static void cbc3_test(char key1[8], char key2[8], char key3[8], char iv[8], char in[24], char out[24]) { unsigned char k1[8], k2[8], k3[8], indata[24], outdata[24], outdata2[24], ansdata[24]; DES_key_schedule s1, s2, s3; DES_cblock ivdata, ivec_copy; memcpy(k1, key1, 8); memcpy(k2, key2, 8); memcpy(k3, key3, 8); memcpy(ivdata, iv, 8); memcpy(indata, in, 24); memcpy(ansdata, out, 24); DES_set_odd_parity(&k1); DES_set_odd_parity(&k2); DES_set_odd_parity(&k3); DES_set_key_unchecked(&k1, &s1); DES_set_key_unchecked(&k2, &s2); DES_set_key_unchecked(&k3, &s3); memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy)); DES_ede3_cbc_encrypt(indata, outdata, 24, &s1, &s2, &s3, &ivec_copy, 1); if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) errx(1, "cbc3: encrypt"); memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy)); DES_ede3_cbc_encrypt(outdata, outdata2, 24, &s1, &s2, &s3, &ivec_copy, 0); if (memcmp(indata, outdata2, sizeof(outdata2)) != 0) errx(1, "cbc3: decrypt"); }
static void StringToKey(char *str, char *cell, /* cell for password */ struct ktc_encryptionKey *key) { DES_key_schedule schedule; DES_cblock temp_key; DES_cblock ivec; char password[BUFSIZ]; int passlen; strncpy(password, str, sizeof(password)); if ((passlen = strlen(password)) < sizeof(password) - 1) strncat(password, cell, sizeof(password) - passlen); if ((passlen = strlen(password)) > sizeof(password)) passlen = sizeof(password); memcpy(&ivec, "kerberos", 8); memcpy(&temp_key, "kerberos", 8); DES_set_odd_parity(&temp_key); DES_key_sched(&temp_key, &schedule); DES_cbc_cksum((DES_cblock *) password, &ivec, passlen, &schedule, &ivec); memcpy(&temp_key, &ivec, 8); DES_set_odd_parity(&temp_key); DES_key_sched(&temp_key, &schedule); DES_cbc_cksum((DES_cblock *)password, ktc_to_cblock(key), passlen, &schedule, &ivec); DES_set_odd_parity(ktc_to_cblock(key)); }
static void ebc3_test(char key1[8], char key2[8], char key3[8], char in[8], char out[8]) { unsigned char k1[8], k2[8], k3[8], indata[8], outdata[8], outdata2[8], ansdata[8]; DES_key_schedule s1, s2, s3; memcpy(k1, key1, 8); memcpy(k2, key2, 8); memcpy(k3, key3, 8); memcpy(indata, in, 8); memcpy(ansdata, out, 8); DES_set_odd_parity(&k1); DES_set_odd_parity(&k2); DES_set_odd_parity(&k3); DES_set_key_unchecked(&k1, &s1); DES_set_key_unchecked(&k2, &s2); DES_set_key_unchecked(&k3, &s3); DES_ecb3_encrypt(&indata, &outdata, &s1, &s2, &s3, 1); if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) errx(1, "des3: encrypt"); DES_ecb3_encrypt(&outdata, &outdata2, &s1, &s2, &s3, 0); if (memcmp(indata, outdata2, sizeof(outdata2)) != 0) errx(1, "des3: decrypt"); }
int perf() { DES_cblock key1, key2, key3, iv; DES_key_schedule ks1, ks2, ks3; char* payload = (char*)malloc(64); int i; uint64_t start, end; memcpy(payload, "hello world hello world hello world\n", 64); // 1. Key & IV Extract memcpy(key1, "aeaeaeae", 8); memcpy(key2, "aeaeaeae", 8); memcpy(key3, "aeaeaeae", 8); memcpy(iv, "aeaeaeae", 8); DES_set_odd_parity(&key1); DES_set_odd_parity(&key2); DES_set_odd_parity(&key3); // Key Validation Check if(DES_set_key_checked(&key1, &ks1) || DES_set_key_checked(&key2, &ks2) || DES_set_key_checked(&key3, &ks3)) { printf("DES_set_key_checked Error\n"); } start = cpu_tsc(); for(i = 0; i < 1000000; i++) { DES_ede3_cbc_encrypt((const unsigned char*)payload, (unsigned char*)payload, 64 , &ks1, &ks2, &ks3, &iv, DES_ENCRYPT); } end = cpu_tsc(); printf("encrpytion time : %ld\n", (end-start)/10000); start = cpu_tsc(); for(i = 0; i < 1000000; i++) { DES_ede3_cbc_encrypt((const unsigned char*)payload, (unsigned char*)payload, 64 , &ks1, &ks2, &ks3, &iv, DES_DECRYPT); } end = cpu_tsc(); printf("decryption time : %ld\n", (end-start)/10000); return 0; }
static void DES3_random_key(krb5_context context, krb5_keyblock *key) { DES_cblock *k = key->keyvalue.data; do { krb5_generate_random_block(k, 3 * sizeof(DES_cblock)); DES_set_odd_parity(&k[0]); DES_set_odd_parity(&k[1]); DES_set_odd_parity(&k[2]); } while(DES_is_weak_key(&k[0]) || DES_is_weak_key(&k[1]) || DES_is_weak_key(&k[2])); }
enum cryptoerr des3_init(struct keystate *ks, u_int8_t *key, u_int16_t len) { DES_set_odd_parity((void *)key); DES_set_odd_parity((void *)(key + 8)); DES_set_odd_parity((void *)(key + 16)); /* As of the draft Tripe-DES does not check for weak keys */ DES_set_key((void *)key, &ks->ks_des[0]); DES_set_key((void *)(key + 8), &ks->ks_des[1]); DES_set_key((void *)(key + 16), &ks->ks_des[2]); return EOKAY; }
static void cfb64_test(char key1[8], char iv[8], char in[23], char out[23]) { unsigned char k1[8], indata[23], outdata[23], outdata2[23], ansdata[23]; DES_key_schedule s1; DES_cblock ivdata; int num; memcpy(k1, key1, 8); memcpy(indata, in, 23); memcpy(ansdata, out, 23); DES_set_odd_parity(&k1); DES_set_key_unchecked(&k1, &s1); num = 0; memcpy(ivdata, iv, 8); DES_cfb64_encrypt(indata, outdata, 23, &s1, &ivdata, &num, 1); if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) errx(1, "cfb64: encrypt"); num = 0; memcpy(ivdata, iv, 8); DES_cfb64_encrypt(outdata, outdata2, 23, &s1, &ivdata, &num, 0); if (memcmp(indata, outdata2, sizeof(outdata2)) != 0) errx(1, "cfb64: decrypt"); }
static int des3_set_key(struct ssh_cipher_struct *cipher, void *key,void *IV) { if (cipher->key == NULL) { if (alloc_key(cipher) < 0) { return -1; } DES_set_odd_parity(key); DES_set_odd_parity((void*)((uint8_t*)key + 8)); DES_set_odd_parity((void*)((uint8_t*)key + 16)); DES_set_key_unchecked(key, cipher->key); DES_set_key_unchecked((void*)((uint8_t*)key + 8), (void*)((uint8_t*)cipher->key + sizeof(DES_key_schedule))); DES_set_key_unchecked((void*)((uint8_t*)key + 16), (void*)((uint8_t*)cipher->key + 2 * sizeof(DES_key_schedule))); } cipher->IV=IV; return 0; }
void _krb5_DES3_random_to_key(krb5_context context, krb5_keyblock *key, const void *data, size_t size) { unsigned char *x = key->keyvalue.data; const u_char *q = data; DES_cblock *k; int i, j; memset(key->keyvalue.data, 0, key->keyvalue.length); for (i = 0; i < 3; ++i) { unsigned char foo; for (j = 0; j < 7; ++j) { unsigned char b = q[7 * i + j]; x[8 * i + j] = b; } foo = 0; for (j = 6; j >= 0; --j) { foo |= q[7 * i + j] & 1; foo <<= 1; } x[8 * i + 7] = foo; } k = key->keyvalue.data; for (i = 0; i < 3; i++) { DES_set_odd_parity(&k[i]); if(DES_is_weak_key(&k[i])) _krb5_xor(&k[i], (const unsigned char*)"\0\0\0\0\0\0\0\xf0"); } }
void openssl_des_crypt() { int size; DES_cblock key; DES_cblock outputs; const_DES_cblock inputs; DES_key_schedule schedule; unsigned char tmp[16] = "des crypt"; DES_random_key(&key); DES_string_to_key("beike2012", &key); DES_set_odd_parity(&key); des_check_key_parity(&key); DES_set_key_checked(&key, &schedule); DES_is_weak_key((const_DES_cblock *)tmp); DES_ecb_encrypt((const_DES_cblock *)tmp, &outputs, &schedule, DES_ENCRYPT); printf("\nDES_ecb_encrypt(%s) = ", tmp); for (size = 0; size < sizeof(outputs); size++) printf("%02x", outputs[size]); printf("\n"); DES_ecb_encrypt(&outputs, &inputs, &schedule, DES_DECRYPT); printf("DES_ecb_decrypt("); for (size = 0; size < sizeof(outputs); size++) printf("%02x", outputs[size]); printf(") = %s\n", inputs); }
/* * This sets the DES key and (if you're using the deszip version) * the direction of the transformation. This uses the Sun * to map the 64-bit key onto the 56 bits that the key schedule * generation routines use: the old way, which just uses the user- * supplied 64 bits as is, and the new way, which resets the parity * bit to be the same as the low-order bit in each character. The * new way generates a greater variety of key schedules, since many * systems set the parity (high) bit of each character to 0, and the * DES ignores the low order bit of each character. */ void set_des_key(DES_cblock *buf) /* key block */ { int i, j; /* counter in a for loop */ int par; /* parity counter */ /* * if the parity is not preserved, flip it */ if (!pflag) { for (i = 0; i < 8; i++) { par = 0; for (j = 1; j < 8; j++) if ((bits[j] & (*buf)[i]) != 0) par++; if ((par & 0x01) == 0x01) (*buf)[i] &= 0x7f; else (*buf)[i] = ((*buf)[i] & 0x7f) | 0x80; } } DES_set_odd_parity(buf); DES_set_key(buf, &schedule); }
/** * Use NIST SP800-108 with HMAC(MD5) in counter mode as the PRF to derive a * des key from another type of key. * * L is 64, as we take 64 random bits and turn them into a 56-bit des key. * The output of hmac_md5 is 128 bits; we take the first 64 only, so n * properly should be 1. However, we apply a slight variation due to the * possibility of producing a weak des key. If the output key is weak, do NOT * simply correct it, instead, the counter is advanced and the next output * used. As such, we code so as to have n be the full 255 permitted by our * encoding of the counter i in an 8-bit field. L itself is encoded as a * 32-bit field, big-endian. We use the constant string "rxkad" as a label * for this key derivation, the standard NUL byte separator, and omit a * key-derivation context. The input key is unique to the krb5 service ticket, * which is unlikely to be used in an other location. If it is used in such * a fashion, both locations will derive the same des key from the PRF, but * this is no different from if a krb5 des key had been used in the same way, * as traditional krb5 rxkad uses the ticket session key directly as the token * key. * * @param[in] in pointer to input key data * @param[in] insize length of input key data * @param[out] out 8-byte buffer to hold the derived key * * @return Returns 0 to indicate success, or an error code. * * @retval KRB5DES_WEAK_KEY Successive derivation attempts with all * 255 possible counter values each produced weak DES keys. This input * cannot be used to produce a usable key. */ static int rxkad_derive_des_key(const void *in, size_t insize, char out[8]) { unsigned char i; static unsigned char label[] = "rxkad"; /* bits of output, as 32 bit word, MSB first */ static unsigned char Lbuf[4] = { 0, 0, 0, 64 }; /* only needs to be 16 for md5, but lets be sure it fits */ unsigned char tmp[64]; unsigned int mdsize; DES_cblock ktmp; HMAC_CTX mctx; /* stop when 8 bit counter wraps to 0 */ for (i = 1; i; i++) { HMAC_CTX_init(&mctx); HMAC_Init_ex(&mctx, in, insize, EVP_md5(), NULL); HMAC_Update(&mctx, &i, 1); HMAC_Update(&mctx, label, sizeof(label)); /* includes label and separator */ HMAC_Update(&mctx, Lbuf, 4); mdsize = sizeof(tmp); HMAC_Final(&mctx, tmp, &mdsize); memcpy(ktmp, tmp, 8); DES_set_odd_parity(&ktmp); if (!DES_is_weak_key(&ktmp)) { memcpy(out, ktmp, 8); return 0; } } return KRB5DES_WEAK_KEY; }
static int des3_set_key(struct crypto_struct *cipher, void *key) { if (cipher->key == NULL) { if (alloc_key(cipher) < 0) { return -1; } DES_set_odd_parity(key); DES_set_odd_parity(key + 8); DES_set_odd_parity(key + 16); DES_set_key_unchecked(key, cipher->key); DES_set_key_unchecked(key + 8, cipher->key + sizeof(DES_key_schedule)); DES_set_key_unchecked(key + 16, cipher->key + 2 * sizeof(DES_key_schedule)); } return 0; }
/* 3des cbc for SSH-1 has no suitable EVP construct and requires * a custom key setup */ static int des3_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){ DES_cblock *keys = key; DES_set_odd_parity(&keys[0]); DES_set_odd_parity(&keys[1]); DES_set_odd_parity(&keys[2]); cipher->des3_key = malloc(sizeof (struct ssh_3des_key_schedule)); if (cipher->des3_key == NULL){ return SSH_ERROR; } DES_set_key_unchecked(&keys[0], &cipher->des3_key->keys[0]); DES_set_key_unchecked(&keys[1], &cipher->des3_key->keys[1]); DES_set_key_unchecked(&keys[2], &cipher->des3_key->keys[2]); memcpy(cipher->des3_key->ivs.v, IV, 24); return SSH_OK; }
int DES_random_key(DES_cblock *ret) { do { if (RAND_bytes((unsigned char *)ret, sizeof(DES_cblock)) != 1) return (0); } while (DES_is_weak_key(ret)); DES_set_odd_parity(ret); return (1); }
int afstest_AddDESKeyFile(struct afsconf_dir *dir) { char keymaterial[]="\x19\x17\xff\xe6\xbb\x77\x2e\xfc"; /* Make sure that it is actually a valid key */ DES_set_odd_parity((DES_cblock *)keymaterial); return afsconf_AddKey(dir, 1, keymaterial, 1); }
int HC_DEPRECATED DES_new_random_key(DES_cblock *key) { do { if (RAND_bytes(key, sizeof(*key)) != 1) return 1; DES_set_odd_parity(key); } while(DES_is_weak_key(key)); return(0); }
static int des1_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){ if(!cipher->key){ if (alloc_key(cipher) < 0) { return -1; } DES_set_odd_parity(key); DES_set_key_unchecked(key,cipher->key); } cipher->IV=IV; return 0; }
static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) { DES_cblock *deskey = ptr; switch(type) { case EVP_CTRL_RAND_KEY: if (RAND_bytes(ptr, c->key_len) <= 0) return 0; DES_set_odd_parity(deskey); if (c->key_len >= 16) DES_set_odd_parity(deskey + 1); if (c->key_len >= 24) DES_set_odd_parity(deskey + 2); return 1; default: return -1; } }
enum cryptoerr des1_init(struct keystate *ks, u_int8_t *key, u_int16_t len) { /* DES_set_key returns -1 for parity problems, and -2 for weak keys */ DES_set_odd_parity((void *)key); switch (DES_set_key((void *)key, &ks->ks_des[0])) { case -2: return EWEAKKEY; default: return EOKAY; } }
static void lm_make_key(const char *pw, DES_cblock *key) { int i; char *k = (char *) key; k[0] = 0; for ( i = 0 ; i < 7 ; i++ ) { k[i] |= (pw[i] >> i) & 0xff; k[i+1] = (pw[i] << (7 - i)) & 0xff; } DES_set_odd_parity(key); }
void DES_string_to_key(const char *str, DES_cblock *key) { DES_key_schedule ks; int i,length; register unsigned char j; TINYCLR_SSL_MEMSET(key,0,8); length=TINYCLR_SSL_STRLEN(str); #ifdef OLD_STR_TO_KEY for (i=0; i<length; i++) (*key)[i%8]^=(str[i]<<1); #else /* MIT COMPATIBLE */ for (i=0; i<length; i++) { j=str[i]; if ((i%16) < 8) (*key)[i%8]^=(j<<1); else { /* Reverse the bit order 05/05/92 eay */ j=((j<<4)&0xf0)|((j>>4)&0x0f); j=((j<<2)&0xcc)|((j>>2)&0x33); j=((j<<1)&0xaa)|((j>>1)&0x55); (*key)[7-(i%8)]^=j; } } #endif DES_set_odd_parity(key); #ifdef EXPERIMENTAL_STR_TO_STRONG_KEY if(DES_is_weak_key(key)) (*key)[7] ^= 0xF0; DES_set_key(key,&ks); #else DES_set_key_unchecked(key,&ks); #endif DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key); OPENSSL_cleanse(&ks,sizeof(ks)); DES_set_odd_parity(key); }
static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len) { register DES_LONG tin0, tin1; register DES_LONG ttin0, ttin1; DES_LONG d[2], dd[2]; DES_key_schedule k; unsigned char *p; size_t i; for (i = 0; i < len; i += 8) { c2l(in, tin0); d[0] = dd[0] = tin0; c2l(in, tin1); d[1] = dd[1] = tin1; c->h[0] = (c->h[0] & 0x9f) | 0x40; c->hh[0] = (c->hh[0] & 0x9f) | 0x20; DES_set_odd_parity(&c->h); DES_set_key_unchecked(&c->h, &k); DES_encrypt1(d, &k, 1); DES_set_odd_parity(&c->hh); DES_set_key_unchecked(&c->hh, &k); DES_encrypt1(dd, &k, 1); ttin0 = tin0 ^ dd[0]; ttin1 = tin1 ^ dd[1]; tin0 ^= d[0]; tin1 ^= d[1]; p = c->h; l2c(tin0, p); l2c(ttin1, p); p = c->hh; l2c(ttin0, p); l2c(tin1, p); } }
static int des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char * key, const unsigned char * iv, int encp) { struct des_ede3_cbc *k = ctx->cipher_data; DES_cblock deskey; memcpy(&deskey, key, sizeof(deskey)); DES_set_odd_parity(&deskey); DES_set_key_unchecked(&deskey, &k->ks[0]); memcpy(&deskey, key + 8, sizeof(deskey)); DES_set_odd_parity(&deskey); DES_set_key_unchecked(&deskey, &k->ks[1]); memcpy(&deskey, key + 16, sizeof(deskey)); DES_set_odd_parity(&deskey); DES_set_key_unchecked(&deskey, &k->ks[2]); return 1; }
static uint64_t feistel_enc(uint32_t a, uint32_t b, uint32_t m, uint8_t *key[], uint32_t round) { uint64_t L, R; uint64_t tmp, nval; uint64_t mod; uint8_t val[8]; uint8_t res[8]; int i; DES_cblock ckey; DES_key_schedule schd; L = m % a; R = (uint64_t)floor((double)m / (double)a); memset(val, 0, 8 * sizeof(uint8_t)); for(i = 0; i < round; i ++) { memcpy(val, &R, 8 * sizeof(uint8_t)); memset(&ckey, 0, sizeof(DES_cblock)); memcpy(&ckey, key[i], PERMKEYLENGTH); memset(res, 0, 8 * sizeof(char)); memset(&schd, 0, sizeof(DES_key_schedule)); DES_set_odd_parity(&ckey); DES_set_key_checked(&ckey, &schd); DES_ecb_encrypt((const_DES_cblock *)val, (DES_cblock *)res, &schd, DES_ENCRYPT); nval = *((uint64_t *)res); mod = ((i & 0x1) == 0) ? a : b; tmp = ((L % mod)+ (nval % mod)) % mod; L = R; R = tmp; memset(val, 0, 8 * sizeof(uint8_t)); } if((round & 0x1) == 1) { return a * L + R; } else { return a * R + L; } }
/* IN 56 bit DES key missing parity bits OUT 64 bit DES key with parity bits added */ void mschap_des_addparity(u_int8_t *key, u_int8_t *des_key) { des_key[0] = get7bits(key, 0); des_key[1] = get7bits(key, 7); des_key[2] = get7bits(key, 14); des_key[3] = get7bits(key, 21); des_key[4] = get7bits(key, 28); des_key[5] = get7bits(key, 35); des_key[6] = get7bits(key, 42); des_key[7] = get7bits(key, 49); DES_set_odd_parity((DES_cblock *)des_key); }
PbeMd5AndDesEncryptor::PbeMd5AndDesKey PbeMd5AndDesEncryptor::generateKey(const std::string& password, const std::string salt, long iterations) { std::string keyHash = generateDataHash(password, salt, iterations); PbeMd5AndDesKey retVal; DES_cblock key; keyHash.copy(reinterpret_cast<char *>(&key), ALGO_BLOCK_SIZE, 0); keyHash.copy(reinterpret_cast<char *>(&retVal.ivec), ALGO_BLOCK_SIZE, ALGO_BLOCK_SIZE); DES_set_odd_parity(&key); DES_set_key_checked(&key, &retVal.schedule); return retVal; }
static int encrypt( char *key, char *msg, int size, char *res) { int n=0; DES_cblock key2; DES_key_schedule schedule; /* Prepare the key for use with DES_cfb64_encrypt */ memcpy( key2, key,8); DES_set_odd_parity( &key2 ); DES_set_key_checked( &key2, &schedule ); /* Encryption occurs here */ DES_cfb64_encrypt( ( unsigned char * ) msg, ( unsigned char * ) res, size, &schedule, &key2, &n, DES_ENCRYPT ); return size; }
char * Decrypt( char *Key, char *Msg, int size) { static char* Res; int n=0; DES_cblock Key2; DES_key_schedule schedule; Res = ( char * ) malloc( size ); /* Prepare the key for use with DES_cfb64_encrypt */ memcpy( Key2, Key,8); DES_set_odd_parity( &Key2 ); DES_set_key_checked( &Key2, &schedule ); /* Decryption occurs here */ DES_cfb64_encrypt( ( unsigned char * ) Msg, ( unsigned char * ) Res, size, &schedule, &Key2, &n, DES_DECRYPT ); return (Res); }
static void ecb_test(char key[8], char in[8], char out[8]) { unsigned char k[8], indata[8], outdata[8], outdata2[8], ansdata[8]; DES_key_schedule s; memcpy(k, key, 8); memcpy(indata, in, 8); memcpy(ansdata, out, 8); DES_set_odd_parity(&k); DES_set_key_unchecked(&k, &s); DES_ecb_encrypt(&indata, &outdata, &s, 1); if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0) errx(1, "des: encrypt"); DES_ecb_encrypt(&outdata, &outdata2, &s, 0); if (memcmp(indata, outdata2, sizeof(outdata2)) != 0) errx(1, "des: decrypt"); }