Gitiles
Code Review Sign In
192.168.1.100 / T106_DC / 9ed821d7e5d875a3395740a9cc2545671fa429b7 / . / ap / build / uClibc / libcrypt / des.c
blob: 6af65b6150121c0d62f6195bdabaf7a3683dc69e [file] [log] [blame]
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame^]1/*
2 * FreeSec: libcrypt for NetBSD
3 *
4 * Copyright (c) 1994 David Burren
5 * All rights reserved.
6 *
7 * Adapted for FreeBSD-2.0 by Geoffrey M. Rehmet
8 * this file should now *only* export crypt(), in order to make
9 * binaries of libcrypt exportable from the USA
10 *
11 * Adapted for FreeBSD-4.0 by Mark R V Murray
12 * this file should now *only* export crypt_des(), in order to make
13 * a module that can be optionally included in libcrypt.
14 *
15 * Redistribution and use in source and binary forms, with or without
16 * modification, are permitted provided that the following conditions
17 * are met:
18 * 1. Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
20 * 2. Redistributions in binary form must reproduce the above copyright
21 * notice, this list of conditions and the following disclaimer in the
22 * documentation and/or other materials provided with the distribution.
23 * 3. Neither the name of the author nor the names of other contributors
24 * may be used to endorse or promote products derived from this software
25 * without specific prior written permission.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
28 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
29 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
30 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
37 * SUCH DAMAGE.
38 *
39 * This is an original implementation of the DES and the crypt(3) interfaces
40 * by David Burren <davidb@werj.com.au>.
41 *
42 * An excellent reference on the underlying algorithm (and related
43 * algorithms) is:
44 *
45 * B. Schneier, Applied Cryptography: protocols, algorithms,
46 * and source code in C, John Wiley & Sons, 1994.
47 *
48 * Note that in that book's description of DES the lookups for the initial,
49 * pbox, and final permutations are inverted (this has been brought to the
50 * attention of the author). A list of errata for this book has been
51 * posted to the sci.crypt newsgroup by the author and is available for FTP.
52 *
53 * ARCHITECTURE ASSUMPTIONS:
54 * It is assumed that the 8-byte arrays passed by reference can be
55 * addressed as arrays of u_int32_t's (ie. the CPU is not picky about
56 * alignment).
57 */
58
59#define __FORCE_GLIBC
60#include <sys/cdefs.h>
61#include <sys/types.h>
62#include <sys/param.h>
63#include <netinet/in.h>
64#include <pwd.h>
65#include <string.h>
66#include <crypt.h>
67#include "libcrypt.h"
68
69/* Re-entrantify me -- all this junk needs to be in
70 * struct crypt_data to make this really reentrant... */
71static u_char inv_key_perm[64];
72static u_char inv_comp_perm[56];
73static u_char un_pbox[32];
74static u_int32_t en_keysl[16], en_keysr[16];
75static u_int32_t de_keysl[16], de_keysr[16];
76static u_int32_t ip_maskl[8][256], ip_maskr[8][256];
77static u_int32_t fp_maskl[8][256], fp_maskr[8][256];
78static u_int32_t key_perm_maskl[8][128], key_perm_maskr[8][128];
79static u_int32_t comp_maskl[8][128], comp_maskr[8][128];
80static u_int32_t saltbits;
81static u_int32_t old_salt;
82static u_int32_t old_rawkey0, old_rawkey1;
83
84
85/* Static stuff that stays resident and doesn't change after
86 * being initialized, and therefore doesn't need to be made
87 * reentrant. */
88static u_char init_perm[64], final_perm[64];
89static u_char m_sbox[4][4096];
90static u_int32_t psbox[4][256];
91
92
93
94
95/* A pile of data */
96static const u_char ascii64[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
97
98static const u_char IP[64] = {
99 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4,
100 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8,
101 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3,
102 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7
103};
104
105static const u_char key_perm[56] = {
106 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18,
107 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36,
108 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22,
109 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4
110};
111
112static const u_char key_shifts[16] = {
113 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
114};
115
116static const u_char comp_perm[48] = {
117 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10,
118 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2,
119 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48,
120 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32
121};
122
123/*
124 * No E box is used, as it's replaced by some ANDs, shifts, and ORs.
125 */
126
127static const u_char sbox[8][64] = {
128 {
129 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
130 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
131 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
132 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13
133 },
134 {
135 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
136 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
137 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
138 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9
139 },
140 {
141 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
142 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
143 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
144 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12
145 },
146 {
147 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
148 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
149 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
150 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14
151 },
152 {
153 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
154 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
155 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
156 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3
157 },
158 {
159 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
160 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
161 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
162 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13
163 },
164 {
165 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
166 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
167 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
168 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12
169 },
170 {
171 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
172 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
173 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
174 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11
175 }
176};
177
178static const u_char pbox[32] = {
179 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
180 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
181};
182
183static const u_int32_t bits32[32] =
184{
185 0x80000000, 0x40000000, 0x20000000, 0x10000000,
186 0x08000000, 0x04000000, 0x02000000, 0x01000000,
187 0x00800000, 0x00400000, 0x00200000, 0x00100000,
188 0x00080000, 0x00040000, 0x00020000, 0x00010000,
189 0x00008000, 0x00004000, 0x00002000, 0x00001000,
190 0x00000800, 0x00000400, 0x00000200, 0x00000100,
191 0x00000080, 0x00000040, 0x00000020, 0x00000010,
192 0x00000008, 0x00000004, 0x00000002, 0x00000001
193};
194
195static const u_char bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 };
196
197
198static int
199ascii_to_bin(char ch)
200{
201 if (ch > 'z')
202 return(0);
203 if (ch >= 'a')
204 return(ch - 'a' + 38);
205 if (ch > 'Z')
206 return(0);
207 if (ch >= 'A')
208 return(ch - 'A' + 12);
209 if (ch > '9')
210 return(0);
211 if (ch >= '.')
212 return(ch - '.');
213 return(0);
214}
215
216static void
217des_init(void)
218{
219 static int des_initialised = 0;
220
221 int i, j, b, k, inbit, obit;
222 u_int32_t *p, *il, *ir, *fl, *fr;
223 const u_int32_t *bits28, *bits24;
224 u_char u_sbox[8][64];
225
226 if (des_initialised==1)
227 return;
228
229 old_rawkey0 = old_rawkey1 = 0L;
230 saltbits = 0L;
231 old_salt = 0L;
232 bits24 = (bits28 = bits32 + 4) + 4;
233
234 /*
235 * Invert the S-boxes, reordering the input bits.
236 */
237 for (i = 0; i < 8; i++)
238 for (j = 0; j < 64; j++) {
239 b = (j & 0x20) | ((j & 1) << 4) | ((j >> 1) & 0xf);
240 u_sbox[i][j] = sbox[i][b];
241 }
242
243 /*
244 * Convert the inverted S-boxes into 4 arrays of 8 bits.
245 * Each will handle 12 bits of the S-box input.
246 */
247 for (b = 0; b < 4; b++)
248 for (i = 0; i < 64; i++)
249 for (j = 0; j < 64; j++)
250 m_sbox[b][(i << 6) | j] =
251 (u_char)((u_sbox[(b << 1)][i] << 4) |
252 u_sbox[(b << 1) + 1][j]);
253
254 /*
255 * Set up the initial & final permutations into a useful form, and
256 * initialise the inverted key permutation.
257 */
258 for (i = 0; i < 64; i++) {
259 init_perm[final_perm[i] = IP[i] - 1] = (u_char)i;
260 inv_key_perm[i] = 255;
261 }
262
263 /*
264 * Invert the key permutation and initialise the inverted key
265 * compression permutation.
266 */
267 for (i = 0; i < 56; i++) {
268 inv_key_perm[key_perm[i] - 1] = (u_char)i;
269 inv_comp_perm[i] = 255;
270 }
271
272 /*
273 * Invert the key compression permutation.
274 */
275 for (i = 0; i < 48; i++) {
276 inv_comp_perm[comp_perm[i] - 1] = (u_char)i;
277 }
278
279 /*
280 * Set up the OR-mask arrays for the initial and final permutations,
281 * and for the key initial and compression permutations.
282 */
283 for (k = 0; k < 8; k++) {
284 for (i = 0; i < 256; i++) {
285 *(il = &ip_maskl[k][i]) = 0L;
286 *(ir = &ip_maskr[k][i]) = 0L;
287 *(fl = &fp_maskl[k][i]) = 0L;
288 *(fr = &fp_maskr[k][i]) = 0L;
289 for (j = 0; j < 8; j++) {
290 inbit = 8 * k + j;
291 if (i & bits8[j]) {
292 if ((obit = init_perm[inbit]) < 32)
293 *il |= bits32[obit];
294 else
295 *ir |= bits32[obit-32];
296 if ((obit = final_perm[inbit]) < 32)
297 *fl |= bits32[obit];
298 else
299 *fr |= bits32[obit - 32];
300 }
301 }
302 }
303 for (i = 0; i < 128; i++) {
304 *(il = &key_perm_maskl[k][i]) = 0L;
305 *(ir = &key_perm_maskr[k][i]) = 0L;
306 for (j = 0; j < 7; j++) {
307 inbit = 8 * k + j;
308 if (i & bits8[j + 1]) {
309 if ((obit = inv_key_perm[inbit]) == 255)
310 continue;
311 if (obit < 28)
312 *il |= bits28[obit];
313 else
314 *ir |= bits28[obit - 28];
315 }
316 }
317 *(il = &comp_maskl[k][i]) = 0L;
318 *(ir = &comp_maskr[k][i]) = 0L;
319 for (j = 0; j < 7; j++) {
320 inbit = 7 * k + j;
321 if (i & bits8[j + 1]) {
322 if ((obit=inv_comp_perm[inbit]) == 255)
323 continue;
324 if (obit < 24)
325 *il |= bits24[obit];
326 else
327 *ir |= bits24[obit - 24];
328 }
329 }
330 }
331 }
332
333 /*
334 * Invert the P-box permutation, and convert into OR-masks for
335 * handling the output of the S-box arrays setup above.
336 */
337 for (i = 0; i < 32; i++)
338 un_pbox[pbox[i] - 1] = (u_char)i;
339
340 for (b = 0; b < 4; b++)
341 for (i = 0; i < 256; i++) {
342 *(p = &psbox[b][i]) = 0L;
343 for (j = 0; j < 8; j++) {
344 if (i & bits8[j])
345 *p |= bits32[un_pbox[8 * b + j]];
346 }
347 }
348
349 des_initialised = 1;
350}
351
352
353static void
354setup_salt(u_int32_t salt)
355{
356 u_int32_t obit, saltbit;
357 int i;
358
359 if (salt == old_salt)
360 return;
361 old_salt = salt;
362
363 saltbits = 0L;
364 saltbit = 1;
365 obit = 0x800000;
366 for (i = 0; i < 24; i++) {
367 if (salt & saltbit)
368 saltbits |= obit;
369 saltbit <<= 1;
370 obit >>= 1;
371 }
372}
373
374
375static void
376des_setkey(const char *key)
377{
378 u_int32_t k0, k1, rawkey0, rawkey1;
379 int shifts, round;
380
381 des_init();
382
383 rawkey0 = ntohl(*(const u_int32_t *) key);
384 rawkey1 = ntohl(*(const u_int32_t *) (key + 4));
385
386 if ((rawkey0 | rawkey1)
387 && rawkey0 == old_rawkey0
388 && rawkey1 == old_rawkey1) {
389 /*
390 * Already setup for this key.
391 * This optimisation fails on a zero key (which is weak and
392 * has bad parity anyway) in order to simplify the starting
393 * conditions.
394 */
395 return;
396 }
397 old_rawkey0 = rawkey0;
398 old_rawkey1 = rawkey1;
399
400 /*
401 * Do key permutation and split into two 28-bit subkeys.
402 */
403 k0 = key_perm_maskl[0][rawkey0 >> 25]
404 | key_perm_maskl[1][(rawkey0 >> 17) & 0x7f]
405 | key_perm_maskl[2][(rawkey0 >> 9) & 0x7f]
406 | key_perm_maskl[3][(rawkey0 >> 1) & 0x7f]
407 | key_perm_maskl[4][rawkey1 >> 25]
408 | key_perm_maskl[5][(rawkey1 >> 17) & 0x7f]
409 | key_perm_maskl[6][(rawkey1 >> 9) & 0x7f]
410 | key_perm_maskl[7][(rawkey1 >> 1) & 0x7f];
411 k1 = key_perm_maskr[0][rawkey0 >> 25]
412 | key_perm_maskr[1][(rawkey0 >> 17) & 0x7f]
413 | key_perm_maskr[2][(rawkey0 >> 9) & 0x7f]
414 | key_perm_maskr[3][(rawkey0 >> 1) & 0x7f]
415 | key_perm_maskr[4][rawkey1 >> 25]
416 | key_perm_maskr[5][(rawkey1 >> 17) & 0x7f]
417 | key_perm_maskr[6][(rawkey1 >> 9) & 0x7f]
418 | key_perm_maskr[7][(rawkey1 >> 1) & 0x7f];
419 /*
420 * Rotate subkeys and do compression permutation.
421 */
422 shifts = 0;
423 for (round = 0; round < 16; round++) {
424 u_int32_t t0, t1;
425
426 shifts += key_shifts[round];
427
428 t0 = (k0 << shifts) | (k0 >> (28 - shifts));
429 t1 = (k1 << shifts) | (k1 >> (28 - shifts));
430
431 de_keysl[15 - round] =
432 en_keysl[round] = comp_maskl[0][(t0 >> 21) & 0x7f]
433 | comp_maskl[1][(t0 >> 14) & 0x7f]
434 | comp_maskl[2][(t0 >> 7) & 0x7f]
435 | comp_maskl[3][t0 & 0x7f]
436 | comp_maskl[4][(t1 >> 21) & 0x7f]
437 | comp_maskl[5][(t1 >> 14) & 0x7f]
438 | comp_maskl[6][(t1 >> 7) & 0x7f]
439 | comp_maskl[7][t1 & 0x7f];
440
441 de_keysr[15 - round] =
442 en_keysr[round] = comp_maskr[0][(t0 >> 21) & 0x7f]
443 | comp_maskr[1][(t0 >> 14) & 0x7f]
444 | comp_maskr[2][(t0 >> 7) & 0x7f]
445 | comp_maskr[3][t0 & 0x7f]
446 | comp_maskr[4][(t1 >> 21) & 0x7f]
447 | comp_maskr[5][(t1 >> 14) & 0x7f]
448 | comp_maskr[6][(t1 >> 7) & 0x7f]
449 | comp_maskr[7][t1 & 0x7f];
450 }
451}
452
453
454static int
455do_des( u_int32_t l_in, u_int32_t r_in, u_int32_t *l_out, u_int32_t *r_out, int count)
456{
457 /* l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format. */
458 u_int32_t l, r, *kl, *kr, *kl1, *kr1;
459 u_int32_t f, r48l, r48r;
460 int round;
461
462 if (count == 0) {
463 return 1;
464 }
465 if (count > 0) {
466 /* Encrypting */
467 kl1 = en_keysl;
468 kr1 = en_keysr;
469 } else {
470 /* Decrypting */
471 count = -count;
472 kl1 = de_keysl;
473 kr1 = de_keysr;
474 }
475
476 /* Do initial permutation (IP). */
477 l = ip_maskl[0][l_in >> 24]
478 | ip_maskl[1][(l_in >> 16) & 0xff]
479 | ip_maskl[2][(l_in >> 8) & 0xff]
480 | ip_maskl[3][l_in & 0xff]
481 | ip_maskl[4][r_in >> 24]
482 | ip_maskl[5][(r_in >> 16) & 0xff]
483 | ip_maskl[6][(r_in >> 8) & 0xff]
484 | ip_maskl[7][r_in & 0xff];
485 r = ip_maskr[0][l_in >> 24]
486 | ip_maskr[1][(l_in >> 16) & 0xff]
487 | ip_maskr[2][(l_in >> 8) & 0xff]
488 | ip_maskr[3][l_in & 0xff]
489 | ip_maskr[4][r_in >> 24]
490 | ip_maskr[5][(r_in >> 16) & 0xff]
491 | ip_maskr[6][(r_in >> 8) & 0xff]
492 | ip_maskr[7][r_in & 0xff];
493
494 while (count--) {
495 /* Do each round. */
496 kl = kl1;
497 kr = kr1;
498 round = 16;
499 do {
500 /* Expand R to 48 bits (simulate the E-box). */
501 r48l = ((r & 0x00000001) << 23)
502 | ((r & 0xf8000000) >> 9)
503 | ((r & 0x1f800000) >> 11)
504 | ((r & 0x01f80000) >> 13)
505 | ((r & 0x001f8000) >> 15);
506 r48r = ((r & 0x0001f800) << 7)
507 | ((r & 0x00001f80) << 5)
508 | ((r & 0x000001f8) << 3)
509 | ((r & 0x0000001f) << 1)
510 | ((r & 0x80000000) >> 31);
511 /*
512 * Do salting for crypt() and friends, and
513 * XOR with the permuted key.
514 */
515 f = (r48l ^ r48r) & saltbits;
516 r48l ^= f ^ *kl++;
517 r48r ^= f ^ *kr++;
518 /*
519 * Do sbox lookups (which shrink it back to 32 bits)
520 * and do the pbox permutation at the same time.
521 */
522 f = psbox[0][m_sbox[0][r48l >> 12]]
523 | psbox[1][m_sbox[1][r48l & 0xfff]]
524 | psbox[2][m_sbox[2][r48r >> 12]]
525 | psbox[3][m_sbox[3][r48r & 0xfff]];
526 /* Now that we've permuted things, complete f(). */
527 f ^= l;
528 l = r;
529 r = f;
530 } while (--round);
531 r = l;
532 l = f;
533 }
534 /* Do final permutation (inverse of IP). */
535 *l_out = fp_maskl[0][l >> 24]
536 | fp_maskl[1][(l >> 16) & 0xff]
537 | fp_maskl[2][(l >> 8) & 0xff]
538 | fp_maskl[3][l & 0xff]
539 | fp_maskl[4][r >> 24]
540 | fp_maskl[5][(r >> 16) & 0xff]
541 | fp_maskl[6][(r >> 8) & 0xff]
542 | fp_maskl[7][r & 0xff];
543 *r_out = fp_maskr[0][l >> 24]
544 | fp_maskr[1][(l >> 16) & 0xff]
545 | fp_maskr[2][(l >> 8) & 0xff]
546 | fp_maskr[3][l & 0xff]
547 | fp_maskr[4][r >> 24]
548 | fp_maskr[5][(r >> 16) & 0xff]
549 | fp_maskr[6][(r >> 8) & 0xff]
550 | fp_maskr[7][r & 0xff];
551 return(0);
552}
553
554
555#if 0
556static int
557des_cipher(const char *in, char *out, u_int32_t salt, int count)
558{
559 u_int32_t l_out, r_out, rawl, rawr;
560 int retval;
561 union {
562 u_int32_t *ui32;
563 const char *c;
564 } trans;
565
566 des_init();
567
568 setup_salt(salt);
569
570 trans.c = in;
571 rawl = ntohl(*trans.ui32++);
572 rawr = ntohl(*trans.ui32);
573
574 retval = do_des(rawl, rawr, &l_out, &r_out, count);
575
576 trans.c = out;
577 *trans.ui32++ = htonl(l_out);
578 *trans.ui32 = htonl(r_out);
579 return(retval);
580}
581#endif
582
583
584void
585setkey(const char *key)
586{
587 int i, j;
588 u_int32_t packed_keys[2];
589 u_char *p;
590
591 p = (u_char *) packed_keys;
592
593 for (i = 0; i < 8; i++) {
594 p[i] = 0;
595 for (j = 0; j < 8; j++)
596 if (*key++ & 1)
597 p[i] |= bits8[j];
598 }
599 des_setkey((char *)p);
600}
601
602
603void
604encrypt(char *block, int flag)
605{
606 u_int32_t io[2];
607 u_char *p;
608 int i, j;
609
610 des_init();
611
612 setup_salt(0L);
613 p = (u_char*)block;
614 for (i = 0; i < 2; i++) {
615 io[i] = 0L;
616 for (j = 0; j < 32; j++)
617 if (*p++ & 1)
618 io[i] |= bits32[j];
619 }
620 do_des(io[0], io[1], io, io + 1, flag ? -1 : 1);
621 for (i = 0; i < 2; i++)
622 for (j = 0; j < 32; j++)
623 block[(i << 5) | j] = (io[i] & bits32[j]) ? 1 : 0;
624}
625
626char *__des_crypt(const unsigned char *key, const unsigned char *setting)
627{
628 u_int32_t count, salt, l, r0, r1, keybuf[2];
629 u_char *p, *q;
630 static char output[21];
631
632 des_init();
633
634 /*
635 * Copy the key, shifting each character up by one bit
636 * and padding with zeros.
637 */
638 q = (u_char *)keybuf;
639 while (q - (u_char *)keybuf - 8) {
640 *q++ = *key << 1;
641 if (*(q - 1))
642 key++;
643 }
644 des_setkey((char *)keybuf);
645
646#if 0
647 if (*setting == _PASSWORD_EFMT1) {
648 int i;
649 /*
650 * "new"-style:
651 * setting - underscore, 4 bytes of count, 4 bytes of salt
652 * key - unlimited characters
653 */
654 for (i = 1, count = 0L; i < 5; i++)
655 count |= ascii_to_bin(setting[i]) << ((i - 1) * 6);
656
657 for (i = 5, salt = 0L; i < 9; i++)
658 salt |= ascii_to_bin(setting[i]) << ((i - 5) * 6);
659
660 while (*key) {
661 /*
662 * Encrypt the key with itself.
663 */
664 if (des_cipher((char *)keybuf, (char *)keybuf, 0L, 1))
665 return(NULL);
666 /*
667 * And XOR with the next 8 characters of the key.
668 */
669 q = (u_char *)keybuf;
670 while (q - (u_char *)keybuf - 8 && *key)
671 *q++ ^= *key++ << 1;
672
673 des_setkey((char *)keybuf);
674 }
675 strncpy(output, setting, 9);
676
677 /*
678 * Double check that we weren't given a short setting.
679 * If we were, the above code will probably have created
680 * wierd values for count and salt, but we don't really care.
681 * Just make sure the output string doesn't have an extra
682 * NUL in it.
683 */
684 output[9] = '\0';
685 p = (u_char *)output + strlen(output);
686 } else
687#endif
688 {
689 /*
690 * "old"-style:
691 * setting - 2 bytes of salt
692 * key - up to 8 characters
693 */
694 count = 25;
695
696 salt = (ascii_to_bin(setting[1]) << 6)
697 | ascii_to_bin(setting[0]);
698
699 output[0] = setting[0];
700 /*
701 * If the encrypted password that the salt was extracted from
702 * is only 1 character long, the salt will be corrupted. We
703 * need to ensure that the output string doesn't have an extra
704 * NUL in it!
705 */
706 output[1] = setting[1] ? setting[1] : output[0];
707
708 p = (u_char *)output + 2;
709 }
710 setup_salt(salt);
711 /*
712 * Do it.
713 */
714 if (do_des(0L, 0L, &r0, &r1, (int)count))
715 return(NULL);
716 /*
717 * Now encode the result...
718 */
719 l = (r0 >> 8);
720 *p++ = ascii64[(l >> 18) & 0x3f];
721 *p++ = ascii64[(l >> 12) & 0x3f];
722 *p++ = ascii64[(l >> 6) & 0x3f];
723 *p++ = ascii64[l & 0x3f];
724
725 l = (r0 << 16) | ((r1 >> 16) & 0xffff);
726 *p++ = ascii64[(l >> 18) & 0x3f];
727 *p++ = ascii64[(l >> 12) & 0x3f];
728 *p++ = ascii64[(l >> 6) & 0x3f];
729 *p++ = ascii64[l & 0x3f];
730
731 l = r1 << 2;
732 *p++ = ascii64[(l >> 12) & 0x3f];
733 *p++ = ascii64[(l >> 6) & 0x3f];
734 *p++ = ascii64[l & 0x3f];
735 *p = 0;
736
737 return(output);
738}
739