Add support for 3DES CBCM mode.
diff --git a/CHANGES b/CHANGES
index c6b9e89..7a4d64c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,12 @@
Changes between 0.9.1c and 0.9.2
+ *) Add support for Triple DES Cipher Block Chaining with Output Feedback
+ Masking (CBCM). In the absence of test vectors, the best I have been able
+ to do is check that the decrypt undoes the encrypt, so far. Send me test
+ vectors if you have them.
+ [Ben Laurie]
+
*) Correct caclulation of key length for export ciphers (too much space was
allocated for null ciphers). This has not been tested!
[Ben Laurie]
diff --git a/crypto/des/Makefile.ssl b/crypto/des/Makefile.ssl
index 4ec17d1..cbb6bfb 100644
--- a/crypto/des/Makefile.ssl
+++ b/crypto/des/Makefile.ssl
@@ -30,14 +30,15 @@
qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c \
des_enc.c fcrypt_b.c read2pwd.c \
fcrypt.c xcbc_enc.c \
- str2key.c cfb64ede.c ofb64ede.c supp.c
+ str2key.c cfb64ede.c ofb64ede.c supp.c ede_cbcm_enc.c
LIBOBJ= set_key.o ecb_enc.o cbc_enc.o \
ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o \
enc_read.o enc_writ.o ofb64enc.o \
ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o \
${DES_ENC} read2pwd.o \
- fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o
+ fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o \
+ ede_cbcm_enc.o
SRC= $(LIBSRC)
diff --git a/crypto/des/destest.c b/crypto/des/destest.c
index 5700608..d915c7a 100644
--- a/crypto/des/destest.c
+++ b/crypto/des/destest.c
@@ -318,7 +318,7 @@
char *argv[];
{
int i,j,err=0;
- des_cblock in,out,outin,iv3;
+ des_cblock in,out,outin,iv3,iv2;
des_key_schedule ks,ks2,ks3;
unsigned char cbc_in[40];
unsigned char cbc_out[40];
@@ -328,6 +328,58 @@
int num;
char *str;
+ printf("Doing cbcm\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ if ((j=des_key_sched((C_Block *)cbc2_key,ks2)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ if ((j=des_key_sched((C_Block *)cbc3_key,ks3)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ i=strlen((char *)cbc_data)+1;
+ /* i=((i+7)/8)*8; */
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ memset(iv2,'\0',sizeof iv2);
+
+ des_ede3_cbcm_encrypt(cbc_data,cbc_out,16L,ks,ks2,ks3,iv3,iv2,
+ DES_ENCRYPT);
+ des_ede3_cbcm_encrypt(&cbc_data[16],&cbc_out[16],i-16,ks,ks2,ks3,
+ iv3,iv2,DES_ENCRYPT);
+ /* if (memcmp(cbc_out,cbc3_ok,
+ (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
+ {
+ printf("des_ede3_cbc_encrypt encrypt error\n");
+ err=1;
+ }
+ */
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ memset(iv2,'\0',sizeof iv2);
+ des_ede3_cbcm_encrypt(cbc_out,cbc_in,i,ks,ks2,ks3,iv3,iv2,DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
+ {
+ int n;
+
+ printf("des_ede3_cbcm_encrypt decrypt error\n");
+ for(n=0 ; n < i ; ++n)
+ printf(" %02x",cbc_data[n]);
+ printf("\n");
+ for(n=0 ; n < i ; ++n)
+ printf(" %02x",cbc_in[n]);
+ printf("\n");
+ err=1;
+ }
+
+
printf("Doing ecb\n");
for (i=0; i<NUM_TESTS; i++)
{
diff --git a/crypto/des/ede_cbcm_enc.c b/crypto/des/ede_cbcm_enc.c
new file mode 100644
index 0000000..a40b1d6
--- /dev/null
+++ b/crypto/des/ede_cbcm_enc.c
@@ -0,0 +1,195 @@
+/* ede_cbcm_enc.c */
+/* Written by Ben Laurie <ben@algroup.co.uk> for the OpenSSL
+ * project 13 Feb 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+
+This is an implementation of Triple DES Cipher Block Chaining with Output
+Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
+
+*/
+
+#include "des_locl.h"
+
+void des_ede3_cbcm_encrypt(const unsigned char *input,unsigned char *output,
+ long length,
+ des_key_schedule ks1,des_key_schedule ks2,
+ des_key_schedule ks3,
+ des_cblock ivec1,des_cblock ivec2,
+ int enc)
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1,m0,m1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv1,*iv2;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv1=(unsigned char *)ivec1;
+ iv2=(unsigned char *)ivec2;
+
+ if (enc)
+ {
+ c2l(iv1,m0);
+ c2l(iv1,m1);
+ c2l(iv2,tout0);
+ c2l(iv2,tout1);
+ for (l-=8; l>=-7; l-=8)
+ {
+ tin[0]=m0;
+ tin[1]=m1;
+ des_encrypt(tin,ks3,1);
+ m0=tin[0];
+ m1=tin[1];
+
+ if(l < 0)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ }
+ else
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ }
+ tin0^=tout0;
+ tin1^=tout1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_encrypt(tin,ks1,1);
+ tin[0]^=m0;
+ tin[1]^=m1;
+ des_encrypt(tin,ks2,0);
+ tin[0]^=m0;
+ tin[1]^=m1;
+ des_encrypt(tin,ks1,1);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ iv1=(unsigned char *)ivec1;
+ l2c(m0,iv1);
+ l2c(m1,iv1);
+
+ iv2=(unsigned char *)ivec2;
+ l2c(tout0,iv2);
+ l2c(tout1,iv2);
+ }
+ else
+ {
+ register DES_LONG t0,t1;
+
+ c2l(iv1,m0);
+ c2l(iv1,m1);
+ c2l(iv2,xor0);
+ c2l(iv2,xor1);
+ for (l-=8; l>=-7; l-=8)
+ {
+ tin[0]=m0;
+ tin[1]=m1;
+ des_encrypt(tin,ks3,1);
+ m0=tin[0];
+ m1=tin[1];
+
+ c2l(in,tin0);
+ c2l(in,tin1);
+
+ t0=tin0;
+ t1=tin1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_encrypt(tin,ks1,0);
+ tin[0]^=m0;
+ tin[1]^=m1;
+ des_encrypt(tin,ks2,1);
+ tin[0]^=m0;
+ tin[1]^=m1;
+ des_encrypt(tin,ks1,0);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ tout0^=xor0;
+ tout1^=xor1;
+ if(l < 0)
+ {
+ l2cn(tout0,tout1,out,l+8);
+ }
+ else
+ {
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ xor0=t0;
+ xor1=t1;
+ }
+
+ iv1=(unsigned char *)ivec1;
+ l2c(m0,iv1);
+ l2c(m1,iv1);
+
+ iv2=(unsigned char *)ivec2;
+ l2c(xor0,iv2);
+ l2c(xor1,iv2);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
