1 /* crypto-3des.c 3DES crypto functions
2 * Copyright (C) 2002, 2003 Simon Josefsson
4 * This file is part of Shishi.
6 * Shishi is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * Shishi is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 * Note: This file is #include'd by crypto.c.
25 des3_encrypt (Shishi
* handle
,
30 const char *in
, size_t inlen
, char **out
, size_t * outlen
)
32 return simplified_encrypt (handle
, key
, keyusage
, iv
, ivlen
,
33 in
, inlen
, out
, outlen
);
37 des3_decrypt (Shishi
* handle
,
42 const char *in
, size_t inlen
, char **out
, size_t * outlen
)
44 return simplified_decrypt (handle
, key
, keyusage
, iv
, ivlen
,
45 in
, inlen
, out
, outlen
);
49 des3none_dencrypt (Shishi
* handle
,
55 size_t inlen
, char **out
, size_t * outlen
, int direction
)
62 Shishi_key
*derivedkey
;
64 res
= simplified_derivekey (handle
, key
, keyusage
,
65 SHISHI_DERIVEKEYMODE_PRIVACY
, &derivedkey
);
69 res
= simplified_dencrypt (handle
, derivedkey
, iv
, ivlen
,
70 in
, inlen
, out
, outlen
, direction
);
72 shishi_key_done (&derivedkey
);
79 res
= simplified_dencrypt (handle
, key
, iv
, ivlen
,
80 in
, inlen
, out
, outlen
, direction
);
89 des3none_encrypt (Shishi
* handle
,
94 const char *in
, size_t inlen
, char **out
, size_t * outlen
)
96 return des3none_dencrypt (handle
, key
, keyusage
,
97 iv
, ivlen
, in
, inlen
, out
, outlen
, 0);
101 des3none_decrypt (Shishi
* handle
,
106 const char *in
, size_t inlen
, char **out
, size_t * outlen
)
108 return des3none_dencrypt (handle
, key
, keyusage
,
109 iv
, ivlen
, in
, inlen
, out
, outlen
, 1);
112 /* The 168 bits of random key data are converted to a protocol key
113 * value as follows. First, the 168 bits are divided into three
114 * groups of 56 bits, which are expanded individually into 64 bits as
118 * 9 10 11 12 13 14 15 p
119 * 17 18 19 20 21 22 23 p
120 * 25 26 27 28 29 30 31 p
121 * 33 34 35 36 37 38 39 p
122 * 41 42 43 44 45 46 47 p
123 * 49 50 51 52 53 54 55 p
124 * 56 48 40 32 24 16 8 p
126 * The "p" bits are parity bits computed over the data bits. The
127 * output of the three expansions are concatenated to form the
128 * protocol key value.
132 des3_random_to_key (Shishi
* handle
,
133 const char *random
, size_t randomlen
, Shishi_key
* outkey
)
135 unsigned char tmpkey
[3 * 8];
138 if (randomlen
< 168 / 8)
141 if (VERBOSECRYPTO (handle
))
143 printf ("des3_random_to_key (random)\n");
144 printf ("\t ;; random (length %d):\n", 168 / 8);
145 hexprint (random
, 168 / 8);
147 binprint (random
, 168 / 8);
151 memcpy (tmpkey
, random
, 7);
152 memcpy (tmpkey
+ 8, random
+ 7, 7);
153 memcpy (tmpkey
+ 16, random
+ 14, 7);
154 for (i
= 0; i
< 3; i
++)
157 ((tmpkey
[i
* 8 + 0] & 0x01) << 1) |
158 ((tmpkey
[i
* 8 + 1] & 0x01) << 2) |
159 ((tmpkey
[i
* 8 + 2] & 0x01) << 3) |
160 ((tmpkey
[i
* 8 + 3] & 0x01) << 4) |
161 ((tmpkey
[i
* 8 + 4] & 0x01) << 5) |
162 ((tmpkey
[i
* 8 + 5] & 0x01) << 6) | ((tmpkey
[i
* 8 + 6] & 0x01) << 7);
163 des_set_odd_key_parity (tmpkey
+ i
* 8);
166 shishi_key_value_set (outkey
, tmpkey
);
168 if (VERBOSECRYPTO (handle
))
170 printf ("key = des3_random_to_key (random)\n");
171 printf ("\t ;; key:\n");
172 hexprint (tmpkey
, 3 * 8);
174 binprint (tmpkey
, 3 * 8);
182 des3_string_to_key (Shishi
* handle
,
187 const char *parameter
, Shishi_key
* outkey
)
193 int nfoldlen
= 168 / 8;
196 if (VERBOSECRYPTO (handle
))
198 printf ("des3_string_to_key (string, salt)\n");
199 printf ("\t ;; String:\n");
200 escapeprint (string
, stringlen
);
201 hexprint (string
, stringlen
);
203 printf ("\t ;; Salt:\n");
204 escapeprint (salt
, saltlen
);
205 hexprint (salt
, saltlen
);
209 /* s = passwordString + salt */
210 n_s
= stringlen
+ saltlen
;
211 s
= (char *) malloc (n_s
);
212 memcpy (s
, string
, stringlen
);
213 memcpy (s
+ stringlen
, salt
, saltlen
);
215 /* tmpKey = random-to-key(168-fold(s)) */
216 res
= shishi_n_fold (handle
, s
, n_s
, nfold
, nfoldlen
);
218 if (res
!= SHISHI_OK
)
221 res
= shishi_key_from_value (handle
, shishi_key_type (outkey
), NULL
, &key
);
222 if (res
!= SHISHI_OK
)
225 res
= des3_random_to_key (handle
, nfold
, nfoldlen
, key
);
226 if (res
!= SHISHI_OK
)
229 /* key = DK (tmpKey, KerberosConstant) */
230 res
= shishi_dk (handle
, key
, "kerberos", strlen ("kerberos"), outkey
);
231 if (res
!= SHISHI_OK
)
234 shishi_key_done (&key
);
236 if (VERBOSECRYPTO (handle
))
238 printf ("des3_string_to_key (string, salt)\n");
239 printf ("\t ;; Key:\n");
240 hexprint (shishi_key_value (outkey
), shishi_key_length (outkey
));
241 binprint (shishi_key_value (outkey
), shishi_key_length (outkey
));
249 des3_checksum (Shishi
* handle
,
253 char *in
, size_t inlen
,
254 char **out
, size_t * outlen
)
256 return simplified_checksum (handle
, key
, keyusage
, cksumtype
,
257 in
, inlen
, out
, outlen
);