cfb_enc.c 4.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150
  1. /*
  2. * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include "e_os.h"
  10. #include "des_locl.h"
  11. #include <assert.h>
  12. /*
  13. * The input and output are loaded in multiples of 8 bits. What this means is
  14. * that if you hame numbits=12 and length=2 the first 12 bits will be
  15. * retrieved from the first byte and half the second. The second 12 bits
  16. * will come from the 3rd and half the 4th byte.
  17. */
  18. /*
  19. * Until Aug 1 2003 this function did not correctly implement CFB-r, so it
  20. * will not be compatible with any encryption prior to that date. Ben.
  21. */
  22. void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
  23. long length, DES_key_schedule *schedule,
  24. DES_cblock *ivec, int enc)
  25. {
  26. register DES_LONG d0, d1, v0, v1;
  27. register unsigned long l = length;
  28. register int num = numbits / 8, n = (numbits + 7) / 8, i, rem =
  29. numbits % 8;
  30. DES_LONG ti[2];
  31. unsigned char *iv;
  32. #ifndef L_ENDIAN
  33. unsigned char ovec[16];
  34. #else
  35. unsigned int sh[4];
  36. unsigned char *ovec = (unsigned char *)sh;
  37. /* I kind of count that compiler optimizes away this assertion, */
  38. assert(sizeof(sh[0]) == 4); /* as this holds true for all, */
  39. /* but 16-bit platforms... */
  40. #endif
  41. if (numbits <= 0 || numbits > 64)
  42. return;
  43. iv = &(*ivec)[0];
  44. c2l(iv, v0);
  45. c2l(iv, v1);
  46. if (enc) {
  47. while (l >= (unsigned long)n) {
  48. l -= n;
  49. ti[0] = v0;
  50. ti[1] = v1;
  51. DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
  52. c2ln(in, d0, d1, n);
  53. in += n;
  54. d0 ^= ti[0];
  55. d1 ^= ti[1];
  56. l2cn(d0, d1, out, n);
  57. out += n;
  58. /*
  59. * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
  60. * gcc :-(
  61. */
  62. if (numbits == 32) {
  63. v0 = v1;
  64. v1 = d0;
  65. } else if (numbits == 64) {
  66. v0 = d0;
  67. v1 = d1;
  68. } else {
  69. #ifndef L_ENDIAN
  70. iv = &ovec[0];
  71. l2c(v0, iv);
  72. l2c(v1, iv);
  73. l2c(d0, iv);
  74. l2c(d1, iv);
  75. #else
  76. sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
  77. #endif
  78. if (rem == 0)
  79. memmove(ovec, ovec + num, 8);
  80. else
  81. for (i = 0; i < 8; ++i)
  82. ovec[i] = ovec[i + num] << rem |
  83. ovec[i + num + 1] >> (8 - rem);
  84. #ifdef L_ENDIAN
  85. v0 = sh[0], v1 = sh[1];
  86. #else
  87. iv = &ovec[0];
  88. c2l(iv, v0);
  89. c2l(iv, v1);
  90. #endif
  91. }
  92. }
  93. } else {
  94. while (l >= (unsigned long)n) {
  95. l -= n;
  96. ti[0] = v0;
  97. ti[1] = v1;
  98. DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
  99. c2ln(in, d0, d1, n);
  100. in += n;
  101. /*
  102. * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
  103. * gcc :-(
  104. */
  105. if (numbits == 32) {
  106. v0 = v1;
  107. v1 = d0;
  108. } else if (numbits == 64) {
  109. v0 = d0;
  110. v1 = d1;
  111. } else {
  112. #ifndef L_ENDIAN
  113. iv = &ovec[0];
  114. l2c(v0, iv);
  115. l2c(v1, iv);
  116. l2c(d0, iv);
  117. l2c(d1, iv);
  118. #else
  119. sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
  120. #endif
  121. if (rem == 0)
  122. memmove(ovec, ovec + num, 8);
  123. else
  124. for (i = 0; i < 8; ++i)
  125. ovec[i] = ovec[i + num] << rem |
  126. ovec[i + num + 1] >> (8 - rem);
  127. #ifdef L_ENDIAN
  128. v0 = sh[0], v1 = sh[1];
  129. #else
  130. iv = &ovec[0];
  131. c2l(iv, v0);
  132. c2l(iv, v1);
  133. #endif
  134. }
  135. d0 ^= ti[0];
  136. d1 ^= ti[1];
  137. l2cn(d0, d1, out, n);
  138. out += n;
  139. }
  140. }
  141. iv = &(*ivec)[0];
  142. l2c(v0, iv);
  143. l2c(v1, iv);
  144. v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
  145. }