1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
|
/*
* lib/des425/str_to_key.c
*
* Copyright 1985, 1986, 1987, 1988, 1989,1990 by the Massachusetts Institute
* of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
*
* These routines perform encryption and decryption using the DES
* private key algorithm, or else a subset of it-- fewer inner loops.
* (AUTH_DES_ITER defaults to 16, may be less.)
*
* Under U.S. law, this software may not be exported outside the US
* without license from the U.S. Commerce department.
*
* The key schedule is passed as an arg, as well as the cleartext or
* ciphertext. The cleartext and ciphertext should be in host order.
*
* These routines form the library interface to the DES facilities.
*
* spm 8/85 MIT project athena
*/
#include <stdio.h>
#include <string.h>
#include "des_int.h"
#include "des.h"
extern int mit_des_debug;
/*
* Convert an arbitrary length string to a DES key.
*/
/*
* For krb5, a change was made to this algorithm: When each key is
* generated, after fixing parity, a check for weak and semi-weak keys
* is done. If the key is weak or semi-weak, we XOR the last byte
* with 0xF0. (In the case of the intermediate key, the weakness is
* probably irrelevant, but there it is.) The odds that this will
* generate a different key for a random input string are pretty low,
* but non-zero. So we need this different function for krb4 to use.
*/
int KRB5_CALLCONV
des_string_to_key(str,key)
const char *str;
register mit_des_cblock key;
{
const char *in_str;
register unsigned temp;
register int j;
unsigned long i, length;
unsigned char *k_p;
int forward;
register char *p_char;
char k_char[64];
mit_des_key_schedule key_sked;
in_str = str;
forward = 1;
p_char = k_char;
length = strlen(str);
/* init key array for bits */
memset(k_char, 0,sizeof(k_char));
#ifdef DEBUG
if (mit_des_debug)
fprintf(stdout,
"\n\ninput str length = %ld string = %s\nstring = 0x ",
length,str);
#endif
/* get next 8 bytes, strip parity, xor */
for (i = 1; i <= length; i++) {
/* get next input key byte */
temp = (unsigned int) *str++;
#ifdef DEBUG
if (mit_des_debug)
fprintf(stdout,"%02x ",temp & 0xff);
#endif
/* loop through bits within byte, ignore parity */
for (j = 0; j <= 6; j++) {
if (forward)
*p_char++ ^= (int) temp & 01;
else
*--p_char ^= (int) temp & 01;
temp = temp >> 1;
}
/* check and flip direction */
if ((i%8) == 0)
forward = !forward;
}
/* now stuff into the key des_cblock, and force odd parity */
p_char = k_char;
k_p = (unsigned char *) key;
for (i = 0; i <= 7; i++) {
temp = 0;
for (j = 0; j <= 6; j++)
temp |= *p_char++ << (1+j);
*k_p++ = (unsigned char) temp;
}
/* fix key parity */
des_fixup_key_parity(key);
/* Now one-way encrypt it with the folded key */
(void) des_key_sched(key, key_sked);
(void) des_cbc_cksum((const unsigned char *) in_str, key, length,
key_sked, key);
/* erase key_sked */
memset(key_sked, 0,sizeof(key_sked));
/* now fix up key parity again */
des_fixup_key_parity(key);
#ifdef DEBUG
if (mit_des_debug)
fprintf(stdout,
"\nResulting string_to_key = 0x%x 0x%x\n",
*((unsigned long *) key),
*((unsigned long *) key+1));
#endif /* DEBUG */
return 0; /* Really should be returning void, */
/* but the original spec was for it to */
/* return an int, and ANSI compilers */
/* can do dumb things sometimes */
}
|
