From 9f6c7f0b8c26905fbc1b6d5cbb240fe6faeea778 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Tue, 10 Apr 2001 02:47:42 +0000 Subject: [PATCH] * des425.h: Deleted to avoid confusion with the other des.h in the tree. All files changed to include des_int.h and (the other) des.h instead. * new_rnd_key.c (des_init_random_number_generator): Cast seed data pointer to keep compiler happy. * read_passwd.c (intr_routine, des_read_pw_string): Add prototypes. (des_read_password): Fix call sequence for des_string_to_key. * str_to_key.c (des_string_to_key): Remove static storage in favor of automatic storage. Fix call sequence to des_key_sched. Delete no-op while loop. * t_quad.c (main): Fix call sequence for des_quad_cksum. * verify.c (des_string_to_key, des_key_sched, des_ecb_encrypt, des_cbc_encrypt): Removed declarations. (do_encrypt, do_decrypt): Prototype. Make args point to unsigned char, and return types void. (main): Declare return type. Make automatic var in_length be unsigned long; discard some casts, but cast it when passing to memcmp. Remove extra arg passed to des_cbc_cksum. (flip): Delete unused function. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13150 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/des425/ChangeLog | 23 ++++++++-- src/lib/des425/cksum.c | 4 +- src/lib/des425/des.c | 6 +-- src/lib/des425/des425.h | 89 ------------------------------------ src/lib/des425/enc_dec.c | 4 +- src/lib/des425/key_parity.c | 4 +- src/lib/des425/key_sched.c | 9 ++-- src/lib/des425/new_rnd_key.c | 6 +-- src/lib/des425/quad_cksum.c | 3 +- src/lib/des425/random_key.c | 3 +- src/lib/des425/read_passwd.c | 8 +++- src/lib/des425/str_to_key.c | 28 ++++++++---- src/lib/des425/string2key.c | 2 +- src/lib/des425/t_quad.c | 6 ++- src/lib/des425/util.c | 3 +- src/lib/des425/verify.c | 56 ++++++++--------------- src/lib/des425/weak_key.c | 4 +- 17 files changed, 94 insertions(+), 164 deletions(-) delete mode 100644 src/lib/des425/des425.h diff --git a/src/lib/des425/ChangeLog b/src/lib/des425/ChangeLog index 034580f7c..3efa1a30e 100644 --- a/src/lib/des425/ChangeLog +++ b/src/lib/des425/ChangeLog @@ -1,8 +1,25 @@ 2001-04-09 Ken Raeburn - * des425.h: Renamed from des.h to avoid confusion with the other - des.h in the source tree. Adjust include directives in all other - files. + * des.h: Deleted to avoid confusion with the other des.h in the + tree. All files changed to include des_int.h and + (the other) des.h instead. + * new_rnd_key.c (des_init_random_number_generator): Cast seed data + pointer to keep compiler happy. + * read_passwd.c (intr_routine, des_read_pw_string): Add + prototypes. + (des_read_password): Fix call sequence for des_string_to_key. + * str_to_key.c (des_string_to_key): Remove static storage in favor + of automatic storage. Fix call sequence to des_key_sched. Delete + no-op while loop. + * t_quad.c (main): Fix call sequence for des_quad_cksum. + * verify.c (des_string_to_key, des_key_sched, des_ecb_encrypt, + des_cbc_encrypt): Removed declarations. + (do_encrypt, do_decrypt): Prototype. Make args point to unsigned + char, and return types void. + (main): Declare return type. Make automatic var in_length be + unsigned long; discard some casts, but cast it when passing to + memcmp. Remove extra arg passed to des_cbc_cksum. + (flip): Delete unused function. * quad_cksum.c (des_quad_cksum): Add comments. Force 32-bit arithmetic just to be careful. diff --git a/src/lib/des425/cksum.c b/src/lib/des425/cksum.c index e43523118..deff03c65 100644 --- a/src/lib/des425/cksum.c +++ b/src/lib/des425/cksum.c @@ -37,8 +37,8 @@ * spm 8/85 MIT project athena */ - -#include "des425.h" +#include "des_int.h" +#include "des.h" /* * This routine performs DES cipher-block-chaining checksum operation, diff --git a/src/lib/des425/des.c b/src/lib/des425/des.c index 2315b434b..9dfdce3e3 100644 --- a/src/lib/des425/des.c +++ b/src/lib/des425/des.c @@ -51,15 +51,15 @@ * originally written by Steve Miller, MIT Project Athena */ - -#include "des425.h" +#include "des_int.h" +#include "des.h" KRB5_DLLIMP int KRB5_CALLCONV des_ecb_encrypt(clear, cipher, schedule, encrypt) unsigned long *clear; unsigned long *cipher; - int encrypt; /* 0 ==> decrypt, else encrypt */ register mit_des_key_schedule schedule; /* r11 */ + int encrypt; /* 0 ==> decrypt, else encrypt */ { static des_cblock iv; diff --git a/src/lib/des425/des425.h b/src/lib/des425/des425.h deleted file mode 100644 index 9ccc82ce8..000000000 --- a/src/lib/des425/des425.h +++ /dev/null @@ -1,89 +0,0 @@ -/* - * lib/des425/des425.h (formerly des.h) - * - * Copyright 1991 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - */ - -/* - * Include file for the Data Encryption Standard library. - */ - -/* only do the whole thing once */ -#ifndef DES_DEFS -#define DES_DEFS - -#include - -typedef mit_des_cblock des_cblock; /* crypto-block size */ - -/* Key schedule */ -typedef mit_des_key_schedule des_key_schedule; - -#define DES_KEY_SZ (sizeof(des_cblock)) -#define DES_ENCRYPT 1 -#define DES_DECRYPT 0 - -#ifndef NCOMPAT -#define C_Block des_cblock -#define Key_schedule des_key_schedule -#define ENCRYPT DES_ENCRYPT -#define DECRYPT DES_DECRYPT -#define KEY_SZ DES_KEY_SZ -#define string_to_key des_string_to_key -#define read_pw_string des_read_pw_string -#define random_key des_random_key -#define pcbc_encrypt des_pcbc_encrypt -#define key_sched des_key_sched -#define cbc_encrypt des_cbc_encrypt -#define cbc_cksum des_cbc_cksum -#define C_Block_print des_cblock_print -#define quad_cksum des_quad_cksum -typedef struct des_ks_struct bit_64; -#endif - -#define des_cblock_print(x) des_cblock_print_file(x, stdout) - -/* - * Windows needs everything prototyped because we're exporting all the fuctions. - */ -void des_cbc_cksum(); -KRB5_DLLIMP int KRB5_CALLCONV des_ecb_encrypt(); -int des_cbc_encrypt(); -void des_fixup_key_parity(); -int des_check_key_parity(); -KRB5_DLLIMP int KRB5_CALLCONV des_key_sched(); -KRB5_DLLIMP int KRB5_CALLCONV des_new_random_key(); -void des_init_random_number_generator(); -KRB5_DLLIMP void KRB5_CALLCONV des_set_random_generator_seed(); -void des_set_sequence_number(); -void des_generate_random_block(); -KRB5_DLLIMP int KRB5_CALLCONV des_pcbc_encrypt(); -KRB5_DLLIMP unsigned long KRB5_CALLCONV des_quad_cksum(); -int des_random_key(); -krb5_error_code des_read_password(); -KRB5_DLLIMP int KRB5_CALLCONV des_string_to_key(); -int des_is_weak_key(); - -#endif /* DES_DEFS */ diff --git a/src/lib/des425/enc_dec.c b/src/lib/des425/enc_dec.c index 0be356075..f0e0daa50 100644 --- a/src/lib/des425/enc_dec.c +++ b/src/lib/des425/enc_dec.c @@ -38,8 +38,8 @@ * */ - -#include "des425.h" +#include "des_int.h" +#include "des.h" /* * This routine performs DES cipher-block-chaining operation, either diff --git a/src/lib/des425/key_parity.c b/src/lib/des425/key_parity.c index 67480d53f..d52676c78 100644 --- a/src/lib/des425/key_parity.c +++ b/src/lib/des425/key_parity.c @@ -34,8 +34,8 @@ * */ - -#include "des425.h" +#include "des_int.h" +#include "des.h" /* * des_fixup_key_parity: Forces odd parity per byte; parity is bits diff --git a/src/lib/des425/key_sched.c b/src/lib/des425/key_sched.c index b30571c20..cb62a502f 100644 --- a/src/lib/des425/key_sched.c +++ b/src/lib/des425/key_sched.c @@ -49,12 +49,13 @@ #include -#include "des425.h" +#include "des_int.h" +#include "des.h" KRB5_DLLIMP int KRB5_CALLCONV des_key_sched(k,schedule) - register mit_des_cblock k; /* r11 */ - mit_des_key_schedule schedule; + des_cblock k; + des_key_schedule schedule; { - return (mit_des_key_sched(k, schedule)); + return (mit_des_key_sched(k, schedule)); } diff --git a/src/lib/des425/new_rnd_key.c b/src/lib/des425/new_rnd_key.c index 2dd6cb103..f04f25a72 100644 --- a/src/lib/des425/new_rnd_key.c +++ b/src/lib/des425/new_rnd_key.c @@ -52,8 +52,8 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ - -#include "des425.h" +#include "des_int.h" +#include "des.h" /* * des_init_random_number_generator: @@ -76,7 +76,7 @@ des_init_random_number_generator(key) krb5_data seed; seed.length = sizeof(key); - seed.data = key; + seed.data = (char *) key; if (krb5_c_random_seed(/* XXX */ 0, &seed)) /* XXX */ abort(); diff --git a/src/lib/des425/quad_cksum.c b/src/lib/des425/quad_cksum.c index 2dc51f2c4..cdf81c3f7 100644 --- a/src/lib/des425/quad_cksum.c +++ b/src/lib/des425/quad_cksum.c @@ -106,7 +106,8 @@ #include #include -#include "des425.h" +#include "des_int.h" +#include "des.h" /* Definitions for byte swapping */ diff --git a/src/lib/des425/random_key.c b/src/lib/des425/random_key.c index 10e1a3c4e..f367fc817 100644 --- a/src/lib/des425/random_key.c +++ b/src/lib/des425/random_key.c @@ -52,7 +52,8 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "des425.h" +#include "des_int.h" +#include "des.h" /* random_key */ int diff --git a/src/lib/des425/read_passwd.c b/src/lib/des425/read_passwd.c index f09020161..31bbd9763 100644 --- a/src/lib/des425/read_passwd.c +++ b/src/lib/des425/read_passwd.c @@ -32,7 +32,8 @@ #if !defined(_MSDOS)&&!defined(_WIN32) -#include "des425.h" +#include "des_int.h" +#include "des.h" #include #include #include @@ -43,6 +44,9 @@ static jmp_buf pwd_jump; +static krb5_sigtype intr_routine (int); +krb5_error_code des_read_pw_string (char *, int, char *, char *); + static krb5_sigtype intr_routine(signo) int signo; @@ -177,7 +181,7 @@ des_read_password/*_v4_compat_crock*/(k,prompt,verify) prompt, verify ? prompt2 : 0); if (ok == 0) - des_string_to_key(key_string, k); + des_string_to_key(key_string, *k); memset(key_string, 0, sizeof (key_string)); return ok; diff --git a/src/lib/des425/str_to_key.c b/src/lib/des425/str_to_key.c index 7bf75fb8d..448947125 100644 --- a/src/lib/des425/str_to_key.c +++ b/src/lib/des425/str_to_key.c @@ -43,13 +43,23 @@ #include #include -#include "des425.h" -/* #include "des_internal.h" */ +#include "des_int.h" +#include "des.h" extern int mit_des_debug; /* - * convert an arbitrary length string to a DES key + * Convert an arbitrary length string to a DES key. + */ + +/* + * For krb5, a change was made to this algorithm: When each key is + * generated, after fixing parity, a check for weak and semi-weak keys + * is done. If the key is weak or semi-weak, we XOR the last byte + * with 0xF0. (In the case of the intermediate key, the weakness is + * probably irrelevant, but there it is.) The odds that this will + * generate a different key for a random input string are pretty low, + * but non-zero. So we need this different function for krb4 to use. */ KRB5_DLLIMP int KRB5_CALLCONV des_string_to_key(str,key) @@ -60,11 +70,11 @@ des_string_to_key(str,key) register unsigned temp; register int j; register long i, length; - static unsigned char *k_p; - static int forward; + unsigned char *k_p; + int forward; register char *p_char; - static char k_char[64]; - static mit_des_key_schedule key_sked; + char k_char[64]; + mit_des_key_schedule key_sked; extern void des_cbc_cksum(); in_str = str; @@ -97,7 +107,7 @@ des_string_to_key(str,key) else *--p_char ^= (int) temp & 01; temp = temp >> 1; - } while (--j > 0); + } /* check and flip direction */ if ((i%8) == 0) @@ -119,7 +129,7 @@ des_string_to_key(str,key) des_fixup_key_parity(key); /* Now one-way encrypt it with the folded key */ - (void) des_key_sched(key,key_sked); + (void) des_key_sched(key, *(Key_schedule *)&key_sked); (void) des_cbc_cksum((des_cblock *)in_str,key,length,key_sked,key); /* erase key_sked */ memset((char *)key_sked, 0,sizeof(key_sked)); diff --git a/src/lib/des425/string2key.c b/src/lib/des425/string2key.c index 5078d5a95..8756787a1 100644 --- a/src/lib/des425/string2key.c +++ b/src/lib/des425/string2key.c @@ -29,7 +29,7 @@ */ -#include "des425.h" +#include "des.h" #include "des_int.h" #ifdef DEBUG diff --git a/src/lib/des425/t_quad.c b/src/lib/des425/t_quad.c index 373a5a49e..421a55584 100644 --- a/src/lib/des425/t_quad.c +++ b/src/lib/des425/t_quad.c @@ -27,7 +27,8 @@ #include #include -#include "des425.h" +#include "des_int.h" +#include "des.h" extern char *errmsg(); extern int errno; @@ -79,7 +80,8 @@ main(argc,argv) for (i = 0; i < 3; i++) { int wrong = 0, j; - des_quad_cksum (tests[i].text, out, 64L, 4, default_key); + des_quad_cksum (tests[i].text, out, 64L, 4, + (mit_des_cblock *) &default_key); if (tests[i].text[0] == 2) printf ("quad_cksum() = {"); else diff --git a/src/lib/des425/util.c b/src/lib/des425/util.c index 6f0330269..54545fcf0 100644 --- a/src/lib/des425/util.c +++ b/src/lib/des425/util.c @@ -13,7 +13,8 @@ /* Application include files */ #include "k5-int.h" -#include "des425.h" +#include "des_int.h" +#include "des.h" void des_cblock_print_file(x, fp) des_cblock *x; diff --git a/src/lib/des425/verify.c b/src/lib/des425/verify.c index abce45849..cb141b06c 100644 --- a/src/lib/des425/verify.c +++ b/src/lib/des425/verify.c @@ -34,14 +34,11 @@ #include #include -#include "des425.h" +#include "des_int.h" +#include "des.h" extern char *errmsg(); extern int errno; -extern int des_string_to_key(); -extern int des_key_sched(); -extern int des_ecb_encrypt(); -extern int des_cbc_encrypt(); char *progname; int nflag = 2; int vflag; @@ -96,18 +93,22 @@ unsigned char mresult[8] = { 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96 }; - + /* * Can also add : * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?) */ +void do_encrypt (unsigned char *, unsigned char *); +void do_decrypt (unsigned char *, unsigned char *); + +int main(argc,argv) int argc; char *argv[]; { /* Local Declarations */ - long in_length; + unsigned long in_length; progname=argv[0]; /* salt away invoking program */ @@ -240,7 +241,7 @@ main(argc,argv) printf("ACTUAL CBC\n\tclear \"%s\"\n",input); in_length = strlen((char *) input); - des_cbc_encrypt(input,cipher_text,(long) in_length,KS,ivec,1); + des_cbc_encrypt(input,cipher_text, in_length,KS,ivec,1); printf("\tciphertext = (low to high bytes)\n"); for (i = 0; i <= 7; i++) { printf("\t\t"); @@ -249,10 +250,10 @@ main(argc,argv) } printf("\n"); } - des_cbc_encrypt(cipher_text,clear_text,(long) in_length,KS,ivec,0); + des_cbc_encrypt(cipher_text,clear_text,in_length,KS,ivec,0); printf("\tdecrypted clear_text = \"%s\"\n",clear_text); - if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) { + if ( memcmp(cipher_text, cipher3, (size_t) in_length) ) { printf("verify: error in CBC encryption\n"); exit(-1); } @@ -265,7 +266,7 @@ main(argc,argv) printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, "); printf("or some part thereof\n"); input = clear_text2; - des_cbc_cksum(input,cipher_text,(long) strlen((char *) input),KS,ivec,1); + des_cbc_cksum(input,cipher_text,(long) strlen((char *) input),KS,ivec); printf("ACTUAL CBC checksum\n"); printf("\t\tencrypted cksum = (low to high bytes)\n\t\t"); for (j = 0; j<=7; j++) @@ -280,37 +281,17 @@ main(argc,argv) exit(0); } -flip(array) - char *array; -{ - register old,new,i,j; - /* flips the bit order within each byte from 0 lsb to 0 msb */ - for (i = 0; i<=7; i++) { - old = *array; - new = 0; - for (j = 0; j<=7; j++) { - if (old & 01) - new = new | 01; - if (j < 7) { - old = old >> 1; - new = new << 1; - } - } - *array = new; - array++; - } -} - +void do_encrypt(in,out) - char *in; - char *out; + unsigned char *in; + unsigned char *out; { for (i =1; i<=nflag; i++) { des_ecb_encrypt(in,out,KS,1); if (des_debug) { printf("\nclear %s\n",in); for (j = 0; j<=7; j++) - printf("%02 X ",in[j] & 0xff); + printf("%02X ",in[j] & 0xff); printf("\tcipher "); for (j = 0; j<=7; j++) printf("%02X ",out[j] & 0xff); @@ -318,9 +299,10 @@ do_encrypt(in,out) } } +void do_decrypt(in,out) - char *out; - char *in; + unsigned char *out; + unsigned char *in; /* try to invert it */ { for (i =1; i<=nflag; i++) { diff --git a/src/lib/des425/weak_key.c b/src/lib/des425/weak_key.c index 6ef232ee0..d9f7c37fc 100644 --- a/src/lib/des425/weak_key.c +++ b/src/lib/des425/weak_key.c @@ -32,8 +32,8 @@ * Originally written 8/85 by Steve Miller, MIT Project Athena. */ - -#include "des425.h" +#include "des_int.h" +#include "des.h" /* * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key. -- 2.26.2