diff options
Diffstat (limited to 'secure')
69 files changed, 11769 insertions, 0 deletions
diff --git a/secure/lib/libdes/COPYRIGHT b/secure/lib/libdes/COPYRIGHT new file mode 100644 index 0000000..dc789d4 --- /dev/null +++ b/secure/lib/libdes/COPYRIGHT @@ -0,0 +1,50 @@ +Copyright (C) 1995 Eric Young (eay@mincom.oz.au) +All rights reserved. + +This package is an DES implementation written by Eric Young (eay@mincom.oz.au). +The implementation was written so as to conform with MIT's libdes. + +This library is free for commercial and non-commercial use as long as +the following conditions are aheared to. The following conditions +apply to all code found in this distribution. + +Copyright remains Eric Young's, and as such any Copyright notices in +the code are not to be removed. +If this package is used in a product, Eric Young should be given attribution +as the author of that the SSL library. This can be in the form of a textual +message at program startup or in documentation (online or textual) provided +with the package. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + This product includes software developed by Eric Young (eay@mincom.oz.au) + +THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + +The license and distribution terms for any publically available version or +derivative of this code cannot be changed. i.e. this code cannot simply be +copied and put under another distrubution license +[including the GNU Public License.] + +The reason behind this being stated in this direct manner is past +experience in code simply being copied and the attribution removed +from it and then being distributed as part of other packages. This +implementation was a non-trivial and unpaid effort. diff --git a/secure/lib/libdes/DES.pm b/secure/lib/libdes/DES.pm new file mode 100644 index 0000000..6a175b6 --- /dev/null +++ b/secure/lib/libdes/DES.pm @@ -0,0 +1,19 @@ +package DES; + +require Exporter; +require DynaLoader; +@ISA = qw(Exporter DynaLoader); +# Items to export into callers namespace by default +# (move infrequently used names to @EXPORT_OK below) +@EXPORT = qw( +); +# Other items we are prepared to export if requested +@EXPORT_OK = qw( +crypt +); + +# Preloaded methods go here. Autoload methods go after __END__, and are +# processed by the autosplit program. +bootstrap DES; +1; +__END__ diff --git a/secure/lib/libdes/DES.pod b/secure/lib/libdes/DES.pod new file mode 100644 index 0000000..8a739e7 --- /dev/null +++ b/secure/lib/libdes/DES.pod @@ -0,0 +1,16 @@ +crypt <= crypt(buf,salt) +key <= set_odd_parity(key) +int <= is_weak_key(key) +keysched<= set_key(key) +key <= ecb_encrypt(string8,ks,enc) +key <= ecb3_encrypt(input,ks1,ks2,enc) +string <= cbc_encrypt(input,ks,ivec,enc) => ivec +string <= cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,enc) => ivec1&ivec2 +ck1,ck2 <= cbc_cksum(input,ks,ivec) => ivec +string <= pcbc_encrypt(input,ks,ivec,enc) => ivec +string <= ofb_encrypt(input,numbits,ks,ivec) => ivec +string <= cfb_encrypt(input,numbits,ks,ivec,enc) => ivec +key <= random_key() +key <= string_to_key(string) +key1,key2<= string_to_2keys(string) + diff --git a/secure/lib/libdes/DES.xs b/secure/lib/libdes/DES.xs new file mode 100644 index 0000000..def220b --- /dev/null +++ b/secure/lib/libdes/DES.xs @@ -0,0 +1,268 @@ +#include "EXTERN.h" +#include "perl.h" +#include "XSUB.h" +#include "des.h" + +#define deschar char +static STRLEN len; + +static int +not_here(s) +char *s; +{ + croak("%s not implemented on this architecture", s); + return -1; +} + +MODULE = DES PACKAGE = DES PREFIX = des_ + +char * +des_crypt(buf,salt) + char * buf + char * salt + +void +des_set_odd_parity(key) + des_cblock * key +PPCODE: + { + SV *s; + + s=sv_newmortal(); + sv_setpvn(s,(char *)key,8); + des_set_odd_parity((des_cblock *)SvPV(s,na)); + PUSHs(s); + } + +int +des_is_weak_key(key) + des_cblock * key + +des_key_schedule +des_set_key(key) + des_cblock * key +CODE: + des_set_key(key,RETVAL); +OUTPUT: +RETVAL + +des_cblock +des_ecb_encrypt(input,ks,encrypt) + des_cblock * input + des_key_schedule * ks + int encrypt +CODE: + des_ecb_encrypt(input,&RETVAL,*ks,encrypt); +OUTPUT: +RETVAL + +void +des_cbc_encrypt(input,ks,ivec,encrypt) + char * input + des_key_schedule * ks + des_cblock * ivec + int encrypt +PPCODE: + { + SV *s; + STRLEN len,l; + char *c; + + l=SvCUR(ST(0)); + len=((((unsigned long)l)+7)/8)*8; + s=sv_newmortal(); + sv_setpvn(s,"",0); + SvGROW(s,len); + SvCUR_set(s,len); + c=(char *)SvPV(s,na); + des_cbc_encrypt((des_cblock *)input,(des_cblock *)c, + l,*ks,ivec,encrypt); + sv_setpvn(ST(2),(char *)c[len-8],8); + PUSHs(s); + } + +void +des_cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,encrypt) + char * input + des_key_schedule * ks1 + des_key_schedule * ks2 + des_cblock * ivec1 + des_cblock * ivec2 + int encrypt +PPCODE: + { + SV *s; + STRLEN len,l; + + l=SvCUR(ST(0)); + len=((((unsigned long)l)+7)/8)*8; + s=sv_newmortal(); + sv_setpvn(s,"",0); + SvGROW(s,len); + SvCUR_set(s,len); + des_3cbc_encrypt((des_cblock *)input,(des_cblock *)SvPV(s,na), + l,*ks1,*ks2,ivec1,ivec2,encrypt); + sv_setpvn(ST(3),(char *)ivec1,8); + sv_setpvn(ST(4),(char *)ivec2,8); + PUSHs(s); + } + +void +des_cbc_cksum(input,ks,ivec) + char * input + des_key_schedule * ks + des_cblock * ivec +PPCODE: + { + SV *s1,*s2; + STRLEN len,l; + des_cblock c; + unsigned long i1,i2; + + s1=sv_newmortal(); + s2=sv_newmortal(); + l=SvCUR(ST(0)); + des_cbc_cksum((des_cblock *)input,(des_cblock *)c, + l,*ks,ivec); + i1=c[4]|(c[5]<<8)|(c[6]<<16)|(c[7]<<24); + i2=c[0]|(c[1]<<8)|(c[2]<<16)|(c[3]<<24); + sv_setiv(s1,i1); + sv_setiv(s2,i2); + sv_setpvn(ST(2),(char *)c,8); + PUSHs(s1); + PUSHs(s2); + } + +void +des_cfb_encrypt(input,numbits,ks,ivec,encrypt) + char * input + int numbits + des_key_schedule * ks + des_cblock * ivec + int encrypt +PPCODE: + { + SV *s; + STRLEN len; + char *c; + + len=SvCUR(ST(0)); + s=sv_newmortal(); + sv_setpvn(s,"",0); + SvGROW(s,len); + SvCUR_set(s,len); + c=(char *)SvPV(s,na); + des_cfb_encrypt((unsigned char *)input,(unsigned char *)c, + (int)numbits,(long)len,*ks,ivec,encrypt); + sv_setpvn(ST(3),(char *)ivec,8); + PUSHs(s); + } + +des_cblock * +des_ecb3_encrypt(input,ks1,ks2,encrypt) + des_cblock * input + des_key_schedule * ks1 + des_key_schedule * ks2 + int encrypt +CODE: + { + des_cblock c; + + des_3ecb_encrypt((des_cblock *)input,(des_cblock *)&c, + *ks1,*ks2,encrypt); + RETVAL= &c; + } +OUTPUT: +RETVAL + +void +des_ofb_encrypt(input,numbits,ks,ivec) + unsigned char * input + int numbits + des_key_schedule * ks + des_cblock * ivec +PPCODE: + { + SV *s; + STRLEN len,l; + unsigned char *c; + + len=SvCUR(ST(0)); + s=sv_newmortal(); + sv_setpvn(s,"",0); + SvGROW(s,len); + SvCUR_set(s,len); + c=(unsigned char *)SvPV(s,na); + des_ofb_encrypt((unsigned char *)input,(unsigned char *)c, + numbits,len,*ks,ivec); + sv_setpvn(ST(3),(char *)ivec,8); + PUSHs(s); + } + +void +des_pcbc_encrypt(input,ks,ivec,encrypt) + char * input + des_key_schedule * ks + des_cblock * ivec + int encrypt +PPCODE: + { + SV *s; + STRLEN len,l; + char *c; + + l=SvCUR(ST(0)); + len=((((unsigned long)l)+7)/8)*8; + s=sv_newmortal(); + sv_setpvn(s,"",0); + SvGROW(s,len); + SvCUR_set(s,len); + c=(char *)SvPV(s,na); + des_pcbc_encrypt((des_cblock *)input,(des_cblock *)c, + l,*ks,ivec,encrypt); + sv_setpvn(ST(2),(char *)c[len-8],8); + PUSHs(s); + } + +des_cblock * +des_random_key() +CODE: + { + des_cblock c; + + des_random_key(c); + RETVAL=&c; + } +OUTPUT: +RETVAL + +des_cblock * +des_string_to_key(str) +char * str +CODE: + { + des_cblock c; + + des_string_to_key(str,&c); + RETVAL=&c; + } +OUTPUT: +RETVAL + +void +des_string_to_2keys(str) +char * str +PPCODE: + { + des_cblock c1,c2; + SV *s1,*s2; + + des_string_to_2keys(str,&c1,&c2); + EXTEND(sp,2); + s1=sv_newmortal(); + sv_setpvn(s1,(char *)c1,8); + s2=sv_newmortal(); + sv_setpvn(s2,(char *)c2,8); + PUSHs(s1); + PUSHs(s2); + } diff --git a/secure/lib/libdes/FILES b/secure/lib/libdes/FILES new file mode 100644 index 0000000..f8b0c81 --- /dev/null +++ b/secure/lib/libdes/FILES @@ -0,0 +1,96 @@ +/* General stuff */ +COPYRIGHT - Copyright info. +MODES.DES - A description of the features of the different modes of DES. +FILES - This file. +INSTALL - How to make things compile. +Imakefile - For use with kerberos. +README - What this package is. +VERSION - Which version this is and what was changed. +KERBEROS - Kerberos version 4 notes. +Makefile.PL - An old makefile to build with perl5, not current. +Makefile.ssl - The SSLeay makefile +Makefile.uni - The normal unix makefile. +GNUmakefile - The makefile for use with glibc. +makefile.bc - A Borland C makefile +times - Some outputs from 'speed' on some machines. +vms.com - For use when compiling under VMS + +/* My SunOS des(1) replacement */ +des.c - des(1) source code. +des.man - des(1) manual. + +/* Testing and timing programs. */ +destest.c - Source for libdes.a test program. +speed.c - Source for libdes.a timing program. +rpw.c - Source for libdes.a testing password reading routines. + +/* libdes.a source code */ +des_crypt.man - libdes.a manual page. +des.h - Public libdes.a header file. +ecb_enc.c - des_ecb_encrypt() source, this contains the basic DES code. +ecb3_enc.c - des_ecb3_encrypt() source. +cbc_ckm.c - des_cbc_cksum() source. +cbc_enc.c - des_cbc_encrypt() source. +ncbc_enc.c - des_cbc_encrypt() that is 'normal' in that it copies + the new iv values back in the passed iv vector. +ede_enc.c - des_ede3_cbc_encrypt() cbc mode des using triple DES. +cbc3_enc.c - des_3cbc_encrypt() source, don't use this function. +cfb_enc.c - des_cfb_encrypt() source. +cfb64enc.c - des_cfb64_encrypt() cfb in 64 bit mode but setup to be + used as a stream cipher. +cfb64ede.c - des_ede3_cfb64_encrypt() cfb in 64 bit mode but setup to be + used as a stream cipher and using triple DES. +ofb_enc.c - des_cfb_encrypt() source. +ofb64_enc.c - des_ofb_encrypt() ofb in 64 bit mode but setup to be + used as a stream cipher. +ofb64ede.c - des_ede3_ofb64_encrypt() ofb in 64 bit mode but setup to be + used as a stream cipher and using triple DES. +enc_read.c - des_enc_read() source. +enc_writ.c - des_enc_write() source. +pcbc_enc.c - des_pcbc_encrypt() source. +qud_cksm.c - quad_cksum() source. +rand_key.c - des_random_key() source. +read_pwd.c - Source for des_read_password() plus related functions. +set_key.c - Source for des_set_key(). +str2key.c - Covert a string of any length into a key. +fcrypt.c - A small, fast version of crypt(3). +des_locl.h - Internal libdes.a header file. +podd.h - Odd parity tables - used in des_set_key(). +sk.h - Lookup tables used in des_set_key(). +spr.h - What is left of the S tables - used in ecb_encrypt(). +version.h - header file for the external definition of the + version string. +des.doc - SSLeay documentation for the library. + +/* The perl scripts - you can ignore these files they are only + * included for the curious */ +des.pl - des in perl anyone? des_set_key and des_ecb_encrypt + both done in a perl library. +testdes.pl - Testing program for des.pl +doIP - Perl script used to develop IP xor/shift code. +doPC1 - Perl script used to develop PC1 xor/shift code. +doPC2 - Generates sk.h. +PC1 - Output of doPC1 should be the same as output from PC1. +PC2 - used in development of doPC2. +shifts.pl - Perl library used by my perl scripts. + +/* I started making a perl5 dynamic library for libdes + * but did not fully finish, these files are part of that effort. */ +DES.pm +DES.pod +DES.xs +t +typemap + +/* The following are for use with sun RPC implementaions. */ +rpc_des.h +rpc_enc.c + +/* The following are contibuted by Mark Murray <mark@grondar.za>. They + * are not normally built into libdes due to machine specific routines + * contained in them. They are for use in the most recent incarnation of + * export kerberos v 4 (eBones). */ +supp.c +new_rkey.c + + diff --git a/secure/lib/libdes/GNUmakefile b/secure/lib/libdes/GNUmakefile new file mode 100644 index 0000000..6372d08 --- /dev/null +++ b/secure/lib/libdes/GNUmakefile @@ -0,0 +1,35 @@ +# This was GNUmakefile +# I have changed the library a bit since I was last able to test the +# build so this may require a little tweaking. +# have fun. + +ifeq ($(wildcard ../Rules),) +# no glibc +include Makefile.uni +else +# We are part of glibc +default_cflags:= -O2 +subdir := des +headers:= des.h rpc_des.h + +routines:= $(destest) + cbc3_enc cbc_cksm cbc_enc cfb64enc cfb_enc \ + ecb3_enc ecb_enc ede_enc enc_read enc_writ \ + fcrypt ncbc_enc ofb64enc ofb_enc pcbc_enc \ + qud_cksm rand_key read_pwd rpc_enc set_key \ + str2key cfb64ede ofb64ede supp +distribute:= ARTISTIC COPYRIGHT FILES INSTALL Imakefile README VERSION \ + GNUmakefile times vms.com KERBEROS MODES.DES \ + des.man des_crypt.man \ + version.h des_locl.h podd.h sk.h spr.h \ + des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl \ + des.doc makefile.bc + +tests:= destest speed +override +gccwarn := -w +others:= des rpw +install:= des + +include ../Rules +endif + diff --git a/secure/lib/libdes/INSTALL b/secure/lib/libdes/INSTALL new file mode 100644 index 0000000..c8cc5be --- /dev/null +++ b/secure/lib/libdes/INSTALL @@ -0,0 +1,57 @@ +Check the CC and CFLAGS lines in the makefile + +If your C library does not support the times(3) function, change the +#define TIMES to +#undef TIMES in speed.c +If it does, check the HZ value for the times(3) function. +If your system does not define CLK_TCK it will be assumed to +be 100.0. + +If possible use gcc v 2.7.? +Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc) + +type 'make' + +run './destest' to check things are ok. +run './rpw' to check the tty code for reading passwords works. +run './speed' to see how fast those optimisations make the library run :-) + +A make install will by default install +libdes.a in /usr/local/lib/libdes.a +des in /usr/local/bin/des +des_crypt.man in /usr/local/man/man3/des_crypt.3 +des.man in /usr/local/man/man1/des.1 +des.h in /usr/include/des.h + +des(1) should be compatible with sunOS's but I have been unable to +test it. + +These routines should compile on MSDOS, most 32bit and 64bit version +of Unix (BSD and SYSV) and VMS, without modification. +The only problems should be #include files that are in the wrong places. + +These routines can be compiled under MSDOS. +I have successfully encrypted files using des(1) under MSDOS and then +decrypted the files on a SparcStation. +I have been able to compile and test the routines with +Microsoft C v 5.1 and Turbo C v 2.0. +The code in this library is in no way optimised for the 16bit +operation of MSDOS. Microsoft C generates code that is 40% slower +than Turbo C's code. I believe this is due to problems it has with +code generation with the 32bit shift operation in the IP and FP +sections. I have added some 16bit optimization in ecb_encrypt.c +and this generated a %70 speedup under Turbo C. Such are the +limitations of DOS compilers :-(. + +For Turbo C v 2.0, make sure to define MSDOS, in the relevant menu. + +There is an alternative version of the D_ENCRYPT macro that can be +enabled with the -DDES_USE_PTR option in the makefile. This alternative +macro can make a +-%20 speed difference to the DES encryption speed, +depending on the compiler/CPU combinations. +It has its greatest effect on Sparc machines when using the sun compiler. +If in doubt, try enable/disable it and running speed. It does not +seem to affect gcc much. + +When building for glibc, ignore all of the above and just unpack into +glibc-1.??/des and then gmake as per normal. diff --git a/secure/lib/libdes/Imakefile b/secure/lib/libdes/Imakefile new file mode 100644 index 0000000..c4592f2 --- /dev/null +++ b/secure/lib/libdes/Imakefile @@ -0,0 +1,35 @@ +# This Imakefile has not been tested for a while but it should still +# work when placed in the correct directory in the kerberos v 4 distribution + +SRCS= cbc_cksm.c cbc_enc.c ecb_enc.c pcbc_enc.c \ + qud_cksm.c rand_key.c read_pwd.c set_key.c str2key.c \ + enc_read.c enc_writ.c fcrypt.c cfb_enc.c \ + 3ecb_enc.c ofb_enc.c ofb64enc.c + +OBJS= cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \ + qud_cksm.o rand_key.o read_pwd.o set_key.o str2key.o \ + enc_read.o enc_writ.o fcrypt.o cfb_enc.o \ + 3ecb_enc.o ofb_enc.o ofb64enc.o + +GENERAL=COPYRIGHT FILES INSTALL Imakefile README VERSION makefile times \ + vms.com KERBEROS +DES= des.c des.man +TESTING=destest.c speed.c rpw.c +LIBDES= des_crypt.man des.h des_locl.h podd.h sk.h spr.h + +PERL= des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl + +CODE= $(GENERAL) $(DES) $(TESTING) $(SRCS) $(LIBDES) $(PERL) + +SRCDIR=$(SRCTOP)/lib/des + +DBG= -O +INCLUDE= -I$(SRCDIR) +CC= cc + +library_obj_rule() + +install_library_target(des,$(OBJS),$(SRCS),) + +test(destest,libdes.a,) +test(rpw,libdes.a,) diff --git a/secure/lib/libdes/KERBEROS b/secure/lib/libdes/KERBEROS new file mode 100644 index 0000000..f401b10 --- /dev/null +++ b/secure/lib/libdes/KERBEROS @@ -0,0 +1,41 @@ + [ This is an old file, I don't know if it is true anymore + but I will leave the file here - eay 21/11/95 ] + +To use this library with Bones (kerberos without DES): +1) Get my modified Bones - eBones. It can be found on + gondwana.ecr.mu.oz.au (128.250.1.63) /pub/athena/eBones-p9.tar.Z + and + nic.funet.fi (128.214.6.100) /pub/unix/security/Kerberos/eBones-p9.tar.Z + +2) Unpack this library in src/lib/des, makeing sure it is version + 3.00 or greater (libdes.tar.93-10-07.Z). This versions differences + from the version in comp.sources.misc volume 29 patchlevel2. + The primarily difference is that it should compile under kerberos :-). + It can be found at. + ftp.psy.uq.oz.au (130.102.32.1) /pub/DES/libdes.tar.93-10-07.Z + +Now do a normal kerberos build and things should work. + +One problem I found when I was build on my local sun. +--- +For sunOS 4.1.1 apply the following patch to src/util/ss/make_commands.c + +*** make_commands.c.orig Fri Jul 3 04:18:35 1987 +--- make_commands.c Wed May 20 08:47:42 1992 +*************** +*** 98,104 **** + if (!rename(o_file, z_file)) { + if (!vfork()) { + chdir("/tmp"); +! execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", "-n", + z_file+5, 0); + perror("/bin/ld"); + _exit(1); +--- 98,104 ---- + if (!rename(o_file, z_file)) { + if (!vfork()) { + chdir("/tmp"); +! execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", + z_file+5, 0); + perror("/bin/ld"); + _exit(1); diff --git a/secure/lib/libdes/MODES.DES b/secure/lib/libdes/MODES.DES new file mode 100644 index 0000000..18934b5 --- /dev/null +++ b/secure/lib/libdes/MODES.DES @@ -0,0 +1,84 @@ +Modes of DES +Quite a bit of the following information has been taken from + AS 2805.5.2 + Australian Standard + Electronic funds transfer - Requirements for interfaces, + Part 5.2: Modes of operation for an n-bit block cipher algorithm + Appendix A + +There are several different modes in which DES can be used, they are +as follows. + +Electronic Codebook Mode (ECB) (des_ecb_encrypt()) +- 64 bits are enciphered at a time. +- The order of the blocks can be rearranged without detection. +- The same plaintext block always produces the same ciphertext block + (for the same key) making it vulnerable to a 'dictionary attack'. +- An error will only affect one ciphertext block. + +Cipher Block Chaining Mode (CBC) (des_cbc_encrypt()) +- a multiple of 64 bits are enciphered at a time. +- The CBC mode produces the same ciphertext whenever the same + plaintext is encrypted using the same key and starting variable. +- The chaining operation makes the ciphertext blocks dependent on the + current and all preceding plaintext blocks and therefore blocks can not + be rearranged. +- The use of different starting variables prevents the same plaintext + enciphering to the same ciphertext. +- An error will affect the current and the following ciphertext blocks. + +Cipher Feedback Mode (CFB) (des_cfb_encrypt()) +- a number of bits (j) <= 64 are enciphered at a time. +- The CFB mode produces the same ciphertext whenever the same + plaintext is encrypted using the same key and starting variable. +- The chaining operation makes the ciphertext variables dependent on the + current and all preceding variables and therefore j-bit variables are + chained together and con not be rearranged. +- The use of different starting variables prevents the same plaintext + enciphering to the same ciphertext. +- The strength of the CFB mode depends on the size of k (maximal if + j == k). In my implementation this is always the case. +- Selection of a small value for j will require more cycles through + the encipherment algorithm per unit of plaintext and thus cause + greater processing overheads. +- Only multiples of j bits can be enciphered. +- An error will affect the current and the following ciphertext variables. + +Output Feedback Mode (OFB) (des_ofb_encrypt()) +- a number of bits (j) <= 64 are enciphered at a time. +- The OFB mode produces the same ciphertext whenever the same + plaintext enciphered using the same key and starting variable. More + over, in the OFB mode the same key stream is produced when the same + key and start variable are used. Consequently, for security reasons + a specific start variable should be used only once for a given key. +- The absence of chaining makes the OFB more vulnerable to specific attacks. +- The use of different start variables values prevents the same + plaintext enciphering to the same ciphertext, by producing different + key streams. +- Selection of a small value for j will require more cycles through + the encipherment algorithm per unit of plaintext and thus cause + greater processing overheads. +- Only multiples of j bits can be enciphered. +- OFB mode of operation does not extend ciphertext errors in the + resultant plaintext output. Every bit error in the ciphertext causes + only one bit to be in error in the deciphered plaintext. +- OFB mode is not self-synchronising. If the two operation of + encipherment and decipherment get out of synchronism, the system needs + to be re-initialised. +- Each re-initialisation should use a value of the start variable +different from the start variable values used before with the same +key. The reason for this is that an identical bit stream would be +produced each time from the same parameters. This would be +susceptible to a 'known plaintext' attack. + +Triple ECB Mode (des_3ecb_encrypt()) +- Encrypt with key1, decrypt with key2 and encrypt with key1 again. +- As for ECB encryption but increases the effective key length to 112 bits. +- If both keys are the same it is equivalent to encrypting once with + just one key. + +Triple CBC Mode (des_3cbc_encrypt()) +- Encrypt with key1, decrypt with key2 and encrypt with key1 again. +- As for CBC encryption but increases the effective key length to 112 bits. +- If both keys are the same it is equivalent to encrypting once with + just one key. diff --git a/secure/lib/libdes/Makefile.PL b/secure/lib/libdes/Makefile.PL new file mode 100644 index 0000000..41a7e0f --- /dev/null +++ b/secure/lib/libdes/Makefile.PL @@ -0,0 +1,14 @@ +use ExtUtils::MakeMaker; +# See lib/ExtUtils/MakeMaker.pm for details of how to influence +# the contents of the Makefile being created. +&writeMakefile( + 'potential_libs' => '', # e.g., '-lm' + 'INC' => '', # e.g., '-I/usr/include/other' + 'DISTNAME' => 'DES', + 'VERSION' => '0.1', + 'DEFINE' => '-DPERL5', + 'OBJECT' => 'DES.o cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \ + rand_key.o set_key.o str2key.o \ + enc_read.o enc_writ.o fcrypt.o cfb_enc.o \ + ecb3_enc.o ofb_enc.o cbc3_enc.o', + ); diff --git a/secure/lib/libdes/Makefile.ssl b/secure/lib/libdes/Makefile.ssl new file mode 100644 index 0000000..dec4456 --- /dev/null +++ b/secure/lib/libdes/Makefile.ssl @@ -0,0 +1,89 @@ +# +# SSLeay/crypto/des/Makefile +# + +DIR= des +TOP= ../.. +CC= cc +INCLUDES= +CFLAG=-g +INSTALLTOP=/usr/local/ssl +MAKE= make -f Makefile.ssl +MAKEDEPEND= makedepend -fMakefile.ssl +MAKEFILE= Makefile.ssl + +CFLAGS= $(INCLUDES) $(CFLAG) + +GENERAL=Makefile +TEST=destest.c +APPS= + +LIB=$(TOP)/libcrypto.a +LIBSRC= cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \ + ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c \ + fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c \ + qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c \ + str2key.c cfb64ede.c ofb64ede.c supp.c + +LIBOBJ= cbc3_enc.o cbc_cksm.o cbc_enc.o cfb64enc.o cfb_enc.o \ + ecb3_enc.o ecb_enc.o ede_enc.o enc_read.o enc_writ.o \ + fcrypt.o ncbc_enc.o ofb64enc.o ofb_enc.o pcbc_enc.o \ + qud_cksm.o rand_key.o read_pwd.o rpc_enc.o set_key.o \ + str2key.o cfb64ede.o ofb64ede.o supp.o + +SRC= $(LIBSRC) + +EXHEADER= des.h +HEADER= des_locl.h rpc_des.h podd.h sk.h spr.h version.h $(EXHEADER) + +ALL= $(GENERAL) $(SRC) $(HEADER) + +top: + (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) + +all: lib + +lib: $(LIBOBJ) + ar r $(LIB) $(LIBOBJ) + $(TOP)/util/ranlib.sh $(LIB) + @touch lib + +links: + /bin/rm -f Makefile + $(TOP)/util/point.sh Makefile.ssl Makefile + /bin/rm -f des.doc + $(TOP)/util/point.sh ../../doc/des.doc . + $(TOP)/util/mklink.sh ../../include $(EXHEADER) + $(TOP)/util/mklink.sh ../../test $(TEST) + $(TOP)/util/mklink.sh ../../apps $(APPS) + +install: installs + +installs: + @for i in $(EXHEADER) ; \ + do \ + (cp $$i $(INSTALLTOP)/include/$$i; \ + chmod 644 $(INSTALLTOP)/include/$$i ) \ + done; + +tags: + ctags $(SRC) + +tests: + +lint: + lint -DLINT $(INCLUDES) $(SRC)>fluff + +depend: + $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC) + +dclean: + sed -e '/^# DO NOT DELETE THIS LINE/ q' $(MAKEFILE) >Makefile.new + mv -f Makefile.new $(MAKEFILE) + +clean: + /bin/rm -f *.o *.obj lib tags core .nfs* *.old *.bak fluff + +errors: + +# DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/secure/lib/libdes/Makefile.uni b/secure/lib/libdes/Makefile.uni new file mode 100644 index 0000000..972a845 --- /dev/null +++ b/secure/lib/libdes/Makefile.uni @@ -0,0 +1,149 @@ +# You must select the correct terminal control system to be used to +# turn character echo off when reading passwords. There a 5 systems +# SGTTY - the old BSD system +# TERMIO - most system V boxes +# TERMIOS - SGI (ala IRIX). +# VMS - the DEC operating system +# MSDOS - we all know what it is :-) +# read_pwd.c makes a reasonable guess at what is correct. + +OPTS0= -DRAND -DTERMIO #-DNOCONST + +# Version 1.94 has changed the strings_to_key function so that it is +# now compatible with MITs when the string is longer than 8 characters. +# If you wish to keep the old version, uncomment the following line. +# This will affect the -E/-D options on des(1). +#OPTS1= -DOLD_STR_TO_KEY + +# This #define specifies the use of an alternative D_ENCRYPT macro in +# ecb_encrypt. The choice of macro can make a %20 difference in the +# speed. Unfortunatly the choise of the best macro appears to be very +# dependant on the compiler and the machine in question. +# For the following combinations use the ALT_ECB option. +# Sparc 2 (cc -O4), sun 3/260 (cc -O4) +# For the following combinations do not use the ALT_ECB option. +# Sparc 2 (gcc2 -O2), sun 3/260 (cc -O2), mvax2 (cc -O), MSDOS (Turbo Cv2) +# For other machines, experiment with changing the option and run +# ./speed to see which is faster. +# DO NOT TURN THIS OPTION ON WHEN COMPILING THIS CODE ON A 64 BIT MACHINE +#OPTS2= -DDES_USE_PTR + +OPTS= $(OPTS0) $(OPTS1) $(OPTS2) + +#CC=cc +#CFLAGS= -O $(OPTS) $(CFLAG) + +CC=gcc +CFLAGS= -O3 -fomit-frame-pointer $(OPTS) $(CFLAG) + +LIBDIR=/usr/local/lib +BINDIR=/usr/local/bin +INCDIR=/usr/local/include +MANDIR=/usr/local/man +MAN1=1 +MAN3=3 +SHELL=/bin/sh +OBJS= cbc3_enc.o cbc_cksm.o cbc_enc.o ncbc_enc.o pcbc_enc.o qud_cksm.o \ + cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o ecb_enc.o ede_enc.o \ + enc_read.o enc_writ.o fcrypt.o ofb64ede.o ofb64enc.o ofb_enc.o \ + rand_key.o read_pwd.o set_key.o rpc_enc.o str2key.o supp.o + +GENERAL=COPYRIGHT FILES INSTALL Imakefile README VERSION Makefile \ + times vms.com KERBEROS MODES.DES GNUmakefile des.man \ + DES.pm DES.pod DES.xs Makefile.PL Makefile.uni typemap t \ + des_crypt.man Makefile.ssl des.doc makefile.bc +DES= des.c +TESTING=destest.c speed.c rpw.c +HEADERS=version.h des.h des_locl.h podd.h sk.h spr.h rpc_des.h +LIBDES= cbc3_enc.c cbc_cksm.c cbc_enc.c ncbc_enc.c pcbc_enc.c qud_cksm.c \ + cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c \ + enc_read.c enc_writ.c fcrypt.c ofb64ede.c ofb64enc.c ofb_enc.c \ + rand_key.c read_pwd.c set_key.c rpc_enc.c str2key.c supp.c + +PERL= des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl + +ALL= $(GENERAL) $(DES) $(TESTING) $(LIBDES) $(PERL) $(HEADERS) + +DLIB= libdes.a + +all: $(DLIB) destest rpw des speed + +test: all + ./destest + +$(DLIB): $(OBJS) + /bin/rm -f $(DLIB) + ar cr $(DLIB) $(OBJS) + -if test -s /bin/ranlib; then /bin/ranlib $(DLIB); \ + else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(DLIB); \ + else exit 0; fi; fi + +destest: destest.o libdes.a + $(CC) $(CFLAGS) -o destest destest.o libdes.a + +rpw: rpw.o libdes.a + $(CC) $(CFLAGS) -o rpw rpw.o libdes.a + +speed: speed.o libdes.a + $(CC) $(CFLAGS) -o speed speed.o libdes.a + +des: des.o libdes.a + $(CC) $(CFLAGS) -o des des.o libdes.a + +tags: + ctags $(DES) $(TESTING) $(LIBDES) + +tar: + tar chf libdes.tar $(ALL) + +shar: + shar $(ALL) >libdes.shar + +depend: + makedepend $(LIBDES) $(DES) $(TESTING) + +clean: + /bin/rm -f *.o tags core rpw destest des speed $(DLIB) .nfs* *.old \ + *.bak destest rpw des speed + +dclean: + sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new + mv -f Makefile.new Makefile + +# Eric is probably going to choke when he next looks at this --tjh +install: $(DLIB) des + if test $(INSTALLTOP); then \ + echo SSL style install; \ + cp $(DLIB) $(INSTALLTOP)/lib; \ + if test -s /bin/ranlib; then \ + /bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \ + else \ + if test -s /usr/bin/ranlib; then \ + /usr/bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \ + fi; fi; \ + chmod 644 $(INSTALLTOP)/lib/$(DLIB); \ + cp des.h $(INSTALLTOP)/include; \ + chmod 644 $(INSTALLTOP)/include/des.h; \ + cp des $(INSTALLTOP)/bin; \ + chmod 755 $(INSTALLTOP)/bin/des; \ + else \ + echo Standalone install; \ + cp $(DLIB) $(LIBDIR)/$(DLIB); \ + if test -s /bin/ranlib; then \ + /bin/ranlib $(LIBDIR)/$(DLIB); \ + else \ + if test -s /usr/bin/ranlib; then \ + /usr/bin/ranlib $(LIBDIR)/$(DLIB); \ + fi; \ + fi; \ + chmod 644 $(LIBDIR)/$(DLIB); \ + cp des $(BINDIR)/des; \ + chmod 711 $(BINDIR)/des; \ + cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \ + chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \ + cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \ + chmod 644 $(MANDIR)/man$(MAN1)/des.$(MAN1); \ + cp des.h $(INCDIR)/des.h; \ + chmod 644 $(INCDIR)/des.h; \ + fi +# DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/secure/lib/libdes/PC1 b/secure/lib/libdes/PC1 new file mode 100644 index 0000000..efb8348 --- /dev/null +++ b/secure/lib/libdes/PC1 @@ -0,0 +1,28 @@ +#!/usr/local/bin/perl + +@PC1=( 57,49,41,33,25,17, 9, + 1,58,50,42,34,26,18, + 10, 2,59,51,43,35,27, + 19,11, 3,60,52,44,36, + "-","-","-","-", + 63,55,47,39,31,23,15, + 7,62,54,46,38,30,22, + 14, 6,61,53,45,37,29, + 21,13, 5,28,20,12, 4, + "-","-","-","-", + ); + +foreach (@PC1) + { + if ($_ ne "-") + { + $_--; + $_=int($_/8)*8+7-($_%8); + printf "%2d ",$_; + } + else + { print "-- "; } + print "\n" if (((++$i) % 8) == 0); + print "\n" if ((($i) % 32) == 0); + } + diff --git a/secure/lib/libdes/PC2 b/secure/lib/libdes/PC2 new file mode 100644 index 0000000..2d56027 --- /dev/null +++ b/secure/lib/libdes/PC2 @@ -0,0 +1,57 @@ +#!/usr/local/bin/perl + +@PC2_C=(14,17,11,24, 1, 5, + 3,28,15, 6,21,10, + 23,19,12, 4,26, 8, + 16, 7,27,20,13, 2, + ); + +@PC2_D=(41,52,31,37,47,55, + 30,40,51,45,33,48, + 44,49,39,56,34,53, + 46,42,50,36,29,32, + ); + +foreach (@PC2_C) { + if ($_ ne "-") + { + $_--; + printf "%2d ",$_; } + else { print "-- "; } + $C{$_}=1; + print "\n" if (((++$i) % 8) == 0); + } +$i=0; +print "\n"; +foreach (@PC2_D) { + if ($_ ne "-") + { + $_-=29; + printf "%2d ",$_; } + else { print "-- "; } + $D{$_}=1; + print "\n" if (((++$i) % 8) == 0); } + +print "\n"; +foreach $i (0 .. 27) + { + $_=$C{$i}; + if ($_ ne "-") {printf "%2d ",$_;} + else { print "-- "; } + print "\n" if (((++$i) % 8) == 0); + } +print "\n"; + +print "\n"; +foreach $i (0 .. 27) + { + $_=$D{$i}; + if ($_ ne "-") {printf "%2d ",$_;} + else { print "-- "; } + print "\n" if (((++$i) % 8) == 0); + } +print "\n"; +sub numsort + { + $a-$b; + } diff --git a/secure/lib/libdes/README b/secure/lib/libdes/README new file mode 100644 index 0000000..3264c2f --- /dev/null +++ b/secure/lib/libdes/README @@ -0,0 +1,48 @@ + + libdes, Version 3.21 21/11/95 + + Copyright (c) 1995, Eric Young + All rights reserved. + + This program is free software; you can redistribute it and/or modify + it under the terms specified in COPYRIGHT. + +-- +The primary ftp site for this library is +ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz +libdes is now also shipped with SSLeay. Primary ftp site of +ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.xx.tar.gz + +The best way to build this library is to build it as part of SSLeay. + +This kit builds a DES encryption library and a DES encryption program. +It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb, +triple cfb, and MIT's pcbc encryption modes and also has a fast +implementation of crypt(3). +It contains support routines to read keys from a terminal, +generate a random key, generate a key from an arbitrary length string, +read/write encrypted data from/to a file descriptor. + +The implementation was written so as to conform with the manual entry +for the des_crypt(3) library routines from MIT's project Athena. + +destest should be run after compilation to test the des routines. +rpw should be run after compilation to test the read password routines. +The des program is a replacement for the sun des command. I believe it +conforms to the sun version. + +The Imakefile is setup for use in the kerberos distribution. + +These routines are best compiled with gcc or any other good +optimising compiler. +Just turn you optimiser up to the highest settings and run destest +after the build to make sure everything works. + +I believe these routines are close to the fastest and most portable DES +routines that use small lookup tables (4.5k) that are publicly available. +The fcrypt routine is faster than ufc's fcrypt (when compiling with +gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines +(on a sun3/260 168 vs 336). It is a function of CPU on chip cache size. + +Eric Young (eay@mincom.oz.au or eay@psych.psy.uq.oz.au) + diff --git a/secure/lib/libdes/VERSION b/secure/lib/libdes/VERSION new file mode 100644 index 0000000..5d25ddc --- /dev/null +++ b/secure/lib/libdes/VERSION @@ -0,0 +1,318 @@ +Version 3.22 29/11/95 + Bug in des(1), an error with the uuencoding stuff when the + 'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au> + for the patch. + +Version 3.21 22/11/95 + After some emailing back and forth with + Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things + and in a future version I will probably put in some of the + optimisation he suggested for use with the DES_USE_PTR option. + Extra routines from Mark Murray <mark@grondar.za> for use in + freeBSD. They mostly involve random number generation for use + with kerberos. They involve evil machine specific system calls + etc so I would normally suggest pushing this stuff into the + application and/or using RAND_seed()/RAND_bytes() if you are + using this DES library as part of SSLeay. + Redone the read_pw() function so that it is cleaner and + supports termios, thanks to Sameer Parekh <sameer@c2.org> + for the initial patches for this. + Renamed 3ecb_encrypt() to ecb3_encrypt(). This has been + done just to make things more consistent. + I have also now added triple DES versions of cfb and ofb. + +Version 3.20 + Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com, + my des_random_seed() function was only copying 4 bytes of the + passed seed into the init structure. It is now fixed to copy 8. + My own suggestion is to used something like MD5 :-) + +Version 3.19 + While looking at my code one day, I though, why do I keep on + calling des_encrypt(in,out,ks,enc) when every function that + calls it has in and out the same. So I dropped the 'out' + parameter, people should not be using this function. + +Version 3.18 30/08/95 + Fixed a few bit with the distribution and the filenames. + 3.17 had been munged via a move to DOS and back again. + NO CODE CHANGES + +Version 3.17 14/07/95 + Fixed ede3 cbc which I had broken in 3.16. I have also + removed some unneeded variables in 7-8 of the routines. + +Version 3.16 26/06/95 + Added des_encrypt2() which does not use IP/FP, used by triple + des routines. Tweaked things a bit elsewhere. %13 speedup on + sparc and %6 on a R4400 for ede3 cbc mode. + +Version 3.15 06/06/95 + Added des_ncbc_encrypt(), it is des_cbc mode except that it is + 'normal' and copies the new iv value back over the top of the + passed parameter. + CHANGED des_ede3_cbc_encrypt() so that it too now overwrites + the iv. THIS WILL BREAK EXISTING CODE, but since this function + only new, I feel I can change it, not so with des_cbc_encrypt :-(. + I need to update the documentation. + +Version 3.14 31/05/95 + New release upon the world, as part of my SSL implementation. + New copyright and usage stuff. Basically free for all to use + as long as you say it came from me :-) + +Version 3.13 31/05/95 + A fix in speed.c, if HZ is not defined, I set it to 100.0 + which is reasonable for most unixes except SunOS 4.x. + I now have a #ifdef sun but timing for SunOS 4.x looked very + good :-(. At my last job where I used SunOS 4.x, it was + defined to be 60.0 (look at the old INSTALL documentation), at + the last release had it changed to 100.0 since I now work with + Solaris2 and SVR4 boxes. + Thanks to Rory Chisholm <rchishol@math.ethz.ch> for pointing this + one out. + +Version 3.12 08/05/95 + As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>, + my D_ENCRYPT macro in crypt() had an un-necessary variable. + It has been removed. + +Version 3.11 03/05/95 + Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys + and one iv. It is a standard and I needed it for my SSL code. + It makes more sense to use this for triple DES than + 3cbc_encrypt(). I have also added (or should I say tested :-) + cfb64_encrypt() which is cfb64 but it will encrypt a partial + number of bytes - 3 bytes in 3 bytes out. Again this is for + my SSL library, as a form of encryption to use with SSL + telnet. + +Version 3.10 22/03/95 + Fixed a bug in 3cbc_encrypt() :-(. When making repeated calls + to cbc3_encrypt, the 2 iv values that were being returned to + be used in the next call were reversed :-(. + Many thanks to Bill Wade <wade@Stoner.COM> for pointing out + this error. + +Version 3.09 01/02/95 + Fixed des_random_key to far more random, it was rather feeble + with regards to picking the initial seed. The problem was + pointed out by Olaf Kirch <okir@monad.swb.de>. + +Version 3.08 14/12/94 + Added Makefile.PL so libdes can be built into perl5. + Changed des_locl.h so RAND is always defined. + +Version 3.07 05/12/94 + Added GNUmake and stuff so the library can be build with + glibc. + +Version 3.06 30/08/94 + Added rpc_enc.c which contains _des_crypt. This is for use in + secure_rpc v 4.0 + Finally fixed the cfb_enc problems. + Fixed a few parameter parsing bugs in des (-3 and -b), thanks + to Rob McMillan <R.McMillan@its.gu.edu.au> + +Version 3.05 21/04/94 + for unsigned long l; gcc does not produce ((l>>34) == 0) + This causes bugs in cfb_enc. + Thanks to Hadmut Danisch <danisch@ira.uka.de> + +Version 3.04 20/04/94 + Added a version number to des.c and libdes.a + +Version 3.03 12/01/94 + Fixed a bug in non zero iv in 3cbc_enc. + +Version 3.02 29/10/93 + I now work in a place where there are 6+ architectures and 14+ + OS versions :-). + Fixed TERMIO definition so the most sys V boxes will work :-) + +Release upon comp.sources.misc +Version 3.01 08/10/93 + Added des_3cbc_encrypt() + +Version 3.00 07/10/93 + Fixed up documentation. + quad_cksum definitely compatible with MIT's now. + +Version 2.30 24/08/93 + Triple DES now defaults to triple cbc but can do triple ecb + with the -b flag. + Fixed some MSDOS uuen/uudecoding problems, thanks to + Added prototypes. + +Version 2.22 29/06/93 + Fixed a bug in des_is_weak_key() which stopped it working :-( + thanks to engineering@MorningStar.Com. + +Version 2.21 03/06/93 + des(1) with no arguments gives quite a bit of help. + Added -c (generate ckecksum) flag to des(1). + Added -3 (triple DES) flag to des(1). + Added cfb and ofb routines to the library. + +Version 2.20 11/03/93 + Added -u (uuencode) flag to des(1). + I have been playing with byte order in quad_cksum to make it + compatible with MIT's version. All I can say is avid this + function if possible since MIT's output is endian dependent. + +Version 2.12 14/10/92 + Added MSDOS specific macro in ecb_encrypt which gives a %70 + speed up when the code is compiled with turbo C. + +Version 2.11 12/10/92 + Speedup in set_key (recoding of PC-1) + I now do it in 47 simple operations, down from 60. + Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov) + for motivating me to look for a faster system :-) + The speedup is probably less that 1% but it is still 13 + instructions less :-). + +Version 2.10 06/10/92 + The code now works on the 64bit ETA10 and CRAY without modifications or + #defines. I believe the code should work on any machine that + defines long, int or short to be 8 bytes long. + Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu) + for helping me fix the code to run on 64bit machines (he had + access to an ETA10). + Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov> + for testing the routines on a CRAY. + read_password.c has been renamed to read_passwd.c + string_to_key.c has been renamed to string2key.c + +Version 2.00 14/09/92 + Made mods so that the library should work on 64bit CPU's. + Removed all my uchar and ulong defs. To many different + versions of unix define them in their header files in too many + different combinations :-) + IRIX - Sillicon Graphics mods (mostly in read_password.c). + Thanks to Andrew Daviel (advax@erich.triumf.ca) + +Version 1.99 26/08/92 + Fixed a bug or 2 in enc_read.c + Fixed a bug in enc_write.c + Fixed a pseudo bug in fcrypt.c (very obscure). + +Version 1.98 31/07/92 + Support for the ETA10. This is a strange machine that defines + longs and ints as 8 bytes and shorts as 4 bytes. + Since I do evil things with long * that assume that they are 4 + bytes. Look in the Makefile for the option to compile for + this machine. quad_cksum appears to have problems but I + will don't have the time to fix it right now, and this is not + a function that uses DES and so will not effect the main uses + of the library. + +Version 1.97 20/05/92 eay + Fixed the Imakefile and made some changes to des.h to fix some + problems when building this package with Kerberos v 4. + +Version 1.96 18/05/92 eay + Fixed a small bug in string_to_key() where problems could + occur if des_check_key was set to true and the string + generated a weak key. + +Patch2 posted to comp.sources.misc +Version 1.95 13/05/92 eay + Added an alternative version of the D_ENCRYPT macro in + ecb_encrypt and fcrypt. Depending on the compiler, one version or the + other will be faster. This was inspired by + Dana How <how@isl.stanford.edu>, and her pointers about doing the + *(ulong *)((uchar *)ptr+(value&0xfc)) + vs + ptr[value&0x3f] + to stop the C compiler doing a <<2 to convert the long array index. + +Version 1.94 05/05/92 eay + Fixed an incompatibility between my string_to_key and the MIT + version. When the key is longer than 8 chars, I was wrapping + with a different method. To use the old version, define + OLD_STR_TO_KEY in the makefile. Thanks to + viktor@newsu.shearson.com (Viktor Dukhovni). + +Version 1.93 28/04/92 eay + Fixed the VMS mods so that echo is now turned off in + read_password. Thanks again to brennan@coco.cchs.su.oz.AU. + MSDOS support added. The routines can be compiled with + Turbo C (v2.0) and MSC (v5.1). Make sure MSDOS is defined. + +Patch1 posted to comp.sources.misc +Version 1.92 13/04/92 eay + Changed D_ENCRYPT so that the rotation of R occurs outside of + the loop. This required rotating all the longs in sp.h (now + called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM> + speed.c has been changed so it will work without SIGALRM. If + times(3) is not present it will try to use ftime() instead. + +Version 1.91 08/04/92 eay + Added -E/-D options to des(1) so it can use string_to_key. + Added SVR4 mods suggested by witr@rwwa.COM + Added VMS mods suggested by brennan@coco.cchs.su.oz.AU. If + anyone knows how to turn of tty echo in VMS please tell me or + implement it yourself :-). + Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS + does not like IN/OUT being used. + +Libdes posted to comp.sources.misc +Version 1.9 24/03/92 eay + Now contains a fast small crypt replacement. + Added des(1) command. + Added des_rw_mode so people can use cbc encryption with + enc_read and enc_write. + +Version 1.8 15/10/91 eay + Bug in cbc_cksum. + Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this + one out. + +Version 1.7 24/09/91 eay + Fixed set_key :-) + set_key is 4 times faster and takes less space. + There are a few minor changes that could be made. + +Version 1.6 19/09/1991 eay + Finally go IP and FP finished. + Now I need to fix set_key. + This version is quite a bit faster that 1.51 + +Version 1.52 15/06/1991 eay + 20% speedup in ecb_encrypt by changing the E bit selection + to use 2 32bit words. This also required modification of the + sp table. There is still a way to speedup the IP and IP-1 + (hints from outer@sq.com) still working on this one :-(. + +Version 1.51 07/06/1991 eay + Faster des_encrypt by loop unrolling + Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu) + +Version 1.50 28/05/1991 eay + Optimised the code a bit more for the sparc. I have improved the + speed of the inner des_encrypt by speeding up the initial and + final permutations. + +Version 1.40 23/10/1990 eay + Fixed des_random_key, it did not produce a random key :-( + +Version 1.30 2/10/1990 eay + Have made des_quad_cksum the same as MIT's, the full package + should be compatible with MIT's + Have tested on a DECstation 3100 + Still need to fix des_set_key (make it faster). + Does des_cbc_encrypts at 70.5k/sec on a 3100. + +Version 1.20 18/09/1990 eay + Fixed byte order dependencies. + Fixed (I hope) all the word alignment problems. + Speedup in des_ecb_encrypt. + +Version 1.10 11/09/1990 eay + Added des_enc_read and des_enc_write. + Still need to fix des_quad_cksum. + Still need to document des_enc_read and des_enc_write. + +Version 1.00 27/08/1990 eay + diff --git a/secure/lib/libdes/cbc3_enc.c b/secure/lib/libdes/cbc3_enc.c new file mode 100644 index 0000000..11aa3ff --- /dev/null +++ b/secure/lib/libdes/cbc3_enc.c @@ -0,0 +1,88 @@ +/* lib/des/cbc3_enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* HAS BUGS? DON'T USE */ +void des_3cbc_encrypt(input, output, length, ks1, ks2, iv1, iv2, encrypt) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule ks1; +des_key_schedule ks2; +des_cblock (*iv1); +des_cblock (*iv2); +int encrypt; + { + int off=(length-1)/8; + long l8=((length+7)/8)*8; + des_cblock niv1,niv2; + + if (encrypt == DES_ENCRYPT) + { + des_cbc_encrypt(input,output,length,ks1,iv1,encrypt); + if (length >= sizeof(des_cblock)) + memcpy(niv1,output[off],sizeof(des_cblock)); + des_cbc_encrypt(output,output,l8,ks2,iv1,!encrypt); + des_cbc_encrypt(output,output,l8,ks1,iv2, encrypt); + if (length >= sizeof(des_cblock)) + memcpy(niv2,output[off],sizeof(des_cblock)); + } + else + { + if (length >= sizeof(des_cblock)) + memcpy(niv2,input[off],sizeof(des_cblock)); + des_cbc_encrypt(input,output,l8,ks1,iv2,encrypt); + des_cbc_encrypt(output,output,l8,ks2,iv1,!encrypt); + if (length >= sizeof(des_cblock)) + memcpy(niv1,output[off],sizeof(des_cblock)); + des_cbc_encrypt(output,output,length,ks1,iv1, encrypt); + } + memcpy(*iv1,niv1,sizeof(des_cblock)); + memcpy(*iv2,niv2,sizeof(des_cblock)); + } + diff --git a/secure/lib/libdes/cbc_cksm.c b/secure/lib/libdes/cbc_cksm.c new file mode 100644 index 0000000..9088c73 --- /dev/null +++ b/secure/lib/libdes/cbc_cksm.c @@ -0,0 +1,92 @@ +/* lib/des/cbc_cksm.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +unsigned long des_cbc_cksum(input, output, length, schedule, ivec) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule schedule; +des_cblock (*ivec); + { + register unsigned long tout0,tout1,tin0,tin1; + register long l=length; + unsigned long tin[2]; + unsigned char *in,*out,*iv; + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + c2l(iv,tout0); + c2l(iv,tout1); + for (; l>0; l-=8) + { + if (l >= 8) + { + c2l(in,tin0); + c2l(in,tin1); + } + else + c2ln(in,tin0,tin1,l); + + tin0^=tout0; tin[0]=tin0; + tin1^=tout1; tin[1]=tin1; + des_encrypt((unsigned long *)tin,schedule,DES_ENCRYPT); + /* fix 15/10/91 eay - thanks to keithr@sco.COM */ + tout0=tin[0]; + tout1=tin[1]; + } + if (out != NULL) + { + l2c(tout0,out); + l2c(tout1,out); + } + tout0=tin0=tin1=tin[0]=tin[1]=0; + return(tout1); + } diff --git a/secure/lib/libdes/cbc_enc.c b/secure/lib/libdes/cbc_enc.c new file mode 100644 index 0000000..c0cdef8 --- /dev/null +++ b/secure/lib/libdes/cbc_enc.c @@ -0,0 +1,114 @@ +/* lib/des/cbc_enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +void des_cbc_encrypt(input, output, length, schedule, ivec, encrypt) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int encrypt; + { + register unsigned long tin0,tin1; + register unsigned long tout0,tout1,xor0,xor1; + register unsigned char *in,*out; + register long l=length; + unsigned long tin[2]; + unsigned char *iv; + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + if (encrypt) + { + c2l(iv,tout0); + c2l(iv,tout1); + for (; l>0; l-=8) + { + if (l >= 8) + { + c2l(in,tin0); + c2l(in,tin1); + } + else + c2ln(in,tin0,tin1,l); + tin0^=tout0; tin[0]=tin0; + tin1^=tout1; tin[1]=tin1; + des_encrypt((unsigned long *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + } + else + { + c2l(iv,xor0); + c2l(iv,xor1); + for (; l>0; l-=8) + { + c2l(in,tin0); tin[0]=tin0; + c2l(in,tin1); tin[1]=tin1; + des_encrypt((unsigned long *)tin,schedule,DES_DECRYPT); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + if (l >= 8) + { + l2c(tout0,out); + l2c(tout1,out); + } + else + l2cn(tout0,tout1,out,l); + xor0=tin0; + xor1=tin1; + } + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + diff --git a/secure/lib/libdes/cfb64ede.c b/secure/lib/libdes/cfb64ede.c new file mode 100644 index 0000000..93af817 --- /dev/null +++ b/secure/lib/libdes/cfb64ede.c @@ -0,0 +1,152 @@ +/* lib/des/cfb64ede.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output encrypted as though 64bit cfb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ + +void des_ede3_cfb64_encrypt(in, out, length, ks1,ks2,ks3, ivec, num, encrypt) +unsigned char *in; +unsigned char *out; +long length; +des_key_schedule ks1,ks2,ks3; +des_cblock (*ivec); +int *num; +int encrypt; + { + register unsigned long v0,v1; + register long l=length,n=*num; + unsigned long ti[2]; + unsigned char *iv,c,cc; + + iv=(unsigned char *)ivec; + if (encrypt) + { + while (l--) + { + if (n == 0) + { + c2l(iv,v0); + c2l(iv,v1); + + IP(v0,v1); + + ti[0]=v0; + ti[1]=v1; + des_encrypt2((unsigned long *)ti,ks1,DES_ENCRYPT); + des_encrypt2((unsigned long *)ti,ks2,DES_DECRYPT); + des_encrypt2((unsigned long *)ti,ks3,DES_ENCRYPT); + v0=ti[0]; + v1=ti[1]; + + FP(v1,v0); + + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + iv=(unsigned char *)ivec; + } + c= *(in++)^iv[n]; + *(out++)=c; + iv[n]=c; + n=(n+1)&0x07; + } + } + else + { + while (l--) + { + if (n == 0) + { + c2l(iv,v0); + c2l(iv,v1); + + IP(v0,v1); + + ti[0]=v0; + ti[1]=v1; + des_encrypt2((unsigned long *)ti,ks1,DES_ENCRYPT); + des_encrypt2((unsigned long *)ti,ks2,DES_DECRYPT); + des_encrypt2((unsigned long *)ti,ks3,DES_ENCRYPT); + + v0=ti[0]; + v1=ti[1]; + + FP(v1,v0); + + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + iv=(unsigned char *)ivec; + } + cc= *(in++); + c=iv[n]; + iv[n]=cc; + *(out++)=c^cc; + n=(n+1)&0x07; + } + } + v0=v1=ti[0]=ti[1]=c=cc=0; + *num=n; + } + +#ifdef undef /* MACRO */ +void des_ede2_cfb64_encrypt(in, out, length, ks1,ks2, ivec, num, encrypt) +unsigned char *in; +unsigned char *out; +long length; +des_key_schedule ks1,ks2; +des_cblock (*ivec); +int *num; +int encrypt; + { + des_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,encrypt); + } +#endif diff --git a/secure/lib/libdes/cfb64enc.c b/secure/lib/libdes/cfb64enc.c new file mode 100644 index 0000000..35875f3 --- /dev/null +++ b/secure/lib/libdes/cfb64enc.c @@ -0,0 +1,116 @@ +/* lib/des/cfb64enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output encrypted as though 64bit cfb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ + +void des_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt) +unsigned char *in; +unsigned char *out; +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int *num; +int encrypt; + { + register unsigned long v0,v1; + register long l=length,n=*num; + unsigned long ti[2]; + unsigned char *iv,c,cc; + + iv=(unsigned char *)ivec; + if (encrypt) + { + while (l--) + { + if (n == 0) + { + c2l(iv,v0); ti[0]=v0; + c2l(iv,v1); ti[1]=v1; + des_encrypt((unsigned long *)ti, + schedule,DES_ENCRYPT); + iv=(unsigned char *)ivec; + v0=ti[0]; l2c(v0,iv); + v0=ti[1]; l2c(v0,iv); + iv=(unsigned char *)ivec; + } + c= *(in++)^iv[n]; + *(out++)=c; + iv[n]=c; + n=(n+1)&0x07; + } + } + else + { + while (l--) + { + if (n == 0) + { + c2l(iv,v0); ti[0]=v0; + c2l(iv,v1); ti[1]=v1; + des_encrypt((unsigned long *)ti, + schedule,DES_ENCRYPT); + iv=(unsigned char *)ivec; + v0=ti[0]; l2c(v0,iv); + v0=ti[1]; l2c(v0,iv); + iv=(unsigned char *)ivec; + } + cc= *(in++); + c=iv[n]; + iv[n]=cc; + *(out++)=c^cc; + n=(n+1)&0x07; + } + } + v0=v1=ti[0]=ti[1]=c=cc=0; + *num=n; + } + diff --git a/secure/lib/libdes/cfb_enc.c b/secure/lib/libdes/cfb_enc.c new file mode 100644 index 0000000..33002d1 --- /dev/null +++ b/secure/lib/libdes/cfb_enc.c @@ -0,0 +1,160 @@ +/* lib/des/cfb_enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output are loaded in multiples of 8 bits. + * What this means is that if you hame numbits=12 and length=2 + * the first 12 bits will be retrieved from the first byte and half + * the second. The second 12 bits will come from the 3rd and half the 4th + * byte. + */ +void des_cfb_encrypt(in, out, numbits, length, schedule, ivec, encrypt) +unsigned char *in; +unsigned char *out; +int numbits; +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int encrypt; + { + register unsigned long d0,d1,v0,v1,n=(numbits+7)/8; + register unsigned long mask0,mask1; + register unsigned long l=length; + register int num=numbits; + unsigned long ti[2]; + unsigned char *iv; + + if (num > 64) return; + if (num > 32) + { + mask0=0xffffffffL; + if (num == 64) + mask1=mask0; + else mask1=(1L<<(num-32))-1; + } + else + { + if (num == 32) + mask0=0xffffffffL; + else mask0=(1L<<num)-1; + mask1=0x00000000; + } + + iv=(unsigned char *)ivec; + c2l(iv,v0); + c2l(iv,v1); + if (encrypt) + { + while (l >= n) + { + l-=n; + ti[0]=v0; + ti[1]=v1; + des_encrypt((unsigned long *)ti,schedule,DES_ENCRYPT); + c2ln(in,d0,d1,n); + in+=n; + d0=(d0^ti[0])&mask0; + d1=(d1^ti[1])&mask1; + l2cn(d0,d1,out,n); + out+=n; + /* 30-08-94 - eay - changed because l>>32 and + * l<<32 are bad under gcc :-( */ + if (num == 32) + { v0=v1; v1=d0; } + else if (num == 64) + { v0=d0; v1=d1; } + else if (num > 32) /* && num != 64 */ + { + v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL; + v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL; + } + else /* num < 32 */ + { + v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL; + v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL; + } + } + } + else + { + while (l >= n) + { + l-=n; + ti[0]=v0; + ti[1]=v1; + des_encrypt((unsigned long *)ti,schedule,DES_ENCRYPT); + c2ln(in,d0,d1,n); + in+=n; + /* 30-08-94 - eay - changed because l>>32 and + * l<<32 are bad under gcc :-( */ + if (num == 32) + { v0=v1; v1=d0; } + else if (num == 64) + { v0=d0; v1=d1; } + else if (num > 32) /* && num != 64 */ + { + v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL; + v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL; + } + else /* num < 32 */ + { + v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL; + v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL; + } + d0=(d0^ti[0])&mask0; + d1=(d1^ti[1])&mask1; + l2cn(d0,d1,out,n); + out+=n; + } + } + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + v0=v1=d0=d1=ti[0]=ti[1]=0; + } + diff --git a/secure/lib/libdes/des.c b/secure/lib/libdes/des.c new file mode 100644 index 0000000..ca5505b --- /dev/null +++ b/secure/lib/libdes/des.c @@ -0,0 +1,949 @@ +/* lib/des/des.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <stdlib.h> +#ifndef MSDOS +#include <unistd.h> +#else +#include <io.h> +#define RAND +#endif + +#include <time.h> +#include "version.h" + +#ifdef VMS +#include <types.h> +#include <stat.h> +#else +#ifndef _IRIX +#include <sys/types.h> +#endif +#include <sys/stat.h> +#endif +#if defined(NOCONST) +#define const +#endif +#include "des.h" + +#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS) +#include <string.h> +#endif + +#ifdef RAND +#define random rand +#define srandom(s) srand(s) +#endif + +#ifndef NOPROTO +void usage(void); +void doencryption(void); +int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp); +void uufwriteEnd(FILE *fp); +int uufread(unsigned char *out,int size,unsigned int num,FILE *fp); +int uuencode(unsigned char *in,int num,unsigned char *out); +int uudecode(unsigned char *in,int num,unsigned char *out); +#else +void usage(); +void doencryption(); +int uufwrite(); +void uufwriteEnd(); +int uufread(); +int uuencode(); +int uudecode(); +#endif + +#ifdef VMS +#define EXIT(a) exit(a&0x10000000) +#else +#define EXIT(a) exit(a) +#endif + +#define BUFSIZE (8*1024) +#define VERIFY 1 +#define KEYSIZ 8 +#define KEYSIZB 1024 /* should hit tty line limit first :-) */ +char key[KEYSIZB+1]; +int do_encrypt,longk=0; +FILE *DES_IN,*DES_OUT,*CKSUM_OUT; +char uuname[200]; +unsigned char uubuf[50]; +int uubufnum=0; +#define INUUBUFN (45*100) +#define OUTUUBUF (65*100) +unsigned char b[OUTUUBUF]; +unsigned char bb[300]; +des_cblock cksum={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; +char cksumname[200]=""; + +int vflag,cflag,eflag,dflag,kflag,bflag,fflag,sflag,uflag,flag3,hflag,error; + +int main(argc, argv) +int argc; +char **argv; + { + int i; + struct stat ins,outs; + char *p; + char *in=NULL,*out=NULL; + + vflag=cflag=eflag=dflag=kflag=hflag=bflag=fflag=sflag=uflag=flag3=0; + error=0; + memset(key,0,sizeof(key)); + + for (i=1; i<argc; i++) + { + p=argv[i]; + if ((p[0] == '-') && (p[1] != '\0')) + { + p++; + while (*p) + { + switch (*(p++)) + { + case '3': + flag3=1; + longk=1; + break; + case 'c': + cflag=1; + strncpy(cksumname,p,200); + p+=strlen(cksumname); + break; + case 'C': + cflag=1; + longk=1; + strncpy(cksumname,p,200); + p+=strlen(cksumname); + break; + case 'e': + eflag=1; + break; + case 'v': + vflag=1; + break; + case 'E': + eflag=1; + longk=1; + break; + case 'd': + dflag=1; + break; + case 'D': + dflag=1; + longk=1; + break; + case 'b': + bflag=1; + break; + case 'f': + fflag=1; + break; + case 's': + sflag=1; + break; + case 'u': + uflag=1; + strncpy(uuname,p,200); + p+=strlen(uuname); + break; + case 'h': + hflag=1; + break; + case 'k': + kflag=1; + if ((i+1) == argc) + { + fputs("must have a key with the -k option\n",stderr); + error=1; + } + else + { + int j; + + i++; + strncpy(key,argv[i],KEYSIZB); + for (j=strlen(argv[i])-1; j>=0; j--) + argv[i][j]='\0'; + } + break; + default: + fprintf(stderr,"'%c' unknown flag\n",p[-1]); + error=1; + break; + } + } + } + else + { + if (in == NULL) + in=argv[i]; + else if (out == NULL) + out=argv[i]; + else + error=1; + } + } + if (error) usage(); + /* We either + * do checksum or + * do encrypt or + * do decrypt or + * do decrypt then ckecksum or + * do checksum then encrypt + */ + if (((eflag+dflag) == 1) || cflag) + { + if (eflag) do_encrypt=DES_ENCRYPT; + if (dflag) do_encrypt=DES_DECRYPT; + } + else + { + if (vflag) + { +#ifndef _Windows + fprintf(stderr,"des(1) built with %s\n",DES_version); +#endif + EXIT(1); + } + else usage(); + } + +#ifndef _Windows + if (vflag) fprintf(stderr,"des(1) built with %s\n",DES_version); +#endif + if ( (in != NULL) && + (out != NULL) && +#ifndef MSDOS + (stat(in,&ins) != -1) && + (stat(out,&outs) != -1) && + (ins.st_dev == outs.st_dev) && + (ins.st_ino == outs.st_ino)) +#else /* MSDOS */ + (strcmp(in,out) == 0)) +#endif + { + fputs("input and output file are the same\n",stderr); + EXIT(3); + } + + if (!kflag) + if (des_read_pw_string(key,KEYSIZB+1,"Enter key:",eflag?VERIFY:0)) + { + fputs("password error\n",stderr); + EXIT(2); + } + + if (in == NULL) + DES_IN=stdin; + else if ((DES_IN=fopen(in,"r")) == NULL) + { + perror("opening input file"); + EXIT(4); + } + + CKSUM_OUT=stdout; + if (out == NULL) + { + DES_OUT=stdout; + CKSUM_OUT=stderr; + } + else if ((DES_OUT=fopen(out,"w")) == NULL) + { + perror("opening output file"); + EXIT(5); + } + +#ifdef MSDOS + /* This should set the file to binary mode. */ + { +#include <fcntl.h> + if (!(uflag && dflag)) + setmode(fileno(DES_IN),O_BINARY); + if (!(uflag && eflag)) + setmode(fileno(DES_OUT),O_BINARY); + } +#endif + + doencryption(); + fclose(DES_IN); + fclose(DES_OUT); + EXIT(0); + } + +void usage() + { + char **u; + static const char *Usage[]={ +"des <options> [input-file [output-file]]", +"options:", +"-v : des(1) version number", +"-e : encrypt using sunOS compatible user key to DES key conversion.", +"-E : encrypt ", +"-d : decrypt using sunOS compatible user key to DES key conversion.", +"-D : decrypt ", +"-c[ckname] : generate a cbc_cksum using sunOS compatible user key to", +" DES key conversion and output to ckname (stdout default,", +" stderr if data being output on stdout). The checksum is", +" generated before encryption and after decryption if used", +" in conjunction with -[eEdD].", +"-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].", +"-k key : use key 'key'", +"-h : the key that is entered will be a hexidecimal number", +" that is used directly as the des key", +"-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]", +" (uuname is the filename to put in the uuencode header).", +"-b : encrypt using DES in ecb encryption mode, the defaut is cbc mode.", +"-3 : encrypt using tripple DES encryption. This uses 2 keys", +" generated from the input key. If the input key is less", +" than 8 characters long, this is equivelent to normal", +" encryption. Default is tripple cbc, -b makes it tripple ecb.", +NULL +}; + for (u=(char **)Usage; *u; u++) + { + fputs(*u,stderr); + fputc('\n',stderr); + } + + EXIT(1); + } + +void doencryption() + { +#ifdef _LIBC + extern int srandom(); + extern int random(); + extern unsigned long time(); +#endif + + register int i; + des_key_schedule ks,ks2; + unsigned char iv[8],iv2[8]; + char *p; + int num=0,j,k,l,rem,ll,len,last,ex=0; + des_cblock kk,k2; + FILE *O; + int Exit=0; +#ifndef MSDOS + static unsigned char buf[BUFSIZE+8],obuf[BUFSIZE+8]; +#else + static unsigned char *buf=NULL,*obuf=NULL; + + if (buf == NULL) + { + if ( (( buf=(unsigned char *)malloc(BUFSIZE+8)) == NULL) || + ((obuf=(unsigned char *)malloc(BUFSIZE+8)) == NULL)) + { + fputs("Not enough memory\n",stderr); + Exit=10; + goto problems; + } + } +#endif + + if (hflag) + { + j=(flag3?16:8); + p=key; + for (i=0; i<j; i++) + { + k=0; + if ((*p <= '9') && (*p >= '0')) + k=(*p-'0')<<4; + else if ((*p <= 'f') && (*p >= 'a')) + k=(*p-'a'+10)<<4; + else if ((*p <= 'F') && (*p >= 'A')) + k=(*p-'A'+10)<<4; + else + { + fputs("Bad hex key\n",stderr); + Exit=9; + goto problems; + } + p++; + if ((*p <= '9') && (*p >= '0')) + k|=(*p-'0'); + else if ((*p <= 'f') && (*p >= 'a')) + k|=(*p-'a'+10); + else if ((*p <= 'F') && (*p >= 'A')) + k|=(*p-'A'+10); + else + { + fputs("Bad hex key\n",stderr); + Exit=9; + goto problems; + } + p++; + if (i < 8) + kk[i]=k; + else + k2[i-8]=k; + } + des_set_key((C_Block *)k2,ks2); + memset(k2,0,sizeof(k2)); + } + else if (longk || flag3) + { + if (flag3) + { + des_string_to_2keys(key,(C_Block *)kk,(C_Block *)k2); + des_set_key((C_Block *)k2,ks2); + memset(k2,0,sizeof(k2)); + } + else + des_string_to_key(key,(C_Block *)kk); + } + else + for (i=0; i<KEYSIZ; i++) + { + l=0; + k=key[i]; + for (j=0; j<8; j++) + { + if (k&1) l++; + k>>=1; + } + if (l & 1) + kk[i]=key[i]&0x7f; + else + kk[i]=key[i]|0x80; + } + + des_set_key((C_Block *)kk,ks); + memset(key,0,sizeof(key)); + memset(kk,0,sizeof(kk)); + /* woops - A bug that does not showup under unix :-( */ + memset(iv,0,sizeof(iv)); + memset(iv2,0,sizeof(iv2)); + + l=1; + rem=0; + /* first read */ + if (eflag || (!dflag && cflag)) + { + for (;;) + { + num=l=fread(&(buf[rem]),1,BUFSIZE,DES_IN); + l+=rem; + num+=rem; + if (l < 0) + { + perror("read error"); + Exit=6; + goto problems; + } + + rem=l%8; + len=l-rem; + if (feof(DES_IN)) + { + srandom((unsigned int)time(NULL)); + for (i=7-rem; i>0; i--) + buf[l++]=random()&0xff; + buf[l++]=rem; + ex=1; + len+=rem; + } + else + l-=rem; + + if (cflag) + { + des_cbc_cksum((C_Block *)buf,(C_Block *)cksum, + (long)len,ks,(C_Block *)cksum); + if (!eflag) + { + if (feof(DES_IN)) break; + else continue; + } + } + + if (bflag && !flag3) + for (i=0; i<l; i+=8) + des_ecb_encrypt( + (des_cblock *)&(buf[i]), + (des_cblock *)&(obuf[i]), + ks,do_encrypt); + else if (flag3 && bflag) + for (i=0; i<l; i+=8) + des_ecb2_encrypt( + (des_cblock *)&(buf[i]), + (des_cblock *)&(obuf[i]), + ks,ks2,do_encrypt); + else if (flag3 && !bflag) + { + char tmpbuf[8]; + + if (rem) memcpy(tmpbuf,&(buf[l]), + (unsigned int)rem); + des_3cbc_encrypt( + (des_cblock *)buf,(des_cblock *)obuf, + (long)l,ks,ks2,(des_cblock *)iv, + (des_cblock *)iv2,do_encrypt); + if (rem) memcpy(&(buf[l]),tmpbuf, + (unsigned int)rem); + } + else + { + des_cbc_encrypt( + (des_cblock *)buf,(des_cblock *)obuf, + (long)l,ks,(des_cblock *)iv,do_encrypt); + if (l >= 8) memcpy(iv,&(obuf[l-8]),8); + } + if (rem) memcpy(buf,&(buf[l]),(unsigned int)rem); + + i=0; + while (i < l) + { + if (uflag) + j=uufwrite(obuf,1,(unsigned int)l-i, + DES_OUT); + else + j=fwrite(obuf,1,(unsigned int)l-i, + DES_OUT); + if (j == -1) + { + perror("Write error"); + Exit=7; + goto problems; + } + i+=j; + } + if (feof(DES_IN)) + { + if (uflag) uufwriteEnd(DES_OUT); + break; + } + } + } + else /* decrypt */ + { + ex=1; + for (;;) + { + if (ex) { + if (uflag) + l=uufread(buf,1,BUFSIZE,DES_IN); + else + l=fread(buf,1,BUFSIZE,DES_IN); + ex=0; + rem=l%8; + l-=rem; + } + if (l < 0) + { + perror("read error"); + Exit=6; + goto problems; + } + + if (bflag && !flag3) + for (i=0; i<l; i+=8) + des_ecb_encrypt( + (des_cblock *)&(buf[i]), + (des_cblock *)&(obuf[i]), + ks,do_encrypt); + else if (flag3 && bflag) + for (i=0; i<l; i+=8) + des_ecb2_encrypt( + (des_cblock *)&(buf[i]), + (des_cblock *)&(obuf[i]), + ks,ks2,do_encrypt); + else if (flag3 && !bflag) + { + des_3cbc_encrypt( + (des_cblock *)buf,(des_cblock *)obuf, + (long)l,ks,ks2,(des_cblock *)iv, + (des_cblock *)iv2,do_encrypt); + } + else + { + des_cbc_encrypt( + (des_cblock *)buf,(des_cblock *)obuf, + (long)l,ks,(des_cblock *)iv,do_encrypt); + if (l >= 8) memcpy(iv,&(buf[l-8]),8); + } + + if (uflag) + ll=uufread(&(buf[rem]),1,BUFSIZE,DES_IN); + else + ll=fread(&(buf[rem]),1,BUFSIZE,DES_IN); + ll+=rem; + rem=ll%8; + ll-=rem; + if (feof(DES_IN) && (ll == 0)) + { + last=obuf[l-1]; + + if ((last > 7) || (last < 0)) + { + fputs("The file was not decrypted correctly.\n", + stderr); + Exit=8; + last=0; + } + l=l-8+last; + } + i=0; + if (cflag) des_cbc_cksum((C_Block *)obuf, + (C_Block *)cksum,(long)l/8*8,ks, + (C_Block *)cksum); + while (i != l) + { + j=fwrite(obuf,1,(unsigned int)l-i,DES_OUT); + if (j == -1) + { + perror("Write error"); + Exit=7; + goto problems; + } + i+=j; + } + l=ll; + if ((l == 0) && feof(DES_IN)) break; + } + } + if (cflag) + { + l=0; + if (cksumname[0] != '\0') + { + if ((O=fopen(cksumname,"w")) != NULL) + { + CKSUM_OUT=O; + l=1; + } + } + for (i=0; i<8; i++) + fprintf(CKSUM_OUT,"%02X",cksum[i]); + fprintf(CKSUM_OUT,"\n"); + if (l) fclose(CKSUM_OUT); + } +problems: + memset(buf,0,sizeof(buf)); + memset(obuf,0,sizeof(obuf)); + memset(ks,0,sizeof(ks)); + memset(ks2,0,sizeof(ks2)); + memset(iv,0,sizeof(iv)); + memset(iv2,0,sizeof(iv2)); + memset(kk,0,sizeof(kk)); + memset(k2,0,sizeof(k2)); + memset(uubuf,0,sizeof(uubuf)); + memset(b,0,sizeof(b)); + memset(bb,0,sizeof(bb)); + memset(cksum,0,sizeof(cksum)); + if (Exit) EXIT(Exit); + } + +int uufwrite(data, size, num, fp) +unsigned char *data; +int size; +unsigned int num; +FILE *fp; + + /* We ignore this parameter but it should be > ~50 I believe */ + + + { + int i,j,left,rem,ret=num; + static int start=1; + + if (start) + { + fprintf(fp,"begin 600 %s\n", + (uuname[0] == '\0')?"text.d":uuname); + start=0; + } + + if (uubufnum) + { + if (uubufnum+num < 45) + { + memcpy(&(uubuf[uubufnum]),data,(unsigned int)num); + uubufnum+=num; + return(num); + } + else + { + i=45-uubufnum; + memcpy(&(uubuf[uubufnum]),data,(unsigned int)i); + j=uuencode((unsigned char *)uubuf,45,b); + fwrite(b,1,(unsigned int)j,fp); + uubufnum=0; + data+=i; + num-=i; + } + } + + for (i=0; i<(((int)num)-INUUBUFN); i+=INUUBUFN) + { + j=uuencode(&(data[i]),INUUBUFN,b); + fwrite(b,1,(unsigned int)j,fp); + } + rem=(num-i)%45; + left=(num-i-rem); + if (left) + { + j=uuencode(&(data[i]),left,b); + fwrite(b,1,(unsigned int)j,fp); + i+=left; + } + if (i != num) + { + memcpy(uubuf,&(data[i]),(unsigned int)rem); + uubufnum=rem; + } + return(ret); + } + +void uufwriteEnd(fp) +FILE *fp; + { + int j; + static const char *end=" \nend\n"; + + if (uubufnum != 0) + { + uubuf[uubufnum]='\0'; + uubuf[uubufnum+1]='\0'; + uubuf[uubufnum+2]='\0'; + j=uuencode(uubuf,uubufnum,b); + fwrite(b,1,(unsigned int)j,fp); + } + fwrite(end,1,strlen(end),fp); + } + +int uufread(out, size, num, fp) +unsigned char *out; +int size; /* should always be > ~ 60; I actually ignore this parameter :-) */ +unsigned int num; +FILE *fp; + { + int i,j,tot; + static int done=0; + static int valid=0; + static int start=1; + + if (start) + { + for (;;) + { + b[0]='\0'; + fgets((char *)b,300,fp); + if (b[0] == '\0') + { + fprintf(stderr,"no 'begin' found in uuencoded input\n"); + return(-1); + } + if (strncmp((char *)b,"begin ",6) == 0) break; + } + start=0; + } + if (done) return(0); + tot=0; + if (valid) + { + memcpy(out,bb,(unsigned int)valid); + tot=valid; + valid=0; + } + for (;;) + { + b[0]='\0'; + fgets((char *)b,300,fp); + if (b[0] == '\0') break; + i=strlen((char *)b); + if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd')) + { + done=1; + while (!feof(fp)) + { + fgets((char *)b,300,fp); + } + break; + } + i=uudecode(b,i,bb); + if (i < 0) break; + if ((i+tot+8) > num) + { + /* num to copy to make it a multiple of 8 */ + j=(num/8*8)-tot-8; + memcpy(&(out[tot]),bb,(unsigned int)j); + tot+=j; + memcpy(bb,&(bb[j]),(unsigned int)i-j); + valid=i-j; + break; + } + memcpy(&(out[tot]),bb,(unsigned int)i); + tot+=i; + } + return(tot); + } + +#define ccc2l(c,l) (l =((unsigned long)(*((c)++)))<<16, \ + l|=((unsigned long)(*((c)++)))<< 8, \ + l|=((unsigned long)(*((c)++)))) + +#define l2ccc(l,c) (*((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + + +int uuencode(in, num, out) +unsigned char *in; +int num; +unsigned char *out; + { + int j,i,n,tot=0; + unsigned long l; + register unsigned char *p; + p=out; + + for (j=0; j<num; j+=45) + { + if (j+45 > num) + i=(num-j); + else i=45; + *(p++)=i+' '; + for (n=0; n<i; n+=3) + { + ccc2l(in,l); + *(p++)=((l>>18)&0x3f)+' '; + *(p++)=((l>>12)&0x3f)+' '; + *(p++)=((l>> 6)&0x3f)+' '; + *(p++)=((l )&0x3f)+' '; + tot+=4; + } + *(p++)='\n'; + tot+=2; + } + *p='\0'; + l=0; + return(tot); + } + +int uudecode(in, num, out) +unsigned char *in; +int num; +unsigned char *out; + { + int j,i,k; + unsigned int n=0,space=0; + unsigned long l; + unsigned long w,x,y,z; + unsigned int blank=(unsigned int)'\n'-' '; + + for (j=0; j<num; ) + { + n= *(in++)-' '; + if (n == blank) + { + n=0; + in--; + } + if (n > 60) + { + fprintf(stderr,"uuencoded line length too long\n"); + return(-1); + } + j++; + + for (i=0; i<n; j+=4,i+=3) + { + /* the following is for cases where spaces are + * removed from lines. + */ + if (space) + { + w=x=y=z=0; + } + else + { + w= *(in++)-' '; + x= *(in++)-' '; + y= *(in++)-' '; + z= *(in++)-' '; + } + if ((w > 63) || (x > 63) || (y > 63) || (z > 63)) + { + k=0; + if (w == blank) k=1; + if (x == blank) k=2; + if (y == blank) k=3; + if (z == blank) k=4; + space=1; + switch (k) { + case 1: w=0; in--; + case 2: x=0; in--; + case 3: y=0; in--; + case 4: z=0; in--; + break; + case 0: + space=0; + fprintf(stderr,"bad uuencoded data values\n"); + w=x=y=z=0; + return(-1); + break; + } + } + l=(w<<18)|(x<<12)|(y<< 6)|(z ); + l2ccc(l,out); + } + if (*(in++) != '\n') + { + fprintf(stderr,"missing nl in uuencoded line\n"); + w=x=y=z=0; + return(-1); + } + j++; + } + *out='\0'; + w=x=y=z=0; + return(n); + } diff --git a/secure/lib/libdes/des.doc b/secure/lib/libdes/des.doc new file mode 100644 index 0000000..ec3a4c1 --- /dev/null +++ b/secure/lib/libdes/des.doc @@ -0,0 +1,480 @@ +The DES library. + +Please note that this library was originally written to operate with +eBones, a version of Kerberos that had had encryption removed when it left +the USA and then put back in. As such there are some routines that I will +advise not using but they are still in the library for historical reasons. +For all calls that have an 'input' and 'output' variables, they can be the +same. + +This library requires the inclusion of 'des.h'. + +All of the encryption functions take what is called a des_key_schedule as an +argument. A des_key_schedule is an expanded form of the des key. +A des_key is 8 bytes of odd parity, the type used to hold the key is a +des_cblock. A des_cblock is an array of 8 bytes, often in this library +description I will refer to input bytes when the function specifies +des_cblock's as input or output, this just means that the variable should +be a multiple of 8 bytes. + +The define DES_ENCRYPT is passed to specify encryption, DES_DECRYPT to +specify decryption. The functions and global variable are as follows: + +int des_check_key; + DES keys are supposed to be odd parity. If this variable is set to + a non-zero value, des_set_key() will check that the key has odd + parity and is not one of the known weak DES keys. By default this + variable is turned off; + +void des_set_odd_parity( +des_cblock *key ); + This function takes a DES key (8 bytes) and sets the parity to odd. + +int des_is_weak_key( +des_cblock *key ); + This function returns a non-zero value if the DES key passed is a + weak, DES key. If it is a weak key, don't use it, try a different + one. If you are using 'random' keys, the chances of hitting a weak + key are 1/2^52 so it is probably not worth checking for them. + +int des_set_key( +des_cblock *key, +des_key_schedule schedule); + Des_set_key converts an 8 byte DES key into a des_key_schedule. + A des_key_schedule is an expanded form of the key which is used to + perform actual encryption. It can be regenerated from the DES key + so it only needs to be kept when encryption or decryption is about + to occur. Don't save or pass around des_key_schedule's since they + are CPU architecture dependent, DES keys are not. If des_check_key + is non zero, zero is returned if the key has the wrong parity or + the key is a weak key, else 1 is returned. + +int des_key_sched( +des_cblock *key, +des_key_schedule schedule); + An alternative name for des_set_key(). + +int des_rw_mode; /* defaults to DES_PCBC_MODE */ + This flag holds either DES_CBC_MODE or DES_PCBC_MODE (default). + This specifies the function to use in the enc_read() and enc_write() + functions. + +void des_encrypt( +unsigned long *data, +des_key_schedule ks, +int enc); + This is the DES encryption function that gets called by just about + every other DES routine in the library. You should not use this + function except to implement 'modes' of DES. I say this because the + functions that call this routine do the conversion from 'char *' to + long, and this needs to be done to make sure 'non-aligned' memory + access do not occur. The characters are loaded 'little endian', + have a look at my source code for more details on how I use this + function. + Data is a pointer to 2 unsigned long's and ks is the + des_key_schedule to use. enc, is non zero specifies encryption, + zero if decryption. + +void des_encrypt2( +unsigned long *data, +des_key_schedule ks, +int enc); + This functions is the same as des_encrypt() except that the DES + initial permutation (IP) and final permutation (FP) have been left + out. As for des_encrypt(), you should not use this function. + It is used by the routines in my library that implement triple DES. + IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same + as des_encrypt() des_encrypt() des_encrypt() except faster :-). + +void des_ecb_encrypt( +des_cblock *input, +des_cblock *output, +des_key_schedule ks, +int enc); + This is the basic Electronic Code Book form of DES, the most basic + form. Input is encrypted into output using the key represented by + ks. If enc is non zero (DES_ENCRYPT), encryption occurs, otherwise + decryption occurs. Input is 8 bytes long and output is 8 bytes. + (the des_cblock structure is 8 chars). + +void des_ecb3_encrypt( +des_cblock *input, +des_cblock *output, +des_key_schedule ks1, +des_key_schedule ks2, +des_key_schedule ks3, +int enc); + This is the 3 key EDE mode of ECB DES. What this means is that + the 8 bytes of input is encrypted with ks1, decrypted with ks2 and + then encrypted again with ks3, before being put into output; + C=E(ks3,D(ks2,E(ks1,M))). There is a macro, des_ecb2_encrypt() + that only takes 2 des_key_schedules that implements, + C=E(ks1,D(ks2,E(ks1,M))) in that the final encrypt is done with ks1. + +void des_cbc_encrypt( +des_cblock *input, +des_cblock *output, +long length, +des_key_schedule ks, +des_cblock *ivec, +int enc); + This routine implements DES in Cipher Block Chaining mode. + Input, which should be a multiple of 8 bytes is encrypted + (or decrypted) to output which will also be a multiple of 8 bytes. + The number of bytes is in length (and from what I've said above, + should be a multiple of 8). If length is not a multiple of 8, I'm + not being held responsible :-). ivec is the initialisation vector. + This function does not modify this variable. To correctly implement + cbc mode, you need to do one of 2 things; copy the last 8 bytes of + cipher text for use as the next ivec in your application, + or use des_ncbc_encrypt(). + Only this routine has this problem with updating the ivec, all + other routines that are implementing cbc mode update ivec. + +void des_ncbc_encrypt( +des_cblock *input, +des_cblock *output, +long length, +des_key_schedule sk, +des_cblock *ivec, +int enc); + For historical reasons, des_cbc_encrypt() did not update the + ivec with the value requires so that subsequent calls to + des_cbc_encrypt() would 'chain'. This was needed so that the same + 'length' values would not need to be used when decrypting. + des_ncbc_encrypt() does the right thing. It is the same as + des_cbc_encrypt accept that ivec is updates with the correct value + to pass in subsequent calls to des_ncbc_encrypt(). I advise using + des_ncbc_encrypt() instead of des_cbc_encrypt(); + +void des_3cbc_encrypt( +des_cblock *input, +des_cblock *output, +long length, +des_key_schedule sk1, +des_key_schedule sk2, +des_cblock *ivec1, +des_cblock *ivec2, +int enc); + This function is flawed, do not use it. I have left it in the + library because it is used in my des(1) program and will function + correctly when used by des(1). If I removed the function, people + could end up unable to decrypt files. + This routine implements outer triple cbc encryption using 2 ks and + 2 ivec's. Use des_ede2_cbc_encrypt() instead. + +void des_ede3_cbc_encrypt( +des_cblock *input, +des_cblock *output, +long length, +des_key_schedule ks1, +des_key_schedule ks2, +des_key_schedule ks3, +des_cblock *ivec, +int enc); + This function implements inner triple CBC DES encryption with 3 + keys. What this means is that each 'DES' operation + inside the cbc mode is really an C=E(ks3,D(ks2,E(ks1,M))). + Again, this is cbc mode so an ivec is requires. + This mode is used by SSL. + There is also a des_ede2_cbc_encrypt() that only uses 2 + des_key_schedule's, the first being reused for the final + encryption. C=E(ks1,D(ks2,E(ks1,M))). This form of triple DES + is used by the RSAref library. + +void des_pcbc_encrypt( +des_cblock *input, +des_cblock *output, +long length, +des_key_schedule ks, +des_cblock *ivec, +int enc); + This is Propagating Cipher Block Chaining mode of DES. It is used + by Kerberos v4. It's parameters are the same as des_ncbc_encrypt(). + +void des_cfb_encrypt( +unsigned char *in, +unsigned char *out, +int numbits, +long length, +des_key_schedule ks, +des_cblock *ivec, +int enc); + Cipher Feedback Back mode of DES. This implementation 'feeds back' + in numbit blocks. The input (and output) is in multiples of numbits + bits. numbits should to be a multiple of 8 bits. Length is the + number of bytes input. If numbits is not a multiple of 8 bits, + the extra bits in the bytes will be considered padding. So if + numbits is 12, for each 2 input bytes, the 4 high bits of the + second byte will be ignored. So to encode 72 bits when using + a numbits of 12 take 12 bytes. To encode 72 bits when using + numbits of 9 will take 16 bytes. To encode 80 bits when using + numbits of 16 will take 10 bytes. etc, etc. This padding will + apply to both input and output. + + +void des_cfb64_encrypt( +unsigned char *in, +unsigned char *out, +long length, +des_key_schedule ks, +des_cblock *ivec, +int *num, +int enc); + This is one of the more useful functions in this DES library, it + implements CFB mode of DES with 64bit feedback. Why is this + useful you ask? Because this routine will allow you to encrypt an + arbitrary number of bytes, no 8 byte padding. Each call to this + routine will encrypt the input bytes to output and then update ivec + and num. num contains 'how far' we are though ivec. If this does + not make much sense, read more about cfb mode of DES :-). + +void des_ede3_cfb64_encrypt( +unsigned char *in, +unsigned char *out, +long length, +des_key_schedule ks1, +des_key_schedule ks2, +des_key_schedule ks3, +des_cblock *ivec, +int *num, +int enc); + Same as des_cfb64_encrypt() accept that the DES operation is + triple DES. As usual, there is a macro for + des_ede2_cfb64_encrypt() which reuses ks1. + +void des_ofb_encrypt( +unsigned char *in, +unsigned char *out, +int numbits, +long length, +des_key_schedule ks, +des_cblock *ivec); + This is a implementation of Output Feed Back mode of DES. It is + the same as des_cfb_encrypt() in that numbits is the size of the + units dealt with during input and output (in bits). + +void des_ofb64_encrypt( +unsigned char *in, +unsigned char *out, +long length, +des_key_schedule ks, +des_cblock *ivec, +int *num); + The same as des_cfb64_encrypt() except that it is Output Feed Back + mode. + +void des_ede3_ofb64_encrypt( +unsigned char *in, +unsigned char *out, +long length, +des_key_schedule ks1, +des_key_schedule ks2, +des_key_schedule ks3, +des_cblock *ivec, +int *num); + Same as des_ofb64_encrypt() accept that the DES operation is + triple DES. As usual, there is a macro for + des_ede2_ofb64_encrypt() which reuses ks1. + +int des_read_pw_string( +char *buf, +int length, +char *prompt, +int verify); + This routine is used to get a password from the terminal with echo + turned off. Buf is where the string will end up and length is the + size of buf. Prompt is a string presented to the 'user' and if + verify is set, the key is asked for twice and unless the 2 copies + match, an error is returned. A return code of -1 indicates a + system error, 1 failure due to use interaction, and 0 is success. + +unsigned long des_cbc_cksum( +des_cblock *input, +des_cblock *output, +long length, +des_key_schedule ks, +des_cblock *ivec); + This function produces an 8 byte checksum from input that it puts in + output and returns the last 4 bytes as a long. The checksum is + generated via cbc mode of DES in which only the last 8 byes are + kept. I would recommend not using this function but instead using + the EVP_Digest routines, or at least using MD5 or SHA. This + function is used by Kerberos v4 so that is why it stays in the + library. + +char *crypt( +const char *buf, +const char *salt); + This is my fast version of the unix crypt(3) function. This version + takes only a small amount of space relative to other fast + crypt() implementations. + +void des_string_to_key( +char *str, +des_cblock *key); + This function takes str and converts it into a DES key. I would + recommend using MD5 instead and use the first 8 bytes of output. + When I wrote the first version of these routines back in 1990, MD5 + did not exist but I feel these routines are still sound. This + routines is compatible with the one in MIT's libdes. + +void des_string_to_2keys( +char *str, +des_cblock *key1, +des_cblock *key2); + This function takes str and converts it into 2 DES keys. + I would recommend using MD5 and using the 16 bytes as the 2 keys. + I have nothing against these 2 'string_to_key' routines, it's just + that if you say that your encryption key is generated by using the + 16 bytes of an MD5 hash, every-one knows how you generated your + keys. + +int des_read_password( +des_cblock *key, +char *prompt, +int verify); + This routine combines des_read_pw_string() with des_string_to_key(). + +int des_read_2passwords( +des_cblock *key1, +des_cblock *key2, +char *prompt, +int verify); + This routine combines des_read_pw_string() with des_string_to_2key(). + +void des_random_seed( +des_cblock key); + This routine sets a starting point for des_random_key(). + +void des_random_key( +des_cblock ret); + This function return a random key. Make sure to 'seed' the random + number generator (with des_random_seed()) before using this function. + I personally now use a MD5 based random number system. + +int des_enc_read( +int fd, +char *buf, +int len, +des_key_schedule ks, +des_cblock *iv); + This function will write to a file descriptor the encrypted data + from buf. This data will be preceded by a 4 byte 'byte count' and + will be padded out to 8 bytes. The encryption is either CBC of + PCBC depending on the value of des_rw_mode. If it is DES_PCBC_MODE, + pcbc is used, if DES_CBC_MODE, cbc is used. The default is to use + DES_PCBC_MODE. + +int des_enc_write( +int fd, +char *buf, +int len, +des_key_schedule ks, +des_cblock *iv); + This routines read stuff written by des_enc_read() and decrypts it. + I have used these routines quite a lot but I don't believe they are + suitable for non-blocking io. If you are after a full + authentication/encryption over networks, have a look at SSL instead. + +unsigned long des_quad_cksum( +des_cblock *input, +des_cblock *output, +long length, +int out_count, +des_cblock *seed); + This is a function from Kerberos v4 that is not anything to do with + DES but was needed. It is a cksum that is quicker to generate than + des_cbc_cksum(); I personally would use MD5 routines now. +===== +Modes of DES +Quite a bit of the following information has been taken from + AS 2805.5.2 + Australian Standard + Electronic funds transfer - Requirements for interfaces, + Part 5.2: Modes of operation for an n-bit block cipher algorithm + Appendix A + +There are several different modes in which DES can be used, they are +as follows. + +Electronic Codebook Mode (ECB) (des_ecb_encrypt()) +- 64 bits are enciphered at a time. +- The order of the blocks can be rearranged without detection. +- The same plaintext block always produces the same ciphertext block + (for the same key) making it vulnerable to a 'dictionary attack'. +- An error will only affect one ciphertext block. + +Cipher Block Chaining Mode (CBC) (des_cbc_encrypt()) +- a multiple of 64 bits are enciphered at a time. +- The CBC mode produces the same ciphertext whenever the same + plaintext is encrypted using the same key and starting variable. +- The chaining operation makes the ciphertext blocks dependent on the + current and all preceding plaintext blocks and therefore blocks can not + be rearranged. +- The use of different starting variables prevents the same plaintext + enciphering to the same ciphertext. +- An error will affect the current and the following ciphertext blocks. + +Cipher Feedback Mode (CFB) (des_cfb_encrypt()) +- a number of bits (j) <= 64 are enciphered at a time. +- The CFB mode produces the same ciphertext whenever the same + plaintext is encrypted using the same key and starting variable. +- The chaining operation makes the ciphertext variables dependent on the + current and all preceding variables and therefore j-bit variables are + chained together and can not be rearranged. +- The use of different starting variables prevents the same plaintext + enciphering to the same ciphertext. +- The strength of the CFB mode depends on the size of k (maximal if + j == k). In my implementation this is always the case. +- Selection of a small value for j will require more cycles through + the encipherment algorithm per unit of plaintext and thus cause + greater processing overheads. +- Only multiples of j bits can be enciphered. +- An error will affect the current and the following ciphertext variables. + +Output Feedback Mode (OFB) (des_ofb_encrypt()) +- a number of bits (j) <= 64 are enciphered at a time. +- The OFB mode produces the same ciphertext whenever the same + plaintext enciphered using the same key and starting variable. More + over, in the OFB mode the same key stream is produced when the same + key and start variable are used. Consequently, for security reasons + a specific start variable should be used only once for a given key. +- The absence of chaining makes the OFB more vulnerable to specific attacks. +- The use of different start variables values prevents the same + plaintext enciphering to the same ciphertext, by producing different + key streams. +- Selection of a small value for j will require more cycles through + the encipherment algorithm per unit of plaintext and thus cause + greater processing overheads. +- Only multiples of j bits can be enciphered. +- OFB mode of operation does not extend ciphertext errors in the + resultant plaintext output. Every bit error in the ciphertext causes + only one bit to be in error in the deciphered plaintext. +- OFB mode is not self-synchronising. If the two operation of + encipherment and decipherment get out of synchronism, the system needs + to be re-initialised. +- Each re-initialisation should use a value of the start variable + different from the start variable values used before with the same + key. The reason for this is that an identical bit stream would be + produced each time from the same parameters. This would be + susceptible to a ' known plaintext' attack. + +Triple ECB Mode (des_ecb3_encrypt()) +- Encrypt with key1, decrypt with key2 and encrypt with key3 again. +- As for ECB encryption but increases the key length to 168 bits. + There are theoretic attacks that can be used that make the effective + key length 112 bits, but this attack also requires 2^56 blocks of + memory, not very likely, even for the NSA. +- If both keys are the same it is equivalent to encrypting once with + just one key. +- If the first and last key are the same, the key length is 112 bits. + There are attacks that could reduce the key space to 55 bit's but it + requires 2^56 blocks of memory. +- If all 3 keys are the same, this is effectively the same as normal + ecb mode. + +Triple CBC Mode (des_ede3_cbc_encrypt()) +- Encrypt with key1, decrypt with key2 and then encrypt with key3. +- As for CBC encryption but increases the key length to 168 bits with + the same restrictions as for triple ecb mode. diff --git a/secure/lib/libdes/des.h b/secure/lib/libdes/des.h new file mode 100644 index 0000000..87e68a6 --- /dev/null +++ b/secure/lib/libdes/des.h @@ -0,0 +1,246 @@ +/* lib/des/des.h */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_DES_H +#define HEADER_DES_H + +#include <stdio.h> + +typedef unsigned char des_cblock[8]; +typedef struct des_ks_struct + { + union { + des_cblock _; + /* make sure things are correct size on machines with + * 8 byte longs */ + unsigned long pad[2]; + } ks; +#undef _ +#define _ ks._ + } des_key_schedule[16]; + +#define DES_KEY_SZ (sizeof(des_cblock)) +#define DES_SCHEDULE_SZ (sizeof(des_key_schedule)) + +#define DES_ENCRYPT 1 +#define DES_DECRYPT 0 + +#define DES_CBC_MODE 0 +#define DES_PCBC_MODE 1 + +#define des_ecb2_encrypt(i,o,k1,k2,e) \ + des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e)) + +#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \ + des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e)) + +#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \ + des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e)) + +#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \ + des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n)) + +#define C_Block des_cblock +#define Key_schedule des_key_schedule +#define ENCRYPT DES_ENCRYPT +#define DECRYPT DES_DECRYPT +#define KEY_SZ DES_KEY_SZ +#define string_to_key des_string_to_key +#define read_pw_string des_read_pw_string +#define random_key des_random_key +#define pcbc_encrypt des_pcbc_encrypt +#define set_key des_set_key +#define key_sched des_key_sched +#define ecb_encrypt des_ecb_encrypt +#define cbc_encrypt des_cbc_encrypt +#define ncbc_encrypt des_ncbc_encrypt +#define cbc_cksum des_cbc_cksum +#define quad_cksum des_quad_cksum + +/* For compatibility with the MIT lib - eay 20/05/92 */ +typedef struct des_key_schedule bit_64; +#define des_fixup_key_parity des_set_odd_parity +#define des_check_key_parity check_parity + +extern int des_check_key; /* defaults to false */ +extern int des_rw_mode; /* defaults to DES_PCBC_MODE */ + +/* The next line is used to disable full ANSI prototypes, if your + * compiler has problems with the prototypes, make sure this line always + * evaluates to true :-) */ +#if defined(MSDOS) || defined(__STDC__) +#undef NOPROTO +#endif +#ifndef NOPROTO +void des_ecb3_encrypt(des_cblock *input,des_cblock *output, + des_key_schedule ks1,des_key_schedule ks2, + des_key_schedule ks3, int enc); +unsigned long des_cbc_cksum(des_cblock *input,des_cblock *output, + long length,des_key_schedule schedule,des_cblock *ivec); +void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length, + des_key_schedule schedule,des_cblock *ivec,int enc); +void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length, + des_key_schedule schedule,des_cblock *ivec,int enc); +void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length, + des_key_schedule sk1,des_key_schedule sk2, + des_cblock *ivec1,des_cblock *ivec2,int enc); +void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits, + long length,des_key_schedule schedule,des_cblock *ivec,int enc); +void des_ecb_encrypt(des_cblock *input,des_cblock *output, + des_key_schedule ks,int enc); +void des_encrypt(unsigned long *data,des_key_schedule ks, int enc); +void des_encrypt2(unsigned long *data,des_key_schedule ks, int enc); +void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output, + long length, des_key_schedule ks1, des_key_schedule ks2, + des_key_schedule ks3, des_cblock *ivec, int enc); +void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out, + long length, des_key_schedule ks1, des_key_schedule ks2, + des_key_schedule ks3, des_cblock *ivec, int *num, int encrypt); +void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out, + long length, des_key_schedule ks1, des_key_schedule ks2, + des_key_schedule ks3, des_cblock *ivec, int *num); + +int des_enc_read(int fd,char *buf,int len,des_key_schedule sched, + des_cblock *iv); +int des_enc_write(int fd,char *buf,int len,des_key_schedule sched, + des_cblock *iv); +#ifdef PERL5 +char *des_crypt(const char *buf,const char *salt); +#else +/* some stupid compilers complain because I have declared char instead + * of const char */ +#ifdef HEADER_DES_LOCL_H +char *crypt(const char *buf,const char *salt); +#else +char *crypt(); +#endif +#endif +void des_ofb_encrypt(unsigned char *in,unsigned char *out, + int numbits,long length,des_key_schedule schedule,des_cblock *ivec); +void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length, + des_key_schedule schedule,des_cblock *ivec,int enc); +unsigned long des_quad_cksum(des_cblock *input,des_cblock *output, + long length,int out_count,des_cblock *seed); +void des_random_seed(des_cblock key); +void des_random_key(des_cblock ret); +int des_read_password(des_cblock *key,char *prompt,int verify); +int des_read_2passwords(des_cblock *key1,des_cblock *key2, + char *prompt,int verify); +int des_read_pw_string(char *buf,int length,char *prompt,int verify); +void des_set_odd_parity(des_cblock *key); +int des_is_weak_key(des_cblock *key); +int des_set_key(des_cblock *key,des_key_schedule schedule); +int des_key_sched(des_cblock *key,des_key_schedule schedule); +void des_string_to_key(char *str,des_cblock *key); +void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2); +void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, + des_key_schedule schedule, des_cblock *ivec, int *num, int enc); +void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length, + des_key_schedule schedule, des_cblock *ivec, int *num); + +/* Extra functions from Mark Murray <mark@grondar.za> */ +void des_cblock_print_file(des_cblock *cb, FILE *fp); +/* The following functions are not in the normal unix build or the + * SSLeay build. When using the SSLeay build, use RAND_seed() + * and RAND_bytes() instead. */ +int des_new_random_key(des_cblock *key); +void des_init_random_number_generator(des_cblock *key); +void des_set_random_generator_seed(des_cblock *key); +void des_set_sequence_number(des_cblock new_sequence_number); +void des_generate_random_block(des_cblock *block); + +#else + +void des_ecb3_encrypt(); +unsigned long des_cbc_cksum(); +void des_cbc_encrypt(); +void des_ncbc_encrypt(); +void des_3cbc_encrypt(); +void des_cfb_encrypt(); +void des_ede3_cfb64_encrypt(); +void des_ede3_ofb64_encrypt(); +void des_ecb_encrypt(); +void des_encrypt(); +void des_encrypt2(); +void des_ede3_cbc_encrypt(); +int des_enc_read(); +int des_enc_write(); +#ifdef PERL5 +char *des_crypt(); +#else +char *crypt(); +#endif +void des_ofb_encrypt(); +void des_pcbc_encrypt(); +unsigned long des_quad_cksum(); +void des_random_seed(); +void des_random_key(); +int des_read_password(); +int des_read_2passwords(); +int des_read_pw_string(); +void des_set_odd_parity(); +int des_is_weak_key(); +int des_set_key(); +int des_key_sched(); +void des_string_to_key(); +void des_string_to_2keys(); +void des_cfb64_encrypt(); +void des_ofb64_encrypt(); + +/* Extra functions from Mark Murray <mark@grondar.za> */ +void des_cblock_print_file(); +/* The following functions are not in the normal unix build or the + * SSLeay build. When using the SSLeay build, use RAND_seed() + * and RAND_bytes() instead. */ +int des_new_random_key(); +void des_init_random_number_generator(); +void des_set_random_generator_seed(); +void des_set_sequence_number(); +void des_generate_random_block(); + +#endif +#endif diff --git a/secure/lib/libdes/des.man b/secure/lib/libdes/des.man new file mode 100644 index 0000000..7341199 --- /dev/null +++ b/secure/lib/libdes/des.man @@ -0,0 +1,186 @@ +.TH DES 1 +.SH NAME +des - encrypt or decrypt data using Data Encryption Standard +.SH SYNOPSIS +.B des +( +.B \-e +| +.B \-E +) | ( +.B \-d +| +.B \-D +) | ( +.B \-\fR[\fPcC\fR][\fPckname\fR]\fP +) | +[ +.B \-b3hfs +] [ +.B \-k +.I key +] +] [ +.B \-u\fR[\fIuuname\fR] +[ +.I input-file +[ +.I output-file +] ] +.SH DESCRIPTION +.B des +encrypts and decrypts data using the +Data Encryption Standard algorithm. +One of +.B \-e, \-E +(for encrypt) or +.B \-d, \-D +(for decrypt) must be specified. +It is also possible to use +.B \-c +or +.B \-C +in conjunction or instead of the a encrypt/decrypt option to generate +a 16 character hexadecimal checksum, generated via the +.I des_cbc_cksum. +.LP +Two standard encryption modes are supported by the +.B des +program, Cipher Block Chaining (the default) and Electronic Code Book +(specified with +.B \-b +). +.LP +The key used for the DES +algorithm is obtained by prompting the user unless the +.B `\-k +.I key' +option is given. +If the key is an argument to the +.B des +command, it is potentially visible to users executing +.BR ps (1) +or a derivative. To minimise this possibility, +.B des +takes care to destroy the key argument immediately upon entry. +If your shell keeps a history file be careful to make sure it is not +world readable. +.LP +Since this program attempts to maintain compatability with sunOS's +des(1) command, there are 2 different methods used to convert the user +supplied key to a des key. +Whenever and one or more of +.B \-E, \-D, \-C +or +.B \-3 +options are used, the key conversion procedure will not be compatible +with the sunOS des(1) version but will use all the user supplied +character to generate the des key. +.B des +command reads from standard input unless +.I input-file +is specified and writes to standard output unless +.I output-file +is given. +.SH OPTIONS +.TP +.B \-b +Select ECB +(eight bytes at a time) encryption mode. +.TP +.B \-3 +Encrypt using triple encryption. +By default triple cbc encryption is used but if the +.B \-b +option is used then triple ecb encryption is performed. +If the key is less than 8 characters long, the flag has no effect. +.TP +.B \-e +Encrypt data using an 8 byte key in a manner compatible with sunOS +des(1). +.TP +.B \-E +Encrypt data using a key of nearly unlimited length (1024 bytes). +This will product a more secure encryption. +.TP +.B \-d +Decrypt data that was encrypted with the \-e option. +.TP +.B \-D +Decrypt data that was encrypted with the \-E option. +.TP +.B \-c +Generate a 16 character hexadecimal cbc checksum and output this to +stderr. +If a filename was specified after the +.B \-c +option, the checksum is output to that file. +The checksum is generated using a key generated in a sunOS compatible +manner. +.TP +.B \-C +A cbc checksum is generated in the same manner as described for the +.B \-c +option but the DES key is generated in the same manner as used for the +.B \-E +and +.B \-D +options +.TP +.B \-f +Does nothing - allowed for compatibility with sunOS des(1) command. +.TP +.B \-s +Does nothing - allowed for compatibility with sunOS des(1) command. +.TP +.B "\-k \fIkey\fP" +Use the encryption +.I key +specified. +.TP +.B "\-h" +The +.I key +is assumed to be a 16 character hexadecimal number. +If the +.B "\-3" +option is used the key is assumed to be a 32 character hexadecimal +number. +.TP +.B \-u +This flag is used to read and write uuencoded files. If decrypting, +the input file is assumed to contain uuencoded, DES encrypted data. +If encrypting, the characters following the -u are used as the name of +the uuencoded file to embed in the begin line of the uuencoded +output. If there is no name specified after the -u, the name text.des +will be embedded in the header. +.SH SEE ALSO +.B ps (1) +.B des_crypt(3) +.SH BUGS +.LP +The problem with using the +.B -e +option is the short key length. +It would be better to use a real 56-bit key rather than an +ASCII-based 56-bit pattern. Knowing that the key was derived from ASCII +radically reduces the time necessary for a brute-force cryptographic attack. +My attempt to remove this problem is to add an alternative text-key to +DES-key function. This alternative function (accessed via +.B -E, -D, -S +and +.B -3 +) +uses DES to help generate the key. +.LP +Be carefully when using the -u option. Doing des -ud <filename> will +not decrypt filename (the -u option will gobble the d option). +.LP +The VMS operating system operates in a world where files are always a +multiple of 512 bytes. This causes problems when encrypted data is +send from unix to VMS since a 88 byte file will suddenly be padded +with 424 null bytes. To get around this problem, use the -u option +to uuencode the data before it is send to the VMS system. +.SH AUTHOR +.LP +Eric Young (eay@mincom.oz.au or eay@psych.psy.uq.oz.au) diff --git a/secure/lib/libdes/des.pl b/secure/lib/libdes/des.pl new file mode 100755 index 0000000..5ba5a9b --- /dev/null +++ b/secure/lib/libdes/des.pl @@ -0,0 +1,536 @@ +#!/usr/local/bin/perl +# Copyright (C) 1993 Eric Young +# des.pl - eric young 22/11/1991 eay@mincom.oz.au or eay@psych.psy.uq.oz.au +# eay - 92/08/31 - I think I have fixed all problems for 64bit +# versions of perl but I could be wrong since I have not tested it yet :-). +# +# This is an implementation of DES in perl. +# The two routines (des_set_key and des_ecb_encrypt) +# take 8 byte objects as arguments. +# +# des_set_key takes an 8 byte string as a key and returns a key schedule +# for use in calls to des_ecb_encrypt. +# des_ecb_encrypt takes three arguments, the first is a key schedule +# (make sure to pass it by reference with the *), the second is 1 +# to encrypt, 0 to decrypt. The third argument is an 8 byte object +# to encrypt. The function returns an 8 byte object that has been +# DES encrypted. +# +# example: +# require 'des.pl' +# +# $key =pack("C8",0x12,0x23,0x45,0x67,0x89,0xab,0xcd,0xef); +# @ks= &des_set_key($key); +# +# $outbytes= &des_ecb_encrypt(*ks,1,$data); +# @enc =unpack("C8",$outbytes); +# + +package des; + +# The following 8 arrays are used in des_set_key +@skb0=( +# for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 +0x00000000,0x00000010,0x20000000,0x20000010, +0x00010000,0x00010010,0x20010000,0x20010010, +0x00000800,0x00000810,0x20000800,0x20000810, +0x00010800,0x00010810,0x20010800,0x20010810, +0x00000020,0x00000030,0x20000020,0x20000030, +0x00010020,0x00010030,0x20010020,0x20010030, +0x00000820,0x00000830,0x20000820,0x20000830, +0x00010820,0x00010830,0x20010820,0x20010830, +0x00080000,0x00080010,0x20080000,0x20080010, +0x00090000,0x00090010,0x20090000,0x20090010, +0x00080800,0x00080810,0x20080800,0x20080810, +0x00090800,0x00090810,0x20090800,0x20090810, +0x00080020,0x00080030,0x20080020,0x20080030, +0x00090020,0x00090030,0x20090020,0x20090030, +0x00080820,0x00080830,0x20080820,0x20080830, +0x00090820,0x00090830,0x20090820,0x20090830, +); +@skb1=( +# for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 +0x00000000,0x02000000,0x00002000,0x02002000, +0x00200000,0x02200000,0x00202000,0x02202000, +0x00000004,0x02000004,0x00002004,0x02002004, +0x00200004,0x02200004,0x00202004,0x02202004, +0x00000400,0x02000400,0x00002400,0x02002400, +0x00200400,0x02200400,0x00202400,0x02202400, +0x00000404,0x02000404,0x00002404,0x02002404, +0x00200404,0x02200404,0x00202404,0x02202404, +0x10000000,0x12000000,0x10002000,0x12002000, +0x10200000,0x12200000,0x10202000,0x12202000, +0x10000004,0x12000004,0x10002004,0x12002004, +0x10200004,0x12200004,0x10202004,0x12202004, +0x10000400,0x12000400,0x10002400,0x12002400, +0x10200400,0x12200400,0x10202400,0x12202400, +0x10000404,0x12000404,0x10002404,0x12002404, +0x10200404,0x12200404,0x10202404,0x12202404, +); +@skb2=( +# for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 +0x00000000,0x00000001,0x00040000,0x00040001, +0x01000000,0x01000001,0x01040000,0x01040001, +0x00000002,0x00000003,0x00040002,0x00040003, +0x01000002,0x01000003,0x01040002,0x01040003, +0x00000200,0x00000201,0x00040200,0x00040201, +0x01000200,0x01000201,0x01040200,0x01040201, +0x00000202,0x00000203,0x00040202,0x00040203, +0x01000202,0x01000203,0x01040202,0x01040203, +0x08000000,0x08000001,0x08040000,0x08040001, +0x09000000,0x09000001,0x09040000,0x09040001, +0x08000002,0x08000003,0x08040002,0x08040003, +0x09000002,0x09000003,0x09040002,0x09040003, +0x08000200,0x08000201,0x08040200,0x08040201, +0x09000200,0x09000201,0x09040200,0x09040201, +0x08000202,0x08000203,0x08040202,0x08040203, +0x09000202,0x09000203,0x09040202,0x09040203, +); +@skb3=( +# for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 +0x00000000,0x00100000,0x00000100,0x00100100, +0x00000008,0x00100008,0x00000108,0x00100108, +0x00001000,0x00101000,0x00001100,0x00101100, +0x00001008,0x00101008,0x00001108,0x00101108, +0x04000000,0x04100000,0x04000100,0x04100100, +0x04000008,0x04100008,0x04000108,0x04100108, +0x04001000,0x04101000,0x04001100,0x04101100, +0x04001008,0x04101008,0x04001108,0x04101108, +0x00020000,0x00120000,0x00020100,0x00120100, +0x00020008,0x00120008,0x00020108,0x00120108, +0x00021000,0x00121000,0x00021100,0x00121100, +0x00021008,0x00121008,0x00021108,0x00121108, +0x04020000,0x04120000,0x04020100,0x04120100, +0x04020008,0x04120008,0x04020108,0x04120108, +0x04021000,0x04121000,0x04021100,0x04121100, +0x04021008,0x04121008,0x04021108,0x04121108, +); +@skb4=( +# for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 +0x00000000,0x10000000,0x00010000,0x10010000, +0x00000004,0x10000004,0x00010004,0x10010004, +0x20000000,0x30000000,0x20010000,0x30010000, +0x20000004,0x30000004,0x20010004,0x30010004, +0x00100000,0x10100000,0x00110000,0x10110000, +0x00100004,0x10100004,0x00110004,0x10110004, +0x20100000,0x30100000,0x20110000,0x30110000, +0x20100004,0x30100004,0x20110004,0x30110004, +0x00001000,0x10001000,0x00011000,0x10011000, +0x00001004,0x10001004,0x00011004,0x10011004, +0x20001000,0x30001000,0x20011000,0x30011000, +0x20001004,0x30001004,0x20011004,0x30011004, +0x00101000,0x10101000,0x00111000,0x10111000, +0x00101004,0x10101004,0x00111004,0x10111004, +0x20101000,0x30101000,0x20111000,0x30111000, +0x20101004,0x30101004,0x20111004,0x30111004, +); +@skb5=( +# for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 +0x00000000,0x08000000,0x00000008,0x08000008, +0x00000400,0x08000400,0x00000408,0x08000408, +0x00020000,0x08020000,0x00020008,0x08020008, +0x00020400,0x08020400,0x00020408,0x08020408, +0x00000001,0x08000001,0x00000009,0x08000009, +0x00000401,0x08000401,0x00000409,0x08000409, +0x00020001,0x08020001,0x00020009,0x08020009, +0x00020401,0x08020401,0x00020409,0x08020409, +0x02000000,0x0A000000,0x02000008,0x0A000008, +0x02000400,0x0A000400,0x02000408,0x0A000408, +0x02020000,0x0A020000,0x02020008,0x0A020008, +0x02020400,0x0A020400,0x02020408,0x0A020408, +0x02000001,0x0A000001,0x02000009,0x0A000009, +0x02000401,0x0A000401,0x02000409,0x0A000409, +0x02020001,0x0A020001,0x02020009,0x0A020009, +0x02020401,0x0A020401,0x02020409,0x0A020409, +); +@skb6=( +# for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 +0x00000000,0x00000100,0x00080000,0x00080100, +0x01000000,0x01000100,0x01080000,0x01080100, +0x00000010,0x00000110,0x00080010,0x00080110, +0x01000010,0x01000110,0x01080010,0x01080110, +0x00200000,0x00200100,0x00280000,0x00280100, +0x01200000,0x01200100,0x01280000,0x01280100, +0x00200010,0x00200110,0x00280010,0x00280110, +0x01200010,0x01200110,0x01280010,0x01280110, +0x00000200,0x00000300,0x00080200,0x00080300, +0x01000200,0x01000300,0x01080200,0x01080300, +0x00000210,0x00000310,0x00080210,0x00080310, +0x01000210,0x01000310,0x01080210,0x01080310, +0x00200200,0x00200300,0x00280200,0x00280300, +0x01200200,0x01200300,0x01280200,0x01280300, +0x00200210,0x00200310,0x00280210,0x00280310, +0x01200210,0x01200310,0x01280210,0x01280310, +); +@skb7=( +# for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 +0x00000000,0x04000000,0x00040000,0x04040000, +0x00000002,0x04000002,0x00040002,0x04040002, +0x00002000,0x04002000,0x00042000,0x04042000, +0x00002002,0x04002002,0x00042002,0x04042002, +0x00000020,0x04000020,0x00040020,0x04040020, +0x00000022,0x04000022,0x00040022,0x04040022, +0x00002020,0x04002020,0x00042020,0x04042020, +0x00002022,0x04002022,0x00042022,0x04042022, +0x00000800,0x04000800,0x00040800,0x04040800, +0x00000802,0x04000802,0x00040802,0x04040802, +0x00002800,0x04002800,0x00042800,0x04042800, +0x00002802,0x04002802,0x00042802,0x04042802, +0x00000820,0x04000820,0x00040820,0x04040820, +0x00000822,0x04000822,0x00040822,0x04040822, +0x00002820,0x04002820,0x00042820,0x04042820, +0x00002822,0x04002822,0x00042822,0x04042822, +); + +@shifts2=(0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0); + +# used in ecb_encrypt +@SP0=( +0x00410100, 0x00010000, 0x40400000, 0x40410100, +0x00400000, 0x40010100, 0x40010000, 0x40400000, +0x40010100, 0x00410100, 0x00410000, 0x40000100, +0x40400100, 0x00400000, 0x00000000, 0x40010000, +0x00010000, 0x40000000, 0x00400100, 0x00010100, +0x40410100, 0x00410000, 0x40000100, 0x00400100, +0x40000000, 0x00000100, 0x00010100, 0x40410000, +0x00000100, 0x40400100, 0x40410000, 0x00000000, +0x00000000, 0x40410100, 0x00400100, 0x40010000, +0x00410100, 0x00010000, 0x40000100, 0x00400100, +0x40410000, 0x00000100, 0x00010100, 0x40400000, +0x40010100, 0x40000000, 0x40400000, 0x00410000, +0x40410100, 0x00010100, 0x00410000, 0x40400100, +0x00400000, 0x40000100, 0x40010000, 0x00000000, +0x00010000, 0x00400000, 0x40400100, 0x00410100, +0x40000000, 0x40410000, 0x00000100, 0x40010100, +); +@SP1=( +0x08021002, 0x00000000, 0x00021000, 0x08020000, +0x08000002, 0x00001002, 0x08001000, 0x00021000, +0x00001000, 0x08020002, 0x00000002, 0x08001000, +0x00020002, 0x08021000, 0x08020000, 0x00000002, +0x00020000, 0x08001002, 0x08020002, 0x00001000, +0x00021002, 0x08000000, 0x00000000, 0x00020002, +0x08001002, 0x00021002, 0x08021000, 0x08000002, +0x08000000, 0x00020000, 0x00001002, 0x08021002, +0x00020002, 0x08021000, 0x08001000, 0x00021002, +0x08021002, 0x00020002, 0x08000002, 0x00000000, +0x08000000, 0x00001002, 0x00020000, 0x08020002, +0x00001000, 0x08000000, 0x00021002, 0x08001002, +0x08021000, 0x00001000, 0x00000000, 0x08000002, +0x00000002, 0x08021002, 0x00021000, 0x08020000, +0x08020002, 0x00020000, 0x00001002, 0x08001000, +0x08001002, 0x00000002, 0x08020000, 0x00021000, +); +@SP2=( +0x20800000, 0x00808020, 0x00000020, 0x20800020, +0x20008000, 0x00800000, 0x20800020, 0x00008020, +0x00800020, 0x00008000, 0x00808000, 0x20000000, +0x20808020, 0x20000020, 0x20000000, 0x20808000, +0x00000000, 0x20008000, 0x00808020, 0x00000020, +0x20000020, 0x20808020, 0x00008000, 0x20800000, +0x20808000, 0x00800020, 0x20008020, 0x00808000, +0x00008020, 0x00000000, 0x00800000, 0x20008020, +0x00808020, 0x00000020, 0x20000000, 0x00008000, +0x20000020, 0x20008000, 0x00808000, 0x20800020, +0x00000000, 0x00808020, 0x00008020, 0x20808000, +0x20008000, 0x00800000, 0x20808020, 0x20000000, +0x20008020, 0x20800000, 0x00800000, 0x20808020, +0x00008000, 0x00800020, 0x20800020, 0x00008020, +0x00800020, 0x00000000, 0x20808000, 0x20000020, +0x20800000, 0x20008020, 0x00000020, 0x00808000, +); +@SP3=( +0x00080201, 0x02000200, 0x00000001, 0x02080201, +0x00000000, 0x02080000, 0x02000201, 0x00080001, +0x02080200, 0x02000001, 0x02000000, 0x00000201, +0x02000001, 0x00080201, 0x00080000, 0x02000000, +0x02080001, 0x00080200, 0x00000200, 0x00000001, +0x00080200, 0x02000201, 0x02080000, 0x00000200, +0x00000201, 0x00000000, 0x00080001, 0x02080200, +0x02000200, 0x02080001, 0x02080201, 0x00080000, +0x02080001, 0x00000201, 0x00080000, 0x02000001, +0x00080200, 0x02000200, 0x00000001, 0x02080000, +0x02000201, 0x00000000, 0x00000200, 0x00080001, +0x00000000, 0x02080001, 0x02080200, 0x00000200, +0x02000000, 0x02080201, 0x00080201, 0x00080000, +0x02080201, 0x00000001, 0x02000200, 0x00080201, +0x00080001, 0x00080200, 0x02080000, 0x02000201, +0x00000201, 0x02000000, 0x02000001, 0x02080200, +); +@SP4=( +0x01000000, 0x00002000, 0x00000080, 0x01002084, +0x01002004, 0x01000080, 0x00002084, 0x01002000, +0x00002000, 0x00000004, 0x01000004, 0x00002080, +0x01000084, 0x01002004, 0x01002080, 0x00000000, +0x00002080, 0x01000000, 0x00002004, 0x00000084, +0x01000080, 0x00002084, 0x00000000, 0x01000004, +0x00000004, 0x01000084, 0x01002084, 0x00002004, +0x01002000, 0x00000080, 0x00000084, 0x01002080, +0x01002080, 0x01000084, 0x00002004, 0x01002000, +0x00002000, 0x00000004, 0x01000004, 0x01000080, +0x01000000, 0x00002080, 0x01002084, 0x00000000, +0x00002084, 0x01000000, 0x00000080, 0x00002004, +0x01000084, 0x00000080, 0x00000000, 0x01002084, +0x01002004, 0x01002080, 0x00000084, 0x00002000, +0x00002080, 0x01002004, 0x01000080, 0x00000084, +0x00000004, 0x00002084, 0x01002000, 0x01000004, +); +@SP5=( +0x10000008, 0x00040008, 0x00000000, 0x10040400, +0x00040008, 0x00000400, 0x10000408, 0x00040000, +0x00000408, 0x10040408, 0x00040400, 0x10000000, +0x10000400, 0x10000008, 0x10040000, 0x00040408, +0x00040000, 0x10000408, 0x10040008, 0x00000000, +0x00000400, 0x00000008, 0x10040400, 0x10040008, +0x10040408, 0x10040000, 0x10000000, 0x00000408, +0x00000008, 0x00040400, 0x00040408, 0x10000400, +0x00000408, 0x10000000, 0x10000400, 0x00040408, +0x10040400, 0x00040008, 0x00000000, 0x10000400, +0x10000000, 0x00000400, 0x10040008, 0x00040000, +0x00040008, 0x10040408, 0x00040400, 0x00000008, +0x10040408, 0x00040400, 0x00040000, 0x10000408, +0x10000008, 0x10040000, 0x00040408, 0x00000000, +0x00000400, 0x10000008, 0x10000408, 0x10040400, +0x10040000, 0x00000408, 0x00000008, 0x10040008, +); +@SP6=( +0x00000800, 0x00000040, 0x00200040, 0x80200000, +0x80200840, 0x80000800, 0x00000840, 0x00000000, +0x00200000, 0x80200040, 0x80000040, 0x00200800, +0x80000000, 0x00200840, 0x00200800, 0x80000040, +0x80200040, 0x00000800, 0x80000800, 0x80200840, +0x00000000, 0x00200040, 0x80200000, 0x00000840, +0x80200800, 0x80000840, 0x00200840, 0x80000000, +0x80000840, 0x80200800, 0x00000040, 0x00200000, +0x80000840, 0x00200800, 0x80200800, 0x80000040, +0x00000800, 0x00000040, 0x00200000, 0x80200800, +0x80200040, 0x80000840, 0x00000840, 0x00000000, +0x00000040, 0x80200000, 0x80000000, 0x00200040, +0x00000000, 0x80200040, 0x00200040, 0x00000840, +0x80000040, 0x00000800, 0x80200840, 0x00200000, +0x00200840, 0x80000000, 0x80000800, 0x80200840, +0x80200000, 0x00200840, 0x00200800, 0x80000800, +); +@SP7=( +0x04100010, 0x04104000, 0x00004010, 0x00000000, +0x04004000, 0x00100010, 0x04100000, 0x04104010, +0x00000010, 0x04000000, 0x00104000, 0x00004010, +0x00104010, 0x04004010, 0x04000010, 0x04100000, +0x00004000, 0x00104010, 0x00100010, 0x04004000, +0x04104010, 0x04000010, 0x00000000, 0x00104000, +0x04000000, 0x00100000, 0x04004010, 0x04100010, +0x00100000, 0x00004000, 0x04104000, 0x00000010, +0x00100000, 0x00004000, 0x04000010, 0x04104010, +0x00004010, 0x04000000, 0x00000000, 0x00104000, +0x04100010, 0x04004010, 0x04004000, 0x00100010, +0x04104000, 0x00000010, 0x00100010, 0x04004000, +0x04104010, 0x00100000, 0x04100000, 0x04000010, +0x00104000, 0x00004010, 0x04004010, 0x04100000, +0x00000010, 0x04104000, 0x00104010, 0x00000000, +0x04000000, 0x04100010, 0x00004000, 0x00104010, +); + +sub main'des_set_key + { + local($param)=@_; + local(@key); + local($c,$d,$i,$s,$t); + local(@ks)=(); + + # Get the bytes in the order we want. + @key=unpack("C8",$param); + + $c= ($key[0] )| + ($key[1]<< 8)| + ($key[2]<<16)| + ($key[3]<<24); + $d= ($key[4] )| + ($key[5]<< 8)| + ($key[6]<<16)| + ($key[7]<<24); + + &doPC1(*c,*d); + + for $i (@shifts2) + { + if ($i) + { + $c=($c>>2)|($c<<26); + $d=($d>>2)|($d<<26); + } + else + { + $c=($c>>1)|($c<<27); + $d=($d>>1)|($d<<27); + } + $c&=0x0fffffff; + $d&=0x0fffffff; + $s= $skb0[ ($c )&0x3f ]| + $skb1[(($c>> 6)&0x03)|(($c>> 7)&0x3c)]| + $skb2[(($c>>13)&0x0f)|(($c>>14)&0x30)]| + $skb3[(($c>>20)&0x01)|(($c>>21)&0x06) | + (($c>>22)&0x38)]; + $t= $skb4[ ($d )&0x3f ]| + $skb5[(($d>> 7)&0x03)|(($d>> 8)&0x3c)]| + $skb6[ ($d>>15)&0x3f ]| + $skb7[(($d>>21)&0x0f)|(($d>>22)&0x30)]; + push(@ks,(($t<<16)|($s&0x0000ffff))&0xffffffff); + $s= ($s>>16)|($t&0xffff0000) ; + push(@ks,(($s<<4)|($s>>28))&0xffffffff); + } + @ks; + } + +sub doPC1 + { + local(*a,*b)=@_; + local($t); + + $t=(($b>>4)^$a)&0x0f0f0f0f; + $b^=($t<<4); $a^=$t; + # do $a first + $t=(($a<<18)^$a)&0xcccc0000; + $a=$a^$t^($t>>18); + $t=(($a<<17)^$a)&0xaaaa0000; + $a=$a^$t^($t>>17); + $t=(($a<< 8)^$a)&0x00ff0000; + $a=$a^$t^($t>> 8); + $t=(($a<<17)^$a)&0xaaaa0000; + $a=$a^$t^($t>>17); + + # now do $b + $t=(($b<<24)^$b)&0xff000000; + $b=$b^$t^($t>>24); + $t=(($b<< 8)^$b)&0x00ff0000; + $b=$b^$t^($t>> 8); + $t=(($b<<14)^$b)&0x33330000; + $b=$b^$t^($t>>14); + $b=(($b&0x00aa00aa)<<7)|(($b&0x55005500)>>7)|($b&0xaa55aa55); + $b=($b>>8)|(($a&0xf0000000)>>4); + $a&=0x0fffffff; + } + +sub doIP + { + local(*a,*b)=@_; + local($t); + + $t=(($b>> 4)^$a)&0x0f0f0f0f; + $b^=($t<< 4); $a^=$t; + $t=(($a>>16)^$b)&0x0000ffff; + $a^=($t<<16); $b^=$t; + $t=(($b>> 2)^$a)&0x33333333; + $b^=($t<< 2); $a^=$t; + $t=(($a>> 8)^$b)&0x00ff00ff; + $a^=($t<< 8); $b^=$t; + $t=(($b>> 1)^$a)&0x55555555; + $b^=($t<< 1); $a^=$t; + $t=$a; + $a=$b&0xffffffff; + $b=$t&0xffffffff; + } + +sub doFP + { + local(*a,*b)=@_; + local($t); + + $t=(($b>> 1)^$a)&0x55555555; + $b^=($t<< 1); $a^=$t; + $t=(($a>> 8)^$b)&0x00ff00ff; + $a^=($t<< 8); $b^=$t; + $t=(($b>> 2)^$a)&0x33333333; + $b^=($t<< 2); $a^=$t; + $t=(($a>>16)^$b)&0x0000ffff; + $a^=($t<<16); $b^=$t; + $t=(($b>> 4)^$a)&0x0f0f0f0f; + $b^=($t<< 4); $a^=$t; + $a&=0xffffffff; + $b&=0xffffffff; + } + +sub main'des_ecb_encrypt + { + local(*ks,$encrypt,$in)=@_; + local($l,$r,$i,$t,$u,@input); + + @input=unpack("C8",$in); + # Get the bytes in the order we want. + $l= ($input[0] )| + ($input[1]<< 8)| + ($input[2]<<16)| + ($input[3]<<24); + $r= ($input[4] )| + ($input[5]<< 8)| + ($input[6]<<16)| + ($input[7]<<24); + + $l&=0xffffffff; + $r&=0xffffffff; + &doIP(*l,*r); + if ($encrypt) + { + for ($i=0; $i<32; $i+=4) + { + $t=(($r<<1)|($r>>31))&0xffffffff; + $u=$t^$ks[$i ]; + $t=$t^$ks[$i+1]; + $t=(($t>>4)|($t<<28))&0xffffffff; + $l^= $SP1[ $t &0x3f]| + $SP3[($t>> 8)&0x3f]| + $SP5[($t>>16)&0x3f]| + $SP7[($t>>24)&0x3f]| + $SP0[ $u &0x3f]| + $SP2[($u>> 8)&0x3f]| + $SP4[($u>>16)&0x3f]| + $SP6[($u>>24)&0x3f]; + + $t=(($l<<1)|($l>>31))&0xffffffff; + $u=$t^$ks[$i+2]; + $t=$t^$ks[$i+3]; + $t=(($t>>4)|($t<<28))&0xffffffff; + $r^= $SP1[ $t &0x3f]| + $SP3[($t>> 8)&0x3f]| + $SP5[($t>>16)&0x3f]| + $SP7[($t>>24)&0x3f]| + $SP0[ $u &0x3f]| + $SP2[($u>> 8)&0x3f]| + $SP4[($u>>16)&0x3f]| + $SP6[($u>>24)&0x3f]; + } + } + else + { + for ($i=30; $i>0; $i-=4) + { + $t=(($r<<1)|($r>>31))&0xffffffff; + $u=$t^$ks[$i ]; + $t=$t^$ks[$i+1]; + $t=(($t>>4)|($t<<28))&0xffffffff; + $l^= $SP1[ $t &0x3f]| + $SP3[($t>> 8)&0x3f]| + $SP5[($t>>16)&0x3f]| + $SP7[($t>>24)&0x3f]| + $SP0[ $u &0x3f]| + $SP2[($u>> 8)&0x3f]| + $SP4[($u>>16)&0x3f]| + $SP6[($u>>24)&0x3f]; + + $t=(($l<<1)|($l>>31))&0xffffffff; + $u=$t^$ks[$i-2]; + $t=$t^$ks[$i-1]; + $t=(($t>>4)|($t<<28))&0xffffffff; + $r^= $SP1[ $t &0x3f]| + $SP3[($t>> 8)&0x3f]| + $SP5[($t>>16)&0x3f]| + $SP7[($t>>24)&0x3f]| + $SP0[ $u &0x3f]| + $SP2[($u>> 8)&0x3f]| + $SP4[($u>>16)&0x3f]| + $SP6[($u>>24)&0x3f]; + } + } + &doFP(*l,*r); + pack("C8",$l&0xff,$l>>8,$l>>16,$l>>24, + $r&0xff,$r>>8,$r>>16,$r>>24); + } diff --git a/secure/lib/libdes/des_crypt.man b/secure/lib/libdes/des_crypt.man new file mode 100644 index 0000000..9feb447 --- /dev/null +++ b/secure/lib/libdes/des_crypt.man @@ -0,0 +1,508 @@ +.TH DES_CRYPT 3 +.SH NAME +des_read_password, des_read_2password, +des_string_to_key, des_string_to_2key, des_read_pw_string, +des_random_key, des_set_key, +des_key_sched, des_ecb_encrypt, des_3ecb_encrypt, des_cbc_encrypt, +des_3cbc_encrypt, +des_pcbc_encrypt, des_cfb_encrypt, des_ofb_encrypt, +des_cbc_cksum, des_quad_cksum, +des_enc_read, des_enc_write, des_set_odd_parity, +des_is_weak_key, crypt \- (non USA) DES encryption +.SH SYNOPSIS +.nf +.nj +.ft B +#include <des.h> +.PP +.B int des_read_password(key,prompt,verify) +des_cblock *key; +char *prompt; +int verify; +.PP +.B int des_read_2password(key1,key2,prompt,verify) +des_cblock *key1,*key2; +char *prompt; +int verify; +.PP +.B int des_string_to_key(str,key) +char *str; +des_cblock *key; +.PP +.B int des_string_to_2keys(str,key1,key2) +char *str; +des_cblock *key1,*key2; +.PP +.B int des_read_pw_string(buf,length,prompt,verify) +char *buf; +int length; +char *prompt; +int verify; +.PP +.B int des_random_key(key) +des_cblock *key; +.PP +.B int des_set_key(key,schedule) +des_cblock *key; +des_key_schedule schedule; +.PP +.B int des_key_sched(key,schedule) +des_cblock *key; +des_key_schedule schedule; +.PP +.B int des_ecb_encrypt(input,output,schedule,encrypt) +des_cblock *input; +des_cblock *output; +des_key_schedule schedule; +int encrypt; +.PP +.B int des_3ecb_encrypt(input,output,ks1,ks2,encrypt) +des_cblock *input; +des_cblock *output; +des_key_schedule ks1,ks2; +int encrypt; +.PP +.B int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt) +des_cblock *input; +des_cblock *output; +long length; +des_key_schedule schedule; +des_cblock *ivec; +int encrypt; +.PP +.B int des_3cbc_encrypt(input,output,length,sk1,sk2,ivec1,ivec2,encrypt) +des_cblock *input; +des_cblock *output; +long length; +des_key_schedule sk1; +des_key_schedule sk2; +des_cblock *ivec1; +des_cblock *ivec2; +int encrypt; +.PP +.B int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt) +des_cblock *input; +des_cblock *output; +long length; +des_key_schedule schedule; +des_cblock *ivec; +int encrypt; +.PP +.B int des_cfb_encrypt(input,output,numbits,length,schedule,ivec,encrypt) +unsigned char *input; +unsigned char *output; +int numbits; +long length; +des_key_schedule schedule; +des_cblock *ivec; +int encrypt; +.PP +.B int des_ofb_encrypt(input,output,numbits,length,schedule,ivec) +unsigned char *input,*output; +int numbits; +long length; +des_key_schedule schedule; +des_cblock *ivec; +.PP +.B unsigned long des_cbc_cksum(input,output,length,schedule,ivec) +des_cblock *input; +des_cblock *output; +long length; +des_key_schedule schedule; +des_cblock *ivec; +.PP +.B unsigned long des_quad_cksum(input,output,length,out_count,seed) +des_cblock *input; +des_cblock *output; +long length; +int out_count; +des_cblock *seed; +.PP +.B int des_check_key; +.PP +.B int des_enc_read(fd,buf,len,sched,iv) +int fd; +char *buf; +int len; +des_key_schedule sched; +des_cblock *iv; +.PP +.B int des_enc_write(fd,buf,len,sched,iv) +int fd; +char *buf; +int len; +des_key_schedule sched; +des_cblock *iv; +.PP +.B extern int des_rw_mode; +.PP +.B void des_set_odd_parity(key) +des_cblock *key; +.PP +.B int des_is_weak_key(key) +des_cblock *key; +.PP +.B char *crypt(passwd,salt) +char *passwd; +char *salt; +.PP +.fi +.SH DESCRIPTION +This library contains a fast implementation of the DES encryption +algorithm. +.PP +There are two phases to the use of DES encryption. +The first is the generation of a +.I des_key_schedule +from a key, +the second is the actual encryption. +A des key is of type +.I des_cblock. +This type is made from 8 characters with odd parity. +The least significant bit in the character is the parity bit. +The key schedule is an expanded form of the key; it is used to speed the +encryption process. +.PP +.I des_read_password +writes the string specified by prompt to the standard output, +turns off echo and reads an input string from standard input +until terminated with a newline. +If verify is non-zero, it prompts and reads the input again and verifies +that both entered passwords are the same. +The entered string is converted into a des key by using the +.I des_string_to_key +routine. +The new key is placed in the +.I des_cblock +that was passed (by reference) to the routine. +If there were no errors, +.I des_read_password +returns 0, +-1 is returned if there was a terminal error and 1 is returned for +any other error. +.PP +.I des_read_2password +operates in the same way as +.I des_read_password +except that it generates 2 keys by using the +.I des_string_to_2key +function. +.PP +.I des_read_pw_string +is called by +.I des_read_password +to read and verify a string from a terminal device. +The string is returned in +.I buf. +The size of +.I buf +is passed to the routine via the +.I length +parameter. +.PP +.I des_string_to_key +converts a string into a valid des key. +.PP +.I des_string_to_2key +converts a string into 2 valid des keys. +This routine is best suited for used to generate keys for use with +.I des_3ecb_encrypt. +.PP +.I des_random_key +returns a random key that is made of a combination of process id, +time and an increasing counter. +.PP +Before a des key can be used it is converted into a +.I des_key_schedule +via the +.I des_set_key +routine. +If the +.I des_check_key +flag is non-zero, +.I des_set_key +will check that the key passed is of odd parity and is not a week or +semi-weak key. +If the parity is wrong, +then -1 is returned. +If the key is a weak key, +then -2 is returned. +If an error is returned, +the key schedule is not generated. +.PP +.I des_key_sched +is another name for the +.I des_set_key +function. +.PP +The following routines mostly operate on an input and output stream of +.I des_cblock's. +.PP +.I des_ecb_encrypt +is the basic DES encryption routine that encrypts or decrypts a single 8-byte +.I des_cblock +in +.I electronic code book +mode. +It always transforms the input data, pointed to by +.I input, +into the output data, +pointed to by the +.I output +argument. +If the +.I encrypt +argument is non-zero (DES_ENCRYPT), +the +.I input +(cleartext) is encrypted in to the +.I output +(ciphertext) using the key_schedule specified by the +.I schedule +argument, +previously set via +.I des_set_key. +If +.I encrypt +is zero (DES_DECRYPT), +the +.I input +(now ciphertext) +is decrypted into the +.I output +(now cleartext). +Input and output may overlap. +No meaningful value is returned. +.PP +.I des_3ecb_encrypt +encrypts/decrypts the +.I input +block by using triple ecb DES encryption. +This involves encrypting the input with +.I ks1, +decryption with the key schedule +.I ks2, +and then encryption with the first again. +This routine greatly reduces the chances of brute force breaking of +DES and has the advantage of if +.I ks1 +and +.I ks2 +are the same, it is equivalent to just encryption using ecb mode and +.I ks1 +as the key. +.PP +.I des_cbc_encrypt +encrypts/decrypts using the +.I cipher-block-chaining +mode of DES. +If the +.I encrypt +argument is non-zero, +the routine cipher-block-chain encrypts the cleartext data pointed to by the +.I input +argument into the ciphertext pointed to by the +.I output +argument, +using the key schedule provided by the +.I schedule +argument, +and initialisation vector provided by the +.I ivec +argument. +If the +.I length +argument is not an integral multiple of eight bytes, +the last block is copied to a temporary area and zero filled. +The output is always +an integral multiple of eight bytes. +To make multiple cbc encrypt calls on a large amount of data appear to +be one +.I des_cbc_encrypt +call, the +.I ivec +of subsequent calls should be the last 8 bytes of the output. +.PP +.I des_3cbc_encrypt +encrypts/decrypts the +.I input +block by using triple cbc DES encryption. +This involves encrypting the input with key schedule +.I ks1, +decryption with the key schedule +.I ks2, +and then encryption with the first again. +2 initialisation vectors are required, +.I ivec1 +and +.I ivec2. +Unlike +.I des_cbc_encrypt, +these initialisation vectors are modified by the subroutine. +This routine greatly reduces the chances of brute force breaking of +DES and has the advantage of if +.I ks1 +and +.I ks2 +are the same, it is equivalent to just encryption using cbc mode and +.I ks1 +as the key. +.PP +.I des_pcbc_encrypt +encrypt/decrypts using a modified block chaining mode. +It provides better error propagation characteristics than cbc +encryption. +.PP +.I des_cfb_encrypt +encrypt/decrypts using cipher feedback mode. This method takes an +array of characters as input and outputs and array of characters. It +does not require any padding to 8 character groups. Note: the ivec +variable is changed and the new changed value needs to be passed to +the next call to this function. Since this function runs a complete +DES ecb encryption per numbits, this function is only suggested for +use when sending small numbers of characters. +.PP +.I des_ofb_encrypt +encrypt using output feedback mode. This method takes an +array of characters as input and outputs and array of characters. It +does not require any padding to 8 character groups. Note: the ivec +variable is changed and the new changed value needs to be passed to +the next call to this function. Since this function runs a complete +DES ecb encryption per numbits, this function is only suggested for +use when sending small numbers of characters. +.PP +.I des_cbc_cksum +produces an 8 byte checksum based on the input stream (via cbc encryption). +The last 4 bytes of the checksum is returned and the complete 8 bytes is +placed in +.I output. +.PP +.I des_quad_cksum +returns a 4 byte checksum from the input bytes. +The algorithm can be iterated over the input, +depending on +.I out_count, +1, 2, 3 or 4 times. +If +.I output +is non-NULL, +the 8 bytes generated by each pass are written into +.I output. +.PP +.I des_enc_write +is used to write +.I len +bytes +to file descriptor +.I fd +from buffer +.I buf. +The data is encrypted via +.I pcbc_encrypt +(default) using +.I sched +for the key and +.I iv +as a starting vector. +The actual data send down +.I fd +consists of 4 bytes (in network byte order) containing the length of the +following encrypted data. The encrypted data then follows, padded with random +data out to a multiple of 8 bytes. +.PP +.I des_enc_read +is used to read +.I len +bytes +from file descriptor +.I fd +into buffer +.I buf. +The data being read from +.I fd +is assumed to have come from +.I des_enc_write +and is decrypted using +.I sched +for the key schedule and +.I iv +for the initial vector. +The +.I des_enc_read/des_enc_write +pair can be used to read/write to files, pipes and sockets. +I have used them in implementing a version of rlogin in which all +data is encrypted. +.PP +.I des_rw_mode +is used to specify the encryption mode to use with +.I des_enc_read +and +.I des_end_write. +If set to +.I DES_PCBC_MODE +(the default), des_pcbc_encrypt is used. +If set to +.I DES_CBC_MODE +des_cbc_encrypt is used. +These two routines and the variable are not part of the normal MIT library. +.PP +.I des_set_odd_parity +sets the parity of the passed +.I key +to odd. This routine is not part of the standard MIT library. +.PP +.I des_is_weak_key +returns 1 is the passed key is a weak key (pick again :-), +0 if it is ok. +This routine is not part of the standard MIT library. +.PP +.I crypt +is a replacement for the normal system crypt. +It is much faster than the system crypt. +.PP +.SH FILES +/usr/include/des.h +.br +/usr/lib/libdes.a +.PP +The encryption routines have been tested on 16bit, 32bit and 64bit +machines of various endian and even works under VMS. +.PP +.SH BUGS +.PP +If you think this manual is sparse, +read the des_crypt(3) manual from the MIT kerberos (or bones outside +of the USA) distribution. +.PP +.I des_cfb_encrypt +and +.I des_ofb_encrypt +operates on input of 8 bits. What this means is that if you set +numbits to 12, and length to 2, the first 12 bits will come from the 1st +input byte and the low half of the second input byte. The second 12 +bits will have the low 8 bits taken from the 3rd input byte and the +top 4 bits taken from the 4th input byte. The same holds for output. +This function has been implemented this way because most people will +be using a multiple of 8 and because once you get into pulling bytes input +bytes apart things get ugly! +.PP +.I des_read_pw_string +is the most machine/OS dependent function and normally generates the +most problems when porting this code. +.PP +.I des_string_to_key +is probably different from the MIT version since there are lots +of fun ways to implement one-way encryption of a text string. +.PP +The routines are optimised for 32 bit machines and so are not efficient +on IBM PCs. +.PP +NOTE: extensive work has been done on this library since this document +was origionally written. Please try to read des.doc from the libdes +distribution since it is far more upto date and documents more of the +functions. Libdes is now also being shipped as part of SSLeay, a +general cryptographic library that amonst other things implements +netscapes SSL protocoll. The most recent version can be found in +SSLeay distributions. +.SH AUTHOR +Eric Young (eay@mincom.oz.au or eay@psych.psy.uq.oz.au) diff --git a/secure/lib/libdes/des_locl.h b/secure/lib/libdes/des_locl.h new file mode 100644 index 0000000..80a4ccd --- /dev/null +++ b/secure/lib/libdes/des_locl.h @@ -0,0 +1,276 @@ +/* lib/des/des_locl.h */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_DES_LOCL_H +#define HEADER_DES_LOCL_H +#include <stdio.h> +#include <stdlib.h> +#ifndef MSDOS +#include <unistd.h> +#endif +#include "des.h" + +/* the following is tweaked from a config script, that is why it is a + * protected undef/define */ +#ifndef DES_USE_PTR +#undef DES_USE_PTR +#endif + +#ifdef MSDOS /* Visual C++ 2.1 (Windows NT/95) */ +#include <stdlib.h> +#include <time.h> +#include <io.h> +#ifndef RAND +#define RAND +#endif +#undef NOPROTO +#endif + +#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS) +#include <string.h> +#endif + +#ifndef RAND +#define RAND +#endif + +#ifdef linux +#undef RAND +#endif + +#ifdef MSDOS +#define getpid() 2 +extern int errno; +#define RAND +#undef NOPROTO +#endif + +#if defined(NOCONST) +#define const +#endif + +#ifdef __STDC__ +#undef NOPROTO +#endif + +#ifdef RAND +#define srandom(s) srand(s) +#define random rand +#endif + +#define ITERATIONS 16 +#define HALF_ITERATIONS 8 + +/* used in des_read and des_write */ +#define MAXWRITE (1024*16) +#define BSIZE (MAXWRITE+4) + +#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<<24L) + +/* NOTE - c is not incremented as per c2l */ +#define c2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ + case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ + case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ + case 5: l2|=((unsigned long)(*(--(c)))); \ + case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ + case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ + case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ + case 1: l1|=((unsigned long)(*(--(c)))); \ + } \ + } + +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24L)&0xff)) + +/* replacements for htonl and ntohl since I have no idea what to do + * when faced with machines with 8 byte longs. */ +#define HDRSIZE 4 + +#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))) + +#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +/* NOTE - c is not incremented as per l2c */ +#define l2cn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ + } \ + } + +/* The changes to this macro may help or hinder, depending on the + * compiler and the achitecture. gcc2 always seems to do well :-). + * Inspired by Dana How <how@isl.stanford.edu> + * DO NOT use the alternative version on machines with 8 byte longs. */ +#ifdef DES_USR_PTR +#define D_ENCRYPT(L,R,S) { \ + u=((R^s[S ])<<2); \ + t= R^s[S+1]; \ + t=((t>>2)+(t<<30)); \ + L^= \ + *(unsigned long *)(des_SP+0x0100+((t )&0xfc))+ \ + *(unsigned long *)(des_SP+0x0300+((t>> 8)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0500+((t>>16)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0700+((t>>24)&0xfc))+ \ + *(unsigned long *)(des_SP+ ((u )&0xfc))+ \ + *(unsigned long *)(des_SP+0x0200+((u>> 8)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0400+((u>>16)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0600+((u>>24)&0xfc)); } +#else /* original version */ +#ifdef MSDOS +#define D_ENCRYPT(L,R,S) \ + U.l=R^s[S+1]; \ + T.s[0]=((U.s[0]>>4)|(U.s[1]<<12))&0x3f3f; \ + T.s[1]=((U.s[1]>>4)|(U.s[0]<<12))&0x3f3f; \ + U.l=(R^s[S ])&0x3f3f3f3fL; \ + L^= des_SPtrans[1][(T.c[0])]| \ + des_SPtrans[3][(T.c[1])]| \ + des_SPtrans[5][(T.c[2])]| \ + des_SPtrans[7][(T.c[3])]| \ + des_SPtrans[0][(U.c[0])]| \ + des_SPtrans[2][(U.c[1])]| \ + des_SPtrans[4][(U.c[2])]| \ + des_SPtrans[6][(U.c[3])]; +#else +#define D_ENCRYPT(Q,R,S) {\ + u=(R^s[S ]); \ + t=R^s[S+1]; \ + t=((t>>4L)+(t<<28L)); \ + Q^= des_SPtrans[1][(t )&0x3f]| \ + des_SPtrans[3][(t>> 8L)&0x3f]| \ + des_SPtrans[5][(t>>16L)&0x3f]| \ + des_SPtrans[7][(t>>24L)&0x3f]| \ + des_SPtrans[0][(u )&0x3f]| \ + des_SPtrans[2][(u>> 8L)&0x3f]| \ + des_SPtrans[4][(u>>16L)&0x3f]| \ + des_SPtrans[6][(u>>24L)&0x3f]; } +#endif +#endif + + /* IP and FP + * The problem is more of a geometric problem that random bit fiddling. + 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6 + 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4 + 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2 + 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0 + + 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7 + 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5 + 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3 + 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1 + + The output has been subject to swaps of the form + 0 1 -> 3 1 but the odd and even bits have been put into + 2 3 2 0 + different words. The main trick is to remember that + t=((l>>size)^r)&(mask); + r^=t; + l^=(t<<size); + can be used to swap and move bits between words. + + So l = 0 1 2 3 r = 16 17 18 19 + 4 5 6 7 20 21 22 23 + 8 9 10 11 24 25 26 27 + 12 13 14 15 28 29 30 31 + becomes (for size == 2 and mask == 0x3333) + t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19 + 6^20 7^21 -- -- 4 5 20 21 6 7 22 23 + 10^24 11^25 -- -- 8 9 24 25 10 11 24 25 + 14^28 15^29 -- -- 12 13 28 29 14 15 28 29 + + Thanks for hints from Richard Outerbridge - he told me IP&FP + could be done in 15 xor, 10 shifts and 5 ands. + When I finally started to think of the problem in 2D + I first got ~42 operations without xors. When I remembered + how to use xors :-) I got it to its final state. + */ +#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\ + (b)^=(t),\ + (a)^=((t)<<(n))) + +#define IP(l,r) \ + { \ + register unsigned long tt; \ + PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \ + PERM_OP(l,r,tt,16,0x0000ffffL); \ + PERM_OP(r,l,tt, 2,0x33333333L); \ + PERM_OP(l,r,tt, 8,0x00ff00ffL); \ + PERM_OP(r,l,tt, 1,0x55555555L); \ + } + +#define FP(l,r) \ + { \ + register unsigned long tt; \ + PERM_OP(l,r,tt, 1,0x55555555L); \ + PERM_OP(r,l,tt, 8,0x00ff00ffL); \ + PERM_OP(l,r,tt, 2,0x33333333L); \ + PERM_OP(r,l,tt,16,0x0000ffffL); \ + PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \ + } +#endif diff --git a/secure/lib/libdes/des_locl.org b/secure/lib/libdes/des_locl.org new file mode 100644 index 0000000..80a4ccd --- /dev/null +++ b/secure/lib/libdes/des_locl.org @@ -0,0 +1,276 @@ +/* lib/des/des_locl.h */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_DES_LOCL_H +#define HEADER_DES_LOCL_H +#include <stdio.h> +#include <stdlib.h> +#ifndef MSDOS +#include <unistd.h> +#endif +#include "des.h" + +/* the following is tweaked from a config script, that is why it is a + * protected undef/define */ +#ifndef DES_USE_PTR +#undef DES_USE_PTR +#endif + +#ifdef MSDOS /* Visual C++ 2.1 (Windows NT/95) */ +#include <stdlib.h> +#include <time.h> +#include <io.h> +#ifndef RAND +#define RAND +#endif +#undef NOPROTO +#endif + +#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS) +#include <string.h> +#endif + +#ifndef RAND +#define RAND +#endif + +#ifdef linux +#undef RAND +#endif + +#ifdef MSDOS +#define getpid() 2 +extern int errno; +#define RAND +#undef NOPROTO +#endif + +#if defined(NOCONST) +#define const +#endif + +#ifdef __STDC__ +#undef NOPROTO +#endif + +#ifdef RAND +#define srandom(s) srand(s) +#define random rand +#endif + +#define ITERATIONS 16 +#define HALF_ITERATIONS 8 + +/* used in des_read and des_write */ +#define MAXWRITE (1024*16) +#define BSIZE (MAXWRITE+4) + +#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<<24L) + +/* NOTE - c is not incremented as per c2l */ +#define c2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ + case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ + case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ + case 5: l2|=((unsigned long)(*(--(c)))); \ + case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ + case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ + case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ + case 1: l1|=((unsigned long)(*(--(c)))); \ + } \ + } + +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24L)&0xff)) + +/* replacements for htonl and ntohl since I have no idea what to do + * when faced with machines with 8 byte longs. */ +#define HDRSIZE 4 + +#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))) + +#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +/* NOTE - c is not incremented as per l2c */ +#define l2cn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ + } \ + } + +/* The changes to this macro may help or hinder, depending on the + * compiler and the achitecture. gcc2 always seems to do well :-). + * Inspired by Dana How <how@isl.stanford.edu> + * DO NOT use the alternative version on machines with 8 byte longs. */ +#ifdef DES_USR_PTR +#define D_ENCRYPT(L,R,S) { \ + u=((R^s[S ])<<2); \ + t= R^s[S+1]; \ + t=((t>>2)+(t<<30)); \ + L^= \ + *(unsigned long *)(des_SP+0x0100+((t )&0xfc))+ \ + *(unsigned long *)(des_SP+0x0300+((t>> 8)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0500+((t>>16)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0700+((t>>24)&0xfc))+ \ + *(unsigned long *)(des_SP+ ((u )&0xfc))+ \ + *(unsigned long *)(des_SP+0x0200+((u>> 8)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0400+((u>>16)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0600+((u>>24)&0xfc)); } +#else /* original version */ +#ifdef MSDOS +#define D_ENCRYPT(L,R,S) \ + U.l=R^s[S+1]; \ + T.s[0]=((U.s[0]>>4)|(U.s[1]<<12))&0x3f3f; \ + T.s[1]=((U.s[1]>>4)|(U.s[0]<<12))&0x3f3f; \ + U.l=(R^s[S ])&0x3f3f3f3fL; \ + L^= des_SPtrans[1][(T.c[0])]| \ + des_SPtrans[3][(T.c[1])]| \ + des_SPtrans[5][(T.c[2])]| \ + des_SPtrans[7][(T.c[3])]| \ + des_SPtrans[0][(U.c[0])]| \ + des_SPtrans[2][(U.c[1])]| \ + des_SPtrans[4][(U.c[2])]| \ + des_SPtrans[6][(U.c[3])]; +#else +#define D_ENCRYPT(Q,R,S) {\ + u=(R^s[S ]); \ + t=R^s[S+1]; \ + t=((t>>4L)+(t<<28L)); \ + Q^= des_SPtrans[1][(t )&0x3f]| \ + des_SPtrans[3][(t>> 8L)&0x3f]| \ + des_SPtrans[5][(t>>16L)&0x3f]| \ + des_SPtrans[7][(t>>24L)&0x3f]| \ + des_SPtrans[0][(u )&0x3f]| \ + des_SPtrans[2][(u>> 8L)&0x3f]| \ + des_SPtrans[4][(u>>16L)&0x3f]| \ + des_SPtrans[6][(u>>24L)&0x3f]; } +#endif +#endif + + /* IP and FP + * The problem is more of a geometric problem that random bit fiddling. + 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6 + 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4 + 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2 + 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0 + + 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7 + 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5 + 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3 + 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1 + + The output has been subject to swaps of the form + 0 1 -> 3 1 but the odd and even bits have been put into + 2 3 2 0 + different words. The main trick is to remember that + t=((l>>size)^r)&(mask); + r^=t; + l^=(t<<size); + can be used to swap and move bits between words. + + So l = 0 1 2 3 r = 16 17 18 19 + 4 5 6 7 20 21 22 23 + 8 9 10 11 24 25 26 27 + 12 13 14 15 28 29 30 31 + becomes (for size == 2 and mask == 0x3333) + t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19 + 6^20 7^21 -- -- 4 5 20 21 6 7 22 23 + 10^24 11^25 -- -- 8 9 24 25 10 11 24 25 + 14^28 15^29 -- -- 12 13 28 29 14 15 28 29 + + Thanks for hints from Richard Outerbridge - he told me IP&FP + could be done in 15 xor, 10 shifts and 5 ands. + When I finally started to think of the problem in 2D + I first got ~42 operations without xors. When I remembered + how to use xors :-) I got it to its final state. + */ +#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\ + (b)^=(t),\ + (a)^=((t)<<(n))) + +#define IP(l,r) \ + { \ + register unsigned long tt; \ + PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \ + PERM_OP(l,r,tt,16,0x0000ffffL); \ + PERM_OP(r,l,tt, 2,0x33333333L); \ + PERM_OP(l,r,tt, 8,0x00ff00ffL); \ + PERM_OP(r,l,tt, 1,0x55555555L); \ + } + +#define FP(l,r) \ + { \ + register unsigned long tt; \ + PERM_OP(l,r,tt, 1,0x55555555L); \ + PERM_OP(r,l,tt, 8,0x00ff00ffL); \ + PERM_OP(l,r,tt, 2,0x33333333L); \ + PERM_OP(r,l,tt,16,0x0000ffffL); \ + PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \ + } +#endif diff --git a/secure/lib/libdes/destest.c b/secure/lib/libdes/destest.c new file mode 100644 index 0000000..fec3990 --- /dev/null +++ b/secure/lib/libdes/destest.c @@ -0,0 +1,794 @@ +/* lib/des/destest.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <stdlib.h> +#ifndef MSDOS +#include <unistd.h> +#else +#include <io.h> +#endif +#include <string.h> +#include "des.h" + +/* tisk tisk - the test keys don't all have odd parity :-( */ +/* test data */ +#define NUM_TESTS 34 +static unsigned char key_data[NUM_TESTS][8]={ + {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}, + {0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11}, + {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, + {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11}, + {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}, + {0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57}, + {0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E}, + {0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86}, + {0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E}, + {0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6}, + {0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE}, + {0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6}, + {0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE}, + {0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16}, + {0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F}, + {0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46}, + {0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E}, + {0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76}, + {0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07}, + {0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F}, + {0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7}, + {0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF}, + {0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6}, + {0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF}, + {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, + {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E}, + {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE}, + {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}, + {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, + {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}}; + +static unsigned char plain_data[NUM_TESTS][8]={ + {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}, + {0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01}, + {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11}, + {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11}, + {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, + {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, + {0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42}, + {0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA}, + {0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72}, + {0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A}, + {0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2}, + {0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A}, + {0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2}, + {0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A}, + {0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02}, + {0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A}, + {0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32}, + {0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA}, + {0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62}, + {0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2}, + {0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA}, + {0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92}, + {0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A}, + {0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2}, + {0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A}, + {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, + {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, + {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF}, + {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}, + {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}}; + +static unsigned char cipher_data[NUM_TESTS][8]={ + {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7}, + {0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58}, + {0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B}, + {0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33}, + {0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D}, + {0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD}, + {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7}, + {0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4}, + {0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B}, + {0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71}, + {0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A}, + {0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A}, + {0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95}, + {0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B}, + {0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09}, + {0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A}, + {0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F}, + {0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88}, + {0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77}, + {0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A}, + {0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56}, + {0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56}, + {0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56}, + {0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC}, + {0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A}, + {0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41}, + {0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93}, + {0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00}, + {0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06}, + {0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7}, + {0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51}, + {0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE}, + {0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D}, + {0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2}}; + +static unsigned char cipher_ecb2[NUM_TESTS-1][8]={ + {0x92,0x95,0xB5,0x9B,0xB3,0x84,0x73,0x6E}, + {0x19,0x9E,0x9D,0x6D,0xF3,0x9A,0xA8,0x16}, + {0x2A,0x4B,0x4D,0x24,0x52,0x43,0x84,0x27}, + {0x35,0x84,0x3C,0x01,0x9D,0x18,0xC5,0xB6}, + {0x4A,0x5B,0x2F,0x42,0xAA,0x77,0x19,0x25}, + {0xA0,0x6B,0xA9,0xB8,0xCA,0x5B,0x17,0x8A}, + {0xAB,0x9D,0xB7,0xFB,0xED,0x95,0xF2,0x74}, + {0x3D,0x25,0x6C,0x23,0xA7,0x25,0x2F,0xD6}, + {0xB7,0x6F,0xAB,0x4F,0xBD,0xBD,0xB7,0x67}, + {0x8F,0x68,0x27,0xD6,0x9C,0xF4,0x1A,0x10}, + {0x82,0x57,0xA1,0xD6,0x50,0x5E,0x81,0x85}, + {0xA2,0x0F,0x0A,0xCD,0x80,0x89,0x7D,0xFA}, + {0xCD,0x2A,0x53,0x3A,0xDB,0x0D,0x7E,0xF3}, + {0xD2,0xC2,0xBE,0x27,0xE8,0x1B,0x68,0xE3}, + {0xE9,0x24,0xCF,0x4F,0x89,0x3C,0x5B,0x0A}, + {0xA7,0x18,0xC3,0x9F,0xFA,0x9F,0xD7,0x69}, + {0x77,0x2C,0x79,0xB1,0xD2,0x31,0x7E,0xB1}, + {0x49,0xAB,0x92,0x7F,0xD0,0x22,0x00,0xB7}, + {0xCE,0x1C,0x6C,0x7D,0x85,0xE3,0x4A,0x6F}, + {0xBE,0x91,0xD6,0xE1,0x27,0xB2,0xE9,0x87}, + {0x70,0x28,0xAE,0x8F,0xD1,0xF5,0x74,0x1A}, + {0xAA,0x37,0x80,0xBB,0xF3,0x22,0x1D,0xDE}, + {0xA6,0xC4,0xD2,0x5E,0x28,0x93,0xAC,0xB3}, + {0x22,0x07,0x81,0x5A,0xE4,0xB7,0x1A,0xAD}, + {0xDC,0xCE,0x05,0xE7,0x07,0xBD,0xF5,0x84}, + {0x26,0x1D,0x39,0x2C,0xB3,0xBA,0xA5,0x85}, + {0xB4,0xF7,0x0F,0x72,0xFB,0x04,0xF0,0xDC}, + {0x95,0xBA,0xA9,0x4E,0x87,0x36,0xF2,0x89}, + {0xD4,0x07,0x3A,0xF1,0x5A,0x17,0x82,0x0E}, + {0xEF,0x6F,0xAF,0xA7,0x66,0x1A,0x7E,0x89}, + {0xC1,0x97,0xF5,0x58,0x74,0x8A,0x20,0xE7}, + {0x43,0x34,0xCF,0xDA,0x22,0xC4,0x86,0xC8}, + {0x08,0xD7,0xB4,0xFB,0x62,0x9D,0x08,0x85}}; + +static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}; +static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87}; +static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10}; +static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10}; +static char cbc_data[40]="7654321 Now is the time for "; + +static unsigned char cbc_ok[32]={ + 0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4, + 0xac,0xd8,0xae,0xfd,0xdf,0xd8,0xa1,0xeb, + 0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68, + 0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4}; + +static unsigned char cbc3_ok[32]={ + 0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0, + 0x22,0x13,0x76,0x3C,0x1C,0xBD,0x4C,0xDC, + 0x79,0x96,0x57,0xC0,0x64,0xEC,0xF5,0xD4, + 0x1C,0x67,0x38,0x12,0xCF,0xDE,0x96,0x75}; + +static unsigned char pcbc_ok[32]={ + 0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4, + 0x6d,0xec,0xb4,0x70,0xa0,0xe5,0x6b,0x15, + 0xae,0xa6,0xbf,0x61,0xed,0x7d,0x9c,0x9f, + 0xf7,0x17,0x46,0x3b,0x8a,0xb3,0xcc,0x88}; + +static unsigned char cfb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}; +static unsigned char cfb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef}; +static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8]; +static unsigned char plain[24]= + { + 0x4e,0x6f,0x77,0x20,0x69,0x73, + 0x20,0x74,0x68,0x65,0x20,0x74, + 0x69,0x6d,0x65,0x20,0x66,0x6f, + 0x72,0x20,0x61,0x6c,0x6c,0x20 + }; +static unsigned char cfb_cipher8[24]= { + 0xf3,0x1f,0xda,0x07,0x01,0x14, 0x62,0xee,0x18,0x7f,0x43,0xd8, + 0x0a,0x7c,0xd9,0xb5,0xb0,0xd2, 0x90,0xda,0x6e,0x5b,0x9a,0x87 }; +static unsigned char cfb_cipher16[24]={ + 0xF3,0x09,0x87,0x87,0x7F,0x57, 0xF7,0x3C,0x36,0xB6,0xDB,0x70, + 0xD8,0xD5,0x34,0x19,0xD3,0x86, 0xB2,0x23,0xB7,0xB2,0xAD,0x1B }; +static unsigned char cfb_cipher32[24]={ + 0xF3,0x09,0x62,0x49,0xA4,0xDF, 0xA4,0x9F,0x33,0xDC,0x7B,0xAD, + 0x4C,0xC8,0x9F,0x64,0xE4,0x53, 0xE5,0xEC,0x67,0x20,0xDA,0xB6 }; +static unsigned char cfb_cipher48[24]={ + 0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x30,0xB5,0x15,0xEC,0xBB,0x85, + 0x97,0x5A,0x13,0x8C,0x68,0x60, 0xE2,0x38,0x34,0x3C,0xDC,0x1F }; +static unsigned char cfb_cipher64[24]={ + 0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x6E,0x51,0xA6,0x9E,0x83,0x9B, + 0x1A,0x92,0xF7,0x84,0x03,0x46, 0x71,0x33,0x89,0x8E,0xA6,0x22 }; + +static unsigned char ofb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}; +static unsigned char ofb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef}; +static unsigned char ofb_buf1[24],ofb_buf2[24],ofb_tmp[8]; +static unsigned char ofb_cipher[24]= + { + 0xf3,0x09,0x62,0x49,0xc7,0xf4,0x6e,0x51, + 0x35,0xf2,0x4a,0x24,0x2e,0xeb,0x3d,0x3f, + 0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3 + }; + +unsigned long cbc_cksum_ret=0xB462FEF7L; +unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4}; + +#ifndef NOPROTO +static char *pt(unsigned char *p); +static int cfb_test(int bits, unsigned char *cfb_cipher); +static int cfb64_test(unsigned char *cfb_cipher); +static int ede_cfb64_test(unsigned char *cfb_cipher); +#else +static char *pt(); +static int cfb_test(); +static int cfb64_test(); +static int ede_cfb64_test(); +#endif + +int main(argc,argv) +int argc; +char *argv[]; + { + int i,j,err=0; + des_cblock in,out,outin,iv3; + des_key_schedule ks,ks2,ks3; + unsigned char cbc_in[40]; + unsigned char cbc_out[40]; + unsigned long cs; + unsigned char qret[4][4],cret[8]; + unsigned long lqret[4]; + int num; + char *str; + + printf("Doing ecb\n"); + for (i=0; i<NUM_TESTS; i++) + { + if ((j=key_sched((C_Block *)(key_data[i]),ks)) != 0) + { + printf("Key error %2d:%d\n",i+1,j); + err=1; + } + memcpy(in,plain_data[i],8); + memset(out,0,8); + memset(outin,0,8); + des_ecb_encrypt((C_Block *)in,(C_Block *)out,ks,DES_ENCRYPT); + des_ecb_encrypt((C_Block *)out,(C_Block *)outin,ks,DES_DECRYPT); + + if (memcmp(out,cipher_data[i],8) != 0) + { + printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n", + i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]), + pt(out)); + err=1; + } + if (memcmp(in,outin,8) != 0) + { + printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n", + i+1,pt(key_data[i]),pt(out),pt(in),pt(outin)); + err=1; + } + } + + printf("Doing ede ecb\n"); + for (i=0; i<(NUM_TESTS-1); i++) + { + if ((j=key_sched((C_Block *)(key_data[i]),ks)) != 0) + { + err=1; + printf("Key error %2d:%d\n",i+1,j); + } + if ((j=key_sched((C_Block *)(key_data[i+1]),ks2)) != 0) + { + printf("Key error %2d:%d\n",i+2,j); + err=1; + } + if ((j=key_sched((C_Block *)(key_data[i+2]),ks3)) != 0) + { + printf("Key error %2d:%d\n",i+3,j); + err=1; + } + memcpy(in,plain_data[i],8); + memset(out,0,8); + memset(outin,0,8); + des_ecb2_encrypt((C_Block *)in,(C_Block *)out,ks,ks2, + DES_ENCRYPT); + des_ecb2_encrypt((C_Block *)out,(C_Block *)outin,ks,ks2, + DES_DECRYPT); + + if (memcmp(out,cipher_ecb2[i],8) != 0) + { + printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n", + i+1,pt(key_data[i]),pt(in),pt(cipher_ecb2[i]), + pt(out)); + err=1; + } + if (memcmp(in,outin,8) != 0) + { + printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n", + i+1,pt(key_data[i]),pt(out),pt(in),pt(outin)); + err=1; + } + } + + printf("Doing cbc\n"); + if ((j=key_sched((C_Block *)cbc_key,ks)) != 0) + { + printf("Key error %d\n",j); + err=1; + } + memset(cbc_out,0,40); + memset(cbc_in,0,40); + des_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out, + (long)strlen((char *)cbc_data)+1,ks, + (C_Block *)cbc_iv,DES_ENCRYPT); + if (memcmp(cbc_out,cbc_ok,32) != 0) + printf("cbc_encrypt encrypt error\n"); + des_cbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in, + (long)strlen((char *)cbc_data)+1,ks, + (C_Block *)cbc_iv,DES_DECRYPT); + if (memcmp(cbc_in,cbc_data,32) != 0) + { + printf("cbc_encrypt decrypt error\n"); + err=1; + } + + printf("Doing ede cbc\n"); + if ((j=key_sched((C_Block *)cbc_key,ks)) != 0) + { + printf("Key error %d\n",j); + err=1; + } + if ((j=key_sched((C_Block *)cbc2_key,ks2)) != 0) + { + printf("Key error %d\n",j); + err=1; + } + if ((j=key_sched((C_Block *)cbc3_key,ks3)) != 0) + { + printf("Key error %d\n",j); + err=1; + } + memset(cbc_out,0,40); + memset(cbc_in,0,40); + i=strlen((char *)cbc_data)+1; + i=((i+7)/8)*8; + memcpy(iv3,cbc_iv,sizeof(cbc_iv)); + + des_ede3_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out, + 16L,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT); + des_ede3_cbc_encrypt((C_Block *)&(cbc_data[16]), + (C_Block *)&(cbc_out[16]), + (long)i-16,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT); + if (memcmp(cbc_out,cbc3_ok, + (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0) + { + printf("des_ede3_cbc_encrypt encrypt error\n"); + err=1; + } + + memcpy(iv3,cbc_iv,sizeof(cbc_iv)); + des_ede3_cbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in, + (long)i,ks,ks2,ks3,(C_Block *)iv3,DES_DECRYPT); + if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0) + { + printf("des_ede3_cbc_encrypt decrypt error\n"); + err=1; + } + + printf("Doing pcbc\n"); + if ((j=key_sched((C_Block *)cbc_key,ks)) != 0) + { + printf("Key error %d\n",j); + err=1; + } + memset(cbc_out,0,40); + memset(cbc_in,0,40); + des_pcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out, + (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_ENCRYPT); + if (memcmp(cbc_out,pcbc_ok,32) != 0) + { + printf("pcbc_encrypt encrypt error\n"); + err=1; + } + des_pcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in, + (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_DECRYPT); + if (memcmp(cbc_in,cbc_data,32) != 0) + { + printf("pcbc_encrypt decrypt error\n"); + err=1; + } + + printf("Doing "); + printf("cfb8 "); + err+=cfb_test(8,cfb_cipher8); + printf("cfb16 "); + err+=cfb_test(16,cfb_cipher16); + printf("cfb32 "); + err+=cfb_test(32,cfb_cipher32); + printf("cfb48 "); + err+=cfb_test(48,cfb_cipher48); + printf("cfb64 "); + err+=cfb_test(64,cfb_cipher64); + + printf("cfb64() "); + err+=cfb64_test(cfb_cipher64); + + memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); + for (i=0; i<sizeof(plain); i++) + des_cfb_encrypt(&(plain[i]),&(cfb_buf1[i]), + 8,(long)1,ks,(C_Block *)cfb_tmp,DES_ENCRYPT); + if (memcmp(cfb_cipher8,cfb_buf1,sizeof(plain)) != 0) + { + printf("cfb_encrypt small encrypt error\n"); + err=1; + } + + memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); + for (i=0; i<sizeof(plain); i++) + des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]), + 8,(long)1,ks,(C_Block *)cfb_tmp,DES_DECRYPT); + if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0) + { + printf("cfb_encrypt small decrypt error\n"); + err=1; + } + + printf("ede_cfb64() "); + err+=ede_cfb64_test(cfb_cipher64); + + printf("done\n"); + + printf("Doing ofb\n"); + key_sched((C_Block *)ofb_key,ks); + memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); + des_ofb_encrypt(plain,ofb_buf1,64,(long)sizeof(plain)/8,ks, + (C_Block *)ofb_tmp); + if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0) + { + printf("ofb_encrypt encrypt error\n"); + err=1; + } + memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); + des_ofb_encrypt(ofb_buf1,ofb_buf2,64,(long)sizeof(ofb_buf1)/8,ks, + (C_Block *)ofb_tmp); + if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0) + { + printf("ofb_encrypt decrypt error\n"); + err=1; + } + + printf("Doing ofb64\n"); + key_sched((C_Block *)ofb_key,ks); + memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); + memset(ofb_buf1,0,sizeof(ofb_buf1)); + memset(ofb_buf2,0,sizeof(ofb_buf1)); + num=0; + for (i=0; i<sizeof(plain); i++) + { + des_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks, + (C_Block *)ofb_tmp,&num); + } + if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0) + { + printf("ofb64_encrypt encrypt error\n"); + err=1; + } + memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); + num=0; + des_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks, + (C_Block *)ofb_tmp,&num); + if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0) + { + printf("ofb64_encrypt decrypt error\n"); + err=1; + } + + printf("Doing ede_ofb64\n"); + key_sched((C_Block *)ofb_key,ks); + memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); + memset(ofb_buf1,0,sizeof(ofb_buf1)); + memset(ofb_buf2,0,sizeof(ofb_buf1)); + num=0; + for (i=0; i<sizeof(plain); i++) + { + des_ede3_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,ks,ks, + (C_Block *)ofb_tmp,&num); + } + if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0) + { + printf("ede_ofb64_encrypt encrypt error\n"); + err=1; + } + memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv)); + num=0; + des_ede3_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks, + ks,ks,(C_Block *)ofb_tmp,&num); + if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0) + { + printf("ede_ofb64_encrypt decrypt error\n"); + err=1; + } + + printf("Doing cbc_cksum\n"); + key_sched((C_Block *)cbc_key,ks); + cs=cbc_cksum((C_Block *)cbc_data,(C_Block *)cret, + (long)strlen(cbc_data),ks,(C_Block *)cbc_iv); + if (cs != cbc_cksum_ret) + { + printf("bad return value (%08lX), should be %08lX\n", + cs,cbc_cksum_ret); + err=1; + } + if (memcmp(cret,cbc_cksum_data,8) != 0) + { + printf("bad cbc_cksum block returned\n"); + err=1; + } + + printf("Doing quad_cksum\n"); + cs=quad_cksum((C_Block *)cbc_data,(C_Block *)qret, + (long)strlen(cbc_data),2,(C_Block *)cbc_iv); + for (i=0; i<4; i++) + { + lqret[i]=0; + memcpy(&(lqret[i]),&(qret[i][0]),4); + } + { /* Big-endian fix */ + static unsigned long l=1; + static unsigned char *c=(unsigned char *)&l; + unsigned long ll; + + if (!c[0]) + { + ll=lqret[0]^lqret[3]; + lqret[0]^=ll; + lqret[3]^=ll; + ll=lqret[1]^lqret[2]; + lqret[1]^=ll; + lqret[2]^=ll; + } + } + if (cs != 0x70d7a63aL) + { + printf("quad_cksum error, ret %08lx should be 70d7a63a\n",cs); + err=1; + } + if (lqret[0] != 0x327eba8dL) + { + printf("quad_cksum error, out[0] %08lx is not %08lx\n", + lqret[0],0x327eba8dL); + err=1; + } + if (lqret[1] != 0x201a49ccL) + { + printf("quad_cksum error, out[1] %08lx is not %08lx\n", + lqret[1],0x201a49ccL); + err=1; + } + if (lqret[2] != 0x70d7a63aL) + { + printf("quad_cksum error, out[2] %08lx is not %08lx\n", + lqret[2],0x70d7a63aL); + err=1; + } + if (lqret[3] != 0x501c2c26L) + { + printf("quad_cksum error, out[3] %08lx is not %08lx\n", + lqret[3],0x501c2c26L); + err=1; + } + + printf("input word alignment test"); + for (i=0; i<4; i++) + { + printf(" %d",i); + des_cbc_encrypt((C_Block *)&(cbc_out[i]),(C_Block *)cbc_in, + (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv, + DES_ENCRYPT); + } + printf("\noutput word alignment test"); + for (i=0; i<4; i++) + { + printf(" %d",i); + des_cbc_encrypt((C_Block *)cbc_out,(C_Block *)&(cbc_in[i]), + (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv, + DES_ENCRYPT); + } + printf("\n"); + printf("fast crypt test "); + str=crypt("testing","ef"); + if (strcmp("efGnQx2725bI2",str) != 0) + { + printf("fast crypt error, %s should be efGnQx2725bI2\n",str); + err=1; + } + str=crypt("bca76;23","yA"); + if (strcmp("yA1Rp/1hZXIJk",str) != 0) + { + printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str); + err=1; + } + printf("\n"); + exit(err); +#ifdef LINT + return(0); +#endif + } + +static char *pt(p) +unsigned char *p; + { + static char bufs[10][20]; + static int bnum=0; + char *ret; + int i; + static char *f="0123456789ABCDEF"; + + ret= &(bufs[bnum++][0]); + bnum%=10; + for (i=0; i<8; i++) + { + ret[i*2]=f[(p[i]>>4)&0xf]; + ret[i*2+1]=f[p[i]&0xf]; + } + ret[16]='\0'; + return(ret); + } + +static int cfb_test(bits, cfb_cipher) +int bits; +unsigned char *cfb_cipher; + { + des_key_schedule ks; + int i,err=0; + + key_sched((C_Block *)cfb_key,ks); + memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); + des_cfb_encrypt(plain,cfb_buf1,bits,(long)sizeof(plain),ks, + (C_Block *)cfb_tmp,DES_ENCRYPT); + if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0) + { + err=1; + printf("cfb_encrypt encrypt error\n"); + for (i=0; i<24; i+=8) + printf("%s\n",pt(&(cfb_buf1[i]))); + } + memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); + des_cfb_encrypt(cfb_buf1,cfb_buf2,bits,(long)sizeof(plain),ks, + (C_Block *)cfb_tmp,DES_DECRYPT); + if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0) + { + err=1; + printf("cfb_encrypt decrypt error\n"); + for (i=0; i<24; i+=8) + printf("%s\n",pt(&(cfb_buf1[i]))); + } + return(err); + } + +static int cfb64_test(cfb_cipher) +unsigned char *cfb_cipher; + { + des_key_schedule ks; + int err=0,i,n; + + key_sched((C_Block *)cfb_key,ks); + memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); + n=0; + des_cfb64_encrypt(plain,cfb_buf1,(long)12,ks, + (C_Block *)cfb_tmp,&n,DES_ENCRYPT); + des_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]), + (long)sizeof(plain)-12,ks, + (C_Block *)cfb_tmp,&n,DES_ENCRYPT); + if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0) + { + err=1; + printf("cfb_encrypt encrypt error\n"); + for (i=0; i<24; i+=8) + printf("%s\n",pt(&(cfb_buf1[i]))); + } + memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); + n=0; + des_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks, + (C_Block *)cfb_tmp,&n,DES_DECRYPT); + des_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]), + (long)sizeof(plain)-17,ks, + (C_Block *)cfb_tmp,&n,DES_DECRYPT); + if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0) + { + err=1; + printf("cfb_encrypt decrypt error\n"); + for (i=0; i<24; i+=8) + printf("%s\n",pt(&(cfb_buf2[i]))); + } + return(err); + } + +static int ede_cfb64_test(cfb_cipher) +unsigned char *cfb_cipher; + { + des_key_schedule ks; + int err=0,i,n; + + key_sched((C_Block *)cfb_key,ks); + memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); + n=0; + des_ede3_cfb64_encrypt(plain,cfb_buf1,(long)12,ks,ks,ks, + (C_Block *)cfb_tmp,&n,DES_ENCRYPT); + des_ede3_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]), + (long)sizeof(plain)-12,ks,ks,ks, + (C_Block *)cfb_tmp,&n,DES_ENCRYPT); + if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0) + { + err=1; + printf("ede_cfb_encrypt encrypt error\n"); + for (i=0; i<24; i+=8) + printf("%s\n",pt(&(cfb_buf1[i]))); + } + memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv)); + n=0; + des_ede3_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,ks,ks, + (C_Block *)cfb_tmp,&n,DES_DECRYPT); + des_ede3_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]), + (long)sizeof(plain)-17,ks,ks,ks, + (C_Block *)cfb_tmp,&n,DES_DECRYPT); + if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0) + { + err=1; + printf("ede_cfb_encrypt decrypt error\n"); + for (i=0; i<24; i+=8) + printf("%s\n",pt(&(cfb_buf2[i]))); + } + return(err); + } diff --git a/secure/lib/libdes/doIP b/secure/lib/libdes/doIP new file mode 100644 index 0000000..18cf231 --- /dev/null +++ b/secure/lib/libdes/doIP @@ -0,0 +1,46 @@ +#!/usr/local/bin/perl + +@l=( + 0, 1, 2, 3, 4, 5, 6, 7, + 8, 9,10,11,12,13,14,15, + 16,17,18,19,20,21,22,23, + 24,25,26,27,28,29,30,31 + ); +@r=( + 32,33,34,35,36,37,38,39, + 40,41,42,43,44,45,46,47, + 48,49,50,51,52,53,54,55, + 56,57,58,59,60,61,62,63 + ); + +require 'shifts.pl'; + +sub PERM_OP + { + local(*a,*b,*t,$n,$m)=@_; + + @z=&shift(*a,-$n); + @z=&xor(*b,*z); + @z=&and(*z,$m); + @b=&xor(*b,*z); + @z=&shift(*z,$n); + @a=&xor(*a,*z); + } + + +@L=@l; +@R=@r; +&PERM_OP(*R,*L,*T,4,0x0f0f0f0f); +&PERM_OP(*L,*R,*T,16,0x0000ffff); +&PERM_OP(*R,*L,*T,2,0x33333333); +&PERM_OP(*L,*R,*T,8,0x00ff00ff); +&PERM_OP(*R,*L,*T,1,0x55555555); + &printit(@L); + &printit(@R); +&PERM_OP(*R,*L,*T,1,0x55555555); +&PERM_OP(*L,*R,*T,8,0x00ff00ff); +&PERM_OP(*R,*L,*T,2,0x33333333); +&PERM_OP(*L,*R,*T,16,0x0000ffff); +&PERM_OP(*R,*L,*T,4,0x0f0f0f0f); + &printit(@L); + &printit(@R); diff --git a/secure/lib/libdes/doPC1 b/secure/lib/libdes/doPC1 new file mode 100644 index 0000000..096afd8 --- /dev/null +++ b/secure/lib/libdes/doPC1 @@ -0,0 +1,110 @@ +#!/usr/local/bin/perl + +@l=( + 0, 1, 2, 3, 4, 5, 6, 7, + 8, 9,10,11,12,13,14,15, + 16,17,18,19,20,21,22,23, + 24,25,26,27,28,29,30,31 + ); +@r=( + 32,33,34,35,36,37,38,39, + 40,41,42,43,44,45,46,47, + 48,49,50,51,52,53,54,55, + 56,57,58,59,60,61,62,63 + ); + +require 'shifts.pl'; + +sub PERM_OP + { + local(*a,*b,*t,$n,$m)=@_; + + @z=&shift(*a,-$n); + @z=&xor(*b,*z); + @z=&and(*z,$m); + @b=&xor(*b,*z); + @z=&shift(*z,$n); + @a=&xor(*a,*z); + } + +sub HPERM_OP2 + { + local(*a,*t,$n,$m)=@_; + local(@x,@y,$i); + + @z=&shift(*a,16-$n); + @z=&xor(*a,*z); + @z=&and(*z,$m); + @a=&xor(*a,*z); + @z=&shift(*z,$n-16); + @a=&xor(*a,*z); + } + +sub HPERM_OP + { + local(*a,*t,$n,$m)=@_; + local(@x,@y,$i); + + for ($i=0; $i<16; $i++) + { + $x[$i]=$a[$i]; + $y[$i]=$a[16+$i]; + } + @z=&shift(*x,-$n); + @z=&xor(*y,*z); + @z=&and(*z,$m); + @y=&xor(*y,*z); + @z=&shift(*z,$n); + @x=&xor(*x,*z); + for ($i=0; $i<16; $i++) + { + $a[$i]=$x[$i]; + $a[16+$i]=$y[$i]; + } + } + +@L=@l; +@R=@r; + + print "---\n"; &printit(@R); +&PERM_OP(*R,*L,*T,4,0x0f0f0f0f); + print "---\n"; &printit(@R); +&HPERM_OP2(*L,*T,-2,0xcccc0000); +&HPERM_OP2(*R,*T,-2,0xcccc0000); + print "---\n"; &printit(@R); +&PERM_OP(*R,*L,*T,1,0x55555555); + print "---\n"; &printit(@R); +&PERM_OP(*L,*R,*T,8,0x00ff00ff); + print "---\n"; &printit(@R); +&PERM_OP(*R,*L,*T,1,0x55555555); + print "---\n"; &printit(@R); +# &printit(@L); + &printit(@R); +print <<"EOF"; +============================== +63 55 47 39 31 23 15 7 +62 54 46 38 30 22 14 6 +61 53 45 37 29 21 13 5 +60 52 44 36 -- -- -- -- + +57 49 41 33 25 17 9 1 +58 50 42 34 26 18 10 2 +59 51 43 35 27 19 11 3 +28 20 12 4 -- -- -- -- +EOF +exit(1); +@A=&and(*R,0x000000ff); +@A=&shift(*A,16); +@B=&and(*R,0x0000ff00); +@C=&and(*R,0x00ff0000); +@C=&shift(*C,-16); +@D=&and(*L,0xf0000000); +@D=&shift(*D,-4); +@A=&or(*A,*B); +@B=&or(*D,*C); +@R=&or(*A,*B); +@L=&and(*L,0x0fffffff); + + &printit(@L); + &printit(@R); + diff --git a/secure/lib/libdes/doPC2 b/secure/lib/libdes/doPC2 new file mode 100644 index 0000000..fa5cf74 --- /dev/null +++ b/secure/lib/libdes/doPC2 @@ -0,0 +1,94 @@ +#!/usr/local/bin/perl + +@PC2_C=(14,17,11,24, 1, 5, + 3,28,15, 6,21,10, + 23,19,12, 4,26, 8, + 16, 7,27,20,13, 2, + ); + +@PC2_D=(41,52,31,37,47,55, + 30,40,51,45,33,48, + 44,49,39,56,34,53, + 46,42,50,36,29,32, + ); + +$i=0; +foreach (@PC2_C) { + $_--; +# printf "%2d,",$_; + $C{$_}=$i; + ++$i; +# print "\n" if ((($i) % 8) == 0); + } +$i=0; +#print "\n"; +foreach (@PC2_D) { + $_-=28; + $_--; +# printf "%2d,",$_; + $D{$_}=$i; + $i++; +# print "\n" if ((($i) % 8) == 0); + } + +#print "\n"; +foreach $i (0 .. 27) + { + $_=$C{$i}; +# printf "%2d,",$_; + $i++; +# print "\n" if ((($i) % 8) == 0); + } +#print "\n"; + +#print "\n"; +foreach $i (0 .. 27) + { + $_=$D{$i}; +# printf "%2d,",$_; + $i++; +# print "\n" if ((($i) % 8) == 0); + } +#print "\n"; + +print "static ulong skb[8][64]={\n"; +&doit("C",*C, 0, 1, 2, 3, 4, 5); +&doit("C",*C, 6, 7, 9,10,11,12); +&doit("C",*C,13,14,15,16,18,19); +&doit("C",*C,20,22,23,25,26,27); + +&doit("D",*D, 0, 1, 2, 3, 4, 5); +&doit("D",*D, 7, 8,10,11,12,13); +&doit("D",*D,15,16,17,18,19,20); +&doit("D",*D,21,22,23,24,26,27); +print "};\n"; + +sub doit + { + local($l,*A,@b)=@_; + local(@out); + + printf("/* for $l bits (numbered as per FIPS 46) %d %d %d %d %d %d */\n", + $b[0]+1, $b[1]+1, $b[2]+1, $b[3]+1, $b[4]+1, $b[5]+1); + for ($i=0; $i<64; $i++) + { + $out[$i]=0; + $j=1; +#print "\n"; + for ($k=0; $k<6; $k++) + { + $l=$A{$b[$k]}; +#print"$l - "; + if ((1<<$k) & $i) + { + $ll=int($l/6)*8+($l%6); + $out[$i]|=1<<($ll); + } + } + $pp=$out[$i]; + $pp=($pp&0xff0000ff)| (($pp&0x00ff0000)>>8)| + (($pp&0x0000ff00)<<8); + printf("0x%08X,",$pp); + print "\n" if (($i+1) % 4 == 0); + } + } diff --git a/secure/lib/libdes/ecb3_enc.c b/secure/lib/libdes/ecb3_enc.c new file mode 100644 index 0000000..ca0ac17 --- /dev/null +++ b/secure/lib/libdes/ecb3_enc.c @@ -0,0 +1,77 @@ +/* lib/des/ecb3_enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +void des_ecb3_encrypt(input, output, ks1, ks2, ks3, encrypt) +des_cblock (*input); +des_cblock (*output); +des_key_schedule ks1; +des_key_schedule ks2; +des_key_schedule ks3; +int encrypt; + { + register unsigned long l0,l1; + register unsigned char *in,*out; + unsigned long ll[2]; + + in=(unsigned char *)input; + out=(unsigned char *)output; + c2l(in,l0); + c2l(in,l1); + IP(l0,l1); + ll[0]=l0; + ll[1]=l1; + des_encrypt2(ll,ks1,encrypt); + des_encrypt2(ll,ks2,!encrypt); + des_encrypt2(ll,ks3,encrypt); + l0=ll[0]; + l1=ll[1]; + FP(l1,l0); + l2c(l0,out); + l2c(l1,out); + } diff --git a/secure/lib/libdes/ecb_enc.c b/secure/lib/libdes/ecb_enc.c new file mode 100644 index 0000000..d7eaa96 --- /dev/null +++ b/secure/lib/libdes/ecb_enc.c @@ -0,0 +1,203 @@ +/* lib/des/ecb_enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" +#include "spr.h" + +const char *DES_version="libdes v 3.22 - 95/11/29 - eay"; + +void des_ecb_encrypt(input, output, ks, encrypt) +des_cblock (*input); +des_cblock (*output); +des_key_schedule ks; +int encrypt; + { + register unsigned long l0,l1; + register unsigned char *in,*out; + unsigned long ll[2]; + + in=(unsigned char *)input; + out=(unsigned char *)output; + c2l(in,l0); ll[0]=l0; + c2l(in,l1); ll[1]=l1; + des_encrypt(ll,ks,encrypt); + l0=ll[0]; l2c(l0,out); + l1=ll[1]; l2c(l1,out); + l0=l1=ll[0]=ll[1]=0; + } + +void des_encrypt(data, ks, encrypt) +unsigned long *data; +des_key_schedule ks; +int encrypt; + { + register unsigned long l,r,t,u; +#ifdef DES_USE_PTR + register unsigned char *des_SP=(unsigned char *)des_SPtrans; +#endif +#ifdef MSDOS + union fudge { + unsigned long l; + unsigned short s[2]; + unsigned char c[4]; + } U,T; +#endif + register int i; + register unsigned long *s; + + u=data[0]; + r=data[1]; + + IP(u,r); + /* Things have been modified so that the initial rotate is + * done outside the loop. This required the + * des_SPtrans values in sp.h to be rotated 1 bit to the right. + * One perl script later and things have a 5% speed up on a sparc2. + * Thanks to Richard Outerbridge <71755.204@CompuServe.COM> + * for pointing this out. */ + l=(r<<1)|(r>>31); + r=(u<<1)|(u>>31); + + /* clear the top bits on machines with 8byte longs */ + l&=0xffffffffL; + r&=0xffffffffL; + + s=(unsigned long *)ks; + /* I don't know if it is worth the effort of loop unrolling the + * inner loop */ + if (encrypt) + { + for (i=0; i<32; i+=4) + { + D_ENCRYPT(l,r,i+0); /* 1 */ + D_ENCRYPT(r,l,i+2); /* 2 */ + } + } + else + { + for (i=30; i>0; i-=4) + { + D_ENCRYPT(l,r,i-0); /* 16 */ + D_ENCRYPT(r,l,i-2); /* 15 */ + } + } + l=(l>>1)|(l<<31); + r=(r>>1)|(r<<31); + /* clear the top bits on machines with 8byte longs */ + l&=0xffffffffL; + r&=0xffffffffL; + + FP(r,l); + data[0]=l; + data[1]=r; + l=r=t=u=0; + } + +void des_encrypt2(data, ks, encrypt) +unsigned long *data; +des_key_schedule ks; +int encrypt; + { + register unsigned long l,r,t,u; +#ifdef DES_USE_PTR + register unsigned char *des_SP=(unsigned char *)des_SPtrans; +#endif +#ifdef MSDOS + union fudge { + unsigned long l; + unsigned short s[2]; + unsigned char c[4]; + } U,T; +#endif + register int i; + register unsigned long *s; + + u=data[0]; + r=data[1]; + + /* Things have been modified so that the initial rotate is + * done outside the loop. This required the + * des_SPtrans values in sp.h to be rotated 1 bit to the right. + * One perl script later and things have a 5% speed up on a sparc2. + * Thanks to Richard Outerbridge <71755.204@CompuServe.COM> + * for pointing this out. */ + l=(r<<1)|(r>>31); + r=(u<<1)|(u>>31); + + /* clear the top bits on machines with 8byte longs */ + l&=0xffffffffL; + r&=0xffffffffL; + + s=(unsigned long *)ks; + /* I don't know if it is worth the effort of loop unrolling the + * inner loop */ + if (encrypt) + { + for (i=0; i<32; i+=4) + { + D_ENCRYPT(l,r,i+0); /* 1 */ + D_ENCRYPT(r,l,i+2); /* 2 */ + } + } + else + { + for (i=30; i>0; i-=4) + { + D_ENCRYPT(l,r,i-0); /* 16 */ + D_ENCRYPT(r,l,i-2); /* 15 */ + } + } + l=(l>>1)|(l<<31); + r=(r>>1)|(r<<31); + /* clear the top bits on machines with 8byte longs */ + l&=0xffffffffL; + r&=0xffffffffL; + + data[0]=l; + data[1]=r; + l=r=t=u=0; + } diff --git a/secure/lib/libdes/ede_enc.c b/secure/lib/libdes/ede_enc.c new file mode 100644 index 0000000..5084e94 --- /dev/null +++ b/secure/lib/libdes/ede_enc.c @@ -0,0 +1,163 @@ +/* lib/des/ede_enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +void des_ede3_cbc_encrypt(input, output, length, ks1, ks2, ks3, ivec, encrypt) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule ks1; +des_key_schedule ks2; +des_key_schedule ks3; +des_cblock (*ivec); +int encrypt; + { + register unsigned long tin0,tin1; + register unsigned long tout0,tout1,xor0,xor1; + register unsigned char *in,*out; + register long l=length; + unsigned long tin[2]; + unsigned char *iv; + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + if (encrypt) + { + c2l(iv,tout0); + c2l(iv,tout1); + for (; l>0; l-=8) + { + if (l >= 8) + { + c2l(in,tin0); + c2l(in,tin1); + } + else + c2ln(in,tin0,tin1,l); + tin0^=tout0; + tin1^=tout1; + + IP(tin0,tin1); + + tin[0]=tin0; + tin[1]=tin1; + des_encrypt2((unsigned long *)tin,ks1,DES_ENCRYPT); + des_encrypt2((unsigned long *)tin,ks2,DES_DECRYPT); + des_encrypt2((unsigned long *)tin,ks3,DES_ENCRYPT); + tout0=tin[0]; + tout1=tin[1]; + + FP(tout1,tout0); + + l2c(tout0,out); + l2c(tout1,out); + } + iv=(unsigned char *)ivec; + l2c(tout0,iv); + l2c(tout1,iv); + } + else + { + c2l(iv,xor0); + c2l(iv,xor1); + for (; l>0; l-=8) + { + register unsigned long t0,t1; + + c2l(in,tin0); + c2l(in,tin1); + + t0=tin0; + t1=tin1; + IP(tin0,tin1); + + tin[0]=tin0; + tin[1]=tin1; + des_encrypt2((unsigned long *)tin,ks3,DES_DECRYPT); + des_encrypt2((unsigned long *)tin,ks2,DES_ENCRYPT); + des_encrypt2((unsigned long *)tin,ks1,DES_DECRYPT); + tout0=tin[0]; + tout1=tin[1]; + + FP(tout1,tout0); /**/ + + tout0^=xor0; + tout1^=xor1; + if (l >= 8) + { + l2c(tout0,out); + l2c(tout1,out); + } + else + l2cn(tout0,tout1,out,l); + xor0=t0; + xor1=t1; + } + iv=(unsigned char *)ivec; + l2c(xor0,iv); + l2c(xor1,iv); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + +#ifdef undef /* MACRO */ +void des_ede2_cbc_encrypt(input, output, length, ks1, ks2, ivec, enc) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule ks1; +des_key_schedule ks2; +des_cblock (*ivec); +int enc; + { + des_ede3_cbc_encrypt(input,output,length,ks1,ks2,ks1,ivec,enc); + } +#endif diff --git a/secure/lib/libdes/enc_read.c b/secure/lib/libdes/enc_read.c new file mode 100644 index 0000000..11a6c5a --- /dev/null +++ b/secure/lib/libdes/enc_read.c @@ -0,0 +1,189 @@ +/* lib/des/enc_read.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <errno.h> +#include "des_locl.h" + +/* This has some uglies in it but it works - even over sockets. */ +extern int errno; +int des_rw_mode=DES_PCBC_MODE; + +int des_enc_read(fd, buf, len, sched, iv) +int fd; +char *buf; +int len; +des_key_schedule sched; +des_cblock (*iv); + { + /* data to be unencrypted */ + int net_num=0; + unsigned char net[BSIZE]; + /* extra unencrypted data + * for when a block of 100 comes in but is des_read one byte at + * a time. */ + static char unnet[BSIZE]; + static int unnet_start=0; + static int unnet_left=0; + int i; + long num=0,rnum; + unsigned char *p; + + /* left over data from last decrypt */ + if (unnet_left != 0) + { + if (unnet_left < len) + { + /* we still still need more data but will return + * with the number of bytes we have - should always + * check the return value */ + memcpy(buf,&(unnet[unnet_start]), + (unsigned int)unnet_left); + /* eay 26/08/92 I had the next 2 lines + * reversed :-( */ + i=unnet_left; + unnet_start=unnet_left=0; + } + else + { + memcpy(buf,&(unnet[unnet_start]),(unsigned int)len); + unnet_start+=len; + unnet_left-=len; + i=len; + } + return(i); + } + + /* We need to get more data. */ + if (len > MAXWRITE) len=MAXWRITE; + + /* first - get the length */ + net_num=0; + while (net_num < HDRSIZE) + { + i=read(fd,&(net[net_num]),(unsigned int)HDRSIZE-net_num); + if ((i == -1) && (errno == EINTR)) continue; + if (i <= 0) return(0); + net_num+=i; + } + + /* we now have at net_num bytes in net */ + p=net; + num=0; + n2l(p,num); + /* num should be rounded up to the next group of eight + * we make sure that we have read a multiple of 8 bytes from the net. + */ + if ((num > MAXWRITE) || (num < 0)) /* error */ + return(-1); + rnum=(num < 8)?8:((num+7)/8*8); + + net_num=0; + while (net_num < rnum) + { + i=read(fd,&(net[net_num]),(unsigned int)rnum-net_num); + if ((i == -1) && (errno == EINTR)) continue; + if (i <= 0) return(0); + net_num+=i; + } + + /* Check if there will be data left over. */ + if (len < num) + { + if (des_rw_mode & DES_PCBC_MODE) + pcbc_encrypt((des_cblock *)net,(des_cblock *)unnet, + num,sched,iv,DES_DECRYPT); + else + cbc_encrypt((des_cblock *)net,(des_cblock *)unnet, + num,sched,iv,DES_DECRYPT); + memcpy(buf,unnet,(unsigned int)len); + unnet_start=len; + unnet_left=num-len; + + /* The following line is done because we return num + * as the number of bytes read. */ + num=len; + } + else + { + /* >output is a multiple of 8 byes, if len < rnum + * >we must be careful. The user must be aware that this + * >routine will write more bytes than he asked for. + * >The length of the buffer must be correct. + * FIXED - Should be ok now 18-9-90 - eay */ + if (len < rnum) + { + char tmpbuf[BSIZE]; + + if (des_rw_mode & DES_PCBC_MODE) + pcbc_encrypt((des_cblock *)net, + (des_cblock *)tmpbuf, + num,sched,iv,DES_DECRYPT); + else + cbc_encrypt((des_cblock *)net, + (des_cblock *)tmpbuf, + num,sched,iv,DES_DECRYPT); + + /* eay 26/08/92 fix a bug that returned more + * bytes than you asked for (returned len bytes :-( */ + memcpy(buf,tmpbuf,(unsigned int)num); + } + else + { + if (des_rw_mode & DES_PCBC_MODE) + pcbc_encrypt((des_cblock *)net, + (des_cblock *)buf,num,sched,iv, + DES_DECRYPT); + else + cbc_encrypt((des_cblock *)net, + (des_cblock *)buf,num,sched,iv, + DES_DECRYPT); + } + } + return(num); + } + diff --git a/secure/lib/libdes/enc_writ.c b/secure/lib/libdes/enc_writ.c new file mode 100644 index 0000000..e0d5075 --- /dev/null +++ b/secure/lib/libdes/enc_writ.c @@ -0,0 +1,142 @@ +/* lib/des/enc_writ.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <errno.h> +#include <time.h> +#include "des_locl.h" + +int des_enc_write(fd, buf, len, sched, iv) +int fd; +char *buf; +int len; +des_key_schedule sched; +des_cblock (*iv); + { +#ifdef _LIBC + extern int srandom(); + extern unsigned long time(); + extern int random(); + extern int write(); +#endif + + long rnum; + int i,j,k,outnum; + char outbuf[BSIZE+HDRSIZE]; + char shortbuf[8]; + char *p; + static int start=1; + + /* If we are sending less than 8 bytes, the same char will look + * the same if we don't pad it out with random bytes */ + if (start) + { + start=0; + srandom((unsigned int)time(NULL)); + } + + /* lets recurse if we want to send the data in small chunks */ + if (len > MAXWRITE) + { + j=0; + for (i=0; i<len; i+=k) + { + k=des_enc_write(fd,&(buf[i]), + ((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv); + if (k < 0) + return(k); + else + j+=k; + } + return(j); + } + + /* write length first */ + p=outbuf; + l2n(len,p); + + /* pad short strings */ + if (len < 8) + { + p=shortbuf; + memcpy(shortbuf,buf,(unsigned int)len); + for (i=len; i<8; i++) + shortbuf[i]=random(); + rnum=8; + } + else + { + p=buf; + rnum=((len+7)/8*8); /* round up to nearest eight */ + } + + if (des_rw_mode & DES_PCBC_MODE) + pcbc_encrypt((des_cblock *)p,(des_cblock *)&(outbuf[HDRSIZE]), + (long)((len<8)?8:len),sched,iv,DES_ENCRYPT); + else + cbc_encrypt((des_cblock *)p,(des_cblock *)&(outbuf[HDRSIZE]), + (long)((len<8)?8:len),sched,iv,DES_ENCRYPT); + + /* output */ + outnum=rnum+HDRSIZE; + + for (j=0; j<outnum; j+=i) + { + /* eay 26/08/92 I was not doing writing from where we + * got upto. */ + i=write(fd,&(outbuf[j]),(unsigned int)(outnum-j)); + if (i == -1) + { + if (errno == EINTR) + i=0; + else /* This is really a bad error - very bad + * It will stuff-up both ends. */ + return(-1); + } + } + + return(len); + } diff --git a/secure/lib/libdes/fcrypt.c b/secure/lib/libdes/fcrypt.c new file mode 100644 index 0000000..71960b6 --- /dev/null +++ b/secure/lib/libdes/fcrypt.c @@ -0,0 +1,666 @@ +/* lib/des/fcrypt.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> + +/* Eric Young. + * This version of crypt has been developed from my MIT compatable + * DES library. + * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au + * eay@mincom.oz.au or eay@psych.psy.uq.oz.au + */ + +#if !defined(_LIBC) || defined(NOCONST) +#define const +#endif + +typedef unsigned char des_cblock[8]; + +typedef struct des_ks_struct + { + union { + des_cblock _; + /* make sure things are correct size on machines with + * 8 byte longs */ + unsigned long pad[2]; + } ks; +#define _ ks._ + } des_key_schedule[16]; + +#define DES_KEY_SZ (sizeof(des_cblock)) +#define DES_ENCRYPT 1 +#define DES_DECRYPT 0 + +#define ITERATIONS 16 +#define HALF_ITERATIONS 8 + +#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ + l|=((unsigned long)(*((c)++)))<< 8, \ + l|=((unsigned long)(*((c)++)))<<16, \ + l|=((unsigned long)(*((c)++)))<<24) + +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24)&0xff)) + +static const unsigned long SPtrans[8][64]={ +{ +/* nibble 0 */ +0x00820200L, 0x00020000L, 0x80800000L, 0x80820200L, +0x00800000L, 0x80020200L, 0x80020000L, 0x80800000L, +0x80020200L, 0x00820200L, 0x00820000L, 0x80000200L, +0x80800200L, 0x00800000L, 0x00000000L, 0x80020000L, +0x00020000L, 0x80000000L, 0x00800200L, 0x00020200L, +0x80820200L, 0x00820000L, 0x80000200L, 0x00800200L, +0x80000000L, 0x00000200L, 0x00020200L, 0x80820000L, +0x00000200L, 0x80800200L, 0x80820000L, 0x00000000L, +0x00000000L, 0x80820200L, 0x00800200L, 0x80020000L, +0x00820200L, 0x00020000L, 0x80000200L, 0x00800200L, +0x80820000L, 0x00000200L, 0x00020200L, 0x80800000L, +0x80020200L, 0x80000000L, 0x80800000L, 0x00820000L, +0x80820200L, 0x00020200L, 0x00820000L, 0x80800200L, +0x00800000L, 0x80000200L, 0x80020000L, 0x00000000L, +0x00020000L, 0x00800000L, 0x80800200L, 0x00820200L, +0x80000000L, 0x80820000L, 0x00000200L, 0x80020200L, +},{ +/* nibble 1 */ +0x10042004L, 0x00000000L, 0x00042000L, 0x10040000L, +0x10000004L, 0x00002004L, 0x10002000L, 0x00042000L, +0x00002000L, 0x10040004L, 0x00000004L, 0x10002000L, +0x00040004L, 0x10042000L, 0x10040000L, 0x00000004L, +0x00040000L, 0x10002004L, 0x10040004L, 0x00002000L, +0x00042004L, 0x10000000L, 0x00000000L, 0x00040004L, +0x10002004L, 0x00042004L, 0x10042000L, 0x10000004L, +0x10000000L, 0x00040000L, 0x00002004L, 0x10042004L, +0x00040004L, 0x10042000L, 0x10002000L, 0x00042004L, +0x10042004L, 0x00040004L, 0x10000004L, 0x00000000L, +0x10000000L, 0x00002004L, 0x00040000L, 0x10040004L, +0x00002000L, 0x10000000L, 0x00042004L, 0x10002004L, +0x10042000L, 0x00002000L, 0x00000000L, 0x10000004L, +0x00000004L, 0x10042004L, 0x00042000L, 0x10040000L, +0x10040004L, 0x00040000L, 0x00002004L, 0x10002000L, +0x10002004L, 0x00000004L, 0x10040000L, 0x00042000L, +},{ +/* nibble 2 */ +0x41000000L, 0x01010040L, 0x00000040L, 0x41000040L, +0x40010000L, 0x01000000L, 0x41000040L, 0x00010040L, +0x01000040L, 0x00010000L, 0x01010000L, 0x40000000L, +0x41010040L, 0x40000040L, 0x40000000L, 0x41010000L, +0x00000000L, 0x40010000L, 0x01010040L, 0x00000040L, +0x40000040L, 0x41010040L, 0x00010000L, 0x41000000L, +0x41010000L, 0x01000040L, 0x40010040L, 0x01010000L, +0x00010040L, 0x00000000L, 0x01000000L, 0x40010040L, +0x01010040L, 0x00000040L, 0x40000000L, 0x00010000L, +0x40000040L, 0x40010000L, 0x01010000L, 0x41000040L, +0x00000000L, 0x01010040L, 0x00010040L, 0x41010000L, +0x40010000L, 0x01000000L, 0x41010040L, 0x40000000L, +0x40010040L, 0x41000000L, 0x01000000L, 0x41010040L, +0x00010000L, 0x01000040L, 0x41000040L, 0x00010040L, +0x01000040L, 0x00000000L, 0x41010000L, 0x40000040L, +0x41000000L, 0x40010040L, 0x00000040L, 0x01010000L, +},{ +/* nibble 3 */ +0x00100402L, 0x04000400L, 0x00000002L, 0x04100402L, +0x00000000L, 0x04100000L, 0x04000402L, 0x00100002L, +0x04100400L, 0x04000002L, 0x04000000L, 0x00000402L, +0x04000002L, 0x00100402L, 0x00100000L, 0x04000000L, +0x04100002L, 0x00100400L, 0x00000400L, 0x00000002L, +0x00100400L, 0x04000402L, 0x04100000L, 0x00000400L, +0x00000402L, 0x00000000L, 0x00100002L, 0x04100400L, +0x04000400L, 0x04100002L, 0x04100402L, 0x00100000L, +0x04100002L, 0x00000402L, 0x00100000L, 0x04000002L, +0x00100400L, 0x04000400L, 0x00000002L, 0x04100000L, +0x04000402L, 0x00000000L, 0x00000400L, 0x00100002L, +0x00000000L, 0x04100002L, 0x04100400L, 0x00000400L, +0x04000000L, 0x04100402L, 0x00100402L, 0x00100000L, +0x04100402L, 0x00000002L, 0x04000400L, 0x00100402L, +0x00100002L, 0x00100400L, 0x04100000L, 0x04000402L, +0x00000402L, 0x04000000L, 0x04000002L, 0x04100400L, +},{ +/* nibble 4 */ +0x02000000L, 0x00004000L, 0x00000100L, 0x02004108L, +0x02004008L, 0x02000100L, 0x00004108L, 0x02004000L, +0x00004000L, 0x00000008L, 0x02000008L, 0x00004100L, +0x02000108L, 0x02004008L, 0x02004100L, 0x00000000L, +0x00004100L, 0x02000000L, 0x00004008L, 0x00000108L, +0x02000100L, 0x00004108L, 0x00000000L, 0x02000008L, +0x00000008L, 0x02000108L, 0x02004108L, 0x00004008L, +0x02004000L, 0x00000100L, 0x00000108L, 0x02004100L, +0x02004100L, 0x02000108L, 0x00004008L, 0x02004000L, +0x00004000L, 0x00000008L, 0x02000008L, 0x02000100L, +0x02000000L, 0x00004100L, 0x02004108L, 0x00000000L, +0x00004108L, 0x02000000L, 0x00000100L, 0x00004008L, +0x02000108L, 0x00000100L, 0x00000000L, 0x02004108L, +0x02004008L, 0x02004100L, 0x00000108L, 0x00004000L, +0x00004100L, 0x02004008L, 0x02000100L, 0x00000108L, +0x00000008L, 0x00004108L, 0x02004000L, 0x02000008L, +},{ +/* nibble 5 */ +0x20000010L, 0x00080010L, 0x00000000L, 0x20080800L, +0x00080010L, 0x00000800L, 0x20000810L, 0x00080000L, +0x00000810L, 0x20080810L, 0x00080800L, 0x20000000L, +0x20000800L, 0x20000010L, 0x20080000L, 0x00080810L, +0x00080000L, 0x20000810L, 0x20080010L, 0x00000000L, +0x00000800L, 0x00000010L, 0x20080800L, 0x20080010L, +0x20080810L, 0x20080000L, 0x20000000L, 0x00000810L, +0x00000010L, 0x00080800L, 0x00080810L, 0x20000800L, +0x00000810L, 0x20000000L, 0x20000800L, 0x00080810L, +0x20080800L, 0x00080010L, 0x00000000L, 0x20000800L, +0x20000000L, 0x00000800L, 0x20080010L, 0x00080000L, +0x00080010L, 0x20080810L, 0x00080800L, 0x00000010L, +0x20080810L, 0x00080800L, 0x00080000L, 0x20000810L, +0x20000010L, 0x20080000L, 0x00080810L, 0x00000000L, +0x00000800L, 0x20000010L, 0x20000810L, 0x20080800L, +0x20080000L, 0x00000810L, 0x00000010L, 0x20080010L, +},{ +/* nibble 6 */ +0x00001000L, 0x00000080L, 0x00400080L, 0x00400001L, +0x00401081L, 0x00001001L, 0x00001080L, 0x00000000L, +0x00400000L, 0x00400081L, 0x00000081L, 0x00401000L, +0x00000001L, 0x00401080L, 0x00401000L, 0x00000081L, +0x00400081L, 0x00001000L, 0x00001001L, 0x00401081L, +0x00000000L, 0x00400080L, 0x00400001L, 0x00001080L, +0x00401001L, 0x00001081L, 0x00401080L, 0x00000001L, +0x00001081L, 0x00401001L, 0x00000080L, 0x00400000L, +0x00001081L, 0x00401000L, 0x00401001L, 0x00000081L, +0x00001000L, 0x00000080L, 0x00400000L, 0x00401001L, +0x00400081L, 0x00001081L, 0x00001080L, 0x00000000L, +0x00000080L, 0x00400001L, 0x00000001L, 0x00400080L, +0x00000000L, 0x00400081L, 0x00400080L, 0x00001080L, +0x00000081L, 0x00001000L, 0x00401081L, 0x00400000L, +0x00401080L, 0x00000001L, 0x00001001L, 0x00401081L, +0x00400001L, 0x00401080L, 0x00401000L, 0x00001001L, +},{ +/* nibble 7 */ +0x08200020L, 0x08208000L, 0x00008020L, 0x00000000L, +0x08008000L, 0x00200020L, 0x08200000L, 0x08208020L, +0x00000020L, 0x08000000L, 0x00208000L, 0x00008020L, +0x00208020L, 0x08008020L, 0x08000020L, 0x08200000L, +0x00008000L, 0x00208020L, 0x00200020L, 0x08008000L, +0x08208020L, 0x08000020L, 0x00000000L, 0x00208000L, +0x08000000L, 0x00200000L, 0x08008020L, 0x08200020L, +0x00200000L, 0x00008000L, 0x08208000L, 0x00000020L, +0x00200000L, 0x00008000L, 0x08000020L, 0x08208020L, +0x00008020L, 0x08000000L, 0x00000000L, 0x00208000L, +0x08200020L, 0x08008020L, 0x08008000L, 0x00200020L, +0x08208000L, 0x00000020L, 0x00200020L, 0x08008000L, +0x08208020L, 0x00200000L, 0x08200000L, 0x08000020L, +0x00208000L, 0x00008020L, 0x08008020L, 0x08200000L, +0x00000020L, 0x08208000L, 0x00208020L, 0x00000000L, +0x08000000L, 0x08200020L, 0x00008000L, 0x00208020L}}; +static const unsigned long skb[8][64]={ +{ +/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */ +0x00000000L,0x00000010L,0x20000000L,0x20000010L, +0x00010000L,0x00010010L,0x20010000L,0x20010010L, +0x00000800L,0x00000810L,0x20000800L,0x20000810L, +0x00010800L,0x00010810L,0x20010800L,0x20010810L, +0x00000020L,0x00000030L,0x20000020L,0x20000030L, +0x00010020L,0x00010030L,0x20010020L,0x20010030L, +0x00000820L,0x00000830L,0x20000820L,0x20000830L, +0x00010820L,0x00010830L,0x20010820L,0x20010830L, +0x00080000L,0x00080010L,0x20080000L,0x20080010L, +0x00090000L,0x00090010L,0x20090000L,0x20090010L, +0x00080800L,0x00080810L,0x20080800L,0x20080810L, +0x00090800L,0x00090810L,0x20090800L,0x20090810L, +0x00080020L,0x00080030L,0x20080020L,0x20080030L, +0x00090020L,0x00090030L,0x20090020L,0x20090030L, +0x00080820L,0x00080830L,0x20080820L,0x20080830L, +0x00090820L,0x00090830L,0x20090820L,0x20090830L, +},{ +/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */ +0x00000000L,0x02000000L,0x00002000L,0x02002000L, +0x00200000L,0x02200000L,0x00202000L,0x02202000L, +0x00000004L,0x02000004L,0x00002004L,0x02002004L, +0x00200004L,0x02200004L,0x00202004L,0x02202004L, +0x00000400L,0x02000400L,0x00002400L,0x02002400L, +0x00200400L,0x02200400L,0x00202400L,0x02202400L, +0x00000404L,0x02000404L,0x00002404L,0x02002404L, +0x00200404L,0x02200404L,0x00202404L,0x02202404L, +0x10000000L,0x12000000L,0x10002000L,0x12002000L, +0x10200000L,0x12200000L,0x10202000L,0x12202000L, +0x10000004L,0x12000004L,0x10002004L,0x12002004L, +0x10200004L,0x12200004L,0x10202004L,0x12202004L, +0x10000400L,0x12000400L,0x10002400L,0x12002400L, +0x10200400L,0x12200400L,0x10202400L,0x12202400L, +0x10000404L,0x12000404L,0x10002404L,0x12002404L, +0x10200404L,0x12200404L,0x10202404L,0x12202404L, +},{ +/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */ +0x00000000L,0x00000001L,0x00040000L,0x00040001L, +0x01000000L,0x01000001L,0x01040000L,0x01040001L, +0x00000002L,0x00000003L,0x00040002L,0x00040003L, +0x01000002L,0x01000003L,0x01040002L,0x01040003L, +0x00000200L,0x00000201L,0x00040200L,0x00040201L, +0x01000200L,0x01000201L,0x01040200L,0x01040201L, +0x00000202L,0x00000203L,0x00040202L,0x00040203L, +0x01000202L,0x01000203L,0x01040202L,0x01040203L, +0x08000000L,0x08000001L,0x08040000L,0x08040001L, +0x09000000L,0x09000001L,0x09040000L,0x09040001L, +0x08000002L,0x08000003L,0x08040002L,0x08040003L, +0x09000002L,0x09000003L,0x09040002L,0x09040003L, +0x08000200L,0x08000201L,0x08040200L,0x08040201L, +0x09000200L,0x09000201L,0x09040200L,0x09040201L, +0x08000202L,0x08000203L,0x08040202L,0x08040203L, +0x09000202L,0x09000203L,0x09040202L,0x09040203L, +},{ +/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */ +0x00000000L,0x00100000L,0x00000100L,0x00100100L, +0x00000008L,0x00100008L,0x00000108L,0x00100108L, +0x00001000L,0x00101000L,0x00001100L,0x00101100L, +0x00001008L,0x00101008L,0x00001108L,0x00101108L, +0x04000000L,0x04100000L,0x04000100L,0x04100100L, +0x04000008L,0x04100008L,0x04000108L,0x04100108L, +0x04001000L,0x04101000L,0x04001100L,0x04101100L, +0x04001008L,0x04101008L,0x04001108L,0x04101108L, +0x00020000L,0x00120000L,0x00020100L,0x00120100L, +0x00020008L,0x00120008L,0x00020108L,0x00120108L, +0x00021000L,0x00121000L,0x00021100L,0x00121100L, +0x00021008L,0x00121008L,0x00021108L,0x00121108L, +0x04020000L,0x04120000L,0x04020100L,0x04120100L, +0x04020008L,0x04120008L,0x04020108L,0x04120108L, +0x04021000L,0x04121000L,0x04021100L,0x04121100L, +0x04021008L,0x04121008L,0x04021108L,0x04121108L, +},{ +/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */ +0x00000000L,0x10000000L,0x00010000L,0x10010000L, +0x00000004L,0x10000004L,0x00010004L,0x10010004L, +0x20000000L,0x30000000L,0x20010000L,0x30010000L, +0x20000004L,0x30000004L,0x20010004L,0x30010004L, +0x00100000L,0x10100000L,0x00110000L,0x10110000L, +0x00100004L,0x10100004L,0x00110004L,0x10110004L, +0x20100000L,0x30100000L,0x20110000L,0x30110000L, +0x20100004L,0x30100004L,0x20110004L,0x30110004L, +0x00001000L,0x10001000L,0x00011000L,0x10011000L, +0x00001004L,0x10001004L,0x00011004L,0x10011004L, +0x20001000L,0x30001000L,0x20011000L,0x30011000L, +0x20001004L,0x30001004L,0x20011004L,0x30011004L, +0x00101000L,0x10101000L,0x00111000L,0x10111000L, +0x00101004L,0x10101004L,0x00111004L,0x10111004L, +0x20101000L,0x30101000L,0x20111000L,0x30111000L, +0x20101004L,0x30101004L,0x20111004L,0x30111004L, +},{ +/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */ +0x00000000L,0x08000000L,0x00000008L,0x08000008L, +0x00000400L,0x08000400L,0x00000408L,0x08000408L, +0x00020000L,0x08020000L,0x00020008L,0x08020008L, +0x00020400L,0x08020400L,0x00020408L,0x08020408L, +0x00000001L,0x08000001L,0x00000009L,0x08000009L, +0x00000401L,0x08000401L,0x00000409L,0x08000409L, +0x00020001L,0x08020001L,0x00020009L,0x08020009L, +0x00020401L,0x08020401L,0x00020409L,0x08020409L, +0x02000000L,0x0A000000L,0x02000008L,0x0A000008L, +0x02000400L,0x0A000400L,0x02000408L,0x0A000408L, +0x02020000L,0x0A020000L,0x02020008L,0x0A020008L, +0x02020400L,0x0A020400L,0x02020408L,0x0A020408L, +0x02000001L,0x0A000001L,0x02000009L,0x0A000009L, +0x02000401L,0x0A000401L,0x02000409L,0x0A000409L, +0x02020001L,0x0A020001L,0x02020009L,0x0A020009L, +0x02020401L,0x0A020401L,0x02020409L,0x0A020409L, +},{ +/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */ +0x00000000L,0x00000100L,0x00080000L,0x00080100L, +0x01000000L,0x01000100L,0x01080000L,0x01080100L, +0x00000010L,0x00000110L,0x00080010L,0x00080110L, +0x01000010L,0x01000110L,0x01080010L,0x01080110L, +0x00200000L,0x00200100L,0x00280000L,0x00280100L, +0x01200000L,0x01200100L,0x01280000L,0x01280100L, +0x00200010L,0x00200110L,0x00280010L,0x00280110L, +0x01200010L,0x01200110L,0x01280010L,0x01280110L, +0x00000200L,0x00000300L,0x00080200L,0x00080300L, +0x01000200L,0x01000300L,0x01080200L,0x01080300L, +0x00000210L,0x00000310L,0x00080210L,0x00080310L, +0x01000210L,0x01000310L,0x01080210L,0x01080310L, +0x00200200L,0x00200300L,0x00280200L,0x00280300L, +0x01200200L,0x01200300L,0x01280200L,0x01280300L, +0x00200210L,0x00200310L,0x00280210L,0x00280310L, +0x01200210L,0x01200310L,0x01280210L,0x01280310L, +},{ +/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */ +0x00000000L,0x04000000L,0x00040000L,0x04040000L, +0x00000002L,0x04000002L,0x00040002L,0x04040002L, +0x00002000L,0x04002000L,0x00042000L,0x04042000L, +0x00002002L,0x04002002L,0x00042002L,0x04042002L, +0x00000020L,0x04000020L,0x00040020L,0x04040020L, +0x00000022L,0x04000022L,0x00040022L,0x04040022L, +0x00002020L,0x04002020L,0x00042020L,0x04042020L, +0x00002022L,0x04002022L,0x00042022L,0x04042022L, +0x00000800L,0x04000800L,0x00040800L,0x04040800L, +0x00000802L,0x04000802L,0x00040802L,0x04040802L, +0x00002800L,0x04002800L,0x00042800L,0x04042800L, +0x00002802L,0x04002802L,0x00042802L,0x04042802L, +0x00000820L,0x04000820L,0x00040820L,0x04040820L, +0x00000822L,0x04000822L,0x00040822L,0x04040822L, +0x00002820L,0x04002820L,0x00042820L,0x04042820L, +0x00002822L,0x04002822L,0x00042822L,0x04042822L, +} }; + +/* See ecb_encrypt.c for a pseudo description of these macros. */ +#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\ + (b)^=(t),\ + (a)^=((t)<<(n))) + +#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\ + (a)=(a)^(t)^(t>>(16-(n))))\ + +static const int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0}; + +#ifndef NOPROTO +static int body(unsigned long *out0, unsigned long *out1, + des_key_schedule ks, unsigned long Eswap0, unsigned long Eswap1); +static int des_set_key(des_cblock (*key), des_key_schedule schedule); +#else +static int body(); +static int des_set_key(); +#endif + +static int des_set_key(key, schedule) +des_cblock (*key); +des_key_schedule schedule; + { + register unsigned long c,d,t,s; + register unsigned char *in; + register unsigned long *k; + register int i; + + k=(unsigned long *)schedule; + in=(unsigned char *)key; + + c2l(in,c); + c2l(in,d); + + /* I now do it in 47 simple operations :-) + * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov) + * for the inspiration. :-) */ + PERM_OP (d,c,t,4,0x0f0f0f0fL); + HPERM_OP(c,t,-2,0xcccc0000L); + HPERM_OP(d,t,-2,0xcccc0000L); + PERM_OP (d,c,t,1,0x55555555L); + PERM_OP (c,d,t,8,0x00ff00ffL); + PERM_OP (d,c,t,1,0x55555555L); + d= (((d&0x000000ffL)<<16)| (d&0x0000ff00L) | + ((d&0x00ff0000L)>>16)|((c&0xf0000000L)>>4)); + c&=0x0fffffffL; + + for (i=0; i<ITERATIONS; i++) + { + if (shifts2[i]) + { c=((c>>2)|(c<<26)); d=((d>>2)|(d<<26)); } + else + { c=((c>>1)|(c<<27)); d=((d>>1)|(d<<27)); } + c&=0x0fffffffL; + d&=0x0fffffffL; + /* could be a few less shifts but I am to lazy at this + * point in time to investigate */ + s= skb[0][ (c )&0x3f ]| + skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]| + skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]| + skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) | + ((c>>22L)&0x38)]; + t= skb[4][ (d )&0x3f ]| + skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]| + skb[6][ (d>>15L)&0x3f ]| + skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)]; + + /* table contained 0213 4657 */ + *(k++)=((t<<16)|(s&0x0000ffffL))&0xffffffffL; + s= ((s>>16)|(t&0xffff0000L)); + + s=(s<<4)|(s>>28); + *(k++)=s&0xffffffffL; + } + return(0); + } + +/****************************************************************** + * modified stuff for crypt. + ******************************************************************/ + +/* The changes to this macro may help or hinder, depending on the + * compiler and the achitecture. gcc2 always seems to do well :-). + * Inspired by Dana How <how@isl.stanford.edu> + * DO NOT use the alternative version on machines with 8 byte longs. + */ +#ifdef DES_USE_PTR +#define D_ENCRYPT(L,R,S) \ + t=(R^(R>>16)); \ + u=(t&E0); \ + t=(t&E1); \ + u=((u^(u<<16))^R^s[S ])<<2; \ + t=(t^(t<<16))^R^s[S+1]; \ + t=(t>>2)|(t<<30); \ + L^= \ + *(unsigned long *)(des_SP+0x0100+((t )&0xfc))+ \ + *(unsigned long *)(des_SP+0x0300+((t>> 8)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0500+((t>>16)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0700+((t>>24)&0xfc))+ \ + *(unsigned long *)(des_SP+ ((u )&0xfc))+ \ + *(unsigned long *)(des_SP+0x0200+((u>> 8)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0400+((u>>16)&0xfc))+ \ + *(unsigned long *)(des_SP+0x0600+((u>>24)&0xfc)); +#else /* original version */ +#define D_ENCRYPT(L,R,S) \ + t=(R^(R>>16)); \ + u=(t&E0); \ + t=(t&E1); \ + u=(u^(u<<16))^R^s[S ]; \ + t=(t^(t<<16))^R^s[S+1]; \ + t=(t>>4)|(t<<28); \ + L^= SPtrans[1][(t )&0x3f]| \ + SPtrans[3][(t>> 8)&0x3f]| \ + SPtrans[5][(t>>16)&0x3f]| \ + SPtrans[7][(t>>24)&0x3f]| \ + SPtrans[0][(u )&0x3f]| \ + SPtrans[2][(u>> 8)&0x3f]| \ + SPtrans[4][(u>>16)&0x3f]| \ + SPtrans[6][(u>>24)&0x3f]; +#endif + +static unsigned const char con_salt[128]={ +0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, +0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, +0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, +0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, +0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, +0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01, +0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09, +0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A, +0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12, +0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A, +0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22, +0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24, +0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C, +0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34, +0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C, +0x3D,0x3E,0x3F,0x00,0x00,0x00,0x00,0x00, +}; + +static unsigned const char cov_2char[64]={ +0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35, +0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44, +0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C, +0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54, +0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62, +0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A, +0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72, +0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A +}; + +#ifndef NOPROTO +#ifdef PERL5 +char *des_crypt(char *buf,char *salt); +#else +char *crypt(char *buf,char *salt); +#endif +#else +#ifdef PERL5 +char *des_crypt(); +#else +char *crypt(); +#endif +#endif + +#ifdef PERL5 +char *des_crypt(buf,salt) +#else +char *crypt(buf,salt) +#endif +char *buf; +char *salt; + { + unsigned int i,j,x,y; + unsigned long Eswap0=0,Eswap1=0; + unsigned long out[2],ll; + des_cblock key; + des_key_schedule ks; + static unsigned char buff[20]; + unsigned char bb[9]; + unsigned char *b=bb; + unsigned char c,u; + + /* eay 25/08/92 + * If you call crypt("pwd","*") as often happens when you + * have * as the pwd field in /etc/passwd, the function + * returns *\0XXXXXXXXX + * The \0 makes the string look like * so the pwd "*" would + * crypt to "*". This was found when replacing the crypt in + * our shared libraries. People found that the disbled + * accounts effectivly had no passwd :-(. */ + x=buff[0]=((salt[0] == '\0')?'A':salt[0]); + Eswap0=con_salt[x]; + x=buff[1]=((salt[1] == '\0')?'A':salt[1]); + Eswap1=con_salt[x]<<4; + + for (i=0; i<8; i++) + { + c= *(buf++); + if (!c) break; + key[i]=(c<<1); + } + for (; i<8; i++) + key[i]=0; + + des_set_key((des_cblock *)(key),ks); + body(&(out[0]),&(out[1]),ks,Eswap0,Eswap1); + + ll=out[0]; l2c(ll,b); + ll=out[1]; l2c(ll,b); + y=0; + u=0x80; + bb[8]=0; + for (i=2; i<13; i++) + { + c=0; + for (j=0; j<6; j++) + { + c<<=1; + if (bb[y] & u) c|=1; + u>>=1; + if (!u) + { + y++; + u=0x80; + } + } + buff[i]=cov_2char[c]; + } + buff[13]='\0'; + return((char *)buff); + } + +static int body(out0, out1, ks, Eswap0, Eswap1) +unsigned long *out0; +unsigned long *out1; +des_key_schedule ks; +unsigned long Eswap0; +unsigned long Eswap1; + { + register unsigned long l,r,t,u; +#ifdef DES_USE_PTR + register unsigned char *des_SP=(unsigned char *)SPtrans; +#endif + register unsigned long *s; + register int i,j; + register unsigned long E0,E1; + + l=0; + r=0; + + s=(unsigned long *)ks; + E0=Eswap0; + E1=Eswap1; + + for (j=0; j<25; j++) + { + for (i=0; i<(ITERATIONS*2); i+=4) + { + D_ENCRYPT(l,r, i); /* 1 */ + D_ENCRYPT(r,l, i+2); /* 2 */ + } + t=l; + l=r; + r=t; + } + t=r; + r=(l>>1L)|(l<<31L); + l=(t>>1L)|(t<<31L); + /* clear the top bits on machines with 8byte longs */ + l&=0xffffffffL; + r&=0xffffffffL; + + PERM_OP(r,l,t, 1,0x55555555L); + PERM_OP(l,r,t, 8,0x00ff00ffL); + PERM_OP(r,l,t, 2,0x33333333L); + PERM_OP(l,r,t,16,0x0000ffffL); + PERM_OP(r,l,t, 4,0x0f0f0f0fL); + + *out0=l; + *out1=r; + return(0); + } + diff --git a/secure/lib/libdes/makefile.bc b/secure/lib/libdes/makefile.bc new file mode 100644 index 0000000..1fe6d49 --- /dev/null +++ b/secure/lib/libdes/makefile.bc @@ -0,0 +1,50 @@ +# +# Origional BC Makefile from Teun <Teun.Nijssen@kub.nl> +# +# +CC = bcc +TLIB = tlib /0 /C +# note: the -3 flag produces code for 386, 486, Pentium etc; omit it for 286s +OPTIMIZE= -3 -O2 +#WINDOWS= -W +CFLAGS = -c -ml -d $(OPTIMIZE) $(WINDOWS) -DMSDOS +LFLAGS = -ml $(WINDOWS) + +.c.obj: + $(CC) $(CFLAGS) $*.c + +.obj.exe: + $(CC) $(LFLAGS) -e$*.exe $*.obj libdes.lib + +all: $(LIB) destest.exe rpw.exe des.exe speed.exe + +# "make clean": use a directory containing only libdes .exe and .obj files... +clean: + del *.exe + del *.obj + del libdes.lib + del libdes.rsp + +OBJS= cbc_cksm.obj cbc_enc.obj ecb_enc.obj pcbc_enc.obj \ + qud_cksm.obj rand_key.obj set_key.obj str2key.obj \ + enc_read.obj enc_writ.obj fcrypt.obj cfb_enc.obj \ + ecb3_enc.obj ofb_enc.obj cbc3_enc.obj read_pwd.obj\ + cfb64enc.obj ofb64enc.obj ede_enc.obj cfb64ede.obj\ + ofb64ede.obj supp.obj + +LIB= libdes.lib + +$(LIB): $(OBJS) + del $(LIB) + makersp "+%s &\n" &&| + $(OBJS) +| >libdes.rsp + $(TLIB) libdes.lib @libdes.rsp,nul + del libdes.rsp + +destest.exe: destest.obj libdes.lib +rpw.exe: rpw.obj libdes.lib +speed.exe: speed.obj libdes.lib +des.exe: des.obj libdes.lib + + diff --git a/secure/lib/libdes/ncbc_enc.c b/secure/lib/libdes/ncbc_enc.c new file mode 100644 index 0000000..d307ae4 --- /dev/null +++ b/secure/lib/libdes/ncbc_enc.c @@ -0,0 +1,120 @@ +/* lib/des/ncbc_enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +void des_ncbc_encrypt(input, output, length, schedule, ivec, encrypt) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int encrypt; + { + register unsigned long tin0,tin1; + register unsigned long tout0,tout1,xor0,xor1; + register unsigned char *in,*out; + register long l=length; + unsigned long tin[2]; + unsigned char *iv; + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + if (encrypt) + { + c2l(iv,tout0); + c2l(iv,tout1); + for (; l>0; l-=8) + { + if (l >= 8) + { + c2l(in,tin0); + c2l(in,tin1); + } + else + c2ln(in,tin0,tin1,l); + tin0^=tout0; tin[0]=tin0; + tin1^=tout1; tin[1]=tin1; + des_encrypt((unsigned long *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; l2c(tout0,out); + tout1=tin[1]; l2c(tout1,out); + } + iv=(unsigned char *)ivec; + l2c(tout0,iv); + l2c(tout1,iv); + } + else + { + c2l(iv,xor0); + c2l(iv,xor1); + for (; l>0; l-=8) + { + c2l(in,tin0); tin[0]=tin0; + c2l(in,tin1); tin[1]=tin1; + des_encrypt((unsigned long *)tin,schedule,DES_DECRYPT); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + if (l >= 8) + { + l2c(tout0,out); + l2c(tout1,out); + } + else + l2cn(tout0,tout1,out,l); + xor0=tin0; + xor1=tin1; + } + iv=(unsigned char *)ivec; + l2c(xor0,iv); + l2c(xor1,iv); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; + } + diff --git a/secure/lib/libdes/new_rkey.c b/secure/lib/libdes/new_rkey.c new file mode 100644 index 0000000..65aa056 --- /dev/null +++ b/secure/lib/libdes/new_rkey.c @@ -0,0 +1,205 @@ +/* lib/des/new_rkey.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* + * Copyright (c) 1995 + * Mark Murray. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Mark Murray + * and Eric Young + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id: new_rnd_key.c,v 1.1 1995/09/16 21:01:51 mark Exp $ + */ + +/* 21-Nov-95 - eay - I've finally put this into libdes, I have made a + * few changes since it need to compile on all version of unix and + * there were a few things that would not :-) */ + +#incldue <stdio.h> +#include <unistd.h> +#include <sys/time.h> +#include <sys/param.h> +#include <sys/sysctl.h> +#include <machine/types.h> + +#include "des_locl.h" + +/* This counter keeps track of the pseudo-random sequence */ +static union { + unsigned long ul0, ul1; + unsigned char uc[8]; +} counter; + +/* The current encryption schedule */ +static des_key_schedule current_key; + +/* + * des_set_random_generator_seed: starts a new pseudorandom sequence + * dependant on the supplied key + */ +void +des_set_random_generator_seed(new_key) + des_cblock *new_key; +{ + des_key_sched(new_key, current_key); + + /* reset the counter */ + counter.ul0 = counter.ul1 = 0; +} + +/* + * des_set_sequence_number: set the counter to a known value + */ +void +des_set_sequence_number(new_counter) + des_cblock new_counter; +{ + memcpy((char *)counter.uc,(char *)new_counter,sizeof(counter)); +} + +/* + * des_generate_random_block: returns the next 64 bit random number + */ + +void des_generate_random_block(random_block) + des_cblock *random_block; +{ + /* Encrypt the counter to get pseudo-random numbers */ + des_ecb_encrypt(&counter.uc, random_block, current_key, DES_ENCRYPT); + + /* increment the 64-bit counter + * (or that could be a 128 bit counter on a 64 bit box - eay */ + if (!++counter.ul0) counter.ul1++; +} + +/* + * des_new_random_key: Invents a new, random strong key with odd parity. + */ +int +des_new_random_key(new_key) + des_cblock *new_key; +{ + do { + des_generate_random_block(new_key); + des_set_odd_parity(new_key); + } while (des_is_weak_key(new_key)); + return(0); +} + +/* + * des_init_random_number_generator: intialises the random number generator + * to a truly nasty sequence using system + * supplied volatile variables. + */ +void +des_init_random_number_generator(key) + des_cblock *key; +{ + /* 64-bit structures */ + struct { + u_int32_t pid; + u_int32_t hostid; + } sysblock; + struct timeval timeblock; + struct { + u_int32_t tv_sec; + u_int32_t tv_usec; + } time64bit; + des_cblock new_key; + int mib[2]; + size_t len; + + /* Get host ID using official BSD 4.4 method */ + mib[0] = CTL_KERN; + mib[1] = KERN_HOSTID; + len = sizeof(sysblock.hostid); + sysctl(mib, 2, &sysblock.hostid, &len, NULL, 0); + + /* Get Process ID */ + sysblock.pid = getpid(); + + /* Generate a new key, and use it to seed the random generator */ + des_set_random_generator_seed(key); + des_set_sequence_number((unsigned char *)&sysblock); + des_new_random_key(&new_key); + des_set_random_generator_seed(&new_key); + + /* Try to confuse the sequence counter */ + gettimeofday(&timeblock, NULL); + time64bit.tv_sec = (u_int32_t)timeblock.tv_sec; + time64bit.tv_usec = (u_int32_t)timeblock.tv_usec; + des_set_sequence_number((unsigned char *)&time64bit); + + /* Do the work */ + des_new_random_key(&new_key); + des_set_random_generator_seed(&new_key); +} diff --git a/secure/lib/libdes/ofb64ede.c b/secure/lib/libdes/ofb64ede.c new file mode 100644 index 0000000..3868e76 --- /dev/null +++ b/secure/lib/libdes/ofb64ede.c @@ -0,0 +1,126 @@ +/* lib/des/ofb64ede.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output encrypted as though 64bit ofb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ +void des_ede3_ofb64_encrypt(in, out, length, k1,k2,k3, ivec, num) +register unsigned char *in; +register unsigned char *out; +long length; +des_key_schedule k1,k2,k3; +des_cblock (*ivec); +int *num; + { + register unsigned long v0,v1; + register int n=*num; + register long l=length; + des_cblock d; + register char *dp; + unsigned long ti[2]; + unsigned char *iv; + int save=0; + + iv=(unsigned char *)ivec; + c2l(iv,v0); + c2l(iv,v1); + ti[0]=v0; + ti[1]=v1; + dp=(char *)d; + l2c(v0,dp); + l2c(v1,dp); + while (l--) + { + if (n == 0) + { + IP(v0,v1); + + ti[0]=v0; + ti[1]=v1; + des_encrypt2((unsigned long *)ti,k1,DES_ENCRYPT); + des_encrypt2((unsigned long *)ti,k2,DES_DECRYPT); + des_encrypt2((unsigned long *)ti,k3,DES_ENCRYPT); + v0=ti[0]; + v1=ti[1]; + + FP(v1,v0); + + dp=(char *)d; + l2c(v0,dp); + l2c(v1,dp); + save++; + } + *(out++)=*(in++)^d[n]; + n=(n+1)&0x07; + } + if (save) + { +/* v0=ti[0]; + v1=ti[1];*/ + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + } + v0=v1=ti[0]=ti[1]=0; + *num=n; + } + +#ifdef undef /* MACRO */ +void des_ede2_ofb64_encrypt(in, out, length, k1,k2, ivec, num) +register unsigned char *in; +register unsigned char *out; +long length; +des_key_schedule k1,k2; +des_cblock (*ivec); +int *num; + { + des_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num); + } +#endif diff --git a/secure/lib/libdes/ofb64enc.c b/secure/lib/libdes/ofb64enc.c new file mode 100644 index 0000000..bc8dd8c --- /dev/null +++ b/secure/lib/libdes/ofb64enc.c @@ -0,0 +1,103 @@ +/* lib/des/ofb64enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output encrypted as though 64bit ofb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ +void des_ofb64_encrypt(in, out, length, schedule, ivec, num) +register unsigned char *in; +register unsigned char *out; +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int *num; + { + register unsigned long v0,v1,t; + register int n=*num; + register long l=length; + des_cblock d; + register char *dp; + unsigned long ti[2]; + unsigned char *iv; + int save=0; + + iv=(unsigned char *)ivec; + c2l(iv,v0); + c2l(iv,v1); + ti[0]=v0; + ti[1]=v1; + dp=(char *)d; + l2c(v0,dp); + l2c(v1,dp); + while (l--) + { + if (n == 0) + { + des_encrypt((unsigned long *)ti,schedule,DES_ENCRYPT); + dp=(char *)d; + t=ti[0]; l2c(t,dp); + t=ti[1]; l2c(t,dp); + save++; + } + *(out++)=*(in++)^d[n]; + n=(n+1)&0x07; + } + if (save) + { + v0=ti[0]; + v1=ti[1]; + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + } + t=v0=v1=ti[0]=ti[1]=0; + *num=n; + } + diff --git a/secure/lib/libdes/ofb_enc.c b/secure/lib/libdes/ofb_enc.c new file mode 100644 index 0000000..e95cadd --- /dev/null +++ b/secure/lib/libdes/ofb_enc.c @@ -0,0 +1,111 @@ +/* lib/des/ofb_enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +/* The input and output are loaded in multiples of 8 bits. + * What this means is that if you hame numbits=12 and length=2 + * the first 12 bits will be retrieved from the first byte and half + * the second. The second 12 bits will come from the 3rd and half the 4th + * byte. + */ +void des_ofb_encrypt(in, out, numbits, length, schedule, ivec) +unsigned char *in; +unsigned char *out; +int numbits; +long length; +des_key_schedule schedule; +des_cblock (*ivec); + { + register unsigned long d0,d1,v0,v1,n=(numbits+7)/8; + register unsigned long mask0,mask1; + register long l=length; + register int num=numbits; + unsigned long ti[2]; + unsigned char *iv; + + if (num > 64) return; + if (num > 32) + { + mask0=0xffffffffL; + if (num >= 64) + mask1=mask0; + else + mask1=(1L<<(num-32))-1; + } + else + { + if (num == 32) + mask0=0xffffffffL; + else + mask0=(1L<<num)-1; + mask1=0x00000000; + } + + iv=(unsigned char *)ivec; + c2l(iv,v0); + c2l(iv,v1); + ti[0]=v0; + ti[1]=v1; + while (l-- > 0) + { + des_encrypt((unsigned long *)ti,schedule,DES_ENCRYPT); + c2ln(in,d0,d1,n); + in+=n; + d0=(d0^ti[0])&mask0; + d1=(d1^ti[1])&mask1; + l2cn(d0,d1,out,n); + out+=n; + } + v0=ti[0]; + v1=ti[1]; + iv=(unsigned char *)ivec; + l2c(v0,iv); + l2c(v1,iv); + v0=v1=d0=d1=ti[0]=ti[1]=0; + } + diff --git a/secure/lib/libdes/pcbc_enc.c b/secure/lib/libdes/pcbc_enc.c new file mode 100644 index 0000000..b17a6d7 --- /dev/null +++ b/secure/lib/libdes/pcbc_enc.c @@ -0,0 +1,115 @@ +/* lib/des/pcbc_enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +void des_pcbc_encrypt(input, output, length, schedule, ivec, encrypt) +des_cblock (*input); +des_cblock (*output); +long length; +des_key_schedule schedule; +des_cblock (*ivec); +int encrypt; + { + register unsigned long sin0,sin1,xor0,xor1,tout0,tout1; + unsigned long tin[2]; + unsigned char *in,*out,*iv; + + in=(unsigned char *)input; + out=(unsigned char *)output; + iv=(unsigned char *)ivec; + + if (encrypt) + { + c2l(iv,xor0); + c2l(iv,xor1); + for (; length>0; length-=8) + { + if (length >= 8) + { + c2l(in,sin0); + c2l(in,sin1); + } + else + c2ln(in,sin0,sin1,length); + tin[0]=sin0^xor0; + tin[1]=sin1^xor1; + des_encrypt((unsigned long *)tin,schedule,DES_ENCRYPT); + tout0=tin[0]; + tout1=tin[1]; + xor0=sin0^tout0; + xor1=sin1^tout1; + l2c(tout0,out); + l2c(tout1,out); + } + } + else + { + c2l(iv,xor0); c2l(iv,xor1); + for (; length>0; length-=8) + { + c2l(in,sin0); + c2l(in,sin1); + tin[0]=sin0; + tin[1]=sin1; + des_encrypt((unsigned long *)tin,schedule,DES_DECRYPT); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + if (length >= 8) + { + l2c(tout0,out); + l2c(tout1,out); + } + else + l2cn(tout0,tout1,out,length); + xor0=tout0^sin0; + xor1=tout1^sin1; + } + } + tin[0]=tin[1]=0; + sin0=sin1=xor0=xor1=tout0=tout1=0; + } diff --git a/secure/lib/libdes/podd.h b/secure/lib/libdes/podd.h new file mode 100644 index 0000000..96846d2 --- /dev/null +++ b/secure/lib/libdes/podd.h @@ -0,0 +1,64 @@ +/* lib/des/podd.h */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +static const unsigned char odd_parity[256]={ + 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14, + 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31, + 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47, + 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62, + 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79, + 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94, + 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110, +112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127, +128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143, +145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158, +161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174, +176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191, +193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206, +208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223, +224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239, +241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254}; diff --git a/secure/lib/libdes/qud_cksm.c b/secure/lib/libdes/qud_cksm.c new file mode 100644 index 0000000..e2c6ffd --- /dev/null +++ b/secure/lib/libdes/qud_cksm.c @@ -0,0 +1,133 @@ +/* lib/des/qud_cksm.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer + * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40 + * This module in only based on the code in this paper and is + * almost definitely not the same as the MIT implementation. + */ +#include "des_locl.h" + +/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */ +#define B0(a) (((unsigned long)(a))) +#define B1(a) (((unsigned long)(a))<<8) +#define B2(a) (((unsigned long)(a))<<16) +#define B3(a) (((unsigned long)(a))<<24) + +/* used to scramble things a bit */ +/* Got the value MIT uses via brute force :-) 2/10/90 eay */ +#define NOISE ((unsigned long)83653421L) + +unsigned long des_quad_cksum(input, output, length, out_count, seed) +des_cblock (*input); +des_cblock (*output); +long length; +int out_count; +des_cblock (*seed); + { + unsigned long z0,z1,t0,t1; + int i; + long l=0; + unsigned char *cp; + unsigned char *lp; + + if (out_count < 1) out_count=1; + lp=(unsigned char *)output; + + z0=B0((*seed)[0])|B1((*seed)[1])|B2((*seed)[2])|B3((*seed)[3]); + z1=B0((*seed)[4])|B1((*seed)[5])|B2((*seed)[6])|B3((*seed)[7]); + + for (i=0; ((i<4)&&(i<out_count)); i++) + { + cp=(unsigned char *)input; + l=length; + while (l > 0) + { + if (l > 1) + { + t0= (unsigned long)(*(cp++)); + t0|=(unsigned long)B1(*(cp++)); + l--; + } + else + t0= (unsigned long)(*(cp++)); + l--; + /* add */ + t0+=z0; + t0&=0xffffffffL; + t1=z1; + /* square, well sort of square */ + z0=((((t0*t0)&0xffffffffL)+((t1*t1)&0xffffffffL)) + &0xffffffffL)%0x7fffffffL; + z1=((t0*((t1+NOISE)&0xffffffffL))&0xffffffffL)%0x7fffffffL; + } + if (lp != NULL) + { + /* I believe I finally have things worked out. + * The MIT library assumes that the checksum + * is one huge number and it is returned in a + * host dependant byte order. + */ + static unsigned long ltmp=1; + static unsigned char *c=(unsigned char *)<mp; + + if (c[0]) + { + l2c(z0,lp); + l2c(z1,lp); + } + else + { + lp=output[out_count-i-1]; + l2n(z1,lp); + l2n(z0,lp); + } + } + } + return(z0); + } + diff --git a/secure/lib/libdes/rand_key.c b/secure/lib/libdes/rand_key.c new file mode 100644 index 0000000..c4c4caa --- /dev/null +++ b/secure/lib/libdes/rand_key.c @@ -0,0 +1,107 @@ +/* lib/des/rand_key.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" +#include <time.h> + +static int seed=0; +static des_cblock init; + +void des_random_seed(key) +des_cblock key; + { + memcpy(init,key,sizeof(des_cblock)); + seed=1; + } + +void des_random_key(ret) +unsigned char *ret; + { + des_key_schedule ks; + static unsigned long c=0; + static unsigned short pid=0; + static des_cblock data={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}; + des_cblock key; + unsigned char *p; + unsigned long t; + int i; + +#ifdef MSDOS + pid=1; +#else + if (!pid) pid=getpid(); +#endif + p=key; + if (seed) + { + for (i=0; i<8; i++) + { + data[i] ^= init[i]; + init[i]=0; + } + seed=0; + } + t=(unsigned long)time(NULL); + l2c(t,p); + t=(unsigned long)((pid)|((c++)<<16)); + l2c(t,p); + + des_set_odd_parity((des_cblock *)data); + des_set_key((des_cblock *)data,ks); + des_cbc_cksum((des_cblock *)key,(des_cblock *)key, + (long)sizeof(key),ks,(des_cblock *)data); + + des_set_odd_parity((des_cblock *)key); + des_set_key((des_cblock *)key,ks); + des_cbc_cksum((des_cblock *)key,(des_cblock *)data, + (long)sizeof(key),ks,(des_cblock *)key); + + memcpy(ret,data,sizeof(key)); + memset(key,0,sizeof(key)); + memset(ks,0,sizeof(ks)); + t=0; + } diff --git a/secure/lib/libdes/read_pwd.c b/secure/lib/libdes/read_pwd.c new file mode 100644 index 0000000..bebad0c --- /dev/null +++ b/secure/lib/libdes/read_pwd.c @@ -0,0 +1,380 @@ +/* lib/des/read_pwd.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* 06-Apr-92 Luke Brennan Support for VMS */ +#include "des_locl.h" +#include <signal.h> +#include <string.h> +#include <setjmp.h> + +/* There are 5 types of terminal interface supported, + * TERMIO, TERMIOS, VMS, MSDOS and SGTTY + */ + +#if defined(sgi) || defined(__sgi) +#define TERMIOS +#undef TERMIO +#undef SGTTY +#endif + +#ifdef _LIBC +#define TERMIO +#endif + +#if !defined(TERMIO) && !defined(TERMIOS) && !defined(VMS) && !defined(MSDOS) +#define SGTTY +#endif + +#ifdef TERMIOS +#include <termios.h> +#define TTY_STRUCT struct termios +#define TTY_FLAGS c_lflag +#define TTY_get(tty,data) tcgetattr(tty,data) +#define TTY_set(tty,data) tcsetattr(tty,TCSANOW,data) +#endif + +#ifdef TERMIO +#include <termio.h> +#define TTY_STRUCT struct termio +#define TTY_FLAGS c_lflag +#define TTY_get(tty,data) ioctl(tty,TCGETA,data) +#define TTY_set(tty,data) ioctl(tty,TCSETA,data) +#endif + +#ifdef SGTTY +#include <sgtty.h> +#define TTY_STRUCT struct sgttyb +#define TTY_FLAGS sg_flags +#define TTY_get(tty,data) ioctl(tty,TIOCGETP,data) +#define TTY_set(tty,data) ioctl(tty,TIOCSETP,data) +#endif + +#ifndef _LIBC +#include <sys/ioctl.h> +#endif + +#ifdef MSDOS +#include <conio.h> +#define fgets(a,b,c) noecho_fgets(a,b,c) +#endif + +#ifdef VMS +#include <ssdef.h> +#include <iodef.h> +#include <ttdef.h> +#include <descrip.h> +struct IOSB { + short iosb$w_value; + short iosb$w_count; + long iosb$l_info; + }; +#endif + +#ifndef NX509_SIG +#define NX509_SIG 32 +#endif + +#ifndef NOPROTO +static void read_till_nl(FILE *); +static int read_pw(char *buf, char *buff, int size, char *prompt, int verify); +static void recsig(int); +static void pushsig(void); +static void popsig(void); +#ifdef MSDOS +static int noecho_fgets(char *buf, int size, FILE *tty); +#endif +#else +static void read_till_nl(); +static int read_pw(); +static void recsig(); +static void pushsig(); +static void popsig(); +#ifdef MSDOS +static int noecho_fgets(); +#endif +#endif + +static void (*savsig[NX509_SIG])(); +static jmp_buf save; + +int des_read_password(key, prompt, verify) +des_cblock (*key); +char *prompt; +int verify; + { + int ok; + char buf[BUFSIZ],buff[BUFSIZ]; + + if ((ok=read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) + des_string_to_key(buf,key); + memset(buf,0,BUFSIZ); + memset(buff,0,BUFSIZ); + return(ok); + } + +int des_read_2passwords(key1, key2, prompt, verify) +des_cblock (*key1); +des_cblock (*key2); +char *prompt; +int verify; + { + int ok; + char buf[BUFSIZ],buff[BUFSIZ]; + + if ((ok=read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) + des_string_to_2keys(buf,key1,key2); + memset(buf,0,BUFSIZ); + memset(buff,0,BUFSIZ); + return(ok); + } + +int des_read_pw_string(buf, length, prompt, verify) +char *buf; +int length; +char *prompt; +int verify; + { + char buff[BUFSIZ]; + int ret; + + ret=read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); + memset(buff,0,BUFSIZ); + return(ret); + } + +static void read_till_nl(in) +FILE *in; + { +#define SIZE 4 + char buf[SIZE+1]; + + do { + fgets(buf,SIZE,in); + } while (strchr(buf,'\n') == NULL); + } + +/* return 0 if ok, 1 (or -1) otherwise */ +static int read_pw(buf, buff, size, prompt, verify) +char *buf; +char *buff; +int size; +char *prompt; +int verify; + { +#ifdef VMS + struct IOSB iosb; + $DESCRIPTOR(terminal,"TT"); + long tty_orig[3], tty_new[3]; + long status; + unsigned short channel = 0; +#else +#ifndef MSDOS + TTY_STRUCT tty_orig,tty_new; +#endif +#endif + int number=5; + int ok=0; + int ps=0; + FILE *tty=NULL; + char *p; + +#ifndef MSDOS + if ((tty=fopen("/dev/tty","r")) == NULL) + tty=stdin; +#else /* MSDOS */ + if ((tty=fopen("con","r")) == NULL) + tty=stdin; +#endif /* MSDOS */ + +#if defined(TTY_get) && !defined(VMS) + if (TTY_get(fileno(tty),&tty_orig) == -1) + return(-1); + memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig)); +#endif +#ifdef VMS + status = SYS$ASSIGN(&terminal,&channel,0,0); + if (status != SS$_NORMAL) + return(-1); + status=SYS$QIOW(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0); + if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL)) + return(-1); +#endif + + if (setjmp(save)) + { + ok=0; + goto error; + } + pushsig(); + ps=1; + +#ifdef TTY_FLAGS + tty_new.TTY_FLAGS &= ~ECHO; +#endif + +#if defined(TTY_set) && !defined(VMS) + if (TTY_set(fileno(tty),&tty_new) == -1) + return(-1); +#endif +#ifdef VMS + tty_new[0] = tty_orig[0]; + tty_new[1] = tty_orig[1] | TT$M_NOECHO; + tty_new[2] = tty_orig[2]; + status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0); + if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL)) + return(-1); +#endif + ps=2; + + while ((!ok) && (number--)) + { + fputs(prompt,stderr); + fflush(stderr); + + buf[0]='\0'; + fgets(buf,size,tty); + if (feof(tty)) goto error; + if ((p=(char *)strchr(buf,'\n')) != NULL) + *p='\0'; + else read_till_nl(tty); + if (verify) + { + fprintf(stderr,"\nVerifying password %s",prompt); + fflush(stderr); + buff[0]='\0'; + fgets(buff,size,tty); + if (feof(tty)) goto error; + if ((p=(char *)strchr(buff,'\n')) != NULL) + *p='\0'; + else read_till_nl(tty); + + if (strcmp(buf,buff) != 0) + { + fprintf(stderr,"\nVerify failure"); + fflush(stderr); + break; + /* continue; */ + } + } + ok=1; + } + +error: + fprintf(stderr,"\n"); + /* What can we do if there is an error? */ +#if defined(TTY_set) && !defined(VMS) + if (ps >= 2) TTY_set(fileno(tty),&tty_orig); +#endif +#ifdef VMS + if (ps >= 2) + status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0 + ,tty_orig,12,0,0,0,0); +#endif + + if (ps >= 1) popsig(); + if (stdin != tty) fclose(tty); +#ifdef VMS + status = SYS$DASSGN(channel); +#endif + return(!ok); + } + +static void pushsig() + { + int i; + + for (i=1; i<NX509_SIG; i++) + savsig[i]=signal(i,recsig); + } + +static void popsig() + { + int i; + + for (i=1; i<NX509_SIG; i++) + signal(i,savsig[i]); + } + +static void recsig(i) +int i; + { + longjmp(save,1); +#ifdef LINT + i=i; +#endif + } + +#ifdef MSDOS +static int noecho_fgets(buf,size,tty) +char *buf; +int size; +FILE *tty; + { + int i,n; + char *p; + + p=buf; + for (;;) + { + if (size == 0) + { + *p='\0'; + break; + } + size--; + i=getch(); + if (i == '\r') i='\n'; + *(p++)=i; + if (i == '\n') + { + *p='\0'; + break; + } + } + return(strlen(buf)); + } +#endif diff --git a/secure/lib/libdes/rpc_des.h b/secure/lib/libdes/rpc_des.h new file mode 100644 index 0000000..e316b78 --- /dev/null +++ b/secure/lib/libdes/rpc_des.h @@ -0,0 +1,115 @@ +/* lib/des/rpc_des.h */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* @(#)des.h 2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI */ +/* + * Sun RPC is a product of Sun Microsystems, Inc. and is provided for + * unrestricted use provided that this legend is included on all tape + * media and as a part of the software program in whole or part. Users + * may copy or modify Sun RPC without charge, but are not authorized + * to license or distribute it to anyone else except as part of a product or + * program developed by the user. + * + * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE + * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR + * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. + * + * Sun RPC is provided with no support and without any obligation on the + * part of Sun Microsystems, Inc. to assist in its use, correction, + * modification or enhancement. + * + * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE + * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC + * OR ANY PART THEREOF. + * + * In no event will Sun Microsystems, Inc. be liable for any lost revenue + * or profits or other special, indirect and consequential damages, even if + * Sun has been advised of the possibility of such damages. + * + * Sun Microsystems, Inc. + * 2550 Garcia Avenue + * Mountain View, California 94043 + */ +/* + * Generic DES driver interface + * Keep this file hardware independent! + * Copyright (c) 1986 by Sun Microsystems, Inc. + */ + +#define DES_MAXLEN 65536 /* maximum # of bytes to encrypt */ +#define DES_QUICKLEN 16 /* maximum # of bytes to encrypt quickly */ + +enum desdir { ENCRYPT, DECRYPT }; +enum desmode { CBC, ECB }; + +/* + * parameters to ioctl call + */ +struct desparams { + unsigned char des_key[8]; /* key (with low bit parity) */ + enum desdir des_dir; /* direction */ + enum desmode des_mode; /* mode */ + unsigned char des_ivec[8]; /* input vector */ + unsigned des_len; /* number of bytes to crypt */ + union { + unsigned char UDES_data[DES_QUICKLEN]; + unsigned char *UDES_buf; + } UDES; +# define des_data UDES.UDES_data /* direct data here if quick */ +# define des_buf UDES.UDES_buf /* otherwise, pointer to data */ +}; + +/* + * Encrypt an arbitrary sized buffer + */ +#define DESIOCBLOCK _IOWR(d, 6, struct desparams) + +/* + * Encrypt of small amount of data, quickly + */ +#define DESIOCQUICK _IOWR(d, 7, struct desparams) + diff --git a/secure/lib/libdes/rpc_enc.c b/secure/lib/libdes/rpc_enc.c new file mode 100644 index 0000000..b9b3898 --- /dev/null +++ b/secure/lib/libdes/rpc_enc.c @@ -0,0 +1,96 @@ +/* lib/des/rpc_enc.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "rpc_des.h" +#include "des_locl.h" +#include "version.h" + +#ifndef NOPROTO +int _des_crypt(char *buf,int len,struct desparams *desp); +#else +int _des_crypt(); +#endif + +int _des_crypt(buf, len, desp) +char *buf; +int len; +struct desparams *desp; + { + Key_schedule ks; + int enc; + + des_set_key((des_cblock *)desp->des_key,ks); + enc=(desp->des_dir == ENCRYPT)?DES_ENCRYPT:DES_DECRYPT; + + if (desp->des_mode == CBC) + des_ecb_encrypt((des_cblock *)desp->UDES.UDES_buf, + (des_cblock *)desp->UDES.UDES_buf,ks,enc); + else + { + des_ncbc_encrypt((des_cblock *)desp->UDES.UDES_buf, + (des_cblock *)desp->UDES.UDES_buf, + (long)len,ks, + (des_cblock *)desp->des_ivec,enc); +#ifdef undef + /* len will always be %8 if called from common_crypt + * in secure_rpc. + * Libdes's cbc encrypt does not copy back the iv, + * so we have to do it here. */ + /* It does now :-) eay 20/09/95 */ + + a=(char *)&(desp->UDES.UDES_buf[len-8]); + b=(char *)&(desp->des_ivec[0]); + + *(a++)= *(b++); *(a++)= *(b++); + *(a++)= *(b++); *(a++)= *(b++); + *(a++)= *(b++); *(a++)= *(b++); + *(a++)= *(b++); *(a++)= *(b++); +#endif + } + return(1); + } + diff --git a/secure/lib/libdes/rpw.c b/secure/lib/libdes/rpw.c new file mode 100644 index 0000000..2213a56 --- /dev/null +++ b/secure/lib/libdes/rpw.c @@ -0,0 +1,90 @@ +/* lib/des/rpw.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "des.h" + +int main(argc,argv) +int argc; +char *argv[]; + { + des_cblock k,k1; + int i; + + printf("read passwd\n"); + if ((i=des_read_password((C_Block *)k,"Enter password:",0)) == 0) + { + printf("password = "); + for (i=0; i<8; i++) + printf("%02x ",k[i]); + } + else + printf("error %d\n",i); + printf("\n"); + printf("read 2passwds and verify\n"); + if ((i=des_read_2passwords((C_Block *)k,(C_Block *)k1, + "Enter verified password:",1)) == 0) + { + printf("password1 = "); + for (i=0; i<8; i++) + printf("%02x ",k[i]); + printf("\n"); + printf("password2 = "); + for (i=0; i<8; i++) + printf("%02x ",k1[i]); + printf("\n"); + exit(1); + } + else + { + printf("error %d\n",i); + exit(0); + } +#ifdef LINT + return(0); +#endif + } diff --git a/secure/lib/libdes/set_key.c b/secure/lib/libdes/set_key.c new file mode 100644 index 0000000..209a07d --- /dev/null +++ b/secure/lib/libdes/set_key.c @@ -0,0 +1,234 @@ +/* lib/des/set_key.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* set_key.c v 1.4 eay 24/9/91 + * 1.4 Speed up by 400% :-) + * 1.3 added register declarations. + * 1.2 unrolled make_key_sched a bit more + * 1.1 added norm_expand_bits + * 1.0 First working version + */ +#include "des_locl.h" +#include "podd.h" +#include "sk.h" + +#ifndef NOPROTO +static int check_parity(des_cblock (*key)); +#else +static int check_parity(); +#endif + +int des_check_key=0; + +void des_set_odd_parity(key) +des_cblock (*key); + { + int i; + + for (i=0; i<DES_KEY_SZ; i++) + (*key)[i]=odd_parity[(*key)[i]]; + } + +static int check_parity(key) +des_cblock (*key); + { + int i; + + for (i=0; i<DES_KEY_SZ; i++) + { + if ((*key)[i] != odd_parity[(*key)[i]]) + return(0); + } + return(1); + } + +/* Weak and semi week keys as take from + * %A D.W. Davies + * %A W.L. Price + * %T Security for Computer Networks + * %I John Wiley & Sons + * %D 1984 + * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference + * (and actual cblock values). + */ +#define NUM_WEAK_KEY 16 +static des_cblock weak_keys[NUM_WEAK_KEY]={ + /* weak keys */ + {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, + {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE}, + {0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F}, + {0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0}, + /* semi-weak keys */ + {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE}, + {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01}, + {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1}, + {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E}, + {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1}, + {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01}, + {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE}, + {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E}, + {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E}, + {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01}, + {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE}, + {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}}; + +int des_is_weak_key(key) +des_cblock (*key); + { + int i; + + for (i=0; i<NUM_WEAK_KEY; i++) + /* Added == 0 to comparision, I obviously don't run + * this section very often :-(, thanks to + * engineering@MorningStar.Com for the fix + * eay 93/06/29 */ + if (memcmp(weak_keys[i],key,sizeof(key)) == 0) return(1); + return(0); + } + +/* NOW DEFINED IN des_local.h + * See ecb_encrypt.c for a pseudo description of these macros. + * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\ + * (b)^=(t),\ + * (a)=((a)^((t)<<(n)))) + */ + +#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\ + (a)=(a)^(t)^(t>>(16-(n)))) + +static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0}; + +/* return 0 if key parity is odd (correct), + * return -1 if key parity error, + * return -2 if illegal weak key. + */ +int des_set_key(key, schedule) +des_cblock (*key); +des_key_schedule schedule; + { + register unsigned long c,d,t,s; + register unsigned char *in; + register unsigned long *k; + register int i; + + if (des_check_key) + { + if (!check_parity(key)) + return(-1); + + if (des_is_weak_key(key)) + return(-2); + } + + k=(unsigned long *)schedule; + in=(unsigned char *)key; + + c2l(in,c); + c2l(in,d); + + /* do PC1 in 60 simple operations */ +/* PERM_OP(d,c,t,4,0x0f0f0f0fL); + HPERM_OP(c,t,-2, 0xcccc0000L); + HPERM_OP(c,t,-1, 0xaaaa0000L); + HPERM_OP(c,t, 8, 0x00ff0000L); + HPERM_OP(c,t,-1, 0xaaaa0000L); + HPERM_OP(d,t,-8, 0xff000000L); + HPERM_OP(d,t, 8, 0x00ff0000L); + HPERM_OP(d,t, 2, 0x33330000L); + d=((d&0x00aa00aaL)<<7L)|((d&0x55005500L)>>7L)|(d&0xaa55aa55L); + d=(d>>8)|((c&0xf0000000L)>>4); + c&=0x0fffffffL; */ + + /* I now do it in 47 simple operations :-) + * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov) + * for the inspiration. :-) */ + PERM_OP (d,c,t,4,0x0f0f0f0fL); + HPERM_OP(c,t,-2,0xcccc0000L); + HPERM_OP(d,t,-2,0xcccc0000L); + PERM_OP (d,c,t,1,0x55555555L); + PERM_OP (c,d,t,8,0x00ff00ffL); + PERM_OP (d,c,t,1,0x55555555L); + d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) | + ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L)); + c&=0x0fffffffL; + + for (i=0; i<ITERATIONS; i++) + { + if (shifts2[i]) + { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); } + else + { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); } + c&=0x0fffffffL; + d&=0x0fffffffL; + /* could be a few less shifts but I am to lazy at this + * point in time to investigate */ + s= des_skb[0][ (c )&0x3f ]| + des_skb[1][((c>> 6)&0x03)|((c>> 7L)&0x3c)]| + des_skb[2][((c>>13)&0x0f)|((c>>14L)&0x30)]| + des_skb[3][((c>>20)&0x01)|((c>>21L)&0x06) | + ((c>>22L)&0x38)]; + t= des_skb[4][ (d )&0x3f ]| + des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]| + des_skb[6][ (d>>15L)&0x3f ]| + des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)]; + + /* table contained 0213 4657 */ + *(k++)=((t<<16L)|(s&0x0000ffffL))&0xffffffffL; + s= ((s>>16L)|(t&0xffff0000L)); + + s=(s<<4L)|(s>>28L); + *(k++)=s&0xffffffffL; + } + return(0); + } + +int des_key_sched(key, schedule) +des_cblock (*key); +des_key_schedule schedule; + { + return(des_set_key(key,schedule)); + } diff --git a/secure/lib/libdes/shifts.pl b/secure/lib/libdes/shifts.pl new file mode 100755 index 0000000..3c4039e --- /dev/null +++ b/secure/lib/libdes/shifts.pl @@ -0,0 +1,160 @@ +sub lab_shift + { + local(*a,$n)=@_; + local(@r,$i,$j,$k,$d,@z); + + @r=&shift(*a,$n); + foreach $i (0 .. 31) + { + @z=split(/\^/,$r[$i]); + for ($j=0; $j <= $#z; $j++) + { + ($d)=($z[$j] =~ /^(..)/); + ($k)=($z[$j] =~ /\[(.*)\]$/); + $k.=",$n" if ($k ne ""); + $k="$n" if ($k eq ""); + $d="$d[$k]"; + $z[$j]=$d; + } + $r[$i]=join('^',@z); + } + return(@r); + } + +sub shift + { + local(*a,$n)=@_; + local(@f); + + if ($n > 0) + { + @f=&shiftl(*a,$n); + } + else + { + @f=&shiftr(*a,-$n); + } + return(@f); + } + +sub shiftr + { + local(*a,$n)=@_; + local(@r,$i); + + $#r=31; + foreach $i (0 .. 31) + { + if (($i+$n) > 31) + { + $r[$i]="--"; + } + else + { + $r[$i]=$a[$i+$n]; + } + } + return(@r); + } + +sub shiftl + { + local(*a,$n)=@_; + local(@r,$i); + + $#r=31; + foreach $i (0 .. 31) + { + if ($i < $n) + { + $r[$i]="--"; + } + else + { + $r[$i]=$a[$i-$n]; + } + } + return(@r); + } + +sub printit + { + local(@a)=@_; + local($i); + + foreach $i (0 .. 31) + { + printf "%2s ",$a[$i]; + print "\n" if (($i%8) == 7); + } + print "\n"; + } + +sub xor + { + local(*a,*b)=@_; + local(@r,$i); + + $#r=31; + foreach $i (0 .. 31) + { + $r[$i]=&compress($a[$i].'^'.$b[$i]); +# $r[$i]=$a[$i]."^".$b[$i]; + } + return(@r); + } + +sub and + { + local(*a,$m)=@_; + local(@r,$i); + + $#r=31; + foreach $i (0 .. 31) + { + $r[$i]=(($m & (1<<$i))?($a[$i]):('--')); + } + return(@r); + } + +sub or + { + local(*a,*b)=@_; + local(@r,$i); + + $#r=31; + foreach $i (0 .. 31) + { + $r[$i]='--' if (($a[$i] eq '--') && ($b[$i] eq '--')); + $r[$i]=$a[$i] if (($a[$i] ne '--') && ($b[$i] eq '--')); + $r[$i]=$b[$i] if (($a[$i] eq '--') && ($b[$i] ne '--')); + $r[$i]='++' if (($a[$i] ne '--') && ($b[$i] ne '--')); + } + return(@r); + } + +sub compress + { + local($s)=@_; + local($_,$i,@a,%a,$r); + + $s =~ s/\^\^/\^/g; + $s =~ s/^\^//; + $s =~ s/\^$//; + @a=split(/\^/,$s); + + while ($#a >= 0) + { + $_=shift(@a); + next unless /\d/; + $a{$_}++; + } + foreach $i (sort keys %a) + { + next if ($a{$i}%2 == 0); + $r.="$i^"; + } + chop($r); + return($r); + } +1; diff --git a/secure/lib/libdes/sk.h b/secure/lib/libdes/sk.h new file mode 100644 index 0000000..e5997d9 --- /dev/null +++ b/secure/lib/libdes/sk.h @@ -0,0 +1,193 @@ +/* lib/des/sk.h */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +static const unsigned long des_skb[8][64]={ +{ +/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */ +0x00000000L,0x00000010L,0x20000000L,0x20000010L, +0x00010000L,0x00010010L,0x20010000L,0x20010010L, +0x00000800L,0x00000810L,0x20000800L,0x20000810L, +0x00010800L,0x00010810L,0x20010800L,0x20010810L, +0x00000020L,0x00000030L,0x20000020L,0x20000030L, +0x00010020L,0x00010030L,0x20010020L,0x20010030L, +0x00000820L,0x00000830L,0x20000820L,0x20000830L, +0x00010820L,0x00010830L,0x20010820L,0x20010830L, +0x00080000L,0x00080010L,0x20080000L,0x20080010L, +0x00090000L,0x00090010L,0x20090000L,0x20090010L, +0x00080800L,0x00080810L,0x20080800L,0x20080810L, +0x00090800L,0x00090810L,0x20090800L,0x20090810L, +0x00080020L,0x00080030L,0x20080020L,0x20080030L, +0x00090020L,0x00090030L,0x20090020L,0x20090030L, +0x00080820L,0x00080830L,0x20080820L,0x20080830L, +0x00090820L,0x00090830L,0x20090820L,0x20090830L, +},{ +/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */ +0x00000000L,0x02000000L,0x00002000L,0x02002000L, +0x00200000L,0x02200000L,0x00202000L,0x02202000L, +0x00000004L,0x02000004L,0x00002004L,0x02002004L, +0x00200004L,0x02200004L,0x00202004L,0x02202004L, +0x00000400L,0x02000400L,0x00002400L,0x02002400L, +0x00200400L,0x02200400L,0x00202400L,0x02202400L, +0x00000404L,0x02000404L,0x00002404L,0x02002404L, +0x00200404L,0x02200404L,0x00202404L,0x02202404L, +0x10000000L,0x12000000L,0x10002000L,0x12002000L, +0x10200000L,0x12200000L,0x10202000L,0x12202000L, +0x10000004L,0x12000004L,0x10002004L,0x12002004L, +0x10200004L,0x12200004L,0x10202004L,0x12202004L, +0x10000400L,0x12000400L,0x10002400L,0x12002400L, +0x10200400L,0x12200400L,0x10202400L,0x12202400L, +0x10000404L,0x12000404L,0x10002404L,0x12002404L, +0x10200404L,0x12200404L,0x10202404L,0x12202404L, +},{ +/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */ +0x00000000L,0x00000001L,0x00040000L,0x00040001L, +0x01000000L,0x01000001L,0x01040000L,0x01040001L, +0x00000002L,0x00000003L,0x00040002L,0x00040003L, +0x01000002L,0x01000003L,0x01040002L,0x01040003L, +0x00000200L,0x00000201L,0x00040200L,0x00040201L, +0x01000200L,0x01000201L,0x01040200L,0x01040201L, +0x00000202L,0x00000203L,0x00040202L,0x00040203L, +0x01000202L,0x01000203L,0x01040202L,0x01040203L, +0x08000000L,0x08000001L,0x08040000L,0x08040001L, +0x09000000L,0x09000001L,0x09040000L,0x09040001L, +0x08000002L,0x08000003L,0x08040002L,0x08040003L, +0x09000002L,0x09000003L,0x09040002L,0x09040003L, +0x08000200L,0x08000201L,0x08040200L,0x08040201L, +0x09000200L,0x09000201L,0x09040200L,0x09040201L, +0x08000202L,0x08000203L,0x08040202L,0x08040203L, +0x09000202L,0x09000203L,0x09040202L,0x09040203L, +},{ +/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */ +0x00000000L,0x00100000L,0x00000100L,0x00100100L, +0x00000008L,0x00100008L,0x00000108L,0x00100108L, +0x00001000L,0x00101000L,0x00001100L,0x00101100L, +0x00001008L,0x00101008L,0x00001108L,0x00101108L, +0x04000000L,0x04100000L,0x04000100L,0x04100100L, +0x04000008L,0x04100008L,0x04000108L,0x04100108L, +0x04001000L,0x04101000L,0x04001100L,0x04101100L, +0x04001008L,0x04101008L,0x04001108L,0x04101108L, +0x00020000L,0x00120000L,0x00020100L,0x00120100L, +0x00020008L,0x00120008L,0x00020108L,0x00120108L, +0x00021000L,0x00121000L,0x00021100L,0x00121100L, +0x00021008L,0x00121008L,0x00021108L,0x00121108L, +0x04020000L,0x04120000L,0x04020100L,0x04120100L, +0x04020008L,0x04120008L,0x04020108L,0x04120108L, +0x04021000L,0x04121000L,0x04021100L,0x04121100L, +0x04021008L,0x04121008L,0x04021108L,0x04121108L, +},{ +/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */ +0x00000000L,0x10000000L,0x00010000L,0x10010000L, +0x00000004L,0x10000004L,0x00010004L,0x10010004L, +0x20000000L,0x30000000L,0x20010000L,0x30010000L, +0x20000004L,0x30000004L,0x20010004L,0x30010004L, +0x00100000L,0x10100000L,0x00110000L,0x10110000L, +0x00100004L,0x10100004L,0x00110004L,0x10110004L, +0x20100000L,0x30100000L,0x20110000L,0x30110000L, +0x20100004L,0x30100004L,0x20110004L,0x30110004L, +0x00001000L,0x10001000L,0x00011000L,0x10011000L, +0x00001004L,0x10001004L,0x00011004L,0x10011004L, +0x20001000L,0x30001000L,0x20011000L,0x30011000L, +0x20001004L,0x30001004L,0x20011004L,0x30011004L, +0x00101000L,0x10101000L,0x00111000L,0x10111000L, +0x00101004L,0x10101004L,0x00111004L,0x10111004L, +0x20101000L,0x30101000L,0x20111000L,0x30111000L, +0x20101004L,0x30101004L,0x20111004L,0x30111004L, +},{ +/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */ +0x00000000L,0x08000000L,0x00000008L,0x08000008L, +0x00000400L,0x08000400L,0x00000408L,0x08000408L, +0x00020000L,0x08020000L,0x00020008L,0x08020008L, +0x00020400L,0x08020400L,0x00020408L,0x08020408L, +0x00000001L,0x08000001L,0x00000009L,0x08000009L, +0x00000401L,0x08000401L,0x00000409L,0x08000409L, +0x00020001L,0x08020001L,0x00020009L,0x08020009L, +0x00020401L,0x08020401L,0x00020409L,0x08020409L, +0x02000000L,0x0A000000L,0x02000008L,0x0A000008L, +0x02000400L,0x0A000400L,0x02000408L,0x0A000408L, +0x02020000L,0x0A020000L,0x02020008L,0x0A020008L, +0x02020400L,0x0A020400L,0x02020408L,0x0A020408L, +0x02000001L,0x0A000001L,0x02000009L,0x0A000009L, +0x02000401L,0x0A000401L,0x02000409L,0x0A000409L, +0x02020001L,0x0A020001L,0x02020009L,0x0A020009L, +0x02020401L,0x0A020401L,0x02020409L,0x0A020409L, +},{ +/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */ +0x00000000L,0x00000100L,0x00080000L,0x00080100L, +0x01000000L,0x01000100L,0x01080000L,0x01080100L, +0x00000010L,0x00000110L,0x00080010L,0x00080110L, +0x01000010L,0x01000110L,0x01080010L,0x01080110L, +0x00200000L,0x00200100L,0x00280000L,0x00280100L, +0x01200000L,0x01200100L,0x01280000L,0x01280100L, +0x00200010L,0x00200110L,0x00280010L,0x00280110L, +0x01200010L,0x01200110L,0x01280010L,0x01280110L, +0x00000200L,0x00000300L,0x00080200L,0x00080300L, +0x01000200L,0x01000300L,0x01080200L,0x01080300L, +0x00000210L,0x00000310L,0x00080210L,0x00080310L, +0x01000210L,0x01000310L,0x01080210L,0x01080310L, +0x00200200L,0x00200300L,0x00280200L,0x00280300L, +0x01200200L,0x01200300L,0x01280200L,0x01280300L, +0x00200210L,0x00200310L,0x00280210L,0x00280310L, +0x01200210L,0x01200310L,0x01280210L,0x01280310L, +},{ +/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */ +0x00000000L,0x04000000L,0x00040000L,0x04040000L, +0x00000002L,0x04000002L,0x00040002L,0x04040002L, +0x00002000L,0x04002000L,0x00042000L,0x04042000L, +0x00002002L,0x04002002L,0x00042002L,0x04042002L, +0x00000020L,0x04000020L,0x00040020L,0x04040020L, +0x00000022L,0x04000022L,0x00040022L,0x04040022L, +0x00002020L,0x04002020L,0x00042020L,0x04042020L, +0x00002022L,0x04002022L,0x00042022L,0x04042022L, +0x00000800L,0x04000800L,0x00040800L,0x04040800L, +0x00000802L,0x04000802L,0x00040802L,0x04040802L, +0x00002800L,0x04002800L,0x00042800L,0x04042800L, +0x00002802L,0x04002802L,0x00042802L,0x04042802L, +0x00000820L,0x04000820L,0x00040820L,0x04040820L, +0x00000822L,0x04000822L,0x00040822L,0x04040822L, +0x00002820L,0x04002820L,0x00042820L,0x04042820L, +0x00002822L,0x04002822L,0x00042822L,0x04042822L, +}}; diff --git a/secure/lib/libdes/speed.c b/secure/lib/libdes/speed.c new file mode 100644 index 0000000..ee517b1 --- /dev/null +++ b/secure/lib/libdes/speed.c @@ -0,0 +1,310 @@ +/* lib/des/speed.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ +/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ + +#ifndef MSDOS +#define TIMES +#endif + +#include <stdio.h> +#ifndef MSDOS +#include <unistd.h> +#else +#include <io.h> +#endif +#include <signal.h> +#ifndef VMS +#ifndef _IRIX +#include <time.h> +#endif +#ifdef TIMES +#include <sys/types.h> +#include <sys/times.h> +#endif +#else /* VMS */ +#include <types.h> +struct tms { + time_t tms_utime; + time_t tms_stime; + time_t tms_uchild; /* I dunno... */ + time_t tms_uchildsys; /* so these names are a guess :-) */ + } +#endif +#ifndef TIMES +#include <sys/timeb.h> +#endif + +#ifdef sun +#include <limits.h> +#include <sys/param.h> +#endif + +#include "des.h" + +/* The following if from times(3) man page. It may need to be changed */ +#ifndef HZ +#ifndef CLK_TCK +#ifndef VMS +#define HZ 100.0 +#else /* VMS */ +#define HZ 100.0 +#endif +#else /* CLK_TCK */ +#define HZ ((double)CLK_TCK) +#endif +#endif + +#define BUFSIZE ((long)1024*8) +long run=0; + +#ifndef NOPROTO +double Time_F(int s); +#else +double Time_F(); +#endif + +#ifdef SIGALRM +#if defined(__STDC__) || defined(sgi) +#define SIGRETTYPE void +#else +#define SIGRETTYPE int +#endif + +#ifndef NOPROTO +SIGRETTYPE sig_done(int sig); +#else +SIGRETTYPE sig_done(); +#endif + +SIGRETTYPE sig_done(sig) +int sig; + { + signal(SIGALRM,sig_done); + run=0; +#ifdef LINT + sig=sig; +#endif + } +#endif + +#define START 0 +#define STOP 1 + +double Time_F(s) +int s; + { + double ret; +#ifdef TIMES + static struct tms tstart,tend; + + if (s == START) + { + times(&tstart); + return(0); + } + else + { + times(&tend); + ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ; + return((ret == 0.0)?1e-6:ret); + } +#else /* !times() */ + static struct timeb tstart,tend; + long i; + + if (s == START) + { + ftime(&tstart); + return(0); + } + else + { + ftime(&tend); + i=(long)tend.millitm-(long)tstart.millitm; + ret=((double)(tend.time-tstart.time))+((double)i)/1000.0; + return((ret == 0.0)?1e-6:ret); + } +#endif + } + +int main(argc,argv) +int argc; +char **argv; + { + long count; + static unsigned char buf[BUFSIZE]; + static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; + static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; + static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; + des_key_schedule sch,sch2,sch3; + double a,b,c,d,e; +#ifndef SIGALARM + long ca,cb,cc,cd,ce; +#endif + +#ifndef TIMES + printf("To get the most acurate results, try to run this\n"); + printf("program when this computer is idle.\n"); +#endif + + des_set_key((C_Block *)key2,sch2); + des_set_key((C_Block *)key3,sch3); + +#ifndef SIGALRM + printf("First we calculate the aproximate speed ...\n"); + des_set_key((C_Block *)key,sch); + count=10; + do { + long i; + + count*=2; + Time_F(START); + for (i=count; i; i--) + des_ecb_encrypt((C_Block *)buf,(C_Block *)buf, + &(sch[0]),DES_ENCRYPT); + d=Time_F(STOP); + } while (d < 3.0); + ca=count; + cb=count*3; + cc=count*3*8/BUFSIZE+1; + cd=count*8/BUFSIZE+1; + ce=count/20+1; + printf("Doing set_key %ld times\n",ca); +#define COND(d) (count != (d)) +#define COUNT(d) (d) +#else +#define COND(c) (run) +#define COUNT(d) (count) + signal(SIGALRM,sig_done); + printf("Doing set_key for 10 seconds\n"); + alarm(10); +#endif + + Time_F(START); + for (count=0,run=1; COND(ca); count++) + des_set_key((C_Block *)key,sch); + d=Time_F(STOP); + printf("%ld set_key's in %.2f seconds\n",count,d); + a=((double)COUNT(ca))/d; + +#ifdef SIGALRM + printf("Doing des_ecb_encrypt's for 10 seconds\n"); + alarm(10); +#else + printf("Doing des_ecb_encrypt %ld times\n",cb); +#endif + Time_F(START); + for (count=0,run=1; COND(cb); count++) + des_ecb_encrypt((C_Block *)buf,(C_Block *)buf, + &(sch[0]),DES_ENCRYPT); + d=Time_F(STOP); + printf("%ld des_ecb_encrypt's in %.2f second\n",count,d); + b=((double)COUNT(cb)*8)/d; + +#ifdef SIGALRM + printf("Doing des_cbc_encrypt on %ld byte blocks for 10 seconds\n", + BUFSIZE); + alarm(10); +#else + printf("Doing des_cbc_encrypt %ld times on %ld byte blocks\n",cc, + BUFSIZE); +#endif + Time_F(START); + for (count=0,run=1; COND(cc); count++) + des_cbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE,&(sch[0]), + (C_Block *)&(key[0]),DES_ENCRYPT); + d=Time_F(STOP); + printf("%ld des_cbc_encrypt's of %ld byte blocks in %.2f second\n", + count,BUFSIZE,d); + c=((double)COUNT(cc)*BUFSIZE)/d; + +#ifdef SIGALRM + printf("Doing des_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n", + BUFSIZE); + alarm(10); +#else + printf("Doing des_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd, + BUFSIZE); +#endif + Time_F(START); + for (count=0,run=1; COND(cd); count++) + des_ede3_cbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE, + &(sch[0]), + &(sch2[0]), + &(sch3[0]), + (C_Block *)&(key[0]), + DES_ENCRYPT); + d=Time_F(STOP); + printf("%ld des_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n", + count,BUFSIZE,d); + d=((double)COUNT(cd)*BUFSIZE)/d; + +#ifdef SIGALRM + printf("Doing crypt for 10 seconds\n"); + alarm(10); +#else + printf("Doing crypt %ld times\n",ce); +#endif + Time_F(START); + for (count=0,run=1; COND(ce); count++) + crypt("testing1","ef"); + e=Time_F(STOP); + printf("%ld crypts in %.2f second\n",count,e); + e=((double)COUNT(ce))/e; + + printf("set_key per sec = %12.2f (%5.1fuS)\n",a,1.0e6/a); + printf("DES ecb bytes per sec = %12.2f (%5.1fuS)\n",b,8.0e6/b); + printf("DES cbc bytes per sec = %12.2f (%5.1fuS)\n",c,8.0e6/c); + printf("DES ede cbc bytes per sec = %12.2f (%5.1fuS)\n",d,8.0e6/d); + printf("crypt per sec = %12.2f (%5.1fuS)\n",e,1.0e6/e); + exit(0); +#ifdef LINT + return(0); +#endif + } diff --git a/secure/lib/libdes/spr.h b/secure/lib/libdes/spr.h new file mode 100644 index 0000000..d9b81ce --- /dev/null +++ b/secure/lib/libdes/spr.h @@ -0,0 +1,193 @@ +/* lib/des/spr.h */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +static const unsigned long des_SPtrans[8][64]={ +{ +/* nibble 0 */ +0x00820200L, 0x00020000L, 0x80800000L, 0x80820200L, +0x00800000L, 0x80020200L, 0x80020000L, 0x80800000L, +0x80020200L, 0x00820200L, 0x00820000L, 0x80000200L, +0x80800200L, 0x00800000L, 0x00000000L, 0x80020000L, +0x00020000L, 0x80000000L, 0x00800200L, 0x00020200L, +0x80820200L, 0x00820000L, 0x80000200L, 0x00800200L, +0x80000000L, 0x00000200L, 0x00020200L, 0x80820000L, +0x00000200L, 0x80800200L, 0x80820000L, 0x00000000L, +0x00000000L, 0x80820200L, 0x00800200L, 0x80020000L, +0x00820200L, 0x00020000L, 0x80000200L, 0x00800200L, +0x80820000L, 0x00000200L, 0x00020200L, 0x80800000L, +0x80020200L, 0x80000000L, 0x80800000L, 0x00820000L, +0x80820200L, 0x00020200L, 0x00820000L, 0x80800200L, +0x00800000L, 0x80000200L, 0x80020000L, 0x00000000L, +0x00020000L, 0x00800000L, 0x80800200L, 0x00820200L, +0x80000000L, 0x80820000L, 0x00000200L, 0x80020200L, +},{ +/* nibble 1 */ +0x10042004L, 0x00000000L, 0x00042000L, 0x10040000L, +0x10000004L, 0x00002004L, 0x10002000L, 0x00042000L, +0x00002000L, 0x10040004L, 0x00000004L, 0x10002000L, +0x00040004L, 0x10042000L, 0x10040000L, 0x00000004L, +0x00040000L, 0x10002004L, 0x10040004L, 0x00002000L, +0x00042004L, 0x10000000L, 0x00000000L, 0x00040004L, +0x10002004L, 0x00042004L, 0x10042000L, 0x10000004L, +0x10000000L, 0x00040000L, 0x00002004L, 0x10042004L, +0x00040004L, 0x10042000L, 0x10002000L, 0x00042004L, +0x10042004L, 0x00040004L, 0x10000004L, 0x00000000L, +0x10000000L, 0x00002004L, 0x00040000L, 0x10040004L, +0x00002000L, 0x10000000L, 0x00042004L, 0x10002004L, +0x10042000L, 0x00002000L, 0x00000000L, 0x10000004L, +0x00000004L, 0x10042004L, 0x00042000L, 0x10040000L, +0x10040004L, 0x00040000L, 0x00002004L, 0x10002000L, +0x10002004L, 0x00000004L, 0x10040000L, 0x00042000L, +},{ +/* nibble 2 */ +0x41000000L, 0x01010040L, 0x00000040L, 0x41000040L, +0x40010000L, 0x01000000L, 0x41000040L, 0x00010040L, +0x01000040L, 0x00010000L, 0x01010000L, 0x40000000L, +0x41010040L, 0x40000040L, 0x40000000L, 0x41010000L, +0x00000000L, 0x40010000L, 0x01010040L, 0x00000040L, +0x40000040L, 0x41010040L, 0x00010000L, 0x41000000L, +0x41010000L, 0x01000040L, 0x40010040L, 0x01010000L, +0x00010040L, 0x00000000L, 0x01000000L, 0x40010040L, +0x01010040L, 0x00000040L, 0x40000000L, 0x00010000L, +0x40000040L, 0x40010000L, 0x01010000L, 0x41000040L, +0x00000000L, 0x01010040L, 0x00010040L, 0x41010000L, +0x40010000L, 0x01000000L, 0x41010040L, 0x40000000L, +0x40010040L, 0x41000000L, 0x01000000L, 0x41010040L, +0x00010000L, 0x01000040L, 0x41000040L, 0x00010040L, +0x01000040L, 0x00000000L, 0x41010000L, 0x40000040L, +0x41000000L, 0x40010040L, 0x00000040L, 0x01010000L, +},{ +/* nibble 3 */ +0x00100402L, 0x04000400L, 0x00000002L, 0x04100402L, +0x00000000L, 0x04100000L, 0x04000402L, 0x00100002L, +0x04100400L, 0x04000002L, 0x04000000L, 0x00000402L, +0x04000002L, 0x00100402L, 0x00100000L, 0x04000000L, +0x04100002L, 0x00100400L, 0x00000400L, 0x00000002L, +0x00100400L, 0x04000402L, 0x04100000L, 0x00000400L, +0x00000402L, 0x00000000L, 0x00100002L, 0x04100400L, +0x04000400L, 0x04100002L, 0x04100402L, 0x00100000L, +0x04100002L, 0x00000402L, 0x00100000L, 0x04000002L, +0x00100400L, 0x04000400L, 0x00000002L, 0x04100000L, +0x04000402L, 0x00000000L, 0x00000400L, 0x00100002L, +0x00000000L, 0x04100002L, 0x04100400L, 0x00000400L, +0x04000000L, 0x04100402L, 0x00100402L, 0x00100000L, +0x04100402L, 0x00000002L, 0x04000400L, 0x00100402L, +0x00100002L, 0x00100400L, 0x04100000L, 0x04000402L, +0x00000402L, 0x04000000L, 0x04000002L, 0x04100400L, +},{ +/* nibble 4 */ +0x02000000L, 0x00004000L, 0x00000100L, 0x02004108L, +0x02004008L, 0x02000100L, 0x00004108L, 0x02004000L, +0x00004000L, 0x00000008L, 0x02000008L, 0x00004100L, +0x02000108L, 0x02004008L, 0x02004100L, 0x00000000L, +0x00004100L, 0x02000000L, 0x00004008L, 0x00000108L, +0x02000100L, 0x00004108L, 0x00000000L, 0x02000008L, +0x00000008L, 0x02000108L, 0x02004108L, 0x00004008L, +0x02004000L, 0x00000100L, 0x00000108L, 0x02004100L, +0x02004100L, 0x02000108L, 0x00004008L, 0x02004000L, +0x00004000L, 0x00000008L, 0x02000008L, 0x02000100L, +0x02000000L, 0x00004100L, 0x02004108L, 0x00000000L, +0x00004108L, 0x02000000L, 0x00000100L, 0x00004008L, +0x02000108L, 0x00000100L, 0x00000000L, 0x02004108L, +0x02004008L, 0x02004100L, 0x00000108L, 0x00004000L, +0x00004100L, 0x02004008L, 0x02000100L, 0x00000108L, +0x00000008L, 0x00004108L, 0x02004000L, 0x02000008L, +},{ +/* nibble 5 */ +0x20000010L, 0x00080010L, 0x00000000L, 0x20080800L, +0x00080010L, 0x00000800L, 0x20000810L, 0x00080000L, +0x00000810L, 0x20080810L, 0x00080800L, 0x20000000L, +0x20000800L, 0x20000010L, 0x20080000L, 0x00080810L, +0x00080000L, 0x20000810L, 0x20080010L, 0x00000000L, +0x00000800L, 0x00000010L, 0x20080800L, 0x20080010L, +0x20080810L, 0x20080000L, 0x20000000L, 0x00000810L, +0x00000010L, 0x00080800L, 0x00080810L, 0x20000800L, +0x00000810L, 0x20000000L, 0x20000800L, 0x00080810L, +0x20080800L, 0x00080010L, 0x00000000L, 0x20000800L, +0x20000000L, 0x00000800L, 0x20080010L, 0x00080000L, +0x00080010L, 0x20080810L, 0x00080800L, 0x00000010L, +0x20080810L, 0x00080800L, 0x00080000L, 0x20000810L, +0x20000010L, 0x20080000L, 0x00080810L, 0x00000000L, +0x00000800L, 0x20000010L, 0x20000810L, 0x20080800L, +0x20080000L, 0x00000810L, 0x00000010L, 0x20080010L, +},{ +/* nibble 6 */ +0x00001000L, 0x00000080L, 0x00400080L, 0x00400001L, +0x00401081L, 0x00001001L, 0x00001080L, 0x00000000L, +0x00400000L, 0x00400081L, 0x00000081L, 0x00401000L, +0x00000001L, 0x00401080L, 0x00401000L, 0x00000081L, +0x00400081L, 0x00001000L, 0x00001001L, 0x00401081L, +0x00000000L, 0x00400080L, 0x00400001L, 0x00001080L, +0x00401001L, 0x00001081L, 0x00401080L, 0x00000001L, +0x00001081L, 0x00401001L, 0x00000080L, 0x00400000L, +0x00001081L, 0x00401000L, 0x00401001L, 0x00000081L, +0x00001000L, 0x00000080L, 0x00400000L, 0x00401001L, +0x00400081L, 0x00001081L, 0x00001080L, 0x00000000L, +0x00000080L, 0x00400001L, 0x00000001L, 0x00400080L, +0x00000000L, 0x00400081L, 0x00400080L, 0x00001080L, +0x00000081L, 0x00001000L, 0x00401081L, 0x00400000L, +0x00401080L, 0x00000001L, 0x00001001L, 0x00401081L, +0x00400001L, 0x00401080L, 0x00401000L, 0x00001001L, +},{ +/* nibble 7 */ +0x08200020L, 0x08208000L, 0x00008020L, 0x00000000L, +0x08008000L, 0x00200020L, 0x08200000L, 0x08208020L, +0x00000020L, 0x08000000L, 0x00208000L, 0x00008020L, +0x00208020L, 0x08008020L, 0x08000020L, 0x08200000L, +0x00008000L, 0x00208020L, 0x00200020L, 0x08008000L, +0x08208020L, 0x08000020L, 0x00000000L, 0x00208000L, +0x08000000L, 0x00200000L, 0x08008020L, 0x08200020L, +0x00200000L, 0x00008000L, 0x08208000L, 0x00000020L, +0x00200000L, 0x00008000L, 0x08000020L, 0x08208020L, +0x00008020L, 0x08000000L, 0x00000000L, 0x00208000L, +0x08200020L, 0x08008020L, 0x08008000L, 0x00200020L, +0x08208000L, 0x00000020L, 0x00200020L, 0x08008000L, +0x08208020L, 0x00200000L, 0x08200000L, 0x08000020L, +0x00208000L, 0x00008020L, 0x08008020L, 0x08200000L, +0x00000020L, 0x08208000L, 0x00208020L, 0x00000000L, +0x08000000L, 0x08200020L, 0x00008000L, 0x00208020L, +}}; diff --git a/secure/lib/libdes/str2key.c b/secure/lib/libdes/str2key.c new file mode 100644 index 0000000..278ba0f --- /dev/null +++ b/secure/lib/libdes/str2key.c @@ -0,0 +1,160 @@ +/* lib/des/str2key.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" + +extern int des_check_key; + +void des_string_to_key(str, key) +char *str; +des_cblock (*key); + { + des_key_schedule ks; + int i,length; + register unsigned char j; + + memset(key,0,8); + length=strlen(str); +#ifdef OLD_STR_TO_KEY + for (i=0; i<length; i++) + (*key)[i%8]^=(str[i]<<1); +#else /* MIT COMPATIBLE */ + for (i=0; i<length; i++) + { + j=str[i]; + if ((i%16) < 8) + (*key)[i%8]^=(j<<1); + else + { + /* Reverse the bit order 05/05/92 eay */ + j=((j<<4)&0xf0)|((j>>4)&0x0f); + j=((j<<2)&0xcc)|((j>>2)&0x33); + j=((j<<1)&0xaa)|((j>>1)&0x55); + (*key)[7-(i%8)]^=j; + } + } +#endif + des_set_odd_parity((des_cblock *)key); + i=des_check_key; + des_check_key=0; + des_set_key((des_cblock *)key,ks); + des_check_key=i; + des_cbc_cksum((des_cblock *)str,(des_cblock *)key,(long)length,ks, + (des_cblock *)key); + memset(ks,0,sizeof(ks)); + des_set_odd_parity((des_cblock *)key); + } + +void des_string_to_2keys(str, key1, key2) +char *str; +des_cblock (*key1); +des_cblock (*key2); + { + des_key_schedule ks; + int i,length; + register unsigned char j; + + memset(key1,0,8); + memset(key2,0,8); + length=strlen(str); +#ifdef OLD_STR_TO_KEY + if (length <= 8) + { + for (i=0; i<length; i++) + { + (*key2)[i]=(*key1)[i]=(str[i]<<1); + } + } + else + { + for (i=0; i<length; i++) + { + if ((i/8)&1) + (*key2)[i%8]^=(str[i]<<1); + else + (*key1)[i%8]^=(str[i]<<1); + } + } +#else /* MIT COMPATIBLE */ + for (i=0; i<length; i++) + { + j=str[i]; + if ((i%32) < 16) + { + if ((i%16) < 8) + (*key1)[i%8]^=(j<<1); + else + (*key2)[i%8]^=(j<<1); + } + else + { + j=((j<<4)&0xf0)|((j>>4)&0x0f); + j=((j<<2)&0xcc)|((j>>2)&0x33); + j=((j<<1)&0xaa)|((j>>1)&0x55); + if ((i%16) < 8) + (*key1)[7-(i%8)]^=j; + else + (*key2)[7-(i%8)]^=j; + } + } + if (length <= 8) memcpy(key2,key1,8); +#endif + des_set_odd_parity((des_cblock *)key1); + des_set_odd_parity((des_cblock *)key2); + i=des_check_key; + des_check_key=0; + des_set_key((des_cblock *)key1,ks); + des_cbc_cksum((des_cblock *)str,(des_cblock *)key1,(long)length,ks, + (des_cblock *)key1); + des_set_key((des_cblock *)key2,ks); + des_cbc_cksum((des_cblock *)str,(des_cblock *)key2,(long)length,ks, + (des_cblock *)key2); + des_check_key=i; + memset(ks,0,sizeof(ks)); + des_set_odd_parity(key1); + des_set_odd_parity(key2); + } diff --git a/secure/lib/libdes/supp.c b/secure/lib/libdes/supp.c new file mode 100644 index 0000000..8cd9289 --- /dev/null +++ b/secure/lib/libdes/supp.c @@ -0,0 +1,98 @@ +/* lib/des/supp.c */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* + * Copyright (c) 1995 + * Mark Murray. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Mark Murray + * 4. Neither the name of the author nor the names of any co-contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $Id$ + */ + +#include <stdio.h> +#include "des_locl.h" + +void des_cblock_print_file(cb, fp) + des_cblock *cb; + FILE *fp; +{ + int i; + unsigned int *p = (unsigned int *)cb; + + fprintf(fp, " 0x { "); + for (i = 0; i < 8; i++) { + fprintf(fp, "%x", p[i]); + if (i != 7) fprintf(fp, ", "); + } + fprintf(fp, " }"); +} diff --git a/secure/lib/libdes/t/perl b/secure/lib/libdes/t/perl new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/secure/lib/libdes/t/perl diff --git a/secure/lib/libdes/t/test b/secure/lib/libdes/t/test new file mode 100644 index 0000000..97acd05 --- /dev/null +++ b/secure/lib/libdes/t/test @@ -0,0 +1,27 @@ +#!./perl + +BEGIN { push(@INC, qw(../../../lib ../../lib ../lib lib)); } + +use DES; + +$key='00000000'; +$ks=DES::set_key($key); +@a=split(//,$ks); +foreach (@a) { printf "%02x-",ord($_); } +print "\n"; + + +$key=DES::random_key(); +print "($_)\n"; +@a=split(//,$key); +foreach (@a) { printf "%02x-",ord($_); } +print "\n"; +$str="this is and again into the breach"; +($k1,$k2)=DES::string_to_2keys($str); +@a=split(//,$k1); +foreach (@a) { printf "%02x-",ord($_); } +print "\n"; +@a=split(//,$k2); +foreach (@a) { printf "%02x-",ord($_); } +print "\n"; + diff --git a/secure/lib/libdes/testdes.pl b/secure/lib/libdes/testdes.pl new file mode 100755 index 0000000..01a165a --- /dev/null +++ b/secure/lib/libdes/testdes.pl @@ -0,0 +1,167 @@ +#!/usr/local/bin/perl + +# des.pl tesing code + +require 'des.pl'; + +$num_tests=34; +@key_data=( + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, + 0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11, + 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF, + 0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10, + 0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57, + 0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E, + 0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86, + 0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E, + 0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6, + 0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE, + 0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6, + 0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE, + 0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16, + 0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F, + 0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46, + 0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E, + 0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76, + 0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07, + 0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F, + 0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7, + 0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF, + 0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6, + 0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E, + 0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, + 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF, + 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10, + ); + +@plain_data=( + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, + 0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01, + 0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11, + 0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11, + 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF, + 0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42, + 0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA, + 0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72, + 0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A, + 0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2, + 0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A, + 0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2, + 0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A, + 0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02, + 0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A, + 0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32, + 0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA, + 0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62, + 0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2, + 0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA, + 0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92, + 0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A, + 0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2, + 0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A, + 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF, + 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF, + 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF, + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF); + +@cipher_data=( + 0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7, + 0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58, + 0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B, + 0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33, + 0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D, + 0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD, + 0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7, + 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4, + 0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B, + 0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71, + 0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A, + 0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A, + 0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95, + 0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B, + 0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09, + 0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A, + 0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F, + 0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88, + 0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77, + 0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A, + 0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56, + 0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56, + 0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56, + 0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC, + 0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A, + 0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41, + 0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93, + 0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00, + 0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06, + 0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7, + 0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51, + 0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE, + 0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D, + 0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2); + +print "Doing ecb tests\n"; +for ($i=0; $i<$num_tests; $i++) + { + printf "Doing test $i\n"; + $key =pack("C8",splice(@key_data ,0,8)); + $data=pack("C8",splice(@plain_data ,0,8)); + $res =pack("C8",splice(@cipher_data,0,8)); + + @ks= &des_set_key($key); + $out1= &des_ecb_encrypt(*ks,1,$data); + $out2= &des_ecb_encrypt(*ks,0,$out1); + $out3= &des_ecb_encrypt(*ks,0,$res); + &eprint("encryption failure",$res,$out1) + if ($out1 ne $res); + &eprint("encryption/decryption failure",$data,$out2) + if ($out2 ne $data); + &eprint("decryption failure",$data,$out3) + if ($data ne $out3); + } +print "Done\n"; + +print "doing speed test over 30 seconds\n"; +$SIG{'ALRM'}='done'; +sub done {$done=1;} +$done=0; + +$count=0; +$d=pack("C8",0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef); +@ks= &des_set_key($d); +alarm(30); +$start=(times)[0]; +while (!$done) + { + $count++; + $d=&des_ecb_encrypt(*ks,1,$d); + } +$end=(times)[0]; +$t=$end-$start; +printf "$count DESs in %.2f seconds is %.2f DESs/sec or %.2f bytes/sec\n", + 1.0*$t,1.0*$count/$t,$count*8.0/$t; + +sub eprint + { + local($s,$c,$e)=@_; + local(@k); + + @k=unpack("C8",$c); + printf "%02x%02x%02x%02x %02x%02x%02x%02x - ",unpack("C8",$c); + printf "%02x%02x%02x%02x %02x%02x%02x%02x :",unpack("C8",$e); + print " $s\n"; + } diff --git a/secure/lib/libdes/times b/secure/lib/libdes/times new file mode 100644 index 0000000..86d10a0 --- /dev/null +++ b/secure/lib/libdes/times @@ -0,0 +1,173 @@ +SGI Challenge (MIPS R4400 200mhz) - gcc -O2 +set_key per sec = 114141.13 ( 8.8uS) +DES ecb bytes per sec = 1573472.84 ( 5.1uS) +DES cbc bytes per sec = 1580418.20 ( 5.1uS) +crypt per sec = 7137.84 (140.1uS) + +DEC Alpha DEC 4000/710 AXP OSF/1 v 3.0 - gcc -O2 2.6.1 +set_key per sec = 123138.49 ( 8.1uS) +DES ecb bytes per sec = 1407546.76 ( 5.7uS) +DES cbc bytes per sec = 1404103.21 ( 5.7uS) +crypt per sec = 7746.76 (129.1uS) + +DEC Alpha DEC 4000/710 AXP OSF/1 v 3.0 - cc -O4 'DEC Compiler Driver 3.11' +set_key per sec = 135160.83 ( 7.4uS) +DES ecb bytes per sec = 1267753.22 ( 6.3uS) +DES cbc bytes per sec = 1260564.90 ( 6.3uS) +crypt per sec = 6479.37 (154.3uS) + +SGI Challenge (MIPS R4400 200mhz) - cc -O2 +set_key per sec = 124000.10 ( 8.1uS) +DES ecb bytes per sec = 1338138.45 ( 6.0uS) +DES cbc bytes per sec = 1356515.84 ( 5.9uS) +crypt per sec = 6223.92 (160.7uS) + +SGI Indy (MIPS R4600 133mhz) -cc -O2 +set_key per sec = 88470.54 ( 11.3uS) +DES ecb bytes per sec = 1023040.33 ( 7.8uS) +DES cbc bytes per sec = 1033610.01 ( 7.7uS) +crypt per sec = 4641.51 (215.4uS) + +HP-UX 9000/887 cc +O3 +set_key per sec = 76824.30 ( 13.0uS) +DES ecb bytes per sec = 1048911.20 ( 7.6uS) +DES cbc bytes per sec = 1072332.80 ( 7.5uS) +crypt per sec = 4968.64 (201.3uS) + +IRIX 5.2 IP22 (R4000) cc -O2 (galilo) +set_key per sec = 60615.73 ( 16.5uS) +DES ecb bytes per sec = 584741.32 ( 13.7uS) +DES cbc bytes per sec = 584306.94 ( 13.7uS) +crypt per sec = 3049.33 (327.9uS) + +HP-UX 9000/867 cc -O +set_key per sec = 48600.00 ( 20.6uS) +DES ecb bytes per sec = 616235.14 ( 13.0uS) +DES cbc bytes per sec = 638669.44 ( 12.5uS) +crypt per sec = 3016.68 (331.5uS) + +HP-UX 9000/867 gcc -O2 +set_key per sec = 52120.50 ( 19.2uS) +DES ecb bytes per sec = 715156.55 ( 11.2uS) +DES cbc bytes per sec = 724424.28 ( 11.0uS) +crypt per sec = 3295.87 (303.4uS) + +DGUX AViiON mc88110 gcc -O2 +set_key per sec = 55604.91 ( 18.0uS) +DES ecb bytes per sec = 658513.25 ( 12.1uS) +DES cbc bytes per sec = 675552.71 ( 11.8uS) +crypt per sec = 3438.10 (290.9uS) + +Sparc 10 cc -O2 (orb) +set_key per sec = 53002.30 ( 18.9uS) +DES ecb bytes per sec = 705250.40 ( 11.3uS) +DES cbc bytes per sec = 714342.40 ( 11.2uS) +crypt per sec = 2943.99 (339.7uS) + +Sparc 10 gcc -O2 (orb) +set_key per sec = 58681.21 ( 17.0uS) +DES ecb bytes per sec = 772390.20 ( 10.4uS) +DES cbc bytes per sec = 774144.00 ( 10.3uS) +crypt per sec = 3606.90 (277.2uS) + +DEC Alpha DEC 4000/610 AXP OSF/1 v 1.3 - gcc v 2.3.3 +set_key per sec = 101840.19 ( 9.8uS) +DES ecb bytes per sec = 1223712.35 ( 6.5uS) +DES cbc bytes per sec = 1230542.98 ( 6.5uS) +crypt per sec = 6428.75 (155.6uS) + +DEC Alpha DEC 4000/610 APX OSF/1 v 1.3 - cc -O2 - OSF/1 AXP +set_key per sec = 114198.91 ( 8.8uS) +DES ecb bytes per sec = 1022710.93 ( 7.8uS) +DES cbc bytes per sec = 1008821.93 ( 7.9uS) +crypt per sec = 5454.13 (183.3uS) + +DEC Alpha - DEC 3000/500 AXP OSF/1 - cc -O2 - 02/12/92 +set_key per sec = 83587.04 ( 12.0uS) +DES ecb bytes per sec = 822620.82 ( 9.7uS) +DES cbc bytes per sec = 832929.60 ( 9.6uS) +crypt per sec = 4807.62 (208.0uS) + +sun sparc 10/30 - gcc -O2 +set_key per sec = 42005.24 ( 23.8uS) +DES ecb bytes per sec = 555949.47 ( 14.4uS) +DES cbc bytes per sec = 549440.28 ( 14.6uS) +crypt per sec = 2580.25 (387.6uS) + +PA-RISC 1.1 HP 710 +set_key per sec = 38916.86 +DES ecb bytes per sec = 505971.82 +DES cbc bytes per sec = 515381.13 +crypt per sec = 2438.24 + +iris (spike) cc -O2 +set_key per sec = 23128.83 ( 43.2uS) +DES ecb bytes per sec = 261577.94 ( 30.6uS) +DES cbc bytes per sec = 261746.41 ( 30.6uS) +crypt per sec = 1231.76 (811.8uS) + +sun sparc 10/30 - cc -O4 +set_key per sec = 38379.86 ( 26.1uS) +DES ecb bytes per sec = 460051.34 ( 17.4uS) +DES cbc bytes per sec = 464970.54 ( 17.2uS) +crypt per sec = 2092.64 (477.9uS) + +sun sparc 2 - gcc2 -O2 +set_key per sec = 21559.10 +DES ecb bytes per sec = 305566.92 +DES cbc bytes per sec = 303497.50 +crypt per sec = 1410.48 + +RS/6000 model 320 +set_key per sec = 14371.93 +DES ecb bytes per sec = 222231.26 +DES cbc bytes per sec = 223926.79 +crypt per sec = 981.20 + +80486dx/66MHz Solaris 2.1 - gcc -O2 (gcc 2.6.3) +set_key per sec = 26814.15 ( 37.3uS) +DES ecb bytes per sec = 345029.95 ( 23.2uS) +DES cbc bytes per sec = 344064.00 ( 23.3uS) +crypt per sec = 1551.97 (644.3uS) + +80486dx/50MHz Solaris 2.1 - gcc -O2 (gcc 2.5.2) +set_key per sec = 18558.29 ( 53.9uS) +DES ecb bytes per sec = 240873.90 ( 33.2uS) +DES cbc bytes per sec = 239993.37 ( 33.3uS) +crypt per sec = 1073.67 (931.4uS) + +80486dx/50MHz Solaris 2.1 - cc -xO4 (cc: PC2.0.1 30 April 1993) +set_key per sec = 18302.79 ( 54.6uS) +DES ecb bytes per sec = 242640.29 ( 33.0uS) +DES cbc bytes per sec = 239568.89 ( 33.4uS) +crypt per sec = 1057.92 (945.2uS) + +68030 HP400 +set_key per sec = 5251.28 +DES ecb bytes per sec = 56186.56 +DES cbc bytes per sec = 58681.53 +crypt per sec = 276.15 + +80486sx/33MHz MSDOS Turbo C v 2.0 +set_key per sec = 1883.22 (531.0uS) +DES ecb bytes per sec = 63393.31 (126.2uS) +DES cbc bytes per sec = 63416.83 (126.1uS) +crypt per sec = 158.71 (6300.6uS) + +80486sx/33MHz MSDOS djgpp gcc 1.39 (32bit compiler) +set_key per sec = 12603.08 (79.3) +DES ecb bytes per sec = 158875.15 (50.4) +DES cbc bytes per sec = 159893.85 (50.0) +crypt per sec = 780.24 (1281.7) + +Version 1.99 26/08/92 +8MHz 68000 Atari-ST gcc 2.1 -O2 MiNT 0.94 +set_key per sec = 325.68 (3070.5uS) +DES ecb bytes per sec = 4173.67 (1916.8uS) +DES cbc bytes per sec = 4249.89 (1882.4uS) +crypt per sec = 20.19 (49521.6uS) + +8088/4.77mh MSDOS Turbo C v 2.0 +set_key per sec = 35.09 +DES ecb bytes per sec = 563.63 +crypt per sec = 2.69 diff --git a/secure/lib/libdes/typemap b/secure/lib/libdes/typemap new file mode 100644 index 0000000..a524f53 --- /dev/null +++ b/secure/lib/libdes/typemap @@ -0,0 +1,34 @@ +# +# DES SECTION +# +deschar * T_DESCHARP +des_cblock * T_CBLOCK +des_cblock T_CBLOCK +des_key_schedule T_SCHEDULE +des_key_schedule * T_SCHEDULE + +INPUT +T_CBLOCK + $var=(des_cblock *)SvPV($arg,len); + if (len < DES_KEY_SZ) + { + croak(\"$var needs to be at least %u bytes long\",DES_KEY_SZ); + } + +T_SCHEDULE + $var=(des_key_schedule *)SvPV($arg,len); + if (len < DES_SCHEDULE_SZ) + { + croak(\"$var needs to be at least %u bytes long\", + DES_SCHEDULE_SZ); + } + +OUTPUT +T_CBLOCK + sv_setpvn($arg,(char *)$var,DES_KEY_SZ); + +T_SCHEDULE + sv_setpvn($arg,(char *)$var,DES_SCHEDULE_SZ); + +T_DESCHARP + sv_setpvn($arg,(char *)$var,len); diff --git a/secure/lib/libdes/version.h b/secure/lib/libdes/version.h new file mode 100644 index 0000000..aee1190 --- /dev/null +++ b/secure/lib/libdes/version.h @@ -0,0 +1,48 @@ +/* lib/des/version.h */ +/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) + * All rights reserved. + * + * This file is part of an SSL implementation written + * by Eric Young (eay@mincom.oz.au). + * The implementation was written so as to conform with Netscapes SSL + * specification. This library and applications are + * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE + * as long as the following conditions are aheared to. + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. If this code is used in a product, + * Eric Young should be given attribution as the author of the parts used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Eric Young (eay@mincom.oz.au) + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +extern char *DES_version; diff --git a/secure/lib/libdes/vms.com b/secure/lib/libdes/vms.com new file mode 100644 index 0000000..885ea8e --- /dev/null +++ b/secure/lib/libdes/vms.com @@ -0,0 +1,90 @@ +$! --- VMS.com --- +$! +$ GoSub defines +$ GoSub linker_options +$ If (P1 .nes. "") +$ Then +$ GoSub 'P1' +$ Else +$ GoSub lib +$ GoSub destest +$ GoSub rpw +$ GoSub speed +$ GoSub des +$ EndIF +$! +$ Exit +$! +$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +$! +$DEFINES: +$ OPT_FILE := "VAX_LINKER_OPTIONS.OPT" +$! +$ CC_OPTS := "/NODebug/OPTimize/NOWarn" +$! +$ LINK_OPTS := "/NODebug/NOTraceback/Contiguous" +$! +$ OBJS = "cbc_cksm.obj,cbc_enc.obj,ecb_enc.obj,pcbc_enc.obj," + - + "qud_cksm.obj,rand_key.obj,read_pwd.obj,set_key.obj," + - + "str2key.obj,enc_read.obj,enc_writ.obj,fcrypt.obj," + - + "cfb_enc.obj,3ecb_enc.obj,ofb_enc.obj" + + +$! +$ LIBDES = "cbc_cksm.c,cbc_enc.c,ecb_enc.c,enc_read.c," + - + "enc_writ.c,pcbc_enc.c,qud_cksm.c,rand_key.c," + - + "read_pwd.c,set_key.c,str2key.c,fcrypt.c," + - + "cfb_enc.c,3ecb_enc.c,ofb_enc.c" +$ Return +$! +$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +$! +$LINKER_OPTIONS: +$ If (f$search(OPT_FILE) .eqs. "") +$ Then +$ Create 'OPT_FILE' +$DECK +! Default system options file to link against the sharable C runtime library +! +Sys$Share:VAXcRTL.exe/Share +$EOD +$ EndIF +$ Return +$! +$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +$! +$LIB: +$ CC 'CC_OPTS' 'LIBDES' +$ If (f$search("LIBDES.OLB") .nes. "") +$ Then Library /Object /Replace libdes 'OBJS' +$ Else Library /Create /Object libdes 'OBJS' +$ EndIF +$ Return +$! +$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +$! +$DESTEST: +$ CC 'CC_OPTS' destest +$ Link 'link_opts' /Exec=destest destest.obj,libdes/LIBRARY,'opt_file'/Option +$ Return +$! +$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +$! +$RPW: +$ CC 'CC_OPTS' rpw +$ Link 'link_opts' /Exec=rpw rpw.obj,libdes/LIBRARY,'opt_file'/Option +$ Return +$! +$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +$! +$SPEED: +$ CC 'CC_OPTS' speed +$ Link 'link_opts' /Exec=speed speed.obj,libdes/LIBRARY,'opt_file'/Option +$ Return +$! +$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +$! +$DES: +$ CC 'CC_OPTS' des +$ Link 'link_opts' /Exec=des des.obj,libdes/LIBRARY,'opt_file'/Option +$ Return |