xref: /aoo41x/main/sal/rtl/source/cipher.c (revision 647f063d)
1 /**************************************************************
2  *
3  * Licensed to the Apache Software Foundation (ASF) under one
4  * or more contributor license agreements.  See the NOTICE file
5  * distributed with this work for additional information
6  * regarding copyright ownership.  The ASF licenses this file
7  * to you under the Apache License, Version 2.0 (the
8  * "License"); you may not use this file except in compliance
9  * with the License.  You may obtain a copy of the License at
10  *
11  *   http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing,
14  * software distributed under the License is distributed on an
15  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16  * KIND, either express or implied.  See the License for the
17  * specific language governing permissions and limitations
18  * under the License.
19  *
20  *************************************************************/
21 
22 
23 
24 #define _RTL_CIPHER_C_ "$Revision: 1.5 $"
25 
26 #include <sal/types.h>
27 #include <rtl/alloc.h>
28 #include <rtl/memory.h>
29 #include <rtl/cipher.h>
30 
31 /*========================================================================
32  *
33  * rtlCipher internals.
34  *
35  *======================================================================*/
36 #define RTL_CIPHER_NTOHL(c, l) \
37 	((l)  = ((sal_uInt32)(*((c)++))) << 24L, \
38 	 (l) |= ((sal_uInt32)(*((c)++))) << 16L, \
39 	 (l) |= ((sal_uInt32)(*((c)++))) <<  8L, \
40 	 (l) |= ((sal_uInt32)(*((c)++))))
41 
42 #define RTL_CIPHER_HTONL(l, c) \
43 	(*((c)++) = (sal_uInt8)(((l) >> 24L) & 0xff), \
44 	 *((c)++) = (sal_uInt8)(((l) >> 16L) & 0xff), \
45 	 *((c)++) = (sal_uInt8)(((l) >>  8L) & 0xff), \
46 	 *((c)++) = (sal_uInt8)(((l)       ) & 0xff))
47 
48 #define RTL_CIPHER_NTOHL64(c, xl, xr, n) \
49 { \
50 	(xl) = (xr) = 0; \
51 	(c) += (n);  \
52 	switch ((n)) \
53 	{ \
54 		case 8: (xr)  = ((sal_uInt32)(*(--(c)))); \
55 		case 7: (xr) |= ((sal_uInt32)(*(--(c)))) <<  8L; \
56 		case 6: (xr) |= ((sal_uInt32)(*(--(c)))) << 16L; \
57 		case 5: (xr) |= ((sal_uInt32)(*(--(c)))) << 24L; \
58 		case 4: (xl)  = ((sal_uInt32)(*(--(c)))); \
59 		case 3: (xl) |= ((sal_uInt32)(*(--(c)))) <<  8L; \
60 		case 2: (xl) |= ((sal_uInt32)(*(--(c)))) << 16L; \
61 		case 1: (xl) |= ((sal_uInt32)(*(--(c)))) << 24L; \
62 	} \
63 }
64 
65 #define RTL_CIPHER_HTONL64(xl, xr, c, n) \
66 { \
67 	(c) += (n);  \
68 	switch ((n)) \
69 	{ \
70 		case 8: *(--(c)) = (sal_uInt8)(((xr)       ) & 0xff); \
71 		case 7: *(--(c)) = (sal_uInt8)(((xr) >>  8L) & 0xff); \
72 		case 6: *(--(c)) = (sal_uInt8)(((xr) >> 16L) & 0xff); \
73 		case 5: *(--(c)) = (sal_uInt8)(((xr) >> 24L) & 0xff); \
74 		case 4: *(--(c)) = (sal_uInt8)(((xl)       ) & 0xff); \
75 		case 3: *(--(c)) = (sal_uInt8)(((xl) >>  8L) & 0xff); \
76 		case 2: *(--(c)) = (sal_uInt8)(((xl) >> 16L) & 0xff); \
77 		case 1: *(--(c)) = (sal_uInt8)(((xl) >> 24L) & 0xff); \
78 	} \
79 }
80 
81 typedef rtlCipherError (SAL_CALL cipher_init_t) (
82 	rtlCipher          Cipher,
83 	rtlCipherDirection Direction,
84 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
85 	const sal_uInt8 *pArgData, sal_Size nArgLen);
86 
87 typedef rtlCipherError (SAL_CALL cipher_update_t) (
88 	rtlCipher   Cipher,
89 	const void *pData,   sal_Size nDatLen,
90 	sal_uInt8  *pBuffer, sal_Size nBufLen);
91 
92 typedef void (SAL_CALL cipher_delete_t) (rtlCipher Cipher);
93 
94 /** Cipher_Impl.
95  */
96 typedef struct cipher_impl_st
97 {
98 	rtlCipherAlgorithm  m_algorithm;
99 	rtlCipherDirection  m_direction;
100 	rtlCipherMode       m_mode;
101 
102 	cipher_init_t      *m_init;
103 	cipher_update_t    *m_encode;
104 	cipher_update_t    *m_decode;
105 	cipher_delete_t    *m_delete;
106 } Cipher_Impl;
107 
108 /*========================================================================
109  *
110  * rtlCipher implementation.
111  *
112  *======================================================================*/
113 /*
114  * rtl_cipher_create.
115  */
rtl_cipher_create(rtlCipherAlgorithm Algorithm,rtlCipherMode Mode)116 rtlCipher SAL_CALL rtl_cipher_create (
117 	rtlCipherAlgorithm Algorithm,
118 	rtlCipherMode      Mode)
119 {
120 	rtlCipher Cipher = (rtlCipher)NULL;
121 	switch (Algorithm)
122 	{
123 		case rtl_Cipher_AlgorithmBF:
124 			Cipher = rtl_cipher_createBF (Mode);
125 			break;
126 
127 		case rtl_Cipher_AlgorithmARCFOUR:
128 			Cipher = rtl_cipher_createARCFOUR (Mode);
129 			break;
130 
131 		default: /* rtl_Cipher_AlgorithmInvalid */
132 			break;
133 	}
134 	return Cipher;
135 }
136 
137 /*
138  * rtl_cipher_init.
139  */
rtl_cipher_init(rtlCipher Cipher,rtlCipherDirection Direction,const sal_uInt8 * pKeyData,sal_Size nKeyLen,const sal_uInt8 * pArgData,sal_Size nArgLen)140 rtlCipherError SAL_CALL rtl_cipher_init (
141 	rtlCipher          Cipher,
142 	rtlCipherDirection Direction,
143 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
144 	const sal_uInt8 *pArgData, sal_Size nArgLen)
145 {
146 	Cipher_Impl *pImpl = (Cipher_Impl*)Cipher;
147 	if (pImpl == NULL)
148 		return rtl_Cipher_E_Argument;
149 	if (pImpl->m_init == NULL)
150 		return rtl_Cipher_E_Unknown;
151 
152 	return (pImpl->m_init)(
153 		Cipher, Direction, pKeyData, nKeyLen, pArgData, nArgLen);
154 }
155 
156 /*
157  * rtl_cipher_encode.
158  */
rtl_cipher_encode(rtlCipher Cipher,const void * pData,sal_Size nDatLen,sal_uInt8 * pBuffer,sal_Size nBufLen)159 rtlCipherError SAL_CALL rtl_cipher_encode (
160 	rtlCipher   Cipher,
161 	const void *pData,   sal_Size nDatLen,
162 	sal_uInt8  *pBuffer, sal_Size nBufLen)
163 {
164 	Cipher_Impl *pImpl = (Cipher_Impl*)Cipher;
165 	if (pImpl == NULL)
166 		return rtl_Cipher_E_Argument;
167 	if (pImpl->m_encode == NULL)
168 		return rtl_Cipher_E_Unknown;
169 
170 	return (pImpl->m_encode)(Cipher, pData, nDatLen, pBuffer, nBufLen);
171 }
172 
173 /*
174  * rtl_cipher_decode.
175  */
rtl_cipher_decode(rtlCipher Cipher,const void * pData,sal_Size nDatLen,sal_uInt8 * pBuffer,sal_Size nBufLen)176 rtlCipherError SAL_CALL rtl_cipher_decode (
177 	rtlCipher   Cipher,
178 	const void *pData,   sal_Size nDatLen,
179 	sal_uInt8  *pBuffer, sal_Size nBufLen)
180 {
181 	Cipher_Impl *pImpl = (Cipher_Impl*)Cipher;
182 	if (pImpl == NULL)
183 		return rtl_Cipher_E_Argument;
184 	if (pImpl->m_decode == NULL)
185 		return rtl_Cipher_E_Unknown;
186 
187 	return (pImpl->m_decode)(Cipher, pData, nDatLen, pBuffer, nBufLen);
188 }
189 
190 /*
191  * rtl_cipher_destroy.
192  */
rtl_cipher_destroy(rtlCipher Cipher)193 void SAL_CALL rtl_cipher_destroy (rtlCipher Cipher)
194 {
195 	Cipher_Impl *pImpl = (Cipher_Impl*)Cipher;
196 	if (pImpl && pImpl->m_delete)
197 		pImpl->m_delete (Cipher);
198 }
199 
200 /*========================================================================
201  *
202  * rtl_cipherBF (Blowfish) internals.
203  *
204  *======================================================================*/
205 #define CIPHER_ROUNDS_BF 16
206 
207 typedef struct cipherBF_key_st
208 {
209 	sal_uInt32 m_S[4][256];
210 	sal_uInt32 m_P[CIPHER_ROUNDS_BF + 2];
211 } CipherKeyBF;
212 
213 typedef struct cipherBF_context_st
214 {
215 	CipherKeyBF    m_key;
216 	union
217 	{
218 		sal_uInt32 m_long[2];
219 		sal_uInt8  m_byte[8];
220 	} m_iv;
221 	sal_uInt32     m_offset;
222 } CipherContextBF;
223 
224 typedef struct cipherBF_impl_st
225 {
226 	Cipher_Impl     m_cipher;
227 	CipherContextBF m_context;
228 } CipherBF_Impl;
229 
230 /** __rtl_cipherBF_init.
231  */
232 static rtlCipherError __rtl_cipherBF_init (
233 	CipherContextBF *ctx,
234 	rtlCipherMode    eMode,
235 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
236 	const sal_uInt8 *pArgData, sal_Size nArgLen);
237 
238 /** __rtl_cipherBF_update.
239  */
240 static rtlCipherError __rtl_cipherBF_update (
241 	CipherContextBF    *ctx,
242 	rtlCipherMode       eMode,
243 	rtlCipherDirection  eDirection,
244 	const sal_uInt8    *pData,   sal_Size nDatLen,
245 	sal_uInt8          *pBuffer, sal_Size nBufLen);
246 
247 /** __rtl_cipherBF_updateECB.
248  */
249 static void __rtl_cipherBF_updateECB (
250 	CipherContextBF    *ctx,
251 	rtlCipherDirection  direction,
252 	const sal_uInt8    *pData,
253 	sal_uInt8          *pBuffer,
254 	sal_Size            nLength);
255 
256 /** __rtl_cipherBF_updateCBC.
257  */
258 static void __rtl_cipherBF_updateCBC (
259 	CipherContextBF    *ctx,
260 	rtlCipherDirection  direction,
261 	const sal_uInt8    *pData,
262 	sal_uInt8          *pBuffer,
263 	sal_Size          nLength);
264 
265 /** __rtl_cipherBF_updateCFB.
266  */
267 static void __rtl_cipherBF_updateCFB (
268 	CipherContextBF    *ctx,
269 	rtlCipherDirection  direction,
270 	const sal_uInt8    *pData,
271 	sal_uInt8          *pBuffer);
272 
273 /** __rtl_cipher_encode.
274  */
275 static void __rtl_cipherBF_encode (
276 	CipherKeyBF *key, sal_uInt32 *xl, sal_uInt32 *xr);
277 
278 /** __rtl_cipherBF_decode.
279  */
280 static void __rtl_cipherBF_decode (
281 	CipherKeyBF *key, sal_uInt32 *xl, sal_uInt32 *xr);
282 
283 /** __rtl_cipherBF.
284  */
285 static sal_uInt32 __rtl_cipherBF (
286 	CipherKeyBF *key, sal_uInt32 x);
287 
288 /** __rtl_cipherBF_key.
289  */
290 static const CipherKeyBF __rtl_cipherBF_key =
291 {
292 	/* S */
293 	{
294 		/* S[0] */
295 		{
296 			/* 0 */
297 			0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L,
298 			0xB8E1AFEDL, 0x6A267E96L, 0xBA7C9045L, 0xF12C7F99L,
299 			0x24A19947L, 0xB3916CF7L, 0x0801F2E2L, 0x858EFC16L,
300 			0x636920D8L, 0x71574E69L, 0xA458FEA3L, 0xF4933D7EL,
301 
302 			/* 1 */
303 			0x0D95748FL, 0x728EB658L, 0x718BCD58L, 0x82154AEEL,
304 			0x7B54A41DL, 0xC25A59B5L, 0x9C30D539L, 0x2AF26013L,
305 			0xC5D1B023L, 0x286085F0L, 0xCA417918L, 0xB8DB38EFL,
306 			0x8E79DCB0L, 0x603A180EL, 0x6C9E0E8BL, 0xB01E8A3EL,
307 
308 			/* 2 */
309 			0xD71577C1L, 0xBD314B27L, 0x78AF2FDAL, 0x55605C60L,
310 			0xE65525F3L, 0xAA55AB94L, 0x57489862L, 0x63E81440L,
311 			0x55CA396AL, 0x2AAB10B6L, 0xB4CC5C34L, 0x1141E8CEL,
312 			0xA15486AFL, 0x7C72E993L, 0xB3EE1411L, 0x636FBC2AL,
313 
314 			/* 3 */
315 			0x2BA9C55DL, 0x741831F6L, 0xCE5C3E16L, 0x9B87931EL,
316 			0xAFD6BA33L, 0x6C24CF5CL, 0x7A325381L, 0x28958677L,
317 			0x3B8F4898L, 0x6B4BB9AFL, 0xC4BFE81BL, 0x66282193L,
318 			0x61D809CCL, 0xFB21A991L, 0x487CAC60L, 0x5DEC8032L,
319 
320 			/* 4 */
321 			0xEF845D5DL, 0xE98575B1L, 0xDC262302L, 0xEB651B88L,
322 			0x23893E81L, 0xD396ACC5L, 0x0F6D6FF3L, 0x83F44239L,
323 			0x2E0B4482L, 0xA4842004L, 0x69C8F04AL, 0x9E1F9B5EL,
324 			0x21C66842L, 0xF6E96C9AL, 0x670C9C61L, 0xABD388F0L,
325 
326 			/* 5 */
327 			0x6A51A0D2L, 0xD8542F68L, 0x960FA728L, 0xAB5133A3L,
328 			0x6EEF0B6CL, 0x137A3BE4L, 0xBA3BF050L, 0x7EFB2A98L,
329 			0xA1F1651DL, 0x39AF0176L, 0x66CA593EL, 0x82430E88L,
330 			0x8CEE8619L, 0x456F9FB4L, 0x7D84A5C3L, 0x3B8B5EBEL,
331 
332 			/* 6 */
333 			0xE06F75D8L, 0x85C12073L, 0x401A449FL, 0x56C16AA6L,
334 			0x4ED3AA62L, 0x363F7706L, 0x1BFEDF72L, 0x429B023DL,
335 			0x37D0D724L, 0xD00A1248L, 0xDB0FEAD3L, 0x49F1C09BL,
336 			0x075372C9L, 0x80991B7BL, 0x25D479D8L, 0xF6E8DEF7L,
337 
338 			/* 7 */
339 			0xE3FE501AL, 0xB6794C3BL, 0x976CE0BDL, 0x04C006BAL,
340 			0xC1A94FB6L, 0x409F60C4L, 0x5E5C9EC2L, 0x196A2463L,
341 			0x68FB6FAFL, 0x3E6C53B5L, 0x1339B2EBL, 0x3B52EC6FL,
342 			0x6DFC511FL, 0x9B30952CL, 0xCC814544L, 0xAF5EBD09L,
343 
344 			/* 8 */
345 			0xBEE3D004L, 0xDE334AFDL, 0x660F2807L, 0x192E4BB3L,
346 			0xC0CBA857L, 0x45C8740FL, 0xD20B5F39L, 0xB9D3FBDBL,
347 			0x5579C0BDL, 0x1A60320AL, 0xD6A100C6L, 0x402C7279L,
348 			0x679F25FEL, 0xFB1FA3CCL, 0x8EA5E9F8L, 0xDB3222F8L,
349 
350 			/* 9 */
351 			0x3C7516DFL, 0xFD616B15L, 0x2F501EC8L, 0xAD0552ABL,
352 			0x323DB5FAL, 0xFD238760L, 0x53317B48L, 0x3E00DF82L,
353 			0x9E5C57BBL, 0xCA6F8CA0L, 0x1A87562EL, 0xDF1769DBL,
354 			0xD542A8F6L, 0x287EFFC3L, 0xAC6732C6L, 0x8C4F5573L,
355 
356 			/* A */
357 			0x695B27B0L, 0xBBCA58C8L, 0xE1FFA35DL, 0xB8F011A0L,
358 			0x10FA3D98L, 0xFD2183B8L, 0x4AFCB56CL, 0x2DD1D35BL,
359 			0x9A53E479L, 0xB6F84565L, 0xD28E49BCL, 0x4BFB9790L,
360 			0xE1DDF2DAL, 0xA4CB7E33L, 0x62FB1341L, 0xCEE4C6E8L,
361 
362 			/* B */
363 			0xEF20CADAL, 0x36774C01L, 0xD07E9EFEL, 0x2BF11FB4L,
364 			0x95DBDA4DL, 0xAE909198L, 0xEAAD8E71L, 0x6B93D5A0L,
365 			0xD08ED1D0L, 0xAFC725E0L, 0x8E3C5B2FL, 0x8E7594B7L,
366 			0x8FF6E2FBL, 0xF2122B64L, 0x8888B812L, 0x900DF01CL,
367 
368 			/* C */
369 			0x4FAD5EA0L, 0x688FC31CL, 0xD1CFF191L, 0xB3A8C1ADL,
370 			0x2F2F2218L, 0xBE0E1777L, 0xEA752DFEL, 0x8B021FA1L,
371 			0xE5A0CC0FL, 0xB56F74E8L, 0x18ACF3D6L, 0xCE89E299L,
372 			0xB4A84FE0L, 0xFD13E0B7L, 0x7CC43B81L, 0xD2ADA8D9L,
373 
374 			/* D */
375 			0x165FA266L, 0x80957705L, 0x93CC7314L, 0x211A1477L,
376 			0xE6AD2065L, 0x77B5FA86L, 0xC75442F5L, 0xFB9D35CFL,
377 			0xEBCDAF0CL, 0x7B3E89A0L, 0xD6411BD3L, 0xAE1E7E49L,
378 			0x00250E2DL, 0x2071B35EL, 0x226800BBL, 0x57B8E0AFL,
379 
380 			/* E */
381 			0x2464369BL, 0xF009B91EL, 0x5563911DL, 0x59DFA6AAL,
382 			0x78C14389L, 0xD95A537FL, 0x207D5BA2L, 0x02E5B9C5L,
383 			0x83260376L, 0x6295CFA9L, 0x11C81968L, 0x4E734A41L,
384 			0xB3472DCAL, 0x7B14A94AL, 0x1B510052L, 0x9A532915L,
385 
386 			/* F */
387 			0xD60F573FL, 0xBC9BC6E4L, 0x2B60A476L, 0x81E67400L,
388 			0x08BA6FB5L, 0x571BE91FL, 0xF296EC6BL, 0x2A0DD915L,
389 			0xB6636521L, 0xE7B9F9B6L, 0xFF34052EL, 0xC5855664L,
390 			0x53B02D5DL, 0xA99F8FA1L, 0x08BA4799L, 0x6E85076AL
391 		},
392 
393 		/* S[1] */
394 		{
395 			0x4B7A70E9L, 0xB5B32944L, 0xDB75092EL, 0xC4192623L,
396 			0xAD6EA6B0L, 0x49A7DF7DL, 0x9CEE60B8L, 0x8FEDB266L,
397 			0xECAA8C71L, 0x699A17FFL, 0x5664526CL, 0xC2B19EE1L,
398 			0x193602A5L, 0x75094C29L, 0xA0591340L, 0xE4183A3EL,
399 
400 			0x3F54989AL, 0x5B429D65L, 0x6B8FE4D6L, 0x99F73FD6L,
401 			0xA1D29C07L, 0xEFE830F5L, 0x4D2D38E6L, 0xF0255DC1L,
402 			0x4CDD2086L, 0x8470EB26L, 0x6382E9C6L, 0x021ECC5EL,
403 			0x09686B3FL, 0x3EBAEFC9L, 0x3C971814L, 0x6B6A70A1L,
404 
405 			0x687F3584L, 0x52A0E286L, 0xB79C5305L, 0xAA500737L,
406 			0x3E07841CL, 0x7FDEAE5CL, 0x8E7D44ECL, 0x5716F2B8L,
407 			0xB03ADA37L, 0xF0500C0DL, 0xF01C1F04L, 0x0200B3FFL,
408 			0xAE0CF51AL, 0x3CB574B2L, 0x25837A58L, 0xDC0921BDL,
409 
410 			0xD19113F9L, 0x7CA92FF6L, 0x94324773L, 0x22F54701L,
411 			0x3AE5E581L, 0x37C2DADCL, 0xC8B57634L, 0x9AF3DDA7L,
412 			0xA9446146L, 0x0FD0030EL, 0xECC8C73EL, 0xA4751E41L,
413 			0xE238CD99L, 0x3BEA0E2FL, 0x3280BBA1L, 0x183EB331L,
414 
415 			0x4E548B38L, 0x4F6DB908L, 0x6F420D03L, 0xF60A04BFL,
416 			0x2CB81290L, 0x24977C79L, 0x5679B072L, 0xBCAF89AFL,
417 			0xDE9A771FL, 0xD9930810L, 0xB38BAE12L, 0xDCCF3F2EL,
418 			0x5512721FL, 0x2E6B7124L, 0x501ADDE6L, 0x9F84CD87L,
419 
420 			0x7A584718L, 0x7408DA17L, 0xBC9F9ABCL, 0xE94B7D8CL,
421 			0xEC7AEC3AL, 0xDB851DFAL, 0x63094366L, 0xC464C3D2L,
422 			0xEF1C1847L, 0x3215D908L, 0xDD433B37L, 0x24C2BA16L,
423 			0x12A14D43L, 0x2A65C451L, 0x50940002L, 0x133AE4DDL,
424 
425 			0x71DFF89EL, 0x10314E55L, 0x81AC77D6L, 0x5F11199BL,
426 			0x043556F1L, 0xD7A3C76BL, 0x3C11183BL, 0x5924A509L,
427 			0xF28FE6EDL, 0x97F1FBFAL, 0x9EBABF2CL, 0x1E153C6EL,
428 			0x86E34570L, 0xEAE96FB1L, 0x860E5E0AL, 0x5A3E2AB3L,
429 
430 			0x771FE71CL, 0x4E3D06FAL, 0x2965DCB9L, 0x99E71D0FL,
431 			0x803E89D6L, 0x5266C825L, 0x2E4CC978L, 0x9C10B36AL,
432 			0xC6150EBAL, 0x94E2EA78L, 0xA5FC3C53L, 0x1E0A2DF4L,
433 			0xF2F74EA7L, 0x361D2B3DL, 0x1939260FL, 0x19C27960L,
434 
435 			0x5223A708L, 0xF71312B6L, 0xEBADFE6EL, 0xEAC31F66L,
436 			0xE3BC4595L, 0xA67BC883L, 0xB17F37D1L, 0x018CFF28L,
437 			0xC332DDEFL, 0xBE6C5AA5L, 0x65582185L, 0x68AB9802L,
438 			0xEECEA50FL, 0xDB2F953BL, 0x2AEF7DADL, 0x5B6E2F84L,
439 
440 			0x1521B628L, 0x29076170L, 0xECDD4775L, 0x619F1510L,
441 			0x13CCA830L, 0xEB61BD96L, 0x0334FE1EL, 0xAA0363CFL,
442 			0xB5735C90L, 0x4C70A239L, 0xD59E9E0BL, 0xCBAADE14L,
443 			0xEECC86BCL, 0x60622CA7L, 0x9CAB5CABL, 0xB2F3846EL,
444 
445 			0x648B1EAFL, 0x19BDF0CAL, 0xA02369B9L, 0x655ABB50L,
446 			0x40685A32L, 0x3C2AB4B3L, 0x319EE9D5L, 0xC021B8F7L,
447 			0x9B540B19L, 0x875FA099L, 0x95F7997EL, 0x623D7DA8L,
448 			0xF837889AL, 0x97E32D77L, 0x11ED935FL, 0x16681281L,
449 
450 			0x0E358829L, 0xC7E61FD6L, 0x96DEDFA1L, 0x7858BA99L,
451 			0x57F584A5L, 0x1B227263L, 0x9B83C3FFL, 0x1AC24696L,
452 			0xCDB30AEBL, 0x532E3054L, 0x8FD948E4L, 0x6DBC3128L,
453 			0x58EBF2EFL, 0x34C6FFEAL, 0xFE28ED61L, 0xEE7C3C73L,
454 
455 			0x5D4A14D9L, 0xE864B7E3L, 0x42105D14L, 0x203E13E0L,
456 			0x45EEE2B6L, 0xA3AAABEAL, 0xDB6C4F15L, 0xFACB4FD0L,
457 			0xC742F442L, 0xEF6ABBB5L, 0x654F3B1DL, 0x41CD2105L,
458 			0xD81E799EL, 0x86854DC7L, 0xE44B476AL, 0x3D816250L,
459 
460 			0xCF62A1F2L, 0x5B8D2646L, 0xFC8883A0L, 0xC1C7B6A3L,
461 			0x7F1524C3L, 0x69CB7492L, 0x47848A0BL, 0x5692B285L,
462 			0x095BBF00L, 0xAD19489DL, 0x1462B174L, 0x23820E00L,
463 			0x58428D2AL, 0x0C55F5EAL, 0x1DADF43EL, 0x233F7061L,
464 
465 			0x3372F092L, 0x8D937E41L, 0xD65FECF1L, 0x6C223BDBL,
466 			0x7CDE3759L, 0xCBEE7460L, 0x4085F2A7L, 0xCE77326EL,
467 			0xA6078084L, 0x19F8509EL, 0xE8EFD855L, 0x61D99735L,
468 			0xA969A7AAL, 0xC50C06C2L, 0x5A04ABFCL, 0x800BCADCL,
469 
470 			0x9E447A2EL, 0xC3453484L, 0xFDD56705L, 0x0E1E9EC9L,
471 			0xDB73DBD3L, 0x105588CDL, 0x675FDA79L, 0xE3674340L,
472 			0xC5C43465L, 0x713E38D8L, 0x3D28F89EL, 0xF16DFF20L,
473 			0x153E21E7L, 0x8FB03D4AL, 0xE6E39F2BL, 0xDB83ADF7L
474 		},
475 
476 		/* S[2] */
477 		{
478 			0xE93D5A68L, 0x948140F7L, 0xF64C261CL, 0x94692934L,
479 			0x411520F7L, 0x7602D4F7L, 0xBCF46B2EL, 0xD4A20068L,
480 			0xD4082471L, 0x3320F46AL, 0x43B7D4B7L, 0x500061AFL,
481 			0x1E39F62EL, 0x97244546L, 0x14214F74L, 0xBF8B8840L,
482 
483 			0x4D95FC1DL, 0x96B591AFL, 0x70F4DDD3L, 0x66A02F45L,
484 			0xBFBC09ECL, 0x03BD9785L, 0x7FAC6DD0L, 0x31CB8504L,
485 			0x96EB27B3L, 0x55FD3941L, 0xDA2547E6L, 0xABCA0A9AL,
486 			0x28507825L, 0x530429F4L, 0x0A2C86DAL, 0xE9B66DFBL,
487 
488 			0x68DC1462L, 0xD7486900L, 0x680EC0A4L, 0x27A18DEEL,
489 			0x4F3FFEA2L, 0xE887AD8CL, 0xB58CE006L, 0x7AF4D6B6L,
490 			0xAACE1E7CL, 0xD3375FECL, 0xCE78A399L, 0x406B2A42L,
491 			0x20FE9E35L, 0xD9F385B9L, 0xEE39D7ABL, 0x3B124E8BL,
492 
493 			0x1DC9FAF7L, 0x4B6D1856L, 0x26A36631L, 0xEAE397B2L,
494 			0x3A6EFA74L, 0xDD5B4332L, 0x6841E7F7L, 0xCA7820FBL,
495 			0xFB0AF54EL, 0xD8FEB397L, 0x454056ACL, 0xBA489527L,
496 			0x55533A3AL, 0x20838D87L, 0xFE6BA9B7L, 0xD096954BL,
497 
498 			0x55A867BCL, 0xA1159A58L, 0xCCA92963L, 0x99E1DB33L,
499 			0xA62A4A56L, 0x3F3125F9L, 0x5EF47E1CL, 0x9029317CL,
500 			0xFDF8E802L, 0x04272F70L, 0x80BB155CL, 0x05282CE3L,
501 			0x95C11548L, 0xE4C66D22L, 0x48C1133FL, 0xC70F86DCL,
502 
503 			0x07F9C9EEL, 0x41041F0FL, 0x404779A4L, 0x5D886E17L,
504 			0x325F51EBL, 0xD59BC0D1L, 0xF2BCC18FL, 0x41113564L,
505 			0x257B7834L, 0x602A9C60L, 0xDFF8E8A3L, 0x1F636C1BL,
506 			0x0E12B4C2L, 0x02E1329EL, 0xAF664FD1L, 0xCAD18115L,
507 
508 			0x6B2395E0L, 0x333E92E1L, 0x3B240B62L, 0xEEBEB922L,
509 			0x85B2A20EL, 0xE6BA0D99L, 0xDE720C8CL, 0x2DA2F728L,
510 			0xD0127845L, 0x95B794FDL, 0x647D0862L, 0xE7CCF5F0L,
511 			0x5449A36FL, 0x877D48FAL, 0xC39DFD27L, 0xF33E8D1EL,
512 
513 			0x0A476341L, 0x992EFF74L, 0x3A6F6EABL, 0xF4F8FD37L,
514 			0xA812DC60L, 0xA1EBDDF8L, 0x991BE14CL, 0xDB6E6B0DL,
515 			0xC67B5510L, 0x6D672C37L, 0x2765D43BL, 0xDCD0E804L,
516 			0xF1290DC7L, 0xCC00FFA3L, 0xB5390F92L, 0x690FED0BL,
517 
518 			0x667B9FFBL, 0xCEDB7D9CL, 0xA091CF0BL, 0xD9155EA3L,
519 			0xBB132F88L, 0x515BAD24L, 0x7B9479BFL, 0x763BD6EBL,
520 			0x37392EB3L, 0xCC115979L, 0x8026E297L, 0xF42E312DL,
521 			0x6842ADA7L, 0xC66A2B3BL, 0x12754CCCL, 0x782EF11CL,
522 
523 			0x6A124237L, 0xB79251E7L, 0x06A1BBE6L, 0x4BFB6350L,
524 			0x1A6B1018L, 0x11CAEDFAL, 0x3D25BDD8L, 0xE2E1C3C9L,
525 			0x44421659L, 0x0A121386L, 0xD90CEC6EL, 0xD5ABEA2AL,
526 			0x64AF674EL, 0xDA86A85FL, 0xBEBFE988L, 0x64E4C3FEL,
527 
528 			0x9DBC8057L, 0xF0F7C086L, 0x60787BF8L, 0x6003604DL,
529 			0xD1FD8346L, 0xF6381FB0L, 0x7745AE04L, 0xD736FCCCL,
530 			0x83426B33L, 0xF01EAB71L, 0xB0804187L, 0x3C005E5FL,
531 			0x77A057BEL, 0xBDE8AE24L, 0x55464299L, 0xBF582E61L,
532 
533 			0x4E58F48FL, 0xF2DDFDA2L, 0xF474EF38L, 0x8789BDC2L,
534 			0x5366F9C3L, 0xC8B38E74L, 0xB475F255L, 0x46FCD9B9L,
535 			0x7AEB2661L, 0x8B1DDF84L, 0x846A0E79L, 0x915F95E2L,
536 			0x466E598EL, 0x20B45770L, 0x8CD55591L, 0xC902DE4CL,
537 
538 			0xB90BACE1L, 0xBB8205D0L, 0x11A86248L, 0x7574A99EL,
539 			0xB77F19B6L, 0xE0A9DC09L, 0x662D09A1L, 0xC4324633L,
540 			0xE85A1F02L, 0x09F0BE8CL, 0x4A99A025L, 0x1D6EFE10L,
541 			0x1AB93D1DL, 0x0BA5A4DFL, 0xA186F20FL, 0x2868F169L,
542 
543 			0xDCB7DA83L, 0x573906FEL, 0xA1E2CE9BL, 0x4FCD7F52L,
544 			0x50115E01L, 0xA70683FAL, 0xA002B5C4L, 0x0DE6D027L,
545 			0x9AF88C27L, 0x773F8641L, 0xC3604C06L, 0x61A806B5L,
546 			0xF0177A28L, 0xC0F586E0L, 0x006058AAL, 0x30DC7D62L,
547 
548 			0x11E69ED7L, 0x2338EA63L, 0x53C2DD94L, 0xC2C21634L,
549 			0xBBCBEE56L, 0x90BCB6DEL, 0xEBFC7DA1L, 0xCE591D76L,
550 			0x6F05E409L, 0x4B7C0188L, 0x39720A3DL, 0x7C927C24L,
551 			0x86E3725FL, 0x724D9DB9L, 0x1AC15BB4L, 0xD39EB8FCL,
552 
553 			0xED545578L, 0x08FCA5B5L, 0xD83D7CD3L, 0x4DAD0FC4L,
554 			0x1E50EF5EL, 0xB161E6F8L, 0xA28514D9L, 0x6C51133CL,
555 			0x6FD5C7E7L, 0x56E14EC4L, 0x362ABFCEL, 0xDDC6C837L,
556 			0xD79A3234L, 0x92638212L, 0x670EFA8EL, 0x406000E0L
557 		},
558 
559 		/* S[3] */
560 		{
561 			0x3A39CE37L, 0xD3FAF5CFL, 0xABC27737L, 0x5AC52D1BL,
562 			0x5CB0679EL, 0x4FA33742L, 0xD3822740L, 0x99BC9BBEL,
563 			0xD5118E9DL, 0xBF0F7315L, 0xD62D1C7EL, 0xC700C47BL,
564 			0xB78C1B6BL, 0x21A19045L, 0xB26EB1BEL, 0x6A366EB4L,
565 
566 			0x5748AB2FL, 0xBC946E79L, 0xC6A376D2L, 0x6549C2C8L,
567 			0x530FF8EEL, 0x468DDE7DL, 0xD5730A1DL, 0x4CD04DC6L,
568 			0x2939BBDBL, 0xA9BA4650L, 0xAC9526E8L, 0xBE5EE304L,
569 			0xA1FAD5F0L, 0x6A2D519AL, 0x63EF8CE2L, 0x9A86EE22L,
570 
571 			0xC089C2B8L, 0x43242EF6L, 0xA51E03AAL, 0x9CF2D0A4L,
572 			0x83C061BAL, 0x9BE96A4DL, 0x8FE51550L, 0xBA645BD6L,
573 			0x2826A2F9L, 0xA73A3AE1L, 0x4BA99586L, 0xEF5562E9L,
574 			0xC72FEFD3L, 0xF752F7DAL, 0x3F046F69L, 0x77FA0A59L,
575 
576 			0x80E4A915L, 0x87B08601L, 0x9B09E6ADL, 0x3B3EE593L,
577 			0xE990FD5AL, 0x9E34D797L, 0x2CF0B7D9L, 0x022B8B51L,
578 			0x96D5AC3AL, 0x017DA67DL, 0xD1CF3ED6L, 0x7C7D2D28L,
579 			0x1F9F25CFL, 0xADF2B89BL, 0x5AD6B472L, 0x5A88F54CL,
580 
581 			0xE029AC71L, 0xE019A5E6L, 0x47B0ACFDL, 0xED93FA9BL,
582 			0xE8D3C48DL, 0x283B57CCL, 0xF8D56629L, 0x79132E28L,
583 			0x785F0191L, 0xED756055L, 0xF7960E44L, 0xE3D35E8CL,
584 			0x15056DD4L, 0x88F46DBAL, 0x03A16125L, 0x0564F0BDL,
585 
586 			0xC3EB9E15L, 0x3C9057A2L, 0x97271AECL, 0xA93A072AL,
587 			0x1B3F6D9BL, 0x1E6321F5L, 0xF59C66FBL, 0x26DCF319L,
588 			0x7533D928L, 0xB155FDF5L, 0x03563482L, 0x8ABA3CBBL,
589 			0x28517711L, 0xC20AD9F8L, 0xABCC5167L, 0xCCAD925FL,
590 
591 			0x4DE81751L, 0x3830DC8EL, 0x379D5862L, 0x9320F991L,
592 			0xEA7A90C2L, 0xFB3E7BCEL, 0x5121CE64L, 0x774FBE32L,
593 			0xA8B6E37EL, 0xC3293D46L, 0x48DE5369L, 0x6413E680L,
594 			0xA2AE0810L, 0xDD6DB224L, 0x69852DFDL, 0x09072166L,
595 
596 			0xB39A460AL, 0x6445C0DDL, 0x586CDECFL, 0x1C20C8AEL,
597 			0x5BBEF7DDL, 0x1B588D40L, 0xCCD2017FL, 0x6BB4E3BBL,
598 			0xDDA26A7EL, 0x3A59FF45L, 0x3E350A44L, 0xBCB4CDD5L,
599 			0x72EACEA8L, 0xFA6484BBL, 0x8D6612AEL, 0xBF3C6F47L,
600 
601 			0xD29BE463L, 0x542F5D9EL, 0xAEC2771BL, 0xF64E6370L,
602 			0x740E0D8DL, 0xE75B1357L, 0xF8721671L, 0xAF537D5DL,
603 			0x4040CB08L, 0x4EB4E2CCL, 0x34D2466AL, 0x0115AF84L,
604 			0xE1B00428L, 0x95983A1DL, 0x06B89FB4L, 0xCE6EA048L,
605 
606 			0x6F3F3B82L, 0x3520AB82L, 0x011A1D4BL, 0x277227F8L,
607 			0x611560B1L, 0xE7933FDCL, 0xBB3A792BL, 0x344525BDL,
608 			0xA08839E1L, 0x51CE794BL, 0x2F32C9B7L, 0xA01FBAC9L,
609 			0xE01CC87EL, 0xBCC7D1F6L, 0xCF0111C3L, 0xA1E8AAC7L,
610 
611 			0x1A908749L, 0xD44FBD9AL, 0xD0DADECBL, 0xD50ADA38L,
612 			0x0339C32AL, 0xC6913667L, 0x8DF9317CL, 0xE0B12B4FL,
613 			0xF79E59B7L, 0x43F5BB3AL, 0xF2D519FFL, 0x27D9459CL,
614 			0xBF97222CL, 0x15E6FC2AL, 0x0F91FC71L, 0x9B941525L,
615 
616 			0xFAE59361L, 0xCEB69CEBL, 0xC2A86459L, 0x12BAA8D1L,
617 			0xB6C1075EL, 0xE3056A0CL, 0x10D25065L, 0xCB03A442L,
618 			0xE0EC6E0EL, 0x1698DB3BL, 0x4C98A0BEL, 0x3278E964L,
619 			0x9F1F9532L, 0xE0D392DFL, 0xD3A0342BL, 0x8971F21EL,
620 
621 			0x1B0A7441L, 0x4BA3348CL, 0xC5BE7120L, 0xC37632D8L,
622 			0xDF359F8DL, 0x9B992F2EL, 0xE60B6F47L, 0x0FE3F11DL,
623 			0xE54CDA54L, 0x1EDAD891L, 0xCE6279CFL, 0xCD3E7E6FL,
624 			0x1618B166L, 0xFD2C1D05L, 0x848FD2C5L, 0xF6FB2299L,
625 
626 			0xF523F357L, 0xA6327623L, 0x93A83531L, 0x56CCCD02L,
627 			0xACF08162L, 0x5A75EBB5L, 0x6E163697L, 0x88D273CCL,
628 			0xDE966292L, 0x81B949D0L, 0x4C50901BL, 0x71C65614L,
629 			0xE6C6C7BDL, 0x327A140AL, 0x45E1D006L, 0xC3F27B9AL,
630 
631 			0xC9AA53FDL, 0x62A80F00L, 0xBB25BFE2L, 0x35BDD2F6L,
632 			0x71126905L, 0xB2040222L, 0xB6CBCF7CL, 0xCD769C2BL,
633 			0x53113EC0L, 0x1640E3D3L, 0x38ABBD60L, 0x2547ADF0L,
634 			0xBA38209CL, 0xF746CE76L, 0x77AFA1C5L, 0x20756060L,
635 
636 			0x85CBFE4EL, 0x8AE88DD8L, 0x7AAAF9B0L, 0x4CF9AA7EL,
637 			0x1948C25CL, 0x02FB8A8CL, 0x01C36AE4L, 0xD6EBE1F9L,
638 			0x90D4F869L, 0xA65CDEA0L, 0x3F09252DL, 0xC208E69FL,
639 			0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L
640 		}
641 	},
642 
643 	/* P */
644 	{
645 		0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
646 		0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
647 		0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
648 		0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L,
649 		0x9216D5D9L, 0x8979FB1BL
650 	}
651 };
652 
653 /*
654  * __rtl_cipherBF_init.
655  */
__rtl_cipherBF_init(CipherContextBF * ctx,rtlCipherMode eMode,const sal_uInt8 * pKeyData,sal_Size nKeyLen,const sal_uInt8 * pArgData,sal_Size nArgLen)656 static rtlCipherError __rtl_cipherBF_init (
657 	CipherContextBF *ctx,
658 	rtlCipherMode    eMode,
659 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
660 	const sal_uInt8 *pArgData, sal_Size nArgLen)
661 {
662 	CipherKeyBF *key;
663 	sal_uInt32   D, DL, DR;
664 	sal_uInt16   i, j, k;
665 
666 	key = &(ctx->m_key);
667 
668 	rtl_copyMemory (key, &__rtl_cipherBF_key, sizeof (CipherKeyBF));
669 	rtl_zeroMemory (&(ctx->m_iv), sizeof(ctx->m_iv));
670 	ctx->m_offset = 0;
671 
672 	for (i = 0, k = 0; i < CIPHER_ROUNDS_BF + 2; ++i)
673 	{
674 		D = 0;
675 		for (j = 0; j < 4; ++j)
676 		{
677 			D = ((D << 8) | pKeyData[k]);
678 			k++;
679 			if (k >= nKeyLen)
680 				k = 0;
681 		}
682 		key->m_P[i] ^= D;
683 	}
684 
685 	DL = 0;
686 	DR = 0;
687 
688 	for (i = 0; i < CIPHER_ROUNDS_BF + 2; i += 2)
689 	{
690 		__rtl_cipherBF_encode (key, &DL, &DR);
691 		key->m_P[i    ] = DL;
692 		key->m_P[i + 1] = DR;
693 	}
694 
695 	for (i = 0; i < 4; ++i)
696 	{
697 		for (k = 0; k < 256; k += 2)
698 		{
699 			__rtl_cipherBF_encode (key, &DL, &DR);
700 			key->m_S[i][k    ] = DL;
701 			key->m_S[i][k + 1] = DR;
702 		}
703 	}
704 
705 	if (pArgData && nArgLen)
706 	{
707 		nArgLen = ((nArgLen < 8) ? nArgLen : 8);
708 		if (eMode == rtl_Cipher_ModeStream)
709 		{
710 			rtl_copyMemory (ctx->m_iv.m_byte, pArgData, nArgLen);
711 		}
712 		else
713 		{
714 			RTL_CIPHER_NTOHL64 (pArgData, DL, DR, nArgLen);
715 			ctx->m_iv.m_long[0] = DL;
716 			ctx->m_iv.m_long[1] = DR;
717 		}
718 	}
719 
720 	D = DL = DR = 0;
721 	return rtl_Cipher_E_None;
722 }
723 
724 /*
725  * __rtl_cipherBF_update.
726  */
__rtl_cipherBF_update(CipherContextBF * ctx,rtlCipherMode eMode,rtlCipherDirection eDirection,const sal_uInt8 * pData,sal_Size nDatLen,sal_uInt8 * pBuffer,sal_Size nBufLen)727 static rtlCipherError __rtl_cipherBF_update (
728 	CipherContextBF    *ctx,
729 	rtlCipherMode       eMode,
730 	rtlCipherDirection  eDirection,
731 	const sal_uInt8    *pData,   sal_Size nDatLen,
732 	sal_uInt8          *pBuffer, sal_Size nBufLen)
733 {
734 	/* Check arguments. */
735 	if ((pData == NULL) || (pBuffer == NULL))
736 		return rtl_Cipher_E_Argument;
737 
738 	if (!((0 < nDatLen) && (nDatLen <= nBufLen)))
739 		return rtl_Cipher_E_BufferSize;
740 
741 	/* Update. */
742 	if (eMode == rtl_Cipher_ModeECB)
743 	{
744 		/* Block mode. */
745 		while (nDatLen > 8)
746 		{
747 			__rtl_cipherBF_updateECB (ctx, eDirection, pData, pBuffer, 8);
748 			nDatLen -= 8;
749 			pData   += 8;
750 			pBuffer += 8;
751 		}
752 		__rtl_cipherBF_updateECB (ctx, eDirection, pData, pBuffer, nDatLen);
753 	}
754 	else if (eMode == rtl_Cipher_ModeCBC)
755 	{
756 		/* Block mode. */
757 		while (nDatLen > 8)
758 		{
759 			__rtl_cipherBF_updateCBC (ctx, eDirection, pData, pBuffer, 8);
760 			nDatLen -= 8;
761 			pData   += 8;
762 			pBuffer += 8;
763 		}
764 		__rtl_cipherBF_updateCBC (ctx, eDirection, pData, pBuffer, nDatLen);
765 	}
766 	else
767 	{
768 		/* Stream mode. */
769 		while (nDatLen > 0)
770 		{
771 			__rtl_cipherBF_updateCFB (ctx, eDirection, pData, pBuffer);
772 			nDatLen -= 1;
773 			pData   += 1;
774 			pBuffer += 1;
775 		}
776 	}
777 	return rtl_Cipher_E_None;
778 }
779 
780 /*
781  * __rtl_cipherBF_updateECB.
782  */
__rtl_cipherBF_updateECB(CipherContextBF * ctx,rtlCipherDirection direction,const sal_uInt8 * pData,sal_uInt8 * pBuffer,sal_Size nLength)783 static void __rtl_cipherBF_updateECB (
784 	CipherContextBF    *ctx,
785 	rtlCipherDirection  direction,
786 	const sal_uInt8    *pData,
787 	sal_uInt8          *pBuffer,
788 	sal_Size            nLength)
789 {
790 	CipherKeyBF *key;
791 	sal_uInt32   DL, DR;
792 
793 	key = &(ctx->m_key);
794 	if (direction == rtl_Cipher_DirectionEncode)
795 	{
796 		RTL_CIPHER_NTOHL64(pData, DL, DR, nLength);
797 
798 		__rtl_cipherBF_encode (key, &DL, &DR);
799 
800 		RTL_CIPHER_HTONL(DL, pBuffer);
801 		RTL_CIPHER_HTONL(DR, pBuffer);
802 	}
803 	else
804 	{
805 		RTL_CIPHER_NTOHL(pData, DL);
806 		RTL_CIPHER_NTOHL(pData, DR);
807 
808 		__rtl_cipherBF_decode (key, &DL, &DR);
809 
810 		RTL_CIPHER_HTONL64(DL, DR, pBuffer, nLength);
811 	}
812 	DL = DR = 0;
813 }
814 
815 /*
816  * __rtl_cipherBF_updateCBC.
817  */
__rtl_cipherBF_updateCBC(CipherContextBF * ctx,rtlCipherDirection direction,const sal_uInt8 * pData,sal_uInt8 * pBuffer,sal_Size nLength)818 static void __rtl_cipherBF_updateCBC (
819 	CipherContextBF    *ctx,
820 	rtlCipherDirection  direction,
821 	const sal_uInt8    *pData,
822 	sal_uInt8          *pBuffer,
823 	sal_Size            nLength)
824 {
825 	CipherKeyBF *key;
826 	sal_uInt32   DL, DR;
827 
828 	key = &(ctx->m_key);
829 	if (direction == rtl_Cipher_DirectionEncode)
830 	{
831 		RTL_CIPHER_NTOHL64(pData, DL, DR, nLength);
832 
833 		DL ^= ctx->m_iv.m_long[0];
834 		DR ^= ctx->m_iv.m_long[1];
835 
836 		__rtl_cipherBF_encode (key, &DL, &DR);
837 
838 		ctx->m_iv.m_long[0] = DL;
839 		ctx->m_iv.m_long[1] = DR;
840 
841 		RTL_CIPHER_HTONL(DL, pBuffer);
842 		RTL_CIPHER_HTONL(DR, pBuffer);
843 	}
844 	else
845 	{
846 		sal_uInt32 IVL, IVR;
847 
848 		RTL_CIPHER_NTOHL(pData, DL);
849 		RTL_CIPHER_NTOHL(pData, DR);
850 
851 		IVL = DL;
852 		IVR = DR;
853 
854 		__rtl_cipherBF_decode (key, &DL, &DR);
855 
856 		DL ^= ctx->m_iv.m_long[0];
857 		DR ^= ctx->m_iv.m_long[1];
858 
859 		ctx->m_iv.m_long[0] = IVL;
860 		ctx->m_iv.m_long[1] = IVR;
861 
862 		RTL_CIPHER_HTONL64(DL, DR, pBuffer, nLength);
863 		IVL = IVR = 0;
864 	}
865 	DL = DR = 0;
866 }
867 
868 /*
869  * __rtl_cipherBF_updateCFB.
870  */
__rtl_cipherBF_updateCFB(CipherContextBF * ctx,rtlCipherDirection direction,const sal_uInt8 * pData,sal_uInt8 * pBuffer)871 static void __rtl_cipherBF_updateCFB (
872 	CipherContextBF    *ctx,
873 	rtlCipherDirection  direction,
874 	const sal_uInt8    *pData,
875 	sal_uInt8          *pBuffer)
876 {
877 	sal_uInt8  *iv;
878 	sal_uInt32  k;
879 
880 	iv = ctx->m_iv.m_byte;
881 	k  = ctx->m_offset;
882 
883 	if (k == 0)
884 	{
885 		sal_uInt32 IVL, IVR;
886 
887 		RTL_CIPHER_NTOHL64(iv, IVL, IVR, 8);
888 		__rtl_cipherBF_encode (&(ctx->m_key), &IVL, &IVR);
889 		RTL_CIPHER_HTONL64(IVL, IVR, iv, 8);
890 
891 		IVL = IVR = 0;
892 	}
893 
894 	if (direction == rtl_Cipher_DirectionEncode)
895 	{
896 		iv[k] ^= *pData;
897 		*pBuffer = iv[k];
898 	}
899 	else
900 	{
901 		sal_uInt8 c = iv[k];
902 		iv[k] = *pData;
903 		*pBuffer = *pData ^ c;
904 		c = 0;
905 	}
906 
907 	ctx->m_offset = ((k + 1) & 0x07);
908 	iv = NULL;
909 }
910 
911 /*
912  * __rtl_cipherBF_encode.
913  */
__rtl_cipherBF_encode(CipherKeyBF * key,sal_uInt32 * xl,sal_uInt32 * xr)914 static void __rtl_cipherBF_encode (
915 	CipherKeyBF *key, sal_uInt32 *xl, sal_uInt32 *xr)
916 {
917 	sal_uInt32  t, XL, XR;
918 	sal_uInt16  i;
919 
920 	XL = *xl;
921 	XR = *xr;
922 
923 	for (i = 0; i < CIPHER_ROUNDS_BF; ++i)
924 	{
925 		XL ^= key->m_P[i];
926 		XR ^= __rtl_cipherBF (key, XL);
927 
928 		t  = XL;
929 		XL = XR;
930 		XR = t;
931 	}
932 
933 	t  = XL;
934 	XL = XR;
935 	XR = t;
936 
937 	XR ^= key->m_P[CIPHER_ROUNDS_BF    ];
938 	XL ^= key->m_P[CIPHER_ROUNDS_BF + 1];
939 
940 	*xl = XL;
941 	*xr = XR;
942 
943 	t = XL = XR = 0;
944 }
945 
946 /*
947  * __rtl_cipherBF_decode.
948  */
__rtl_cipherBF_decode(CipherKeyBF * key,sal_uInt32 * xl,sal_uInt32 * xr)949 static void __rtl_cipherBF_decode (
950 	CipherKeyBF *key, sal_uInt32 *xl, sal_uInt32 *xr)
951 {
952 	sal_uInt32  t, XL, XR;
953 	sal_uInt16  i;
954 
955 	XL = *xl;
956 	XR = *xr;
957 
958 	for (i = CIPHER_ROUNDS_BF + 1; i > 1; --i)
959 	{
960 		XL ^= key->m_P[i];
961 		XR ^= __rtl_cipherBF (key, XL);
962 
963 		t  = XL;
964 		XL = XR;
965 		XR = t;
966 	}
967 
968 	t  = XL;
969 	XL = XR;
970 	XR = t;
971 
972 	XR ^= key->m_P[1];
973 	XL ^= key->m_P[0];
974 
975 	*xl = XL;
976 	*xr = XR;
977 
978 	t = XL = XR = 0;
979 }
980 
981 /*
982  * __rtl_cipherBF.
983  */
__rtl_cipherBF(CipherKeyBF * key,sal_uInt32 x)984 static sal_uInt32 __rtl_cipherBF (CipherKeyBF *key, sal_uInt32 x)
985 {
986 	sal_uInt16 a, b, c, d;
987 	sal_uInt32 y;
988 
989 	d = (sal_uInt16)(x & 0x00ff);
990 	x >>= 8;
991 	c = (sal_uInt16)(x & 0x00ff);
992 	x >>= 8;
993 	b = (sal_uInt16)(x & 0x00ff);
994 	x >>= 8;
995 	a = (sal_uInt16)(x & 0x00ff);
996 
997 	y  = key->m_S[0][a];
998 	y += key->m_S[1][b];
999 	y ^= key->m_S[2][c];
1000 	y += key->m_S[3][d];
1001 
1002 	return y;
1003 }
1004 
1005 /*========================================================================
1006  *
1007  * rtl_cipherBF (Blowfish) implementation.
1008  *
1009  * Reference:
1010  *   Bruce Schneier: Applied Cryptography, 2nd edition, ch. 14.3
1011  *
1012  *======================================================================*/
1013 /*
1014  * rtl_cipher_createBF.
1015  */
rtl_cipher_createBF(rtlCipherMode Mode)1016 rtlCipher SAL_CALL rtl_cipher_createBF (rtlCipherMode Mode)
1017 {
1018 	CipherBF_Impl *pImpl = (CipherBF_Impl*)NULL;
1019 
1020 	if (Mode == rtl_Cipher_ModeInvalid)
1021 		return ((rtlCipher)NULL);
1022 
1023 	pImpl = ((CipherBF_Impl*)rtl_allocateZeroMemory (sizeof (CipherBF_Impl)));
1024 	if (pImpl)
1025 	{
1026 		pImpl->m_cipher.m_algorithm = rtl_Cipher_AlgorithmBF;
1027 		pImpl->m_cipher.m_direction = rtl_Cipher_DirectionInvalid;
1028 		pImpl->m_cipher.m_mode      = Mode;
1029 
1030 		pImpl->m_cipher.m_init      = rtl_cipher_initBF;
1031 		pImpl->m_cipher.m_encode    = rtl_cipher_encodeBF;
1032 		pImpl->m_cipher.m_decode    = rtl_cipher_decodeBF;
1033 		pImpl->m_cipher.m_delete    = rtl_cipher_destroyBF;
1034 	}
1035 	return ((rtlCipher)pImpl);
1036 }
1037 
1038 /*
1039  * rtl_cipher_initBF.
1040  */
rtl_cipher_initBF(rtlCipher Cipher,rtlCipherDirection Direction,const sal_uInt8 * pKeyData,sal_Size nKeyLen,const sal_uInt8 * pArgData,sal_Size nArgLen)1041 rtlCipherError SAL_CALL rtl_cipher_initBF (
1042 	rtlCipher          Cipher,
1043 	rtlCipherDirection Direction,
1044 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
1045 	const sal_uInt8 *pArgData, sal_Size nArgLen)
1046 {
1047 	CipherBF_Impl *pImpl = (CipherBF_Impl*)Cipher;
1048 
1049 	if ((pImpl == NULL) || (pKeyData == NULL))
1050 		return rtl_Cipher_E_Argument;
1051 
1052 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmBF))
1053 		return rtl_Cipher_E_Algorithm;
1054 
1055 	if (!(Direction == rtl_Cipher_DirectionInvalid))
1056 		pImpl->m_cipher.m_direction = Direction;
1057 	else
1058 		return rtl_Cipher_E_Direction;
1059 
1060 	return __rtl_cipherBF_init (
1061 		&(pImpl->m_context), pImpl->m_cipher.m_mode,
1062 		pKeyData, nKeyLen, pArgData, nArgLen);
1063 }
1064 
1065 /*
1066  * rtl_cipher_encodeBF.
1067  */
rtl_cipher_encodeBF(rtlCipher Cipher,const void * pData,sal_Size nDatLen,sal_uInt8 * pBuffer,sal_Size nBufLen)1068 rtlCipherError SAL_CALL rtl_cipher_encodeBF (
1069 	rtlCipher   Cipher,
1070 	const void *pData,   sal_Size nDatLen,
1071 	sal_uInt8  *pBuffer, sal_Size nBufLen)
1072 {
1073 	CipherBF_Impl *pImpl = (CipherBF_Impl*)Cipher;
1074 	if (pImpl == NULL)
1075 		return rtl_Cipher_E_Argument;
1076 
1077 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmBF))
1078 		return rtl_Cipher_E_Algorithm;
1079 
1080 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionInvalid)
1081 		return rtl_Cipher_E_Direction;
1082 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionDecode)
1083 		return rtl_Cipher_E_Direction;
1084 
1085 	return __rtl_cipherBF_update (
1086 		&(pImpl->m_context), pImpl->m_cipher.m_mode,
1087 		rtl_Cipher_DirectionEncode,
1088 		(const sal_uInt8*)pData, nDatLen, pBuffer, nBufLen);
1089 }
1090 
1091 /*
1092  * rtl_cipher_decodeBF.
1093  */
rtl_cipher_decodeBF(rtlCipher Cipher,const void * pData,sal_Size nDatLen,sal_uInt8 * pBuffer,sal_Size nBufLen)1094 rtlCipherError SAL_CALL rtl_cipher_decodeBF (
1095 	rtlCipher   Cipher,
1096 	const void *pData,   sal_Size nDatLen,
1097 	sal_uInt8  *pBuffer, sal_Size nBufLen)
1098 {
1099 	CipherBF_Impl *pImpl = (CipherBF_Impl*)Cipher;
1100 	if (pImpl == NULL)
1101 		return rtl_Cipher_E_Argument;
1102 
1103 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmBF))
1104 		return rtl_Cipher_E_Algorithm;
1105 
1106 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionInvalid)
1107 		return rtl_Cipher_E_Direction;
1108 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionEncode)
1109 		return rtl_Cipher_E_Direction;
1110 
1111 	return __rtl_cipherBF_update (
1112 		&(pImpl->m_context), pImpl->m_cipher.m_mode,
1113 		rtl_Cipher_DirectionDecode,
1114 		(const sal_uInt8*)pData, nDatLen, pBuffer, nBufLen);
1115 }
1116 
1117 /*
1118  * rtl_cipher_destroyBF.
1119  */
rtl_cipher_destroyBF(rtlCipher Cipher)1120 void SAL_CALL rtl_cipher_destroyBF (rtlCipher Cipher)
1121 {
1122 	CipherBF_Impl *pImpl = (CipherBF_Impl*)Cipher;
1123 	if (pImpl)
1124 	{
1125 		if (pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmBF)
1126 			rtl_freeZeroMemory (pImpl, sizeof (CipherBF_Impl));
1127 		else
1128 			rtl_freeMemory (pImpl);
1129 	}
1130 }
1131 
1132 /*========================================================================
1133  *
1134  * rtl_cipher_ARCFOUR (RC4) internals.
1135  *
1136  *======================================================================*/
1137 #define CIPHER_CBLOCK_ARCFOUR 256
1138 
1139 typedef struct cipherARCFOUR_context_st
1140 {
1141 	unsigned int m_S[CIPHER_CBLOCK_ARCFOUR];
1142 	unsigned int m_X, m_Y;
1143 } ContextARCFOUR_Impl;
1144 
1145 typedef struct cipherARCFOUR_impl_st
1146 {
1147 	Cipher_Impl         m_cipher;
1148 	ContextARCFOUR_Impl m_context;
1149 } CipherARCFOUR_Impl;
1150 
1151 /** rtl_cipherARCFOUR_update_Impl.
1152  */
1153 static rtlCipherError rtl_cipherARCFOUR_update_Impl (
1154 	ContextARCFOUR_Impl *ctx,
1155 	const sal_uInt8     *pData,   sal_Size nDatLen,
1156 	sal_uInt8           *pBuffer, sal_Size nBufLen);
1157 
1158 /*
1159  * rtl_cipherARCFOUR_init_Impl.
1160  */
rtl_cipherARCFOUR_init_Impl(ContextARCFOUR_Impl * ctx,const sal_uInt8 * pKeyData,sal_Size nKeyLen)1161 static rtlCipherError rtl_cipherARCFOUR_init_Impl (
1162 	ContextARCFOUR_Impl *ctx,
1163 	const sal_uInt8     *pKeyData, sal_Size nKeyLen)
1164 {
1165 	unsigned int  K[CIPHER_CBLOCK_ARCFOUR];
1166 	unsigned int *L, *S;
1167 	unsigned int  x, y, t;
1168 	sal_Size      n, k;
1169 
1170 	S = &(ctx->m_S[0]);
1171 
1172 	/* Initialize S linearly. */
1173 	for (x = 0; x < CIPHER_CBLOCK_ARCFOUR; x++)
1174 		S[x] = x;
1175 
1176 	/* Initialize K with key, repeat key as necessary. */
1177 	for (L = K, n = CIPHER_CBLOCK_ARCFOUR; n > nKeyLen; n -= nKeyLen)
1178 	{
1179 		for (k = 0; k < nKeyLen; k++) L[k] = pKeyData[k];
1180 		L += nKeyLen;
1181 	}
1182 	for (k = 0; k < n; k++) L[k] = pKeyData[k];
1183 
1184 	/* Initialize S with K. */
1185 	for (x = 0, y = 0; x < CIPHER_CBLOCK_ARCFOUR; x++)
1186 	{
1187 		y = (y + S[x] + K[x]) % CIPHER_CBLOCK_ARCFOUR;
1188 		t = S[x], S[x] = S[y], S[y] = t; /* swap S[x] and S[y] */
1189 	}
1190 
1191 	/* Initialize counters X and Y. */
1192 	ctx->m_X = 0;
1193 	ctx->m_Y = 0;
1194 
1195 	return rtl_Cipher_E_None;
1196 }
1197 
1198 /*
1199  * rtl_cipherARCFOUR_update_Impl.
1200  */
rtl_cipherARCFOUR_update_Impl(ContextARCFOUR_Impl * ctx,const sal_uInt8 * pData,sal_Size nDatLen,sal_uInt8 * pBuffer,sal_Size nBufLen)1201 static rtlCipherError rtl_cipherARCFOUR_update_Impl (
1202 	ContextARCFOUR_Impl *ctx,
1203 	const sal_uInt8     *pData,   sal_Size nDatLen,
1204 	sal_uInt8           *pBuffer, sal_Size nBufLen)
1205 {
1206 	register unsigned int *S;
1207 	register unsigned int  x, y, t;
1208 	sal_Size               k;
1209 
1210 	/* Check arguments. */
1211 	if ((pData == NULL) || (pBuffer == NULL))
1212 		return rtl_Cipher_E_Argument;
1213 
1214 	if (!((0 < nDatLen) && (nDatLen <= nBufLen)))
1215 		return rtl_Cipher_E_BufferSize;
1216 
1217 	/* Update. */
1218 	S = &(ctx->m_S[0]);
1219 	for (k = 0; k < nDatLen; k++)
1220 	{
1221 		/* Update counters X and Y. */
1222 		x = ctx->m_X;
1223 		y = ctx->m_Y;
1224 		x = (x + 1   ) % CIPHER_CBLOCK_ARCFOUR;
1225 		y = (y + S[x]) % CIPHER_CBLOCK_ARCFOUR;
1226 		ctx->m_X = x;
1227 		ctx->m_Y = y;
1228 
1229 		/* Swap S[x] and S[y]. */
1230 		t = S[x], S[x] = S[y], S[y] = t;
1231 
1232 		/* Evaluate next key byte S[t]. */
1233 		t = (S[x] + S[y]) % CIPHER_CBLOCK_ARCFOUR;
1234 		pBuffer[k] = pData[k] ^ ((sal_uInt8)(S[t] & 0xff));
1235 	}
1236 
1237 	return rtl_Cipher_E_None;
1238 }
1239 
1240 /*========================================================================
1241  *
1242  * rtl_cipher_ARCFOUR (RC4) implementation.
1243  *
1244  * Reference:
1245  *   Bruce Schneier: Applied Cryptography, 2nd edition, ch. 17.1
1246  *
1247  *======================================================================*/
1248 /*
1249  * rtl_cipher_createARCFOUR.
1250  */
rtl_cipher_createARCFOUR(rtlCipherMode Mode)1251 rtlCipher SAL_CALL rtl_cipher_createARCFOUR (rtlCipherMode Mode)
1252 {
1253 	CipherARCFOUR_Impl *pImpl = (CipherARCFOUR_Impl*)NULL;
1254 
1255 	if (!(Mode == rtl_Cipher_ModeStream))
1256 		return ((rtlCipher)NULL);
1257 
1258 	pImpl = ((CipherARCFOUR_Impl*)rtl_allocateZeroMemory (sizeof (CipherARCFOUR_Impl)));
1259 	if (pImpl)
1260 	{
1261 		pImpl->m_cipher.m_algorithm = rtl_Cipher_AlgorithmARCFOUR;
1262 		pImpl->m_cipher.m_direction = rtl_Cipher_DirectionInvalid;
1263 		pImpl->m_cipher.m_mode      = rtl_Cipher_ModeStream;
1264 
1265 		pImpl->m_cipher.m_init      = rtl_cipher_initARCFOUR;
1266 		pImpl->m_cipher.m_encode    = rtl_cipher_encodeARCFOUR;
1267 		pImpl->m_cipher.m_decode    = rtl_cipher_decodeARCFOUR;
1268 		pImpl->m_cipher.m_delete    = rtl_cipher_destroyARCFOUR;
1269 	}
1270 	return ((rtlCipher)pImpl);
1271 }
1272 
1273 /*
1274  * rtl_cipher_initARCFOUR.
1275  */
rtl_cipher_initARCFOUR(rtlCipher Cipher,rtlCipherDirection Direction,const sal_uInt8 * pKeyData,sal_Size nKeyLen,const sal_uInt8 * pArgData,sal_Size nArgLen)1276 rtlCipherError SAL_CALL rtl_cipher_initARCFOUR (
1277 	rtlCipher          Cipher,
1278 	rtlCipherDirection Direction,
1279 	const sal_uInt8 *pKeyData, sal_Size nKeyLen,
1280 	const sal_uInt8 *pArgData, sal_Size nArgLen)
1281 {
1282 	CipherARCFOUR_Impl *pImpl = (CipherARCFOUR_Impl*)Cipher;
1283     (void) pArgData; // avoid warning
1284     (void) nArgLen; // avoid warning
1285 
1286 	if ((pImpl == NULL) || (pKeyData == NULL))
1287 		return rtl_Cipher_E_Argument;
1288 
1289 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmARCFOUR))
1290 		return rtl_Cipher_E_Algorithm;
1291 
1292 	if (!(Direction == rtl_Cipher_DirectionInvalid))
1293 		pImpl->m_cipher.m_direction = Direction;
1294 	else
1295 		return rtl_Cipher_E_Direction;
1296 
1297 	return rtl_cipherARCFOUR_init_Impl (&(pImpl->m_context), pKeyData, nKeyLen);
1298 }
1299 
1300 /*
1301  * rtl_cipher_encodeARCFOUR.
1302  */
rtl_cipher_encodeARCFOUR(rtlCipher Cipher,const void * pData,sal_Size nDatLen,sal_uInt8 * pBuffer,sal_Size nBufLen)1303 rtlCipherError SAL_CALL rtl_cipher_encodeARCFOUR (
1304 	rtlCipher   Cipher,
1305 	const void *pData,   sal_Size nDatLen,
1306 	sal_uInt8  *pBuffer, sal_Size nBufLen)
1307 {
1308 	CipherARCFOUR_Impl *pImpl = (CipherARCFOUR_Impl*)Cipher;
1309 	if (pImpl == NULL)
1310 		return rtl_Cipher_E_Argument;
1311 
1312 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmARCFOUR))
1313 		return rtl_Cipher_E_Algorithm;
1314 
1315 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionInvalid)
1316 		return rtl_Cipher_E_Direction;
1317 
1318 	return rtl_cipherARCFOUR_update_Impl (
1319 		&(pImpl->m_context),
1320 		(const sal_uInt8*)pData, nDatLen, pBuffer, nBufLen);
1321 }
1322 
1323 /*
1324  * rtl_cipher_decodeARCFOUR.
1325  */
rtl_cipher_decodeARCFOUR(rtlCipher Cipher,const void * pData,sal_Size nDatLen,sal_uInt8 * pBuffer,sal_Size nBufLen)1326 rtlCipherError SAL_CALL rtl_cipher_decodeARCFOUR (
1327 	rtlCipher   Cipher,
1328 	const void *pData,   sal_Size nDatLen,
1329 	sal_uInt8  *pBuffer, sal_Size nBufLen)
1330 {
1331 	CipherARCFOUR_Impl *pImpl = (CipherARCFOUR_Impl*)Cipher;
1332 	if (pImpl == NULL)
1333 		return rtl_Cipher_E_Argument;
1334 
1335 	if (!(pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmARCFOUR))
1336 		return rtl_Cipher_E_Algorithm;
1337 
1338 	if (pImpl->m_cipher.m_direction == rtl_Cipher_DirectionInvalid)
1339 		return rtl_Cipher_E_Direction;
1340 
1341 	return rtl_cipherARCFOUR_update_Impl (
1342 		&(pImpl->m_context),
1343 		(const sal_uInt8*)pData, nDatLen, pBuffer, nBufLen);
1344 }
1345 
1346 /*
1347  * rtl_cipher_destroyARCFOUR.
1348  */
rtl_cipher_destroyARCFOUR(rtlCipher Cipher)1349 void SAL_CALL rtl_cipher_destroyARCFOUR (rtlCipher Cipher)
1350 {
1351 	CipherARCFOUR_Impl *pImpl = (CipherARCFOUR_Impl*)Cipher;
1352 	if (pImpl)
1353 	{
1354 		if (pImpl->m_cipher.m_algorithm == rtl_Cipher_AlgorithmARCFOUR)
1355 			rtl_freeZeroMemory (pImpl, sizeof (CipherARCFOUR_Impl));
1356 		else
1357 			rtl_freeMemory (pImpl);
1358 	}
1359 }
1360