1145516Sdarrenr/*      $OpenBSD: des3.c,v 1.10 2021/12/13 16:56:49 deraadt Exp $  */
2255332Scy
3145516Sdarrenr/*
4145516Sdarrenr * Copyright (c) 2002 Markus Friedl.  All rights reserved.
5145516Sdarrenr *
6255332Scy * Redistribution and use in source and binary forms, with or without
7145516Sdarrenr * modification, are permitted provided that the following conditions
8145516Sdarrenr * are met:
9145516Sdarrenr * 1. Redistributions of source code must retain the above copyright
10145516Sdarrenr *    notice, this list of conditions and the following disclaimer.
11145516Sdarrenr * 2. Redistributions in binary form must reproduce the above copyright
12145516Sdarrenr *    notice, this list of conditions and the following disclaimer in the
13145516Sdarrenr *    documentation and/or other materials provided with the distribution.
14255332Scy *
15255332Scy * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16255332Scy * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17255332Scy * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18255332Scy * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19255332Scy * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20145516Sdarrenr * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21145516Sdarrenr * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22145516Sdarrenr * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23145516Sdarrenr * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24145516Sdarrenr * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25145516Sdarrenr */
26145516Sdarrenr
27145516Sdarrenr#include <openssl/des.h>
28145516Sdarrenr#include <err.h>
29145516Sdarrenr#include <fcntl.h>
30255332Scy#include <stdio.h>
31255332Scy#include <stdlib.h>
32145516Sdarrenr#include <string.h>
33145516Sdarrenr#include <unistd.h>
34145516Sdarrenr
35145516Sdarrenr/* Stubs */
36145516Sdarrenr
37145516Sdarrenru_int32_t deflate_global(u_int8_t *, u_int32_t, int, u_int8_t **);
38145516Sdarrenr
39145516Sdarrenru_int32_t
40145516Sdarrenrdeflate_global(u_int8_t *data, u_int32_t size, int comp, u_int8_t **out)
41255332Scy{
42255332Scy	return 0;
43145516Sdarrenr}
44145516Sdarrenr
45145516Sdarrenrvoid	explicit_bzero(void *, size_t);
46145516Sdarrenr
47145516Sdarrenrvoid
48145516Sdarrenrexplicit_bzero(void *b, size_t len)
49145516Sdarrenr{
50145516Sdarrenr	bzero(b, len);
51255332Scy}
52145516Sdarrenr
53145516Sdarrenr
54145516Sdarrenr/* Simulate CBC mode */
55145516Sdarrenr
56145516Sdarrenrstatic int
57145516Sdarrenrdocrypt(const unsigned char *key, size_t klen, const unsigned char *iv0,
58145516Sdarrenr    const unsigned char *in, unsigned char *out, size_t len, int encrypt)
59145516Sdarrenr{
60145516Sdarrenr	u_int8_t block[8], iv[8], iv2[8], *ivp = iv, *nivp;
61145516Sdarrenr	u_int8_t ctx[384];
62145516Sdarrenr	int i, j, error = 0;
63145516Sdarrenr
64145516Sdarrenr	memcpy(iv, iv0, 8);
65145516Sdarrenr	memset(ctx, 0, sizeof(ctx));
66145516Sdarrenr	error = des3_setkey(ctx, key, klen);
67255332Scy	if (error)
68255332Scy		return -1;
69255332Scy	for (i = 0; i < len / 8; i ++) {
70255332Scy		bcopy(in, block, 8);
71255332Scy		in += 8;
72145516Sdarrenr		if (encrypt) {
73145516Sdarrenr			for (j = 0; j < 8; j++)
74145516Sdarrenr				block[j] ^= ivp[j];
75145516Sdarrenr			des3_encrypt(ctx, block);
76145516Sdarrenr			memcpy(ivp, block, 8);
77145516Sdarrenr		} else {
78145516Sdarrenr			nivp = ivp == iv ? iv2 : iv;
79145516Sdarrenr			memcpy(nivp, block, 8);
80145516Sdarrenr			des3_decrypt(ctx, block);
81145516Sdarrenr			for (j = 0; j < 8; j++)
82145516Sdarrenr				block[j] ^= ivp[j];
83145516Sdarrenr			ivp = nivp;
84145516Sdarrenr		}
85145516Sdarrenr		bcopy(block, out, 8);
86145516Sdarrenr		out += 8;
87145516Sdarrenr	}
88145516Sdarrenr	return 0;
89145516Sdarrenr}
90145516Sdarrenr
91145516Sdarrenrstatic int
92145516Sdarrenrmatch(unsigned char *a, unsigned char *b, size_t len)
93145516Sdarrenr{
94145516Sdarrenr	int i;
95145516Sdarrenr
96145516Sdarrenr	if (memcmp(a, b, len) == 0)
97145516Sdarrenr		return (1);
98145516Sdarrenr
99145516Sdarrenr	warnx("decrypt/plaintext mismatch");
100145516Sdarrenr
101145516Sdarrenr	for (i = 0; i < len; i++)
102145516Sdarrenr		printf("%2.2x", a[i]);
103145516Sdarrenr	printf("\n");
104145516Sdarrenr	for (i = 0; i < len; i++)
105145516Sdarrenr		printf("%2.2x", b[i]);
106145516Sdarrenr	printf("\n");
107145516Sdarrenr
108145516Sdarrenr	return (0);
109145516Sdarrenr}
110145516Sdarrenr
111145516Sdarrenr#define SZ 16
112145516Sdarrenr
113145516Sdarrenrint
114145516Sdarrenrmain(int argc, char **argv)
115145516Sdarrenr{
116145516Sdarrenr	DES_key_schedule ks1, ks2, ks3;
117145516Sdarrenr	unsigned char iv0[8], iv[8], key[24] = "012345670123456701234567";
118145516Sdarrenr	unsigned char b1[SZ], b2[SZ];
119145516Sdarrenr	int i, fail = 0;
120145516Sdarrenr	u_int32_t rand = 0;
121145516Sdarrenr
122145516Sdarrenr	/* setup data and iv */
123145516Sdarrenr	for (i = 0; i < sizeof(b1); i++ ) {
124145516Sdarrenr		if (i % 4 == 0)
125145516Sdarrenr                        rand = arc4random();
126145516Sdarrenr		b1[i] = rand;
127145516Sdarrenr		rand >>= 8;
128145516Sdarrenr	}
129145516Sdarrenr	for (i = 0; i < sizeof(iv0); i++ ) {
130145516Sdarrenr		if (i % 4 == 0)
131145516Sdarrenr                        rand = arc4random();
132145516Sdarrenr		iv0[i] = rand;
133145516Sdarrenr		rand >>= 8;
134145516Sdarrenr	}
135145516Sdarrenr	memset(b2, 0, sizeof(b2));
136145516Sdarrenr
137145516Sdarrenr	/* keysetup for software */
138145516Sdarrenr        DES_set_key((void *) key, &ks1);
139145516Sdarrenr        DES_set_key((void *) (key+8), &ks2);
140145516Sdarrenr        DES_set_key((void *) (key+16), &ks3);
141145516Sdarrenr
142145516Sdarrenr	/* encrypt with software, decrypt with /dev/crypto */
143145516Sdarrenr	memcpy(iv, iv0, sizeof(iv0));
144145516Sdarrenr        DES_ede3_cbc_encrypt((void *)b1, (void*)b2, sizeof(b1), &ks1, &ks2,
145145516Sdarrenr	    &ks3, (void*)iv, DES_ENCRYPT);
146145516Sdarrenr	memcpy(iv, iv0, sizeof(iv0));
147145516Sdarrenr	if (docrypt(key, sizeof(key), iv, b2, b2, sizeof(b1), 0) < 0) {
148145516Sdarrenr		warnx("decryption failed");
149255332Scy		fail++;
150255332Scy	}
151255332Scy	if (!match(b1, b2, sizeof(b1)))
152145516Sdarrenr		fail++;
153145516Sdarrenr	else
154255332Scy		printf("ok, decrypted\n");
155145516Sdarrenr
156145516Sdarrenr	/* encrypt with kernel functions, decrypt with openssl */
157145516Sdarrenr	memset(b2, 0, sizeof(b2));
158145516Sdarrenr	memcpy(iv, iv0, sizeof(iv0));
159145516Sdarrenr	if (docrypt(key, sizeof(key), iv, b1, b2, sizeof(b1), 1) < 0) {
160145516Sdarrenr		warnx("encryption failed");
161145516Sdarrenr		fail++;
162145516Sdarrenr	}
163145516Sdarrenr	memcpy(iv, iv0, sizeof(iv0));
164145516Sdarrenr        DES_ede3_cbc_encrypt((void *)b2, (void*)b2, sizeof(b1), &ks1, &ks2,
165145516Sdarrenr	    &ks3, (void*)iv, DES_DECRYPT);
166145516Sdarrenr	if (!match(b1, b2, sizeof(b1)))
167145516Sdarrenr		fail++;
168145516Sdarrenr	else
169145516Sdarrenr		printf("ok, encrypted\n");
170145516Sdarrenr
171145516Sdarrenr	exit((fail > 0) ? 1 : 0);
172145516Sdarrenr}
173145516Sdarrenr