search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[GLUE] Rsync SAMBA_3_0 SVN r25598 in order to create the v3-0-test branch.
[Samba.git] / source / tests / crypttest.c
blobefee2e593d4964a7c52fecf73eeddc453fe89d89
1 #if defined(HAVE_UNISTD_H)
2 #include <unistd.h>
3 #endif
4
5 #include <sys/types.h>
6
7 #ifdef HAVE_STRING_H
8 #include <string.h>
9 #endif
10
11 #ifdef HAVE_STRINGS_H
12 #include <strings.h>
13 #endif
14
15 #if !defined(HAVE_CRYPT)
16
17 /*
18 This bit of code was derived from the UFC-crypt package which
19 carries the following copyright
20
21 Modified for use by Samba by Andrew Tridgell, October 1994
22
23 Note that this routine is only faster on some machines. Under Linux 1.1.51
24 libc 4.5.26 I actually found this routine to be slightly slower.
25
26 Under SunOS I found a huge speedup by using these routines
27 (a factor of 20 or so)
28
29 Warning: I've had a report from Steve Kennedy <steve@gbnet.org>
30 that this crypt routine may sometimes get the wrong answer. Only
31 use UFC_CRYT if you really need it.
32
33 */
34
35 /*
36 * UFC-crypt: ultra fast crypt(3) implementation
37 *
38 * Copyright (C) 1991-1998, Free Software Foundation, Inc.
39 *
40 * This library is free software; you can redistribute it and/or
41 * modify it under the terms of the GNU Library General Public
42 * License as published by the Free Software Foundation; either
43 * version 2 of the License, or (at your option) any later version.
44 *
45 * This library is distributed in the hope that it will be useful,
46 * but WITHOUT ANY WARRANTY; without even the implied warranty of
47 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
48 * Library General Public License for more details.
49 *
50 * You should have received a copy of the GNU Library General Public
51 * License along with this library; if not, write to the Free
52 * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
53 *
54 * @(#)crypt_util.c 2.31 02/08/92
55 *
56 * Support routines
57 *
58 */
59
60
61 #ifndef long32
62 #if (SIZEOF_INT == 4)
63 #define long32 int
64 #elif (SIZEOF_LONG == 4)
65 #define long32 long
66 #elif (SIZEOF_SHORT == 4)
67 #define long32 short
68 #else
69 /* uggh - no 32 bit type?? probably a CRAY. just hope this works ... */
70 #define long32 int
71 #endif
72 #endif
73
74 #ifndef long64
75 #ifdef HAVE_LONGLONG
76 #define long64 long long long
77 #endif
78 #endif
79
80 #ifndef ufc_long
81 #define ufc_long unsigned
82 #endif
83
84 #ifndef _UFC_64_
85 #define _UFC_32_
86 #endif
87
88 /*
89 * Permutation done once on the 56 bit
90 * key derived from the original 8 byte ASCII key.
91 */
92 static int pc1[56] = {
93 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18,
94 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36,
95 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22,
96 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4
97 };
98
99 /*
100 * How much to rotate each 28 bit half of the pc1 permutated
101 * 56 bit key before using pc2 to give the i' key
102 */
103 static int rots[16] = {
104 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
105 };
106
107 /*
108 * Permutation giving the key
109 * of the i' DES round
110 */
111 static int pc2[48] = {
112 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10,
113 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2,
114 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48,
115 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32
116 };
117
118 /*
119 * The E expansion table which selects
120 * bits from the 32 bit intermediate result.
121 */
122 static int esel[48] = {
123 32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9,
124 8, 9, 10, 11, 12, 13, 12, 13, 14, 15, 16, 17,
125 16, 17, 18, 19, 20, 21, 20, 21, 22, 23, 24, 25,
126 24, 25, 26, 27, 28, 29, 28, 29, 30, 31, 32, 1
127 };
128 static int e_inverse[64];
129
130 /*
131 * Permutation done on the
132 * result of sbox lookups
133 */
134 static int perm32[32] = {
135 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
136 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
137 };
138
139 /*
140 * The sboxes
141 */
142 static int sbox[8][4][16]= {
143 { { 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7 },
144 { 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8 },
145 { 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0 },
146 { 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13 }
147 },
148
149 { { 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10 },
150 { 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5 },
151 { 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15 },
152 { 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9 }
153 },
154
155 { { 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8 },
156 { 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1 },
157 { 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7 },
158 { 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12 }
159 },
160
161 { { 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15 },
162 { 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9 },
163 { 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4 },
164 { 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14 }
165 },
166
167 { { 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9 },
168 { 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6 },
169 { 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14 },
170 { 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3 }
171 },
172
173 { { 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11 },
174 { 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8 },
175 { 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6 },
176 { 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13 }
177 },
178
179 { { 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1 },
180 { 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6 },
181 { 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2 },
182 { 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12 }
183 },
184
185 { { 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7 },
186 { 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2 },
187 { 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8 },
188 { 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 }
189 }
190 };
191
192 /*
193 * This is the final
194 * permutation matrix
195 */
196 static int final_perm[64] = {
197 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31,
198 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29,
199 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27,
200 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25
201 };
202
203 /*
204 * The 16 DES keys in BITMASK format
205 */
206 #ifdef _UFC_32_
207 long32 _ufc_keytab[16][2];
208 #endif
209
210 #ifdef _UFC_64_
211 long64 _ufc_keytab[16];
212 #endif
213
214
215 #define ascii_to_bin(c) ((c)>='a'?(c-59):(c)>='A'?((c)-53):(c)-'.')
216 #define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.')
217
218 /* Macro to set a bit (0..23) */
219 #define BITMASK(i) ( (1<<(11-(i)%12+3)) << ((i)<12?16:0) )
220
221 /*
222 * sb arrays:
223 *
224 * Workhorses of the inner loop of the DES implementation.
225 * They do sbox lookup, shifting of this value, 32 bit
226 * permutation and E permutation for the next round.
227 *
228 * Kept in 'BITMASK' format.
229 */
230
231 #ifdef _UFC_32_
232 long32 _ufc_sb0[8192], _ufc_sb1[8192], _ufc_sb2[8192], _ufc_sb3[8192];
233 static long32 *sb[4] = {_ufc_sb0, _ufc_sb1, _ufc_sb2, _ufc_sb3};
234 #endif
235
236 #ifdef _UFC_64_
237 long64 _ufc_sb0[4096], _ufc_sb1[4096], _ufc_sb2[4096], _ufc_sb3[4096];
238 static long64 *sb[4] = {_ufc_sb0, _ufc_sb1, _ufc_sb2, _ufc_sb3};
239 #endif
240
241 /*
242 * eperm32tab: do 32 bit permutation and E selection
243 *
244 * The first index is the byte number in the 32 bit value to be permuted
245 * - second - is the value of this byte
246 * - third - selects the two 32 bit values
247 *
248 * The table is used and generated internally in init_des to speed it up
249 */
250 static ufc_long eperm32tab[4][256][2];
251
252 /*
253 * do_pc1: permform pc1 permutation in the key schedule generation.
254 *
255 * The first index is the byte number in the 8 byte ASCII key
256 * - second - - the two 28 bits halfs of the result
257 * - third - selects the 7 bits actually used of each byte
258 *
259 * The result is kept with 28 bit per 32 bit with the 4 most significant
260 * bits zero.
261 */
262 static ufc_long do_pc1[8][2][128];
263
264 /*
265 * do_pc2: permform pc2 permutation in the key schedule generation.
266 *
267 * The first index is the septet number in the two 28 bit intermediate values
268 * - second - - - septet values
269 *
270 * Knowledge of the structure of the pc2 permutation is used.
271 *
272 * The result is kept with 28 bit per 32 bit with the 4 most significant
273 * bits zero.
274 */
275 static ufc_long do_pc2[8][128];
276
277 /*
278 * efp: undo an extra e selection and do final
279 * permutation giving the DES result.
280 *
281 * Invoked 6 bit a time on two 48 bit values
282 * giving two 32 bit longs.
283 */
284 static ufc_long efp[16][64][2];
285
286 static unsigned char bytemask[8] = {
287 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01
288 };
289
290 static ufc_long longmask[32] = {
291 0x80000000, 0x40000000, 0x20000000, 0x10000000,
292 0x08000000, 0x04000000, 0x02000000, 0x01000000,
293 0x00800000, 0x00400000, 0x00200000, 0x00100000,
294 0x00080000, 0x00040000, 0x00020000, 0x00010000,
295 0x00008000, 0x00004000, 0x00002000, 0x00001000,
296 0x00000800, 0x00000400, 0x00000200, 0x00000100,
297 0x00000080, 0x00000040, 0x00000020, 0x00000010,
298 0x00000008, 0x00000004, 0x00000002, 0x00000001
299 };
300
301
302 /*
303 * Silly rewrite of 'bzero'. I do so
304 * because some machines don't have
305 * bzero and some don't have memset.
306 */
307
308 static void clearmem(char *start, int cnt)
309 { while(cnt--)
310 *start++ = '\0';
311 }
312
313 static int initialized = 0;
314
315 /* lookup a 6 bit value in sbox */
316
317 #define s_lookup(i,s) sbox[(i)][(((s)>>4) & 0x2)|((s) & 0x1)][((s)>>1) & 0xf];
318
319 /*
320 * Initialize unit - may be invoked directly
321 * by fcrypt users.
322 */
323
324 static void ufc_init_des(void)
325 { int comes_from_bit;
326 int bit, sg;
327 ufc_long j;
328 ufc_long mask1, mask2;
329
330 /*
331 * Create the do_pc1 table used
332 * to affect pc1 permutation
333 * when generating keys
334 */
335 for(bit = 0; bit < 56; bit++) {
336 comes_from_bit = pc1[bit] - 1;
337 mask1 = bytemask[comes_from_bit % 8 + 1];
338 mask2 = longmask[bit % 28 + 4];
339 for(j = 0; j < 128; j++) {
340 if(j & mask1)
341 do_pc1[comes_from_bit / 8][bit / 28][j] |= mask2;
342 }
343 }
344
345 /*
346 * Create the do_pc2 table used
347 * to affect pc2 permutation when
348 * generating keys
349 */
350 for(bit = 0; bit < 48; bit++) {
351 comes_from_bit = pc2[bit] - 1;
352 mask1 = bytemask[comes_from_bit % 7 + 1];
353 mask2 = BITMASK(bit % 24);
354 for(j = 0; j < 128; j++) {
355 if(j & mask1)
356 do_pc2[comes_from_bit / 7][j] |= mask2;
357 }
358 }
359
360 /*
361 * Now generate the table used to do combined
362 * 32 bit permutation and e expansion
363 *
364 * We use it because we have to permute 16384 32 bit
365 * longs into 48 bit in order to initialize sb.
366 *
367 * Looping 48 rounds per permutation becomes
368 * just too slow...
369 *
370 */
371
372 clearmem((char*)eperm32tab, sizeof(eperm32tab));
373
374 for(bit = 0; bit < 48; bit++) {
375 ufc_long inner_mask1,comes_from;
376
377 comes_from = perm32[esel[bit]-1]-1;
378 inner_mask1 = bytemask[comes_from % 8];
379
380 for(j = 256; j--;) {
381 if(j & inner_mask1)
382 eperm32tab[comes_from / 8][j][bit / 24] |= BITMASK(bit % 24);
383 }
384 }
385
386 /*
387 * Create the sb tables:
388 *
389 * For each 12 bit segment of an 48 bit intermediate
390 * result, the sb table precomputes the two 4 bit
391 * values of the sbox lookups done with the two 6
392 * bit halves, shifts them to their proper place,
393 * sends them through perm32 and finally E expands
394 * them so that they are ready for the next
395 * DES round.
396 *
397 */
398 for(sg = 0; sg < 4; sg++) {
399 int j1, j2;
400 int s1, s2;
401
402 for(j1 = 0; j1 < 64; j1++) {
403 s1 = s_lookup(2 * sg, j1);
404 for(j2 = 0; j2 < 64; j2++) {
405 ufc_long to_permute, inx;
406
407 s2 = s_lookup(2 * sg + 1, j2);
408 to_permute = ((s1 << 4) | s2) << (24 - 8 * sg);
409
410 #ifdef _UFC_32_
411 inx = ((j1 << 6) | j2) << 1;
412 sb[sg][inx ] = eperm32tab[0][(to_permute >> 24) & 0xff][0];
413 sb[sg][inx+1] = eperm32tab[0][(to_permute >> 24) & 0xff][1];
414 sb[sg][inx ] |= eperm32tab[1][(to_permute >> 16) & 0xff][0];
415 sb[sg][inx+1] |= eperm32tab[1][(to_permute >> 16) & 0xff][1];
416 sb[sg][inx ] |= eperm32tab[2][(to_permute >> 8) & 0xff][0];
417 sb[sg][inx+1] |= eperm32tab[2][(to_permute >> 8) & 0xff][1];
418 sb[sg][inx ] |= eperm32tab[3][(to_permute) & 0xff][0];
419 sb[sg][inx+1] |= eperm32tab[3][(to_permute) & 0xff][1];
420 #endif
421 #ifdef _UFC_64_
422 inx = ((j1 << 6) | j2);
423 sb[sg][inx] =
424 ((long64)eperm32tab[0][(to_permute >> 24) & 0xff][0] << 32) |
425 (long64)eperm32tab[0][(to_permute >> 24) & 0xff][1];
426 sb[sg][inx] |=
427 ((long64)eperm32tab[1][(to_permute >> 16) & 0xff][0] << 32) |
428 (long64)eperm32tab[1][(to_permute >> 16) & 0xff][1];
429 sb[sg][inx] |=
430 ((long64)eperm32tab[2][(to_permute >> 8) & 0xff][0] << 32) |
431 (long64)eperm32tab[2][(to_permute >> 8) & 0xff][1];
432 sb[sg][inx] |=
433 ((long64)eperm32tab[3][(to_permute) & 0xff][0] << 32) |
434 (long64)eperm32tab[3][(to_permute) & 0xff][1];
435 #endif
436 }
437 }
438 }
439
440 /*
441 * Create an inverse matrix for esel telling
442 * where to plug out bits if undoing it
443 */
444 for(bit=48; bit--;) {
445 e_inverse[esel[bit] - 1 ] = bit;
446 e_inverse[esel[bit] - 1 + 32] = bit + 48;
447 }
448
449 /*
450 * create efp: the matrix used to
451 * undo the E expansion and effect final permutation
452 */
453 clearmem((char*)efp, sizeof efp);
454 for(bit = 0; bit < 64; bit++) {
455 int o_bit, o_long;
456 ufc_long word_value, inner_mask1, inner_mask2;
457 int comes_from_f_bit, comes_from_e_bit;
458 int comes_from_word, bit_within_word;
459
460 /* See where bit i belongs in the two 32 bit long's */
461 o_long = bit / 32; /* 0..1 */
462 o_bit = bit % 32; /* 0..31 */
463
464 /*
465 * And find a bit in the e permutated value setting this bit.
466 *
467 * Note: the e selection may have selected the same bit several
468 * times. By the initialization of e_inverse, we only look
469 * for one specific instance.
470 */
471 comes_from_f_bit = final_perm[bit] - 1; /* 0..63 */
472 comes_from_e_bit = e_inverse[comes_from_f_bit]; /* 0..95 */
473 comes_from_word = comes_from_e_bit / 6; /* 0..15 */
474 bit_within_word = comes_from_e_bit % 6; /* 0..5 */
475
476 inner_mask1 = longmask[bit_within_word + 26];
477 inner_mask2 = longmask[o_bit];
478
479 for(word_value = 64; word_value--;) {
480 if(word_value & inner_mask1)
481 efp[comes_from_word][word_value][o_long] |= inner_mask2;
482 }
483 }
484 initialized++;
485 }
486
487 /*
488 * Process the elements of the sb table permuting the
489 * bits swapped in the expansion by the current salt.
490 */
491
492 #ifdef _UFC_32_
493 static void shuffle_sb(long32 *k, ufc_long saltbits)
494 { ufc_long j;
495 long32 x;
496 for(j=4096; j--;) {
497 x = (k[0] ^ k[1]) & (long32)saltbits;
498 *k++ ^= x;
499 *k++ ^= x;
500 }
501 }
502 #endif
503
504 #ifdef _UFC_64_
505 static void shuffle_sb(long64 *k, ufc_long saltbits)
506 { ufc_long j;
507 long64 x;
508 for(j=4096; j--;) {
509 x = ((*k >> 32) ^ *k) & (long64)saltbits;
510 *k++ ^= (x << 32) | x;
511 }
512 }
513 #endif
514
515 /*
516 * Setup the unit for a new salt
517 * Hopefully we'll not see a new salt in each crypt call.
518 */
519
520 static unsigned char current_salt[3] = "&&"; /* invalid value */
521 static ufc_long current_saltbits = 0;
522 static int direction = 0;
523
524 static void setup_salt(const char *s1)
525 { ufc_long i, j, saltbits;
526 const unsigned char *s2 = (const unsigned char *)s1;
527
528 if(!initialized)
529 ufc_init_des();
530
531 if(s2[0] == current_salt[0] && s2[1] == current_salt[1])
532 return;
533 current_salt[0] = s2[0]; current_salt[1] = s2[1];
534
535 /*
536 * This is the only crypt change to DES:
537 * entries are swapped in the expansion table
538 * according to the bits set in the salt.
539 */
540 saltbits = 0;
541 for(i = 0; i < 2; i++) {
542 long c=ascii_to_bin(s2[i]);
543 if(c < 0 || c > 63)
544 c = 0;
545 for(j = 0; j < 6; j++) {
546 if((c >> j) & 0x1)
547 saltbits |= BITMASK(6 * i + j);
548 }
549 }
550
551 /*
552 * Permute the sb table values
553 * to reflect the changed e
554 * selection table
555 */
556 shuffle_sb(_ufc_sb0, current_saltbits ^ saltbits);
557 shuffle_sb(_ufc_sb1, current_saltbits ^ saltbits);
558 shuffle_sb(_ufc_sb2, current_saltbits ^ saltbits);
559 shuffle_sb(_ufc_sb3, current_saltbits ^ saltbits);
560
561 current_saltbits = saltbits;
562 }
563
564 static void ufc_mk_keytab(char *key)
565 { ufc_long v1, v2, *k1;
566 int i;
567 #ifdef _UFC_32_
568 long32 v, *k2 = &_ufc_keytab[0][0];
569 #endif
570 #ifdef _UFC_64_
571 long64 v, *k2 = &_ufc_keytab[0];
572 #endif
573
574 v1 = v2 = 0; k1 = &do_pc1[0][0][0];
575 for(i = 8; i--;) {
576 v1 |= k1[*key & 0x7f]; k1 += 128;
577 v2 |= k1[*key++ & 0x7f]; k1 += 128;
578 }
579
580 for(i = 0; i < 16; i++) {
581 k1 = &do_pc2[0][0];
582
583 v1 = (v1 << rots[i]) | (v1 >> (28 - rots[i]));
584 v = k1[(v1 >> 21) & 0x7f]; k1 += 128;
585 v |= k1[(v1 >> 14) & 0x7f]; k1 += 128;
586 v |= k1[(v1 >> 7) & 0x7f]; k1 += 128;
587 v |= k1[(v1 ) & 0x7f]; k1 += 128;
588
589 #ifdef _UFC_32_
590 *k2++ = v;
591 v = 0;
592 #endif
593 #ifdef _UFC_64_
594 v <<= 32;
595 #endif
596
597 v2 = (v2 << rots[i]) | (v2 >> (28 - rots[i]));
598 v |= k1[(v2 >> 21) & 0x7f]; k1 += 128;
599 v |= k1[(v2 >> 14) & 0x7f]; k1 += 128;
600 v |= k1[(v2 >> 7) & 0x7f]; k1 += 128;
601 v |= k1[(v2 ) & 0x7f];
602
603 *k2++ = v;
604 }
605
606 direction = 0;
607 }
608
609 /*
610 * Undo an extra E selection and do final permutations
611 */
612
613 ufc_long *_ufc_dofinalperm(ufc_long l1, ufc_long l2, ufc_long r1, ufc_long r2)
614 { ufc_long v1, v2, x;
615 static ufc_long ary[2];
616
617 x = (l1 ^ l2) & current_saltbits; l1 ^= x; l2 ^= x;
618 x = (r1 ^ r2) & current_saltbits; r1 ^= x; r2 ^= x;
619
620 v1=v2=0; l1 >>= 3; l2 >>= 3; r1 >>= 3; r2 >>= 3;
621
622 v1 |= efp[15][ r2 & 0x3f][0]; v2 |= efp[15][ r2 & 0x3f][1];
623 v1 |= efp[14][(r2 >>= 6) & 0x3f][0]; v2 |= efp[14][ r2 & 0x3f][1];
624 v1 |= efp[13][(r2 >>= 10) & 0x3f][0]; v2 |= efp[13][ r2 & 0x3f][1];
625 v1 |= efp[12][(r2 >>= 6) & 0x3f][0]; v2 |= efp[12][ r2 & 0x3f][1];
626
627 v1 |= efp[11][ r1 & 0x3f][0]; v2 |= efp[11][ r1 & 0x3f][1];
628 v1 |= efp[10][(r1 >>= 6) & 0x3f][0]; v2 |= efp[10][ r1 & 0x3f][1];
629 v1 |= efp[ 9][(r1 >>= 10) & 0x3f][0]; v2 |= efp[ 9][ r1 & 0x3f][1];
630 v1 |= efp[ 8][(r1 >>= 6) & 0x3f][0]; v2 |= efp[ 8][ r1 & 0x3f][1];
631
632 v1 |= efp[ 7][ l2 & 0x3f][0]; v2 |= efp[ 7][ l2 & 0x3f][1];
633 v1 |= efp[ 6][(l2 >>= 6) & 0x3f][0]; v2 |= efp[ 6][ l2 & 0x3f][1];
634 v1 |= efp[ 5][(l2 >>= 10) & 0x3f][0]; v2 |= efp[ 5][ l2 & 0x3f][1];
635 v1 |= efp[ 4][(l2 >>= 6) & 0x3f][0]; v2 |= efp[ 4][ l2 & 0x3f][1];
636
637 v1 |= efp[ 3][ l1 & 0x3f][0]; v2 |= efp[ 3][ l1 & 0x3f][1];
638 v1 |= efp[ 2][(l1 >>= 6) & 0x3f][0]; v2 |= efp[ 2][ l1 & 0x3f][1];
639 v1 |= efp[ 1][(l1 >>= 10) & 0x3f][0]; v2 |= efp[ 1][ l1 & 0x3f][1];
640 v1 |= efp[ 0][(l1 >>= 6) & 0x3f][0]; v2 |= efp[ 0][ l1 & 0x3f][1];
641
642 ary[0] = v1; ary[1] = v2;
643 return ary;
644 }
645
646 /*
647 * crypt only: convert from 64 bit to 11 bit ASCII
648 * prefixing with the salt
649 */
650
651 static char *output_conversion(ufc_long v1, ufc_long v2, const char *salt)
652 { static char outbuf[14];
653 int i, s;
654
655 outbuf[0] = salt[0];
656 outbuf[1] = salt[1] ? salt[1] : salt[0];
657
658 for(i = 0; i < 5; i++)
659 outbuf[i + 2] = bin_to_ascii((v1 >> (26 - 6 * i)) & 0x3f);
660
661 s = (v2 & 0xf) << 2;
662 v2 = (v2 >> 2) | ((v1 & 0x3) << 30);
663
664 for(i = 5; i < 10; i++)
665 outbuf[i + 2] = bin_to_ascii((v2 >> (56 - 6 * i)) & 0x3f);
666
667 outbuf[12] = bin_to_ascii(s);
668 outbuf[13] = 0;
669
670 return outbuf;
671 }
672
673 /*
674 * UNIX crypt function
675 */
676
677 static ufc_long *_ufc_doit(ufc_long , ufc_long, ufc_long, ufc_long, ufc_long);
678
679 char *ufc_crypt(const char *key,const char *salt)
680 { ufc_long *s;
681 char ktab[9];
682
683 /*
684 * Hack DES tables according to salt
685 */
686 setup_salt(salt);
687
688 /*
689 * Setup key schedule
690 */
691 clearmem(ktab, sizeof ktab);
692 strncpy(ktab, key, 8);
693 ufc_mk_keytab(ktab);
694
695 /*
696 * Go for the 25 DES encryptions
697 */
698 s = _ufc_doit((ufc_long)0, (ufc_long)0,
699 (ufc_long)0, (ufc_long)0, (ufc_long)25);
700
701 /*
702 * And convert back to 6 bit ASCII
703 */
704 return output_conversion(s[0], s[1], salt);
705 }
706
707
708 #ifdef _UFC_32_
709
710 /*
711 * 32 bit version
712 */
713
714 extern long32 _ufc_keytab[16][2];
715 extern long32 _ufc_sb0[], _ufc_sb1[], _ufc_sb2[], _ufc_sb3[];
716
717 #define SBA(sb, v) (*(long32*)((char*)(sb)+(v)))
718
719 static ufc_long *_ufc_doit(ufc_long l1, ufc_long l2, ufc_long r1, ufc_long r2, ufc_long itr)
720 { int i;
721 long32 s, *k;
722
723 while(itr--) {
724 k = &_ufc_keytab[0][0];
725 for(i=8; i--; ) {
726 s = *k++ ^ r1;
727 l1 ^= SBA(_ufc_sb1, s & 0xffff); l2 ^= SBA(_ufc_sb1, (s & 0xffff)+4);
728 l1 ^= SBA(_ufc_sb0, s >>= 16); l2 ^= SBA(_ufc_sb0, (s) +4);
729 s = *k++ ^ r2;
730 l1 ^= SBA(_ufc_sb3, s & 0xffff); l2 ^= SBA(_ufc_sb3, (s & 0xffff)+4);
731 l1 ^= SBA(_ufc_sb2, s >>= 16); l2 ^= SBA(_ufc_sb2, (s) +4);
732
733 s = *k++ ^ l1;
734 r1 ^= SBA(_ufc_sb1, s & 0xffff); r2 ^= SBA(_ufc_sb1, (s & 0xffff)+4);
735 r1 ^= SBA(_ufc_sb0, s >>= 16); r2 ^= SBA(_ufc_sb0, (s) +4);
736 s = *k++ ^ l2;
737 r1 ^= SBA(_ufc_sb3, s & 0xffff); r2 ^= SBA(_ufc_sb3, (s & 0xffff)+4);
738 r1 ^= SBA(_ufc_sb2, s >>= 16); r2 ^= SBA(_ufc_sb2, (s) +4);
739 }
740 s=l1; l1=r1; r1=s; s=l2; l2=r2; r2=s;
741 }
742 return _ufc_dofinalperm(l1, l2, r1, r2);
743 }
744
745 #endif
746
747 #ifdef _UFC_64_
748
749 /*
750 * 64 bit version
751 */
752
753 extern long64 _ufc_keytab[16];
754 extern long64 _ufc_sb0[], _ufc_sb1[], _ufc_sb2[], _ufc_sb3[];
755
756 #define SBA(sb, v) (*(long64*)((char*)(sb)+(v)))
757
758 static ufc_long *_ufc_doit(ufc_long l1, ufc_long l2, ufc_long r1, ufc_long r2, ufc_long itr)
759 { int i;
760 long64 l, r, s, *k;
761
762 l = (((long64)l1) << 32) | ((long64)l2);
763 r = (((long64)r1) << 32) | ((long64)r2);
764
765 while(itr--) {
766 k = &_ufc_keytab[0];
767 for(i=8; i--; ) {
768 s = *k++ ^ r;
769 l ^= SBA(_ufc_sb3, (s >> 0) & 0xffff);
770 l ^= SBA(_ufc_sb2, (s >> 16) & 0xffff);
771 l ^= SBA(_ufc_sb1, (s >> 32) & 0xffff);
772 l ^= SBA(_ufc_sb0, (s >> 48) & 0xffff);
773
774 s = *k++ ^ l;
775 r ^= SBA(_ufc_sb3, (s >> 0) & 0xffff);
776 r ^= SBA(_ufc_sb2, (s >> 16) & 0xffff);
777 r ^= SBA(_ufc_sb1, (s >> 32) & 0xffff);
778 r ^= SBA(_ufc_sb0, (s >> 48) & 0xffff);
779 }
780 s=l; l=r; r=s;
781 }
782
783 l1 = l >> 32; l2 = l & 0xffffffff;
784 r1 = r >> 32; r2 = r & 0xffffffff;
785 return _ufc_dofinalperm(l1, l2, r1, r2);
786 }
787
788 #endif
789
790 #define crypt ufc_crypt
791 #endif
792
793 main()
794 {
795 char passwd[9];
796 char salt[9];
797 char c_out1[256];
798 char c_out2[256];
799
800 char expected_out[14];
801
802 strcpy(expected_out, "12yJ.Of/NQ.Pk");
803 strcpy(passwd, "12345678");
804 strcpy(salt, "12345678");
805
806 strcpy(c_out1, crypt(passwd, salt));
807 salt[2] = '\0';
808 strcpy(c_out2, crypt(passwd, salt));
809
810 /*
811 * If the non-trucated salt fails but the
812 * truncated salt succeeds then exit 1.
813 */
814
815 if((strcmp(c_out1, expected_out) != 0) &&
816 (strcmp(c_out2, expected_out) == 0))
817 exit(1);
818
819 #ifdef HAVE_BIGCRYPT
820 /*
821 * Try the same with bigcrypt...
822 */
823
824 {
825 char big_passwd[17];
826 char big_salt[17];
827 char big_c_out1[256];
828 char big_c_out2[256];
829 char big_expected_out[27];
830
831 strcpy(big_passwd, "1234567812345678");
832 strcpy(big_salt, "1234567812345678");
833 strcpy(big_expected_out, "12yJ.Of/NQ.PklfyCuHi/rwM");
834
835 strcpy(big_c_out1, bigcrypt(big_passwd, big_salt));
836 big_salt[2] = '\0';
837 strcpy(big_c_out2, bigcrypt(big_passwd, big_salt));
838
839 /*
840 * If the non-trucated salt fails but the
841 * truncated salt succeeds then exit 1.
842 */
843
844 if((strcmp(big_c_out1, big_expected_out) != 0) &&
845 (strcmp(big_c_out2, big_expected_out) == 0))
846 exit(1);
847
848 }
849 #endif
850
851 exit(0);
852 }
Samba GIT mirror