diff options
Diffstat (limited to 'src/lib/crypto/builtin')
42 files changed, 3904 insertions, 3883 deletions
diff --git a/src/lib/crypto/builtin/aes/aes_s2k.c b/src/lib/crypto/builtin/aes/aes_s2k.c index 0eccdd9..5ad6f9b 100644 --- a/src/lib/crypto/builtin/aes/aes_s2k.c +++ b/src/lib/crypto/builtin/aes/aes_s2k.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/aes/aes_s2k.c * @@ -31,15 +32,15 @@ #include "dk.h" #include "aes_s2k.h" -#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */ -#define MAX_ITERATION_COUNT 0x1000000L +#define DEFAULT_ITERATION_COUNT 4096 /* was 0xb000L in earlier drafts */ +#define MAX_ITERATION_COUNT 0x1000000L krb5_error_code krb5int_aes_string_to_key(const struct krb5_enc_provider *enc, - const krb5_data *string, - const krb5_data *salt, - const krb5_data *params, - krb5_keyblock *key) + const krb5_data *string, + const krb5_data *salt, + const krb5_data *params, + krb5_keyblock *key) { unsigned long iter_count; krb5_data out; @@ -48,44 +49,44 @@ krb5int_aes_string_to_key(const struct krb5_enc_provider *enc, krb5_error_code err; if (params) { - unsigned char *p = (unsigned char *) params->data; - if (params->length != 4) - return KRB5_ERR_BAD_S2K_PARAMS; - /* The first two need casts in case 'int' is 16 bits. */ - iter_count = load_32_be(p); - if (iter_count == 0) { - iter_count = (1UL << 16) << 16; - if (((iter_count >> 16) >> 16) != 1) - return KRB5_ERR_BAD_S2K_PARAMS; - } + unsigned char *p = (unsigned char *) params->data; + if (params->length != 4) + return KRB5_ERR_BAD_S2K_PARAMS; + /* The first two need casts in case 'int' is 16 bits. */ + iter_count = load_32_be(p); + if (iter_count == 0) { + iter_count = (1UL << 16) << 16; + if (((iter_count >> 16) >> 16) != 1) + return KRB5_ERR_BAD_S2K_PARAMS; + } } else - iter_count = DEFAULT_ITERATION_COUNT; + iter_count = DEFAULT_ITERATION_COUNT; /* This is not a protocol specification constraint; this is an implementation limit, which should eventually be controlled by a config file. */ if (iter_count >= MAX_ITERATION_COUNT) - return KRB5_ERR_BAD_S2K_PARAMS; + return KRB5_ERR_BAD_S2K_PARAMS; /* Use the output keyblock contents for temporary space. */ out.data = (char *) key->contents; out.length = key->length; if (out.length != 16 && out.length != 32) - return KRB5_CRYPTO_INTERNAL; + return KRB5_CRYPTO_INTERNAL; err = krb5int_pbkdf2_hmac_sha1 (&out, iter_count, string, salt); if (err) - goto cleanup; + goto cleanup; err = krb5_k_create_key (NULL, key, &tempkey); if (err) - goto cleanup; + goto cleanup; err = krb5int_derive_keyblock (enc, tempkey, key, &usage); cleanup: if (err) - memset (out.data, 0, out.length); + memset (out.data, 0, out.length); krb5_k_free_key (NULL, tempkey); return err; } diff --git a/src/lib/crypto/builtin/aes/aes_s2k.h b/src/lib/crypto/builtin/aes/aes_s2k.h index b6804a9..f9bb1fe 100644 --- a/src/lib/crypto/builtin/aes/aes_s2k.h +++ b/src/lib/crypto/builtin/aes/aes_s2k.h @@ -1,4 +1,10 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* + * lib/crypto/openssl/aes/aes_s2k.h + */ + + extern krb5_error_code krb5int_aes_string_to_key (const struct krb5_enc_provider *, - const krb5_data *, const krb5_data *, - const krb5_data *, krb5_keyblock *key); + const krb5_data *, const krb5_data *, + const krb5_data *, krb5_keyblock *key); diff --git a/src/lib/crypto/builtin/des/afsstring2key.c b/src/lib/crypto/builtin/des/afsstring2key.c index 4b61a2f..8c88046 100644 --- a/src/lib/crypto/builtin/des/afsstring2key.c +++ b/src/lib/crypto/builtin/des/afsstring2key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/string2key.c * @@ -68,88 +69,88 @@ char *afs_crypt (const char *, const char *, char *); #define min(a,b) ((a)>(b)?(b):(a)) krb5_error_code -mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data, - const krb5_data *salt) +mit_afs_string_to_key(krb5_keyblock *keyblock, const krb5_data *data, + const krb5_data *salt) { - /* totally different approach from MIT string2key. */ - /* much of the work has already been done by the only caller - which is mit_des_string_to_key; in particular, *keyblock is already - set up. */ + /* totally different approach from MIT string2key. */ + /* much of the work has already been done by the only caller + which is mit_des_string_to_key; in particular, *keyblock is already + set up. */ char *realm = salt->data; unsigned int i, j; krb5_octet *key = keyblock->contents; if (data->length <= 8) { - /* One block only. Run afs_crypt and use the first eight - returned bytes after the copy of the (fixed) salt. - - Since the returned bytes are alphanumeric, the output is - limited to 2**48 possibilities; for each byte, only 64 - possible values can be used. */ - unsigned char password[9]; /* trailing nul for crypt() */ - char afs_crypt_buf[16]; - - memset (password, 0, sizeof (password)); - memcpy (password, realm, min (salt->length, 8)); - for (i=0; i<8; i++) - if (isupper(password[i])) - password[i] = tolower(password[i]); - for (i=0; i<data->length; i++) - password[i] ^= data->data[i]; - for (i=0; i<8; i++) - if (password[i] == '\0') - password[i] = 'X'; - password[8] = '\0'; - /* Out-of-bounds salt characters are equivalent to a salt string - of "p1". */ - strncpy((char *) key, - (char *) afs_crypt((char *) password, "#~", afs_crypt_buf) + 2, - 8); - for (i=0; i<8; i++) - key[i] <<= 1; - /* now fix up key parity again */ - mit_des_fixup_key_parity(key); - /* clean & free the input string */ - memset(password, 0, (size_t) sizeof(password)); + /* One block only. Run afs_crypt and use the first eight + returned bytes after the copy of the (fixed) salt. + + Since the returned bytes are alphanumeric, the output is + limited to 2**48 possibilities; for each byte, only 64 + possible values can be used. */ + unsigned char password[9]; /* trailing nul for crypt() */ + char afs_crypt_buf[16]; + + memset (password, 0, sizeof (password)); + memcpy (password, realm, min (salt->length, 8)); + for (i=0; i<8; i++) + if (isupper(password[i])) + password[i] = tolower(password[i]); + for (i=0; i<data->length; i++) + password[i] ^= data->data[i]; + for (i=0; i<8; i++) + if (password[i] == '\0') + password[i] = 'X'; + password[8] = '\0'; + /* Out-of-bounds salt characters are equivalent to a salt string + of "p1". */ + strncpy((char *) key, + (char *) afs_crypt((char *) password, "#~", afs_crypt_buf) + 2, + 8); + for (i=0; i<8; i++) + key[i] <<= 1; + /* now fix up key parity again */ + mit_des_fixup_key_parity(key); + /* clean & free the input string */ + memset(password, 0, (size_t) sizeof(password)); } else { - /* Multiple blocks. Do a CBC checksum, twice, and use the - result as the new key. */ - mit_des_cblock ikey, tkey; - mit_des_key_schedule key_sked; - unsigned int pw_len = salt->length+data->length; - unsigned char *password = malloc(pw_len+1); - if (!password) return ENOMEM; - - /* Some bound checks from the original code are elided here as - the malloc above makes sure we have enough storage. */ - memcpy (password, data->data, data->length); - for (i=data->length, j = 0; j < salt->length; i++, j++) { - password[i] = realm[j]; - if (isupper(password[i])) - password[i] = tolower(password[i]); - } - - memcpy (ikey, "kerberos", sizeof(ikey)); - memcpy (tkey, ikey, sizeof(tkey)); - mit_des_fixup_key_parity (tkey); - (void) mit_des_key_sched (tkey, key_sked); - (void) mit_des_cbc_cksum (password, tkey, i, key_sked, ikey); - - memcpy (ikey, tkey, sizeof(ikey)); - mit_des_fixup_key_parity (tkey); - (void) mit_des_key_sched (tkey, key_sked); - (void) mit_des_cbc_cksum (password, key, i, key_sked, ikey); - - /* erase key_sked */ - memset(key_sked, 0,sizeof(key_sked)); - - /* now fix up key parity again */ - mit_des_fixup_key_parity(key); - - /* clean & free the input string */ - memset(password, 0, (size_t) pw_len); - free(password); + /* Multiple blocks. Do a CBC checksum, twice, and use the + result as the new key. */ + mit_des_cblock ikey, tkey; + mit_des_key_schedule key_sked; + unsigned int pw_len = salt->length+data->length; + unsigned char *password = malloc(pw_len+1); + if (!password) return ENOMEM; + + /* Some bound checks from the original code are elided here as + the malloc above makes sure we have enough storage. */ + memcpy (password, data->data, data->length); + for (i=data->length, j = 0; j < salt->length; i++, j++) { + password[i] = realm[j]; + if (isupper(password[i])) + password[i] = tolower(password[i]); + } + + memcpy (ikey, "kerberos", sizeof(ikey)); + memcpy (tkey, ikey, sizeof(tkey)); + mit_des_fixup_key_parity (tkey); + (void) mit_des_key_sched (tkey, key_sked); + (void) mit_des_cbc_cksum (password, tkey, i, key_sked, ikey); + + memcpy (ikey, tkey, sizeof(ikey)); + mit_des_fixup_key_parity (tkey); + (void) mit_des_key_sched (tkey, key_sked); + (void) mit_des_cbc_cksum (password, key, i, key_sked, ikey); + + /* erase key_sked */ + memset(key_sked, 0,sizeof(key_sked)); + + /* now fix up key parity again */ + mit_des_fixup_key_parity(key); + + /* clean & free the input string */ + memset(password, 0, (size_t) pw_len); + free(password); } #if 0 /* must free here because it was copied for this special case */ @@ -161,7 +162,7 @@ mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data, /* Portions of this code: Copyright 1989 by the Massachusetts Institute of Technology - */ +*/ /* * Copyright (c) 1990 Regents of The University of Michigan. @@ -177,12 +178,12 @@ mit_afs_string_to_key (krb5_keyblock *keyblock, const krb5_data *data, * specific, written prior permission. This software is supplied as * is without expressed or implied warranties of any kind. * - * ITD Research Systems - * University of Michigan - * 535 W. William Street - * Ann Arbor, Michigan - * +1-313-936-2652 - * netatalk@terminator.cc.umich.edu + * ITD Research Systems + * University of Michigan + * 535 W. William Street + * Ann Arbor, Michigan + * +1-313-936-2652 + * netatalk@terminator.cc.umich.edu */ static void krb5_afs_crypt_setkey (char*, char*, char(*)[48]); @@ -191,101 +192,101 @@ static void krb5_afs_encrypt (char*,char*,char (*)[48]); /* * Initial permutation, */ -static const char IP[] = { - 58,50,42,34,26,18,10, 2, - 60,52,44,36,28,20,12, 4, - 62,54,46,38,30,22,14, 6, - 64,56,48,40,32,24,16, 8, - 57,49,41,33,25,17, 9, 1, - 59,51,43,35,27,19,11, 3, - 61,53,45,37,29,21,13, 5, - 63,55,47,39,31,23,15, 7, +static const char IP[] = { + 58,50,42,34,26,18,10, 2, + 60,52,44,36,28,20,12, 4, + 62,54,46,38,30,22,14, 6, + 64,56,48,40,32,24,16, 8, + 57,49,41,33,25,17, 9, 1, + 59,51,43,35,27,19,11, 3, + 61,53,45,37,29,21,13, 5, + 63,55,47,39,31,23,15, 7, }; /* * Final permutation, FP = IP^(-1) */ -static const char FP[] = { - 40, 8,48,16,56,24,64,32, - 39, 7,47,15,55,23,63,31, - 38, 6,46,14,54,22,62,30, - 37, 5,45,13,53,21,61,29, - 36, 4,44,12,52,20,60,28, - 35, 3,43,11,51,19,59,27, - 34, 2,42,10,50,18,58,26, - 33, 1,41, 9,49,17,57,25, +static const char FP[] = { + 40, 8,48,16,56,24,64,32, + 39, 7,47,15,55,23,63,31, + 38, 6,46,14,54,22,62,30, + 37, 5,45,13,53,21,61,29, + 36, 4,44,12,52,20,60,28, + 35, 3,43,11,51,19,59,27, + 34, 2,42,10,50,18,58,26, + 33, 1,41, 9,49,17,57,25, }; /* * Permuted-choice 1 from the key bits to yield C and D. * Note that bits 8,16... are left out: They are intended for a parity check. */ -static const char PC1_C[] = { - 57,49,41,33,25,17, 9, - 1,58,50,42,34,26,18, - 10, 2,59,51,43,35,27, - 19,11, 3,60,52,44,36, +static const char PC1_C[] = { + 57,49,41,33,25,17, 9, + 1,58,50,42,34,26,18, + 10, 2,59,51,43,35,27, + 19,11, 3,60,52,44,36, }; -static const char PC1_D[] = { - 63,55,47,39,31,23,15, - 7,62,54,46,38,30,22, - 14, 6,61,53,45,37,29, - 21,13, 5,28,20,12, 4, +static const char PC1_D[] = { + 63,55,47,39,31,23,15, + 7,62,54,46,38,30,22, + 14, 6,61,53,45,37,29, + 21,13, 5,28,20,12, 4, }; /* * Sequence of shifts used for the key schedule. */ -static const char shifts[] = { - 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1, +static const char shifts[] = { + 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1, }; /* * Permuted-choice 2, to pick out the bits from * the CD array that generate the key schedule. */ -static const char PC2_C[] = { - 14,17,11,24, 1, 5, - 3,28,15, 6,21,10, - 23,19,12, 4,26, 8, - 16, 7,27,20,13, 2, +static const char PC2_C[] = { + 14,17,11,24, 1, 5, + 3,28,15, 6,21,10, + 23,19,12, 4,26, 8, + 16, 7,27,20,13, 2, }; -static const char PC2_D[] = { - 41,52,31,37,47,55, - 30,40,51,45,33,48, - 44,49,39,56,34,53, - 46,42,50,36,29,32, +static const char PC2_D[] = { + 41,52,31,37,47,55, + 30,40,51,45,33,48, + 44,49,39,56,34,53, + 46,42,50,36,29,32, }; /* * The E bit-selection table. */ -static const char e[] = { - 32, 1, 2, 3, 4, 5, - 4, 5, 6, 7, 8, 9, - 8, 9,10,11,12,13, - 12,13,14,15,16,17, - 16,17,18,19,20,21, - 20,21,22,23,24,25, - 24,25,26,27,28,29, - 28,29,30,31,32, 1, +static const char e[] = { + 32, 1, 2, 3, 4, 5, + 4, 5, 6, 7, 8, 9, + 8, 9,10,11,12,13, + 12,13,14,15,16,17, + 16,17,18,19,20,21, + 20,21,22,23,24,25, + 24,25,26,27,28,29, + 28,29,30,31,32, 1, }; /* * P is a permutation on the selected combination * of the current L and key. */ -static const char P[] = { - 16, 7,20,21, - 29,12,28,17, - 1,15,23,26, - 5,18,31,10, - 2, 8,24,14, - 32,27, 3, 9, - 19,13,30, 6, - 22,11, 4,25, +static const char P[] = { + 16, 7,20,21, + 29,12,28,17, + 1,15,23,26, + 5,18,31,10, + 2, 8,24,14, + 32,27, 3, 9, + 19,13,30, 6, + 22,11, 4,25, }; /* @@ -293,109 +294,109 @@ static const char P[] = { * For some reason, they give a 0-origin * index, unlike everything else. */ -static const char S[8][64] = { - {14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7, - 0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8, - 4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0, - 15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13}, - - {15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10, - 3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5, - 0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15, - 13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9}, - - {10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8, - 13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1, - 13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7, - 1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12}, - - { 7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15, - 13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9, - 10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4, - 3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14}, - - { 2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9, - 14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6, - 4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14, - 11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3}, - - {12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11, - 10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8, - 9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6, - 4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13}, - - { 4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1, - 13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6, - 1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2, - 6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12}, - - {13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7, - 1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2, - 7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8, - 2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11}, +static const char S[8][64] = { + {14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7, + 0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8, + 4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0, + 15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13}, + + {15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10, + 3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5, + 0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15, + 13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9}, + + {10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8, + 13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1, + 13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7, + 1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12}, + + { 7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15, + 13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9, + 10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4, + 3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14}, + + { 2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9, + 14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6, + 4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14, + 11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3}, + + {12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11, + 10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8, + 9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6, + 4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13}, + + { 4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1, + 13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6, + 1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2, + 6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12}, + + {13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7, + 1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2, + 7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8, + 2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11}, }; char *afs_crypt(const char *pw, const char *salt, - /* must be at least 16 bytes */ - char *iobuf) + /* must be at least 16 bytes */ + char *iobuf) { - int i, j, c; - int temp; - char block[66]; - char E[48]; - /* - * The key schedule. - * Generated from the key. - */ - char KS[16][48]; - - for(i=0; i<66; i++) - block[i] = 0; - for(i=0; (c= *pw) && i<64; pw++){ - for(j=0; j<7; j++, i++) - block[i] = (c>>(6-j)) & 01; - i++; - } - - krb5_afs_crypt_setkey(block, E, KS); - - for(i=0; i<66; i++) - block[i] = 0; - - for(i=0;i<2;i++){ - c = *salt++; - iobuf[i] = c; - if(c>'Z') c -= 6; - if(c>'9') c -= 7; - c -= '.'; - for(j=0;j<6;j++){ - if((c>>j) & 01){ - temp = E[6*i+j]; - E[6*i+j] = E[6*i+j+24]; - E[6*i+j+24] = temp; - } - } - } - - for(i=0; i<25; i++) - krb5_afs_encrypt(block,E,KS); - - for(i=0; i<11; i++){ - c = 0; - for(j=0; j<6; j++){ - c <<= 1; - c |= block[6*i+j]; - } - c += '.'; - if(c>'9') c += 7; - if(c>'Z') c += 6; - iobuf[i+2] = c; - } - iobuf[i+2] = 0; - if(iobuf[1]==0) - iobuf[1] = iobuf[0]; - return(iobuf); + int i, j, c; + int temp; + char block[66]; + char E[48]; + /* + * The key schedule. + * Generated from the key. + */ + char KS[16][48]; + + for(i=0; i<66; i++) + block[i] = 0; + for(i=0; (c= *pw) && i<64; pw++){ + for(j=0; j<7; j++, i++) + block[i] = (c>>(6-j)) & 01; + i++; + } + + krb5_afs_crypt_setkey(block, E, KS); + + for(i=0; i<66; i++) + block[i] = 0; + + for(i=0;i<2;i++){ + c = *salt++; + iobuf[i] = c; + if(c>'Z') c -= 6; + if(c>'9') c -= 7; + c -= '.'; + for(j=0;j<6;j++){ + if((c>>j) & 01){ + temp = E[6*i+j]; + E[6*i+j] = E[6*i+j+24]; + E[6*i+j+24] = temp; + } + } + } + + for(i=0; i<25; i++) + krb5_afs_encrypt(block,E,KS); + + for(i=0; i<11; i++){ + c = 0; + for(j=0; j<6; j++){ + c <<= 1; + c |= block[6*i+j]; + } + c += '.'; + if(c>'9') c += 7; + if(c>'Z') c += 6; + iobuf[i+2] = c; + } + iobuf[i+2] = 0; + if(iobuf[1]==0) + iobuf[1] = iobuf[0]; + return(iobuf); } /* @@ -404,57 +405,57 @@ char *afs_crypt(const char *pw, const char *salt, static void krb5_afs_crypt_setkey(char *key, char *E, char (*KS)[48]) { - register int i, j, k; - int t; - /* - * The C and D arrays used to calculate the key schedule. - */ - char C[28], D[28]; - - /* - * First, generate C and D by permuting - * the key. The low order bit of each - * 8-bit char is not used, so C and D are only 28 - * bits apiece. - */ - for (i=0; i<28; i++) { - C[i] = key[PC1_C[i]-1]; - D[i] = key[PC1_D[i]-1]; - } - /* - * To generate Ki, rotate C and D according - * to schedule and pick up a permutation - * using PC2. - */ - for (i=0; i<16; i++) { - /* - * rotate. - */ - for (k=0; k<shifts[i]; k++) { - t = C[0]; - for (j=0; j<28-1; j++) - C[j] = C[j+1]; - C[27] = t; - t = D[0]; - for (j=0; j<28-1; j++) - D[j] = D[j+1]; - D[27] = t; - } - /* - * get Ki. Note C and D are concatenated. - */ - for (j=0; j<24; j++) { - KS[i][j] = C[PC2_C[j]-1]; - KS[i][j+24] = D[PC2_D[j]-28-1]; - } - } + register int i, j, k; + int t; + /* + * The C and D arrays used to calculate the key schedule. + */ + char C[28], D[28]; + + /* + * First, generate C and D by permuting + * the key. The low order bit of each + * 8-bit char is not used, so C and D are only 28 + * bits apiece. + */ + for (i=0; i<28; i++) { + C[i] = key[PC1_C[i]-1]; + D[i] = key[PC1_D[i]-1]; + } + /* + * To generate Ki, rotate C and D according + * to schedule and pick up a permutation + * using PC2. + */ + for (i=0; i<16; i++) { + /* + * rotate. + */ + for (k=0; k<shifts[i]; k++) { + t = C[0]; + for (j=0; j<28-1; j++) + C[j] = C[j+1]; + C[27] = t; + t = D[0]; + for (j=0; j<28-1; j++) + D[j] = D[j+1]; + D[27] = t; + } + /* + * get Ki. Note C and D are concatenated. + */ + for (j=0; j<24; j++) { + KS[i][j] = C[PC2_C[j]-1]; + KS[i][j+24] = D[PC2_D[j]-28-1]; + } + } #if 0 - for(i=0;i<48;i++) { - E[i] = e[i]; - } + for(i=0;i<48;i++) { + E[i] = e[i]; + } #else - memcpy(E, e, 48); + memcpy(E, e, 48); #endif } @@ -464,107 +465,107 @@ static void krb5_afs_crypt_setkey(char *key, char *E, char (*KS)[48]) static void krb5_afs_encrypt(char *block, char *E, char (*KS)[48]) { - const long edflag = 0; - int i, ii; - int t, j, k; - char tempL[32]; - char f[32]; - /* - * The current block, divided into 2 halves. - */ - char L[64]; - char *const R = &L[32]; - /* - * The combination of the key and the input, before selection. - */ - char preS[48]; - - /* - * First, permute the bits in the input - */ - for (j=0; j<64; j++) - L[j] = block[IP[j]-1]; - /* - * Perform an encryption operation 16 times. - */ - for (ii=0; ii<16; ii++) { - /* - * Set direction - */ - if (edflag) - i = 15-ii; - else - i = ii; - /* - * Save the R array, - * which will be the new L. - */ + const long edflag = 0; + int i, ii; + int t, j, k; + char tempL[32]; + char f[32]; + /* + * The current block, divided into 2 halves. + */ + char L[64]; + char *const R = &L[32]; + /* + * The combination of the key and the input, before selection. + */ + char preS[48]; + + /* + * First, permute the bits in the input + */ + for (j=0; j<64; j++) + L[j] = block[IP[j]-1]; + /* + * Perform an encryption operation 16 times. + */ + for (ii=0; ii<16; ii++) { + /* + * Set direction + */ + if (edflag) + i = 15-ii; + else + i = ii; + /* + * Save the R array, + * which will be the new L. + */ #if 0 - for (j=0; j<32; j++) - tempL[j] = R[j]; + for (j=0; j<32; j++) + tempL[j] = R[j]; #else - memcpy(tempL, R, 32); + memcpy(tempL, R, 32); #endif - /* - * Expand R to 48 bits using the E selector; - * exclusive-or with the current key bits. - */ - for (j=0; j<48; j++) - preS[j] = R[E[j]-1] ^ KS[i][j]; - /* - * The pre-select bits are now considered - * in 8 groups of 6 bits each. - * The 8 selection functions map these - * 6-bit quantities into 4-bit quantities - * and the results permuted - * to make an f(R, K). - * The indexing into the selection functions - * is peculiar; it could be simplified by - * rewriting the tables. - */ - for (j=0; j<8; j++) { - t = 6*j; - k = S[j][(preS[t+0]<<5)+ - (preS[t+1]<<3)+ - (preS[t+2]<<2)+ - (preS[t+3]<<1)+ - (preS[t+4]<<0)+ - (preS[t+5]<<4)]; - t = 4*j; - f[t+0] = (k>>3)&01; - f[t+1] = (k>>2)&01; - f[t+2] = (k>>1)&01; - f[t+3] = (k>>0)&01; - } - /* - * The new R is L ^ f(R, K). - * The f here has to be permuted first, though. - */ - for (j=0; j<32; j++) - R[j] = L[j] ^ f[P[j]-1]; - /* - * Finally, the new L (the original R) - * is copied back. - */ + /* + * Expand R to 48 bits using the E selector; + * exclusive-or with the current key bits. + */ + for (j=0; j<48; j++) + preS[j] = R[E[j]-1] ^ KS[i][j]; + /* + * The pre-select bits are now considered + * in 8 groups of 6 bits each. + * The 8 selection functions map these + * 6-bit quantities into 4-bit quantities + * and the results permuted + * to make an f(R, K). + * The indexing into the selection functions + * is peculiar; it could be simplified by + * rewriting the tables. + */ + for (j=0; j<8; j++) { + t = 6*j; + k = S[j][(preS[t+0]<<5)+ + (preS[t+1]<<3)+ + (preS[t+2]<<2)+ + (preS[t+3]<<1)+ + (preS[t+4]<<0)+ + (preS[t+5]<<4)]; + t = 4*j; + f[t+0] = (k>>3)&01; + f[t+1] = (k>>2)&01; + f[t+2] = (k>>1)&01; + f[t+3] = (k>>0)&01; + } + /* + * The new R is L ^ f(R, K). + * The f here has to be permuted first, though. + */ + for (j=0; j<32; j++) + R[j] = L[j] ^ f[P[j]-1]; + /* + * Finally, the new L (the original R) + * is copied back. + */ #if 0 - for (j=0; j<32; j++) - L[j] = tempL[j]; + for (j=0; j<32; j++) + L[j] = tempL[j]; #else - memcpy(L, tempL, 32); + memcpy(L, tempL, 32); #endif - } - /* - * The output L and R are reversed. - */ - for (j=0; j<32; j++) { - t = L[j]; - L[j] = R[j]; - R[j] = t; - } - /* - * The final output - * gets the inverse permutation of the very original. - */ - for (j=0; j<64; j++) - block[j] = L[FP[j]-1]; + } + /* + * The output L and R are reversed. + */ + for (j=0; j<32; j++) { + t = L[j]; + L[j] = R[j]; + R[j] = t; + } + /* + * The final output + * gets the inverse permutation of the very original. + */ + for (j=0; j<64; j++) + block[j] = L[FP[j]-1]; } diff --git a/src/lib/crypto/builtin/des/d3_aead.c b/src/lib/crypto/builtin/des/d3_aead.c index 3eb9422..e018895 100644 --- a/src/lib/crypto/builtin/des/d3_aead.c +++ b/src/lib/crypto/builtin/des/d3_aead.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 2008 by the Massachusetts Institute of Technology. * Copyright 1995 by Richard P. Basch. All Rights Reserved. @@ -27,11 +28,11 @@ void krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec) + unsigned long num_data, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp1, *kp2, *kp3; @@ -56,9 +57,9 @@ krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data, * vector. */ if (ivec != NULL) - ip = ivec; + ip = ivec; else - ip = mit_des_zeroblock; + ip = mit_des_zeroblock; GET_HALF_BLOCK(left, ip); GET_HALF_BLOCK(right, ip); @@ -67,49 +68,49 @@ krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data, * at a time. */ for (;;) { - unsigned DES_INT32 temp; + unsigned DES_INT32 temp; - ip = iblock; - op = oblock; + ip = iblock; + op = oblock; - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) - break; + if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) + break; - if (input_pos.iov_pos == num_data) - break; + if (input_pos.iov_pos == num_data) + break; - GET_HALF_BLOCK(temp, ip); - left ^= temp; - GET_HALF_BLOCK(temp, ip); - right ^= temp; + GET_HALF_BLOCK(temp, ip); + left ^= temp; + GET_HALF_BLOCK(temp, ip); + right ^= temp; - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, kp1); - DES_DO_DECRYPT(left, right, kp2); - DES_DO_ENCRYPT(left, right, kp3); + /* + * Encrypt what we have + */ + DES_DO_ENCRYPT(left, right, kp1); + DES_DO_DECRYPT(left, right, kp2); + DES_DO_ENCRYPT(left, right, kp3); - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); + /* + * Copy the results out + */ + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); + krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); } if (ivec != NULL) - memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH); + memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH); } void krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec) + unsigned long num_data, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp1, *kp2, *kp3; @@ -138,15 +139,15 @@ krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data, */ if (num_data == 0) - return; + return; /* * Prime the old cipher with ivec. */ if (ivec != NULL) - ip = ivec; + ip = ivec; else - ip = mit_des_zeroblock; + ip = mit_des_zeroblock; GET_HALF_BLOCK(ocipherl, ip); GET_HALF_BLOCK(ocipherr, ip); @@ -154,54 +155,54 @@ krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data, * Now do this in earnest until we run out of length. */ for (;;) { - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) - break; - - if (input_pos.iov_pos == num_data) - break; - - ip = iblock; - op = oblock; - - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; - - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, kp3); - DES_DO_ENCRYPT(left, right, kp2); - DES_DO_DECRYPT(left, right, kp1); - - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - - /* - * Save current cipher block here - */ - ocipherl = cipherl; - ocipherr = cipherr; - - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); + /* + * Read a block from the input into left and + * right. Save this cipher block for later. + */ + + if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) + break; + + if (input_pos.iov_pos == num_data) + break; + + ip = iblock; + op = oblock; + + GET_HALF_BLOCK(left, ip); + GET_HALF_BLOCK(right, ip); + cipherl = left; + cipherr = right; + + /* + * Decrypt this. + */ + DES_DO_DECRYPT(left, right, kp3); + DES_DO_ENCRYPT(left, right, kp2); + DES_DO_DECRYPT(left, right, kp1); + + /* + * Xor with the old cipher to get plain + * text. Output 8 or less bytes of this. + */ + left ^= ocipherl; + right ^= ocipherr; + + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); + + /* + * Save current cipher block here + */ + ocipherl = cipherl; + ocipherr = cipherr; + + krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); } if (ivec != NULL) { - op = ivec; - PUT_HALF_BLOCK(ocipherl,op); - PUT_HALF_BLOCK(ocipherr, op); + op = ivec; + PUT_HALF_BLOCK(ocipherl,op); + PUT_HALF_BLOCK(ocipherr, op); } } diff --git a/src/lib/crypto/builtin/des/d3_cbc.c b/src/lib/crypto/builtin/des/d3_cbc.c index f90d8e5..ea3cb43 100644 --- a/src/lib/crypto/builtin/des/d3_cbc.c +++ b/src/lib/crypto/builtin/des/d3_cbc.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1995 by Richard P. Basch. All Rights Reserved. * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. @@ -30,26 +31,26 @@ #undef mit_des3_cbc_encrypt int mit_des3_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, - unsigned long length, const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec, int enc) + unsigned long length, const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + const mit_des_cblock ivec, int enc) { if (enc) - krb5int_des3_cbc_encrypt(in, out, length, ks1, ks2, ks3, ivec); + krb5int_des3_cbc_encrypt(in, out, length, ks1, ks2, ks3, ivec); else - krb5int_des3_cbc_decrypt(in, out, length, ks1, ks2, ks3, ivec); + krb5int_des3_cbc_decrypt(in, out, length, ks1, ks2, ks3, ivec); return 0; } void krb5int_des3_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec) + mit_des_cblock *out, + unsigned long length, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + const mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp1, *kp2, *kp3; @@ -78,61 +79,61 @@ krb5int_des3_cbc_encrypt(const mit_des_cblock *in, ip = *in; op = *out; while (length > 0) { - /* - * Get more input, xor it in. If the length is - * greater than or equal to 8 this is straight - * forward. Otherwise we have to fart around. - */ - if (length >= 8) { - unsigned DES_INT32 temp; - GET_HALF_BLOCK(temp, ip); - left ^= temp; - GET_HALF_BLOCK(temp, ip); - right ^= temp; - length -= 8; - } else { - /* - * Oh, shoot. We need to pad the - * end with zeroes. Work backwards - * to do this. - */ - ip += (int) length; - switch(length) { - case 7: right ^= (*(--ip) & FF_UINT32) << 8; - case 6: right ^= (*(--ip) & FF_UINT32) << 16; - case 5: right ^= (*(--ip) & FF_UINT32) << 24; - case 4: left ^= *(--ip) & FF_UINT32; - case 3: left ^= (*(--ip) & FF_UINT32) << 8; - case 2: left ^= (*(--ip) & FF_UINT32) << 16; - case 1: left ^= (*(--ip) & FF_UINT32) << 24; - - } - length = 0; - } - - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, kp1); - DES_DO_DECRYPT(left, right, kp2); - DES_DO_ENCRYPT(left, right, kp3); - - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); + /* + * Get more input, xor it in. If the length is + * greater than or equal to 8 this is straight + * forward. Otherwise we have to fart around. + */ + if (length >= 8) { + unsigned DES_INT32 temp; + GET_HALF_BLOCK(temp, ip); + left ^= temp; + GET_HALF_BLOCK(temp, ip); + right ^= temp; + length -= 8; + } else { + /* + * Oh, shoot. We need to pad the + * end with zeroes. Work backwards + * to do this. + */ + ip += (int) length; + switch(length) { + case 7: right ^= (*(--ip) & FF_UINT32) << 8; + case 6: right ^= (*(--ip) & FF_UINT32) << 16; + case 5: right ^= (*(--ip) & FF_UINT32) << 24; + case 4: left ^= *(--ip) & FF_UINT32; + case 3: left ^= (*(--ip) & FF_UINT32) << 8; + case 2: left ^= (*(--ip) & FF_UINT32) << 16; + case 1: left ^= (*(--ip) & FF_UINT32) << 24; + + } + length = 0; + } + + /* + * Encrypt what we have + */ + DES_DO_ENCRYPT(left, right, kp1); + DES_DO_DECRYPT(left, right, kp2); + DES_DO_ENCRYPT(left, right, kp3); + + /* + * Copy the results out + */ + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); } } void krb5int_des3_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec) + mit_des_cblock *out, + unsigned long length, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + const mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp1, *kp2, *kp3; @@ -155,7 +156,7 @@ krb5int_des3_cbc_decrypt(const mit_des_cblock *in, */ if (length <= 0) - return; + return; /* * Prime the old cipher with ivec. @@ -169,55 +170,55 @@ krb5int_des3_cbc_decrypt(const mit_des_cblock *in, */ ip = *in; op = *out; - for (;;) { /* check done inside loop */ - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; - - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, kp3); - DES_DO_ENCRYPT(left, right, kp2); - DES_DO_DECRYPT(left, right, kp1); - - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - if (length > 8) { - length -= 8; - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - /* - * Save current cipher block here - */ - ocipherl = cipherl; - ocipherr = cipherr; - } else { - /* - * Trouble here. Start at end of output, - * work backwards. - */ - op += (int) length; - switch(length) { - case 8: *(--op) = (unsigned char) (right & 0xff); - case 7: *(--op) = (unsigned char) ((right >> 8) & 0xff); - case 6: *(--op) = (unsigned char) ((right >> 16) & 0xff); - case 5: *(--op) = (unsigned char) ((right >> 24) & 0xff); - case 4: *(--op) = (unsigned char) (left & 0xff); - case 3: *(--op) = (unsigned char) ((left >> 8) & 0xff); - case 2: *(--op) = (unsigned char) ((left >> 16) & 0xff); - case 1: *(--op) = (unsigned char) ((left >> 24) & 0xff); - } - break; /* we're done */ - } + for (;;) { /* check done inside loop */ + /* + * Read a block from the input into left and + * right. Save this cipher block for later. + */ + GET_HALF_BLOCK(left, ip); + GET_HALF_BLOCK(right, ip); + cipherl = left; + cipherr = right; + + /* + * Decrypt this. + */ + DES_DO_DECRYPT(left, right, kp3); + DES_DO_ENCRYPT(left, right, kp2); + DES_DO_DECRYPT(left, right, kp1); + + /* + * Xor with the old cipher to get plain + * text. Output 8 or less bytes of this. + */ + left ^= ocipherl; + right ^= ocipherr; + if (length > 8) { + length -= 8; + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); + /* + * Save current cipher block here + */ + ocipherl = cipherl; + ocipherr = cipherr; + } else { + /* + * Trouble here. Start at end of output, + * work backwards. + */ + op += (int) length; + switch(length) { + case 8: *(--op) = (unsigned char) (right & 0xff); + case 7: *(--op) = (unsigned char) ((right >> 8) & 0xff); + case 6: *(--op) = (unsigned char) ((right >> 16) & 0xff); + case 5: *(--op) = (unsigned char) ((right >> 24) & 0xff); + case 4: *(--op) = (unsigned char) (left & 0xff); + case 3: *(--op) = (unsigned char) ((left >> 8) & 0xff); + case 2: *(--op) = (unsigned char) ((left >> 16) & 0xff); + case 1: *(--op) = (unsigned char) ((left >> 24) & 0xff); + } + break; /* we're done */ + } } } diff --git a/src/lib/crypto/builtin/des/d3_kysched.c b/src/lib/crypto/builtin/des/d3_kysched.c index 2a9cc5a..ebd1050 100644 --- a/src/lib/crypto/builtin/des/d3_kysched.c +++ b/src/lib/crypto/builtin/des/d3_kysched.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1995 by Richard P. Basch. All Rights Reserved. * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. @@ -30,20 +31,20 @@ mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule) mit_des_make_key_sched(k[1],schedule[1]); mit_des_make_key_sched(k[2],schedule[2]); - if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */ - return(-1); + if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */ + return(-1); if (mit_des_is_weak_key(k[0])) - return(-2); + return(-2); if (!mit_des_check_key_parity(k[1])) - return(-1); + return(-1); if (mit_des_is_weak_key(k[1])) - return(-2); + return(-2); if (!mit_des_check_key_parity(k[2])) - return(-1); + return(-1); if (mit_des_is_weak_key(k[2])) - return(-2); + return(-2); /* if key was good, return 0 */ return 0; diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h index d6fa04a..ffa7123 100644 --- a/src/lib/crypto/builtin/des/des_int.h +++ b/src/lib/crypto/builtin/des/des_int.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/des_int.h * @@ -53,7 +54,7 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -/* only do the whole thing once */ +/* only do the whole thing once */ #ifndef DES_INTERNAL_DEFS #define DES_INTERNAL_DEFS @@ -91,7 +92,7 @@ #define DES_UINT32 unsigned long #endif -typedef unsigned char des_cblock[8] /* crypto-block size */ +typedef unsigned char des_cblock[8] /* crypto-block size */ KRB5INT_DES_DEPRECATED; /* @@ -119,11 +120,11 @@ typedef des_cblock mit_des_cblock; typedef des_key_schedule mit_des_key_schedule; /* Triple-DES structures */ -typedef mit_des_cblock mit_des3_cblock[3]; -typedef mit_des_key_schedule mit_des3_key_schedule[3]; +typedef mit_des_cblock mit_des3_cblock[3]; +typedef mit_des_key_schedule mit_des3_key_schedule[3]; -#define MIT_DES_ENCRYPT 1 -#define MIT_DES_DECRYPT 0 +#define MIT_DES_ENCRYPT 1 +#define MIT_DES_DECRYPT 0 typedef struct mit_des_ran_key_seed { krb5_encrypt_block eblock; @@ -132,246 +133,221 @@ typedef struct mit_des_ran_key_seed { /* the first byte of the key is already in the keyblock */ -#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) -#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH +#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) +#define MIT_DES_CBC_CRC_PAD_MINIMUM CRC32_CKSUM_LENGTH /* This used to be 8*sizeof(krb5_octet) */ -#define MIT_DES_KEYSIZE 8 +#define MIT_DES_KEYSIZE 8 -#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) +#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) /* * Check if k5-int.h has been included before us. If so, then check to see * that our view of the DES key size is the same as k5-int.h's. */ -#ifdef KRB5_MIT_DES_KEYSIZE -#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE +#ifdef KRB5_MIT_DES_KEYSIZE +#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE) -#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */ -#endif /* KRB5_MIT_DES_KEYSIZE */ +#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */ +#endif /* KRB5_MIT_DES_KEYSIZE */ #endif /* KRB5_MIT_DES__ */ /* * End "mit-des.h" */ /* afsstring2key.c */ -extern krb5_error_code mit_afs_string_to_key - (krb5_keyblock *keyblock, - const krb5_data *data, - const krb5_data *salt); -extern char *mit_afs_crypt - (const char *pw, const char *salt, char *iobuf); +krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock, + const krb5_data *data, + const krb5_data *salt); +char *mit_afs_crypt(const char *pw, const char *salt, char *iobuf); /* f_cksum.c */ -extern unsigned long mit_des_cbc_cksum - (const krb5_octet *, krb5_octet *, unsigned long , - const mit_des_key_schedule, const krb5_octet *); +unsigned long mit_des_cbc_cksum(const krb5_octet *, krb5_octet *, + unsigned long, const mit_des_key_schedule, + const krb5_octet *); /* f_ecb.c */ -extern int mit_des_ecb_encrypt - (const mit_des_cblock *, mit_des_cblock *, mit_des_key_schedule , int ); +int mit_des_ecb_encrypt(const mit_des_cblock *, mit_des_cblock *, + mit_des_key_schedule, int ); /* f_cbc.c */ -extern int mit_des_cbc_encrypt (const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec, int enc); +int mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, + unsigned long length, + const mit_des_key_schedule schedule, + const mit_des_cblock ivec, int enc); #define mit_des_zeroblock krb5int_c_mit_des_zeroblock extern const mit_des_cblock mit_des_zeroblock; /* fin_rndkey.c */ -extern krb5_error_code mit_des_finish_random_key - ( const krb5_encrypt_block *, - krb5_pointer *); +krb5_error_code mit_des_finish_random_key(const krb5_encrypt_block *, + krb5_pointer *); /* finish_key.c */ -extern krb5_error_code mit_des_finish_key - ( krb5_encrypt_block *); +krb5_error_code mit_des_finish_key(krb5_encrypt_block *); /* init_rkey.c */ -extern krb5_error_code mit_des_init_random_key - ( const krb5_encrypt_block *, - const krb5_keyblock *, - krb5_pointer *); +krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *, + const krb5_keyblock *, + krb5_pointer *); /* key_parity.c */ -extern void mit_des_fixup_key_parity (mit_des_cblock ); -extern int mit_des_check_key_parity (mit_des_cblock ); +void mit_des_fixup_key_parity(mit_des_cblock); +int mit_des_check_key_parity(mit_des_cblock); /* key_sched.c */ -extern int mit_des_key_sched - (mit_des_cblock , mit_des_key_schedule ); +int mit_des_key_sched(mit_des_cblock, mit_des_key_schedule); /* process_ky.c */ -extern krb5_error_code mit_des_process_key - ( krb5_encrypt_block *, const krb5_keyblock *); +krb5_error_code mit_des_process_key(krb5_encrypt_block *, + const krb5_keyblock *); /* random_key.c */ -extern krb5_error_code mit_des_random_key - ( const krb5_encrypt_block *, krb5_pointer , - krb5_keyblock **); +krb5_error_code mit_des_random_key(const krb5_encrypt_block *, + krb5_pointer, krb5_keyblock **); /* string2key.c */ -extern krb5_error_code mit_des_string_to_key - ( const krb5_encrypt_block *, - krb5_keyblock *, const krb5_data *, const krb5_data *); -extern krb5_error_code mit_des_string_to_key_int - (krb5_keyblock *, const krb5_data *, const krb5_data *); +krb5_error_code mit_des_string_to_key(const krb5_encrypt_block *, + krb5_keyblock *, const krb5_data *, + const krb5_data *); +krb5_error_code mit_des_string_to_key_int(krb5_keyblock *, const krb5_data *, + const krb5_data *); /* weak_key.c */ -extern int mit_des_is_weak_key (mit_des_cblock ); +int mit_des_is_weak_key(mit_des_cblock); /* cmb_keys.c */ -krb5_error_code mit_des_combine_subkeys - (const krb5_keyblock *, const krb5_keyblock *, - krb5_keyblock **); +krb5_error_code mit_des_combine_subkeys(const krb5_keyblock *, + const krb5_keyblock *, + krb5_keyblock **); /* f_pcbc.c */ -int mit_des_pcbc_encrypt (); +int mit_des_pcbc_encrypt(); /* f_sched.c */ int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule); /* misc.c */ -extern void swap_bits (char *); -extern unsigned long long_swap_bits (unsigned long ); -extern unsigned long swap_six_bits_to_ansi (unsigned long ); -extern unsigned long swap_four_bits_to_ansi (unsigned long ); -extern unsigned long swap_bit_pos_1 (unsigned long ); -extern unsigned long swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_bit_pos_0_to_ansi (unsigned long ); -extern unsigned long rev_swap_bit_pos_0 (unsigned long ); -extern unsigned long swap_byte_bits (unsigned long ); -extern unsigned long swap_long_bytes_bit_number (unsigned long ); +extern void swap_bits(char *); +extern unsigned long long_swap_bits(unsigned long); +extern unsigned long swap_six_bits_to_ansi(unsigned long); +extern unsigned long swap_four_bits_to_ansi(unsigned long); +extern unsigned long swap_bit_pos_1(unsigned long); +extern unsigned long swap_bit_pos_0(unsigned long); +extern unsigned long swap_bit_pos_0_to_ansi(unsigned long); +extern unsigned long rev_swap_bit_pos_0(unsigned long); +extern unsigned long swap_byte_bits(unsigned long); +extern unsigned long swap_long_bytes_bit_number(unsigned long); #ifdef FILE /* XXX depends on FILE being a #define! */ -extern void test_set (FILE *, const char *, int, const char *, int); +extern void test_set(FILE *, const char *, int, const char *, int); #endif /* d3_ecb.c */ -extern int mit_des3_ecb_encrypt - (const mit_des_cblock *in, - mit_des_cblock *out, - mit_des_key_schedule sched1, - mit_des_key_schedule sched2, - mit_des_key_schedule sched3, - int enc); +extern int mit_des3_ecb_encrypt(const mit_des_cblock *in, mit_des_cblock *out, + mit_des_key_schedule sched1, + mit_des_key_schedule sched2, + mit_des_key_schedule sched3, int enc); /* d3_cbc.c */ -extern int mit_des3_cbc_encrypt - (const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec, - int enc); +extern int mit_des3_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, + unsigned long length, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + const mit_des_cblock ivec, int enc); void krb5int_des3_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec); + mit_des_cblock *out, + unsigned long length, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + const mit_des_cblock ivec); void krb5int_des3_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - const mit_des_cblock ivec); + mit_des_cblock *out, + unsigned long length, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + const mit_des_cblock ivec); void krb5int_des3_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec); + unsigned long num_data, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + mit_des_cblock ivec); void krb5int_des3_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule ks1, - const mit_des_key_schedule ks2, - const mit_des_key_schedule ks3, - mit_des_cblock ivec); - -#define mit_des3_cbc_encrypt(in,out,length,ks1,ks2,ks3,ivec,enc) \ - ((enc ? krb5int_des3_cbc_encrypt : krb5int_des3_cbc_decrypt) \ + unsigned long num_data, + const mit_des_key_schedule ks1, + const mit_des_key_schedule ks2, + const mit_des_key_schedule ks3, + mit_des_cblock ivec); + +#define mit_des3_cbc_encrypt(in,out,length,ks1,ks2,ks3,ivec,enc) \ + ((enc ? krb5int_des3_cbc_encrypt : krb5int_des3_cbc_decrypt) \ (in, out, length, ks1, ks2, ks3, ivec), 0) void krb5int_des_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec); + mit_des_cblock *out, + unsigned long length, + const mit_des_key_schedule schedule, + const mit_des_cblock ivec); void krb5int_des_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec); + mit_des_cblock *out, + unsigned long length, + const mit_des_key_schedule schedule, + const mit_des_cblock ivec); -#define mit_des_cbc_encrypt(in,out,length,schedule,ivec,enc) \ - ((enc ? krb5int_des_cbc_encrypt : krb5int_des_cbc_decrypt) \ +#define mit_des_cbc_encrypt(in,out,length,schedule,ivec,enc) \ + ((enc ? krb5int_des_cbc_encrypt : krb5int_des_cbc_decrypt) \ (in, out, length, schedule, ivec), 0) void krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec); + unsigned long num_data, + const mit_des_key_schedule schedule, + mit_des_cblock ivec); void krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec); + unsigned long num_data, + const mit_des_key_schedule schedule, + mit_des_cblock ivec); /* d3_procky.c */ -extern krb5_error_code mit_des3_process_key - (krb5_encrypt_block * eblock, - const krb5_keyblock * keyblock); +krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock, + const krb5_keyblock *keyblock); /* d3_kysched.c */ -extern int mit_des3_key_sched - (mit_des3_cblock key, - mit_des3_key_schedule schedule); +int mit_des3_key_sched(mit_des3_cblock key, mit_des3_key_schedule schedule); /* d3_str2ky.c */ -extern krb5_error_code mit_des3_string_to_key - (const krb5_encrypt_block * eblock, - krb5_keyblock * keyblock, - const krb5_data * data, - const krb5_data * salt); +krb5_error_code mit_des3_string_to_key(const krb5_encrypt_block *eblock, + krb5_keyblock *keyblock, + const krb5_data *data, + const krb5_data *salt); /* u_nfold.c */ -extern krb5_error_code mit_des_n_fold - (const krb5_octet * input, - const size_t in_len, - krb5_octet * output, - const size_t out_len); +krb5_error_code mit_des_n_fold(const krb5_octet *input, const size_t in_len, + krb5_octet *output, const size_t out_len); /* u_rn_key.c */ -extern int mit_des_is_weak_keyblock - (krb5_keyblock *keyblock); +int mit_des_is_weak_keyblock(krb5_keyblock *keyblock); -extern void mit_des_fixup_keyblock_parity - (krb5_keyblock *keyblock); +void mit_des_fixup_keyblock_parity(krb5_keyblock *keyblock); -extern krb5_error_code mit_des_set_random_generator_seed - (const krb5_data * seed, - krb5_pointer random_state); +krb5_error_code mit_des_set_random_generator_seed(const krb5_data *seed, + krb5_pointer random_state); -extern krb5_error_code mit_des_set_random_sequence_number - (const krb5_data * sequence, - krb5_pointer random_state); -#endif /*DES_INTERNAL_DEFS*/ +krb5_error_code mit_des_set_random_sequence_number(const krb5_data *sequence, + krb5_pointer random_state); +#endif /*DES_INTERNAL_DEFS*/ diff --git a/src/lib/crypto/builtin/des/destest.c b/src/lib/crypto/builtin/des/destest.c index 287a4e9..86c7477 100644 --- a/src/lib/crypto/builtin/des/destest.c +++ b/src/lib/crypto/builtin/des/destest.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/destest.c * @@ -87,71 +88,71 @@ main(argc, argv) int error = 0; while (scanf("%16s %16s %16s", block1, block2, block3) == 3) { - convert(block1, key); - convert(block2, input); - convert(block3, output); - - retval = mit_des_key_sched(key, sched); - if (retval) { - fprintf(stderr, "des test: can't process key: %d\n", retval); - fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3); + convert(block1, key); + convert(block2, input); + convert(block3, output); + + retval = mit_des_key_sched(key, sched); + if (retval) { + fprintf(stderr, "des test: can't process key: %d\n", retval); + fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3); exit(1); } - mit_des_cbc_encrypt((const mit_des_cblock *) input, output2, 8, - sched, zeroblock, 1); - - if (memcmp((char *)output2, (char *)output, 8)) { - fprintf(stderr, - "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n", - block1, block2, block3, - output2[0],output2[1],output2[2],output2[3], - output2[4],output2[5],output2[6],output2[7]); - error++; - } - - /* - * Now try decrypting.... - */ - mit_des_cbc_encrypt((const mit_des_cblock *) output, output2, 8, - sched, zeroblock, 0); - - if (memcmp((char *)output2, (char *)input, 8)) { - fprintf(stderr, - "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n", - block1, block2, block3, - output2[0],output2[1],output2[2],output2[3], - output2[4],output2[5],output2[6],output2[7]); - error++; - } - - num++; + mit_des_cbc_encrypt((const mit_des_cblock *) input, output2, 8, + sched, zeroblock, 1); + + if (memcmp((char *)output2, (char *)output, 8)) { + fprintf(stderr, + "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n", + block1, block2, block3, + output2[0],output2[1],output2[2],output2[3], + output2[4],output2[5],output2[6],output2[7]); + error++; + } + + /* + * Now try decrypting.... + */ + mit_des_cbc_encrypt((const mit_des_cblock *) output, output2, 8, + sched, zeroblock, 0); + + if (memcmp((char *)output2, (char *)input, 8)) { + fprintf(stderr, + "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n", + block1, block2, block3, + output2[0],output2[1],output2[2],output2[3], + output2[4],output2[5],output2[6],output2[7]); + error++; + } + + num++; } if (error) - printf("destest: failed to pass the test\n"); + printf("destest: failed to pass the test\n"); else - printf("destest: %d tests passed successfully\n", num); + printf("destest: %d tests passed successfully\n", num); exit( (error > 256 && error % 256) ? 1 : error); } int value[128] = { --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, -0, 1, 2, 3, 4, 5, 6, 7, -8, 9, -1, -1, -1, -1, -1, -1, --1, 10, 11, 12, 13, 14, 15, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, --1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + 0, 1, 2, 3, 4, 5, 6, 7, + 8, 9, -1, -1, -1, -1, -1, -1, + -1, 10, 11, 12, 13, 14, 15, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, }; void @@ -161,13 +162,13 @@ convert(text, cblock) { register int i; for (i = 0; i < 8; i++) { - if (text[i*2] < 0 || text[i*2] >= 128) - abort (); - if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) { - printf("Bad value byte %d in %s\n", i, text); - exit(1); - } - cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]]; + if (text[i*2] < 0 || text[i*2] >= 128) + abort (); + if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) { + printf("Bad value byte %d in %s\n", i, text); + exit(1); + } + cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]]; } return; } @@ -182,7 +183,7 @@ int mit_des_is_weak_key(key) mit_des_cblock key; { - return 0; /* fake it out for testing */ + return 0; /* fake it out for testing */ } void @@ -214,18 +215,18 @@ des_cblock_print_file(x, fp) */ int mit_des_check_key_parity(key) - register mit_des_cblock key; + register mit_des_cblock key; { int i; for (i=0; i<sizeof(mit_des_cblock); i++) { - if ((key[i] & 1) == parity_char(0xfe&key[i])) { - printf("warning: bad parity key:"); - des_cblock_print_file(key, stdout); - putchar('\n'); + if ((key[i] & 1) == parity_char(0xfe&key[i])) { + printf("warning: bad parity key:"); + des_cblock_print_file(key, stdout); + putchar('\n'); - return 1; - } + return 1; + } } return(1); @@ -233,14 +234,14 @@ mit_des_check_key_parity(key) void mit_des_fixup_key_parity(key) - register mit_des_cblock key; + register mit_des_cblock key; { int i; for (i=0; i<sizeof(mit_des_cblock); i++) - { - key[i] &= 0xfe; - key[i] |= 1^parity_char(key[i]); - } + { + key[i] &= 0xfe; + key[i] |= 1^parity_char(key[i]); + } return; } diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c index 328d20a..8e700cd 100644 --- a/src/lib/crypto/builtin/des/f_aead.c +++ b/src/lib/crypto/builtin/des/f_aead.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 2008 by the Massachusetts Institute of Technology. * Copyright 1995 by Richard P. Basch. All Rights Reserved. @@ -27,9 +28,9 @@ void krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec) + unsigned long num_data, + const mit_des_key_schedule schedule, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp; @@ -52,9 +53,9 @@ krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data, * vector. */ if (ivec != NULL) - ip = ivec; + ip = ivec; else - ip = mit_des_zeroblock; + ip = mit_des_zeroblock; GET_HALF_BLOCK(left, ip); GET_HALF_BLOCK(right, ip); @@ -63,45 +64,45 @@ krb5int_des_cbc_encrypt_iov(krb5_crypto_iov *data, * at a time. */ for (;;) { - unsigned DES_INT32 temp; + unsigned DES_INT32 temp; - ip = iblock; - op = oblock; + ip = iblock; + op = oblock; - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) - break; + if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) + break; - if (input_pos.iov_pos == num_data) - break; + if (input_pos.iov_pos == num_data) + break; - GET_HALF_BLOCK(temp, ip); - left ^= temp; - GET_HALF_BLOCK(temp, ip); - right ^= temp; + GET_HALF_BLOCK(temp, ip); + left ^= temp; + GET_HALF_BLOCK(temp, ip); + right ^= temp; - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, kp); + /* + * Encrypt what we have + */ + DES_DO_ENCRYPT(left, right, kp); - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); + /* + * Copy the results out + */ + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); + krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); } if (ivec != NULL) - memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH); + memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH); } void krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data, - unsigned long num_data, - const mit_des_key_schedule schedule, - mit_des_cblock ivec) + unsigned long num_data, + const mit_des_key_schedule schedule, + mit_des_cblock ivec) { unsigned DES_INT32 left, right; const unsigned DES_INT32 *kp; @@ -128,15 +129,15 @@ krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data, */ if (num_data == 0) - return; + return; /* * Prime the old cipher with ivec. */ if (ivec != NULL) - ip = ivec; + ip = ivec; else - ip = mit_des_zeroblock; + ip = mit_des_zeroblock; GET_HALF_BLOCK(ocipherl, ip); GET_HALF_BLOCK(ocipherr, ip); @@ -144,49 +145,49 @@ krb5int_des_cbc_decrypt_iov(krb5_crypto_iov *data, * Now do this in earnest until we run out of length. */ for (;;) { - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - - if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) - break; - - if (input_pos.iov_pos == num_data) - break; - - ip = iblock; - op = oblock; - - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; - - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, kp); - - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - - /* - * Save current cipher block here - */ - ocipherl = cipherl; - ocipherr = cipherr; - - krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); + /* + * Read a block from the input into left and + * right. Save this cipher block for later. + */ + + if (!krb5int_c_iov_get_block(iblock, MIT_DES_BLOCK_LENGTH, data, num_data, &input_pos)) + break; + + if (input_pos.iov_pos == num_data) + break; + + ip = iblock; + op = oblock; + + GET_HALF_BLOCK(left, ip); + GET_HALF_BLOCK(right, ip); + cipherl = left; + cipherr = right; + + /* + * Decrypt this. + */ + DES_DO_DECRYPT(left, right, kp); + + /* + * Xor with the old cipher to get plain + * text. Output 8 or less bytes of this. + */ + left ^= ocipherl; + right ^= ocipherr; + + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); + + /* + * Save current cipher block here + */ + ocipherl = cipherl; + ocipherr = cipherr; + + krb5int_c_iov_put_block(data, num_data, oblock, MIT_DES_BLOCK_LENGTH, &output_pos); } if (ivec != NULL) - memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH); + memcpy(ivec, oblock, MIT_DES_BLOCK_LENGTH); } diff --git a/src/lib/crypto/builtin/des/f_cbc.c b/src/lib/crypto/builtin/des/f_cbc.c index 0949ba1..c7e1f22 100644 --- a/src/lib/crypto/builtin/des/f_cbc.c +++ b/src/lib/crypto/builtin/des/f_cbc.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/f_cbc.c * @@ -60,214 +61,214 @@ const mit_des_cblock mit_des_zeroblock /* = all zero */; #undef mit_des_cbc_encrypt int mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, - unsigned long length, const mit_des_key_schedule schedule, - const mit_des_cblock ivec, int enc) + unsigned long length, const mit_des_key_schedule schedule, + const mit_des_cblock ivec, int enc) { /* * Deal with encryption and decryption separately. */ if (enc) - krb5int_des_cbc_encrypt(in, out, length, schedule, ivec); + krb5int_des_cbc_encrypt(in, out, length, schedule, ivec); else - krb5int_des_cbc_decrypt(in, out, length, schedule, ivec); + krb5int_des_cbc_decrypt(in, out, length, schedule, ivec); return 0; } void krb5int_des_cbc_encrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec) + mit_des_cblock *out, + unsigned long length, + const mit_des_key_schedule schedule, + const mit_des_cblock ivec) { - unsigned DES_INT32 left, right; - const unsigned DES_INT32 *kp; - const unsigned char *ip; - unsigned char *op; + unsigned DES_INT32 left, right; + const unsigned DES_INT32 *kp; + const unsigned char *ip; + unsigned char *op; - /* - * Get key pointer here. This won't need to be reinitialized - */ - kp = (const unsigned DES_INT32 *)schedule; + /* + * Get key pointer here. This won't need to be reinitialized + */ + kp = (const unsigned DES_INT32 *)schedule; - /* - * Initialize left and right with the contents of the initial - * vector. - */ - ip = ivec; - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); + /* + * Initialize left and right with the contents of the initial + * vector. + */ + ip = ivec; + GET_HALF_BLOCK(left, ip); + GET_HALF_BLOCK(right, ip); - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ - ip = *in; - op = *out; - while (length > 0) { - /* - * Get more input, xor it in. If the length is - * greater than or equal to 8 this is straight - * forward. Otherwise we have to fart around. - */ - if (length >= 8) { - unsigned DES_INT32 temp; - GET_HALF_BLOCK(temp, ip); - left ^= temp; - GET_HALF_BLOCK(temp, ip); - right ^= temp; - length -= 8; - } else { - /* - * Oh, shoot. We need to pad the - * end with zeroes. Work backwards - * to do this. - */ - ip += (int) length; - switch(length) { - case 7: - right ^= (*(--ip) & FF_UINT32) << 8; - case 6: - right ^= (*(--ip) & FF_UINT32) << 16; - case 5: - right ^= (*(--ip) & FF_UINT32) << 24; - case 4: - left ^= *(--ip) & FF_UINT32; - case 3: - left ^= (*(--ip) & FF_UINT32) << 8; - case 2: - left ^= (*(--ip) & FF_UINT32) << 16; - case 1: - left ^= (*(--ip) & FF_UINT32) << 24; - break; - } - length = 0; - } + /* + * Suitably initialized, now work the length down 8 bytes + * at a time. + */ + ip = *in; + op = *out; + while (length > 0) { + /* + * Get more input, xor it in. If the length is + * greater than or equal to 8 this is straight + * forward. Otherwise we have to fart around. + */ + if (length >= 8) { + unsigned DES_INT32 temp; + GET_HALF_BLOCK(temp, ip); + left ^= temp; + GET_HALF_BLOCK(temp, ip); + right ^= temp; + length -= 8; + } else { + /* + * Oh, shoot. We need to pad the + * end with zeroes. Work backwards + * to do this. + */ + ip += (int) length; + switch(length) { + case 7: + right ^= (*(--ip) & FF_UINT32) << 8; + case 6: + right ^= (*(--ip) & FF_UINT32) << 16; + case 5: + right ^= (*(--ip) & FF_UINT32) << 24; + case 4: + left ^= *(--ip) & FF_UINT32; + case 3: + left ^= (*(--ip) & FF_UINT32) << 8; + case 2: + left ^= (*(--ip) & FF_UINT32) << 16; + case 1: + left ^= (*(--ip) & FF_UINT32) << 24; + break; + } + length = 0; + } - /* - * Encrypt what we have - */ - DES_DO_ENCRYPT(left, right, kp); + /* + * Encrypt what we have + */ + DES_DO_ENCRYPT(left, right, kp); - /* - * Copy the results out - */ - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - } + /* + * Copy the results out + */ + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); + } } void krb5int_des_cbc_decrypt(const mit_des_cblock *in, - mit_des_cblock *out, - unsigned long length, - const mit_des_key_schedule schedule, - const mit_des_cblock ivec) + mit_des_cblock *out, + unsigned long length, + const mit_des_key_schedule schedule, + const mit_des_cblock ivec) { - unsigned DES_INT32 left, right; - const unsigned DES_INT32 *kp; - const unsigned char *ip; - unsigned char *op; - unsigned DES_INT32 ocipherl, ocipherr; - unsigned DES_INT32 cipherl, cipherr; + unsigned DES_INT32 left, right; + const unsigned DES_INT32 *kp; + const unsigned char *ip; + unsigned char *op; + unsigned DES_INT32 ocipherl, ocipherr; + unsigned DES_INT32 cipherl, cipherr; - /* - * Get key pointer here. This won't need to be reinitialized - */ - kp = (const unsigned DES_INT32 *)schedule; + /* + * Get key pointer here. This won't need to be reinitialized + */ + kp = (const unsigned DES_INT32 *)schedule; - /* - * Decrypting is harder than encrypting because of - * the necessity of remembering a lot more things. - * Should think about this a little more... - */ + /* + * Decrypting is harder than encrypting because of + * the necessity of remembering a lot more things. + * Should think about this a little more... + */ - if (length <= 0) - return; + if (length <= 0) + return; - /* - * Prime the old cipher with ivec. - */ - ip = ivec; - GET_HALF_BLOCK(ocipherl, ip); - GET_HALF_BLOCK(ocipherr, ip); + /* + * Prime the old cipher with ivec. + */ + ip = ivec; + GET_HALF_BLOCK(ocipherl, ip); + GET_HALF_BLOCK(ocipherr, ip); - /* - * Now do this in earnest until we run out of length. - */ - ip = *in; - op = *out; - for (;;) { /* check done inside loop */ - /* - * Read a block from the input into left and - * right. Save this cipher block for later. - */ - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); - cipherl = left; - cipherr = right; + /* + * Now do this in earnest until we run out of length. + */ + ip = *in; + op = *out; + for (;;) { /* check done inside loop */ + /* + * Read a block from the input into left and + * right. Save this cipher block for later. + */ + GET_HALF_BLOCK(left, ip); + GET_HALF_BLOCK(right, ip); + cipherl = left; + cipherr = right; - /* - * Decrypt this. - */ - DES_DO_DECRYPT(left, right, kp); + /* + * Decrypt this. + */ + DES_DO_DECRYPT(left, right, kp); - /* - * Xor with the old cipher to get plain - * text. Output 8 or less bytes of this. - */ - left ^= ocipherl; - right ^= ocipherr; - if (length > 8) { - length -= 8; - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); - /* - * Save current cipher block here - */ - ocipherl = cipherl; - ocipherr = cipherr; - } else { - /* - * Trouble here. Start at end of output, - * work backwards. - */ - op += (int) length; - switch(length) { - case 8: - *(--op) = (unsigned char) (right & 0xff); - case 7: - *(--op) = (unsigned char) ((right >> 8) & 0xff); - case 6: - *(--op) = (unsigned char) ((right >> 16) & 0xff); - case 5: - *(--op) = (unsigned char) ((right >> 24) & 0xff); - case 4: - *(--op) = (unsigned char) (left & 0xff); - case 3: - *(--op) = (unsigned char) ((left >> 8) & 0xff); - case 2: - *(--op) = (unsigned char) ((left >> 16) & 0xff); - case 1: - *(--op) = (unsigned char) ((left >> 24) & 0xff); - break; - } - break; /* we're done */ - } - } + /* + * Xor with the old cipher to get plain + * text. Output 8 or less bytes of this. + */ + left ^= ocipherl; + right ^= ocipherr; + if (length > 8) { + length -= 8; + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); + /* + * Save current cipher block here + */ + ocipherl = cipherl; + ocipherr = cipherr; + } else { + /* + * Trouble here. Start at end of output, + * work backwards. + */ + op += (int) length; + switch(length) { + case 8: + *(--op) = (unsigned char) (right & 0xff); + case 7: + *(--op) = (unsigned char) ((right >> 8) & 0xff); + case 6: + *(--op) = (unsigned char) ((right >> 16) & 0xff); + case 5: + *(--op) = (unsigned char) ((right >> 24) & 0xff); + case 4: + *(--op) = (unsigned char) (left & 0xff); + case 3: + *(--op) = (unsigned char) ((left >> 8) & 0xff); + case 2: + *(--op) = (unsigned char) ((left >> 16) & 0xff); + case 1: + *(--op) = (unsigned char) ((left >> 24) & 0xff); + break; + } + break; /* we're done */ + } + } } #if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left, - unsigned DES_INT32 *right, - const unsigned DES_INT32 *kp) + unsigned DES_INT32 *right, + const unsigned DES_INT32 *kp) { DES_DO_ENCRYPT_1 (*left, *right, kp); } void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left, - unsigned DES_INT32 *right, - const unsigned DES_INT32 *kp) + unsigned DES_INT32 *right, + const unsigned DES_INT32 *kp) { DES_DO_DECRYPT_1 (*left, *right, kp); } diff --git a/src/lib/crypto/builtin/des/f_cksum.c b/src/lib/crypto/builtin/des/f_cksum.c index 1c03da4..09ac4a0 100644 --- a/src/lib/crypto/builtin/des/f_cksum.c +++ b/src/lib/crypto/builtin/des/f_cksum.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/f_cksum.c * @@ -49,88 +50,88 @@ unsigned long mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out, - unsigned long length, const mit_des_key_schedule schedule, - const krb5_octet *ivec) + unsigned long length, const mit_des_key_schedule schedule, + const krb5_octet *ivec) { - unsigned DES_INT32 left, right; - const unsigned DES_INT32 *kp; - const unsigned char *ip; - unsigned char *op; - register DES_INT32 len; + unsigned DES_INT32 left, right; + const unsigned DES_INT32 *kp; + const unsigned char *ip; + unsigned char *op; + register DES_INT32 len; - /* - * Initialize left and right with the contents of the initial - * vector. - */ - ip = ivec; - GET_HALF_BLOCK(left, ip); - GET_HALF_BLOCK(right, ip); + /* + * Initialize left and right with the contents of the initial + * vector. + */ + ip = ivec; + GET_HALF_BLOCK(left, ip); + GET_HALF_BLOCK(right, ip); - /* - * Suitably initialized, now work the length down 8 bytes - * at a time. - */ - ip = in; - len = length; - while (len > 0) { - /* - * Get more input, xor it in. If the length is - * greater than or equal to 8 this is straight - * forward. Otherwise we have to fart around. - */ - if (len >= 8) { - unsigned DES_INT32 temp; - GET_HALF_BLOCK(temp, ip); - left ^= temp; - GET_HALF_BLOCK(temp, ip); - right ^= temp; - len -= 8; - } else { - /* - * Oh, shoot. We need to pad the - * end with zeroes. Work backwards - * to do this. - */ - ip += (int) len; - switch(len) { - case 7: - right ^= (*(--ip) & FF_UINT32) << 8; - case 6: - right ^= (*(--ip) & FF_UINT32) << 16; - case 5: - right ^= (*(--ip) & FF_UINT32) << 24; - case 4: - left ^= *(--ip) & FF_UINT32; - case 3: - left ^= (*(--ip) & FF_UINT32) << 8; - case 2: - left ^= (*(--ip) & FF_UINT32) << 16; - case 1: - left ^= (*(--ip) & FF_UINT32) << 24; - break; - } - len = 0; - } + /* + * Suitably initialized, now work the length down 8 bytes + * at a time. + */ + ip = in; + len = length; + while (len > 0) { + /* + * Get more input, xor it in. If the length is + * greater than or equal to 8 this is straight + * forward. Otherwise we have to fart around. + */ + if (len >= 8) { + unsigned DES_INT32 temp; + GET_HALF_BLOCK(temp, ip); + left ^= temp; + GET_HALF_BLOCK(temp, ip); + right ^= temp; + len -= 8; + } else { + /* + * Oh, shoot. We need to pad the + * end with zeroes. Work backwards + * to do this. + */ + ip += (int) len; + switch(len) { + case 7: + right ^= (*(--ip) & FF_UINT32) << 8; + case 6: + right ^= (*(--ip) & FF_UINT32) << 16; + case 5: + right ^= (*(--ip) & FF_UINT32) << 24; + case 4: + left ^= *(--ip) & FF_UINT32; + case 3: + left ^= (*(--ip) & FF_UINT32) << 8; + case 2: + left ^= (*(--ip) & FF_UINT32) << 16; + case 1: + left ^= (*(--ip) & FF_UINT32) << 24; + break; + } + len = 0; + } - /* - * Encrypt what we have - */ - kp = (const unsigned DES_INT32 *)schedule; - DES_DO_ENCRYPT(left, right, kp); - } + /* + * Encrypt what we have + */ + kp = (const unsigned DES_INT32 *)schedule; + DES_DO_ENCRYPT(left, right, kp); + } - /* - * Done. Left and right have the checksum. Put it into - * the output. - */ - op = out; - PUT_HALF_BLOCK(left, op); - PUT_HALF_BLOCK(right, op); + /* + * Done. Left and right have the checksum. Put it into + * the output. + */ + op = out; + PUT_HALF_BLOCK(left, op); + PUT_HALF_BLOCK(right, op); - /* - * Return right. I'll bet the MIT code returns this - * inconsistantly (with the low order byte of the checksum - * not always in the low order byte of the DES_INT32). We won't. - */ - return right & 0xFFFFFFFFUL; + /* + * Return right. I'll bet the MIT code returns this + * inconsistantly (with the low order byte of the checksum + * not always in the low order byte of the DES_INT32). We won't. + */ + return right & 0xFFFFFFFFUL; } diff --git a/src/lib/crypto/builtin/des/f_parity.c b/src/lib/crypto/builtin/des/f_parity.c index 846c821..460b506 100644 --- a/src/lib/crypto/builtin/des/f_parity.c +++ b/src/lib/crypto/builtin/des/f_parity.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * These routines check and fix parity of encryption keys for the DES * algorithm. @@ -25,10 +26,10 @@ mit_des_fixup_key_parity(mit_des_cblock key) { unsigned int i; for (i=0; i<sizeof(mit_des_cblock); i++) - { - key[i] &= 0xfe; - key[i] |= 1^parity_char(key[i]); - } + { + key[i] &= 0xfe; + key[i] |= 1^parity_char(key[i]); + } return; } @@ -44,12 +45,12 @@ mit_des_check_key_parity(mit_des_cblock key) unsigned int i; for (i=0; i<sizeof(mit_des_cblock); i++) - { - if((key[i] & 1) == parity_char(0xfe&key[i])) - { - return 0; - } - } + { + if((key[i] & 1) == parity_char(0xfe&key[i])) + { + return 0; + } + } return(1); } diff --git a/src/lib/crypto/builtin/des/f_sched.c b/src/lib/crypto/builtin/des/f_sched.c index cb0a6bb..af9d66b 100644 --- a/src/lib/crypto/builtin/des/f_sched.c +++ b/src/lib/crypto/builtin/des/f_sched.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/f_sched.c * @@ -39,27 +40,27 @@ * part of each key are used to form Ci and Di. */ static const unsigned DES_INT32 PC1_CL[8] = { - 0x00000000, 0x00000010, 0x00001000, 0x00001010, - 0x00100000, 0x00100010, 0x00101000, 0x00101010 + 0x00000000, 0x00000010, 0x00001000, 0x00001010, + 0x00100000, 0x00100010, 0x00101000, 0x00101010 }; static const unsigned DES_INT32 PC1_DL[16] = { - 0x00000000, 0x00100000, 0x00001000, 0x00101000, - 0x00000010, 0x00100010, 0x00001010, 0x00101010, - 0x00000001, 0x00100001, 0x00001001, 0x00101001, - 0x00000011, 0x00100011, 0x00001011, 0x00101011 + 0x00000000, 0x00100000, 0x00001000, 0x00101000, + 0x00000010, 0x00100010, 0x00001010, 0x00101010, + 0x00000001, 0x00100001, 0x00001001, 0x00101001, + 0x00000011, 0x00100011, 0x00001011, 0x00101011 }; static const unsigned DES_INT32 PC1_CR[16] = { - 0x00000000, 0x00000001, 0x00000100, 0x00000101, - 0x00010000, 0x00010001, 0x00010100, 0x00010101, - 0x01000000, 0x01000001, 0x01000100, 0x01000101, - 0x01010000, 0x01010001, 0x01010100, 0x01010101 + 0x00000000, 0x00000001, 0x00000100, 0x00000101, + 0x00010000, 0x00010001, 0x00010100, 0x00010101, + 0x01000000, 0x01000001, 0x01000100, 0x01000101, + 0x01010000, 0x01010001, 0x01010100, 0x01010101 }; static const unsigned DES_INT32 PC1_DR[8] = { - 0x00000000, 0x01000000, 0x00010000, 0x01010000, - 0x00000100, 0x01000100, 0x00010100, 0x01010100 + 0x00000000, 0x01000000, 0x00010000, 0x01010000, + 0x00000100, 0x01000100, 0x00010100, 0x01010100 }; @@ -69,7 +70,7 @@ static const unsigned DES_INT32 PC1_DR[8] = { * two places. This has bits set for the iterations where we do 2 bit * shifts, starting at the low order bit. */ -#define TWO_BIT_SHIFTS 0x7efc +#define TWO_BIT_SHIFTS 0x7efc /* * Permuted choice 2 tables. The first actually produces the low order @@ -84,153 +85,153 @@ static const unsigned DES_INT32 PC1_DR[8] = { * in in the des code. */ static const unsigned DES_INT32 PC2_C[4][64] = { - { - 0x00000000, 0x00000004, 0x00010000, 0x00010004, - 0x00000400, 0x00000404, 0x00010400, 0x00010404, - 0x00000020, 0x00000024, 0x00010020, 0x00010024, - 0x00000420, 0x00000424, 0x00010420, 0x00010424, - 0x01000000, 0x01000004, 0x01010000, 0x01010004, - 0x01000400, 0x01000404, 0x01010400, 0x01010404, - 0x01000020, 0x01000024, 0x01010020, 0x01010024, - 0x01000420, 0x01000424, 0x01010420, 0x01010424, - 0x00020000, 0x00020004, 0x00030000, 0x00030004, - 0x00020400, 0x00020404, 0x00030400, 0x00030404, - 0x00020020, 0x00020024, 0x00030020, 0x00030024, - 0x00020420, 0x00020424, 0x00030420, 0x00030424, - 0x01020000, 0x01020004, 0x01030000, 0x01030004, - 0x01020400, 0x01020404, 0x01030400, 0x01030404, - 0x01020020, 0x01020024, 0x01030020, 0x01030024, - 0x01020420, 0x01020424, 0x01030420, 0x01030424, - }, - { - 0x00000000, 0x02000000, 0x00000800, 0x02000800, - 0x00080000, 0x02080000, 0x00080800, 0x02080800, - 0x00000001, 0x02000001, 0x00000801, 0x02000801, - 0x00080001, 0x02080001, 0x00080801, 0x02080801, - 0x00000100, 0x02000100, 0x00000900, 0x02000900, - 0x00080100, 0x02080100, 0x00080900, 0x02080900, - 0x00000101, 0x02000101, 0x00000901, 0x02000901, - 0x00080101, 0x02080101, 0x00080901, 0x02080901, - 0x10000000, 0x12000000, 0x10000800, 0x12000800, - 0x10080000, 0x12080000, 0x10080800, 0x12080800, - 0x10000001, 0x12000001, 0x10000801, 0x12000801, - 0x10080001, 0x12080001, 0x10080801, 0x12080801, - 0x10000100, 0x12000100, 0x10000900, 0x12000900, - 0x10080100, 0x12080100, 0x10080900, 0x12080900, - 0x10000101, 0x12000101, 0x10000901, 0x12000901, - 0x10080101, 0x12080101, 0x10080901, 0x12080901, - }, - { - 0x00000000, 0x00040000, 0x00002000, 0x00042000, - 0x00100000, 0x00140000, 0x00102000, 0x00142000, - 0x20000000, 0x20040000, 0x20002000, 0x20042000, - 0x20100000, 0x20140000, 0x20102000, 0x20142000, - 0x00000008, 0x00040008, 0x00002008, 0x00042008, - 0x00100008, 0x00140008, 0x00102008, 0x00142008, - 0x20000008, 0x20040008, 0x20002008, 0x20042008, - 0x20100008, 0x20140008, 0x20102008, 0x20142008, - 0x00200000, 0x00240000, 0x00202000, 0x00242000, - 0x00300000, 0x00340000, 0x00302000, 0x00342000, - 0x20200000, 0x20240000, 0x20202000, 0x20242000, - 0x20300000, 0x20340000, 0x20302000, 0x20342000, - 0x00200008, 0x00240008, 0x00202008, 0x00242008, - 0x00300008, 0x00340008, 0x00302008, 0x00342008, - 0x20200008, 0x20240008, 0x20202008, 0x20242008, - 0x20300008, 0x20340008, 0x20302008, 0x20342008, - }, - { - 0x00000000, 0x00000010, 0x08000000, 0x08000010, - 0x00000200, 0x00000210, 0x08000200, 0x08000210, - 0x00000002, 0x00000012, 0x08000002, 0x08000012, - 0x00000202, 0x00000212, 0x08000202, 0x08000212, - 0x04000000, 0x04000010, 0x0c000000, 0x0c000010, - 0x04000200, 0x04000210, 0x0c000200, 0x0c000210, - 0x04000002, 0x04000012, 0x0c000002, 0x0c000012, - 0x04000202, 0x04000212, 0x0c000202, 0x0c000212, - 0x00001000, 0x00001010, 0x08001000, 0x08001010, - 0x00001200, 0x00001210, 0x08001200, 0x08001210, - 0x00001002, 0x00001012, 0x08001002, 0x08001012, - 0x00001202, 0x00001212, 0x08001202, 0x08001212, - 0x04001000, 0x04001010, 0x0c001000, 0x0c001010, - 0x04001200, 0x04001210, 0x0c001200, 0x0c001210, - 0x04001002, 0x04001012, 0x0c001002, 0x0c001012, - 0x04001202, 0x04001212, 0x0c001202, 0x0c001212 - }, + { + 0x00000000, 0x00000004, 0x00010000, 0x00010004, + 0x00000400, 0x00000404, 0x00010400, 0x00010404, + 0x00000020, 0x00000024, 0x00010020, 0x00010024, + 0x00000420, 0x00000424, 0x00010420, 0x00010424, + 0x01000000, 0x01000004, 0x01010000, 0x01010004, + 0x01000400, 0x01000404, 0x01010400, 0x01010404, + 0x01000020, 0x01000024, 0x01010020, 0x01010024, + 0x01000420, 0x01000424, 0x01010420, 0x01010424, + 0x00020000, 0x00020004, 0x00030000, 0x00030004, + 0x00020400, 0x00020404, 0x00030400, 0x00030404, + 0x00020020, 0x00020024, 0x00030020, 0x00030024, + 0x00020420, 0x00020424, 0x00030420, 0x00030424, + 0x01020000, 0x01020004, 0x01030000, 0x01030004, + 0x01020400, 0x01020404, 0x01030400, 0x01030404, + 0x01020020, 0x01020024, 0x01030020, 0x01030024, + 0x01020420, 0x01020424, 0x01030420, 0x01030424, + }, + { + 0x00000000, 0x02000000, 0x00000800, 0x02000800, + 0x00080000, 0x02080000, 0x00080800, 0x02080800, + 0x00000001, 0x02000001, 0x00000801, 0x02000801, + 0x00080001, 0x02080001, 0x00080801, 0x02080801, + 0x00000100, 0x02000100, 0x00000900, 0x02000900, + 0x00080100, 0x02080100, 0x00080900, 0x02080900, + 0x00000101, 0x02000101, 0x00000901, 0x02000901, + 0x00080101, 0x02080101, 0x00080901, 0x02080901, + 0x10000000, 0x12000000, 0x10000800, 0x12000800, + 0x10080000, 0x12080000, 0x10080800, 0x12080800, + 0x10000001, 0x12000001, 0x10000801, 0x12000801, + 0x10080001, 0x12080001, 0x10080801, 0x12080801, + 0x10000100, 0x12000100, 0x10000900, 0x12000900, + 0x10080100, 0x12080100, 0x10080900, 0x12080900, + 0x10000101, 0x12000101, 0x10000901, 0x12000901, + 0x10080101, 0x12080101, 0x10080901, 0x12080901, + }, + { + 0x00000000, 0x00040000, 0x00002000, 0x00042000, + 0x00100000, 0x00140000, 0x00102000, 0x00142000, + 0x20000000, 0x20040000, 0x20002000, 0x20042000, + 0x20100000, 0x20140000, 0x20102000, 0x20142000, + 0x00000008, 0x00040008, 0x00002008, 0x00042008, + 0x00100008, 0x00140008, 0x00102008, 0x00142008, + 0x20000008, 0x20040008, 0x20002008, 0x20042008, + 0x20100008, 0x20140008, 0x20102008, 0x20142008, + 0x00200000, 0x00240000, 0x00202000, 0x00242000, + 0x00300000, 0x00340000, 0x00302000, 0x00342000, + 0x20200000, 0x20240000, 0x20202000, 0x20242000, + 0x20300000, 0x20340000, 0x20302000, 0x20342000, + 0x00200008, 0x00240008, 0x00202008, 0x00242008, + 0x00300008, 0x00340008, 0x00302008, 0x00342008, + 0x20200008, 0x20240008, 0x20202008, 0x20242008, + 0x20300008, 0x20340008, 0x20302008, 0x20342008, + }, + { + 0x00000000, 0x00000010, 0x08000000, 0x08000010, + 0x00000200, 0x00000210, 0x08000200, 0x08000210, + 0x00000002, 0x00000012, 0x08000002, 0x08000012, + 0x00000202, 0x00000212, 0x08000202, 0x08000212, + 0x04000000, 0x04000010, 0x0c000000, 0x0c000010, + 0x04000200, 0x04000210, 0x0c000200, 0x0c000210, + 0x04000002, 0x04000012, 0x0c000002, 0x0c000012, + 0x04000202, 0x04000212, 0x0c000202, 0x0c000212, + 0x00001000, 0x00001010, 0x08001000, 0x08001010, + 0x00001200, 0x00001210, 0x08001200, 0x08001210, + 0x00001002, 0x00001012, 0x08001002, 0x08001012, + 0x00001202, 0x00001212, 0x08001202, 0x08001212, + 0x04001000, 0x04001010, 0x0c001000, 0x0c001010, + 0x04001200, 0x04001210, 0x0c001200, 0x0c001210, + 0x04001002, 0x04001012, 0x0c001002, 0x0c001012, + 0x04001202, 0x04001212, 0x0c001202, 0x0c001212 + }, }; static const unsigned DES_INT32 PC2_D[4][64] = { - { - 0x00000000, 0x02000000, 0x00020000, 0x02020000, - 0x00000100, 0x02000100, 0x00020100, 0x02020100, - 0x00000008, 0x02000008, 0x00020008, 0x02020008, - 0x00000108, 0x02000108, 0x00020108, 0x02020108, - 0x00200000, 0x02200000, 0x00220000, 0x02220000, - 0x00200100, 0x02200100, 0x00220100, 0x02220100, - 0x00200008, 0x02200008, 0x00220008, 0x02220008, - 0x00200108, 0x02200108, 0x00220108, 0x02220108, - 0x00000200, 0x02000200, 0x00020200, 0x02020200, - 0x00000300, 0x02000300, 0x00020300, 0x02020300, - 0x00000208, 0x02000208, 0x00020208, 0x02020208, - 0x00000308, 0x02000308, 0x00020308, 0x02020308, - 0x00200200, 0x02200200, 0x00220200, 0x02220200, - 0x00200300, 0x02200300, 0x00220300, 0x02220300, - 0x00200208, 0x02200208, 0x00220208, 0x02220208, - 0x00200308, 0x02200308, 0x00220308, 0x02220308, - }, - { - 0x00000000, 0x00001000, 0x00000020, 0x00001020, - 0x00100000, 0x00101000, 0x00100020, 0x00101020, - 0x08000000, 0x08001000, 0x08000020, 0x08001020, - 0x08100000, 0x08101000, 0x08100020, 0x08101020, - 0x00000004, 0x00001004, 0x00000024, 0x00001024, - 0x00100004, 0x00101004, 0x00100024, 0x00101024, - 0x08000004, 0x08001004, 0x08000024, 0x08001024, - 0x08100004, 0x08101004, 0x08100024, 0x08101024, - 0x00000400, 0x00001400, 0x00000420, 0x00001420, - 0x00100400, 0x00101400, 0x00100420, 0x00101420, - 0x08000400, 0x08001400, 0x08000420, 0x08001420, - 0x08100400, 0x08101400, 0x08100420, 0x08101420, - 0x00000404, 0x00001404, 0x00000424, 0x00001424, - 0x00100404, 0x00101404, 0x00100424, 0x00101424, - 0x08000404, 0x08001404, 0x08000424, 0x08001424, - 0x08100404, 0x08101404, 0x08100424, 0x08101424, - }, - { - 0x00000000, 0x10000000, 0x00010000, 0x10010000, - 0x00000002, 0x10000002, 0x00010002, 0x10010002, - 0x00002000, 0x10002000, 0x00012000, 0x10012000, - 0x00002002, 0x10002002, 0x00012002, 0x10012002, - 0x00040000, 0x10040000, 0x00050000, 0x10050000, - 0x00040002, 0x10040002, 0x00050002, 0x10050002, - 0x00042000, 0x10042000, 0x00052000, 0x10052000, - 0x00042002, 0x10042002, 0x00052002, 0x10052002, - 0x20000000, 0x30000000, 0x20010000, 0x30010000, - 0x20000002, 0x30000002, 0x20010002, 0x30010002, - 0x20002000, 0x30002000, 0x20012000, 0x30012000, - 0x20002002, 0x30002002, 0x20012002, 0x30012002, - 0x20040000, 0x30040000, 0x20050000, 0x30050000, - 0x20040002, 0x30040002, 0x20050002, 0x30050002, - 0x20042000, 0x30042000, 0x20052000, 0x30052000, - 0x20042002, 0x30042002, 0x20052002, 0x30052002, - }, - { - 0x00000000, 0x04000000, 0x00000001, 0x04000001, - 0x01000000, 0x05000000, 0x01000001, 0x05000001, - 0x00000010, 0x04000010, 0x00000011, 0x04000011, - 0x01000010, 0x05000010, 0x01000011, 0x05000011, - 0x00080000, 0x04080000, 0x00080001, 0x04080001, - 0x01080000, 0x05080000, 0x01080001, 0x05080001, - 0x00080010, 0x04080010, 0x00080011, 0x04080011, - 0x01080010, 0x05080010, 0x01080011, 0x05080011, - 0x00000800, 0x04000800, 0x00000801, 0x04000801, - 0x01000800, 0x05000800, 0x01000801, 0x05000801, - 0x00000810, 0x04000810, 0x00000811, 0x04000811, - 0x01000810, 0x05000810, 0x01000811, 0x05000811, - 0x00080800, 0x04080800, 0x00080801, 0x04080801, - 0x01080800, 0x05080800, 0x01080801, 0x05080801, - 0x00080810, 0x04080810, 0x00080811, 0x04080811, - 0x01080810, 0x05080810, 0x01080811, 0x05080811 - }, + { + 0x00000000, 0x02000000, 0x00020000, 0x02020000, + 0x00000100, 0x02000100, 0x00020100, 0x02020100, + 0x00000008, 0x02000008, 0x00020008, 0x02020008, + 0x00000108, 0x02000108, 0x00020108, 0x02020108, + 0x00200000, 0x02200000, 0x00220000, 0x02220000, + 0x00200100, 0x02200100, 0x00220100, 0x02220100, + 0x00200008, 0x02200008, 0x00220008, 0x02220008, + 0x00200108, 0x02200108, 0x00220108, 0x02220108, + 0x00000200, 0x02000200, 0x00020200, 0x02020200, + 0x00000300, 0x02000300, 0x00020300, 0x02020300, + 0x00000208, 0x02000208, 0x00020208, 0x02020208, + 0x00000308, 0x02000308, 0x00020308, 0x02020308, + 0x00200200, 0x02200200, 0x00220200, 0x02220200, + 0x00200300, 0x02200300, 0x00220300, 0x02220300, + 0x00200208, 0x02200208, 0x00220208, 0x02220208, + 0x00200308, 0x02200308, 0x00220308, 0x02220308, + }, + { + 0x00000000, 0x00001000, 0x00000020, 0x00001020, + 0x00100000, 0x00101000, 0x00100020, 0x00101020, + 0x08000000, 0x08001000, 0x08000020, 0x08001020, + 0x08100000, 0x08101000, 0x08100020, 0x08101020, + 0x00000004, 0x00001004, 0x00000024, 0x00001024, + 0x00100004, 0x00101004, 0x00100024, 0x00101024, + 0x08000004, 0x08001004, 0x08000024, 0x08001024, + 0x08100004, 0x08101004, 0x08100024, 0x08101024, + 0x00000400, 0x00001400, 0x00000420, 0x00001420, + 0x00100400, 0x00101400, 0x00100420, 0x00101420, + 0x08000400, 0x08001400, 0x08000420, 0x08001420, + 0x08100400, 0x08101400, 0x08100420, 0x08101420, + 0x00000404, 0x00001404, 0x00000424, 0x00001424, + 0x00100404, 0x00101404, 0x00100424, 0x00101424, + 0x08000404, 0x08001404, 0x08000424, 0x08001424, + 0x08100404, 0x08101404, 0x08100424, 0x08101424, + }, + { + 0x00000000, 0x10000000, 0x00010000, 0x10010000, + 0x00000002, 0x10000002, 0x00010002, 0x10010002, + 0x00002000, 0x10002000, 0x00012000, 0x10012000, + 0x00002002, 0x10002002, 0x00012002, 0x10012002, + 0x00040000, 0x10040000, 0x00050000, 0x10050000, + 0x00040002, 0x10040002, 0x00050002, 0x10050002, + 0x00042000, 0x10042000, 0x00052000, 0x10052000, + 0x00042002, 0x10042002, 0x00052002, 0x10052002, + 0x20000000, 0x30000000, 0x20010000, 0x30010000, + 0x20000002, 0x30000002, 0x20010002, 0x30010002, + 0x20002000, 0x30002000, 0x20012000, 0x30012000, + 0x20002002, 0x30002002, 0x20012002, 0x30012002, + 0x20040000, 0x30040000, 0x20050000, 0x30050000, + 0x20040002, 0x30040002, 0x20050002, 0x30050002, + 0x20042000, 0x30042000, 0x20052000, 0x30052000, + 0x20042002, 0x30042002, 0x20052002, 0x30052002, + }, + { + 0x00000000, 0x04000000, 0x00000001, 0x04000001, + 0x01000000, 0x05000000, 0x01000001, 0x05000001, + 0x00000010, 0x04000010, 0x00000011, 0x04000011, + 0x01000010, 0x05000010, 0x01000011, 0x05000011, + 0x00080000, 0x04080000, 0x00080001, 0x04080001, + 0x01080000, 0x05080000, 0x01080001, 0x05080001, + 0x00080010, 0x04080010, 0x00080011, 0x04080011, + 0x01080010, 0x05080010, 0x01080011, 0x05080011, + 0x00000800, 0x04000800, 0x00000801, 0x04000801, + 0x01000800, 0x05000800, 0x01000801, 0x05000801, + 0x00000810, 0x04000810, 0x00000811, 0x04000811, + 0x01000810, 0x05000810, 0x01000811, 0x05000811, + 0x00080800, 0x04080800, 0x00080801, 0x04080801, + 0x01080800, 0x05080800, 0x01080801, 0x05080801, + 0x00080810, 0x04080810, 0x00080811, 0x04080811, + 0x01080810, 0x05080810, 0x01080811, 0x05080811 + }, }; @@ -241,119 +242,119 @@ static const unsigned DES_INT32 PC2_D[4][64] = { int mit_des_make_key_sched(mit_des_cblock key, mit_des_key_schedule schedule) { - register unsigned DES_INT32 c, d; + register unsigned DES_INT32 c, d; - { - /* - * Need a pointer for the keys and a temporary DES_INT32 - */ - const unsigned char *k; - register unsigned DES_INT32 tmp; + { + /* + * Need a pointer for the keys and a temporary DES_INT32 + */ + const unsigned char *k; + register unsigned DES_INT32 tmp; - /* - * Fetch the key into something we can work with - */ - k = key; + /* + * Fetch the key into something we can work with + */ + k = key; - /* - * The first permutted choice gives us the 28 bits for C0 and - * 28 for D0. C0 gets 12 bits from the left key and 16 from - * the right, while D0 gets 16 from the left and 12 from the - * right. The code knows which bits go where. - */ - tmp = load_32_be(k), k += 4; + /* + * The first permutted choice gives us the 28 bits for C0 and + * 28 for D0. C0 gets 12 bits from the left key and 16 from + * the right, while D0 gets 16 from the left and 12 from the + * right. The code knows which bits go where. + */ + tmp = load_32_be(k), k += 4; - c = PC1_CL[(tmp >> 29) & 0x7] - | (PC1_CL[(tmp >> 21) & 0x7] << 1) - | (PC1_CL[(tmp >> 13) & 0x7] << 2) - | (PC1_CL[(tmp >> 5) & 0x7] << 3); - d = PC1_DL[(tmp >> 25) & 0xf] - | (PC1_DL[(tmp >> 17) & 0xf] << 1) - | (PC1_DL[(tmp >> 9) & 0xf] << 2) - | (PC1_DL[(tmp >> 1) & 0xf] << 3); + c = PC1_CL[(tmp >> 29) & 0x7] + | (PC1_CL[(tmp >> 21) & 0x7] << 1) + | (PC1_CL[(tmp >> 13) & 0x7] << 2) + | (PC1_CL[(tmp >> 5) & 0x7] << 3); + d = PC1_DL[(tmp >> 25) & 0xf] + | (PC1_DL[(tmp >> 17) & 0xf] << 1) + | (PC1_DL[(tmp >> 9) & 0xf] << 2) + | (PC1_DL[(tmp >> 1) & 0xf] << 3); - tmp = load_32_be(k), k += 4; + tmp = load_32_be(k), k += 4; - c |= PC1_CR[(tmp >> 28) & 0xf] - | (PC1_CR[(tmp >> 20) & 0xf] << 1) - | (PC1_CR[(tmp >> 12) & 0xf] << 2) - | (PC1_CR[(tmp >> 4) & 0xf] << 3); - d |= PC1_DR[(tmp >> 25) & 0x7] - | (PC1_DR[(tmp >> 17) & 0x7] << 1) - | (PC1_DR[(tmp >> 9) & 0x7] << 2) - | (PC1_DR[(tmp >> 1) & 0x7] << 3); - } + c |= PC1_CR[(tmp >> 28) & 0xf] + | (PC1_CR[(tmp >> 20) & 0xf] << 1) + | (PC1_CR[(tmp >> 12) & 0xf] << 2) + | (PC1_CR[(tmp >> 4) & 0xf] << 3); + d |= PC1_DR[(tmp >> 25) & 0x7] + | (PC1_DR[(tmp >> 17) & 0x7] << 1) + | (PC1_DR[(tmp >> 9) & 0x7] << 2) + | (PC1_DR[(tmp >> 1) & 0x7] << 3); + } - { - /* - * Need several temporaries in here - */ - register unsigned DES_INT32 ltmp, rtmp; - register unsigned DES_INT32 *k; - register int two_bit_shifts; - register int i; - /* - * Now iterate to compute the key schedule. Note that we - * record the entire set of subkeys in 6 bit chunks since - * they are used that way. At 6 bits/char, we need - * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes. - * The schedule must be this big. - */ - k = (unsigned DES_INT32 *)schedule; - two_bit_shifts = TWO_BIT_SHIFTS; - for (i = 16; i > 0; i--) { - /* - * Do the rotation. One bit and two bit rotations - * are done separately. Note C and D are 28 bits. - */ - if (two_bit_shifts & 0x1) { - c = ((c << 2) & 0xffffffc) | (c >> 26); - d = ((d << 2) & 0xffffffc) | (d >> 26); - } else { - c = ((c << 1) & 0xffffffe) | (c >> 27); - d = ((d << 1) & 0xffffffe) | (d >> 27); - } - two_bit_shifts >>= 1; + { + /* + * Need several temporaries in here + */ + register unsigned DES_INT32 ltmp, rtmp; + register unsigned DES_INT32 *k; + register int two_bit_shifts; + register int i; + /* + * Now iterate to compute the key schedule. Note that we + * record the entire set of subkeys in 6 bit chunks since + * they are used that way. At 6 bits/char, we need + * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes. + * The schedule must be this big. + */ + k = (unsigned DES_INT32 *)schedule; + two_bit_shifts = TWO_BIT_SHIFTS; + for (i = 16; i > 0; i--) { + /* + * Do the rotation. One bit and two bit rotations + * are done separately. Note C and D are 28 bits. + */ + if (two_bit_shifts & 0x1) { + c = ((c << 2) & 0xffffffc) | (c >> 26); + d = ((d << 2) & 0xffffffc) | (d >> 26); + } else { + c = ((c << 1) & 0xffffffe) | (c >> 27); + d = ((d << 1) & 0xffffffe) | (d >> 27); + } + two_bit_shifts >>= 1; - /* - * Apply permutted choice 2 to C to get the first - * 24 bits worth of keys. Note that bits 9, 18, 22 - * and 25 (using DES numbering) in C are unused. The - * shift-mask stuff is done to delete these bits from - * the indices, since this cuts the table size in half. - * - * The table is torqued, by the way. If the standard - * byte order for this (high to low order) is 1234, - * the table actually gives us 4132. - */ - ltmp = PC2_C[0][((c >> 22) & 0x3f)] - | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)] - | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)] - | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)]; - /* - * Apply permutted choice 2 to D to get the other half. - * Here, bits 7, 10, 15 and 26 go unused. The sqeezing - * actually turns out to be cheaper here. - * - * This table is similarly torqued. If the standard - * byte order is 5678, the table has the bytes permuted - * to give us 7685. - */ - rtmp = PC2_D[0][((d >> 22) & 0x3f)] - | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)] - | PC2_D[2][((d >> 7) & 0x3f)] - | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)]; + /* + * Apply permutted choice 2 to C to get the first + * 24 bits worth of keys. Note that bits 9, 18, 22 + * and 25 (using DES numbering) in C are unused. The + * shift-mask stuff is done to delete these bits from + * the indices, since this cuts the table size in half. + * + * The table is torqued, by the way. If the standard + * byte order for this (high to low order) is 1234, + * the table actually gives us 4132. + */ + ltmp = PC2_C[0][((c >> 22) & 0x3f)] + | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)] + | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)] + | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)]; + /* + * Apply permutted choice 2 to D to get the other half. + * Here, bits 7, 10, 15 and 26 go unused. The sqeezing + * actually turns out to be cheaper here. + * + * This table is similarly torqued. If the standard + * byte order is 5678, the table has the bytes permuted + * to give us 7685. + */ + rtmp = PC2_D[0][((d >> 22) & 0x3f)] + | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)] + | PC2_D[2][((d >> 7) & 0x3f)] + | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)]; - /* - * Make up two words of the key schedule, with a - * byte order which is convenient for the DES - * inner loop. The high order (first) word will - * hold bytes 7135 (high to low order) while the - * second holds bytes 4682. - */ - *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff); - *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00); - } - } - return (0); + /* + * Make up two words of the key schedule, with a + * byte order which is convenient for the DES + * inner loop. The high order (first) word will + * hold bytes 7135 (high to low order) while the + * second holds bytes 4682. + */ + *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff); + *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00); + } + } + return (0); } diff --git a/src/lib/crypto/builtin/des/f_tables.c b/src/lib/crypto/builtin/des/f_tables.c index 42426bc..9470b2b 100644 --- a/src/lib/crypto/builtin/des/f_tables.c +++ b/src/lib/crypto/builtin/des/f_tables.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/f_tables.c * @@ -70,70 +71,70 @@ */ const unsigned DES_INT32 des_IP_table[256] = { - 0x00000000, 0x00000010, 0x00000001, 0x00000011, - 0x00001000, 0x00001010, 0x00001001, 0x00001011, - 0x00000100, 0x00000110, 0x00000101, 0x00000111, - 0x00001100, 0x00001110, 0x00001101, 0x00001111, - 0x00100000, 0x00100010, 0x00100001, 0x00100011, - 0x00101000, 0x00101010, 0x00101001, 0x00101011, - 0x00100100, 0x00100110, 0x00100101, 0x00100111, - 0x00101100, 0x00101110, 0x00101101, 0x00101111, - 0x00010000, 0x00010010, 0x00010001, 0x00010011, - 0x00011000, 0x00011010, 0x00011001, 0x00011011, - 0x00010100, 0x00010110, 0x00010101, 0x00010111, - 0x00011100, 0x00011110, 0x00011101, 0x00011111, - 0x00110000, 0x00110010, 0x00110001, 0x00110011, - 0x00111000, 0x00111010, 0x00111001, 0x00111011, - 0x00110100, 0x00110110, 0x00110101, 0x00110111, - 0x00111100, 0x00111110, 0x00111101, 0x00111111, - 0x10000000, 0x10000010, 0x10000001, 0x10000011, - 0x10001000, 0x10001010, 0x10001001, 0x10001011, - 0x10000100, 0x10000110, 0x10000101, 0x10000111, - 0x10001100, 0x10001110, 0x10001101, 0x10001111, - 0x10100000, 0x10100010, 0x10100001, 0x10100011, - 0x10101000, 0x10101010, 0x10101001, 0x10101011, - 0x10100100, 0x10100110, 0x10100101, 0x10100111, - 0x10101100, 0x10101110, 0x10101101, 0x10101111, - 0x10010000, 0x10010010, 0x10010001, 0x10010011, - 0x10011000, 0x10011010, 0x10011001, 0x10011011, - 0x10010100, 0x10010110, 0x10010101, 0x10010111, - 0x10011100, 0x10011110, 0x10011101, 0x10011111, - 0x10110000, 0x10110010, 0x10110001, 0x10110011, - 0x10111000, 0x10111010, 0x10111001, 0x10111011, - 0x10110100, 0x10110110, 0x10110101, 0x10110111, - 0x10111100, 0x10111110, 0x10111101, 0x10111111, - 0x01000000, 0x01000010, 0x01000001, 0x01000011, - 0x01001000, 0x01001010, 0x01001001, 0x01001011, - 0x01000100, 0x01000110, 0x01000101, 0x01000111, - 0x01001100, 0x01001110, 0x01001101, 0x01001111, - 0x01100000, 0x01100010, 0x01100001, 0x01100011, - 0x01101000, 0x01101010, 0x01101001, 0x01101011, - 0x01100100, 0x01100110, 0x01100101, 0x01100111, - 0x01101100, 0x01101110, 0x01101101, 0x01101111, - 0x01010000, 0x01010010, 0x01010001, 0x01010011, - 0x01011000, 0x01011010, 0x01011001, 0x01011011, - 0x01010100, 0x01010110, 0x01010101, 0x01010111, - 0x01011100, 0x01011110, 0x01011101, 0x01011111, - 0x01110000, 0x01110010, 0x01110001, 0x01110011, - 0x01111000, 0x01111010, 0x01111001, 0x01111011, - 0x01110100, 0x01110110, 0x01110101, 0x01110111, - 0x01111100, 0x01111110, 0x01111101, 0x01111111, - 0x11000000, 0x11000010, 0x11000001, 0x11000011, - 0x11001000, 0x11001010, 0x11001001, 0x11001011, - 0x11000100, 0x11000110, 0x11000101, 0x11000111, - 0x11001100, 0x11001110, 0x11001101, 0x11001111, - 0x11100000, 0x11100010, 0x11100001, 0x11100011, - 0x11101000, 0x11101010, 0x11101001, 0x11101011, - 0x11100100, 0x11100110, 0x11100101, 0x11100111, - 0x11101100, 0x11101110, 0x11101101, 0x11101111, - 0x11010000, 0x11010010, 0x11010001, 0x11010011, - 0x11011000, 0x11011010, 0x11011001, 0x11011011, - 0x11010100, 0x11010110, 0x11010101, 0x11010111, - 0x11011100, 0x11011110, 0x11011101, 0x11011111, - 0x11110000, 0x11110010, 0x11110001, 0x11110011, - 0x11111000, 0x11111010, 0x11111001, 0x11111011, - 0x11110100, 0x11110110, 0x11110101, 0x11110111, - 0x11111100, 0x11111110, 0x11111101, 0x11111111 + 0x00000000, 0x00000010, 0x00000001, 0x00000011, + 0x00001000, 0x00001010, 0x00001001, 0x00001011, + 0x00000100, 0x00000110, 0x00000101, 0x00000111, + 0x00001100, 0x00001110, 0x00001101, 0x00001111, + 0x00100000, 0x00100010, 0x00100001, 0x00100011, + 0x00101000, 0x00101010, 0x00101001, 0x00101011, + 0x00100100, 0x00100110, 0x00100101, 0x00100111, + 0x00101100, 0x00101110, 0x00101101, 0x00101111, + 0x00010000, 0x00010010, 0x00010001, 0x00010011, + 0x00011000, 0x00011010, 0x00011001, 0x00011011, + 0x00010100, 0x00010110, 0x00010101, 0x00010111, + 0x00011100, 0x00011110, 0x00011101, 0x00011111, + 0x00110000, 0x00110010, 0x00110001, 0x00110011, + 0x00111000, 0x00111010, 0x00111001, 0x00111011, + 0x00110100, 0x00110110, 0x00110101, 0x00110111, + 0x00111100, 0x00111110, 0x00111101, 0x00111111, + 0x10000000, 0x10000010, 0x10000001, 0x10000011, + 0x10001000, 0x10001010, 0x10001001, 0x10001011, + 0x10000100, 0x10000110, 0x10000101, 0x10000111, + 0x10001100, 0x10001110, 0x10001101, 0x10001111, + 0x10100000, 0x10100010, 0x10100001, 0x10100011, + 0x10101000, 0x10101010, 0x10101001, 0x10101011, + 0x10100100, 0x10100110, 0x10100101, 0x10100111, + 0x10101100, 0x10101110, 0x10101101, 0x10101111, + 0x10010000, 0x10010010, 0x10010001, 0x10010011, + 0x10011000, 0x10011010, 0x10011001, 0x10011011, + 0x10010100, 0x10010110, 0x10010101, 0x10010111, + 0x10011100, 0x10011110, 0x10011101, 0x10011111, + 0x10110000, 0x10110010, 0x10110001, 0x10110011, + 0x10111000, 0x10111010, 0x10111001, 0x10111011, + 0x10110100, 0x10110110, 0x10110101, 0x10110111, + 0x10111100, 0x10111110, 0x10111101, 0x10111111, + 0x01000000, 0x01000010, 0x01000001, 0x01000011, + 0x01001000, 0x01001010, 0x01001001, 0x01001011, + 0x01000100, 0x01000110, 0x01000101, 0x01000111, + 0x01001100, 0x01001110, 0x01001101, 0x01001111, + 0x01100000, 0x01100010, 0x01100001, 0x01100011, + 0x01101000, 0x01101010, 0x01101001, 0x01101011, + 0x01100100, 0x01100110, 0x01100101, 0x01100111, + 0x01101100, 0x01101110, 0x01101101, 0x01101111, + 0x01010000, 0x01010010, 0x01010001, 0x01010011, + 0x01011000, 0x01011010, 0x01011001, 0x01011011, + 0x01010100, 0x01010110, 0x01010101, 0x01010111, + 0x01011100, 0x01011110, 0x01011101, 0x01011111, + 0x01110000, 0x01110010, 0x01110001, 0x01110011, + 0x01111000, 0x01111010, 0x01111001, 0x01111011, + 0x01110100, 0x01110110, 0x01110101, 0x01110111, + 0x01111100, 0x01111110, 0x01111101, 0x01111111, + 0x11000000, 0x11000010, 0x11000001, 0x11000011, + 0x11001000, 0x11001010, 0x11001001, 0x11001011, + 0x11000100, 0x11000110, 0x11000101, 0x11000111, + 0x11001100, 0x11001110, 0x11001101, 0x11001111, + 0x11100000, 0x11100010, 0x11100001, 0x11100011, + 0x11101000, 0x11101010, 0x11101001, 0x11101011, + 0x11100100, 0x11100110, 0x11100101, 0x11100111, + 0x11101100, 0x11101110, 0x11101101, 0x11101111, + 0x11010000, 0x11010010, 0x11010001, 0x11010011, + 0x11011000, 0x11011010, 0x11011001, 0x11011011, + 0x11010100, 0x11010110, 0x11010101, 0x11010111, + 0x11011100, 0x11011110, 0x11011101, 0x11011111, + 0x11110000, 0x11110010, 0x11110001, 0x11110011, + 0x11111000, 0x11111010, 0x11111001, 0x11111011, + 0x11110100, 0x11110110, 0x11110101, 0x11110111, + 0x11111100, 0x11111110, 0x11111101, 0x11111111 }; /* @@ -150,70 +151,70 @@ const unsigned DES_INT32 des_IP_table[256] = { * which is or'd with the result from the low byte. */ const unsigned DES_INT32 des_FP_table[256] = { - 0x00000000, 0x02000000, 0x00020000, 0x02020000, - 0x00000200, 0x02000200, 0x00020200, 0x02020200, - 0x00000002, 0x02000002, 0x00020002, 0x02020002, - 0x00000202, 0x02000202, 0x00020202, 0x02020202, - 0x01000000, 0x03000000, 0x01020000, 0x03020000, - 0x01000200, 0x03000200, 0x01020200, 0x03020200, - 0x01000002, 0x03000002, 0x01020002, 0x03020002, - 0x01000202, 0x03000202, 0x01020202, 0x03020202, - 0x00010000, 0x02010000, 0x00030000, 0x02030000, - 0x00010200, 0x02010200, 0x00030200, 0x02030200, - 0x00010002, 0x02010002, 0x00030002, 0x02030002, - 0x00010202, 0x02010202, 0x00030202, 0x02030202, - 0x01010000, 0x03010000, 0x01030000, 0x03030000, - 0x01010200, 0x03010200, 0x01030200, 0x03030200, - 0x01010002, 0x03010002, 0x01030002, 0x03030002, - 0x01010202, 0x03010202, 0x01030202, 0x03030202, - 0x00000100, 0x02000100, 0x00020100, 0x02020100, - 0x00000300, 0x02000300, 0x00020300, 0x02020300, - 0x00000102, 0x02000102, 0x00020102, 0x02020102, - 0x00000302, 0x02000302, 0x00020302, 0x02020302, - 0x01000100, 0x03000100, 0x01020100, 0x03020100, - 0x01000300, 0x03000300, 0x01020300, 0x03020300, - 0x01000102, 0x03000102, 0x01020102, 0x03020102, - 0x01000302, 0x03000302, 0x01020302, 0x03020302, - 0x00010100, 0x02010100, 0x00030100, 0x02030100, - 0x00010300, 0x02010300, 0x00030300, 0x02030300, - 0x00010102, 0x02010102, 0x00030102, 0x02030102, - 0x00010302, 0x02010302, 0x00030302, 0x02030302, - 0x01010100, 0x03010100, 0x01030100, 0x03030100, - 0x01010300, 0x03010300, 0x01030300, 0x03030300, - 0x01010102, 0x03010102, 0x01030102, 0x03030102, - 0x01010302, 0x03010302, 0x01030302, 0x03030302, - 0x00000001, 0x02000001, 0x00020001, 0x02020001, - 0x00000201, 0x02000201, 0x00020201, 0x02020201, - 0x00000003, 0x02000003, 0x00020003, 0x02020003, - 0x00000203, 0x02000203, 0x00020203, 0x02020203, - 0x01000001, 0x03000001, 0x01020001, 0x03020001, - 0x01000201, 0x03000201, 0x01020201, 0x03020201, - 0x01000003, 0x03000003, 0x01020003, 0x03020003, - 0x01000203, 0x03000203, 0x01020203, 0x03020203, - 0x00010001, 0x02010001, 0x00030001, 0x02030001, - 0x00010201, 0x02010201, 0x00030201, 0x02030201, - 0x00010003, 0x02010003, 0x00030003, 0x02030003, - 0x00010203, 0x02010203, 0x00030203, 0x02030203, - 0x01010001, 0x03010001, 0x01030001, 0x03030001, - 0x01010201, 0x03010201, 0x01030201, 0x03030201, - 0x01010003, 0x03010003, 0x01030003, 0x03030003, - 0x01010203, 0x03010203, 0x01030203, 0x03030203, - 0x00000101, 0x02000101, 0x00020101, 0x02020101, - 0x00000301, 0x02000301, 0x00020301, 0x02020301, - 0x00000103, 0x02000103, 0x00020103, 0x02020103, - 0x00000303, 0x02000303, 0x00020303, 0x02020303, - 0x01000101, 0x03000101, 0x01020101, 0x03020101, - 0x01000301, 0x03000301, 0x01020301, 0x03020301, - 0x01000103, 0x03000103, 0x01020103, 0x03020103, - 0x01000303, 0x03000303, 0x01020303, 0x03020303, - 0x00010101, 0x02010101, 0x00030101, 0x02030101, - 0x00010301, 0x02010301, 0x00030301, 0x02030301, - 0x00010103, 0x02010103, 0x00030103, 0x02030103, - 0x00010303, 0x02010303, 0x00030303, 0x02030303, - 0x01010101, 0x03010101, 0x01030101, 0x03030101, - 0x01010301, 0x03010301, 0x01030301, 0x03030301, - 0x01010103, 0x03010103, 0x01030103, 0x03030103, - 0x01010303, 0x03010303, 0x01030303, 0x03030303 + 0x00000000, 0x02000000, 0x00020000, 0x02020000, + 0x00000200, 0x02000200, 0x00020200, 0x02020200, + 0x00000002, 0x02000002, 0x00020002, 0x02020002, + 0x00000202, 0x02000202, 0x00020202, 0x02020202, + 0x01000000, 0x03000000, 0x01020000, 0x03020000, + 0x01000200, 0x03000200, 0x01020200, 0x03020200, + 0x01000002, 0x03000002, 0x01020002, 0x03020002, + 0x01000202, 0x03000202, 0x01020202, 0x03020202, + 0x00010000, 0x02010000, 0x00030000, 0x02030000, + 0x00010200, 0x02010200, 0x00030200, 0x02030200, + 0x00010002, 0x02010002, 0x00030002, 0x02030002, + 0x00010202, 0x02010202, 0x00030202, 0x02030202, + 0x01010000, 0x03010000, 0x01030000, 0x03030000, + 0x01010200, 0x03010200, 0x01030200, 0x03030200, + 0x01010002, 0x03010002, 0x01030002, 0x03030002, + 0x01010202, 0x03010202, 0x01030202, 0x03030202, + 0x00000100, 0x02000100, 0x00020100, 0x02020100, + 0x00000300, 0x02000300, 0x00020300, 0x02020300, + 0x00000102, 0x02000102, 0x00020102, 0x02020102, + 0x00000302, 0x02000302, 0x00020302, 0x02020302, + 0x01000100, 0x03000100, 0x01020100, 0x03020100, + 0x01000300, 0x03000300, 0x01020300, 0x03020300, + 0x01000102, 0x03000102, 0x01020102, 0x03020102, + 0x01000302, 0x03000302, 0x01020302, 0x03020302, + 0x00010100, 0x02010100, 0x00030100, 0x02030100, + 0x00010300, 0x02010300, 0x00030300, 0x02030300, + 0x00010102, 0x02010102, 0x00030102, 0x02030102, + 0x00010302, 0x02010302, 0x00030302, 0x02030302, + 0x01010100, 0x03010100, 0x01030100, 0x03030100, + 0x01010300, 0x03010300, 0x01030300, 0x03030300, + 0x01010102, 0x03010102, 0x01030102, 0x03030102, + 0x01010302, 0x03010302, 0x01030302, 0x03030302, + 0x00000001, 0x02000001, 0x00020001, 0x02020001, + 0x00000201, 0x02000201, 0x00020201, 0x02020201, + 0x00000003, 0x02000003, 0x00020003, 0x02020003, + 0x00000203, 0x02000203, 0x00020203, 0x02020203, + 0x01000001, 0x03000001, 0x01020001, 0x03020001, + 0x01000201, 0x03000201, 0x01020201, 0x03020201, + 0x01000003, 0x03000003, 0x01020003, 0x03020003, + 0x01000203, 0x03000203, 0x01020203, 0x03020203, + 0x00010001, 0x02010001, 0x00030001, 0x02030001, + 0x00010201, 0x02010201, 0x00030201, 0x02030201, + 0x00010003, 0x02010003, 0x00030003, 0x02030003, + 0x00010203, 0x02010203, 0x00030203, 0x02030203, + 0x01010001, 0x03010001, 0x01030001, 0x03030001, + 0x01010201, 0x03010201, 0x01030201, 0x03030201, + 0x01010003, 0x03010003, 0x01030003, 0x03030003, + 0x01010203, 0x03010203, 0x01030203, 0x03030203, + 0x00000101, 0x02000101, 0x00020101, 0x02020101, + 0x00000301, 0x02000301, 0x00020301, 0x02020301, + 0x00000103, 0x02000103, 0x00020103, 0x02020103, + 0x00000303, 0x02000303, 0x00020303, 0x02020303, + 0x01000101, 0x03000101, 0x01020101, 0x03020101, + 0x01000301, 0x03000301, 0x01020301, 0x03020301, + 0x01000103, 0x03000103, 0x01020103, 0x03020103, + 0x01000303, 0x03000303, 0x01020303, 0x03020303, + 0x00010101, 0x02010101, 0x00030101, 0x02030101, + 0x00010301, 0x02010301, 0x00030301, 0x02030301, + 0x00010103, 0x02010103, 0x00030103, 0x02030103, + 0x00010303, 0x02010303, 0x00030303, 0x02030303, + 0x01010101, 0x03010101, 0x01030101, 0x03030101, + 0x01010301, 0x03010301, 0x01030301, 0x03030301, + 0x01010103, 0x03010103, 0x01030103, 0x03030103, + 0x01010303, 0x03010303, 0x01030303, 0x03030303 }; @@ -223,148 +224,148 @@ const unsigned DES_INT32 des_FP_table[256] = { * spec, to match the order of key application we follow. */ const unsigned DES_INT32 des_SP_table[8][64] = { - { - 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */ - 0x00000400, 0x02000401, 0x00100401, 0x02100400, - 0x02100401, 0x00100000, 0x00000000, 0x02000001, - 0x00000001, 0x02000000, 0x02100001, 0x00000401, - 0x02000400, 0x00100401, 0x00100001, 0x02000400, - 0x02000001, 0x02100000, 0x02100400, 0x00100001, - 0x02100000, 0x00000400, 0x00000401, 0x02100401, - 0x00100400, 0x00000001, 0x02000000, 0x00100400, - 0x02000000, 0x00100400, 0x00100000, 0x02000401, - 0x02000401, 0x02100001, 0x02100001, 0x00000001, - 0x00100001, 0x02000000, 0x02000400, 0x00100000, - 0x02100400, 0x00000401, 0x00100401, 0x02100400, - 0x00000401, 0x02000001, 0x02100401, 0x02100000, - 0x00100400, 0x00000000, 0x00000001, 0x02100401, - 0x00000000, 0x00100401, 0x02100000, 0x00000400, - 0x02000001, 0x02000400, 0x00000400, 0x00100001, - }, - { - 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */ - 0x00808002, 0x00008202, 0x00000002, 0x00008000, - 0x00000200, 0x00808200, 0x00808202, 0x00000200, - 0x00800202, 0x00808002, 0x00800000, 0x00000002, - 0x00000202, 0x00800200, 0x00800200, 0x00008200, - 0x00008200, 0x00808000, 0x00808000, 0x00800202, - 0x00008002, 0x00800002, 0x00800002, 0x00008002, - 0x00000000, 0x00000202, 0x00008202, 0x00800000, - 0x00008000, 0x00808202, 0x00000002, 0x00808000, - 0x00808200, 0x00800000, 0x00800000, 0x00000200, - 0x00808002, 0x00008000, 0x00008200, 0x00800002, - 0x00000200, 0x00000002, 0x00800202, 0x00008202, - 0x00808202, 0x00008002, 0x00808000, 0x00800202, - 0x00800002, 0x00000202, 0x00008202, 0x00808200, - 0x00000202, 0x00800200, 0x00800200, 0x00000000, - 0x00008002, 0x00008200, 0x00000000, 0x00808002, - }, - { - 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */ - 0x04000100, 0x00000000, 0x00010104, 0x04000100, - 0x00010004, 0x04000004, 0x04000004, 0x00010000, - 0x04010104, 0x00010004, 0x04010000, 0x00000104, - 0x04000000, 0x00000004, 0x04010100, 0x00000100, - 0x00010100, 0x04010000, 0x04010004, 0x00010104, - 0x04000104, 0x00010100, 0x00010000, 0x04000104, - 0x00000004, 0x04010104, 0x00000100, 0x04000000, - 0x04010100, 0x04000000, 0x00010004, 0x00000104, - 0x00010000, 0x04010100, 0x04000100, 0x00000000, - 0x00000100, 0x00010004, 0x04010104, 0x04000100, - 0x04000004, 0x00000100, 0x00000000, 0x04010004, - 0x04000104, 0x00010000, 0x04000000, 0x04010104, - 0x00000004, 0x00010104, 0x00010100, 0x04000004, - 0x04010000, 0x04000104, 0x00000104, 0x04010000, - 0x00010104, 0x00000004, 0x04010004, 0x00010100, - }, - { - 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */ - 0x00040000, 0x00000080, 0x20000000, 0x01040000, - 0x20040080, 0x00040000, 0x01000080, 0x20040080, - 0x21000080, 0x21040000, 0x00040080, 0x20000000, - 0x01000000, 0x20040000, 0x20040000, 0x00000000, - 0x20000080, 0x21040080, 0x21040080, 0x01000080, - 0x21040000, 0x20000080, 0x00000000, 0x21000000, - 0x01040080, 0x01000000, 0x21000000, 0x00040080, - 0x00040000, 0x21000080, 0x00000080, 0x01000000, - 0x20000000, 0x01040000, 0x21000080, 0x20040080, - 0x01000080, 0x20000000, 0x21040000, 0x01040080, - 0x20040080, 0x00000080, 0x01000000, 0x21040000, - 0x21040080, 0x00040080, 0x21000000, 0x21040080, - 0x01040000, 0x00000000, 0x20040000, 0x21000000, - 0x00040080, 0x01000080, 0x20000080, 0x00040000, - 0x00000000, 0x20040000, 0x01040080, 0x20000080, - }, - { - 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */ - 0x00401040, 0x80400040, 0x80400000, 0x80001000, - 0x00000000, 0x00401000, 0x00401000, 0x80401040, - 0x80000040, 0x00000000, 0x00400040, 0x80400000, - 0x80000000, 0x00001000, 0x00400000, 0x80401000, - 0x00000040, 0x00400000, 0x80001000, 0x00001040, - 0x80400040, 0x80000000, 0x00001040, 0x00400040, - 0x00001000, 0x00401040, 0x80401040, 0x80000040, - 0x00400040, 0x80400000, 0x00401000, 0x80401040, - 0x80000040, 0x00000000, 0x00000000, 0x00401000, - 0x00001040, 0x00400040, 0x80400040, 0x80000000, - 0x80401000, 0x80001040, 0x80001040, 0x00000040, - 0x80401040, 0x80000040, 0x80000000, 0x00001000, - 0x80400000, 0x80001000, 0x00401040, 0x80400040, - 0x80001000, 0x00001040, 0x00400000, 0x80401000, - 0x00000040, 0x00400000, 0x00001000, 0x00401040, - }, - { - 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */ - 0x10200000, 0x00000008, 0x10202008, 0x00200000, - 0x10002000, 0x00202008, 0x00200000, 0x10000008, - 0x00200008, 0x10002000, 0x10000000, 0x00002008, - 0x00000000, 0x00200008, 0x10002008, 0x00002000, - 0x00202000, 0x10002008, 0x00000008, 0x10200008, - 0x10200008, 0x00000000, 0x00202008, 0x10202000, - 0x00002008, 0x00202000, 0x10202000, 0x10000000, - 0x10002000, 0x00000008, 0x10200008, 0x00202000, - 0x10202008, 0x00200000, 0x00002008, 0x10000008, - 0x00200000, 0x10002000, 0x10000000, 0x00002008, - 0x10000008, 0x10202008, 0x00202000, 0x10200000, - 0x00202008, 0x10202000, 0x00000000, 0x10200008, - 0x00000008, 0x00002000, 0x10200000, 0x00202008, - 0x00002000, 0x00200008, 0x10002008, 0x00000000, - 0x10202000, 0x10000000, 0x00200008, 0x10002008, - }, - { - 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */ - 0x08000000, 0x08000820, 0x00000020, 0x08000000, - 0x00020020, 0x08020000, 0x08020820, 0x00020800, - 0x08020800, 0x00020820, 0x00000800, 0x00000020, - 0x08020000, 0x08000020, 0x08000800, 0x00000820, - 0x00020800, 0x00020020, 0x08020020, 0x08020800, - 0x00000820, 0x00000000, 0x00000000, 0x08020020, - 0x08000020, 0x08000800, 0x00020820, 0x00020000, - 0x00020820, 0x00020000, 0x08020800, 0x00000800, - 0x00000020, 0x08020020, 0x00000800, 0x00020820, - 0x08000800, 0x00000020, 0x08000020, 0x08020000, - 0x08020020, 0x08000000, 0x00020000, 0x08000820, - 0x00000000, 0x08020820, 0x00020020, 0x08000020, - 0x08020000, 0x08000800, 0x08000820, 0x00000000, - 0x08020820, 0x00020800, 0x00020800, 0x00000820, - 0x00000820, 0x00020020, 0x08000000, 0x08020800, - }, - { - 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */ - 0x00080000, 0x00000010, 0x40080010, 0x40004010, - 0x40000010, 0x40084010, 0x40084000, 0x40000000, - 0x40004000, 0x00080000, 0x00000010, 0x40080010, - 0x00084000, 0x00080010, 0x40004010, 0x00000000, - 0x40000000, 0x00004000, 0x00084010, 0x40080000, - 0x00080010, 0x40000010, 0x00000000, 0x00084000, - 0x00004010, 0x40084000, 0x40080000, 0x00004010, - 0x00000000, 0x00084010, 0x40080010, 0x00080000, - 0x40004010, 0x40080000, 0x40084000, 0x00004000, - 0x40080000, 0x40004000, 0x00000010, 0x40084010, - 0x00084010, 0x00000010, 0x00004000, 0x40000000, - 0x00004010, 0x40084000, 0x00080000, 0x40000010, - 0x00080010, 0x40004010, 0x40000010, 0x00080010, - 0x00084000, 0x00000000, 0x40004000, 0x00004010, - 0x40000000, 0x40080010, 0x40084010, 0x00084000 - }, + { + 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */ + 0x00000400, 0x02000401, 0x00100401, 0x02100400, + 0x02100401, 0x00100000, 0x00000000, 0x02000001, + 0x00000001, 0x02000000, 0x02100001, 0x00000401, + 0x02000400, 0x00100401, 0x00100001, 0x02000400, + 0x02000001, 0x02100000, 0x02100400, 0x00100001, + 0x02100000, 0x00000400, 0x00000401, 0x02100401, + 0x00100400, 0x00000001, 0x02000000, 0x00100400, + 0x02000000, 0x00100400, 0x00100000, 0x02000401, + 0x02000401, 0x02100001, 0x02100001, 0x00000001, + 0x00100001, 0x02000000, 0x02000400, 0x00100000, + 0x02100400, 0x00000401, 0x00100401, 0x02100400, + 0x00000401, 0x02000001, 0x02100401, 0x02100000, + 0x00100400, 0x00000000, 0x00000001, 0x02100401, + 0x00000000, 0x00100401, 0x02100000, 0x00000400, + 0x02000001, 0x02000400, 0x00000400, 0x00100001, + }, + { + 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */ + 0x00808002, 0x00008202, 0x00000002, 0x00008000, + 0x00000200, 0x00808200, 0x00808202, 0x00000200, + 0x00800202, 0x00808002, 0x00800000, 0x00000002, + 0x00000202, 0x00800200, 0x00800200, 0x00008200, + 0x00008200, 0x00808000, 0x00808000, 0x00800202, + 0x00008002, 0x00800002, 0x00800002, 0x00008002, + 0x00000000, 0x00000202, 0x00008202, 0x00800000, + 0x00008000, 0x00808202, 0x00000002, 0x00808000, + 0x00808200, 0x00800000, 0x00800000, 0x00000200, + 0x00808002, 0x00008000, 0x00008200, 0x00800002, + 0x00000200, 0x00000002, 0x00800202, 0x00008202, + 0x00808202, 0x00008002, 0x00808000, 0x00800202, + 0x00800002, 0x00000202, 0x00008202, 0x00808200, + 0x00000202, 0x00800200, 0x00800200, 0x00000000, + 0x00008002, 0x00008200, 0x00000000, 0x00808002, + }, + { + 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */ + 0x04000100, 0x00000000, 0x00010104, 0x04000100, + 0x00010004, 0x04000004, 0x04000004, 0x00010000, + 0x04010104, 0x00010004, 0x04010000, 0x00000104, + 0x04000000, 0x00000004, 0x04010100, 0x00000100, + 0x00010100, 0x04010000, 0x04010004, 0x00010104, + 0x04000104, 0x00010100, 0x00010000, 0x04000104, + 0x00000004, 0x04010104, 0x00000100, 0x04000000, + 0x04010100, 0x04000000, 0x00010004, 0x00000104, + 0x00010000, 0x04010100, 0x04000100, 0x00000000, + 0x00000100, 0x00010004, 0x04010104, 0x04000100, + 0x04000004, 0x00000100, 0x00000000, 0x04010004, + 0x04000104, 0x00010000, 0x04000000, 0x04010104, + 0x00000004, 0x00010104, 0x00010100, 0x04000004, + 0x04010000, 0x04000104, 0x00000104, 0x04010000, + 0x00010104, 0x00000004, 0x04010004, 0x00010100, + }, + { + 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */ + 0x00040000, 0x00000080, 0x20000000, 0x01040000, + 0x20040080, 0x00040000, 0x01000080, 0x20040080, + 0x21000080, 0x21040000, 0x00040080, 0x20000000, + 0x01000000, 0x20040000, 0x20040000, 0x00000000, + 0x20000080, 0x21040080, 0x21040080, 0x01000080, + 0x21040000, 0x20000080, 0x00000000, 0x21000000, + 0x01040080, 0x01000000, 0x21000000, 0x00040080, + 0x00040000, 0x21000080, 0x00000080, 0x01000000, + 0x20000000, 0x01040000, 0x21000080, 0x20040080, + 0x01000080, 0x20000000, 0x21040000, 0x01040080, + 0x20040080, 0x00000080, 0x01000000, 0x21040000, + 0x21040080, 0x00040080, 0x21000000, 0x21040080, + 0x01040000, 0x00000000, 0x20040000, 0x21000000, + 0x00040080, 0x01000080, 0x20000080, 0x00040000, + 0x00000000, 0x20040000, 0x01040080, 0x20000080, + }, + { + 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */ + 0x00401040, 0x80400040, 0x80400000, 0x80001000, + 0x00000000, 0x00401000, 0x00401000, 0x80401040, + 0x80000040, 0x00000000, 0x00400040, 0x80400000, + 0x80000000, 0x00001000, 0x00400000, 0x80401000, + 0x00000040, 0x00400000, 0x80001000, 0x00001040, + 0x80400040, 0x80000000, 0x00001040, 0x00400040, + 0x00001000, 0x00401040, 0x80401040, 0x80000040, + 0x00400040, 0x80400000, 0x00401000, 0x80401040, + 0x80000040, 0x00000000, 0x00000000, 0x00401000, + 0x00001040, 0x00400040, 0x80400040, 0x80000000, + 0x80401000, 0x80001040, 0x80001040, 0x00000040, + 0x80401040, 0x80000040, 0x80000000, 0x00001000, + 0x80400000, 0x80001000, 0x00401040, 0x80400040, + 0x80001000, 0x00001040, 0x00400000, 0x80401000, + 0x00000040, 0x00400000, 0x00001000, 0x00401040, + }, + { + 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */ + 0x10200000, 0x00000008, 0x10202008, 0x00200000, + 0x10002000, 0x00202008, 0x00200000, 0x10000008, + 0x00200008, 0x10002000, 0x10000000, 0x00002008, + 0x00000000, 0x00200008, 0x10002008, 0x00002000, + 0x00202000, 0x10002008, 0x00000008, 0x10200008, + 0x10200008, 0x00000000, 0x00202008, 0x10202000, + 0x00002008, 0x00202000, 0x10202000, 0x10000000, + 0x10002000, 0x00000008, 0x10200008, 0x00202000, + 0x10202008, 0x00200000, 0x00002008, 0x10000008, + 0x00200000, 0x10002000, 0x10000000, 0x00002008, + 0x10000008, 0x10202008, 0x00202000, 0x10200000, + 0x00202008, 0x10202000, 0x00000000, 0x10200008, + 0x00000008, 0x00002000, 0x10200000, 0x00202008, + 0x00002000, 0x00200008, 0x10002008, 0x00000000, + 0x10202000, 0x10000000, 0x00200008, 0x10002008, + }, + { + 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */ + 0x08000000, 0x08000820, 0x00000020, 0x08000000, + 0x00020020, 0x08020000, 0x08020820, 0x00020800, + 0x08020800, 0x00020820, 0x00000800, 0x00000020, + 0x08020000, 0x08000020, 0x08000800, 0x00000820, + 0x00020800, 0x00020020, 0x08020020, 0x08020800, + 0x00000820, 0x00000000, 0x00000000, 0x08020020, + 0x08000020, 0x08000800, 0x00020820, 0x00020000, + 0x00020820, 0x00020000, 0x08020800, 0x00000800, + 0x00000020, 0x08020020, 0x00000800, 0x00020820, + 0x08000800, 0x00000020, 0x08000020, 0x08020000, + 0x08020020, 0x08000000, 0x00020000, 0x08000820, + 0x00000000, 0x08020820, 0x00020020, 0x08000020, + 0x08020000, 0x08000800, 0x08000820, 0x00000000, + 0x08020820, 0x00020800, 0x00020800, 0x00000820, + 0x00000820, 0x00020020, 0x08000000, 0x08020800, + }, + { + 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */ + 0x00080000, 0x00000010, 0x40080010, 0x40004010, + 0x40000010, 0x40084010, 0x40084000, 0x40000000, + 0x40004000, 0x00080000, 0x00000010, 0x40080010, + 0x00084000, 0x00080010, 0x40004010, 0x00000000, + 0x40000000, 0x00004000, 0x00084010, 0x40080000, + 0x00080010, 0x40000010, 0x00000000, 0x00084000, + 0x00004010, 0x40084000, 0x40080000, 0x00004010, + 0x00000000, 0x00084010, 0x40080010, 0x00080000, + 0x40004010, 0x40080000, 0x40084000, 0x00004000, + 0x40080000, 0x40004000, 0x00000010, 0x40084010, + 0x00084010, 0x00000010, 0x00004000, 0x40000000, + 0x00004010, 0x40084000, 0x00080000, 0x40000010, + 0x00080010, 0x40004010, 0x40000010, 0x00080010, + 0x00084000, 0x00000000, 0x40004000, 0x00004010, + 0x40000000, 0x40080010, 0x40084010, 0x00084000 + }, }; diff --git a/src/lib/crypto/builtin/des/f_tables.h b/src/lib/crypto/builtin/des/f_tables.h index 45a6322..af140f0 100644 --- a/src/lib/crypto/builtin/des/f_tables.h +++ b/src/lib/crypto/builtin/des/f_tables.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/f_tables.h * @@ -28,10 +29,10 @@ /* * des_tables.h - declarations to import the DES tables, used internally - * by some of the library routines. + * by some of the library routines. */ -#ifndef __DES_TABLES_H__ -#define __DES_TABLES_H__ /* nothing */ +#ifndef __DES_TABLES_H__ +#define __DES_TABLES_H__ /* nothing */ #include "k5-platform.h" /* @@ -45,14 +46,14 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; /* * Use standard shortforms to reference these to save typing */ -#define IP des_IP_table -#define FP des_FP_table -#define SP des_SP_table +#define IP des_IP_table +#define FP des_FP_table +#define SP des_SP_table #ifdef DEBUG -#define DEB(foofraw) printf foofraw +#define DEB(foofraw) printf foofraw #else -#define DEB(foofraw) /* nothing */ +#define DEB(foofraw) /* nothing */ #endif /* @@ -89,39 +90,39 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * * When using this, the inner loop of the DES function might look like: * - * for (i = 0; i < 8; i++) { - * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp); - * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp); - * } + * for (i = 0; i < 8; i++) { + * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp); + * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp); + * } * * Note the trick above. You are supposed to do 16 rounds, swapping * left and right at the end of each round. By doing two rounds at * a time and swapping left and right in the code we can avoid the * swaps altogether. */ -#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) \ - (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \ - (left) ^= SP[0][((temp) >> 24) & 0x3f] \ - | SP[1][((temp) >> 16) & 0x3f] \ - | SP[2][((temp) >> 8) & 0x3f] \ - | SP[3][((temp) ) & 0x3f]; \ - (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \ - (left) ^= SP[4][((temp) >> 24) & 0x3f] \ - | SP[5][((temp) >> 16) & 0x3f] \ - | SP[6][((temp) >> 8) & 0x3f] \ - | SP[7][((temp) ) & 0x3f] +#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) \ + (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \ + (left) ^= SP[0][((temp) >> 24) & 0x3f] \ + | SP[1][((temp) >> 16) & 0x3f] \ + | SP[2][((temp) >> 8) & 0x3f] \ + | SP[3][((temp) ) & 0x3f]; \ + (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \ + (left) ^= SP[4][((temp) >> 24) & 0x3f] \ + | SP[5][((temp) >> 16) & 0x3f] \ + | SP[6][((temp) >> 8) & 0x3f] \ + | SP[7][((temp) ) & 0x3f] -#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) \ - (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \ - (left) ^= SP[7][((temp) ) & 0x3f] \ - | SP[6][((temp) >> 8) & 0x3f] \ - | SP[5][((temp) >> 16) & 0x3f] \ - | SP[4][((temp) >> 24) & 0x3f]; \ - (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \ - (left) ^= SP[3][((temp) ) & 0x3f] \ - | SP[2][((temp) >> 8) & 0x3f] \ - | SP[1][((temp) >> 16) & 0x3f] \ - | SP[0][((temp) >> 24) & 0x3f] +#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) \ + (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \ + (left) ^= SP[7][((temp) ) & 0x3f] \ + | SP[6][((temp) >> 8) & 0x3f] \ + | SP[5][((temp) >> 16) & 0x3f] \ + | SP[4][((temp) >> 24) & 0x3f]; \ + (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \ + (left) ^= SP[3][((temp) ) & 0x3f] \ + | SP[2][((temp) >> 8) & 0x3f] \ + | SP[1][((temp) >> 16) & 0x3f] \ + | SP[0][((temp) >> 24) & 0x3f] /* * Macros to help deal with the initial permutation table. Note @@ -140,11 +141,11 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * the Macintosh MPW 3.2 C compiler which loses the unsignedness and * propagates the high-order bit in the shift. */ -#define DES_IP_LEFT_BITS(left, right) \ - ((((left) & 0x55555555) << 1) | ((right) & 0x55555555)) -#define DES_IP_RIGHT_BITS(left, right) \ - (((left) & 0xaaaaaaaa) | \ - ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1)) +#define DES_IP_LEFT_BITS(left, right) \ + ((((left) & 0x55555555) << 1) | ((right) & 0x55555555)) +#define DES_IP_RIGHT_BITS(left, right) \ + (((left) & 0xaaaaaaaa) | \ + ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1)) /* * The following macro does an in-place initial permutation given @@ -154,17 +155,17 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * are dealing with. If you use this, though, try to make left, * right and temp register unsigned DES_INT32s. */ -#define DES_INITIAL_PERM(left, right, temp) \ - (temp) = DES_IP_RIGHT_BITS((left), (right)); \ - (right) = DES_IP_LEFT_BITS((left), (right)); \ - (left) = IP[((right) >> 24) & 0xff] \ - | (IP[((right) >> 16) & 0xff] << 1) \ - | (IP[((right) >> 8) & 0xff] << 2) \ - | (IP[(right) & 0xff] << 3); \ - (right) = IP[((temp) >> 24) & 0xff] \ - | (IP[((temp) >> 16) & 0xff] << 1) \ - | (IP[((temp) >> 8) & 0xff] << 2) \ - | (IP[(temp) & 0xff] << 3) +#define DES_INITIAL_PERM(left, right, temp) \ + (temp) = DES_IP_RIGHT_BITS((left), (right)); \ + (right) = DES_IP_LEFT_BITS((left), (right)); \ + (left) = IP[((right) >> 24) & 0xff] \ + | (IP[((right) >> 16) & 0xff] << 1) \ + | (IP[((right) >> 8) & 0xff] << 2) \ + | (IP[(right) & 0xff] << 3); \ + (right) = IP[((temp) >> 24) & 0xff] \ + | (IP[((temp) >> 16) & 0xff] << 1) \ + | (IP[((temp) >> 8) & 0xff] << 2) \ + | (IP[(temp) & 0xff] << 3) /* * Now the final permutation stuff. The same comments apply to @@ -175,11 +176,11 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * the Macintosh MPW 3.2 C compiler which loses the unsignedness and * propagates the high-order bit in the shift. */ -#define DES_FP_LEFT_BITS(left, right) \ - ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f)) -#define DES_FP_RIGHT_BITS(left, right) \ - (((left) & 0xf0f0f0f0) | \ - ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4)) +#define DES_FP_LEFT_BITS(left, right) \ + ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f)) +#define DES_FP_RIGHT_BITS(left, right) \ + (((left) & 0xf0f0f0f0) | \ + ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4)) /* @@ -189,17 +190,17 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * swapping internally, which is why left and right are confused * at the beginning. */ -#define DES_FINAL_PERM(left, right, temp) \ - (temp) = DES_FP_RIGHT_BITS((right), (left)); \ - (right) = DES_FP_LEFT_BITS((right), (left)); \ - (left) = (FP[((right) >> 24) & 0xff] << 6) \ - | (FP[((right) >> 16) & 0xff] << 4) \ - | (FP[((right) >> 8) & 0xff] << 2) \ - | FP[(right) & 0xff]; \ - (right) = (FP[((temp) >> 24) & 0xff] << 6) \ - | (FP[((temp) >> 16) & 0xff] << 4) \ - | (FP[((temp) >> 8) & 0xff] << 2) \ - | FP[temp & 0xff] +#define DES_FINAL_PERM(left, right, temp) \ + (temp) = DES_FP_RIGHT_BITS((right), (left)); \ + (right) = DES_FP_LEFT_BITS((right), (left)); \ + (left) = (FP[((right) >> 24) & 0xff] << 6) \ + | (FP[((right) >> 16) & 0xff] << 4) \ + | (FP[((right) >> 8) & 0xff] << 2) \ + | FP[(right) & 0xff]; \ + (right) = (FP[((temp) >> 24) & 0xff] << 6) \ + | (FP[((temp) >> 16) & 0xff] << 4) \ + | (FP[((temp) >> 8) & 0xff] << 2) \ + | FP[temp & 0xff] /* @@ -220,44 +221,44 @@ extern const unsigned DES_INT32 des_SP_table[8][64]; * at each stage of the encryption, so that by comparing the output to * a known good machine, the location of the first error can be found. */ -#define DES_DO_ENCRYPT_1(left, right, kp) \ - do { \ - register int i; \ - register unsigned DES_INT32 temp1; \ - DEB (("do_encrypt %8lX %8lX \n", left, right)); \ - DES_INITIAL_PERM((left), (right), (temp1)); \ - DEB ((" after IP %8lX %8lX\n", left, right)); \ - for (i = 0; i < 8; i++) { \ - DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \ - DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \ - DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \ - DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \ - } \ - DES_FINAL_PERM((left), (right), (temp1)); \ - (kp) -= (2 * 16); \ - DEB ((" after FP %8lX %8lX \n", left, right)); \ - } while (0) +#define DES_DO_ENCRYPT_1(left, right, kp) \ + do { \ + register int i; \ + register unsigned DES_INT32 temp1; \ + DEB (("do_encrypt %8lX %8lX \n", left, right)); \ + DES_INITIAL_PERM((left), (right), (temp1)); \ + DEB ((" after IP %8lX %8lX\n", left, right)); \ + for (i = 0; i < 8; i++) { \ + DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \ + DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \ + DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \ + DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \ + } \ + DES_FINAL_PERM((left), (right), (temp1)); \ + (kp) -= (2 * 16); \ + DEB ((" after FP %8lX %8lX \n", left, right)); \ + } while (0) -#define DES_DO_DECRYPT_1(left, right, kp) \ - do { \ - register int i; \ - register unsigned DES_INT32 temp2; \ - DES_INITIAL_PERM((left), (right), (temp2)); \ - (kp) += (2 * 16); \ - for (i = 0; i < 8; i++) { \ - DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \ - DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \ - } \ - DES_FINAL_PERM((left), (right), (temp2)); \ - } while (0) +#define DES_DO_DECRYPT_1(left, right, kp) \ + do { \ + register int i; \ + register unsigned DES_INT32 temp2; \ + DES_INITIAL_PERM((left), (right), (temp2)); \ + (kp) += (2 * 16); \ + for (i = 0; i < 8; i++) { \ + DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \ + DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \ + } \ + DES_FINAL_PERM((left), (right), (temp2)); \ + } while (0) #if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) extern void krb5int_des_do_encrypt_2(unsigned DES_INT32 *l, - unsigned DES_INT32 *r, - const unsigned DES_INT32 *k); + unsigned DES_INT32 *r, + const unsigned DES_INT32 *k); extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l, - unsigned DES_INT32 *r, - const unsigned DES_INT32 *k); + unsigned DES_INT32 *r, + const unsigned DES_INT32 *k); #define DES_DO_ENCRYPT(L,R,K) krb5int_des_do_encrypt_2(&(L), &(R), (K)) #define DES_DO_DECRYPT(L,R,K) krb5int_des_do_decrypt_2(&(L), &(R), (K)) #else @@ -269,11 +270,11 @@ extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l, * These are handy dandy utility thingies for straightening out bytes. * Included here because they're used a couple of places. */ -#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4) -#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4) +#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4) +#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4) /* Shorthand that we'll need in several places, for creating values that really can hold 32 bits regardless of the prevailing int size. */ -#define FF_UINT32 ((unsigned DES_INT32) 0xFF) +#define FF_UINT32 ((unsigned DES_INT32) 0xFF) -#endif /* __DES_TABLES_H__ */ +#endif /* __DES_TABLES_H__ */ diff --git a/src/lib/crypto/builtin/des/key_sched.c b/src/lib/crypto/builtin/des/key_sched.c index dc6f349..2be5586 100644 --- a/src/lib/crypto/builtin/des/key_sched.c +++ b/src/lib/crypto/builtin/des/key_sched.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/key_sched.c * @@ -50,11 +51,11 @@ mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule) { mit_des_make_key_sched(k,schedule); - if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */ - return(-1); + if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */ + return(-1); if (mit_des_is_weak_key(k)) - return(-2); + return(-2); /* if key was good, return 0 */ return 0; diff --git a/src/lib/crypto/builtin/des/string2key.c b/src/lib/crypto/builtin/des/string2key.c index c817806..7ddee27 100644 --- a/src/lib/crypto/builtin/des/string2key.c +++ b/src/lib/crypto/builtin/des/string2key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/des_s2k.c * @@ -32,13 +33,13 @@ krb5_error_code mit_des_string_to_key_int (krb5_keyblock *key, - const krb5_data *pw, const krb5_data *salt) + const krb5_data *pw, const krb5_data *salt) { union { - /* 8 "forward" bytes, 8 "reverse" bytes */ - unsigned char uc[16]; - krb5_ui_4 ui[4]; - mit_des_cblock cb; + /* 8 "forward" bytes, 8 "reverse" bytes */ + unsigned char uc[16]; + krb5_ui_4 ui[4]; + mit_des_cblock cb; } temp; unsigned int i; krb5_ui_4 x, y, z; @@ -53,30 +54,30 @@ mit_des_string_to_key_int (krb5_keyblock *key, current algorithm is dependent on having four 8-bit char values exactly overlay a 32-bit integral type. */ if (sizeof(temp.uc) != sizeof(temp.ui) - || (unsigned char)~0 != 0xFF - || (krb5_ui_4)~(krb5_ui_4)0 != 0xFFFFFFFF - || (temp.uc[0] = 1, temp.uc[1] = 2, temp.uc[2] = 3, temp.uc[3] = 4, - !(temp.ui[0] == 0x01020304 - || temp.ui[0] == 0x04030201))) - abort(); -#define FETCH4(VAR, IDX) VAR = temp.ui[IDX/4] -#define PUT4(VAR, IDX) temp.ui[IDX/4] = VAR + || (unsigned char)~0 != 0xFF + || (krb5_ui_4)~(krb5_ui_4)0 != 0xFFFFFFFF + || (temp.uc[0] = 1, temp.uc[1] = 2, temp.uc[2] = 3, temp.uc[3] = 4, + !(temp.ui[0] == 0x01020304 + || temp.ui[0] == 0x04030201))) + abort(); +#define FETCH4(VAR, IDX) VAR = temp.ui[IDX/4] +#define PUT4(VAR, IDX) temp.ui[IDX/4] = VAR if (salt - && (salt->length == SALT_TYPE_AFS_LENGTH - /* XXX Yuck! Aren't we done with this yet? */ - || salt->length == (unsigned) -1)) { - krb5_data afssalt; - char *at; + && (salt->length == SALT_TYPE_AFS_LENGTH + /* XXX Yuck! Aren't we done with this yet? */ + || salt->length == (unsigned) -1)) { + krb5_data afssalt; + char *at; - afssalt.data = salt->data; - at = strchr(afssalt.data, '@'); - if (at) { - *at = 0; - afssalt.length = at - afssalt.data; - } else - afssalt.length = strlen(afssalt.data); - return mit_afs_string_to_key(key, pw, &afssalt); + afssalt.data = salt->data; + at = strchr(afssalt.data, '@'); + if (at) { + *at = 0; + afssalt.length = at - afssalt.data; + } else + afssalt.length = strlen(afssalt.data); + return mit_afs_string_to_key(key, pw, &afssalt); } copylen = pw->length + (salt ? salt->length : 0); @@ -84,10 +85,10 @@ mit_des_string_to_key_int (krb5_keyblock *key, a byte array, not a string. */ copy = malloc(copylen); if (copy == NULL) - return ENOMEM; + return ENOMEM; memcpy(copy, pw->data, pw->length); if (salt) - memcpy(copy + pw->length, salt->data, salt->length); + memcpy(copy + pw->length, salt->data, salt->length); memset(&temp, 0, sizeof(temp)); p = temp.uc; @@ -95,34 +96,34 @@ mit_des_string_to_key_int (krb5_keyblock *key, forward and reverse sections, and combine them later, rather than having to do the reversal over and over again. */ for (i = 0; i < copylen; i++) { - *p++ ^= copy[i]; - if (p == temp.uc+16) { - p = temp.uc; + *p++ ^= copy[i]; + if (p == temp.uc+16) { + p = temp.uc; #ifdef PRINT_TEST_VECTORS - { - int j; - printf("after %d input bytes:\nforward block:\t", i+1); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\nreverse block:\t"); - for (j = 8; j < 16; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); - } + { + int j; + printf("after %d input bytes:\nforward block:\t", i+1); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\nreverse block:\t"); + for (j = 8; j < 16; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); + } #endif - } + } } #ifdef PRINT_TEST_VECTORS if (p != temp.uc) { - int j; - printf("at end, after %d input bytes:\nforward block:\t", i); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\nreverse block:\t"); - for (j = 8; j < 16; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); + int j; + printf("at end, after %d input bytes:\nforward block:\t", i); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\nreverse block:\t"); + for (j = 8; j < 16; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); } #endif #if 0 @@ -137,24 +138,24 @@ mit_des_string_to_key_int (krb5_keyblock *key, If we could rely on 64-bit math, another 7 ops would save us from having to do double the work. */ -#define REVERSE_STEP(VAR, SHIFT, MASK) \ +#define REVERSE_STEP(VAR, SHIFT, MASK) \ VAR = ((VAR >> SHIFT) & MASK) | ((VAR << SHIFT) & (0xFFFFFFFFUL & ~MASK)) -#define REVERSE(VAR) \ - REVERSE_STEP (VAR, 1, 0x55555555UL); /* swap odd/even bits */ \ - REVERSE_STEP (VAR, 2, 0x33333333UL); /* swap bitpairs */ \ - REVERSE_STEP (VAR, 4, 0x0F0F0F0FUL); /* swap nibbles, etc */ \ - REVERSE_STEP (VAR, 8, 0x00FF00FFUL); \ +#define REVERSE(VAR) \ + REVERSE_STEP (VAR, 1, 0x55555555UL); /* swap odd/even bits */ \ + REVERSE_STEP (VAR, 2, 0x33333333UL); /* swap bitpairs */ \ + REVERSE_STEP (VAR, 4, 0x0F0F0F0FUL); /* swap nibbles, etc */ \ + REVERSE_STEP (VAR, 8, 0x00FF00FFUL); \ REVERSE_STEP (VAR, 16, 0x0000FFFFUL); #else /* shorter */ -#define REVERSE(VAR) \ - { \ - krb5_ui_4 old = VAR, temp1 = 0; \ - int j; \ - for (j = 0; j < 32; j++) { \ - temp1 = (temp1 << 1) | (old & 1); \ - old >>= 1; \ - } \ - VAR = temp1; \ +#define REVERSE(VAR) \ + { \ + krb5_ui_4 old = VAR, temp1 = 0; \ + int j; \ + for (j = 0; j < 32; j++) { \ + temp1 = (temp1 << 1) | (old & 1); \ + old >>= 1; \ + } \ + VAR = temp1; \ } #endif @@ -168,16 +169,16 @@ mit_des_string_to_key_int (krb5_keyblock *key, REVERSE (y); #ifdef PRINT_TEST_VECTORS { - int j; - union { unsigned char uc[4]; krb5_ui_4 ui; } t2; - printf("after reversal, reversed block:\n\t\t"); - t2.ui = y; - for (j = 0; j < 4; j++) - printf(" %02x", t2.uc[j] & 0xff); - t2.ui = x; - for (j = 0; j < 4; j++) - printf(" %02x", t2.uc[j] & 0xff); - printf("\n"); + int j; + union { unsigned char uc[4]; krb5_ui_4 ui; } t2; + printf("after reversal, reversed block:\n\t\t"); + t2.ui = y; + for (j = 0; j < 4; j++) + printf(" %02x", t2.uc[j] & 0xff); + t2.ui = x; + for (j = 0; j < 4; j++) + printf(" %02x", t2.uc[j] & 0xff); + printf("\n"); } #endif /* Ignored bits are now at the bottom of each byte, where we'll @@ -200,16 +201,16 @@ mit_des_string_to_key_int (krb5_keyblock *key, #ifdef PRINT_TEST_VECTORS { - int j; - printf("after reversal, combined block:\n\t\t"); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); + int j; + printf("after reversal, combined block:\n\t\t"); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); } #endif -#define FIXUP(K) \ - (mit_des_fixup_key_parity(K), \ +#define FIXUP(K) \ + (mit_des_fixup_key_parity(K), \ mit_des_is_weak_key(K) ? (K[7] ^= 0xF0) : 0) /* Now temp.cb is the temporary key, with invalid parity. */ @@ -217,11 +218,11 @@ mit_des_string_to_key_int (krb5_keyblock *key, #ifdef PRINT_TEST_VECTORS { - int j; - printf("after fixing parity and weak keys:\n\t\t"); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); + int j; + printf("after fixing parity and weak keys:\n\t\t"); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); } #endif @@ -233,11 +234,11 @@ mit_des_string_to_key_int (krb5_keyblock *key, #ifdef PRINT_TEST_VECTORS { - int j; - printf("cbc checksum:\n\t\t"); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); + int j; + printf("cbc checksum:\n\t\t"); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); } #endif @@ -246,11 +247,11 @@ mit_des_string_to_key_int (krb5_keyblock *key, #ifdef PRINT_TEST_VECTORS { - int j; - printf("after fixing parity and weak keys:\n\t\t"); - for (j = 0; j < 8; j++) - printf(" %02x", temp.uc[j] & 0xff); - printf("\n"); + int j; + printf("after fixing parity and weak keys:\n\t\t"); + for (j = 0; j < 8; j++) + printf(" %02x", temp.uc[j] & 0xff); + printf("\n"); } #endif diff --git a/src/lib/crypto/builtin/des/t_afss2k.c b/src/lib/crypto/builtin/des/t_afss2k.c index a6d0aa5..5a0f960 100644 --- a/src/lib/crypto/builtin/des/t_afss2k.c +++ b/src/lib/crypto/builtin/des/t_afss2k.c @@ -1,70 +1,71 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include "des_int.h" static const char *me; struct test_case { - char *saltstr; - int saltlen; - unsigned char keys[12][8]; + char *saltstr; + int saltlen; + unsigned char keys[12][8]; }; struct test_case test_cases[] = { - { - "Sodium Chloride", -1, - { - { 0xa4, 0xd0, 0xd0, 0x9b, 0x86, 0x92, 0xb0, 0xc2, }, - { 0xf1, 0xf2, 0x9e, 0xab, 0xd0, 0xef, 0xdf, 0x73, }, - { 0xd6, 0x85, 0x61, 0xc4, 0xf2, 0x94, 0xf4, 0xa1, }, - { 0xd0, 0xe3, 0xa7, 0x83, 0x94, 0x61, 0xe0, 0xd0, }, - { 0xd5, 0x62, 0xcd, 0x94, 0x61, 0xcb, 0x97, 0xdf, }, - { 0x9e, 0xa2, 0xa2, 0xec, 0xa8, 0x8c, 0x6b, 0x8f, }, - { 0xe3, 0x91, 0x6d, 0xd3, 0x85, 0xf1, 0x67, 0xc4, }, - { 0xf4, 0xc4, 0x73, 0xc8, 0x8a, 0xe9, 0x94, 0x6d, }, - { 0xa1, 0x9e, 0xb3, 0xad, 0x6b, 0xe3, 0xab, 0xd9, }, - { 0xad, 0xa1, 0xce, 0x10, 0x37, 0x83, 0xa7, 0x8c, }, - { 0xd3, 0x01, 0xd0, 0xf7, 0x3e, 0x7a, 0x49, 0x0b, }, - { 0xb6, 0x2a, 0x4a, 0xec, 0x9d, 0x4c, 0x68, 0xdf, }, - } - }, - { - "NaCl", 4, - { - { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 }, - { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 }, - { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 }, - { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 }, - { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 }, - { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad }, - { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 }, - { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 }, - { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 }, - { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 }, - { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 }, - { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 }, - } - }, - { - /* This one intentionally supplies a length shorter - than the string. The point of this is to ensure - that s[len] is not zero, so that anything actually - relying on that value (i.e., reading out of bounds) - should generate incorrect results. */ - "NaCl2", 4, - { - { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 }, - { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 }, - { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 }, - { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 }, - { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 }, - { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad }, - { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 }, - { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 }, - { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 }, - { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 }, - { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 }, - { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 }, - } - }, + { + "Sodium Chloride", -1, + { + { 0xa4, 0xd0, 0xd0, 0x9b, 0x86, 0x92, 0xb0, 0xc2, }, + { 0xf1, 0xf2, 0x9e, 0xab, 0xd0, 0xef, 0xdf, 0x73, }, + { 0xd6, 0x85, 0x61, 0xc4, 0xf2, 0x94, 0xf4, 0xa1, }, + { 0xd0, 0xe3, 0xa7, 0x83, 0x94, 0x61, 0xe0, 0xd0, }, + { 0xd5, 0x62, 0xcd, 0x94, 0x61, 0xcb, 0x97, 0xdf, }, + { 0x9e, 0xa2, 0xa2, 0xec, 0xa8, 0x8c, 0x6b, 0x8f, }, + { 0xe3, 0x91, 0x6d, 0xd3, 0x85, 0xf1, 0x67, 0xc4, }, + { 0xf4, 0xc4, 0x73, 0xc8, 0x8a, 0xe9, 0x94, 0x6d, }, + { 0xa1, 0x9e, 0xb3, 0xad, 0x6b, 0xe3, 0xab, 0xd9, }, + { 0xad, 0xa1, 0xce, 0x10, 0x37, 0x83, 0xa7, 0x8c, }, + { 0xd3, 0x01, 0xd0, 0xf7, 0x3e, 0x7a, 0x49, 0x0b, }, + { 0xb6, 0x2a, 0x4a, 0xec, 0x9d, 0x4c, 0x68, 0xdf, }, + } + }, + { + "NaCl", 4, + { + { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 }, + { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 }, + { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 }, + { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 }, + { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 }, + { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad }, + { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 }, + { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 }, + { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 }, + { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 }, + { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 }, + { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 }, + } + }, + { + /* This one intentionally supplies a length shorter + than the string. The point of this is to ensure + that s[len] is not zero, so that anything actually + relying on that value (i.e., reading out of bounds) + should generate incorrect results. */ + "NaCl2", 4, + { + { 0x61, 0xef, 0xe6, 0x83, 0xe5, 0x8a, 0x6b, 0x98 }, + { 0x68, 0xcd, 0x68, 0xad, 0xc4, 0x86, 0xcd, 0xe5 }, + { 0x83, 0xa1, 0xc8, 0x86, 0x8f, 0x67, 0xd0, 0x62 }, + { 0x9e, 0xc7, 0x8f, 0xa4, 0xa4, 0xb3, 0xe0, 0xd5 }, + { 0xd9, 0x92, 0x86, 0x8f, 0x9d, 0x8c, 0x85, 0xe6 }, + { 0xda, 0xf2, 0x92, 0x83, 0xf4, 0x9b, 0xa7, 0xad }, + { 0x91, 0xcd, 0xad, 0xef, 0x86, 0xdf, 0xd3, 0xa2 }, + { 0x73, 0xd3, 0x67, 0x68, 0x8f, 0x6e, 0xe3, 0x73 }, + { 0xc4, 0x61, 0x85, 0x9d, 0xad, 0xf4, 0xdc, 0xb0 }, + { 0xe9, 0x02, 0x83, 0x16, 0x2c, 0xec, 0xe0, 0x08 }, + { 0x61, 0xc8, 0x26, 0x29, 0xd9, 0x73, 0x6e, 0xb6 }, + { 0x8c, 0xa8, 0x9e, 0xc4, 0xa8, 0xdc, 0x31, 0x73 }, + } + }, }; static void do_it (struct test_case *tcase); @@ -72,65 +73,65 @@ static void do_it (struct test_case *tcase); int main (int argc, char *argv[]) { - int i; + int i; - me = argv[0]; - for (i = 0; i < sizeof (test_cases) / sizeof (struct test_case); i++) - do_it (&test_cases[i]); - return 0; + me = argv[0]; + for (i = 0; i < sizeof (test_cases) / sizeof (struct test_case); i++) + do_it (&test_cases[i]); + return 0; } static void do_it (struct test_case *tcase) { - unsigned char keydata[8]; - krb5_data salt, passwd; - krb5_keyblock key; - krb5_error_code err; - int i; - unsigned char longpass[2048]; + unsigned char keydata[8]; + krb5_data salt, passwd; + krb5_keyblock key; + krb5_error_code err; + int i; + unsigned char longpass[2048]; - key.contents = keydata; - key.length = sizeof (keydata); + key.contents = keydata; + key.length = sizeof (keydata); - salt.data = tcase->saltstr; - if (tcase->saltlen == -1) - salt.length = strlen (tcase->saltstr); - else - salt.length = tcase->saltlen; + salt.data = tcase->saltstr; + if (tcase->saltlen == -1) + salt.length = strlen (tcase->saltstr); + else + salt.length = tcase->saltlen; - /* - * Try passwords with lengths equal to, greater than, and less - * than 8 characters, since the AFS s2k algorithm does - * interesting stuff depending on the length. - */ - passwd.data = "My Password"; - for (i = 0; i < 12; i++) { - passwd.length = i; - err = mit_afs_string_to_key (&key, &passwd, &salt); - if (err != 0) { - com_err (me, err, ""); - exit (1); - } - if (memcmp (tcase->keys[i], keydata, 8) != 0) - abort (); - } + /* + * Try passwords with lengths equal to, greater than, and less + * than 8 characters, since the AFS s2k algorithm does + * interesting stuff depending on the length. + */ + passwd.data = "My Password"; + for (i = 0; i < 12; i++) { + passwd.length = i; + err = mit_afs_string_to_key (&key, &passwd, &salt); + if (err != 0) { + com_err (me, err, ""); + exit (1); + } + if (memcmp (tcase->keys[i], keydata, 8) != 0) + abort (); + } - /* Run another pass to make sure the characters after the - password in the buffer aren't influencing the output. The - password is *not* required to be null-terminated. */ - memset (longpass, '!', sizeof (longpass)); - longpass[sizeof (longpass)-1] = '\0'; - memcpy (longpass, "My Password", strlen ("My Password")); - passwd.data = (char *) longpass; - for (i = 0; i < 12; i++) { - passwd.length = i; - err = mit_afs_string_to_key (&key, &passwd, &salt); - if (err != 0) { - com_err (me, err, ""); - exit (1); - } - if (memcmp (tcase->keys[i], keydata, 8) != 0) - abort (); - } + /* Run another pass to make sure the characters after the + password in the buffer aren't influencing the output. The + password is *not* required to be null-terminated. */ + memset (longpass, '!', sizeof (longpass)); + longpass[sizeof (longpass)-1] = '\0'; + memcpy (longpass, "My Password", strlen ("My Password")); + passwd.data = (char *) longpass; + for (i = 0; i < 12; i++) { + passwd.length = i; + err = mit_afs_string_to_key (&key, &passwd, &salt); + if (err != 0) { + com_err (me, err, ""); + exit (1); + } + if (memcmp (tcase->keys[i], keydata, 8) != 0) + abort (); + } } diff --git a/src/lib/crypto/builtin/des/t_verify.c b/src/lib/crypto/builtin/des/t_verify.c index 6c1f17b..ae31207 100644 --- a/src/lib/crypto/builtin/des/t_verify.c +++ b/src/lib/crypto/builtin/des/t_verify.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/verify.c * @@ -27,8 +28,8 @@ * Program to test the correctness of the DES library * implementation. * - * exit returns 0 ==> success - * -1 ==> error + * exit returns 0 ==> success + * -1 ==> error */ /* @@ -140,35 +141,35 @@ main(argc,argv) /* Set screen window buffer to infinite size -- MS default is tiny. */ _wsetscreenbuf (fileno (stdout), _WINBUFINF); #endif - progname=argv[0]; /* salt away invoking program */ + progname=argv[0]; /* salt away invoking program */ while (--argc > 0 && (*++argv)[0] == '-') - for (i=1; argv[0][i] != '\0'; i++) { - switch (argv[0][i]) { + for (i=1; argv[0][i] != '\0'; i++) { + switch (argv[0][i]) { - /* debug flag */ - case 'd': - mit_des_debug=3; - continue; + /* debug flag */ + case 'd': + mit_des_debug=3; + continue; - case 'z': - zflag = 1; - continue; + case 'z': + zflag = 1; + continue; - case 'm': - mflag = 1; - continue; + case 'm': + mflag = 1; + continue; - default: - printf("%s: illegal flag \"%c\" ", - progname,argv[0][i]); - exit(1); - } - }; + default: + printf("%s: illegal flag \"%c\" ", + progname,argv[0][i]); + exit(1); + } + }; if (argc) { - fprintf(stderr, "Usage: %s [-dmz]\n", progname); - exit(1); + fprintf(stderr, "Usage: %s [-dmz]\n", progname); + exit(1); } /* do some initialisation */ @@ -177,92 +178,92 @@ main(argc,argv) /* ECB zero text zero key */ if (zflag) { - input = zero_text; - mit_des_key_sched(zero_key, sched); - printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n"); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); - printf("\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) { - printf("verify: error in zero key test\n"); - exit(-1); - } - - exit(0); + input = zero_text; + mit_des_key_sched(zero_key, sched); + printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n"); + do_encrypt(input,cipher_text); + printf("\tcipher = (low to high bytes)\n\t\t"); + for (j = 0; j<=7; j++) + printf("%02x ",cipher_text[j]); + printf("\n"); + do_decrypt(output,cipher_text); + if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) { + printf("verify: error in zero key test\n"); + exit(-1); + } + + exit(0); } if (mflag) { - input = msb_text; - mit_des_key_sched(key3, sched); - printf("plaintext = 0x00 00 00 00 00 00 00 40, "); - printf("key = 0x80 01 01 01 01 01 01 01\n"); - printf(" cipher = 0xa380e02a6be54696\n"); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) { - printf("%02x ",cipher_text[j]); - } - printf("\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) { - printf("verify: error in msb test\n"); - exit(-1); - } - exit(0); + input = msb_text; + mit_des_key_sched(key3, sched); + printf("plaintext = 0x00 00 00 00 00 00 00 40, "); + printf("key = 0x80 01 01 01 01 01 01 01\n"); + printf(" cipher = 0xa380e02a6be54696\n"); + do_encrypt(input,cipher_text); + printf("\tcipher = (low to high bytes)\n\t\t"); + for (j = 0; j<=7; j++) { + printf("%02x ",cipher_text[j]); + } + printf("\n"); + do_decrypt(output,cipher_text); + if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) { + printf("verify: error in msb test\n"); + exit(-1); + } + exit(0); } /* ECB mode Davies and Price */ { - input = zero_text; - mit_des_key_sched(key2, sched); - printf("Examples per FIPS publication 81, keys ivs and cipher\n"); - printf("in hex. These are the correct answers, see below for\n"); - printf("the actual answers.\n\n"); - printf("Examples per Davies and Price.\n\n"); - printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n"); - printf("\tclear = 0\n"); - printf("\tcipher = 25 dd ac 3e 96 17 64 67\n"); - printf("ACTUAL ECB\n"); - printf("\tclear \"%s\"\n", input); - do_encrypt(input,cipher_text); - printf("\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); - printf("\n\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) { - printf("verify: error in ECB encryption\n"); - exit(-1); - } - else - printf("verify: ECB encryption is correct\n\n"); + input = zero_text; + mit_des_key_sched(key2, sched); + printf("Examples per FIPS publication 81, keys ivs and cipher\n"); + printf("in hex. These are the correct answers, see below for\n"); + printf("the actual answers.\n\n"); + printf("Examples per Davies and Price.\n\n"); + printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n"); + printf("\tclear = 0\n"); + printf("\tcipher = 25 dd ac 3e 96 17 64 67\n"); + printf("ACTUAL ECB\n"); + printf("\tclear \"%s\"\n", input); + do_encrypt(input,cipher_text); + printf("\tcipher = (low to high bytes)\n\t\t"); + for (j = 0; j<=7; j++) + printf("%02x ",cipher_text[j]); + printf("\n\n"); + do_decrypt(output,cipher_text); + if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) { + printf("verify: error in ECB encryption\n"); + exit(-1); + } + else + printf("verify: ECB encryption is correct\n\n"); } /* ECB mode */ { - mit_des_key_sched(default_key, sched); - input = clear_text; - ivec = default_ivec; - printf("EXAMPLE ECB\tkey = 0123456789abcdef\n"); - printf("\tclear = \"Now is the time for all \"\n"); - printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n"); - printf("ACTUAL ECB\n\tclear \"%s\"",input); - do_encrypt(input,cipher_text); - printf("\n\tcipher = (low to high bytes)\n\t\t"); - for (j = 0; j<=7; j++) { - printf("%02x ",cipher_text[j]); - } - printf("\n\n"); - do_decrypt(output,cipher_text); - if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) { - printf("verify: error in ECB encryption\n"); - exit(-1); - } - else - printf("verify: ECB encryption is correct\n\n"); + mit_des_key_sched(default_key, sched); + input = clear_text; + ivec = default_ivec; + printf("EXAMPLE ECB\tkey = 0123456789abcdef\n"); + printf("\tclear = \"Now is the time for all \"\n"); + printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n"); + printf("ACTUAL ECB\n\tclear \"%s\"",input); + do_encrypt(input,cipher_text); + printf("\n\tcipher = (low to high bytes)\n\t\t"); + for (j = 0; j<=7; j++) { + printf("%02x ",cipher_text[j]); + } + printf("\n\n"); + do_decrypt(output,cipher_text); + if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) { + printf("verify: error in ECB encryption\n"); + exit(-1); + } + else + printf("verify: ECB encryption is correct\n\n"); } /* CBC mode */ @@ -276,39 +277,39 @@ main(argc,argv) printf("ACTUAL CBC\n\tclear \"%s\"\n",input); in_length = strlen((char *)input); if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input, - (mit_des_cblock *) cipher_text, - (size_t) in_length, - sched, - ivec, - MIT_DES_ENCRYPT))) { - com_err("des verify", retval, "can't encrypt"); - exit(-1); + (mit_des_cblock *) cipher_text, + (size_t) in_length, + sched, + ivec, + MIT_DES_ENCRYPT))) { + com_err("des verify", retval, "can't encrypt"); + exit(-1); } printf("\tciphertext = (low to high bytes)\n"); for (i = 0; i <= 2; i++) { - printf("\t\t"); - for (j = 0; j <= 7; j++) { - printf("%02x ",cipher_text[i*8+j]); - } - printf("\n"); + printf("\t\t"); + for (j = 0; j <= 7; j++) { + printf("%02x ",cipher_text[i*8+j]); + } + printf("\n"); } if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text, - (mit_des_cblock *) clear_text, - (size_t) in_length, - sched, - ivec, - MIT_DES_DECRYPT))) { - com_err("des verify", retval, "can't decrypt"); - exit(-1); + (mit_des_cblock *) clear_text, + (size_t) in_length, + sched, + ivec, + MIT_DES_DECRYPT))) { + com_err("des verify", retval, "can't decrypt"); + exit(-1); } printf("\tdecrypted clear_text = \"%s\"\n",clear_text); if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) { - printf("verify: error in CBC encryption\n"); - exit(-1); + printf("verify: error in CBC encryption\n"); + exit(-1); } else - printf("verify: CBC encryption is correct\n\n"); + printf("verify: CBC encryption is correct\n\n"); printf("EXAMPLE CBC checksum"); printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n"); @@ -317,18 +318,18 @@ main(argc,argv) printf("or some part thereof\n"); input = clear_text2; mit_des_cbc_cksum(input,cipher_text, strlen((char *)input), - sched,ivec); + sched,ivec); printf("ACTUAL CBC checksum\n"); printf("\t\tencrypted cksum = (low to high bytes)\n\t\t"); for (j = 0; j<=7; j++) - printf("%02x ",cipher_text[j]); + printf("%02x ",cipher_text[j]); printf("\n\n"); if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) { - printf("verify: error in CBC cheksum\n"); - exit(-1); + printf("verify: error in CBC cheksum\n"); + exit(-1); } else - printf("verify: CBC checksum is correct\n\n"); + printf("verify: CBC checksum is correct\n\n"); exit(0); } @@ -341,18 +342,18 @@ flip(array) register int old,new,i,j; /* flips the bit order within each byte from 0 lsb to 0 msb */ for (i = 0; i<=7; i++) { - old = *array; - new = 0; - for (j = 0; j<=7; j++) { - if (old & 01) - new = new | 01; - if (j < 7) { - old = old >> 1; - new = new << 1; - } - } - *array = new; - array++; + old = *array; + new = 0; + for (j = 0; j<=7; j++) { + if (old & 01) + new = new | 01; + if (j < 7) { + old = old >> 1; + new = new << 1; + } + } + *array = new; + array++; } } #endif @@ -364,20 +365,20 @@ do_encrypt(in,out) { int i, j; for (i =1; i<=nflag; i++) { - mit_des_cbc_encrypt((const mit_des_cblock *)in, - (mit_des_cblock *)out, - 8, - sched, - zero_text, - MIT_DES_ENCRYPT); - if (mit_des_debug) { - printf("\nclear %s\n",in); - for (j = 0; j<=7; j++) - printf("%02X ",in[j] & 0xff); - printf("\tcipher "); - for (j = 0; j<=7; j++) - printf("%02X ",out[j] & 0xff); - } + mit_des_cbc_encrypt((const mit_des_cblock *)in, + (mit_des_cblock *)out, + 8, + sched, + zero_text, + MIT_DES_ENCRYPT); + if (mit_des_debug) { + printf("\nclear %s\n",in); + for (j = 0; j<=7; j++) + printf("%02X ",in[j] & 0xff); + printf("\tcipher "); + for (j = 0; j<=7; j++) + printf("%02X ",out[j] & 0xff); + } } } @@ -389,20 +390,20 @@ do_decrypt(in,out) { int i, j; for (i =1; i<=nflag; i++) { - mit_des_cbc_encrypt((const mit_des_cblock *)out, - (mit_des_cblock *)in, - 8, - sched, - zero_text, - MIT_DES_DECRYPT); - if (mit_des_debug) { - printf("clear %s\n",in); - for (j = 0; j<=7; j++) - printf("%02X ",in[j] & 0xff); - printf("\tcipher "); - for (j = 0; j<=7; j++) - printf("%02X ",out[j] & 0xff); - } + mit_des_cbc_encrypt((const mit_des_cblock *)out, + (mit_des_cblock *)in, + 8, + sched, + zero_text, + MIT_DES_DECRYPT); + if (mit_des_debug) { + printf("clear %s\n",in); + for (j = 0; j<=7; j++) + printf("%02X ",in[j] & 0xff); + printf("\tcipher "); + for (j = 0; j<=7; j++) + printf("%02X ",out[j] & 0xff); + } } } @@ -414,5 +415,5 @@ int mit_des_is_weak_key(key) mit_des_cblock key; { - return 0; /* fake it out for testing */ + return 0; /* fake it out for testing */ } diff --git a/src/lib/crypto/builtin/des/weak_key.c b/src/lib/crypto/builtin/des/weak_key.c index 7086789..921ce10 100644 --- a/src/lib/crypto/builtin/des/weak_key.c +++ b/src/lib/crypto/builtin/des/weak_key.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/des/weak_key.c * @@ -77,8 +78,8 @@ mit_des_is_weak_key(mit_des_cblock key) const mit_des_cblock *weak_p = weak; for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) { - if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) - return 1; + if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) + return 1; } return 0; diff --git a/src/lib/crypto/builtin/enc_provider/aes.c b/src/lib/crypto/builtin/enc_provider/aes.c index b735cc9..cde5bb5 100644 --- a/src/lib/crypto/builtin/enc_provider/aes.c +++ b/src/lib/crypto/builtin/enc_provider/aes.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/enc_provider/aes.c * @@ -48,17 +49,17 @@ static void printd (const char *descr, krb5_data *d) { printf("%s:", descr); for (i = 0; i < d->length; i += r) { - printf("\n %04x: ", i); - for (j = i; j < i + r && j < d->length; j++) - printf(" %02x", 0xff & d->data[j]); + printf("\n %04x: ", i); + for (j = i; j < i + r && j < d->length; j++) + printf(" %02x", 0xff & d->data[j]); #ifdef SHOW_TEXT - for (; j < i + r; j++) - printf(" "); - printf(" "); - for (j = i; j < i + r && j < d->length; j++) { - int c = 0xff & d->data[j]; - printf("%c", isprint(c) ? c : '.'); - } + for (; j < i + r; j++) + printf(" "); + printf(" "); + for (j = i; j < i + r && j < d->length; j++) { + int c = 0xff & d->data[j]; + printf("%c", isprint(c) ? c : '.'); + } #endif } printf("\n"); @@ -68,26 +69,26 @@ static void printd (const char *descr, krb5_data *d) { static inline void enc(char *out, const char *in, aes_ctx *ctx) { if (aes_enc_blk((const unsigned char *)in, (unsigned char *)out, ctx) - != aes_good) - abort(); + != aes_good) + abort(); } static inline void dec(char *out, const char *in, aes_ctx *ctx) { if (aes_dec_blk((const unsigned char *)in, (unsigned char *)out, ctx) - != aes_good) - abort(); + != aes_good) + abort(); } static void xorblock(char *out, const char *in) { int z; for (z = 0; z < BLOCK_SIZE; z++) - out[z] ^= in[z]; + out[z] ^= in[z]; } krb5_error_code krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) + const krb5_data *input, krb5_data *output) { aes_ctx ctx; char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE]; @@ -96,45 +97,45 @@ krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, /* CHECK_SIZES; */ if (aes_enc_key(key->keyblock.contents, key->keyblock.length, - &ctx) != aes_good) - abort(); + &ctx) != aes_good) + abort(); if (ivec) - memcpy(tmp, ivec->data, BLOCK_SIZE); + memcpy(tmp, ivec->data, BLOCK_SIZE); else - memset(tmp, 0, BLOCK_SIZE); + memset(tmp, 0, BLOCK_SIZE); nblocks = (input->length + BLOCK_SIZE - 1) / BLOCK_SIZE; if (nblocks == 1) { - /* XXX Used for DK function. */ - enc(output->data, input->data, &ctx); + /* XXX Used for DK function. */ + enc(output->data, input->data, &ctx); } else { - unsigned int nleft; - - for (blockno = 0; blockno < nblocks - 2; blockno++) { - xorblock(tmp, input->data + blockno * BLOCK_SIZE); - enc(tmp2, tmp, &ctx); - memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE); - - /* Set up for next block. */ - memcpy(tmp, tmp2, BLOCK_SIZE); - } - /* Do final CTS step for last two blocks (the second of which - may or may not be incomplete). */ - xorblock(tmp, input->data + (nblocks - 2) * BLOCK_SIZE); - enc(tmp2, tmp, &ctx); - nleft = input->length - (nblocks - 1) * BLOCK_SIZE; - memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2, nleft); - memcpy(tmp, tmp2, BLOCK_SIZE); - - memset(tmp3, 0, sizeof(tmp3)); - memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE, nleft); - xorblock(tmp, tmp3); - enc(tmp2, tmp, &ctx); - memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp2, BLOCK_SIZE); - if (ivec) - memcpy(ivec->data, tmp2, BLOCK_SIZE); + unsigned int nleft; + + for (blockno = 0; blockno < nblocks - 2; blockno++) { + xorblock(tmp, input->data + blockno * BLOCK_SIZE); + enc(tmp2, tmp, &ctx); + memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE); + + /* Set up for next block. */ + memcpy(tmp, tmp2, BLOCK_SIZE); + } + /* Do final CTS step for last two blocks (the second of which + may or may not be incomplete). */ + xorblock(tmp, input->data + (nblocks - 2) * BLOCK_SIZE); + enc(tmp2, tmp, &ctx); + nleft = input->length - (nblocks - 1) * BLOCK_SIZE; + memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2, nleft); + memcpy(tmp, tmp2, BLOCK_SIZE); + + memset(tmp3, 0, sizeof(tmp3)); + memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE, nleft); + xorblock(tmp, tmp3); + enc(tmp2, tmp, &ctx); + memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp2, BLOCK_SIZE); + if (ivec) + memcpy(ivec->data, tmp2, BLOCK_SIZE); } return 0; @@ -142,7 +143,7 @@ krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec, krb5_error_code krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) + const krb5_data *input, krb5_data *output) { aes_ctx ctx; char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE]; @@ -151,51 +152,51 @@ krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, CHECK_SIZES; if (aes_dec_key(key->keyblock.contents, key->keyblock.length, - &ctx) != aes_good) - abort(); + &ctx) != aes_good) + abort(); if (ivec) - memcpy(tmp, ivec->data, BLOCK_SIZE); + memcpy(tmp, ivec->data, BLOCK_SIZE); else - memset(tmp, 0, BLOCK_SIZE); + memset(tmp, 0, BLOCK_SIZE); nblocks = (input->length + BLOCK_SIZE - 1) / BLOCK_SIZE; if (nblocks == 1) { - if (input->length < BLOCK_SIZE) - abort(); - dec(output->data, input->data, &ctx); + if (input->length < BLOCK_SIZE) + abort(); + dec(output->data, input->data, &ctx); } else { - for (blockno = 0; blockno < nblocks - 2; blockno++) { - dec(tmp2, input->data + blockno * BLOCK_SIZE, &ctx); - xorblock(tmp2, tmp); - memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE); - memcpy(tmp, input->data + blockno * BLOCK_SIZE, BLOCK_SIZE); - } - /* Do last two blocks, the second of which (next-to-last block - of plaintext) may be incomplete. */ - dec(tmp2, input->data + (nblocks - 2) * BLOCK_SIZE, &ctx); - /* Set tmp3 to last ciphertext block, padded. */ - memset(tmp3, 0, sizeof(tmp3)); - memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE, - input->length - (nblocks - 1) * BLOCK_SIZE); - /* Set tmp2 to last (possibly partial) plaintext block, and - save it. */ - xorblock(tmp2, tmp3); - memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2, - input->length - (nblocks - 1) * BLOCK_SIZE); - /* Maybe keep the trailing part, and copy in the last - ciphertext block. */ - memcpy(tmp2, tmp3, input->length - (nblocks - 1) * BLOCK_SIZE); - /* Decrypt, to get next to last plaintext block xor previous - ciphertext. */ - dec(tmp3, tmp2, &ctx); - xorblock(tmp3, tmp); - memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp3, BLOCK_SIZE); - if (ivec) - memcpy(ivec->data, input->data + (nblocks - 2) * BLOCK_SIZE, - BLOCK_SIZE); + for (blockno = 0; blockno < nblocks - 2; blockno++) { + dec(tmp2, input->data + blockno * BLOCK_SIZE, &ctx); + xorblock(tmp2, tmp); + memcpy(output->data + blockno * BLOCK_SIZE, tmp2, BLOCK_SIZE); + memcpy(tmp, input->data + blockno * BLOCK_SIZE, BLOCK_SIZE); + } + /* Do last two blocks, the second of which (next-to-last block + of plaintext) may be incomplete. */ + dec(tmp2, input->data + (nblocks - 2) * BLOCK_SIZE, &ctx); + /* Set tmp3 to last ciphertext block, padded. */ + memset(tmp3, 0, sizeof(tmp3)); + memcpy(tmp3, input->data + (nblocks - 1) * BLOCK_SIZE, + input->length - (nblocks - 1) * BLOCK_SIZE); + /* Set tmp2 to last (possibly partial) plaintext block, and + save it. */ + xorblock(tmp2, tmp3); + memcpy(output->data + (nblocks - 1) * BLOCK_SIZE, tmp2, + input->length - (nblocks - 1) * BLOCK_SIZE); + /* Maybe keep the trailing part, and copy in the last + ciphertext block. */ + memcpy(tmp2, tmp3, input->length - (nblocks - 1) * BLOCK_SIZE); + /* Decrypt, to get next to last plaintext block xor previous + ciphertext. */ + dec(tmp3, tmp2, &ctx); + xorblock(tmp3, tmp); + memcpy(output->data + (nblocks - 2) * BLOCK_SIZE, tmp3, BLOCK_SIZE); + if (ivec) + memcpy(ivec->data, input->data + (nblocks - 2) * BLOCK_SIZE, + BLOCK_SIZE); } return 0; @@ -203,9 +204,9 @@ krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec, static krb5_error_code krb5int_aes_encrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data) { aes_ctx ctx; char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE]; @@ -213,19 +214,19 @@ krb5int_aes_encrypt_iov(krb5_key key, size_t input_length, i; if (aes_enc_key(key->keyblock.contents, key->keyblock.length, &ctx) - != aes_good) - abort(); + != aes_good) + abort(); if (ivec != NULL) - memcpy(tmp, ivec->data, BLOCK_SIZE); + memcpy(tmp, ivec->data, BLOCK_SIZE); else - memset(tmp, 0, BLOCK_SIZE); + memset(tmp, 0, BLOCK_SIZE); for (i = 0, input_length = 0; i < num_data; i++) { - krb5_crypto_iov *iov = &data[i]; + krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_IOV(iov)) - input_length += iov->data.length; + if (ENCRYPT_IOV(iov)) + input_length += iov->data.length; } nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE; @@ -233,50 +234,50 @@ krb5int_aes_encrypt_iov(krb5_key key, assert(nblocks > 1); { - char blockN2[BLOCK_SIZE]; /* second last */ - char blockN1[BLOCK_SIZE]; /* last block */ - struct iov_block_state input_pos, output_pos; - - IOV_BLOCK_STATE_INIT(&input_pos); - IOV_BLOCK_STATE_INIT(&output_pos); - - for (blockno = 0; blockno < nblocks - 2; blockno++) { - char blockN[BLOCK_SIZE]; - - krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos); - xorblock(tmp, blockN); - enc(tmp2, tmp, &ctx); - krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos); - - /* Set up for next block. */ - memcpy(tmp, tmp2, BLOCK_SIZE); - } - - /* Do final CTS step for last two blocks (the second of which - may or may not be incomplete). */ - - /* First, get the last two blocks */ - memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */ - krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos); - krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos); - - /* Encrypt second last block */ - xorblock(tmp, blockN2); - enc(tmp2, tmp, &ctx); - memcpy(blockN2, tmp2, BLOCK_SIZE); /* blockN2 now contains first block */ - memcpy(tmp, tmp2, BLOCK_SIZE); - - /* Encrypt last block */ - xorblock(tmp, blockN1); - enc(tmp2, tmp, &ctx); - memcpy(blockN1, tmp2, BLOCK_SIZE); - - /* Put the last two blocks back into the iovec (reverse order) */ - krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos); - krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos); - - if (ivec != NULL) - memcpy(ivec->data, blockN1, BLOCK_SIZE); + char blockN2[BLOCK_SIZE]; /* second last */ + char blockN1[BLOCK_SIZE]; /* last block */ + struct iov_block_state input_pos, output_pos; + + IOV_BLOCK_STATE_INIT(&input_pos); + IOV_BLOCK_STATE_INIT(&output_pos); + + for (blockno = 0; blockno < nblocks - 2; blockno++) { + char blockN[BLOCK_SIZE]; + + krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos); + xorblock(tmp, blockN); + enc(tmp2, tmp, &ctx); + krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos); + + /* Set up for next block. */ + memcpy(tmp, tmp2, BLOCK_SIZE); + } + + /* Do final CTS step for last two blocks (the second of which + may or may not be incomplete). */ + + /* First, get the last two blocks */ + memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */ + krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos); + krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos); + + /* Encrypt second last block */ + xorblock(tmp, blockN2); + enc(tmp2, tmp, &ctx); + memcpy(blockN2, tmp2, BLOCK_SIZE); /* blockN2 now contains first block */ + memcpy(tmp, tmp2, BLOCK_SIZE); + + /* Encrypt last block */ + xorblock(tmp, blockN1); + enc(tmp2, tmp, &ctx); + memcpy(blockN1, tmp2, BLOCK_SIZE); + + /* Put the last two blocks back into the iovec (reverse order) */ + krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos); + krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos); + + if (ivec != NULL) + memcpy(ivec->data, blockN1, BLOCK_SIZE); } return 0; @@ -284,9 +285,9 @@ krb5int_aes_encrypt_iov(krb5_key key, static krb5_error_code krb5int_aes_decrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data) { aes_ctx ctx; char tmp[BLOCK_SIZE], tmp2[BLOCK_SIZE], tmp3[BLOCK_SIZE]; @@ -297,19 +298,19 @@ krb5int_aes_decrypt_iov(krb5_key key, CHECK_SIZES; if (aes_dec_key(key->keyblock.contents, key->keyblock.length, - &ctx) != aes_good) - abort(); + &ctx) != aes_good) + abort(); if (ivec != NULL) - memcpy(tmp, ivec->data, BLOCK_SIZE); + memcpy(tmp, ivec->data, BLOCK_SIZE); else - memset(tmp, 0, BLOCK_SIZE); + memset(tmp, 0, BLOCK_SIZE); for (i = 0, input_length = 0; i < num_data; i++) { - krb5_crypto_iov *iov = &data[i]; + krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_IOV(iov)) - input_length += iov->data.length; + if (ENCRYPT_IOV(iov)) + input_length += iov->data.length; } nblocks = (input_length + BLOCK_SIZE - 1) / BLOCK_SIZE; @@ -317,52 +318,52 @@ krb5int_aes_decrypt_iov(krb5_key key, assert(nblocks > 1); { - char blockN2[BLOCK_SIZE]; /* second last */ - char blockN1[BLOCK_SIZE]; /* last block */ - struct iov_block_state input_pos, output_pos; - - IOV_BLOCK_STATE_INIT(&input_pos); - IOV_BLOCK_STATE_INIT(&output_pos); - - for (blockno = 0; blockno < nblocks - 2; blockno++) { - char blockN[BLOCK_SIZE]; - - krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos); - dec(tmp2, blockN, &ctx); - xorblock(tmp2, tmp); - krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos); - memcpy(tmp, blockN, BLOCK_SIZE); - } - - /* Do last two blocks, the second of which (next-to-last block - of plaintext) may be incomplete. */ - - /* First, get the last two encrypted blocks */ - memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */ - krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos); - krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos); - - if (ivec != NULL) - memcpy(ivec->data, blockN2, BLOCK_SIZE); - - /* Decrypt second last block */ - dec(tmp2, blockN2, &ctx); - /* Set tmp2 to last (possibly partial) plaintext block, and - save it. */ - xorblock(tmp2, blockN1); - memcpy(blockN2, tmp2, BLOCK_SIZE); - - /* Maybe keep the trailing part, and copy in the last - ciphertext block. */ - input_length %= BLOCK_SIZE; - memcpy(tmp2, blockN1, input_length ? input_length : BLOCK_SIZE); - dec(tmp3, tmp2, &ctx); - xorblock(tmp3, tmp); - memcpy(blockN1, tmp3, BLOCK_SIZE); - - /* Put the last two blocks back into the iovec */ - krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos); - krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos); + char blockN2[BLOCK_SIZE]; /* second last */ + char blockN1[BLOCK_SIZE]; /* last block */ + struct iov_block_state input_pos, output_pos; + + IOV_BLOCK_STATE_INIT(&input_pos); + IOV_BLOCK_STATE_INIT(&output_pos); + + for (blockno = 0; blockno < nblocks - 2; blockno++) { + char blockN[BLOCK_SIZE]; + + krb5int_c_iov_get_block((unsigned char *)blockN, BLOCK_SIZE, data, num_data, &input_pos); + dec(tmp2, blockN, &ctx); + xorblock(tmp2, tmp); + krb5int_c_iov_put_block(data, num_data, (unsigned char *)tmp2, BLOCK_SIZE, &output_pos); + memcpy(tmp, blockN, BLOCK_SIZE); + } + + /* Do last two blocks, the second of which (next-to-last block + of plaintext) may be incomplete. */ + + /* First, get the last two encrypted blocks */ + memset(blockN1, 0, sizeof(blockN1)); /* pad last block with zeros */ + krb5int_c_iov_get_block((unsigned char *)blockN2, BLOCK_SIZE, data, num_data, &input_pos); + krb5int_c_iov_get_block((unsigned char *)blockN1, BLOCK_SIZE, data, num_data, &input_pos); + + if (ivec != NULL) + memcpy(ivec->data, blockN2, BLOCK_SIZE); + + /* Decrypt second last block */ + dec(tmp2, blockN2, &ctx); + /* Set tmp2 to last (possibly partial) plaintext block, and + save it. */ + xorblock(tmp2, blockN1); + memcpy(blockN2, tmp2, BLOCK_SIZE); + + /* Maybe keep the trailing part, and copy in the last + ciphertext block. */ + input_length %= BLOCK_SIZE; + memcpy(tmp2, blockN1, input_length ? input_length : BLOCK_SIZE); + dec(tmp3, tmp2, &ctx); + xorblock(tmp3, tmp); + memcpy(blockN1, tmp3, BLOCK_SIZE); + + /* Put the last two blocks back into the iovec */ + krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN1, BLOCK_SIZE, &output_pos); + krb5int_c_iov_put_block(data, num_data, (unsigned char *)blockN2, BLOCK_SIZE, &output_pos); } return 0; @@ -370,12 +371,12 @@ krb5int_aes_decrypt_iov(krb5_key key, static krb5_error_code krb5int_aes_init_state (const krb5_keyblock *key, krb5_keyusage usage, - krb5_data *state) + krb5_data *state) { state->length = 16; state->data = (void *) malloc(16); if (state->data == NULL) - return ENOMEM; + return ENOMEM; memset(state->data, 0, state->length); return 0; } diff --git a/src/lib/crypto/builtin/enc_provider/des.c b/src/lib/crypto/builtin/enc_provider/des.c index f531c06..6a1ca8d 100644 --- a/src/lib/crypto/builtin/enc_provider/des.c +++ b/src/lib/crypto/builtin/enc_provider/des.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -33,37 +34,37 @@ static krb5_error_code k5_des_docrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output, int enc) + const krb5_data *input, krb5_data *output, int enc) { mit_des_key_schedule schedule; /* key->keyblock.enctype was checked by the caller */ if (key->keyblock.length != 8) - return(KRB5_BAD_KEYSIZE); + return(KRB5_BAD_KEYSIZE); if ((input->length%8) != 0) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); if (input->length != output->length) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); switch (mit_des_key_sched(key->keyblock.contents, schedule)) { case -1: - return(KRB5DES_BAD_KEYPAR); + return(KRB5DES_BAD_KEYPAR); case -2: - return(KRB5DES_WEAK_KEY); + return(KRB5DES_WEAK_KEY); } /* this has a return value, but the code always returns zero */ mit_des_cbc_encrypt((krb5_pointer) input->data, - (krb5_pointer) output->data, input->length, - schedule, - (ivec - ? (const unsigned char *) ivec->data - : (const unsigned char *) mit_des_zeroblock), - enc); + (krb5_pointer) output->data, input->length, + schedule, + (ivec + ? (const unsigned char *) ivec->data + : (const unsigned char *) mit_des_zeroblock), + enc); memset(schedule, 0, sizeof(schedule)); @@ -72,21 +73,21 @@ k5_des_docrypt(krb5_key key, const krb5_data *ivec, static krb5_error_code k5_des_encrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) + const krb5_data *input, krb5_data *output) { return(k5_des_docrypt(key, ivec, input, output, 1)); } static krb5_error_code k5_des_decrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) + const krb5_data *input, krb5_data *output) { return(k5_des_docrypt(key, ivec, input, output, 0)); } static krb5_error_code k5_des_docrypt_iov(krb5_key key, const krb5_data *ivec, - krb5_crypto_iov *data, size_t num_data, int enc) + krb5_crypto_iov *data, size_t num_data, int enc) { mit_des_key_schedule schedule; size_t input_length = 0; @@ -95,32 +96,32 @@ k5_des_docrypt_iov(krb5_key key, const krb5_data *ivec, /* key->keyblock.enctype was checked by the caller */ if (key->keyblock.length != 8) - return(KRB5_BAD_KEYSIZE); + return(KRB5_BAD_KEYSIZE); for (i = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; + const krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_DATA_IOV(iov)) - input_length += iov->data.length; + if (ENCRYPT_DATA_IOV(iov)) + input_length += iov->data.length; } if ((input_length % 8) != 0) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); switch (mit_des_key_sched(key->keyblock.contents, schedule)) { case -1: - return(KRB5DES_BAD_KEYPAR); + return(KRB5DES_BAD_KEYPAR); case -2: - return(KRB5DES_WEAK_KEY); + return(KRB5DES_WEAK_KEY); } /* this has a return value, but the code always returns zero */ if (enc) - krb5int_des_cbc_encrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL); + krb5int_des_cbc_encrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL); else - krb5int_des_cbc_decrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL); + krb5int_des_cbc_decrypt_iov(data, num_data, schedule, ivec ? ivec->data : NULL); memset(schedule, 0, sizeof(schedule)); @@ -129,18 +130,18 @@ k5_des_docrypt_iov(krb5_key key, const krb5_data *ivec, static krb5_error_code k5_des_encrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data) { return k5_des_docrypt_iov(key, ivec, data, num_data, 1); } static krb5_error_code k5_des_decrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data) { return k5_des_docrypt_iov(key, ivec, data, num_data, 0); } diff --git a/src/lib/crypto/builtin/enc_provider/des3.c b/src/lib/crypto/builtin/enc_provider/des3.c index c731639..c4ea3b2 100644 --- a/src/lib/crypto/builtin/enc_provider/des3.c +++ b/src/lib/crypto/builtin/enc_provider/des3.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -31,77 +32,77 @@ static krb5_error_code validate_and_schedule(krb5_key key, const krb5_data *ivec, - const krb5_data *input, const krb5_data *output, - mit_des3_key_schedule *schedule) + const krb5_data *input, const krb5_data *output, + mit_des3_key_schedule *schedule) { /* key->keyblock.enctype was checked by the caller */ if (key->keyblock.length != 24) - return(KRB5_BAD_KEYSIZE); + return(KRB5_BAD_KEYSIZE); if ((input->length%8) != 0) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); if (input->length != output->length) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents, - *schedule)) { + *schedule)) { case -1: - return(KRB5DES_BAD_KEYPAR); + return(KRB5DES_BAD_KEYPAR); case -2: - return(KRB5DES_WEAK_KEY); + return(KRB5DES_WEAK_KEY); } return 0; } static krb5_error_code validate_and_schedule_iov(krb5_key key, const krb5_data *ivec, - const krb5_crypto_iov *data, size_t num_data, - mit_des3_key_schedule *schedule) + const krb5_crypto_iov *data, size_t num_data, + mit_des3_key_schedule *schedule) { size_t i, input_length; for (i = 0, input_length = 0; i < num_data; i++) { - const krb5_crypto_iov *iov = &data[i]; + const krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_IOV(iov)) - input_length += iov->data.length; + if (ENCRYPT_IOV(iov)) + input_length += iov->data.length; } if (key->keyblock.length != 24) - return(KRB5_BAD_KEYSIZE); + return(KRB5_BAD_KEYSIZE); if ((input_length%8) != 0) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); if (ivec && (ivec->length != 8)) - return(KRB5_BAD_MSIZE); + return(KRB5_BAD_MSIZE); switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents, - *schedule)) { + *schedule)) { case -1: - return(KRB5DES_BAD_KEYPAR); + return(KRB5DES_BAD_KEYPAR); case -2: - return(KRB5DES_WEAK_KEY); + return(KRB5DES_WEAK_KEY); } return 0; } static krb5_error_code k5_des3_encrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) + const krb5_data *input, krb5_data *output) { mit_des3_key_schedule schedule; krb5_error_code err; err = validate_and_schedule(key, ivec, input, output, &schedule); if (err) - return err; + return err; /* this has a return value, but the code always returns zero */ krb5int_des3_cbc_encrypt((krb5_pointer) input->data, - (krb5_pointer) output->data, input->length, - schedule[0], schedule[1], schedule[2], - ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock); + (krb5_pointer) output->data, input->length, + schedule[0], schedule[1], schedule[2], + ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock); zap(schedule, sizeof(schedule)); @@ -110,20 +111,20 @@ k5_des3_encrypt(krb5_key key, const krb5_data *ivec, static krb5_error_code k5_des3_decrypt(krb5_key key, const krb5_data *ivec, - const krb5_data *input, krb5_data *output) + const krb5_data *input, krb5_data *output) { mit_des3_key_schedule schedule; krb5_error_code err; err = validate_and_schedule(key, ivec, input, output, &schedule); if (err) - return err; + return err; /* this has a return value, but the code always returns zero */ krb5int_des3_cbc_decrypt((krb5_pointer) input->data, - (krb5_pointer) output->data, input->length, - schedule[0], schedule[1], schedule[2], - ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock); + (krb5_pointer) output->data, input->length, + schedule[0], schedule[1], schedule[2], + ivec?(const unsigned char *) ivec->data:(const unsigned char *)mit_des_zeroblock); zap(schedule, sizeof(schedule)); @@ -132,21 +133,21 @@ k5_des3_decrypt(krb5_key key, const krb5_data *ivec, static krb5_error_code k5_des3_encrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data) { mit_des3_key_schedule schedule; krb5_error_code err; err = validate_and_schedule_iov(key, ivec, data, num_data, &schedule); if (err) - return err; + return err; /* this has a return value, but the code always returns zero */ krb5int_des3_cbc_encrypt_iov(data, num_data, - schedule[0], schedule[1], schedule[2], - ivec != NULL ? (unsigned char *) ivec->data : NULL); + schedule[0], schedule[1], schedule[2], + ivec != NULL ? (unsigned char *) ivec->data : NULL); zap(schedule, sizeof(schedule)); @@ -155,21 +156,21 @@ k5_des3_encrypt_iov(krb5_key key, static krb5_error_code k5_des3_decrypt_iov(krb5_key key, - const krb5_data *ivec, - krb5_crypto_iov *data, - size_t num_data) + const krb5_data *ivec, + krb5_crypto_iov *data, + size_t num_data) { mit_des3_key_schedule schedule; krb5_error_code err; err = validate_and_schedule_iov(key, ivec, data, num_data, &schedule); if (err) - return err; + return err; /* this has a return value, but the code always returns zero */ krb5int_des3_cbc_decrypt_iov(data, num_data, - schedule[0], schedule[1], schedule[2], - ivec != NULL ? (unsigned char *) ivec->data : NULL); + schedule[0], schedule[1], schedule[2], + ivec != NULL ? (unsigned char *) ivec->data : NULL); zap(schedule, sizeof(schedule)); diff --git a/src/lib/crypto/builtin/enc_provider/enc_provider.h b/src/lib/crypto/builtin/enc_provider/enc_provider.h index 49ffaaf..8144b65 100644 --- a/src/lib/crypto/builtin/enc_provider/enc_provider.h +++ b/src/lib/crypto/builtin/enc_provider/enc_provider.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * diff --git a/src/lib/crypto/builtin/enc_provider/rc4.c b/src/lib/crypto/builtin/enc_provider/rc4.c index 0a1f618..ae4a004 100644 --- a/src/lib/crypto/builtin/enc_provider/rc4.c +++ b/src/lib/crypto/builtin/enc_provider/rc4.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* arcfour.c * * Copyright (c) 2000 by Computer Science Laboratory, @@ -13,14 +14,14 @@ typedef struct { - unsigned int x; - unsigned int y; - unsigned char state[256]; + unsigned int x; + unsigned int y; + unsigned char state[256]; } ArcfourContext; typedef struct { - int initialized; - ArcfourContext ctx; + int initialized; + ArcfourContext ctx; } ArcFourCipherState; /* gets the next byte from the PRNG */ @@ -32,16 +33,16 @@ static unsigned int k5_arcfour_byte(ArcfourContext *); /* Initializes the context and sets the key. */ static krb5_error_code k5_arcfour_init(ArcfourContext *ctx, const unsigned char *key, - unsigned int keylen); + unsigned int keylen); /* Encrypts/decrypts data. */ static void k5_arcfour_crypt(ArcfourContext *ctx, unsigned char *dest, - const unsigned char *src, unsigned int len); + const unsigned char *src, unsigned int len); /* Interface layer to kerb5 crypto layer */ static krb5_error_code k5_arcfour_docrypt(krb5_key, const krb5_data *, - const krb5_data *, krb5_data *); + const krb5_data *, krb5_data *); static const unsigned char arcfour_weakkey1[] = {0x00, 0x00, 0xfd}; static const unsigned char arcfour_weakkey2[] = {0x03, 0xfd, 0xfc}; @@ -55,125 +56,125 @@ static const struct { static inline unsigned int k5_arcfour_byte(ArcfourContext * ctx) { - unsigned int x; - unsigned int y; - unsigned int sx, sy; - unsigned char *state; + unsigned int x; + unsigned int y; + unsigned int sx, sy; + unsigned char *state; - state = ctx->state; - x = (ctx->x + 1) & 0xff; - sx = state[x]; - y = (sx + ctx->y) & 0xff; - sy = state[y]; - ctx->x = x; - ctx->y = y; - state[y] = sx; - state[x] = sy; - return state[(sx + sy) & 0xff]; + state = ctx->state; + x = (ctx->x + 1) & 0xff; + sx = state[x]; + y = (sx + ctx->y) & 0xff; + sy = state[y]; + ctx->x = x; + ctx->y = y; + state[y] = sx; + state[x] = sy; + return state[(sx + sy) & 0xff]; } static void k5_arcfour_crypt(ArcfourContext *ctx, unsigned char *dest, - const unsigned char *src, unsigned int len) + const unsigned char *src, unsigned int len) { - unsigned int i; - for (i = 0; i < len; i++) - dest[i] = src[i] ^ k5_arcfour_byte(ctx); + unsigned int i; + for (i = 0; i < len; i++) + dest[i] = src[i] ^ k5_arcfour_byte(ctx); } static krb5_error_code k5_arcfour_init(ArcfourContext *ctx, const unsigned char *key, - unsigned int key_len) + unsigned int key_len) { - unsigned int t, u; - unsigned int keyindex; - unsigned int stateindex; - unsigned char* state; - unsigned int counter; + unsigned int t, u; + unsigned int keyindex; + unsigned int stateindex; + unsigned char* state; + unsigned int counter; - if (key_len != 16) - return KRB5_BAD_MSIZE; /*this is probably not the correct error code - to return */ - for (counter=0; - counter < sizeof(arcfour_weakkeys)/sizeof(arcfour_weakkeys[0]); - counter++) - if (!memcmp(key, arcfour_weakkeys[counter].data, - arcfour_weakkeys[counter].length)) - return KRB5DES_WEAK_KEY; /* most certainly not the correct error */ + if (key_len != 16) + return KRB5_BAD_MSIZE; /*this is probably not the correct error code + to return */ + for (counter=0; + counter < sizeof(arcfour_weakkeys)/sizeof(arcfour_weakkeys[0]); + counter++) + if (!memcmp(key, arcfour_weakkeys[counter].data, + arcfour_weakkeys[counter].length)) + return KRB5DES_WEAK_KEY; /* most certainly not the correct error */ - state = &ctx->state[0]; - ctx->x = 0; - ctx->y = 0; - for (counter = 0; counter < 256; counter++) - state[counter] = counter; - keyindex = 0; - stateindex = 0; - for (counter = 0; counter < 256; counter++) + state = &ctx->state[0]; + ctx->x = 0; + ctx->y = 0; + for (counter = 0; counter < 256; counter++) + state[counter] = counter; + keyindex = 0; + stateindex = 0; + for (counter = 0; counter < 256; counter++) { - t = state[counter]; - stateindex = (stateindex + key[keyindex] + t) & 0xff; - u = state[stateindex]; - state[stateindex] = t; - state[counter] = u; - if (++keyindex >= key_len) - keyindex = 0; + t = state[counter]; + stateindex = (stateindex + key[keyindex] + t) & 0xff; + u = state[stateindex]; + state[stateindex] = t; + state[counter] = u; + if (++keyindex >= key_len) + keyindex = 0; } - return 0; + return 0; } /* The workhorse of the arcfour system, this impliments the cipher */ static krb5_error_code k5_arcfour_docrypt(krb5_key key, const krb5_data *state, - const krb5_data *input, krb5_data *output) + const krb5_data *input, krb5_data *output) { - ArcfourContext *arcfour_ctx; - ArcFourCipherState *cipher_state; - int ret; + ArcfourContext *arcfour_ctx; + ArcFourCipherState *cipher_state; + int ret; - if (key->keyblock.length != 16) - return(KRB5_BAD_KEYSIZE); - if (state && (state->length != sizeof (ArcFourCipherState))) - return(KRB5_BAD_MSIZE); - if (input->length != output->length) - return(KRB5_BAD_MSIZE); + if (key->keyblock.length != 16) + return(KRB5_BAD_KEYSIZE); + if (state && (state->length != sizeof (ArcFourCipherState))) + return(KRB5_BAD_MSIZE); + if (input->length != output->length) + return(KRB5_BAD_MSIZE); - if (state) { - cipher_state = (ArcFourCipherState *) state->data; - arcfour_ctx=&cipher_state->ctx; - if (cipher_state->initialized == 0) { - if ((ret=k5_arcfour_init(arcfour_ctx, key->keyblock.contents, - key->keyblock.length))) { - return ret; - } - cipher_state->initialized = 1; + if (state) { + cipher_state = (ArcFourCipherState *) state->data; + arcfour_ctx=&cipher_state->ctx; + if (cipher_state->initialized == 0) { + if ((ret=k5_arcfour_init(arcfour_ctx, key->keyblock.contents, + key->keyblock.length))) { + return ret; + } + cipher_state->initialized = 1; + } + k5_arcfour_crypt(arcfour_ctx, (unsigned char *) output->data, (const unsigned char *) input->data, input->length); } - k5_arcfour_crypt(arcfour_ctx, (unsigned char *) output->data, (const unsigned char *) input->data, input->length); - } - else { - arcfour_ctx=malloc(sizeof (ArcfourContext)); - if (arcfour_ctx == NULL) - return ENOMEM; - if ((ret=k5_arcfour_init(arcfour_ctx, key->keyblock.contents, - key->keyblock.length))) { - free(arcfour_ctx); - return (ret); + else { + arcfour_ctx=malloc(sizeof (ArcfourContext)); + if (arcfour_ctx == NULL) + return ENOMEM; + if ((ret=k5_arcfour_init(arcfour_ctx, key->keyblock.contents, + key->keyblock.length))) { + free(arcfour_ctx); + return (ret); + } + k5_arcfour_crypt(arcfour_ctx, (unsigned char * ) output->data, + (const unsigned char * ) input->data, input->length); + memset(arcfour_ctx, 0, sizeof (ArcfourContext)); + free(arcfour_ctx); } - k5_arcfour_crypt(arcfour_ctx, (unsigned char * ) output->data, - (const unsigned char * ) input->data, input->length); - memset(arcfour_ctx, 0, sizeof (ArcfourContext)); - free(arcfour_ctx); - } - return 0; + return 0; } /* In-place encryption */ static krb5_error_code k5_arcfour_docrypt_iov(krb5_key key, - const krb5_data *state, - krb5_crypto_iov *data, - size_t num_data) + const krb5_data *state, + krb5_crypto_iov *data, + size_t num_data) { ArcfourContext *arcfour_ctx = NULL; ArcFourCipherState *cipher_state = NULL; @@ -181,45 +182,45 @@ k5_arcfour_docrypt_iov(krb5_key key, size_t i; if (key->keyblock.length != 16) - return KRB5_BAD_KEYSIZE; + return KRB5_BAD_KEYSIZE; if (state != NULL && (state->length != sizeof(ArcFourCipherState))) - return KRB5_BAD_MSIZE; + return KRB5_BAD_MSIZE; if (state != NULL) { - cipher_state = (ArcFourCipherState *)state->data; - arcfour_ctx = &cipher_state->ctx; - if (cipher_state->initialized == 0) { - ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents, - key->keyblock.length); - if (ret != 0) - return ret; + cipher_state = (ArcFourCipherState *)state->data; + arcfour_ctx = &cipher_state->ctx; + if (cipher_state->initialized == 0) { + ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents, + key->keyblock.length); + if (ret != 0) + return ret; - cipher_state->initialized = 1; - } + cipher_state->initialized = 1; + } } else { - arcfour_ctx = (ArcfourContext *)malloc(sizeof(ArcfourContext)); - if (arcfour_ctx == NULL) - return ENOMEM; + arcfour_ctx = (ArcfourContext *)malloc(sizeof(ArcfourContext)); + if (arcfour_ctx == NULL) + return ENOMEM; - ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents, - key->keyblock.length); - if (ret != 0) { - free(arcfour_ctx); - return ret; - } + ret = k5_arcfour_init(arcfour_ctx, key->keyblock.contents, + key->keyblock.length); + if (ret != 0) { + free(arcfour_ctx); + return ret; + } } for (i = 0; i < num_data; i++) { - krb5_crypto_iov *iov = &data[i]; + krb5_crypto_iov *iov = &data[i]; - if (ENCRYPT_IOV(iov)) - k5_arcfour_crypt(arcfour_ctx, (unsigned char *)iov->data.data, - (const unsigned char *)iov->data.data, iov->data.length); + if (ENCRYPT_IOV(iov)) + k5_arcfour_crypt(arcfour_ctx, (unsigned char *)iov->data.data, + (const unsigned char *)iov->data.data, iov->data.length); } if (state == NULL) { - memset(arcfour_ctx, 0, sizeof(ArcfourContext)); - free(arcfour_ctx); + memset(arcfour_ctx, 0, sizeof(ArcfourContext)); + free(arcfour_ctx); } return 0; @@ -227,22 +228,22 @@ k5_arcfour_docrypt_iov(krb5_key key, static krb5_error_code k5_arcfour_init_state (const krb5_keyblock *key, - krb5_keyusage keyusage, krb5_data *new_state) + krb5_keyusage keyusage, krb5_data *new_state) { - /* Note that we can't actually set up the state here because the key - * will change between now and when encrypt is called - * because it is data dependent. Yeah, this has strange - * properties. --SDH - */ - new_state->length = sizeof (ArcFourCipherState); - new_state->data = malloc (new_state->length); - if (new_state->data) { - memset (new_state->data, 0 , new_state->length); - /* That will set initialized to zero*/ - }else { - return (ENOMEM); - } - return 0; + /* Note that we can't actually set up the state here because the key + * will change between now and when encrypt is called + * because it is data dependent. Yeah, this has strange + * properties. --SDH + */ + new_state->length = sizeof (ArcFourCipherState); + new_state->data = malloc (new_state->length); + if (new_state->data) { + memset (new_state->data, 0 , new_state->length); + /* That will set initialized to zero*/ + }else { + return (ENOMEM); + } + return 0; } /* Since the arcfour cipher is identical going forwards and backwards, diff --git a/src/lib/crypto/builtin/hash_provider/hash_crc32.c b/src/lib/crypto/builtin/hash_provider/hash_crc32.c index 771a7d6..e748c98 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_crc32.c +++ b/src/lib/crypto/builtin/hash_provider/hash_crc32.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,18 +31,18 @@ static krb5_error_code k5_crc32_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) + krb5_data *output) { unsigned long c, cn; unsigned int i; if (output->length != CRC32_CKSUM_LENGTH) - return(KRB5_CRYPTO_INTERNAL); + return(KRB5_CRYPTO_INTERNAL); c = 0; for (i=0; i<icount; i++) { - mit_crc32(input[i].data, input[i].length, &cn); - c ^= cn; + mit_crc32(input[i].data, input[i].length, &cn); + c ^= cn; } store_32_le(c, output->data); diff --git a/src/lib/crypto/builtin/hash_provider/hash_md4.c b/src/lib/crypto/builtin/hash_provider/hash_md4.c index 916da0f..3a7d0d4 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_md4.c +++ b/src/lib/crypto/builtin/hash_provider/hash_md4.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,17 +31,17 @@ static krb5_error_code k5_md4_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) + krb5_data *output) { krb5_MD4_CTX ctx; unsigned int i; if (output->length != RSA_MD4_CKSUM_LENGTH) - return(KRB5_CRYPTO_INTERNAL); + return(KRB5_CRYPTO_INTERNAL); krb5int_MD4Init(&ctx); for (i=0; i<icount; i++) - krb5int_MD4Update(&ctx, (unsigned char *) input[i].data, input[i].length); + krb5int_MD4Update(&ctx, (unsigned char *) input[i].data, input[i].length); krb5int_MD4Final(&ctx); memcpy(output->data, ctx.digest, RSA_MD4_CKSUM_LENGTH); diff --git a/src/lib/crypto/builtin/hash_provider/hash_md5.c b/src/lib/crypto/builtin/hash_provider/hash_md5.c index e1e29f0..610e414 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_md5.c +++ b/src/lib/crypto/builtin/hash_provider/hash_md5.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,17 +31,17 @@ static krb5_error_code k5_md5_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) + krb5_data *output) { krb5_MD5_CTX ctx; unsigned int i; if (output->length != RSA_MD5_CKSUM_LENGTH) - return(KRB5_CRYPTO_INTERNAL); + return(KRB5_CRYPTO_INTERNAL); krb5int_MD5Init(&ctx); for (i=0; i<icount; i++) - krb5int_MD5Update(&ctx, (unsigned char *) input[i].data, input[i].length); + krb5int_MD5Update(&ctx, (unsigned char *) input[i].data, input[i].length); krb5int_MD5Final(&ctx); memcpy(output->data, ctx.digest, RSA_MD5_CKSUM_LENGTH); diff --git a/src/lib/crypto/builtin/hash_provider/hash_provider.h b/src/lib/crypto/builtin/hash_provider/hash_provider.h index 1023d1a..eebe845 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_provider.h +++ b/src/lib/crypto/builtin/hash_provider/hash_provider.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * diff --git a/src/lib/crypto/builtin/hash_provider/hash_sha1.c b/src/lib/crypto/builtin/hash_provider/hash_sha1.c index 1f1fc62..a861d4c 100644 --- a/src/lib/crypto/builtin/hash_provider/hash_sha1.c +++ b/src/lib/crypto/builtin/hash_provider/hash_sha1.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -30,21 +31,21 @@ static krb5_error_code k5_sha1_hash(unsigned int icount, const krb5_data *input, - krb5_data *output) + krb5_data *output) { SHS_INFO ctx; unsigned int i; if (output->length != SHS_DIGESTSIZE) - return(KRB5_CRYPTO_INTERNAL); + return(KRB5_CRYPTO_INTERNAL); shsInit(&ctx); for (i=0; i<icount; i++) - shsUpdate(&ctx, (unsigned char *) input[i].data, input[i].length); + shsUpdate(&ctx, (unsigned char *) input[i].data, input[i].length); shsFinal(&ctx); for (i=0; i<(sizeof(ctx.digest)/sizeof(ctx.digest[0])); i++) { - store_32_be(ctx.digest[i], &output->data[i*4]); + store_32_be(ctx.digest[i], &output->data[i*4]); } return(0); diff --git a/src/lib/crypto/builtin/hmac.c b/src/lib/crypto/builtin/hmac.c index 3e58a59..7d1f244 100644 --- a/src/lib/crypto/builtin/hmac.c +++ b/src/lib/crypto/builtin/hmac.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright (C) 1998 by the FundsXpress, INC. * @@ -52,8 +53,8 @@ krb5_error_code krb5int_hmac_keyblock(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, unsigned int icount, - const krb5_data *input, krb5_data *output) + const krb5_keyblock *key, unsigned int icount, + const krb5_data *input, krb5_data *output) { size_t hashsize, blocksize; unsigned char *xorkey, *ihash; @@ -140,9 +141,9 @@ cleanup: krb5_error_code krb5int_hmac_iov_keyblock(const struct krb5_hash_provider *hash, - const krb5_keyblock *key, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output) + const krb5_keyblock *key, + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output) { krb5_data *sign_data; size_t num_sign_data; @@ -179,16 +180,16 @@ krb5int_hmac_iov_keyblock(const struct krb5_hash_provider *hash, krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash, krb5_key key, - unsigned int icount, const krb5_data *input, krb5_data *output) + unsigned int icount, const krb5_data *input, krb5_data *output) { return krb5int_hmac_keyblock(hash, &key->keyblock, icount, input, output); } krb5_error_code krb5int_hmac_iov(const struct krb5_hash_provider *hash, krb5_key key, - const krb5_crypto_iov *data, size_t num_data, - krb5_data *output) + const krb5_crypto_iov *data, size_t num_data, + krb5_data *output) { return krb5int_hmac_iov_keyblock(hash, &key->keyblock, data, num_data, - output); + output); } diff --git a/src/lib/crypto/builtin/md4/md4.c b/src/lib/crypto/builtin/md4/md4.c index b36a476..6850e13 100644 --- a/src/lib/crypto/builtin/md4/md4.c +++ b/src/lib/crypto/builtin/md4/md4.c @@ -1,39 +1,40 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* - * lib/crypto/md4/md4.c + * lib/crypto/md4/md4.c */ /* - ********************************************************************** - ** md4.c ** - ** RSA Data Security, Inc. MD4 Message Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 1/91 SRD,AJ,BSK,JT Reference C Version ** - ********************************************************************** - */ +********************************************************************** +** md4.c ** +** RSA Data Security, Inc. MD4 Message Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 1/91 SRD,AJ,BSK,JT Reference C Version ** +********************************************************************** +*/ /* - ********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD4 Message ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD4 Message Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - ********************************************************************** - */ +********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD4 Message ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD4 Message Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +********************************************************************** +*/ #include "k5-int.h" #include "rsa-md4.h" @@ -42,14 +43,14 @@ static void Transform (krb5_ui_4 *, krb5_ui_4 *); static const unsigned char PADDING[64] = { - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; /* F, G and H are basic MD4 functions: selection, majority, parity */ @@ -62,185 +63,185 @@ static const unsigned char PADDING[64] = { /* FF, GG and HH are MD4 transformations for rounds 1, 2 and 3 */ /* Rotation is separate from addition to prevent recomputation */ -#define FF(a, b, c, d, x, s) \ - {(a) += F ((b), (c), (d)) + (x); \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s));} -#define GG(a, b, c, d, x, s) \ - {(a) += G ((b), (c), (d)) + (x) + 013240474631UL; \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s));} -#define HH(a, b, c, d, x, s) \ - {(a) += H ((b), (c), (d)) + (x) + 015666365641UL; \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s));} +#define FF(a, b, c, d, x, s) \ + {(a) += F ((b), (c), (d)) + (x); \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s));} +#define GG(a, b, c, d, x, s) \ + {(a) += G ((b), (c), (d)) + (x) + 013240474631UL; \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s));} +#define HH(a, b, c, d, x, s) \ + {(a) += H ((b), (c), (d)) + (x) + 015666365641UL; \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s));} void krb5int_MD4Init (krb5_MD4_CTX *mdContext) { - mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0; - - /* Load magic initialization constants. - */ - mdContext->buf[0] = 0x67452301UL; - mdContext->buf[1] = 0xefcdab89UL; - mdContext->buf[2] = 0x98badcfeUL; - mdContext->buf[3] = 0x10325476UL; + mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0; + + /* Load magic initialization constants. + */ + mdContext->buf[0] = 0x67452301UL; + mdContext->buf[1] = 0xefcdab89UL; + mdContext->buf[2] = 0x98badcfeUL; + mdContext->buf[3] = 0x10325476UL; } void krb5int_MD4Update (krb5_MD4_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen) { - krb5_ui_4 in[16]; - int mdi; - unsigned int i, ii; - - /* compute number of bytes mod 64 */ - mdi = (int)((mdContext->i[0] >> 3) & 0x3F); - - /* update number of bits */ - if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0]) - mdContext->i[1]++; - mdContext->i[0] += ((krb5_ui_4)inLen << 3); - mdContext->i[1] += ((krb5_ui_4)inLen >> 29); - - while (inLen--) { - /* add new character to buffer, increment mdi */ - mdContext->in[mdi++] = *inBuf++; - - /* transform if necessary */ - if (mdi == 0x40) { - for (i = 0, ii = 0; i < 16; i++, ii += 4) { - in[i] = load_32_le(mdContext->in+ii); - } - Transform (mdContext->buf, in); - mdi = 0; + krb5_ui_4 in[16]; + int mdi; + unsigned int i, ii; + + /* compute number of bytes mod 64 */ + mdi = (int)((mdContext->i[0] >> 3) & 0x3F); + + /* update number of bits */ + if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0]) + mdContext->i[1]++; + mdContext->i[0] += ((krb5_ui_4)inLen << 3); + mdContext->i[1] += ((krb5_ui_4)inLen >> 29); + + while (inLen--) { + /* add new character to buffer, increment mdi */ + mdContext->in[mdi++] = *inBuf++; + + /* transform if necessary */ + if (mdi == 0x40) { + for (i = 0, ii = 0; i < 16; i++, ii += 4) { + in[i] = load_32_le(mdContext->in+ii); + } + Transform (mdContext->buf, in); + mdi = 0; + } } - } } void krb5int_MD4Final (krb5_MD4_CTX *mdContext) { - krb5_ui_4 in[16]; - int mdi; - unsigned int i, ii; - unsigned int padLen; + krb5_ui_4 in[16]; + int mdi; + unsigned int i, ii; + unsigned int padLen; - /* save number of bits */ - in[14] = mdContext->i[0]; - in[15] = mdContext->i[1]; + /* save number of bits */ + in[14] = mdContext->i[0]; + in[15] = mdContext->i[1]; - /* compute number of bytes mod 64 */ - mdi = (int)((mdContext->i[0] >> 3) & 0x3F); + /* compute number of bytes mod 64 */ + mdi = (int)((mdContext->i[0] >> 3) & 0x3F); - /* pad out to 56 mod 64 */ - padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi); - krb5int_MD4Update (mdContext, PADDING, padLen); + /* pad out to 56 mod 64 */ + padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi); + krb5int_MD4Update (mdContext, PADDING, padLen); - /* append length in bits and transform */ - for (i = 0, ii = 0; i < 14; i++, ii += 4) - in[i] = load_32_le(mdContext->in+ii); - Transform (mdContext->buf, in); + /* append length in bits and transform */ + for (i = 0, ii = 0; i < 14; i++, ii += 4) + in[i] = load_32_le(mdContext->in+ii); + Transform (mdContext->buf, in); - /* store buffer in digest */ - for (i = 0, ii = 0; i < 4; i++, ii += 4) { - store_32_le(mdContext->buf[i], mdContext->digest+ii); - } + /* store buffer in digest */ + for (i = 0, ii = 0; i < 4; i++, ii += 4) { + store_32_le(mdContext->buf[i], mdContext->digest+ii); + } } /* Basic MD4 step. Transform buf based on in. */ static void Transform (krb5_ui_4 *buf, krb5_ui_4 *in) { - register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3]; + register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3]; #if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) - int i; + int i; #define ROTATE { krb5_ui_4 temp; temp = d, d = c, c = b, b = a, a = temp; } - for (i = 0; i < 16; i++) { - static const unsigned char round1consts[] = { 3, 7, 11, 19, }; - FF (a, b, c, d, in[i], round1consts[i%4]); ROTATE; - } - for (i = 0; i < 16; i++) { - static const unsigned char round2indices[] = { - 0,4,8,12,1,5,9,13,2,6,10,14,3,7,11,15 - }; - static const unsigned char round2consts[] = { 3, 5, 9, 13 }; - GG (a, b, c, d, in[round2indices[i]], round2consts[i%4]); ROTATE; - } - for (i = 0; i < 16; i++) { - static const unsigned char round3indices[] = { - 0, 8, 4, 12, 2, 10, 6, 14, 1, 9, 5, 13, 3, 11, 7, 15 - }; - static const unsigned char round3consts[] = { 3, 9, 11, 15 }; - HH (a, b, c, d, in[round3indices[i]], round3consts[i%4]); ROTATE; - } + for (i = 0; i < 16; i++) { + static const unsigned char round1consts[] = { 3, 7, 11, 19, }; + FF (a, b, c, d, in[i], round1consts[i%4]); ROTATE; + } + for (i = 0; i < 16; i++) { + static const unsigned char round2indices[] = { + 0,4,8,12,1,5,9,13,2,6,10,14,3,7,11,15 + }; + static const unsigned char round2consts[] = { 3, 5, 9, 13 }; + GG (a, b, c, d, in[round2indices[i]], round2consts[i%4]); ROTATE; + } + for (i = 0; i < 16; i++) { + static const unsigned char round3indices[] = { + 0, 8, 4, 12, 2, 10, 6, 14, 1, 9, 5, 13, 3, 11, 7, 15 + }; + static const unsigned char round3consts[] = { 3, 9, 11, 15 }; + HH (a, b, c, d, in[round3indices[i]], round3consts[i%4]); ROTATE; + } #else - /* Round 1 */ - FF (a, b, c, d, in[ 0], 3); - FF (d, a, b, c, in[ 1], 7); - FF (c, d, a, b, in[ 2], 11); - FF (b, c, d, a, in[ 3], 19); - FF (a, b, c, d, in[ 4], 3); - FF (d, a, b, c, in[ 5], 7); - FF (c, d, a, b, in[ 6], 11); - FF (b, c, d, a, in[ 7], 19); - FF (a, b, c, d, in[ 8], 3); - FF (d, a, b, c, in[ 9], 7); - FF (c, d, a, b, in[10], 11); - FF (b, c, d, a, in[11], 19); - FF (a, b, c, d, in[12], 3); - FF (d, a, b, c, in[13], 7); - FF (c, d, a, b, in[14], 11); - FF (b, c, d, a, in[15], 19); - - /* Round 2 */ - GG (a, b, c, d, in[ 0], 3); - GG (d, a, b, c, in[ 4], 5); - GG (c, d, a, b, in[ 8], 9); - GG (b, c, d, a, in[12], 13); - GG (a, b, c, d, in[ 1], 3); - GG (d, a, b, c, in[ 5], 5); - GG (c, d, a, b, in[ 9], 9); - GG (b, c, d, a, in[13], 13); - GG (a, b, c, d, in[ 2], 3); - GG (d, a, b, c, in[ 6], 5); - GG (c, d, a, b, in[10], 9); - GG (b, c, d, a, in[14], 13); - GG (a, b, c, d, in[ 3], 3); - GG (d, a, b, c, in[ 7], 5); - GG (c, d, a, b, in[11], 9); - GG (b, c, d, a, in[15], 13); - - /* Round 3 */ - HH (a, b, c, d, in[ 0], 3); - HH (d, a, b, c, in[ 8], 9); - HH (c, d, a, b, in[ 4], 11); - HH (b, c, d, a, in[12], 15); - HH (a, b, c, d, in[ 2], 3); - HH (d, a, b, c, in[10], 9); - HH (c, d, a, b, in[ 6], 11); - HH (b, c, d, a, in[14], 15); - HH (a, b, c, d, in[ 1], 3); - HH (d, a, b, c, in[ 9], 9); - HH (c, d, a, b, in[ 5], 11); - HH (b, c, d, a, in[13], 15); - HH (a, b, c, d, in[ 3], 3); - HH (d, a, b, c, in[11], 9); - HH (c, d, a, b, in[ 7], 11); - HH (b, c, d, a, in[15], 15); + /* Round 1 */ + FF (a, b, c, d, in[ 0], 3); + FF (d, a, b, c, in[ 1], 7); + FF (c, d, a, b, in[ 2], 11); + FF (b, c, d, a, in[ 3], 19); + FF (a, b, c, d, in[ 4], 3); + FF (d, a, b, c, in[ 5], 7); + FF (c, d, a, b, in[ 6], 11); + FF (b, c, d, a, in[ 7], 19); + FF (a, b, c, d, in[ 8], 3); + FF (d, a, b, c, in[ 9], 7); + FF (c, d, a, b, in[10], 11); + FF (b, c, d, a, in[11], 19); + FF (a, b, c, d, in[12], 3); + FF (d, a, b, c, in[13], 7); + FF (c, d, a, b, in[14], 11); + FF (b, c, d, a, in[15], 19); + + /* Round 2 */ + GG (a, b, c, d, in[ 0], 3); + GG (d, a, b, c, in[ 4], 5); + GG (c, d, a, b, in[ 8], 9); + GG (b, c, d, a, in[12], 13); + GG (a, b, c, d, in[ 1], 3); + GG (d, a, b, c, in[ 5], 5); + GG (c, d, a, b, in[ 9], 9); + GG (b, c, d, a, in[13], 13); + GG (a, b, c, d, in[ 2], 3); + GG (d, a, b, c, in[ 6], 5); + GG (c, d, a, b, in[10], 9); + GG (b, c, d, a, in[14], 13); + GG (a, b, c, d, in[ 3], 3); + GG (d, a, b, c, in[ 7], 5); + GG (c, d, a, b, in[11], 9); + GG (b, c, d, a, in[15], 13); + + /* Round 3 */ + HH (a, b, c, d, in[ 0], 3); + HH (d, a, b, c, in[ 8], 9); + HH (c, d, a, b, in[ 4], 11); + HH (b, c, d, a, in[12], 15); + HH (a, b, c, d, in[ 2], 3); + HH (d, a, b, c, in[10], 9); + HH (c, d, a, b, in[ 6], 11); + HH (b, c, d, a, in[14], 15); + HH (a, b, c, d, in[ 1], 3); + HH (d, a, b, c, in[ 9], 9); + HH (c, d, a, b, in[ 5], 11); + HH (b, c, d, a, in[13], 15); + HH (a, b, c, d, in[ 3], 3); + HH (d, a, b, c, in[11], 9); + HH (c, d, a, b, in[ 7], 11); + HH (b, c, d, a, in[15], 15); #endif - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; + buf[0] += a; + buf[1] += b; + buf[2] += c; + buf[3] += d; } /* - ********************************************************************** - ** End of md4.c ** - ******************************* (cut) ******************************** - */ +********************************************************************** +** End of md4.c ** +******************************* (cut) ******************************** +*/ diff --git a/src/lib/crypto/builtin/md4/rsa-md4.h b/src/lib/crypto/builtin/md4/rsa-md4.h index 2f59220..408f2ef 100644 --- a/src/lib/crypto/builtin/md4/rsa-md4.h +++ b/src/lib/crypto/builtin/md4/rsa-md4.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/md4/rsa-md4.h * @@ -35,51 +36,51 @@ #endif /* unicos61 */ /* 16 u_char's in the digest */ -#define RSA_MD4_CKSUM_LENGTH 16 +#define RSA_MD4_CKSUM_LENGTH 16 /* des blocksize is 8, so this works nicely... */ -#define OLD_RSA_MD4_DES_CKSUM_LENGTH 16 -#define NEW_RSA_MD4_DES_CKSUM_LENGTH 24 -#define RSA_MD4_DES_CONFOUND_LENGTH 8 +#define OLD_RSA_MD4_DES_CKSUM_LENGTH 16 +#define NEW_RSA_MD4_DES_CKSUM_LENGTH 24 +#define RSA_MD4_DES_CONFOUND_LENGTH 8 /* - ********************************************************************** - ** md4.h -- Header file for implementation of MD4 ** - ** RSA Data Security, Inc. MD4 Message Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** - ********************************************************************** - */ +********************************************************************** +** md4.h -- Header file for implementation of MD4 ** +** RSA Data Security, Inc. MD4 Message Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** +********************************************************************** +*/ /* - ********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD4 Message ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD4 Message Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - ********************************************************************** - */ +********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD4 Message ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD4 Message Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +********************************************************************** +*/ /* Data structure for MD4 (Message Digest) computation */ typedef struct { - krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ - krb5_ui_4 buf[4]; /* scratch buffer */ - unsigned char in[64]; /* input buffer */ - unsigned char digest[16]; /* actual digest after MD4Final call */ + krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ + krb5_ui_4 buf[4]; /* scratch buffer */ + unsigned char in[64]; /* input buffer */ + unsigned char digest[16]; /* actual digest after MD4Final call */ } krb5_MD4_CTX; extern void krb5int_MD4Init(krb5_MD4_CTX *); @@ -87,8 +88,8 @@ extern void krb5int_MD4Update(krb5_MD4_CTX *, const unsigned char *, unsigned in extern void krb5int_MD4Final(krb5_MD4_CTX *); /* - ********************************************************************** - ** End of md4.h ** - ******************************* (cut) ******************************** - */ +********************************************************************** +** End of md4.h ** +******************************* (cut) ******************************** +*/ #endif /* __KRB5_RSA_MD4_H__ */ diff --git a/src/lib/crypto/builtin/md5/md5.c b/src/lib/crypto/builtin/md5/md5.c index 76f8fa2..7e06aa6 100644 --- a/src/lib/crypto/builtin/md5/md5.c +++ b/src/lib/crypto/builtin/md5/md5.c @@ -1,66 +1,67 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* - *********************************************************************** - ** md5.c -- the source code for MD5 routines ** - ** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 1/91 SRD,AJ,BSK,JT Reference C ver., 7/10 constant corr. ** - *********************************************************************** - */ +*********************************************************************** +** md5.c -- the source code for MD5 routines ** +** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 1/91 SRD,AJ,BSK,JT Reference C ver., 7/10 constant corr. ** +*********************************************************************** +*/ /* * Modified by John Carr, MIT, to use Kerberos 5 typedefs. */ /* - *********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD5 Message- ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - *********************************************************************** - */ +*********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD5 Message- ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +*********************************************************************** +*/ #include "k5-int.h" #include "rsa-md5.h" /* - *********************************************************************** - ** Message-digest routines: ** - ** To form the message digest for a message M ** - ** (1) Initialize a context buffer mdContext using krb5int_MD5Init ** - ** (2) Call krb5int_MD5Update on mdContext and M ** - ** (3) Call krb5int_MD5Final on mdContext ** - ** The message digest is now in mdContext->digest[0...15] ** - *********************************************************************** - */ +*********************************************************************** +** Message-digest routines: ** +** To form the message digest for a message M ** +** (1) Initialize a context buffer mdContext using krb5int_MD5Init ** +** (2) Call krb5int_MD5Update on mdContext and M ** +** (3) Call krb5int_MD5Final on mdContext ** +** The message digest is now in mdContext->digest[0...15] ** +*********************************************************************** +*/ /* forward declaration */ static void Transform (krb5_ui_4 *buf, krb5_ui_4 *in); static const unsigned char PADDING[64] = { - 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; /* F, G, H and I are basic MD5 functions */ @@ -74,270 +75,270 @@ static const unsigned char PADDING[64] = { /* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4 */ /* Rotation is separate from addition to prevent recomputation */ -#define FF(a, b, c, d, x, s, ac) \ - {(a) += F ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - (a) &= 0xffffffff; \ - } -#define GG(a, b, c, d, x, s, ac) \ - {(a) += G ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - (a) &= 0xffffffff; \ - } -#define HH(a, b, c, d, x, s, ac) \ - {(a) += H ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - (a) &= 0xffffffff; \ - } -#define II(a, b, c, d, x, s, ac) \ - {(a) += I ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ - (a) &= 0xffffffff; \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - (a) &= 0xffffffff; \ - } +#define FF(a, b, c, d, x, s, ac) \ + {(a) += F ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + (a) &= 0xffffffff; \ + } +#define GG(a, b, c, d, x, s, ac) \ + {(a) += G ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + (a) &= 0xffffffff; \ + } +#define HH(a, b, c, d, x, s, ac) \ + {(a) += H ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + (a) &= 0xffffffff; \ + } +#define II(a, b, c, d, x, s, ac) \ + {(a) += I ((b), (c), (d)) + (x) + (krb5_ui_4)(ac); \ + (a) &= 0xffffffff; \ + (a) = ROTATE_LEFT ((a), (s)); \ + (a) += (b); \ + (a) &= 0xffffffff; \ + } /* The routine krb5int_MD5Init initializes the message-digest context mdContext. All fields are set to zero. - */ +*/ void krb5int_MD5Init (krb5_MD5_CTX *mdContext) { - mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0; - - /* Load magic initialization constants. - */ - mdContext->buf[0] = 0x67452301UL; - mdContext->buf[1] = 0xefcdab89UL; - mdContext->buf[2] = 0x98badcfeUL; - mdContext->buf[3] = 0x10325476UL; + mdContext->i[0] = mdContext->i[1] = (krb5_ui_4)0; + + /* Load magic initialization constants. + */ + mdContext->buf[0] = 0x67452301UL; + mdContext->buf[1] = 0xefcdab89UL; + mdContext->buf[2] = 0x98badcfeUL; + mdContext->buf[3] = 0x10325476UL; } /* The routine krb5int_MD5Update updates the message-digest context to account for the presence of each of the characters inBuf[0..inLen-1] in the message whose digest is being computed. - */ +*/ void krb5int_MD5Update (krb5_MD5_CTX *mdContext, const unsigned char *inBuf, unsigned int inLen) { - krb5_ui_4 in[16]; - int mdi; - unsigned int i, ii; - - /* compute number of bytes mod 64 */ - mdi = (int)((mdContext->i[0] >> 3) & 0x3F); - - /* update number of bits */ - if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0]) - mdContext->i[1]++; - mdContext->i[0] += ((krb5_ui_4)inLen << 3); - mdContext->i[1] += ((krb5_ui_4)inLen >> 29); - - while (inLen--) { - /* add new character to buffer, increment mdi */ - mdContext->in[mdi++] = *inBuf++; - - /* transform if necessary */ - if (mdi == 0x40) { - for (i = 0, ii = 0; i < 16; i++, ii += 4) - in[i] = load_32_le(mdContext->in+ii); - Transform (mdContext->buf, in); - mdi = 0; + krb5_ui_4 in[16]; + int mdi; + unsigned int i, ii; + + /* compute number of bytes mod 64 */ + mdi = (int)((mdContext->i[0] >> 3) & 0x3F); + + /* update number of bits */ + if ((mdContext->i[0] + ((krb5_ui_4)inLen << 3)) < mdContext->i[0]) + mdContext->i[1]++; + mdContext->i[0] += ((krb5_ui_4)inLen << 3); + mdContext->i[1] += ((krb5_ui_4)inLen >> 29); + + while (inLen--) { + /* add new character to buffer, increment mdi */ + mdContext->in[mdi++] = *inBuf++; + + /* transform if necessary */ + if (mdi == 0x40) { + for (i = 0, ii = 0; i < 16; i++, ii += 4) + in[i] = load_32_le(mdContext->in+ii); + Transform (mdContext->buf, in); + mdi = 0; + } } - } } /* The routine krb5int_MD5Final terminates the message-digest computation and ends with the desired message digest in mdContext->digest[0...15]. - */ +*/ void krb5int_MD5Final (krb5_MD5_CTX *mdContext) { - krb5_ui_4 in[16]; - int mdi; - unsigned int i, ii; - unsigned int padLen; - - /* save number of bits */ - in[14] = mdContext->i[0]; - in[15] = mdContext->i[1]; - - /* compute number of bytes mod 64 */ - mdi = (int)((mdContext->i[0] >> 3) & 0x3F); - - /* pad out to 56 mod 64 */ - padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi); - krb5int_MD5Update (mdContext, PADDING, padLen); - - /* append length in bits and transform */ - for (i = 0, ii = 0; i < 14; i++, ii += 4) - in[i] = load_32_le(mdContext->in+ii); - Transform (mdContext->buf, in); - - /* store buffer in digest */ - for (i = 0, ii = 0; i < 4; i++, ii += 4) { - store_32_le(mdContext->buf[i], mdContext->digest+ii); - } + krb5_ui_4 in[16]; + int mdi; + unsigned int i, ii; + unsigned int padLen; + + /* save number of bits */ + in[14] = mdContext->i[0]; + in[15] = mdContext->i[1]; + + /* compute number of bytes mod 64 */ + mdi = (int)((mdContext->i[0] >> 3) & 0x3F); + + /* pad out to 56 mod 64 */ + padLen = (mdi < 56) ? (56 - mdi) : (120 - mdi); + krb5int_MD5Update (mdContext, PADDING, padLen); + + /* append length in bits and transform */ + for (i = 0, ii = 0; i < 14; i++, ii += 4) + in[i] = load_32_le(mdContext->in+ii); + Transform (mdContext->buf, in); + + /* store buffer in digest */ + for (i = 0, ii = 0; i < 4; i++, ii += 4) { + store_32_le(mdContext->buf[i], mdContext->digest+ii); + } } /* Basic MD5 step. Transforms buf based on in. */ static void Transform (krb5_ui_4 *buf, krb5_ui_4 *in) { - register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3]; + register krb5_ui_4 a = buf[0], b = buf[1], c = buf[2], d = buf[3]; #if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) - int i; + int i; #define ROTATE { krb5_ui_4 temp; temp = d, d = c, c = b, b = a, a = temp; } - for (i = 0; i < 16; i++) { - const unsigned char round1s[] = { 7, 12, 17, 22 }; - const krb5_ui_4 round1consts[] = { - 3614090360UL, 3905402710UL, 606105819UL, 3250441966UL, - 4118548399UL, 1200080426UL, 2821735955UL, 4249261313UL, - 1770035416UL, 2336552879UL, 4294925233UL, 2304563134UL, - 1804603682UL, 4254626195UL, 2792965006UL, 1236535329UL, - }; - FF (a, b, c, d, in[i], round1s[i%4], round1consts[i]); - ROTATE; - } - for (i = 0; i < 16; i++) { - const unsigned char round2s[] = { 5, 9, 14, 20 }; - const krb5_ui_4 round2consts[] = { - 4129170786UL, 3225465664UL, 643717713UL, 3921069994UL, - 3593408605UL, 38016083UL, 3634488961UL, 3889429448UL, - 568446438UL, 3275163606UL, 4107603335UL, 1163531501UL, - 2850285829UL, 4243563512UL, 1735328473UL, 2368359562UL, - }; - int r2index = (1 + i * 5) % 16; - GG (a, b, c, d, in[r2index], round2s[i%4], round2consts[i]); - ROTATE; - } - for (i = 0; i < 16; i++) { - static const unsigned char round3s[] = { 4, 11, 16, 23 }; - static const krb5_ui_4 round3consts[] = { - 4294588738UL, 2272392833UL, 1839030562UL, 4259657740UL, - 2763975236UL, 1272893353UL, 4139469664UL, 3200236656UL, - 681279174UL, 3936430074UL, 3572445317UL, 76029189UL, - 3654602809UL, 3873151461UL, 530742520UL, 3299628645UL, - }; - int r3index = (5 + i * 3) % 16; - HH (a, b, c, d, in[r3index], round3s[i%4], round3consts[i]); - ROTATE; - } - for (i = 0; i < 16; i++) { - static const unsigned char round4s[] = { 6, 10, 15, 21 }; - static const krb5_ui_4 round4consts[] = { - 4096336452UL, 1126891415UL, 2878612391UL, 4237533241UL, - 1700485571UL, 2399980690UL, 4293915773UL, 2240044497UL, - 1873313359UL, 4264355552UL, 2734768916UL, 1309151649UL, - 4149444226UL, 3174756917UL, 718787259UL, 3951481745UL, - }; - int r4index = (7 * i) % 16; - II (a, b, c, d, in[r4index], round4s[i%4], round4consts[i]); - ROTATE; - } + for (i = 0; i < 16; i++) { + const unsigned char round1s[] = { 7, 12, 17, 22 }; + const krb5_ui_4 round1consts[] = { + 3614090360UL, 3905402710UL, 606105819UL, 3250441966UL, + 4118548399UL, 1200080426UL, 2821735955UL, 4249261313UL, + 1770035416UL, 2336552879UL, 4294925233UL, 2304563134UL, + 1804603682UL, 4254626195UL, 2792965006UL, 1236535329UL, + }; + FF (a, b, c, d, in[i], round1s[i%4], round1consts[i]); + ROTATE; + } + for (i = 0; i < 16; i++) { + const unsigned char round2s[] = { 5, 9, 14, 20 }; + const krb5_ui_4 round2consts[] = { + 4129170786UL, 3225465664UL, 643717713UL, 3921069994UL, + 3593408605UL, 38016083UL, 3634488961UL, 3889429448UL, + 568446438UL, 3275163606UL, 4107603335UL, 1163531501UL, + 2850285829UL, 4243563512UL, 1735328473UL, 2368359562UL, + }; + int r2index = (1 + i * 5) % 16; + GG (a, b, c, d, in[r2index], round2s[i%4], round2consts[i]); + ROTATE; + } + for (i = 0; i < 16; i++) { + static const unsigned char round3s[] = { 4, 11, 16, 23 }; + static const krb5_ui_4 round3consts[] = { + 4294588738UL, 2272392833UL, 1839030562UL, 4259657740UL, + 2763975236UL, 1272893353UL, 4139469664UL, 3200236656UL, + 681279174UL, 3936430074UL, 3572445317UL, 76029189UL, + 3654602809UL, 3873151461UL, 530742520UL, 3299628645UL, + }; + int r3index = (5 + i * 3) % 16; + HH (a, b, c, d, in[r3index], round3s[i%4], round3consts[i]); + ROTATE; + } + for (i = 0; i < 16; i++) { + static const unsigned char round4s[] = { 6, 10, 15, 21 }; + static const krb5_ui_4 round4consts[] = { + 4096336452UL, 1126891415UL, 2878612391UL, 4237533241UL, + 1700485571UL, 2399980690UL, 4293915773UL, 2240044497UL, + 1873313359UL, 4264355552UL, 2734768916UL, 1309151649UL, + 4149444226UL, 3174756917UL, 718787259UL, 3951481745UL, + }; + int r4index = (7 * i) % 16; + II (a, b, c, d, in[r4index], round4s[i%4], round4consts[i]); + ROTATE; + } #else - /* Round 1 */ + /* Round 1 */ #define S11 7 #define S12 12 #define S13 17 #define S14 22 - FF ( a, b, c, d, in[ 0], S11, 3614090360UL); /* 1 */ - FF ( d, a, b, c, in[ 1], S12, 3905402710UL); /* 2 */ - FF ( c, d, a, b, in[ 2], S13, 606105819UL); /* 3 */ - FF ( b, c, d, a, in[ 3], S14, 3250441966UL); /* 4 */ - FF ( a, b, c, d, in[ 4], S11, 4118548399UL); /* 5 */ - FF ( d, a, b, c, in[ 5], S12, 1200080426UL); /* 6 */ - FF ( c, d, a, b, in[ 6], S13, 2821735955UL); /* 7 */ - FF ( b, c, d, a, in[ 7], S14, 4249261313UL); /* 8 */ - FF ( a, b, c, d, in[ 8], S11, 1770035416UL); /* 9 */ - FF ( d, a, b, c, in[ 9], S12, 2336552879UL); /* 10 */ - FF ( c, d, a, b, in[10], S13, 4294925233UL); /* 11 */ - FF ( b, c, d, a, in[11], S14, 2304563134UL); /* 12 */ - FF ( a, b, c, d, in[12], S11, 1804603682UL); /* 13 */ - FF ( d, a, b, c, in[13], S12, 4254626195UL); /* 14 */ - FF ( c, d, a, b, in[14], S13, 2792965006UL); /* 15 */ - FF ( b, c, d, a, in[15], S14, 1236535329UL); /* 16 */ - - /* Round 2 */ + FF ( a, b, c, d, in[ 0], S11, 3614090360UL); /* 1 */ + FF ( d, a, b, c, in[ 1], S12, 3905402710UL); /* 2 */ + FF ( c, d, a, b, in[ 2], S13, 606105819UL); /* 3 */ + FF ( b, c, d, a, in[ 3], S14, 3250441966UL); /* 4 */ + FF ( a, b, c, d, in[ 4], S11, 4118548399UL); /* 5 */ + FF ( d, a, b, c, in[ 5], S12, 1200080426UL); /* 6 */ + FF ( c, d, a, b, in[ 6], S13, 2821735955UL); /* 7 */ + FF ( b, c, d, a, in[ 7], S14, 4249261313UL); /* 8 */ + FF ( a, b, c, d, in[ 8], S11, 1770035416UL); /* 9 */ + FF ( d, a, b, c, in[ 9], S12, 2336552879UL); /* 10 */ + FF ( c, d, a, b, in[10], S13, 4294925233UL); /* 11 */ + FF ( b, c, d, a, in[11], S14, 2304563134UL); /* 12 */ + FF ( a, b, c, d, in[12], S11, 1804603682UL); /* 13 */ + FF ( d, a, b, c, in[13], S12, 4254626195UL); /* 14 */ + FF ( c, d, a, b, in[14], S13, 2792965006UL); /* 15 */ + FF ( b, c, d, a, in[15], S14, 1236535329UL); /* 16 */ + + /* Round 2 */ #define S21 5 #define S22 9 #define S23 14 #define S24 20 - GG ( a, b, c, d, in[ 1], S21, 4129170786UL); /* 17 */ - GG ( d, a, b, c, in[ 6], S22, 3225465664UL); /* 18 */ - GG ( c, d, a, b, in[11], S23, 643717713UL); /* 19 */ - GG ( b, c, d, a, in[ 0], S24, 3921069994UL); /* 20 */ - GG ( a, b, c, d, in[ 5], S21, 3593408605UL); /* 21 */ - GG ( d, a, b, c, in[10], S22, 38016083UL); /* 22 */ - GG ( c, d, a, b, in[15], S23, 3634488961UL); /* 23 */ - GG ( b, c, d, a, in[ 4], S24, 3889429448UL); /* 24 */ - GG ( a, b, c, d, in[ 9], S21, 568446438UL); /* 25 */ - GG ( d, a, b, c, in[14], S22, 3275163606UL); /* 26 */ - GG ( c, d, a, b, in[ 3], S23, 4107603335UL); /* 27 */ - GG ( b, c, d, a, in[ 8], S24, 1163531501UL); /* 28 */ - GG ( a, b, c, d, in[13], S21, 2850285829UL); /* 29 */ - GG ( d, a, b, c, in[ 2], S22, 4243563512UL); /* 30 */ - GG ( c, d, a, b, in[ 7], S23, 1735328473UL); /* 31 */ - GG ( b, c, d, a, in[12], S24, 2368359562UL); /* 32 */ - - /* Round 3 */ + GG ( a, b, c, d, in[ 1], S21, 4129170786UL); /* 17 */ + GG ( d, a, b, c, in[ 6], S22, 3225465664UL); /* 18 */ + GG ( c, d, a, b, in[11], S23, 643717713UL); /* 19 */ + GG ( b, c, d, a, in[ 0], S24, 3921069994UL); /* 20 */ + GG ( a, b, c, d, in[ 5], S21, 3593408605UL); /* 21 */ + GG ( d, a, b, c, in[10], S22, 38016083UL); /* 22 */ + GG ( c, d, a, b, in[15], S23, 3634488961UL); /* 23 */ + GG ( b, c, d, a, in[ 4], S24, 3889429448UL); /* 24 */ + GG ( a, b, c, d, in[ 9], S21, 568446438UL); /* 25 */ + GG ( d, a, b, c, in[14], S22, 3275163606UL); /* 26 */ + GG ( c, d, a, b, in[ 3], S23, 4107603335UL); /* 27 */ + GG ( b, c, d, a, in[ 8], S24, 1163531501UL); /* 28 */ + GG ( a, b, c, d, in[13], S21, 2850285829UL); /* 29 */ + GG ( d, a, b, c, in[ 2], S22, 4243563512UL); /* 30 */ + GG ( c, d, a, b, in[ 7], S23, 1735328473UL); /* 31 */ + GG ( b, c, d, a, in[12], S24, 2368359562UL); /* 32 */ + + /* Round 3 */ #define S31 4 #define S32 11 #define S33 16 #define S34 23 - HH ( a, b, c, d, in[ 5], S31, 4294588738UL); /* 33 */ - HH ( d, a, b, c, in[ 8], S32, 2272392833UL); /* 34 */ - HH ( c, d, a, b, in[11], S33, 1839030562UL); /* 35 */ - HH ( b, c, d, a, in[14], S34, 4259657740UL); /* 36 */ - HH ( a, b, c, d, in[ 1], S31, 2763975236UL); /* 37 */ - HH ( d, a, b, c, in[ 4], S32, 1272893353UL); /* 38 */ - HH ( c, d, a, b, in[ 7], S33, 4139469664UL); /* 39 */ - HH ( b, c, d, a, in[10], S34, 3200236656UL); /* 40 */ - HH ( a, b, c, d, in[13], S31, 681279174UL); /* 41 */ - HH ( d, a, b, c, in[ 0], S32, 3936430074UL); /* 42 */ - HH ( c, d, a, b, in[ 3], S33, 3572445317UL); /* 43 */ - HH ( b, c, d, a, in[ 6], S34, 76029189UL); /* 44 */ - HH ( a, b, c, d, in[ 9], S31, 3654602809UL); /* 45 */ - HH ( d, a, b, c, in[12], S32, 3873151461UL); /* 46 */ - HH ( c, d, a, b, in[15], S33, 530742520UL); /* 47 */ - HH ( b, c, d, a, in[ 2], S34, 3299628645UL); /* 48 */ - - /* Round 4 */ + HH ( a, b, c, d, in[ 5], S31, 4294588738UL); /* 33 */ + HH ( d, a, b, c, in[ 8], S32, 2272392833UL); /* 34 */ + HH ( c, d, a, b, in[11], S33, 1839030562UL); /* 35 */ + HH ( b, c, d, a, in[14], S34, 4259657740UL); /* 36 */ + HH ( a, b, c, d, in[ 1], S31, 2763975236UL); /* 37 */ + HH ( d, a, b, c, in[ 4], S32, 1272893353UL); /* 38 */ + HH ( c, d, a, b, in[ 7], S33, 4139469664UL); /* 39 */ + HH ( b, c, d, a, in[10], S34, 3200236656UL); /* 40 */ + HH ( a, b, c, d, in[13], S31, 681279174UL); /* 41 */ + HH ( d, a, b, c, in[ 0], S32, 3936430074UL); /* 42 */ + HH ( c, d, a, b, in[ 3], S33, 3572445317UL); /* 43 */ + HH ( b, c, d, a, in[ 6], S34, 76029189UL); /* 44 */ + HH ( a, b, c, d, in[ 9], S31, 3654602809UL); /* 45 */ + HH ( d, a, b, c, in[12], S32, 3873151461UL); /* 46 */ + HH ( c, d, a, b, in[15], S33, 530742520UL); /* 47 */ + HH ( b, c, d, a, in[ 2], S34, 3299628645UL); /* 48 */ + + /* Round 4 */ #define S41 6 #define S42 10 #define S43 15 #define S44 21 - II ( a, b, c, d, in[ 0], S41, 4096336452UL); /* 49 */ - II ( d, a, b, c, in[ 7], S42, 1126891415UL); /* 50 */ - II ( c, d, a, b, in[14], S43, 2878612391UL); /* 51 */ - II ( b, c, d, a, in[ 5], S44, 4237533241UL); /* 52 */ - II ( a, b, c, d, in[12], S41, 1700485571UL); /* 53 */ - II ( d, a, b, c, in[ 3], S42, 2399980690UL); /* 54 */ - II ( c, d, a, b, in[10], S43, 4293915773UL); /* 55 */ - II ( b, c, d, a, in[ 1], S44, 2240044497UL); /* 56 */ - II ( a, b, c, d, in[ 8], S41, 1873313359UL); /* 57 */ - II ( d, a, b, c, in[15], S42, 4264355552UL); /* 58 */ - II ( c, d, a, b, in[ 6], S43, 2734768916UL); /* 59 */ - II ( b, c, d, a, in[13], S44, 1309151649UL); /* 60 */ - II ( a, b, c, d, in[ 4], S41, 4149444226UL); /* 61 */ - II ( d, a, b, c, in[11], S42, 3174756917UL); /* 62 */ - II ( c, d, a, b, in[ 2], S43, 718787259UL); /* 63 */ - II ( b, c, d, a, in[ 9], S44, 3951481745UL); /* 64 */ + II ( a, b, c, d, in[ 0], S41, 4096336452UL); /* 49 */ + II ( d, a, b, c, in[ 7], S42, 1126891415UL); /* 50 */ + II ( c, d, a, b, in[14], S43, 2878612391UL); /* 51 */ + II ( b, c, d, a, in[ 5], S44, 4237533241UL); /* 52 */ + II ( a, b, c, d, in[12], S41, 1700485571UL); /* 53 */ + II ( d, a, b, c, in[ 3], S42, 2399980690UL); /* 54 */ + II ( c, d, a, b, in[10], S43, 4293915773UL); /* 55 */ + II ( b, c, d, a, in[ 1], S44, 2240044497UL); /* 56 */ + II ( a, b, c, d, in[ 8], S41, 1873313359UL); /* 57 */ + II ( d, a, b, c, in[15], S42, 4264355552UL); /* 58 */ + II ( c, d, a, b, in[ 6], S43, 2734768916UL); /* 59 */ + II ( b, c, d, a, in[13], S44, 1309151649UL); /* 60 */ + II ( a, b, c, d, in[ 4], S41, 4149444226UL); /* 61 */ + II ( d, a, b, c, in[11], S42, 3174756917UL); /* 62 */ + II ( c, d, a, b, in[ 2], S43, 718787259UL); /* 63 */ + II ( b, c, d, a, in[ 9], S44, 3951481745UL); /* 64 */ #endif /* small? */ - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; + buf[0] += a; + buf[1] += b; + buf[2] += c; + buf[3] += d; } diff --git a/src/lib/crypto/builtin/md5/rsa-md5.h b/src/lib/crypto/builtin/md5/rsa-md5.h index 938b22d..11a4fc3 100644 --- a/src/lib/crypto/builtin/md5/rsa-md5.h +++ b/src/lib/crypto/builtin/md5/rsa-md5.h @@ -1,60 +1,61 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* - *********************************************************************** - ** md5.h -- header file for implementation of MD5 ** - ** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** - ** Created: 2/17/90 RLR ** - ** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** - ** Revised (for MD5): RLR 4/27/91 ** - ** -- G modified to have y&~z instead of y&z ** - ** -- FF, GG, HH modified to add in last register done ** - ** -- Access pattern: round 2 works mod 5, round 3 works mod 3 ** - ** -- distinct additive constant for each step ** - ** -- round 4 added, working mod 7 ** - *********************************************************************** - */ +*********************************************************************** +** md5.h -- header file for implementation of MD5 ** +** RSA Data Security, Inc. MD5 Message-Digest Algorithm ** +** Created: 2/17/90 RLR ** +** Revised: 12/27/90 SRD,AJ,BSK,JT Reference C version ** +** Revised (for MD5): RLR 4/27/91 ** +** -- G modified to have y&~z instead of y&z ** +** -- FF, GG, HH modified to add in last register done ** +** -- Access pattern: round 2 works mod 5, round 3 works mod 3 ** +** -- distinct additive constant for each step ** +** -- round 4 added, working mod 7 ** +*********************************************************************** +*/ /* - *********************************************************************** - ** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** - ** ** - ** License to copy and use this software is granted provided that ** - ** it is identified as the "RSA Data Security, Inc. MD5 Message- ** - ** Digest Algorithm" in all material mentioning or referencing this ** - ** software or this function. ** - ** ** - ** License is also granted to make and use derivative works ** - ** provided that such works are identified as "derived from the RSA ** - ** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** - ** material mentioning or referencing the derived work. ** - ** ** - ** RSA Data Security, Inc. makes no representations concerning ** - ** either the merchantability of this software or the suitability ** - ** of this software for any particular purpose. It is provided "as ** - ** is" without express or implied warranty of any kind. ** - ** ** - ** These notices must be retained in any copies of any part of this ** - ** documentation and/or software. ** - *********************************************************************** - */ +*********************************************************************** +** Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. ** +** ** +** License to copy and use this software is granted provided that ** +** it is identified as the "RSA Data Security, Inc. MD5 Message- ** +** Digest Algorithm" in all material mentioning or referencing this ** +** software or this function. ** +** ** +** License is also granted to make and use derivative works ** +** provided that such works are identified as "derived from the RSA ** +** Data Security, Inc. MD5 Message-Digest Algorithm" in all ** +** material mentioning or referencing the derived work. ** +** ** +** RSA Data Security, Inc. makes no representations concerning ** +** either the merchantability of this software or the suitability ** +** of this software for any particular purpose. It is provided "as ** +** is" without express or implied warranty of any kind. ** +** ** +** These notices must be retained in any copies of any part of this ** +** documentation and/or software. ** +*********************************************************************** +*/ -#ifndef KRB5_RSA_MD5__ -#define KRB5_RSA_MD5__ +#ifndef KRB5_RSA_MD5__ +#define KRB5_RSA_MD5__ /* Data structure for MD5 (Message-Digest) computation */ typedef struct { - krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ - krb5_ui_4 buf[4]; /* scratch buffer */ - unsigned char in[64]; /* input buffer */ - unsigned char digest[16]; /* actual digest after MD5Final call */ + krb5_ui_4 i[2]; /* number of _bits_ handled mod 2^64 */ + krb5_ui_4 buf[4]; /* scratch buffer */ + unsigned char in[64]; /* input buffer */ + unsigned char digest[16]; /* actual digest after MD5Final call */ } krb5_MD5_CTX; extern void krb5int_MD5Init(krb5_MD5_CTX *); extern void krb5int_MD5Update(krb5_MD5_CTX *,const unsigned char *,unsigned int); extern void krb5int_MD5Final(krb5_MD5_CTX *); -#define RSA_MD5_CKSUM_LENGTH 16 -#define OLD_RSA_MD5_DES_CKSUM_LENGTH 16 -#define NEW_RSA_MD5_DES_CKSUM_LENGTH 24 -#define RSA_MD5_DES_CONFOUND_LENGTH 8 +#define RSA_MD5_CKSUM_LENGTH 16 +#define OLD_RSA_MD5_DES_CKSUM_LENGTH 16 +#define NEW_RSA_MD5_DES_CKSUM_LENGTH 24 +#define RSA_MD5_DES_CONFOUND_LENGTH 8 #endif /* KRB5_RSA_MD5__ */ diff --git a/src/lib/crypto/builtin/pbkdf2.c b/src/lib/crypto/builtin/pbkdf2.c index 7b45fe8..6c954d3 100644 --- a/src/lib/crypto/builtin/pbkdf2.c +++ b/src/lib/crypto/builtin/pbkdf2.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/pbkdf2.c * @@ -48,13 +49,13 @@ */ typedef krb5_error_code (*prf_func)(krb5_key pass, krb5_data *salt, - krb5_data *out); + krb5_data *out); /* Not exported, for now. */ static krb5_error_code krb5int_pbkdf2 (prf_func prf, size_t hlen, krb5_key pass, - const krb5_data *salt, unsigned long count, - const krb5_data *output); + const krb5_data *salt, unsigned long count, + const krb5_data *output); static int debug_hmac = 0; @@ -65,16 +66,16 @@ static void printd (const char *descr, krb5_data *d) { printf("%s:", descr); for (i = 0; i < d->length; i += r) { - printf("\n %04x: ", i); - for (j = i; j < i + r && j < d->length; j++) - printf(" %02x", 0xff & d->data[j]); - for (; j < i + r; j++) - printf(" "); - printf(" "); - for (j = i; j < i + r && j < d->length; j++) { - int c = 0xff & d->data[j]; - printf("%c", isprint(c) ? c : '.'); - } + printf("\n %04x: ", i); + for (j = i; j < i + r && j < d->length; j++) + printf(" %02x", 0xff & d->data[j]); + for (; j < i + r; j++) + printf(" "); + printf(" "); + for (j = i; j < i + r && j < d->length; j++) { + int c = 0xff & d->data[j]; + printf("%c", isprint(c) ? c : '.'); + } } printf("\n"); } @@ -92,7 +93,7 @@ F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen, #if 0 printf("F(i=%d, count=%lu, pass=%d:%s)\n", i, count, - pass->length, pass->data); + pass->length, pass->data); #endif /* Compute U_1. */ @@ -117,7 +118,7 @@ F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen, #endif err = (*prf)(pass, &sdata, &out); if (err) - return err; + return err; #if 0 printd("F: prf return value", &out); #endif @@ -127,23 +128,23 @@ F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen, sdata.length = hlen; for (j = 2; j <= count; j++) { #if 0 - printf("F: computing hmac #%d (U_%d)\n", j, j); + printf("F: computing hmac #%d (U_%d)\n", j, j); #endif - memcpy(u_tmp2, u_tmp1, hlen); - err = (*prf)(pass, &sdata, &out); - if (err) - return err; + memcpy(u_tmp2, u_tmp1, hlen); + err = (*prf)(pass, &sdata, &out); + if (err) + return err; #if 0 - printd("F: prf return value", &out); + printd("F: prf return value", &out); #endif - /* And xor them together. */ - for (k = 0; k < hlen; k++) - output[k] ^= u_tmp1[k]; + /* And xor them together. */ + for (k = 0; k < hlen; k++) + output[k] ^= u_tmp1[k]; #if 0 - printf("F: xor result:\n"); - for (k = 0; k < hlen; k++) - printf(" %02x", 0xff & output[k]); - printf("\n"); + printf("F: xor result:\n"); + for (k = 0; k < hlen; k++) + printf(" %02x", 0xff & output[k]); + printf("\n"); #endif } return 0; @@ -151,58 +152,58 @@ F(char *output, char *u_tmp1, char *u_tmp2, prf_func prf, size_t hlen, static krb5_error_code krb5int_pbkdf2 (prf_func prf, size_t hlen, krb5_key pass, - const krb5_data *salt, unsigned long count, - const krb5_data *output) + const krb5_data *salt, unsigned long count, + const krb5_data *output) { int l, r, i; char *utmp1, *utmp2; - char utmp3[20]; /* XXX length shouldn't be hardcoded! */ + char utmp3[20]; /* XXX length shouldn't be hardcoded! */ if (output->length == 0 || hlen == 0) - abort(); + abort(); /* Step 1 & 2. */ if (output->length / hlen > 0xffffffff) - abort(); + abort(); /* Step 2. */ l = (output->length + hlen - 1) / hlen; r = output->length - (l - 1) * hlen; utmp1 = /*output + dklen; */ malloc(hlen); if (utmp1 == NULL) - return ENOMEM; + return ENOMEM; utmp2 = /*utmp1 + hlen; */ malloc(salt->length + 4 + hlen); if (utmp2 == NULL) { - free(utmp1); - return ENOMEM; + free(utmp1); + return ENOMEM; } /* Step 3. */ for (i = 1; i <= l; i++) { #if 0 - int j; + int j; #endif - krb5_error_code err; - char *out; + krb5_error_code err; + char *out; - if (i == l) - out = utmp3; - else - out = output->data + (i-1) * hlen; - err = F(out, utmp1, utmp2, prf, hlen, pass, salt, count, i); - if (err) { - free(utmp1); - free(utmp2); - return err; - } - if (i == l) - memcpy(output->data + (i-1) * hlen, utmp3, - output->length - (i-1) * hlen); + if (i == l) + out = utmp3; + else + out = output->data + (i-1) * hlen; + err = F(out, utmp1, utmp2, prf, hlen, pass, salt, count, i); + if (err) { + free(utmp1); + free(utmp2); + return err; + } + if (i == l) + memcpy(output->data + (i-1) * hlen, utmp3, + output->length - (i-1) * hlen); #if 0 - printf("after F(%d), @%p:\n", i, output->data); - for (j = (i-1) * hlen; j < i * hlen; j++) - printf(" %02x", 0xff & output->data[j]); - printf ("\n"); + printf("after F(%d), @%p:\n", i, output->data); + for (j = (i-1) * hlen; j < i * hlen; j++) + printf(" %02x", 0xff & output->data[j]); + printf ("\n"); #endif } free(utmp1); @@ -222,16 +223,16 @@ hmac_sha1(krb5_key pass, krb5_data *salt, krb5_data *out) krb5_error_code err; if (debug_hmac) - printd(" hmac input", salt); + printd(" hmac input", salt); err = krb5int_hmac(h, pass, 1, salt, out); if (err == 0 && debug_hmac) - printd(" hmac output", out); + printd(" hmac output", out); return err; } krb5_error_code krb5int_pbkdf2_hmac_sha1 (const krb5_data *out, unsigned long count, - const krb5_data *pass, const krb5_data *salt) + const krb5_data *pass, const krb5_data *salt) { const struct krb5_hash_provider *h = &krb5int_hash_sha1; krb5_keyblock keyblock; @@ -242,21 +243,21 @@ krb5int_pbkdf2_hmac_sha1 (const krb5_data *out, unsigned long count, assert(h->hashsize <= sizeof(tmp)); if (pass->length > h->blocksize) { - d.data = tmp; - d.length = h->hashsize; - err = h->hash (1, pass, &d); - if (err) - return err; - keyblock.length = d.length; - keyblock.contents = (krb5_octet *) d.data; + d.data = tmp; + d.length = h->hashsize; + err = h->hash (1, pass, &d); + if (err) + return err; + keyblock.length = d.length; + keyblock.contents = (krb5_octet *) d.data; } else { - keyblock.length = pass->length; - keyblock.contents = (krb5_octet *) pass->data; + keyblock.length = pass->length; + keyblock.contents = (krb5_octet *) pass->data; } err = krb5_k_create_key(NULL, &keyblock, &key); if (err) - return err; + return err; err = krb5int_pbkdf2(hmac_sha1, 20, key, salt, count, out); krb5_k_free_key(NULL, key); diff --git a/src/lib/crypto/builtin/sha1/shs.c b/src/lib/crypto/builtin/sha1/shs.c index d9372df..f28a4fc 100644 --- a/src/lib/crypto/builtin/sha1/shs.c +++ b/src/lib/crypto/builtin/sha1/shs.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include "shs.h" #ifdef HAVE_SYS_TYPES_H #include <sys/types.h> @@ -39,7 +40,7 @@ 80-word expanded input array W, where the first 16 are copies of the input data, and the remaining 64 are defined by - W[ i ] = W[ i - 16 ] ^ W[ i - 14 ] ^ W[ i - 8 ] ^ W[ i - 3 ] + W[ i ] = W[ i - 16 ] ^ W[ i - 14 ] ^ W[ i - 8 ] ^ W[ i - 3 ] This implementation generates these values on the fly in a circular buffer - thanks to Colin Plumb, colin@nyx10.cs.du.edu for this @@ -51,27 +52,27 @@ #ifdef NEW_SHS #define expand(W,i) ( W[ i & 15 ] = ROTL( 1, ( W[ i & 15 ] ^ W[ (i - 14) & 15 ] ^ \ - W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ))) + W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ))) #else -#define expand(W,i) ( W[ i & 15 ] ^= W[ (i - 14) & 15 ] ^ \ - W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ) +#define expand(W,i) ( W[ i & 15 ] ^= W[ (i - 14) & 15 ] ^ \ + W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ) #endif /* NEW_SHS */ /* The prototype SHS sub-round. The fundamental sub-round is: - a' = e + ROTL( 5, a ) + f( b, c, d ) + k + data; - b' = a; - c' = ROTL( 30, b ); - d' = c; - e' = d; + a' = e + ROTL( 5, a ) + f( b, c, d ) + k + data; + b' = a; + c' = ROTL( 30, b ); + d' = c; + e' = d; but this is implemented by unrolling the loop 5 times and renaming the variables ( e, a, b, c, d ) = ( a', b', c', d', e' ) each iteration. This code is then replicated 20 times for each of the 4 functions, using the next 20 values from the W[] array each time */ -#define subRound(a, b, c, d, e, f, k, data) \ - ( e += ROTL( 5, a ) + f( b, c, d ) + k + data, \ +#define subRound(a, b, c, d, e, f, k, data) \ + ( e += ROTL( 5, a ) + f( b, c, d ) + k + data, \ e &= 0xffffffff, b = ROTL( 30, b ) ) /* Initialize the SHS values */ @@ -115,25 +116,25 @@ void SHSTransform(SHS_LONG *digest, const SHS_LONG *data) #if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) { - int i; - SHS_LONG temp; - for (i = 0; i < 20; i++) { - SHS_LONG x = (i < 16) ? eData[i] : expand(eData, i); - subRound(A, B, C, D, E, f1, K1, x); - temp = E, E = D, D = C, C = B, B = A, A = temp; - } - for (i = 20; i < 40; i++) { - subRound(A, B, C, D, E, f2, K2, expand(eData, i)); - temp = E, E = D, D = C, C = B, B = A, A = temp; - } - for (i = 40; i < 60; i++) { - subRound(A, B, C, D, E, f3, K3, expand(eData, i)); - temp = E, E = D, D = C, C = B, B = A, A = temp; - } - for (i = 60; i < 80; i++) { - subRound(A, B, C, D, E, f4, K4, expand(eData, i)); - temp = E, E = D, D = C, C = B, B = A, A = temp; - } + int i; + SHS_LONG temp; + for (i = 0; i < 20; i++) { + SHS_LONG x = (i < 16) ? eData[i] : expand(eData, i); + subRound(A, B, C, D, E, f1, K1, x); + temp = E, E = D, D = C, C = B, B = A, A = temp; + } + for (i = 20; i < 40; i++) { + subRound(A, B, C, D, E, f2, K2, expand(eData, i)); + temp = E, E = D, D = C, C = B, B = A, A = temp; + } + for (i = 40; i < 60; i++) { + subRound(A, B, C, D, E, f3, K3, expand(eData, i)); + temp = E, E = D, D = C, C = B, B = A, A = temp; + } + for (i = 60; i < 80; i++) { + subRound(A, B, C, D, E, f4, K4, expand(eData, i)); + temp = E, E = D, D = C, C = B, B = A, A = temp; + } } #else @@ -251,7 +252,7 @@ void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count) tmp = shsInfo->countLo; shsInfo->countLo = tmp + (((SHS_LONG) count) << 3 ); if ((shsInfo->countLo &= 0xffffffff) < tmp) - shsInfo->countHi++; /* Carry from low to high */ + shsInfo->countHi++; /* Carry from low to high */ shsInfo->countHi += count >> 29; /* Get count of bytes already in data */ @@ -259,72 +260,72 @@ void shsUpdate(SHS_INFO *shsInfo, const SHS_BYTE *buffer, unsigned int count) /* Handle any leading odd-sized chunks */ if (dataCount) { - lp = shsInfo->data + dataCount / 4; - dataCount = SHS_DATASIZE - dataCount; - canfill = (count >= dataCount); - - if (dataCount % 4) { - /* Fill out a full 32 bit word first if needed -- this - is not very efficient (computed shift amount), - but it shouldn't happen often. */ - while (dataCount % 4 && count > 0) { - *lp |= (SHS_LONG) *buffer++ << ((--dataCount % 4) * 8); - count--; - } - lp++; - } - while (lp < shsInfo->data + 16) { - if (count < 4) { - *lp = 0; - switch (count % 4) { - case 3: - *lp |= (SHS_LONG) buffer[2] << 8; - case 2: - *lp |= (SHS_LONG) buffer[1] << 16; - case 1: - *lp |= (SHS_LONG) buffer[0] << 24; - } - count = 0; - break; /* out of while loop */ - } - *lp++ = load_32_be(buffer); - buffer += 4; - count -= 4; - } - if (canfill) { - SHSTransform(shsInfo->digest, shsInfo->data); - } + lp = shsInfo->data + dataCount / 4; + dataCount = SHS_DATASIZE - dataCount; + canfill = (count >= dataCount); + + if (dataCount % 4) { + /* Fill out a full 32 bit word first if needed -- this + is not very efficient (computed shift amount), + but it shouldn't happen often. */ + while (dataCount % 4 && count > 0) { + *lp |= (SHS_LONG) *buffer++ << ((--dataCount % 4) * 8); + count--; + } + lp++; + } + while (lp < shsInfo->data + 16) { + if (count < 4) { + *lp = 0; + switch (count % 4) { + case 3: + *lp |= (SHS_LONG) buffer[2] << 8; + case 2: + *lp |= (SHS_LONG) buffer[1] << 16; + case 1: + *lp |= (SHS_LONG) buffer[0] << 24; + } + count = 0; + break; /* out of while loop */ + } + *lp++ = load_32_be(buffer); + buffer += 4; + count -= 4; + } + if (canfill) { + SHSTransform(shsInfo->digest, shsInfo->data); + } } /* Process data in SHS_DATASIZE chunks */ while (count >= SHS_DATASIZE) { - lp = shsInfo->data; - while (lp < shsInfo->data + 16) { - *lp++ = load_32_be(buffer); - buffer += 4; - } - SHSTransform(shsInfo->digest, shsInfo->data); - count -= SHS_DATASIZE; + lp = shsInfo->data; + while (lp < shsInfo->data + 16) { + *lp++ = load_32_be(buffer); + buffer += 4; + } + SHSTransform(shsInfo->digest, shsInfo->data); + count -= SHS_DATASIZE; } if (count > 0) { - lp = shsInfo->data; - while (count > 4) { - *lp++ = load_32_be(buffer); - buffer += 4; - count -= 4; - } - *lp = 0; - switch (count % 4) { - case 0: - *lp |= ((SHS_LONG) buffer[3]); - case 3: - *lp |= ((SHS_LONG) buffer[2]) << 8; - case 2: - *lp |= ((SHS_LONG) buffer[1]) << 16; - case 1: - *lp |= ((SHS_LONG) buffer[0]) << 24; - } + lp = shsInfo->data; + while (count > 4) { + *lp++ = load_32_be(buffer); + buffer += 4; + count -= 4; + } + *lp = 0; + switch (count % 4) { + case 0: + *lp |= ((SHS_LONG) buffer[3]); + case 3: + *lp |= ((SHS_LONG) buffer[2]) << 8; + case 2: + *lp |= ((SHS_LONG) buffer[1]) << 16; + case 1: + *lp |= ((SHS_LONG) buffer[0]) << 24; + } } } @@ -345,16 +346,16 @@ void shsFinal(SHS_INFO *shsInfo) lp = shsInfo->data + count / 4; switch (count % 4) { case 3: - *lp++ |= (SHS_LONG) 0x80; - break; + *lp++ |= (SHS_LONG) 0x80; + break; case 2: - *lp++ |= (SHS_LONG) 0x80 << 8; - break; + *lp++ |= (SHS_LONG) 0x80 << 8; + break; case 1: - *lp++ |= (SHS_LONG) 0x80 << 16; - break; + *lp++ |= (SHS_LONG) 0x80 << 16; + break; case 0: - *lp++ = (SHS_LONG) 0x80 << 24; + *lp++ = (SHS_LONG) 0x80 << 24; } /* at this point, lp can point *past* shsInfo->data. If it points @@ -363,16 +364,16 @@ void shsFinal(SHS_INFO *shsInfo) enough room for length words */ if (lp == shsInfo->data + 15) - *lp++ = 0; + *lp++ = 0; if (lp == shsInfo->data + 16) { - SHSTransform(shsInfo->digest, shsInfo->data); - lp = shsInfo->data; + SHSTransform(shsInfo->digest, shsInfo->data); + lp = shsInfo->data; } /* Pad out to 56 bytes */ while (lp < shsInfo->data + 14) - *lp++ = 0; + *lp++ = 0; /* Append length in bits and transform */ *lp++ = shsInfo->countHi; diff --git a/src/lib/crypto/builtin/sha1/shs.h b/src/lib/crypto/builtin/sha1/shs.h index 6dcb41b..e1872f2 100644 --- a/src/lib/crypto/builtin/sha1/shs.h +++ b/src/lib/crypto/builtin/sha1/shs.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef _SHS_DEFINED #include "k5-int.h" @@ -6,8 +7,8 @@ /* Some useful types */ -typedef krb5_octet SHS_BYTE; -typedef krb5_ui_4 SHS_LONG; +typedef krb5_octet SHS_BYTE; +typedef krb5_ui_4 SHS_LONG; /* Define the following to use the updated SHS implementation */ #define NEW_SHS /**/ @@ -20,10 +21,10 @@ typedef krb5_ui_4 SHS_LONG; /* The structure for storing SHS info */ typedef struct { - SHS_LONG digest[ 5 ]; /* Message digest */ - SHS_LONG countLo, countHi; /* 64-bit bit count */ - SHS_LONG data[ 16 ]; /* SHS data buffer */ - } SHS_INFO; + SHS_LONG digest[ 5 ]; /* Message digest */ + SHS_LONG countLo, countHi; /* 64-bit bit count */ + SHS_LONG data[ 16 ]; /* SHS data buffer */ +} SHS_INFO; /* Message digest functions (shs.c) */ void shsInit(SHS_INFO *shsInfo); @@ -33,13 +34,13 @@ void shsFinal(SHS_INFO *shsInfo); /* Keyed Message digest functions (hmac_sha.c) */ krb5_error_code hmac_sha(krb5_octet *text, - int text_len, - krb5_octet *key, - int key_len, - krb5_octet *digest); + int text_len, + krb5_octet *key, + int key_len, + krb5_octet *digest); -#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE -#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE +#define NIST_SHA_CKSUM_LENGTH SHS_DIGESTSIZE +#define HMAC_SHA_CKSUM_LENGTH SHS_DIGESTSIZE #endif /* _SHS_DEFINED */ diff --git a/src/lib/crypto/builtin/sha1/t_shs.c b/src/lib/crypto/builtin/sha1/t_shs.c index adcb092..08157b6 100644 --- a/src/lib/crypto/builtin/sha1/t_shs.c +++ b/src/lib/crypto/builtin/sha1/t_shs.c @@ -1,8 +1,9 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /**************************************************************************** -* * -* SHS Test Code * -* * -****************************************************************************/ + * * + * SHS Test Code * + * * + ****************************************************************************/ #include <stdio.h> #include <stdlib.h> @@ -17,7 +18,7 @@ static SHS_LONG shsTestResults[][ 5 ] = { { 0xA9993E36L, 0x4706816AL, 0xBA3E2571L, 0x7850C26CL, 0x9CD0D89DL, }, { 0x84983E44L, 0x1C3BD26EL, 0xBAAE4AA1L, 0xF95129E5L, 0xE54670F1L, }, { 0x34AA973CL, 0xD4C4DAA4L, 0xF61EEB2BL, 0xDBAD2731L, 0x6534016FL, } - }; +}; #else @@ -25,30 +26,30 @@ static SHS_LONG shsTestResults[][ 5 ] = { { 0x0164B8A9L, 0x14CD2A5EL, 0x74C4F7FFL, 0x082C4D97L, 0xF1EDF880L }, { 0xD2516EE1L, 0xACFA5BAFL, 0x33DFC1C4L, 0x71E43844L, 0x9EF134C8L }, { 0x3232AFFAL, 0x48628A26L, 0x653B5AAAL, 0x44541FD9L, 0x0D690603L } - }; +}; #endif /* NEW_SHS */ static int compareSHSresults(shsInfo, shsTestLevel) -SHS_INFO *shsInfo; -int shsTestLevel; + SHS_INFO *shsInfo; + int shsTestLevel; { int i, fail = 0; /* Compare the returned digest and required values */ for( i = 0; i < 5; i++ ) if( shsInfo->digest[ i ] != shsTestResults[ shsTestLevel ][ i ] ) - fail = 1; + fail = 1; if (fail) { - printf("\nExpected: "); - for (i = 0; i < 5; i++) { - printf("%8.8lx ", (unsigned long) shsTestResults[shsTestLevel][i]); - } - printf("\nGot: "); - for (i = 0; i < 5; i++) { - printf("%8.8lx ", (unsigned long) shsInfo->digest[i]); - } - printf("\n"); - return( -1 ); + printf("\nExpected: "); + for (i = 0; i < 5; i++) { + printf("%8.8lx ", (unsigned long) shsTestResults[shsTestLevel][i]); + } + printf("\nGot: "); + for (i = 0; i < 5; i++) { + printf("%8.8lx ", (unsigned long) shsInfo->digest[i]); + } + printf("\n"); + return( -1 ); } return( 0 ); } @@ -75,11 +76,11 @@ main() shsUpdate( &shsInfo, ( SHS_BYTE * ) "abc", 3 ); shsFinal( &shsInfo ); if( compareSHSresults( &shsInfo, 0 ) == -1 ) - { + { putchar( '\n' ); puts( "SHS test 1 failed" ); exit( -1 ); - } + } #ifdef NEW_SHS puts( "passed, result= A9993E364706816ABA3E25717850C26C9CD0D89D" ); #else @@ -91,11 +92,11 @@ main() shsUpdate( &shsInfo, ( SHS_BYTE * ) "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", 56 ); shsFinal( &shsInfo ); if( compareSHSresults( &shsInfo, 1 ) == -1 ) - { + { putchar( '\n' ); puts( "SHS test 2 failed" ); exit( -1 ); - } + } #ifdef NEW_SHS puts( "passed, result= 84983E441C3BD26EBAAE4AA1F95129E5E54670F1" ); #else @@ -108,11 +109,11 @@ main() shsUpdate( &shsInfo, ( SHS_BYTE * ) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 64 ); shsFinal( &shsInfo ); if( compareSHSresults( &shsInfo, 2 ) == -1 ) - { + { putchar( '\n' ); puts( "SHS test 3 failed" ); exit( -1 ); - } + } #ifdef NEW_SHS puts( "passed, result= 34AA973CD4C4DAA4F61EEB2BDBAD27316534016F" ); #else diff --git a/src/lib/crypto/builtin/sha1/t_shs3.c b/src/lib/crypto/builtin/sha1/t_shs3.c index cf9787e..d05ac6d 100644 --- a/src/lib/crypto/builtin/sha1/t_shs3.c +++ b/src/lib/crypto/builtin/sha1/t_shs3.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* test shs code */ #include <stdio.h> @@ -28,23 +29,23 @@ static void longReverse( SHS_LONG *buffer, int byteCount ) switch (init) { case 0: - init=1; - cp = (char *) &init; - if (*cp == 1) { - init=2; - break; - } - init=1; - /* fall through - MSB */ + init=1; + cp = (char *) &init; + if (*cp == 1) { + init=2; + break; + } + init=1; + /* fall through - MSB */ case 1: - return; + return; } byteCount /= sizeof( SHS_LONG ); while( byteCount-- ) { value = *buffer; value = ( ( value & 0xFF00FF00L ) >> 8 ) | - ( ( value & 0x00FF00FFL ) << 8 ); + ( ( value & 0x00FF00FFL ) << 8 ); *buffer++ = ( value << 16 ) | ( value >> 16 ); } } @@ -55,538 +56,538 @@ int Dflag; int main(argc,argv) - char **argv; + char **argv; { - char *argp; - - while (--argc > 0) if (*(argp = *++argv)=='-') - while (*++argp) switch(*argp) - { - case '1': - case '2': - case '3': - case '4': - case '5': - case '6': - case '7': - if (mode) goto Usage; - mode = *argp; - break; - case 'D': - if (argc <= 1) goto Usage; - --argc; - Dflag = atoi(*++argv); - break; - case '-': - break; - default: - fprintf (stderr,"Bad switch char <%c>\n", *argp); - Usage: - fprintf(stderr, "Usage: t_shs [-1234567] [-D #]\n"); - exit(1); - } - else goto Usage; - - process(); - exit(rc); + char *argp; + + while (--argc > 0) if (*(argp = *++argv)=='-') + while (*++argp) switch(*argp) + { + case '1': + case '2': + case '3': + case '4': + case '5': + case '6': + case '7': + if (mode) goto Usage; + mode = *argp; + break; + case 'D': + if (argc <= 1) goto Usage; + --argc; + Dflag = atoi(*++argv); + break; + case '-': + break; + default: + fprintf (stderr,"Bad switch char <%c>\n", *argp); + Usage: + fprintf(stderr, "Usage: t_shs [-1234567] [-D #]\n"); + exit(1); + } + else goto Usage; + + process(); + exit(rc); } static void process(void) { - switch(mode) - { - case '1': - test1(); - break; - case '2': - test2(); - break; - case '3': - test3(); - break; - case '4': - test4(); - break; - case '5': - test5(); - break; - case '6': - test6(); - break; - case '7': - test7(); - break; - default: - test1(); - test2(); - test3(); - test4(); - test5(); - test6(); - test7(); - } + switch(mode) + { + case '1': + test1(); + break; + case '2': + test2(); + break; + case '3': + test3(); + break; + case '4': + test4(); + break; + case '5': + test5(); + break; + case '6': + test6(); + break; + case '7': + test7(); + break; + default: + test1(); + test2(); + test3(); + test4(); + test5(); + test6(); + test7(); + } } #ifndef shsDigest static unsigned char * shsDigest(si) - SHS_INFO *si; + SHS_INFO *si; { - longReverse(si->digest, SHS_DIGESTSIZE); - return (unsigned char*) si->digest; + longReverse(si->digest, SHS_DIGESTSIZE); + return (unsigned char*) si->digest; } #endif unsigned char results1[SHS_DIGESTSIZE] = { -0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a,0xba,0x3e, -0x25,0x71,0x78,0x50,0xc2,0x6c,0x9c,0xd0,0xd8,0x9d}; + 0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a,0xba,0x3e, + 0x25,0x71,0x78,0x50,0xc2,0x6c,0x9c,0xd0,0xd8,0x9d}; static void test1(void) { - SHS_INFO si[1]; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - int i; - - printf("Running SHS test 1 ...\n"); - shsInit(si); - shsUpdate(si, (SHS_BYTE *) "abc", 3); - shsFinal(si); - memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results1, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 1 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results1[i]); - } - printf("\n"); + SHS_INFO si[1]; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + int i; + + printf("Running SHS test 1 ...\n"); + shsInit(si); + shsUpdate(si, (SHS_BYTE *) "abc", 3); + shsFinal(si); + memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results1, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 1 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results1[i]); + } + printf("\n"); } unsigned char results2[SHS_DIGESTSIZE] = { -0x84,0x98,0x3e,0x44,0x1c,0x3b,0xd2,0x6e,0xba,0xae, -0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1}; + 0x84,0x98,0x3e,0x44,0x1c,0x3b,0xd2,0x6e,0xba,0xae, + 0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1}; static void test2(void) { - SHS_INFO si[1]; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - int i; - - printf("Running SHS test 2 ...\n"); - shsInit(si); - shsUpdate(si, - (SHS_BYTE *) "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", - 56); - shsFinal(si); - memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results2, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 2 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results2[i]); - } - printf("\n"); + SHS_INFO si[1]; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + int i; + + printf("Running SHS test 2 ...\n"); + shsInit(si); + shsUpdate(si, + (SHS_BYTE *) "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + 56); + shsFinal(si); + memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results2, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 2 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results2[i]); + } + printf("\n"); } unsigned char results3[SHS_DIGESTSIZE] = { -0x34,0xaa,0x97,0x3c,0xd4,0xc4,0xda,0xa4,0xf6,0x1e, -0xeb,0x2b,0xdb,0xad,0x27,0x31,0x65,0x34,0x01,0x6f}; + 0x34,0xaa,0x97,0x3c,0xd4,0xc4,0xda,0xa4,0xf6,0x1e, + 0xeb,0x2b,0xdb,0xad,0x27,0x31,0x65,0x34,0x01,0x6f}; static void test3(void) { - SHS_INFO si[1]; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - int i; - - printf("Running SHS test 3 ...\n"); - shsInit(si); - for (i = 0; i < 15625; ++i) - shsUpdate(si, -(SHS_BYTE *) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - 64); - shsFinal(si); - memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results3, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 3 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results3[i]); - } - printf("\n"); + SHS_INFO si[1]; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + int i; + + printf("Running SHS test 3 ...\n"); + shsInit(si); + for (i = 0; i < 15625; ++i) + shsUpdate(si, + (SHS_BYTE *) "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + 64); + shsFinal(si); + memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results3, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 3 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results3[i]); + } + printf("\n"); } unsigned char randdata[] = { -0xfe,0x28,0x79,0x25,0xf5,0x03,0xf9,0x1c,0xcd,0x70,0x7b,0xb0,0x42,0x02,0xb8,0x2f, -0xf3,0x63,0xa2,0x79,0x8e,0x9b,0x33,0xd7,0x2b,0xc4,0xb4,0xd2,0xcb,0x61,0xec,0xbb, -0x94,0xe1,0x8f,0x53,0x80,0x55,0xd9,0x90,0xb2,0x03,0x58,0xfa,0xa6,0xe5,0x18,0x57, -0x68,0x04,0x24,0x98,0x41,0x7e,0x84,0xeb,0xc1,0x39,0xbc,0x1d,0xf7,0x4e,0x92,0x72, -0x1a,0x5b,0xb6,0x99,0x43,0xa5,0x0a,0x45,0x73,0x55,0xfd,0x57,0x83,0x45,0x36,0x5c, -0xfd,0x39,0x08,0x6e,0xe2,0x01,0x9a,0x8c,0x4e,0x39,0xd2,0x0d,0x5f,0x0e,0x35,0x15, -0xb9,0xac,0x5f,0xa1,0x8a,0xe6,0xdd,0x6e,0x68,0x9d,0xf6,0x29,0x95,0xf6,0x7d,0x7b, -0xd9,0x5e,0xf4,0x67,0x25,0xbd,0xee,0xed,0x53,0x60,0xb0,0x47,0xdf,0xef,0xf4,0x41, -0xbd,0x45,0xcf,0x5c,0x93,0x41,0x87,0x97,0x82,0x39,0x20,0x66,0xb4,0xda,0xcb,0x66, -0x93,0x02,0x2e,0x7f,0x94,0x4c,0xc7,0x3b,0x2c,0xcf,0xf6,0x99,0x6f,0x13,0xf1,0xc5, -0x28,0x2b,0xa6,0x6c,0x39,0x26,0x7f,0x76,0x24,0x4a,0x6e,0x01,0x40,0x63,0xf8,0x00, -0x06,0x23,0x5a,0xaa,0xa6,0x2f,0xd1,0x37,0xc7,0xcc,0x76,0xe9,0x54,0x1e,0x57,0x73, -0xf5,0x33,0xaa,0x96,0xbe,0x35,0xcd,0x1d,0xd5,0x7d,0xac,0x50,0xd5,0xf8,0x47,0x2d, -0xd6,0x93,0x5f,0x6e,0x38,0xd3,0xac,0xd0,0x7e,0xad,0x9e,0xf8,0x87,0x95,0x63,0x15, -0x65,0xa3,0xd4,0xb3,0x9a,0x6c,0xac,0xcd,0x2a,0x54,0x83,0x13,0xc4,0xb4,0x94,0xfa, -0x76,0x87,0xc5,0x8b,0x4a,0x10,0x92,0x05,0xd1,0x0e,0x97,0xfd,0xc8,0xfb,0xc5,0xdc, -0x21,0x4c,0xc8,0x77,0x5c,0xed,0x32,0x22,0x77,0xc1,0x38,0x30,0xd7,0x8e,0x2a,0x70, -0x72,0x67,0x13,0xe4,0xb7,0x18,0xd4,0x76,0xdd,0x32,0x12,0xf4,0x5d,0xc9,0xec,0xc1, -0x2c,0x8a,0xfe,0x08,0x6c,0xea,0xf6,0xab,0x5a,0x0e,0x8e,0x81,0x1d,0xc8,0x5a,0x4b, -0xed,0xb9,0x7f,0x4b,0x67,0xe3,0x65,0x46,0xc9,0xf2,0xab,0x37,0x0a,0x98,0x67,0x5b, -0xb1,0x3b,0x02,0x91,0x38,0x71,0xea,0x62,0x88,0xae,0xb6,0xdb,0xfc,0x55,0x79,0x33, -0x69,0x95,0x51,0xb6,0xe1,0x3b,0xab,0x22,0x68,0x54,0xf9,0x89,0x9c,0x94,0xe0,0xe3, -0xd3,0x48,0x5c,0xe9,0x78,0x5b,0xb3,0x4b,0xba,0xd8,0x48,0xd8,0xaf,0x91,0x4e,0x23, -0x38,0x23,0x23,0x6c,0xdf,0x2e,0xf0,0xff,0xac,0x1d,0x2d,0x27,0x10,0x45,0xa3,0x2d, -0x8b,0x00,0xcd,0xe2,0xfc,0xb7,0xdb,0x52,0x13,0xb7,0x66,0x79,0xd9,0xd8,0x29,0x0e, -0x32,0xbd,0x52,0x6b,0x75,0x71,0x08,0x83,0x1b,0x67,0x28,0x93,0x97,0x97,0x32,0xff, -0x8b,0xd3,0x98,0xa3,0xce,0x2b,0x88,0x37,0x1c,0xcc,0xa0,0xd1,0x19,0x9b,0xe6,0x11, -0xfc,0xc0,0x3c,0x4e,0xe1,0x35,0x49,0x29,0x19,0xcf,0x1d,0xe1,0x60,0x74,0xc0,0xe9, -0xf7,0xb4,0x99,0xa0,0x23,0x50,0x51,0x78,0xcf,0xc0,0xe5,0xc2,0x1c,0x16,0xd2,0x24, -0x5a,0x63,0x54,0x83,0xaa,0x74,0x3d,0x41,0x0d,0x52,0xee,0xfe,0x0f,0x4d,0x13,0xe1, -0x27,0x00,0xc4,0xf3,0x2b,0x55,0xe0,0x9c,0x81,0xe0,0xfc,0xc2,0x13,0xd4,0x39,0x09 + 0xfe,0x28,0x79,0x25,0xf5,0x03,0xf9,0x1c,0xcd,0x70,0x7b,0xb0,0x42,0x02,0xb8,0x2f, + 0xf3,0x63,0xa2,0x79,0x8e,0x9b,0x33,0xd7,0x2b,0xc4,0xb4,0xd2,0xcb,0x61,0xec,0xbb, + 0x94,0xe1,0x8f,0x53,0x80,0x55,0xd9,0x90,0xb2,0x03,0x58,0xfa,0xa6,0xe5,0x18,0x57, + 0x68,0x04,0x24,0x98,0x41,0x7e,0x84,0xeb,0xc1,0x39,0xbc,0x1d,0xf7,0x4e,0x92,0x72, + 0x1a,0x5b,0xb6,0x99,0x43,0xa5,0x0a,0x45,0x73,0x55,0xfd,0x57,0x83,0x45,0x36,0x5c, + 0xfd,0x39,0x08,0x6e,0xe2,0x01,0x9a,0x8c,0x4e,0x39,0xd2,0x0d,0x5f,0x0e,0x35,0x15, + 0xb9,0xac,0x5f,0xa1,0x8a,0xe6,0xdd,0x6e,0x68,0x9d,0xf6,0x29,0x95,0xf6,0x7d,0x7b, + 0xd9,0x5e,0xf4,0x67,0x25,0xbd,0xee,0xed,0x53,0x60,0xb0,0x47,0xdf,0xef,0xf4,0x41, + 0xbd,0x45,0xcf,0x5c,0x93,0x41,0x87,0x97,0x82,0x39,0x20,0x66,0xb4,0xda,0xcb,0x66, + 0x93,0x02,0x2e,0x7f,0x94,0x4c,0xc7,0x3b,0x2c,0xcf,0xf6,0x99,0x6f,0x13,0xf1,0xc5, + 0x28,0x2b,0xa6,0x6c,0x39,0x26,0x7f,0x76,0x24,0x4a,0x6e,0x01,0x40,0x63,0xf8,0x00, + 0x06,0x23,0x5a,0xaa,0xa6,0x2f,0xd1,0x37,0xc7,0xcc,0x76,0xe9,0x54,0x1e,0x57,0x73, + 0xf5,0x33,0xaa,0x96,0xbe,0x35,0xcd,0x1d,0xd5,0x7d,0xac,0x50,0xd5,0xf8,0x47,0x2d, + 0xd6,0x93,0x5f,0x6e,0x38,0xd3,0xac,0xd0,0x7e,0xad,0x9e,0xf8,0x87,0x95,0x63,0x15, + 0x65,0xa3,0xd4,0xb3,0x9a,0x6c,0xac,0xcd,0x2a,0x54,0x83,0x13,0xc4,0xb4,0x94,0xfa, + 0x76,0x87,0xc5,0x8b,0x4a,0x10,0x92,0x05,0xd1,0x0e,0x97,0xfd,0xc8,0xfb,0xc5,0xdc, + 0x21,0x4c,0xc8,0x77,0x5c,0xed,0x32,0x22,0x77,0xc1,0x38,0x30,0xd7,0x8e,0x2a,0x70, + 0x72,0x67,0x13,0xe4,0xb7,0x18,0xd4,0x76,0xdd,0x32,0x12,0xf4,0x5d,0xc9,0xec,0xc1, + 0x2c,0x8a,0xfe,0x08,0x6c,0xea,0xf6,0xab,0x5a,0x0e,0x8e,0x81,0x1d,0xc8,0x5a,0x4b, + 0xed,0xb9,0x7f,0x4b,0x67,0xe3,0x65,0x46,0xc9,0xf2,0xab,0x37,0x0a,0x98,0x67,0x5b, + 0xb1,0x3b,0x02,0x91,0x38,0x71,0xea,0x62,0x88,0xae,0xb6,0xdb,0xfc,0x55,0x79,0x33, + 0x69,0x95,0x51,0xb6,0xe1,0x3b,0xab,0x22,0x68,0x54,0xf9,0x89,0x9c,0x94,0xe0,0xe3, + 0xd3,0x48,0x5c,0xe9,0x78,0x5b,0xb3,0x4b,0xba,0xd8,0x48,0xd8,0xaf,0x91,0x4e,0x23, + 0x38,0x23,0x23,0x6c,0xdf,0x2e,0xf0,0xff,0xac,0x1d,0x2d,0x27,0x10,0x45,0xa3,0x2d, + 0x8b,0x00,0xcd,0xe2,0xfc,0xb7,0xdb,0x52,0x13,0xb7,0x66,0x79,0xd9,0xd8,0x29,0x0e, + 0x32,0xbd,0x52,0x6b,0x75,0x71,0x08,0x83,0x1b,0x67,0x28,0x93,0x97,0x97,0x32,0xff, + 0x8b,0xd3,0x98,0xa3,0xce,0x2b,0x88,0x37,0x1c,0xcc,0xa0,0xd1,0x19,0x9b,0xe6,0x11, + 0xfc,0xc0,0x3c,0x4e,0xe1,0x35,0x49,0x29,0x19,0xcf,0x1d,0xe1,0x60,0x74,0xc0,0xe9, + 0xf7,0xb4,0x99,0xa0,0x23,0x50,0x51,0x78,0xcf,0xc0,0xe5,0xc2,0x1c,0x16,0xd2,0x24, + 0x5a,0x63,0x54,0x83,0xaa,0x74,0x3d,0x41,0x0d,0x52,0xee,0xfe,0x0f,0x4d,0x13,0xe1, + 0x27,0x00,0xc4,0xf3,0x2b,0x55,0xe0,0x9c,0x81,0xe0,0xfc,0xc2,0x13,0xd4,0x39,0x09 }; unsigned char results4[SHS_DIGESTSIZE] = { -0x13,0x62,0xfc,0x87,0x68,0x33,0xd5,0x1d,0x2f,0x0c, -0x73,0xe3,0xfb,0x87,0x6a,0x6b,0xc3,0x25,0x54,0xfc}; + 0x13,0x62,0xfc,0x87,0x68,0x33,0xd5,0x1d,0x2f,0x0c, + 0x73,0xe3,0xfb,0x87,0x6a,0x6b,0xc3,0x25,0x54,0xfc}; static void test4(void) { - SHS_INFO si[1]; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - int i; - - printf("Running SHS test 4 ...\n"); - shsInit(si); - shsUpdate(si, randdata, 19); - shsFinal(si); - memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results4, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 4 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results4[i]); - } - printf("\n"); + SHS_INFO si[1]; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + int i; + + printf("Running SHS test 4 ...\n"); + shsInit(si); + shsUpdate(si, randdata, 19); + shsFinal(si); + memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results4, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 4 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results4[i]); + } + printf("\n"); } unsigned char results5[SHS_DIGESTSIZE] = { -0x19,0x4d,0xf6,0xeb,0x8e,0x02,0x6d,0x37,0x58,0x64, -0xe5,0x95,0x19,0x2a,0xdd,0x1c,0xc4,0x3c,0x24,0x86}; + 0x19,0x4d,0xf6,0xeb,0x8e,0x02,0x6d,0x37,0x58,0x64, + 0xe5,0x95,0x19,0x2a,0xdd,0x1c,0xc4,0x3c,0x24,0x86}; static void test5(void) { - SHS_INFO si[1]; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - int i; - - printf("Running SHS test 5 ...\n"); - shsInit(si); - shsUpdate(si, randdata, 19); - shsUpdate(si, randdata+32, 15); - shsFinal(si); - memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results5, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 5 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results5[i]); - } - printf("\n"); + SHS_INFO si[1]; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + int i; + + printf("Running SHS test 5 ...\n"); + shsInit(si); + shsUpdate(si, randdata, 19); + shsUpdate(si, randdata+32, 15); + shsFinal(si); + memcpy(digest, shsDigest(si), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results5, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 5 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results5[i]); + } + printf("\n"); } unsigned char results6[SHS_DIGESTSIZE] = { -0x4e,0x16,0x57,0x9d,0x4b,0x48,0xa9,0x1c,0x88,0x72, -0x83,0xdb,0x88,0xd1,0xea,0x3a,0x45,0xdf,0xa1,0x10}; + 0x4e,0x16,0x57,0x9d,0x4b,0x48,0xa9,0x1c,0x88,0x72, + 0x83,0xdb,0x88,0xd1,0xea,0x3a,0x45,0xdf,0xa1,0x10}; static void test6(void) { - struct { - long pad1; - SHS_INFO si1; - long pad2; - SHS_INFO si2; - long pad3; - } sdata; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - unsigned int i, j; - - printf("Running SHS test 6 ...\n"); - sdata.pad1 = 0x12345678; - sdata.pad2 = 0x87654321; - sdata.pad3 = 0x78563412; - shsInit((&sdata.si2)); -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #20 %#lx\n", -sdata.pad2); -sdata.pad2 = 0x87654321; -} -if (sdata.pad3 != 0x78563412) { -printf ("Overrun #21 %#lx\n", -sdata.pad3); -sdata.pad3 = 0x78563412; -} - for (i = 0; i < 400; ++i) - { - shsInit(&sdata.si1); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #22 %#lx at %d\n", -sdata.pad1, i); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #23 %#lx at %d\n", -sdata.pad2, i); -sdata.pad2 = 0x87654321; -} - shsUpdate(&sdata.si1, (randdata+sizeof(randdata))-i, i); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #24 %#lx at %d\n", -sdata.pad1, i); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #25 %#lx at %d\n", -sdata.pad2, i); -sdata.pad2 = 0x87654321; -} - shsFinal(&sdata.si1); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #26 %#lx at %d\n", -sdata.pad1, i); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #27 %#lx at %d\n", -sdata.pad2, i); -sdata.pad2 = 0x87654321; -} - memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE); - if (Dflag & 1) - { - printf ("%d: ", i); - for (j = 0; j < SHS_DIGESTSIZE; ++j) - printf("%02x",digest[j]); - printf("\n"); - } - shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE); -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #28 %#lx at %d\n", -sdata.pad2, i); -sdata.pad2 = 0x87654321; -} -if (sdata.pad3 != 0x78563412) { -printf ("Overrun #29 %#lx at %d\n", -sdata.pad3, i); -sdata.pad3 = 0x78563412; -} - if (Dflag & 2) - printf ("%d: %08lx%08lx%08lx%08lx%08lx\n", - i, - (unsigned long) sdata.si2.digest[0], - (unsigned long) sdata.si2.digest[1], - (unsigned long) sdata.si2.digest[2], - (unsigned long) sdata.si2.digest[3], - (unsigned long) sdata.si2.digest[4]); - } - shsFinal((&sdata.si2)); -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #30 %#lx\n", -sdata.pad2); -sdata.pad2 = 0x87654321; -} -if (sdata.pad3 != 0x78563412) { -printf ("Overrun #31 %#lx\n", -sdata.pad3); -sdata.pad3 = 0x78563412; -} - memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results6, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 6 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results6[i]); - } - printf("\n"); + struct { + long pad1; + SHS_INFO si1; + long pad2; + SHS_INFO si2; + long pad3; + } sdata; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + unsigned int i, j; + + printf("Running SHS test 6 ...\n"); + sdata.pad1 = 0x12345678; + sdata.pad2 = 0x87654321; + sdata.pad3 = 0x78563412; + shsInit((&sdata.si2)); + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #20 %#lx\n", + sdata.pad2); + sdata.pad2 = 0x87654321; + } + if (sdata.pad3 != 0x78563412) { + printf ("Overrun #21 %#lx\n", + sdata.pad3); + sdata.pad3 = 0x78563412; + } + for (i = 0; i < 400; ++i) + { + shsInit(&sdata.si1); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #22 %#lx at %d\n", + sdata.pad1, i); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #23 %#lx at %d\n", + sdata.pad2, i); + sdata.pad2 = 0x87654321; + } + shsUpdate(&sdata.si1, (randdata+sizeof(randdata))-i, i); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #24 %#lx at %d\n", + sdata.pad1, i); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #25 %#lx at %d\n", + sdata.pad2, i); + sdata.pad2 = 0x87654321; + } + shsFinal(&sdata.si1); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #26 %#lx at %d\n", + sdata.pad1, i); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #27 %#lx at %d\n", + sdata.pad2, i); + sdata.pad2 = 0x87654321; + } + memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE); + if (Dflag & 1) + { + printf ("%d: ", i); + for (j = 0; j < SHS_DIGESTSIZE; ++j) + printf("%02x",digest[j]); + printf("\n"); + } + shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE); + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #28 %#lx at %d\n", + sdata.pad2, i); + sdata.pad2 = 0x87654321; + } + if (sdata.pad3 != 0x78563412) { + printf ("Overrun #29 %#lx at %d\n", + sdata.pad3, i); + sdata.pad3 = 0x78563412; + } + if (Dflag & 2) + printf ("%d: %08lx%08lx%08lx%08lx%08lx\n", + i, + (unsigned long) sdata.si2.digest[0], + (unsigned long) sdata.si2.digest[1], + (unsigned long) sdata.si2.digest[2], + (unsigned long) sdata.si2.digest[3], + (unsigned long) sdata.si2.digest[4]); + } + shsFinal((&sdata.si2)); + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #30 %#lx\n", + sdata.pad2); + sdata.pad2 = 0x87654321; + } + if (sdata.pad3 != 0x78563412) { + printf ("Overrun #31 %#lx\n", + sdata.pad3); + sdata.pad3 = 0x78563412; + } + memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results6, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 6 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results6[i]); + } + printf("\n"); } unsigned char results7[SHS_DIGESTSIZE] = { -0x89,0x41,0x65,0xce,0x76,0xc1,0xd1,0xd1,0xc3,0x6f, -0xab,0x92,0x79,0x30,0x01,0x71,0x63,0x1f,0x74,0xfe}; + 0x89,0x41,0x65,0xce,0x76,0xc1,0xd1,0xd1,0xc3,0x6f, + 0xab,0x92,0x79,0x30,0x01,0x71,0x63,0x1f,0x74,0xfe}; unsigned int jfsize[] = {0,1,31,32, - 33,55,56,63, - 64,65,71,72, - 73,95,96,97, - 119,120,123,127}; + 33,55,56,63, + 64,65,71,72, + 73,95,96,97, + 119,120,123,127}; unsigned int kfsize[] = {0,1,31,32,33,55,56,63}; static void test7(void) { - struct { - long pad1; - SHS_INFO si1; - long pad2; - SHS_INFO si2; - long pad3; - } sdata; - unsigned char digest[SHS_DIGESTSIZE]; - int failed; - unsigned int i, j, k, l; - - printf("Running SHS test 7 ...\n"); - sdata.pad1 = 0x12345678; - sdata.pad2 = 0x87654321; - sdata.pad3 = 0x78563412; - shsInit((&sdata.si2)); - for (i = 1; i <= 128; ++i) - for (j = 0; j < 20; ++j) - for (k = 0; k < 8; ++k) - { - shsInit(&sdata.si1); - shsUpdate(&sdata.si1, (randdata+80+j), i); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #1 %#lx at %d,%d,%d\n", -sdata.pad1, i,j,k); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #2 %#lx at %d,%d,%d\n", -sdata.pad2, i,j,k); -sdata.pad2 = 0x87654321; -} - shsUpdate(&sdata.si1, randdata+i, jfsize[j]); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #3 %#lx at %d,%d,%d\n", -sdata.pad1, i,j,k); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #4 %#lx at %d,%d,%d\n", -sdata.pad2, i,j,k); -sdata.pad2 = 0x87654321; -} - if (k) shsUpdate(&sdata.si1, randdata+(i^j), kfsize[k]); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #5 %#lx at %d,%d,%d\n", -sdata.pad1, i,j,k); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #6 %#lx at %d,%d,%d\n", -sdata.pad2, i,j,k); -sdata.pad2 = 0x87654321; -} - shsFinal(&sdata.si1); -if (sdata.pad1 != 0x12345678) { -printf ("Overrun #7 %#lx at %d,%d,%d\n", -sdata.pad1, i,j,k); -sdata.pad1 = 0x12345678; -} -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #8 %#lx at %d,%d,%d\n", -sdata.pad2, i,j,k); -sdata.pad2 = 0x87654321; -} - memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE); - if (Dflag & 1) - { - printf ("%d,%d,%d: ", i, j, k); - for (l = 0; l < SHS_DIGESTSIZE; ++l) - printf("%02x",digest[l]); - printf("\n"); - } - shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE); -if (sdata.pad2 != 0x87654321) { -printf ("Overrun #9 %#lx at %d,%d,%d\n", -sdata.pad2, i,j,k); -sdata.pad2 = 0x87654321; -} -if (sdata.pad3 != 0x78563412) { -printf ("Overrun #10 %#lx at %d,%d,%d\n", -sdata.pad3, i,j,k); -sdata.pad3 = 0x78563412; -} - if (Dflag & 2) - printf ("%d,%d,%d: %08lx%08lx%08lx%08lx%08lx\n", - i,j,k, - (unsigned long) sdata.si2.digest[0], - (unsigned long) sdata.si2.digest[1], - (unsigned long) sdata.si2.digest[2], - (unsigned long) sdata.si2.digest[3], - (unsigned long) sdata.si2.digest[4]); - } - shsFinal((&sdata.si2)); - memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE); - if ((failed = memcmp(digest, results7, SHS_DIGESTSIZE)) != 0) - { - fprintf(stderr,"SHS test 7 failed!\n"); - rc = 1; - } - printf ("%s, results = ", failed ? "Failed" : "Passed"); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",digest[i]); - if (failed) - { - printf ("\n, expected "); - for (i = 0; i < SHS_DIGESTSIZE; ++i) - printf("%02x",results7[i]); - } - printf("\n"); + struct { + long pad1; + SHS_INFO si1; + long pad2; + SHS_INFO si2; + long pad3; + } sdata; + unsigned char digest[SHS_DIGESTSIZE]; + int failed; + unsigned int i, j, k, l; + + printf("Running SHS test 7 ...\n"); + sdata.pad1 = 0x12345678; + sdata.pad2 = 0x87654321; + sdata.pad3 = 0x78563412; + shsInit((&sdata.si2)); + for (i = 1; i <= 128; ++i) + for (j = 0; j < 20; ++j) + for (k = 0; k < 8; ++k) + { + shsInit(&sdata.si1); + shsUpdate(&sdata.si1, (randdata+80+j), i); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #1 %#lx at %d,%d,%d\n", + sdata.pad1, i,j,k); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #2 %#lx at %d,%d,%d\n", + sdata.pad2, i,j,k); + sdata.pad2 = 0x87654321; + } + shsUpdate(&sdata.si1, randdata+i, jfsize[j]); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #3 %#lx at %d,%d,%d\n", + sdata.pad1, i,j,k); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #4 %#lx at %d,%d,%d\n", + sdata.pad2, i,j,k); + sdata.pad2 = 0x87654321; + } + if (k) shsUpdate(&sdata.si1, randdata+(i^j), kfsize[k]); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #5 %#lx at %d,%d,%d\n", + sdata.pad1, i,j,k); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #6 %#lx at %d,%d,%d\n", + sdata.pad2, i,j,k); + sdata.pad2 = 0x87654321; + } + shsFinal(&sdata.si1); + if (sdata.pad1 != 0x12345678) { + printf ("Overrun #7 %#lx at %d,%d,%d\n", + sdata.pad1, i,j,k); + sdata.pad1 = 0x12345678; + } + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #8 %#lx at %d,%d,%d\n", + sdata.pad2, i,j,k); + sdata.pad2 = 0x87654321; + } + memcpy(digest, shsDigest(&sdata.si1), SHS_DIGESTSIZE); + if (Dflag & 1) + { + printf ("%d,%d,%d: ", i, j, k); + for (l = 0; l < SHS_DIGESTSIZE; ++l) + printf("%02x",digest[l]); + printf("\n"); + } + shsUpdate((&sdata.si2), digest, SHS_DIGESTSIZE); + if (sdata.pad2 != 0x87654321) { + printf ("Overrun #9 %#lx at %d,%d,%d\n", + sdata.pad2, i,j,k); + sdata.pad2 = 0x87654321; + } + if (sdata.pad3 != 0x78563412) { + printf ("Overrun #10 %#lx at %d,%d,%d\n", + sdata.pad3, i,j,k); + sdata.pad3 = 0x78563412; + } + if (Dflag & 2) + printf ("%d,%d,%d: %08lx%08lx%08lx%08lx%08lx\n", + i,j,k, + (unsigned long) sdata.si2.digest[0], + (unsigned long) sdata.si2.digest[1], + (unsigned long) sdata.si2.digest[2], + (unsigned long) sdata.si2.digest[3], + (unsigned long) sdata.si2.digest[4]); + } + shsFinal((&sdata.si2)); + memcpy(digest, shsDigest((&sdata.si2)), SHS_DIGESTSIZE); + if ((failed = memcmp(digest, results7, SHS_DIGESTSIZE)) != 0) + { + fprintf(stderr,"SHS test 7 failed!\n"); + rc = 1; + } + printf ("%s, results = ", failed ? "Failed" : "Passed"); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",digest[i]); + if (failed) + { + printf ("\n, expected "); + for (i = 0; i < SHS_DIGESTSIZE; ++i) + printf("%02x",results7[i]); + } + printf("\n"); } diff --git a/src/lib/crypto/builtin/t_cf2.c b/src/lib/crypto/builtin/t_cf2.c index 0c968ea..550192c 100644 --- a/src/lib/crypto/builtin/t_cf2.c +++ b/src/lib/crypto/builtin/t_cf2.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/crypto/t_cf2.c * @@ -42,47 +43,47 @@ #include <string.h> int main () { - char pepper1[1024], pepper2[1024]; - krb5_keyblock *k1 = NULL, *k2 = NULL, *out = NULL; - krb5_data s2k; - unsigned int i; - while (1) { - krb5_enctype enctype; - char s[1025]; + char pepper1[1024], pepper2[1024]; + krb5_keyblock *k1 = NULL, *k2 = NULL, *out = NULL; + krb5_data s2k; + unsigned int i; + while (1) { + krb5_enctype enctype; + char s[1025]; - if (scanf( "%d", &enctype) == EOF) - break; - if (scanf("%1024s", &s[0]) == EOF) - break; - assert (krb5_init_keyblock(0, enctype, 0, &k1) == 0); - s2k.data = &s[0]; - s2k.length = strlen(s); - assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k1) == 0); - if (scanf("%1024s", &s[0]) == EOF) - break; - assert (krb5_init_keyblock(0, enctype, 0, &k2) == 0); - s2k.data = &s[0]; - s2k.length = strlen(s); - assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k2) == 0); - if (scanf("%1024s %1024s", pepper1, pepper2) == EOF) - break; - assert(krb5_c_fx_cf2_simple(0, k1, pepper1, - k2, pepper2, &out) ==0); - i = out->length; - for (; i > 0; i--) { - printf ("%02x", - (unsigned int) ((unsigned char) out->contents[out->length-i])); - } - printf ("\n"); + if (scanf( "%d", &enctype) == EOF) + break; + if (scanf("%1024s", &s[0]) == EOF) + break; + assert (krb5_init_keyblock(0, enctype, 0, &k1) == 0); + s2k.data = &s[0]; + s2k.length = strlen(s); + assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k1) == 0); + if (scanf("%1024s", &s[0]) == EOF) + break; + assert (krb5_init_keyblock(0, enctype, 0, &k2) == 0); + s2k.data = &s[0]; + s2k.length = strlen(s); + assert(krb5_c_string_to_key (0, enctype, &s2k, &s2k, k2) == 0); + if (scanf("%1024s %1024s", pepper1, pepper2) == EOF) + break; + assert(krb5_c_fx_cf2_simple(0, k1, pepper1, + k2, pepper2, &out) ==0); + i = out->length; + for (; i > 0; i--) { + printf ("%02x", + (unsigned int) ((unsigned char) out->contents[out->length-i])); + } + printf ("\n"); - krb5_free_keyblock(0,out); - out = NULL; + krb5_free_keyblock(0,out); + out = NULL; - krb5_free_keyblock(0, k1); - k1 = NULL; - krb5_free_keyblock(0, k2); - k2 = NULL; - } + krb5_free_keyblock(0, k1); + k1 = NULL; + krb5_free_keyblock(0, k2); + k2 = NULL; + } - return (0); + return (0); } diff --git a/src/lib/crypto/builtin/yhash.h b/src/lib/crypto/builtin/yhash.h index ce78c56..dcb8769 100644 --- a/src/lib/crypto/builtin/yhash.h +++ b/src/lib/crypto/builtin/yhash.h @@ -1,4 +1,4 @@ -/* -*- Mode: C; c-file-style: "bsd" -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef YHASH_H #define YHASH_H @@ -14,14 +14,14 @@ #define HASH_CTX SHS_INFO #define HASH_Init(x) shsInit(x) #define HASH_Update(x, buf, sz) shsUpdate(x, (const void*)buf, sz) -#define HASH_Final(x, tdigest) do { \ - size_t loopvar; \ - unsigned char *out2 = (void *)(tdigest); \ - HASH_CTX *ctx = (x); \ - shsFinal(ctx); \ - for (loopvar=0; loopvar<(sizeof(ctx->digest)/sizeof(ctx->digest[0])); loopvar++) \ - store_32_be(ctx->digest[loopvar], &out2[loopvar*4]); \ - } while(0) +#define HASH_Final(x, tdigest) do { \ + size_t loopvar; \ + unsigned char *out2 = (void *)(tdigest); \ + HASH_CTX *ctx = (x); \ + shsFinal(ctx); \ + for (loopvar=0; loopvar<(sizeof(ctx->digest)/sizeof(ctx->digest[0])); loopvar++) \ + store_32_be(ctx->digest[loopvar], &out2[loopvar*4]); \ + } while(0) #define HASH_DIGEST_SIZE SHS_DIGESTSIZE |