cbc.c revision 50471 
1/* cbc.c: This file contains the encryption routines for the ed line editor */
2/*-
3 * Copyright (c) 1993 The Regents of the University of California.
4 * All rights reserved.
5 *
6 * Copyright (c) 1993 Andrew Moore, Talke Studio.
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 *    notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 *    notice, this list of conditions and the following disclaimer in the
16 *    documentation and/or other materials provided with the distribution.
17 * 3. All advertising materials mentioning features or use of this software
18 *    must display the following acknowledgement:
19 *	This product includes software developed by the University of
20 *	California, Berkeley and its contributors.
21 * 4. Neither the name of the University nor the names of its contributors
22 *    may be used to endorse or promote products derived from this software
23 *    without specific prior written permission.
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * SUCH DAMAGE.
36 *
37 *	from: @(#)bdes.c	5.5 (Berkeley) 6/27/91
38 */
39
40#ifndef lint
41#if 0
42static char * const rcsid = "@(#)cbc.c,v 1.2 1994/02/01 00:34:36 alm Exp";
43#else
44static char * const rcsid =
45  "$FreeBSD: head/bin/ed/cbc.c 50471 1999-08-27 23:15:48Z peter $";
46#endif
47#endif /* not lint */
48
49#include <sys/types.h>
50#include <errno.h>
51#include <pwd.h>
52#ifdef DES
53#include <time.h>
54#endif
55
56#include "ed.h"
57
58
59/*
60 * Define a divisor for rand() that yields a uniform distribution in the
61 * range 0-255.
62 */
63#define	RAND_DIV (((unsigned) RAND_MAX + 1) >> 8)
64
65/*
66 * BSD and System V systems offer special library calls that do
67 * block move_liness and fills, so if possible we take advantage of them
68 */
69#define	MEMCPY(dest,src,len)	memcpy((dest),(src),(len))
70#define	MEMZERO(dest,len)	memset((dest), 0, (len))
71
72/* Hide the calls to the primitive encryption routines. */
73#define	DES_KEY(buf) \
74	if (des_setkey(buf)) \
75		des_error("des_setkey");
76#define	DES_XFORM(buf) \
77	if (des_cipher(buf, buf, 0L, (inverse ? -1 : 1))) \
78		des_error("des_cipher");
79
80/*
81 * read/write - no error checking
82 */
83#define	READ(buf, n, fp)	fread(buf, sizeof(char), n, fp)
84#define WRITE(buf, n, fp)	fwrite(buf, sizeof(char), n, fp)
85
86/*
87 * some things to make references easier
88 */
89typedef char Desbuf[8];
90#define	CHAR(x,i)	(x[i])
91#define	UCHAR(x,i)	(x[i])
92#define	BUFFER(x)	(x)
93#define	UBUFFER(x)	(x)
94
95/*
96 * global variables and related macros
97 */
98
99enum { 					/* encrypt, decrypt, authenticate */
100	MODE_ENCRYPT, MODE_DECRYPT, MODE_AUTHENTICATE
101} mode = MODE_ENCRYPT;
102
103Desbuf ivec;				/* initialization vector */
104Desbuf pvec;				/* padding vector */
105char bits[] = {				/* used to extract bits from a char */
106	'\200', '\100', '\040', '\020', '\010', '\004', '\002', '\001'
107};
108int pflag;				/* 1 to preserve parity bits */
109
110unsigned char des_buf[8];	/* shared buffer for get_des_char/put_des_char */
111int des_ct = 0;			/* count for get_des_char/put_des_char */
112int des_n = 0;			/* index for put_des_char/get_des_char */
113
114
115/* init_des_cipher: initialize DES */
116void
117init_des_cipher()
118{
119#ifdef DES
120	int i;
121
122	des_ct = des_n = 0;
123
124	/* initialize the initialization vector */
125	MEMZERO(ivec, 8);
126
127	/* initialize the padding vector */
128	srand((unsigned) time((time_t *) 0));
129	for (i = 0; i < 8; i++)
130		CHAR(pvec, i) = (char) (rand()/RAND_DIV);
131#endif
132}
133
134
135/* get_des_char: return next char in an encrypted file */
136int
137get_des_char(fp)
138	FILE *fp;
139{
140#ifdef DES
141	if (des_n >= des_ct) {
142		des_n = 0;
143		des_ct = cbc_decode(des_buf, fp);
144	}
145	return (des_ct > 0) ? des_buf[des_n++] : EOF;
146#else
147	return (getc(fp));
148#endif
149}
150
151
152/* put_des_char: write a char to an encrypted file; return char written */
153int
154put_des_char(c, fp)
155	int c;
156	FILE *fp;
157{
158#ifdef DES
159	if (des_n == sizeof des_buf) {
160		des_ct = cbc_encode(des_buf, des_n, fp);
161		des_n = 0;
162	}
163	return (des_ct >= 0) ? (des_buf[des_n++] = c) : EOF;
164#else
165	return (fputc(c, fp));
166#endif
167}
168
169
170/* flush_des_file: flush an encrypted file's output; return status */
171int
172flush_des_file(fp)
173	FILE *fp;
174{
175#ifdef DES
176	if (des_n == sizeof des_buf) {
177		des_ct = cbc_encode(des_buf, des_n, fp);
178		des_n = 0;
179	}
180	return (des_ct >= 0 && cbc_encode(des_buf, des_n, fp) >= 0) ? 0 : EOF;
181#else
182	return (fflush(fp));
183#endif
184}
185
186#ifdef DES
187/*
188 * get keyword from tty or stdin
189 */
190int
191get_keyword()
192{
193	register char *p;		/* used to obtain the key */
194	Desbuf msgbuf;			/* I/O buffer */
195
196	/*
197	 * get the key
198	 */
199	if (*(p = getpass("Enter key: "))) {
200
201		/*
202		 * copy it, nul-padded, into the key area
203		 */
204		expand_des_key(BUFFER(msgbuf), p);
205		MEMZERO(p, _PASSWORD_LEN);
206		set_des_key(msgbuf);
207		MEMZERO(msgbuf, sizeof msgbuf);
208		return 1;
209	}
210	return 0;
211}
212
213
214/*
215 * print a warning message and, possibly, terminate
216 */
217void
218des_error(s)
219	char *s;		/* the message */
220{
221	(void)sprintf(errmsg, "%s", s ? s : strerror(errno));
222}
223
224/*
225 * map a hex character to an integer
226 */
227int
228hex_to_binary(c, radix)
229	int c;			/* char to be converted */
230	int radix;		/* base (2 to 16) */
231{
232	switch(c) {
233	case '0':		return(0x0);
234	case '1':		return(0x1);
235	case '2':		return(radix > 2 ? 0x2 : -1);
236	case '3':		return(radix > 3 ? 0x3 : -1);
237	case '4':		return(radix > 4 ? 0x4 : -1);
238	case '5':		return(radix > 5 ? 0x5 : -1);
239	case '6':		return(radix > 6 ? 0x6 : -1);
240	case '7':		return(radix > 7 ? 0x7 : -1);
241	case '8':		return(radix > 8 ? 0x8 : -1);
242	case '9':		return(radix > 9 ? 0x9 : -1);
243	case 'A': case 'a':	return(radix > 10 ? 0xa : -1);
244	case 'B': case 'b':	return(radix > 11 ? 0xb : -1);
245	case 'C': case 'c':	return(radix > 12 ? 0xc : -1);
246	case 'D': case 'd':	return(radix > 13 ? 0xd : -1);
247	case 'E': case 'e':	return(radix > 14 ? 0xe : -1);
248	case 'F': case 'f':	return(radix > 15 ? 0xf : -1);
249	}
250	/*
251	 * invalid character
252	 */
253	return(-1);
254}
255
256/*
257 * convert the key to a bit pattern
258 */
259void
260expand_des_key(obuf, ibuf)
261	char *obuf;			/* bit pattern */
262	char *ibuf;			/* the key itself */
263{
264	register int i, j;		/* counter in a for loop */
265	int nbuf[64];			/* used for hex/key translation */
266
267	/*
268	 * leading '0x' or '0X' == hex key
269	 */
270	if (ibuf[0] == '0' && (ibuf[1] == 'x' || ibuf[1] == 'X')) {
271		ibuf = &ibuf[2];
272		/*
273		 * now translate it, bombing on any illegal hex digit
274		 */
275		for (i = 0; ibuf[i] && i < 16; i++)
276			if ((nbuf[i] = hex_to_binary((int) ibuf[i], 16)) == -1)
277				des_error("bad hex digit in key");
278		while (i < 16)
279			nbuf[i++] = 0;
280		for (i = 0; i < 8; i++)
281			obuf[i] =
282			    ((nbuf[2*i]&0xf)<<4) | (nbuf[2*i+1]&0xf);
283		/* preserve parity bits */
284		pflag = 1;
285		return;
286	}
287	/*
288	 * leading '0b' or '0B' == binary key
289	 */
290	if (ibuf[0] == '0' && (ibuf[1] == 'b' || ibuf[1] == 'B')) {
291		ibuf = &ibuf[2];
292		/*
293		 * now translate it, bombing on any illegal binary digit
294		 */
295		for (i = 0; ibuf[i] && i < 16; i++)
296			if ((nbuf[i] = hex_to_binary((int) ibuf[i], 2)) == -1)
297				des_error("bad binary digit in key");
298		while (i < 64)
299			nbuf[i++] = 0;
300		for (i = 0; i < 8; i++)
301			for (j = 0; j < 8; j++)
302				obuf[i] = (obuf[i]<<1)|nbuf[8*i+j];
303		/* preserve parity bits */
304		pflag = 1;
305		return;
306	}
307	/*
308	 * no special leader -- ASCII
309	 */
310	(void)strncpy(obuf, ibuf, 8);
311}
312
313/*****************
314 * DES FUNCTIONS *
315 *****************/
316/*
317 * This sets the DES key and (if you're using the deszip version)
318 * the direction of the transformation.  This uses the Sun
319 * to map the 64-bit key onto the 56 bits that the key schedule
320 * generation routines use: the old way, which just uses the user-
321 * supplied 64 bits as is, and the new way, which resets the parity
322 * bit to be the same as the low-order bit in each character.  The
323 * new way generates a greater variety of key schedules, since many
324 * systems set the parity (high) bit of each character to 0, and the
325 * DES ignores the low order bit of each character.
326 */
327void
328set_des_key(buf)
329	Desbuf buf;				/* key block */
330{
331	register int i, j;			/* counter in a for loop */
332	register int par;			/* parity counter */
333
334	/*
335	 * if the parity is not preserved, flip it
336	 */
337	if (!pflag) {
338		for (i = 0; i < 8; i++) {
339			par = 0;
340			for (j = 1; j < 8; j++)
341				if ((bits[j]&UCHAR(buf, i)) != 0)
342					par++;
343			if ((par&01) == 01)
344				UCHAR(buf, i) = UCHAR(buf, i)&0177;
345			else
346				UCHAR(buf, i) = (UCHAR(buf, i)&0177)|0200;
347		}
348	}
349
350	DES_KEY(UBUFFER(buf));
351}
352
353
354/*
355 * This encrypts using the Cipher Block Chaining mode of DES
356 */
357int
358cbc_encode(msgbuf, n, fp)
359	char *msgbuf;
360	int n;
361	FILE *fp;
362{
363	int inverse = 0;	/* 0 to encrypt, 1 to decrypt */
364
365	/*
366	 * do the transformation
367	 */
368	if (n == 8) {
369		for (n = 0; n < 8; n++)
370			CHAR(msgbuf, n) ^= CHAR(ivec, n);
371		DES_XFORM(UBUFFER(msgbuf));
372		MEMCPY(BUFFER(ivec), BUFFER(msgbuf), 8);
373		return WRITE(BUFFER(msgbuf), 8, fp);
374	}
375	/*
376	 * at EOF or last block -- in either case, the last byte contains
377	 * the character representation of the number of bytes in it
378	 */
379/*
380	MEMZERO(msgbuf +  n, 8 - n);
381*/
382	/*
383	 *  Pad the last block randomly
384	 */
385	(void)MEMCPY(BUFFER(msgbuf + n), BUFFER(pvec), 8 - n);
386	CHAR(msgbuf, 7) = n;
387	for (n = 0; n < 8; n++)
388		CHAR(msgbuf, n) ^= CHAR(ivec, n);
389	DES_XFORM(UBUFFER(msgbuf));
390	return WRITE(BUFFER(msgbuf), 8, fp);
391}
392
393/*
394 * This decrypts using the Cipher Block Chaining mode of DES
395 */
396int
397cbc_decode(msgbuf, fp)
398	char *msgbuf;		/* I/O buffer */
399	FILE *fp;			/* input file descriptor */
400{
401	Desbuf ibuf;	/* temp buffer for initialization vector */
402	register int n;		/* number of bytes actually read */
403	register int c;		/* used to test for EOF */
404	int inverse = 1;	/* 0 to encrypt, 1 to decrypt */
405
406	if ((n = READ(BUFFER(msgbuf), 8, fp)) == 8) {
407		/*
408		 * do the transformation
409		 */
410		MEMCPY(BUFFER(ibuf), BUFFER(msgbuf), 8);
411		DES_XFORM(UBUFFER(msgbuf));
412		for (c = 0; c < 8; c++)
413			UCHAR(msgbuf, c) ^= UCHAR(ivec, c);
414		MEMCPY(BUFFER(ivec), BUFFER(ibuf), 8);
415		/*
416		 * if the last one, handle it specially
417		 */
418		if ((c = fgetc(fp)) == EOF) {
419			n = CHAR(msgbuf, 7);
420			if (n < 0 || n > 7) {
421				des_error("decryption failed (block corrupted)");
422				return EOF;
423			}
424		} else
425			(void)ungetc(c, fp);
426		return n;
427	}
428	if (n > 0)
429		des_error("decryption failed (incomplete block)");
430	else if (n < 0)
431		des_error("cannot read file");
432	return EOF;
433}
434#endif	/* DES */
435