]>
git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
2 TDES Wrapper Implementation over OpenSSL.
4 Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
9 #include "InternalCryptLib.h"
10 #include <openssl/des.h>
13 Retrieves the size, in bytes, of the context buffer required for TDES operations.
15 @return The size, in bytes, of the context buffer required for TDES operations.
25 // Memory for 3 copies of DES_key_schedule is allocated, for K1, K2 and K3 each.
27 return (UINTN
) (3 * sizeof (DES_key_schedule
));
31 Initializes user-supplied memory as TDES context for subsequent use.
33 This function initializes user-supplied memory pointed by TdesContext as TDES context.
34 In addition, it sets up all TDES key materials for subsequent encryption and decryption
36 There are 3 key options as follows:
37 KeyLength = 64, Keying option 1: K1 == K2 == K3 (Backward compatibility with DES)
38 KeyLength = 128, Keying option 2: K1 != K2 and K3 = K1 (Less Security)
39 KeyLength = 192 Keying option 3: K1 != K2 != K3 (Strongest)
41 If TdesContext is NULL, then return FALSE.
42 If Key is NULL, then return FALSE.
43 If KeyLength is not valid, then return FALSE.
45 @param[out] TdesContext Pointer to TDES context being initialized.
46 @param[in] Key Pointer to the user-supplied TDES key.
47 @param[in] KeyLength Length of TDES key in bits.
49 @retval TRUE TDES context initialization succeeded.
50 @retval FALSE TDES context initialization failed.
56 OUT VOID
*TdesContext
,
61 DES_key_schedule
*KeySchedule
;
64 // Check input parameters.
66 if (TdesContext
== NULL
|| Key
== NULL
|| (KeyLength
!= 64 && KeyLength
!= 128 && KeyLength
!= 192)) {
70 KeySchedule
= (DES_key_schedule
*) TdesContext
;
73 // If input Key is a weak key, return error.
75 if (DES_is_weak_key ((const_DES_cblock
*) Key
) == 1) {
79 DES_set_key_unchecked ((const_DES_cblock
*) Key
, KeySchedule
);
81 if (KeyLength
== 64) {
82 CopyMem (KeySchedule
+ 1, KeySchedule
, sizeof (DES_key_schedule
));
83 CopyMem (KeySchedule
+ 2, KeySchedule
, sizeof (DES_key_schedule
));
87 if (DES_is_weak_key ((const_DES_cblock
*) (Key
+ 8)) == 1) {
91 DES_set_key_unchecked ((const_DES_cblock
*) (Key
+ 8), KeySchedule
+ 1);
93 if (KeyLength
== 128) {
94 CopyMem (KeySchedule
+ 2, KeySchedule
, sizeof (DES_key_schedule
));
98 if (DES_is_weak_key ((const_DES_cblock
*) (Key
+ 16)) == 1) {
102 DES_set_key_unchecked ((const_DES_cblock
*) (Key
+ 16), KeySchedule
+ 2);
108 Performs TDES encryption on a data buffer of the specified size in ECB mode.
110 This function performs TDES encryption on data buffer pointed by Input, of specified
111 size of InputSize, in ECB mode.
112 InputSize must be multiple of block size (8 bytes). This function does not perform
113 padding. Caller must perform padding, if necessary, to ensure valid input data size.
114 TdesContext should be already correctly initialized by TdesInit(). Behavior with
115 invalid TDES context is undefined.
117 If TdesContext is NULL, then return FALSE.
118 If Input is NULL, then return FALSE.
119 If InputSize is not multiple of block size (8 bytes), then return FALSE.
120 If Output is NULL, then return FALSE.
122 @param[in] TdesContext Pointer to the TDES context.
123 @param[in] Input Pointer to the buffer containing the data to be encrypted.
124 @param[in] InputSize Size of the Input buffer in bytes.
125 @param[out] Output Pointer to a buffer that receives the TDES encryption output.
127 @retval TRUE TDES encryption succeeded.
128 @retval FALSE TDES encryption failed.
134 IN VOID
*TdesContext
,
135 IN CONST UINT8
*Input
,
140 DES_key_schedule
*KeySchedule
;
143 // Check input parameters.
145 if (TdesContext
== NULL
|| Input
== NULL
|| (InputSize
% TDES_BLOCK_SIZE
) != 0 || Output
== NULL
) {
149 KeySchedule
= (DES_key_schedule
*) TdesContext
;
151 while (InputSize
> 0) {
153 (const_DES_cblock
*) Input
,
154 (DES_cblock
*) Output
,
160 Input
+= TDES_BLOCK_SIZE
;
161 Output
+= TDES_BLOCK_SIZE
;
162 InputSize
-= TDES_BLOCK_SIZE
;
169 Performs TDES decryption on a data buffer of the specified size in ECB mode.
171 This function performs TDES decryption on data buffer pointed by Input, of specified
172 size of InputSize, in ECB mode.
173 InputSize must be multiple of block size (8 bytes). This function does not perform
174 padding. Caller must perform padding, if necessary, to ensure valid input data size.
175 TdesContext should be already correctly initialized by TdesInit(). Behavior with
176 invalid TDES context is undefined.
178 If TdesContext is NULL, then return FALSE.
179 If Input is NULL, then return FALSE.
180 If InputSize is not multiple of block size (8 bytes), then return FALSE.
181 If Output is NULL, then return FALSE.
183 @param[in] TdesContext Pointer to the TDES context.
184 @param[in] Input Pointer to the buffer containing the data to be decrypted.
185 @param[in] InputSize Size of the Input buffer in bytes.
186 @param[out] Output Pointer to a buffer that receives the TDES decryption output.
188 @retval TRUE TDES decryption succeeded.
189 @retval FALSE TDES decryption failed.
195 IN VOID
*TdesContext
,
196 IN CONST UINT8
*Input
,
201 DES_key_schedule
*KeySchedule
;
204 // Check input parameters.
206 if (TdesContext
== NULL
|| Input
== NULL
|| (InputSize
% TDES_BLOCK_SIZE
) != 0 || Output
== NULL
) {
210 KeySchedule
= (DES_key_schedule
*) TdesContext
;
212 while (InputSize
> 0) {
214 (const_DES_cblock
*) Input
,
215 (DES_cblock
*) Output
,
221 Input
+= TDES_BLOCK_SIZE
;
222 Output
+= TDES_BLOCK_SIZE
;
223 InputSize
-= TDES_BLOCK_SIZE
;
230 Performs TDES encryption on a data buffer of the specified size in CBC mode.
232 This function performs TDES encryption on data buffer pointed by Input, of specified
233 size of InputSize, in CBC mode.
234 InputSize must be multiple of block size (8 bytes). This function does not perform
235 padding. Caller must perform padding, if necessary, to ensure valid input data size.
236 Initialization vector should be one block size (8 bytes).
237 TdesContext should be already correctly initialized by TdesInit(). Behavior with
238 invalid TDES context is undefined.
240 If TdesContext is NULL, then return FALSE.
241 If Input is NULL, then return FALSE.
242 If InputSize is not multiple of block size (8 bytes), then return FALSE.
243 If Ivec is NULL, then return FALSE.
244 If Output is NULL, then return FALSE.
246 @param[in] TdesContext Pointer to the TDES context.
247 @param[in] Input Pointer to the buffer containing the data to be encrypted.
248 @param[in] InputSize Size of the Input buffer in bytes.
249 @param[in] Ivec Pointer to initialization vector.
250 @param[out] Output Pointer to a buffer that receives the TDES encryption output.
252 @retval TRUE TDES encryption succeeded.
253 @retval FALSE TDES encryption failed.
259 IN VOID
*TdesContext
,
260 IN CONST UINT8
*Input
,
262 IN CONST UINT8
*Ivec
,
266 DES_key_schedule
*KeySchedule
;
267 UINT8 IvecBuffer
[TDES_BLOCK_SIZE
];
270 // Check input parameters.
272 if (TdesContext
== NULL
|| Input
== NULL
|| (InputSize
% TDES_BLOCK_SIZE
) != 0) {
276 if (Ivec
== NULL
|| Output
== NULL
|| InputSize
> INT_MAX
) {
280 KeySchedule
= (DES_key_schedule
*) TdesContext
;
281 CopyMem (IvecBuffer
, Ivec
, TDES_BLOCK_SIZE
);
283 DES_ede3_cbc_encrypt (
290 (DES_cblock
*) IvecBuffer
,
298 Performs TDES decryption on a data buffer of the specified size in CBC mode.
300 This function performs TDES decryption on data buffer pointed by Input, of specified
301 size of InputSize, in CBC mode.
302 InputSize must be multiple of block size (8 bytes). This function does not perform
303 padding. Caller must perform padding, if necessary, to ensure valid input data size.
304 Initialization vector should be one block size (8 bytes).
305 TdesContext should be already correctly initialized by TdesInit(). Behavior with
306 invalid TDES context is undefined.
308 If TdesContext is NULL, then return FALSE.
309 If Input is NULL, then return FALSE.
310 If InputSize is not multiple of block size (8 bytes), then return FALSE.
311 If Ivec is NULL, then return FALSE.
312 If Output is NULL, then return FALSE.
314 @param[in] TdesContext Pointer to the TDES context.
315 @param[in] Input Pointer to the buffer containing the data to be encrypted.
316 @param[in] InputSize Size of the Input buffer in bytes.
317 @param[in] Ivec Pointer to initialization vector.
318 @param[out] Output Pointer to a buffer that receives the TDES encryption output.
320 @retval TRUE TDES decryption succeeded.
321 @retval FALSE TDES decryption failed.
327 IN VOID
*TdesContext
,
328 IN CONST UINT8
*Input
,
330 IN CONST UINT8
*Ivec
,
334 DES_key_schedule
*KeySchedule
;
335 UINT8 IvecBuffer
[TDES_BLOCK_SIZE
];
338 // Check input parameters.
340 if (TdesContext
== NULL
|| Input
== NULL
|| (InputSize
% TDES_BLOCK_SIZE
) != 0) {
344 if (Ivec
== NULL
|| Output
== NULL
|| InputSize
> INT_MAX
) {
348 KeySchedule
= (DES_key_schedule
*) TdesContext
;
349 CopyMem (IvecBuffer
, Ivec
, TDES_BLOCK_SIZE
);
351 DES_ede3_cbc_encrypt (
358 (DES_cblock
*) IvecBuffer
,