We can now also decrypt PEM files encrypted in CFB1 and CFB8 mode

Signed-off-by: Steffen Jaeckel <[email protected]>

doc/crypt.tex

@@ -7644,6 +7644,12 @@ When dealing with PEM formatted private keys the following encryption algorithms
 \hline \texttt{AES-128-CFB}       & AES             & 128                       & CFB    \\
 \hline \texttt{AES-192-CFB}       & AES             & 192                       & CFB    \\
 \hline \texttt{AES-256-CFB}       & AES             & 256                       & CFB    \\
+\hline \texttt{AES-128-CFB1}      & AES             & 128                       & CFB    \\
+\hline \texttt{AES-192-CFB1}      & AES             & 192                       & CFB    \\
+\hline \texttt{AES-256-CFB1}      & AES             & 256                       & CFB    \\
+\hline \texttt{AES-128-CFB8}      & AES             & 128                       & CFB    \\
+\hline \texttt{AES-192-CFB8}      & AES             & 192                       & CFB    \\
+\hline \texttt{AES-256-CFB8}      & AES             & 256                       & CFB    \\
 \hline \texttt{AES-128-CTR}       & AES             & 128                       & CTR    \\
 \hline \texttt{AES-192-CTR}       & AES             & 192                       & CTR    \\
 \hline \texttt{AES-256-CTR}       & AES             & 256                       & CTR    \\
@@ -7659,6 +7665,12 @@ When dealing with PEM formatted private keys the following encryption algorithms
 \hline \texttt{CAMELLIA-128-CFB}  & Camellia        & 128                       & CFB    \\
 \hline \texttt{CAMELLIA-192-CFB}  & Camellia        & 192                       & CFB    \\
 \hline \texttt{CAMELLIA-256-CFB}  & Camellia        & 256                       & CFB    \\
+\hline \texttt{CAMELLIA-128-CFB1} & Camellia        & 128                       & CFB    \\
+\hline \texttt{CAMELLIA-192-CFB1} & Camellia        & 192                       & CFB    \\
+\hline \texttt{CAMELLIA-256-CFB1} & Camellia        & 256                       & CFB    \\
+\hline \texttt{CAMELLIA-128-CFB8} & Camellia        & 128                       & CFB    \\
+\hline \texttt{CAMELLIA-192-CFB8} & Camellia        & 192                       & CFB    \\
+\hline \texttt{CAMELLIA-256-CFB8} & Camellia        & 256                       & CFB    \\
 \hline \texttt{CAMELLIA-128-CTR}  & Camellia        & 128                       & CTR    \\
 \hline \texttt{CAMELLIA-192-CTR}  & Camellia        & 192                       & CTR    \\
 \hline \texttt{CAMELLIA-256-CTR}  & Camellia        & 256                       & CTR    \\
@@ -7674,9 +7686,13 @@ When dealing with PEM formatted private keys the following encryption algorithms
 \hline \texttt{DES-EDE-OFB}       & 3DES (EDE)      & 128                       & OFB    \\
 \hline \texttt{DES-EDE3-CBC}      & 3DES (EDE)      & 192                       & CBC    \\
 \hline \texttt{DES-EDE3-CFB}      & 3DES (EDE)      & 192                       & CFB    \\
+\hline \texttt{DES-EDE3-CFB1}     & 3DES (EDE)      & 192                       & CFB    \\
+\hline \texttt{DES-EDE3-CFB8}     & 3DES (EDE)      & 192                       & CFB    \\
 \hline \texttt{DES-EDE3-OFB}      & 3DES (EDE)      & 192                       & OFB    \\
 \hline \texttt{DES-CBC}           & DES             & 64                        & CBC    \\
 \hline \texttt{DES-CFB}           & DES             & 64                        & CFB    \\
+\hline \texttt{DES-CFB1}          & DES             & 64                        & CFB    \\
+\hline \texttt{DES-CFB8}          & DES             & 64                        & CFB    \\
 \hline \texttt{DES-OFB}           & DES             & 64                        & OFB    \\
 \hline \texttt{DESX-CBC}          & DES-X           & 192                       & CBC    \\
 \hline \texttt{IDEA-CBC}          & IDEA            & 128                       & CBC    \\

src/headers/tomcrypt_private.h

@@ -267,6 +267,8 @@ enum cipher_mode {
    cm_flags =           0xff00,
    /* Flags */
    cm_openssh =         0x0100,
+   cm_1bit =            0x0200,
+   cm_8bit =            0x0400,
    /* Modes */
    cm_none =            0x0000,
    cm_cbc =             0x0001,
@@ -275,6 +277,8 @@ enum cipher_mode {
    cm_ofb =             0x0004,
    cm_stream =          0x0005,
    cm_gcm =             0x0006,
+   cm_cfb1 =            cm_cfb | cm_1bit,
+   cm_cfb8 =            cm_cfb | cm_8bit,
    cm_stream_openssh =  cm_stream | cm_openssh,
 };
 

src/misc/pem/pem.c

@@ -75,61 +75,77 @@ const struct str pem_ssh_comment = { SET_CSTR(, "Comment: ") };
 const struct str pem_dek_info_start = { SET_CSTR(, "DEK-Info: ") };
 const struct blockcipher_info pem_dek_infos[] =
    {
-      { .name = "AES-128-CBC,",      .algo = "aes",      .keylen = 128 / 8, .mode = cm_cbc,    },
-      { .name = "AES-192-CBC,",      .algo = "aes",      .keylen = 192 / 8, .mode = cm_cbc,    },
-      { .name = "AES-256-CBC,",      .algo = "aes",      .keylen = 256 / 8, .mode = cm_cbc,    },
-      { .name = "AES-128-CFB,",      .algo = "aes",      .keylen = 128 / 8, .mode = cm_cfb,    },
-      { .name = "AES-192-CFB,",      .algo = "aes",      .keylen = 192 / 8, .mode = cm_cfb,    },
-      { .name = "AES-256-CFB,",      .algo = "aes",      .keylen = 256 / 8, .mode = cm_cfb,    },
-      { .name = "AES-128-CTR,",      .algo = "aes",      .keylen = 128 / 8, .mode = cm_ctr,    },
-      { .name = "AES-192-CTR,",      .algo = "aes",      .keylen = 192 / 8, .mode = cm_ctr,    },
-      { .name = "AES-256-CTR,",      .algo = "aes",      .keylen = 256 / 8, .mode = cm_ctr,    },
-      { .name = "AES-128-OFB,",      .algo = "aes",      .keylen = 128 / 8, .mode = cm_ofb,    },
-      { .name = "AES-192-OFB,",      .algo = "aes",      .keylen = 192 / 8, .mode = cm_ofb,    },
-      { .name = "AES-256-OFB,",      .algo = "aes",      .keylen = 256 / 8, .mode = cm_ofb,    },
-      { .name = "BF-CBC,",           .algo = "blowfish", .keylen = 128 / 8, .mode = cm_cbc,    },
-      { .name = "BF-CFB,",           .algo = "blowfish", .keylen = 128 / 8, .mode = cm_cfb,    },
-      { .name = "BF-OFB,",           .algo = "blowfish", .keylen = 128 / 8, .mode = cm_ofb,    },
-      { .name = "CAMELLIA-128-CBC,", .algo = "camellia", .keylen = 128 / 8, .mode = cm_cbc,    },
-      { .name = "CAMELLIA-192-CBC,", .algo = "camellia", .keylen = 192 / 8, .mode = cm_cbc,    },
-      { .name = "CAMELLIA-256-CBC,", .algo = "camellia", .keylen = 256 / 8, .mode = cm_cbc,    },
-      { .name = "CAMELLIA-128-CFB,", .algo = "camellia", .keylen = 128 / 8, .mode = cm_cfb,    },
-      { .name = "CAMELLIA-192-CFB,", .algo = "camellia", .keylen = 192 / 8, .mode = cm_cfb,    },
-      { .name = "CAMELLIA-256-CFB,", .algo = "camellia", .keylen = 256 / 8, .mode = cm_cfb,    },
-      { .name = "CAMELLIA-128-CTR,", .algo = "camellia", .keylen = 128 / 8, .mode = cm_ctr,    },
-      { .name = "CAMELLIA-192-CTR,", .algo = "camellia", .keylen = 192 / 8, .mode = cm_ctr,    },
-      { .name = "CAMELLIA-256-CTR,", .algo = "camellia", .keylen = 256 / 8, .mode = cm_ctr,    },
-      { .name = "CAMELLIA-128-OFB,", .algo = "camellia", .keylen = 128 / 8, .mode = cm_ofb,    },
-      { .name = "CAMELLIA-192-OFB,", .algo = "camellia", .keylen = 192 / 8, .mode = cm_ofb,    },
-      { .name = "CAMELLIA-256-OFB,", .algo = "camellia", .keylen = 256 / 8, .mode = cm_ofb,    },
-      { .name = "CAST5-CBC,",        .algo = "cast5",    .keylen = 128 / 8, .mode = cm_cbc,    },
-      { .name = "CAST5-CFB,",        .algo = "cast5",    .keylen = 128 / 8, .mode = cm_cfb,    },
-      { .name = "CAST5-OFB,",        .algo = "cast5",    .keylen = 128 / 8, .mode = cm_ofb,    },
-      { .name = "ChaCha20,",         .algo = "chacha20", .keylen = 256 / 8, .mode = cm_stream, },
-      { .name = "DES-EDE-CBC,",      .algo = "3des",     .keylen = 128 / 8, .mode = cm_cbc,    },
-      { .name = "DES-EDE-CFB,",      .algo = "3des",     .keylen = 128 / 8, .mode = cm_cfb,    },
-      { .name = "DES-EDE-OFB,",      .algo = "3des",     .keylen = 128 / 8, .mode = cm_ofb,    },
-      { .name = "DES-EDE3-CBC,",     .algo = "3des",     .keylen = 192 / 8, .mode = cm_cbc,    },
-      { .name = "DES-EDE3-CFB,",     .algo = "3des",     .keylen = 192 / 8, .mode = cm_cfb,    },
-      { .name = "DES-EDE3-OFB,",     .algo = "3des",     .keylen = 192 / 8, .mode = cm_ofb,    },
-      { .name = "DES-CBC,",          .algo = "des",      .keylen =  64 / 8, .mode = cm_cbc,    },
-      { .name = "DES-CFB,",          .algo = "des",      .keylen =  64 / 8, .mode = cm_cfb,    },
-      { .name = "DES-OFB,",          .algo = "des",      .keylen =  64 / 8, .mode = cm_ofb,    },
-      { .name = "DESX-CBC,",         .algo = "desx",     .keylen = 192 / 8, .mode = cm_cbc,    },
-      { .name = "IDEA-CBC,",         .algo = "idea",     .keylen = 128 / 8, .mode = cm_cbc,    },
-      { .name = "IDEA-CFB,",         .algo = "idea",     .keylen = 128 / 8, .mode = cm_cfb,    },
-      { .name = "IDEA-OFB,",         .algo = "idea",     .keylen = 128 / 8, .mode = cm_ofb,    },
-      { .name = "RC5-CBC,",          .algo = "rc5",      .keylen = 128 / 8, .mode = cm_cbc,    },
-      { .name = "RC5-CFB,",          .algo = "rc5",      .keylen = 128 / 8, .mode = cm_cfb,    },
-      { .name = "RC5-OFB,",          .algo = "rc5",      .keylen = 128 / 8, .mode = cm_ofb,    },
-      { .name = "RC2-40-CBC,",       .algo = "rc2",      .keylen =  40 / 8, .mode = cm_cbc,    },
-      { .name = "RC2-64-CBC,",       .algo = "rc2",      .keylen =  64 / 8, .mode = cm_cbc,    },
-      { .name = "RC2-CBC,",          .algo = "rc2",      .keylen = 128 / 8, .mode = cm_cbc,    },
-      { .name = "RC2-CFB,",          .algo = "rc2",      .keylen = 128 / 8, .mode = cm_cfb,    },
-      { .name = "RC2-OFB,",          .algo = "rc2",      .keylen = 128 / 8, .mode = cm_ofb,    },
-      { .name = "SEED-CBC,",         .algo = "seed",     .keylen = 128 / 8, .mode = cm_cbc,    },
-      { .name = "SEED-CFB,",         .algo = "seed",     .keylen = 128 / 8, .mode = cm_cfb,    },
-      { .name = "SEED-OFB,",         .algo = "seed",     .keylen = 128 / 8, .mode = cm_ofb,    },
+      { .name = "AES-128-CBC,",       .algo = "aes",      .keylen = 128 / 8, .mode = cm_cbc,    },
+      { .name = "AES-192-CBC,",       .algo = "aes",      .keylen = 192 / 8, .mode = cm_cbc,    },
+      { .name = "AES-256-CBC,",       .algo = "aes",      .keylen = 256 / 8, .mode = cm_cbc,    },
+      { .name = "AES-128-CFB,",       .algo = "aes",      .keylen = 128 / 8, .mode = cm_cfb,    },
+      { .name = "AES-192-CFB,",       .algo = "aes",      .keylen = 192 / 8, .mode = cm_cfb,    },
+      { .name = "AES-256-CFB,",       .algo = "aes",      .keylen = 256 / 8, .mode = cm_cfb,    },
+      { .name = "AES-128-CFB1,",      .algo = "aes",      .keylen = 128 / 8, .mode = cm_cfb1,   },
+      { .name = "AES-192-CFB1,",      .algo = "aes",      .keylen = 192 / 8, .mode = cm_cfb1,   },
+      { .name = "AES-256-CFB1,",      .algo = "aes",      .keylen = 256 / 8, .mode = cm_cfb1,   },
+      { .name = "AES-128-CFB8,",      .algo = "aes",      .keylen = 128 / 8, .mode = cm_cfb8,   },
+      { .name = "AES-192-CFB8,",      .algo = "aes",      .keylen = 192 / 8, .mode = cm_cfb8,   },
+      { .name = "AES-256-CFB8,",      .algo = "aes",      .keylen = 256 / 8, .mode = cm_cfb8,   },
+      { .name = "AES-128-CTR,",       .algo = "aes",      .keylen = 128 / 8, .mode = cm_ctr,    },
+      { .name = "AES-192-CTR,",       .algo = "aes",      .keylen = 192 / 8, .mode = cm_ctr,    },
+      { .name = "AES-256-CTR,",       .algo = "aes",      .keylen = 256 / 8, .mode = cm_ctr,    },
+      { .name = "AES-128-OFB,",       .algo = "aes",      .keylen = 128 / 8, .mode = cm_ofb,    },
+      { .name = "AES-192-OFB,",       .algo = "aes",      .keylen = 192 / 8, .mode = cm_ofb,    },
+      { .name = "AES-256-OFB,",       .algo = "aes",      .keylen = 256 / 8, .mode = cm_ofb,    },
+      { .name = "BF-CBC,",            .algo = "blowfish", .keylen = 128 / 8, .mode = cm_cbc,    },
+      { .name = "BF-CFB,",            .algo = "blowfish", .keylen = 128 / 8, .mode = cm_cfb,    },
+      { .name = "BF-OFB,",            .algo = "blowfish", .keylen = 128 / 8, .mode = cm_ofb,    },
+      { .name = "CAMELLIA-128-CBC,",  .algo = "camellia", .keylen = 128 / 8, .mode = cm_cbc,    },
+      { .name = "CAMELLIA-192-CBC,",  .algo = "camellia", .keylen = 192 / 8, .mode = cm_cbc,    },
+      { .name = "CAMELLIA-256-CBC,",  .algo = "camellia", .keylen = 256 / 8, .mode = cm_cbc,    },
+      { .name = "CAMELLIA-128-CFB,",  .algo = "camellia", .keylen = 128 / 8, .mode = cm_cfb,    },
+      { .name = "CAMELLIA-192-CFB,",  .algo = "camellia", .keylen = 192 / 8, .mode = cm_cfb,    },
+      { .name = "CAMELLIA-256-CFB,",  .algo = "camellia", .keylen = 256 / 8, .mode = cm_cfb,    },
+      { .name = "CAMELLIA-128-CFB1,", .algo = "camellia", .keylen = 128 / 8, .mode = cm_cfb1,   },
+      { .name = "CAMELLIA-192-CFB1,", .algo = "camellia", .keylen = 192 / 8, .mode = cm_cfb1,   },
+      { .name = "CAMELLIA-256-CFB1,", .algo = "camellia", .keylen = 256 / 8, .mode = cm_cfb1,   },
+      { .name = "CAMELLIA-128-CFB8,", .algo = "camellia", .keylen = 128 / 8, .mode = cm_cfb8,   },
+      { .name = "CAMELLIA-192-CFB8,", .algo = "camellia", .keylen = 192 / 8, .mode = cm_cfb8,   },
+      { .name = "CAMELLIA-256-CFB8,", .algo = "camellia", .keylen = 256 / 8, .mode = cm_cfb8,   },
+      { .name = "CAMELLIA-128-CTR,",  .algo = "camellia", .keylen = 128 / 8, .mode = cm_ctr,    },
+      { .name = "CAMELLIA-192-CTR,",  .algo = "camellia", .keylen = 192 / 8, .mode = cm_ctr,    },
+      { .name = "CAMELLIA-256-CTR,",  .algo = "camellia", .keylen = 256 / 8, .mode = cm_ctr,    },
+      { .name = "CAMELLIA-128-OFB,",  .algo = "camellia", .keylen = 128 / 8, .mode = cm_ofb,    },
+      { .name = "CAMELLIA-192-OFB,",  .algo = "camellia", .keylen = 192 / 8, .mode = cm_ofb,    },
+      { .name = "CAMELLIA-256-OFB,",  .algo = "camellia", .keylen = 256 / 8, .mode = cm_ofb,    },
+      { .name = "CAST5-CBC,",         .algo = "cast5",    .keylen = 128 / 8, .mode = cm_cbc,    },
+      { .name = "CAST5-CFB,",         .algo = "cast5",    .keylen = 128 / 8, .mode = cm_cfb,    },
+      { .name = "CAST5-OFB,",         .algo = "cast5",    .keylen = 128 / 8, .mode = cm_ofb,    },
+      { .name = "ChaCha20,",          .algo = "chacha20", .keylen = 256 / 8, .mode = cm_stream, },
+      { .name = "DES-EDE-CBC,",       .algo = "3des",     .keylen = 128 / 8, .mode = cm_cbc,    },
+      { .name = "DES-EDE-CFB,",       .algo = "3des",     .keylen = 128 / 8, .mode = cm_cfb,    },
+      { .name = "DES-EDE-OFB,",       .algo = "3des",     .keylen = 128 / 8, .mode = cm_ofb,    },
+      { .name = "DES-EDE3-CBC,",      .algo = "3des",     .keylen = 192 / 8, .mode = cm_cbc,    },
+      { .name = "DES-EDE3-CFB,",      .algo = "3des",     .keylen = 192 / 8, .mode = cm_cfb,    },
+      { .name = "DES-EDE3-CFB1,",     .algo = "3des",     .keylen = 192 / 8, .mode = cm_cfb1,   },
+      { .name = "DES-EDE3-CFB8,",     .algo = "3des",     .keylen = 192 / 8, .mode = cm_cfb8,   },
+      { .name = "DES-EDE3-OFB,",      .algo = "3des",     .keylen = 192 / 8, .mode = cm_ofb,    },
+      { .name = "DES-CBC,",           .algo = "des",      .keylen =  64 / 8, .mode = cm_cbc,    },
+      { .name = "DES-CFB,",           .algo = "des",      .keylen =  64 / 8, .mode = cm_cfb,    },
+      { .name = "DES-CFB1,",          .algo = "des",      .keylen =  64 / 8, .mode = cm_cfb1,   },
+      { .name = "DES-CFB8,",          .algo = "des",      .keylen =  64 / 8, .mode = cm_cfb8,   },
+      { .name = "DES-OFB,",           .algo = "des",      .keylen =  64 / 8, .mode = cm_ofb,    },
+      { .name = "DESX-CBC,",          .algo = "desx",     .keylen = 192 / 8, .mode = cm_cbc,    },
+      { .name = "IDEA-CBC,",          .algo = "idea",     .keylen = 128 / 8, .mode = cm_cbc,    },
+      { .name = "IDEA-CFB,",          .algo = "idea",     .keylen = 128 / 8, .mode = cm_cfb,    },
+      { .name = "IDEA-OFB,",          .algo = "idea",     .keylen = 128 / 8, .mode = cm_ofb,    },
+      { .name = "RC5-CBC,",           .algo = "rc5",      .keylen = 128 / 8, .mode = cm_cbc,    },
+      { .name = "RC5-CFB,",           .algo = "rc5",      .keylen = 128 / 8, .mode = cm_cfb,    },
+      { .name = "RC5-OFB,",           .algo = "rc5",      .keylen = 128 / 8, .mode = cm_ofb,    },
+      { .name = "RC2-40-CBC,",        .algo = "rc2",      .keylen =  40 / 8, .mode = cm_cbc,    },
+      { .name = "RC2-64-CBC,",        .algo = "rc2",      .keylen =  64 / 8, .mode = cm_cbc,    },
+      { .name = "RC2-CBC,",           .algo = "rc2",      .keylen = 128 / 8, .mode = cm_cbc,    },
+      { .name = "RC2-CFB,",           .algo = "rc2",      .keylen = 128 / 8, .mode = cm_cfb,    },
+      { .name = "RC2-OFB,",           .algo = "rc2",      .keylen = 128 / 8, .mode = cm_ofb,    },
+      { .name = "SEED-CBC,",          .algo = "seed",     .keylen = 128 / 8, .mode = cm_cbc,    },
+      { .name = "SEED-CFB,",          .algo = "seed",     .keylen = 128 / 8, .mode = cm_cfb,    },
+      { .name = "SEED-OFB,",          .algo = "seed",     .keylen = 128 / 8, .mode = cm_ofb,    },
    };
 const unsigned long pem_dek_infos_num = sizeof(pem_dek_infos)/sizeof(pem_dek_infos[0]);
 
@@ -189,9 +205,17 @@ int pem_decrypt(unsigned char *data, unsigned long *datalen,
 #endif
          break;
       case cm_cfb:
+      case cm_cfb1:
+      case cm_cfb8:
 #ifdef LTC_CFB_MODE
-         if ((err = cfb_start(cipher, iv, key, keylen, 0, &s.ctx.cfb)) != CRYPT_OK) {
-            goto error_out;
+         if (info->mode == cm_cfb) {
+            if ((err = cfb_start(cipher, iv, key, keylen, 0, &s.ctx.cfb)) != CRYPT_OK) {
+               goto error_out;
+            }
+         } else {
+            if ((err = cfb_start_ex(cipher, iv, key, keylen, 0, info->mode == cm_cfb1 ? 1 : 8, &s.ctx.cfb)) != CRYPT_OK) {
+               goto error_out;
+            }
          }
          if ((err = cfb_decrypt(data, data, *datalen, &s.ctx.cfb)) != CRYPT_OK) {
             goto error_out;