static void
cbc3_test(char key1[8], char key2[8], char key3[8],
char iv[8], char in[24], char out[24])
{
unsigned char k1[8], k2[8], k3[8],
indata[24], outdata[24], outdata2[24], ansdata[24];
DES_key_schedule s1, s2, s3;
DES_cblock ivdata, ivec_copy;
memcpy(k1, key1, 8);
memcpy(k2, key2, 8);
memcpy(k3, key3, 8);
memcpy(ivdata, iv, 8);
memcpy(indata, in, 24);
memcpy(ansdata, out, 24);
DES_set_odd_parity(&k1);
DES_set_odd_parity(&k2);
DES_set_odd_parity(&k3);
DES_set_key_unchecked(&k1, &s1);
DES_set_key_unchecked(&k2, &s2);
DES_set_key_unchecked(&k3, &s3);
memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy));
DES_ede3_cbc_encrypt(indata, outdata, 24,
&s1, &s2, &s3, &ivec_copy, 1);
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
errx(1, "cbc3: encrypt");
memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy));
DES_ede3_cbc_encrypt(outdata, outdata2, 24,
&s1, &s2, &s3, &ivec_copy, 0);
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
errx(1, "cbc3: decrypt");
}
static void
StringToKey(char *str, char *cell, /* cell for password */
struct ktc_encryptionKey *key)
{
DES_key_schedule schedule;
DES_cblock temp_key;
DES_cblock ivec;
char password[BUFSIZ];
int passlen;
strncpy(password, str, sizeof(password));
if ((passlen = strlen(password)) < sizeof(password) - 1)
strncat(password, cell, sizeof(password) - passlen);
if ((passlen = strlen(password)) > sizeof(password))
passlen = sizeof(password);
memcpy(&ivec, "kerberos", 8);
memcpy(&temp_key, "kerberos", 8);
DES_set_odd_parity(&temp_key);
DES_key_sched(&temp_key, &schedule);
DES_cbc_cksum((DES_cblock *) password, &ivec, passlen, &schedule, &ivec);
memcpy(&temp_key, &ivec, 8);
DES_set_odd_parity(&temp_key);
DES_key_sched(&temp_key, &schedule);
DES_cbc_cksum((DES_cblock *)password, ktc_to_cblock(key), passlen,
&schedule, &ivec);
DES_set_odd_parity(ktc_to_cblock(key));
}
static void
ebc3_test(char key1[8], char key2[8], char key3[8], char in[8], char out[8])
{
unsigned char k1[8], k2[8], k3[8],
indata[8], outdata[8], outdata2[8], ansdata[8];
DES_key_schedule s1, s2, s3;
memcpy(k1, key1, 8);
memcpy(k2, key2, 8);
memcpy(k3, key3, 8);
memcpy(indata, in, 8);
memcpy(ansdata, out, 8);
DES_set_odd_parity(&k1);
DES_set_odd_parity(&k2);
DES_set_odd_parity(&k3);
DES_set_key_unchecked(&k1, &s1);
DES_set_key_unchecked(&k2, &s2);
DES_set_key_unchecked(&k3, &s3);
DES_ecb3_encrypt(&indata, &outdata, &s1, &s2, &s3, 1);
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
errx(1, "des3: encrypt");
DES_ecb3_encrypt(&outdata, &outdata2, &s1, &s2, &s3, 0);
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
errx(1, "des3: decrypt");
}
int perf()
{
DES_cblock key1, key2, key3, iv;
DES_key_schedule ks1, ks2, ks3;
char* payload = (char*)malloc(64);
int i;
uint64_t start, end;
memcpy(payload, "hello world hello world hello world\n", 64);
// 1. Key & IV Extract
memcpy(key1, "aeaeaeae", 8);
memcpy(key2, "aeaeaeae", 8);
memcpy(key3, "aeaeaeae", 8);
memcpy(iv, "aeaeaeae", 8);
DES_set_odd_parity(&key1);
DES_set_odd_parity(&key2);
DES_set_odd_parity(&key3);
// Key Validation Check
if(DES_set_key_checked(&key1, &ks1) ||
DES_set_key_checked(&key2, &ks2) ||
DES_set_key_checked(&key3, &ks3))
{
printf("DES_set_key_checked Error\n");
}
start = cpu_tsc();
for(i = 0; i < 1000000; i++)
{
DES_ede3_cbc_encrypt((const unsigned char*)payload,
(unsigned char*)payload,
64 , &ks1, &ks2, &ks3, &iv, DES_ENCRYPT);
}
end = cpu_tsc();
printf("encrpytion time : %ld\n", (end-start)/10000);
start = cpu_tsc();
for(i = 0; i < 1000000; i++)
{
DES_ede3_cbc_encrypt((const unsigned char*)payload,
(unsigned char*)payload,
64 , &ks1, &ks2, &ks3, &iv, DES_DECRYPT);
}
end = cpu_tsc();
printf("decryption time : %ld\n", (end-start)/10000);
return 0;
}
static void
DES3_random_key(krb5_context context,
krb5_keyblock *key)
{
DES_cblock *k = key->keyvalue.data;
do {
krb5_generate_random_block(k, 3 * sizeof(DES_cblock));
DES_set_odd_parity(&k[0]);
DES_set_odd_parity(&k[1]);
DES_set_odd_parity(&k[2]);
} while(DES_is_weak_key(&k[0]) ||
DES_is_weak_key(&k[1]) ||
DES_is_weak_key(&k[2]));
}
enum cryptoerr
des3_init(struct keystate *ks, u_int8_t *key, u_int16_t len)
{
DES_set_odd_parity((void *)key);
DES_set_odd_parity((void *)(key + 8));
DES_set_odd_parity((void *)(key + 16));
/* As of the draft Tripe-DES does not check for weak keys */
DES_set_key((void *)key, &ks->ks_des[0]);
DES_set_key((void *)(key + 8), &ks->ks_des[1]);
DES_set_key((void *)(key + 16), &ks->ks_des[2]);
return EOKAY;
}
static void
cfb64_test(char key1[8], char iv[8], char in[23], char out[23])
{
unsigned char k1[8],
indata[23], outdata[23], outdata2[23], ansdata[23];
DES_key_schedule s1;
DES_cblock ivdata;
int num;
memcpy(k1, key1, 8);
memcpy(indata, in, 23);
memcpy(ansdata, out, 23);
DES_set_odd_parity(&k1);
DES_set_key_unchecked(&k1, &s1);
num = 0;
memcpy(ivdata, iv, 8);
DES_cfb64_encrypt(indata, outdata, 23, &s1, &ivdata, &num, 1);
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
errx(1, "cfb64: encrypt");
num = 0;
memcpy(ivdata, iv, 8);
DES_cfb64_encrypt(outdata, outdata2, 23, &s1, &ivdata, &num, 0);
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
errx(1, "cfb64: decrypt");
}
static int des3_set_key(struct ssh_cipher_struct *cipher, void *key,void *IV) {
if (cipher->key == NULL) {
if (alloc_key(cipher) < 0) {
return -1;
}
DES_set_odd_parity(key);
DES_set_odd_parity((void*)((uint8_t*)key + 8));
DES_set_odd_parity((void*)((uint8_t*)key + 16));
DES_set_key_unchecked(key, cipher->key);
DES_set_key_unchecked((void*)((uint8_t*)key + 8), (void*)((uint8_t*)cipher->key + sizeof(DES_key_schedule)));
DES_set_key_unchecked((void*)((uint8_t*)key + 16), (void*)((uint8_t*)cipher->key + 2 * sizeof(DES_key_schedule)));
}
cipher->IV=IV;
return 0;
}
void
_krb5_DES3_random_to_key(krb5_context context,
krb5_keyblock *key,
const void *data,
size_t size)
{
unsigned char *x = key->keyvalue.data;
const u_char *q = data;
DES_cblock *k;
int i, j;
memset(key->keyvalue.data, 0, key->keyvalue.length);
for (i = 0; i < 3; ++i) {
unsigned char foo;
for (j = 0; j < 7; ++j) {
unsigned char b = q[7 * i + j];
x[8 * i + j] = b;
}
foo = 0;
for (j = 6; j >= 0; --j) {
foo |= q[7 * i + j] & 1;
foo <<= 1;
}
x[8 * i + 7] = foo;
}
k = key->keyvalue.data;
for (i = 0; i < 3; i++) {
DES_set_odd_parity(&k[i]);
if(DES_is_weak_key(&k[i]))
_krb5_xor(&k[i], (const unsigned char*)"\0\0\0\0\0\0\0\xf0");
}
}
void openssl_des_crypt()
{
int size;
DES_cblock key;
DES_cblock outputs;
const_DES_cblock inputs;
DES_key_schedule schedule;
unsigned char tmp[16] = "des crypt";
DES_random_key(&key);
DES_string_to_key("beike2012", &key);
DES_set_odd_parity(&key);
des_check_key_parity(&key);
DES_set_key_checked(&key, &schedule);
DES_is_weak_key((const_DES_cblock *)tmp);
DES_ecb_encrypt((const_DES_cblock *)tmp, &outputs, &schedule, DES_ENCRYPT);
printf("\nDES_ecb_encrypt(%s) = ", tmp);
for (size = 0; size < sizeof(outputs); size++)
printf("%02x", outputs[size]);
printf("\n");
DES_ecb_encrypt(&outputs, &inputs, &schedule, DES_DECRYPT);
printf("DES_ecb_decrypt(");
for (size = 0; size < sizeof(outputs); size++)
printf("%02x", outputs[size]);
printf(") = %s\n", inputs);
}
/*
* This sets the DES key and (if you're using the deszip version)
* the direction of the transformation. This uses the Sun
* to map the 64-bit key onto the 56 bits that the key schedule
* generation routines use: the old way, which just uses the user-
* supplied 64 bits as is, and the new way, which resets the parity
* bit to be the same as the low-order bit in each character. The
* new way generates a greater variety of key schedules, since many
* systems set the parity (high) bit of each character to 0, and the
* DES ignores the low order bit of each character.
*/
void
set_des_key(DES_cblock *buf) /* key block */
{
int i, j; /* counter in a for loop */
int par; /* parity counter */
/*
* if the parity is not preserved, flip it
*/
if (!pflag) {
for (i = 0; i < 8; i++) {
par = 0;
for (j = 1; j < 8; j++)
if ((bits[j] & (*buf)[i]) != 0)
par++;
if ((par & 0x01) == 0x01)
(*buf)[i] &= 0x7f;
else
(*buf)[i] = ((*buf)[i] & 0x7f) | 0x80;
}
}
DES_set_odd_parity(buf);
DES_set_key(buf, &schedule);
}
/**
* Use NIST SP800-108 with HMAC(MD5) in counter mode as the PRF to derive a
* des key from another type of key.
*
* L is 64, as we take 64 random bits and turn them into a 56-bit des key.
* The output of hmac_md5 is 128 bits; we take the first 64 only, so n
* properly should be 1. However, we apply a slight variation due to the
* possibility of producing a weak des key. If the output key is weak, do NOT
* simply correct it, instead, the counter is advanced and the next output
* used. As such, we code so as to have n be the full 255 permitted by our
* encoding of the counter i in an 8-bit field. L itself is encoded as a
* 32-bit field, big-endian. We use the constant string "rxkad" as a label
* for this key derivation, the standard NUL byte separator, and omit a
* key-derivation context. The input key is unique to the krb5 service ticket,
* which is unlikely to be used in an other location. If it is used in such
* a fashion, both locations will derive the same des key from the PRF, but
* this is no different from if a krb5 des key had been used in the same way,
* as traditional krb5 rxkad uses the ticket session key directly as the token
* key.
*
* @param[in] in pointer to input key data
* @param[in] insize length of input key data
* @param[out] out 8-byte buffer to hold the derived key
*
* @return Returns 0 to indicate success, or an error code.
*
* @retval KRB5DES_WEAK_KEY Successive derivation attempts with all
* 255 possible counter values each produced weak DES keys. This input
* cannot be used to produce a usable key.
*/
static int
rxkad_derive_des_key(const void *in, size_t insize, char out[8])
{
unsigned char i;
static unsigned char label[] = "rxkad";
/* bits of output, as 32 bit word, MSB first */
static unsigned char Lbuf[4] = { 0, 0, 0, 64 };
/* only needs to be 16 for md5, but lets be sure it fits */
unsigned char tmp[64];
unsigned int mdsize;
DES_cblock ktmp;
HMAC_CTX mctx;
/* stop when 8 bit counter wraps to 0 */
for (i = 1; i; i++) {
HMAC_CTX_init(&mctx);
HMAC_Init_ex(&mctx, in, insize, EVP_md5(), NULL);
HMAC_Update(&mctx, &i, 1);
HMAC_Update(&mctx, label, sizeof(label)); /* includes label and separator */
HMAC_Update(&mctx, Lbuf, 4);
mdsize = sizeof(tmp);
HMAC_Final(&mctx, tmp, &mdsize);
memcpy(ktmp, tmp, 8);
DES_set_odd_parity(&ktmp);
if (!DES_is_weak_key(&ktmp)) {
memcpy(out, ktmp, 8);
return 0;
}
}
return KRB5DES_WEAK_KEY;
}
static int des3_set_key(struct crypto_struct *cipher, void *key) {
if (cipher->key == NULL) {
if (alloc_key(cipher) < 0) {
return -1;
}
DES_set_odd_parity(key);
DES_set_odd_parity(key + 8);
DES_set_odd_parity(key + 16);
DES_set_key_unchecked(key, cipher->key);
DES_set_key_unchecked(key + 8, cipher->key + sizeof(DES_key_schedule));
DES_set_key_unchecked(key + 16, cipher->key + 2 * sizeof(DES_key_schedule));
}
return 0;
}
/* 3des cbc for SSH-1 has no suitable EVP construct and requires
* a custom key setup
*/
static int des3_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){
DES_cblock *keys = key;
DES_set_odd_parity(&keys[0]);
DES_set_odd_parity(&keys[1]);
DES_set_odd_parity(&keys[2]);
cipher->des3_key = malloc(sizeof (struct ssh_3des_key_schedule));
if (cipher->des3_key == NULL){
return SSH_ERROR;
}
DES_set_key_unchecked(&keys[0], &cipher->des3_key->keys[0]);
DES_set_key_unchecked(&keys[1], &cipher->des3_key->keys[1]);
DES_set_key_unchecked(&keys[2], &cipher->des3_key->keys[2]);
memcpy(cipher->des3_key->ivs.v, IV, 24);
return SSH_OK;
}
int DES_random_key(DES_cblock *ret)
{
do {
if (RAND_bytes((unsigned char *)ret, sizeof(DES_cblock)) != 1)
return (0);
} while (DES_is_weak_key(ret));
DES_set_odd_parity(ret);
return (1);
}
int
afstest_AddDESKeyFile(struct afsconf_dir *dir)
{
char keymaterial[]="\x19\x17\xff\xe6\xbb\x77\x2e\xfc";
/* Make sure that it is actually a valid key */
DES_set_odd_parity((DES_cblock *)keymaterial);
return afsconf_AddKey(dir, 1, keymaterial, 1);
}
int HC_DEPRECATED
DES_new_random_key(DES_cblock *key)
{
do {
if (RAND_bytes(key, sizeof(*key)) != 1)
return 1;
DES_set_odd_parity(key);
} while(DES_is_weak_key(key));
return(0);
}
static int des1_set_key(struct ssh_cipher_struct *cipher, void *key, void *IV){
if(!cipher->key){
if (alloc_key(cipher) < 0) {
return -1;
}
DES_set_odd_parity(key);
DES_set_key_unchecked(key,cipher->key);
}
cipher->IV=IV;
return 0;
}
static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
{
DES_cblock *deskey = ptr;
switch(type)
{
case EVP_CTRL_RAND_KEY:
if (RAND_bytes(ptr, c->key_len) <= 0)
return 0;
DES_set_odd_parity(deskey);
if (c->key_len >= 16)
DES_set_odd_parity(deskey + 1);
if (c->key_len >= 24)
DES_set_odd_parity(deskey + 2);
return 1;
default:
return -1;
}
}
enum cryptoerr
des1_init(struct keystate *ks, u_int8_t *key, u_int16_t len)
{
/* DES_set_key returns -1 for parity problems, and -2 for weak keys */
DES_set_odd_parity((void *)key);
switch (DES_set_key((void *)key, &ks->ks_des[0])) {
case -2:
return EWEAKKEY;
default:
return EOKAY;
}
}
static void lm_make_key(const char *pw, DES_cblock *key)
{
int i;
char *k = (char *) key;
k[0] = 0;
for ( i = 0 ; i < 7 ; i++ ) {
k[i] |= (pw[i] >> i) & 0xff;
k[i+1] = (pw[i] << (7 - i)) & 0xff;
}
DES_set_odd_parity(key);
}
void DES_string_to_key(const char *str, DES_cblock *key)
{
DES_key_schedule ks;
int i,length;
register unsigned char j;
TINYCLR_SSL_MEMSET(key,0,8);
length=TINYCLR_SSL_STRLEN(str);
#ifdef OLD_STR_TO_KEY
for (i=0; i<length; i++)
(*key)[i%8]^=(str[i]<<1);
#else /* MIT COMPATIBLE */
for (i=0; i<length; i++)
{
j=str[i];
if ((i%16) < 8)
(*key)[i%8]^=(j<<1);
else
{
/* Reverse the bit order 05/05/92 eay */
j=((j<<4)&0xf0)|((j>>4)&0x0f);
j=((j<<2)&0xcc)|((j>>2)&0x33);
j=((j<<1)&0xaa)|((j>>1)&0x55);
(*key)[7-(i%8)]^=j;
}
}
#endif
DES_set_odd_parity(key);
#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
if(DES_is_weak_key(key))
(*key)[7] ^= 0xF0;
DES_set_key(key,&ks);
#else
DES_set_key_unchecked(key,&ks);
#endif
DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key);
OPENSSL_cleanse(&ks,sizeof(ks));
DES_set_odd_parity(key);
}
static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len)
{
register DES_LONG tin0, tin1;
register DES_LONG ttin0, ttin1;
DES_LONG d[2], dd[2];
DES_key_schedule k;
unsigned char *p;
size_t i;
for (i = 0; i < len; i += 8) {
c2l(in, tin0);
d[0] = dd[0] = tin0;
c2l(in, tin1);
d[1] = dd[1] = tin1;
c->h[0] = (c->h[0] & 0x9f) | 0x40;
c->hh[0] = (c->hh[0] & 0x9f) | 0x20;
DES_set_odd_parity(&c->h);
DES_set_key_unchecked(&c->h, &k);
DES_encrypt1(d, &k, 1);
DES_set_odd_parity(&c->hh);
DES_set_key_unchecked(&c->hh, &k);
DES_encrypt1(dd, &k, 1);
ttin0 = tin0 ^ dd[0];
ttin1 = tin1 ^ dd[1];
tin0 ^= d[0];
tin1 ^= d[1];
p = c->h;
l2c(tin0, p);
l2c(ttin1, p);
p = c->hh;
l2c(ttin0, p);
l2c(tin1, p);
}
}
static int
des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
const unsigned char * key,
const unsigned char * iv,
int encp)
{
struct des_ede3_cbc *k = ctx->cipher_data;
DES_cblock deskey;
memcpy(&deskey, key, sizeof(deskey));
DES_set_odd_parity(&deskey);
DES_set_key_unchecked(&deskey, &k->ks[0]);
memcpy(&deskey, key + 8, sizeof(deskey));
DES_set_odd_parity(&deskey);
DES_set_key_unchecked(&deskey, &k->ks[1]);
memcpy(&deskey, key + 16, sizeof(deskey));
DES_set_odd_parity(&deskey);
DES_set_key_unchecked(&deskey, &k->ks[2]);
return 1;
}
static uint64_t feistel_enc(uint32_t a, uint32_t b, uint32_t m, uint8_t *key[], uint32_t round)
{
uint64_t L, R;
uint64_t tmp, nval;
uint64_t mod;
uint8_t val[8];
uint8_t res[8];
int i;
DES_cblock ckey;
DES_key_schedule schd;
L = m % a;
R = (uint64_t)floor((double)m / (double)a);
memset(val, 0, 8 * sizeof(uint8_t));
for(i = 0; i < round; i ++)
{
memcpy(val, &R, 8 * sizeof(uint8_t));
memset(&ckey, 0, sizeof(DES_cblock));
memcpy(&ckey, key[i], PERMKEYLENGTH);
memset(res, 0, 8 * sizeof(char));
memset(&schd, 0, sizeof(DES_key_schedule));
DES_set_odd_parity(&ckey);
DES_set_key_checked(&ckey, &schd);
DES_ecb_encrypt((const_DES_cblock *)val, (DES_cblock *)res,
&schd, DES_ENCRYPT);
nval = *((uint64_t *)res);
mod = ((i & 0x1) == 0) ? a : b;
tmp = ((L % mod)+ (nval % mod)) % mod;
L = R;
R = tmp;
memset(val, 0, 8 * sizeof(uint8_t));
}
if((round & 0x1) == 1)
{
return a * L + R;
}
else
{
return a * R + L;
}
}
/* IN 56 bit DES key missing parity bits
OUT 64 bit DES key with parity bits added */
void
mschap_des_addparity(u_int8_t *key, u_int8_t *des_key)
{
des_key[0] = get7bits(key, 0);
des_key[1] = get7bits(key, 7);
des_key[2] = get7bits(key, 14);
des_key[3] = get7bits(key, 21);
des_key[4] = get7bits(key, 28);
des_key[5] = get7bits(key, 35);
des_key[6] = get7bits(key, 42);
des_key[7] = get7bits(key, 49);
DES_set_odd_parity((DES_cblock *)des_key);
}
PbeMd5AndDesEncryptor::PbeMd5AndDesKey PbeMd5AndDesEncryptor::generateKey(const std::string& password,
const std::string salt, long iterations) {
std::string keyHash = generateDataHash(password, salt, iterations);
PbeMd5AndDesKey retVal;
DES_cblock key;
keyHash.copy(reinterpret_cast<char *>(&key), ALGO_BLOCK_SIZE, 0);
keyHash.copy(reinterpret_cast<char *>(&retVal.ivec), ALGO_BLOCK_SIZE, ALGO_BLOCK_SIZE);
DES_set_odd_parity(&key);
DES_set_key_checked(&key, &retVal.schedule);
return retVal;
}
static int encrypt( char *key, char *msg, int size, char *res)
{
int n=0;
DES_cblock key2;
DES_key_schedule schedule;
/* Prepare the key for use with DES_cfb64_encrypt */
memcpy( key2, key,8);
DES_set_odd_parity( &key2 );
DES_set_key_checked( &key2, &schedule );
/* Encryption occurs here */
DES_cfb64_encrypt( ( unsigned char * ) msg, ( unsigned char * ) res,
size, &schedule, &key2, &n, DES_ENCRYPT );
return size;
}
char *
Decrypt( char *Key, char *Msg, int size)
{
static char* Res;
int n=0;
DES_cblock Key2;
DES_key_schedule schedule;
Res = ( char * ) malloc( size );
/* Prepare the key for use with DES_cfb64_encrypt */
memcpy( Key2, Key,8);
DES_set_odd_parity( &Key2 );
DES_set_key_checked( &Key2, &schedule );
/* Decryption occurs here */
DES_cfb64_encrypt( ( unsigned char * ) Msg, ( unsigned char * ) Res,
size, &schedule, &Key2, &n, DES_DECRYPT );
return (Res);
}
static void
ecb_test(char key[8], char in[8], char out[8])
{
unsigned char k[8], indata[8], outdata[8], outdata2[8], ansdata[8];
DES_key_schedule s;
memcpy(k, key, 8);
memcpy(indata, in, 8);
memcpy(ansdata, out, 8);
DES_set_odd_parity(&k);
DES_set_key_unchecked(&k, &s);
DES_ecb_encrypt(&indata, &outdata, &s, 1);
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
errx(1, "des: encrypt");
DES_ecb_encrypt(&outdata, &outdata2, &s, 0);
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
errx(1, "des: decrypt");
}
