static int test_rc2(const int n) { int testresult = 1; RC2_KEY key; unsigned char buf[8], buf2[8]; RC2_set_key(&key, 16, &(RC2key[n][0]), 0 /* or 1024 */ ); RC2_ecb_encrypt(&RC2plain[n][0], buf, &key, RC2_ENCRYPT); if (!TEST_mem_eq(&RC2cipher[n][0], 8, buf, 8)) testresult = 0; RC2_ecb_encrypt(buf, buf2, &key, RC2_DECRYPT); if (!TEST_mem_eq(&RC2plain[n][0], 8, buf2, 8)) testresult = 0; return testresult; }
QVariantMap jsBridge::encrypt(QString data) { QVariantMap passJson; passJson["ok"] = false; PasswordDialog pwd(qApp->activeWindow(), true); if (pwd.exec() != QDialog::Accepted) return passJson; passJson["hint"] = pwd.getHint(); RC2_KEY key; QByteArray r = QCryptographicHash::hash(pwd.getPassword().toUtf8(), QCryptographicHash::Md5); RC2_set_key(&key, r.size(), (const unsigned char*)r.data(), 64); QByteArray b = data.toUtf8(); char null_ = 0; while (((b.size() + 4) % 8) != 0) b.append(null_); ulong crc = crc32(0, NULL, 0); crc = crc32(crc, (const Bytef *)b.data(), b.size()); QString crc2 = QString(QByteArray::number(~(uint)crc, 16).left(4)).toUpper(); b = crc2.toLatin1() + b; unsigned char * buf2 = new unsigned char[8]; QByteArray result; while (b.size()>0) { QByteArray x = b.left(8); RC2_ecb_encrypt((const unsigned char*)x.data(),buf2,&key,RC2_ENCRYPT); result += QByteArray((const char *)buf2, 8); b.remove(0, 8); } if (!result.isEmpty()){ passJson["data"] = QString::fromLatin1(result.toBase64()); passJson["ok"] = true; } return passJson; }
QString jsBridge::decrypt(QString data, QString hint) { bool error = false; while (true) { PasswordDialog pwd(qApp->activeWindow(), false); pwd.setHint(hint); pwd.setError(error); if (pwd.exec() == QDialog::Accepted){ RC2_KEY key; QByteArray b = QByteArray::fromBase64(data.toLatin1()); QByteArray r = QCryptographicHash::hash(pwd.getPassword().toUtf8(), QCryptographicHash::Md5); RC2_set_key(&key, r.size(), (const unsigned char*)r.data(), 64); unsigned char * buf2 = new unsigned char[8]; QByteArray result; while (b.size()>0) { QByteArray x = b.left(8); RC2_ecb_encrypt((const unsigned char*)x.data(),buf2,&key,RC2_DECRYPT); result += QByteArray((const char *)buf2, x.size()); b.remove(0, 8); } QString crc1 = QString::fromUtf8(result.left(4)); result.remove(0, 4); ulong crc = crc32(0, NULL, 0); crc = crc32(crc, (const Bytef *)result.data(), result.size()); QString crc2 = QString(QByteArray::number(~(uint)crc, 16).left(4)); if (QString::compare(crc1, crc2, Qt::CaseInsensitive) != 0){ error = true; continue; } return result; } else return QString(); } return QString(); }
/* {{{ CI_Ceay_Decrypt */ CK_DEFINE_FUNCTION(CK_RV, CI_Ceay_Decrypt)( CK_I_SESSION_DATA_PTR session_data, CK_BYTE_PTR pEncryptedData, /* ciphertext */ CK_ULONG ulEncryptedDataLen, /* ciphertext length */ CK_BYTE_PTR pData, /* gets plaintext */ CK_ULONG_PTR pulDataLen /* gets p-text size */ ) { CK_RV rv; switch(session_data->decrypt_mechanism) { /* {{{ CKM_RSA_PKCS */ case CKM_RSA_PKCS: { CK_BYTE_PTR tmp_buf = NULL_PTR; CK_ULONG key_len; long processed; /* number of bytes processed by the crypto routine */ rv = CKR_OK; CI_LogEntry("C_Decrypt", "RSA PKCS", rv , 0); key_len = CI_Ceay_RSA_size((RSA CK_PTR)session_data->decrypt_state); /* check if this is only a call for the length of the output buffer */ if(pData == NULL_PTR) { *pulDataLen = key_len-CK_I_PKCS1_MIN_PADDING; CI_VarLogEntry("C_Decrypt", "RSA PKCS Datalength calculated (%i)", rv , 0, *pulDataLen); CI_LogEntry("C_Decrypt", "...completed", rv , 0); return CKR_OK; } /* check for length of input */ if(ulEncryptedDataLen != key_len) { rv = CKR_DATA_LEN_RANGE; goto rsa_pkcs1_err; } tmp_buf = CI_ByteStream_new(key_len); processed = RSA_private_decrypt(ulEncryptedDataLen,pEncryptedData, tmp_buf,session_data->decrypt_state, RSA_PKCS1_PADDING); if(processed == -1) { rv = CKR_GENERAL_ERROR; goto rsa_pkcs1_err; } if(*pulDataLen < (unsigned long)processed) { *pulDataLen = processed; rv = CKR_BUFFER_TOO_SMALL; goto rsa_pkcs1_err; } *pulDataLen = processed; memcpy(pData, tmp_buf, processed); rsa_pkcs1_err: if(tmp_buf != NULL_PTR) TC_free(tmp_buf); if(session_data->decrypt_state != NULL_PTR) { RSA_free(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; } /* }}} */ /* {{{ CKM_RSA_X_509 */ case CKM_RSA_X_509: { CK_BYTE_PTR tmp_buf = NULL_PTR; CK_ULONG key_len; long processed; /* number of bytes processed by the crypto routine */ CI_LogEntry("C_Decrypt", "RSA X509", rv , 0); rv = CKR_OK; key_len = RSA_size((RSA CK_PTR)session_data->decrypt_state); /* terminate operation */ if(pulDataLen == NULL_PTR) { rv = CKR_OK; goto rsa_x509_err; } /* check if this is only a call for the length of the output buffer */ if(pData == NULL_PTR) { *pulDataLen = key_len; rv = CKR_OK; break; } else /* check that buffer is of sufficent size */ { if(*pulDataLen < key_len) { *pulDataLen = key_len; rv = CKR_BUFFER_TOO_SMALL; break; } } /* check for length of input */ if(ulEncryptedDataLen != key_len) { rv = CKR_DATA_LEN_RANGE; goto rsa_x509_err; } tmp_buf = CI_ByteStream_new(key_len); if(tmp_buf == NULL_PTR) { rv = CKR_HOST_MEMORY; goto rsa_x509_err; } processed = RSA_private_decrypt(ulEncryptedDataLen,pEncryptedData, tmp_buf,session_data->decrypt_state, RSA_NO_PADDING); if(processed == -1) { rv = CKR_GENERAL_ERROR; goto rsa_x509_err; } *pulDataLen = processed; memcpy(pData,tmp_buf,key_len); rsa_x509_err: if(tmp_buf != NULL_PTR) TC_free(tmp_buf); if(session_data->decrypt_state != NULL_PTR) { RSA_free(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; } /* }}} */ /* {{{ CKM_RC4 */ case CKM_RC4: { /* terminate operation */ if(pulDataLen == NULL_PTR) { rv = CKR_OK; goto rc4_err; } /* is this just a test for the length of the recieving buffer? */ rv = CKR_OK; CI_LogEntry("C_Decrypt", "RC4", rv , 0); if(pData == NULL_PTR) { *pulDataLen = ulEncryptedDataLen; rv = CKR_OK; break; } /* is the supplied buffer long enough? */ if(*pulDataLen < ulEncryptedDataLen) { *pulDataLen = ulEncryptedDataLen; rv = CKR_BUFFER_TOO_SMALL; break; } /* OK all set. lets compute */ RC4(session_data->decrypt_state,ulEncryptedDataLen,pEncryptedData,pData); *pulDataLen=ulEncryptedDataLen; rv = CKR_OK; rc4_err: if(session_data->decrypt_state != NULL_PTR) TC_free(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; /* }}} */ /* {{{ CKM_RC2_ECB */ case CKM_RC2_ECB: { CK_ULONG count; /* terminate operation */ if(pulDataLen == NULL_PTR) { rv = CKR_OK; goto rc2_cbc_err; } /* RC2 always takes multiples of 8 bytes */ if(ulEncryptedDataLen%8 != 0) { rv = CKR_DATA_LEN_RANGE; goto rc2_ecb_err; } /* is this just a test for the length of the recieving buffer? */ if(pData == NULL_PTR) { *pulDataLen = ulEncryptedDataLen; rv = CKR_OK; break; } /* is the supplied buffer long enough? */ if(*pulDataLen < ulEncryptedDataLen) { *pulDataLen = ulEncryptedDataLen; rv = CKR_BUFFER_TOO_SMALL; break; } /* OK all set. lets compute */ /* in blocks of 8 bytes. */ for(count=0; count<ulEncryptedDataLen ; count+=8) { RC2_ecb_encrypt(&(pEncryptedData[count]),&(pData[count]), session_data->decrypt_state, RC2_DECRYPT); } *pulDataLen=ulEncryptedDataLen; rv = CKR_OK; rc2_ecb_err: if(session_data->decrypt_state != NULL_PTR) TC_free(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; /* }}} */ /* {{{ CKM_RC2_CBC */ case CKM_RC2_CBC: { /* terminate operation */ if(pulDataLen == NULL_PTR) { rv = CKR_OK; goto rc2_cbc_err; } /* is the length of the supplied data a multiple of 8 to create des-blocks? */ if(ulEncryptedDataLen%8 != 0) { rv = CKR_DATA_LEN_RANGE; goto rc2_cbc_err; } /* is this just a test for the length of the recieving buffer? */ if(pData == NULL_PTR) { *pulDataLen = ulEncryptedDataLen; rv = CKR_OK; break; } /* is the supplied buffer long enough? */ if(*pulDataLen < ulEncryptedDataLen) { *pulDataLen = ulEncryptedDataLen; rv = CKR_BUFFER_TOO_SMALL; break; } /* OK all set. lets compute */ RC2_cbc_encrypt((unsigned char*)pEncryptedData, (unsigned char*)pData, ulEncryptedDataLen, ((CK_I_CEAY_RC2_INFO_PTR)session_data->decrypt_state)->key, ((CK_I_CEAY_RC2_INFO_PTR)session_data->decrypt_state)->ivec, RC2_DECRYPT); rv = CKR_OK; rc2_cbc_err: CI_RC2_INFO_delete(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; /* }}} */ /* {{{ CKM_DES_ECB */ case CKM_DES_ECB: { CK_ULONG count; /* terminate operation */ if(pulDataLen == NULL_PTR) { rv = CKR_OK; goto des_ecb_err; } /* DES allways takes multiples of 8 bytes */ if(ulEncryptedDataLen%8 != 0) { rv = CKR_DATA_LEN_RANGE; goto des_ecb_err; } /* is this just a test for the length of the recieving buffer? */ if(pData == NULL_PTR) { *pulDataLen = ulEncryptedDataLen; rv = CKR_OK; break; } /* is the supplied buffer long enough? */ if(*pulDataLen < ulEncryptedDataLen) { *pulDataLen = ulEncryptedDataLen; rv = CKR_BUFFER_TOO_SMALL; break; } /* OK all set. lets compute */ /* in blocks of 8 bytes. */ for(count=0; count<ulEncryptedDataLen ; count+=8) { des_ecb_encrypt((des_cblock*)(&(pEncryptedData[count])), (des_cblock*)(&(pData[count])), session_data->decrypt_state, DES_DECRYPT); } *pulDataLen=ulEncryptedDataLen; rv = CKR_OK; des_ecb_err: if(session_data->decrypt_state != NULL_PTR) TC_free(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; /* }}} */ /* {{{ CKM_DES_CBC */ case CKM_DES_CBC: { /* terminate operation */ if(pulDataLen == NULL_PTR) { rv = CKR_OK; goto des_cbc_err; } /* is the length of the supplied data a multiple of 8 to create des-blocks? */ if(ulEncryptedDataLen%8 != 0) { rv = CKR_DATA_LEN_RANGE; goto des_cbc_err; } /* is this just a test for the length of the recieving buffer? */ if(pData == NULL_PTR) { *pulDataLen = ulEncryptedDataLen; rv = CKR_OK; break; } /* is the supplied buffer long enough? */ if(*pulDataLen < ulEncryptedDataLen) { *pulDataLen = ulEncryptedDataLen; rv = CKR_BUFFER_TOO_SMALL; break; } /* OK all set. lets compute */ des_ncbc_encrypt(pEncryptedData, pData, ulEncryptedDataLen, ((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->sched, &(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->ivec), DES_DECRYPT); *pulDataLen=ulEncryptedDataLen; rv = CKR_OK; des_cbc_err: if(session_data->decrypt_state!= NULL_PTR) TC_free(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; /* }}} */ /* {{{ CKM_DES_CBC_PAD */ case CKM_DES_CBC_PAD: { CK_BYTE PadValue; CK_ULONG ulPaddingLen, i; /* terminate operation */ if(pulDataLen == NULL_PTR) { rv = CKR_OK; goto des_cbc_pad_err; } /* is the length of the supplied data a multiple of 8 to create des-blocks? */ if(ulEncryptedDataLen%8 != 0) { rv = CKR_DATA_LEN_RANGE; break; } /* is this just a test for the length of the recieving buffer? */ if(pData == NULL_PTR) { *pulDataLen = ulEncryptedDataLen; rv = CKR_OK; break; } /* is the supplied buffer long enough? */ if(*pulDataLen < ulEncryptedDataLen) { *pulDataLen = ulEncryptedDataLen; rv = CKR_BUFFER_TOO_SMALL; goto des_cbc_pad_err; } /* OK all set. lets compute */ des_ncbc_encrypt(pEncryptedData, pData, ulEncryptedDataLen, ((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->sched, &(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->ivec), DES_DECRYPT); if((CK_BYTE)((pData[ulEncryptedDataLen-1] >= 1 ) && (CK_BYTE)(pData[ulEncryptedDataLen-1] <= 8))) { PadValue = (CK_BYTE)(pData[ulEncryptedDataLen-1]); ulPaddingLen = (CK_ULONG)PadValue; } else { ulPaddingLen = 0; } for (i=0; i<ulPaddingLen; i++) if ((CK_BYTE)(pData[ulEncryptedDataLen-1-i]) != PadValue) { rv = CKR_GENERAL_ERROR; goto des_cbc_pad_err; } *pulDataLen=ulEncryptedDataLen-ulPaddingLen; rv = CKR_OK; des_cbc_pad_err: if(session_data->decrypt_state!= NULL_PTR) TC_free(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; /* }}} */ /* {{{ CKM_DES3_ECB */ case CKM_DES3_ECB: { CK_ULONG count; /* terminate operation */ if(pulDataLen == NULL_PTR) { rv = CKR_OK; goto des3_ecb_err; } /* DES always takes multiples of 8 bytes */ if(ulEncryptedDataLen%8 != 0) { rv = CKR_DATA_LEN_RANGE; goto des3_ecb_err; } /* is this just a test for the length of the recieving buffer? */ if(pData == NULL_PTR) { *pulDataLen = ulEncryptedDataLen; rv = CKR_OK; break; } /* is the supplied buffer long enough? */ if(*pulDataLen < ulEncryptedDataLen) { *pulDataLen = ulEncryptedDataLen; rv = CKR_BUFFER_TOO_SMALL; break; } /* OK all set. lets compute */ /* in blocks of 8 bytes. */ for(count=0; count<ulEncryptedDataLen ; count+=8) { des_ecb3_encrypt((des_cblock*)(&(pEncryptedData[count])), (des_cblock*)(&(pData[count])), ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[0], ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[1], ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[2], DES_DECRYPT); } *pulDataLen=ulEncryptedDataLen; rv = CKR_OK; des3_ecb_err: if(session_data->decrypt_state!= NULL_PTR) CI_DES3_INFO_delete(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; /* }}} */ /* {{{ CKM_DES3_CBC */ case CKM_DES3_CBC: { /* terminate operation */ if(pulDataLen == NULL_PTR) { rv = CKR_OK; goto des3_cbc_err; } /* is the length of the supplied data a multiple of 8 to create des-blocks? */ if(ulEncryptedDataLen%8 != 0) { rv = CKR_DATA_LEN_RANGE; goto des3_cbc_err; } /* is this just a test for the length of the recieving buffer? */ if(pData == NULL_PTR) { *pulDataLen = ulEncryptedDataLen; rv = CKR_OK; break; } /* is the supplied buffer long enough? */ if(*pulDataLen < ulEncryptedDataLen) { *pulDataLen = ulEncryptedDataLen; rv = CKR_BUFFER_TOO_SMALL; break; } /* OK all set. lets compute */ des_ede3_cbc_encrypt(pEncryptedData, pData, ulEncryptedDataLen, ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[0], ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[1], ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[2], ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->ivec, DES_DECRYPT); *pulDataLen=ulEncryptedDataLen; rv = CKR_OK; des3_cbc_err: if(session_data->decrypt_state != NULL_PTR) CI_DES3_INFO_delete(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; /* }}} */ /* {{{ CKM_IDEA_ECB */ case CKM_IDEA_ECB: { CK_ULONG count; rv = CKR_OK; CI_LogEntry("C_Decrypt", "IDEA ECB", rv , 0); /* terminate operation */ if(pulDataLen == NULL_PTR) { rv = CKR_OK; goto idea_ecb_err; } /* IDEA always takes multiples of 8 bytes */ if(ulEncryptedDataLen%8 != 0) { rv = CKR_DATA_LEN_RANGE; goto idea_ecb_err; } /* is this just a test for the length of the recieving buffer? */ if(pData == NULL_PTR) { *pulDataLen = ulEncryptedDataLen; rv = CKR_OK; break; } /* is the supplied buffer long enough? */ if(*pulDataLen < ulEncryptedDataLen) { *pulDataLen = ulEncryptedDataLen; rv = CKR_BUFFER_TOO_SMALL; break; } /* damit wir ne hoffnung haben */ assert(sizeof(CK_BYTE) == sizeof(unsigned char)); /* OK all set. lets compute */ /* in blocks of 8 bytes. */ for(count=0; count<ulEncryptedDataLen ; count+=8) { /* its the same function for decryption as well, only the key schedule differs */ idea_ecb_encrypt((unsigned char*)&(pEncryptedData[count]), (unsigned char*)&(pData[count]), &(((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->sched)); } *pulDataLen=ulEncryptedDataLen; rv = CKR_OK; idea_ecb_err: if(session_data->decrypt_state!= NULL_PTR) TC_free(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; /* }}} */ /* {{{ CKM_IDEA_CBC */ case CKM_IDEA_CBC: { /* terminate operation */ if(pulDataLen == NULL_PTR) { rv = CKR_OK; goto idea_cbc_err; } /* is the length of the supplied data a multiple of 8 to create des-blocks? */ if(ulEncryptedDataLen%8 != 0) { rv = CKR_DATA_LEN_RANGE; goto idea_cbc_err; } /* is this just a test for the length of the recieving buffer? */ if(pData == NULL_PTR) { *pulDataLen = ulEncryptedDataLen; rv = CKR_OK; break; } /* is the supplied buffer long enough? */ if(*pulDataLen < ulEncryptedDataLen) { *pulDataLen = ulEncryptedDataLen; rv = CKR_BUFFER_TOO_SMALL; break; } /* OK all set. lets compute */ idea_cbc_encrypt((unsigned char*)pEncryptedData, (unsigned char*)pData, ulEncryptedDataLen, &(((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->sched), ((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->ivec, IDEA_DECRYPT); *pulDataLen=ulEncryptedDataLen; rv = CKR_OK; if( ((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->ivec != NULL_PTR) TC_free(((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->ivec); idea_cbc_err: if(session_data->decrypt_state) TC_free(session_data->decrypt_state); session_data->decrypt_state = NULL_PTR; } break; /* }}} */ default: rv = CKR_MECHANISM_INVALID; CI_VarLogEntry("C_Decrypt", "algorithm specified: %s", rv, 0, CI_MechanismStr(session_data->decrypt_mechanism)); } CI_LogEntry("C_Decrypt", "...completed", rv , 0); return rv; }
/* {{{ CI_Ceay_DecryptUpdate */ CK_DEFINE_FUNCTION(CK_RV, CI_Ceay_DecryptUpdate)( CK_I_SESSION_DATA_PTR session_data, CK_BYTE_PTR pEncryptedPart, /* encrypted data */ CK_ULONG ulEncryptedPartLen, /* input length */ CK_BYTE_PTR pPart, /* gets plaintext */ CK_ULONG_PTR pulPartLen /* p-text size */ ) { CK_RV rv; switch(session_data->decrypt_mechanism) { /* {{{ CKM_RC4 */ case CKM_RC4: { rv = CKR_OK; CI_LogEntry("C_DecryptUpdate", "RC4", rv , 0); /* is this just a test for the length of the recieving buffer? */ if(pPart == NULL_PTR) { *pulPartLen = ulEncryptedPartLen; return CKR_OK; } /* is the supplied buffer long enough? */ if(*pulPartLen < ulEncryptedPartLen) { *pulPartLen = ulEncryptedPartLen; return CKR_BUFFER_TOO_SMALL; } /* OK all set. lets compute */ RC4(session_data->decrypt_state,ulEncryptedPartLen,pEncryptedPart,pPart); *pulPartLen=ulEncryptedPartLen; } break; /* }}} */ /* {{{ CKM_RC2_ECB */ case CKM_RC2_ECB: { CK_ULONG count; rv = CKR_OK; CI_LogEntry("C_DecryptUpdate", "RC2 ECB", rv , 0); /* RC2 always takes multiples of 8 bytes */ if(ulEncryptedPartLen%8 != 0) return CKR_DATA_LEN_RANGE; /* is this just a test for the length of the recieving buffer? */ if(pPart == NULL_PTR) { *pulPartLen = ulEncryptedPartLen; return CKR_OK; } /* is the supplied buffer long enough? */ if(*pulPartLen < ulEncryptedPartLen) { *pulPartLen = ulEncryptedPartLen; return CKR_BUFFER_TOO_SMALL; } /* OK all set. lets compute */ /* in blocks of 8 bytes. */ for(count=0; count<ulEncryptedPartLen ; count+=8) { RC2_ecb_encrypt(&(pEncryptedPart[count]), &(pPart[count]), session_data->decrypt_state, RC2_DECRYPT); } *pulPartLen=ulEncryptedPartLen; rv = CKR_OK; } break; /* }}} */ /* {{{ CKM_RC2_CBC */ case CKM_RC2_CBC: { rv = CKR_OK; CI_LogEntry("C_DecryptUpdate", "RC2 CBC", rv , 0); /* is the length of the supplied data a multiple of 8 to create des-blocks? */ if(ulEncryptedPartLen%8 != 0) return CKR_DATA_LEN_RANGE; /* is this just a test for the length of the recieving buffer? */ if(pPart == NULL_PTR) { *pulPartLen = ulEncryptedPartLen; return CKR_OK; } /* is the supplied buffer long enough? */ if(*pulPartLen < ulEncryptedPartLen) { *pulPartLen = ulEncryptedPartLen; return CKR_BUFFER_TOO_SMALL; } /* OK all set. lets compute */ RC2_cbc_encrypt((unsigned char*)pEncryptedPart, (unsigned char*)pPart, ulEncryptedPartLen, ((CK_I_CEAY_RC2_INFO_PTR)session_data->decrypt_state)->key, ((CK_I_CEAY_RC2_INFO_PTR)session_data->decrypt_state)->ivec, RC2_DECRYPT); *pulPartLen=ulEncryptedPartLen; rv = CKR_OK; } break; /* }}} */ /* {{{ CKM_DES_ECB */ case CKM_DES_ECB: { CK_ULONG count; rv = CKR_OK; CI_LogEntry("C_DecryptUpdate", "DES ECB", rv , 0); /* DES always takes multiples of 8 bytes */ if(ulEncryptedPartLen%8 != 0) return CKR_DATA_LEN_RANGE; /* is this just a test for the length of the recieving buffer? */ if(pPart == NULL_PTR) { *pulPartLen = ulEncryptedPartLen; return CKR_OK; } /* is the supplied buffer long enough? */ if(*pulPartLen < ulEncryptedPartLen) { *pulPartLen = ulEncryptedPartLen; return CKR_BUFFER_TOO_SMALL; } /* OK all set. lets compute */ /* in blocks of 8 bytes. */ for(count=0; count<ulEncryptedPartLen ; count+=8) { des_ecb_encrypt((des_cblock*)(&(pEncryptedPart[count])), (des_cblock*)(&(pPart[count])), session_data->decrypt_state, DES_DECRYPT); } *pulPartLen=ulEncryptedPartLen; rv = CKR_OK; } break; /* }}} */ /* {{{ CKM_DES_CBC */ case CKM_DES_CBC: { rv = CKR_OK; CI_LogEntry("C_DecryptUpdate", "DES3 CBC", rv , 0); /* is the length of the supplied data a multiple of 8 to create des-blocks? */ if(ulEncryptedPartLen%8 != 0) return CKR_DATA_LEN_RANGE; /* is this just a test for the length of the recieving buffer? */ if(pPart == NULL_PTR) { *pulPartLen = ulEncryptedPartLen; return CKR_OK; } /* is the supplied buffer long enough? */ if(*pulPartLen < ulEncryptedPartLen) { *pulPartLen = ulEncryptedPartLen; return CKR_BUFFER_TOO_SMALL; } /* OK all set. lets compute */ des_ncbc_encrypt(pEncryptedPart, pPart, ulEncryptedPartLen, ((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->sched, &(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->ivec), DES_DECRYPT); *pulPartLen=ulEncryptedPartLen; rv = CKR_OK; } break; /* }}} */ /* {{{ CKM_DES_CBC_PAD */ case CKM_DES_CBC_PAD: { CK_BYTE_PTR ptmpbuf = NULL_PTR; /* is the length of the supplied data a multiple of 8 to create des-blocks? */ if(ulEncryptedPartLen%8 != 0) return CKR_DATA_LEN_RANGE; /* is this just a test for the length of the recieving buffer? */ if(pPart == NULL_PTR) { *pulPartLen = ulEncryptedPartLen; return CKR_OK; } /* is the supplied buffer long enough? */ if(*pulPartLen < ulEncryptedPartLen) { *pulPartLen = ulEncryptedPartLen; return CKR_BUFFER_TOO_SMALL; } /* OK all set. lets compute */ ptmpbuf = CI_ByteStream_new(ulEncryptedPartLen); if(ptmpbuf == NULL_PTR) return CKR_HOST_MEMORY; if(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->pad) { memcpy(ptmpbuf, ((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->lastblock, 8); memcpy(ptmpbuf+8, pEncryptedPart, ulEncryptedPartLen-8); *pulPartLen = ulEncryptedPartLen; } else { memcpy(ptmpbuf, pEncryptedPart, ulEncryptedPartLen-8); *pulPartLen = ulEncryptedPartLen-8; ((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->pad = 8; } des_ncbc_encrypt(ptmpbuf, pPart, *pulPartLen, ((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->sched, &(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->ivec), DES_DECRYPT); memcpy(((CK_I_CEAY_DES_INFO_PTR)session_data->decrypt_state)->lastblock, pEncryptedPart+ulEncryptedPartLen-8, 8); TC_free(ptmpbuf); rv = CKR_OK; } break; /* }}} */ /* {{{ CKM_DES3_ECB */ case CKM_DES3_ECB: { CK_ULONG count; /* DES always takes multiples of 8 bytes */ if(ulEncryptedPartLen%8 != 0) return CKR_DATA_LEN_RANGE; /* is this just a test for the length of the recieving buffer? */ if(pPart == NULL_PTR) { *pulPartLen = ulEncryptedPartLen; return CKR_OK; } /* is the supplied buffer long enough? */ if(*pulPartLen < ulEncryptedPartLen) { *pulPartLen = ulEncryptedPartLen; return CKR_BUFFER_TOO_SMALL; } /* OK all set. lets compute */ /* in blocks of 8 bytes. */ for(count=0; count<ulEncryptedPartLen ; count+=8) { des_ecb3_encrypt((des_cblock*)(&(pPart[count])), (des_cblock*)(&(pEncryptedPart[count])), ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[0], ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[1], ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[2], DES_DECRYPT); } *pulPartLen=ulEncryptedPartLen; rv = CKR_OK; } break; /* }}} */ /* {{{ CKM_DES3_CBC */ case CKM_DES3_CBC: { rv = CKR_OK; CI_LogEntry("C_DecryptUpdate", "IDEA CBC", rv , 0); /* is the length of the supplied data a multiple of 8 to create des-blocks? */ if(ulEncryptedPartLen%8 != 0) return CKR_DATA_LEN_RANGE; /* is this just a test for the length of the recieving buffer? */ if(pPart == NULL_PTR) { *pulPartLen = ulEncryptedPartLen; return CKR_OK; } /* is the supplied buffer long enough? */ if(*pulPartLen < ulEncryptedPartLen) { *pulPartLen = ulEncryptedPartLen; return CKR_BUFFER_TOO_SMALL; } /* OK all set. lets compute */ des_ede3_cbc_encrypt(pEncryptedPart, pPart, ulEncryptedPartLen, ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[0], ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[1], ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->sched[2], ((CK_I_CEAY_DES3_INFO_PTR)session_data->decrypt_state)->ivec, DES_DECRYPT); *pulPartLen=ulEncryptedPartLen; rv = CKR_OK; } break; /* }}} */ /* {{{ CKM_IDEA_ECB */ case CKM_IDEA_ECB: { CK_ULONG count; rv = CKR_OK; CI_LogEntry("C_DecryptUpdate", "IDEA ECB", rv , 0); /* DES always takes multiples of 8 bytes */ if(ulEncryptedPartLen%8 != 0) return CKR_DATA_LEN_RANGE; /* is this just a test for the length of the recieving buffer? */ if(pPart == NULL_PTR) { *pulPartLen = ulEncryptedPartLen; return CKR_OK; } /* is the supplied buffer long enough? */ if(*pulPartLen < ulEncryptedPartLen) { *pulPartLen = ulEncryptedPartLen; return CKR_BUFFER_TOO_SMALL; } /* damit wir ne hoffnung haben */ assert(sizeof(CK_BYTE) == sizeof(unsigned char)); /* OK all set. lets compute */ /* in blocks of 8 bytes. */ for(count=0; count<ulEncryptedPartLen ; count+=8) { /* its the same function for decryption as well, only the key schedule differs */ idea_ecb_encrypt((unsigned char*)&(pEncryptedPart[count]), (unsigned char*)&(pPart[count]), &(((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->sched)); } *pulPartLen=ulEncryptedPartLen; rv = CKR_OK; } break; /* }}} */ /* {{{ CKM_IDEA_CBC */ case CKM_IDEA_CBC: { rv = CKR_OK; CI_LogEntry("C_DecryptUpdate", "IDEA CBC", rv , 0); /* is the length of the supplied data a multiple of 8 to create des-blocks? */ if(ulEncryptedPartLen%8 != 0) return CKR_DATA_LEN_RANGE; /* is this just a test for the length of the recieving buffer? */ if(pPart == NULL_PTR) { *pulPartLen = ulEncryptedPartLen; return CKR_OK; } /* is the supplied buffer long enough? */ if(*pulPartLen < ulEncryptedPartLen) { *pulPartLen = ulEncryptedPartLen; return CKR_BUFFER_TOO_SMALL; } /* OK all set. lets compute */ idea_cbc_encrypt((unsigned char*)pEncryptedPart, (unsigned char*)pPart, ulEncryptedPartLen, &(((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->sched), ((CK_I_CEAY_IDEA_INFO_PTR)session_data->decrypt_state)->ivec, IDEA_DECRYPT); *pulPartLen=ulEncryptedPartLen; rv = CKR_OK; } break; /* }}} */ default: rv = CKR_MECHANISM_INVALID; CI_VarLogEntry("C_DecryptUpdate", "algorithm specified: %s", rv, 0, CI_MechanismStr(session_data->decrypt_mechanism)); } CI_VarLogEntry("C_DecryptUpdate", "decryption (%s) result: %s", rv, 2, CI_MechanismStr(session_data->decrypt_mechanism), CI_PrintableByteStream(pPart,*pulPartLen)); CI_LogEntry("C_DecryptUpdate", "...completed", rv , 0); return rv; }
int ssl_test_rc2(int argc, char *argv[]) { int i,n,err=0; RC2_KEY key; unsigned char buf[8],buf2[8]; for (n=0; n<4; n++) { RC2_set_key(&key,16,&(RC2key[n][0]),0 /* or 1024 */); RC2_ecb_encrypt(&(RC2plain[n][0]),buf,&key,RC2_ENCRYPT); if (TINYCLR_SSL_MEMCMP(&(RC2cipher[n][0]),buf,8) != 0) { TINYCLR_SSL_PRINTF("ecb rc2 error encrypting\n"); TINYCLR_SSL_PRINTF("got :"); for (i=0; i<8; i++) TINYCLR_SSL_PRINTF("%02X ",buf[i]); TINYCLR_SSL_PRINTF("\n"); TINYCLR_SSL_PRINTF("expected:"); for (i=0; i<8; i++) TINYCLR_SSL_PRINTF("%02X ",RC2cipher[n][i]); err=20; TINYCLR_SSL_PRINTF("\n"); } RC2_ecb_encrypt(buf,buf2,&key,RC2_DECRYPT); if (TINYCLR_SSL_MEMCMP(&(RC2plain[n][0]),buf2,8) != 0) { TINYCLR_SSL_PRINTF("ecb RC2 error decrypting\n"); TINYCLR_SSL_PRINTF("got :"); for (i=0; i<8; i++) TINYCLR_SSL_PRINTF("%02X ",buf[i]); TINYCLR_SSL_PRINTF("\n"); TINYCLR_SSL_PRINTF("expected:"); for (i=0; i<8; i++) TINYCLR_SSL_PRINTF("%02X ",RC2plain[n][i]); TINYCLR_SSL_PRINTF("\n"); err=3; } } if (err == 0) TINYCLR_SSL_PRINTF("ecb RC2 ok\n"); #ifdef undef TINYCLR_SSL_MEMCPY(iv,k,8); idea_cbc_encrypt((unsigned char *)text,out,TINYCLR_SSL_STRLEN(text)+1,&key,iv,1); TINYCLR_SSL_MEMCPY(iv,k,8); idea_cbc_encrypt(out,out,8,&dkey,iv,0); idea_cbc_encrypt(&(out[8]),&(out[8]),TINYCLR_SSL_STRLEN(text)+1-8,&dkey,iv,0); if (TINYCLR_SSL_MEMCMP(text,out,TINYCLR_SSL_STRLEN(text)+1) != 0) { TINYCLR_SSL_PRINTF("cbc idea bad\n"); err=4; } else TINYCLR_SSL_PRINTF("cbc idea ok\n"); TINYCLR_SSL_PRINTF("cfb64 idea "); if (cfb64_test(cfb_cipher64)) { TINYCLR_SSL_PRINTF("bad\n"); err=5; } else TINYCLR_SSL_PRINTF("ok\n"); #endif #ifdef OPENSSL_SYS_NETWARE if (err) TINYCLR_SSL_PRINTF("ERROR: %d\n", err); #endif return(err); }
int main(int argc, char *argv[]) { int i,n,err=0; RC2_KEY key; unsigned char buf[8],buf2[8]; for (n=0; n<4; n++) { RC2_set_key(&key,16,&(RC2key[n][0]),0 /* or 1024 */); RC2_ecb_encrypt(&(RC2plain[n][0]),buf,&key,RC2_ENCRYPT); if (memcmp(&(RC2cipher[n][0]),buf,8) != 0) { printf("ecb rc2 error encrypting\n"); printf("got :"); for (i=0; i<8; i++) printf("%02X ",buf[i]); printf("\n"); printf("expected:"); for (i=0; i<8; i++) printf("%02X ",RC2cipher[n][i]); err=20; printf("\n"); } RC2_ecb_encrypt(buf,buf2,&key,RC2_DECRYPT); if (memcmp(&(RC2plain[n][0]),buf2,8) != 0) { printf("ecb RC2 error decrypting\n"); printf("got :"); for (i=0; i<8; i++) printf("%02X ",buf[i]); printf("\n"); printf("expected:"); for (i=0; i<8; i++) printf("%02X ",RC2plain[n][i]); printf("\n"); err=3; } } if (err == 0) printf("ecb RC2 ok\n"); #ifdef undef memcpy(iv,k,8); idea_cbc_encrypt((unsigned char *)text,out,strlen(text)+1,&key,iv,1); memcpy(iv,k,8); idea_cbc_encrypt(out,out,8,&dkey,iv,0); idea_cbc_encrypt(&(out[8]),&(out[8]),strlen(text)+1-8,&dkey,iv,0); if (memcmp(text,out,strlen(text)+1) != 0) { printf("cbc idea bad\n"); err=4; } else printf("cbc idea ok\n"); printf("cfb64 idea "); if (cfb64_test(cfb_cipher64)) { printf("bad\n"); err=5; } else printf("ok\n"); #endif EXIT(err); return(err); }