expose even more internals, for bdes

author: deraadt <> 1995-12-17 05:49:38 +0000
committer: deraadt <> 1995-12-17 05:49:38 +0000
commit: 4c70e8e290177091087559c28d94840d5afd660b (patch)
tree: 527e7918f48108afdee72e33a1c3a4517e6f3500
parent: 767a35a43c1498fbfe4461e5456c6cd41f08de26 (diff)
download: openbsd-4c70e8e290177091087559c28d94840d5afd660b.tar.gz
openbsd-4c70e8e290177091087559c28d94840d5afd660b.tar.bz2
openbsd-4c70e8e290177091087559c28d94840d5afd660b.zip
1 files changed, 308 insertions, 1 deletions
diff --git a/src/lib/libc/crypt/morecrypt.c b/src/lib/libc/crypt/morecrypt.c
index 85ace2ecce..4b5be69f17 100644
--- a/src/lib/libc/crypt/morecrypt.c
+++ b/src/lib/libc/crypt/morecrypt.c
@@ -1,4 +1,4 @@
-/*      $Id: morecrypt.c,v 1.1 1995/12/16 12:55:31 deraadt Exp $ */
+/*      $Id: morecrypt.c,v 1.2 1995/12/17 05:49:38 deraadt Exp $ */
 /*
 * FreeSec: libcrypt
@@ -209,6 +209,313 @@ ascii_to_bin(ch)
        return(0);
 }
+void
+des_init()
+{
+        int     i, j, b, k, inbit, obit;
+        u_int32_t       *p, *il, *ir, *fl, *fr;
+        old_rawkey0 = old_rawkey1 = 0;
+        saltbits = 0;
+        old_salt = 0;
+        bits24 = (bits28 = bits32 + 4) + 4;
+        /*
+         * Invert the S-boxes, reordering the input bits.
+         */
+        for (i = 0; i < 8; i++)
+                for (j = 0; j < 64; j++) {
+                        b = (j & 0x20) | ((j & 1) << 4) | ((j >> 1) & 0xf);
+                        u_sbox[i][j] = sbox[i][b];
+                }
+        /*
+         * Convert the inverted S-boxes into 4 arrays of 8 bits.
+         * Each will handle 12 bits of the S-box input.
+         */
+        for (b = 0; b < 4; b++)
+                for (i = 0; i < 64; i++)
+                        for (j = 0; j < 64; j++)
+                                m_sbox[b][(i << 6) | j] =
+                                        (u_sbox[(b << 1)][i] << 4) |
+                                        u_sbox[(b << 1) + 1][j];
+        /*
+         * Set up the initial & final permutations into a useful form, and
+         * initialise the inverted key permutation.
+         */
+        for (i = 0; i < 64; i++) {
+                init_perm[final_perm[i] = IP[i] - 1] = i;
+                inv_key_perm[i] = 255;
+        }
+        /*
+         * Invert the key permutation and initialise the inverted key
+         * compression permutation.
+         */
+        for (i = 0; i < 56; i++) {
+                u_key_perm[i] = key_perm[i] - 1;
+                inv_key_perm[key_perm[i] - 1] = i;
+                inv_comp_perm[i] = 255;
+        }
+        /*
+         * Invert the key compression permutation.
+         */
+        for (i = 0; i < 48; i++) {
+                inv_comp_perm[comp_perm[i] - 1] = i;
+        }
+        /*
+         * Set up the OR-mask arrays for the initial and final permutations,
+         * and for the key initial and compression permutations.
+         */
+        for (k = 0; k < 8; k++) {
+                for (i = 0; i < 256; i++) {
+                        *(il = &ip_maskl[k][i]) = 0;
+                        *(ir = &ip_maskr[k][i]) = 0;
+                        *(fl = &fp_maskl[k][i]) = 0;
+                        *(fr = &fp_maskr[k][i]) = 0;
+                        for (j = 0; j < 8; j++) {
+                                inbit = 8 * k + j;
+                                if (i & bits8[j]) {
+                                        if ((obit = init_perm[inbit]) < 32)
+                                                *il |= bits32[obit];
+                                        else
+                                                *ir |= bits32[obit-32];
+                                        if ((obit = final_perm[inbit]) < 32)
+                                                *fl |= bits32[obit];
+                                        else
+                                                *fr |= bits32[obit - 32];
+                                }
+                        }
+                }
+                for (i = 0; i < 128; i++) {
+                        *(il = &key_perm_maskl[k][i]) = 0;
+                        *(ir = &key_perm_maskr[k][i]) = 0;
+                        for (j = 0; j < 7; j++) {
+                                inbit = 8 * k + j;
+                                if (i & bits8[j + 1]) {
+                                        if ((obit = inv_key_perm[inbit]) == 255)
+                                                continue;
+                                        if (obit < 28)
+                                                *il |= bits28[obit];
+                                        else
+                                                *ir |= bits28[obit - 28];
+                                }
+                        }
+                        *(il = &comp_maskl[k][i]) = 0;
+                        *(ir = &comp_maskr[k][i]) = 0;
+                        for (j = 0; j < 7; j++) {
+                                inbit = 7 * k + j;
+                                if (i & bits8[j + 1]) {
+                                        if ((obit=inv_comp_perm[inbit]) == 255)
+                                                continue;
+                                        if (obit < 24)
+                                                *il |= bits24[obit];
+                                        else
+                                                *ir |= bits24[obit - 24];
+                                }
+                        }
+                }
+        }
+        /*
+         * Invert the P-box permutation, and convert into OR-masks for
+         * handling the output of the S-box arrays setup above.
+         */
+        for (i = 0; i < 32; i++)
+                un_pbox[pbox[i] - 1] = i;
+        for (b = 0; b < 4; b++)
+                for (i = 0; i < 256; i++) {
+                        *(p = &psbox[b][i]) = 0;
+                        for (j = 0; j < 8; j++) {
+                                if (i & bits8[j])
+                                        *p |= bits32[un_pbox[8 * b + j]];
+                        }
+                }
+        des_initialised = 1;
+}
+void
+setup_salt(salt)
+        int32_t salt;
+{
+        u_int32_t       obit, saltbit;
+        int     i;
+        if (salt == old_salt)
+                return;
+        old_salt = salt;
+        saltbits = 0;
+        saltbit = 1;
+        obit = 0x800000;
+        for (i = 0; i < 24; i++) {
+                if (salt & saltbit)
+                        saltbits |= obit;
+                saltbit <<= 1;
+                obit >>= 1;
+        }
+}
+int
+do_des(l_in, r_in, l_out, r_out, count)
+        u_int32_t l_in, r_in, *l_out, *r_out;
+        int count;
+{
+        /*
+         *      l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format.
+         */
+        u_int32_t       mask, rawl, rawr, l, r, *kl, *kr, *kl1, *kr1;
+        u_int32_t       f, r48l, r48r;
+        int     i, j, b, round;
+        if (count == 0) {
+                return(1);
+        } else if (count > 0) {
+                /*
+                 * Encrypting
+                 */
+                kl1 = en_keysl;
+                kr1 = en_keysr;
+        } else {
+                /*
+                 * Decrypting
+                 */
+                count = -count;
+                kl1 = de_keysl;
+                kr1 = de_keysr;
+        }
+        /*
+         *      Do initial permutation (IP).
+         */
+        l = ip_maskl[0][l_in >> 24]
+          | ip_maskl[1][(l_in >> 16) & 0xff]
+          | ip_maskl[2][(l_in >> 8) & 0xff]
+          | ip_maskl[3][l_in & 0xff]
+          | ip_maskl[4][r_in >> 24]
+          | ip_maskl[5][(r_in >> 16) & 0xff]
+          | ip_maskl[6][(r_in >> 8) & 0xff]
+          | ip_maskl[7][r_in & 0xff];
+        r = ip_maskr[0][l_in >> 24]
+          | ip_maskr[1][(l_in >> 16) & 0xff]
+          | ip_maskr[2][(l_in >> 8) & 0xff]
+          | ip_maskr[3][l_in & 0xff]
+          | ip_maskr[4][r_in >> 24]
+          | ip_maskr[5][(r_in >> 16) & 0xff]
+          | ip_maskr[6][(r_in >> 8) & 0xff]
+          | ip_maskr[7][r_in & 0xff];
+        while (count--) {
+                /*
+                 * Do each round.
+                 */
+                kl = kl1;
+                kr = kr1;
+                round = 16;
+                while (round--) {
+                        /*
+                         * Expand R to 48 bits (simulate the E-box).
+                         */
+                        r48l    = ((r & 0x00000001) << 23)
+                                | ((r & 0xf8000000) >> 9)
+                                | ((r & 0x1f800000) >> 11)
+                                | ((r & 0x01f80000) >> 13)
+                                | ((r & 0x001f8000) >> 15);
+                        r48r    = ((r & 0x0001f800) << 7)
+                                | ((r & 0x00001f80) << 5)
+                                | ((r & 0x000001f8) << 3)
+                                | ((r & 0x0000001f) << 1)
+                                | ((r & 0x80000000) >> 31);
+                        /*
+                         * Do salting for crypt() and friends, and
+                         * XOR with the permuted key.
+                         */
+                        f = (r48l ^ r48r) & saltbits;
+                        r48l ^= f ^ *kl++;
+                        r48r ^= f ^ *kr++;
+                        /*
+                         * Do sbox lookups (which shrink it back to 32 bits)
+                         * and do the pbox permutation at the same time.
+                         */
+                        f = psbox[0][m_sbox[0][r48l >> 12]]
+                          | psbox[1][m_sbox[1][r48l & 0xfff]]
+                          | psbox[2][m_sbox[2][r48r >> 12]]
+                          | psbox[3][m_sbox[3][r48r & 0xfff]];
+                        /*
+                         * Now that we've permuted things, complete f().
+                         */
+                        f ^= l;
+                        l = r;
+                        r = f;
+                }
+                r = l;
+                l = f;
+        }
+        /*
+         * Do final permutation (inverse of IP).
+         */
+        *l_out  = fp_maskl[0][l >> 24]
+                | fp_maskl[1][(l >> 16) & 0xff]
+                | fp_maskl[2][(l >> 8) & 0xff]
+                | fp_maskl[3][l & 0xff]
+                | fp_maskl[4][r >> 24]
+                | fp_maskl[5][(r >> 16) & 0xff]
+                | fp_maskl[6][(r >> 8) & 0xff]
+                | fp_maskl[7][r & 0xff];
+        *r_out  = fp_maskr[0][l >> 24]
+                | fp_maskr[1][(l >> 16) & 0xff]
+                | fp_maskr[2][(l >> 8) & 0xff]
+                | fp_maskr[3][l & 0xff]
+                | fp_maskr[4][r >> 24]
+                | fp_maskr[5][(r >> 16) & 0xff]
+                | fp_maskr[6][(r >> 8) & 0xff]
+                | fp_maskr[7][r & 0xff];
+        return(0);
+}
+int
+des_cipher(in, out, salt, count)
+        const char *in;
+        char *out;
+        int32_t salt;
+        int count;
+{
+        u_int32_t l_out, r_out, rawl, rawr;
+        u_int32_t x[2];
+        int     retval;
+        if (!des_initialised)
+                des_init();
+        setup_salt(salt);
+#if 0
+        rawl = ntohl(*((u_int32_t *) in)++);
+        rawr = ntohl(*((u_int32_t *) in));
+#else
+        memcpy(x, in, sizeof x);
+        rawl = ntohl(x[0]);
+        rawr = ntohl(x[1]);
+#endif
+        retval = do_des(rawl, rawr, &l_out, &r_out, count);
+#if 0
+        *((u_int32_t *) out)++ = htonl(l_out);
+        *((u_int32_t *) out) = htonl(r_out);
+#else
+        x[0] = htonl(l_out);
+        x[1] = htonl(r_out);
+        memcpy(out, x, sizeof x);
+#endif
+        return(retval);
+}
 int
 des_setkey(key)
        const char *key;
author	deraadt <>	1995-12-17 05:49:38 +0000
committer	deraadt <>	1995-12-17 05:49:38 +0000
commit	4c70e8e290177091087559c28d94840d5afd660b (patch)
tree	527e7918f48108afdee72e33a1c3a4517e6f3500
parent	767a35a43c1498fbfe4461e5456c6cd41f08de26 (diff)
download	openbsd-4c70e8e290177091087559c28d94840d5afd660b.tar.gz openbsd-4c70e8e290177091087559c28d94840d5afd660b.tar.bz2 openbsd-4c70e8e290177091087559c28d94840d5afd660b.zip

diff --git a/src/lib/libc/crypt/morecrypt.c b/src/lib/libc/crypt/morecrypt.c index 85ace2ecce..4b5be69f17 100644 --- a/src/lib/libc/crypt/morecrypt.c +++ b/src/lib/libc/crypt/morecrypt.c
@@ -1,4 +1,4 @@
1	/* $Id: morecrypt.c,v 1.1 1995/12/16 12:55:31 deraadt Exp $ */	1	/* $Id: morecrypt.c,v 1.2 1995/12/17 05:49:38 deraadt Exp $ */
2		2
3	/*	3	/*
4	* FreeSec: libcrypt	4	* FreeSec: libcrypt
@@ -209,6 +209,313 @@ ascii_to_bin(ch)
209	return(0);	209	return(0);
210	}	210	}
211		211
		212	void
		213	des_init()
		214	{
		215	int i, j, b, k, inbit, obit;
		216	u_int32_t p, il, ir, fl, *fr;
		217
		218	old_rawkey0 = old_rawkey1 = 0;
		219	saltbits = 0;
		220	old_salt = 0;
		221	bits24 = (bits28 = bits32 + 4) + 4;
		222
		223	/*
		224	* Invert the S-boxes, reordering the input bits.
		225	*/
		226	for (i = 0; i < 8; i++)
		227	for (j = 0; j < 64; j++) {
		228	b = (j & 0x20) \| ((j & 1) << 4) \| ((j >> 1) & 0xf);
		229	u_sbox[i][j] = sbox[i][b];
		230	}
		231
		232	/*
		233	* Convert the inverted S-boxes into 4 arrays of 8 bits.
		234	* Each will handle 12 bits of the S-box input.
		235	*/
		236	for (b = 0; b < 4; b++)
		237	for (i = 0; i < 64; i++)
		238	for (j = 0; j < 64; j++)
		239	m_sbox[b][(i << 6) \| j] =
		240	(u_sbox[(b << 1)][i] << 4) \|
		241	u_sbox[(b << 1) + 1][j];
		242
		243	/*
		244	* Set up the initial & final permutations into a useful form, and
		245	* initialise the inverted key permutation.
		246	*/
		247	for (i = 0; i < 64; i++) {
		248	init_perm[final_perm[i] = IP[i] - 1] = i;
		249	inv_key_perm[i] = 255;
		250	}
		251
		252	/*
		253	* Invert the key permutation and initialise the inverted key
		254	* compression permutation.
		255	*/
		256	for (i = 0; i < 56; i++) {
		257	u_key_perm[i] = key_perm[i] - 1;
		258	inv_key_perm[key_perm[i] - 1] = i;
		259	inv_comp_perm[i] = 255;
		260	}
		261
		262	/*
		263	* Invert the key compression permutation.
		264	*/
		265	for (i = 0; i < 48; i++) {
		266	inv_comp_perm[comp_perm[i] - 1] = i;
		267	}
		268
		269	/*
		270	* Set up the OR-mask arrays for the initial and final permutations,
		271	* and for the key initial and compression permutations.
		272	*/
		273	for (k = 0; k < 8; k++) {
		274	for (i = 0; i < 256; i++) {
		275	*(il = &ip_maskl[k][i]) = 0;
		276	*(ir = &ip_maskr[k][i]) = 0;
		277	*(fl = &fp_maskl[k][i]) = 0;
		278	*(fr = &fp_maskr[k][i]) = 0;
		279	for (j = 0; j < 8; j++) {
		280	inbit = 8 * k + j;
		281	if (i & bits8[j]) {
		282	if ((obit = init_perm[inbit]) < 32)
		283	*il \|= bits32[obit];
		284	else
		285	*ir \|= bits32[obit-32];
		286	if ((obit = final_perm[inbit]) < 32)
		287	*fl \|= bits32[obit];
		288	else
		289	*fr \|= bits32[obit - 32];
		290	}
		291	}
		292	}
		293	for (i = 0; i < 128; i++) {
		294	*(il = &key_perm_maskl[k][i]) = 0;
		295	*(ir = &key_perm_maskr[k][i]) = 0;
		296	for (j = 0; j < 7; j++) {
		297	inbit = 8 * k + j;
		298	if (i & bits8[j + 1]) {
		299	if ((obit = inv_key_perm[inbit]) == 255)
		300	continue;
		301	if (obit < 28)
		302	*il \|= bits28[obit];
		303	else
		304	*ir \|= bits28[obit - 28];
		305	}
		306	}
		307	*(il = &comp_maskl[k][i]) = 0;
		308	*(ir = &comp_maskr[k][i]) = 0;
		309	for (j = 0; j < 7; j++) {
		310	inbit = 7 * k + j;
		311	if (i & bits8[j + 1]) {
		312	if ((obit=inv_comp_perm[inbit]) == 255)
		313	continue;
		314	if (obit < 24)
		315	*il \|= bits24[obit];
		316	else
		317	*ir \|= bits24[obit - 24];
		318	}
		319	}
		320	}
		321	}
		322
		323	/*
		324	* Invert the P-box permutation, and convert into OR-masks for
		325	* handling the output of the S-box arrays setup above.
		326	*/
		327	for (i = 0; i < 32; i++)
		328	un_pbox[pbox[i] - 1] = i;
		329
		330	for (b = 0; b < 4; b++)
		331	for (i = 0; i < 256; i++) {
		332	*(p = &psbox[b][i]) = 0;
		333	for (j = 0; j < 8; j++) {
		334	if (i & bits8[j])
		335	p \|= bits32[un_pbox[8 b + j]];
		336	}
		337	}
		338
		339	des_initialised = 1;
		340	}
		341
		342	void
		343	setup_salt(salt)
		344	int32_t salt;
		345	{
		346	u_int32_t obit, saltbit;
		347	int i;
		348
		349	if (salt == old_salt)
		350	return;
		351	old_salt = salt;
		352
		353	saltbits = 0;
		354	saltbit = 1;
		355	obit = 0x800000;
		356	for (i = 0; i < 24; i++) {
		357	if (salt & saltbit)
		358	saltbits \|= obit;
		359	saltbit <<= 1;
		360	obit >>= 1;
		361	}
		362	}
		363
		364	int
		365	do_des(l_in, r_in, l_out, r_out, count)
		366	u_int32_t l_in, r_in, l_out, r_out;
		367	int count;
		368	{
		369	/*
		370	* l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format.
		371	*/
		372	u_int32_t mask, rawl, rawr, l, r, kl, kr, kl1, kr1;
		373	u_int32_t f, r48l, r48r;
		374	int i, j, b, round;
		375
		376	if (count == 0) {
		377	return(1);
		378	} else if (count > 0) {
		379	/*
		380	* Encrypting
		381	*/
		382	kl1 = en_keysl;
		383	kr1 = en_keysr;
		384	} else {
		385	/*
		386	* Decrypting
		387	*/
		388	count = -count;
		389	kl1 = de_keysl;
		390	kr1 = de_keysr;
		391	}
		392
		393	/*
		394	* Do initial permutation (IP).
		395	*/
		396	l = ip_maskl[0][l_in >> 24]
		397	\| ip_maskl[1][(l_in >> 16) & 0xff]
		398	\| ip_maskl[2][(l_in >> 8) & 0xff]
		399	\| ip_maskl[3][l_in & 0xff]
		400	\| ip_maskl[4][r_in >> 24]
		401	\| ip_maskl[5][(r_in >> 16) & 0xff]
		402	\| ip_maskl[6][(r_in >> 8) & 0xff]
		403	\| ip_maskl[7][r_in & 0xff];
		404	r = ip_maskr[0][l_in >> 24]
		405	\| ip_maskr[1][(l_in >> 16) & 0xff]
		406	\| ip_maskr[2][(l_in >> 8) & 0xff]
		407	\| ip_maskr[3][l_in & 0xff]
		408	\| ip_maskr[4][r_in >> 24]
		409	\| ip_maskr[5][(r_in >> 16) & 0xff]
		410	\| ip_maskr[6][(r_in >> 8) & 0xff]
		411	\| ip_maskr[7][r_in & 0xff];
		412
		413	while (count--) {
		414	/*
		415	* Do each round.
		416	*/
		417	kl = kl1;
		418	kr = kr1;
		419	round = 16;
		420	while (round--) {
		421	/*
		422	* Expand R to 48 bits (simulate the E-box).
		423	*/
		424	r48l = ((r & 0x00000001) << 23)
		425	\| ((r & 0xf8000000) >> 9)
		426	\| ((r & 0x1f800000) >> 11)
		427	\| ((r & 0x01f80000) >> 13)
		428	\| ((r & 0x001f8000) >> 15);
		429
		430	r48r = ((r & 0x0001f800) << 7)
		431	\| ((r & 0x00001f80) << 5)
		432	\| ((r & 0x000001f8) << 3)
		433	\| ((r & 0x0000001f) << 1)
		434	\| ((r & 0x80000000) >> 31);
		435	/*
		436	* Do salting for crypt() and friends, and
		437	* XOR with the permuted key.
		438	*/
		439	f = (r48l ^ r48r) & saltbits;
		440	r48l ^= f ^ *kl++;
		441	r48r ^= f ^ *kr++;
		442	/*
		443	* Do sbox lookups (which shrink it back to 32 bits)
		444	* and do the pbox permutation at the same time.
		445	*/
		446	f = psbox[0][m_sbox[0][r48l >> 12]]
		447	\| psbox[1][m_sbox[1][r48l & 0xfff]]
		448	\| psbox[2][m_sbox[2][r48r >> 12]]
		449	\| psbox[3][m_sbox[3][r48r & 0xfff]];
		450	/*
		451	* Now that we've permuted things, complete f().
		452	*/
		453	f ^= l;
		454	l = r;
		455	r = f;
		456	}
		457	r = l;
		458	l = f;
		459	}
		460	/*
		461	* Do final permutation (inverse of IP).
		462	*/
		463	*l_out = fp_maskl[0][l >> 24]
		464	\| fp_maskl[1][(l >> 16) & 0xff]
		465	\| fp_maskl[2][(l >> 8) & 0xff]
		466	\| fp_maskl[3][l & 0xff]
		467	\| fp_maskl[4][r >> 24]
		468	\| fp_maskl[5][(r >> 16) & 0xff]
		469	\| fp_maskl[6][(r >> 8) & 0xff]
		470	\| fp_maskl[7][r & 0xff];
		471	*r_out = fp_maskr[0][l >> 24]
		472	\| fp_maskr[1][(l >> 16) & 0xff]
		473	\| fp_maskr[2][(l >> 8) & 0xff]
		474	\| fp_maskr[3][l & 0xff]
		475	\| fp_maskr[4][r >> 24]
		476	\| fp_maskr[5][(r >> 16) & 0xff]
		477	\| fp_maskr[6][(r >> 8) & 0xff]
		478	\| fp_maskr[7][r & 0xff];
		479	return(0);
		480	}
		481
		482	int
		483	des_cipher(in, out, salt, count)
		484	const char *in;
		485	char *out;
		486	int32_t salt;
		487	int count;
		488	{
		489	u_int32_t l_out, r_out, rawl, rawr;
		490	u_int32_t x[2];
		491	int retval;
		492
		493	if (!des_initialised)
		494	des_init();
		495
		496	setup_salt(salt);
		497
		498	#if 0
		499	rawl = ntohl(((u_int32_t ) in)++);
		500	rawr = ntohl(((u_int32_t ) in));
		501	#else
		502	memcpy(x, in, sizeof x);
		503	rawl = ntohl(x[0]);
		504	rawr = ntohl(x[1]);
		505	#endif
		506	retval = do_des(rawl, rawr, &l_out, &r_out, count);
		507
		508	#if 0
		509	((u_int32_t ) out)++ = htonl(l_out);
		510	((u_int32_t ) out) = htonl(r_out);
		511	#else
		512	x[0] = htonl(l_out);
		513	x[1] = htonl(r_out);
		514	memcpy(out, x, sizeof x);
		515	#endif
		516	return(retval);
		517	}
		518
212	int	519	int
213	des_setkey(key)	520	des_setkey(key)
214	const char *key;	521	const char *key;