openssl/crypto/evp/e_xcbc_d.c

/*
 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/*
 * DES low level APIs are deprecated for public use, but still ok for internal
 * use.
 */
#include "internal/deprecated.h"

#include <stdio.h>
#include "internal/cryptlib.h"

#ifndef OPENSSL_NO_DES

# include <openssl/evp.h>
# include <openssl/objects.h>
# include "crypto/evp.h"
# include <openssl/des.h>
# include "evp_local.h"

static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                             const unsigned char *iv, int enc);
static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                           const unsigned char *in, size_t inl);

typedef struct {
    DES_key_schedule ks;        /* key schedule */
    DES_cblock inw;
    DES_cblock outw;
} DESX_CBC_KEY;

# define data(ctx) EVP_C_DATA(DESX_CBC_KEY,ctx)

static const EVP_CIPHER d_xcbc_cipher = {
    NID_desx_cbc,
    8, 24, 8,
    EVP_CIPH_CBC_MODE,
    EVP_ORIG_GLOBAL,
    desx_cbc_init_key,
    desx_cbc_cipher,
    NULL,
    sizeof(DESX_CBC_KEY),
    EVP_CIPHER_set_asn1_iv,
    EVP_CIPHER_get_asn1_iv,
    NULL,
    NULL
};

const EVP_CIPHER *EVP_desx_cbc(void)
{
    return &d_xcbc_cipher;
}

static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                             const unsigned char *iv, int enc)
{
    DES_cblock *deskey = (DES_cblock *)key;

    DES_set_key_unchecked(deskey, &data(ctx)->ks);
    memcpy(&data(ctx)->inw[0], &key[8], 8);
    memcpy(&data(ctx)->outw[0], &key[16], 8);

    return 1;
}

static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                           const unsigned char *in, size_t inl)
{
    while (inl >= EVP_MAXCHUNK) {
        DES_xcbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks,
                         (DES_cblock *)ctx->iv,
                         &data(ctx)->inw, &data(ctx)->outw,
                         EVP_CIPHER_CTX_is_encrypting(ctx));
        inl -= EVP_MAXCHUNK;
        in += EVP_MAXCHUNK;
        out += EVP_MAXCHUNK;
    }
    if (inl)
        DES_xcbc_encrypt(in, out, (long)inl, &data(ctx)->ks,
                         (DES_cblock *)ctx->iv,
                         &data(ctx)->inw, &data(ctx)->outw,
                         EVP_CIPHER_CTX_is_encrypting(ctx));
    return 1;
}
#endif
Copyright consolidation 04/10 Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 02:24:46 +08:00			`/*`
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14986) 2021-04-22 21:38:44 +08:00			`* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.`
Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 18:52:47 +08:00			`*`
Following the license change, modify the boilerplates in crypto/evp/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7794) 2018-12-06 20:40:06 +08:00			`* Licensed under the Apache License 2.0 (the "License"). You may not use`
Copyright consolidation 04/10 Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 02:24:46 +08:00			`* this file except in compliance with the License. You can obtain a copy`
			`* in the file LICENSE in the source distribution or at`
			`* https://www.openssl.org/source/license.html`
Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 18:52:47 +08:00			`*/`

Deprecate the low level DES functions. Use of the low level DES functions has been informally discouraged for a long time. We now formally deprecate them. Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt functions. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10858) 2020-01-16 11:50:03 +08:00			`/*`
			`* DES low level APIs are deprecated for public use, but still ok for internal`
			`* use.`
			`*/`
			`#include "internal/deprecated.h"`

Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 18:52:47 +08:00			`#include <stdio.h>`
Identify and move common internal libcrypto header files There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and adapt the affected source code and Makefiles. The header files that got moved are: crypto/cryptolib.h crypto/md32_common.h Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-05-14 22:56:48 +08:00			`#include "internal/cryptlib.h"`
Make sure we get the definition of OPENSSL_NO_DES. 2003-03-21 07:29:38 +08:00
			`#ifndef OPENSSL_NO_DES`

Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`# include <openssl/evp.h>`
			`# include <openssl/objects.h>`
Reorganize private crypto header files Currently, there are two different directories which contain internal header files of libcrypto which are meant to be shared internally: While header files in 'include/internal' are intended to be shared between libcrypto and libssl, the files in 'crypto/include/internal' are intended to be shared inside libcrypto only. To make things complicated, the include search path is set up in such a way that the directive #include "internal/file.h" could refer to a file in either of these two directoroes. This makes it necessary in some cases to add a '_int.h' suffix to some files to resolve this ambiguity: #include "internal/file.h" # located in 'include/internal' #include "internal/file_int.h" # located in 'crypto/include/internal' This commit moves the private crypto headers from 'crypto/include/internal' to 'include/crypto' As a result, the include directives become unambiguous #include "internal/file.h" # located in 'include/internal' #include "crypto/file.h" # located in 'include/crypto' hence the superfluous '_int.h' suffixes can be stripped. The files 'store_int.h' and 'store.h' need to be treated specially; they are joined into a single file. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333) 2019-09-28 06:45:33 +08:00			`# include "crypto/evp.h"`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`# include <openssl/des.h>`
Use local IV storage in e_xcbc_d.c Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and EVP_CIPHER_CTX_iv_noconst() in e_xcbc_d.c. For the legacy implementations, there's no need to use an in-provider storage for the IV, when the crypto operations themselves will be performed outside of the provider. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233) 2020-07-03 05:12:33 +08:00			`# include "evp_local.h"`
Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 18:52:47 +08:00
EVP constification. 2000-06-03 22:13:58 +08:00			`static int desx_cbc_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`const unsigned char *iv, int enc);`
Second phase of EVP cipher overhaul. Change functions like EVP_EncryptUpdate() so they now return a value. These normally have software only implementations which cannot fail so this was acceptable. However ciphers can be implemented in hardware and these could return errors. 2000-05-27 20:38:43 +08:00			`static int desx_cbc_cipher(EVP_CIPHER_CTX ctx, unsigned char out,`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`const unsigned char *in, size_t inl);`
Really add the EVP and all of the DES changes. 2001-07-31 07:57:25 +08:00
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`typedef struct {`
			`DES_key_schedule ks; /* key schedule */`
Due to an increasing number of clashes between modern OpenSSL and libdes (which is still used out there) or other des implementations, the OpenSSL DES functions are renamed to begin with DES_ instead of des_. Compatibility routines are provided and declared by including openssl/des_old.h. Those declarations are the same as were in des.h when the OpenSSL project started, which is exactly how libdes looked at that time, and hopefully still looks today. The compatibility functions will be removed in some future release, at the latest in version 1.0. 2001-10-25 05:21:12 +08:00			`DES_cblock inw;`
			`DES_cblock outw;`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`} DESX_CBC_KEY;`
Really add the EVP and all of the DES changes. 2001-07-31 07:57:25 +08:00
Adapt builtin cipher implementations to opaque EVP_CIPHER They all stop including evp_locl.h, so we also take care of their adaptation to opaque EVP_CIPHER_CTX, as was promised in an earlier commit. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-12-19 00:01:28 +08:00			`# define data(ctx) EVP_C_DATA(DESX_CBC_KEY,ctx)`
Really add the EVP and all of the DES changes. 2001-07-31 07:57:25 +08:00
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`static const EVP_CIPHER d_xcbc_cipher = {`
			`NID_desx_cbc,`
			`8, 24, 8,`
			`EVP_CIPH_CBC_MODE,`
Add "origin" field to EVP_CIPHER, EVP_MD Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193) 2021-02-17 06:51:56 +08:00			`EVP_ORIG_GLOBAL,`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`desx_cbc_init_key,`
			`desx_cbc_cipher,`
			`NULL,`
			`sizeof(DESX_CBC_KEY),`
			`EVP_CIPHER_set_asn1_iv,`
			`EVP_CIPHER_get_asn1_iv,`
			`NULL,`
			`NULL`
			`};`
Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 18:52:47 +08:00
Change the EVP_somecipher() and EVP_somedigest() functions to return constant EVP_MD and EVP_CIPHER pointers. Update docs. 2001-03-09 10:51:02 +08:00			`const EVP_CIPHER *EVP_desx_cbc(void)`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`{`
Remove parentheses of return. Since return is inconsistent, I removed unnecessary parentheses and unified them. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4541) 2017-10-17 22:04:09 +08:00			`return &d_xcbc_cipher;`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`}`

EVP constification. 2000-06-03 22:13:58 +08:00			`static int desx_cbc_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`const unsigned char *iv, int enc)`
			`{`
			`DES_cblock deskey = (DES_cblock )key;`
Change type of various DES function arguments from des_cblock (meaning pointer to char) to des_cblock * (meaning pointer to array with 8 char elements), which allows the compiler to do more typechecking. (The changed argument types were of type des_cblock * back in SSLeay, and a lot of ugly casts were used then to turn them into pointers to elements; but it can be done without those casts.) Introduce new type const_des_cblock -- before, the pointers rather than the elements pointed to were declared const, and for some reason gcc did not complain about this (but some other compilers did). 1999-05-16 20:26:16 +08:00
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`DES_set_key_unchecked(deskey, &data(ctx)->ks);`
			`memcpy(&data(ctx)->inw[0], &key[8], 8);`
			`memcpy(&data(ctx)->outw[0], &key[16], 8);`
Third phase of EVP cipher overhaul. Remove duplicated code in EVP. 2000-05-28 20:44:46 +08:00
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`return 1;`
			`}`
Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 18:52:47 +08:00
Second phase of EVP cipher overhaul. Change functions like EVP_EncryptUpdate() so they now return a value. These normally have software only implementations which cannot fail so this was acceptable. However ciphers can be implemented in hardware and these could return errors. 2000-05-27 20:38:43 +08:00			`static int desx_cbc_cipher(EVP_CIPHER_CTX ctx, unsigned char out,`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`const unsigned char *in, size_t inl)`
			`{`
			`while (inl >= EVP_MAXCHUNK) {`
			`DES_xcbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks,`
Use local IV storage in e_xcbc_d.c Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and EVP_CIPHER_CTX_iv_noconst() in e_xcbc_d.c. For the legacy implementations, there's no need to use an in-provider storage for the IV, when the crypto operations themselves will be performed outside of the provider. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233) 2020-07-03 05:12:33 +08:00			`(DES_cblock *)ctx->iv,`
Adapt builtin cipher implementations to opaque EVP_CIPHER They all stop including evp_locl.h, so we also take care of their adaptation to opaque EVP_CIPHER_CTX, as was promised in an earlier commit. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-12-19 00:01:28 +08:00			`&data(ctx)->inw, &data(ctx)->outw,`
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405) 2021-05-21 22:58:08 +08:00			`EVP_CIPHER_CTX_is_encrypting(ctx));`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`inl -= EVP_MAXCHUNK;`
			`in += EVP_MAXCHUNK;`
			`out += EVP_MAXCHUNK;`
			`}`
			`if (inl)`
			`DES_xcbc_encrypt(in, out, (long)inl, &data(ctx)->ks,`
Use local IV storage in e_xcbc_d.c Inline the pre-13273237a65d46186b6bea0b51aec90670d4598a versions of EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and EVP_CIPHER_CTX_iv_noconst() in e_xcbc_d.c. For the legacy implementations, there's no need to use an in-provider storage for the IV, when the crypto operations themselves will be performed outside of the provider. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233) 2020-07-03 05:12:33 +08:00			`(DES_cblock *)ctx->iv,`
Adapt builtin cipher implementations to opaque EVP_CIPHER They all stop including evp_locl.h, so we also take care of their adaptation to opaque EVP_CIPHER_CTX, as was promised in an earlier commit. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-12-19 00:01:28 +08:00			`&data(ctx)->inw, &data(ctx)->outw,`
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405) 2021-05-21 22:58:08 +08:00			`EVP_CIPHER_CTX_is_encrypting(ctx));`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`return 1;`
			`}`
Message digest stuff. 1999-04-27 12:18:53 +08:00			`#endif`