From 8e51e9f1429efc498f923bce8b25b20f47d7c075 Mon Sep 17 00:00:00 2001 From: wollman Date: Tue, 21 Dec 1993 18:36:48 +0000 Subject: xntpd 3.3b from UDel --- usr.sbin/xntpd/authstuff/Makefile.tmpl | 92 ++++++++ usr.sbin/xntpd/authstuff/README | 13 ++ usr.sbin/xntpd/authstuff/auth.samplekeys | 45 ++++ usr.sbin/xntpd/authstuff/auth.speed | 20 ++ usr.sbin/xntpd/authstuff/authcert.c | 96 ++++++++ usr.sbin/xntpd/authstuff/authspeed.c | 315 +++++++++++++++++++++++++ usr.sbin/xntpd/authstuff/certdata | 34 +++ usr.sbin/xntpd/authstuff/keyparity.c | 279 ++++++++++++++++++++++ usr.sbin/xntpd/authstuff/makeIPFP.c | 345 +++++++++++++++++++++++++++ usr.sbin/xntpd/authstuff/makePC1.c | 286 +++++++++++++++++++++++ usr.sbin/xntpd/authstuff/makePC2.c | 238 +++++++++++++++++++ usr.sbin/xntpd/authstuff/makeSP.c | 183 +++++++++++++++ usr.sbin/xntpd/authstuff/md5_sample_output | 8 + usr.sbin/xntpd/authstuff/md5driver.c | 209 +++++++++++++++++ usr.sbin/xntpd/authstuff/mkrandkeys.c | 167 +++++++++++++ usr.sbin/xntpd/authstuff/omakeIPFP.c | 361 +++++++++++++++++++++++++++++ usr.sbin/xntpd/authstuff/results | 2 + usr.sbin/xntpd/authstuff/unixcert.c | 156 +++++++++++++ 18 files changed, 2849 insertions(+) create mode 100644 usr.sbin/xntpd/authstuff/Makefile.tmpl create mode 100644 usr.sbin/xntpd/authstuff/README create mode 100644 usr.sbin/xntpd/authstuff/auth.samplekeys create mode 100644 usr.sbin/xntpd/authstuff/auth.speed create mode 100644 usr.sbin/xntpd/authstuff/authcert.c create mode 100644 usr.sbin/xntpd/authstuff/authspeed.c create mode 100644 usr.sbin/xntpd/authstuff/certdata create mode 100644 usr.sbin/xntpd/authstuff/keyparity.c create mode 100644 usr.sbin/xntpd/authstuff/makeIPFP.c create mode 100644 usr.sbin/xntpd/authstuff/makePC1.c create mode 100644 usr.sbin/xntpd/authstuff/makePC2.c create mode 100644 usr.sbin/xntpd/authstuff/makeSP.c create mode 100644 usr.sbin/xntpd/authstuff/md5_sample_output create mode 100644 usr.sbin/xntpd/authstuff/md5driver.c create mode 100644 usr.sbin/xntpd/authstuff/mkrandkeys.c create mode 100644 usr.sbin/xntpd/authstuff/omakeIPFP.c create mode 100644 usr.sbin/xntpd/authstuff/results create mode 100644 usr.sbin/xntpd/authstuff/unixcert.c (limited to 'usr.sbin/xntpd/authstuff') diff --git a/usr.sbin/xntpd/authstuff/Makefile.tmpl b/usr.sbin/xntpd/authstuff/Makefile.tmpl new file mode 100644 index 0000000..e5f0310 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/Makefile.tmpl @@ -0,0 +1,92 @@ +# +# Makefile.tmpl,v 3.1 1993/07/06 01:04:48 jbj Exp +# +PROGRAM= authcert authspeed md5 +# +# authcert, authspeed - authentication utilities +# +COMPILER= cc +COPTS= -O +BINDIR= /usr/local +DEFS= +DEFS_OPT= +DEFS_LOCAL= +COMPAT= +RESLIB= +# +INCL= -I../include +CFLAGS= $(COPTS) $(DEFS) $(DEFS_LOCAL) $(INCL) +CC= $(COMPILER) +LIB= ../lib/libntp.a +MAKE= make +# +CRTOBJS= authcert.o +SPDOBJS= authspeed.o +PAROBJS= keyparity.o +IFPOBJS= makeIPFP.o +PC1OBJS= makePC1.o +PC2OBJS= makePC2.o +SPOBJS= makeSP.o +RNDOBJS= mkrandkeys.o +OIFOBJS= omakeIPFP.o +UNXOBJS= unixcert.o +MD5OBJS= md5driver.o + +SOURCE= authcert.c authspeed.c keyparity.c makeIPFP.c makePC1.c \ + makePC2.c makeSP.c mkrandkeys.c omakeIPFP.c unixcert.c md5driver.c + +all: $(PROGRAM) + +authcert: $(CRTOBJS) $(LIB) + $(CC) $(COPTS) -o $@ $(CRTOBJS) $(LIB) + +authspeed: $(SPDOBJS) $(LIB) + $(CC) $(COPTS) -o $@ $(SPDOBJS) $(LIB) $(COMPAT) $(RESLIB) + +keyparity: $(PAROBJS) $(LIB) + $(CC) $(COPTS) -o $@ $(PAROBJS) $(LIB) + +makeIPFP: $(IFPOBJS) + $(CC) $(COPTS) -o $@ $(IFPOBJS) + +makePC1: $(PC1OBJS) + $(CC) $(COPTS) -o $@ $(PC1OBJS) + +makePC2: $(PC2OBJS) + $(CC) $(COPTS) -o $@ $(PC2OBJS) + +makeSP: $(SPOBJS) + $(CC) $(COPTS) -o $@ $(SPOBJS) + +mkrandkeys: $(RNDOBJS) $(LIB) + $(CC) $(COPTS) -o $@ $(RNDOBJS) $(LIB) + +omakeIPFP: $(OIFBJS) + $(CC) $(COPTS) -o $@ $(OIFBJS) + +unixcert: $(UNXBJS) + $(CC) $(COPTS) -o $@ $(UNXBJS) + +md5: $(MD5OBJS) + $(CC) $(COPTS) -o $@ $(MD5OBJS) $(LIB) + +tags: + ctags *.c *.h + +install: + # Don't install any of this shit + +depend: + mkdep $(CFLAGS) $(SOURCE) + +clean: + -@rm -f $(PROGRAM) *.o *.out tags make.log Makefile.bak keyparity \ + makeIPFP makePC1 makePC2 makeSP mkrandkeys omakeIPFP unixcert \ + lint.errs md5cert + +distclean: clean + -@rm -f *.orig *.rej .version Makefile + +../lib/libntp.a: + cd ../lib && $(MAKE) $(MFLAGS) MFLAGS="$(MFLAGS)" + diff --git a/usr.sbin/xntpd/authstuff/README b/usr.sbin/xntpd/authstuff/README new file mode 100644 index 0000000..2985751 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/README @@ -0,0 +1,13 @@ +README file for directory ./authstuff of the NTP Version 3 distribution + +This directory contains the sources for miscellaneous programs to test, +validate and calibreate cryptographic routines used by NTP. These include + +authcert.c used to certify the DES and MD5 message digest algorithms + work properly. See the source for directions for use. + +authspeed.c used to determing the running time for DES and MD5 + messge digest algorithms. See the source for directions + for use. + +For other programs, see the source files. diff --git a/usr.sbin/xntpd/authstuff/auth.samplekeys b/usr.sbin/xntpd/authstuff/auth.samplekeys new file mode 100644 index 0000000..c46d283 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/auth.samplekeys @@ -0,0 +1,45 @@ +# auth.samplekeys,v 3.1 1993/07/06 01:04:49 jbj Exp +# +# Sample key file, also used for testing. +# +# Note that there are three formats for keys. Standard format is a +# hex format with the low order bit of each byte being a parity +# bit, a la the NBS standard. NTP format is also hex, but uses the +# high order bit of each byte for parity. Ascii format simply encodes +# a 1-8 character ascii string as a key. Note that because of the +# simple tokenizing routine, the characters ' ', '#', '\t', '\n' and +# '\0' can't be used in an ascii key. Everything else is fair game, though. +# + +1 S 0101010101010101 # odd parity 0 key +2 N 8080808080808080 # and again +3 A ugosnod +4 A BigbOObs +5 S f1f1f1f1f1f1f1f1 +6 N f8f8f8f8f8f8f8f8 # same as key 5 +7 S f8f8f8f8f8f8f8f8 # not same as key 6 +8 A a # short ascii keys are zero padded +9 A &^%$@!*( +10 S 01020407080bf1f1 +11 N 4040404040404040 +12 A more +13 A random +14 A keys +15 A password # 15 used as password by runtime configuration +# +16 M password # MD5 key +17 M secret +18 M key1 +19 M key2 +20 M foobar +21 M tick +22 M tock +23 M key23 +24 M key24 +25 M key25 +26 M a +27 M few +28 M more +29 M random +30 M md5 +31 M keys! diff --git a/usr.sbin/xntpd/authstuff/auth.speed b/usr.sbin/xntpd/authstuff/auth.speed new file mode 100644 index 0000000..b55f20c --- /dev/null +++ b/usr.sbin/xntpd/authstuff/auth.speed @@ -0,0 +1,20 @@ +Authentication delays (us) DES MD5 +DEC 3000/400 OSF/1 bunnylou 14 35 +HP9000/735 hpux9.0 na 30 +HP9000/730 hpux8.07(+OV) 16 55 +SGI Indigo R4000 19 48 +HP9000/720 hpux8.07 21 66 +SGI 4/35 38 110 +DECstation 5000/240 cowbird 39 81 +Sun4c/75 SS2 43 96 +Sun4c/50 IPX malarky 47 94 +DECstation 5000/33 sundeck 49 106 +SGI Indigo 54 115 +DECstation 5000/125 herald 63 136 +Sun4c/65 SS1+ pogo 72 159 +Sun4c/40 IPC grundoon 73 163 +Sun4c/60 SS1 albert 95 199 +Sun4c/20 SLC 95 203 +DECstation 3100 sheol 98 214 +DECstation 2100 circus 126 278 +VAX 780 985 ? diff --git a/usr.sbin/xntpd/authstuff/authcert.c b/usr.sbin/xntpd/authstuff/authcert.c new file mode 100644 index 0000000..6f6e42c --- /dev/null +++ b/usr.sbin/xntpd/authstuff/authcert.c @@ -0,0 +1,96 @@ +/* authcert.c,v 3.1 1993/07/06 01:04:52 jbj Exp + * This file, and the certdata file, shamelessly stolen + * from Phil Karn's DES implementation. + */ + +#include +#include +#include +#include + +#define DES +#include "ntp_stdlib.h" + +u_char ekeys[128]; +u_char dkeys[128]; + +static void get8 P((U_LONG *)); +static void put8 P((U_LONG *)); + +void +main() +{ + U_LONG key[2], plain[2], cipher[2], answer[2]; + int i; + int test; + int fail; + + for(test=0;!feof(stdin);test++){ + get8(key); + DESauth_subkeys(key, ekeys, dkeys); + printf(" K: "); put8(key); + + get8(plain); + printf(" P: "); put8(plain); + + get8(answer); + printf(" C: "); put8(answer); + + + for(i=0;i<2;i++) + cipher[i] = htonl(plain[i]); + DESauth_des(cipher, ekeys); + + for(i=0;i<2;i++) + if(ntohl(cipher[i]) != answer[i]) + break; + fail = 0; + if(i != 2){ + printf(" Encrypt FAIL"); + fail++; + } + DESauth_des(cipher, dkeys); + for(i=0;i<2;i++) + if(ntohl(cipher[i]) != plain[i]) + break; + if(i != 2){ + printf(" Decrypt FAIL"); + fail++; + } + if(fail == 0) + printf(" OK"); + printf("\n"); + } +} + +static void +get8(lp) +U_LONG *lp; +{ + int t; + U_LONG l[2]; + int i; + + l[0] = l[1] = 0L; + for(i=0;i<8;i++){ + scanf("%2x",&t); + if(feof(stdin)) + exit(0); + l[i/4] <<= 8; + l[i/4] |= (U_LONG)(t & 0xff); + } + *lp = l[0]; + *(lp+1) = l[1]; +} + +static void +put8(lp) +U_LONG *lp; +{ + int i; + + + for(i=0;i<2;i++){ + printf("%08x",*lp++); + } +} diff --git a/usr.sbin/xntpd/authstuff/authspeed.c b/usr.sbin/xntpd/authstuff/authspeed.c new file mode 100644 index 0000000..05af132 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/authspeed.c @@ -0,0 +1,315 @@ +/* authspeed.c,v 3.1 1993/07/06 01:04:54 jbj Exp + * authspeed - figure out how LONG it takes to do an NTP encryption + */ + +#if defined(SYS_HPUX) || defined(SYS_AUX3) || defined(SYS_AUX2) || defined(SOLARIS) || defined(SYS_SVR4) || defined(SYS_PTX) +#define FAKE_RUSAGE +#endif + +#include +#include +#include +#include +#ifdef FAKE_RUSAGE +#include +#include +#endif + +#include "ntp_fp.h" +#include "ntp_stdlib.h" + +#define STREQ(a, b) (*(a) == *(b) && strcmp((a), (b)) == 0) + +#define DEFLOOPS -1 + +#define DEFDELAYLOOPS 20000 +#define DEFCOSTLOOPS 2000 + +char *progname; +int debug; + +struct timeval tstart, tend; +#ifdef FAKE_RUSAGE +struct tms rstart, rend; +#define getrusage(foo, t) times(t) +#define RUSAGE_SELF 0 +#else +struct rusage rstart, rend; +#endif + +l_fp dummy1, dummy2; +U_LONG dummy3; + +U_LONG pkt[15]; + +int totalcost = 0; +double rtime; +double vtime; + +int domd5 = 0; + +static void dodelay P((int)); +static void docheap P((int)); +static void docost P((int)); +static void subtime P((struct timeval *, struct timeval *, double *)); + +/* + * main - parse arguments and handle options + */ +void +main(argc, argv) +int argc; +char *argv[]; +{ + int c; + int loops; + int i; + int errflg = 0; + extern int optind; + extern char *optarg; + + progname = argv[0]; + loops = DEFLOOPS; + while ((c = getopt_l(argc, argv, "cdmn:")) != EOF) + switch (c) { + case 'c': + totalcost++; + break; + case 'd': + ++debug; + break; + case 'm': + domd5 = 16; /* offset into list of keys */ + break; + case 'n': + loops = atoi(optarg); + if (loops <= 0) { + (void) fprintf(stderr, + "%s: %s is unlikely to be a useful number of loops\n", + progname, optarg); + errflg++; + } + break; + default: + errflg++; + break; + } + if (errflg || optind == argc) { + (void) fprintf(stderr, + "usage: %s [-d] [-n loops] [ -c ] auth.samplekeys\n", + progname); + exit(2); + } + printf("Compute timing for "); + if (domd5) + printf("MD5"); + else + printf("DES"); + printf(" based authentication.\n"); + + init_auth(); + authreadkeys(argv[optind]); + for (i = 0; i < 16; i++) { + if (!auth_havekey(i + domd5)) { + errflg++; + (void) fprintf(stderr, "%s: key %d missing\n", + progname, i + domd5); + } + } + + if (errflg) { + (void) fprintf(stderr, + "%s: check syslog for errors, or use file with complete set of keys\n", + progname); + exit(1); + } + + if (loops == DEFLOOPS) { + if (totalcost) + loops = DEFCOSTLOOPS; + else + loops = DEFDELAYLOOPS; + } + + dummy1.l_ui = 0x80808080; + dummy1.l_uf = 0xffffff00; + dummy3 = 0x0aaaaaaa; + + for (i = 0; i < 12; i++) + pkt[i] = i * 0x22222; + + if (totalcost) { + if (totalcost > 1) + docheap(loops); + else + docost(loops); + } else { + dodelay(loops); + } + + printf("total real time: %.3f\n", rtime); + printf("total CPU time: %.3f\n", vtime); + if (totalcost) { + printf("real cost (in seconds): %.6f\n", + rtime/(double)loops); + printf("CPU cost (in seconds): %.6f\n", + vtime/(double)loops); + printf("\nThis includes the cost of a decryption plus the\n"); + printf("the cost of an encryption, i.e. the cost to process\n"); + printf("a single authenticated packet.\n"); + } else { + printf("authdelay in the configuration file\n"); + printf("real authentication delay: %.6f\n", + rtime/(double)loops); + printf("authentication delay in CPU time: %.6f\n", + vtime/(double)loops); + printf("\nThe CPU delay is probably the best bet for\n"); + printf("authdelay in the configuration file\n"); + } + exit(0); +} + + +/* + * dodelay - do the delay measurement + */ +static void +dodelay(loops) + int loops; +{ + double vtime1, rtime1, vtime2, rtime2; + register int loopcount; + /* + * If we're attempting to compute the cost of an auth2crypt() + * for first compute the total cost, then compute the + * cost of only doing the first step, auth1crypt(). What + * remains is the cost of auth2crypt. + */ + loopcount = loops; + (void) gettimeofday(&tstart, (struct timezone *)0); + (void) getrusage(RUSAGE_SELF, &rstart); + + while (loopcount-- > 0) { + auth1crypt((loops & 0xf) + domd5, pkt, 48); + L_ADDUF(&dummy1, dummy3); + auth2crypt((loops & 0xf) + domd5, pkt, 48); + } + + (void) getrusage(RUSAGE_SELF, &rend); + (void) gettimeofday(&tend, (struct timezone *)0); + + subtime(&tstart, &tend, &rtime1); +#ifdef FAKE_RUSAGE + vtime1 = (rend.tms_utime - rstart.tms_utime) * 1.0 / HZ; +#else + subtime(&rstart.ru_utime, &rend.ru_utime, &vtime1); +#endif +printf("Time for full encryptions is %f rusage %f real\n", vtime1, rtime1); + loopcount = loops; + (void) gettimeofday(&tstart, (struct timezone *)0); + (void) getrusage(RUSAGE_SELF, &rstart); + + while (loopcount-- > 0) { + auth1crypt((loops & 0xf) + domd5, pkt, 48); + } + + (void) getrusage(RUSAGE_SELF, &rend); + (void) gettimeofday(&tend, (struct timezone *)0); + + subtime(&tstart, &tend, &rtime2); +#ifdef FAKE_RUSAGE + vtime2 = (rend.tms_utime - rstart.tms_utime) * 1.0 / HZ; +#else + subtime(&rstart.ru_utime, &rend.ru_utime, &vtime2); +#endif + +printf("Time for auth1crypt is %f rusage %f real\n", vtime2, rtime2); + vtime = vtime1 - vtime2; + rtime = rtime1 - rtime2; +} + + +/* + * docheap - do the cost measurement the cheap way + */ +static void +docheap(loops) + register int loops; +{ + + (void) authhavekey(3 + domd5); + + (void) gettimeofday(&tstart, (struct timezone *)0); + (void) getrusage(RUSAGE_SELF, &rstart); + + while (loops-- > 0) { + auth1crypt(3 + domd5, pkt, 48); + L_ADDUF(&dummy1, dummy3); + auth2crypt(3 + domd5, pkt, 48); + (void) authdecrypt(3 + domd5, pkt, 48); + } + + (void) getrusage(RUSAGE_SELF, &rend); + (void) gettimeofday(&tend, (struct timezone *)0); + + subtime(&tstart, &tend, &rtime); +#ifdef FAKE_RUSAGE + vtime = (rend.tms_utime - rstart.tms_utime) * 1.0 / HZ; +#else + subtime(&rstart.ru_utime, &rend.ru_utime, &vtime); +#endif +} + + +/* + * docost - do the cost measurement + */ +static void +docost(loops) + register int loops; +{ + + (void) gettimeofday(&tstart, (struct timezone *)0); + (void) getrusage(RUSAGE_SELF, &rstart); + + while (loops-- > 0) { + auth1crypt((loops & 0xf) + domd5, pkt, 48); + L_ADDUF(&dummy1, dummy3); + auth2crypt((loops & 0xf) + domd5, pkt, 48); + (void) authdecrypt(((loops+1) & 0xf) + domd5, pkt, 48); + } + + (void) getrusage(RUSAGE_SELF, &rend); + (void) gettimeofday(&tend, (struct timezone *)0); + + subtime(&tstart, &tend, &rtime); +#ifdef FAKE_RUSAGE + vtime = (rend.tms_utime - rstart.tms_utime) * 1.0 / HZ; +#else + subtime(&rstart.ru_utime, &rend.ru_utime, &vtime); +#endif +} + + +/* + * subtime - subtract two struct timevals, return double result + */ +static void +subtime(tvs, tve, res) + struct timeval *tvs, *tve; + double *res; +{ + LONG sec; + LONG usec; + + sec = tve->tv_sec - tvs->tv_sec; + usec = tve->tv_usec - tvs->tv_usec; + + if (usec < 0) { + usec += 1000000; + sec--; + } + + *res = (double)sec + (double)usec/1000000.; + return; +} diff --git a/usr.sbin/xntpd/authstuff/certdata b/usr.sbin/xntpd/authstuff/certdata new file mode 100644 index 0000000..f9a818e --- /dev/null +++ b/usr.sbin/xntpd/authstuff/certdata @@ -0,0 +1,34 @@ +0000000000000000 0000000000000000 8CA64DE9C1B123A7 +FFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFF 7359B2163E4EDC58 +3000000000000000 1000000000000001 958E6E627A05557B +1111111111111111 1111111111111111 F40379AB9E0EC533 +0123456789ABCDEF 1111111111111111 17668DFC7292532D +1111111111111111 0123456789ABCDEF 8A5AE1F81AB8F2DD +0000000000000000 0000000000000000 8CA64DE9C1B123A7 +FEDCBA9876543210 0123456789ABCDEF ED39D950FA74BCC4 +7CA110454A1A6E57 01A1D6D039776742 690F5B0D9A26939B +0131D9619DC1376E 5CD54CA83DEF57DA 7A389D10354BD271 +07A1133E4A0B2686 0248D43806F67172 868EBB51CAB4599A +3849674C2602319E 51454B582DDF440A 7178876E01F19B2A +04B915BA43FEB5B6 42FD443059577FA2 AF37FB421F8C4095 +0113B970FD34F2CE 059B5E0851CF143A 86A560F10EC6D85B +0170F175468FB5E6 0756D8E0774761D2 0CD3DA020021DC09 +43297FAD38E373FE 762514B829BF486A EA676B2CB7DB2B7A +07A7137045DA2A16 3BDD119049372802 DFD64A815CAF1A0F +04689104C2FD3B2F 26955F6835AF609A 5C513C9C4886C088 +37D06BB516CB7546 164D5E404F275232 0A2AEEAE3FF4AB77 +1F08260D1AC2465E 6B056E18759F5CCA EF1BF03E5DFA575A +584023641ABA6176 004BD6EF09176062 88BF0DB6D70DEE56 +025816164629B007 480D39006EE762F2 A1F9915541020B56 +49793EBC79B3258F 437540C8698F3CFA 6FBF1CAFCFFD0556 +4FB05E1515AB73A7 072D43A077075292 2F22E49BAB7CA1AC +49E95D6D4CA229BF 02FE55778117F12A 5A6B612CC26CCE4A +018310DC409B26D6 1D9D5C5018F728C2 5F4C038ED12B2E41 +1C587F1C13924FEF 305532286D6F295A 63FAC0D034D9F793 +0101010101010101 0123456789ABCDEF 617B3A0CE8F07100 +1F1F1F1F0E0E0E0E 0123456789ABCDEF DB958605F8C8C606 +E0FEE0FEF1FEF1FE 0123456789ABCDEF EDBFD1C66C29CCC7 +0000000000000000 FFFFFFFFFFFFFFFF 355550B2150E2451 +FFFFFFFFFFFFFFFF 0000000000000000 CAAAAF4DEAF1DBAE +0123456789ABCDEF 0000000000000000 D5D44FF720683D0D +FEDCBA9876543210 FFFFFFFFFFFFFFFF 2A2BB008DF97C2F2 diff --git a/usr.sbin/xntpd/authstuff/keyparity.c b/usr.sbin/xntpd/authstuff/keyparity.c new file mode 100644 index 0000000..45a7061 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/keyparity.c @@ -0,0 +1,279 @@ +/* keyparity.c,v 3.1 1993/07/06 01:04:57 jbj Exp + * keyparity - add parity bits to key and/or change an ascii key to binary + */ + +#include +#include +#include + +#include "ntp_string.h" +#include "ntp_stdlib.h" + +#define STREQ(a, b) (*(a) == *(b) && strcmp((a), (b)) == 0) + +/* + * Types of ascii representations for keys. "Standard" means a 64 bit + * hex number in NBS format, i.e. with the low order bit of each byte + * a parity bit. "NTP" means a 64 bit key in NTP format, with the + * high order bit of each byte a parity bit. "Ascii" means a 1-to-8 + * character string whose ascii representation is used as the key. + */ +#define KEY_TYPE_STD 1 +#define KEY_TYPE_NTP 2 +#define KEY_TYPE_ASCII 3 + +#define STD_PARITY_BITS 0x01010101 + +char *progname; +int debug; + +int ntpflag = 0; +int stdflag = 0; +int asciiflag = 0; +int ntpoutflag = 0; +int gotoopt = 0; + +static int parity P((U_LONG *)); +static int decodekey P((int, char *, U_LONG *)); +static void output P((U_LONG *, int)); + +/* + * main - parse arguments and handle options + */ +void +main(argc, argv) +int argc; +char *argv[]; +{ + int c; + int errflg = 0; + int keytype; + U_LONG key[2]; + extern int optind; + extern char *optarg; + + progname = argv[0]; + while ((c = getopt_l(argc, argv, "adno:s")) != EOF) + switch (c) { + case 'a': + asciiflag = 1; + break; + case 'd': + ++debug; + break; + case 'n': + ntpflag = 1; + break; + case 's': + stdflag = 1; + break; + case 'o': + if (*optarg == 'n') { + ntpoutflag = 1; + gotoopt = 1; + } else if (*optarg == 's') { + ntpoutflag = 0; + gotoopt = 1; + } else { + (void) fprintf(stderr, + "%s: output format must be `n' or `s'\n", + progname); + errflg++; + } + break; + default: + errflg++; + break; + } + if (errflg || optind == argc) { + (void) fprintf(stderr, + "usage: %s -n|-s [-a] [-o n|s] key [...]\n", + progname); + exit(2); + } + + if (!ntpflag && !stdflag) { + (void) fprintf(stderr, + "%s: one of either the -n or -s flags must be specified\n", + progname); + exit(2); + } + + if (ntpflag && stdflag) { + (void) fprintf(stderr, + "%s: only one of the -n and -s flags may be specified\n", + progname); + exit(2); + } + + if (!gotoopt) { + if (ntpflag) + ntpoutflag = 1; + } + + if (asciiflag) + keytype = KEY_TYPE_ASCII; + else if (ntpflag) + keytype = KEY_TYPE_NTP; + else + keytype = KEY_TYPE_STD; + + for (; optind < argc; optind++) { + if (!decodekey(keytype, argv[optind], key)) { + (void) fprintf(stderr, + "%s: format of key %s invalid\n", + progname, argv[optind]); + exit(1); + } + (void) parity(key); + output(key, ntpoutflag); + } + exit(0); +} + + + +/* + * parity - set parity on a key/check for odd parity + */ +static int +parity(key) + U_LONG *key; +{ + U_LONG mask; + int parity_err; + int bitcount; + int half; + int byte; + int i; + + /* + * Go through counting bits in each byte. Check to see if + * each parity bit was set correctly. If not, note the error + * and set it right. + */ + parity_err = 0; + for (half = 0; half < 2; half++) { /* two halves of key */ + mask = 0x80000000; + for (byte = 0; byte < 4; byte++) { /* 4 bytes per half */ + bitcount = 0; + for (i = 0; i < 7; i++) { /* 7 data bits / byte */ + if (key[half] & mask) + bitcount++; + mask >>= 1; + } + + /* + * If bitcount is even, parity must be set. If + * bitcount is odd, parity must be clear. + */ + if ((bitcount & 0x1) == 0) { + if (!(key[half] & mask)) { + parity_err++; + key[half] |= mask; + } + } else { + if (key[half] & mask) { + parity_err++; + key[half] &= ~mask; + } + } + mask >>= 1; + } + } + + /* + * Return the result of the parity check. + */ + return (parity_err == 0); +} + + +static int +decodekey(keytype, str, key) + int keytype; + char *str; + U_LONG *key; +{ + u_char keybytes[8]; + char *cp; + char *xdigit; + int len; + int i; + static char *hex = "0123456789abcdef"; + + cp = str; + len = strlen(cp); + if (len == 0) + return 0; + + switch(keytype) { + case KEY_TYPE_STD: + case KEY_TYPE_NTP: + if (len != 16) /* Lazy. Should define constant */ + return 0; + /* + * Decode hex key. + */ + key[0] = 0; + key[1] = 0; + for (i = 0; i < 16; i++) { + if (!isascii(*cp)) + return 0; + xdigit = strchr(hex, isupper(*cp) ? tolower(*cp) : *cp); + cp++; + if (xdigit == 0) + return 0; + key[i>>3] <<= 4; + key[i>>3] |= (U_LONG)(xdigit - hex) & 0xf; + } + + /* + * If this is an NTP format key, put it into NBS format + */ + if (keytype == KEY_TYPE_NTP) { + for (i = 0; i < 2; i++) + key[i] = ((key[i] << 1) & ~STD_PARITY_BITS) + | ((key[i] >> 7) & STD_PARITY_BITS); + } + break; + + case KEY_TYPE_ASCII: + /* + * Make up key from ascii representation + */ + bzero(keybytes, sizeof(keybytes)); + for (i = 0; i < 8 && i < len; i++) + keybytes[i] = *cp++ << 1; + key[0] = keybytes[0] << 24 | keybytes[1] << 16 + | keybytes[2] << 8 | keybytes[3]; + key[1] = keybytes[4] << 24 | keybytes[5] << 16 + | keybytes[6] << 8 | keybytes[7]; + break; + + default: + /* Oh, well */ + return 0; + } + + return 1; +} + + +/* + * output - print a hex key on the standard output + */ +static void +output(key, ntpformat) + U_LONG *key; + int ntpformat; +{ + int i; + + if (ntpformat) { + for (i = 0; i < 2; i++) + key[i] = ((key[i] & ~STD_PARITY_BITS) >> 1) + | ((key[i] & STD_PARITY_BITS) << 7); + } + (void) printf("%08x%08x\n", key[0], key[1]); +} diff --git a/usr.sbin/xntpd/authstuff/makeIPFP.c b/usr.sbin/xntpd/authstuff/makeIPFP.c new file mode 100644 index 0000000..51f8a55 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/makeIPFP.c @@ -0,0 +1,345 @@ +/* makeIPFP.c,v 3.1 1993/07/06 01:04:58 jbj Exp + * makeIPFP - make fast DES IP and FP tables + */ + +#include +#include + +#include "ntp_stdlib.h" + +#define STREQ(a, b) (*(a) == *(b) && strcmp((a), (b)) == 0) + +U_LONG IPL[256]; +U_LONG FPL[256]; + +char *progname; +int debug; + +static void perm P((u_char *, u_char *, U_LONG *, U_LONG *)); +static void doit P((void)); + +/* + * main - parse arguments and handle options + */ +void +main(argc, argv) +int argc; +char *argv[]; +{ + int c; + int errflg = 0; + extern int optind; + extern char *optarg; + + progname = argv[0]; + while ((c = getopt_l(argc, argv, "d")) != EOF) + switch (c) { + case 'd': + ++debug; + break; + default: + errflg++; + break; + } + if (errflg) { + (void) fprintf(stderr, "usage: %s [-d]\n", progname); + exit(2); + } + doit(); + exit(0); +} + + +/* + * Initial permutation table + */ +u_char IP[64] = { + 58, 50, 42, 34, 26, 18, 10, 2, + 60, 52, 44, 36, 28, 20, 12, 4, + 62, 54, 46, 38, 30, 22, 14, 6, + 64, 56, 48, 40, 32, 24, 16, 8, + 57, 49, 41, 33, 25, 17, 9, 1, + 59, 51, 43, 35, 27, 19, 11, 3, + 61, 53, 45, 37, 29, 21, 13, 5, + 63, 55, 47, 39, 31, 23, 15, 7 +}; + +/* + * Inverse initial permutation table + */ +u_char FP[64] = { + 40, 8, 48, 16, 56, 24, 64, 32, + 39, 7, 47, 15, 55, 23, 63, 31, + 38, 6, 46, 14, 54, 22, 62, 30, + 37, 5, 45, 13, 53, 21, 61, 29, + 36, 4, 44, 12, 52, 20, 60, 28, + 35, 3, 43, 11, 51, 19, 59, 27, + 34, 2, 42, 10, 50, 18, 58, 26, + 33, 1, 41, 9, 49, 17, 57, 25 +}; + + +/* + * Bit order after the operation + * + * ((left & 0x55555555) << 1) | (right & 0x55555555) + */ +u_char IPLbits[32] = { + 2, 34, 4, 36, 6, 38, 8, 40, + 10, 42, 12, 44, 14, 46, 16, 48, + 18, 50, 20, 52, 22, 54, 24, 56, + 26, 58, 28, 60, 30, 62, 32, 64 +}; + + +/* + * Bit order after the operation + * + * (left & 0xaaaaaaaa) | ((right & 0xaaaaaaaa) >> 1) + */ +u_char IPRbits[32] = { + 1, 33, 3, 35, 5, 37, 7, 39, + 9, 41, 11, 43, 13, 45, 15, 47, + 17, 49, 19, 51, 21, 53, 23, 55, + 25, 57, 27, 59, 29, 61, 31, 63 +}; + + +/* + * Bit order after the operation + * + * ((left & 0x0f0f0f0f) << 4) | (right & 0x0f0f0f0f) + */ +u_char FPLbits[32] = { + 5, 6, 7, 8, 37, 38, 39, 40, + 13, 14, 15, 16, 45, 46, 47, 48, + 21, 22, 23, 24, 53, 54, 55, 56, + 29, 30, 31, 32, 61, 62, 63, 64 +}; + + +/* + * Bit order after the operation + * + * (left & 0xf0f0f0f0) | ((right & 0xf0f0f0f0) >> 4) + */ +u_char FPRbits[32] = { + 1, 2, 3, 4, 33, 34, 35, 36, + 9, 10, 11, 12, 41, 42, 43, 44, + 17, 18, 19, 20, 49, 50, 51, 52, + 25, 26, 27, 28, 57, 58, 59, 60 +}; + + +/* + * perm - do a permutation with the given table + */ +static void +perm(databits, permtab, leftp, rightp) + u_char *databits; + u_char *permtab; + U_LONG *leftp; + U_LONG *rightp; +{ + register U_LONG left; + register U_LONG right; + register u_char *PT; + register u_char *bits; + register int i; + + left = right = 0; + PT = permtab; + bits = databits; + + for (i = 0; i < 32; i++) { + left <<= 1; + if (bits[PT[i]-1]) + left |= 1; + } + + for (i = 32; i < 64; i++) { + right <<= 1; + if (bits[PT[i]-1]) + right |= 1; + } + + *leftp = left; + *rightp = right; +} + + +/* + * doit - make up the tables + */ +static void +doit() +{ + u_char bits[64]; + U_LONG left; + U_LONG right; + int tabno; + int i; + int ind0, ind1, ind2, ind3; + int ind4, ind5, ind6, ind7; + int octbits; + + bzero((char *)bits, sizeof bits); + + /* + * Do the rounds for the IP table. We save the results of + * this as well as printing them. Note that this is the + * left-half table, the right half table will be identical. + */ + printf("static U_LONG IP[256] = {"); + for (tabno = 0; tabno < 4; tabno++) { + i = tabno * 8; + ind7 = IPLbits[i] - 1; + ind6 = IPLbits[i+1] - 1; + ind5 = IPLbits[i+2] - 1; + ind4 = IPLbits[i+3] - 1; + ind3 = IPLbits[i+4] - 1; + ind2 = IPLbits[i+5] - 1; + ind1 = IPLbits[i+6] - 1; + ind0 = IPLbits[i+7] - 1; + for (octbits = 0; octbits < 256; octbits++) { + if (octbits & (1 << 7)) + bits[ind7] = 1; + if (octbits & (1 << 6)) + bits[ind6] = 1; + if (octbits & (1 << 5)) + bits[ind5] = 1; + if (octbits & (1 << 4)) + bits[ind4] = 1; + if (octbits & (1 << 3)) + bits[ind3] = 1; + if (octbits & (1 << 2)) + bits[ind2] = 1; + if (octbits & (1 << 1)) + bits[ind1] = 1; + if (octbits & 1) + bits[ind0] = 1; + perm(bits, IP, &left, &right); + bits[ind7] = 0; + bits[ind6] = 0; + bits[ind5] = 0; + bits[ind4] = 0; + bits[ind3] = 0; + bits[ind2] = 0; + bits[ind1] = 0; + bits[ind0] = 0; + if (right != 0) { + fprintf(stderr, + "IP tabno %d oct %d right not zero\n", + tabno, octbits); + exit(1); + } + if (tabno > 0) { + if ((IPL[octbits] << tabno) != left) { + fprintf(stderr, + "IP tabno %d oct %d IP %d left %d, IP != left\n", + tabno, octbits, IPL[octbits], left); + exit (1); + } + } else { + IPL[octbits] = left; + if (octbits == 255) { + printf(" 0x%08x", left); + } else if (octbits & 0x3) { + printf(" 0x%08x,", left); + } else { + printf("\n\t0x%08x,", left); + } + } + } + if (tabno == 0) + printf("\n};\n\n"); + } + + /* + * Next is the FP table, in big endian order + */ + printf("#if BYTE_ORDER == LITTLE_ENDIAN\nstatic U_LONG FP[256] = {"); + for (tabno = 3; tabno >= 0; tabno--) { + i = tabno * 8; + ind7 = FPLbits[i] - 1; + ind6 = FPLbits[i+1] - 1; + ind5 = FPLbits[i+2] - 1; + ind4 = FPLbits[i+3] - 1; + ind3 = FPLbits[i+4] - 1; + ind2 = FPLbits[i+5] - 1; + ind1 = FPLbits[i+6] - 1; + ind0 = FPLbits[i+7] - 1; + for (octbits = 0; octbits < 256; octbits++) { + if (octbits & (1 << 7)) + bits[ind7] = 1; + if (octbits & (1 << 6)) + bits[ind6] = 1; + if (octbits & (1 << 5)) + bits[ind5] = 1; + if (octbits & (1 << 4)) + bits[ind4] = 1; + if (octbits & (1 << 3)) + bits[ind3] = 1; + if (octbits & (1 << 2)) + bits[ind2] = 1; + if (octbits & (1 << 1)) + bits[ind1] = 1; + if (octbits & 1) + bits[ind0] = 1; + perm(bits, FP, &left, &right); + bits[ind7] = 0; + bits[ind6] = 0; + bits[ind5] = 0; + bits[ind4] = 0; + bits[ind3] = 0; + bits[ind2] = 0; + bits[ind1] = 0; + bits[ind0] = 0; + if (right != 0) { + fprintf(stderr, + "FP tabno %d oct %d right not zero\n", + tabno, octbits); + exit(1); + } + if (tabno != 3) { + if ((FPL[octbits] << ((3-tabno)<<1)) != left) { + fprintf(stderr, + "FP tabno %d oct %d FP %x left %x, FP != left\n", + tabno, octbits, FPL[octbits], left); + exit (1); + } + } else { + FPL[octbits] = left; + if (octbits == 255) { + printf(" 0x%08x", left); + } else if (octbits & 0x3) { + printf(" 0x%08x,", left); + } else { + printf("\n\t0x%08x,", left); + } + } + } + if (tabno == 3) + printf("\n};\n"); + } + + /* + * Now reouput the FP table in order appropriate for little + * endian machines + */ + printf("#else\nstatic U_LONG FP[256] = {"); + for (octbits = 0; octbits < 256; octbits++) { + left = ((FPL[octbits] >> 24) & 0x000000ff) + | ((FPL[octbits] >> 8) & 0x0000ff00) + | ((FPL[octbits] << 8) & 0x00ff0000) + | ((FPL[octbits] << 24) & 0xff000000); + if (octbits == 255) { + printf(" 0x%08x", left); + } else if (octbits & 0x3) { + printf(" 0x%08x,", left); + } else { + printf("\n\t0x%08x,", left); + } + } + printf("\n};\n#endif\n"); +} diff --git a/usr.sbin/xntpd/authstuff/makePC1.c b/usr.sbin/xntpd/authstuff/makePC1.c new file mode 100644 index 0000000..c010989 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/makePC1.c @@ -0,0 +1,286 @@ +/* makePC1.c,v 3.1 1993/07/06 01:04:59 jbj Exp + * makePC1 - build custom permutted choice 1 tables + */ + +#include +#include + +#include "ntp_stdlib.h" + +#define STREQ(a, b) (*(a) == *(b) && strcmp((a), (b)) == 0) + +char *progname; +int debug; + +static void permute P((u_char *, U_LONG *, U_LONG *)); +static void doit P((void)); + +/* + * main - parse arguments and handle options + */ +void +main(argc, argv) +int argc; +char *argv[]; +{ + int c; + int errflg = 0; + extern int optind; + extern char *optarg; + + progname = argv[0]; + while ((c = getopt_l(argc, argv, "d")) != EOF) + switch (c) { + case 'd': + ++debug; + break; + default: + errflg++; + break; + } + if (errflg) { + (void) fprintf(stderr, "usage: %s [-d]\n", progname); + exit(2); + } + doit(); + exit(0); +} + +/* + * Permuted choice 1 table, to produce the initial C. This table + * has had 1 subtracted from it to give it a zero base. + */ +static u_char PC1_C[28] = { + 56, 48, 40, 32, 24, 16, 8, + 0, 57, 49, 41, 33, 25, 17, + 9, 1, 58, 50, 42, 34, 26, + 18, 10, 2, 59, 51, 43, 35 +}; + +/* + * Permuted choice 1 table, to produce the initial D. Again, 1 has + * been subtracted to match C language zero base arrays. + */ +static u_char PC1_D[28] = { + 62, 54, 46, 38, 30, 22, 14, + 6, 61, 53, 45, 37, 29, 21, + 13, 5, 60, 52, 44, 36, 28, + 20, 12, 4, 27, 19, 11, 3 +}; + +/* + * permute - produce c and d for the given bits + */ +static void +permute(bits, cp, dp) + u_char *bits; + U_LONG *cp; + U_LONG *dp; +{ + register int i; + register U_LONG mask; + u_char c[28]; + u_char d[28]; + + bzero((char *)c, sizeof c); + bzero((char *)d, sizeof d); + + for (i = 0; i < 28; i++) { + c[i] = bits[PC1_C[i]]; + d[i] = bits[PC1_D[i]]; + } + + mask = 0x10000000; + *cp = *dp = 0; + for (i = 0; i < 28; i++) { + mask >>= 1; + if (c[i]) + *cp |= mask; + if (d[i]) + *dp |= mask; + } +} + + +/* + * bits from the left part of the key used to form the C subkey + */ +static int lc3[4] = { 0, 8, 16, 24 }; + +/* + * bits from the left part of the key used to form the D subkey + */ +static int ld4[4] = { 3, 11, 19, 27 }; + +/* + * bits from the right part of the key used to form the C subkey + */ +static int rc4[4] = { 32, 40, 48, 56 }; + +/* + * bits from the right part of the key used to form the D subkey + */ +static int rd3[4] = { 36, 44, 52, 60 }; + +static U_LONG PC_CL[8]; +static U_LONG PC_DL[16]; +static U_LONG PC_CR[16]; +static U_LONG PC_DR[8]; + + +/* + * doit - compute and print the four PC1 tables + */ +static void +doit() +{ + int i; + int comb; + U_LONG c; + U_LONG d; + u_char bits[64]; + + bzero((char *)bits, sizeof bits); + + printf("static U_LONG PC1_CL[8] = {"); + for (i = 0; i < 4; i++) { + for (comb = 0; comb < 8; comb++) { + if (comb & 0x4) + bits[lc3[i]] = 1; + if (comb & 0x2) + bits[lc3[i]+1] = 1; + if (comb & 0x1) + bits[lc3[i]+2] = 1; + permute(bits, &c, &d); + bits[lc3[i]] = 0; + bits[lc3[i]+1] = 0; + bits[lc3[i]+2] = 0; + if (d != 0) { + (void) fprintf(stderr, + "Error PC_CL i %d comb %d\n", i, comb); + } + if (i == 0) { + PC_CL[comb] = c; + if ((comb & 0x3) == 0) + printf("\n\t0x%08x,", c); + else if (comb == 7) + printf(" 0x%08x\n};\n\n", c); + else + printf(" 0x%08x,", c); + } else { + if (c != PC_CL[comb] << i) + (void) fprintf(stderr, + "Error PC_CL 0x%08x c 0x%08x\n", + PC_CL[comb], c); + } + } + } + + printf("static U_LONG PC1_DL[16] = {"); + for (i = 0; i < 4; i++) { + for (comb = 0; comb < 16; comb++) { + if (comb & 0x8) + bits[ld4[i]] = 1; + if (comb & 0x4) + bits[ld4[i]+1] = 1; + if (comb & 0x2) + bits[ld4[i]+2] = 1; + if (comb & 0x1) + bits[ld4[i]+3] = 1; + permute(bits, &c, &d); + bits[ld4[i]] = 0; + bits[ld4[i]+1] = 0; + bits[ld4[i]+2] = 0; + bits[ld4[i]+3] = 0; + if (c != 0) { + (void) fprintf(stderr, + "Error PC_DL i %d comb %d\n", i, comb); + } + if (i == 0) { + PC_DL[comb] = d; + if ((comb & 0x3) == 0) + printf("\n\t0x%08x,", d); + else if (comb == 15) + printf(" 0x%08x\n};\n\n", d); + else + printf(" 0x%08x,", d); + } else { + if (d != PC_DL[comb] << i) + (void) fprintf(stderr, + "Error PC_DL 0x%08x c 0x%08x\n", + PC_DL[comb], d); + } + } + } + + printf("static U_LONG PC1_CR[16] = {"); + for (i = 0; i < 4; i++) { + for (comb = 0; comb < 16; comb++) { + if (comb & 0x8) + bits[rc4[i]] = 1; + if (comb & 0x4) + bits[rc4[i]+1] = 1; + if (comb & 0x2) + bits[rc4[i]+2] = 1; + if (comb & 0x1) + bits[rc4[i]+3] = 1; + permute(bits, &c, &d); + bits[rc4[i]] = 0; + bits[rc4[i]+1] = 0; + bits[rc4[i]+2] = 0; + bits[rc4[i]+3] = 0; + if (d != 0) { + (void) fprintf(stderr, + "Error PC_CR i %d comb %d\n", i, comb); + } + if (i == 0) { + PC_CR[comb] = c; + if ((comb & 0x3) == 0) + printf("\n\t0x%08x,", c); + else if (comb == 15) + printf(" 0x%08x\n};\n\n", c); + else + printf(" 0x%08x,", c); + } else { + if (c != PC_CR[comb] << i) + (void) fprintf(stderr, + "Error PC_CR 0x%08x c 0x%08x\n", + PC_CR[comb], c); + } + } + } + + printf("static U_LONG PC1_DR[8] = {"); + for (i = 0; i < 4; i++) { + for (comb = 0; comb < 8; comb++) { + if (comb & 0x4) + bits[rd3[i]] = 1; + if (comb & 0x2) + bits[rd3[i]+1] = 1; + if (comb & 0x1) + bits[rd3[i]+2] = 1; + permute(bits, &c, &d); + bits[rd3[i]] = 0; + bits[rd3[i]+1] = 0; + bits[rd3[i]+2] = 0; + if (c != 0) { + (void) fprintf(stderr, + "Error PC_DR i %d comb %d\n", i, comb); + } + if (i == 0) { + PC_DR[comb] = d; + if ((comb & 0x3) == 0) + printf("\n\t0x%08x,", d); + else if (comb == 7) + printf(" 0x%08x\n};\n\n", d); + else + printf(" 0x%08x,", d); + } else { + if (d != PC_DR[comb] << i) + (void) fprintf(stderr, + "Error PC_DR 0x%08x c 0x%08x\n", + PC_DR[comb], d); + } + } + } +} diff --git a/usr.sbin/xntpd/authstuff/makePC2.c b/usr.sbin/xntpd/authstuff/makePC2.c new file mode 100644 index 0000000..d92d2b2 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/makePC2.c @@ -0,0 +1,238 @@ +/* makePC2.c,v 3.1 1993/07/06 01:05:01 jbj Exp + * makePC2 - build custom permutted choice 2 tables + */ + +#include +#include + +#include "ntp_stdlib.h" + +#define STREQ(a, b) (*(a) == *(b) && strcmp((a), (b)) == 0) + +char *progname; +int debug; + +static void permc P((u_char *, U_LONG *)); +static void permd P((u_char *, U_LONG *)); +static void doit P((void)); + +/* + * main - parse arguments and handle options + */ +void +main(argc, argv) +int argc; +char *argv[]; +{ + int c; + int errflg = 0; + extern int optind; + extern char *optarg; + + progname = argv[0]; + while ((c = getopt_l(argc, argv, "d")) != EOF) + switch (c) { + case 'd': + ++debug; + break; + default: + errflg++; + break; + } + if (errflg) { + (void) fprintf(stderr, "usage: %s [-d]\n", progname); + exit(2); + } + doit(); + exit(0); +} + +/* + * Permuted choice 2 table. This actually produces the low order 24 + * bits of the subkey Ki from the 28 bit value of Ci. This has had + * 1 subtracted from it to give a zero base. + */ +static u_char PC2_C[24] = { + 13, 16, 10, 23, 0, 4, + 2, 27, 14, 5, 20, 9, + 22, 18, 11, 3, 25, 7, + 15, 6, 26, 19, 12, 1 +}; + +/* + * Permuted choice 2 table, operating on the 28 Di bits to produce the + * high order 24 bits of subkey Ki. This has had 29 subtracted from + * it to give it a zero base into our D bit array. + */ +static u_char PC2_D[24] = { + 12, 23, 2, 8, 18, 26, + 1, 11, 22, 16, 4, 19, + 15, 20, 10, 27, 5, 24, + 17, 13, 21, 7, 0, 3 +}; + +U_LONG masks[4] = { 0x40000000, 0x400000, 0x4000, 0x40 }; + + +/* + * permc - permute C, producing a four byte result + */ +static void +permc(bits, resp) + u_char *bits; + U_LONG *resp; +{ + register int part; + register int i; + register U_LONG mask; + u_char res[24]; + + bzero((char *)res, sizeof res); + + for (i = 0; i < 24; i++) { + res[i] = bits[PC2_C[i]]; + } + + *resp = 0; + for (part = 0; part < 4; part++) { + mask = masks[part]; + for (i = part*6; i < (part+1)*6; i++) { + mask >>= 1; + if (res[i]) + *resp |= mask; + } + } +} + +/* + * permd - permute D, producing a four byte result + */ +static void +permd(bits, resp) + u_char *bits; + U_LONG *resp; +{ + register int part; + register int i; + register U_LONG mask; + u_char res[24]; + + bzero((char *)res, sizeof res); + + for (i = 0; i < 24; i++) { + res[i] = bits[PC2_D[i]]; + } + + *resp = 0; + for (part = 0; part < 4; part++) { + mask = masks[part]; + for (i = part*6; i < (part+1)*6; i++) { + mask >>= 1; + if (res[i]) + *resp |= mask; + } + } +} + + +/* + * bits used for each round in C + */ +static int cbits[4][6] = { + 0, 1, 2, 3, 4, 5, + 6, 7, 9, 10, 11, 12, + 13, 14, 15, 16, 22, 23, + 18, 19, 20, 25, 26, 27 +}; + + +/* + * bits used for each round in D + */ +static int dbits[4][6] = { + 0, 1, 2, 3, 4, 5, + 7, 8, 10, 11, 12, 13, + 15, 16, 17, 18, 19, 20, + 21, 22, 23, 24, 26, 27 +}; + + +/* + * doit - compute and print the four PC1 tables + */ +static void +doit() +{ + int i; + int comb; + U_LONG res; + u_char bits[28]; + + bzero((char *)bits, sizeof bits); + + printf("static U_LONG PC2_C[4][64] = {"); + for (i = 0; i < 4; i++) { + for (comb = 0; comb < 64; comb++) { + if (comb & 0x20) + bits[cbits[i][0]] = 1; + if (comb & 0x10) + bits[cbits[i][1]] = 1; + if (comb & 0x8) + bits[cbits[i][2]] = 1; + if (comb & 0x4) + bits[cbits[i][3]] = 1; + if (comb & 0x2) + bits[cbits[i][4]] = 1; + if (comb & 0x1) + bits[cbits[i][5]] = 1; + permc(bits, &res); + bits[cbits[i][0]] = 0; + bits[cbits[i][1]] = 0; + bits[cbits[i][2]] = 0; + bits[cbits[i][3]] = 0; + bits[cbits[i][4]] = 0; + bits[cbits[i][5]] = 0; + if ((comb & 0x3) == 0) + printf("\n\t0x%08x,", res); + else if (comb == 63 && i == 3) + printf(" 0x%08x\n};\n\n", res); + else if (comb == 63) + printf(" 0x%08x,\n", res); + else + printf(" 0x%08x,", res); + } + } + + printf("static U_LONG PC2_D[4][64] = {"); + for (i = 0; i < 4; i++) { + for (comb = 0; comb < 64; comb++) { + if (comb & 0x20) + bits[dbits[i][0]] = 1; + if (comb & 0x10) + bits[dbits[i][1]] = 1; + if (comb & 0x8) + bits[dbits[i][2]] = 1; + if (comb & 0x4) + bits[dbits[i][3]] = 1; + if (comb & 0x2) + bits[dbits[i][4]] = 1; + if (comb & 0x1) + bits[dbits[i][5]] = 1; + permd(bits, &res); + bits[dbits[i][0]] = 0; + bits[dbits[i][1]] = 0; + bits[dbits[i][2]] = 0; + bits[dbits[i][3]] = 0; + bits[dbits[i][4]] = 0; + bits[dbits[i][5]] = 0; + if ((comb & 0x3) == 0) + printf("\n\t0x%08x,", res); + else if (comb == 63 && i == 3) + printf(" 0x%08x\n};\n\n", res); + else if (comb == 63) + printf(" 0x%08x,\n", res); + else + printf(" 0x%08x,", res); + } + } +} diff --git a/usr.sbin/xntpd/authstuff/makeSP.c b/usr.sbin/xntpd/authstuff/makeSP.c new file mode 100644 index 0000000..bfeb82c --- /dev/null +++ b/usr.sbin/xntpd/authstuff/makeSP.c @@ -0,0 +1,183 @@ +/* makeSP.c,v 3.1 1993/07/06 01:05:02 jbj Exp + * makeSP - build combination S and P tables for quick DES computation + */ + +#include +#include + +#include "ntp_stdlib.h" + +#define STREQ(a, b) (*(a) == *(b) && strcmp((a), (b)) == 0) + +char *progname; +int debug; + +static void selperm P((int, int, U_LONG *)); +static void doit P((void)); + +/* + * main - parse arguments and handle options + */ +void +main(argc, argv) +int argc; +char *argv[]; +{ + int c; + int errflg = 0; + extern int optind; + extern char *optarg; + + progname = argv[0]; + while ((c = getopt_l(argc, argv, "d")) != EOF) + switch (c) { + case 'd': + ++debug; + break; + default: + errflg++; + break; + } + if (errflg) { + (void) fprintf(stderr, "usage: %s [-d]\n", progname); + exit(2); + } + doit(); + exit(0); +} + + +/* + * The cipher selection function tables. These turn 6 bit data back + * into 4 bit data. + */ +u_char S[8][64] = { + 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7, + 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8, + 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0, + 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13, + + 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10, + 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5, + 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15, + 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9, + + 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8, + 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1, + 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7, + 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12, + + 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15, + 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9, + 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4, + 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14, + + 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9, + 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6, + 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14, + 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3, + + 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11, + 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8, + 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6, + 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13, + + 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1, + 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6, + 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2, + 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12, + + 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7, + 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2, + 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8, + 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 +}; + +/* + * Cipher function permutation table + */ +u_char PT[32] = { + 16, 7, 20, 21, + 29, 12, 28, 17, + 1, 15, 23, 26, + 5, 18, 31, 10, + 2, 8, 24, 14, + 32, 27, 3, 9, + 19, 13, 30, 6, + 22, 11, 4, 25 +}; + + +/* + * Bits array. We keep this zeroed. + */ +u_char bits[32]; + + +/* + * selperm - run six bit data through the given selection table, then + * through the PT table to produce a LONG output. + */ +static void +selperm(selnumber, sixbits, resp) + int selnumber; + int sixbits; + U_LONG *resp; +{ + register U_LONG res; + register int selno; + register int i; + register int ind; + + selno = selnumber; + i = sixbits; + ind = (i & 0x20) | ((i >> 1) & 0xf) | ((i & 0x1) << 4); + i = S[selno][ind]; + + for (ind = 0; ind < 4; ind++) { + if (i & 0x8) + bits[4*selno + ind] = 1; + i <<= 1; + } + + res = 0; + for (i = 0; i < 32; i++) { + res <<= 1; + if (bits[PT[i]-1]) + res |= 1; + } + + *resp = res; + bits[4*selno] = 0; + bits[4*selno + 1] = 0; + bits[4*selno + 2] = 0; + bits[4*selno + 3] = 0; +} + + +/* + * doit - compute and print the 8 SP tables + */ +static void +doit() +{ + int selno; + U_LONG result; + int sixbits; + + bzero((char *)bits, sizeof bits); + printf("static U_LONG SP[8][64] = {"); + for (selno = 0; selno < 8; selno++) { + for (sixbits = 0; sixbits < 64; sixbits++) { + selperm(selno, sixbits, &result); + if ((sixbits & 0x3) == 0) + printf("\n\t0x%08x,", result); + else if (sixbits == 63 && selno == 7) + printf(" 0x%08x\n};\n", result); + else if (sixbits == 63) + printf(" 0x%08x,\n", result); + else + printf(" 0x%08x,", result); + } + } +} diff --git a/usr.sbin/xntpd/authstuff/md5_sample_output b/usr.sbin/xntpd/authstuff/md5_sample_output new file mode 100644 index 0000000..a7d4282 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/md5_sample_output @@ -0,0 +1,8 @@ +MD5 test suite results: +d41d8cd98f00b204e9800998ecf8427e "" +0cc175b9c0f1b6a831c399e269772661 "a" +900150983cd24fb0d6963f7d28e17f72 "abc" +f96b697d7cb7938d525a2f31aaf161d0 "message digest" +c3fcd3d76192e4007dfb496cca67e13b "abcdefghijklmnopqrstuvwxyz" +d174ab98d277d9f5a5611c2c9f419d9f "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" +57edf4a22be3c955ac49da2e2107b67a "12345678901234567890123456789012345678901234567890123456789012345678901234567890" diff --git a/usr.sbin/xntpd/authstuff/md5driver.c b/usr.sbin/xntpd/authstuff/md5driver.c new file mode 100644 index 0000000..73db940 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/md5driver.c @@ -0,0 +1,209 @@ +/* md5driver.c,v 3.1 1993/07/06 01:05:07 jbj Exp + *********************************************************************** + ** md5driver.c -- sample test routines ** + ** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** + ** Created: 2/16/90 RLR ** + ** Updated: 1/91 SRD ** + ** Updated: 7/91 SRD Removed file "foo" from test suite ** + *********************************************************************** + */ + +/* + *********************************************************************** + ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** + ** ** + ** RSA Data Security, Inc. makes no representations concerning ** + ** either the merchantability of this software or the suitability ** + ** of this software for any particular purpose. It is provided "as ** + ** is" without express or implied warranty of any kind. ** + ** ** + ** These notices must be retained in any copies of any part of this ** + ** documentation and/or software. ** + *********************************************************************** + */ + +#include +#include +#include +#ifdef __bsdi__ +#include +#endif /* __bsdi__ */ +#include "md5.h" + +#define MD5 +#include "ntp_string.h" +#include "ntp_stdlib.h" + +/* Prints message digest buffer in mdContext as 32 hexadecimal digits. + Order is from low-order byte to high-order byte of digest. + Each byte is printed with high-order hexadecimal digit first. + */ +static void +MDPrint (mdContext) +MD5_CTX *mdContext; +{ + int i; + + for (i = 0; i < 16; i++) + printf ("%02x", mdContext->digest[i]); +} + +/* size of test block */ +#define TEST_BLOCK_SIZE 1000 + +/* number of blocks to process */ +#define TEST_BLOCKS 10000 + +/* number of test bytes = TEST_BLOCK_SIZE * TEST_BLOCKS */ +static LONG TEST_BYTES = (LONG)TEST_BLOCK_SIZE * (LONG)TEST_BLOCKS; + +/* A time trial routine, to measure the speed of MD5. + Measures wall time required to digest TEST_BLOCKS * TEST_BLOCK_SIZE + characters. + */ +static void +MDTimeTrial () +{ + MD5_CTX mdContext; + time_t endTime, startTime; + unsigned char data[TEST_BLOCK_SIZE]; + unsigned int i; + + /* initialize test data */ + for (i = 0; i < TEST_BLOCK_SIZE; i++) + data[i] = (unsigned char)(i & 0xFF); + + /* start timer */ + printf ("MD5 time trial. Processing %ld characters...\n", TEST_BYTES); + time (&startTime); + + /* digest data in TEST_BLOCK_SIZE byte blocks */ + MD5Init (&mdContext); + for (i = TEST_BLOCKS; i > 0; i--) + MD5Update (&mdContext, data, TEST_BLOCK_SIZE); + MD5Final (&mdContext); + + /* stop timer, get time difference */ + time (&endTime); + MDPrint (&mdContext); + printf (" is digest of test input.\n"); + printf + ("Seconds to process test input: %ld\n", (LONG)(endTime-startTime)); + printf + ("Characters processed per second: %ld\n", + TEST_BYTES/(endTime-startTime)); +} + +/* Computes the message digest for string inString. + Prints out message digest, a space, the string (in quotes) and a + carriage return. + */ +static void +MDString (inString) +char *inString; +{ + MD5_CTX mdContext; + unsigned int len = strlen (inString); + + MD5Init (&mdContext); + MD5Update (&mdContext, inString, len); + MD5Final (&mdContext); + MDPrint (&mdContext); + printf (" \"%s\"\n", inString); +} + +/* Computes the message digest for a specified file. + Prints out message digest, a space, the file name, and a carriage + return. + */ +static void +MDFile (filename) +char *filename; +{ + FILE *inFile = fopen (filename, "rb"); + MD5_CTX mdContext; + int bytes; + unsigned char data[1024]; + + if (inFile == NULL) { + printf ("%s can't be opened.\n", filename); + return; + } + + MD5Init (&mdContext); + while ((bytes = fread (data, 1, 1024, inFile)) != 0) + MD5Update (&mdContext, data, bytes); + MD5Final (&mdContext); + MDPrint (&mdContext); + printf (" %s\n", filename); + fclose (inFile); +} + +/* Writes the message digest of the data from stdin onto stdout, + followed by a carriage return. + */ +static void +MDFilter () +{ + MD5_CTX mdContext; + int bytes; + unsigned char data[16]; + + MD5Init (&mdContext); + while ((bytes = fread (data, 1, 16, stdin)) != 0) + MD5Update (&mdContext, data, bytes); + MD5Final (&mdContext); + MDPrint (&mdContext); + printf ("\n"); +} + +/* Runs a standard suite of test data. + */ +static void +MDTestSuite () +{ + printf ("MD5 test suite results:\n"); + MDString (""); + MDString ("a"); + MDString ("abc"); + MDString ("message digest"); + MDString ("abcdefghijklmnopqrstuvwxyz"); + MDString + ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"); + MDString + ("12345678901234567890123456789012345678901234567890123456789012345678901234567890"); +} + +void +main (argc, argv) +int argc; +char *argv[]; +{ + int i; + + /* For each command line argument in turn: + ** filename -- prints message digest and name of file + ** -sstring -- prints message digest and contents of string + ** -t -- prints time trial statistics for 10M + characters + ** -x -- execute a standard suite of test data + ** (no args) -- writes messages digest of stdin onto stdout + */ + if (argc == 1) + MDFilter (); + else + for (i = 1; i < argc; i++) + if (argv[i][0] == '-' && argv[i][1] == 's') + MDString (argv[i] + 2); + else if (strcmp (argv[i], "-t") == 0) + MDTimeTrial (); + else if (strcmp (argv[i], "-x") == 0) + MDTestSuite (); + else MDFile (argv[i]); +} + +/* + *********************************************************************** + ** End of md5driver.c ** + ******************************** (cut) ******************************** + */ diff --git a/usr.sbin/xntpd/authstuff/mkrandkeys.c b/usr.sbin/xntpd/authstuff/mkrandkeys.c new file mode 100644 index 0000000..3bb987a --- /dev/null +++ b/usr.sbin/xntpd/authstuff/mkrandkeys.c @@ -0,0 +1,167 @@ +/* mkrandkeys.c,v 3.1 1993/07/06 01:05:08 jbj Exp + * mkrandkeys - make a key file for xntpd with some quite random keys + */ +#include +#include +#include + +#include "ntp_stdlib.h" + +#define STREQ(a, b) (*(a) == *(b) && strcmp((a), (b)) == 0) + +char *progname; +int debug; + +U_LONG keydata[2]; + +int std = 1; /* DES standard key format */ +u_char dokey[16] = { 0 }; + +static void rand_data P((U_LONG *)); + +/* + * main - parse arguments and handle options + */ +void +main(argc, argv) +int argc; +char *argv[]; +{ + int c; + int i; + int j; + int errflg = 0; + int numkeys; + U_LONG tmp; + char *passwd; + extern int optind; + extern char *optarg; + extern char *getpass(); + + numkeys = 0; + progname = argv[0]; + passwd = NULL; + while ((c = getopt_l(argc, argv, "dnp:s")) != EOF) + switch (c) { + case 'd': + ++debug; + break; + case 'n': + std = 0; + break; + case 'p': + passwd = optarg; + break; + case 's': + std = 1; + break; + default: + errflg++; + break; + } + + numkeys = 0; + for (; !errflg && optind < argc; optind++) { + c = atoi(argv[optind]); + if (c <= 0 || c > 15) { + (void) fprintf("%s: invalid key number `%s'\n", + progname, argv[optind]); + exit(2); + } + dokey[c] = 1; + numkeys++; + } + + if (errflg || numkeys == 0) { + (void) fprintf(stderr, + "usage: %s [-ns] [-p seed] key# [key# ...]\n", + progname); + exit(2); + } + + while (passwd == 0 || *passwd == '\0') { + passwd = getpass("Seed: "); + if (*passwd == '\0') { + (void) fprintf(stderr, + "better use a better seed than that\n"); + } + } + + keydata[0] = keydata[1] = 0; + for (i = 0; i < 8 && *passwd != '\0'; i++) { + keydata[i/4] |= ((((U_LONG)(*passwd))&0xff)<<(1+((3-(i%4))*8))); + passwd++; + } + + for (i = 1; i <= 15; i++) { + if (dokey[i]) { + for (c = 0, tmp = 0; c < 32; c += 4) + tmp |= (i << c); + keydata[0] ^= tmp; + keydata[1] ^= tmp; + rand_data(keydata); + DESauth_parity(keydata); + + if (std) { + (void)printf("%-2d S\t%08x%08x\n", + i, keydata[0], keydata[1]); + } else { + for (j = 0; j < 2; j++) { + keydata[j] + = ((keydata[j] & 0xfefefefe) >> 1) + | ((keydata[j] & 0x01010101) << 7); + } + (void)printf("%-2d N\t%08x%08x\n", + i, keydata[0], keydata[1]); + } + } + } + exit(0); +} + +char *volatile_file[] = { + "/bin/echo", + "/bin/sh", + "/bin/cat", + "/bin/ls", + "/bin/stty", + "/bin/date", + "/bin/cat", + "/bin/cc", + "/etc/motd", + "/etc/utmp", + "/dev/kmem", + "/dev/null", + "", +}; + +#define NEXT(X) (0x1e1f2f2d*(X) + 0x361962e9) + +static void +rand_data(data) + U_LONG *data; +{ + register i; + struct stat buf; + extern LONG time(); + char ekeys[128], dkeys[128]; + + *data ^= 0x9662f394; + *(data+1) ^= 0x9f17c55f; + DESauth_subkeys(data, ekeys, dkeys); + *data ^= NEXT(getpid() + (getuid() << 16)); + *(data+1) ^= NEXT(time((LONG *)0)); + DESauth_des(data, ekeys); + for (i = 0; strlen(volatile_file[i]); i++) { + if (stat(volatile_file[i], &buf) == -1) + continue; + if (i & 1) { + *data ^= NEXT(buf.st_atime); + *(data+1) ^= NEXT(buf.st_mtime); + } else { + *data ^= NEXT(buf.st_mtime); + *(data+1) ^= NEXT(buf.st_atime); + } + DESauth_des(data, ekeys); + } +} diff --git a/usr.sbin/xntpd/authstuff/omakeIPFP.c b/usr.sbin/xntpd/authstuff/omakeIPFP.c new file mode 100644 index 0000000..887cc58 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/omakeIPFP.c @@ -0,0 +1,361 @@ +/* omakeIPFP.c,v 3.1 1993/07/06 01:05:10 jbj Exp + * makeIPFP - make fast DES IP and FP tables + * + * This is an older version which generated tables half the size of + * the current version, but which took about double the CPU time to + * compute permutations from these tables. Since the CPU spent on the + * permutations is small compared to the CPU spent in the cipher code, + * I may go back to the smaller tables to save the space some day. + */ + +#include +#include + +#include "ntp_stdlib.h" + +#define STREQ(a, b) (*(a) == *(b) && strcmp((a), (b)) == 0) + +U_LONG IPL[8][16]; +U_LONG FPL[8][16]; + +char *progname; +int debug; + +static void perm P((u_char *, u_char *, U_LONG *, U_LONG *)); +static void doit P((void)); + +/* + * main - parse arguments and handle options + */ +void +main(argc, argv) +int argc; +char *argv[]; +{ + int c; + int errflg = 0; + extern int optind; + extern char *optarg; + + progname = argv[0]; + while ((c = getopt_l(argc, argv, "d")) != EOF) + switch (c) { + case 'd': + ++debug; + break; + default: + errflg++; + break; + } + if (errflg) { + (void) fprintf(stderr, "usage: %s [-d]\n", progname); + exit(2); + } + doit(); + exit(0); +} + + +/* + * Initial permutation table + */ +u_char IP[64] = { + 58, 50, 42, 34, 26, 18, 10, 2, + 60, 52, 44, 36, 28, 20, 12, 4, + 62, 54, 46, 38, 30, 22, 14, 6, + 64, 56, 48, 40, 32, 24, 16, 8, + 57, 49, 41, 33, 25, 17, 9, 1, + 59, 51, 43, 35, 27, 19, 11, 3, + 61, 53, 45, 37, 29, 21, 13, 5, + 63, 55, 47, 39, 31, 23, 15, 7 +}; + +/* + * Inverse initial permutation table + */ +u_char FP[64] = { + 40, 8, 48, 16, 56, 24, 64, 32, + 39, 7, 47, 15, 55, 23, 63, 31, + 38, 6, 46, 14, 54, 22, 62, 30, + 37, 5, 45, 13, 53, 21, 61, 29, + 36, 4, 44, 12, 52, 20, 60, 28, + 35, 3, 43, 11, 51, 19, 59, 27, + 34, 2, 42, 10, 50, 18, 58, 26, + 33, 1, 41, 9, 49, 17, 57, 25 +}; + + +/* + * Bit order after the operation + * + * ((left & 0x55555555) << 1) | (right & 0x55555555) + */ +u_char IPLbits[32] = { + 2, 34, 4, 36, 6, 38, 8, 40, + 10, 42, 12, 44, 14, 46, 16, 48, + 18, 50, 20, 52, 22, 54, 24, 56, + 26, 58, 28, 60, 30, 62, 32, 64 +}; + + +/* + * Bit order after the operation + * + * (left & 0xaaaaaaaa) | ((right & 0xaaaaaaaa) >> 1) + */ +u_char IPRbits[32] = { + 1, 33, 3, 35, 5, 37, 7, 39, + 9, 41, 11, 43, 13, 45, 15, 47, + 17, 49, 19, 51, 21, 53, 23, 55, + 25, 57, 27, 59, 29, 61, 31, 63 +}; + + +/* + * Bit order after the operation + * + * ((left & 0x0f0f0f0f) << 4) | (right & 0x0f0f0f0f) + */ +u_char FPLbits[32] = { + 5, 6, 7, 8, 37, 38, 39, 40, + 13, 14, 15, 16, 45, 46, 47, 48, + 21, 22, 23, 24, 53, 54, 55, 56, + 29, 30, 31, 32, 61, 62, 63, 64 +}; + + +/* + * Bit order after the operation + * + * (left & 0xf0f0f0f0) | ((right & 0xf0f0f0f0) >> 4) + */ +u_char FPRbits[32] = { + 1, 2, 3, 4, 33, 34, 35, 36, + 9, 10, 11, 12, 41, 42, 43, 44, + 17, 18, 19, 20, 49, 50, 51, 52, + 25, 26, 27, 28, 57, 58, 59, 60 +}; + + +/* + * perm - do a permutation with the given table + */ +static void +perm(databits, permtab, leftp, rightp) + u_char *databits; + u_char *permtab; + U_LONG *leftp; + U_LONG *rightp; +{ + register U_LONG left; + register U_LONG right; + register u_char *PT; + register u_char *bits; + register int i; + + left = right = 0; + PT = permtab; + bits = databits; + + for (i = 0; i < 32; i++) { + left <<= 1; + if (bits[PT[i]-1]) + left |= 1; + } + + for (i = 32; i < 64; i++) { + right <<= 1; + if (bits[PT[i]-1]) + right |= 1; + } + + *leftp = left; + *rightp = right; +} + + +/* + * doit - make up the tables + */ +static void +doit() +{ + u_char bits[64]; + U_LONG left; + U_LONG right; + int tabno; + int i; + int ind0, ind1, ind2, ind3; + int quadbits; + + bzero((char *)bits, sizeof bits); + + /* + * Do the rounds for the IPL table. We save the results of + * this as well as printing them. Note that this is the + * left-half table. + */ + printf("static U_LONG IP[8][16] = {"); + for (tabno = 0; tabno < 8; tabno++) { + i = tabno * 4; + ind3 = IPLbits[i] - 1; + ind2 = IPLbits[i+1] - 1; + ind1 = IPLbits[i+2] - 1; + ind0 = IPLbits[i+3] - 1; + for (quadbits = 0; quadbits < 16; quadbits++) { + if (quadbits & (1 << 3)) + bits[ind3] = 1; + if (quadbits & (1 << 2)) + bits[ind2] = 1; + if (quadbits & (1 << 1)) + bits[ind1] = 1; + if (quadbits & 1) + bits[ind0] = 1; + perm(bits, IP, &left, &right); + bits[ind3] = 0; + bits[ind2] = 0; + bits[ind1] = 0; + bits[ind0] = 0; + if (right != 0) { + fprintf(stderr, + "IPL tabno %d quad %d right not zero\n", + tabno, quadbits); + exit(1); + } + IPL[tabno][quadbits] = left; + if (quadbits == 15 && tabno == 7) { + printf(" 0x%08x", left); + } else if (quadbits & 0x3) { + printf(" 0x%08x,", left); + } else { + printf("\n\t0x%08x,", left); + } + } + if (tabno == 7) + printf("\n};\n"); + printf("\n"); + } + + /* + * Compute the right half of the same table. I noticed this table + * was the same as the previous one, just by luck, so we don't + * actually have to do this. Do it anyway just for a check. + */ + for (tabno = 0; tabno < 8; tabno++) { + i = tabno * 4; + ind3 = IPRbits[i] - 1; + ind2 = IPRbits[i+1] - 1; + ind1 = IPRbits[i+2] - 1; + ind0 = IPRbits[i+3] - 1; + for (quadbits = 0; quadbits < 16; quadbits++) { + if (quadbits & (1 << 3)) + bits[ind3] = 1; + if (quadbits & (1 << 2)) + bits[ind2] = 1; + if (quadbits & (1 << 1)) + bits[ind1] = 1; + if (quadbits & 1) + bits[ind0] = 1; + perm(bits, IP, &left, &right); + bits[ind3] = 0; + bits[ind2] = 0; + bits[ind1] = 0; + bits[ind0] = 0; + if (left != 0) { + fprintf(stderr, + "IPR tabno %d quad %d left not zero\n", + tabno, quadbits); + exit(1); + } + if (right != IPL[tabno][quadbits]) { + fprintf(stderr, + "IPR tabno %d quad %d: 0x%08x not same as 0x%08x\n", + tabno, quadbits, right,IPL[tabno][quadbits]); + exit(1); + } + } + } + + /* + * Next are the FP tables + */ + printf("static U_LONG FP[8][16] = {"); + for (tabno = 0; tabno < 8; tabno++) { + i = tabno * 4; + ind3 = FPLbits[i] - 1; + ind2 = FPLbits[i+1] - 1; + ind1 = FPLbits[i+2] - 1; + ind0 = FPLbits[i+3] - 1; + for (quadbits = 0; quadbits < 16; quadbits++) { + if (quadbits & (1 << 3)) + bits[ind3] = 1; + if (quadbits & (1 << 2)) + bits[ind2] = 1; + if (quadbits & (1 << 1)) + bits[ind1] = 1; + if (quadbits & 1) + bits[ind0] = 1; + perm(bits, FP, &left, &right); + bits[ind3] = 0; + bits[ind2] = 0; + bits[ind1] = 0; + bits[ind0] = 0; + if (right != 0) { + fprintf(stderr, + "FPL tabno %d quad %d right not zero\n", + tabno, quadbits); + exit(1); + } + FPL[tabno][quadbits] = left; + if (quadbits == 15 && tabno == 7) { + printf(" 0x%08x", left); + } else if (quadbits & 0x3) { + printf(" 0x%08x,", left); + } else { + printf("\n\t0x%08x,", left); + } + } + if (tabno == 7) + printf("\n};"); + printf("\n"); + } + + /* + * Right half of same set of tables. This was symmetric too. + * Amazing! + */ + for (tabno = 0; tabno < 8; tabno++) { + i = tabno * 4; + ind3 = FPRbits[i] - 1; + ind2 = FPRbits[i+1] - 1; + ind1 = FPRbits[i+2] - 1; + ind0 = FPRbits[i+3] - 1; + for (quadbits = 0; quadbits < 16; quadbits++) { + if (quadbits & (1 << 3)) + bits[ind3] = 1; + if (quadbits & (1 << 2)) + bits[ind2] = 1; + if (quadbits & (1 << 1)) + bits[ind1] = 1; + if (quadbits & 1) + bits[ind0] = 1; + perm(bits, FP, &left, &right); + bits[ind3] = 0; + bits[ind2] = 0; + bits[ind1] = 0; + bits[ind0] = 0; + if (left != 0) { + fprintf(stderr, + "FPR tabno %d quad %d left not zero\n", + tabno, quadbits); + exit(1); + } + if (right != FPL[tabno][quadbits]) { + fprintf(stderr, + "FPR tabno %d quad %d: 0x%08x not same as 0x%08x\n", + tabno, quadbits, right,FPL[tabno][quadbits]); + exit(1); + } + } + } +} diff --git a/usr.sbin/xntpd/authstuff/results b/usr.sbin/xntpd/authstuff/results new file mode 100644 index 0000000..305a179 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/results @@ -0,0 +1,2 @@ +odin/1000000: 0.000145 +idavolde/1000000: 0.000451 diff --git a/usr.sbin/xntpd/authstuff/unixcert.c b/usr.sbin/xntpd/authstuff/unixcert.c new file mode 100644 index 0000000..36234b1 --- /dev/null +++ b/usr.sbin/xntpd/authstuff/unixcert.c @@ -0,0 +1,156 @@ +/* unixcert.c,v 3.1 1993/07/06 01:05:14 jbj Exp + * This file, and the certdata file, shamelessly stolen + * from Phil Karn's DES implementation. + * + * This version uses the standard Unix setkey() and encrypt() + * routines to do the encryption. + */ + +#include +#include + +#include "ntp_stdlib.h" + +static void get8 P((U_LONG *)); +static void put8 P((U_LONG *)); +static void do_setkey P((U_LONG *)); +static void do_crypt P((U_LONG *, int)); + +void +main() +{ + U_LONG key[2], plain[2], cipher[2], answer[2]; + int i; + int test; + int fail; + + for(test=0;!feof(stdin);test++){ + get8(key); + do_setkey(key); + printf(" K: "); put8(key); + + get8(plain); + printf(" P: "); put8(plain); + + get8(answer); + printf(" C: "); put8(answer); + + + for(i=0;i<2;i++) + cipher[i] = plain[i]; + do_crypt(cipher, 0); + + for(i=0;i<2;i++) + if(cipher[i] != answer[i]) + break; + fail = 0; + if(i != 2){ + printf(" Encrypt FAIL"); + fail++; + } + do_crypt(cipher, 1); + for(i=0;i<2;i++) + if(cipher[i] != plain[i]) + break; + if(i != 2){ + printf(" Decrypt FAIL"); + fail++; + } + if(fail == 0) + printf(" OK"); + printf("\n"); + } +} + +static void +get8(lp) +U_LONG *lp; +{ + int t; + U_LONG l[2]; + int i; + + l[0] = l[1] = 0L; + for(i=0;i<8;i++){ + scanf("%2x",&t); + if(feof(stdin)) + exit(0); + l[i/4] <<= 8; + l[i/4] |= (U_LONG)(t & 0xff); + } + *lp = l[0]; + *(lp+1) = l[1]; +} + +static void +put8(lp) +U_LONG *lp; +{ + int i; + + + for(i=0;i<2;i++){ + printf("%08x",*lp++); + } +} + +static void +do_setkey(key) + U_LONG *key; +{ + int j; + register int i; + register char *kb; + register U_LONG *kp; + char keybits[64]; + + kb = keybits; + kp = key; + for (j = 0; j < 2; j++) { + for (i = 0; i < 32; i++) { + if (*kp & (1<<(31-i))) + *kb++ = 1; + else + *kb++ = 0; + } + kp++; + } + setkey(keybits); +} + +static void +do_crypt(data, edflag) + U_LONG *data; + int edflag; +{ + int j; + register int i; + register char *bp; + register U_LONG *dp; + char block[64]; + + bp = block; + dp = data; + for (j = 0; j < 2; j++) { + for (i = 0; i < 32; i++) { + if (*dp & (1<<(31-i))) + *bp++ = 1; + else + *bp++ = 0; + } + dp++; + } + + encrypt(block, edflag); + + bp = block; + dp = data; + for (j = 0; j < 2; j++) { + *dp = 0; + for (i = 0; i < 32; i++) { + if (*bp++) + *dp |= 1<<(31-i); + } + dp++; + } +} -- cgit v1.1