summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormarkm <markm@FreeBSD.org>1996-07-29 17:54:40 +0000
committermarkm <markm@FreeBSD.org>1996-07-29 17:54:40 +0000
commit9b57620710eb8677622acdaca23dd45010404927 (patch)
tree2d136cb35955c7f4632ea93831136151d882923e
parent5313ba6bbed76bbe085937a5a042d87f2a5e601f (diff)
downloadFreeBSD-src-9b57620710eb8677622acdaca23dd45010404927.zip
FreeBSD-src-9b57620710eb8677622acdaca23dd45010404927.tar.gz
Rats. Just when a piece of code is nice and stable, the author has to
release an upgrade.
-rw-r--r--secure/lib/libdes/Makefile.ssl2
-rw-r--r--secure/lib/libdes/VERSION12
-rw-r--r--secure/lib/libdes/cfb64ede.c2
-rw-r--r--secure/lib/libdes/cfb64enc.c2
-rw-r--r--secure/lib/libdes/des.doc14
-rw-r--r--secure/lib/libdes/des.h5
-rw-r--r--secure/lib/libdes/destest.c35
-rw-r--r--secure/lib/libdes/ecb_enc.c2
-rw-r--r--secure/lib/libdes/new_rkey.c3
-rw-r--r--secure/lib/libdes/ofb64ede.c4
-rw-r--r--secure/lib/libdes/ofb64enc.c4
-rw-r--r--secure/lib/libdes/read_pwd.c2
-rw-r--r--secure/lib/libdes/xcbc_enc.c132
13 files changed, 208 insertions, 11 deletions
diff --git a/secure/lib/libdes/Makefile.ssl b/secure/lib/libdes/Makefile.ssl
index d0546c6..81fb3ca 100644
--- a/secure/lib/libdes/Makefile.ssl
+++ b/secure/lib/libdes/Makefile.ssl
@@ -23,12 +23,14 @@ LIBSRC= cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \
ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c \
fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c \
qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c \
+ xcbc_enc.c \
str2key.c cfb64ede.c ofb64ede.c supp.c
LIBOBJ= set_key.o ecb_enc.o ede_enc.o cbc_enc.o cbc3_enc.o \
ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o \
enc_read.o enc_writ.o fcrypt.o ncbc_enc.o ofb64enc.o \
ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o \
+ xcbc_enc.o \
read_pwd.o rpc_enc.o cbc_cksm.o supp.o
SRC= $(LIBSRC)
diff --git a/secure/lib/libdes/VERSION b/secure/lib/libdes/VERSION
index 864eda3..5485bd2 100644
--- a/secure/lib/libdes/VERSION
+++ b/secure/lib/libdes/VERSION
@@ -1,7 +1,15 @@
-Version 3.24 20/04/95
+Version 3.25 17/07/96
+ des_init_random_number_generator() shortened due to VMS linker
+ limits.
+ Added RSA's DESX cbc mode. It is a form of cbc encryption, with 2
+ 8 byte quantites xored before and after encryption.
+ des_xcbc_encryption() - the name is funny to preserve the des_
+ prefix on all functions.
+
+Version 3.24 20/04/96
The DES_PTR macro option checked and used by SSLeay configuration
-Version 3.23 11/04/95
+Version 3.23 11/04/96
Added DES_LONG. If defined to 'unsigned int' on the DEC Alpha,
it gives a %20 speedup :-)
Fixed the problem with des.pl under perl5. The patches were
diff --git a/secure/lib/libdes/cfb64ede.c b/secure/lib/libdes/cfb64ede.c
index f56c87c..bfba24a 100644
--- a/secure/lib/libdes/cfb64ede.c
+++ b/secure/lib/libdes/cfb64ede.c
@@ -63,7 +63,7 @@ int encrypt;
{
register DES_LONG v0,v1;
register long l=length;
- register int n=*num;
+ register int n= *num;
DES_LONG ti[2];
unsigned char *iv,c,cc;
diff --git a/secure/lib/libdes/cfb64enc.c b/secure/lib/libdes/cfb64enc.c
index 60c8511..0f1e780 100644
--- a/secure/lib/libdes/cfb64enc.c
+++ b/secure/lib/libdes/cfb64enc.c
@@ -63,7 +63,7 @@ int encrypt;
{
register DES_LONG v0,v1;
register long l=length;
- register int n=*num;
+ register int n= *num;
DES_LONG ti[2];
unsigned char *iv,c,cc;
diff --git a/secure/lib/libdes/des.doc b/secure/lib/libdes/des.doc
index ec3a4c1..e83907e 100644
--- a/secure/lib/libdes/des.doc
+++ b/secure/lib/libdes/des.doc
@@ -146,6 +146,20 @@ int enc);
des_cbc_encrypt accept that ivec is updates with the correct value
to pass in subsequent calls to des_ncbc_encrypt(). I advise using
des_ncbc_encrypt() instead of des_cbc_encrypt();
+
+void des_xcbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule sk,
+des_cblock *ivec,
+des_cblock *inw,
+des_cblock *outw,
+int enc);
+ This is RSA's DESX mode of DES. It uses inw and outw to
+ 'whiten' the encryption. inw and outw are secret (unlike the iv)
+ and are as such, part of the key. So the key is sort of 24 bytes.
+ This is much better than cbc des.
void des_3cbc_encrypt(
des_cblock *input,
diff --git a/secure/lib/libdes/des.h b/secure/lib/libdes/des.h
index f0615f1..0315418 100644
--- a/secure/lib/libdes/des.h
+++ b/secure/lib/libdes/des.h
@@ -110,6 +110,7 @@ typedef struct des_ks_struct
#define ecb_encrypt des_ecb_encrypt
#define cbc_encrypt des_cbc_encrypt
#define ncbc_encrypt des_ncbc_encrypt
+#define xcbc_encrypt des_xcbc_encrypt
#define cbc_cksum des_cbc_cksum
#define quad_cksum des_quad_cksum
@@ -138,6 +139,9 @@ void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
des_key_schedule schedule,des_cblock *ivec,int enc);
void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,
+ des_cblock *inw,des_cblock *outw,int enc);
void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
des_key_schedule sk1,des_key_schedule sk2,
des_cblock *ivec1,des_cblock *ivec2,int enc);
@@ -213,6 +217,7 @@ void des_ecb3_encrypt();
DES_LONG des_cbc_cksum();
void des_cbc_encrypt();
void des_ncbc_encrypt();
+void des_xcbc_encrypt();
void des_3cbc_encrypt();
void des_cfb_encrypt();
void des_ede3_cfb64_encrypt();
diff --git a/secure/lib/libdes/destest.c b/secure/lib/libdes/destest.c
index 9b04a5d..b3cc23e 100644
--- a/secure/lib/libdes/destest.c
+++ b/secure/lib/libdes/destest.c
@@ -219,6 +219,13 @@ static unsigned char cbc_ok[32]={
0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68,
0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+static unsigned char xcbc_ok[32]={
+ 0x86,0x74,0x81,0x0D,0x61,0xA4,0xA5,0x48,
+ 0xB9,0x93,0x03,0xE1,0xB8,0xBB,0xBD,0xBD,
+ 0x64,0x30,0x0B,0xB9,0x06,0x65,0x81,0x76,
+ 0x04,0x1D,0x77,0x62,0x17,0xCA,0x2B,0xD2,
+ };
+
static unsigned char cbc3_ok[32]={
0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0,
0x22,0x13,0x76,0x3C,0x1C,0xBD,0x4C,0xDC,
@@ -389,6 +396,34 @@ char *argv[];
err=1;
}
+ printf("Doing desx cbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_xcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,
+ (C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_ENCRYPT);
+ if (memcmp(cbc_out,xcbc_ok,32) != 0)
+ {
+ printf("des_xcbc_encrypt encrypt error\n");
+ }
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_xcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,
+ (C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,32) != 0)
+ {
+ printf("des_xcbc_encrypt decrypt error\n");
+ err=1;
+ }
+
printf("Doing ede cbc\n");
if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
{
diff --git a/secure/lib/libdes/ecb_enc.c b/secure/lib/libdes/ecb_enc.c
index a39c6ed..2085770 100644
--- a/secure/lib/libdes/ecb_enc.c
+++ b/secure/lib/libdes/ecb_enc.c
@@ -49,7 +49,7 @@
#include "spr.h"
char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay";
-char *DES_version="DES part of SSLeay 0.6.1 12-Jul-1996";
+char *DES_version="DES part of SSLeay 0.6.2 24-Jul-1996";
char *des_options()
{
diff --git a/secure/lib/libdes/new_rkey.c b/secure/lib/libdes/new_rkey.c
index cfad517..08153b4 100644
--- a/secure/lib/libdes/new_rkey.c
+++ b/secure/lib/libdes/new_rkey.c
@@ -160,8 +160,9 @@ des_new_random_key(new_key)
* to a truly nasty sequence using system
* supplied volatile variables.
*/
+/* Name shortened for VMS - there is a macro for the old name */
void
-des_init_random_number_generator(key)
+des_init_random_num_generator(key)
des_cblock *key;
{
/* 64-bit structures */
diff --git a/secure/lib/libdes/ofb64ede.c b/secure/lib/libdes/ofb64ede.c
index 8923b5f..2bcb0d8 100644
--- a/secure/lib/libdes/ofb64ede.c
+++ b/secure/lib/libdes/ofb64ede.c
@@ -60,7 +60,7 @@ des_cblock (*ivec);
int *num;
{
register DES_LONG v0,v1;
- register int n=*num;
+ register int n= *num;
register long l=length;
des_cblock d;
register char *dp;
@@ -97,7 +97,7 @@ int *num;
l2c(v1,dp);
save++;
}
- *(out++)=*(in++)^d[n];
+ *(out++)= *(in++)^d[n];
n=(n+1)&0x07;
}
if (save)
diff --git a/secure/lib/libdes/ofb64enc.c b/secure/lib/libdes/ofb64enc.c
index bb4937a..d3fa6c5 100644
--- a/secure/lib/libdes/ofb64enc.c
+++ b/secure/lib/libdes/ofb64enc.c
@@ -60,7 +60,7 @@ des_cblock (*ivec);
int *num;
{
register DES_LONG v0,v1,t;
- register int n=*num;
+ register int n= *num;
register long l=length;
des_cblock d;
register char *dp;
@@ -86,7 +86,7 @@ int *num;
t=ti[1]; l2c(t,dp);
save++;
}
- *(out++)=*(in++)^d[n];
+ *(out++)= *(in++)^d[n];
n=(n+1)&0x07;
}
if (save)
diff --git a/secure/lib/libdes/read_pwd.c b/secure/lib/libdes/read_pwd.c
index 275f732..47cb95f 100644
--- a/secure/lib/libdes/read_pwd.c
+++ b/secure/lib/libdes/read_pwd.c
@@ -105,7 +105,7 @@
#define TTY_set(tty,data) ioctl(tty,TIOCSETP,data)
#endif
-#if !defined(_LIBC) && !defined(MSDOS)
+#if !defined(_LIBC) && !defined(MSDOS) && !defined(VMS)
#include <sys/ioctl.h>
#endif
diff --git a/secure/lib/libdes/xcbc_enc.c b/secure/lib/libdes/xcbc_enc.c
new file mode 100644
index 0000000..98bf631
--- /dev/null
+++ b/secure/lib/libdes/xcbc_enc.c
@@ -0,0 +1,132 @@
+/* crypto/des/xcbc_enc.c */
+/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ *
+ * This file is part of an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL
+ * specification. This library and applications are
+ * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
+ * as long as the following conditions are aheared to.
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed. If this code is used in a product,
+ * Eric Young should be given attribution as the author of the parts used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Eric Young (eay@mincom.oz.au)
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* RSA's DESX */
+void des_xcbc_encrypt(input, output, length, schedule, ivec, inw,outw,encrypt)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+des_cblock (*inw);
+des_cblock (*outw);
+int encrypt;
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register DES_LONG inW0,inW1,outW0,outW1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)inw;
+ c2l(in,inW0);
+ c2l(in,inW1);
+ in=(unsigned char *)outw;
+ c2l(in,outW0);
+ c2l(in,outW1);
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (encrypt)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (; l>0; l-=8)
+ {
+ if (l >= 8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ }
+ else
+ c2ln(in,tin0,tin1,l);
+ tin0^=tout0^inW0; tin[0]=tin0;
+ tin1^=tout1^inW1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]^outW0; l2c(tout0,out);
+ tout1=tin[1]^outW1; l2c(tout1,out);
+ }
+ iv=(unsigned char *)ivec;
+ l2c(tout0,iv);
+ l2c(tout1,iv);
+ }
+ else
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (; l>0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0^outW0;
+ c2l(in,tin1); tin[1]=tin1^outW1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0^inW0;
+ tout1=tin[1]^xor1^inW1;
+ if (l >= 8)
+ {
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ else
+ l2cn(tout0,tout1,out,l);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ iv=(unsigned char *)ivec;
+ l2c(xor0,iv);
+ l2c(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ inW0=inW1=outW0=outW1=0;
+ tin[0]=tin[1]=0;
+ }
+
OpenPOWER on IntegriCloud