2 * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
5 * For copying and distribution information, please see the file
8 * These routines perform encryption and decryption using the DES
9 * private key algorithm, or else a subset of it -- fewer inner loops.
10 * (AUTH_DES_ITER defaults to 16, may be less.)
12 * Under U.S. law, this software may not be exported outside the US
13 * without license from the U.S. Commerce department.
15 * These routines form the library interface to the DES facilities.
17 * Originally written 8/85 by Steve Miller, MIT Project Athena.
20 #include "mit-cpyright.h"
21 #include <afsconfig.h>
22 #include <afs/param.h>
29 #include "des_prototypes.h"
33 #define XPRT_CBC_ENCRYPT
36 * This routine performs DES cipher-block-chaining operation, either
37 * encrypting from cleartext to ciphertext, if encrypt != 0 or
38 * decrypting from ciphertext to cleartext, if encrypt == 0.
40 * The key schedule is passed as an arg, as well as the cleartext or
41 * ciphertext. The cleartext and ciphertext should be in host order.
43 * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
44 * enough space was provided, your program will get trashed.
46 * For encryption, the cleartext string is null padded, at the end, to
47 * an integral multiple of eight bytes.
49 * For decryption, the ciphertext will be used in integral multiples
50 * of 8 bytes, but only the first "length" bytes returned into the
54 des_cblock *in; * >= length bytes of input text *
55 des_cblock *out; * >= length bytes of output text *
56 afs_int32 length; * in bytes *
57 int encrypt; * 0 ==> decrypt, else encrypt *
58 des_key_schedule key; * precomputed key schedule *
59 des_cblock *iv; * 8 bytes of ivec *
62 des_cbc_encrypt(void * in, void * out, afs_int32 length,
63 des_key_schedule key, des_cblock * iv, int encrypt)
65 afs_uint32 *input = (afs_uint32 *) in;
66 afs_uint32 *output = (afs_uint32 *) out;
67 afs_uint32 *ivec = (afs_uint32 *) iv;
70 afs_uint32 t_input[2];
71 afs_uint32 t_output[2];
72 unsigned char *t_in_p = (unsigned char *)t_input;
73 afs_uint32 xor_0, xor_1;
77 if ((afs_int32) ivec & 3) {
78 memcpy((char *)&t_output[0], (char *)ivec++, sizeof(t_output[0]));
79 memcpy((char *)&t_output[1], (char *)ivec, sizeof(t_output[1]));
83 t_output[0] = *ivec++;
87 for (i = 0; length > 0; i++, length -= 8) {
90 if ((afs_int32) input & 3) {
91 memcpy((char *)&t_input[0], (char *)input++,
93 memcpy((char *)&t_input[1], (char *)input++,
98 t_input[0] = *input++;
99 t_input[1] = *input++;
104 for (j = length; j <= 7; j++)
109 des_debug_print("clear", length, t_input[0], t_input[1]);
111 /* do the xor for cbc into the temp */
112 t_input[0] ^= t_output[0];
113 t_input[1] ^= t_output[1];
115 (void)des_ecb_encrypt(t_input, t_output, key, encrypt);
116 /* copy temp output and save it for cbc */
118 if ((afs_int32) output & 3) {
119 memcpy((char *)output++, (char *)&t_output[0],
120 sizeof(t_output[0]));
121 memcpy((char *)output++, (char *)&t_output[1],
122 sizeof(t_output[1]));
126 *output++ = t_output[0];
127 *output++ = t_output[1];
132 des_debug_print("xor'ed", i, t_input[0], t_input[1]);
133 des_debug_print("cipher", i, t_output[0], t_output[1]);
143 if ((afs_int32) ivec & 3) {
144 memcpy((char *)&xor_0, (char *)ivec++, sizeof(xor_0));
145 memcpy((char *)&xor_1, (char *)ivec, sizeof(xor_1));
153 for (i = 0; length > 0; i++, length -= 8) {
156 if ((afs_int32) input & 3) {
157 memcpy((char *)&t_input[0], (char *)input++,
159 memcpy((char *)&t_input[1], (char *)input++,
164 t_input[0] = *input++;
165 t_input[1] = *input++;
168 /* no padding for decrypt */
171 des_debug_print("cipher", i, t_input[0], t_input[1]);
178 (void)des_ecb_encrypt(t_input, t_output, key, encrypt);
181 des_debug_print("out pre xor", i, t_output[0], t_output[1]);
183 /* do the xor for cbc into the output */
184 t_output[0] ^= xor_0;
185 t_output[1] ^= xor_1;
186 /* copy temp output */
188 if ((afs_int32) output & 3) {
189 memcpy((char *)output++, (char *)&t_output[0],
190 sizeof(t_output[0]));
191 memcpy((char *)output++, (char *)&t_output[1],
192 sizeof(t_output[1]));
196 *output++ = t_output[0];
197 *output++ = t_output[1];
200 /* save xor value for next round */
205 des_debug_print("clear", i, t_output[0], t_output[1]);