Annotation of src/usr.bin/bdes/bdes.c, Revision 1.7
1.7 ! millert 1: /* $OpenBSD: bdes.c,v 1.6 2001/11/19 19:02:13 mpech Exp $ */
1.1 deraadt 2: /* $NetBSD: bdes.c,v 1.2 1995/03/26 03:33:19 glass Exp $ */
3:
4: /*-
5: * Copyright (c) 1991, 1993
6: * The Regents of the University of California. All rights reserved.
7: *
8: * This code is derived from software contributed to Berkeley by
9: * Matt Bishop of Dartmouth College.
10: *
11: * The United States Government has rights in this work pursuant
12: * to contract no. NAG 2-680 between the National Aeronautics and
13: * Space Administration and Dartmouth College.
14: *
15: * Redistribution and use in source and binary forms, with or without
16: * modification, are permitted provided that the following conditions
17: * are met:
18: * 1. Redistributions of source code must retain the above copyright
19: * notice, this list of conditions and the following disclaimer.
20: * 2. Redistributions in binary form must reproduce the above copyright
21: * notice, this list of conditions and the following disclaimer in the
22: * documentation and/or other materials provided with the distribution.
23: * 3. All advertising materials mentioning features or use of this software
24: * must display the following acknowledgement:
25: * This product includes software developed by the University of
26: * California, Berkeley and its contributors.
27: * 4. Neither the name of the University nor the names of its contributors
28: * may be used to endorse or promote products derived from this software
29: * without specific prior written permission.
30: *
31: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
32: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
33: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
34: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
35: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
37: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
39: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
40: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
41: * SUCH DAMAGE.
42: */
43:
44: #ifndef lint
45: static char copyright[] =
46: "@(#) Copyright (c) 1991, 1993\n\
47: The Regents of the University of California. All rights reserved.\n";
48: #endif /* not lint */
49:
50: #ifndef lint
51: #if 0
52: static char sccsid[] = "@(#)bdes.c 8.1 (Berkeley) 6/6/93";
53: #else
1.7 ! millert 54: static char rcsid[] = "$OpenBSD: bdes.c,v 1.6 2001/11/19 19:02:13 mpech Exp $";
1.1 deraadt 55: #endif
56: #endif /* not lint */
57:
58: /*
59: * BDES -- DES encryption package for Berkeley Software Distribution 4.4
60: * options:
61: * -a key is in ASCII
62: * -b use ECB (electronic code book) mode
63: * -d invert (decrypt) input
64: * -f b use b-bit CFB (cipher feedback) mode
65: * -F b use b-bit CFB (cipher feedback) alternative mode
66: * -k key use key as the cryptographic key
67: * -m b generate a MAC of length b
68: * -o b use b-bit OFB (output feedback) mode
69: * -p don't reset the parity bit
70: * -v v use v as the initialization vector (ignored for ECB)
71: * note: the last character of the last block is the integer indicating
72: * how many characters of that block are to be output
73: *
74: * Author: Matt Bishop
75: * Department of Mathematics and Computer Science
76: * Dartmouth College
77: * Hanover, NH 03755
78: * Email: Matt.Bishop@dartmouth.edu
79: * ...!decvax!dartvax!Matt.Bishop
80: *
81: * See Technical Report PCS-TR91-158, Department of Mathematics and Computer
82: * Science, Dartmouth College, for a detailed description of the implemen-
83: * tation and differences between it and Sun's. The DES is described in
84: * FIPS PUB 46, and the modes in FIPS PUB 81 (see either the manual page
85: * or the technical report for a complete reference).
86: */
87:
1.5 deraadt 88: #include <err.h>
1.1 deraadt 89: #include <errno.h>
90: #include <unistd.h>
91: #include <stdio.h>
92: #include <ctype.h>
93: #include <stdlib.h>
94: #include <string.h>
95:
1.5 deraadt 96: typedef char Desbuf[8];
1.7 ! millert 97: int tobinhexi(char, int);
! 98: void cvtkey(char *, char *);
! 99: int setbits(char *, int);
! 100: void makekey(Desbuf);
! 101: void ecbenc(void);
! 102: void ecbdec(void);
! 103: void cbcenc(void);
! 104: void cbcdec(void);
! 105: void cbcauth(void);
! 106: void cfbenc(void);
! 107: void cfbdec(void);
! 108: void cfbaenc(void);
! 109: void cfbadec(void);
! 110: void cfbauth(void);
! 111: void ofbdec(void);
! 112: void ofbenc(void);
! 113: void usage(void);
1.5 deraadt 114:
1.1 deraadt 115: /*
116: * BSD and System V systems offer special library calls that do
117: * block moves and fills, so if possible we take advantage of them
118: */
119: #define MEMCPY(dest,src,len) bcopy((src),(dest),(len))
120: #define MEMZERO(dest,len) bzero((dest),(len))
121:
122: /* Hide the calls to the primitive encryption routines. */
123: #define FASTWAY
124: #ifdef FASTWAY
125: #define DES_KEY(buf) \
126: if (des_setkey(buf)) \
1.5 deraadt 127: err(1, "des_setkey");
1.1 deraadt 128: #define DES_XFORM(buf) \
129: if (des_cipher(buf, buf, 0L, (inverse ? -1 : 1))) \
1.5 deraadt 130: err(1, "des_cipher");
1.1 deraadt 131: #else
132: #define DES_KEY(buf) { \
133: char bits1[64]; /* bits of key */ \
134: expand(buf, bits1); \
135: if (setkey(bits1)) \
1.5 deraadt 136: err(1, "setkey"); \
1.1 deraadt 137: }
138: #define DES_XFORM(buf) { \
139: char bits1[64]; /* bits of message */ \
140: expand(buf, bits1); \
141: if (encrypt(bits1, inverse)) \
1.5 deraadt 142: err(1, "encrypt"); \
1.1 deraadt 143: compress(bits1, buf); \
144: }
145: #endif
146:
147: /*
148: * this does an error-checking write
149: */
150: #define READ(buf, n) fread(buf, sizeof(char), n, stdin)
151: #define WRITE(buf,n) \
152: if (fwrite(buf, sizeof(char), n, stdout) != n) \
1.4 deraadt 153: err(1, "block %d", bn);
1.1 deraadt 154:
155: /*
156: * some things to make references easier
157: */
158: #define CHAR(x,i) (x[i])
159: #define UCHAR(x,i) (x[i])
160: #define BUFFER(x) (x)
161: #define UBUFFER(x) (x)
162:
163: /*
164: * global variables and related macros
165: */
166: #define KEY_DEFAULT 0 /* interpret radix of key from key */
167: #define KEY_ASCII 1 /* key is in ASCII characters */
168: int keybase = KEY_DEFAULT; /* how to interpret the key */
169:
170: enum { /* encrypt, decrypt, authenticate */
171: MODE_ENCRYPT, MODE_DECRYPT, MODE_AUTHENTICATE
172: } mode = MODE_ENCRYPT;
173: enum { /* ecb, cbc, cfb, cfba, ofb? */
174: ALG_ECB, ALG_CBC, ALG_CFB, ALG_OFB, ALG_CFBA
175: } alg = ALG_CBC;
176:
177: Desbuf ivec; /* initialization vector */
178: char bits[] = { /* used to extract bits from a char */
179: '\200', '\100', '\040', '\020', '\010', '\004', '\002', '\001'
180: };
181: int inverse; /* 0 to encrypt, 1 to decrypt */
182: int macbits = -1; /* number of bits in authentication */
183: int fbbits = -1; /* number of feedback bits */
184: int pflag; /* 1 to preserve parity bits */
185:
1.5 deraadt 186:
187: int
1.1 deraadt 188: main(ac, av)
189: int ac; /* arg count */
190: char **av; /* arg vector */
191: {
192: extern int optind; /* option (argument) number */
193: extern char *optarg; /* argument to option if any */
1.6 mpech 194: int i; /* counter in a for loop */
195: char *p; /* used to obtain the key */
1.1 deraadt 196: Desbuf msgbuf; /* I/O buffer */
197: int kflag; /* command-line encryptiooon key */
198: int argc; /* the real arg count */
199: char **argv; /* the real argument vector */
200:
201: /*
202: * Hide the arguments from ps(1) by making private copies of them
203: * and clobbering the global (visible to ps(1)) ones.
204: */
205: argc = ac;
206: ac = 1;
207: argv = malloc((argc + 1) * sizeof(char *));
208: for (i = 0; i < argc; ++i) {
209: argv[i] = strdup(av[i]);
210: MEMZERO(av[i], strlen(av[i]));
211: }
212: argv[argc] = NULL;
213:
214: /* initialize the initialization vctor */
215: MEMZERO(ivec, 8);
216:
217: /* process the argument list */
218: kflag = 0;
1.3 millert 219: while ((i = getopt(argc, argv, "abdF:f:k:m:o:pv:")) != -1)
1.1 deraadt 220: switch(i) {
221: case 'a': /* key is ASCII */
222: keybase = KEY_ASCII;
223: break;
224: case 'b': /* use ECB mode */
225: alg = ALG_ECB;
226: break;
227: case 'd': /* decrypt */
228: mode = MODE_DECRYPT;
229: break;
230: case 'F': /* use alternative CFB mode */
231: alg = ALG_CFBA;
232: if ((fbbits = setbits(optarg, 7)) > 56 || fbbits == 0)
1.4 deraadt 233: err(1, "-F: number must be 1-56 inclusive");
1.1 deraadt 234: else if (fbbits == -1)
1.4 deraadt 235: err(1, "-F: number must be a multiple of 7");
1.1 deraadt 236: break;
237: case 'f': /* use CFB mode */
238: alg = ALG_CFB;
239: if ((fbbits = setbits(optarg, 8)) > 64 || fbbits == 0)
1.4 deraadt 240: err(1, "-f: number must be 1-64 inclusive");
1.1 deraadt 241: else if (fbbits == -1)
1.4 deraadt 242: err(1, "-f: number must be a multiple of 8");
1.1 deraadt 243: break;
244: case 'k': /* encryption key */
245: kflag = 1;
246: cvtkey(BUFFER(msgbuf), optarg);
247: break;
248: case 'm': /* number of bits for MACing */
249: mode = MODE_AUTHENTICATE;
250: if ((macbits = setbits(optarg, 1)) > 64)
1.4 deraadt 251: err(1, "-m: number must be 0-64 inclusive");
1.1 deraadt 252: break;
253: case 'o': /* use OFB mode */
254: alg = ALG_OFB;
255: if ((fbbits = setbits(optarg, 8)) > 64 || fbbits == 0)
1.4 deraadt 256: err(1, "-o: number must be 1-64 inclusive");
1.1 deraadt 257: else if (fbbits == -1)
1.4 deraadt 258: err(1, "-o: number must be a multiple of 8");
1.1 deraadt 259: break;
260: case 'p': /* preserve parity bits */
261: pflag = 1;
262: break;
263: case 'v': /* set initialization vector */
264: cvtkey(BUFFER(ivec), optarg);
265: break;
266: default: /* error */
267: usage();
268: }
269:
270: if (!kflag) {
271: /*
272: * if the key's not ASCII, assume it is
273: */
274: keybase = KEY_ASCII;
275: /*
276: * get the key
277: */
278: p = getpass("Enter key: ");
279: /*
280: * copy it, nul-padded, into the key area
281: */
282: cvtkey(BUFFER(msgbuf), p);
283: }
284:
285: makekey(msgbuf);
286: inverse = (alg == ALG_CBC || alg == ALG_ECB) && mode == MODE_DECRYPT;
287:
288: switch(alg) {
289: case ALG_CBC:
290: switch(mode) {
291: case MODE_AUTHENTICATE: /* authenticate using CBC mode */
292: cbcauth();
293: break;
294: case MODE_DECRYPT: /* decrypt using CBC mode */
295: cbcdec();
296: break;
297: case MODE_ENCRYPT: /* encrypt using CBC mode */
298: cbcenc();
299: break;
300: }
301: break;
302: case ALG_CFB:
303: switch(mode) {
304: case MODE_AUTHENTICATE: /* authenticate using CFB mode */
305: cfbauth();
306: break;
307: case MODE_DECRYPT: /* decrypt using CFB mode */
308: cfbdec();
309: break;
310: case MODE_ENCRYPT: /* encrypt using CFB mode */
311: cfbenc();
312: break;
313: }
314: break;
315: case ALG_CFBA:
316: switch(mode) {
317: case MODE_AUTHENTICATE: /* authenticate using CFBA mode */
1.4 deraadt 318: err(1, "can't authenticate with CFBA mode");
1.1 deraadt 319: break;
320: case MODE_DECRYPT: /* decrypt using CFBA mode */
321: cfbadec();
322: break;
323: case MODE_ENCRYPT: /* encrypt using CFBA mode */
324: cfbaenc();
325: break;
326: }
327: break;
328: case ALG_ECB:
329: switch(mode) {
330: case MODE_AUTHENTICATE: /* authenticate using ECB mode */
1.4 deraadt 331: err(1, "can't authenticate with ECB mode");
1.1 deraadt 332: break;
333: case MODE_DECRYPT: /* decrypt using ECB mode */
334: ecbdec();
335: break;
336: case MODE_ENCRYPT: /* encrypt using ECB mode */
337: ecbenc();
338: break;
339: }
340: break;
341: case ALG_OFB:
342: switch(mode) {
343: case MODE_AUTHENTICATE: /* authenticate using OFB mode */
1.4 deraadt 344: err(1, "can't authenticate with OFB mode");
1.1 deraadt 345: break;
346: case MODE_DECRYPT: /* decrypt using OFB mode */
347: ofbdec();
348: break;
349: case MODE_ENCRYPT: /* encrypt using OFB mode */
350: ofbenc();
351: break;
352: }
353: break;
354: }
355: exit(0);
356: }
357:
358: /*
359: * map a hex character to an integer
360: */
1.5 deraadt 361: int
1.1 deraadt 362: tobinhex(c, radix)
363: char c; /* char to be converted */
364: int radix; /* base (2 to 16) */
365: {
366: switch(c) {
367: case '0': return(0x0);
368: case '1': return(0x1);
369: case '2': return(radix > 2 ? 0x2 : -1);
370: case '3': return(radix > 3 ? 0x3 : -1);
371: case '4': return(radix > 4 ? 0x4 : -1);
372: case '5': return(radix > 5 ? 0x5 : -1);
373: case '6': return(radix > 6 ? 0x6 : -1);
374: case '7': return(radix > 7 ? 0x7 : -1);
375: case '8': return(radix > 8 ? 0x8 : -1);
376: case '9': return(radix > 9 ? 0x9 : -1);
377: case 'A': case 'a': return(radix > 10 ? 0xa : -1);
378: case 'B': case 'b': return(radix > 11 ? 0xb : -1);
379: case 'C': case 'c': return(radix > 12 ? 0xc : -1);
380: case 'D': case 'd': return(radix > 13 ? 0xd : -1);
381: case 'E': case 'e': return(radix > 14 ? 0xe : -1);
382: case 'F': case 'f': return(radix > 15 ? 0xf : -1);
383: }
384: /*
385: * invalid character
386: */
387: return(-1);
388: }
389:
390: /*
391: * convert the key to a bit pattern
392: */
1.5 deraadt 393: void
1.1 deraadt 394: cvtkey(obuf, ibuf)
395: char *obuf; /* bit pattern */
396: char *ibuf; /* the key itself */
397: {
1.6 mpech 398: int i, j; /* counter in a for loop */
1.1 deraadt 399: int nbuf[64]; /* used for hex/key translation */
400:
401: /*
402: * just switch on the key base
403: */
404: switch(keybase) {
405: case KEY_ASCII: /* ascii to integer */
406: (void)strncpy(obuf, ibuf, 8);
407: return;
408: case KEY_DEFAULT: /* tell from context */
409: /*
410: * leading '0x' or '0X' == hex key
411: */
412: if (ibuf[0] == '0' && (ibuf[1] == 'x' || ibuf[1] == 'X')) {
413: ibuf = &ibuf[2];
414: /*
415: * now translate it, bombing on any illegal hex digit
416: */
417: for (i = 0; ibuf[i] && i < 16; i++)
418: if ((nbuf[i] = tobinhex(ibuf[i], 16)) == -1)
1.4 deraadt 419: err(1, "bad hex digit in key");
1.1 deraadt 420: while (i < 16)
421: nbuf[i++] = 0;
422: for (i = 0; i < 8; i++)
423: obuf[i] =
424: ((nbuf[2*i]&0xf)<<4) | (nbuf[2*i+1]&0xf);
425: /* preserve parity bits */
426: pflag = 1;
427: return;
428: }
429: /*
430: * leading '0b' or '0B' == binary key
431: */
432: if (ibuf[0] == '0' && (ibuf[1] == 'b' || ibuf[1] == 'B')) {
433: ibuf = &ibuf[2];
434: /*
435: * now translate it, bombing on any illegal binary digit
436: */
437: for (i = 0; ibuf[i] && i < 16; i++)
438: if ((nbuf[i] = tobinhex(ibuf[i], 2)) == -1)
1.4 deraadt 439: err(1, "bad binary digit in key");
1.1 deraadt 440: while (i < 64)
441: nbuf[i++] = 0;
442: for (i = 0; i < 8; i++)
443: for (j = 0; j < 8; j++)
444: obuf[i] = (obuf[i]<<1)|nbuf[8*i+j];
445: /* preserve parity bits */
446: pflag = 1;
447: return;
448: }
449: /*
450: * no special leader -- ASCII
451: */
452: (void)strncpy(obuf, ibuf, 8);
453: }
454: }
455:
456: /*
457: * convert an ASCII string into a decimal number:
458: * 1. must be between 0 and 64 inclusive
459: * 2. must be a valid decimal number
460: * 3. must be a multiple of mult
461: */
1.5 deraadt 462: int
1.1 deraadt 463: setbits(s, mult)
464: char *s; /* the ASCII string */
465: int mult; /* what it must be a multiple of */
466: {
1.6 mpech 467: char *p; /* pointer in a for loop */
468: int n = 0; /* the integer collected */
1.1 deraadt 469:
470: /*
471: * skip white space
472: */
473: while (isspace(*s))
474: s++;
475: /*
476: * get the integer
477: */
478: for (p = s; *p; p++) {
479: if (isdigit(*p))
480: n = n * 10 + *p - '0';
481: else {
1.4 deraadt 482: err(1, "bad decimal digit in MAC length");
1.1 deraadt 483: }
484: }
485: /*
486: * be sure it's a multiple of mult
487: */
488: return((n % mult != 0) ? -1 : n);
489: }
490:
491: /*****************
492: * DES FUNCTIONS *
493: *****************/
494: /*
495: * This sets the DES key and (if you're using the deszip version)
496: * the direction of the transformation. This uses the Sun
497: * to map the 64-bit key onto the 56 bits that the key schedule
498: * generation routines use: the old way, which just uses the user-
499: * supplied 64 bits as is, and the new way, which resets the parity
500: * bit to be the same as the low-order bit in each character. The
501: * new way generates a greater variety of key schedules, since many
502: * systems set the parity (high) bit of each character to 0, and the
503: * DES ignores the low order bit of each character.
504: */
1.5 deraadt 505: void
1.1 deraadt 506: makekey(buf)
507: Desbuf buf; /* key block */
508: {
1.6 mpech 509: int i, j; /* counter in a for loop */
510: int par; /* parity counter */
1.1 deraadt 511:
512: /*
513: * if the parity is not preserved, flip it
514: */
515: if (!pflag) {
516: for (i = 0; i < 8; i++) {
517: par = 0;
518: for (j = 1; j < 8; j++)
519: if ((bits[j]&UCHAR(buf, i)) != 0)
520: par++;
521: if ((par&01) == 01)
522: UCHAR(buf, i) = UCHAR(buf, i)&0177;
523: else
524: UCHAR(buf, i) = (UCHAR(buf, i)&0177)|0200;
525: }
526: }
527:
528: DES_KEY(UBUFFER(buf));
529: }
530:
531: /*
532: * This encrypts using the Electronic Code Book mode of DES
533: */
1.5 deraadt 534: void
1.1 deraadt 535: ecbenc()
536: {
1.6 mpech 537: int n; /* number of bytes actually read */
538: int bn; /* block number */
1.1 deraadt 539: Desbuf msgbuf; /* I/O buffer */
540:
541: for (bn = 0; (n = READ(BUFFER(msgbuf), 8)) == 8; bn++) {
542: /*
543: * do the transformation
544: */
545: DES_XFORM(UBUFFER(msgbuf));
546: WRITE(BUFFER(msgbuf), 8);
547: }
548: /*
549: * at EOF or last block -- in either ase, the last byte contains
550: * the character representation of the number of bytes in it
551: */
552: bn++;
553: MEMZERO(&CHAR(msgbuf, n), 8 - n);
554: CHAR(msgbuf, 7) = n;
555: DES_XFORM(UBUFFER(msgbuf));
556: WRITE(BUFFER(msgbuf), 8);
557:
558: }
559:
560: /*
561: * This decrypts using the Electronic Code Book mode of DES
562: */
1.5 deraadt 563: void
1.1 deraadt 564: ecbdec()
565: {
1.6 mpech 566: int n; /* number of bytes actually read */
567: int c; /* used to test for EOF */
568: int bn; /* block number */
1.1 deraadt 569: Desbuf msgbuf; /* I/O buffer */
570:
571: for (bn = 1; (n = READ(BUFFER(msgbuf), 8)) == 8; bn++) {
572: /*
573: * do the transformation
574: */
575: DES_XFORM(UBUFFER(msgbuf));
576: /*
577: * if the last one, handle it specially
578: */
579: if ((c = getchar()) == EOF) {
580: n = CHAR(msgbuf, 7);
581: if (n < 0 || n > 7)
1.4 deraadt 582: err(1, "decryption failed (block %d corrupted)", bn);
1.1 deraadt 583: }
584: else
585: (void)ungetc(c, stdin);
586: WRITE(BUFFER(msgbuf), n);
587: }
588: if (n > 0)
1.4 deraadt 589: err(1, "decryption failed (block %d incomplete)", bn);
1.1 deraadt 590: }
591:
592: /*
593: * This encrypts using the Cipher Block Chaining mode of DES
594: */
1.5 deraadt 595: void
1.1 deraadt 596: cbcenc()
597: {
1.6 mpech 598: int n; /* number of bytes actually read */
599: int bn; /* block number */
1.1 deraadt 600: Desbuf msgbuf; /* I/O buffer */
601:
602: /*
603: * do the transformation
604: */
605: for (bn = 1; (n = READ(BUFFER(msgbuf), 8)) == 8; bn++) {
606: for (n = 0; n < 8; n++)
607: CHAR(msgbuf, n) ^= CHAR(ivec, n);
608: DES_XFORM(UBUFFER(msgbuf));
609: MEMCPY(BUFFER(ivec), BUFFER(msgbuf), 8);
610: WRITE(BUFFER(msgbuf), 8);
611: }
612: /*
613: * at EOF or last block -- in either case, the last byte contains
614: * the character representation of the number of bytes in it
615: */
616: bn++;
617: MEMZERO(&CHAR(msgbuf, n), 8 - n);
618: CHAR(msgbuf, 7) = n;
619: for (n = 0; n < 8; n++)
620: CHAR(msgbuf, n) ^= CHAR(ivec, n);
621: DES_XFORM(UBUFFER(msgbuf));
622: WRITE(BUFFER(msgbuf), 8);
623:
624: }
625:
626: /*
627: * This decrypts using the Cipher Block Chaining mode of DES
628: */
1.5 deraadt 629: void
1.1 deraadt 630: cbcdec()
631: {
1.6 mpech 632: int n; /* number of bytes actually read */
1.1 deraadt 633: Desbuf msgbuf; /* I/O buffer */
634: Desbuf ibuf; /* temp buffer for initialization vector */
1.6 mpech 635: int c; /* used to test for EOF */
636: int bn; /* block number */
1.1 deraadt 637:
638: for (bn = 0; (n = READ(BUFFER(msgbuf), 8)) == 8; bn++) {
639: /*
640: * do the transformation
641: */
642: MEMCPY(BUFFER(ibuf), BUFFER(msgbuf), 8);
643: DES_XFORM(UBUFFER(msgbuf));
644: for (c = 0; c < 8; c++)
645: UCHAR(msgbuf, c) ^= UCHAR(ivec, c);
646: MEMCPY(BUFFER(ivec), BUFFER(ibuf), 8);
647: /*
648: * if the last one, handle it specially
649: */
650: if ((c = getchar()) == EOF) {
651: n = CHAR(msgbuf, 7);
652: if (n < 0 || n > 7)
1.4 deraadt 653: err(1, "decryption failed (block %d corrupted)", bn);
1.1 deraadt 654: }
655: else
656: (void)ungetc(c, stdin);
657: WRITE(BUFFER(msgbuf), n);
658: }
659: if (n > 0)
1.4 deraadt 660: err(1, "decryption failed (block %d incomplete)", bn);
1.1 deraadt 661: }
662:
663: /*
664: * This authenticates using the Cipher Block Chaining mode of DES
665: */
1.5 deraadt 666: void
1.1 deraadt 667: cbcauth()
668: {
1.6 mpech 669: int n, j; /* number of bytes actually read */
1.1 deraadt 670: Desbuf msgbuf; /* I/O buffer */
671: Desbuf encbuf; /* encryption buffer */
672:
673: /*
674: * do the transformation
675: * note we DISCARD the encrypted block;
676: * we only care about the last one
677: */
678: while ((n = READ(BUFFER(msgbuf), 8)) == 8) {
679: for (n = 0; n < 8; n++)
680: CHAR(encbuf, n) = CHAR(msgbuf, n) ^ CHAR(ivec, n);
681: DES_XFORM(UBUFFER(encbuf));
682: MEMCPY(BUFFER(ivec), BUFFER(encbuf), 8);
683: }
684: /*
685: * now compute the last one, right padding with '\0' if need be
686: */
687: if (n > 0) {
688: MEMZERO(&CHAR(msgbuf, n), 8 - n);
689: for (n = 0; n < 8; n++)
690: CHAR(encbuf, n) = CHAR(msgbuf, n) ^ CHAR(ivec, n);
691: DES_XFORM(UBUFFER(encbuf));
692: }
693: /*
694: * drop the bits
695: * we write chars until fewer than 7 bits,
696: * and then pad the last one with 0 bits
697: */
698: for (n = 0; macbits > 7; n++, macbits -= 8)
699: (void)putchar(CHAR(encbuf, n));
700: if (macbits > 0) {
701: CHAR(msgbuf, 0) = 0x00;
702: for (j = 0; j < macbits; j++)
703: CHAR(msgbuf, 0) |= (CHAR(encbuf, n)&bits[j]);
704: (void)putchar(CHAR(msgbuf, 0));
705: }
706: }
707:
708: /*
709: * This encrypts using the Cipher FeedBack mode of DES
710: */
1.5 deraadt 711: void
1.1 deraadt 712: cfbenc()
713: {
1.6 mpech 714: int n; /* number of bytes actually read */
715: int nbytes; /* number of bytes to read */
716: int bn; /* block number */
1.1 deraadt 717: char ibuf[8]; /* input buffer */
718: Desbuf msgbuf; /* encryption buffer */
719:
720: /*
721: * do things in bytes, not bits
722: */
723: nbytes = fbbits / 8;
724: /*
725: * do the transformation
726: */
727: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
728: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
729: DES_XFORM(UBUFFER(msgbuf));
730: for (n = 0; n < 8 - nbytes; n++)
731: UCHAR(ivec, n) = UCHAR(ivec, n+nbytes);
732: for (n = 0; n < nbytes; n++)
733: UCHAR(ivec, 8-nbytes+n) = ibuf[n] ^ UCHAR(msgbuf, n);
734: WRITE(&CHAR(ivec, 8-nbytes), nbytes);
735: }
736: /*
737: * at EOF or last block -- in either case, the last byte contains
738: * the character representation of the number of bytes in it
739: */
740: bn++;
741: MEMZERO(&ibuf[n], nbytes - n);
742: ibuf[nbytes - 1] = n;
743: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
744: DES_XFORM(UBUFFER(msgbuf));
745: for (n = 0; n < nbytes; n++)
746: ibuf[n] ^= UCHAR(msgbuf, n);
747: WRITE(ibuf, nbytes);
748: }
749:
750: /*
751: * This decrypts using the Cipher Block Chaining mode of DES
752: */
1.5 deraadt 753: void
1.1 deraadt 754: cfbdec()
755: {
1.6 mpech 756: int n; /* number of bytes actually read */
757: int c; /* used to test for EOF */
758: int nbytes; /* number of bytes to read */
759: int bn; /* block number */
1.1 deraadt 760: char ibuf[8]; /* input buffer */
761: char obuf[8]; /* output buffer */
762: Desbuf msgbuf; /* encryption buffer */
763:
764: /*
765: * do things in bytes, not bits
766: */
767: nbytes = fbbits / 8;
768: /*
769: * do the transformation
770: */
771: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
772: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
773: DES_XFORM(UBUFFER(msgbuf));
774: for (c = 0; c < 8 - nbytes; c++)
775: CHAR(ivec, c) = CHAR(ivec, c+nbytes);
776: for (c = 0; c < nbytes; c++) {
777: CHAR(ivec, 8-nbytes+c) = ibuf[c];
778: obuf[c] = ibuf[c] ^ UCHAR(msgbuf, c);
779: }
780: /*
781: * if the last one, handle it specially
782: */
783: if ((c = getchar()) == EOF) {
784: n = obuf[nbytes-1];
785: if (n < 0 || n > nbytes-1)
1.4 deraadt 786: err(1, "decryption failed (block %d corrupted)", bn);
1.1 deraadt 787: }
788: else
789: (void)ungetc(c, stdin);
790: WRITE(obuf, n);
791: }
792: if (n > 0)
1.4 deraadt 793: err(1, "decryption failed (block %d incomplete)", bn);
1.1 deraadt 794: }
795:
796: /*
797: * This encrypts using the alternative Cipher FeedBack mode of DES
798: */
1.5 deraadt 799: void
1.1 deraadt 800: cfbaenc()
801: {
1.6 mpech 802: int n; /* number of bytes actually read */
803: int nbytes; /* number of bytes to read */
804: int bn; /* block number */
1.1 deraadt 805: char ibuf[8]; /* input buffer */
806: char obuf[8]; /* output buffer */
807: Desbuf msgbuf; /* encryption buffer */
808:
809: /*
810: * do things in bytes, not bits
811: */
812: nbytes = fbbits / 7;
813: /*
814: * do the transformation
815: */
816: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
817: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
818: DES_XFORM(UBUFFER(msgbuf));
819: for (n = 0; n < 8 - nbytes; n++)
820: UCHAR(ivec, n) = UCHAR(ivec, n+nbytes);
821: for (n = 0; n < nbytes; n++)
822: UCHAR(ivec, 8-nbytes+n) = (ibuf[n] ^ UCHAR(msgbuf, n))
823: |0200;
824: for (n = 0; n < nbytes; n++)
825: obuf[n] = CHAR(ivec, 8-nbytes+n)&0177;
826: WRITE(obuf, nbytes);
827: }
828: /*
829: * at EOF or last block -- in either case, the last byte contains
830: * the character representation of the number of bytes in it
831: */
832: bn++;
833: MEMZERO(&ibuf[n], nbytes - n);
834: ibuf[nbytes - 1] = ('0' + n)|0200;
835: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
836: DES_XFORM(UBUFFER(msgbuf));
837: for (n = 0; n < nbytes; n++)
838: ibuf[n] ^= UCHAR(msgbuf, n);
839: WRITE(ibuf, nbytes);
840: }
841:
842: /*
843: * This decrypts using the alternative Cipher Block Chaining mode of DES
844: */
1.5 deraadt 845: void
1.1 deraadt 846: cfbadec()
847: {
1.6 mpech 848: int n; /* number of bytes actually read */
849: int c; /* used to test for EOF */
850: int nbytes; /* number of bytes to read */
851: int bn; /* block number */
1.1 deraadt 852: char ibuf[8]; /* input buffer */
853: char obuf[8]; /* output buffer */
854: Desbuf msgbuf; /* encryption buffer */
855:
856: /*
857: * do things in bytes, not bits
858: */
859: nbytes = fbbits / 7;
860: /*
861: * do the transformation
862: */
863: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
864: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
865: DES_XFORM(UBUFFER(msgbuf));
866: for (c = 0; c < 8 - nbytes; c++)
867: CHAR(ivec, c) = CHAR(ivec, c+nbytes);
868: for (c = 0; c < nbytes; c++) {
869: CHAR(ivec, 8-nbytes+c) = ibuf[c]|0200;
870: obuf[c] = (ibuf[c] ^ UCHAR(msgbuf, c))&0177;
871: }
872: /*
873: * if the last one, handle it specially
874: */
875: if ((c = getchar()) == EOF) {
876: if ((n = (obuf[nbytes-1] - '0')) < 0
877: || n > nbytes-1)
1.4 deraadt 878: err(1, "decryption failed (block %d corrupted)", bn);
1.1 deraadt 879: }
880: else
881: (void)ungetc(c, stdin);
882: WRITE(obuf, n);
883: }
884: if (n > 0)
1.4 deraadt 885: err(1, "decryption failed (block %d incomplete)", bn);
1.1 deraadt 886: }
887:
888:
889: /*
890: * This encrypts using the Output FeedBack mode of DES
891: */
1.5 deraadt 892: void
1.1 deraadt 893: ofbenc()
894: {
1.6 mpech 895: int n; /* number of bytes actually read */
896: int c; /* used to test for EOF */
897: int nbytes; /* number of bytes to read */
898: int bn; /* block number */
1.1 deraadt 899: char ibuf[8]; /* input buffer */
900: char obuf[8]; /* output buffer */
901: Desbuf msgbuf; /* encryption buffer */
902:
903: /*
904: * do things in bytes, not bits
905: */
906: nbytes = fbbits / 8;
907: /*
908: * do the transformation
909: */
910: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
911: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
912: DES_XFORM(UBUFFER(msgbuf));
913: for (n = 0; n < 8 - nbytes; n++)
914: UCHAR(ivec, n) = UCHAR(ivec, n+nbytes);
915: for (n = 0; n < nbytes; n++) {
916: UCHAR(ivec, 8-nbytes+n) = UCHAR(msgbuf, n);
917: obuf[n] = ibuf[n] ^ UCHAR(msgbuf, n);
918: }
919: WRITE(obuf, nbytes);
920: }
921: /*
922: * at EOF or last block -- in either case, the last byte contains
923: * the character representation of the number of bytes in it
924: */
925: bn++;
926: MEMZERO(&ibuf[n], nbytes - n);
927: ibuf[nbytes - 1] = n;
928: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
929: DES_XFORM(UBUFFER(msgbuf));
930: for (c = 0; c < nbytes; c++)
931: ibuf[c] ^= UCHAR(msgbuf, c);
932: WRITE(ibuf, nbytes);
933: }
934:
935: /*
936: * This decrypts using the Output Block Chaining mode of DES
937: */
1.5 deraadt 938: void
1.1 deraadt 939: ofbdec()
940: {
1.6 mpech 941: int n; /* number of bytes actually read */
942: int c; /* used to test for EOF */
943: int nbytes; /* number of bytes to read */
944: int bn; /* block number */
1.1 deraadt 945: char ibuf[8]; /* input buffer */
946: char obuf[8]; /* output buffer */
947: Desbuf msgbuf; /* encryption buffer */
948:
949: /*
950: * do things in bytes, not bits
951: */
952: nbytes = fbbits / 8;
953: /*
954: * do the transformation
955: */
956: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
957: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
958: DES_XFORM(UBUFFER(msgbuf));
959: for (c = 0; c < 8 - nbytes; c++)
960: CHAR(ivec, c) = CHAR(ivec, c+nbytes);
961: for (c = 0; c < nbytes; c++) {
962: CHAR(ivec, 8-nbytes+c) = UCHAR(msgbuf, c);
963: obuf[c] = ibuf[c] ^ UCHAR(msgbuf, c);
964: }
965: /*
966: * if the last one, handle it specially
967: */
968: if ((c = getchar()) == EOF) {
969: n = obuf[nbytes-1];
970: if (n < 0 || n > nbytes-1)
1.4 deraadt 971: err(1, "decryption failed (block %d corrupted)", bn);
1.1 deraadt 972: }
973: else
974: (void)ungetc(c, stdin);
975: /*
976: * dump it
977: */
978: WRITE(obuf, n);
979: }
980: if (n > 0)
1.4 deraadt 981: err(1, "decryption failed (block %d incomplete)", bn);
1.1 deraadt 982: }
983:
984: /*
985: * This authenticates using the Cipher FeedBack mode of DES
986: */
1.5 deraadt 987: void
1.1 deraadt 988: cfbauth()
989: {
1.6 mpech 990: int n, j; /* number of bytes actually read */
991: int nbytes; /* number of bytes to read */
1.1 deraadt 992: char ibuf[8]; /* input buffer */
993: Desbuf msgbuf; /* encryption buffer */
994:
995: /*
996: * do things in bytes, not bits
997: */
998: nbytes = fbbits / 8;
999: /*
1000: * do the transformation
1001: */
1002: while ((n = READ(ibuf, nbytes)) == nbytes) {
1003: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
1004: DES_XFORM(UBUFFER(msgbuf));
1005: for (n = 0; n < 8 - nbytes; n++)
1006: UCHAR(ivec, n) = UCHAR(ivec, n+nbytes);
1007: for (n = 0; n < nbytes; n++)
1008: UCHAR(ivec, 8-nbytes+n) = ibuf[n] ^ UCHAR(msgbuf, n);
1009: }
1010: /*
1011: * at EOF or last block -- in either case, the last byte contains
1012: * the character representation of the number of bytes in it
1013: */
1014: MEMZERO(&ibuf[n], nbytes - n);
1015: ibuf[nbytes - 1] = '0' + n;
1016: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
1017: DES_XFORM(UBUFFER(msgbuf));
1018: for (n = 0; n < nbytes; n++)
1019: ibuf[n] ^= UCHAR(msgbuf, n);
1020: /*
1021: * drop the bits
1022: * we write chars until fewer than 7 bits,
1023: * and then pad the last one with 0 bits
1024: */
1025: for (n = 0; macbits > 7; n++, macbits -= 8)
1026: (void)putchar(CHAR(msgbuf, n));
1027: if (macbits > 0) {
1028: CHAR(msgbuf, 0) = 0x00;
1029: for (j = 0; j < macbits; j++)
1030: CHAR(msgbuf, 0) |= (CHAR(msgbuf, n)&bits[j]);
1031: (void)putchar(CHAR(msgbuf, 0));
1032: }
1033: }
1034:
1035: #ifndef FASTWAY
1036: /*
1037: * change from 8 bits/Uchar to 1 bit/Uchar
1038: */
1039: expand(from, to)
1040: Desbuf from; /* 8bit/unsigned char string */
1041: char *to; /* 1bit/char string */
1042: {
1.6 mpech 1043: int i, j; /* counters in for loop */
1.1 deraadt 1044:
1045: for (i = 0; i < 8; i++)
1046: for (j = 0; j < 8; j++)
1047: *to++ = (CHAR(from, i)>>(7-j))&01;
1048: }
1049:
1050: /*
1051: * change from 1 bit/char to 8 bits/Uchar
1052: */
1053: compress(from, to)
1054: char *from; /* 1bit/char string */
1055: Desbuf to; /* 8bit/unsigned char string */
1056: {
1.6 mpech 1057: int i, j; /* counters in for loop */
1.1 deraadt 1058:
1059: for (i = 0; i < 8; i++) {
1060: CHAR(to, i) = 0;
1061: for (j = 0; j < 8; j++)
1062: CHAR(to, i) = ((*from++)<<(7-j))|CHAR(to, i);
1063: }
1064: }
1065: #endif
1066:
1067: /*
1068: * message about usage
1069: */
1.5 deraadt 1070: void
1.1 deraadt 1071: usage()
1072: {
1073: (void)fprintf(stderr, "%s\n",
1074: "usage: bdes [-abdp] [-F bit] [-f bit] [-k key] [-m bit] [-o bit] [-v vector]");
1075: exit(1);
1076: }