From dd0c426c1c4e274d6bc264a34b8e6f555592fe62 Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Tue, 12 Aug 2003 01:22:17 +0000 Subject: [PATCH] Split crypto routine sup again, but differently. This should make the mail floppy parts a fair bit smaller. --- src/lib/libc/crypt/Makefile.inc | 4 +- src/lib/libc/crypt/crypt.c | 121 ++++++++++---------------------- src/lib/libc/crypt/crypt2.c | 108 ++++++++++++++++++++++++++++ 3 files changed, 149 insertions(+), 84 deletions(-) create mode 100644 src/lib/libc/crypt/crypt2.c diff --git a/src/lib/libc/crypt/Makefile.inc b/src/lib/libc/crypt/Makefile.inc index b65d64d7..131e1d3f 100644 --- a/src/lib/libc/crypt/Makefile.inc +++ b/src/lib/libc/crypt/Makefile.inc @@ -1,8 +1,8 @@ -# $OpenBSD: Makefile.inc,v 1.14 2003/08/07 00:32:12 deraadt Exp $ +# $OpenBSD: Makefile.inc,v 1.15 2003/08/12 01:22:17 deraadt Exp $ .PATH: ${LIBCSRCDIR}/arch/${MACHINE_ARCH}/crypt ${LIBCSRCDIR}/crypt -SRCS+= cast.c crypt.c md5crypt.c arc4random.c blowfish.c +SRCS+= cast.c crypt.c crypt2.c md5crypt.c arc4random.c blowfish.c SRCS+= bcrypt.c skipjack.c MAN+= crypt.3 blowfish.3 arc4random.3 diff --git a/src/lib/libc/crypt/crypt.c b/src/lib/libc/crypt/crypt.c index 7f07f4e7..e0f5e836 100644 --- a/src/lib/libc/crypt/crypt.c +++ b/src/lib/libc/crypt/crypt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crypt.c,v 1.17 2003/08/07 00:32:12 deraadt Exp $ */ +/* $OpenBSD: crypt.c,v 1.18 2003/08/12 01:22:17 deraadt Exp $ */ /* * FreeSec: libcrypt @@ -47,7 +47,7 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char rcsid[] = "$OpenBSD: crypt.c,v 1.17 2003/08/07 00:32:12 deraadt Exp $"; +static char rcsid[] = "$OpenBSD: crypt.c,v 1.18 2003/08/12 01:22:17 deraadt Exp $"; #endif /* LIBC_SCCS and not lint */ #include @@ -60,7 +60,7 @@ static char rcsid[] = "$OpenBSD: crypt.c,v 1.17 2003/08/07 00:32:12 deraadt Exp # include #endif -static u_char IP[64] = { +static const u_char IP[64] = { 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, @@ -69,19 +69,19 @@ static u_char IP[64] = { static u_char inv_key_perm[64]; static u_char u_key_perm[56]; -static u_char key_perm[56] = { +static u_char const key_perm[56] = { 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4 }; -static u_char key_shifts[16] = { +static const u_char key_shifts[16] = { 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1 }; static u_char inv_comp_perm[56]; -static u_char comp_perm[48] = { +static const u_char comp_perm[48] = { 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2, 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48, @@ -93,7 +93,7 @@ static u_char comp_perm[48] = { */ static u_char u_sbox[8][64]; -static u_char sbox[8][64] = { +static const u_char sbox[8][64] = { { 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7, 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8, @@ -145,12 +145,12 @@ static u_char sbox[8][64] = { }; static u_char un_pbox[32]; -static u_char pbox[32] = { +static const u_char pbox[32] = { 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25 }; -static u_int32_t bits32[32] = +const u_int32_t _des_bits32[32] = { 0x80000000, 0x40000000, 0x20000000, 0x10000000, 0x08000000, 0x04000000, 0x02000000, 0x01000000, @@ -162,15 +162,15 @@ static u_int32_t bits32[32] = 0x00000008, 0x00000004, 0x00000002, 0x00000001 }; -static u_char bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 }; +const u_char _des_bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 }; static u_int32_t saltbits; static int32_t old_salt; -static u_int32_t *bits28, *bits24; +static const u_int32_t *bits28, *bits24; static u_char init_perm[64], final_perm[64]; static u_int32_t en_keysl[16], en_keysr[16]; static u_int32_t de_keysl[16], de_keysr[16]; -static int des_initialised = 0; +int _des_initialised = 0; static u_char m_sbox[4][4096]; static u_int32_t psbox[4][256]; static u_int32_t ip_maskl[8][256], ip_maskr[8][256]; @@ -202,8 +202,8 @@ ascii_to_bin(char ch) return(0); } -static void -des_init(void) +void +_des_init(void) { int i, j, b, k, inbit, obit; u_int32_t *p, *il, *ir, *fl, *fr; @@ -211,7 +211,7 @@ des_init(void) old_rawkey0 = old_rawkey1 = 0; saltbits = 0; old_salt = 0; - bits24 = (bits28 = bits32 + 4) + 4; + bits24 = (bits28 = _des_bits32 + 4) + 4; /* * Invert the S-boxes, reordering the input bits. @@ -271,15 +271,15 @@ des_init(void) *(fr = &fp_maskr[k][i]) = 0; for (j = 0; j < 8; j++) { inbit = 8 * k + j; - if (i & bits8[j]) { + if (i & _des_bits8[j]) { if ((obit = init_perm[inbit]) < 32) - *il |= bits32[obit]; + *il |= _des_bits32[obit]; else - *ir |= bits32[obit-32]; + *ir |= _des_bits32[obit-32]; if ((obit = final_perm[inbit]) < 32) - *fl |= bits32[obit]; + *fl |= _des_bits32[obit]; else - *fr |= bits32[obit - 32]; + *fr |= _des_bits32[obit - 32]; } } } @@ -288,7 +288,7 @@ des_init(void) *(ir = &key_perm_maskr[k][i]) = 0; for (j = 0; j < 7; j++) { inbit = 8 * k + j; - if (i & bits8[j + 1]) { + if (i & _des_bits8[j + 1]) { if ((obit = inv_key_perm[inbit]) == 255) continue; if (obit < 28) @@ -301,7 +301,7 @@ des_init(void) *(ir = &comp_maskr[k][i]) = 0; for (j = 0; j < 7; j++) { inbit = 7 * k + j; - if (i & bits8[j + 1]) { + if (i & _des_bits8[j + 1]) { if ((obit=inv_comp_perm[inbit]) == 255) continue; if (obit < 24) @@ -324,16 +324,16 @@ des_init(void) for (i = 0; i < 256; i++) { *(p = &psbox[b][i]) = 0; for (j = 0; j < 8; j++) { - if (i & bits8[j]) - *p |= bits32[un_pbox[8 * b + j]]; + if (i & _des_bits8[j]) + *p |= _des_bits32[un_pbox[8 * b + j]]; } } - des_initialised = 1; + _des_initialised = 1; } -static void -setup_salt(int32_t salt) +void +_des_setup_salt(int32_t salt) { u_int32_t obit, saltbit; int i; @@ -359,8 +359,8 @@ des_setkey(const char *key) u_int32_t k0, k1, rawkey0, rawkey1; int shifts, round; - if (!des_initialised) - des_init(); + if (!_des_initialised) + _des_init(); rawkey0 = ntohl(*(u_int32_t *) key); rawkey1 = ntohl(*(u_int32_t *) (key + 4)); @@ -433,8 +433,8 @@ des_setkey(const char *key) return(0); } -static int -do_des(u_int32_t l_in, u_int32_t r_in, u_int32_t *l_out, u_int32_t *r_out, +int +_des_do_des(u_int32_t l_in, u_int32_t r_in, u_int32_t *l_out, u_int32_t *r_out, int count) { /* @@ -557,15 +557,15 @@ des_cipher(const char *in, char *out, int32_t salt, int count) u_int32_t x[2]; int retval; - if (!des_initialised) - des_init(); + if (!_des_initialised) + _des_init(); - setup_salt(salt); + _des_setup_salt(salt); memcpy(x, in, sizeof x); rawl = ntohl(x[0]); rawr = ntohl(x[1]); - retval = do_des(rawl, rawr, &l_out, &r_out, count); + retval = _des_do_des(rawl, rawr, &l_out, &r_out, count); x[0] = htonl(l_out); x[1] = htonl(r_out); @@ -592,8 +592,8 @@ crypt(const char *key, const char *setting) } } - if (!des_initialised) - des_init(); + if (!_des_initialised) + _des_init(); /* * Copy the key, shifting each character up by one bit @@ -668,12 +668,12 @@ crypt(const char *key, const char *setting) p = output + 2; } - setup_salt(salt); + _des_setup_salt(salt); /* * Do it. */ - if (do_des(0, 0, &r0, &r1, count)) + if (_des_do_des(0, 0, &r0, &r1, count)) return(NULL); /* * Now encode the result... @@ -698,46 +698,3 @@ crypt(const char *key, const char *setting) return((char *)output); } - -int -setkey(const char *key) -{ - int i, j; - u_int32_t packed_keys[2]; - u_char *p; - - p = (u_char *) packed_keys; - - for (i = 0; i < 8; i++) { - p[i] = 0; - for (j = 0; j < 8; j++) - if (*key++ & 1) - p[i] |= bits8[j]; - } - return(des_setkey(p)); -} - -int -encrypt(char *block, int flag) -{ - u_int32_t io[2]; - u_char *p; - int i, j, retval; - - if (!des_initialised) - des_init(); - - setup_salt(0); - p = (u_char *)block; - for (i = 0; i < 2; i++) { - io[i] = 0L; - for (j = 0; j < 32; j++) - if (*p++ & 1) - io[i] |= bits32[j]; - } - retval = do_des(io[0], io[1], io, io + 1, flag ? -1 : 1); - for (i = 0; i < 2; i++) - for (j = 0; j < 32; j++) - block[(i << 5) | j] = (io[i] & bits32[j]) ? 1 : 0; - return(retval); -} diff --git a/src/lib/libc/crypt/crypt2.c b/src/lib/libc/crypt/crypt2.c new file mode 100644 index 00000000..0c93c120 --- /dev/null +++ b/src/lib/libc/crypt/crypt2.c @@ -0,0 +1,108 @@ +/* $OpenBSD: crypt2.c,v 1.1 2003/08/12 01:22:17 deraadt Exp $ */ + +/* + * FreeSec: libcrypt + * + * Copyright (c) 1994 David Burren + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 4. Neither the name of the author nor the names of other contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * + * This is an original implementation of the DES and the crypt(3) interfaces + * by David Burren . + * + * An excellent reference on the underlying algorithm (and related + * algorithms) is: + * + * B. Schneier, Applied Cryptography: protocols, algorithms, + * and source code in C, John Wiley & Sons, 1994. + * + * Note that in that book's description of DES the lookups for the initial, + * pbox, and final permutations are inverted (this has been brought to the + * attention of the author). A list of errata for this book has been + * posted to the sci.crypt newsgroup by the author and is available for FTP. + */ + +#if defined(LIBC_SCCS) && !defined(lint) +static char rcsid[] = "$OpenBSD: crypt2.c,v 1.1 2003/08/12 01:22:17 deraadt Exp $"; +#endif /* LIBC_SCCS and not lint */ + +#include +#include +#include +#include +#include + +#ifdef DEBUG +# include +#endif + +extern const u_char _des_bits8[8]; +extern const u_int32_t _des_bits32[32]; +extern int _des_initialised; + +int +setkey(const char *key) +{ + int i, j; + u_int32_t packed_keys[2]; + u_char *p; + + p = (u_char *) packed_keys; + + for (i = 0; i < 8; i++) { + p[i] = 0; + for (j = 0; j < 8; j++) + if (*key++ & 1) + p[i] |= _des_bits8[j]; + } + return(des_setkey(p)); +} + +int +encrypt(char *block, int flag) +{ + u_int32_t io[2]; + u_char *p; + int i, j, retval; + + if (!_des_initialised) + _des_init(); + + _des_setup_salt(0); + p = (u_char *)block; + for (i = 0; i < 2; i++) { + io[i] = 0L; + for (j = 0; j < 32; j++) + if (*p++ & 1) + io[i] |= _des_bits32[j]; + } + retval = _des_do_des(io[0], io[1], io, io + 1, flag ? -1 : 1); + for (i = 0; i < 2; i++) + for (j = 0; j < 32; j++) + block[(i << 5) | j] = (io[i] & _des_bits32[j]) ? 1 : 0; + return(retval); +}