case NID_des_ede_ofb64:
case NID_des_ede_cfb64:
case NID_desx_cbc:
+ case NID_des_cbc:
+ case NID_des_ecb:
+ case NID_des_cfb1:
+ case NID_des_cfb8:
+ case NID_des_cfb64:
+ case NID_des_ofb64:
case NID_id_smime_alg_CMS3DESwrap:
case NID_bf_cbc:
case NID_bf_ecb:
const DES_key_schedule ks[3], unsigned char iv[8]);
void des_t4_ede3_cbc_decrypt(const void *inp, void *out, size_t len,
const DES_key_schedule ks[3], unsigned char iv[8]);
+void des_t4_cbc_encrypt(const void *inp, void *out, size_t len,
+ const DES_key_schedule *ks, unsigned char iv[8]);
+void des_t4_cbc_decrypt(const void *inp, void *out, size_t len,
+ const DES_key_schedule *ks, unsigned char iv[8]);
# endif /* OPENSSL_NO_DES */
# elif defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
extern const OSSL_DISPATCH sm4128cfb128_functions[];
#endif /* OPENSSL_NO_SM4 */
+#ifndef OPENSSL_NO_DES
extern const OSSL_DISPATCH tdes_ede3_ecb_functions[];
extern const OSSL_DISPATCH tdes_ede3_cbc_functions[];
-
-#ifndef FIPS_MODE
+# ifndef FIPS_MODE
extern const OSSL_DISPATCH tdes_ede3_ofb_functions[];
extern const OSSL_DISPATCH tdes_ede3_cfb_functions[];
extern const OSSL_DISPATCH tdes_ede3_cfb8_functions[];
extern const OSSL_DISPATCH tdes_desx_cbc_functions[];
extern const OSSL_DISPATCH tdes_wrap_cbc_functions[];
-#endif /* FIPS_MODE */
+
+extern const OSSL_DISPATCH des_ecb_functions[];
+extern const OSSL_DISPATCH des_cbc_functions[];
+extern const OSSL_DISPATCH des_ofb64_functions[];
+extern const OSSL_DISPATCH des_cfb64_functions[];
+extern const OSSL_DISPATCH des_cfb1_functions[];
+extern const OSSL_DISPATCH des_cfb8_functions[];
+# endif /* FIPS_MODE */
+#endif /* OPENSSL_NO_DES */
/* MACs */
extern const OSSL_DISPATCH blake2bmac_functions[];
SOURCE[../../../libcrypto]=\
cipher_tdes_default.c cipher_tdes_default_hw.c \
cipher_tdes_wrap.c cipher_tdes_wrap_hw.c \
- cipher_desx.c cipher_desx_hw.c
+ cipher_desx.c cipher_desx_hw.c \
+ cipher_des.c cipher_des_hw.c
ENDIF
IF[{- !$disabled{aria} -}]
--- /dev/null
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "cipher_locl.h"
+#include "cipher_des.h"
+#include "internal/rand_int.h"
+#include "internal/provider_algs.h"
+#include "internal/providercommonerr.h"
+
+/* TODO(3.0) Figure out what flags need to be here */
+#define DES_FLAGS (EVP_CIPH_RAND_KEY)
+
+static OSSL_OP_cipher_freectx_fn des_freectx;
+static OSSL_OP_cipher_encrypt_init_fn des_einit;
+static OSSL_OP_cipher_decrypt_init_fn des_dinit;
+static OSSL_OP_cipher_get_ctx_params_fn des_get_ctx_params;
+static OSSL_OP_cipher_gettable_ctx_params_fn des_gettable_ctx_params;
+
+static void *des_newctx(void *provctx, size_t kbits, size_t blkbits,
+ size_t ivbits, unsigned int mode, uint64_t flags,
+ const PROV_CIPHER_HW *hw)
+{
+ PROV_DES_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
+
+ if (ctx != NULL)
+ cipher_generic_initkey(ctx, kbits, blkbits, ivbits, mode, flags, hw,
+ provctx);
+ return ctx;
+}
+
+static void des_freectx(void *vctx)
+{
+ PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
+
+ OPENSSL_clear_free(ctx, sizeof(*ctx));
+}
+
+static int des_init(void *vctx, const unsigned char *key, size_t keylen,
+ const unsigned char *iv, size_t ivlen, int enc)
+{
+ PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
+
+ ctx->enc = enc;
+
+ if (iv != NULL) {
+ if (ivlen != ctx->ivlen) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN);
+ return 0;
+ }
+ memcpy(ctx->iv, iv, ivlen);
+ }
+
+ if (key != NULL) {
+ if (keylen != ctx->keylen) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN);
+ return 0;
+ }
+ return ctx->hw->init(ctx, key, keylen);
+ }
+ return 1;
+}
+
+static int des_einit(void *vctx, const unsigned char *key, size_t keylen,
+ const unsigned char *iv, size_t ivlen)
+{
+ return des_init(vctx, key, keylen, iv, ivlen, 1);
+}
+
+static int des_dinit(void *vctx, const unsigned char *key, size_t keylen,
+ const unsigned char *iv, size_t ivlen)
+{
+ return des_init(vctx, key, keylen, iv, ivlen, 0);
+}
+
+static int des_generatekey(PROV_CIPHER_CTX *ctx, void *ptr)
+{
+
+ DES_cblock *deskey = ptr;
+ size_t kl = ctx->keylen;
+
+ if (kl == 0 || rand_priv_bytes_ex(ctx->libctx, ptr, kl) <= 0)
+ return 0;
+ DES_set_odd_parity(deskey);
+ return 1;
+}
+
+CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(des)
+ OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_RANDOM_KEY, NULL, 0),
+CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(des)
+
+static int des_get_ctx_params(void *vctx, OSSL_PARAM params[])
+{
+ PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx;
+ OSSL_PARAM *p;
+
+ if (!cipher_generic_get_ctx_params(vctx, params))
+ return 0;
+
+ p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RANDOM_KEY);
+ if (p != NULL && !des_generatekey(ctx, p->data)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GENERATE_KEY);
+ return 0;
+ }
+ return 1;
+}
+
+#define IMPLEMENT_des_cipher(type, lcmode, UCMODE, flags, \
+ kbits, blkbits, ivbits, block) \
+static OSSL_OP_cipher_newctx_fn type##_##lcmode##_newctx; \
+static void *des_##lcmode##_newctx(void *provctx) \
+{ \
+ return des_newctx(provctx, kbits, blkbits, ivbits, \
+ EVP_CIPH_##UCMODE##_MODE, flags, \
+ PROV_CIPHER_HW_des_##lcmode()); \
+} \
+static OSSL_OP_cipher_get_params_fn des_##lcmode##_get_params; \
+static int des_##lcmode##_get_params(OSSL_PARAM params[]) \
+{ \
+ return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \
+ kbits, blkbits, ivbits); \
+} \
+const OSSL_DISPATCH des_##lcmode##_functions[] = { \
+ { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))des_einit }, \
+ { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))des_dinit }, \
+ { OSSL_FUNC_CIPHER_UPDATE, \
+ (void (*)(void))cipher_generic_##block##_update }, \
+ { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##block##_final },\
+ { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \
+ { OSSL_FUNC_CIPHER_NEWCTX, \
+ (void (*)(void))des_##lcmode##_newctx }, \
+ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))des_freectx }, \
+ { OSSL_FUNC_CIPHER_GET_PARAMS, \
+ (void (*)(void))des_##lcmode##_get_params }, \
+ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
+ (void (*)(void))cipher_generic_gettable_params }, \
+ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))des_get_ctx_params }, \
+ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
+ (void (*)(void))des_gettable_ctx_params }, \
+ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
+ (void (*)(void))cipher_generic_set_ctx_params }, \
+ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
+ (void (*)(void))cipher_generic_settable_ctx_params }, \
+ { 0, NULL } \
+}
+
+/* des_ecb_functions */
+IMPLEMENT_des_cipher(des, ecb, ECB, DES_FLAGS, 64, 64, 0, block);
+/* des_cbc_functions */
+IMPLEMENT_des_cipher(des, cbc, CBC, DES_FLAGS, 64, 64, 64, block);
+/* des_ofb64_functions */
+IMPLEMENT_des_cipher(des, ofb64, OFB, DES_FLAGS, 64, 8, 64, stream);
+/* des_cfb64_functions */
+IMPLEMENT_des_cipher(des, cfb64, CFB, DES_FLAGS, 64, 8, 64, stream);
+/* des_cfb1_functions */
+IMPLEMENT_des_cipher(des, cfb1, CFB, DES_FLAGS, 64, 8, 64, stream);
+/* des_cfb8_functions */
+IMPLEMENT_des_cipher(des, cfb8, CFB, DES_FLAGS, 64, 8, 64, stream);
--- /dev/null
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/des.h>
+
+/* TODO(3.0) Figure out what flags need to be here */
+#define TDES_FLAGS (EVP_CIPH_RAND_KEY)
+
+typedef struct prov_des_ctx_st {
+ PROV_CIPHER_CTX base; /* Must be first */
+ union {
+ OSSL_UNION_ALIGN;
+ DES_key_schedule ks;
+ } dks;
+ union {
+ void (*cbc) (const void *, void *, size_t,
+ const DES_key_schedule *, unsigned char *);
+ } dstream;
+
+} PROV_DES_CTX;
+
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_cbc(void);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_ecb(void);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_ofb64(void);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_cfb64(void);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_cfb1(void);
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_cfb8(void);
--- /dev/null
+/*
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "internal/ciphers/ciphercommon.h"
+#include "cipher_des.h"
+
+static int cipher_hw_des_initkey(PROV_CIPHER_CTX *ctx,
+ const unsigned char *key, size_t keylen)
+{
+ PROV_DES_CTX *dctx = (PROV_DES_CTX *)ctx;
+ DES_cblock *deskey = (DES_cblock *)key;
+ DES_key_schedule *ks = &dctx->dks.ks;
+
+ dctx->dstream.cbc = NULL;
+#if defined(SPARC_DES_CAPABLE)
+ if (SPARC_DES_CAPABLE) {
+ if (ctx->mode == EVP_CIPH_CBC_MODE) {
+ des_t4_key_expand(&deskey[0], ks);
+ dctx->dstream.cbc = ctx->enc ? des_t4_cbc_encrypt :
+ des_t4_cbc_decrypt;
+ return 1;
+ }
+ }
+#endif
+ DES_set_key_unchecked(deskey, ks);
+ return 1;
+}
+
+static int cipher_hw_des_ecb_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ size_t i, bl = ctx->blocksize;
+ DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+
+ if (len < bl)
+ return 1;
+ for (i = 0, len -= bl; i <= len; i += bl)
+ DES_ecb_encrypt((const_DES_cblock *)(in + i),
+ (const_DES_cblock *)(out + i), key, ctx->enc);
+ return 1;
+}
+
+static int cipher_hw_des_cbc_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+
+ while (len >= MAXCHUNK) {
+ DES_ncbc_encrypt(in, out, MAXCHUNK, key, (DES_cblock *)ctx->iv,
+ ctx->enc);
+ len -= MAXCHUNK;
+ in += MAXCHUNK;
+ out += MAXCHUNK;
+ }
+ if (len > 0)
+ DES_ncbc_encrypt(in, out, (long)len, key, (DES_cblock *)ctx->iv,
+ ctx->enc);
+ return 1;
+}
+
+static int cipher_hw_des_ofb64_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ int num = ctx->num;
+ DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+
+ while (len >= MAXCHUNK) {
+ DES_ofb64_encrypt(in, out, MAXCHUNK, key, (DES_cblock *)ctx->iv, &num);
+ len -= MAXCHUNK;
+ in += MAXCHUNK;
+ out += MAXCHUNK;
+ }
+ if (len > 0) {
+ DES_ofb64_encrypt(in, out, (long)len, key, (DES_cblock *)ctx->iv, &num);
+ }
+ ctx->num = num;
+ return 1;
+}
+
+static int cipher_hw_des_cfb64_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ size_t chunk = MAXCHUNK;
+ DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+ int num = ctx->num;
+
+ if (len < chunk)
+ chunk = len;
+ while (len > 0 && len >= chunk) {
+ DES_cfb64_encrypt(in, out, (long)chunk, key, (DES_cblock *)ctx->iv,
+ &num, ctx->enc);
+ len -= chunk;
+ in += chunk;
+ out += chunk;
+ if (len < chunk)
+ chunk = len;
+ }
+ ctx->num = num;
+ return 1;
+}
+
+/*
+ * Although we have a CFB-r implementation for DES, it doesn't pack the right
+ * way, so wrap it here
+ */
+static int cipher_hw_des_cfb1_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
+{
+ size_t n, chunk = MAXCHUNK / 8;
+ DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+ unsigned char c[1], d[1];
+
+ if (inl < chunk)
+ chunk = inl;
+
+ while (inl && inl >= chunk) {
+ for (n = 0; n < chunk * 8; ++n) {
+ c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
+ DES_cfb_encrypt(c, d, 1, 1, key, (DES_cblock *)ctx->iv, ctx->enc);
+ out[n / 8] =
+ (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) |
+ ((d[0] & 0x80) >> (unsigned int)(n % 8));
+ }
+ inl -= chunk;
+ in += chunk;
+ out += chunk;
+ if (inl < chunk)
+ chunk = inl;
+ }
+
+ return 1;
+}
+
+static int cipher_hw_des_cfb8_cipher(PROV_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl)
+{
+ DES_key_schedule *key = &(((PROV_DES_CTX *)ctx)->dks.ks);
+
+ while (inl >= MAXCHUNK) {
+ DES_cfb_encrypt(in, out, 8, (long)MAXCHUNK, key,
+ (DES_cblock *)ctx->iv, ctx->enc);
+ inl -= MAXCHUNK;
+ in += MAXCHUNK;
+ out += MAXCHUNK;
+ }
+ if (inl > 0)
+ DES_cfb_encrypt(in, out, 8, (long)inl, key,
+ (DES_cblock *)ctx->iv, ctx->enc);
+ return 1;
+}
+
+#define PROV_CIPHER_HW_des_mode(mode) \
+static const PROV_CIPHER_HW des_##mode = { \
+ cipher_hw_des_initkey, \
+ cipher_hw_des_##mode##_cipher \
+}; \
+const PROV_CIPHER_HW *PROV_CIPHER_HW_des_##mode(void) \
+{ \
+ return &des_##mode; \
+}
+
+PROV_CIPHER_HW_des_mode(ecb)
+PROV_CIPHER_HW_des_mode(cbc)
+PROV_CIPHER_HW_des_mode(ofb64)
+PROV_CIPHER_HW_des_mode(cfb64)
+PROV_CIPHER_HW_des_mode(cfb1)
+PROV_CIPHER_HW_des_mode(cfb8)
{ "DES-EDE-CFB", "default=yes", tdes_ede2_cfb_functions },
{ "DESX-CBC", "default=yes", tdes_desx_cbc_functions },
{ "id-smime-alg-CMS3DESwrap", "default=yes", tdes_wrap_cbc_functions },
+ { "DES-ECB", "default=yes", des_ecb_functions },
+ { "DES-CBC", "default=yes", des_cbc_functions },
+ { "DES-OFB", "default=yes", des_ofb64_functions },
+ { "DES-CFB", "default=yes", des_cfb64_functions },
+ { "DES-CFB1", "default=yes", des_cfb1_functions },
+ { "DES-CFB8", "default=yes", des_cfb8_functions },
#endif /* OPENSSL_NO_DES */
#ifndef OPENSSL_NO_BF
{ "BF-ECB", "default=yes", blowfish128ecb_functions },
my @sm4files = qw( evpciph_sm4.txt );
push @defltfiles, @sm4files unless disabled("sm4");
+my @desfiles = qw( evpciph_des.txt );
+push @defltfiles, @desfiles unless disabled("des");
+
plan tests => (scalar(@configs) * scalar(@files)) + scalar(@defltfiles) + 1;
my $infile = bldtop_file('providers', platform->dso('fips'));
Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
-# DES ECB tests (from destest)
-
-Cipher = DES-ECB
-Availablein = default
-Key = 0000000000000000
-Plaintext = 0000000000000000
-Ciphertext = 8CA64DE9C1B123A7
-
-Cipher = DES-ECB
-Availablein = default
-Key = FFFFFFFFFFFFFFFF
-Plaintext = FFFFFFFFFFFFFFFF
-Ciphertext = 7359B2163E4EDC58
-
-Cipher = DES-ECB
-Availablein = default
-Key = 3000000000000000
-Plaintext = 1000000000000001
-Ciphertext = 958E6E627A05557B
-
-Cipher = DES-ECB
-Availablein = default
-Key = 1111111111111111
-Plaintext = 1111111111111111
-Ciphertext = F40379AB9E0EC533
-
-Cipher = DES-ECB
-Availablein = default
-Key = 0123456789ABCDEF
-Plaintext = 1111111111111111
-Ciphertext = 17668DFC7292532D
-
-Cipher = DES-ECB
-Availablein = default
-Key = 1111111111111111
-Plaintext = 0123456789ABCDEF
-Ciphertext = 8A5AE1F81AB8F2DD
-
-Cipher = DES-ECB
-Availablein = default
-Key = FEDCBA9876543210
-Plaintext = 0123456789ABCDEF
-Ciphertext = ED39D950FA74BCC4
-
Title = AES (from FIPS-197 test vectors)
Cipher = AES-128-ECB
--- /dev/null
+#
+# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+Title = DES ECB Tests (from destest)
+
+Cipher = DES-ECB
+Key = 0000000000000000
+Plaintext = 0000000000000000
+Ciphertext = 8CA64DE9C1B123A7
+
+Cipher = DES-ECB
+Key = FFFFFFFFFFFFFFFF
+Plaintext = FFFFFFFFFFFFFFFF
+Ciphertext = 7359B2163E4EDC58
+
+Cipher = DES-ECB
+Key = 3000000000000000
+Plaintext = 1000000000000001
+Ciphertext = 958E6E627A05557B
+
+Cipher = DES-ECB
+Key = 1111111111111111
+Plaintext = 1111111111111111
+Ciphertext = F40379AB9E0EC533
+
+Cipher = DES-ECB
+Key = 0123456789ABCDEF
+Plaintext = 1111111111111111
+Ciphertext = 17668DFC7292532D
+
+Cipher = DES-ECB
+Key = 1111111111111111
+Plaintext = 0123456789ABCDEF
+Ciphertext = 8A5AE1F81AB8F2DD
+
+Cipher = DES-ECB
+Key = FEDCBA9876543210
+Plaintext = 0123456789ABCDEF
+Ciphertext = ED39D950FA74BCC4
+
+Title = DES Tests (from FIPS PUB 81)
+
+Cipher = DES-CBC
+Key = 0123456789abcdef
+IV = 1234567890abcdef
+Plaintext = 4e6f772069732074
+Ciphertext = e5c7cdde872bf27c
+
+Cipher = DES-CFB8
+Key = 0123456789abcdef
+IV = 1234567890abcdef
+Plaintext = 4e6f7720697320746865
+Ciphertext = f31fda07011462ee187f
+
+Cipher = DES-CFB
+Key = 0123456789abcdef
+IV = 1234567890abcdef
+Plaintext = 4e6f77206973207468652074696d6520666f7220616c6c20
+Ciphertext = f3096249c7f46e51a69e839b1a92f78403467133898ea622