diff options
Diffstat (limited to 'libdes/new_rnd_key.c')
-rw-r--r-- | libdes/new_rnd_key.c | 207 |
1 files changed, 0 insertions, 207 deletions
diff --git a/libdes/new_rnd_key.c b/libdes/new_rnd_key.c deleted file mode 100644 index 4ee0218..0000000 --- a/libdes/new_rnd_key.c +++ /dev/null @@ -1,207 +0,0 @@ -/* - * $Source$ - * $Author$ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * New pseudo-random key generator, using DES encryption to make the - * pseudo-random cycle as hard to break as DES. - * - * Written by Mark Lillibridge, MIT Project Athena - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - */ - -#ifndef lint -static char rcsid_new_rnd_key_c[] = - "$Id"; -#endif - -#include <mit-copyright.h> - -#include <des.h> -#include <time.h> -#include <time.h> -#include <sys/time.h> - -extern void des_fixup_key_parity(); -extern int des_is_weak_key(); - -void des_set_random_generator_seed(), des_set_sequence_number(); -void des_generate_random_block(); - -/* - * des_new_random_key: create a random des key - * - * Requires: des_set_random_number_generater_seed must be at called least - * once before this routine is called. - * - * Notes: the returned key has correct parity and is guarenteed not - * to be a weak des key. Des_generate_random_block is used to - * provide the random bits. - */ -int -des_new_random_key(key) - des_cblock key; -{ - do { - des_generate_random_block(key); - des_fixup_key_parity(key); - } while (des_is_weak_key(key)); - - return(0); -} - -/* - * des_init_random_number_generator: - * - * This routine takes a secret key possibly shared by a number - * of servers and uses it to generate a random number stream that is - * not shared by any of the other servers. It does this by using the current - * process id, host id, and the current time to the nearest second. The - * resulting stream seed is not useful information for cracking the secret - * key. Moreover, this routine keeps no copy of the secret key. - * This routine is used for example, by the kerberos server(s) with the - * key in question being the kerberos master key. - * - * Note: this routine calls des_set_random_generator_seed. - */ - -void des_init_random_number_generator(key) - des_cblock key; -{ - struct { /* This must be 64 bits exactly */ - long process_id; - long host_id; - } seed; - struct timeval time; /* this must also be 64 bits exactly */ - des_cblock new_key; - - /* - * use a host id and process id in generating the seed to ensure - * that different servers have different streams: - */ - seed.process_id = getpid(); -#if !defined(SOLARIS) - seed.host_id = gethostid(); -#endif - - /* - * Generate a tempory value that depends on the key, host_id, and - * process_id such that it gives no useful information about the key: - */ - des_set_random_generator_seed(key); - des_set_sequence_number((unsigned char *)&seed); - des_new_random_key(new_key); - - /* - * use it to select a random stream: - */ - des_set_random_generator_seed(new_key); - - /* - * use a time stamp to ensure that a server started later does not reuse - * an old stream: - */ - gettimeofday(&time, (struct timezone *)0); - des_set_sequence_number((unsigned char *)&time); - - /* - * use the time stamp finally to select the final seed using the - * current random number stream: - */ - des_new_random_key(new_key); - des_set_random_generator_seed(new_key); -} - - -/* - * This module implements a random number generator faculty such that the next - * number in any random number stream is very hard to predict without knowing - * the seed for that stream even given the preceeding random numbers. - */ - -/* - * The secret des key schedule for the current stream of random numbers: - */ -static des_key_schedule random_sequence_key; - -/* - * The sequence # in the current stream of random numbers: - */ -static unsigned char sequence_number[8]; - -/* - * des_set_random_generator_seed: this routine is used to select a random - * number stream. The stream that results is - * totally determined by the passed in key. - * (I.e., calling this routine again with the - * same key allows repeating a sequence of - * random numbers) - * - * Requires: key is a valid des key. I.e., has correct parity and is not a - * weak des key. - */ -void -des_set_random_generator_seed(key) - des_cblock key; -{ - register int i; - - /* select the new stream: (note errors are not possible here...) */ - des_key_sched(key, random_sequence_key); - - /* "seek" to the start of the stream: */ - for (i=0; i<8; i++) - sequence_number[i] = 0; -} - -/* - * des_set_sequence_number: this routine is used to set the sequence number - * of the current random number stream. This routine - * may be used to "seek" within the current random - * number stream. - * - * Note that des_set_random_generator_seed resets the sequence number to 0. - */ -void -des_set_sequence_number(new_sequence_number) - des_cblock new_sequence_number; -{ - memcpy((char *)sequence_number, - (char *)new_sequence_number, - sizeof(sequence_number)); -} - -/* - * des_generate_random_block: routine to return the next random number - * from the current random number stream. - * The returned number is 64 bits long. - * - * Requires: des_set_random_generator_seed must have been called at least once - * before this routine is called. - */ -void des_generate_random_block(block) - des_cblock block; -{ - int i; - - /* - * Encrypt the sequence number to get the new random block: - */ - des_ecb_encrypt(sequence_number, block, random_sequence_key, 1); - - /* - * Increment the sequence number as an 8 byte unsigned number with wrap: - * (using LSB here) - */ - for (i=0; i<8; i++) { - sequence_number[i] = (sequence_number[i] + 1) & 0xff; - if (sequence_number[i]) - break; - } -} |