diff options
Diffstat (limited to 'crypto/evp/e_des3.c')
-rw-r--r-- | crypto/evp/e_des3.c | 62 |
1 files changed, 50 insertions, 12 deletions
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index 86342fb952..ac148efab2 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -63,6 +63,7 @@ #include <openssl/objects.h> #include "evp_locl.h" #include <openssl/des.h> +#include <openssl/rand.h> static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv,int enc); @@ -70,6 +71,8 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv,int enc); +static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); + typedef struct { DES_key_schedule ks1;/* key schedule */ @@ -161,10 +164,10 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, - 0, des_ede_init_key, NULL, + EVP_CIPH_RAND_KEY, des_ede_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, - NULL) + des3_ctrl) #define des_ede3_cfb64_cipher des_ede_cfb64_cipher #define des_ede3_ofb_cipher des_ede_ofb_cipher @@ -172,28 +175,35 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, #define des_ede3_ecb_cipher des_ede_ecb_cipher BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, - 0, des_ede3_init_key, NULL, + EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, - NULL) + des3_ctrl) -BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1,0, - des_ede3_init_key,NULL, +BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1, + EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv,NULL) + EVP_CIPHER_get_asn1_iv, + des3_ctrl) -BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8,0, - des_ede3_init_key,NULL, +BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8, + EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv,NULL) + EVP_CIPHER_get_asn1_iv, + des3_ctrl) static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { DES_cblock *deskey = (DES_cblock *)key; - +#ifdef EVP_CHECK_DES_KEY + if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1) + !! DES_set_key_checked(&deskey[1],&data(ctx)->ks2)) + return 0; +#else DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1); DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2); +#endif memcpy(&data(ctx)->ks3,&data(ctx)->ks1, sizeof(data(ctx)->ks1)); return 1; @@ -214,13 +224,41 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, } #endif /* KSSL_DEBUG */ +#ifdef EVP_CHECK_DES_KEY + if (DES_set_key_checked(&deskey[0],&data(ctx)->ks1) + || DES_set_key_checked(&deskey[1],&data(ctx)->ks2) + || DES_set_key_checked(&deskey[2],&data(ctx)->ks3)) + return 0; +#else DES_set_key_unchecked(&deskey[0],&data(ctx)->ks1); DES_set_key_unchecked(&deskey[1],&data(ctx)->ks2); DES_set_key_unchecked(&deskey[2],&data(ctx)->ks3); - +#endif return 1; } +static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) + { + + DES_cblock *deskey = ptr; + + switch(type) + { + case EVP_CTRL_RAND_KEY: + if (RAND_bytes(ptr, c->key_len) <= 0) + return 0; + DES_set_odd_parity(deskey); + if (c->key_len >= 16) + DES_set_odd_parity(deskey + 1); + if (c->key_len >= 24) + DES_set_odd_parity(deskey + 2); + return 1; + + default: + return -1; + } + } + const EVP_CIPHER *EVP_des_ede(void) { return &des_ede_ecb; |