+Mon Oct 27 01:06:34 1997 Tom Yu <tlyu@mit.edu>
+
+ * d3_cbc.c, des.h, des_int.h, f_cbc.c, f_cksum.c, f_ecb.c,
+ f_pcbc.c, f_sched.c, f_tables.c, f_tables.h: Change KRB_INT32 to
+ DES_INT32 to avoid temptation to misuse.
+
+ * d3_cbc.c, d3_ecb.c, f_cbc.c, f_cksum.c, f_ecb.c, f_parity.c,
+ f_pcbc.c, f_sched.c, f_tables.c: Don't include des.h; it's broken
+ in ways. Use only des_int.h instead.
+
Tue Oct 21 13:22:23 1997 Ezra Peisach <epeisach@mit.edu>
* Makefile.in (RUN_SETUP): Set KRB5_CONFIG.
* express or implied warranty.
*/
-#include "des.h"
#include "des_int.h"
#include "f_tables.h"
mit_des_cblock ivec;
int encrypt;
{
- register unsigned KRB_INT32 left, right;
- register unsigned KRB_INT32 temp;
- register unsigned KRB_INT32 *kp1, *kp2, *kp3;
+ register unsigned DES_INT32 left, right;
+ register unsigned DES_INT32 temp;
+ register unsigned DES_INT32 *kp1, *kp2, *kp3;
register unsigned char *ip, *op;
/*
* Get key pointer here. This won't need to be reinitialized
*/
- kp1 = (unsigned KRB_INT32 *)ks1;
- kp2 = (unsigned KRB_INT32 *)ks2;
- kp3 = (unsigned KRB_INT32 *)ks3;
+ kp1 = (unsigned DES_INT32 *)ks1;
+ kp2 = (unsigned DES_INT32 *)ks2;
+ kp3 = (unsigned DES_INT32 *)ks3;
/*
* Deal with encryption and decryption separately.
* the necessity of remembering a lot more things.
* Should think about this a little more...
*/
- unsigned KRB_INT32 ocipherl, ocipherr;
- unsigned KRB_INT32 cipherl, cipherr;
+ unsigned DES_INT32 ocipherl, ocipherr;
+ unsigned DES_INT32 cipherl, cipherr;
if (length <= 0)
return 0;
* express or implied warranty.
*/
-#include "des.h"
#include "des_int.h"
#include "f_tables.h"
#include "k5-int.h"
-#ifndef KRB_INT32
+#ifndef DES_INT32
#ifdef SIZEOF_INT
#if SIZEOF_INT >= 4
-#define KRB_INT32 int
+#define DES_INT32 int
#else
-#define KRB_INT32 long
+#define DES_INT32 long
#endif
#else /* !defined(SIZEOF_INT) */
#include <limits.h>
#if (UINT_MAX >= 0xffffffff)
-#define KRB_INT32 int
+#define DES_INT32 int
#else
-#define KRB_INT32 long
+#define DES_INT32 long
#endif
#endif /* !defined(SIZEOF_INT) */
-#endif /* !defined(KRB_INT32) */
+#endif /* !defined(DES_INT32) */
-#ifndef KRB_UINT32
-#define KRB_UINT32 unsigned KRB_INT32
+#ifndef DES_UINT32
+#define DES_UINT32 unsigned DES_INT32
#endif
#ifndef NCOMPAT
#ifndef DES_INTERNAL_DEFS
#define DES_INTERNAL_DEFS
-#include "des.h"
-
+#include <k5-int.h>
/*
* Begin "mit-des.h"
*/
typedef krb5_octet mit_des_cblock[8]; /* crypto-block size */
-#ifndef KRB_INT32
+#ifndef DES_INT32
#ifdef SIZEOF_INT
#if SIZEOF_INT >= 4
-#define KRB_INT32 int
+#define DES_INT32 int
#else
-#define KRB_INT32 long
+#define DES_INT32 long
#endif
#else /* !defined(SIZEOF_INT) */
#include <limits.h>
#if (UINT_MAX >= 0xffffffff)
-#define KRB_INT32 int
+#define DES_INT32 int
#else
-#define KRB_INT32 long
+#define DES_INT32 long
#endif
#endif /* !defined(SIZEOF_INT) */
-#endif /* !defined(KRB_INT32) */
+#endif /* !defined(DES_INT32) */
/* Key schedule--used internally by DES routines to gain some speed */
typedef struct mit_des_ks_struct {
- KRB_INT32 _[2];
+ DES_INT32 _[2];
} mit_des_key_schedule[16];
/* Triple-DES structures */
/*
* des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
*/
-#include "des.h"
#include "des_int.h"
#include "f_tables.h"
mit_des_cblock ivec;
int encrypt;
{
- register unsigned KRB_INT32 left, right;
- register unsigned KRB_INT32 temp;
- register unsigned KRB_INT32 *kp;
+ register unsigned DES_INT32 left, right;
+ register unsigned DES_INT32 temp;
+ register unsigned DES_INT32 *kp;
register unsigned char *ip, *op;
/*
* Get key pointer here. This won't need to be reinitialized
*/
- kp = (unsigned KRB_INT32 *)schedule;
+ kp = (unsigned DES_INT32 *)schedule;
/*
* Deal with encryption and decryption separately.
* the necessity of remembering a lot more things.
* Should think about this a little more...
*/
- unsigned KRB_INT32 ocipherl, ocipherr;
- unsigned KRB_INT32 cipherl, cipherr;
+ unsigned DES_INT32 ocipherl, ocipherr;
+ unsigned DES_INT32 cipherl, cipherr;
if (length <= 0)
return 0;
/*
* des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode
*/
-#include "des.h"
#include "des_int.h"
#include "f_tables.h"
mit_des_key_schedule schedule;
krb5_octet FAR *ivec;
{
- register unsigned KRB_INT32 left, right;
- register unsigned KRB_INT32 temp;
- register unsigned KRB_INT32 *kp;
+ register unsigned DES_INT32 left, right;
+ register unsigned DES_INT32 temp;
+ register unsigned DES_INT32 *kp;
register unsigned char *ip;
- register KRB_INT32 len;
+ register DES_INT32 len;
/*
* Initialize left and right with the contents of the initial
/*
* Encrypt what we have
*/
- kp = (unsigned KRB_INT32 *)schedule;
+ kp = (unsigned DES_INT32 *)schedule;
DES_DO_ENCRYPT(left, right, temp, kp);
}
/*
* Return right. I'll bet the MIT code returns this
* inconsistantly (with the low order byte of the checksum
- * not always in the low order byte of the KRB_INT32). We won't.
+ * not always in the low order byte of the DES_INT32). We won't.
*/
return right;
}
/*
* des_ecb_encrypt.c - do an encryption in ECB mode
*/
-#include "des.h"
#include "des_int.h"
#include "f_tables.h"
mit_des_key_schedule schedule;
int encrypt;
{
- register unsigned KRB_INT32 left, right;
- register unsigned KRB_INT32 temp;
+ register unsigned DES_INT32 left, right;
+ register unsigned DES_INT32 temp;
register int i;
{
* sets of keys in the key schedule instead).
*/
if (encrypt) {
- register unsigned KRB_INT32 *kp;
+ register unsigned DES_INT32 *kp;
- kp = (unsigned KRB_INT32 *)schedule;
+ kp = (unsigned DES_INT32 *)schedule;
for (i = 0; i < 8; i++) {
DES_SP_ENCRYPT_ROUND(left, right, temp, kp);
DES_SP_ENCRYPT_ROUND(right, left, temp, kp);
}
} else {
- register unsigned KRB_INT32 *kp;
+ register unsigned DES_INT32 *kp;
/*
* Point kp past end of schedule
*/
- kp = ((unsigned KRB_INT32 *)schedule) + (2 * 16);;
+ kp = ((unsigned DES_INT32 *)schedule) + (2 * 16);;
for (i = 0; i < 8; i++) {
DES_SP_DECRYPT_ROUND(left, right, temp, kp);
DES_SP_DECRYPT_ROUND(right, left, temp, kp);
*/
-#include "des.h"
#include "des_int.h"
/*
/*
* des_pcbc_encrypt.c - encrypt a string of characters in error propagation mode
*/
-#include "des.h"
#include "des_int.h"
#include "f_tables.h"
mit_des_cblock ivec;
int encrypt;
{
- register unsigned KRB_INT32 left, right;
- register unsigned KRB_INT32 temp;
- register unsigned KRB_INT32 *kp;
+ register unsigned DES_INT32 left, right;
+ register unsigned DES_INT32 temp;
+ register unsigned DES_INT32 *kp;
register unsigned char *ip, *op;
/*
* Copy the key pointer, just once
*/
- kp = (unsigned KRB_INT32 *)schedule;
+ kp = (unsigned DES_INT32 *)schedule;
/*
* Deal with encryption and decryption separately.
*/
if (encrypt) {
- register unsigned KRB_INT32 plainl;
- register unsigned KRB_INT32 plainr;
+ register unsigned DES_INT32 plainl;
+ register unsigned DES_INT32 plainr;
/*
* Initialize left and right with the contents of the initial
* the necessity of remembering a lot more things.
* Should think about this a little more...
*/
- unsigned KRB_INT32 ocipherl, ocipherr;
- unsigned KRB_INT32 cipherl, cipherr;
+ unsigned DES_INT32 ocipherl, ocipherr;
+ unsigned DES_INT32 cipherl, cipherr;
if (length <= 0)
return 0;
/*
* des_make_sched.c - permute a DES key, returning the resulting key schedule
*/
-#include "des.h"
#include "k5-int.h"
#include "des_int.h"
* The code that uses these tables knows which bits from which
* part of each key are used to form Ci and Di.
*/
-static const unsigned KRB_INT32 PC1_CL[8] = {
+static const unsigned DES_INT32 PC1_CL[8] = {
0x00000000, 0x00000010, 0x00001000, 0x00001010,
0x00100000, 0x00100010, 0x00101000, 0x00101010
};
-static const unsigned KRB_INT32 PC1_DL[16] = {
+static const unsigned DES_INT32 PC1_DL[16] = {
0x00000000, 0x00100000, 0x00001000, 0x00101000,
0x00000010, 0x00100010, 0x00001010, 0x00101010,
0x00000001, 0x00100001, 0x00001001, 0x00101001,
0x00000011, 0x00100011, 0x00001011, 0x00101011
};
-static const unsigned KRB_INT32 PC1_CR[16] = {
+static const unsigned DES_INT32 PC1_CR[16] = {
0x00000000, 0x00000001, 0x00000100, 0x00000101,
0x00010000, 0x00010001, 0x00010100, 0x00010101,
0x01000000, 0x01000001, 0x01000100, 0x01000101,
0x01010000, 0x01010001, 0x01010100, 0x01010101
};
-static const unsigned KRB_INT32 PC1_DR[8] = {
+static const unsigned DES_INT32 PC1_DR[8] = {
0x00000000, 0x01000000, 0x00010000, 0x01010000,
0x00000100, 0x01000100, 0x00010100, 0x01010100
};
* rearranged to produce keys which match the order we will apply them
* in in the des code.
*/
-static const unsigned KRB_INT32 PC2_C[4][64] = {
+static const unsigned DES_INT32 PC2_C[4][64] = {
0x00000000, 0x00000004, 0x00010000, 0x00010004,
0x00000400, 0x00000404, 0x00010400, 0x00010404,
0x00000020, 0x00000024, 0x00010020, 0x00010024,
0x04001202, 0x04001212, 0x0c001202, 0x0c001212
};
-static const unsigned KRB_INT32 PC2_D[4][64] = {
+static const unsigned DES_INT32 PC2_D[4][64] = {
0x00000000, 0x02000000, 0x00020000, 0x02020000,
0x00000100, 0x02000100, 0x00020100, 0x02020100,
0x00000008, 0x02000008, 0x00020008, 0x02020008,
mit_des_cblock key;
mit_des_key_schedule schedule;
{
- register unsigned KRB_INT32 c, d;
+ register unsigned DES_INT32 c, d;
{
/*
- * Need a pointer for the keys and a temporary KRB_INT32
+ * Need a pointer for the keys and a temporary DES_INT32
*/
register unsigned char *k;
- register unsigned KRB_INT32 tmp;
+ register unsigned DES_INT32 tmp;
/*
* Fetch the key into something we can work with
* the right, while D0 gets 16 from the left and 12 from the
* right. The code knows which bits go where.
*/
- tmp = ((unsigned KRB_INT32)(*(k)++)) << 24;
- tmp |= ((unsigned KRB_INT32)(*(k)++)) << 16;
- tmp |= ((unsigned KRB_INT32)(*(k)++)) << 8;
- tmp |= (unsigned KRB_INT32)(*(k)++); /* left part of key */
+ tmp = ((unsigned DES_INT32)(*(k)++)) << 24;
+ tmp |= ((unsigned DES_INT32)(*(k)++)) << 16;
+ tmp |= ((unsigned DES_INT32)(*(k)++)) << 8;
+ tmp |= (unsigned DES_INT32)(*(k)++); /* left part of key */
c = PC1_CL[(tmp >> 29) & 0x7]
| (PC1_CL[(tmp >> 21) & 0x7] << 1)
| (PC1_CL[(tmp >> 13) & 0x7] << 2)
| (PC1_DL[(tmp >> 9) & 0xf] << 2)
| (PC1_DL[(tmp >> 1) & 0xf] << 3);
- tmp = ((unsigned KRB_INT32)(*(k)++)) << 24;
- tmp |= ((unsigned KRB_INT32)(*(k)++)) << 16;
- tmp |= ((unsigned KRB_INT32)(*(k)++)) << 8;
- tmp |= (unsigned KRB_INT32)(*(k)++); /* right part of key */
+ tmp = ((unsigned DES_INT32)(*(k)++)) << 24;
+ tmp |= ((unsigned DES_INT32)(*(k)++)) << 16;
+ tmp |= ((unsigned DES_INT32)(*(k)++)) << 8;
+ tmp |= (unsigned DES_INT32)(*(k)++); /* right part of key */
c |= PC1_CR[(tmp >> 28) & 0xf]
| (PC1_CR[(tmp >> 20) & 0xf] << 1)
| (PC1_CR[(tmp >> 12) & 0xf] << 2)
/*
* Need several temporaries in here
*/
- register unsigned KRB_INT32 ltmp, rtmp;
- register unsigned KRB_INT32 *k;
+ register unsigned DES_INT32 ltmp, rtmp;
+ register unsigned DES_INT32 *k;
register int two_bit_shifts;
register int i;
/*
* 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes.
* The schedule must be this big.
*/
- k = (unsigned KRB_INT32 *)schedule;
+ k = (unsigned DES_INT32 *)schedule;
two_bit_shifts = TWO_BIT_SHIFTS;
for (i = 16; i > 0; i--) {
/*
* Include the header file so something will complain if the
* declarations get out of sync
*/
-#include "des.h"
+#include "des_int.h"
#include "f_tables.h"
/*
* byte shifted left by three. Clear?
*/
-const unsigned KRB_INT32 des_IP_table[256] = {
+const unsigned DES_INT32 des_IP_table[256] = {
0x00000000, 0x00000010, 0x00000001, 0x00000011,
0x00001000, 0x00001010, 0x00001001, 0x00001011,
0x00000100, 0x00000110, 0x00000101, 0x00000111,
* is or'd with the result from the next byte shifted left 2 bits,
* which is or'd with the result from the low byte.
*/
-const unsigned KRB_INT32 des_FP_table[256] = {
+const unsigned DES_INT32 des_FP_table[256] = {
0x00000000, 0x02000000, 0x00020000, 0x02020000,
0x00000200, 0x02000200, 0x00020200, 0x02020200,
0x00000002, 0x02000002, 0x00020002, 0x02020002,
* table combined. This table is actually reordered from the
* spec, to match the order of key application we follow.
*/
-const unsigned KRB_INT32 des_SP_table[8][64] = {
+const unsigned DES_INT32 des_SP_table[8][64] = {
0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */
0x00000400, 0x02000401, 0x00100401, 0x02100400,
0x02100401, 0x00100000, 0x00000000, 0x02000001,
* These may be declared const if you wish. Be sure to change the
* declarations in des_tables.c as well.
*/
-extern const unsigned KRB_INT32 des_IP_table[256];
-extern const unsigned KRB_INT32 des_FP_table[256];
-extern const unsigned KRB_INT32 des_SP_table[8][64];
+extern const unsigned DES_INT32 des_IP_table[256];
+extern const unsigned DES_INT32 des_FP_table[256];
+extern const unsigned DES_INT32 des_SP_table[8][64];
/*
* Use standard shortforms to reference these to save typing
* and decryption key schedules would allow one to use the same code
* for both.
*
- * left, right and temp should be unsigned KRB_INT32 values. left and right
+ * left, right and temp should be unsigned DES_INT32 values. left and right
* should be the high and low order parts of the cipher block at the
* current stage of processing (this makes sense if you read the spec).
- * kp should be an unsigned KRB_INT32 pointer which points at the current
+ * kp should be an unsigned DES_INT32 pointer which points at the current
* set of subkeys in the key schedule. It is advanced to the next set
* (i.e. by 8 bytes) when this is done.
*
* Macros to help deal with the initial permutation table. Note
* the IP table only deals with 32 bits at a time, allowing us to
* collect the bits we need to deal with each half into an unsigned
- * KRB_INT32. By carefully selecting how the bits are ordered we also
+ * DES_INT32. By carefully selecting how the bits are ordered we also
* take advantages of symmetries in the table so that we can use a
* single table to compute the permutation of all bytes. This sounds
* complicated, but if you go through the process of designing the
* The follow macros compute the set of bits used to index the
* table for produce the left and right permuted result.
*
- * The inserted cast to unsigned KRB_INT32 circumvents a bug in
+ * The inserted cast to unsigned DES_INT32 circumvents a bug in
* the Macintosh MPW 3.2 C compiler which loses the unsignedness and
* propagates the high-order bit in the shift.
*/
((((left) & 0x55555555) << 1) | ((right) & 0x55555555))
#define DES_IP_RIGHT_BITS(left, right) \
(((left) & 0xaaaaaaaa) | \
- ( ( (unsigned KRB_INT32) ((right) & 0xaaaaaaaa) ) >> 1))
+ ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1))
/*
* The following macro does an in-place initial permutation given
* temporary. Use this more as a guide for rolling your own, though.
* The best way to do the IP depends on the form of the data you
* are dealing with. If you use this, though, try to make left,
- * right and temp register unsigned KRB_INT32s.
+ * right and temp register unsigned DES_INT32s.
*/
#define DES_INITIAL_PERM(left, right, temp) \
(temp) = DES_IP_RIGHT_BITS((left), (right)); \
* this as to the initial permutation, except that we use different
* bits and shifts.
*
- * The inserted cast to unsigned KRB_INT32 circumvents a bug in
+ * The inserted cast to unsigned DES_INT32 circumvents a bug in
* the Macintosh MPW 3.2 C compiler which loses the unsignedness and
* propagates the high-order bit in the shift.
*/
((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f))
#define DES_FP_RIGHT_BITS(left, right) \
(((left) & 0xf0f0f0f0) | \
- ( ( (unsigned KRB_INT32) ((right) & 0xf0f0f0f0) ) >> 4))
+ ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4))
/*
/*
* Finally, as a sample of how all this might be held together, the
* following two macros do in-place encryptions and decryptions. left
- * and right are two unsigned KRB_INT32 variables which at the beginning
+ * and right are two unsigned DES_INT32 variables which at the beginning
* are expected to hold the clear (encrypted) block in host byte order
* (left the high order four bytes, right the low order). At the end
- * they will contain the encrypted (clear) block. temp is an unsigned KRB_INT32
- * used as a temporary. kp is an unsigned KRB_INT32 pointer pointing at
+ * they will contain the encrypted (clear) block. temp is an unsigned DES_INT32
+ * used as a temporary. kp is an unsigned DES_INT32 pointer pointing at
* the start of the key schedule. All these should be in registers.
*
* You can probably do better than these by rewriting for particular
* Included here because they're used a couple of places.
*/
#define GET_HALF_BLOCK(lr, ip) \
- (lr) = ((unsigned KRB_INT32)(*(ip)++)) << 24; \
- (lr) |= ((unsigned KRB_INT32)(*(ip)++)) << 16; \
- (lr) |= ((unsigned KRB_INT32)(*(ip)++)) << 8; \
- (lr) |= (unsigned KRB_INT32)(*(ip)++)
+ (lr) = ((unsigned DES_INT32)(*(ip)++)) << 24; \
+ (lr) |= ((unsigned DES_INT32)(*(ip)++)) << 16; \
+ (lr) |= ((unsigned DES_INT32)(*(ip)++)) << 8; \
+ (lr) |= (unsigned DES_INT32)(*(ip)++)
#define PUT_HALF_BLOCK(lr, op) \
*(op)++ = (unsigned char) (((lr) >> 24) & 0xff); \
/* Shorthand that we'll need in several places, for creating values that
really can hold 32 bits regardless of the prevailing int size. */
-#define FF_UINT32 ((unsigned KRB_INT32) 0xFF)
+#define FF_UINT32 ((unsigned DES_INT32) 0xFF)
#endif /* __DES_TABLES_H__ */