• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the OpenSSL license (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #ifndef OPENSSL_HEADER_DES_H
11 #define OPENSSL_HEADER_DES_H
12 
13 #include <openssl/base.h>
14 
15 #if defined(__cplusplus)
16 extern "C" {
17 #endif
18 
19 
20 // DES.
21 //
22 // This module is deprecated and retained for legacy reasons only. It is slow
23 // and may leak key material with timing or cache side channels. Moreover,
24 // single-keyed DES is broken and can be brute-forced in under a day.
25 //
26 // Use a modern cipher, such as AES-GCM or ChaCha20-Poly1305, instead.
27 
28 
29 typedef struct DES_cblock_st {
30   uint8_t bytes[8];
31 } DES_cblock;
32 
33 typedef struct DES_ks {
34   uint32_t subkeys[16][2];
35 } DES_key_schedule;
36 
37 
38 #define DES_KEY_SZ (sizeof(DES_cblock))
39 #define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
40 
41 #define DES_ENCRYPT 1
42 #define DES_DECRYPT 0
43 
44 #define DES_CBC_MODE 0
45 #define DES_PCBC_MODE 1
46 
47 // DES_set_key performs a key schedule and initialises |schedule| with |key|.
48 OPENSSL_EXPORT void DES_set_key(const DES_cblock *key,
49                                 DES_key_schedule *schedule);
50 
51 // DES_set_odd_parity sets the parity bits (the least-significant bits in each
52 // byte) of |key| given the other bits in each byte.
53 OPENSSL_EXPORT void DES_set_odd_parity(DES_cblock *key);
54 
55 // DES_ecb_encrypt encrypts (or decrypts, if |is_encrypt| is |DES_DECRYPT|) a
56 // single DES block (8 bytes) from in to out, using the key configured in
57 // |schedule|.
58 OPENSSL_EXPORT void DES_ecb_encrypt(const DES_cblock *in, DES_cblock *out,
59                                     const DES_key_schedule *schedule,
60                                     int is_encrypt);
61 
62 // DES_ncbc_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) |len|
63 // bytes from |in| to |out| with DES in CBC mode.
64 OPENSSL_EXPORT void DES_ncbc_encrypt(const uint8_t *in, uint8_t *out,
65                                      size_t len,
66                                      const DES_key_schedule *schedule,
67                                      DES_cblock *ivec, int enc);
68 
69 // DES_ecb3_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) a single
70 // block (8 bytes) of data from |input| to |output| using 3DES.
71 OPENSSL_EXPORT void DES_ecb3_encrypt(const DES_cblock *input,
72                                      DES_cblock *output,
73                                      const DES_key_schedule *ks1,
74                                      const DES_key_schedule *ks2,
75                                      const DES_key_schedule *ks3,
76                                      int enc);
77 
78 // DES_ede3_cbc_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) |len|
79 // bytes from |in| to |out| with 3DES in CBC mode. 3DES uses three keys, thus
80 // the function takes three different |DES_key_schedule|s.
81 OPENSSL_EXPORT void DES_ede3_cbc_encrypt(const uint8_t *in, uint8_t *out,
82                                          size_t len,
83                                          const DES_key_schedule *ks1,
84                                          const DES_key_schedule *ks2,
85                                          const DES_key_schedule *ks3,
86                                          DES_cblock *ivec, int enc);
87 
88 // DES_ede2_cbc_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) |len|
89 // bytes from |in| to |out| with 3DES in CBC mode. With this keying option, the
90 // first and third 3DES keys are identical. Thus, this function takes only two
91 // different |DES_key_schedule|s.
92 OPENSSL_EXPORT void DES_ede2_cbc_encrypt(const uint8_t *in, uint8_t *out,
93                                          size_t len,
94                                          const DES_key_schedule *ks1,
95                                          const DES_key_schedule *ks2,
96                                          DES_cblock *ivec, int enc);
97 
98 
99 // Deprecated functions.
100 
101 // DES_set_key_unchecked calls |DES_set_key|.
102 OPENSSL_EXPORT void DES_set_key_unchecked(const DES_cblock *key,
103                                           DES_key_schedule *schedule);
104 
105 OPENSSL_EXPORT void DES_ede3_cfb64_encrypt(const uint8_t *in, uint8_t *out,
106                                            long length, DES_key_schedule *ks1,
107                                            DES_key_schedule *ks2,
108                                            DES_key_schedule *ks3,
109                                            DES_cblock *ivec, int *num, int enc);
110 
111 OPENSSL_EXPORT void DES_ede3_cfb_encrypt(const uint8_t *in, uint8_t *out,
112                                          int numbits, long length,
113                                          DES_key_schedule *ks1,
114                                          DES_key_schedule *ks2,
115                                          DES_key_schedule *ks3,
116                                          DES_cblock *ivec, int enc);
117 
118 
119 #if defined(__cplusplus)
120 }  // extern C
121 #endif
122 
123 #endif  // OPENSSL_HEADER_DES_H
124