1 /* $OpenBSD: e_rc2.c,v 1.19 2022/09/15 07:04:19 jsing Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <limits.h> 60 #include <stdio.h> 61 62 #include <openssl/opensslconf.h> 63 64 #ifndef OPENSSL_NO_RC2 65 66 #include <openssl/err.h> 67 #include <openssl/evp.h> 68 #include <openssl/objects.h> 69 #include <openssl/rc2.h> 70 71 #include "evp_locl.h" 72 73 static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 74 const unsigned char *iv, int enc); 75 static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx); 76 static int rc2_magic_to_meth(int i); 77 static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); 78 static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); 79 static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); 80 81 typedef struct { 82 int key_bits; /* effective key bits */ 83 RC2_KEY ks; /* key schedule */ 84 } EVP_RC2_KEY; 85 86 #define data(ctx) ((EVP_RC2_KEY *)(ctx)->cipher_data) 87 88 static int 89 rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) 90 { 91 size_t chunk = LONG_MAX & ~0xff; 92 93 while (inl >= chunk) { 94 RC2_cbc_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); 95 inl -= chunk; 96 in += chunk; 97 out += chunk; 98 } 99 100 if (inl) 101 RC2_cbc_encrypt(in, out, (long)inl, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, ctx->encrypt); 102 103 return 1; 104 } 105 106 static int 107 rc2_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) 108 { 109 size_t chunk = LONG_MAX & ~0xff; 110 111 if (inl < chunk) 112 chunk = inl; 113 114 while (inl && inl >= chunk) { 115 RC2_cfb64_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num, ctx->encrypt); 116 inl -= chunk; 117 in += chunk; 118 out += chunk; 119 if (inl < chunk) 120 chunk = inl; 121 } 122 123 return 1; 124 } 125 126 static int 127 rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) 128 { 129 size_t i, bl; 130 131 bl = ctx->cipher->block_size; 132 133 if (inl < bl) 134 return 1; 135 136 inl -= bl; 137 138 for (i = 0; i <= inl; i += bl) 139 RC2_ecb_encrypt(in + i, out + i, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->encrypt); 140 141 return 1; 142 } 143 144 static int 145 rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) 146 { 147 size_t chunk = LONG_MAX & ~0xff; 148 149 while (inl >= chunk) { 150 RC2_ofb64_encrypt(in, out, (long)chunk, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); 151 inl -= chunk; 152 in += chunk; 153 out += chunk; 154 } 155 156 if (inl) 157 RC2_ofb64_encrypt(in, out, (long)inl, &((EVP_RC2_KEY *)ctx->cipher_data)->ks, ctx->iv, &ctx->num); 158 159 return 1; 160 } 161 162 static const EVP_CIPHER rc2_cbc = { 163 .nid = NID_rc2_cbc, 164 .block_size = 8, 165 .key_len = RC2_KEY_LENGTH, 166 .iv_len = 8, 167 .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_CBC_MODE, 168 .init = rc2_init_key, 169 .do_cipher = rc2_cbc_cipher, 170 .cleanup = NULL, 171 .ctx_size = sizeof(EVP_RC2_KEY), 172 .set_asn1_parameters = rc2_set_asn1_type_and_iv, 173 .get_asn1_parameters = rc2_get_asn1_type_and_iv, 174 .ctrl = rc2_ctrl, 175 .app_data = NULL, 176 }; 177 178 const EVP_CIPHER * 179 EVP_rc2_cbc(void) 180 { 181 return &rc2_cbc; 182 } 183 184 static const EVP_CIPHER rc2_cfb64 = { 185 .nid = NID_rc2_cfb64, 186 .block_size = 1, 187 .key_len = RC2_KEY_LENGTH, 188 .iv_len = 8, 189 .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_CFB_MODE, 190 .init = rc2_init_key, 191 .do_cipher = rc2_cfb64_cipher, 192 .cleanup = NULL, 193 .ctx_size = sizeof(EVP_RC2_KEY), 194 .set_asn1_parameters = rc2_set_asn1_type_and_iv, 195 .get_asn1_parameters = rc2_get_asn1_type_and_iv, 196 .ctrl = rc2_ctrl, 197 .app_data = NULL, 198 }; 199 200 const EVP_CIPHER * 201 EVP_rc2_cfb64(void) 202 { 203 return &rc2_cfb64; 204 } 205 206 static const EVP_CIPHER rc2_ofb = { 207 .nid = NID_rc2_ofb64, 208 .block_size = 1, 209 .key_len = RC2_KEY_LENGTH, 210 .iv_len = 8, 211 .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_OFB_MODE, 212 .init = rc2_init_key, 213 .do_cipher = rc2_ofb_cipher, 214 .cleanup = NULL, 215 .ctx_size = sizeof(EVP_RC2_KEY), 216 .set_asn1_parameters = rc2_set_asn1_type_and_iv, 217 .get_asn1_parameters = rc2_get_asn1_type_and_iv, 218 .ctrl = rc2_ctrl, 219 .app_data = NULL, 220 }; 221 222 const EVP_CIPHER * 223 EVP_rc2_ofb(void) 224 { 225 return &rc2_ofb; 226 } 227 228 static const EVP_CIPHER rc2_ecb = { 229 .nid = NID_rc2_ecb, 230 .block_size = 8, 231 .key_len = RC2_KEY_LENGTH, 232 .iv_len = 0, 233 .flags = EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT | EVP_CIPH_ECB_MODE, 234 .init = rc2_init_key, 235 .do_cipher = rc2_ecb_cipher, 236 .cleanup = NULL, 237 .ctx_size = sizeof(EVP_RC2_KEY), 238 .set_asn1_parameters = rc2_set_asn1_type_and_iv, 239 .get_asn1_parameters = rc2_get_asn1_type_and_iv, 240 .ctrl = rc2_ctrl, 241 .app_data = NULL, 242 }; 243 244 const EVP_CIPHER * 245 EVP_rc2_ecb(void) 246 { 247 return &rc2_ecb; 248 } 249 250 #define RC2_40_MAGIC 0xa0 251 #define RC2_64_MAGIC 0x78 252 #define RC2_128_MAGIC 0x3a 253 254 static const EVP_CIPHER r2_64_cbc_cipher = { 255 NID_rc2_64_cbc, 256 8, 8 /* 64 bit */, 8, 257 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, 258 rc2_init_key, 259 rc2_cbc_cipher, 260 NULL, 261 sizeof(EVP_RC2_KEY), 262 rc2_set_asn1_type_and_iv, 263 rc2_get_asn1_type_and_iv, 264 rc2_ctrl, 265 NULL 266 }; 267 268 static const EVP_CIPHER r2_40_cbc_cipher = { 269 NID_rc2_40_cbc, 270 8, 5 /* 40 bit */, 8, 271 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, 272 rc2_init_key, 273 rc2_cbc_cipher, 274 NULL, 275 sizeof(EVP_RC2_KEY), 276 rc2_set_asn1_type_and_iv, 277 rc2_get_asn1_type_and_iv, 278 rc2_ctrl, 279 NULL 280 }; 281 282 const EVP_CIPHER * 283 EVP_rc2_64_cbc(void) 284 { 285 return (&r2_64_cbc_cipher); 286 } 287 288 const EVP_CIPHER * 289 EVP_rc2_40_cbc(void) 290 { 291 return (&r2_40_cbc_cipher); 292 } 293 294 static int 295 rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, 296 const unsigned char *iv, int enc) 297 { 298 RC2_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), 299 key, data(ctx)->key_bits); 300 return 1; 301 } 302 303 static int 304 rc2_meth_to_magic(EVP_CIPHER_CTX *e) 305 { 306 int i; 307 308 if (EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i) <= 0) 309 return (0); 310 if (i == 128) 311 return (RC2_128_MAGIC); 312 else if (i == 64) 313 return (RC2_64_MAGIC); 314 else if (i == 40) 315 return (RC2_40_MAGIC); 316 else 317 return (0); 318 } 319 320 static int 321 rc2_magic_to_meth(int i) 322 { 323 if (i == RC2_128_MAGIC) 324 return 128; 325 else if (i == RC2_64_MAGIC) 326 return 64; 327 else if (i == RC2_40_MAGIC) 328 return 40; 329 else { 330 EVPerror(EVP_R_UNSUPPORTED_KEY_SIZE); 331 return (0); 332 } 333 } 334 335 static int 336 rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 337 { 338 long num = 0; 339 int i = 0; 340 int key_bits; 341 unsigned int l; 342 unsigned char iv[EVP_MAX_IV_LENGTH]; 343 344 if (type != NULL) { 345 l = EVP_CIPHER_CTX_iv_length(c); 346 if (l > sizeof(iv)) { 347 EVPerror(EVP_R_IV_TOO_LARGE); 348 return -1; 349 } 350 i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l); 351 if (i != (int)l) 352 return (-1); 353 key_bits = rc2_magic_to_meth((int)num); 354 if (!key_bits) 355 return (-1); 356 if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1)) 357 return -1; 358 if (EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, 359 key_bits, NULL) <= 0) 360 return -1; 361 if (!EVP_CIPHER_CTX_set_key_length(c, key_bits / 8)) 362 return -1; 363 } 364 return (i); 365 } 366 367 static int 368 rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) 369 { 370 long num; 371 int i = 0, j; 372 373 if (type != NULL) { 374 num = rc2_meth_to_magic(c); 375 j = EVP_CIPHER_CTX_iv_length(c); 376 i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j); 377 } 378 return (i); 379 } 380 381 static int 382 rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) 383 { 384 switch (type) { 385 case EVP_CTRL_INIT: 386 data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8; 387 return 1; 388 389 case EVP_CTRL_GET_RC2_KEY_BITS: 390 *(int *)ptr = data(c)->key_bits; 391 return 1; 392 393 case EVP_CTRL_SET_RC2_KEY_BITS: 394 if (arg > 0) { 395 data(c)->key_bits = arg; 396 return 1; 397 } 398 return 0; 399 400 #ifdef PBE_PRF_TEST 401 case EVP_CTRL_PBE_PRF_NID: 402 *(int *)ptr = NID_hmacWithMD5; 403 return 1; 404 #endif 405 406 default: 407 return -1; 408 } 409 } 410 411 #endif 412