diff options
Diffstat (limited to 'src/lib/crypto/des')
| -rw-r--r-- | src/lib/crypto/des/Makefile.in | 38 | ||||
| -rw-r--r-- | src/lib/crypto/des/configure.in | 3 | ||||
| -rw-r--r-- | src/lib/crypto/des/des.c | 463 | ||||
| -rw-r--r-- | src/lib/crypto/des/destest.c | 138 | ||||
| -rw-r--r-- | src/lib/crypto/des/f_cbc.c | 20 | ||||
| -rw-r--r-- | src/lib/crypto/des/f_cksum.c | 15 | ||||
| -rw-r--r-- | src/lib/crypto/des/key_parity.c | 73 | ||||
| -rw-r--r-- | src/lib/crypto/des/make_e.c | 58 | ||||
| -rw-r--r-- | src/lib/crypto/des/make_fp.c | 80 | ||||
| -rw-r--r-- | src/lib/crypto/des/make_ip.c | 71 | ||||
| -rw-r--r-- | src/lib/crypto/des/make_kp.c | 222 | ||||
| -rw-r--r-- | src/lib/crypto/des/make_odd.c | 61 | ||||
| -rw-r--r-- | src/lib/crypto/des/make_p.c | 66 | ||||
| -rw-r--r-- | src/lib/crypto/des/make_pt.c | 81 | ||||
| -rw-r--r-- | src/lib/crypto/des/make_s.c | 49 | ||||
| -rw-r--r-- | src/lib/crypto/des/make_st.c | 83 | ||||
| -rw-r--r-- | src/lib/crypto/des/misc.c | 366 | ||||
| -rw-r--r-- | src/lib/crypto/des/tables.h | 122 | ||||
| -rw-r--r-- | src/lib/crypto/des/verify.c | 37 |
19 files changed, 153 insertions, 1893 deletions
diff --git a/src/lib/crypto/des/Makefile.in b/src/lib/crypto/des/Makefile.in index 196ffc91f..8f475bc27 100644 --- a/src/lib/crypto/des/Makefile.in +++ b/src/lib/crypto/des/Makefile.in @@ -1,18 +1,22 @@ CFLAGS = $(CCOPTS) $(DEFS) LDFLAGS = -g +ISODELIB=@ISODELIB@ +COMERRLIB=$(BUILDTOP)/util/et/libcom_err.a + all:: $(OBJS) +KLIB = $(TOPLIBD)/libkrb5.a $(TOPLIBD)/libcrypto.a $(ISODELIB) $(COMERRLIB) +DEPKLIB = $(TOPLIBD)/libkrb5.a $(TOPLIBD)/libcrypto.a $(COMERRLIB) + OTHERSRCS=$(srcdir)/f_cbc.c $(srcdir)/f_cksum.c $(srcdir)/f_pcbc.c \ $(srcdir)/f_sched.c $(srcdir)/f_ecb.c $(srcdir)/f_parity.c \ $(srcdir)/f_tables.c OTHEROBJS=f_cbc.o f_cksum.o f_pcbc.o f_sched.o f_ecb.o f_parity.o f_tables.o -OBJS= cksum.o \ - cbc_cksum.o \ +OBJS= cbc_cksum.o \ cs_entry.o \ - enc_dec.o \ krb_glue.o \ finish_key.o \ fin_rndkey.o \ @@ -25,10 +29,8 @@ OBJS= cksum.o \ weak_key.o \ $(OTHEROBJS) -SRCS= $(srcdir)/cksum.c \ - $(srcdir)/cs_entry.c \ +SRCS= $(srcdir)/cs_entry.c \ $(srcdir)/cbc_cksum.c \ - $(srcdir)/enc_dec.c \ $(srcdir)/krb_glue.c \ $(srcdir)/finish_key.c \ $(srcdir)/fin_rndkey.c \ @@ -49,22 +51,20 @@ depend:: $(SRCS) clean:: $(RM) fp.c ip.c key_perm.h odd.h p.c p_table.h s_table.h -EXT_LIB = $(TOP)/lib/krb5/error_tables/krb5_err.o \ - $(TOP)/lib/krb5/error_tables/isode_err.o \ - $(TOP)/lib/crypto/cryptoconf.o \ - $(TOP)/lib/crypto/crc-32/libcrc32.a \ - libdes.a $(OSLIB) $(COMERRLIB) - -verify: verify.o libdes.o - $(RM) verify.o - $(CC) -o $@ verify.o $(LDFLAGS) $(EXT_LIB) +verify: verify.o $(DEPKLIB) + $(CC) -o $@ verify.o $(KLIB) $(LIBS) $(LDFLAGS) clean:: - $(RM) verify + $(RM) verify destest + +destest: destest.o $(DEPKLIB) + $(CC) -o $@ destest.o $(KLIB) $(LIBS) $(LDFLAGS) -destest: destest.o libdes.o - $(RM) destest.o - $(CC) -o $@ destest.o $(LDFLAGS) $(EXT_LIB) +check:: destest verify + ./verify -z + ./verify -m + ./verify + ./destest < $(srcdir)/keytest.data clean:: $(RM) destest diff --git a/src/lib/crypto/des/configure.in b/src/lib/crypto/des/configure.in index 52832f2ac..344288171 100644 --- a/src/lib/crypto/des/configure.in +++ b/src/lib/crypto/des/configure.in @@ -2,6 +2,9 @@ AC_INIT(configure.in) WITH_CCOPTS AC_SET_BUILDTOP CONFIG_RULES +AC_HAVE_LIBRARY(socket) +AC_HAVE_LIBRARY(nsl) SubdirLibraryRule([${OBJS}]) KRB_INCLUDE +ISODE_INCLUDE AC_OUTPUT(Makefile,[EXTRA_RULES]) diff --git a/src/lib/crypto/des/des.c b/src/lib/crypto/des/des.c deleted file mode 100644 index af04eb195..000000000 --- a/src/lib/crypto/des/des.c +++ /dev/null @@ -1,463 +0,0 @@ -/* - * lib/crypto/des/des.c - * - * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute - * of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * These routines perform encryption and decryption using the DES - * private key algorithm, or else a subset of it-- fewer inner loops. - * (AUTH_DES_ITER defaults to 16, may be less.) - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * The key schedule is passed as an arg, as well as the cleartext or - * ciphertext. - * - * All registers labeled imply Vax using the Ultrix or 4.2bsd - * compiler. - * - * - * NOTE: bit and byte numbering: - * DES algorithm is defined in terms of bits of L - * followed by bits of R. - * bit 0 ==> lsb of L - * bit 63 ==> msb of R - * - * Always work in register pairs, FROM L1,R1 TO L2,R2 to make - * bookkeeping easier. - * - * originally written by Steve Miller, MIT Project Athena - */ - - - -#include <krb5/krb5.h> -#include <krb5/ext-proto.h> -#include "des_int.h" -#include "s_table.h" -#include "p_table.h" - -#ifdef DEBUG -#define DBG_PRINT(s) if (mit_des_debug & 2) \ - mit_des_debug_print(s,i,L1&0xffff,(L1>>16)&0xffff, \ - R1&0xffff,(R1>>16)&0xffff) -#else -#define DBG_PRINT(s) -#endif - -extern int mit_des_debug; - -int -mit_des_ecb_encrypt(clear, cipher, schedule, encrypt) - unsigned long *clear; - unsigned long *cipher; - int encrypt; /* 0 ==> decrypt, else encrypt */ - register mit_des_key_schedule schedule; /* r11 */ -{ - - /* better pass 8 bytes, length not checked here */ - - register unsigned long R1, L1; /* R1 = r10, L1 = r9 */ - register unsigned long R2, L2; /* R2 = r8, L2 = r7 */ - long i; - /* one more registers left on VAX, see below P_temp_p */ -#ifdef BITS16 - sbox_in_16_a S_in_16_a; - sbox_in_16_b S_in_16_b; - sbox_in_16_c S_in_16_c; - unsigned int *S_in_a_16_p = (unsigned int *) &S_in_16_a; - unsigned int *S_in_b_16_p = (unsigned int *) &S_in_16_b; - unsigned int *S_in_c_16_p = (unsigned int *) &S_in_16_c; -#endif -#ifndef BITS32 -#ifndef BITS16 - dunno how to do this machine type, you lose; -#endif -#endif - unsigned long P_temp; - register unsigned char *P_temp_p = (unsigned char *) & P_temp; -#ifdef BITS16 - sbox_out S_out; - unsigned long *S_out_p = (unsigned long *) &S_out; -#endif - unsigned long R_save, L_save; -#ifdef DEBUG - unsigned long dbg_tmp[2]; -#endif - - /* - * Use L1,R1 and L2,R2 as two sets of "64-bit" registers always - * work from L1,R1 input to L2,R2 output; initialize the cleartext - * into registers. - */ -#ifdef MUSTALIGN -#ifdef DEBUG - /* - * If the alignment is wrong, the programmer really screwed up -- - * we aren't even getting the right data type. His problem. Keep - * this code for debugging. - */ - /* Make sure schedule is ok */ - if ((long) schedule & 3) { - fprintf(stderr,"des.c schedule arg pointer not aligned\n"); - abort(); - } -#endif - if ((long) clear & 3) { - memcpy((char *)&L_save,(char *)clear++,sizeof(L_save)); - memcpy((char *)&R_save,(char *)clear,sizeof(R_save)); - L1 = L_save; - R1 = R_save; - } - else -#endif - { - if (clear) L1 = *clear++; - else L1 = 0; - if (clear) R1 = *clear; - else R1 = 0; - } - -#ifdef DEBUG - if (mit_des_debug & 2) { - printf("All values printed from low byte (bit 0)"); - printf(" --> high byte (bit 63)\n"); - i = 0; - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - printf("iter = %2d before IP\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } - - DBG_PRINT("before IP"); -#endif - -/* IP_start:*/ - - /* all the Initial Permutation code is in the include file */ -#include "ip.c" - /* reset input to L1,R1 */ - L1 = L2; - R1 = R2; - - /* iterate through the inner loop */ - for (i = 0; i <= (AUTH_DES_ITER-1); i++) { - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - printf("iter = %2d start loop\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - DBG_PRINT("start loop"); - } - -#endif - - R_save = R1; - L_save = L1; - -/* E_start:*/ - /* apply the E permutation from R1 to L2, R2 */ -#ifndef VAXASM -#ifdef SLOW_E -#include "e.c" -#else /* Bill's fast E */ - L2 = (R1 << 1); - if (R1 & (1<<31)) - L2 |= 1<<0; - L2 &= 077; - L2 |= (R1 <<3) & 07700; - L2 |= (R1 <<5) & 0770000; - L2 |= (R1 <<7) & 077000000; - L2 |= (R1 <<9) & 07700000000; - L2 |= (R1 <<11) & 030000000000; - - /* now from right to right */ - - R2 = ((R1 >> 17) & 0176000); - if (R1 & (1<<0)) R2 |= 1<<15; - - R2 |= ((R1 >> 21) & 017); - R2 |= ((R1 >> 19) & 01760); -#endif /* SLOW_E */ -#else /* VAXASM */ - /* E operations */ - /* right to left */ - asm(" rotl $1,r10,r7"); - L2 &= 077; - L2 |= (R1 <<3) & 07700; - L2 |= (R1 <<5) & 0770000; - L2 |= (R1 <<7) & 077000000; - L2 |= (R1 <<9) & 07700000000; - L2 |= (R1 <<11) & 030000000000; - - asm(" rotl $-17,r10,r8"); - R2 &= 0176000; - asm(" rotl $-21,r10,r0"); - asm(" bicl2 $-16,r0"); - asm(" bisl2 r0,r8"); - asm(" rotl $-19,r10,r0"); - asm(" bicl2 $-1009,r0"); - asm(" bisl2 r0,r8"); - -#endif - - /* reset input to L1,R1 */ - L1 = L2; - R1 = R2; - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("after e"); - printf("iter = %2d after e\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } -#endif - -/* XOR_start:*/ - /* - * XOR with the key schedule, "schedule" - * - * If this is an encryption operation, use schedule[i], - * otherwise use schedule [AUTH_DES_ITER-i-1] - * - * First XOR left half. - */ - if (encrypt) { - L1 ^= *(((unsigned long *) &schedule[i] )+0); - /* now right half */ - R1 ^= *(((unsigned long *) &schedule[i] )+1); - } - else { - L1 ^= *(((unsigned long *) &schedule[AUTH_DES_ITER-i-1] )+0); - /* now right half */ - R1 ^= *(((unsigned long *) &schedule[AUTH_DES_ITER-i-1] )+1); - } - - /* dont have to reset input to L1, R1 */ - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("after xor"); - printf("iter = %2d after xor\n\t\tL1 R1 =",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } -#endif - -/* S_start:*/ - /* apply the S selection from L1, R1 to R2 */ - -#ifdef notdef -#include "s.c" -#endif - - /* S operations , cant use registers for bit field stuff */ - /* from S_in to S_out */ - -#ifdef BITS16 - *S_in_a_16_p = L1&0xffff; - *S_in_b_16_p = (L1>>16)&0xffff; - *S_in_c_16_p = R1&0xffff; - (*(unsigned long *) &S_out) = - (unsigned) S_adj[0][S_in_16_a.b0]; - S_out.b1 = (unsigned) S_adj[1][S_in_16_a.b1]; - /* b2 spans two words */ - S_out.b2 = (unsigned) - S_adj[2][(unsigned) S_in_16_a.b2 - + (((unsigned) S_in_16_b.b2) << 4)]; - S_out.b3 = (unsigned) S_adj[3][S_in_16_b.b3]; - S_out.b4 = (unsigned) S_adj[4][S_in_16_b.b4]; - /* b5 spans both parts */ - S_out.b5 = (unsigned) - S_adj[5][(unsigned) S_in_16_b.b5 - + (((unsigned) S_in_16_c.b5) << 2)]; - S_out.b6 = (unsigned) S_adj[6][S_in_16_c.b6]; - S_out.b7 = (unsigned) S_adj[7][S_in_16_c.b7]; - R1 = *S_out_p; -#else - /* is a 32 bit sys */ -#ifndef VAXASM - R2 = (unsigned) S_adj[0][L1 & 077]; - L2 = (unsigned) S_adj[1][(L1 >> 6) & 077]; - R2 |= (L2 <<4 ); - L2 = (unsigned) S_adj[2][(L1 >> 12) & 077]; - R2 |= (L2 <<8); - L2 = (unsigned) S_adj[3][(L1 >> 18) & 077]; - R2 |= (L2 <<12); - L2 = (unsigned) S_adj[4][(L1 >> 24) & 077]; - R2 |= (L2 <<16); - /* b5 spans both parts */ - L2 = (unsigned) - S_adj[5][(unsigned) ((L1 >>30) & 03) + ((R1 & 017) << 2)]; - R2 |= (L2 << 20); - L2 = (unsigned) S_adj[6][(R1 >> 4) & 077]; - R2 |= (L2 <<24); - L2 = (unsigned) S_adj[7][(R1 >> 10) & 077]; - R1 = R2 | (L2 <<28); - /* reset input to L1, R1 */ -#else /* vaxasm */ - /* - * this is the c code produced above, with - * extzv replaced by rotl - */ - asm("bicl3 $-64,r9,r0"); - asm("movzbl _S_adj[r0],r8"); - asm("rotl $-6,r9,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+64[r0],r7"); - asm("ashl $4,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-12,r9,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+128[r0],r7"); - asm("ashl $8,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-18,r9,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+192[r0],r7"); - asm("ashl $12,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-24,r9,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+256[r0],r7"); - asm("ashl $16,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-30,r9,r0"); - asm("bicl2 $-4,r0"); - asm("bicl3 $-16,r10,r1"); - asm("ashl $2,r1,r1"); - asm("addl2 r1,r0"); - asm("movzbl _S_adj+320[r0],r7"); - asm("ashl $20,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-4,r10,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+384[r0],r7"); - asm("ashl $24,r7,r0"); - asm("bisl2 r0,r8"); - asm("rotl $-10,r10,r0"); - asm("bicl2 $-64,r0"); - asm("movzbl _S_adj+448[r0],r7"); - asm("ashl $28,r7,r0"); - asm("bisl2 r8,r0"); - asm("movl r0,r10"); - -#endif /* vaxasm */ -#endif - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("after s"); - printf("iter = %2d after s\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } -#endif - -/* P_start:*/ - /* and then the p permutation from R1 into R2 */ -#include "p.c" - /* reset the input to L1, R1 */ - R1 = R2; - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("after p"); - printf("iter = %2d after p\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } -#endif - - /* R1 is the output value from the f() */ - /* move R[iter] to L[iter+1] */ -/* XOR_2_start:*/ - L1 = R_save; - /* xor with left */ - R1 = L_save ^ R1; - /* reset the input */ - } - - /* flip left and right before final permutation */ - L2 = R1; /* flip */ - R2 = L1; - /* reset the input */ - L1 = L2; - R1 = R2; - -#ifdef DEBUG - if (mit_des_debug & 2) { - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("before FP"); - printf("iter = %2d before FP\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } - -#endif - -/*FP_start:*/ - /* do the final permutation from L1R1 to L2R2 */ - /* all the fp code is in the include file */ -#include "fp.c" - - /* copy the output to the ciphertext string; - * can be same as cleartext - */ - -#ifdef MUSTALIGN - if ((long) cipher & 3) { - L_save = L2; /* cant bcopy a reg */ - R_save = R2; - memcpy((char *)cipher++,(char *)&L_save,sizeof(L_save)); - memcpy((char *)cipher,(char *)&R_save,sizeof(R_save)); - } - else -#endif - { - *cipher++ = L2; - *cipher = R2; - } - -#ifdef DEBUG - if (mit_des_debug & 2) { - L1 = L2; - R1 = R2; - dbg_tmp[0] = L1; - dbg_tmp[1] = R1; - DBG_PRINT("done"); - printf("iter = %2d done\n\t\tL1 R1 = ",i); - mit_des_cblock_print_file (dbg_tmp, stdout); - } -#endif - - /* that's it, no errors can be returned */ - return 0; -} - diff --git a/src/lib/crypto/des/destest.c b/src/lib/crypto/des/destest.c index a3824be66..19075354b 100644 --- a/src/lib/crypto/des/destest.c +++ b/src/lib/crypto/des/destest.c @@ -25,21 +25,13 @@ */ -/* - * -DBSD_DES will test the BSD DES library. - * without, it will test the MIT DES implementation. - */ - -#ifndef BSD_DES #include <krb5/krb5.h> #include <krb5/mit-des.h> #include <krb5/ext-proto.h> #include <com_err.h> extern int errno; -extern krb5_cryptosystem_entry mit_des_cryptosystem_entry; extern mit_des_ecb_encrypt(); -#endif #include <stdio.h> @@ -53,41 +45,23 @@ char *argv[]; { char block1[17], block2[17], block3[17]; -#ifdef BSD_DES - char oldkey[65], oldinput[65], oldoutput[65]; -#else krb5_encrypt_block eblock; krb5_keyblock keyblock; mit_des_cblock key, input, output, output2; krb5_error_code retval; -#endif + int num = 0; int error = 0; -#ifndef BSD_DES /* do some initialisation */ initialize_krb5_error_table(); - eblock.crypto_entry = &mit_des_cryptosystem_entry; + krb5_use_cstype(&eblock, ETYPE_DES_CBC_CRC); keyblock.keytype = KEYTYPE_DES; keyblock.length = sizeof (mit_des_cblock); keyblock.contents = (krb5_octet *)key; -#endif while (scanf("%16s %16s %16s", block1, block2, block3) == 3) { -#ifdef BSD_DES - convert(block1, oldkey); - convert(block2, oldinput); - convert(block3, oldoutput); - setkey(oldkey); - encrypt(oldinput, 0); - if (strncmp(oldinput, oldoutput, 64)) { - fprintf(stderr, - "DES ERROR, key %s, text %s\n\treal cipher %s\n\tcomputed %s\n", - block1, block2, oldoutput, oldinput); - error++; - } -#else convert(block1, key); convert(block2, input); convert(block3, output); @@ -101,7 +75,22 @@ char *argv[]; if (memcmp((char *)output2, (char *)output, 8)) { fprintf(stderr, - "DES ERROR, key %s, text %s, real cipher %s, computed %02X%02X%02X%02X%02X%02X%02X%02X\n", + "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n", + block1, block2, block3, + output2[0],output2[1],output2[2],output2[3], + output2[4],output2[5],output2[6],output2[7]); + error++; + } + + /* + * Now try decrypting.... + */ + mit_des_ecb_encrypt(output, output2, + (struct mit_des_ks_struct *)eblock.priv,0); + + if (memcmp((char *)output2, (char *)input, 8)) { + fprintf(stderr, + "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n", block1, block2, block3, output2[0],output2[1],output2[2],output2[3], output2[4],output2[5],output2[6],output2[7]); @@ -112,13 +101,13 @@ char *argv[]; com_err("des verify", retval, "can't finish key"); exit(-1); } -#endif + num++; } if (error) printf("destest: failed to pass the test\n"); else - printf("destest: test is passed successfully\n"); + printf("destest: %d tests passed successfully\n", num); exit( (error > 256 && error % 256) ? 1 : error); } @@ -142,32 +131,6 @@ unsigned int value[128] = { -1, -1, -1, -1, -1, -1, -1, -1, }; -#ifdef BSD_DES -char *value2[16] = { - "0000", "0001", "0010", "0011", - "0100", "0101", "0110", "0111", - "1000", "1001", "1010", "1011", - "1100", "1101", "1110", "1111", -}; - -void -convert(text, cblock) -char *text; -char cblock[]; -{ - register int i; - for (i = 0; i < 16; i++) { - if (value[text[i]] == -1) { - printf("Bad value nybble %d in %s\n", i, text); - exit(1); - } - memcpy(&cblock[i*4], value2[value[text[i]]], 4); - } - cblock[64] = 0; - return; -} - -#else void convert(text, cblock) char *text; @@ -183,23 +146,19 @@ unsigned char cblock[]; } return; } -#endif -#ifndef BSD_DES +/* + * Fake out the DES library, for the purposes of testing. + */ + +#include "des.h" + int mit_des_is_weak_key(key) mit_des_cblock key; { return 0; /* fake it out for testing */ } -#endif - -#ifndef __STDC__ -#define const -#endif - -#ifndef BSD_DES -#include "odd.h" void des_cblock_print_file(x, fp) @@ -218,20 +177,45 @@ des_cblock_print_file(x, fp) fprintf(fp," }"); } + +#define smask(step) ((1<<step)-1) +#define pstep(x,step) (((x)&smask(step))^(((x)>>step)&smask(step))) +#define parity_char(x) pstep(pstep(pstep((x),4),2),1) + +/* + * des_check_key_parity: returns true iff key has the correct des parity. + * See des_fix_key_parity for the definition of + * correct des parity. + */ int -des_check_key_parity(key) - register mit_des_cblock key; +mit_des_check_key_parity(key) + register des_cblock key; { int i; + + for (i=0; i<sizeof(des_cblock); i++) { + if ((key[i] & 1) == parity_char(0xfe&key[i])) { + printf("warning: bad parity key:"); + des_cblock_print_file(key, stdout); + putchar('\n'); + + return 1; + } + } - for (i=0; i<sizeof(mit_des_cblock); i++) - if (key[i] != odd_parity[key[i]]) { - printf("warning: bad parity key:"); - des_cblock_print_file(key, stdout); - putchar('\n'); - return(1); - } return(1); } -#endif +void +mit_des_fixup_key_parity(key) + register des_cblock key; +{ + int i; + for (i=0; i<sizeof(des_cblock); i++) + { + key[i] &= 0xfe; + key[i] |= 1^parity_char(key[i]); + } + + return; +} diff --git a/src/lib/crypto/des/f_cbc.c b/src/lib/crypto/des/f_cbc.c index c04f9053e..72a9198e1 100644 --- a/src/lib/crypto/des/f_cbc.c +++ b/src/lib/crypto/des/f_cbc.c @@ -16,6 +16,26 @@ /* * des_cbc_encrypt - {en,de}crypt a stream in CBC mode */ + +/* + * This routine performs DES cipher-block-chaining operation, either + * encrypting from cleartext to ciphertext, if encrypt != 0 or + * decrypting from ciphertext to cleartext, if encrypt == 0. + * + * The key schedule is passed as an arg, as well as the cleartext or + * ciphertext. The cleartext and ciphertext should be in host order. + * + * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not + * enough space was provided, your program will get trashed. + * + * For encryption, the cleartext string is null padded, at the end, to + * an integral multiple of eight bytes. + * + * For decryption, the ciphertext will be used in integral multiples + * of 8 bytes, but only the first "length" bytes returned into the + * cleartext. + */ + int mit_des_cbc_encrypt(in, out, length, schedule, ivec, encrypt) des_cblock *in; diff --git a/src/lib/crypto/des/f_cksum.c b/src/lib/crypto/des/f_cksum.c index 0497b9789..05f092632 100644 --- a/src/lib/crypto/des/f_cksum.c +++ b/src/lib/crypto/des/f_cksum.c @@ -13,6 +13,21 @@ #include "des.h" #include "f_tables.h" +/* + * This routine performs DES cipher-block-chaining checksum operation, + * a.k.a. Message Authentication Code. It ALWAYS encrypts from input + * to a single 64 bit output MAC checksum. + * + * The key schedule is passed as an arg, as well as the cleartext or + * ciphertext. The cleartext and ciphertext should be in host order. + * + * NOTE-- the output is ALWAYS 8 bytes long. If not enough space was + * provided, your program will get trashed. + * + * The input is null padded, at the end (highest addr), to an integral + * multiple of eight bytes. + */ + unsigned long mit_des_cbc_cksum(in, out, length, schedule, ivec) des_cblock *in; diff --git a/src/lib/crypto/des/key_parity.c b/src/lib/crypto/des/key_parity.c deleted file mode 100644 index 796b2e5f4..000000000 --- a/src/lib/crypto/des/key_parity.c +++ /dev/null @@ -1,73 +0,0 @@ -/* - * lib/crypto/des/key_parity.c - * - * Copyright 1989, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * These routines check and fix parity of encryption keys for the DES - * algorithm. - * - * Under U.S. law, this software may not be exported outside the US - * without license from the U.S. Commerce department. - * - * These routines form the library interface to the DES facilities. - * - */ - - -#include <krb5/krb5.h> -#include "des_int.h" - -#include "odd.h" /* Load compile-time generated odd_parity table */ - -/* - * des_fixup_key_parity: Forces odd parity per byte; parity is bits - * 8,16,...64 in des order, implies 0, 8, 16, ... - * vax order. - */ -void -mit_des_fixup_key_parity(key) - register mit_des_cblock key; -{ - int i; - - for (i=0; i<sizeof(mit_des_cblock); i++) - key[i] = odd_parity[key[i]]; - - return; -} - -/* - * des_check_key_parity: returns true iff key has the correct des parity. - * See des_fix_key_parity for the definition of - * correct des parity. - */ -int -mit_des_check_key_parity(key) - register mit_des_cblock key; -{ - int i; - - for (i=0; i<sizeof(mit_des_cblock); i++) - if (key[i] != odd_parity[key[i]]) - return(0); - - return(1); -} diff --git a/src/lib/crypto/des/make_e.c b/src/lib/crypto/des/make_e.c deleted file mode 100644 index d519cc08b..000000000 --- a/src/lib/crypto/des/make_e.c +++ /dev/null @@ -1,58 +0,0 @@ -/* - * lib/crypto/des/make_e.c - * - * Copyright 1987, 1988, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This routine generates source code that implements the "E" - * operations of the DES. - */ - - -#include <krb5/krb5.h> -#include <stdio.h> -#include "des_int.h" -#include "tables.h" - -void gen(stream) - FILE *stream; -{ - register i; - - /* clear the output */ - fprintf(stream, " L2 = 0; R2 = 0;\n"); - - /* only take bits from R1, put into either L2 or R2 */ - /* first setup E */ - fprintf(stream, "/* E operations */\n/* right to left */\n"); - /* first list mapping from left to left */ - - for (i = 0; i <= 31; i++) - if (E[i] < 32) - fprintf(stream, - " if (R1 & (1<<%2d)) L2 |= 1<<%2d;\n", E[i], i); - - fprintf(stream, "\n/* now from right to right */\n"); - /* list mapping from left to right */ - for (i = 32; i <= 47; i++) - if (E[i] <32) - fprintf(stream, " if (R1 & (1<<%2d)) R2 |= 1<<%2d;\n", - E[i], i-32); -} diff --git a/src/lib/crypto/des/make_fp.c b/src/lib/crypto/des/make_fp.c deleted file mode 100644 index 500ea8516..000000000 --- a/src/lib/crypto/des/make_fp.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * lib/crypto/des/make_fp.c - * - * Copyright 1988, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This file contains a generation routine for source code - * implementing the final permutation of the DES. - */ - - -#include <krb5/krb5.h> -#include <stdio.h> -#include <krb5/ext-proto.h> -#include "des_int.h" -#include "tables.h" - -void gen (stream) - FILE * stream; -{ - register i; - - /* clear the output */ - fprintf(stream," L2 = 0; R2 = 0;\n"); - - /* - * NOTE: As part of the final permutation, we also have to adjust - * for host bit order via "swap_bit_pos_0()". Since L2,R2 are - * the output from this, we adjust the bit positions written into - * L2,R2. - */ - -#define SWAP(i,j) \ - swap_long_bytes_bit_number(swap_bit_pos_0_to_ansi((unsigned)i)-j) - - /* first setup FP */ - fprintf(stream, - "/* FP operations */\n/* first left to left */\n"); - - /* first list mapping from left to left */ - for (i = 0; i <= 31; i++) - if (FP[i] < 32) - test_set(stream, "L1", FP[i], "L2", SWAP(i,0)); - - /* now mapping from right to left */ - fprintf(stream,"\n\n/* now from right to left */\n"); - for (i = 0; i <= 31; i++) - if (FP[i] >= 32) - test_set(stream, "R1", FP[i]-32, "L2", SWAP(i,0)); - - fprintf(stream,"\n/* now from left to right */\n"); - - /* list mapping from left to right */ - for (i = 32; i <= 63; i++) - if (FP[i] <32) - test_set(stream, "L1", FP[i], "R2", SWAP(i,32)); - - /* now mapping from right to right */ - fprintf(stream,"\n/* last from right to right */\n"); - for (i = 32; i <= 63; i++) - if (FP[i] >= 32) - test_set(stream, "R1", FP[i]-32, "R2", SWAP(i,32)); -} diff --git a/src/lib/crypto/des/make_ip.c b/src/lib/crypto/des/make_ip.c deleted file mode 100644 index 5c0113f7e..000000000 --- a/src/lib/crypto/des/make_ip.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * lib/crypto/des/make_ip.c - * - * Copyright 1987, 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This routine generates source code implementing the initial - * permutation of the DES. - */ - - -#include <krb5/krb5.h> -#include <stdio.h> -#include "des_int.h" -#include "tables.h" - - -#define SWAP(x) swap_long_bytes_bit_number(swap_bit_pos_0_to_ansi(x)) - -void gen(stream) - FILE *stream; -{ - register i; - - /* clear the output */ - fprintf(stream," L2 = 0; R2 = 0;\n"); - - /* first setup IP */ - fprintf(stream,"/* IP operations */\n/* first left to left */\n"); - - /* first list mapping from left to left */ - for (i = 0; i <= 31; i++) - if (IP[i] < 32) - test_set(stream, "L1", SWAP(IP[i]), "L2", i); - - /* now mapping from right to left */ - fprintf(stream,"\n/* now from right to left */\n"); - for (i = 0; i <= 31; i++) - if (IP[i] >= 32) - test_set(stream, "R1", SWAP(IP[i]-32), "L2", i); - - fprintf(stream,"\n/* now from left to right */\n"); - /* list mapping from left to right */ - for (i = 32; i <= 63; i++) - if (IP[i] <32) - test_set(stream, "L1", SWAP(IP[i]), "R2", i-32); - - /* now mapping from right to right */ - fprintf(stream,"\n/* last from right to right */\n"); - for (i = 32; i <= 63; i++) - if (IP[i] >= 32) - test_set(stream, "R1", SWAP(IP[i]-32), "R2", i-32); - exit(0); -} diff --git a/src/lib/crypto/des/make_kp.c b/src/lib/crypto/des/make_kp.c deleted file mode 100644 index 42cfe8c4d..000000000 --- a/src/lib/crypto/des/make_kp.c +++ /dev/null @@ -1,222 +0,0 @@ -/* - * lib/crypto/des/make_kp.c - * - * Copyright 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This routine calculates an effective Key schedule set of - * permutations for des. Beginning with the pre-defined key schedule - * algorithm, it reduces it to a set of 16 permutations upon the - * initial key. Only needs to execute once to produce a header file. - * Note that we subtract one from the values ouput to fix up for C - * subscripts starting at 0. - */ - -#include <krb5/krb5.h> -#include <stdio.h> -#include "des_int.h" - - -char *progname; -extern int errno; -int sflag; -int vflag; -int dflag; -int pid; -int child_status; - -int key_position[64+1]; -int C[28+1]; -int D[28+1]; -int C_temp, D_temp; - -/* - * CONVENTIONS for numbering the bits - * bit 0 ==> lsb - * L starts at bit 0 - * R starts at bit 64 - * - * BEWARE-- some stuff starts at 0, some at 1; perhaps some bugs still? - */ - -/* - * Sequence of shifts used for the key schedule. - */ -int shift[16+1] = { 0, - 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1, -}; - -int pc_1[64+1] = { 0, - - 57,49,41,33,25,17, 9, - 1,58,50,42,34,26,18, - 10, 2,59,51,43,35,27, - 19,11, 3,60,52,44,36, - - 63,55,47,39,31,23,15, - 7,62,54,46,38,30,22, - 14, 6,61,53,45,37,29, - 21,13, 5,28,20,12, 4, -}; - - -/* - * Permuted-choice 2, to pick out the bits from - * the CD array that generate the key schedule. - */ -int pc_2[48+1] = { 0, - - 14,17,11,24, 1, 5, - 3,28,15, 6,21,10, - 23,19,12, 4,26, 8, - 16, 7,27,20,13, 2, - - 41,52,31,37,47,55, - 30,40,51,45,33,48, - 44,49,39,56,34,53, - 46,42,50,36,29,32, -}; - -int ks_perm[16+1][48+1]; - -int mit_des_debug; - -void gen(stream) - FILE *stream; -{ - /* Local Declarations */ - register i, j, iter; - - /* - * initialize the key_position array s.t. key_position[i] = i; - * that is, each element is equal to its starting position. - * - * Also adjust for the bit order within bytes. - */ - - for (i=0; i<65; i++) - key_position[i]= swap_bit_pos_1(i); - - fprintf(stream,"static int const key_perm[16][48] = {\n"); - - /* - * apply pc_1 to initial key_position to create C[0] and D[0] - * Start at pc_1[1], not pc_1[0] - */ - for (i=1; i<=28; i++) { - C[i] = key_position[pc_1[i]]; - D[i] = key_position[pc_1[i+28]]; - } - - /* - * major loop over the 16 iterations - * start at iter = 1, not zero. - */ - for (iter = 1; iter <= 16; iter++) { - if (mit_des_debug) { - /* for debugging */ - printf( - "/* DEBUG-- start iteration = %d shifts = %d", - iter, shift[iter]); - printf("\nC array"); - for (i = 1; i <=4 ; i++) { - printf("\n"); - for (j = 1; j<=7; j++) - printf("%d, ",C[(i-1)*7+j]); - } - printf("\n\nD array"); - for (i = 1; i <=4 ; i++) { - printf("\n"); - for (j = 1; j<=7; j++) - printf("%d, ",D[(i-1)*7+j]); - } - printf("\n */"); - fflush(stdout); - } - - /* apply the appropriate left shifts */ - for (i = 1; i <= shift[iter]; i++) { - C_temp = C[1]; - D_temp = D[1]; - for (j =1; j<=27; j++) { - C[j] = C[j+1]; - D[j] = D[j+1]; - } - C[j] = C_temp; - D[j] = D_temp; - } - - - if (mit_des_debug) { - /* for debugging */ - printf("/* DEBUG:\n"); - printf(" * after shifts, iteration = %d shifts = %d", - iter, shift[iter]); - printf("\nC array"); - for (i = 1; i <=4 ; i++) { - printf("\n"); - for (j = 1; j<=7; j++) - printf("%d, ",C[(i-1)*7+j]); - } - printf("\n\nD array"); - for (i = 1; i <=4 ; i++) { - printf("\n"); - for (j = 1; j<=7; j++) - printf("%d, ",D[(i-1)*7+j]); - } - printf("\n */"); - fflush(stdout); - } - - /* - * apply pc_2 - * Start at pc_2[1], not pc_2[0] - * - * Start stuffing ks_perm[1][1], not ks_perm[0][0] - * - * Adjust ks_perm for bit order if needed. - */ - for (i = 1; i <= 48; i++) { - if (pc_2[i] <= 28) - ks_perm[iter][(i)] = C[pc_2[i]]; - else - ks_perm[iter][(i)] = D[pc_2[i]-28]; - } - - /* now output the resulting key permutation */ - fprintf(stream, " /* ks permutation iteration = %2d */", - iter); - for (i = 1; i <= 6; i++) { - fprintf(stream, "\n "); - for (j = 1; j <= 8; j++) { - /* - * IMPORTANT -- subtract one from value to adjust to a - * zero-based subscript for key - */ - fprintf(stream, "%d", ks_perm[iter][(i-1)*8+j]-1); - /* omit last comma */ - if ((j != 8) || (i != 6) || (iter != 16)) { - fprintf(stream,", "); - } - } - } - } - fprintf(stream,"\n};\n"); -} diff --git a/src/lib/crypto/des/make_odd.c b/src/lib/crypto/des/make_odd.c deleted file mode 100644 index 9405e8448..000000000 --- a/src/lib/crypto/des/make_odd.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * lib/crypto/des/make_odd.c - * - * Copyright 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This routine generates an odd-parity table for use in key generation. - */ - - -#include <stdio.h> - -void gen(stream) - FILE *stream; -{ - /* - * map a byte into its equivalent with odd parity, where odd - * parity is in the least significant bit - */ - register i, j, k, odd; - - fprintf(stream, - "static unsigned char const odd_parity[256] = {\n"); - - for (i = 0; i < 256; i++) { - odd = 0; - /* shift out the lsb parity bit */ - k = i >> 1; - /* then count the other bits */ - for (j = 0; j < 7; j++) { - odd ^= (k&1); - k = k >> 1; - } - k = i&~1; - if (!odd) - k |= 1; - fprintf(stream, "%3d", k); - if (i < 255) - fprintf(stream, ", "); - if (i%8 == 0) - fprintf(stream, "\n"); - } - fprintf(stream, "};\n"); -} diff --git a/src/lib/crypto/des/make_p.c b/src/lib/crypto/des/make_p.c deleted file mode 100644 index 0446c9c6f..000000000 --- a/src/lib/crypto/des/make_p.c +++ /dev/null @@ -1,66 +0,0 @@ -/* - * lib/crypto/des/make_p.c - * - * Copyright 1985, 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This routine generates the P permutation code for the DES. - */ - - -#include <krb5/krb5.h> -#include <stdio.h> -#include "des_int.h" -#include "tables.h" - -void gen(stream) - FILE *stream; -{ - /* P permutes 32 bit input R1 into 32 bit output R2 */ - - /* clear the output */ - fprintf(stream," L2 = 0;\n"); -#ifndef BIG - fprintf(stream," R2 = 0;\n"); - fprintf(stream, - "/* P operations */\n/* from right to right */\n"); - /* first list mapping from left to left */ - for (i = 0; i <=31; i++) - if (P[i] < 32) - fprintf(stream, - " if (R1 & (1<<%d)) R2 |= 1<<%d;\n",P[i],i); -#else /* BIG */ - /* flip p into p_temp */ - fprintf(stream," P_temp = R1;\n"); - fprintf(stream," P_temp_p = (unsigned char *) &P_temp;\n"); - -#ifdef LSBFIRST - fprintf(stream," R2 = P_prime[0][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[1][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[2][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[3][*P_temp_p];\n"); -#else /* MSBFIRST */ - fprintf(stream," R2 = P_prime[3][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[2][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[1][*P_temp_p++];\n"); - fprintf(stream," R2 |= P_prime[0][*P_temp_p];\n"); -#endif /* MSBFIRST */ -#endif /* BIG */ -} diff --git a/src/lib/crypto/des/make_pt.c b/src/lib/crypto/des/make_pt.c deleted file mode 100644 index 804cb33a5..000000000 --- a/src/lib/crypto/des/make_pt.c +++ /dev/null @@ -1,81 +0,0 @@ -/* - * lib/crypto/des/make_pt.c - * - * Copyright 1985, 1988, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - */ - - -#include <krb5/krb5.h> -#include <stdio.h> -#include "des_int.h" -#include "tables.h" - -static unsigned char P_temp[32]; -static unsigned long P_prime[4][256]; - -void gen(stream) - FILE *stream; -{ - register i,j,k,m; - /* P permutes 32 bit input R1 into 32 bit output R2 */ - -#ifdef BIG - /* flip p into p_temp */ - for (i = 0; i<32; i++) - P_temp[P[rev_swap_bit_pos_0(i)]] = rev_swap_bit_pos_0(i); - - /* - * now for each byte of input, figure out all possible combinations - */ - for (i = 0; i <4 ; i ++) { /* each input byte */ - for (j = 0; j<256; j++) { /* each possible byte value */ - /* flip bit order */ - k = j; - /* swap_byte_bits(j); */ - for (m = 0; m < 8; m++) { /* each bit */ - if (k & (1 << m)) { - /* set output values */ - P_prime[i][j] |= 1 << P_temp[(i*8)+m]; - } - } - } - } - - fprintf(stream, - "\n\tstatic unsigned long const P_prime[4][256] = {\n\t"); - for (i = 0; i < 4; i++) { - fprintf(stream,"\n"); - for (j = 0; j < 64; j++) { - fprintf(stream,"\n"); - for (k = 0; k < 4; k++) { - fprintf(stream,"0x%08X",P_prime[i][j*4+k]); - if ((i == 3) && (j == 63) && (k == 3)) - fprintf(stream,"\n};"); - else - fprintf(stream,", "); - } - } - } - -#endif - fprintf(stream,"\n"); -} diff --git a/src/lib/crypto/des/make_s.c b/src/lib/crypto/des/make_s.c deleted file mode 100644 index 4ae7ff24b..000000000 --- a/src/lib/crypto/des/make_s.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * lib/crypto/des/make_s.c - * - * Copyright 1985, 1988, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - - - -#include <krb5/krb5.h> -#include <stdio.h> -#include "des_int.h" -#include "s_table.h" - -void gen(stream) - FILE *stream; -{ - /* clear the output */ - fprintf(stream,"\n\tL2 = 0; R2 = 0;"); - -#ifdef notdef - /* P permutes 32 bit input R1 into 32 bit output R2 */ - - fprintf(stream,"\n/* P operations */\n/* first left to left */\n"); - /* first list mapping from left to left */ - for (i = 0; i <=31; i++) - if (S[i] < 32) - fprintf(stream, - "\n\tif (R1 & (1<<%d)) R2 |= 1<<%d;",S[i],i); -#endif - fprintf(stream,"\n"); -} diff --git a/src/lib/crypto/des/make_st.c b/src/lib/crypto/des/make_st.c deleted file mode 100644 index 9dcd08c9a..000000000 --- a/src/lib/crypto/des/make_st.c +++ /dev/null @@ -1,83 +0,0 @@ -/* - * lib/crypto/des/make_st.c - * - * Copyright 1985, 1988, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - - -#include <krb5/krb5.h> -#include <stdio.h> -#include "des_int.h" -#include "tables.h" - -char temp[8][64]; -int mit_des_debug; - -void gen(stream) - FILE *stream; -{ - register unsigned long i,j,k,l,m,n; - - /* rearrange the S table entries, and adjust for host bit order */ - - fprintf(stream, "static unsigned char const S_adj[8][64] = {"); - fprintf(stream, " /* adjusted */\n"); - - for (i = 0; i<=7 ; i++) { - for (j = 0; j <= 63; j++) { - /* - * figure out which one to put in the new S[i][j] - * - * start by assuming the value of the input bits is "j" in - * host order, then figure out what it means in standard - * form. - */ - k = swap_six_bits_to_ansi(j); - /* figure out the index for k */ - l = (((k >> 5) & 01) << 5) - + ((k & 01) <<4) + ((k >> 1) & 0xf); - m = S[i][l]; - /* restore in host order */ - n = swap_four_bits_to_ansi(m); - if (mit_des_debug) - fprintf(stderr, - "i = %d, j = %d, k = %d, l = %d, m = %d, n = %d\n", - i,j,k,l,m,n); - temp[i][j] = n; - } - } - - for (i = 0; i<=7; i++) { - fprintf(stream,"\n"); - k =0; - for (j = 0; j<= 3; j++) { - fprintf(stream,"\n"); - for (m = 0; m <= 15; m++) { - fprintf(stream,"%2d",temp[i][k]); - if ((k++ != 63) || (i !=7)) { - fprintf(stream,", "); - } - } - } - } - - fprintf(stream,"\n};\n"); -} diff --git a/src/lib/crypto/des/misc.c b/src/lib/crypto/des/misc.c deleted file mode 100644 index a4e595575..000000000 --- a/src/lib/crypto/des/misc.c +++ /dev/null @@ -1,366 +0,0 @@ -/* - * lib/crypto/des/misc.c - * - * Copyright 1988, 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This file contains most of the routines needed by the various - * make_foo programs, to account for bit- and byte-ordering on - * different machine types. It also contains other routines useful in - * generating the intermediate source files. - */ - - -#include <krb5/krb5.h> -#include <krb5/ext-proto.h> -#include <stdio.h> - -#include "des_int.h" - -/* - * The DES algorithm is defined in terms of MSBFIRST, so sometimes, - * e.g. VAXes, we need to fix it up. ANSI order means the DES - * MSBFIRST order. - */ - -#if 0 /* These don't seem to get used anywhere.... */ -void swap_bits(array) - char *array; -{ -#ifdef MSBFIRST - /* just return */ - return; -#else /* LSBFIRST */ - register old,new,i,j; - - /* for an eight byte block-- */ - /* flips the bit order within each byte from 0 lsb to 0 msb */ - for (i = 0; i<=7; i++) { - old = *array; - new = 0; - for (j = 0; j<=7; j++) { - new |= old & 01; /* copy a bit */ - if (j < 7) { - /* rotate in opposite directions */ - old = old >> 1; - new = new << 1; - } - } - *array++ = new; - } -#endif /* MSBFIRST */ -} - -unsigned long long_swap_bits(x) - unsigned long x; -{ -#ifdef MSBFIRST - return x; -#else - char *array = (char *) &x; - register old,new,i,j; - - /* flips the bit order within each byte from 0 lsb to 0 msb */ - for (i = 0; i <= (sizeof(long)-1); i++) { - old = *array; - new = 0; - for (j = 0; j<=7; j++) { - if (old & 01) - new = new | 01; - if (j < 7) { - old = old >> 1; - new = new << 1; - } - } - *array++ = new; - } - return x; -#endif /* LSBFIRST */ -} -#endif /* 0 */ - -unsigned long swap_six_bits_to_ansi(old) - unsigned long old; -{ - register unsigned long new, j; - - /* flips the bit order within each byte from 0 lsb to 0 msb */ - new = 0; - for (j = 0; j<=5; j++) { - new |= old & 01; /* copy a bit */ - if (j < 5) { - /* rotate in opposite directions */ - old = old >> 1; - new = new << 1; - } - } - return new; -} - -unsigned long swap_four_bits_to_ansi(old) - unsigned long old; -{ - register unsigned long new,j; - - /* flips the bit order within each byte from 0 lsb to 0 msb */ - new = 0; - for (j = 0; j<=3; j++) { - new |= (old & 01); /* copy a bit */ - if (j < 3) { - old = old >> 1; - new = new << 1; - } - } - return new; -} - -unsigned long swap_bit_pos_1(x) - unsigned long x; -{ - /* - * This corrects for the bit ordering of the algorithm, e.g. - * bit 0 ==> msb, bit 7 lsb. - * - * given the number of a bit position, >=1, flips the bit order - * each byte. e.g. bit 3 --> bit 6, bit 13 --> bit 12 - */ - register y,z; - - /* always do it, only used by mit_des_make_key_perm.c so far */ - y = (x-1)/8; - z = (x-1)%8; - - x = (8-z) + (y*8); - - return x; -} - -unsigned long swap_bit_pos_0(x) - unsigned long x; -{ - /* zero based version */ - - /* - * This corrects for the bit ordering of the algorithm, e.g. - * bit 0 ==> msb, bit 7 lsb. - */ - -#ifdef MSBFIRST - return x; -#else /* LSBFIRST */ - register y,z; - - /* - * given the number of a bit position, >=0, flips the bit order - * each byte. e.g. bit 3 --> bit 6, bit 13 --> bit 12 - */ - y = x/8; - z = x%8; - - x = (7-z) + (y*8); - - return x; -#endif /* LSBFIRST */ -} - -unsigned long swap_bit_pos_0_to_ansi(x) - unsigned long x; -{ - /* zero based version */ - - /* - * This corrects for the bit ordering of the algorithm, e.g. - * bit 0 ==> msb, bit 7 lsb. - */ - - register y,z; - /* - * given the number of a bit position, >=0, flips the bit order each - * byte. e.g. bit 3 --> bit 6, bit 13 --> bit 12 - */ - y = x/8; - z = x%8; - - x = (7-z) + (y*8); - - return x; -} - -unsigned long rev_swap_bit_pos_0(x) - unsigned long x; -{ - /* zero based version */ - - /* - * This corrects for the bit ordering of the algorithm, e.g. - * bit 0 ==> msb, bit 7 lsb. - * - * Role of LSB and MSB flipped from the swap_bit_pos_0() - */ - -#ifdef LSBFIRST - return x; -#else /* MSBFIRST */ - - register y,z; - - /* - * given the number of a bit position, >=0, flips the bit order each - * byte. e.g. bit 3 --> bit 6, bit 13 --> bit 12 - */ - y = x/8; - z = x%8; - - x = (7-z) + (y*8); - - return x; -#endif /* MSBFIRST */ -} - -unsigned long swap_byte_bits(x) - unsigned long x; -{ -#ifdef MSBFIRST - return x; -#else /* LSBFIRST */ - - char *array = (char *) &x; - register unsigned long old,new,j; - - /* flips the bit order within each byte from 0 lsb to 0 msb */ - old = *array; - new = 0; - for (j = 0; j<=7; j++) { - new |= (old & 01); /* copy a bit */ - if (j < 7) { - old = old >> 1; - new = new << 1; - } - } - return new; -#endif /* LSBFIRST */ -} - -unsigned long -swap_long_bytes_bit_number(x) - unsigned long x; -{ - /* - * given a bit number (0-31) from a vax, swap the byte part of the - * bit number to change the byte ordering to mSBFIRST type - */ -#ifdef LSBFIRST - return x; -#else /* MSBFIRST */ - unsigned long y,z; - - y = x/8; /* initial byte component */ - z = x%8; /* bit within byte */ - - x = (3-y)*8 +z; - return x; -#endif /* MSBFIRST */ -} - -void test_set(stream, src, testbit, dest, setbit) - FILE *stream; - const char *src; - int testbit; - const char *dest; - int setbit; -{ -#ifdef DES_SHIFT_SHIFT - if (testbit == setbit) - fprintf(stream, " %s |= %s & (1<<%2d);\n", - dest, src, testbit); - else - fprintf(stream, " %s |= (%s & (1<<%2d)) %s %2d;\n", - dest, src, testbit, - (testbit < setbit) ? "<<" : ">>", - abs(testbit - setbit)); -#else - fprintf(stream, - " if (%s & (1<<%2d)) %s |= 1<<%2d;\n", - src, testbit, dest, setbit); -#endif -} - -extern void gen PROTOTYPE((FILE *)); -int mit_des_debug; -char const *whoami; - -void -main(argc, argv) - int argc; - char *argv[]; -{ - char *filename; - char *arg; - FILE *stream = 0; - - whoami = argv[0]; - filename = (char *)NULL; - - while (argc--, *++argv) { - arg = *argv; - if (*arg == '-') { - if (!strcmp(arg, "-d") || !strcmp(arg, "-debug")) - mit_des_debug++; - else { - fprintf(stderr, "%s: unknown control argument %s\n", - whoami, arg); - goto usage; - } - } - else if (filename) { - fprintf(stderr, - "%s: multiple file names provided: %s, %s\n", - whoami, filename, arg); - goto usage; - } - else - filename = arg; - } - - if (!filename) { - fprintf(stderr, "%s: no file name provided\n", whoami); - goto usage; - } - - stream = fopen(filename, "w"); - if (!stream) { - perror(filename); - usage: - fprintf(stderr, "usage: %s [-debug] filename\n", whoami); - exit(1); - } - - fputs( - "/* This file is automatically generated. Do not edit it. */\n", - stream); - - /* This routine will generate the contents of the file. */ - gen(stream); - if (fclose(stream) == EOF) { - perror(filename); - exit(1); - } - exit(0); -} diff --git a/src/lib/crypto/des/tables.h b/src/lib/crypto/des/tables.h deleted file mode 100644 index 42bac36d2..000000000 --- a/src/lib/crypto/des/tables.h +++ /dev/null @@ -1,122 +0,0 @@ -/* - * lib/crypto/des/tables.h - * - * Copyright 1988,1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * part of the Athena Kerberos encryption system - * - * spm 8/85 - */ - -/* - * Initial permutation, adjust to zero based subscript - */ -static char IP[] = { - 58-1, 50-1, 42-1, 34-1, 26-1, 18-1, 10-1, 2-1, - 60-1, 52-1, 44-1, 36-1, 28-1, 20-1, 12-1, 4-1, - 62-1, 54-1, 46-1, 38-1, 30-1, 22-1, 14-1, 6-1, - 64-1, 56-1, 48-1, 40-1, 32-1, 24-1, 16-1, 8-1, - 57-1, 49-1, 41-1, 33-1, 25-1, 17-1, 9-1, 1-1, - 59-1, 51-1, 43-1, 35-1, 27-1, 19-1, 11-1, 3-1, - 61-1, 53-1, 45-1, 37-1, 29-1, 21-1, 13-1, 5-1, - 63-1, 55-1, 47-1, 39-1, 31-1, 23-1, 15-1, 7-1, -}; - -/* - * Final permutation, FP = IP^(-1) adjust to zero based subscript - */ -static char FP[] = { - 40-1, 8-1, 48-1, 16-1, 56-1, 24-1, 64-1, 32-1, - 39-1, 7-1, 47-1, 15-1, 55-1, 23-1, 63-1, 31-1, - 38-1, 6-1, 46-1, 14-1, 54-1, 22-1, 62-1, 30-1, - 37-1, 5-1, 45-1, 13-1, 53-1, 21-1, 61-1, 29-1, - 36-1, 4-1, 44-1, 12-1, 52-1, 20-1, 60-1, 28-1, - 35-1, 3-1, 43-1, 11-1, 51-1, 19-1, 59-1, 27-1, - 34-1, 2-1, 42-1, 10-1, 50-1, 18-1, 58-1, 26-1, - 33-1, 1-1, 41-1, 9-1, 49-1, 17-1, 57-1, 25-1, -}; - -/* the E selection function, adjusted to zero based subscripts */ -static char E[] = { - 32-1, 1-1, 2-1, 3-1, 4-1, 5-1, - 4-1, 5-1, 6-1, 7-1, 8-1, 9-1, - 8-1, 9-1, 10-1, 11-1, 12-1, 13-1, - 12-1, 13-1, 14-1, 15-1, 16-1, 17-1, - 16-1, 17-1, 18-1, 19-1, 20-1, 21-1, - 20-1, 21-1, 22-1, 23-1, 24-1, 25-1, - 24-1, 25-1, 26-1, 27-1, 28-1, 29-1, - 28-1, 29-1, 30-1, 31-1, 32-1, 1-1, -}; - -/* the P permutation, adjusted to zero based subscripts */ -static char P[] = { - 16-1, 7-1, 20-1, 21-1, - 29-1, 12-1, 28-1, 17-1, - 1-1, 15-1, 23-1, 26-1, - 5-1, 18-1, 31-1, 10-1, - 2-1, 8-1, 24-1, 14-1, - 32-1, 27-1, 3-1, 9-1, - 19-1, 13-1, 30-1, 6-1, - 22-1, 11-1, 4-1, 25-1, -}; - -/* S tables, original form */ -static char S[8][64] = { - 14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7, - 0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8, - 4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0, - 15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13, - - 15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10, - 3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5, - 0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15, - 13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9, - - 10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8, - 13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1, - 13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7, - 1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12, - - 7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15, - 13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9, - 10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4, - 3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14, - - 2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9, - 14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6, - 4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14, - 11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3, - - 12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11, - 10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8, - 9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6, - 4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13, - - 4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1, - 13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6, - 1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2, - 6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12, - - 13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7, - 1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2, - 7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8, - 2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11, -}; diff --git a/src/lib/crypto/des/verify.c b/src/lib/crypto/des/verify.c index b5ac9929b..270647c5b 100644 --- a/src/lib/crypto/des/verify.c +++ b/src/lib/crypto/des/verify.c @@ -88,6 +88,16 @@ unsigned char cipher3[64] = { unsigned char checksum[8] = { 0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33 }; + +unsigned char zresult[8] = { + 0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7 +}; + +unsigned char mresult[8] = { + 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96 +}; + + /* * Can also add : * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?) @@ -143,7 +153,7 @@ main(argc,argv) /* do some initialisation */ initialize_krb5_error_table(); - eblock.crypto_entry = &mit_des_cryptosystem_entry; + krb5_use_cstype(&eblock, ETYPE_DES_CBC_CRC); keyblock.keytype = KEYTYPE_DES; keyblock.length = sizeof (mit_des_cblock); @@ -168,6 +178,10 @@ main(argc,argv) com_err("des verify", retval, "can't finish zero key"); exit(-1); } + if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) { + printf("verify: error in zero key test\n"); + exit(-1); + } exit(0); } @@ -179,7 +193,8 @@ main(argc,argv) exit(-1); } printf("plaintext = 0x00 00 00 00 00 00 00 40, "); - printf("key = 0, cipher = 0x??\n"); + printf("key = 0x80 01 01 01 01 01 01 01\n"); + printf(" cipher = 0xa380e02a6be54696\n"); do_encrypt(input,cipher_text); printf("\tcipher = (low to high bytes)\n\t\t"); for (j = 0; j<=7; j++) { @@ -191,6 +206,10 @@ main(argc,argv) com_err("des verify", retval, "can't finish key3"); exit(-1); } + if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) { + printf("verify: error in msb test\n"); + exit(-1); + } exit(0); } @@ -392,3 +411,17 @@ do_decrypt(in,out) } } } + +/* + * Fake out the DES library, for the purposes of testing. + */ + +#include "des.h" + +int +mit_des_is_weak_key(key) + mit_des_cblock key; +{ + return 0; /* fake it out for testing */ +} + |