]>
git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
2 TDES Wrapper Implementation over OpenSSL.
4 Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 #include "InternalCryptLib.h"
16 #include <openssl/des.h>
19 Retrieves the size, in bytes, of the context buffer required for TDES operations.
21 @return The size, in bytes, of the context buffer required for TDES operations.
31 // Memory for 3 copies of DES_key_schedule is allocated, for K1, K2 and K3 each.
33 return (UINTN
) (3 * sizeof (DES_key_schedule
));
37 Initializes user-supplied memory as TDES context for subsequent use.
39 This function initializes user-supplied memory pointed by TdesContext as TDES context.
40 In addtion, it sets up all TDES key materials for subsequent encryption and decryption
42 There are 3 key options as follows:
43 KeyLength = 64, Keying option 1: K1 == K2 == K3 (Backward compatibility with DES)
44 KeyLength = 128, Keying option 2: K1 != K2 and K3 = K1 (Less Security)
45 KeyLength = 192 Keying option 3: K1 != K2 != K3 (Strongest)
47 If TdesContext is NULL, then ASSERT().
48 If Key is NULL, then ASSERT().
49 If KeyLength is not valid, then ASSERT().
51 @param[out] TdesContext Pointer to TDES context being initialized.
52 @param[in] Key Pointer to the user-supplied TDES key.
53 @param[in] KeyLength Length of TDES key in bits.
55 @retval TRUE TDES context initialization succeeded.
56 @retval FALSE TDES context initialization failed.
62 OUT VOID
*TdesContext
,
67 DES_key_schedule
*KeySchedule
;
69 ASSERT (TdesContext
!= NULL
);
71 ASSERT ((KeyLength
== 64) || (KeyLength
== 128) || (KeyLength
== 192));
73 KeySchedule
= (DES_key_schedule
*) TdesContext
;
78 if (DES_is_weak_key ((const_DES_cblock
*) Key
)) {
82 DES_set_key_unchecked ((const_DES_cblock
*) Key
, KeySchedule
);
84 if (KeyLength
== 64) {
85 CopyMem (KeySchedule
+ 1, KeySchedule
, sizeof (DES_key_schedule
));
86 CopyMem (KeySchedule
+ 2, KeySchedule
, sizeof (DES_key_schedule
));
90 if (DES_is_weak_key ((const_DES_cblock
*) Key
+ 8)) {
94 DES_set_key_unchecked ((const_DES_cblock
*) (Key
+ 8), KeySchedule
+ 1);
96 if (KeyLength
== 128) {
97 CopyMem (KeySchedule
+ 2, KeySchedule
, sizeof (DES_key_schedule
));
101 if (DES_is_weak_key ((const_DES_cblock
*) Key
+ 16)) {
105 DES_set_key_unchecked ((const_DES_cblock
*) (Key
+ 16), KeySchedule
+ 2);
111 Performs TDES encryption on a data buffer of the specified size in ECB mode.
113 This function performs TDES encryption on data buffer pointed by Input, of specified
114 size of InputSize, in ECB mode.
115 InputSize must be multiple of block size (8 bytes). This function does not perform
116 padding. Caller must perform padding, if necessary, to ensure valid input data size.
117 TdesContext should be already correctly initialized by TdesInit(). Behavior with
118 invalid TDES context is undefined.
120 If TdesContext is NULL, then ASSERT().
121 If Input is NULL, then ASSERT().
122 If InputSize is not multiple of block size (8 bytes), then ASSERT().
123 If Output is NULL, then ASSERT().
125 @param[in] TdesContext Pointer to the TDES context.
126 @param[in] Input Pointer to the buffer containing the data to be encrypted.
127 @param[in] InputSize Size of the Input buffer in bytes.
128 @param[out] Output Pointer to a buffer that receives the TDES encryption output.
130 @retval TRUE TDES encryption succeeded.
131 @retval FALSE TDES encryption failed.
137 IN VOID
*TdesContext
,
138 IN CONST UINT8
*Input
,
143 DES_key_schedule
*KeySchedule
;
145 ASSERT (TdesContext
!= NULL
);
146 ASSERT (Input
!= NULL
);
147 ASSERT ((InputSize
% TDES_BLOCK_SIZE
) == 0);
148 ASSERT (Output
!= NULL
);
150 KeySchedule
= (DES_key_schedule
*) TdesContext
;
152 while (InputSize
> 0) {
154 (const_DES_cblock
*) Input
,
155 (DES_cblock
*) Output
,
161 Input
+= TDES_BLOCK_SIZE
;
162 Output
+= TDES_BLOCK_SIZE
;
163 InputSize
-= TDES_BLOCK_SIZE
;
170 Performs TDES decryption on a data buffer of the specified size in ECB mode.
172 This function performs TDES decryption on data buffer pointed by Input, of specified
173 size of InputSize, in ECB mode.
174 InputSize must be multiple of block size (8 bytes). This function does not perform
175 padding. Caller must perform padding, if necessary, to ensure valid input data size.
176 TdesContext should be already correctly initialized by TdesInit(). Behavior with
177 invalid TDES context is undefined.
179 If TdesContext is NULL, then ASSERT().
180 If Input is NULL, then ASSERT().
181 If InputSize is not multiple of block size (8 bytes), then ASSERT().
182 If Output is NULL, then ASSERT().
184 @param[in] TdesContext Pointer to the TDES context.
185 @param[in] Input Pointer to the buffer containing the data to be decrypted.
186 @param[in] InputSize Size of the Input buffer in bytes.
187 @param[out] Output Pointer to a buffer that receives the TDES decryption output.
189 @retval TRUE TDES decryption succeeded.
190 @retval FALSE TDES decryption failed.
196 IN VOID
*TdesContext
,
197 IN CONST UINT8
*Input
,
202 DES_key_schedule
*KeySchedule
;
204 ASSERT (TdesContext
!= NULL
);
205 ASSERT (Input
!= NULL
);
206 ASSERT ((InputSize
% TDES_BLOCK_SIZE
) == 0);
207 ASSERT (Output
!= NULL
);
209 KeySchedule
= (DES_key_schedule
*) TdesContext
;
211 while (InputSize
> 0) {
213 (const_DES_cblock
*) Input
,
214 (DES_cblock
*) Output
,
220 Input
+= TDES_BLOCK_SIZE
;
221 Output
+= TDES_BLOCK_SIZE
;
222 InputSize
-= TDES_BLOCK_SIZE
;
229 Performs TDES encryption on a data buffer of the specified size in CBC mode.
231 This function performs TDES encryption on data buffer pointed by Input, of specified
232 size of InputSize, in CBC mode.
233 InputSize must be multiple of block size (8 bytes). This function does not perform
234 padding. Caller must perform padding, if necessary, to ensure valid input data size.
235 Initialization vector should be one block size (8 bytes).
236 TdesContext should be already correctly initialized by TdesInit(). Behavior with
237 invalid TDES context is undefined.
239 If TdesContext is NULL, then ASSERT().
240 If Input is NULL, then ASSERT().
241 If InputSize is not multiple of block size (8 bytes), then ASSERT().
242 If Ivec is NULL, then ASSERT().
243 If Output is NULL, then ASSERT().
245 @param[in] TdesContext Pointer to the TDES context.
246 @param[in] Input Pointer to the buffer containing the data to be encrypted.
247 @param[in] InputSize Size of the Input buffer in bytes.
248 @param[in] Ivec Pointer to initialization vector.
249 @param[out] Output Pointer to a buffer that receives the TDES encryption output.
251 @retval TRUE TDES encryption succeeded.
252 @retval FALSE TDES encryption failed.
258 IN VOID
*TdesContext
,
259 IN CONST UINT8
*Input
,
261 IN CONST UINT8
*Ivec
,
265 DES_key_schedule
*KeySchedule
;
266 UINT8 IvecBuffer
[TDES_BLOCK_SIZE
];
268 ASSERT (TdesContext
!= NULL
);
269 ASSERT (Input
!= NULL
);
270 ASSERT ((InputSize
% TDES_BLOCK_SIZE
) == 0);
271 ASSERT (Ivec
!= NULL
);
272 ASSERT (Output
!= NULL
);
274 KeySchedule
= (DES_key_schedule
*) TdesContext
;
275 CopyMem (IvecBuffer
, Ivec
, TDES_BLOCK_SIZE
);
277 DES_ede3_cbc_encrypt (
284 (DES_cblock
*) IvecBuffer
,
292 Performs TDES decryption on a data buffer of the specified size in CBC mode.
294 This function performs TDES decryption on data buffer pointed by Input, of specified
295 size of InputSize, in CBC mode.
296 InputSize must be multiple of block size (8 bytes). This function does not perform
297 padding. Caller must perform padding, if necessary, to ensure valid input data size.
298 Initialization vector should be one block size (8 bytes).
299 TdesContext should be already correctly initialized by TdesInit(). Behavior with
300 invalid TDES context is undefined.
302 If TdesContext is NULL, then ASSERT().
303 If Input is NULL, then ASSERT().
304 If InputSize is not multiple of block size (8 bytes), then ASSERT().
305 If Ivec is NULL, then ASSERT().
306 If Output is NULL, then ASSERT().
308 @param[in] TdesContext Pointer to the TDES context.
309 @param[in] Input Pointer to the buffer containing the data to be encrypted.
310 @param[in] InputSize Size of the Input buffer in bytes.
311 @param[in] Ivec Pointer to initialization vector.
312 @param[out] Output Pointer to a buffer that receives the TDES encryption output.
314 @retval TRUE TDES decryption succeeded.
315 @retval FALSE TDES decryption failed.
321 IN VOID
*TdesContext
,
322 IN CONST UINT8
*Input
,
324 IN CONST UINT8
*Ivec
,
328 DES_key_schedule
*KeySchedule
;
329 UINT8 IvecBuffer
[TDES_BLOCK_SIZE
];
331 ASSERT (TdesContext
!= NULL
);
332 ASSERT (Input
!= NULL
);
333 ASSERT ((InputSize
% TDES_BLOCK_SIZE
) == 0);
334 ASSERT (Ivec
!= NULL
);
335 ASSERT (Output
!= NULL
);
337 KeySchedule
= (DES_key_schedule
*) TdesContext
;
338 CopyMem (IvecBuffer
, Ivec
, TDES_BLOCK_SIZE
);
340 DES_ede3_cbc_encrypt (
347 (DES_cblock
*) IvecBuffer
,