xref: /titanic_41/usr/src/lib/libcrypt/common/des_crypt.c (revision 6dfee4834394825da35b977ca71cdc965bc7b6a4)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*	Copyright (c) 1988 AT&T	*/
23 /*	  All Rights Reserved  	*/
24 
25 
26 /*
27  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
28  * Use is subject to license terms.
29  */
30 
31 #pragma ident	"%Z%%M%	%I%	%E% SMI"
32 /*LINTLIBRARY*/
33 
34 #pragma weak des_crypt = _des_crypt
35 #pragma weak des_encrypt = _des_encrypt
36 #pragma weak des_setkey = _des_setkey
37 
38 #include "synonyms.h"
39 #include "mtlib.h"
40 #include <sys/types.h>
41 #include <crypt.h>
42 #include "des_soft.h"
43 
44 #include <stdlib.h>
45 #include <thread.h>
46 #include <synch.h>
47 #include <sys/types.h>
48 
49 /* EXPORT DELETE START */
50 /*
51  * This program implements the
52  * Proposed Federal Information Processing
53  *  Data Encryption Standard.
54  * See Federal Register, March 17, 1975 (40FR12134)
55  */
56 
57 /*
58  * Initial permutation,
59  */
60 static char IP[] = {
61 	58, 50, 42, 34, 26, 18, 10, 2,
62 	60, 52, 44, 36, 28, 20, 12, 4,
63 	62, 54, 46, 38, 30, 22, 14, 6,
64 	64, 56, 48, 40, 32, 24, 16, 8,
65 	57, 49, 41, 33, 25, 17, 9, 1,
66 	59, 51, 43, 35, 27, 19, 11, 3,
67 	61, 53, 45, 37, 29, 21, 13, 5,
68 	63, 55, 47, 39, 31, 23, 15, 7,
69 };
70 
71 /*
72  * Final permutation, FP = IP^(-1)
73  */
74 static char FP[] = {
75 	40, 8, 48, 16, 56, 24, 64, 32,
76 	39, 7, 47, 15, 55, 23, 63, 31,
77 	38, 6, 46, 14, 54, 22, 62, 30,
78 	37, 5, 45, 13, 53, 21, 61, 29,
79 	36, 4, 44, 12, 52, 20, 60, 28,
80 	35, 3, 43, 11, 51, 19, 59, 27,
81 	34, 2, 42, 10, 50, 18, 58, 26,
82 	33, 1, 41, 9, 49, 17, 57, 25,
83 };
84 
85 /*
86  * Permuted-choice 1 from the key bits
87  * to yield C and D.
88  * Note that bits 8, 16... are left out:
89  * They are intended for a parity check.
90  */
91 static char PC1_C[] = {
92 	57, 49, 41, 33, 25, 17, 9,
93 	1, 58, 50, 42, 34, 26, 18,
94 	10, 2, 59, 51, 43, 35, 27,
95 	19, 11, 3, 60, 52, 44, 36,
96 };
97 
98 static char PC1_D[] = {
99 	63, 55, 47, 39, 31, 23, 15,
100 	7, 62, 54, 46, 38, 30, 22,
101 	14, 6, 61, 53, 45, 37, 29,
102 	21, 13, 5, 28, 20, 12, 4,
103 };
104 
105 /*
106  * Sequence of shifts used for the key schedule.
107  */
108 static char shifts[] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1, };
109 
110 /*
111  * Permuted-choice 2, to pick out the bits from
112  * the CD array that generate the key schedule.
113  */
114 static char PC2_C[] = {
115 	14, 17, 11, 24, 1, 5,
116 	3, 28, 15, 6, 21, 10,
117 	23, 19, 12, 4, 26, 8,
118 	16, 7, 27, 20, 13, 2,
119 };
120 
121 static char PC2_D[] = {
122 	41, 52, 31, 37, 47, 55,
123 	30, 40, 51, 45, 33, 48,
124 	44, 49, 39, 56, 34, 53,
125 	46, 42, 50, 36, 29, 32,
126 };
127 
128 /*
129  * The C and D arrays used to calculate the key schedule.
130  */
131 
132 static char C[28];
133 static char D[28];
134 /*
135  * The key schedule.
136  * Generated from the key.
137  */
138 static char KS[16][48];
139 
140 /*
141  * The E bit-selection table.
142  */
143 static char E[48];
144 static char e2[] = {
145 	32, 1, 2, 3, 4, 5,
146 	4, 5, 6, 7, 8, 9,
147 	8, 9, 10, 11, 12, 13,
148 	12, 13, 14, 15, 16, 17,
149 	16, 17, 18, 19, 20, 21,
150 	20, 21, 22, 23, 24, 25,
151 	24, 25, 26, 27, 28, 29,
152 	28, 29, 30, 31, 32, 1,
153 };
154 
155 /*
156  * Set up the key schedule from the key.
157  */
158 
159 static mutex_t lock = DEFAULTMUTEX;
160 
161 /* EXPORT DELETE END */
162 
163 
164 static void
165 des_setkey_nolock(const char *key)
166 {
167 /* EXPORT DELETE START */
168 	int i, j, k;
169 	char t;
170 
171 	/*
172 	 * First, generate C and D by permuting
173 	 * the key.  The low order bit of each
174 	 * 8-bit char is not used, so C and D are only 28
175 	 * bits apiece.
176 	 */
177 	for (i = 0; i < 28; i++) {
178 		C[i] = key[PC1_C[i]-1];
179 		D[i] = key[PC1_D[i]-1];
180 	}
181 	/*
182 	 * To generate Ki, rotate C and D according
183 	 * to schedule and pick up a permutation
184 	 * using PC2.
185 	 */
186 	for (i = 0; i < 16; i++) {
187 		/*
188 		 * rotate.
189 		 */
190 		for (k = 0; k < shifts[i]; k++) {
191 			t = C[0];
192 			for (j = 0; j < 28-1; j++)
193 				C[j] = C[j+1];
194 			C[27] = (char)t;
195 			t = D[0];
196 			for (j = 0; j < 28-1; j++)
197 				D[j] = D[j+1];
198 			D[27] = (char)t;
199 		}
200 		/*
201 		 * get Ki. Note C and D are concatenated.
202 		 */
203 		for (j = 0; j < 24; j++) {
204 			KS[i][j] = C[PC2_C[j]-1];
205 			KS[i][j+24] = D[PC2_D[j]-28-1];
206 		}
207 	}
208 
209 	for (i = 0; i < 48; i++)
210 		E[i] = e2[i];
211 /* EXPORT DELETE END */
212 }
213 
214 void
215 des_setkey(const char *key)
216 {
217 /* EXPORT DELETE START */
218 	(void) mutex_lock(&lock);
219 	des_setkey_nolock(key);
220 	(void) mutex_unlock(&lock);
221 /* EXPORT DELETE END */
222 }
223 
224 /* EXPORT DELETE START */
225 /*
226  * The 8 selection functions.
227  * For some reason, they give a 0-origin
228  * index, unlike everything else.
229  */
230 static char S[8][64] = {
231 	14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
232 	0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
233 	4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
234 	15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13,
235 
236 	15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
237 	3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
238 	0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
239 	13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9,
240 
241 	10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
242 	13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
243 	13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
244 	1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12,
245 
246 	7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
247 	13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
248 	10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
249 	3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14,
250 
251 	2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
252 	14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
253 	4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
254 	11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3,
255 
256 	12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
257 	10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
258 	9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
259 	4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13,
260 
261 	4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
262 	13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
263 	1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
264 	6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12,
265 
266 	13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
267 	1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
268 	7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
269 	2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11,
270 };
271 
272 /*
273  * P is a permutation on the selected combination
274  * of the current L and key.
275  */
276 static char P[] = {
277 	16, 7, 20, 21,
278 	29, 12, 28, 17,
279 	1, 15, 23, 26,
280 	5, 18, 31, 10,
281 	2, 8, 24, 14,
282 	32, 27, 3, 9,
283 	19, 13, 30, 6,
284 	22, 11, 4, 25,
285 };
286 
287 /*
288  * The current block, divided into 2 halves.
289  */
290 static char L[64];
291 static char tempL[32];
292 static char f[32];
293 
294 /*
295  * The combination of the key and the input, before selection.
296  */
297 static char preS[48];
298 
299 /*
300  * The payoff: encrypt a block.
301  */
302 /* EXPORT DELETE END */
303 
304 static void
305 des_encrypt_nolock(char *block, int edflag)
306 {
307 /* EXPORT DELETE START */
308 
309 	if (edflag)
310 		(void) des_decrypt1(block, L, IP, &L[32],
311 		    preS, E, KS, S, f, tempL, P, FP);
312 	else
313 		(void) des_encrypt1(block, L, IP, &L[32],
314 		    preS, E, KS, S, f, tempL, P, FP);
315 
316 /* EXPORT DELETE END */
317 }
318 
319 void
320 des_encrypt(char *block, int edflag)
321 {
322 /* EXPORT DELETE START */
323 	(void) mutex_lock(&lock);
324 	des_encrypt_nolock(block, edflag);
325 	(void) mutex_unlock(&lock);
326 /* EXPORT DELETE END */
327 }
328 
329 
330 
331 #define	IOBUF_SIZE	16
332 
333 static char *
334 _get_iobuf(thread_key_t *key, unsigned size)
335 {
336 	char *iobuf = NULL;
337 
338 	if (thr_getspecific(*key, (void **)&iobuf) != 0) {
339 		if (_thr_keycreate(key, free) != 0) {
340 			return (NULL);
341 		}
342 	}
343 
344 	if (!iobuf) {
345 		if (_thr_setspecific(*key, (void *)(iobuf = malloc(size)))
346 			!= 0) {
347 			if (iobuf)
348 				(void) free(iobuf);
349 			return (NULL);
350 		}
351 	}
352 	return (iobuf);
353 }
354 
355 char *
356 des_crypt(const char *pw, const char *salt)
357 {
358 /* EXPORT DELETE START */
359 	int	i, j;
360 	char	c, temp;
361 	static thread_key_t key = 0;
362 	char block[66], *iobuf = _get_iobuf(&key, IOBUF_SIZE);
363 
364 	(void) mutex_lock(&lock);
365 	for (i = 0; i < 66; i++)
366 		block[i] = 0;
367 	for (i = 0; (c = *pw) && (i < 64); pw++) {
368 		for (j = 0; j < 7; j++, i++)
369 			block[i] = (c>>(6-j)) & 01;
370 		i++;
371 	}
372 
373 	des_setkey_nolock(block);
374 
375 	for (i = 0; i < 66; i++)
376 		block[i] = 0;
377 
378 	for (i = 0; i < 2; i++) {
379 		c = *salt++;
380 		iobuf[i] = (char)c;
381 		if (c > 'Z')
382 			c -= 6;
383 		if (c > '9')
384 			c -= 7;
385 		c -= '.';
386 		for (j = 0; j < 6; j++) {
387 			if ((c>>j) & 01) {
388 				temp = E[6*i+j];
389 				E[6*i+j] = E[6*i+j+24];
390 				E[6*i+j+24] = (char)temp;
391 			}
392 		}
393 	}
394 
395 	for (i = 0; i < 25; i++)
396 		(void) des_encrypt_nolock(block, 0);
397 
398 	for (i = 0; i < 11; i++) {
399 		c = 0;
400 		for (j = 0; j < 6; j++) {
401 			c <<= 1;
402 			c |= block[6*i+j];
403 		}
404 		c += '.';
405 		if (c > '9')
406 			c += 7;
407 		if (c > 'Z')
408 			c += 6;
409 		iobuf[i+2] = (char)c;
410 	}
411 	iobuf[i+2] = 0;
412 	if (iobuf[1] == 0)
413 		iobuf[1] = iobuf[0];
414 	(void) mutex_unlock(&lock);
415 	return (iobuf);
416 #if 0
417 /* EXPORT DELETE END */
418 	return (0);
419 /* EXPORT DELETE START */
420 #endif
421 /* EXPORT DELETE END */
422 }
423