Context Navigation

source: bootcd/isolinux/syslinux-6.03/com32/cmenu/libmenu/des.c @ 26ffad7

Last change on this file since 26ffad7 was e16e8f2, checked in by Edwin Eefting <edwin@datux.nl>, 3 years ago
bootstuff
Property mode set to `100644`
File size: 27.3 KB

Line
1	/*
2	* FreeSec: libcrypt for NetBSD
3	*
4	* Copyright (c) 1994 David Burren
5	* All rights reserved.
6	*
7	* Adapted for FreeBSD-2.0 by Geoffrey M. Rehmet
8	* this file should now only export crypt(), in order to make
9	* binaries of libcrypt exportable from the USA
10	*
11	* Adapted for FreeBSD-4.0 by Mark R V Murray
12	* this file should now only export crypt_des(), in order to make
13	* a module that can be optionally included in libcrypt.
14	*
15	* Adapted for pxelinux menu environment by Th.Gebhardt
16	* removed dependencies of standard C libs
17	* added LOWSPACE option (using common space for different arrays)
18	*
19	* Redistribution and use in source and binary forms, with or without
20	* modification, are permitted provided that the following conditions
21	* are met:
22	* 1. Redistributions of source code must retain the above copyright
23	* notice, this list of conditions and the following disclaimer.
24	* 2. Redistributions in binary form must reproduce the above copyright
25	* notice, this list of conditions and the following disclaimer in the
26	* documentation and/or other materials provided with the distribution.
27	* 3. Neither the name of the author nor the names of other contributors
28	* may be used to endorse or promote products derived from this software
29	* without specific prior written permission.
30	*
31	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
32	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
33	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
34	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
35	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
37	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
39	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
40	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
41	* SUCH DAMAGE.
42	*
43	* This is an original implementation of the DES and the crypt(3) interfaces
44	* by David Burren <davidb@werj.com.au>.
45	*
46	* An excellent reference on the underlying algorithm (and related
47	* algorithms) is:
48	*
49	* B. Schneier, Applied Cryptography: protocols, algorithms,
50	* and source code in C, John Wiley & Sons, 1994.
51	*
52	* Note that in that book's description of DES the lookups for the initial,
53	* pbox, and final permutations are inverted (this has been brought to the
54	* attention of the author). A list of errata for this book has been
55	* posted to the sci.crypt newsgroup by the author and is available for FTP.
56	*
57	* ARCHITECTURE ASSUMPTIONS:
58	* It is assumed that the 8-byte arrays passed by reference can be
59	* addressed as arrays of u_int32_t's (ie. the CPU is not picky about
60	* alignment).
61	*/
62
63	#define LOWSPACE
64
65	#ifndef NULL
66	#define NULL ((void *) 0)
67	#endif
68
69	typedef unsigned long my_u_int32_t;
70	typedef unsigned char my_u_char_t;
71
72	/* Re-entrantify me -- all this junk needs to be in
73	* struct crypt_data to make this really reentrant... */
74	static my_u_char_t inv_key_perm[64];
75	static my_u_char_t inv_comp_perm[56];
76	static my_u_char_t u_sbox[8][64];
77	static my_u_char_t un_pbox[32];
78	static my_u_int32_t en_keysl[16], en_keysr[16];
79	static my_u_int32_t de_keysl[16], de_keysr[16];
80
81	#ifndef LOWSPACE
82	static my_u_int32_t ip_maskl[8][256], ip_maskr[8][256];
83	static my_u_int32_t fp_maskl[8][256], fp_maskr[8][256];
84	static my_u_int32_t key_perm_maskl[8][128], key_perm_maskr[8][128];
85	static my_u_int32_t comp_maskl[8][128], comp_maskr[8][128];
86	#endif
87
88	static my_u_int32_t saltbits;
89	static my_u_int32_t old_salt;
90	static my_u_int32_t old_rawkey0, old_rawkey1;
91
92	#ifdef LOWSPACE
93	static my_u_int32_t common[8][256];
94	#endif
95
96	/* Static stuff that stays resident and doesn't change after
97	* being initialized, and therefore doesn't need to be made
98	* reentrant. */
99	static my_u_char_t init_perm[64], final_perm[64];
100	static my_u_char_t m_sbox[4][4096];
101
102	#ifndef LOWSPACE
103	static my_u_int32_t psbox[4][256];
104	#endif
105
106	/* A pile of data */
107	static const my_u_char_t ascii64[] =
108	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
109
110	static const my_u_char_t IP[64] = {
111	58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4,
112	62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8,
113	57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3,
114	61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7
115	};
116
117	static const my_u_char_t key_perm[56] = {
118	57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18,
119	10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36,
120	63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22,
121	14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4
122	};
123
124	static const my_u_char_t key_shifts[16] = {
125	1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
126	};
127
128	static const my_u_char_t comp_perm[48] = {
129	14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10,
130	23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2,
131	41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48,
132	44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32
133	};
134
135	/*
136	* No E box is used, as it's replaced by some ANDs, shifts, and ORs.
137	*/
138
139	static const my_u_char_t sbox[8][64] = {
140	{
141	14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
142	0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
143	4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
144	15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13},
145	{
146	15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
147	3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
148	0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
149	13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9},
150	{
151	10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
152	13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
153	13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
154	1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12},
155	{
156	7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
157	13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
158	10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
159	3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14},
160	{
161	2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
162	14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
163	4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
164	11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3},
165	{
166	12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
167	10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
168	9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
169	4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13},
170	{
171	4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
172	13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
173	1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
174	6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12},
175	{
176	13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
177	1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
178	7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
179	2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}
180	};
181
182	static const my_u_char_t pbox[32] = {
183	16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
184	2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
185	};
186
187	static const my_u_int32_t bits32[32] = {
188	0x80000000, 0x40000000, 0x20000000, 0x10000000,
189	0x08000000, 0x04000000, 0x02000000, 0x01000000,
190	0x00800000, 0x00400000, 0x00200000, 0x00100000,
191	0x00080000, 0x00040000, 0x00020000, 0x00010000,
192	0x00008000, 0x00004000, 0x00002000, 0x00001000,
193	0x00000800, 0x00000400, 0x00000200, 0x00000100,
194	0x00000080, 0x00000040, 0x00000020, 0x00000010,
195	0x00000008, 0x00000004, 0x00000002, 0x00000001
196	};
197
198	static const my_u_int32_t bits28[28] = {
199	0x08000000, 0x04000000, 0x02000000, 0x01000000,
200	0x00800000, 0x00400000, 0x00200000, 0x00100000,
201	0x00080000, 0x00040000, 0x00020000, 0x00010000,
202	0x00008000, 0x00004000, 0x00002000, 0x00001000,
203	0x00000800, 0x00000400, 0x00000200, 0x00000100,
204	0x00000080, 0x00000040, 0x00000020, 0x00000010,
205	0x00000008, 0x00000004, 0x00000002, 0x00000001
206	};
207
208	static const my_u_int32_t bits24[24] = {
209	0x00800000, 0x00400000, 0x00200000, 0x00100000,
210	0x00080000, 0x00040000, 0x00020000, 0x00010000,
211	0x00008000, 0x00004000, 0x00002000, 0x00001000,
212	0x00000800, 0x00000400, 0x00000200, 0x00000100,
213	0x00000080, 0x00000040, 0x00000020, 0x00000010,
214	0x00000008, 0x00000004, 0x00000002, 0x00000001
215	};
216
217	static const my_u_char_t bits8[8] =
218	{ 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 };
219	// static const my_u_int32_t bits28, bits24;
220
221	static int ascii_to_bin(char ch)
222	{
223	if (ch > 'z')
224	return (0);
225	if (ch >= 'a')
226	return (ch - 'a' + 38);
227	if (ch > 'Z')
228	return (0);
229	if (ch >= 'A')
230	return (ch - 'A' + 12);
231	if (ch > '9')
232	return (0);
233	if (ch >= '.')
234	return (ch - '.');
235	return (0);
236	}
237
238	static void des_init(void)
239	{
240
241	#ifdef LOWSPACE
242	int i, j, b;
243	#else
244	int i, j, b, k, inbit, obit;
245	my_u_int32_t p, il, ir, fl, *fr;
246	#endif
247	static int des_initialised = 0;
248
249	if (des_initialised == 1)
250	return;
251
252	old_rawkey0 = old_rawkey1 = 0L;
253	saltbits = 0L;
254	old_salt = 0L;
255	// bits24 = (bits28 = bits32 + 4) + 4;
256
257	/*
258	* Invert the S-boxes, reordering the input bits.
259	*/
260	for (i = 0; i < 8; i++)
261	for (j = 0; j < 64; j++) {
262	b = (j & 0x20) \| ((j & 1) << 4) \| ((j >> 1) & 0xf);
263	u_sbox[i][j] = sbox[i][b];
264	}
265
266	/*
267	* Convert the inverted S-boxes into 4 arrays of 8 bits.
268	* Each will handle 12 bits of the S-box input.
269	*/
270	for (b = 0; b < 4; b++)
271	for (i = 0; i < 64; i++)
272	for (j = 0; j < 64; j++)
273	m_sbox[b][(i << 6) \| j] =
274	(my_u_char_t) ((u_sbox[(b << 1)][i] << 4) \|
275	u_sbox[(b << 1) + 1][j]);
276
277	/*
278	* Set up the initial & final permutations into a useful form, and
279	* initialise the inverted key permutation.
280	*/
281	for (i = 0; i < 64; i++) {
282	init_perm[final_perm[i] = IP[i] - 1] = (my_u_char_t) i;
283	inv_key_perm[i] = 255;
284	}
285
286	/*
287	* Invert the key permutation and initialise the inverted key
288	* compression permutation.
289	*/
290	for (i = 0; i < 56; i++) {
291	inv_key_perm[key_perm[i] - 1] = (my_u_char_t) i;
292	inv_comp_perm[i] = 255;
293	}
294
295	/*
296	* Invert the key compression permutation.
297	*/
298	for (i = 0; i < 48; i++) {
299	inv_comp_perm[comp_perm[i] - 1] = (my_u_char_t) i;
300	}
301
302	/*
303	* Set up the OR-mask arrays for the initial and final permutations,
304	* and for the key initial and compression permutations.
305	*/
306
307	#ifndef LOWSPACE
308	for (k = 0; k < 8; k++) {
309	for (i = 0; i < 256; i++) {
310	*(il = &ip_maskl[k][i]) = 0L;
311	*(ir = &ip_maskr[k][i]) = 0L;
312	*(fl = &fp_maskl[k][i]) = 0L;
313	*(fr = &fp_maskr[k][i]) = 0L;
314	for (j = 0; j < 8; j++) {
315	inbit = 8 * k + j;
316	if (i & bits8[j]) {
317	if ((obit = init_perm[inbit]) < 32)
318	*il \|= bits32[obit];
319	else
320	*ir \|= bits32[obit - 32];
321	if ((obit = final_perm[inbit]) < 32)
322	*fl \|= bits32[obit];
323	else
324	*fr \|= bits32[obit - 32];
325	}
326	}
327	}
328	for (i = 0; i < 128; i++) {
329	*(il = &key_perm_maskl[k][i]) = 0L;
330	*(ir = &key_perm_maskr[k][i]) = 0L;
331	for (j = 0; j < 7; j++) {
332	inbit = 8 * k + j;
333	if (i & bits8[j + 1]) {
334	if ((obit = inv_key_perm[inbit]) == 255)
335	continue;
336	if (obit < 28)
337	*il \|= bits28[obit];
338	else
339	*ir \|= bits28[obit - 28];
340	}
341	}
342	*(il = &comp_maskl[k][i]) = 0L;
343	*(ir = &comp_maskr[k][i]) = 0L;
344	for (j = 0; j < 7; j++) {
345	inbit = 7 * k + j;
346	if (i & bits8[j + 1]) {
347	if ((obit = inv_comp_perm[inbit]) == 255)
348	continue;
349	if (obit < 24)
350	*il \|= bits24[obit];
351	else
352	*ir \|= bits24[obit - 24];
353	}
354	}
355	}
356	}
357	#endif
358
359	/*
360	* Invert the P-box permutation, and convert into OR-masks for
361	* handling the output of the S-box arrays setup above.
362	*/
363	for (i = 0; i < 32; i++)
364	un_pbox[pbox[i] - 1] = (my_u_char_t) i;
365
366	#ifndef LOWSPACE
367	for (b = 0; b < 4; b++)
368	for (i = 0; i < 256; i++) {
369	*(p = &psbox[b][i]) = 0L;
370	for (j = 0; j < 8; j++) {
371	if (i & bits8[j])
372	p \|= bits32[un_pbox[8 b + j]];
373	}
374	}
375	#endif
376	des_initialised = 1;
377	}
378
379	#ifdef LOWSPACE
380
381	static void setup_ip_maskl(void)
382	{
383	int i, j, k, inbit, obit;
384	my_u_int32_t *il;
385
386	for (k = 0; k < 8; k++) {
387	for (i = 0; i < 256; i++) {
388	*(il = &common[k][i]) = 0L;
389	for (j = 0; j < 8; j++) {
390	inbit = 8 * k + j;
391	if (i & bits8[j]) {
392	if ((obit = init_perm[inbit]) < 32)
393	*il \|= bits32[obit];
394	}
395	}
396	}
397	}
398	}
399
400	static void setup_ip_maskr(void)
401	{
402	int i, j, k, inbit, obit;
403	my_u_int32_t *ir;
404
405	for (k = 0; k < 8; k++) {
406	for (i = 0; i < 256; i++) {
407	*(ir = &common[k][i]) = 0L;
408	for (j = 0; j < 8; j++) {
409	inbit = 8 * k + j;
410	if (i & bits8[j]) {
411	if ((obit = init_perm[inbit]) >= 32)
412	*ir \|= bits32[obit - 32];
413	}
414	}
415	}
416	}
417	}
418
419	static void setup_fp_maskl(void)
420	{
421	int i, j, k, inbit, obit;
422	my_u_int32_t *fl;
423
424	for (k = 0; k < 8; k++) {
425	for (i = 0; i < 256; i++) {
426	*(fl = &common[k][i]) = 0L;
427	for (j = 0; j < 8; j++) {
428	inbit = 8 * k + j;
429	if (i & bits8[j]) {
430	if ((obit = final_perm[inbit]) < 32)
431	*fl \|= bits32[obit];
432	}
433	}
434	}
435	}
436	}
437
438	static void setup_fp_maskr(void)
439	{
440	int i, j, k, inbit, obit;
441	my_u_int32_t *fr;
442
443	for (k = 0; k < 8; k++) {
444	for (i = 0; i < 256; i++) {
445	*(fr = &common[k][i]) = 0L;
446	for (j = 0; j < 8; j++) {
447	inbit = 8 * k + j;
448	if (i & bits8[j]) {
449	if ((obit = final_perm[inbit]) >= 32)
450	*fr \|= bits32[obit - 32];
451	}
452	}
453	}
454	}
455	}
456
457	static void setup_key_perm_maskl(void)
458	{
459	int i, j, k, inbit, obit;
460	my_u_int32_t *il;
461
462	for (k = 0; k < 8; k++) {
463	for (i = 0; i < 128; i++) {
464	*(il = &common[k][i]) = 0L;
465	for (j = 0; j < 7; j++) {
466	inbit = 8 * k + j;
467	if (i & bits8[j + 1]) {
468	if ((obit = inv_key_perm[inbit]) == 255)
469	continue;
470	if (obit < 28)
471	*il \|= bits28[obit];
472	}
473	}
474	}
475	}
476	}
477
478	static void setup_key_perm_maskr(void)
479	{
480	int i, j, k, inbit, obit;
481	my_u_int32_t *ir;
482
483	for (k = 0; k < 8; k++) {
484	for (i = 0; i < 128; i++) {
485	*(ir = &common[k][i]) = 0L;
486	for (j = 0; j < 7; j++) {
487	inbit = 8 * k + j;
488	if (i & bits8[j + 1]) {
489	if ((obit = inv_key_perm[inbit]) == 255)
490	continue;
491	if (obit >= 28)
492	*ir \|= bits28[obit - 28];
493	}
494	}
495	}
496	}
497	}
498
499	static void setup_comp_maskl(void)
500	{
501	int i, j, k, inbit, obit;
502	my_u_int32_t *il;
503
504	for (k = 0; k < 8; k++) {
505	for (i = 0; i < 128; i++) {
506	*(il = &common[k][i]) = 0L;
507	for (j = 0; j < 7; j++) {
508	inbit = 7 * k + j;
509	if (i & bits8[j + 1]) {
510	if ((obit = inv_comp_perm[inbit]) == 255)
511	continue;
512	if (obit < 24)
513	*il \|= bits24[obit];
514	}
515	}
516	}
517	}
518	}
519
520	static void setup_comp_maskr(void)
521	{
522	int i, j, k, inbit, obit;
523	my_u_int32_t *ir;
524
525	for (k = 0; k < 8; k++) {
526	for (i = 0; i < 128; i++) {
527	*(ir = &common[k][i]) = 0L;
528	for (j = 0; j < 7; j++) {
529	inbit = 7 * k + j;
530	if (i & bits8[j + 1]) {
531	if ((obit = inv_comp_perm[inbit]) == 255)
532	continue;
533	if (obit >= 24)
534	*ir \|= bits24[obit - 24];
535	}
536	}
537	}
538	}
539	}
540
541	static void setup_psbox(void)
542	{
543	int i, j, b;
544	my_u_int32_t *p;
545
546	for (b = 0; b < 4; b++)
547	for (i = 0; i < 256; i++) {
548	*(p = &common[b][i]) = 0L;
549	for (j = 0; j < 8; j++) {
550	if (i & bits8[j])
551	p \|= bits32[un_pbox[8 b + j]];
552	}
553	}
554	}
555
556	#endif
557
558	static void setup_salt(my_u_int32_t salt)
559	{
560	my_u_int32_t obit, saltbit;
561	int i;
562
563	if (salt == old_salt)
564	return;
565	old_salt = salt;
566
567	saltbits = 0L;
568	saltbit = 1;
569	obit = 0x800000;
570	for (i = 0; i < 24; i++) {
571	if (salt & saltbit)
572	saltbits \|= obit;
573	saltbit <<= 1;
574	obit >>= 1;
575	}
576	}
577
578	static my_u_int32_t char_to_int(const char *key)
579	{
580	my_u_int32_t byte0, byte1, byte2, byte3;
581	byte0 = (my_u_int32_t) (my_u_char_t) key[0];
582	byte1 = (my_u_int32_t) (my_u_char_t) key[1];
583	byte2 = (my_u_int32_t) (my_u_char_t) key[2];
584	byte3 = (my_u_int32_t) (my_u_char_t) key[3];
585
586	return byte0 << 24 \| byte1 << 16 \| byte2 << 8 \| byte3;
587	}
588
589	static int des_setkey(const char *key)
590	{
591	my_u_int32_t k0, k1, rawkey0, rawkey1;
592	int shifts, round;
593
594	des_init();
595
596	/* rawkey0 = ntohl((const my_u_int32_t ) key);
597	* rawkey1 = ntohl((const my_u_int32_t ) (key + 4));
598	*/
599
600	rawkey0 = char_to_int(key);
601	rawkey1 = char_to_int(key + 4);
602
603	if ((rawkey0 \| rawkey1)
604	&& rawkey0 == old_rawkey0 && rawkey1 == old_rawkey1) {
605	/*
606	* Already setup for this key.
607	* This optimisation fails on a zero key (which is weak and
608	* has bad parity anyway) in order to simplify the starting
609	* conditions.
610	*/
611	return (0);
612	}
613	old_rawkey0 = rawkey0;
614	old_rawkey1 = rawkey1;
615
616	/*
617	* Do key permutation and split into two 28-bit subkeys.
618	*/
619
620	#ifdef LOWSPACE
621	setup_key_perm_maskl();
622	k0 = common[0][rawkey0 >> 25]
623	\| common[1][(rawkey0 >> 17) & 0x7f]
624	\| common[2][(rawkey0 >> 9) & 0x7f]
625	\| common[3][(rawkey0 >> 1) & 0x7f]
626	\| common[4][rawkey1 >> 25]
627	\| common[5][(rawkey1 >> 17) & 0x7f]
628	\| common[6][(rawkey1 >> 9) & 0x7f]
629	\| common[7][(rawkey1 >> 1) & 0x7f];
630	setup_key_perm_maskr();
631	k1 = common[0][rawkey0 >> 25]
632	\| common[1][(rawkey0 >> 17) & 0x7f]
633	\| common[2][(rawkey0 >> 9) & 0x7f]
634	\| common[3][(rawkey0 >> 1) & 0x7f]
635	\| common[4][rawkey1 >> 25]
636	\| common[5][(rawkey1 >> 17) & 0x7f]
637	\| common[6][(rawkey1 >> 9) & 0x7f]
638	\| common[7][(rawkey1 >> 1) & 0x7f];
639	#else
640	k0 = key_perm_maskl[0][rawkey0 >> 25]
641	\| key_perm_maskl[1][(rawkey0 >> 17) & 0x7f]
642	\| key_perm_maskl[2][(rawkey0 >> 9) & 0x7f]
643	\| key_perm_maskl[3][(rawkey0 >> 1) & 0x7f]
644	\| key_perm_maskl[4][rawkey1 >> 25]
645	\| key_perm_maskl[5][(rawkey1 >> 17) & 0x7f]
646	\| key_perm_maskl[6][(rawkey1 >> 9) & 0x7f]
647	\| key_perm_maskl[7][(rawkey1 >> 1) & 0x7f];
648	k1 = key_perm_maskr[0][rawkey0 >> 25]
649	\| key_perm_maskr[1][(rawkey0 >> 17) & 0x7f]
650	\| key_perm_maskr[2][(rawkey0 >> 9) & 0x7f]
651	\| key_perm_maskr[3][(rawkey0 >> 1) & 0x7f]
652	\| key_perm_maskr[4][rawkey1 >> 25]
653	\| key_perm_maskr[5][(rawkey1 >> 17) & 0x7f]
654	\| key_perm_maskr[6][(rawkey1 >> 9) & 0x7f]
655	\| key_perm_maskr[7][(rawkey1 >> 1) & 0x7f];
656	#endif
657
658	/*
659	* Rotate subkeys and do compression permutation.
660	*/
661	shifts = 0;
662	for (round = 0; round < 16; round++) {
663	my_u_int32_t t0, t1;
664
665	shifts += key_shifts[round];
666
667	t0 = (k0 << shifts) \| (k0 >> (28 - shifts));
668	t1 = (k1 << shifts) \| (k1 >> (28 - shifts));
669
670	#ifdef LOWSPACE
671	setup_comp_maskl();
672	de_keysl[15 - round] = en_keysl[round] = common[0][(t0 >> 21) & 0x7f]
673	\| common[1][(t0 >> 14) & 0x7f]
674	\| common[2][(t0 >> 7) & 0x7f]
675	\| common[3][t0 & 0x7f]
676	\| common[4][(t1 >> 21) & 0x7f]
677	\| common[5][(t1 >> 14) & 0x7f]
678	\| common[6][(t1 >> 7) & 0x7f]
679	\| common[7][t1 & 0x7f];
680
681	setup_comp_maskr();
682	de_keysr[15 - round] = en_keysr[round] = common[0][(t0 >> 21) & 0x7f]
683	\| common[1][(t0 >> 14) & 0x7f]
684	\| common[2][(t0 >> 7) & 0x7f]
685	\| common[3][t0 & 0x7f]
686	\| common[4][(t1 >> 21) & 0x7f]
687	\| common[5][(t1 >> 14) & 0x7f]
688	\| common[6][(t1 >> 7) & 0x7f]
689	\| common[7][t1 & 0x7f];
690	#else
691	de_keysl[15 - round] =
692	en_keysl[round] = comp_maskl[0][(t0 >> 21) & 0x7f]
693	\| comp_maskl[1][(t0 >> 14) & 0x7f]
694	\| comp_maskl[2][(t0 >> 7) & 0x7f]
695	\| comp_maskl[3][t0 & 0x7f]
696	\| comp_maskl[4][(t1 >> 21) & 0x7f]
697	\| comp_maskl[5][(t1 >> 14) & 0x7f]
698	\| comp_maskl[6][(t1 >> 7) & 0x7f]
699	\| comp_maskl[7][t1 & 0x7f];
700
701	de_keysr[15 - round] =
702	en_keysr[round] = comp_maskr[0][(t0 >> 21) & 0x7f]
703	\| comp_maskr[1][(t0 >> 14) & 0x7f]
704	\| comp_maskr[2][(t0 >> 7) & 0x7f]
705	\| comp_maskr[3][t0 & 0x7f]
706	\| comp_maskr[4][(t1 >> 21) & 0x7f]
707	\| comp_maskr[5][(t1 >> 14) & 0x7f]
708	\| comp_maskr[6][(t1 >> 7) & 0x7f]
709	\| comp_maskr[7][t1 & 0x7f];
710	#endif
711	}
712	return (0);
713	}
714
715	static int
716	do_des(my_u_int32_t l_in, my_u_int32_t r_in, my_u_int32_t * l_out,
717	my_u_int32_t * r_out, int count)
718	{
719	/*
720	* l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format.
721	*/
722	my_u_int32_t l, r, kl, kr, kl1, kr1;
723	my_u_int32_t f, r48l, r48r;
724	int round;
725
726	if (count == 0) {
727	return (1);
728	} else if (count > 0) {
729	/*
730	* Encrypting
731	*/
732	kl1 = en_keysl;
733	kr1 = en_keysr;
734	} else {
735	/*
736	* Decrypting
737	*/
738	count = -count;
739	kl1 = de_keysl;
740	kr1 = de_keysr;
741	}
742
743	/*
744	* Do initial permutation (IP).
745	*/
746
747	#ifdef LOWSPACE
748	setup_ip_maskl();
749	l = common[0][l_in >> 24]
750	\| common[1][(l_in >> 16) & 0xff]
751	\| common[2][(l_in >> 8) & 0xff]
752	\| common[3][l_in & 0xff]
753	\| common[4][r_in >> 24]
754	\| common[5][(r_in >> 16) & 0xff]
755	\| common[6][(r_in >> 8) & 0xff]
756	\| common[7][r_in & 0xff];
757	setup_ip_maskr();
758	r = common[0][l_in >> 24]
759	\| common[1][(l_in >> 16) & 0xff]
760	\| common[2][(l_in >> 8) & 0xff]
761	\| common[3][l_in & 0xff]
762	\| common[4][r_in >> 24]
763	\| common[5][(r_in >> 16) & 0xff]
764	\| common[6][(r_in >> 8) & 0xff]
765	\| common[7][r_in & 0xff];
766	#else
767	l = ip_maskl[0][l_in >> 24]
768	\| ip_maskl[1][(l_in >> 16) & 0xff]
769	\| ip_maskl[2][(l_in >> 8) & 0xff]
770	\| ip_maskl[3][l_in & 0xff]
771	\| ip_maskl[4][r_in >> 24]
772	\| ip_maskl[5][(r_in >> 16) & 0xff]
773	\| ip_maskl[6][(r_in >> 8) & 0xff]
774	\| ip_maskl[7][r_in & 0xff];
775	r = ip_maskr[0][l_in >> 24]
776	\| ip_maskr[1][(l_in >> 16) & 0xff]
777	\| ip_maskr[2][(l_in >> 8) & 0xff]
778	\| ip_maskr[3][l_in & 0xff]
779	\| ip_maskr[4][r_in >> 24]
780	\| ip_maskr[5][(r_in >> 16) & 0xff]
781	\| ip_maskr[6][(r_in >> 8) & 0xff]
782	\| ip_maskr[7][r_in & 0xff];
783	#endif
784
785	while (count--) {
786	/*
787	* Do each round.
788	*/
789	kl = kl1;
790	kr = kr1;
791	round = 16;
792	while (round--) {
793	/*
794	* Expand R to 48 bits (simulate the E-box).
795	*/
796	r48l = ((r & 0x00000001) << 23)
797	\| ((r & 0xf8000000) >> 9)
798	\| ((r & 0x1f800000) >> 11)
799	\| ((r & 0x01f80000) >> 13)
800	\| ((r & 0x001f8000) >> 15);
801
802	r48r = ((r & 0x0001f800) << 7)
803	\| ((r & 0x00001f80) << 5)
804	\| ((r & 0x000001f8) << 3)
805	\| ((r & 0x0000001f) << 1)
806	\| ((r & 0x80000000) >> 31);
807	/*
808	* Do salting for crypt() and friends, and
809	* XOR with the permuted key.
810	*/
811	f = (r48l ^ r48r) & saltbits;
812	r48l ^= f ^ *kl++;
813	r48r ^= f ^ *kr++;
814	/*
815	* Do sbox lookups (which shrink it back to 32 bits)
816	* and do the pbox permutation at the same time.
817	*/
818
819	#ifdef LOWSPACE
820	setup_psbox();
821	f = common[0][m_sbox[0][r48l >> 12]]
822	\| common[1][m_sbox[1][r48l & 0xfff]]
823	\| common[2][m_sbox[2][r48r >> 12]]
824	\| common[3][m_sbox[3][r48r & 0xfff]];
825	#else
826	f = psbox[0][m_sbox[0][r48l >> 12]]
827	\| psbox[1][m_sbox[1][r48l & 0xfff]]
828	\| psbox[2][m_sbox[2][r48r >> 12]]
829	\| psbox[3][m_sbox[3][r48r & 0xfff]];
830	#endif
831	/*
832	* Now that we've permuted things, complete f().
833	*/
834	f ^= l;
835	l = r;
836	r = f;
837	}
838	r = l;
839	l = f;
840	}
841	/*
842	* Do final permutation (inverse of IP).
843	*/
844
845	#ifdef LOWSPACE
846	setup_fp_maskl();
847	*l_out = common[0][l >> 24]
848	\| common[1][(l >> 16) & 0xff]
849	\| common[2][(l >> 8) & 0xff]
850	\| common[3][l & 0xff]
851	\| common[4][r >> 24]
852	\| common[5][(r >> 16) & 0xff]
853	\| common[6][(r >> 8) & 0xff]
854	\| common[7][r & 0xff];
855	setup_fp_maskr();
856	*r_out = common[0][l >> 24]
857	\| common[1][(l >> 16) & 0xff]
858	\| common[2][(l >> 8) & 0xff]
859	\| common[3][l & 0xff]
860	\| common[4][r >> 24]
861	\| common[5][(r >> 16) & 0xff]
862	\| common[6][(r >> 8) & 0xff]
863	\| common[7][r & 0xff];
864	#else
865	*l_out = fp_maskl[0][l >> 24]
866	\| fp_maskl[1][(l >> 16) & 0xff]
867	\| fp_maskl[2][(l >> 8) & 0xff]
868	\| fp_maskl[3][l & 0xff]
869	\| fp_maskl[4][r >> 24]
870	\| fp_maskl[5][(r >> 16) & 0xff]
871	\| fp_maskl[6][(r >> 8) & 0xff]
872	\| fp_maskl[7][r & 0xff];
873	*r_out = fp_maskr[0][l >> 24]
874	\| fp_maskr[1][(l >> 16) & 0xff]
875	\| fp_maskr[2][(l >> 8) & 0xff]
876	\| fp_maskr[3][l & 0xff]
877	\| fp_maskr[4][r >> 24]
878	\| fp_maskr[5][(r >> 16) & 0xff]
879	\| fp_maskr[6][(r >> 8) & 0xff]
880	\| fp_maskr[7][r & 0xff];
881	#endif
882	return (0);
883	}
884
885	#if 0
886	static int des_cipher(const char in, char out, my_u_int32_t salt, int count)
887	{
888	my_u_int32_t l_out, r_out, rawl, rawr;
889	int retval;
890	union {
891	my_u_int32_t *ui32;
892	const char *c;
893	} trans;
894
895	des_init();
896
897	setup_salt(salt);
898
899	trans.c = in;
900	rawl = ntohl(*trans.ui32++);
901	rawr = ntohl(*trans.ui32);
902
903	retval = do_des(rawl, rawr, &l_out, &r_out, count);
904
905	trans.c = out;
906	*trans.ui32++ = htonl(l_out);
907	*trans.ui32 = htonl(r_out);
908	return (retval);
909	}
910	#endif
911
912	void setkey(const char *key)
913	{
914	int i, j;
915	char *p, packed_keys[8];
916
917	p = packed_keys;
918
919	for (i = 0; i < 8; i++) {
920	p[i] = 0;
921	for (j = 0; j < 8; j++)
922	if (*key++ & 1)
923	p[i] \|= bits8[j];
924	}
925	des_setkey(p);
926	}
927
928	void encrypt(char *block, int flag)
929	{
930	my_u_int32_t io[2];
931	my_u_char_t *p;
932	int i, j;
933
934	des_init();
935
936	setup_salt(0L);
937	p = (my_u_char_t *)block;
938	for (i = 0; i < 2; i++) {
939	io[i] = 0L;
940	for (j = 0; j < 32; j++)
941	if (*p++ & 1)
942	io[i] \|= bits32[j];
943	}
944	do_des(io[0], io[1], io, io + 1, flag ? -1 : 1);
945	for (i = 0; i < 2; i++)
946	for (j = 0; j < 32; j++)
947	block[(i << 5) \| j] = (io[i] & bits32[j]) ? 1 : 0;
948	}
949
950	char crypt(const char key, const char *setting)
951	{
952	my_u_int32_t count, salt, l, r0, r1, keybuf[2];
953	my_u_char_t p, q;
954	static char output[21];
955
956	des_init();
957
958	/*
959	* Copy the key, shifting each character up by one bit
960	* and padding with zeros.
961	*/
962	q = (my_u_char_t *) keybuf;
963	while (q - (my_u_char_t *) keybuf - 8) {
964	q++ = key << 1;
965	if (*(q - 1))
966	key++;
967	}
968	if (des_setkey((char *)keybuf))
969	return (NULL);
970
971	#if 0
972	if (*setting == _PASSWORD_EFMT1) {
973	int i;
974	/*
975	* "new"-style:
976	* setting - underscore, 4 bytes of count, 4 bytes of salt
977	* key - unlimited characters
978	*/
979	for (i = 1, count = 0L; i < 5; i++)
980	count \|= ascii_to_bin(setting[i]) << ((i - 1) * 6);
981
982	for (i = 5, salt = 0L; i < 9; i++)
983	salt \|= ascii_to_bin(setting[i]) << ((i - 5) * 6);
984
985	while (*key) {
986	/*
987	* Encrypt the key with itself.
988	*/
989	if (des_cipher((char )keybuf, (char )keybuf, 0L, 1))
990	return (NULL);
991	/*
992	* And XOR with the next 8 characters of the key.
993	*/
994	q = (my_u_char_t *) keybuf;
995	while (q - (my_u_char_t ) keybuf - 8 && key)
996	q++ ^= key++ << 1;
997
998	if (des_setkey((char *)keybuf))
999	return (NULL);
1000	}
1001	strncpy(output, setting, 9);
1002
1003	/*
1004	* Double check that we weren't given a short setting.
1005	* If we were, the above code will probably have created
1006	* wierd values for count and salt, but we don't really care.
1007	* Just make sure the output string doesn't have an extra
1008	* NUL in it.
1009	*/
1010	output[9] = '\0';
1011	p = (my_u_char_t *) output + strlen(output);
1012	} else
1013	#endif
1014	{
1015	/*
1016	* "old"-style:
1017	* setting - 2 bytes of salt
1018	* key - up to 8 characters
1019	*/
1020	count = 25;
1021
1022	salt = (ascii_to_bin(setting[1]) << 6)
1023	\| ascii_to_bin(setting[0]);
1024
1025	output[0] = setting[0];
1026	/*
1027	* If the encrypted password that the salt was extracted from
1028	* is only 1 character long, the salt will be corrupted. We
1029	* need to ensure that the output string doesn't have an extra
1030	* NUL in it!
1031	*/
1032	output[1] = setting[1] ? setting[1] : output[0];
1033
1034	p = (my_u_char_t *) output + 2;
1035	}
1036	setup_salt(salt);
1037	/*
1038	* Do it.
1039	*/
1040	if (do_des(0L, 0L, &r0, &r1, (int)count))
1041	return (NULL);
1042	/*
1043	* Now encode the result...
1044	*/
1045	l = (r0 >> 8);
1046	*p++ = ascii64[(l >> 18) & 0x3f];
1047	*p++ = ascii64[(l >> 12) & 0x3f];
1048	*p++ = ascii64[(l >> 6) & 0x3f];
1049	*p++ = ascii64[l & 0x3f];
1050
1051	l = (r0 << 16) \| ((r1 >> 16) & 0xffff);
1052	*p++ = ascii64[(l >> 18) & 0x3f];
1053	*p++ = ascii64[(l >> 12) & 0x3f];
1054	*p++ = ascii64[(l >> 6) & 0x3f];
1055	*p++ = ascii64[l & 0x3f];
1056
1057	l = r1 << 2;
1058	*p++ = ascii64[(l >> 12) & 0x3f];
1059	*p++ = ascii64[(l >> 6) & 0x3f];
1060	*p++ = ascii64[l & 0x3f];
1061	*p = 0;
1062
1063	return (output);
1064	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: