int main(void)
{
    unsigned char in[BUFSIZE], encrypted[BUFSIZE], decrypted[BUFSIZE];
    unsigned char *e = encrypted;
    int len;

    DES_cblock key1, key2, key3;
    DES_cblock seed = {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10};
    DES_key_schedule ks1, ks2, ks3;
    DES_cblock ivsetup = {0xE1, 0xE2, 0xE3, 0xD4, 0xD5, 0xC6, 0xC7, 0xA8};
    DES_cblock ivec;

    memset(in, 0, sizeof(in));
    memset(encrypted, 0, sizeof(encrypted));
    memset(decrypted, 0, sizeof(decrypted));

    RAND_seed(seed, sizeof(DES_cblock));

    DES_random_key(&key1);
    DES_random_key(&key2);
    DES_random_key(&key2);

    DES_set_key((DES_cblock *)key1, &ks1);
    DES_set_key((DES_cblock *)key2, &ks2);
    DES_set_key((DES_cblock *)key3, &ks3);

    /* plaintext */
    strcpy(in, "this is a string encrypted with triple des. it is 64 bytes long.");

    printf("Plaintext: [%s]\n", in);

    len = strlen(in);
    memcpy(ivec, ivsetup, sizeof(ivsetup));
    DES_ede3_cbc_encrypt(in, encrypted, len, &ks1, &ks2, &ks3, &ivec, DES_ENCRYPT);

    printf("Ciphertext:");
    while (*e) printf(" [%02x]", *e++);
    printf("\n");

    len = strlen(encrypted);
    memcpy(ivec, ivsetup, sizeof(ivsetup));
    DES_ede3_cbc_encrypt(encrypted, decrypted, len, &ks1, &ks2, &ks3, &ivec, DES_DECRYPT);

    printf("Decrypted Text: [%s]\n", decrypted);

    exit(0);


}
示例#2
0
CK_RV
sw_des3_cbc(CK_BYTE * in_data,
	    CK_ULONG in_data_len,
	    CK_BYTE *out_data,
	    CK_ULONG *out_data_len,
	    CK_BYTE *init_v,
	    CK_BYTE  *key_value,
	    CK_BYTE  encrypt)
{
	DES_key_schedule des_key1;
	DES_key_schedule des_key2;
	DES_key_schedule des_key3;

	const_DES_cblock key_SSL1, key_SSL2, key_SSL3;
	DES_cblock ivec;

	// the des decrypt will only fail if the data length is not evenly divisible
	// by 8
	if (in_data_len % 8) {
		TRACE_ERROR("%s\n", ock_err(ERR_DATA_LEN_RANGE));
		return CKR_DATA_LEN_RANGE;
	}

	// The key as passed in is a 24 byte string containing 3 keys
	// pick it apart and create the key schedules
	memcpy(&key_SSL1, key_value, (size_t)8);
	memcpy(&key_SSL2, key_value+8, (size_t)8);
	memcpy(&key_SSL3, key_value+16, (size_t)8);
	DES_set_key_unchecked(&key_SSL1, &des_key1);
	DES_set_key_unchecked(&key_SSL2, &des_key2);
	DES_set_key_unchecked(&key_SSL3, &des_key3);

	memcpy(ivec, init_v, sizeof(ivec));

	// Encrypt or decrypt the data
	if (encrypt) {
		DES_ede3_cbc_encrypt(in_data,
				out_data,
				in_data_len,
				&des_key1,
				&des_key2,
				&des_key3,
				&ivec,
				DES_ENCRYPT);
		*out_data_len = in_data_len;
	} else {
		DES_ede3_cbc_encrypt(in_data,
				out_data,
				in_data_len,
				&des_key1,
				&des_key2,
				&des_key3,
				&ivec,
				DES_DECRYPT);

		*out_data_len = in_data_len;
	}

	return CKR_OK;
}
示例#3
0
static void
cbc3_test(char key1[8], char key2[8], char key3[8],
	  char iv[8], char in[24], char out[24])
{
    unsigned char k1[8], k2[8], k3[8],
	indata[24], outdata[24], outdata2[24], ansdata[24];
    DES_key_schedule s1, s2, s3;
    DES_cblock ivdata, ivec_copy;

    memcpy(k1, key1, 8);
    memcpy(k2, key2, 8);
    memcpy(k3, key3, 8);
    memcpy(ivdata, iv, 8);
    memcpy(indata, in, 24);
    memcpy(ansdata, out, 24);
    DES_set_odd_parity(&k1);
    DES_set_odd_parity(&k2);
    DES_set_odd_parity(&k3);
    DES_set_key_unchecked(&k1, &s1);
    DES_set_key_unchecked(&k2, &s2);
    DES_set_key_unchecked(&k3, &s3);
    memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy));
    DES_ede3_cbc_encrypt(indata, outdata, 24,
			 &s1, &s2, &s3, &ivec_copy, 1);
    if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
	errx(1, "cbc3: encrypt");
    memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy));
    DES_ede3_cbc_encrypt(outdata, outdata2, 24,
			 &s1, &s2, &s3, &ivec_copy, 0);
    if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
	errx(1, "cbc3: decrypt");
}
示例#4
0
int perf()
{
        DES_cblock key1, key2, key3, iv;
        DES_key_schedule ks1, ks2, ks3;

        char* payload = (char*)malloc(64);
        int i;
        uint64_t start, end;

       	memcpy(payload, "hello world hello world hello world\n", 64);
 
	// 1. Key & IV Extract
        memcpy(key1, "aeaeaeae", 8);
        memcpy(key2, "aeaeaeae", 8);
        memcpy(key3, "aeaeaeae", 8);

        memcpy(iv, "aeaeaeae", 8);

        DES_set_odd_parity(&key1);
        DES_set_odd_parity(&key2);
        DES_set_odd_parity(&key3);

        // Key Validation Check
        if(DES_set_key_checked(&key1, &ks1) ||
           DES_set_key_checked(&key2, &ks2) ||
           DES_set_key_checked(&key3, &ks3))
        {
               printf("DES_set_key_checked Error\n");
        }
          
        start = cpu_tsc();

        for(i = 0; i < 1000000; i++)
        {       
                DES_ede3_cbc_encrypt((const unsigned char*)payload,
                                (unsigned char*)payload, 
                                64 , &ks1, &ks2, &ks3, &iv, DES_ENCRYPT);       
        }

        end = cpu_tsc();
	
        printf("encrpytion time : %ld\n", (end-start)/10000);
	
	start = cpu_tsc();

        for(i = 0; i < 1000000; i++)
        {
                DES_ede3_cbc_encrypt((const unsigned char*)payload,
                                (unsigned char*)payload,
                                64 , &ks1, &ks2, &ks3, &iv, DES_DECRYPT);
        }

        end = cpu_tsc();

        printf("decryption time : %ld\n", (end-start)/10000);

	return 0;
}
static int kcdecrypt(unsigned char *key, unsigned char *iv, unsigned char *data)
{
	unsigned char out[CTLEN];
	int pad, n, i;
	DES_cblock key1, key2, key3;
	DES_cblock ivec;
	DES_key_schedule ks1, ks2, ks3;
	memset(out, 0, sizeof(out));
	memcpy(key1, key, 8);
	memcpy(key2, key + 8, 8);
	memcpy(key3, key + 16, 8);
	DES_set_key((C_Block *) key1, &ks1);
	DES_set_key((C_Block *) key2, &ks2);
	DES_set_key((C_Block *) key3, &ks3);
	memcpy(ivec, iv, 8);
	DES_ede3_cbc_encrypt(data, out, CTLEN, &ks1, &ks2, &ks3, &ivec,  DES_DECRYPT);

	// now check padding
	pad = out[47];
	if(pad > 8)
		// "Bad padding byte. You probably have a wrong password"
		return -1;
	if(pad != 4) /* possible bug here, is this assumption always valid? */
		return -1;
	n = CTLEN - pad;
	for(i = n; i < CTLEN; i++)
		if(out[i] != pad)
			// "Bad padding. You probably have a wrong password"
			return -1;
	return 0;
}
示例#6
0
static void des3_decrypt(struct crypto_struct *cipher, void *in,
    void *out, unsigned long len, void *IV) {
  DES_ede3_cbc_encrypt(in, out, len, cipher->key,
      cipher->key + sizeof(DES_key_schedule),
      cipher->key + 2 * sizeof(DES_key_schedule),
      IV, 0);
}
示例#7
0
static void des3_decrypt(struct ssh_cipher_struct *cipher, void *in,
    void *out, unsigned long len) {
  DES_ede3_cbc_encrypt(in, out, len, cipher->key,
      (void*)((uint8_t*)cipher->key + sizeof(DES_key_schedule)),
      (void*)((uint8_t*)cipher->key + 2 * sizeof(DES_key_schedule)),
      cipher->IV, 0);
}
示例#8
0
void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output, 
  long length, des_key_schedule ks1, des_key_schedule ks2, 
  des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc)
  {
  DES_ede3_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
    length, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
    (DES_key_schedule *)ks3, ivec, enc);
  }
示例#9
0
文件: e_des.c 项目: google/boringssl
static int des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
                              const uint8_t *in, size_t in_len) {
  DES_EDE_KEY *dat = (DES_EDE_KEY*) ctx->cipher_data;

  DES_ede3_cbc_encrypt(in, out, in_len, &dat->ks.ks[0], &dat->ks.ks[1],
                       &dat->ks.ks[2], (DES_cblock *)ctx->iv, ctx->encrypt);

  return 1;
}
示例#10
0
void
des3_decrypt(struct keystate *ks, u_int8_t *data, u_int16_t len)
{
	u_int8_t        iv[MAXBLK];

	memcpy(iv, ks->riv, ks->xf->blocksize);
	DES_ede3_cbc_encrypt((void *)data, (void *)data, len, &ks->ks_des[0],
	    &ks->ks_des[1], &ks->ks_des[2], (void *)iv, DES_DECRYPT);
}
示例#11
0
static int
ossl_des3_cbc_decrypt(PX_Cipher *c, const uint8 *data, unsigned dlen,
					  uint8 *res)
{
	ossldata   *od = c->ptr;

	DES_ede3_cbc_encrypt(data, res, dlen,
						 &od->u.des3.k1, &od->u.des3.k2, &od->u.des3.k3,
						 (DES_cblock *) od->iv, 0);
	return 0;
}
示例#12
0
int
encrypt_des(DES_cblock *cblock, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_key_schedule *ks3,
                char *cipher, char *string, int stringLen)
{
   DES_ede3_cbc_encrypt((const unsigned char*)string,
                         (unsigned char*)cipher,
                          stringLen, ks1, ks2, ks3,
                                  cblock, DES_ENCRYPT);
   printf("Encrypted : %32.32s\n",cipher);

   return 0;
}
示例#13
0
static int
des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
		       unsigned char *out,
		       const unsigned char *in,
		       unsigned int size)
{
    struct des_ede3_cbc *k = ctx->cipher_data;
    DES_ede3_cbc_encrypt(in, out, size,
			 &k->ks[0], &k->ks[1], &k->ks[2],
			 (DES_cblock *)ctx->iv, ctx->encrypt);
    return 1;
}
示例#14
0
static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
			      const unsigned char *in, unsigned int inl)
{
#ifdef KSSL_DEBUG
	{
        int i;
        char *cp;
	printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len);
	printf("\t iv= ");
        for(i=0;i<8;i++)
                printf("%02X",ctx->iv[i]);
	printf("\n");
	}
#endif    /* KSSL_DEBUG */
	DES_ede3_cbc_encrypt(in, out, (long)inl,
			     &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
			     (DES_cblock *)ctx->iv, ctx->encrypt);
	return 1;
}
示例#15
0
int decrypt_des(char *cipher, char *text, DES_key_schedule *ks1, DES_key_schedule *ks2, 
                    DES_key_schedule *ks3, DES_cblock *cblock, int cipherLen)
{
   // You need to start with the same cblock value
   memset(cblock,0,sizeof(DES_cblock));
   DES_set_odd_parity(cblock);
   //-----------------------------------------------
   // I think you need to use 32 for the cipher len.
   // You can't use strlen(cipher) because if there
   // is a 0x00 in the middle of the cipher strlen
   // will stop there and the length would be short
   DES_ede3_cbc_encrypt((const unsigned char*)cipher,
                         (unsigned char*)text,
                          cipherLen, ks1, ks2, ks3,
                                     cblock,DES_DECRYPT);
   printf("Decrypted : %s\n",text);

   return 0;
}
示例#16
0
/**
  Performs TDES decryption on a data buffer of the specified size in CBC mode.

  This function performs TDES decryption on data buffer pointed by Input, of specified
  size of InputSize, in CBC mode.
  InputSize must be multiple of block size (8 bytes). This function does not perform
  padding. Caller must perform padding, if necessary, to ensure valid input data size.
  Initialization vector should be one block size (8 bytes).
  TdesContext should be already correctly initialized by TdesInit(). Behavior with
  invalid TDES context is undefined.

  If TdesContext is NULL, then return FALSE.
  If Input is NULL, then return FALSE.
  If InputSize is not multiple of block size (8 bytes), then return FALSE.
  If Ivec is NULL, then return FALSE.
  If Output is NULL, then return FALSE.

  @param[in]   TdesContext  Pointer to the TDES context.
  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
  @param[in]   InputSize    Size of the Input buffer in bytes.
  @param[in]   Ivec         Pointer to initialization vector.
  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.

  @retval TRUE   TDES decryption succeeded.
  @retval FALSE  TDES decryption failed.

**/
BOOLEAN
EFIAPI
TdesCbcDecrypt (
  IN   VOID         *TdesContext,
  IN   CONST UINT8  *Input,
  IN   UINTN        InputSize,
  IN   CONST UINT8  *Ivec,
  OUT  UINT8        *Output
  )
{
  DES_key_schedule  *KeySchedule;
  UINT8             IvecBuffer[TDES_BLOCK_SIZE];

  //
  // Check input parameters.
  //
  if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0) {
    return FALSE;
  }

  if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) {
    return FALSE;
  }

  KeySchedule = (DES_key_schedule *) TdesContext;
  CopyMem (IvecBuffer, Ivec, TDES_BLOCK_SIZE);

  DES_ede3_cbc_encrypt (
    Input,
    Output,
    (UINT32) InputSize,
    KeySchedule,
    KeySchedule + 1,
    KeySchedule + 2,
    (DES_cblock *) IvecBuffer,
    DES_DECRYPT
    );

  return TRUE;
}
示例#17
0
odp_packet_t create_ipv4_packet(stream_db_entry_t *stream,
				uint8_t *dmac,
				odp_pool_t pkt_pool)
{
	ipsec_cache_entry_t *entry = NULL;
	odp_packet_t pkt;
	uint8_t *base;
	uint8_t *data;
	odph_ethhdr_t *eth;
	odph_ipv4hdr_t *ip;
	odph_ipv4hdr_t *inner_ip = NULL;
	odph_ahhdr_t *ah = NULL;
	odph_esphdr_t *esp = NULL;
	odph_icmphdr_t *icmp;
	stream_pkt_hdr_t *test;
	unsigned i;

	if (stream->input.entry)
		entry = stream->input.entry;
	else if (stream->output.entry)
		entry = stream->output.entry;

	/* Get packet */
	pkt = odp_packet_alloc(pkt_pool, 0);
	if (ODP_PACKET_INVALID == pkt)
		return ODP_PACKET_INVALID;
	base = odp_packet_data(pkt);
	data = odp_packet_data(pkt);

	/* Ethernet */
	odp_packet_has_eth_set(pkt, 1);
	eth = (odph_ethhdr_t *)data;
	data += sizeof(*eth);

	memset((char *)eth->src.addr, (0x80 | stream->id), ODPH_ETHADDR_LEN);
	memcpy((char *)eth->dst.addr, dmac, ODPH_ETHADDR_LEN);
	eth->type = odp_cpu_to_be_16(ODPH_ETHTYPE_IPV4);

	/* IPv4 */
	odp_packet_has_ipv4_set(pkt, 1);
	ip = (odph_ipv4hdr_t *)data;
	data += sizeof(*ip);

	/* Wait until almost finished to fill in mutable fields */
	memset((char *)ip, 0, sizeof(*ip));
	ip->ver_ihl = 0x45;
	ip->id = odp_cpu_to_be_16(stream->id);
	/* Outer IP header in tunnel mode */
	if (entry && entry->mode == IPSEC_SA_MODE_TUNNEL &&
	    (entry == stream->input.entry)) {
		ip->proto = ODPH_IPV4;
		ip->src_addr = odp_cpu_to_be_32(entry->tun_src_ip);
		ip->dst_addr = odp_cpu_to_be_32(entry->tun_dst_ip);
	} else {
		ip->proto = ODPH_IPPROTO_ICMP;
		ip->src_addr = odp_cpu_to_be_32(stream->src_ip);
		ip->dst_addr = odp_cpu_to_be_32(stream->dst_ip);
	}

	/* AH (if specified) */
	if (entry && (entry == stream->input.entry) &&
	    (ODP_AUTH_ALG_NULL != entry->ah.alg)) {
		if (ODP_AUTH_ALG_MD5_96 != entry->ah.alg)
			abort();

		ah = (odph_ahhdr_t *)data;
		data += sizeof(*ah);
		data += entry->ah.icv_len;

		memset((char *)ah, 0, sizeof(*ah) + entry->ah.icv_len);
		ah->ah_len = 1 + (entry->ah.icv_len / 4);
		ah->spi = odp_cpu_to_be_32(entry->ah.spi);
		ah->seq_no = odp_cpu_to_be_32(stream->input.ah_seq++);
	}

	/* ESP (if specified) */
	if (entry && (entry == stream->input.entry) &&
	    (ODP_CIPHER_ALG_NULL != entry->esp.alg)) {
		if (ODP_CIPHER_ALG_3DES_CBC != entry->esp.alg)
			abort();

		esp = (odph_esphdr_t *)data;
		data += sizeof(*esp);
		data += entry->esp.iv_len;

		esp->spi = odp_cpu_to_be_32(entry->esp.spi);
		esp->seq_no = odp_cpu_to_be_32(stream->input.esp_seq++);
		RAND_bytes(esp->iv, 8);
	}

	/* Inner IP header in tunnel mode */
	if (entry && (entry == stream->input.entry) &&
	    (entry->mode == IPSEC_SA_MODE_TUNNEL)) {
		inner_ip = (odph_ipv4hdr_t *)data;
		memset((char *)inner_ip, 0, sizeof(*inner_ip));
		inner_ip->ver_ihl = 0x45;
		inner_ip->proto = ODPH_IPPROTO_ICMP;
		inner_ip->id = odp_cpu_to_be_16(stream->id);
		inner_ip->ttl = 64;
		inner_ip->tos = 0;
		inner_ip->frag_offset = 0;
		inner_ip->src_addr = odp_cpu_to_be_32(stream->src_ip);
		inner_ip->dst_addr = odp_cpu_to_be_32(stream->dst_ip);
		inner_ip->chksum = odp_chksum(inner_ip, sizeof(*inner_ip));
		data += sizeof(*inner_ip);
	}

	/* ICMP header so we can see it on wireshark */
	icmp = (odph_icmphdr_t *)data;
	data += sizeof(*icmp);
	icmp->type = ICMP_ECHO;
	icmp->code = 0;
	icmp->un.echo.id = odp_cpu_to_be_16(0x1234);
	icmp->un.echo.sequence = odp_cpu_to_be_16(stream->created);

	/* Packet payload of incrementing bytes */
	test = (stream_pkt_hdr_t *)data;
	data += sizeof(*test);
	test->magic = odp_cpu_to_be_64(STREAM_MAGIC);
	for (i = 0; i < stream->length; i++)
		*data++ = (uint8_t)i;

	/* Close ICMP */
	icmp->chksum = 0;
	icmp->chksum = odp_chksum(icmp, data - (uint8_t *)icmp);

	/* Close ESP if specified */
	if (esp) {
		int payload_len = data - (uint8_t *)icmp;
		uint8_t *encrypt_start = (uint8_t *)icmp;

		if (entry->mode == IPSEC_SA_MODE_TUNNEL) {
			payload_len = data - (uint8_t *)inner_ip;
			encrypt_start = (uint8_t *)inner_ip;
		}

		int encrypt_len;
		odph_esptrl_t *esp_t;
		DES_key_schedule ks1, ks2, ks3;
		uint8_t iv[8];

		memcpy(iv, esp->iv, sizeof(iv));

		encrypt_len = ESP_ENCODE_LEN(payload_len + sizeof(*esp_t),
					     entry->esp.block_len);
		memset(data, 0, encrypt_len - payload_len);
		data += encrypt_len - payload_len;

		esp_t = (odph_esptrl_t *)(data) - 1;
		esp_t->pad_len = encrypt_len - payload_len - sizeof(*esp_t);
		esp_t->next_header = ip->proto;
		ip->proto = ODPH_IPPROTO_ESP;

		DES_set_key((DES_cblock *)&entry->esp.key.data[0], &ks1);
		DES_set_key((DES_cblock *)&entry->esp.key.data[8], &ks2);
		DES_set_key((DES_cblock *)&entry->esp.key.data[16], &ks3);

		DES_ede3_cbc_encrypt(encrypt_start,
				     encrypt_start,
				     encrypt_len,
				     &ks1,
				     &ks2,
				     &ks3,
				     (DES_cblock *)iv,
				     1);
	}

	/* Since ESP can pad we can now fix IP length */
	ip->tot_len = odp_cpu_to_be_16(data - (uint8_t *)ip);

	/* Close AH if specified */
	if (ah) {
		uint8_t hash[EVP_MAX_MD_SIZE];
		int auth_len = data - (uint8_t *)ip;

		ah->next_header = ip->proto;
		ip->proto = ODPH_IPPROTO_AH;

		HMAC(EVP_md5(),
		     entry->ah.key.data,
		     entry->ah.key.length,
		     (uint8_t *)ip,
		     auth_len,
		     hash,
		     NULL);

		memcpy(ah->icv, hash, 12);
	}

	/* Correct set packet length offsets */
	odp_packet_push_tail(pkt, data - base);
	odp_packet_l2_offset_set(pkt, (uint8_t *)eth - base);
	odp_packet_l3_offset_set(pkt, (uint8_t *)ip - base);
	odp_packet_l4_offset_set(pkt, ((uint8_t *)ip - base) + sizeof(*ip));

	/* Now fill in final IP header fields */
	ip->ttl = 64;
	ip->tos = 0;
	ip->frag_offset = 0;
	ip->chksum = 0;
	odph_ipv4_csum_update(pkt);
	return pkt;
}
示例#18
0
odp_bool_t verify_ipv4_packet(stream_db_entry_t *stream,
			      odp_packet_t pkt)
{
	ipsec_cache_entry_t *entry = NULL;
	uint8_t *data;
	odph_ipv4hdr_t *ip;
	odph_ahhdr_t *ah = NULL;
	odph_esphdr_t *esp = NULL;
	int hdr_len;
	odph_icmphdr_t *icmp;
	stream_pkt_hdr_t *test;
	uint32_t src_ip, dst_ip;

	if (stream->input.entry)
		entry = stream->input.entry;
	else if (stream->output.entry)
		entry = stream->output.entry;

	/* Basic IPv4 verify (add checksum verification) */
	data = odp_packet_l3_ptr(pkt, NULL);
	ip = (odph_ipv4hdr_t *)data;
	data += sizeof(*ip);
	if (0x45 != ip->ver_ihl)
		return FALSE;

	src_ip = odp_be_to_cpu_32(ip->src_addr);
	dst_ip = odp_be_to_cpu_32(ip->dst_addr);
	if ((stream->src_ip != src_ip) && stream->output.entry &&
	    (stream->output.entry->tun_src_ip != src_ip))
		return FALSE;
	if ((stream->dst_ip != dst_ip) && stream->output.entry &&
	    (stream->output.entry->tun_dst_ip != dst_ip))
		return FALSE;

	if ((stream->src_ip != src_ip) && stream->input.entry &&
	    (stream->input.entry->tun_src_ip != src_ip))
		return FALSE;
	if ((stream->dst_ip != dst_ip) && stream->input.entry &&
	    (stream->input.entry->tun_dst_ip != dst_ip))
		return FALSE;

	/* Find IPsec headers if any and compare against entry */
	hdr_len = locate_ipsec_headers(ip, &ah, &esp);

	/* Cleartext packet */
	if (!ah && !esp)
		goto clear_packet;
	if (ah) {
		if (!entry)
			return FALSE;
		if (ODP_AUTH_ALG_NULL == entry->ah.alg)
			return FALSE;
		if (odp_be_to_cpu_32(ah->spi) != entry->ah.spi)
			return FALSE;
		if (ODP_AUTH_ALG_MD5_96 != entry->ah.alg)
			abort();
	} else {
		if (entry && (ODP_AUTH_ALG_NULL != entry->ah.alg))
			return FALSE;
	}
	if (esp) {
		if (!entry)
			return FALSE;
		if (ODP_CIPHER_ALG_NULL == entry->esp.alg)
			return FALSE;
		if (odp_be_to_cpu_32(esp->spi) != entry->esp.spi)
			return FALSE;
		if (ODP_CIPHER_ALG_3DES_CBC != entry->esp.alg)
			abort();
		hdr_len += entry->esp.iv_len;
	} else {
		if (entry && (ODP_CIPHER_ALG_NULL != entry->esp.alg))
			return FALSE;
	}
	data += hdr_len;

	/* Verify authentication (if present) */
	if (ah) {
		uint8_t  ip_tos;
		uint8_t  ip_ttl;
		uint16_t ip_frag_offset;
		uint8_t  icv[12];
		uint8_t  hash[EVP_MAX_MD_SIZE];

		/* Save/clear mutable fields */
		ip_tos = ip->tos;
		ip_ttl = ip->ttl;
		ip_frag_offset = odp_be_to_cpu_16(ip->frag_offset);
		ip->tos = 0;
		ip->ttl = 0;
		ip->frag_offset = 0;
		ip->chksum = 0;
		memcpy(icv, ah->icv, 12);
		memset(ah->icv, 0, 12);

		/* Calculate HMAC and compare */
		HMAC(EVP_md5(),
		     entry->ah.key.data,
		     entry->ah.key.length,
		     (uint8_t *)ip,
		     odp_be_to_cpu_16(ip->tot_len),
		     hash,
		     NULL);

		if (0 != memcmp(icv, hash, sizeof(icv)))
			return FALSE;

		ip->proto = ah->next_header;
		ip->tos = ip_tos;
		ip->ttl = ip_ttl;
		ip->frag_offset = odp_cpu_to_be_16(ip_frag_offset);
	}

	/* Decipher if present */
	if (esp) {
		odph_esptrl_t *esp_t;
		DES_key_schedule ks1, ks2, ks3;
		uint8_t iv[8];
		int encrypt_len = ipv4_data_len(ip) - hdr_len;

		memcpy(iv, esp->iv, sizeof(iv));

		DES_set_key((DES_cblock *)&entry->esp.key.data[0], &ks1);
		DES_set_key((DES_cblock *)&entry->esp.key.data[8], &ks2);
		DES_set_key((DES_cblock *)&entry->esp.key.data[16], &ks3);

		DES_ede3_cbc_encrypt((uint8_t *)data,
				     (uint8_t *)data,
				     encrypt_len,
				     &ks1,
				     &ks2,
				     &ks3,
				     (DES_cblock *)iv,
				     0);

		esp_t = (odph_esptrl_t *)(data + encrypt_len) - 1;
		ip->proto = esp_t->next_header;
	}

clear_packet:
	/* Verify IP/ICMP packet */
	if (entry && (entry->mode == IPSEC_SA_MODE_TUNNEL) && (ah || esp)) {
		if (ODPH_IPV4 != ip->proto)
			return FALSE;
		odph_ipv4hdr_t *inner_ip = (odph_ipv4hdr_t *)data;

		icmp = (odph_icmphdr_t *)(inner_ip + 1);
		data = (uint8_t *)icmp;
	} else {
		if (ODPH_IPPROTO_ICMP != ip->proto)
			return FALSE;
		icmp = (odph_icmphdr_t *)data;
	}

	/* Verify ICMP header */
	data += sizeof(*icmp);
	if (ICMP_ECHO != icmp->type)
		return FALSE;
	if (0x1234 != odp_be_to_cpu_16(icmp->un.echo.id))
		return FALSE;

	/* Now check our packet */
	test = (stream_pkt_hdr_t *)data;
	if (STREAM_MAGIC != odp_be_to_cpu_64(test->magic))
		return FALSE;

	return TRUE;
}
示例#19
0
int dec(char *sopath,char *filename)
{
	//printf("you are in the enc program\n");
        SHA_CTX md;
	DES_key_schedule schedule1;
	DES_key_schedule schedule2;
	DES_key_schedule schedule3;
        FILE *fp;
	char DES_output[9],DES_input[9];
        unsigned char buffer[10];
	char ch;
        unsigned char digest[20],file_digest[20];
        int count,i,len_of_pass,verify=0,n,last_byte_size,to_read_upto,count_buf_size,temp_count;
	unsigned char random_bits1[20],random_bits2[20],DES_key1[8],DES_key2[8],DES_key3[8],IV[8];
	char *buf,*buff;
	

	if(RAND_bytes(random_bits1,20)==0)
	{
		fprintf(stderr,"Error obtaining 20 bytes of random bits from OPENSSL\n");
		exit(1);
	}
	if(RAND_bytes(random_bits2,20)==0)
	{
		fprintf(stderr,"Error obtaining 20 bytes of random bits from OPENSSL\n");
		exit(1);
	}
/**************************************
COMPUTE SHA1 OF FILE
**************************************/

        if((fp=fopen(filename,"rb"))==NULL)
        {
                fprintf(stderr,"(%s file does not exist)\n",filename);
                exit(1);
        }
	count=0;
	while(fread(&ch,1,1,fp))
{
	if(count==0)
	{
	if(ch!='H')
	{
	fprintf(stderr,"(%s is not generated  by the enc command)\n",filename);
	exit(1);	
	}
	}
	if(count==1)
	{
	if(ch!='W')
	{
	fprintf(stderr,"(%s is not generated by the enc command)\n",filename);
	}
	}
	if(count==2)
	{
	if(ch!='4')
	{
	fprintf(stderr,"(%s is not generated by the enc command)\n",filename);
	}
	}
        count++;
}
	fclose(fp);
        if((fp=fopen(filename,"rb"))==NULL)
        {
                fprintf(stderr,"(%s is not generated  by enc command)\n",filename);
                exit(1);
        }
	

        SHA1_Init(&md);
        while((count=fread(&buffer,1,10,fp)))
        {
                SHA1_Update(&md,buffer,count);
        }
        SHA1_Final(file_digest,&md);

/*        for(i=0;i<20;i++)
        {
                printf("%02x",file_digest[i]);
        }*/

/**************************************
ASK FOR PASSWORD FOR DES
**************************************/
buf=(char *)malloc(4096*sizeof(char));
buff=(char *)malloc(4096*sizeof(char));
des_read_pw(buf,buff,4096,"Enter passphrase for DES decryption: ",verify);

//printf("buff=%s",buf);
//printf("buff2=%s\n",buff);
len_of_pass=strlen(buf);
//printf("len_of_pass=%d\n",len_of_pass);

/**************************************
GENERATE SHA1 OF THE PASSWORD
**************************************/

	SHA1_Init(&md);

	//free(&md);
	//SHA1_Update(&md,"yesnomaybe",10);
	SHA1_Update(&md,buf,strlen(buf));
	SHA1_Final(digest,&md);

	//printf("The SHA1 of password is\n");
        for(i=0;i<20;i++)
        {
                //printf("%02x",digest[i]);
        }

        //printf("\n");
	

/*******************************************
COMPUTE SHA1 OF X AND RANDOM BITS(RB1) 1
*******************************************/
/*	SHA1_Init(&md);
	SHA1_Update(&md,digest,20);
	SHA1_Update(&md,HW4_random_bits_1,20);
	SHA1_Final(X_RB1,&md);
	for(i=0;i<20;i++)
	{
		//printf("%02x",X_RB1[i]);
	}
	//printf("\n");*/

/******************************************
COMPUTE SHA1 OF RB1(Y) AND RANDOM BITS 2(RB2)
******************************************/
/*	SHA1_Init(&md);
        SHA1_Update(&md,X_RB1,20);
        SHA1_Update(&md,HW4_random_bits_2,20);
        SHA1_Final(X_RB2,&md);
        for(i=0;i<20;i++)
        {
                //printf("%02x",X_RB2[i]);
        }
        //printf("\n");*/

/***************************************
COMPUTER IV AND 3 DES KEYS
***************************************/
//	SC_3des_key_gen(NULL,digest,IV,DES_key1,DES_key2,DES_key3);

	SmartcardState pss=(SmartcardState)NULL;
void *handle=NULL;
//void *vp =NULL;
SC_Init_Func *pfn_init=NULL;
SC_Cleanup_Func *pfn_cleanup=NULL;
SC_GetSignatureSize_Func *pfn_getsigsize=NULL;
SC_3DesKeyGen_Func *pfn_sc_dec=NULL;

handle = dlopen(sopath, RTLD_NOW|RTLD_GLOBAL);
if (handle==NULL)
{
//fprintf(stderr, "%s\n",sopath);
fprintf(stderr, "%s\n",
dlerror());
fprintf(stderr,"dlopen() failed\n");
exit(1);
}
pfn_init = (SC_Init_Func*)dlsym(handle,"SC_init");


pfn_cleanup = (SC_Cleanup_Func*)dlsym(handle,"SC_cleanup");


pfn_getsigsize = (SC_GetSignatureSize_Func*)dlsym(handle,"SC_get_signature_size");

pfn_sc_dec = (SC_3DesKeyGen_Func *)dlsym(handle,"SC_3des_key_gen");

if(pfn_init==NULL || pfn_cleanup==NULL || pfn_getsigsize==NULL || pfn_sc_dec==NULL)
{
fprintf(stderr,"(cannot find smartcard functions in this library)\n");
exit(1);
}


pss = (pfn_init)();
//printf("sig size is %d\n", (pfn_getsigsize)(pss));
//int sz=(pfn_getsigsize)(pss);

(pfn_sc_dec) (pss,digest,IV,DES_key1,DES_key2,DES_key3);

(pfn_cleanup)(pss);
dlclose(handle);


/*	for(i=0;i<8;i++)
	IV[i]=X_RB1[i];
	for(i=8,j=0;i<16;i++,j++)
	DES_key1[j]=X_RB1[i];
	for(i=0;i<8;i++)
	DES_key2[i]=X_RB2[i];
	for(i=8,j=0;i<16;i++,j++)
	DES_key3[j]=X_RB2[i];
	printf("IV=");
	for(i=0;i<8;i++)
	printf("%02x",IV[i]);
	printf("\nDES KEY 1=");
	for(i=0;i<8;i++)
	printf("%02x",DES_key1[i]);
	printf("\nDES key 2=");
	for(i=0;i<8;i++)
	printf("%02x",DES_key2[i]);
	printf("\nDES key 3=");
	for(i=0;i<8;i++)
	printf("%02x",DES_key3[i]);
	printf("\n");*/


	
	
	DES_set_odd_parity((DES_cblock *)DES_key1);
	DES_set_odd_parity((DES_cblock *)DES_key2);
	DES_set_odd_parity((DES_cblock *)DES_key3);
	
	DES_key_sched((DES_cblock *)DES_key1,&schedule1);
	DES_set_key((DES_cblock *)DES_key1,&schedule1); 

        DES_key_sched((DES_cblock *)DES_key2,&schedule2);
        DES_set_key((DES_cblock *)DES_key2,&schedule2);

        DES_key_sched((DES_cblock *)DES_key3,&schedule3);
        DES_set_key((DES_cblock *)DES_key3,&schedule3);

/******************************************
READ FILE 8 BYTES AT A TIME AND ENCRYPT IT
******************************************/

	if((fp=fopen(filename,"rb"))==NULL)
	{
		fprintf(stderr,"{input file %s does not exist}\n",filename);
		exit(1);
	}
	i=0;
	while((count=fread(&ch,1,1,fp)))
	{
	i++;
	if(i==4)
	{
	last_byte_size=(int)ch;
	}
	}//while ends
	fclose(fp);
//	printf("last_bytes_size=%d",last_byte_size);
//	printf("\ntotal count=%d\n",i);
	to_read_upto=i-20;
//	printf("to read upto=%d\n",to_read_upto);
        if((fp=fopen(filename,"rb"))==NULL)
        {
                fprintf(stderr,"{input file %s does not exist}\n",filename);
                exit(1);
        }
	n=0;count_buf_size=0;i=0;temp_count=0;
	for(i=0;i<4;i++)
	fread(&ch,1,1,fp);
	n=4;

	while(!feof(fp))
	{
	if(n==(to_read_upto-8))
	{
	  //	printf("\nlast byte reading\n");
		for(i=0;i<8;i++)
		DES_input[i]=fgetc(fp);
		DES_ede3_cbc_encrypt(DES_input,DES_output,8,&schedule1,&schedule2,&schedule3,(DES_cblock*)IV,DES_DECRYPT);
		
		for(i=0;i<last_byte_size;i++)
		printf("%c",DES_output[i]);	
		exit(1);
	}	
	for(i=0;i<8;i++)
	{
		if(n==(to_read_upto+1))
		exit(1);
	n++;
	DES_input[i]=fgetc(fp);
	}
	DES_ede3_cbc_encrypt(DES_input,DES_output,8,&schedule1,&schedule2,&schedule3,(DES_cblock*)IV,DES_DECRYPT);
	for(i=0;i<8;i++)
	printf("%c",DES_output[i]);
	}//while feof ends
		
	
/*	while((count=fread(&ch,1,1,fp)))
	{
//		printf("%c",ch);
		n++;
		if(n>4)//skip first four bytes of encrypted file
		{
		if(n==to_read_upto+1)
		break;
			
		DES_input[count_buf_size]=ch;	
		printf("%c",DES_input[count_buf_size]);
		
	
		count_buf_size++;
		if(count_buf_size==7)
		{	
			//for(i=0;i<8;i++)
			//printf("%c",DES_input[i]);
			temp_count++;
			DES_ede3_cbc_encrypt(DES_input,DES_output,8,&schedule1,&schedule2,&schedule3,(DES_cblock*)IV,DES_DECRYPT);
			if(n==to_read_upto-7)
			{
//			printf("in other loop\n");
//			for(i=0;i<last_byte_size;i++)
//			printf("%c",DES_output[i]);
			}
			else
			{
//			for(i=0;i<8;i++)
//			printf("%c",DES_output[i]);
			count_buf_size=0;
			}
		}
		}//if count >4 ends
	}	
//	printf("count=%d\n",temp_count);
//	printf("loop count=%d\n",n);
	for(i=0;i<20;i++)
	printf("%c",file_digest[i]);
	//printf("%s\n",file_digest);*/
		

	return 1;


}
示例#20
0
int main(int argc, char *argv[])
{
    int j, err = 0;
    unsigned int i;
    DES_cblock in, out, outin, iv3;
    DES_key_schedule ks, ks2, ks3;
    unsigned char cbc_in[40];
    unsigned char cbc_out[40];
    DES_LONG cs;
    unsigned char cret[8];
    DES_LONG lqret[4];
    int num;
    char *str;

    printf("Doing ecb\n");
    for (i = 0; i < NUM_TESTS; i++) {
        DES_set_key_unchecked(&key_data[i], &ks);
        memcpy(in, plain_data[i], 8);
        memset(out, 0, 8);
        memset(outin, 0, 8);
        DES_ecb_encrypt(&in, &out, &ks, DES_ENCRYPT);
        DES_ecb_encrypt(&out, &outin, &ks, DES_DECRYPT);

        if (memcmp(out, cipher_data[i], 8) != 0) {
            printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
                   i + 1, pt(key_data[i]), pt(in), pt(cipher_data[i]),
                   pt(out));
            err = 1;
        }
        if (memcmp(in, outin, 8) != 0) {
            printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
                   i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin));
            err = 1;
        }
    }

# ifndef LIBDES_LIT
    printf("Doing ede ecb\n");
    for (i = 0; i < (NUM_TESTS - 2); i++) {
        DES_set_key_unchecked(&key_data[i], &ks);
        DES_set_key_unchecked(&key_data[i + 1], &ks2);
        DES_set_key_unchecked(&key_data[i + 2], &ks3);
        memcpy(in, plain_data[i], 8);
        memset(out, 0, 8);
        memset(outin, 0, 8);
        DES_ecb3_encrypt(&in,&out,&ks,&ks2,&ks,DES_ENCRYPT);
        DES_ecb3_encrypt(&out,&outin,&ks,&ks2,&ks,DES_DECRYPT);

        if (memcmp(out, cipher_ecb2[i], 8) != 0) {
            printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
                   i + 1, pt(key_data[i]), pt(in), pt(cipher_ecb2[i]),
                   pt(out));
            err = 1;
        }
        if (memcmp(in, outin, 8) != 0) {
            printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
                   i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin));
            err = 1;
        }
    }
# endif

    printf("Doing cbc\n");
    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    memset(cbc_out, 0, 40);
    memset(cbc_in, 0, 40);
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
    DES_ncbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
                     &iv3, DES_ENCRYPT);
    if (memcmp(cbc_out, cbc_ok, 32) != 0) {
        printf("cbc_encrypt encrypt error\n");
        err = 1;
    }

    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
    DES_ncbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
                     &iv3, DES_DECRYPT);
    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data)) != 0) {
        printf("cbc_encrypt decrypt error\n");
        err = 1;
    }
# ifndef LIBDES_LIT
    printf("Doing desx cbc\n");
    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    memset(cbc_out, 0, 40);
    memset(cbc_in, 0, 40);
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
    DES_xcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
                     &iv3, &cbc2_key, &cbc3_key, DES_ENCRYPT);
    if (memcmp(cbc_out, xcbc_ok, 32) != 0) {
        printf("des_xcbc_encrypt encrypt error\n");
        err = 1;
    }
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
    DES_xcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
                     &iv3, &cbc2_key, &cbc3_key, DES_DECRYPT);
    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
        printf("des_xcbc_encrypt decrypt error\n");
        err = 1;
    }
# endif

    printf("Doing ede cbc\n");
    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    if ((j = DES_set_key_checked(&cbc2_key, &ks2)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    if ((j = DES_set_key_checked(&cbc3_key, &ks3)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    memset(cbc_out, 0, 40);
    memset(cbc_in, 0, 40);
    i = strlen((char *)cbc_data) + 1;
    /* i=((i+7)/8)*8; */
    memcpy(iv3, cbc_iv, sizeof(cbc_iv));

    DES_ede3_cbc_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3,
                         DES_ENCRYPT);
    DES_ede3_cbc_encrypt(&(cbc_data[16]), &(cbc_out[16]), i - 16, &ks, &ks2,
                         &ks3, &iv3, DES_ENCRYPT);
    if (memcmp
        (cbc_out, cbc3_ok,
         (unsigned int)(strlen((char *)cbc_data) + 1 + 7) / 8 * 8) != 0) {
        unsigned int n;

        printf("des_ede3_cbc_encrypt encrypt error\n");
        for (n = 0; n < i; ++n)
            printf(" %02x", cbc_out[n]);
        printf("\n");
        for (n = 0; n < i; ++n)
            printf(" %02x", cbc3_ok[n]);
        printf("\n");
        err = 1;
    }

    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
    DES_ede3_cbc_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, DES_DECRYPT);
    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
        unsigned int n;

        printf("DES_ede3_cbc_encrypt decrypt error\n");
        for (n = 0; n < i; ++n)
            printf(" %02x", cbc_data[n]);
        printf("\n");
        for (n = 0; n < i; ++n)
            printf(" %02x", cbc_in[n]);
        printf("\n");
        err = 1;
    }
# ifndef LIBDES_LIT
    printf("Doing pcbc\n");
    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
        printf("Key error %d\n", j);
        err = 1;
    }
    memset(cbc_out, 0, 40);
    memset(cbc_in, 0, 40);
    DES_pcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks,
                     &cbc_iv, DES_ENCRYPT);
    if (memcmp(cbc_out, pcbc_ok, 32) != 0) {
        printf("pcbc_encrypt encrypt error\n");
        err = 1;
    }
    DES_pcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks,
                     &cbc_iv, DES_DECRYPT);
    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
        printf("pcbc_encrypt decrypt error\n");
        err = 1;
    }

    printf("Doing ");
    printf("cfb8 ");
    err += cfb_test(8, cfb_cipher8);
    printf("cfb16 ");
    err += cfb_test(16, cfb_cipher16);
    printf("cfb32 ");
    err += cfb_test(32, cfb_cipher32);
    printf("cfb48 ");
    err += cfb_test(48, cfb_cipher48);
    printf("cfb64 ");
    err += cfb_test(64, cfb_cipher64);

    printf("cfb64() ");
    err += cfb64_test(cfb_cipher64);

    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
    for (i = 0; i < sizeof(plain); i++)
        DES_cfb_encrypt(&(plain[i]), &(cfb_buf1[i]),
                        8, 1, &ks, &cfb_tmp, DES_ENCRYPT);
    if (memcmp(cfb_cipher8, cfb_buf1, sizeof(plain)) != 0) {
        printf("cfb_encrypt small encrypt error\n");
        err = 1;
    }

    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
    for (i = 0; i < sizeof(plain); i++)
        DES_cfb_encrypt(&(cfb_buf1[i]), &(cfb_buf2[i]),
                        8, 1, &ks, &cfb_tmp, DES_DECRYPT);
    if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
        printf("cfb_encrypt small decrypt error\n");
        err = 1;
    }

    printf("ede_cfb64() ");
    err += ede_cfb64_test(cfb_cipher64);

    printf("done\n");

    printf("Doing ofb\n");
    DES_set_key_checked(&ofb_key, &ks);
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    DES_ofb_encrypt(plain, ofb_buf1, 64, sizeof(plain) / 8, &ks, &ofb_tmp);
    if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
        printf("ofb_encrypt encrypt error\n");
        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
               ofb_buf1[8 + 0], ofb_buf1[8 + 1], ofb_buf1[8 + 2],
               ofb_buf1[8 + 3], ofb_buf1[8 + 4], ofb_buf1[8 + 5],
               ofb_buf1[8 + 6], ofb_buf1[8 + 7]);
        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf1[8 + 0],
               ofb_cipher[8 + 1], ofb_cipher[8 + 2], ofb_cipher[8 + 3],
               ofb_buf1[8 + 4], ofb_cipher[8 + 5], ofb_cipher[8 + 6],
               ofb_cipher[8 + 7]);
        err = 1;
    }
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    DES_ofb_encrypt(ofb_buf1, ofb_buf2, 64, sizeof(ofb_buf1) / 8, &ks,
                    &ofb_tmp);
    if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
        printf("ofb_encrypt decrypt error\n");
        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
               ofb_buf2[8 + 0], ofb_buf2[8 + 1], ofb_buf2[8 + 2],
               ofb_buf2[8 + 3], ofb_buf2[8 + 4], ofb_buf2[8 + 5],
               ofb_buf2[8 + 6], ofb_buf2[8 + 7]);
        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", plain[8 + 0],
               plain[8 + 1], plain[8 + 2], plain[8 + 3], plain[8 + 4],
               plain[8 + 5], plain[8 + 6], plain[8 + 7]);
        err = 1;
    }

    printf("Doing ofb64\n");
    DES_set_key_checked(&ofb_key, &ks);
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    memset(ofb_buf1, 0, sizeof(ofb_buf1));
    memset(ofb_buf2, 0, sizeof(ofb_buf1));
    num = 0;
    for (i = 0; i < sizeof(plain); i++) {
        DES_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ofb_tmp, &num);
    }
    if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
        printf("ofb64_encrypt encrypt error\n");
        err = 1;
    }
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    num = 0;
    DES_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ofb_tmp,
                      &num);
    if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
        printf("ofb64_encrypt decrypt error\n");
        err = 1;
    }

    printf("Doing ede_ofb64\n");
    DES_set_key_checked(&ofb_key, &ks);
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    memset(ofb_buf1, 0, sizeof(ofb_buf1));
    memset(ofb_buf2, 0, sizeof(ofb_buf1));
    num = 0;
    for (i = 0; i < sizeof(plain); i++) {
        DES_ede3_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ks,
                               &ks, &ofb_tmp, &num);
    }
    if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
        printf("ede_ofb64_encrypt encrypt error\n");
        err = 1;
    }
    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
    num = 0;
    DES_ede3_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ks, &ks,
                           &ofb_tmp, &num);
    if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
        printf("ede_ofb64_encrypt decrypt error\n");
        err = 1;
    }

    printf("Doing cbc_cksum\n");
    DES_set_key_checked(&cbc_key, &ks);
    cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks,
                       &cbc_iv);
    if (cs != cbc_cksum_ret) {
        printf("bad return value (%08lX), should be %08lX\n",
               (unsigned long)cs, (unsigned long)cbc_cksum_ret);
        err = 1;
    }
    if (memcmp(cret, cbc_cksum_data, 8) != 0) {
        printf("bad cbc_cksum block returned\n");
        err = 1;
    }

    printf("Doing quad_cksum\n");
    cs = DES_quad_cksum(cbc_data, (DES_cblock *)lqret,
                        (long)strlen((char *)cbc_data), 2,
                        (DES_cblock *)cbc_iv);
    if (cs != 0x70d7a63aL) {
        printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
               (unsigned long)cs);
        err = 1;
    }
    if (lqret[0] != 0x327eba8dL) {
        printf("quad_cksum error, out[0] %08lx is not %08lx\n",
               (unsigned long)lqret[0], 0x327eba8dUL);
        err = 1;
    }
    if (lqret[1] != 0x201a49ccL) {
        printf("quad_cksum error, out[1] %08lx is not %08lx\n",
               (unsigned long)lqret[1], 0x201a49ccUL);
        err = 1;
    }
    if (lqret[2] != 0x70d7a63aL) {
        printf("quad_cksum error, out[2] %08lx is not %08lx\n",
               (unsigned long)lqret[2], 0x70d7a63aUL);
        err = 1;
    }
    if (lqret[3] != 0x501c2c26L) {
        printf("quad_cksum error, out[3] %08lx is not %08lx\n",
               (unsigned long)lqret[3], 0x501c2c26UL);
        err = 1;
    }
# endif

    printf("input word alignment test");
    for (i = 0; i < 4; i++) {
        printf(" %d", i);
        DES_ncbc_encrypt(&(cbc_out[i]), cbc_in,
                         strlen((char *)cbc_data) + 1, &ks,
                         &cbc_iv, DES_ENCRYPT);
    }
    printf("\noutput word alignment test");
    for (i = 0; i < 4; i++) {
        printf(" %d", i);
        DES_ncbc_encrypt(cbc_out, &(cbc_in[i]),
                         strlen((char *)cbc_data) + 1, &ks,
                         &cbc_iv, DES_ENCRYPT);
    }
    printf("\n");
    printf("fast crypt test ");
    str = crypt("testing", "ef");
    if (strcmp("efGnQx2725bI2", str) != 0) {
        printf("fast crypt error, %s should be efGnQx2725bI2\n", str);
        err = 1;
    }
    str = crypt("bca76;23", "yA");
    if (strcmp("yA1Rp/1hZXIJk", str) != 0) {
        printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n", str);
        err = 1;
    }
    printf("\n");
    return (err);
}
示例#21
0
int BORINGSSL_self_test(void) {
  static const uint8_t kAESKey[16] = "BoringCrypto Key";
  static const uint8_t kAESIV[16] = {0};
  static const uint8_t kPlaintext[64] =
      "BoringCryptoModule FIPS KAT Encryption and Decryption Plaintext!";
  static const uint8_t kAESCBCCiphertext[64] = {
      0x87, 0x2d, 0x98, 0xc2, 0xcc, 0x31, 0x5b, 0x41, 0xe0, 0xfa, 0x7b,
      0x0a, 0x71, 0xc0, 0x42, 0xbf, 0x4f, 0x61, 0xd0, 0x0d, 0x58, 0x8c,
      0xf7, 0x05, 0xfb, 0x94, 0x89, 0xd3, 0xbc, 0xaa, 0x1a, 0x50, 0x45,
      0x1f, 0xc3, 0x8c, 0xb8, 0x98, 0x86, 0xa3, 0xe3, 0x6c, 0xfc, 0xad,
      0x3a, 0xb5, 0x59, 0x27, 0x7d, 0x21, 0x07, 0xca, 0x4c, 0x1d, 0x55,
      0x34, 0xdd, 0x5a, 0x2d, 0xc4, 0xb4, 0xf5, 0xa8,
#if !defined(BORINGSSL_FIPS_BREAK_AES_CBC)
      0x35
#else
      0x00
#endif
  };
  static const uint8_t kAESGCMCiphertext[80] = {
      0x4a, 0xd8, 0xe7, 0x7d, 0x78, 0xd7, 0x7d, 0x5e, 0xb2, 0x11, 0xb6, 0xc9,
      0xa4, 0xbc, 0xb2, 0xae, 0xbe, 0x93, 0xd1, 0xb7, 0xfe, 0x65, 0xc1, 0x82,
      0x2a, 0xb6, 0x71, 0x5f, 0x1a, 0x7c, 0xe0, 0x1b, 0x2b, 0xe2, 0x53, 0xfa,
      0xa0, 0x47, 0xfa, 0xd7, 0x8f, 0xb1, 0x4a, 0xc4, 0xdc, 0x89, 0xf9, 0xb4,
      0x14, 0x4d, 0xde, 0x95, 0xea, 0x29, 0x69, 0x76, 0x81, 0xa3, 0x5c, 0x33,
      0xd8, 0x37, 0xd8, 0xfa, 0x47, 0x19, 0x46, 0x2f, 0xf1, 0x90, 0xb7, 0x61,
      0x8f, 0x6f, 0xdd, 0x31, 0x3f, 0x6a, 0x64,
#if !defined(BORINGSSL_FIPS_BREAK_AES_GCM)
      0x0d
#else
      0x00
#endif
  };
  static const DES_cblock kDESKey1 = {"BCMDESK1"};
  static const DES_cblock kDESKey2 = {"BCMDESK2"};
  static const DES_cblock kDESKey3 = {"BCMDESK3"};
  static const DES_cblock kDESIV = {"BCMDESIV"};
  static const uint8_t kDESCiphertext[64] = {
      0xa4, 0x30, 0x7a, 0x4c, 0x1f, 0x60, 0x16, 0xd7, 0x4f, 0x41, 0xe1,
      0xbb, 0x27, 0xc4, 0x27, 0x37, 0xd4, 0x7f, 0xb9, 0x10, 0xf8, 0xbc,
      0xaf, 0x93, 0x91, 0xb8, 0x88, 0x24, 0xb1, 0xf6, 0xf8, 0xbd, 0x31,
      0x96, 0x06, 0x76, 0xde, 0x32, 0xcd, 0x29, 0x29, 0xba, 0x70, 0x5f,
      0xea, 0xc0, 0xcb, 0xde, 0xc7, 0x75, 0x90, 0xe0, 0x0f, 0x5e, 0x2c,
      0x0d, 0x49, 0x20, 0xd5, 0x30, 0x83, 0xf8, 0x08,
#if !defined(BORINGSSL_FIPS_BREAK_DES)
      0x5a
#else
      0x00
#endif
  };
  static const uint8_t kPlaintextSHA1[20] = {
      0xc6, 0xf8, 0xc9, 0x63, 0x1c, 0x14, 0x23, 0x62, 0x9b, 0xbd,
      0x55, 0x82, 0xf4, 0xd6, 0x1d, 0xf2, 0xab, 0x7d, 0xc8,
#if !defined(BORINGSSL_FIPS_BREAK_SHA_1)
      0x28
#else
      0x00
#endif
  };
  static const uint8_t kPlaintextSHA256[32] = {
      0x37, 0xbd, 0x70, 0x53, 0x72, 0xfc, 0xd4, 0x03, 0x79, 0x70, 0xfb,
      0x06, 0x95, 0xb1, 0x2a, 0x82, 0x48, 0xe1, 0x3e, 0xf2, 0x33, 0xfb,
      0xef, 0x29, 0x81, 0x22, 0x45, 0x40, 0x43, 0x70, 0xce,
#if !defined(BORINGSSL_FIPS_BREAK_SHA_256)
      0x0f
#else
      0x00
#endif
  };
  static const uint8_t kPlaintextSHA512[64] = {
      0x08, 0x6a, 0x1c, 0x84, 0x61, 0x9d, 0x8e, 0xb3, 0xc0, 0x97, 0x4e,
      0xa1, 0x9f, 0x9c, 0xdc, 0xaf, 0x3b, 0x5c, 0x31, 0xf0, 0xf2, 0x74,
      0xc3, 0xbd, 0x6e, 0xd6, 0x1e, 0xb2, 0xbb, 0x34, 0x74, 0x72, 0x5c,
      0x51, 0x29, 0x8b, 0x87, 0x3a, 0xa3, 0xf2, 0x25, 0x23, 0xd4, 0x1c,
      0x82, 0x1b, 0xfe, 0xd3, 0xc6, 0xee, 0xb5, 0xd6, 0xaf, 0x07, 0x7b,
      0x98, 0xca, 0xa7, 0x01, 0xf3, 0x94, 0xf3, 0x68,
#if !defined(BORINGSSL_FIPS_BREAK_SHA_512)
      0x14
#else
      0x00
#endif
  };
  static const uint8_t kRSASignature[256] = {
      0x62, 0x66, 0x4b, 0xe3, 0xb1, 0xd2, 0x83, 0xf1, 0xa8, 0x56, 0x2b, 0x33,
      0x60, 0x1e, 0xdb, 0x1e, 0x06, 0xf7, 0xa7, 0x1e, 0xa8, 0xef, 0x03, 0x4d,
      0x0c, 0xf6, 0x83, 0x75, 0x7a, 0xf0, 0x14, 0xc7, 0xe2, 0x94, 0x3a, 0xb5,
      0x67, 0x56, 0xa5, 0x48, 0x7f, 0x3a, 0xa5, 0xbf, 0xf7, 0x1d, 0x44, 0xa6,
      0x34, 0xed, 0x9b, 0xd6, 0x51, 0xaa, 0x2c, 0x4e, 0xce, 0x60, 0x5f, 0xe9,
      0x0e, 0xd5, 0xcd, 0xeb, 0x23, 0x27, 0xf8, 0xfb, 0x45, 0xe5, 0x34, 0x63,
      0x77, 0x7f, 0x2e, 0x80, 0xcf, 0x9d, 0x2e, 0xfc, 0xe2, 0x50, 0x75, 0x29,
      0x46, 0xf4, 0xaf, 0x91, 0xed, 0x36, 0xe1, 0x5e, 0xef, 0x66, 0xa1, 0xff,
      0x27, 0xfc, 0x87, 0x7e, 0x60, 0x84, 0x0f, 0x54, 0x51, 0x56, 0x0f, 0x68,
      0x99, 0xc0, 0x3f, 0xeb, 0xa5, 0xa0, 0x46, 0xb0, 0x86, 0x02, 0xb0, 0xc8,
      0xe8, 0x46, 0x13, 0x06, 0xcd, 0xb7, 0x8a, 0xd0, 0x3b, 0x46, 0xd0, 0x14,
      0x64, 0x53, 0x9b, 0x5b, 0x5e, 0x02, 0x45, 0xba, 0x6e, 0x7e, 0x0a, 0xb9,
      0x9e, 0x62, 0xb7, 0xd5, 0x7a, 0x87, 0xea, 0xd3, 0x24, 0xa5, 0xef, 0xb3,
      0xdc, 0x05, 0x9c, 0x04, 0x60, 0x4b, 0xde, 0xa8, 0x90, 0x08, 0x7b, 0x6a,
      0x5f, 0xb4, 0x3f, 0xda, 0xc5, 0x1f, 0x6e, 0xd6, 0x15, 0xde, 0x65, 0xa4,
      0x6e, 0x62, 0x9d, 0x8f, 0xa8, 0xbe, 0x86, 0xf6, 0x09, 0x90, 0x40, 0xa5,
      0xf4, 0x23, 0xc5, 0xf6, 0x38, 0x86, 0x0d, 0x1c, 0xed, 0x4a, 0x0a, 0xae,
      0xa4, 0x26, 0xc2, 0x2e, 0xd3, 0x13, 0x66, 0x61, 0xea, 0x35, 0x01, 0x0e,
      0x13, 0xda, 0x78, 0x20, 0xae, 0x59, 0x5f, 0x9b, 0xa9, 0x6c, 0xf9, 0x1b,
      0xdf, 0x76, 0x53, 0xc8, 0xa7, 0xf5, 0x63, 0x6d, 0xf3, 0xff, 0xfd, 0xaf,
      0x75, 0x4b, 0xac, 0x67, 0xb1, 0x3c, 0xbf, 0x5e, 0xde, 0x73, 0x02, 0x6d,
      0xd2, 0x0c, 0xb1,
#if !defined(BORINGSSL_FIPS_BREAK_RSA_SIG)
      0x64
#else
      0x00
#endif
  };
  const uint8_t kDRBGEntropy[48] =
      "BCM Known Answer Test DBRG Initial Entropy      ";
  const uint8_t kDRBGPersonalization[18] = "BCMPersonalization";
  const uint8_t kDRBGAD[16] = "BCM DRBG KAT AD ";
  const uint8_t kDRBGOutput[64] = {
      0x1d, 0x63, 0xdf, 0x05, 0x51, 0x49, 0x22, 0x46, 0xcd, 0x9b, 0xc5,
      0xbb, 0xf1, 0x5d, 0x44, 0xae, 0x13, 0x78, 0xb1, 0xe4, 0x7c, 0xf1,
      0x96, 0x33, 0x3d, 0x60, 0xb6, 0x29, 0xd4, 0xbb, 0x6b, 0x44, 0xf9,
      0xef, 0xd9, 0xf4, 0xa2, 0xba, 0x48, 0xea, 0x39, 0x75, 0x59, 0x32,
      0xf7, 0x31, 0x2c, 0x98, 0x14, 0x2b, 0x49, 0xdf, 0x02, 0xb6, 0x5d,
      0x71, 0x09, 0x50, 0xdb, 0x23, 0xdb, 0xe5, 0x22,
#if !defined(BORINGSSL_FIPS_BREAK_DRBG)
      0x95
#else
      0x00
#endif
  };
  const uint8_t kDRBGEntropy2[48] =
      "BCM Known Answer Test DBRG Reseed Entropy       ";
  const uint8_t kDRBGReseedOutput[64] = {
      0xa4, 0x77, 0x05, 0xdb, 0x14, 0x11, 0x76, 0x71, 0x42, 0x5b, 0xd8,
      0xd7, 0xa5, 0x4f, 0x8b, 0x39, 0xf2, 0x10, 0x4a, 0x50, 0x5b, 0xa2,
      0xc8, 0xf0, 0xbb, 0x3e, 0xa1, 0xa5, 0x90, 0x7d, 0x54, 0xd9, 0xc6,
      0xb0, 0x96, 0xc0, 0x2b, 0x7e, 0x9b, 0xc9, 0xa1, 0xdd, 0x78, 0x2e,
      0xd5, 0xa8, 0x66, 0x16, 0xbd, 0x18, 0x3c, 0xf2, 0xaa, 0x7a, 0x2b,
      0x37, 0xf9, 0xab, 0x35, 0x64, 0x15, 0x01, 0x3f, 0xc4,
  };
  const uint8_t kECDSASigR[32] = {
      0x67, 0x80, 0xc5, 0xfc, 0x70, 0x27, 0x5e, 0x2c, 0x70, 0x61, 0xa0,
      0xe7, 0x87, 0x7b, 0xb1, 0x74, 0xde, 0xad, 0xeb, 0x98, 0x87, 0x02,
      0x7f, 0x3f, 0xa8, 0x36, 0x54, 0x15, 0x8b, 0xa7, 0xf5,
#if !defined(BORINGSSL_FIPS_BREAK_ECDSA_SIG)
      0x0c,
#else
      0x00,
#endif
  };
  const uint8_t kECDSASigS[32] = {
      0xa5, 0x93, 0xe0, 0x23, 0x91, 0xe7, 0x4b, 0x8d, 0x77, 0x25, 0xa6,
      0xba, 0x4d, 0xd9, 0x86, 0x77, 0xda, 0x7d, 0x8f, 0xef, 0xc4, 0x1a,
      0xf0, 0xcc, 0x81, 0xe5, 0xea, 0x3f, 0xc2, 0x41, 0x7f, 0xd8,
  };

  EVP_AEAD_CTX aead_ctx;
  EVP_AEAD_CTX_zero(&aead_ctx);
  RSA *rsa_key = NULL;
  EC_KEY *ec_key = NULL;
  ECDSA_SIG *sig = NULL;
  int ret = 0;

  AES_KEY aes_key;
  uint8_t aes_iv[16];
  uint8_t output[256];

  // AES-CBC Encryption KAT
  memcpy(aes_iv, kAESIV, sizeof(kAESIV));
  if (AES_set_encrypt_key(kAESKey, 8 * sizeof(kAESKey), &aes_key) != 0) {
    goto err;
  }
  AES_cbc_encrypt(kPlaintext, output, sizeof(kPlaintext), &aes_key, aes_iv,
                  AES_ENCRYPT);
  if (!check_test(kAESCBCCiphertext, output, sizeof(kAESCBCCiphertext),
                  "AES-CBC Encryption KAT")) {
    goto err;
  }

  // AES-CBC Decryption KAT
  memcpy(aes_iv, kAESIV, sizeof(kAESIV));
  if (AES_set_decrypt_key(kAESKey, 8 * sizeof(kAESKey), &aes_key) != 0) {
    goto err;
  }
  AES_cbc_encrypt(kAESCBCCiphertext, output, sizeof(kAESCBCCiphertext),
                  &aes_key, aes_iv, AES_DECRYPT);
  if (!check_test(kPlaintext, output, sizeof(kPlaintext),
                  "AES-CBC Decryption KAT")) {
    goto err;
  }

  size_t out_len;
  uint8_t nonce[EVP_AEAD_MAX_NONCE_LENGTH];
  OPENSSL_memset(nonce, 0, sizeof(nonce));
  if (!EVP_AEAD_CTX_init(&aead_ctx, EVP_aead_aes_128_gcm(), kAESKey,
                         sizeof(kAESKey), 0, NULL)) {
    goto err;
  }

  // AES-GCM Encryption KAT
  if (!EVP_AEAD_CTX_seal(&aead_ctx, output, &out_len, sizeof(output), nonce,
                         EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()),
                         kPlaintext, sizeof(kPlaintext), NULL, 0) ||
      !check_test(kAESGCMCiphertext, output, sizeof(kAESGCMCiphertext),
                  "AES-GCM Encryption KAT")) {
    goto err;
  }

  // AES-GCM Decryption KAT
  if (!EVP_AEAD_CTX_open(&aead_ctx, output, &out_len, sizeof(output), nonce,
                         EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()),
                         kAESGCMCiphertext, sizeof(kAESGCMCiphertext), NULL,
                         0) ||
      !check_test(kPlaintext, output, sizeof(kPlaintext),
                  "AES-GCM Decryption KAT")) {
    goto err;
  }

  DES_key_schedule des1, des2, des3;
  DES_cblock des_iv;
  DES_set_key(&kDESKey1, &des1);
  DES_set_key(&kDESKey2, &des2);
  DES_set_key(&kDESKey3, &des3);

  // 3DES Encryption KAT
  memcpy(&des_iv, &kDESIV, sizeof(des_iv));
  DES_ede3_cbc_encrypt(kPlaintext, output, sizeof(kPlaintext), &des1, &des2,
                       &des3, &des_iv, DES_ENCRYPT);
  if (!check_test(kDESCiphertext, output, sizeof(kDESCiphertext),
                  "3DES Encryption KAT")) {
    goto err;
  }

  // 3DES Decryption KAT
  memcpy(&des_iv, &kDESIV, sizeof(des_iv));
  DES_ede3_cbc_encrypt(kDESCiphertext, output, sizeof(kDESCiphertext), &des1,
                       &des2, &des3, &des_iv, DES_DECRYPT);
  if (!check_test(kPlaintext, output, sizeof(kPlaintext),
                  "3DES Decryption KAT")) {
    goto err;
  }

  // SHA-1 KAT
  SHA1(kPlaintext, sizeof(kPlaintext), output);
  if (!check_test(kPlaintextSHA1, output, sizeof(kPlaintextSHA1),
                  "SHA-1 KAT")) {
    goto err;
  }

  // SHA-256 KAT
  SHA256(kPlaintext, sizeof(kPlaintext), output);
  if (!check_test(kPlaintextSHA256, output, sizeof(kPlaintextSHA256),
                  "SHA-256 KAT")) {
    goto err;
  }

  // SHA-512 KAT
  SHA512(kPlaintext, sizeof(kPlaintext), output);
  if (!check_test(kPlaintextSHA512, output, sizeof(kPlaintextSHA512),
                  "SHA-512 KAT")) {
    goto err;
  }

  rsa_key = self_test_rsa_key();
  if (rsa_key == NULL) {
    fprintf(stderr, "RSA KeyGen failed\n");
    goto err;
  }

  // RSA Sign KAT
  unsigned sig_len;

  // Disable blinding for the power-on tests because it's not needed and
  // triggers an entropy draw.
  rsa_key->flags |= RSA_FLAG_NO_BLINDING;

  if (!RSA_sign(NID_sha256, kPlaintextSHA256, sizeof(kPlaintextSHA256), output,
                &sig_len, rsa_key) ||
      !check_test(kRSASignature, output, sizeof(kRSASignature),
                  "RSA Sign KAT")) {
    goto err;
  }

  // RSA Verify KAT
  if (!RSA_verify(NID_sha256, kPlaintextSHA256, sizeof(kPlaintextSHA256),
                  kRSASignature, sizeof(kRSASignature), rsa_key)) {
    fprintf(stderr, "RSA Verify KAT failed.\n");
    goto err;
  }

  ec_key = self_test_ecdsa_key();
  if (ec_key == NULL) {
    fprintf(stderr, "ECDSA KeyGen failed\n");
    goto err;
  }

  // ECDSA Sign/Verify PWCT

  // The 'k' value for ECDSA is fixed to avoid an entropy draw.
  ec_key->fixed_k = BN_new();
  if (ec_key->fixed_k == NULL ||
      !BN_set_word(ec_key->fixed_k, 42)) {
    fprintf(stderr, "Out of memory\n");
    goto err;
  }

  sig = ECDSA_do_sign(kPlaintextSHA256, sizeof(kPlaintextSHA256), ec_key);

  uint8_t ecdsa_r_bytes[sizeof(kECDSASigR)];
  uint8_t ecdsa_s_bytes[sizeof(kECDSASigS)];
  if (sig == NULL ||
      BN_num_bytes(sig->r) != sizeof(ecdsa_r_bytes) ||
      !BN_bn2bin(sig->r, ecdsa_r_bytes) ||
      BN_num_bytes(sig->s) != sizeof(ecdsa_s_bytes) ||
      !BN_bn2bin(sig->s, ecdsa_s_bytes) ||
      !check_test(kECDSASigR, ecdsa_r_bytes, sizeof(kECDSASigR), "ECDSA R") ||
      !check_test(kECDSASigS, ecdsa_s_bytes, sizeof(kECDSASigS), "ECDSA S")) {
    fprintf(stderr, "ECDSA KAT failed.\n");
    goto err;
  }

  // DBRG KAT
  CTR_DRBG_STATE drbg;
  if (!CTR_DRBG_init(&drbg, kDRBGEntropy, kDRBGPersonalization,
                     sizeof(kDRBGPersonalization)) ||
      !CTR_DRBG_generate(&drbg, output, sizeof(kDRBGOutput), kDRBGAD,
                         sizeof(kDRBGAD)) ||
      !check_test(kDRBGOutput, output, sizeof(kDRBGOutput),
                  "DBRG Generate KAT") ||
      !CTR_DRBG_reseed(&drbg, kDRBGEntropy2, kDRBGAD, sizeof(kDRBGAD)) ||
      !CTR_DRBG_generate(&drbg, output, sizeof(kDRBGReseedOutput), kDRBGAD,
                         sizeof(kDRBGAD)) ||
      !check_test(kDRBGReseedOutput, output, sizeof(kDRBGReseedOutput),
                  "DRBG Reseed KAT")) {
    goto err;
  }
  CTR_DRBG_clear(&drbg);

  CTR_DRBG_STATE kZeroDRBG;
  memset(&kZeroDRBG, 0, sizeof(kZeroDRBG));
  if (!check_test(&kZeroDRBG, &drbg, sizeof(drbg), "DRBG Clear KAT")) {
    goto err;
  }

  ret = 1;

err:
  EVP_AEAD_CTX_cleanup(&aead_ctx);
  RSA_free(rsa_key);
  EC_KEY_free(ec_key);
  ECDSA_SIG_free(sig);

  return ret;
}
示例#22
0
int main(int argc, char **argv)
	{
	long count;
	static unsigned char buf[BUFSIZE];
	static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
	static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
	static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
	DES_key_schedule sch,sch2,sch3;
	double a,b,c,d,e;
#ifndef SIGALRM
	long ca,cb,cc,cd,ce;
#endif

#ifndef TIMES
	printf("To get the most accurate results, try to run this\n");
	printf("program when this computer is idle.\n");
#endif

	DES_set_key_unchecked(&key2,&sch2);
	DES_set_key_unchecked(&key3,&sch3);

#ifndef SIGALRM
	printf("First we calculate the approximate speed ...\n");
	DES_set_key_unchecked(&key,&sch);
	count=10;
	do	{
		long i;
		DES_LONG data[2];

		count*=2;
		Time_F(START);
		for (i=count; i; i--)
			DES_encrypt1(data,&sch,DES_ENCRYPT);
		d=Time_F(STOP);
		} while (d < 3.0);
	ca=count;
	cb=count*3;
	cc=count*3*8/BUFSIZE+1;
	cd=count*8/BUFSIZE+1;
	ce=count/20+1;
	printf("Doing set_key %ld times\n",ca);
#define COND(d)	(count != (d))
#define COUNT(d) (d)
#else
#define COND(c)	(run)
#define COUNT(d) (count)
	signal(SIGALRM,sig_done);
	printf("Doing set_key for 10 seconds\n");
	alarm(10);
#endif

	Time_F(START);
	for (count=0,run=1; COND(ca); count++)
		DES_set_key_unchecked(&key,&sch);
	d=Time_F(STOP);
	printf("%ld set_key's in %.2f seconds\n",count,d);
	a=((double)COUNT(ca))/d;

#ifdef SIGALRM
	printf("Doing DES_encrypt's for 10 seconds\n");
	alarm(10);
#else
	printf("Doing DES_encrypt %ld times\n",cb);
#endif
	Time_F(START);
	for (count=0,run=1; COND(cb); count++)
		{
		DES_LONG data[2];

		DES_encrypt1(data,&sch,DES_ENCRYPT);
		}
	d=Time_F(STOP);
	printf("%ld DES_encrypt's in %.2f second\n",count,d);
	b=((double)COUNT(cb)*8)/d;

#ifdef SIGALRM
	printf("Doing DES_cbc_encrypt on %ld byte blocks for 10 seconds\n",
		BUFSIZE);
	alarm(10);
#else
	printf("Doing DES_cbc_encrypt %ld times on %ld byte blocks\n",cc,
		BUFSIZE);
#endif
	Time_F(START);
	for (count=0,run=1; COND(cc); count++)
		DES_ncbc_encrypt(buf,buf,BUFSIZE,&sch,
			&key,DES_ENCRYPT);
	d=Time_F(STOP);
	printf("%ld DES_cbc_encrypt's of %ld byte blocks in %.2f second\n",
		count,BUFSIZE,d);
	c=((double)COUNT(cc)*BUFSIZE)/d;

#ifdef SIGALRM
	printf("Doing DES_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n",
		BUFSIZE);
	alarm(10);
#else
	printf("Doing DES_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd,
		BUFSIZE);
#endif
	Time_F(START);
	for (count=0,run=1; COND(cd); count++)
		DES_ede3_cbc_encrypt(buf,buf,BUFSIZE,
			&sch,
			&sch2,
			&sch3,
			&key,
			DES_ENCRYPT);
	d=Time_F(STOP);
	printf("%ld DES_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n",
		count,BUFSIZE,d);
	d=((double)COUNT(cd)*BUFSIZE)/d;

#ifdef SIGALRM
	printf("Doing crypt for 10 seconds\n");
	alarm(10);
#else
	printf("Doing crypt %ld times\n",ce);
#endif
	Time_F(START);
	for (count=0,run=1; COND(ce); count++)
		crypt("testing1","ef");
	e=Time_F(STOP);
	printf("%ld crypts in %.2f second\n",count,e);
	e=((double)COUNT(ce))/e;

	printf("set_key            per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
	printf("DES raw ecb bytes  per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
	printf("DES cbc bytes      per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
	printf("DES ede cbc bytes  per sec = %12.2f (%9.3fuS)\n",d,8.0e6/d);
	printf("crypt              per sec = %12.2f (%9.3fuS)\n",e,1.0e6/e);
	exit(0);
#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
	return(0);
#endif
	}
示例#23
0
static int crypt_all(int *pcount, struct db_salt *salt)
{
    const int count = *pcount;
    int index = 0;

#ifdef _OPENMP
    #pragma omp parallel for
    for (index = 0; index < count; index++)
#endif
    {
        if (cur_salt->cipher == 0) {
            unsigned char key[24] = {0};
            unsigned char out[N];
            DES_cblock key1, key2, key3;
            DES_cblock ivec;
            DES_key_schedule ks1, ks2, ks3;
            generate24key_bytes((unsigned char*)saved_key[index], key);
            memset(out, 0, SAFETY_FACTOR);
            memcpy(key1, key, 8);
            memcpy(key2, key + 8, 8);
            memcpy(key3, key + 16, 8);
            DES_set_key((DES_cblock *) key1, &ks1);
            DES_set_key((DES_cblock *) key2, &ks2);
            DES_set_key((DES_cblock *) key3, &ks3);
            memcpy(ivec, cur_salt->salt, 8);
            // DES_ede3_cbc_encrypt(cur_salt->ct, out, cur_salt->ctl, &ks1, &ks2, &ks3, &ivec, DES_DECRYPT);
            DES_ede3_cbc_encrypt(cur_salt->ct, out, SAFETY_FACTOR, &ks1, &ks2, &ks3, &ivec, DES_DECRYPT);
            DES_ede3_cbc_encrypt(cur_salt->ct + cur_salt->ctl - 32, out + cur_salt->ctl - 32, 32, &ks1, &ks2, &ks3, &ivec, DES_DECRYPT);

            if (check_padding_and_structure(out, cur_salt->ctl) == 0)
                cracked[index] = 1;
            else
                cracked[index] = 0;
        }
        else if (cur_salt->cipher == 1) {
            unsigned char key[16] = {0};
            unsigned char out[N];
            // unsigned char out[N] = {0};
            AES_KEY akey;
            unsigned char iv[16];
            memcpy(iv, cur_salt->salt, 16);
            memset(out, 0, SAFETY_FACTOR);
            memset(out + cur_salt->ctl - 32, 0, 32);
            generate16key_bytes((unsigned char*)saved_key[index], key);
            AES_set_decrypt_key(key, 128, &akey);
            // AES_cbc_encrypt(cur_salt->ct, out, cur_salt->ctl, &akey, iv, AES_DECRYPT);
            // dirty hack!
            AES_cbc_encrypt(cur_salt->ct, out, SAFETY_FACTOR, &akey, iv, AES_DECRYPT); // are starting SAFETY_FACTOR bytes enough?
            // decrypting 1 blocks (16 bytes) is enough for correct padding check
            memcpy(iv, cur_salt->ct + cur_salt->ctl - 32, 16);
            AES_cbc_encrypt(cur_salt->ct + cur_salt->ctl - 16, out + cur_salt->ctl - 16, 16, &akey, iv, AES_DECRYPT);
            if (check_padding_and_structure(out, cur_salt->ctl) == 0)
                cracked[index] = 1;
            else
                cracked[index] = 0;
        }
        else {  /* new ssh key format handling */
            unsigned char key[32+16] = {0};
            unsigned char out[32] = {0};
            AES_KEY akey;
            unsigned char iv[16];
            // derive (key length + iv length) bytes
            bcrypt_pbkdf(saved_key[index], strlen(saved_key[index]), cur_salt->salt, 16, key, 32 + 16, cur_salt->rounds);
            AES_set_decrypt_key(key, 256, &akey);
            memcpy(iv, key + 32, 16);
            AES_cbc_encrypt(cur_salt->ct + cur_salt->ctl - 32, out, 32, &akey, iv, AES_DECRYPT); // decrypt 2 blocks
            if (check_padding_only(out + 16, 16) == 0) /* always check the last block (16 bytes) */
                cracked[index] = 1;
            else
                cracked[index] = 0;
        }
    }
    return count;
}
示例#24
0
int main(int argc, char **argv)
{
	if(argc != 2)
	{
		std::cout << "Usage: unwand <opera wand file>" << std::endl;
		return 1;
	}

	FILE *fdWand = fopen(argv[1], "rb");

	if(NULL == fdWand)
	{
		perror("Failed to open file");
		return 1;
	}

	fseek(fdWand, 0, SEEK_END);
	unsigned long fileSize = ftell(fdWand);

	unsigned char *wandData = (unsigned char *)malloc(fileSize);

	if(NULL == wandData)
	{
		fclose(fdWand);
		perror("Memory allocation failed");
		return 1;
	}

	rewind(fdWand);
	fread(wandData, fileSize, 1, fdWand);
	fclose(fdWand);

	unsigned long wandOffset = 0;

	//
	// main loop, find and process encrypted blocks
	//

	while(wandOffset < fileSize)
	{
		// find key length field at start of block
		unsigned char *wandKey = (unsigned char *)
			memchr(wandData + wandOffset, DES_KEY_SZ, fileSize - wandOffset);

		if(NULL == wandKey)
		{
			break;
		}

		wandOffset = ++wandKey - wandData;

		// create pointers to length fields
		unsigned char *blockLengthPtr = wandKey - 8;
		unsigned char *dataLengthPtr = wandKey + DES_KEY_SZ;

		if(blockLengthPtr < wandData || dataLengthPtr > wandData + fileSize)
		{
			continue;
		}

		// convert big-endian numbers to native
		unsigned long
			blockLength  = *blockLengthPtr++ << 24;
			blockLength |= *blockLengthPtr++ << 16;
			blockLength |= *blockLengthPtr++ <<  8;
			blockLength |= *blockLengthPtr;

		unsigned long
			dataLength  = *dataLengthPtr++ << 24;
			dataLength |= *dataLengthPtr++ << 16;
			dataLength |= *dataLengthPtr++ <<  8;
			dataLength |= *dataLengthPtr;

		// as discussed in the article
		if(blockLength != dataLength + DES_KEY_SZ + 4 + 4)
		{
			continue;
		}

		// perform basic sanity checks on data length
		if(dataLength > fileSize - (wandOffset + DES_KEY_SZ + 4)
			|| dataLength < 8 || dataLength % 8 != 0)
		{
			continue;
		}

		unsigned char
			hashSignature1[MD5_DIGEST_LENGTH],
			hashSignature2[MD5_DIGEST_LENGTH],
			tmpBuffer[256];

		//
		// hashing of (salt, key), (hash, salt, key)
		//

		memcpy(tmpBuffer, opera_salt, sizeof(opera_salt));
		memcpy(tmpBuffer + sizeof(opera_salt), wandKey, DES_KEY_SZ);

		MD5(tmpBuffer, sizeof(opera_salt) + DES_KEY_SZ, hashSignature1);

		memcpy(tmpBuffer, hashSignature1, sizeof(hashSignature1));
		memcpy(tmpBuffer + sizeof(hashSignature1),
			opera_salt, sizeof(opera_salt));

		memcpy(tmpBuffer + sizeof(hashSignature1) + 
			sizeof(opera_salt), wandKey, DES_KEY_SZ);

		MD5(tmpBuffer, sizeof(hashSignature1) +
			sizeof(opera_salt) + DES_KEY_SZ, hashSignature2);

		//
		// schedule keys. key material from hashes
		//

		DES_key_schedule key_schedule1, key_schedule2, key_schedule3;

		DES_set_key_unchecked((const_DES_cblock *)&hashSignature1[0],
			&key_schedule1);

		DES_set_key_unchecked((const_DES_cblock *)&hashSignature1[8],
			&key_schedule2);

		DES_set_key_unchecked((const_DES_cblock *)&hashSignature2[0],
			&key_schedule3);

		DES_cblock iVector;
		memcpy(iVector, &hashSignature2[8], sizeof(DES_cblock));

		unsigned char *cryptoData = wandKey + DES_KEY_SZ + 4;

		//
		// decrypt wand data in place using 3DES-CBC
		//

		DES_ede3_cbc_encrypt(cryptoData, cryptoData, dataLength,
			&key_schedule1, &key_schedule2, &key_schedule3, &iVector, 0);

		if(0x00 == *cryptoData || 0x08 == *cryptoData)
		{
			std::wcout << L"<null>" << std::endl;
		}
		else
		{
			// remove padding (data padded up to next block)
			unsigned char *padding = cryptoData + dataLength - 1;
			memset(padding - (*padding - 1), 0x00, *padding);

			std::wcout << (wchar_t *)cryptoData << std::endl;
		}

		wandOffset = wandOffset + DES_KEY_SZ + 4 + dataLength;
	}

	free(wandData);
	return 0;
}
示例#25
0
int enc(char *sopath,char *filename)
{
	//printf("you are in the enc program\n");
        SHA_CTX md;
	int eight=8;
	DES_key_schedule schedule1;
	DES_key_schedule schedule2;
	DES_key_schedule schedule3;
        FILE *fp;
        unsigned char buffer[10],DES_output[8];
	char DES_input[8],ch;
        unsigned char digest[20],file_digest[20];
        int count,i,len_of_pass,verify=1,no_of_bytes;
	unsigned char random_bits1[20],random_bits2[20],DES_key1[8],DES_key2[8],DES_key3[8],IV[8];
	char *buf,*buff;
	

	if(RAND_bytes(random_bits1,20)==0)
	{
		fprintf(stderr,"Error obtaining 20 bytes of random bits from OPENSSL\n");
		exit(1);
	}
	if(RAND_bytes(random_bits2,20)==0)
	{
		fprintf(stderr,"Error obtaining 20 bytes of random bits from OPENSSL\n");
		exit(1);
	}
/**************************************
COMPUTE SHA1 OF FILE
**************************************/

        if((fp=fopen(filename,"rb"))==NULL)
        {
                fprintf(stderr,"(input file %s does not exist)\n",filename);
                exit(1);
        }
        SHA1_Init(&md);
        while((count=fread(&buffer,1,10,fp)))
        {
                SHA1_Update(&md,buffer,count);
        }
        SHA1_Final(file_digest,&md);

/*        for(i=0;i<20;i++)
        {
                printf("%02x",file_digest[i]);
        }*/

/**************************************
ASK FOR PASSWORD FOR DES
**************************************/
buf=(char *)malloc(4096*sizeof(char));
buff=(char *)malloc(4096*sizeof(char));
des_read_pw(buf,buff,4096,"Enter passphrase for DES encryption: ",verify);

//printf("buff=%s",buf);
//printf("buff2=%s\n",buff);
len_of_pass=strlen(buf);
//printf("len_of_pass=%d\n",len_of_pass);

/**************************************
GENERATE SHA1 OF THE PASSWORD
**************************************/

	SHA1_Init(&md);

	//free(&md);
	//SHA1_Update(&md,"yesnomaybe",10);
	SHA1_Update(&md,buf,strlen(buf));
	SHA1_Final(digest,&md);

	//printf("The SHA1 of password is\n");
        for(i=0;i<20;i++)
        {
                //printf("%02x",digest[i]);
        }

        //printf("\n");
	

/*******************************************
COMPUTE SHA1 OF X AND RANDOM BITS(RB1) 1
*******************************************/
/*	SHA1_Init(&md);
	SHA1_Update(&md,digest,20);
	SHA1_Update(&md,HW4_random_bits_1,20);
	SHA1_Final(X_RB1,&md);
	for(i=0;i<20;i++)
	{
		//printf("%02x",X_RB1[i]);
	}
	//printf("\n");*/

/******************************************
COMPUTE SHA1 OF RB1(Y) AND RANDOM BITS 2(RB2)
******************************************/
/*	SHA1_Init(&md);
        SHA1_Update(&md,X_RB1,20);
        SHA1_Update(&md,HW4_random_bits_2,20);
        SHA1_Final(X_RB2,&md);
        for(i=0;i<20;i++)
        {
                //printf("%02x",X_RB2[i]);
        }
        //printf("\n");*/

/***************************************
COMPUTER IV AND 3 DES KEYS
***************************************/
//	SC_3des_key_gen(NULL,digest,IV,DES_key1,DES_key2,DES_key3);


	SmartcardState pss=(SmartcardState)NULL;
void *handle=NULL;
//void *vp =NULL;
SC_Init_Func *pfn_init=NULL;
SC_Cleanup_Func *pfn_cleanup=NULL;
SC_GetSignatureSize_Func *pfn_getsigsize=NULL;
SC_3DesKeyGen_Func *pfn_sc_enc=NULL;

handle = dlopen(sopath, RTLD_NOW|RTLD_GLOBAL);
if (handle==NULL)
{
//fprintf(stderr, "%s\n",sopath);
fprintf(stderr, "%s\n",
dlerror());
fprintf(stderr,"dlopen() failed\n");
exit(1);
}
pfn_init = (SC_Init_Func*)dlsym(handle,"SC_init");


pfn_cleanup = (SC_Cleanup_Func*)dlsym(handle,"SC_cleanup");


pfn_getsigsize = (SC_GetSignatureSize_Func*)dlsym(handle,"SC_get_signature_size");

pfn_sc_enc = (SC_3DesKeyGen_Func *)dlsym(handle,"SC_3des_key_gen");

if(pfn_init==NULL || pfn_cleanup==NULL || pfn_getsigsize==NULL || pfn_sc_enc==NULL)
{
fprintf(stderr,"(cannot find smartcard functions in this library)\n");
exit(1);
}


pss = (pfn_init)();
//printf("sig size is %d\n", (pfn_getsigsize)(pss));

(pfn_sc_enc) (pss,digest,IV,DES_key1,DES_key2,DES_key3);

(pfn_cleanup)(pss);
dlclose(handle);

/*	for(i=0;i<8;i++)
	IV[i]=X_RB1[i];
	for(i=8,j=0;i<16;i++,j++)
	DES_key1[j]=X_RB1[i];
	for(i=0;i<8;i++)
	DES_key2[i]=X_RB2[i];
	for(i=8,j=0;i<16;i++,j++)
	DES_key3[j]=X_RB2[i];
	printf("IV=");
	for(i=0;i<8;i++)
	printf("%02x",IV[i]);
	printf("\nDES KEY 1=");
	for(i=0;i<8;i++)
	printf("%02x",DES_key1[i]);
	printf("\nDES key 2=");
	for(i=0;i<8;i++)
	printf("%02x",DES_key2[i]);
	printf("\nDES key 3=");
	for(i=0;i<8;i++)
	printf("%02x",DES_key3[i]);
	printf("\n");*/


	
	
	DES_set_odd_parity((DES_cblock *)DES_key1);
	DES_set_odd_parity((DES_cblock *)DES_key2);
	DES_set_odd_parity((DES_cblock *)DES_key3);
	
	DES_key_sched((DES_cblock *)DES_key1,&schedule1);
	DES_set_key((DES_cblock *)DES_key1,&schedule1); 

        DES_key_sched((DES_cblock *)DES_key2,&schedule2);
        DES_set_key((DES_cblock *)DES_key2,&schedule2);

        DES_key_sched((DES_cblock *)DES_key3,&schedule3);
        DES_set_key((DES_cblock *)DES_key3,&schedule3);

/******************************************
READ FILE 8 BYTES AT A TIME AND ENCRYPT IT
******************************************/

	if((fp=fopen(filename,"rb"))==NULL)
	{
		fprintf(stderr,"{input file %s does not exist}\n",filename);
		exit(1);
	}
	i=0;
	while((count=fread(&ch,1,1,fp)))
	{
	i++;
	}
//	printf("no. of bytes=%d\n",i);
	no_of_bytes=i%8;
	fclose(fp);	
	printf("HW4");
	if(no_of_bytes>0)
	printf("%c",no_of_bytes);
	else
	printf("%c",eight);
        if((fp=fopen(filename,"rb"))==NULL)
        {
                fprintf(stderr,"{input file %s does not exist}\n",filename);
                exit(1);
        }
	while((count=fread(&DES_input,1,8,fp)))
	{
		if(count!=8)
		{
		for(i=count;i<8;i++)
		DES_input[i]='\0';
		DES_ede3_cbc_encrypt(DES_input,DES_output,8,&schedule1,&schedule2,&schedule3,(DES_cblock*)IV,1);
		for(i=0;i<8;i++)
		printf("%c",DES_output[i]);
	//	printf("%s",DES_output);
		}
		else
		{
	//	printf("%d\n",count);	
		DES_ede3_cbc_encrypt(DES_input,DES_output,8,&schedule1,&schedule2,&schedule3,(DES_cblock*)IV,1);
		for(i=0;i<8;i++)
		printf("%c",DES_output[i]);
//    		printf("%s",DES_output);
		}
	}
	for(i=0;i<20;i++)
	printf("%c",file_digest[i]);
		

	return 1;


}
示例#26
0
status_t SSO::MBIKeyOld(BString key, BString nonce, BString &response) {
	const char *kSessionHash = "WS-SecureConversationSESSION KEY HASH";
	const char *kSessionEnc = "WS-SecureConversationSESSION KEY ENCRYPTION";
	const uint32 kSessionHashLen = strlen(kSessionHash);
	const uint32 kSessionEncLen = strlen(kSessionEnc);
	const uint8 kNoncePadding = 8;

	uchar *key1 = NULL;
	uchar *key2 = NULL;
	uchar *key3 = NULL;

	// Obtain the three keys for the 3DES encryption
	int32 key1Len = (int32)Base64Decode(key.String(), key.Length(), &key1);
	int32 key2Len = DeriveKey(key1, key1Len, (uchar *)kSessionHash, kSessionHashLen, &key2);
	DeriveKey(key1, key1Len, (uchar *)kSessionEnc, kSessionEncLen, &key3);

	uchar hash[EVP_MAX_MD_SIZE];
	unsigned int hashLen = 0;
	
	// Key 2 is used as the key to the HMAC-SHA() of the Nonce
	HMAC(EVP_sha1(), key2, key2Len, (uchar *)nonce.String(), nonce.Length(), hash, &hashLen);

	// The nonce is padded out by 8 bytes of 0x08
	int32 padNonceLen = nonce.Length() + kNoncePadding;
	uchar *padNonce = (uchar *)calloc(padNonceLen, sizeof(uchar));
	memset(padNonce, 0x08, padNonceLen);
	memcpy(padNonce, nonce.String(), nonce.Length());
	
	const uint32 kKeyLen = 8;
	uchar cbc_key1[kKeyLen];
	uchar cbc_key2[kKeyLen];
	uchar cbc_key3[kKeyLen];
	
	// The 3DES CBC key is Key3
	memcpy(cbc_key1, key3 + (kKeyLen * 0), sizeof(cbc_key1));
	memcpy(cbc_key2, key3 + (kKeyLen * 1), sizeof(cbc_key2));
	memcpy(cbc_key3, key3 + (kKeyLen * 2), sizeof(cbc_key3));

	des_key_schedule ks1;
	des_key_schedule ks2;
	des_key_schedule ks3;
	
	// Create 3DES CBC keys
	DES_set_key(&cbc_key1, &ks1);
	DES_set_key(&cbc_key2, &ks2);
	DES_set_key(&cbc_key3, &ks3);
	
	// Setup the IV
	uchar iv[8];
	for (int8 i = 0; i < 8; i++) iv[i] = rand() * 255;
	des_cblock iv3;
	memcpy(iv3, iv, sizeof(iv));

	// Create a buffer used by the 3DES process
	uchar *buffer = (uchar *)calloc(1024, sizeof(uchar));

	// 3DES the nonce
	DES_ede3_cbc_encrypt(padNonce, buffer, padNonceLen, &ks1, &ks2, &ks3, &iv3, DES_ENCRYPT);

	// Output the results
	BufferWriter *result = new BufferWriter(B_SWAP_HOST_TO_LENDIAN);
	result->WriteInt32(0x0000001C);			// Size of header (28)
	result->WriteInt32(0x00000001);			// CBC crypt
	result->WriteInt32(0x00006603);			// Triple DES
	result->WriteInt32(0x00008004);			// SHA1
	result->WriteInt32(sizeof(iv));			// Length of IV
	result->WriteInt32(hashLen);			// Length of hash
	result->WriteInt32(72);					// Length of cipher
	result->WriteData(iv, sizeof(iv));		// IV
	result->WriteData(hash, hashLen);		// Hash
	result->WriteData(buffer, 72);			// Enc
	
	char *base64Result = Base64Encode((const char *)result->Buffer(), (int32)result->Offset());
	response = base64Result;

	free(key1);
	free(key2);
	free(key3);
	free(padNonce);
	free(buffer);
	free(base64Result);
	
	return B_OK;
};
示例#27
0
static krb5_error_code
DES3_string_to_key(krb5_context context,
		   krb5_enctype enctype,
		   krb5_data password,
		   krb5_salt salt,
		   krb5_data opaque,
		   krb5_keyblock *key)
{
    char *str;
    size_t len;
    unsigned char tmp[24];
    DES_cblock keys[3];
    krb5_error_code ret;

    len = password.length + salt.saltvalue.length;
    str = malloc(len);
    if(len != 0 && str == NULL) {
	krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
	return ENOMEM;
    }
    memcpy(str, password.data, password.length);
    memcpy(str + password.length, salt.saltvalue.data, salt.saltvalue.length);
    {
	DES_cblock ivec;
	DES_key_schedule s[3];
	int i;

	ret = _krb5_n_fold(str, len, tmp, 24);
	if (ret) {
	    memset(str, 0, len);
	    free(str);
	    krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
	    return ret;
	}

	for(i = 0; i < 3; i++){
	    memcpy(keys + i, tmp + i * 8, sizeof(keys[i]));
	    DES_set_odd_parity(keys + i);
	    if(DES_is_weak_key(keys + i))
		_krb5_xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
	    DES_set_key_unchecked(keys + i, &s[i]);
	}
	memset(&ivec, 0, sizeof(ivec));
	DES_ede3_cbc_encrypt(tmp,
			     tmp, sizeof(tmp),
			     &s[0], &s[1], &s[2], &ivec, DES_ENCRYPT);
	memset(s, 0, sizeof(s));
	memset(&ivec, 0, sizeof(ivec));
	for(i = 0; i < 3; i++){
	    memcpy(keys + i, tmp + i * 8, sizeof(keys[i]));
	    DES_set_odd_parity(keys + i);
	    if(DES_is_weak_key(keys + i))
		_krb5_xor(keys + i, (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
	}
	memset(tmp, 0, sizeof(tmp));
    }
    key->keytype = enctype;
    krb5_data_copy(&key->keyvalue, keys, sizeof(keys));
    memset(keys, 0, sizeof(keys));
    memset(str, 0, len);
    free(str);
    return 0;
}