Cross Reference: /freebsd-9.3-release/secure/lib/libcrypt/crypt-des.c

Deleted Added

sdiff udiff text old ( 90868 ) new ( 91754 )

full compact

crypt-des.c (90868)	crypt-des.c (91754)
1/* 2 * FreeSec: libcrypt for NetBSD 3 * 4 * Copyright (c) 1994 David Burren 5 * All rights reserved. 6 * 7 * Adapted for FreeBSD-2.0 by Geoffrey M. Rehmet 8 * this file should now only export crypt(), in order to make 9 * binaries of libcrypt exportable from the USA 10 * 11 * Adapted for FreeBSD-4.0 by Mark R V Murray 12 * this file should now only export crypt_des(), in order to make 13 * a module that can be optionally included in libcrypt. 14 * 15 * Redistribution and use in source and binary forms, with or without 16 * modification, are permitted provided that the following conditions 17 * are met: 18 * 1. Redistributions of source code must retain the above copyright 19 * notice, this list of conditions and the following disclaimer. 20 * 2. Redistributions in binary form must reproduce the above copyright 21 * notice, this list of conditions and the following disclaimer in the 22 * documentation and/or other materials provided with the distribution. 23 * 3. Neither the name of the author nor the names of other contributors 24 * may be used to endorse or promote products derived from this software 25 * without specific prior written permission. 26 * 27 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 28 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 29 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 30 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * 39 * This is an original implementation of the DES and the crypt(3) interfaces 40 * by David Burren <davidb@werj.com.au>. 41 * 42 * An excellent reference on the underlying algorithm (and related 43 * algorithms) is: 44 * 45 * B. Schneier, Applied Cryptography: protocols, algorithms, 46 * and source code in C, John Wiley & Sons, 1994. 47 * 48 * Note that in that book's description of DES the lookups for the initial, 49 * pbox, and final permutations are inverted (this has been brought to the 50 * attention of the author). A list of errata for this book has been 51 * posted to the sci.crypt newsgroup by the author and is available for FTP. 52 * 53 * ARCHITECTURE ASSUMPTIONS: 54 * It is assumed that the 8-byte arrays passed by reference can be 55 * addressed as arrays of u_int32_t's (ie. the CPU is not picky about 56 * alignment). 57 */ 58 59#include <sys/cdefs.h>	1/* 2 * FreeSec: libcrypt for NetBSD 3 * 4 * Copyright (c) 1994 David Burren 5 * All rights reserved. 6 * 7 * Adapted for FreeBSD-2.0 by Geoffrey M. Rehmet 8 * this file should now only export crypt(), in order to make 9 * binaries of libcrypt exportable from the USA 10 * 11 * Adapted for FreeBSD-4.0 by Mark R V Murray 12 * this file should now only export crypt_des(), in order to make 13 * a module that can be optionally included in libcrypt. 14 * 15 * Redistribution and use in source and binary forms, with or without 16 * modification, are permitted provided that the following conditions 17 * are met: 18 * 1. Redistributions of source code must retain the above copyright 19 * notice, this list of conditions and the following disclaimer. 20 * 2. Redistributions in binary form must reproduce the above copyright 21 * notice, this list of conditions and the following disclaimer in the 22 * documentation and/or other materials provided with the distribution. 23 * 3. Neither the name of the author nor the names of other contributors 24 * may be used to endorse or promote products derived from this software 25 * without specific prior written permission. 26 * 27 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 28 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 29 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 30 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * 39 * This is an original implementation of the DES and the crypt(3) interfaces 40 * by David Burren <davidb@werj.com.au>. 41 * 42 * An excellent reference on the underlying algorithm (and related 43 * algorithms) is: 44 * 45 * B. Schneier, Applied Cryptography: protocols, algorithms, 46 * and source code in C, John Wiley & Sons, 1994. 47 * 48 * Note that in that book's description of DES the lookups for the initial, 49 * pbox, and final permutations are inverted (this has been brought to the 50 * attention of the author). A list of errata for this book has been 51 * posted to the sci.crypt newsgroup by the author and is available for FTP. 52 * 53 * ARCHITECTURE ASSUMPTIONS: 54 * It is assumed that the 8-byte arrays passed by reference can be 55 * addressed as arrays of u_int32_t's (ie. the CPU is not picky about 56 * alignment). 57 */ 58 59#include <sys/cdefs.h>
60__FBSDID("$FreeBSD: head/secure/lib/libcrypt/crypt-des.c 90868 2002-02-18 20:35:27Z mike $");	60__FBSDID("$FreeBSD: head/secure/lib/libcrypt/crypt-des.c 91754 2002-03-06 17:18:09Z markm $");
61 62#include <sys/types.h> 63#include <sys/param.h> 64#include <arpa/inet.h> 65#include <pwd.h> 66#include <string.h> 67#include "crypt.h" 68 69/* We can't always assume gcc */	61 62#include <sys/types.h> 63#include <sys/param.h> 64#include <arpa/inet.h> 65#include <pwd.h> 66#include <string.h> 67#include "crypt.h" 68 69/* We can't always assume gcc */
70#ifdef __GNUC__	70#if defined(__GNUC__) && !defined(lint)
71#define INLINE inline	71#define INLINE inline
	72#else 73#define INLINE
72#endif 73 74 75static u_char IP[64] = { 76 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 77 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 78 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 79 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 80}; 81 82static u_char inv_key_perm[64];	74#endif 75 76 77static u_char IP[64] = { 78 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 79 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 80 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 81 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 82}; 83 84static u_char inv_key_perm[64];
83static u_char u_key_perm[56];
84static u_char key_perm[56] = { 85 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 86 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, 87 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22, 88 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4 89}; 90 91static u_char key_shifts[16] = { 92 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1 93}; 94 95static u_char inv_comp_perm[56]; 96static u_char comp_perm[48] = { 97 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 98 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2, 99 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48, 100 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32 101}; 102 103/* 104 * No E box is used, as it's replaced by some ANDs, shifts, and ORs. 105 / 106* 107static u_char u_sbox[8][64]; 108static u_char sbox[8][64] = { 109 { 110 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7, 111 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8, 112 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0, 113 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13 114 }, 115 { 116 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10, 117 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5, 118 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15, 119 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9 120 }, 121 { 122 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8, 123 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1, 124 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7, 125 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12 126 }, 127 { 128 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15, 129 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9, 130 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4, 131 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14 132 }, 133 { 134 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9, 135 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6, 136 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14, 137 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3 138 }, 139 { 140 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11, 141 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8, 142 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6, 143 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13 144 }, 145 { 146 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1, 147 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6, 148 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2, 149 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12 150 }, 151 { 152 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7, 153 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2, 154 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8, 155 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 156 } 157}; 158 159static u_char un_pbox[32]; 160static u_char pbox[32] = { 161 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, 162 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25 163}; 164 165static u_int32_t bits32[32] = 166{ 167 0x80000000, 0x40000000, 0x20000000, 0x10000000, 168 0x08000000, 0x04000000, 0x02000000, 0x01000000, 169 0x00800000, 0x00400000, 0x00200000, 0x00100000, 170 0x00080000, 0x00040000, 0x00020000, 0x00010000, 171 0x00008000, 0x00004000, 0x00002000, 0x00001000, 172 0x00000800, 0x00000400, 0x00000200, 0x00000100, 173 0x00000080, 0x00000040, 0x00000020, 0x00000010, 174 0x00000008, 0x00000004, 0x00000002, 0x00000001 175}; 176 177static u_char bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 }; 178 179static u_int32_t saltbits;	85static u_char key_perm[56] = { 86 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 87 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, 88 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22, 89 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4 90}; 91 92static u_char key_shifts[16] = { 93 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1 94}; 95 96static u_char inv_comp_perm[56]; 97static u_char comp_perm[48] = { 98 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 99 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2, 100 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48, 101 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32 102}; 103 104/* 105 * No E box is used, as it's replaced by some ANDs, shifts, and ORs. 106 / 107* 108static u_char u_sbox[8][64]; 109static u_char sbox[8][64] = { 110 { 111 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7, 112 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8, 113 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0, 114 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13 115 }, 116 { 117 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10, 118 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5, 119 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15, 120 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9 121 }, 122 { 123 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8, 124 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1, 125 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7, 126 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12 127 }, 128 { 129 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15, 130 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9, 131 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4, 132 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14 133 }, 134 { 135 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9, 136 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6, 137 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14, 138 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3 139 }, 140 { 141 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11, 142 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8, 143 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6, 144 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13 145 }, 146 { 147 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1, 148 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6, 149 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2, 150 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12 151 }, 152 { 153 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7, 154 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2, 155 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8, 156 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 157 } 158}; 159 160static u_char un_pbox[32]; 161static u_char pbox[32] = { 162 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, 163 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25 164}; 165 166static u_int32_t bits32[32] = 167{ 168 0x80000000, 0x40000000, 0x20000000, 0x10000000, 169 0x08000000, 0x04000000, 0x02000000, 0x01000000, 170 0x00800000, 0x00400000, 0x00200000, 0x00100000, 171 0x00080000, 0x00040000, 0x00020000, 0x00010000, 172 0x00008000, 0x00004000, 0x00002000, 0x00001000, 173 0x00000800, 0x00000400, 0x00000200, 0x00000100, 174 0x00000080, 0x00000040, 0x00000020, 0x00000010, 175 0x00000008, 0x00000004, 0x00000002, 0x00000001 176}; 177 178static u_char bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 }; 179 180static u_int32_t saltbits;
180static long old_salt;	181static u_int32_t old_salt;
181static u_int32_t bits28, bits24; 182static u_char init_perm[64], final_perm[64]; 183static u_int32_t en_keysl[16], en_keysr[16]; 184static u_int32_t de_keysl[16], de_keysr[16]; 185static int des_initialised = 0; 186static u_char m_sbox[4][4096]; 187static u_int32_t psbox[4][256]; 188static u_int32_t ip_maskl[8][256], ip_maskr[8][256]; 189static u_int32_t fp_maskl[8][256], fp_maskr[8][256]; 190static u_int32_t key_perm_maskl[8][128], key_perm_maskr[8][128]; 191static u_int32_t comp_maskl[8][128], comp_maskr[8][128]; 192static u_int32_t old_rawkey0, old_rawkey1; 193 194static u_char ascii64[] = 195 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; 196/* 0000000000111111111122222222223333333333444444444455555555556666 / 197/ 0123456789012345678901234567890123456789012345678901234567890123 / 198* 199static INLINE int 200ascii_to_bin(char ch) 201{ 202 if (ch > 'z') 203 return(0); 204 if (ch >= 'a') 205 return(ch - 'a' + 38); 206 if (ch > 'Z') 207 return(0); 208 if (ch >= 'A') 209 return(ch - 'A' + 12); 210 if (ch > '9') 211 return(0); 212 if (ch >= '.') 213 return(ch - '.'); 214 return(0); 215} 216 217static void	182static u_int32_t bits28, bits24; 183static u_char init_perm[64], final_perm[64]; 184static u_int32_t en_keysl[16], en_keysr[16]; 185static u_int32_t de_keysl[16], de_keysr[16]; 186static int des_initialised = 0; 187static u_char m_sbox[4][4096]; 188static u_int32_t psbox[4][256]; 189static u_int32_t ip_maskl[8][256], ip_maskr[8][256]; 190static u_int32_t fp_maskl[8][256], fp_maskr[8][256]; 191static u_int32_t key_perm_maskl[8][128], key_perm_maskr[8][128]; 192static u_int32_t comp_maskl[8][128], comp_maskr[8][128]; 193static u_int32_t old_rawkey0, old_rawkey1; 194 195static u_char ascii64[] = 196 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; 197/* 0000000000111111111122222222223333333333444444444455555555556666 / 198/ 0123456789012345678901234567890123456789012345678901234567890123 / 199* 200static INLINE int 201ascii_to_bin(char ch) 202{ 203 if (ch > 'z') 204 return(0); 205 if (ch >= 'a') 206 return(ch - 'a' + 38); 207 if (ch > 'Z') 208 return(0); 209 if (ch >= 'A') 210 return(ch - 'A' + 12); 211 if (ch > '9') 212 return(0); 213 if (ch >= '.') 214 return(ch - '.'); 215 return(0); 216} 217 218static void
218des_init()	219des_init(void)
219{ 220 int i, j, b, k, inbit, obit; 221 u_int32_t p, il, ir, fl, fr; 222* 223 old_rawkey0 = old_rawkey1 = 0L; 224 saltbits = 0L; 225 old_salt = 0L; 226 bits24 = (bits28 = bits32 + 4) + 4; 227 228 /* 229 * Invert the S-boxes, reordering the input bits. 230 / 231* for (i = 0; i < 8; i++) 232 for (j = 0; j < 64; j++) { 233 b = (j & 0x20) \| ((j & 1) << 4) \| ((j >> 1) & 0xf); 234 u_sbox[i][j] = sbox[i][b]; 235 } 236 237 /* 238 * Convert the inverted S-boxes into 4 arrays of 8 bits. 239 * Each will handle 12 bits of the S-box input. 240 / 241* for (b = 0; b < 4; b++) 242 for (i = 0; i < 64; i++) 243 for (j = 0; j < 64; j++) 244 m_sbox[b][(i << 6) \| j] =	220{ 221 int i, j, b, k, inbit, obit; 222 u_int32_t p, il, ir, fl, fr; 223* 224 old_rawkey0 = old_rawkey1 = 0L; 225 saltbits = 0L; 226 old_salt = 0L; 227 bits24 = (bits28 = bits32 + 4) + 4; 228 229 /* 230 * Invert the S-boxes, reordering the input bits. 231 / 232* for (i = 0; i < 8; i++) 233 for (j = 0; j < 64; j++) { 234 b = (j & 0x20) \| ((j & 1) << 4) \| ((j >> 1) & 0xf); 235 u_sbox[i][j] = sbox[i][b]; 236 } 237 238 /* 239 * Convert the inverted S-boxes into 4 arrays of 8 bits. 240 * Each will handle 12 bits of the S-box input. 241 / 242* for (b = 0; b < 4; b++) 243 for (i = 0; i < 64; i++) 244 for (j = 0; j < 64; j++) 245 m_sbox[b][(i << 6) \| j] =
245 (u_sbox[(b << 1)][i] << 4) \| 246 u_sbox[(b << 1) + 1][j];	246 (u_char)((u_sbox[(b << 1)][i] << 4) \| 247 u_sbox[(b << 1) + 1][j]);
247 248 /* 249 * Set up the initial & final permutations into a useful form, and 250 * initialise the inverted key permutation. 251 / 252* for (i = 0; i < 64; i++) {	248 249 /* 250 * Set up the initial & final permutations into a useful form, and 251 * initialise the inverted key permutation. 252 / 253* for (i = 0; i < 64; i++) {
253 init_perm[final_perm[i] = IP[i] - 1] = i;	254 init_perm[final_perm[i] = IP[i] - 1] = (u_char)i;
254 inv_key_perm[i] = 255; 255 } 256 257 /* 258 * Invert the key permutation and initialise the inverted key 259 * compression permutation. 260 / 261* for (i = 0; i < 56; i++) {	255 inv_key_perm[i] = 255; 256 } 257 258 /* 259 * Invert the key permutation and initialise the inverted key 260 * compression permutation. 261 / 262* for (i = 0; i < 56; i++) {
262 u_key_perm[i] = key_perm[i] - 1; 263 inv_key_perm[key_perm[i] - 1] = i;	263 inv_key_perm[key_perm[i] - 1] = (u_char)i;
264 inv_comp_perm[i] = 255; 265 } 266 267 /* 268 * Invert the key compression permutation. 269 / 270* for (i = 0; i < 48; i++) {	264 inv_comp_perm[i] = 255; 265 } 266 267 /* 268 * Invert the key compression permutation. 269 / 270* for (i = 0; i < 48; i++) {
271 inv_comp_perm[comp_perm[i] - 1] = i;	271 inv_comp_perm[comp_perm[i] - 1] = (u_char)i;
272 } 273 274 /* 275 * Set up the OR-mask arrays for the initial and final permutations, 276 * and for the key initial and compression permutations. 277 / 278* for (k = 0; k < 8; k++) { 279 for (i = 0; i < 256; i++) { 280 (il = &ip_maskl[k][i]) = 0L; 281* (ir = &ip_maskr[k][i]) = 0L; 282* (fl = &fp_maskl[k][i]) = 0L; 283* (fr = &fp_maskr[k][i]) = 0L; 284* for (j = 0; j < 8; j++) { 285 inbit = 8 * k + j; 286 if (i & bits8[j]) { 287 if ((obit = init_perm[inbit]) < 32) 288 il \|= bits32[obit]; 289* else 290 ir \|= bits32[obit-32]; 291* if ((obit = final_perm[inbit]) < 32) 292 fl \|= bits32[obit]; 293* else 294 fr \|= bits32[obit - 32]; 295* } 296 } 297 } 298 for (i = 0; i < 128; i++) { 299 (il = &key_perm_maskl[k][i]) = 0L; 300* (ir = &key_perm_maskr[k][i]) = 0L; 301* for (j = 0; j < 7; j++) { 302 inbit = 8 * k + j; 303 if (i & bits8[j + 1]) { 304 if ((obit = inv_key_perm[inbit]) == 255) 305 continue; 306 if (obit < 28) 307 il \|= bits28[obit]; 308* else 309 ir \|= bits28[obit - 28]; 310* } 311 } 312 (il = &comp_maskl[k][i]) = 0L; 313* (ir = &comp_maskr[k][i]) = 0L; 314* for (j = 0; j < 7; j++) { 315 inbit = 7 * k + j; 316 if (i & bits8[j + 1]) { 317 if ((obit=inv_comp_perm[inbit]) == 255) 318 continue; 319 if (obit < 24) 320 il \|= bits24[obit]; 321* else 322 ir \|= bits24[obit - 24]; 323* } 324 } 325 } 326 } 327 328 /* 329 * Invert the P-box permutation, and convert into OR-masks for 330 * handling the output of the S-box arrays setup above. 331 / 332* for (i = 0; i < 32; i++)	272 } 273 274 /* 275 * Set up the OR-mask arrays for the initial and final permutations, 276 * and for the key initial and compression permutations. 277 / 278* for (k = 0; k < 8; k++) { 279 for (i = 0; i < 256; i++) { 280 (il = &ip_maskl[k][i]) = 0L; 281* (ir = &ip_maskr[k][i]) = 0L; 282* (fl = &fp_maskl[k][i]) = 0L; 283* (fr = &fp_maskr[k][i]) = 0L; 284* for (j = 0; j < 8; j++) { 285 inbit = 8 * k + j; 286 if (i & bits8[j]) { 287 if ((obit = init_perm[inbit]) < 32) 288 il \|= bits32[obit]; 289* else 290 ir \|= bits32[obit-32]; 291* if ((obit = final_perm[inbit]) < 32) 292 fl \|= bits32[obit]; 293* else 294 fr \|= bits32[obit - 32]; 295* } 296 } 297 } 298 for (i = 0; i < 128; i++) { 299 (il = &key_perm_maskl[k][i]) = 0L; 300* (ir = &key_perm_maskr[k][i]) = 0L; 301* for (j = 0; j < 7; j++) { 302 inbit = 8 * k + j; 303 if (i & bits8[j + 1]) { 304 if ((obit = inv_key_perm[inbit]) == 255) 305 continue; 306 if (obit < 28) 307 il \|= bits28[obit]; 308* else 309 ir \|= bits28[obit - 28]; 310* } 311 } 312 (il = &comp_maskl[k][i]) = 0L; 313* (ir = &comp_maskr[k][i]) = 0L; 314* for (j = 0; j < 7; j++) { 315 inbit = 7 * k + j; 316 if (i & bits8[j + 1]) { 317 if ((obit=inv_comp_perm[inbit]) == 255) 318 continue; 319 if (obit < 24) 320 il \|= bits24[obit]; 321* else 322 ir \|= bits24[obit - 24]; 323* } 324 } 325 } 326 } 327 328 /* 329 * Invert the P-box permutation, and convert into OR-masks for 330 * handling the output of the S-box arrays setup above. 331 / 332* for (i = 0; i < 32; i++)
333 un_pbox[pbox[i] - 1] = i;	333 un_pbox[pbox[i] - 1] = (u_char)i;
334 335 for (b = 0; b < 4; b++) 336 for (i = 0; i < 256; i++) { 337 (p = &psbox[b][i]) = 0L; 338* for (j = 0; j < 8; j++) { 339 if (i & bits8[j]) 340 p \|= bits32[un_pbox[8 b + j]]; 341 } 342 } 343 344 des_initialised = 1; 345} 346 347static void	334 335 for (b = 0; b < 4; b++) 336 for (i = 0; i < 256; i++) { 337 (p = &psbox[b][i]) = 0L; 338* for (j = 0; j < 8; j++) { 339 if (i & bits8[j]) 340 p \|= bits32[un_pbox[8 b + j]]; 341 } 342 } 343 344 des_initialised = 1; 345} 346 347static void
348setup_salt(long salt)	348setup_salt(u_int32_t salt)
349{ 350 u_int32_t obit, saltbit; 351 int i; 352 353 if (salt == old_salt) 354 return; 355 old_salt = salt; 356 357 saltbits = 0L; 358 saltbit = 1; 359 obit = 0x800000; 360 for (i = 0; i < 24; i++) { 361 if (salt & saltbit) 362 saltbits \|= obit; 363 saltbit <<= 1; 364 obit >>= 1; 365 } 366} 367 368static int 369des_setkey(const char key) 370{ 371* u_int32_t k0, k1, rawkey0, rawkey1; 372 int shifts, round; 373 374 if (!des_initialised) 375 des_init(); 376	349{ 350 u_int32_t obit, saltbit; 351 int i; 352 353 if (salt == old_salt) 354 return; 355 old_salt = salt; 356 357 saltbits = 0L; 358 saltbit = 1; 359 obit = 0x800000; 360 for (i = 0; i < 24; i++) { 361 if (salt & saltbit) 362 saltbits \|= obit; 363 saltbit <<= 1; 364 obit >>= 1; 365 } 366} 367 368static int 369des_setkey(const char key) 370{ 371* u_int32_t k0, k1, rawkey0, rawkey1; 372 int shifts, round; 373 374 if (!des_initialised) 375 des_init(); 376
377 rawkey0 = ntohl((u_int32_t ) key); 378 rawkey1 = ntohl((u_int32_t ) (key + 4));	377 rawkey0 = ntohl((const u_int32_t ) key); 378 rawkey1 = ntohl((const u_int32_t ) (key + 4));
379 380 if ((rawkey0 \| rawkey1) 381 && rawkey0 == old_rawkey0 382 && rawkey1 == old_rawkey1) { 383 /* 384 * Already setup for this key. 385 * This optimisation fails on a zero key (which is weak and 386 * has bad parity anyway) in order to simplify the starting 387 * conditions. 388 / 389* return(0); 390 } 391 old_rawkey0 = rawkey0; 392 old_rawkey1 = rawkey1; 393 394 /* 395 * Do key permutation and split into two 28-bit subkeys. 396 / 397* k0 = key_perm_maskl[0][rawkey0 >> 25] 398 \| key_perm_maskl[1][(rawkey0 >> 17) & 0x7f] 399 \| key_perm_maskl[2][(rawkey0 >> 9) & 0x7f] 400 \| key_perm_maskl[3][(rawkey0 >> 1) & 0x7f] 401 \| key_perm_maskl[4][rawkey1 >> 25] 402 \| key_perm_maskl[5][(rawkey1 >> 17) & 0x7f] 403 \| key_perm_maskl[6][(rawkey1 >> 9) & 0x7f] 404 \| key_perm_maskl[7][(rawkey1 >> 1) & 0x7f]; 405 k1 = key_perm_maskr[0][rawkey0 >> 25] 406 \| key_perm_maskr[1][(rawkey0 >> 17) & 0x7f] 407 \| key_perm_maskr[2][(rawkey0 >> 9) & 0x7f] 408 \| key_perm_maskr[3][(rawkey0 >> 1) & 0x7f] 409 \| key_perm_maskr[4][rawkey1 >> 25] 410 \| key_perm_maskr[5][(rawkey1 >> 17) & 0x7f] 411 \| key_perm_maskr[6][(rawkey1 >> 9) & 0x7f] 412 \| key_perm_maskr[7][(rawkey1 >> 1) & 0x7f]; 413 /* 414 * Rotate subkeys and do compression permutation. 415 / 416* shifts = 0; 417 for (round = 0; round < 16; round++) { 418 u_int32_t t0, t1; 419 420 shifts += key_shifts[round]; 421 422 t0 = (k0 << shifts) \| (k0 >> (28 - shifts)); 423 t1 = (k1 << shifts) \| (k1 >> (28 - shifts)); 424 425 de_keysl[15 - round] = 426 en_keysl[round] = comp_maskl[0][(t0 >> 21) & 0x7f] 427 \| comp_maskl[1][(t0 >> 14) & 0x7f] 428 \| comp_maskl[2][(t0 >> 7) & 0x7f] 429 \| comp_maskl[3][t0 & 0x7f] 430 \| comp_maskl[4][(t1 >> 21) & 0x7f] 431 \| comp_maskl[5][(t1 >> 14) & 0x7f] 432 \| comp_maskl[6][(t1 >> 7) & 0x7f] 433 \| comp_maskl[7][t1 & 0x7f]; 434 435 de_keysr[15 - round] = 436 en_keysr[round] = comp_maskr[0][(t0 >> 21) & 0x7f] 437 \| comp_maskr[1][(t0 >> 14) & 0x7f] 438 \| comp_maskr[2][(t0 >> 7) & 0x7f] 439 \| comp_maskr[3][t0 & 0x7f] 440 \| comp_maskr[4][(t1 >> 21) & 0x7f] 441 \| comp_maskr[5][(t1 >> 14) & 0x7f] 442 \| comp_maskr[6][(t1 >> 7) & 0x7f] 443 \| comp_maskr[7][t1 & 0x7f]; 444 } 445 return(0); 446} 447 448static int 449do_des( u_int32_t l_in, u_int32_t r_in, u_int32_t l_out, u_int32_t r_out, int count) 450{ 451 /* 452 * l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format. 453 / 454* u_int32_t l, r, kl, kr, kl1, kr1; 455 u_int32_t f, r48l, r48r; 456 int round; 457 458 if (count == 0) { 459 return(1); 460 } else if (count > 0) { 461 /* 462 * Encrypting 463 / 464* kl1 = en_keysl; 465 kr1 = en_keysr; 466 } else { 467 /* 468 * Decrypting 469 / 470* count = -count; 471 kl1 = de_keysl; 472 kr1 = de_keysr; 473 } 474 475 /* 476 * Do initial permutation (IP). 477 / 478* l = ip_maskl[0][l_in >> 24] 479 \| ip_maskl[1][(l_in >> 16) & 0xff] 480 \| ip_maskl[2][(l_in >> 8) & 0xff] 481 \| ip_maskl[3][l_in & 0xff] 482 \| ip_maskl[4][r_in >> 24] 483 \| ip_maskl[5][(r_in >> 16) & 0xff] 484 \| ip_maskl[6][(r_in >> 8) & 0xff] 485 \| ip_maskl[7][r_in & 0xff]; 486 r = ip_maskr[0][l_in >> 24] 487 \| ip_maskr[1][(l_in >> 16) & 0xff] 488 \| ip_maskr[2][(l_in >> 8) & 0xff] 489 \| ip_maskr[3][l_in & 0xff] 490 \| ip_maskr[4][r_in >> 24] 491 \| ip_maskr[5][(r_in >> 16) & 0xff] 492 \| ip_maskr[6][(r_in >> 8) & 0xff] 493 \| ip_maskr[7][r_in & 0xff]; 494 495 while (count--) { 496 /* 497 * Do each round. 498 / 499* kl = kl1; 500 kr = kr1; 501 round = 16; 502 while (round--) { 503 /* 504 * Expand R to 48 bits (simulate the E-box). 505 / 506* r48l = ((r & 0x00000001) << 23) 507 \| ((r & 0xf8000000) >> 9) 508 \| ((r & 0x1f800000) >> 11) 509 \| ((r & 0x01f80000) >> 13) 510 \| ((r & 0x001f8000) >> 15); 511 512 r48r = ((r & 0x0001f800) << 7) 513 \| ((r & 0x00001f80) << 5) 514 \| ((r & 0x000001f8) << 3) 515 \| ((r & 0x0000001f) << 1) 516 \| ((r & 0x80000000) >> 31); 517 /* 518 * Do salting for crypt() and friends, and 519 * XOR with the permuted key. 520 / 521* f = (r48l ^ r48r) & saltbits; 522 r48l ^= f ^ kl++; 523* r48r ^= f ^ kr++; 524* /* 525 * Do sbox lookups (which shrink it back to 32 bits) 526 * and do the pbox permutation at the same time. 527 / 528* f = psbox[0][m_sbox[0][r48l >> 12]] 529 \| psbox[1][m_sbox[1][r48l & 0xfff]] 530 \| psbox[2][m_sbox[2][r48r >> 12]] 531 \| psbox[3][m_sbox[3][r48r & 0xfff]]; 532 /* 533 * Now that we've permuted things, complete f(). 534 / 535* f ^= l; 536 l = r; 537 r = f; 538 } 539 r = l; 540 l = f; 541 } 542 /* 543 * Do final permutation (inverse of IP). 544 / 545* l_out = fp_maskl[0][l >> 24] 546* \| fp_maskl[1][(l >> 16) & 0xff] 547 \| fp_maskl[2][(l >> 8) & 0xff] 548 \| fp_maskl[3][l & 0xff] 549 \| fp_maskl[4][r >> 24] 550 \| fp_maskl[5][(r >> 16) & 0xff] 551 \| fp_maskl[6][(r >> 8) & 0xff] 552 \| fp_maskl[7][r & 0xff]; 553 r_out = fp_maskr[0][l >> 24] 554* \| fp_maskr[1][(l >> 16) & 0xff] 555 \| fp_maskr[2][(l >> 8) & 0xff] 556 \| fp_maskr[3][l & 0xff] 557 \| fp_maskr[4][r >> 24] 558 \| fp_maskr[5][(r >> 16) & 0xff] 559 \| fp_maskr[6][(r >> 8) & 0xff] 560 \| fp_maskr[7][r & 0xff]; 561 return(0); 562} 563 564static int	379 380 if ((rawkey0 \| rawkey1) 381 && rawkey0 == old_rawkey0 382 && rawkey1 == old_rawkey1) { 383 /* 384 * Already setup for this key. 385 * This optimisation fails on a zero key (which is weak and 386 * has bad parity anyway) in order to simplify the starting 387 * conditions. 388 / 389* return(0); 390 } 391 old_rawkey0 = rawkey0; 392 old_rawkey1 = rawkey1; 393 394 /* 395 * Do key permutation and split into two 28-bit subkeys. 396 / 397* k0 = key_perm_maskl[0][rawkey0 >> 25] 398 \| key_perm_maskl[1][(rawkey0 >> 17) & 0x7f] 399 \| key_perm_maskl[2][(rawkey0 >> 9) & 0x7f] 400 \| key_perm_maskl[3][(rawkey0 >> 1) & 0x7f] 401 \| key_perm_maskl[4][rawkey1 >> 25] 402 \| key_perm_maskl[5][(rawkey1 >> 17) & 0x7f] 403 \| key_perm_maskl[6][(rawkey1 >> 9) & 0x7f] 404 \| key_perm_maskl[7][(rawkey1 >> 1) & 0x7f]; 405 k1 = key_perm_maskr[0][rawkey0 >> 25] 406 \| key_perm_maskr[1][(rawkey0 >> 17) & 0x7f] 407 \| key_perm_maskr[2][(rawkey0 >> 9) & 0x7f] 408 \| key_perm_maskr[3][(rawkey0 >> 1) & 0x7f] 409 \| key_perm_maskr[4][rawkey1 >> 25] 410 \| key_perm_maskr[5][(rawkey1 >> 17) & 0x7f] 411 \| key_perm_maskr[6][(rawkey1 >> 9) & 0x7f] 412 \| key_perm_maskr[7][(rawkey1 >> 1) & 0x7f]; 413 /* 414 * Rotate subkeys and do compression permutation. 415 / 416* shifts = 0; 417 for (round = 0; round < 16; round++) { 418 u_int32_t t0, t1; 419 420 shifts += key_shifts[round]; 421 422 t0 = (k0 << shifts) \| (k0 >> (28 - shifts)); 423 t1 = (k1 << shifts) \| (k1 >> (28 - shifts)); 424 425 de_keysl[15 - round] = 426 en_keysl[round] = comp_maskl[0][(t0 >> 21) & 0x7f] 427 \| comp_maskl[1][(t0 >> 14) & 0x7f] 428 \| comp_maskl[2][(t0 >> 7) & 0x7f] 429 \| comp_maskl[3][t0 & 0x7f] 430 \| comp_maskl[4][(t1 >> 21) & 0x7f] 431 \| comp_maskl[5][(t1 >> 14) & 0x7f] 432 \| comp_maskl[6][(t1 >> 7) & 0x7f] 433 \| comp_maskl[7][t1 & 0x7f]; 434 435 de_keysr[15 - round] = 436 en_keysr[round] = comp_maskr[0][(t0 >> 21) & 0x7f] 437 \| comp_maskr[1][(t0 >> 14) & 0x7f] 438 \| comp_maskr[2][(t0 >> 7) & 0x7f] 439 \| comp_maskr[3][t0 & 0x7f] 440 \| comp_maskr[4][(t1 >> 21) & 0x7f] 441 \| comp_maskr[5][(t1 >> 14) & 0x7f] 442 \| comp_maskr[6][(t1 >> 7) & 0x7f] 443 \| comp_maskr[7][t1 & 0x7f]; 444 } 445 return(0); 446} 447 448static int 449do_des( u_int32_t l_in, u_int32_t r_in, u_int32_t l_out, u_int32_t r_out, int count) 450{ 451 /* 452 * l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format. 453 / 454* u_int32_t l, r, kl, kr, kl1, kr1; 455 u_int32_t f, r48l, r48r; 456 int round; 457 458 if (count == 0) { 459 return(1); 460 } else if (count > 0) { 461 /* 462 * Encrypting 463 / 464* kl1 = en_keysl; 465 kr1 = en_keysr; 466 } else { 467 /* 468 * Decrypting 469 / 470* count = -count; 471 kl1 = de_keysl; 472 kr1 = de_keysr; 473 } 474 475 /* 476 * Do initial permutation (IP). 477 / 478* l = ip_maskl[0][l_in >> 24] 479 \| ip_maskl[1][(l_in >> 16) & 0xff] 480 \| ip_maskl[2][(l_in >> 8) & 0xff] 481 \| ip_maskl[3][l_in & 0xff] 482 \| ip_maskl[4][r_in >> 24] 483 \| ip_maskl[5][(r_in >> 16) & 0xff] 484 \| ip_maskl[6][(r_in >> 8) & 0xff] 485 \| ip_maskl[7][r_in & 0xff]; 486 r = ip_maskr[0][l_in >> 24] 487 \| ip_maskr[1][(l_in >> 16) & 0xff] 488 \| ip_maskr[2][(l_in >> 8) & 0xff] 489 \| ip_maskr[3][l_in & 0xff] 490 \| ip_maskr[4][r_in >> 24] 491 \| ip_maskr[5][(r_in >> 16) & 0xff] 492 \| ip_maskr[6][(r_in >> 8) & 0xff] 493 \| ip_maskr[7][r_in & 0xff]; 494 495 while (count--) { 496 /* 497 * Do each round. 498 / 499* kl = kl1; 500 kr = kr1; 501 round = 16; 502 while (round--) { 503 /* 504 * Expand R to 48 bits (simulate the E-box). 505 / 506* r48l = ((r & 0x00000001) << 23) 507 \| ((r & 0xf8000000) >> 9) 508 \| ((r & 0x1f800000) >> 11) 509 \| ((r & 0x01f80000) >> 13) 510 \| ((r & 0x001f8000) >> 15); 511 512 r48r = ((r & 0x0001f800) << 7) 513 \| ((r & 0x00001f80) << 5) 514 \| ((r & 0x000001f8) << 3) 515 \| ((r & 0x0000001f) << 1) 516 \| ((r & 0x80000000) >> 31); 517 /* 518 * Do salting for crypt() and friends, and 519 * XOR with the permuted key. 520 / 521* f = (r48l ^ r48r) & saltbits; 522 r48l ^= f ^ kl++; 523* r48r ^= f ^ kr++; 524* /* 525 * Do sbox lookups (which shrink it back to 32 bits) 526 * and do the pbox permutation at the same time. 527 / 528* f = psbox[0][m_sbox[0][r48l >> 12]] 529 \| psbox[1][m_sbox[1][r48l & 0xfff]] 530 \| psbox[2][m_sbox[2][r48r >> 12]] 531 \| psbox[3][m_sbox[3][r48r & 0xfff]]; 532 /* 533 * Now that we've permuted things, complete f(). 534 / 535* f ^= l; 536 l = r; 537 r = f; 538 } 539 r = l; 540 l = f; 541 } 542 /* 543 * Do final permutation (inverse of IP). 544 / 545* l_out = fp_maskl[0][l >> 24] 546* \| fp_maskl[1][(l >> 16) & 0xff] 547 \| fp_maskl[2][(l >> 8) & 0xff] 548 \| fp_maskl[3][l & 0xff] 549 \| fp_maskl[4][r >> 24] 550 \| fp_maskl[5][(r >> 16) & 0xff] 551 \| fp_maskl[6][(r >> 8) & 0xff] 552 \| fp_maskl[7][r & 0xff]; 553 r_out = fp_maskr[0][l >> 24] 554* \| fp_maskr[1][(l >> 16) & 0xff] 555 \| fp_maskr[2][(l >> 8) & 0xff] 556 \| fp_maskr[3][l & 0xff] 557 \| fp_maskr[4][r >> 24] 558 \| fp_maskr[5][(r >> 16) & 0xff] 559 \| fp_maskr[6][(r >> 8) & 0xff] 560 \| fp_maskr[7][r & 0xff]; 561 return(0); 562} 563 564static int
565des_cipher(const char in, char out, long salt, int count)	565des_cipher(const char in, char out, u_long salt, int count)
566{ 567 u_int32_t l_out, r_out, rawl, rawr; 568 int retval;	566{ 567 u_int32_t l_out, r_out, rawl, rawr; 568 int retval;
	569 union { 570 u_int32_t ui32; 571* const char c; 572* } trans;
569 570 if (!des_initialised) 571 des_init(); 572 573 setup_salt(salt); 574	573 574 if (!des_initialised) 575 des_init(); 576 577 setup_salt(salt); 578
575 rawl = ntohl(((u_int32_t ) in)++); 576 rawr = ntohl(((u_int32_t ) in));	579 trans.c = in; 580 rawl = ntohl(trans.ui32++); 581* rawr = ntohl(*trans.ui32);
577 578 retval = do_des(rawl, rawr, &l_out, &r_out, count); 579	582 583 retval = do_des(rawl, rawr, &l_out, &r_out, count); 584
580 ((u_int32_t ) out)++ = htonl(l_out); 581 ((u_int32_t ) out) = htonl(r_out);	585 trans.c = out; 586 trans.ui32++ = htonl(l_out); 587* *trans.ui32 = htonl(r_out);
582 return(retval); 583} 584 585char * 586crypt_des(const char key, const char setting) 587{ 588 int i; 589 u_int32_t count, salt, l, r0, r1, keybuf[2]; 590 u_char p, q;	588 return(retval); 589} 590 591char * 592crypt_des(const char key, const char setting) 593{ 594 int i; 595 u_int32_t count, salt, l, r0, r1, keybuf[2]; 596 u_char p, q;
591 static u_char output[21];	597 static char output[21];
592 593 if (!des_initialised) 594 des_init(); 595	598 599 if (!des_initialised) 600 des_init(); 601
596
597 /* 598 * Copy the key, shifting each character up by one bit 599 * and padding with zeros. 600 */	602 /* 603 * Copy the key, shifting each character up by one bit 604 * and padding with zeros. 605 */
601 q = (u_char ) keybuf; 602* while (q - (u_char ) keybuf - 8) { 603* if ((q++ = key << 1))	606 q = (u_char )keybuf; 607* while (q - (u_char )keybuf - 8) { 608* q++ = key << 1; 609 if (*(q - 1))
604 key++; 605 }	610 key++; 611 }
606 if (des_setkey((u_char *) keybuf))	612 if (des_setkey((char *)keybuf))
607 return(NULL); 608 609 if (setting == _PASSWORD_EFMT1) { 610* /* 611 * "new"-style: 612 * setting - underscore, 4 bytes of count, 4 bytes of salt 613 * key - unlimited characters 614 / 615* for (i = 1, count = 0L; i < 5; i++)	613 return(NULL); 614 615 if (setting == _PASSWORD_EFMT1) { 616* /* 617 * "new"-style: 618 * setting - underscore, 4 bytes of count, 4 bytes of salt 619 * key - unlimited characters 620 / 621* for (i = 1, count = 0L; i < 5; i++)
616 count \|= ascii_to_bin(setting[i]) << (i - 1) * 6;	622 count \|= ascii_to_bin(setting[i]) << ((i - 1) * 6);
617 618 for (i = 5, salt = 0L; i < 9; i++)	623 624 for (i = 5, salt = 0L; i < 9; i++)
619 salt \|= ascii_to_bin(setting[i]) << (i - 5) * 6;	625 salt \|= ascii_to_bin(setting[i]) << ((i - 5) * 6);
620 621 while (key) { 622* /* 623 * Encrypt the key with itself. 624 */	626 627 while (key) { 628* /* 629 * Encrypt the key with itself. 630 */
625 if (des_cipher((u_char)keybuf, (u_char)keybuf, 0L, 1))	631 if (des_cipher((char )keybuf, (char )keybuf, 0L, 1))
626 return(NULL); 627 /* 628 * And XOR with the next 8 characters of the key. 629 */	632 return(NULL); 633 /* 634 * And XOR with the next 8 characters of the key. 635 */
630 q = (u_char ) keybuf; 631* while (q - (u_char ) keybuf - 8 && key)	636 q = (u_char )keybuf; 637* while (q - (u_char )keybuf - 8 && key)
632 q++ ^= key++ << 1; 633	638 q++ ^= key++ << 1; 639
634 if (des_setkey((u_char *) keybuf))	640 if (des_setkey((char *)keybuf))
635 return(NULL); 636 } 637 strncpy(output, setting, 9); 638 639 /* 640 * Double check that we weren't given a short setting. 641 * If we were, the above code will probably have created 642 * wierd values for count and salt, but we don't really care. 643 * Just make sure the output string doesn't have an extra 644 * NUL in it. 645 / 646* output[9] = '\0';	641 return(NULL); 642 } 643 strncpy(output, setting, 9); 644 645 /* 646 * Double check that we weren't given a short setting. 647 * If we were, the above code will probably have created 648 * wierd values for count and salt, but we don't really care. 649 * Just make sure the output string doesn't have an extra 650 * NUL in it. 651 / 652* output[9] = '\0';
647 p = output + strlen(output);	653 p = (u_char *)output + strlen(output);
648 } else { 649 /* 650 * "old"-style: 651 * setting - 2 bytes of salt 652 * key - up to 8 characters 653 / 654* count = 25; 655 656 salt = (ascii_to_bin(setting[1]) << 6) 657 \| ascii_to_bin(setting[0]); 658 659 output[0] = setting[0]; 660 /* 661 * If the encrypted password that the salt was extracted from 662 * is only 1 character long, the salt will be corrupted. We 663 * need to ensure that the output string doesn't have an extra 664 * NUL in it! 665 / 666* output[1] = setting[1] ? setting[1] : output[0]; 667	654 } else { 655 /* 656 * "old"-style: 657 * setting - 2 bytes of salt 658 * key - up to 8 characters 659 / 660* count = 25; 661 662 salt = (ascii_to_bin(setting[1]) << 6) 663 \| ascii_to_bin(setting[0]); 664 665 output[0] = setting[0]; 666 /* 667 * If the encrypted password that the salt was extracted from 668 * is only 1 character long, the salt will be corrupted. We 669 * need to ensure that the output string doesn't have an extra 670 * NUL in it! 671 / 672* output[1] = setting[1] ? setting[1] : output[0]; 673
668 p = output + 2;	674 p = (u_char *)output + 2;
669 } 670 setup_salt(salt); 671 /* 672 * Do it. 673 */	675 } 676 setup_salt(salt); 677 /* 678 * Do it. 679 */
674 if (do_des(0L, 0L, &r0, &r1, count))	680 if (do_des(0L, 0L, &r0, &r1, (int)count))
675 return(NULL); 676 /* 677 * Now encode the result... 678 / 679* l = (r0 >> 8); 680 p++ = ascii64[(l >> 18) & 0x3f]; 681* p++ = ascii64[(l >> 12) & 0x3f]; 682* p++ = ascii64[(l >> 6) & 0x3f]; 683* p++ = ascii64[l & 0x3f]; 684* 685 l = (r0 << 16) \| ((r1 >> 16) & 0xffff); 686 p++ = ascii64[(l >> 18) & 0x3f]; 687* p++ = ascii64[(l >> 12) & 0x3f]; 688* p++ = ascii64[(l >> 6) & 0x3f]; 689* p++ = ascii64[l & 0x3f]; 690* 691 l = r1 << 2; 692 p++ = ascii64[(l >> 12) & 0x3f]; 693* p++ = ascii64[(l >> 6) & 0x3f]; 694* p++ = ascii64[l & 0x3f]; 695* p = 0; 696* 697 return(output); 698}	681 return(NULL); 682 /* 683 * Now encode the result... 684 / 685* l = (r0 >> 8); 686 p++ = ascii64[(l >> 18) & 0x3f]; 687* p++ = ascii64[(l >> 12) & 0x3f]; 688* p++ = ascii64[(l >> 6) & 0x3f]; 689* p++ = ascii64[l & 0x3f]; 690* 691 l = (r0 << 16) \| ((r1 >> 16) & 0xffff); 692 p++ = ascii64[(l >> 18) & 0x3f]; 693* p++ = ascii64[(l >> 12) & 0x3f]; 694* p++ = ascii64[(l >> 6) & 0x3f]; 695* p++ = ascii64[l & 0x3f]; 696* 697 l = r1 << 2; 698 p++ = ascii64[(l >> 12) & 0x3f]; 699* p++ = ascii64[(l >> 6) & 0x3f]; 700* p++ = ascii64[l & 0x3f]; 701* p = 0; 702* 703 return(output); 704}