1 /* crypto-3des.c 3DES crypto functions
2 * Copyright (C) 2002, 2003 Simon Josefsson
4 * This file is part of Shishi.
6 * Shishi is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * Shishi is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
27 _des3_encrypt (Shishi
* handle
,
32 char **ivout
, size_t * ivoutlen
,
33 const char *in
, size_t inlen
, char **out
, size_t * outlen
)
35 return _shishi_simplified_encrypt (handle
, key
, keyusage
, iv
, ivlen
, ivout
,
36 ivoutlen
, in
, inlen
, out
, outlen
);
40 _des3_decrypt (Shishi
* handle
,
45 char **ivout
, size_t * ivoutlen
,
46 const char *in
, size_t inlen
, char **out
, size_t * outlen
)
48 return _shishi_simplified_decrypt (handle
, key
, keyusage
, iv
, ivlen
, ivout
,
49 ivoutlen
, in
, inlen
, out
, outlen
);
53 des3none_dencrypt (Shishi
* handle
,
56 const char *iv
, size_t ivlen
,
57 char **ivout
, size_t * ivoutlen
,
58 const char *in
, size_t inlen
,
59 char **out
, size_t * outlen
, int direction
)
65 Shishi_key
*derivedkey
;
67 res
= _shishi_simplified_derivekey (handle
, key
, keyusage
,
68 SHISHI_DERIVEKEYMODE_PRIVACY
,
74 _shishi_simplified_dencrypt (handle
, derivedkey
, iv
, ivlen
, ivout
,
75 ivoutlen
, in
, inlen
, out
, outlen
,
78 shishi_key_done (derivedkey
);
86 _shishi_simplified_dencrypt (handle
, key
, iv
, ivlen
, ivout
, ivoutlen
,
87 in
, inlen
, out
, outlen
, direction
);
96 des3none_encrypt (Shishi
* handle
,
99 const char *iv
, size_t ivlen
,
100 char **ivout
, size_t * ivoutlen
,
101 const char *in
, size_t inlen
, char **out
, size_t * outlen
)
103 return des3none_dencrypt (handle
, key
, keyusage
, iv
, ivlen
, ivout
, ivoutlen
,
104 in
, inlen
, out
, outlen
, 0);
108 des3none_decrypt (Shishi
* handle
,
111 const char *iv
, size_t ivlen
,
112 char **ivout
, size_t * ivoutlen
,
113 const char *in
, size_t inlen
, char **out
, size_t * outlen
)
115 return des3none_dencrypt (handle
, key
, keyusage
, iv
, ivlen
, ivout
, ivoutlen
,
116 in
, inlen
, out
, outlen
, 1);
120 des_set_odd_key_parity (char key
[8])
124 for (i
= 0; i
< 8; i
++)
128 for (j
= 1; j
< 8; j
++)
129 if (key
[i
] & (1 << j
))
133 if ((n_set_bits
% 2) == 0)
138 /* The 168 bits of random key data are converted to a protocol key
139 * value as follows. First, the 168 bits are divided into three
140 * groups of 56 bits, which are expanded individually into 64 bits as
144 * 9 10 11 12 13 14 15 p
145 * 17 18 19 20 21 22 23 p
146 * 25 26 27 28 29 30 31 p
147 * 33 34 35 36 37 38 39 p
148 * 41 42 43 44 45 46 47 p
149 * 49 50 51 52 53 54 55 p
150 * 56 48 40 32 24 16 8 p
152 * The "p" bits are parity bits computed over the data bits. The
153 * output of the three expansions are concatenated to form the
154 * protocol key value.
158 des3_random_to_key (Shishi
* handle
,
159 const char *random
, size_t randomlen
, Shishi_key
* outkey
)
161 unsigned char tmpkey
[3 * 8];
164 if (randomlen
< 168 / 8)
167 if (VERBOSECRYPTO (handle
))
169 printf ("des3_random_to_key (random)\n");
170 printf ("\t ;; random (length %d):\n", 168 / 8);
171 _shishi_hexprint (random
, 168 / 8);
172 _shishi_binprint (random
, 168 / 8);
175 memcpy (tmpkey
, random
, 7);
176 memcpy (tmpkey
+ 8, random
+ 7, 7);
177 memcpy (tmpkey
+ 16, random
+ 14, 7);
178 for (i
= 0; i
< 3; i
++)
181 ((tmpkey
[i
* 8 + 0] & 0x01) << 1) |
182 ((tmpkey
[i
* 8 + 1] & 0x01) << 2) |
183 ((tmpkey
[i
* 8 + 2] & 0x01) << 3) |
184 ((tmpkey
[i
* 8 + 3] & 0x01) << 4) |
185 ((tmpkey
[i
* 8 + 4] & 0x01) << 5) |
186 ((tmpkey
[i
* 8 + 5] & 0x01) << 6) | ((tmpkey
[i
* 8 + 6] & 0x01) << 7);
187 des_set_odd_key_parity (tmpkey
+ i
* 8);
190 shishi_key_value_set (outkey
, tmpkey
);
192 if (VERBOSECRYPTO (handle
))
194 printf ("key = des3_random_to_key (random)\n");
195 printf ("\t ;; key:\n");
196 _shishi_hexprint (tmpkey
, 3 * 8);
197 _shishi_binprint (tmpkey
, 3 * 8);
204 des3_string_to_key (Shishi
* handle
,
209 const char *parameter
, Shishi_key
* outkey
)
215 int nfoldlen
= 168 / 8;
218 if (VERBOSECRYPTO (handle
))
220 printf ("des3_string_to_key (string, salt)\n");
221 printf ("\t ;; String:\n");
222 _shishi_escapeprint (string
, stringlen
);
223 _shishi_hexprint (string
, stringlen
);
224 printf ("\t ;; Salt:\n");
225 _shishi_escapeprint (salt
, saltlen
);
226 _shishi_hexprint (salt
, saltlen
);
229 /* s = passwordString + salt */
230 n_s
= stringlen
+ saltlen
;
231 s
= (char *) xmalloc (n_s
);
232 memcpy (s
, string
, stringlen
);
233 memcpy (s
+ stringlen
, salt
, saltlen
);
235 /* tmpKey = random-to-key(168-fold(s)) */
236 res
= shishi_n_fold (handle
, s
, n_s
, nfold
, nfoldlen
);
238 if (res
!= SHISHI_OK
)
241 res
= shishi_key_from_value (handle
, shishi_key_type (outkey
), NULL
, &key
);
242 if (res
!= SHISHI_OK
)
245 res
= des3_random_to_key (handle
, nfold
, nfoldlen
, key
);
246 if (res
!= SHISHI_OK
)
249 /* key = DK (tmpKey, KerberosConstant) */
250 res
= shishi_dk (handle
, key
, "kerberos", strlen ("kerberos"), outkey
);
251 if (res
!= SHISHI_OK
)
254 shishi_key_done (key
);
256 if (VERBOSECRYPTO (handle
))
258 printf ("des3_string_to_key (string, salt)\n");
259 printf ("\t ;; Key:\n");
260 _shishi_hexprint (shishi_key_value (outkey
),
261 shishi_key_length (outkey
));
262 _shishi_binprint (shishi_key_value (outkey
),
263 shishi_key_length (outkey
));
270 des3_checksum (Shishi
* handle
,
274 const char *in
, size_t inlen
, char **out
, size_t * outlen
)
276 return _shishi_simplified_checksum (handle
, key
, keyusage
, cksumtype
,
277 in
, inlen
, out
, outlen
);
280 cipherinfo des3_cbc_none_info
= {
281 SHISHI_DES3_CBC_NONE
,
288 SHISHI_HMAC_SHA1_DES3_KD
,
295 cipherinfo des3_cbc_sha1_kd_info
= {
296 SHISHI_DES3_CBC_HMAC_SHA1_KD
,
303 SHISHI_HMAC_SHA1_DES3_KD
,
310 checksuminfo hmac_sha1_des3_kd_info
= {
311 SHISHI_HMAC_SHA1_DES3_KD
,