summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorderaadt <>2003-08-07 00:32:12 +0000
committerderaadt <>2003-08-07 00:32:12 +0000
commit7a11bcbd155f01a8b315f891a354adf5c012cc57 (patch)
treedaa1c3123de319a2aa083897bdd3ff49be362353
parent9f9cc8ed4f154b827f6b717b6d3cd5fbbb89ccf9 (diff)
downloadopenbsd-7a11bcbd155f01a8b315f891a354adf5c012cc57.tar.gz
openbsd-7a11bcbd155f01a8b315f891a354adf5c012cc57.tar.bz2
openbsd-7a11bcbd155f01a8b315f891a354adf5c012cc57.zip
unsplice crypt.c and morecrypt.c; start to document some bcrypt and md5crypt
things in crypt.3, and create MLINKS
Diffstat
-rw-r--r--src/lib/libc/crypt/Makefile.inc5
-rw-r--r--src/lib/libc/crypt/crypt.38
-rw-r--r--src/lib/libc/crypt/crypt.c84
-rw-r--r--src/lib/libc/crypt/morecrypt.c628
4 files changed, 67 insertions, 658 deletions
diff --git a/src/lib/libc/crypt/Makefile.inc b/src/lib/libc/crypt/Makefile.inc
index e64117fbd7..b65d64d770 100644
--- a/src/lib/libc/crypt/Makefile.inc
+++ b/src/lib/libc/crypt/Makefile.inc
@@ -1,12 +1,13 @@
1# $OpenBSD: Makefile.inc,v 1.13 1999/11/17 05:22:36 millert Exp $ 1# $OpenBSD: Makefile.inc,v 1.14 2003/08/07 00:32:12 deraadt Exp $
2 2
3.PATH: ${LIBCSRCDIR}/arch/${MACHINE_ARCH}/crypt ${LIBCSRCDIR}/crypt 3.PATH: ${LIBCSRCDIR}/arch/${MACHINE_ARCH}/crypt ${LIBCSRCDIR}/crypt
4 4
5SRCS+= cast.c crypt.c morecrypt.c md5crypt.c arc4random.c blowfish.c 5SRCS+= cast.c crypt.c md5crypt.c arc4random.c blowfish.c
6SRCS+= bcrypt.c skipjack.c 6SRCS+= bcrypt.c skipjack.c
7 7
8MAN+= crypt.3 blowfish.3 arc4random.3 8MAN+= crypt.3 blowfish.3 arc4random.3
9MLINKS+=crypt.3 encrypt.3 crypt.3 setkey.3 crypt.3 des_cipher.3 9MLINKS+=crypt.3 encrypt.3 crypt.3 setkey.3 crypt.3 des_cipher.3
10MLINKS+=crypt.3 bcrypt_gensalt.3 crypt.3 bcrypt.3 crypt.3 md5crypt.3
10MLINKS+=crypt.3 des_setkey.3 blowfish.3 blf_key.3 blowfish.3 blf_enc.3 11MLINKS+=crypt.3 des_setkey.3 blowfish.3 blf_key.3 blowfish.3 blf_enc.3
11MLINKS+=blowfish.3 blf_dec.3 blowfish.3 blf_ecb_encrypt.3 12MLINKS+=blowfish.3 blf_dec.3 blowfish.3 blf_ecb_encrypt.3
12MLINKS+=blowfish.3 blf_ecb_decrypt.3 blowfish.3 blf_cbc_encrypt.3 13MLINKS+=blowfish.3 blf_ecb_decrypt.3 blowfish.3 blf_cbc_encrypt.3
diff --git a/src/lib/libc/crypt/crypt.3 b/src/lib/libc/crypt/crypt.3
index f456cca7d3..32109dfac3 100644
--- a/src/lib/libc/crypt/crypt.3
+++ b/src/lib/libc/crypt/crypt.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: crypt.3,v 1.20 2003/05/30 13:06:02 jmc Exp $ 1.\" $OpenBSD: crypt.3,v 1.21 2003/08/07 00:32:12 deraadt Exp $
2.\" 2.\"
3.\" FreeSec: libcrypt 3.\" FreeSec: libcrypt
4.\" 4.\"
@@ -53,6 +53,12 @@
53.Fn des_setkey "const char *key" 53.Fn des_setkey "const char *key"
54.Ft int 54.Ft int
55.Fn des_cipher "const char *in" "char *out" "int32_t salt" "int count" 55.Fn des_cipher "const char *in" "char *out" "int32_t salt" "int count"
56.Ft char *
57.Fn bcrypt_gensalt "u_int8_t log_rounds"
58.Ft char *
59.Fn bcrypt "const char *key" "const char *salt"
60.Ft char *
61.Fn md5crypt "const char *key" "const char *salt"
56.Sh DESCRIPTION 62.Sh DESCRIPTION
57The 63The
58.Fn crypt 64.Fn crypt
diff --git a/src/lib/libc/crypt/crypt.c b/src/lib/libc/crypt/crypt.c
index 17b50b7f52..7f07f4e7ee 100644
--- a/src/lib/libc/crypt/crypt.c
+++ b/src/lib/libc/crypt/crypt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: crypt.c,v 1.16 2002/04/29 06:26:50 pvalchev Exp $ */ 1/* $OpenBSD: crypt.c,v 1.17 2003/08/07 00:32:12 deraadt Exp $ */
2 2
3/* 3/*
4 * FreeSec: libcrypt 4 * FreeSec: libcrypt
@@ -44,20 +44,16 @@
44 * pbox, and final permutations are inverted (this has been brought to the 44 * pbox, and final permutations are inverted (this has been brought to the
45 * attention of the author). A list of errata for this book has been 45 * attention of the author). A list of errata for this book has been
46 * posted to the sci.crypt newsgroup by the author and is available for FTP. 46 * posted to the sci.crypt newsgroup by the author and is available for FTP.
47 *
48 * NOTE:
49 * This file has a static version of des_setkey() so that crypt.o exports
50 * only the crypt() interface. This is required to make binaries linked
51 * against crypt.o exportable or re-exportable from the USA.
52 */ 47 */
53 48
54#if defined(LIBC_SCCS) && !defined(lint) 49#if defined(LIBC_SCCS) && !defined(lint)
55static char rcsid[] = "$OpenBSD: crypt.c,v 1.16 2002/04/29 06:26:50 pvalchev Exp $"; 50static char rcsid[] = "$OpenBSD: crypt.c,v 1.17 2003/08/07 00:32:12 deraadt Exp $";
56#endif /* LIBC_SCCS and not lint */ 51#endif /* LIBC_SCCS and not lint */
57 52
58#include <sys/types.h> 53#include <sys/types.h>
59#include <sys/param.h> 54#include <sys/param.h>
60#include <pwd.h> 55#include <pwd.h>
56#include <unistd.h>
61#include <string.h> 57#include <string.h>
62 58
63#ifdef DEBUG 59#ifdef DEBUG
@@ -189,8 +185,7 @@ static u_char ascii64[] =
189/* 0123456789012345678901234567890123456789012345678901234567890123 */ 185/* 0123456789012345678901234567890123456789012345678901234567890123 */
190 186
191static __inline int 187static __inline int
192ascii_to_bin(ch) 188ascii_to_bin(char ch)
193 char ch;
194{ 189{
195 if (ch > 'z') 190 if (ch > 'z')
196 return(0); 191 return(0);
@@ -208,7 +203,7 @@ ascii_to_bin(ch)
208} 203}
209 204
210static void 205static void
211des_init() 206des_init(void)
212{ 207{
213 int i, j, b, k, inbit, obit; 208 int i, j, b, k, inbit, obit;
214 u_int32_t *p, *il, *ir, *fl, *fr; 209 u_int32_t *p, *il, *ir, *fl, *fr;
@@ -338,8 +333,7 @@ des_init()
338} 333}
339 334
340static void 335static void
341setup_salt(salt) 336setup_salt(int32_t salt)
342 int32_t salt;
343{ 337{
344 u_int32_t obit, saltbit; 338 u_int32_t obit, saltbit;
345 int i; 339 int i;
@@ -359,9 +353,8 @@ setup_salt(salt)
359 } 353 }
360} 354}
361 355
362static int 356int
363des_setkey(key) 357des_setkey(const char *key)
364 const char *key;
365{ 358{
366 u_int32_t k0, k1, rawkey0, rawkey1; 359 u_int32_t k0, k1, rawkey0, rawkey1;
367 int shifts, round; 360 int shifts, round;
@@ -441,9 +434,8 @@ des_setkey(key)
441} 434}
442 435
443static int 436static int
444do_des(l_in, r_in, l_out, r_out, count) 437do_des(u_int32_t l_in, u_int32_t r_in, u_int32_t *l_out, u_int32_t *r_out,
445 u_int32_t l_in, r_in, *l_out, *r_out; 438 int count)
446 int count;
447{ 439{
448 /* 440 /*
449 * l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format. 441 * l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format.
@@ -558,12 +550,8 @@ do_des(l_in, r_in, l_out, r_out, count)
558 return(0); 550 return(0);
559} 551}
560 552
561static int 553int
562des_cipher(in, out, salt, count) 554des_cipher(const char *in, char *out, int32_t salt, int count)
563 const char *in;
564 char *out;
565 int32_t salt;
566 int count;
567{ 555{
568 u_int32_t l_out, r_out, rawl, rawr; 556 u_int32_t l_out, r_out, rawl, rawr;
569 u_int32_t x[2]; 557 u_int32_t x[2];
@@ -586,9 +574,7 @@ des_cipher(in, out, salt, count)
586} 574}
587 575
588char * 576char *
589crypt(key, setting) 577crypt(const char *key, const char *setting)
590 const char *key;
591 const char *setting;
592{ 578{
593 int i; 579 int i;
594 u_int32_t count, salt, l, r0, r1, keybuf[2]; 580 u_int32_t count, salt, l, r0, r1, keybuf[2];
@@ -683,6 +669,7 @@ crypt(key, setting)
683 p = output + 2; 669 p = output + 2;
684 } 670 }
685 setup_salt(salt); 671 setup_salt(salt);
672
686 /* 673 /*
687 * Do it. 674 * Do it.
688 */ 675 */
@@ -711,3 +698,46 @@ crypt(key, setting)
711 698
712 return((char *)output); 699 return((char *)output);
713} 700}
701
702int
703setkey(const char *key)
704{
705 int i, j;
706 u_int32_t packed_keys[2];
707 u_char *p;
708
709 p = (u_char *) packed_keys;
710
711 for (i = 0; i < 8; i++) {
712 p[i] = 0;
713 for (j = 0; j < 8; j++)
714 if (*key++ & 1)
715 p[i] |= bits8[j];
716 }
717 return(des_setkey(p));
718}
719
720int
721encrypt(char *block, int flag)
722{
723 u_int32_t io[2];
724 u_char *p;
725 int i, j, retval;
726
727 if (!des_initialised)
728 des_init();
729
730 setup_salt(0);
731 p = (u_char *)block;
732 for (i = 0; i < 2; i++) {
733 io[i] = 0L;
734 for (j = 0; j < 32; j++)
735 if (*p++ & 1)
736 io[i] |= bits32[j];
737 }
738 retval = do_des(io[0], io[1], io, io + 1, flag ? -1 : 1);
739 for (i = 0; i < 2; i++)
740 for (j = 0; j < 32; j++)
741 block[(i << 5) | j] = (io[i] & bits32[j]) ? 1 : 0;
742 return(retval);
743}
diff --git a/src/lib/libc/crypt/morecrypt.c b/src/lib/libc/crypt/morecrypt.c
deleted file mode 100644
index e9e0ced4c1..0000000000
--- a/src/lib/libc/crypt/morecrypt.c
+++ /dev/null
@@ -1,628 +0,0 @@
1/* $OpenBSD: morecrypt.c,v 1.9 1998/03/22 19:01:20 niklas Exp $ */
2
3/*
4 * FreeSec: libcrypt
5 *
6 * Copyright (c) 1994 David Burren
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 4. Neither the name of the author nor the names of other contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 *
33 *
34 * This is an original implementation of the DES and the crypt(3) interfaces
35 * by David Burren <davidb@werj.com.au>.
36 *
37 * An excellent reference on the underlying algorithm (and related
38 * algorithms) is:
39 *
40 * B. Schneier, Applied Cryptography: protocols, algorithms,
41 * and source code in C, John Wiley & Sons, 1994.
42 *
43 * Note that in that book's description of DES the lookups for the initial,
44 * pbox, and final permutations are inverted (this has been brought to the
45 * attention of the author). A list of errata for this book has been
46 * posted to the sci.crypt newsgroup by the author and is available for FTP.
47 *
48 * NOTE:
49 * This file must copy certain chunks of crypt.c for legal reasons.
50 * crypt.c can only export the interface crypt(), to make binaries
51 * exportable from the USA. Hence, to also have the other crypto interfaces
52 * available we have to copy pieces...
53 */
54
55#if defined(LIBC_SCCS) && !defined(lint)
56static char rcsid[] = "$OpenBSD: morecrypt.c,v 1.9 1998/03/22 19:01:20 niklas Exp $";
57#endif /* LIBC_SCCS and not lint */
58
59#include <sys/types.h>
60#include <sys/param.h>
61#include <pwd.h>
62#include <string.h>
63
64#ifdef DEBUG
65# include <stdio.h>
66#endif
67
68static u_char IP[64] = {
69 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4,
70 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8,
71 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3,
72 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7
73};
74
75static u_char inv_key_perm[64];
76static u_char u_key_perm[56];
77static u_char key_perm[56] = {
78 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18,
79 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36,
80 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22,
81 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4
82};
83
84static u_char key_shifts[16] = {
85 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
86};
87
88static u_char inv_comp_perm[56];
89static u_char comp_perm[48] = {
90 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10,
91 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2,
92 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48,
93 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32
94};
95
96/*
97 * No E box is used, as it's replaced by some ANDs, shifts, and ORs.
98 */
99
100static u_char u_sbox[8][64];
101static u_char sbox[8][64] = {
102 {
103 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
104 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
105 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
106 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13
107 },
108 {
109 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
110 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
111 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
112 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9
113 },
114 {
115 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
116 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
117 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
118 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12
119 },
120 {
121 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
122 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
123 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
124 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14
125 },
126 {
127 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
128 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
129 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
130 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3
131 },
132 {
133 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
134 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
135 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
136 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13
137 },
138 {
139 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
140 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
141 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
142 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12
143 },
144 {
145 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
146 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
147 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
148 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11
149 }
150};
151
152static u_char un_pbox[32];
153static u_char pbox[32] = {
154 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
155 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
156};
157
158static u_int32_t bits32[32] =
159{
160 0x80000000, 0x40000000, 0x20000000, 0x10000000,
161 0x08000000, 0x04000000, 0x02000000, 0x01000000,
162 0x00800000, 0x00400000, 0x00200000, 0x00100000,
163 0x00080000, 0x00040000, 0x00020000, 0x00010000,
164 0x00008000, 0x00004000, 0x00002000, 0x00001000,
165 0x00000800, 0x00000400, 0x00000200, 0x00000100,
166 0x00000080, 0x00000040, 0x00000020, 0x00000010,
167 0x00000008, 0x00000004, 0x00000002, 0x00000001
168};
169
170static u_char bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 };
171
172static u_int32_t saltbits;
173static int32_t old_salt;
174static u_int32_t *bits28, *bits24;
175static u_char init_perm[64], final_perm[64];
176static u_int32_t en_keysl[16], en_keysr[16];
177static u_int32_t de_keysl[16], de_keysr[16];
178static int des_initialised = 0;
179static u_char m_sbox[4][4096];
180static u_int32_t psbox[4][256];
181static u_int32_t ip_maskl[8][256], ip_maskr[8][256];
182static u_int32_t fp_maskl[8][256], fp_maskr[8][256];
183static u_int32_t key_perm_maskl[8][128], key_perm_maskr[8][128];
184static u_int32_t comp_maskl[8][128], comp_maskr[8][128];
185static u_int32_t old_rawkey0, old_rawkey1;
186
187static __inline int
188ascii_to_bin(ch)
189 char ch;
190{
191 if (ch > 'z')
192 return(0);
193 if (ch >= 'a')
194 return(ch - 'a' + 38);
195 if (ch > 'Z')
196 return(0);
197 if (ch >= 'A')
198 return(ch - 'A' + 12);
199 if (ch > '9')
200 return(0);
201 if (ch >= '.')
202 return(ch - '.');
203 return(0);
204}
205
206void
207des_init()
208{
209 int i, j, b, k, inbit, obit;
210 u_int32_t *p, *il, *ir, *fl, *fr;
211
212 old_rawkey0 = old_rawkey1 = 0;
213 saltbits = 0;
214 old_salt = 0;
215 bits24 = (bits28 = bits32 + 4) + 4;
216
217 /*
218 * Invert the S-boxes, reordering the input bits.
219 */
220 for (i = 0; i < 8; i++)
221 for (j = 0; j < 64; j++) {
222 b = (j & 0x20) | ((j & 1) << 4) | ((j >> 1) & 0xf);
223 u_sbox[i][j] = sbox[i][b];
224 }
225
226 /*
227 * Convert the inverted S-boxes into 4 arrays of 8 bits.
228 * Each will handle 12 bits of the S-box input.
229 */
230 for (b = 0; b < 4; b++)
231 for (i = 0; i < 64; i++)
232 for (j = 0; j < 64; j++)
233 m_sbox[b][(i << 6) | j] =
234 (u_sbox[(b << 1)][i] << 4) |
235 u_sbox[(b << 1) + 1][j];
236
237 /*
238 * Set up the initial & final permutations into a useful form, and
239 * initialise the inverted key permutation.
240 */
241 for (i = 0; i < 64; i++) {
242 init_perm[final_perm[i] = IP[i] - 1] = i;
243 inv_key_perm[i] = 255;
244 }
245
246 /*
247 * Invert the key permutation and initialise the inverted key
248 * compression permutation.
249 */
250 for (i = 0; i < 56; i++) {
251 u_key_perm[i] = key_perm[i] - 1;
252 inv_key_perm[key_perm[i] - 1] = i;
253 inv_comp_perm[i] = 255;
254 }
255
256 /*
257 * Invert the key compression permutation.
258 */
259 for (i = 0; i < 48; i++) {
260 inv_comp_perm[comp_perm[i] - 1] = i;
261 }
262
263 /*
264 * Set up the OR-mask arrays for the initial and final permutations,
265 * and for the key initial and compression permutations.
266 */
267 for (k = 0; k < 8; k++) {
268 for (i = 0; i < 256; i++) {
269 *(il = &ip_maskl[k][i]) = 0;
270 *(ir = &ip_maskr[k][i]) = 0;
271 *(fl = &fp_maskl[k][i]) = 0;
272 *(fr = &fp_maskr[k][i]) = 0;
273 for (j = 0; j < 8; j++) {
274 inbit = 8 * k + j;
275 if (i & bits8[j]) {
276 if ((obit = init_perm[inbit]) < 32)
277 *il |= bits32[obit];
278 else
279 *ir |= bits32[obit-32];
280 if ((obit = final_perm[inbit]) < 32)
281 *fl |= bits32[obit];
282 else
283 *fr |= bits32[obit - 32];
284 }
285 }
286 }
287 for (i = 0; i < 128; i++) {
288 *(il = &key_perm_maskl[k][i]) = 0;
289 *(ir = &key_perm_maskr[k][i]) = 0;
290 for (j = 0; j < 7; j++) {
291 inbit = 8 * k + j;
292 if (i & bits8[j + 1]) {
293 if ((obit = inv_key_perm[inbit]) == 255)
294 continue;
295 if (obit < 28)
296 *il |= bits28[obit];
297 else
298 *ir |= bits28[obit - 28];
299 }
300 }
301 *(il = &comp_maskl[k][i]) = 0;
302 *(ir = &comp_maskr[k][i]) = 0;
303 for (j = 0; j < 7; j++) {
304 inbit = 7 * k + j;
305 if (i & bits8[j + 1]) {
306 if ((obit=inv_comp_perm[inbit]) == 255)
307 continue;
308 if (obit < 24)
309 *il |= bits24[obit];
310 else
311 *ir |= bits24[obit - 24];
312 }
313 }
314 }
315 }
316
317 /*
318 * Invert the P-box permutation, and convert into OR-masks for
319 * handling the output of the S-box arrays setup above.
320 */
321 for (i = 0; i < 32; i++)
322 un_pbox[pbox[i] - 1] = i;
323
324 for (b = 0; b < 4; b++)
325 for (i = 0; i < 256; i++) {
326 *(p = &psbox[b][i]) = 0;
327 for (j = 0; j < 8; j++) {
328 if (i & bits8[j])
329 *p |= bits32[un_pbox[8 * b + j]];
330 }
331 }
332
333 des_initialised = 1;
334}
335
336void
337setup_salt(salt)
338 int32_t salt;
339{
340 u_int32_t obit, saltbit;
341 int i;
342
343 if (salt == old_salt)
344 return;
345 old_salt = salt;
346
347 saltbits = 0;
348 saltbit = 1;
349 obit = 0x800000;
350 for (i = 0; i < 24; i++) {
351 if (salt & saltbit)
352 saltbits |= obit;
353 saltbit <<= 1;
354 obit >>= 1;
355 }
356}
357
358int
359do_des(l_in, r_in, l_out, r_out, count)
360 u_int32_t l_in, r_in, *l_out, *r_out;
361 int count;
362{
363 /*
364 * l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format.
365 */
366 u_int32_t l, r, *kl, *kr, *kl1, *kr1;
367 u_int32_t f, r48l, r48r;
368 int round;
369
370 if (count == 0) {
371 return(1);
372 } else if (count > 0) {
373 /*
374 * Encrypting
375 */
376 kl1 = en_keysl;
377 kr1 = en_keysr;
378 } else {
379 /*
380 * Decrypting
381 */
382 count = -count;
383 kl1 = de_keysl;
384 kr1 = de_keysr;
385 }
386
387 /*
388 * Do initial permutation (IP).
389 */
390 l = ip_maskl[0][l_in >> 24]
391 | ip_maskl[1][(l_in >> 16) & 0xff]
392 | ip_maskl[2][(l_in >> 8) & 0xff]
393 | ip_maskl[3][l_in & 0xff]
394 | ip_maskl[4][r_in >> 24]
395 | ip_maskl[5][(r_in >> 16) & 0xff]
396 | ip_maskl[6][(r_in >> 8) & 0xff]
397 | ip_maskl[7][r_in & 0xff];
398 r = ip_maskr[0][l_in >> 24]
399 | ip_maskr[1][(l_in >> 16) & 0xff]
400 | ip_maskr[2][(l_in >> 8) & 0xff]
401 | ip_maskr[3][l_in & 0xff]
402 | ip_maskr[4][r_in >> 24]
403 | ip_maskr[5][(r_in >> 16) & 0xff]
404 | ip_maskr[6][(r_in >> 8) & 0xff]
405 | ip_maskr[7][r_in & 0xff];
406
407 while (count--) {
408 /*
409 * Do each round.
410 */
411 kl = kl1;
412 kr = kr1;
413 round = 16;
414 while (round--) {
415 /*
416 * Expand R to 48 bits (simulate the E-box).
417 */
418 r48l = ((r & 0x00000001) << 23)
419 | ((r & 0xf8000000) >> 9)
420 | ((r & 0x1f800000) >> 11)
421 | ((r & 0x01f80000) >> 13)
422 | ((r & 0x001f8000) >> 15);
423
424 r48r = ((r & 0x0001f800) << 7)
425 | ((r & 0x00001f80) << 5)
426 | ((r & 0x000001f8) << 3)
427 | ((r & 0x0000001f) << 1)
428 | ((r & 0x80000000) >> 31);
429 /*
430 * Do salting for crypt() and friends, and
431 * XOR with the permuted key.
432 */
433 f = (r48l ^ r48r) & saltbits;
434 r48l ^= f ^ *kl++;
435 r48r ^= f ^ *kr++;
436 /*
437 * Do sbox lookups (which shrink it back to 32 bits)
438 * and do the pbox permutation at the same time.
439 */
440 f = psbox[0][m_sbox[0][r48l >> 12]]
441 | psbox[1][m_sbox[1][r48l & 0xfff]]
442 | psbox[2][m_sbox[2][r48r >> 12]]
443 | psbox[3][m_sbox[3][r48r & 0xfff]];
444 /*
445 * Now that we've permuted things, complete f().
446 */
447 f ^= l;
448 l = r;
449 r = f;
450 }
451 r = l;
452 l = f;
453 }
454 /*
455 * Do final permutation (inverse of IP).
456 */
457 *l_out = fp_maskl[0][l >> 24]
458 | fp_maskl[1][(l >> 16) & 0xff]
459 | fp_maskl[2][(l >> 8) & 0xff]
460 | fp_maskl[3][l & 0xff]
461 | fp_maskl[4][r >> 24]
462 | fp_maskl[5][(r >> 16) & 0xff]
463 | fp_maskl[6][(r >> 8) & 0xff]
464 | fp_maskl[7][r & 0xff];
465 *r_out = fp_maskr[0][l >> 24]
466 | fp_maskr[1][(l >> 16) & 0xff]
467 | fp_maskr[2][(l >> 8) & 0xff]
468 | fp_maskr[3][l & 0xff]
469 | fp_maskr[4][r >> 24]
470 | fp_maskr[5][(r >> 16) & 0xff]
471 | fp_maskr[6][(r >> 8) & 0xff]
472 | fp_maskr[7][r & 0xff];
473 return(0);
474}
475
476int
477des_cipher(in, out, salt, count)
478 const char *in;
479 char *out;
480 long salt;
481 int count;
482{
483 u_int32_t l_out, r_out, rawl, rawr;
484 u_int32_t x[2];
485 int retval;
486
487 if (!des_initialised)
488 des_init();
489
490 setup_salt((int32_t)salt);
491
492 memcpy(x, in, sizeof x);
493 rawl = ntohl(x[0]);
494 rawr = ntohl(x[1]);
495 retval = do_des(rawl, rawr, &l_out, &r_out, count);
496
497 x[0] = htonl(l_out);
498 x[1] = htonl(r_out);
499 memcpy(out, x, sizeof x);
500 return(retval);
501}
502
503int
504des_setkey(key)
505 const char *key;
506{
507 u_int32_t k0, k1, rawkey0, rawkey1;
508 int shifts, round;
509
510 if (!des_initialised)
511 des_init();
512
513 rawkey0 = ntohl(*(u_int32_t *) key);
514 rawkey1 = ntohl(*(u_int32_t *) (key + 4));
515
516 if ((rawkey0 | rawkey1)
517 && rawkey0 == old_rawkey0
518 && rawkey1 == old_rawkey1) {
519 /*
520 * Already setup for this key.
521 * This optimisation fails on a zero key (which is weak and
522 * has bad parity anyway) in order to simplify the starting
523 * conditions.
524 */
525 return(0);
526 }
527 old_rawkey0 = rawkey0;
528 old_rawkey1 = rawkey1;
529
530 /*
531 * Do key permutation and split into two 28-bit subkeys.
532 */
533 k0 = key_perm_maskl[0][rawkey0 >> 25]
534 | key_perm_maskl[1][(rawkey0 >> 17) & 0x7f]
535 | key_perm_maskl[2][(rawkey0 >> 9) & 0x7f]
536 | key_perm_maskl[3][(rawkey0 >> 1) & 0x7f]
537 | key_perm_maskl[4][rawkey1 >> 25]
538 | key_perm_maskl[5][(rawkey1 >> 17) & 0x7f]
539 | key_perm_maskl[6][(rawkey1 >> 9) & 0x7f]
540 | key_perm_maskl[7][(rawkey1 >> 1) & 0x7f];
541 k1 = key_perm_maskr[0][rawkey0 >> 25]
542 | key_perm_maskr[1][(rawkey0 >> 17) & 0x7f]
543 | key_perm_maskr[2][(rawkey0 >> 9) & 0x7f]
544 | key_perm_maskr[3][(rawkey0 >> 1) & 0x7f]
545 | key_perm_maskr[4][rawkey1 >> 25]
546 | key_perm_maskr[5][(rawkey1 >> 17) & 0x7f]
547 | key_perm_maskr[6][(rawkey1 >> 9) & 0x7f]
548 | key_perm_maskr[7][(rawkey1 >> 1) & 0x7f];
549 /*
550 * Rotate subkeys and do compression permutation.
551 */
552 shifts = 0;
553 for (round = 0; round < 16; round++) {
554 u_int32_t t0, t1;
555
556 shifts += key_shifts[round];
557
558 t0 = (k0 << shifts) | (k0 >> (28 - shifts));
559 t1 = (k1 << shifts) | (k1 >> (28 - shifts));
560
561 de_keysl[15 - round] =
562 en_keysl[round] = comp_maskl[0][(t0 >> 21) & 0x7f]
563 | comp_maskl[1][(t0 >> 14) & 0x7f]
564 | comp_maskl[2][(t0 >> 7) & 0x7f]
565 | comp_maskl[3][t0 & 0x7f]
566 | comp_maskl[4][(t1 >> 21) & 0x7f]
567 | comp_maskl[5][(t1 >> 14) & 0x7f]
568 | comp_maskl[6][(t1 >> 7) & 0x7f]
569 | comp_maskl[7][t1 & 0x7f];
570
571 de_keysr[15 - round] =
572 en_keysr[round] = comp_maskr[0][(t0 >> 21) & 0x7f]
573 | comp_maskr[1][(t0 >> 14) & 0x7f]
574 | comp_maskr[2][(t0 >> 7) & 0x7f]
575 | comp_maskr[3][t0 & 0x7f]
576 | comp_maskr[4][(t1 >> 21) & 0x7f]
577 | comp_maskr[5][(t1 >> 14) & 0x7f]
578 | comp_maskr[6][(t1 >> 7) & 0x7f]
579 | comp_maskr[7][t1 & 0x7f];
580 }
581 return(0);
582}
583
584int
585setkey(key)
586 const char *key;
587{
588 int i, j;
589 u_int32_t packed_keys[2];
590 u_char *p;
591
592 p = (u_char *) packed_keys;
593
594 for (i = 0; i < 8; i++) {
595 p[i] = 0;
596 for (j = 0; j < 8; j++)
597 if (*key++ & 1)
598 p[i] |= bits8[j];
599 }
600 return(des_setkey(p));
601}
602
603int
604encrypt(block, flag)
605 char *block;
606 int flag;
607{
608 u_int32_t io[2];
609 u_char *p;
610 int i, j, retval;
611
612 if (!des_initialised)
613 des_init();
614
615 setup_salt((int32_t)0);
616 p = (u_char *)block;
617 for (i = 0; i < 2; i++) {
618 io[i] = 0L;
619 for (j = 0; j < 32; j++)
620 if (*p++ & 1)
621 io[i] |= bits32[j];
622 }
623 retval = do_des(io[0], io[1], io, io + 1, flag ? -1 : 1);
624 for (i = 0; i < 2; i++)
625 for (j = 0; j < 32; j++)
626 block[(i << 5) | j] = (io[i] & bits32[j]) ? 1 : 0;
627 return(retval);
628}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 09:48:09 +0000