From 39ccb4102625c0491c66414d6ad382ed5c86b8f5 Mon Sep 17 00:00:00 2001 From: Theodore Tso Date: Fri, 30 Sep 1994 02:05:40 +0000 Subject: [PATCH] Removed MIT DES implementation; only use Fergeson DES Fix destest and verify so that they work with the new DES libraries. "make check" will run the DES test suite. (Note that all of the krb5 libraries have to be built, since they depend on them.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4393 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/des/Makefile.in | 38 +-- src/lib/crypto/des/configure.in | 3 + src/lib/crypto/des/des.c | 463 -------------------------------- src/lib/crypto/des/destest.c | 138 +++++----- src/lib/crypto/des/f_cbc.c | 20 ++ src/lib/crypto/des/f_cksum.c | 15 ++ src/lib/crypto/des/key_parity.c | 73 ----- src/lib/crypto/des/make_e.c | 58 ---- src/lib/crypto/des/make_fp.c | 80 ------ src/lib/crypto/des/make_ip.c | 71 ----- src/lib/crypto/des/make_kp.c | 222 --------------- src/lib/crypto/des/make_odd.c | 61 ----- src/lib/crypto/des/make_p.c | 66 ----- src/lib/crypto/des/make_pt.c | 81 ------ src/lib/crypto/des/make_s.c | 49 ---- src/lib/crypto/des/make_st.c | 83 ------ src/lib/crypto/des/misc.c | 366 ------------------------- src/lib/crypto/des/tables.h | 122 --------- src/lib/crypto/des/verify.c | 37 ++- 19 files changed, 153 insertions(+), 1893 deletions(-) delete mode 100644 src/lib/crypto/des/des.c delete mode 100644 src/lib/crypto/des/key_parity.c delete mode 100644 src/lib/crypto/des/make_e.c delete mode 100644 src/lib/crypto/des/make_fp.c delete mode 100644 src/lib/crypto/des/make_ip.c delete mode 100644 src/lib/crypto/des/make_kp.c delete mode 100644 src/lib/crypto/des/make_odd.c delete mode 100644 src/lib/crypto/des/make_p.c delete mode 100644 src/lib/crypto/des/make_pt.c delete mode 100644 src/lib/crypto/des/make_s.c delete mode 100644 src/lib/crypto/des/make_st.c delete mode 100644 src/lib/crypto/des/misc.c delete mode 100644 src/lib/crypto/des/tables.h diff --git a/src/lib/crypto/des/Makefile.in b/src/lib/crypto/des/Makefile.in index 196ffc91f..8f475bc27 100644 --- a/src/lib/crypto/des/Makefile.in +++ b/src/lib/crypto/des/Makefile.in @@ -1,18 +1,22 @@ CFLAGS = $(CCOPTS) $(DEFS) LDFLAGS = -g +ISODELIB=@ISODELIB@ +COMERRLIB=$(BUILDTOP)/util/et/libcom_err.a + all:: $(OBJS) +KLIB = $(TOPLIBD)/libkrb5.a $(TOPLIBD)/libcrypto.a $(ISODELIB) $(COMERRLIB) +DEPKLIB = $(TOPLIBD)/libkrb5.a $(TOPLIBD)/libcrypto.a $(COMERRLIB) + OTHERSRCS=$(srcdir)/f_cbc.c $(srcdir)/f_cksum.c $(srcdir)/f_pcbc.c \ $(srcdir)/f_sched.c $(srcdir)/f_ecb.c $(srcdir)/f_parity.c \ $(srcdir)/f_tables.c OTHEROBJS=f_cbc.o f_cksum.o f_pcbc.o f_sched.o f_ecb.o f_parity.o f_tables.o -OBJS= cksum.o \ - cbc_cksum.o \ +OBJS= cbc_cksum.o \ cs_entry.o \ - enc_dec.o \ krb_glue.o \ finish_key.o \ fin_rndkey.o \ @@ -25,10 +29,8 @@ OBJS= cksum.o \ weak_key.o \ $(OTHEROBJS) -SRCS= $(srcdir)/cksum.c \ - $(srcdir)/cs_entry.c \ +SRCS= $(srcdir)/cs_entry.c \ $(srcdir)/cbc_cksum.c \ - $(srcdir)/enc_dec.c \ $(srcdir)/krb_glue.c \ $(srcdir)/finish_key.c \ $(srcdir)/fin_rndkey.c \ @@ -49,22 +51,20 @@ depend:: $(SRCS) clean:: $(RM) fp.c ip.c key_perm.h odd.h p.c p_table.h s_table.h -EXT_LIB = $(TOP)/lib/krb5/error_tables/krb5_err.o \ - $(TOP)/lib/krb5/error_tables/isode_err.o \ - $(TOP)/lib/crypto/cryptoconf.o \ - $(TOP)/lib/crypto/crc-32/libcrc32.a \ - libdes.a $(OSLIB) $(COMERRLIB) - -verify: verify.o libdes.o - $(RM) verify.o - $(CC) -o $@ verify.o $(LDFLAGS) $(EXT_LIB) +verify: verify.o $(DEPKLIB) + $(CC) -o $@ verify.o $(KLIB) $(LIBS) $(LDFLAGS) clean:: - $(RM) verify + $(RM) verify destest + +destest: destest.o $(DEPKLIB) + $(CC) -o $@ destest.o $(KLIB) $(LIBS) $(LDFLAGS) -destest: destest.o libdes.o - $(RM) destest.o - $(CC) -o $@ destest.o $(LDFLAGS) $(EXT_LIB) +check:: destest verify + ./verify -z + ./verify -m + ./verify + ./destest < $(srcdir)/keytest.data clean:: $(RM) destest diff --git a/src/lib/crypto/des/configure.in b/src/lib/crypto/des/configure.in index 52832f2ac..344288171 100644 --- a/src/lib/crypto/des/configure.in +++ b/src/lib/crypto/des/configure.in @@ -2,6 +2,9 @@ AC_INIT(configure.in) WITH_CCOPTS AC_SET_BUILDTOP CONFIG_RULES +AC_HAVE_LIBRARY(socket) +AC_HAVE_LIBRARY(nsl) SubdirLibraryRule([${OBJS}]) KRB_INCLUDE +ISODE_INCLUDE AC_OUTPUT(Makefile,[EXTRA_RULES]) diff --git a/src/lib/crypto/des/des.c b/src/lib/crypto/des/des.c deleted file mode 100644 index af04eb195..000000000 --- a/src/lib/crypto/des/des.c +++ /dev/null @@ -1,463 +0,0 @@ -/* - * lib/crypto/des/des.c - * - * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute - * of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * These routines perform encryption and decryption using the DES - * private key algorithm, or else a subset of it-- fewer inner loops. - * (AUTH_DES_ITER defaults to 16, may be less.) - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * The key schedule is passed as an arg, as well as the cleartext or - * ciphertext. - * - * All registers labeled imply Vax using the Ultrix or 4.2bsd - * compiler. - * - * - * NOTE: bit and byte numbering: - * DES algorithm is defined in terms of bits of L - * followed by bits of R. - * bit 0 ==> lsb of L - * bit 63 ==> msb of R - * - * Always work in register pairs, FROM L1,R1 TO L2,R2 to make - * bookkeeping easier. - * - * originally written by Steve Miller, MIT Project Athena - */ - - - -#include -#include -#include "des_int.h" -#include "s_table.h" -#include "p_table.h" - -#ifdef DEBUG -#define DBG_PRINT(s) if (mit_des_debug & 2) \ - mit_des_debug_print(s,i,L1&0xffff,(L1>>16)&0xffff, \ - R1&0xffff,(R1>>16)&0xffff) -#else -#define DBG_PRINT(s) -#endif - -extern int mit_des_debug; - -int -mit_des_ecb_encrypt(clear, cipher, schedule, encrypt) - unsigned long *clear; - unsigned long *cipher; - int encrypt; /* 0 ==> decrypt, else encrypt */ - register mit_des_key_schedule schedule; /* r11 */ -{ - - /* better pass 8 bytes, length not checked here */ - - register unsigned long R1, L1; /* R1 = r10, L1 = r9 */ - register unsigned long R2, L2; /* R2 = r8, L2 = r7 */ - long i; - /* one more registers left on VAX, see below P_temp_p */ -#ifdef BITS16 - sbox_in_16_a S_in_16_a; - sbox_in_16_b S_in_16_b; - sbox_in_16_c S_in_16_c; - unsigned int *S_in_a_16_p = (unsigned int *) &S_in_16_a; - unsigned int *S_in_b_16_p = (unsigned int *) &S_in_16_b; - unsigned int *S_in_c_16_p = (unsigned int *) &S_in_16_c; -#endif -#ifndef BITS32 -#ifndef BITS16 - dunno how to do this machine type, you lose; -#endif -#endif - unsigned long P_temp; - register unsigned char *P_temp_p = (unsigned char *) & P_temp; -#ifdef BITS16 - sbox_out S_out; - unsigned long *S_out_p = (unsigned long *) &S_out; -#endif - unsigned long R_save, L_save; -#ifdef DEBUG - unsigned long dbg_tmp[2]; -#endif - - /* - * Use L1,R1 and L2,R2 as two sets of "64-bit" registers always - * work from L1,R1 input to L2,R2 output; initialize the cleartext - * into registers. - */ -#ifdef MUSTALIGN -#ifdef DEBUG - /* - * If the alignment is wrong, the programmer really screwed up -- - * we aren't even getting the right data type. His problem. Keep - * this code for debugging. - */ - /* Make sure schedule is ok */ - if ((long) schedule & 3) { - fprintf(stderr,"des.c schedule arg pointer not aligned\n"); - abort(); - } -#endif - if ((long) clear & 3) { - memcpy((char *)&L_save,(char *)clear++,sizeof(L_save)); - memcpy((char *)&R_save,(char *)clear,sizeof(R_save)); - L1 = L_save; - R1 = R_save; - } - else -#endif - { - if (clear) L1 = *clear++; - else L1 = 0; - if (clear) R1 = *clear; - else R1 = 0; - } - -#ifdef DEBUG - if (mit_des_debug & 2) { - printf("All values printed from low byte (bit 0)"); - printf(" --> high byte (bit 63)\n"); - i = 0; - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - printf("iter = %2d before IP\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } - - DBG_PRINT("before IP"); -#endif - -/* IP_start:*/ - - /* all the Initial Permutation code is in the include file */ -#include "ip.c" - /* reset input to L1,R1 */ - L1 = L2; - R1 = R2; - - /* iterate through the inner loop */ - for (i = 0; i <= (AUTH_DES_ITER-1); i++) { - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - printf("iter = %2d start loop\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - DBG_PRINT("start loop"); - } - -#endif - - R_save = R1; - L_save = L1; - -/* E_start:*/ - /* apply the E permutation from R1 to L2, R2 */ -#ifndef VAXASM -#ifdef SLOW_E -#include "e.c" -#else /* Bill's fast E */ - L2 = (R1 << 1); - if (R1 & (1<<31)) - L2 |= 1<<0; - L2 &= 077; - L2 |= (R1 <<3) & 07700; - L2 |= (R1 <<5) & 0770000; - L2 |= (R1 <<7) & 077000000; - L2 |= (R1 <<9) & 07700000000; - L2 |= (R1 <<11) & 030000000000; - - /* now from right to right */ - - R2 = ((R1 >> 17) & 0176000); - if (R1 & (1<<0)) R2 |= 1<<15; - - R2 |= ((R1 >> 21) & 017); - R2 |= ((R1 >> 19) & 01760); -#endif /* SLOW_E */ -#else /* VAXASM */ - /* E operations */ - /* right to left */ - asm(" rotl $1,r10,r7"); - L2 &= 077; - L2 |= (R1 <<3) & 07700; - L2 |= (R1 <<5) & 0770000; - L2 |= (R1 <<7) & 077000000; - L2 |= (R1 <<9) & 07700000000; - L2 |= (R1 <<11) & 030000000000; - - asm(" rotl $-17,r10,r8"); - R2 &= 0176000; - asm(" rotl $-21,r10,r0"); - asm(" bicl2 $-16,r0"); - asm(" bisl2 r0,r8"); - asm(" rotl $-19,r10,r0"); - asm(" bicl2 $-1009,r0"); - asm(" bisl2 r0,r8"); - -#endif - - /* reset input to L1,R1 */ - L1 = L2; - R1 = R2; - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("after e"); - printf("iter = %2d after e\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } -#endif - -/* XOR_start:*/ - /* - * XOR with the key schedule, "schedule" - * - * If this is an encryption operation, use schedule[i], - * otherwise use schedule [AUTH_DES_ITER-i-1] - * - * First XOR left half. - */ - if (encrypt) { - L1 ^= *(((unsigned long *) &schedule[i] )+0); - /* now right half */ - R1 ^= *(((unsigned long *) &schedule[i] )+1); - } - else { - L1 ^= *(((unsigned long *) &schedule[AUTH_DES_ITER-i-1] )+0); - /* now right half */ - R1 ^= *(((unsigned long *) &schedule[AUTH_DES_ITER-i-1] )+1); - } - - /* dont have to reset input to L1, R1 */ - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("after xor"); - printf("iter = %2d after xor\n\t\tL1 R1 =",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } -#endif - -/* S_start:*/ - /* apply the S selection from L1, R1 to R2 */ - -#ifdef notdef -#include "s.c" -#endif - - /* S operations , cant use registers for bit field stuff */ - /* from S_in to S_out */ - -#ifdef BITS16 - *S_in_a_16_p = L1&0xffff; - *S_in_b_16_p = (L1>>16)&0xffff; - *S_in_c_16_p = R1&0xffff; - (*(unsigned long *) &S_out) = - (unsigned) S_adj[0][S_in_16_a.b0]; - S_out.b1 = (unsigned) S_adj[1][S_in_16_a.b1]; - /* b2 spans two words */ - S_out.b2 = (unsigned) - S_adj[2][(unsigned) S_in_16_a.b2 - + (((unsigned) S_in_16_b.b2) << 4)]; - S_out.b3 = (unsigned) S_adj[3][S_in_16_b.b3]; - S_out.b4 = (unsigned) S_adj[4][S_in_16_b.b4]; - /* b5 spans both parts */ - S_out.b5 = (unsigned) - S_adj[5][(unsigned) S_in_16_b.b5 - + (((unsigned) S_in_16_c.b5) << 2)]; - S_out.b6 = (unsigned) S_adj[6][S_in_16_c.b6]; - S_out.b7 = (unsigned) S_adj[7][S_in_16_c.b7]; - R1 = *S_out_p; -#else - /* is a 32 bit sys */ -#ifndef VAXASM - R2 = (unsigned) S_adj[0][L1 & 077]; - L2 = (unsigned) S_adj[1][(L1 >> 6) & 077]; - R2 |= (L2 <<4 ); - L2 = (unsigned) S_adj[2][(L1 >> 12) & 077]; - R2 |= (L2 <<8); - L2 = (unsigned) S_adj[3][(L1 >> 18) & 077]; - R2 |= (L2 <<12); - L2 = (unsigned) S_adj[4][(L1 >> 24) & 077]; - R2 |= (L2 <<16); - /* b5 spans both parts */ - L2 = (unsigned) - S_adj[5][(unsigned) ((L1 >>30) & 03) + ((R1 & 017) << 2)]; - R2 |= (L2 << 20); - L2 = (unsigned) S_adj[6][(R1 >> 4) & 077]; - R2 |= (L2 <<24); - L2 = (unsigned) S_adj[7][(R1 >> 10) & 077]; - R1 = R2 | (L2 <<28); - /* reset input to L1, R1 */ -#else /* vaxasm */ - /* - * this is the c code produced above, with - * extzv replaced by rotl - */ - asm("bicl3 $-64,r9,r0"); - asm("movzbl _S_adj[r0],r8"); - asm("rotl $-6,r9,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+64[r0],r7"); - asm("ashl $4,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-12,r9,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+128[r0],r7"); - asm("ashl $8,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-18,r9,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+192[r0],r7"); - asm("ashl $12,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-24,r9,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+256[r0],r7"); - asm("ashl $16,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-30,r9,r0"); - asm("bicl2 $-4,r0"); - asm("bicl3 $-16,r10,r1"); - asm("ashl $2,r1,r1"); - asm("addl2 r1,r0"); - asm("movzbl _S_adj+320[r0],r7"); - asm("ashl $20,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-4,r10,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+384[r0],r7"); - asm("ashl $24,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-10,r10,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+448[r0],r7"); - asm("ashl $28,r7,r0"); - asm("bisl2 r8,r0"); - asm("movl r0,r10"); - -#endif /* vaxasm */ -#endif - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("after s"); - printf("iter = %2d after s\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } -#endif - -/* P_start:*/ - /* and then the p permutation from R1 into R2 */ -#include "p.c" - /* reset the input to L1, R1 */ - R1 = R2; - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("after p"); - printf("iter = %2d after p\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } -#endif - - /* R1 is the output value from the f() */ - /* move R[iter] to L[iter+1] */ -/* XOR_2_start:*/ - L1 = R_save; - /* xor with left */ - R1 = L_save ^ R1; - /* reset the input */ - } - - /* flip left and right before final permutation */ - L2 = R1; /* flip */ - R2 = L1; - /* reset the input */ - L1 = L2; - R1 = R2; - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("before FP"); - printf("iter = %2d before FP\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } - -#endif - -/*FP_start:*/ - /* do the final permutation from L1R1 to L2R2 */ - /* all the fp code is in the include file */ -#include "fp.c" - - /* copy the output to the ciphertext string; - * can be same as cleartext - */ - -#ifdef MUSTALIGN - if ((long) cipher & 3) { - L_save = L2; /* cant bcopy a reg */ - R_save = R2; - memcpy((char *)cipher++,(char *)&L_save,sizeof(L_save)); - memcpy((char *)cipher,(char *)&R_save,sizeof(R_save)); - } - else -#endif - { - *cipher++ = L2; - *cipher = R2; - } - -#ifdef DEBUG - if (mit_des_debug & 2) { - L1 = L2; - R1 = R2; - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("done"); - printf("iter = %2d done\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } -#endif - - /* that's it, no errors can be returned */ - return 0; -} - diff --git a/src/lib/crypto/des/destest.c b/src/lib/crypto/des/destest.c index a3824be66..19075354b 100644 --- a/src/lib/crypto/des/destest.c +++ b/src/lib/crypto/des/destest.c @@ -25,21 +25,13 @@ */ -/* - * -DBSD_DES will test the BSD DES library. - * without, it will test the MIT DES implementation. - */ - -#ifndef BSD_DES #include #include #include #include extern int errno; -extern krb5_cryptosystem_entry mit_des_cryptosystem_entry; extern mit_des_ecb_encrypt(); -#endif #include @@ -53,41 +45,23 @@ char *argv[]; { char block1[17], block2[17], block3[17]; -#ifdef BSD_DES - char oldkey[65], oldinput[65], oldoutput[65]; -#else krb5_encrypt_block eblock; krb5_keyblock keyblock; mit_des_cblock key, input, output, output2; krb5_error_code retval; -#endif + int num = 0; int error = 0; -#ifndef BSD_DES /* do some initialisation */ initialize_krb5_error_table(); - eblock.crypto_entry = &mit_des_cryptosystem_entry; + krb5_use_cstype(&eblock, ETYPE_DES_CBC_CRC); keyblock.keytype = KEYTYPE_DES; keyblock.length = sizeof (mit_des_cblock); keyblock.contents = (krb5_octet *)key; -#endif while (scanf("%16s %16s %16s", block1, block2, block3) == 3) { -#ifdef BSD_DES - convert(block1, oldkey); - convert(block2, oldinput); - convert(block3, oldoutput); - setkey(oldkey); - encrypt(oldinput, 0); - if (strncmp(oldinput, oldoutput, 64)) { - fprintf(stderr, - "DES ERROR, key %s, text %s\n\treal cipher %s\n\tcomputed %s\n", - block1, block2, oldoutput, oldinput); - error++; - } -#else convert(block1, key); convert(block2, input); convert(block3, output); @@ -101,7 +75,22 @@ char *argv[]; if (memcmp((char *)output2, (char *)output, 8)) { fprintf(stderr, - "DES ERROR, key %s, text %s, real cipher %s, computed %02X%02X%02X%02X%02X%02X%02X%02X\n", + "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n", + block1, block2, block3, + output2[0],output2[1],output2[2],output2[3], + output2[4],output2[5],output2[6],output2[7]); + error++; + } + + /* + * Now try decrypting.... + */ + mit_des_ecb_encrypt(output, output2, + (struct mit_des_ks_struct *)eblock.priv,0); + + if (memcmp((char *)output2, (char *)input, 8)) { + fprintf(stderr, + "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n", block1, block2, block3, output2[0],output2[1],output2[2],output2[3], output2[4],output2[5],output2[6],output2[7]); @@ -112,13 +101,13 @@ char *argv[]; com_err("des verify", retval, "can't finish key"); exit(-1); } -#endif + num++; } if (error) printf("destest: failed to pass the test\n"); else - printf("destest: test is passed successfully\n"); + printf("destest: %d tests passed successfully\n", num); exit( (error > 256 && error % 256) ? 1 : error); } @@ -142,32 +131,6 @@ unsigned int value[128] = { -1, -1, -1, -1, -1, -1, -1, -1, }; -#ifdef BSD_DES -char *value2[16] = { - "0000", "0001", "0010", "0011", - "0100", "0101", "0110", "0111", - "1000", "1001", "1010", "1011", - "1100", "1101", "1110", "1111", -}; - -void -convert(text, cblock) -char *text; -char cblock[]; -{ - register int i; - for (i = 0; i < 16; i++) { - if (value[text[i]] == -1) { - printf("Bad value nybble %d in %s\n", i, text); - exit(1); - } - memcpy(&cblock[i*4], value2[value[text[i]]], 4); - } - cblock[64] = 0; - return; -} - -#else void convert(text, cblock) char *text; @@ -183,23 +146,19 @@ unsigned char cblock[]; } return; } -#endif -#ifndef BSD_DES +/* + * Fake out the DES library, for the purposes of testing. + */ + +#include "des.h" + int mit_des_is_weak_key(key) mit_des_cblock key; { return 0; /* fake it out for testing */ } -#endif - -#ifndef __STDC__ -#define const -#endif - -#ifndef BSD_DES -#include "odd.h" void des_cblock_print_file(x, fp) @@ -218,20 +177,45 @@ des_cblock_print_file(x, fp) fprintf(fp," }"); } + +#define smask(step) ((1<>step)&smask(step))) +#define parity_char(x) pstep(pstep(pstep((x),4),2),1) + +/* + * des_check_key_parity: returns true iff key has the correct des parity. + * See des_fix_key_parity for the definition of + * correct des parity. + */ int -des_check_key_parity(key) - register mit_des_cblock key; +mit_des_check_key_parity(key) + register des_cblock key; { int i; + + for (i=0; i -#include "des_int.h" - -#include "odd.h" /* Load compile-time generated odd_parity table */ - -/* - * des_fixup_key_parity: Forces odd parity per byte; parity is bits - * 8,16,...64 in des order, implies 0, 8, 16, ... - * vax order. - */ -void -mit_des_fixup_key_parity(key) - register mit_des_cblock key; -{ - int i; - - for (i=0; i -#include -#include "des_int.h" -#include "tables.h" - -void gen(stream) - FILE *stream; -{ - register i; - - /* clear the output */ - fprintf(stream, " L2 = 0; R2 = 0;\n"); - - /* only take bits from R1, put into either L2 or R2 */ - /* first setup E */ - fprintf(stream, "/* E operations */\n/* right to left */\n"); - /* first list mapping from left to left */ - - for (i = 0; i <= 31; i++) - if (E[i] < 32) - fprintf(stream, - " if (R1 & (1<<%2d)) L2 |= 1<<%2d;\n", E[i], i); - - fprintf(stream, "\n/* now from right to right */\n"); - /* list mapping from left to right */ - for (i = 32; i <= 47; i++) - if (E[i] <32) - fprintf(stream, " if (R1 & (1<<%2d)) R2 |= 1<<%2d;\n", - E[i], i-32); -} diff --git a/src/lib/crypto/des/make_fp.c b/src/lib/crypto/des/make_fp.c deleted file mode 100644 index 500ea8516..000000000 --- a/src/lib/crypto/des/make_fp.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * lib/crypto/des/make_fp.c - * - * Copyright 1988, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This file contains a generation routine for source code - * implementing the final permutation of the DES. - */ - - -#include -#include -#include -#include "des_int.h" -#include "tables.h" - -void gen (stream) - FILE * stream; -{ - register i; - - /* clear the output */ - fprintf(stream," L2 = 0; R2 = 0;\n"); - - /* - * NOTE: As part of the final permutation, we also have to adjust - * for host bit order via "swap_bit_pos_0()". Since L2,R2 are - * the output from this, we adjust the bit positions written into - * L2,R2. - */ - -#define SWAP(i,j) \ - swap_long_bytes_bit_number(swap_bit_pos_0_to_ansi((unsigned)i)-j) - - /* first setup FP */ - fprintf(stream, - "/* FP operations */\n/* first left to left */\n"); - - /* first list mapping from left to left */ - for (i = 0; i <= 31; i++) - if (FP[i] < 32) - test_set(stream, "L1", FP[i], "L2", SWAP(i,0)); - - /* now mapping from right to left */ - fprintf(stream,"\n\n/* now from right to left */\n"); - for (i = 0; i <= 31; i++) - if (FP[i] >= 32) - test_set(stream, "R1", FP[i]-32, "L2", SWAP(i,0)); - - fprintf(stream,"\n/* now from left to right */\n"); - - /* list mapping from left to right */ - for (i = 32; i <= 63; i++) - if (FP[i] <32) - test_set(stream, "L1", FP[i], "R2", SWAP(i,32)); - - /* now mapping from right to right */ - fprintf(stream,"\n/* last from right to right */\n"); - for (i = 32; i <= 63; i++) - if (FP[i] >= 32) - test_set(stream, "R1", FP[i]-32, "R2", SWAP(i,32)); -} diff --git a/src/lib/crypto/des/make_ip.c b/src/lib/crypto/des/make_ip.c deleted file mode 100644 index 5c0113f7e..000000000 --- a/src/lib/crypto/des/make_ip.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * lib/crypto/des/make_ip.c - * - * Copyright 1987, 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This routine generates source code implementing the initial - * permutation of the DES. - */ - - -#include -#include -#include "des_int.h" -#include "tables.h" - - -#define SWAP(x) swap_long_bytes_bit_number(swap_bit_pos_0_to_ansi(x)) - -void gen(stream) - FILE *stream; -{ - register i; - - /* clear the output */ - fprintf(stream," L2 = 0; R2 = 0;\n"); - - /* first setup IP */ - fprintf(stream,"/* IP operations */\n/* first left to left */\n"); - - /* first list mapping from left to left */ - for (i = 0; i <= 31; i++) - if (IP[i] < 32) - test_set(stream, "L1", SWAP(IP[i]), "L2", i); - - /* now mapping from right to left */ - fprintf(stream,"\n/* now from right to left */\n"); - for (i = 0; i <= 31; i++) - if (IP[i] >= 32) - test_set(stream, "R1", SWAP(IP[i]-32), "L2", i); - - fprintf(stream,"\n/* now from left to right */\n"); - /* list mapping from left to right */ - for (i = 32; i <= 63; i++) - if (IP[i] <32) - test_set(stream, "L1", SWAP(IP[i]), "R2", i-32); - - /* now mapping from right to right */ - fprintf(stream,"\n/* last from right to right */\n"); - for (i = 32; i <= 63; i++) - if (IP[i] >= 32) - test_set(stream, "R1", SWAP(IP[i]-32), "R2", i-32); - exit(0); -} diff --git a/src/lib/crypto/des/make_kp.c b/src/lib/crypto/des/make_kp.c deleted file mode 100644 index 42cfe8c4d..000000000 --- a/src/lib/crypto/des/make_kp.c +++ /dev/null @@ -1,222 +0,0 @@ -/* - * lib/crypto/des/make_kp.c - * - * Copyright 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This routine calculates an effective Key schedule set of - * permutations for des. Beginning with the pre-defined key schedule - * algorithm, it reduces it to a set of 16 permutations upon the - * initial key. Only needs to execute once to produce a header file. - * Note that we subtract one from the values ouput to fix up for C - * subscripts starting at 0. - */ - -#include -#include -#include "des_int.h" - - -char *progname; -extern int errno; -int sflag; -int vflag; -int dflag; -int pid; -int child_status; - -int key_position[64+1]; -int C[28+1]; -int D[28+1]; -int C_temp, D_temp; - -/* - * CONVENTIONS for numbering the bits - * bit 0 ==> lsb - * L starts at bit 0 - * R starts at bit 64 - * - * BEWARE-- some stuff starts at 0, some at 1; perhaps some bugs still? - */ - -/* - * Sequence of shifts used for the key schedule. - */ -int shift[16+1] = { 0, - 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1, -}; - -int pc_1[64+1] = { 0, - - 57,49,41,33,25,17, 9, - 1,58,50,42,34,26,18, - 10, 2,59,51,43,35,27, - 19,11, 3,60,52,44,36, - - 63,55,47,39,31,23,15, - 7,62,54,46,38,30,22, - 14, 6,61,53,45,37,29, - 21,13, 5,28,20,12, 4, -}; - - -/* - * Permuted-choice 2, to pick out the bits from - * the CD array that generate the key schedule. - */ -int pc_2[48+1] = { 0, - - 14,17,11,24, 1, 5, - 3,28,15, 6,21,10, - 23,19,12, 4,26, 8, - 16, 7,27,20,13, 2, - - 41,52,31,37,47,55, - 30,40,51,45,33,48, - 44,49,39,56,34,53, - 46,42,50,36,29,32, -}; - -int ks_perm[16+1][48+1]; - -int mit_des_debug; - -void gen(stream) - FILE *stream; -{ - /* Local Declarations */ - register i, j, iter; - - /* - * initialize the key_position array s.t. key_position[i] = i; - * that is, each element is equal to its starting position. - * - * Also adjust for the bit order within bytes. - */ - - for (i=0; i<65; i++) - key_position[i]= swap_bit_pos_1(i); - - fprintf(stream,"static int const key_perm[16][48] = {\n"); - - /* - * apply pc_1 to initial key_position to create C[0] and D[0] - * Start at pc_1[1], not pc_1[0] - */ - for (i=1; i<=28; i++) { - C[i] = key_position[pc_1[i]]; - D[i] = key_position[pc_1[i+28]]; - } - - /* - * major loop over the 16 iterations - * start at iter = 1, not zero. - */ - for (iter = 1; iter <= 16; iter++) { - if (mit_des_debug) { - /* for debugging */ - printf( - "/* DEBUG-- start iteration = %d shifts = %d", - iter, shift[iter]); - printf("\nC array"); - for (i = 1; i <=4 ; i++) { - printf("\n"); - for (j = 1; j<=7; j++) - printf("%d, ",C[(i-1)*7+j]); - } - printf("\n\nD array"); - for (i = 1; i <=4 ; i++) { - printf("\n"); - for (j = 1; j<=7; j++) - printf("%d, ",D[(i-1)*7+j]); - } - printf("\n */"); - fflush(stdout); - } - - /* apply the appropriate left shifts */ - for (i = 1; i <= shift[iter]; i++) { - C_temp = C[1]; - D_temp = D[1]; - for (j =1; j<=27; j++) { - C[j] = C[j+1]; - D[j] = D[j+1]; - } - C[j] = C_temp; - D[j] = D_temp; - } - - - if (mit_des_debug) { - /* for debugging */ - printf("/* DEBUG:\n"); - printf(" * after shifts, iteration = %d shifts = %d", - iter, shift[iter]); - printf("\nC array"); - for (i = 1; i <=4 ; i++) { - printf("\n"); - for (j = 1; j<=7; j++) - printf("%d, ",C[(i-1)*7+j]); - } - printf("\n\nD array"); - for (i = 1; i <=4 ; i++) { - printf("\n"); - for (j = 1; j<=7; j++) - printf("%d, ",D[(i-1)*7+j]); - } - printf("\n */"); - fflush(stdout); - } - - /* - * apply pc_2 - * Start at pc_2[1], not pc_2[0] - * - * Start stuffing ks_perm[1][1], not ks_perm[0][0] - * - * Adjust ks_perm for bit order if needed. - */ - for (i = 1; i <= 48; i++) { - if (pc_2[i] <= 28) - ks_perm[iter][(i)] = C[pc_2[i]]; - else - ks_perm[iter][(i)] = D[pc_2[i]-28]; - } - - /* now output the resulting key permutation */ - fprintf(stream, " /* ks permutation iteration = %2d */", - iter); - for (i = 1; i <= 6; i++) { - fprintf(stream, "\n "); - for (j = 1; j <= 8; j++) { - /* - * IMPORTANT -- subtract one from value to adjust to a - * zero-based subscript for key - */ - fprintf(stream, "%d", ks_perm[iter][(i-1)*8+j]-1); - /* omit last comma */ - if ((j != 8) || (i != 6) || (iter != 16)) { - fprintf(stream,", "); - } - } - } - } - fprintf(stream,"\n};\n"); -} diff --git a/src/lib/crypto/des/make_odd.c b/src/lib/crypto/des/make_odd.c deleted file mode 100644 index 9405e8448..000000000 --- a/src/lib/crypto/des/make_odd.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * lib/crypto/des/make_odd.c - * - * Copyright 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This routine generates an odd-parity table for use in key generation. - */ - - -#include - -void gen(stream) - FILE *stream; -{ - /* - * map a byte into its equivalent with odd parity, where odd - * parity is in the least significant bit - */ - register i, j, k, odd; - - fprintf(stream, - "static unsigned char const odd_parity[256] = {\n"); - - for (i = 0; i < 256; i++) { - odd = 0; - /* shift out the lsb parity bit */ - k = i >> 1; - /* then count the other bits */ - for (j = 0; j < 7; j++) { - odd ^= (k&1); - k = k >> 1; - } - k = i&~1; - if (!odd) - k |= 1; - fprintf(stream, "%3d", k); - if (i < 255) - fprintf(stream, ", "); - if (i%8 == 0) - fprintf(stream, "\n"); - } - fprintf(stream, "};\n"); -} diff --git a/src/lib/crypto/des/make_p.c b/src/lib/crypto/des/make_p.c deleted file mode 100644 index 0446c9c6f..000000000 --- a/src/lib/crypto/des/make_p.c +++ /dev/null @@ -1,66 +0,0 @@ -/* - * lib/crypto/des/make_p.c - * - * Copyright 1985, 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This routine generates the P permutation code for the DES. - */ - - -#include -#include -#include "des_int.h" -#include "tables.h" - -void gen(stream) - FILE *stream; -{ - /* P permutes 32 bit input R1 into 32 bit output R2 */ - - /* clear the output */ - fprintf(stream," L2 = 0;\n"); -#ifndef BIG - fprintf(stream," R2 = 0;\n"); - fprintf(stream, - "/* P operations */\n/* from right to right */\n"); - /* first list mapping from left to left */ - for (i = 0; i <=31; i++) - if (P[i] < 32) - fprintf(stream, - " if (R1 & (1<<%d)) R2 |= 1<<%d;\n",P[i],i); -#else /* BIG */ - /* flip p into p_temp */ - fprintf(stream," P_temp = R1;\n"); - fprintf(stream," P_temp_p = (unsigned char *) &P_temp;\n"); - -#ifdef LSBFIRST - fprintf(stream," R2 = P_prime[0][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[1][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[2][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[3][*P_temp_p];\n"); -#else /* MSBFIRST */ - fprintf(stream," R2 = P_prime[3][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[2][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[1][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[0][*P_temp_p];\n"); -#endif /* MSBFIRST */ -#endif /* BIG */ -} diff --git a/src/lib/crypto/des/make_pt.c b/src/lib/crypto/des/make_pt.c deleted file mode 100644 index 804cb33a5..000000000 --- a/src/lib/crypto/des/make_pt.c +++ /dev/null @@ -1,81 +0,0 @@ -/* - * lib/crypto/des/make_pt.c - * - * Copyright 1985, 1988, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - */ - - -#include -#include -#include "des_int.h" -#include "tables.h" - -static unsigned char P_temp[32]; -static unsigned long P_prime[4][256]; - -void gen(stream) - FILE *stream; -{ - register i,j,k,m; - /* P permutes 32 bit input R1 into 32 bit output R2 */ - -#ifdef BIG - /* flip p into p_temp */ - for (i = 0; i<32; i++) - P_temp[P[rev_swap_bit_pos_0(i)]] = rev_swap_bit_pos_0(i); - - /* - * now for each byte of input, figure out all possible combinations - */ - for (i = 0; i <4 ; i ++) { /* each input byte */ - for (j = 0; j<256; j++) { /* each possible byte value */ - /* flip bit order */ - k = j; - /* swap_byte_bits(j); */ - for (m = 0; m < 8; m++) { /* each bit */ - if (k & (1 << m)) { - /* set output values */ - P_prime[i][j] |= 1 << P_temp[(i*8)+m]; - } - } - } - } - - fprintf(stream, - "\n\tstatic unsigned long const P_prime[4][256] = {\n\t"); - for (i = 0; i < 4; i++) { - fprintf(stream,"\n"); - for (j = 0; j < 64; j++) { - fprintf(stream,"\n"); - for (k = 0; k < 4; k++) { - fprintf(stream,"0x%08X",P_prime[i][j*4+k]); - if ((i == 3) && (j == 63) && (k == 3)) - fprintf(stream,"\n};"); - else - fprintf(stream,", "); - } - } - } - -#endif - fprintf(stream,"\n"); -} diff --git a/src/lib/crypto/des/make_s.c b/src/lib/crypto/des/make_s.c deleted file mode 100644 index 4ae7ff24b..000000000 --- a/src/lib/crypto/des/make_s.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * lib/crypto/des/make_s.c - * - * Copyright 1985, 1988, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - - - -#include -#include -#include "des_int.h" -#include "s_table.h" - -void gen(stream) - FILE *stream; -{ - /* clear the output */ - fprintf(stream,"\n\tL2 = 0; R2 = 0;"); - -#ifdef notdef - /* P permutes 32 bit input R1 into 32 bit output R2 */ - - fprintf(stream,"\n/* P operations */\n/* first left to left */\n"); - /* first list mapping from left to left */ - for (i = 0; i <=31; i++) - if (S[i] < 32) - fprintf(stream, - "\n\tif (R1 & (1<<%d)) R2 |= 1<<%d;",S[i],i); -#endif - fprintf(stream,"\n"); -} diff --git a/src/lib/crypto/des/make_st.c b/src/lib/crypto/des/make_st.c deleted file mode 100644 index 9dcd08c9a..000000000 --- a/src/lib/crypto/des/make_st.c +++ /dev/null @@ -1,83 +0,0 @@ -/* - * lib/crypto/des/make_st.c - * - * Copyright 1985, 1988, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - - -#include -#include -#include "des_int.h" -#include "tables.h" - -char temp[8][64]; -int mit_des_debug; - -void gen(stream) - FILE *stream; -{ - register unsigned long i,j,k,l,m,n; - - /* rearrange the S table entries, and adjust for host bit order */ - - fprintf(stream, "static unsigned char const S_adj[8][64] = {"); - fprintf(stream, " /* adjusted */\n"); - - for (i = 0; i<=7 ; i++) { - for (j = 0; j <= 63; j++) { - /* - * figure out which one to put in the new S[i][j] - * - * start by assuming the value of the input bits is "j" in - * host order, then figure out what it means in standard - * form. - */ - k = swap_six_bits_to_ansi(j); - /* figure out the index for k */ - l = (((k >> 5) & 01) << 5) - + ((k & 01) <<4) + ((k >> 1) & 0xf); - m = S[i][l]; - /* restore in host order */ - n = swap_four_bits_to_ansi(m); - if (mit_des_debug) - fprintf(stderr, - "i = %d, j = %d, k = %d, l = %d, m = %d, n = %d\n", - i,j,k,l,m,n); - temp[i][j] = n; - } - } - - for (i = 0; i<=7; i++) { - fprintf(stream,"\n"); - k =0; - for (j = 0; j<= 3; j++) { - fprintf(stream,"\n"); - for (m = 0; m <= 15; m++) { - fprintf(stream,"%2d",temp[i][k]); - if ((k++ != 63) || (i !=7)) { - fprintf(stream,", "); - } - } - } - } - - fprintf(stream,"\n};\n"); -} diff --git a/src/lib/crypto/des/misc.c b/src/lib/crypto/des/misc.c deleted file mode 100644 index a4e595575..000000000 --- a/src/lib/crypto/des/misc.c +++ /dev/null @@ -1,366 +0,0 @@ -/* - * lib/crypto/des/misc.c - * - * Copyright 1988, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This file contains most of the routines needed by the various - * make_foo programs, to account for bit- and byte-ordering on - * different machine types. It also contains other routines useful in - * generating the intermediate source files. - */ - - -#include -#include -#include - -#include "des_int.h" - -/* - * The DES algorithm is defined in terms of MSBFIRST, so sometimes, - * e.g. VAXes, we need to fix it up. ANSI order means the DES - * MSBFIRST order. - */ - -#if 0 /* These don't seem to get used anywhere.... */ -void swap_bits(array) - char *array; -{ -#ifdef MSBFIRST - /* just return */ - return; -#else /* LSBFIRST */ - register old,new,i,j; - - /* for an eight byte block-- */ - /* flips the bit order within each byte from 0 lsb to 0 msb */ - for (i = 0; i<=7; i++) { - old = *array; - new = 0; - for (j = 0; j<=7; j++) { - new |= old & 01; /* copy a bit */ - if (j < 7) { - /* rotate in opposite directions */ - old = old >> 1; - new = new << 1; - } - } - *array++ = new; - } -#endif /* MSBFIRST */ -} - -unsigned long long_swap_bits(x) - unsigned long x; -{ -#ifdef MSBFIRST - return x; -#else - char *array = (char *) &x; - register old,new,i,j; - - /* flips the bit order within each byte from 0 lsb to 0 msb */ - for (i = 0; i <= (sizeof(long)-1); i++) { - old = *array; - new = 0; - for (j = 0; j<=7; j++) { - if (old & 01) - new = new | 01; - if (j < 7) { - old = old >> 1; - new = new << 1; - } - } - *array++ = new; - } - return x; -#endif /* LSBFIRST */ -} -#endif /* 0 */ - -unsigned long swap_six_bits_to_ansi(old) - unsigned long old; -{ - register unsigned long new, j; - - /* flips the bit order within each byte from 0 lsb to 0 msb */ - new = 0; - for (j = 0; j<=5; j++) { - new |= old & 01; /* copy a bit */ - if (j < 5) { - /* rotate in opposite directions */ - old = old >> 1; - new = new << 1; - } - } - return new; -} - -unsigned long swap_four_bits_to_ansi(old) - unsigned long old; -{ - register unsigned long new,j; - - /* flips the bit order within each byte from 0 lsb to 0 msb */ - new = 0; - for (j = 0; j<=3; j++) { - new |= (old & 01); /* copy a bit */ - if (j < 3) { - old = old >> 1; - new = new << 1; - } - } - return new; -} - -unsigned long swap_bit_pos_1(x) - unsigned long x; -{ - /* - * This corrects for the bit ordering of the algorithm, e.g. - * bit 0 ==> msb, bit 7 lsb. - * - * given the number of a bit position, >=1, flips the bit order - * each byte. e.g. bit 3 --> bit 6, bit 13 --> bit 12 - */ - register y,z; - - /* always do it, only used by mit_des_make_key_perm.c so far */ - y = (x-1)/8; - z = (x-1)%8; - - x = (8-z) + (y*8); - - return x; -} - -unsigned long swap_bit_pos_0(x) - unsigned long x; -{ - /* zero based version */ - - /* - * This corrects for the bit ordering of the algorithm, e.g. - * bit 0 ==> msb, bit 7 lsb. - */ - -#ifdef MSBFIRST - return x; -#else /* LSBFIRST */ - register y,z; - - /* - * given the number of a bit position, >=0, flips the bit order - * each byte. e.g. bit 3 --> bit 6, bit 13 --> bit 12 - */ - y = x/8; - z = x%8; - - x = (7-z) + (y*8); - - return x; -#endif /* LSBFIRST */ -} - -unsigned long swap_bit_pos_0_to_ansi(x) - unsigned long x; -{ - /* zero based version */ - - /* - * This corrects for the bit ordering of the algorithm, e.g. - * bit 0 ==> msb, bit 7 lsb. - */ - - register y,z; - /* - * given the number of a bit position, >=0, flips the bit order each - * byte. e.g. bit 3 --> bit 6, bit 13 --> bit 12 - */ - y = x/8; - z = x%8; - - x = (7-z) + (y*8); - - return x; -} - -unsigned long rev_swap_bit_pos_0(x) - unsigned long x; -{ - /* zero based version */ - - /* - * This corrects for the bit ordering of the algorithm, e.g. - * bit 0 ==> msb, bit 7 lsb. - * - * Role of LSB and MSB flipped from the swap_bit_pos_0() - */ - -#ifdef LSBFIRST - return x; -#else /* MSBFIRST */ - - register y,z; - - /* - * given the number of a bit position, >=0, flips the bit order each - * byte. e.g. bit 3 --> bit 6, bit 13 --> bit 12 - */ - y = x/8; - z = x%8; - - x = (7-z) + (y*8); - - return x; -#endif /* MSBFIRST */ -} - -unsigned long swap_byte_bits(x) - unsigned long x; -{ -#ifdef MSBFIRST - return x; -#else /* LSBFIRST */ - - char *array = (char *) &x; - register unsigned long old,new,j; - - /* flips the bit order within each byte from 0 lsb to 0 msb */ - old = *array; - new = 0; - for (j = 0; j<=7; j++) { - new |= (old & 01); /* copy a bit */ - if (j < 7) { - old = old >> 1; - new = new << 1; - } - } - return new; -#endif /* LSBFIRST */ -} - -unsigned long -swap_long_bytes_bit_number(x) - unsigned long x; -{ - /* - * given a bit number (0-31) from a vax, swap the byte part of the - * bit number to change the byte ordering to mSBFIRST type - */ -#ifdef LSBFIRST - return x; -#else /* MSBFIRST */ - unsigned long y,z; - - y = x/8; /* initial byte component */ - z = x%8; /* bit within byte */ - - x = (3-y)*8 +z; - return x; -#endif /* MSBFIRST */ -} - -void test_set(stream, src, testbit, dest, setbit) - FILE *stream; - const char *src; - int testbit; - const char *dest; - int setbit; -{ -#ifdef DES_SHIFT_SHIFT - if (testbit == setbit) - fprintf(stream, " %s |= %s & (1<<%2d);\n", - dest, src, testbit); - else - fprintf(stream, " %s |= (%s & (1<<%2d)) %s %2d;\n", - dest, src, testbit, - (testbit < setbit) ? "<<" : ">>", - abs(testbit - setbit)); -#else - fprintf(stream, - " if (%s & (1<<%2d)) %s |= 1<<%2d;\n", - src, testbit, dest, setbit); -#endif -} - -extern void gen PROTOTYPE((FILE *)); -int mit_des_debug; -char const *whoami; - -void -main(argc, argv) - int argc; - char *argv[]; -{ - char *filename; - char *arg; - FILE *stream = 0; - - whoami = argv[0]; - filename = (char *)NULL; - - while (argc--, *++argv) { - arg = *argv; - if (*arg == '-') { - if (!strcmp(arg, "-d") || !strcmp(arg, "-debug")) - mit_des_debug++; - else { - fprintf(stderr, "%s: unknown control argument %s\n", - whoami, arg); - goto usage; - } - } - else if (filename) { - fprintf(stderr, - "%s: multiple file names provided: %s, %s\n", - whoami, filename, arg); - goto usage; - } - else - filename = arg; - } - - if (!filename) { - fprintf(stderr, "%s: no file name provided\n", whoami); - goto usage; - } - - stream = fopen(filename, "w"); - if (!stream) { - perror(filename); - usage: - fprintf(stderr, "usage: %s [-debug] filename\n", whoami); - exit(1); - } - - fputs( - "/* This file is automatically generated. Do not edit it. */\n", - stream); - - /* This routine will generate the contents of the file. */ - gen(stream); - if (fclose(stream) == EOF) { - perror(filename); - exit(1); - } - exit(0); -} diff --git a/src/lib/crypto/des/tables.h b/src/lib/crypto/des/tables.h deleted file mode 100644 index 42bac36d2..000000000 --- a/src/lib/crypto/des/tables.h +++ /dev/null @@ -1,122 +0,0 @@ -/* - * lib/crypto/des/tables.h - * - * Copyright 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * part of the Athena Kerberos encryption system - * - * spm 8/85 - */ - -/* - * Initial permutation, adjust to zero based subscript - */ -static char IP[] = { - 58-1, 50-1, 42-1, 34-1, 26-1, 18-1, 10-1, 2-1, - 60-1, 52-1, 44-1, 36-1, 28-1, 20-1, 12-1, 4-1, - 62-1, 54-1, 46-1, 38-1, 30-1, 22-1, 14-1, 6-1, - 64-1, 56-1, 48-1, 40-1, 32-1, 24-1, 16-1, 8-1, - 57-1, 49-1, 41-1, 33-1, 25-1, 17-1, 9-1, 1-1, - 59-1, 51-1, 43-1, 35-1, 27-1, 19-1, 11-1, 3-1, - 61-1, 53-1, 45-1, 37-1, 29-1, 21-1, 13-1, 5-1, - 63-1, 55-1, 47-1, 39-1, 31-1, 23-1, 15-1, 7-1, -}; - -/* - * Final permutation, FP = IP^(-1) adjust to zero based subscript - */ -static char FP[] = { - 40-1, 8-1, 48-1, 16-1, 56-1, 24-1, 64-1, 32-1, - 39-1, 7-1, 47-1, 15-1, 55-1, 23-1, 63-1, 31-1, - 38-1, 6-1, 46-1, 14-1, 54-1, 22-1, 62-1, 30-1, - 37-1, 5-1, 45-1, 13-1, 53-1, 21-1, 61-1, 29-1, - 36-1, 4-1, 44-1, 12-1, 52-1, 20-1, 60-1, 28-1, - 35-1, 3-1, 43-1, 11-1, 51-1, 19-1, 59-1, 27-1, - 34-1, 2-1, 42-1, 10-1, 50-1, 18-1, 58-1, 26-1, - 33-1, 1-1, 41-1, 9-1, 49-1, 17-1, 57-1, 25-1, -}; - -/* the E selection function, adjusted to zero based subscripts */ -static char E[] = { - 32-1, 1-1, 2-1, 3-1, 4-1, 5-1, - 4-1, 5-1, 6-1, 7-1, 8-1, 9-1, - 8-1, 9-1, 10-1, 11-1, 12-1, 13-1, - 12-1, 13-1, 14-1, 15-1, 16-1, 17-1, - 16-1, 17-1, 18-1, 19-1, 20-1, 21-1, - 20-1, 21-1, 22-1, 23-1, 24-1, 25-1, - 24-1, 25-1, 26-1, 27-1, 28-1, 29-1, - 28-1, 29-1, 30-1, 31-1, 32-1, 1-1, -}; - -/* the P permutation, adjusted to zero based subscripts */ -static char P[] = { - 16-1, 7-1, 20-1, 21-1, - 29-1, 12-1, 28-1, 17-1, - 1-1, 15-1, 23-1, 26-1, - 5-1, 18-1, 31-1, 10-1, - 2-1, 8-1, 24-1, 14-1, - 32-1, 27-1, 3-1, 9-1, - 19-1, 13-1, 30-1, 6-1, - 22-1, 11-1, 4-1, 25-1, -}; - -/* S tables, original form */ -static char S[8][64] = { - 14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7, - 0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8, - 4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0, - 15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13, - - 15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10, - 3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5, - 0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15, - 13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9, - - 10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8, - 13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1, - 13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7, - 1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12, - - 7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15, - 13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9, - 10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4, - 3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14, - - 2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9, - 14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6, - 4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14, - 11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3, - - 12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11, - 10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8, - 9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6, - 4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13, - - 4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1, - 13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6, - 1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2, - 6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12, - - 13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7, - 1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2, - 7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8, - 2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11, -}; diff --git a/src/lib/crypto/des/verify.c b/src/lib/crypto/des/verify.c index b5ac9929b..270647c5b 100644 --- a/src/lib/crypto/des/verify.c +++ b/src/lib/crypto/des/verify.c @@ -88,6 +88,16 @@ unsigned char cipher3[64] = { unsigned char checksum[8] = { 0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33 }; + +unsigned char zresult[8] = { + 0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7 +}; + +unsigned char mresult[8] = { + 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96 +}; + + /* * Can also add : * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?) @@ -143,7 +153,7 @@ main(argc,argv) /* do some initialisation */ initialize_krb5_error_table(); - eblock.crypto_entry = &mit_des_cryptosystem_entry; + krb5_use_cstype(&eblock, ETYPE_DES_CBC_CRC); keyblock.keytype = KEYTYPE_DES; keyblock.length = sizeof (mit_des_cblock); @@ -168,6 +178,10 @@ main(argc,argv) com_err("des verify", retval, "can't finish zero key"); exit(-1); } + if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) { + printf("verify: error in zero key test\n"); + exit(-1); + } exit(0); } @@ -179,7 +193,8 @@ main(argc,argv) exit(-1); } printf("plaintext = 0x00 00 00 00 00 00 00 40, "); - printf("key = 0, cipher = 0x??\n"); + printf("key = 0x80 01 01 01 01 01 01 01\n"); + printf(" cipher = 0xa380e02a6be54696\n"); do_encrypt(input,cipher_text); printf("\tcipher = (low to high bytes)\n\t\t"); for (j = 0; j<=7; j++) { @@ -191,6 +206,10 @@ main(argc,argv) com_err("des verify", retval, "can't finish key3"); exit(-1); } + if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) { + printf("verify: error in msb test\n"); + exit(-1); + } exit(0); } @@ -392,3 +411,17 @@ do_decrypt(in,out) } } } + +/* + * Fake out the DES library, for the purposes of testing. + */ + +#include "des.h" + +int +mit_des_is_weak_key(key) + mit_des_cblock key; +{ + return 0; /* fake it out for testing */ +} + -- 2.26.2