e_rc2.c revision 1.24 
1/* $OpenBSD: e_rc2.c,v 1.24 2023/11/18 10:46:58 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to.  The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 *    notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 *    notice, this list of conditions and the following disclaimer in the
30 *    documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 *    must display the following acknowledgement:
33 *    "This product includes cryptographic software written by
34 *     Eric Young (eay@cryptsoft.com)"
35 *    The word 'cryptographic' can be left out if the rouines from the library
36 *    being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 *    the apps directory (application code) you must include an acknowledgement:
39 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <limits.h>
60#include <stdio.h>
61
62#include <openssl/opensslconf.h>
63
64#ifndef OPENSSL_NO_RC2
65
66#include <openssl/err.h>
67#include <openssl/evp.h>
68#include <openssl/objects.h>
69#include <openssl/rc2.h>
70
71#include "evp_local.h"
72
73static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
74    const unsigned char *iv, int enc);
75static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
76static int rc2_magic_to_meth(int i);
77static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
78static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
79static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
80
81typedef struct {
82	int key_bits;	/* effective key bits */
83	RC2_KEY ks;	/* key schedule */
84} EVP_RC2_KEY;
85
86#define data(ctx)	((EVP_RC2_KEY *)(ctx)->cipher_data)
87
88static int
89rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
90{
91	size_t chunk = LONG_MAX & ~0xff;
92
93	while (inl >= chunk) {
94		RC2_cbc_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
95		inl -= chunk;
96		in += chunk;
97		out += chunk;
98	}
99
100	if (inl)
101		RC2_cbc_encrypt(in, out, (long)inl, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
102
103	return 1;
104}
105
106static int
107rc2_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
108{
109	size_t chunk = LONG_MAX & ~0xff;
110
111	if (inl < chunk)
112		chunk = inl;
113
114	while (inl && inl >= chunk) {
115		RC2_cfb64_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
116		inl -= chunk;
117		in += chunk;
118		out += chunk;
119		if (inl < chunk)
120			chunk = inl;
121	}
122
123	return 1;
124}
125
126static int
127rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
128{
129	size_t i, bl;
130
131	bl = ctx->cipher->block_size;
132
133	if (inl < bl)
134		return 1;
135
136	inl -= bl;
137
138	for (i = 0; i <= inl; i += bl)
139		RC2_ecb_encrypt(in + i, out + i, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->encrypt);
140
141	return 1;
142}
143
144static int
145rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
146{
147	size_t chunk = LONG_MAX & ~0xff;
148
149	while (inl >= chunk) {
150		RC2_ofb64_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
151		inl -= chunk;
152		in += chunk;
153		out += chunk;
154	}
155
156	if (inl)
157		RC2_ofb64_encrypt(in, out, (long)inl, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
158
159	return 1;
160}
161
162static const EVP_CIPHER rc2_cbc = {
163	.nid = NID_rc2_cbc,
164	.block_size = 8,
165	.key_len = RC2_KEY_LENGTH,
166	.iv_len = 8,
167	.flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_CBC_MODE,
168	.init = rc2_init_key,
169	.do_cipher = rc2_cbc_cipher,
170	.cleanup = NULL,
171	.ctx_size = sizeof(EVP_RC2_KEY),
172	.set_asn1_parameters = rc2_set_asn1_type_and_iv,
173	.get_asn1_parameters = rc2_get_asn1_type_and_iv,
174	.ctrl = rc2_ctrl,
175	.app_data = NULL,
176};
177
178const EVP_CIPHER *
179EVP_rc2_cbc(void)
180{
181	return &rc2_cbc;
182}
183
184static const EVP_CIPHER rc2_cfb64 = {
185	.nid = NID_rc2_cfb64,
186	.block_size = 1,
187	.key_len = RC2_KEY_LENGTH,
188	.iv_len = 8,
189	.flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_CFB_MODE,
190	.init = rc2_init_key,
191	.do_cipher = rc2_cfb64_cipher,
192	.cleanup = NULL,
193	.ctx_size = sizeof(EVP_RC2_KEY),
194	.set_asn1_parameters = rc2_set_asn1_type_and_iv,
195	.get_asn1_parameters = rc2_get_asn1_type_and_iv,
196	.ctrl = rc2_ctrl,
197	.app_data = NULL,
198};
199
200const EVP_CIPHER *
201EVP_rc2_cfb64(void)
202{
203	return &rc2_cfb64;
204}
205
206static const EVP_CIPHER rc2_ofb = {
207	.nid = NID_rc2_ofb64,
208	.block_size = 1,
209	.key_len = RC2_KEY_LENGTH,
210	.iv_len = 8,
211	.flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_OFB_MODE,
212	.init = rc2_init_key,
213	.do_cipher = rc2_ofb_cipher,
214	.cleanup = NULL,
215	.ctx_size = sizeof(EVP_RC2_KEY),
216	.set_asn1_parameters = rc2_set_asn1_type_and_iv,
217	.get_asn1_parameters = rc2_get_asn1_type_and_iv,
218	.ctrl = rc2_ctrl,
219	.app_data = NULL,
220};
221
222const EVP_CIPHER *
223EVP_rc2_ofb(void)
224{
225	return &rc2_ofb;
226}
227
228static const EVP_CIPHER rc2_ecb = {
229	.nid = NID_rc2_ecb,
230	.block_size = 8,
231	.key_len = RC2_KEY_LENGTH,
232	.iv_len = 0,
233	.flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_ECB_MODE,
234	.init = rc2_init_key,
235	.do_cipher = rc2_ecb_cipher,
236	.cleanup = NULL,
237	.ctx_size = sizeof(EVP_RC2_KEY),
238	.set_asn1_parameters = rc2_set_asn1_type_and_iv,
239	.get_asn1_parameters = rc2_get_asn1_type_and_iv,
240	.ctrl = rc2_ctrl,
241	.app_data = NULL,
242};
243
244const EVP_CIPHER *
245EVP_rc2_ecb(void)
246{
247	return &rc2_ecb;
248}
249
250#define RC2_40_MAGIC	0xa0
251#define RC2_64_MAGIC	0x78
252#define RC2_128_MAGIC	0x3a
253
254static const EVP_CIPHER r2_64_cbc_cipher = {
255	NID_rc2_64_cbc,
256	8, 8 /* 64 bit */, 8,
257	EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
258	rc2_init_key,
259	rc2_cbc_cipher,
260	NULL,
261	sizeof(EVP_RC2_KEY),
262	rc2_set_asn1_type_and_iv,
263	rc2_get_asn1_type_and_iv,
264	rc2_ctrl,
265	NULL
266};
267
268static const EVP_CIPHER r2_40_cbc_cipher = {
269	NID_rc2_40_cbc,
270	8, 5 /* 40 bit */, 8,
271	EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
272	rc2_init_key,
273	rc2_cbc_cipher,
274	NULL,
275	sizeof(EVP_RC2_KEY),
276	rc2_set_asn1_type_and_iv,
277	rc2_get_asn1_type_and_iv,
278	rc2_ctrl,
279	NULL
280};
281
282const EVP_CIPHER *
283EVP_rc2_64_cbc(void)
284{
285	return (&r2_64_cbc_cipher);
286}
287
288const EVP_CIPHER *
289EVP_rc2_40_cbc(void)
290{
291	return (&r2_40_cbc_cipher);
292}
293
294static int
295rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
296    const unsigned char *iv, int enc)
297{
298	RC2_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
299	    key, data(ctx)->key_bits);
300	return 1;
301}
302
303static int
304rc2_meth_to_magic(EVP_CIPHER_CTX *e)
305{
306	int i;
307
308	if (EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i) <= 0)
309		return (0);
310	if (i == 128)
311		return (RC2_128_MAGIC);
312	else if (i == 64)
313		return (RC2_64_MAGIC);
314	else if (i == 40)
315		return (RC2_40_MAGIC);
316	else
317		return (0);
318}
319
320static int
321rc2_magic_to_meth(int i)
322{
323	if (i == RC2_128_MAGIC)
324		return 128;
325	else if (i == RC2_64_MAGIC)
326		return 64;
327	else if (i == RC2_40_MAGIC)
328		return 40;
329	else {
330		EVPerror(EVP_R_UNSUPPORTED_KEY_SIZE);
331		return (0);
332	}
333}
334
335static int
336rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
337{
338	long num = 0;
339	int i = 0;
340	int key_bits;
341	int l;
342	unsigned char iv[EVP_MAX_IV_LENGTH];
343
344	if (type != NULL) {
345		l = EVP_CIPHER_CTX_iv_length(c);
346		if (l < 0 || l > sizeof(iv)) {
347			EVPerror(EVP_R_IV_TOO_LARGE);
348			return -1;
349		}
350		i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
351		if (i != l)
352			return (-1);
353		key_bits = rc2_magic_to_meth((int)num);
354		if (!key_bits)
355			return (-1);
356		if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
357			return -1;
358		if (EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS,
359		    key_bits, NULL) <= 0)
360			return -1;
361		if (!EVP_CIPHER_CTX_set_key_length(c, key_bits / 8))
362			return -1;
363	}
364	return (i);
365}
366
367static int
368rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
369{
370	long num;
371	int i = 0, j;
372
373	if (type != NULL) {
374		num = rc2_meth_to_magic(c);
375		j = EVP_CIPHER_CTX_iv_length(c);
376		if (j < 0 || j > sizeof(c->oiv))
377			return 0;
378		i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j);
379	}
380	return (i);
381}
382
383static int
384rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
385{
386	int iv_len;
387
388	switch (type) {
389	case EVP_CTRL_INIT:
390		data(c)->key_bits = 0;
391		/* XXX - upper bound? */
392		if ((iv_len = EVP_CIPHER_CTX_key_length(c)) < 0)
393			return -1;
394		data(c)->key_bits = iv_len * 8;
395		return 1;
396
397	case EVP_CTRL_GET_RC2_KEY_BITS:
398		*(int *)ptr = data(c)->key_bits;
399		return 1;
400
401	case EVP_CTRL_SET_RC2_KEY_BITS:
402		if (arg > 0) {
403			data(c)->key_bits = arg;
404			return 1;
405		}
406		return 0;
407
408#ifdef PBE_PRF_TEST
409	case EVP_CTRL_PBE_PRF_NID:
410		*(int *)ptr = NID_hmacWithMD5;
411		return 1;
412#endif
413
414	default:
415		return -1;
416	}
417}
418
419#endif
420