s4:dsdb/drepl: update the source_dsa_obj/invocation_id in repsFrom
[Samba/bb.git] / tests / crypttest.c
blob0e500d54817698593b6a348ef9d228abf9bed5d7
1 #if defined(HAVE_UNISTD_H)
2 #include <unistd.h>
3 #endif
5 #include <sys/types.h>
7 #ifdef HAVE_STRING_H
8 #include <string.h>
9 #endif
11 #ifdef HAVE_STRINGS_H
12 #include <strings.h>
13 #endif
15 #if !defined(HAVE_CRYPT)
18 This bit of code was derived from the UFC-crypt package which
19 carries the following copyright
21 Modified for use by Samba by Andrew Tridgell, October 1994
23 Note that this routine is only faster on some machines. Under Linux 1.1.51
24 libc 4.5.26 I actually found this routine to be slightly slower.
26 Under SunOS I found a huge speedup by using these routines
27 (a factor of 20 or so)
29 Warning: I've had a report from Steve Kennedy <steve@gbnet.org>
30 that this crypt routine may sometimes get the wrong answer. Only
31 use UFC_CRYT if you really need it.
36 * UFC-crypt: ultra fast crypt(3) implementation
38 * Copyright (C) 1991-1998, Free Software Foundation, Inc.
40 * This library is free software; you can redistribute it and/or
41 * modify it under the terms of the GNU Lesser General Public
42 * License as published by the Free Software Foundation; either
43 * version 3 of the License, or (at your option) any later version.
45 * This library is distributed in the hope that it will be useful,
46 * but WITHOUT ANY WARRANTY; without even the implied warranty of
47 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
48 * Library General Public License for more details.
50 * You should have received a copy of the GNU Lesser General Public
51 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
53 * @(#)crypt_util.c 2.31 02/08/92
55 * Support routines
60 #ifndef long32
61 #if (SIZEOF_INT == 4)
62 #define long32 int
63 #elif (SIZEOF_LONG == 4)
64 #define long32 long
65 #elif (SIZEOF_SHORT == 4)
66 #define long32 short
67 #else
68 /* uggh - no 32 bit type?? probably a CRAY. just hope this works ... */
69 #define long32 int
70 #endif
71 #endif
73 #ifndef long64
74 #ifdef HAVE_LONGLONG
75 #define long64 long long long
76 #endif
77 #endif
79 #ifndef ufc_long
80 #define ufc_long unsigned
81 #endif
83 #ifndef _UFC_64_
84 #define _UFC_32_
85 #endif
87 /*
88 * Permutation done once on the 56 bit
89 * key derived from the original 8 byte ASCII key.
91 static int pc1[56] = {
92 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18,
93 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36,
94 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22,
95 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4
99 * How much to rotate each 28 bit half of the pc1 permutated
100 * 56 bit key before using pc2 to give the i' key
102 static int rots[16] = {
103 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
107 * Permutation giving the key
108 * of the i' DES round
110 static int pc2[48] = {
111 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10,
112 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2,
113 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48,
114 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32
118 * The E expansion table which selects
119 * bits from the 32 bit intermediate result.
121 static int esel[48] = {
122 32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9,
123 8, 9, 10, 11, 12, 13, 12, 13, 14, 15, 16, 17,
124 16, 17, 18, 19, 20, 21, 20, 21, 22, 23, 24, 25,
125 24, 25, 26, 27, 28, 29, 28, 29, 30, 31, 32, 1
127 static int e_inverse[64];
130 * Permutation done on the
131 * result of sbox lookups
133 static int perm32[32] = {
134 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
135 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
139 * The sboxes
141 static int sbox[8][4][16]= {
142 { { 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7 },
143 { 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8 },
144 { 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0 },
145 { 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13 }
148 { { 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10 },
149 { 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5 },
150 { 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15 },
151 { 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9 }
154 { { 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8 },
155 { 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1 },
156 { 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7 },
157 { 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12 }
160 { { 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15 },
161 { 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9 },
162 { 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4 },
163 { 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14 }
166 { { 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9 },
167 { 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6 },
168 { 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14 },
169 { 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3 }
172 { { 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11 },
173 { 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8 },
174 { 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6 },
175 { 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13 }
178 { { 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1 },
179 { 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6 },
180 { 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2 },
181 { 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12 }
184 { { 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7 },
185 { 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2 },
186 { 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8 },
187 { 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 }
192 * This is the final
193 * permutation matrix
195 static int final_perm[64] = {
196 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31,
197 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29,
198 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27,
199 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25
203 * The 16 DES keys in BITMASK format
205 #ifdef _UFC_32_
206 long32 _ufc_keytab[16][2];
207 #endif
209 #ifdef _UFC_64_
210 long64 _ufc_keytab[16];
211 #endif
214 #define ascii_to_bin(c) ((c)>='a'?(c-59):(c)>='A'?((c)-53):(c)-'.')
215 #define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.')
217 /* Macro to set a bit (0..23) */
218 #define BITMASK(i) ( (1<<(11-(i)%12+3)) << ((i)<12?16:0) )
221 * sb arrays:
223 * Workhorses of the inner loop of the DES implementation.
224 * They do sbox lookup, shifting of this value, 32 bit
225 * permutation and E permutation for the next round.
227 * Kept in 'BITMASK' format.
230 #ifdef _UFC_32_
231 long32 _ufc_sb0[8192], _ufc_sb1[8192], _ufc_sb2[8192], _ufc_sb3[8192];
232 static long32 *sb[4] = {_ufc_sb0, _ufc_sb1, _ufc_sb2, _ufc_sb3};
233 #endif
235 #ifdef _UFC_64_
236 long64 _ufc_sb0[4096], _ufc_sb1[4096], _ufc_sb2[4096], _ufc_sb3[4096];
237 static long64 *sb[4] = {_ufc_sb0, _ufc_sb1, _ufc_sb2, _ufc_sb3};
238 #endif
241 * eperm32tab: do 32 bit permutation and E selection
243 * The first index is the byte number in the 32 bit value to be permuted
244 * - second - is the value of this byte
245 * - third - selects the two 32 bit values
247 * The table is used and generated internally in init_des to speed it up
249 static ufc_long eperm32tab[4][256][2];
252 * do_pc1: permform pc1 permutation in the key schedule generation.
254 * The first index is the byte number in the 8 byte ASCII key
255 * - second - - the two 28 bits halfs of the result
256 * - third - selects the 7 bits actually used of each byte
258 * The result is kept with 28 bit per 32 bit with the 4 most significant
259 * bits zero.
261 static ufc_long do_pc1[8][2][128];
264 * do_pc2: permform pc2 permutation in the key schedule generation.
266 * The first index is the septet number in the two 28 bit intermediate values
267 * - second - - - septet values
269 * Knowledge of the structure of the pc2 permutation is used.
271 * The result is kept with 28 bit per 32 bit with the 4 most significant
272 * bits zero.
274 static ufc_long do_pc2[8][128];
277 * efp: undo an extra e selection and do final
278 * permutation giving the DES result.
280 * Invoked 6 bit a time on two 48 bit values
281 * giving two 32 bit longs.
283 static ufc_long efp[16][64][2];
285 static unsigned char bytemask[8] = {
286 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01
289 static ufc_long longmask[32] = {
290 0x80000000, 0x40000000, 0x20000000, 0x10000000,
291 0x08000000, 0x04000000, 0x02000000, 0x01000000,
292 0x00800000, 0x00400000, 0x00200000, 0x00100000,
293 0x00080000, 0x00040000, 0x00020000, 0x00010000,
294 0x00008000, 0x00004000, 0x00002000, 0x00001000,
295 0x00000800, 0x00000400, 0x00000200, 0x00000100,
296 0x00000080, 0x00000040, 0x00000020, 0x00000010,
297 0x00000008, 0x00000004, 0x00000002, 0x00000001
302 * Silly rewrite of 'bzero'. I do so
303 * because some machines don't have
304 * bzero and some don't have memset.
307 static void clearmem(char *start, int cnt)
308 { while(cnt--)
309 *start++ = '\0';
312 static int initialized = 0;
314 /* lookup a 6 bit value in sbox */
316 #define s_lookup(i,s) sbox[(i)][(((s)>>4) & 0x2)|((s) & 0x1)][((s)>>1) & 0xf];
319 * Initialize unit - may be invoked directly
320 * by fcrypt users.
323 static void ufc_init_des(void)
324 { int comes_from_bit;
325 int bit, sg;
326 ufc_long j;
327 ufc_long mask1, mask2;
330 * Create the do_pc1 table used
331 * to affect pc1 permutation
332 * when generating keys
334 for(bit = 0; bit < 56; bit++) {
335 comes_from_bit = pc1[bit] - 1;
336 mask1 = bytemask[comes_from_bit % 8 + 1];
337 mask2 = longmask[bit % 28 + 4];
338 for(j = 0; j < 128; j++) {
339 if(j & mask1)
340 do_pc1[comes_from_bit / 8][bit / 28][j] |= mask2;
345 * Create the do_pc2 table used
346 * to affect pc2 permutation when
347 * generating keys
349 for(bit = 0; bit < 48; bit++) {
350 comes_from_bit = pc2[bit] - 1;
351 mask1 = bytemask[comes_from_bit % 7 + 1];
352 mask2 = BITMASK(bit % 24);
353 for(j = 0; j < 128; j++) {
354 if(j & mask1)
355 do_pc2[comes_from_bit / 7][j] |= mask2;
360 * Now generate the table used to do combined
361 * 32 bit permutation and e expansion
363 * We use it because we have to permute 16384 32 bit
364 * longs into 48 bit in order to initialize sb.
366 * Looping 48 rounds per permutation becomes
367 * just too slow...
371 clearmem((char*)eperm32tab, sizeof(eperm32tab));
373 for(bit = 0; bit < 48; bit++) {
374 ufc_long inner_mask1,comes_from;
376 comes_from = perm32[esel[bit]-1]-1;
377 inner_mask1 = bytemask[comes_from % 8];
379 for(j = 256; j--;) {
380 if(j & inner_mask1)
381 eperm32tab[comes_from / 8][j][bit / 24] |= BITMASK(bit % 24);
386 * Create the sb tables:
388 * For each 12 bit segment of an 48 bit intermediate
389 * result, the sb table precomputes the two 4 bit
390 * values of the sbox lookups done with the two 6
391 * bit halves, shifts them to their proper place,
392 * sends them through perm32 and finally E expands
393 * them so that they are ready for the next
394 * DES round.
397 for(sg = 0; sg < 4; sg++) {
398 int j1, j2;
399 int s1, s2;
401 for(j1 = 0; j1 < 64; j1++) {
402 s1 = s_lookup(2 * sg, j1);
403 for(j2 = 0; j2 < 64; j2++) {
404 ufc_long to_permute, inx;
406 s2 = s_lookup(2 * sg + 1, j2);
407 to_permute = ((s1 << 4) | s2) << (24 - 8 * sg);
409 #ifdef _UFC_32_
410 inx = ((j1 << 6) | j2) << 1;
411 sb[sg][inx ] = eperm32tab[0][(to_permute >> 24) & 0xff][0];
412 sb[sg][inx+1] = eperm32tab[0][(to_permute >> 24) & 0xff][1];
413 sb[sg][inx ] |= eperm32tab[1][(to_permute >> 16) & 0xff][0];
414 sb[sg][inx+1] |= eperm32tab[1][(to_permute >> 16) & 0xff][1];
415 sb[sg][inx ] |= eperm32tab[2][(to_permute >> 8) & 0xff][0];
416 sb[sg][inx+1] |= eperm32tab[2][(to_permute >> 8) & 0xff][1];
417 sb[sg][inx ] |= eperm32tab[3][(to_permute) & 0xff][0];
418 sb[sg][inx+1] |= eperm32tab[3][(to_permute) & 0xff][1];
419 #endif
420 #ifdef _UFC_64_
421 inx = ((j1 << 6) | j2);
422 sb[sg][inx] =
423 ((long64)eperm32tab[0][(to_permute >> 24) & 0xff][0] << 32) |
424 (long64)eperm32tab[0][(to_permute >> 24) & 0xff][1];
425 sb[sg][inx] |=
426 ((long64)eperm32tab[1][(to_permute >> 16) & 0xff][0] << 32) |
427 (long64)eperm32tab[1][(to_permute >> 16) & 0xff][1];
428 sb[sg][inx] |=
429 ((long64)eperm32tab[2][(to_permute >> 8) & 0xff][0] << 32) |
430 (long64)eperm32tab[2][(to_permute >> 8) & 0xff][1];
431 sb[sg][inx] |=
432 ((long64)eperm32tab[3][(to_permute) & 0xff][0] << 32) |
433 (long64)eperm32tab[3][(to_permute) & 0xff][1];
434 #endif
440 * Create an inverse matrix for esel telling
441 * where to plug out bits if undoing it
443 for(bit=48; bit--;) {
444 e_inverse[esel[bit] - 1 ] = bit;
445 e_inverse[esel[bit] - 1 + 32] = bit + 48;
449 * create efp: the matrix used to
450 * undo the E expansion and effect final permutation
452 clearmem((char*)efp, sizeof efp);
453 for(bit = 0; bit < 64; bit++) {
454 int o_bit, o_long;
455 ufc_long word_value, inner_mask1, inner_mask2;
456 int comes_from_f_bit, comes_from_e_bit;
457 int comes_from_word, bit_within_word;
459 /* See where bit i belongs in the two 32 bit long's */
460 o_long = bit / 32; /* 0..1 */
461 o_bit = bit % 32; /* 0..31 */
464 * And find a bit in the e permutated value setting this bit.
466 * Note: the e selection may have selected the same bit several
467 * times. By the initialization of e_inverse, we only look
468 * for one specific instance.
470 comes_from_f_bit = final_perm[bit] - 1; /* 0..63 */
471 comes_from_e_bit = e_inverse[comes_from_f_bit]; /* 0..95 */
472 comes_from_word = comes_from_e_bit / 6; /* 0..15 */
473 bit_within_word = comes_from_e_bit % 6; /* 0..5 */
475 inner_mask1 = longmask[bit_within_word + 26];
476 inner_mask2 = longmask[o_bit];
478 for(word_value = 64; word_value--;) {
479 if(word_value & inner_mask1)
480 efp[comes_from_word][word_value][o_long] |= inner_mask2;
483 initialized++;
487 * Process the elements of the sb table permuting the
488 * bits swapped in the expansion by the current salt.
491 #ifdef _UFC_32_
492 static void shuffle_sb(long32 *k, ufc_long saltbits)
493 { ufc_long j;
494 long32 x;
495 for(j=4096; j--;) {
496 x = (k[0] ^ k[1]) & (long32)saltbits;
497 *k++ ^= x;
498 *k++ ^= x;
501 #endif
503 #ifdef _UFC_64_
504 static void shuffle_sb(long64 *k, ufc_long saltbits)
505 { ufc_long j;
506 long64 x;
507 for(j=4096; j--;) {
508 x = ((*k >> 32) ^ *k) & (long64)saltbits;
509 *k++ ^= (x << 32) | x;
512 #endif
515 * Setup the unit for a new salt
516 * Hopefully we'll not see a new salt in each crypt call.
519 static unsigned char current_salt[3] = "&&"; /* invalid value */
520 static ufc_long current_saltbits = 0;
521 static int direction = 0;
523 static void setup_salt(const char *s1)
524 { ufc_long i, j, saltbits;
525 const unsigned char *s2 = (const unsigned char *)s1;
527 if(!initialized)
528 ufc_init_des();
530 if(s2[0] == current_salt[0] && s2[1] == current_salt[1])
531 return;
532 current_salt[0] = s2[0]; current_salt[1] = s2[1];
535 * This is the only crypt change to DES:
536 * entries are swapped in the expansion table
537 * according to the bits set in the salt.
539 saltbits = 0;
540 for(i = 0; i < 2; i++) {
541 long c=ascii_to_bin(s2[i]);
542 if(c < 0 || c > 63)
543 c = 0;
544 for(j = 0; j < 6; j++) {
545 if((c >> j) & 0x1)
546 saltbits |= BITMASK(6 * i + j);
551 * Permute the sb table values
552 * to reflect the changed e
553 * selection table
555 shuffle_sb(_ufc_sb0, current_saltbits ^ saltbits);
556 shuffle_sb(_ufc_sb1, current_saltbits ^ saltbits);
557 shuffle_sb(_ufc_sb2, current_saltbits ^ saltbits);
558 shuffle_sb(_ufc_sb3, current_saltbits ^ saltbits);
560 current_saltbits = saltbits;
563 static void ufc_mk_keytab(char *key)
564 { ufc_long v1, v2, *k1;
565 int i;
566 #ifdef _UFC_32_
567 long32 v, *k2 = &_ufc_keytab[0][0];
568 #endif
569 #ifdef _UFC_64_
570 long64 v, *k2 = &_ufc_keytab[0];
571 #endif
573 v1 = v2 = 0; k1 = &do_pc1[0][0][0];
574 for(i = 8; i--;) {
575 v1 |= k1[*key & 0x7f]; k1 += 128;
576 v2 |= k1[*key++ & 0x7f]; k1 += 128;
579 for(i = 0; i < 16; i++) {
580 k1 = &do_pc2[0][0];
582 v1 = (v1 << rots[i]) | (v1 >> (28 - rots[i]));
583 v = k1[(v1 >> 21) & 0x7f]; k1 += 128;
584 v |= k1[(v1 >> 14) & 0x7f]; k1 += 128;
585 v |= k1[(v1 >> 7) & 0x7f]; k1 += 128;
586 v |= k1[(v1 ) & 0x7f]; k1 += 128;
588 #ifdef _UFC_32_
589 *k2++ = v;
590 v = 0;
591 #endif
592 #ifdef _UFC_64_
593 v <<= 32;
594 #endif
596 v2 = (v2 << rots[i]) | (v2 >> (28 - rots[i]));
597 v |= k1[(v2 >> 21) & 0x7f]; k1 += 128;
598 v |= k1[(v2 >> 14) & 0x7f]; k1 += 128;
599 v |= k1[(v2 >> 7) & 0x7f]; k1 += 128;
600 v |= k1[(v2 ) & 0x7f];
602 *k2++ = v;
605 direction = 0;
609 * Undo an extra E selection and do final permutations
612 ufc_long *_ufc_dofinalperm(ufc_long l1, ufc_long l2, ufc_long r1, ufc_long r2)
613 { ufc_long v1, v2, x;
614 static ufc_long ary[2];
616 x = (l1 ^ l2) & current_saltbits; l1 ^= x; l2 ^= x;
617 x = (r1 ^ r2) & current_saltbits; r1 ^= x; r2 ^= x;
619 v1=v2=0; l1 >>= 3; l2 >>= 3; r1 >>= 3; r2 >>= 3;
621 v1 |= efp[15][ r2 & 0x3f][0]; v2 |= efp[15][ r2 & 0x3f][1];
622 v1 |= efp[14][(r2 >>= 6) & 0x3f][0]; v2 |= efp[14][ r2 & 0x3f][1];
623 v1 |= efp[13][(r2 >>= 10) & 0x3f][0]; v2 |= efp[13][ r2 & 0x3f][1];
624 v1 |= efp[12][(r2 >>= 6) & 0x3f][0]; v2 |= efp[12][ r2 & 0x3f][1];
626 v1 |= efp[11][ r1 & 0x3f][0]; v2 |= efp[11][ r1 & 0x3f][1];
627 v1 |= efp[10][(r1 >>= 6) & 0x3f][0]; v2 |= efp[10][ r1 & 0x3f][1];
628 v1 |= efp[ 9][(r1 >>= 10) & 0x3f][0]; v2 |= efp[ 9][ r1 & 0x3f][1];
629 v1 |= efp[ 8][(r1 >>= 6) & 0x3f][0]; v2 |= efp[ 8][ r1 & 0x3f][1];
631 v1 |= efp[ 7][ l2 & 0x3f][0]; v2 |= efp[ 7][ l2 & 0x3f][1];
632 v1 |= efp[ 6][(l2 >>= 6) & 0x3f][0]; v2 |= efp[ 6][ l2 & 0x3f][1];
633 v1 |= efp[ 5][(l2 >>= 10) & 0x3f][0]; v2 |= efp[ 5][ l2 & 0x3f][1];
634 v1 |= efp[ 4][(l2 >>= 6) & 0x3f][0]; v2 |= efp[ 4][ l2 & 0x3f][1];
636 v1 |= efp[ 3][ l1 & 0x3f][0]; v2 |= efp[ 3][ l1 & 0x3f][1];
637 v1 |= efp[ 2][(l1 >>= 6) & 0x3f][0]; v2 |= efp[ 2][ l1 & 0x3f][1];
638 v1 |= efp[ 1][(l1 >>= 10) & 0x3f][0]; v2 |= efp[ 1][ l1 & 0x3f][1];
639 v1 |= efp[ 0][(l1 >>= 6) & 0x3f][0]; v2 |= efp[ 0][ l1 & 0x3f][1];
641 ary[0] = v1; ary[1] = v2;
642 return ary;
646 * crypt only: convert from 64 bit to 11 bit ASCII
647 * prefixing with the salt
650 static char *output_conversion(ufc_long v1, ufc_long v2, const char *salt)
651 { static char outbuf[14];
652 int i, s;
654 outbuf[0] = salt[0];
655 outbuf[1] = salt[1] ? salt[1] : salt[0];
657 for(i = 0; i < 5; i++)
658 outbuf[i + 2] = bin_to_ascii((v1 >> (26 - 6 * i)) & 0x3f);
660 s = (v2 & 0xf) << 2;
661 v2 = (v2 >> 2) | ((v1 & 0x3) << 30);
663 for(i = 5; i < 10; i++)
664 outbuf[i + 2] = bin_to_ascii((v2 >> (56 - 6 * i)) & 0x3f);
666 outbuf[12] = bin_to_ascii(s);
667 outbuf[13] = 0;
669 return outbuf;
673 * UNIX crypt function
676 static ufc_long *_ufc_doit(ufc_long , ufc_long, ufc_long, ufc_long, ufc_long);
678 char *ufc_crypt(const char *key,const char *salt)
679 { ufc_long *s;
680 char ktab[9];
683 * Hack DES tables according to salt
685 setup_salt(salt);
688 * Setup key schedule
690 clearmem(ktab, sizeof ktab);
691 strncpy(ktab, key, 8);
692 ufc_mk_keytab(ktab);
695 * Go for the 25 DES encryptions
697 s = _ufc_doit((ufc_long)0, (ufc_long)0,
698 (ufc_long)0, (ufc_long)0, (ufc_long)25);
701 * And convert back to 6 bit ASCII
703 return output_conversion(s[0], s[1], salt);
707 #ifdef _UFC_32_
710 * 32 bit version
713 extern long32 _ufc_keytab[16][2];
714 extern long32 _ufc_sb0[], _ufc_sb1[], _ufc_sb2[], _ufc_sb3[];
716 #define SBA(sb, v) (*(long32*)((char*)(sb)+(v)))
718 static ufc_long *_ufc_doit(ufc_long l1, ufc_long l2, ufc_long r1, ufc_long r2, ufc_long itr)
719 { int i;
720 long32 s, *k;
722 while(itr--) {
723 k = &_ufc_keytab[0][0];
724 for(i=8; i--; ) {
725 s = *k++ ^ r1;
726 l1 ^= SBA(_ufc_sb1, s & 0xffff); l2 ^= SBA(_ufc_sb1, (s & 0xffff)+4);
727 l1 ^= SBA(_ufc_sb0, s >>= 16); l2 ^= SBA(_ufc_sb0, (s) +4);
728 s = *k++ ^ r2;
729 l1 ^= SBA(_ufc_sb3, s & 0xffff); l2 ^= SBA(_ufc_sb3, (s & 0xffff)+4);
730 l1 ^= SBA(_ufc_sb2, s >>= 16); l2 ^= SBA(_ufc_sb2, (s) +4);
732 s = *k++ ^ l1;
733 r1 ^= SBA(_ufc_sb1, s & 0xffff); r2 ^= SBA(_ufc_sb1, (s & 0xffff)+4);
734 r1 ^= SBA(_ufc_sb0, s >>= 16); r2 ^= SBA(_ufc_sb0, (s) +4);
735 s = *k++ ^ l2;
736 r1 ^= SBA(_ufc_sb3, s & 0xffff); r2 ^= SBA(_ufc_sb3, (s & 0xffff)+4);
737 r1 ^= SBA(_ufc_sb2, s >>= 16); r2 ^= SBA(_ufc_sb2, (s) +4);
739 s=l1; l1=r1; r1=s; s=l2; l2=r2; r2=s;
741 return _ufc_dofinalperm(l1, l2, r1, r2);
744 #endif
746 #ifdef _UFC_64_
749 * 64 bit version
752 extern long64 _ufc_keytab[16];
753 extern long64 _ufc_sb0[], _ufc_sb1[], _ufc_sb2[], _ufc_sb3[];
755 #define SBA(sb, v) (*(long64*)((char*)(sb)+(v)))
757 static ufc_long *_ufc_doit(ufc_long l1, ufc_long l2, ufc_long r1, ufc_long r2, ufc_long itr)
758 { int i;
759 long64 l, r, s, *k;
761 l = (((long64)l1) << 32) | ((long64)l2);
762 r = (((long64)r1) << 32) | ((long64)r2);
764 while(itr--) {
765 k = &_ufc_keytab[0];
766 for(i=8; i--; ) {
767 s = *k++ ^ r;
768 l ^= SBA(_ufc_sb3, (s >> 0) & 0xffff);
769 l ^= SBA(_ufc_sb2, (s >> 16) & 0xffff);
770 l ^= SBA(_ufc_sb1, (s >> 32) & 0xffff);
771 l ^= SBA(_ufc_sb0, (s >> 48) & 0xffff);
773 s = *k++ ^ l;
774 r ^= SBA(_ufc_sb3, (s >> 0) & 0xffff);
775 r ^= SBA(_ufc_sb2, (s >> 16) & 0xffff);
776 r ^= SBA(_ufc_sb1, (s >> 32) & 0xffff);
777 r ^= SBA(_ufc_sb0, (s >> 48) & 0xffff);
779 s=l; l=r; r=s;
782 l1 = l >> 32; l2 = l & 0xffffffff;
783 r1 = r >> 32; r2 = r & 0xffffffff;
784 return _ufc_dofinalperm(l1, l2, r1, r2);
787 #endif
789 #define crypt ufc_crypt
790 #endif
792 main()
794 char passwd[9];
795 char salt[9];
796 char c_out1[256];
797 char c_out2[256];
799 char expected_out[14];
801 strcpy(expected_out, "12yJ.Of/NQ.Pk");
802 strcpy(passwd, "12345678");
803 strcpy(salt, "12345678");
805 strcpy(c_out1, crypt(passwd, salt));
806 salt[2] = '\0';
807 strcpy(c_out2, crypt(passwd, salt));
810 * If the non-trucated salt fails but the
811 * truncated salt succeeds then exit 1.
814 if((strcmp(c_out1, expected_out) != 0) &&
815 (strcmp(c_out2, expected_out) == 0))
816 exit(1);
818 #ifdef HAVE_BIGCRYPT
820 * Try the same with bigcrypt...
824 char big_passwd[17];
825 char big_salt[17];
826 char big_c_out1[256];
827 char big_c_out2[256];
828 char big_expected_out[27];
830 strcpy(big_passwd, "1234567812345678");
831 strcpy(big_salt, "1234567812345678");
832 strcpy(big_expected_out, "12yJ.Of/NQ.PklfyCuHi/rwM");
834 strcpy(big_c_out1, bigcrypt(big_passwd, big_salt));
835 big_salt[2] = '\0';
836 strcpy(big_c_out2, bigcrypt(big_passwd, big_salt));
839 * If the non-trucated salt fails but the
840 * truncated salt succeeds then exit 1.
843 if((strcmp(big_c_out1, big_expected_out) != 0) &&
844 (strcmp(big_c_out2, big_expected_out) == 0))
845 exit(1);
848 #endif
850 exit(0);