+++ /dev/null
-/*
- * lib/crypto/des/cksum.c
- *
- * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- *
- * These routines perform encryption and decryption using the DES
- * private key algorithm, or else a subset of it-- fewer inner loops.
- * (AUTH_DES_ITER defaults to 16, may be less.)
- *
- * Under U.S. law, this software may not be exported outside the US
- * without license from the U.S. Commerce department.
- *
- * These routines form the library interface to the DES facilities.
- *
- * spm 8/85 MIT project athena
- */
-
-
-#include <krb5/krb5.h>
-#include <krb5/ext-proto.h>
-
-#include "des_int.h"
-
-extern int mit_des_debug;
-
-/*
- * This routine performs DES cipher-block-chaining checksum operation,
- * a.k.a. Message Authentication Code. It ALWAYS encrypts from input
- * to a single 64 bit output MAC checksum.
- *
- * The key schedule is passed as an arg, as well as the cleartext or
- * ciphertext. The cleartext and ciphertext should be in host order.
- *
- * NOTE-- the output is ALWAYS 8 bytes long. If not enough space was
- * provided, your program will get trashed.
- *
- * The input is null padded, at the end (highest addr), to an integral
- * multiple of eight bytes.
- */
-
-void
-mit_des_cbc_cksum(in,out,length,key,iv)
- krb5_octet *in; /* >= length bytes of inputtext */
- krb5_octet *out; /* >= length bytes of outputtext */
- register long length; /* in bytes */
- mit_des_key_schedule key; /* precomputed key schedule */
- krb5_octet *iv; /* 8 bytes of ivec */
-{
- register unsigned long *input = (unsigned long *) in;
- register unsigned long *output = (unsigned long *) out;
- unsigned long *ivec = (unsigned long *) iv;
-
- unsigned long i,j;
- unsigned long t_input[2];
- unsigned long t_output[8];
- unsigned char *t_in_p;
-
- t_in_p = (unsigned char *) t_input;
-#ifdef MUSTALIGN
- if ((long) ivec & 3) {
- memcpy((char *)&t_output[0],(char *)ivec++,sizeof(t_output[0]));
- memcpy((char *)&t_output[1],(char *)ivec,sizeof(t_output[1]));
- }
- else
-#endif
- {
- t_output[0] = *ivec++;
- t_output[1] = *ivec;
- }
-
- for (i = 0; length > 0; i++, length -= 8) {
- /* get input */
-#ifdef MUSTALIGN
- if ((long) input & 3) {
- memcpy((char *)&t_input[0],(char *)input++,sizeof(t_input[0]));
- memcpy((char *)&t_input[1],(char *)input++,sizeof(t_input[1]));
- }
- else
-#endif
- {
- t_input[0] = *input++;
- t_input[1] = *input++;
- }
-
- /* zero pad */
- if (length < 8)
- for (j = length; j <= 7; j++)
- *(t_in_p+j)= 0;
-
-#ifdef DEBUG
- if (mit_des_debug)
- mit_des_debug_print("clear",length,t_input[0],t_input[1]);
-#endif
- /* do the xor for cbc into the temp */
- t_input[0] ^= t_output[0] ;
- t_input[1] ^= t_output[1] ;
- /* encrypt */
- (void) mit_des_ecb_encrypt(t_input,t_output,key,1);
-#ifdef DEBUG
- if (mit_des_debug) {
- mit_des_debug_print("xor'ed",i,t_input[0],t_input[1]);
- mit_des_debug_print("cipher",i,t_output[0],t_output[1]);
- }
-#else
-#ifdef lint
- i = i;
-#endif
-#endif
- }
- /* copy temp output and save it for checksum */
-#ifdef MUSTALIGN
- if ((long) output & 3) {
- memcpy((char *)output++,(char *)&t_output[0],sizeof(t_output[0]));
- memcpy((char *)output,(char *)&t_output[1],sizeof(t_output[1]));
- }
- else
-#endif
- {
- *output++ = t_output[0];
- *output = t_output[1];
- }
-
- return;
-}
+++ /dev/null
-/*
- * lib/crypto/des/enc_dec.c
- *
- * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- * These routines perform encryption and decryption using the DES
- * private key algorithm, or else a subset of it -- fewer inner loops.
- * (AUTH_DES_ITER defaults to 16, may be less.)
- *
- * Under U.S. law, this software may not be exported outside the US
- * without license from the U.S. Commerce department.
- *
- * These routines form the library interface to the DES facilities.
- *
- * Originally written 8/85 by Steve Miller, MIT Project Athena.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- *
- */
-
-
-
-#include <krb5/krb5.h>
-#include <krb5/ext-proto.h>
-#include <krb5/crc-32.h>
-
-#include "des_int.h"
-
-#ifdef DEBUG
-#include <stdio.h>
-
-extern int mit_des_debug;
-#endif
-
-/*
- * This routine performs DES cipher-block-chaining operation, either
- * encrypting from cleartext to ciphertext, if encrypt != 0 or
- * decrypting from ciphertext to cleartext, if encrypt == 0.
- *
- * The key schedule is passed as an arg, as well as the cleartext or
- * ciphertext. The cleartext and ciphertext should be in host order.
- *
- * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
- * enough space was provided, your program will get trashed.
- *
- * For encryption, the cleartext string is null padded, at the end, to
- * an integral multiple of eight bytes.
- *
- * For decryption, the ciphertext will be used in integral multiples
- * of 8 bytes, but only the first "length" bytes returned into the
- * cleartext.
- */
-
-krb5_error_code
-mit_des_cbc_encrypt(in,out,length,key,iv,encrypt)
- krb5_octet *in; /* >= length bytes of input text */
- krb5_octet *out; /* >= length bytes of output text */
- register long length; /* in bytes */
- mit_des_key_schedule key; /* precomputed key schedule */
- krb5_octet *iv; /* 8 bytes of ivec */
- int encrypt; /* 0 ==> decrypt, else encrypt */
-{
- int mit_des_ecb_encrypt();
-
- register unsigned long *input = (unsigned long *) in;
- register unsigned long *output = (unsigned long *) out;
- register unsigned long *ivec = (unsigned long *) iv;
-
- unsigned long i,j;
- unsigned long t_input[2];
- unsigned long t_output[2];
- unsigned char *t_in_p;
- unsigned long xor_0, xor_1;
-
- t_in_p = (unsigned char *) t_input;
- if (encrypt) {
-#ifdef MUSTALIGN
- if ((long) ivec & 3) {
- memcpy((char *)&t_output[0], (char *)ivec++, sizeof(t_output[0]));
- memcpy((char *)&t_output[1], (char *)ivec, sizeof(t_output[1]));
- }
- else
-#endif
- {
- t_output[0] = *ivec++;
- t_output[1] = *ivec;
- }
-
- for (i = 0; length > 0; i++, length -= 8) {
- /* get input */
-#ifdef MUSTALIGN
- if ((long) input & 3) {
- memcpy((char *)&t_input[0],(char *)input++,sizeof(t_input[0]));
- memcpy((char *)&t_input[1],(char *)input++,sizeof(t_input[1]));
- }
- else
-#endif
- {
- t_input[0] = *input++;
- t_input[1] = *input++;
- }
-
- /* zero pad */
- if (length < 8)
- for (j = length; j <= 7; j++)
- *(t_in_p+j)= 0;
-
-#ifdef DEBUG
- if (mit_des_debug)
- mit_des_debug_print("clear",length,t_input[0],t_input[1]);
-#endif
- /* do the xor for cbc into the temp */
- t_input[0] ^= t_output[0];
- t_input[1] ^= t_output[1];
- /* encrypt */
- (void) mit_des_ecb_encrypt(t_input,t_output,key,encrypt);
- /* copy temp output and save it for cbc */
-#ifdef MUSTALIGN
- if ((long) output & 3) {
- memcpy((char *)output++,(char *)&t_output[0],
- sizeof(t_output[0]));
- memcpy((char *)output++,(char *)&t_output[1],
- sizeof(t_output[1]));
- }
- else
-#endif
- {
- *output++ = t_output[0];
- *output++ = t_output[1];
- }
-
-#ifdef DEBUG
- if (mit_des_debug) {
- mit_des_debug_print("xor'ed",i,t_input[0],t_input[1]);
- mit_des_debug_print("cipher",i,t_output[0],t_output[1]);
- }
-#endif
- }
- return 0;
- }
-
- else {
- /* decrypt */
-#ifdef MUSTALIGN
- if ((long) ivec & 3) {
- memcpy((char *)&xor_0,(char *)ivec++,sizeof(xor_0));
- memcpy((char *)&xor_1,(char *)ivec,sizeof(xor_1));
- }
- else
-#endif
- {
- xor_0 = *ivec++;
- xor_1 = *ivec;
- }
-
- for (i = 0; length > 0; i++, length -= 8) {
- /* get input */
-#ifdef MUSTALIGN
- if ((long) input & 3) {
- memcpy((char *)&t_input[0],(char *)input++,sizeof(t_input[0]));
- memcpy((char *)&t_input[1],(char *)input++,sizeof(t_input[0]));
- }
- else
-#endif
- {
- t_input[0] = *input++;
- t_input[1] = *input++;
- }
-
- /* no padding for decrypt */
-#ifdef DEBUG
- if (mit_des_debug)
- mit_des_debug_print("cipher",i,t_input[0],t_input[1]);
-#else
-#ifdef lint
- i = i;
-#endif
-#endif
- /* encrypt */
- (void) mit_des_ecb_encrypt(t_input,t_output,key,encrypt);
-#ifdef DEBUG
- if (mit_des_debug)
- mit_des_debug_print("out pre xor",i,t_output[0],t_output[1]);
-#endif
- /* do the xor for cbc into the output */
- t_output[0] ^= xor_0;
- t_output[1] ^= xor_1;
- /* copy temp output */
-#ifdef MUSTALIGN
- if ((long) output & 3) {
- memcpy((char *)output++,(char *)&t_output[0],
- sizeof(t_output[0]));
- memcpy((char *)output++,(char *)&t_output[1],
- sizeof(t_output[1]));
- }
- else
-#endif
- {
- *output++ = t_output[0];
- *output++ = t_output[1];
- }
-
- /* save xor value for next round */
- xor_0 = t_input[0];
- xor_1 = t_input[1];
-#ifdef DEBUG
- if (mit_des_debug)
- mit_des_debug_print("clear",i,t_output[0],t_output[1]);
-#endif
- }
- return 0;
- }
-}
#include <krb5/krb5.h>
#include "des_int.h"
-#if !defined(LSBFIRST) && !defined(MSBFIRST)
-/* autoconf and Ferguson DES code */
void make_key_sched PROTOTYPE((mit_des_cblock, mit_des_key_schedule));
return 0;
}
-#else
-/* Imake and MIT DES code */
-
-#include "key_perm.h"
-
-extern int mit_des_debug;
-
-typedef char key[64];
-/* the following are really void but cc86 doesnt allow it */
-static void make_key_sched PROTOTYPE((key, mit_des_key_schedule));
-
-int
-mit_des_key_sched(k,schedule)
- register mit_des_cblock k; /* r11 */
- mit_des_key_schedule schedule;
-{
- /* better pass 8 bytes, length not checked here */
-
- register i, j, n; /* i = r10, j = r9, n = r8 */
- register unsigned int temp; /* r7 */
- register char *p_char; /* r6 */
- key k_char;
- i = 8;
- n = 0;
- p_char = k_char;
-
-#if defined(lint) || defined(SABER)
- n = n; /* fool it in case of VAXASM */
-#endif
-#ifdef DEBUG
- if (mit_des_debug)
- fprintf(stderr,"\n\ninput key, left to right = ");
-#endif
-
- if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */
- return(-1);
-
- do {
- /* get next input key byte */
-#ifdef DEBUG
- if (mit_des_debug)
- fprintf(stderr,"%02x ",*k & 0xff);
-#endif
- temp = (unsigned int) ((unsigned char) *k++);
- j = 8;
-
- do {
-#ifndef VAXASM
- *p_char++ = (int) temp & 01;
- temp = temp >> 1;
-#else
- asm("bicb3 $-2,r7,(r8)+[r6]");
- asm("rotl $-1,r7,r7");
-#endif
- } while (--j > 0);
- } while (--i > 0);
-
-#ifdef DEBUG
- if (mit_des_debug) {
- p_char = k_char;
- fprintf(stderr,"\nKey bits, from zero to 63");
- for (i = 0; i <= 7; i++) {
- fprintf(stderr,"\n\t");
- for (j = 0; j <=7; j++)
- fprintf(stderr,"%d ",*p_char++);
- }
- }
-#else
-#ifdef lint
- p_char = p_char;
-#endif
-#endif
-
- /* check against weak keys */
- k -= sizeof(mit_des_cblock);
-
- if (mit_des_is_weak_key(k))
- return(-2);
-
- make_key_sched(k_char,schedule);
-
- /* if key was good, return 0 */
- return 0;
-}
-
-static void
-make_key_sched(Key,Schedule)
- register key Key; /* r11 */
- mit_des_key_schedule Schedule;
-{
- /*
- * The key has been converted to an array to make this run faster;
- * on a microvax 2, this routine takes about 3.5ms. The code and
- * size of the arrays has been played with to get it as fast as
- * possible.
- *
- * Don't change the order of the declarations below without
- * checking the assembler code to make sure that things are still
- * where it expects them.
- */
-
- /* r10, unroll by AUTH_DES_ITER */
- register int iter = AUTH_DES_ITER ;
- register unsigned long *k; /* r9 */
- register int *kp; /* r8 */
- register unsigned long temp; /* r7 */
-
- kp = (int *) key_perm;
- k = (unsigned long *) Schedule;
-
- do {
- /*
- * create the Key schedule
- *
- * put into lsb first order (lsb is bit 0)
- */
-
- /*
- * On the uvax2, this C code below is as fast as straight
- * assembler, so just use C code below.
- */
- temp = 0;
-#ifdef LSBFIRST
-#define BIT(x) x
-#else
-#ifdef notdef
-#define BIT(x) rev_swap_bit_pos_0(x)
-#else
-#define BIT(x) x
-#endif
-#endif
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(0));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(1));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(2));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(3));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(4));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(5));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(6));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(7));
-
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(8));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(9));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(10));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(11));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(12));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(13));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(14));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(15));
-
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(16));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(17));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(18));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(19));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(20));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(21));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(22));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(23));
-
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(24));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(25));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(26));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(27));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(28));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(29));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(30));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(31));
-
- *k++ = temp;
- temp = 0;
-
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(0));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(1));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(2));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(3));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(4));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(5));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(6));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(7));
-
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(8));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(9));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(10));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(11));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(12));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(13));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(14));
- if ((unsigned) Key[(int) *kp++]) temp |= (1<< BIT(15));
-
- *k++ = temp;
-
- } while (--iter > 0);
-
-#ifdef DEBUG
- if (mit_des_debug) {
- char *n;
- int q;
- fprintf(stderr,"\nKey Schedule, left to right");
- for (i = 0; i < AUTH_DES_ITER; i++) {
- n = (char *) &Schedule[i];
- fprintf(stderr,"\n");
- for (q = 0; q <= 7; q++)
- fprintf(stderr,"%02x ",*n++ & 0xff);
- }
- fprintf(stderr,"\n");
- }
-#endif
-}
-#endif
#include "des_int.h"
-#ifdef DEBUG
-#include <stdio.h>
-
-extern int mit_des_debug;
-#endif
-
/*
encrypts "size" bytes at "in", storing result in "out".
"eblock" points to an encrypt block which has been initialized
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
- *
- * Wrapper for the V4 libdes for use with kerberos V5.
*/
#include "des_int.h"
-#ifdef DEBUG
-#include <stdio.h>
-extern int des_debug;
-#endif
-
/*
converts the string pointed to by "data" into an encryption key
of type "keytype". *keyblock is filled in with the key info;
/* init key array for bits */
memset(k_char,0,sizeof(k_char));
-#ifdef DEBUG
+#if 0
if (mit_des_debug)
fprintf(stdout,
"\n\ninput str length = %d string = %*s\nstring = 0x ",
for (i = 1; i <= length; i++) {
/* get next input key byte */
temp = (unsigned int) *str++;
-#ifdef DEBUG
+#if 0
if (mit_des_debug)
fprintf(stdout,"%02x ",temp & 0xff);
#endif
/* now fix up key parity again */
mit_des_fixup_key_parity(key);
-#ifdef DEBUG
+#if 0
if (mit_des_debug)
fprintf(stdout,
"\nResulting string_to_key = 0x%x 0x%x\n",