cbc.c revision 7165 
1/* cbc.c: This file contains the encryption routines for the ed line editor */
2/*-
3 * Copyright (c) 1993 The Regents of the University of California.
4 * All rights reserved.
5 *
6 * Copyright (c) 1993 Andrew Moore, Talke Studio.
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 *    notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 *    notice, this list of conditions and the following disclaimer in the
16 *    documentation and/or other materials provided with the distribution.
17 * 3. All advertising materials mentioning features or use of this software
18 *    must display the following acknowledgement:
19 *	This product includes software developed by the University of
20 *	California, Berkeley and its contributors.
21 * 4. Neither the name of the University nor the names of its contributors
22 *    may be used to endorse or promote products derived from this software
23 *    without specific prior written permission.
24 *
25 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * SUCH DAMAGE.
36 *
37 *	from: @(#)bdes.c	5.5 (Berkeley) 6/27/91
38 *	$Id: cbc.c,v 1.4 1994/09/24 02:55:24 davidg Exp $
39 */
40
41#ifndef lint
42static char *rcsid = "@(#)cbc.c,v 1.2 1994/02/01 00:34:36 alm Exp";
43#endif /* not lint */
44
45#include <sys/types.h>
46#include <ctype.h>
47#include <errno.h>
48#include <pwd.h>
49
50#include "ed.h"
51
52
53/*
54 * Define a divisor for rand() that yields a uniform distribution in the
55 * range 0-255.
56 */
57#define	RAND_DIV (((unsigned) RAND_MAX + 1) >> 8)
58
59/*
60 * BSD and System V systems offer special library calls that do
61 * block move_liness and fills, so if possible we take advantage of them
62 */
63#define	MEMCPY(dest,src,len)	memcpy((dest),(src),(len))
64#define	MEMZERO(dest,len)	memset((dest), 0, (len))
65
66/* Hide the calls to the primitive encryption routines. */
67#define	DES_KEY(buf) \
68	if (des_setkey(buf)) \
69		des_error("des_setkey");
70#define	DES_XFORM(buf) \
71	if (des_cipher(buf, buf, 0L, (inverse ? -1 : 1))) \
72		des_error("des_cipher");
73
74/*
75 * read/write - no error checking
76 */
77#define	READ(buf, n, fp)	fread(buf, sizeof(char), n, fp)
78#define WRITE(buf, n, fp)	fwrite(buf, sizeof(char), n, fp)
79
80/*
81 * some things to make references easier
82 */
83typedef char Desbuf[8];
84#define	CHAR(x,i)	(x[i])
85#define	UCHAR(x,i)	(x[i])
86#define	BUFFER(x)	(x)
87#define	UBUFFER(x)	(x)
88
89/*
90 * global variables and related macros
91 */
92
93enum { 					/* encrypt, decrypt, authenticate */
94	MODE_ENCRYPT, MODE_DECRYPT, MODE_AUTHENTICATE
95} mode = MODE_ENCRYPT;
96
97Desbuf ivec;				/* initialization vector */
98Desbuf pvec;				/* padding vector */
99char bits[] = {				/* used to extract bits from a char */
100	'\200', '\100', '\040', '\020', '\010', '\004', '\002', '\001'
101};
102int pflag;				/* 1 to preserve parity bits */
103
104unsigned char des_buf[8];	/* shared buffer for get_des_char/put_des_char */
105int des_ct = 0;			/* count for get_des_char/put_des_char */
106int des_n = 0;			/* index for put_des_char/get_des_char */
107
108
109/* init_des_cipher: initialize DES */
110void
111init_des_cipher()
112{
113#ifdef DES
114	int i;
115
116	des_ct = des_n = 0;
117
118	/* initialize the initialization vector */
119	MEMZERO(ivec, 8);
120
121	/* intialize the padding vector */
122	srand((unsigned) time((time_t *) 0));
123	for (i = 0; i < 8; i++)
124		CHAR(pvec, i) = (char) (rand()/RAND_DIV);
125#endif
126}
127
128
129/* get_des_char: return next char in an encrypted file */
130int
131get_des_char(fp)
132	FILE *fp;
133{
134#ifdef DES
135	if (des_n >= des_ct) {
136		des_n = 0;
137		des_ct = cbc_decode(des_buf, fp);
138	}
139	return (des_ct > 0) ? des_buf[des_n++] : EOF;
140#else
141	return (getc(fp));
142#endif
143}
144
145
146/* put_des_char: write a char to an encrypted file; return char written */
147int
148put_des_char(c, fp)
149	int c;
150	FILE *fp;
151{
152#ifdef DES
153	if (des_n == sizeof des_buf) {
154		des_ct = cbc_encode(des_buf, des_n, fp);
155		des_n = 0;
156	}
157	return (des_ct >= 0) ? (des_buf[des_n++] = c) : EOF;
158#else
159	return (fputc(c, fp));
160#endif
161}
162
163
164/* flush_des_file: flush an encrypted file's output; return status */
165int
166flush_des_file(fp)
167	FILE *fp;
168{
169#ifdef DES
170	if (des_n == sizeof des_buf) {
171		des_ct = cbc_encode(des_buf, des_n, fp);
172		des_n = 0;
173	}
174	return (des_ct >= 0 && cbc_encode(des_buf, des_n, fp) >= 0) ? 0 : EOF;
175#else
176	return (fflush(fp));
177#endif
178}
179
180#ifdef DES
181/*
182 * get keyword from tty or stdin
183 */
184int
185get_keyword()
186{
187	register char *p;		/* used to obtain the key */
188	Desbuf msgbuf;			/* I/O buffer */
189
190	/*
191	 * get the key
192	 */
193	if (*(p = getpass("Enter key: "))) {
194
195		/*
196		 * copy it, nul-padded, into the key area
197		 */
198		expand_des_key(BUFFER(msgbuf), p);
199		MEMZERO(p, _PASSWORD_LEN);
200		set_des_key(msgbuf);
201		MEMZERO(msgbuf, sizeof msgbuf);
202		return 1;
203	}
204	return 0;
205}
206
207
208/*
209 * print a warning message and, possibly, terminate
210 */
211void
212des_error(s)
213	char *s;		/* the message */
214{
215	(void)sprintf(errmsg, "%s", s ? s : strerror(errno));
216}
217
218/*
219 * map a hex character to an integer
220 */
221int
222hex_to_binary(c, radix)
223	int c;			/* char to be converted */
224	int radix;		/* base (2 to 16) */
225{
226	switch(c) {
227	case '0':		return(0x0);
228	case '1':		return(0x1);
229	case '2':		return(radix > 2 ? 0x2 : -1);
230	case '3':		return(radix > 3 ? 0x3 : -1);
231	case '4':		return(radix > 4 ? 0x4 : -1);
232	case '5':		return(radix > 5 ? 0x5 : -1);
233	case '6':		return(radix > 6 ? 0x6 : -1);
234	case '7':		return(radix > 7 ? 0x7 : -1);
235	case '8':		return(radix > 8 ? 0x8 : -1);
236	case '9':		return(radix > 9 ? 0x9 : -1);
237	case 'A': case 'a':	return(radix > 10 ? 0xa : -1);
238	case 'B': case 'b':	return(radix > 11 ? 0xb : -1);
239	case 'C': case 'c':	return(radix > 12 ? 0xc : -1);
240	case 'D': case 'd':	return(radix > 13 ? 0xd : -1);
241	case 'E': case 'e':	return(radix > 14 ? 0xe : -1);
242	case 'F': case 'f':	return(radix > 15 ? 0xf : -1);
243	}
244	/*
245	 * invalid character
246	 */
247	return(-1);
248}
249
250/*
251 * convert the key to a bit pattern
252 */
253void
254expand_des_key(obuf, ibuf)
255	char *obuf;			/* bit pattern */
256	char *ibuf;			/* the key itself */
257{
258	register int i, j;		/* counter in a for loop */
259	int nbuf[64];			/* used for hex/key translation */
260
261	/*
262	 * leading '0x' or '0X' == hex key
263	 */
264	if (ibuf[0] == '0' && (ibuf[1] == 'x' || ibuf[1] == 'X')) {
265		ibuf = &ibuf[2];
266		/*
267		 * now translate it, bombing on any illegal hex digit
268		 */
269		for (i = 0; ibuf[i] && i < 16; i++)
270			if ((nbuf[i] = hex_to_binary((int) ibuf[i], 16)) == -1)
271				des_error("bad hex digit in key");
272		while (i < 16)
273			nbuf[i++] = 0;
274		for (i = 0; i < 8; i++)
275			obuf[i] =
276			    ((nbuf[2*i]&0xf)<<4) | (nbuf[2*i+1]&0xf);
277		/* preserve parity bits */
278		pflag = 1;
279		return;
280	}
281	/*
282	 * leading '0b' or '0B' == binary key
283	 */
284	if (ibuf[0] == '0' && (ibuf[1] == 'b' || ibuf[1] == 'B')) {
285		ibuf = &ibuf[2];
286		/*
287		 * now translate it, bombing on any illegal binary digit
288		 */
289		for (i = 0; ibuf[i] && i < 16; i++)
290			if ((nbuf[i] = hex_to_binary((int) ibuf[i], 2)) == -1)
291				des_error("bad binary digit in key");
292		while (i < 64)
293			nbuf[i++] = 0;
294		for (i = 0; i < 8; i++)
295			for (j = 0; j < 8; j++)
296				obuf[i] = (obuf[i]<<1)|nbuf[8*i+j];
297		/* preserve parity bits */
298		pflag = 1;
299		return;
300	}
301	/*
302	 * no special leader -- ASCII
303	 */
304	(void)strncpy(obuf, ibuf, 8);
305}
306
307/*****************
308 * DES FUNCTIONS *
309 *****************/
310/*
311 * This sets the DES key and (if you're using the deszip version)
312 * the direction of the transformation.  This uses the Sun
313 * to map the 64-bit key onto the 56 bits that the key schedule
314 * generation routines use: the old way, which just uses the user-
315 * supplied 64 bits as is, and the new way, which resets the parity
316 * bit to be the same as the low-order bit in each character.  The
317 * new way generates a greater variety of key schedules, since many
318 * systems set the parity (high) bit of each character to 0, and the
319 * DES ignores the low order bit of each character.
320 */
321void
322set_des_key(buf)
323	Desbuf buf;				/* key block */
324{
325	register int i, j;			/* counter in a for loop */
326	register int par;			/* parity counter */
327
328	/*
329	 * if the parity is not preserved, flip it
330	 */
331	if (!pflag) {
332		for (i = 0; i < 8; i++) {
333			par = 0;
334			for (j = 1; j < 8; j++)
335				if ((bits[j]&UCHAR(buf, i)) != 0)
336					par++;
337			if ((par&01) == 01)
338				UCHAR(buf, i) = UCHAR(buf, i)&0177;
339			else
340				UCHAR(buf, i) = (UCHAR(buf, i)&0177)|0200;
341		}
342	}
343
344	DES_KEY(UBUFFER(buf));
345}
346
347
348/*
349 * This encrypts using the Cipher Block Chaining mode of DES
350 */
351int
352cbc_encode(msgbuf, n, fp)
353	char *msgbuf;
354	int n;
355	FILE *fp;
356{
357	int inverse = 0;	/* 0 to encrypt, 1 to decrypt */
358
359	/*
360	 * do the transformation
361	 */
362	if (n == 8) {
363		for (n = 0; n < 8; n++)
364			CHAR(msgbuf, n) ^= CHAR(ivec, n);
365		DES_XFORM(UBUFFER(msgbuf));
366		MEMCPY(BUFFER(ivec), BUFFER(msgbuf), 8);
367		return WRITE(BUFFER(msgbuf), 8, fp);
368	}
369	/*
370	 * at EOF or last block -- in either case, the last byte contains
371	 * the character representation of the number of bytes in it
372	 */
373/*
374	MEMZERO(msgbuf +  n, 8 - n);
375*/
376	/*
377	 *  Pad the last block randomly
378	 */
379	(void)MEMCPY(BUFFER(msgbuf + n), BUFFER(pvec), 8 - n);
380	CHAR(msgbuf, 7) = n;
381	for (n = 0; n < 8; n++)
382		CHAR(msgbuf, n) ^= CHAR(ivec, n);
383	DES_XFORM(UBUFFER(msgbuf));
384	return WRITE(BUFFER(msgbuf), 8, fp);
385}
386
387/*
388 * This decrypts using the Cipher Block Chaining mode of DES
389 */
390int
391cbc_decode(msgbuf, fp)
392	char *msgbuf;		/* I/O buffer */
393	FILE *fp;			/* input file descriptor */
394{
395	Desbuf ibuf;	/* temp buffer for initialization vector */
396	register int n;		/* number of bytes actually read */
397	register int c;		/* used to test for EOF */
398	int inverse = 1;	/* 0 to encrypt, 1 to decrypt */
399
400	if ((n = READ(BUFFER(msgbuf), 8, fp)) == 8) {
401		/*
402		 * do the transformation
403		 */
404		MEMCPY(BUFFER(ibuf), BUFFER(msgbuf), 8);
405		DES_XFORM(UBUFFER(msgbuf));
406		for (c = 0; c < 8; c++)
407			UCHAR(msgbuf, c) ^= UCHAR(ivec, c);
408		MEMCPY(BUFFER(ivec), BUFFER(ibuf), 8);
409		/*
410		 * if the last one, handle it specially
411		 */
412		if ((c = fgetc(fp)) == EOF) {
413			n = CHAR(msgbuf, 7);
414			if (n < 0 || n > 7) {
415				des_error("decryption failed (block corrupted)");
416				return EOF;
417			}
418		} else
419			(void)ungetc(c, fp);
420		return n;
421	}
422	if (n > 0)
423		des_error("decryption failed (incomplete block)");
424	else if (n < 0)
425		des_error("cannot read file");
426	return EOF;
427}
428#endif	/* DES */
429