scramble.c revision 17721
1/*
2 * Trivially encode strings to protect them from innocent eyes (i.e.,
3 * inadvertent password compromises, like a network administrator
4 * who's watching packets for legitimate reasons and accidentally sees
5 * the password protocol go by).
6 *
7 * This is NOT secure encryption.
8 *
9 * It would be tempting to encode the password according to username
10 * and repository, so that the same password would encode to a
11 * different string when used with different usernames and/or
12 * repositories.  However, then users would not be able to cut and
13 * paste passwords around.  They're not supposed to anyway, but we all
14 * know they will, and there's no reason to make it harder for them if
15 * we're not trying to provide real security anyway.
16 */
17
18/* Set this to test as a standalone program. */
19/* #define DIAGNOSTIC */
20
21#ifndef DIAGNOSTIC
22#include "cvs.h"
23#else /* ! DIAGNOSTIC */
24/* cvs.h won't define this for us */
25#define AUTH_CLIENT_SUPPORT
26#define xmalloc malloc
27/* Use "gcc -fwritable-strings". */
28#include <stdio.h>
29#include <stdio.h>
30#include <string.h>
31#endif /* ! DIAGNOSTIC */
32
33#if defined(AUTH_CLIENT_SUPPORT) || defined(AUTH_SERVER_SUPPORT)
34
35/* Map characters to each other randomly and symmetrically, A <--> B.
36 *
37 * We divide the ASCII character set into 3 domains: control chars (0
38 * thru 31), printing chars (32 through 126), and "meta"-chars (127
39 * through 255).  The control chars map _to_ themselves, the printing
40 * chars map _among_ themselves, and the meta chars map _among_
41 * themselves.  Why is this thus?
42 *
43 * No character in any of these domains maps to a character in another
44 * domain, because I'm not sure what characters are legal in
45 * passwords, or what tools people are likely to use to cut and paste
46 * them.  It seems prudent not to introduce control or meta chars,
47 * unless the user introduced them first.  And having the control
48 * chars all map to themselves insures that newline and
49 * carriage-return are safely handled.
50 */
51
52static unsigned char
53shifts[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
5417, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 114, 120,
5553, 79, 96, 109, 72, 108, 70, 64, 76, 67, 116, 74, 68, 87, 111, 52,
5675, 119, 49, 34, 82, 81, 95, 65, 112, 86, 118, 110, 122, 105, 41, 57,
5783, 43, 46, 102, 40, 89, 38, 103, 45, 50, 42, 123, 91, 35, 125, 55,
5854, 66, 124, 126, 59, 47, 92, 71, 115, 78, 88, 107, 106, 56, 36, 121,
59117, 104, 101, 100, 69, 73, 99, 63, 94, 93, 39, 37, 61, 48, 58, 113,
6032, 90, 44, 98, 60, 51, 33, 97, 62, 77, 84, 80, 85, 223, 225, 216,
61187, 166, 229, 189, 222, 188, 141, 249, 148, 200, 184, 136, 248, 190,
62199, 170, 181, 204, 138, 232, 218, 183, 255, 234, 220, 247, 213, 203,
63226, 193, 174, 172, 228, 252, 217, 201, 131, 230, 197, 211, 145, 238,
64161, 179, 160, 212, 207, 221, 254, 173, 202, 146, 224, 151, 140, 196,
65205, 130, 135, 133, 143, 246, 192, 159, 244, 239, 185, 168, 215, 144,
66139, 165, 180, 157, 147, 186, 214, 176, 227, 231, 219, 169, 175, 156,
67206, 198, 129, 164, 150, 210, 154, 177, 134, 127, 182, 128, 158, 208,
68162, 132, 167, 209, 149, 241, 153, 251, 237, 236, 171, 195, 243, 233,
69253, 240, 194, 250, 191, 155, 142, 137, 245, 235, 163, 242, 178, 152 };
70
71
72/* SCRAMBLE and DESCRAMBLE work like this:
73 *
74 * scramble(STR) returns SCRM, a scrambled copy of STR.  SCRM[0] is a
75 * single letter indicating the scrambling method.  As of this
76 * writing, the only legal method is 'A', but check the code for more
77 * up-to-date information.  The copy will have been allocated with
78 * malloc().
79 *
80 * descramble(SCRM) returns STR, again in its own malloc'd space.
81 * descramble() uses SCRM[0] to determine which method of unscrambling
82 * to use.  If it does not recognize the method, it dies with error.
83 */
84
85/* Return a malloc'd, scrambled version of STR. */
86char *
87scramble (str)
88     char *str;
89{
90  int i;
91  char *s;
92
93  /* +2 to hold the 'A' prefix that indicates which version of
94   * scrambling this is (the first, obviously, since we only do one
95   * kind of scrambling so far), and then the '\0' of course.
96   */
97  s = (char *) xmalloc (strlen (str) + 2);
98
99  s[0] = 'A';   /* Scramble (TM) version prefix. */
100  strcpy (s + 1, str);
101
102  for (i = 1; s[i]; i++)
103    s[i] = shifts[(unsigned char)(s[i])];
104
105  return s;
106}
107
108/* Decode the string in place. */
109char *
110descramble (str)
111     char *str;
112{
113  char *s;
114  int i;
115
116  /* For now we can only handle one kind of scrambling.  In the future
117   * there may be other kinds, and this `if' will become a `switch'.
118   */
119  if (str[0] != 'A')
120#ifndef DIAGNOSTIC
121    error (1, 0, "descramble: unknown scrambling method");
122#else  /* DIAGNOSTIC */
123  {
124    fprintf (stderr, "descramble: unknown scrambling method\n", str);
125    fflush (stderr);
126    exit (EXIT_FAILURE);
127  }
128#endif  /* DIAGNOSTIC */
129
130  /* Method `A' is symmetrical, so scramble again to decrypt. */
131  s = scramble (str + 1);
132
133  /* Shift the whole string one char to the left, pushing the unwanted
134     'A' off the left end.  Safe, because s is null-terminated. */
135  for (i = 0; s[i]; i++)
136      s[i] = s[i + 1];
137
138  return s;
139}
140
141#endif /* (AUTH_CLIENT_SUPPORT || AUTH_SERVER_SUPPORT) from top of file */
142
143#ifdef DIAGNOSTIC
144int
145main ()
146{
147  int i;
148  char *e, *m, biggie[256];
149
150  char *cleartexts[5];
151  cleartexts[0] = "first";
152  cleartexts[1] = "the second";
153  cleartexts[2] = "this is the third";
154  cleartexts[3] = "$#% !!\\3";
155  cleartexts[4] = biggie;
156
157  /* Set up the most important test string: */
158  /* Can't have a real ASCII zero in the string, because we want to
159     use printf, so we substitute the character zero. */
160  biggie[0] = '0';
161  /* The rest of the string gets straight ascending ASCII. */
162  for (i = 1; i < 256; i++)
163    biggie[i] = i;
164
165  /* Test all the strings. */
166  for (i = 0; i < 5; i++)
167    {
168      printf ("clear%d: %s\n", i, cleartexts[i]);
169      e = scramble (cleartexts[i]);
170      printf ("scram%d: %s\n", i, e);
171      m = descramble (e);
172      free (e);
173      printf ("clear%d: %s\n\n", i, m);
174      free (m);
175    }
176
177  fflush (stdout);
178  return 0;
179}
180#endif /* DIAGNOSTIC */
181
182/*
183 * ;;; The Emacs Lisp that did the dirty work ;;;
184 * (progn
185 *
186 *   ;; Helper func.
187 *   (defun random-elt (lst)
188 *     (let* ((len (length lst))
189 *            (rnd (random len)))
190 *       (nth rnd lst)))
191 *
192 *   ;; A list of all characters under 127, each appearing once.
193 *   (setq non-meta-chars
194 *         (let ((i 0)
195 *               (l nil))
196 *           (while (< i 127)
197 *             (setq l (cons i l)
198 *                   i (1+ i)))
199 *           l))
200 *
201 *   ;; A list of all characters 127 and above, each appearing once.
202 *   (setq meta-chars
203 *         (let ((i 127)
204 *               (l nil))
205 *           (while (< i 256)
206 *             (setq l (cons i l)
207 *                   i (1+ i)))
208 *           l))
209 *
210 *   ;; A vector that will hold the chars in a random order.
211 *   (setq scrambled-chars (make-vector 256 0))
212 *
213 *   ;; These characters should map to themselves.
214 *   (let ((i 0))
215 *     (while (< i 32)
216 *       (aset scrambled-chars i i)
217 *       (setq non-meta-chars (delete i non-meta-chars)
218 *             i (1+ i))))
219 *
220 *   ;; Assign random (but unique) values, within the non-meta chars.
221 *   (let ((i 32))
222 *     (while (< i 127)
223 *       (let ((ch (random-elt non-meta-chars)))
224 *         (if (= 0 (aref scrambled-chars i))
225 *             (progn
226 *               (aset scrambled-chars i ch)
227 *               (aset scrambled-chars ch i)
228 *               (setq non-meta-chars (delete ch non-meta-chars)
229 *                     non-meta-chars (delete i non-meta-chars))))
230 *         (setq i (1+ i)))))
231 *
232 *   ;; Assign random (but unique) values, within the non-meta chars.
233 *   (let ((i 127))
234 *     (while (< i 256)
235 *       (let ((ch (random-elt meta-chars)))
236 *         (if (= 0 (aref scrambled-chars i))
237 *             (progn
238 *               (aset scrambled-chars i ch)
239 *               (aset scrambled-chars ch i)
240 *               (setq meta-chars (delete ch meta-chars)
241 *                     meta-chars (delete i meta-chars))))
242 *         (setq i (1+ i)))))
243 *
244 *   ;; Now use the `scrambled-chars' vector to get your C array.
245 *   )
246 */
247