1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 /* Copyright (c) 1988 AT&T */
28 /* All Rights Reserved */
29
30 #pragma ident "%Z%%M% %I% %E% SMI"
31
32 #pragma weak _des_crypt = des_crypt
33 #pragma weak _des_encrypt = des_encrypt
34 #pragma weak _des_setkey = des_setkey
35
36 #include <sys/types.h>
37 #include <crypt.h>
38 #include "des_soft.h"
39
40 #include <stdlib.h>
41 #include <thread.h>
42 #include <pthread.h>
43 #include <sys/types.h>
44
45 /*
46 * This program implements the
47 * Proposed Federal Information Processing
48 * Data Encryption Standard.
49 * See Federal Register, March 17, 1975 (40FR12134)
50 */
51
52 /*
53 * Initial permutation,
54 */
55 static char IP[] = {
56 58, 50, 42, 34, 26, 18, 10, 2,
57 60, 52, 44, 36, 28, 20, 12, 4,
58 62, 54, 46, 38, 30, 22, 14, 6,
59 64, 56, 48, 40, 32, 24, 16, 8,
60 57, 49, 41, 33, 25, 17, 9, 1,
61 59, 51, 43, 35, 27, 19, 11, 3,
62 61, 53, 45, 37, 29, 21, 13, 5,
63 63, 55, 47, 39, 31, 23, 15, 7,
64 };
65
66 /*
67 * Final permutation, FP = IP^(-1)
68 */
69 static char FP[] = {
70 40, 8, 48, 16, 56, 24, 64, 32,
71 39, 7, 47, 15, 55, 23, 63, 31,
72 38, 6, 46, 14, 54, 22, 62, 30,
73 37, 5, 45, 13, 53, 21, 61, 29,
74 36, 4, 44, 12, 52, 20, 60, 28,
75 35, 3, 43, 11, 51, 19, 59, 27,
76 34, 2, 42, 10, 50, 18, 58, 26,
77 33, 1, 41, 9, 49, 17, 57, 25,
78 };
79
80 /*
81 * Permuted-choice 1 from the key bits
82 * to yield C and D.
83 * Note that bits 8, 16... are left out:
84 * They are intended for a parity check.
85 */
86 static char PC1_C[] = {
87 57, 49, 41, 33, 25, 17, 9,
88 1, 58, 50, 42, 34, 26, 18,
89 10, 2, 59, 51, 43, 35, 27,
90 19, 11, 3, 60, 52, 44, 36,
91 };
92
93 static char PC1_D[] = {
94 63, 55, 47, 39, 31, 23, 15,
95 7, 62, 54, 46, 38, 30, 22,
96 14, 6, 61, 53, 45, 37, 29,
97 21, 13, 5, 28, 20, 12, 4,
98 };
99
100 /*
101 * Sequence of shifts used for the key schedule.
102 */
103 static char shifts[] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1, };
104
105 /*
106 * Permuted-choice 2, to pick out the bits from
107 * the CD array that generate the key schedule.
108 */
109 static char PC2_C[] = {
110 14, 17, 11, 24, 1, 5,
111 3, 28, 15, 6, 21, 10,
112 23, 19, 12, 4, 26, 8,
113 16, 7, 27, 20, 13, 2,
114 };
115
116 static char PC2_D[] = {
117 41, 52, 31, 37, 47, 55,
118 30, 40, 51, 45, 33, 48,
119 44, 49, 39, 56, 34, 53,
120 46, 42, 50, 36, 29, 32,
121 };
122
123 /*
124 * The C and D arrays used to calculate the key schedule.
125 */
126
127 static char C[28];
128 static char D[28];
129 /*
130 * The key schedule.
131 * Generated from the key.
132 */
133 static char KS[16][48];
134
135 /*
136 * The E bit-selection table.
137 */
138 static char E[48];
139 static char e2[] = {
140 32, 1, 2, 3, 4, 5,
141 4, 5, 6, 7, 8, 9,
142 8, 9, 10, 11, 12, 13,
143 12, 13, 14, 15, 16, 17,
144 16, 17, 18, 19, 20, 21,
145 20, 21, 22, 23, 24, 25,
146 24, 25, 26, 27, 28, 29,
147 28, 29, 30, 31, 32, 1,
148 };
149
150 /*
151 * Set up the key schedule from the key.
152 */
153
154 static mutex_t lock = DEFAULTMUTEX;
155
156 static void
157 des_setkey_nolock(const char *key)
158 {
159 int i, j, k;
160 char t;
161
162 /*
163 * First, generate C and D by permuting
164 * the key. The low order bit of each
165 * 8-bit char is not used, so C and D are only 28
166 * bits apiece.
167 */
168 for (i = 0; i < 28; i++) {
169 C[i] = key[PC1_C[i]-1];
170 D[i] = key[PC1_D[i]-1];
171 }
172 /*
173 * To generate Ki, rotate C and D according
174 * to schedule and pick up a permutation
175 * using PC2.
176 */
177 for (i = 0; i < 16; i++) {
178 /*
179 * rotate.
180 */
181 for (k = 0; k < shifts[i]; k++) {
182 t = C[0];
183 for (j = 0; j < 28-1; j++)
184 C[j] = C[j+1];
185 C[27] = (char)t;
186 t = D[0];
187 for (j = 0; j < 28-1; j++)
188 D[j] = D[j+1];
189 D[27] = (char)t;
190 }
191 /*
192 * get Ki. Note C and D are concatenated.
193 */
194 for (j = 0; j < 24; j++) {
195 KS[i][j] = C[PC2_C[j]-1];
196 KS[i][j+24] = D[PC2_D[j]-28-1];
197 }
198 }
199
200 for (i = 0; i < 48; i++)
201 E[i] = e2[i];
202 }
203
204 void
205 des_setkey(const char *key)
206 {
207 (void) mutex_lock(&lock);
208 des_setkey_nolock(key);
209 (void) mutex_unlock(&lock);
210 }
211
212 /*
213 * The 8 selection functions.
214 * For some reason, they give a 0-origin
215 * index, unlike everything else.
216 */
217 static char S[8][64] = {
218 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
219 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
220 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
221 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13,
222
223 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
224 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
225 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
226 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9,
227
228 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
229 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
230 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
231 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12,
232
233 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
234 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
235 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
236 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14,
237
238 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
239 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
240 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
241 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3,
242
243 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
244 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
245 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
246 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13,
247
248 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
249 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
250 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
251 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12,
252
253 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
254 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
255 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
256 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11,
257 };
258
259 /*
260 * P is a permutation on the selected combination
261 * of the current L and key.
262 */
263 static char P[] = {
264 16, 7, 20, 21,
265 29, 12, 28, 17,
266 1, 15, 23, 26,
267 5, 18, 31, 10,
268 2, 8, 24, 14,
269 32, 27, 3, 9,
270 19, 13, 30, 6,
271 22, 11, 4, 25,
272 };
273
274 /*
275 * The current block, divided into 2 halves.
276 */
277 static char L[64];
278 static char tempL[32];
279 static char f[32];
280
281 /*
282 * The combination of the key and the input, before selection.
283 */
284 static char preS[48];
285
286 /*
287 * The payoff: encrypt a block.
288 */
289
290 static void
291 des_encrypt_nolock(char *block, int edflag)
292 {
293 if (edflag)
294 (void) _des_decrypt1(block, L, IP, &L[32],
295 preS, E, KS, S, f, tempL, P, FP);
296 else
297 (void) des_encrypt1(block, L, IP, &L[32],
298 preS, E, KS, S, f, tempL, P, FP);
299 }
300
301 void
302 des_encrypt(char *block, int edflag)
303 {
304 (void) mutex_lock(&lock);
305 des_encrypt_nolock(block, edflag);
306 (void) mutex_unlock(&lock);
307 }
308
309
310
311 #define IOBUF_SIZE 16
312
313 static char *
314 _get_iobuf(thread_key_t *keyp, unsigned size)
315 {
316 char *iobuf;
317
318 if (thr_keycreate_once(keyp, free) != 0)
319 return (NULL);
320 iobuf = pthread_getspecific(*keyp);
321 if (iobuf == NULL) {
322 if (thr_setspecific(*keyp, (iobuf = malloc(size))) != 0) {
323 if (iobuf)
324 (void) free(iobuf);
325 iobuf = NULL;
326 }
327 }
328 return (iobuf);
329 }
330
331 char *
332 des_crypt(const char *pw, const char *salt)
333 {
334 int i, j;
335 char c, temp;
336 char block[66];
337 static thread_key_t key = THR_ONCE_KEY;
338 char *iobuf = _get_iobuf(&key, IOBUF_SIZE);
339
340 (void) mutex_lock(&lock);
341 for (i = 0; i < 66; i++)
342 block[i] = 0;
343 for (i = 0; (c = *pw) && (i < 64); pw++) {
344 for (j = 0; j < 7; j++, i++)
345 block[i] = (c>>(6-j)) & 01;
346 i++;
347 }
348
349 des_setkey_nolock(block);
350
351 for (i = 0; i < 66; i++)
352 block[i] = 0;
353
354 for (i = 0; i < 2; i++) {
355 c = *salt++;
356 iobuf[i] = (char)c;
357 if (c > 'Z')
358 c -= 6;
359 if (c > '9')
360 c -= 7;
361 c -= '.';
362 for (j = 0; j < 6; j++) {
363 if ((c>>j) & 01) {
364 temp = E[6*i+j];
365 E[6*i+j] = E[6*i+j+24];
366 E[6*i+j+24] = (char)temp;
367 }
368 }
369 }
370
371 for (i = 0; i < 25; i++)
372 (void) des_encrypt_nolock(block, 0);
373
374 for (i = 0; i < 11; i++) {
375 c = 0;
376 for (j = 0; j < 6; j++) {
377 c <<= 1;
378 c |= block[6*i+j];
379 }
380 c += '.';
381 if (c > '9')
382 c += 7;
383 if (c > 'Z')
384 c += 6;
385 iobuf[i+2] = (char)c;
386 }
387 iobuf[i+2] = 0;
388 if (iobuf[1] == 0)
389 iobuf[1] = iobuf[0];
390 (void) mutex_unlock(&lock);
391 return (iobuf);
392 }