Expand DES_ncbc_encrypt() in des_enc.c.
authorjsing <jsing@openbsd.org>
Sat, 31 Aug 2024 14:29:15 +0000 (14:29 +0000)
committerjsing <jsing@openbsd.org>
Sat, 31 Aug 2024 14:29:15 +0000 (14:29 +0000)
Copy ncbc_enc.c where it was previously #included, then clean up with
`unifdef -m -UCBC_ENC_C__DONT_UPDATE_IV`.

Discussed with tb@

lib/libcrypto/des/des_enc.c

index f332b9a..86fab01 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: des_enc.c,v 1.16 2024/03/29 01:47:29 joshua Exp $ */
+/* $OpenBSD: des_enc.c,v 1.17 2024/08/31 14:29:15 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -284,8 +284,85 @@ LCRYPTO_ALIAS(DES_decrypt3);
 
 #ifndef DES_DEFAULT_OPTIONS
 
-#undef CBC_ENC_C__DONT_UPDATE_IV
-#include "ncbc_enc.c" /* DES_ncbc_encrypt */
+void
+DES_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+    DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
+{
+       DES_LONG tin0, tin1;
+       DES_LONG tout0, tout1, xor0, xor1;
+       long l = length;
+       DES_LONG tin[2];
+       unsigned char *iv;
+
+       iv = &(*ivec)[0];
+
+       if (enc) {
+               c2l(iv, tout0);
+               c2l(iv, tout1);
+               for (l -= 8; l >= 0; l -= 8) {
+                       c2l(in, tin0);
+                       c2l(in, tin1);
+                       tin0 ^= tout0;
+                       tin[0] = tin0;
+                       tin1 ^= tout1;
+                       tin[1] = tin1;
+                       DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
+                       tout0 = tin[0];
+                       l2c(tout0, out);
+                       tout1 = tin[1];
+                       l2c(tout1, out);
+               }
+               if (l != -8) {
+                       c2ln(in, tin0, tin1, l + 8);
+                       tin0 ^= tout0;
+                       tin[0] = tin0;
+                       tin1 ^= tout1;
+                       tin[1] = tin1;
+                       DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
+                       tout0 = tin[0];
+                       l2c(tout0, out);
+                       tout1 = tin[1];
+                       l2c(tout1, out);
+               }
+               iv = &(*ivec)[0];
+               l2c(tout0, iv);
+               l2c(tout1, iv);
+       } else {
+               c2l(iv, xor0);
+               c2l(iv, xor1);
+               for (l -= 8; l >= 0; l -= 8) {
+                       c2l(in, tin0);
+                       tin[0] = tin0;
+                       c2l(in, tin1);
+                       tin[1] = tin1;
+                       DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
+                       tout0 = tin[0] ^ xor0;
+                       tout1 = tin[1] ^ xor1;
+                       l2c(tout0, out);
+                       l2c(tout1, out);
+                       xor0 = tin0;
+                       xor1 = tin1;
+               }
+               if (l != -8) {
+                       c2l(in, tin0);
+                       tin[0] = tin0;
+                       c2l(in, tin1);
+                       tin[1] = tin1;
+                       DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
+                       tout0 = tin[0] ^ xor0;
+                       tout1 = tin[1] ^ xor1;
+                       l2cn(tout0, tout1, out, l + 8);
+                       xor0 = tin0;
+                       xor1 = tin1;
+               }
+               iv = &(*ivec)[0];
+               l2c(xor0, iv);
+               l2c(xor1, iv);
+       }
+       tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+       tin[0] = tin[1] = 0;
+}
+LCRYPTO_ALIAS(DES_ncbc_encrypt);
 
 void
 DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,