search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix problem with reuse of test-strcpy for wide char testing
[glibc.git] / crypt / crypt_util.c
blob04b262d9c898d4c854d8b75ca13761e2a356284c
1 /*
2 * UFC-crypt: ultra fast crypt(3) implementation
3 *
4 * Copyright (C) 1991-1993,1996-1998,2000,2010,2011
5 * Free Software Foundation, Inc.
6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; see the file COPYING.LIB. If not,
19 * write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
20 * Boston, MA 02111-1307, USA.
21 *
22 * @(#)crypt_util.c 2.56 12/20/96
23 *
24 * Support routines
25 *
26 */
27
28 #ifdef DEBUG
29 #include <stdio.h>
30 #endif
31 #include <atomic.h>
32 #include <string.h>
33
34 #ifndef STATIC
35 #define STATIC static
36 #endif
37
38 #ifndef DOS
39 #include "ufc-crypt.h"
40 #else
41 /*
42 * Thanks to greg%wind@plains.NoDak.edu (Greg W. Wettstein)
43 * for DOS patches
44 */
45 #include "pl.h"
46 #include "ufc.h"
47 #endif
48 #include "crypt.h"
49 #include "crypt-private.h"
50
51 /* Prototypes for local functions. */
52 #if __STDC__ - 0
53 #ifndef __GNU_LIBRARY__
54 void _ufc_clearmem (char *start, int cnt);
55 void _ufc_copymem (char *from, char *to, int cnt);
56 #endif
57 #ifdef _UFC_32_
58 STATIC void shuffle_sb (long32 *k, ufc_long saltbits);
59 #else
60 STATIC void shuffle_sb (long64 *k, ufc_long saltbits);
61 #endif
62 #endif
63
64
65 /*
66 * Permutation done once on the 56 bit
67 * key derived from the original 8 byte ASCII key.
68 */
69 static const int pc1[56] = {
70 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18,
71 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36,
72 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22,
73 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4
74 };
75
76 /*
77 * How much to rotate each 28 bit half of the pc1 permutated
78 * 56 bit key before using pc2 to give the i' key
79 */
80 static const int rots[16] = {
81 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
82 };
83
84 /*
85 * Permutation giving the key
86 * of the i' DES round
87 */
88 static const int pc2[48] = {
89 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10,
90 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2,
91 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48,
92 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32
93 };
94
95 /*
96 * The E expansion table which selects
97 * bits from the 32 bit intermediate result.
98 */
99 static const int esel[48] = {
100 32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9,
101 8, 9, 10, 11, 12, 13, 12, 13, 14, 15, 16, 17,
102 16, 17, 18, 19, 20, 21, 20, 21, 22, 23, 24, 25,
103 24, 25, 26, 27, 28, 29, 28, 29, 30, 31, 32, 1
104 };
105
106 /*
107 * Permutation done on the
108 * result of sbox lookups
109 */
110 static const int perm32[32] = {
111 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
112 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
113 };
114
115 /*
116 * The sboxes
117 */
118 static const int sbox[8][4][16]= {
119 { { 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7 },
120 { 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8 },
121 { 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0 },
122 { 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13 }
123 },
124
125 { { 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10 },
126 { 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5 },
127 { 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15 },
128 { 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9 }
129 },
130
131 { { 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8 },
132 { 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1 },
133 { 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7 },
134 { 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12 }
135 },
136
137 { { 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15 },
138 { 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9 },
139 { 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4 },
140 { 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14 }
141 },
142
143 { { 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9 },
144 { 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6 },
145 { 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14 },
146 { 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3 }
147 },
148
149 { { 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11 },
150 { 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8 },
151 { 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6 },
152 { 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13 }
153 },
154
155 { { 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1 },
156 { 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6 },
157 { 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2 },
158 { 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12 }
159 },
160
161 { { 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7 },
162 { 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2 },
163 { 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8 },
164 { 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 }
165 }
166 };
167
168 /*
169 * This is the initial
170 * permutation matrix
171 */
172 static const int initial_perm[64] = {
173 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4,
174 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8,
175 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3,
176 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7
177 };
178
179 /*
180 * This is the final
181 * permutation matrix
182 */
183 static const int final_perm[64] = {
184 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31,
185 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29,
186 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27,
187 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25
188 };
189
190 #define ascii_to_bin(c) ((c)>='a'?(c-59):(c)>='A'?((c)-53):(c)-'.')
191 #define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.')
192
193 static const ufc_long BITMASK[24] = {
194 0x40000000, 0x20000000, 0x10000000, 0x08000000, 0x04000000, 0x02000000,
195 0x01000000, 0x00800000, 0x00400000, 0x00200000, 0x00100000, 0x00080000,
196 0x00004000, 0x00002000, 0x00001000, 0x00000800, 0x00000400, 0x00000200,
197 0x00000100, 0x00000080, 0x00000040, 0x00000020, 0x00000010, 0x00000008
198 };
199
200 static const unsigned char bytemask[8] = {
201 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01
202 };
203
204 static const ufc_long longmask[32] = {
205 0x80000000, 0x40000000, 0x20000000, 0x10000000,
206 0x08000000, 0x04000000, 0x02000000, 0x01000000,
207 0x00800000, 0x00400000, 0x00200000, 0x00100000,
208 0x00080000, 0x00040000, 0x00020000, 0x00010000,
209 0x00008000, 0x00004000, 0x00002000, 0x00001000,
210 0x00000800, 0x00000400, 0x00000200, 0x00000100,
211 0x00000080, 0x00000040, 0x00000020, 0x00000010,
212 0x00000008, 0x00000004, 0x00000002, 0x00000001
213 };
214
215 /*
216 * do_pc1: permform pc1 permutation in the key schedule generation.
217 *
218 * The first index is the byte number in the 8 byte ASCII key
219 * - second - - the two 28 bits halfs of the result
220 * - third - selects the 7 bits actually used of each byte
221 *
222 * The result is kept with 28 bit per 32 bit with the 4 most significant
223 * bits zero.
224 */
225 static ufc_long do_pc1[8][2][128];
226
227 /*
228 * do_pc2: permform pc2 permutation in the key schedule generation.
229 *
230 * The first index is the septet number in the two 28 bit intermediate values
231 * - second - - - septet values
232 *
233 * Knowledge of the structure of the pc2 permutation is used.
234 *
235 * The result is kept with 28 bit per 32 bit with the 4 most significant
236 * bits zero.
237 */
238 static ufc_long do_pc2[8][128];
239
240 /*
241 * eperm32tab: do 32 bit permutation and E selection
242 *
243 * The first index is the byte number in the 32 bit value to be permuted
244 * - second - is the value of this byte
245 * - third - selects the two 32 bit values
246 *
247 * The table is used and generated internally in init_des to speed it up
248 */
249 static ufc_long eperm32tab[4][256][2];
250
251 /*
252 * efp: undo an extra e selection and do final
253 * permutation giving the DES result.
254 *
255 * Invoked 6 bit a time on two 48 bit values
256 * giving two 32 bit longs.
257 */
258 static ufc_long efp[16][64][2];
259
260 /*
261 * For use by the old, non-reentrant routines
262 * (crypt/encrypt/setkey)
263 */
264 struct crypt_data _ufc_foobar;
265
266 #ifdef __GNU_LIBRARY__
267 #include <bits/libc-lock.h>
268
269 __libc_lock_define_initialized (static, _ufc_tables_lock)
270 #endif
271
272 #ifdef DEBUG
273
274 void
275 _ufc_prbits(a, n)
276 ufc_long *a;
277 int n;
278 {
279 ufc_long i, j, t, tmp;
280 n /= 8;
281 for(i = 0; i < n; i++) {
282 tmp=0;
283 for(j = 0; j < 8; j++) {
284 t=8*i+j;
285 tmp|=(a[t/24] & BITMASK[t % 24])?bytemask[j]:0;
286 }
287 (void)printf("%02x ",tmp);
288 }
289 printf(" ");
290 }
291
292 static void
293 _ufc_set_bits(v, b)
294 ufc_long v;
295 ufc_long *b;
296 {
297 ufc_long i;
298 *b = 0;
299 for(i = 0; i < 24; i++) {
300 if(v & longmask[8 + i])
301 *b |= BITMASK[i];
302 }
303 }
304
305 #endif
306
307 #ifndef __GNU_LIBRARY__
308 /*
309 * Silly rewrites of 'bzero'/'memset'. I do so
310 * because some machines don't have
311 * bzero and some don't have memset.
312 */
313
314 void
315 _ufc_clearmem(start, cnt)
316 char *start;
317 int cnt;
318 {
319 while(cnt--)
320 *start++ = '\0';
321 }
322
323 void
324 _ufc_copymem(from, to, cnt)
325 char *from, *to;
326 int cnt;
327 {
328 while(cnt--)
329 *to++ = *from++;
330 }
331 #else
332 #define _ufc_clearmem(start, cnt) memset(start, 0, cnt)
333 #define _ufc_copymem(from, to, cnt) memcpy(to, from, cnt)
334 #endif
335
336 /* lookup a 6 bit value in sbox */
337
338 #define s_lookup(i,s) sbox[(i)][(((s)>>4) & 0x2)|((s) & 0x1)][((s)>>1) & 0xf];
339
340 /*
341 * Initialize unit - may be invoked directly
342 * by fcrypt users.
343 */
344
345 void
346 __init_des_r(__data)
347 struct crypt_data * __restrict __data;
348 {
349 int comes_from_bit;
350 int bit, sg;
351 ufc_long j;
352 ufc_long mask1, mask2;
353 int e_inverse[64];
354 static volatile int small_tables_initialized = 0;
355
356 #ifdef _UFC_32_
357 long32 *sb[4];
358 sb[0] = (long32*)__data->sb0; sb[1] = (long32*)__data->sb1;
359 sb[2] = (long32*)__data->sb2; sb[3] = (long32*)__data->sb3;
360 #endif
361 #ifdef _UFC_64_
362 long64 *sb[4];
363 sb[0] = (long64*)__data->sb0; sb[1] = (long64*)__data->sb1;
364 sb[2] = (long64*)__data->sb2; sb[3] = (long64*)__data->sb3;
365 #endif
366
367 if(small_tables_initialized == 0) {
368 #ifdef __GNU_LIBRARY__
369 __libc_lock_lock (_ufc_tables_lock);
370 if(small_tables_initialized)
371 goto small_tables_done;
372 #endif
373
374 /*
375 * Create the do_pc1 table used
376 * to affect pc1 permutation
377 * when generating keys
378 */
379 _ufc_clearmem((char*)do_pc1, (int)sizeof(do_pc1));
380 for(bit = 0; bit < 56; bit++) {
381 comes_from_bit = pc1[bit] - 1;
382 mask1 = bytemask[comes_from_bit % 8 + 1];
383 mask2 = longmask[bit % 28 + 4];
384 for(j = 0; j < 128; j++) {
385 if(j & mask1)
386 do_pc1[comes_from_bit / 8][bit / 28][j] |= mask2;
387 }
388 }
389
390 /*
391 * Create the do_pc2 table used
392 * to affect pc2 permutation when
393 * generating keys
394 */
395 _ufc_clearmem((char*)do_pc2, (int)sizeof(do_pc2));
396 for(bit = 0; bit < 48; bit++) {
397 comes_from_bit = pc2[bit] - 1;
398 mask1 = bytemask[comes_from_bit % 7 + 1];
399 mask2 = BITMASK[bit % 24];
400 for(j = 0; j < 128; j++) {
401 if(j & mask1)
402 do_pc2[comes_from_bit / 7][j] |= mask2;
403 }
404 }
405
406 /*
407 * Now generate the table used to do combined
408 * 32 bit permutation and e expansion
409 *
410 * We use it because we have to permute 16384 32 bit
411 * longs into 48 bit in order to initialize sb.
412 *
413 * Looping 48 rounds per permutation becomes
414 * just too slow...
415 *
416 */
417
418 _ufc_clearmem((char*)eperm32tab, (int)sizeof(eperm32tab));
419 for(bit = 0; bit < 48; bit++) {
420 ufc_long mask1,comes_from;
421 comes_from = perm32[esel[bit]-1]-1;
422 mask1 = bytemask[comes_from % 8];
423 for(j = 256; j--;) {
424 if(j & mask1)
425 eperm32tab[comes_from / 8][j][bit / 24] |= BITMASK[bit % 24];
426 }
427 }
428
429 /*
430 * Create an inverse matrix for esel telling
431 * where to plug out bits if undoing it
432 */
433 for(bit=48; bit--;) {
434 e_inverse[esel[bit] - 1 ] = bit;
435 e_inverse[esel[bit] - 1 + 32] = bit + 48;
436 }
437
438 /*
439 * create efp: the matrix used to
440 * undo the E expansion and effect final permutation
441 */
442 _ufc_clearmem((char*)efp, (int)sizeof efp);
443 for(bit = 0; bit < 64; bit++) {
444 int o_bit, o_long;
445 ufc_long word_value, mask1, mask2;
446 int comes_from_f_bit, comes_from_e_bit;
447 int comes_from_word, bit_within_word;
448
449 /* See where bit i belongs in the two 32 bit long's */
450 o_long = bit / 32; /* 0..1 */
451 o_bit = bit % 32; /* 0..31 */
452
453 /*
454 * And find a bit in the e permutated value setting this bit.
455 *
456 * Note: the e selection may have selected the same bit several
457 * times. By the initialization of e_inverse, we only look
458 * for one specific instance.
459 */
460 comes_from_f_bit = final_perm[bit] - 1; /* 0..63 */
461 comes_from_e_bit = e_inverse[comes_from_f_bit]; /* 0..95 */
462 comes_from_word = comes_from_e_bit / 6; /* 0..15 */
463 bit_within_word = comes_from_e_bit % 6; /* 0..5 */
464
465 mask1 = longmask[bit_within_word + 26];
466 mask2 = longmask[o_bit];
467
468 for(word_value = 64; word_value--;) {
469 if(word_value & mask1)
470 efp[comes_from_word][word_value][o_long] |= mask2;
471 }
472 }
473 atomic_write_barrier ();
474 small_tables_initialized = 1;
475 #ifdef __GNU_LIBRARY__
476 small_tables_done:
477 __libc_lock_unlock(_ufc_tables_lock);
478 #endif
479 } else
480 atomic_read_barrier ();
481
482 /*
483 * Create the sb tables:
484 *
485 * For each 12 bit segment of an 48 bit intermediate
486 * result, the sb table precomputes the two 4 bit
487 * values of the sbox lookups done with the two 6
488 * bit halves, shifts them to their proper place,
489 * sends them through perm32 and finally E expands
490 * them so that they are ready for the next
491 * DES round.
492 *
493 */
494
495 if (__data->sb0 + sizeof (__data->sb0) == __data->sb1
496 && __data->sb1 + sizeof (__data->sb1) == __data->sb2
497 && __data->sb2 + sizeof (__data->sb2) == __data->sb3)
498 _ufc_clearmem(__data->sb0,
499 (int)sizeof(__data->sb0)
500 + (int)sizeof(__data->sb1)
501 + (int)sizeof(__data->sb2)
502 + (int)sizeof(__data->sb3));
503 else {
504 _ufc_clearmem(__data->sb0, (int)sizeof(__data->sb0));
505 _ufc_clearmem(__data->sb1, (int)sizeof(__data->sb1));
506 _ufc_clearmem(__data->sb2, (int)sizeof(__data->sb2));
507 _ufc_clearmem(__data->sb3, (int)sizeof(__data->sb3));
508 }
509
510 for(sg = 0; sg < 4; sg++) {
511 int j1, j2;
512 int s1, s2;
513
514 for(j1 = 0; j1 < 64; j1++) {
515 s1 = s_lookup(2 * sg, j1);
516 for(j2 = 0; j2 < 64; j2++) {
517 ufc_long to_permute, inx;
518
519 s2 = s_lookup(2 * sg + 1, j2);
520 to_permute = (((ufc_long)s1 << 4) |
521 (ufc_long)s2) << (24 - 8 * (ufc_long)sg);
522
523 #ifdef _UFC_32_
524 inx = ((j1 << 6) | j2) << 1;
525 sb[sg][inx ] = eperm32tab[0][(to_permute >> 24) & 0xff][0];
526 sb[sg][inx+1] = eperm32tab[0][(to_permute >> 24) & 0xff][1];
527 sb[sg][inx ] |= eperm32tab[1][(to_permute >> 16) & 0xff][0];
528 sb[sg][inx+1] |= eperm32tab[1][(to_permute >> 16) & 0xff][1];
529 sb[sg][inx ] |= eperm32tab[2][(to_permute >> 8) & 0xff][0];
530 sb[sg][inx+1] |= eperm32tab[2][(to_permute >> 8) & 0xff][1];
531 sb[sg][inx ] |= eperm32tab[3][(to_permute) & 0xff][0];
532 sb[sg][inx+1] |= eperm32tab[3][(to_permute) & 0xff][1];
533 #endif
534 #ifdef _UFC_64_
535 inx = ((j1 << 6) | j2);
536 sb[sg][inx] =
537 ((long64)eperm32tab[0][(to_permute >> 24) & 0xff][0] << 32) |
538 (long64)eperm32tab[0][(to_permute >> 24) & 0xff][1];
539 sb[sg][inx] |=
540 ((long64)eperm32tab[1][(to_permute >> 16) & 0xff][0] << 32) |
541 (long64)eperm32tab[1][(to_permute >> 16) & 0xff][1];
542 sb[sg][inx] |=
543 ((long64)eperm32tab[2][(to_permute >> 8) & 0xff][0] << 32) |
544 (long64)eperm32tab[2][(to_permute >> 8) & 0xff][1];
545 sb[sg][inx] |=
546 ((long64)eperm32tab[3][(to_permute) & 0xff][0] << 32) |
547 (long64)eperm32tab[3][(to_permute) & 0xff][1];
548 #endif
549 }
550 }
551 }
552
553 __data->current_saltbits = 0;
554 __data->current_salt[0] = 0;
555 __data->current_salt[1] = 0;
556 __data->initialized++;
557 }
558
559 void
560 __init_des()
561 {
562 __init_des_r(&_ufc_foobar);
563 }
564
565 /*
566 * Process the elements of the sb table permuting the
567 * bits swapped in the expansion by the current salt.
568 */
569
570 #ifdef _UFC_32_
571 STATIC void
572 shuffle_sb(k, saltbits)
573 long32 *k;
574 ufc_long saltbits;
575 {
576 ufc_long j;
577 long32 x;
578 for(j=4096; j--;) {
579 x = (k[0] ^ k[1]) & (long32)saltbits;
580 *k++ ^= x;
581 *k++ ^= x;
582 }
583 }
584 #endif
585
586 #ifdef _UFC_64_
587 STATIC void
588 shuffle_sb(k, saltbits)
589 long64 *k;
590 ufc_long saltbits;
591 {
592 ufc_long j;
593 long64 x;
594 for(j=4096; j--;) {
595 x = ((*k >> 32) ^ *k) & (long64)saltbits;
596 *k++ ^= (x << 32) | x;
597 }
598 }
599 #endif
600
601 /*
602 * Setup the unit for a new salt
603 * Hopefully we'll not see a new salt in each crypt call.
604 */
605
606 void
607 _ufc_setup_salt_r(s, __data)
608 __const char *s;
609 struct crypt_data * __restrict __data;
610 {
611 ufc_long i, j, saltbits;
612
613 if(__data->initialized == 0)
614 __init_des_r(__data);
615
616 if(s[0] == __data->current_salt[0] && s[1] == __data->current_salt[1])
617 return;
618 __data->current_salt[0] = s[0]; __data->current_salt[1] = s[1];
619
620 /*
621 * This is the only crypt change to DES:
622 * entries are swapped in the expansion table
623 * according to the bits set in the salt.
624 */
625 saltbits = 0;
626 for(i = 0; i < 2; i++) {
627 long c=ascii_to_bin(s[i]);
628 for(j = 0; j < 6; j++) {
629 if((c >> j) & 0x1)
630 saltbits |= BITMASK[6 * i + j];
631 }
632 }
633
634 /*
635 * Permute the sb table values
636 * to reflect the changed e
637 * selection table
638 */
639 #ifdef _UFC_32_
640 #define LONGG long32*
641 #endif
642 #ifdef _UFC_64_
643 #define LONGG long64*
644 #endif
645
646 shuffle_sb((LONGG)__data->sb0, __data->current_saltbits ^ saltbits);
647 shuffle_sb((LONGG)__data->sb1, __data->current_saltbits ^ saltbits);
648 shuffle_sb((LONGG)__data->sb2, __data->current_saltbits ^ saltbits);
649 shuffle_sb((LONGG)__data->sb3, __data->current_saltbits ^ saltbits);
650
651 __data->current_saltbits = saltbits;
652 }
653
654 void
655 _ufc_mk_keytab_r(key, __data)
656 const char *key;
657 struct crypt_data * __restrict __data;
658 {
659 ufc_long v1, v2, *k1;
660 int i;
661 #ifdef _UFC_32_
662 long32 v, *k2;
663 k2 = (long32*)__data->keysched;
664 #endif
665 #ifdef _UFC_64_
666 long64 v, *k2;
667 k2 = (long64*)__data->keysched;
668 #endif
669
670 v1 = v2 = 0; k1 = &do_pc1[0][0][0];
671 for(i = 8; i--;) {
672 v1 |= k1[*key & 0x7f]; k1 += 128;
673 v2 |= k1[*key++ & 0x7f]; k1 += 128;
674 }
675
676 for(i = 0; i < 16; i++) {
677 k1 = &do_pc2[0][0];
678
679 v1 = (v1 << rots[i]) | (v1 >> (28 - rots[i]));
680 v = k1[(v1 >> 21) & 0x7f]; k1 += 128;
681 v |= k1[(v1 >> 14) & 0x7f]; k1 += 128;
682 v |= k1[(v1 >> 7) & 0x7f]; k1 += 128;
683 v |= k1[(v1 ) & 0x7f]; k1 += 128;
684
685 #ifdef _UFC_32_
686 *k2++ = (v | 0x00008000);
687 v = 0;
688 #endif
689 #ifdef _UFC_64_
690 v = (v << 32);
691 #endif
692
693 v2 = (v2 << rots[i]) | (v2 >> (28 - rots[i]));
694 v |= k1[(v2 >> 21) & 0x7f]; k1 += 128;
695 v |= k1[(v2 >> 14) & 0x7f]; k1 += 128;
696 v |= k1[(v2 >> 7) & 0x7f]; k1 += 128;
697 v |= k1[(v2 ) & 0x7f];
698
699 #ifdef _UFC_32_
700 *k2++ = (v | 0x00008000);
701 #endif
702 #ifdef _UFC_64_
703 *k2++ = v | 0x0000800000008000l;
704 #endif
705 }
706
707 __data->direction = 0;
708 }
709
710 /*
711 * Undo an extra E selection and do final permutations
712 */
713
714 void
715 _ufc_dofinalperm_r(res, __data)
716 ufc_long *res;
717 struct crypt_data * __restrict __data;
718 {
719 ufc_long v1, v2, x;
720 ufc_long l1,l2,r1,r2;
721
722 l1 = res[0]; l2 = res[1];
723 r1 = res[2]; r2 = res[3];
724
725 x = (l1 ^ l2) & __data->current_saltbits; l1 ^= x; l2 ^= x;
726 x = (r1 ^ r2) & __data->current_saltbits; r1 ^= x; r2 ^= x;
727
728 v1=v2=0; l1 >>= 3; l2 >>= 3; r1 >>= 3; r2 >>= 3;
729
730 v1 |= efp[15][ r2 & 0x3f][0]; v2 |= efp[15][ r2 & 0x3f][1];
731 v1 |= efp[14][(r2 >>= 6) & 0x3f][0]; v2 |= efp[14][ r2 & 0x3f][1];
732 v1 |= efp[13][(r2 >>= 10) & 0x3f][0]; v2 |= efp[13][ r2 & 0x3f][1];
733 v1 |= efp[12][(r2 >>= 6) & 0x3f][0]; v2 |= efp[12][ r2 & 0x3f][1];
734
735 v1 |= efp[11][ r1 & 0x3f][0]; v2 |= efp[11][ r1 & 0x3f][1];
736 v1 |= efp[10][(r1 >>= 6) & 0x3f][0]; v2 |= efp[10][ r1 & 0x3f][1];
737 v1 |= efp[ 9][(r1 >>= 10) & 0x3f][0]; v2 |= efp[ 9][ r1 & 0x3f][1];
738 v1 |= efp[ 8][(r1 >>= 6) & 0x3f][0]; v2 |= efp[ 8][ r1 & 0x3f][1];
739
740 v1 |= efp[ 7][ l2 & 0x3f][0]; v2 |= efp[ 7][ l2 & 0x3f][1];
741 v1 |= efp[ 6][(l2 >>= 6) & 0x3f][0]; v2 |= efp[ 6][ l2 & 0x3f][1];
742 v1 |= efp[ 5][(l2 >>= 10) & 0x3f][0]; v2 |= efp[ 5][ l2 & 0x3f][1];
743 v1 |= efp[ 4][(l2 >>= 6) & 0x3f][0]; v2 |= efp[ 4][ l2 & 0x3f][1];
744
745 v1 |= efp[ 3][ l1 & 0x3f][0]; v2 |= efp[ 3][ l1 & 0x3f][1];
746 v1 |= efp[ 2][(l1 >>= 6) & 0x3f][0]; v2 |= efp[ 2][ l1 & 0x3f][1];
747 v1 |= efp[ 1][(l1 >>= 10) & 0x3f][0]; v2 |= efp[ 1][ l1 & 0x3f][1];
748 v1 |= efp[ 0][(l1 >>= 6) & 0x3f][0]; v2 |= efp[ 0][ l1 & 0x3f][1];
749
750 res[0] = v1; res[1] = v2;
751 }
752
753 /*
754 * crypt only: convert from 64 bit to 11 bit ASCII
755 * prefixing with the salt
756 */
757
758 void
759 _ufc_output_conversion_r(v1, v2, salt, __data)
760 ufc_long v1, v2;
761 __const char *salt;
762 struct crypt_data * __restrict __data;
763 {
764 int i, s, shf;
765
766 __data->crypt_3_buf[0] = salt[0];
767 __data->crypt_3_buf[1] = salt[1] ? salt[1] : salt[0];
768
769 for(i = 0; i < 5; i++) {
770 shf = (26 - 6 * i); /* to cope with MSC compiler bug */
771 __data->crypt_3_buf[i + 2] = bin_to_ascii((v1 >> shf) & 0x3f);
772 }
773
774 s = (v2 & 0xf) << 2;
775 v2 = (v2 >> 2) | ((v1 & 0x3) << 30);
776
777 for(i = 5; i < 10; i++) {
778 shf = (56 - 6 * i);
779 __data->crypt_3_buf[i + 2] = bin_to_ascii((v2 >> shf) & 0x3f);
780 }
781
782 __data->crypt_3_buf[12] = bin_to_ascii(s);
783 __data->crypt_3_buf[13] = 0;
784 }
785
786
787 /*
788 * UNIX encrypt function. Takes a bitvector
789 * represented by one byte per bit and
790 * encrypt/decrypt according to edflag
791 */
792
793 void
794 __encrypt_r(__block, __edflag, __data)
795 char *__block;
796 int __edflag;
797 struct crypt_data * __restrict __data;
798 {
799 ufc_long l1, l2, r1, r2, res[4];
800 int i;
801 #ifdef _UFC_32_
802 long32 *kt;
803 kt = (long32*)__data->keysched;
804 #endif
805 #ifdef _UFC_64_
806 long64 *kt;
807 kt = (long64*)__data->keysched;
808 #endif
809
810 /*
811 * Undo any salt changes to E expansion
812 */
813 _ufc_setup_salt_r("..", __data);
814
815 /*
816 * Reverse key table if
817 * changing operation (encrypt/decrypt)
818 */
819 if((__edflag == 0) != (__data->direction == 0)) {
820 for(i = 0; i < 8; i++) {
821 #ifdef _UFC_32_
822 long32 x;
823 x = kt[2 * (15-i)];
824 kt[2 * (15-i)] = kt[2 * i];
825 kt[2 * i] = x;
826
827 x = kt[2 * (15-i) + 1];
828 kt[2 * (15-i) + 1] = kt[2 * i + 1];
829 kt[2 * i + 1] = x;
830 #endif
831 #ifdef _UFC_64_
832 long64 x;
833 x = kt[15-i];
834 kt[15-i] = kt[i];
835 kt[i] = x;
836 #endif
837 }
838 __data->direction = __edflag;
839 }
840
841 /*
842 * Do initial permutation + E expansion
843 */
844 i = 0;
845 for(l1 = 0; i < 24; i++) {
846 if(__block[initial_perm[esel[i]-1]-1])
847 l1 |= BITMASK[i];
848 }
849 for(l2 = 0; i < 48; i++) {
850 if(__block[initial_perm[esel[i]-1]-1])
851 l2 |= BITMASK[i-24];
852 }
853
854 i = 0;
855 for(r1 = 0; i < 24; i++) {
856 if(__block[initial_perm[esel[i]-1+32]-1])
857 r1 |= BITMASK[i];
858 }
859 for(r2 = 0; i < 48; i++) {
860 if(__block[initial_perm[esel[i]-1+32]-1])
861 r2 |= BITMASK[i-24];
862 }
863
864 /*
865 * Do DES inner loops + final conversion
866 */
867 res[0] = l1; res[1] = l2;
868 res[2] = r1; res[3] = r2;
869 _ufc_doit_r((ufc_long)1, __data, &res[0]);
870
871 /*
872 * Do final permutations
873 */
874 _ufc_dofinalperm_r(res, __data);
875
876 /*
877 * And convert to bit array
878 */
879 l1 = res[0]; r1 = res[1];
880 for(i = 0; i < 32; i++) {
881 *__block++ = (l1 & longmask[i]) != 0;
882 }
883 for(i = 0; i < 32; i++) {
884 *__block++ = (r1 & longmask[i]) != 0;
885 }
886 }
887 weak_alias (__encrypt_r, encrypt_r)
888
889 void
890 encrypt(__block, __edflag)
891 char *__block;
892 int __edflag;
893 {
894 __encrypt_r(__block, __edflag, &_ufc_foobar);
895 }
896
897
898 /*
899 * UNIX setkey function. Take a 64 bit DES
900 * key and setup the machinery.
901 */
902
903 void
904 __setkey_r(__key, __data)
905 __const char *__key;
906 struct crypt_data * __restrict __data;
907 {
908 int i,j;
909 unsigned char c;
910 unsigned char ktab[8];
911
912 _ufc_setup_salt_r("..", __data); /* be sure we're initialized */
913
914 for(i = 0; i < 8; i++) {
915 for(j = 0, c = 0; j < 8; j++)
916 c = c << 1 | *__key++;
917 ktab[i] = c >> 1;
918 }
919 _ufc_mk_keytab_r((char *) ktab, __data);
920 }
921 weak_alias (__setkey_r, setkey_r)
922
923 void
924 setkey(__key)
925 __const char *__key;
926 {
927 __setkey_r(__key, &_ufc_foobar);
928 }
sources.redhat.com git mirror of glibc CVS