X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fdes%2Fede_cbcm_enc.c;h=86f27d077aae754a96102988f296cb5ac79509ac;hp=81cba24411896d057c68104f0d2f1ff9b932b0eb;hb=67567b221bd06aca1719c926fadc5ce1a0452e9a;hpb=3ba5d1cf2eb6ef28ac5f6d9f3d28020d00c5be50 diff --git a/crypto/des/ede_cbcm_enc.c b/crypto/des/ede_cbcm_enc.c index 81cba24411..86f27d077a 100644 --- a/crypto/des/ede_cbcm_enc.c +++ b/crypto/des/ede_cbcm_enc.c @@ -1,6 +1,7 @@ /* ede_cbcm_enc.c */ -/* Written by Ben Laurie for the OpenSSL - * project 13 Feb 1999. +/* + * Written by Ben Laurie for the OpenSSL project 13 Feb + * 1999. */ /* ==================================================================== * Copyright (c) 1999 The OpenSSL Project. All rights reserved. @@ -10,7 +11,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -57,141 +58,132 @@ */ /* + * + * This is an implementation of Triple DES Cipher Block Chaining with Output + * Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom). + * + * Note that there is a known attack on this by Biham and Knudsen but it + * takes a lot of work: + * + * http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz + * + */ -This is an implementation of Triple DES Cipher Block Chaining with Output -Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom). - -Note that there is a known attack on this by Biham and Knudsen but it takes -a lot of work: - -http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz - -*/ +#include /* To see if OPENSSL_NO_DESCBCM is defined */ #ifndef OPENSSL_NO_DESCBCM -#include "des_locl.h" - -void des_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out, - long length, des_key_schedule *ks1, des_key_schedule *ks2, - des_key_schedule *ks3, des_cblock *ivec1, des_cblock *ivec2, - int enc) - { - register DES_LONG tin0,tin1; - register DES_LONG tout0,tout1,xor0,xor1,m0,m1; - register long l=length; +# include "des_locl.h" + +void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out, + long length, DES_key_schedule *ks1, + DES_key_schedule *ks2, DES_key_schedule *ks3, + DES_cblock *ivec1, DES_cblock *ivec2, int enc) +{ + register DES_LONG tin0, tin1; + register DES_LONG tout0, tout1, xor0, xor1, m0, m1; + register long l = length; DES_LONG tin[2]; - unsigned char *iv1,*iv2; + unsigned char *iv1, *iv2; iv1 = &(*ivec1)[0]; iv2 = &(*ivec2)[0]; - if (enc) - { - c2l(iv1,m0); - c2l(iv1,m1); - c2l(iv2,tout0); - c2l(iv2,tout1); - for (l-=8; l>=-7; l-=8) - { - tin[0]=m0; - tin[1]=m1; - des_encrypt1(tin,ks3,1); - m0=tin[0]; - m1=tin[1]; - - if(l < 0) - { - c2ln(in,tin0,tin1,l+8); - } - else - { - c2l(in,tin0); - c2l(in,tin1); - } - tin0^=tout0; - tin1^=tout1; - - tin[0]=tin0; - tin[1]=tin1; - des_encrypt1(tin,ks1,1); - tin[0]^=m0; - tin[1]^=m1; - des_encrypt1(tin,ks2,0); - tin[0]^=m0; - tin[1]^=m1; - des_encrypt1(tin,ks1,1); - tout0=tin[0]; - tout1=tin[1]; - - l2c(tout0,out); - l2c(tout1,out); - } - iv1=&(*ivec1)[0]; - l2c(m0,iv1); - l2c(m1,iv1); - - iv2=&(*ivec2)[0]; - l2c(tout0,iv2); - l2c(tout1,iv2); - } - else - { - register DES_LONG t0,t1; - - c2l(iv1,m0); - c2l(iv1,m1); - c2l(iv2,xor0); - c2l(iv2,xor1); - for (l-=8; l>=-7; l-=8) - { - tin[0]=m0; - tin[1]=m1; - des_encrypt1(tin,ks3,1); - m0=tin[0]; - m1=tin[1]; - - c2l(in,tin0); - c2l(in,tin1); - - t0=tin0; - t1=tin1; - - tin[0]=tin0; - tin[1]=tin1; - des_encrypt1(tin,ks1,0); - tin[0]^=m0; - tin[1]^=m1; - des_encrypt1(tin,ks2,1); - tin[0]^=m0; - tin[1]^=m1; - des_encrypt1(tin,ks1,0); - tout0=tin[0]; - tout1=tin[1]; - - tout0^=xor0; - tout1^=xor1; - if(l < 0) - { - l2cn(tout0,tout1,out,l+8); - } - else - { - l2c(tout0,out); - l2c(tout1,out); - } - xor0=t0; - xor1=t1; - } - - iv1=&(*ivec1)[0]; - l2c(m0,iv1); - l2c(m1,iv1); - - iv2=&(*ivec2)[0]; - l2c(xor0,iv2); - l2c(xor1,iv2); - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; + if (enc) { + c2l(iv1, m0); + c2l(iv1, m1); + c2l(iv2, tout0); + c2l(iv2, tout1); + for (l -= 8; l >= -7; l -= 8) { + tin[0] = m0; + tin[1] = m1; + DES_encrypt1(tin, ks3, 1); + m0 = tin[0]; + m1 = tin[1]; + + if (l < 0) { + c2ln(in, tin0, tin1, l + 8); + } else { + c2l(in, tin0); + c2l(in, tin1); + } + tin0 ^= tout0; + tin1 ^= tout1; + + tin[0] = tin0; + tin[1] = tin1; + DES_encrypt1(tin, ks1, 1); + tin[0] ^= m0; + tin[1] ^= m1; + DES_encrypt1(tin, ks2, 0); + tin[0] ^= m0; + tin[1] ^= m1; + DES_encrypt1(tin, ks1, 1); + tout0 = tin[0]; + tout1 = tin[1]; + + l2c(tout0, out); + l2c(tout1, out); + } + iv1 = &(*ivec1)[0]; + l2c(m0, iv1); + l2c(m1, iv1); + + iv2 = &(*ivec2)[0]; + l2c(tout0, iv2); + l2c(tout1, iv2); + } else { + register DES_LONG t0, t1; + + c2l(iv1, m0); + c2l(iv1, m1); + c2l(iv2, xor0); + c2l(iv2, xor1); + for (l -= 8; l >= -7; l -= 8) { + tin[0] = m0; + tin[1] = m1; + DES_encrypt1(tin, ks3, 1); + m0 = tin[0]; + m1 = tin[1]; + + c2l(in, tin0); + c2l(in, tin1); + + t0 = tin0; + t1 = tin1; + + tin[0] = tin0; + tin[1] = tin1; + DES_encrypt1(tin, ks1, 0); + tin[0] ^= m0; + tin[1] ^= m1; + DES_encrypt1(tin, ks2, 1); + tin[0] ^= m0; + tin[1] ^= m1; + DES_encrypt1(tin, ks1, 0); + tout0 = tin[0]; + tout1 = tin[1]; + + tout0 ^= xor0; + tout1 ^= xor1; + if (l < 0) { + l2cn(tout0, tout1, out, l + 8); + } else { + l2c(tout0, out); + l2c(tout1, out); + } + xor0 = t0; + xor1 = t1; + } + + iv1 = &(*ivec1)[0]; + l2c(m0, iv1); + l2c(m1, iv1); + + iv2 = &(*ivec2)[0]; + l2c(xor0, iv2); + l2c(xor1, iv2); } + tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; + tin[0] = tin[1] = 0; +} #endif