Annotation of src/usr.bin/bdes/bdes.c, Revision 1.8
1.8 ! deraadt 1: /* $OpenBSD: bdes.c,v 1.7 2002/02/16 21:27:44 millert Exp $ */
1.1 deraadt 2: /* $NetBSD: bdes.c,v 1.2 1995/03/26 03:33:19 glass Exp $ */
3:
4: /*-
5: * Copyright (c) 1991, 1993
6: * The Regents of the University of California. All rights reserved.
7: *
8: * This code is derived from software contributed to Berkeley by
9: * Matt Bishop of Dartmouth College.
10: *
11: * The United States Government has rights in this work pursuant
12: * to contract no. NAG 2-680 between the National Aeronautics and
13: * Space Administration and Dartmouth College.
14: *
15: * Redistribution and use in source and binary forms, with or without
16: * modification, are permitted provided that the following conditions
17: * are met:
18: * 1. Redistributions of source code must retain the above copyright
19: * notice, this list of conditions and the following disclaimer.
20: * 2. Redistributions in binary form must reproduce the above copyright
21: * notice, this list of conditions and the following disclaimer in the
22: * documentation and/or other materials provided with the distribution.
23: * 3. All advertising materials mentioning features or use of this software
24: * must display the following acknowledgement:
25: * This product includes software developed by the University of
26: * California, Berkeley and its contributors.
27: * 4. Neither the name of the University nor the names of its contributors
28: * may be used to endorse or promote products derived from this software
29: * without specific prior written permission.
30: *
31: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
32: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
33: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
34: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
35: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
37: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
39: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
40: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
41: * SUCH DAMAGE.
42: */
43:
44: #ifndef lint
45: static char copyright[] =
46: "@(#) Copyright (c) 1991, 1993\n\
47: The Regents of the University of California. All rights reserved.\n";
48: #endif /* not lint */
49:
50: #ifndef lint
51: #if 0
52: static char sccsid[] = "@(#)bdes.c 8.1 (Berkeley) 6/6/93";
53: #else
1.8 ! deraadt 54: static char rcsid[] = "$OpenBSD: bdes.c,v 1.7 2002/02/16 21:27:44 millert Exp $";
1.1 deraadt 55: #endif
56: #endif /* not lint */
57:
58: /*
59: * BDES -- DES encryption package for Berkeley Software Distribution 4.4
60: * options:
61: * -a key is in ASCII
62: * -b use ECB (electronic code book) mode
63: * -d invert (decrypt) input
64: * -f b use b-bit CFB (cipher feedback) mode
65: * -F b use b-bit CFB (cipher feedback) alternative mode
66: * -k key use key as the cryptographic key
67: * -m b generate a MAC of length b
68: * -o b use b-bit OFB (output feedback) mode
69: * -p don't reset the parity bit
70: * -v v use v as the initialization vector (ignored for ECB)
71: * note: the last character of the last block is the integer indicating
72: * how many characters of that block are to be output
73: *
74: * Author: Matt Bishop
75: * Department of Mathematics and Computer Science
76: * Dartmouth College
77: * Hanover, NH 03755
78: * Email: Matt.Bishop@dartmouth.edu
79: * ...!decvax!dartvax!Matt.Bishop
80: *
81: * See Technical Report PCS-TR91-158, Department of Mathematics and Computer
82: * Science, Dartmouth College, for a detailed description of the implemen-
83: * tation and differences between it and Sun's. The DES is described in
84: * FIPS PUB 46, and the modes in FIPS PUB 81 (see either the manual page
85: * or the technical report for a complete reference).
86: */
87:
1.5 deraadt 88: #include <err.h>
1.1 deraadt 89: #include <errno.h>
90: #include <unistd.h>
91: #include <stdio.h>
92: #include <ctype.h>
93: #include <stdlib.h>
94: #include <string.h>
95:
1.5 deraadt 96: typedef char Desbuf[8];
1.7 millert 97: int tobinhexi(char, int);
98: void cvtkey(char *, char *);
99: int setbits(char *, int);
100: void makekey(Desbuf);
101: void ecbenc(void);
102: void ecbdec(void);
103: void cbcenc(void);
104: void cbcdec(void);
105: void cbcauth(void);
106: void cfbenc(void);
107: void cfbdec(void);
108: void cfbaenc(void);
109: void cfbadec(void);
110: void cfbauth(void);
111: void ofbdec(void);
112: void ofbenc(void);
113: void usage(void);
1.5 deraadt 114:
1.1 deraadt 115: /*
116: * BSD and System V systems offer special library calls that do
117: * block moves and fills, so if possible we take advantage of them
118: */
119: #define MEMCPY(dest,src,len) bcopy((src),(dest),(len))
120: #define MEMZERO(dest,len) bzero((dest),(len))
121:
122: /* Hide the calls to the primitive encryption routines. */
123: #define FASTWAY
124: #ifdef FASTWAY
125: #define DES_KEY(buf) \
126: if (des_setkey(buf)) \
1.5 deraadt 127: err(1, "des_setkey");
1.1 deraadt 128: #define DES_XFORM(buf) \
129: if (des_cipher(buf, buf, 0L, (inverse ? -1 : 1))) \
1.5 deraadt 130: err(1, "des_cipher");
1.1 deraadt 131: #else
132: #define DES_KEY(buf) { \
133: char bits1[64]; /* bits of key */ \
134: expand(buf, bits1); \
135: if (setkey(bits1)) \
1.5 deraadt 136: err(1, "setkey"); \
1.1 deraadt 137: }
138: #define DES_XFORM(buf) { \
139: char bits1[64]; /* bits of message */ \
140: expand(buf, bits1); \
141: if (encrypt(bits1, inverse)) \
1.5 deraadt 142: err(1, "encrypt"); \
1.1 deraadt 143: compress(bits1, buf); \
144: }
145: #endif
146:
147: /*
148: * this does an error-checking write
149: */
150: #define READ(buf, n) fread(buf, sizeof(char), n, stdin)
151: #define WRITE(buf,n) \
152: if (fwrite(buf, sizeof(char), n, stdout) != n) \
1.4 deraadt 153: err(1, "block %d", bn);
1.1 deraadt 154:
155: /*
156: * some things to make references easier
157: */
158: #define CHAR(x,i) (x[i])
159: #define UCHAR(x,i) (x[i])
160: #define BUFFER(x) (x)
161: #define UBUFFER(x) (x)
162:
163: /*
164: * global variables and related macros
165: */
166: #define KEY_DEFAULT 0 /* interpret radix of key from key */
167: #define KEY_ASCII 1 /* key is in ASCII characters */
168: int keybase = KEY_DEFAULT; /* how to interpret the key */
169:
170: enum { /* encrypt, decrypt, authenticate */
171: MODE_ENCRYPT, MODE_DECRYPT, MODE_AUTHENTICATE
172: } mode = MODE_ENCRYPT;
173: enum { /* ecb, cbc, cfb, cfba, ofb? */
174: ALG_ECB, ALG_CBC, ALG_CFB, ALG_OFB, ALG_CFBA
175: } alg = ALG_CBC;
176:
177: Desbuf ivec; /* initialization vector */
178: char bits[] = { /* used to extract bits from a char */
179: '\200', '\100', '\040', '\020', '\010', '\004', '\002', '\001'
180: };
181: int inverse; /* 0 to encrypt, 1 to decrypt */
182: int macbits = -1; /* number of bits in authentication */
183: int fbbits = -1; /* number of feedback bits */
184: int pflag; /* 1 to preserve parity bits */
185:
1.5 deraadt 186:
187: int
1.1 deraadt 188: main(ac, av)
189: int ac; /* arg count */
190: char **av; /* arg vector */
191: {
192: extern int optind; /* option (argument) number */
193: extern char *optarg; /* argument to option if any */
1.6 mpech 194: int i; /* counter in a for loop */
195: char *p; /* used to obtain the key */
1.1 deraadt 196: Desbuf msgbuf; /* I/O buffer */
197: int kflag; /* command-line encryptiooon key */
198: int argc; /* the real arg count */
199: char **argv; /* the real argument vector */
200:
201: /*
202: * Hide the arguments from ps(1) by making private copies of them
203: * and clobbering the global (visible to ps(1)) ones.
204: */
205: argc = ac;
206: ac = 1;
207: argv = malloc((argc + 1) * sizeof(char *));
1.8 ! deraadt 208: if (argv == NULL)
! 209: errx(1, "out of memory");
1.1 deraadt 210: for (i = 0; i < argc; ++i) {
211: argv[i] = strdup(av[i]);
212: MEMZERO(av[i], strlen(av[i]));
213: }
214: argv[argc] = NULL;
215:
216: /* initialize the initialization vctor */
217: MEMZERO(ivec, 8);
218:
219: /* process the argument list */
220: kflag = 0;
1.3 millert 221: while ((i = getopt(argc, argv, "abdF:f:k:m:o:pv:")) != -1)
1.1 deraadt 222: switch(i) {
223: case 'a': /* key is ASCII */
224: keybase = KEY_ASCII;
225: break;
226: case 'b': /* use ECB mode */
227: alg = ALG_ECB;
228: break;
229: case 'd': /* decrypt */
230: mode = MODE_DECRYPT;
231: break;
232: case 'F': /* use alternative CFB mode */
233: alg = ALG_CFBA;
234: if ((fbbits = setbits(optarg, 7)) > 56 || fbbits == 0)
1.4 deraadt 235: err(1, "-F: number must be 1-56 inclusive");
1.1 deraadt 236: else if (fbbits == -1)
1.4 deraadt 237: err(1, "-F: number must be a multiple of 7");
1.1 deraadt 238: break;
239: case 'f': /* use CFB mode */
240: alg = ALG_CFB;
241: if ((fbbits = setbits(optarg, 8)) > 64 || fbbits == 0)
1.4 deraadt 242: err(1, "-f: number must be 1-64 inclusive");
1.1 deraadt 243: else if (fbbits == -1)
1.4 deraadt 244: err(1, "-f: number must be a multiple of 8");
1.1 deraadt 245: break;
246: case 'k': /* encryption key */
247: kflag = 1;
248: cvtkey(BUFFER(msgbuf), optarg);
249: break;
250: case 'm': /* number of bits for MACing */
251: mode = MODE_AUTHENTICATE;
252: if ((macbits = setbits(optarg, 1)) > 64)
1.4 deraadt 253: err(1, "-m: number must be 0-64 inclusive");
1.1 deraadt 254: break;
255: case 'o': /* use OFB mode */
256: alg = ALG_OFB;
257: if ((fbbits = setbits(optarg, 8)) > 64 || fbbits == 0)
1.4 deraadt 258: err(1, "-o: number must be 1-64 inclusive");
1.1 deraadt 259: else if (fbbits == -1)
1.4 deraadt 260: err(1, "-o: number must be a multiple of 8");
1.1 deraadt 261: break;
262: case 'p': /* preserve parity bits */
263: pflag = 1;
264: break;
265: case 'v': /* set initialization vector */
266: cvtkey(BUFFER(ivec), optarg);
267: break;
268: default: /* error */
269: usage();
270: }
271:
272: if (!kflag) {
273: /*
274: * if the key's not ASCII, assume it is
275: */
276: keybase = KEY_ASCII;
277: /*
278: * get the key
279: */
280: p = getpass("Enter key: ");
281: /*
282: * copy it, nul-padded, into the key area
283: */
284: cvtkey(BUFFER(msgbuf), p);
285: }
286:
287: makekey(msgbuf);
288: inverse = (alg == ALG_CBC || alg == ALG_ECB) && mode == MODE_DECRYPT;
289:
290: switch(alg) {
291: case ALG_CBC:
292: switch(mode) {
293: case MODE_AUTHENTICATE: /* authenticate using CBC mode */
294: cbcauth();
295: break;
296: case MODE_DECRYPT: /* decrypt using CBC mode */
297: cbcdec();
298: break;
299: case MODE_ENCRYPT: /* encrypt using CBC mode */
300: cbcenc();
301: break;
302: }
303: break;
304: case ALG_CFB:
305: switch(mode) {
306: case MODE_AUTHENTICATE: /* authenticate using CFB mode */
307: cfbauth();
308: break;
309: case MODE_DECRYPT: /* decrypt using CFB mode */
310: cfbdec();
311: break;
312: case MODE_ENCRYPT: /* encrypt using CFB mode */
313: cfbenc();
314: break;
315: }
316: break;
317: case ALG_CFBA:
318: switch(mode) {
319: case MODE_AUTHENTICATE: /* authenticate using CFBA mode */
1.4 deraadt 320: err(1, "can't authenticate with CFBA mode");
1.1 deraadt 321: break;
322: case MODE_DECRYPT: /* decrypt using CFBA mode */
323: cfbadec();
324: break;
325: case MODE_ENCRYPT: /* encrypt using CFBA mode */
326: cfbaenc();
327: break;
328: }
329: break;
330: case ALG_ECB:
331: switch(mode) {
332: case MODE_AUTHENTICATE: /* authenticate using ECB mode */
1.4 deraadt 333: err(1, "can't authenticate with ECB mode");
1.1 deraadt 334: break;
335: case MODE_DECRYPT: /* decrypt using ECB mode */
336: ecbdec();
337: break;
338: case MODE_ENCRYPT: /* encrypt using ECB mode */
339: ecbenc();
340: break;
341: }
342: break;
343: case ALG_OFB:
344: switch(mode) {
345: case MODE_AUTHENTICATE: /* authenticate using OFB mode */
1.4 deraadt 346: err(1, "can't authenticate with OFB mode");
1.1 deraadt 347: break;
348: case MODE_DECRYPT: /* decrypt using OFB mode */
349: ofbdec();
350: break;
351: case MODE_ENCRYPT: /* encrypt using OFB mode */
352: ofbenc();
353: break;
354: }
355: break;
356: }
357: exit(0);
358: }
359:
360: /*
361: * map a hex character to an integer
362: */
1.5 deraadt 363: int
1.1 deraadt 364: tobinhex(c, radix)
365: char c; /* char to be converted */
366: int radix; /* base (2 to 16) */
367: {
368: switch(c) {
369: case '0': return(0x0);
370: case '1': return(0x1);
371: case '2': return(radix > 2 ? 0x2 : -1);
372: case '3': return(radix > 3 ? 0x3 : -1);
373: case '4': return(radix > 4 ? 0x4 : -1);
374: case '5': return(radix > 5 ? 0x5 : -1);
375: case '6': return(radix > 6 ? 0x6 : -1);
376: case '7': return(radix > 7 ? 0x7 : -1);
377: case '8': return(radix > 8 ? 0x8 : -1);
378: case '9': return(radix > 9 ? 0x9 : -1);
379: case 'A': case 'a': return(radix > 10 ? 0xa : -1);
380: case 'B': case 'b': return(radix > 11 ? 0xb : -1);
381: case 'C': case 'c': return(radix > 12 ? 0xc : -1);
382: case 'D': case 'd': return(radix > 13 ? 0xd : -1);
383: case 'E': case 'e': return(radix > 14 ? 0xe : -1);
384: case 'F': case 'f': return(radix > 15 ? 0xf : -1);
385: }
386: /*
387: * invalid character
388: */
389: return(-1);
390: }
391:
392: /*
393: * convert the key to a bit pattern
394: */
1.5 deraadt 395: void
1.1 deraadt 396: cvtkey(obuf, ibuf)
397: char *obuf; /* bit pattern */
398: char *ibuf; /* the key itself */
399: {
1.6 mpech 400: int i, j; /* counter in a for loop */
1.1 deraadt 401: int nbuf[64]; /* used for hex/key translation */
402:
403: /*
404: * just switch on the key base
405: */
406: switch(keybase) {
407: case KEY_ASCII: /* ascii to integer */
408: (void)strncpy(obuf, ibuf, 8);
409: return;
410: case KEY_DEFAULT: /* tell from context */
411: /*
412: * leading '0x' or '0X' == hex key
413: */
414: if (ibuf[0] == '0' && (ibuf[1] == 'x' || ibuf[1] == 'X')) {
415: ibuf = &ibuf[2];
416: /*
417: * now translate it, bombing on any illegal hex digit
418: */
419: for (i = 0; ibuf[i] && i < 16; i++)
420: if ((nbuf[i] = tobinhex(ibuf[i], 16)) == -1)
1.4 deraadt 421: err(1, "bad hex digit in key");
1.1 deraadt 422: while (i < 16)
423: nbuf[i++] = 0;
424: for (i = 0; i < 8; i++)
425: obuf[i] =
426: ((nbuf[2*i]&0xf)<<4) | (nbuf[2*i+1]&0xf);
427: /* preserve parity bits */
428: pflag = 1;
429: return;
430: }
431: /*
432: * leading '0b' or '0B' == binary key
433: */
434: if (ibuf[0] == '0' && (ibuf[1] == 'b' || ibuf[1] == 'B')) {
435: ibuf = &ibuf[2];
436: /*
437: * now translate it, bombing on any illegal binary digit
438: */
439: for (i = 0; ibuf[i] && i < 16; i++)
440: if ((nbuf[i] = tobinhex(ibuf[i], 2)) == -1)
1.4 deraadt 441: err(1, "bad binary digit in key");
1.1 deraadt 442: while (i < 64)
443: nbuf[i++] = 0;
444: for (i = 0; i < 8; i++)
445: for (j = 0; j < 8; j++)
446: obuf[i] = (obuf[i]<<1)|nbuf[8*i+j];
447: /* preserve parity bits */
448: pflag = 1;
449: return;
450: }
451: /*
452: * no special leader -- ASCII
453: */
454: (void)strncpy(obuf, ibuf, 8);
455: }
456: }
457:
458: /*
459: * convert an ASCII string into a decimal number:
460: * 1. must be between 0 and 64 inclusive
461: * 2. must be a valid decimal number
462: * 3. must be a multiple of mult
463: */
1.5 deraadt 464: int
1.1 deraadt 465: setbits(s, mult)
466: char *s; /* the ASCII string */
467: int mult; /* what it must be a multiple of */
468: {
1.6 mpech 469: char *p; /* pointer in a for loop */
470: int n = 0; /* the integer collected */
1.1 deraadt 471:
472: /*
473: * skip white space
474: */
475: while (isspace(*s))
476: s++;
477: /*
478: * get the integer
479: */
480: for (p = s; *p; p++) {
481: if (isdigit(*p))
482: n = n * 10 + *p - '0';
483: else {
1.4 deraadt 484: err(1, "bad decimal digit in MAC length");
1.1 deraadt 485: }
486: }
487: /*
488: * be sure it's a multiple of mult
489: */
490: return((n % mult != 0) ? -1 : n);
491: }
492:
493: /*****************
494: * DES FUNCTIONS *
495: *****************/
496: /*
497: * This sets the DES key and (if you're using the deszip version)
498: * the direction of the transformation. This uses the Sun
499: * to map the 64-bit key onto the 56 bits that the key schedule
500: * generation routines use: the old way, which just uses the user-
501: * supplied 64 bits as is, and the new way, which resets the parity
502: * bit to be the same as the low-order bit in each character. The
503: * new way generates a greater variety of key schedules, since many
504: * systems set the parity (high) bit of each character to 0, and the
505: * DES ignores the low order bit of each character.
506: */
1.5 deraadt 507: void
1.1 deraadt 508: makekey(buf)
509: Desbuf buf; /* key block */
510: {
1.6 mpech 511: int i, j; /* counter in a for loop */
512: int par; /* parity counter */
1.1 deraadt 513:
514: /*
515: * if the parity is not preserved, flip it
516: */
517: if (!pflag) {
518: for (i = 0; i < 8; i++) {
519: par = 0;
520: for (j = 1; j < 8; j++)
521: if ((bits[j]&UCHAR(buf, i)) != 0)
522: par++;
523: if ((par&01) == 01)
524: UCHAR(buf, i) = UCHAR(buf, i)&0177;
525: else
526: UCHAR(buf, i) = (UCHAR(buf, i)&0177)|0200;
527: }
528: }
529:
530: DES_KEY(UBUFFER(buf));
531: }
532:
533: /*
534: * This encrypts using the Electronic Code Book mode of DES
535: */
1.5 deraadt 536: void
1.1 deraadt 537: ecbenc()
538: {
1.6 mpech 539: int n; /* number of bytes actually read */
540: int bn; /* block number */
1.1 deraadt 541: Desbuf msgbuf; /* I/O buffer */
542:
543: for (bn = 0; (n = READ(BUFFER(msgbuf), 8)) == 8; bn++) {
544: /*
545: * do the transformation
546: */
547: DES_XFORM(UBUFFER(msgbuf));
548: WRITE(BUFFER(msgbuf), 8);
549: }
550: /*
551: * at EOF or last block -- in either ase, the last byte contains
552: * the character representation of the number of bytes in it
553: */
554: bn++;
555: MEMZERO(&CHAR(msgbuf, n), 8 - n);
556: CHAR(msgbuf, 7) = n;
557: DES_XFORM(UBUFFER(msgbuf));
558: WRITE(BUFFER(msgbuf), 8);
559:
560: }
561:
562: /*
563: * This decrypts using the Electronic Code Book mode of DES
564: */
1.5 deraadt 565: void
1.1 deraadt 566: ecbdec()
567: {
1.6 mpech 568: int n; /* number of bytes actually read */
569: int c; /* used to test for EOF */
570: int bn; /* block number */
1.1 deraadt 571: Desbuf msgbuf; /* I/O buffer */
572:
573: for (bn = 1; (n = READ(BUFFER(msgbuf), 8)) == 8; bn++) {
574: /*
575: * do the transformation
576: */
577: DES_XFORM(UBUFFER(msgbuf));
578: /*
579: * if the last one, handle it specially
580: */
581: if ((c = getchar()) == EOF) {
582: n = CHAR(msgbuf, 7);
583: if (n < 0 || n > 7)
1.4 deraadt 584: err(1, "decryption failed (block %d corrupted)", bn);
1.1 deraadt 585: }
586: else
587: (void)ungetc(c, stdin);
588: WRITE(BUFFER(msgbuf), n);
589: }
590: if (n > 0)
1.4 deraadt 591: err(1, "decryption failed (block %d incomplete)", bn);
1.1 deraadt 592: }
593:
594: /*
595: * This encrypts using the Cipher Block Chaining mode of DES
596: */
1.5 deraadt 597: void
1.1 deraadt 598: cbcenc()
599: {
1.6 mpech 600: int n; /* number of bytes actually read */
601: int bn; /* block number */
1.1 deraadt 602: Desbuf msgbuf; /* I/O buffer */
603:
604: /*
605: * do the transformation
606: */
607: for (bn = 1; (n = READ(BUFFER(msgbuf), 8)) == 8; bn++) {
608: for (n = 0; n < 8; n++)
609: CHAR(msgbuf, n) ^= CHAR(ivec, n);
610: DES_XFORM(UBUFFER(msgbuf));
611: MEMCPY(BUFFER(ivec), BUFFER(msgbuf), 8);
612: WRITE(BUFFER(msgbuf), 8);
613: }
614: /*
615: * at EOF or last block -- in either case, the last byte contains
616: * the character representation of the number of bytes in it
617: */
618: bn++;
619: MEMZERO(&CHAR(msgbuf, n), 8 - n);
620: CHAR(msgbuf, 7) = n;
621: for (n = 0; n < 8; n++)
622: CHAR(msgbuf, n) ^= CHAR(ivec, n);
623: DES_XFORM(UBUFFER(msgbuf));
624: WRITE(BUFFER(msgbuf), 8);
625:
626: }
627:
628: /*
629: * This decrypts using the Cipher Block Chaining mode of DES
630: */
1.5 deraadt 631: void
1.1 deraadt 632: cbcdec()
633: {
1.6 mpech 634: int n; /* number of bytes actually read */
1.1 deraadt 635: Desbuf msgbuf; /* I/O buffer */
636: Desbuf ibuf; /* temp buffer for initialization vector */
1.6 mpech 637: int c; /* used to test for EOF */
638: int bn; /* block number */
1.1 deraadt 639:
640: for (bn = 0; (n = READ(BUFFER(msgbuf), 8)) == 8; bn++) {
641: /*
642: * do the transformation
643: */
644: MEMCPY(BUFFER(ibuf), BUFFER(msgbuf), 8);
645: DES_XFORM(UBUFFER(msgbuf));
646: for (c = 0; c < 8; c++)
647: UCHAR(msgbuf, c) ^= UCHAR(ivec, c);
648: MEMCPY(BUFFER(ivec), BUFFER(ibuf), 8);
649: /*
650: * if the last one, handle it specially
651: */
652: if ((c = getchar()) == EOF) {
653: n = CHAR(msgbuf, 7);
654: if (n < 0 || n > 7)
1.4 deraadt 655: err(1, "decryption failed (block %d corrupted)", bn);
1.1 deraadt 656: }
657: else
658: (void)ungetc(c, stdin);
659: WRITE(BUFFER(msgbuf), n);
660: }
661: if (n > 0)
1.4 deraadt 662: err(1, "decryption failed (block %d incomplete)", bn);
1.1 deraadt 663: }
664:
665: /*
666: * This authenticates using the Cipher Block Chaining mode of DES
667: */
1.5 deraadt 668: void
1.1 deraadt 669: cbcauth()
670: {
1.6 mpech 671: int n, j; /* number of bytes actually read */
1.1 deraadt 672: Desbuf msgbuf; /* I/O buffer */
673: Desbuf encbuf; /* encryption buffer */
674:
675: /*
676: * do the transformation
677: * note we DISCARD the encrypted block;
678: * we only care about the last one
679: */
680: while ((n = READ(BUFFER(msgbuf), 8)) == 8) {
681: for (n = 0; n < 8; n++)
682: CHAR(encbuf, n) = CHAR(msgbuf, n) ^ CHAR(ivec, n);
683: DES_XFORM(UBUFFER(encbuf));
684: MEMCPY(BUFFER(ivec), BUFFER(encbuf), 8);
685: }
686: /*
687: * now compute the last one, right padding with '\0' if need be
688: */
689: if (n > 0) {
690: MEMZERO(&CHAR(msgbuf, n), 8 - n);
691: for (n = 0; n < 8; n++)
692: CHAR(encbuf, n) = CHAR(msgbuf, n) ^ CHAR(ivec, n);
693: DES_XFORM(UBUFFER(encbuf));
694: }
695: /*
696: * drop the bits
697: * we write chars until fewer than 7 bits,
698: * and then pad the last one with 0 bits
699: */
700: for (n = 0; macbits > 7; n++, macbits -= 8)
701: (void)putchar(CHAR(encbuf, n));
702: if (macbits > 0) {
703: CHAR(msgbuf, 0) = 0x00;
704: for (j = 0; j < macbits; j++)
705: CHAR(msgbuf, 0) |= (CHAR(encbuf, n)&bits[j]);
706: (void)putchar(CHAR(msgbuf, 0));
707: }
708: }
709:
710: /*
711: * This encrypts using the Cipher FeedBack mode of DES
712: */
1.5 deraadt 713: void
1.1 deraadt 714: cfbenc()
715: {
1.6 mpech 716: int n; /* number of bytes actually read */
717: int nbytes; /* number of bytes to read */
718: int bn; /* block number */
1.1 deraadt 719: char ibuf[8]; /* input buffer */
720: Desbuf msgbuf; /* encryption buffer */
721:
722: /*
723: * do things in bytes, not bits
724: */
725: nbytes = fbbits / 8;
726: /*
727: * do the transformation
728: */
729: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
730: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
731: DES_XFORM(UBUFFER(msgbuf));
732: for (n = 0; n < 8 - nbytes; n++)
733: UCHAR(ivec, n) = UCHAR(ivec, n+nbytes);
734: for (n = 0; n < nbytes; n++)
735: UCHAR(ivec, 8-nbytes+n) = ibuf[n] ^ UCHAR(msgbuf, n);
736: WRITE(&CHAR(ivec, 8-nbytes), nbytes);
737: }
738: /*
739: * at EOF or last block -- in either case, the last byte contains
740: * the character representation of the number of bytes in it
741: */
742: bn++;
743: MEMZERO(&ibuf[n], nbytes - n);
744: ibuf[nbytes - 1] = n;
745: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
746: DES_XFORM(UBUFFER(msgbuf));
747: for (n = 0; n < nbytes; n++)
748: ibuf[n] ^= UCHAR(msgbuf, n);
749: WRITE(ibuf, nbytes);
750: }
751:
752: /*
753: * This decrypts using the Cipher Block Chaining mode of DES
754: */
1.5 deraadt 755: void
1.1 deraadt 756: cfbdec()
757: {
1.6 mpech 758: int n; /* number of bytes actually read */
759: int c; /* used to test for EOF */
760: int nbytes; /* number of bytes to read */
761: int bn; /* block number */
1.1 deraadt 762: char ibuf[8]; /* input buffer */
763: char obuf[8]; /* output buffer */
764: Desbuf msgbuf; /* encryption buffer */
765:
766: /*
767: * do things in bytes, not bits
768: */
769: nbytes = fbbits / 8;
770: /*
771: * do the transformation
772: */
773: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
774: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
775: DES_XFORM(UBUFFER(msgbuf));
776: for (c = 0; c < 8 - nbytes; c++)
777: CHAR(ivec, c) = CHAR(ivec, c+nbytes);
778: for (c = 0; c < nbytes; c++) {
779: CHAR(ivec, 8-nbytes+c) = ibuf[c];
780: obuf[c] = ibuf[c] ^ UCHAR(msgbuf, c);
781: }
782: /*
783: * if the last one, handle it specially
784: */
785: if ((c = getchar()) == EOF) {
786: n = obuf[nbytes-1];
787: if (n < 0 || n > nbytes-1)
1.4 deraadt 788: err(1, "decryption failed (block %d corrupted)", bn);
1.1 deraadt 789: }
790: else
791: (void)ungetc(c, stdin);
792: WRITE(obuf, n);
793: }
794: if (n > 0)
1.4 deraadt 795: err(1, "decryption failed (block %d incomplete)", bn);
1.1 deraadt 796: }
797:
798: /*
799: * This encrypts using the alternative Cipher FeedBack mode of DES
800: */
1.5 deraadt 801: void
1.1 deraadt 802: cfbaenc()
803: {
1.6 mpech 804: int n; /* number of bytes actually read */
805: int nbytes; /* number of bytes to read */
806: int bn; /* block number */
1.1 deraadt 807: char ibuf[8]; /* input buffer */
808: char obuf[8]; /* output buffer */
809: Desbuf msgbuf; /* encryption buffer */
810:
811: /*
812: * do things in bytes, not bits
813: */
814: nbytes = fbbits / 7;
815: /*
816: * do the transformation
817: */
818: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
819: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
820: DES_XFORM(UBUFFER(msgbuf));
821: for (n = 0; n < 8 - nbytes; n++)
822: UCHAR(ivec, n) = UCHAR(ivec, n+nbytes);
823: for (n = 0; n < nbytes; n++)
824: UCHAR(ivec, 8-nbytes+n) = (ibuf[n] ^ UCHAR(msgbuf, n))
825: |0200;
826: for (n = 0; n < nbytes; n++)
827: obuf[n] = CHAR(ivec, 8-nbytes+n)&0177;
828: WRITE(obuf, nbytes);
829: }
830: /*
831: * at EOF or last block -- in either case, the last byte contains
832: * the character representation of the number of bytes in it
833: */
834: bn++;
835: MEMZERO(&ibuf[n], nbytes - n);
836: ibuf[nbytes - 1] = ('0' + n)|0200;
837: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
838: DES_XFORM(UBUFFER(msgbuf));
839: for (n = 0; n < nbytes; n++)
840: ibuf[n] ^= UCHAR(msgbuf, n);
841: WRITE(ibuf, nbytes);
842: }
843:
844: /*
845: * This decrypts using the alternative Cipher Block Chaining mode of DES
846: */
1.5 deraadt 847: void
1.1 deraadt 848: cfbadec()
849: {
1.6 mpech 850: int n; /* number of bytes actually read */
851: int c; /* used to test for EOF */
852: int nbytes; /* number of bytes to read */
853: int bn; /* block number */
1.1 deraadt 854: char ibuf[8]; /* input buffer */
855: char obuf[8]; /* output buffer */
856: Desbuf msgbuf; /* encryption buffer */
857:
858: /*
859: * do things in bytes, not bits
860: */
861: nbytes = fbbits / 7;
862: /*
863: * do the transformation
864: */
865: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
866: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
867: DES_XFORM(UBUFFER(msgbuf));
868: for (c = 0; c < 8 - nbytes; c++)
869: CHAR(ivec, c) = CHAR(ivec, c+nbytes);
870: for (c = 0; c < nbytes; c++) {
871: CHAR(ivec, 8-nbytes+c) = ibuf[c]|0200;
872: obuf[c] = (ibuf[c] ^ UCHAR(msgbuf, c))&0177;
873: }
874: /*
875: * if the last one, handle it specially
876: */
877: if ((c = getchar()) == EOF) {
878: if ((n = (obuf[nbytes-1] - '0')) < 0
879: || n > nbytes-1)
1.4 deraadt 880: err(1, "decryption failed (block %d corrupted)", bn);
1.1 deraadt 881: }
882: else
883: (void)ungetc(c, stdin);
884: WRITE(obuf, n);
885: }
886: if (n > 0)
1.4 deraadt 887: err(1, "decryption failed (block %d incomplete)", bn);
1.1 deraadt 888: }
889:
890:
891: /*
892: * This encrypts using the Output FeedBack mode of DES
893: */
1.5 deraadt 894: void
1.1 deraadt 895: ofbenc()
896: {
1.6 mpech 897: int n; /* number of bytes actually read */
898: int c; /* used to test for EOF */
899: int nbytes; /* number of bytes to read */
900: int bn; /* block number */
1.1 deraadt 901: char ibuf[8]; /* input buffer */
902: char obuf[8]; /* output buffer */
903: Desbuf msgbuf; /* encryption buffer */
904:
905: /*
906: * do things in bytes, not bits
907: */
908: nbytes = fbbits / 8;
909: /*
910: * do the transformation
911: */
912: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
913: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
914: DES_XFORM(UBUFFER(msgbuf));
915: for (n = 0; n < 8 - nbytes; n++)
916: UCHAR(ivec, n) = UCHAR(ivec, n+nbytes);
917: for (n = 0; n < nbytes; n++) {
918: UCHAR(ivec, 8-nbytes+n) = UCHAR(msgbuf, n);
919: obuf[n] = ibuf[n] ^ UCHAR(msgbuf, n);
920: }
921: WRITE(obuf, nbytes);
922: }
923: /*
924: * at EOF or last block -- in either case, the last byte contains
925: * the character representation of the number of bytes in it
926: */
927: bn++;
928: MEMZERO(&ibuf[n], nbytes - n);
929: ibuf[nbytes - 1] = n;
930: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
931: DES_XFORM(UBUFFER(msgbuf));
932: for (c = 0; c < nbytes; c++)
933: ibuf[c] ^= UCHAR(msgbuf, c);
934: WRITE(ibuf, nbytes);
935: }
936:
937: /*
938: * This decrypts using the Output Block Chaining mode of DES
939: */
1.5 deraadt 940: void
1.1 deraadt 941: ofbdec()
942: {
1.6 mpech 943: int n; /* number of bytes actually read */
944: int c; /* used to test for EOF */
945: int nbytes; /* number of bytes to read */
946: int bn; /* block number */
1.1 deraadt 947: char ibuf[8]; /* input buffer */
948: char obuf[8]; /* output buffer */
949: Desbuf msgbuf; /* encryption buffer */
950:
951: /*
952: * do things in bytes, not bits
953: */
954: nbytes = fbbits / 8;
955: /*
956: * do the transformation
957: */
958: for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) {
959: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
960: DES_XFORM(UBUFFER(msgbuf));
961: for (c = 0; c < 8 - nbytes; c++)
962: CHAR(ivec, c) = CHAR(ivec, c+nbytes);
963: for (c = 0; c < nbytes; c++) {
964: CHAR(ivec, 8-nbytes+c) = UCHAR(msgbuf, c);
965: obuf[c] = ibuf[c] ^ UCHAR(msgbuf, c);
966: }
967: /*
968: * if the last one, handle it specially
969: */
970: if ((c = getchar()) == EOF) {
971: n = obuf[nbytes-1];
972: if (n < 0 || n > nbytes-1)
1.4 deraadt 973: err(1, "decryption failed (block %d corrupted)", bn);
1.1 deraadt 974: }
975: else
976: (void)ungetc(c, stdin);
977: /*
978: * dump it
979: */
980: WRITE(obuf, n);
981: }
982: if (n > 0)
1.4 deraadt 983: err(1, "decryption failed (block %d incomplete)", bn);
1.1 deraadt 984: }
985:
986: /*
987: * This authenticates using the Cipher FeedBack mode of DES
988: */
1.5 deraadt 989: void
1.1 deraadt 990: cfbauth()
991: {
1.6 mpech 992: int n, j; /* number of bytes actually read */
993: int nbytes; /* number of bytes to read */
1.1 deraadt 994: char ibuf[8]; /* input buffer */
995: Desbuf msgbuf; /* encryption buffer */
996:
997: /*
998: * do things in bytes, not bits
999: */
1000: nbytes = fbbits / 8;
1001: /*
1002: * do the transformation
1003: */
1004: while ((n = READ(ibuf, nbytes)) == nbytes) {
1005: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
1006: DES_XFORM(UBUFFER(msgbuf));
1007: for (n = 0; n < 8 - nbytes; n++)
1008: UCHAR(ivec, n) = UCHAR(ivec, n+nbytes);
1009: for (n = 0; n < nbytes; n++)
1010: UCHAR(ivec, 8-nbytes+n) = ibuf[n] ^ UCHAR(msgbuf, n);
1011: }
1012: /*
1013: * at EOF or last block -- in either case, the last byte contains
1014: * the character representation of the number of bytes in it
1015: */
1016: MEMZERO(&ibuf[n], nbytes - n);
1017: ibuf[nbytes - 1] = '0' + n;
1018: MEMCPY(BUFFER(msgbuf), BUFFER(ivec), 8);
1019: DES_XFORM(UBUFFER(msgbuf));
1020: for (n = 0; n < nbytes; n++)
1021: ibuf[n] ^= UCHAR(msgbuf, n);
1022: /*
1023: * drop the bits
1024: * we write chars until fewer than 7 bits,
1025: * and then pad the last one with 0 bits
1026: */
1027: for (n = 0; macbits > 7; n++, macbits -= 8)
1028: (void)putchar(CHAR(msgbuf, n));
1029: if (macbits > 0) {
1030: CHAR(msgbuf, 0) = 0x00;
1031: for (j = 0; j < macbits; j++)
1032: CHAR(msgbuf, 0) |= (CHAR(msgbuf, n)&bits[j]);
1033: (void)putchar(CHAR(msgbuf, 0));
1034: }
1035: }
1036:
1037: #ifndef FASTWAY
1038: /*
1039: * change from 8 bits/Uchar to 1 bit/Uchar
1040: */
1041: expand(from, to)
1042: Desbuf from; /* 8bit/unsigned char string */
1043: char *to; /* 1bit/char string */
1044: {
1.6 mpech 1045: int i, j; /* counters in for loop */
1.1 deraadt 1046:
1047: for (i = 0; i < 8; i++)
1048: for (j = 0; j < 8; j++)
1049: *to++ = (CHAR(from, i)>>(7-j))&01;
1050: }
1051:
1052: /*
1053: * change from 1 bit/char to 8 bits/Uchar
1054: */
1055: compress(from, to)
1056: char *from; /* 1bit/char string */
1057: Desbuf to; /* 8bit/unsigned char string */
1058: {
1.6 mpech 1059: int i, j; /* counters in for loop */
1.1 deraadt 1060:
1061: for (i = 0; i < 8; i++) {
1062: CHAR(to, i) = 0;
1063: for (j = 0; j < 8; j++)
1064: CHAR(to, i) = ((*from++)<<(7-j))|CHAR(to, i);
1065: }
1066: }
1067: #endif
1068:
1069: /*
1070: * message about usage
1071: */
1.5 deraadt 1072: void
1.1 deraadt 1073: usage()
1074: {
1075: (void)fprintf(stderr, "%s\n",
1076: "usage: bdes [-abdp] [-F bit] [-f bit] [-k key] [-m bit] [-o bit] [-v vector]");
1077: exit(1);
1078: }