-/* Copyright (c) 1998,2011,2014 Apple Inc. All Rights Reserved.
- *
- * NOTICE: USE OF THE MATERIALS ACCOMPANYING THIS NOTICE IS SUBJECT
- * TO THE TERMS OF THE SIGNED "FAST ELLIPTIC ENCRYPTION (FEE) REFERENCE
- * SOURCE CODE EVALUATION AGREEMENT" BETWEEN APPLE, INC. AND THE
- * ORIGINAL LICENSEE THAT OBTAINED THESE MATERIALS FROM APPLE,
- * INC. ANY USE OF THESE MATERIALS NOT PERMITTED BY SUCH AGREEMENT WILL
- * EXPOSE YOU TO LIABILITY.
- ***************************************************************************
- *
- * FeeDES.c - generic, portable DES encryption object
- *
- * Revision History
- * ----------------
- * 10/06/98 ap
- * Changed to compile with C++.
- * 05 Jan 98 at Apple
- * Avoid a bcopy() on encrypt/decrypt of each block
- * 31 Mar 97 at Apple
- * New per-instance API for DES.c
- * 26 Aug 96 at NeXT
- * Created.
- */
-
-#include "ckconfig.h"
-
-#if CRYPTKIT_SYMMETRIC_ENABLE
-
-#include "feeDES.h"
-#include "feeTypes.h"
-#include "ckDES.h"
-#include "falloc.h"
-#include "feeDebug.h"
-#include "feeFunctions.h"
-#include "platform.h"
-#include <stdlib.h>
-
-#ifndef NULL
-#define NULL ((void *)0)
-#endif /* NULL */
-
-typedef struct {
- int blockMode; /* default = 0 */
- unsigned char lastBlock[DES_BLOCK_SIZE_BYTES]; /* for CBC */
- struct _desInst dinst;
-} fdesInst;
-
-static void feeDESInit(desInst dinst)
-{
- desinit(dinst, DES_MODE_STD); // detects redundant calls
-}
-
-/*
- * Alloc and init a feeDES object with specified initial state.
- * State must be at least 8 bytes; only 8 bytes are used, ignoring
- * MSB of each bytes.
- */
-feeDES feeDESNewWithState(const unsigned char *state,
- unsigned stateLen)
-{
- fdesInst *fdinst;
-
- if(stateLen < FEE_DES_MIN_STATE_SIZE) {
- return NULL;
- }
- fdinst = (fdesInst*) fmalloc(sizeof(fdesInst));
- bzero(fdinst, sizeof(fdesInst));
- feeDESInit(&fdinst->dinst);
- feeDESSetState((feeDES)fdinst, state, stateLen);
- return fdinst;
-}
-
-void feeDESFree(feeDES des)
-{
- memset(des, 0, sizeof(fdesInst));
- ffree(des);
-}
-
-/*
- * Set new initial state.
- */
-feeReturn feeDESSetState(feeDES des,
- const unsigned char *state,
- unsigned stateLen)
-{
- fdesInst *fdinst = (fdesInst*) des;
- char Key[DES_KEY_SIZE_BYTES_EXTERNAL];
- // 'key' causes problems with
- // some weird Unix header
- unsigned byte;
-
- if(stateLen < (DES_KEY_SIZE_BYTES_EXTERNAL)) {
- return FR_IllegalArg;
- }
- bzero(fdinst->lastBlock, DES_BLOCK_SIZE_BYTES);
- bcopy(state, Key, DES_KEY_SIZE_BYTES_EXTERNAL);
-
- /*
- * Set up parity bits
- */
- for(byte=0; byte<DES_KEY_SIZE_BYTES_EXTERNAL; byte++){
- int i;
- unsigned p;
-
- p = 0;
- for(i=0;i<7;i++) {
- if(Key[byte] & (1 << i)) {
- p++;
- }
- }
- if((p & 1) == 0) {
- Key[byte] |= 0x80;
- }
- else {
- Key[byte] &= ~0x80;
- }
- }
- dessetkey(&fdinst->dinst, Key);
- return FR_Success;
-}
-
-void feeDESSetBlockMode(feeDES des)
-{
- fdesInst *fdinst = (fdesInst*) des;
-
- fdinst->blockMode = 1;
-}
-
-void feeDESSetChainMode(feeDES des)
-{
- fdesInst *fdinst = (fdesInst*) des;
-
- fdinst->blockMode = 0;
-}
-
-unsigned feeDESPlainBlockSize(feeDES des)
-{
- return DES_BLOCK_SIZE_BYTES;
-}
-
-unsigned feeDESCipherBlockSize(feeDES des)
-{
- return DES_BLOCK_SIZE_BYTES;
-}
-
-unsigned feeDESCipherBufSize(feeDES des)
-{
- /*
- * Normally DES_BLOCK_SIZE, two blocks for finalBlock
- */
- return 2 * DES_BLOCK_SIZE_BYTES;
-}
-
-/*
-
- * Return the size of ciphertext to hold specified size of plaintext.
-
- */
-
-unsigned feeDESCipherTextSize(feeDES des, unsigned plainTextSize)
-
-{
-
- unsigned blocks = (plainTextSize + DES_BLOCK_SIZE_BYTES - 1) /
- DES_BLOCK_SIZE_BYTES;
-
- if((plainTextSize % DES_BLOCK_SIZE_BYTES) == 0) {
- /*
- * One more block for resid count
- */
- blocks++;
- }
-
- return blocks * DES_BLOCK_SIZE_BYTES;
-
-}
-
-
-/*
- * Key size in bits.
- */
-unsigned feeDESKeySize(feeDES des)
-{
- return DES_KEY_SIZE_BITS;
-}
-
-/*
- * Encrypt a block or less of data. Caller malloc's cipherText.
- */
-feeReturn feeDESEncryptBlock(feeDES des,
- const unsigned char *plainText,
- unsigned plainTextLen,
- unsigned char *cipherText,
- unsigned *cipherTextLen, // RETURNED
- int finalBlock)
-{
- fdesInst *fdinst = (fdesInst*) des;
- feeReturn frtn = FR_Success;
- unsigned cipherLen;
-
- if(plainTextLen > DES_BLOCK_SIZE_BYTES) {
- return FR_IllegalArg;
- }
- if(plainTextLen) {
- /*
- * We're called with plainTextLen = 0 and finalBlock
- * recursively to clean up last block.
- */
- bcopy(plainText, cipherText, plainTextLen);
- }
- if(plainTextLen < DES_BLOCK_SIZE_BYTES) {
- if(!finalBlock) {
- /*
- * odd-size block only legal last time thru
- */
- return FR_IllegalArg;
- }
-
- /*
- * Last block, final byte = residual length.
- */
- cipherText[DES_BLOCK_SIZE_BYTES - 1] = plainTextLen;
- }
-
- if(!fdinst->blockMode) {
- /*
- * CBC mode; chain in last cipher word
- */
- unsigned char *cp = cipherText;
- unsigned char *cp1 = fdinst->lastBlock;
- int i;
-
- for(i=0; i<DES_BLOCK_SIZE_BYTES; i++) {
- *cp++ ^= *cp1++;
- }
- }
- endes(&fdinst->dinst, (char *)cipherText); /* Encrypt block */
- if(!fdinst->blockMode){
- /*
- * Save outgoing ciphertext for chain
- */
- bcopy(cipherText, fdinst->lastBlock, DES_BLOCK_SIZE_BYTES);
- }
- cipherLen = DES_BLOCK_SIZE_BYTES;
-
- if(finalBlock) {
- if(plainTextLen == DES_BLOCK_SIZE_BYTES) {
- /*
- * Special case: finalBlock true, plainTextLen == blockSize.
- * In this case we generate one more block of ciphertext,
- * with a resid length of zero.
- */
- unsigned moreCipher; // additional cipherLen
-
- frtn = feeDESEncryptBlock(des,
- NULL, // plainText not used
- 0, // resid
- cipherText + DES_BLOCK_SIZE_BYTES, // append...
- &moreCipher,
- 1);
- if(frtn == FR_Success) {
- cipherLen += moreCipher;
- }
-
- }
- if(plainTextLen != 0) {
- /*
- * Reset internal state in prep for next encrypt/decrypt.
- * Note we avoid this in the recursive call (plainTextLen = 0).
- */
- bzero(fdinst->lastBlock, DES_BLOCK_SIZE_BYTES);
- }
- }
-
- if(frtn == FR_Success) {
- *cipherTextLen = cipherLen;
- }
- return frtn;
-}
-
-/*
- * Decrypt a block of data. Caller malloc's plainText. Always
- * generates DES_BLOCK_SIZE_BYTES bytes or less of plainText.
- */
-feeReturn feeDESDecryptBlock(feeDES des,
- const unsigned char *cipherText,
- unsigned cipherTextLen,
- unsigned char *plainText,
- unsigned *plainTextLen, // RETURNED
- int finalBlock)
-{
- fdesInst *fdinst = (fdesInst*) des;
- unsigned char work[DES_BLOCK_SIZE_BYTES];
- unsigned char ivtmp[DES_BLOCK_SIZE_BYTES];
-
- if(cipherTextLen != DES_BLOCK_SIZE_BYTES) {
- /*
- * We always generate ciphertext in multiples of block size.
- */
- return FR_IllegalArg;
- }
-
- bcopy(cipherText, work, DES_BLOCK_SIZE_BYTES);
- if(!fdinst->blockMode && !finalBlock) {
- /*
- * Save incoming ciphertext for chain
- */
- bcopy(cipherText, ivtmp, DES_BLOCK_SIZE_BYTES);
- }
- dedes(&fdinst->dinst, (char *)work);
- if(!fdinst->blockMode){
- /*
- * Unchain block using previous block's ciphertext;
- * save current ciphertext for next
- */
- char *cp = (char *)work;
- char *cp1 = (char*)fdinst->lastBlock;
- int i;
-
- for(i=0; i<DES_BLOCK_SIZE_BYTES; i++) {
- *cp++ ^= *cp1++;
- }
- if(!finalBlock) {
- bcopy(ivtmp, fdinst->lastBlock, DES_BLOCK_SIZE_BYTES);
- }
- }
- if(finalBlock) {
- /*
- * deal with residual block; its size is in last byte of
- * work[]
- */
- unsigned resid = work[DES_BLOCK_SIZE_BYTES-1];
-
- if(resid > (DES_BLOCK_SIZE_BYTES-1)) {
- return FR_BadCipherText;
- }
- if(resid > 0) {
- bcopy(work, plainText, resid);
- }
- *plainTextLen = resid;
-
- /*
- * Reset internal state in prep for next encrypt/decrypt.
- */
- bzero(fdinst->lastBlock, DES_BLOCK_SIZE_BYTES);
- }
- else {
- bcopy(work, plainText, DES_BLOCK_SIZE_BYTES);
- *plainTextLen = DES_BLOCK_SIZE_BYTES;
- }
- return FR_Success;
-}
-
-/*
- * Convenience routines to encrypt & decrypt multi-block data.
- */
-feeReturn feeDESEncrypt(feeDES des,
- const unsigned char *plainText,
- unsigned plainTextLen,
- unsigned char **cipherText, // malloc'd and RETURNED
- unsigned *cipherTextLen) // RETURNED
-{
- const unsigned char *ptext; // per block
- unsigned ptextLen; // total to go
- unsigned thisPtextLen; // per block
- unsigned ctextLen; // per block
- unsigned char *ctextResult; // to return
- unsigned char *ctextPtr;
- unsigned ctextLenTotal; // running total
- feeReturn frtn;
- int finalBlock;
- unsigned ctextMallocd;
-
- if(plainTextLen == 0) {
- dbgLog(("feeDESDecrypt: NULL plainText\n"));
- return FR_IllegalArg;
- }
-
- ptext = plainText;
- ptextLen = plainTextLen;
- ctextMallocd = feeDESCipherTextSize(des, plainTextLen);
- ctextResult = (unsigned char*) fmalloc(ctextMallocd);
- ctextPtr = ctextResult;
- ctextLenTotal = 0;
-
- while(1) {
- if(ptextLen <= DES_BLOCK_SIZE_BYTES) {
- finalBlock = 1;
- thisPtextLen = ptextLen;
- }
- else {
- finalBlock = 0;
- thisPtextLen = DES_BLOCK_SIZE_BYTES;
- }
- frtn = feeDESEncryptBlock(des,
- ptext,
- thisPtextLen,
- ctextPtr,
- &ctextLen,
- finalBlock);
- if(frtn) {
- dbgLog(("feeDESEncrypt: encrypt error: %s\n",
- feeReturnString(frtn)));
- break;
- }
- if(ctextLen == 0) {
- dbgLog(("feeDESEncrypt: null ciphertext\n"));
- frtn = FR_Internal;
- break;
- }
- ctextLenTotal += ctextLen;
- if(ctextLenTotal > (plainTextLen + DES_BLOCK_SIZE_BYTES)) {
- dbgLog(("feeDESEncrypt: ciphertext overflow\n"));
- frtn = FR_Internal;
- break;
- }
- if(finalBlock) {
- break;
- }
- ctextPtr += ctextLen;
- ptext += thisPtextLen;
- ptextLen -= thisPtextLen;
- }
- if(frtn) {
- ffree(ctextResult);
- *cipherText = NULL;
- *cipherTextLen = 0;
- }
- else {
- #if FEE_DEBUG
- if(ctextLenTotal != ctextMallocd) {
- dbgLog(("feeDESEncrypt: ctextLen error\n"));
- }
- #endif /* FEE_DEBUG */
- *cipherText = ctextResult;
- *cipherTextLen = ctextLenTotal;
- }
- return frtn;
-
-}
-
-feeReturn feeDESDecrypt(feeDES des,
- const unsigned char *cipherText,
- unsigned cipherTextLen,
- unsigned char **plainText, // malloc'd and RETURNED
- unsigned *plainTextLen) // RETURNED
-{
- const unsigned char *ctext;
- unsigned ctextLen; // total to go
- unsigned ptextLen; // per block
- unsigned char *ptextResult; // to return
- unsigned char *ptextPtr;
- unsigned ptextLenTotal; // running total
- feeReturn frtn = FR_Success;
- int finalBlock;
-
- if(cipherTextLen % DES_BLOCK_SIZE_BYTES) {
- dbgLog(("feeDESDecrypt: unaligned cipherText\n"));
- return FR_BadCipherText;
- }
- if(cipherTextLen == 0) {
- dbgLog(("feeDESDecrypt: NULL cipherText\n"));
- return FR_BadCipherText;
- }
-
- ctext = cipherText;
- ctextLen = cipherTextLen;
-
- /*
- * Plaintext length always <= cipherTextLen
- */
- ptextResult = (unsigned char*) fmalloc(cipherTextLen);
- ptextPtr = ptextResult;
- ptextLenTotal = 0;
-
- while(ctextLen) {
- if(ctextLen == DES_BLOCK_SIZE_BYTES) {
- finalBlock = 1;
- }
- else {
- finalBlock = 0;
- }
- frtn = feeDESDecryptBlock(des,
- ctext,
- DES_BLOCK_SIZE_BYTES,
- ptextPtr,
- &ptextLen,
- finalBlock);
- if(frtn) {
- dbgLog(("feeDESDecrypt decrypt: %s\n",
- feeReturnString(frtn)));
- break;
- }
- if(ptextLen == 0) {
- /*
- * Normal termination case for
- * plainTextLen % DES_BLOCK_SIZE_BYTES == 0
- */
- if(!finalBlock) {
- dbgLog(("feeDESDecrypt: decrypt sync"
- " error!\n"));
- frtn = FR_BadCipherText;
- break;
- }
- else {
- break;
- }
- }
- else {
- ptextPtr += ptextLen;
- ptextLenTotal += ptextLen;
- }
- ctext += DES_BLOCK_SIZE_BYTES;
- ctextLen -= DES_BLOCK_SIZE_BYTES;
- }
-
- if(frtn) {
- ffree(ptextResult);
- *plainText = NULL;
- *plainTextLen = 0;
- }
- else {
- *plainText = ptextResult;
- *plainTextLen = ptextLenTotal;
- }
- return frtn;
-}
-
-#endif /* CRYPTKIT_SYMMETRIC_ENABLE */
projects / apple / security.git / blobdiff