Google Git
Sign in
android / platform / external / boringssl / b35c285^! / .
commitb35c28511f2819a9b12fb0b863c35b4dc3384785[log] [tgz]
authorMatt Braithwaite <mab@google.com>Tue Aug 11 17:19:35 2015 -0700
committerFeng Yu <feny@google.com>Fri Sep 23 22:12:51 2016 -0700
tree49fb9e4bcec94ac1d5c16790988fd7ac1e1906e0
parent85a981149c535c4ad4167051a02787de405b89db [diff]
Re-add |EVP_des_ede_cbc|.

Note that while |DES_ede2_cbc_encrypt| exists, I didn't use it: I
think it's easier to see what's happening this way.

(I couldn't find an authoritative source of test data, including in
OpenSSL's source, so I used OpenSSL's implementation to produce the
test ciphertext.)

This benefits globalplatform.

(cherry picked from commit 8c413a2d94fa720fae6a7d9c939e33978f3ed25b)

Bug: 31081987
Change-Id: I7e17ca0b69067d7b3f4bc213b4616eb269882ae0
Reviewed-on: https://boringssl-review.googlesource.com/5724
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/src/crypto/cipher/cipher_test.cc b/src/crypto/cipher/cipher_test.cc
index 97a84e0..2b4f58f 100644
--- a/src/crypto/cipher/cipher_test.cc
+++ b/src/crypto/cipher/cipher_test.cc

@@ -69,6 +69,8 @@
 static const EVP_CIPHER *GetCipher(const std::string &name) {
   if (name == "DES-CBC") {
     return EVP_des_cbc();
+  } else if (name == "DES-EDE-CBC") {
+    return EVP_des_ede_cbc();
   } else if (name == "DES-EDE3-CBC") {
     return EVP_des_ede3_cbc();
   } else if (name == "RC4") {

diff --git a/src/crypto/cipher/e_des.c b/src/crypto/cipher/e_des.c
index 4c09a81..f85e764 100644
--- a/src/crypto/cipher/e_des.c
+++ b/src/crypto/cipher/e_des.c

@@ -126,10 +126,31 @@
   return 1;
 }
 
-static const EVP_CIPHER des3_cbc = {
+static const EVP_CIPHER des_ede3_cbc = {
     NID_des_ede3_cbc,    8 /* block_size */,  24 /* key_size */,
     8 /* iv_len */,      sizeof(DES_EDE_KEY), EVP_CIPH_CBC_MODE,
     NULL /* app_data */, des_ede3_init_key,   des_ede3_cbc_cipher,
     NULL /* cleanup */,  NULL /* ctrl */, };
 
-const EVP_CIPHER *EVP_des_ede3_cbc(void) { return &des3_cbc; }
+const EVP_CIPHER *EVP_des_ede3_cbc(void) { return &des_ede3_cbc; }
+
+
+static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key,
+                             const uint8_t *iv, int enc) {
+  DES_cblock *deskey = (DES_cblock *) key;
+  DES_EDE_KEY *dat = (DES_EDE_KEY *) ctx->cipher_data;
+
+  DES_set_key(&deskey[0], &dat->ks.ks[0]);
+  DES_set_key(&deskey[1], &dat->ks.ks[1]);
+  DES_set_key(&deskey[0], &dat->ks.ks[2]);
+
+  return 1;
+}
+
+static const EVP_CIPHER des_ede_cbc = {
+    NID_des_ede_cbc,     8 /* block_size */,  16 /* key_size */,
+    8 /* iv_len */,      sizeof(DES_EDE_KEY), EVP_CIPH_CBC_MODE,
+    NULL /* app_data */, des_ede_init_key ,   des_ede3_cbc_cipher,
+    NULL /* cleanup */,  NULL /* ctrl */, };
+
+const EVP_CIPHER *EVP_des_ede_cbc(void) { return &des_ede_cbc; }

diff --git a/src/crypto/cipher/test/cipher_test.txt b/src/crypto/cipher/test/cipher_test.txt
index 93cb8f3..872f20b 100644
--- a/src/crypto/cipher/test/cipher_test.txt
+++ b/src/crypto/cipher/test/cipher_test.txt

@@ -38,6 +38,14 @@
 Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
 
 
+# DES EDE CBC tests
+Cipher = DES-EDE-CBC
+Key = 0123456789abcdeff1e0d3c2b5a49786
+IV = fedcba9876543210
+Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
+Ciphertext = 7948C0DA4FE91CD815DCA96DBC9B60A857EB954F4DEB08EB98722642AE69257B
+
+
 # AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
 Cipher = AES-128-ECB
 Key = 000102030405060708090A0B0C0D0E0F

diff --git a/src/include/openssl/cipher.h b/src/include/openssl/cipher.h
index 7f5fe04..7d2d608 100644
--- a/src/include/openssl/cipher.h
+++ b/src/include/openssl/cipher.h

@@ -75,6 +75,7 @@
 OPENSSL_EXPORT const EVP_CIPHER *EVP_rc4(void);
 
 OPENSSL_EXPORT const EVP_CIPHER *EVP_des_cbc(void);
+OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede_cbc(void);
 OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede3_cbc(void);
 
 OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_ecb(void);