C++ (Cpp) DES_pcbc_encrypt примеры использования

Пример #1

Файл: krb_udp.c Проект: hwr/openafs

static afs_int32
check_auth(struct packet *pkt, char *auth, int authLen,
	   struct ktc_encryptionKey *key, char *name, char *inst,
	   char *cell)
{
    char *packet;
    DES_key_schedule schedule;
    afs_int32 cksum;
    afs_int32 time_sec;
    int byteOrder = pkt->byteOrder;

    DES_key_sched(ktc_to_cblock(key), &schedule);
    DES_pcbc_encrypt(auth, auth, authLen, &schedule, ktc_to_cblockptr(key), DECRYPT);
    packet = auth;
    if (strcmp(packet, name) != 0)
	return KABADTICKET;
    packet += strlen(packet) + 1;
    if (strcmp(packet, inst) != 0)
	return KABADTICKET;
    packet += strlen(packet) + 1;
    if (strcmp(packet, cell) != 0)
	return KABADTICKET;
    packet += strlen(packet) + 1;
    getint(cksum);
    /* Comments in the original IBM source suggest this byte was/is "time_msec" */
    packet++;
    getint(time_sec);
    if ((packet - auth) > authLen)
	return KABADTICKET;
    return 0;
}

Пример #2

Файл: krb_udp.c Проект: hwr/openafs

static afs_int32
create_cipher(char *cipher, int *cipherLen,
	      struct ktc_encryptionKey *sessionKey, char *sname,
	      char *sinst, Date start, Date end, afs_int32 kvno,
	      char *ticket, int ticketLen, struct ktc_encryptionKey *key)
{
    char *answer;
    int slen;
    unsigned char life = time_to_life(start, end);
    int len;
    DES_key_schedule schedule;
    afs_int32 code;

    answer = cipher;
    len =
	sizeof(*sessionKey) + strlen(sname) + strlen(sinst) + strlen(lrealm) +
	3 /*nulls */  + 3 + ticketLen + sizeof(Date);
    if (len > *cipherLen)
	return KAANSWERTOOLONG;
    if (ticketLen > 255)
	return KAANSWERTOOLONG;
    if (kvno > 255)
	return KAANSWERTOOLONG;

    memcpy(answer, sessionKey, sizeof(*sessionKey));
    answer += sizeof(*sessionKey);
    putstr(sname);
    putstr(sinst);
    putstr(lrealm);
    *answer++ = life;
    *answer++ = (unsigned char)kvno;
    *answer++ = (unsigned char)ticketLen;
    memcpy(answer, ticket, ticketLen);
    answer += ticketLen;
    putint(start);

    if (krb_udp_debug) {
	printf("Printing ticket (%d) and date: ", ticketLen);
	ka_PrintBytes(ticket, ticketLen);
	ka_PrintBytes(answer - 4, 4);
	printf("\n");
    }

    if ((code = DES_key_sched(ktc_to_cblock(key), &schedule)))
	printf("In KAAuthenticate: key_sched returned %d\n", code);
    DES_pcbc_encrypt(cipher, cipher, len, &schedule, ktc_to_cblockptr(key), ENCRYPT);
    *cipherLen = round_up_to_ebs(len);

    if (krb_udp_debug) {
	printf("Printing cipher (%d): ", *cipherLen);
	ka_PrintBytes(cipher, *cipherLen);
	printf("\n");
    }
    return 0;
}

Пример #3

Файл: KRB4_fmt.c Проект: earthquake/GI-John

static int
krb4_cmp_one(void *binary, int count)
{
	unsigned char text[TGT_LENGTH];

	DES_pcbc_encrypt(saved_salt->tgt, text,
	                 sizeof(text), &saved_key.sched, &saved_key.key,
	                 DES_DECRYPT);
	
	return (memcmp(text + 8, "krbtgt", 6) == 0);
}

Пример #4

static void
pcbc_test(char key1[8], char iv[8], char in[24], char out[24])
{
    unsigned char k1[8],
	indata[24], outdata[24], outdata2[24], ansdata[24];
    DES_key_schedule s1;
    DES_cblock ivdata;

    memcpy(k1, key1, 8);
    memcpy(ivdata, iv, 8);
    memcpy(indata, in, 24);
    memcpy(ansdata, out, 24);
    DES_set_odd_parity(&k1);
    DES_set_key_unchecked(&k1, &s1);
    DES_pcbc_encrypt(indata, outdata, 24, &s1, &ivdata, 1);
    if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
	errx(1, "pcbc: encrypt");
    DES_pcbc_encrypt(outdata, outdata2, 24, &s1, &ivdata, 0);
    if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
	errx(1, "pcbc: decrypt");
}

Пример #5

Файл: KRB4_fmt.c Проект: earthquake/GI-John

static int
krb4_cmp_all(void *binary, int count)
{
	DES_cblock tmp;

	DES_set_key(&saved_key.key, &saved_key.sched);

	DES_pcbc_encrypt(saved_salt->tgt, (unsigned char *)&tmp,
	                 sizeof(tmp), &saved_key.sched,
	                 &saved_key.key, DES_DECRYPT);

	return (krb4_check_parity(&tmp));
}

Пример #6

Файл: enc_writ.c Проект: 277800076/openssl

int DES_enc_write(int fd, const void *_buf, int len,
                  DES_key_schedule *sched, DES_cblock *iv)
{
#if defined(OPENSSL_NO_POSIX_IO)
    return (-1);
#else
# ifdef _LIBC
    extern unsigned long time();
    extern int write();
# endif
    const unsigned char *buf = _buf;
    long rnum;
    int i, j, k, outnum;
    static unsigned char *outbuf = NULL;
    unsigned char shortbuf[8];
    unsigned char *p;
    const unsigned char *cp;
    static int start = 1;

    if (len < 0)
        return -1;

    if (outbuf == NULL) {
        outbuf = OPENSSL_malloc(BSIZE + HDRSIZE);
        if (outbuf == NULL)
            return (-1);
    }
    /*
     * If we are sending less than 8 bytes, the same char will look the same
     * if we don't pad it out with random bytes
     */
    if (start) {
        start = 0;
    }

    /* lets recurse if we want to send the data in small chunks */
    if (len > MAXWRITE) {
        j = 0;
        for (i = 0; i < len; i += k) {
            k = DES_enc_write(fd, &(buf[i]),
                              ((len - i) > MAXWRITE) ? MAXWRITE : (len - i),
                              sched, iv);
            if (k < 0)
                return (k);
            else
                j += k;
        }
        return (j);
    }

    /* write length first */
    p = outbuf;
    l2n(len, p);

    /* pad short strings */
    if (len < 8) {
        cp = shortbuf;
        memcpy(shortbuf, buf, len);
        if (RAND_bytes(shortbuf + len, 8 - len) <= 0)
            return -1;
        rnum = 8;
    } else {
        cp = buf;
        rnum = ((len + 7) / 8 * 8); /* round up to nearest eight */
    }

    if (DES_rw_mode & DES_PCBC_MODE)
        DES_pcbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
                         iv, DES_ENCRYPT);
    else
        DES_cbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
                        iv, DES_ENCRYPT);

    /* output */
    outnum = rnum + HDRSIZE;

    for (j = 0; j < outnum; j += i) {
        /*
         * eay 26/08/92 I was not doing writing from where we got up to.
         */
# ifndef _WIN32
        i = write(fd, (void *)&(outbuf[j]), outnum - j);
# else
        i = _write(fd, (void *)&(outbuf[j]), outnum - j);
# endif
        if (i == -1) {
# ifdef EINTR
            if (errno == EINTR)
                i = 0;
            else
# endif
                /*
                 * This is really a bad error - very bad It will stuff-up
                 * both ends.
                 */
                return (-1);
        }
    }

    return (len);
#endif                          /* OPENSSL_NO_POSIX_IO */
}

Пример #7

Файл: decomp_ticket.c Проект: ahltorp/afssync

int
decomp_ticket(KTEXT tkt,	/* The ticket to be decoded */
	      unsigned char *flags, /* Kerberos ticket flags */
	      char *pname,	/* Authentication name */
	      char *pinstance,	/* Principal's instance */
	      char *prealm,	/* Principal's authentication domain */
	      u_int32_t *paddress,/* Net address of entity requesting ticket */
	      unsigned char *session, /* Session key inserted in ticket */
	      int *life,	/* Lifetime of the ticket */
	      u_int32_t *time_sec, /* Issue time and date */
	      char *sname,	/* Service name */
	      char *sinstance,	/* Service instance */
	      DES_cblock *key,	/* Service's secret key (to decrypt the ticket) */
	      DES_key_schedule *schedule) /* The precomputed key schedule */

{
    unsigned char *p = tkt->dat;
    
    int little_endian;

    DES_pcbc_encrypt(tkt->dat, tkt->dat,
		     tkt->length, schedule, key, DES_DECRYPT);

    tkt->mbz = 0;

    *flags = *p++;

    little_endian = *flags & 1;

    if(strlen((char*)p) > ANAME_SZ)
	return KFAILURE;
    p += krb4_get_string(p, pname, ANAME_SZ);

    if(strlen((char*)p) > INST_SZ)
	return KFAILURE;
    p += krb4_get_string(p, pinstance, INST_SZ);

    if(strlen((char*)p) > REALM_SZ)
	return KFAILURE;
    p += krb4_get_string(p, prealm, REALM_SZ);

    if (*prealm == '\0')
	get_lrealm (prealm, 1);

    if(tkt->length - (p - tkt->dat) < 8 + 1 + 4)
	return KFAILURE;
    p += krb4_get_address(p, paddress);

    memcpy(session, p, 8);
    p += 8;

    *life = *p++;
    
    p += krb4_get_int(p, time_sec, 4, little_endian);

    if(strlen((char*)p) > SNAME_SZ)
	return KFAILURE;
    p += krb4_get_string(p, sname, SNAME_SZ);

    if(strlen((char*)p) > INST_SZ)
	return KFAILURE;
    p += krb4_get_string(p, sinstance, INST_SZ);

    return KSUCCESS;
}

Пример #8

Файл: kaserver.c Проект: SimonWilkinson/heimdal

static void
do_authenticate (krb5_context context,
		 krb5_kdc_configuration *config,
		 struct rx_header *hdr,
		 krb5_storage *sp,
		 struct sockaddr_in *addr,
		 const char *from,
		 krb5_data *reply)
{
    krb5_error_code ret;
    char *name = NULL;
    char *instance = NULL;
    time_t start_time;
    time_t end_time;
    krb5_data request;
    int32_t max_seq_len;
    hdb_entry_ex *client_entry = NULL;
    hdb_entry_ex *server_entry = NULL;
    Key *ckey = NULL;
    Key *skey = NULL;
    krb5_storage *reply_sp;
    time_t max_life;
    uint8_t life;
    int32_t chal;
    char client_name[256];
    char server_name[256];
	
    krb5_data_zero (&request);

    ret = unparse_auth_args (sp, &name, &instance, &start_time, &end_time,
			     &request, &max_seq_len);
    if (ret != 0 || request.length < 8) {
	make_error_reply (hdr, KABADREQUEST, reply);
	goto out;
    }

    snprintf (client_name, sizeof(client_name), "%s.%s@%s",
	      name, instance, config->v4_realm);
    snprintf (server_name, sizeof(server_name), "%s.%s@%s",
	      "krbtgt", config->v4_realm, config->v4_realm);

    kdc_log(context, config, 0, "AS-REQ (kaserver) %s from %s for %s",
	    client_name, from, server_name);

    ret = _kdc_db_fetch4 (context, config, name, instance,
			  config->v4_realm, HDB_F_GET_CLIENT,
			  &client_entry);
    if (ret) {
	kdc_log(context, config, 0, "Client not found in database: %s: %s",
		client_name, krb5_get_err_text(context, ret));
	make_error_reply (hdr, KANOENT, reply);
	goto out;
    }

    ret = _kdc_db_fetch4 (context, config, "krbtgt",
			  config->v4_realm, config->v4_realm,
			  HDB_F_GET_KRBTGT, &server_entry);
    if (ret) {
	kdc_log(context, config, 0, "Server not found in database: %s: %s",
		server_name, krb5_get_err_text(context, ret));
	make_error_reply (hdr, KANOENT, reply);
	goto out;
    }

    ret = kdc_check_flags (context, config,
			   client_entry, client_name,
			   server_entry, server_name,
			   TRUE);
    if (ret) {
	make_error_reply (hdr, KAPWEXPIRED, reply);
	goto out;
    }

    /* find a DES key */
    ret = _kdc_get_des_key(context, client_entry, FALSE, TRUE, &ckey);
    if(ret){
	kdc_log(context, config, 0, "no suitable DES key for client");
	make_error_reply (hdr, KANOKEYS, reply);
	goto out;
    }

    /* find a DES key */
    ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey);
    if(ret){
	kdc_log(context, config, 0, "no suitable DES key for server");
	make_error_reply (hdr, KANOKEYS, reply);
	goto out;
    }

    {
	DES_cblock key;
	DES_key_schedule schedule;
	
	/* try to decode the `request' */
	memcpy (&key, ckey->key.keyvalue.data, sizeof(key));
	DES_set_key_unchecked (&key, &schedule);
	DES_pcbc_encrypt (request.data,
			  request.data,
			  request.length,
			  &schedule,
			  &key,
			  DES_DECRYPT);
	memset (&schedule, 0, sizeof(schedule));
	memset (&key, 0, sizeof(key));
    }

    /* check for the magic label */
    if (memcmp ((char *)request.data + 4, "gTGS", 4) != 0) {
	kdc_log(context, config, 0, "preauth failed for %s", client_name);
	make_error_reply (hdr, KABADREQUEST, reply);
	goto out;
    }

    reply_sp = krb5_storage_from_mem (request.data, 4);
    krb5_ret_int32 (reply_sp, &chal);
    krb5_storage_free (reply_sp);

    if (abs(chal - kdc_time) > context->max_skew) {
	make_error_reply (hdr, KACLOCKSKEW, reply);
	goto out;
    }

    /* life */
    max_life = end_time - kdc_time;
    /* end_time - kdc_time can sometimes be non-positive due to slight
       time skew between client and server. Let's make sure it is postive */
    if(max_life < 1)
	max_life = 1;
    if (client_entry->entry.max_life)
	max_life = min(max_life, *client_entry->entry.max_life);
    if (server_entry->entry.max_life)
	max_life = min(max_life, *server_entry->entry.max_life);

    life = krb_time_to_life(kdc_time, kdc_time + max_life);

    create_reply_ticket (context,
			 hdr, skey,
			 name, instance, config->v4_realm,
			 addr, life, server_entry->entry.kvno,
			 max_seq_len,
			 "krbtgt", config->v4_realm,
			 chal + 1, "tgsT",
			 &ckey->key, reply);

 out:
    if (request.length) {
	memset (request.data, 0, request.length);
	krb5_data_free (&request);
    }
    if (name)
	free (name);
    if (instance)
	free (instance);
    if (client_entry)
	_kdc_free_ent (context, client_entry);
    if (server_entry)
	_kdc_free_ent (context, server_entry);
}

Пример #9

Файл: kaserver.c Проект: SimonWilkinson/heimdal

static krb5_error_code
create_reply_ticket (krb5_context context,
		     struct rx_header *hdr,
		     Key *skey,
		     char *name, char *instance, char *realm,
		     struct sockaddr_in *addr,
		     int life,
		     int kvno,
		     int32_t max_seq_len,
		     const char *sname, const char *sinstance,
		     uint32_t challenge,
		     const char *label,
		     krb5_keyblock *key,
		     krb5_data *reply)
{
    krb5_error_code ret;
    krb5_data ticket;
    krb5_keyblock session;
    krb5_storage *sp;
    krb5_data enc_data;
    struct rx_header reply_hdr;
    char zero[8];
    size_t pad;
    unsigned fyrtiosjuelva;

    /* create the ticket */

    krb5_generate_random_keyblock(context, ETYPE_DES_PCBC_NONE, &session);

    _krb5_krb_create_ticket(context,
			    0,
			    name,
			    instance,
			    realm,
			    addr->sin_addr.s_addr,
			    &session,
			    life,
			    kdc_time,
			    sname,
			    sinstance,
			    &skey->key,
			    &ticket);

    /* create the encrypted part of the reply */
    sp = krb5_storage_emem ();
    krb5_generate_random_block(&fyrtiosjuelva, sizeof(fyrtiosjuelva));
    fyrtiosjuelva &= 0xffffffff;
    krb5_store_int32 (sp, fyrtiosjuelva);
    krb5_store_int32 (sp, challenge);
    krb5_storage_write  (sp, session.keyvalue.data, 8);
    krb5_free_keyblock_contents(context, &session);
    krb5_store_int32 (sp, kdc_time);
    krb5_store_int32 (sp, kdc_time + _krb5_krb_life_to_time (0, life));
    krb5_store_int32 (sp, kvno);
    krb5_store_int32 (sp, ticket.length);
    krb5_store_stringz (sp, name);
    krb5_store_stringz (sp, instance);
#if 1 /* XXX - Why shouldn't the realm go here? */
    krb5_store_stringz (sp, "");
#else
    krb5_store_stringz (sp, realm);
#endif
    krb5_store_stringz (sp, sname);
    krb5_store_stringz (sp, sinstance);
    krb5_storage_write (sp, ticket.data, ticket.length);
    krb5_storage_write (sp, label, strlen(label));

    /* pad to DES block */
    memset (zero, 0, sizeof(zero));
    pad = (8 - krb5_storage_seek (sp, 0, SEEK_CUR) % 8) % 8;
    krb5_storage_write (sp, zero, pad);

    krb5_storage_to_data (sp, &enc_data);
    krb5_storage_free (sp);

    if (enc_data.length > max_seq_len) {
	krb5_data_free (&enc_data);
	make_error_reply (hdr, KAANSWERTOOLONG, reply);
	return 0;
    }

    /* encrypt it */
    {
        DES_key_schedule schedule;
	DES_cblock deskey;
	
	memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
	DES_set_key_unchecked (&deskey, &schedule);
	DES_pcbc_encrypt (enc_data.data,
			  enc_data.data,
			  enc_data.length,
			  &schedule,
			  &deskey,
			  DES_ENCRYPT);
	memset (&schedule, 0, sizeof(schedule));
	memset (&deskey, 0, sizeof(deskey));
    }

    /* create the reply packet */
    init_reply_header (hdr, &reply_hdr, HT_DATA, HF_LAST);
    sp = krb5_storage_emem ();
    ret = encode_rx_header (&reply_hdr, sp);
    krb5_store_int32 (sp, max_seq_len);
    krb5_store_xdr_data (sp, enc_data);
    krb5_data_free (&enc_data);
    krb5_storage_to_data (sp, reply);
    krb5_storage_free (sp);
    return 0;
}

Пример #10

Файл: enc_read.cpp Проект: AustinWise/Netduino-Micro-Framework

int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
		 DES_cblock *iv)
	{
#if defined(OPENSSL_NO_POSIX_IO)
	return(0);
#else
	/* data to be unencrypted */
	int net_num=0;
	static unsigned char *net=NULL;
	/* extra unencrypted data 
	 * for when a block of 100 comes in but is des_read one byte at
	 * a time. */
	static unsigned char *unnet=NULL;
	static int unnet_start=0;
	static int unnet_left=0;
	static unsigned char *tmpbuf=NULL;
	int i;
	long num=0,rnum;
	unsigned char *p;

	if (tmpbuf == NULL)
		{
		tmpbuf=(unsigned char*)OPENSSL_malloc(BSIZE);
		if (tmpbuf == NULL) return(-1);
		}
	if (net == NULL)
		{
		net=(unsigned char*)OPENSSL_malloc(BSIZE);
		if (net == NULL) return(-1);
		}
	if (unnet == NULL)
		{
		unnet=(unsigned char*)OPENSSL_malloc(BSIZE);
		if (unnet == NULL) return(-1);
		}
	/* left over data from last decrypt */
	if (unnet_left != 0)
		{
		if (unnet_left < len)
			{
			/* we still still need more data but will return
			 * with the number of bytes we have - should always
			 * check the return value */
			TINYCLR_SSL_MEMCPY(buf,&(unnet[unnet_start]),
			       unnet_left);
			/* eay 26/08/92 I had the next 2 lines
			 * reversed :-( */
			i=unnet_left;
			unnet_start=unnet_left=0;
			}
		else
			{
			TINYCLR_SSL_MEMCPY(buf,&(unnet[unnet_start]),len);
			unnet_start+=len;
			unnet_left-=len;
			i=len;
			}
		return(i);
		}

	/* We need to get more data. */
	if (len > MAXWRITE) len=MAXWRITE;

	/* first - get the length */
	while (net_num < HDRSIZE) 
		{
#ifndef OPENSSL_SYS_WIN32
		i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
#else
		i=_read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
#endif
#ifdef EINTR
		if ((i == -1) && (errno == EINTR)) continue;
#endif
		if (i <= 0) return(0);
		net_num+=i;
		}

	/* we now have at net_num bytes in net */
	p=net;
	/* num=0;  */
	n2l(p,num);
	/* num should be rounded up to the next group of eight
	 * we make sure that we have read a multiple of 8 bytes from the net.
	 */
	if ((num > MAXWRITE) || (num < 0)) /* error */
		return(-1);
	rnum=(num < 8)?8:((num+7)/8*8);

	net_num=0;
	while (net_num < rnum)
		{
#ifndef OPENSSL_SYS_WIN32
		i=read(fd,(void *)&(net[net_num]),rnum-net_num);
#else
		i=_read(fd,(void *)&(net[net_num]),rnum-net_num);
#endif
#ifdef EINTR
		if ((i == -1) && (errno == EINTR)) continue;
#endif
		if (i <= 0) return(0);
		net_num+=i;
		}

	/* Check if there will be data left over. */
	if (len < num)
		{
		if (DES_rw_mode & DES_PCBC_MODE)
			DES_pcbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
		else
			DES_cbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
		TINYCLR_SSL_MEMCPY(buf,unnet,len);
		unnet_start=len;
		unnet_left=num-len;

		/* The following line is done because we return num
		 * as the number of bytes read. */
		num=len;
		}
	else
		{
		/* >output is a multiple of 8 byes, if len < rnum
		 * >we must be careful.  The user must be aware that this
		 * >routine will write more bytes than he asked for.
		 * >The length of the buffer must be correct.
		 * FIXED - Should be ok now 18-9-90 - eay */
		if (len < rnum)
			{

			if (DES_rw_mode & DES_PCBC_MODE)
				DES_pcbc_encrypt(net,tmpbuf,num,sched,iv,
						 DES_DECRYPT);
			else
				DES_cbc_encrypt(net,tmpbuf,num,sched,iv,
						DES_DECRYPT);

			/* eay 26/08/92 fix a bug that returned more
			 * bytes than you asked for (returned len bytes :-( */
			TINYCLR_SSL_MEMCPY(buf,tmpbuf,num);
			}
		else
			{
			if (DES_rw_mode & DES_PCBC_MODE)
				DES_pcbc_encrypt(net,(unsigned char*)buf,num,sched,iv,
						 DES_DECRYPT);
			else
				DES_cbc_encrypt(net,(unsigned char*)buf,num,sched,iv,
						DES_DECRYPT);
			}
		}
	return num;
#endif /* OPENSSL_NO_POSIX_IO */
	}

Пример #11

Файл: destest.c Проект: 277800076/openssl

int main(int argc, char *argv[])
{
    int j, err = 0;
    unsigned int i;
    DES_cblock in, out, outin, iv3;
    DES_key_schedule ks, ks2, ks3;
    unsigned char cbc_in[40];
    unsigned char cbc_out[40];
    DES_LONG cs;
    unsigned char cret[8];
    DES_LONG lqret[4];
    int num;
    char *str;

    printf("Doing ecb\n");
    for (i = 0; i < NUM_TESTS; i++) {
        DES_set_key_unchecked(&key_data[i], &ks);
        memcpy(in, plain_data[i], 8);
        memset(out, 0, 8);
        memset(outin, 0, 8);
        DES_ecb_encrypt(&in, &out, &ks, DES_ENCRYPT);
        DES_ecb_encrypt(&out, &outin, &ks, DES_DECRYPT);

        if (memcmp(out, cipher_data[i], 8) != 0) {
            printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
                   i + 1, pt(key_data[i]), pt(in), pt(cipher_data[i]),
                   pt(out));
            err = 1;
        }
        if (memcmp(in, outin, 8) != 0) {
            printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
                   i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin));
            err = 1;
        }
    }

# ifndef LIBDES_LIT
    printf("Doing ede ecb\n");
    for (i = 0; i < (NUM_TESTS - 2); i++) {
        DES_set_key_unchecked(&key_data[i], &ks);
        DES_set_key_unchecked(&key_data[i + 1], &ks2);
        DES_set_key_unchecked(&key_data[i + 2], &ks3);
        memcpy(in, plain_data[i], 8);
        memset(out, 0, 8);
        memset(outin, 0, 8);
        DES_ecb3_encrypt(&in,&out,&ks,&ks2,&ks,DES_ENCRYPT);
        DES_ecb3_encrypt(&out,&outin,&ks,&ks2,&ks,DES_DECRYPT);

        if (memcmp(out, cipher_ecb2[i], 8) != 0) {
            printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
                   i + 1, pt(key_data[i]), pt(in), pt(cipher_ecb2[i]),
                   pt(out));
            err = 1;
        }
        if (memcmp(in, outin, 8) != 0) {
            printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
                   i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin));
            err = 1;
        }
    }
# endif

    printf("Doing cbc\n");
    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    memset(cbc_out, 0, 40);
    memset(cbc_in, 0, 40);
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
    DES_ncbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
                     &iv3, DES_ENCRYPT);
    if (memcmp(cbc_out, cbc_ok, 32) != 0) {
        printf("cbc_encrypt encrypt error\n");
        err = 1;
    }

    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
    DES_ncbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
                     &iv3, DES_DECRYPT);
    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data)) != 0) {
        printf("cbc_encrypt decrypt error\n");
        err = 1;
    }
# ifndef LIBDES_LIT
    printf("Doing desx cbc\n");
    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    memset(cbc_out, 0, 40);
    memset(cbc_in, 0, 40);
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
    DES_xcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
                     &iv3, &cbc2_key, &cbc3_key, DES_ENCRYPT);
    if (memcmp(cbc_out, xcbc_ok, 32) != 0) {
        printf("des_xcbc_encrypt encrypt error\n");
        err = 1;
    }
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
    DES_xcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
                     &iv3, &cbc2_key, &cbc3_key, DES_DECRYPT);
    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
        printf("des_xcbc_encrypt decrypt error\n");
        err = 1;
    }
# endif

    printf("Doing ede cbc\n");
    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    if ((j = DES_set_key_checked(&cbc2_key, &ks2)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    if ((j = DES_set_key_checked(&cbc3_key, &ks3)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    memset(cbc_out, 0, 40);
    memset(cbc_in, 0, 40);
    i = strlen((char *)cbc_data) + 1;
    /* i=((i+7)/8)*8; */
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));

    DES_ede3_cbc_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3,
                         DES_ENCRYPT);
    DES_ede3_cbc_encrypt(&(cbc_data[16]), &(cbc_out[16]), i - 16, &ks, &ks2,
                         &ks3, &iv3, DES_ENCRYPT);
    if (memcmp
        (cbc_out, cbc3_ok,
         (unsigned int)(strlen((char *)cbc_data) + 1 + 7) / 8 * 8) != 0) {
        unsigned int n;

        printf("des_ede3_cbc_encrypt encrypt error\n");
        for (n = 0; n < i; ++n)
            printf(" %02x", cbc_out[n]);
        printf("\n");
        for (n = 0; n < i; ++n)
            printf(" %02x", cbc3_ok[n]);
        printf("\n");
        err = 1;
    }

    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
    DES_ede3_cbc_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, DES_DECRYPT);
    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
        unsigned int n;

        printf("DES_ede3_cbc_encrypt decrypt error\n");
        for (n = 0; n < i; ++n)
            printf(" %02x", cbc_data[n]);
        printf("\n");
        for (n = 0; n < i; ++n)
            printf(" %02x", cbc_in[n]);
        printf("\n");
        err = 1;
    }
# ifndef LIBDES_LIT
    printf("Doing pcbc\n");
    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    memset(cbc_out, 0, 40);
    memset(cbc_in, 0, 40);
    DES_pcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
                     &cbc_iv, DES_ENCRYPT);
    if (memcmp(cbc_out, pcbc_ok, 32) != 0) {
        printf("pcbc_encrypt encrypt error\n");
        err = 1;
    }
    DES_pcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
                     &cbc_iv, DES_DECRYPT);
    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
        printf("pcbc_encrypt decrypt error\n");
        err = 1;
    }

    printf("Doing ");
    printf("cfb8 ");
    err += cfb_test(8, cfb_cipher8);
    printf("cfb16 ");
    err += cfb_test(16, cfb_cipher16);
    printf("cfb32 ");
    err += cfb_test(32, cfb_cipher32);
    printf("cfb48 ");
    err += cfb_test(48, cfb_cipher48);
    printf("cfb64 ");
    err += cfb_test(64, cfb_cipher64);

    printf("cfb64() ");
    err += cfb64_test(cfb_cipher64);

    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
    for (i = 0; i < sizeof(plain); i++)
        DES_cfb_encrypt(&(plain[i]), &(cfb_buf1[i]),
                        8, 1, &ks, &cfb_tmp, DES_ENCRYPT);
    if (memcmp(cfb_cipher8, cfb_buf1, sizeof(plain)) != 0) {
        printf("cfb_encrypt small encrypt error\n");
        err = 1;
    }

    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
    for (i = 0; i < sizeof(plain); i++)
        DES_cfb_encrypt(&(cfb_buf1[i]), &(cfb_buf2[i]),
                        8, 1, &ks, &cfb_tmp, DES_DECRYPT);
    if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
        printf("cfb_encrypt small decrypt error\n");
        err = 1;
    }

    printf("ede_cfb64() ");
    err += ede_cfb64_test(cfb_cipher64);

    printf("done\n");

    printf("Doing ofb\n");
    DES_set_key_checked(&ofb_key, &ks);
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    DES_ofb_encrypt(plain, ofb_buf1, 64, sizeof(plain) / 8, &ks, &ofb_tmp);
    if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
        printf("ofb_encrypt encrypt error\n");
        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
               ofb_buf1[8 + 0], ofb_buf1[8 + 1], ofb_buf1[8 + 2],
               ofb_buf1[8 + 3], ofb_buf1[8 + 4], ofb_buf1[8 + 5],
               ofb_buf1[8 + 6], ofb_buf1[8 + 7]);
        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf1[8 + 0],
               ofb_cipher[8 + 1], ofb_cipher[8 + 2], ofb_cipher[8 + 3],
               ofb_buf1[8 + 4], ofb_cipher[8 + 5], ofb_cipher[8 + 6],
               ofb_cipher[8 + 7]);
        err = 1;
    }
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    DES_ofb_encrypt(ofb_buf1, ofb_buf2, 64, sizeof(ofb_buf1) / 8, &ks,
                    &ofb_tmp);
    if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
        printf("ofb_encrypt decrypt error\n");
        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
               ofb_buf2[8 + 0], ofb_buf2[8 + 1], ofb_buf2[8 + 2],
               ofb_buf2[8 + 3], ofb_buf2[8 + 4], ofb_buf2[8 + 5],
               ofb_buf2[8 + 6], ofb_buf2[8 + 7]);
        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", plain[8 + 0],
               plain[8 + 1], plain[8 + 2], plain[8 + 3], plain[8 + 4],
               plain[8 + 5], plain[8 + 6], plain[8 + 7]);
        err = 1;
    }

    printf("Doing ofb64\n");
    DES_set_key_checked(&ofb_key, &ks);
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    memset(ofb_buf1, 0, sizeof(ofb_buf1));
    memset(ofb_buf2, 0, sizeof(ofb_buf1));
    num = 0;
    for (i = 0; i < sizeof(plain); i++) {
        DES_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ofb_tmp, &num);
    }
    if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
        printf("ofb64_encrypt encrypt error\n");
        err = 1;
    }
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    num = 0;
    DES_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ofb_tmp,
                      &num);
    if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
        printf("ofb64_encrypt decrypt error\n");
        err = 1;
    }

    printf("Doing ede_ofb64\n");
    DES_set_key_checked(&ofb_key, &ks);
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    memset(ofb_buf1, 0, sizeof(ofb_buf1));
    memset(ofb_buf2, 0, sizeof(ofb_buf1));
    num = 0;
    for (i = 0; i < sizeof(plain); i++) {
        DES_ede3_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ks,
                               &ks, &ofb_tmp, &num);
    }
    if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
        printf("ede_ofb64_encrypt encrypt error\n");
        err = 1;
    }
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    num = 0;
    DES_ede3_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ks, &ks,
                           &ofb_tmp, &num);
    if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
        printf("ede_ofb64_encrypt decrypt error\n");
        err = 1;
    }

    printf("Doing cbc_cksum\n");
    DES_set_key_checked(&cbc_key, &ks);
    cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks,
                       &cbc_iv);
    if (cs != cbc_cksum_ret) {
        printf("bad return value (%08lX), should be %08lX\n",
               (unsigned long)cs, (unsigned long)cbc_cksum_ret);
        err = 1;
    }
    if (memcmp(cret, cbc_cksum_data, 8) != 0) {
        printf("bad cbc_cksum block returned\n");
        err = 1;
    }

    printf("Doing quad_cksum\n");
    cs = DES_quad_cksum(cbc_data, (DES_cblock *)lqret,
                        (long)strlen((char *)cbc_data), 2,
                        (DES_cblock *)cbc_iv);
    if (cs != 0x70d7a63aL) {
        printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
               (unsigned long)cs);
        err = 1;
    }
    if (lqret[0] != 0x327eba8dL) {
        printf("quad_cksum error, out[0] %08lx is not %08lx\n",
               (unsigned long)lqret[0], 0x327eba8dUL);
        err = 1;
    }
    if (lqret[1] != 0x201a49ccL) {
        printf("quad_cksum error, out[1] %08lx is not %08lx\n",
               (unsigned long)lqret[1], 0x201a49ccUL);
        err = 1;
    }
    if (lqret[2] != 0x70d7a63aL) {
        printf("quad_cksum error, out[2] %08lx is not %08lx\n",
               (unsigned long)lqret[2], 0x70d7a63aUL);
        err = 1;
    }
    if (lqret[3] != 0x501c2c26L) {
        printf("quad_cksum error, out[3] %08lx is not %08lx\n",
               (unsigned long)lqret[3], 0x501c2c26UL);
        err = 1;
    }
# endif

    printf("input word alignment test");
    for (i = 0; i < 4; i++) {
        printf(" %d", i);
        DES_ncbc_encrypt(&(cbc_out[i]), cbc_in,
                         strlen((char *)cbc_data) + 1, &ks,
                         &cbc_iv, DES_ENCRYPT);
    }
    printf("\noutput word alignment test");
    for (i = 0; i < 4; i++) {
        printf(" %d", i);
        DES_ncbc_encrypt(cbc_out, &(cbc_in[i]),
                         strlen((char *)cbc_data) + 1, &ks,
                         &cbc_iv, DES_ENCRYPT);
    }
    printf("\n");
    printf("fast crypt test ");
    str = crypt("testing", "ef");
    if (strcmp("efGnQx2725bI2", str) != 0) {
        printf("fast crypt error, %s should be efGnQx2725bI2\n", str);
        err = 1;
    }
    str = crypt("bca76;23", "yA");
    if (strcmp("yA1Rp/1hZXIJk", str) != 0) {
        printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n", str);
        err = 1;
    }
    printf("\n");
    return (err);
}

Пример #12

Файл: des_old.c Проект: yyyyyao/Slicer3-lib-mirrors

void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
  des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc)
  {
  DES_pcbc_encrypt((unsigned char *)input, (unsigned char *)output,
    length, (DES_key_schedule *)schedule, ivec, enc);
  }