* $Source: /afs/athena.mit.edu/astaff/project/kerberos/src/lib/des/RCS/pcbc_encrypt.c,v $
* Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
* For copying and distribution information, please see the file
* These routines perform encryption and decryption using the DES
* private key algorithm, or else a subset of it-- fewer inner loops.
* ( AUTH_DES_ITER defaults to 16, may be less)
* Under U.S. law, this software may not be exported outside the US
* without license from the U.S. Commerce department.
* The key schedule is passed as an arg, as well as the cleartext or
* ciphertext. The cleartext and ciphertext should be in host order.
* These routines form the library interface to the des facilities.
* spm 8/85 MIT project athena
static char rcsid_pcbc_encrypt_c
[] =
"$Id: pcbc_encrypt.c,v 4.11 90/01/02 13:46:30 jtkohl Exp $";
#include <mit-copyright.h>
#include "des_internal.h"
extern int des_debug_print();
* pcbc_encrypt is an "error propagation chaining" encrypt operation
* for DES, similar to CBC, but that, on encryption, "xor"s the
* plaintext of block N with the ciphertext resulting from block N,
* then "xor"s that result with the plaintext of block N+1 prior to
* encrypting block N+1. (decryption the appropriate inverse. This
* "pcbc" mode propagates a single bit error anywhere in either the
* cleartext or ciphertext chain all the way through to the end. In
* contrast, CBC mode limits a single bit error in the ciphertext to
* affect only the current (8byte) block and the subsequent block.
* performs pcbc error-propagation chaining operation by xor-ing block
* N+1 with both the plaintext (block N) and the ciphertext from block
* N. Either encrypts from cleartext to ciphertext, if encrypt != 0
* or decrypts from ciphertext to cleartext, if encrypt == 0
* NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
* enough space was provided, your program will get trashed.
* For encryption, the cleartext string is null padded, at the end, to
* an integral multiple of eight bytes.
* For decryption, the ciphertext will be used in integral multiples
* of 8 bytes, but only the first "length" bytes returned into the
* This is NOT a standard mode of operation.
des_pcbc_encrypt(in
,out
,length
,key
,iv
,encrypt
)
des_cblock
*in
; /* >= length bytes of inputtext */
des_cblock
*out
; /* >= length bytes of outputtext */
register long length
; /* in bytes */
int encrypt
; /* 0 ==> decrypt, else encrypt */
des_key_schedule key
; /* precomputed key schedule */
des_cblock
*iv
; /* 8 bytes of ivec */
register unsigned long *input
= (unsigned long *) in
;
register unsigned long *output
= (unsigned long *) out
;
register unsigned long *ivec
= (unsigned long *) iv
;
static unsigned long t_input
[2];
static unsigned long t_output
[2];
static unsigned char *t_in_p
;
static unsigned long xor_0
, xor_1
;
t_in_p
= (unsigned char *) t_input
;
bcopy((char *)ivec
++,(char *)&xor_0
,sizeof(xor_0
));
bcopy((char *)ivec
,(char *)&xor_1
,sizeof(xor_1
));
for (i
= 0; length
> 0; i
++, length
-= 8) {
bcopy((char *)input
,(char *)&t_input
[0],sizeof(t_input
[0]));
bcopy((char *)(input
+1),(char *)&t_input
[1],sizeof(t_input
[1]));
for (j
= length
; j
<= 7; j
++)
des_debug_print("clear",length
,t_input
[0],t_input
[1]);
/* do the xor for cbc into the temp */
(void) des_ecb_encrypt(t_input
,t_output
,key
,encrypt
);
* We want to XOR with both the plaintext and ciphertext
* of the previous block, before we write the output, in
* case both input and output are the same space.
bcopy((char *)input
++,(char *)&xor_0
,sizeof(xor_0
));
bcopy((char *)input
++,(char *)&xor_1
,sizeof(xor_1
));
xor_0
= *input
++ ^ t_output
[0];
xor_1
= *input
++ ^ t_output
[1];
/* copy temp output and save it for cbc */
bcopy((char *)&t_output
[0],(char *)output
++,
bcopy((char *)&t_output
[1],(char *)output
++,
des_debug_print("xor'ed",i
,t_input
[0],t_input
[1]);
des_debug_print("cipher",i
,t_output
[0],t_output
[1]);
bcopy((char *)ivec
++,(char *)&xor_0
,sizeof(xor_0
));
bcopy((char *)ivec
,(char *)&xor_1
,sizeof(xor_1
));
for (i
= 0; length
> 0; i
++, length
-= 8) {
bcopy((char *)input
++,(char *)&t_input
[0],sizeof(t_input
[0]));
bcopy((char *)input
++,(char *)&t_input
[1],sizeof(t_input
[1]));
/* no padding for decrypt */
des_debug_print("cipher",i
,t_input
[0],t_input
[1]);
(void) des_ecb_encrypt(t_input
,t_output
,key
,encrypt
);
des_debug_print("out pre xor",i
,t_output
[0],t_output
[1]);
/* do the xor for cbc into the output */
bcopy((char *)&t_output
[0],(char *)output
++,
bcopy((char *)&t_output
[1],(char *)output
++,
/* save xor value for next round */
xor_0
= t_output
[0] ^ t_input
[0];
xor_1
= t_output
[1] ^ t_input
[1];
des_debug_print("clear",i
,t_output
[0],t_output
[1]);