crypt-des.c (90868) | crypt-des.c (91754) |
---|---|
1/* 2 * FreeSec: libcrypt for NetBSD 3 * 4 * Copyright (c) 1994 David Burren 5 * All rights reserved. 6 * 7 * Adapted for FreeBSD-2.0 by Geoffrey M. Rehmet 8 * this file should now *only* export crypt(), in order to make --- 43 unchanged lines hidden (view full) --- 52 * 53 * ARCHITECTURE ASSUMPTIONS: 54 * It is assumed that the 8-byte arrays passed by reference can be 55 * addressed as arrays of u_int32_t's (ie. the CPU is not picky about 56 * alignment). 57 */ 58 59#include <sys/cdefs.h> | 1/* 2 * FreeSec: libcrypt for NetBSD 3 * 4 * Copyright (c) 1994 David Burren 5 * All rights reserved. 6 * 7 * Adapted for FreeBSD-2.0 by Geoffrey M. Rehmet 8 * this file should now *only* export crypt(), in order to make --- 43 unchanged lines hidden (view full) --- 52 * 53 * ARCHITECTURE ASSUMPTIONS: 54 * It is assumed that the 8-byte arrays passed by reference can be 55 * addressed as arrays of u_int32_t's (ie. the CPU is not picky about 56 * alignment). 57 */ 58 59#include <sys/cdefs.h> |
60__FBSDID("$FreeBSD: head/secure/lib/libcrypt/crypt-des.c 90868 2002-02-18 20:35:27Z mike $"); | 60__FBSDID("$FreeBSD: head/secure/lib/libcrypt/crypt-des.c 91754 2002-03-06 17:18:09Z markm $"); |
61 62#include <sys/types.h> 63#include <sys/param.h> 64#include <arpa/inet.h> 65#include <pwd.h> 66#include <string.h> 67#include "crypt.h" 68 69/* We can't always assume gcc */ | 61 62#include <sys/types.h> 63#include <sys/param.h> 64#include <arpa/inet.h> 65#include <pwd.h> 66#include <string.h> 67#include "crypt.h" 68 69/* We can't always assume gcc */ |
70#ifdef __GNUC__ | 70#if defined(__GNUC__) && !defined(lint) |
71#define INLINE inline | 71#define INLINE inline |
72#else 73#define INLINE |
|
72#endif 73 74 75static u_char IP[64] = { 76 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 77 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 78 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 79 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 80}; 81 82static u_char inv_key_perm[64]; | 74#endif 75 76 77static u_char IP[64] = { 78 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 79 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 80 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 81 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 82}; 83 84static u_char inv_key_perm[64]; |
83static u_char u_key_perm[56]; | |
84static u_char key_perm[56] = { 85 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 86 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, 87 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22, 88 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4 89}; 90 91static u_char key_shifts[16] = { --- 80 unchanged lines hidden (view full) --- 172 0x00000800, 0x00000400, 0x00000200, 0x00000100, 173 0x00000080, 0x00000040, 0x00000020, 0x00000010, 174 0x00000008, 0x00000004, 0x00000002, 0x00000001 175}; 176 177static u_char bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 }; 178 179static u_int32_t saltbits; | 85static u_char key_perm[56] = { 86 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 87 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, 88 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22, 89 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4 90}; 91 92static u_char key_shifts[16] = { --- 80 unchanged lines hidden (view full) --- 173 0x00000800, 0x00000400, 0x00000200, 0x00000100, 174 0x00000080, 0x00000040, 0x00000020, 0x00000010, 175 0x00000008, 0x00000004, 0x00000002, 0x00000001 176}; 177 178static u_char bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 }; 179 180static u_int32_t saltbits; |
180static long old_salt; | 181static u_int32_t old_salt; |
181static u_int32_t *bits28, *bits24; 182static u_char init_perm[64], final_perm[64]; 183static u_int32_t en_keysl[16], en_keysr[16]; 184static u_int32_t de_keysl[16], de_keysr[16]; 185static int des_initialised = 0; 186static u_char m_sbox[4][4096]; 187static u_int32_t psbox[4][256]; 188static u_int32_t ip_maskl[8][256], ip_maskr[8][256]; --- 21 unchanged lines hidden (view full) --- 210 if (ch > '9') 211 return(0); 212 if (ch >= '.') 213 return(ch - '.'); 214 return(0); 215} 216 217static void | 182static u_int32_t *bits28, *bits24; 183static u_char init_perm[64], final_perm[64]; 184static u_int32_t en_keysl[16], en_keysr[16]; 185static u_int32_t de_keysl[16], de_keysr[16]; 186static int des_initialised = 0; 187static u_char m_sbox[4][4096]; 188static u_int32_t psbox[4][256]; 189static u_int32_t ip_maskl[8][256], ip_maskr[8][256]; --- 21 unchanged lines hidden (view full) --- 211 if (ch > '9') 212 return(0); 213 if (ch >= '.') 214 return(ch - '.'); 215 return(0); 216} 217 218static void |
218des_init() | 219des_init(void) |
219{ 220 int i, j, b, k, inbit, obit; 221 u_int32_t *p, *il, *ir, *fl, *fr; 222 223 old_rawkey0 = old_rawkey1 = 0L; 224 saltbits = 0L; 225 old_salt = 0L; 226 bits24 = (bits28 = bits32 + 4) + 4; --- 10 unchanged lines hidden (view full) --- 237 /* 238 * Convert the inverted S-boxes into 4 arrays of 8 bits. 239 * Each will handle 12 bits of the S-box input. 240 */ 241 for (b = 0; b < 4; b++) 242 for (i = 0; i < 64; i++) 243 for (j = 0; j < 64; j++) 244 m_sbox[b][(i << 6) | j] = | 220{ 221 int i, j, b, k, inbit, obit; 222 u_int32_t *p, *il, *ir, *fl, *fr; 223 224 old_rawkey0 = old_rawkey1 = 0L; 225 saltbits = 0L; 226 old_salt = 0L; 227 bits24 = (bits28 = bits32 + 4) + 4; --- 10 unchanged lines hidden (view full) --- 238 /* 239 * Convert the inverted S-boxes into 4 arrays of 8 bits. 240 * Each will handle 12 bits of the S-box input. 241 */ 242 for (b = 0; b < 4; b++) 243 for (i = 0; i < 64; i++) 244 for (j = 0; j < 64; j++) 245 m_sbox[b][(i << 6) | j] = |
245 (u_sbox[(b << 1)][i] << 4) | 246 u_sbox[(b << 1) + 1][j]; | 246 (u_char)((u_sbox[(b << 1)][i] << 4) | 247 u_sbox[(b << 1) + 1][j]); |
247 248 /* 249 * Set up the initial & final permutations into a useful form, and 250 * initialise the inverted key permutation. 251 */ 252 for (i = 0; i < 64; i++) { | 248 249 /* 250 * Set up the initial & final permutations into a useful form, and 251 * initialise the inverted key permutation. 252 */ 253 for (i = 0; i < 64; i++) { |
253 init_perm[final_perm[i] = IP[i] - 1] = i; | 254 init_perm[final_perm[i] = IP[i] - 1] = (u_char)i; |
254 inv_key_perm[i] = 255; 255 } 256 257 /* 258 * Invert the key permutation and initialise the inverted key 259 * compression permutation. 260 */ 261 for (i = 0; i < 56; i++) { | 255 inv_key_perm[i] = 255; 256 } 257 258 /* 259 * Invert the key permutation and initialise the inverted key 260 * compression permutation. 261 */ 262 for (i = 0; i < 56; i++) { |
262 u_key_perm[i] = key_perm[i] - 1; 263 inv_key_perm[key_perm[i] - 1] = i; | 263 inv_key_perm[key_perm[i] - 1] = (u_char)i; |
264 inv_comp_perm[i] = 255; 265 } 266 267 /* 268 * Invert the key compression permutation. 269 */ 270 for (i = 0; i < 48; i++) { | 264 inv_comp_perm[i] = 255; 265 } 266 267 /* 268 * Invert the key compression permutation. 269 */ 270 for (i = 0; i < 48; i++) { |
271 inv_comp_perm[comp_perm[i] - 1] = i; | 271 inv_comp_perm[comp_perm[i] - 1] = (u_char)i; |
272 } 273 274 /* 275 * Set up the OR-mask arrays for the initial and final permutations, 276 * and for the key initial and compression permutations. 277 */ 278 for (k = 0; k < 8; k++) { 279 for (i = 0; i < 256; i++) { --- 45 unchanged lines hidden (view full) --- 325 } 326 } 327 328 /* 329 * Invert the P-box permutation, and convert into OR-masks for 330 * handling the output of the S-box arrays setup above. 331 */ 332 for (i = 0; i < 32; i++) | 272 } 273 274 /* 275 * Set up the OR-mask arrays for the initial and final permutations, 276 * and for the key initial and compression permutations. 277 */ 278 for (k = 0; k < 8; k++) { 279 for (i = 0; i < 256; i++) { --- 45 unchanged lines hidden (view full) --- 325 } 326 } 327 328 /* 329 * Invert the P-box permutation, and convert into OR-masks for 330 * handling the output of the S-box arrays setup above. 331 */ 332 for (i = 0; i < 32; i++) |
333 un_pbox[pbox[i] - 1] = i; | 333 un_pbox[pbox[i] - 1] = (u_char)i; |
334 335 for (b = 0; b < 4; b++) 336 for (i = 0; i < 256; i++) { 337 *(p = &psbox[b][i]) = 0L; 338 for (j = 0; j < 8; j++) { 339 if (i & bits8[j]) 340 *p |= bits32[un_pbox[8 * b + j]]; 341 } 342 } 343 344 des_initialised = 1; 345} 346 347static void | 334 335 for (b = 0; b < 4; b++) 336 for (i = 0; i < 256; i++) { 337 *(p = &psbox[b][i]) = 0L; 338 for (j = 0; j < 8; j++) { 339 if (i & bits8[j]) 340 *p |= bits32[un_pbox[8 * b + j]]; 341 } 342 } 343 344 des_initialised = 1; 345} 346 347static void |
348setup_salt(long salt) | 348setup_salt(u_int32_t salt) |
349{ 350 u_int32_t obit, saltbit; 351 int i; 352 353 if (salt == old_salt) 354 return; 355 old_salt = salt; 356 --- 12 unchanged lines hidden (view full) --- 369des_setkey(const char *key) 370{ 371 u_int32_t k0, k1, rawkey0, rawkey1; 372 int shifts, round; 373 374 if (!des_initialised) 375 des_init(); 376 | 349{ 350 u_int32_t obit, saltbit; 351 int i; 352 353 if (salt == old_salt) 354 return; 355 old_salt = salt; 356 --- 12 unchanged lines hidden (view full) --- 369des_setkey(const char *key) 370{ 371 u_int32_t k0, k1, rawkey0, rawkey1; 372 int shifts, round; 373 374 if (!des_initialised) 375 des_init(); 376 |
377 rawkey0 = ntohl(*(u_int32_t *) key); 378 rawkey1 = ntohl(*(u_int32_t *) (key + 4)); | 377 rawkey0 = ntohl(*(const u_int32_t *) key); 378 rawkey1 = ntohl(*(const u_int32_t *) (key + 4)); |
379 380 if ((rawkey0 | rawkey1) 381 && rawkey0 == old_rawkey0 382 && rawkey1 == old_rawkey1) { 383 /* 384 * Already setup for this key. 385 * This optimisation fails on a zero key (which is weak and 386 * has bad parity anyway) in order to simplify the starting --- 170 unchanged lines hidden (view full) --- 557 | fp_maskr[4][r >> 24] 558 | fp_maskr[5][(r >> 16) & 0xff] 559 | fp_maskr[6][(r >> 8) & 0xff] 560 | fp_maskr[7][r & 0xff]; 561 return(0); 562} 563 564static int | 379 380 if ((rawkey0 | rawkey1) 381 && rawkey0 == old_rawkey0 382 && rawkey1 == old_rawkey1) { 383 /* 384 * Already setup for this key. 385 * This optimisation fails on a zero key (which is weak and 386 * has bad parity anyway) in order to simplify the starting --- 170 unchanged lines hidden (view full) --- 557 | fp_maskr[4][r >> 24] 558 | fp_maskr[5][(r >> 16) & 0xff] 559 | fp_maskr[6][(r >> 8) & 0xff] 560 | fp_maskr[7][r & 0xff]; 561 return(0); 562} 563 564static int |
565des_cipher(const char *in, char *out, long salt, int count) | 565des_cipher(const char *in, char *out, u_long salt, int count) |
566{ 567 u_int32_t l_out, r_out, rawl, rawr; 568 int retval; | 566{ 567 u_int32_t l_out, r_out, rawl, rawr; 568 int retval; |
569 union { 570 u_int32_t *ui32; 571 const char *c; 572 } trans; |
|
569 570 if (!des_initialised) 571 des_init(); 572 573 setup_salt(salt); 574 | 573 574 if (!des_initialised) 575 des_init(); 576 577 setup_salt(salt); 578 |
575 rawl = ntohl(*((u_int32_t *) in)++); 576 rawr = ntohl(*((u_int32_t *) in)); | 579 trans.c = in; 580 rawl = ntohl(*trans.ui32++); 581 rawr = ntohl(*trans.ui32); |
577 578 retval = do_des(rawl, rawr, &l_out, &r_out, count); 579 | 582 583 retval = do_des(rawl, rawr, &l_out, &r_out, count); 584 |
580 *((u_int32_t *) out)++ = htonl(l_out); 581 *((u_int32_t *) out) = htonl(r_out); | 585 trans.c = out; 586 *trans.ui32++ = htonl(l_out); 587 *trans.ui32 = htonl(r_out); |
582 return(retval); 583} 584 585char * 586crypt_des(const char *key, const char *setting) 587{ 588 int i; 589 u_int32_t count, salt, l, r0, r1, keybuf[2]; 590 u_char *p, *q; | 588 return(retval); 589} 590 591char * 592crypt_des(const char *key, const char *setting) 593{ 594 int i; 595 u_int32_t count, salt, l, r0, r1, keybuf[2]; 596 u_char *p, *q; |
591 static u_char output[21]; | 597 static char output[21]; |
592 593 if (!des_initialised) 594 des_init(); 595 | 598 599 if (!des_initialised) 600 des_init(); 601 |
596 | |
597 /* 598 * Copy the key, shifting each character up by one bit 599 * and padding with zeros. 600 */ | 602 /* 603 * Copy the key, shifting each character up by one bit 604 * and padding with zeros. 605 */ |
601 q = (u_char *) keybuf; 602 while (q - (u_char *) keybuf - 8) { 603 if ((*q++ = *key << 1)) | 606 q = (u_char *)keybuf; 607 while (q - (u_char *)keybuf - 8) { 608 *q++ = *key << 1; 609 if (*(q - 1)) |
604 key++; 605 } | 610 key++; 611 } |
606 if (des_setkey((u_char *) keybuf)) | 612 if (des_setkey((char *)keybuf)) |
607 return(NULL); 608 609 if (*setting == _PASSWORD_EFMT1) { 610 /* 611 * "new"-style: 612 * setting - underscore, 4 bytes of count, 4 bytes of salt 613 * key - unlimited characters 614 */ 615 for (i = 1, count = 0L; i < 5; i++) | 613 return(NULL); 614 615 if (*setting == _PASSWORD_EFMT1) { 616 /* 617 * "new"-style: 618 * setting - underscore, 4 bytes of count, 4 bytes of salt 619 * key - unlimited characters 620 */ 621 for (i = 1, count = 0L; i < 5; i++) |
616 count |= ascii_to_bin(setting[i]) << (i - 1) * 6; | 622 count |= ascii_to_bin(setting[i]) << ((i - 1) * 6); |
617 618 for (i = 5, salt = 0L; i < 9; i++) | 623 624 for (i = 5, salt = 0L; i < 9; i++) |
619 salt |= ascii_to_bin(setting[i]) << (i - 5) * 6; | 625 salt |= ascii_to_bin(setting[i]) << ((i - 5) * 6); |
620 621 while (*key) { 622 /* 623 * Encrypt the key with itself. 624 */ | 626 627 while (*key) { 628 /* 629 * Encrypt the key with itself. 630 */ |
625 if (des_cipher((u_char*)keybuf, (u_char*)keybuf, 0L, 1)) | 631 if (des_cipher((char *)keybuf, (char *)keybuf, 0L, 1)) |
626 return(NULL); 627 /* 628 * And XOR with the next 8 characters of the key. 629 */ | 632 return(NULL); 633 /* 634 * And XOR with the next 8 characters of the key. 635 */ |
630 q = (u_char *) keybuf; 631 while (q - (u_char *) keybuf - 8 && *key) | 636 q = (u_char *)keybuf; 637 while (q - (u_char *)keybuf - 8 && *key) |
632 *q++ ^= *key++ << 1; 633 | 638 *q++ ^= *key++ << 1; 639 |
634 if (des_setkey((u_char *) keybuf)) | 640 if (des_setkey((char *)keybuf)) |
635 return(NULL); 636 } 637 strncpy(output, setting, 9); 638 639 /* 640 * Double check that we weren't given a short setting. 641 * If we were, the above code will probably have created 642 * wierd values for count and salt, but we don't really care. 643 * Just make sure the output string doesn't have an extra 644 * NUL in it. 645 */ 646 output[9] = '\0'; | 641 return(NULL); 642 } 643 strncpy(output, setting, 9); 644 645 /* 646 * Double check that we weren't given a short setting. 647 * If we were, the above code will probably have created 648 * wierd values for count and salt, but we don't really care. 649 * Just make sure the output string doesn't have an extra 650 * NUL in it. 651 */ 652 output[9] = '\0'; |
647 p = output + strlen(output); | 653 p = (u_char *)output + strlen(output); |
648 } else { 649 /* 650 * "old"-style: 651 * setting - 2 bytes of salt 652 * key - up to 8 characters 653 */ 654 count = 25; 655 --- 4 unchanged lines hidden (view full) --- 660 /* 661 * If the encrypted password that the salt was extracted from 662 * is only 1 character long, the salt will be corrupted. We 663 * need to ensure that the output string doesn't have an extra 664 * NUL in it! 665 */ 666 output[1] = setting[1] ? setting[1] : output[0]; 667 | 654 } else { 655 /* 656 * "old"-style: 657 * setting - 2 bytes of salt 658 * key - up to 8 characters 659 */ 660 count = 25; 661 --- 4 unchanged lines hidden (view full) --- 666 /* 667 * If the encrypted password that the salt was extracted from 668 * is only 1 character long, the salt will be corrupted. We 669 * need to ensure that the output string doesn't have an extra 670 * NUL in it! 671 */ 672 output[1] = setting[1] ? setting[1] : output[0]; 673 |
668 p = output + 2; | 674 p = (u_char *)output + 2; |
669 } 670 setup_salt(salt); 671 /* 672 * Do it. 673 */ | 675 } 676 setup_salt(salt); 677 /* 678 * Do it. 679 */ |
674 if (do_des(0L, 0L, &r0, &r1, count)) | 680 if (do_des(0L, 0L, &r0, &r1, (int)count)) |
675 return(NULL); 676 /* 677 * Now encode the result... 678 */ 679 l = (r0 >> 8); 680 *p++ = ascii64[(l >> 18) & 0x3f]; 681 *p++ = ascii64[(l >> 12) & 0x3f]; 682 *p++ = ascii64[(l >> 6) & 0x3f]; --- 16 unchanged lines hidden --- | 681 return(NULL); 682 /* 683 * Now encode the result... 684 */ 685 l = (r0 >> 8); 686 *p++ = ascii64[(l >> 18) & 0x3f]; 687 *p++ = ascii64[(l >> 12) & 0x3f]; 688 *p++ = ascii64[(l >> 6) & 0x3f]; --- 16 unchanged lines hidden --- |