static int
ossl_cast_cbc_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res)
{
ossldata *od = c->ptr;
CAST_cbc_encrypt(data, res, dlen, &od->u.cast_key, od->iv, CAST_DECRYPT);
return 0;
}
void
cipher_decrypt(CipherContext *context, unsigned char *dest,
const unsigned char *src, unsigned int len)
{
if ((len & 7) != 0)
fatal("cipher_decrypt: bad ciphertext length %d", len);
switch (context->type) {
case SSH_CIPHER_NONE:
memcpy(dest, src, len);
break;
case SSH_CIPHER_3DES:
SSH_3CBC_DECRYPT(context->u.des3.key1,
context->u.des3.key2, &context->u.des3.iv2,
context->u.des3.key3, &context->u.des3.iv3,
dest, (unsigned char *) src, len);
break;
case SSH_CIPHER_BLOWFISH:
swap_bytes(src, dest, len);
BF_cbc_encrypt((void *) dest, dest, len,
&context->u.bf.key, context->u.bf.iv,
BF_DECRYPT);
swap_bytes(dest, dest, len);
break;
case SSH_CIPHER_BLOWFISH_CBC:
BF_cbc_encrypt((void *) src, dest, len,
&context->u.bf.key, context->u.bf.iv,
BF_DECRYPT);
break;
case SSH_CIPHER_3DES_CBC:
des_ede3_cbc_encrypt(src, dest, len,
context->u.des3.key1, context->u.des3.key2,
context->u.des3.key3, &context->u.des3.iv3, DES_DECRYPT);
break;
case SSH_CIPHER_ARCFOUR:
RC4(&context->u.rc4, len, (unsigned char *)src, dest);
break;
case SSH_CIPHER_CAST128_CBC:
CAST_cbc_encrypt(src, dest, len,
&context->u.cast.key, context->u.cast.iv, CAST_DECRYPT);
break;
default:
fatal("cipher_decrypt: unknown cipher: %s", cipher_name(context->type));
}
}
int main (int argc, char **argv)
{
long count;
static unsigned char buf[BUFSIZE];
static unsigned char key[] = {
0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
};
CAST_KEY sch;
double a, b, c, d;
#ifndef SIGALRM
long ca, cb, cc;
#endif
#ifndef TIMES
printf ("To get the most accurate results, try to run this\n");
printf ("program when this computer is idle.\n");
#endif
#ifndef SIGALRM
printf ("First we calculate the approximate speed ...\n");
CAST_set_key (&sch, 16, key);
count = 10;
do
{
long i;
CAST_LONG data[2];
count *= 2;
Time_F (START);
for (i = count; i; i--)
CAST_encrypt (data, &sch);
d = Time_F (STOP);
}
while (d < 3.0);
ca = count / 512;
cb = count;
cc = count * 8 / BUFSIZE + 1;
printf ("Doing CAST_set_key %ld times\n", ca);
#define COND(d) (count != (d))
#define COUNT(d) (d)
#else
#define COND(c) (run)
#define COUNT(d) (count)
signal (SIGALRM, sig_done);
printf ("Doing CAST_set_key for 10 seconds\n");
alarm (10);
#endif
Time_F (START);
for (count = 0, run = 1; COND (ca); count += 4)
{
CAST_set_key (&sch, 16, key);
CAST_set_key (&sch, 16, key);
CAST_set_key (&sch, 16, key);
CAST_set_key (&sch, 16, key);
}
d = Time_F (STOP);
printf ("%ld cast set_key's in %.2f seconds\n", count, d);
a = ((double) COUNT (ca)) / d;
#ifdef SIGALRM
printf ("Doing CAST_encrypt's for 10 seconds\n");
alarm (10);
#else
printf ("Doing CAST_encrypt %ld times\n", cb);
#endif
Time_F (START);
for (count = 0, run = 1; COND (cb); count += 4)
{
CAST_LONG data[2];
CAST_encrypt (data, &sch);
CAST_encrypt (data, &sch);
CAST_encrypt (data, &sch);
CAST_encrypt (data, &sch);
}
d = Time_F (STOP);
printf ("%ld CAST_encrypt's in %.2f second\n", count, d);
b = ((double) COUNT (cb) * 8) / d;
#ifdef SIGALRM
printf ("Doing CAST_cbc_encrypt on %ld byte blocks for 10 seconds\n", BUFSIZE);
alarm (10);
#else
printf ("Doing CAST_cbc_encrypt %ld times on %ld byte blocks\n", cc, BUFSIZE);
#endif
Time_F (START);
for (count = 0, run = 1; COND (cc); count++)
CAST_cbc_encrypt (buf, buf, BUFSIZE, &sch, &(key[0]), CAST_ENCRYPT);
d = Time_F (STOP);
printf ("%ld CAST_cbc_encrypt's of %ld byte blocks in %.2f second\n", count, BUFSIZE, d);
c = ((double) COUNT (cc) * BUFSIZE) / d;
printf ("CAST set_key per sec = %12.2f (%9.3fuS)\n", a, 1.0e6 / a);
printf ("CAST raw ecb bytes per sec = %12.2f (%9.3fuS)\n", b, 8.0e6 / b);
printf ("CAST cbc bytes per sec = %12.2f (%9.3fuS)\n", c, 8.0e6 / c);
exit (0);
#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
return (0);
#endif
}
void
cast1_decrypt(struct keystate *ks, u_int8_t *data, u_int16_t len)
{
CAST_cbc_encrypt(data, data, len, &ks->ks_cast, ks->riv, 0);
}
void
cast1_encrypt(struct keystate *ks, u_int8_t *data, u_int16_t len)
{
memcpy(ks->liv, ks->riv, ks->xf->blocksize);
CAST_cbc_encrypt(data, data, len, &ks->ks_cast, ks->liv, 1);
}
static int pgp_logincont(void *obj, struct passwd **uam_pwd,
char *ibuf, size_t ibuflen,
char *rbuf, size_t *rbuflen)
{
unsigned char iv[] = "RJscorat";
BIGNUM *bn1, *bn2, *bn3;
u_int16_t sessid;
char *p;
*rbuflen = 0;
/* check for session id */
memcpy(&sessid, ibuf, sizeof(sessid));
if (sessid != pgphash(obj))
return AFPERR_PARAM;
ibuf += sizeof(sessid);
/* use rbuf as scratch space */
CAST_cbc_encrypt(ibuf, rbuf, CRYPT2BUFLEN, &castkey,
iv, CAST_DECRYPT);
/* check to make sure that the random number is the same. we
* get sent back an incremented random number. */
if (!(bn1 = BN_bin2bn(rbuf, KEYSIZE, NULL)))
return AFPERR_PARAM;
if (!(bn2 = BN_bin2bn(randbuf, sizeof(randbuf), NULL))) {
BN_free(bn1);
return AFPERR_PARAM;
}
/* zero out the random number */
memset(rbuf, 0, sizeof(randbuf));
memset(randbuf, 0, sizeof(randbuf));
rbuf += KEYSIZE;
if (!(bn3 = BN_new())) {
BN_free(bn2);
BN_free(bn1);
return AFPERR_PARAM;
}
BN_sub(bn3, bn1, bn2);
BN_free(bn2);
BN_free(bn1);
/* okay. is it one more? */
if (!BN_is_one(bn3)) {
BN_free(bn3);
return AFPERR_PARAM;
}
BN_free(bn3);
#ifdef AFS
if ( kcheckuser(*uam_pwd, rbuf) == 0) {
*uam_pwd = pgppwd;
return AFP_OK;
}
#endif /* AFS */
rbuf[PASSWDLEN] = '\0';
p = crypt( rbuf, pgppwd->pw_passwd );
memset(rbuf, 0, PASSWDLEN);
if ( strcmp( p, pgppwd->pw_passwd ) == 0 ) {
*uam_pwd = pgppwd;
return AFP_OK;
}
return AFPERR_NOTAUTH;
}