diff options
author | 1997-09-14 17:50:06 +0000 | |
---|---|---|
committer | 1997-09-14 17:50:06 +0000 | |
commit | ac16f380e349fa39ec7e26bccb5456cb300006a5 (patch) | |
tree | c07ca88af97b4f6b77d28a2dc723d2e4621ed302 /libdes | |
parent | d33e482744fad80d95cdd89ed380c5b8401e49bf (diff) |
Pull in sources from zephyr locker. See /mit/zephyr/repository for
detailed change information.
Diffstat (limited to 'libdes')
-rw-r--r-- | libdes/ChangeLog | 68 | ||||
-rw-r--r-- | libdes/Imakefile | 139 | ||||
-rw-r--r-- | libdes/Makefile | 227 | ||||
-rw-r--r-- | libdes/debug_decl.c | 19 | ||||
-rw-r--r-- | libdes/des.h | 63 | ||||
-rw-r--r-- | libdes/desglue.c | 109 | ||||
-rw-r--r-- | libdes/destest.c | 37 | ||||
-rw-r--r-- | libdes/doc/libdes.doc | 208 | ||||
-rw-r--r-- | libdes/enc.c | 127 | ||||
-rw-r--r-- | libdes/f_README | 69 | ||||
-rw-r--r-- | libdes/f_cbc.c | 198 | ||||
-rw-r--r-- | libdes/f_cksum.c | 108 | ||||
-rw-r--r-- | libdes/f_ecb.c | 95 | ||||
-rw-r--r-- | libdes/f_parity.c | 62 | ||||
-rw-r--r-- | libdes/f_pcbc.c | 207 | ||||
-rw-r--r-- | libdes/f_sched.c | 335 | ||||
-rw-r--r-- | libdes/f_tables.c | 341 | ||||
-rw-r--r-- | libdes/f_tables.h | 223 | ||||
-rw-r--r-- | libdes/key_sched.c | 58 | ||||
-rw-r--r-- | libdes/new_rnd_key.c | 207 | ||||
-rw-r--r-- | libdes/quad_cksum.c | 153 | ||||
-rw-r--r-- | libdes/random_key.c | 97 | ||||
-rw-r--r-- | libdes/read_password.c | 249 | ||||
-rw-r--r-- | libdes/string_to_key.c | 123 | ||||
-rw-r--r-- | libdes/util.c | 36 | ||||
-rw-r--r-- | libdes/verify.c | 275 | ||||
-rw-r--r-- | libdes/weak_key.c | 73 |
27 files changed, 0 insertions, 3906 deletions
diff --git a/libdes/ChangeLog b/libdes/ChangeLog deleted file mode 100644 index ea3a9c0..0000000 --- a/libdes/ChangeLog +++ /dev/null @@ -1,68 +0,0 @@ -Tue Nov 8 12:12:32 1988 William Sommerfeld (wesommer at binkley) - - * (util) Remove \ before { and } characters (causes RT - compiler warning) - - * (read_password) Print a newline after saying "try again". - - * (read_password) Merge in changes by Jim Bloom to do a clearerr - after a read fails, and protect against an RTM attack by - changing gets to fgets. - -Fri Sep 16 16:26:55 1988 Bill Sommerfeld (wesommer at ra) - - * (read_password) fix dependancies for BSDUNIX. - -Mon Sep 12 14:55:23 1988 Bill Sommerfeld (wesommer at ra) - - * (*) debug->des_debug - - * (*) debug_print() -> des_debug_print() - - * (Makefile) add dbg_prt.o to list of files included in build. - - * (des.c) remove debug_print; it's in dbg_prt.c - - * (des_internal.h) contains definitions of AUTH_DES_ITER, - s-box structures, which aren't part of the encryption interface. - - * (*) #include "conf.h" -> #include "des_internal.h" - - * (*) C_Block -> des_cblock - - * (*) Key_schedule -> des_key_schedule - - * (noop.c) remove #includes for unused include files. - - * (des.c, random_key.c, string_to_key.c) add #include of "des_conf.h" - -Fri Sep 9 15:46:13 1988 Bill Sommerfeld (wesommer at ra) - - * (*) string_to_key() -> des_string_to_key() - - * (*) read_pw_string() -> des_read_pw_string() - - * (*) random_key() -> des_random_key() - - * (*) pcbc_encrypt() -> des_pcbc_encrypt() - - * (*) key_sched() -> des_key_sched() - - * (*) cbc_encrypt() -> des_cbc_encrypt() - - * (*) cbc_cksum() -> des_cbc_cksum() - - * (quad_cksum.c) make {four,two}_bytes_vax_to_nets be static to - avoid namespace pollution. - - * (*.c) Rename C_Block_print() to des_cblock_print(). - - * (make_key_perm.c) Make "key_perm" be static to avoid namespace - pollution. - - * (quad_cksum.c) Make "short_conv" and "long_conv" local - variables, to avoid namespace pollution. - - - - diff --git a/libdes/Imakefile b/libdes/Imakefile deleted file mode 100644 index 2822baf..0000000 --- a/libdes/Imakefile +++ /dev/null @@ -1,139 +0,0 @@ -# $Id$ -# -# Copyright 1987, 1993 by the Massachusetts Institute of Technology. -# -# For copying and distribution information, -# please see the file <mit-copyright.h>. -# -# Imakefile for DES library -# - -all:: $(BINC)/des.h - -$(BINC)/des.h: des.h - $(RM) $@; $(CP) des.h $@ - -#ifdef MIT_DES -OTHEROBJS= cbc_encrypt.o cksum.o pcbc_encrypt.o make_key_sched.o des.o \ - key_parity.o -#else -OTHEROBJS= f_cbc.o f_cksum.o f_pcbc.o f_sched.o f_ecb.o f_parity.o f_tables.o -#endif -DESOBJS= $(OTHEROBJS) key_sched.o debug_decl.o \ - quad_cksum.o random_key.o read_password.o \ - string_to_key.o weak_key.o new_rnd_key.o util.o $(OLDOBJS) - -#ifdef ATHENA_RULES - -build_library(des,$(DESOBJS)) - -build_program(enc,enc.o libdes.a,,) -build_program(destest,destest.o libdes.a,,) -build_program(verify,verify.o libdes.a,,) - -#ifdef MIT_DES -build_program(make_key_perm,make_key_perm.o misc.o,,) -build_program(make_odd,make_odd.o misc.o,,) -build_program(make_p_table,make_p_table.o misc.o,,) -build_program(make_s_table,make_s_table.o misc.o,,) -build_program(make_p,make_p.o misc.o,,) -build_program(make_fp,make_fp.o misc.o,,) -build_program(make_ip,make_ip.o misc.o,,) - -key_perm.h: make_key_perm - ./make_key_perm key_perm.h -odd.h: make_odd - ./make_odd odd.h -p_table.h: make_p_table - ./make_p_table p_table.h -s_table.h: make_s_table - ./make_s_table s_table.h -p.c: make_p - ./make_p p.c -fp.c: make_fp - ./make_fp fp.c -ip.c: make_ip - ./make_ip ip.c - -clean:: - $(RM) ip.c fp.c p.c s_table.h p_table.h odd.h key_perm.h - -key_parity.o: odd.h -key_sched.o: key_perm.h -des.o: s_table.h p_table.h ip.c fp.c p.c -misc.o: des_internal.h - -make_s_table:: tables.h des_internal.h -make_p_table:: tables.h des_internal.h -make_key_perm:: des_internal.h -make_s:: s_table.h des_internal.h -#endif - -#else /* ATHENA_RULES */ - -#ifdef OLD_COMPAT -OLDSRCS= desglue.c -OLDOBJS= desglue.o -#else -OLDSRCS= -OLDOBJS= -#endif -DESSRCS= key_sched.c des.c cbc_encrypt.c pcbc_encrypt.c debug_decl.c \ - cksum.c quad_cksum.c random_key.c read_password.c \ - string_to_key.c weak_key.c key_parity.c new_rnd_key.c util.c $(OLDSRCS) - -SRCS= des_internal.h make_key_perm.c make_ip.c make_fp.c make_e.c make_p.c make_s.c \ - make_s_table.c make_p_table.c make_odd.c misc.c \ - key_test.c testit.c verify.c epc_encrypt.c \ - cbc_noop.c enc.c ${DESSRCS} - -SRCDIR=$(SRCTOP)/lib/des -CODE=$(SRCS) Imakefile tables.h des.vaxasm - -library_obj_rule() - -install_library_target(des,$(DESOBJS),$(DESSRCS),) - -library_ro_object(dbg_prt) - -/* add other assembler versions here, if you come up with them. */ -#ifdef VAXASM -library_asm_object(des.o,des.vaxasm) -#else -library_ro_object(des) -library_ro_object(key_sched) -#endif -/* - * misc.o is used by all of the header generators. - */ - -host_simple_object(misc.o,misc.c) -/* - * Generate include files for use by key_sched & friends. - */ - -generate_depend(key_perm.h,make_key_perm,misc.o) -generate_depend(odd.h,make_odd,misc.o) -generate_depend(p_table.h,make_p_table,misc.o) -generate_depend(s_table.h,make_s_table,misc.o) -generate_depend(p.c,make_p,misc.o) -generate_depend(fp.c,make_fp,misc.o) -generate_depend(ip.c,make_ip,misc.o) - -misc.o: des_internal.h -make_s_table: tables.h des_internal.h -make_p_table: tables.h des_internal.h -make_key_perm: des_internal.h -make_s: s_table.h des_internal.h - - -/* - * verify that the library correctly implements the DES standard. - * Run this after any change to the source. - */ - -test(verify,libdes.a,) -test(key_test,libdes.a,) -test(testit,libdes.a,) - -#endif /* ATHENA_RULES */ diff --git a/libdes/Makefile b/libdes/Makefile deleted file mode 100644 index 3e12ea0..0000000 --- a/libdes/Makefile +++ /dev/null @@ -1,227 +0,0 @@ -# Makefile generated by imake - do not edit! -# $XConsortium: imake.c,v 1.86 93/10/11 12:12:36 rws Exp $ - -all:: - -SHELL=/bin/sh -MAKESHELL=/bin/sh - -TOP = ../. -CWD = ./libdes -CONFIGSRC = /mit/opssrc/zephyr.sunos/production/config -DESTDIR= - -IRULESRC = $(CONFIGSRC) - -PTOP = $(TOP)/. - -IMAKE= imake -IFLAGS= -I$(IRULESRC) $(IFLAGS_SH) $(OTHER_IFLAGS) -DTOPDIR=/mit/opssrc/zephyr.sunos/production -XIFLAGS= -I$(ATHXLIBDIR)/X11/config -DUseInstalled - -ICONFIGFILES = $(IRULESRC)/Imake.tmpl $(IRULESRC)/Imake.rules \ - $(IRULESRC)/site.def Imakefile $(PRULEDEP) -MKDIRHIER= sh $(IRULESRC)/mkdirhier.sh - -ATHVERS = $(IRULESRC)/update.conf - -ATHBASEDIR=/usr/athena - -ATHLIBDIR=$(ATHBASEDIR)/lib -ATHBINDIR=$(ATHBASEDIR)/bin -ATHINCDIR=$(ATHBASEDIR)/include -ATHETCDIR=$(ATHBASEDIR)/etc -ATHCONFDIR=/etc/athena -ATHMANDIR=$(ATHBASEDIR)/man -ATHRBINDIR=/bin/athena -ATHRETCDIR=/etc/athena - -ATHNEWDIR=$(ATHBINDIR) - -ATHXAPPDIR=/usr/athena/lib/X11/app-defaults -ATHXBITDIR=/usr/athena/lib/X11/bitmaps -ATHXINCDIR=/usr/athena/include -ATHXLIBDIR=/usr/athena/lib - -AFSDIR=/mit/afsuser/@sys - -LINTCFLAG=-o -LINTFLAGS=-DPOSIX $(DEFINES) -I/usr/athena/include - -INSTALL=install -c -RANLIB=ranlib -CC=cc -LD=cc -AS=as -RM=rm -f -CP=cp -p - -ETCMD=compile_et -SSCMD=mk_cmds - -LIB_ET = -lcom_err -LIB_SS = -lss -LIB_HES = -lhesiod -LIB_KRB = -lkrb -ldes -LIB_ZEPHYR = -lzephyr -lkrb -ldes -lcom_err -LIB_X = -lX11 -lXext -LIB_XT = -lXt -lX11 -lXext -LIB_XAW = -lXaw -lXmu -lXt -lX11 -lXext - -CDEBUG=-O2 - -CFLAGS=$(CDEBUG) -DPOSIX $(DEFINES) -I/usr/athena/include -LDFLAGS= $(LDDEFS) -LDPATH=-L$(ATHLIBDIR) -LDLIBS= - -install:: install_dirs -install_dirs:: -install:: -install.man:: - -clean:: -depend:: - -FRC:: - -########################################################################### -# start of Imakefile -########################################################################### - -# Copyright 1993 Massachusetts Institute of Technology -# For copying and distribution information, see the file -# "mit-copyright.h" -# -# $Id$ - -CDEFS_KRB = -DKERBEROS -ZLIB_KRB = $(LIB_KRB) - -CDEFS_HES = -DHESIOD -ZLIB_HES = $(LIB_HES) - -ZPIDDIR = /etc/athena -ZETCDIR = $(ATHCONFDIR)/zephyr -ZLIBDIR = $(ATHLIBDIR)/zephyr -ZINCDIR = $(ATHINCDIR)/zephyr -ZACLDIR = $(ZETCDIR)/acl - -BINC = $(PTOP)/h - -ZLIB = $(PTOP)/lib/libzephyr.a -ZLIBDES = $(PTOP)/libdes/libdes.a -ZLIBS = $(ZLIB_KRB) $(LIB_ET) $(ZLIB_HES) -DYN_LIB = $(PTOP)/libdyn/libdyn.a - -DEFINES = $(XDEFS) -I$(BINC) \ - $(CDEFS_KRB) $(CDEFS_HES) $(CDEFS_ET) $(CDEFS_SS) \ - $(MACHDEFS) - -CC=cc -LD=cc - -ATHBINDIR = /mit/zephyr/@sys/bin -ATHLIBDIR = /mit/zephyr/@sys/lib -ATHINCDIR = /mit/zephyr/include -ATHMANDIR = /mit/zephyr/man - -ZLIBDIR = /mit/zephyr/configs -ATHCONFDIR = $(ZLIBDIR) -ATHETCDIR = $(ATHBINDIR) -ATHRETCDIR = $(ATHBINDIR) - -LDPATH = -L/usr/athena/lib/shared -L/usr/athena/lib - -# $Id$ -# -# Copyright 1987, 1993 by the Massachusetts Institute of Technology. -# -# For copying and distribution information, -# please see the file <mit-copyright.h>. -# -# Imakefile for DES library -# - -all:: $(BINC)/des.h - -$(BINC)/des.h: des.h - $(RM) $@; $(CP) des.h $@ - -OTHEROBJS= f_cbc.o f_cksum.o f_pcbc.o f_sched.o f_ecb.o f_parity.o f_tables.o - -DESOBJS= $(OTHEROBJS) key_sched.o debug_decl.o \ - quad_cksum.o random_key.o read_password.o \ - string_to_key.o weak_key.o new_rnd_key.o util.o $(OLDOBJS) - -all:: libdes.a - libdes.a:: $(DESOBJS) - ar cru libdes.a $(DESOBJS) - $(RANLIB) libdes.a -all-prof:: libdes_p.a - libdes_p.a: $(DESOBJS) - cd profiled; ar cru ../libdes_p.a $(DESOBJS) - $(RANLIB) libdes_p.a - -install:: - $(RM) $(DESTDIR)$(ATHLIBDIR)/libdes.a - $(INSTALL) -m 0644 libdes.a $(DESTDIR)$(ATHLIBDIR) - $(RANLIB) $(DESTDIR)$(ATHLIBDIR)/libdes.a -inst-prof:: - $(RM) $(DESTDIR)$(ATHLIBDIR)/libdes_p.a - $(INSTALL) -m 0644 libdes_p.a $(DESTDIR)$(ATHLIBDIR) - $(RANLIB) $(DESTDIR)$(ATHLIBDIR)/libdes_p.a - -all:: enc -enc:: enc.o libdes.a - $(LD) $(LDFLAGS) -o enc enc.o libdes.a $(LDPATH) $(LDLIBS) -clean:: - $(RM) enc - -all:: destest -destest:: destest.o libdes.a - $(LD) $(LDFLAGS) -o destest destest.o libdes.a $(LDPATH) $(LDLIBS) -clean:: - $(RM) destest - -all:: verify -verify:: verify.o libdes.a - $(LD) $(LDFLAGS) -o verify verify.o libdes.a $(LDPATH) $(LDLIBS) -clean:: - $(RM) verify - -PRULES = "config/zephyr.rules" -PINC = -DProjectRules=\"$(PRULES)\" -DProjectRuleDep=$(PRULES) - -PRULEDEP = $(PTOP)/config/zephyr.rules - -PTOP = $(TOP)/. -IPROJ = -DProject -DProjectTop=. -I$(PTOP) $(PINC) - -IFLAGS_SH = -DUseSharedLibs - -Makefile:: $(ICONFIGFILES) - -@if [ -f Makefile ]; then \ - echo " $(RM) Makefile.bak; mv Makefile Makefile.bak"; \ - $(RM) Makefile.bak; mv Makefile Makefile.bak; \ - else exit 0; fi - $(IMAKE) $(IPROJ) $(IFLAGS) -DNEWTOP=$(TOP) -DNEWCWD=$(CWD) - -XMakefile:: - -@if [ -f Makefile ]; then \ - echo " $(RM) Makefile.bak; mv Makefile Makefile.bak"; \ - $(RM) Makefile.bak; mv Makefile Makefile.bak; \ - else exit 0; fi - $(IMAKE) $(XIFLAGS) - -clean:: - $(RM) *~ *.o *.a core a.out Makefile.bak - $(RM) -r profiled - -all-prof inst-prof:: - -Makefiles:: - -########################################################################### -# dependencies generated by makedepend - diff --git a/libdes/debug_decl.c b/libdes/debug_decl.c deleted file mode 100644 index 30401dc..0000000 --- a/libdes/debug_decl.c +++ /dev/null @@ -1,19 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Declaration of debugging flag. - */ - -#ifndef lint -static char rcsid_debug_decl_c[] = - "$Id$"; -#endif - -#include <mit-copyright.h> -int des_debug = 0; diff --git a/libdes/des.h b/libdes/des.h deleted file mode 100644 index d69f33f..0000000 --- a/libdes/des.h +++ /dev/null @@ -1,63 +0,0 @@ -/* - * $Source$ - * $Author$ - * $Header$ - * - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Include file for the Data Encryption Standard library. - */ - -/* only do the whole thing once */ -#ifndef DES_DEFS -#define DES_DEFS - -#include <mit-copyright.h> - -#ifndef KRB_INT32 -#define KRB_INT32 long -#endif -#ifndef KRB_UINT32 -#define KRB_UINT32 unsigned KRB_INT32 -#endif - -typedef unsigned char des_cblock[8]; /* crypto-block size */ -/* Key schedule */ -typedef struct des_ks_struct { union { long pad; des_cblock _;} __; } des_key_schedule[16]; - -#define DES_KEY_SZ (sizeof(des_cblock)) -#define DES_ENCRYPT 1 -#define DES_DECRYPT 0 - -#ifndef NCOMPAT -#define C_Block des_cblock -#define Key_schedule des_key_schedule -#define ENCRYPT DES_ENCRYPT -#define DECRYPT DES_DECRYPT -#define KEY_SZ DES_KEY_SZ -#define string_to_key des_string_to_key -#define read_pw_string des_read_pw_string -#define random_key des_random_key -#define pcbc_encrypt des_pcbc_encrypt -#define key_sched des_key_sched -#define cbc_encrypt des_cbc_encrypt -#define cbc_cksum des_cbc_cksum -#define C_Block_print des_cblock_print -#define quad_cksum des_quad_cksum -typedef struct des_ks_struct bit_64; -#endif - -#define des_cblock_print(x) des_cblock_print_file(x, stdout) - -#if defined(__alpha) || defined(cray) -typedef int int32; -typedef unsigned int u_int32; -#else -typedef long int32; -typedef unsigned long u_int32; -#endif - -#endif /* DES_DEFS */ diff --git a/libdes/desglue.c b/libdes/desglue.c deleted file mode 100644 index 4238b65..0000000 --- a/libdes/desglue.c +++ /dev/null @@ -1,109 +0,0 @@ -/* - * $Source$ - * $Author$ - * $Header$ - * - * Copyright (C) 1988 by the Massachusetts Institute of Technology - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Backwards compatibility module. - */ - -#ifndef lint -static char *rcsid_desglue_c = "$Header$"; -#endif /* lint */ - -#ifndef NCOMPAT -#include <des.h> - -#undef string_to_key -#undef read_pw_string -#undef random_key -#undef pcbc_encrypt -#undef key_sched -#undef cbc_encrypt -#undef cbc_cksum -#undef C_Block_print -#undef quad_cksum - -int -string_to_key(str, key) - char *str; - register des_cblock *key; -{ - return des_string_to_key(str, key); -} - - -int -read_pw_string(s, max, prompt, verify) - char *s; - int max; - char *prompt; - int verify; -{ - return des_read_pw_string (s, max, prompt, verify); -} - -random_key(key) - des_cblock *key; -{ - return des_random_key(key); -} - -pcbc_encrypt(in, out, length, key, iv, encrypt) - des_cblock *in, *out; - register long length; - des_key_schedule key; - des_cblock *iv; - int encrypt; -{ - return des_pcbc_encrypt (in, out, length, key, iv, encrypt); -} - -key_sched(k, s) - unsigned char *k; - des_key_schedule s; -{ - return des_key_sched (k, s); -} - -cbc_encrypt(in, out, length, key, iv, encrypt) - des_cblock *in, *out; - register long length; - des_key_schedule key; - des_cblock *iv; - int encrypt; -{ - return des_cbc_encrypt (in, out, length, key, iv, encrypt); -} - -cbc_cksum(in, out, length, key, iv) - des_cblock *in; /* >= length bytes of inputtext */ - des_cblock *out; /* >= length bytes of outputtext */ - register long length; /* in bytes */ - des_key_schedule key; /* precomputed key schedule */ - des_cblock *iv; /* 8 bytes of ivec */ -{ - return des_cbc_cksum(in, out, length, key, iv); -} - -C_Block_print(x) - des_cblock *x; -{ - return des_cblock_print (x); -} - -unsigned long -quad_cksum(in,out,length,out_count,c_seed) - des_cblock *c_seed; /* secret seed, 8 bytes */ - unsigned char *in; /* input block */ - unsigned long *out; /* optional longer output */ - int out_count; /* number of iterations */ - long length; /* original length in bytes */ -{ - return des_quad_cksum(in,out,length,out_count,c_seed); -} -#endif diff --git a/libdes/destest.c b/libdes/destest.c deleted file mode 100644 index ad6333f..0000000 --- a/libdes/destest.c +++ /dev/null @@ -1,37 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - */ - -#ifndef lint -static char rcsid_destest_c[] = - "$Id$"; -#endif - -#include <mit-copyright.h> -#include <stdio.h> -#include <des.h> - -char clear[] = "eight bytes"; -char cipher[8]; -char key[8]; -Key_schedule schedule; - -main() -{ - int i; - string_to_key("good morning!", key); - i = key_sched(key, schedule); - if (i) { - printf("bad schedule (%d)\n", i); - exit(1); - } - for (i = 1; i <= 10000; i++) - des_ecb_encrypt(clear, cipher, schedule, i&1); - return 0; -} diff --git a/libdes/doc/libdes.doc b/libdes/doc/libdes.doc deleted file mode 100644 index 70f9f33..0000000 --- a/libdes/doc/libdes.doc +++ /dev/null @@ -1,208 +0,0 @@ - - How to use the Kerberos encryption library. - - Revised 10/15/85 spm - -1) The following include file is needed: - - /projects/auth/include/des.h (VAX) - --------------- (PC8086) - -2) The encryption library that should be linked to is: - - /projects/auth/lib/libdes.a (VAX) -| /projects/auth/ibm/lib/libdes.a (PC8086 cross-compilation environment) - -3) For each key that may be simultaneously active, - allocate (either compile or malloc) a "Key_schedule" struct, - defined in "des.h" - -4) Create key schedules, as needed, prior to using the encryption - routines, via "des_set_key()". - -5) Setup the input and output areas. Make sure to note the restrictions - on lengths being multiples of eight bytes. - -6) Invoke the encryption/decryption routines, "ecb_encrypt()" - or "cbc_encrypt()" - -7) To generate a cryptographic checksum, use "cbc_cksum()" -/* ---------------------------------------------------------------- */ - - Routine Interfaces-- - -/* ----------------------------------------------------------------- */ - -int - des_set_key(k,schedule) - C_Block *k; - Key_schedule schedule; - - Calculates a key schedule from (all) eight bytes of the input key, and - puts it into the indicated "Key_schedule" struct; - - Make sure to pass valid eight bytes, no padding or other processing - it done. - - The key schedule is then used in subsequent encryption/decryption - operations. Many key schedules may be created and cached for later - use. - - The user is responsible to clear keys and schedules no longer needed - to prevent their disclosure. - -| Checks the parity of the key provided, to make sure it is odd per -| FIPS spec. Returns 0 value for key ok, 1 for key_parity error. - -/* ---------------------------------------------------------------- */ - -int - ecb_encrypt(input,output,schedule,encrypt) - C_Block *input; /* ptr to eight byte input value */ - C_Block *output; /* ptr to eight byte output value */ - int encrypt; /* 0 ==> decrypt, else encrypt */ - Key_schedule schedule; /* addr of key schedule */ - -This is the low level routine that encrypts or decrypts a single 8-byte -block in electronic code book mode. Always transforms the input -data into the output data. - -If encrypt is non-zero, the input (cleartext) is encrypted into the -output (ciphertext) using the specified key_schedule, pre-set via "des_set_key". - -If encrypt is zero, the input (now ciphertext) is decrypted into -the output (now cleartext). - -Input and output may be the same space. - -Does not return any meaningful value. Void is not used for compatibility -with other compilers. - -/* -------------------------------------------------------------- */ - -int - cbc_encrypt(input,output,length,schedule,ivec,encrypt) - - C_Block *input; /* ptr to input data */ - C_Block *output; /* ptr to output data */ - int length; /* desired length, in bytes */ - Key_schedule schedule; /* addr of precomputed schedule */ - C_Block *ivec; /* pointer to 8 byte initialization - * vector - */ - int encrypt /* 0 ==> decrypt; else encrypt*/ - - - If encrypt is non-zero, the routine cipher-block-chain encrypts - the INPUT (cleartext) into the OUTPUT (ciphertext) using the provided - key schedule and initialization vector. If the length is not an integral - multiple of eight bytes, the last block is copied to a temp and zero - filled (highest addresses). The output is ALWAYS an integral multiple - of eight bytes. - - If encrypt is zero, the routine cipher-block chain decrypts the INPUT - (ciphertext) into the OUTPUT (cleartext) using the provided key schedule - and initialization vector. Decryption ALWAYS operates on integral - multiples of 8 bytes, so will round the length provided up to the - appropriate multiple. Consequently, it will always produce the rounded-up - number of bytes of output cleartext. The application must determine if - the output cleartext was zero-padded due to cleartext lengths not integral - multiples of 8. - - No errors or meaningful value are returned. Void is not used for - compatibility with other compilers. - - -/* cbc checksum (MAC) only routine ---------------------------------------- */ -int - cbc_cksum(input,output,length,schedule,ivec) - - C_Block *input; /* >= length bytes of inputtext */ - C_Block *output; /* >= length bytes of outputtext */ - int length; /* in bytes */ - Key_schedule schedule; /* precomputed key schedule */ - C_Block *ivec; /* 8 bytes of ivec */ - - - Produces a cryptographic checksum, 8 bytes, by cipher-block-chain - encrypting the input, discarding the ciphertext output, and only retaining - the last ciphertext 8-byte block. Uses the provided key schedule and ivec. - The input is effectively zero-padded to an integral multiple of - eight bytes, though the original input is not modified. - - No meaningful value is returned. Void is not used for compatibility - with other compilers. - - -/* random_key ----------------------------------------*/ -int - random_key(key) - - C_Block *key; - - The start for the random number generated is set from the current time - in microseconds, then the random number generator is invoked - to create an eight byte output key (not a schedule). The key - generated is set to odd parity per FIPS spec. - - The caller must supply space for the output key, pointed to - by "*key", then after getting a new key, call the des_set_key() - routine when needed. - - No meaningfull value is returned. Void is not used for compatibility - with other compilers. - - -/* string_to_key --------------------------------------------*/ - -int - string_to_key(str,key) - register char *str; - register C_Block *key; - - This routines converts an arbitrary length, null terminated string - to an 8 byte DES key, with each byte parity set to odd, per FIPS spec. - - The algorithm is as follows: - -| Take the first 8 bytes and remove the parity (leaving 56 bits). -| Do the same for the second 8 bytes, and the third, etc. Do this for -| as many sets of 8 bytes as necessary, filling in the remainder of the -| last set with nulls. Fold the second set back on the first (i.e. bit -| 0 over bit 55, and bit 55 over bit 0). Fold the third over the second -| (bit 0 of the third set is now over bit 0 of the first set). Repeat -| until you have done this to all sets. Xor the folded sets. Break the -| result into 8 7 bit bytes, and generate odd parity for each byte. You -| now have 64 bits. Note that DES takes a 64 bit key, and uses only the -| non parity bits. - - -/* read_password -------------------------------------------*/ - -read_password(k,prompt,verify) - C_Block *k; - char *prompt; - int verify; - -This routine issues the supplied prompt, turns off echo, if possible, and -reads an input string. If verify is non-zero, it does it again, for use -in applications such as changing a password. If verify is non-zero, both -versions are compared, and the input is requested repeatedly until they -match. Then, the input string is mapped into a valid DES key, internally -using the string_to_key routine. The newly created key is copied to the -area pointed to by parameter "k". - -No meaningful value is returned. If an error occurs trying to manipulate -the terminal echo, the routine forces the process to exit. - -/* get_line ------------------------*/ -long get_line(p,max) - char *p; - long max; - -Reads input characters from standard input until either a newline appears or -else the max length is reached. The characters read are stuffed into -the string pointed to, which will always be null terminated. The newline -is not inserted in the string. The max parameter includes the byte needed -for the null terminator, so allocate and pass one more than the maximum -string length desired. diff --git a/libdes/enc.c b/libdes/enc.c deleted file mode 100644 index 58e9a2d..0000000 --- a/libdes/enc.c +++ /dev/null @@ -1,127 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - */ - -#ifndef lint -static char rcsid_enc_c[] = - "$Id$"; -#endif - -#include <mit-copyright.h> -#include <stdio.h> -#include <sys/types.h> -#include <sys/file.h> -#include <fcntl.h> - -#include <des.h> - -des_key_schedule KEYSCHED; -des_cblock key = {0,1,2,3,4,5,6,7}; -des_cblock sum; -char inbuf[512+8]; /* leave room for cksum and len */ -char oubuf[512+8]; -int ind; -int oud; -long orig_size; - -main(argc,argv) - int argc; - char *argv[]; -{ - register int encrypt; - register long length; - register int *p; - u_int32 ivec[2]; - if (argc != 4) { - fprintf (stderr, "%s: Usage: %s infile outfile mode.\n", - argv[0], argv[0]); - exit (1); - } - if (!strcmp(argv[3], "e")) - encrypt = 1; - else if (!strcmp(argv[3], "d")) - encrypt = 0; - else { - fprintf (stderr, "%s: Mode must be e (encrypt) or d (decrypt).\n", - argv[0]); - exit (1); - } - if ((ind = open(argv[1], O_RDONLY, 0666)) < 0) { - fprintf (stderr, "%s: Cannot open %s for input.\n", - argv[0], argv[1]); - exit (1); - } - if (!strcmp(argv[2], "-")) - oud = dup(1); - else if ((oud = open(argv[2], O_CREAT|O_WRONLY, 0666)) < 0) { - fprintf (stderr, "%s: Cannot open %s for output.\n", - argv[0], argv[2]); - exit (1); - } -#ifdef notdef - (void) freopen ("/dev/tty", "r", stdin); - (void) freopen ("/dev/tty", "w", stdout); -#endif - des_read_password (key, "\n\07\07Enter Key> ", 1); - if (des_key_sched (key, KEYSCHED) < 0) { - fprintf (stderr, "%s: Key parity error\n", argv[0]); - exit (1); - } - ivec[0] = 0; - ivec[1] = 0; - memcpy(sum, key, sizeof(des_cblock)); - for (;;) { - if ((length = read (ind, inbuf, 512)) < 0) { - fprintf (stderr, "%s: Error reading from input.\n", - argv[0]); - exit (1); - } else if (length == 0) { - fprintf (stderr, "\n"); - break; - } - if (encrypt) { -#ifdef notdef - sum = des_quad_cksum(inbuf,NULL,length,1,sum); -#endif - des_quad_cksum(inbuf,sum,length,1,sum); - orig_size += length; - fprintf(stderr, - "\nlength = %d tot length = %d quad_sum = %X %X", - length, orig_size, *(unsigned long *) sum, - *((unsigned long *) sum+1)); - fflush(stderr); - } - des_pcbc_encrypt (inbuf, oubuf, (long) length, KEYSCHED, ivec, - encrypt); - if (!encrypt) { -#ifdef notdef - sum = des_quad_cksum(oubuf,NULL,length,1,sum); -#endif - des_quad_cksum(oubuf,sum,length,1,sum); - orig_size += length; - fprintf(stderr, - "\nlength = %d tot length = %d quad_sum = %X ", - length, orig_size, *(unsigned long *) sum, - *((unsigned long *) sum+1)); - } - length = (length+7)& ~07; - write (oud, oubuf, length); - if (!encrypt) - p = (int *)&oubuf[length-8]; - else - p = (int *)&inbuf[length-8]; - ivec[0] = *p++; - ivec[1] = *p; - } - - fprintf(stderr,"\ntot length = %d quad_sum = %X\n", - orig_size,sum); - /* if encrypting, now put the original length and checksum in */ - return 0; -} diff --git a/libdes/f_README b/libdes/f_README deleted file mode 100644 index 0d381e3..0000000 --- a/libdes/f_README +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1990 Dennis Ferguson. All rights reserved. - * - * Commercial use is permitted only if products which are derived from - * or include this software are made available for purchase and/or use - * in Canada. Otherwise, redistribution and use in source and binary - * forms are permitted. - */ - -Sorry about the poor quality of installation instructions. Included -here are replacements for the DES portions of Eric Young's kerberos -DES library replacement. To use this you will need his distribution. -Untar the latter and: - -(1) Copy all .c and .h files into the distribution directory. This will - overwrite some files and add others. - -(2) Apply the patch included here to set_key.c in the distribution directory. - -(3) Edit the Imakefile (or the Makefile) to include the following files - on the SRCS= line: - - des_tables.c ecb_buffer.c make_sched.c - - Add the following files to the OBJS= line: - - des_tables.o ecb_buffer.o make_sched.o - - Add the following file to the CODE= line: - - des_tables.h - -Recompile and you're done. - -The salient differences between this DES and Eric Young's are as follows: - -(1) There are no dependencies on byte ordering, the ability to do - unaligned loads and stores, or any other machine dependencies - that I know of. There are no #ifdef's. The code could probably - be made faster by adding such things, but not enough to be worth - it. - -(2) Combined S and P tables are used for the inner loop of the cipher - routine and the E expansion is computed on the fly, like Eric - Young's code, but the computation is reordered from the standard - to save instructions. - -(3) The initial and final permutations are table driven, and take - about the same amount of work as a single round of the inner - loop (i.e. only about 12% of the work done for an ecb encryption - is spent in the IP and FP code). - -(4) Since NTP (for which this DES was originally implemented) uses - lots of keys to encrypt small things, the key permutation code - has been well worked over and is quite speedy (the amount of - work required to permute a key is on the order of that required - to do a single ECB encryption, more or less). - -(5) Since the code required to do an ECB encryption using the tables - is actually fairly compact, even with lots of inlining, it was - implemented as a macro and is expanded in situ where needed. - -On the one machine I ran a comparison on this code ran 80% faster than -Eric's, compiled into a slightly smaller space, and did pass destest. -I suspect this stuff is also faster, and not a lot larger, than the -library MIT doesn't export with kerberos. You mileage may vary. - -The silly copyright was a (probably ineffective) afterthought. If it -really inconveniences you give me a call. diff --git a/libdes/f_cbc.c b/libdes/f_cbc.c deleted file mode 100644 index eba53be..0000000 --- a/libdes/f_cbc.c +++ /dev/null @@ -1,198 +0,0 @@ -/* - * Copyright (c) 1990 Dennis Ferguson. All rights reserved. - * - * Commercial use is permitted only if products which are derived from - * or include this software are made available for purchase and/or use - * in Canada. Otherwise, redistribution and use in source and binary - * forms are permitted. - */ - -/* - * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode - */ -#include "des.h" -#include "f_tables.h" - -/* - * des_cbc_encrypt - {en,de}crypt a stream in CBC mode - */ -int -des_cbc_encrypt(in, out, length, schedule, ivec, encrypt) - des_cblock *in; - des_cblock *out; - long length; - des_key_schedule schedule; - des_cblock ivec; - int encrypt; -{ - register unsigned long left, right; - register unsigned long temp; - register u_int32 *kp; - register unsigned char *ip, *op; - - /* - * Get key pointer here. This won't need to be reinitialized - */ - kp = (u_int32 *)schedule; - - /* - * Deal with encryption and decryption separately. - */ - if (encrypt) { - /* - * Initialize left and right with the contents of the initial - * vector. - */ - ip = (unsigned char *)ivec; - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ - ip = (unsigned char *)in; - op = (unsigned char *)out; - while (length > 0) { - /* - * Get more input, xor it in. If the length is - * greater than or equal to 8 this is straight - * forward. Otherwise we have to fart around. - */ - if (length >= 8) { - left ^= ((*ip++) & 0xff) << 24; - left ^= ((*ip++) & 0xff) << 16; - left ^= ((*ip++) & 0xff) << 8; - left ^= (*ip++) & 0xff; - right ^= ((*ip++) & 0xff) << 24; - right ^= ((*ip++) & 0xff) << 16; - right ^= ((*ip++) & 0xff) << 8; - right ^= (*ip++) & 0xff; - length -= 8; - } else { - /* - * Oh, shoot. We need to pad the - * end with zeroes. Work backwards - * to do this. - */ - ip += (int) length; - switch(length) { - case 7: - right ^= (*(--ip) & 0xff) << 8; - case 6: - right ^= (*(--ip) & 0xff) << 16; - case 5: - right ^= (*(--ip) & 0xff) << 24; - case 4: - left ^= *(--ip) & 0xff; - case 3: - left ^= (*(--ip) & 0xff) << 8; - case 2: - left ^= (*(--ip) & 0xff) << 16; - case 1: - left ^= (*(--ip) & 0xff) << 24; - break; - } - length = 0; - } - - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, temp, kp); - - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - } - } else { - /* - * Decrypting is harder than encrypting because of - * the necessity of remembering a lot more things. - * Should think about this a little more... - */ - unsigned long ocipherl, ocipherr; - unsigned long cipherl, cipherr; - - if (length <= 0) - return 0; - - /* - * Prime the old cipher with ivec. - */ - ip = (unsigned char *)ivec; - GET_HALF_BLOCK(ocipherl, ip); - GET_HALF_BLOCK(ocipherr, ip); - - /* - * Now do this in earnest until we run out of length. - */ - ip = (unsigned char *)in; - op = (unsigned char *)out; - for (;;) { /* check done inside loop */ - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; - - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, temp, kp); - - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - if (length > 8) { - length -= 8; - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - /* - * Save current cipher block here - */ - ocipherl = cipherl; - ocipherr = cipherr; - } else { - /* - * Trouble here. Start at end of output, - * work backwards. - */ - op += (int) length; - switch(length) { - case 8: - *(--op) = right & 0xff; - case 7: - *(--op) = (right >> 8) & 0xff; - case 6: - *(--op) = (right >> 16) & 0xff; - case 5: - *(--op) = (right >> 24) & 0xff; - case 4: - *(--op) = left & 0xff; - case 3: - *(--op) = (left >> 8) & 0xff; - case 2: - *(--op) = (left >> 16) & 0xff; - case 1: - *(--op) = (left >> 24) & 0xff; - break; - } - break; /* we're done */ - } - } - } - - /* - * Done, return nothing. - */ - return 0; -} diff --git a/libdes/f_cksum.c b/libdes/f_cksum.c deleted file mode 100644 index 5fbc4f9..0000000 --- a/libdes/f_cksum.c +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright (c) 1990 Dennis Ferguson. All rights reserved. - * - * Commercial use is permitted only if products which are derived from - * or include this software are made available for purchase and/or use - * in Canada. Otherwise, redistribution and use in source and binary - * forms are permitted. - */ - -/* - * des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode - */ -#include "des.h" -#include "f_tables.h" - -unsigned long -des_cbc_cksum(in, out, length, schedule, ivec) - des_cblock *in; - des_cblock *out; - long length; - des_key_schedule schedule; - des_cblock ivec; -{ - register unsigned long left, right; - register unsigned long temp; - register u_int32 *kp; - register unsigned char *ip; - register long len; - - /* - * Initialize left and right with the contents of the initial - * vector. - */ - ip = (unsigned char *)ivec; - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ - ip = (unsigned char *)in; - len = length; - while (len > 0) { - /* - * Get more input, xor it in. If the length is - * greater than or equal to 8 this is straight - * forward. Otherwise we have to fart around. - */ - if (len >= 8) { - left ^= ((*ip++) & 0xff) << 24; - left ^= ((*ip++) & 0xff) << 16; - left ^= ((*ip++) & 0xff) << 8; - left ^= (*ip++) & 0xff; - right ^= ((*ip++) & 0xff) << 24; - right ^= ((*ip++) & 0xff) << 16; - right ^= ((*ip++) & 0xff) << 8; - right ^= (*ip++) & 0xff; - len -= 8; - } else { - /* - * Oh, shoot. We need to pad the - * end with zeroes. Work backwards - * to do this. - */ - ip += (int) len; - switch(len) { - case 7: - right ^= (*(--ip) & 0xff) << 8; - case 6: - right ^= (*(--ip) & 0xff) << 16; - case 5: - right ^= (*(--ip) & 0xff) << 24; - case 4: - left ^= *(--ip) & 0xff; - case 3: - left ^= (*(--ip) & 0xff) << 8; - case 2: - left ^= (*(--ip) & 0xff) << 16; - case 1: - left ^= (*(--ip) & 0xff) << 24; - break; - } - len = 0; - } - - /* - * Encrypt what we have - */ - kp = (u_int32 *)schedule; - DES_DO_ENCRYPT(left, right, temp, kp); - } - - /* - * Done. Left and right have the checksum. Put it into - * the output. - */ - ip = (unsigned char *)out; - PUT_HALF_BLOCK(left, ip); - PUT_HALF_BLOCK(right, ip); - - /* - * Return right. I'll bet the MIT code returns this - * inconsistantly (with the low order byte of the checksum - * not always in the low order byte of the long). We won't. - */ - return right; -} diff --git a/libdes/f_ecb.c b/libdes/f_ecb.c deleted file mode 100644 index a4d0579..0000000 --- a/libdes/f_ecb.c +++ /dev/null @@ -1,95 +0,0 @@ -/* - * Copyright (c) 1990 Dennis Ferguson. All rights reserved. - * - * Commercial use is permitted only if products which are derived from - * or include this software are made available for purchase and/or use - * in Canada. Otherwise, redistribution and use in source and binary - * forms are permitted. - */ - -/* - * des_ecb_encrypt.c - do an encryption in ECB mode - */ -#include "des.h" -#include "f_tables.h" - -/* - * des_ecb_encrypt - {en,de}crypt a block in ECB mode - */ -int -des_ecb_encrypt(in, out, schedule, encrypt) - des_cblock *in; - des_cblock *out; - des_key_schedule schedule; - int encrypt; -{ - register unsigned long left, right; - register unsigned long temp; - register int i; - - { - /* - * Need a temporary for copying the data in - */ - register unsigned char *datap; - - /* - * Copy the input block into the registers - */ - datap = (unsigned char *)in; - GET_HALF_BLOCK(left, datap); - GET_HALF_BLOCK(right, datap); - } - - /* - * Do the initial permutation. - */ - DES_INITIAL_PERM(left, right, temp); - - /* - * Now the rounds. Use different code depending on whether it - * is an encryption or a decryption (gross, should keep both - * sets of keys in the key schedule instead). - */ - if (encrypt) { - register u_int32 *kp; - - kp = (u_int32 *)schedule; - for (i = 0; i < 8; i++) { - DES_SP_ENCRYPT_ROUND(left, right, temp, kp); - DES_SP_ENCRYPT_ROUND(right, left, temp, kp); - } - } else { - register u_int32 *kp; - - /* - * Point kp past end of schedule - */ - kp = ((u_int32 *)schedule) + (2 * 16);; - for (i = 0; i < 8; i++) { - DES_SP_DECRYPT_ROUND(left, right, temp, kp); - DES_SP_DECRYPT_ROUND(right, left, temp, kp); - } - } - - /* - * Do the final permutation - */ - DES_FINAL_PERM(left, right, temp); - - /* - * Finally, copy the result out a byte at a time - */ - { - register unsigned char *datap; - - datap = (unsigned char *)out; - PUT_HALF_BLOCK(left, datap); - PUT_HALF_BLOCK(right, datap); - } - - /* - * return nothing - */ - return (0); -} diff --git a/libdes/f_parity.c b/libdes/f_parity.c deleted file mode 100644 index 44d2307..0000000 --- a/libdes/f_parity.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * These routines check and fix parity of encryption keys for the DES - * algorithm. - * - * They are a replacement for routines in key_parity.c, that don't require - * the table building that they do. - * - * Mark Eichin -- Cygnus Support - */ - -#ifndef lint -static char rcsid_f_parity_c[] = - "$Id$"; -#endif - -#include "des.h" - -/* - * des_fixup_key_parity: Forces odd parity per byte; parity is bits - * 8,16,...64 in des order, implies 0, 8, 16, ... - * vax order. - */ -#define smask(step) ((1<<step)-1) -#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step))) -#define parity_char(x) pstep(pstep(pstep((x),4),2),1) - -void -des_fixup_key_parity(key) - register des_cblock key; -{ - int i; - for (i=0; i<sizeof(des_cblock); i++) - { - key[i] &= 0xfe; - key[i] |= 1^parity_char(key[i]); - } - - return; -} - -/* - * des_check_key_parity: returns true iff key has the correct des parity. - * See des_fix_key_parity for the definition of - * correct des parity. - */ -int -des_check_key_parity(key) - register des_cblock key; -{ - int i; - - for (i=0; i<sizeof(des_cblock); i++) - { - if((key[i] & 1) == parity_char(0xfe&key[i])) - { - return 0; - } - } - - return(1); -} - diff --git a/libdes/f_pcbc.c b/libdes/f_pcbc.c deleted file mode 100644 index 4b7dc78..0000000 --- a/libdes/f_pcbc.c +++ /dev/null @@ -1,207 +0,0 @@ -/* - * Copyright (c) 1990 Dennis Ferguson. All rights reserved. - * - * Commercial use is permitted only if products which are derived from - * or include this software are made available for purchase and/or use - * in Canada. Otherwise, redistribution and use in source and binary - * forms are permitted. - */ - -/* - * des_pcbc_encrypt.c - encrypt a string of characters in error propagation mode - */ -#include "des.h" -#include "f_tables.h" - -/* - * des_pcbc_encrypt - {en,de}crypt a stream in PCBC mode - */ -int -des_pcbc_encrypt(in, out, length, schedule, ivec, encrypt) - des_cblock *in; - des_cblock *out; - long length; - des_key_schedule schedule; - des_cblock ivec; - int encrypt; -{ - register unsigned long left, right; - register unsigned long temp; - register u_int32 *kp; - register unsigned char *ip, *op; - - /* - * Copy the key pointer, just once - */ - kp = (u_int32 *)schedule; - - /* - * Deal with encryption and decryption separately. - */ - if (encrypt) { - register unsigned long plainl; - register unsigned long plainr; - - /* - * Initialize left and right with the contents of the initial - * vector. - */ - ip = (unsigned char *)ivec; - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ - ip = (unsigned char *)in; - op = (unsigned char *)out; - while (length > 0) { - /* - * Get block of input. If the length is - * greater than 8 this is straight - * forward. Otherwise we have to fart around. - */ - if (length > 8) { - GET_HALF_BLOCK(plainl, ip); - GET_HALF_BLOCK(plainr, ip); - left ^= plainl; - right ^= plainr; - length -= 8; - } else { - /* - * Oh, shoot. We need to pad the - * end with zeroes. Work backwards - * to do this. We know this is the - * last block, though, so we don't have - * to save the plain text. - */ - ip += (int) length; - switch(length) { - case 8: - right ^= *(--ip) & 0xff; - case 7: - right ^= (*(--ip) & 0xff) << 8; - case 6: - right ^= (*(--ip) & 0xff) << 16; - case 5: - right ^= (*(--ip) & 0xff) << 24; - case 4: - left ^= *(--ip) & 0xff; - case 3: - left ^= (*(--ip) & 0xff) << 8; - case 2: - left ^= (*(--ip) & 0xff) << 16; - case 1: - left ^= (*(--ip) & 0xff) << 24; - break; - } - length = 0; - } - - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, temp, kp); - - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - - /* - * Xor with the old plain text - */ - left ^= plainl; - right ^= plainr; - } - } else { - /* - * Decrypting is harder than encrypting because of - * the necessity of remembering a lot more things. - * Should think about this a little more... - */ - unsigned long ocipherl, ocipherr; - unsigned long cipherl, cipherr; - - if (length <= 0) - return 0; - - /* - * Prime the old cipher with ivec. - */ - ip = (unsigned char *)ivec; - GET_HALF_BLOCK(ocipherl, ip); - GET_HALF_BLOCK(ocipherr, ip); - - /* - * Now do this in earnest until we run out of length. - */ - ip = (unsigned char *)in; - op = (unsigned char *)out; - for (;;) { /* check done inside loop */ - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; - - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, temp, kp); - - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - if (length > 8) { - length -= 8; - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - /* - * Save current cipher block here - */ - ocipherl = cipherl ^ left; - ocipherr = cipherr ^ right; - } else { - /* - * Trouble here. Start at end of output, - * work backwards. - */ - op += (int) length; - switch(length) { - case 8: - *(--op) = right & 0xff; - case 7: - *(--op) = (right >> 8) & 0xff; - case 6: - *(--op) = (right >> 16) & 0xff; - case 5: - *(--op) = (right >> 24) & 0xff; - case 4: - *(--op) = left & 0xff; - case 3: - *(--op) = (left >> 8) & 0xff; - case 2: - *(--op) = (left >> 16) & 0xff; - case 1: - *(--op) = (left >> 24) & 0xff; - break; - } - break; /* we're done */ - } - } - } - - /* - * Done, return nothing. - */ - return 0; -} diff --git a/libdes/f_sched.c b/libdes/f_sched.c deleted file mode 100644 index 82ff800..0000000 --- a/libdes/f_sched.c +++ /dev/null @@ -1,335 +0,0 @@ -/* - * Copyright (c) 1990 Dennis Ferguson. All rights reserved. - * - * Commercial use is permitted only if products which are derived from - * or include this software are made available for purchase and/or use - * in Canada. Otherwise, redistribution and use in source and binary - * forms are permitted. - */ - -/* - * des_make_sched.c - permute a DES key, returning the resulting key schedule - */ -#include "des.h" -#include "f_tables.h" -/* - * Permuted choice 1 tables. These are used to extract bits - * from the left and right parts of the key to form Ci and Di. - * The code that uses these tables knows which bits from which - * part of each key are used to form Ci and Di. - */ -static unsigned long PC1_CL[8] = { - 0x00000000, 0x00000010, 0x00001000, 0x00001010, - 0x00100000, 0x00100010, 0x00101000, 0x00101010 -}; - -static unsigned long PC1_DL[16] = { - 0x00000000, 0x00100000, 0x00001000, 0x00101000, - 0x00000010, 0x00100010, 0x00001010, 0x00101010, - 0x00000001, 0x00100001, 0x00001001, 0x00101001, - 0x00000011, 0x00100011, 0x00001011, 0x00101011 -}; - -static unsigned long PC1_CR[16] = { - 0x00000000, 0x00000001, 0x00000100, 0x00000101, - 0x00010000, 0x00010001, 0x00010100, 0x00010101, - 0x01000000, 0x01000001, 0x01000100, 0x01000101, - 0x01010000, 0x01010001, 0x01010100, 0x01010101 -}; - -static unsigned long PC1_DR[8] = { - 0x00000000, 0x01000000, 0x00010000, 0x01010000, - 0x00000100, 0x01000100, 0x00010100, 0x01010100 -}; - - -/* - * At the start of some iterations of the key schedule we do - * a circular left shift by one place, while for others we do a shift by - * two places. This has bits set for the iterations where we do 2 bit - * shifts, starting at the low order bit. - */ -#define TWO_BIT_SHIFTS 0x7efc - -/* - * Permuted choice 2 tables. The first actually produces the low order - * 24 bits of the subkey Ki from the 28 bit value of Ci. The second produces - * the high order 24 bits from Di. The tables are indexed by six bit - * segments of Ci and Di respectively. The code is handcrafted to compute - * the appropriate 6 bit chunks. - * - * Note that for ease of computation, the 24 bit values are produced with - * six bits going into each byte. Note also that the table has been byte - * rearranged to produce keys which match the order we will apply them - * in in the des code. - */ -static unsigned long PC2_C[4][64] = { - 0x00000000, 0x00000004, 0x00010000, 0x00010004, - 0x00000400, 0x00000404, 0x00010400, 0x00010404, - 0x00000020, 0x00000024, 0x00010020, 0x00010024, - 0x00000420, 0x00000424, 0x00010420, 0x00010424, - 0x01000000, 0x01000004, 0x01010000, 0x01010004, - 0x01000400, 0x01000404, 0x01010400, 0x01010404, - 0x01000020, 0x01000024, 0x01010020, 0x01010024, - 0x01000420, 0x01000424, 0x01010420, 0x01010424, - 0x00020000, 0x00020004, 0x00030000, 0x00030004, - 0x00020400, 0x00020404, 0x00030400, 0x00030404, - 0x00020020, 0x00020024, 0x00030020, 0x00030024, - 0x00020420, 0x00020424, 0x00030420, 0x00030424, - 0x01020000, 0x01020004, 0x01030000, 0x01030004, - 0x01020400, 0x01020404, 0x01030400, 0x01030404, - 0x01020020, 0x01020024, 0x01030020, 0x01030024, - 0x01020420, 0x01020424, 0x01030420, 0x01030424, - - 0x00000000, 0x02000000, 0x00000800, 0x02000800, - 0x00080000, 0x02080000, 0x00080800, 0x02080800, - 0x00000001, 0x02000001, 0x00000801, 0x02000801, - 0x00080001, 0x02080001, 0x00080801, 0x02080801, - 0x00000100, 0x02000100, 0x00000900, 0x02000900, - 0x00080100, 0x02080100, 0x00080900, 0x02080900, - 0x00000101, 0x02000101, 0x00000901, 0x02000901, - 0x00080101, 0x02080101, 0x00080901, 0x02080901, - 0x10000000, 0x12000000, 0x10000800, 0x12000800, - 0x10080000, 0x12080000, 0x10080800, 0x12080800, - 0x10000001, 0x12000001, 0x10000801, 0x12000801, - 0x10080001, 0x12080001, 0x10080801, 0x12080801, - 0x10000100, 0x12000100, 0x10000900, 0x12000900, - 0x10080100, 0x12080100, 0x10080900, 0x12080900, - 0x10000101, 0x12000101, 0x10000901, 0x12000901, - 0x10080101, 0x12080101, 0x10080901, 0x12080901, - - 0x00000000, 0x00040000, 0x00002000, 0x00042000, - 0x00100000, 0x00140000, 0x00102000, 0x00142000, - 0x20000000, 0x20040000, 0x20002000, 0x20042000, - 0x20100000, 0x20140000, 0x20102000, 0x20142000, - 0x00000008, 0x00040008, 0x00002008, 0x00042008, - 0x00100008, 0x00140008, 0x00102008, 0x00142008, - 0x20000008, 0x20040008, 0x20002008, 0x20042008, - 0x20100008, 0x20140008, 0x20102008, 0x20142008, - 0x00200000, 0x00240000, 0x00202000, 0x00242000, - 0x00300000, 0x00340000, 0x00302000, 0x00342000, - 0x20200000, 0x20240000, 0x20202000, 0x20242000, - 0x20300000, 0x20340000, 0x20302000, 0x20342000, - 0x00200008, 0x00240008, 0x00202008, 0x00242008, - 0x00300008, 0x00340008, 0x00302008, 0x00342008, - 0x20200008, 0x20240008, 0x20202008, 0x20242008, - 0x20300008, 0x20340008, 0x20302008, 0x20342008, - - 0x00000000, 0x00000010, 0x08000000, 0x08000010, - 0x00000200, 0x00000210, 0x08000200, 0x08000210, - 0x00000002, 0x00000012, 0x08000002, 0x08000012, - 0x00000202, 0x00000212, 0x08000202, 0x08000212, - 0x04000000, 0x04000010, 0x0c000000, 0x0c000010, - 0x04000200, 0x04000210, 0x0c000200, 0x0c000210, - 0x04000002, 0x04000012, 0x0c000002, 0x0c000012, - 0x04000202, 0x04000212, 0x0c000202, 0x0c000212, - 0x00001000, 0x00001010, 0x08001000, 0x08001010, - 0x00001200, 0x00001210, 0x08001200, 0x08001210, - 0x00001002, 0x00001012, 0x08001002, 0x08001012, - 0x00001202, 0x00001212, 0x08001202, 0x08001212, - 0x04001000, 0x04001010, 0x0c001000, 0x0c001010, - 0x04001200, 0x04001210, 0x0c001200, 0x0c001210, - 0x04001002, 0x04001012, 0x0c001002, 0x0c001012, - 0x04001202, 0x04001212, 0x0c001202, 0x0c001212 -}; - -static unsigned long PC2_D[4][64] = { - 0x00000000, 0x02000000, 0x00020000, 0x02020000, - 0x00000100, 0x02000100, 0x00020100, 0x02020100, - 0x00000008, 0x02000008, 0x00020008, 0x02020008, - 0x00000108, 0x02000108, 0x00020108, 0x02020108, - 0x00200000, 0x02200000, 0x00220000, 0x02220000, - 0x00200100, 0x02200100, 0x00220100, 0x02220100, - 0x00200008, 0x02200008, 0x00220008, 0x02220008, - 0x00200108, 0x02200108, 0x00220108, 0x02220108, - 0x00000200, 0x02000200, 0x00020200, 0x02020200, - 0x00000300, 0x02000300, 0x00020300, 0x02020300, - 0x00000208, 0x02000208, 0x00020208, 0x02020208, - 0x00000308, 0x02000308, 0x00020308, 0x02020308, - 0x00200200, 0x02200200, 0x00220200, 0x02220200, - 0x00200300, 0x02200300, 0x00220300, 0x02220300, - 0x00200208, 0x02200208, 0x00220208, 0x02220208, - 0x00200308, 0x02200308, 0x00220308, 0x02220308, - - 0x00000000, 0x00001000, 0x00000020, 0x00001020, - 0x00100000, 0x00101000, 0x00100020, 0x00101020, - 0x08000000, 0x08001000, 0x08000020, 0x08001020, - 0x08100000, 0x08101000, 0x08100020, 0x08101020, - 0x00000004, 0x00001004, 0x00000024, 0x00001024, - 0x00100004, 0x00101004, 0x00100024, 0x00101024, - 0x08000004, 0x08001004, 0x08000024, 0x08001024, - 0x08100004, 0x08101004, 0x08100024, 0x08101024, - 0x00000400, 0x00001400, 0x00000420, 0x00001420, - 0x00100400, 0x00101400, 0x00100420, 0x00101420, - 0x08000400, 0x08001400, 0x08000420, 0x08001420, - 0x08100400, 0x08101400, 0x08100420, 0x08101420, - 0x00000404, 0x00001404, 0x00000424, 0x00001424, - 0x00100404, 0x00101404, 0x00100424, 0x00101424, - 0x08000404, 0x08001404, 0x08000424, 0x08001424, - 0x08100404, 0x08101404, 0x08100424, 0x08101424, - - 0x00000000, 0x10000000, 0x00010000, 0x10010000, - 0x00000002, 0x10000002, 0x00010002, 0x10010002, - 0x00002000, 0x10002000, 0x00012000, 0x10012000, - 0x00002002, 0x10002002, 0x00012002, 0x10012002, - 0x00040000, 0x10040000, 0x00050000, 0x10050000, - 0x00040002, 0x10040002, 0x00050002, 0x10050002, - 0x00042000, 0x10042000, 0x00052000, 0x10052000, - 0x00042002, 0x10042002, 0x00052002, 0x10052002, - 0x20000000, 0x30000000, 0x20010000, 0x30010000, - 0x20000002, 0x30000002, 0x20010002, 0x30010002, - 0x20002000, 0x30002000, 0x20012000, 0x30012000, - 0x20002002, 0x30002002, 0x20012002, 0x30012002, - 0x20040000, 0x30040000, 0x20050000, 0x30050000, - 0x20040002, 0x30040002, 0x20050002, 0x30050002, - 0x20042000, 0x30042000, 0x20052000, 0x30052000, - 0x20042002, 0x30042002, 0x20052002, 0x30052002, - - 0x00000000, 0x04000000, 0x00000001, 0x04000001, - 0x01000000, 0x05000000, 0x01000001, 0x05000001, - 0x00000010, 0x04000010, 0x00000011, 0x04000011, - 0x01000010, 0x05000010, 0x01000011, 0x05000011, - 0x00080000, 0x04080000, 0x00080001, 0x04080001, - 0x01080000, 0x05080000, 0x01080001, 0x05080001, - 0x00080010, 0x04080010, 0x00080011, 0x04080011, - 0x01080010, 0x05080010, 0x01080011, 0x05080011, - 0x00000800, 0x04000800, 0x00000801, 0x04000801, - 0x01000800, 0x05000800, 0x01000801, 0x05000801, - 0x00000810, 0x04000810, 0x00000811, 0x04000811, - 0x01000810, 0x05000810, 0x01000811, 0x05000811, - 0x00080800, 0x04080800, 0x00080801, 0x04080801, - 0x01080800, 0x05080800, 0x01080801, 0x05080801, - 0x00080810, 0x04080810, 0x00080811, 0x04080811, - 0x01080810, 0x05080810, 0x01080811, 0x05080811 -}; - - - -/* - * Permute the key to give us our key schedule. - */ -int -make_key_sched(key, schedule) - des_cblock *key; - des_key_schedule schedule; -{ - register unsigned long c, d; - - { - /* - * Need a pointer for the keys and a temporary long - */ - register unsigned char *k; - register unsigned long tmp; - - /* - * Fetch the key into something we can work with - */ - k = (unsigned char *)key; - - /* - * The first permutted choice gives us the 28 bits for C0 and - * 28 for D0. C0 gets 12 bits from the left key and 16 from - * the right, while D0 gets 16 from the left and 12 from the - * right. The code knows which bits go where. - */ - tmp = ((u_int32)(*(k)++)) << 24; - tmp |= ((u_int32)(*(k)++)) << 16; - tmp |= ((u_int32)(*(k)++)) << 8; - tmp |= (u_int32)(*(k)++); /* left part of key */ - c = PC1_CL[(tmp >> 29) & 0x7] - | (PC1_CL[(tmp >> 21) & 0x7] << 1) - | (PC1_CL[(tmp >> 13) & 0x7] << 2) - | (PC1_CL[(tmp >> 5) & 0x7] << 3); - d = PC1_DL[(tmp >> 25) & 0xf] - | (PC1_DL[(tmp >> 17) & 0xf] << 1) - | (PC1_DL[(tmp >> 9) & 0xf] << 2) - | (PC1_DL[(tmp >> 1) & 0xf] << 3); - - tmp = ((u_int32)(*(k)++)) << 24; - tmp |= ((u_int32)(*(k)++)) << 16; - tmp |= ((u_int32)(*(k)++)) << 8; - tmp |= (u_int32)(*(k)++); /* right part of key */ - c |= PC1_CR[(tmp >> 28) & 0xf] - | (PC1_CR[(tmp >> 20) & 0xf] << 1) - | (PC1_CR[(tmp >> 12) & 0xf] << 2) - | (PC1_CR[(tmp >> 4) & 0xf] << 3); - d |= PC1_DR[(tmp >> 25) & 0x7] - | (PC1_DR[(tmp >> 17) & 0x7] << 1) - | (PC1_DR[(tmp >> 9) & 0x7] << 2) - | (PC1_DR[(tmp >> 1) & 0x7] << 3); - } - - { - /* - * Need several temporaries in here - */ - register unsigned long ltmp, rtmp; - register u_int32 *k; - register int two_bit_shifts; - register int i; - /* - * Now iterate to compute the key schedule. Note that we - * record the entire set of subkeys in 6 bit chunks since - * they are used that way. At 6 bits/char, we need - * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes. - * The schedule must be this big. - */ - k = (u_int32 *)schedule; - two_bit_shifts = TWO_BIT_SHIFTS; - for (i = 16; i > 0; i--) { - /* - * Do the rotation. One bit and two bit rotations - * are done separately. Note C and D are 28 bits. - */ - if (two_bit_shifts & 0x1) { - c = ((c << 2) & 0xffffffc) | (c >> 26); - d = ((d << 2) & 0xffffffc) | (d >> 26); - } else { - c = ((c << 1) & 0xffffffe) | (c >> 27); - d = ((d << 1) & 0xffffffe) | (d >> 27); - } - two_bit_shifts >>= 1; - - /* - * Apply permutted choice 2 to C to get the first - * 24 bits worth of keys. Note that bits 9, 18, 22 - * and 25 (using DES numbering) in C are unused. The - * shift-mask stuff is done to delete these bits from - * the indices, since this cuts the table size in half. - * - * The table is torqued, by the way. If the standard - * byte order for this (high to low order) is 1234, - * the table actually gives us 4132. - */ - ltmp = PC2_C[0][((c >> 22) & 0x3f)] - | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)] - | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)] - | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)]; - /* - * Apply permutted choice 2 to D to get the other half. - * Here, bits 7, 10, 15 and 26 go unused. The sqeezing - * actually turns out to be cheaper here. - * - * This table is similarly torqued. If the standard - * byte order is 5678, the table has the bytes permuted - * to give us 7685. - */ - rtmp = PC2_D[0][((d >> 22) & 0x3f)] - | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)] - | PC2_D[2][((d >> 7) & 0x3f)] - | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)]; - - /* - * Make up two words of the key schedule, with a - * byte order which is convenient for the DES - * inner loop. The high order (first) word will - * hold bytes 7135 (high to low order) while the - * second holds bytes 4682. - */ - *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff); - *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00); - } - } - return (0); -} diff --git a/libdes/f_tables.c b/libdes/f_tables.c deleted file mode 100644 index 396c7a8..0000000 --- a/libdes/f_tables.c +++ /dev/null @@ -1,341 +0,0 @@ -/* - * Copyright (c) 1990 Dennis Ferguson. All rights reserved. - * - * Commercial use is permitted only if products which are derived from - * or include this software are made available for purchase and/or use - * in Canada. Otherwise, redistribution and use in source and binary - * forms are permitted. - */ - -/* - * des_tables.c - precomputed tables used for the DES cipher function - */ - -/* - * Include the header file so something will complain if the - * declarations get out of sync - */ -#include "f_tables.h" - -/* - * These tables may be declared const if you want. Many compilers - * don't support this, though. - */ - -/* - * The DES algorithm which uses these is intended to be fairly speedy - * at the expense of some memory. All the standard hacks are used. - * The S boxes and the P permutation are precomputed into one table. - * The E box never actually appears explicitly since it is easy to apply - * this algorithmically as needed. The initial permutation and final - * (inverse initial) permutation are computed from tables designed to - * permute one byte at a time. This should run pretty fast on machines - * with 32 bit words and bit field/multiple bit shift instructions which - * are fast. - */ - -/* - * The initial permutation array. This is used to compute both the - * left and the right halves of the initial permutation using bytes - * from words made from the following operations: - * - * ((left & 0x55555555) << 1) | (right & 0x55555555) for left half - * (left & 0xaaaaaaaa) | ((right & 0xaaaaaaaa) >> 1) for right half - * - * The scheme is that we index into the table using each byte. The - * result from the high order byte is or'd with the result from the - * next byte shifted left once is or'd with the result from the next - * byte shifted left twice if or'd with the result from the low order - * byte shifted left by three. Clear? - */ - -unsigned long des_IP_table[256] = { - 0x00000000, 0x00000010, 0x00000001, 0x00000011, - 0x00001000, 0x00001010, 0x00001001, 0x00001011, - 0x00000100, 0x00000110, 0x00000101, 0x00000111, - 0x00001100, 0x00001110, 0x00001101, 0x00001111, - 0x00100000, 0x00100010, 0x00100001, 0x00100011, - 0x00101000, 0x00101010, 0x00101001, 0x00101011, - 0x00100100, 0x00100110, 0x00100101, 0x00100111, - 0x00101100, 0x00101110, 0x00101101, 0x00101111, - 0x00010000, 0x00010010, 0x00010001, 0x00010011, - 0x00011000, 0x00011010, 0x00011001, 0x00011011, - 0x00010100, 0x00010110, 0x00010101, 0x00010111, - 0x00011100, 0x00011110, 0x00011101, 0x00011111, - 0x00110000, 0x00110010, 0x00110001, 0x00110011, - 0x00111000, 0x00111010, 0x00111001, 0x00111011, - 0x00110100, 0x00110110, 0x00110101, 0x00110111, - 0x00111100, 0x00111110, 0x00111101, 0x00111111, - 0x10000000, 0x10000010, 0x10000001, 0x10000011, - 0x10001000, 0x10001010, 0x10001001, 0x10001011, - 0x10000100, 0x10000110, 0x10000101, 0x10000111, - 0x10001100, 0x10001110, 0x10001101, 0x10001111, - 0x10100000, 0x10100010, 0x10100001, 0x10100011, - 0x10101000, 0x10101010, 0x10101001, 0x10101011, - 0x10100100, 0x10100110, 0x10100101, 0x10100111, - 0x10101100, 0x10101110, 0x10101101, 0x10101111, - 0x10010000, 0x10010010, 0x10010001, 0x10010011, - 0x10011000, 0x10011010, 0x10011001, 0x10011011, - 0x10010100, 0x10010110, 0x10010101, 0x10010111, - 0x10011100, 0x10011110, 0x10011101, 0x10011111, - 0x10110000, 0x10110010, 0x10110001, 0x10110011, - 0x10111000, 0x10111010, 0x10111001, 0x10111011, - 0x10110100, 0x10110110, 0x10110101, 0x10110111, - 0x10111100, 0x10111110, 0x10111101, 0x10111111, - 0x01000000, 0x01000010, 0x01000001, 0x01000011, - 0x01001000, 0x01001010, 0x01001001, 0x01001011, - 0x01000100, 0x01000110, 0x01000101, 0x01000111, - 0x01001100, 0x01001110, 0x01001101, 0x01001111, - 0x01100000, 0x01100010, 0x01100001, 0x01100011, - 0x01101000, 0x01101010, 0x01101001, 0x01101011, - 0x01100100, 0x01100110, 0x01100101, 0x01100111, - 0x01101100, 0x01101110, 0x01101101, 0x01101111, - 0x01010000, 0x01010010, 0x01010001, 0x01010011, - 0x01011000, 0x01011010, 0x01011001, 0x01011011, - 0x01010100, 0x01010110, 0x01010101, 0x01010111, - 0x01011100, 0x01011110, 0x01011101, 0x01011111, - 0x01110000, 0x01110010, 0x01110001, 0x01110011, - 0x01111000, 0x01111010, 0x01111001, 0x01111011, - 0x01110100, 0x01110110, 0x01110101, 0x01110111, - 0x01111100, 0x01111110, 0x01111101, 0x01111111, - 0x11000000, 0x11000010, 0x11000001, 0x11000011, - 0x11001000, 0x11001010, 0x11001001, 0x11001011, - 0x11000100, 0x11000110, 0x11000101, 0x11000111, - 0x11001100, 0x11001110, 0x11001101, 0x11001111, - 0x11100000, 0x11100010, 0x11100001, 0x11100011, - 0x11101000, 0x11101010, 0x11101001, 0x11101011, - 0x11100100, 0x11100110, 0x11100101, 0x11100111, - 0x11101100, 0x11101110, 0x11101101, 0x11101111, - 0x11010000, 0x11010010, 0x11010001, 0x11010011, - 0x11011000, 0x11011010, 0x11011001, 0x11011011, - 0x11010100, 0x11010110, 0x11010101, 0x11010111, - 0x11011100, 0x11011110, 0x11011101, 0x11011111, - 0x11110000, 0x11110010, 0x11110001, 0x11110011, - 0x11111000, 0x11111010, 0x11111001, 0x11111011, - 0x11110100, 0x11110110, 0x11110101, 0x11110111, - 0x11111100, 0x11111110, 0x11111101, 0x11111111 -}; - -/* - * The final permutation array. Like the IP array, used - * to compute both the left and right results from the bytes - * of words computed from: - * - * ((left & 0x0f0f0f0f) << 4) | (right & 0x0f0f0f0f) for left result - * (left & 0xf0f0f0f0) | ((right & 0xf0f0f0f0) >> 4) for right result - * - * The result from the high order byte is shifted left 6 bits and - * or'd with the result from the next byte shifted left 4 bits, which - * is or'd with the result from the next byte shifted left 2 bits, - * which is or'd with the result from the low byte. - */ -unsigned long des_FP_table[256] = { - 0x00000000, 0x02000000, 0x00020000, 0x02020000, - 0x00000200, 0x02000200, 0x00020200, 0x02020200, - 0x00000002, 0x02000002, 0x00020002, 0x02020002, - 0x00000202, 0x02000202, 0x00020202, 0x02020202, - 0x01000000, 0x03000000, 0x01020000, 0x03020000, - 0x01000200, 0x03000200, 0x01020200, 0x03020200, - 0x01000002, 0x03000002, 0x01020002, 0x03020002, - 0x01000202, 0x03000202, 0x01020202, 0x03020202, - 0x00010000, 0x02010000, 0x00030000, 0x02030000, - 0x00010200, 0x02010200, 0x00030200, 0x02030200, - 0x00010002, 0x02010002, 0x00030002, 0x02030002, - 0x00010202, 0x02010202, 0x00030202, 0x02030202, - 0x01010000, 0x03010000, 0x01030000, 0x03030000, - 0x01010200, 0x03010200, 0x01030200, 0x03030200, - 0x01010002, 0x03010002, 0x01030002, 0x03030002, - 0x01010202, 0x03010202, 0x01030202, 0x03030202, - 0x00000100, 0x02000100, 0x00020100, 0x02020100, - 0x00000300, 0x02000300, 0x00020300, 0x02020300, - 0x00000102, 0x02000102, 0x00020102, 0x02020102, - 0x00000302, 0x02000302, 0x00020302, 0x02020302, - 0x01000100, 0x03000100, 0x01020100, 0x03020100, - 0x01000300, 0x03000300, 0x01020300, 0x03020300, - 0x01000102, 0x03000102, 0x01020102, 0x03020102, - 0x01000302, 0x03000302, 0x01020302, 0x03020302, - 0x00010100, 0x02010100, 0x00030100, 0x02030100, - 0x00010300, 0x02010300, 0x00030300, 0x02030300, - 0x00010102, 0x02010102, 0x00030102, 0x02030102, - 0x00010302, 0x02010302, 0x00030302, 0x02030302, - 0x01010100, 0x03010100, 0x01030100, 0x03030100, - 0x01010300, 0x03010300, 0x01030300, 0x03030300, - 0x01010102, 0x03010102, 0x01030102, 0x03030102, - 0x01010302, 0x03010302, 0x01030302, 0x03030302, - 0x00000001, 0x02000001, 0x00020001, 0x02020001, - 0x00000201, 0x02000201, 0x00020201, 0x02020201, - 0x00000003, 0x02000003, 0x00020003, 0x02020003, - 0x00000203, 0x02000203, 0x00020203, 0x02020203, - 0x01000001, 0x03000001, 0x01020001, 0x03020001, - 0x01000201, 0x03000201, 0x01020201, 0x03020201, - 0x01000003, 0x03000003, 0x01020003, 0x03020003, - 0x01000203, 0x03000203, 0x01020203, 0x03020203, - 0x00010001, 0x02010001, 0x00030001, 0x02030001, - 0x00010201, 0x02010201, 0x00030201, 0x02030201, - 0x00010003, 0x02010003, 0x00030003, 0x02030003, - 0x00010203, 0x02010203, 0x00030203, 0x02030203, - 0x01010001, 0x03010001, 0x01030001, 0x03030001, - 0x01010201, 0x03010201, 0x01030201, 0x03030201, - 0x01010003, 0x03010003, 0x01030003, 0x03030003, - 0x01010203, 0x03010203, 0x01030203, 0x03030203, - 0x00000101, 0x02000101, 0x00020101, 0x02020101, - 0x00000301, 0x02000301, 0x00020301, 0x02020301, - 0x00000103, 0x02000103, 0x00020103, 0x02020103, - 0x00000303, 0x02000303, 0x00020303, 0x02020303, - 0x01000101, 0x03000101, 0x01020101, 0x03020101, - 0x01000301, 0x03000301, 0x01020301, 0x03020301, - 0x01000103, 0x03000103, 0x01020103, 0x03020103, - 0x01000303, 0x03000303, 0x01020303, 0x03020303, - 0x00010101, 0x02010101, 0x00030101, 0x02030101, - 0x00010301, 0x02010301, 0x00030301, 0x02030301, - 0x00010103, 0x02010103, 0x00030103, 0x02030103, - 0x00010303, 0x02010303, 0x00030303, 0x02030303, - 0x01010101, 0x03010101, 0x01030101, 0x03030101, - 0x01010301, 0x03010301, 0x01030301, 0x03030301, - 0x01010103, 0x03010103, 0x01030103, 0x03030103, - 0x01010303, 0x03010303, 0x01030303, 0x03030303 -}; - - -/* - * The SP table is actually the S boxes and the P permutation - * table combined. This table is actually reordered from the - * spec, to match the order of key application we follow. - */ -unsigned long des_SP_table[8][64] = { - 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */ - 0x00000400, 0x02000401, 0x00100401, 0x02100400, - 0x02100401, 0x00100000, 0x00000000, 0x02000001, - 0x00000001, 0x02000000, 0x02100001, 0x00000401, - 0x02000400, 0x00100401, 0x00100001, 0x02000400, - 0x02000001, 0x02100000, 0x02100400, 0x00100001, - 0x02100000, 0x00000400, 0x00000401, 0x02100401, - 0x00100400, 0x00000001, 0x02000000, 0x00100400, - 0x02000000, 0x00100400, 0x00100000, 0x02000401, - 0x02000401, 0x02100001, 0x02100001, 0x00000001, - 0x00100001, 0x02000000, 0x02000400, 0x00100000, - 0x02100400, 0x00000401, 0x00100401, 0x02100400, - 0x00000401, 0x02000001, 0x02100401, 0x02100000, - 0x00100400, 0x00000000, 0x00000001, 0x02100401, - 0x00000000, 0x00100401, 0x02100000, 0x00000400, - 0x02000001, 0x02000400, 0x00000400, 0x00100001, - - 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */ - 0x00808002, 0x00008202, 0x00000002, 0x00008000, - 0x00000200, 0x00808200, 0x00808202, 0x00000200, - 0x00800202, 0x00808002, 0x00800000, 0x00000002, - 0x00000202, 0x00800200, 0x00800200, 0x00008200, - 0x00008200, 0x00808000, 0x00808000, 0x00800202, - 0x00008002, 0x00800002, 0x00800002, 0x00008002, - 0x00000000, 0x00000202, 0x00008202, 0x00800000, - 0x00008000, 0x00808202, 0x00000002, 0x00808000, - 0x00808200, 0x00800000, 0x00800000, 0x00000200, - 0x00808002, 0x00008000, 0x00008200, 0x00800002, - 0x00000200, 0x00000002, 0x00800202, 0x00008202, - 0x00808202, 0x00008002, 0x00808000, 0x00800202, - 0x00800002, 0x00000202, 0x00008202, 0x00808200, - 0x00000202, 0x00800200, 0x00800200, 0x00000000, - 0x00008002, 0x00008200, 0x00000000, 0x00808002, - - 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */ - 0x04000100, 0x00000000, 0x00010104, 0x04000100, - 0x00010004, 0x04000004, 0x04000004, 0x00010000, - 0x04010104, 0x00010004, 0x04010000, 0x00000104, - 0x04000000, 0x00000004, 0x04010100, 0x00000100, - 0x00010100, 0x04010000, 0x04010004, 0x00010104, - 0x04000104, 0x00010100, 0x00010000, 0x04000104, - 0x00000004, 0x04010104, 0x00000100, 0x04000000, - 0x04010100, 0x04000000, 0x00010004, 0x00000104, - 0x00010000, 0x04010100, 0x04000100, 0x00000000, - 0x00000100, 0x00010004, 0x04010104, 0x04000100, - 0x04000004, 0x00000100, 0x00000000, 0x04010004, - 0x04000104, 0x00010000, 0x04000000, 0x04010104, - 0x00000004, 0x00010104, 0x00010100, 0x04000004, - 0x04010000, 0x04000104, 0x00000104, 0x04010000, - 0x00010104, 0x00000004, 0x04010004, 0x00010100, - - 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */ - 0x00040000, 0x00000080, 0x20000000, 0x01040000, - 0x20040080, 0x00040000, 0x01000080, 0x20040080, - 0x21000080, 0x21040000, 0x00040080, 0x20000000, - 0x01000000, 0x20040000, 0x20040000, 0x00000000, - 0x20000080, 0x21040080, 0x21040080, 0x01000080, - 0x21040000, 0x20000080, 0x00000000, 0x21000000, - 0x01040080, 0x01000000, 0x21000000, 0x00040080, - 0x00040000, 0x21000080, 0x00000080, 0x01000000, - 0x20000000, 0x01040000, 0x21000080, 0x20040080, - 0x01000080, 0x20000000, 0x21040000, 0x01040080, - 0x20040080, 0x00000080, 0x01000000, 0x21040000, - 0x21040080, 0x00040080, 0x21000000, 0x21040080, - 0x01040000, 0x00000000, 0x20040000, 0x21000000, - 0x00040080, 0x01000080, 0x20000080, 0x00040000, - 0x00000000, 0x20040000, 0x01040080, 0x20000080, - - 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */ - 0x00401040, 0x80400040, 0x80400000, 0x80001000, - 0x00000000, 0x00401000, 0x00401000, 0x80401040, - 0x80000040, 0x00000000, 0x00400040, 0x80400000, - 0x80000000, 0x00001000, 0x00400000, 0x80401000, - 0x00000040, 0x00400000, 0x80001000, 0x00001040, - 0x80400040, 0x80000000, 0x00001040, 0x00400040, - 0x00001000, 0x00401040, 0x80401040, 0x80000040, - 0x00400040, 0x80400000, 0x00401000, 0x80401040, - 0x80000040, 0x00000000, 0x00000000, 0x00401000, - 0x00001040, 0x00400040, 0x80400040, 0x80000000, - 0x80401000, 0x80001040, 0x80001040, 0x00000040, - 0x80401040, 0x80000040, 0x80000000, 0x00001000, - 0x80400000, 0x80001000, 0x00401040, 0x80400040, - 0x80001000, 0x00001040, 0x00400000, 0x80401000, - 0x00000040, 0x00400000, 0x00001000, 0x00401040, - - 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */ - 0x10200000, 0x00000008, 0x10202008, 0x00200000, - 0x10002000, 0x00202008, 0x00200000, 0x10000008, - 0x00200008, 0x10002000, 0x10000000, 0x00002008, - 0x00000000, 0x00200008, 0x10002008, 0x00002000, - 0x00202000, 0x10002008, 0x00000008, 0x10200008, - 0x10200008, 0x00000000, 0x00202008, 0x10202000, - 0x00002008, 0x00202000, 0x10202000, 0x10000000, - 0x10002000, 0x00000008, 0x10200008, 0x00202000, - 0x10202008, 0x00200000, 0x00002008, 0x10000008, - 0x00200000, 0x10002000, 0x10000000, 0x00002008, - 0x10000008, 0x10202008, 0x00202000, 0x10200000, - 0x00202008, 0x10202000, 0x00000000, 0x10200008, - 0x00000008, 0x00002000, 0x10200000, 0x00202008, - 0x00002000, 0x00200008, 0x10002008, 0x00000000, - 0x10202000, 0x10000000, 0x00200008, 0x10002008, - - 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */ - 0x08000000, 0x08000820, 0x00000020, 0x08000000, - 0x00020020, 0x08020000, 0x08020820, 0x00020800, - 0x08020800, 0x00020820, 0x00000800, 0x00000020, - 0x08020000, 0x08000020, 0x08000800, 0x00000820, - 0x00020800, 0x00020020, 0x08020020, 0x08020800, - 0x00000820, 0x00000000, 0x00000000, 0x08020020, - 0x08000020, 0x08000800, 0x00020820, 0x00020000, - 0x00020820, 0x00020000, 0x08020800, 0x00000800, - 0x00000020, 0x08020020, 0x00000800, 0x00020820, - 0x08000800, 0x00000020, 0x08000020, 0x08020000, - 0x08020020, 0x08000000, 0x00020000, 0x08000820, - 0x00000000, 0x08020820, 0x00020020, 0x08000020, - 0x08020000, 0x08000800, 0x08000820, 0x00000000, - 0x08020820, 0x00020800, 0x00020800, 0x00000820, - 0x00000820, 0x00020020, 0x08000000, 0x08020800, - - 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */ - 0x00080000, 0x00000010, 0x40080010, 0x40004010, - 0x40000010, 0x40084010, 0x40084000, 0x40000000, - 0x40004000, 0x00080000, 0x00000010, 0x40080010, - 0x00084000, 0x00080010, 0x40004010, 0x00000000, - 0x40000000, 0x00004000, 0x00084010, 0x40080000, - 0x00080010, 0x40000010, 0x00000000, 0x00084000, - 0x00004010, 0x40084000, 0x40080000, 0x00004010, - 0x00000000, 0x00084010, 0x40080010, 0x00080000, - 0x40004010, 0x40080000, 0x40084000, 0x00004000, - 0x40080000, 0x40004000, 0x00000010, 0x40084010, - 0x00084010, 0x00000010, 0x00004000, 0x40000000, - 0x00004010, 0x40084000, 0x00080000, 0x40000010, - 0x00080010, 0x40004010, 0x40000010, 0x00080010, - 0x00084000, 0x00000000, 0x40004000, 0x00004010, - 0x40000000, 0x40080010, 0x40084010, 0x00084000 -}; diff --git a/libdes/f_tables.h b/libdes/f_tables.h deleted file mode 100644 index db9cbb9..0000000 --- a/libdes/f_tables.h +++ /dev/null @@ -1,223 +0,0 @@ -/* - * Copyright (c) 1990 Dennis Ferguson. All rights reserved. - * - * Commercial use is permitted only if products which are derived from - * or include this software are made available for purchase and/or use - * in Canada. Otherwise, redistribution and use in source and binary - * forms are permitted. - */ - -/* - * des_tables.h - declarations to import the DES tables, used internally - * by some of the library routines. - */ -#ifndef __DES_TABLES_H__ -#define __DES_TABLES_H__ /* nothing */ - -/* - * These may be declared const if you wish. Be sure to change the - * declarations in des_tables.c as well. - */ -extern unsigned long des_IP_table[256]; -extern unsigned long des_FP_table[256]; -extern unsigned long des_SP_table[8][64]; - -/* - * Use standard shortforms to reference these to save typing - */ -#define IP des_IP_table -#define FP des_FP_table -#define SP des_SP_table - -/* - * Code to do a DES round using the tables. Note that the E expansion - * is easy to compute algorithmically, especially if done out-of-order. - * Take a look at its form and compare it to everything involving temp - * below. Since SP[0-7] don't have any bits in common set it is okay - * to do the successive xor's. - * - * Note too that the SP table has been reordered to match the order of - * the keys (if the original order of SP was 12345678, the reordered - * table is 71354682). This is unnecessary, but was done since some - * compilers seem to like you going through the matrix from beginning - * to end. - * - * There is a difference in the best way to do this depending on whether - * one is encrypting or decrypting. If encrypting we move forward through - * the keys and hence should move forward through the table. If decrypting - * we go back. Part of the need for this comes from trying to emulate - * existing software which generates a single key schedule and uses it - * both for encrypting and decrypting. Generating separate encryption - * and decryption key schedules would allow one to use the same code - * for both. - * - * left, right and temp should be unsigned long values. left and right - * should be the high and low order parts of the cipher block at the - * current stage of processing (this makes sense if you read the spec). - * kp should be an unsigned long pointer which points at the current - * set of subkeys in the key schedule. It is advanced to the next set - * (i.e. by 8 bytes) when this is done. - * - * This occurs in the innermost loop of the DES function. The four - * variables should really be in registers. - * - * When using this, the inner loop of the DES function might look like: - * - * for (i = 0; i < 8; i++) { - * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp); - * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp); - * } - * - * Note the trick above. You are supposed to do 16 rounds, swapping - * left and right at the end of each round. By doing two rounds at - * a time and swapping left and right in the code we can avoid the - * swaps altogether. - */ -#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) \ - (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \ - (left) ^= SP[0][((temp) >> 24) & 0x3f] \ - | SP[1][((temp) >> 16) & 0x3f] \ - | SP[2][((temp) >> 8) & 0x3f] \ - | SP[3][((temp) ) & 0x3f]; \ - (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \ - (left) ^= SP[4][((temp) >> 24) & 0x3f] \ - | SP[5][((temp) >> 16) & 0x3f] \ - | SP[6][((temp) >> 8) & 0x3f] \ - | SP[7][((temp) ) & 0x3f] - -#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) \ - (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \ - (left) ^= SP[7][((temp) ) & 0x3f] \ - | SP[6][((temp) >> 8) & 0x3f] \ - | SP[5][((temp) >> 16) & 0x3f] \ - | SP[4][((temp) >> 24) & 0x3f]; \ - (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \ - (left) ^= SP[3][((temp) ) & 0x3f] \ - | SP[2][((temp) >> 8) & 0x3f] \ - | SP[1][((temp) >> 16) & 0x3f] \ - | SP[0][((temp) >> 24) & 0x3f] - -/* - * Macros to help deal with the initial permutation table. Note - * the IP table only deals with 32 bits at a time, allowing us to - * collect the bits we need to deal with each half into an unsigned - * long. By carefully selecting how the bits are ordered we also - * take advantages of symmetries in the table so that we can use a - * single table to compute the permutation of all bytes. This sounds - * complicated, but if you go through the process of designing the - * table you'll find the symmetries fall right out. - * - * The follow macros compute the set of bits used to index the - * table for produce the left and right permuted result. - */ -#define DES_IP_LEFT_BITS(left, right) \ - ((((left) & 0x55555555) << 1) | ((right) & 0x55555555)) -#define DES_IP_RIGHT_BITS(left, right) \ - (((left) & 0xaaaaaaaa) | (((right) & 0xaaaaaaaa) >> 1)) - -/* - * The following macro does an in-place initial permutation given - * the current left and right parts of the block and a single - * temporary. Use this more as a guide for rolling your own, though. - * The best way to do the IP depends on the form of the data you - * are dealing with. If you use this, though, try to make left, - * right and temp register unsigned longs. - */ -#define DES_INITIAL_PERM(left, right, temp) \ - (temp) = DES_IP_RIGHT_BITS((left), (right)); \ - (right) = DES_IP_LEFT_BITS((left), (right)); \ - (left) = IP[((right) >> 24) & 0xff] \ - | (IP[((right) >> 16) & 0xff] << 1) \ - | (IP[((right) >> 8) & 0xff] << 2) \ - | (IP[(right) & 0xff] << 3); \ - (right) = IP[((temp) >> 24) & 0xff] \ - | (IP[((temp) >> 16) & 0xff] << 1) \ - | (IP[((temp) >> 8) & 0xff] << 2) \ - | (IP[(temp) & 0xff] << 3) - - -/* - * Now the final permutation stuff. The same comments apply to - * this as to the initial permutation, except that we use different - * bits and shifts. - */ -#define DES_FP_LEFT_BITS(left, right) \ - ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f)) -#define DES_FP_RIGHT_BITS(left, right) \ - (((left) & 0xf0f0f0f0) | (((right) & 0xf0f0f0f0) >> 4)) - - -/* - * Here is a sample final permutation. Note that there is a trick - * here. DES requires swapping the left and right parts after the - * last cipher round but before the final permutation. We do this - * swapping internally, which is why left and right are confused - * at the beginning. - */ -#define DES_FINAL_PERM(left, right, temp) \ - (temp) = DES_FP_RIGHT_BITS((right), (left)); \ - (right) = DES_FP_LEFT_BITS((right), (left)); \ - (left) = (FP[((right) >> 24) & 0xff] << 6) \ - | (FP[((right) >> 16) & 0xff] << 4) \ - | (FP[((right) >> 8) & 0xff] << 2) \ - | FP[(right) & 0xff]; \ - (right) = (FP[((temp) >> 24) & 0xff] << 6) \ - | (FP[((temp) >> 16) & 0xff] << 4) \ - | (FP[((temp) >> 8) & 0xff] << 2) \ - | FP[temp & 0xff] - - -/* - * Finally, as a sample of how all this might be held together, the - * following two macros do in-place encryptions and decryptions. left - * and right are two unsigned long variables which at the beginning - * are expected to hold the clear (encrypted) block in host byte order - * (left the high order four bytes, right the low order). At the end - * they will contain the encrypted (clear) block. temp is an unsigned long - * used as a temporary. kp is an unsigned long pointer pointing at - * the start of the key schedule. All these should be in registers. - * - * You can probably do better than these by rewriting for particular - * situations. These aren't bad, though. - */ -#define DES_DO_ENCRYPT(left, right, temp, kp) \ - do { \ - register int i; \ - DES_INITIAL_PERM((left), (right), (temp)); \ - for (i = 0; i < 8; i++) { \ - DES_SP_ENCRYPT_ROUND((left), (right), (temp), (kp)); \ - DES_SP_ENCRYPT_ROUND((right), (left), (temp), (kp)); \ - } \ - DES_FINAL_PERM((left), (right), (temp)); \ - (kp) -= (2 * 16); \ - } while (0) - -#define DES_DO_DECRYPT(left, right, temp, kp) \ - do { \ - register int i; \ - DES_INITIAL_PERM((left), (right), (temp)); \ - (kp) += (2 * 16); \ - for (i = 0; i < 8; i++) { \ - DES_SP_DECRYPT_ROUND((left), (right), (temp), (kp)); \ - DES_SP_DECRYPT_ROUND((right), (left), (temp), (kp)); \ - } \ - DES_FINAL_PERM((left), (right), (temp)); \ - } while (0) - -/* - * These are handy dandy utility thingies for straightening out bytes. - * Included here because they're used a couple of places. - */ -#define GET_HALF_BLOCK(lr, ip) \ - (lr) = ((u_int32)(*(ip)++)) << 24; \ - (lr) |= ((u_int32)(*(ip)++)) << 16; \ - (lr) |= ((u_int32)(*(ip)++)) << 8; \ - (lr) |= (u_int32)(*(ip)++) - -#define PUT_HALF_BLOCK(lr, op) \ - *(op)++ = ((lr) >> 24) & 0xff; \ - *(op)++ = ((lr) >> 16) & 0xff; \ - *(op)++ = ((lr) >> 8) & 0xff; \ - *(op)++ = (lr) & 0xff - -#endif /* __DES_TABLES_H__ */ diff --git a/libdes/key_sched.c b/libdes/key_sched.c deleted file mode 100644 index 04fc12b..0000000 --- a/libdes/key_sched.c +++ /dev/null @@ -1,58 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * This routine computes the DES key schedule given a key. The - * permutations and shifts have been done at compile time, resulting - * in a direct one-step mapping from the input key to the key - * schedule. - * - * Also checks parity and weak keys. - * - * Watch out for the subscripts -- most effectively start at 1 instead - * of at zero. Maybe some bugs in that area. - * - * DON'T change the data types for arrays and such, or it will either - * break or run slower. This was optimized for Uvax2. - * - * In case the user wants to cache the computed key schedule, it is - * passed as an arg. Also implies that caller has explicit control - * over zeroing both the key schedule and the key. - * - * All registers labeled imply Vax using the Ultrix or 4.2bsd compiler. - * - * Originally written 6/85 by Steve Miller, MIT Project Athena. - */ - -#ifndef lint -static char rcsid_key_sched_c[] = - "$Id$"; -#endif - -#include <mit-copyright.h> -#include <stdio.h> -#include "des.h" - -int -des_key_sched(k,schedule) - register des_cblock k; - des_key_schedule schedule; -{ - if (!des_check_key_parity(k)) /* bad parity --> return -1 */ - return(-1); - - /* check against weak keys */ - if (des_is_weak_key(k)) - return(-2); - - make_key_sched(k,schedule); - - /* if key was good, return 0 */ - return 0; -} diff --git a/libdes/new_rnd_key.c b/libdes/new_rnd_key.c deleted file mode 100644 index 4ee0218..0000000 --- a/libdes/new_rnd_key.c +++ /dev/null @@ -1,207 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * New pseudo-random key generator, using DES encryption to make the - * pseudo-random cycle as hard to break as DES. - * - * Written by Mark Lillibridge, MIT Project Athena - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - */ - -#ifndef lint -static char rcsid_new_rnd_key_c[] = - "$Id"; -#endif - -#include <mit-copyright.h> - -#include <des.h> -#include <time.h> -#include <time.h> -#include <sys/time.h> - -extern void des_fixup_key_parity(); -extern int des_is_weak_key(); - -void des_set_random_generator_seed(), des_set_sequence_number(); -void des_generate_random_block(); - -/* - * des_new_random_key: create a random des key - * - * Requires: des_set_random_number_generater_seed must be at called least - * once before this routine is called. - * - * Notes: the returned key has correct parity and is guarenteed not - * to be a weak des key. Des_generate_random_block is used to - * provide the random bits. - */ -int -des_new_random_key(key) - des_cblock key; -{ - do { - des_generate_random_block(key); - des_fixup_key_parity(key); - } while (des_is_weak_key(key)); - - return(0); -} - -/* - * des_init_random_number_generator: - * - * This routine takes a secret key possibly shared by a number - * of servers and uses it to generate a random number stream that is - * not shared by any of the other servers. It does this by using the current - * process id, host id, and the current time to the nearest second. The - * resulting stream seed is not useful information for cracking the secret - * key. Moreover, this routine keeps no copy of the secret key. - * This routine is used for example, by the kerberos server(s) with the - * key in question being the kerberos master key. - * - * Note: this routine calls des_set_random_generator_seed. - */ - -void des_init_random_number_generator(key) - des_cblock key; -{ - struct { /* This must be 64 bits exactly */ - long process_id; - long host_id; - } seed; - struct timeval time; /* this must also be 64 bits exactly */ - des_cblock new_key; - - /* - * use a host id and process id in generating the seed to ensure - * that different servers have different streams: - */ - seed.process_id = getpid(); -#if !defined(SOLARIS) - seed.host_id = gethostid(); -#endif - - /* - * Generate a tempory value that depends on the key, host_id, and - * process_id such that it gives no useful information about the key: - */ - des_set_random_generator_seed(key); - des_set_sequence_number((unsigned char *)&seed); - des_new_random_key(new_key); - - /* - * use it to select a random stream: - */ - des_set_random_generator_seed(new_key); - - /* - * use a time stamp to ensure that a server started later does not reuse - * an old stream: - */ - gettimeofday(&time, (struct timezone *)0); - des_set_sequence_number((unsigned char *)&time); - - /* - * use the time stamp finally to select the final seed using the - * current random number stream: - */ - des_new_random_key(new_key); - des_set_random_generator_seed(new_key); -} - - -/* - * This module implements a random number generator faculty such that the next - * number in any random number stream is very hard to predict without knowing - * the seed for that stream even given the preceeding random numbers. - */ - -/* - * The secret des key schedule for the current stream of random numbers: - */ -static des_key_schedule random_sequence_key; - -/* - * The sequence # in the current stream of random numbers: - */ -static unsigned char sequence_number[8]; - -/* - * des_set_random_generator_seed: this routine is used to select a random - * number stream. The stream that results is - * totally determined by the passed in key. - * (I.e., calling this routine again with the - * same key allows repeating a sequence of - * random numbers) - * - * Requires: key is a valid des key. I.e., has correct parity and is not a - * weak des key. - */ -void -des_set_random_generator_seed(key) - des_cblock key; -{ - register int i; - - /* select the new stream: (note errors are not possible here...) */ - des_key_sched(key, random_sequence_key); - - /* "seek" to the start of the stream: */ - for (i=0; i<8; i++) - sequence_number[i] = 0; -} - -/* - * des_set_sequence_number: this routine is used to set the sequence number - * of the current random number stream. This routine - * may be used to "seek" within the current random - * number stream. - * - * Note that des_set_random_generator_seed resets the sequence number to 0. - */ -void -des_set_sequence_number(new_sequence_number) - des_cblock new_sequence_number; -{ - memcpy((char *)sequence_number, - (char *)new_sequence_number, - sizeof(sequence_number)); -} - -/* - * des_generate_random_block: routine to return the next random number - * from the current random number stream. - * The returned number is 64 bits long. - * - * Requires: des_set_random_generator_seed must have been called at least once - * before this routine is called. - */ -void des_generate_random_block(block) - des_cblock block; -{ - int i; - - /* - * Encrypt the sequence number to get the new random block: - */ - des_ecb_encrypt(sequence_number, block, random_sequence_key, 1); - - /* - * Increment the sequence number as an 8 byte unsigned number with wrap: - * (using LSB here) - */ - for (i=0; i<8; i++) { - sequence_number[i] = (sequence_number[i] + 1) & 0xff; - if (sequence_number[i]) - break; - } -} diff --git a/libdes/quad_cksum.c b/libdes/quad_cksum.c deleted file mode 100644 index 651e843..0000000 --- a/libdes/quad_cksum.c +++ /dev/null @@ -1,153 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Quadratic Congruential Manipulation Dectection Code - * - * ref: "Message Authentication" - * R.R. Jueneman, S. M. Matyas, C.H. Meyer - * IEEE Communications Magazine, - * Sept 1985 Vol 23 No 9 p 29-40 - * - * This routine, part of the Athena DES library built for the Kerberos - * authentication system, calculates a manipulation detection code for - * a message. It is a much faster alternative to the DES-checksum - * method. No guarantees are offered for its security. Refer to the - * paper noted above for more information - * - * Implementation for 4.2bsd - * by S.P. Miller Project Athena/MIT - */ - -/* - * Algorithm (per paper): - * define: - * message to be composed of n m-bit blocks X1,...,Xn - * optional secret seed S in block X1 - * MDC in block Xn+1 - * prime modulus N - * accumulator Z - * initial (secret) value of accumulator C - * N, C, and S are known at both ends - * C and , optionally, S, are hidden from the end users - * then - * (read array references as subscripts over time) - * Z[0] = c; - * for i = 1...n - * Z[i] = (Z[i+1] + X[i])**2 modulo N - * X[n+1] = Z[n] = MDC - * - * Then pick - * N = 2**31 -1 - * m = 16 - * iterate 4 times over plaintext, also use Zn - * from iteration j as seed for iteration j+1, - * total MDC is then a 128 bit array of the four - * Zn; - * - * return the last Zn and optionally, all - * four as output args. - * - * Modifications: - * To inhibit brute force searches of the seed space, this - * implementation is modified to have - * Z = 64 bit accumulator - * C = 64 bit C seed - * N = 2**63 - 1 - * S = S seed is not implemented here - * arithmetic is not quite real double integer precision, since we - * cant get at the carry or high order results from multiply, - * but nontheless is 64 bit arithmetic. - */ - -#ifndef lint -static char rcsid_quad_cksum_c[] = - "$Id$"; -#endif - -#include <stdio.h> -#include <sys/types.h> -#include <netinet/in.h> - -#include <mit-copyright.h> -#include "des.h" - -/* Externals */ -extern int des_debug; - -/*** Routines ***************************************************** */ - -unsigned long -des_quad_cksum(in,out,length,out_count,c_seed) - des_cblock c_seed; /* secret seed, 8 bytes */ - unsigned char *in; /* input block */ - u_int32 *out; /* optional longer output */ - int out_count; /* number of iterations */ - long length; /* original length in bytes */ -{ - - /* - * this routine both returns the low order of the final (last in - * time) 32bits of the checksum, and if "out" is not a null - * pointer, a longer version, up to entire 32 bytes of the - * checksum is written unto the address pointed to. - */ - - register u_int32 z; - register u_int32 z2; - register u_int32 x; - register u_int32 x2; - register unsigned char *p; - register long len; - register int i; - - /* use all 8 bytes of seed */ - - z = c_seed[0] + - ((u_int32)c_seed[1] << 8) + - ((u_int32)c_seed[2] << 16) + - ((u_int32)c_seed[3] << 24); - - z2 = c_seed[4] + - ((u_int32)c_seed[5] << 8) + - ((u_int32)c_seed[6] << 16) + - ((u_int32)c_seed[7] << 24); - - if (out == NULL) - out_count = 1; /* default */ - - /* This is repeated n times!! */ - for (i = 1; i <=4 && i<= out_count; i++) { - len = length; - p = in; - while (len) { - if (len > 1) { - x = (z + p[0] + (p[1]<<8)); - p += 2; - len -= 2; - } - else { - x = (z + *(unsigned char *)p++); - len = 0; - } - x2 = z2; - z = ((x * x) + (x2 * x2)) % 0x7fffffff; - z2 = (x * (x2+83653421)) % 0x7fffffff; /* modulo */ - if (des_debug & 8) - printf("%d %d\n",z,z2); - } - - if (out != NULL) { - *out++ = z; - *out++ = z2; - } - } - /* return final z value as 32 bit version of checksum */ - return z; -} diff --git a/libdes/random_key.c b/libdes/random_key.c deleted file mode 100644 index 8c20d85..0000000 --- a/libdes/random_key.c +++ /dev/null @@ -1,97 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * These routines perform encryption and decryption using the DES - * private key algorithm, or else a subset of it-- fewer inner loops. - * ( AUTH_DES_ITER defaults to 16, may be less) - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * The key schedule is passed as an arg, as well as the cleartext or - * ciphertext. The cleartext and ciphertext should be in host order. - * - * These routines form the library interface to the des facilities. - * - * spm 8/85 MIT project athena - */ - -#ifndef lint -static char rcsid_random_key_c[] = - "$Id$"; -#endif - -#include <mit-copyright.h> -#include <stdio.h> -#include <time.h> -#include <sys/time.h> - -#include <des.h> - -#ifdef USE_RAND48 -#define random lrand48 -#define srandom srand48 -#endif - -/* random_key */ -int -des_random_key(key) - des_cblock *key; -{ - /* - * create a random des key; should force odd parity per byte; - * parity is bits 8,16,...64 in des order, implies 0, 8, 16, ... - * vax order - */ - - register unsigned int temp; - register int odd; - register unsigned char *c = (unsigned char *) key; - unsigned long *k = (unsigned long *) key; - static long p = 0; - static long n = 0; - - int i,j; - - static struct timeval time; - - if (!p) { - p = getpid(); -#ifndef SOLARIS - p ^= gethostid(); -#endif - } - - (void) gettimeofday(&time,(struct timezone *)0); - /* randomize start */ - srandom(time.tv_usec ^ time.tv_sec ^ p ^ n++); - - *k++ = random(); - *k = random(); - - /* make each byte parity odd */ - for (i = 0; i <= 7; i++) { - odd = 0; - temp = (unsigned int) *c; - /* ignore bit 0, lsb, it will be parity (on vax) */ - /* should do this with a table lookup */ - for (j = 0; j <= 6; j++) { - temp = temp >> 1; - odd ^= temp & 01; - } - /* set odd parity in lsb */ - if (!odd) - *c |= 1; - else - *c &= ~1; - c++; - } - - return 0; -} diff --git a/libdes/read_password.c b/libdes/read_password.c deleted file mode 100644 index 59ce622..0000000 --- a/libdes/read_password.c +++ /dev/null @@ -1,249 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * This routine prints the supplied string to standard - * output as a prompt, and reads a password string without - * echoing. - */ - -#ifndef lint -static char rcsid_read_password_c[] = - "$Id$"; -#endif - -#include <mit-copyright.h> -#include <des.h> - -#include <stdio.h> -#include <string.h> -#include <signal.h> -#include <setjmp.h> - -#ifdef POSIX -#include <termios.h> -#else -#include <sys/ioctl.h> -#endif - -#ifdef POSIX -typedef void sigtype; -static sigjmp_buf env; -#else -typedef int sigtype; -static jmp_buf env; -#endif - -static sigtype sig_restore(); -static push_signals(), pop_signals(); -int des_read_pw_string(); - -/*** Routines ****************************************************** */ -int -des_read_password(k,prompt,verify) - des_cblock *k; - char *prompt; - int verify; -{ - int ok; - char key_string[BUFSIZ]; - -#ifdef POSIX - if (sigsetjmp(env, 1)) { - ok = -1; - goto lose; - } -#else - if (setjmp(env)) { - ok = -1; - goto lose; - } -#endif - - ok = des_read_pw_string(key_string, BUFSIZ, prompt, verify); - if (ok == 0) - des_string_to_key(key_string, k); - -lose: - memset(key_string, 0, sizeof (key_string)); - return ok; -} - -/* - * This version just returns the string, doesn't map to key. - * - * Returns 0 on success, non-zero on failure. - */ - -int -des_read_pw_string(s,max,prompt,verify) - char *s; - int max; - char *prompt; - int verify; -{ - int ok = 0; - char *ptr; - char key_string[BUFSIZ]; -#ifdef POSIX - sigjmp_buf old_env; - struct termios tty_state; -#else - jmp_buf old_env; - struct sgttyb tty_state; -#endif - - if (max > BUFSIZ) { - return -1; - } - -#ifdef POSIX - /* save terminal state */ - if (tcgetattr(0, &tty_state) == -1) - return -1; - /* Turn off echo */ - tty_state.c_lflag &= ~ECHO; - if (tcsetattr(0, TCSANOW, &tty_state) == -1) - return -1; - - memcpy((char *)env, (char *)old_env, sizeof(env)); - if (sigsetjmp(env, 1)) - goto lose; -#else - /* save terminal state*/ - if (ioctl(0,TIOCGETP,(char *)&tty_state) == -1) - return -1; - /* Turn off echo */ - tty_state.sg_flags &= ~ECHO; - if (ioctl(0,TIOCSETP,(char *)&tty_state) == -1) - return -1; - memcpy((char *)env, (char *)old_env, sizeof(env)); - if (setjmp(env)) - goto lose; -#endif - push_signals(); - - while (!ok) { - (void) printf(prompt); - (void) fflush(stdout); -#ifdef CROSSMSDOS - h19line(s,sizeof(s),0); - if (!strlen(s)) - continue; -#else - if (!fgets(s, max, stdin)) { - clearerr(stdin); - continue; - } - if ((ptr = strchr(s, '\n'))) - *ptr = '\0'; -#endif - if (verify) { - printf("\nVerifying, please re-enter %s",prompt); - (void) fflush(stdout); -#ifdef CROSSMSDOS - h19line(key_string,sizeof(key_string),0); - if (!strlen(key_string)) - continue; -#else - if (!fgets(key_string, sizeof(key_string), stdin)) { - clearerr(stdin); - continue; - } - if ((ptr = strchr(key_string, '\n'))) - *ptr = '\0'; -#endif - if (strcmp(s,key_string)) { - printf("\n\07\07Mismatch - try again\n"); - (void) fflush(stdout); - continue; - } - } - ok = 1; - } - -lose: - if (!ok) - memset(s, 0, max); - printf("\n"); -#ifdef POSIX - /* turn echo back on */ - tty_state.c_lflag |= ECHO; - if (tcsetattr(0, TCSANOW, &tty_state)) - ok = 0; -#else - /* turn echo back on */ - tty_state.sg_flags |= ECHO; - if (ioctl(0,TIOCSETP,(char *)&tty_state)) - ok = 0; -#endif - pop_signals(); - memcpy((char *)old_env, (char *)env, sizeof(env)); - - if (verify) - memset(key_string, 0, sizeof (key_string)); - s[max-1] = 0; /* force termination */ - return !ok; /* return nonzero if not okay */ -} - -#ifdef POSIX -/* This can be static since we should never have more than one set saved... */ -static struct sigaction osa[NSIG]; - -static push_signals() -{ - register int i; - struct sigaction nsa; - - sigemptyset(&nsa.sa_mask); - nsa.sa_flags = 0; - nsa.sa_handler = sig_restore; - - for (i=0; i<NSIG; i++) - sigaction(i, &nsa, &osa[i]); -} - -static pop_signals() -{ - register int i; - for (i=0; i<NSIG; i++) - sigaction(i, &osa[i], (struct sigaction *)0); -} - -static sigtype sig_restore() -{ - siglongjmp(env, 1); -} - -#else /* !POSIX */ - -/* This can be static since we should never have more than one set saved... */ -static sigtype (*old_sigfunc[NSIG])(); - -static push_signals() -{ - register int i; - for (i = 0; i < NSIG; i++) - old_sigfunc[i] = signal(i,sig_restore); -} - -static pop_signals() -{ - register int i; - for (i = 0; i < NSIG; i++) - (void) signal(i,old_sigfunc[i]); -} - -static sigtype -sig_restore() -{ - longjmp(env,1); -} - -#endif /* POSIX */ diff --git a/libdes/string_to_key.c b/libdes/string_to_key.c deleted file mode 100644 index 752de8a..0000000 --- a/libdes/string_to_key.c +++ /dev/null @@ -1,123 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1985, 1986, 1987, 1988, 1989 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * These routines perform encryption and decryption using the DES - * private key algorithm, or else a subset of it-- fewer inner loops. - * (AUTH_DES_ITER defaults to 16, may be less.) - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * The key schedule is passed as an arg, as well as the cleartext or - * ciphertext. The cleartext and ciphertext should be in host order. - * - * These routines form the library interface to the DES facilities. - * - * spm 8/85 MIT project athena - */ - -#ifndef lint -static char rcsid_string_to_key_c[] = - "$Id$"; -#endif - -#include <mit-copyright.h> -#include <stdio.h> -#include <des.h> - -extern int des_debug; -extern int des_debug_print(); -extern void des_fixup_key_parity(); - -/* - * convert an arbitrary length string to a DES key - */ -int -des_string_to_key(str,key) - char *str; - register des_cblock *key; -{ - register char *in_str; - register unsigned temp,i; - register int j; - register long length; - static unsigned char *k_p; - static int forward; - register char *p_char; - static char k_char[64]; - static des_key_schedule key_sked; - extern unsigned long des_cbc_cksum(); - - in_str = str; - forward = 1; - p_char = k_char; - length = strlen(str); - - /* init key array for bits */ - memset(k_char, 0, sizeof(k_char)); - -#ifdef DEBUG - if (des_debug) - fprintf(stdout, - "\n\ninput str length = %d string = %s\nstring = 0x ", - length,str); -#endif - - /* get next 8 bytes, strip parity, xor */ - for (i = 1; i <= length; i++) { - /* get next input key byte */ - temp = (unsigned int) *str++; -#ifdef DEBUG - if (des_debug) - fprintf(stdout,"%02x ",temp & 0xff); -#endif - /* loop through bits within byte, ignore parity */ - for (j = 0; j <= 6; j++) { - if (forward) - *p_char++ ^= (int) temp & 01; - else - *--p_char ^= (int) temp & 01; - temp = temp >> 1; - } while (--j > 0); - - /* check and flip direction */ - if ((i%8) == 0) - forward = !forward; - } - - /* now stuff into the key des_cblock, and force odd parity */ - p_char = k_char; - k_p = (unsigned char *) key; - - for (i = 0; i <= 7; i++) { - temp = 0; - for (j = 0; j <= 6; j++) - temp |= *p_char++ << (1+j); - *k_p++ = (unsigned char) temp; - } - - /* fix key parity */ - des_fixup_key_parity(key); - - /* Now one-way encrypt it with the folded key */ - (void) des_key_sched(key,key_sked); - (void) des_cbc_cksum((des_cblock *)in_str,key,length,key_sked,key); - /* erase key_sked */ - memset((char *)key_sked, 0, sizeof(key_sked)); - - /* now fix up key parity again */ - des_fixup_key_parity(key); - - if (des_debug) - fprintf(stdout, - "\nResulting string_to_key = 0x%x 0x%x\n", - *((unsigned long *) key), - *((unsigned long *) key+1)); -} diff --git a/libdes/util.c b/libdes/util.c deleted file mode 100644 index 770ebd1..0000000 --- a/libdes/util.c +++ /dev/null @@ -1,36 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Miscellaneous debug printing utilities - */ - -#ifndef lint -static char rcsid_util_c[] = - "$Id$"; -#endif - -#include <mit-copyright.h> -#include <stdio.h> -#include <des.h> - -des_cblock_print_file(x, fp) - des_cblock *x; - FILE *fp; -{ - unsigned char *y = (unsigned char *) x; - register int i = 0; - fprintf(fp," 0x { "); - - while (i++ < 8) { - fprintf(fp,"%x",*y++); - if (i < 8) - fprintf(fp,", "); - } - fprintf(fp," }"); -} diff --git a/libdes/verify.c b/libdes/verify.c deleted file mode 100644 index b5e775a..0000000 --- a/libdes/verify.c +++ /dev/null @@ -1,275 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Program to test the correctness of the DES library - * implementation. - * - * exit returns 0 ==> success - * -1 ==> error - */ - -#ifndef lint -static char rcsid_verify_c[] = - "$Id$"; -#endif - -#include <mit-copyright.h> -#include <stdio.h> -#include <errno.h> -#include <des.h> - -extern char *errmsg(); -extern int errno; -extern int des_string_to_key(); -extern int des_key_sched(); -extern int des_ecb_encrypt(); -extern int des_cbc_encrypt(); -extern exit(); -char *progname; -int nflag = 2; -int vflag; -int mflag; -int zflag; -int pid; -int des_debug; -des_key_schedule KS; -unsigned char cipher_text[64]; -unsigned char clear_text[64] = "Now is the time for all " ; -unsigned char clear_text2[64] = "7654321 Now is the time for "; -unsigned char clear_text3[64] = {2,0,0,0, 1,0,0,0}; -unsigned char output[64]; -unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0}; -unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */ -unsigned char *input; - -/* 0x0123456789abcdef */ -unsigned char default_key[8] = { - 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef -}; -unsigned char key2[8] = { 0x08,0x19,0x2a,0x3b,0x4c,0x5d,0x6e,0x7f }; -unsigned char key3[8] = { 0x80,1,1,1,1,1,1,1 }; -des_cblock s_key; -unsigned char default_ivec[8] = { - 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef -}; -unsigned char *ivec; -unsigned char zero_key[8] = {1,1,1,1,1,1,1,1}; /* just parity bits */ -int i,j; - -/* - * Can also add : - * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?) - */ - -main(argc,argv) - int argc; - char *argv[]; -{ - /* Local Declarations */ - long in_length; - - progname=argv[0]; /* salt away invoking program */ - - /* Assume a u_int32 is four bytes */ - if (sizeof(u_int32) != 4) { - printf("\nERROR, size of long is %d",sizeof(u_int32)); - exit(-1); - } - - while (--argc > 0 && (*++argv)[0] == '-') - for (i=1; argv[0][i] != '\0'; i++) { - switch (argv[0][i]) { - - /* debug flag */ - case 'd': - des_debug=3; - continue; - - case 'z': - zflag = 1; - continue; - - case 'm': - mflag = 1; - continue; - - default: - printf("%s: illegal flag \"%c\" ", - progname,argv[0][i]); - exit(1); - } - }; - - if (argc) { - fprintf(stderr, "Usage: %s [-dmz]\n", progname); - exit(1); - } - - /* use known input and key */ - - /* ECB zero text zero key */ - if (zflag) { - input = zero_text; - des_key_sched(zero_key,KS); - printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n"); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); - printf("\n"); - do_decrypt(output,cipher_text); - return(0); - } - - if (mflag) { - input = msb_text; - des_key_sched(key3,KS); - printf("plaintext = 0x00 00 00 00 00 00 00 40, "); - printf("key = 0, cipher = 0x??\n"); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) { - printf("%02x ",cipher_text[j]); - } - printf("\n"); - do_decrypt(output,cipher_text); - return(0); - } - - /* ECB mode Davies and Price */ - { - input = zero_text; - des_key_sched(key2,KS); - printf("Examples per FIPS publication 81, keys ivs and cipher\n"); - printf("in hex. These are the correct answers, see below for\n"); - printf("the actual answers.\n\n"); - printf("Examples per Davies and Price.\n\n"); - printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n"); - printf("\tclear = 0\n"); - printf("\tcipher = 25 dd ac 3e 96 17 64 67\n"); - printf("ACTUAL ECB\n"); - printf("\tclear \"%s\"\n", input); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); - printf("\n\n"); - do_decrypt(output,cipher_text); - } - - /* ECB mode */ - { - des_key_sched(default_key,KS); - input = clear_text; - ivec = default_ivec; - printf("EXAMPLE ECB\tkey = 0123456789abcdef\n"); - printf("\tclear = \"Now is the time for all \"\n"); - printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n"); - printf("ACTUAL ECB\n\tclear \"%s\"",input); - do_encrypt(input,cipher_text); - printf("\n\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) { - printf("%02x ",cipher_text[j]); - } - printf("\n\n"); - do_decrypt(output,cipher_text); - } - - /* CBC mode */ - printf("EXAMPLE CBC\tkey = 0123456789abcdef"); - printf("\tiv = 1234567890abcdef\n"); - printf("\tclear = \"Now is the time for all \"\n"); - printf("\tcipher =\te5 c7 cd de 87 2b f2 7c\n"); - printf("\t\t\t43 e9 34 00 8c 38 9c 0f\n"); - printf("\t\t\t68 37 88 49 9a 7c 05 f6\n"); - - printf("ACTUAL CBC\n\tclear \"%s\"\n",input); - in_length = strlen(input); - des_cbc_encrypt(input,cipher_text,(long) in_length,KS,ivec,1); - printf("\tciphertext = (low to high bytes)\n"); - for (i = 0; i <= 7; i++) { - printf("\t\t"); - for (j = 0; j <= 7; j++) { - printf("%02x ",cipher_text[i*8+j]); - } - printf("\n"); - } - des_cbc_encrypt(cipher_text,clear_text,(long) in_length,KS,ivec,0); - printf("\tdecrypted clear_text = \"%s\"\n",clear_text); - - printf("EXAMPLE CBC checksum"); - printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n"); - printf("\tclear =\t\t\"7654321 Now is the time for \"\n"); - printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, "); - printf("or some part thereof\n"); - input = clear_text2; - des_cbc_cksum(input,cipher_text,(long) strlen(input),KS,ivec,1); - printf("ACTUAL CBC checksum\n"); - printf("\t\tencrypted cksum = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); - printf("\n\n"); - exit(0); -} - -flip(array) - char *array; -{ - register int old,new,i,j; - /* flips the bit order within each byte from 0 lsb to 0 msb */ - for (i = 0; i<=7; i++) { - old = *array; - new = 0; - for (j = 0; j<=7; j++) { - if (old & 01) - new = new | 01; - if (j < 7) { - old = old >> 1; - new = new << 1; - } - } - *array = new; - array++; - } -} - -do_encrypt(in,out) - char *in; - char *out; -{ - for (i =1; i<=nflag; i++) { - des_ecb_encrypt(in,out,KS,1); - if (des_debug) { - printf("\nclear %s\n",in); - for (j = 0; j<=7; j++) - printf("%02X ",in[j] & 0xff); - printf("\tcipher "); - for (j = 0; j<=7; j++) - printf("%02X ",out[j] & 0xff); - } - } -} - -do_decrypt(in,out) - char *out; - char *in; - /* try to invert it */ -{ - for (i =1; i<=nflag; i++) { - des_ecb_encrypt(out,in,KS,0); - if (des_debug) { - printf("clear %s\n",in); - for (j = 0; j<=7; j++) - printf("%02X ",in[j] & 0xff); - printf("\tcipher "); - for (j = 0; j<=7; j++) - printf("%02X ",out[j] & 0xff); - } - } -} diff --git a/libdes/weak_key.c b/libdes/weak_key.c deleted file mode 100644 index 6657c1e..0000000 --- a/libdes/weak_key.c +++ /dev/null @@ -1,73 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1989 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * These routines form the library interface to the DES facilities. - * - * Originally written 8/85 by Steve Miller, MIT Project Athena. - */ - -#ifndef lint -static char rcsid_weak_key_c[] = - "$Id$"; -#endif - -#include <des.h> - -/* - * The following are the weak DES keys: - */ -static des_cblock weak[16] = { - /* weak keys */ - {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, - {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe}, - {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e}, - {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1}, - - /* semi-weak */ - {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe}, - {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01}, - - {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1}, - {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e}, - - {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1}, - {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01}, - - {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe}, - {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e}, - - {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e}, - {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01}, - - {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe}, - {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1} -}; - -/* - * des_is_weak_key: returns true iff key is a [semi-]weak des key. - * - * Requires: key has correct odd parity. - */ -int -des_is_weak_key(key) - des_cblock key; -{ - int i; - des_cblock *weak_p = weak; - - for (i = 0; i < (sizeof(weak)/sizeof(des_cblock)); i++) { - if (!memcmp((char *)weak_p++, (char *)key, sizeof(des_cblock))) - return 1; - } - - return 0; -} |