OpenCores
URL https://opencores.org/ocsvn/or1k/or1k/trunk

Subversion Repositories or1k

[/] [or1k/] [trunk/] [linux/] [uClibc/] [libcrypt/] [des.c] - Blame information for rev 1765

Details | Compare with Previous | View Log

Line No. Rev Author Line
1 1325 phoenix
/*
2
 * FreeSec: libcrypt for NetBSD
3
 *
4
 * Copyright (c) 1994 David Burren
5
 * All rights reserved.
6
 *
7
 * Adapted for FreeBSD-2.0 by Geoffrey M. Rehmet
8
 *      this file should now *only* export crypt(), in order to make
9
 *      binaries of libcrypt exportable from the USA
10
 *
11
 * Adapted for FreeBSD-4.0 by Mark R V Murray
12
 *      this file should now *only* export crypt_des(), in order to make
13
 *      a module that can be optionally included in libcrypt.
14
 *
15
 * Redistribution and use in source and binary forms, with or without
16
 * modification, are permitted provided that the following conditions
17
 * are met:
18
 * 1. Redistributions of source code must retain the above copyright
19
 *    notice, this list of conditions and the following disclaimer.
20
 * 2. Redistributions in binary form must reproduce the above copyright
21
 *    notice, this list of conditions and the following disclaimer in the
22
 *    documentation and/or other materials provided with the distribution.
23
 * 3. Neither the name of the author nor the names of other contributors
24
 *    may be used to endorse or promote products derived from this software
25
 *    without specific prior written permission.
26
 *
27
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
28
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
29
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
30
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
31
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
32
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37
 * SUCH DAMAGE.
38
 *
39
 * This is an original implementation of the DES and the crypt(3) interfaces
40
 * by David Burren <davidb@werj.com.au>.
41
 *
42
 * An excellent reference on the underlying algorithm (and related
43
 * algorithms) is:
44
 *
45
 *      B. Schneier, Applied Cryptography: protocols, algorithms,
46
 *      and source code in C, John Wiley & Sons, 1994.
47
 *
48
 * Note that in that book's description of DES the lookups for the initial,
49
 * pbox, and final permutations are inverted (this has been brought to the
50
 * attention of the author).  A list of errata for this book has been
51
 * posted to the sci.crypt newsgroup by the author and is available for FTP.
52
 *
53
 * ARCHITECTURE ASSUMPTIONS:
54
 *      It is assumed that the 8-byte arrays passed by reference can be
55
 *      addressed as arrays of u_int32_t's (ie. the CPU is not picky about
56
 *      alignment).
57
 */
58
 
59
#define __FORCE_GLIBC
60
#include <sys/cdefs.h>
61
#include <sys/types.h>
62
#include <sys/param.h>
63
#include <netinet/in.h>
64
#include <pwd.h>
65
#include <string.h>
66
#include <crypt.h>
67
 
68
/* Re-entrantify me -- all this junk needs to be in
69
 * struct crypt_data to make this really reentrant... */
70
static u_char   inv_key_perm[64];
71
static u_char   inv_comp_perm[56];
72
static u_char   u_sbox[8][64];
73
static u_char   un_pbox[32];
74
static u_int32_t en_keysl[16], en_keysr[16];
75
static u_int32_t de_keysl[16], de_keysr[16];
76
static u_int32_t ip_maskl[8][256], ip_maskr[8][256];
77
static u_int32_t fp_maskl[8][256], fp_maskr[8][256];
78
static u_int32_t key_perm_maskl[8][128], key_perm_maskr[8][128];
79
static u_int32_t comp_maskl[8][128], comp_maskr[8][128];
80
static u_int32_t saltbits;
81
static u_int32_t old_salt;
82
static u_int32_t old_rawkey0, old_rawkey1;
83
 
84
 
85
/* Static stuff that stays resident and doesn't change after
86
 * being initialized, and therefore doesn't need to be made
87
 * reentrant. */
88
static u_char   init_perm[64], final_perm[64];
89
static u_char   m_sbox[4][4096];
90
static u_int32_t psbox[4][256];
91
 
92
 
93
 
94
 
95
/* A pile of data */
96
static const u_char     ascii64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
97
 
98
static const u_char     IP[64] = {
99
        58, 50, 42, 34, 26, 18, 10,  2, 60, 52, 44, 36, 28, 20, 12,  4,
100
        62, 54, 46, 38, 30, 22, 14,  6, 64, 56, 48, 40, 32, 24, 16,  8,
101
        57, 49, 41, 33, 25, 17,  9,  1, 59, 51, 43, 35, 27, 19, 11,  3,
102
        61, 53, 45, 37, 29, 21, 13,  5, 63, 55, 47, 39, 31, 23, 15,  7
103
};
104
 
105
static const u_char     key_perm[56] = {
106
        57, 49, 41, 33, 25, 17,  9,  1, 58, 50, 42, 34, 26, 18,
107
        10,  2, 59, 51, 43, 35, 27, 19, 11,  3, 60, 52, 44, 36,
108
        63, 55, 47, 39, 31, 23, 15,  7, 62, 54, 46, 38, 30, 22,
109
        14,  6, 61, 53, 45, 37, 29, 21, 13,  5, 28, 20, 12,  4
110
};
111
 
112
static const u_char     key_shifts[16] = {
113
        1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
114
};
115
 
116
static const u_char     comp_perm[48] = {
117
        14, 17, 11, 24,  1,  5,  3, 28, 15,  6, 21, 10,
118
        23, 19, 12,  4, 26,  8, 16,  7, 27, 20, 13,  2,
119
        41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48,
120
        44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32
121
};
122
 
123
/*
124
 *      No E box is used, as it's replaced by some ANDs, shifts, and ORs.
125
 */
126
 
127
static const u_char     sbox[8][64] = {
128
        {
129
                14,  4, 13,  1,  2, 15, 11,  8,  3, 10,  6, 12,  5,  9,  0,  7,
130
                 0, 15,  7,  4, 14,  2, 13,  1, 10,  6, 12, 11,  9,  5,  3,  8,
131
                 4,  1, 14,  8, 13,  6,  2, 11, 15, 12,  9,  7,  3, 10,  5,  0,
132
                15, 12,  8,  2,  4,  9,  1,  7,  5, 11,  3, 14, 10,  0,  6, 13
133
        },
134
        {
135
                15,  1,  8, 14,  6, 11,  3,  4,  9,  7,  2, 13, 12,  0,  5, 10,
136
                 3, 13,  4,  7, 15,  2,  8, 14, 12,  0,  1, 10,  6,  9, 11,  5,
137
                 0, 14,  7, 11, 10,  4, 13,  1,  5,  8, 12,  6,  9,  3,  2, 15,
138
                13,  8, 10,  1,  3, 15,  4,  2, 11,  6,  7, 12,  0,  5, 14,  9
139
        },
140
        {
141
                10,  0,  9, 14,  6,  3, 15,  5,  1, 13, 12,  7, 11,  4,  2,  8,
142
                13,  7,  0,  9,  3,  4,  6, 10,  2,  8,  5, 14, 12, 11, 15,  1,
143
                13,  6,  4,  9,  8, 15,  3,  0, 11,  1,  2, 12,  5, 10, 14,  7,
144
                 1, 10, 13,  0,  6,  9,  8,  7,  4, 15, 14,  3, 11,  5,  2, 12
145
        },
146
        {
147
                 7, 13, 14,  3,  0,  6,  9, 10,  1,  2,  8,  5, 11, 12,  4, 15,
148
                13,  8, 11,  5,  6, 15,  0,  3,  4,  7,  2, 12,  1, 10, 14,  9,
149
                10,  6,  9,  0, 12, 11,  7, 13, 15,  1,  3, 14,  5,  2,  8,  4,
150
                 3, 15,  0,  6, 10,  1, 13,  8,  9,  4,  5, 11, 12,  7,  2, 14
151
        },
152
        {
153
                 2, 12,  4,  1,  7, 10, 11,  6,  8,  5,  3, 15, 13,  0, 14,  9,
154
                14, 11,  2, 12,  4,  7, 13,  1,  5,  0, 15, 10,  3,  9,  8,  6,
155
                 4,  2,  1, 11, 10, 13,  7,  8, 15,  9, 12,  5,  6,  3,  0, 14,
156
                11,  8, 12,  7,  1, 14,  2, 13,  6, 15,  0,  9, 10,  4,  5,  3
157
        },
158
        {
159
                12,  1, 10, 15,  9,  2,  6,  8,  0, 13,  3,  4, 14,  7,  5, 11,
160
                10, 15,  4,  2,  7, 12,  9,  5,  6,  1, 13, 14,  0, 11,  3,  8,
161
                 9, 14, 15,  5,  2,  8, 12,  3,  7,  0,  4, 10,  1, 13, 11,  6,
162
                 4,  3,  2, 12,  9,  5, 15, 10, 11, 14,  1,  7,  6,  0,  8, 13
163
        },
164
        {
165
                 4, 11,  2, 14, 15,  0,  8, 13,  3, 12,  9,  7,  5, 10,  6,  1,
166
                13,  0, 11,  7,  4,  9,  1, 10, 14,  3,  5, 12,  2, 15,  8,  6,
167
                 1,  4, 11, 13, 12,  3,  7, 14, 10, 15,  6,  8,  0,  5,  9,  2,
168
                 6, 11, 13,  8,  1,  4, 10,  7,  9,  5,  0, 15, 14,  2,  3, 12
169
        },
170
        {
171
                13,  2,  8,  4,  6, 15, 11,  1, 10,  9,  3, 14,  5,  0, 12,  7,
172
                 1, 15, 13,  8, 10,  3,  7,  4, 12,  5,  6, 11,  0, 14,  9,  2,
173
                 7, 11,  4,  1,  9, 12, 14,  2,  0,  6, 10, 13, 15,  3,  5,  8,
174
                 2,  1, 14,  7,  4, 10,  8, 13, 15, 12,  9,  0,  3,  5,  6, 11
175
        }
176
};
177
 
178
static const u_char     pbox[32] = {
179
        16,  7, 20, 21, 29, 12, 28, 17,  1, 15, 23, 26,  5, 18, 31, 10,
180
         2,  8, 24, 14, 32, 27,  3,  9, 19, 13, 30,  6, 22, 11,  4, 25
181
};
182
 
183
static const u_int32_t bits32[32] =
184
{
185
        0x80000000, 0x40000000, 0x20000000, 0x10000000,
186
        0x08000000, 0x04000000, 0x02000000, 0x01000000,
187
        0x00800000, 0x00400000, 0x00200000, 0x00100000,
188
        0x00080000, 0x00040000, 0x00020000, 0x00010000,
189
        0x00008000, 0x00004000, 0x00002000, 0x00001000,
190
        0x00000800, 0x00000400, 0x00000200, 0x00000100,
191
        0x00000080, 0x00000040, 0x00000020, 0x00000010,
192
        0x00000008, 0x00000004, 0x00000002, 0x00000001
193
};
194
 
195
static const u_char     bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 };
196
static const u_int32_t *bits28, *bits24;
197
 
198
 
199
static int
200
ascii_to_bin(char ch)
201
{
202
        if (ch > 'z')
203
                return(0);
204
        if (ch >= 'a')
205
                return(ch - 'a' + 38);
206
        if (ch > 'Z')
207
                return(0);
208
        if (ch >= 'A')
209
                return(ch - 'A' + 12);
210
        if (ch > '9')
211
                return(0);
212
        if (ch >= '.')
213
                return(ch - '.');
214
        return(0);
215
}
216
 
217
static void
218
des_init(void)
219
{
220
        int     i, j, b, k, inbit, obit;
221
        u_int32_t       *p, *il, *ir, *fl, *fr;
222
        static int des_initialised = 0;
223
 
224
        if (des_initialised==1)
225
            return;
226
 
227
        old_rawkey0 = old_rawkey1 = 0L;
228
        saltbits = 0L;
229
        old_salt = 0L;
230
        bits24 = (bits28 = bits32 + 4) + 4;
231
 
232
        /*
233
         * Invert the S-boxes, reordering the input bits.
234
         */
235
        for (i = 0; i < 8; i++)
236
                for (j = 0; j < 64; j++) {
237
                        b = (j & 0x20) | ((j & 1) << 4) | ((j >> 1) & 0xf);
238
                        u_sbox[i][j] = sbox[i][b];
239
                }
240
 
241
        /*
242
         * Convert the inverted S-boxes into 4 arrays of 8 bits.
243
         * Each will handle 12 bits of the S-box input.
244
         */
245
        for (b = 0; b < 4; b++)
246
                for (i = 0; i < 64; i++)
247
                        for (j = 0; j < 64; j++)
248
                                m_sbox[b][(i << 6) | j] =
249
                                        (u_char)((u_sbox[(b << 1)][i] << 4) |
250
                                        u_sbox[(b << 1) + 1][j]);
251
 
252
        /*
253
         * Set up the initial & final permutations into a useful form, and
254
         * initialise the inverted key permutation.
255
         */
256
        for (i = 0; i < 64; i++) {
257
                init_perm[final_perm[i] = IP[i] - 1] = (u_char)i;
258
                inv_key_perm[i] = 255;
259
        }
260
 
261
        /*
262
         * Invert the key permutation and initialise the inverted key
263
         * compression permutation.
264
         */
265
        for (i = 0; i < 56; i++) {
266
                inv_key_perm[key_perm[i] - 1] = (u_char)i;
267
                inv_comp_perm[i] = 255;
268
        }
269
 
270
        /*
271
         * Invert the key compression permutation.
272
         */
273
        for (i = 0; i < 48; i++) {
274
                inv_comp_perm[comp_perm[i] - 1] = (u_char)i;
275
        }
276
 
277
        /*
278
         * Set up the OR-mask arrays for the initial and final permutations,
279
         * and for the key initial and compression permutations.
280
         */
281
        for (k = 0; k < 8; k++) {
282
                for (i = 0; i < 256; i++) {
283
                        *(il = &ip_maskl[k][i]) = 0L;
284
                        *(ir = &ip_maskr[k][i]) = 0L;
285
                        *(fl = &fp_maskl[k][i]) = 0L;
286
                        *(fr = &fp_maskr[k][i]) = 0L;
287
                        for (j = 0; j < 8; j++) {
288
                                inbit = 8 * k + j;
289
                                if (i & bits8[j]) {
290
                                        if ((obit = init_perm[inbit]) < 32)
291
                                                *il |= bits32[obit];
292
                                        else
293
                                                *ir |= bits32[obit-32];
294
                                        if ((obit = final_perm[inbit]) < 32)
295
                                                *fl |= bits32[obit];
296
                                        else
297
                                                *fr |= bits32[obit - 32];
298
                                }
299
                        }
300
                }
301
                for (i = 0; i < 128; i++) {
302
                        *(il = &key_perm_maskl[k][i]) = 0L;
303
                        *(ir = &key_perm_maskr[k][i]) = 0L;
304
                        for (j = 0; j < 7; j++) {
305
                                inbit = 8 * k + j;
306
                                if (i & bits8[j + 1]) {
307
                                        if ((obit = inv_key_perm[inbit]) == 255)
308
                                                continue;
309
                                        if (obit < 28)
310
                                                *il |= bits28[obit];
311
                                        else
312
                                                *ir |= bits28[obit - 28];
313
                                }
314
                        }
315
                        *(il = &comp_maskl[k][i]) = 0L;
316
                        *(ir = &comp_maskr[k][i]) = 0L;
317
                        for (j = 0; j < 7; j++) {
318
                                inbit = 7 * k + j;
319
                                if (i & bits8[j + 1]) {
320
                                        if ((obit=inv_comp_perm[inbit]) == 255)
321
                                                continue;
322
                                        if (obit < 24)
323
                                                *il |= bits24[obit];
324
                                        else
325
                                                *ir |= bits24[obit - 24];
326
                                }
327
                        }
328
                }
329
        }
330
 
331
        /*
332
         * Invert the P-box permutation, and convert into OR-masks for
333
         * handling the output of the S-box arrays setup above.
334
         */
335
        for (i = 0; i < 32; i++)
336
                un_pbox[pbox[i] - 1] = (u_char)i;
337
 
338
        for (b = 0; b < 4; b++)
339
                for (i = 0; i < 256; i++) {
340
                        *(p = &psbox[b][i]) = 0L;
341
                        for (j = 0; j < 8; j++) {
342
                                if (i & bits8[j])
343
                                        *p |= bits32[un_pbox[8 * b + j]];
344
                        }
345
                }
346
 
347
        des_initialised = 1;
348
}
349
 
350
 
351
static void
352
setup_salt(long salt)
353
{
354
        u_int32_t       obit, saltbit;
355
        int     i;
356
 
357
        if (salt == old_salt)
358
                return;
359
        old_salt = salt;
360
 
361
        saltbits = 0L;
362
        saltbit = 1;
363
        obit = 0x800000;
364
        for (i = 0; i < 24; i++) {
365
                if (salt & saltbit)
366
                        saltbits |= obit;
367
                saltbit <<= 1;
368
                obit >>= 1;
369
        }
370
}
371
 
372
 
373
static int
374
des_setkey(const char *key)
375
{
376
        u_int32_t       k0, k1, rawkey0, rawkey1;
377
        int             shifts, round;
378
 
379
        des_init();
380
 
381
        rawkey0 = ntohl(*(const u_int32_t *) key);
382
        rawkey1 = ntohl(*(const u_int32_t *) (key + 4));
383
 
384
        if ((rawkey0 | rawkey1)
385
            && rawkey0 == old_rawkey0
386
            && rawkey1 == old_rawkey1) {
387
                /*
388
                 * Already setup for this key.
389
                 * This optimisation fails on a zero key (which is weak and
390
                 * has bad parity anyway) in order to simplify the starting
391
                 * conditions.
392
                 */
393
                return(0);
394
        }
395
        old_rawkey0 = rawkey0;
396
        old_rawkey1 = rawkey1;
397
 
398
        /*
399
         *      Do key permutation and split into two 28-bit subkeys.
400
         */
401
        k0 = key_perm_maskl[0][rawkey0 >> 25]
402
           | key_perm_maskl[1][(rawkey0 >> 17) & 0x7f]
403
           | key_perm_maskl[2][(rawkey0 >> 9) & 0x7f]
404
           | key_perm_maskl[3][(rawkey0 >> 1) & 0x7f]
405
           | key_perm_maskl[4][rawkey1 >> 25]
406
           | key_perm_maskl[5][(rawkey1 >> 17) & 0x7f]
407
           | key_perm_maskl[6][(rawkey1 >> 9) & 0x7f]
408
           | key_perm_maskl[7][(rawkey1 >> 1) & 0x7f];
409
        k1 = key_perm_maskr[0][rawkey0 >> 25]
410
           | key_perm_maskr[1][(rawkey0 >> 17) & 0x7f]
411
           | key_perm_maskr[2][(rawkey0 >> 9) & 0x7f]
412
           | key_perm_maskr[3][(rawkey0 >> 1) & 0x7f]
413
           | key_perm_maskr[4][rawkey1 >> 25]
414
           | key_perm_maskr[5][(rawkey1 >> 17) & 0x7f]
415
           | key_perm_maskr[6][(rawkey1 >> 9) & 0x7f]
416
           | key_perm_maskr[7][(rawkey1 >> 1) & 0x7f];
417
        /*
418
         *      Rotate subkeys and do compression permutation.
419
         */
420
        shifts = 0;
421
        for (round = 0; round < 16; round++) {
422
                u_int32_t       t0, t1;
423
 
424
                shifts += key_shifts[round];
425
 
426
                t0 = (k0 << shifts) | (k0 >> (28 - shifts));
427
                t1 = (k1 << shifts) | (k1 >> (28 - shifts));
428
 
429
                de_keysl[15 - round] =
430
                en_keysl[round] = comp_maskl[0][(t0 >> 21) & 0x7f]
431
                                | comp_maskl[1][(t0 >> 14) & 0x7f]
432
                                | comp_maskl[2][(t0 >> 7) & 0x7f]
433
                                | comp_maskl[3][t0 & 0x7f]
434
                                | comp_maskl[4][(t1 >> 21) & 0x7f]
435
                                | comp_maskl[5][(t1 >> 14) & 0x7f]
436
                                | comp_maskl[6][(t1 >> 7) & 0x7f]
437
                                | comp_maskl[7][t1 & 0x7f];
438
 
439
                de_keysr[15 - round] =
440
                en_keysr[round] = comp_maskr[0][(t0 >> 21) & 0x7f]
441
                                | comp_maskr[1][(t0 >> 14) & 0x7f]
442
                                | comp_maskr[2][(t0 >> 7) & 0x7f]
443
                                | comp_maskr[3][t0 & 0x7f]
444
                                | comp_maskr[4][(t1 >> 21) & 0x7f]
445
                                | comp_maskr[5][(t1 >> 14) & 0x7f]
446
                                | comp_maskr[6][(t1 >> 7) & 0x7f]
447
                                | comp_maskr[7][t1 & 0x7f];
448
        }
449
        return(0);
450
}
451
 
452
 
453
static int
454
do_des( u_int32_t l_in, u_int32_t r_in, u_int32_t *l_out, u_int32_t *r_out, int count)
455
{
456
        /*
457
         *      l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format.
458
         */
459
        u_int32_t       l, r, *kl, *kr, *kl1, *kr1;
460
        u_int32_t       f, r48l, r48r;
461
        int             round;
462
 
463
        if (count == 0) {
464
                return(1);
465
        } else if (count > 0) {
466
                /*
467
                 * Encrypting
468
                 */
469
                kl1 = en_keysl;
470
                kr1 = en_keysr;
471
        } else {
472
                /*
473
                 * Decrypting
474
                 */
475
                count = -count;
476
                kl1 = de_keysl;
477
                kr1 = de_keysr;
478
        }
479
 
480
        /*
481
         *      Do initial permutation (IP).
482
         */
483
        l = ip_maskl[0][l_in >> 24]
484
          | ip_maskl[1][(l_in >> 16) & 0xff]
485
          | ip_maskl[2][(l_in >> 8) & 0xff]
486
          | ip_maskl[3][l_in & 0xff]
487
          | ip_maskl[4][r_in >> 24]
488
          | ip_maskl[5][(r_in >> 16) & 0xff]
489
          | ip_maskl[6][(r_in >> 8) & 0xff]
490
          | ip_maskl[7][r_in & 0xff];
491
        r = ip_maskr[0][l_in >> 24]
492
          | ip_maskr[1][(l_in >> 16) & 0xff]
493
          | ip_maskr[2][(l_in >> 8) & 0xff]
494
          | ip_maskr[3][l_in & 0xff]
495
          | ip_maskr[4][r_in >> 24]
496
          | ip_maskr[5][(r_in >> 16) & 0xff]
497
          | ip_maskr[6][(r_in >> 8) & 0xff]
498
          | ip_maskr[7][r_in & 0xff];
499
 
500
        while (count--) {
501
                /*
502
                 * Do each round.
503
                 */
504
                kl = kl1;
505
                kr = kr1;
506
                round = 16;
507
                while (round--) {
508
                        /*
509
                         * Expand R to 48 bits (simulate the E-box).
510
                         */
511
                        r48l    = ((r & 0x00000001) << 23)
512
                                | ((r & 0xf8000000) >> 9)
513
                                | ((r & 0x1f800000) >> 11)
514
                                | ((r & 0x01f80000) >> 13)
515
                                | ((r & 0x001f8000) >> 15);
516
 
517
                        r48r    = ((r & 0x0001f800) << 7)
518
                                | ((r & 0x00001f80) << 5)
519
                                | ((r & 0x000001f8) << 3)
520
                                | ((r & 0x0000001f) << 1)
521
                                | ((r & 0x80000000) >> 31);
522
                        /*
523
                         * Do salting for crypt() and friends, and
524
                         * XOR with the permuted key.
525
                         */
526
                        f = (r48l ^ r48r) & saltbits;
527
                        r48l ^= f ^ *kl++;
528
                        r48r ^= f ^ *kr++;
529
                        /*
530
                         * Do sbox lookups (which shrink it back to 32 bits)
531
                         * and do the pbox permutation at the same time.
532
                         */
533
                        f = psbox[0][m_sbox[0][r48l >> 12]]
534
                          | psbox[1][m_sbox[1][r48l & 0xfff]]
535
                          | psbox[2][m_sbox[2][r48r >> 12]]
536
                          | psbox[3][m_sbox[3][r48r & 0xfff]];
537
                        /*
538
                         * Now that we've permuted things, complete f().
539
                         */
540
                        f ^= l;
541
                        l = r;
542
                        r = f;
543
                }
544
                r = l;
545
                l = f;
546
        }
547
        /*
548
         * Do final permutation (inverse of IP).
549
         */
550
        *l_out  = fp_maskl[0][l >> 24]
551
                | fp_maskl[1][(l >> 16) & 0xff]
552
                | fp_maskl[2][(l >> 8) & 0xff]
553
                | fp_maskl[3][l & 0xff]
554
                | fp_maskl[4][r >> 24]
555
                | fp_maskl[5][(r >> 16) & 0xff]
556
                | fp_maskl[6][(r >> 8) & 0xff]
557
                | fp_maskl[7][r & 0xff];
558
        *r_out  = fp_maskr[0][l >> 24]
559
                | fp_maskr[1][(l >> 16) & 0xff]
560
                | fp_maskr[2][(l >> 8) & 0xff]
561
                | fp_maskr[3][l & 0xff]
562
                | fp_maskr[4][r >> 24]
563
                | fp_maskr[5][(r >> 16) & 0xff]
564
                | fp_maskr[6][(r >> 8) & 0xff]
565
                | fp_maskr[7][r & 0xff];
566
        return(0);
567
}
568
 
569
 
570
#if 0
571
static int
572
des_cipher(const char *in, char *out, u_int32_t salt, int count)
573
{
574
        u_int32_t       l_out, r_out, rawl, rawr;
575
        int             retval;
576
        union {
577
                u_int32_t       *ui32;
578
                const char      *c;
579
        } trans;
580
 
581
        des_init();
582
 
583
        setup_salt(salt);
584
 
585
        trans.c = in;
586
        rawl = ntohl(*trans.ui32++);
587
        rawr = ntohl(*trans.ui32);
588
 
589
        retval = do_des(rawl, rawr, &l_out, &r_out, count);
590
 
591
        trans.c = out;
592
        *trans.ui32++ = htonl(l_out);
593
        *trans.ui32 = htonl(r_out);
594
        return(retval);
595
}
596
#endif
597
 
598
 
599
void
600
setkey(const char *key)
601
{
602
        int     i, j;
603
        u_int32_t       packed_keys[2];
604
        u_char  *p;
605
 
606
        p = (u_char *) packed_keys;
607
 
608
        for (i = 0; i < 8; i++) {
609
                p[i] = 0;
610
                for (j = 0; j < 8; j++)
611
                        if (*key++ & 1)
612
                                p[i] |= bits8[j];
613
        }
614
        des_setkey(p);
615
}
616
 
617
 
618
void
619
encrypt(char *block, int flag)
620
{
621
        u_int32_t       io[2];
622
        u_char  *p;
623
        int     i, j;
624
 
625
        des_init();
626
 
627
        setup_salt(0L);
628
        p = block;
629
        for (i = 0; i < 2; i++) {
630
                io[i] = 0L;
631
                for (j = 0; j < 32; j++)
632
                        if (*p++ & 1)
633
                                io[i] |= bits32[j];
634
        }
635
        do_des(io[0], io[1], io, io + 1, flag ? -1 : 1);
636
        for (i = 0; i < 2; i++)
637
                for (j = 0; j < 32; j++)
638
                        block[(i << 5) | j] = (io[i] & bits32[j]) ? 1 : 0;
639
}
640
 
641
char *
642
__des_crypt(const char *key, const char *setting)
643
{
644
        u_int32_t       count, salt, l, r0, r1, keybuf[2];
645
        u_char          *p, *q;
646
        static char     output[21];
647
 
648
        des_init();
649
 
650
        /*
651
         * Copy the key, shifting each character up by one bit
652
         * and padding with zeros.
653
         */
654
        q = (u_char *)keybuf;
655
        while (q - (u_char *)keybuf - 8) {
656
                *q++ = *key << 1;
657
                if (*(q - 1))
658
                        key++;
659
        }
660
        if (des_setkey((char *)keybuf))
661
                return(NULL);
662
 
663
#if 0
664
        if (*setting == _PASSWORD_EFMT1) {
665
                int             i;
666
                /*
667
                 * "new"-style:
668
                 *      setting - underscore, 4 bytes of count, 4 bytes of salt
669
                 *      key - unlimited characters
670
                 */
671
                for (i = 1, count = 0L; i < 5; i++)
672
                        count |= ascii_to_bin(setting[i]) << ((i - 1) * 6);
673
 
674
                for (i = 5, salt = 0L; i < 9; i++)
675
                        salt |= ascii_to_bin(setting[i]) << ((i - 5) * 6);
676
 
677
                while (*key) {
678
                        /*
679
                         * Encrypt the key with itself.
680
                         */
681
                        if (des_cipher((char *)keybuf, (char *)keybuf, 0L, 1))
682
                                return(NULL);
683
                        /*
684
                         * And XOR with the next 8 characters of the key.
685
                         */
686
                        q = (u_char *)keybuf;
687
                        while (q - (u_char *)keybuf - 8 && *key)
688
                                *q++ ^= *key++ << 1;
689
 
690
                        if (des_setkey((char *)keybuf))
691
                                return(NULL);
692
                }
693
                strncpy(output, setting, 9);
694
 
695
                /*
696
                 * Double check that we weren't given a short setting.
697
                 * If we were, the above code will probably have created
698
                 * wierd values for count and salt, but we don't really care.
699
                 * Just make sure the output string doesn't have an extra
700
                 * NUL in it.
701
                 */
702
                output[9] = '\0';
703
                p = (u_char *)output + strlen(output);
704
        } else
705
#endif
706
        {
707
                /*
708
                 * "old"-style:
709
                 *      setting - 2 bytes of salt
710
                 *      key - up to 8 characters
711
                 */
712
                count = 25;
713
 
714
                salt = (ascii_to_bin(setting[1]) << 6)
715
                     |  ascii_to_bin(setting[0]);
716
 
717
                output[0] = setting[0];
718
                /*
719
                 * If the encrypted password that the salt was extracted from
720
                 * is only 1 character long, the salt will be corrupted.  We
721
                 * need to ensure that the output string doesn't have an extra
722
                 * NUL in it!
723
                 */
724
                output[1] = setting[1] ? setting[1] : output[0];
725
 
726
                p = (u_char *)output + 2;
727
        }
728
        setup_salt(salt);
729
        /*
730
         * Do it.
731
         */
732
        if (do_des(0L, 0L, &r0, &r1, (int)count))
733
                return(NULL);
734
        /*
735
         * Now encode the result...
736
         */
737
        l = (r0 >> 8);
738
        *p++ = ascii64[(l >> 18) & 0x3f];
739
        *p++ = ascii64[(l >> 12) & 0x3f];
740
        *p++ = ascii64[(l >> 6) & 0x3f];
741
        *p++ = ascii64[l & 0x3f];
742
 
743
        l = (r0 << 16) | ((r1 >> 16) & 0xffff);
744
        *p++ = ascii64[(l >> 18) & 0x3f];
745
        *p++ = ascii64[(l >> 12) & 0x3f];
746
        *p++ = ascii64[(l >> 6) & 0x3f];
747
        *p++ = ascii64[l & 0x3f];
748
 
749
        l = r1 << 2;
750
        *p++ = ascii64[(l >> 12) & 0x3f];
751
        *p++ = ascii64[(l >> 6) & 0x3f];
752
        *p++ = ascii64[l & 0x3f];
753
        *p = 0;
754
 
755
        return(output);
756
}
757
 

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.