bool Des::Encrypt(const char *szInput, char *szOutput)
{
int i = 0, j = 0;
int inlen = strlen(szInput);
int outlen = 0;
srand((unsigned)time(NULL));
des_key_setup(GET_32BIT_MSB_FIRST(key8),
GET_32BIT_MSB_FIRST(key8 + 4), &crkey);
unsigned char dest[MAX_LEN] = {0};
des_cbc_encrypt(dest, (unsigned char *)szInput, inlen, &crkey);
outlen = inlen % 8 ? inlen + 8 - inlen % 8 : inlen;
for(i = 0;i < outlen;i ++)
{
sprintf(szOutput, "%s%c", szOutput, map[dest[i] / 0x10][0]);
for(j = 0;j < (int)strlen(map[dest[i] / 0x10]) - 1;j ++)
sprintf(szOutput, "%s%c", szOutput, rand() % 26 + 0x41);
sprintf(szOutput, "%s%c", szOutput, map[dest[i] % 0x10][0]);
for(j = 0;j < (int)strlen(map[dest[i] % 0x10]) - 1;j ++)
sprintf(szOutput, "%s%c", szOutput, rand() % 26 + 0x41);
}
//memset(key8, 0, 8);
//memset(map, 0, 256);
return true;
}
/*
* This is used by SSH1:
*
* What kind of triple DES are these 2 routines?
*
* Why is there a redundant initialization vector?
*
* If only iv3 was used, then, this would till effect have been
* outer-cbc. However, there is also a private iv1 == iv2 which
* perhaps makes differential analysis easier. On the other hand, the
* private iv1 probably makes the CRC-32 attack ineffective. This is a
* result of that there is no longer any known iv1 to use when
* choosing the X block.
*/
void
SSH_3CBC_ENCRYPT(des_key_schedule ks1,
des_key_schedule ks2, des_cblock * iv2,
des_key_schedule ks3, des_cblock * iv3,
unsigned char *dest, unsigned char *src,
unsigned int len)
{
des_cblock iv1;
memcpy(&iv1, iv2, 8);
des_cbc_encrypt(src, dest, len, ks1, &iv1, DES_ENCRYPT);
memcpy(&iv1, dest + len - 8, 8);
des_cbc_encrypt(dest, dest, len, ks2, iv2, DES_DECRYPT);
memcpy(iv2, &iv1, 8); /* Note how iv1 == iv2 on entry and exit. */
des_cbc_encrypt(dest, dest, len, ks3, iv3, DES_ENCRYPT);
memcpy(iv3, dest + len - 8, 8);
}
static void scam_encrypt_packet(uint8_t *packet, uint32_t packetLength, uint8_t *key, uint32_t dataLength, uint32_t dataOffset, uint8_t *xorOffset)
{
uint8_t iv[8];
uint32_t i;
memset(iv, 0, 8);
des_cbc_encrypt(packet + dataOffset, iv, key, dataLength);
for(i=0; i<packetLength; i++) {
key[*xorOffset] ^= packet[i];
*xorOffset = (*xorOffset + 1) & 7;
}
}
void cipher_encrypt(CipherContext * context, unsigned char *dest, const unsigned char *src, unsigned int len)
{
switch (context->type) {
case SSH_CIPHER_NONE:
memcpy(dest, src, len);
break;
#ifdef WITH_IDEA
case SSH_CIPHER_IDEA:
idea_cfb_encrypt(&context->u.idea.key, context->u.idea.iv, dest, src, len);
break;
#endif /* WITH_IDEA */
#ifdef WITH_DES
case SSH_CIPHER_DES:
des_cbc_encrypt(&context->u.des.key, context->u.des.iv, dest, src, len);
break;
#endif /* WITH_DES */
case SSH_CIPHER_3DES:
des_3cbc_encrypt(&context->u.des3.key1, context->u.des3.iv1, &context->u.des3.key2, context->u.des3.iv2, &context->u.des3.key3, context->u.des3.iv3, dest, src, len);
break;
#ifdef WITH_ARCFOUR
case SSH_CIPHER_ARCFOUR:
arcfour_encrypt(&context->u.arcfour, dest, src, len);
break;
#endif /* WITH_ARCFOUR */
#ifdef WITH_BLOWFISH
case SSH_CIPHER_BLOWFISH:
blowfish_cbc_encrypt(&context->u.blowfish, dest, src, len);
break;
#endif /* WITH_BLOWFISH */
default:
fatal("cipher_encrypt: unknown cipher: %d", context->type);
}
}
int main( void )
{
int keysize;
unsigned long i, j, tsc;
unsigned char buf[BUFSIZE];
unsigned char tmp[32];
arc4_context arc4;
des3_context des3;
des_context des;
aes_context aes;
rsa_context rsa;
memset( buf, 0xAA, sizeof( buf ) );
printf( "\n" );
/*
* MD2 timing
*/
printf( " MD2 : " );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
md2_csum( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 32; j++ )
md2_csum( buf, BUFSIZE, tmp );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* MD4 timing
*/
printf( " MD4 : " );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
md4_csum( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
md4_csum( buf, BUFSIZE, tmp );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* MD5 timing
*/
printf( " MD5 : " );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
md5_csum( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
md5_csum( buf, BUFSIZE, tmp );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* SHA-1 timing
*/
printf( " SHA-1 : " );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
sha1_csum( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
sha1_csum( buf, BUFSIZE, tmp );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* SHA-256 timing
*/
printf( " SHA-256 : " );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
sha2_csum( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
sha2_csum( buf, BUFSIZE, tmp );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* ARC4 timing
*/
printf( " ARC4 : " );
fflush( stdout );
arc4_setup( &arc4, tmp, 32 );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
arc4_crypt( &arc4, buf, BUFSIZE );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
arc4_crypt( &arc4, buf, BUFSIZE );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* Triple-DES timing
*/
printf( " 3DES : " );
fflush( stdout );
des3_set_3keys( &des3, tmp );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
des3_cbc_encrypt( &des3, tmp, buf, buf, BUFSIZE );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
des3_cbc_encrypt( &des3, tmp, buf, buf, BUFSIZE );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* DES timing
*/
printf( " DES : " );
fflush( stdout );
des_set_key( &des, tmp );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
des_cbc_encrypt( &des, tmp, buf, buf, BUFSIZE );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
des_cbc_encrypt( &des, tmp, buf, buf, BUFSIZE );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* AES timings
*/
for( keysize = 128; keysize <= 256; keysize += 64 )
{
printf( " AES-%d : ", keysize );
fflush( stdout );
aes_set_key( &aes, tmp, keysize );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
aes_cbc_encrypt( &aes, tmp, buf, buf, BUFSIZE );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
aes_cbc_encrypt( &aes, tmp, buf, buf, BUFSIZE );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
}
/*
* RSA-1024 timing
*/
printf( " RSA-1024 : " );
fflush( stdout );
rsa_gen_key( &rsa, 1024, 65537, myrand, NULL );
set_alarm( 4 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_public( &rsa, buf, 128, buf, 128 );
}
printf( "%9ld public/s\n", i / 4 );
printf( " RSA-1024 : " );
fflush( stdout );
set_alarm( 4 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_private( &rsa, buf, 128, buf, 128 );
}
printf( "%9ld private/s\n", i / 4 );
rsa_free( &rsa );
/*
* RSA-2048 timing
*/
printf( " RSA-2048 : " );
fflush( stdout );
rsa_gen_key( &rsa, 2048, 65537, myrand, NULL );
set_alarm( 4 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_public( &rsa, buf, 256, buf, 256 );
}
printf( "%9ld public/s\n", i / 4 );
printf( " RSA-2048 : " );
fflush( stdout );
set_alarm( 4 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_private( &rsa, buf, 256, buf, 256 );
}
printf( "%9ld private/s\n\n", i / 4 );
rsa_free( &rsa );
#ifdef WIN32
printf( " Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( 0 );
}
static void des_encrypt_blk(unsigned char *blk, int len) {
des_cbc_encrypt(blk, blk, len, cskeys);
}
static void des_3cbc_decrypt(unsigned char *dest, const unsigned char *src,
unsigned int len, DESContext *scheds) {
des_cbc_decrypt(dest, src, len, &scheds[2]);
des_cbc_encrypt(dest, src, len, &scheds[1]);
des_cbc_decrypt(dest, src, len, &scheds[0]);
}
//! \brief Main example doing DES encryption/decryption.
int main( void )
{
uint8_t i;
board_init();
sleepmgr_init();
bool success = true;
/* Example of how to use Single DES encryption and decryption functions. */
des_encrypt(data, single_ans, keys);
des_decrypt(single_ans, single_ans, keys);
/* Check if decrypted answer is equal to plaintext. */
for (i = 0; i < DES_BLOCK_LENGTH ; i++ ){
if (data[i] != single_ans[i]){
success = false;
break;
}
}
if (success){
/* Example of how to use 3DES encryption and decryption functions. */
des_3des_encrypt(data, single_ans, keys);
des_3des_decrypt(single_ans, single_ans, keys);
/* Check if decrypted answer is equal to plaintext. */
for (i = 0; i < DES_BLOCK_LENGTH ; i++ ){
if (data[i] != single_ans[i]){
success = false;
break;
}
}
}
if (success){
/* Example of how to use DES Cipher Block Chaining encryption and
* decryption functions.
*/
des_cbc_encrypt(data_block, cipher_block_ans, keys, init, true, DES_BLOCK_COUNT);
des_cbc_decrypt(cipher_block_ans, block_ans, keys, init, true, DES_BLOCK_COUNT);
/* Check if decrypted answer is equal to plaintext. */
for (i = 1; i < (DES_BLOCK_LENGTH * DES_BLOCK_COUNT); i++ ){
if (data_block[i] != block_ans[i]){
success = false;
break;
}
}
}
/* Indicate final result by lighting LED. */
if (success) {
/* If the example ends up here every thing is ok. */
ioport_set_pin_low(LED0_GPIO);
} else {
/* If the example ends up here something is wrong. */
ioport_set_pin_low(LED1_GPIO);
}
while (true) {
/* Go to sleep. */
sleepmgr_enter_sleep();
}
}
ULONG
AnscCryptoDesMacDigest
(
PVOID buffer,
ULONG size,
PANSC_CRYPTO_HASH hash,
PANSC_CRYPTO_KEY key
)
{
#ifdef _ANSC_DES_USED_
ULONG i = 0;
PUCHAR pAuthenticationData = NULL;
PVOID pEncryptedData = NULL;
ANSC_CRYPTO_IV iv = {0};
des_key_schedule keySchedule;
/*
* allocate memory to hold the encrypted data
*/
pEncryptedData = AnscAllocateMemory(size);
if ( !pEncryptedData )
{
AnscZeroMemory(hash->Value, hash->Length);
return hash->Length;
}
/*
* proceed des-cbc on the whole payload, but first we need to initialize the IV according to the draft,
* IV should be filled by zeros.
*/
iv.Length = ANSC_DES_IV_SIZE;
/*
* retrieve a key schedule?
*/
des_key_sched
(
(des_cblock*)key->Value[0],
keySchedule
);
/*
* des-cbc
*/
des_cbc_encrypt
(
(des_cblock*)buffer, /* input stream of data blocks */
(des_cblock*)pEncryptedData, /* output stream of data blocks */
size, /* total length of data stream */
keySchedule, /* key schedule */
(des_cblock*)iv.Value, /* initialization vector */
1 /* indicate it's an encryption operation */
);
/*
* use the last 8 bytes output as authentication data
*/
AnscCopyMemory
(
hash->Value,
(PVOID)((ULONG)pEncryptedData + size - ANSC_DES_BLOCK_SIZE),
ANSC_DES_BLOCK_SIZE
);
/*
* let's make sure our output size is bigger than the requirement; otherwise, we should pad zeros to the end
* of the hash result data
*/
if ( ANSC_DES_BLOCK_SIZE < hash->Length )
{
AnscZeroMemory(&hash->Value[ANSC_DES_BLOCK_SIZE], hash->Length - ANSC_DES_BLOCK_SIZE);
}
/*
* free the allocated memory
*/
AnscFreeMemory(pEncryptedData);
#else
AnscTrace("WARNING: DES digest is disabled!!!\n");
#endif
/*
* return control to caller
*/
return hash->Length;
}
int des_enc_read(int fd, void *buf, int len, des_key_schedule sched,
des_cblock *iv)
{
/* data to be unencrypted */
int net_num=0;
static unsigned char *net=NULL;
/* extra unencrypted data
* for when a block of 100 comes in but is des_read one byte at
* a time. */
static unsigned char *unnet=NULL;
static int unnet_start=0;
static int unnet_left=0;
static unsigned char *tmpbuf=NULL;
int i;
long num=0,rnum;
unsigned char *p;
if (tmpbuf == NULL)
{
tmpbuf=OPENSSL_malloc(BSIZE);
if (tmpbuf == NULL) return(-1);
}
if (net == NULL)
{
net=OPENSSL_malloc(BSIZE);
if (net == NULL) return(-1);
}
if (unnet == NULL)
{
unnet=OPENSSL_malloc(BSIZE);
if (unnet == NULL) return(-1);
}
/* left over data from last decrypt */
if (unnet_left != 0)
{
if (unnet_left < len)
{
/* we still still need more data but will return
* with the number of bytes we have - should always
* check the return value */
memcpy(buf,&(unnet[unnet_start]),
unnet_left);
/* eay 26/08/92 I had the next 2 lines
* reversed :-( */
i=unnet_left;
unnet_start=unnet_left=0;
}
else
{
memcpy(buf,&(unnet[unnet_start]),len);
unnet_start+=len;
unnet_left-=len;
i=len;
}
return(i);
}
/* We need to get more data. */
if (len > MAXWRITE) len=MAXWRITE;
/* first - get the length */
while (net_num < HDRSIZE)
{
i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
#ifdef EINTR
if ((i == -1) && (errno == EINTR)) continue;
#endif
if (i <= 0) return(0);
net_num+=i;
}
/* we now have at net_num bytes in net */
p=net;
/* num=0; */
n2l(p,num);
/* num should be rounded up to the next group of eight
* we make sure that we have read a multiple of 8 bytes from the net.
*/
if ((num > MAXWRITE) || (num < 0)) /* error */
return(-1);
rnum=(num < 8)?8:((num+7)/8*8);
net_num=0;
while (net_num < rnum)
{
i=read(fd,(void *)&(net[net_num]),rnum-net_num);
#ifdef EINTR
if ((i == -1) && (errno == EINTR)) continue;
#endif
if (i <= 0) return(0);
net_num+=i;
}
/* Check if there will be data left over. */
if (len < num)
{
if (des_rw_mode & DES_PCBC_MODE)
des_pcbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
else
des_cbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
memcpy(buf,unnet,len);
unnet_start=len;
unnet_left=num-len;
/* The following line is done because we return num
* as the number of bytes read. */
num=len;
}
else
{
/* >output is a multiple of 8 byes, if len < rnum
* >we must be careful. The user must be aware that this
* >routine will write more bytes than he asked for.
* >The length of the buffer must be correct.
* FIXED - Should be ok now 18-9-90 - eay */
if (len < rnum)
{
if (des_rw_mode & DES_PCBC_MODE)
des_pcbc_encrypt(net,tmpbuf,num,sched,iv,
DES_DECRYPT);
else
des_cbc_encrypt(net,tmpbuf,num,sched,iv,
DES_DECRYPT);
/* eay 26/08/92 fix a bug that returned more
* bytes than you asked for (returned len bytes :-( */
memcpy(buf,tmpbuf,num);
}
else
{
if (des_rw_mode & DES_PCBC_MODE)
des_pcbc_encrypt(net,buf,num,sched,iv,
DES_DECRYPT);
else
des_cbc_encrypt(net,buf,num,sched,iv,
DES_DECRYPT);
}
}
return num;
}
