/** Verify a signature
@param hashname [in] String naming the hash
@param keydatalen [in] The length of the public key
@param keydata [in] The public key of the signer
@param sigdatalen [in] The length of the signature data
@param sigdata [in] The signature data
@param filedatalen [in] The length of the file in octets
@param filedata [in] The contents of the file being verified
@param ... [in] Additional len,data pairs until len is 0
@return nonzero on error [or invalid], 0 on success
If
*/
int verify_data(
char *hashname,
unsigned long keydatalen,
unsigned char *keydata,
unsigned long sigdatalen,
unsigned char *sigdata,
unsigned long filedatalen,
const unsigned char *filedata, ...)
{
rsa_key rsakey;
unsigned char rsabuf[2048], md[MAXBLOCKSIZE];
unsigned long rsalen, mdlen;
int stat;
int res;
va_list args;
const unsigned char *dataptr;
unsigned long datalen;
hash_state hs;
struct ltc_hash_descriptor *hd;
int hashid;
heap_start(heap_mem, HEAP_SIZE);
if (strcmp(hashname,"des") == 0) {
symmetric_key skey;
DO(des_setup(keydata, keydatalen, 0, &skey),0x400000);
DO(des_ecb_encrypt(filedata, sigdata, &skey),0x500000);
return res;
}
register_hash(&sha256_desc);
// register_hash(&sha512_desc);
// register_hash(&whirlpool_desc);
register_hash(&rmd160_desc);
register_hash(&md4_desc);
register_hash(<c_md5_desc);
register_hash(&sha1_desc);
ltc_mp = tfm_desc;
hashid = find_hash(hashname);
if ((res = hash_is_valid(hashid)) != CRYPT_OK)
return res;
hd = &hash_descriptor[hashid];
if ((res = hd->init(&hs)) != CRYPT_OK)
return res;
va_start(args, filedata);
dataptr = filedata;
datalen = filedatalen;
for(;;) {
if((res = hd->process(&hs, dataptr, datalen)) != 0)
return res;
if((datalen = va_arg(args, unsigned long)) == 0)
break;
if((dataptr = va_arg(args, unsigned char *)) == NULL)
break;
}
va_end(args);
if (keydatalen == 0) {
res = hd->done(&hs, sigdata);
*keydata = hd->hashsize;
return res+0x100000;
}
if((res = hd->done(&hs, md)) != 0)
return res+0x200000;
mdlen = hd->hashsize;
DO(rsa_import(keydata, keydatalen, &rsakey),0x300000);
DO(rsa_verify_hash(sigdata, sigdatalen, md, mdlen, find_hash(hashname), 8, &stat, &rsakey),0x400000);
rsa_free(&rsakey);
return (stat == 0) ? -1 : 0;
}
ATF_TC_BODY(ecb, tc)
{
int i;
des_cblock in, out, outin;
des_key_schedule ks;
for (i = 0; i < NUM_TESTS; i++) {
des_set_key_unchecked(&key_data[i], ks);
memcpy(in, plain_data[i], 8);
memset(out, 0, 8);
memset(outin, 0, 8);
des_ecb_encrypt(&in, &out, ks, DES_ENCRYPT);
des_ecb_encrypt(&out, &outin, ks, DES_DECRYPT);
if (memcmp(out, cipher_data[i], 8) != 0) {
atf_tc_fail_nonfatal("Encryption error %2d\nk=%s p=%s "
"o=%s act=%s\n", i + 1,
pt(key_data[i]), pt(in),
pt(cipher_data[i]), pt(out));
}
if (memcmp(in, outin, 8) != 0) {
atf_tc_fail_nonfatal("Decryption error %2d\nk=%s p=%s "
"o=%s act=%s\n", i + 1,
pt(key_data[i]), pt(out), pt(in),
pt(outin));
}
}
}
int desDecryptCBC( CRYPT_INFO *cryptInfo, BYTE *buffer, int noBytes )
{
BYTE temp[ DES_BLOCKSIZE ];
int blockCount = noBytes / DES_BLOCKSIZE;
/* Make sure the data length is a multiple of the block size */
if( noBytes % DES_BLOCKSIZE )
return( CRYPT_BADPARM3 );
while( blockCount-- )
{
int i;
/* Save the ciphertext */
memcpy( temp, buffer, DES_BLOCKSIZE );
/* Decrypt a block of data */
des_ecb_encrypt( ( C_Block * ) buffer, ( C_Block * ) buffer,
cryptInfo->key, DES_DECRYPT );
/* XOR the buffer contents with the encrypted IV */
for( i = 0; i < DES_BLOCKSIZE; i++ )
buffer[ i ] ^= cryptInfo->currentIV[ i ];
/* Shift the ciphertext into the IV */
memcpy( cryptInfo->currentIV, temp, DES_BLOCKSIZE );
/* Move on to next block of data */
buffer += DES_BLOCKSIZE;
}
return( CRYPT_OK );
}
int
ofb64_decrypt(int data)
{
struct stinfo *stp = &fb[OFB].streams[DIR_DECRYPT-1];
int idx;
if (data == -1) {
/*
* Back up one byte. It is assumed that we will
* never back up more than one byte. If we do, this
* may or may not work.
*/
if (stp->str_index)
--stp->str_index;
return(0);
}
idx = stp->str_index++;
if (idx == sizeof(Block)) {
Block b;
des_ecb_encrypt((Block *)stp->str_feed, (Block *)b, stp->str_sched, 1);
memmove((void *)stp->str_feed, (void *)b, sizeof(Block));
stp->str_index = 1; /* Next time will be 1 */
idx = 0; /* But now use 0 */
}
return(data ^ stp->str_feed[idx]);
}
static void DesEncrypt(
u_char *clear, /* IN 8 octets */
u_char *key, /* IN 7 octets */
u_char *cipher /* OUT 8 octets */
)
{
des_cblock des_key;
des_key_schedule key_schedule;
MakeKey(key, des_key);
des_set_key(&des_key, key_schedule);
#if 0
CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet input : %02X%02X%02X%02X%02X%02X%02X%02X\n",
clear[0], clear[1], clear[2], clear[3], clear[4], clear[5], clear[6], clear[7]));
#endif
des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, key_schedule, 1);
#if 0
CHAPDEBUG((LOG_INFO, "DesEncrypt: 8 octet output: %02X%02X%02X%02X%02X%02X%02X%02X\n",
cipher[0], cipher[1], cipher[2], cipher[3], cipher[4], cipher[5], cipher[6], cipher[7]));
#endif
}
static void block_encrypt(struct block_state *self, const uint8_t *in, uint8_t *out)
{
#ifdef PCT_DES3_MODULE
des3_ecb_encrypt(in, out, &self->sk);
#else
des_ecb_encrypt(in, out, &self->sk);
#endif
}
static void
des1_decrypt(caddr_t key, u_int8_t *blk)
{
des_cblock *cb = (des_cblock *) blk;
des_key_schedule *p = (des_key_schedule *) key;
des_ecb_encrypt(cb, cb, p[0], DES_DECRYPT);
}
static void
des1_encrypt(void *key, u_int8_t *blk)
{
des_cblock *cb = (des_cblock *) blk;
des_key_schedule *p = (des_key_schedule *) key;
des_ecb_encrypt(cb, cb, p[0], DES_ENCRYPT);
}
static int
fb64_start(struct fb *fbp, int dir, int server __unused)
{
size_t x;
unsigned char *p;
int state;
switch (dir) {
case DIR_DECRYPT:
/*
* This is simply a request to have the other side
* start output (our input). He will negotiate an
* IV so we need not look for it.
*/
state = fbp->state[dir-1];
if (state == FAILED)
state = IN_PROGRESS;
break;
case DIR_ENCRYPT:
state = fbp->state[dir-1];
if (state == FAILED)
state = IN_PROGRESS;
else if ((state & NO_SEND_IV) == 0)
break;
if (!VALIDKEY(fbp->krbdes_key)) {
fbp->need_start = 1;
break;
}
state &= ~NO_SEND_IV;
state |= NO_RECV_IV;
if (encrypt_debug_mode)
printf("Creating new feed\r\n");
/*
* Create a random feed and send it over.
*/
des_random_key((Block *)fbp->temp_feed);
des_ecb_encrypt((Block *)fbp->temp_feed, (Block *)fbp->temp_feed,
fbp->krbdes_sched, 1);
p = fbp->fb_feed + 3;
*p++ = ENCRYPT_IS;
p++;
*p++ = FB64_IV;
for (x = 0; x < sizeof(Block); ++x) {
if ((*p++ = fbp->temp_feed[x]) == IAC)
*p++ = IAC;
}
*p++ = IAC;
*p++ = SE;
printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]);
net_write(fbp->fb_feed, p - fbp->fb_feed);
break;
default:
return(FAILED);
}
return(fbp->state[dir-1] = state);
}
int desDecryptCFB( CRYPT_INFO *cryptInfo, BYTE *buffer, int noBytes )
{
BYTE temp[ DES_BLOCKSIZE ];
int i, ivCount = cryptInfo->ivCount;
/* If there's any encrypted material left in the IV, use it now */
if( ivCount )
{
int bytesToUse;
/* Find out how much material left in the encrypted IV we can use */
bytesToUse = DES_BLOCKSIZE - ivCount;
if( noBytes < bytesToUse )
bytesToUse = noBytes;
/* Decrypt the data */
memcpy( temp, buffer, bytesToUse );
for( i = 0; i < bytesToUse; i++ )
buffer[ i ] ^= cryptInfo->currentIV[ i + ivCount ];
memcpy( cryptInfo->currentIV + ivCount, temp, bytesToUse );
/* Adjust the byte count and buffer position */
noBytes -= bytesToUse;
buffer += bytesToUse;
ivCount += bytesToUse;
}
while( noBytes )
{
ivCount = ( noBytes > DES_BLOCKSIZE ) ? DES_BLOCKSIZE : noBytes;
/* Encrypt the IV */
des_ecb_encrypt( ( C_Block * ) cryptInfo->currentIV,
( C_Block * ) cryptInfo->currentIV,
cryptInfo->key, DES_ENCRYPT );
/* Save the ciphertext */
memcpy( temp, buffer, ivCount );
/* XOR the buffer contents with the encrypted IV */
for( i = 0; i < ivCount; i++ )
buffer[ i ] ^= cryptInfo->currentIV[ i ];
/* Shift the ciphertext into the IV */
memcpy( cryptInfo->currentIV, temp, ivCount );
/* Move on to next block of data */
noBytes -= ivCount;
buffer += ivCount;
}
/* Remember how much of the IV is still available for use */
cryptInfo->ivCount = ( ivCount % DES_BLOCKSIZE );
return( CRYPT_OK );
}
/* Do the DesEncryption */
void
DesEncrypt(unsigned char *clear, unsigned char *key, unsigned char *cipher)
{
des_cblock des_key;
des_key_schedule key_schedule;
MakeKey(key, des_key);
des_set_key(&des_key, key_schedule);
des_ecb_encrypt((des_cblock *) clear, (des_cblock *) cipher, key_schedule, 1);
}
static void block_encrypt(block_state *self, unsigned char *in, unsigned char *out)
{
int rc;
#ifdef PCT_DES3_MODULE
rc = des3_ecb_encrypt(in, out, &self->sk);
#else
rc = des_ecb_encrypt(in, out, &self->sk);
#endif
assert(rc == CRYPT_OK);
}
static int
esp_des_blockencrypt(const struct esp_algorithm *algo, struct secasvar *sav,
u_int8_t *s, u_int8_t *d)
{
/* assumption: d has a good alignment */
bcopy(s, d, sizeof(DES_LONG) * 2);
des_ecb_encrypt((des_cblock *)d, (des_cblock *)d,
*(des_key_schedule *)sav->sched, DES_ENCRYPT);
return 0;
}
static int
check_response(char *challenge, char *response, char *key)
{
char buf[20];
#ifdef KOONTZ_DES
extern void des (union LR_block *);
extern void loadkey(char *,int);
extern void set_des_mode(int);
union LR_block data;
strncpy((char *)data.string, (char *)challenge, 8);
set_des_mode(ENCRYPT);
loadkey(key, NOSHIFT);
des(&data);
memset(key, 0, 8); /* no need for the secret key anymore, scratch it */
sprintf(buf, "%2.2X%2.2X%2.2X%2.2X",
(int)(data.LR[0]) & 0xff,
(int)(data.LR[0]>>8) & 0xff,
(int)(data.LR[0]>>16) & 0xff,
(int)(data.LR[0]>>24) & 0xff);
#endif /* KOONTZ_DES */
#ifdef EAY_LIBDES
des_cblock res;
des_key_schedule ks;
des_set_key((des_cblock *)key, ks);
memset(key, 0, 8);
des_ecb_encrypt((des_cblock *)challenge, &res, ks, DES_ENCRYPT);
#ifdef LITTLE_ENDIAN
/* use this on Intel x86 boxes */
sprintf(buf, "%2.2X%2.2X%2.2X%2.2X",
res[0], res[1], res[2], res[3]);
#else /* ie. BIG_ENDIAN */
/* use this on big endian RISC boxes */
sprintf(buf, "%2.2X%2.2X%2.2X%2.2X",
res[3], res[2], res[1], res[0]);
#endif /* LITTLE_ENDIAN */
#endif /* EAY_LIBDES */
/* return success only if ALL requirements have been met */
if (strncmp(buf, response, 8) == 0)
return 1;
return 0;
}
static int desTestLoop( DES_TEST *testData, int iterations, int operation )
{
BYTE temp[ DES_BLOCKSIZE ];
BYTE key[ DES_EXPANDED_KEYSIZE ];
int i;
for( i = 0; i < iterations; i++ )
{
memcpy( temp, testData[ i ].plaintext, DES_BLOCKSIZE );
key_sched( ( C_Block * ) testData[ i ].key,
*( ( Key_schedule * ) key ) );
des_ecb_encrypt( ( C_Block * ) temp, ( C_Block * ) temp,
*( ( Key_schedule * ) key ), operation );
if( memcmp( testData[ i ].ciphertext, temp, DES_BLOCKSIZE ) )
return( CRYPT_ERROR );
}
return( CRYPT_OK );
}
/*
* DES 64 bit Output Feedback
*
* key --->+-----+
* +->| DES |--+
* | +-----+ |
* +-----------+
* v
* INPUT -------->(+) ----> DATA
*
* Given:
* iV: Initial vector, 64 bits (8 bytes) long.
* Dn: the nth chunk of 64 bits (8 bytes) of data to encrypt (decrypt).
* On: the nth chunk of 64 bits (8 bytes) of encrypted (decrypted) output.
*
* V0 = DES(iV, key)
* V(n+1) = DES(Vn, key)
* On = Dn ^ Vn
*/
void
ofb64_encrypt(unsigned char *s, int c)
{
struct stinfo *stp = &fb[OFB].streams[DIR_ENCRYPT-1];
int idx;
idx = stp->str_index;
while (c-- > 0) {
if (idx == sizeof(Block)) {
Block b;
des_ecb_encrypt((Block *)stp->str_feed, (Block *)b, stp->str_sched, 1);
memmove((void *)stp->str_feed, (void *)b, sizeof(Block));
idx = 0;
}
*s++ ^= stp->str_feed[idx];
idx++;
}
stp->str_index = idx;
}
char *XTRAMangle(char *xtrace, char *cryptpw)
{
static char res[256];
char *rptr, *xptr;
int count;
unsigned char plain[8], enc[8];
des_cblock key;
des_key_schedule sched;
des_string_to_key(cryptpw, &key);
des_set_key(&key, sched);
rptr = res;
/* Overflow protect; 192 chars expands to 256, overflowing res */
if (strlen(xtrace) > 191) {
xtrace[191] = '\0';
}
/* Step thru 'xtrace' 8 chars at a time, encrypt as we go */
xptr = xtrace;
count = 0;
bzero(plain, sizeof(plain));
while (*xptr) {
plain[count++ % 8] = *xptr++;
if (! *xptr || (count % 8) == 0) {
/* Encrypt block of (up to) 8 and pump out coded ASCII */
des_ecb_encrypt((des_cblock *)plain,(des_cblock *)enc, sched, 1);
bzero(plain, sizeof(plain));
*rptr++ = '0' + (enc[0] & 0x3f);
*rptr++ = '0' + (enc[0] >> 6) + ((enc[1] & 0x0f) << 2);
*rptr++ = '0' + (enc[1] >> 4) + ((enc[2] & 0x03) << 4);
*rptr++ = '0' + (enc[2] >> 2);
*rptr++ = '0' + (enc[3] & 0x3f);
*rptr++ = '0' + (enc[3] >> 6) + ((enc[4] & 0x0f) << 2);
*rptr++ = '0' + (enc[4] >> 4) + ((enc[5] & 0x03) << 4);
*rptr++ = '0' + (enc[5] >> 2);
*rptr++ = '0' + (enc[6] & 0x3f);
*rptr++ = '0' + (enc[6] >> 6) + ((enc[7] & 0x0f) << 2);
*rptr++ = '0' + (enc[7] >> 4) + ((time(NULL) & 0x03) << 4);
}
}
int desDecryptECB( CRYPT_INFO *cryptInfo, BYTE *buffer, int noBytes )
{
int blockCount = noBytes / DES_BLOCKSIZE;
/* Make sure the data length is a multiple of the block size */
if( noBytes % DES_BLOCKSIZE )
return( CRYPT_BADPARM3 );
while( blockCount-- )
{
/* Decrypt a block of data */
des_ecb_encrypt( ( C_Block * ) buffer, ( C_Block * ) buffer,
cryptInfo->key, DES_DECRYPT );
/* Move on to next block of data */
buffer += DES_BLOCKSIZE;
}
return( CRYPT_OK );
}
void
cfb64_encrypt(unsigned char *s, int c)
{
struct stinfo *stp = &fb[CFB].streams[DIR_ENCRYPT-1];
int idx;
idx = stp->str_index;
while (c-- > 0) {
if (idx == sizeof(Block)) {
Block b;
des_ecb_encrypt((Block *)stp->str_output, (Block *)b, stp->str_sched, 1);
memmove((void *)stp->str_feed, (void *)b, sizeof(Block));
idx = 0;
}
/* On encryption, we store (feed ^ data) which is cypher */
*s = stp->str_output[idx] = (stp->str_feed[idx] ^ *s);
s++;
idx++;
}
stp->str_index = idx;
}
/*
* des_generate_random_block: routine to return the next random number
* from the current random number stream.
* The returned number is 64 bits long.
*
* Requires: des_set_random_generator_seed must have been called at least once
* before this routine is called.
*/
static afs_int32
des_generate_random_block(des_cblock block)
{
int i;
/*
* Encrypt the sequence number to get the new random block:
*/
LOCK_RANDOM;
des_ecb_encrypt(sequence_number, block, random_sequence_key.d, 1);
/*
* Increment the sequence number as an 8 byte unsigned number with wrap:
* (using LSB here)
*/
for (i = 0; i < 8; i++) {
sequence_number[i] = (sequence_number[i] + 1) & 0xff;
if (sequence_number[i])
break;
}
UNLOCK_RANDOM;
return 0;
}
BOOLEAN scMultiflexCompareAuth( const BYTE *key, const BYTE *chall,
const BYTE *auth )
{
#ifdef WITH_DES
des_key_schedule schedule;
des_cblock out;
des_check_key=0;
des_set_key( (des_cblock *) key, schedule );
des_ecb_encrypt( (des_cblock *) chall, &out, schedule, DES_ENCRYPT );
memset( &schedule, 0, sizeof(schedule) );
if( memcmp( auth, out, 6 ) ) return( FALSE );
memset( out, 0, sizeof(out) );
return( TRUE );
#else
return( FALSE );
#endif /* WITH_DES */
}
int main(int argc, char *argv[])
{
int i,j,err=0;
des_cblock in,out,outin,iv3,iv2;
des_key_schedule ks,ks2,ks3;
unsigned char cbc_in[40];
unsigned char cbc_out[40];
DES_LONG cs;
unsigned char cret[8];
#ifdef _CRAY
struct {
int a:32;
int b:32;
} lqret[2];
#else
DES_LONG lqret[4];
#endif
int num;
char *str;
#ifndef NO_DESCBCM
printf("Doing cbcm\n");
if ((j=des_set_key_checked(&cbc_key,ks)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
if ((j=des_set_key_checked(&cbc2_key,ks2)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
if ((j=des_set_key_checked(&cbc3_key,ks3)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
memset(cbc_out,0,40);
memset(cbc_in,0,40);
i=strlen((char *)cbc_data)+1;
/* i=((i+7)/8)*8; */
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
memset(iv2,'\0',sizeof iv2);
des_ede3_cbcm_encrypt(cbc_data,cbc_out,16L,ks,ks2,ks3,&iv3,&iv2,
DES_ENCRYPT);
des_ede3_cbcm_encrypt(&cbc_data[16],&cbc_out[16],i-16,ks,ks2,ks3,
&iv3,&iv2,DES_ENCRYPT);
/* if (memcmp(cbc_out,cbc3_ok,
(unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
{
printf("des_ede3_cbc_encrypt encrypt error\n");
err=1;
}
*/
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
memset(iv2,'\0',sizeof iv2);
des_ede3_cbcm_encrypt(cbc_out,cbc_in,i,ks,ks2,ks3,&iv3,&iv2,DES_DECRYPT);
if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
{
int n;
printf("des_ede3_cbcm_encrypt decrypt error\n");
for(n=0 ; n < i ; ++n)
printf(" %02x",cbc_data[n]);
printf("\n");
for(n=0 ; n < i ; ++n)
printf(" %02x",cbc_in[n]);
printf("\n");
err=1;
}
#endif
printf("Doing ecb\n");
for (i=0; i<NUM_TESTS; i++)
{
des_set_key_unchecked(&key_data[i],ks);
memcpy(in,plain_data[i],8);
memset(out,0,8);
memset(outin,0,8);
des_ecb_encrypt(&in,&out,ks,DES_ENCRYPT);
des_ecb_encrypt(&out,&outin,ks,DES_DECRYPT);
if (memcmp(out,cipher_data[i],8) != 0)
{
printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]),
pt(out));
err=1;
}
if (memcmp(in,outin,8) != 0)
{
printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
err=1;
}
}
#ifndef LIBDES_LIT
printf("Doing ede ecb\n");
for (i=0; i<(NUM_TESTS-1); i++)
{
des_set_key_unchecked(&key_data[i],ks);
des_set_key_unchecked(&key_data[i+1],ks2);
des_set_key_unchecked(&key_data[i+2],ks3);
memcpy(in,plain_data[i],8);
memset(out,0,8);
memset(outin,0,8);
des_ecb2_encrypt(&in,&out,ks,ks2,DES_ENCRYPT);
des_ecb2_encrypt(&out,&outin,ks,ks2,DES_DECRYPT);
if (memcmp(out,cipher_ecb2[i],8) != 0)
{
printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(in),pt(cipher_ecb2[i]),
pt(out));
err=1;
}
if (memcmp(in,outin,8) != 0)
{
printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
err=1;
}
}
#endif
printf("Doing cbc\n");
if ((j=des_set_key_checked(&cbc_key,ks)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
memset(cbc_out,0,40);
memset(cbc_in,0,40);
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ncbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
&iv3,DES_ENCRYPT);
if (memcmp(cbc_out,cbc_ok,32) != 0)
{
printf("cbc_encrypt encrypt error\n");
err=1;
}
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ncbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,
&iv3,DES_DECRYPT);
if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)) != 0)
{
printf("cbc_encrypt decrypt error\n");
err=1;
}
#ifndef LIBDES_LIT
printf("Doing desx cbc\n");
if ((j=des_set_key_checked(&cbc_key,ks)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
memset(cbc_out,0,40);
memset(cbc_in,0,40);
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_xcbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
&iv3,&cbc2_key,&cbc3_key, DES_ENCRYPT);
if (memcmp(cbc_out,xcbc_ok,32) != 0)
{
printf("des_xcbc_encrypt encrypt error\n");
err=1;
}
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_xcbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,
&iv3,&cbc2_key,&cbc3_key, DES_DECRYPT);
if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
{
printf("des_xcbc_encrypt decrypt error\n");
err=1;
}
#endif
printf("Doing ede cbc\n");
if ((j=des_set_key_checked(&cbc_key,ks)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
if ((j=des_set_key_checked(&cbc2_key,ks2)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
if ((j=des_set_key_checked(&cbc3_key,ks3)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
memset(cbc_out,0,40);
memset(cbc_in,0,40);
i=strlen((char *)cbc_data)+1;
/* i=((i+7)/8)*8; */
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ede3_cbc_encrypt(cbc_data,cbc_out,16L,ks,ks2,ks3,&iv3,DES_ENCRYPT);
des_ede3_cbc_encrypt(&(cbc_data[16]),&(cbc_out[16]),i-16,ks,ks2,ks3,
&iv3,DES_ENCRYPT);
if (memcmp(cbc_out,cbc3_ok,
(unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
{
printf("des_ede3_cbc_encrypt encrypt error\n");
err=1;
}
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ede3_cbc_encrypt(cbc_out,cbc_in,i,ks,ks2,ks3,&iv3,DES_DECRYPT);
if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
{
printf("des_ede3_cbc_encrypt decrypt error\n");
err=1;
}
#ifndef LIBDES_LIT
printf("Doing pcbc\n");
if ((j=des_set_key_checked(&cbc_key,ks)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
memset(cbc_out,0,40);
memset(cbc_in,0,40);
des_pcbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
&cbc_iv,DES_ENCRYPT);
if (memcmp(cbc_out,pcbc_ok,32) != 0)
{
printf("pcbc_encrypt encrypt error\n");
err=1;
}
des_pcbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,&cbc_iv,
DES_DECRYPT);
if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
{
printf("pcbc_encrypt decrypt error\n");
err=1;
}
printf("Doing ");
printf("cfb8 ");
err+=cfb_test(8,cfb_cipher8);
printf("cfb16 ");
err+=cfb_test(16,cfb_cipher16);
printf("cfb32 ");
err+=cfb_test(32,cfb_cipher32);
printf("cfb48 ");
err+=cfb_test(48,cfb_cipher48);
printf("cfb64 ");
err+=cfb_test(64,cfb_cipher64);
printf("cfb64() ");
err+=cfb64_test(cfb_cipher64);
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
for (i=0; i<sizeof(plain); i++)
des_cfb_encrypt(&(plain[i]),&(cfb_buf1[i]),
8,1,ks,&cfb_tmp,DES_ENCRYPT);
if (memcmp(cfb_cipher8,cfb_buf1,sizeof(plain)) != 0)
{
printf("cfb_encrypt small encrypt error\n");
err=1;
}
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
for (i=0; i<sizeof(plain); i++)
des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]),
8,1,ks,&cfb_tmp,DES_DECRYPT);
if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
{
printf("cfb_encrypt small decrypt error\n");
err=1;
}
printf("ede_cfb64() ");
err+=ede_cfb64_test(cfb_cipher64);
printf("done\n");
printf("Doing ofb\n");
des_set_key_checked(&ofb_key,ks);
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
des_ofb_encrypt(plain,ofb_buf1,64,sizeof(plain)/8,ks,&ofb_tmp);
if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
{
printf("ofb_encrypt encrypt error\n");
printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
ofb_buf1[8+0], ofb_buf1[8+1], ofb_buf1[8+2], ofb_buf1[8+3],
ofb_buf1[8+4], ofb_buf1[8+5], ofb_buf1[8+6], ofb_buf1[8+7]);
printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
ofb_buf1[8+0], ofb_cipher[8+1], ofb_cipher[8+2], ofb_cipher[8+3],
ofb_buf1[8+4], ofb_cipher[8+5], ofb_cipher[8+6], ofb_cipher[8+7]);
err=1;
}
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
des_ofb_encrypt(ofb_buf1,ofb_buf2,64,sizeof(ofb_buf1)/8,ks,&ofb_tmp);
if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
{
printf("ofb_encrypt decrypt error\n");
printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
ofb_buf2[8+0], ofb_buf2[8+1], ofb_buf2[8+2], ofb_buf2[8+3],
ofb_buf2[8+4], ofb_buf2[8+5], ofb_buf2[8+6], ofb_buf2[8+7]);
printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
plain[8+0], plain[8+1], plain[8+2], plain[8+3],
plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
err=1;
}
printf("Doing ofb64\n");
des_set_key_checked(&ofb_key,ks);
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
memset(ofb_buf1,0,sizeof(ofb_buf1));
memset(ofb_buf2,0,sizeof(ofb_buf1));
num=0;
for (i=0; i<sizeof(plain); i++)
{
des_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,&ofb_tmp,
&num);
}
if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
{
printf("ofb64_encrypt encrypt error\n");
err=1;
}
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
num=0;
des_ofb64_encrypt(ofb_buf1,ofb_buf2,sizeof(ofb_buf1),ks,&ofb_tmp,&num);
if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
{
printf("ofb64_encrypt decrypt error\n");
err=1;
}
printf("Doing ede_ofb64\n");
des_set_key_checked(&ofb_key,ks);
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
memset(ofb_buf1,0,sizeof(ofb_buf1));
memset(ofb_buf2,0,sizeof(ofb_buf1));
num=0;
for (i=0; i<sizeof(plain); i++)
{
des_ede3_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,ks,ks,
&ofb_tmp,&num);
}
if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
{
printf("ede_ofb64_encrypt encrypt error\n");
err=1;
}
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
num=0;
des_ede3_ofb64_encrypt(ofb_buf1,ofb_buf2,sizeof(ofb_buf1),ks,
ks,ks,&ofb_tmp,&num);
if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
{
printf("ede_ofb64_encrypt decrypt error\n");
err=1;
}
printf("Doing cbc_cksum\n");
des_set_key_checked(&cbc_key,ks);
cs=des_cbc_cksum(cbc_data,&cret,strlen((char *)cbc_data),ks,&cbc_iv);
if (cs != cbc_cksum_ret)
{
printf("bad return value (%08lX), should be %08lX\n",
(unsigned long)cs,(unsigned long)cbc_cksum_ret);
err=1;
}
if (memcmp(cret,cbc_cksum_data,8) != 0)
{
printf("bad cbc_cksum block returned\n");
err=1;
}
printf("Doing quad_cksum\n");
cs=quad_cksum(cbc_data,(des_cblock *)lqret,
(long)strlen((char *)cbc_data),2,(des_cblock *)cbc_iv);
if (cs != 0x70d7a63aL)
{
printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
(unsigned long)cs);
err=1;
}
#ifdef _CRAY
if (lqret[0].a != 0x327eba8dL)
{
printf("quad_cksum error, out[0] %08lx is not %08lx\n",
(unsigned long)lqret[0].a,0x327eba8dUL);
err=1;
}
if (lqret[0].b != 0x201a49ccL)
{
printf("quad_cksum error, out[1] %08lx is not %08lx\n",
(unsigned long)lqret[0].b,0x201a49ccUL);
err=1;
}
if (lqret[1].a != 0x70d7a63aL)
{
printf("quad_cksum error, out[2] %08lx is not %08lx\n",
(unsigned long)lqret[1].a,0x70d7a63aUL);
err=1;
}
if (lqret[1].b != 0x501c2c26L)
{
printf("quad_cksum error, out[3] %08lx is not %08lx\n",
(unsigned long)lqret[1].b,0x501c2c26UL);
err=1;
}
#else
if (lqret[0] != 0x327eba8dL)
{
printf("quad_cksum error, out[0] %08lx is not %08lx\n",
(unsigned long)lqret[0],0x327eba8dUL);
err=1;
}
if (lqret[1] != 0x201a49ccL)
{
printf("quad_cksum error, out[1] %08lx is not %08lx\n",
(unsigned long)lqret[1],0x201a49ccUL);
err=1;
}
if (lqret[2] != 0x70d7a63aL)
{
printf("quad_cksum error, out[2] %08lx is not %08lx\n",
(unsigned long)lqret[2],0x70d7a63aUL);
err=1;
}
if (lqret[3] != 0x501c2c26L)
{
printf("quad_cksum error, out[3] %08lx is not %08lx\n",
(unsigned long)lqret[3],0x501c2c26UL);
err=1;
}
#endif
#endif
printf("input word alignment test");
for (i=0; i<4; i++)
{
printf(" %d",i);
des_ncbc_encrypt(&(cbc_out[i]),cbc_in,
strlen((char *)cbc_data)+1,ks,
&cbc_iv,DES_ENCRYPT);
}
printf("\noutput word alignment test");
for (i=0; i<4; i++)
{
printf(" %d",i);
des_ncbc_encrypt(cbc_out,&(cbc_in[i]),
strlen((char *)cbc_data)+1,ks,
&cbc_iv,DES_ENCRYPT);
}
printf("\n");
printf("fast crypt test ");
str=crypt("testing","ef");
if (strcmp("efGnQx2725bI2",str) != 0)
{
printf("fast crypt error, %s should be efGnQx2725bI2\n",str);
err=1;
}
str=crypt("bca76;23","yA");
if (strcmp("yA1Rp/1hZXIJk",str) != 0)
{
printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str);
err=1;
}
printf("\n");
return(err);
}
void
des1_decrypt(caddr_t key, u_int8_t *blk)
{
des_ecb_encrypt(blk, blk, key, 0);
}
int main(void)
{
char *header = "Allaire Cold Fusion Template\012Header Size: ";
char buffer[54];
int headsize, outlen;
int skip_header;
int len, i;
char *keystr = "Error: cannot open template file--\"%s\". Please, try again!\012\012";
des_cblock key;
des_cblock input;
des_cblock output;
des_key_schedule schedule;
if ((fread(buffer, 1, 54, stdin) < 54) || (memcmp(buffer, header, 42)))
{
fprintf(stderr, "File is not an encrypted template\n");
return 1;
}
if (!memcmp(&buffer[42], "New Version", 11))
{
headsize = 69;
skip_header = 1;
}
else
{
headsize = atoi(&buffer[42]);
skip_header = 0;
}
if ((headsize < 54) || (fseek(stdin, headsize, SEEK_SET) < 0))
{
fprintf(stderr, "Error in file format\n");
return 1;
}
des_string_to_key(keystr, &key);
des_set_key(&key, schedule);
outlen = 0;
while ((len = fread(input, 1, 8, stdin)) == 8)
{
des_ecb_encrypt(&input, &output, schedule, 0);
outlen += 8;
i = 0;
if (skip_header)
{
while (i < 8)
{
if (output[i++] == 0x1A)
{
skip_header = 0;
break;
}
}
}
fwrite(output + i, 1, 8 - i, stdout);
}
for (i = 0; i < len; i++)
{
output[i] = input[i] ^ (outlen + i);
}
fwrite(output, 1, len, stdout);
return 0;
}
/*
* Function: K4 parse authentication reply command
*
* Parameters:
* ks - kstream to send abort message to.
*
* parsedat - the sub-command data.
*
* end_sub - index of the character in the 'parsedat' array which
* is the last byte in a sub-negotiation
*
* Returns: Kerberos error code.
*/
static int
k4_auth_reply(kstream ks, unsigned char *parsedat, int end_sub)
{
time_t t;
int x;
char buf[512];
int i;
des_cblock session_key;
des_key_schedule sched;
static des_cblock challenge;
if (end_sub < 4)
return KFAILURE;
if (parsedat[2] != KERBEROS_V4)
return KFAILURE;
if (parsedat[4] == KRB_REJECT) {
buf[0] = 0;
for (i = 5; i <= end_sub; i++) {
if (parsedat[i] == IAC)
break;
buf[i-5] = parsedat[i];
buf[i-4] = 0;
}
if (!buf[0])
strcpy(buf, "Authentication rejected by remote machine!");
MessageBox(HWND_DESKTOP, buf, NULL, MB_OK | MB_ICONEXCLAMATION);
return KFAILURE;
}
if (parsedat[4] == KRB_ACCEPT) {
if ((parsedat[3] & AUTH_HOW_MASK) == AUTH_HOW_ONE_WAY)
return KSUCCESS;
if ((parsedat[3] & AUTH_HOW_MASK) != AUTH_HOW_MUTUAL)
return KFAILURE;
des_key_sched(cred.session, sched);
t = time(NULL);
memcpy(challenge, &t, 4);
memcpy(&challenge[4], &t, 4);
des_ecb_encrypt(&challenge, &session_key, sched, 1);
/*
* Increment the challenge by 1, and encrypt it for
* later comparison.
*/
for (i = 7; i >= 0; --i) {
x = (unsigned int)challenge[i] + 1;
challenge[i] = x; /* ignore overflow */
if (x < 256) /* if no overflow, all done */
break;
}
des_ecb_encrypt(&challenge, &challenge, sched, 1);
wsprintf(buf, "%c%c%c%c%c%c%c", IAC, SB, TELOPT_AUTHENTICATION, TELQUAL_IS,
KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, KRB_CHALLENGE);
memcpy(&buf[7], session_key, 8);
wsprintf(&buf[15], "%c%c", IAC, SE);
TelnetSend(ks, (LPSTR)buf, 17, 0);
return KSUCCESS;
}
if (parsedat[4] == KRB_RESPONSE) {
if (end_sub < 12)
return KFAILURE;
if (memcmp(&parsedat[5], challenge, sizeof(challenge)) != 0) {
MessageBox(HWND_DESKTOP, "Remote machine is being impersonated!",
NULL, MB_OK | MB_ICONEXCLAMATION);
return KFAILURE;
}
return KSUCCESS;
}
return KFAILURE;
}
Gc_rc
gc_cipher_encrypt_inline (gc_cipher_handle handle, size_t len, char *data)
{
_gc_cipher_ctx *ctx = handle;
switch (ctx->alg)
{
#ifdef GC_USE_ARCTWO
case GC_ARCTWO40:
switch (ctx->mode)
{
case GC_ECB:
arctwo_encrypt (&ctx->arctwoContext, data, data, len);
break;
case GC_CBC:
for (; len >= ARCTWO_BLOCK_SIZE; len -= ARCTWO_BLOCK_SIZE,
data += ARCTWO_BLOCK_SIZE)
{
size_t i;
for (i = 0; i < ARCTWO_BLOCK_SIZE; i++)
data[i] ^= ctx->arctwoIV[i];
arctwo_encrypt (&ctx->arctwoContext, data, data,
ARCTWO_BLOCK_SIZE);
memcpy (ctx->arctwoIV, data, ARCTWO_BLOCK_SIZE);
}
break;
default:
return GC_INVALID_CIPHER;
}
break;
#endif
#ifdef GC_USE_ARCFOUR
case GC_ARCFOUR128:
case GC_ARCFOUR40:
arcfour_stream (&ctx->arcfourContext, data, data, len);
break;
#endif
#ifdef GC_USE_DES
case GC_DES:
for (; len >= 8; len -= 8, data += 8)
des_ecb_encrypt (&ctx->desContext, data, data);
break;
#endif
#ifdef GC_USE_RIJNDAEL
case GC_AES128:
case GC_AES192:
case GC_AES256:
{
int nblocks;
nblocks = rijndaelBlockEncrypt (&ctx->aesContext, &ctx->aesEncKey,
data, 8 * len, data);
if (nblocks < 0)
return GC_INVALID_CIPHER;
}
break;
#endif
default:
return GC_INVALID_CIPHER;
}
return GC_OK;
}
int
test_main(void)
{
int i,j,err=0;
des_cblock in, out, outin, iv3;
des_key_schedule ks,ks2,ks3;
des_cblock cbc_in[5];
des_cblock cbc_out[5];
DES_LONG cs;
unsigned char qret[4][4],cret[8];
DES_LONG lqret[4];
int num;
char *str;
printf("Doing ecb\n");
for (i=0; i<NUM_TESTS; i++)
{
if ((j=des_key_sched(&key_data[i], ks)) != 0)
{
printf("Key error %2d:%d\n",i+1,j);
err=1;
}
memcpy(in,plain_data[i],8);
memset(out,0,8);
memset(outin,0,8);
des_ecb_encrypt(&in, &out, ks, DES_ENCRYPT);
des_ecb_encrypt(&out, &outin, ks, DES_DECRYPT);
if (memcmp(out,cipher_data[i],8) != 0)
{
printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]),
pt(out));
err=1;
}
if (memcmp(in,outin,8) != 0)
{
printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
err=1;
}
}
#ifndef LIBDES_LIT
printf("Doing ede ecb\n");
for (i=0; i<(NUM_TESTS-1); i++)
{
if ((j=des_key_sched(&key_data[i], ks)) != 0)
{
err=1;
printf("Key error %2d:%d\n",i+1,j);
}
if ((j=des_key_sched(&key_data[i+1],ks2)) != 0)
{
printf("Key error %2d:%d\n",i+2,j);
err=1;
}
if ((j=des_key_sched(&key_data[i+2],ks3)) != 0)
{
printf("Key error %2d:%d\n",i+3,j);
err=1;
}
memcpy(in,plain_data[i],8);
memset(out,0,8);
memset(outin,0,8);
des_ecb2_encrypt(&in, &out, ks, ks2,
DES_ENCRYPT);
des_ecb2_encrypt(&out, &outin, ks, ks2,
DES_DECRYPT);
if (memcmp(out,cipher_ecb2[i],8) != 0)
{
printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(in),pt(cipher_ecb2[i]),
pt(out));
err=1;
}
if (memcmp(in,outin,8) != 0)
{
printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
err=1;
}
}
#endif
printf("Doing cbc\n");
if ((j=des_key_sched(&cbc_key, ks)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
memset(cbc_out,0,sizeof(cbc_data));
memset(cbc_in,0,sizeof(cbc_data));
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ncbc_encrypt(cbc_data, cbc_out,
sizeof(cbc_data), ks,
&iv3, DES_ENCRYPT);
if (memcmp(cbc_out,cbc_ok,32) != 0)
printf("cbc_encrypt encrypt error\n");
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ncbc_encrypt(cbc_out, cbc_in,
sizeof(cbc_data),ks,
&iv3,DES_DECRYPT);
if (memcmp(cbc_in,cbc_data,sizeof(cbc_data)) != 0)
{
printf("cbc_encrypt decrypt error\n");
err=1;
}
#ifndef LIBDES_LIT
#if 0
printf("Doing desx cbc\n");
if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
memset(cbc_out,0,sizeof(cbc_data));
memset(cbc_in,0,sizeof(cbc_data));
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_xcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
sizeof(cbc_data), ks,
(C_Block *)iv3,
(C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_ENCRYPT);
if (memcmp(cbc_out,xcbc_ok,32) != 0)
{
printf("des_xcbc_encrypt encrypt error\n");
}
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_xcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
sizeof(cbc_data), ks,
(C_Block *)iv3,
(C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_DECRYPT);
if (memcmp(cbc_in,cbc_data,sizeof(cbc_data)) != 0)
{
printf("des_xcbc_encrypt decrypt error\n");
err=1;
}
#endif
#endif /* LIBDES_LIT */
printf("Doing ede cbc\n");
if ((j=des_key_sched(&cbc_key,ks)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
if ((j=des_key_sched(&cbc2_key,ks2)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
if ((j=des_key_sched(&cbc3_key,ks3)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
memset(cbc_out,0,sizeof(cbc_data));
memset(cbc_in,0,sizeof(cbc_data));
i=sizeof(cbc_data);
/* i=((i+7)/8)*8; */
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ede3_cbc_encrypt( cbc_data, cbc_out,
16L, ks, ks2, ks3, &iv3, DES_ENCRYPT);
des_ede3_cbc_encrypt( &cbc_data[2],
&cbc_out[2],
(long)i-16, ks, ks2, ks3, &iv3, DES_ENCRYPT);
if (memcmp(cbc_out,cbc3_ok, sizeof(cbc_data)) != 0)
{
printf("des_ede3_cbc_encrypt encrypt error\n");
err=1;
}
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ede3_cbc_encrypt(cbc_out, cbc_in,
(long)i, ks, ks2, ks3, &iv3, DES_DECRYPT);
if (memcmp(cbc_in,cbc_data,sizeof(cbc_data)) != 0)
{
printf("des_ede3_cbc_encrypt decrypt error\n");
err=1;
}
#ifndef LIBDES_LIT
#if 0
printf("Doing pcbc\n");
if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
{
printf("Key error %d\n",j);
err=1;
}
memset(cbc_out,0,sizeof(cbc_data));
memset(cbc_in,0,sizeof(cbc_data));
des_pcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
sizeof(cbc_data),ks,(C_Block *)cbc_iv,DES_ENCRYPT);
if (memcmp(cbc_out,pcbc_ok,32) != 0)
{
printf("pcbc_encrypt encrypt error\n");
err=1;
}
des_pcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
sizeof(cbc_data),ks,(C_Block *)cbc_iv,DES_DECRYPT);
if (memcmp(cbc_in,cbc_data,sizeof(cbc_data)) != 0)
{
printf("pcbc_encrypt decrypt error\n");
err=1;
}
printf("Doing ");
printf("cfb8 ");
err+=cfb_test(8,cfb_cipher8);
printf("cfb16 ");
err+=cfb_test(16,cfb_cipher16);
printf("cfb32 ");
err+=cfb_test(32,cfb_cipher32);
printf("cfb48 ");
err+=cfb_test(48,cfb_cipher48);
printf("cfb64 ");
err+=cfb_test(64,cfb_cipher64);
printf("cfb64() ");
err+=cfb64_test(cfb_cipher64);
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
for (i=0; i<sizeof(plain); i++)
des_cfb_encrypt(&(plain[i]),&(cfb_buf1[i]),
8,(long)1,ks,(C_Block *)cfb_tmp,DES_ENCRYPT);
if (memcmp(cfb_cipher8,cfb_buf1,sizeof(plain)) != 0)
{
printf("cfb_encrypt small encrypt error\n");
err=1;
}
memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
for (i=0; i<sizeof(plain); i++)
des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]),
8,(long)1,ks,(C_Block *)cfb_tmp,DES_DECRYPT);
if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
{
printf("cfb_encrypt small decrypt error\n");
err=1;
}
printf("ede_cfb64() ");
err+=ede_cfb64_test(cfb_cipher64);
printf("done\n");
printf("Doing ofb\n");
des_key_sched((C_Block *)ofb_key,ks);
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
des_ofb_encrypt(plain,ofb_buf1,64,(long)sizeof(plain)/8,ks,
(C_Block *)ofb_tmp);
if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
{
printf("ofb_encrypt encrypt error\n");
porintf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
ofb_buf1[8+0], ofb_buf1[8+1], ofb_buf1[8+2], ofb_buf1[8+3],
ofb_buf1[8+4], ofb_buf1[8+5], ofb_buf1[8+6], ofb_buf1[8+7]);
printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
ofb_buf1[8+0], ofb_cipher[8+1], ofb_cipher[8+2], ofb_cipher[8+3],
ofb_buf1[8+4], ofb_cipher[8+5], ofb_cipher[8+6], ofb_cipher[8+7]);
err=1;
}
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
des_ofb_encrypt(ofb_buf1,ofb_buf2,64,(long)sizeof(ofb_buf1)/8,ks,
(C_Block *)ofb_tmp);
if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
{
printf("ofb_encrypt decrypt error\n");
printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
ofb_buf2[8+0], ofb_buf2[8+1], ofb_buf2[8+2], ofb_buf2[8+3],
ofb_buf2[8+4], ofb_buf2[8+5], ofb_buf2[8+6], ofb_buf2[8+7]);
printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
plain[8+0], plain[8+1], plain[8+2], plain[8+3],
plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
err=1;
}
printf("Doing ofb64\n");
des_key_sched((C_Block *)ofb_key,ks);
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
memset(ofb_buf1,0,sizeof(ofb_buf1));
memset(ofb_buf2,0,sizeof(ofb_buf1));
num=0;
for (i=0; i<sizeof(plain); i++)
{
des_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,
(C_Block *)ofb_tmp,&num);
}
if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
{
printf("ofb64_encrypt encrypt error\n");
err=1;
}
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
num=0;
des_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks,
(C_Block *)ofb_tmp,&num);
if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
{
printf("ofb64_encrypt decrypt error\n");
err=1;
}
printf("Doing ede_ofb64\n");
des_key_sched((C_Block *)ofb_key,ks);
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
memset(ofb_buf1,0,sizeof(ofb_buf1));
memset(ofb_buf2,0,sizeof(ofb_buf1));
num=0;
for (i=0; i<sizeof(plain); i++)
{
des_ede3_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,ks,ks,
(C_Block *)ofb_tmp,&num);
}
if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
{
printf("ede_ofb64_encrypt encrypt error\n");
err=1;
}
memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
num=0;
des_ede3_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks,
ks,ks,(C_Block *)ofb_tmp,&num);
if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
{
printf("ede_ofb64_encrypt decrypt error\n");
err=1;
}
#endif
printf("Doing cbc_cksum\n");
des_key_sched(&cbc_key,ks);
cs=des_cbc_cksum(cbc_data[0], &cret,
sizeof(cbc_data), ks, &cbc_iv);
if (cs != cbc_cksum_ret)
{
printf("bad return value (%08lX), should be %08lX\n",
(unsigned long)cs,(unsigned long)cbc_cksum_ret);
err=1;
}
if (memcmp(cret,cbc_cksum_data,8) != 0)
{
printf("bad cbc_cksum block returned\n");
err=1;
}
#if 0
printf("Doing quad_cksum\n");
cs=quad_cksum((C_Block *)cbc_data,(C_Block *)qret,
sizeof(cbc_data),2,(C_Block *)cbc_iv);
for (i=0; i<4; i++)
{
lqret[i]=0;
memcpy(&(lqret[i]),&(qret[i][0]),4);
}
{ /* Big-endian fix */
static DES_LONG l=1;
static unsigned char *c=(unsigned char *)&l;
DES_LONG ll;
if (!c[0])
{
ll=lqret[0]^lqret[3];
lqret[0]^=ll;
lqret[3]^=ll;
ll=lqret[1]^lqret[2];
lqret[1]^=ll;
lqret[2]^=ll;
}
}
if (cs != 0x70d7a63aL)
{
printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
(unsigned long)cs);
err=1;
}
if (lqret[0] != 0x327eba8dL)
{
printf("quad_cksum error, out[0] %08lx is not %08lx\n",
(unsigned long)lqret[0],0x327eba8dL);
err=1;
}
if (lqret[1] != 0x201a49ccL)
{
printf("quad_cksum error, out[1] %08lx is not %08lx\n",
(unsigned long)lqret[1],0x201a49ccL);
err=1;
}
if (lqret[2] != 0x70d7a63aL)
{
printf("quad_cksum error, out[2] %08lx is not %08lx\n",
(unsigned long)lqret[2],0x70d7a63aL);
err=1;
}
if (lqret[3] != 0x501c2c26L)
{
printf("quad_cksum error, out[3] %08lx is not %08lx\n",
(unsigned long)lqret[3],0x501c2c26L);
err=1;
}
#endif
#endif /* LIBDES_LIT */
#if 0
printf("input word alignment test");
for (i=0; i<4; i++)
{
printf(" %d",i);
des_ncbc_encrypt( (des_cblock *) &(cbc_out[i]), (des_cblock *) cbc_in,
sizeof(cbc_data), ks, &cbc_iv,
DES_ENCRYPT);
}
printf("\noutput word alignment test");
for (i=0; i<4; i++)
{
printf(" %d",i);
des_ncbc_encrypt( (des_cblock *) cbc_out, (des_cblock *) &(cbc_in[i]),
sizeof(cbc_data), ks, &cbc_iv,
DES_ENCRYPT);
}
printf("\n");
printf("fast crypt test ");
str=crypt("testing","ef");
if (strcmp("efGnQx2725bI2",str) != 0)
{
printf("fast crypt error, %s should be efGnQx2725bI2\n",str);
err=1;
}
str=crypt("bca76;23","yA");
if (strcmp("yA1Rp/1hZXIJk",str) != 0)
{
printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str);
err=1;
}
printf("\n");
#endif
exit(err);
return(0);
}
int32 destest(void) {
int i,j,err=0;
des_cblock in,out,outin,iv3,iv2;
des_key_schedule ks,ks2,ks3;
char cbc_in[40], simCbc_in[40], simEmbIVCbc_in[64];
char cbc_out[40], simCbc_out[40], simEmbIVCbc_out[64];
int8 desSimCipherData[8], desSimPlainData[8], key[24];
rtlglue_printf("Doing ecb\n");
for (i=0; i<NUM_TESTS; i++) {
int8 desSimCipherData[8], desSimPlainData[8];
des_set_key(key_data[i], ks);
memcpy(in, plain_data[i],8);
memset(out,0,8);
memset(outin,0,8);
des_ecb_encrypt(&in,&out,ks,DES_ENCRYPT);
des_ecb_encrypt(&out,&outin,ks,DES_DECRYPT);
if(desSim_ecb_encrypt(plain_data[i], &desSimCipherData[0], 8, key_data[i], TRUE) != SUCCESS)
rtlglue_printf("desSimulator ecb encrypt failed\n");
if(desSim_ecb_encrypt(cipher_data[i], &desSimPlainData[0], 8, key_data[i], FALSE) != SUCCESS)
rtlglue_printf("desSimulator ecb decrypt failed\n");
if (memcmp(out,cipher_data[i],8) != 0) {
rtlglue_printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt((char *)in),pt(cipher_data[i]),
pt((char *)out));
err=1;
}
if (memcmp(in,outin,8) != 0) {
rtlglue_printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt((char *)out),pt((char *)in),pt((char *)outin));
err=1;
}
if(memcmp(&desSimCipherData[0], &cipher_data[i], 8) != 0) {
rtlglue_printf("desSim ecb Encryption error %2d\nk=%s plain=%s Expect cipher=%s crypt result=%s\n",
i+1,pt(key_data[i]),pt(plain_data[8]),pt(cipher_data[i]), pt(&desSimCipherData[0]));
err=1;
}
if(memcmp(&desSimPlainData[0], plain_data[i], 8) != 0) {
rtlglue_printf("desSim ecb Decryption error %2d\nk=%s Crypted data=%s Expect plain=%s decrypt result=%s\n",
i+1,pt(key_data[i]),pt(cipher_data[i]),pt(plain_data[i]), pt(&desSimPlainData[0]));
err=1;
}
}
rtlglue_printf("Doing ede ecb\n");
for (i=0; i<(NUM_TESTS-1); i++) {
des_set_key((int8*)&key_data[i], ks);
des_set_key((int8*)&key_data[i+1], ks2);
// des_set_key(&key_data[i+2], ks3); //This code is useless...legacy?
memcpy(in,plain_data[i],8);
memset(out,0,8);
memset(outin,0,8);
des_ecb2_encrypt(&in,&out,ks,ks2,DES_ENCRYPT);
des_ecb2_encrypt(&out,&outin,ks,ks2,DES_DECRYPT);
memcpy(&key[0], &key_data[i], 8);
memcpy(&key[8], &key_data[i+1], 8);
memcpy(&key[16], &key_data[i], 8);
if(desSim_ede_ecb_encrypt(plain_data[i], &desSimCipherData[0], 8, &key[0], TRUE) != SUCCESS)
rtlglue_printf("desSimulator ede ecb encrypt failed\n");
if(desSim_ede_ecb_encrypt(cipher_ecb2[i], &desSimPlainData[0], 8, &key[0], FALSE) != SUCCESS)
rtlglue_printf("desSimulator ede ecb decrypt failed\n");
if (memcmp(out,cipher_ecb2[i],8) != 0)
{
rtlglue_printf("Encryption error %2d\nk=%s %s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(key_data[i+1]),pt(in),pt(cipher_ecb2[i]),
pt(out));
err=1;
}
if (memcmp(in,outin,8) != 0)
{
rtlglue_printf("Decryption error %2d\nk=%s %s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(key_data[i+1]),pt(out),pt(in),pt(outin));
err=1;
}
if(memcmp(&desSimCipherData[0], &cipher_ecb2[i], 8) != 0) {
rtlglue_printf("desSim cbc ecb encryption error %2d\nk=%s plain=%s Expect cipher=%s crypt result=%s\n",
i+1,pt(key_data[i]),pt(plain_data[8]),pt(cipher_ecb2[i]), pt(&desSimCipherData[0]));
err=1;
}
if(memcmp(&desSimPlainData[0], plain_data[i], 8) != 0) {
rtlglue_printf("desSim cbc ecb decryption error %2d\nk=%s Crypted data=%s Expect plain=%s decrypt result=%s\n",
i+1,pt(key_data[i]),pt(cipher_ecb2[i]),pt(plain_data[i]), pt(&desSimPlainData[0]));
err=1;
}
}
rtlglue_printf("Doing cbc\n");
if ((j=des_set_key(&cbc_key, ks)) != 0)
rtlglue_printf("Key error %d\n",j);
memset(cbc_out,0,40);
memset(cbc_in,0,40);
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ncbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks, &iv3, TRUE);
if (memcmp(cbc_out,cbc_ok,32) != 0)
rtlglue_printf("cbc_encrypt encrypt error\n");
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ncbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks, &iv3, FALSE);
if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)) != 0)
rtlglue_printf("cbc_encrypt decrypt error\n");
if(desSim_cbc_encrypt(cbc_data, simCbc_out, strlen((char *)cbc_data)+1, &cbc_key[0], &cbc_iv[0], TRUE) != SUCCESS)
rtlglue_printf("desSim cbc encryption error\n");
if (memcmp(simCbc_out,cbc_ok,32) != 0)
rtlglue_printf("desSim cbc encrypt result error\n");
memcpy(&simEmbIVCbc_in[0], &cbc_iv[0], 8);
memcpy(&simEmbIVCbc_in[8], &cbc_data[0], 40);
if(desSim_cbc_encryptEmbIV(&simEmbIVCbc_in[0], &simEmbIVCbc_out[0], strlen((char *)cbc_data)+9, &cbc_key[0], TRUE) != SUCCESS)
rtlglue_printf("desSim cbc embed IV encrypt failed\n");
if (memcmp(&simEmbIVCbc_out[8], cbc_ok,32) != 0)
rtlglue_printf("desSim cbc embed IV encrypt result error\n");
//CBC Decrypt
if(desSim_cbc_encrypt(simCbc_out, simCbc_in, strlen((char *)cbc_data)+1, &cbc_key[0], &cbc_iv[0], FALSE) != SUCCESS)
rtlglue_printf("desSim cbc decryption error\n");
if (memcmp(simCbc_in,cbc_data,strlen((char *)cbc_data)) != 0)
rtlglue_printf("desSim cbc decrypt error\n");
memcpy(&simEmbIVCbc_out[0], &cbc_iv[0], 8);
if(desSim_cbc_encryptEmbIV(&simEmbIVCbc_out[0], &simEmbIVCbc_in[0], strlen((char *)cbc_data)+9, &cbc_key[0], FALSE) != SUCCESS)
rtlglue_printf("desSim cbc embed IV decrypt failed\n");
if (memcmp(&simEmbIVCbc_in[8], cbc_data,strlen((char *)cbc_data)) != 0)
rtlglue_printf("desSim cbc embed IV decrypt error\n");
rtlglue_printf("Doing ede cbc\n");
if ((j=des_set_key(&cbc_key, ks)) != 0)
rtlglue_printf("Key1 error %d\n",j);
if ((j=des_set_key(&cbc2_key, ks2)) != 0)
rtlglue_printf("Key2 error %d\n",j);
if ((j=des_set_key(&cbc3_key, ks3)) != 0)
rtlglue_printf("Key3 error %d\n",j);
memset(cbc_out,0,40);
memset(cbc_in,0,40);
i=strlen((char *)cbc_data)+1;
/* i=((i+7)/8)*8; */
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ede3_cbc_encrypt(cbc_data,cbc_out,i,ks,ks2,ks3,&iv3, DES_ENCRYPT);
// des_ede3_cbc_encrypt(cbc_data,cbc_out,16L,ks,ks2,ks3,&iv3, DES_ENCRYPT);
// des_ede3_cbc_encrypt(&(cbc_data[16]),&(cbc_out[16]),i-16,ks,ks2,ks3, &iv3,DES_ENCRYPT);
if (memcmp(cbc_out,cbc3_ok,
(unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
{
int n;
rtlglue_printf("des_ede3_cbc_encrypt encrypt error\n");
for(n=0 ; n < i ; ++n)
rtlglue_printf(" %02x",cbc_out[n]);
rtlglue_printf("\n");
for(n=0 ; n < i ; ++n)
rtlglue_printf(" %02x",cbc3_ok[n]);
rtlglue_printf("\n");
err=1;
}
memcpy(&key[0], &cbc_key[0], 8);
memcpy(&key[8], &cbc2_key[0], 8);
memcpy(&key[16], &cbc3_key[0], 8);
if(desSim_ede_cbc_encrypt(&cbc_data[0], &simCbc_out[0], strlen((char *)cbc_data)+1, &key[0], &cbc_iv[0], TRUE) != SUCCESS)
rtlglue_printf("desSim ede cbc encrypt failed\n");
if(memcmp(simCbc_out, cbc3_ok, (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
rtlglue_printf("desSim ede cbc encrypt result error\n");
memcpy(&simEmbIVCbc_in[0], &cbc_iv[0], 8);
memcpy(&simEmbIVCbc_in[8], &cbc_data[0], 40);
if(desSim_ede_cbc_encryptEmbIV(&simEmbIVCbc_in[0], &simEmbIVCbc_out[0], strlen((char *)cbc_data)+1+8, &key[0], TRUE) != SUCCESS)
rtlglue_printf("desSim ede cbc embed IV encrypt failed\n");
if(memcmp(&simEmbIVCbc_out[8], cbc3_ok, (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
rtlglue_printf("desSim ede cbc embed IV encrypt result error\n");
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_ede3_cbc_encrypt(cbc_out,cbc_in,i,ks,ks2,ks3,&iv3,FALSE);
if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) {
int n;
rtlglue_printf("des_ede3_cbc_encrypt decrypt error\n");
for(n=0 ; n < i ; ++n)
rtlglue_printf(" %02x",cbc_data[n]);
rtlglue_printf("\n");
for(n=0 ; n < i ; ++n)
rtlglue_printf(" %02x",cbc_in[n]);
rtlglue_printf("\n");
err=1;
}
if(desSim_ede_cbc_encrypt(&simCbc_out[0], &simCbc_in[0], i, &key[0], &cbc_iv[0], FALSE) != SUCCESS)
rtlglue_printf("desSim ede cbc decrypt failed\n");
if(memcmp(simCbc_in, cbc_data, strlen((char *)cbc_data)+1) != 0) {
int n;
rtlglue_printf("desSim ede cbc decrypt result error\n");
for(n=0 ; n < i ; ++n)
rtlglue_printf(" %02x",cbc_data[n]);
rtlglue_printf("\n");
for(n=0 ; n < i ; ++n)
rtlglue_printf(" %02x",simCbc_in[n]);
rtlglue_printf("\n");
}
memcpy(&simEmbIVCbc_out[0], &cbc_iv[0], 8);
if(desSim_ede_cbc_encryptEmbIV(&simEmbIVCbc_out[0], &simEmbIVCbc_in[0], i+8, &key[0], FALSE) != SUCCESS)
rtlglue_printf("desSim ede cbc embed IV decrypt failed\n");
if(memcmp(&simEmbIVCbc_in[8], cbc_data, strlen((char *)cbc_data)+1) != 0) {
int n;
rtlglue_printf("desSim ede cbc embed IV decrypt result error\n");
for(n=0 ; n < i ; ++n)
rtlglue_printf(" %02x",cbc_data[n]);
rtlglue_printf("\n");
for(n=0 ; n < i ; ++n)
rtlglue_printf(" %02x",simEmbIVCbc_in[n+8]);
rtlglue_printf("\n");
}
//Crypto engine not implemented part
rtlglue_printf("No crypto engine verification part\n");
rtlglue_printf("Doing cbcm\n");
if ((j=des_set_key(&cbc_key, ks)) != 0)
{
rtlglue_printf("Key error %d\n",j);
err=1;
}
if ((j=des_set_key(&cbc2_key, ks2)) != 0)
{
rtlglue_printf("Key error %d\n",j);
err=1;
}
if ((j=des_set_key(&cbc3_key, ks3)) != 0)
{
rtlglue_printf("Key error %d\n",j);
err=1;
}
memset(cbc_out,0,40);
memset(cbc_in,0,40);
i=strlen((char *)cbc_data)+1;
/* i=((i+7)/8)*8; */
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
memset(iv2,'\0',sizeof iv2);
des_ede3_cbcm_encrypt(cbc_data,cbc_out,16L,&ks,&ks2,&ks3,&iv3,&iv2,
DES_ENCRYPT);
des_ede3_cbcm_encrypt(&cbc_data[16],&cbc_out[16],i-16,&ks,&ks2,&ks3,
&iv3,&iv2,DES_ENCRYPT);
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
memset(iv2,'\0',sizeof iv2);
des_ede3_cbcm_encrypt(cbc_out,cbc_in,i,&ks,&ks2,&ks3,&iv3,&iv2,DES_DECRYPT);
if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) {
int n;
rtlglue_printf("des_ede3_cbcm_encrypt decrypt error\n");
for(n=0 ; n < i ; ++n)
rtlglue_printf(" %02x",cbc_data[n]);
rtlglue_printf("\n");
for(n=0 ; n < i ; ++n)
rtlglue_printf(" %02x",cbc_in[n]);
rtlglue_printf("\n");
err=1;
}
rtlglue_printf("Doing desx cbc\n");
if ((j=des_set_key(&cbc_key, ks)) != 0) {
rtlglue_printf("Key error %d\n",j);
err=1;
}
memset(cbc_out,0,40);
memset(cbc_in,0,40);
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_xcbc_encrypt(cbc_data,cbc_out,strlen((char *)cbc_data)+1,ks,
&iv3,&cbc2_key,&cbc3_key, DES_ENCRYPT);
if (memcmp(cbc_out,xcbc_ok,32) != 0) {
rtlglue_printf("des_xcbc_encrypt encrypt error\n");
err=1;
}
memcpy(iv3,cbc_iv,sizeof(cbc_iv));
des_xcbc_encrypt(cbc_out,cbc_in,strlen((char *)cbc_data)+1,ks,
&iv3,&cbc2_key,&cbc3_key, DES_DECRYPT);
if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0) {
rtlglue_printf("des_xcbc_encrypt decrypt error\n");
err=1;
}
return(err);
}
/* {{{ CI_Ceay_Decrypt */
CK_DEFINE_FUNCTION(CK_RV, CI_Ceay_Decrypt)(
CK_I_SESSION_DATA_PTR session_data,
CK_BYTE_PTR pEncryptedData, /* ciphertext */
CK_ULONG ulEncryptedDataLen, /* ciphertext length */
CK_BYTE_PTR pData, /* gets plaintext */
CK_ULONG_PTR pulDataLen /* gets p-text size */
)
{
CK_RV rv;
switch(session_data->decrypt_mechanism)
{
/* {{{ CKM_RSA_PKCS */
case CKM_RSA_PKCS:
{
CK_BYTE_PTR tmp_buf = NULL_PTR;
CK_ULONG key_len;
long processed; /* number of bytes processed by the crypto routine */
rv = CKR_OK;
CI_LogEntry("C_Decrypt", "RSA PKCS", rv , 0);
key_len = CI_Ceay_RSA_size((RSA CK_PTR)session_data->decrypt_state);
/* check if this is only a call for the length of the output buffer */
if(pData == NULL_PTR)
{
*pulDataLen = key_len-CK_I_PKCS1_MIN_PADDING;
CI_VarLogEntry("C_Decrypt", "RSA PKCS Datalength calculated (%i)",
rv , 0, *pulDataLen);
CI_LogEntry("C_Decrypt", "...completed", rv , 0);
return CKR_OK;
}
/* check for length of input */
if(ulEncryptedDataLen != key_len)
{ rv = CKR_DATA_LEN_RANGE; goto rsa_pkcs1_err; }
tmp_buf = CI_ByteStream_new(key_len);
processed = RSA_private_decrypt(ulEncryptedDataLen,pEncryptedData,
tmp_buf,session_data->decrypt_state,
RSA_PKCS1_PADDING);
if(processed == -1)
{
rv = CKR_GENERAL_ERROR;
goto rsa_pkcs1_err;
}
if(*pulDataLen < (unsigned long)processed)
{
*pulDataLen = processed;
rv = CKR_BUFFER_TOO_SMALL;
goto rsa_pkcs1_err;
}
*pulDataLen = processed;
memcpy(pData, tmp_buf, processed);
rsa_pkcs1_err:
if(tmp_buf != NULL_PTR)
TC_free(tmp_buf);
if(session_data->decrypt_state != NULL_PTR)
{
RSA_free(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
}
/* }}} */
/* {{{ CKM_RSA_X_509 */
case CKM_RSA_X_509:
{
CK_BYTE_PTR tmp_buf = NULL_PTR;
CK_ULONG key_len;
long processed; /* number of bytes processed by the crypto routine */
CI_LogEntry("C_Decrypt", "RSA X509", rv , 0);
rv = CKR_OK;
key_len = RSA_size((RSA CK_PTR)session_data->decrypt_state);
/* terminate operation */
if(pulDataLen == NULL_PTR)
{
rv = CKR_OK; goto rsa_x509_err;
}
/* check if this is only a call for the length of the output buffer */
if(pData == NULL_PTR)
{
*pulDataLen = key_len;
rv = CKR_OK; break;
}
else /* check that buffer is of sufficent size */
{
if(*pulDataLen < key_len)
{
*pulDataLen = key_len;
rv = CKR_BUFFER_TOO_SMALL; break;
}
}
/* check for length of input */
if(ulEncryptedDataLen != key_len)
{ rv = CKR_DATA_LEN_RANGE; goto rsa_x509_err; }
tmp_buf = CI_ByteStream_new(key_len);
if(tmp_buf == NULL_PTR) { rv = CKR_HOST_MEMORY; goto rsa_x509_err; }
processed = RSA_private_decrypt(ulEncryptedDataLen,pEncryptedData,
tmp_buf,session_data->decrypt_state,
RSA_NO_PADDING);
if(processed == -1)
{ rv = CKR_GENERAL_ERROR; goto rsa_x509_err; }
*pulDataLen = processed;
memcpy(pData,tmp_buf,key_len);
rsa_x509_err:
if(tmp_buf != NULL_PTR) TC_free(tmp_buf);
if(session_data->decrypt_state != NULL_PTR)
{
RSA_free(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
}
/* }}} */
/* {{{ CKM_RC4 */
case CKM_RC4:
{
/* terminate operation */
if(pulDataLen == NULL_PTR)
{
rv = CKR_OK; goto rc4_err;
}
/* is this just a test for the length of the recieving buffer? */
rv = CKR_OK;
CI_LogEntry("C_Decrypt", "RC4", rv , 0);
if(pData == NULL_PTR)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_OK; break;
}
/* is the supplied buffer long enough? */
if(*pulDataLen < ulEncryptedDataLen)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_BUFFER_TOO_SMALL; break;
}
/* OK all set. lets compute */
RC4(session_data->decrypt_state,ulEncryptedDataLen,pEncryptedData,pData);
*pulDataLen=ulEncryptedDataLen;
rv = CKR_OK;
rc4_err:
if(session_data->decrypt_state != NULL_PTR)
TC_free(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
/* }}} */
/* {{{ CKM_RC2_ECB */
case CKM_RC2_ECB:
{
CK_ULONG count;
/* terminate operation */
if(pulDataLen == NULL_PTR)
{
rv = CKR_OK; goto rc2_cbc_err;
}
/* RC2 always takes multiples of 8 bytes */
if(ulEncryptedDataLen%8 != 0)
{ rv = CKR_DATA_LEN_RANGE; goto rc2_ecb_err; }
/* is this just a test for the length of the recieving buffer? */
if(pData == NULL_PTR)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_OK; break;
}
/* is the supplied buffer long enough? */
if(*pulDataLen < ulEncryptedDataLen)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_BUFFER_TOO_SMALL; break;
}
/* OK all set. lets compute */
/* in blocks of 8 bytes. */
for(count=0; count<ulEncryptedDataLen ; count+=8)
{
RC2_ecb_encrypt(&(pEncryptedData[count]),&(pData[count]),
session_data->decrypt_state,
RC2_DECRYPT);
}
*pulDataLen=ulEncryptedDataLen;
rv = CKR_OK;
rc2_ecb_err:
if(session_data->decrypt_state != NULL_PTR)
TC_free(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
/* }}} */
/* {{{ CKM_RC2_CBC */
case CKM_RC2_CBC:
{
/* terminate operation */
if(pulDataLen == NULL_PTR)
{
rv = CKR_OK; goto rc2_cbc_err;
}
/* is the length of the supplied data a multiple of 8 to create des-blocks? */
if(ulEncryptedDataLen%8 != 0)
{ rv = CKR_DATA_LEN_RANGE; goto rc2_cbc_err; }
/* is this just a test for the length of the recieving buffer? */
if(pData == NULL_PTR)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_OK; break;
}
/* is the supplied buffer long enough? */
if(*pulDataLen < ulEncryptedDataLen)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_BUFFER_TOO_SMALL; break;
}
/* OK all set. lets compute */
RC2_cbc_encrypt((unsigned char*)pEncryptedData, (unsigned char*)pData,
ulEncryptedDataLen,
((CK_I_CEAY_RC2_INFO_PTR)session_data->decrypt_state)->key,
((CK_I_CEAY_RC2_INFO_PTR)session_data->decrypt_state)->ivec,
RC2_DECRYPT);
rv = CKR_OK;
rc2_cbc_err:
CI_RC2_INFO_delete(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
/* }}} */
/* {{{ CKM_DES_ECB */
case CKM_DES_ECB:
{
CK_ULONG count;
/* terminate operation */
if(pulDataLen == NULL_PTR)
{
rv = CKR_OK; goto des_ecb_err;
}
/* DES allways takes multiples of 8 bytes */
if(ulEncryptedDataLen%8 != 0)
{
rv = CKR_DATA_LEN_RANGE; goto des_ecb_err;
}
/* is this just a test for the length of the recieving buffer? */
if(pData == NULL_PTR)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_OK; break;
}
/* is the supplied buffer long enough? */
if(*pulDataLen < ulEncryptedDataLen)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_BUFFER_TOO_SMALL; break;
}
/* OK all set. lets compute */
/* in blocks of 8 bytes. */
for(count=0; count<ulEncryptedDataLen ; count+=8)
{
des_ecb_encrypt((des_cblock*)(&(pEncryptedData[count])),
(des_cblock*)(&(pData[count])),
session_data->decrypt_state,
DES_DECRYPT);
}
*pulDataLen=ulEncryptedDataLen;
rv = CKR_OK;
des_ecb_err:
if(session_data->decrypt_state != NULL_PTR)
TC_free(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
/* }}} */
/* {{{ CKM_DES_CBC */
case CKM_DES_CBC:
{
/* terminate operation */
if(pulDataLen == NULL_PTR)
{
rv = CKR_OK; goto des_cbc_err;
}
/* is the length of the supplied data a multiple of 8 to create des-blocks? */
if(ulEncryptedDataLen%8 != 0)
{
rv = CKR_DATA_LEN_RANGE; goto des_cbc_err;
}
/* is this just a test for the length of the recieving buffer? */
if(pData == NULL_PTR)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_OK; break;
}
/* is the supplied buffer long enough? */
if(*pulDataLen < ulEncryptedDataLen)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_BUFFER_TOO_SMALL; break;
}
/* OK all set. lets compute */
des_ncbc_encrypt(pEncryptedData,
pData,
ulEncryptedDataLen,
((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->sched,
&(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->ivec),
DES_DECRYPT);
*pulDataLen=ulEncryptedDataLen;
rv = CKR_OK;
des_cbc_err:
if(session_data->decrypt_state!= NULL_PTR)
TC_free(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
/* }}} */
/* {{{ CKM_DES_CBC_PAD */
case CKM_DES_CBC_PAD:
{
CK_BYTE PadValue;
CK_ULONG ulPaddingLen, i;
/* terminate operation */
if(pulDataLen == NULL_PTR)
{
rv = CKR_OK; goto des_cbc_pad_err;
}
/* is the length of the supplied data a multiple of 8 to create des-blocks? */
if(ulEncryptedDataLen%8 != 0)
{
rv = CKR_DATA_LEN_RANGE; break;
}
/* is this just a test for the length of the recieving buffer? */
if(pData == NULL_PTR)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_OK; break;
}
/* is the supplied buffer long enough? */
if(*pulDataLen < ulEncryptedDataLen)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_BUFFER_TOO_SMALL; goto des_cbc_pad_err;
}
/* OK all set. lets compute */
des_ncbc_encrypt(pEncryptedData,
pData,
ulEncryptedDataLen,
((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->sched,
&(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->ivec),
DES_DECRYPT);
if((CK_BYTE)((pData[ulEncryptedDataLen-1] >= 1 ) && (CK_BYTE)(pData[ulEncryptedDataLen-1] <= 8)))
{
PadValue = (CK_BYTE)(pData[ulEncryptedDataLen-1]);
ulPaddingLen = (CK_ULONG)PadValue;
}
else
{ ulPaddingLen = 0; }
for (i=0; i<ulPaddingLen; i++)
if ((CK_BYTE)(pData[ulEncryptedDataLen-1-i]) != PadValue)
{ rv = CKR_GENERAL_ERROR; goto des_cbc_pad_err; }
*pulDataLen=ulEncryptedDataLen-ulPaddingLen;
rv = CKR_OK;
des_cbc_pad_err:
if(session_data->decrypt_state!= NULL_PTR)
TC_free(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
/* }}} */
/* {{{ CKM_DES3_ECB */
case CKM_DES3_ECB:
{
CK_ULONG count;
/* terminate operation */
if(pulDataLen == NULL_PTR)
{
rv = CKR_OK; goto des3_ecb_err;
}
/* DES always takes multiples of 8 bytes */
if(ulEncryptedDataLen%8 != 0)
{
rv = CKR_DATA_LEN_RANGE; goto des3_ecb_err;
}
/* is this just a test for the length of the recieving buffer? */
if(pData == NULL_PTR)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_OK; break;
}
/* is the supplied buffer long enough? */
if(*pulDataLen < ulEncryptedDataLen)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_BUFFER_TOO_SMALL; break;
}
/* OK all set. lets compute */
/* in blocks of 8 bytes. */
for(count=0; count<ulEncryptedDataLen ; count+=8)
{
des_ecb3_encrypt((des_cblock*)(&(pEncryptedData[count])),
(des_cblock*)(&(pData[count])),
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[0],
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[1],
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[2],
DES_DECRYPT);
}
*pulDataLen=ulEncryptedDataLen;
rv = CKR_OK;
des3_ecb_err:
if(session_data->decrypt_state!= NULL_PTR)
CI_DES3_INFO_delete(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
/* }}} */
/* {{{ CKM_DES3_CBC */
case CKM_DES3_CBC:
{
/* terminate operation */
if(pulDataLen == NULL_PTR)
{
rv = CKR_OK; goto des3_cbc_err;
}
/* is the length of the supplied data a multiple of 8 to create des-blocks? */
if(ulEncryptedDataLen%8 != 0)
{
rv = CKR_DATA_LEN_RANGE; goto des3_cbc_err;
}
/* is this just a test for the length of the recieving buffer? */
if(pData == NULL_PTR)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_OK; break;
}
/* is the supplied buffer long enough? */
if(*pulDataLen < ulEncryptedDataLen)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_BUFFER_TOO_SMALL; break;
}
/* OK all set. lets compute */
des_ede3_cbc_encrypt(pEncryptedData,
pData,
ulEncryptedDataLen,
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[0],
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[1],
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[2],
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->ivec,
DES_DECRYPT);
*pulDataLen=ulEncryptedDataLen;
rv = CKR_OK;
des3_cbc_err:
if(session_data->decrypt_state != NULL_PTR)
CI_DES3_INFO_delete(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
/* }}} */
/* {{{ CKM_IDEA_ECB */
case CKM_IDEA_ECB:
{
CK_ULONG count;
rv = CKR_OK;
CI_LogEntry("C_Decrypt", "IDEA ECB", rv , 0);
/* terminate operation */
if(pulDataLen == NULL_PTR)
{
rv = CKR_OK; goto idea_ecb_err;
}
/* IDEA always takes multiples of 8 bytes */
if(ulEncryptedDataLen%8 != 0)
{
rv = CKR_DATA_LEN_RANGE; goto idea_ecb_err;
}
/* is this just a test for the length of the recieving buffer? */
if(pData == NULL_PTR)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_OK; break;
}
/* is the supplied buffer long enough? */
if(*pulDataLen < ulEncryptedDataLen)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_BUFFER_TOO_SMALL; break;
}
/* damit wir ne hoffnung haben */
assert(sizeof(CK_BYTE) == sizeof(unsigned char));
/* OK all set. lets compute */
/* in blocks of 8 bytes. */
for(count=0; count<ulEncryptedDataLen ; count+=8)
{
/* its the same function for decryption as well, only the key schedule differs */
idea_ecb_encrypt((unsigned char*)&(pEncryptedData[count]),
(unsigned char*)&(pData[count]),
&(((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->sched));
}
*pulDataLen=ulEncryptedDataLen;
rv = CKR_OK;
idea_ecb_err:
if(session_data->decrypt_state!= NULL_PTR)
TC_free(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
/* }}} */
/* {{{ CKM_IDEA_CBC */
case CKM_IDEA_CBC:
{
/* terminate operation */
if(pulDataLen == NULL_PTR)
{
rv = CKR_OK; goto idea_cbc_err;
}
/* is the length of the supplied data a multiple of 8 to create des-blocks? */
if(ulEncryptedDataLen%8 != 0)
{
rv = CKR_DATA_LEN_RANGE; goto idea_cbc_err;
}
/* is this just a test for the length of the recieving buffer? */
if(pData == NULL_PTR)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_OK; break;
}
/* is the supplied buffer long enough? */
if(*pulDataLen < ulEncryptedDataLen)
{
*pulDataLen = ulEncryptedDataLen;
rv = CKR_BUFFER_TOO_SMALL; break;
}
/* OK all set. lets compute */
idea_cbc_encrypt((unsigned char*)pEncryptedData,
(unsigned char*)pData,
ulEncryptedDataLen,
&(((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->sched),
((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->ivec,
IDEA_DECRYPT);
*pulDataLen=ulEncryptedDataLen;
rv = CKR_OK;
if( ((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->ivec != NULL_PTR)
TC_free(((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->ivec);
idea_cbc_err:
if(session_data->decrypt_state)
TC_free(session_data->decrypt_state);
session_data->decrypt_state = NULL_PTR;
}
break;
/* }}} */
default:
rv = CKR_MECHANISM_INVALID;
CI_VarLogEntry("C_Decrypt", "algorithm specified: %s", rv, 0,
CI_MechanismStr(session_data->decrypt_mechanism));
}
CI_LogEntry("C_Decrypt", "...completed", rv , 0);
return rv;
}
/* {{{ CI_Ceay_DecryptUpdate */
CK_DEFINE_FUNCTION(CK_RV, CI_Ceay_DecryptUpdate)(
CK_I_SESSION_DATA_PTR session_data,
CK_BYTE_PTR pEncryptedPart, /* encrypted data */
CK_ULONG ulEncryptedPartLen, /* input length */
CK_BYTE_PTR pPart, /* gets plaintext */
CK_ULONG_PTR pulPartLen /* p-text size */
)
{
CK_RV rv;
switch(session_data->decrypt_mechanism)
{
/* {{{ CKM_RC4 */
case CKM_RC4:
{
rv = CKR_OK;
CI_LogEntry("C_DecryptUpdate", "RC4", rv , 0);
/* is this just a test for the length of the recieving buffer? */
if(pPart == NULL_PTR)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_OK;
}
/* is the supplied buffer long enough? */
if(*pulPartLen < ulEncryptedPartLen)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_BUFFER_TOO_SMALL;
}
/* OK all set. lets compute */
RC4(session_data->decrypt_state,ulEncryptedPartLen,pEncryptedPart,pPart);
*pulPartLen=ulEncryptedPartLen;
}
break;
/* }}} */
/* {{{ CKM_RC2_ECB */
case CKM_RC2_ECB:
{
CK_ULONG count;
rv = CKR_OK;
CI_LogEntry("C_DecryptUpdate", "RC2 ECB", rv , 0);
/* RC2 always takes multiples of 8 bytes */
if(ulEncryptedPartLen%8 != 0)
return CKR_DATA_LEN_RANGE;
/* is this just a test for the length of the recieving buffer? */
if(pPart == NULL_PTR)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_OK;
}
/* is the supplied buffer long enough? */
if(*pulPartLen < ulEncryptedPartLen)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_BUFFER_TOO_SMALL;
}
/* OK all set. lets compute */
/* in blocks of 8 bytes. */
for(count=0; count<ulEncryptedPartLen ; count+=8)
{
RC2_ecb_encrypt(&(pEncryptedPart[count]), &(pPart[count]),
session_data->decrypt_state,
RC2_DECRYPT);
}
*pulPartLen=ulEncryptedPartLen;
rv = CKR_OK;
}
break;
/* }}} */
/* {{{ CKM_RC2_CBC */
case CKM_RC2_CBC:
{
rv = CKR_OK;
CI_LogEntry("C_DecryptUpdate", "RC2 CBC", rv , 0);
/* is the length of the supplied data a multiple of 8 to create des-blocks? */
if(ulEncryptedPartLen%8 != 0)
return CKR_DATA_LEN_RANGE;
/* is this just a test for the length of the recieving buffer? */
if(pPart == NULL_PTR)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_OK;
}
/* is the supplied buffer long enough? */
if(*pulPartLen < ulEncryptedPartLen)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_BUFFER_TOO_SMALL;
}
/* OK all set. lets compute */
RC2_cbc_encrypt((unsigned char*)pEncryptedPart, (unsigned char*)pPart,
ulEncryptedPartLen,
((CK_I_CEAY_RC2_INFO_PTR)session_data->decrypt_state)->key,
((CK_I_CEAY_RC2_INFO_PTR)session_data->decrypt_state)->ivec,
RC2_DECRYPT);
*pulPartLen=ulEncryptedPartLen;
rv = CKR_OK;
}
break;
/* }}} */
/* {{{ CKM_DES_ECB */
case CKM_DES_ECB:
{
CK_ULONG count;
rv = CKR_OK;
CI_LogEntry("C_DecryptUpdate", "DES ECB", rv , 0);
/* DES always takes multiples of 8 bytes */
if(ulEncryptedPartLen%8 != 0)
return CKR_DATA_LEN_RANGE;
/* is this just a test for the length of the recieving buffer? */
if(pPart == NULL_PTR)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_OK;
}
/* is the supplied buffer long enough? */
if(*pulPartLen < ulEncryptedPartLen)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_BUFFER_TOO_SMALL;
}
/* OK all set. lets compute */
/* in blocks of 8 bytes. */
for(count=0; count<ulEncryptedPartLen ; count+=8)
{
des_ecb_encrypt((des_cblock*)(&(pEncryptedPart[count])),
(des_cblock*)(&(pPart[count])),
session_data->decrypt_state,
DES_DECRYPT);
}
*pulPartLen=ulEncryptedPartLen;
rv = CKR_OK;
}
break;
/* }}} */
/* {{{ CKM_DES_CBC */
case CKM_DES_CBC:
{
rv = CKR_OK;
CI_LogEntry("C_DecryptUpdate", "DES3 CBC", rv , 0);
/* is the length of the supplied data a multiple of 8 to create des-blocks? */
if(ulEncryptedPartLen%8 != 0)
return CKR_DATA_LEN_RANGE;
/* is this just a test for the length of the recieving buffer? */
if(pPart == NULL_PTR)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_OK;
}
/* is the supplied buffer long enough? */
if(*pulPartLen < ulEncryptedPartLen)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_BUFFER_TOO_SMALL;
}
/* OK all set. lets compute */
des_ncbc_encrypt(pEncryptedPart,
pPart,
ulEncryptedPartLen,
((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->sched,
&(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->ivec),
DES_DECRYPT);
*pulPartLen=ulEncryptedPartLen;
rv = CKR_OK;
}
break;
/* }}} */
/* {{{ CKM_DES_CBC_PAD */
case CKM_DES_CBC_PAD:
{
CK_BYTE_PTR ptmpbuf = NULL_PTR;
/* is the length of the supplied data a multiple of 8 to create des-blocks? */
if(ulEncryptedPartLen%8 != 0)
return CKR_DATA_LEN_RANGE;
/* is this just a test for the length of the recieving buffer? */
if(pPart == NULL_PTR)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_OK;
}
/* is the supplied buffer long enough? */
if(*pulPartLen < ulEncryptedPartLen)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_BUFFER_TOO_SMALL;
}
/* OK all set. lets compute */
ptmpbuf = CI_ByteStream_new(ulEncryptedPartLen);
if(ptmpbuf == NULL_PTR) return CKR_HOST_MEMORY;
if(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->pad)
{
memcpy(ptmpbuf, ((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->lastblock, 8);
memcpy(ptmpbuf+8, pEncryptedPart, ulEncryptedPartLen-8);
*pulPartLen = ulEncryptedPartLen;
}
else
{
memcpy(ptmpbuf, pEncryptedPart, ulEncryptedPartLen-8);
*pulPartLen = ulEncryptedPartLen-8;
((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->pad = 8;
}
des_ncbc_encrypt(ptmpbuf,
pPart,
*pulPartLen,
((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->sched,
&(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->ivec),
DES_DECRYPT);
memcpy(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->lastblock, pEncryptedPart+ulEncryptedPartLen-8, 8);
TC_free(ptmpbuf);
rv = CKR_OK;
}
break;
/* }}} */
/* {{{ CKM_DES3_ECB */
case CKM_DES3_ECB:
{
CK_ULONG count;
/* DES always takes multiples of 8 bytes */
if(ulEncryptedPartLen%8 != 0)
return CKR_DATA_LEN_RANGE;
/* is this just a test for the length of the recieving buffer? */
if(pPart == NULL_PTR)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_OK;
}
/* is the supplied buffer long enough? */
if(*pulPartLen < ulEncryptedPartLen)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_BUFFER_TOO_SMALL;
}
/* OK all set. lets compute */
/* in blocks of 8 bytes. */
for(count=0; count<ulEncryptedPartLen ; count+=8)
{
des_ecb3_encrypt((des_cblock*)(&(pPart[count])),
(des_cblock*)(&(pEncryptedPart[count])),
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[0],
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[1],
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[2],
DES_DECRYPT);
}
*pulPartLen=ulEncryptedPartLen;
rv = CKR_OK;
}
break;
/* }}} */
/* {{{ CKM_DES3_CBC */
case CKM_DES3_CBC:
{
rv = CKR_OK;
CI_LogEntry("C_DecryptUpdate", "IDEA CBC", rv , 0);
/* is the length of the supplied data a multiple of 8 to create des-blocks? */
if(ulEncryptedPartLen%8 != 0)
return CKR_DATA_LEN_RANGE;
/* is this just a test for the length of the recieving buffer? */
if(pPart == NULL_PTR)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_OK;
}
/* is the supplied buffer long enough? */
if(*pulPartLen < ulEncryptedPartLen)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_BUFFER_TOO_SMALL;
}
/* OK all set. lets compute */
des_ede3_cbc_encrypt(pEncryptedPart,
pPart,
ulEncryptedPartLen,
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[0],
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[1],
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[2],
((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->ivec,
DES_DECRYPT);
*pulPartLen=ulEncryptedPartLen;
rv = CKR_OK;
}
break;
/* }}} */
/* {{{ CKM_IDEA_ECB */
case CKM_IDEA_ECB:
{
CK_ULONG count;
rv = CKR_OK;
CI_LogEntry("C_DecryptUpdate", "IDEA ECB", rv , 0);
/* DES always takes multiples of 8 bytes */
if(ulEncryptedPartLen%8 != 0)
return CKR_DATA_LEN_RANGE;
/* is this just a test for the length of the recieving buffer? */
if(pPart == NULL_PTR)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_OK;
}
/* is the supplied buffer long enough? */
if(*pulPartLen < ulEncryptedPartLen)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_BUFFER_TOO_SMALL;
}
/* damit wir ne hoffnung haben */
assert(sizeof(CK_BYTE) == sizeof(unsigned char));
/* OK all set. lets compute */
/* in blocks of 8 bytes. */
for(count=0; count<ulEncryptedPartLen ; count+=8)
{
/* its the same function for decryption as well, only the key schedule differs */
idea_ecb_encrypt((unsigned char*)&(pEncryptedPart[count]),
(unsigned char*)&(pPart[count]),
&(((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->sched));
}
*pulPartLen=ulEncryptedPartLen;
rv = CKR_OK;
}
break;
/* }}} */
/* {{{ CKM_IDEA_CBC */
case CKM_IDEA_CBC:
{
rv = CKR_OK;
CI_LogEntry("C_DecryptUpdate", "IDEA CBC", rv , 0);
/* is the length of the supplied data a multiple of 8 to create des-blocks? */
if(ulEncryptedPartLen%8 != 0)
return CKR_DATA_LEN_RANGE;
/* is this just a test for the length of the recieving buffer? */
if(pPart == NULL_PTR)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_OK;
}
/* is the supplied buffer long enough? */
if(*pulPartLen < ulEncryptedPartLen)
{
*pulPartLen = ulEncryptedPartLen;
return CKR_BUFFER_TOO_SMALL;
}
/* OK all set. lets compute */
idea_cbc_encrypt((unsigned char*)pEncryptedPart,
(unsigned char*)pPart,
ulEncryptedPartLen,
&(((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->sched),
((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->ivec,
IDEA_DECRYPT);
*pulPartLen=ulEncryptedPartLen;
rv = CKR_OK;
}
break;
/* }}} */
default:
rv = CKR_MECHANISM_INVALID;
CI_VarLogEntry("C_DecryptUpdate", "algorithm specified: %s", rv, 0,
CI_MechanismStr(session_data->decrypt_mechanism));
}
CI_VarLogEntry("C_DecryptUpdate", "decryption (%s) result: %s", rv, 2,
CI_MechanismStr(session_data->decrypt_mechanism),
CI_PrintableByteStream(pPart,*pulPartLen));
CI_LogEntry("C_DecryptUpdate", "...completed", rv , 0);
return rv;
}
