1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
|
/*
* Copyright (c) 1990 Dennis Ferguson. All rights reserved.
*
* Commercial use is permitted only if products which are derived from
* or include this software are made available for purchase and/or use
* in Canada. Otherwise, redistribution and use in source and binary
* forms are permitted.
*/
/*
* des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
*/
#include "des.h"
#include "f_tables.h"
/*
* des_cbc_encrypt - {en,de}crypt a stream in CBC mode
*/
int
des_cbc_encrypt(in, out, length, schedule, ivec, encrypt)
des_cblock *in;
des_cblock *out;
long length;
des_key_schedule schedule;
des_cblock ivec;
int encrypt;
{
register unsigned long left, right;
register unsigned long temp;
register u_int32 *kp;
register unsigned char *ip, *op;
/*
* Get key pointer here. This won't need to be reinitialized
*/
kp = (u_int32 *)schedule;
/*
* Deal with encryption and decryption separately.
*/
if (encrypt) {
/*
* Initialize left and right with the contents of the initial
* vector.
*/
ip = (unsigned char *)ivec;
GET_HALF_BLOCK(left, ip);
GET_HALF_BLOCK(right, ip);
/*
* Suitably initialized, now work the length down 8 bytes
* at a time.
*/
ip = (unsigned char *)in;
op = (unsigned char *)out;
while (length > 0) {
/*
* Get more input, xor it in. If the length is
* greater than or equal to 8 this is straight
* forward. Otherwise we have to fart around.
*/
if (length >= 8) {
left ^= ((*ip++) & 0xff) << 24;
left ^= ((*ip++) & 0xff) << 16;
left ^= ((*ip++) & 0xff) << 8;
left ^= (*ip++) & 0xff;
right ^= ((*ip++) & 0xff) << 24;
right ^= ((*ip++) & 0xff) << 16;
right ^= ((*ip++) & 0xff) << 8;
right ^= (*ip++) & 0xff;
length -= 8;
} else {
/*
* Oh, shoot. We need to pad the
* end with zeroes. Work backwards
* to do this.
*/
ip += (int) length;
switch(length) {
case 7:
right ^= (*(--ip) & 0xff) << 8;
case 6:
right ^= (*(--ip) & 0xff) << 16;
case 5:
right ^= (*(--ip) & 0xff) << 24;
case 4:
left ^= *(--ip) & 0xff;
case 3:
left ^= (*(--ip) & 0xff) << 8;
case 2:
left ^= (*(--ip) & 0xff) << 16;
case 1:
left ^= (*(--ip) & 0xff) << 24;
break;
}
length = 0;
}
/*
* Encrypt what we have
*/
DES_DO_ENCRYPT(left, right, temp, kp);
/*
* Copy the results out
*/
PUT_HALF_BLOCK(left, op);
PUT_HALF_BLOCK(right, op);
}
} else {
/*
* Decrypting is harder than encrypting because of
* the necessity of remembering a lot more things.
* Should think about this a little more...
*/
unsigned long ocipherl, ocipherr;
unsigned long cipherl, cipherr;
if (length <= 0)
return 0;
/*
* Prime the old cipher with ivec.
*/
ip = (unsigned char *)ivec;
GET_HALF_BLOCK(ocipherl, ip);
GET_HALF_BLOCK(ocipherr, ip);
/*
* Now do this in earnest until we run out of length.
*/
ip = (unsigned char *)in;
op = (unsigned char *)out;
for (;;) { /* check done inside loop */
/*
* Read a block from the input into left and
* right. Save this cipher block for later.
*/
GET_HALF_BLOCK(left, ip);
GET_HALF_BLOCK(right, ip);
cipherl = left;
cipherr = right;
/*
* Decrypt this.
*/
DES_DO_DECRYPT(left, right, temp, kp);
/*
* Xor with the old cipher to get plain
* text. Output 8 or less bytes of this.
*/
left ^= ocipherl;
right ^= ocipherr;
if (length > 8) {
length -= 8;
PUT_HALF_BLOCK(left, op);
PUT_HALF_BLOCK(right, op);
/*
* Save current cipher block here
*/
ocipherl = cipherl;
ocipherr = cipherr;
} else {
/*
* Trouble here. Start at end of output,
* work backwards.
*/
op += (int) length;
switch(length) {
case 8:
*(--op) = right & 0xff;
case 7:
*(--op) = (right >> 8) & 0xff;
case 6:
*(--op) = (right >> 16) & 0xff;
case 5:
*(--op) = (right >> 24) & 0xff;
case 4:
*(--op) = left & 0xff;
case 3:
*(--op) = (left >> 8) & 0xff;
case 2:
*(--op) = (left >> 16) & 0xff;
case 1:
*(--op) = (left >> 24) & 0xff;
break;
}
break; /* we're done */
}
}
}
/*
* Done, return nothing.
*/
return 0;
}
|
