int main(void) { unsigned char in[BUFSIZE], encrypted[BUFSIZE], decrypted[BUFSIZE]; unsigned char *e = encrypted; int len; DES_cblock key1, key2, key3; DES_cblock seed = {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}; DES_key_schedule ks1, ks2, ks3; DES_cblock ivsetup = {0xE1, 0xE2, 0xE3, 0xD4, 0xD5, 0xC6, 0xC7, 0xA8}; DES_cblock ivec; memset(in, 0, sizeof(in)); memset(encrypted, 0, sizeof(encrypted)); memset(decrypted, 0, sizeof(decrypted)); RAND_seed(seed, sizeof(DES_cblock)); DES_random_key(&key1); DES_random_key(&key2); DES_random_key(&key2); DES_set_key((DES_cblock *)key1, &ks1); DES_set_key((DES_cblock *)key2, &ks2); DES_set_key((DES_cblock *)key3, &ks3); /* plaintext */ strcpy(in, "this is a string encrypted with triple des. it is 64 bytes long."); printf("Plaintext: [%s]\n", in); len = strlen(in); memcpy(ivec, ivsetup, sizeof(ivsetup)); DES_ede3_cbc_encrypt(in, encrypted, len, &ks1, &ks2, &ks3, &ivec, DES_ENCRYPT); printf("Ciphertext:"); while (*e) printf(" [%02x]", *e++); printf("\n"); len = strlen(encrypted); memcpy(ivec, ivsetup, sizeof(ivsetup)); DES_ede3_cbc_encrypt(encrypted, decrypted, len, &ks1, &ks2, &ks3, &ivec, DES_DECRYPT); printf("Decrypted Text: [%s]\n", decrypted); exit(0); }
CK_RV sw_des3_cbc(CK_BYTE * in_data, CK_ULONG in_data_len, CK_BYTE *out_data, CK_ULONG *out_data_len, CK_BYTE *init_v, CK_BYTE *key_value, CK_BYTE encrypt) { DES_key_schedule des_key1; DES_key_schedule des_key2; DES_key_schedule des_key3; const_DES_cblock key_SSL1, key_SSL2, key_SSL3; DES_cblock ivec; // the des decrypt will only fail if the data length is not evenly divisible // by 8 if (in_data_len % 8) { TRACE_ERROR("%s\n", ock_err(ERR_DATA_LEN_RANGE)); return CKR_DATA_LEN_RANGE; } // The key as passed in is a 24 byte string containing 3 keys // pick it apart and create the key schedules memcpy(&key_SSL1, key_value, (size_t)8); memcpy(&key_SSL2, key_value+8, (size_t)8); memcpy(&key_SSL3, key_value+16, (size_t)8); DES_set_key_unchecked(&key_SSL1, &des_key1); DES_set_key_unchecked(&key_SSL2, &des_key2); DES_set_key_unchecked(&key_SSL3, &des_key3); memcpy(ivec, init_v, sizeof(ivec)); // Encrypt or decrypt the data if (encrypt) { DES_ede3_cbc_encrypt(in_data, out_data, in_data_len, &des_key1, &des_key2, &des_key3, &ivec, DES_ENCRYPT); *out_data_len = in_data_len; } else { DES_ede3_cbc_encrypt(in_data, out_data, in_data_len, &des_key1, &des_key2, &des_key3, &ivec, DES_DECRYPT); *out_data_len = in_data_len; } return CKR_OK; }
static void cbc3_test(char key1[8], char key2[8], char key3[8], char iv[8], char in[24], char out[24]) { unsigned char k1[8], k2[8], k3[8], indata[24], outdata[24], outdata2[24], ansdata[24]; DES_key_schedule s1, s2, s3; DES_cblock ivdata, ivec_copy; memcpy(k1, key1, 8); memcpy(k2, key2, 8); memcpy(k3, key3, 8); memcpy(ivdata, iv, 8); memcpy(indata, in, 24); memcpy(ansdata, out, 24); DES_set_odd_parity(&k1); DES_set_odd_parity(&k2); DES_set_odd_parity(&k3); DES_set_key_unchecked(&k1, &s1); DES_set_key_unchecked(&k2, &s2); DES_set_key_unchecked(&k3, &s3); memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy)); DES_ede3_cbc_encrypt(indata, outdata, 24, &s1, &s2, &s3, &ivec_copy, 1); if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) errx(1, "cbc3: encrypt"); memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy)); DES_ede3_cbc_encrypt(outdata, outdata2, 24, &s1, &s2, &s3, &ivec_copy, 0); if (memcmp(indata, outdata2, sizeof(outdata2)) != 0) errx(1, "cbc3: decrypt"); }
int perf() { DES_cblock key1, key2, key3, iv; DES_key_schedule ks1, ks2, ks3; char* payload = (char*)malloc(64); int i; uint64_t start, end; memcpy(payload, "hello world hello world hello world\n", 64); // 1. Key & IV Extract memcpy(key1, "aeaeaeae", 8); memcpy(key2, "aeaeaeae", 8); memcpy(key3, "aeaeaeae", 8); memcpy(iv, "aeaeaeae", 8); DES_set_odd_parity(&key1); DES_set_odd_parity(&key2); DES_set_odd_parity(&key3); // Key Validation Check if(DES_set_key_checked(&key1, &ks1) || DES_set_key_checked(&key2, &ks2) || DES_set_key_checked(&key3, &ks3)) { printf("DES_set_key_checked Error\n"); } start = cpu_tsc(); for(i = 0; i < 1000000; i++) { DES_ede3_cbc_encrypt((const unsigned char*)payload, (unsigned char*)payload, 64 , &ks1, &ks2, &ks3, &iv, DES_ENCRYPT); } end = cpu_tsc(); printf("encrpytion time : %ld\n", (end-start)/10000); start = cpu_tsc(); for(i = 0; i < 1000000; i++) { DES_ede3_cbc_encrypt((const unsigned char*)payload, (unsigned char*)payload, 64 , &ks1, &ks2, &ks3, &iv, DES_DECRYPT); } end = cpu_tsc(); printf("decryption time : %ld\n", (end-start)/10000); return 0; }
static int kcdecrypt(unsigned char *key, unsigned char *iv, unsigned char *data) { unsigned char out[CTLEN]; int pad, n, i; DES_cblock key1, key2, key3; DES_cblock ivec; DES_key_schedule ks1, ks2, ks3; memset(out, 0, sizeof(out)); memcpy(key1, key, 8); memcpy(key2, key + 8, 8); memcpy(key3, key + 16, 8); DES_set_key((C_Block *) key1, &ks1); DES_set_key((C_Block *) key2, &ks2); DES_set_key((C_Block *) key3, &ks3); memcpy(ivec, iv, 8); DES_ede3_cbc_encrypt(data, out, CTLEN, &ks1, &ks2, &ks3, &ivec, DES_DECRYPT); // now check padding pad = out[47]; if(pad > 8) // "Bad padding byte. You probably have a wrong password" return -1; if(pad != 4) /* possible bug here, is this assumption always valid? */ return -1; n = CTLEN - pad; for(i = n; i < CTLEN; i++) if(out[i] != pad) // "Bad padding. You probably have a wrong password" return -1; return 0; }
static void des3_decrypt(struct crypto_struct *cipher, void *in, void *out, unsigned long len, void *IV) { DES_ede3_cbc_encrypt(in, out, len, cipher->key, cipher->key + sizeof(DES_key_schedule), cipher->key + 2 * sizeof(DES_key_schedule), IV, 0); }
static void des3_decrypt(struct ssh_cipher_struct *cipher, void *in, void *out, unsigned long len) { DES_ede3_cbc_encrypt(in, out, len, cipher->key, (void*)((uint8_t*)cipher->key + sizeof(DES_key_schedule)), (void*)((uint8_t*)cipher->key + 2 * sizeof(DES_key_schedule)), cipher->IV, 0); }
void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output, long length, des_key_schedule ks1, des_key_schedule ks2, des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc) { DES_ede3_cbc_encrypt((unsigned char *)input, (unsigned char *)output, length, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2, (DES_key_schedule *)ks3, ivec, enc); }
static int des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, size_t in_len) { DES_EDE_KEY *dat = (DES_EDE_KEY*) ctx->cipher_data; DES_ede3_cbc_encrypt(in, out, in_len, &dat->ks.ks[0], &dat->ks.ks[1], &dat->ks.ks[2], (DES_cblock *)ctx->iv, ctx->encrypt); return 1; }
void des3_decrypt(struct keystate *ks, u_int8_t *data, u_int16_t len) { u_int8_t iv[MAXBLK]; memcpy(iv, ks->riv, ks->xf->blocksize); DES_ede3_cbc_encrypt((void *)data, (void *)data, len, &ks->ks_des[0], &ks->ks_des[1], &ks->ks_des[2], (void *)iv, DES_DECRYPT); }
static int ossl_des3_cbc_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen, uint8 *res) { ossldata *od = c->ptr; DES_ede3_cbc_encrypt(data, res, dlen, &od->u.des3.k1, &od->u.des3.k2, &od->u.des3.k3, (DES_cblock *) od->iv, 0); return 0; }
int encrypt_des(DES_cblock *cblock, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, char *cipher, char *string, int stringLen) { DES_ede3_cbc_encrypt((const unsigned char*)string, (unsigned char*)cipher, stringLen, ks1, ks2, ks3, cblock, DES_ENCRYPT); printf("Encrypted : %32.32s\n",cipher); return 0; }
static int des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int size) { struct des_ede3_cbc *k = ctx->cipher_data; DES_ede3_cbc_encrypt(in, out, size, &k->ks[0], &k->ks[1], &k->ks[2], (DES_cblock *)ctx->iv, ctx->encrypt); return 1; }
static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) { #ifdef KSSL_DEBUG { int i; char *cp; printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len); printf("\t iv= "); for(i=0;i<8;i++) printf("%02X",ctx->iv[i]); printf("\n"); } #endif /* KSSL_DEBUG */ DES_ede3_cbc_encrypt(in, out, (long)inl, &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, (DES_cblock *)ctx->iv, ctx->encrypt); return 1; }
int decrypt_des(char *cipher, char *text, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *cblock, int cipherLen) { // You need to start with the same cblock value memset(cblock,0,sizeof(DES_cblock)); DES_set_odd_parity(cblock); //----------------------------------------------- // I think you need to use 32 for the cipher len. // You can't use strlen(cipher) because if there // is a 0x00 in the middle of the cipher strlen // will stop there and the length would be short DES_ede3_cbc_encrypt((const unsigned char*)cipher, (unsigned char*)text, cipherLen, ks1, ks2, ks3, cblock,DES_DECRYPT); printf("Decrypted : %s\n",text); return 0; }
/** Performs TDES decryption on a data buffer of the specified size in CBC mode. This function performs TDES decryption on data buffer pointed by Input, of specified size of InputSize, in CBC mode. InputSize must be multiple of block size (8 bytes). This function does not perform padding. Caller must perform padding, if necessary, to ensure valid input data size. Initialization vector should be one block size (8 bytes). TdesContext should be already correctly initialized by TdesInit(). Behavior with invalid TDES context is undefined. If TdesContext is NULL, then return FALSE. If Input is NULL, then return FALSE. If InputSize is not multiple of block size (8 bytes), then return FALSE. If Ivec is NULL, then return FALSE. If Output is NULL, then return FALSE. @param[in] TdesContext Pointer to the TDES context. @param[in] Input Pointer to the buffer containing the data to be encrypted. @param[in] InputSize Size of the Input buffer in bytes. @param[in] Ivec Pointer to initialization vector. @param[out] Output Pointer to a buffer that receives the TDES encryption output. @retval TRUE TDES decryption succeeded. @retval FALSE TDES decryption failed. **/ BOOLEAN EFIAPI TdesCbcDecrypt ( IN VOID *TdesContext, IN CONST UINT8 *Input, IN UINTN InputSize, IN CONST UINT8 *Ivec, OUT UINT8 *Output ) { DES_key_schedule *KeySchedule; UINT8 IvecBuffer[TDES_BLOCK_SIZE]; // // Check input parameters. // if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0) { return FALSE; } if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) { return FALSE; } KeySchedule = (DES_key_schedule *) TdesContext; CopyMem (IvecBuffer, Ivec, TDES_BLOCK_SIZE); DES_ede3_cbc_encrypt ( Input, Output, (UINT32) InputSize, KeySchedule, KeySchedule + 1, KeySchedule + 2, (DES_cblock *) IvecBuffer, DES_DECRYPT ); return TRUE; }
odp_packet_t create_ipv4_packet(stream_db_entry_t *stream, uint8_t *dmac, odp_pool_t pkt_pool) { ipsec_cache_entry_t *entry = NULL; odp_packet_t pkt; uint8_t *base; uint8_t *data; odph_ethhdr_t *eth; odph_ipv4hdr_t *ip; odph_ipv4hdr_t *inner_ip = NULL; odph_ahhdr_t *ah = NULL; odph_esphdr_t *esp = NULL; odph_icmphdr_t *icmp; stream_pkt_hdr_t *test; unsigned i; if (stream->input.entry) entry = stream->input.entry; else if (stream->output.entry) entry = stream->output.entry; /* Get packet */ pkt = odp_packet_alloc(pkt_pool, 0); if (ODP_PACKET_INVALID == pkt) return ODP_PACKET_INVALID; base = odp_packet_data(pkt); data = odp_packet_data(pkt); /* Ethernet */ odp_packet_has_eth_set(pkt, 1); eth = (odph_ethhdr_t *)data; data += sizeof(*eth); memset((char *)eth->src.addr, (0x80 | stream->id), ODPH_ETHADDR_LEN); memcpy((char *)eth->dst.addr, dmac, ODPH_ETHADDR_LEN); eth->type = odp_cpu_to_be_16(ODPH_ETHTYPE_IPV4); /* IPv4 */ odp_packet_has_ipv4_set(pkt, 1); ip = (odph_ipv4hdr_t *)data; data += sizeof(*ip); /* Wait until almost finished to fill in mutable fields */ memset((char *)ip, 0, sizeof(*ip)); ip->ver_ihl = 0x45; ip->id = odp_cpu_to_be_16(stream->id); /* Outer IP header in tunnel mode */ if (entry && entry->mode == IPSEC_SA_MODE_TUNNEL && (entry == stream->input.entry)) { ip->proto = ODPH_IPV4; ip->src_addr = odp_cpu_to_be_32(entry->tun_src_ip); ip->dst_addr = odp_cpu_to_be_32(entry->tun_dst_ip); } else { ip->proto = ODPH_IPPROTO_ICMP; ip->src_addr = odp_cpu_to_be_32(stream->src_ip); ip->dst_addr = odp_cpu_to_be_32(stream->dst_ip); } /* AH (if specified) */ if (entry && (entry == stream->input.entry) && (ODP_AUTH_ALG_NULL != entry->ah.alg)) { if (ODP_AUTH_ALG_MD5_96 != entry->ah.alg) abort(); ah = (odph_ahhdr_t *)data; data += sizeof(*ah); data += entry->ah.icv_len; memset((char *)ah, 0, sizeof(*ah) + entry->ah.icv_len); ah->ah_len = 1 + (entry->ah.icv_len / 4); ah->spi = odp_cpu_to_be_32(entry->ah.spi); ah->seq_no = odp_cpu_to_be_32(stream->input.ah_seq++); } /* ESP (if specified) */ if (entry && (entry == stream->input.entry) && (ODP_CIPHER_ALG_NULL != entry->esp.alg)) { if (ODP_CIPHER_ALG_3DES_CBC != entry->esp.alg) abort(); esp = (odph_esphdr_t *)data; data += sizeof(*esp); data += entry->esp.iv_len; esp->spi = odp_cpu_to_be_32(entry->esp.spi); esp->seq_no = odp_cpu_to_be_32(stream->input.esp_seq++); RAND_bytes(esp->iv, 8); } /* Inner IP header in tunnel mode */ if (entry && (entry == stream->input.entry) && (entry->mode == IPSEC_SA_MODE_TUNNEL)) { inner_ip = (odph_ipv4hdr_t *)data; memset((char *)inner_ip, 0, sizeof(*inner_ip)); inner_ip->ver_ihl = 0x45; inner_ip->proto = ODPH_IPPROTO_ICMP; inner_ip->id = odp_cpu_to_be_16(stream->id); inner_ip->ttl = 64; inner_ip->tos = 0; inner_ip->frag_offset = 0; inner_ip->src_addr = odp_cpu_to_be_32(stream->src_ip); inner_ip->dst_addr = odp_cpu_to_be_32(stream->dst_ip); inner_ip->chksum = odp_chksum(inner_ip, sizeof(*inner_ip)); data += sizeof(*inner_ip); } /* ICMP header so we can see it on wireshark */ icmp = (odph_icmphdr_t *)data; data += sizeof(*icmp); icmp->type = ICMP_ECHO; icmp->code = 0; icmp->un.echo.id = odp_cpu_to_be_16(0x1234); icmp->un.echo.sequence = odp_cpu_to_be_16(stream->created); /* Packet payload of incrementing bytes */ test = (stream_pkt_hdr_t *)data; data += sizeof(*test); test->magic = odp_cpu_to_be_64(STREAM_MAGIC); for (i = 0; i < stream->length; i++) *data++ = (uint8_t)i; /* Close ICMP */ icmp->chksum = 0; icmp->chksum = odp_chksum(icmp, data - (uint8_t *)icmp); /* Close ESP if specified */ if (esp) { int payload_len = data - (uint8_t *)icmp; uint8_t *encrypt_start = (uint8_t *)icmp; if (entry->mode == IPSEC_SA_MODE_TUNNEL) { payload_len = data - (uint8_t *)inner_ip; encrypt_start = (uint8_t *)inner_ip; } int encrypt_len; odph_esptrl_t *esp_t; DES_key_schedule ks1, ks2, ks3; uint8_t iv[8]; memcpy(iv, esp->iv, sizeof(iv)); encrypt_len = ESP_ENCODE_LEN(payload_len + sizeof(*esp_t), entry->esp.block_len); memset(data, 0, encrypt_len - payload_len); data += encrypt_len - payload_len; esp_t = (odph_esptrl_t *)(data) - 1; esp_t->pad_len = encrypt_len - payload_len - sizeof(*esp_t); esp_t->next_header = ip->proto; ip->proto = ODPH_IPPROTO_ESP; DES_set_key((DES_cblock *)&entry->esp.key.data[0], &ks1); DES_set_key((DES_cblock *)&entry->esp.key.data[8], &ks2); DES_set_key((DES_cblock *)&entry->esp.key.data[16], &ks3); DES_ede3_cbc_encrypt(encrypt_start, encrypt_start, encrypt_len, &ks1, &ks2, &ks3, (DES_cblock *)iv, 1); } /* Since ESP can pad we can now fix IP length */ ip->tot_len = odp_cpu_to_be_16(data - (uint8_t *)ip); /* Close AH if specified */ if (ah) { uint8_t hash[EVP_MAX_MD_SIZE]; int auth_len = data - (uint8_t *)ip; ah->next_header = ip->proto; ip->proto = ODPH_IPPROTO_AH; HMAC(EVP_md5(), entry->ah.key.data, entry->ah.key.length, (uint8_t *)ip, auth_len, hash, NULL); memcpy(ah->icv, hash, 12); } /* Correct set packet length offsets */ odp_packet_push_tail(pkt, data - base); odp_packet_l2_offset_set(pkt, (uint8_t *)eth - base); odp_packet_l3_offset_set(pkt, (uint8_t *)ip - base); odp_packet_l4_offset_set(pkt, ((uint8_t *)ip - base) + sizeof(*ip)); /* Now fill in final IP header fields */ ip->ttl = 64; ip->tos = 0; ip->frag_offset = 0; ip->chksum = 0; odph_ipv4_csum_update(pkt); return pkt; }
odp_bool_t verify_ipv4_packet(stream_db_entry_t *stream, odp_packet_t pkt) { ipsec_cache_entry_t *entry = NULL; uint8_t *data; odph_ipv4hdr_t *ip; odph_ahhdr_t *ah = NULL; odph_esphdr_t *esp = NULL; int hdr_len; odph_icmphdr_t *icmp; stream_pkt_hdr_t *test; uint32_t src_ip, dst_ip; if (stream->input.entry) entry = stream->input.entry; else if (stream->output.entry) entry = stream->output.entry; /* Basic IPv4 verify (add checksum verification) */ data = odp_packet_l3_ptr(pkt, NULL); ip = (odph_ipv4hdr_t *)data; data += sizeof(*ip); if (0x45 != ip->ver_ihl) return FALSE; src_ip = odp_be_to_cpu_32(ip->src_addr); dst_ip = odp_be_to_cpu_32(ip->dst_addr); if ((stream->src_ip != src_ip) && stream->output.entry && (stream->output.entry->tun_src_ip != src_ip)) return FALSE; if ((stream->dst_ip != dst_ip) && stream->output.entry && (stream->output.entry->tun_dst_ip != dst_ip)) return FALSE; if ((stream->src_ip != src_ip) && stream->input.entry && (stream->input.entry->tun_src_ip != src_ip)) return FALSE; if ((stream->dst_ip != dst_ip) && stream->input.entry && (stream->input.entry->tun_dst_ip != dst_ip)) return FALSE; /* Find IPsec headers if any and compare against entry */ hdr_len = locate_ipsec_headers(ip, &ah, &esp); /* Cleartext packet */ if (!ah && !esp) goto clear_packet; if (ah) { if (!entry) return FALSE; if (ODP_AUTH_ALG_NULL == entry->ah.alg) return FALSE; if (odp_be_to_cpu_32(ah->spi) != entry->ah.spi) return FALSE; if (ODP_AUTH_ALG_MD5_96 != entry->ah.alg) abort(); } else { if (entry && (ODP_AUTH_ALG_NULL != entry->ah.alg)) return FALSE; } if (esp) { if (!entry) return FALSE; if (ODP_CIPHER_ALG_NULL == entry->esp.alg) return FALSE; if (odp_be_to_cpu_32(esp->spi) != entry->esp.spi) return FALSE; if (ODP_CIPHER_ALG_3DES_CBC != entry->esp.alg) abort(); hdr_len += entry->esp.iv_len; } else { if (entry && (ODP_CIPHER_ALG_NULL != entry->esp.alg)) return FALSE; } data += hdr_len; /* Verify authentication (if present) */ if (ah) { uint8_t ip_tos; uint8_t ip_ttl; uint16_t ip_frag_offset; uint8_t icv[12]; uint8_t hash[EVP_MAX_MD_SIZE]; /* Save/clear mutable fields */ ip_tos = ip->tos; ip_ttl = ip->ttl; ip_frag_offset = odp_be_to_cpu_16(ip->frag_offset); ip->tos = 0; ip->ttl = 0; ip->frag_offset = 0; ip->chksum = 0; memcpy(icv, ah->icv, 12); memset(ah->icv, 0, 12); /* Calculate HMAC and compare */ HMAC(EVP_md5(), entry->ah.key.data, entry->ah.key.length, (uint8_t *)ip, odp_be_to_cpu_16(ip->tot_len), hash, NULL); if (0 != memcmp(icv, hash, sizeof(icv))) return FALSE; ip->proto = ah->next_header; ip->tos = ip_tos; ip->ttl = ip_ttl; ip->frag_offset = odp_cpu_to_be_16(ip_frag_offset); } /* Decipher if present */ if (esp) { odph_esptrl_t *esp_t; DES_key_schedule ks1, ks2, ks3; uint8_t iv[8]; int encrypt_len = ipv4_data_len(ip) - hdr_len; memcpy(iv, esp->iv, sizeof(iv)); DES_set_key((DES_cblock *)&entry->esp.key.data[0], &ks1); DES_set_key((DES_cblock *)&entry->esp.key.data[8], &ks2); DES_set_key((DES_cblock *)&entry->esp.key.data[16], &ks3); DES_ede3_cbc_encrypt((uint8_t *)data, (uint8_t *)data, encrypt_len, &ks1, &ks2, &ks3, (DES_cblock *)iv, 0); esp_t = (odph_esptrl_t *)(data + encrypt_len) - 1; ip->proto = esp_t->next_header; } clear_packet: /* Verify IP/ICMP packet */ if (entry && (entry->mode == IPSEC_SA_MODE_TUNNEL) && (ah || esp)) { if (ODPH_IPV4 != ip->proto) return FALSE; odph_ipv4hdr_t *inner_ip = (odph_ipv4hdr_t *)data; icmp = (odph_icmphdr_t *)(inner_ip + 1); data = (uint8_t *)icmp; } else { if (ODPH_IPPROTO_ICMP != ip->proto) return FALSE; icmp = (odph_icmphdr_t *)data; } /* Verify ICMP header */ data += sizeof(*icmp); if (ICMP_ECHO != icmp->type) return FALSE; if (0x1234 != odp_be_to_cpu_16(icmp->un.echo.id)) return FALSE; /* Now check our packet */ test = (stream_pkt_hdr_t *)data; if (STREAM_MAGIC != odp_be_to_cpu_64(test->magic)) return FALSE; return TRUE; }
int dec(char *sopath,char *filename) { //printf("you are in the enc program\n"); SHA_CTX md; DES_key_schedule schedule1; DES_key_schedule schedule2; DES_key_schedule schedule3; FILE *fp; char DES_output[9],DES_input[9]; unsigned char buffer[10]; char ch; unsigned char digest[20],file_digest[20]; int count,i,len_of_pass,verify=0,n,last_byte_size,to_read_upto,count_buf_size,temp_count; unsigned char random_bits1[20],random_bits2[20],DES_key1[8],DES_key2[8],DES_key3[8],IV[8]; char *buf,*buff; if(RAND_bytes(random_bits1,20)==0) { fprintf(stderr,"Error obtaining 20 bytes of random bits from OPENSSL\n"); exit(1); } if(RAND_bytes(random_bits2,20)==0) { fprintf(stderr,"Error obtaining 20 bytes of random bits from OPENSSL\n"); exit(1); } /************************************** COMPUTE SHA1 OF FILE **************************************/ if((fp=fopen(filename,"rb"))==NULL) { fprintf(stderr,"(%s file does not exist)\n",filename); exit(1); } count=0; while(fread(&ch,1,1,fp)) { if(count==0) { if(ch!='H') { fprintf(stderr,"(%s is not generated by the enc command)\n",filename); exit(1); } } if(count==1) { if(ch!='W') { fprintf(stderr,"(%s is not generated by the enc command)\n",filename); } } if(count==2) { if(ch!='4') { fprintf(stderr,"(%s is not generated by the enc command)\n",filename); } } count++; } fclose(fp); if((fp=fopen(filename,"rb"))==NULL) { fprintf(stderr,"(%s is not generated by enc command)\n",filename); exit(1); } SHA1_Init(&md); while((count=fread(&buffer,1,10,fp))) { SHA1_Update(&md,buffer,count); } SHA1_Final(file_digest,&md); /* for(i=0;i<20;i++) { printf("%02x",file_digest[i]); }*/ /************************************** ASK FOR PASSWORD FOR DES **************************************/ buf=(char *)malloc(4096*sizeof(char)); buff=(char *)malloc(4096*sizeof(char)); des_read_pw(buf,buff,4096,"Enter passphrase for DES decryption: ",verify); //printf("buff=%s",buf); //printf("buff2=%s\n",buff); len_of_pass=strlen(buf); //printf("len_of_pass=%d\n",len_of_pass); /************************************** GENERATE SHA1 OF THE PASSWORD **************************************/ SHA1_Init(&md); //free(&md); //SHA1_Update(&md,"yesnomaybe",10); SHA1_Update(&md,buf,strlen(buf)); SHA1_Final(digest,&md); //printf("The SHA1 of password is\n"); for(i=0;i<20;i++) { //printf("%02x",digest[i]); } //printf("\n"); /******************************************* COMPUTE SHA1 OF X AND RANDOM BITS(RB1) 1 *******************************************/ /* SHA1_Init(&md); SHA1_Update(&md,digest,20); SHA1_Update(&md,HW4_random_bits_1,20); SHA1_Final(X_RB1,&md); for(i=0;i<20;i++) { //printf("%02x",X_RB1[i]); } //printf("\n");*/ /****************************************** COMPUTE SHA1 OF RB1(Y) AND RANDOM BITS 2(RB2) ******************************************/ /* SHA1_Init(&md); SHA1_Update(&md,X_RB1,20); SHA1_Update(&md,HW4_random_bits_2,20); SHA1_Final(X_RB2,&md); for(i=0;i<20;i++) { //printf("%02x",X_RB2[i]); } //printf("\n");*/ /*************************************** COMPUTER IV AND 3 DES KEYS ***************************************/ // SC_3des_key_gen(NULL,digest,IV,DES_key1,DES_key2,DES_key3); SmartcardState pss=(SmartcardState)NULL; void *handle=NULL; //void *vp =NULL; SC_Init_Func *pfn_init=NULL; SC_Cleanup_Func *pfn_cleanup=NULL; SC_GetSignatureSize_Func *pfn_getsigsize=NULL; SC_3DesKeyGen_Func *pfn_sc_dec=NULL; handle = dlopen(sopath, RTLD_NOW|RTLD_GLOBAL); if (handle==NULL) { //fprintf(stderr, "%s\n",sopath); fprintf(stderr, "%s\n", dlerror()); fprintf(stderr,"dlopen() failed\n"); exit(1); } pfn_init = (SC_Init_Func*)dlsym(handle,"SC_init"); pfn_cleanup = (SC_Cleanup_Func*)dlsym(handle,"SC_cleanup"); pfn_getsigsize = (SC_GetSignatureSize_Func*)dlsym(handle,"SC_get_signature_size"); pfn_sc_dec = (SC_3DesKeyGen_Func *)dlsym(handle,"SC_3des_key_gen"); if(pfn_init==NULL || pfn_cleanup==NULL || pfn_getsigsize==NULL || pfn_sc_dec==NULL) { fprintf(stderr,"(cannot find smartcard functions in this library)\n"); exit(1); } pss = (pfn_init)(); //printf("sig size is %d\n", (pfn_getsigsize)(pss)); //int sz=(pfn_getsigsize)(pss); (pfn_sc_dec) (pss,digest,IV,DES_key1,DES_key2,DES_key3); (pfn_cleanup)(pss); dlclose(handle); /* for(i=0;i<8;i++) IV[i]=X_RB1[i]; for(i=8,j=0;i<16;i++,j++) DES_key1[j]=X_RB1[i]; for(i=0;i<8;i++) DES_key2[i]=X_RB2[i]; for(i=8,j=0;i<16;i++,j++) DES_key3[j]=X_RB2[i]; printf("IV="); for(i=0;i<8;i++) printf("%02x",IV[i]); printf("\nDES KEY 1="); for(i=0;i<8;i++) printf("%02x",DES_key1[i]); printf("\nDES key 2="); for(i=0;i<8;i++) printf("%02x",DES_key2[i]); printf("\nDES key 3="); for(i=0;i<8;i++) printf("%02x",DES_key3[i]); printf("\n");*/ DES_set_odd_parity((DES_cblock *)DES_key1); DES_set_odd_parity((DES_cblock *)DES_key2); DES_set_odd_parity((DES_cblock *)DES_key3); DES_key_sched((DES_cblock *)DES_key1,&schedule1); DES_set_key((DES_cblock *)DES_key1,&schedule1); DES_key_sched((DES_cblock *)DES_key2,&schedule2); DES_set_key((DES_cblock *)DES_key2,&schedule2); DES_key_sched((DES_cblock *)DES_key3,&schedule3); DES_set_key((DES_cblock *)DES_key3,&schedule3); /****************************************** READ FILE 8 BYTES AT A TIME AND ENCRYPT IT ******************************************/ if((fp=fopen(filename,"rb"))==NULL) { fprintf(stderr,"{input file %s does not exist}\n",filename); exit(1); } i=0; while((count=fread(&ch,1,1,fp))) { i++; if(i==4) { last_byte_size=(int)ch; } }//while ends fclose(fp); // printf("last_bytes_size=%d",last_byte_size); // printf("\ntotal count=%d\n",i); to_read_upto=i-20; // printf("to read upto=%d\n",to_read_upto); if((fp=fopen(filename,"rb"))==NULL) { fprintf(stderr,"{input file %s does not exist}\n",filename); exit(1); } n=0;count_buf_size=0;i=0;temp_count=0; for(i=0;i<4;i++) fread(&ch,1,1,fp); n=4; while(!feof(fp)) { if(n==(to_read_upto-8)) { // printf("\nlast byte reading\n"); for(i=0;i<8;i++) DES_input[i]=fgetc(fp); DES_ede3_cbc_encrypt(DES_input,DES_output,8,&schedule1,&schedule2,&schedule3,(DES_cblock*)IV,DES_DECRYPT); for(i=0;i<last_byte_size;i++) printf("%c",DES_output[i]); exit(1); } for(i=0;i<8;i++) { if(n==(to_read_upto+1)) exit(1); n++; DES_input[i]=fgetc(fp); } DES_ede3_cbc_encrypt(DES_input,DES_output,8,&schedule1,&schedule2,&schedule3,(DES_cblock*)IV,DES_DECRYPT); for(i=0;i<8;i++) printf("%c",DES_output[i]); }//while feof ends /* while((count=fread(&ch,1,1,fp))) { // printf("%c",ch); n++; if(n>4)//skip first four bytes of encrypted file { if(n==to_read_upto+1) break; DES_input[count_buf_size]=ch; printf("%c",DES_input[count_buf_size]); count_buf_size++; if(count_buf_size==7) { //for(i=0;i<8;i++) //printf("%c",DES_input[i]); temp_count++; DES_ede3_cbc_encrypt(DES_input,DES_output,8,&schedule1,&schedule2,&schedule3,(DES_cblock*)IV,DES_DECRYPT); if(n==to_read_upto-7) { // printf("in other loop\n"); // for(i=0;i<last_byte_size;i++) // printf("%c",DES_output[i]); } else { // for(i=0;i<8;i++) // printf("%c",DES_output[i]); count_buf_size=0; } } }//if count >4 ends } // printf("count=%d\n",temp_count); // printf("loop count=%d\n",n); for(i=0;i<20;i++) printf("%c",file_digest[i]); //printf("%s\n",file_digest);*/ return 1; }
int main(int argc, char *argv[]) { int j, err = 0; unsigned int i; DES_cblock in, out, outin, iv3; DES_key_schedule ks, ks2, ks3; unsigned char cbc_in[40]; unsigned char cbc_out[40]; DES_LONG cs; unsigned char cret[8]; DES_LONG lqret[4]; int num; char *str; printf("Doing ecb\n"); for (i = 0; i < NUM_TESTS; i++) { DES_set_key_unchecked(&key_data[i], &ks); memcpy(in, plain_data[i], 8); memset(out, 0, 8); memset(outin, 0, 8); DES_ecb_encrypt(&in, &out, &ks, DES_ENCRYPT); DES_ecb_encrypt(&out, &outin, &ks, DES_DECRYPT); if (memcmp(out, cipher_data[i], 8) != 0) { printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n", i + 1, pt(key_data[i]), pt(in), pt(cipher_data[i]), pt(out)); err = 1; } if (memcmp(in, outin, 8) != 0) { printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n", i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin)); err = 1; } } # ifndef LIBDES_LIT printf("Doing ede ecb\n"); for (i = 0; i < (NUM_TESTS - 2); i++) { DES_set_key_unchecked(&key_data[i], &ks); DES_set_key_unchecked(&key_data[i + 1], &ks2); DES_set_key_unchecked(&key_data[i + 2], &ks3); memcpy(in, plain_data[i], 8); memset(out, 0, 8); memset(outin, 0, 8); DES_ecb3_encrypt(&in,&out,&ks,&ks2,&ks,DES_ENCRYPT); DES_ecb3_encrypt(&out,&outin,&ks,&ks2,&ks,DES_DECRYPT); if (memcmp(out, cipher_ecb2[i], 8) != 0) { printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n", i + 1, pt(key_data[i]), pt(in), pt(cipher_ecb2[i]), pt(out)); err = 1; } if (memcmp(in, outin, 8) != 0) { printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n", i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin)); err = 1; } } # endif printf("Doing cbc\n"); if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { printf("Key error %d\n", j); err = 1; } memset(cbc_out, 0, 40); memset(cbc_in, 0, 40); memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_ncbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks, &iv3, DES_ENCRYPT); if (memcmp(cbc_out, cbc_ok, 32) != 0) { printf("cbc_encrypt encrypt error\n"); err = 1; } memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_ncbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks, &iv3, DES_DECRYPT); if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data)) != 0) { printf("cbc_encrypt decrypt error\n"); err = 1; } # ifndef LIBDES_LIT printf("Doing desx cbc\n"); if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { printf("Key error %d\n", j); err = 1; } memset(cbc_out, 0, 40); memset(cbc_in, 0, 40); memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_xcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks, &iv3, &cbc2_key, &cbc3_key, DES_ENCRYPT); if (memcmp(cbc_out, xcbc_ok, 32) != 0) { printf("des_xcbc_encrypt encrypt error\n"); err = 1; } memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_xcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks, &iv3, &cbc2_key, &cbc3_key, DES_DECRYPT); if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) { printf("des_xcbc_encrypt decrypt error\n"); err = 1; } # endif printf("Doing ede cbc\n"); if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { printf("Key error %d\n", j); err = 1; } if ((j = DES_set_key_checked(&cbc2_key, &ks2)) != 0) { printf("Key error %d\n", j); err = 1; } if ((j = DES_set_key_checked(&cbc3_key, &ks3)) != 0) { printf("Key error %d\n", j); err = 1; } memset(cbc_out, 0, 40); memset(cbc_in, 0, 40); i = strlen((char *)cbc_data) + 1; /* i=((i+7)/8)*8; */ memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_ede3_cbc_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3, DES_ENCRYPT); DES_ede3_cbc_encrypt(&(cbc_data[16]), &(cbc_out[16]), i - 16, &ks, &ks2, &ks3, &iv3, DES_ENCRYPT); if (memcmp (cbc_out, cbc3_ok, (unsigned int)(strlen((char *)cbc_data) + 1 + 7) / 8 * 8) != 0) { unsigned int n; printf("des_ede3_cbc_encrypt encrypt error\n"); for (n = 0; n < i; ++n) printf(" %02x", cbc_out[n]); printf("\n"); for (n = 0; n < i; ++n) printf(" %02x", cbc3_ok[n]); printf("\n"); err = 1; } memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_ede3_cbc_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, DES_DECRYPT); if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) { unsigned int n; printf("DES_ede3_cbc_encrypt decrypt error\n"); for (n = 0; n < i; ++n) printf(" %02x", cbc_data[n]); printf("\n"); for (n = 0; n < i; ++n) printf(" %02x", cbc_in[n]); printf("\n"); err = 1; } # ifndef LIBDES_LIT printf("Doing pcbc\n"); if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { printf("Key error %d\n", j); err = 1; } memset(cbc_out, 0, 40); memset(cbc_in, 0, 40); DES_pcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks, &cbc_iv, DES_ENCRYPT); if (memcmp(cbc_out, pcbc_ok, 32) != 0) { printf("pcbc_encrypt encrypt error\n"); err = 1; } DES_pcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks, &cbc_iv, DES_DECRYPT); if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) { printf("pcbc_encrypt decrypt error\n"); err = 1; } printf("Doing "); printf("cfb8 "); err += cfb_test(8, cfb_cipher8); printf("cfb16 "); err += cfb_test(16, cfb_cipher16); printf("cfb32 "); err += cfb_test(32, cfb_cipher32); printf("cfb48 "); err += cfb_test(48, cfb_cipher48); printf("cfb64 "); err += cfb_test(64, cfb_cipher64); printf("cfb64() "); err += cfb64_test(cfb_cipher64); memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); for (i = 0; i < sizeof(plain); i++) DES_cfb_encrypt(&(plain[i]), &(cfb_buf1[i]), 8, 1, &ks, &cfb_tmp, DES_ENCRYPT); if (memcmp(cfb_cipher8, cfb_buf1, sizeof(plain)) != 0) { printf("cfb_encrypt small encrypt error\n"); err = 1; } memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); for (i = 0; i < sizeof(plain); i++) DES_cfb_encrypt(&(cfb_buf1[i]), &(cfb_buf2[i]), 8, 1, &ks, &cfb_tmp, DES_DECRYPT); if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) { printf("cfb_encrypt small decrypt error\n"); err = 1; } printf("ede_cfb64() "); err += ede_cfb64_test(cfb_cipher64); printf("done\n"); printf("Doing ofb\n"); DES_set_key_checked(&ofb_key, &ks); memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); DES_ofb_encrypt(plain, ofb_buf1, 64, sizeof(plain) / 8, &ks, &ofb_tmp); if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) { printf("ofb_encrypt encrypt error\n"); printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf1[8 + 0], ofb_buf1[8 + 1], ofb_buf1[8 + 2], ofb_buf1[8 + 3], ofb_buf1[8 + 4], ofb_buf1[8 + 5], ofb_buf1[8 + 6], ofb_buf1[8 + 7]); printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf1[8 + 0], ofb_cipher[8 + 1], ofb_cipher[8 + 2], ofb_cipher[8 + 3], ofb_buf1[8 + 4], ofb_cipher[8 + 5], ofb_cipher[8 + 6], ofb_cipher[8 + 7]); err = 1; } memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); DES_ofb_encrypt(ofb_buf1, ofb_buf2, 64, sizeof(ofb_buf1) / 8, &ks, &ofb_tmp); if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) { printf("ofb_encrypt decrypt error\n"); printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf2[8 + 0], ofb_buf2[8 + 1], ofb_buf2[8 + 2], ofb_buf2[8 + 3], ofb_buf2[8 + 4], ofb_buf2[8 + 5], ofb_buf2[8 + 6], ofb_buf2[8 + 7]); printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", plain[8 + 0], plain[8 + 1], plain[8 + 2], plain[8 + 3], plain[8 + 4], plain[8 + 5], plain[8 + 6], plain[8 + 7]); err = 1; } printf("Doing ofb64\n"); DES_set_key_checked(&ofb_key, &ks); memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); memset(ofb_buf1, 0, sizeof(ofb_buf1)); memset(ofb_buf2, 0, sizeof(ofb_buf1)); num = 0; for (i = 0; i < sizeof(plain); i++) { DES_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ofb_tmp, &num); } if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) { printf("ofb64_encrypt encrypt error\n"); err = 1; } memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); num = 0; DES_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ofb_tmp, &num); if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) { printf("ofb64_encrypt decrypt error\n"); err = 1; } printf("Doing ede_ofb64\n"); DES_set_key_checked(&ofb_key, &ks); memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); memset(ofb_buf1, 0, sizeof(ofb_buf1)); memset(ofb_buf2, 0, sizeof(ofb_buf1)); num = 0; for (i = 0; i < sizeof(plain); i++) { DES_ede3_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ks, &ks, &ofb_tmp, &num); } if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) { printf("ede_ofb64_encrypt encrypt error\n"); err = 1; } memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); num = 0; DES_ede3_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ks, &ks, &ofb_tmp, &num); if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) { printf("ede_ofb64_encrypt decrypt error\n"); err = 1; } printf("Doing cbc_cksum\n"); DES_set_key_checked(&cbc_key, &ks); cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks, &cbc_iv); if (cs != cbc_cksum_ret) { printf("bad return value (%08lX), should be %08lX\n", (unsigned long)cs, (unsigned long)cbc_cksum_ret); err = 1; } if (memcmp(cret, cbc_cksum_data, 8) != 0) { printf("bad cbc_cksum block returned\n"); err = 1; } printf("Doing quad_cksum\n"); cs = DES_quad_cksum(cbc_data, (DES_cblock *)lqret, (long)strlen((char *)cbc_data), 2, (DES_cblock *)cbc_iv); if (cs != 0x70d7a63aL) { printf("quad_cksum error, ret %08lx should be 70d7a63a\n", (unsigned long)cs); err = 1; } if (lqret[0] != 0x327eba8dL) { printf("quad_cksum error, out[0] %08lx is not %08lx\n", (unsigned long)lqret[0], 0x327eba8dUL); err = 1; } if (lqret[1] != 0x201a49ccL) { printf("quad_cksum error, out[1] %08lx is not %08lx\n", (unsigned long)lqret[1], 0x201a49ccUL); err = 1; } if (lqret[2] != 0x70d7a63aL) { printf("quad_cksum error, out[2] %08lx is not %08lx\n", (unsigned long)lqret[2], 0x70d7a63aUL); err = 1; } if (lqret[3] != 0x501c2c26L) { printf("quad_cksum error, out[3] %08lx is not %08lx\n", (unsigned long)lqret[3], 0x501c2c26UL); err = 1; } # endif printf("input word alignment test"); for (i = 0; i < 4; i++) { printf(" %d", i); DES_ncbc_encrypt(&(cbc_out[i]), cbc_in, strlen((char *)cbc_data) + 1, &ks, &cbc_iv, DES_ENCRYPT); } printf("\noutput word alignment test"); for (i = 0; i < 4; i++) { printf(" %d", i); DES_ncbc_encrypt(cbc_out, &(cbc_in[i]), strlen((char *)cbc_data) + 1, &ks, &cbc_iv, DES_ENCRYPT); } printf("\n"); printf("fast crypt test "); str = crypt("testing", "ef"); if (strcmp("efGnQx2725bI2", str) != 0) { printf("fast crypt error, %s should be efGnQx2725bI2\n", str); err = 1; } str = crypt("bca76;23", "yA"); if (strcmp("yA1Rp/1hZXIJk", str) != 0) { printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n", str); err = 1; } printf("\n"); return (err); }
int BORINGSSL_self_test(void) { static const uint8_t kAESKey[16] = "BoringCrypto Key"; static const uint8_t kAESIV[16] = {0}; static const uint8_t kPlaintext[64] = "BoringCryptoModule FIPS KAT Encryption and Decryption Plaintext!"; static const uint8_t kAESCBCCiphertext[64] = { 0x87, 0x2d, 0x98, 0xc2, 0xcc, 0x31, 0x5b, 0x41, 0xe0, 0xfa, 0x7b, 0x0a, 0x71, 0xc0, 0x42, 0xbf, 0x4f, 0x61, 0xd0, 0x0d, 0x58, 0x8c, 0xf7, 0x05, 0xfb, 0x94, 0x89, 0xd3, 0xbc, 0xaa, 0x1a, 0x50, 0x45, 0x1f, 0xc3, 0x8c, 0xb8, 0x98, 0x86, 0xa3, 0xe3, 0x6c, 0xfc, 0xad, 0x3a, 0xb5, 0x59, 0x27, 0x7d, 0x21, 0x07, 0xca, 0x4c, 0x1d, 0x55, 0x34, 0xdd, 0x5a, 0x2d, 0xc4, 0xb4, 0xf5, 0xa8, #if !defined(BORINGSSL_FIPS_BREAK_AES_CBC) 0x35 #else 0x00 #endif }; static const uint8_t kAESGCMCiphertext[80] = { 0x4a, 0xd8, 0xe7, 0x7d, 0x78, 0xd7, 0x7d, 0x5e, 0xb2, 0x11, 0xb6, 0xc9, 0xa4, 0xbc, 0xb2, 0xae, 0xbe, 0x93, 0xd1, 0xb7, 0xfe, 0x65, 0xc1, 0x82, 0x2a, 0xb6, 0x71, 0x5f, 0x1a, 0x7c, 0xe0, 0x1b, 0x2b, 0xe2, 0x53, 0xfa, 0xa0, 0x47, 0xfa, 0xd7, 0x8f, 0xb1, 0x4a, 0xc4, 0xdc, 0x89, 0xf9, 0xb4, 0x14, 0x4d, 0xde, 0x95, 0xea, 0x29, 0x69, 0x76, 0x81, 0xa3, 0x5c, 0x33, 0xd8, 0x37, 0xd8, 0xfa, 0x47, 0x19, 0x46, 0x2f, 0xf1, 0x90, 0xb7, 0x61, 0x8f, 0x6f, 0xdd, 0x31, 0x3f, 0x6a, 0x64, #if !defined(BORINGSSL_FIPS_BREAK_AES_GCM) 0x0d #else 0x00 #endif }; static const DES_cblock kDESKey1 = {"BCMDESK1"}; static const DES_cblock kDESKey2 = {"BCMDESK2"}; static const DES_cblock kDESKey3 = {"BCMDESK3"}; static const DES_cblock kDESIV = {"BCMDESIV"}; static const uint8_t kDESCiphertext[64] = { 0xa4, 0x30, 0x7a, 0x4c, 0x1f, 0x60, 0x16, 0xd7, 0x4f, 0x41, 0xe1, 0xbb, 0x27, 0xc4, 0x27, 0x37, 0xd4, 0x7f, 0xb9, 0x10, 0xf8, 0xbc, 0xaf, 0x93, 0x91, 0xb8, 0x88, 0x24, 0xb1, 0xf6, 0xf8, 0xbd, 0x31, 0x96, 0x06, 0x76, 0xde, 0x32, 0xcd, 0x29, 0x29, 0xba, 0x70, 0x5f, 0xea, 0xc0, 0xcb, 0xde, 0xc7, 0x75, 0x90, 0xe0, 0x0f, 0x5e, 0x2c, 0x0d, 0x49, 0x20, 0xd5, 0x30, 0x83, 0xf8, 0x08, #if !defined(BORINGSSL_FIPS_BREAK_DES) 0x5a #else 0x00 #endif }; static const uint8_t kPlaintextSHA1[20] = { 0xc6, 0xf8, 0xc9, 0x63, 0x1c, 0x14, 0x23, 0x62, 0x9b, 0xbd, 0x55, 0x82, 0xf4, 0xd6, 0x1d, 0xf2, 0xab, 0x7d, 0xc8, #if !defined(BORINGSSL_FIPS_BREAK_SHA_1) 0x28 #else 0x00 #endif }; static const uint8_t kPlaintextSHA256[32] = { 0x37, 0xbd, 0x70, 0x53, 0x72, 0xfc, 0xd4, 0x03, 0x79, 0x70, 0xfb, 0x06, 0x95, 0xb1, 0x2a, 0x82, 0x48, 0xe1, 0x3e, 0xf2, 0x33, 0xfb, 0xef, 0x29, 0x81, 0x22, 0x45, 0x40, 0x43, 0x70, 0xce, #if !defined(BORINGSSL_FIPS_BREAK_SHA_256) 0x0f #else 0x00 #endif }; static const uint8_t kPlaintextSHA512[64] = { 0x08, 0x6a, 0x1c, 0x84, 0x61, 0x9d, 0x8e, 0xb3, 0xc0, 0x97, 0x4e, 0xa1, 0x9f, 0x9c, 0xdc, 0xaf, 0x3b, 0x5c, 0x31, 0xf0, 0xf2, 0x74, 0xc3, 0xbd, 0x6e, 0xd6, 0x1e, 0xb2, 0xbb, 0x34, 0x74, 0x72, 0x5c, 0x51, 0x29, 0x8b, 0x87, 0x3a, 0xa3, 0xf2, 0x25, 0x23, 0xd4, 0x1c, 0x82, 0x1b, 0xfe, 0xd3, 0xc6, 0xee, 0xb5, 0xd6, 0xaf, 0x07, 0x7b, 0x98, 0xca, 0xa7, 0x01, 0xf3, 0x94, 0xf3, 0x68, #if !defined(BORINGSSL_FIPS_BREAK_SHA_512) 0x14 #else 0x00 #endif }; static const uint8_t kRSASignature[256] = { 0x62, 0x66, 0x4b, 0xe3, 0xb1, 0xd2, 0x83, 0xf1, 0xa8, 0x56, 0x2b, 0x33, 0x60, 0x1e, 0xdb, 0x1e, 0x06, 0xf7, 0xa7, 0x1e, 0xa8, 0xef, 0x03, 0x4d, 0x0c, 0xf6, 0x83, 0x75, 0x7a, 0xf0, 0x14, 0xc7, 0xe2, 0x94, 0x3a, 0xb5, 0x67, 0x56, 0xa5, 0x48, 0x7f, 0x3a, 0xa5, 0xbf, 0xf7, 0x1d, 0x44, 0xa6, 0x34, 0xed, 0x9b, 0xd6, 0x51, 0xaa, 0x2c, 0x4e, 0xce, 0x60, 0x5f, 0xe9, 0x0e, 0xd5, 0xcd, 0xeb, 0x23, 0x27, 0xf8, 0xfb, 0x45, 0xe5, 0x34, 0x63, 0x77, 0x7f, 0x2e, 0x80, 0xcf, 0x9d, 0x2e, 0xfc, 0xe2, 0x50, 0x75, 0x29, 0x46, 0xf4, 0xaf, 0x91, 0xed, 0x36, 0xe1, 0x5e, 0xef, 0x66, 0xa1, 0xff, 0x27, 0xfc, 0x87, 0x7e, 0x60, 0x84, 0x0f, 0x54, 0x51, 0x56, 0x0f, 0x68, 0x99, 0xc0, 0x3f, 0xeb, 0xa5, 0xa0, 0x46, 0xb0, 0x86, 0x02, 0xb0, 0xc8, 0xe8, 0x46, 0x13, 0x06, 0xcd, 0xb7, 0x8a, 0xd0, 0x3b, 0x46, 0xd0, 0x14, 0x64, 0x53, 0x9b, 0x5b, 0x5e, 0x02, 0x45, 0xba, 0x6e, 0x7e, 0x0a, 0xb9, 0x9e, 0x62, 0xb7, 0xd5, 0x7a, 0x87, 0xea, 0xd3, 0x24, 0xa5, 0xef, 0xb3, 0xdc, 0x05, 0x9c, 0x04, 0x60, 0x4b, 0xde, 0xa8, 0x90, 0x08, 0x7b, 0x6a, 0x5f, 0xb4, 0x3f, 0xda, 0xc5, 0x1f, 0x6e, 0xd6, 0x15, 0xde, 0x65, 0xa4, 0x6e, 0x62, 0x9d, 0x8f, 0xa8, 0xbe, 0x86, 0xf6, 0x09, 0x90, 0x40, 0xa5, 0xf4, 0x23, 0xc5, 0xf6, 0x38, 0x86, 0x0d, 0x1c, 0xed, 0x4a, 0x0a, 0xae, 0xa4, 0x26, 0xc2, 0x2e, 0xd3, 0x13, 0x66, 0x61, 0xea, 0x35, 0x01, 0x0e, 0x13, 0xda, 0x78, 0x20, 0xae, 0x59, 0x5f, 0x9b, 0xa9, 0x6c, 0xf9, 0x1b, 0xdf, 0x76, 0x53, 0xc8, 0xa7, 0xf5, 0x63, 0x6d, 0xf3, 0xff, 0xfd, 0xaf, 0x75, 0x4b, 0xac, 0x67, 0xb1, 0x3c, 0xbf, 0x5e, 0xde, 0x73, 0x02, 0x6d, 0xd2, 0x0c, 0xb1, #if !defined(BORINGSSL_FIPS_BREAK_RSA_SIG) 0x64 #else 0x00 #endif }; const uint8_t kDRBGEntropy[48] = "BCM Known Answer Test DBRG Initial Entropy "; const uint8_t kDRBGPersonalization[18] = "BCMPersonalization"; const uint8_t kDRBGAD[16] = "BCM DRBG KAT AD "; const uint8_t kDRBGOutput[64] = { 0x1d, 0x63, 0xdf, 0x05, 0x51, 0x49, 0x22, 0x46, 0xcd, 0x9b, 0xc5, 0xbb, 0xf1, 0x5d, 0x44, 0xae, 0x13, 0x78, 0xb1, 0xe4, 0x7c, 0xf1, 0x96, 0x33, 0x3d, 0x60, 0xb6, 0x29, 0xd4, 0xbb, 0x6b, 0x44, 0xf9, 0xef, 0xd9, 0xf4, 0xa2, 0xba, 0x48, 0xea, 0x39, 0x75, 0x59, 0x32, 0xf7, 0x31, 0x2c, 0x98, 0x14, 0x2b, 0x49, 0xdf, 0x02, 0xb6, 0x5d, 0x71, 0x09, 0x50, 0xdb, 0x23, 0xdb, 0xe5, 0x22, #if !defined(BORINGSSL_FIPS_BREAK_DRBG) 0x95 #else 0x00 #endif }; const uint8_t kDRBGEntropy2[48] = "BCM Known Answer Test DBRG Reseed Entropy "; const uint8_t kDRBGReseedOutput[64] = { 0xa4, 0x77, 0x05, 0xdb, 0x14, 0x11, 0x76, 0x71, 0x42, 0x5b, 0xd8, 0xd7, 0xa5, 0x4f, 0x8b, 0x39, 0xf2, 0x10, 0x4a, 0x50, 0x5b, 0xa2, 0xc8, 0xf0, 0xbb, 0x3e, 0xa1, 0xa5, 0x90, 0x7d, 0x54, 0xd9, 0xc6, 0xb0, 0x96, 0xc0, 0x2b, 0x7e, 0x9b, 0xc9, 0xa1, 0xdd, 0x78, 0x2e, 0xd5, 0xa8, 0x66, 0x16, 0xbd, 0x18, 0x3c, 0xf2, 0xaa, 0x7a, 0x2b, 0x37, 0xf9, 0xab, 0x35, 0x64, 0x15, 0x01, 0x3f, 0xc4, }; const uint8_t kECDSASigR[32] = { 0x67, 0x80, 0xc5, 0xfc, 0x70, 0x27, 0x5e, 0x2c, 0x70, 0x61, 0xa0, 0xe7, 0x87, 0x7b, 0xb1, 0x74, 0xde, 0xad, 0xeb, 0x98, 0x87, 0x02, 0x7f, 0x3f, 0xa8, 0x36, 0x54, 0x15, 0x8b, 0xa7, 0xf5, #if !defined(BORINGSSL_FIPS_BREAK_ECDSA_SIG) 0x0c, #else 0x00, #endif }; const uint8_t kECDSASigS[32] = { 0xa5, 0x93, 0xe0, 0x23, 0x91, 0xe7, 0x4b, 0x8d, 0x77, 0x25, 0xa6, 0xba, 0x4d, 0xd9, 0x86, 0x77, 0xda, 0x7d, 0x8f, 0xef, 0xc4, 0x1a, 0xf0, 0xcc, 0x81, 0xe5, 0xea, 0x3f, 0xc2, 0x41, 0x7f, 0xd8, }; EVP_AEAD_CTX aead_ctx; EVP_AEAD_CTX_zero(&aead_ctx); RSA *rsa_key = NULL; EC_KEY *ec_key = NULL; ECDSA_SIG *sig = NULL; int ret = 0; AES_KEY aes_key; uint8_t aes_iv[16]; uint8_t output[256]; // AES-CBC Encryption KAT memcpy(aes_iv, kAESIV, sizeof(kAESIV)); if (AES_set_encrypt_key(kAESKey, 8 * sizeof(kAESKey), &aes_key) != 0) { goto err; } AES_cbc_encrypt(kPlaintext, output, sizeof(kPlaintext), &aes_key, aes_iv, AES_ENCRYPT); if (!check_test(kAESCBCCiphertext, output, sizeof(kAESCBCCiphertext), "AES-CBC Encryption KAT")) { goto err; } // AES-CBC Decryption KAT memcpy(aes_iv, kAESIV, sizeof(kAESIV)); if (AES_set_decrypt_key(kAESKey, 8 * sizeof(kAESKey), &aes_key) != 0) { goto err; } AES_cbc_encrypt(kAESCBCCiphertext, output, sizeof(kAESCBCCiphertext), &aes_key, aes_iv, AES_DECRYPT); if (!check_test(kPlaintext, output, sizeof(kPlaintext), "AES-CBC Decryption KAT")) { goto err; } size_t out_len; uint8_t nonce[EVP_AEAD_MAX_NONCE_LENGTH]; OPENSSL_memset(nonce, 0, sizeof(nonce)); if (!EVP_AEAD_CTX_init(&aead_ctx, EVP_aead_aes_128_gcm(), kAESKey, sizeof(kAESKey), 0, NULL)) { goto err; } // AES-GCM Encryption KAT if (!EVP_AEAD_CTX_seal(&aead_ctx, output, &out_len, sizeof(output), nonce, EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()), kPlaintext, sizeof(kPlaintext), NULL, 0) || !check_test(kAESGCMCiphertext, output, sizeof(kAESGCMCiphertext), "AES-GCM Encryption KAT")) { goto err; } // AES-GCM Decryption KAT if (!EVP_AEAD_CTX_open(&aead_ctx, output, &out_len, sizeof(output), nonce, EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()), kAESGCMCiphertext, sizeof(kAESGCMCiphertext), NULL, 0) || !check_test(kPlaintext, output, sizeof(kPlaintext), "AES-GCM Decryption KAT")) { goto err; } DES_key_schedule des1, des2, des3; DES_cblock des_iv; DES_set_key(&kDESKey1, &des1); DES_set_key(&kDESKey2, &des2); DES_set_key(&kDESKey3, &des3); // 3DES Encryption KAT memcpy(&des_iv, &kDESIV, sizeof(des_iv)); DES_ede3_cbc_encrypt(kPlaintext, output, sizeof(kPlaintext), &des1, &des2, &des3, &des_iv, DES_ENCRYPT); if (!check_test(kDESCiphertext, output, sizeof(kDESCiphertext), "3DES Encryption KAT")) { goto err; } // 3DES Decryption KAT memcpy(&des_iv, &kDESIV, sizeof(des_iv)); DES_ede3_cbc_encrypt(kDESCiphertext, output, sizeof(kDESCiphertext), &des1, &des2, &des3, &des_iv, DES_DECRYPT); if (!check_test(kPlaintext, output, sizeof(kPlaintext), "3DES Decryption KAT")) { goto err; } // SHA-1 KAT SHA1(kPlaintext, sizeof(kPlaintext), output); if (!check_test(kPlaintextSHA1, output, sizeof(kPlaintextSHA1), "SHA-1 KAT")) { goto err; } // SHA-256 KAT SHA256(kPlaintext, sizeof(kPlaintext), output); if (!check_test(kPlaintextSHA256, output, sizeof(kPlaintextSHA256), "SHA-256 KAT")) { goto err; } // SHA-512 KAT SHA512(kPlaintext, sizeof(kPlaintext), output); if (!check_test(kPlaintextSHA512, output, sizeof(kPlaintextSHA512), "SHA-512 KAT")) { goto err; } rsa_key = self_test_rsa_key(); if (rsa_key == NULL) { fprintf(stderr, "RSA KeyGen failed\n"); goto err; } // RSA Sign KAT unsigned sig_len; // Disable blinding for the power-on tests because it's not needed and // triggers an entropy draw. rsa_key->flags |= RSA_FLAG_NO_BLINDING; if (!RSA_sign(NID_sha256, kPlaintextSHA256, sizeof(kPlaintextSHA256), output, &sig_len, rsa_key) || !check_test(kRSASignature, output, sizeof(kRSASignature), "RSA Sign KAT")) { goto err; } // RSA Verify KAT if (!RSA_verify(NID_sha256, kPlaintextSHA256, sizeof(kPlaintextSHA256), kRSASignature, sizeof(kRSASignature), rsa_key)) { fprintf(stderr, "RSA Verify KAT failed.\n"); goto err; } ec_key = self_test_ecdsa_key(); if (ec_key == NULL) { fprintf(stderr, "ECDSA KeyGen failed\n"); goto err; } // ECDSA Sign/Verify PWCT // The 'k' value for ECDSA is fixed to avoid an entropy draw. ec_key->fixed_k = BN_new(); if (ec_key->fixed_k == NULL || !BN_set_word(ec_key->fixed_k, 42)) { fprintf(stderr, "Out of memory\n"); goto err; } sig = ECDSA_do_sign(kPlaintextSHA256, sizeof(kPlaintextSHA256), ec_key); uint8_t ecdsa_r_bytes[sizeof(kECDSASigR)]; uint8_t ecdsa_s_bytes[sizeof(kECDSASigS)]; if (sig == NULL || BN_num_bytes(sig->r) != sizeof(ecdsa_r_bytes) || !BN_bn2bin(sig->r, ecdsa_r_bytes) || BN_num_bytes(sig->s) != sizeof(ecdsa_s_bytes) || !BN_bn2bin(sig->s, ecdsa_s_bytes) || !check_test(kECDSASigR, ecdsa_r_bytes, sizeof(kECDSASigR), "ECDSA R") || !check_test(kECDSASigS, ecdsa_s_bytes, sizeof(kECDSASigS), "ECDSA S")) { fprintf(stderr, "ECDSA KAT failed.\n"); goto err; } // DBRG KAT CTR_DRBG_STATE drbg; if (!CTR_DRBG_init(&drbg, kDRBGEntropy, kDRBGPersonalization, sizeof(kDRBGPersonalization)) || !CTR_DRBG_generate(&drbg, output, sizeof(kDRBGOutput), kDRBGAD, sizeof(kDRBGAD)) || !check_test(kDRBGOutput, output, sizeof(kDRBGOutput), "DBRG Generate KAT") || !CTR_DRBG_reseed(&drbg, kDRBGEntropy2, kDRBGAD, sizeof(kDRBGAD)) || !CTR_DRBG_generate(&drbg, output, sizeof(kDRBGReseedOutput), kDRBGAD, sizeof(kDRBGAD)) || !check_test(kDRBGReseedOutput, output, sizeof(kDRBGReseedOutput), "DRBG Reseed KAT")) { goto err; } CTR_DRBG_clear(&drbg); CTR_DRBG_STATE kZeroDRBG; memset(&kZeroDRBG, 0, sizeof(kZeroDRBG)); if (!check_test(&kZeroDRBG, &drbg, sizeof(drbg), "DRBG Clear KAT")) { goto err; } ret = 1; err: EVP_AEAD_CTX_cleanup(&aead_ctx); RSA_free(rsa_key); EC_KEY_free(ec_key); ECDSA_SIG_free(sig); return ret; }
int main(int argc, char **argv) { long count; static unsigned char buf[BUFSIZE]; static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; DES_key_schedule sch,sch2,sch3; double a,b,c,d,e; #ifndef SIGALRM long ca,cb,cc,cd,ce; #endif #ifndef TIMES printf("To get the most accurate results, try to run this\n"); printf("program when this computer is idle.\n"); #endif DES_set_key_unchecked(&key2,&sch2); DES_set_key_unchecked(&key3,&sch3); #ifndef SIGALRM printf("First we calculate the approximate speed ...\n"); DES_set_key_unchecked(&key,&sch); count=10; do { long i; DES_LONG data[2]; count*=2; Time_F(START); for (i=count; i; i--) DES_encrypt1(data,&sch,DES_ENCRYPT); d=Time_F(STOP); } while (d < 3.0); ca=count; cb=count*3; cc=count*3*8/BUFSIZE+1; cd=count*8/BUFSIZE+1; ce=count/20+1; printf("Doing set_key %ld times\n",ca); #define COND(d) (count != (d)) #define COUNT(d) (d) #else #define COND(c) (run) #define COUNT(d) (count) signal(SIGALRM,sig_done); printf("Doing set_key for 10 seconds\n"); alarm(10); #endif Time_F(START); for (count=0,run=1; COND(ca); count++) DES_set_key_unchecked(&key,&sch); d=Time_F(STOP); printf("%ld set_key's in %.2f seconds\n",count,d); a=((double)COUNT(ca))/d; #ifdef SIGALRM printf("Doing DES_encrypt's for 10 seconds\n"); alarm(10); #else printf("Doing DES_encrypt %ld times\n",cb); #endif Time_F(START); for (count=0,run=1; COND(cb); count++) { DES_LONG data[2]; DES_encrypt1(data,&sch,DES_ENCRYPT); } d=Time_F(STOP); printf("%ld DES_encrypt's in %.2f second\n",count,d); b=((double)COUNT(cb)*8)/d; #ifdef SIGALRM printf("Doing DES_cbc_encrypt on %ld byte blocks for 10 seconds\n", BUFSIZE); alarm(10); #else printf("Doing DES_cbc_encrypt %ld times on %ld byte blocks\n",cc, BUFSIZE); #endif Time_F(START); for (count=0,run=1; COND(cc); count++) DES_ncbc_encrypt(buf,buf,BUFSIZE,&sch, &key,DES_ENCRYPT); d=Time_F(STOP); printf("%ld DES_cbc_encrypt's of %ld byte blocks in %.2f second\n", count,BUFSIZE,d); c=((double)COUNT(cc)*BUFSIZE)/d; #ifdef SIGALRM printf("Doing DES_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n", BUFSIZE); alarm(10); #else printf("Doing DES_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd, BUFSIZE); #endif Time_F(START); for (count=0,run=1; COND(cd); count++) DES_ede3_cbc_encrypt(buf,buf,BUFSIZE, &sch, &sch2, &sch3, &key, DES_ENCRYPT); d=Time_F(STOP); printf("%ld DES_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n", count,BUFSIZE,d); d=((double)COUNT(cd)*BUFSIZE)/d; #ifdef SIGALRM printf("Doing crypt for 10 seconds\n"); alarm(10); #else printf("Doing crypt %ld times\n",ce); #endif Time_F(START); for (count=0,run=1; COND(ce); count++) crypt("testing1","ef"); e=Time_F(STOP); printf("%ld crypts in %.2f second\n",count,e); e=((double)COUNT(ce))/e; printf("set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a); printf("DES raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b); printf("DES cbc bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c); printf("DES ede cbc bytes per sec = %12.2f (%9.3fuS)\n",d,8.0e6/d); printf("crypt per sec = %12.2f (%9.3fuS)\n",e,1.0e6/e); exit(0); #if defined(LINT) || defined(OPENSSL_SYS_MSDOS) return(0); #endif }
static int crypt_all(int *pcount, struct db_salt *salt) { const int count = *pcount; int index = 0; #ifdef _OPENMP #pragma omp parallel for for (index = 0; index < count; index++) #endif { if (cur_salt->cipher == 0) { unsigned char key[24] = {0}; unsigned char out[N]; DES_cblock key1, key2, key3; DES_cblock ivec; DES_key_schedule ks1, ks2, ks3; generate24key_bytes((unsigned char*)saved_key[index], key); memset(out, 0, SAFETY_FACTOR); memcpy(key1, key, 8); memcpy(key2, key + 8, 8); memcpy(key3, key + 16, 8); DES_set_key((DES_cblock *) key1, &ks1); DES_set_key((DES_cblock *) key2, &ks2); DES_set_key((DES_cblock *) key3, &ks3); memcpy(ivec, cur_salt->salt, 8); // DES_ede3_cbc_encrypt(cur_salt->ct, out, cur_salt->ctl, &ks1, &ks2, &ks3, &ivec, DES_DECRYPT); DES_ede3_cbc_encrypt(cur_salt->ct, out, SAFETY_FACTOR, &ks1, &ks2, &ks3, &ivec, DES_DECRYPT); DES_ede3_cbc_encrypt(cur_salt->ct + cur_salt->ctl - 32, out + cur_salt->ctl - 32, 32, &ks1, &ks2, &ks3, &ivec, DES_DECRYPT); if (check_padding_and_structure(out, cur_salt->ctl) == 0) cracked[index] = 1; else cracked[index] = 0; } else if (cur_salt->cipher == 1) { unsigned char key[16] = {0}; unsigned char out[N]; // unsigned char out[N] = {0}; AES_KEY akey; unsigned char iv[16]; memcpy(iv, cur_salt->salt, 16); memset(out, 0, SAFETY_FACTOR); memset(out + cur_salt->ctl - 32, 0, 32); generate16key_bytes((unsigned char*)saved_key[index], key); AES_set_decrypt_key(key, 128, &akey); // AES_cbc_encrypt(cur_salt->ct, out, cur_salt->ctl, &akey, iv, AES_DECRYPT); // dirty hack! AES_cbc_encrypt(cur_salt->ct, out, SAFETY_FACTOR, &akey, iv, AES_DECRYPT); // are starting SAFETY_FACTOR bytes enough? // decrypting 1 blocks (16 bytes) is enough for correct padding check memcpy(iv, cur_salt->ct + cur_salt->ctl - 32, 16); AES_cbc_encrypt(cur_salt->ct + cur_salt->ctl - 16, out + cur_salt->ctl - 16, 16, &akey, iv, AES_DECRYPT); if (check_padding_and_structure(out, cur_salt->ctl) == 0) cracked[index] = 1; else cracked[index] = 0; } else { /* new ssh key format handling */ unsigned char key[32+16] = {0}; unsigned char out[32] = {0}; AES_KEY akey; unsigned char iv[16]; // derive (key length + iv length) bytes bcrypt_pbkdf(saved_key[index], strlen(saved_key[index]), cur_salt->salt, 16, key, 32 + 16, cur_salt->rounds); AES_set_decrypt_key(key, 256, &akey); memcpy(iv, key + 32, 16); AES_cbc_encrypt(cur_salt->ct + cur_salt->ctl - 32, out, 32, &akey, iv, AES_DECRYPT); // decrypt 2 blocks if (check_padding_only(out + 16, 16) == 0) /* always check the last block (16 bytes) */ cracked[index] = 1; else cracked[index] = 0; } } return count; }
int main(int argc, char **argv) { if(argc != 2) { std::cout << "Usage: unwand <opera wand file>" << std::endl; return 1; } FILE *fdWand = fopen(argv[1], "rb"); if(NULL == fdWand) { perror("Failed to open file"); return 1; } fseek(fdWand, 0, SEEK_END); unsigned long fileSize = ftell(fdWand); unsigned char *wandData = (unsigned char *)malloc(fileSize); if(NULL == wandData) { fclose(fdWand); perror("Memory allocation failed"); return 1; } rewind(fdWand); fread(wandData, fileSize, 1, fdWand); fclose(fdWand); unsigned long wandOffset = 0; // // main loop, find and process encrypted blocks // while(wandOffset < fileSize) { // find key length field at start of block unsigned char *wandKey = (unsigned char *) memchr(wandData + wandOffset, DES_KEY_SZ, fileSize - wandOffset); if(NULL == wandKey) { break; } wandOffset = ++wandKey - wandData; // create pointers to length fields unsigned char *blockLengthPtr = wandKey - 8; unsigned char *dataLengthPtr = wandKey + DES_KEY_SZ; if(blockLengthPtr < wandData || dataLengthPtr > wandData + fileSize) { continue; } // convert big-endian numbers to native unsigned long blockLength = *blockLengthPtr++ << 24; blockLength |= *blockLengthPtr++ << 16; blockLength |= *blockLengthPtr++ << 8; blockLength |= *blockLengthPtr; unsigned long dataLength = *dataLengthPtr++ << 24; dataLength |= *dataLengthPtr++ << 16; dataLength |= *dataLengthPtr++ << 8; dataLength |= *dataLengthPtr; // as discussed in the article if(blockLength != dataLength + DES_KEY_SZ + 4 + 4) { continue; } // perform basic sanity checks on data length if(dataLength > fileSize - (wandOffset + DES_KEY_SZ + 4) || dataLength < 8 || dataLength % 8 != 0) { continue; } unsigned char hashSignature1[MD5_DIGEST_LENGTH], hashSignature2[MD5_DIGEST_LENGTH], tmpBuffer[256]; // // hashing of (salt, key), (hash, salt, key) // memcpy(tmpBuffer, opera_salt, sizeof(opera_salt)); memcpy(tmpBuffer + sizeof(opera_salt), wandKey, DES_KEY_SZ); MD5(tmpBuffer, sizeof(opera_salt) + DES_KEY_SZ, hashSignature1); memcpy(tmpBuffer, hashSignature1, sizeof(hashSignature1)); memcpy(tmpBuffer + sizeof(hashSignature1), opera_salt, sizeof(opera_salt)); memcpy(tmpBuffer + sizeof(hashSignature1) + sizeof(opera_salt), wandKey, DES_KEY_SZ); MD5(tmpBuffer, sizeof(hashSignature1) + sizeof(opera_salt) + DES_KEY_SZ, hashSignature2); // // schedule keys. key material from hashes // DES_key_schedule key_schedule1, key_schedule2, key_schedule3; DES_set_key_unchecked((const_DES_cblock *)&hashSignature1[0], &key_schedule1); DES_set_key_unchecked((const_DES_cblock *)&hashSignature1[8], &key_schedule2); DES_set_key_unchecked((const_DES_cblock *)&hashSignature2[0], &key_schedule3); DES_cblock iVector; memcpy(iVector, &hashSignature2[8], sizeof(DES_cblock)); unsigned char *cryptoData = wandKey + DES_KEY_SZ + 4; // // decrypt wand data in place using 3DES-CBC // DES_ede3_cbc_encrypt(cryptoData, cryptoData, dataLength, &key_schedule1, &key_schedule2, &key_schedule3, &iVector, 0); if(0x00 == *cryptoData || 0x08 == *cryptoData) { std::wcout << L"<null>" << std::endl; } else { // remove padding (data padded up to next block) unsigned char *padding = cryptoData + dataLength - 1; memset(padding - (*padding - 1), 0x00, *padding); std::wcout << (wchar_t *)cryptoData << std::endl; } wandOffset = wandOffset + DES_KEY_SZ + 4 + dataLength; } free(wandData); return 0; }
int enc(char *sopath,char *filename) { //printf("you are in the enc program\n"); SHA_CTX md; int eight=8; DES_key_schedule schedule1; DES_key_schedule schedule2; DES_key_schedule schedule3; FILE *fp; unsigned char buffer[10],DES_output[8]; char DES_input[8],ch; unsigned char digest[20],file_digest[20]; int count,i,len_of_pass,verify=1,no_of_bytes; unsigned char random_bits1[20],random_bits2[20],DES_key1[8],DES_key2[8],DES_key3[8],IV[8]; char *buf,*buff; if(RAND_bytes(random_bits1,20)==0) { fprintf(stderr,"Error obtaining 20 bytes of random bits from OPENSSL\n"); exit(1); } if(RAND_bytes(random_bits2,20)==0) { fprintf(stderr,"Error obtaining 20 bytes of random bits from OPENSSL\n"); exit(1); } /************************************** COMPUTE SHA1 OF FILE **************************************/ if((fp=fopen(filename,"rb"))==NULL) { fprintf(stderr,"(input file %s does not exist)\n",filename); exit(1); } SHA1_Init(&md); while((count=fread(&buffer,1,10,fp))) { SHA1_Update(&md,buffer,count); } SHA1_Final(file_digest,&md); /* for(i=0;i<20;i++) { printf("%02x",file_digest[i]); }*/ /************************************** ASK FOR PASSWORD FOR DES **************************************/ buf=(char *)malloc(4096*sizeof(char)); buff=(char *)malloc(4096*sizeof(char)); des_read_pw(buf,buff,4096,"Enter passphrase for DES encryption: ",verify); //printf("buff=%s",buf); //printf("buff2=%s\n",buff); len_of_pass=strlen(buf); //printf("len_of_pass=%d\n",len_of_pass); /************************************** GENERATE SHA1 OF THE PASSWORD **************************************/ SHA1_Init(&md); //free(&md); //SHA1_Update(&md,"yesnomaybe",10); SHA1_Update(&md,buf,strlen(buf)); SHA1_Final(digest,&md); //printf("The SHA1 of password is\n"); for(i=0;i<20;i++) { //printf("%02x",digest[i]); } //printf("\n"); /******************************************* COMPUTE SHA1 OF X AND RANDOM BITS(RB1) 1 *******************************************/ /* SHA1_Init(&md); SHA1_Update(&md,digest,20); SHA1_Update(&md,HW4_random_bits_1,20); SHA1_Final(X_RB1,&md); for(i=0;i<20;i++) { //printf("%02x",X_RB1[i]); } //printf("\n");*/ /****************************************** COMPUTE SHA1 OF RB1(Y) AND RANDOM BITS 2(RB2) ******************************************/ /* SHA1_Init(&md); SHA1_Update(&md,X_RB1,20); SHA1_Update(&md,HW4_random_bits_2,20); SHA1_Final(X_RB2,&md); for(i=0;i<20;i++) { //printf("%02x",X_RB2[i]); } //printf("\n");*/ /*************************************** COMPUTER IV AND 3 DES KEYS ***************************************/ // SC_3des_key_gen(NULL,digest,IV,DES_key1,DES_key2,DES_key3); SmartcardState pss=(SmartcardState)NULL; void *handle=NULL; //void *vp =NULL; SC_Init_Func *pfn_init=NULL; SC_Cleanup_Func *pfn_cleanup=NULL; SC_GetSignatureSize_Func *pfn_getsigsize=NULL; SC_3DesKeyGen_Func *pfn_sc_enc=NULL; handle = dlopen(sopath, RTLD_NOW|RTLD_GLOBAL); if (handle==NULL) { //fprintf(stderr, "%s\n",sopath); fprintf(stderr, "%s\n", dlerror()); fprintf(stderr,"dlopen() failed\n"); exit(1); } pfn_init = (SC_Init_Func*)dlsym(handle,"SC_init"); pfn_cleanup = (SC_Cleanup_Func*)dlsym(handle,"SC_cleanup"); pfn_getsigsize = (SC_GetSignatureSize_Func*)dlsym(handle,"SC_get_signature_size"); pfn_sc_enc = (SC_3DesKeyGen_Func *)dlsym(handle,"SC_3des_key_gen"); if(pfn_init==NULL || pfn_cleanup==NULL || pfn_getsigsize==NULL || pfn_sc_enc==NULL) { fprintf(stderr,"(cannot find smartcard functions in this library)\n"); exit(1); } pss = (pfn_init)(); //printf("sig size is %d\n", (pfn_getsigsize)(pss)); (pfn_sc_enc) (pss,digest,IV,DES_key1,DES_key2,DES_key3); (pfn_cleanup)(pss); dlclose(handle); /* for(i=0;i<8;i++) IV[i]=X_RB1[i]; for(i=8,j=0;i<16;i++,j++) DES_key1[j]=X_RB1[i]; for(i=0;i<8;i++) DES_key2[i]=X_RB2[i]; for(i=8,j=0;i<16;i++,j++) DES_key3[j]=X_RB2[i]; printf("IV="); for(i=0;i<8;i++) printf("%02x",IV[i]); printf("\nDES KEY 1="); for(i=0;i<8;i++) printf("%02x",DES_key1[i]); printf("\nDES key 2="); for(i=0;i<8;i++) printf("%02x",DES_key2[i]); printf("\nDES key 3="); for(i=0;i<8;i++) printf("%02x",DES_key3[i]); printf("\n");*/ DES_set_odd_parity((DES_cblock *)DES_key1); DES_set_odd_parity((DES_cblock *)DES_key2); DES_set_odd_parity((DES_cblock *)DES_key3); DES_key_sched((DES_cblock *)DES_key1,&schedule1); DES_set_key((DES_cblock *)DES_key1,&schedule1); DES_key_sched((DES_cblock *)DES_key2,&schedule2); DES_set_key((DES_cblock *)DES_key2,&schedule2); DES_key_sched((DES_cblock *)DES_key3,&schedule3); DES_set_key((DES_cblock *)DES_key3,&schedule3); /****************************************** READ FILE 8 BYTES AT A TIME AND ENCRYPT IT ******************************************/ if((fp=fopen(filename,"rb"))==NULL) { fprintf(stderr,"{input file %s does not exist}\n",filename); exit(1); } i=0; while((count=fread(&ch,1,1,fp))) { i++; } // printf("no. of bytes=%d\n",i); no_of_bytes=i%8; fclose(fp); printf("HW4"); if(no_of_bytes>0) printf("%c",no_of_bytes); else printf("%c",eight); if((fp=fopen(filename,"rb"))==NULL) { fprintf(stderr,"{input file %s does not exist}\n",filename); exit(1); } while((count=fread(&DES_input,1,8,fp))) { if(count!=8) { for(i=count;i<8;i++) DES_input[i]='\0'; DES_ede3_cbc_encrypt(DES_input,DES_output,8,&schedule1,&schedule2,&schedule3,(DES_cblock*)IV,1); for(i=0;i<8;i++) printf("%c",DES_output[i]); // printf("%s",DES_output); } else { // printf("%d\n",count); DES_ede3_cbc_encrypt(DES_input,DES_output,8,&schedule1,&schedule2,&schedule3,(DES_cblock*)IV,1); for(i=0;i<8;i++) printf("%c",DES_output[i]); // printf("%s",DES_output); } } for(i=0;i<20;i++) printf("%c",file_digest[i]); return 1; }
status_t SSO::MBIKeyOld(BString key, BString nonce, BString &response) { const char *kSessionHash = "WS-SecureConversationSESSION KEY HASH"; const char *kSessionEnc = "WS-SecureConversationSESSION KEY ENCRYPTION"; const uint32 kSessionHashLen = strlen(kSessionHash); const uint32 kSessionEncLen = strlen(kSessionEnc); const uint8 kNoncePadding = 8; uchar *key1 = NULL; uchar *key2 = NULL; uchar *key3 = NULL; // Obtain the three keys for the 3DES encryption int32 key1Len = (int32)Base64Decode(key.String(), key.Length(), &key1); int32 key2Len = DeriveKey(key1, key1Len, (uchar *)kSessionHash, kSessionHashLen, &key2); DeriveKey(key1, key1Len, (uchar *)kSessionEnc, kSessionEncLen, &key3); uchar hash[EVP_MAX_MD_SIZE]; unsigned int hashLen = 0; // Key 2 is used as the key to the HMAC-SHA() of the Nonce HMAC(EVP_sha1(), key2, key2Len, (uchar *)nonce.String(), nonce.Length(), hash, &hashLen); // The nonce is padded out by 8 bytes of 0x08 int32 padNonceLen = nonce.Length() + kNoncePadding; uchar *padNonce = (uchar *)calloc(padNonceLen, sizeof(uchar)); memset(padNonce, 0x08, padNonceLen); memcpy(padNonce, nonce.String(), nonce.Length()); const uint32 kKeyLen = 8; uchar cbc_key1[kKeyLen]; uchar cbc_key2[kKeyLen]; uchar cbc_key3[kKeyLen]; // The 3DES CBC key is Key3 memcpy(cbc_key1, key3 + (kKeyLen * 0), sizeof(cbc_key1)); memcpy(cbc_key2, key3 + (kKeyLen * 1), sizeof(cbc_key2)); memcpy(cbc_key3, key3 + (kKeyLen * 2), sizeof(cbc_key3)); des_key_schedule ks1; des_key_schedule ks2; des_key_schedule ks3; // Create 3DES CBC keys DES_set_key(&cbc_key1, &ks1); DES_set_key(&cbc_key2, &ks2); DES_set_key(&cbc_key3, &ks3); // Setup the IV uchar iv[8]; for (int8 i = 0; i < 8; i++) iv[i] = rand() * 255; des_cblock iv3; memcpy(iv3, iv, sizeof(iv)); // Create a buffer used by the 3DES process uchar *buffer = (uchar *)calloc(1024, sizeof(uchar)); // 3DES the nonce DES_ede3_cbc_encrypt(padNonce, buffer, padNonceLen, &ks1, &ks2, &ks3, &iv3, DES_ENCRYPT); // Output the results BufferWriter *result = new BufferWriter(B_SWAP_HOST_TO_LENDIAN); result->WriteInt32(0x0000001C); // Size of header (28) result->WriteInt32(0x00000001); // CBC crypt result->WriteInt32(0x00006603); // Triple DES result->WriteInt32(0x00008004); // SHA1 result->WriteInt32(sizeof(iv)); // Length of IV result->WriteInt32(hashLen); // Length of hash result->WriteInt32(72); // Length of cipher result->WriteData(iv, sizeof(iv)); // IV result->WriteData(hash, hashLen); // Hash result->WriteData(buffer, 72); // Enc char *base64Result = Base64Encode((const char *)result->Buffer(), (int32)result->Offset()); response = base64Result; free(key1); free(key2); free(key3); free(padNonce); free(buffer); free(base64Result); return B_OK; };
static krb5_error_code DES3_string_to_key(krb5_context context, krb5_enctype enctype, krb5_data password, krb5_salt salt, krb5_data opaque, krb5_keyblock *key) { char *str; size_t len; unsigned char tmp[24]; DES_cblock keys[3]; krb5_error_code ret; len = password.length + salt.saltvalue.length; str = malloc(len); if(len != 0 && str == NULL) { krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } memcpy(str, password.data, password.length); memcpy(str + password.length, salt.saltvalue.data, salt.saltvalue.length); { DES_cblock ivec; DES_key_schedule s[3]; int i; ret = _krb5_n_fold(str, len, tmp, 24); if (ret) { memset(str, 0, len); free(str); krb5_set_error_message(context, ret, N_("malloc: out of memory", "")); return ret; } for(i = 0; i < 3; i++){ memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); DES_set_odd_parity(keys + i); if(DES_is_weak_key(keys + i)) _krb5_xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); DES_set_key_unchecked(keys + i, &s[i]); } memset(&ivec, 0, sizeof(ivec)); DES_ede3_cbc_encrypt(tmp, tmp, sizeof(tmp), &s[0], &s[1], &s[2], &ivec, DES_ENCRYPT); memset(s, 0, sizeof(s)); memset(&ivec, 0, sizeof(ivec)); for(i = 0; i < 3; i++){ memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); DES_set_odd_parity(keys + i); if(DES_is_weak_key(keys + i)) _krb5_xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); } memset(tmp, 0, sizeof(tmp)); } key->keytype = enctype; krb5_data_copy(&key->keyvalue, keys, sizeof(keys)); memset(keys, 0, sizeof(keys)); memset(str, 0, len); free(str); return 0; }