size_t-fy EVP_CIPHER. Note that being size_t-fied it doesn't require
[openssl.git] / crypto / evp / e_des3.c
index 13b396c..059ad77 100644 (file)
  * [including the GNU Public Licence.]
  */
 
-#ifndef OPENSSL_NO_DES
 #include <stdio.h>
 #include "cryptlib.h"
+#ifndef OPENSSL_NO_DES
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include "evp_locl.h"
 #include <openssl/des.h>
+#include <openssl/rand.h>
 
 static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                            const unsigned char *iv,int enc);
@@ -70,6 +71,8 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                             const unsigned char *iv,int enc);
 
+static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
+
 typedef struct
     {
     DES_key_schedule ks1;/* key schedule */
@@ -82,10 +85,11 @@ typedef struct
 /* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
 
 static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, unsigned int inl)
+                             const unsigned char *in, size_t inl)
 {
        BLOCK_CIPHER_ecb_loop()
-               DES_ecb3_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), 
+               DES_ecb3_encrypt((const_DES_cblock *)(in + i),
+                                (DES_cblock *)(out + i),
                                 &data(ctx)->ks1, &data(ctx)->ks2,
                                 &data(ctx)->ks3,
                                 ctx->encrypt);
@@ -93,16 +97,27 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 }
 
 static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, unsigned int inl)
+                             const unsigned char *in, size_t inl)
 {
-       DES_ede3_ofb64_encrypt(in, out, (long)inl,
+       if (inl>=EVP_MAXCHUNK)
+               {
+               DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
                               &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
                               (DES_cblock *)ctx->iv, &ctx->num);
+               inl-=EVP_MAXCHUNK;
+               in +=EVP_MAXCHUNK;
+               out+=EVP_MAXCHUNK;
+               }
+       if (inl)
+               DES_ede3_ofb64_encrypt(in, out, (long)inl,
+                               &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
+                               (DES_cblock *)ctx->iv, &ctx->num);
+
        return 1;
 }
 
 static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, unsigned int inl)
+                             const unsigned char *in, size_t inl)
 {
 #ifdef KSSL_DEBUG
        {
@@ -115,45 +130,121 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
        printf("\n");
        }
 #endif    /* KSSL_DEBUG */
-       DES_ede3_cbc_encrypt(in, out, (long)inl,
+       if (inl>=EVP_MAXCHUNK)
+               {
+               DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
                             &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
                             (DES_cblock *)ctx->iv, ctx->encrypt);
+               inl-=EVP_MAXCHUNK;
+               in +=EVP_MAXCHUNK;
+               out+=EVP_MAXCHUNK;
+               }
+       if (inl)
+               DES_ede3_cbc_encrypt(in, out, (long)inl,
+                            &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
+                             (DES_cblock *)ctx->iv, ctx->encrypt);
        return 1;
 }
 
-static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-                             const unsigned char *in, unsigned int inl)
+static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, size_t inl)
 {
-       DES_ede3_cfb64_encrypt(in, out, (long)inl, 
+       if (inl>=EVP_MAXCHUNK)
+               {
+               DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, 
                               &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
                               (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
+               inl-=EVP_MAXCHUNK;
+               in +=EVP_MAXCHUNK;
+               out+=EVP_MAXCHUNK;
+               }
+       if (inl)
+               DES_ede3_cfb64_encrypt(in, out, (long)inl,
+                              &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
+                               (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
        return 1;
 }
 
-BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8,
-                       0, des_ede_init_key, NULL, 
+/* Although we have a CFB-r implementation for 3-DES, it doesn't pack the right
+   way, so wrap it here */
+static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, size_t inl)
+    {
+    size_t n;
+    unsigned char c[1],d[1];
+
+    for(n=0 ; n < inl ; ++n)
+       {
+       c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
+       DES_ede3_cfb_encrypt(c,d,1,1,
+                            &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
+                            (DES_cblock *)ctx->iv,ctx->encrypt);
+       out[n/8]=(out[n/8]&~(0x80 >> (n%8)))|((d[0]&0x80) >> (n%8));
+       }
+
+    return 1;
+    }
+
+static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, size_t inl)
+    {
+    while (inl>=EVP_MAXCHUNK)
+       {
+       DES_ede3_cfb_encrypt(in,out,8,(long)EVP_MAXCHUNK,
+                        &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
+                        (DES_cblock *)ctx->iv,ctx->encrypt);
+       inl-=EVP_MAXCHUNK;
+       in +=EVP_MAXCHUNK;
+       out+=EVP_MAXCHUNK;
+       }
+    if (inl)
+       DES_ede3_cfb_encrypt(in,out,8,(long)inl,
+                       &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
+                       (DES_cblock *)ctx->iv,ctx->encrypt);
+    return 1;
+    }
+
+BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
+                       EVP_CIPH_RAND_KEY, des_ede_init_key, NULL, 
                        EVP_CIPHER_set_asn1_iv,
                        EVP_CIPHER_get_asn1_iv,
-                       NULL)
+                       des3_ctrl)
 
-#define des_ede3_cfb_cipher des_ede_cfb_cipher
+#define des_ede3_cfb64_cipher des_ede_cfb64_cipher
 #define des_ede3_ofb_cipher des_ede_ofb_cipher
 #define des_ede3_cbc_cipher des_ede_cbc_cipher
 #define des_ede3_ecb_cipher des_ede_ecb_cipher
 
-BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8,
-                       0, des_ede3_init_key, NULL, 
+BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
+                       EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL, 
                        EVP_CIPHER_set_asn1_iv,
                        EVP_CIPHER_get_asn1_iv,
-                       NULL)
+                       des3_ctrl)
+
+BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1,
+                    EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL,
+                    EVP_CIPHER_set_asn1_iv,
+                    EVP_CIPHER_get_asn1_iv,
+                    des3_ctrl)
+
+BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8,
+                    EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL,
+                    EVP_CIPHER_set_asn1_iv,
+                    EVP_CIPHER_get_asn1_iv,
+                    des3_ctrl)
 
 static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                            const unsigned char *iv, int enc)
        {
        DES_cblock *deskey = (DES_cblock *)key;
-
+#ifdef EVP_CHECK_DES_KEY
+       if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1)
+               !! DES_set_key_checked(&deskey[1],&data(ctx)->ks2))
+               return 0;
+#else
        DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
        DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
+#endif
        memcpy(&data(ctx)->ks3,&data(ctx)->ks1,
               sizeof(data(ctx)->ks1));
        return 1;
@@ -174,13 +265,41 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
        }
 #endif /* KSSL_DEBUG */
 
+#ifdef EVP_CHECK_DES_KEY
+       if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1)
+               || DES_set_key_checked(&deskey[1],&data(ctx)->ks2)
+               || DES_set_key_checked(&deskey[2],&data(ctx)->ks3))
+               return 0;
+#else
        DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1);
        DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2);
        DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3);
-
+#endif
        return 1;
        }
 
+static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+       {
+
+       DES_cblock *deskey = ptr;
+
+       switch(type)
+               {
+       case EVP_CTRL_RAND_KEY:
+               if (RAND_bytes(ptr, c->key_len) <= 0)
+                       return 0;
+               DES_set_odd_parity(deskey);
+               if (c->key_len >= 16)
+                       DES_set_odd_parity(deskey + 1);
+               if (c->key_len >= 24)
+                       DES_set_odd_parity(deskey + 2);
+               return 1;
+
+       default:
+               return -1;
+               }
+       }
+
 const EVP_CIPHER *EVP_des_ede(void)
 {
        return &des_ede_ecb;