This commit was generated by cvs2svn to compensate for changes in r17330,

which included commits to RCS files with non-trunk default branches.

11 files changed, 201 insertions, 10 deletions

diff --git a/secure/lib/libdes/Makefile.ssl b/secure/lib/libdes/Makefile.ssl
index d0546c6a583d..81fb3ca4ae4c 100644
--- a/secure/lib/libdes/Makefile.ssl
+++ b/secure/lib/libdes/Makefile.ssl
@@ -23,12 +23,14 @@ LIBSRC=	cbc3_enc.c cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
 	ecb3_enc.c ecb_enc.c  ede_enc.c  enc_read.c enc_writ.c \
 	fcrypt.c   ncbc_enc.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
 	qud_cksm.c rand_key.c read_pwd.c rpc_enc.c  set_key.c  \
+	xcbc_enc.c \
 	str2key.c  cfb64ede.c ofb64ede.c supp.c
 
 LIBOBJ= set_key.o  ecb_enc.o  ede_enc.o  cbc_enc.o  cbc3_enc.o \
 	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
 	enc_read.o enc_writ.o fcrypt.o   ncbc_enc.o ofb64enc.o \
 	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
+	xcbc_enc.o \
 	read_pwd.o rpc_enc.o  cbc_cksm.o supp.o
 
 SRC= $(LIBSRC)
diff --git a/secure/lib/libdes/VERSION b/secure/lib/libdes/VERSION
index 864eda3b2114..5485bd219865 100644
--- a/secure/lib/libdes/VERSION
+++ b/secure/lib/libdes/VERSION
@@ -1,7 +1,15 @@
-Version 3.24 20/04/95
+Version 3.25 17/07/96
+	des_init_random_number_generator() shortened due to VMS linker
+	limits.
+	Added RSA's DESX cbc mode.  It is a form of cbc encryption, with 2
+	8 byte quantites xored before and after encryption.
+	des_xcbc_encryption() - the name is funny to preserve the des_
+	prefix on all functions.
+
+Version 3.24 20/04/96
 	The DES_PTR macro option checked and used by SSLeay configuration
 
-Version 3.23 11/04/95
+Version 3.23 11/04/96
 	Added DES_LONG.  If defined to 'unsigned int' on the DEC Alpha,
 	it gives a %20 speedup :-)
 	Fixed the problem with des.pl under perl5.  The patches were
diff --git a/secure/lib/libdes/cfb64ede.c b/secure/lib/libdes/cfb64ede.c
index f56c87c407c4..bfba24a7ec34 100644
--- a/secure/lib/libdes/cfb64ede.c
+++ b/secure/lib/libdes/cfb64ede.c
@@ -63,7 +63,7 @@ int encrypt;
 	{
 	register DES_LONG v0,v1;
 	register long l=length;
-	register int n=*num;
+	register int n= *num;
 	DES_LONG ti[2];
 	unsigned char *iv,c,cc;
 
diff --git a/secure/lib/libdes/cfb64enc.c b/secure/lib/libdes/cfb64enc.c
index 60c8511d69b7..0f1e78060b6b 100644
--- a/secure/lib/libdes/cfb64enc.c
+++ b/secure/lib/libdes/cfb64enc.c
@@ -63,7 +63,7 @@ int encrypt;
 	{
 	register DES_LONG v0,v1;
 	register long l=length;
-	register int n=*num;
+	register int n= *num;
 	DES_LONG ti[2];
 	unsigned char *iv,c,cc;
 
diff --git a/secure/lib/libdes/des.doc b/secure/lib/libdes/des.doc
index ec3a4c1737c1..e83907ed9e46 100644
--- a/secure/lib/libdes/des.doc
+++ b/secure/lib/libdes/des.doc
@@ -146,6 +146,20 @@ int enc);
 	des_cbc_encrypt accept that ivec is updates with the correct value
 	to pass in subsequent calls to des_ncbc_encrypt().  I advise using
 	des_ncbc_encrypt() instead of des_cbc_encrypt();
+
+void des_xcbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule sk,
+des_cblock *ivec,
+des_cblock *inw,
+des_cblock *outw,
+int enc);
+	This is RSA's DESX mode of DES.  It uses inw and outw to
+	'whiten' the encryption.  inw and outw are secret (unlike the iv)
+	and are as such, part of the key.  So the key is sort of 24 bytes.
+	This is much better than cbc des.
 	
 void des_3cbc_encrypt(
 des_cblock *input,
diff --git a/secure/lib/libdes/destest.c b/secure/lib/libdes/destest.c
index 9b04a5de3cec..b3cc23e5a51c 100644
--- a/secure/lib/libdes/destest.c
+++ b/secure/lib/libdes/destest.c
@@ -219,6 +219,13 @@ static unsigned char cbc_ok[32]={
 	0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68,
 	0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
 
+static unsigned char xcbc_ok[32]={
+	0x86,0x74,0x81,0x0D,0x61,0xA4,0xA5,0x48,
+	0xB9,0x93,0x03,0xE1,0xB8,0xBB,0xBD,0xBD,
+	0x64,0x30,0x0B,0xB9,0x06,0x65,0x81,0x76,
+	0x04,0x1D,0x77,0x62,0x17,0xCA,0x2B,0xD2,
+	};
+
 static unsigned char cbc3_ok[32]={
 	0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0,
 	0x22,0x13,0x76,0x3C,0x1C,0xBD,0x4C,0xDC,
@@ -389,6 +396,34 @@ char *argv[];
 		err=1;
 		}
 
+	printf("Doing desx cbc\n");
+	if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+		{
+		printf("Key error %d\n",j);
+		err=1;
+		}
+	memset(cbc_out,0,40);
+	memset(cbc_in,0,40);
+	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+	des_xcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+		(long)strlen((char *)cbc_data)+1,ks,
+		(C_Block *)iv3,
+		(C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_ENCRYPT);
+	if (memcmp(cbc_out,xcbc_ok,32) != 0)
+		{
+		printf("des_xcbc_encrypt encrypt error\n");
+		}
+	memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+	des_xcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+		(long)strlen((char *)cbc_data)+1,ks,
+		(C_Block *)iv3,
+		(C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_DECRYPT);
+	if (memcmp(cbc_in,cbc_data,32) != 0)
+		{
+		printf("des_xcbc_encrypt decrypt error\n");
+		err=1;
+		}
+
 	printf("Doing ede cbc\n");
 	if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
 		{
diff --git a/secure/lib/libdes/ecb_enc.c b/secure/lib/libdes/ecb_enc.c
index a39c6ed2e229..2085770b9427 100644
--- a/secure/lib/libdes/ecb_enc.c
+++ b/secure/lib/libdes/ecb_enc.c
@@ -49,7 +49,7 @@
 #include "spr.h"
 
 char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay";
-char *DES_version="DES part of SSLeay 0.6.1 12-Jul-1996";
+char *DES_version="DES part of SSLeay 0.6.2 24-Jul-1996";
 
 char *des_options()
 	{
diff --git a/secure/lib/libdes/ofb64ede.c b/secure/lib/libdes/ofb64ede.c
index 8923b5fdfae4..2bcb0d8986f5 100644
--- a/secure/lib/libdes/ofb64ede.c
+++ b/secure/lib/libdes/ofb64ede.c
@@ -60,7 +60,7 @@ des_cblock (*ivec);
 int *num;
 	{
 	register DES_LONG v0,v1;
-	register int n=*num;
+	register int n= *num;
 	register long l=length;
 	des_cblock d;
 	register char *dp;
@@ -97,7 +97,7 @@ int *num;
 			l2c(v1,dp);
 			save++;
 			}
-		*(out++)=*(in++)^d[n];
+		*(out++)= *(in++)^d[n];
 		n=(n+1)&0x07;
 		}
 	if (save)
diff --git a/secure/lib/libdes/ofb64enc.c b/secure/lib/libdes/ofb64enc.c
index bb4937aeaf4d..d3fa6c5cf18f 100644
--- a/secure/lib/libdes/ofb64enc.c
+++ b/secure/lib/libdes/ofb64enc.c
@@ -60,7 +60,7 @@ des_cblock (*ivec);
 int *num;
 	{
 	register DES_LONG v0,v1,t;
-	register int n=*num;
+	register int n= *num;
 	register long l=length;
 	des_cblock d;
 	register char *dp;
@@ -86,7 +86,7 @@ int *num;
 			t=ti[1]; l2c(t,dp);
 			save++;
 			}
-		*(out++)=*(in++)^d[n];
+		*(out++)= *(in++)^d[n];
 		n=(n+1)&0x07;
 		}
 	if (save)
diff --git a/secure/lib/libdes/read_pwd.c b/secure/lib/libdes/read_pwd.c
index 275f7322f4bd..47cb95feea4d 100644
--- a/secure/lib/libdes/read_pwd.c
+++ b/secure/lib/libdes/read_pwd.c
@@ -105,7 +105,7 @@
 #define TTY_set(tty,data)	ioctl(tty,TIOCSETP,data)
 #endif
 
-#if !defined(_LIBC) && !defined(MSDOS)
+#if !defined(_LIBC) && !defined(MSDOS) && !defined(VMS)
 #include <sys/ioctl.h>
 #endif
 
diff --git a/secure/lib/libdes/xcbc_enc.c b/secure/lib/libdes/xcbc_enc.c
new file mode 100644
index 000000000000..98bf631ec5c9
--- /dev/null
+++ b/secure/lib/libdes/xcbc_enc.c
@@ -0,0 +1,132 @@
+/* crypto/des/xcbc_enc.c */
+/* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ * 
+ * This file is part of an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL
+ * specification.  This library and applications are
+ * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE
+ * as long as the following conditions are aheared to.
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.  If this code is used in a product,
+ * Eric Young should be given attribution as the author of the parts used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    This product includes software developed by Eric Young (eay@mincom.oz.au)
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* RSA's DESX */
+void des_xcbc_encrypt(input, output, length, schedule, ivec, inw,outw,encrypt)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+des_cblock (*inw);
+des_cblock (*outw);
+int encrypt;
+	{
+	register DES_LONG tin0,tin1;
+	register DES_LONG tout0,tout1,xor0,xor1;
+	register DES_LONG inW0,inW1,outW0,outW1;
+	register unsigned char *in,*out;
+	register long l=length;
+	DES_LONG tin[2];
+	unsigned char *iv;
+
+	in=(unsigned char *)inw;
+	c2l(in,inW0);
+	c2l(in,inW1);
+	in=(unsigned char *)outw;
+	c2l(in,outW0);
+	c2l(in,outW1);
+
+	in=(unsigned char *)input;
+	out=(unsigned char *)output;
+	iv=(unsigned char *)ivec;
+
+	if (encrypt)
+		{
+		c2l(iv,tout0);
+		c2l(iv,tout1);
+		for (; l>0; l-=8)
+			{
+			if (l >= 8)
+				{
+				c2l(in,tin0);
+				c2l(in,tin1);
+				}
+			else
+				c2ln(in,tin0,tin1,l);
+			tin0^=tout0^inW0; tin[0]=tin0;
+			tin1^=tout1^inW1; tin[1]=tin1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+			tout0=tin[0]^outW0; l2c(tout0,out);
+			tout1=tin[1]^outW1; l2c(tout1,out);
+			}
+		iv=(unsigned char *)ivec;
+		l2c(tout0,iv);
+		l2c(tout1,iv);
+		}
+	else
+		{
+		c2l(iv,xor0);
+		c2l(iv,xor1);
+		for (; l>0; l-=8)
+			{
+			c2l(in,tin0); tin[0]=tin0^outW0;
+			c2l(in,tin1); tin[1]=tin1^outW1;
+			des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+			tout0=tin[0]^xor0^inW0;
+			tout1=tin[1]^xor1^inW1;
+			if (l >= 8)
+				{
+				l2c(tout0,out);
+				l2c(tout1,out);
+				}
+			else
+				l2cn(tout0,tout1,out,l);
+			xor0=tin0;
+			xor1=tin1;
+			}
+		iv=(unsigned char *)ivec;
+		l2c(xor0,iv);
+		l2c(xor1,iv);
+		}
+	tin0=tin1=tout0=tout1=xor0=xor1=0;
+	inW0=inW1=outW0=outW1=0;
+	tin[0]=tin[1]=0;
+	}
+