Commit 50f40631 authored by Andy Polyakov's avatar Andy Polyakov
Browse files

Fix for DES_cfb_encrypt corrupting output buffer. This renders certain 

code in corresponding EVP modules obsolete, which I remove at once.
parent 370d5a72

crypto/des/cfb64ede.c

+8 −8
Original line number Diff line number Diff line
@@ -150,9 +150,9 @@ void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out, 
			  DES_key_schedule *ks2,DES_key_schedule *ks3,

			  DES_cblock *ivec,int enc)

	{

	register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;

	register DES_LONG d0,d1,v0,v1;

	register unsigned long l=length;

	register int num=numbits;

	register int num=numbits,n=(numbits+7)/8,i;

	DES_LONG ti[2];

	unsigned char *iv;

	unsigned char ovec[16];
@@ -192,10 +192,10 @@ void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out, 
				memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));

				/* now the remaining bits */

				if(num%8 != 0)

					for(n=0 ; n < 8 ; ++n)

					for(i=0 ; i < 8 ; ++i)

						{

						ovec[n]<<=num%8;

						ovec[n]|=ovec[n+1]>>(8-num%8);

						ovec[i]<<=num%8;

						ovec[i]|=ovec[i+1]>>(8-num%8);

						}

				iv=&ovec[0];

				c2l(iv,v0);
@@ -230,10 +230,10 @@ void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out, 
				memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));

				/* now the remaining bits */

				if(num%8 != 0)

					for(n=0 ; n < 8 ; ++n)

					for(i=0 ; i < 8 ; ++i)

						{

						ovec[n]<<=num%8;

						ovec[n]|=ovec[n+1]>>(8-num%8);

						ovec[i]<<=num%8;

						ovec[i]|=ovec[i+1]>>(8-num%8);

						}

				iv=&ovec[0];

				c2l(iv,v0);

crypto/des/cfb_enc.c

+8 −10
Original line number Diff line number Diff line
@@ -65,17 +65,15 @@ 
 * the second.  The second 12 bits will come from the 3rd and half the 4th

 * byte.

 */

/* WARNING WARNING: this uses in and out in 8-byte chunks regardless of

 * length */

/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it

 * will not be compatible with any encryption prior to that date. Ben. */

void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,

		     long length, DES_key_schedule *schedule, DES_cblock *ivec,

		     int enc)

	{

	register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;

	register DES_LONG d0,d1,v0,v1;

	register unsigned long l=length;

	register int num=numbits;

	register int num=numbits,n=(numbits+7)/8,i;

	DES_LONG ti[2];

	unsigned char *iv;

	unsigned char ovec[16];
@@ -115,10 +113,10 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, 
				memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));

				/* now the remaining bits */

				if(num%8 != 0)

					for(n=0 ; n < 8 ; ++n)

					for(i=0 ; i < 8 ; ++i)

						{

						ovec[n]<<=num%8;

						ovec[n]|=ovec[n+1]>>(8-num%8);

						ovec[i]<<=num%8;

						ovec[i]|=ovec[i+1]>>(8-num%8);

						}

				iv=&ovec[0];

				c2l(iv,v0);
@@ -153,10 +151,10 @@ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, 
				memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));

				/* now the remaining bits */

				if(num%8 != 0)

					for(n=0 ; n < 8 ; ++n)

					for(i=0 ; i < 8 ; ++i)

						{

						ovec[n]<<=num%8;

						ovec[n]|=ovec[n+1]>>(8-num%8);

						ovec[i]<<=num%8;

						ovec[i]|=ovec[i+1]>>(8-num%8);

						}

				iv=&ovec[0];

				c2l(iv,v0);

crypto/evp/e_des.c

+3 −11
Original line number Diff line number Diff line
@@ -56,9 +56,9 @@ 
 * [including the GNU Public Licence.]

 */



#ifndef OPENSSL_NO_DES

#include <stdio.h>

#include "cryptlib.h"

#ifndef OPENSSL_NO_DES

#include <openssl/evp.h>

#include <openssl/objects.h>

#include "evp_locl.h"
@@ -106,9 +106,8 @@ static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 
			   const unsigned char *in, unsigned int inl)

    {

    unsigned int n;

    unsigned char c[8],d[8]; /* DES_cfb_encrypt rudely overwrites the whole buffer*/

    unsigned char c[1],d[1];



    memset(out,0,(inl+7)/8);

    for(n=0 ; n < inl ; ++n)

	{

	c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
@@ -116,21 +115,14 @@ static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 
			ctx->encrypt);

	out[n/8]=(out[n/8]&~(0x80 >> (n%8)))|((d[0]&0x80) >> (n%8));

	}



    return 1;

    }



static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

			   const unsigned char *in, unsigned int inl)

    {

    unsigned char *tmp; /* DES_cfb_encrypt rudely overwrites the whole buffer*/



    tmp=alloca(inl+7);

    memcpy(tmp,in,inl);

    DES_cfb_encrypt(tmp,tmp,8,inl,ctx->cipher_data,(DES_cblock *)ctx->iv,

    DES_cfb_encrypt(in,out,8,inl,ctx->cipher_data,(DES_cblock *)ctx->iv,

		    ctx->encrypt);

    memcpy(out,tmp,inl);



    return 1;

    }

crypto/evp/e_des3.c

+3 −10
Original line number Diff line number Diff line
@@ -56,9 +56,9 @@ 
 * [including the GNU Public Licence.]

 */



#ifndef OPENSSL_NO_DES

#include <stdio.h>

#include "cryptlib.h"

#ifndef OPENSSL_NO_DES

#include <openssl/evp.h>

#include <openssl/objects.h>

#include "evp_locl.h"
@@ -136,9 +136,8 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 
				const unsigned char *in, unsigned int inl)

    {

    unsigned int n;

    unsigned char c[8],d[8]; /* DES_cfb_encrypt rudely overwrites the whole buffer*/

    unsigned char c[1],d[1];



    memset(out,0,(inl+7)/8);

    for(n=0 ; n < inl ; ++n)

	{

	c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
@@ -154,15 +153,9 @@ static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, 
static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,

				const unsigned char *in, unsigned int inl)

    {

    unsigned char *tmp; /* DES_cfb_encrypt rudely overwrites the whole buffer*/



    tmp=alloca(inl+7);

    memcpy(tmp,in,inl);

    DES_ede3_cfb_encrypt(tmp,tmp,8,inl,

    DES_ede3_cfb_encrypt(in,out,8,inl,

			 &data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,

			 (DES_cblock *)ctx->iv,ctx->encrypt);

    memcpy(out,tmp,inl);



    return 1;

    }