[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Tue Jan 27 15:03:33 UTC 2015
The branch master has been updated
via 109f1031a8d03a7c0a7c53c82314505ec5b7b207 (commit)
from 8507474564f3f743f5daa3468ca97a9b707b3583 (commit)
- Log -----------------------------------------------------------------
commit 109f1031a8d03a7c0a7c53c82314505ec5b7b207
Author: Rich Salz <rsalz at openssl.org>
Date: Tue Jan 27 10:02:39 2015 -0500
OPENSSL_NO_xxx cleanup: DEC-CBCM removed
A DES algorithm mode, known attacks, no EVP support.
Flushed.
Reviewed-by: Andy Polyakov <appro at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/des/Makefile | 11 +--
crypto/des/des.h | 5 --
crypto/des/des_old.h | 2 -
crypto/des/destest.c | 52 +------------
crypto/des/ede_cbcm_enc.c | 189 ---------------------------------------------
doc/crypto/des.pod | 6 +-
6 files changed, 4 insertions(+), 261 deletions(-)
delete mode 100644 crypto/des/ede_cbcm_enc.c
diff --git a/crypto/des/Makefile b/crypto/des/Makefile
index 4a63c1c..80a7add 100644
--- a/crypto/des/Makefile
+++ b/crypto/des/Makefile
@@ -28,7 +28,7 @@ LIBSRC= cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \
qud_cksm.c rand_key.c rpc_enc.c set_key.c \
des_enc.c fcrypt_b.c \
xcbc_enc.c \
- str2key.c cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
+ str2key.c cfb64ede.c ofb64ede.c des_old.c des_old2.c \
read2pwd.c
LIBOBJ= set_key.o ecb_enc.o cbc_enc.o \
@@ -37,7 +37,7 @@ LIBOBJ= set_key.o ecb_enc.o cbc_enc.o \
ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o \
${DES_ENC} \
fcrypt.o xcbc_enc.o rpc_enc.o cbc_cksm.o \
- ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
+ des_old.o des_old2.o read2pwd.o
SRC= $(LIBSRC)
@@ -169,13 +169,6 @@ ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
-ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
-ede_cbcm_enc.o: ../../include/openssl/e_os2.h
-ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
-ede_cbcm_enc.o: ../../include/openssl/ossl_typ.h
-ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c
enc_read.o: ../../e_os.h ../../include/openssl/bio.h
enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
diff --git a/crypto/des/des.h b/crypto/des/des.h
index fe02e34..0accc9b 100644
--- a/crypto/des/des.h
+++ b/crypto/des/des.h
@@ -182,11 +182,6 @@ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
long length,
DES_key_schedule *ks1, DES_key_schedule *ks2,
DES_key_schedule *ks3, DES_cblock *ivec, int enc);
-void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
- long length,
- DES_key_schedule *ks1, DES_key_schedule *ks2,
- DES_key_schedule *ks3,
- DES_cblock *ivec1, DES_cblock *ivec2, int enc);
void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_key_schedule *ks3,
diff --git a/crypto/des/des_old.h b/crypto/des/des_old.h
index 4dabd45..baa4b7d 100644
--- a/crypto/des/des_old.h
+++ b/crypto/des/des_old.h
@@ -141,8 +141,6 @@ typedef struct _ossl_old_des_ks_struct {
DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
-# define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
- DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
diff --git a/crypto/des/destest.c b/crypto/des/destest.c
index 62cc7a5..be68d36 100644
--- a/crypto/des/destest.c
+++ b/crypto/des/destest.c
@@ -362,7 +362,7 @@ int main(int argc, char *argv[])
{
int j, err = 0;
unsigned int i;
- des_cblock in, out, outin, iv3, iv2;
+ des_cblock in, out, outin, iv3;
des_key_schedule ks, ks2, ks3;
unsigned char cbc_in[40];
unsigned char cbc_out[40];
@@ -372,56 +372,6 @@ int main(int argc, char *argv[])
int num;
char *str;
-# ifndef OPENSSL_NO_DESCBCM
- printf("Doing cbcm\n");
- if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
- printf("Key error %d\n", j);
- err = 1;
- }
- if ((j = DES_set_key_checked(&cbc2_key, &ks2)) != 0) {
- printf("Key error %d\n", j);
- err = 1;
- }
- if ((j = DES_set_key_checked(&cbc3_key, &ks3)) != 0) {
- printf("Key error %d\n", j);
- err = 1;
- }
- memset(cbc_out, 0, 40);
- memset(cbc_in, 0, 40);
- i = strlen((char *)cbc_data) + 1;
- /* i=((i+7)/8)*8; */
- memcpy(iv3, cbc_iv, sizeof(cbc_iv));
- memset(iv2, '\0', sizeof iv2);
-
- DES_ede3_cbcm_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3, &iv2,
- DES_ENCRYPT);
- DES_ede3_cbcm_encrypt(&cbc_data[16], &cbc_out[16], i - 16, &ks, &ks2,
- &ks3, &iv3, &iv2, DES_ENCRYPT);
-/*- if (memcmp(cbc_out,cbc3_ok,
- (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
- {
- printf("des_ede3_cbc_encrypt encrypt error\n");
- err=1;
- }
-*/
- memcpy(iv3, cbc_iv, sizeof(cbc_iv));
- memset(iv2, '\0', sizeof iv2);
- DES_ede3_cbcm_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, &iv2,
- DES_DECRYPT);
- if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
- unsigned int n;
-
- printf("des_ede3_cbcm_encrypt decrypt error\n");
- for (n = 0; n < i; ++n)
- printf(" %02x", cbc_data[n]);
- printf("\n");
- for (n = 0; n < i; ++n)
- printf(" %02x", cbc_in[n]);
- printf("\n");
- err = 1;
- }
-# endif
-
printf("Doing ecb\n");
for (i = 0; i < NUM_TESTS; i++) {
DES_set_key_unchecked(&key_data[i], &ks);
diff --git a/crypto/des/ede_cbcm_enc.c b/crypto/des/ede_cbcm_enc.c
deleted file mode 100644
index 86f27d0..0000000
--- a/crypto/des/ede_cbcm_enc.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/* ede_cbcm_enc.c */
-/*
- * Written by Ben Laurie <ben at algroup.co.uk> for the OpenSSL project 13 Feb
- * 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/*
- *
- * This is an implementation of Triple DES Cipher Block Chaining with Output
- * Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
- *
- * Note that there is a known attack on this by Biham and Knudsen but it
- * takes a lot of work:
- *
- * http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
- *
- */
-
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_DESCBCM is defined */
-
-#ifndef OPENSSL_NO_DESCBCM
-# include "des_locl.h"
-
-void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3,
- DES_cblock *ivec1, DES_cblock *ivec2, int enc)
-{
- register DES_LONG tin0, tin1;
- register DES_LONG tout0, tout1, xor0, xor1, m0, m1;
- register long l = length;
- DES_LONG tin[2];
- unsigned char *iv1, *iv2;
-
- iv1 = &(*ivec1)[0];
- iv2 = &(*ivec2)[0];
-
- if (enc) {
- c2l(iv1, m0);
- c2l(iv1, m1);
- c2l(iv2, tout0);
- c2l(iv2, tout1);
- for (l -= 8; l >= -7; l -= 8) {
- tin[0] = m0;
- tin[1] = m1;
- DES_encrypt1(tin, ks3, 1);
- m0 = tin[0];
- m1 = tin[1];
-
- if (l < 0) {
- c2ln(in, tin0, tin1, l + 8);
- } else {
- c2l(in, tin0);
- c2l(in, tin1);
- }
- tin0 ^= tout0;
- tin1 ^= tout1;
-
- tin[0] = tin0;
- tin[1] = tin1;
- DES_encrypt1(tin, ks1, 1);
- tin[0] ^= m0;
- tin[1] ^= m1;
- DES_encrypt1(tin, ks2, 0);
- tin[0] ^= m0;
- tin[1] ^= m1;
- DES_encrypt1(tin, ks1, 1);
- tout0 = tin[0];
- tout1 = tin[1];
-
- l2c(tout0, out);
- l2c(tout1, out);
- }
- iv1 = &(*ivec1)[0];
- l2c(m0, iv1);
- l2c(m1, iv1);
-
- iv2 = &(*ivec2)[0];
- l2c(tout0, iv2);
- l2c(tout1, iv2);
- } else {
- register DES_LONG t0, t1;
-
- c2l(iv1, m0);
- c2l(iv1, m1);
- c2l(iv2, xor0);
- c2l(iv2, xor1);
- for (l -= 8; l >= -7; l -= 8) {
- tin[0] = m0;
- tin[1] = m1;
- DES_encrypt1(tin, ks3, 1);
- m0 = tin[0];
- m1 = tin[1];
-
- c2l(in, tin0);
- c2l(in, tin1);
-
- t0 = tin0;
- t1 = tin1;
-
- tin[0] = tin0;
- tin[1] = tin1;
- DES_encrypt1(tin, ks1, 0);
- tin[0] ^= m0;
- tin[1] ^= m1;
- DES_encrypt1(tin, ks2, 1);
- tin[0] ^= m0;
- tin[1] ^= m1;
- DES_encrypt1(tin, ks1, 0);
- tout0 = tin[0];
- tout1 = tin[1];
-
- tout0 ^= xor0;
- tout1 ^= xor1;
- if (l < 0) {
- l2cn(tout0, tout1, out, l + 8);
- } else {
- l2c(tout0, out);
- l2c(tout1, out);
- }
- xor0 = t0;
- xor1 = t1;
- }
-
- iv1 = &(*ivec1)[0];
- l2c(m0, iv1);
- l2c(m1, iv1);
-
- iv2 = &(*ivec2)[0];
- l2c(xor0, iv2);
- l2c(xor1, iv2);
- }
- tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
- tin[0] = tin[1] = 0;
-}
-#endif
diff --git a/doc/crypto/des.pod b/doc/crypto/des.pod
index 51df21a..2afe572 100644
--- a/doc/crypto/des.pod
+++ b/doc/crypto/des.pod
@@ -8,7 +8,7 @@ DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt,
DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt,
DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt,
DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt,
-DES_ede3_cbcm_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt,
+DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt,
DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys,
DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption
@@ -73,10 +73,6 @@ DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption
unsigned char *output, long length, DES_key_schedule *ks1,
DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec,
int enc);
- void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
- long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
- DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
- int enc);
void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
DES_key_schedule *ks3, DES_cblock *ivec, int *num, int enc);
More information about the openssl-commits
mailing list