search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Doc fix.
[shishi.git] / lib / crypto-3des.c
blob055b9ab3837d10499d1f843c583d388735970266
1 /* crypto-3des.c 3DES crypto functions
2 * Copyright (C) 2002, 2003 Simon Josefsson
3 *
4 * This file is part of Shishi.
5 *
6 * Shishi is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * Shishi is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 *
20 * Note: This file is #include'd by crypto.c.
21 *
22 */
23
24 static int
25 _des3_encrypt (Shishi * handle,
26 Shishi_key * key,
27 int keyusage,
28 const char *iv,
29 size_t ivlen,
30 char **ivout, size_t * ivoutlen,
31 const char *in, size_t inlen, char **out, size_t * outlen)
32 {
33 return simplified_encrypt (handle, key, keyusage, iv, ivlen, ivout,
34 ivoutlen, in, inlen, out, outlen);
35 }
36
37 static int
38 _des3_decrypt (Shishi * handle,
39 Shishi_key * key,
40 int keyusage,
41 const char *iv,
42 size_t ivlen,
43 char **ivout, size_t * ivoutlen,
44 const char *in, size_t inlen, char **out, size_t * outlen)
45 {
46 return simplified_decrypt (handle, key, keyusage, iv, ivlen, ivout,
47 ivoutlen, in, inlen, out, outlen);
48 }
49
50 static int
51 des3none_dencrypt (Shishi * handle,
52 Shishi_key * key,
53 int keyusage,
54 const char *iv, size_t ivlen,
55 char **ivout, size_t * ivoutlen,
56 const char *in, size_t inlen,
57 char **out, size_t * outlen, int direction)
58 {
59 int res;
60
61 if (keyusage != 0)
62 {
63 Shishi_key *derivedkey;
64
65 res = simplified_derivekey (handle, key, keyusage,
66 SHISHI_DERIVEKEYMODE_PRIVACY, &derivedkey);
67 if (res != SHISHI_OK)
68 return res;
69
70 res =
71 simplified_dencrypt (handle, derivedkey, iv, ivlen, ivout, ivoutlen,
72 in, inlen, out, outlen, direction);
73
74 shishi_key_done (derivedkey);
75
76 if (res != SHISHI_OK)
77 return res;
78 }
79 else
80 {
81 res = simplified_dencrypt (handle, key, iv, ivlen, ivout, ivoutlen,
82 in, inlen, out, outlen, direction);
83 if (res != SHISHI_OK)
84 return res;
85 }
86
87 return SHISHI_OK;
88 }
89
90 static int
91 des3none_encrypt (Shishi * handle,
92 Shishi_key * key,
93 int keyusage,
94 const char *iv, size_t ivlen,
95 char **ivout, size_t * ivoutlen,
96 const char *in, size_t inlen, char **out, size_t * outlen)
97 {
98 return des3none_dencrypt (handle, key, keyusage, iv, ivlen, ivout, ivoutlen,
99 in, inlen, out, outlen, 0);
100 }
101
102 static int
103 des3none_decrypt (Shishi * handle,
104 Shishi_key * key,
105 int keyusage,
106 const char *iv, size_t ivlen,
107 char **ivout, size_t * ivoutlen,
108 const char *in, size_t inlen, char **out, size_t * outlen)
109 {
110 return des3none_dencrypt (handle, key, keyusage, iv, ivlen, ivout, ivoutlen,
111 in, inlen, out, outlen, 1);
112 }
113
114 /* The 168 bits of random key data are converted to a protocol key
115 * value as follows. First, the 168 bits are divided into three
116 * groups of 56 bits, which are expanded individually into 64 bits as
117 * follows:
118 *
119 * 1 2 3 4 5 6 7 p
120 * 9 10 11 12 13 14 15 p
121 * 17 18 19 20 21 22 23 p
122 * 25 26 27 28 29 30 31 p
123 * 33 34 35 36 37 38 39 p
124 * 41 42 43 44 45 46 47 p
125 * 49 50 51 52 53 54 55 p
126 * 56 48 40 32 24 16 8 p
127 *
128 * The "p" bits are parity bits computed over the data bits. The
129 * output of the three expansions are concatenated to form the
130 * protocol key value.
131 *
132 */
133 static int
134 des3_random_to_key (Shishi * handle,
135 const char *random, size_t randomlen, Shishi_key * outkey)
136 {
137 unsigned char tmpkey[3 * 8];
138 int i;
139
140 if (randomlen < 168 / 8)
141 return !SHISHI_OK;
142
143 if (VERBOSECRYPTO (handle))
144 {
145 printf ("des3_random_to_key (random)\n");
146 printf ("\t ;; random (length %d):\n", 168 / 8);
147 hexprint (random, 168 / 8);
148 puts ("");
149 binprint (random, 168 / 8);
150 puts ("");
151 }
152
153 memcpy (tmpkey, random, 7);
154 memcpy (tmpkey + 8, random + 7, 7);
155 memcpy (tmpkey + 16, random + 14, 7);
156 for (i = 0; i < 3; i++)
157 {
158 tmpkey[i * 8 + 7] =
159 ((tmpkey[i * 8 + 0] & 0x01) << 1) |
160 ((tmpkey[i * 8 + 1] & 0x01) << 2) |
161 ((tmpkey[i * 8 + 2] & 0x01) << 3) |
162 ((tmpkey[i * 8 + 3] & 0x01) << 4) |
163 ((tmpkey[i * 8 + 4] & 0x01) << 5) |
164 ((tmpkey[i * 8 + 5] & 0x01) << 6) | ((tmpkey[i * 8 + 6] & 0x01) << 7);
165 des_set_odd_key_parity (tmpkey + i * 8);
166 }
167
168 shishi_key_value_set (outkey, tmpkey);
169
170 if (VERBOSECRYPTO (handle))
171 {
172 printf ("key = des3_random_to_key (random)\n");
173 printf ("\t ;; key:\n");
174 hexprint (tmpkey, 3 * 8);
175 puts ("");
176 binprint (tmpkey, 3 * 8);
177 puts ("");
178 }
179
180 return SHISHI_OK;
181 }
182
183 static int
184 des3_string_to_key (Shishi * handle,
185 const char *string,
186 size_t stringlen,
187 const char *salt,
188 size_t saltlen,
189 const char *parameter, Shishi_key * outkey)
190 {
191 char *s;
192 int n_s;
193 Shishi_key *key;
194 char nfold[168 / 8];
195 int nfoldlen = 168 / 8;
196 int res;
197
198 if (VERBOSECRYPTO (handle))
199 {
200 printf ("des3_string_to_key (string, salt)\n");
201 printf ("\t ;; String:\n");
202 escapeprint (string, stringlen);
203 hexprint (string, stringlen);
204 puts ("");
205 printf ("\t ;; Salt:\n");
206 escapeprint (salt, saltlen);
207 hexprint (salt, saltlen);
208 puts ("");
209 }
210
211 /* s = passwordString + salt */
212 n_s = stringlen + saltlen;
213 s = (char *) xmalloc (n_s);
214 memcpy (s, string, stringlen);
215 memcpy (s + stringlen, salt, saltlen);
216
217 /* tmpKey = random-to-key(168-fold(s)) */
218 res = shishi_n_fold (handle, s, n_s, nfold, nfoldlen);
219 free (s);
220 if (res != SHISHI_OK)
221 return res;
222
223 res = shishi_key_from_value (handle, shishi_key_type (outkey), NULL, &key);
224 if (res != SHISHI_OK)
225 return res;
226
227 res = des3_random_to_key (handle, nfold, nfoldlen, key);
228 if (res != SHISHI_OK)
229 return res;
230
231 /* key = DK (tmpKey, KerberosConstant) */
232 res = shishi_dk (handle, key, "kerberos", strlen ("kerberos"), outkey);
233 if (res != SHISHI_OK)
234 return res;
235
236 shishi_key_done (key);
237
238 if (VERBOSECRYPTO (handle))
239 {
240 printf ("des3_string_to_key (string, salt)\n");
241 printf ("\t ;; Key:\n");
242 hexprint (shishi_key_value (outkey), shishi_key_length (outkey));
243 binprint (shishi_key_value (outkey), shishi_key_length (outkey));
244 puts ("");
245 }
246
247 return SHISHI_OK;
248 }
249
250 static int
251 des3_checksum (Shishi * handle,
252 Shishi_key * key,
253 int keyusage,
254 int cksumtype,
255 const char *in, size_t inlen, char **out, size_t * outlen)
256 {
257 return simplified_checksum (handle, key, keyusage, cksumtype,
258 in, inlen, out, outlen);
259 }
Free Kerberos V5 implementation