length);
+ tin[0] = sin0 ^ xor0;
+ tin[1] = sin1 ^ xor1;
+ DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
+ tout0 = tin[0];
+ tout1 = tin[1];
+ xor0 = sin0 ^ tout0;
+ xor1 = sin1 ^ tout1;
+ l2c(tout0, out);
+ l2c(tout1, out);
+ }
+ } else {
+ c2l(iv, xor0);
+ c2l(iv, xor1);
+ for (; length > 0; length -= 8) {
+ c2l(in, sin0);
+ c2l(in, sin1);
+ tin[0] = sin0;
+ tin[1] = sin1;
+ DES_encrypt1((DES_LONG *)tin, schedule, DES_DECRYPT);
+ tout0 = tin[0] ^ xor0;
+ tout1 = tin[1] ^ xor1;
+ if (length >= 8) {
+ l2c(tout0, out);
+ l2c(tout1, out);
+ } else
+ l2cn(tout0, tout1, out, length);
+ xor0 = tout0 ^ sin0;
+ xor1 = tout1 ^ sin1;
+ }
+ }
+ tin[0] = tin[1] = 0;
+ sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
+}
+LCRYPTO_ALIAS(DES_pcbc_encrypt);
+
+/* RSA's DESX */
+
+void
+DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, const_DES_cblock *inw,
+ const_DES_cblock *outw, int enc)
+{
+ DES_LONG tin0, tin1;
+ DES_LONG tout0, tout1, xor0, xor1;
+ DES_LONG inW0, inW1, outW0, outW1;
+ const unsigned char *in2;
+ long l = length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in2 = &(*inw)[0];
+ c2l(in2, inW0);
+ c2l(in2, inW1);
+ in2 = &(*outw)[0];
+ c2l(in2, outW0);
+ c2l(in2, outW1);
+
+ iv = &(*ivec)[0];
+
+ if (enc) {
+ c2l(iv, tout0);
+ c2l(iv, tout1);
+ for (l -= 8; l >= 0; l -= 8) {
+ c2l(in, tin0);
+ c2l(in, tin1);
+ tin0 ^= tout0 ^ inW0;
+ tin[0] = tin0;
+ tin1 ^= tout1 ^ inW1;
+ tin[1] = tin1;
+ DES_encrypt1(tin, schedule, DES_ENCRYPT);
+ tout0 = tin[0] ^ outW0;
+ l2c(tout0, out);
+ tout1 = tin[1] ^ outW1;
+ l2c(tout1, out);
+ }
+ if (l != -8) {
+ c2ln(in, tin0, tin1, l + 8);
+ tin0 ^= tout0 ^ inW0;
+ tin[0] = tin0;
+ tin1 ^= tout1 ^ inW1;
+ tin[1] = tin1;
+ DES_encrypt1(tin, schedule, DES_ENCRYPT);
+ tout0 = tin[0] ^ outW0;
+ l2c(tout0, out);
+ tout1 = tin[1] ^ outW1;
+ l2c(tout1, out);
+ }
+ iv = &(*ivec)[0];
+ l2c(tout0, iv);
+ l2c(tout1, iv);
+ } else {
+ c2l(iv, xor0);
+ c2l(iv, xor1);
+ for (l -= 8; l > 0; l -= 8) {
+ c2l(in, tin0);
+ tin[0] = tin0 ^ outW0;
+ c2l(in, tin1);
+ tin[1] = tin1 ^ outW1;
+ DES_encrypt1(tin, schedule, DES_DECRYPT);
+ tout0 = tin[0] ^ xor0 ^ inW0;
+ tout1 = tin[1] ^ xor1 ^ inW1;
+ l2c(tout0, out);
+ l2c(tout1, out);
+ xor0 = tin0;
+ xor1 = tin1;
+ }
+ if (l != -8) {
+ c2l(in, tin0);
+ tin[0] = tin0 ^ outW0;
+ c2l(in, tin1);
+ tin[1] = tin1 ^ outW1;
+ DES_encrypt1(tin, schedule, DES_DECRYPT);
+ tout0 = tin[0] ^ xor0 ^ inW0;
+ tout1 = tin[1] ^ xor1 ^ inW1;
+ l2cn(tout0, tout1, out, l + 8);
+ xor0 = tin0;
+ xor1 = tin1;
+ }
+
+ iv = &(*ivec)[0];
+ l2c(xor0, iv);
+ l2c(xor1, iv);
+ }
+ tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+ inW0 = inW1 = outW0 = outW1 = 0;
+ tin[0] = tin[1] = 0;
+}
+LCRYPTO_ALIAS(DES_xcbc_encrypt);
diff --git a/src/lib/libcrypto/des/des_cksum.c b/src/lib/libcrypto/des/des_cksum.c
new file mode 100644
index 0000000000..6dfb8a0340
--- /dev/null
+++ b/src/lib/libcrypto/des/des_cksum.c
@@ -0,0 +1,173 @@
+/* $OpenBSD: des_cksum.c,v 1.1 2024/08/31 15:56:09 jsing Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer
+ * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40
+ * This module in only based on the code in this paper and is
+ * almost definitely not the same as the MIT implementation.
+ */
+#include "des_local.h"
+
+/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
+#define Q_B0(a) (((DES_LONG)(a)))
+#define Q_B1(a) (((DES_LONG)(a))<<8)
+#define Q_B2(a) (((DES_LONG)(a))<<16)
+#define Q_B3(a) (((DES_LONG)(a))<<24)
+
+/* used to scramble things a bit */
+/* Got the value MIT uses via brute force :-) 2/10/90 eay */
+#define NOISE ((DES_LONG)83653421L)
+
+DES_LONG
+DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
+ long length, DES_key_schedule *schedule,
+ const_DES_cblock *ivec)
+{
+ DES_LONG tout0, tout1, tin0, tin1;
+ long l = length;
+ DES_LONG tin[2];
+ unsigned char *out = &(*output)[0];
+ const unsigned char *iv = &(*ivec)[0];
+
+ c2l(iv, tout0);
+ c2l(iv, tout1);
+ for (; l > 0; l -= 8) {
+ if (l >= 8) {
+ c2l(in, tin0);
+ c2l(in, tin1);
+ } else
+ c2ln(in, tin0, tin1, l);
+
+ tin0 ^= tout0;
+ tin[0] = tin0;
+ tin1 ^= tout1;
+ tin[1] = tin1;
+ DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
+ /* fix 15/10/91 eay - thanks to keithr@sco.COM */
+ tout0 = tin[0];
+ tout1 = tin[1];
+ }
+ if (out != NULL) {
+ l2c(tout0, out);
+ l2c(tout1, out);
+ }
+ tout0 = tin0 = tin1 = tin[0] = tin[1] = 0;
+ /*
+ Transform the data in tout1 so that it will
+ match the return value that the MIT Kerberos
+ mit_des_cbc_cksum API returns.
+ */
+ tout1 = ((tout1 >> 24L) & 0x000000FF) |
+ ((tout1 >> 8L) & 0x0000FF00) |
+ ((tout1 << 8L) & 0x00FF0000) |
+ ((tout1 << 24L) & 0xFF000000);
+ return (tout1);
+}
+LCRYPTO_ALIAS(DES_cbc_cksum);
+
+DES_LONG
+DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+ long length, int out_count, DES_cblock *seed)
+{
+ DES_LONG z0, z1, t0, t1;
+ int i;
+ long l;
+ const unsigned char *cp;
+ DES_LONG *lp;
+
+ if (out_count < 1)
+ out_count = 1;
+ lp = (DES_LONG *)&(output[0])[0];
+
+ z0 = Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3(
+ (*seed)[3]);
+ z1 = Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3(
+ (*seed)[7]);
+
+ for (i = 0; ((i < 4) && (i < out_count)); i++) {
+ cp = input;
+ l = length;
+ while (l > 0) {
+ if (l > 1) {
+ t0 = (DES_LONG)(*(cp++));
+ t0 |= (DES_LONG)Q_B1(*(cp++));
+ l--;
+ } else
+ t0 = (DES_LONG)(*(cp++));
+ l--;
+ /* add */
+ t0 += z0;
+ t0 &= 0xffffffffL;
+ t1 = z1;
+ /* square, well sort of square */
+ z0 = ((((t0*t0) & 0xffffffffL) +
+ ((t1*t1) & 0xffffffffL)) & 0xffffffffL) %
+ 0x7fffffffL;
+ z1 = ((t0*((t1 + NOISE) & 0xffffffffL)) & 0xffffffffL) %
+ 0x7fffffffL;
+ }
+ if (lp != NULL) {
+ /* The MIT library assumes that the checksum is
+ * composed of 2*out_count 32 bit ints */
+ *lp++ = z0;
+ *lp++ = z1;
+ }
+ }
+ return (z0);
+}
+LCRYPTO_ALIAS(DES_quad_cksum);
diff --git a/src/lib/libcrypto/des/des_fcrypt.c b/src/lib/libcrypto/des/des_fcrypt.c
new file mode 100644
index 0000000000..877ffdbc83
--- /dev/null
+++ b/src/lib/libcrypto/des/des_fcrypt.c
@@ -0,0 +1,261 @@
+/* $OpenBSD: des_fcrypt.c,v 1.1 2024/08/31 15:56:09 jsing Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+
+/* This version of crypt has been developed from my MIT compatible
+ * DES library.
+ * Eric Young (eay@cryptsoft.com)
+ */
+
+/* Modification by Jens Kupferschmidt (Cu)
+ * I have included directive PARA for shared memory computers.
+ * I have included a directive LONGCRYPT to using this routine to cipher
+ * passwords with more than 8 bytes like HP-UX 10.x it used. The MAXPLEN
+ * definition is the maximum of length of password and can changed. I have
+ * defined 24.
+ */
+
+#define DES_FCRYPT
+#include "des_local.h"
+#undef DES_FCRYPT
+
+#ifndef OPENBSD_DES_ASM
+
+#undef PERM_OP
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)), \
+ (b)^=(t), \
+ (a)^=((t)<<(n)))
+
+#undef HPERM_OP
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)), \
+ (a)=(a)^(t)^(t>>(16-(n)))) \
+
+void
+fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0,
+ DES_LONG Eswap1)
+{
+ DES_LONG l, r, t, u;
+#ifdef DES_PTR
+ const unsigned char *des_SP = (const unsigned char *)DES_SPtrans;
+#endif
+ DES_LONG *s;
+ int j;
+ DES_LONG E0, E1;
+
+ l = 0;
+ r = 0;
+
+ s = (DES_LONG *)ks;
+ E0 = Eswap0;
+ E1 = Eswap1;
+
+ for (j = 0; j < 25; j++) {
+#ifndef DES_UNROLL
+ int i;
+
+ for (i = 0; i < 32; i += 4) {
+ D_ENCRYPT(l, r, i + 0); /* 1 */
+ D_ENCRYPT(r, l, i + 2); /* 2 */
+ }
+#else
+ D_ENCRYPT(l, r, 0); /* 1 */
+ D_ENCRYPT(r, l, 2); /* 2 */
+ D_ENCRYPT(l, r, 4); /* 3 */
+ D_ENCRYPT(r, l, 6); /* 4 */
+ D_ENCRYPT(l, r, 8); /* 5 */
+ D_ENCRYPT(r, l, 10); /* 6 */
+ D_ENCRYPT(l, r, 12); /* 7 */
+ D_ENCRYPT(r, l, 14); /* 8 */
+ D_ENCRYPT(l, r, 16); /* 9 */
+ D_ENCRYPT(r, l, 18); /* 10 */
+ D_ENCRYPT(l, r, 20); /* 11 */
+ D_ENCRYPT(r, l, 22); /* 12 */
+ D_ENCRYPT(l, r, 24); /* 13 */
+ D_ENCRYPT(r, l, 26); /* 14 */
+ D_ENCRYPT(l, r, 28); /* 15 */
+ D_ENCRYPT(r, l, 30); /* 16 */
+#endif
+
+ t = l;
+ l = r;
+ r = t;
+ }
+ l = ROTATE(l, 3) & 0xffffffffL;
+ r = ROTATE(r, 3) & 0xffffffffL;
+
+ PERM_OP(l, r, t, 1, 0x55555555L);
+ PERM_OP(r, l, t, 8, 0x00ff00ffL);
+ PERM_OP(l, r, t, 2, 0x33333333L);
+ PERM_OP(r, l, t, 16, 0x0000ffffL);
+ PERM_OP(l, r, t, 4, 0x0f0f0f0fL);
+
+ out[0] = r;
+ out[1] = l;
+}
+
+#endif /* OPENBSD_DES_ASM */
+
+/* Added more values to handle illegal salt values the way normal
+ * crypt() implementations do. The patch was sent by
+ * Bjorn Gronvall <bg@sics.se>
+ */
+static unsigned const char con_salt[128] = {
+ 0xD2, 0xD3, 0xD4, 0xD5, 0xD6, 0xD7, 0xD8, 0xD9,
+ 0xDA, 0xDB, 0xDC, 0xDD, 0xDE, 0xDF, 0xE0, 0xE1,
+ 0xE2, 0xE3, 0xE4, 0xE5, 0xE6, 0xE7, 0xE8, 0xE9,
+ 0xEA, 0xEB, 0xEC, 0xED, 0xEE, 0xEF, 0xF0, 0xF1,
+ 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9,
+ 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF, 0x00, 0x01,
+ 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
+ 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A,
+ 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12,
+ 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A,
+ 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
+ 0x23, 0x24, 0x25, 0x20, 0x21, 0x22, 0x23, 0x24,
+ 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C,
+ 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34,
+ 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C,
+ 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44,
+};
+
+static unsigned const char cov_2char[64] = {
+ 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
+ 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44,
+ 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C,
+ 0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54,
+ 0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x61, 0x62,
+ 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A,
+ 0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71, 0x72,
+ 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A
+};
+
+char *
+DES_crypt(const char *buf, const char *salt)
+{
+ static char buff[14];
+
+ return (DES_fcrypt(buf, salt, buff));
+}
+LCRYPTO_ALIAS(DES_crypt);
+
+char *
+DES_fcrypt(const char *buf, const char *salt, char *ret)
+{
+ unsigned int i, j, x, y;
+ DES_LONG Eswap0, Eswap1;
+ DES_LONG out[2], ll;
+ DES_cblock key;
+ DES_key_schedule ks;
+ unsigned char bb[9];
+ unsigned char *b = bb;
+ unsigned char c, u;
+
+ /* eay 25/08/92
+ * If you call crypt("pwd","*") as often happens when you
+ * have * as the pwd field in /etc/passwd, the function
+ * returns *\0xxxxxxxxx
+ * The \0 makes the string look like * so the pwd "*" would
+ * crypt to "*". This was found when replacing the crypt in
+ * our shared libraries. People found that the disabled
+ * accounts effectively had no passwd :-(. */
+ x = ret[0] = ((salt[0] == '\0') ? 'A' : salt[0]);
+ Eswap0 = con_salt[x] << 2;
+ x = ret[1] = ((salt[1] == '\0') ? 'A' : salt[1]);
+ Eswap1 = con_salt[x] << 6;
+/* EAY
+r=strlen(buf);
+r=(r+7)/8;
+*/
+ for (i = 0; i < 8; i++) {
+ c = *(buf++);
+ if (!c)
+ break;
+ key[i] = (c << 1);
+ }
+ for (; i < 8; i++)
+ key[i] = 0;
+
+ DES_set_key_unchecked(&key, &ks);
+ fcrypt_body(&(out[0]), &ks, Eswap0, Eswap1);
+
+ ll = out[0];
+ l2c(ll, b);
+ ll = out[1];
+ l2c(ll, b);
+ y = 0;
+ u = 0x80;
+ bb[8] = 0;
+ for (i = 2; i < 13; i++) {
+ c = 0;
+ for (j = 0; j < 6; j++) {
+ c <<= 1;
+ if (bb[y] & u)
+ c |= 1;
+ u >>= 1;
+ if (!u) {
+ y++;
+ u = 0x80;
+ }
+ }
+ ret[i] = cov_2char[c];
+ }
+ ret[13] = '\0';
+ return (ret);
+}
+LCRYPTO_ALIAS(DES_fcrypt);
diff --git a/src/lib/libcrypto/des/des_key.c b/src/lib/libcrypto/des/des_key.c
new file mode 100644
index 0000000000..eee8a7e127
--- /dev/null
+++ b/src/lib/libcrypto/des/des_key.c
@@ -0,0 +1,523 @@
+/* $OpenBSD: des_key.c,v 1.1 2024/08/31 15:56:09 jsing Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+
+#include <openssl/crypto.h>
+
+#include "des_local.h"
+
+int DES_check_key = 0; /* defaults to false */
+LCRYPTO_ALIAS(DES_check_key);
+
+static const unsigned char odd_parity[256] = {
+ 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
+ 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
+ 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
+ 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
+ 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
+ 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
+ 97, 97, 98, 98, 100, 100, 103, 103, 104, 104, 107, 107, 109, 109, 110, 110,
+ 112, 112, 115, 115, 117, 117, 118, 118, 121, 121, 122, 122, 124, 124, 127, 127,
+ 128, 128, 131, 131, 133, 133, 134, 134, 137, 137, 138, 138, 140, 140, 143, 143,
+ 145, 145, 146, 146, 148, 148, 151, 151, 152, 152, 155, 155, 157, 157, 158, 158,
+ 161, 161, 162, 162, 164, 164, 167, 167, 168, 168, 171, 171, 173, 173, 174, 174,
+ 176, 176, 179, 179, 181, 181, 182, 182, 185, 185, 186, 186, 188, 188, 191, 191,
+ 193, 193, 194, 194, 196, 196, 199, 199, 200, 200, 203, 203, 205, 205, 206, 206,
+ 208, 208, 211, 211, 213, 213, 214, 214, 217, 217, 218, 218, 220, 220, 223, 223,
+ 224, 224, 227, 227, 229, 229, 230, 230, 233, 233, 234, 234, 236, 236, 239, 239,
+ 241, 241, 242, 242, 244, 244, 247, 247, 248, 248, 251, 251, 253, 253, 254, 254,
+};
+
+void
+DES_set_odd_parity(DES_cblock *key)
+{
+ unsigned int i;
+
+ for (i = 0; i < DES_KEY_SZ; i++)
+ (*key)[i] = odd_parity[(*key)[i]];
+}
+LCRYPTO_ALIAS(DES_set_odd_parity);
+
+int
+DES_check_key_parity(const_DES_cblock *key)
+{
+ unsigned int i;
+
+ for (i = 0; i < DES_KEY_SZ; i++) {
+ if ((*key)[i] != odd_parity[(*key)[i]])
+ return (0);
+ }
+ return (1);
+}
+LCRYPTO_ALIAS(DES_check_key_parity);
+
+/* Weak and semi weak keys as taken from
+ * %A D.W. Davies
+ * %A W.L. Price
+ * %T Security for Computer Networks
+ * %I John Wiley & Sons
+ * %D 1984
+ * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
+ * (and actual cblock values).
+ */
+#define NUM_WEAK_KEY 16
+static const DES_cblock weak_keys[NUM_WEAK_KEY] = {
+ /* weak keys */
+ {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
+ {0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE},
+ {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
+ {0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1},
+ /* semi-weak keys */
+ {0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE},
+ {0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01},
+ {0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1},
+ {0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E},
+ {0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1},
+ {0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01},
+ {0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE},
+ {0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E},
+ {0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E},
+ {0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01},
+ {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
+ {0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1},
+};
+
+int
+DES_is_weak_key(const_DES_cblock *key)
+{
+ unsigned int i;
+
+ for (i = 0; i < NUM_WEAK_KEY; i++)
+ if (memcmp(weak_keys[i], key, sizeof(DES_cblock)) == 0)
+ return 1;
+ return 0;
+}
+LCRYPTO_ALIAS(DES_is_weak_key);
+
+/* NOW DEFINED IN des_local.h
+ * See ecb_encrypt.c for a pseudo description of these macros.
+ * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ * (b)^=(t),\
+ * (a)=((a)^((t)<<(n))))
+ */
+
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)), \
+ (a)=(a)^(t)^(t>>(16-(n))))
+
+static const DES_LONG des_skb[8][64] = {
+ {
+ /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+ 0x00000000L, 0x00000010L, 0x20000000L, 0x20000010L,
+ 0x00010000L, 0x00010010L, 0x20010000L, 0x20010010L,
+ 0x00000800L, 0x00000810L, 0x20000800L, 0x20000810L,
+ 0x00010800L, 0x00010810L, 0x20010800L, 0x20010810L,
+ 0x00000020L, 0x00000030L, 0x20000020L, 0x20000030L,
+ 0x00010020L, 0x00010030L, 0x20010020L, 0x20010030L,
+ 0x00000820L, 0x00000830L, 0x20000820L, 0x20000830L,
+ 0x00010820L, 0x00010830L, 0x20010820L, 0x20010830L,
+ 0x00080000L, 0x00080010L, 0x20080000L, 0x20080010L,
+ 0x00090000L, 0x00090010L, 0x20090000L, 0x20090010L,
+ 0x00080800L, 0x00080810L, 0x20080800L, 0x20080810L,
+ 0x00090800L, 0x00090810L, 0x20090800L, 0x20090810L,
+ 0x00080020L, 0x00080030L, 0x20080020L, 0x20080030L,
+ 0x00090020L, 0x00090030L, 0x20090020L, 0x20090030L,
+ 0x00080820L, 0x00080830L, 0x20080820L, 0x20080830L,
+ 0x00090820L, 0x00090830L, 0x20090820L, 0x20090830L,
+ }, {
+ /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
+ 0x00000000L, 0x02000000L, 0x00002000L, 0x02002000L,
+ 0x00200000L, 0x02200000L, 0x00202000L, 0x02202000L,
+ 0x00000004L, 0x02000004L, 0x00002004L, 0x02002004L,
+ 0x00200004L, 0x02200004L, 0x00202004L, 0x02202004L,
+ 0x00000400L, 0x02000400L, 0x00002400L, 0x02002400L,
+ 0x00200400L, 0x02200400L, 0x00202400L, 0x02202400L,
+ 0x00000404L, 0x02000404L, 0x00002404L, 0x02002404L,
+ 0x00200404L, 0x02200404L, 0x00202404L, 0x02202404L,
+ 0x10000000L, 0x12000000L, 0x10002000L, 0x12002000L,
+ 0x10200000L, 0x12200000L, 0x10202000L, 0x12202000L,
+ 0x10000004L, 0x12000004L, 0x10002004L, 0x12002004L,
+ 0x10200004L, 0x12200004L, 0x10202004L, 0x12202004L,
+ 0x10000400L, 0x12000400L, 0x10002400L, 0x12002400L,
+ 0x10200400L, 0x12200400L, 0x10202400L, 0x12202400L,
+ 0x10000404L, 0x12000404L, 0x10002404L, 0x12002404L,
+ 0x10200404L, 0x12200404L, 0x10202404L, 0x12202404L,
+ }, {
+ /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
+ 0x00000000L, 0x00000001L, 0x00040000L, 0x00040001L,
+ 0x01000000L, 0x01000001L, 0x01040000L, 0x01040001L,
+ 0x00000002L, 0x00000003L, 0x00040002L, 0x00040003L,
+ 0x01000002L, 0x01000003L, 0x01040002L, 0x01040003L,
+ 0x00000200L, 0x00000201L, 0x00040200L, 0x00040201L,
+ 0x01000200L, 0x01000201L, 0x01040200L, 0x01040201L,
+ 0x00000202L, 0x00000203L, 0x00040202L, 0x00040203L,
+ 0x01000202L, 0x01000203L, 0x01040202L, 0x01040203L,
+ 0x08000000L, 0x08000001L, 0x08040000L, 0x08040001L,
+ 0x09000000L, 0x09000001L, 0x09040000L, 0x09040001L,
+ 0x08000002L, 0x08000003L, 0x08040002L, 0x08040003L,
+ 0x09000002L, 0x09000003L, 0x09040002L, 0x09040003L,
+ 0x08000200L, 0x08000201L, 0x08040200L, 0x08040201L,
+ 0x09000200L, 0x09000201L, 0x09040200L, 0x09040201L,
+ 0x08000202L, 0x08000203L, 0x08040202L, 0x08040203L,
+ 0x09000202L, 0x09000203L, 0x09040202L, 0x09040203L,
+ }, {
+ /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
+ 0x00000000L, 0x00100000L, 0x00000100L, 0x00100100L,
+ 0x00000008L, 0x00100008L, 0x00000108L, 0x00100108L,
+ 0x00001000L, 0x00101000L, 0x00001100L, 0x00101100L,
+ 0x00001008L, 0x00101008L, 0x00001108L, 0x00101108L,
+ 0x04000000L, 0x04100000L, 0x04000100L, 0x04100100L,
+ 0x04000008L, 0x04100008L, 0x04000108L, 0x04100108L,
+ 0x04001000L, 0x04101000L, 0x04001100L, 0x04101100L,
+ 0x04001008L, 0x04101008L, 0x04001108L, 0x04101108L,
+ 0x00020000L, 0x00120000L, 0x00020100L, 0x00120100L,
+ 0x00020008L, 0x00120008L, 0x00020108L, 0x00120108L,
+ 0x00021000L, 0x00121000L, 0x00021100L, 0x00121100L,
+ 0x00021008L, 0x00121008L, 0x00021108L, 0x00121108L,
+ 0x04020000L, 0x04120000L, 0x04020100L, 0x04120100L,
+ 0x04020008L, 0x04120008L, 0x04020108L, 0x04120108L,
+ 0x04021000L, 0x04121000L, 0x04021100L, 0x04121100L,
+ 0x04021008L, 0x04121008L, 0x04021108L, 0x04121108L,
+ }, {
+ /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+ 0x00000000L, 0x10000000L, 0x00010000L, 0x10010000L,
+ 0x00000004L, 0x10000004L, 0x00010004L, 0x10010004L,
+ 0x20000000L, 0x30000000L, 0x20010000L, 0x30010000L,
+ 0x20000004L, 0x30000004L, 0x20010004L, 0x30010004L,
+ 0x00100000L, 0x10100000L, 0x00110000L, 0x10110000L,
+ 0x00100004L, 0x10100004L, 0x00110004L, 0x10110004L,
+ 0x20100000L, 0x30100000L, 0x20110000L, 0x30110000L,
+ 0x20100004L, 0x30100004L, 0x20110004L, 0x30110004L,
+ 0x00001000L, 0x10001000L, 0x00011000L, 0x10011000L,
+ 0x00001004L, 0x10001004L, 0x00011004L, 0x10011004L,
+ 0x20001000L, 0x30001000L, 0x20011000L, 0x30011000L,
+ 0x20001004L, 0x30001004L, 0x20011004L, 0x30011004L,
+ 0x00101000L, 0x10101000L, 0x00111000L, 0x10111000L,
+ 0x00101004L, 0x10101004L, 0x00111004L, 0x10111004L,
+ 0x20101000L, 0x30101000L, 0x20111000L, 0x30111000L,
+ 0x20101004L, 0x30101004L, 0x20111004L, 0x30111004L,
+ }, {
+ /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
+ 0x00000000L, 0x08000000L, 0x00000008L, 0x08000008L,
+ 0x00000400L, 0x08000400L, 0x00000408L, 0x08000408L,
+ 0x00020000L, 0x08020000L, 0x00020008L, 0x08020008L,
+ 0x00020400L, 0x08020400L, 0x00020408L, 0x08020408L,
+ 0x00000001L, 0x08000001L, 0x00000009L, 0x08000009L,
+ 0x00000401L, 0x08000401L, 0x00000409L, 0x08000409L,
+ 0x00020001L, 0x08020001L, 0x00020009L, 0x08020009L,
+ 0x00020401L, 0x08020401L, 0x00020409L, 0x08020409L,
+ 0x02000000L, 0x0A000000L, 0x02000008L, 0x0A000008L,
+ 0x02000400L, 0x0A000400L, 0x02000408L, 0x0A000408L,
+ 0x02020000L, 0x0A020000L, 0x02020008L, 0x0A020008L,
+ 0x02020400L, 0x0A020400L, 0x02020408L, 0x0A020408L,
+ 0x02000001L, 0x0A000001L, 0x02000009L, 0x0A000009L,
+ 0x02000401L, 0x0A000401L, 0x02000409L, 0x0A000409L,
+ 0x02020001L, 0x0A020001L, 0x02020009L, 0x0A020009L,
+ 0x02020401L, 0x0A020401L, 0x02020409L, 0x0A020409L,
+ }, {
+ /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
+ 0x00000000L, 0x00000100L, 0x00080000L, 0x00080100L,
+ 0x01000000L, 0x01000100L, 0x01080000L, 0x01080100L,
+ 0x00000010L, 0x00000110L, 0x00080010L, 0x00080110L,
+ 0x01000010L, 0x01000110L, 0x01080010L, 0x01080110L,
+ 0x00200000L, 0x00200100L, 0x00280000L, 0x00280100L,
+ 0x01200000L, 0x01200100L, 0x01280000L, 0x01280100L,
+ 0x00200010L, 0x00200110L, 0x00280010L, 0x00280110L,
+ 0x01200010L, 0x01200110L, 0x01280010L, 0x01280110L,
+ 0x00000200L, 0x00000300L, 0x00080200L, 0x00080300L,
+ 0x01000200L, 0x01000300L, 0x01080200L, 0x01080300L,
+ 0x00000210L, 0x00000310L, 0x00080210L, 0x00080310L,
+ 0x01000210L, 0x01000310L, 0x01080210L, 0x01080310L,
+ 0x00200200L, 0x00200300L, 0x00280200L, 0x00280300L,
+ 0x01200200L, 0x01200300L, 0x01280200L, 0x01280300L,
+ 0x00200210L, 0x00200310L, 0x00280210L, 0x00280310L,
+ 0x01200210L, 0x01200310L, 0x01280210L, 0x01280310L,
+ }, {
+ /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
+ 0x00000000L, 0x04000000L, 0x00040000L, 0x04040000L,
+ 0x00000002L, 0x04000002L, 0x00040002L, 0x04040002L,
+ 0x00002000L, 0x04002000L, 0x00042000L, 0x04042000L,
+ 0x00002002L, 0x04002002L, 0x00042002L, 0x04042002L,
+ 0x00000020L, 0x04000020L, 0x00040020L, 0x04040020L,
+ 0x00000022L, 0x04000022L, 0x00040022L, 0x04040022L,
+ 0x00002020L, 0x04002020L, 0x00042020L, 0x04042020L,
+ 0x00002022L, 0x04002022L, 0x00042022L, 0x04042022L,
+ 0x00000800L, 0x04000800L, 0x00040800L, 0x04040800L,
+ 0x00000802L, 0x04000802L, 0x00040802L, 0x04040802L,
+ 0x00002800L, 0x04002800L, 0x00042800L, 0x04042800L,
+ 0x00002802L, 0x04002802L, 0x00042802L, 0x04042802L,
+ 0x00000820L, 0x04000820L, 0x00040820L, 0x04040820L,
+ 0x00000822L, 0x04000822L, 0x00040822L, 0x04040822L,
+ 0x00002820L, 0x04002820L, 0x00042820L, 0x04042820L,
+ 0x00002822L, 0x04002822L, 0x00042822L, 0x04042822L,
+ },
+};
+
+int
+DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
+{
+ if (DES_check_key) {
+ return DES_set_key_checked(key, schedule);
+ } else {
+ DES_set_key_unchecked(key, schedule);
+ return 0;
+ }
+}
+LCRYPTO_ALIAS(DES_set_key);
+
+/* return 0 if key parity is odd (correct),
+ * return -1 if key parity error,
+ * return -2 if illegal weak key.
+ */
+int
+DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
+{
+ if (!DES_check_key_parity(key))
+ return (-1);
+ if (DES_is_weak_key(key))
+ return (-2);
+ DES_set_key_unchecked(key, schedule);
+ return 0;
+}
+LCRYPTO_ALIAS(DES_set_key_checked);
+
+void
+DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
+{
+ static const int shifts2[16] = {0, 0,1, 1,1, 1,1, 1,0, 1,1, 1,1, 1,1, 0};
+ DES_LONG c, d, t, s, t2;
+ const unsigned char *in;
+ DES_LONG *k;
+ int i;
+
+ k = &schedule->ks->deslong[0];
+ in = &(*key)[0];
+
+ c2l(in, c);
+ c2l(in, d);
+
+ /* do PC1 in 47 simple operations :-)
+ * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+ * for the inspiration. :-) */
+ PERM_OP(d, c, t, 4, 0x0f0f0f0fL);
+ HPERM_OP(c, t, -2, 0xcccc0000L);
+ HPERM_OP(d, t, -2, 0xcccc0000L);
+ PERM_OP(d, c, t, 1, 0x55555555L);
+ PERM_OP(c, d, t, 8, 0x00ff00ffL);
+ PERM_OP(d, c, t, 1, 0x55555555L);
+ d = (((d & 0x000000ffL) << 16L) | (d & 0x0000ff00L) |
+ ((d & 0x00ff0000L) >> 16L)|((c & 0xf0000000L) >> 4L));
+ c &= 0x0fffffffL;
+
+ for (i = 0; i < ITERATIONS; i++) {
+ if (shifts2[i]) {
+ c = ((c >> 2L)|(c << 26L));
+ d = ((d >> 2L)|(d << 26L));
+ } else {
+ c = ((c >> 1L)|(c << 27L));
+ d = ((d >> 1L)|(d << 27L));
+ }
+ c &= 0x0fffffffL;
+ d &= 0x0fffffffL;
+ /* could be a few less shifts but I am to lazy at this
+ * point in time to investigate */
+ s = des_skb[0][(c)&0x3f]|
+ des_skb[1][((c >> 6L) & 0x03)|((c >> 7L) & 0x3c)]|
+ des_skb[2][((c >> 13L) & 0x0f)|((c >> 14L) & 0x30)]|
+ des_skb[3][((c >> 20L) & 0x01)|((c >> 21L) & 0x06) |
+ ((c >> 22L) & 0x38)];
+ t = des_skb[4][(d)&0x3f]|
+ des_skb[5][((d >> 7L) & 0x03)|((d >> 8L) & 0x3c)]|
+ des_skb[6][(d >> 15L) & 0x3f]|
+ des_skb[7][((d >> 21L) & 0x0f)|((d >> 22L) & 0x30)];
+
+ /* table contained 0213 4657 */
+ t2 = ((t << 16L)|(s & 0x0000ffffL)) & 0xffffffffL;
+ *(k++) = ROTATE(t2, 30) & 0xffffffffL;
+
+ t2 = ((s >> 16L)|(t & 0xffff0000L));
+ *(k++) = ROTATE(t2, 26) & 0xffffffffL;
+ }
+}
+LCRYPTO_ALIAS(DES_set_key_unchecked);
+
+int
+DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
+{
+ return (DES_set_key(key, schedule));
+}
+LCRYPTO_ALIAS(DES_key_sched);
+
+int
+DES_random_key(DES_cblock *ret)
+{
+ do {
+ arc4random_buf(ret, sizeof(DES_cblock));
+ DES_set_odd_parity(ret);
+ } while (DES_is_weak_key(ret));
+ return (1);
+}
+LCRYPTO_ALIAS(DES_random_key);
+
+void
+DES_string_to_key(const char *str, DES_cblock *key)
+{
+ DES_key_schedule ks;
+ int i, length;
+ unsigned char j;
+
+ memset(key, 0, 8);
+ length = strlen(str);
+#ifdef OLD_STR_TO_KEY
+ for (i = 0; i < length; i++)
+ (*key)[i % 8] ^= (str[i] << 1);
+#else /* MIT COMPATIBLE */
+ for (i = 0; i < length; i++) {
+ j = str[i];
+ if ((i % 16) < 8)
+ (*key)[i % 8] ^= (j << 1);
+ else {
+ /* Reverse the bit order 05/05/92 eay */
+ j = ((j << 4) & 0xf0)|((j >> 4) & 0x0f);
+ j = ((j << 2) & 0xcc)|((j >> 2) & 0x33);
+ j = ((j << 1) & 0xaa)|((j >> 1) & 0x55);
+ (*key)[7 - (i % 8)] ^= j;
+ }
+ }
+#endif
+ DES_set_odd_parity(key);
+#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
+ if (DES_is_weak_key(key))
+ (*key)[7] ^= 0xF0;
+ DES_set_key(key, &ks);
+#else
+ DES_set_key_unchecked(key, &ks);
+#endif
+ DES_cbc_cksum((const unsigned char *)str, key, length, &ks, key);
+ explicit_bzero(&ks, sizeof(ks));
+ DES_set_odd_parity(key);
+}
+LCRYPTO_ALIAS(DES_string_to_key);
+
+void
+DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
+{
+ DES_key_schedule ks;
+ int i, length;
+ unsigned char j;
+
+ memset(key1, 0, 8);
+ memset(key2, 0, 8);
+ length = strlen(str);
+#ifdef OLD_STR_TO_KEY
+ if (length <= 8) {
+ for (i = 0; i < length; i++) {
+ (*key2)[i] = (*key1)[i] = (str[i] << 1);
+ }
+ } else {
+ for (i = 0; i < length; i++) {
+ if ((i/8) & 1)
+ (*key2)[i % 8] ^= (str[i] << 1);
+ else
+ (*key1)[i % 8] ^= (str[i] << 1);
+ }
+ }
+#else /* MIT COMPATIBLE */
+ for (i = 0; i < length; i++) {
+ j = str[i];
+ if ((i % 32) < 16) {
+ if ((i % 16) < 8)
+ (*key1)[i % 8] ^= (j << 1);
+ else
+ (*key2)[i % 8] ^= (j << 1);
+ } else {
+ j = ((j << 4) & 0xf0)|((j >> 4) & 0x0f);
+ j = ((j << 2) & 0xcc)|((j >> 2) & 0x33);
+ j = ((j << 1) & 0xaa)|((j >> 1) & 0x55);
+ if ((i % 16) < 8)
+ (*key1)[7 - (i % 8)] ^= j;
+ else
+ (*key2)[7 - (i % 8)] ^= j;
+ }
+ }
+ if (length <= 8)
+ memcpy(key2, key1, 8);
+#endif
+ DES_set_odd_parity(key1);
+ DES_set_odd_parity(key2);
+#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
+ if (DES_is_weak_key(key1))
+ (*key1)[7] ^= 0xF0;
+ DES_set_key(key1, &ks);
+#else
+ DES_set_key_unchecked(key1, &ks);
+#endif
+ DES_cbc_cksum((const unsigned char *)str, key1, length, &ks, key1);
+#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
+ if (DES_is_weak_key(key2))
+ (*key2)[7] ^= 0xF0;
+ DES_set_key(key2, &ks);
+#else
+ DES_set_key_unchecked(key2, &ks);
+#endif
+ DES_cbc_cksum((const unsigned char *)str, key2, length, &ks, key2);
+ explicit_bzero(&ks, sizeof(ks));
+ DES_set_odd_parity(key1);
+ DES_set_odd_parity(key2);
+}
+LCRYPTO_ALIAS(DES_string_to_2keys);
diff --git a/src/lib/libcrypto/des/ecb3_enc.c b/src/lib/libcrypto/des/ecb3_enc.c
deleted file mode 100644
index 2aa63726e5..0000000000
--- a/src/lib/libcrypto/des/ecb3_enc.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* $OpenBSD: ecb3_enc.c,v 1.10 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-
-void
-DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
- DES_key_schedule *ks1, DES_key_schedule *ks2,
- DES_key_schedule *ks3,
- int enc)
-{
- DES_LONG l0, l1;
- DES_LONG ll[2];
- const unsigned char *in = &(*input)[0];
- unsigned char *out = &(*output)[0];
-
- c2l(in, l0);
- c2l(in, l1);
- ll[0] = l0;
- ll[1] = l1;
- if (enc)
- DES_encrypt3(ll, ks1, ks2, ks3);
- else
- DES_decrypt3(ll, ks1, ks2, ks3);
- l0 = ll[0];
- l1 = ll[1];
- l2c(l0, out);
- l2c(l1, out);
-}
-LCRYPTO_ALIAS(DES_ecb3_encrypt);
diff --git a/src/lib/libcrypto/des/ecb_enc.c b/src/lib/libcrypto/des/ecb_enc.c
deleted file mode 100644
index 2491c43183..0000000000
--- a/src/lib/libcrypto/des/ecb_enc.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* $OpenBSD: ecb_enc.c,v 1.20 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-#include <openssl/opensslv.h>
-#include <openssl/bio.h>
-
-void
-DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
- DES_key_schedule *ks, int enc)
-{
- DES_LONG l;
- DES_LONG ll[2];
- const unsigned char *in = &(*input)[0];
- unsigned char *out = &(*output)[0];
-
- c2l(in, l);
- ll[0] = l;
- c2l(in, l);
- ll[1] = l;
- DES_encrypt1(ll, ks, enc);
- l = ll[0];
- l2c(l, out);
- l = ll[1];
- l2c(l, out);
- l = ll[0] = ll[1] = 0;
-}
-LCRYPTO_ALIAS(DES_ecb_encrypt);
diff --git a/src/lib/libcrypto/des/ede_cbcm_enc.c b/src/lib/libcrypto/des/ede_cbcm_enc.c
deleted file mode 100644
index 979600e549..0000000000
--- a/src/lib/libcrypto/des/ede_cbcm_enc.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/* $OpenBSD: ede_cbcm_enc.c,v 1.10 2024/03/29 01:47:29 joshua Exp $ */
-/* Written by Ben Laurie <ben@algroup.co.uk> for the OpenSSL
- * project 13 Feb 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
-
-This is an implementation of Triple DES Cipher Block Chaining with Output
-Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
-
-Note that there is a known attack on this by Biham and Knudsen but it takes
-a lot of work:
-
-http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
-
-*/
-
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_DESCBCM is defined */
-
-#ifndef OPENSSL_NO_DESCBCM
-#include "des_local.h"
-
-void
-DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
- DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
- int enc)
-{
- DES_LONG tin0, tin1;
- DES_LONG tout0, tout1, xor0, xor1, m0, m1;
- long l = length;
- DES_LONG tin[2];
- unsigned char *iv1, *iv2;
-
- iv1 = &(*ivec1)[0];
- iv2 = &(*ivec2)[0];
-
- if (enc) {
- c2l(iv1, m0);
- c2l(iv1, m1);
- c2l(iv2, tout0);
- c2l(iv2, tout1);
- for (l -= 8; l >= -7; l -= 8) {
- tin[0] = m0;
- tin[1] = m1;
- DES_encrypt1(tin, ks3, 1);
- m0 = tin[0];
- m1 = tin[1];
-
- if (l < 0) {
- c2ln(in, tin0, tin1, l + 8);
- } else {
- c2l(in, tin0);
- c2l(in, tin1);
- }
- tin0 ^= tout0;
- tin1 ^= tout1;
-
- tin[0] = tin0;
- tin[1] = tin1;
- DES_encrypt1(tin, ks1, 1);
- tin[0] ^= m0;
- tin[1] ^= m1;
- DES_encrypt1(tin, ks2, 0);
- tin[0] ^= m0;
- tin[1] ^= m1;
- DES_encrypt1(tin, ks1, 1);
- tout0 = tin[0];
- tout1 = tin[1];
-
- l2c(tout0, out);
- l2c(tout1, out);
- }
- iv1 = &(*ivec1)[0];
- l2c(m0, iv1);
- l2c(m1, iv1);
-
- iv2 = &(*ivec2)[0];
- l2c(tout0, iv2);
- l2c(tout1, iv2);
- } else {
- DES_LONG t0, t1;
-
- c2l(iv1, m0);
- c2l(iv1, m1);
- c2l(iv2, xor0);
- c2l(iv2, xor1);
- for (l -= 8; l >= -7; l -= 8) {
- tin[0] = m0;
- tin[1] = m1;
- DES_encrypt1(tin, ks3, 1);
- m0 = tin[0];
- m1 = tin[1];
-
- c2l(in, tin0);
- c2l(in, tin1);
-
- t0 = tin0;
- t1 = tin1;
-
- tin[0] = tin0;
- tin[1] = tin1;
- DES_encrypt1(tin, ks1, 0);
- tin[0] ^= m0;
- tin[1] ^= m1;
- DES_encrypt1(tin, ks2, 1);
- tin[0] ^= m0;
- tin[1] ^= m1;
- DES_encrypt1(tin, ks1, 0);
- tout0 = tin[0];
- tout1 = tin[1];
-
- tout0 ^= xor0;
- tout1 ^= xor1;
- if (l < 0) {
- l2cn(tout0, tout1, out, l + 8);
- } else {
- l2c(tout0, out);
- l2c(tout1, out);
- }
- xor0 = t0;
- xor1 = t1;
- }
-
- iv1 = &(*ivec1)[0];
- l2c(m0, iv1);
- l2c(m1, iv1);
-
- iv2 = &(*ivec2)[0];
- l2c(xor0, iv2);
- l2c(xor1, iv2);
- }
- tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
- tin[0] = tin[1] = 0;
-}
-LCRYPTO_ALIAS(DES_ede3_cbcm_encrypt);
-#endif
diff --git a/src/lib/libcrypto/des/fcrypt.c b/src/lib/libcrypto/des/fcrypt.c
deleted file mode 100644
index c970ef4c55..0000000000
--- a/src/lib/libcrypto/des/fcrypt.c
+++ /dev/null
@@ -1,261 +0,0 @@
-/* $OpenBSD: fcrypt.c,v 1.17 2024/08/31 15:39:33 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-/* This version of crypt has been developed from my MIT compatible
- * DES library.
- * Eric Young (eay@cryptsoft.com)
- */
-
-/* Modification by Jens Kupferschmidt (Cu)
- * I have included directive PARA for shared memory computers.
- * I have included a directive LONGCRYPT to using this routine to cipher
- * passwords with more than 8 bytes like HP-UX 10.x it used. The MAXPLEN
- * definition is the maximum of length of password and can changed. I have
- * defined 24.
- */
-
-#define DES_FCRYPT
-#include "des_local.h"
-#undef DES_FCRYPT
-
-#ifndef OPENBSD_DES_ASM
-
-#undef PERM_OP
-#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)), \
- (b)^=(t), \
- (a)^=((t)<<(n)))
-
-#undef HPERM_OP
-#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)), \
- (a)=(a)^(t)^(t>>(16-(n)))) \
-
-void
-fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0,
- DES_LONG Eswap1)
-{
- DES_LONG l, r, t, u;
-#ifdef DES_PTR
- const unsigned char *des_SP = (const unsigned char *)DES_SPtrans;
-#endif
- DES_LONG *s;
- int j;
- DES_LONG E0, E1;
-
- l = 0;
- r = 0;
-
- s = (DES_LONG *)ks;
- E0 = Eswap0;
- E1 = Eswap1;
-
- for (j = 0; j < 25; j++) {
-#ifndef DES_UNROLL
- int i;
-
- for (i = 0; i < 32; i += 4) {
- D_ENCRYPT(l, r, i + 0); /* 1 */
- D_ENCRYPT(r, l, i + 2); /* 2 */
- }
-#else
- D_ENCRYPT(l, r, 0); /* 1 */
- D_ENCRYPT(r, l, 2); /* 2 */
- D_ENCRYPT(l, r, 4); /* 3 */
- D_ENCRYPT(r, l, 6); /* 4 */
- D_ENCRYPT(l, r, 8); /* 5 */
- D_ENCRYPT(r, l, 10); /* 6 */
- D_ENCRYPT(l, r, 12); /* 7 */
- D_ENCRYPT(r, l, 14); /* 8 */
- D_ENCRYPT(l, r, 16); /* 9 */
- D_ENCRYPT(r, l, 18); /* 10 */
- D_ENCRYPT(l, r, 20); /* 11 */
- D_ENCRYPT(r, l, 22); /* 12 */
- D_ENCRYPT(l, r, 24); /* 13 */
- D_ENCRYPT(r, l, 26); /* 14 */
- D_ENCRYPT(l, r, 28); /* 15 */
- D_ENCRYPT(r, l, 30); /* 16 */
-#endif
-
- t = l;
- l = r;
- r = t;
- }
- l = ROTATE(l, 3) & 0xffffffffL;
- r = ROTATE(r, 3) & 0xffffffffL;
-
- PERM_OP(l, r, t, 1, 0x55555555L);
- PERM_OP(r, l, t, 8, 0x00ff00ffL);
- PERM_OP(l, r, t, 2, 0x33333333L);
- PERM_OP(r, l, t, 16, 0x0000ffffL);
- PERM_OP(l, r, t, 4, 0x0f0f0f0fL);
-
- out[0] = r;
- out[1] = l;
-}
-
-#endif /* OPENBSD_DES_ASM */
-
-/* Added more values to handle illegal salt values the way normal
- * crypt() implementations do. The patch was sent by
- * Bjorn Gronvall <bg@sics.se>
- */
-static unsigned const char con_salt[128] = {
- 0xD2, 0xD3, 0xD4, 0xD5, 0xD6, 0xD7, 0xD8, 0xD9,
- 0xDA, 0xDB, 0xDC, 0xDD, 0xDE, 0xDF, 0xE0, 0xE1,
- 0xE2, 0xE3, 0xE4, 0xE5, 0xE6, 0xE7, 0xE8, 0xE9,
- 0xEA, 0xEB, 0xEC, 0xED, 0xEE, 0xEF, 0xF0, 0xF1,
- 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9,
- 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF, 0x00, 0x01,
- 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
- 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A,
- 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12,
- 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A,
- 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
- 0x23, 0x24, 0x25, 0x20, 0x21, 0x22, 0x23, 0x24,
- 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C,
- 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34,
- 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C,
- 0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44,
-};
-
-static unsigned const char cov_2char[64] = {
- 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
- 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44,
- 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C,
- 0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54,
- 0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x61, 0x62,
- 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A,
- 0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71, 0x72,
- 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A
-};
-
-char *
-DES_crypt(const char *buf, const char *salt)
-{
- static char buff[14];
-
- return (DES_fcrypt(buf, salt, buff));
-}
-LCRYPTO_ALIAS(DES_crypt);
-
-char *
-DES_fcrypt(const char *buf, const char *salt, char *ret)
-{
- unsigned int i, j, x, y;
- DES_LONG Eswap0, Eswap1;
- DES_LONG out[2], ll;
- DES_cblock key;
- DES_key_schedule ks;
- unsigned char bb[9];
- unsigned char *b = bb;
- unsigned char c, u;
-
- /* eay 25/08/92
- * If you call crypt("pwd","*") as often happens when you
- * have * as the pwd field in /etc/passwd, the function
- * returns *\0xxxxxxxxx
- * The \0 makes the string look like * so the pwd "*" would
- * crypt to "*". This was found when replacing the crypt in
- * our shared libraries. People found that the disabled
- * accounts effectively had no passwd :-(. */
- x = ret[0] = ((salt[0] == '\0') ? 'A' : salt[0]);
- Eswap0 = con_salt[x] << 2;
- x = ret[1] = ((salt[1] == '\0') ? 'A' : salt[1]);
- Eswap1 = con_salt[x] << 6;
-/* EAY
-r=strlen(buf);
-r=(r+7)/8;
-*/
- for (i = 0; i < 8; i++) {
- c = *(buf++);
- if (!c)
- break;
- key[i] = (c << 1);
- }
- for (; i < 8; i++)
- key[i] = 0;
-
- DES_set_key_unchecked(&key, &ks);
- fcrypt_body(&(out[0]), &ks, Eswap0, Eswap1);
-
- ll = out[0];
- l2c(ll, b);
- ll = out[1];
- l2c(ll, b);
- y = 0;
- u = 0x80;
- bb[8] = 0;
- for (i = 2; i < 13; i++) {
- c = 0;
- for (j = 0; j < 6; j++) {
- c <<= 1;
- if (bb[y] & u)
- c |= 1;
- u >>= 1;
- if (!u) {
- y++;
- u = 0x80;
- }
- }
- ret[i] = cov_2char[c];
- }
- ret[13] = '\0';
- return (ret);
-}
-LCRYPTO_ALIAS(DES_fcrypt);
diff --git a/src/lib/libcrypto/des/ofb64ede.c b/src/lib/libcrypto/des/ofb64ede.c
deleted file mode 100644
index 949b220478..0000000000
--- a/src/lib/libcrypto/des/ofb64ede.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* $OpenBSD: ofb64ede.c,v 1.9 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void
-DES_ede3_ofb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- DES_key_schedule *k1, DES_key_schedule *k2,
- DES_key_schedule *k3, DES_cblock *ivec,
- int *num)
-{
- DES_LONG v0, v1;
- int n = *num;
- long l = length;
- DES_cblock d;
- char *dp;
- DES_LONG ti[2];
- unsigned char *iv;
- int save = 0;
-
- iv = &(*ivec)[0];
- c2l(iv, v0);
- c2l(iv, v1);
- ti[0] = v0;
- ti[1] = v1;
- dp = (char *)d;
- l2c(v0, dp);
- l2c(v1, dp);
- while (l--) {
- if (n == 0) {
- /* ti[0]=v0; */
- /* ti[1]=v1; */
- DES_encrypt3(ti, k1, k2, k3);
- v0 = ti[0];
- v1 = ti[1];
-
- dp = (char *)d;
- l2c(v0, dp);
- l2c(v1, dp);
- save++;
- }
- *(out++) = *(in++) ^ d[n];
- n = (n + 1) & 0x07;
- }
- if (save) {
- iv = &(*ivec)[0];
- l2c(v0, iv);
- l2c(v1, iv);
- }
- v0 = v1 = ti[0] = ti[1] = 0;
- *num = n;
-}
-LCRYPTO_ALIAS(DES_ede3_ofb64_encrypt);
diff --git a/src/lib/libcrypto/des/ofb64enc.c b/src/lib/libcrypto/des/ofb64enc.c
deleted file mode 100644
index 5e524dd9e2..0000000000
--- a/src/lib/libcrypto/des/ofb64enc.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* $OpenBSD: ofb64enc.c,v 1.9 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used. The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void
-DES_ofb64_encrypt(const unsigned char *in,
- unsigned char *out, long length,
- DES_key_schedule *schedule, DES_cblock *ivec, int *num)
-{
- DES_LONG v0, v1, t;
- int n = *num;
- long l = length;
- DES_cblock d;
- unsigned char *dp;
- DES_LONG ti[2];
- unsigned char *iv;
- int save = 0;
-
- iv = &(*ivec)[0];
- c2l(iv, v0);
- c2l(iv, v1);
- ti[0] = v0;
- ti[1] = v1;
- dp = d;
- l2c(v0, dp);
- l2c(v1, dp);
- while (l--) {
- if (n == 0) {
- DES_encrypt1(ti, schedule, DES_ENCRYPT);
- dp = d;
- t = ti[0];
- l2c(t, dp);
- t = ti[1];
- l2c(t, dp);
- save++;
- }
- *(out++) = *(in++) ^ d[n];
- n = (n + 1) & 0x07;
- }
- if (save) {
- v0 = ti[0];
- v1 = ti[1];
- iv = &(*ivec)[0];
- l2c(v0, iv);
- l2c(v1, iv);
- }
- t = v0 = v1 = ti[0] = ti[1] = 0;
- *num = n;
-}
-LCRYPTO_ALIAS(DES_ofb64_encrypt);
diff --git a/src/lib/libcrypto/des/ofb_enc.c b/src/lib/libcrypto/des/ofb_enc.c
deleted file mode 100644
index 96dc25ee2c..0000000000
--- a/src/lib/libcrypto/des/ofb_enc.c
+++ /dev/null
@@ -1,134 +0,0 @@
-/* $OpenBSD: ofb_enc.c,v 1.9 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-
-/* The input and output are loaded in multiples of 8 bits.
- * What this means is that if you hame numbits=12 and length=2
- * the first 12 bits will be retrieved from the first byte and half
- * the second. The second 12 bits will come from the 3rd and half the 4th
- * byte.
- */
-void
-DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec)
-{
- DES_LONG d0, d1, vv0, vv1, v0, v1, n = (numbits + 7)/8;
- DES_LONG mask0, mask1;
- long l = length;
- int num = numbits;
- DES_LONG ti[2];
- unsigned char *iv;
-
- if (num > 64)
- return;
- if (num > 32) {
- mask0 = 0xffffffffL;
- if (num >= 64)
- mask1 = mask0;
- else
- mask1 = (1L << (num - 32)) - 1;
- } else {
- if (num == 32)
- mask0 = 0xffffffffL;
- else
- mask0 = (1L << num) - 1;
- mask1 = 0x00000000L;
- }
-
- iv = &(*ivec)[0];
- c2l(iv, v0);
- c2l(iv, v1);
- ti[0] = v0;
- ti[1] = v1;
- while (l-- > 0) {
- ti[0] = v0;
- ti[1] = v1;
- DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
- vv0 = ti[0];
- vv1 = ti[1];
- c2ln(in, d0, d1, n);
- in += n;
- d0 = (d0 ^ vv0) & mask0;
- d1 = (d1 ^ vv1) & mask1;
- l2cn(d0, d1, out, n);
- out += n;
-
- if (num == 32) {
- v0 = v1;
- v1 = vv0;
- } else if (num == 64) {
- v0 = vv0;
- v1 = vv1;
- } else if (num > 32) { /* && num != 64 */
- v0 = ((v1 >> (num - 32))|(vv0 << (64 - num))) &
- 0xffffffffL;
- v1 = ((vv0 >> (num - 32))|(vv1 << (64 - num))) &
- 0xffffffffL;
- } else /* num < 32 */ {
- v0 = ((v0 >> num)|(v1 << (32 - num))) & 0xffffffffL;
- v1 = ((v1 >> num)|(vv0 << (32 - num))) & 0xffffffffL;
- }
- }
- iv = &(*ivec)[0];
- l2c(v0, iv);
- l2c(v1, iv);
- v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
-}
-LCRYPTO_ALIAS(DES_ofb_encrypt);
diff --git a/src/lib/libcrypto/des/pcbc_enc.c b/src/lib/libcrypto/des/pcbc_enc.c
deleted file mode 100644
index defd628d4d..0000000000
--- a/src/lib/libcrypto/des/pcbc_enc.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* $OpenBSD: pcbc_enc.c,v 1.10 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-
-void
-DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec, int enc)
-{
- DES_LONG sin0, sin1, xor0, xor1, tout0, tout1;
- DES_LONG tin[2];
- const unsigned char *in;
- unsigned char *out, *iv;
-
- in = input;
- out = output;
- iv = &(*ivec)[0];
-
- if (enc) {
- c2l(iv, xor0);
- c2l(iv, xor1);
- for (; length > 0; length -= 8) {
- if (length >= 8) {
- c2l(in, sin0);
- c2l(in, sin1);
- } else
- c2ln(in, sin0, sin1, length);
- tin[0] = sin0 ^ xor0;
- tin[1] = sin1 ^ xor1;
- DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
- tout0 = tin[0];
- tout1 = tin[1];
- xor0 = sin0 ^ tout0;
- xor1 = sin1 ^ tout1;
- l2c(tout0, out);
- l2c(tout1, out);
- }
- } else {
- c2l(iv, xor0);
- c2l(iv, xor1);
- for (; length > 0; length -= 8) {
- c2l(in, sin0);
- c2l(in, sin1);
- tin[0] = sin0;
- tin[1] = sin1;
- DES_encrypt1((DES_LONG *)tin, schedule, DES_DECRYPT);
- tout0 = tin[0] ^ xor0;
- tout1 = tin[1] ^ xor1;
- if (length >= 8) {
- l2c(tout0, out);
- l2c(tout1, out);
- } else
- l2cn(tout0, tout1, out, length);
- xor0 = tout0 ^ sin0;
- xor1 = tout1 ^ sin1;
- }
- }
- tin[0] = tin[1] = 0;
- sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
-}
-LCRYPTO_ALIAS(DES_pcbc_encrypt);
diff --git a/src/lib/libcrypto/des/qud_cksm.c b/src/lib/libcrypto/des/qud_cksm.c
deleted file mode 100644
index 4ded2a05b0..0000000000
--- a/src/lib/libcrypto/des/qud_cksm.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/* $OpenBSD: qud_cksm.c,v 1.11 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer
- * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40
- * This module in only based on the code in this paper and is
- * almost definitely not the same as the MIT implementation.
- */
-#include "des_local.h"
-
-/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
-#define Q_B0(a) (((DES_LONG)(a)))
-#define Q_B1(a) (((DES_LONG)(a))<<8)
-#define Q_B2(a) (((DES_LONG)(a))<<16)
-#define Q_B3(a) (((DES_LONG)(a))<<24)
-
-/* used to scramble things a bit */
-/* Got the value MIT uses via brute force :-) 2/10/90 eay */
-#define NOISE ((DES_LONG)83653421L)
-
-DES_LONG
-DES_quad_cksum(const unsigned char *input, DES_cblock output[],
- long length, int out_count, DES_cblock *seed)
-{
- DES_LONG z0, z1, t0, t1;
- int i;
- long l;
- const unsigned char *cp;
- DES_LONG *lp;
-
- if (out_count < 1)
- out_count = 1;
- lp = (DES_LONG *)&(output[0])[0];
-
- z0 = Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3(
- (*seed)[3]);
- z1 = Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3(
- (*seed)[7]);
-
- for (i = 0; ((i < 4) && (i < out_count)); i++) {
- cp = input;
- l = length;
- while (l > 0) {
- if (l > 1) {
- t0 = (DES_LONG)(*(cp++));
- t0 |= (DES_LONG)Q_B1(*(cp++));
- l--;
- } else
- t0 = (DES_LONG)(*(cp++));
- l--;
- /* add */
- t0 += z0;
- t0 &= 0xffffffffL;
- t1 = z1;
- /* square, well sort of square */
- z0 = ((((t0*t0) & 0xffffffffL) +
- ((t1*t1) & 0xffffffffL)) & 0xffffffffL) %
- 0x7fffffffL;
- z1 = ((t0*((t1 + NOISE) & 0xffffffffL)) & 0xffffffffL) %
- 0x7fffffffL;
- }
- if (lp != NULL) {
- /* The MIT library assumes that the checksum is
- * composed of 2*out_count 32 bit ints */
- *lp++ = z0;
- *lp++ = z1;
- }
- }
- return (z0);
-}
-LCRYPTO_ALIAS(DES_quad_cksum);
diff --git a/src/lib/libcrypto/des/set_key.c b/src/lib/libcrypto/des/set_key.c
deleted file mode 100644
index 9a9dcf7c52..0000000000
--- a/src/lib/libcrypto/des/set_key.c
+++ /dev/null
@@ -1,415 +0,0 @@
-/* $OpenBSD: set_key.c,v 1.28 2024/07/09 07:16:13 beck Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-
-#include <openssl/crypto.h>
-
-#include "des_local.h"
-
-int DES_check_key = 0; /* defaults to false */
-LCRYPTO_ALIAS(DES_check_key);
-
-static const unsigned char odd_parity[256] = {
- 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
- 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
- 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
- 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
- 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
- 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
- 97, 97, 98, 98, 100, 100, 103, 103, 104, 104, 107, 107, 109, 109, 110, 110,
- 112, 112, 115, 115, 117, 117, 118, 118, 121, 121, 122, 122, 124, 124, 127, 127,
- 128, 128, 131, 131, 133, 133, 134, 134, 137, 137, 138, 138, 140, 140, 143, 143,
- 145, 145, 146, 146, 148, 148, 151, 151, 152, 152, 155, 155, 157, 157, 158, 158,
- 161, 161, 162, 162, 164, 164, 167, 167, 168, 168, 171, 171, 173, 173, 174, 174,
- 176, 176, 179, 179, 181, 181, 182, 182, 185, 185, 186, 186, 188, 188, 191, 191,
- 193, 193, 194, 194, 196, 196, 199, 199, 200, 200, 203, 203, 205, 205, 206, 206,
- 208, 208, 211, 211, 213, 213, 214, 214, 217, 217, 218, 218, 220, 220, 223, 223,
- 224, 224, 227, 227, 229, 229, 230, 230, 233, 233, 234, 234, 236, 236, 239, 239,
- 241, 241, 242, 242, 244, 244, 247, 247, 248, 248, 251, 251, 253, 253, 254, 254,
-};
-
-void
-DES_set_odd_parity(DES_cblock *key)
-{
- unsigned int i;
-
- for (i = 0; i < DES_KEY_SZ; i++)
- (*key)[i] = odd_parity[(*key)[i]];
-}
-LCRYPTO_ALIAS(DES_set_odd_parity);
-
-int
-DES_check_key_parity(const_DES_cblock *key)
-{
- unsigned int i;
-
- for (i = 0; i < DES_KEY_SZ; i++) {
- if ((*key)[i] != odd_parity[(*key)[i]])
- return (0);
- }
- return (1);
-}
-LCRYPTO_ALIAS(DES_check_key_parity);
-
-/* Weak and semi weak keys as taken from
- * %A D.W. Davies
- * %A W.L. Price
- * %T Security for Computer Networks
- * %I John Wiley & Sons
- * %D 1984
- * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
- * (and actual cblock values).
- */
-#define NUM_WEAK_KEY 16
-static const DES_cblock weak_keys[NUM_WEAK_KEY] = {
- /* weak keys */
- {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
- {0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE},
- {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
- {0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1},
- /* semi-weak keys */
- {0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE},
- {0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01},
- {0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1},
- {0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E},
- {0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1},
- {0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01},
- {0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE},
- {0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E},
- {0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E},
- {0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01},
- {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
- {0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1},
-};
-
-int
-DES_is_weak_key(const_DES_cblock *key)
-{
- unsigned int i;
-
- for (i = 0; i < NUM_WEAK_KEY; i++)
- if (memcmp(weak_keys[i], key, sizeof(DES_cblock)) == 0)
- return 1;
- return 0;
-}
-LCRYPTO_ALIAS(DES_is_weak_key);
-
-/* NOW DEFINED IN des_local.h
- * See ecb_encrypt.c for a pseudo description of these macros.
- * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
- * (b)^=(t),\
- * (a)=((a)^((t)<<(n))))
- */
-
-#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)), \
- (a)=(a)^(t)^(t>>(16-(n))))
-
-static const DES_LONG des_skb[8][64] = {
- {
- /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
- 0x00000000L, 0x00000010L, 0x20000000L, 0x20000010L,
- 0x00010000L, 0x00010010L, 0x20010000L, 0x20010010L,
- 0x00000800L, 0x00000810L, 0x20000800L, 0x20000810L,
- 0x00010800L, 0x00010810L, 0x20010800L, 0x20010810L,
- 0x00000020L, 0x00000030L, 0x20000020L, 0x20000030L,
- 0x00010020L, 0x00010030L, 0x20010020L, 0x20010030L,
- 0x00000820L, 0x00000830L, 0x20000820L, 0x20000830L,
- 0x00010820L, 0x00010830L, 0x20010820L, 0x20010830L,
- 0x00080000L, 0x00080010L, 0x20080000L, 0x20080010L,
- 0x00090000L, 0x00090010L, 0x20090000L, 0x20090010L,
- 0x00080800L, 0x00080810L, 0x20080800L, 0x20080810L,
- 0x00090800L, 0x00090810L, 0x20090800L, 0x20090810L,
- 0x00080020L, 0x00080030L, 0x20080020L, 0x20080030L,
- 0x00090020L, 0x00090030L, 0x20090020L, 0x20090030L,
- 0x00080820L, 0x00080830L, 0x20080820L, 0x20080830L,
- 0x00090820L, 0x00090830L, 0x20090820L, 0x20090830L,
- }, {
- /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
- 0x00000000L, 0x02000000L, 0x00002000L, 0x02002000L,
- 0x00200000L, 0x02200000L, 0x00202000L, 0x02202000L,
- 0x00000004L, 0x02000004L, 0x00002004L, 0x02002004L,
- 0x00200004L, 0x02200004L, 0x00202004L, 0x02202004L,
- 0x00000400L, 0x02000400L, 0x00002400L, 0x02002400L,
- 0x00200400L, 0x02200400L, 0x00202400L, 0x02202400L,
- 0x00000404L, 0x02000404L, 0x00002404L, 0x02002404L,
- 0x00200404L, 0x02200404L, 0x00202404L, 0x02202404L,
- 0x10000000L, 0x12000000L, 0x10002000L, 0x12002000L,
- 0x10200000L, 0x12200000L, 0x10202000L, 0x12202000L,
- 0x10000004L, 0x12000004L, 0x10002004L, 0x12002004L,
- 0x10200004L, 0x12200004L, 0x10202004L, 0x12202004L,
- 0x10000400L, 0x12000400L, 0x10002400L, 0x12002400L,
- 0x10200400L, 0x12200400L, 0x10202400L, 0x12202400L,
- 0x10000404L, 0x12000404L, 0x10002404L, 0x12002404L,
- 0x10200404L, 0x12200404L, 0x10202404L, 0x12202404L,
- }, {
- /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
- 0x00000000L, 0x00000001L, 0x00040000L, 0x00040001L,
- 0x01000000L, 0x01000001L, 0x01040000L, 0x01040001L,
- 0x00000002L, 0x00000003L, 0x00040002L, 0x00040003L,
- 0x01000002L, 0x01000003L, 0x01040002L, 0x01040003L,
- 0x00000200L, 0x00000201L, 0x00040200L, 0x00040201L,
- 0x01000200L, 0x01000201L, 0x01040200L, 0x01040201L,
- 0x00000202L, 0x00000203L, 0x00040202L, 0x00040203L,
- 0x01000202L, 0x01000203L, 0x01040202L, 0x01040203L,
- 0x08000000L, 0x08000001L, 0x08040000L, 0x08040001L,
- 0x09000000L, 0x09000001L, 0x09040000L, 0x09040001L,
- 0x08000002L, 0x08000003L, 0x08040002L, 0x08040003L,
- 0x09000002L, 0x09000003L, 0x09040002L, 0x09040003L,
- 0x08000200L, 0x08000201L, 0x08040200L, 0x08040201L,
- 0x09000200L, 0x09000201L, 0x09040200L, 0x09040201L,
- 0x08000202L, 0x08000203L, 0x08040202L, 0x08040203L,
- 0x09000202L, 0x09000203L, 0x09040202L, 0x09040203L,
- }, {
- /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
- 0x00000000L, 0x00100000L, 0x00000100L, 0x00100100L,
- 0x00000008L, 0x00100008L, 0x00000108L, 0x00100108L,
- 0x00001000L, 0x00101000L, 0x00001100L, 0x00101100L,
- 0x00001008L, 0x00101008L, 0x00001108L, 0x00101108L,
- 0x04000000L, 0x04100000L, 0x04000100L, 0x04100100L,
- 0x04000008L, 0x04100008L, 0x04000108L, 0x04100108L,
- 0x04001000L, 0x04101000L, 0x04001100L, 0x04101100L,
- 0x04001008L, 0x04101008L, 0x04001108L, 0x04101108L,
- 0x00020000L, 0x00120000L, 0x00020100L, 0x00120100L,
- 0x00020008L, 0x00120008L, 0x00020108L, 0x00120108L,
- 0x00021000L, 0x00121000L, 0x00021100L, 0x00121100L,
- 0x00021008L, 0x00121008L, 0x00021108L, 0x00121108L,
- 0x04020000L, 0x04120000L, 0x04020100L, 0x04120100L,
- 0x04020008L, 0x04120008L, 0x04020108L, 0x04120108L,
- 0x04021000L, 0x04121000L, 0x04021100L, 0x04121100L,
- 0x04021008L, 0x04121008L, 0x04021108L, 0x04121108L,
- }, {
- /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
- 0x00000000L, 0x10000000L, 0x00010000L, 0x10010000L,
- 0x00000004L, 0x10000004L, 0x00010004L, 0x10010004L,
- 0x20000000L, 0x30000000L, 0x20010000L, 0x30010000L,
- 0x20000004L, 0x30000004L, 0x20010004L, 0x30010004L,
- 0x00100000L, 0x10100000L, 0x00110000L, 0x10110000L,
- 0x00100004L, 0x10100004L, 0x00110004L, 0x10110004L,
- 0x20100000L, 0x30100000L, 0x20110000L, 0x30110000L,
- 0x20100004L, 0x30100004L, 0x20110004L, 0x30110004L,
- 0x00001000L, 0x10001000L, 0x00011000L, 0x10011000L,
- 0x00001004L, 0x10001004L, 0x00011004L, 0x10011004L,
- 0x20001000L, 0x30001000L, 0x20011000L, 0x30011000L,
- 0x20001004L, 0x30001004L, 0x20011004L, 0x30011004L,
- 0x00101000L, 0x10101000L, 0x00111000L, 0x10111000L,
- 0x00101004L, 0x10101004L, 0x00111004L, 0x10111004L,
- 0x20101000L, 0x30101000L, 0x20111000L, 0x30111000L,
- 0x20101004L, 0x30101004L, 0x20111004L, 0x30111004L,
- }, {
- /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
- 0x00000000L, 0x08000000L, 0x00000008L, 0x08000008L,
- 0x00000400L, 0x08000400L, 0x00000408L, 0x08000408L,
- 0x00020000L, 0x08020000L, 0x00020008L, 0x08020008L,
- 0x00020400L, 0x08020400L, 0x00020408L, 0x08020408L,
- 0x00000001L, 0x08000001L, 0x00000009L, 0x08000009L,
- 0x00000401L, 0x08000401L, 0x00000409L, 0x08000409L,
- 0x00020001L, 0x08020001L, 0x00020009L, 0x08020009L,
- 0x00020401L, 0x08020401L, 0x00020409L, 0x08020409L,
- 0x02000000L, 0x0A000000L, 0x02000008L, 0x0A000008L,
- 0x02000400L, 0x0A000400L, 0x02000408L, 0x0A000408L,
- 0x02020000L, 0x0A020000L, 0x02020008L, 0x0A020008L,
- 0x02020400L, 0x0A020400L, 0x02020408L, 0x0A020408L,
- 0x02000001L, 0x0A000001L, 0x02000009L, 0x0A000009L,
- 0x02000401L, 0x0A000401L, 0x02000409L, 0x0A000409L,
- 0x02020001L, 0x0A020001L, 0x02020009L, 0x0A020009L,
- 0x02020401L, 0x0A020401L, 0x02020409L, 0x0A020409L,
- }, {
- /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
- 0x00000000L, 0x00000100L, 0x00080000L, 0x00080100L,
- 0x01000000L, 0x01000100L, 0x01080000L, 0x01080100L,
- 0x00000010L, 0x00000110L, 0x00080010L, 0x00080110L,
- 0x01000010L, 0x01000110L, 0x01080010L, 0x01080110L,
- 0x00200000L, 0x00200100L, 0x00280000L, 0x00280100L,
- 0x01200000L, 0x01200100L, 0x01280000L, 0x01280100L,
- 0x00200010L, 0x00200110L, 0x00280010L, 0x00280110L,
- 0x01200010L, 0x01200110L, 0x01280010L, 0x01280110L,
- 0x00000200L, 0x00000300L, 0x00080200L, 0x00080300L,
- 0x01000200L, 0x01000300L, 0x01080200L, 0x01080300L,
- 0x00000210L, 0x00000310L, 0x00080210L, 0x00080310L,
- 0x01000210L, 0x01000310L, 0x01080210L, 0x01080310L,
- 0x00200200L, 0x00200300L, 0x00280200L, 0x00280300L,
- 0x01200200L, 0x01200300L, 0x01280200L, 0x01280300L,
- 0x00200210L, 0x00200310L, 0x00280210L, 0x00280310L,
- 0x01200210L, 0x01200310L, 0x01280210L, 0x01280310L,
- }, {
- /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
- 0x00000000L, 0x04000000L, 0x00040000L, 0x04040000L,
- 0x00000002L, 0x04000002L, 0x00040002L, 0x04040002L,
- 0x00002000L, 0x04002000L, 0x00042000L, 0x04042000L,
- 0x00002002L, 0x04002002L, 0x00042002L, 0x04042002L,
- 0x00000020L, 0x04000020L, 0x00040020L, 0x04040020L,
- 0x00000022L, 0x04000022L, 0x00040022L, 0x04040022L,
- 0x00002020L, 0x04002020L, 0x00042020L, 0x04042020L,
- 0x00002022L, 0x04002022L, 0x00042022L, 0x04042022L,
- 0x00000800L, 0x04000800L, 0x00040800L, 0x04040800L,
- 0x00000802L, 0x04000802L, 0x00040802L, 0x04040802L,
- 0x00002800L, 0x04002800L, 0x00042800L, 0x04042800L,
- 0x00002802L, 0x04002802L, 0x00042802L, 0x04042802L,
- 0x00000820L, 0x04000820L, 0x00040820L, 0x04040820L,
- 0x00000822L, 0x04000822L, 0x00040822L, 0x04040822L,
- 0x00002820L, 0x04002820L, 0x00042820L, 0x04042820L,
- 0x00002822L, 0x04002822L, 0x00042822L, 0x04042822L,
- },
-};
-
-int
-DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
-{
- if (DES_check_key) {
- return DES_set_key_checked(key, schedule);
- } else {
- DES_set_key_unchecked(key, schedule);
- return 0;
- }
-}
-LCRYPTO_ALIAS(DES_set_key);
-
-/* return 0 if key parity is odd (correct),
- * return -1 if key parity error,
- * return -2 if illegal weak key.
- */
-int
-DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
-{
- if (!DES_check_key_parity(key))
- return (-1);
- if (DES_is_weak_key(key))
- return (-2);
- DES_set_key_unchecked(key, schedule);
- return 0;
-}
-LCRYPTO_ALIAS(DES_set_key_checked);
-
-void
-DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
-{
- static const int shifts2[16] = {0, 0,1, 1,1, 1,1, 1,0, 1,1, 1,1, 1,1, 0};
- DES_LONG c, d, t, s, t2;
- const unsigned char *in;
- DES_LONG *k;
- int i;
-
- k = &schedule->ks->deslong[0];
- in = &(*key)[0];
-
- c2l(in, c);
- c2l(in, d);
-
- /* do PC1 in 47 simple operations :-)
- * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
- * for the inspiration. :-) */
- PERM_OP(d, c, t, 4, 0x0f0f0f0fL);
- HPERM_OP(c, t, -2, 0xcccc0000L);
- HPERM_OP(d, t, -2, 0xcccc0000L);
- PERM_OP(d, c, t, 1, 0x55555555L);
- PERM_OP(c, d, t, 8, 0x00ff00ffL);
- PERM_OP(d, c, t, 1, 0x55555555L);
- d = (((d & 0x000000ffL) << 16L) | (d & 0x0000ff00L) |
- ((d & 0x00ff0000L) >> 16L)|((c & 0xf0000000L) >> 4L));
- c &= 0x0fffffffL;
-
- for (i = 0; i < ITERATIONS; i++) {
- if (shifts2[i]) {
- c = ((c >> 2L)|(c << 26L));
- d = ((d >> 2L)|(d << 26L));
- } else {
- c = ((c >> 1L)|(c << 27L));
- d = ((d >> 1L)|(d << 27L));
- }
- c &= 0x0fffffffL;
- d &= 0x0fffffffL;
- /* could be a few less shifts but I am to lazy at this
- * point in time to investigate */
- s = des_skb[0][(c)&0x3f]|
- des_skb[1][((c >> 6L) & 0x03)|((c >> 7L) & 0x3c)]|
- des_skb[2][((c >> 13L) & 0x0f)|((c >> 14L) & 0x30)]|
- des_skb[3][((c >> 20L) & 0x01)|((c >> 21L) & 0x06) |
- ((c >> 22L) & 0x38)];
- t = des_skb[4][(d)&0x3f]|
- des_skb[5][((d >> 7L) & 0x03)|((d >> 8L) & 0x3c)]|
- des_skb[6][(d >> 15L) & 0x3f]|
- des_skb[7][((d >> 21L) & 0x0f)|((d >> 22L) & 0x30)];
-
- /* table contained 0213 4657 */
- t2 = ((t << 16L)|(s & 0x0000ffffL)) & 0xffffffffL;
- *(k++) = ROTATE(t2, 30) & 0xffffffffL;
-
- t2 = ((s >> 16L)|(t & 0xffff0000L));
- *(k++) = ROTATE(t2, 26) & 0xffffffffL;
- }
-}
-LCRYPTO_ALIAS(DES_set_key_unchecked);
-
-int
-DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
-{
- return (DES_set_key(key, schedule));
-}
-LCRYPTO_ALIAS(DES_key_sched);
-
-int
-DES_random_key(DES_cblock *ret)
-{
- do {
- arc4random_buf(ret, sizeof(DES_cblock));
- DES_set_odd_parity(ret);
- } while (DES_is_weak_key(ret));
- return (1);
-}
-LCRYPTO_ALIAS(DES_random_key);
diff --git a/src/lib/libcrypto/des/str2key.c b/src/lib/libcrypto/des/str2key.c
deleted file mode 100644
index cc5bc91b4d..0000000000
--- a/src/lib/libcrypto/des/str2key.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/* $OpenBSD: str2key.c,v 1.14 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include "des_local.h"
-
-void
-DES_string_to_key(const char *str, DES_cblock *key)
-{
- DES_key_schedule ks;
- int i, length;
- unsigned char j;
-
- memset(key, 0, 8);
- length = strlen(str);
-#ifdef OLD_STR_TO_KEY
- for (i = 0; i < length; i++)
- (*key)[i % 8] ^= (str[i] << 1);
-#else /* MIT COMPATIBLE */
- for (i = 0; i < length; i++) {
- j = str[i];
- if ((i % 16) < 8)
- (*key)[i % 8] ^= (j << 1);
- else {
- /* Reverse the bit order 05/05/92 eay */
- j = ((j << 4) & 0xf0)|((j >> 4) & 0x0f);
- j = ((j << 2) & 0xcc)|((j >> 2) & 0x33);
- j = ((j << 1) & 0xaa)|((j >> 1) & 0x55);
- (*key)[7 - (i % 8)] ^= j;
- }
- }
-#endif
- DES_set_odd_parity(key);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
- if (DES_is_weak_key(key))
- (*key)[7] ^= 0xF0;
- DES_set_key(key, &ks);
-#else
- DES_set_key_unchecked(key, &ks);
-#endif
- DES_cbc_cksum((const unsigned char *)str, key, length, &ks, key);
- explicit_bzero(&ks, sizeof(ks));
- DES_set_odd_parity(key);
-}
-LCRYPTO_ALIAS(DES_string_to_key);
-
-void
-DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
-{
- DES_key_schedule ks;
- int i, length;
- unsigned char j;
-
- memset(key1, 0, 8);
- memset(key2, 0, 8);
- length = strlen(str);
-#ifdef OLD_STR_TO_KEY
- if (length <= 8) {
- for (i = 0; i < length; i++) {
- (*key2)[i] = (*key1)[i] = (str[i] << 1);
- }
- } else {
- for (i = 0; i < length; i++) {
- if ((i/8) & 1)
- (*key2)[i % 8] ^= (str[i] << 1);
- else
- (*key1)[i % 8] ^= (str[i] << 1);
- }
- }
-#else /* MIT COMPATIBLE */
- for (i = 0; i < length; i++) {
- j = str[i];
- if ((i % 32) < 16) {
- if ((i % 16) < 8)
- (*key1)[i % 8] ^= (j << 1);
- else
- (*key2)[i % 8] ^= (j << 1);
- } else {
- j = ((j << 4) & 0xf0)|((j >> 4) & 0x0f);
- j = ((j << 2) & 0xcc)|((j >> 2) & 0x33);
- j = ((j << 1) & 0xaa)|((j >> 1) & 0x55);
- if ((i % 16) < 8)
- (*key1)[7 - (i % 8)] ^= j;
- else
- (*key2)[7 - (i % 8)] ^= j;
- }
- }
- if (length <= 8)
- memcpy(key2, key1, 8);
-#endif
- DES_set_odd_parity(key1);
- DES_set_odd_parity(key2);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
- if (DES_is_weak_key(key1))
- (*key1)[7] ^= 0xF0;
- DES_set_key(key1, &ks);
-#else
- DES_set_key_unchecked(key1, &ks);
-#endif
- DES_cbc_cksum((const unsigned char *)str, key1, length, &ks, key1);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
- if (DES_is_weak_key(key2))
- (*key2)[7] ^= 0xF0;
- DES_set_key(key2, &ks);
-#else
- DES_set_key_unchecked(key2, &ks);
-#endif
- DES_cbc_cksum((const unsigned char *)str, key2, length, &ks, key2);
- explicit_bzero(&ks, sizeof(ks));
- DES_set_odd_parity(key1);
- DES_set_odd_parity(key2);
-}
-LCRYPTO_ALIAS(DES_string_to_2keys);
diff --git a/src/lib/libcrypto/des/xcbc_enc.c b/src/lib/libcrypto/des/xcbc_enc.c
deleted file mode 100644
index 90607cad33..0000000000
--- a/src/lib/libcrypto/des/xcbc_enc.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* $OpenBSD: xcbc_enc.c,v 1.13 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_local.h"
-
-/* RSA's DESX */
-
-void
-DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *schedule,
- DES_cblock *ivec, const_DES_cblock *inw,
- const_DES_cblock *outw, int enc)
-{
- DES_LONG tin0, tin1;
- DES_LONG tout0, tout1, xor0, xor1;
- DES_LONG inW0, inW1, outW0, outW1;
- const unsigned char *in2;
- long l = length;
- DES_LONG tin[2];
- unsigned char *iv;
-
- in2 = &(*inw)[0];
- c2l(in2, inW0);
- c2l(in2, inW1);
- in2 = &(*outw)[0];
- c2l(in2, outW0);
- c2l(in2, outW1);
-
- iv = &(*ivec)[0];
-
- if (enc) {
- c2l(iv, tout0);
- c2l(iv, tout1);
- for (l -= 8; l >= 0; l -= 8) {
- c2l(in, tin0);
- c2l(in, tin1);
- tin0 ^= tout0 ^ inW0;
- tin[0] = tin0;
- tin1 ^= tout1 ^ inW1;
- tin[1] = tin1;
- DES_encrypt1(tin, schedule, DES_ENCRYPT);
- tout0 = tin[0] ^ outW0;
- l2c(tout0, out);
- tout1 = tin[1] ^ outW1;
- l2c(tout1, out);
- }
- if (l != -8) {
- c2ln(in, tin0, tin1, l + 8);
- tin0 ^= tout0 ^ inW0;
- tin[0] = tin0;
- tin1 ^= tout1 ^ inW1;
- tin[1] = tin1;
- DES_encrypt1(tin, schedule, DES_ENCRYPT);
- tout0 = tin[0] ^ outW0;
- l2c(tout0, out);
- tout1 = tin[1] ^ outW1;
- l2c(tout1, out);
- }
- iv = &(*ivec)[0];
- l2c(tout0, iv);
- l2c(tout1, iv);
- } else {
- c2l(iv, xor0);
- c2l(iv, xor1);
- for (l -= 8; l > 0; l -= 8) {
- c2l(in, tin0);
- tin[0] = tin0 ^ outW0;
- c2l(in, tin1);
- tin[1] = tin1 ^ outW1;
- DES_encrypt1(tin, schedule, DES_DECRYPT);
- tout0 = tin[0] ^ xor0 ^ inW0;
- tout1 = tin[1] ^ xor1 ^ inW1;
- l2c(tout0, out);
- l2c(tout1, out);
- xor0 = tin0;
- xor1 = tin1;
- }
- if (l != -8) {
- c2l(in, tin0);
- tin[0] = tin0 ^ outW0;
- c2l(in, tin1);
- tin[1] = tin1 ^ outW1;
- DES_encrypt1(tin, schedule, DES_DECRYPT);
- tout0 = tin[0] ^ xor0 ^ inW0;
- tout1 = tin[1] ^ xor1 ^ inW1;
- l2cn(tout0, tout1, out, l + 8);
- xor0 = tin0;
- xor1 = tin1;
- }
-
- iv = &(*ivec)[0];
- l2c(xor0, iv);
- l2c(xor1, iv);
- }
- tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
- inW0 = inW1 = outW0 = outW1 = 0;
- tin[0] = tin[1] = 0;
-}
-LCRYPTO_ALIAS(DES_xcbc_encrypt);
--
cgit v1.2.3-55-g6feb