summaryrefslogtreecommitdiffstats
path: root/src/lib/crypto/des
diff options
context:
space:
mode:
authorZhanna Tsitkov <tsitkova@mit.edu>2009-08-03 14:19:16 +0000
committerZhanna Tsitkov <tsitkova@mit.edu>2009-08-03 14:19:16 +0000
commit3c40c7f134b4e87baa43b0cacb435b6f96245e2f (patch)
tree2b1014db60c1d3941f17a4d00221e07cc5cece62 /src/lib/crypto/des
parentab7ffb919b4ee5ee5bc07f987d9163202a632e6a (diff)
downloadkrb5-3c40c7f134b4e87baa43b0cacb435b6f96245e2f.tar.gz
krb5-3c40c7f134b4e87baa43b0cacb435b6f96245e2f.tar.xz
krb5-3c40c7f134b4e87baa43b0cacb435b6f96245e2f.zip
Crypto modularity proj: Separate files under crypto directory based on their functionality. Move Kerberos specific files into krb subdir and MIT specific - into builtin subdir. Place all tests into crypto_tests subfolder.
bigredbutton: whitespace git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22477 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/des')
-rw-r--r--src/lib/crypto/des/ISSUES13
-rw-r--r--src/lib/crypto/des/Makefile.in104
-rw-r--r--src/lib/crypto/des/afsstring2key.c570
-rw-r--r--src/lib/crypto/des/d3_aead.c207
-rw-r--r--src/lib/crypto/des/d3_cbc.c223
-rw-r--r--src/lib/crypto/des/d3_kysched.c50
-rw-r--r--src/lib/crypto/des/deps146
-rw-r--r--src/lib/crypto/des/des_int.h382
-rw-r--r--src/lib/crypto/des/des_prf.c54
-rw-r--r--src/lib/crypto/des/destest.c247
-rw-r--r--src/lib/crypto/des/doc/libdes.doc208
-rw-r--r--src/lib/crypto/des/f_aead.c192
-rw-r--r--src/lib/crypto/des/f_cbc.c274
-rw-r--r--src/lib/crypto/des/f_cksum.c136
-rw-r--r--src/lib/crypto/des/f_parity.c56
-rw-r--r--src/lib/crypto/des/f_sched.c359
-rw-r--r--src/lib/crypto/des/f_tables.c370
-rw-r--r--src/lib/crypto/des/f_tables.h279
-rw-r--r--src/lib/crypto/des/key_sched.c61
-rw-r--r--src/lib/crypto/des/keytest.data171
-rw-r--r--src/lib/crypto/des/string2key.c261
-rw-r--r--src/lib/crypto/des/t_afss2k.c136
-rw-r--r--src/lib/crypto/des/t_verify.c418
-rw-r--r--src/lib/crypto/des/weak_key.c85
24 files changed, 0 insertions, 5002 deletions
diff --git a/src/lib/crypto/des/ISSUES b/src/lib/crypto/des/ISSUES
deleted file mode 100644
index 412f94aa7..000000000
--- a/src/lib/crypto/des/ISSUES
+++ /dev/null
@@ -1,13 +0,0 @@
-Issues to be addressed for src/lib/crypto/des: -*- text -*-
-
-
-"const" could be used in more places
-
-
-Array types are used in calling interfaces. Under ANSI C, a value of
-type "arraytype *" cannot be assigned to a variable of type "const
-arraytype *", so we get compilation warnings.
-
-Possible fix: Rewrite internal interfaces to not use arrays this way.
-Provide external routines compatible with old API, but not using
-const?
diff --git a/src/lib/crypto/des/Makefile.in b/src/lib/crypto/des/Makefile.in
deleted file mode 100644
index ef700a74d..000000000
--- a/src/lib/crypto/des/Makefile.in
+++ /dev/null
@@ -1,104 +0,0 @@
-thisconfigdir=../../..
-myfulldir=lib/crypto/des
-mydir=lib/crypto/des
-BUILDTOP=$(REL)..$(S)..$(S)..
-DEFS=
-
-##DOS##BUILDTOP = ..\..\..
-##DOS##PREFIXDIR=des
-##DOS##OBJFILE=..\$(OUTPRE)des.lst
-
-PROG_LIBPATH=-L$(TOPLIBD)
-PROG_RPATH=$(KRB5_LIBDIR)
-
-RUN_SETUP = @KRB5_RUN_ENV@ KRB5_CONFIG=$(SRCTOP)/config-files/krb5.conf
-
-STLIBOBJS=\
- afsstring2key.o \
- d3_cbc.o \
- d3_aead.o \
- d3_kysched.o \
- des_prf.o \
- f_aead.o \
- f_cbc.o \
- f_cksum.o \
- f_parity.o \
- f_sched.o \
- f_tables.o \
- key_sched.o \
- string2key.o \
- weak_key.o
-
-OBJS= $(OUTPRE)afsstring2key.$(OBJEXT) \
- $(OUTPRE)d3_cbc.$(OBJEXT) \
- $(OUTPRE)d3_aead.$(OBJEXT) \
- $(OUTPRE)d3_kysched.$(OBJEXT) \
- $(OUTPRE)des_prf.$(OBJEXT) \
- $(OUTPRE)f_aead.$(OBJEXT) \
- $(OUTPRE)f_cbc.$(OBJEXT) \
- $(OUTPRE)f_cksum.$(OBJEXT) \
- $(OUTPRE)f_parity.$(OBJEXT) \
- $(OUTPRE)f_sched.$(OBJEXT) \
- $(OUTPRE)f_tables.$(OBJEXT) \
- $(OUTPRE)key_sched.$(OBJEXT) \
- $(OUTPRE)string2key.$(OBJEXT) \
- $(OUTPRE)weak_key.$(OBJEXT)
-
-SRCS= $(srcdir)/afsstring2key.c \
- $(srcdir)/d3_cbc.c \
- $(srcdir)/d3_aead.c \
- $(srcdir)/d3_kysched.c \
- $(srcdir)/des_prf.c \
- $(srcdir)/f_aead.c \
- $(srcdir)/f_cbc.c \
- $(srcdir)/f_cksum.c \
- $(srcdir)/f_parity.c \
- $(srcdir)/f_sched.c \
- $(srcdir)/f_tables.c \
- $(srcdir)/key_sched.c \
- $(srcdir)/weak_key.c \
- $(srcdir)/string2key.c
-
-##DOS##LIBOBJS = $(OBJS)
-
-all-unix:: all-libobjs
-
-includes:: depend
-
-depend:: $(SRCS)
-
-TOBJS = $(OUTPRE)key_sched.$(OBJEXT) $(OUTPRE)f_sched.$(OBJEXT) $(OUTPRE)f_cbc.$(OBJEXT) \
- $(OUTPRE)f_tables.$(OBJEXT) $(OUTPRE)f_cksum.$(OBJEXT)
-
-verify$(EXEEXT): t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
- $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB)
- $(CC_LINK) -o $@ t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \
- -lcom_err $(SUPPORT_LIB)
-
-destest$(EXEEXT): destest.$(OBJEXT) $(TOBJS) $(SUPPORT_DEPLIB)
- $(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS) $(SUPPORT_LIB)
-
-TAFSS2KOBJS = \
- t_afss2k.$(OBJEXT) $(TOBJS) \
- afsstring2key.$(OBJEXT) f_parity.$(OBJEXT) weak_key.$(OBJEXT)
-
-t_afss2k$(EXEEXT): $(TAFSS2KOBJS) $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB)
- $(CC_LINK) -o $@ $(TAFSS2KOBJS) -lcom_err $(SUPPORT_LIB)
-
-check-unix:: verify destest t_afss2k
- $(RUN_SETUP) $(VALGRIND) ./verify -z
- $(RUN_SETUP) $(VALGRIND) ./verify -m
- $(RUN_SETUP) $(VALGRIND) ./verify
- $(RUN_SETUP) $(VALGRIND) ./destest < $(srcdir)/keytest.data
- $(RUN_SETUP) $(VALGRIND) ./t_afss2k
-
-check-windows::
-
-clean::
- $(RM) destest$(EXEEXT) verify$(EXEEXT) destest.$(OBJEXT) \
- t_verify.$(OBJEXT) t_afss2k.$(OBJEXT) t_afss2k$(EXEEXT)
-
-clean-unix:: clean-libobjs
-
-@libobj_frag@
-
diff --git a/src/lib/crypto/des/afsstring2key.c b/src/lib/crypto/des/afsstring2key.c
deleted file mode 100644
index eb6c37f33..000000000
--- a/src/lib/crypto/des/afsstring2key.c
+++ /dev/null
@@ -1,570 +0,0 @@
-/*
- * lib/crypto/des/string2key.c
- *
- * based on lib/crypto/des/string2key.c from MIT V5
- * and on lib/des/afs_string_to_key.c from UMD.
- * constructed by Mark Eichin, Cygnus Support, 1995.
- * made thread-safe by Ken Raeburn, MIT, 2001.
- */
-
-/*
- * Copyright 2001 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government. It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. FundsXpress makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-#include <ctype.h>
-
-#define afs_crypt mit_afs_crypt
-char *afs_crypt (const char *, const char *, char *);
-
-#undef min
-#define min(a,b) ((a)>(b)?(b):(a))
-
-krb5_error_code
-mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data,
- const krb5_data *salt)
-{
- /* totally different approach from MIT string2key. */
- /* much of the work has already been done by the only caller
- which is mit_des_string_to_key; in particular, *keyblock is already
- set up. */
-
- char *realm = salt->data;
- unsigned int i, j;
- krb5_octet *key = keyblock->contents;
-
- if (data->length <= 8) {
- /* One block only. Run afs_crypt and use the first eight
- returned bytes after the copy of the (fixed) salt.
-
- Since the returned bytes are alphanumeric, the output is
- limited to 2**48 possibilities; for each byte, only 64
- possible values can be used. */
- unsigned char password[9]; /* trailing nul for crypt() */
- char afs_crypt_buf[16];
-
- memset (password, 0, sizeof (password));
- memcpy (password, realm, min (salt->length, 8));
- for (i=0; i<8; i++)
- if (isupper(password[i]))
- password[i] = tolower(password[i]);
- for (i=0; i<data->length; i++)
- password[i] ^= data->data[i];
- for (i=0; i<8; i++)
- if (password[i] == '\0')
- password[i] = 'X';
- password[8] = '\0';
- /* Out-of-bounds salt characters are equivalent to a salt string
- of "p1". */
- strncpy((char *) key,
- (char *) afs_crypt((char *) password, "#~", afs_crypt_buf) + 2,
- 8);
- for (i=0; i<8; i++)
- key[i] <<= 1;
- /* now fix up key parity again */
- mit_des_fixup_key_parity(key);
- /* clean & free the input string */
- memset(password, 0, (size_t) sizeof(password));
- } else {
- /* Multiple blocks. Do a CBC checksum, twice, and use the
- result as the new key. */
- mit_des_cblock ikey, tkey;
- mit_des_key_schedule key_sked;
- unsigned int pw_len = salt->length+data->length;
- unsigned char *password = malloc(pw_len+1);
- if (!password) return ENOMEM;
-
- /* Some bound checks from the original code are elided here as
- the malloc above makes sure we have enough storage. */
- memcpy (password, data->data, data->length);
- for (i=data->length, j = 0; j < salt->length; i++, j++) {
- password[i] = realm[j];
- if (isupper(password[i]))
- password[i] = tolower(password[i]);
- }
-
- memcpy (ikey, "kerberos", sizeof(ikey));
- memcpy (tkey, ikey, sizeof(tkey));
- mit_des_fixup_key_parity (tkey);
- (void) mit_des_key_sched (tkey, key_sked);
- (void) mit_des_cbc_cksum (password, tkey, i, key_sked, ikey);
-
- memcpy (ikey, tkey, sizeof(ikey));
- mit_des_fixup_key_parity (tkey);
- (void) mit_des_key_sched (tkey, key_sked);
- (void) mit_des_cbc_cksum (password, key, i, key_sked, ikey);
-
- /* erase key_sked */
- memset(key_sked, 0,sizeof(key_sked));
-
- /* now fix up key parity again */
- mit_des_fixup_key_parity(key);
-
- /* clean & free the input string */
- memset(password, 0, (size_t) pw_len);
- free(password);
- }
-#if 0
- /* must free here because it was copied for this special case */
- free(salt->data);
-#endif
- return 0;
-}
-
-
-/* Portions of this code:
- Copyright 1989 by the Massachusetts Institute of Technology
- */
-
-/*
- * Copyright (c) 1990 Regents of The University of Michigan.
- * All Rights Reserved.
- *
- * Permission to use, copy, modify, and distribute this software
- * and its documentation for any purpose and without fee is hereby
- * granted, provided that the above copyright notice appears in all
- * copies and that both that copyright notice and this permission
- * notice appear in supporting documentation, and that the name of
- * The University of Michigan not be used in advertising or
- * publicity pertaining to distribution of the software without
- * specific, written prior permission. This software is supplied as
- * is without expressed or implied warranties of any kind.
- *
- * ITD Research Systems
- * University of Michigan
- * 535 W. William Street
- * Ann Arbor, Michigan
- * +1-313-936-2652
- * netatalk@terminator.cc.umich.edu
- */
-
-static void krb5_afs_crypt_setkey (char*, char*, char(*)[48]);
-static void krb5_afs_encrypt (char*,char*,char (*)[48]);
-
-/*
- * Initial permutation,
- */
-static const char IP[] = {
- 58,50,42,34,26,18,10, 2,
- 60,52,44,36,28,20,12, 4,
- 62,54,46,38,30,22,14, 6,
- 64,56,48,40,32,24,16, 8,
- 57,49,41,33,25,17, 9, 1,
- 59,51,43,35,27,19,11, 3,
- 61,53,45,37,29,21,13, 5,
- 63,55,47,39,31,23,15, 7,
-};
-
-/*
- * Final permutation, FP = IP^(-1)
- */
-static const char FP[] = {
- 40, 8,48,16,56,24,64,32,
- 39, 7,47,15,55,23,63,31,
- 38, 6,46,14,54,22,62,30,
- 37, 5,45,13,53,21,61,29,
- 36, 4,44,12,52,20,60,28,
- 35, 3,43,11,51,19,59,27,
- 34, 2,42,10,50,18,58,26,
- 33, 1,41, 9,49,17,57,25,
-};
-
-/*
- * Permuted-choice 1 from the key bits to yield C and D.
- * Note that bits 8,16... are left out: They are intended for a parity check.
- */
-static const char PC1_C[] = {
- 57,49,41,33,25,17, 9,
- 1,58,50,42,34,26,18,
- 10, 2,59,51,43,35,27,
- 19,11, 3,60,52,44,36,
-};
-
-static const char PC1_D[] = {
- 63,55,47,39,31,23,15,
- 7,62,54,46,38,30,22,
- 14, 6,61,53,45,37,29,
- 21,13, 5,28,20,12, 4,
-};
-
-/*
- * Sequence of shifts used for the key schedule.
- */
-static const char shifts[] = {
- 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1,
-};
-
-/*
- * Permuted-choice 2, to pick out the bits from
- * the CD array that generate the key schedule.
- */
-static const char PC2_C[] = {
- 14,17,11,24, 1, 5,
- 3,28,15, 6,21,10,
- 23,19,12, 4,26, 8,
- 16, 7,27,20,13, 2,
-};
-
-static const char PC2_D[] = {
- 41,52,31,37,47,55,
- 30,40,51,45,33,48,
- 44,49,39,56,34,53,
- 46,42,50,36,29,32,
-};
-
-/*
- * The E bit-selection table.
- */
-static const char e[] = {
- 32, 1, 2, 3, 4, 5,
- 4, 5, 6, 7, 8, 9,
- 8, 9,10,11,12,13,
- 12,13,14,15,16,17,
- 16,17,18,19,20,21,
- 20,21,22,23,24,25,
- 24,25,26,27,28,29,
- 28,29,30,31,32, 1,
-};
-
-/*
- * P is a permutation on the selected combination
- * of the current L and key.
- */
-static const char P[] = {
- 16, 7,20,21,
- 29,12,28,17,
- 1,15,23,26,
- 5,18,31,10,
- 2, 8,24,14,
- 32,27, 3, 9,
- 19,13,30, 6,
- 22,11, 4,25,
-};
-
-/*
- * The 8 selection functions.
- * For some reason, they give a 0-origin
- * index, unlike everything else.
- */
-static const char S[8][64] = {
- {14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7,
- 0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8,
- 4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0,
- 15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13},
-
- {15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10,
- 3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5,
- 0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15,
- 13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9},
-
- {10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8,
- 13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1,
- 13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7,
- 1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12},
-
- { 7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15,
- 13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9,
- 10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4,
- 3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14},
-
- { 2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9,
- 14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6,
- 4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14,
- 11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3},
-
- {12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11,
- 10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8,
- 9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6,
- 4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13},
-
- { 4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1,
- 13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6,
- 1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2,
- 6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12},
-
- {13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7,
- 1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2,
- 7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8,
- 2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11},
-};
-
-
-char *afs_crypt(const char *pw, const char *salt,
- /* must be at least 16 bytes */
- char *iobuf)
-{
- int i, j, c;
- int temp;
- char block[66];
- char E[48];
- /*
- * The key schedule.
- * Generated from the key.
- */
- char KS[16][48];
-
- for(i=0; i<66; i++)
- block[i] = 0;
- for(i=0; (c= *pw) && i<64; pw++){
- for(j=0; j<7; j++, i++)
- block[i] = (c>>(6-j)) & 01;
- i++;
- }
-
- krb5_afs_crypt_setkey(block, E, KS);
-
- for(i=0; i<66; i++)
- block[i] = 0;
-
- for(i=0;i<2;i++){
- c = *salt++;
- iobuf[i] = c;
- if(c>'Z') c -= 6;
- if(c>'9') c -= 7;
- c -= '.';
- for(j=0;j<6;j++){
- if((c>>j) & 01){
- temp = E[6*i+j];
- E[6*i+j] = E[6*i+j+24];
- E[6*i+j+24] = temp;
- }
- }
- }
-
- for(i=0; i<25; i++)
- krb5_afs_encrypt(block,E,KS);
-
- for(i=0; i<11; i++){
- c = 0;
- for(j=0; j<6; j++){
- c <<= 1;
- c |= block[6*i+j];
- }
- c += '.';
- if(c>'9') c += 7;
- if(c>'Z') c += 6;
- iobuf[i+2] = c;
- }
- iobuf[i+2] = 0;
- if(iobuf[1]==0)
- iobuf[1] = iobuf[0];
- return(iobuf);
-}
-
-/*
- * Set up the key schedule from the key.
- */
-
-static void krb5_afs_crypt_setkey(char *key, char *E, char (*KS)[48])
-{
- register int i, j, k;
- int t;
- /*
- * The C and D arrays used to calculate the key schedule.
- */
- char C[28], D[28];
-
- /*
- * First, generate C and D by permuting
- * the key. The low order bit of each
- * 8-bit char is not used, so C and D are only 28
- * bits apiece.
- */
- for (i=0; i<28; i++) {
- C[i] = key[PC1_C[i]-1];
- D[i] = key[PC1_D[i]-1];
- }
- /*
- * To generate Ki, rotate C and D according
- * to schedule and pick up a permutation
- * using PC2.
- */
- for (i=0; i<16; i++) {
- /*
- * rotate.
- */
- for (k=0; k<shifts[i]; k++) {
- t = C[0];
- for (j=0; j<28-1; j++)
- C[j] = C[j+1];
- C[27] = t;
- t = D[0];
- for (j=0; j<28-1; j++)
- D[j] = D[j+1];
- D[27] = t;
- }
- /*
- * get Ki. Note C and D are concatenated.
- */
- for (j=0; j<24; j++) {
- KS[i][j] = C[PC2_C[j]-1];
- KS[i][j+24] = D[PC2_D[j]-28-1];
- }
- }
-
-#if 0
- for(i=0;i<48;i++) {
- E[i] = e[i];
- }
-#else
- memcpy(E, e, 48);
-#endif
-}
-
-/*
- * The payoff: encrypt a block.
- */
-
-static void krb5_afs_encrypt(char *block, char *E, char (*KS)[48])
-{
- const long edflag = 0;
- int i, ii;
- int t, j, k;
- char tempL[32];
- char f[32];
- /*
- * The current block, divided into 2 halves.
- */
- char L[64];
- char *const R = &L[32];
- /*
- * The combination of the key and the input, before selection.
- */
- char preS[48];
-
- /*
- * First, permute the bits in the input
- */
- for (j=0; j<64; j++)
- L[j] = block[IP[j]-1];
- /*
- * Perform an encryption operation 16 times.
- */
- for (ii=0; ii<16; ii++) {
- /*
- * Set direction
- */
- if (edflag)
- i = 15-ii;
- else
- i = ii;
- /*
- * Save the R array,
- * which will be the new L.
- */
-#if 0
- for (j=0; j<32; j++)
- tempL[j] = R[j];
-#else
- memcpy(tempL, R, 32);
-#endif
- /*
- * Expand R to 48 bits using the E selector;
- * exclusive-or with the current key bits.
- */
- for (j=0; j<48; j++)
- preS[j] = R[E[j]-1] ^ KS[i][j];
- /*
- * The pre-select bits are now considered
- * in 8 groups of 6 bits each.
- * The 8 selection functions map these
- * 6-bit quantities into 4-bit quantities
- * and the results permuted
- * to make an f(R, K).
- * The indexing into the selection functions
- * is peculiar; it could be simplified by
- * rewriting the tables.
- */
- for (j=0; j<8; j++) {
- t = 6*j;
- k = S[j][(preS[t+0]<<5)+
- (preS[t+1]<<3)+
- (preS[t+2]<<2)+
- (preS[t+3]<<1)+
- (preS[t+4]<<0)+
- (preS[t+5]<<4)];
- t = 4*j;
- f[t+0] = (k>>3)&01;
- f[t+1] = (k>>2)&01;
- f[t+2] = (k>>1)&01;
- f[t+3] = (k>>0)&01;
- }
- /*
- * The new R is L ^ f(R, K).
- * The f here has to be permuted first, though.
- */
- for (j=0; j<32; j++)
- R[j] = L[j] ^ f[P[j]-1];
- /*
- * Finally, the new L (the original R)
- * is copied back.
- */
-#if 0
- for (j=0; j<32; j++)
- L[j] = tempL[j];
-#else
- memcpy(L, tempL, 32);
-#endif
- }
- /*
- * The output L and R are reversed.
- */
- for (j=0; j<32; j++) {
- t = L[j];
- L[j] = R[j];
- R[j] = t;
- }
- /*
- * The final output
- * gets the inverse permutation of the very original.
- */
- for (j=0; j<64; j++)
- block[j] = L[FP[j]-1];
-}
diff --git a/src/lib/crypto/des/d3_aead.c b/src/lib/crypto/des/d3_aead.c
deleted file mode 100644
index 42ac395f3..000000000
--- a/src/lib/crypto/des/d3_aead.c
+++ /dev/null
@@ -1,207 +0,0 @@
-/*
- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission. Richard P. Basch,
- * Lehman Brothers and M.I.T. make no representations about the suitability
- * of this software for any purpose. It is provided "as is" without
- * express or implied warranty.
- */
-
-#include "des_int.h"
-#include "f_tables.h"
-#include "../aead.h"
-
-void
-krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp1, *kp2, *kp3;
- const unsigned char *ip;
- unsigned char *op;
- struct iov_block_state input_pos, output_pos;
- unsigned char iblock[MIT_DES_BLOCK_LENGTH];
- unsigned char oblock[MIT_DES_BLOCK_LENGTH];
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp1 = (const unsigned DES_INT32 *)ks1;
- kp2 = (const unsigned DES_INT32 *)ks2;
- kp3 = (const unsigned DES_INT32 *)ks3;
-
- /*
- * Initialize left and right with the contents of the initial
- * vector.
- */
- if (ivec != NULL)
- ip = ivec;
- else
- ip = mit_des_zeroblock;
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
-
- /*
- * Suitably initialized, now work the length down 8 bytes
- * at a time.
- */
- for (;;) {
- unsigned DES_INT32 temp;
-
- ip = iblock;
- op = oblock;
-
- if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
- break;
-
- if (input_pos.iov_pos == num_data)
- break;
-
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
-
- /*
- * Encrypt what we have
- */
- DES_DO_ENCRYPT(left, right, kp1);
- DES_DO_DECRYPT(left, right, kp2);
- DES_DO_ENCRYPT(left, right, kp3);
-
- /*
- * Copy the results out
- */
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
-
- krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
- }
-
- if (ivec != NULL)
- memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
-}
-
-void
-krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp1, *kp2, *kp3;
- const unsigned char *ip;
- unsigned DES_INT32 ocipherl, ocipherr;
- unsigned DES_INT32 cipherl, cipherr;
- unsigned char *op;
- struct iov_block_state input_pos, output_pos;
- unsigned char iblock[MIT_DES_BLOCK_LENGTH];
- unsigned char oblock[MIT_DES_BLOCK_LENGTH];
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp1 = (const unsigned DES_INT32 *)ks1;
- kp2 = (const unsigned DES_INT32 *)ks2;
- kp3 = (const unsigned DES_INT32 *)ks3;
-
- /*
- * Decrypting is harder than encrypting because of
- * the necessity of remembering a lot more things.
- * Should think about this a little more...
- */
-
- if (num_data == 0)
- return;
-
- /*
- * Prime the old cipher with ivec.
- */
- if (ivec != NULL)
- ip = ivec;
- else
- ip = mit_des_zeroblock;
- GET_HALF_BLOCK(ocipherl, ip);
- GET_HALF_BLOCK(ocipherr, ip);
-
- /*
- * Now do this in earnest until we run out of length.
- */
- for (;;) {
- /*
- * Read a block from the input into left and
- * right. Save this cipher block for later.
- */
-
- if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
- break;
-
- if (input_pos.iov_pos == num_data)
- break;
-
- ip = iblock;
- op = oblock;
-
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
- cipherl = left;
- cipherr = right;
-
- /*
- * Decrypt this.
- */
- DES_DO_DECRYPT(left, right, kp3);
- DES_DO_ENCRYPT(left, right, kp2);
- DES_DO_DECRYPT(left, right, kp1);
-
- /*
- * Xor with the old cipher to get plain
- * text. Output 8 or less bytes of this.
- */
- left ^= ocipherl;
- right ^= ocipherr;
-
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
-
- /*
- * Save current cipher block here
- */
- ocipherl = cipherl;
- ocipherr = cipherr;
-
- krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
- }
-
- if (ivec != NULL) {
- op = ivec;
- PUT_HALF_BLOCK(ocipherl,op);
- PUT_HALF_BLOCK(ocipherr, op);
- }
-}
diff --git a/src/lib/crypto/des/d3_cbc.c b/src/lib/crypto/des/d3_cbc.c
deleted file mode 100644
index 077e78d2c..000000000
--- a/src/lib/crypto/des/d3_cbc.c
+++ /dev/null
@@ -1,223 +0,0 @@
-/*
- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission. Richard P. Basch,
- * Lehman Brothers and M.I.T. make no representations about the suitability
- * of this software for any purpose. It is provided "as is" without
- * express or implied warranty.
- */
-
-#include "des_int.h"
-#include "f_tables.h"
-
-/*
- * Triple-DES CBC encryption mode.
- */
-
-#undef mit_des3_cbc_encrypt
-int
-mit_des3_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
- unsigned long length, const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec, int enc)
-{
- if (enc)
- krb5int_des3_cbc_encrypt(in, out, length, ks1, ks2, ks3, ivec);
- else
- krb5int_des3_cbc_decrypt(in, out, length, ks1, ks2, ks3, ivec);
- return 0;
-}
-
-void
-krb5int_des3_cbc_encrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp1, *kp2, *kp3;
- const unsigned char *ip;
- unsigned char *op;
-
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp1 = (const unsigned DES_INT32 *)ks1;
- kp2 = (const unsigned DES_INT32 *)ks2;
- kp3 = (const unsigned DES_INT32 *)ks3;
-
- /*
- * Initialize left and right with the contents of the initial
- * vector.
- */
- ip = ivec;
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
-
- /*
- * Suitably initialized, now work the length down 8 bytes
- * at a time.
- */
- ip = *in;
- op = *out;
- while (length > 0) {
- /*
- * Get more input, xor it in. If the length is
- * greater than or equal to 8 this is straight
- * forward. Otherwise we have to fart around.
- */
- if (length >= 8) {
- unsigned DES_INT32 temp;
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
- length -= 8;
- } else {
- /*
- * Oh, shoot. We need to pad the
- * end with zeroes. Work backwards
- * to do this.
- */
- ip += (int) length;
- switch(length) {
- case 7: right ^= (*(--ip) & FF_UINT32) << 8;
- case 6: right ^= (*(--ip) & FF_UINT32) << 16;
- case 5: right ^= (*(--ip) & FF_UINT32) << 24;
- case 4: left ^= *(--ip) & FF_UINT32;
- case 3: left ^= (*(--ip) & FF_UINT32) << 8;
- case 2: left ^= (*(--ip) & FF_UINT32) << 16;
- case 1: left ^= (*(--ip) & FF_UINT32) << 24;
-
- }
- length = 0;
- }
-
- /*
- * Encrypt what we have
- */
- DES_DO_ENCRYPT(left, right, kp1);
- DES_DO_DECRYPT(left, right, kp2);
- DES_DO_ENCRYPT(left, right, kp3);
-
- /*
- * Copy the results out
- */
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
- }
-}
-
-void
-krb5int_des3_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp1, *kp2, *kp3;
- const unsigned char *ip;
- unsigned char *op;
- unsigned DES_INT32 ocipherl, ocipherr;
- unsigned DES_INT32 cipherl, cipherr;
-
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp1 = (const unsigned DES_INT32 *)ks1;
- kp2 = (const unsigned DES_INT32 *)ks2;
- kp3 = (const unsigned DES_INT32 *)ks3;
-
- /*
- * Decrypting is harder than encrypting because of
- * the necessity of remembering a lot more things.
- * Should think about this a little more...
- */
-
- if (length <= 0)
- return;
-
- /*
- * Prime the old cipher with ivec.
- */
- ip = ivec;
- GET_HALF_BLOCK(ocipherl, ip);
- GET_HALF_BLOCK(ocipherr, ip);
-
- /*
- * Now do this in earnest until we run out of length.
- */
- ip = *in;
- op = *out;
- for (;;) { /* check done inside loop */
- /*
- * Read a block from the input into left and
- * right. Save this cipher block for later.
- */
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
- cipherl = left;
- cipherr = right;
-
- /*
- * Decrypt this.
- */
- DES_DO_DECRYPT(left, right, kp3);
- DES_DO_ENCRYPT(left, right, kp2);
- DES_DO_DECRYPT(left, right, kp1);
-
- /*
- * Xor with the old cipher to get plain
- * text. Output 8 or less bytes of this.
- */
- left ^= ocipherl;
- right ^= ocipherr;
- if (length > 8) {
- length -= 8;
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
- /*
- * Save current cipher block here
- */
- ocipherl = cipherl;
- ocipherr = cipherr;
- } else {
- /*
- * Trouble here. Start at end of output,
- * work backwards.
- */
- op += (int) length;
- switch(length) {
- case 8: *(--op) = (unsigned char) (right & 0xff);
- case 7: *(--op) = (unsigned char) ((right >> 8) & 0xff);
- case 6: *(--op) = (unsigned char) ((right >> 16) & 0xff);
- case 5: *(--op) = (unsigned char) ((right >> 24) & 0xff);
- case 4: *(--op) = (unsigned char) (left & 0xff);
- case 3: *(--op) = (unsigned char) ((left >> 8) & 0xff);
- case 2: *(--op) = (unsigned char) ((left >> 16) & 0xff);
- case 1: *(--op) = (unsigned char) ((left >> 24) & 0xff);
- }
- break; /* we're done */
- }
- }
-}
diff --git a/src/lib/crypto/des/d3_kysched.c b/src/lib/crypto/des/d3_kysched.c
deleted file mode 100644
index f18cc2419..000000000
--- a/src/lib/crypto/des/d3_kysched.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission. Richard P. Basch,
- * Lehman Brothers and M.I.T. make no representations about the suitability
- * of this software for any purpose. It is provided "as is" without
- * express or implied warranty.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-
-int
-mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule)
-{
- mit_des_make_key_sched(k[0],schedule[0]);
- mit_des_make_key_sched(k[1],schedule[1]);
- mit_des_make_key_sched(k[2],schedule[2]);
-
- if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */
- return(-1);
- if (mit_des_is_weak_key(k[0]))
- return(-2);
-
- if (!mit_des_check_key_parity(k[1]))
- return(-1);
- if (mit_des_is_weak_key(k[1]))
- return(-2);
-
- if (!mit_des_check_key_parity(k[2]))
- return(-1);
- if (mit_des_is_weak_key(k[2]))
- return(-2);
-
- /* if key was good, return 0 */
- return 0;
-}
diff --git a/src/lib/crypto/des/deps b/src/lib/crypto/des/deps
deleted file mode 100644
index 93147df27..000000000
--- a/src/lib/crypto/des/deps
+++ /dev/null
@@ -1,146 +0,0 @@
-#
-# Generated makefile dependencies follow.
-#
-afsstring2key.so afsstring2key.po $(OUTPRE)afsstring2key.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
- $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
- $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
- $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h afsstring2key.c des_int.h
-d3_cbc.so d3_cbc.po $(OUTPRE)d3_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- d3_cbc.c des_int.h f_tables.h
-d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h d3_aead.c \
- des_int.h f_tables.h
-d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
- $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
- $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
- $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h d3_kysched.c des_int.h
-des_prf.so des_prf.po $(OUTPRE)des_prf.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../hash_provider/hash_provider.h des_prf.c
-f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- $(srcdir)/../aead.h $(srcdir)/../cksumtypes.h des_int.h \
- f_aead.c f_tables.h
-f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- des_int.h f_cbc.c f_tables.h
-f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- des_int.h f_cksum.c f_tables.h
-f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
- $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
- $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
- $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h des_int.h f_parity.c
-f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h \
- $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-gmt_mktime.h \
- $(SRCTOP)/include/k5-int-pkinit.h $(SRCTOP)/include/k5-int.h \
- $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \
- $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/krb5.h \
- $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \
- $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \
- des_int.h f_sched.c
-f_tables.so f_tables.po $(OUTPRE)f_tables.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
- $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
- $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
- $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h des_int.h f_tables.c \
- f_tables.h
-key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
- $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
- $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
- $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h des_int.h key_sched.c
-weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
- $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
- $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
- $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h des_int.h weak_key.c
-string2key.so string2key.po $(OUTPRE)string2key.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \
- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
- $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \
- $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \
- $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
- $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
- $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
- $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
- $(SRCTOP)/include/socket-utils.h des_int.h string2key.c
diff --git a/src/lib/crypto/des/des_int.h b/src/lib/crypto/des/des_int.h
deleted file mode 100644
index 4a1d52ae3..000000000
--- a/src/lib/crypto/des/des_int.h
+++ /dev/null
@@ -1,382 +0,0 @@
-/*
- * lib/crypto/des/des_int.h
- *
- * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of
- * Technology. All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- *
- * Private include file for the Data Encryption Standard library.
- */
-
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government. It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. FundsXpress makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-/* only do the whole thing once */
-#ifndef DES_INTERNAL_DEFS
-#define DES_INTERNAL_DEFS
-
-#include "k5-int.h"
-/*
- * Begin "mit-des.h"
- */
-#ifndef KRB5_MIT_DES__
-#define KRB5_MIT_DES__
-
-#if defined(__MACH__) && defined(__APPLE__)
-#include <TargetConditionals.h>
-#include <AvailabilityMacros.h>
-#if TARGET_RT_MAC_CFM
-#error "Use KfM 4.0 SDK headers for CFM compilation."
-#endif
-#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS)
-#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5
-#endif
-#endif /* defined(__MACH__) && defined(__APPLE__) */
-
-/* Macro to add deprecated attribute to DES types and functions */
-/* Currently only defined on Mac OS X 10.5 and later. */
-#ifndef KRB5INT_DES_DEPRECATED
-#define KRB5INT_DES_DEPRECATED
-#endif
-
-#include <limits.h>
-
-#if UINT_MAX >= 0xFFFFFFFFUL
-#define DES_INT32 int
-#define DES_UINT32 unsigned int
-#else
-#define DES_INT32 long
-#define DES_UINT32 unsigned long
-#endif
-
-typedef unsigned char des_cblock[8] /* crypto-block size */
-KRB5INT_DES_DEPRECATED;
-
-/*
- * Key schedule.
- *
- * This used to be
- *
- * typedef struct des_ks_struct {
- * union { DES_INT32 pad; des_cblock _;} __;
- * } des_key_schedule[16];
- *
- * but it would cause trouble if DES_INT32 were ever more than 4
- * bytes. The reason is that all the encryption functions cast it to
- * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If
- * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the
- * caller-allocated des_key_schedule will be overflowed by the key
- * scheduling functions. We can't assume that every platform will
- * have an exact 32-bit int, and nothing should be looking inside a
- * des_key_schedule anyway.
- */
-typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16]
-KRB5INT_DES_DEPRECATED;
-
-typedef des_cblock mit_des_cblock;
-typedef des_key_schedule mit_des_key_schedule;
-
-/* Triple-DES structures */
-typedef mit_des_cblock mit_des3_cblock[3];
-typedef mit_des_key_schedule mit_des3_key_schedule[3];
-
-#define MIT_DES_ENCRYPT 1
-#define MIT_DES_DECRYPT 0
-
-typedef struct mit_des_ran_key_seed {
- krb5_encrypt_block eblock;
- krb5_data sequence;
-} mit_des_random_state;
-
-/* the first byte of the key is already in the keyblock */
-
-#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet))
-#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH
-/* This used to be 8*sizeof(krb5_octet) */
-#define MIT_DES_KEYSIZE 8
-
-#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet))
-
-/*
- * Check if k5-int.h has been included before us. If so, then check to see
- * that our view of the DES key size is the same as k5-int.h's.
- */
-#ifdef KRB5_MIT_DES_KEYSIZE
-#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
-error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
-#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
-#endif /* KRB5_MIT_DES_KEYSIZE */
-#endif /* KRB5_MIT_DES__ */
-/*
- * End "mit-des.h"
- */
-
-/* afsstring2key.c */
-extern krb5_error_code mit_afs_string_to_key
- (krb5_keyblock *keyblock,
- const krb5_data *data,
- const krb5_data *salt);
-extern char *mit_afs_crypt
- (const char *pw, const char *salt, char *iobuf);
-
-/* f_cksum.c */
-extern unsigned long mit_des_cbc_cksum
- (const krb5_octet *, krb5_octet *, unsigned long ,
- const mit_des_key_schedule, const krb5_octet *);
-
-/* f_ecb.c */
-extern int mit_des_ecb_encrypt
- (const mit_des_cblock *, mit_des_cblock *, mit_des_key_schedule , int );
-
-/* f_cbc.c */
-extern int mit_des_cbc_encrypt (const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec, int enc);
-
-#define mit_des_zeroblock krb5int_c_mit_des_zeroblock
-extern const mit_des_cblock mit_des_zeroblock;
-
-/* fin_rndkey.c */
-extern krb5_error_code mit_des_finish_random_key
- ( const krb5_encrypt_block *,
- krb5_pointer *);
-
-/* finish_key.c */
-extern krb5_error_code mit_des_finish_key
- ( krb5_encrypt_block *);
-
-/* init_rkey.c */
-extern krb5_error_code mit_des_init_random_key
- ( const krb5_encrypt_block *,
- const krb5_keyblock *,
- krb5_pointer *);
-
-/* key_parity.c */
-extern void mit_des_fixup_key_parity (mit_des_cblock );
-extern int mit_des_check_key_parity (mit_des_cblock );
-
-/* key_sched.c */
-extern int mit_des_key_sched
- (mit_des_cblock , mit_des_key_schedule );
-
-/* process_ky.c */
-extern krb5_error_code mit_des_process_key
- ( krb5_encrypt_block *, const krb5_keyblock *);
-
-/* random_key.c */
-extern krb5_error_code mit_des_random_key
- ( const krb5_encrypt_block *, krb5_pointer ,
- krb5_keyblock **);
-
-/* string2key.c */
-extern krb5_error_code mit_des_string_to_key
- ( const krb5_encrypt_block *,
- krb5_keyblock *, const krb5_data *, const krb5_data *);
-extern krb5_error_code mit_des_string_to_key_int
- (krb5_keyblock *, const krb5_data *, const krb5_data *);
-
-/* weak_key.c */
-extern int mit_des_is_weak_key (mit_des_cblock );
-
-/* cmb_keys.c */
-krb5_error_code mit_des_combine_subkeys
- (const krb5_keyblock *, const krb5_keyblock *,
- krb5_keyblock **);
-
-/* f_pcbc.c */
-int mit_des_pcbc_encrypt ();
-
-/* f_sched.c */
-int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule);
-
-
-/* misc.c */
-extern void swap_bits (char *);
-extern unsigned long long_swap_bits (unsigned long );
-extern unsigned long swap_six_bits_to_ansi (unsigned long );
-extern unsigned long swap_four_bits_to_ansi (unsigned long );
-extern unsigned long swap_bit_pos_1 (unsigned long );
-extern unsigned long swap_bit_pos_0 (unsigned long );
-extern unsigned long swap_bit_pos_0_to_ansi (unsigned long );
-extern unsigned long rev_swap_bit_pos_0 (unsigned long );
-extern unsigned long swap_byte_bits (unsigned long );
-extern unsigned long swap_long_bytes_bit_number (unsigned long );
-#ifdef FILE
-/* XXX depends on FILE being a #define! */
-extern void test_set (FILE *, const char *, int, const char *, int);
-#endif
-
-/* d3_ecb.c */
-extern int mit_des3_ecb_encrypt
- (const mit_des_cblock *in,
- mit_des_cblock *out,
- mit_des_key_schedule sched1,
- mit_des_key_schedule sched2,
- mit_des_key_schedule sched3,
- int enc);
-
-/* d3_cbc.c */
-extern int mit_des3_cbc_encrypt
- (const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec,
- int enc);
-
-void
-krb5int_des3_cbc_encrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec);
-void
-krb5int_des3_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- const mit_des_cblock ivec);
-
-void
-krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec);
-
-void
-krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule ks1,
- const mit_des_key_schedule ks2,
- const mit_des_key_schedule ks3,
- mit_des_cblock ivec);
-
-#define mit_des3_cbc_encrypt(in,out,length,ks1,ks2,ks3,ivec,enc) \
- ((enc ? krb5int_des3_cbc_encrypt : krb5int_des3_cbc_decrypt) \
- (in, out, length, ks1, ks2, ks3, ivec), 0)
-
-void
-krb5int_des_cbc_encrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec);
-void
-krb5int_des_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec);
-
-#define mit_des_cbc_encrypt(in,out,length,schedule,ivec,enc) \
- ((enc ? krb5int_des_cbc_encrypt : krb5int_des_cbc_decrypt) \
- (in, out, length, schedule, ivec), 0)
-
-void
-krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec);
-
-void
-krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec);
-
-/* d3_procky.c */
-extern krb5_error_code mit_des3_process_key
- (krb5_encrypt_block * eblock,
- const krb5_keyblock * keyblock);
-
-/* d3_kysched.c */
-extern int mit_des3_key_sched
- (mit_des3_cblock key,
- mit_des3_key_schedule schedule);
-
-/* d3_str2ky.c */
-extern krb5_error_code mit_des3_string_to_key
- (const krb5_encrypt_block * eblock,
- krb5_keyblock * keyblock,
- const krb5_data * data,
- const krb5_data * salt);
-
-/* u_nfold.c */
-extern krb5_error_code mit_des_n_fold
- (const krb5_octet * input,
- const size_t in_len,
- krb5_octet * output,
- const size_t out_len);
-
-/* u_rn_key.c */
-extern int mit_des_is_weak_keyblock
- (krb5_keyblock *keyblock);
-
-extern void mit_des_fixup_keyblock_parity
- (krb5_keyblock *keyblock);
-
-extern krb5_error_code mit_des_set_random_generator_seed
- (const krb5_data * seed,
- krb5_pointer random_state);
-
-extern krb5_error_code mit_des_set_random_sequence_number
- (const krb5_data * sequence,
- krb5_pointer random_state);
-krb5_error_code
-krb5int_des_prf (const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- const krb5_keyblock *key,
- const krb5_data *in, krb5_data *out);
-#endif /*DES_INTERNAL_DEFS*/
diff --git a/src/lib/crypto/des/des_prf.c b/src/lib/crypto/des/des_prf.c
deleted file mode 100644
index 9bb1085c3..000000000
--- a/src/lib/crypto/des/des_prf.c
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * lib/crypto/des/des_prf.c
- *
- * Copyright (C) 2004, 2009 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- *
- *
- * This file contains an implementation of the RFC 3961 PRF for
- * des-cbc-crc, des-cbc-md4, and des-cbc-md5 enctypes.
- */
-
-#include "k5-int.h"
-#include "../hash_provider/hash_provider.h" /* XXX is this ok? */
-
-krb5_error_code
-krb5int_des_prf (const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- const krb5_keyblock *key,
- const krb5_data *in, krb5_data *out)
-{
- krb5_data tmp;
- krb5_error_code ret = 0;
-
- hash = &krb5int_hash_md5; /* MD5 is always used. */
- tmp.length = hash->hashsize;
- tmp.data = malloc(hash->hashsize);
- if (tmp.data == NULL)
- return ENOMEM;
- ret = hash->hash(1, in, &tmp);
- if (ret == 0)
- ret = enc->encrypt(key, NULL, &tmp, out);
- free(tmp.data);
- return ret;
-}
diff --git a/src/lib/crypto/des/destest.c b/src/lib/crypto/des/destest.c
deleted file mode 100644
index 2582cc3d3..000000000
--- a/src/lib/crypto/des/destest.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/*
- * lib/crypto/des/destest.c
- *
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- *
- * Test a DES implementation against known inputs & outputs
- */
-
-
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government. It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. FundsXpress makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "des_int.h"
-#include "com_err.h"
-
-#include <stdio.h>
-
-void convert (char *, unsigned char []);
-
-void des_cblock_print_file (mit_des_cblock, FILE *);
-
-krb5_octet zeroblock[8] = {0,0,0,0,0,0,0,0};
-
-int
-main(argc, argv)
- int argc;
- char *argv[];
-{
- char block1[17], block2[17], block3[17];
-#if 0
- mit_des_cblock key, input, output, output2;
-#else
- /* Force tests of unaligned accesses. */
- union { unsigned char c[8*4+3]; long l; } u;
- unsigned char *ioblocks = u.c;
- unsigned char *input = ioblocks+1;
- unsigned char *output = ioblocks+10;
- unsigned char *output2 = ioblocks+19;
- unsigned char *key = ioblocks+27;
-#endif
- mit_des_key_schedule sched;
- int num = 0;
- int retval;
-
- int error = 0;
-
- while (scanf("%16s %16s %16s", block1, block2, block3) == 3) {
- convert(block1, key);
- convert(block2, input);
- convert(block3, output);
-
- retval = mit_des_key_sched(key, sched);
- if (retval) {
- fprintf(stderr, "des test: can't process key");
- exit(1);
- }
- mit_des_cbc_encrypt((const mit_des_cblock *) input, output2, 8,
- sched, zeroblock, 1);
-
- if (memcmp((char *)output2, (char *)output, 8)) {
- fprintf(stderr,
- "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n",
- block1, block2, block3,
- output2[0],output2[1],output2[2],output2[3],
- output2[4],output2[5],output2[6],output2[7]);
- error++;
- }
-
- /*
- * Now try decrypting....
- */
- mit_des_cbc_encrypt((const mit_des_cblock *) output, output2, 8,
- sched, zeroblock, 0);
-
- if (memcmp((char *)output2, (char *)input, 8)) {
- fprintf(stderr,
- "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n",
- block1, block2, block3,
- output2[0],output2[1],output2[2],output2[3],
- output2[4],output2[5],output2[6],output2[7]);
- error++;
- }
-
- num++;
- }
-
- if (error)
- printf("destest: failed to pass the test\n");
- else
- printf("destest: %d tests passed successfully\n", num);
-
- exit( (error > 256 && error % 256) ? 1 : error);
-}
-
-int value[128] = {
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
-0, 1, 2, 3, 4, 5, 6, 7,
-8, 9, -1, -1, -1, -1, -1, -1,
--1, 10, 11, 12, 13, 14, 15, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
--1, -1, -1, -1, -1, -1, -1, -1,
-};
-
-void
-convert(text, cblock)
- char *text;
- unsigned char cblock[];
-{
- register int i;
- for (i = 0; i < 8; i++) {
- if (text[i*2] < 0 || text[i*2] >= 128)
- abort ();
- if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) {
- printf("Bad value byte %d in %s\n", i, text);
- exit(1);
- }
- cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]];
- }
- return;
-}
-
-/*
- * Fake out the DES library, for the purposes of testing.
- */
-
-#include "des_int.h"
-
-int
-mit_des_is_weak_key(key)
- mit_des_cblock key;
-{
- return 0; /* fake it out for testing */
-}
-
-void
-des_cblock_print_file(x, fp)
- mit_des_cblock x;
- FILE *fp;
-{
- unsigned char *y = (unsigned char *) x;
- register int i = 0;
- fprintf(fp," 0x { ");
-
- while (i++ < 8) {
- fprintf(fp,"%x",*y++);
- if (i < 8)
- fprintf(fp,", ");
- }
- fprintf(fp," }");
-}
-
-
-#define smask(step) ((1<<step)-1)
-#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
-#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
-
-/*
- * des_check_key_parity: returns true iff key has the correct des parity.
- * See des_fix_key_parity for the definition of
- * correct des parity.
- */
-int
-mit_des_check_key_parity(key)
- register mit_des_cblock key;
-{
- int i;
-
- for (i=0; i<sizeof(mit_des_cblock); i++) {
- if ((key[i] & 1) == parity_char(0xfe&key[i])) {
- printf("warning: bad parity key:");
- des_cblock_print_file(key, stdout);
- putchar('\n');
-
- return 1;
- }
- }
-
- return(1);
-}
-
-void
-mit_des_fixup_key_parity(key)
- register mit_des_cblock key;
-{
- int i;
- for (i=0; i<sizeof(mit_des_cblock); i++)
- {
- key[i] &= 0xfe;
- key[i] |= 1^parity_char(key[i]);
- }
-
- return;
-}
diff --git a/src/lib/crypto/des/doc/libdes.doc b/src/lib/crypto/des/doc/libdes.doc
deleted file mode 100644
index 70f9f336a..000000000
--- a/src/lib/crypto/des/doc/libdes.doc
+++ /dev/null
@@ -1,208 +0,0 @@
-
- How to use the Kerberos encryption library.
-
- Revised 10/15/85 spm
-
-1) The following include file is needed:
-
- /projects/auth/include/des.h (VAX)
- --------------- (PC8086)
-
-2) The encryption library that should be linked to is:
-
- /projects/auth/lib/libdes.a (VAX)
-| /projects/auth/ibm/lib/libdes.a (PC8086 cross-compilation environment)
-
-3) For each key that may be simultaneously active,
- allocate (either compile or malloc) a "Key_schedule" struct,
- defined in "des.h"
-
-4) Create key schedules, as needed, prior to using the encryption
- routines, via "des_set_key()".
-
-5) Setup the input and output areas. Make sure to note the restrictions
- on lengths being multiples of eight bytes.
-
-6) Invoke the encryption/decryption routines, "ecb_encrypt()"
- or "cbc_encrypt()"
-
-7) To generate a cryptographic checksum, use "cbc_cksum()"
-/* ---------------------------------------------------------------- */
-
- Routine Interfaces--
-
-/* ----------------------------------------------------------------- */
-
-int
- des_set_key(k,schedule)
- C_Block *k;
- Key_schedule schedule;
-
- Calculates a key schedule from (all) eight bytes of the input key, and
- puts it into the indicated "Key_schedule" struct;
-
- Make sure to pass valid eight bytes, no padding or other processing
- it done.
-
- The key schedule is then used in subsequent encryption/decryption
- operations. Many key schedules may be created and cached for later
- use.
-
- The user is responsible to clear keys and schedules no longer needed
- to prevent their disclosure.
-
-| Checks the parity of the key provided, to make sure it is odd per
-| FIPS spec. Returns 0 value for key ok, 1 for key_parity error.
-
-/* ---------------------------------------------------------------- */
-
-int
- ecb_encrypt(input,output,schedule,encrypt)
- C_Block *input; /* ptr to eight byte input value */
- C_Block *output; /* ptr to eight byte output value */
- int encrypt; /* 0 ==> decrypt, else encrypt */
- Key_schedule schedule; /* addr of key schedule */
-
-This is the low level routine that encrypts or decrypts a single 8-byte
-block in electronic code book mode. Always transforms the input
-data into the output data.
-
-If encrypt is non-zero, the input (cleartext) is encrypted into the
-output (ciphertext) using the specified key_schedule, pre-set via "des_set_key".
-
-If encrypt is zero, the input (now ciphertext) is decrypted into
-the output (now cleartext).
-
-Input and output may be the same space.
-
-Does not return any meaningful value. Void is not used for compatibility
-with other compilers.
-
-/* -------------------------------------------------------------- */
-
-int
- cbc_encrypt(input,output,length,schedule,ivec,encrypt)
-
- C_Block *input; /* ptr to input data */
- C_Block *output; /* ptr to output data */
- int length; /* desired length, in bytes */
- Key_schedule schedule; /* addr of precomputed schedule */
- C_Block *ivec; /* pointer to 8 byte initialization
- * vector
- */
- int encrypt /* 0 ==> decrypt; else encrypt*/
-
-
- If encrypt is non-zero, the routine cipher-block-chain encrypts
- the INPUT (cleartext) into the OUTPUT (ciphertext) using the provided
- key schedule and initialization vector. If the length is not an integral
- multiple of eight bytes, the last block is copied to a temp and zero
- filled (highest addresses). The output is ALWAYS an integral multiple
- of eight bytes.
-
- If encrypt is zero, the routine cipher-block chain decrypts the INPUT
- (ciphertext) into the OUTPUT (cleartext) using the provided key schedule
- and initialization vector. Decryption ALWAYS operates on integral
- multiples of 8 bytes, so will round the length provided up to the
- appropriate multiple. Consequently, it will always produce the rounded-up
- number of bytes of output cleartext. The application must determine if
- the output cleartext was zero-padded due to cleartext lengths not integral
- multiples of 8.
-
- No errors or meaningful value are returned. Void is not used for
- compatibility with other compilers.
-
-
-/* cbc checksum (MAC) only routine ---------------------------------------- */
-int
- cbc_cksum(input,output,length,schedule,ivec)
-
- C_Block *input; /* >= length bytes of inputtext */
- C_Block *output; /* >= length bytes of outputtext */
- int length; /* in bytes */
- Key_schedule schedule; /* precomputed key schedule */
- C_Block *ivec; /* 8 bytes of ivec */
-
-
- Produces a cryptographic checksum, 8 bytes, by cipher-block-chain
- encrypting the input, discarding the ciphertext output, and only retaining
- the last ciphertext 8-byte block. Uses the provided key schedule and ivec.
- The input is effectively zero-padded to an integral multiple of
- eight bytes, though the original input is not modified.
-
- No meaningful value is returned. Void is not used for compatibility
- with other compilers.
-
-
-/* random_key ----------------------------------------*/
-int
- random_key(key)
-
- C_Block *key;
-
- The start for the random number generated is set from the current time
- in microseconds, then the random number generator is invoked
- to create an eight byte output key (not a schedule). The key
- generated is set to odd parity per FIPS spec.
-
- The caller must supply space for the output key, pointed to
- by "*key", then after getting a new key, call the des_set_key()
- routine when needed.
-
- No meaningfull value is returned. Void is not used for compatibility
- with other compilers.
-
-
-/* string_to_key --------------------------------------------*/
-
-int
- string_to_key(str,key)
- register char *str;
- register C_Block *key;
-
- This routines converts an arbitrary length, null terminated string
- to an 8 byte DES key, with each byte parity set to odd, per FIPS spec.
-
- The algorithm is as follows:
-
-| Take the first 8 bytes and remove the parity (leaving 56 bits).
-| Do the same for the second 8 bytes, and the third, etc. Do this for
-| as many sets of 8 bytes as necessary, filling in the remainder of the
-| last set with nulls. Fold the second set back on the first (i.e. bit
-| 0 over bit 55, and bit 55 over bit 0). Fold the third over the second
-| (bit 0 of the third set is now over bit 0 of the first set). Repeat
-| until you have done this to all sets. Xor the folded sets. Break the
-| result into 8 7 bit bytes, and generate odd parity for each byte. You
-| now have 64 bits. Note that DES takes a 64 bit key, and uses only the
-| non parity bits.
-
-
-/* read_password -------------------------------------------*/
-
-read_password(k,prompt,verify)
- C_Block *k;
- char *prompt;
- int verify;
-
-This routine issues the supplied prompt, turns off echo, if possible, and
-reads an input string. If verify is non-zero, it does it again, for use
-in applications such as changing a password. If verify is non-zero, both
-versions are compared, and the input is requested repeatedly until they
-match. Then, the input string is mapped into a valid DES key, internally
-using the string_to_key routine. The newly created key is copied to the
-area pointed to by parameter "k".
-
-No meaningful value is returned. If an error occurs trying to manipulate
-the terminal echo, the routine forces the process to exit.
-
-/* get_line ------------------------*/
-long get_line(p,max)
- char *p;
- long max;
-
-Reads input characters from standard input until either a newline appears or
-else the max length is reached. The characters read are stuffed into
-the string pointed to, which will always be null terminated. The newline
-is not inserted in the string. The max parameter includes the byte needed
-for the null terminator, so allocate and pass one more than the maximum
-string length desired.
diff --git a/src/lib/crypto/des/f_aead.c b/src/lib/crypto/des/f_aead.c
deleted file mode 100644
index f7c2fd391..000000000
--- a/src/lib/crypto/des/f_aead.c
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
- * Copyright (C) 2008 by the Massachusetts Institute of Technology.
- * Copyright 1995 by Richard P. Basch. All Rights Reserved.
- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission. Richard P. Basch,
- * Lehman Brothers and M.I.T. make no representations about the suitability
- * of this software for any purpose. It is provided "as is" without
- * express or implied warranty.
- */
-
-#include "des_int.h"
-#include "f_tables.h"
-#include "../aead.h"
-
-void
-krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned char *op;
- struct iov_block_state input_pos, output_pos;
- unsigned char iblock[MIT_DES_BLOCK_LENGTH];
- unsigned char oblock[MIT_DES_BLOCK_LENGTH];
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp = (const unsigned DES_INT32 *)schedule;
-
- /*
- * Initialize left and right with the contents of the initial
- * vector.
- */
- if (ivec != NULL)
- ip = ivec;
- else
- ip = mit_des_zeroblock;
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
-
- /*
- * Suitably initialized, now work the length down 8 bytes
- * at a time.
- */
- for (;;) {
- unsigned DES_INT32 temp;
-
- ip = iblock;
- op = oblock;
-
- if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
- break;
-
- if (input_pos.iov_pos == num_data)
- break;
-
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
-
- /*
- * Encrypt what we have
- */
- DES_DO_ENCRYPT(left, right, kp);
-
- /*
- * Copy the results out
- */
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
-
- krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
- }
-
- if (ivec != NULL)
- memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
-}
-
-void
-krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data,
- unsigned long num_data,
- const mit_des_key_schedule schedule,
- mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned DES_INT32 ocipherl, ocipherr;
- unsigned DES_INT32 cipherl, cipherr;
- unsigned char *op;
- struct iov_block_state input_pos, output_pos;
- unsigned char iblock[MIT_DES_BLOCK_LENGTH];
- unsigned char oblock[MIT_DES_BLOCK_LENGTH];
-
- IOV_BLOCK_STATE_INIT(&input_pos);
- IOV_BLOCK_STATE_INIT(&output_pos);
-
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp = (const unsigned DES_INT32 *)schedule;
-
- /*
- * Decrypting is harder than encrypting because of
- * the necessity of remembering a lot more things.
- * Should think about this a little more...
- */
-
- if (num_data == 0)
- return;
-
- /*
- * Prime the old cipher with ivec.
- */
- if (ivec != NULL)
- ip = ivec;
- else
- ip = mit_des_zeroblock;
- GET_HALF_BLOCK(ocipherl, ip);
- GET_HALF_BLOCK(ocipherr, ip);
-
- /*
- * Now do this in earnest until we run out of length.
- */
- for (;;) {
- /*
- * Read a block from the input into left and
- * right. Save this cipher block for later.
- */
-
- if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos))
- break;
-
- if (input_pos.iov_pos == num_data)
- break;
-
- ip = iblock;
- op = oblock;
-
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
- cipherl = left;
- cipherr = right;
-
- /*
- * Decrypt this.
- */
- DES_DO_DECRYPT(left, right, kp);
-
- /*
- * Xor with the old cipher to get plain
- * text. Output 8 or less bytes of this.
- */
- left ^= ocipherl;
- right ^= ocipherr;
-
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
-
- /*
- * Save current cipher block here
- */
- ocipherl = cipherl;
- ocipherr = cipherr;
-
- krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos);
- }
-
- if (ivec != NULL)
- memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH);
-}
diff --git a/src/lib/crypto/des/f_cbc.c b/src/lib/crypto/des/f_cbc.c
deleted file mode 100644
index 0949ba140..000000000
--- a/src/lib/crypto/des/f_cbc.c
+++ /dev/null
@@ -1,274 +0,0 @@
-/*
- * lib/crypto/des/f_cbc.c
- *
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * DES implementation donated by Dennis Ferguson
- */
-
-/*
- * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
- */
-#include "des_int.h"
-#include "f_tables.h"
-
-/*
- * des_cbc_encrypt - {en,de}crypt a stream in CBC mode
- */
-
-/*
- * This routine performs DES cipher-block-chaining operation, either
- * encrypting from cleartext to ciphertext, if encrypt != 0 or
- * decrypting from ciphertext to cleartext, if encrypt == 0.
- *
- * The key schedule is passed as an arg, as well as the cleartext or
- * ciphertext. The cleartext and ciphertext should be in host order.
- *
- * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
- * enough space was provided, your program will get trashed.
- *
- * For encryption, the cleartext string is null padded, at the end, to
- * an integral multiple of eight bytes.
- *
- * For decryption, the ciphertext will be used in integral multiples
- * of 8 bytes, but only the first "length" bytes returned into the
- * cleartext.
- */
-
-const mit_des_cblock mit_des_zeroblock /* = all zero */;
-
-#undef mit_des_cbc_encrypt
-int
-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const mit_des_cblock ivec, int enc)
-{
- /*
- * Deal with encryption and decryption separately.
- */
- if (enc)
- krb5int_des_cbc_encrypt(in, out, length, schedule, ivec);
- else
- krb5int_des_cbc_decrypt(in, out, length, schedule, ivec);
- return 0;
-}
-
-void
-krb5int_des_cbc_encrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned char *op;
-
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp = (const unsigned DES_INT32 *)schedule;
-
- /*
- * Initialize left and right with the contents of the initial
- * vector.
- */
- ip = ivec;
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
-
- /*
- * Suitably initialized, now work the length down 8 bytes
- * at a time.
- */
- ip = *in;
- op = *out;
- while (length > 0) {
- /*
- * Get more input, xor it in. If the length is
- * greater than or equal to 8 this is straight
- * forward. Otherwise we have to fart around.
- */
- if (length >= 8) {
- unsigned DES_INT32 temp;
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
- length -= 8;
- } else {
- /*
- * Oh, shoot. We need to pad the
- * end with zeroes. Work backwards
- * to do this.
- */
- ip += (int) length;
- switch(length) {
- case 7:
- right ^= (*(--ip) & FF_UINT32) << 8;
- case 6:
- right ^= (*(--ip) & FF_UINT32) << 16;
- case 5:
- right ^= (*(--ip) & FF_UINT32) << 24;
- case 4:
- left ^= *(--ip) & FF_UINT32;
- case 3:
- left ^= (*(--ip) & FF_UINT32) << 8;
- case 2:
- left ^= (*(--ip) & FF_UINT32) << 16;
- case 1:
- left ^= (*(--ip) & FF_UINT32) << 24;
- break;
- }
- length = 0;
- }
-
- /*
- * Encrypt what we have
- */
- DES_DO_ENCRYPT(left, right, kp);
-
- /*
- * Copy the results out
- */
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
- }
-}
-
-void
-krb5int_des_cbc_decrypt(const mit_des_cblock *in,
- mit_des_cblock *out,
- unsigned long length,
- const mit_des_key_schedule schedule,
- const mit_des_cblock ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned char *op;
- unsigned DES_INT32 ocipherl, ocipherr;
- unsigned DES_INT32 cipherl, cipherr;
-
- /*
- * Get key pointer here. This won't need to be reinitialized
- */
- kp = (const unsigned DES_INT32 *)schedule;
-
- /*
- * Decrypting is harder than encrypting because of
- * the necessity of remembering a lot more things.
- * Should think about this a little more...
- */
-
- if (length <= 0)
- return;
-
- /*
- * Prime the old cipher with ivec.
- */
- ip = ivec;
- GET_HALF_BLOCK(ocipherl, ip);
- GET_HALF_BLOCK(ocipherr, ip);
-
- /*
- * Now do this in earnest until we run out of length.
- */
- ip = *in;
- op = *out;
- for (;;) { /* check done inside loop */
- /*
- * Read a block from the input into left and
- * right. Save this cipher block for later.
- */
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
- cipherl = left;
- cipherr = right;
-
- /*
- * Decrypt this.
- */
- DES_DO_DECRYPT(left, right, kp);
-
- /*
- * Xor with the old cipher to get plain
- * text. Output 8 or less bytes of this.
- */
- left ^= ocipherl;
- right ^= ocipherr;
- if (length > 8) {
- length -= 8;
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
- /*
- * Save current cipher block here
- */
- ocipherl = cipherl;
- ocipherr = cipherr;
- } else {
- /*
- * Trouble here. Start at end of output,
- * work backwards.
- */
- op += (int) length;
- switch(length) {
- case 8:
- *(--op) = (unsigned char) (right & 0xff);
- case 7:
- *(--op) = (unsigned char) ((right >> 8) & 0xff);
- case 6:
- *(--op) = (unsigned char) ((right >> 16) & 0xff);
- case 5:
- *(--op) = (unsigned char) ((right >> 24) & 0xff);
- case 4:
- *(--op) = (unsigned char) (left & 0xff);
- case 3:
- *(--op) = (unsigned char) ((left >> 8) & 0xff);
- case 2:
- *(--op) = (unsigned char) ((left >> 16) & 0xff);
- case 1:
- *(--op) = (unsigned char) ((left >> 24) & 0xff);
- break;
- }
- break; /* we're done */
- }
- }
-}
-
-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
-void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left,
- unsigned DES_INT32 *right,
- const unsigned DES_INT32 *kp)
-{
- DES_DO_ENCRYPT_1 (*left, *right, kp);
-}
-
-void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left,
- unsigned DES_INT32 *right,
- const unsigned DES_INT32 *kp)
-{
- DES_DO_DECRYPT_1 (*left, *right, kp);
-}
-#endif
diff --git a/src/lib/crypto/des/f_cksum.c b/src/lib/crypto/des/f_cksum.c
deleted file mode 100644
index 1c03da43e..000000000
--- a/src/lib/crypto/des/f_cksum.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/*
- * lib/crypto/des/f_cksum.c
- *
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * DES implementation donated by Dennis Ferguson
- */
-
-/*
- * des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode
- */
-#include "des_int.h"
-#include "f_tables.h"
-
-/*
- * This routine performs DES cipher-block-chaining checksum operation,
- * a.k.a. Message Authentication Code. It ALWAYS encrypts from input
- * to a single 64 bit output MAC checksum.
- *
- * The key schedule is passed as an arg, as well as the cleartext or
- * ciphertext. The cleartext and ciphertext should be in host order.
- *
- * NOTE-- the output is ALWAYS 8 bytes long. If not enough space was
- * provided, your program will get trashed.
- *
- * The input is null padded, at the end (highest addr), to an integral
- * multiple of eight bytes.
- */
-
-unsigned long
-mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out,
- unsigned long length, const mit_des_key_schedule schedule,
- const krb5_octet *ivec)
-{
- unsigned DES_INT32 left, right;
- const unsigned DES_INT32 *kp;
- const unsigned char *ip;
- unsigned char *op;
- register DES_INT32 len;
-
- /*
- * Initialize left and right with the contents of the initial
- * vector.
- */
- ip = ivec;
- GET_HALF_BLOCK(left, ip);
- GET_HALF_BLOCK(right, ip);
-
- /*
- * Suitably initialized, now work the length down 8 bytes
- * at a time.
- */
- ip = in;
- len = length;
- while (len > 0) {
- /*
- * Get more input, xor it in. If the length is
- * greater than or equal to 8 this is straight
- * forward. Otherwise we have to fart around.
- */
- if (len >= 8) {
- unsigned DES_INT32 temp;
- GET_HALF_BLOCK(temp, ip);
- left ^= temp;
- GET_HALF_BLOCK(temp, ip);
- right ^= temp;
- len -= 8;
- } else {
- /*
- * Oh, shoot. We need to pad the
- * end with zeroes. Work backwards
- * to do this.
- */
- ip += (int) len;
- switch(len) {
- case 7:
- right ^= (*(--ip) & FF_UINT32) << 8;
- case 6:
- right ^= (*(--ip) & FF_UINT32) << 16;
- case 5:
- right ^= (*(--ip) & FF_UINT32) << 24;
- case 4:
- left ^= *(--ip) & FF_UINT32;
- case 3:
- left ^= (*(--ip) & FF_UINT32) << 8;
- case 2:
- left ^= (*(--ip) & FF_UINT32) << 16;
- case 1:
- left ^= (*(--ip) & FF_UINT32) << 24;
- break;
- }
- len = 0;
- }
-
- /*
- * Encrypt what we have
- */
- kp = (const unsigned DES_INT32 *)schedule;
- DES_DO_ENCRYPT(left, right, kp);
- }
-
- /*
- * Done. Left and right have the checksum. Put it into
- * the output.
- */
- op = out;
- PUT_HALF_BLOCK(left, op);
- PUT_HALF_BLOCK(right, op);
-
- /*
- * Return right. I'll bet the MIT code returns this
- * inconsistantly (with the low order byte of the checksum
- * not always in the low order byte of the DES_INT32). We won't.
- */
- return right & 0xFFFFFFFFUL;
-}
diff --git a/src/lib/crypto/des/f_parity.c b/src/lib/crypto/des/f_parity.c
deleted file mode 100644
index 426386303..000000000
--- a/src/lib/crypto/des/f_parity.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * These routines check and fix parity of encryption keys for the DES
- * algorithm.
- *
- * They are a replacement for routines in key_parity.c, that don't require
- * the table building that they do.
- *
- * Mark Eichin -- Cygnus Support
- */
-
-
-#include "des_int.h"
-
-/*
- * des_fixup_key_parity: Forces odd parity per byte; parity is bits
- * 8,16,...64 in des order, implies 0, 8, 16, ...
- * vax order.
- */
-#define smask(step) ((1<<step)-1)
-#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step)))
-#define parity_char(x) pstep(pstep(pstep((x),4),2),1)
-
-void
-mit_des_fixup_key_parity(mit_des_cblock key)
-{
- unsigned int i;
- for (i=0; i<sizeof(mit_des_cblock); i++)
- {
- key[i] &= 0xfe;
- key[i] |= 1^parity_char(key[i]);
- }
-
- return;
-}
-
-/*
- * des_check_key_parity: returns true iff key has the correct des parity.
- * See des_fix_key_parity for the definition of
- * correct des parity.
- */
-int
-mit_des_check_key_parity(mit_des_cblock key)
-{
- unsigned int i;
-
- for (i=0; i<sizeof(mit_des_cblock); i++)
- {
- if((key[i] & 1) == parity_char(0xfe&key[i]))
- {
- return 0;
- }
- }
-
- return(1);
-}
-
diff --git a/src/lib/crypto/des/f_sched.c b/src/lib/crypto/des/f_sched.c
deleted file mode 100644
index ece48ef18..000000000
--- a/src/lib/crypto/des/f_sched.c
+++ /dev/null
@@ -1,359 +0,0 @@
-/*
- * lib/crypto/des/f_sched.c
- *
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * DES implementation donated by Dennis Ferguson
- */
-
-/*
- * des_make_sched.c - permute a DES key, returning the resulting key schedule
- */
-#include "k5-int.h"
-#include "des_int.h"
-
-/*
- * Permuted choice 1 tables. These are used to extract bits
- * from the left and right parts of the key to form Ci and Di.
- * The code that uses these tables knows which bits from which
- * part of each key are used to form Ci and Di.
- */
-static const unsigned DES_INT32 PC1_CL[8] = {
- 0x00000000, 0x00000010, 0x00001000, 0x00001010,
- 0x00100000, 0x00100010, 0x00101000, 0x00101010
-};
-
-static const unsigned DES_INT32 PC1_DL[16] = {
- 0x00000000, 0x00100000, 0x00001000, 0x00101000,
- 0x00000010, 0x00100010, 0x00001010, 0x00101010,
- 0x00000001, 0x00100001, 0x00001001, 0x00101001,
- 0x00000011, 0x00100011, 0x00001011, 0x00101011
-};
-
-static const unsigned DES_INT32 PC1_CR[16] = {
- 0x00000000, 0x00000001, 0x00000100, 0x00000101,
- 0x00010000, 0x00010001, 0x00010100, 0x00010101,
- 0x01000000, 0x01000001, 0x01000100, 0x01000101,
- 0x01010000, 0x01010001, 0x01010100, 0x01010101
-};
-
-static const unsigned DES_INT32 PC1_DR[8] = {
- 0x00000000, 0x01000000, 0x00010000, 0x01010000,
- 0x00000100, 0x01000100, 0x00010100, 0x01010100
-};
-
-
-/*
- * At the start of some iterations of the key schedule we do
- * a circular left shift by one place, while for others we do a shift by
- * two places. This has bits set for the iterations where we do 2 bit
- * shifts, starting at the low order bit.
- */
-#define TWO_BIT_SHIFTS 0x7efc
-
-/*
- * Permuted choice 2 tables. The first actually produces the low order
- * 24 bits of the subkey Ki from the 28 bit value of Ci. The second produces
- * the high order 24 bits from Di. The tables are indexed by six bit
- * segments of Ci and Di respectively. The code is handcrafted to compute
- * the appropriate 6 bit chunks.
- *
- * Note that for ease of computation, the 24 bit values are produced with
- * six bits going into each byte. Note also that the table has been byte
- * rearranged to produce keys which match the order we will apply them
- * in in the des code.
- */
-static const unsigned DES_INT32 PC2_C[4][64] = {
- {
- 0x00000000, 0x00000004, 0x00010000, 0x00010004,
- 0x00000400, 0x00000404, 0x00010400, 0x00010404,
- 0x00000020, 0x00000024, 0x00010020, 0x00010024,
- 0x00000420, 0x00000424, 0x00010420, 0x00010424,
- 0x01000000, 0x01000004, 0x01010000, 0x01010004,
- 0x01000400, 0x01000404, 0x01010400, 0x01010404,
- 0x01000020, 0x01000024, 0x01010020, 0x01010024,
- 0x01000420, 0x01000424, 0x01010420, 0x01010424,
- 0x00020000, 0x00020004, 0x00030000, 0x00030004,
- 0x00020400, 0x00020404, 0x00030400, 0x00030404,
- 0x00020020, 0x00020024, 0x00030020, 0x00030024,
- 0x00020420, 0x00020424, 0x00030420, 0x00030424,
- 0x01020000, 0x01020004, 0x01030000, 0x01030004,
- 0x01020400, 0x01020404, 0x01030400, 0x01030404,
- 0x01020020, 0x01020024, 0x01030020, 0x01030024,
- 0x01020420, 0x01020424, 0x01030420, 0x01030424,
- },
- {
- 0x00000000, 0x02000000, 0x00000800, 0x02000800,
- 0x00080000, 0x02080000, 0x00080800, 0x02080800,
- 0x00000001, 0x02000001, 0x00000801, 0x02000801,
- 0x00080001, 0x02080001, 0x00080801, 0x02080801,
- 0x00000100, 0x02000100, 0x00000900, 0x02000900,
- 0x00080100, 0x02080100, 0x00080900, 0x02080900,
- 0x00000101, 0x02000101, 0x00000901, 0x02000901,
- 0x00080101, 0x02080101, 0x00080901, 0x02080901,
- 0x10000000, 0x12000000, 0x10000800, 0x12000800,
- 0x10080000, 0x12080000, 0x10080800, 0x12080800,
- 0x10000001, 0x12000001, 0x10000801, 0x12000801,
- 0x10080001, 0x12080001, 0x10080801, 0x12080801,
- 0x10000100, 0x12000100, 0x10000900, 0x12000900,
- 0x10080100, 0x12080100, 0x10080900, 0x12080900,
- 0x10000101, 0x12000101, 0x10000901, 0x12000901,
- 0x10080101, 0x12080101, 0x10080901, 0x12080901,
- },
- {
- 0x00000000, 0x00040000, 0x00002000, 0x00042000,
- 0x00100000, 0x00140000, 0x00102000, 0x00142000,
- 0x20000000, 0x20040000, 0x20002000, 0x20042000,
- 0x20100000, 0x20140000, 0x20102000, 0x20142000,
- 0x00000008, 0x00040008, 0x00002008, 0x00042008,
- 0x00100008, 0x00140008, 0x00102008, 0x00142008,
- 0x20000008, 0x20040008, 0x20002008, 0x20042008,
- 0x20100008, 0x20140008, 0x20102008, 0x20142008,
- 0x00200000, 0x00240000, 0x00202000, 0x00242000,
- 0x00300000, 0x00340000, 0x00302000, 0x00342000,
- 0x20200000, 0x20240000, 0x20202000, 0x20242000,
- 0x20300000, 0x20340000, 0x20302000, 0x20342000,
- 0x00200008, 0x00240008, 0x00202008, 0x00242008,
- 0x00300008, 0x00340008, 0x00302008, 0x00342008,
- 0x20200008, 0x20240008, 0x20202008, 0x20242008,
- 0x20300008, 0x20340008, 0x20302008, 0x20342008,
- },
- {
- 0x00000000, 0x00000010, 0x08000000, 0x08000010,
- 0x00000200, 0x00000210, 0x08000200, 0x08000210,
- 0x00000002, 0x00000012, 0x08000002, 0x08000012,
- 0x00000202, 0x00000212, 0x08000202, 0x08000212,
- 0x04000000, 0x04000010, 0x0c000000, 0x0c000010,
- 0x04000200, 0x04000210, 0x0c000200, 0x0c000210,
- 0x04000002, 0x04000012, 0x0c000002, 0x0c000012,
- 0x04000202, 0x04000212, 0x0c000202, 0x0c000212,
- 0x00001000, 0x00001010, 0x08001000, 0x08001010,
- 0x00001200, 0x00001210, 0x08001200, 0x08001210,
- 0x00001002, 0x00001012, 0x08001002, 0x08001012,
- 0x00001202, 0x00001212, 0x08001202, 0x08001212,
- 0x04001000, 0x04001010, 0x0c001000, 0x0c001010,
- 0x04001200, 0x04001210, 0x0c001200, 0x0c001210,
- 0x04001002, 0x04001012, 0x0c001002, 0x0c001012,
- 0x04001202, 0x04001212, 0x0c001202, 0x0c001212
- },
-};
-
-static const unsigned DES_INT32 PC2_D[4][64] = {
- {
- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
- 0x00000008, 0x02000008, 0x00020008, 0x02020008,
- 0x00000108, 0x02000108, 0x00020108, 0x02020108,
- 0x00200000, 0x02200000, 0x00220000, 0x02220000,
- 0x00200100, 0x02200100, 0x00220100, 0x02220100,
- 0x00200008, 0x02200008, 0x00220008, 0x02220008,
- 0x00200108, 0x02200108, 0x00220108, 0x02220108,
- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
- 0x00000208, 0x02000208, 0x00020208, 0x02020208,
- 0x00000308, 0x02000308, 0x00020308, 0x02020308,
- 0x00200200, 0x02200200, 0x00220200, 0x02220200,
- 0x00200300, 0x02200300, 0x00220300, 0x02220300,
- 0x00200208, 0x02200208, 0x00220208, 0x02220208,
- 0x00200308, 0x02200308, 0x00220308, 0x02220308,
- },
- {
- 0x00000000, 0x00001000, 0x00000020, 0x00001020,
- 0x00100000, 0x00101000, 0x00100020, 0x00101020,
- 0x08000000, 0x08001000, 0x08000020, 0x08001020,
- 0x08100000, 0x08101000, 0x08100020, 0x08101020,
- 0x00000004, 0x00001004, 0x00000024, 0x00001024,
- 0x00100004, 0x00101004, 0x00100024, 0x00101024,
- 0x08000004, 0x08001004, 0x08000024, 0x08001024,
- 0x08100004, 0x08101004, 0x08100024, 0x08101024,
- 0x00000400, 0x00001400, 0x00000420, 0x00001420,
- 0x00100400, 0x00101400, 0x00100420, 0x00101420,
- 0x08000400, 0x08001400, 0x08000420, 0x08001420,
- 0x08100400, 0x08101400, 0x08100420, 0x08101420,
- 0x00000404, 0x00001404, 0x00000424, 0x00001424,
- 0x00100404, 0x00101404, 0x00100424, 0x00101424,
- 0x08000404, 0x08001404, 0x08000424, 0x08001424,
- 0x08100404, 0x08101404, 0x08100424, 0x08101424,
- },
- {
- 0x00000000, 0x10000000, 0x00010000, 0x10010000,
- 0x00000002, 0x10000002, 0x00010002, 0x10010002,
- 0x00002000, 0x10002000, 0x00012000, 0x10012000,
- 0x00002002, 0x10002002, 0x00012002, 0x10012002,
- 0x00040000, 0x10040000, 0x00050000, 0x10050000,
- 0x00040002, 0x10040002, 0x00050002, 0x10050002,
- 0x00042000, 0x10042000, 0x00052000, 0x10052000,
- 0x00042002, 0x10042002, 0x00052002, 0x10052002,
- 0x20000000, 0x30000000, 0x20010000, 0x30010000,
- 0x20000002, 0x30000002, 0x20010002, 0x30010002,
- 0x20002000, 0x30002000, 0x20012000, 0x30012000,
- 0x20002002, 0x30002002, 0x20012002, 0x30012002,
- 0x20040000, 0x30040000, 0x20050000, 0x30050000,
- 0x20040002, 0x30040002, 0x20050002, 0x30050002,
- 0x20042000, 0x30042000, 0x20052000, 0x30052000,
- 0x20042002, 0x30042002, 0x20052002, 0x30052002,
- },
- {
- 0x00000000, 0x04000000, 0x00000001, 0x04000001,
- 0x01000000, 0x05000000, 0x01000001, 0x05000001,
- 0x00000010, 0x04000010, 0x00000011, 0x04000011,
- 0x01000010, 0x05000010, 0x01000011, 0x05000011,
- 0x00080000, 0x04080000, 0x00080001, 0x04080001,
- 0x01080000, 0x05080000, 0x01080001, 0x05080001,
- 0x00080010, 0x04080010, 0x00080011, 0x04080011,
- 0x01080010, 0x05080010, 0x01080011, 0x05080011,
- 0x00000800, 0x04000800, 0x00000801, 0x04000801,
- 0x01000800, 0x05000800, 0x01000801, 0x05000801,
- 0x00000810, 0x04000810, 0x00000811, 0x04000811,
- 0x01000810, 0x05000810, 0x01000811, 0x05000811,
- 0x00080800, 0x04080800, 0x00080801, 0x04080801,
- 0x01080800, 0x05080800, 0x01080801, 0x05080801,
- 0x00080810, 0x04080810, 0x00080811, 0x04080811,
- 0x01080810, 0x05080810, 0x01080811, 0x05080811
- },
-};
-
-
-
-/*
- * Permute the key to give us our key schedule.
- */
-int
-mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule)
-{
- register unsigned DES_INT32 c, d;
-
- {
- /*
- * Need a pointer for the keys and a temporary DES_INT32
- */
- const unsigned char *k;
- register unsigned DES_INT32 tmp;
-
- /*
- * Fetch the key into something we can work with
- */
- k = key;
-
- /*
- * The first permutted choice gives us the 28 bits for C0 and
- * 28 for D0. C0 gets 12 bits from the left key and 16 from
- * the right, while D0 gets 16 from the left and 12 from the
- * right. The code knows which bits go where.
- */
- tmp = load_32_be(k), k += 4;
-
- c = PC1_CL[(tmp >> 29) & 0x7]
- | (PC1_CL[(tmp >> 21) & 0x7] << 1)
- | (PC1_CL[(tmp >> 13) & 0x7] << 2)
- | (PC1_CL[(tmp >> 5) & 0x7] << 3);
- d = PC1_DL[(tmp >> 25) & 0xf]
- | (PC1_DL[(tmp >> 17) & 0xf] << 1)
- | (PC1_DL[(tmp >> 9) & 0xf] << 2)
- | (PC1_DL[(tmp >> 1) & 0xf] << 3);
-
- tmp = load_32_be(k), k += 4;
-
- c |= PC1_CR[(tmp >> 28) & 0xf]
- | (PC1_CR[(tmp >> 20) & 0xf] << 1)
- | (PC1_CR[(tmp >> 12) & 0xf] << 2)
- | (PC1_CR[(tmp >> 4) & 0xf] << 3);
- d |= PC1_DR[(tmp >> 25) & 0x7]
- | (PC1_DR[(tmp >> 17) & 0x7] << 1)
- | (PC1_DR[(tmp >> 9) & 0x7] << 2)
- | (PC1_DR[(tmp >> 1) & 0x7] << 3);
- }
-
- {
- /*
- * Need several temporaries in here
- */
- register unsigned DES_INT32 ltmp, rtmp;
- register unsigned DES_INT32 *k;
- register int two_bit_shifts;
- register int i;
- /*
- * Now iterate to compute the key schedule. Note that we
- * record the entire set of subkeys in 6 bit chunks since
- * they are used that way. At 6 bits/char, we need
- * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes.
- * The schedule must be this big.
- */
- k = (unsigned DES_INT32 *)schedule;
- two_bit_shifts = TWO_BIT_SHIFTS;
- for (i = 16; i > 0; i--) {
- /*
- * Do the rotation. One bit and two bit rotations
- * are done separately. Note C and D are 28 bits.
- */
- if (two_bit_shifts & 0x1) {
- c = ((c << 2) & 0xffffffc) | (c >> 26);
- d = ((d << 2) & 0xffffffc) | (d >> 26);
- } else {
- c = ((c << 1) & 0xffffffe) | (c >> 27);
- d = ((d << 1) & 0xffffffe) | (d >> 27);
- }
- two_bit_shifts >>= 1;
-
- /*
- * Apply permutted choice 2 to C to get the first
- * 24 bits worth of keys. Note that bits 9, 18, 22
- * and 25 (using DES numbering) in C are unused. The
- * shift-mask stuff is done to delete these bits from
- * the indices, since this cuts the table size in half.
- *
- * The table is torqued, by the way. If the standard
- * byte order for this (high to low order) is 1234,
- * the table actually gives us 4132.
- */
- ltmp = PC2_C[0][((c >> 22) & 0x3f)]
- | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)]
- | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)]
- | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)];
- /*
- * Apply permutted choice 2 to D to get the other half.
- * Here, bits 7, 10, 15 and 26 go unused. The sqeezing
- * actually turns out to be cheaper here.
- *
- * This table is similarly torqued. If the standard
- * byte order is 5678, the table has the bytes permuted
- * to give us 7685.
- */
- rtmp = PC2_D[0][((d >> 22) & 0x3f)]
- | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)]
- | PC2_D[2][((d >> 7) & 0x3f)]
- | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)];
-
- /*
- * Make up two words of the key schedule, with a
- * byte order which is convenient for the DES
- * inner loop. The high order (first) word will
- * hold bytes 7135 (high to low order) while the
- * second holds bytes 4682.
- */
- *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff);
- *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00);
- }
- }
- return (0);
-}
diff --git a/src/lib/crypto/des/f_tables.c b/src/lib/crypto/des/f_tables.c
deleted file mode 100644
index 42426bc0a..000000000
--- a/src/lib/crypto/des/f_tables.c
+++ /dev/null
@@ -1,370 +0,0 @@
-/*
- * lib/crypto/des/f_tables.c
- *
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * DES implementation donated by Dennis Ferguson
- */
-
-/*
- * des_tables.c - precomputed tables used for the DES cipher function
- */
-
-/*
- * Include the header file so something will complain if the
- * declarations get out of sync
- */
-#include "des_int.h"
-#include "f_tables.h"
-
-/*
- * These tables may be declared const if you want. Many compilers
- * don't support this, though.
- */
-
-/*
- * The DES algorithm which uses these is intended to be fairly speedy
- * at the expense of some memory. All the standard hacks are used.
- * The S boxes and the P permutation are precomputed into one table.
- * The E box never actually appears explicitly since it is easy to apply
- * this algorithmically as needed. The initial permutation and final
- * (inverse initial) permutation are computed from tables designed to
- * permute one byte at a time. This should run pretty fast on machines
- * with 32 bit words and bit field/multiple bit shift instructions which
- * are fast.
- */
-
-/*
- * The initial permutation array. This is used to compute both the
- * left and the right halves of the initial permutation using bytes
- * from words made from the following operations:
- *
- * ((left & 0x55555555) << 1) | (right & 0x55555555) for left half
- * (left & 0xaaaaaaaa) | ((right & 0xaaaaaaaa) >> 1) for right half
- *
- * The scheme is that we index into the table using each byte. The
- * result from the high order byte is or'd with the result from the
- * next byte shifted left once is or'd with the result from the next
- * byte shifted left twice if or'd with the result from the low order
- * byte shifted left by three. Clear?
- */
-
-const unsigned DES_INT32 des_IP_table[256] = {
- 0x00000000, 0x00000010, 0x00000001, 0x00000011,
- 0x00001000, 0x00001010, 0x00001001, 0x00001011,
- 0x00000100, 0x00000110, 0x00000101, 0x00000111,
- 0x00001100, 0x00001110, 0x00001101, 0x00001111,
- 0x00100000, 0x00100010, 0x00100001, 0x00100011,
- 0x00101000, 0x00101010, 0x00101001, 0x00101011,
- 0x00100100, 0x00100110, 0x00100101, 0x00100111,
- 0x00101100, 0x00101110, 0x00101101, 0x00101111,
- 0x00010000, 0x00010010, 0x00010001, 0x00010011,
- 0x00011000, 0x00011010, 0x00011001, 0x00011011,
- 0x00010100, 0x00010110, 0x00010101, 0x00010111,
- 0x00011100, 0x00011110, 0x00011101, 0x00011111,
- 0x00110000, 0x00110010, 0x00110001, 0x00110011,
- 0x00111000, 0x00111010, 0x00111001, 0x00111011,
- 0x00110100, 0x00110110, 0x00110101, 0x00110111,
- 0x00111100, 0x00111110, 0x00111101, 0x00111111,
- 0x10000000, 0x10000010, 0x10000001, 0x10000011,
- 0x10001000, 0x10001010, 0x10001001, 0x10001011,
- 0x10000100, 0x10000110, 0x10000101, 0x10000111,
- 0x10001100, 0x10001110, 0x10001101, 0x10001111,
- 0x10100000, 0x10100010, 0x10100001, 0x10100011,
- 0x10101000, 0x10101010, 0x10101001, 0x10101011,
- 0x10100100, 0x10100110, 0x10100101, 0x10100111,
- 0x10101100, 0x10101110, 0x10101101, 0x10101111,
- 0x10010000, 0x10010010, 0x10010001, 0x10010011,
- 0x10011000, 0x10011010, 0x10011001, 0x10011011,
- 0x10010100, 0x10010110, 0x10010101, 0x10010111,
- 0x10011100, 0x10011110, 0x10011101, 0x10011111,
- 0x10110000, 0x10110010, 0x10110001, 0x10110011,
- 0x10111000, 0x10111010, 0x10111001, 0x10111011,
- 0x10110100, 0x10110110, 0x10110101, 0x10110111,
- 0x10111100, 0x10111110, 0x10111101, 0x10111111,
- 0x01000000, 0x01000010, 0x01000001, 0x01000011,
- 0x01001000, 0x01001010, 0x01001001, 0x01001011,
- 0x01000100, 0x01000110, 0x01000101, 0x01000111,
- 0x01001100, 0x01001110, 0x01001101, 0x01001111,
- 0x01100000, 0x01100010, 0x01100001, 0x01100011,
- 0x01101000, 0x01101010, 0x01101001, 0x01101011,
- 0x01100100, 0x01100110, 0x01100101, 0x01100111,
- 0x01101100, 0x01101110, 0x01101101, 0x01101111,
- 0x01010000, 0x01010010, 0x01010001, 0x01010011,
- 0x01011000, 0x01011010, 0x01011001, 0x01011011,
- 0x01010100, 0x01010110, 0x01010101, 0x01010111,
- 0x01011100, 0x01011110, 0x01011101, 0x01011111,
- 0x01110000, 0x01110010, 0x01110001, 0x01110011,
- 0x01111000, 0x01111010, 0x01111001, 0x01111011,
- 0x01110100, 0x01110110, 0x01110101, 0x01110111,
- 0x01111100, 0x01111110, 0x01111101, 0x01111111,
- 0x11000000, 0x11000010, 0x11000001, 0x11000011,
- 0x11001000, 0x11001010, 0x11001001, 0x11001011,
- 0x11000100, 0x11000110, 0x11000101, 0x11000111,
- 0x11001100, 0x11001110, 0x11001101, 0x11001111,
- 0x11100000, 0x11100010, 0x11100001, 0x11100011,
- 0x11101000, 0x11101010, 0x11101001, 0x11101011,
- 0x11100100, 0x11100110, 0x11100101, 0x11100111,
- 0x11101100, 0x11101110, 0x11101101, 0x11101111,
- 0x11010000, 0x11010010, 0x11010001, 0x11010011,
- 0x11011000, 0x11011010, 0x11011001, 0x11011011,
- 0x11010100, 0x11010110, 0x11010101, 0x11010111,
- 0x11011100, 0x11011110, 0x11011101, 0x11011111,
- 0x11110000, 0x11110010, 0x11110001, 0x11110011,
- 0x11111000, 0x11111010, 0x11111001, 0x11111011,
- 0x11110100, 0x11110110, 0x11110101, 0x11110111,
- 0x11111100, 0x11111110, 0x11111101, 0x11111111
-};
-
-/*
- * The final permutation array. Like the IP array, used
- * to compute both the left and right results from the bytes
- * of words computed from:
- *
- * ((left & 0x0f0f0f0f) << 4) | (right & 0x0f0f0f0f) for left result
- * (left & 0xf0f0f0f0) | ((right & 0xf0f0f0f0) >> 4) for right result
- *
- * The result from the high order byte is shifted left 6 bits and
- * or'd with the result from the next byte shifted left 4 bits, which
- * is or'd with the result from the next byte shifted left 2 bits,
- * which is or'd with the result from the low byte.
- */
-const unsigned DES_INT32 des_FP_table[256] = {
- 0x00000000, 0x02000000, 0x00020000, 0x02020000,
- 0x00000200, 0x02000200, 0x00020200, 0x02020200,
- 0x00000002, 0x02000002, 0x00020002, 0x02020002,
- 0x00000202, 0x02000202, 0x00020202, 0x02020202,
- 0x01000000, 0x03000000, 0x01020000, 0x03020000,
- 0x01000200, 0x03000200, 0x01020200, 0x03020200,
- 0x01000002, 0x03000002, 0x01020002, 0x03020002,
- 0x01000202, 0x03000202, 0x01020202, 0x03020202,
- 0x00010000, 0x02010000, 0x00030000, 0x02030000,
- 0x00010200, 0x02010200, 0x00030200, 0x02030200,
- 0x00010002, 0x02010002, 0x00030002, 0x02030002,
- 0x00010202, 0x02010202, 0x00030202, 0x02030202,
- 0x01010000, 0x03010000, 0x01030000, 0x03030000,
- 0x01010200, 0x03010200, 0x01030200, 0x03030200,
- 0x01010002, 0x03010002, 0x01030002, 0x03030002,
- 0x01010202, 0x03010202, 0x01030202, 0x03030202,
- 0x00000100, 0x02000100, 0x00020100, 0x02020100,
- 0x00000300, 0x02000300, 0x00020300, 0x02020300,
- 0x00000102, 0x02000102, 0x00020102, 0x02020102,
- 0x00000302, 0x02000302, 0x00020302, 0x02020302,
- 0x01000100, 0x03000100, 0x01020100, 0x03020100,
- 0x01000300, 0x03000300, 0x01020300, 0x03020300,
- 0x01000102, 0x03000102, 0x01020102, 0x03020102,
- 0x01000302, 0x03000302, 0x01020302, 0x03020302,
- 0x00010100, 0x02010100, 0x00030100, 0x02030100,
- 0x00010300, 0x02010300, 0x00030300, 0x02030300,
- 0x00010102, 0x02010102, 0x00030102, 0x02030102,
- 0x00010302, 0x02010302, 0x00030302, 0x02030302,
- 0x01010100, 0x03010100, 0x01030100, 0x03030100,
- 0x01010300, 0x03010300, 0x01030300, 0x03030300,
- 0x01010102, 0x03010102, 0x01030102, 0x03030102,
- 0x01010302, 0x03010302, 0x01030302, 0x03030302,
- 0x00000001, 0x02000001, 0x00020001, 0x02020001,
- 0x00000201, 0x02000201, 0x00020201, 0x02020201,
- 0x00000003, 0x02000003, 0x00020003, 0x02020003,
- 0x00000203, 0x02000203, 0x00020203, 0x02020203,
- 0x01000001, 0x03000001, 0x01020001, 0x03020001,
- 0x01000201, 0x03000201, 0x01020201, 0x03020201,
- 0x01000003, 0x03000003, 0x01020003, 0x03020003,
- 0x01000203, 0x03000203, 0x01020203, 0x03020203,
- 0x00010001, 0x02010001, 0x00030001, 0x02030001,
- 0x00010201, 0x02010201, 0x00030201, 0x02030201,
- 0x00010003, 0x02010003, 0x00030003, 0x02030003,
- 0x00010203, 0x02010203, 0x00030203, 0x02030203,
- 0x01010001, 0x03010001, 0x01030001, 0x03030001,
- 0x01010201, 0x03010201, 0x01030201, 0x03030201,
- 0x01010003, 0x03010003, 0x01030003, 0x03030003,
- 0x01010203, 0x03010203, 0x01030203, 0x03030203,
- 0x00000101, 0x02000101, 0x00020101, 0x02020101,
- 0x00000301, 0x02000301, 0x00020301, 0x02020301,
- 0x00000103, 0x02000103, 0x00020103, 0x02020103,
- 0x00000303, 0x02000303, 0x00020303, 0x02020303,
- 0x01000101, 0x03000101, 0x01020101, 0x03020101,
- 0x01000301, 0x03000301, 0x01020301, 0x03020301,
- 0x01000103, 0x03000103, 0x01020103, 0x03020103,
- 0x01000303, 0x03000303, 0x01020303, 0x03020303,
- 0x00010101, 0x02010101, 0x00030101, 0x02030101,
- 0x00010301, 0x02010301, 0x00030301, 0x02030301,
- 0x00010103, 0x02010103, 0x00030103, 0x02030103,
- 0x00010303, 0x02010303, 0x00030303, 0x02030303,
- 0x01010101, 0x03010101, 0x01030101, 0x03030101,
- 0x01010301, 0x03010301, 0x01030301, 0x03030301,
- 0x01010103, 0x03010103, 0x01030103, 0x03030103,
- 0x01010303, 0x03010303, 0x01030303, 0x03030303
-};
-
-
-/*
- * The SP table is actually the S boxes and the P permutation
- * table combined. This table is actually reordered from the
- * spec, to match the order of key application we follow.
- */
-const unsigned DES_INT32 des_SP_table[8][64] = {
- {
- 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */
- 0x00000400, 0x02000401, 0x00100401, 0x02100400,
- 0x02100401, 0x00100000, 0x00000000, 0x02000001,
- 0x00000001, 0x02000000, 0x02100001, 0x00000401,
- 0x02000400, 0x00100401, 0x00100001, 0x02000400,
- 0x02000001, 0x02100000, 0x02100400, 0x00100001,
- 0x02100000, 0x00000400, 0x00000401, 0x02100401,
- 0x00100400, 0x00000001, 0x02000000, 0x00100400,
- 0x02000000, 0x00100400, 0x00100000, 0x02000401,
- 0x02000401, 0x02100001, 0x02100001, 0x00000001,
- 0x00100001, 0x02000000, 0x02000400, 0x00100000,
- 0x02100400, 0x00000401, 0x00100401, 0x02100400,
- 0x00000401, 0x02000001, 0x02100401, 0x02100000,
- 0x00100400, 0x00000000, 0x00000001, 0x02100401,
- 0x00000000, 0x00100401, 0x02100000, 0x00000400,
- 0x02000001, 0x02000400, 0x00000400, 0x00100001,
- },
- {
- 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */
- 0x00808002, 0x00008202, 0x00000002, 0x00008000,
- 0x00000200, 0x00808200, 0x00808202, 0x00000200,
- 0x00800202, 0x00808002, 0x00800000, 0x00000002,
- 0x00000202, 0x00800200, 0x00800200, 0x00008200,
- 0x00008200, 0x00808000, 0x00808000, 0x00800202,
- 0x00008002, 0x00800002, 0x00800002, 0x00008002,
- 0x00000000, 0x00000202, 0x00008202, 0x00800000,
- 0x00008000, 0x00808202, 0x00000002, 0x00808000,
- 0x00808200, 0x00800000, 0x00800000, 0x00000200,
- 0x00808002, 0x00008000, 0x00008200, 0x00800002,
- 0x00000200, 0x00000002, 0x00800202, 0x00008202,
- 0x00808202, 0x00008002, 0x00808000, 0x00800202,
- 0x00800002, 0x00000202, 0x00008202, 0x00808200,
- 0x00000202, 0x00800200, 0x00800200, 0x00000000,
- 0x00008002, 0x00008200, 0x00000000, 0x00808002,
- },
- {
- 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */
- 0x04000100, 0x00000000, 0x00010104, 0x04000100,
- 0x00010004, 0x04000004, 0x04000004, 0x00010000,
- 0x04010104, 0x00010004, 0x04010000, 0x00000104,
- 0x04000000, 0x00000004, 0x04010100, 0x00000100,
- 0x00010100, 0x04010000, 0x04010004, 0x00010104,
- 0x04000104, 0x00010100, 0x00010000, 0x04000104,
- 0x00000004, 0x04010104, 0x00000100, 0x04000000,
- 0x04010100, 0x04000000, 0x00010004, 0x00000104,
- 0x00010000, 0x04010100, 0x04000100, 0x00000000,
- 0x00000100, 0x00010004, 0x04010104, 0x04000100,
- 0x04000004, 0x00000100, 0x00000000, 0x04010004,
- 0x04000104, 0x00010000, 0x04000000, 0x04010104,
- 0x00000004, 0x00010104, 0x00010100, 0x04000004,
- 0x04010000, 0x04000104, 0x00000104, 0x04010000,
- 0x00010104, 0x00000004, 0x04010004, 0x00010100,
- },
- {
- 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */
- 0x00040000, 0x00000080, 0x20000000, 0x01040000,
- 0x20040080, 0x00040000, 0x01000080, 0x20040080,
- 0x21000080, 0x21040000, 0x00040080, 0x20000000,
- 0x01000000, 0x20040000, 0x20040000, 0x00000000,
- 0x20000080, 0x21040080, 0x21040080, 0x01000080,
- 0x21040000, 0x20000080, 0x00000000, 0x21000000,
- 0x01040080, 0x01000000, 0x21000000, 0x00040080,
- 0x00040000, 0x21000080, 0x00000080, 0x01000000,
- 0x20000000, 0x01040000, 0x21000080, 0x20040080,
- 0x01000080, 0x20000000, 0x21040000, 0x01040080,
- 0x20040080, 0x00000080, 0x01000000, 0x21040000,
- 0x21040080, 0x00040080, 0x21000000, 0x21040080,
- 0x01040000, 0x00000000, 0x20040000, 0x21000000,
- 0x00040080, 0x01000080, 0x20000080, 0x00040000,
- 0x00000000, 0x20040000, 0x01040080, 0x20000080,
- },
- {
- 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */
- 0x00401040, 0x80400040, 0x80400000, 0x80001000,
- 0x00000000, 0x00401000, 0x00401000, 0x80401040,
- 0x80000040, 0x00000000, 0x00400040, 0x80400000,
- 0x80000000, 0x00001000, 0x00400000, 0x80401000,
- 0x00000040, 0x00400000, 0x80001000, 0x00001040,
- 0x80400040, 0x80000000, 0x00001040, 0x00400040,
- 0x00001000, 0x00401040, 0x80401040, 0x80000040,
- 0x00400040, 0x80400000, 0x00401000, 0x80401040,
- 0x80000040, 0x00000000, 0x00000000, 0x00401000,
- 0x00001040, 0x00400040, 0x80400040, 0x80000000,
- 0x80401000, 0x80001040, 0x80001040, 0x00000040,
- 0x80401040, 0x80000040, 0x80000000, 0x00001000,
- 0x80400000, 0x80001000, 0x00401040, 0x80400040,
- 0x80001000, 0x00001040, 0x00400000, 0x80401000,
- 0x00000040, 0x00400000, 0x00001000, 0x00401040,
- },
- {
- 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */
- 0x10200000, 0x00000008, 0x10202008, 0x00200000,
- 0x10002000, 0x00202008, 0x00200000, 0x10000008,
- 0x00200008, 0x10002000, 0x10000000, 0x00002008,
- 0x00000000, 0x00200008, 0x10002008, 0x00002000,
- 0x00202000, 0x10002008, 0x00000008, 0x10200008,
- 0x10200008, 0x00000000, 0x00202008, 0x10202000,
- 0x00002008, 0x00202000, 0x10202000, 0x10000000,
- 0x10002000, 0x00000008, 0x10200008, 0x00202000,
- 0x10202008, 0x00200000, 0x00002008, 0x10000008,
- 0x00200000, 0x10002000, 0x10000000, 0x00002008,
- 0x10000008, 0x10202008, 0x00202000, 0x10200000,
- 0x00202008, 0x10202000, 0x00000000, 0x10200008,
- 0x00000008, 0x00002000, 0x10200000, 0x00202008,
- 0x00002000, 0x00200008, 0x10002008, 0x00000000,
- 0x10202000, 0x10000000, 0x00200008, 0x10002008,
- },
- {
- 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */
- 0x08000000, 0x08000820, 0x00000020, 0x08000000,
- 0x00020020, 0x08020000, 0x08020820, 0x00020800,
- 0x08020800, 0x00020820, 0x00000800, 0x00000020,
- 0x08020000, 0x08000020, 0x08000800, 0x00000820,
- 0x00020800, 0x00020020, 0x08020020, 0x08020800,
- 0x00000820, 0x00000000, 0x00000000, 0x08020020,
- 0x08000020, 0x08000800, 0x00020820, 0x00020000,
- 0x00020820, 0x00020000, 0x08020800, 0x00000800,
- 0x00000020, 0x08020020, 0x00000800, 0x00020820,
- 0x08000800, 0x00000020, 0x08000020, 0x08020000,
- 0x08020020, 0x08000000, 0x00020000, 0x08000820,
- 0x00000000, 0x08020820, 0x00020020, 0x08000020,
- 0x08020000, 0x08000800, 0x08000820, 0x00000000,
- 0x08020820, 0x00020800, 0x00020800, 0x00000820,
- 0x00000820, 0x00020020, 0x08000000, 0x08020800,
- },
- {
- 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */
- 0x00080000, 0x00000010, 0x40080010, 0x40004010,
- 0x40000010, 0x40084010, 0x40084000, 0x40000000,
- 0x40004000, 0x00080000, 0x00000010, 0x40080010,
- 0x00084000, 0x00080010, 0x40004010, 0x00000000,
- 0x40000000, 0x00004000, 0x00084010, 0x40080000,
- 0x00080010, 0x40000010, 0x00000000, 0x00084000,
- 0x00004010, 0x40084000, 0x40080000, 0x00004010,
- 0x00000000, 0x00084010, 0x40080010, 0x00080000,
- 0x40004010, 0x40080000, 0x40084000, 0x00004000,
- 0x40080000, 0x40004000, 0x00000010, 0x40084010,
- 0x00084010, 0x00000010, 0x00004000, 0x40000000,
- 0x00004010, 0x40084000, 0x00080000, 0x40000010,
- 0x00080010, 0x40004010, 0x40000010, 0x00080010,
- 0x00084000, 0x00000000, 0x40004000, 0x00004010,
- 0x40000000, 0x40080010, 0x40084010, 0x00084000
- },
-};
diff --git a/src/lib/crypto/des/f_tables.h b/src/lib/crypto/des/f_tables.h
deleted file mode 100644
index 45a6322fe..000000000
--- a/src/lib/crypto/des/f_tables.h
+++ /dev/null
@@ -1,279 +0,0 @@
-/*
- * lib/crypto/des/f_tables.h
- *
- * Copyright (C) 1990 by the Massachusetts Institute of Technology.
- * All rights reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * DES implementation donated by Dennis Ferguson
- */
-
-/*
- * des_tables.h - declarations to import the DES tables, used internally
- * by some of the library routines.
- */
-#ifndef __DES_TABLES_H__
-#define __DES_TABLES_H__ /* nothing */
-
-#include "k5-platform.h"
-/*
- * These may be declared const if you wish. Be sure to change the
- * declarations in des_tables.c as well.
- */
-extern const unsigned DES_INT32 des_IP_table[256];
-extern const unsigned DES_INT32 des_FP_table[256];
-extern const unsigned DES_INT32 des_SP_table[8][64];
-
-/*
- * Use standard shortforms to reference these to save typing
- */
-#define IP des_IP_table
-#define FP des_FP_table
-#define SP des_SP_table
-
-#ifdef DEBUG
-#define DEB(foofraw) printf foofraw
-#else
-#define DEB(foofraw) /* nothing */
-#endif
-
-/*
- * Code to do a DES round using the tables. Note that the E expansion
- * is easy to compute algorithmically, especially if done out-of-order.
- * Take a look at its form and compare it to everything involving temp
- * below. Since SP[0-7] don't have any bits in common set it is okay
- * to do the successive xor's.
- *
- * Note too that the SP table has been reordered to match the order of
- * the keys (if the original order of SP was 12345678, the reordered
- * table is 71354682). This is unnecessary, but was done since some
- * compilers seem to like you going through the matrix from beginning
- * to end.
- *
- * There is a difference in the best way to do this depending on whether
- * one is encrypting or decrypting. If encrypting we move forward through
- * the keys and hence should move forward through the table. If decrypting
- * we go back. Part of the need for this comes from trying to emulate
- * existing software which generates a single key schedule and uses it
- * both for encrypting and decrypting. Generating separate encryption
- * and decryption key schedules would allow one to use the same code
- * for both.
- *
- * left, right and temp should be unsigned DES_INT32 values. left and right
- * should be the high and low order parts of the cipher block at the
- * current stage of processing (this makes sense if you read the spec).
- * kp should be an unsigned DES_INT32 pointer which points at the current
- * set of subkeys in the key schedule. It is advanced to the next set
- * (i.e. by 8 bytes) when this is done.
- *
- * This occurs in the innermost loop of the DES function. The four
- * variables should really be in registers.
- *
- * When using this, the inner loop of the DES function might look like:
- *
- * for (i = 0; i < 8; i++) {
- * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp);
- * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp);
- * }
- *
- * Note the trick above. You are supposed to do 16 rounds, swapping
- * left and right at the end of each round. By doing two rounds at
- * a time and swapping left and right in the code we can avoid the
- * swaps altogether.
- */
-#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) \
- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \
- (left) ^= SP[0][((temp) >> 24) & 0x3f] \
- | SP[1][((temp) >> 16) & 0x3f] \
- | SP[2][((temp) >> 8) & 0x3f] \
- | SP[3][((temp) ) & 0x3f]; \
- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \
- (left) ^= SP[4][((temp) >> 24) & 0x3f] \
- | SP[5][((temp) >> 16) & 0x3f] \
- | SP[6][((temp) >> 8) & 0x3f] \
- | SP[7][((temp) ) & 0x3f]
-
-#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) \
- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \
- (left) ^= SP[7][((temp) ) & 0x3f] \
- | SP[6][((temp) >> 8) & 0x3f] \
- | SP[5][((temp) >> 16) & 0x3f] \
- | SP[4][((temp) >> 24) & 0x3f]; \
- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \
- (left) ^= SP[3][((temp) ) & 0x3f] \
- | SP[2][((temp) >> 8) & 0x3f] \
- | SP[1][((temp) >> 16) & 0x3f] \
- | SP[0][((temp) >> 24) & 0x3f]
-
-/*
- * Macros to help deal with the initial permutation table. Note
- * the IP table only deals with 32 bits at a time, allowing us to
- * collect the bits we need to deal with each half into an unsigned
- * DES_INT32. By carefully selecting how the bits are ordered we also
- * take advantages of symmetries in the table so that we can use a
- * single table to compute the permutation of all bytes. This sounds
- * complicated, but if you go through the process of designing the
- * table you'll find the symmetries fall right out.
- *
- * The follow macros compute the set of bits used to index the
- * table for produce the left and right permuted result.
- *
- * The inserted cast to unsigned DES_INT32 circumvents a bug in
- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
- * propagates the high-order bit in the shift.
- */
-#define DES_IP_LEFT_BITS(left, right) \
- ((((left) & 0x55555555) << 1) | ((right) & 0x55555555))
-#define DES_IP_RIGHT_BITS(left, right) \
- (((left) & 0xaaaaaaaa) | \
- ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1))
-
-/*
- * The following macro does an in-place initial permutation given
- * the current left and right parts of the block and a single
- * temporary. Use this more as a guide for rolling your own, though.
- * The best way to do the IP depends on the form of the data you
- * are dealing with. If you use this, though, try to make left,
- * right and temp register unsigned DES_INT32s.
- */
-#define DES_INITIAL_PERM(left, right, temp) \
- (temp) = DES_IP_RIGHT_BITS((left), (right)); \
- (right) = DES_IP_LEFT_BITS((left), (right)); \
- (left) = IP[((right) >> 24) & 0xff] \
- | (IP[((right) >> 16) & 0xff] << 1) \
- | (IP[((right) >> 8) & 0xff] << 2) \
- | (IP[(right) & 0xff] << 3); \
- (right) = IP[((temp) >> 24) & 0xff] \
- | (IP[((temp) >> 16) & 0xff] << 1) \
- | (IP[((temp) >> 8) & 0xff] << 2) \
- | (IP[(temp) & 0xff] << 3)
-
-/*
- * Now the final permutation stuff. The same comments apply to
- * this as to the initial permutation, except that we use different
- * bits and shifts.
- *
- * The inserted cast to unsigned DES_INT32 circumvents a bug in
- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and
- * propagates the high-order bit in the shift.
- */
-#define DES_FP_LEFT_BITS(left, right) \
- ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f))
-#define DES_FP_RIGHT_BITS(left, right) \
- (((left) & 0xf0f0f0f0) | \
- ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4))
-
-
-/*
- * Here is a sample final permutation. Note that there is a trick
- * here. DES requires swapping the left and right parts after the
- * last cipher round but before the final permutation. We do this
- * swapping internally, which is why left and right are confused
- * at the beginning.
- */
-#define DES_FINAL_PERM(left, right, temp) \
- (temp) = DES_FP_RIGHT_BITS((right), (left)); \
- (right) = DES_FP_LEFT_BITS((right), (left)); \
- (left) = (FP[((right) >> 24) & 0xff] << 6) \
- | (FP[((right) >> 16) & 0xff] << 4) \
- | (FP[((right) >> 8) & 0xff] << 2) \
- | FP[(right) & 0xff]; \
- (right) = (FP[((temp) >> 24) & 0xff] << 6) \
- | (FP[((temp) >> 16) & 0xff] << 4) \
- | (FP[((temp) >> 8) & 0xff] << 2) \
- | FP[temp & 0xff]
-
-
-/*
- * Finally, as a sample of how all this might be held together, the
- * following two macros do in-place encryptions and decryptions. left
- * and right are two unsigned DES_INT32 variables which at the beginning
- * are expected to hold the clear (encrypted) block in host byte order
- * (left the high order four bytes, right the low order). At the end
- * they will contain the encrypted (clear) block. temp is an unsigned DES_INT32
- * used as a temporary. kp is an unsigned DES_INT32 pointer pointing at
- * the start of the key schedule. All these should be in registers.
- *
- * You can probably do better than these by rewriting for particular
- * situations. These aren't bad, though.
- *
- * The DEB macros enable debugging when this code breaks (typically
- * when a buggy compiler breaks it), by printing the intermediate values
- * at each stage of the encryption, so that by comparing the output to
- * a known good machine, the location of the first error can be found.
- */
-#define DES_DO_ENCRYPT_1(left, right, kp) \
- do { \
- register int i; \
- register unsigned DES_INT32 temp1; \
- DEB (("do_encrypt %8lX %8lX \n", left, right)); \
- DES_INITIAL_PERM((left), (right), (temp1)); \
- DEB ((" after IP %8lX %8lX\n", left, right)); \
- for (i = 0; i < 8; i++) { \
- DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \
- DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \
- DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \
- DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \
- } \
- DES_FINAL_PERM((left), (right), (temp1)); \
- (kp) -= (2 * 16); \
- DEB ((" after FP %8lX %8lX \n", left, right)); \
- } while (0)
-
-#define DES_DO_DECRYPT_1(left, right, kp) \
- do { \
- register int i; \
- register unsigned DES_INT32 temp2; \
- DES_INITIAL_PERM((left), (right), (temp2)); \
- (kp) += (2 * 16); \
- for (i = 0; i < 8; i++) { \
- DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \
- DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \
- } \
- DES_FINAL_PERM((left), (right), (temp2)); \
- } while (0)
-
-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO)
-extern void krb5int_des_do_encrypt_2(unsigned DES_INT32 *l,
- unsigned DES_INT32 *r,
- const unsigned DES_INT32 *k);
-extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l,
- unsigned DES_INT32 *r,
- const unsigned DES_INT32 *k);
-#define DES_DO_ENCRYPT(L,R,K) krb5int_des_do_encrypt_2(&(L), &(R), (K))
-#define DES_DO_DECRYPT(L,R,K) krb5int_des_do_decrypt_2(&(L), &(R), (K))
-#else
-#define DES_DO_ENCRYPT DES_DO_ENCRYPT_1
-#define DES_DO_DECRYPT DES_DO_DECRYPT_1
-#endif
-
-/*
- * These are handy dandy utility thingies for straightening out bytes.
- * Included here because they're used a couple of places.
- */
-#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4)
-#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4)
-
-/* Shorthand that we'll need in several places, for creating values that
- really can hold 32 bits regardless of the prevailing int size. */
-#define FF_UINT32 ((unsigned DES_INT32) 0xFF)
-
-#endif /* __DES_TABLES_H__ */
diff --git a/src/lib/crypto/des/key_sched.c b/src/lib/crypto/des/key_sched.c
deleted file mode 100644
index 26449a94c..000000000
--- a/src/lib/crypto/des/key_sched.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * lib/crypto/des/key_sched.c
- *
- * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute
- * of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- *
- * This routine computes the DES key schedule given a key. The
- * permutations and shifts have been done at compile time, resulting
- * in a direct one-step mapping from the input key to the key
- * schedule.
- *
- * Also checks parity and weak keys.
- *
- * Watch out for the subscripts -- most effectively start at 1 instead
- * of at zero. Maybe some bugs in that area.
- *
- * In case the user wants to cache the computed key schedule, it is
- * passed as an arg. Also implies that caller has explicit control
- * over zeroing both the key schedule and the key.
- *
- * Originally written 6/85 by Steve Miller, MIT Project Athena.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-
-int
-mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule)
-{
- mit_des_make_key_sched(k,schedule);
-
- if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */
- return(-1);
-
- if (mit_des_is_weak_key(k))
- return(-2);
-
- /* if key was good, return 0 */
- return 0;
-}
diff --git a/src/lib/crypto/des/keytest.data b/src/lib/crypto/des/keytest.data
deleted file mode 100644
index 7ff34eedc..000000000
--- a/src/lib/crypto/des/keytest.data
+++ /dev/null
@@ -1,171 +0,0 @@
-0101010101010101 95F8A5E5DD31D900 8000000000000000
-0101010101010101 DD7F121CA5015619 4000000000000000
-0101010101010101 2E8653104F3834EA 2000000000000000
-0101010101010101 4BD388FF6CD81D4F 1000000000000000
-0101010101010101 20B9E767B2FB1456 0800000000000000
-0101010101010101 55579380D77138EF 0400000000000000
-0101010101010101 6CC5DEFAAF04512F 0200000000000000
-0101010101010101 0D9F279BA5D87260 0100000000000000
-0101010101010101 D9031B0271BD5A0A 0080000000000000
-0101010101010101 424250B37C3DD951 0040000000000000
-0101010101010101 B8061B7ECD9A21E5 0020000000000000
-0101010101010101 F15D0F286B65BD28 0010000000000000
-0101010101010101 ADD0CC8D6E5DEBA1 0008000000000000
-0101010101010101 E6D5F82752AD63D1 0004000000000000
-0101010101010101 ECBFE3BD3F591A5E 0002000000000000
-0101010101010101 F356834379D165CD 0001000000000000
-0101010101010101 2B9F982F20037FA9 0000800000000000
-0101010101010101 889DE068A16F0BE6 0000400000000000
-0101010101010101 E19E275D846A1298 0000200000000000
-0101010101010101 329A8ED523D71AEC 0000100000000000
-0101010101010101 E7FCE22557D23C97 0000080000000000
-0101010101010101 12A9F5817FF2D65D 0000040000000000
-0101010101010101 A484C3AD38DC9C19 0000020000000000
-0101010101010101 FBE00A8A1EF8AD72 0000010000000000
-0101010101010101 750D079407521363 0000008000000000
-0101010101010101 64FEED9C724C2FAF 0000004000000000
-0101010101010101 F02B263B328E2B60 0000002000000000
-0101010101010101 9D64555A9A10B852 0000001000000000
-0101010101010101 D106FF0BED5255D7 0000000800000000
-0101010101010101 E1652C6B138C64A5 0000000400000000
-0101010101010101 E428581186EC8F46 0000000200000000
-0101010101010101 AEB5F5EDE22D1A36 0000000100000000
-0101010101010101 E943D7568AEC0C5C 0000000080000000
-0101010101010101 DF98C8276F54B04B 0000000040000000
-0101010101010101 B160E4680F6C696F 0000000020000000
-0101010101010101 FA0752B07D9C4AB8 0000000010000000
-0101010101010101 CA3A2B036DBC8502 0000000008000000
-0101010101010101 5E0905517BB59BCF 0000000004000000
-0101010101010101 814EEB3B91D90726 0000000002000000
-0101010101010101 4D49DB1532919C9F 0000000001000000
-0101010101010101 25EB5FC3F8CF0621 0000000000800000
-0101010101010101 AB6A20C0620D1C6F 0000000000400000
-0101010101010101 79E90DBC98F92CCA 0000000000200000
-0101010101010101 866ECEDD8072BB0E 0000000000100000
-0101010101010101 8B54536F2F3E64A8 0000000000080000
-0101010101010101 EA51D3975595B86B 0000000000040000
-0101010101010101 CAFFC6AC4542DE31 0000000000020000
-0101010101010101 8DD45A2DDF90796C 0000000000010000
-0101010101010101 1029D55E880EC2D0 0000000000008000
-0101010101010101 5D86CB23639DBEA9 0000000000004000
-0101010101010101 1D1CA853AE7C0C5F 0000000000002000
-0101010101010101 CE332329248F3228 0000000000001000
-0101010101010101 8405D1ABE24FB942 0000000000000800
-0101010101010101 E643D78090CA4207 0000000000000400
-0101010101010101 48221B9937748A23 0000000000000200
-0101010101010101 DD7C0BBD61FAFD54 0000000000000100
-0101010101010101 2FBC291A570DB5C4 0000000000000080
-0101010101010101 E07C30D7E4E26E12 0000000000000040
-0101010101010101 0953E2258E8E90A1 0000000000000020
-0101010101010101 5B711BC4CEEBF2EE 0000000000000010
-0101010101010101 CC083F1E6D9E85F6 0000000000000008
-0101010101010101 D2FD8867D50D2DFE 0000000000000004
-0101010101010101 06E7EA22CE92708F 0000000000000002
-0101010101010101 166B40B44ABA4BD6 0000000000000001
-8001010101010101 0000000000000000 95A8D72813DAA94D
-4001010101010101 0000000000000000 0EEC1487DD8C26D5
-2001010101010101 0000000000000000 7AD16FFB79C45926
-1001010101010101 0000000000000000 D3746294CA6A6CF3
-0801010101010101 0000000000000000 809F5F873C1FD761
-0401010101010101 0000000000000000 C02FAFFEC989D1FC
-0201010101010101 0000000000000000 4615AA1D33E72F10
-0180010101010101 0000000000000000 2055123350C00858
-0140010101010101 0000000000000000 DF3B99D6577397C8
-0120010101010101 0000000000000000 31FE17369B5288C9
-0110010101010101 0000000000000000 DFDD3CC64DAE1642
-0108010101010101 0000000000000000 178C83CE2B399D94
-0104010101010101 0000000000000000 50F636324A9B7F80
-0102010101010101 0000000000000000 A8468EE3BC18F06D
-0101800101010101 0000000000000000 A2DC9E92FD3CDE92
-0101400101010101 0000000000000000 CAC09F797D031287
-0101200101010101 0000000000000000 90BA680B22AEB525
-0101100101010101 0000000000000000 CE7A24F350E280B6
-0101080101010101 0000000000000000 882BFF0AA01A0B87
-0101040101010101 0000000000000000 25610288924511C2
-0101020101010101 0000000000000000 C71516C29C75D170
-0101018001010101 0000000000000000 5199C29A52C9F059
-0101014001010101 0000000000000000 C22F0A294A71F29F
-0101012001010101 0000000000000000 EE371483714C02EA
-0101011001010101 0000000000000000 A81FBD448F9E522F
-0101010801010101 0000000000000000 4F644C92E192DFED
-0101010401010101 0000000000000000 1AFA9A66A6DF92AE
-0101010201010101 0000000000000000 B3C1CC715CB879D8
-0101010180010101 0000000000000000 19D032E64AB0BD8B
-0101010140010101 0000000000000000 3CFAA7A7DC8720DC
-0101010120010101 0000000000000000 B7265F7F447AC6F3
-0101010110010101 0000000000000000 9DB73B3C0D163F54
-0101010108010101 0000000000000000 8181B65BABF4A975
-0101010104010101 0000000000000000 93C9B64042EAA240
-0101010102010101 0000000000000000 5570530829705592
-0101010101800101 0000000000000000 8638809E878787A0
-0101010101400101 0000000000000000 41B9A79AF79AC208
-0101010101200101 0000000000000000 7A9BE42F2009A892
-0101010101100101 0000000000000000 29038D56BA6D2745
-0101010101080101 0000000000000000 5495C6ABF1E5DF51
-0101010101040101 0000000000000000 AE13DBD561488933
-0101010101020101 0000000000000000 024D1FFA8904E389
-0101010101018001 0000000000000000 D1399712F99BF02E
-0101010101014001 0000000000000000 14C1D7C1CFFEC79E
-0101010101012001 0000000000000000 1DE5279DAE3BED6F
-0101010101011001 0000000000000000 E941A33F85501303
-0101010101010801 0000000000000000 DA99DBBC9A03F379
-0101010101010401 0000000000000000 B7FC92F91D8E92E9
-0101010101010201 0000000000000000 AE8E5CAA3CA04E85
-0101010101010180 0000000000000000 9CC62DF43B6EED74
-0101010101010140 0000000000000000 D863DBB5C59A91A0
-0101010101010120 0000000000000000 A1AB2190545B91D7
-0101010101010110 0000000000000000 0875041E64C570F7
-0101010101010108 0000000000000000 5A594528BEBEF1CC
-0101010101010104 0000000000000000 FCDB3291DE21F0C0
-0101010101010102 0000000000000000 869EFD7F9F265A09
-1046913489980131 0000000000000000 88D55E54F54C97B4
-1007103489988020 0000000000000000 0C0CC00C83EA48FD
-10071034C8980120 0000000000000000 83BC8EF3A6570183
-1046103489988020 0000000000000000 DF725DCAD94EA2E9
-1086911519190101 0000000000000000 E652B53B550BE8B0
-1086911519580101 0000000000000000 AF527120C485CBB0
-5107B01519580101 0000000000000000 0F04CE393DB926D5
-1007B01519190101 0000000000000000 C9F00FFC74079067
-3107915498080101 0000000000000000 7CFD82A593252B4E
-3107919498080101 0000000000000000 CB49A2F9E91363E3
-10079115B9080140 0000000000000000 00B588BE70D23F56
-3107911598080140 0000000000000000 406A9A6AB43399AE
-1007D01589980101 0000000000000000 6CB773611DCA9ADA
-9107911589980101 0000000000000000 67FD21C17DBB5D70
-9107D01589190101 0000000000000000 9592CB4110430787
-1007D01598980120 0000000000000000 A6B7FF68A318DDD3
-1007940498190101 0000000000000000 4D102196C914CA16
-0107910491190401 0000000000000000 2DFA9F4573594965
-0107910491190101 0000000000000000 B46604816C0E0774
-0107940491190401 0000000000000000 6E7E6221A4F34E87
-19079210981A0101 0000000000000000 AA85E74643233199
-1007911998190801 0000000000000000 2E5A19DB4D1962D6
-10079119981A0801 0000000000000000 23A866A809D30894
-1007921098190101 0000000000000000 D812D961F017D320
-100791159819010B 0000000000000000 055605816E58608F
-1004801598190101 0000000000000000 ABD88E8B1B7716F1
-1004801598190102 0000000000000000 537AC95BE69DA1E1
-1004801598190108 0000000000000000 AED0F6AE3C25CDD8
-1002911598100104 0000000000000000 B3E35A5EE53E7B8D
-1002911598190104 0000000000000000 61C79C71921A2EF8
-1002911598100201 0000000000000000 E2F5728F0995013C
-1002911698100101 0000000000000000 1AEAC39A61F0A464
-7CA110454A1A6E57 01A1D6D039776742 690F5B0D9A26939B
-0131D9619DC1376E 5CD54CA83DEF57DA 7A389D10354BD271
-07A1133E4A0B2686 0248D43806F67172 868EBB51CAB4599A
-3849674C2602319E 51454B582DDF440A 7178876E01F19B2A
-04B915BA43FEB5B6 42FD443059577FA2 AF37FB421F8C4095
-0113B970FD34F2CE 059B5E0851CF143A 86A560F10EC6D85B
-0170F175468FB5E6 0756D8E0774761D2 0CD3DA020021DC09
-43297FAD38E373FE 762514B829BF486A EA676B2CB7DB2B7A
-07A7137045DA2A16 3BDD119049372802 DFD64A815CAF1A0F
-04689104C2FD3B2F 26955F6835AF609A 5C513C9C4886C088
-37D06BB516CB7546 164D5E404F275232 0A2AEEAE3FF4AB77
-1F08260D1AC2465E 6B056E18759F5CCA EF1BF03E5DFA575A
-584023641ABA6176 004BD6EF09176062 88BF0DB6D70DEE56
-025816164629B007 480D39006EE762F2 A1F9915541020B56
-49793EBC79B3258F 437540C8698F3CFA 6FBF1CAFCFFD0556
-4FB05E1515AB73A7 072D43A077075292 2F22E49BAB7CA1AC
-49E95D6D4CA229BF 02FE55778117F12A 5A6B612CC26CCE4A
-018310DC409B26D6 1D9D5C5018F728C2 5F4C038ED12B2E41
-1C587F1C13924FEF 305532286D6F295A 63FAC0D034D9F793
diff --git a/src/lib/crypto/des/string2key.c b/src/lib/crypto/des/string2key.c
deleted file mode 100644
index 0ce413685..000000000
--- a/src/lib/crypto/des/string2key.c
+++ /dev/null
@@ -1,261 +0,0 @@
-/*
- * lib/crypto/des/des_s2k.c
- *
- * Copyright 2004, 2008 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- *
- * Compute encryption key from salt and pass phrase.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-
-krb5_error_code
-mit_des_string_to_key_int (krb5_keyblock *key,
- const krb5_data *pw, const krb5_data *salt)
-{
- union {
- /* 8 "forward" bytes, 8 "reverse" bytes */
- unsigned char uc[16];
- krb5_ui_4 ui[4];
- mit_des_cblock cb;
- } temp;
- unsigned int i;
- krb5_ui_4 x, y, z;
- unsigned char *p;
- des_key_schedule sched;
- char *copy;
- size_t copylen;
-
- /* As long as the architecture is big-endian or little-endian, it
- doesn't matter which it is. Think of it as reversing the
- bytes, and also reversing the bits within each byte. But this
- current algorithm is dependent on having four 8-bit char values
- exactly overlay a 32-bit integral type. */
- if (sizeof(temp.uc) != sizeof(temp.ui)
- || (unsigned char)~0 != 0xFF
- || (krb5_ui_4)~(krb5_ui_4)0 != 0xFFFFFFFF
- || (temp.uc[0] = 1, temp.uc[1] = 2, temp.uc[2] = 3, temp.uc[3] = 4,
- !(temp.ui[0] == 0x01020304
- || temp.ui[0] == 0x04030201)))
- abort();
-#define FETCH4(VAR, IDX) VAR = temp.ui[IDX/4]
-#define PUT4(VAR, IDX) temp.ui[IDX/4] = VAR
-
- if (salt
- && (salt->length == SALT_TYPE_AFS_LENGTH
- /* XXX Yuck! Aren't we done with this yet? */
- || salt->length == (unsigned) -1)) {
- krb5_data afssalt;
- char *at;
-
- afssalt.data = salt->data;
- at = strchr(afssalt.data, '@');
- if (at) {
- *at = 0;
- afssalt.length = at - afssalt.data;
- } else
- afssalt.length = strlen(afssalt.data);
- return mit_afs_string_to_key(key, pw, &afssalt);
- }
-
- copylen = pw->length + (salt ? salt->length : 0);
- /* Don't need NUL termination, at this point we're treating it as
- a byte array, not a string. */
- copy = malloc(copylen);
- if (copy == NULL)
- return ENOMEM;
- memcpy(copy, pw->data, pw->length);
- if (salt)
- memcpy(copy + pw->length, salt->data, salt->length);
-
- memset(&temp, 0, sizeof(temp));
- p = temp.uc;
- /* Handle the fan-fold xor operation by splitting the data into
- forward and reverse sections, and combine them later, rather
- than having to do the reversal over and over again. */
- for (i = 0; i < copylen; i++) {
- *p++ ^= copy[i];
- if (p == temp.uc+16) {
- p = temp.uc;
-#ifdef PRINT_TEST_VECTORS
- {
- int j;
- printf("after %d input bytes:\nforward block:\t", i+1);
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\nreverse block:\t");
- for (j = 8; j < 16; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
- }
-#endif
- }
- }
-
-#ifdef PRINT_TEST_VECTORS
- if (p != temp.uc) {
- int j;
- printf("at end, after %d input bytes:\nforward block:\t", i);
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\nreverse block:\t");
- for (j = 8; j < 16; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
- }
-#endif
-#if 0
- /* Algorithm described in Dr. Dobbs Journal 1983, reported in "bit
- twiddling hacks" web page collected by Sean Eron Anderson; see
- http://graphics.stanford.edu/~seander/bithacks.html for
- details.
-
- Avoids loops, uses 7*lg(N)=35 ops instead of 4*N=128 for the
- obvious mask, ior, shift, shift sequence of each 32-bit
- quantity.
-
- If we could rely on 64-bit math, another 7 ops would save us
- from having to do double the work. */
-#define REVERSE_STEP(VAR, SHIFT, MASK) \
- VAR = ((VAR >> SHIFT) & MASK) | ((VAR << SHIFT) & (0xFFFFFFFFUL & ~MASK))
-#define REVERSE(VAR) \
- REVERSE_STEP (VAR, 1, 0x55555555UL); /* swap odd/even bits */ \
- REVERSE_STEP (VAR, 2, 0x33333333UL); /* swap bitpairs */ \
- REVERSE_STEP (VAR, 4, 0x0F0F0F0FUL); /* swap nibbles, etc */ \
- REVERSE_STEP (VAR, 8, 0x00FF00FFUL); \
- REVERSE_STEP (VAR, 16, 0x0000FFFFUL);
-#else /* shorter */
-#define REVERSE(VAR) \
- { \
- krb5_ui_4 old = VAR, temp1 = 0; \
- int j; \
- for (j = 0; j < 32; j++) { \
- temp1 = (temp1 << 1) | (old & 1); \
- old >>= 1; \
- } \
- VAR = temp1; \
- }
-#endif
-
- FETCH4 (x, 8);
- FETCH4 (y, 12);
- /* Ignore high bits of each input byte. */
- x &= 0x7F7F7F7F;
- y &= 0x7F7F7F7F;
- /* Reverse the bit strings -- after this, y is "before" x. */
- REVERSE (x);
- REVERSE (y);
-#ifdef PRINT_TEST_VECTORS
- {
- int j;
- union { unsigned char uc[4]; krb5_ui_4 ui; } t2;
- printf("after reversal, reversed block:\n\t\t");
- t2.ui = y;
- for (j = 0; j < 4; j++)
- printf(" %02x", t2.uc[j] & 0xff);
- t2.ui = x;
- for (j = 0; j < 4; j++)
- printf(" %02x", t2.uc[j] & 0xff);
- printf("\n");
- }
-#endif
- /* Ignored bits are now at the bottom of each byte, where we'll
- put the parity bits. Good. */
- FETCH4 (z, 0);
- z &= 0x7F7F7F7F;
- /* Ignored bits for z are at the top of each byte; fix that. */
- z <<= 1;
- /* Finish the fan-fold xor for these four bytes. */
- z ^= y;
- PUT4 (z, 0);
- /* Now do the second four bytes. */
- FETCH4 (z, 4);
- z &= 0x7F7F7F7F;
- /* Ignored bits for z are at the top of each byte; fix that. */
- z <<= 1;
- /* Finish the fan-fold xor for these four bytes. */
- z ^= x;
- PUT4 (z, 4);
-
-#ifdef PRINT_TEST_VECTORS
- {
- int j;
- printf("after reversal, combined block:\n\t\t");
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
- }
-#endif
-
-#define FIXUP(K) \
- (mit_des_fixup_key_parity(K), \
- mit_des_is_weak_key(K) ? (K[7] ^= 0xF0) : 0)
-
- /* Now temp.cb is the temporary key, with invalid parity. */
- FIXUP(temp.cb);
-
-#ifdef PRINT_TEST_VECTORS
- {
- int j;
- printf("after fixing parity and weak keys:\n\t\t");
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
- }
-#endif
-
- mit_des_key_sched(temp.cb, sched);
- mit_des_cbc_cksum(copy, temp.cb, copylen, sched, temp.cb);
-
- memset(copy, 0, copylen);
- free(copy);
-
-#ifdef PRINT_TEST_VECTORS
- {
- int j;
- printf("cbc checksum:\n\t\t");
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
- }
-#endif
-
- memset(sched, 0, sizeof(sched));
- FIXUP (temp.cb);
-
-#ifdef PRINT_TEST_VECTORS
- {
- int j;
- printf("after fixing parity and weak keys:\n\t\t");
- for (j = 0; j < 8; j++)
- printf(" %02x", temp.uc[j] & 0xff);
- printf("\n");
- }
-#endif
-
- memcpy(key->contents, temp.cb, 8);
- memset(&temp, 0, sizeof(temp));
-
- return 0;
-}
diff --git a/src/lib/crypto/des/t_afss2k.c b/src/lib/crypto/des/t_afss2k.c
deleted file mode 100644
index a6d0aa58d..000000000
--- a/src/lib/crypto/des/t_afss2k.c
+++ /dev/null
@@ -1,136 +0,0 @@
-#include "des_int.h"
-
-static const char *me;
-
-struct test_case {
- char *saltstr;
- int saltlen;
- unsigned char keys[12][8];
-};
-
-struct test_case test_cases[] = {
- {
- "Sodium Chloride", -1,
- {
- { 0xa4, 0xd0, 0xd0, 0x9b, 0x86, 0x92, 0xb0, 0xc2, },
- { 0xf1, 0xf2, 0x9e, 0xab, 0xd0, 0xef, 0xdf, 0x73, },
- { 0xd6, 0x85, 0x61, 0xc4, 0xf2, 0x94, 0xf4, 0xa1, },
- { 0xd0, 0xe3, 0xa7, 0x83, 0x94, 0x61, 0xe0, 0xd0, },
- { 0xd5, 0x62, 0xcd, 0x94, 0x61, 0xcb, 0x97, 0xdf, },
- { 0x9e, 0xa2, 0xa2, 0xec, 0xa8, 0x8c, 0x6b, 0x8f, },
- { 0xe3, 0x91, 0x6d, 0xd3, 0x85, 0xf1, 0x67, 0xc4, },
- { 0xf4, 0xc4, 0x73, 0xc8, 0x8a, 0xe9, 0x94, 0x6d, },
- { 0xa1, 0x9e, 0xb3, 0xad, 0x6b, 0xe3, 0xab, 0xd9, },
- { 0xad, 0xa1, 0xce, 0x10, 0x37, 0x83, 0xa7, 0x8c, },
- { 0xd3, 0x01, 0xd0, 0xf7, 0x3e, 0x7a, 0x49, 0x0b, },
- { 0xb6, 0x2a, 0x4a, 0xec, 0x9d, 0x4c, 0x68, 0xdf, },
- }
- },
- {
- "NaCl", 4,
- {
- { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 },
- { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 },
- { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 },
- { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 },
- { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 },
- { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad },
- { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 },
- { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 },
- { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 },
- { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 },
- { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 },
- { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 },
- }
- },
- {
- /* This one intentionally supplies a length shorter
- than the string. The point of this is to ensure
- that s[len] is not zero, so that anything actually
- relying on that value (i.e., reading out of bounds)
- should generate incorrect results. */
- "NaCl2", 4,
- {
- { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 },
- { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 },
- { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 },
- { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 },
- { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 },
- { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad },
- { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 },
- { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 },
- { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 },
- { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 },
- { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 },
- { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 },
- }
- },
-};
-
-static void do_it (struct test_case *tcase);
-
-int
-main (int argc, char *argv[])
-{
- int i;
-
- me = argv[0];
- for (i = 0; i < sizeof (test_cases) / sizeof (struct test_case); i++)
- do_it (&test_cases[i]);
- return 0;
-}
-
-static void
-do_it (struct test_case *tcase)
-{
- unsigned char keydata[8];
- krb5_data salt, passwd;
- krb5_keyblock key;
- krb5_error_code err;
- int i;
- unsigned char longpass[2048];
-
- key.contents = keydata;
- key.length = sizeof (keydata);
-
- salt.data = tcase->saltstr;
- if (tcase->saltlen == -1)
- salt.length = strlen (tcase->saltstr);
- else
- salt.length = tcase->saltlen;
-
- /*
- * Try passwords with lengths equal to, greater than, and less
- * than 8 characters, since the AFS s2k algorithm does
- * interesting stuff depending on the length.
- */
- passwd.data = "My Password";
- for (i = 0; i < 12; i++) {
- passwd.length = i;
- err = mit_afs_string_to_key (&key, &passwd, &salt);
- if (err != 0) {
- com_err (me, err, "");
- exit (1);
- }
- if (memcmp (tcase->keys[i], keydata, 8) != 0)
- abort ();
- }
-
- /* Run another pass to make sure the characters after the
- password in the buffer aren't influencing the output. The
- password is *not* required to be null-terminated. */
- memset (longpass, '!', sizeof (longpass));
- longpass[sizeof (longpass)-1] = '\0';
- memcpy (longpass, "My Password", strlen ("My Password"));
- passwd.data = (char *) longpass;
- for (i = 0; i < 12; i++) {
- passwd.length = i;
- err = mit_afs_string_to_key (&key, &passwd, &salt);
- if (err != 0) {
- com_err (me, err, "");
- exit (1);
- }
- if (memcmp (tcase->keys[i], keydata, 8) != 0)
- abort ();
- }
-}
diff --git a/src/lib/crypto/des/t_verify.c b/src/lib/crypto/des/t_verify.c
deleted file mode 100644
index a6ad07cb8..000000000
--- a/src/lib/crypto/des/t_verify.c
+++ /dev/null
@@ -1,418 +0,0 @@
-/*
- * lib/crypto/des/verify.c
- *
- * Copyright 1988, 1990 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- *
- * Program to test the correctness of the DES library
- * implementation.
- *
- * exit returns 0 ==> success
- * -1 ==> error
- */
-
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government. It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. FundsXpress makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-#include <stdio.h>
-#include "com_err.h"
-
-static void do_encrypt(unsigned char *, unsigned char *);
-static void do_decrypt(unsigned char *, unsigned char *);
-
-char *progname;
-int nflag = 2;
-int vflag;
-int mflag;
-int zflag;
-int pid;
-int mit_des_debug;
-
-unsigned char cipher_text[64];
-unsigned char clear_text[64] = "Now is the time for all " ;
-unsigned char clear_text2[64] = "7654321 Now is the time for ";
-unsigned char clear_text3[64] = {2,0,0,0, 1,0,0,0};
-unsigned char output[64];
-unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0};
-unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */
-unsigned char *input;
-
-/* 0x0123456789abcdef */
-unsigned char default_key[8] = {
- 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
-};
-unsigned char key2[8] = { 0x08,0x19,0x2a,0x3b,0x4c,0x5d,0x6e,0x7f };
-unsigned char key3[8] = { 0x80,1,1,1,1,1,1,1 };
-mit_des_cblock s_key;
-unsigned char default_ivec[8] = {
- 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
-};
-unsigned char *ivec;
-unsigned char zero_key[8] = {1,1,1,1,1,1,1,1}; /* just parity bits */
-
-unsigned char cipher1[8] = {
- 0x25,0xdd,0xac,0x3e,0x96,0x17,0x64,0x67
-};
-unsigned char cipher2[8] = {
- 0x3f,0xa4,0x0e,0x8a,0x98,0x4d,0x48,0x15
-};
-unsigned char cipher3[64] = {
- 0xe5,0xc7,0xcd,0xde,0x87,0x2b,0xf2,0x7c,
- 0x43,0xe9,0x34,0x00,0x8c,0x38,0x9c,0x0f,
- 0x68,0x37,0x88,0x49,0x9a,0x7c,0x05,0xf6
-};
-unsigned char checksum[8] = {
- 0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33
-};
-
-unsigned char zresult[8] = {
- 0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7
-};
-
-unsigned char mresult[8] = {
- 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96
-};
-
-
-/*
- * Can also add :
- * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?)
- */
-
-mit_des_key_schedule sched;
-
-int
-main(argc,argv)
- int argc;
- char *argv[];
-{
- /* Local Declarations */
- size_t in_length;
- int retval;
- int i, j;
-
-#ifdef WINDOWS
- /* Set screen window buffer to infinite size -- MS default is tiny. */
- _wsetscreenbuf (fileno (stdout), _WINBUFINF);
-#endif
- progname=argv[0]; /* salt away invoking program */
-
- while (--argc > 0 && (*++argv)[0] == '-')
- for (i=1; argv[0][i] != '\0'; i++) {
- switch (argv[0][i]) {
-
- /* debug flag */
- case 'd':
- mit_des_debug=3;
- continue;
-
- case 'z':
- zflag = 1;
- continue;
-
- case 'm':
- mflag = 1;
- continue;
-
- default:
- printf("%s: illegal flag \"%c\" ",
- progname,argv[0][i]);
- exit(1);
- }
- };
-
- if (argc) {
- fprintf(stderr, "Usage: %s [-dmz]\n", progname);
- exit(1);
- }
-
- /* do some initialisation */
-
- /* use known input and key */
-
- /* ECB zero text zero key */
- if (zflag) {
- input = zero_text;
- mit_des_key_sched(zero_key, sched);
- printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n");
- do_encrypt(input,cipher_text);
- printf("\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++)
- printf("%02x ",cipher_text[j]);
- printf("\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) {
- printf("verify: error in zero key test\n");
- exit(-1);
- }
-
- exit(0);
- }
-
- if (mflag) {
- input = msb_text;
- mit_des_key_sched(key3, sched);
- printf("plaintext = 0x00 00 00 00 00 00 00 40, ");
- printf("key = 0x80 01 01 01 01 01 01 01\n");
- printf(" cipher = 0xa380e02a6be54696\n");
- do_encrypt(input,cipher_text);
- printf("\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++) {
- printf("%02x ",cipher_text[j]);
- }
- printf("\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) {
- printf("verify: error in msb test\n");
- exit(-1);
- }
- exit(0);
- }
-
- /* ECB mode Davies and Price */
- {
- input = zero_text;
- mit_des_key_sched(key2, sched);
- printf("Examples per FIPS publication 81, keys ivs and cipher\n");
- printf("in hex. These are the correct answers, see below for\n");
- printf("the actual answers.\n\n");
- printf("Examples per Davies and Price.\n\n");
- printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n");
- printf("\tclear = 0\n");
- printf("\tcipher = 25 dd ac 3e 96 17 64 67\n");
- printf("ACTUAL ECB\n");
- printf("\tclear \"%s\"\n", input);
- do_encrypt(input,cipher_text);
- printf("\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++)
- printf("%02x ",cipher_text[j]);
- printf("\n\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) {
- printf("verify: error in ECB encryption\n");
- exit(-1);
- }
- else
- printf("verify: ECB encryption is correct\n\n");
- }
-
- /* ECB mode */
- {
- mit_des_key_sched(default_key, sched);
- input = clear_text;
- ivec = default_ivec;
- printf("EXAMPLE ECB\tkey = 0123456789abcdef\n");
- printf("\tclear = \"Now is the time for all \"\n");
- printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n");
- printf("ACTUAL ECB\n\tclear \"%s\"",input);
- do_encrypt(input,cipher_text);
- printf("\n\tcipher = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++) {
- printf("%02x ",cipher_text[j]);
- }
- printf("\n\n");
- do_decrypt(output,cipher_text);
- if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) {
- printf("verify: error in ECB encryption\n");
- exit(-1);
- }
- else
- printf("verify: ECB encryption is correct\n\n");
- }
-
- /* CBC mode */
- printf("EXAMPLE CBC\tkey = 0123456789abcdef");
- printf("\tiv = 1234567890abcdef\n");
- printf("\tclear = \"Now is the time for all \"\n");
- printf("\tcipher =\te5 c7 cd de 87 2b f2 7c\n");
- printf("\t\t\t43 e9 34 00 8c 38 9c 0f\n");
- printf("\t\t\t68 37 88 49 9a 7c 05 f6\n");
-
- printf("ACTUAL CBC\n\tclear \"%s\"\n",input);
- in_length = strlen((char *)input);
- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input,
- (mit_des_cblock *) cipher_text,
- (size_t) in_length,
- sched,
- ivec,
- MIT_DES_ENCRYPT))) {
- com_err("des verify", retval, "can't encrypt");
- exit(-1);
- }
- printf("\tciphertext = (low to high bytes)\n");
- for (i = 0; i <= 2; i++) {
- printf("\t\t");
- for (j = 0; j <= 7; j++) {
- printf("%02x ",cipher_text[i*8+j]);
- }
- printf("\n");
- }
- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text,
- (mit_des_cblock *) clear_text,
- (size_t) in_length,
- sched,
- ivec,
- MIT_DES_DECRYPT))) {
- com_err("des verify", retval, "can't decrypt");
- exit(-1);
- }
- printf("\tdecrypted clear_text = \"%s\"\n",clear_text);
-
- if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) {
- printf("verify: error in CBC encryption\n");
- exit(-1);
- }
- else
- printf("verify: CBC encryption is correct\n\n");
-
- printf("EXAMPLE CBC checksum");
- printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n");
- printf("\tclear =\t\t\"7654321 Now is the time for \"\n");
- printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, ");
- printf("or some part thereof\n");
- input = clear_text2;
- mit_des_cbc_cksum(input,cipher_text, strlen((char *)input),
- sched,ivec);
- printf("ACTUAL CBC checksum\n");
- printf("\t\tencrypted cksum = (low to high bytes)\n\t\t");
- for (j = 0; j<=7; j++)
- printf("%02x ",cipher_text[j]);
- printf("\n\n");
- if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) {
- printf("verify: error in CBC cheksum\n");
- exit(-1);
- }
- else
- printf("verify: CBC checksum is correct\n\n");
-
- exit(0);
-}
-
-#if 0
-void
-flip(array)
- char *array;
-{
- register int old,new,i,j;
- /* flips the bit order within each byte from 0 lsb to 0 msb */
- for (i = 0; i<=7; i++) {
- old = *array;
- new = 0;
- for (j = 0; j<=7; j++) {
- if (old & 01)
- new = new | 01;
- if (j < 7) {
- old = old >> 1;
- new = new << 1;
- }
- }
- *array = new;
- array++;
- }
-}
-#endif
-
-static void
-do_encrypt(in,out)
- unsigned char *in;
- unsigned char *out;
-{
- int i, j;
- for (i =1; i<=nflag; i++) {
- mit_des_cbc_encrypt((const mit_des_cblock *)in,
- (mit_des_cblock *)out,
- 8,
- sched,
- zero_text,
- MIT_DES_ENCRYPT);
- if (mit_des_debug) {
- printf("\nclear %s\n",in);
- for (j = 0; j<=7; j++)
- printf("%02X ",in[j] & 0xff);
- printf("\tcipher ");
- for (j = 0; j<=7; j++)
- printf("%02X ",out[j] & 0xff);
- }
- }
-}
-
-static void
-do_decrypt(in,out)
- unsigned char *out;
- unsigned char *in;
- /* try to invert it */
-{
- int i, j;
- for (i =1; i<=nflag; i++) {
- mit_des_cbc_encrypt((const mit_des_cblock *)out,
- (mit_des_cblock *)in,
- 8,
- sched,
- zero_text,
- MIT_DES_DECRYPT);
- if (mit_des_debug) {
- printf("clear %s\n",in);
- for (j = 0; j<=7; j++)
- printf("%02X ",in[j] & 0xff);
- printf("\tcipher ");
- for (j = 0; j<=7; j++)
- printf("%02X ",out[j] & 0xff);
- }
- }
-}
-
-/*
- * Fake out the DES library, for the purposes of testing.
- */
-
-int
-mit_des_is_weak_key(key)
- mit_des_cblock key;
-{
- return 0; /* fake it out for testing */
-}
diff --git a/src/lib/crypto/des/weak_key.c b/src/lib/crypto/des/weak_key.c
deleted file mode 100644
index 2eab9f543..000000000
--- a/src/lib/crypto/des/weak_key.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * lib/crypto/des/weak_key.c
- *
- * Copyright 1989,1990 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- *
- * Under U.S. law, this software may not be exported outside the US
- * without license from the U.S. Commerce department.
- *
- * These routines form the library interface to the DES facilities.
- *
- * Originally written 8/85 by Steve Miller, MIT Project Athena.
- */
-
-#include "k5-int.h"
-#include "des_int.h"
-
-/*
- * The following are the weak DES keys:
- */
-static const mit_des_cblock weak[16] = {
- /* weak keys */
- {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
- {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe},
- {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e},
- {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1},
-
- /* semi-weak */
- {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe},
- {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01},
-
- {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1},
- {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e},
-
- {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1},
- {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01},
-
- {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe},
- {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e},
-
- {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e},
- {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01},
-
- {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe},
- {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1}
-};
-
-/*
- * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key.
- *
- * Requires: key has correct odd parity.
- */
-int
-mit_des_is_weak_key(mit_des_cblock key)
-{
- unsigned int i;
- const mit_des_cblock *weak_p = weak;
-
- for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) {
- if (!memcmp(weak_p++,key,sizeof(mit_des_cblock)))
- return 1;
- }
-
- return 0;
-}
generated by cgit (git 2.34.1) at 2026-01-08 03:57:35 +0000