1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
|
How to use the Kerberos encryption library.
Revised 10/15/85 spm
1) The following include file is needed:
/projects/auth/include/des.h (VAX)
--------------- (PC8086)
2) The encryption library that should be linked to is:
/projects/auth/lib/libdes.a (VAX)
| /projects/auth/ibm/lib/libdes.a (PC8086 cross-compilation environment)
3) For each key that may be simultaneously active,
allocate (either compile or malloc) a "Key_schedule" struct,
defined in "des.h"
4) Create key schedules, as needed, prior to using the encryption
routines, via "des_set_key()".
5) Setup the input and output areas. Make sure to note the restrictions
on lengths being multiples of eight bytes.
6) Invoke the encryption/decryption routines, "ecb_encrypt()"
or "cbc_encrypt()"
7) To generate a cryptographic checksum, use "cbc_cksum()"
/* ---------------------------------------------------------------- */
Routine Interfaces--
/* ----------------------------------------------------------------- */
int
des_set_key(k,schedule)
C_Block *k;
Key_schedule schedule;
Calculates a key schedule from (all) eight bytes of the input key, and
puts it into the indicated "Key_schedule" struct;
Make sure to pass valid eight bytes, no padding or other processing
it done.
The key schedule is then used in subsequent encryption/decryption
operations. Many key schedules may be created and cached for later
use.
The user is responsible to clear keys and schedules no longer needed
to prevent their disclosure.
| Checks the parity of the key provided, to make sure it is odd per
| FIPS spec. Returns 0 value for key ok, 1 for key_parity error.
/* ---------------------------------------------------------------- */
int
ecb_encrypt(input,output,schedule,encrypt)
C_Block *input; /* ptr to eight byte input value */
C_Block *output; /* ptr to eight byte output value */
int encrypt; /* 0 ==> decrypt, else encrypt */
Key_schedule schedule; /* addr of key schedule */
This is the low level routine that encrypts or decrypts a single 8-byte
block in electronic code book mode. Always transforms the input
data into the output data.
If encrypt is non-zero, the input (cleartext) is encrypted into the
output (ciphertext) using the specified key_schedule, pre-set via "des_set_key".
If encrypt is zero, the input (now ciphertext) is decrypted into
the output (now cleartext).
Input and output may be the same space.
Does not return any meaningful value. Void is not used for compatibility
with other compilers.
/* -------------------------------------------------------------- */
int
cbc_encrypt(input,output,length,schedule,ivec,encrypt)
C_Block *input; /* ptr to input data */
C_Block *output; /* ptr to output data */
int length; /* desired length, in bytes */
Key_schedule schedule; /* addr of precomputed schedule */
C_Block *ivec; /* pointer to 8 byte initialization
* vector
*/
int encrypt /* 0 ==> decrypt; else encrypt*/
If encrypt is non-zero, the routine cipher-block-chain encrypts
the INPUT (cleartext) into the OUTPUT (ciphertext) using the provided
key schedule and initialization vector. If the length is not an integral
multiple of eight bytes, the last block is copied to a temp and zero
filled (highest addresses). The output is ALWAYS an integral multiple
of eight bytes.
If encrypt is zero, the routine cipher-block chain decrypts the INPUT
(ciphertext) into the OUTPUT (cleartext) using the provided key schedule
and initialization vector. Decryption ALWAYS operates on integral
multiples of 8 bytes, so will round the length provided up to the
appropriate multiple. Consequently, it will always produce the rounded-up
number of bytes of output cleartext. The application must determine if
the output cleartext was zero-padded due to cleartext lengths not integral
multiples of 8.
No errors or meaningful value are returned. Void is not used for
compatibility with other compilers.
/* cbc checksum (MAC) only routine ---------------------------------------- */
int
cbc_cksum(input,output,length,schedule,ivec)
C_Block *input; /* >= length bytes of inputtext */
C_Block *output; /* >= length bytes of outputtext */
int length; /* in bytes */
Key_schedule schedule; /* precomputed key schedule */
C_Block *ivec; /* 8 bytes of ivec */
Produces a cryptographic checksum, 8 bytes, by cipher-block-chain
encrypting the input, discarding the ciphertext output, and only retaining
the last ciphertext 8-byte block. Uses the provided key schedule and ivec.
The input is effectively zero-padded to an integral multiple of
eight bytes, though the original input is not modified.
No meaningful value is returned. Void is not used for compatibility
with other compilers.
/* random_key ----------------------------------------*/
int
random_key(key)
C_Block *key;
The start for the random number generated is set from the current time
in microseconds, then the random number generator is invoked
to create an eight byte output key (not a schedule). The key
generated is set to odd parity per FIPS spec.
The caller must supply space for the output key, pointed to
by "*key", then after getting a new key, call the des_set_key()
routine when needed.
No meaningfull value is returned. Void is not used for compatibility
with other compilers.
/* string_to_key --------------------------------------------*/
int
string_to_key(str,key)
register char *str;
register C_Block *key;
This routines converts an arbitrary length, null terminated string
to an 8 byte DES key, with each byte parity set to odd, per FIPS spec.
The algorithm is as follows:
| Take the first 8 bytes and remove the parity (leaving 56 bits).
| Do the same for the second 8 bytes, and the third, etc. Do this for
| as many sets of 8 bytes as necessary, filling in the remainder of the
| last set with nulls. Fold the second set back on the first (i.e. bit
| 0 over bit 55, and bit 55 over bit 0). Fold the third over the second
| (bit 0 of the third set is now over bit 0 of the first set). Repeat
| until you have done this to all sets. Xor the folded sets. Break the
| result into 8 7 bit bytes, and generate odd parity for each byte. You
| now have 64 bits. Note that DES takes a 64 bit key, and uses only the
| non parity bits.
/* read_password -------------------------------------------*/
read_password(k,prompt,verify)
C_Block *k;
char *prompt;
int verify;
This routine issues the supplied prompt, turns off echo, if possible, and
reads an input string. If verify is non-zero, it does it again, for use
in applications such as changing a password. If verify is non-zero, both
versions are compared, and the input is requested repeatedly until they
match. Then, the input string is mapped into a valid DES key, internally
using the string_to_key routine. The newly created key is copied to the
area pointed to by parameter "k".
No meaningful value is returned. If an error occurs trying to manipulate
the terminal echo, the routine forces the process to exit.
/* get_line ------------------------*/
long get_line(p,max)
char *p;
long max;
Reads input characters from standard input until either a newline appears or
else the max length is reached. The characters read are stuffed into
the string pointed to, which will always be null terminated. The newline
is not inserted in the string. The max parameter includes the byte needed
for the null terminator, so allocate and pass one more than the maximum
string length desired.
|