1145516Sdarrenr/* $OpenBSD: des3.c,v 1.10 2021/12/13 16:56:49 deraadt Exp $ */ 2255332Scy 3145516Sdarrenr/* 4145516Sdarrenr * Copyright (c) 2002 Markus Friedl. All rights reserved. 5145516Sdarrenr * 6255332Scy * Redistribution and use in source and binary forms, with or without 7145516Sdarrenr * modification, are permitted provided that the following conditions 8145516Sdarrenr * are met: 9145516Sdarrenr * 1. Redistributions of source code must retain the above copyright 10145516Sdarrenr * notice, this list of conditions and the following disclaimer. 11145516Sdarrenr * 2. Redistributions in binary form must reproduce the above copyright 12145516Sdarrenr * notice, this list of conditions and the following disclaimer in the 13145516Sdarrenr * documentation and/or other materials provided with the distribution. 14255332Scy * 15255332Scy * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16255332Scy * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17255332Scy * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18255332Scy * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19255332Scy * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20145516Sdarrenr * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21145516Sdarrenr * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22145516Sdarrenr * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23145516Sdarrenr * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24145516Sdarrenr * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25145516Sdarrenr */ 26145516Sdarrenr 27145516Sdarrenr#include <openssl/des.h> 28145516Sdarrenr#include <err.h> 29145516Sdarrenr#include <fcntl.h> 30255332Scy#include <stdio.h> 31255332Scy#include <stdlib.h> 32145516Sdarrenr#include <string.h> 33145516Sdarrenr#include <unistd.h> 34145516Sdarrenr 35145516Sdarrenr/* Stubs */ 36145516Sdarrenr 37145516Sdarrenru_int32_t deflate_global(u_int8_t *, u_int32_t, int, u_int8_t **); 38145516Sdarrenr 39145516Sdarrenru_int32_t 40145516Sdarrenrdeflate_global(u_int8_t *data, u_int32_t size, int comp, u_int8_t **out) 41255332Scy{ 42255332Scy return 0; 43145516Sdarrenr} 44145516Sdarrenr 45145516Sdarrenrvoid explicit_bzero(void *, size_t); 46145516Sdarrenr 47145516Sdarrenrvoid 48145516Sdarrenrexplicit_bzero(void *b, size_t len) 49145516Sdarrenr{ 50145516Sdarrenr bzero(b, len); 51255332Scy} 52145516Sdarrenr 53145516Sdarrenr 54145516Sdarrenr/* Simulate CBC mode */ 55145516Sdarrenr 56145516Sdarrenrstatic int 57145516Sdarrenrdocrypt(const unsigned char *key, size_t klen, const unsigned char *iv0, 58145516Sdarrenr const unsigned char *in, unsigned char *out, size_t len, int encrypt) 59145516Sdarrenr{ 60145516Sdarrenr u_int8_t block[8], iv[8], iv2[8], *ivp = iv, *nivp; 61145516Sdarrenr u_int8_t ctx[384]; 62145516Sdarrenr int i, j, error = 0; 63145516Sdarrenr 64145516Sdarrenr memcpy(iv, iv0, 8); 65145516Sdarrenr memset(ctx, 0, sizeof(ctx)); 66145516Sdarrenr error = des3_setkey(ctx, key, klen); 67255332Scy if (error) 68255332Scy return -1; 69255332Scy for (i = 0; i < len / 8; i ++) { 70255332Scy bcopy(in, block, 8); 71255332Scy in += 8; 72145516Sdarrenr if (encrypt) { 73145516Sdarrenr for (j = 0; j < 8; j++) 74145516Sdarrenr block[j] ^= ivp[j]; 75145516Sdarrenr des3_encrypt(ctx, block); 76145516Sdarrenr memcpy(ivp, block, 8); 77145516Sdarrenr } else { 78145516Sdarrenr nivp = ivp == iv ? iv2 : iv; 79145516Sdarrenr memcpy(nivp, block, 8); 80145516Sdarrenr des3_decrypt(ctx, block); 81145516Sdarrenr for (j = 0; j < 8; j++) 82145516Sdarrenr block[j] ^= ivp[j]; 83145516Sdarrenr ivp = nivp; 84145516Sdarrenr } 85145516Sdarrenr bcopy(block, out, 8); 86145516Sdarrenr out += 8; 87145516Sdarrenr } 88145516Sdarrenr return 0; 89145516Sdarrenr} 90145516Sdarrenr 91145516Sdarrenrstatic int 92145516Sdarrenrmatch(unsigned char *a, unsigned char *b, size_t len) 93145516Sdarrenr{ 94145516Sdarrenr int i; 95145516Sdarrenr 96145516Sdarrenr if (memcmp(a, b, len) == 0) 97145516Sdarrenr return (1); 98145516Sdarrenr 99145516Sdarrenr warnx("decrypt/plaintext mismatch"); 100145516Sdarrenr 101145516Sdarrenr for (i = 0; i < len; i++) 102145516Sdarrenr printf("%2.2x", a[i]); 103145516Sdarrenr printf("\n"); 104145516Sdarrenr for (i = 0; i < len; i++) 105145516Sdarrenr printf("%2.2x", b[i]); 106145516Sdarrenr printf("\n"); 107145516Sdarrenr 108145516Sdarrenr return (0); 109145516Sdarrenr} 110145516Sdarrenr 111145516Sdarrenr#define SZ 16 112145516Sdarrenr 113145516Sdarrenrint 114145516Sdarrenrmain(int argc, char **argv) 115145516Sdarrenr{ 116145516Sdarrenr DES_key_schedule ks1, ks2, ks3; 117145516Sdarrenr unsigned char iv0[8], iv[8], key[24] = "012345670123456701234567"; 118145516Sdarrenr unsigned char b1[SZ], b2[SZ]; 119145516Sdarrenr int i, fail = 0; 120145516Sdarrenr u_int32_t rand = 0; 121145516Sdarrenr 122145516Sdarrenr /* setup data and iv */ 123145516Sdarrenr for (i = 0; i < sizeof(b1); i++ ) { 124145516Sdarrenr if (i % 4 == 0) 125145516Sdarrenr rand = arc4random(); 126145516Sdarrenr b1[i] = rand; 127145516Sdarrenr rand >>= 8; 128145516Sdarrenr } 129145516Sdarrenr for (i = 0; i < sizeof(iv0); i++ ) { 130145516Sdarrenr if (i % 4 == 0) 131145516Sdarrenr rand = arc4random(); 132145516Sdarrenr iv0[i] = rand; 133145516Sdarrenr rand >>= 8; 134145516Sdarrenr } 135145516Sdarrenr memset(b2, 0, sizeof(b2)); 136145516Sdarrenr 137145516Sdarrenr /* keysetup for software */ 138145516Sdarrenr DES_set_key((void *) key, &ks1); 139145516Sdarrenr DES_set_key((void *) (key+8), &ks2); 140145516Sdarrenr DES_set_key((void *) (key+16), &ks3); 141145516Sdarrenr 142145516Sdarrenr /* encrypt with software, decrypt with /dev/crypto */ 143145516Sdarrenr memcpy(iv, iv0, sizeof(iv0)); 144145516Sdarrenr DES_ede3_cbc_encrypt((void *)b1, (void*)b2, sizeof(b1), &ks1, &ks2, 145145516Sdarrenr &ks3, (void*)iv, DES_ENCRYPT); 146145516Sdarrenr memcpy(iv, iv0, sizeof(iv0)); 147145516Sdarrenr if (docrypt(key, sizeof(key), iv, b2, b2, sizeof(b1), 0) < 0) { 148145516Sdarrenr warnx("decryption failed"); 149255332Scy fail++; 150255332Scy } 151255332Scy if (!match(b1, b2, sizeof(b1))) 152145516Sdarrenr fail++; 153145516Sdarrenr else 154255332Scy printf("ok, decrypted\n"); 155145516Sdarrenr 156145516Sdarrenr /* encrypt with kernel functions, decrypt with openssl */ 157145516Sdarrenr memset(b2, 0, sizeof(b2)); 158145516Sdarrenr memcpy(iv, iv0, sizeof(iv0)); 159145516Sdarrenr if (docrypt(key, sizeof(key), iv, b1, b2, sizeof(b1), 1) < 0) { 160145516Sdarrenr warnx("encryption failed"); 161145516Sdarrenr fail++; 162145516Sdarrenr } 163145516Sdarrenr memcpy(iv, iv0, sizeof(iv0)); 164145516Sdarrenr DES_ede3_cbc_encrypt((void *)b2, (void*)b2, sizeof(b1), &ks1, &ks2, 165145516Sdarrenr &ks3, (void*)iv, DES_DECRYPT); 166145516Sdarrenr if (!match(b1, b2, sizeof(b1))) 167145516Sdarrenr fail++; 168145516Sdarrenr else 169145516Sdarrenr printf("ok, encrypted\n"); 170145516Sdarrenr 171145516Sdarrenr exit((fail > 0) ? 1 : 0); 172145516Sdarrenr} 173145516Sdarrenr