studio/cli
2
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 4 Wiki Activity

chore: checkpoint before Python removal

Browse Source
This commit is contained in:
Sienna Meridian Satterwhite
2026-03-26 22:33:59 +00:00
parent 683cec9307
commit e568ddf82a
29972 changed files with 11269302 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

474
vendor/aws-lc-sys/aws-lc/crypto/decrepit/bio/base64_bio.c vendored Normal file
View File

@@ -0,0 +1,474 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#include <assert.h>
#include <errno.h>
#include <stdio.h>
#include <string.h>
#include <openssl/base64.h>
#include <openssl/bio.h>
#include <openssl/buffer.h>
#include <openssl/evp.h>
#include <openssl/mem.h>
#include "../../internal.h"
#define B64_BLOCK_SIZE 1024
#define B64_BLOCK_SIZE2 768
#define B64_NONE 0
#define B64_ENCODE 1
#define B64_DECODE 2
#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
typedef struct b64_struct {
int buf_len;
int buf_off;
int tmp_len; // used to find the start when decoding
int tmp_nl; // If true, scan until '\n'
int encode;
int start; // have we started decoding yet?
int cont; // <= 0 when finished
EVP_ENCODE_CTX base64;
char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10];
char tmp[B64_BLOCK_SIZE];
} BIO_B64_CTX;
static int b64_new(BIO *bio) {
BIO_B64_CTX *ctx;
ctx = OPENSSL_zalloc(sizeof(*ctx));
if (ctx == NULL) {
return 0;
}
ctx->cont = 1;
ctx->start = 1;
bio->init = 1;
bio->ptr = (char *)ctx;
return 1;
}
static int b64_free(BIO *bio) {
if (bio == NULL) {
return 0;
}
OPENSSL_free(bio->ptr);
bio->ptr = NULL;
bio->init = 0;
bio->flags = 0;
return 1;
}
static int b64_read(BIO *b, char *out, int outl) {
int ret = 0, i, ii, j, k, x, n, num, ret_code = 0;
BIO_B64_CTX *ctx;
uint8_t *p, *q;
if (out == NULL) {
return 0;
}
ctx = (BIO_B64_CTX *) b->ptr;
if (ctx == NULL || b->next_bio == NULL) {
return 0;
}
BIO_clear_retry_flags(b);
if (ctx->encode != B64_DECODE) {
ctx->encode = B64_DECODE;
ctx->buf_len = 0;
ctx->buf_off = 0;
ctx->tmp_len = 0;
EVP_DecodeInit(&ctx->base64);
}
// First check if there are bytes decoded/encoded
if (ctx->buf_len > 0) {
assert(ctx->buf_len >= ctx->buf_off);
i = ctx->buf_len - ctx->buf_off;
if (i > outl) {
i = outl;
}
assert(ctx->buf_off + i < (int)sizeof(ctx->buf));
OPENSSL_memcpy(out, &ctx->buf[ctx->buf_off], i);
ret = i;
out += i;
outl -= i;
ctx->buf_off += i;
if (ctx->buf_len == ctx->buf_off) {
ctx->buf_len = 0;
ctx->buf_off = 0;
}
}
// At this point, we have room of outl bytes and an empty buffer, so we
// should read in some more.
ret_code = 0;
while (outl > 0) {
if (ctx->cont <= 0) {
break;
}
i = BIO_read(b->next_bio, &(ctx->tmp[ctx->tmp_len]),
B64_BLOCK_SIZE - ctx->tmp_len);
if (i <= 0) {
ret_code = i;
// Should we continue next time we are called?
if (!BIO_should_retry(b->next_bio)) {
ctx->cont = i;
// If buffer empty break
if (ctx->tmp_len == 0) {
break;
} else {
// Fall through and process what we have
i = 0;
}
} else {
// else we retry and add more data to buffer
break;
}
}
i += ctx->tmp_len;
ctx->tmp_len = i;
// We need to scan, a line at a time until we have a valid line if we are
// starting.
if (ctx->start && (BIO_test_flags(b, BIO_FLAGS_BASE64_NO_NL))) {
// ctx->start = 1;
ctx->tmp_len = 0;
} else if (ctx->start) {
q = p = (uint8_t *)ctx->tmp;
num = 0;
for (j = 0; j < i; j++) {
if (*(q++) != '\n') {
continue;
}
// due to a previous very long line, we need to keep on scanning for a
// '\n' before we even start looking for base64 encoded stuff.
if (ctx->tmp_nl) {
p = q;
ctx->tmp_nl = 0;
continue;
}
k = EVP_DecodeUpdate(&(ctx->base64), (uint8_t *)ctx->buf, &num, p,
q - p);
if (k <= 0 && num == 0 && ctx->start) {
EVP_DecodeInit(&ctx->base64);
} else {
if (p != (uint8_t *)&(ctx->tmp[0])) {
i -= (p - (uint8_t *)&(ctx->tmp[0]));
for (x = 0; x < i; x++) {
ctx->tmp[x] = p[x];
}
}
EVP_DecodeInit(&ctx->base64);
ctx->start = 0;
break;
}
p = q;
}
// we fell off the end without starting
if (j == i && num == 0) {
// Is this is one long chunk?, if so, keep on reading until a new
// line.
if (p == (uint8_t *)&(ctx->tmp[0])) {
// Check buffer full
if (i == B64_BLOCK_SIZE) {
ctx->tmp_nl = 1;
ctx->tmp_len = 0;
}
} else if (p != q) { // finished on a '\n'
n = q - p;
for (ii = 0; ii < n; ii++) {
ctx->tmp[ii] = p[ii];
}
ctx->tmp_len = n;
}
// else finished on a '\n'
continue;
} else {
ctx->tmp_len = 0;
}
} else if (i < B64_BLOCK_SIZE && ctx->cont > 0) {
// If buffer isn't full and we can retry then restart to read in more
// data.
continue;
}
if (BIO_test_flags(b, BIO_FLAGS_BASE64_NO_NL)) {
int z, jj;
jj = i & ~3; // process per 4
z = EVP_DecodeBlock((uint8_t *)ctx->buf, (uint8_t *)ctx->tmp, jj);
if (jj > 2) {
if (ctx->tmp[jj - 1] == '=') {
z--;
if (ctx->tmp[jj - 2] == '=') {
z--;
}
}
}
// z is now number of output bytes and jj is the number consumed.
if (jj != i) {
OPENSSL_memmove(ctx->tmp, &ctx->tmp[jj], i - jj);
ctx->tmp_len = i - jj;
}
ctx->buf_len = 0;
if (z > 0) {
ctx->buf_len = z;
}
i = z;
} else {
i = EVP_DecodeUpdate(&(ctx->base64), (uint8_t *)ctx->buf,
&ctx->buf_len, (uint8_t *)ctx->tmp, i);
ctx->tmp_len = 0;
}
ctx->buf_off = 0;
if (i < 0) {
ret_code = 0;
ctx->buf_len = 0;
break;
}
if (ctx->buf_len <= outl) {
i = ctx->buf_len;
} else {
i = outl;
}
OPENSSL_memcpy(out, ctx->buf, i);
ret += i;
ctx->buf_off = i;
if (ctx->buf_off == ctx->buf_len) {
ctx->buf_len = 0;
ctx->buf_off = 0;
}
outl -= i;
out += i;
}
BIO_copy_next_retry(b);
return ret == 0 ? ret_code : ret;
}
static int b64_write(BIO *b, const char *in, int inl) {
int ret = 0, n, i;
BIO_B64_CTX *ctx;
ctx = (BIO_B64_CTX *)b->ptr;
BIO_clear_retry_flags(b);
if (ctx->encode != B64_ENCODE) {
ctx->encode = B64_ENCODE;
ctx->buf_len = 0;
ctx->buf_off = 0;
ctx->tmp_len = 0;
EVP_EncodeInit(&(ctx->base64));
}
assert(ctx->buf_off < (int)sizeof(ctx->buf));
assert(ctx->buf_len <= (int)sizeof(ctx->buf));
assert(ctx->buf_len >= ctx->buf_off);
n = ctx->buf_len - ctx->buf_off;
while (n > 0) {
i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
if (i <= 0) {
BIO_copy_next_retry(b);
return i;
}
assert(i <= n);
ctx->buf_off += i;
assert(ctx->buf_off <= (int)sizeof(ctx->buf));
assert(ctx->buf_len >= ctx->buf_off);
n -= i;
}
// at this point all pending data has been written.
ctx->buf_off = 0;
ctx->buf_len = 0;
if (in == NULL || inl <= 0) {
return 0;
}
while (inl > 0) {
n = (inl > B64_BLOCK_SIZE) ? B64_BLOCK_SIZE : inl;
if (BIO_test_flags(b, BIO_FLAGS_BASE64_NO_NL)) {
if (ctx->tmp_len > 0) {
assert(ctx->tmp_len <= 3);
n = 3 - ctx->tmp_len;
// There's a theoretical possibility of this.
if (n > inl) {
n = inl;
}
OPENSSL_memcpy(&(ctx->tmp[ctx->tmp_len]), in, n);
ctx->tmp_len += n;
ret += n;
if (ctx->tmp_len < 3) {
break;
}
ctx->buf_len = EVP_EncodeBlock((uint8_t *)ctx->buf, (uint8_t *)ctx->tmp,
ctx->tmp_len);
assert(ctx->buf_len <= (int)sizeof(ctx->buf));
assert(ctx->buf_len >= ctx->buf_off);
// Since we're now done using the temporary buffer, the length should
// be zeroed.
ctx->tmp_len = 0;
} else {
if (n < 3) {
OPENSSL_memcpy(ctx->tmp, in, n);
ctx->tmp_len = n;
ret += n;
break;
}
n -= n % 3;
ctx->buf_len =
EVP_EncodeBlock((uint8_t *)ctx->buf, (const uint8_t *)in, n);
assert(ctx->buf_len <= (int)sizeof(ctx->buf));
assert(ctx->buf_len >= ctx->buf_off);
ret += n;
}
} else {
if(!EVP_EncodeUpdate(&(ctx->base64), (uint8_t *)ctx->buf, &ctx->buf_len,
(uint8_t *)in, n)) {
return ((ret == 0) ? -1 : ret);
}
assert(ctx->buf_len <= (int)sizeof(ctx->buf));
assert(ctx->buf_len >= ctx->buf_off);
ret += n;
}
inl -= n;
in += n;
ctx->buf_off = 0;
n = ctx->buf_len;
while (n > 0) {
i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
if (i <= 0) {
BIO_copy_next_retry(b);
return ret == 0 ? i : ret;
}
assert(i <= n);
n -= i;
ctx->buf_off += i;
assert(ctx->buf_off <= (int)sizeof(ctx->buf));
assert(ctx->buf_len >= ctx->buf_off);
}
ctx->buf_len = 0;
ctx->buf_off = 0;
}
return ret;
}
static long b64_ctrl(BIO *b, int cmd, long num, void *ptr) {
BIO_B64_CTX *ctx;
long ret = 1;
int i;
ctx = (BIO_B64_CTX *)b->ptr;
switch (cmd) {
case BIO_CTRL_RESET:
ctx->cont = 1;
ctx->start = 1;
ctx->encode = B64_NONE;
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
break;
case BIO_CTRL_EOF: // More to read
if (ctx->cont <= 0) {
ret = 1;
} else {
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
}
break;
case BIO_CTRL_WPENDING: // More to write in buffer
assert(ctx->buf_len >= ctx->buf_off);
ret = ctx->buf_len - ctx->buf_off;
if ((ret == 0) && (ctx->encode != B64_NONE) && (ctx->base64.data_used != 0)) {
ret = 1;
} else if (ret <= 0) {
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
}
break;
case BIO_CTRL_PENDING: // More to read in buffer
assert(ctx->buf_len >= ctx->buf_off);
ret = ctx->buf_len - ctx->buf_off;
if (ret <= 0) {
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
}
break;
case BIO_CTRL_FLUSH:
// do a final write
again:
while (ctx->buf_len != ctx->buf_off) {
i = b64_write(b, NULL, 0);
if (i < 0) {
return i;
}
}
if (BIO_test_flags(b, BIO_FLAGS_BASE64_NO_NL)) {
if (ctx->tmp_len != 0) {
ctx->buf_len = EVP_EncodeBlock((uint8_t *)ctx->buf,
(uint8_t *)ctx->tmp, ctx->tmp_len);
ctx->buf_off = 0;
ctx->tmp_len = 0;
goto again;
}
} else if (ctx->encode != B64_NONE && ctx->base64.data_used != 0) {
ctx->buf_off = 0;
EVP_EncodeFinal(&(ctx->base64), (uint8_t *)ctx->buf, &(ctx->buf_len));
// push out the bytes
goto again;
}
// Finally flush the underlying BIO
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
break;
case BIO_C_DO_STATE_MACHINE:
BIO_clear_retry_flags(b);
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
BIO_copy_next_retry(b);
break;
case BIO_CTRL_INFO:
case BIO_CTRL_GET:
case BIO_CTRL_SET:
default:
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
break;
}
return ret;
}
static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb fp) {
if (b->next_bio == NULL) {
return 0;
}
return BIO_callback_ctrl(b->next_bio, cmd, fp);
}
static const BIO_METHOD b64_method = {
BIO_TYPE_BASE64, "base64 encoding", b64_write, b64_read, NULL /* puts */,
NULL /* gets */, b64_ctrl, b64_new, b64_free, b64_callback_ctrl,
};
const BIO_METHOD *BIO_f_base64(void) { return &b64_method; }

660
vendor/aws-lc-sys/aws-lc/crypto/decrepit/blowfish/blowfish.c vendored Normal file
View File

@@ -0,0 +1,660 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#include <openssl/blowfish.h>
#include <openssl/cipher.h>
#include <openssl/obj.h>
#include <assert.h>
#include <string.h>
#include "../../fipsmodule/cipher/internal.h"
#include "../../internal.h"
#include "../macros.h"
#define BF_ENC(LL, R, S, P) \
(LL ^= P, \
LL ^= \
(((S[((int)(R >> 24) & 0xff)] + S[0x0100 + ((int)(R >> 16) & 0xff)]) ^ \
S[0x0200 + ((int)(R >> 8) & 0xff)]) + \
S[0x0300 + ((int)(R) & 0xff)]) & \
0xffffffffL)
void BF_encrypt(uint32_t *data, const BF_KEY *key) {
uint32_t l, r;
const uint32_t *p, *s;
p = key->P;
s = &(key->S[0]);
l = data[0];
r = data[1];
l ^= p[0];
BF_ENC(r, l, s, p[1]);
BF_ENC(l, r, s, p[2]);
BF_ENC(r, l, s, p[3]);
BF_ENC(l, r, s, p[4]);
BF_ENC(r, l, s, p[5]);
BF_ENC(l, r, s, p[6]);
BF_ENC(r, l, s, p[7]);
BF_ENC(l, r, s, p[8]);
BF_ENC(r, l, s, p[9]);
BF_ENC(l, r, s, p[10]);
BF_ENC(r, l, s, p[11]);
BF_ENC(l, r, s, p[12]);
BF_ENC(r, l, s, p[13]);
BF_ENC(l, r, s, p[14]);
BF_ENC(r, l, s, p[15]);
BF_ENC(l, r, s, p[16]);
r ^= p[BF_ROUNDS + 1];
data[1] = l & 0xffffffffL;
data[0] = r & 0xffffffffL;
}
void BF_decrypt(uint32_t *data, const BF_KEY *key) {
uint32_t l, r;
const uint32_t *p, *s;
p = key->P;
s = &(key->S[0]);
l = data[0];
r = data[1];
l ^= p[BF_ROUNDS + 1];
BF_ENC(r, l, s, p[16]);
BF_ENC(l, r, s, p[15]);
BF_ENC(r, l, s, p[14]);
BF_ENC(l, r, s, p[13]);
BF_ENC(r, l, s, p[12]);
BF_ENC(l, r, s, p[11]);
BF_ENC(r, l, s, p[10]);
BF_ENC(l, r, s, p[9]);
BF_ENC(r, l, s, p[8]);
BF_ENC(l, r, s, p[7]);
BF_ENC(r, l, s, p[6]);
BF_ENC(l, r, s, p[5]);
BF_ENC(r, l, s, p[4]);
BF_ENC(l, r, s, p[3]);
BF_ENC(r, l, s, p[2]);
BF_ENC(l, r, s, p[1]);
r ^= p[0];
data[1] = l & 0xffffffffL;
data[0] = r & 0xffffffffL;
}
OPENSSL_BEGIN_ALLOW_DEPRECATED
void BF_ecb_encrypt(const uint8_t *in, uint8_t *out, const BF_KEY *key,
int encrypt) {
uint32_t d[2];
n2l(in, d[0]);
n2l(in, d[1]);
if (encrypt) {
BF_encrypt(d, key);
} else {
BF_decrypt(d, key);
}
l2n(d[0], out);
l2n(d[1], out);
}
void BF_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t length,
const BF_KEY *schedule, uint8_t *ivec, int encrypt) {
uint32_t tin0, tin1;
uint32_t tout0, tout1, xor0, xor1;
size_t l = length;
uint32_t tin[2];
if (encrypt) {
n2l(ivec, tout0);
n2l(ivec, tout1);
ivec -= 8;
while (l >= 8) {
n2l(in, tin0);
n2l(in, tin1);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
BF_encrypt(tin, schedule);
tout0 = tin[0];
tout1 = tin[1];
l2n(tout0, out);
l2n(tout1, out);
l -= 8;
}
if (l != 0) {
n2ln(in, tin0, tin1, l);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
BF_encrypt(tin, schedule);
tout0 = tin[0];
tout1 = tin[1];
l2n(tout0, out);
l2n(tout1, out);
}
l2n(tout0, ivec);
l2n(tout1, ivec);
} else {
n2l(ivec, xor0);
n2l(ivec, xor1);
ivec -= 8;
while (l >= 8) {
n2l(in, tin0);
n2l(in, tin1);
tin[0] = tin0;
tin[1] = tin1;
BF_decrypt(tin, schedule);
tout0 = tin[0] ^ xor0;
tout1 = tin[1] ^ xor1;
l2n(tout0, out);
l2n(tout1, out);
xor0 = tin0;
xor1 = tin1;
l -= 8;
}
if (l != 0) {
n2l(in, tin0);
n2l(in, tin1);
tin[0] = tin0;
tin[1] = tin1;
BF_decrypt(tin, schedule);
tout0 = tin[0] ^ xor0;
tout1 = tin[1] ^ xor1;
l2nn(tout0, tout1, out, l);
xor0 = tin0;
xor1 = tin1;
}
l2n(xor0, ivec);
l2n(xor1, ivec);
}
OPENSSL_cleanse(&tin0, sizeof(tin0));
OPENSSL_cleanse(&tin1, sizeof(tin1));
OPENSSL_cleanse(&tout0, sizeof(tout0));
OPENSSL_cleanse(&tout1, sizeof(tout1));
OPENSSL_cleanse(&xor0, sizeof(xor0));
OPENSSL_cleanse(&xor1, sizeof(xor1));
OPENSSL_cleanse(&tin, sizeof(tin));
}
static const BF_KEY bf_init = {
{0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L, 0xa4093822L,
0x299f31d0L, 0x082efa98L, 0xec4e6c89L, 0x452821e6L, 0x38d01377L,
0xbe5466cfL, 0x34e90c6cL, 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L,
0xb5470917L, 0x9216d5d9L, 0x8979fb1b},
{
0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L, 0xb8e1afedL,
0x6a267e96L, 0xba7c9045L, 0xf12c7f99L, 0x24a19947L, 0xb3916cf7L,
0x0801f2e2L, 0x858efc16L, 0x636920d8L, 0x71574e69L, 0xa458fea3L,
0xf4933d7eL, 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL,
0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L, 0xc5d1b023L,
0x286085f0L, 0xca417918L, 0xb8db38efL, 0x8e79dcb0L, 0x603a180eL,
0x6c9e0e8bL, 0xb01e8a3eL, 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL,
0x55605c60L, 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L,
0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL, 0xa15486afL,
0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL, 0x2ba9c55dL, 0x741831f6L,
0xce5c3e16L, 0x9b87931eL, 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L,
0x28958677L, 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L,
0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L, 0xef845d5dL,
0xe98575b1L, 0xdc262302L, 0xeb651b88L, 0x23893e81L, 0xd396acc5L,
0x0f6d6ff3L, 0x83f44239L, 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL,
0x9e1f9b5eL, 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L,
0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L, 0x6eef0b6cL,
0x137a3be4L, 0xba3bf050L, 0x7efb2a98L, 0xa1f1651dL, 0x39af0176L,
0x66ca593eL, 0x82430e88L, 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L,
0x3b8b5ebeL, 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L,
0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL, 0x37d0d724L,
0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL, 0x075372c9L, 0x80991b7bL,
0x25d479d8L, 0xf6e8def7L, 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL,
0x04c006baL, 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L,
0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL, 0x6dfc511fL,
0x9b30952cL, 0xcc814544L, 0xaf5ebd09L, 0xbee3d004L, 0xde334afdL,
0x660f2807L, 0x192e4bb3L, 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L,
0xb9d3fbdbL, 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L,
0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L, 0x3c7516dfL,
0xfd616b15L, 0x2f501ec8L, 0xad0552abL, 0x323db5faL, 0xfd238760L,
0x53317b48L, 0x3e00df82L, 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL,
0xdf1769dbL, 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L,
0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L, 0x10fa3d98L,
0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL, 0x9a53e479L, 0xb6f84565L,
0xd28e49bcL, 0x4bfb9790L, 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L,
0xcee4c6e8L, 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L,
0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L, 0xd08ed1d0L,
0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L, 0x8ff6e2fbL, 0xf2122b64L,
0x8888b812L, 0x900df01cL, 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L,
0xb3a8c1adL, 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L,
0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L, 0xb4a84fe0L,
0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L, 0x165fa266L, 0x80957705L,
0x93cc7314L, 0x211a1477L, 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L,
0xfb9d35cfL, 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L,
0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL, 0x2464369bL,
0xf009b91eL, 0x5563911dL, 0x59dfa6aaL, 0x78c14389L, 0xd95a537fL,
0x207d5ba2L, 0x02e5b9c5L, 0x83260376L, 0x6295cfa9L, 0x11c81968L,
0x4e734a41L, 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L,
0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L, 0x08ba6fb5L,
0x571be91fL, 0xf296ec6bL, 0x2a0dd915L, 0xb6636521L, 0xe7b9f9b6L,
0xff34052eL, 0xc5855664L, 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L,
0x6e85076aL, 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L,
0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L, 0xecaa8c71L,
0x699a17ffL, 0x5664526cL, 0xc2b19ee1L, 0x193602a5L, 0x75094c29L,
0xa0591340L, 0xe4183a3eL, 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L,
0x99f73fd6L, 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L,
0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL, 0x09686b3fL,
0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L, 0x687f3584L, 0x52a0e286L,
0xb79c5305L, 0xaa500737L, 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL,
0x5716f2b8L, 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL,
0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL, 0xd19113f9L,
0x7ca92ff6L, 0x94324773L, 0x22f54701L, 0x3ae5e581L, 0x37c2dadcL,
0xc8b57634L, 0x9af3dda7L, 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL,
0xa4751e41L, 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L,
0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL, 0x2cb81290L,
0x24977c79L, 0x5679b072L, 0xbcaf89afL, 0xde9a771fL, 0xd9930810L,
0xb38bae12L, 0xdccf3f2eL, 0x5512721fL, 0x2e6b7124L, 0x501adde6L,
0x9f84cd87L, 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL,
0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L, 0xef1c1847L,
0x3215d908L, 0xdd433b37L, 0x24c2ba16L, 0x12a14d43L, 0x2a65c451L,
0x50940002L, 0x133ae4ddL, 0x71dff89eL, 0x10314e55L, 0x81ac77d6L,
0x5f11199bL, 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L,
0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL, 0x86e34570L,
0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L, 0x771fe71cL, 0x4e3d06faL,
0x2965dcb9L, 0x99e71d0fL, 0x803e89d6L, 0x5266c825L, 0x2e4cc978L,
0x9c10b36aL, 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L,
0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L, 0x5223a708L,
0xf71312b6L, 0xebadfe6eL, 0xeac31f66L, 0xe3bc4595L, 0xa67bc883L,
0xb17f37d1L, 0x018cff28L, 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L,
0x68ab9802L, 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L,
0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L, 0x13cca830L,
0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL, 0xb5735c90L, 0x4c70a239L,
0xd59e9e0bL, 0xcbaade14L, 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL,
0xb2f3846eL, 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L,
0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L, 0x9b540b19L,
0x875fa099L, 0x95f7997eL, 0x623d7da8L, 0xf837889aL, 0x97e32d77L,
0x11ed935fL, 0x16681281L, 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L,
0x7858ba99L, 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L,
0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L, 0x58ebf2efL,
0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L, 0x5d4a14d9L, 0xe864b7e3L,
0x42105d14L, 0x203e13e0L, 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L,
0xfacb4fd0L, 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L,
0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L, 0xcf62a1f2L,
0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L, 0x7f1524c3L, 0x69cb7492L,
0x47848a0bL, 0x5692b285L, 0x095bbf00L, 0xad19489dL, 0x1462b174L,
0x23820e00L, 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L,
0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL, 0x7cde3759L,
0xcbee7460L, 0x4085f2a7L, 0xce77326eL, 0xa6078084L, 0x19f8509eL,
0xe8efd855L, 0x61d99735L, 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL,
0x800bcadcL, 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L,
0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L, 0xc5c43465L,
0x713e38d8L, 0x3d28f89eL, 0xf16dff20L, 0x153e21e7L, 0x8fb03d4aL,
0xe6e39f2bL, 0xdb83adf7L, 0xe93d5a68L, 0x948140f7L, 0xf64c261cL,
0x94692934L, 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L,
0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL, 0x1e39f62eL,
0x97244546L, 0x14214f74L, 0xbf8b8840L, 0x4d95fc1dL, 0x96b591afL,
0x70f4ddd3L, 0x66a02f45L, 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L,
0x31cb8504L, 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL,
0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL, 0x68dc1462L,
0xd7486900L, 0x680ec0a4L, 0x27a18deeL, 0x4f3ffea2L, 0xe887ad8cL,
0xb58ce006L, 0x7af4d6b6L, 0xaace1e7cL, 0xd3375fecL, 0xce78a399L,
0x406b2a42L, 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL,
0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L, 0x3a6efa74L,
0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL, 0xfb0af54eL, 0xd8feb397L,
0x454056acL, 0xba489527L, 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L,
0xd096954bL, 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L,
0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL, 0xfdf8e802L,
0x04272f70L, 0x80bb155cL, 0x05282ce3L, 0x95c11548L, 0xe4c66d22L,
0x48c1133fL, 0xc70f86dcL, 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L,
0x5d886e17L, 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L,
0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL, 0x0e12b4c2L,
0x02e1329eL, 0xaf664fd1L, 0xcad18115L, 0x6b2395e0L, 0x333e92e1L,
0x3b240b62L, 0xeebeb922L, 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL,
0x2da2f728L, 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L,
0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL, 0x0a476341L,
0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L, 0xa812dc60L, 0xa1ebddf8L,
0x991be14cL, 0xdb6e6b0dL, 0xc67b5510L, 0x6d672c37L, 0x2765d43bL,
0xdcd0e804L, 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL,
0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L, 0xbb132f88L,
0x515bad24L, 0x7b9479bfL, 0x763bd6ebL, 0x37392eb3L, 0xcc115979L,
0x8026e297L, 0xf42e312dL, 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL,
0x782ef11cL, 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L,
0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L, 0x44421659L,
0x0a121386L, 0xd90cec6eL, 0xd5abea2aL, 0x64af674eL, 0xda86a85fL,
0xbebfe988L, 0x64e4c3feL, 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L,
0x6003604dL, 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL,
0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL, 0x77a057beL,
0xbde8ae24L, 0x55464299L, 0xbf582e61L, 0x4e58f48fL, 0xf2ddfda2L,
0xf474ef38L, 0x8789bdc2L, 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L,
0x46fcd9b9L, 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L,
0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL, 0xb90bace1L,
0xbb8205d0L, 0x11a86248L, 0x7574a99eL, 0xb77f19b6L, 0xe0a9dc09L,
0x662d09a1L, 0xc4324633L, 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L,
0x1d6efe10L, 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L,
0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L, 0x50115e01L,
0xa70683faL, 0xa002b5c4L, 0x0de6d027L, 0x9af88c27L, 0x773f8641L,
0xc3604c06L, 0x61a806b5L, 0xf0177a28L, 0xc0f586e0L, 0x006058aaL,
0x30dc7d62L, 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L,
0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L, 0x6f05e409L,
0x4b7c0188L, 0x39720a3dL, 0x7c927c24L, 0x86e3725fL, 0x724d9db9L,
0x1ac15bb4L, 0xd39eb8fcL, 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L,
0x4dad0fc4L, 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL,
0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L, 0xd79a3234L,
0x92638212L, 0x670efa8eL, 0x406000e0L, 0x3a39ce37L, 0xd3faf5cfL,
0xabc27737L, 0x5ac52d1bL, 0x5cb0679eL, 0x4fa33742L, 0xd3822740L,
0x99bc9bbeL, 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL,
0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L, 0x5748ab2fL,
0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L, 0x530ff8eeL, 0x468dde7dL,
0xd5730a1dL, 0x4cd04dc6L, 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L,
0xbe5ee304L, 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L,
0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L, 0x83c061baL,
0x9be96a4dL, 0x8fe51550L, 0xba645bd6L, 0x2826a2f9L, 0xa73a3ae1L,
0x4ba99586L, 0xef5562e9L, 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L,
0x77fa0a59L, 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L,
0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L, 0x96d5ac3aL,
0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L, 0x1f9f25cfL, 0xadf2b89bL,
0x5ad6b472L, 0x5a88f54cL, 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL,
0xed93fa9bL, 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L,
0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL, 0x15056dd4L,
0x88f46dbaL, 0x03a16125L, 0x0564f0bdL, 0xc3eb9e15L, 0x3c9057a2L,
0x97271aecL, 0xa93a072aL, 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL,
0x26dcf319L, 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL,
0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL, 0x4de81751L,
0x3830dc8eL, 0x379d5862L, 0x9320f991L, 0xea7a90c2L, 0xfb3e7bceL,
0x5121ce64L, 0x774fbe32L, 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L,
0x6413e680L, 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L,
0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL, 0x5bbef7ddL,
0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL, 0xdda26a7eL, 0x3a59ff45L,
0x3e350a44L, 0xbcb4cdd5L, 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL,
0xbf3c6f47L, 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L,
0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL, 0x4040cb08L,
0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L, 0xe1b00428L, 0x95983a1dL,
0x06b89fb4L, 0xce6ea048L, 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL,
0x277227f8L, 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL,
0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L, 0xe01cc87eL,
0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L, 0x1a908749L, 0xd44fbd9aL,
0xd0dadecbL, 0xd50ada38L, 0x0339c32aL, 0xc6913667L, 0x8df9317cL,
0xe0b12b4fL, 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL,
0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L, 0xfae59361L,
0xceb69cebL, 0xc2a86459L, 0x12baa8d1L, 0xb6c1075eL, 0xe3056a0cL,
0x10d25065L, 0xcb03a442L, 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL,
0x3278e964L, 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL,
0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L, 0xdf359f8dL,
0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL, 0xe54cda54L, 0x1edad891L,
0xce6279cfL, 0xcd3e7e6fL, 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L,
0xf6fb2299L, 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L,
0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL, 0xde966292L,
0x81b949d0L, 0x4c50901bL, 0x71c65614L, 0xe6c6c7bdL, 0x327a140aL,
0x45e1d006L, 0xc3f27b9aL, 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L,
0x35bdd2f6L, 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL,
0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L, 0xba38209cL,
0xf746ce76L, 0x77afa1c5L, 0x20756060L, 0x85cbfe4eL, 0x8ae88dd8L,
0x7aaaf9b0L, 0x4cf9aa7eL, 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L,
0xd6ebe1f9L, 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL,
0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L,
},
};
void BF_set_key(BF_KEY *key, size_t len, const uint8_t *data) {
int i;
uint32_t *p, ri, in[2];
const uint8_t *d, *end;
OPENSSL_memcpy(key, &bf_init, sizeof(BF_KEY));
p = key->P;
if (len > ((BF_ROUNDS + 2) * 4))
len = (BF_ROUNDS + 2) * 4;
d = data;
end = &data[len];
for (i = 0; i < BF_ROUNDS + 2; i++) {
ri = *(d++);
if (d >= end) {
d = data;
}
ri <<= 8;
ri |= *(d++);
if (d >= end) {
d = data;
}
ri <<= 8;
ri |= *(d++);
if (d >= end) {
d = data;
}
ri <<= 8;
ri |= *(d++);
if (d >= end) {
d = data;
}
p[i] ^= ri;
}
in[0] = 0L;
in[1] = 0L;
for (i = 0; i < BF_ROUNDS + 2; i += 2) {
BF_encrypt(in, key);
p[i] = in[0];
p[i + 1] = in[1];
}
p = key->S;
for (i = 0; i < 4 * 256; i += 2) {
BF_encrypt(in, key);
p[i] = in[0];
p[i + 1] = in[1];
}
}
void BF_cfb64_encrypt(const uint8_t *in, uint8_t *out, size_t length,
const BF_KEY *schedule, uint8_t *ivec, int *num,
int encrypt) {
uint32_t v0, v1, t;
int n = *num & 0x07;
size_t l = length;
uint32_t ti[2];
uint8_t c, cc;
uint8_t *iv = ivec;
if (encrypt) {
while (l--) {
if (n == 0) {
n2l(iv, v0);
ti[0] = v0;
n2l(iv, v1);
ti[1] = v1;
BF_encrypt(ti, schedule);
iv = ivec;
t = ti[0];
l2n(t, iv);
t = ti[1];
l2n(t, iv);
iv = ivec;
}
c = *(in++) ^ iv[n];
*(out++) = c;
iv[n] = c;
n = (n + 1) & 0x07;
}
} else {
while (l--) {
if (n == 0) {
n2l(iv, v0);
ti[0] = v0;
n2l(iv, v1);
ti[1] = v1;
BF_encrypt(ti, schedule);
iv = ivec;
t = ti[0];
l2n(t, iv);
t = ti[1];
l2n(t, iv);
iv = ivec;
}
cc = *(in++);
c = iv[n];
iv[n] = cc;
*(out++) = c ^ cc;
n = (n + 1) & 0x07;
}
}
*num = n;
}
void BF_ofb64_encrypt(const uint8_t *in, uint8_t *out, size_t length,
const BF_KEY *schedule, uint8_t *ivec, int *num) {
uint32_t v0 = 0, v1 = 0, t = 0;
int n = *num & 0x07;
size_t l = length;
uint8_t d[8] = {0};
uint8_t *dp = NULL;
uint32_t ti[2] = {0};
uint8_t *iv = NULL;
int save = 0;
iv = ivec;
n2l(iv, v0);
n2l(iv, v1);
ti[0] = v0;
ti[1] = v1;
dp = d;
l2n(v0, dp);
l2n(v1, dp);
while (l--) {
if (n == 0) {
BF_encrypt(ti, schedule);
dp = d;
t = ti[0];
l2n(t, dp);
t = ti[1];
l2n(t, dp);
save++;
}
*(out++) = *(in++) ^ d[n];
n = (n + 1) & 0x07;
}
if (save) {
v0 = ti[0];
v1 = ti[1];
iv = ivec;
l2n(v0, iv);
l2n(v1, iv);
}
OPENSSL_cleanse(&t, sizeof(t));
OPENSSL_cleanse(&v0, sizeof(v0));
OPENSSL_cleanse(&v1, sizeof(v1));
OPENSSL_cleanse(ti, sizeof(ti));
OPENSSL_cleanse(d, sizeof(d));
*num = n;
}
static int bf_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key,
const uint8_t *iv, int enc) {
BF_KEY *bf_key = ctx->cipher_data;
BF_set_key(bf_key, ctx->key_len, key);
return 1;
}
static int bf_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
size_t len) {
BF_KEY *bf_key = ctx->cipher_data;
while (len >= BF_BLOCK) {
BF_ecb_encrypt(in, out, bf_key, ctx->encrypt);
in += BF_BLOCK;
out += BF_BLOCK;
len -= BF_BLOCK;
}
assert(len == 0);
return 1;
}
static int bf_cbc_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
size_t len) {
BF_KEY *bf_key = ctx->cipher_data;
BF_cbc_encrypt(in, out, len, bf_key, ctx->iv, ctx->encrypt);
return 1;
}
static int bf_cfb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
size_t len) {
BF_KEY *bf_key = ctx->cipher_data;
int num = ctx->num;
BF_cfb64_encrypt(in, out, len, bf_key, ctx->iv, &num, ctx->encrypt);
ctx->num = num;
return 1;
}
static int bf_ofb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
size_t len) {
BF_KEY *bf_key = ctx->cipher_data;
int num = ctx->num;
BF_ofb64_encrypt(in, out, len, bf_key, ctx->iv, &num);
ctx->num = num;
return 1;
}
OPENSSL_END_ALLOW_DEPRECATED
static const EVP_CIPHER bf_ecb = {
.nid = NID_bf_ecb,
.block_size = BF_BLOCK,
.key_len = 16,
.iv_len = BF_BLOCK,
.ctx_size = sizeof(BF_KEY),
.flags = EVP_CIPH_ECB_MODE | EVP_CIPH_VARIABLE_LENGTH,
.init = bf_init_key,
.cipher = bf_ecb_cipher,
};
static const EVP_CIPHER bf_cbc = {
.nid = NID_bf_cbc,
.block_size = BF_BLOCK,
.key_len = 16,
.iv_len = BF_BLOCK,
.ctx_size = sizeof(BF_KEY),
.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH,
.init = bf_init_key,
.cipher = bf_cbc_cipher,
};
static const EVP_CIPHER bf_cfb = {
.nid = NID_bf_cfb64,
.block_size = 1,
.key_len = 16,
.iv_len = BF_BLOCK,
.ctx_size = sizeof(BF_KEY),
.flags = EVP_CIPH_CFB_MODE | EVP_CIPH_VARIABLE_LENGTH,
.init = bf_init_key,
.cipher = bf_cfb_cipher,
};
static const EVP_CIPHER bf_ofb = {
.nid = NID_bf_ofb64,
.block_size = 1,
.key_len = 16,
.iv_len = BF_BLOCK,
.ctx_size = sizeof(BF_KEY),
.flags = EVP_CIPH_OFB_MODE | EVP_CIPH_VARIABLE_LENGTH,
.init = bf_init_key,
.cipher = bf_ofb_cipher,
};
const EVP_CIPHER *EVP_bf_ecb(void) { return &bf_ecb; }
const EVP_CIPHER *EVP_bf_cbc(void) { return &bf_cbc; }
const EVP_CIPHER *EVP_bf_cfb(void) { return &bf_cfb; }
const EVP_CIPHER *EVP_bf_cfb64(void) { return &bf_cfb; }
const EVP_CIPHER *EVP_bf_ofb(void) { return &bf_ofb; }

529
vendor/aws-lc-sys/aws-lc/crypto/decrepit/blowfish/blowfish_test.cc vendored Normal file
View File

@@ -0,0 +1,529 @@
// Copyright (c) 2019, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/blowfish.h>
#include <openssl/cipher.h>
#include <gtest/gtest.h>
#include "../../internal.h"
#include "../../test/test_util.h"
struct BlowfishTestCase {
uint8_t key[16];
uint8_t plaintext[16];
uint8_t iv[8];
uint8_t ecb_ciphertext[16];
uint8_t cbc_ciphertext[24];
uint8_t cfb_ciphertext[16];
uint8_t ofb_ciphertext[16];
};
static const BlowfishTestCase kTests[] = {
// Randomly generated test cases. Checked against vanilla OpenSSL.
{
{0xbb, 0x56, 0xb1, 0x27, 0x7c, 0x4c, 0xdd, 0x5a, 0x99, 0x90, 0x1e, 0x6f,
0xeb, 0x36, 0x6c, 0xf3},
{0xa6, 0x5b, 0xe0, 0x99, 0xad, 0x5d, 0x91, 0x98, 0x37, 0xc1, 0xa4, 0x7f,
0x01, 0x24, 0x9a, 0x6b},
{0xd5, 0x8a, 0x5c, 0x29, 0xeb, 0xee, 0xed, 0x76},
{0xda, 0x6e, 0x18, 0x9c, 0x03, 0x59, 0x12, 0x61, 0xfa, 0x20, 0xd9, 0xce,
0xee, 0x43, 0x9d, 0x05},
{0x4f, 0x8b, 0x3e, 0x17, 0xa5, 0x35, 0x9b, 0xcb,
0xdf, 0x3c, 0x52, 0xfb, 0xe5, 0x20, 0xdd, 0x53,
0xd5, 0xf8, 0x1a, 0x6c, 0xf0, 0x99, 0x34, 0x94},
{0xfd, 0x65, 0xc5, 0xa6, 0x07, 0x07, 0xb5, 0xf3, 0x2e, 0xfb, 0x12, 0xc3,
0x7f, 0x45, 0x37, 0x54},
{0xfd, 0x65, 0xc5, 0xa6, 0x07, 0x07, 0xb5, 0xf3, 0x3a, 0x27, 0x62, 0xbe,
0xfe, 0xb8, 0x14, 0x91},
},
{
{0x5d, 0x98, 0xa9, 0xd2, 0x27, 0x5d, 0xc8, 0x8c, 0x8c, 0xee, 0x23, 0x7f,
0x8e, 0x2b, 0xd4, 0x8d},
{0x60, 0xec, 0x31, 0xda, 0x25, 0x07, 0x02, 0x14, 0x84, 0x44, 0x96, 0xa6,
0x04, 0x81, 0xca, 0x4e},
{0x96, 0x4c, 0xa4, 0x07, 0xee, 0x1c, 0xd1, 0xfb},
{0x83, 0x8a, 0xef, 0x18, 0x53, 0x96, 0xec, 0xf3, 0xf4, 0xd9, 0xe8, 0x4b,
0x2c, 0x3f, 0xe7, 0x27},
{0xad, 0x78, 0x70, 0x06, 0x2e, 0x5e, 0xa5, 0x21,
0xdd, 0xe8, 0xa0, 0xb9, 0xdb, 0x0c, 0x81, 0x1d,
0x0a, 0xd3, 0xa9, 0x63, 0x78, 0xac, 0x82, 0x64},
{0x43, 0x2f, 0xf3, 0x23, 0xf4, 0x5c, 0xbf, 0x05, 0x53, 0x3c, 0x9e, 0xd6,
0xd3, 0xd2, 0xc0, 0xf0},
{0x43, 0x2f, 0xf3, 0x23, 0xf4, 0x5c, 0xbf, 0x05, 0xeb, 0x7e, 0xde, 0xc5,
0xd7, 0xe4, 0xf4, 0x3e},
},
};
TEST(Blowfish, ECB) {
unsigned test_num = 0;
for (const auto &test : kTests) {
test_num++;
SCOPED_TRACE(test_num);
uint8_t out[sizeof(test.ecb_ciphertext)];
int out_bytes, final_bytes;
bssl::ScopedEVP_CIPHER_CTX ctx;
ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_bf_ecb(), nullptr, test.key,
nullptr));
ASSERT_TRUE(EVP_CIPHER_CTX_set_padding(ctx.get(), 0 /* no padding */));
ASSERT_TRUE(EVP_EncryptUpdate(ctx.get(), out, &out_bytes, test.plaintext,
sizeof(test.plaintext)));
ASSERT_TRUE(EVP_EncryptFinal_ex(ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.ecb_ciphertext), Bytes(out));
bssl::ScopedEVP_CIPHER_CTX decrypt_ctx;
ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_bf_ecb(), nullptr,
test.key, nullptr));
ASSERT_TRUE(
EVP_CIPHER_CTX_set_padding(decrypt_ctx.get(), 0 /* no padding */));
ASSERT_TRUE(EVP_DecryptUpdate(decrypt_ctx.get(), out, &out_bytes,
test.ecb_ciphertext,
sizeof(test.ecb_ciphertext)));
ASSERT_TRUE(
EVP_DecryptFinal_ex(decrypt_ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.plaintext), Bytes(out));
}
}
TEST(Blowfish, CBC) {
unsigned test_num = 0;
for (const auto &test : kTests) {
test_num++;
SCOPED_TRACE(test_num);
uint8_t out[sizeof(test.cbc_ciphertext)];
int out_bytes, final_bytes;
bssl::ScopedEVP_CIPHER_CTX ctx;
ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_bf_cbc(), nullptr, test.key,
test.iv));
ASSERT_TRUE(EVP_EncryptUpdate(ctx.get(), out, &out_bytes, test.plaintext,
sizeof(test.plaintext)));
EXPECT_TRUE(EVP_EncryptFinal_ex(ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.cbc_ciphertext));
EXPECT_EQ(Bytes(test.cbc_ciphertext), Bytes(out));
bssl::ScopedEVP_CIPHER_CTX decrypt_ctx;
ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_bf_cbc(), nullptr,
test.key, test.iv));
ASSERT_TRUE(EVP_DecryptUpdate(decrypt_ctx.get(), out, &out_bytes,
test.cbc_ciphertext,
sizeof(test.cbc_ciphertext)));
EXPECT_TRUE(
EVP_DecryptFinal_ex(decrypt_ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.plaintext), Bytes(out, out_bytes + final_bytes));
}
}
TEST(Blowfish, CFB) {
unsigned test_num = 0;
for (const auto &test : kTests) {
test_num++;
SCOPED_TRACE(test_num);
uint8_t out[sizeof(test.cfb_ciphertext)];
int out_bytes, final_bytes;
bssl::ScopedEVP_CIPHER_CTX ctx;
ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_bf_cfb(), nullptr, test.key,
test.iv));
ASSERT_TRUE(EVP_EncryptUpdate(ctx.get(), out, &out_bytes, test.plaintext,
sizeof(test.plaintext)));
ASSERT_TRUE(EVP_EncryptFinal_ex(ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.cfb_ciphertext), Bytes(out));
bssl::ScopedEVP_CIPHER_CTX decrypt_ctx;
ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_bf_cfb(), nullptr,
test.key, test.iv));
ASSERT_TRUE(EVP_DecryptUpdate(decrypt_ctx.get(), out, &out_bytes,
test.cfb_ciphertext,
sizeof(test.cfb_ciphertext)));
ASSERT_TRUE(
EVP_DecryptFinal_ex(decrypt_ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.plaintext), Bytes(out));
}
}
TEST(Blowfish, CFB64) {
unsigned test_num = 0;
for (const auto &test : kTests) {
test_num++;
SCOPED_TRACE(test_num);
uint8_t out[sizeof(test.cfb_ciphertext)];
int out_bytes, final_bytes;
bssl::ScopedEVP_CIPHER_CTX ctx;
ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_bf_cfb64(), nullptr, test.key,
test.iv));
ASSERT_TRUE(EVP_EncryptUpdate(ctx.get(), out, &out_bytes, test.plaintext,
sizeof(test.plaintext)));
ASSERT_TRUE(EVP_EncryptFinal_ex(ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.cfb_ciphertext), Bytes(out));
bssl::ScopedEVP_CIPHER_CTX decrypt_ctx;
ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_bf_cfb64(), nullptr,
test.key, test.iv));
ASSERT_TRUE(EVP_DecryptUpdate(decrypt_ctx.get(), out, &out_bytes,
test.cfb_ciphertext,
sizeof(test.cfb_ciphertext)));
ASSERT_TRUE(
EVP_DecryptFinal_ex(decrypt_ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.plaintext), Bytes(out));
}
}
TEST(Blowfish, OFB) {
unsigned test_num = 0;
for (const auto &test : kTests) {
test_num++;
SCOPED_TRACE(test_num);
uint8_t out[sizeof(test.ofb_ciphertext)];
int out_bytes = 0, final_bytes = 0;
bssl::ScopedEVP_CIPHER_CTX ctx;
ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_bf_ofb(), nullptr, test.key,
test.iv));
ASSERT_TRUE(EVP_EncryptUpdate(ctx.get(), out, &out_bytes, test.plaintext,
sizeof(test.plaintext)));
ASSERT_TRUE(EVP_EncryptFinal_ex(ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.ofb_ciphertext), Bytes(out));
bssl::ScopedEVP_CIPHER_CTX decrypt_ctx;
ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_bf_ofb(), nullptr,
test.key, test.iv));
ASSERT_TRUE(EVP_DecryptUpdate(decrypt_ctx.get(), out, &out_bytes,
test.ofb_ciphertext,
sizeof(test.ofb_ciphertext)));
ASSERT_TRUE(
EVP_DecryptFinal_ex(decrypt_ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.plaintext), Bytes(out));
}
}
// OpenSSL 1.1.1 Blowfish Test Data Below
struct ossl_bf_key {
uint8_t key[30];
size_t len;
};
static ossl_bf_key bf_key[2] = {
{
{0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69,
0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72,
0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a},
26,
},
{{0x57, 0x68, 0x6f, 0x20, 0x69, 0x73, 0x20, 0x4a, 0x6f, 0x68, 0x6e, 0x20,
0x47, 0x61, 0x6c, 0x74, 0x3f},
17},
};
/* big endian */
static uint32_t bf_plain[2][2] = {{0x424c4f57L, 0x46495348L},
{0xfedcba98L, 0x76543210L}};
static uint32_t bf_cipher[2][2] = {{0x324ed0feL, 0xf413a203L},
{0xcc91732bL, 0x8022f684L}};
#define NUM_TESTS 34
static uint8_t ecb_data[NUM_TESTS][8] = {
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
{0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
{0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57},
{0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E},
{0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86},
{0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E},
{0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6},
{0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE},
{0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6},
{0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE},
{0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16},
{0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F},
{0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46},
{0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E},
{0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76},
{0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07},
{0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F},
{0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7},
{0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF},
{0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6},
{0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF},
{0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
{0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
{0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}};
static uint8_t plain_data[NUM_TESTS][8] = {
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
{0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
{0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
{0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0x01, 0xA1, 0xD6, 0xD0, 0x39, 0x77, 0x67, 0x42},
{0x5C, 0xD5, 0x4C, 0xA8, 0x3D, 0xEF, 0x57, 0xDA},
{0x02, 0x48, 0xD4, 0x38, 0x06, 0xF6, 0x71, 0x72},
{0x51, 0x45, 0x4B, 0x58, 0x2D, 0xDF, 0x44, 0x0A},
{0x42, 0xFD, 0x44, 0x30, 0x59, 0x57, 0x7F, 0xA2},
{0x05, 0x9B, 0x5E, 0x08, 0x51, 0xCF, 0x14, 0x3A},
{0x07, 0x56, 0xD8, 0xE0, 0x77, 0x47, 0x61, 0xD2},
{0x76, 0x25, 0x14, 0xB8, 0x29, 0xBF, 0x48, 0x6A},
{0x3B, 0xDD, 0x11, 0x90, 0x49, 0x37, 0x28, 0x02},
{0x26, 0x95, 0x5F, 0x68, 0x35, 0xAF, 0x60, 0x9A},
{0x16, 0x4D, 0x5E, 0x40, 0x4F, 0x27, 0x52, 0x32},
{0x6B, 0x05, 0x6E, 0x18, 0x75, 0x9F, 0x5C, 0xCA},
{0x00, 0x4B, 0xD6, 0xEF, 0x09, 0x17, 0x60, 0x62},
{0x48, 0x0D, 0x39, 0x00, 0x6E, 0xE7, 0x62, 0xF2},
{0x43, 0x75, 0x40, 0xC8, 0x69, 0x8F, 0x3C, 0xFA},
{0x07, 0x2D, 0x43, 0xA0, 0x77, 0x07, 0x52, 0x92},
{0x02, 0xFE, 0x55, 0x77, 0x81, 0x17, 0xF1, 0x2A},
{0x1D, 0x9D, 0x5C, 0x50, 0x18, 0xF7, 0x28, 0xC2},
{0x30, 0x55, 0x32, 0x28, 0x6D, 0x6F, 0x29, 0x5A},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}};
static uint8_t cipher_data[NUM_TESTS][8] = {
{0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78},
{0x51, 0x86, 0x6F, 0xD5, 0xB8, 0x5E, 0xCB, 0x8A},
{0x7D, 0x85, 0x6F, 0x9A, 0x61, 0x30, 0x63, 0xF2},
{0x24, 0x66, 0xDD, 0x87, 0x8B, 0x96, 0x3C, 0x9D},
{0x61, 0xF9, 0xC3, 0x80, 0x22, 0x81, 0xB0, 0x96},
{0x7D, 0x0C, 0xC6, 0x30, 0xAF, 0xDA, 0x1E, 0xC7},
{0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78},
{0x0A, 0xCE, 0xAB, 0x0F, 0xC6, 0xA0, 0xA2, 0x8D},
{0x59, 0xC6, 0x82, 0x45, 0xEB, 0x05, 0x28, 0x2B},
{0xB1, 0xB8, 0xCC, 0x0B, 0x25, 0x0F, 0x09, 0xA0},
{0x17, 0x30, 0xE5, 0x77, 0x8B, 0xEA, 0x1D, 0xA4},
{0xA2, 0x5E, 0x78, 0x56, 0xCF, 0x26, 0x51, 0xEB},
{0x35, 0x38, 0x82, 0xB1, 0x09, 0xCE, 0x8F, 0x1A},
{0x48, 0xF4, 0xD0, 0x88, 0x4C, 0x37, 0x99, 0x18},
{0x43, 0x21, 0x93, 0xB7, 0x89, 0x51, 0xFC, 0x98},
{0x13, 0xF0, 0x41, 0x54, 0xD6, 0x9D, 0x1A, 0xE5},
{0x2E, 0xED, 0xDA, 0x93, 0xFF, 0xD3, 0x9C, 0x79},
{0xD8, 0x87, 0xE0, 0x39, 0x3C, 0x2D, 0xA6, 0xE3},
{0x5F, 0x99, 0xD0, 0x4F, 0x5B, 0x16, 0x39, 0x69},
{0x4A, 0x05, 0x7A, 0x3B, 0x24, 0xD3, 0x97, 0x7B},
{0x45, 0x20, 0x31, 0xC1, 0xE4, 0xFA, 0xDA, 0x8E},
{0x75, 0x55, 0xAE, 0x39, 0xF5, 0x9B, 0x87, 0xBD},
{0x53, 0xC5, 0x5F, 0x9C, 0xB4, 0x9F, 0xC0, 0x19},
{0x7A, 0x8E, 0x7B, 0xFA, 0x93, 0x7E, 0x89, 0xA3},
{0xCF, 0x9C, 0x5D, 0x7A, 0x49, 0x86, 0xAD, 0xB5},
{0xD1, 0xAB, 0xB2, 0x90, 0x65, 0x8B, 0xC7, 0x78},
{0x55, 0xCB, 0x37, 0x74, 0xD1, 0x3E, 0xF2, 0x01},
{0xFA, 0x34, 0xEC, 0x48, 0x47, 0xB2, 0x68, 0xB2},
{0xA7, 0x90, 0x79, 0x51, 0x08, 0xEA, 0x3C, 0xAE},
{0xC3, 0x9E, 0x07, 0x2D, 0x9F, 0xAC, 0x63, 0x1D},
{0x01, 0x49, 0x33, 0xE0, 0xCD, 0xAF, 0xF6, 0xE4},
{0xF2, 0x1E, 0x9A, 0x77, 0xB7, 0x1C, 0x49, 0xBC},
{0x24, 0x59, 0x46, 0x88, 0x57, 0x54, 0x36, 0x9A},
{0x6B, 0x5C, 0x5A, 0x9C, 0x5D, 0x9E, 0x0A, 0x5A},
};
static uint8_t cbc_key[16] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87};
static uint8_t cbc_iv[8] = {0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10};
static uint8_t cbc_data[29] = {0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20,
0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74,
0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20,
0x66, 0x6f, 0x72, 0x20, 0x00};
static uint8_t cbc_ok[32] = {0x6B, 0x77, 0xB4, 0xD6, 0x30, 0x06, 0xDE, 0xE6,
0x05, 0xB1, 0x56, 0xE2, 0x74, 0x03, 0x97, 0x93,
0x58, 0xDE, 0xB9, 0xE7, 0x15, 0x46, 0x16, 0xD9,
0x59, 0xF1, 0x65, 0x2B, 0xD5, 0xFF, 0x92, 0xCC};
static uint8_t cfb64_ok[] = {0xE7, 0x32, 0x14, 0xA2, 0x82, 0x21, 0x39, 0xCA,
0xF2, 0x6E, 0xCF, 0x6D, 0x2E, 0xB9, 0xE7, 0x6E,
0x3D, 0xA3, 0xDE, 0x04, 0xD1, 0x51, 0x72, 0x00,
0x51, 0x9D, 0x57, 0xA6, 0xC3};
static uint8_t ofb64_ok[] = {0xE7, 0x32, 0x14, 0xA2, 0x82, 0x21, 0x39, 0xCA,
0x62, 0xB3, 0x43, 0xCC, 0x5B, 0x65, 0x58, 0x73,
0x10, 0xDD, 0x90, 0x8D, 0x0C, 0x24, 0x1B, 0x22,
0x63, 0xC2, 0xCF, 0x80, 0xDA};
#define KEY_TEST_NUM 25
static uint8_t key_test[KEY_TEST_NUM] = {
0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, 0x78,
0x69, 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f, 0x00, 0x11,
0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88};
static uint8_t key_data[8] = {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10};
static uint8_t key_out[KEY_TEST_NUM][8] = {
{0xF9, 0xAD, 0x59, 0x7C, 0x49, 0xDB, 0x00, 0x5E},
{0xE9, 0x1D, 0x21, 0xC1, 0xD9, 0x61, 0xA6, 0xD6},
{0xE9, 0xC2, 0xB7, 0x0A, 0x1B, 0xC6, 0x5C, 0xF3},
{0xBE, 0x1E, 0x63, 0x94, 0x08, 0x64, 0x0F, 0x05},
{0xB3, 0x9E, 0x44, 0x48, 0x1B, 0xDB, 0x1E, 0x6E},
{0x94, 0x57, 0xAA, 0x83, 0xB1, 0x92, 0x8C, 0x0D},
{0x8B, 0xB7, 0x70, 0x32, 0xF9, 0x60, 0x62, 0x9D},
{0xE8, 0x7A, 0x24, 0x4E, 0x2C, 0xC8, 0x5E, 0x82},
{0x15, 0x75, 0x0E, 0x7A, 0x4F, 0x4E, 0xC5, 0x77},
{0x12, 0x2B, 0xA7, 0x0B, 0x3A, 0xB6, 0x4A, 0xE0},
{0x3A, 0x83, 0x3C, 0x9A, 0xFF, 0xC5, 0x37, 0xF6},
{0x94, 0x09, 0xDA, 0x87, 0xA9, 0x0F, 0x6B, 0xF2},
{0x88, 0x4F, 0x80, 0x62, 0x50, 0x60, 0xB8, 0xB4},
{0x1F, 0x85, 0x03, 0x1C, 0x19, 0xE1, 0x19, 0x68},
{0x79, 0xD9, 0x37, 0x3A, 0x71, 0x4C, 0xA3, 0x4F},
{0x93, 0x14, 0x28, 0x87, 0xEE, 0x3B, 0xE1, 0x5C},
{0x03, 0x42, 0x9E, 0x83, 0x8C, 0xE2, 0xD1, 0x4B},
{0xA4, 0x29, 0x9E, 0x27, 0x46, 0x9F, 0xF6, 0x7B},
{0xAF, 0xD5, 0xAE, 0xD1, 0xC1, 0xBC, 0x96, 0xA8},
{0x10, 0x85, 0x1C, 0x0E, 0x38, 0x58, 0xDA, 0x9F},
{0xE6, 0xF5, 0x1E, 0xD7, 0x9B, 0x9D, 0xB2, 0x1F},
{0x64, 0xA6, 0xE1, 0x4A, 0xFD, 0x36, 0xB4, 0x6F},
{0x80, 0xC7, 0xD7, 0xD4, 0x5A, 0x54, 0x79, 0xAD},
{0x05, 0x04, 0x4B, 0x62, 0xFA, 0x52, 0xD0, 0x80},
};
TEST(Blowfish, ossl_bf_ecb_raw) {
for (int n = 0; n < 2; n++) {
BF_KEY key;
uint32_t data[2];
BF_set_key(&key, bf_key[n].len, bf_key[n].key);
data[0] = bf_plain[n][0];
data[1] = bf_plain[n][1];
BF_encrypt(data, &key);
ASSERT_EQ(0, memcmp(&(bf_cipher[n][0]), &data[0], BF_BLOCK));
BF_decrypt(&(data[0]), &key);
ASSERT_EQ(0, memcmp(&(bf_plain[n][0]), &data[0], BF_BLOCK));
}
}
TEST(Blowfish, ossl_bf_ecb) {
for (int n = 0; n < NUM_TESTS; n++) {
BF_KEY key;
uint8_t out[8];
BF_set_key(&key, 8, ecb_data[n]);
BF_ecb_encrypt(&(plain_data[n][0]), out, &key, BF_ENCRYPT);
ASSERT_EQ(Bytes(&(cipher_data[n][0]), BF_BLOCK), Bytes(out, BF_BLOCK));
BF_ecb_encrypt(out, out, &key, BF_DECRYPT);
ASSERT_EQ(Bytes(&(plain_data[n][0]), BF_BLOCK), Bytes(out, BF_BLOCK));
}
}
TEST(Blowfish, ossl_bf_set_key) {
for (int n = 0; n < KEY_TEST_NUM - 1; n++) {
BF_KEY key;
uint8_t out[8];
BF_set_key(&key, n + 1, key_test);
BF_ecb_encrypt(key_data, out, &key, BF_ENCRYPT);
ASSERT_EQ(Bytes(out, 8), Bytes(&(key_out[n][0]), 8));
}
}
TEST(Blowfish, ossl_bf_cbc) {
uint8_t cbc_in[32], cbc_out[32], iv[8];
BF_KEY key;
BF_set_key(&key, 16, cbc_key);
memset(cbc_in, 0, sizeof(cbc_in));
memset(cbc_out, 0, sizeof(cbc_out));
memcpy(iv, cbc_iv, sizeof(iv));
BF_cbc_encrypt(cbc_data, cbc_out, sizeof(cbc_data), &key, iv, BF_ENCRYPT);
ASSERT_EQ(Bytes(cbc_out, sizeof(cbc_out)), Bytes(cbc_ok, sizeof(cbc_ok)));
memcpy(iv, cbc_iv, 8);
BF_cbc_encrypt(cbc_out, cbc_in, sizeof(cbc_out), &key, iv, BF_DECRYPT);
ASSERT_EQ(Bytes(cbc_in, sizeof(cbc_data)), Bytes(cbc_data, sizeof(cbc_data)));
}
TEST(Blowfish, ossl_bf_cfb64) {
uint8_t cbc_in[sizeof(cbc_data)], cbc_out[sizeof(cbc_data)], iv[8];
int n = 0;
BF_KEY key;
// CFB is a streaming cipher mode so in/out len is the same.
const size_t len = sizeof(cbc_data);
BF_set_key(&key, sizeof(cbc_key), cbc_key);
memset(cbc_in, 0, sizeof(cbc_in));
memset(cbc_out, 0, sizeof(cbc_out));
memcpy(iv, cbc_iv, sizeof(iv));
BF_cfb64_encrypt(cbc_data, cbc_out, 13, &key, iv, &n, BF_ENCRYPT);
BF_cfb64_encrypt(&(cbc_data[13]), &(cbc_out[13]), len - 13, &key, iv, &n,
BF_ENCRYPT);
ASSERT_EQ(Bytes(cbc_out, len), Bytes(cfb64_ok, len));
n = 0;
memcpy(iv, cbc_iv, sizeof(cbc_iv));
BF_cfb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n, BF_DECRYPT);
BF_cfb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17, &key, iv, &n,
BF_DECRYPT);
ASSERT_EQ(Bytes(cbc_in, len), Bytes(cbc_data, len));
}
TEST(Blowfish, ossl_bf_ofb64) {
uint8_t cbc_in[sizeof(cbc_data)], cbc_out[sizeof(cbc_data)], iv[8];
int n = 0;
BF_KEY key;
// OFB is a streaming cipher mode so in/out len is the same.
const size_t len = sizeof(cbc_data);
BF_set_key(&key, 16, cbc_key);
memset(cbc_in, 0, sizeof(cbc_in));
memset(cbc_out, 0, sizeof(cbc_out));
memcpy(iv, cbc_iv, sizeof(iv));
BF_ofb64_encrypt(cbc_data, cbc_out, (long)13, &key, iv, &n);
BF_ofb64_encrypt(&(cbc_data[13]), &(cbc_out[13]), len - 13, &key, iv, &n);
ASSERT_EQ(Bytes(cbc_out, len), Bytes(ofb64_ok, len));
n = 0;
memcpy(iv, cbc_iv, sizeof(iv));
BF_ofb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n);
BF_ofb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17, &key, iv, &n);
ASSERT_EQ(Bytes(cbc_in, len), Bytes(cbc_data, len));
}

362
vendor/aws-lc-sys/aws-lc/crypto/decrepit/cast/cast.c vendored Normal file
View File

@@ -0,0 +1,362 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
// SPDX-License-Identifier: Apache-2.0
#include <openssl/cipher.h>
#include <openssl/obj.h>
#if defined(OPENSSL_WINDOWS)
OPENSSL_MSVC_PRAGMA(warning(push, 3))
#include <intrin.h>
OPENSSL_MSVC_PRAGMA(warning(pop))
#endif
#include "../../../crypto/internal.h"
#include "../../fipsmodule/cipher/internal.h"
#include "../macros.h"
#include "internal.h"
void CAST_ecb_encrypt(const uint8_t *in, uint8_t *out, const CAST_KEY *ks,
int enc) {
uint32_t d[2];
n2l(in, d[0]);
n2l(in, d[1]);
if (enc) {
CAST_encrypt(d, ks);
} else {
CAST_decrypt(d, ks);
}
l2n(d[0], out);
l2n(d[1], out);
}
#if defined(OPENSSL_WINDOWS) && defined(_MSC_VER)
#define ROTL(a, n) (_lrotl(a, n))
#else
#define ROTL(a, n) ((((a) << (n)) | ((a) >> ((-(n))&31))) & 0xffffffffL)
#endif
#define E_CAST(n, key, L, R, OP1, OP2, OP3) \
{ \
uint32_t a, b, c, d; \
t = (key[n * 2] OP1 R) & 0xffffffff; \
t = ROTL(t, (key[n * 2 + 1])); \
a = CAST_S_table0[(t >> 8) & 0xff]; \
b = CAST_S_table1[(t)&0xff]; \
c = CAST_S_table2[(t >> 24) & 0xff]; \
d = CAST_S_table3[(t >> 16) & 0xff]; \
L ^= (((((a OP2 b)&0xffffffffL)OP3 c) & 0xffffffffL)OP1 d) & 0xffffffffL; \
}
void CAST_encrypt(uint32_t *data, const CAST_KEY *key) {
uint32_t l, r, t;
const uint32_t *k;
k = &key->data[0];
l = data[0];
r = data[1];
E_CAST(0, k, l, r, +, ^, -);
E_CAST(1, k, r, l, ^, -, +);
E_CAST(2, k, l, r, -, +, ^);
E_CAST(3, k, r, l, +, ^, -);
E_CAST(4, k, l, r, ^, -, +);
E_CAST(5, k, r, l, -, +, ^);
E_CAST(6, k, l, r, +, ^, -);
E_CAST(7, k, r, l, ^, -, +);
E_CAST(8, k, l, r, -, +, ^);
E_CAST(9, k, r, l, +, ^, -);
E_CAST(10, k, l, r, ^, -, +);
E_CAST(11, k, r, l, -, +, ^);
if (!key->short_key) {
E_CAST(12, k, l, r, +, ^, -);
E_CAST(13, k, r, l, ^, -, +);
E_CAST(14, k, l, r, -, +, ^);
E_CAST(15, k, r, l, +, ^, -);
}
data[1] = l & 0xffffffffL;
data[0] = r & 0xffffffffL;
}
void CAST_decrypt(uint32_t *data, const CAST_KEY *key) {
uint32_t l, r, t;
const uint32_t *k;
k = &key->data[0];
l = data[0];
r = data[1];
if (!key->short_key) {
E_CAST(15, k, l, r, +, ^, -);
E_CAST(14, k, r, l, -, +, ^);
E_CAST(13, k, l, r, ^, -, +);
E_CAST(12, k, r, l, +, ^, -);
}
E_CAST(11, k, l, r, -, +, ^);
E_CAST(10, k, r, l, ^, -, +);
E_CAST(9, k, l, r, +, ^, -);
E_CAST(8, k, r, l, -, +, ^);
E_CAST(7, k, l, r, ^, -, +);
E_CAST(6, k, r, l, +, ^, -);
E_CAST(5, k, l, r, -, +, ^);
E_CAST(4, k, r, l, ^, -, +);
E_CAST(3, k, l, r, +, ^, -);
E_CAST(2, k, r, l, -, +, ^);
E_CAST(1, k, l, r, ^, -, +);
E_CAST(0, k, r, l, +, ^, -);
data[1] = l & 0xffffffffL;
data[0] = r & 0xffffffffL;
}
void CAST_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t length,
const CAST_KEY *ks, uint8_t *iv, int enc) {
uint32_t tin0, tin1;
uint32_t tout0, tout1, xor0, xor1;
size_t l = length;
uint32_t tin[2];
if (enc) {
n2l(iv, tout0);
n2l(iv, tout1);
iv -= 8;
while (l >= 8) {
n2l(in, tin0);
n2l(in, tin1);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
CAST_encrypt(tin, ks);
tout0 = tin[0];
tout1 = tin[1];
l2n(tout0, out);
l2n(tout1, out);
l -= 8;
}
if (l != 0) {
n2ln(in, tin0, tin1, l);
tin0 ^= tout0;
tin1 ^= tout1;
tin[0] = tin0;
tin[1] = tin1;
CAST_encrypt(tin, ks);
tout0 = tin[0];
tout1 = tin[1];
l2n(tout0, out);
l2n(tout1, out);
}
l2n(tout0, iv);
l2n(tout1, iv);
} else {
n2l(iv, xor0);
n2l(iv, xor1);
iv -= 8;
while (l >= 8) {
n2l(in, tin0);
n2l(in, tin1);
tin[0] = tin0;
tin[1] = tin1;
CAST_decrypt(tin, ks);
tout0 = tin[0] ^ xor0;
tout1 = tin[1] ^ xor1;
l2n(tout0, out);
l2n(tout1, out);
xor0 = tin0;
xor1 = tin1;
l -= 8;
}
if (l != 0) {
n2l(in, tin0);
n2l(in, tin1);
tin[0] = tin0;
tin[1] = tin1;
CAST_decrypt(tin, ks);
tout0 = tin[0] ^ xor0;
tout1 = tin[1] ^ xor1;
l2nn(tout0, tout1, out, l);
xor0 = tin0;
xor1 = tin1;
}
l2n(xor0, iv);
l2n(xor1, iv);
}
OPENSSL_cleanse(&tin0, sizeof(tin0));
OPENSSL_cleanse(&tin1, sizeof(tin1));
OPENSSL_cleanse(&tout0, sizeof(tout0));
OPENSSL_cleanse(&tout1, sizeof(tout1));
OPENSSL_cleanse(&xor0, sizeof(xor0));
OPENSSL_cleanse(&xor1, sizeof(xor1));
OPENSSL_cleanse(&tin, sizeof(tin));
}
#define CAST_exp(l, A, a, n) \
A[n / 4] = l; \
a[n + 3] = (l)&0xff; \
a[n + 2] = (l >> 8) & 0xff; \
a[n + 1] = (l >> 16) & 0xff; \
a[n + 0] = (l >> 24) & 0xff;
#define S4 CAST_S_table4
#define S5 CAST_S_table5
#define S6 CAST_S_table6
#define S7 CAST_S_table7
void CAST_set_key(CAST_KEY *key, size_t len, const uint8_t *data) {
uint32_t x[16];
uint32_t z[16];
uint32_t k[32];
uint32_t X[4], Z[4];
uint32_t l, *K;
size_t i;
for (i = 0; i < 16; i++) {
x[i] = 0;
}
if (len > 16) {
len = 16;
}
for (i = 0; i < len; i++) {
x[i] = data[i];
}
if (len <= 10) {
key->short_key = 1;
} else {
key->short_key = 0;
}
K = &k[0];
X[0] = ((x[0] << 24) | (x[1] << 16) | (x[2] << 8) | x[3]) & 0xffffffffL;
X[1] = ((x[4] << 24) | (x[5] << 16) | (x[6] << 8) | x[7]) & 0xffffffffL;
X[2] = ((x[8] << 24) | (x[9] << 16) | (x[10] << 8) | x[11]) & 0xffffffffL;
X[3] = ((x[12] << 24) | (x[13] << 16) | (x[14] << 8) | x[15]) & 0xffffffffL;
for (;;) {
l = X[0] ^ S4[x[13]] ^ S5[x[15]] ^ S6[x[12]] ^ S7[x[14]] ^ S6[x[8]];
CAST_exp(l, Z, z, 0);
l = X[2] ^ S4[z[0]] ^ S5[z[2]] ^ S6[z[1]] ^ S7[z[3]] ^ S7[x[10]];
CAST_exp(l, Z, z, 4);
l = X[3] ^ S4[z[7]] ^ S5[z[6]] ^ S6[z[5]] ^ S7[z[4]] ^ S4[x[9]];
CAST_exp(l, Z, z, 8);
l = X[1] ^ S4[z[10]] ^ S5[z[9]] ^ S6[z[11]] ^ S7[z[8]] ^ S5[x[11]];
CAST_exp(l, Z, z, 12);
K[0] = S4[z[8]] ^ S5[z[9]] ^ S6[z[7]] ^ S7[z[6]] ^ S4[z[2]];
K[1] = S4[z[10]] ^ S5[z[11]] ^ S6[z[5]] ^ S7[z[4]] ^ S5[z[6]];
K[2] = S4[z[12]] ^ S5[z[13]] ^ S6[z[3]] ^ S7[z[2]] ^ S6[z[9]];
K[3] = S4[z[14]] ^ S5[z[15]] ^ S6[z[1]] ^ S7[z[0]] ^ S7[z[12]];
l = Z[2] ^ S4[z[5]] ^ S5[z[7]] ^ S6[z[4]] ^ S7[z[6]] ^ S6[z[0]];
CAST_exp(l, X, x, 0);
l = Z[0] ^ S4[x[0]] ^ S5[x[2]] ^ S6[x[1]] ^ S7[x[3]] ^ S7[z[2]];
CAST_exp(l, X, x, 4);
l = Z[1] ^ S4[x[7]] ^ S5[x[6]] ^ S6[x[5]] ^ S7[x[4]] ^ S4[z[1]];
CAST_exp(l, X, x, 8);
l = Z[3] ^ S4[x[10]] ^ S5[x[9]] ^ S6[x[11]] ^ S7[x[8]] ^ S5[z[3]];
CAST_exp(l, X, x, 12);
K[4] = S4[x[3]] ^ S5[x[2]] ^ S6[x[12]] ^ S7[x[13]] ^ S4[x[8]];
K[5] = S4[x[1]] ^ S5[x[0]] ^ S6[x[14]] ^ S7[x[15]] ^ S5[x[13]];
K[6] = S4[x[7]] ^ S5[x[6]] ^ S6[x[8]] ^ S7[x[9]] ^ S6[x[3]];
K[7] = S4[x[5]] ^ S5[x[4]] ^ S6[x[10]] ^ S7[x[11]] ^ S7[x[7]];
l = X[0] ^ S4[x[13]] ^ S5[x[15]] ^ S6[x[12]] ^ S7[x[14]] ^ S6[x[8]];
CAST_exp(l, Z, z, 0);
l = X[2] ^ S4[z[0]] ^ S5[z[2]] ^ S6[z[1]] ^ S7[z[3]] ^ S7[x[10]];
CAST_exp(l, Z, z, 4);
l = X[3] ^ S4[z[7]] ^ S5[z[6]] ^ S6[z[5]] ^ S7[z[4]] ^ S4[x[9]];
CAST_exp(l, Z, z, 8);
l = X[1] ^ S4[z[10]] ^ S5[z[9]] ^ S6[z[11]] ^ S7[z[8]] ^ S5[x[11]];
CAST_exp(l, Z, z, 12);
K[8] = S4[z[3]] ^ S5[z[2]] ^ S6[z[12]] ^ S7[z[13]] ^ S4[z[9]];
K[9] = S4[z[1]] ^ S5[z[0]] ^ S6[z[14]] ^ S7[z[15]] ^ S5[z[12]];
K[10] = S4[z[7]] ^ S5[z[6]] ^ S6[z[8]] ^ S7[z[9]] ^ S6[z[2]];
K[11] = S4[z[5]] ^ S5[z[4]] ^ S6[z[10]] ^ S7[z[11]] ^ S7[z[6]];
l = Z[2] ^ S4[z[5]] ^ S5[z[7]] ^ S6[z[4]] ^ S7[z[6]] ^ S6[z[0]];
CAST_exp(l, X, x, 0);
l = Z[0] ^ S4[x[0]] ^ S5[x[2]] ^ S6[x[1]] ^ S7[x[3]] ^ S7[z[2]];
CAST_exp(l, X, x, 4);
l = Z[1] ^ S4[x[7]] ^ S5[x[6]] ^ S6[x[5]] ^ S7[x[4]] ^ S4[z[1]];
CAST_exp(l, X, x, 8);
l = Z[3] ^ S4[x[10]] ^ S5[x[9]] ^ S6[x[11]] ^ S7[x[8]] ^ S5[z[3]];
CAST_exp(l, X, x, 12);
K[12] = S4[x[8]] ^ S5[x[9]] ^ S6[x[7]] ^ S7[x[6]] ^ S4[x[3]];
K[13] = S4[x[10]] ^ S5[x[11]] ^ S6[x[5]] ^ S7[x[4]] ^ S5[x[7]];
K[14] = S4[x[12]] ^ S5[x[13]] ^ S6[x[3]] ^ S7[x[2]] ^ S6[x[8]];
K[15] = S4[x[14]] ^ S5[x[15]] ^ S6[x[1]] ^ S7[x[0]] ^ S7[x[13]];
if (K != k) {
break;
}
K += 16;
}
for (i = 0; i < 16; i++) {
key->data[i * 2] = k[i];
key->data[i * 2 + 1] = ((k[i + 16]) + 16) & 0x1f;
}
}
static int cast_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key,
const uint8_t *iv, int enc) {
CAST_KEY *cast_key = ctx->cipher_data;
CAST_set_key(cast_key, ctx->key_len, key);
return 1;
}
static int cast_ecb_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
size_t len) {
CAST_KEY *cast_key = ctx->cipher_data;
assert(len % CAST_BLOCK == 0);
while (len >= CAST_BLOCK) {
CAST_ecb_encrypt(in, out, cast_key, ctx->encrypt);
in += CAST_BLOCK;
out += CAST_BLOCK;
len -= CAST_BLOCK;
}
assert(len == 0);
return 1;
}
static int cast_cbc_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
size_t len) {
CAST_KEY *cast_key = ctx->cipher_data;
CAST_cbc_encrypt(in, out, len, cast_key, ctx->iv, ctx->encrypt);
return 1;
}
static const EVP_CIPHER cast5_ecb = {
.nid = NID_cast5_ecb,
.block_size = CAST_BLOCK,
.key_len = CAST_KEY_LENGTH,
.iv_len = CAST_BLOCK,
.ctx_size = sizeof(CAST_KEY),
.flags = EVP_CIPH_ECB_MODE | EVP_CIPH_VARIABLE_LENGTH,
.init = cast_init_key,
.cipher = cast_ecb_cipher,
};
static const EVP_CIPHER cast5_cbc = {
.nid = NID_cast5_cbc,
.block_size = CAST_BLOCK,
.key_len = CAST_KEY_LENGTH,
.iv_len = CAST_BLOCK,
.ctx_size = sizeof(CAST_KEY),
.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH,
.init = cast_init_key,
.cipher = cast_cbc_cipher,
};
const EVP_CIPHER *EVP_cast5_ecb(void) { return &cast5_ecb; }
const EVP_CIPHER *EVP_cast5_cbc(void) { return &cast5_cbc; }

375
vendor/aws-lc-sys/aws-lc/crypto/decrepit/cast/cast_tables.c vendored Normal file
View File

@@ -0,0 +1,375 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#include <openssl/base.h>
#include "internal.h"
const uint32_t CAST_S_table0[256] = {
0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, 0x9c004dd3,
0x6003e540, 0xcf9fc949, 0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675,
0x6e63a0e0, 0x15c361d2, 0xc2e7661d, 0x22d4ff8e, 0x28683b6f, 0xc07fd059,
0xff2379c8, 0x775f50e2, 0x43c340d3, 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d,
0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f, 0x2abe32e1, 0xaa54166b,
0x22568e3a, 0xa2d341d0, 0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de,
0x97943fac, 0x4a97c1d8, 0x527644b7, 0xb5f437a7, 0xb82cbaef, 0xd751d159,
0x6ff7f0ed, 0x5a097a1f, 0x827b68d0, 0x90ecf52e, 0x22b0c054, 0xbc8e5935,
0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d, 0xb7332290, 0xe93b159f,
0xb48ee411, 0x4bff345d, 0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165,
0xd5b1caad, 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50, 0x882240f2, 0x0c6e4f38,
0xa4e4bfd7, 0x4f5ba272, 0x564c1d2f, 0xc59c5319, 0xb949e354, 0xb04669fe,
0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d, 0x57538ad5, 0x6a390493,
0xe63d37e0, 0x2a54f6b3, 0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a,
0x29f9d4d5, 0xf61b1891, 0xbb72275e, 0xaa508167, 0x38901091, 0xc6b505eb,
0x84c7cb8c, 0x2ad75a0f, 0x874a1427, 0xa2d1936b, 0x2ad286af, 0xaa56d291,
0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9, 0x6c00b32d, 0x73e2bb14,
0xa0bebc3c, 0x54623779, 0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6,
0x04ee002e, 0x89fe78e6, 0x3fab0950, 0x325ff6c2, 0x81383f05, 0x6963c5c8,
0x76cb5ad6, 0xd49974c9, 0xca180dcf, 0x380782d5, 0xc7fa5cf6, 0x8ac31511,
0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e, 0x31366241, 0x051ef495,
0xaa573b04, 0x4a805d8d, 0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e,
0x75c6372b, 0x50afd341, 0xa7c13275, 0x915a0bf5, 0x6b54bfab, 0x2b0b1426,
0xab4cc9d7, 0x449ccd82, 0xf7fbf265, 0xab85c5f3, 0x1b55db94, 0xaad4e324,
0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac, 0xeadf55b3, 0xd5bd9e98,
0xe31231b2, 0x2ad5ad6c, 0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f,
0xaa786bf6, 0x22513f1e, 0xaa51a79b, 0x2ad344cc, 0x7b5a41f0, 0xd37cfbad,
0x1b069505, 0x41ece491, 0xb4c332e6, 0x032268d4, 0xc9600acc, 0xce387e6d,
0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de, 0xe01063da, 0x4736f464,
0x5ad328d8, 0xb347cc96, 0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a,
0xe11f0abc, 0xbfc5fe4a, 0xa70aec10, 0xac39570a, 0x3f04442f, 0x6188b153,
0xe0397a2e, 0x5727cb79, 0x9ceb418f, 0x1cacd68d, 0x2ad37c96, 0x0175cb9d,
0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779, 0x4744ead4, 0xb11c3274,
0xdd24cb9e, 0x7e1c54bd, 0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755,
0xd47c27af, 0x51c85f4d, 0x56907596, 0xa5bb15e6, 0x580304f0, 0xca042cf1,
0x011a37ea, 0x8dbfaadb, 0x35ba3e4a, 0x3526ffa0, 0xc37b4d09, 0xbc306ed9,
0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0, 0x7c63b2cf, 0x700b45e1,
0xd5ea50f1, 0x85a92872, 0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79,
0x42e04198, 0x0cd0ede7, 0x26470db8, 0xf881814c, 0x474d6ad7, 0x7c0c5e5c,
0xd1231959, 0x381b7298, 0xf5d2f4db, 0xab838653, 0x6e2f1e23, 0x83719c9e,
0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571, 0x962bda1c, 0xe1e696ff,
0xb141ab08, 0x7cca89b9, 0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d,
0x427b169c, 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf,
};
const uint32_t CAST_S_table1[256] = {
0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380, 0xfe61cf7a, 0xeec5207a,
0x55889c94, 0x72fc0651, 0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba,
0x99c430ef, 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3, 0xa0b52f7b, 0x59e83605,
0xee15b094, 0xe9ffd909, 0xdc440086, 0xef944459, 0xba83ccb3, 0xe0c3cdfb,
0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b, 0x01420ddb, 0xe4e7ef5b,
0x25a1ff41, 0xe180f806, 0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4,
0x98de8b7f, 0x77e83f4e, 0x79929269, 0x24fa9f7b, 0xe113c85b, 0xacc40083,
0xd7503525, 0xf7ea615f, 0x62143154, 0x0d554b63, 0x5d681121, 0xc866c359,
0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21, 0x071f6181, 0x39f7627f,
0x361e3084, 0xe4eb573b, 0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d,
0x2701f50c, 0x99847ab4, 0xa0e3df79, 0xba6cf38c, 0x10843094, 0x2537a95e,
0xf46f6ffe, 0xa1ff3b1f, 0x208cfb6a, 0x8f458c74, 0xd9e0a227, 0x4ec73a34,
0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d, 0x8a45388c, 0x1d804366,
0x721d9bfd, 0xa58684bb, 0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4,
0xce280ae1, 0x27e19ba5, 0xd5a6c252, 0xe49754bd, 0xc5d655dd, 0xeb667064,
0x77840b4d, 0xa1b6a801, 0x84db26a9, 0xe0b56714, 0x21f043b7, 0xe5d05860,
0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755, 0xb5625dbf, 0x68561be6,
0x83ca6b94, 0x2d6ed23b, 0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709,
0x33b4a34c, 0x397bc8d6, 0x5ee22b95, 0x5f0e5304, 0x81ed6f61, 0x20e74364,
0xb45e1378, 0xde18639b, 0x881ca122, 0xb96726d1, 0x8049a7e8, 0x22b7da7b,
0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c, 0x488cb402, 0x1ba4fe5b,
0xa4b09f6b, 0x1ca815cf, 0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9,
0x0beeff53, 0xe3214517, 0xb4542835, 0x9f63293c, 0xee41e729, 0x6e1d2d7c,
0x50045286, 0x1e6685f3, 0xf33401c6, 0x30a22c95, 0x31a70850, 0x60930f13,
0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9, 0xcdff33a6, 0xa02b1741,
0x7cbad9a2, 0x2180036f, 0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab,
0x80342676, 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6, 0xcdf0b680, 0x17844d3b,
0x31eef84d, 0x7e0824e4, 0x2ccb49eb, 0x846a3bae, 0x8ff77888, 0xee5d60f6,
0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43, 0xb3faec54, 0x157fd7fa,
0xef8579cc, 0xd152de58, 0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8,
0x99319ad5, 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906, 0xb8da230c, 0x80823028,
0xdcdef3c8, 0xd35fb171, 0x088a1bc8, 0xbec0c560, 0x61a3c9e8, 0xbca8f54d,
0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89, 0x8b1c34bc, 0x301e16e6,
0x273be979, 0xb0ffeaa6, 0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b,
0x43daf65a, 0xf7e19798, 0x7619b72f, 0x8f1c9ba4, 0xdc8637a0, 0x16a7d3b1,
0x9fc393b7, 0xa7136eeb, 0xc6bcc63e, 0x1a513742, 0xef6828bc, 0x520365d6,
0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e, 0xdb92f2fb, 0x5eea29cb,
0x145892f5, 0x91584f7f, 0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea,
0x833860d4, 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249, 0xb284600c, 0xd835731d,
0xdcb1c647, 0xac4c56ea, 0x3ebd81b3, 0x230eabb0, 0x6438bc87, 0xf0b5b1fa,
0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd, 0x649da589, 0xa345415e,
0x5c038323, 0x3e5d3bb9, 0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef,
0x7160a539, 0x73bfbe70, 0x83877605, 0x4523ecf1,
};
const uint32_t CAST_S_table2[256] = {
0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907, 0x47607fff, 0x369fe44b,
0x8c1fc644, 0xaececa90, 0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae,
0x920e8806, 0xf0ad0548, 0xe13c8d83, 0x927010d5, 0x11107d9f, 0x07647db9,
0xb2e3e4d4, 0x3d4f285e, 0xb9afa820, 0xfade82e0, 0xa067268b, 0x8272792e,
0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc, 0x21fffcee, 0x825b1bfd,
0x9255c5ed, 0x1257a240, 0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e,
0x3373f7bf, 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5, 0xa8c01db7, 0x579fc264,
0x67094f31, 0xf2bd3f5f, 0x40fff7c1, 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b,
0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99, 0xa197c81c, 0x4a012d6e,
0xc5884a28, 0xccc36f71, 0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f,
0x2f7fe850, 0xd7c07f7e, 0x02507fbf, 0x5afb9a04, 0xa747d2d0, 0x1651192e,
0xaf70bf3e, 0x58c31380, 0x5f98302e, 0x727cc3c4, 0x0a0fb402, 0x0f7fef82,
0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8, 0x8427f4a0, 0x1eac5790,
0x796fb449, 0x8252dc15, 0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504,
0xfa5d7403, 0xe83ec305, 0x4f91751a, 0x925669c2, 0x23efe941, 0xa903f12e,
0x60270df2, 0x0276e4b6, 0x94fd6574, 0x927985b2, 0x8276dbcb, 0x02778176,
0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e, 0x842f7d83, 0x340ce5c8,
0x96bbb682, 0x93b4b148, 0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d,
0x224d1e20, 0x8437aa88, 0x7d29dc96, 0x2756d3dc, 0x8b907cee, 0xb51fd240,
0xe7c07ce3, 0xe566b4a1, 0xc3e9615e, 0x3cf8209d, 0x6094d1e3, 0xcd9ca341,
0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c, 0xf76cedd9, 0xbda8229c,
0x127dadaa, 0x438a074e, 0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15,
0x97b03cff, 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51, 0x68cc7bfb, 0xd90f2788,
0x12490181, 0x5de5ffd4, 0xdd7ef86a, 0x76a2e214, 0xb9a40368, 0x925d958f,
0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b, 0x6d498623, 0x193cbcfa,
0x27627545, 0x825cf47a, 0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392,
0x10428db7, 0x8272a972, 0x9270c4a8, 0x127de50b, 0x285ba1c8, 0x3c62f44f,
0x35c0eaa5, 0xe805d231, 0x428929fb, 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b,
0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889, 0x694bcc11, 0x236a5cae,
0x12deca4d, 0x2c3f8cc5, 0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67,
0x494a488c, 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45, 0x3a609437, 0xec00c9a9,
0x44715253, 0x0a874b49, 0xd773bc40, 0x7c34671c, 0x02717ef6, 0x4feb5536,
0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d, 0x07478cd1, 0x006e1888,
0xa2e53f55, 0xb9e6d4bc, 0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d,
0x72f87b33, 0xabcc4f33, 0x7688c55d, 0x7b00a6b0, 0x947b0001, 0x570075d2,
0xf9bb88f8, 0x8942019e, 0x4264a5ff, 0x856302e0, 0x72dbd92b, 0xee971b69,
0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767, 0xcf1febd2, 0x61efc8c2,
0xf1ac2571, 0xcc8239c2, 0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce,
0xf90a5c38, 0x0ff0443d, 0x606e6dc6, 0x60543a49, 0x5727c148, 0x2be98a1d,
0x8ab41738, 0x20e1be24, 0xaf96da0f, 0x68458425, 0x99833be5, 0x600d457d,
0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0, 0x642b1e31, 0x9c305a00,
0x52bce688, 0x1b03588a, 0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5,
0xdfef4636, 0xa133c501, 0xe9d3531c, 0xee353783,
};
const uint32_t CAST_S_table3[256] = {
0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298, 0x4a4f7bdb, 0x64ad8c57,
0x85510443, 0xfa020ed1, 0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120,
0xfd059d43, 0x6497b7b1, 0xf3641f63, 0x241e4adf, 0x28147f5f, 0x4fa2b8cd,
0xc9430040, 0x0cc32220, 0xfdd30b30, 0xc0a5374f, 0x1d2d00d9, 0x24147b15,
0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe, 0x1a05645f, 0x0c13fefe,
0x081b08ca, 0x05170121, 0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701,
0xd2b8ee5f, 0x06df4261, 0xbb9e9b8a, 0x7293ea25, 0xce84ffdf, 0xf5718801,
0x3dd64b04, 0xa26f263b, 0x7ed48400, 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5,
0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93, 0xd3772061, 0x11b638e1,
0x72500e03, 0xf80eb2bb, 0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746,
0xc9335400, 0x6920318f, 0x081dbb99, 0xffc304a5, 0x4d351805, 0x7f3d5ce3,
0xa6c866c6, 0x5d5bcca9, 0xdaec6fea, 0x9f926f91, 0x9f46222f, 0x3991467d,
0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb, 0x022083b8, 0x3fb6180c,
0x18f8931e, 0x281658e6, 0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c,
0xf32d0a25, 0x79098b02, 0xe4eabb81, 0x28123b23, 0x69dead38, 0x1574ca16,
0xdf871b62, 0x211c40b7, 0xa51a9ef9, 0x0014377b, 0x041e8ac8, 0x09114003,
0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340, 0x557be8de, 0x00eae4a7,
0x0ce5c2ec, 0x4db4bba6, 0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327,
0x99afc8b0, 0x56c8c391, 0x6b65811c, 0x5e146119, 0x6e85cb75, 0xbe07c002,
0xc2325577, 0x893ff4ec, 0x5bbfc92d, 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24,
0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205, 0xaac9548a, 0xeca1d7c7,
0x041afa32, 0x1d16625a, 0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031,
0x36cc6fdb, 0xc70b8b46, 0xd9e66a48, 0x56e55a79, 0x026a4ceb, 0x52437eff,
0x2f8f76b4, 0x0df980a5, 0x8674cde3, 0xedda04eb, 0x17a9be04, 0x2c18f4df,
0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c, 0x1741a254, 0xe5b6a035,
0x213d42f6, 0x2c1c7c26, 0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69,
0xd8167fa2, 0x0418f2c8, 0x001a96a6, 0x0d1526ab, 0x63315c21, 0x5e0a72ec,
0x49bafefd, 0x187908d9, 0x8d0dbd86, 0x311170a7, 0x3e9b640c, 0xcc3e10d7,
0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff, 0x71eae2a1, 0x1f9af36e,
0xcfcbd12f, 0xc1de8417, 0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3,
0xb1c52fca, 0xb4be31cd, 0xd8782806, 0x12a3a4e2, 0x6f7de532, 0x58fd7eb6,
0xd01ee900, 0x24adffc2, 0xf4990fc5, 0x9711aac5, 0x001d7b95, 0x82e5e7d2,
0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff, 0x29908415, 0x7fbb977f,
0xaf9eb3db, 0x29c9ed2a, 0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091,
0xd49e2ce7, 0x0ce454a9, 0xd60acd86, 0x015f1919, 0x77079103, 0xdea03af6,
0x78a8565e, 0xdee356df, 0x21f05cbe, 0x8b75e387, 0xb3c50651, 0xb8a5c3ef,
0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf, 0xafe67afb, 0xf470c4b2,
0xf3e0eb5b, 0xd6cc9876, 0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367,
0xa99144f8, 0x296b299e, 0x492fc295, 0x9266beab, 0xb5676e69, 0x9bd3ddda,
0xdf7e052f, 0xdb25701c, 0x1b5e51ee, 0xf65324e6, 0x6afce36c, 0x0316cc04,
0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43, 0x41823979, 0x932bcdf6,
0xb657c34d, 0x4edfd282, 0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e,
0x13ecf0b0, 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2,
};
const uint32_t CAST_S_table4[256] = {
0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911, 0xb86a7fff, 0x1dd358f5,
0x44dd9d44, 0x1731167f, 0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00,
0x2ab722d8, 0x386381cb, 0xacf6243a, 0x69befd7a, 0xe6a2e77f, 0xf0c720cd,
0xc4494816, 0xccf5c180, 0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff,
0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2, 0x4e40b48d, 0x248eb6fb,
0x8dba1cfe, 0x41a99b02, 0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725,
0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a, 0xf2f3f763, 0x68af8040,
0xed0c9e56, 0x11b4958b, 0xe1eb5a88, 0x8709e6b0, 0xd7e07156, 0x4e29fea7,
0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571, 0x0c05372a, 0x578535f2,
0x2261be02, 0xd642a0c9, 0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec,
0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981, 0x5c1ff900, 0xfe38d399,
0x0c4eff0b, 0x062407ea, 0xaa2f4fb1, 0x4fb96976, 0x90c79505, 0xb0a8a774,
0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263, 0xdf65001f, 0x0ec50966,
0xdfdd55bc, 0x29de0655, 0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468,
0x0d01e980, 0x524755f4, 0x03b63cc9, 0x0cc844b2, 0xbcf3f0aa, 0x87ac36e9,
0xe53a7426, 0x01b3d82b, 0x1a9e7449, 0x64ee2d7e, 0xcddbb1da, 0x01c94910,
0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284, 0x636737b6, 0x50f5b616,
0xf24766e3, 0x8eca36c1, 0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4,
0xc7fb7dc9, 0x3063fcdf, 0xb6f589de, 0xec2941da, 0x26e46695, 0xb7566419,
0xf654efc5, 0xd08d58b7, 0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049,
0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce, 0xc62bf3cd, 0x9e0885f9,
0x68cb3e47, 0x086c010f, 0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6,
0x407edac3, 0xcbb3d550, 0x1793084d, 0xb0d70eba, 0x0ab378d5, 0xd951fb0c,
0xded7da56, 0x4124bbe4, 0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be,
0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561, 0xc3dc0280, 0x05687715,
0x646c6bd7, 0x44904db3, 0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6,
0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840, 0x76f0ae02, 0x083be84d,
0x28421c9a, 0x44489406, 0x736e4cb8, 0xc1092910, 0x8bc95fc6, 0x7d869cf4,
0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472, 0x3ca5d717, 0x7d161bba,
0x9cad9010, 0xaf462ba2, 0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487,
0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7, 0x445f7382, 0x175683f4,
0xcdc66a97, 0x70be0288, 0xb3cdcf72, 0x6e5dd2f3, 0x20936079, 0x459b80a5,
0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2, 0x1c5c1572, 0xf6721b2c,
0x1ad2fff3, 0x8c25404e, 0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78,
0xdc0fd66e, 0x75922283, 0x784d6b17, 0x58ebb16e, 0x44094f85, 0x3f481d87,
0xfcfeae7b, 0x77b5ff76, 0x8c2302bf, 0xaaf47556, 0x5f46b02a, 0x2b092801,
0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0, 0xdf3b0874, 0x95055110,
0x1b5ad7a8, 0xf61ed5ad, 0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58,
0x4a046826, 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0, 0x5ce96c28, 0xe176eda3,
0x6bac307f, 0x376829d2, 0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20,
0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be, 0xf9e0659a, 0xeeb9491d,
0x34010718, 0xbb30cab8, 0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55,
0x5e76ffa8, 0xb1534546, 0x6d47de08, 0xefe9e7d4,
};
const uint32_t CAST_S_table5[256] = {
0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c, 0x95db08e7, 0x016843b4,
0xeced5cbc, 0x325553ac, 0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9,
0x1ab6a6b8, 0xde5ebe39, 0xf38ff732, 0x8989b138, 0x33f14961, 0xc01937bd,
0xf506c6da, 0xe4625e7e, 0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367,
0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866, 0xa084db2d, 0x09a8486f,
0xa888614a, 0x2900af98, 0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c,
0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072, 0xfd41197e, 0x9305a6b0,
0xe86be3da, 0x74bed3cd, 0x372da53c, 0x4c7f4448, 0xdab5d440, 0x6dba0ec3,
0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53, 0x5c3d9c01, 0x64bdb941,
0x2c0e636a, 0xba7dd9cd, 0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d,
0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8, 0x284caf89, 0xaa928223,
0x9334be53, 0x3b3a21bf, 0x16434be3, 0x9aea3906, 0xefe8c36e, 0xf890cdd9,
0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807, 0x5b7c5ecc, 0x221db3a6,
0x9a69a02f, 0x68818a54, 0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a,
0xb4628abc, 0xcf222ebf, 0x25ac6f48, 0xa9a99387, 0x53bddb65, 0xe76ffbe7,
0xe967fd78, 0x0ba93563, 0x8e342bc1, 0xe8a11be9, 0x4980740d, 0xc8087dfc,
0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0, 0xe81f994f, 0x9528cd89,
0xfd339fed, 0xb87834bf, 0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be,
0x4f628daa, 0x57f55ec5, 0xe2220abe, 0xd2916ebf, 0x4ec75b95, 0x24f2c3c0,
0x42d15d99, 0xcd0d7fa0, 0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f,
0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2, 0x372b74af, 0x692573e4,
0xe9a9d848, 0xf3160289, 0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853,
0x20951063, 0x4576698d, 0xb6fad407, 0x592af950, 0x36f73523, 0x4cfb6e87,
0x7da4cec0, 0x6c152daa, 0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f,
0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9, 0x2b05d08d, 0x48b9d585,
0xdc049441, 0xc8098f9b, 0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751,
0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be, 0xbf32679d, 0xd45b5b75,
0xb353fd00, 0xcbb0e358, 0x830f220a, 0x1f8fb214, 0xd372cf08, 0xcc3c4a13,
0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397, 0x47cf8e7a, 0xb6c85283,
0x3cc2acfb, 0x3fc06976, 0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459,
0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0, 0x3007cd3e, 0x74719eef,
0xdc872681, 0x073340d4, 0x7e432fd9, 0x0c5ec241, 0x8809286c, 0xf592d891,
0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f, 0x6fe4ac98, 0xb173ecc0,
0xbc60b42a, 0x953498da, 0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb,
0xe2969123, 0x257f0c3d, 0x9348af49, 0x361400bc, 0xe8816f4a, 0x3814f200,
0xa3f94043, 0x9c7a54c2, 0xbc704f57, 0xda41e7f9, 0xc25ad33a, 0x54f4a084,
0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab, 0xba5ac7b5, 0xb6f6deaf,
0x3a479c3a, 0x5302da25, 0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b,
0xd7d25d88, 0x44136c76, 0x0404a8c8, 0xb8e5a121, 0xb81a928a, 0x60ed5869,
0x97c55b96, 0xeaec991b, 0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5,
0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855, 0xd36b4cf1, 0xf544edeb,
0xb0e93524, 0xbebb8fbd, 0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454,
0x48392905, 0xa65b1db8, 0x851c97bd, 0xd675cf2f,
};
const uint32_t CAST_S_table6[256] = {
0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693, 0x2a8d7f6f, 0xab9bc912,
0xde6008a1, 0x2028da1f, 0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82,
0x2cb2cb11, 0xb232e75c, 0x4b3695f2, 0xb28707de, 0xa05fbcf6, 0xcd4181e9,
0xe150210c, 0xe24ef1bd, 0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43,
0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f, 0x089766be, 0xbaeeadf4,
0x1286becf, 0xb6eacb19, 0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9,
0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2, 0x107789be, 0xb3b2e9ce,
0x0502aa8f, 0x0bc0351e, 0x166bf52a, 0xeb12ff82, 0xe3486911, 0xd34d7516,
0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83, 0x334266ce, 0x8c9341b7,
0xd0d854c0, 0xcb3a6c88, 0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e,
0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816, 0x0a961288, 0xe1a5c06e,
0x13749e67, 0x72fc081a, 0xb1d139f7, 0xf9583745, 0xcf19df58, 0xbec3f756,
0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f, 0xbc8ec511, 0x38bc46e9,
0xc6e6fa14, 0xbae8584a, 0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b,
0x821dba9f, 0xaff60ff4, 0xea2c4e6d, 0x16e39264, 0x92544a8b, 0x009b4fc3,
0xaba68ced, 0x9ac96f78, 0x06a5b79a, 0xb2856e6e, 0x1aec3ca9, 0xbe838688,
0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d, 0xf7debb85, 0x61fe033c,
0x16746233, 0x3c034c28, 0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802,
0x98f8f35a, 0x1626a49f, 0xeed82b29, 0x1d382fe3, 0x0c4fb99a, 0xbb325778,
0x3ec6d97b, 0x6e77a6a9, 0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7,
0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302, 0xb96d8c32, 0xebd4e7be,
0xbe8b9d2d, 0x7979fb06, 0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858,
0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033, 0xf28ebfb0, 0xf5b9c310,
0xa0eac280, 0x08b9767a, 0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a,
0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4, 0x826d2bef, 0x4eeb8476,
0x488dcf25, 0x36c9d566, 0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df,
0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509, 0xf22b017d, 0xa4173f70,
0xdd1e16c3, 0x15e0d7f9, 0x50b1b887, 0x2b9f4fd5, 0x625aba82, 0x6a017962,
0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c, 0x93d29a22, 0xe32dbf9a,
0x058745b9, 0x3453dc1e, 0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07,
0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c, 0x66626c1c, 0x7154c24c,
0xea082b2a, 0x93eb2939, 0x17dcb0f0, 0x58d4f2ae, 0x9ea294fb, 0x52cf564c,
0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e, 0xd3a0c108, 0xa1e7160e,
0xe4f2dfa6, 0x693ed285, 0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378,
0xa132234f, 0x3d321c5d, 0xc3f5e194, 0x4b269301, 0xc79f022f, 0x3c997e7e,
0x5e4f9504, 0x3ffafbbd, 0x76f7ad0e, 0x296693f4, 0x3d1fce6f, 0xc61e45be,
0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567, 0x5592a33d, 0xb5229301,
0xcfd2a87f, 0x60aeb767, 0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2,
0xc363519b, 0x589dd390, 0x5479f8e6, 0x1cb8d647, 0x97fd61a9, 0xea7759f4,
0x2d57539d, 0x569a58cf, 0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914,
0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2, 0x3ffa50bc, 0x3d40f021,
0xc3c0bdae, 0x4958c24c, 0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada,
0xf2a279c7, 0x94e01be8, 0x90716f4b, 0x954b8aa3,
};
const uint32_t CAST_S_table7[256] = {
0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095, 0x7789f8b7, 0xe6c1121b,
0x0e241600, 0x052ce8b5, 0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174,
0x2a42931c, 0x76e38111, 0xb12def3a, 0x37ddddfc, 0xde9adeb1, 0x0a0cc32c,
0xbe197029, 0x84a00940, 0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd,
0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42, 0xc7ece831, 0x3f8f95e7,
0x72df191b, 0x7580330d, 0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164,
0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2, 0x12a8ddec, 0xfdaa335d,
0x176f43e8, 0x71fb46d4, 0x38129022, 0xce949ad4, 0xb84769ad, 0x965bd862,
0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0, 0x4cfde06f, 0xc28ec4b8,
0x57e8726e, 0x647a78fc, 0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6,
0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c, 0xbbd35049, 0x2998df04,
0x980cf42a, 0x9b6df491, 0x9e7edd53, 0x06918548, 0x58cb7e07, 0x3b74ef2e,
0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b, 0x3cf1d2e2, 0x19b47a38,
0x424f7618, 0x35856039, 0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8,
0x09c467cd, 0xc18910b1, 0xe11dbf7b, 0x06cd1af8, 0x7170c608, 0x2d5e3354,
0xd4de495a, 0x64c6d006, 0xbcc0c62c, 0x3dd00db3, 0x708f8f34, 0x77d51b42,
0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564, 0xf8d7e54e, 0x3e378160,
0x7895cda5, 0x859c15a5, 0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab,
0x7f229b1e, 0x31842e7b, 0x24259fd7, 0xf8bef472, 0x835ffcb8, 0x6df4c1f2,
0x96f5b195, 0xfd0af0fc, 0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225,
0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8, 0xc4618187, 0xea7a6e98,
0x7cd16efc, 0x1436876c, 0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441,
0x3cf7c899, 0x92ecbae6, 0xdd67016d, 0x151682eb, 0xa842eedf, 0xfdba60b4,
0xf1907b75, 0x20e3030f, 0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054,
0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504, 0xf1e47d8d, 0x844a1be5,
0xbae7dfdc, 0x42cbda70, 0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c,
0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc, 0x77853b53, 0x37effcb5,
0xc5068778, 0xe580b3e6, 0x4e68b8f4, 0xc5c8b37e, 0x0d809ea2, 0x398feb7c,
0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd, 0xdd06caa2, 0x37df932b,
0xc4248289, 0xacf3ebc3, 0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4,
0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4, 0xe87b40e4, 0xe98ea084,
0x5889e9e1, 0xefd390fc, 0xdd07d35b, 0xdb485694, 0x38d7e5b2, 0x57720101,
0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba, 0x646f1282, 0x7523d24a,
0xe0779695, 0xf9c17a8f, 0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf,
0x81f47c9f, 0xad1163ed, 0xea7b5965, 0x1a00726e, 0x11403092, 0x00da6d77,
0x4a0cdd61, 0xad1f4603, 0x605bdfb0, 0x9eedc364, 0x22ebe6a8, 0xcee7d28a,
0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37, 0x2de705ca, 0x8951570f,
0xdf09822b, 0xbd691a6c, 0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819,
0x4cf1764f, 0x0d771c2b, 0x67cdb156, 0x350d8384, 0x5938fa0f, 0x42399ef3,
0x36997b07, 0x0e84093d, 0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c,
0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347, 0x589e8d82, 0x0d2059d1,
0xa466bb1e, 0xf8da0a82, 0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d,
0x50b2ad80, 0xeaee6801, 0x8db2a283, 0xea8bf59e,
};

114
vendor/aws-lc-sys/aws-lc/crypto/decrepit/cast/cast_test.cc vendored Normal file
View File

@@ -0,0 +1,114 @@
// Copyright (c) 2019, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/cipher.h>
#include <gtest/gtest.h>
#include "../../internal.h"
#include "../../test/test_util.h"
struct CastTestCase {
uint8_t key[16];
uint8_t plaintext[16];
uint8_t iv[8];
uint8_t ecb_ciphertext[16];
uint8_t cbc_ciphertext[24];
};
static const CastTestCase kTests[] = {
// Randomly generated test cases. Checked against vanilla OpenSSL.
{
{0xbb, 0x56, 0xb1, 0x27, 0x7c, 0x4c, 0xdd, 0x5a, 0x99, 0x90, 0x1e, 0x6f,
0xeb, 0x36, 0x6c, 0xf3},
{0xa6, 0x5b, 0xe0, 0x99, 0xad, 0x5d, 0x91, 0x98, 0x37, 0xc1, 0xa4, 0x7f,
0x01, 0x24, 0x9a, 0x6b},
{0xd5, 0x8a, 0x5c, 0x29, 0xeb, 0xee, 0xed, 0x76},
{0x01, 0x8d, 0x1b, 0x42, 0xb8, 0x77, 0xc8, 0x84, 0x25, 0x7d, 0xd4, 0x89,
0x8d, 0xc1, 0xbc, 0x2a},
{0xc1, 0x05, 0xa1, 0x9a, 0xb4, 0xc4, 0xd0, 0x15,
0x9d, 0xfd, 0xea, 0xd0, 0xc3, 0x54, 0xe5, 0x33,
0x26, 0xac, 0x25, 0xf3, 0x48, 0xbc, 0xf6, 0xa2},
},
{
{0x5d, 0x98, 0xa9, 0xd2, 0x27, 0x5d, 0xc8, 0x8c, 0x8c, 0xee, 0x23, 0x7f,
0x8e, 0x2b, 0xd4, 0x8d},
{0x60, 0xec, 0x31, 0xda, 0x25, 0x07, 0x02, 0x14, 0x84, 0x44, 0x96, 0xa6,
0x04, 0x81, 0xca, 0x4e},
{0x96, 0x4c, 0xa4, 0x07, 0xee, 0x1c, 0xd1, 0xfb},
{0x58, 0x62, 0x29, 0x62, 0x23, 0x69, 0x9e, 0xe8, 0x27, 0xc2, 0xcd, 0x5b,
0x35, 0xf1, 0xdf, 0xa4},
{0x1c, 0xd0, 0x29, 0xe5, 0xf3, 0xdb, 0x65, 0x60,
0x05, 0xde, 0x01, 0x2b, 0x10, 0x09, 0x44, 0x56,
0x59, 0x44, 0x00, 0x26, 0xdb, 0xb3, 0x2d, 0x98},
},
};
TEST(CAST, ECB) {
unsigned test_num = 0;
for (const auto &test : kTests) {
test_num++;
SCOPED_TRACE(test_num);
uint8_t out[sizeof(test.ecb_ciphertext)];
int out_bytes, final_bytes;
bssl::ScopedEVP_CIPHER_CTX ctx;
ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_cast5_ecb(), nullptr,
test.key, nullptr));
ASSERT_TRUE(EVP_CIPHER_CTX_set_padding(ctx.get(), 0 /* no padding */));
ASSERT_TRUE(EVP_EncryptUpdate(ctx.get(), out, &out_bytes, test.plaintext,
sizeof(test.plaintext)));
ASSERT_TRUE(EVP_EncryptFinal_ex(ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.ecb_ciphertext), Bytes(out));
bssl::ScopedEVP_CIPHER_CTX decrypt_ctx;
ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_cast5_ecb(), nullptr,
test.key, nullptr));
ASSERT_TRUE(
EVP_CIPHER_CTX_set_padding(decrypt_ctx.get(), 0 /* no padding */));
ASSERT_TRUE(EVP_DecryptUpdate(decrypt_ctx.get(), out, &out_bytes,
test.ecb_ciphertext,
sizeof(test.ecb_ciphertext)));
ASSERT_TRUE(
EVP_DecryptFinal_ex(decrypt_ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.plaintext), Bytes(out));
}
}
TEST(CAST, CBC) {
unsigned test_num = 0;
for (const auto &test : kTests) {
test_num++;
SCOPED_TRACE(test_num);
uint8_t out[sizeof(test.cbc_ciphertext)];
int out_bytes, final_bytes;
bssl::ScopedEVP_CIPHER_CTX ctx;
ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), EVP_cast5_cbc(), nullptr,
test.key, test.iv));
ASSERT_TRUE(EVP_EncryptUpdate(ctx.get(), out, &out_bytes, test.plaintext,
sizeof(test.plaintext)));
EXPECT_TRUE(EVP_EncryptFinal_ex(ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.cbc_ciphertext));
EXPECT_EQ(Bytes(test.cbc_ciphertext), Bytes(out));
bssl::ScopedEVP_CIPHER_CTX decrypt_ctx;
ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), EVP_cast5_cbc(), nullptr,
test.key, test.iv));
ASSERT_TRUE(EVP_DecryptUpdate(decrypt_ctx.get(), out, &out_bytes,
test.cbc_ciphertext,
sizeof(test.cbc_ciphertext)));
EXPECT_TRUE(
EVP_DecryptFinal_ex(decrypt_ctx.get(), out + out_bytes, &final_bytes));
EXPECT_EQ(static_cast<size_t>(out_bytes + final_bytes),
sizeof(test.plaintext));
EXPECT_EQ(Bytes(test.plaintext), Bytes(out, out_bytes + final_bytes));
}
}

42
vendor/aws-lc-sys/aws-lc/crypto/decrepit/cast/internal.h vendored Normal file
View File

@@ -0,0 +1,42 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#ifndef OPENSSL_HEADER_CAST_INTERNAL_H
#define OPENSSL_HEADER_CAST_INTERNAL_H
#include <openssl/base.h>
#if defined(__cplusplus)
extern "C" {
#endif
struct cast_key_st {
uint32_t data[32];
int short_key; // Use reduced rounds for short key
} /* CAST_KEY */;
extern const uint32_t CAST_S_table0[256];
extern const uint32_t CAST_S_table1[256];
extern const uint32_t CAST_S_table2[256];
extern const uint32_t CAST_S_table3[256];
extern const uint32_t CAST_S_table4[256];
extern const uint32_t CAST_S_table5[256];
extern const uint32_t CAST_S_table6[256];
extern const uint32_t CAST_S_table7[256];
#define CAST_BLOCK 8
#define CAST_KEY_LENGTH 16
void CAST_set_key(CAST_KEY *key, size_t len, const uint8_t *data);
void CAST_ecb_encrypt(const uint8_t *in, uint8_t *out, const CAST_KEY *key,
int enc);
void CAST_encrypt(uint32_t *data, const CAST_KEY *key);
void CAST_decrypt(uint32_t *data, const CAST_KEY *key);
void CAST_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t length,
const CAST_KEY *ks, uint8_t *iv, int enc);
#if defined(__cplusplus)
} // extern C
#endif
#endif // OPENSSL_HEADER_CAST_INTERNAL_H

172
vendor/aws-lc-sys/aws-lc/crypto/decrepit/cfb/cfb.c vendored Normal file
View File

@@ -0,0 +1,172 @@
// Copyright (c) 2017, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/cipher.h>
#include <string.h>
#include <openssl/aes.h>
#include <openssl/obj.h>
#include "../../internal.h"
#include "../../fipsmodule/cipher/internal.h"
// MAXBITCHUNK is used in |aes_cfb1_cipher| to avoid overflow because
// |AES_cfb1_encrypt| operates data on bit level.
#define MAXBITCHUNK ((size_t)1<<(sizeof(size_t)*8-4))
typedef struct {
AES_KEY ks;
} EVP_CFB_CTX;
static int aes_cfb_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key,
const uint8_t *iv, int enc) {
if (key) {
EVP_CFB_CTX *cfb_ctx = (EVP_CFB_CTX *)ctx->cipher_data;
AES_set_encrypt_key(key, ctx->key_len * 8, &cfb_ctx->ks);
}
return 1;
}
static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
const uint8_t *in, size_t len) {
if (!out || !in) {
return 0;
}
EVP_CFB_CTX *cfb_ctx = (EVP_CFB_CTX *)ctx->cipher_data;
if (ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) {
int num = ctx->num;
AES_cfb1_encrypt(in, out, len, &cfb_ctx->ks, ctx->iv, &num,
ctx->encrypt ? AES_ENCRYPT : AES_DECRYPT);
ctx->num = num;
return 1;
}
while (len >= MAXBITCHUNK) {
int num = ctx->num;
AES_cfb1_encrypt(in, out, MAXBITCHUNK * 8, &cfb_ctx->ks, ctx->iv, &num,
ctx->encrypt ? AES_ENCRYPT : AES_DECRYPT);
ctx->num = num;
len -= MAXBITCHUNK;
out += MAXBITCHUNK;
in += MAXBITCHUNK;
}
if (len) {
int num = ctx->num;
AES_cfb1_encrypt(in, out, len * 8, &cfb_ctx->ks, ctx->iv, &num,
ctx->encrypt ? AES_ENCRYPT : AES_DECRYPT);
ctx->num = num;
}
return 1;
}
static int aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
const uint8_t *in, size_t len) {
if (!out || !in) {
return 0;
}
EVP_CFB_CTX *cfb_ctx = (EVP_CFB_CTX *)ctx->cipher_data;
int num = ctx->num;
AES_cfb8_encrypt(in, out, len, &cfb_ctx->ks, ctx->iv, &num,
ctx->encrypt ? AES_ENCRYPT : AES_DECRYPT);
ctx->num = num;
return 1;
}
static int aes_cfb128_cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
const uint8_t *in, size_t len) {
if (!out || !in) {
return 0;
}
EVP_CFB_CTX *cfb_ctx = (EVP_CFB_CTX *)ctx->cipher_data;
int num = ctx->num;
AES_cfb128_encrypt(in, out, len, &cfb_ctx->ks, ctx->iv, &num,
ctx->encrypt ? AES_ENCRYPT : AES_DECRYPT);
ctx->num = num;
return 1;
}
static const EVP_CIPHER aes_128_cfb1 = {
NID_aes_128_cfb1, 1 /* block_size */, 16 /* key_size */,
16 /* iv_len */, sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE,
aes_cfb_init_key, aes_cfb1_cipher, NULL /* cleanup */,
NULL /* ctrl */,
};
static const EVP_CIPHER aes_128_cfb8 = {
NID_aes_128_cfb8, 1 /* block_size */, 16 /* key_size */,
16 /* iv_len */, sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE,
aes_cfb_init_key, aes_cfb8_cipher, NULL /* cleanup */,
NULL /* ctrl */,
};
static const EVP_CIPHER aes_128_cfb128 = {
NID_aes_128_cfb128, 1 /* block_size */, 16 /* key_size */,
16 /* iv_len */, sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE,
aes_cfb_init_key, aes_cfb128_cipher, NULL /* cleanup */,
NULL /* ctrl */,
};
static const EVP_CIPHER aes_192_cfb1 = {
NID_aes_192_cfb1, 1 /* block_size */, 24 /* key_size */,
16 /* iv_len */, sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE,
aes_cfb_init_key, aes_cfb1_cipher, NULL /* cleanup */,
NULL /* ctrl */,
};
static const EVP_CIPHER aes_192_cfb8 = {
NID_aes_192_cfb8, 1 /* block_size */, 24 /* key_size */,
16 /* iv_len */, sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE,
aes_cfb_init_key, aes_cfb8_cipher, NULL /* cleanup */,
NULL /* ctrl */,
};
static const EVP_CIPHER aes_192_cfb128 = {
NID_aes_192_cfb128, 1 /* block_size */, 24 /* key_size */,
16 /* iv_len */, sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE,
aes_cfb_init_key, aes_cfb128_cipher, NULL /* cleanup */,
NULL /* ctrl */,
};
static const EVP_CIPHER aes_256_cfb1 = {
NID_aes_256_cfb1, 1 /* block_size */, 32 /* key_size */,
16 /* iv_len */, sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE,
aes_cfb_init_key, aes_cfb1_cipher, NULL /* cleanup */,
NULL /* ctrl */,
};
static const EVP_CIPHER aes_256_cfb8 = {
NID_aes_256_cfb8, 1 /* block_size */, 32 /* key_size */,
16 /* iv_len */, sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE,
aes_cfb_init_key, aes_cfb8_cipher, NULL /* cleanup */,
NULL /* ctrl */,
};
static const EVP_CIPHER aes_256_cfb128 = {
NID_aes_256_cfb128, 1 /* block_size */, 32 /* key_size */,
16 /* iv_len */, sizeof(EVP_CFB_CTX), EVP_CIPH_CFB_MODE,
aes_cfb_init_key, aes_cfb128_cipher, NULL /* cleanup */,
NULL /* ctrl */,
};
const EVP_CIPHER *EVP_aes_128_cfb1(void) { return &aes_128_cfb1; }
const EVP_CIPHER *EVP_aes_128_cfb8(void) { return &aes_128_cfb8; }
const EVP_CIPHER *EVP_aes_128_cfb128(void) { return &aes_128_cfb128; }
const EVP_CIPHER *EVP_aes_128_cfb(void) { return &aes_128_cfb128; }
const EVP_CIPHER *EVP_aes_192_cfb1(void) { return &aes_192_cfb1; }
const EVP_CIPHER *EVP_aes_192_cfb8(void) { return &aes_192_cfb8; }
const EVP_CIPHER *EVP_aes_192_cfb128(void) { return &aes_192_cfb128; }
const EVP_CIPHER *EVP_aes_192_cfb(void) { return &aes_192_cfb128; }
const EVP_CIPHER *EVP_aes_256_cfb1(void) { return &aes_256_cfb1; }
const EVP_CIPHER *EVP_aes_256_cfb8(void) { return &aes_256_cfb8; }
const EVP_CIPHER *EVP_aes_256_cfb128(void) { return &aes_256_cfb128; }
const EVP_CIPHER *EVP_aes_256_cfb(void) { return &aes_256_cfb128; }

181
vendor/aws-lc-sys/aws-lc/crypto/decrepit/cfb/cfb_test.cc vendored Normal file
View File

@@ -0,0 +1,181 @@
// Copyright (c) 2017, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/cipher.h>
#include <gtest/gtest.h>
#include "../../internal.h"
#include "../../test/test_util.h"
struct CFBTestCase {
const EVP_CIPHER *evp_cipher;
uint8_t key[32];
uint8_t iv[16];
std::vector<uint8_t> plaintext;
std::vector<uint8_t> ciphertext;
};
static const CFBTestCase kCFBTestCases[] = {
// CFB1
{
// This is the test case from
// http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf,
// section F.3.1, for CFB1-AES128
EVP_aes_128_cfb1(),
{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c},
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
{0x6b, 0xc1},
{0x68, 0xb3},
},
{
// This is the test case from
// http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf,
// section F.3.3, CFB1-AES192
EVP_aes_192_cfb1(),
{0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b},
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
{0x6b, 0xc1},
{0x93, 0x59},
},
{
// This is the test case from
// http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf,
// section F.3.5, CFB1-AES256
EVP_aes_256_cfb1(),
{0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4},
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
{0x6b, 0xc1},
{0x90, 0x29},
},
// CFB8
{
// This is the test case from
// http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf,
// section F.3.7, for CFB8-AES128
EVP_aes_128_cfb8(),
{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c},
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d},
{0x3b, 0x79, 0x42, 0x4c, 0x9c, 0x0d, 0xd4, 0x36, 0xba, 0xce, 0x9e, 0x0e, 0xd4, 0x58, 0x6a, 0x4f, 0x32, 0xb9},
},
{
// This is the test case from
// http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf,
// section F.3.9, CFB8-AES192
EVP_aes_192_cfb8(),
{0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b},
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d},
{0xcd, 0xa2, 0x52, 0x1e, 0xf0, 0xa9, 0x05, 0xca, 0x44, 0xcd, 0x05, 0x7c, 0xbf, 0x0d, 0x47, 0xa0, 0x67, 0x8a},
},
{
// This is the test case from
// http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf,
// section F.3.11, CFB8-AES256
EVP_aes_256_cfb8(),
{0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4},
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a, 0xae, 0x2d},
{0xdc, 0x1f, 0x1a, 0x85, 0x20, 0xa6, 0x4d, 0xb5, 0x5f, 0xcc, 0x8a, 0xc5, 0x54, 0x84, 0x4e, 0x88, 0x97, 0x00},
},
// CFB/CFB128
{
// This is the test case from
// http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf,
// section F.3.13, for CFB128-AES128
EVP_aes_128_cfb128(),
{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c},
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10},
{0x3b, 0x3f, 0xd9, 0x2e, 0xb7, 0x2d, 0xad, 0x20, 0x33, 0x34, 0x49, 0xf8, 0xe8, 0x3c, 0xfb, 0x4a,
0xc8, 0xa6, 0x45, 0x37, 0xa0, 0xb3, 0xa9, 0x3f, 0xcd, 0xe3, 0xcd, 0xad, 0x9f, 0x1c, 0xe5, 0x8b,
0x26, 0x75, 0x1f, 0x67, 0xa3, 0xcb, 0xb1, 0x40, 0xb1, 0x80, 0x8c, 0xf1, 0x87, 0xa4, 0xf4, 0xdf,
0xc0, 0x4b, 0x05, 0x35, 0x7c, 0x5d, 0x1c, 0x0e, 0xea, 0xc4, 0xc6, 0x6f, 0x9f, 0xf7, 0xf2, 0xe6},
},
{
// This is the test case from
// http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf,
// section F.3.15, CFB128-AES192
EVP_aes_192_cfb128(),
{0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52, 0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b},
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10},
{0xcd, 0xc8, 0x0d, 0x6f, 0xdd, 0xf1, 0x8c, 0xab, 0x34, 0xc2, 0x59, 0x09, 0xc9, 0x9a, 0x41, 0x74,
0x67, 0xce, 0x7f, 0x7f, 0x81, 0x17, 0x36, 0x21, 0x96, 0x1a, 0x2b, 0x70, 0x17, 0x1d, 0x3d, 0x7a,
0x2e, 0x1e, 0x8a, 0x1d, 0xd5, 0x9b, 0x88, 0xb1, 0xc8, 0xe6, 0x0f, 0xed, 0x1e, 0xfa, 0xc4, 0xc9,
0xc0, 0x5f, 0x9f, 0x9c, 0xa9, 0x83, 0x4f, 0xa0, 0x42, 0xae, 0x8f, 0xba, 0x58, 0x4b, 0x09, 0xff},
},
{
// This is the test case from
// http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf,
// section F.3.17, CFB128-AES256
EVP_aes_256_cfb128(),
{0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4},
{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f},
{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,
0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10},
{0xdc, 0x7e, 0x84, 0xbf, 0xda, 0x79, 0x16, 0x4b, 0x7e, 0xcd, 0x84, 0x86, 0x98, 0x5d, 0x38, 0x60,
0x39, 0xff, 0xed, 0x14, 0x3b, 0x28, 0xb1, 0xc8, 0x32, 0x11, 0x3c, 0x63, 0x31, 0xe5, 0x40, 0x7b,
0xdf, 0x10, 0x13, 0x24, 0x15, 0xe5, 0x4b, 0x92, 0xa1, 0x3e, 0xd0, 0xa8, 0x26, 0x7a, 0xe2, 0xf9,
0x75, 0xa3, 0x85, 0x74, 0x1a, 0xb9, 0xce, 0xf8, 0x20, 0x31, 0x62, 0x3d, 0x55, 0xb1, 0xe4, 0x71},
},
};
TEST(CFBTest, TestVectors) {
unsigned test_num = 0;
for (const auto &test : kCFBTestCases) {
test_num++;
SCOPED_TRACE(test_num);
const size_t input_len = test.plaintext.size();
const EVP_CIPHER *evp_cipher = test.evp_cipher;
std::unique_ptr<uint8_t[]> out(new uint8_t[input_len]);
for (size_t stride = 1; stride <= input_len; stride++) {
bssl::ScopedEVP_CIPHER_CTX ctx;
ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), evp_cipher, nullptr, test.key, test.iv));
size_t done = 0;
while (done < input_len) {
size_t todo = stride;
if (todo > input_len - done) {
todo = input_len - done;
}
int out_bytes;
ASSERT_TRUE(EVP_EncryptUpdate(ctx.get(), out.get() + done, &out_bytes,
test.plaintext.data() + done, todo));
ASSERT_EQ(static_cast<size_t>(out_bytes), todo);
done += todo;
}
EXPECT_EQ(Bytes(test.ciphertext), Bytes(out.get(), input_len));
}
bssl::ScopedEVP_CIPHER_CTX decrypt_ctx;
ASSERT_TRUE(EVP_DecryptInit_ex(decrypt_ctx.get(), evp_cipher, nullptr, test.key, test.iv));
std::unique_ptr<uint8_t[]> plaintext(new uint8_t[input_len]);
int num_bytes;
ASSERT_TRUE(EVP_DecryptUpdate(decrypt_ctx.get(), plaintext.get(),
&num_bytes, out.get(), input_len));
EXPECT_EQ(static_cast<size_t>(num_bytes), input_len);
EXPECT_EQ(Bytes(test.plaintext), Bytes(plaintext.get(), input_len));
}
}

54
vendor/aws-lc-sys/aws-lc/crypto/decrepit/dh/dh_decrepit.c vendored Normal file
View File

@@ -0,0 +1,54 @@
// Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#include <openssl/bn.h>
#include <openssl/dh.h>
struct wrapped_callback {
void (*callback)(int, int, void *);
void *arg;
};
// callback_wrapper converts an “old” style generation callback to the newer
// |BN_GENCB| form.
static int callback_wrapper(int event, int n, BN_GENCB *gencb) {
struct wrapped_callback *wrapped = (struct wrapped_callback *) gencb->arg;
wrapped->callback(event, n, wrapped->arg);
return 1;
}
DH *DH_generate_parameters(int prime_len, int generator,
void (*callback)(int, int, void *), void *cb_arg) {
if (prime_len < 0 || generator < 0) {
return NULL;
}
DH *ret = DH_new();
if (ret == NULL) {
return NULL;
}
BN_GENCB gencb_storage;
BN_GENCB *cb = NULL;
struct wrapped_callback wrapped;
if (callback != NULL) {
wrapped.callback = callback;
wrapped.arg = cb_arg;
cb = &gencb_storage;
BN_GENCB_set(cb, callback_wrapper, &wrapped);
}
if (!DH_generate_parameters_ex(ret, prime_len, generator, cb)) {
goto err;
}
return ret;
err:
DH_free(ret);
return NULL;
}

97
vendor/aws-lc-sys/aws-lc/crypto/decrepit/evp/evp_do_all.c vendored Normal file
View File

@@ -0,0 +1,97 @@
// Copyright (c) 2016, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/evp.h>
void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
const char *name,
const char *unused, void *arg),
void *arg) {
callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg);
callback(EVP_aes_192_cbc(), "AES-192-CBC", NULL, arg);
callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg);
callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg);
callback(EVP_aes_192_ctr(), "AES-192-CTR", NULL, arg);
callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg);
callback(EVP_aes_128_ecb(), "AES-128-ECB", NULL, arg);
callback(EVP_aes_192_ecb(), "AES-192-ECB", NULL, arg);
callback(EVP_aes_256_ecb(), "AES-256-ECB", NULL, arg);
callback(EVP_aes_128_ofb(), "AES-128-OFB", NULL, arg);
callback(EVP_aes_192_ofb(), "AES-192-OFB", NULL, arg);
callback(EVP_aes_256_ofb(), "AES-256-OFB", NULL, arg);
callback(EVP_aes_128_gcm(), "AES-128-GCM", NULL, arg);
callback(EVP_aes_192_gcm(), "AES-192-GCM", NULL, arg);
callback(EVP_aes_256_gcm(), "AES-256-GCM", NULL, arg);
callback(EVP_des_cbc(), "DES-CBC", NULL, arg);
callback(EVP_des_ecb(), "DES-ECB", NULL, arg);
callback(EVP_des_ede(), "DES-EDE", NULL, arg);
callback(EVP_des_ede_cbc(), "DES-EDE-CBC", NULL, arg);
callback(EVP_des_ede3_cbc(), "DES-EDE3-CBC", NULL, arg);
callback(EVP_rc2_cbc(), "RC2-CBC", NULL, arg);
callback(EVP_rc4(), "RC4", NULL, arg);
callback(EVP_chacha20_poly1305(), "CHACHA20-POLY1305", NULL, arg);
// OpenSSL returns everything twice, the second time in lower case.
callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg);
callback(EVP_aes_192_cbc(), "aes-192-cbc", NULL, arg);
callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg);
callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg);
callback(EVP_aes_192_ctr(), "aes-192-ctr", NULL, arg);
callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg);
callback(EVP_aes_128_ecb(), "aes-128-ecb", NULL, arg);
callback(EVP_aes_192_ecb(), "aes-192-ecb", NULL, arg);
callback(EVP_aes_256_ecb(), "aes-256-ecb", NULL, arg);
callback(EVP_aes_128_ofb(), "aes-128-ofb", NULL, arg);
callback(EVP_aes_192_ofb(), "aes-192-ofb", NULL, arg);
callback(EVP_aes_256_ofb(), "aes-256-ofb", NULL, arg);
callback(EVP_aes_128_gcm(), "aes-128-gcm", NULL, arg);
callback(EVP_aes_192_gcm(), "aes-192-gcm", NULL, arg);
callback(EVP_aes_256_gcm(), "aes-256-gcm", NULL, arg);
callback(EVP_des_cbc(), "des-cbc", NULL, arg);
callback(EVP_des_ecb(), "des-ecb", NULL, arg);
callback(EVP_des_ede(), "des-ede", NULL, arg);
callback(EVP_des_ede_cbc(), "des-ede-cbc", NULL, arg);
callback(EVP_des_ede3_cbc(), "des-ede3-cbc", NULL, arg);
callback(EVP_rc2_cbc(), "rc2-cbc", NULL, arg);
callback(EVP_rc4(), "rc4", NULL, arg);
callback(EVP_chacha20_poly1305(), "chacha20-poly1305", NULL, arg);
// Other possible historical aliases from OpenSSL.
callback(EVP_aes_128_cbc(), "aes128", NULL, arg);
callback(EVP_aes_256_cbc(), "aes256", NULL, arg);
}
void EVP_MD_do_all_sorted(void (*callback)(const EVP_MD *cipher,
const char *name, const char *unused,
void *arg),
void *arg) {
callback(EVP_md4(), "MD4", NULL, arg);
callback(EVP_md5(), "MD5", NULL, arg);
callback(EVP_ripemd160(), "RIPEMD160", NULL, arg);
callback(EVP_sha1(), "SHA1", NULL, arg);
callback(EVP_sha224(), "SHA224", NULL, arg);
callback(EVP_sha256(), "SHA256", NULL, arg);
callback(EVP_sha384(), "SHA384", NULL, arg);
callback(EVP_sha512(), "SHA512", NULL, arg);
callback(EVP_sha512_224(), "SHA512-224", NULL, arg);
callback(EVP_sha512_256(), "SHA512-256", NULL, arg);
callback(EVP_md4(), "md4", NULL, arg);
callback(EVP_md5(), "md5", NULL, arg);
callback(EVP_ripemd160(), "ripemd160", NULL, arg);
callback(EVP_sha1(), "sha1", NULL, arg);
callback(EVP_sha224(), "sha224", NULL, arg);
callback(EVP_sha256(), "sha256", NULL, arg);
callback(EVP_sha384(), "sha384", NULL, arg);
callback(EVP_sha512(), "sha512", NULL, arg);
callback(EVP_sha512_224(), "sha512-224", NULL, arg);
callback(EVP_sha512_256(), "sha512-256", NULL, arg);
}
void EVP_MD_do_all(void (*callback)(const EVP_MD *cipher,
const char *name, const char *unused,
void *arg),
void *arg) {
EVP_MD_do_all_sorted(callback, arg);
}

34
vendor/aws-lc-sys/aws-lc/crypto/decrepit/evp/evp_test.cc vendored Normal file
View File

@@ -0,0 +1,34 @@
// Copyright (c) 2021, Google Inc.
// SPDX-License-Identifier: ISC
#include <gtest/gtest.h>
#include <openssl/cipher.h>
#include <openssl/digest.h>
#include <openssl/evp.h>
// Node.js assumes every cipher in |EVP_CIPHER_do_all_sorted| is accessible via
// |EVP_get_cipherby*|.
TEST(EVPTest, CipherDoAll) {
EVP_CIPHER_do_all_sorted(
[](const EVP_CIPHER *cipher, const char *name, const char *unused,
void *arg) {
SCOPED_TRACE(name);
EXPECT_EQ(cipher, EVP_get_cipherbyname(name));
EXPECT_EQ(cipher, EVP_get_cipherbynid(EVP_CIPHER_nid(cipher)));
},
nullptr);
}
// Node.js assumes every digest in |EVP_MD_do_all_sorted| is accessible via
// |EVP_get_digestby*|.
TEST(EVPTest, MDDoAll) {
EVP_MD_do_all_sorted(
[](const EVP_MD *md, const char *name, const char *unused, void *arg) {
SCOPED_TRACE(name);
EXPECT_EQ(md, EVP_get_digestbyname(name));
EXPECT_EQ(md, EVP_get_digestbynid(EVP_MD_nid(md)));
},
nullptr);
}

84
vendor/aws-lc-sys/aws-lc/crypto/decrepit/macros.h vendored Normal file
View File

@@ -0,0 +1,84 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#ifndef OPENSSL_HEADER_DECREPIT_MACROS_H
#define OPENSSL_HEADER_DECREPIT_MACROS_H
#include "../crypto/internal.h"
// NOTE - c is not incremented as per n2l
#define n2ln(c, l1, l2, n) \
{ \
c += n; \
l1 = l2 = 0; \
switch (n) { \
case 8: \
l2 = ((uint32_t)(*(--(c)))); \
OPENSSL_FALLTHROUGH; \
case 7: \
l2 |= ((uint32_t)(*(--(c)))) << 8; \
OPENSSL_FALLTHROUGH; \
case 6: \
l2 |= ((uint32_t)(*(--(c)))) << 16; \
OPENSSL_FALLTHROUGH; \
case 5: \
l2 |= ((uint32_t)(*(--(c)))) << 24; \
OPENSSL_FALLTHROUGH; \
case 4: \
l1 = ((uint32_t)(*(--(c)))); \
OPENSSL_FALLTHROUGH; \
case 3: \
l1 |= ((uint32_t)(*(--(c)))) << 8; \
OPENSSL_FALLTHROUGH; \
case 2: \
l1 |= ((uint32_t)(*(--(c)))) << 16; \
OPENSSL_FALLTHROUGH; \
case 1: \
l1 |= ((uint32_t)(*(--(c)))) << 24; \
} \
}
// NOTE - c is not incremented as per l2n
#define l2nn(l1, l2, c, n) \
{ \
c += n; \
switch (n) { \
case 8: \
*(--(c)) = (unsigned char)(((l2)) & 0xff); \
OPENSSL_FALLTHROUGH; \
case 7: \
*(--(c)) = (unsigned char)(((l2) >> 8) & 0xff); \
OPENSSL_FALLTHROUGH; \
case 6: \
*(--(c)) = (unsigned char)(((l2) >> 16) & 0xff); \
OPENSSL_FALLTHROUGH; \
case 5: \
*(--(c)) = (unsigned char)(((l2) >> 24) & 0xff); \
OPENSSL_FALLTHROUGH; \
case 4: \
*(--(c)) = (unsigned char)(((l1)) & 0xff); \
OPENSSL_FALLTHROUGH; \
case 3: \
*(--(c)) = (unsigned char)(((l1) >> 8) & 0xff); \
OPENSSL_FALLTHROUGH; \
case 2: \
*(--(c)) = (unsigned char)(((l1) >> 16) & 0xff); \
OPENSSL_FALLTHROUGH; \
case 1: \
*(--(c)) = (unsigned char)(((l1) >> 24) & 0xff); \
} \
}
#define l2n(l, c) \
(*((c)++) = (unsigned char)(((l) >> 24L) & 0xff), \
*((c)++) = (unsigned char)(((l) >> 16L) & 0xff), \
*((c)++) = (unsigned char)(((l) >> 8L) & 0xff), \
*((c)++) = (unsigned char)(((l)) & 0xff))
#define n2l(c, l) \
(l = ((uint32_t)(*((c)++))) << 24L, l |= ((uint32_t)(*((c)++))) << 16L, \
l |= ((uint32_t)(*((c)++))) << 8L, l |= ((uint32_t)(*((c)++))))
#endif // OPENSSL_HEADER_DECREPIT_MACROS_H

59
vendor/aws-lc-sys/aws-lc/crypto/decrepit/obj/obj_decrepit.c vendored Normal file
View File

@@ -0,0 +1,59 @@
// Copyright (c) 2016, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/obj.h>
#include <assert.h>
#include <string.h>
#include <openssl/evp.h>
#include "../../internal.h"
struct wrapped_callback {
void (*callback)(const OBJ_NAME *, void *arg);
void *arg;
};
static void cipher_callback(const EVP_CIPHER *cipher, const char *name,
const char *unused, void *arg) {
const struct wrapped_callback *wrapped = (struct wrapped_callback *)arg;
OBJ_NAME obj_name;
OPENSSL_memset(&obj_name, 0, sizeof(obj_name));
obj_name.type = OBJ_NAME_TYPE_CIPHER_METH;
obj_name.name = name;
obj_name.data = (const char *)cipher;
wrapped->callback(&obj_name, wrapped->arg);
}
static void md_callback(const EVP_MD *md, const char *name, const char *unused,
void *arg) {
const struct wrapped_callback *wrapped = (struct wrapped_callback*) arg;
OBJ_NAME obj_name;
OPENSSL_memset(&obj_name, 0, sizeof(obj_name));
obj_name.type = OBJ_NAME_TYPE_MD_METH;
obj_name.name = name;
obj_name.data = (const char *)md;
wrapped->callback(&obj_name, wrapped->arg);
}
void OBJ_NAME_do_all_sorted(int type,
void (*callback)(const OBJ_NAME *, void *arg),
void *arg) {
struct wrapped_callback wrapped;
wrapped.callback = callback;
wrapped.arg = arg;
if (type == OBJ_NAME_TYPE_CIPHER_METH) {
EVP_CIPHER_do_all_sorted(cipher_callback, &wrapped);
} else if (type == OBJ_NAME_TYPE_MD_METH) {
EVP_MD_do_all_sorted(md_callback, &wrapped);
} else {
assert(0);
}
}

685
vendor/aws-lc-sys/aws-lc/crypto/decrepit/ripemd/ripemd.c vendored Normal file
View File

@@ -0,0 +1,685 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#include <openssl/ripemd.h>
#include <string.h>
#include "../../internal.h"
#include "../../fipsmodule/digest/md32_common.h"
#define RIPEMD160_A 0x67452301L
#define RIPEMD160_B 0xEFCDAB89L
#define RIPEMD160_C 0x98BADCFEL
#define RIPEMD160_D 0x10325476L
#define RIPEMD160_E 0xC3D2E1F0L
int RIPEMD160_Init(RIPEMD160_CTX *ctx) {
OPENSSL_memset(ctx, 0, sizeof(*ctx));
ctx->h[0] = RIPEMD160_A;
ctx->h[1] = RIPEMD160_B;
ctx->h[2] = RIPEMD160_C;
ctx->h[3] = RIPEMD160_D;
ctx->h[4] = RIPEMD160_E;
return 1;
}
static void ripemd160_block_data_order(uint32_t h[5], const uint8_t *data,
size_t num);
int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len) {
crypto_md32_update(&ripemd160_block_data_order, c->h, c->data,
RIPEMD160_CBLOCK, &c->num, &c->Nh, &c->Nl, data, len);
return 1;
}
int RIPEMD160_Final(uint8_t out[RIPEMD160_DIGEST_LENGTH], RIPEMD160_CTX *c) {
crypto_md32_final(&ripemd160_block_data_order, c->h, c->data,
RIPEMD160_CBLOCK, &c->num, c->Nh, c->Nl,
/*is_big_endian=*/0);
CRYPTO_store_u32_le(out, c->h[0]);
CRYPTO_store_u32_le(out + 4, c->h[1]);
CRYPTO_store_u32_le(out + 8, c->h[2]);
CRYPTO_store_u32_le(out + 12, c->h[3]);
CRYPTO_store_u32_le(out + 16, c->h[4]);
return 1;
}
// Transformed F2 and F4 are courtesy of Wei Dai <weidai@eskimo.com>
#define F1(x, y, z) ((x) ^ (y) ^ (z))
#define F2(x, y, z) ((((y) ^ (z)) & (x)) ^ (z))
#define F3(x, y, z) (((~(y)) | (x)) ^ (z))
#define F4(x, y, z) ((((x) ^ (y)) & (z)) ^ (y))
#define F5(x, y, z) (((~(z)) | (y)) ^ (x))
#define RIP1(a, b, c, d, e, w, s) \
{ \
a += F1(b, c, d) + X(w); \
a = CRYPTO_rotl_u32(a, s) + e; \
c = CRYPTO_rotl_u32(c, 10); \
}
#define RIP2(a, b, c, d, e, w, s, K) \
{ \
a += F2(b, c, d) + X(w) + K; \
a = CRYPTO_rotl_u32(a, s) + e; \
c = CRYPTO_rotl_u32(c, 10); \
}
#define RIP3(a, b, c, d, e, w, s, K) \
{ \
a += F3(b, c, d) + X(w) + K; \
a = CRYPTO_rotl_u32(a, s) + e; \
c = CRYPTO_rotl_u32(c, 10); \
}
#define RIP4(a, b, c, d, e, w, s, K) \
{ \
a += F4(b, c, d) + X(w) + K; \
a = CRYPTO_rotl_u32(a, s) + e; \
c = CRYPTO_rotl_u32(c, 10); \
}
#define RIP5(a, b, c, d, e, w, s, K) \
{ \
a += F5(b, c, d) + X(w) + K; \
a = CRYPTO_rotl_u32(a, s) + e; \
c = CRYPTO_rotl_u32(c, 10); \
}
#define KL0 0x00000000L
#define KL1 0x5A827999L
#define KL2 0x6ED9EBA1L
#define KL3 0x8F1BBCDCL
#define KL4 0xA953FD4EL
#define KR0 0x50A28BE6L
#define KR1 0x5C4DD124L
#define KR2 0x6D703EF3L
#define KR3 0x7A6D76E9L
#define KR4 0x00000000L
#define WL00 0
#define SL00 11
#define WL01 1
#define SL01 14
#define WL02 2
#define SL02 15
#define WL03 3
#define SL03 12
#define WL04 4
#define SL04 5
#define WL05 5
#define SL05 8
#define WL06 6
#define SL06 7
#define WL07 7
#define SL07 9
#define WL08 8
#define SL08 11
#define WL09 9
#define SL09 13
#define WL10 10
#define SL10 14
#define WL11 11
#define SL11 15
#define WL12 12
#define SL12 6
#define WL13 13
#define SL13 7
#define WL14 14
#define SL14 9
#define WL15 15
#define SL15 8
#define WL16 7
#define SL16 7
#define WL17 4
#define SL17 6
#define WL18 13
#define SL18 8
#define WL19 1
#define SL19 13
#define WL20 10
#define SL20 11
#define WL21 6
#define SL21 9
#define WL22 15
#define SL22 7
#define WL23 3
#define SL23 15
#define WL24 12
#define SL24 7
#define WL25 0
#define SL25 12
#define WL26 9
#define SL26 15
#define WL27 5
#define SL27 9
#define WL28 2
#define SL28 11
#define WL29 14
#define SL29 7
#define WL30 11
#define SL30 13
#define WL31 8
#define SL31 12
#define WL32 3
#define SL32 11
#define WL33 10
#define SL33 13
#define WL34 14
#define SL34 6
#define WL35 4
#define SL35 7
#define WL36 9
#define SL36 14
#define WL37 15
#define SL37 9
#define WL38 8
#define SL38 13
#define WL39 1
#define SL39 15
#define WL40 2
#define SL40 14
#define WL41 7
#define SL41 8
#define WL42 0
#define SL42 13
#define WL43 6
#define SL43 6
#define WL44 13
#define SL44 5
#define WL45 11
#define SL45 12
#define WL46 5
#define SL46 7
#define WL47 12
#define SL47 5
#define WL48 1
#define SL48 11
#define WL49 9
#define SL49 12
#define WL50 11
#define SL50 14
#define WL51 10
#define SL51 15
#define WL52 0
#define SL52 14
#define WL53 8
#define SL53 15
#define WL54 12
#define SL54 9
#define WL55 4
#define SL55 8
#define WL56 13
#define SL56 9
#define WL57 3
#define SL57 14
#define WL58 7
#define SL58 5
#define WL59 15
#define SL59 6
#define WL60 14
#define SL60 8
#define WL61 5
#define SL61 6
#define WL62 6
#define SL62 5
#define WL63 2
#define SL63 12
#define WL64 4
#define SL64 9
#define WL65 0
#define SL65 15
#define WL66 5
#define SL66 5
#define WL67 9
#define SL67 11
#define WL68 7
#define SL68 6
#define WL69 12
#define SL69 8
#define WL70 2
#define SL70 13
#define WL71 10
#define SL71 12
#define WL72 14
#define SL72 5
#define WL73 1
#define SL73 12
#define WL74 3
#define SL74 13
#define WL75 8
#define SL75 14
#define WL76 11
#define SL76 11
#define WL77 6
#define SL77 8
#define WL78 15
#define SL78 5
#define WL79 13
#define SL79 6
#define WR00 5
#define SR00 8
#define WR01 14
#define SR01 9
#define WR02 7
#define SR02 9
#define WR03 0
#define SR03 11
#define WR04 9
#define SR04 13
#define WR05 2
#define SR05 15
#define WR06 11
#define SR06 15
#define WR07 4
#define SR07 5
#define WR08 13
#define SR08 7
#define WR09 6
#define SR09 7
#define WR10 15
#define SR10 8
#define WR11 8
#define SR11 11
#define WR12 1
#define SR12 14
#define WR13 10
#define SR13 14
#define WR14 3
#define SR14 12
#define WR15 12
#define SR15 6
#define WR16 6
#define SR16 9
#define WR17 11
#define SR17 13
#define WR18 3
#define SR18 15
#define WR19 7
#define SR19 7
#define WR20 0
#define SR20 12
#define WR21 13
#define SR21 8
#define WR22 5
#define SR22 9
#define WR23 10
#define SR23 11
#define WR24 14
#define SR24 7
#define WR25 15
#define SR25 7
#define WR26 8
#define SR26 12
#define WR27 12
#define SR27 7
#define WR28 4
#define SR28 6
#define WR29 9
#define SR29 15
#define WR30 1
#define SR30 13
#define WR31 2
#define SR31 11
#define WR32 15
#define SR32 9
#define WR33 5
#define SR33 7
#define WR34 1
#define SR34 15
#define WR35 3
#define SR35 11
#define WR36 7
#define SR36 8
#define WR37 14
#define SR37 6
#define WR38 6
#define SR38 6
#define WR39 9
#define SR39 14
#define WR40 11
#define SR40 12
#define WR41 8
#define SR41 13
#define WR42 12
#define SR42 5
#define WR43 2
#define SR43 14
#define WR44 10
#define SR44 13
#define WR45 0
#define SR45 13
#define WR46 4
#define SR46 7
#define WR47 13
#define SR47 5
#define WR48 8
#define SR48 15
#define WR49 6
#define SR49 5
#define WR50 4
#define SR50 8
#define WR51 1
#define SR51 11
#define WR52 3
#define SR52 14
#define WR53 11
#define SR53 14
#define WR54 15
#define SR54 6
#define WR55 0
#define SR55 14
#define WR56 5
#define SR56 6
#define WR57 12
#define SR57 9
#define WR58 2
#define SR58 12
#define WR59 13
#define SR59 9
#define WR60 9
#define SR60 12
#define WR61 7
#define SR61 5
#define WR62 10
#define SR62 15
#define WR63 14
#define SR63 8
#define WR64 12
#define SR64 8
#define WR65 15
#define SR65 5
#define WR66 10
#define SR66 12
#define WR67 4
#define SR67 9
#define WR68 1
#define SR68 12
#define WR69 5
#define SR69 5
#define WR70 8
#define SR70 14
#define WR71 7
#define SR71 6
#define WR72 6
#define SR72 8
#define WR73 2
#define SR73 13
#define WR74 13
#define SR74 6
#define WR75 14
#define SR75 5
#define WR76 0
#define SR76 15
#define WR77 3
#define SR77 13
#define WR78 9
#define SR78 11
#define WR79 11
#define SR79 11
static void ripemd160_block_data_order(uint32_t h[5], const uint8_t *data,
size_t num) {
uint32_t A, B, C, D, E;
uint32_t a, b, c, d, e;
uint32_t XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, XX8, XX9, XX10, XX11, XX12,
XX13, XX14, XX15;
#define X(i) XX##i
for (; num--;) {
A = h[0];
B = h[1];
C = h[2];
D = h[3];
E = h[4];
X(0) = CRYPTO_load_u32_le(data);
data += 4;
X(1) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(A, B, C, D, E, WL00, SL00);
X(2) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(E, A, B, C, D, WL01, SL01);
X(3) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(D, E, A, B, C, WL02, SL02);
X(4) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(C, D, E, A, B, WL03, SL03);
X(5) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(B, C, D, E, A, WL04, SL04);
X(6) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(A, B, C, D, E, WL05, SL05);
X(7) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(E, A, B, C, D, WL06, SL06);
X(8) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(D, E, A, B, C, WL07, SL07);
X(9) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(C, D, E, A, B, WL08, SL08);
X(10) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(B, C, D, E, A, WL09, SL09);
X(11) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(A, B, C, D, E, WL10, SL10);
X(12) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(E, A, B, C, D, WL11, SL11);
X(13) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(D, E, A, B, C, WL12, SL12);
X(14) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(C, D, E, A, B, WL13, SL13);
X(15) = CRYPTO_load_u32_le(data);
data += 4;
RIP1(B, C, D, E, A, WL14, SL14);
RIP1(A, B, C, D, E, WL15, SL15);
RIP2(E, A, B, C, D, WL16, SL16, KL1);
RIP2(D, E, A, B, C, WL17, SL17, KL1);
RIP2(C, D, E, A, B, WL18, SL18, KL1);
RIP2(B, C, D, E, A, WL19, SL19, KL1);
RIP2(A, B, C, D, E, WL20, SL20, KL1);
RIP2(E, A, B, C, D, WL21, SL21, KL1);
RIP2(D, E, A, B, C, WL22, SL22, KL1);
RIP2(C, D, E, A, B, WL23, SL23, KL1);
RIP2(B, C, D, E, A, WL24, SL24, KL1);
RIP2(A, B, C, D, E, WL25, SL25, KL1);
RIP2(E, A, B, C, D, WL26, SL26, KL1);
RIP2(D, E, A, B, C, WL27, SL27, KL1);
RIP2(C, D, E, A, B, WL28, SL28, KL1);
RIP2(B, C, D, E, A, WL29, SL29, KL1);
RIP2(A, B, C, D, E, WL30, SL30, KL1);
RIP2(E, A, B, C, D, WL31, SL31, KL1);
RIP3(D, E, A, B, C, WL32, SL32, KL2);
RIP3(C, D, E, A, B, WL33, SL33, KL2);
RIP3(B, C, D, E, A, WL34, SL34, KL2);
RIP3(A, B, C, D, E, WL35, SL35, KL2);
RIP3(E, A, B, C, D, WL36, SL36, KL2);
RIP3(D, E, A, B, C, WL37, SL37, KL2);
RIP3(C, D, E, A, B, WL38, SL38, KL2);
RIP3(B, C, D, E, A, WL39, SL39, KL2);
RIP3(A, B, C, D, E, WL40, SL40, KL2);
RIP3(E, A, B, C, D, WL41, SL41, KL2);
RIP3(D, E, A, B, C, WL42, SL42, KL2);
RIP3(C, D, E, A, B, WL43, SL43, KL2);
RIP3(B, C, D, E, A, WL44, SL44, KL2);
RIP3(A, B, C, D, E, WL45, SL45, KL2);
RIP3(E, A, B, C, D, WL46, SL46, KL2);
RIP3(D, E, A, B, C, WL47, SL47, KL2);
RIP4(C, D, E, A, B, WL48, SL48, KL3);
RIP4(B, C, D, E, A, WL49, SL49, KL3);
RIP4(A, B, C, D, E, WL50, SL50, KL3);
RIP4(E, A, B, C, D, WL51, SL51, KL3);
RIP4(D, E, A, B, C, WL52, SL52, KL3);
RIP4(C, D, E, A, B, WL53, SL53, KL3);
RIP4(B, C, D, E, A, WL54, SL54, KL3);
RIP4(A, B, C, D, E, WL55, SL55, KL3);
RIP4(E, A, B, C, D, WL56, SL56, KL3);
RIP4(D, E, A, B, C, WL57, SL57, KL3);
RIP4(C, D, E, A, B, WL58, SL58, KL3);
RIP4(B, C, D, E, A, WL59, SL59, KL3);
RIP4(A, B, C, D, E, WL60, SL60, KL3);
RIP4(E, A, B, C, D, WL61, SL61, KL3);
RIP4(D, E, A, B, C, WL62, SL62, KL3);
RIP4(C, D, E, A, B, WL63, SL63, KL3);
RIP5(B, C, D, E, A, WL64, SL64, KL4);
RIP5(A, B, C, D, E, WL65, SL65, KL4);
RIP5(E, A, B, C, D, WL66, SL66, KL4);
RIP5(D, E, A, B, C, WL67, SL67, KL4);
RIP5(C, D, E, A, B, WL68, SL68, KL4);
RIP5(B, C, D, E, A, WL69, SL69, KL4);
RIP5(A, B, C, D, E, WL70, SL70, KL4);
RIP5(E, A, B, C, D, WL71, SL71, KL4);
RIP5(D, E, A, B, C, WL72, SL72, KL4);
RIP5(C, D, E, A, B, WL73, SL73, KL4);
RIP5(B, C, D, E, A, WL74, SL74, KL4);
RIP5(A, B, C, D, E, WL75, SL75, KL4);
RIP5(E, A, B, C, D, WL76, SL76, KL4);
RIP5(D, E, A, B, C, WL77, SL77, KL4);
RIP5(C, D, E, A, B, WL78, SL78, KL4);
RIP5(B, C, D, E, A, WL79, SL79, KL4);
a = A;
b = B;
c = C;
d = D;
e = E;
// Do other half
A = h[0];
B = h[1];
C = h[2];
D = h[3];
E = h[4];
RIP5(A, B, C, D, E, WR00, SR00, KR0);
RIP5(E, A, B, C, D, WR01, SR01, KR0);
RIP5(D, E, A, B, C, WR02, SR02, KR0);
RIP5(C, D, E, A, B, WR03, SR03, KR0);
RIP5(B, C, D, E, A, WR04, SR04, KR0);
RIP5(A, B, C, D, E, WR05, SR05, KR0);
RIP5(E, A, B, C, D, WR06, SR06, KR0);
RIP5(D, E, A, B, C, WR07, SR07, KR0);
RIP5(C, D, E, A, B, WR08, SR08, KR0);
RIP5(B, C, D, E, A, WR09, SR09, KR0);
RIP5(A, B, C, D, E, WR10, SR10, KR0);
RIP5(E, A, B, C, D, WR11, SR11, KR0);
RIP5(D, E, A, B, C, WR12, SR12, KR0);
RIP5(C, D, E, A, B, WR13, SR13, KR0);
RIP5(B, C, D, E, A, WR14, SR14, KR0);
RIP5(A, B, C, D, E, WR15, SR15, KR0);
RIP4(E, A, B, C, D, WR16, SR16, KR1);
RIP4(D, E, A, B, C, WR17, SR17, KR1);
RIP4(C, D, E, A, B, WR18, SR18, KR1);
RIP4(B, C, D, E, A, WR19, SR19, KR1);
RIP4(A, B, C, D, E, WR20, SR20, KR1);
RIP4(E, A, B, C, D, WR21, SR21, KR1);
RIP4(D, E, A, B, C, WR22, SR22, KR1);
RIP4(C, D, E, A, B, WR23, SR23, KR1);
RIP4(B, C, D, E, A, WR24, SR24, KR1);
RIP4(A, B, C, D, E, WR25, SR25, KR1);
RIP4(E, A, B, C, D, WR26, SR26, KR1);
RIP4(D, E, A, B, C, WR27, SR27, KR1);
RIP4(C, D, E, A, B, WR28, SR28, KR1);
RIP4(B, C, D, E, A, WR29, SR29, KR1);
RIP4(A, B, C, D, E, WR30, SR30, KR1);
RIP4(E, A, B, C, D, WR31, SR31, KR1);
RIP3(D, E, A, B, C, WR32, SR32, KR2);
RIP3(C, D, E, A, B, WR33, SR33, KR2);
RIP3(B, C, D, E, A, WR34, SR34, KR2);
RIP3(A, B, C, D, E, WR35, SR35, KR2);
RIP3(E, A, B, C, D, WR36, SR36, KR2);
RIP3(D, E, A, B, C, WR37, SR37, KR2);
RIP3(C, D, E, A, B, WR38, SR38, KR2);
RIP3(B, C, D, E, A, WR39, SR39, KR2);
RIP3(A, B, C, D, E, WR40, SR40, KR2);
RIP3(E, A, B, C, D, WR41, SR41, KR2);
RIP3(D, E, A, B, C, WR42, SR42, KR2);
RIP3(C, D, E, A, B, WR43, SR43, KR2);
RIP3(B, C, D, E, A, WR44, SR44, KR2);
RIP3(A, B, C, D, E, WR45, SR45, KR2);
RIP3(E, A, B, C, D, WR46, SR46, KR2);
RIP3(D, E, A, B, C, WR47, SR47, KR2);
RIP2(C, D, E, A, B, WR48, SR48, KR3);
RIP2(B, C, D, E, A, WR49, SR49, KR3);
RIP2(A, B, C, D, E, WR50, SR50, KR3);
RIP2(E, A, B, C, D, WR51, SR51, KR3);
RIP2(D, E, A, B, C, WR52, SR52, KR3);
RIP2(C, D, E, A, B, WR53, SR53, KR3);
RIP2(B, C, D, E, A, WR54, SR54, KR3);
RIP2(A, B, C, D, E, WR55, SR55, KR3);
RIP2(E, A, B, C, D, WR56, SR56, KR3);
RIP2(D, E, A, B, C, WR57, SR57, KR3);
RIP2(C, D, E, A, B, WR58, SR58, KR3);
RIP2(B, C, D, E, A, WR59, SR59, KR3);
RIP2(A, B, C, D, E, WR60, SR60, KR3);
RIP2(E, A, B, C, D, WR61, SR61, KR3);
RIP2(D, E, A, B, C, WR62, SR62, KR3);
RIP2(C, D, E, A, B, WR63, SR63, KR3);
RIP1(B, C, D, E, A, WR64, SR64);
RIP1(A, B, C, D, E, WR65, SR65);
RIP1(E, A, B, C, D, WR66, SR66);
RIP1(D, E, A, B, C, WR67, SR67);
RIP1(C, D, E, A, B, WR68, SR68);
RIP1(B, C, D, E, A, WR69, SR69);
RIP1(A, B, C, D, E, WR70, SR70);
RIP1(E, A, B, C, D, WR71, SR71);
RIP1(D, E, A, B, C, WR72, SR72);
RIP1(C, D, E, A, B, WR73, SR73);
RIP1(B, C, D, E, A, WR74, SR74);
RIP1(A, B, C, D, E, WR75, SR75);
RIP1(E, A, B, C, D, WR76, SR76);
RIP1(D, E, A, B, C, WR77, SR77);
RIP1(C, D, E, A, B, WR78, SR78);
RIP1(B, C, D, E, A, WR79, SR79);
D = h[1] + c + D;
h[1] = h[2] + d + E;
h[2] = h[3] + e + A;
h[3] = h[4] + a + B;
h[4] = h[0] + b + C;
h[0] = D;
}
#undef X
}
uint8_t *RIPEMD160(const uint8_t *data, size_t len,
uint8_t out[RIPEMD160_DIGEST_LENGTH]) {
RIPEMD160_CTX ctx;
if (!RIPEMD160_Init(&ctx)) {
return NULL;
}
RIPEMD160_Update(&ctx, data, len);
RIPEMD160_Final(out, &ctx);
return out;
}

92
vendor/aws-lc-sys/aws-lc/crypto/decrepit/ripemd/ripemd_test.cc vendored Normal file
View File

@@ -0,0 +1,92 @@
// Copyright (c) 2016, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/ripemd.h>
#include <memory>
#include <stdio.h>
#include <string.h>
#include <gtest/gtest.h>
#include "../../internal.h"
#include "../../test/test_util.h"
struct RIPEMDTestCase {
const char *input;
uint8_t expected[RIPEMD160_DIGEST_LENGTH];
};
static const RIPEMDTestCase kRIPEMDTestCases[] = {
{"", {0x9c, 0x11, 0x85, 0xa5, 0xc5, 0xe9, 0xfc, 0x54, 0x61, 0x28,
0x08, 0x97, 0x7e, 0xe8, 0xf5, 0x48, 0xb2, 0x25, 0x8d, 0x31}},
{"a", {0x0b, 0xdc, 0x9d, 0x2d, 0x25, 0x6b, 0x3e, 0xe9, 0xda, 0xae,
0x34, 0x7b, 0xe6, 0xf4, 0xdc, 0x83, 0x5a, 0x46, 0x7f, 0xfe}},
{"abc", {0x8e, 0xb2, 0x08, 0xf7, 0xe0, 0x5d, 0x98, 0x7a, 0x9b, 0x04,
0x4a, 0x8e, 0x98, 0xc6, 0xb0, 0x87, 0xf1, 0x5a, 0x0b, 0xfc}},
{"message digest",
{0x5d, 0x06, 0x89, 0xef, 0x49, 0xd2, 0xfa, 0xe5, 0x72, 0xb8,
0x81, 0xb1, 0x23, 0xa8, 0x5f, 0xfa, 0x21, 0x59, 0x5f, 0x36}},
{"abcdefghijklmnopqrstuvwxyz",
{0xf7, 0x1c, 0x27, 0x10, 0x9c, 0x69, 0x2c, 0x1b, 0x56, 0xbb,
0xdc, 0xeb, 0x5b, 0x9d, 0x28, 0x65, 0xb3, 0x70, 0x8d, 0xbc}},
{"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
{0x12, 0xa0, 0x53, 0x38, 0x4a, 0x9c, 0x0c, 0x88, 0xe4, 0x05,
0xa0, 0x6c, 0x27, 0xdc, 0xf4, 0x9a, 0xda, 0x62, 0xeb, 0x2b}},
{"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
{0xb0, 0xe2, 0x0b, 0x6e, 0x31, 0x16, 0x64, 0x02, 0x86, 0xed,
0x3a, 0x87, 0xa5, 0x71, 0x30, 0x79, 0xb2, 0x1f, 0x51, 0x89}},
{"1234567890123456789012345678901234567890123456789012345678901234567890123"
"4567890",
{0x9b, 0x75, 0x2e, 0x45, 0x57, 0x3d, 0x4b, 0x39, 0xf4, 0xdb,
0xd3, 0x32, 0x3c, 0xab, 0x82, 0xbf, 0x63, 0x32, 0x6b, 0xfb}},
};
// TODO(davidben): Convert this file to GTest properly.
TEST(RIPEMDTest, RunTest) {
for (const auto &test : kRIPEMDTestCases) {
SCOPED_TRACE(test.input);
const size_t input_len = strlen(test.input);
for (size_t stride = 0; stride <= input_len; stride++) {
SCOPED_TRACE(stride);
uint8_t digest[RIPEMD160_DIGEST_LENGTH];
if (stride == 0) {
RIPEMD160(reinterpret_cast<const uint8_t *>(test.input), input_len,
digest);
} else {
RIPEMD160_CTX ctx;
RIPEMD160_Init(&ctx);
for (size_t done = 0; done < input_len;) {
const size_t remaining = input_len - done;
size_t todo = stride;
if (todo > remaining) {
todo = remaining;
}
RIPEMD160_Update(&ctx, &test.input[done], todo);
done += todo;
}
RIPEMD160_Final(digest, &ctx);
}
EXPECT_EQ(Bytes(digest), Bytes(test.expected));
}
}
static const size_t kLargeBufSize = 1000000;
std::unique_ptr<uint8_t[]> buf(new uint8_t[kLargeBufSize]);
OPENSSL_memset(buf.get(), 'a', kLargeBufSize);
uint8_t digest[RIPEMD160_DIGEST_LENGTH];
RIPEMD160(buf.get(), kLargeBufSize, digest);
static const uint8_t kMillionADigest[RIPEMD160_DIGEST_LENGTH] = {
0x52, 0x78, 0x32, 0x43, 0xc1, 0x69, 0x7b, 0xdb, 0xe1, 0x6d,
0x37, 0xf9, 0x7f, 0x68, 0xf0, 0x83, 0x25, 0xdc, 0x15, 0x28};
EXPECT_EQ(Bytes(digest), Bytes(kMillionADigest))
<< "Digest incorrect for \"million a's\" test";
}

50
vendor/aws-lc-sys/aws-lc/crypto/decrepit/rsa/rsa_decrepit.c vendored Normal file
View File

@@ -0,0 +1,50 @@
// Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
// SPDX-License-Identifier: Apache-2.0
#include <openssl/rsa.h>
#include <assert.h>
#include <openssl/bn.h>
RSA *RSA_generate_key(int bits, uint64_t e_value, void *callback,
void *cb_arg) {
assert(callback == NULL);
assert(cb_arg == NULL);
RSA *rsa = RSA_new();
BIGNUM *e = BN_new();
if (rsa == NULL ||
e == NULL ||
!BN_set_u64(e, e_value) ||
!RSA_generate_key_ex(rsa, bits, e, NULL)) {
goto err;
}
BN_free(e);
return rsa;
err:
BN_free(e);
RSA_free(rsa);
return NULL;
}
int RSA_padding_add_PKCS1_PSS(const RSA *rsa, uint8_t *EM, const uint8_t *mHash,
const EVP_MD *Hash, int sLen) {
return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, NULL, sLen);
}
int RSA_verify_PKCS1_PSS(const RSA *rsa, const uint8_t *mHash,
const EVP_MD *Hash, const uint8_t *EM, int sLen) {
return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, NULL, EM, sLen);
}
int RSA_padding_add_PKCS1_OAEP(uint8_t *to, size_t to_len,
const uint8_t *from, size_t from_len,
const uint8_t *param, size_t param_len) {
return RSA_padding_add_PKCS1_OAEP_mgf1(to, to_len, from, from_len, param,
param_len, NULL, NULL);
}

22
vendor/aws-lc-sys/aws-lc/crypto/decrepit/x509/x509_decrepit.c vendored Normal file
View File

@@ -0,0 +1,22 @@
// Copyright (c) 2016, Google Inc.
// SPDX-License-Identifier: ISC
#include <openssl/x509.h>
#include <assert.h>
#include <openssl/conf.h>
X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
const X509V3_CTX *ctx, int ext_nid,
const char *value) {
assert(conf == NULL);
return X509V3_EXT_nconf_nid(NULL, ctx, ext_nid, value);
}
X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
const char *name, const char *value) {
assert(conf == NULL);
return X509V3_EXT_nconf(NULL, ctx, name, value);
}