1 /* $OpenBSD: e_rc2.c,v 1.19 2022/09/15 07:04:19 jsing Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59 #include <limits.h>
60 #include <stdio.h>
61
62 #include <openssl/opensslconf.h>
63
64 #ifndef OPENSSL_NO_RC2
65
66 #include <openssl/err.h>
67 #include <openssl/evp.h>
68 #include <openssl/objects.h>
69 #include <openssl/rc2.h>
70
71 #include "evp_locl.h"
72
73 static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
74 const unsigned char *iv, int enc);
75 static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
76 static int rc2_magic_to_meth(int i);
77 static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
78 static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
79 static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
80
81 typedef struct {
82 int key_bits; /* effective key bits */
83 RC2_KEY ks; /* key schedule */
84 } EVP_RC2_KEY;
85
86 #define data(ctx) ((EVP_RC2_KEY *)(ctx)->cipher_data)
87
88 static int
rc2_cbc_cipher(EVP_CIPHER_CTX * ctx,unsigned char * out,const unsigned char * in,size_t inl)89 rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
90 {
91 size_t chunk = LONG_MAX & ~0xff;
92
93 while (inl >= chunk) {
94 RC2_cbc_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
95 inl -= chunk;
96 in += chunk;
97 out += chunk;
98 }
99
100 if (inl)
101 RC2_cbc_encrypt(in, out, (long)inl, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt);
102
103 return 1;
104 }
105
106 static int
rc2_cfb64_cipher(EVP_CIPHER_CTX * ctx,unsigned char * out,const unsigned char * in,size_t inl)107 rc2_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
108 {
109 size_t chunk = LONG_MAX & ~0xff;
110
111 if (inl < chunk)
112 chunk = inl;
113
114 while (inl && inl >= chunk) {
115 RC2_cfb64_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt);
116 inl -= chunk;
117 in += chunk;
118 out += chunk;
119 if (inl < chunk)
120 chunk = inl;
121 }
122
123 return 1;
124 }
125
126 static int
rc2_ecb_cipher(EVP_CIPHER_CTX * ctx,unsigned char * out,const unsigned char * in,size_t inl)127 rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
128 {
129 size_t i, bl;
130
131 bl = ctx->cipher->block_size;
132
133 if (inl < bl)
134 return 1;
135
136 inl -= bl;
137
138 for (i = 0; i <= inl; i += bl)
139 RC2_ecb_encrypt(in + i, out + i, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->encrypt);
140
141 return 1;
142 }
143
144 static int
rc2_ofb_cipher(EVP_CIPHER_CTX * ctx,unsigned char * out,const unsigned char * in,size_t inl)145 rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl)
146 {
147 size_t chunk = LONG_MAX & ~0xff;
148
149 while (inl >= chunk) {
150 RC2_ofb64_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
151 inl -= chunk;
152 in += chunk;
153 out += chunk;
154 }
155
156 if (inl)
157 RC2_ofb64_encrypt(in, out, (long)inl, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num);
158
159 return 1;
160 }
161
162 static const EVP_CIPHER rc2_cbc = {
163 .nid = NID_rc2_cbc,
164 .block_size = 8,
165 .key_len = RC2_KEY_LENGTH,
166 .iv_len = 8,
167 .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_CBC_MODE,
168 .init = rc2_init_key,
169 .do_cipher = rc2_cbc_cipher,
170 .cleanup = NULL,
171 .ctx_size = sizeof(EVP_RC2_KEY),
172 .set_asn1_parameters = rc2_set_asn1_type_and_iv,
173 .get_asn1_parameters = rc2_get_asn1_type_and_iv,
174 .ctrl = rc2_ctrl,
175 .app_data = NULL,
176 };
177
178 const EVP_CIPHER *
EVP_rc2_cbc(void)179 EVP_rc2_cbc(void)
180 {
181 return &rc2_cbc;
182 }
183
184 static const EVP_CIPHER rc2_cfb64 = {
185 .nid = NID_rc2_cfb64,
186 .block_size = 1,
187 .key_len = RC2_KEY_LENGTH,
188 .iv_len = 8,
189 .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_CFB_MODE,
190 .init = rc2_init_key,
191 .do_cipher = rc2_cfb64_cipher,
192 .cleanup = NULL,
193 .ctx_size = sizeof(EVP_RC2_KEY),
194 .set_asn1_parameters = rc2_set_asn1_type_and_iv,
195 .get_asn1_parameters = rc2_get_asn1_type_and_iv,
196 .ctrl = rc2_ctrl,
197 .app_data = NULL,
198 };
199
200 const EVP_CIPHER *
EVP_rc2_cfb64(void)201 EVP_rc2_cfb64(void)
202 {
203 return &rc2_cfb64;
204 }
205
206 static const EVP_CIPHER rc2_ofb = {
207 .nid = NID_rc2_ofb64,
208 .block_size = 1,
209 .key_len = RC2_KEY_LENGTH,
210 .iv_len = 8,
211 .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_OFB_MODE,
212 .init = rc2_init_key,
213 .do_cipher = rc2_ofb_cipher,
214 .cleanup = NULL,
215 .ctx_size = sizeof(EVP_RC2_KEY),
216 .set_asn1_parameters = rc2_set_asn1_type_and_iv,
217 .get_asn1_parameters = rc2_get_asn1_type_and_iv,
218 .ctrl = rc2_ctrl,
219 .app_data = NULL,
220 };
221
222 const EVP_CIPHER *
EVP_rc2_ofb(void)223 EVP_rc2_ofb(void)
224 {
225 return &rc2_ofb;
226 }
227
228 static const EVP_CIPHER rc2_ecb = {
229 .nid = NID_rc2_ecb,
230 .block_size = 8,
231 .key_len = RC2_KEY_LENGTH,
232 .iv_len = 0,
233 .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_ECB_MODE,
234 .init = rc2_init_key,
235 .do_cipher = rc2_ecb_cipher,
236 .cleanup = NULL,
237 .ctx_size = sizeof(EVP_RC2_KEY),
238 .set_asn1_parameters = rc2_set_asn1_type_and_iv,
239 .get_asn1_parameters = rc2_get_asn1_type_and_iv,
240 .ctrl = rc2_ctrl,
241 .app_data = NULL,
242 };
243
244 const EVP_CIPHER *
EVP_rc2_ecb(void)245 EVP_rc2_ecb(void)
246 {
247 return &rc2_ecb;
248 }
249
250 #define RC2_40_MAGIC 0xa0
251 #define RC2_64_MAGIC 0x78
252 #define RC2_128_MAGIC 0x3a
253
254 static const EVP_CIPHER r2_64_cbc_cipher = {
255 NID_rc2_64_cbc,
256 8, 8 /* 64 bit */, 8,
257 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
258 rc2_init_key,
259 rc2_cbc_cipher,
260 NULL,
261 sizeof(EVP_RC2_KEY),
262 rc2_set_asn1_type_and_iv,
263 rc2_get_asn1_type_and_iv,
264 rc2_ctrl,
265 NULL
266 };
267
268 static const EVP_CIPHER r2_40_cbc_cipher = {
269 NID_rc2_40_cbc,
270 8, 5 /* 40 bit */, 8,
271 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
272 rc2_init_key,
273 rc2_cbc_cipher,
274 NULL,
275 sizeof(EVP_RC2_KEY),
276 rc2_set_asn1_type_and_iv,
277 rc2_get_asn1_type_and_iv,
278 rc2_ctrl,
279 NULL
280 };
281
282 const EVP_CIPHER *
EVP_rc2_64_cbc(void)283 EVP_rc2_64_cbc(void)
284 {
285 return (&r2_64_cbc_cipher);
286 }
287
288 const EVP_CIPHER *
EVP_rc2_40_cbc(void)289 EVP_rc2_40_cbc(void)
290 {
291 return (&r2_40_cbc_cipher);
292 }
293
294 static int
rc2_init_key(EVP_CIPHER_CTX * ctx,const unsigned char * key,const unsigned char * iv,int enc)295 rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
296 const unsigned char *iv, int enc)
297 {
298 RC2_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
299 key, data(ctx)->key_bits);
300 return 1;
301 }
302
303 static int
rc2_meth_to_magic(EVP_CIPHER_CTX * e)304 rc2_meth_to_magic(EVP_CIPHER_CTX *e)
305 {
306 int i;
307
308 if (EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i) <= 0)
309 return (0);
310 if (i == 128)
311 return (RC2_128_MAGIC);
312 else if (i == 64)
313 return (RC2_64_MAGIC);
314 else if (i == 40)
315 return (RC2_40_MAGIC);
316 else
317 return (0);
318 }
319
320 static int
rc2_magic_to_meth(int i)321 rc2_magic_to_meth(int i)
322 {
323 if (i == RC2_128_MAGIC)
324 return 128;
325 else if (i == RC2_64_MAGIC)
326 return 64;
327 else if (i == RC2_40_MAGIC)
328 return 40;
329 else {
330 EVPerror(EVP_R_UNSUPPORTED_KEY_SIZE);
331 return (0);
332 }
333 }
334
335 static int
rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX * c,ASN1_TYPE * type)336 rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
337 {
338 long num = 0;
339 int i = 0;
340 int key_bits;
341 unsigned int l;
342 unsigned char iv[EVP_MAX_IV_LENGTH];
343
344 if (type != NULL) {
345 l = EVP_CIPHER_CTX_iv_length(c);
346 if (l > sizeof(iv)) {
347 EVPerror(EVP_R_IV_TOO_LARGE);
348 return -1;
349 }
350 i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
351 if (i != (int)l)
352 return (-1);
353 key_bits = rc2_magic_to_meth((int)num);
354 if (!key_bits)
355 return (-1);
356 if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
357 return -1;
358 if (EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS,
359 key_bits, NULL) <= 0)
360 return -1;
361 if (!EVP_CIPHER_CTX_set_key_length(c, key_bits / 8))
362 return -1;
363 }
364 return (i);
365 }
366
367 static int
rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX * c,ASN1_TYPE * type)368 rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
369 {
370 long num;
371 int i = 0, j;
372
373 if (type != NULL) {
374 num = rc2_meth_to_magic(c);
375 j = EVP_CIPHER_CTX_iv_length(c);
376 i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j);
377 }
378 return (i);
379 }
380
381 static int
rc2_ctrl(EVP_CIPHER_CTX * c,int type,int arg,void * ptr)382 rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
383 {
384 switch (type) {
385 case EVP_CTRL_INIT:
386 data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
387 return 1;
388
389 case EVP_CTRL_GET_RC2_KEY_BITS:
390 *(int *)ptr = data(c)->key_bits;
391 return 1;
392
393 case EVP_CTRL_SET_RC2_KEY_BITS:
394 if (arg > 0) {
395 data(c)->key_bits = arg;
396 return 1;
397 }
398 return 0;
399
400 #ifdef PBE_PRF_TEST
401 case EVP_CTRL_PBE_PRF_NID:
402 *(int *)ptr = NID_hmacWithMD5;
403 return 1;
404 #endif
405
406 default:
407 return -1;
408 }
409 }
410
411 #endif
412