search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Document problem with NATs in getaddrinfo.
[glibc.git] / crypt / crypt_util.c
bloba5563891113e7355117caaf79177ed390753accf
1 /*
2 * UFC-crypt: ultra fast crypt(3) implementation
3 *
4 * Copyright (C) 1991-1993,1996-1998,2000,2010 Free Software Foundation, Inc.
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; see the file COPYING.LIB. If not,
18 * write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
19 * Boston, MA 02111-1307, USA.
20 *
21 * @(#)crypt_util.c 2.56 12/20/96
22 *
23 * Support routines
24 *
25 */
26
27 #ifdef DEBUG
28 #include <stdio.h>
29 #endif
30 #include <string.h>
31
32 #ifndef STATIC
33 #define STATIC static
34 #endif
35
36 #ifndef DOS
37 #include "ufc-crypt.h"
38 #else
39 /*
40 * Thanks to greg%wind@plains.NoDak.edu (Greg W. Wettstein)
41 * for DOS patches
42 */
43 #include "pl.h"
44 #include "ufc.h"
45 #endif
46 #include "crypt.h"
47 #include "crypt-private.h"
48
49 /* Prototypes for local functions. */
50 #if __STDC__ - 0
51 #ifndef __GNU_LIBRARY__
52 void _ufc_clearmem (char *start, int cnt);
53 void _ufc_copymem (char *from, char *to, int cnt);
54 #endif
55 #ifdef _UFC_32_
56 STATIC void shuffle_sb (long32 *k, ufc_long saltbits);
57 #else
58 STATIC void shuffle_sb (long64 *k, ufc_long saltbits);
59 #endif
60 #endif
61
62
63 /*
64 * Permutation done once on the 56 bit
65 * key derived from the original 8 byte ASCII key.
66 */
67 static const int pc1[56] = {
68 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18,
69 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36,
70 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22,
71 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4
72 };
73
74 /*
75 * How much to rotate each 28 bit half of the pc1 permutated
76 * 56 bit key before using pc2 to give the i' key
77 */
78 static const int rots[16] = {
79 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
80 };
81
82 /*
83 * Permutation giving the key
84 * of the i' DES round
85 */
86 static const int pc2[48] = {
87 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10,
88 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2,
89 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48,
90 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32
91 };
92
93 /*
94 * The E expansion table which selects
95 * bits from the 32 bit intermediate result.
96 */
97 static const int esel[48] = {
98 32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9,
99 8, 9, 10, 11, 12, 13, 12, 13, 14, 15, 16, 17,
100 16, 17, 18, 19, 20, 21, 20, 21, 22, 23, 24, 25,
101 24, 25, 26, 27, 28, 29, 28, 29, 30, 31, 32, 1
102 };
103
104 /*
105 * Permutation done on the
106 * result of sbox lookups
107 */
108 static const int perm32[32] = {
109 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
110 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
111 };
112
113 /*
114 * The sboxes
115 */
116 static const int sbox[8][4][16]= {
117 { { 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7 },
118 { 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8 },
119 { 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0 },
120 { 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13 }
121 },
122
123 { { 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10 },
124 { 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5 },
125 { 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15 },
126 { 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9 }
127 },
128
129 { { 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8 },
130 { 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1 },
131 { 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7 },
132 { 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12 }
133 },
134
135 { { 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15 },
136 { 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9 },
137 { 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4 },
138 { 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14 }
139 },
140
141 { { 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9 },
142 { 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6 },
143 { 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14 },
144 { 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3 }
145 },
146
147 { { 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11 },
148 { 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8 },
149 { 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6 },
150 { 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13 }
151 },
152
153 { { 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1 },
154 { 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6 },
155 { 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2 },
156 { 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12 }
157 },
158
159 { { 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7 },
160 { 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2 },
161 { 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8 },
162 { 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 }
163 }
164 };
165
166 /*
167 * This is the initial
168 * permutation matrix
169 */
170 static const int initial_perm[64] = {
171 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4,
172 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8,
173 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3,
174 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7
175 };
176
177 /*
178 * This is the final
179 * permutation matrix
180 */
181 static const int final_perm[64] = {
182 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31,
183 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29,
184 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27,
185 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25
186 };
187
188 #define ascii_to_bin(c) ((c)>='a'?(c-59):(c)>='A'?((c)-53):(c)-'.')
189 #define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.')
190
191 static const ufc_long BITMASK[24] = {
192 0x40000000, 0x20000000, 0x10000000, 0x08000000, 0x04000000, 0x02000000,
193 0x01000000, 0x00800000, 0x00400000, 0x00200000, 0x00100000, 0x00080000,
194 0x00004000, 0x00002000, 0x00001000, 0x00000800, 0x00000400, 0x00000200,
195 0x00000100, 0x00000080, 0x00000040, 0x00000020, 0x00000010, 0x00000008
196 };
197
198 static const unsigned char bytemask[8] = {
199 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01
200 };
201
202 static const ufc_long longmask[32] = {
203 0x80000000, 0x40000000, 0x20000000, 0x10000000,
204 0x08000000, 0x04000000, 0x02000000, 0x01000000,
205 0x00800000, 0x00400000, 0x00200000, 0x00100000,
206 0x00080000, 0x00040000, 0x00020000, 0x00010000,
207 0x00008000, 0x00004000, 0x00002000, 0x00001000,
208 0x00000800, 0x00000400, 0x00000200, 0x00000100,
209 0x00000080, 0x00000040, 0x00000020, 0x00000010,
210 0x00000008, 0x00000004, 0x00000002, 0x00000001
211 };
212
213 /*
214 * do_pc1: permform pc1 permutation in the key schedule generation.
215 *
216 * The first index is the byte number in the 8 byte ASCII key
217 * - second - - the two 28 bits halfs of the result
218 * - third - selects the 7 bits actually used of each byte
219 *
220 * The result is kept with 28 bit per 32 bit with the 4 most significant
221 * bits zero.
222 */
223 static ufc_long do_pc1[8][2][128];
224
225 /*
226 * do_pc2: permform pc2 permutation in the key schedule generation.
227 *
228 * The first index is the septet number in the two 28 bit intermediate values
229 * - second - - - septet values
230 *
231 * Knowledge of the structure of the pc2 permutation is used.
232 *
233 * The result is kept with 28 bit per 32 bit with the 4 most significant
234 * bits zero.
235 */
236 static ufc_long do_pc2[8][128];
237
238 /*
239 * eperm32tab: do 32 bit permutation and E selection
240 *
241 * The first index is the byte number in the 32 bit value to be permuted
242 * - second - is the value of this byte
243 * - third - selects the two 32 bit values
244 *
245 * The table is used and generated internally in init_des to speed it up
246 */
247 static ufc_long eperm32tab[4][256][2];
248
249 /*
250 * efp: undo an extra e selection and do final
251 * permutation giving the DES result.
252 *
253 * Invoked 6 bit a time on two 48 bit values
254 * giving two 32 bit longs.
255 */
256 static ufc_long efp[16][64][2];
257
258 /*
259 * For use by the old, non-reentrant routines
260 * (crypt/encrypt/setkey)
261 */
262 struct crypt_data _ufc_foobar;
263
264 #ifdef __GNU_LIBRARY__
265 #include <bits/libc-lock.h>
266
267 __libc_lock_define_initialized (static, _ufc_tables_lock)
268 #endif
269
270 #ifdef DEBUG
271
272 void
273 _ufc_prbits(a, n)
274 ufc_long *a;
275 int n;
276 {
277 ufc_long i, j, t, tmp;
278 n /= 8;
279 for(i = 0; i < n; i++) {
280 tmp=0;
281 for(j = 0; j < 8; j++) {
282 t=8*i+j;
283 tmp|=(a[t/24] & BITMASK[t % 24])?bytemask[j]:0;
284 }
285 (void)printf("%02x ",tmp);
286 }
287 printf(" ");
288 }
289
290 static void
291 _ufc_set_bits(v, b)
292 ufc_long v;
293 ufc_long *b;
294 {
295 ufc_long i;
296 *b = 0;
297 for(i = 0; i < 24; i++) {
298 if(v & longmask[8 + i])
299 *b |= BITMASK[i];
300 }
301 }
302
303 #endif
304
305 #ifndef __GNU_LIBRARY__
306 /*
307 * Silly rewrites of 'bzero'/'memset'. I do so
308 * because some machines don't have
309 * bzero and some don't have memset.
310 */
311
312 void
313 _ufc_clearmem(start, cnt)
314 char *start;
315 int cnt;
316 {
317 while(cnt--)
318 *start++ = '\0';
319 }
320
321 void
322 _ufc_copymem(from, to, cnt)
323 char *from, *to;
324 int cnt;
325 {
326 while(cnt--)
327 *to++ = *from++;
328 }
329 #else
330 #define _ufc_clearmem(start, cnt) memset(start, 0, cnt)
331 #define _ufc_copymem(from, to, cnt) memcpy(to, from, cnt)
332 #endif
333
334 /* lookup a 6 bit value in sbox */
335
336 #define s_lookup(i,s) sbox[(i)][(((s)>>4) & 0x2)|((s) & 0x1)][((s)>>1) & 0xf];
337
338 /*
339 * Initialize unit - may be invoked directly
340 * by fcrypt users.
341 */
342
343 void
344 __init_des_r(__data)
345 struct crypt_data * __restrict __data;
346 {
347 int comes_from_bit;
348 int bit, sg;
349 ufc_long j;
350 ufc_long mask1, mask2;
351 int e_inverse[64];
352 static volatile int small_tables_initialized = 0;
353
354 #ifdef _UFC_32_
355 long32 *sb[4];
356 sb[0] = (long32*)__data->sb0; sb[1] = (long32*)__data->sb1;
357 sb[2] = (long32*)__data->sb2; sb[3] = (long32*)__data->sb3;
358 #endif
359 #ifdef _UFC_64_
360 long64 *sb[4];
361 sb[0] = (long64*)__data->sb0; sb[1] = (long64*)__data->sb1;
362 sb[2] = (long64*)__data->sb2; sb[3] = (long64*)__data->sb3;
363 #endif
364
365 if(small_tables_initialized == 0) {
366 #ifdef __GNU_LIBRARY__
367 __libc_lock_lock (_ufc_tables_lock);
368 if(small_tables_initialized)
369 goto small_tables_done;
370 #endif
371
372 /*
373 * Create the do_pc1 table used
374 * to affect pc1 permutation
375 * when generating keys
376 */
377 _ufc_clearmem((char*)do_pc1, (int)sizeof(do_pc1));
378 for(bit = 0; bit < 56; bit++) {
379 comes_from_bit = pc1[bit] - 1;
380 mask1 = bytemask[comes_from_bit % 8 + 1];
381 mask2 = longmask[bit % 28 + 4];
382 for(j = 0; j < 128; j++) {
383 if(j & mask1)
384 do_pc1[comes_from_bit / 8][bit / 28][j] |= mask2;
385 }
386 }
387
388 /*
389 * Create the do_pc2 table used
390 * to affect pc2 permutation when
391 * generating keys
392 */
393 _ufc_clearmem((char*)do_pc2, (int)sizeof(do_pc2));
394 for(bit = 0; bit < 48; bit++) {
395 comes_from_bit = pc2[bit] - 1;
396 mask1 = bytemask[comes_from_bit % 7 + 1];
397 mask2 = BITMASK[bit % 24];
398 for(j = 0; j < 128; j++) {
399 if(j & mask1)
400 do_pc2[comes_from_bit / 7][j] |= mask2;
401 }
402 }
403
404 /*
405 * Now generate the table used to do combined
406 * 32 bit permutation and e expansion
407 *
408 * We use it because we have to permute 16384 32 bit
409 * longs into 48 bit in order to initialize sb.
410 *
411 * Looping 48 rounds per permutation becomes
412 * just too slow...
413 *
414 */
415
416 _ufc_clearmem((char*)eperm32tab, (int)sizeof(eperm32tab));
417 for(bit = 0; bit < 48; bit++) {
418 ufc_long mask1,comes_from;
419 comes_from = perm32[esel[bit]-1]-1;
420 mask1 = bytemask[comes_from % 8];
421 for(j = 256; j--;) {
422 if(j & mask1)
423 eperm32tab[comes_from / 8][j][bit / 24] |= BITMASK[bit % 24];
424 }
425 }
426
427 /*
428 * Create an inverse matrix for esel telling
429 * where to plug out bits if undoing it
430 */
431 for(bit=48; bit--;) {
432 e_inverse[esel[bit] - 1 ] = bit;
433 e_inverse[esel[bit] - 1 + 32] = bit + 48;
434 }
435
436 /*
437 * create efp: the matrix used to
438 * undo the E expansion and effect final permutation
439 */
440 _ufc_clearmem((char*)efp, (int)sizeof efp);
441 for(bit = 0; bit < 64; bit++) {
442 int o_bit, o_long;
443 ufc_long word_value, mask1, mask2;
444 int comes_from_f_bit, comes_from_e_bit;
445 int comes_from_word, bit_within_word;
446
447 /* See where bit i belongs in the two 32 bit long's */
448 o_long = bit / 32; /* 0..1 */
449 o_bit = bit % 32; /* 0..31 */
450
451 /*
452 * And find a bit in the e permutated value setting this bit.
453 *
454 * Note: the e selection may have selected the same bit several
455 * times. By the initialization of e_inverse, we only look
456 * for one specific instance.
457 */
458 comes_from_f_bit = final_perm[bit] - 1; /* 0..63 */
459 comes_from_e_bit = e_inverse[comes_from_f_bit]; /* 0..95 */
460 comes_from_word = comes_from_e_bit / 6; /* 0..15 */
461 bit_within_word = comes_from_e_bit % 6; /* 0..5 */
462
463 mask1 = longmask[bit_within_word + 26];
464 mask2 = longmask[o_bit];
465
466 for(word_value = 64; word_value--;) {
467 if(word_value & mask1)
468 efp[comes_from_word][word_value][o_long] |= mask2;
469 }
470 }
471 atomic_write_barrier ();
472 small_tables_initialized = 1;
473 #ifdef __GNU_LIBRARY__
474 small_tables_done:
475 __libc_lock_unlock(_ufc_tables_lock);
476 #endif
477 }
478
479 /*
480 * Create the sb tables:
481 *
482 * For each 12 bit segment of an 48 bit intermediate
483 * result, the sb table precomputes the two 4 bit
484 * values of the sbox lookups done with the two 6
485 * bit halves, shifts them to their proper place,
486 * sends them through perm32 and finally E expands
487 * them so that they are ready for the next
488 * DES round.
489 *
490 */
491
492 _ufc_clearmem((char*)__data->sb0, (int)sizeof(__data->sb0));
493 _ufc_clearmem((char*)__data->sb1, (int)sizeof(__data->sb1));
494 _ufc_clearmem((char*)__data->sb2, (int)sizeof(__data->sb2));
495 _ufc_clearmem((char*)__data->sb3, (int)sizeof(__data->sb3));
496
497 for(sg = 0; sg < 4; sg++) {
498 int j1, j2;
499 int s1, s2;
500
501 for(j1 = 0; j1 < 64; j1++) {
502 s1 = s_lookup(2 * sg, j1);
503 for(j2 = 0; j2 < 64; j2++) {
504 ufc_long to_permute, inx;
505
506 s2 = s_lookup(2 * sg + 1, j2);
507 to_permute = (((ufc_long)s1 << 4) |
508 (ufc_long)s2) << (24 - 8 * (ufc_long)sg);
509
510 #ifdef _UFC_32_
511 inx = ((j1 << 6) | j2) << 1;
512 sb[sg][inx ] = eperm32tab[0][(to_permute >> 24) & 0xff][0];
513 sb[sg][inx+1] = eperm32tab[0][(to_permute >> 24) & 0xff][1];
514 sb[sg][inx ] |= eperm32tab[1][(to_permute >> 16) & 0xff][0];
515 sb[sg][inx+1] |= eperm32tab[1][(to_permute >> 16) & 0xff][1];
516 sb[sg][inx ] |= eperm32tab[2][(to_permute >> 8) & 0xff][0];
517 sb[sg][inx+1] |= eperm32tab[2][(to_permute >> 8) & 0xff][1];
518 sb[sg][inx ] |= eperm32tab[3][(to_permute) & 0xff][0];
519 sb[sg][inx+1] |= eperm32tab[3][(to_permute) & 0xff][1];
520 #endif
521 #ifdef _UFC_64_
522 inx = ((j1 << 6) | j2);
523 sb[sg][inx] =
524 ((long64)eperm32tab[0][(to_permute >> 24) & 0xff][0] << 32) |
525 (long64)eperm32tab[0][(to_permute >> 24) & 0xff][1];
526 sb[sg][inx] |=
527 ((long64)eperm32tab[1][(to_permute >> 16) & 0xff][0] << 32) |
528 (long64)eperm32tab[1][(to_permute >> 16) & 0xff][1];
529 sb[sg][inx] |=
530 ((long64)eperm32tab[2][(to_permute >> 8) & 0xff][0] << 32) |
531 (long64)eperm32tab[2][(to_permute >> 8) & 0xff][1];
532 sb[sg][inx] |=
533 ((long64)eperm32tab[3][(to_permute) & 0xff][0] << 32) |
534 (long64)eperm32tab[3][(to_permute) & 0xff][1];
535 #endif
536 }
537 }
538 }
539
540 __data->current_saltbits = 0;
541 __data->current_salt[0] = 0;
542 __data->current_salt[1] = 0;
543 __data->initialized++;
544 }
545
546 void
547 __init_des()
548 {
549 __init_des_r(&_ufc_foobar);
550 }
551
552 /*
553 * Process the elements of the sb table permuting the
554 * bits swapped in the expansion by the current salt.
555 */
556
557 #ifdef _UFC_32_
558 STATIC void
559 shuffle_sb(k, saltbits)
560 long32 *k;
561 ufc_long saltbits;
562 {
563 ufc_long j;
564 long32 x;
565 for(j=4096; j--;) {
566 x = (k[0] ^ k[1]) & (long32)saltbits;
567 *k++ ^= x;
568 *k++ ^= x;
569 }
570 }
571 #endif
572
573 #ifdef _UFC_64_
574 STATIC void
575 shuffle_sb(k, saltbits)
576 long64 *k;
577 ufc_long saltbits;
578 {
579 ufc_long j;
580 long64 x;
581 for(j=4096; j--;) {
582 x = ((*k >> 32) ^ *k) & (long64)saltbits;
583 *k++ ^= (x << 32) | x;
584 }
585 }
586 #endif
587
588 /*
589 * Setup the unit for a new salt
590 * Hopefully we'll not see a new salt in each crypt call.
591 */
592
593 void
594 _ufc_setup_salt_r(s, __data)
595 __const char *s;
596 struct crypt_data * __restrict __data;
597 {
598 ufc_long i, j, saltbits;
599
600 if(__data->initialized == 0)
601 __init_des_r(__data);
602
603 if(s[0] == __data->current_salt[0] && s[1] == __data->current_salt[1])
604 return;
605 __data->current_salt[0] = s[0]; __data->current_salt[1] = s[1];
606
607 /*
608 * This is the only crypt change to DES:
609 * entries are swapped in the expansion table
610 * according to the bits set in the salt.
611 */
612 saltbits = 0;
613 for(i = 0; i < 2; i++) {
614 long c=ascii_to_bin(s[i]);
615 for(j = 0; j < 6; j++) {
616 if((c >> j) & 0x1)
617 saltbits |= BITMASK[6 * i + j];
618 }
619 }
620
621 /*
622 * Permute the sb table values
623 * to reflect the changed e
624 * selection table
625 */
626 #ifdef _UFC_32_
627 #define LONGG long32*
628 #endif
629 #ifdef _UFC_64_
630 #define LONGG long64*
631 #endif
632
633 shuffle_sb((LONGG)__data->sb0, __data->current_saltbits ^ saltbits);
634 shuffle_sb((LONGG)__data->sb1, __data->current_saltbits ^ saltbits);
635 shuffle_sb((LONGG)__data->sb2, __data->current_saltbits ^ saltbits);
636 shuffle_sb((LONGG)__data->sb3, __data->current_saltbits ^ saltbits);
637
638 __data->current_saltbits = saltbits;
639 }
640
641 void
642 _ufc_mk_keytab_r(key, __data)
643 const char *key;
644 struct crypt_data * __restrict __data;
645 {
646 ufc_long v1, v2, *k1;
647 int i;
648 #ifdef _UFC_32_
649 long32 v, *k2;
650 k2 = (long32*)__data->keysched;
651 #endif
652 #ifdef _UFC_64_
653 long64 v, *k2;
654 k2 = (long64*)__data->keysched;
655 #endif
656
657 v1 = v2 = 0; k1 = &do_pc1[0][0][0];
658 for(i = 8; i--;) {
659 v1 |= k1[*key & 0x7f]; k1 += 128;
660 v2 |= k1[*key++ & 0x7f]; k1 += 128;
661 }
662
663 for(i = 0; i < 16; i++) {
664 k1 = &do_pc2[0][0];
665
666 v1 = (v1 << rots[i]) | (v1 >> (28 - rots[i]));
667 v = k1[(v1 >> 21) & 0x7f]; k1 += 128;
668 v |= k1[(v1 >> 14) & 0x7f]; k1 += 128;
669 v |= k1[(v1 >> 7) & 0x7f]; k1 += 128;
670 v |= k1[(v1 ) & 0x7f]; k1 += 128;
671
672 #ifdef _UFC_32_
673 *k2++ = (v | 0x00008000);
674 v = 0;
675 #endif
676 #ifdef _UFC_64_
677 v = (v << 32);
678 #endif
679
680 v2 = (v2 << rots[i]) | (v2 >> (28 - rots[i]));
681 v |= k1[(v2 >> 21) & 0x7f]; k1 += 128;
682 v |= k1[(v2 >> 14) & 0x7f]; k1 += 128;
683 v |= k1[(v2 >> 7) & 0x7f]; k1 += 128;
684 v |= k1[(v2 ) & 0x7f];
685
686 #ifdef _UFC_32_
687 *k2++ = (v | 0x00008000);
688 #endif
689 #ifdef _UFC_64_
690 *k2++ = v | 0x0000800000008000l;
691 #endif
692 }
693
694 __data->direction = 0;
695 }
696
697 /*
698 * Undo an extra E selection and do final permutations
699 */
700
701 void
702 _ufc_dofinalperm_r(res, __data)
703 ufc_long *res;
704 struct crypt_data * __restrict __data;
705 {
706 ufc_long v1, v2, x;
707 ufc_long l1,l2,r1,r2;
708
709 l1 = res[0]; l2 = res[1];
710 r1 = res[2]; r2 = res[3];
711
712 x = (l1 ^ l2) & __data->current_saltbits; l1 ^= x; l2 ^= x;
713 x = (r1 ^ r2) & __data->current_saltbits; r1 ^= x; r2 ^= x;
714
715 v1=v2=0; l1 >>= 3; l2 >>= 3; r1 >>= 3; r2 >>= 3;
716
717 v1 |= efp[15][ r2 & 0x3f][0]; v2 |= efp[15][ r2 & 0x3f][1];
718 v1 |= efp[14][(r2 >>= 6) & 0x3f][0]; v2 |= efp[14][ r2 & 0x3f][1];
719 v1 |= efp[13][(r2 >>= 10) & 0x3f][0]; v2 |= efp[13][ r2 & 0x3f][1];
720 v1 |= efp[12][(r2 >>= 6) & 0x3f][0]; v2 |= efp[12][ r2 & 0x3f][1];
721
722 v1 |= efp[11][ r1 & 0x3f][0]; v2 |= efp[11][ r1 & 0x3f][1];
723 v1 |= efp[10][(r1 >>= 6) & 0x3f][0]; v2 |= efp[10][ r1 & 0x3f][1];
724 v1 |= efp[ 9][(r1 >>= 10) & 0x3f][0]; v2 |= efp[ 9][ r1 & 0x3f][1];
725 v1 |= efp[ 8][(r1 >>= 6) & 0x3f][0]; v2 |= efp[ 8][ r1 & 0x3f][1];
726
727 v1 |= efp[ 7][ l2 & 0x3f][0]; v2 |= efp[ 7][ l2 & 0x3f][1];
728 v1 |= efp[ 6][(l2 >>= 6) & 0x3f][0]; v2 |= efp[ 6][ l2 & 0x3f][1];
729 v1 |= efp[ 5][(l2 >>= 10) & 0x3f][0]; v2 |= efp[ 5][ l2 & 0x3f][1];
730 v1 |= efp[ 4][(l2 >>= 6) & 0x3f][0]; v2 |= efp[ 4][ l2 & 0x3f][1];
731
732 v1 |= efp[ 3][ l1 & 0x3f][0]; v2 |= efp[ 3][ l1 & 0x3f][1];
733 v1 |= efp[ 2][(l1 >>= 6) & 0x3f][0]; v2 |= efp[ 2][ l1 & 0x3f][1];
734 v1 |= efp[ 1][(l1 >>= 10) & 0x3f][0]; v2 |= efp[ 1][ l1 & 0x3f][1];
735 v1 |= efp[ 0][(l1 >>= 6) & 0x3f][0]; v2 |= efp[ 0][ l1 & 0x3f][1];
736
737 res[0] = v1; res[1] = v2;
738 }
739
740 /*
741 * crypt only: convert from 64 bit to 11 bit ASCII
742 * prefixing with the salt
743 */
744
745 void
746 _ufc_output_conversion_r(v1, v2, salt, __data)
747 ufc_long v1, v2;
748 __const char *salt;
749 struct crypt_data * __restrict __data;
750 {
751 int i, s, shf;
752
753 __data->crypt_3_buf[0] = salt[0];
754 __data->crypt_3_buf[1] = salt[1] ? salt[1] : salt[0];
755
756 for(i = 0; i < 5; i++) {
757 shf = (26 - 6 * i); /* to cope with MSC compiler bug */
758 __data->crypt_3_buf[i + 2] = bin_to_ascii((v1 >> shf) & 0x3f);
759 }
760
761 s = (v2 & 0xf) << 2;
762 v2 = (v2 >> 2) | ((v1 & 0x3) << 30);
763
764 for(i = 5; i < 10; i++) {
765 shf = (56 - 6 * i);
766 __data->crypt_3_buf[i + 2] = bin_to_ascii((v2 >> shf) & 0x3f);
767 }
768
769 __data->crypt_3_buf[12] = bin_to_ascii(s);
770 __data->crypt_3_buf[13] = 0;
771 }
772
773
774 /*
775 * UNIX encrypt function. Takes a bitvector
776 * represented by one byte per bit and
777 * encrypt/decrypt according to edflag
778 */
779
780 void
781 __encrypt_r(__block, __edflag, __data)
782 char *__block;
783 int __edflag;
784 struct crypt_data * __restrict __data;
785 {
786 ufc_long l1, l2, r1, r2, res[4];
787 int i;
788 #ifdef _UFC_32_
789 long32 *kt;
790 kt = (long32*)__data->keysched;
791 #endif
792 #ifdef _UFC_64_
793 long64 *kt;
794 kt = (long64*)__data->keysched;
795 #endif
796
797 /*
798 * Undo any salt changes to E expansion
799 */
800 _ufc_setup_salt_r("..", __data);
801
802 /*
803 * Reverse key table if
804 * changing operation (encrypt/decrypt)
805 */
806 if((__edflag == 0) != (__data->direction == 0)) {
807 for(i = 0; i < 8; i++) {
808 #ifdef _UFC_32_
809 long32 x;
810 x = kt[2 * (15-i)];
811 kt[2 * (15-i)] = kt[2 * i];
812 kt[2 * i] = x;
813
814 x = kt[2 * (15-i) + 1];
815 kt[2 * (15-i) + 1] = kt[2 * i + 1];
816 kt[2 * i + 1] = x;
817 #endif
818 #ifdef _UFC_64_
819 long64 x;
820 x = kt[15-i];
821 kt[15-i] = kt[i];
822 kt[i] = x;
823 #endif
824 }
825 __data->direction = __edflag;
826 }
827
828 /*
829 * Do initial permutation + E expansion
830 */
831 i = 0;
832 for(l1 = 0; i < 24; i++) {
833 if(__block[initial_perm[esel[i]-1]-1])
834 l1 |= BITMASK[i];
835 }
836 for(l2 = 0; i < 48; i++) {
837 if(__block[initial_perm[esel[i]-1]-1])
838 l2 |= BITMASK[i-24];
839 }
840
841 i = 0;
842 for(r1 = 0; i < 24; i++) {
843 if(__block[initial_perm[esel[i]-1+32]-1])
844 r1 |= BITMASK[i];
845 }
846 for(r2 = 0; i < 48; i++) {
847 if(__block[initial_perm[esel[i]-1+32]-1])
848 r2 |= BITMASK[i-24];
849 }
850
851 /*
852 * Do DES inner loops + final conversion
853 */
854 res[0] = l1; res[1] = l2;
855 res[2] = r1; res[3] = r2;
856 _ufc_doit_r((ufc_long)1, __data, &res[0]);
857
858 /*
859 * Do final permutations
860 */
861 _ufc_dofinalperm_r(res, __data);
862
863 /*
864 * And convert to bit array
865 */
866 l1 = res[0]; r1 = res[1];
867 for(i = 0; i < 32; i++) {
868 *__block++ = (l1 & longmask[i]) != 0;
869 }
870 for(i = 0; i < 32; i++) {
871 *__block++ = (r1 & longmask[i]) != 0;
872 }
873 }
874 weak_alias (__encrypt_r, encrypt_r)
875
876 void
877 encrypt(__block, __edflag)
878 char *__block;
879 int __edflag;
880 {
881 __encrypt_r(__block, __edflag, &_ufc_foobar);
882 }
883
884
885 /*
886 * UNIX setkey function. Take a 64 bit DES
887 * key and setup the machinery.
888 */
889
890 void
891 __setkey_r(__key, __data)
892 __const char *__key;
893 struct crypt_data * __restrict __data;
894 {
895 int i,j;
896 unsigned char c;
897 unsigned char ktab[8];
898
899 _ufc_setup_salt_r("..", __data); /* be sure we're initialized */
900
901 for(i = 0; i < 8; i++) {
902 for(j = 0, c = 0; j < 8; j++)
903 c = c << 1 | *__key++;
904 ktab[i] = c >> 1;
905 }
906 _ufc_mk_keytab_r((char *) ktab, __data);
907 }
908 weak_alias (__setkey_r, setkey_r)
909
910 void
911 setkey(__key)
912 __const char *__key;
913 {
914 __setkey_r(__key, &_ufc_foobar);
915 }
sources.redhat.com git mirror of glibc CVS