upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-05-28 04:12:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Initial import of eBones.

Browse source 
(Including all changes for FreeBSD - importing the original eBones distribution
would be too complex at this stage, since I don't have access to Piero's 
CVS.)
(If you want to include eBones in your system, don't forget to include
MAKE_EBONES in /etc/make.conf.)
(This stuff is now also suppable from braae.ru.ac.za.)

Bones originally from MIT SIPB.
Original port to FreeBSD 1.x  by Piero Serini.
Moved to FreeBSD 2.0 by Doug Rabson and Geoff Rehmet.
Nice bug fixes from Doug Rabson.
This commit is contained in:
Geoff Rehmet 1994-09-30 14:50:09 +00:00
parent 3c6459e594
commit 60643d379b
390 changed files with 46955 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

105
eBones/ARTISTIC.libdes Normal file
View file

@ -0,0 +1,105 @@
The "Artistic License"
Preamble
The intent of this document is to state the conditions under which a
Package may be copied, such that the Copyright Holder maintains some
semblance of artistic control over the development of the package,
while giving the users of the package the right to use and distribute
the Package in a more-or-less customary fashion, plus the right to make
reasonable modifications.
Definitions:
"Package" refers to the collection of files distributed by the
Copyright Holder, and derivatives of that collection of files
created through textual modification.
"Standard Version" refers to such a Package if it has not been
modified, or has been modified in accordance with the wishes
of the Copyright Holder as specified below.
"Copyright Holder" is whoever is named in the copyright or
copyrights for the package.
"You" is you, if you're thinking about copying or distributing
this Package.
"Reasonable copying fee" is whatever you can justify on the
basis of media cost, duplication charges, time of people involved,
and so on. (You will not be required to justify it to the
Copyright Holder, but only to the computing community at large
as a market that must bear the fee.)
"Freely Available" means that no fee is charged for the item
itself, though there may be fees involved in handling the item.
It also means that recipients of the item may redistribute it
under the same conditions they received it.
1. You may make and give away verbatim copies of the source form of the
Standard Version of this Package without restriction, provided that you
duplicate all of the original copyright notices and associated disclaimers.
2. You may apply bug fixes, portability fixes and other modifications
derived from the Public Domain or from the Copyright Holder. A Package
modified in such a way shall still be considered the Standard Version.
3. You may otherwise modify your copy of this Package in any way, provided
that you insert a prominent notice in each changed file stating how and
when you changed that file, and provided that you do at least ONE of the
following:
a) place your modifications in the Public Domain or otherwise make them
Freely Available, such as by posting said modifications to Usenet or
an equivalent medium, or placing the modifications on a major archive
site such as uunet.uu.net, or by allowing the Copyright Holder to include
your modifications in the Standard Version of the Package.
b) use the modified Package only within your corporation or organization.
c) rename any non-standard executables so the names do not conflict
with standard executables, which must also be provided, and provide
a separate manual page for each non-standard executable that clearly
documents how it differs from the Standard Version.
d) make other distribution arrangements with the Copyright Holder.
4. You may distribute the programs of this Package in object code or
executable form, provided that you do at least ONE of the following:
a) distribute a Standard Version of the executables and library files,
together with instructions (in the manual page or equivalent) on where
to get the Standard Version.
b) accompany the distribution with the machine-readable source of
the Package with your modifications.
c) give non-standard executables non-standard names, and clearly
document the differences in manual pages (or equivalent), together
with instructions on where to get the Standard Version.
d) make other distribution arrangements with the Copyright Holder.
5. You may charge a reasonable copying fee for any distribution of this
Package. You may charge any fee you choose for support of this
Package. You may not charge a fee for this Package itself. However,
you may distribute this Package in aggregate with other (possibly
commercial) programs as part of a larger (possibly commercial) software
distribution provided that you do not advertise this Package as a
product of your own.
6. Any programs linked with this library do not automatically fall
under the copyright of this Package, but belong to whomever generated
them, and may be sold commercially, and may be aggregated with this
Package.
7. The name of the Copyright Holder may not be used to endorse or promote
products derived from this software without specific prior written permission.
8. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
The End

24
eBones/Copyright.MIT Normal file
View file

@ -0,0 +1,24 @@
# $Id: Copyright.MIT,v 1.2 1994/07/19 19:21:03 g89r4222 Exp $
The following Copyright notice applies to the original Bones package.
/*-
Copyright (C) 1989 by the Massachusetts Institute of Technology
Export of this software from the United States of America is assumed
to require a specific license from the United States Government.
It is the responsibility of any person or organization contemplating
export to obtain such a license before exporting.
WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
distribute this software and its documentation for any purpose and
without fee is hereby granted, provided that the above copyright
notice appear in all copies and that both that copyright notice and
this permission notice appear in supporting documentation, and that
the name of M.I.T. not be used in advertising or publicity pertaining
to distribution of the software without specific, written prior
permission. M.I.T. makes no representations about the suitability of
this software for any purpose. It is provided "as is" without express
or implied warranty.
*/

23
eBones/Copyright.SIPB Normal file
View file

@ -0,0 +1,23 @@
# $Id: Copyright.SIPB,v 1.2 1994/07/19 19:21:05 g89r4222 Exp $
The following Copyright notice applies to parts of the Bones package.
See source code for exact references.
/*-
Copyright 1987 by the Student Information Processing Board
of the Massachusetts Institute of Technology
Permission to use, copy, modify, and distribute this software
and its documentation for any purpose and without fee is
hereby granted, provided that the above copyright notice
appear in all copies and that both that copyright notice and
this permission notice appear in supporting documentation,
and that the names of M.I.T. and the M.I.T. S.I.P.B. not be
used in advertising or publicity pertaining to distribution
of the software without specific, written prior permission.
M.I.T. and the M.I.T. S.I.P.B. make no representations about
the suitability of this software for any purpose. It is
provided "as is" without express or implied warranty.
*/

25
eBones/Makefile Normal file
View file

@ -0,0 +1,25 @@
# From: @(#)Makefile 5.1 (Berkeley) 6/25/90
# $Id: Makefile,v 1.12 1994/09/30 13:34:39 g89r4222 Exp $
SUBDIR= include
SUBDIR+= des compile_et acl ext_srvtab include kdb kdb_destroy kdb_edit \
kdb_init kdb_util kdestroy kerberos kinit klist krb ksrvtgt \
kstash man register registerd make_keypair
SDIR= ${.CURDIR}/..
# These are the programs which depend on kerberos
# It's nice to know who they are
kprog:
cd ${SDIR}/bin/rcp; make cleandir obj ; make -DNOMAN depend all install
cd ${SDIR}/libexec/rlogind;make cleandir;make -DNOMAN depend all install
cd ${SDIR}/libexec/rshd; make cleandir; make -DNOMAN depend all install
cd ${SDIR}/usr.bin/login; make cleandir; make -DNOMAN depend all install
cd ${SDIR}/usr.bin/passwd;make cleandir; make -DNOMAN depend all install
cd ${SDIR}/usr.bin/rlogin;make cleandir; make -DNOMAN depend all install
cd ${SDIR}/usr.bin/rsh; make cleandir; make -DNOMAN depend all install
cd ${SDIR}/usr.bin/su; make cleandir; make -DNOMAN depend all install
cd ${SDIR}/libexec/kpasswdd; make cleandir; make depend all install
.include <bsd.subdir.mk>

37
eBones/Makefile.inc Normal file
View file

@ -0,0 +1,37 @@
# From: @(#)Makefile.inc 5.1 (Berkeley) 6/25/90
# $Id: Makefile.inc,v 1.3 1994/09/24 14:04:08 g89r4222 Exp $
BINDIR?= /usr/sbin
SHLIB_MAJOR?= 2
SHLIB_MINOR?= 0
.if exists(${.CURDIR}/../des/obj)
DESOBJDIR= ${.CURDIR}/../des/obj
.else
DESOBJDIR= ${.CURDIR}/../des
.endif
.if exists(${.CURDIR}/../krb/obj)
KRBOBJDIR= ${.CURDIR}/../krb/obj
.else
KRBOBJDIR= ${.CURDIR}/../krb
.endif
.if exists(${.CURDIR}/../kdb/obj)
KDBOBJDIR= ${.CURDIR}/../kdb/obj
.else
KDBOBJDIR= ${.CURDIR}/../kdb
.endif
.if exists(${.CURDIR}/../acl/obj)
ACLOBJDIR= ${.CURDIR}/../acl/obj
.else
ACLOBJDIR= ${.CURDIR}/../acl
.endif
.if exists(${.CURDIR}/../compile_et/obj)
COMPILE_ET= ${.CURDIR}/../compile_et/obj/compile_et
.else
COMPILE_ET= ${.CURDIR}/../compile_et/compile_et
.endif

56
eBones/README.libdes Normal file
View file

@ -0,0 +1,56 @@
libdes, Version 3.00 93/10/07
Copyright (c) 1993, Eric Young
All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of either:
a) the GNU General Public License as published by the Free
Software Foundation; either version 1, or (at your option) any
later version, or
b) the "Artistic License" which comes with this Kit.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See either
the GNU General Public License or the Artistic License for more details.
You should have received a copy of the Artistic License with this
Kit, in the file named "Artistic". If not, I'll be glad to provide one.
You should also have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
---
This kit builds a DES encryption library and a DES encryption program.
It suports ecb, cbc, ofb, cfb, triple ecb, triple cbc and MIT's pcbc
encryption modes and also has a fast implementation of crypt(3).
It contains support routines to read keys from a terminal,
generate a random key, generate a key from an arbitary length string,
read/write encrypted data from/to a file descriptor.
The implementation was written so as to conform with the manual entry
for the des_crypt(3) library routines from MIT's project Athena.
destest should be run after compilation to test the des routines.
rpw should be run after compilation to test the read password routines.
The des program is a replacement for the sun des command. I believe it
conforms to the sun version.
The Imakefile is setup for use in the kerberos distribution.
These routines are best compiled with gcc or any other good
optimising compiler.
Just turn you optimiser up to the highest settings and run destest
after the build to make sure everything works.
I believe these routines are close to the fastest and most portable DES
routines that use small lookup tables (4.5k) that are publicly available.
The fcrypt routine is faster than ufc's fcrypt (when compiling with
gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
(on a sun3/260 168 vs 336).
Eric Young (eay@psych.psy.uq.oz.au)

10
eBones/acl/Makefile Normal file
View file

@ -0,0 +1,10 @@
# From: @(#)Makefile 5.1 (Berkeley) 6/25/90
# $Id: Makefile,v 1.3 1994/09/09 21:43:17 g89r4222 Exp $
LIB= acl
SHLIB_MAJOR= 2
SHLIB_MINOR= 0
CFLAGS+=-DDEBUG -DKERBEROS -I${.CURDIR}/../include
SRCS= acl_files.c
.include <bsd.lib.mk>

183
eBones/acl/acl_check.3 Normal file
View file

@ -0,0 +1,183 @@
.\" from: acl_check.3,v 4.1 89/01/23 11:06:54 jtkohl Exp $
.\" $Id: acl_check.3,v 1.2 1994/07/19 19:27:17 g89r4222 Exp $
.\" Copyright 1989 by the Massachusetts Institute of Technology.
.\"
.\" For copying and distribution information,
.\" please see the file <Copyright.MIT>.
.\"
.TH ACL_CHECK 3 "Kerberos Version 4.0" "MIT Project Athena"
.SH NAME
acl_canonicalize_principal, acl_check, acl_exact_match, acl_add,
acl_delete, acl_initialize \- Access control list routines
.SH SYNOPSIS
.nf
.nj
.ft B
cc <files> \-lacl \-lkrb
.PP
.ft B
#include <krb.h>
.PP
.ft B
acl_canonicalize_principal(principal, buf)
char *principal;
char *buf;
.PP
.ft B
acl_check(acl, principal)
char *acl;
char *principal;
.PP
.ft B
acl_exact_match(acl, principal)
char *acl;
char *principal;
.PP
.ft B
acl_add(acl, principal)
char *acl;
char *principal;
.PP
.ft B
acl_delete(acl, principal)
char *acl;
char *principal;
.PP
.ft B
acl_initialize(acl_file, mode)
char *acl_file;
int mode;
.fi
.ft R
.SH DESCRIPTION
.SS Introduction
.PP
An access control list (ACL) is a list of principals, where each
principal is represented by a text string which cannot contain
whitespace. The library allows application programs to refer to named
access control lists to test membership and to atomically add and
delete principals using a natural and intuitive interface. At
present, the names of access control lists are required to be Unix
filenames, and refer to human-readable Unix files; in the future, when
a networked ACL server is implemented, the names may refer to a
different namespace specific to the ACL service.
.PP
.SS Principal Names
.PP
Principal names have the form
.nf
.in +5n
<name>[.<instance>][@<realm>]
.in -5n
e.g.:
.in +5n
asp
asp.root
asp@ATHENA.MIT.EDU
asp.@ATHENA.MIT.EDU
asp.root@ATHENA.MIT.EDU
.in -5n
.fi
It is possible for principals to be underspecified. If an instance is
missing, it is assumed to be "". If realm is missing, it is assumed
to be the local realm as determined by
.IR krb_get_lrealm (3).
The canonical form contains all of name, instance,
and realm; the acl_add and acl_delete routines will always
leave the file in that form. Note that the canonical form of
asp@ATHENA.MIT.EDU is actually asp.@ATHENA.MIT.EDU.
.SS Routines
.PP
.I acl_canonicalize_principal
stores the canonical form of
.I principal
in
.IR buf .
.I Buf
must contain enough
space to store a principal, given the limits on the sizes of name,
instance, and realm specified as ANAME_SZ, INST_SZ, and REALM_SZ,
respectively, in
.IR /usr/include/krb.h .
.PP
.I acl_check
returns nonzero if
.I principal
appears in
.IR acl .
Returns 0 if principal
does not appear in acl, or if an error occurs. Canonicalizes
principal before checking, and allows the ACL to contain wildcards. The
only supported wildcards are entries of the form
name.*@realm, *.*@realm, and *.*@*. An asterisk matches any value for the
its component field. For example, "jtkohl.*@*" would match principal
jtkohl, with any instance and any realm.
.PP
.I acl_exact_match
performs like
.IR acl_check ,
but does no canonicalization or wildcard matching.
.PP
.I acl_add
atomically adds
.I principal
to
.IR acl .
Returns 0 if successful, nonzero otherwise. It is considered a failure
if
.I principal
is already in
.IR acl .
This routine will canonicalize
.IR principal ,
but will treat wildcards literally.
.PP
.I acl_delete
atomically deletes
.I principal
from
.IR acl .
Returns 0 if successful,
nonzero otherwise. It is considered a failure if
.I principal
is not
already in
.IR acl .
This routine will canonicalize
.IR principal ,
but will treat wildcards literally.
.PP
.I acl_initialize
initializes
.IR acl_file .
If the file
.I acl_file
does not exist,
.I acl_initialize
creates it with mode
.IR mode .
If the file
.I acl_file
exists,
.I acl_initialize
removes all members. Returns 0 if successful,
nonzero otherwise. WARNING: Mode argument is likely to change with
the eventual introduction of an ACL service.
.SH NOTES
In the presence of concurrency, there is a very small chance that
.I acl_add
or
.I acl_delete
could report success even though it would have
had no effect. This is a necessary side effect of using lock files
for concurrency control rather than flock(2), which is not supported
by NFS.
.PP
The current implementation caches ACLs in memory in a hash-table
format for increased efficiency in checking membership; one effect of
the caching scheme is that one file descriptor will be kept open for
each ACL cached, up to a maximum of 8.
.SH SEE ALSO
kerberos(3), krb_get_lrealm(3)
.SH AUTHOR
James Aspnes (MIT Project Athena)

541
eBones/acl/acl_files.c Normal file
View file

@ -0,0 +1,541 @@
/*
*
* Copyright 1987,1989 by the Massachusetts Institute of Technology.
*
* For copying and distribution information, please see the file
* <mit-copyright.h>.
*
* from: acl_files.c,v 4.4 89/12/19 13:30:53 jtkohl Exp $
* $Id: acl_files.c,v 1.2 1994/07/19 19:21:18 g89r4222 Exp $
*/
#ifndef lint
static char rcsid[] =
"$Id: acl_files.c,v 1.2 1994/07/19 19:21:18 g89r4222 Exp $";
#endif lint
/*** Routines for manipulating access control list files ***/
#include <stdio.h>
#include <strings.h>
#include <sys/file.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/errno.h>
#include <ctype.h>
#include "krb.h"
__BEGIN_DECLS
static int acl_abort __P((char *, FILE *));
__END_DECLS
#ifndef KRB_REALM
#define KRB_REALM "ATHENA.MIT.EDU"
#endif
/* "aname.inst@realm" */
#define MAX_PRINCIPAL_SIZE (ANAME_SZ + INST_SZ + REALM_SZ + 3)
#define INST_SEP '.'
#define REALM_SEP '@'
#define LINESIZE 2048 /* Maximum line length in an acl file */
#define NEW_FILE "%s.~NEWACL~" /* Format for name of altered acl file */
#define WAIT_TIME 300 /* Maximum time allowed write acl file */
#define CACHED_ACLS 8 /* How many acls to cache */
/* Each acl costs 1 open file descriptor */
#define ACL_LEN 16 /* Twice a reasonable acl length */
#define MAX(a,b) (((a)>(b))?(a):(b))
#define MIN(a,b) (((a)<(b))?(a):(b))
#define COR(a,b) ((a!=NULL)?(a):(b))
extern int errno;
extern char *malloc(), *calloc();
extern time_t time();
/* Canonicalize a principal name */
/* If instance is missing, it becomes "" */
/* If realm is missing, it becomes the local realm */
/* Canonicalized form is put in canon, which must be big enough to hold
MAX_PRINCIPAL_SIZE characters */
acl_canonicalize_principal(principal, canon)
char *principal;
char *canon;
{
char *dot, *atsign, *end;
int len;
dot = index(principal, INST_SEP);
atsign = index(principal, REALM_SEP);
/* Maybe we're done already */
if(dot != NULL && atsign != NULL) {
if(dot < atsign) {
/* It's for real */
/* Copy into canon */
strncpy(canon, principal, MAX_PRINCIPAL_SIZE);
canon[MAX_PRINCIPAL_SIZE-1] = '\0';
return;
} else {
/* Nope, it's part of the realm */
dot = NULL;
}
}
/* No such luck */
end = principal + strlen(principal);
/* Get the principal name */
len = MIN(ANAME_SZ, COR(dot, COR(atsign, end)) - principal);
strncpy(canon, principal, len);
canon += len;
/* Add INST_SEP */
*canon++ = INST_SEP;
/* Get the instance, if it exists */
if(dot != NULL) {
++dot;
len = MIN(INST_SZ, COR(atsign, end) - dot);
strncpy(canon, dot, len);
canon += len;
}
/* Add REALM_SEP */
*canon++ = REALM_SEP;
/* Get the realm, if it exists */
/* Otherwise, default to local realm */
if(atsign != NULL) {
++atsign;
len = MIN(REALM_SZ, end - atsign);
strncpy(canon, atsign, len);
canon += len;
*canon++ = '\0';
} else if(krb_get_lrealm(canon, 1) != KSUCCESS) {
strcpy(canon, KRB_REALM);
}
}
/* Get a lock to modify acl_file */
/* Return new FILE pointer */
/* or NULL if file cannot be modified */
/* REQUIRES WRITE PERMISSION TO CONTAINING DIRECTORY */
static FILE *acl_lock_file(acl_file)
char *acl_file;
{
struct stat s;
char new[LINESIZE];
int nfd;
FILE *nf;
int mode;
if(stat(acl_file, &s) < 0) return(NULL);
mode = s.st_mode;
sprintf(new, NEW_FILE, acl_file);
for(;;) {
/* Open the new file */
if((nfd = open(new, O_WRONLY|O_CREAT|O_EXCL, mode)) < 0) {
if(errno == EEXIST) {
/* Maybe somebody got here already, maybe it's just old */
if(stat(new, &s) < 0) return(NULL);
if(time(0) - s.st_ctime > WAIT_TIME) {
/* File is stale, kill it */
unlink(new);
continue;
} else {
/* Wait and try again */
sleep(1);
continue;
}
} else {
/* Some other error, we lose */
return(NULL);
}
}
/* If we got to here, the lock file is ours and ok */
/* Reopen it under stdio */
if((nf = fdopen(nfd, "w")) == NULL) {
/* Oops, clean up */
unlink(new);
}
return(nf);
}
}
/* Commit changes to acl_file written onto FILE *f */
/* Returns zero if successful */
/* Returns > 0 if lock was broken */
/* Returns < 0 if some other error occurs */
/* Closes f */
static int acl_commit(acl_file, f)
char *acl_file;
FILE *f;
{
char new[LINESIZE];
int ret;
struct stat s;
sprintf(new, NEW_FILE, acl_file);
if(fflush(f) < 0
|| fstat(fileno(f), &s) < 0
|| s.st_nlink == 0) {
acl_abort(acl_file, f);
return(-1);
}
ret = rename(new, acl_file);
fclose(f);
return(ret);
}
/*
* Abort changes to acl_file written onto FILE *f
* Returns 0 if successful, < 0 otherwise
* Closes f
*/
static int
acl_abort(acl_file, f)
char *acl_file;
FILE *f;
{
char new[LINESIZE];
int ret;
struct stat s;
/* make sure we aren't nuking someone else's file */
if(fstat(fileno(f), &s) < 0 || s.st_nlink == 0) {
fclose(f);
return(-1);
} else {
sprintf(new, NEW_FILE, acl_file);
ret = unlink(new);
fclose(f);
return(ret);
}
}
/* Initialize an acl_file */
/* Creates the file with permissions perm if it does not exist */
/* Erases it if it does */
/* Returns return value of acl_commit */
int acl_initialize(acl_file, perm)
char *acl_file;
int perm;
{
FILE *new;
int fd;
/* Check if the file exists already */
if((new = acl_lock_file(acl_file)) != NULL) {
return(acl_commit(acl_file, new));
} else {
/* File must be readable and writable by owner */
if((fd = open(acl_file, O_CREAT|O_EXCL, perm|0600)) < 0) {
return(-1);
} else {
close(fd);
return(0);
}
}
}
/* Eliminate all whitespace character in buf */
/* Modifies its argument */
static nuke_whitespace(buf)
char *buf;
{
register char *pin, *pout;
for(pin = pout = buf; *pin != '\0'; pin++)
if(!isspace(*pin)) *pout++ = *pin;
*pout = '\0'; /* Terminate the string */
}
/* Hash table stuff */
struct hashtbl {
int size; /* Max number of entries */
int entries; /* Actual number of entries */
char **tbl; /* Pointer to start of table */
};
/* Make an empty hash table of size s */
static struct hashtbl *make_hash(size)
int size;
{
struct hashtbl *h;
if(size < 1) size = 1;
h = (struct hashtbl *) malloc(sizeof(struct hashtbl));
h->size = size;
h->entries = 0;
h->tbl = (char **) calloc(size, sizeof(char *));
return(h);
}
/* Destroy a hash table */
static destroy_hash(h)
struct hashtbl *h;
{
int i;
for(i = 0; i < h->size; i++) {
if(h->tbl[i] != NULL) free(h->tbl[i]);
}
free(h->tbl);
free(h);
}
/* Compute hash value for a string */
static unsigned hashval(s)
register char *s;
{
register unsigned hv;
for(hv = 0; *s != '\0'; s++) {
hv ^= ((hv << 3) ^ *s);
}
return(hv);
}
/* Add an element to a hash table */
static add_hash(h, el)
struct hashtbl *h;
char *el;
{
unsigned hv;
char *s;
char **old;
int i;
/* Make space if it isn't there already */
if(h->entries + 1 > (h->size >> 1)) {
old = h->tbl;
h->tbl = (char **) calloc(h->size << 1, sizeof(char *));
for(i = 0; i < h->size; i++) {
if(old[i] != NULL) {
hv = hashval(old[i]) % (h->size << 1);
while(h->tbl[hv] != NULL) hv = (hv+1) % (h->size << 1);
h->tbl[hv] = old[i];
}
}
h->size = h->size << 1;
free(old);
}
hv = hashval(el) % h->size;
while(h->tbl[hv] != NULL && strcmp(h->tbl[hv], el)) hv = (hv+1) % h->size;
s = malloc(strlen(el)+1);
strcpy(s, el);
h->tbl[hv] = s;
h->entries++;
}
/* Returns nonzero if el is in h */
static check_hash(h, el)
struct hashtbl *h;
char *el;
{
unsigned hv;
for(hv = hashval(el) % h->size;
h->tbl[hv] != NULL;
hv = (hv + 1) % h->size) {
if(!strcmp(h->tbl[hv], el)) return(1);
}
return(0);
}
struct acl {
char filename[LINESIZE]; /* Name of acl file */
int fd; /* File descriptor for acl file */
struct stat status; /* File status at last read */
struct hashtbl *acl; /* Acl entries */
};
static struct acl acl_cache[CACHED_ACLS];
static int acl_cache_count = 0;
static int acl_cache_next = 0;
/* Returns < 0 if unsuccessful in loading acl */
/* Returns index into acl_cache otherwise */
/* Note that if acl is already loaded, this is just a lookup */
static int acl_load(name)
char *name;
{
int i;
FILE *f;
struct stat s;
char buf[MAX_PRINCIPAL_SIZE];
char canon[MAX_PRINCIPAL_SIZE];
/* See if it's there already */
for(i = 0; i < acl_cache_count; i++) {
if(!strcmp(acl_cache[i].filename, name)
&& acl_cache[i].fd >= 0) goto got_it;
}
/* It isn't, load it in */
/* maybe there's still room */
if(acl_cache_count < CACHED_ACLS) {
i = acl_cache_count++;
} else {
/* No room, clean one out */
i = acl_cache_next;
acl_cache_next = (acl_cache_next + 1) % CACHED_ACLS;
close(acl_cache[i].fd);
if(acl_cache[i].acl) {
destroy_hash(acl_cache[i].acl);
acl_cache[i].acl = (struct hashtbl *) 0;
}
}
/* Set up the acl */
strcpy(acl_cache[i].filename, name);
if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1);
/* Force reload */
acl_cache[i].acl = (struct hashtbl *) 0;
got_it:
/*
* See if the stat matches
*
* Use stat(), not fstat(), as the file may have been re-created by
* acl_add or acl_delete. If this happens, the old inode will have
* no changes in the mod-time and the following test will fail.
*/
if(stat(acl_cache[i].filename, &s) < 0) return(-1);
if(acl_cache[i].acl == (struct hashtbl *) 0
|| s.st_nlink != acl_cache[i].status.st_nlink
|| s.st_mtime != acl_cache[i].status.st_mtime
|| s.st_ctime != acl_cache[i].status.st_ctime) {
/* Gotta reload */
if(acl_cache[i].fd >= 0) close(acl_cache[i].fd);
if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1);
if((f = fdopen(acl_cache[i].fd, "r")) == NULL) return(-1);
if(acl_cache[i].acl) destroy_hash(acl_cache[i].acl);
acl_cache[i].acl = make_hash(ACL_LEN);
while(fgets(buf, sizeof(buf), f) != NULL) {
nuke_whitespace(buf);
acl_canonicalize_principal(buf, canon);
add_hash(acl_cache[i].acl, canon);
}
fclose(f);
acl_cache[i].status = s;
}
return(i);
}
/* Returns nonzero if it can be determined that acl contains principal */
/* Principal is not canonicalized, and no wildcarding is done */
acl_exact_match(acl, principal)
char *acl;
char *principal;
{
int idx;
return((idx = acl_load(acl)) >= 0
&& check_hash(acl_cache[idx].acl, principal));
}
/* Returns nonzero if it can be determined that acl contains principal */
/* Recognizes wildcards in acl of the form
name.*@realm, *.*@realm, and *.*@* */
acl_check(acl, principal)
char *acl;
char *principal;
{
char buf[MAX_PRINCIPAL_SIZE];
char canon[MAX_PRINCIPAL_SIZE];
char *realm;
acl_canonicalize_principal(principal, canon);
/* Is it there? */
if(acl_exact_match(acl, canon)) return(1);
/* Try the wildcards */
realm = index(canon, REALM_SEP);
*index(canon, INST_SEP) = '\0'; /* Chuck the instance */
sprintf(buf, "%s.*%s", canon, realm);
if(acl_exact_match(acl, buf)) return(1);
sprintf(buf, "*.*%s", realm);
if(acl_exact_match(acl, buf) || acl_exact_match(acl, "*.*@*")) return(1);
return(0);
}
/* Adds principal to acl */
/* Wildcards are interpreted literally */
acl_add(acl, principal)
char *acl;
char *principal;
{
int idx;
int i;
FILE *new;
char canon[MAX_PRINCIPAL_SIZE];
acl_canonicalize_principal(principal, canon);
if((new = acl_lock_file(acl)) == NULL) return(-1);
if((acl_exact_match(acl, canon))
|| (idx = acl_load(acl)) < 0) {
acl_abort(acl, new);
return(-1);
}
/* It isn't there yet, copy the file and put it in */
for(i = 0; i < acl_cache[idx].acl->size; i++) {
if(acl_cache[idx].acl->tbl[i] != NULL) {
if(fputs(acl_cache[idx].acl->tbl[i], new) == NULL
|| putc('\n', new) != '\n') {
acl_abort(acl, new);
return(-1);
}
}
}
fputs(canon, new);
putc('\n', new);
return(acl_commit(acl, new));
}
/* Removes principal from acl */
/* Wildcards are interpreted literally */
acl_delete(acl, principal)
char *acl;
char *principal;
{
int idx;
int i;
FILE *new;
char canon[MAX_PRINCIPAL_SIZE];
acl_canonicalize_principal(principal, canon);
if((new = acl_lock_file(acl)) == NULL) return(-1);
if((!acl_exact_match(acl, canon))
|| (idx = acl_load(acl)) < 0) {
acl_abort(acl, new);
return(-1);
}
/* It isn't there yet, copy the file and put it in */
for(i = 0; i < acl_cache[idx].acl->size; i++) {
if(acl_cache[idx].acl->tbl[i] != NULL
&& strcmp(acl_cache[idx].acl->tbl[i], canon)) {
fputs(acl_cache[idx].acl->tbl[i], new);
putc('\n', new);
}
}
return(acl_commit(acl, new));
}

107
eBones/acl/acl_files.doc Normal file
View file

@ -0,0 +1,107 @@
PROTOTYPE ACL LIBRARY
Introduction
An access control list (ACL) is a list of principals, where each
principal is is represented by a text string which cannot contain
whitespace. The library allows application programs to refer to named
access control lists to test membership and to atomically add and
delete principals using a natural and intuitive interface. At
present, the names of access control lists are required to be Unix
filenames, and refer to human-readable Unix files; in the future, when
a networked ACL server is implemented, the names may refer to a
different namespace specific to the ACL service.
Usage
cc <files> -lacl -lkrb.
Principal Names
Principal names have the form
<name>[.<instance>][@<realm>]
e.g.
asp
asp.root
asp@ATHENA.MIT.EDU
asp.@ATHENA.MIT.EDU
asp.root@ATHENA.MIT.EDU
It is possible for principals to be underspecified. If instance is
missing, it is assumed to be "". If realm is missing, it is assumed
to be local_realm. The canonical form contains all of name, instance,
and realm; the acl_add and acl_delete routines will always
leave the file in that form. Note that the canonical form of
asp@ATHENA.MIT.EDU is actually asp.@ATHENA.MIT.EDU.
Routines
acl_canonicalize_principal(principal, buf)
char *principal;
char *buf; /*RETVAL*/
Store the canonical form of principal in buf. Buf must contain enough
space to store a principal, given the limits on the sizes of name,
instance, and realm specified in /usr/include/krb.h.
acl_check(acl, principal)
char *acl;
char *principal;
Returns nonzero if principal appears in acl. Returns 0 if principal
does not appear in acl, or if an error occurs. Canonicalizes
principal before checking, and allows the ACL to contain wildcards.
acl_exact_match(acl, principal)
char *acl;
char *principal;
Like acl_check, but does no canonicalization or wildcarding.
acl_add(acl, principal)
char *acl;
char *principal;
Atomically adds principal to acl. Returns 0 if successful, nonzero
otherwise. It is considered a failure if principal is already in acl.
This routine will canonicalize principal, but will treat wildcards
literally.
acl_delete(acl, principal)
char *acl;
char *principal;
Atomically deletes principal from acl. Returns 0 if successful,
nonzero otherwise. It is consider a failure if principal is not
already in acl. This routine will canonicalize principal, but will
treat wildcards literally.
acl_initialize(acl, mode)
char *acl;
int mode;
Initialize acl. If acl file does not exist, creates it with mode
mode. If acl exists, removes all members. Returns 0 if successful,
nonzero otherwise. WARNING: Mode argument is likely to change with
the eventual introduction of an ACL service.
Known problems
In the presence of concurrency, there is a very small chance that
acl_add or acl_delete could report success even though it would have
had no effect. This is a necessary side effect of using lock files
for concurrency control rather than flock(2), which is not supported
by NFS.
The current implementation caches ACLs in memory in a hash-table
format for increased efficiency in checking membership; one effect of
the caching scheme is that one file descriptor will be kept open for
each ACL cached, up to a maximum of 8.

15
eBones/compile_et/Makefile Normal file
View file

@ -0,0 +1,15 @@
# From: @(#)Makefile 5.1 (Berkeley) 6/25/90
# $Id: Makefile,v 1.2 1994/07/19 19:21:23 g89r4222 Exp $
PROG= compile_et
CFLAGS+=-I. -I${.CURDIR}
SRCS= compile_et.c error_message.c et_name.c init_et.c perror.c
OBJS+= error_table.o
DPADD= ${LIBL}
LDADD= -ll
CLEANFILES=et_lex.lex.c y.tab.c y.tab.h error_table.c
NOMAN= noman
error_table.c: et_lex.lex.c
.include <bsd.prog.mk>

172
eBones/compile_et/compile_et.c Normal file
View file

@ -0,0 +1,172 @@
/*
*
* Copyright 1986, 1987 by MIT Student Information Processing Board
* For copyright info, see "Copyright.SIPB".
*
* $Id: compile_et.c,v 1.2 1994/07/19 19:21:24 g89r4222 Exp $
*/
#include <stdio.h>
#include <sys/file.h>
#include <strings.h>
#include <sys/param.h>
static char copyright[] = "Copyright 1987 by MIT Student Information Processing Board";
extern char *gensym();
extern char *current_token;
extern int table_number, current;
char buffer[BUFSIZ];
char *table_name = (char *)NULL;
FILE *hfile, *cfile;
/* C library */
extern char *malloc();
extern int errno;
/* lex stuff */
extern FILE *yyin;
extern int yylineno;
/* pathnames */
char c_file[MAXPATHLEN]; /* temporary file */
char h_file[MAXPATHLEN]; /* output */
char o_file[MAXPATHLEN]; /* output */
char et_file[MAXPATHLEN]; /* input */
main(argc, argv)
int argc;
char **argv;
{
register char *p;
int n_flag = 0, debug = 0;
while (argc > 2) {
register char *arg, ch;
arg = argv[--argc];
if (strlen(arg) != 2 || arg[0] != '-')
goto usage;
ch = arg[1];
if (ch == 'n')
n_flag++;
else if (ch == 'd')
debug++;
else
goto usage;
}
if (argc != 2) {
usage:
fprintf(stderr, "Usage: %s et_file [-n]\n", argv[0]);
exit(1);
}
strcpy(et_file, argv[1]);
p = rindex(et_file, '/');
if (p == (char *)NULL)
p = et_file;
else
p++;
p = rindex(p, '.');
if (!strcmp(p, ".et"))
*++p = '\0';
else {
if (!p)
p = et_file;
while (*p)
p++;
*p++ = '.';
*p = '\0';
}
/* p points at null where suffix should be */
strcpy(p, "et.c");
strcpy(c_file, et_file);
p[0] = 'h';
p[1] = '\0';
strcpy(h_file, et_file);
p[0] = 'o';
strcpy(o_file, et_file);
p[0] = 'e';
p[1] = 't';
p[2] = '\0';
yyin = fopen(et_file, "r");
if (!yyin) {
perror(et_file);
exit(1);
}
hfile = fopen(h_file, "w");
if (hfile == (FILE *)NULL) {
perror(h_file);
exit(1);
}
cfile = fopen(c_file, "w");
if (cfile == (FILE *)NULL) {
perror("Can't open temp file");
exit(1);
}
/* parse it */
fputs("#define NULL 0\n", cfile);
fputs("static char *_et[] = {\n", cfile);
yyparse();
fclose(yyin); /* bye bye input file */
fputs("\t(char *)0\n};\n", cfile);
fputs("extern int init_error_table();\n\n", cfile);
fprintf(cfile, "int %s_err_base = %d;\n\n", table_name, table_number);
fprintf(cfile, "int\ninit_%s_err_tbl()\n", table_name);
fprintf(cfile, "{\n\treturn(init_error_table(_et, %d, %d));\n}\n",
table_number, current);
fclose(cfile);
fputs("extern int init_", hfile);
fputs(table_name, hfile);
fputs("_err_tbl();\nextern int ", hfile);
fputs(table_name, hfile);
fputs("_err_base;\n", hfile);
fclose(hfile); /* bye bye hfile */
if (n_flag)
exit(0);
if (!fork()) {
p = rindex(c_file, '/');
if (p) {
*p++ = '\0';
chdir(c_file);
}
else
p = c_file;
execlp("cc", "cc", "-c", "-R", "-O", p, 0);
perror("cc");
exit(1);
}
else wait(0);
if (!debug)
(void) unlink(c_file);
/* make it .o file name */
c_file[strlen(c_file)-1] = 'o';
if (!fork()) {
execlp("cp", "cp", c_file, o_file, 0);
perror("cp");
exit(1);
}
else wait(0);
if (!debug)
(void) unlink(c_file);
exit(0);
}
yyerror(s)
char *s;
{
fputs(s, stderr);
fprintf(stderr, "\nLine number %d; last token was '%s'\n",
yylineno, current_token);
}

77
eBones/compile_et/error_message.c Normal file
View file

@ -0,0 +1,77 @@
/*
* Copyright 1987 by the Student Information Processing Board
* of the Massachusetts Institute of Technology
* For copyright info, see "Copyright.SIPB".
*
* from: error_message.c,v 1.1 86/11/10 21:34:34 spook Exp $
* $Id: error_message.c,v 1.3 1994/09/09 21:43:22 g89r4222 Exp $
*/
#include <stdio.h>
#include "error_table.h"
extern int sys_nerr;
static char buffer[25];
char *
error_message(code)
int code;
{
register int offset;
register error_table **et;
register int table_num;
register int div;
register char *cp;
offset = code & ((1<<ERRCODE_RANGE)-1);
table_num = code - offset;
if ((_et_list == (error_table **)NULL) && table_num)
goto oops;
if (!table_num) {
if (offset < sys_nerr)
return(sys_errlist[offset]);
else
goto oops;
}
for (et = _et_list; *et != (error_table *)NULL; et++) {
if ((*et)->base == table_num) {
/* This is the right table */
if ((*et)->n_msgs <= offset)
goto oops;
return((*et)->msgs[offset]);
}
}
oops:
cp = buffer;
{
register char *cp1;
for (cp1 = "Unknown code "; *cp1; cp1++, cp++)
*cp = *cp1;
if (table_num) {
for (cp1 = error_table_name(table_num); *cp1; cp1++, cp++)
*cp = *cp1;
*cp++ = ' ';
*cp = '\0';
}
}
div = 1000000000;
if (offset == 0) {
*cp++ = '0';
*cp = '\0';
return(buffer);
}
while (div > offset)
div /= 10;
do {
register int n = offset / div;
*cp++ = '0' + n;
offset -= n * div;
div /= 10;
} while (offset && div);
while (div) {
*cp++ = '0';
div /= 10;
}
*cp = '\0';
return(buffer);
}

17
eBones/compile_et/error_table.h Normal file
View file

@ -0,0 +1,17 @@
#ifndef _ET
extern int errno;
typedef struct {
char **msgs;
int base;
int n_msgs;
} error_table;
extern error_table **_et_list;
#define ERROR_CODE "int" /* type used for error codes */
#define ERRCODE_RANGE 8 /* # of bits to shift table number */
#define BITS_PER_CHAR 6 /* # bits to shift per character in name */
extern char *error_table_name();
#define _ET
#endif

205
eBones/compile_et/error_table.y Normal file
View file

@ -0,0 +1,205 @@
%{
#include <stdio.h>
char *str_concat(), *ds(), *quote(), *malloc(), *realloc();
char *current_token = (char *)NULL;
extern char *table_name;
%}
%union {
char *dynstr;
}
%token ERROR_TABLE ERROR_CODE_ENTRY END
%token <dynstr> STRING QUOTED_STRING
%type <dynstr> ec_name description table_id
%{
%}
%start error_table
%%
error_table : ERROR_TABLE table_id error_codes END
{ table_name = ds($2);
current_token = table_name;
put_ecs(); }
;
table_id : STRING
{ current_token = $1;
set_table_num($1);
$$ = $1; }
;
error_codes : error_codes ec_entry
| ec_entry
;
ec_entry : ERROR_CODE_ENTRY ec_name ',' description
{ add_ec($2, $4);
free($2);
free($4); }
| ERROR_CODE_ENTRY ec_name '=' STRING ',' description
{ add_ec_val($2, $4, $6);
free($2);
free($4);
free($6);
}
;
ec_name : STRING
{ $$ = ds($1);
current_token = $$; }
;
description : QUOTED_STRING
{ $$ = ds($1);
current_token = $$; }
;
%%
/*
* Copyright 1986, 1987 by the MIT Student Information Processing Board
* For copyright info, see Copyright.SIPB.
*/
#include <stdlib.h>
#include <strings.h>
#include <ctype.h>
#include <sys/types.h>
#include <sys/time.h>
#include "error_table.h"
extern FILE *hfile, *cfile;
static long gensym_n = 0;
char *
gensym(x)
char *x;
{
char *symbol;
if (!gensym_n) {
struct timeval tv;
struct timezone tzp;
gettimeofday(&tv, &tzp);
gensym_n = (tv.tv_sec%10000)*100 + tv.tv_usec/10000;
}
symbol = malloc(32 * sizeof(char));
gensym_n++;
sprintf(symbol, "et%ld", gensym_n);
return(symbol);
}
char *
ds(string)
char *string;
{
char *rv;
rv = malloc(strlen(string)+1);
strcpy(rv, string);
return(rv);
}
char *
quote(string)
char *string;
{
char *rv;
rv = malloc(strlen(string)+3);
strcpy(rv, "\"");
strcat(rv, string);
strcat(rv, "\"");
return(rv);
}
int table_number;
int current = 0;
char **error_codes = (char **)NULL;
add_ec(name, description)
char *name, *description;
{
fprintf(cfile, "\t\"%s\",\n", description);
if (error_codes == (char **)NULL) {
error_codes = (char **)malloc(sizeof(char *));
*error_codes = (char *)NULL;
}
error_codes = (char **)realloc((char *)error_codes,
(current + 2)*sizeof(char *));
error_codes[current++] = ds(name);
error_codes[current] = (char *)NULL;
}
add_ec_val(name, val, description)
char *name, *val, *description;
{
int ncurrent = atoi(val);
if (ncurrent < current) {
printf("Error code %s (%d) out of order", name,
current);
return;
}
while (ncurrent > current)
fputs("\t(char *)NULL,\n", cfile), current++;
fprintf(cfile, "\t\"%s\",\n", description);
if (error_codes == (char **)NULL) {
error_codes = (char **)malloc(sizeof(char *));
*error_codes = (char *)NULL;
}
error_codes = (char **)realloc((char *)error_codes,
(current + 2)*sizeof(char *));
error_codes[current++] = ds(name);
error_codes[current] = (char *)NULL;
}
put_ecs()
{
int i;
for (i = 0; i < current; i++) {
if (error_codes[i] != (char *)NULL)
fprintf(hfile, "#define %-40s ((%s)%d)\n",
error_codes[i], ERROR_CODE, table_number + i);
}
}
/*
* char_to_num -- maps letters and numbers into a small numbering space
* uppercase -> 1-26
* lowercase -> 27-52
* digits -> 53-62
* underscore-> 63
*/
int
char_to_num(c)
char c;
{
if (isupper(c))
return(c-'A'+1);
else if (islower(c))
return(c-'a'+27);
else if (isdigit(c))
return(c-'0'+53);
else {
fprintf(stderr, "Illegal character in name: %c\n", c);
exit(1);
/*NOTREACHED*/
}
}
set_table_num(string)
char *string;
{
if (strlen(string) > 4) {
fprintf(stderr, "Table name %s too long, truncated ",
string);
string[4] = '\0';
fprintf(stderr, "to %s\n", string);
}
while (*string != '\0') {
table_number = (table_number << BITS_PER_CHAR)
+ char_to_num(*string);
string++;
}
table_number = table_number << ERRCODE_RANGE;
}
#include "et_lex.lex.c"

29
eBones/compile_et/et_lex.lex.l Normal file
View file

@ -0,0 +1,29 @@
%{
extern int yylineno;
int yylineno = 1;
%}
PC [^\"\n]
AN [A-Z_a-z0-9]
%%
error_table return ERROR_TABLE;
et return ERROR_TABLE;
error_code return ERROR_CODE_ENTRY;
ec return ERROR_CODE_ENTRY;
end return END;
[\t ]+ ;
\n ++yylineno;
\"{PC}*\" { register char *p; yylval.dynstr = ds(yytext+1);
if (p=rindex(yylval.dynstr, '"')) *p='\0';
return QUOTED_STRING;
}
{AN}* { yylval.dynstr = ds(yytext); return STRING; }
#.*\n ++yylineno;
. { return (*yytext); }
%%

44
eBones/compile_et/et_name.c Normal file
View file

@ -0,0 +1,44 @@
/*
* Copyright 1987 by MIT Student Information Processing Board
* For copyright info, see Copyright.SIPB.
*
* $Id: et_name.c,v 1.2 1994/07/19 19:21:27 g89r4222 Exp $
*/
#include "error_table.h"
static char copyright[] = "Copyright 1987 by MIT Student Information Processing Board";
char *malloc();
char *
error_table_name(num)
int num;
{
register int ch;
register int i;
register char *buf, *p;
/* num = aa aaa abb bbb bcc ccc cdd ddd d?? ??? ??? */
buf = malloc(5);
p = buf;
num >>= ERRCODE_RANGE;
/* num = ?? ??? ??? aaa aaa bbb bbb ccc ccc ddd ddd */
num &= 077777777;
/* num = 00 000 000 aaa aaa bbb bbb ccc ccc ddd ddd */
for (i = 0; i < 5; i++) {
ch = (num >> 24-6*i) & 077;
if (ch == 0)
continue;
else if (ch < 27)
*p++ = ch - 1 + 'A';
else if (ch < 53)
*p++ = ch - 27 + 'a';
else if (ch < 63)
*p++ = ch - 53 + '0';
else /* ch == 63 */
*p++ = '_';
}
return(buf);
}

67
eBones/compile_et/init_et.c Normal file
View file

@ -0,0 +1,67 @@
/*
* Copyright 1986 by MIT Information Systems and
* MIT Student Information Processing Board
* For copyright info, see Copyright.SIPB.
*
* form: init_et.c,v 1.1 86/11/10 21:42:26 spook Exp $
* $Id: init_et.c,v 1.2 1994/07/19 19:21:28 g89r4222 Exp $
*/
#include <stdio.h>
#include "error_table.h"
static char copyright[] = "Copyright 1987 by MIT Student Information Processing Board";
extern char *malloc(), *realloc();
/* useful */
typedef error_table *etp;
typedef etp *etpp;
etpp _et_list = (etpp)NULL;
static int n_allocated = 0, n_used = 0;
int
init_error_table(msgs, base, count)
char **msgs;
register int base;
int count;
{
register int i;
register etp new_et;
register etpp list;
if (!base || !count || !msgs)
return;
new_et = (etp)malloc(sizeof(error_table));
new_et->msgs = msgs;
new_et->base = base;
new_et->n_msgs= count;
list = _et_list;
if (list == (etpp)NULL) {
_et_list = (etpp) malloc(10*sizeof(etp));
list = _et_list;
if (list == (etpp)NULL)
return; /* oops */
list[0] = new_et;
list[1] = (etp)NULL;
n_allocated = 10;
n_used = 1;
return;
}
for (i = 0; i < n_used; i++)
if (list[i]->base == base)
return; /* avoid duplicates */
if (n_used+2 > n_allocated) {
n_allocated += 10; /* don't re-allocate too often */
list = (etpp) realloc((char *)list,
(unsigned)n_allocated * sizeof(etp));
_et_list = list;
if (list == (etpp)NULL)
return; /* oops */
}
list[n_used++] = new_et;
list[n_used] = (etp)NULL;
}

76
eBones/compile_et/perror.c Normal file
View file

@ -0,0 +1,76 @@
/*
* Copyright 1987 by MIT Student Information Processing Board
* For copyright info, see Copyright.SIPB
*
* $Id: perror.c,v 1.2 1994/07/19 19:21:30 g89r4222 Exp $
*/
#include <stdio.h>
#include <sys/types.h>
#include <sys/uio.h>
#include "error_table.h"
typedef int (*int_func)();
#if defined(mips) && defined(ultrix)
int errno; /* this is needed to keep the loader from complaining */
#endif
int_func com_err_hook = (int_func) NULL;
char *error_message();
void
com_err(whoami, code, message)
char *whoami;
int code;
char *message;
{
struct iovec strings[6];
if (com_err_hook) {
(*com_err_hook)(whoami, code, message);
return;
}
strings[0].iov_base = whoami;
strings[0].iov_len = strlen(whoami);
if (whoami) {
strings[1].iov_base = ": ";
strings[1].iov_len = 2;
} else
strings[1].iov_len = 0;
if (code) {
register char *errmsg = error_message(code);
strings[2].iov_base = errmsg;
strings[2].iov_len = strlen(errmsg);
} else
strings[2].iov_len = 0;
strings[3].iov_base = " ";
strings[3].iov_len = 1;
strings[4].iov_base = message;
strings[4].iov_len = strlen(message);
strings[5].iov_base = "\n";
strings[5].iov_len = 1;
(void) writev(2, strings, 6);
}
int_func
set_com_err_hook(new_proc)
int_func new_proc;
{
register int_func x = com_err_hook;
com_err_hook = new_proc;
return (x);
}
reset_com_err_hook()
{
com_err_hook = (int_func) NULL;
}
void
perror(msg)
register const char *msg;
{
com_err(msg, errno, (char *)NULL);
}

43
eBones/compile_et/test/test.c Normal file
View file

@ -0,0 +1,43 @@
#include <stdio.h>
#include <errno.h>
#include "test1.h"
#include "test2.h"
char *error_message();
extern int sys_nerr, errno;
main()
{
printf("\nBefore initiating error table:\n\n");
printf("Table name '%s'\n", error_table_name(KRB_MK_AP_TGTEXP));
printf("UNIX name '%s'\n", error_table_name(EPERM));
printf("Msg TGT-expired is '%s'\n", error_message(KRB_MK_AP_TGTEXP));
printf("Msg EPERM is '%s'\n", error_message(EPERM));
printf("Msg FOO_ERR is '%s'\n", error_message(FOO_ERR));
printf("Msg {sys_nerr-1} is '%s'\n", error_message(sys_nerr-1));
printf("Msg {sys_nerr} is '%s'\n", error_message(sys_nerr));
init_error_table(0, 0, 0);
printf("With 0: tgt-expired -> %s\n", error_message(KRB_MK_AP_TGTEXP));
init_krb_err_tbl();
printf("KRB error table initialized: base %d (%s), name %s\n",
krb_err_base, error_message(krb_err_base),
error_table_name(krb_err_base));
printf("With krb: tgt-expired -> %s\n",
error_message(KRB_MK_AP_TGTEXP));
init_quux_err_tbl();
printf("QUUX error table initialized: base %d (%s), name %s\n",
quux_err_base, error_message(quux_err_base),
error_table_name(quux_err_base));
printf("Msg for TGT-expired is '%s'\n",
error_message(KRB_MK_AP_TGTEXP));
printf("Msg {sys_nerr-1} is '%s'\n", error_message(sys_nerr-1));
printf("Msg FOO_ERR is '%s'\n", error_message(FOO_ERR));
printf("Msg KRB_SKDC_CANT is '%s'\n",
error_message(KRB_SKDC_CANT));
printf("Msg 1e6 is '%s'\n", error_message(1000000));
errno = FOO_ERR;
perror("FOO_ERR");
}

69
eBones/compile_et/test/test1.et Normal file
View file

@ -0,0 +1,69 @@
error_table krb
error_code KRB_MK_AP_TKFIL,
"Can't read ticket file"
ec KRB_MK_AP_NOTKT,
"Can't find ticket or TGT"
ec KRB_MK_AP_TGTEXP,
"TGT expired"
ec KRB_RD_AP_UNDEC,
"Can't decode authenticator"
ec KRB_RD_AP_EXP,
"Ticket expired"
ec KRB_RD_AP_REPEAT,
"Repeated request"
ec KRB_RD_AP_NOT_US,
"The ticket isn't for us"
ec KRB_RD_AP_INCON,
"Request is inconsistent"
ec KRB_RD_AP_TIME,
"Delta-T too big"
ec KRB_RD_AP_BADD,
"Incorrect net address"
ec KRB_RD_AP_VERSION,
"Protocol version mismatch"
ec KRB_RD_AP_MSG_TYPE,
"Invalid message type"
ec KRB_RD_AP_MODIFIED,
"Message stream modified"
ec KRB_RD_AP_ORDER,
"Message out of order"
ec KRB_RD_AP_UNAUTHOR,
"Unauthorized request"
ec KRB_GT_PW_NULL,
"Current password is null"
ec KRB_GT_PW_BADPW,
"Incorrect current password"
ec KRB_GT_PW_PROT,
"Protocol error"
ec KRB_GT_PW_KDCERR,
"Error returned by KDC"
ec KRB_GT_PW_NULLTKT,
"Null ticket returned by KDC"
ec KRB_SKDC_RETRY,
"Retry count exceeded"
ec KRB_SKDC_CANT,
"Can't send request"
end

9
eBones/compile_et/test/test2.et Normal file
View file

@ -0,0 +1,9 @@
error_table quux
ec FOO_ERR, "foo"
ec BAR_ERR, "bar"
ec BAZ_ERR, "meow"
end

58
eBones/des/3cbc_enc.c Normal file
View file

@ -0,0 +1,58 @@
/* 3cbc_enc.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: 3cbc_enc.c,v 1.2 1994/07/19 19:21:37 g89r4222 Exp $
*/
#include "des_locl.h"
int des_3cbc_encrypt(input,output,length,ks1,ks2,iv1,iv2,encrypt)
des_cblock *input;
des_cblock *output;
long length;
des_key_schedule ks1,ks2;
des_cblock *iv1,*iv2;
int encrypt;
{
int off=length/8-1;
des_cblock niv1,niv2;
printf("3cbc\n");
xp(iv1);
xp(iv1);
xp(iv2);
xp(input);
if (encrypt == DES_ENCRYPT)
{
des_cbc_encrypt(input,output,length,ks1,iv1,encrypt);
if (length >= sizeof(des_cblock))
bcopy(output[off],niv1,sizeof(des_cblock));
des_cbc_encrypt(output,output,length,ks2,iv1,!encrypt);
des_cbc_encrypt(output,output,length,ks1,iv2, encrypt);
if (length >= sizeof(des_cblock))
bcopy(output[off],niv2,sizeof(des_cblock));
bcopy(niv1,*iv1,sizeof(des_cblock));
}
else
{
if (length >= sizeof(des_cblock))
bcopy(input[off],niv1,sizeof(des_cblock));
des_cbc_encrypt(input,output,length,ks1,iv1,encrypt);
des_cbc_encrypt(output,output,length,ks2,iv2,!encrypt);
if (length >= sizeof(des_cblock))
bcopy(output[off],niv2,sizeof(des_cblock));
des_cbc_encrypt(output,output,length,ks1,iv2, encrypt);
}
bcopy(niv1,iv1,sizeof(des_cblock));
bcopy(niv2,iv2,sizeof(des_cblock));
xp(iv1);
xp(iv1);
xp(iv2);
xp(output);
return(0);
}
xp(a)
unsigned char *a;
{ int i; for(i=0; i<8; i++) printf("%02X",a[i]);printf("\n");}

35
eBones/des/3ecb_enc.c Normal file
View file

@ -0,0 +1,35 @@
/* 3ecb_enc.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: 3ecb_enc.c,v 1.2 1994/07/19 19:21:38 g89r4222 Exp $
*/
#include "des_locl.h"
int des_3ecb_encrypt(input,output,ks1,ks2,encrypt)
des_cblock *input;
des_cblock *output;
des_key_schedule ks1,ks2;
int encrypt;
{
register unsigned long l0,l1,t;
register unsigned char *in,*out;
unsigned long ll[2];
in=(unsigned char *)input;
out=(unsigned char *)output;
c2l(in,l0);
c2l(in,l1);
ll[0]=l0;
ll[1]=l1;
des_encrypt(ll,ll,ks1,encrypt);
des_encrypt(ll,ll,ks2,!encrypt);
des_encrypt(ll,ll,ks1,encrypt);
l0=ll[0];
l1=ll[1];
l2c(l0,out);
l2c(l1,out);
return(0);
}

17
eBones/des/MISSING Normal file
View file

@ -0,0 +1,17 @@
# $Id: MISSING,v 1.2 1994/07/19 19:21:40 g89r4222 Exp $
The following symbols (you can find in the USA libdes) are still missing
in this source.
_des_cblock_print_file
_des_generate_random_block
_des_init_random_number_generator
_des_new_random_key
_des_set_random_generator_seed
_des_set_sequence_number
_des_check_key_parity
_des_fixup_key_parity
_des_debug
# END

27
eBones/des/Makefile Normal file
View file

@ -0,0 +1,27 @@
# @(#)Makefile 5.4 (Berkeley) 5/7/91
# $Id: Makefile,v 1.4 1994/09/09 21:43:30 g89r4222 Exp $
LIB= des
SRCS= cbc_cksm.c cbc_enc.c ecb_enc.c enc_read.c enc_writ.c pcbc_enc.c \
qud_cksm.c rand_key.c read_pwd.c set_key.c str2key.c \
cfb_enc.c 3ecb_enc.c ofb_enc.c 3cbc_enc.c
#MAN1= des.1
#MAN3= des.3
#LINKS= crypt
CFLAGS+= -DDES_ENCRYPT -DKRBDES_ENCRYPT
# Kerberos 4?
#CFLAGS+=-DKRB4
#SRCS+= kerberos.c
# Kerberos 5?
#CFLAGS+= -DKRB5
#SRCS+= kerberos5.c
CFLAGS+= -I${.CURDIR}/include -DAUTHENTICATE
SHLIB_MAJOR?= 2
SHLIB_MINOR?= 0
.include "/usr/src/lib/Makefile.inc"
.include <bsd.lib.mk>

55
eBones/des/cbc_cksm.c Normal file
View file

@ -0,0 +1,55 @@
/* cbc_cksm.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: cbc_cksm.c,v 1.2 1994/07/19 19:21:45 g89r4222 Exp $
*/
#include "des_locl.h"
unsigned long des_cbc_cksum(input,output,length,schedule,ivec)
des_cblock *input;
des_cblock *output;
long length;
des_key_schedule schedule;
des_cblock *ivec;
{
register unsigned long tout0,tout1,tin0,tin1;
register long l=length;
unsigned long tin[2],tout[2];
unsigned char *in,*out,*iv;
in=(unsigned char *)input;
out=(unsigned char *)output;
iv=(unsigned char *)ivec;
c2l(iv,tout0);
c2l(iv,tout1);
for (; l>0; l-=8)
{
if (l >= 8)
{
c2l(in,tin0);
c2l(in,tin1);
}
else
c2ln(in,tin0,tin1,l);
tin0^=tout0;
tin1^=tout1;
tin[0]=tin0;
tin[1]=tin1;
des_encrypt((unsigned long *)tin,(unsigned long *)tout,
schedule,DES_ENCRYPT);
/* fix 15/10/91 eay - thanks to keithr@sco.COM */
tout0=tout[0];
tout1=tout[1];
}
if (out != NULL)
{
l2c(tout0,out);
l2c(tout1,out);
}
tout0=tin0=tin1=tin[0]=tin[1]=tout[0]=tout[1]=0;
return(tout1);
}

83
eBones/des/cbc_enc.c Normal file
View file

@ -0,0 +1,83 @@
/* cbc_enc.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: cbc_enc.c,v 1.2 1994/07/19 19:21:47 g89r4222 Exp $
*/
#include "des_locl.h"
int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt)
des_cblock *input;
des_cblock *output;
long length;
des_key_schedule schedule;
des_cblock *ivec;
int encrypt;
{
register unsigned long tin0,tin1;
register unsigned long tout0,tout1,xor0,xor1;
register unsigned char *in,*out;
register long l=length;
unsigned long tout[2],tin[2];
unsigned char *iv;
in=(unsigned char *)input;
out=(unsigned char *)output;
iv=(unsigned char *)ivec;
if (encrypt)
{
c2l(iv,tout0);
c2l(iv,tout1);
for (; l>0; l-=8)
{
if (l >= 8)
{
c2l(in,tin0);
c2l(in,tin1);
}
else
c2ln(in,tin0,tin1,l);
tin0^=tout0;
tin1^=tout1;
tin[0]=tin0;
tin[1]=tin1;
des_encrypt((unsigned long *)tin,(unsigned long *)tout,
schedule,encrypt);
tout0=tout[0];
tout1=tout[1];
l2c(tout0,out);
l2c(tout1,out);
}
}
else
{
c2l(iv,xor0);
c2l(iv,xor1);
for (; l>0; l-=8)
{
c2l(in,tin0);
c2l(in,tin1);
tin[0]=tin0;
tin[1]=tin1;
des_encrypt((unsigned long *)tin,(unsigned long *)tout,
schedule,encrypt);
tout0=tout[0]^xor0;
tout1=tout[1]^xor1;
if (l >= 8)
{
l2c(tout0,out);
l2c(tout1,out);
}
else
l2cn(tout0,tout1,out,l);
xor0=tin0;
xor1=tin1;
}
}
tin0=tin1=tout0=tout1=xor0=xor1=0;
tin[0]=tin[1]=tout[0]=tout[1]=0;
return(0);
}

110
eBones/des/cfb_enc.c Normal file
View file

@ -0,0 +1,110 @@
/* cfb_enc.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: cfb_enc.c,v 1.2 1994/07/19 19:21:48 g89r4222 Exp $
*/
#include "des_locl.h"
/* The input and output are loaded in multiples of 8 bits.
* What this means is that if you hame numbits=12 and length=2
* the first 12 bits will be retrieved from the first byte and half
* the second. The second 12 bits will come from the 3rd and half the 4th
* byte.
*/
int des_cfb_encrypt(in,out,numbits,length,schedule,ivec,encrypt)
unsigned char *in,*out;
int numbits;
long length;
des_key_schedule schedule;
des_cblock *ivec;
int encrypt;
{
register unsigned long d0,d1,v0,v1,n=(numbits+7)/8;
register unsigned long mask0,mask1;
register long l=length;
register int num=numbits;
unsigned long ti[2],to[2];
unsigned char *iv;
if (num > 64) return(0);
if (num > 32)
{
mask0=0xffffffff;
if (num == 64)
mask1=mask0;
else
mask1=(1L<<(num-32))-1;
}
else
{
if (num == 32)
mask0=0xffffffff;
else
mask0=(1L<<num)-1;
mask1=0x00000000;
}
iv=(unsigned char *)ivec;
c2l(iv,v0);
c2l(iv,v1);
if (encrypt)
{
while (l-- > 0)
{
ti[0]=v0;
ti[1]=v1;
des_encrypt((unsigned long *)ti,(unsigned long *)to,
schedule,DES_ENCRYPT);
c2ln(in,d0,d1,n);
in+=n;
d0=(d0^to[0])&mask0;
d1=(d1^to[1])&mask1;
l2cn(d0,d1,out,n);
out+=n;
if (num > 32)
{
v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffff;
v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffff;
}
else
{
v0=((v0>>num)|(v1<<(32-num)))&0xffffffff;
v1=((v1>>num)|(d0<<(32-num)))&0xffffffff;
}
}
}
else
{
while (l-- > 0)
{
ti[0]=v0;
ti[1]=v1;
des_encrypt((unsigned long *)ti,(unsigned long *)to,
schedule,DES_ENCRYPT);
c2ln(in,d0,d1,n);
in+=n;
if (num > 32)
{
v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffff;
v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffff;
}
else
{
v0=((v0>>num)|(v1<<(32-num)))&0xffffffff;
v1=((v1>>num)|(d0<<(32-num)))&0xffffffff;
}
d0=(d0^to[0])&mask0;
d1=(d1^to[1])&mask1;
l2cn(d0,d1,out,n);
out+=n;
}
}
iv=(unsigned char *)ivec;
l2c(v0,iv);
l2c(v1,iv);
v0=v1=d0=d1=ti[0]=ti[1]=to[0]=to[1]=0;
return(0);
}

503
eBones/des/des.3 Normal file
View file

@ -0,0 +1,503 @@
.\" $Id: des.3,v 1.2 1994/07/19 19:21:50 g89r4222 Exp $
.TH DES_CRYPT 3
.SH NAME
des_read_password, des_read_2password,
des_string_to_key, des_string_to_2key, des_read_pw_string,
des_random_key, des_set_key,
des_key_sched, des_ecb_encrypt, des_3ecb_encrypt, des_cbc_encrypt,
des_3cbc_encrypt,
des_pcbc_encrypt, des_cfb_encrypt, des_ofb_encrypt,
des_cbc_cksum, des_quad_cksum,
des_enc_read, des_enc_write, des_set_odd_parity,
des_is_weak_key, crypt \- (non USA) DES encryption
.SH SYNOPSIS
.nf
.nj
.ft B
#include <des.h>
.PP
.B int des_read_password(key,prompt,verify)
des_cblock *key;
char *prompt;
int verify;
.PP
.B int des_read_2password(key1,key2,prompt,verify)
des_cblock *key1,*key2;
char *prompt;
int verify;
.PP
.B int des_string_to_key(str,key)
char *str;
des_cblock *key;
.PP
.B int des_string_to_2keys(str,key1,key2)
char *str;
des_cblock *key1,*key2;
.PP
.B int des_read_pw_string(buf,length,prompt,verify)
char *buf;
int length;
char *prompt;
int verify;
.PP
.B int des_random_key(key)
des_cblock *key;
.PP
.B int des_set_key(key,schedule)
des_cblock *key;
des_key_schedule schedule;
.PP
.B int des_key_sched(key,schedule)
des_cblock *key;
des_key_schedule schedule;
.PP
.B int des_ecb_encrypt(input,output,schedule,encrypt)
des_cblock *input;
des_cblock *output;
des_key_schedule schedule;
int encrypt;
.PP
.B int des_3ecb_encrypt(input,output,ks1,ks2,encrypt)
des_cblock *input;
des_cblock *output;
des_key_schedule ks1,ks2;
int encrypt;
.PP
.B int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt)
des_cblock *input;
des_cblock *output;
long length;
des_key_schedule schedule;
des_cblock *ivec;
int encrypt;
.PP
.B int des_3cbc_encrypt(input,output,length,sk1,sk2,ivec1,ivec2,encrypt)
des_cblock *input;
des_cblock *output;
long length;
des_key_schedule sk1;
des_key_schedule sk2;
des_cblock *ivec1;
des_cblock *ivec2;
int encrypt;
.PP
.B int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt)
des_cblock *input;
des_cblock *output;
long length;
des_key_schedule schedule;
des_cblock *ivec;
int encrypt;
.PP
.B int des_cfb_encrypt(input,output,numbits,length,schedule,ivec,encrypt)
unsigned char *input;
unsigned char *output;
int numbits;
long length;
des_key_schedule schedule;
des_cblock *ivec;
int encrypt;
.PP
.B int des_ofb_encrypt(input,output,numbits,length,schedule,ivec)
unsigned char *input,*output;
int numbits;
long length;
des_key_schedule schedule;
des_cblock *ivec;
.PP
.B unsigned long des_cbc_cksum(input,output,length,schedule,ivec)
des_cblock *input;
des_cblock *output;
long length;
des_key_schedule schedule;
des_cblock *ivec;
.PP
.B unsigned long des_quad_cksum(input,output,length,out_count,seed)
des_cblock *input;
des_cblock *output;
long length;
int out_count;
des_cblock *seed;
.PP
.B int des_check_key;
.PP
.B int des_enc_read(fd,buf,len,sched,iv)
int fd;
char *buf;
int len;
des_key_schedule sched;
des_cblock *iv;
.PP
.B int des_enc_write(fd,buf,len,sched,iv)
int fd;
char *buf;
int len;
des_key_schedule sched;
des_cblock *iv;
.PP
.B extern int des_rw_mode;
.PP
.B void des_set_odd_parity(key)
des_cblock *key;
.PP
.B int des_is_weak_key(key)
des_cblock *key;
.PP
.B char *crypt(passwd,salt)
char *passwd;
char *salt;
.PP
.fi
.SH DESCRIPTION
This library contains a fast implementation of the DES encryption
algorithm.
.PP
There are two phases to the use of DES encryption.
The first is the generation of a
.I des_key_schedule
from a key,
the second is the actual encryption.
A des key is of type
.I des_cblock.
This type is made from 8 characters with odd parity.
The least significant bit in the character is the parity bit.
The key schedule is an expanded form of the key; it is used to speed the
encryption process.
.PP
.I des_read_password
writes the string specified by prompt to the standard output,
turns off echo and reads an input string from standard input
until terminated with a newline.
If verify is non-zero, it prompts and reads the input again and verifies
that both entered passwords are the same.
The entered string is converted into a des key by using the
.I des_string_to_key
routine.
The new key is placed in the
.I des_cblock
that was passed (by reference) to the routine.
If there were no errors,
.I des_read_password
returns 0,
-1 is returned if there was a terminal error and 1 is returned for
any other error.
.PP
.I des_read_2password
operates in the same way as
.I des_read_password
except that it generates 2 keys by using the
.I des_string_to_2key
function.
.PP
.I des_read_pw_string
is called by
.I des_read_password
to read and verify a string from a terminal device.
The string is returned in
.I buf.
The size of
.I buf
is passed to the routine via the
.I length
parameter.
.PP
.I des_string_to_key
converts a string into a valid des key.
.PP
.I des_string_to_2key
converts a string into 2 valid des keys.
This routine is best suited for used to generate keys for use with
.I des_3ecb_encrypt.
.PP
.I des_random_key
returns a random key that is made of a combination of process id,
time and an increasing counter.
.PP
Before a des key can be used it is converted into a
.I des_key_schedule
via the
.I des_set_key
routine.
If the
.I des_check_key
flag is non-zero,
.I des_set_key
will check that the key passed is of odd parity and is not a week or
semi-weak key.
If the parity is wrong,
then -1 is returned.
If the key is a weak key,
then -2 is returned.
If an error is returned,
the key schedule is not generated.
.PP
.I des_key_sched
is another name for the
.I des_set_key
function.
.PP
The following routines mostly operate on an input and output stream of
.I des_cblock's.
.PP
.I des_ecb_encrypt
is the basic DES encryption routine that encrypts or decrypts a single 8-byte
.I des_cblock
in
.I electronic code book
mode.
It always transforms the input data, pointed to by
.I input,
into the output data,
pointed to by the
.I output
argument.
If the
.I encrypt
argument is non-zero (DES_ENCRYPT),
the
.I input
(cleartext) is encrypted in to the
.I output
(ciphertext) using the key_schedule specified by the
.I schedule
argument,
previously set via
.I des_set_key.
If
.I encrypt
is zero (DES_DECRYPT),
the
.I input
(now ciphertext)
is decrypted into the
.I output
(now cleartext).
Input and output may overlap.
No meaningful value is returned.
.PP
.I des_3ecb_encrypt
encrypts/decrypts the
.I input
block by using triple ecb DES encryption.
This involves encrypting the input with
.I ks1,
decryption with the key schedule
.I ks2,
and then encryption with the first again.
This routine greatly reduces the chances of brute force breaking of
DES and has the advantage of if
.I ks1
and
.I ks2
are the same, it is equivalent to just encryption using ecb mode and
.I ks1
as the key.
.PP
.I des_cbc_encrypt
encrypts/decrypts using the
.I cipher-block-chaining
mode of DES.
If the
.I encrypt
argument is non-zero,
the routine cipher-block-chain encrypts the cleartext data pointed to by the
.I input
argument into the ciphertext pointed to by the
.I output
argument,
using the key schedule provided by the
.I schedule
argument,
and initialisation vector provided by the
.I ivec
argument.
If the
.I length
argument is not an integral multiple of eight bytes,
the last block is copied to a temporary area and zero filled.
The output is always
an integral multiple of eight bytes.
To make multiple cbc encrypt calls on a large amount of data appear to
be one
.I des_cbc_encrypt
call, the
.I ivec
of subsequent calls should be the last 8 bytes of the output.
.PP
.I des_3cbc_encrypt
encrypts/decrypts the
.I input
block by using triple cbc DES encryption.
This involves encrypting the input with key schedule
.I ks1,
decryption with the key schedule
.I ks2,
and then encryption with the first again.
2 initialisation vectors are required,
.I ivec1
and
.I ivec2.
Unlike
.I des_cbc_encrypt,
these initialisation vectors are modified by the subroutine.
This routine greatly reduces the chances of brute force breaking of
DES and has the advantage of if
.I ks1
and
.I ks2
are the same, it is equivalent to just encryption using cbc mode and
.I ks1
as the key.
.PP
.I des_pcbc_encrypt
encrypt/decrypts using a modified block chaining mode.
It provides better error propagation characteristics than cbc
encryption.
.PP
.I des_cfb_encrypt
encrypt/decrypts using cipher feedback mode. This method takes an
array of characters as input and outputs and array of characters. It
does not require any padding to 8 character groups. Note: the ivec
variable is changed and the new changed value needs to be passed to
the next call to this function. Since this function runs a complete
DES ecb encryption per numbits, this function is only suggested for
use when sending small numbers of characters.
.PP
.I des_ofb_encrypt
encrypt using output feedback mode. This method takes an
array of characters as input and outputs and array of characters. It
does not require any padding to 8 character groups. Note: the ivec
variable is changed and the new changed value needs to be passed to
the next call to this function. Since this function runs a complete
DES ecb encryption per numbits, this function is only suggested for
use when sending small numbers of characters.
.PP
.I des_cbc_cksum
produces an 8 byte checksum based on the input stream (via cbc encryption).
The last 4 bytes of the checksum is returned and the complete 8 bytes is
placed in
.I output.
.PP
.I des_quad_cksum
returns a 4 byte checksum from the input bytes.
The algorithm can be iterated over the input,
depending on
.I out_count,
1, 2, 3 or 4 times.
If
.I output
is non-NULL,
the 8 bytes generated by each pass are written into
.I output.
.PP
.I des_enc_write
is used to write
.I len
bytes
to file descriptor
.I fd
from buffer
.I buf.
The data is encrypted via
.I pcbc_encrypt
(default) using
.I sched
for the key and
.I iv
as a starting vector.
The actual data send down
.I fd
consists of 4 bytes (in network byte order) containing the length of the
following encrypted data. The encrypted data then follows, padded with random
data out to a multiple of 8 bytes.
.PP
.I des_enc_read
is used to read
.I len
bytes
from file descriptor
.I fd
into buffer
.I buf.
The data being read from
.I fd
is assumed to have come from
.I des_enc_write
and is decrypted using
.I sched
for the key schedule and
.I iv
for the initial vector.
The
.I des_enc_read/des_enc_write
pair can be used to read/write to files, pipes and sockets.
I have used them in implementing a version of rlogin in which all
data is encrypted.
.PP
.I des_rw_mode
is used to specify the encryption mode to use with
.I des_enc_read
and
.I des_end_write.
If set to
.I DES_PCBC_MODE
(the default), des_pcbc_encrypt is used.
If set to
.I DES_CBC_MODE
des_cbc_encrypt is used.
These two routines and the variable are not part of the normal MIT library.
.PP
.I des_set_odd_parity
sets the parity of the passed
.I key
to odd. This routine is not part of the standard MIT library.
.PP
.I des_is_weak_key
returns 1 is the passed key is a weak key (pick again :-),
0 if it is ok.
This routine is not part of the standard MIT library.
.PP
.I crypt
is a replacement for the normal system crypt.
It is much faster than the system crypt.
.PP
.SH FILES
/usr/include/des.h
.br
/usr/lib/libdes.a
.PP
The encryption routines have been tested on 16bit, 32bit and 64bit
machines of various endian and even works under VMS.
.PP
.SH BUGS
.PP
If you think this manual is sparse,
read the des_crypt(3) manual from the MIT kerberos (or bones outside
of the USA) distribution.
.PP
.I des_cfb_encrypt
and
.I des_ofb_encrypt
operates on input of 8 bits. What this means is that if you set
numbits to 12, and length to 2, the first 12 bits will come from the 1st
input byte and the low half of the second input byte. The second 12
bits will have the low 8 bits taken from the 3rd input byte and the
top 4 bits taken from the 4th input byte. The same holds for output.
This function has been implemented this way because most people will
be using a multiple of 8 and because once you get into pulling bytes input
bytes apart things get ugly!
.PP
.I des_read_pw_string
is the most machine/OS dependent function and normally generates the
most problems when porting this code.
.PP
.I des_string_to_key
is probably different from the MIT version since there are lots
of fun ways to implement one-way encryption of a text string.
.PP
The routines are optimised for 32 bit machines and so are not efficient
on IBM PCs.
.SH AUTHOR
Eric Young (eay@psych.psy.uq.oz.au),
Psychology Department,
University of Queensland, Australia.

105
eBones/des/docs.original/ARTISTIC Normal file
View file

@ -0,0 +1,105 @@
The "Artistic License"
Preamble
The intent of this document is to state the conditions under which a
Package may be copied, such that the Copyright Holder maintains some
semblance of artistic control over the development of the package,
while giving the users of the package the right to use and distribute
the Package in a more-or-less customary fashion, plus the right to make
reasonable modifications.
Definitions:
"Package" refers to the collection of files distributed by the
Copyright Holder, and derivatives of that collection of files
created through textual modification.
"Standard Version" refers to such a Package if it has not been
modified, or has been modified in accordance with the wishes
of the Copyright Holder as specified below.
"Copyright Holder" is whoever is named in the copyright or
copyrights for the package.
"You" is you, if you're thinking about copying or distributing
this Package.
"Reasonable copying fee" is whatever you can justify on the
basis of media cost, duplication charges, time of people involved,
and so on. (You will not be required to justify it to the
Copyright Holder, but only to the computing community at large
as a market that must bear the fee.)
"Freely Available" means that no fee is charged for the item
itself, though there may be fees involved in handling the item.
It also means that recipients of the item may redistribute it
under the same conditions they received it.
1. You may make and give away verbatim copies of the source form of the
Standard Version of this Package without restriction, provided that you
duplicate all of the original copyright notices and associated disclaimers.
2. You may apply bug fixes, portability fixes and other modifications
derived from the Public Domain or from the Copyright Holder. A Package
modified in such a way shall still be considered the Standard Version.
3. You may otherwise modify your copy of this Package in any way, provided
that you insert a prominent notice in each changed file stating how and
when you changed that file, and provided that you do at least ONE of the
following:
a) place your modifications in the Public Domain or otherwise make them
Freely Available, such as by posting said modifications to Usenet or
an equivalent medium, or placing the modifications on a major archive
site such as uunet.uu.net, or by allowing the Copyright Holder to include
your modifications in the Standard Version of the Package.
b) use the modified Package only within your corporation or organization.
c) rename any non-standard executables so the names do not conflict
with standard executables, which must also be provided, and provide
a separate manual page for each non-standard executable that clearly
documents how it differs from the Standard Version.
d) make other distribution arrangements with the Copyright Holder.
4. You may distribute the programs of this Package in object code or
executable form, provided that you do at least ONE of the following:
a) distribute a Standard Version of the executables and library files,
together with instructions (in the manual page or equivalent) on where
to get the Standard Version.
b) accompany the distribution with the machine-readable source of
the Package with your modifications.
c) give non-standard executables non-standard names, and clearly
document the differences in manual pages (or equivalent), together
with instructions on where to get the Standard Version.
d) make other distribution arrangements with the Copyright Holder.
5. You may charge a reasonable copying fee for any distribution of this
Package. You may charge any fee you choose for support of this
Package. You may not charge a fee for this Package itself. However,
you may distribute this Package in aggregate with other (possibly
commercial) programs as part of a larger (possibly commercial) software
distribution provided that you do not advertise this Package as a
product of your own.
6. Any programs linked with this library do not automatically fall
under the copyright of this Package, but belong to whomever generated
them, and may be sold commercially, and may be aggregated with this
Package.
7. The name of the Copyright Holder may not be used to endorse or promote
products derived from this software without specific prior written permission.
8. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
The End

16
eBones/des/docs.original/CHANGES Normal file
View file

@ -0,0 +1,16 @@
The main changes in this package since it was last posted to
comp.sources.misc are
The main changes are
- Major changes to the Copyright restrictions.
- Lots and lots of features added to the des(1) command, including
- Triple DES, both triple ECB and triple CBC options.
- uuencodeing/uudecoding built in to des(1).
- generate checksums.
- hex keys.
- Cleaned up the prototypes in des.h
- Filenames are now mostly <= 8 characters long.
- OFB, CFB, triple ECB and triple CBC modes of DES added to the library.
- Compiles and runs of all 64bit machines I could test the code on
(Cray, ETA10, DEC Alpha).
- It really does work with kerberos v 4 now :-).

489
eBones/des/docs.original/COPYING Normal file
View file

@ -0,0 +1,489 @@
Copyright (C) 1993 Eric Young
This is a DES implementation written by Eric Young (eay@psych.psy.uq.oz.au)
The implementation was written so as to conform with the manual entry
for the des_crypt(3) library routines from MIT's project Athena.
GNU LIBRARY GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1991 Free Software Foundation, Inc.
675 Mass Ave, Cambridge, MA 02139, USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
[This is the first released version of the library GPL. It is
numbered 2 because it goes with version 2 of the ordinary GPL.]
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
Licenses are intended to guarantee your freedom to share and change
free software--to make sure the software is free for all its users.
This license, the Library General Public License, applies to some
specially designated Free Software Foundation software, and to any
other libraries whose authors decide to use it. You can use it for
your libraries, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if
you distribute copies of the library, or if you modify it.
For example, if you distribute copies of the library, whether gratis
or for a fee, you must give the recipients all the rights that we gave
you. You must make sure that they, too, receive or can get the source
code. If you link a program with the library, you must provide
complete object files to the recipients so that they can relink them
with the library, after making changes to the library and recompiling
it. And you must show them these terms so they know their rights.
Our method of protecting your rights has two steps: (1) copyright
the library, and (2) offer you this license which gives you legal
permission to copy, distribute and/or modify the library.
Also, for each distributor's protection, we want to make certain
that everyone understands that there is no warranty for this free
library. If the library is modified by someone else and passed on, we
want its recipients to know that what they have is not the original
version, so that any problems introduced by others will not reflect on
the original authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that companies distributing free
software will individually obtain patent licenses, thus in effect
transforming the program into proprietary software. To prevent this,
we have made it clear that any patent must be licensed for everyone's
free use or not licensed at all.
Most GNU software, including some libraries, is covered by the ordinary
GNU General Public License, which was designed for utility programs. This
license, the GNU Library General Public License, applies to certain
designated libraries. This license is quite different from the ordinary
one; be sure to read it in full, and don't assume that anything in it is
the same as in the ordinary license.
The reason we have a separate public license for some libraries is that
they blur the distinction we usually make between modifying or adding to a
program and simply using it. Linking a program with a library, without
changing the library, is in some sense simply using the library, and is
analogous to running a utility program or application program. However, in
a textual and legal sense, the linked executable is a combined work, a
derivative of the original library, and the ordinary General Public License
treats it as such.
Because of this blurred distinction, using the ordinary General
Public License for libraries did not effectively promote software
sharing, because most developers did not use the libraries. We
concluded that weaker conditions might promote sharing better.
However, unrestricted linking of non-free programs would deprive the
users of those programs of all benefit from the free status of the
libraries themselves. This Library General Public License is intended to
permit developers of non-free programs to use free libraries, while
preserving your freedom as a user of such programs to change the free
libraries that are incorporated in them. (We have not seen how to achieve
this as regards changes in header files, but we have achieved it as regards
changes in the actual functions of the Library.) The hope is that this
will lead to faster development of free libraries.
The precise terms and conditions for copying, distribution and
modification follow. Pay close attention to the difference between a
"work based on the library" and a "work that uses the library". The
former contains code derived from the library, while the latter only
works together with the library.
Note that it is possible for a library to be covered by the ordinary
General Public License rather than by this special one.
GNU LIBRARY GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License Agreement applies to any software library which
contains a notice placed by the copyright holder or other authorized
party saying it may be distributed under the terms of this Library
General Public License (also called "this License"). Each licensee is
addressed as "you".
A "library" means a collection of software functions and/or data
prepared so as to be conveniently linked with application programs
(which use some of those functions and data) to form executables.
The "Library", below, refers to any such software library or work
which has been distributed under these terms. A "work based on the
Library" means either the Library or any derivative work under
copyright law: that is to say, a work containing the Library or a
portion of it, either verbatim or with modifications and/or translated
straightforwardly into another language. (Hereinafter, translation is
included without limitation in the term "modification".)
"Source code" for a work means the preferred form of the work for
making modifications to it. For a library, complete source code means
all the source code for all modules it contains, plus any associated
interface definition files, plus the scripts used to control compilation
and installation of the library.
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running a program using the Library is not restricted, and output from
such a program is covered only if its contents constitute a work based
on the Library (independent of the use of the Library in a tool for
writing it). Whether that is true depends on what the Library does
and what the program that uses the Library does.
1. You may copy and distribute verbatim copies of the Library's
complete source code as you receive it, in any medium, provided that
you conspicuously and appropriately publish on each copy an
appropriate copyright notice and disclaimer of warranty; keep intact
all the notices that refer to this License and to the absence of any
warranty; and distribute a copy of this License along with the
Library.
You may charge a fee for the physical act of transferring a copy,
and you may at your option offer warranty protection in exchange for a
fee.
2. You may modify your copy or copies of the Library or any portion
of it, thus forming a work based on the Library, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) The modified work must itself be a software library.
b) You must cause the files modified to carry prominent notices
stating that you changed the files and the date of any change.
c) You must cause the whole of the work to be licensed at no
charge to all third parties under the terms of this License.
d) If a facility in the modified Library refers to a function or a
table of data to be supplied by an application program that uses
the facility, other than as an argument passed when the facility
is invoked, then you must make a good faith effort to ensure that,
in the event an application does not supply such function or
table, the facility still operates, and performs whatever part of
its purpose remains meaningful.
(For example, a function in a library to compute square roots has
a purpose that is entirely well-defined independent of the
application. Therefore, Subsection 2d requires that any
application-supplied function or table used by this function must
be optional: if the application does not supply it, the square
root function must still compute square roots.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Library,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Library, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote
it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Library.
In addition, mere aggregation of another work not based on the Library
with the Library (or with a work based on the Library) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may opt to apply the terms of the ordinary GNU General Public
License instead of this License to a given copy of the Library. To do
this, you must alter all the notices that refer to this License, so
that they refer to the ordinary GNU General Public License, version 2,
instead of to this License. (If a newer version than version 2 of the
ordinary GNU General Public License has appeared, then you can specify
that version instead if you wish.) Do not make any other change in
these notices.
Once this change is made in a given copy, it is irreversible for
that copy, so the ordinary GNU General Public License applies to all
subsequent copies and derivative works made from that copy.
This option is useful when you wish to copy part of the code of
the Library into a program that is not a library.
4. You may copy and distribute the Library (or a portion or
derivative of it, under Section 2) in object code or executable form
under the terms of Sections 1 and 2 above provided that you accompany
it with the complete corresponding machine-readable source code, which
must be distributed under the terms of Sections 1 and 2 above on a
medium customarily used for software interchange.
If distribution of object code is made by offering access to copy
from a designated place, then offering equivalent access to copy the
source code from the same place satisfies the requirement to
distribute the source code, even though third parties are not
compelled to copy the source along with the object code.
5. A program that contains no derivative of any portion of the
Library, but is designed to work with the Library by being compiled or
linked with it, is called a "work that uses the Library". Such a
work, in isolation, is not a derivative work of the Library, and
therefore falls outside the scope of this License.
However, linking a "work that uses the Library" with the Library
creates an executable that is a derivative of the Library (because it
contains portions of the Library), rather than a "work that uses the
library". The executable is therefore covered by this License.
Section 6 states terms for distribution of such executables.
When a "work that uses the Library" uses material from a header file
that is part of the Library, the object code for the work may be a
derivative work of the Library even though the source code is not.
Whether this is true is especially significant if the work can be
linked without the Library, or if the work is itself a library. The
threshold for this to be true is not precisely defined by law.
If such an object file uses only numerical parameters, data
structure layouts and accessors, and small macros and small inline
functions (ten lines or less in length), then the use of the object
file is unrestricted, regardless of whether it is legally a derivative
work. (Executables containing this object code plus portions of the
Library will still fall under Section 6.)
Otherwise, if the work is a derivative of the Library, you may
distribute the object code for the work under the terms of Section 6.
Any executables containing that work also fall under Section 6,
whether or not they are linked directly with the Library itself.
6. As an exception to the Sections above, you may also compile or
link a "work that uses the Library" with the Library to produce a
work containing portions of the Library, and distribute that work
under terms of your choice, provided that the terms permit
modification of the work for the customer's own use and reverse
engineering for debugging such modifications.
You must give prominent notice with each copy of the work that the
Library is used in it and that the Library and its use are covered by
this License. You must supply a copy of this License. If the work
during execution displays copyright notices, you must include the
copyright notice for the Library among them, as well as a reference
directing the user to the copy of this License. Also, you must do one
of these things:
a) Accompany the work with the complete corresponding
machine-readable source code for the Library including whatever
changes were used in the work (which must be distributed under
Sections 1 and 2 above); and, if the work is an executable linked
with the Library, with the complete machine-readable "work that
uses the Library", as object code and/or source code, so that the
user can modify the Library and then relink to produce a modified
executable containing the modified Library. (It is understood
that the user who changes the contents of definitions files in the
Library will not necessarily be able to recompile the application
to use the modified definitions.)
b) Accompany the work with a written offer, valid for at
least three years, to give the same user the materials
specified in Subsection 6a, above, for a charge no more
than the cost of performing this distribution.
c) If distribution of the work is made by offering access to copy
from a designated place, offer equivalent access to copy the above
specified materials from the same place.
d) Verify that the user has already received a copy of these
materials or that you have already sent this user a copy.
For an executable, the required form of the "work that uses the
Library" must include any data and utility programs needed for
reproducing the executable from it. However, as a special exception,
the source code distributed need not include anything that is normally
distributed (in either source or binary form) with the major
components (compiler, kernel, and so on) of the operating system on
which the executable runs, unless that component itself accompanies
the executable.
It may happen that this requirement contradicts the license
restrictions of other proprietary libraries that do not normally
accompany the operating system. Such a contradiction means you cannot
use both them and the Library together in an executable that you
distribute.
7. You may place library facilities that are a work based on the
Library side-by-side in a single library together with other library
facilities not covered by this License, and distribute such a combined
library, provided that the separate distribution of the work based on
the Library and of the other library facilities is otherwise
permitted, and provided that you do these two things:
a) Accompany the combined library with a copy of the same work
based on the Library, uncombined with any other library
facilities. This must be distributed under the terms of the
Sections above.
b) Give prominent notice with the combined library of the fact
that part of it is a work based on the Library, and explaining
where to find the accompanying uncombined form of the same work.
8. You may not copy, modify, sublicense, link with, or distribute
the Library except as expressly provided under this License. Any
attempt otherwise to copy, modify, sublicense, link with, or
distribute the Library is void, and will automatically terminate your
rights under this License. However, parties who have received copies,
or rights, from you under this License will not have their licenses
terminated so long as such parties remain in full compliance.
9. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Library or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Library (or any work based on the
Library), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Library or works based on it.
10. Each time you redistribute the Library (or any work based on the
Library), the recipient automatically receives a license from the
original licensor to copy, distribute, link with or modify the Library
subject to these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
11. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Library at all. For example, if a patent
license would not permit royalty-free redistribution of the Library by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Library.
If any portion of this section is held invalid or unenforceable under any
particular circumstance, the balance of the section is intended to apply,
and the section as a whole is intended to apply in other circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
12. If the distribution and/or use of the Library is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Library under this License may add
an explicit geographical distribution limitation excluding those countries,
so that distribution is permitted only in or among countries not thus
excluded. In such case, this License incorporates the limitation as if
written in the body of this License.
13. The Free Software Foundation may publish revised and/or new
versions of the Library General Public License from time to time.
Such new versions will be similar in spirit to the present version,
but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Library
specifies a version number of this License which applies to it and
"any later version", you have the option of following the terms and
conditions either of that version or of any later version published by
the Free Software Foundation. If the Library does not specify a
license version number, you may choose any version ever published by
the Free Software Foundation.
14. If you wish to incorporate parts of the Library into other free
programs whose distribution conditions are incompatible with these,
write to the author to ask for permission. For software which is
copyrighted by the Free Software Foundation, write to the Free
Software Foundation; we sometimes make exceptions for this. Our
decision will be guided by the two goals of preserving the free status
of all derivatives of our free software and of promoting the sharing
and reuse of software generally.
NO WARRANTY
15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
END OF TERMS AND CONDITIONS
Appendix: How to Apply These Terms to Your New Libraries
If you develop a new library, and you want it to be of the greatest
possible use to the public, we recommend making it free software that
everyone can redistribute and change. You can do so by permitting
redistribution under these terms (or, alternatively, under the terms of the
ordinary General Public License).
To apply these terms, attach the following notices to the library. It is
safest to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least the
"copyright" line and a pointer to where the full notice is found.
<one line to give the library's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public
License as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Library General Public License for more details.
You should have received a copy of the GNU Library General Public
License along with this library; if not, write to the Free
Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
Also add information on how to contact you by electronic and paper mail.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the library, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the
library `Frob' (a library for tweaking knobs) written by James Random Hacker.
<signature of Ty Coon>, 1 April 1990
Ty Coon, President of Vice
That's all there is to it!

60
eBones/des/docs.original/FILES Normal file
View file

@ -0,0 +1,60 @@
/* General stuff */
CHANGES - Changes since the last posting to comp.sources.misc.
ARTISTIC - Copying info.
COPYING - Copying info.
MODES.DES - A description of the features of the different modes of DES.
FILES - This file.
INSTALL - How to make things compile.
Imakefile - For use with kerberos.
README - What this package is.
VERSION - Which version this is.
KERBEROS - Kerberos version 4 notes.
makefile - The make file.
times - Some outputs from 'speed' on my local machines.
vms.com - For use when compiling under VMS
/* My sunOS des(1) replacement */
des.c - des(1) source code.
des.man - des(1) manual.
/* Testing and timing programs. */
destest.c - Source for libdes.a test program.
speed.c - Source for libdes.a timing program.
rpw.c - Source for libdes.a testing password reading routines.
/* libdes.a source code */
des_crypt.man - libdes.a manual page.
des.h - Public libdes.a header file.
ecb_enc.c - des_ecb_encrypt() source, this contains the basic DES code.
3ecb_enc.c - des_3ecb_encrypt() source.
cbc_ckm.c - des_cbc_cksum() source.
cbc_enc.c - des_cbc_encrypt() source.
3cbc_enc.c - des_3cbc_encrypt() source.
cfb_enc.c - des_cfb_encrypt() source.
ofb_enc.c - des_cfb_encrypt() source.
enc_read.c - des_enc_read() source.
enc_writ.c - des_enc_write() source.
pcbc_enc.c - des_pcbc_encrypt() source.
qud_cksm.c - quad_cksum() source.
rand_key.c - des_random_key() source.
read_pwd.c - Source for des_read_password() plus related functions.
set_key.c - Source for des_set_key().
str2key.c - Covert a string of any length into a key.
fcrypt.c - A small, fast version of crypt(3).
des_locl.h - Internal libdes.a header file.
podd.h - Odd parity tables - used in des_set_key().
sk.h - Lookup tables used in des_set_key().
spr.h - What is left of the S tables - used in ecb_encrypt().
/* The perl scripts - you can ignore these files they are only
* included for the curious */
des.pl - des in perl anyone? des_set_key and des_ecb_encrypt
both done in a perl library.
testdes.pl - Testing program for des.pl
doIP - Perl script used to develop IP xor/shift code.
doPC1 - Perl script used to develop PC1 xor/shift code.
doPC2 - Generates sk.h.
PC1 - Output of doPC1 should be the same as output from PC1.
PC2 - used in development of doPC2.
shifts.pl - Perl library used by my perl scripts.

53
eBones/des/docs.original/INSTALL Normal file
View file

@ -0,0 +1,53 @@
Check the CC and CFLAGS lines in the makefile
If your C library does not support the times(3) function, change the
#define TIMES to
#undef TIMES in speed.c
If it does, check the HZ value for the times(3) function.
If your system does not define CLK_TCK it will be assumed to
be 60.
If possible use gcc v 2.2.2
Turn on the maximum optimising
type 'make'
run './destest' to check things are ok.
run './rpw' to check the tty code for reading passwords works.
run './speed' to see how fast those optimisations make the library run :-)
A make install will by default install
libdes.a in /usr/local/lib/libdes.a
des in /usr/local/bin/des
des_crypt.man in /usr/local/man/man3/des_crypt.3
des.man in /usr/local/man/man1/des.1
des.h in /usr/include/des.h
des(1) should be compatible with sunOS's but I have been unable to
test it.
These routines should compile on MSDOS, most 32bit and 64bit version
of Unix (BSD and SYSV) and VMS, without modification.
The only problems should be #include files that are in the wrong places.
These routines can be compiled under MSDOS.
I have successfully encrypted files using des(1) under MSDOS and then
decrypted the files on a SparcStation.
I have been able to compile and test the routines with
Microsoft C v 5.1 and Turbo C v 2.0.
The code in this library is in no way optimised for the 16bit
operation of MSDOS. Microsoft C generates code that is 40% slower
than Turbo C's code. I believe this is due to problems it has with
code generation with the 32bit shift operation in the IP and FP
sections. I have added some 16bit optimization in ecb_encrypt.c
and this generated a %70 speedup under Turbo C. Such are the
limitations of DOS compilers :-(.
For Turbo C v 2.0, make sure to define MSDOS, in the relevant menu.
There is an alternative version of the D_ENCRYPT macro that can be
enabled with the -DALT_ECB option in the makefile. This alternative
macro can make a +-%20 speed difference to the DES encryption speed,
depending on the compiler/CPU combinations.
It has its greatest effect on Sparc machines when using the sun compiler.
If in doubt, try enable/disable it and running speed.

38
eBones/des/docs.original/KERBEROS Normal file
View file

@ -0,0 +1,38 @@
To use this library with Bones (kerberos without DES):
1) Get my modified Bones - eBones. It can be found on
gondwana.ecr.mu.oz.au (128.250.1.63) /pub/athena/eBones-p9.tar.Z
and
nic.funet.fi (128.214.6.100) /pub/unix/security/Kerberos/eBones-p9.tar.Z
2) Unpack this library in src/lib/des, makeing sure it is version
3.00 or greater (libdes.tar.93-10-07.Z). This versions differences
from the version in comp.sources.misc volume 29 patchlevel2.
The primarily difference is that it should compile under kerberos :-).
It can be found at.
ftp.psy.uq.oz.au (130.102.32.1) /pub/DES/libdes.tar.93-10-07.Z
Now do a normal kerberos build and things should work.
One problem I found when I was build on my local sun.
---
For sunOS 4.1.1 apply the following patch to src/util/ss/make_commands.c
*** make_commands.c.orig Fri Jul 3 04:18:35 1987
--- make_commands.c Wed May 20 08:47:42 1992
***************
*** 98,104 ****
if (!rename(o_file, z_file)) {
if (!vfork()) {
chdir("/tmp");
! execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", "-n",
z_file+5, 0);
perror("/bin/ld");
_exit(1);
--- 98,104 ----
if (!rename(o_file, z_file)) {
if (!vfork()) {
chdir("/tmp");
! execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r",
z_file+5, 0);
perror("/bin/ld");
_exit(1);

84
eBones/des/docs.original/MODES.DES Normal file
View file

@ -0,0 +1,84 @@
Modes of DES
Quite a bit of the following information has been taken from
AS 2805.5.2
Australian Standard
Electronic funds transfer - Requirements for interfaces,
Part 5.2: Modes of operation for an n-bit block cipher algorithm
Appendix A
There are several different modes in which DES can be used, they are
as follows.
Electronic Codebook Mode (ECB) (des_ecb_encrypt())
- 64 bits are enciphered at a time.
- The order of the blocks can be rearranged without detection.
- The same plaintext block always produces the same ciphertext block
(for the same key) making it vulnerable to a 'dictionary attack'.
- An error will only affect one ciphertext block.
Cipher Block Chaining Mode (CBC) (des_cbc_encrypt())
- a multiple of 64 bits are enciphered at a time.
- The CBC mode produces the same ciphertext whenever the same
plaintext is encrypted using the same key and starting variable.
- The chaining operation makes the ciphertext blocks dependent on the
current and all preceding plaintext blocks and therefore blocks can not
be rearranged.
- The use of different starting variables prevents the same plaintext
enciphering to the same ciphertext.
- An error will affect the current and the following ciphertext blocks.
Cipher Feedback Mode (CFB) (des_cfb_encrypt())
- a number of bits (j) <= 64 are enciphered at a time.
- The CFB mode produces the same ciphertext whenever the same
plaintext is encrypted using the same key and starting variable.
- The chaining operation makes the ciphertext variables dependent on the
current and all preceding variables and therefore j-bit variables are
chained together and con not be rearranged.
- The use of different starting variables prevents the same plaintext
enciphering to the same ciphertext.
- The strength of the CFB mode depends on the size of k (maximal if
j == k). In my implementation this is always the case.
- Selection of a small value for j will require more cycles through
the encipherment algorithm per unit of plaintext and thus cause
greater processing overheads.
- Only multiples of j bits can be enciphered.
- An error will affect the current and the following ciphertext variables.
Output Feedback Mode (OFB) (des_ofb_encrypt())
- a number of bits (j) <= 64 are enciphered at a time.
- The OFB mode produces the same ciphertext whenever the same
plaintext enciphered using the same key and starting variable. More
over, in the OFB mode the same key stream is produced when the same
key and start variable are used. Consequently, for security reasons
a specific start variable should be used only once for a given key.
- The absence of chaining makes the OFB more vulnerable to specific attacks.
- The use of different start variables values prevents the same
plaintext enciphering to the same ciphertext, by producing different
key streams.
- Selection of a small value for j will require more cycles through
the encipherment algorithm per unit of plaintext and thus cause
greater processing overheads.
- Only multiples of j bits can be enciphered.
- OFB mode of operation does not extend ciphertext errors in the
resultant plaintext output. Every bit error in the ciphertext causes
only one bit to be in error in the deciphered plaintext.
- OFB mode is not self-synchronising. If the two operation of
encipherment and decipherment get out of synchronism, the system needs
to be re-initialised.
- Each re-initialisation should use a value of the start variable
different from the start variable values used before with the same
key. The reason for this is that an identical bit stream would be
produced each time from the same parameters. This would be
susceptible to a ' known plaintext' attack.
Triple ECB Mode (des_3ecb_encrypt())
- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
- As for ECB encryption but increases the effective key length to 112 bits.
- If both keys are the same it is equivalent to encrypting once with
just one key.
Triple CBC Mode (des_3cbc_encrypt())
- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
- As for CBC encryption but increases the effective key length to 112 bits.
- If both keys are the same it is equivalent to encrypting once with
just one key.

56
eBones/des/docs.original/README Normal file
View file

@ -0,0 +1,56 @@
libdes, Version 3.00 93/10/07
Copyright (c) 1993, Eric Young
All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of either:
a) the GNU General Public License as published by the Free
Software Foundation; either version 1, or (at your option) any
later version, or
b) the "Artistic License" which comes with this Kit.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See either
the GNU General Public License or the Artistic License for more details.
You should have received a copy of the Artistic License with this
Kit, in the file named "Artistic". If not, I'll be glad to provide one.
You should also have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
---
This kit builds a DES encryption library and a DES encryption program.
It suports ecb, cbc, ofb, cfb, triple ecb, triple cbc and MIT's pcbc
encryption modes and also has a fast implementation of crypt(3).
It contains support routines to read keys from a terminal,
generate a random key, generate a key from an arbitary length string,
read/write encrypted data from/to a file descriptor.
The implementation was written so as to conform with the manual entry
for the des_crypt(3) library routines from MIT's project Athena.
destest should be run after compilation to test the des routines.
rpw should be run after compilation to test the read password routines.
The des program is a replacement for the sun des command. I believe it
conforms to the sun version.
The Imakefile is setup for use in the kerberos distribution.
These routines are best compiled with gcc or any other good
optimising compiler.
Just turn you optimiser up to the highest settings and run destest
after the build to make sure everything works.
I believe these routines are close to the fastest and most portable DES
routines that use small lookup tables (4.5k) that are publicly available.
The fcrypt routine is faster than ufc's fcrypt (when compiling with
gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
(on a sun3/260 168 vs 336).
Eric Young (eay@psych.psy.uq.oz.au)

185
eBones/des/docs.original/VERSION Normal file
View file

@ -0,0 +1,185 @@
Release apon comp.sources.misc
Version 3.01 08/10/93
Added des_3cbc_encrypt()
Version 3.00 07/10/93
Fixed up documentation.
quad_cksum definitly compatable with MIT's now.
Version 2.30 24/08/93
Tripple DES now defaults to tripple cbc but can do tripple ecb
with the -b flag.
Fixed some MSDOS uuen/uudecoding problems, thanks to
Added prototypes.
Version 2.22 29/06/93
Fixed a bug in des_is_weak_key() which stopped it working :-(
thanks to engineering@MorningStar.Com.
Version 2.21 03/06/93
des(1) with no arguments gives quite a bit of help.
Added -c (generate ckecksum) flag to des(1).
Added -3 (tripple DES) flag to des(1).
Added cfb and ofb routines to the library.
Version 2.20 11/03/93
Added -u (uuencode) flag to des(1).
I have been playing with byte order in quad_cksum to make it
compatible with MIT's version. All I can say is aviod this
function if possible since MIT's output is endian dependent.
Version 2.12 14/10/92
Added MSDOS specific macro in ecb_encrypt which gives a %70
speed up when the code is compiled with turbo C.
Version 2.11 12/10/92
Speedup in set_key (recoding of PC-1)
I now do it in 47 simple operations, down from 60.
Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
for motivating me to look for a faster system :-)
The speedup is probably less that 1% but it is still 13
instructions less :-).
Version 2.10 06/10/92
The code now works on the 64bit ETA10 and CRAY without modifications or
#defines. I believe the code should work on any machine that
defines long, int or short to be 8 bytes long.
Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
for helping me fix the code to run on 64bit machines (he had
access to an ETA10).
Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
for testing the routines on a CRAY.
read_password.c has been renamed to read_passwd.c
string_to_key.c has been renamed to string2key.c
Version 2.00 14/09/92
Made mods so that the library should work on 64bit CPU's.
Removed all my uchar and ulong defs. To many different
versions of unix define them in their header files in too many
different combinations :-)
IRIX - Sillicon Graphics mods (mostly in read_password.c).
Thanks to Andrew Daviel (advax@erich.triumf.ca)
Version 1.99 26/08/92
Fixed a bug or 2 in enc_read.c
Fixed a bug in enc_write.c
Fixed a pseudo bug in fcrypt.c (very obscure).
Version 1.98 31/07/92
Support for the ETA10. This is a strange machine that defines
longs and ints as 8 bytes and shorts as 4 bytes.
Since I do evil things with long * that assume that they are 4
bytes. Look in the Makefile for the option to compile for
this machine. quad_cksum appears to have problems but I
will don't have the time to fix it right now, and this is not
a function that uses DES and so will not effect the main uses
of the library.
Version 1.97 20/05/92 eay
Fixed the Imakefile and made some changes to des.h to fix some
problems when building this package with Kerberos v 4.
Version 1.96 18/05/92 eay
Fixed a small bug in string_to_key() where problems could
occur if des_check_key was set to true and the string
generated a weak key.
Patch2 posted to comp.sources.misc
Version 1.95 13/05/92 eay
Added an alternative version of the D_ENCRYPT macro in
ecb_encrypt and fcrypt. Depending on the compiler, one version or the
other will be faster. This was inspired by
Dana How <how@isl.stanford.edu>, and her pointers about doing the
*(ulong *)((uchar *)ptr+(value&0xfc))
vs
ptr[value&0x3f]
to stop the C compiler doing a <<2 to convert the long array index.
Version 1.94 05/05/92 eay
Fixed an incompatibility between my string_to_key and the MIT
version. When the key is longer than 8 chars, I was wrapping
with a different method. To use the old version, define
OLD_STR_TO_KEY in the makefile. Thanks to
viktor@newsu.shearson.com (Viktor Dukhovni).
Version 1.93 28/04/92 eay
Fixed the VMS mods so that echo is now turned off in
read_password. Thanks again to brennan@coco.cchs.su.oz.AU.
MSDOS support added. The routines can be compiled with
Turbo C (v2.0) and MSC (v5.1). Make sure MSDOS is defined.
Patch1 posted to comp.sources.misc
Version 1.92 13/04/92 eay
Changed D_ENCRYPT so that the rotation of R occurs outside of
the loop. This required rotating all the longs in sp.h (now
called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
speed.c has been changed so it will work without SIGALRM. If
times(3) is not present it will try to use ftime() instead.
Version 1.91 08/04/92 eay
Added -E/-D options to des(1) so it can use string_to_key.
Added SVR4 mods suggested by witr@rwwa.COM
Added VMS mods suggested by brennan@coco.cchs.su.oz.AU. If
anyone knows how to turn of tty echo in VMS please tell me or
implement it yourself :-).
Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
does not like IN/OUT being used.
Libdes posted to comp.sources.misc
Version 1.9 24/03/92 eay
Now contains a fast small crypt replacement.
Added des(1) command.
Added des_rw_mode so people can use cbc encryption with
enc_read and enc_write.
Version 1.8 15/10/91 eay
Bug in cbc_cksum.
Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
one out.
Version 1.7 24/09/91 eay
Fixed set_key :-)
set_key is 4 times faster and takes less space.
There are a few minor changes that could be made.
Version 1.6 19/09/1991 eay
Finally go IP and FP finished.
Now I need to fix set_key.
This version is quite a bit faster that 1.51
Version 1.52 15/06/1991 eay
20% speedup in ecb_encrypt by changing the E bit selection
to use 2 32bit words. This also required modification of the
sp table. There is still a way to speedup the IP and IP-1
(hints from outer@sq.com) still working on this one :-(.
Version 1.51 07/06/1991 eay
Faster des_encrypt by loop unrolling
Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
Version 1.50 28/05/1991 eay
Optimized the code a bit more for the sparc. I have improved the
speed of the inner des_encrypt by speeding up the initial and
final permutations.
Version 1.40 23/10/1990 eay
Fixed des_random_key, it did not produce a random key :-(
Version 1.30 2/10/1990 eay
Have made des_quad_cksum the same as MIT's, the full package
should be compatible with MIT's
Have tested on a DECstation 3100
Still need to fix des_set_key (make it faster).
Does des_cbc_encrypts at 70.5k/sec on a 3100.
Version 1.20 18/09/1990 eay
Fixed byte order dependencies.
Fixed (I hope) all the word alignment problems.
Speedup in des_ecb_encrypt.
Version 1.10 11/09/1990 eay
Added des_enc_read and des_enc_write.
Still need to fix des_quad_cksum.
Still need to document des_enc_read and des_enc_write.
Version 1.00 27/08/1990 eay

123
eBones/des/ecb_enc.c Normal file
View file

@ -0,0 +1,123 @@
/* ecb_enc.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: ecb_enc.c,v 1.2 1994/07/19 19:21:53 g89r4222 Exp $
*/
#include "des_locl.h"
#include "spr.h"
int des_ecb_encrypt(input,output,ks,encrypt)
des_cblock *input;
des_cblock *output;
des_key_schedule ks;
int encrypt;
{
register unsigned long l0,l1;
register unsigned char *in,*out;
unsigned long ll[2];
in=(unsigned char *)input;
out=(unsigned char *)output;
c2l(in,l0);
c2l(in,l1);
ll[0]=l0;
ll[1]=l1;
des_encrypt(ll,ll,ks,encrypt);
l0=ll[0];
l1=ll[1];
l2c(l0,out);
l2c(l1,out);
l0=l1=ll[0]=ll[1]=0;
return(0);
}
int des_encrypt(input,output,ks,encrypt)
unsigned long *input;
unsigned long *output;
des_key_schedule ks;
int encrypt;
{
register unsigned long l,r,t,u;
#ifdef ALT_ECB
register unsigned char *des_SP=(unsigned char *)des_SPtrans;
#endif
#ifdef MSDOS
union fudge {
unsigned long l;
unsigned short s[2];
unsigned char c[4];
} U,T;
#endif
register int i;
register unsigned long *s;
l=input[0];
r=input[1];
/* do IP */
PERM_OP(r,l,t, 4,0x0f0f0f0f);
PERM_OP(l,r,t,16,0x0000ffff);
PERM_OP(r,l,t, 2,0x33333333);
PERM_OP(l,r,t, 8,0x00ff00ff);
PERM_OP(r,l,t, 1,0x55555555);
/* r and l are reversed - remember that :-) - fix
* it in the next step */
/* Things have been modified so that the initial rotate is
* done outside the loop. This required the
* des_SPtrans values in sp.h to be rotated 1 bit to the right.
* One perl script later and things have a 5% speed up on a sparc2.
* Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
* for pointing this out. */
t=(r<<1)|(r>>31);
r=(l<<1)|(l>>31);
l=t;
/* clear the top bits on machines with 8byte longs */
l&=0xffffffff;
r&=0xffffffff;
s=(unsigned long *)ks;
/* I don't know if it is worth the effort of loop unrolling the
* inner loop */
if (encrypt)
{
for (i=0; i<32; i+=4)
{
D_ENCRYPT(l,r,i+0); /* 1 */
D_ENCRYPT(r,l,i+2); /* 2 */
}
}
else
{
for (i=30; i>0; i-=4)
{
D_ENCRYPT(l,r,i-0); /* 16 */
D_ENCRYPT(r,l,i-2); /* 15 */
}
}
l=(l>>1)|(l<<31);
r=(r>>1)|(r<<31);
/* clear the top bits on machines with 8byte longs */
l&=0xffffffff;
r&=0xffffffff;
/* swap l and r
* we will not do the swap so just remember they are
* reversed for the rest of the subroutine
* luckily FP fixes this problem :-) */
PERM_OP(r,l,t, 1,0x55555555);
PERM_OP(l,r,t, 8,0x00ff00ff);
PERM_OP(r,l,t, 2,0x33333333);
PERM_OP(l,r,t,16,0x0000ffff);
PERM_OP(r,l,t, 4,0x0f0f0f0f);
output[0]=l;
output[1]=r;
l=r=t=u=0;
return(0);
}

147
eBones/des/enc_read.c Normal file
View file

@ -0,0 +1,147 @@
/* enc_read.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: enc_read.c,v 1.2 1994/07/19 19:21:54 g89r4222 Exp $
*/
#include <errno.h>
#include "des_locl.h"
/* This has some uglies in it but it works - even over sockets. */
extern int errno;
int des_rw_mode=DES_PCBC_MODE;
int des_enc_read(fd,buf,len,sched,iv)
int fd;
char *buf;
int len;
des_key_schedule sched;
des_cblock *iv;
{
/* data to be unencrypted */
int net_num=0;
unsigned char net[BSIZE];
/* extra unencrypted data
* for when a block of 100 comes in but is des_read one byte at
* a time. */
static char unnet[BSIZE];
static int unnet_start=0;
static int unnet_left=0;
int i;
long num=0,rnum;
unsigned char *p;
/* left over data from last decrypt */
if (unnet_left != 0)
{
if (unnet_left < len)
{
/* we still still need more data but will return
* with the number of bytes we have - should always
* check the return value */
bcopy(&(unnet[unnet_start]),buf,unnet_left);
/* eay 26/08/92 I had the next 2 lines
* reversed :-( */
i=unnet_left;
unnet_start=unnet_left=0;
}
else
{
bcopy(&(unnet[unnet_start]),buf,len);
unnet_start+=len;
unnet_left-=len;
i=len;
}
return(i);
}
/* We need to get more data. */
if (len > MAXWRITE) len=MAXWRITE;
/* first - get the length */
net_num=0;
while (net_num < HDRSIZE)
{
i=read(fd,&(net[net_num]),HDRSIZE-net_num);
if ((i == -1) && (errno == EINTR)) continue;
if (i <= 0) return(0);
net_num+=i;
}
/* we now have at net_num bytes in net */
p=net;
num=0;
n2l(p,num);
/* num should be rounded up to the next group of eight
* we make sure that we have read a multiple of 8 bytes from the net.
*/
if ((num > MAXWRITE) || (num < 0)) /* error */
return(-1);
rnum=(num < 8)?8:((num+7)/8*8);
net_num=0;
while (net_num < rnum)
{
i=read(fd,&(net[net_num]),rnum-net_num);
if ((i == -1) && (errno == EINTR)) continue;
if (i <= 0) return(0);
net_num+=i;
}
/* Check if there will be data left over. */
if (len < num)
{
if (des_rw_mode & DES_PCBC_MODE)
pcbc_encrypt((des_cblock *)net,(des_cblock *)unnet,
num,sched,iv,DES_DECRYPT);
else
cbc_encrypt((des_cblock *)net,(des_cblock *)unnet,
num,sched,iv,DES_DECRYPT);
bcopy(unnet,buf,len);
unnet_start=len;
unnet_left=num-len;
/* The following line is done because we return num
* as the number of bytes read. */
num=len;
}
else
{
/* >output is a multiple of 8 byes, if len < rnum
* >we must be careful. The user must be aware that this
* >routine will write more bytes than he asked for.
* >The length of the buffer must be correct.
* FIXED - Should be ok now 18-9-90 - eay */
if (len < rnum)
{
char tmpbuf[BSIZE];
if (des_rw_mode & DES_PCBC_MODE)
pcbc_encrypt((des_cblock *)net,
(des_cblock *)tmpbuf,
num,sched,iv,DES_DECRYPT);
else
cbc_encrypt((des_cblock *)net,
(des_cblock *)tmpbuf,
num,sched,iv,DES_DECRYPT);
/* eay 26/08/92 fix a bug that returned more
* bytes than you asked for (returned len bytes :-( */
bcopy(tmpbuf,buf,num);
}
else
{
if (des_rw_mode & DES_PCBC_MODE)
pcbc_encrypt((des_cblock *)net,
(des_cblock *)buf,num,sched,iv,
DES_DECRYPT);
else
cbc_encrypt((des_cblock *)net,
(des_cblock *)buf,num,sched,iv,
DES_DECRYPT);
}
}
return(num);
}

94
eBones/des/enc_writ.c Normal file
View file

@ -0,0 +1,94 @@
/* enc_writ.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: enc_writ.c,v 1.2 1994/07/19 19:21:56 g89r4222 Exp $
*/
#include <errno.h>
#include "des_locl.h"
int des_enc_write(fd,buf,len,sched,iv)
int fd;
char *buf;
int len;
des_key_schedule sched;
des_cblock *iv;
{
long rnum;
int i,j,k,outnum;
char outbuf[BSIZE+HDRSIZE];
char shortbuf[8];
char *p;
static int start=1;
/* If we are sending less than 8 bytes, the same char will look
* the same if we don't pad it out with random bytes */
if (start)
{
start=0;
srandom(time(NULL));
}
/* lets recurse if we want to send the data in small chunks */
if (len > MAXWRITE)
{
j=0;
for (i=0; i<len; i+=k)
{
k=des_enc_write(fd,&(buf[i]),
((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv);
if (k < 0)
return(k);
else
j+=k;
}
return(j);
}
/* write length first */
p=outbuf;
l2n(len,p);
/* pad short strings */
if (len < 8)
{
p=shortbuf;
bcopy(buf,shortbuf,len);
for (i=len; i<8; i++)
shortbuf[i]=random();
rnum=8;
}
else
{
p=buf;
rnum=((len+7)/8*8); /* round up to nearest eight */
}
if (des_rw_mode & DES_PCBC_MODE)
pcbc_encrypt((des_cblock *)p,(des_cblock *)&(outbuf[HDRSIZE]),
(long)((len<8)?8:len),sched,iv,DES_ENCRYPT);
else
cbc_encrypt((des_cblock *)p,(des_cblock *)&(outbuf[HDRSIZE]),
(long)((len<8)?8:len),sched,iv,DES_ENCRYPT);
/* output */
outnum=rnum+HDRSIZE;
for (j=0; j<outnum; j+=i)
{
/* eay 26/08/92 I was not doing writing from where we
* got upto. */
i=write(fd,&(outbuf[j]),(int)(outnum-j));
if (i == -1)
{
if (errno == EINTR)
i=0;
else /* This is really a bad error - very bad
* It will stuff-up both ends. */
return(-1);
}
}
return(len);
}

581
eBones/des/fcrypt.c Normal file
View file

@ -0,0 +1,581 @@
/* fcrypt.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: fcrypt.c,v 1.2 1994/07/19 19:21:58 g89r4222 Exp $
*/
#include <stdio.h>
/* Eric Young.
* This version of crypt has been developed from my MIT compatable
* DES library.
* The library is available at pub/DES at ftp.psy.uq.oz.au
* eay@psych.psy.uq.oz.au
*/
typedef unsigned char des_cblock[8];
typedef struct des_ks_struct
{
union {
des_cblock _;
/* make sure things are correct size on machines with
* 8 byte longs */
unsigned long pad[2];
} ks;
#define _ ks._
} des_key_schedule[16];
#define DES_KEY_SZ (sizeof(des_cblock))
#define DES_ENCRYPT 1
#define DES_DECRYPT 0
#define ITERATIONS 16
#define HALF_ITERATIONS 8
#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
l|=((unsigned long)(*((c)++)))<< 8, \
l|=((unsigned long)(*((c)++)))<<16, \
l|=((unsigned long)(*((c)++)))<<24)
#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>>24)&0xff))
static unsigned long SPtrans[8][64]={
/* nibble 0 */
0x00820200, 0x00020000, 0x80800000, 0x80820200,
0x00800000, 0x80020200, 0x80020000, 0x80800000,
0x80020200, 0x00820200, 0x00820000, 0x80000200,
0x80800200, 0x00800000, 0x00000000, 0x80020000,
0x00020000, 0x80000000, 0x00800200, 0x00020200,
0x80820200, 0x00820000, 0x80000200, 0x00800200,
0x80000000, 0x00000200, 0x00020200, 0x80820000,
0x00000200, 0x80800200, 0x80820000, 0x00000000,
0x00000000, 0x80820200, 0x00800200, 0x80020000,
0x00820200, 0x00020000, 0x80000200, 0x00800200,
0x80820000, 0x00000200, 0x00020200, 0x80800000,
0x80020200, 0x80000000, 0x80800000, 0x00820000,
0x80820200, 0x00020200, 0x00820000, 0x80800200,
0x00800000, 0x80000200, 0x80020000, 0x00000000,
0x00020000, 0x00800000, 0x80800200, 0x00820200,
0x80000000, 0x80820000, 0x00000200, 0x80020200,
/* nibble 1 */
0x10042004, 0x00000000, 0x00042000, 0x10040000,
0x10000004, 0x00002004, 0x10002000, 0x00042000,
0x00002000, 0x10040004, 0x00000004, 0x10002000,
0x00040004, 0x10042000, 0x10040000, 0x00000004,
0x00040000, 0x10002004, 0x10040004, 0x00002000,
0x00042004, 0x10000000, 0x00000000, 0x00040004,
0x10002004, 0x00042004, 0x10042000, 0x10000004,
0x10000000, 0x00040000, 0x00002004, 0x10042004,
0x00040004, 0x10042000, 0x10002000, 0x00042004,
0x10042004, 0x00040004, 0x10000004, 0x00000000,
0x10000000, 0x00002004, 0x00040000, 0x10040004,
0x00002000, 0x10000000, 0x00042004, 0x10002004,
0x10042000, 0x00002000, 0x00000000, 0x10000004,
0x00000004, 0x10042004, 0x00042000, 0x10040000,
0x10040004, 0x00040000, 0x00002004, 0x10002000,
0x10002004, 0x00000004, 0x10040000, 0x00042000,
/* nibble 2 */
0x41000000, 0x01010040, 0x00000040, 0x41000040,
0x40010000, 0x01000000, 0x41000040, 0x00010040,
0x01000040, 0x00010000, 0x01010000, 0x40000000,
0x41010040, 0x40000040, 0x40000000, 0x41010000,
0x00000000, 0x40010000, 0x01010040, 0x00000040,
0x40000040, 0x41010040, 0x00010000, 0x41000000,
0x41010000, 0x01000040, 0x40010040, 0x01010000,
0x00010040, 0x00000000, 0x01000000, 0x40010040,
0x01010040, 0x00000040, 0x40000000, 0x00010000,
0x40000040, 0x40010000, 0x01010000, 0x41000040,
0x00000000, 0x01010040, 0x00010040, 0x41010000,
0x40010000, 0x01000000, 0x41010040, 0x40000000,
0x40010040, 0x41000000, 0x01000000, 0x41010040,
0x00010000, 0x01000040, 0x41000040, 0x00010040,
0x01000040, 0x00000000, 0x41010000, 0x40000040,
0x41000000, 0x40010040, 0x00000040, 0x01010000,
/* nibble 3 */
0x00100402, 0x04000400, 0x00000002, 0x04100402,
0x00000000, 0x04100000, 0x04000402, 0x00100002,
0x04100400, 0x04000002, 0x04000000, 0x00000402,
0x04000002, 0x00100402, 0x00100000, 0x04000000,
0x04100002, 0x00100400, 0x00000400, 0x00000002,
0x00100400, 0x04000402, 0x04100000, 0x00000400,
0x00000402, 0x00000000, 0x00100002, 0x04100400,
0x04000400, 0x04100002, 0x04100402, 0x00100000,
0x04100002, 0x00000402, 0x00100000, 0x04000002,
0x00100400, 0x04000400, 0x00000002, 0x04100000,
0x04000402, 0x00000000, 0x00000400, 0x00100002,
0x00000000, 0x04100002, 0x04100400, 0x00000400,
0x04000000, 0x04100402, 0x00100402, 0x00100000,
0x04100402, 0x00000002, 0x04000400, 0x00100402,
0x00100002, 0x00100400, 0x04100000, 0x04000402,
0x00000402, 0x04000000, 0x04000002, 0x04100400,
/* nibble 4 */
0x02000000, 0x00004000, 0x00000100, 0x02004108,
0x02004008, 0x02000100, 0x00004108, 0x02004000,
0x00004000, 0x00000008, 0x02000008, 0x00004100,
0x02000108, 0x02004008, 0x02004100, 0x00000000,
0x00004100, 0x02000000, 0x00004008, 0x00000108,
0x02000100, 0x00004108, 0x00000000, 0x02000008,
0x00000008, 0x02000108, 0x02004108, 0x00004008,
0x02004000, 0x00000100, 0x00000108, 0x02004100,
0x02004100, 0x02000108, 0x00004008, 0x02004000,
0x00004000, 0x00000008, 0x02000008, 0x02000100,
0x02000000, 0x00004100, 0x02004108, 0x00000000,
0x00004108, 0x02000000, 0x00000100, 0x00004008,
0x02000108, 0x00000100, 0x00000000, 0x02004108,
0x02004008, 0x02004100, 0x00000108, 0x00004000,
0x00004100, 0x02004008, 0x02000100, 0x00000108,
0x00000008, 0x00004108, 0x02004000, 0x02000008,
/* nibble 5 */
0x20000010, 0x00080010, 0x00000000, 0x20080800,
0x00080010, 0x00000800, 0x20000810, 0x00080000,
0x00000810, 0x20080810, 0x00080800, 0x20000000,
0x20000800, 0x20000010, 0x20080000, 0x00080810,
0x00080000, 0x20000810, 0x20080010, 0x00000000,
0x00000800, 0x00000010, 0x20080800, 0x20080010,
0x20080810, 0x20080000, 0x20000000, 0x00000810,
0x00000010, 0x00080800, 0x00080810, 0x20000800,
0x00000810, 0x20000000, 0x20000800, 0x00080810,
0x20080800, 0x00080010, 0x00000000, 0x20000800,
0x20000000, 0x00000800, 0x20080010, 0x00080000,
0x00080010, 0x20080810, 0x00080800, 0x00000010,
0x20080810, 0x00080800, 0x00080000, 0x20000810,
0x20000010, 0x20080000, 0x00080810, 0x00000000,
0x00000800, 0x20000010, 0x20000810, 0x20080800,
0x20080000, 0x00000810, 0x00000010, 0x20080010,
/* nibble 6 */
0x00001000, 0x00000080, 0x00400080, 0x00400001,
0x00401081, 0x00001001, 0x00001080, 0x00000000,
0x00400000, 0x00400081, 0x00000081, 0x00401000,
0x00000001, 0x00401080, 0x00401000, 0x00000081,
0x00400081, 0x00001000, 0x00001001, 0x00401081,
0x00000000, 0x00400080, 0x00400001, 0x00001080,
0x00401001, 0x00001081, 0x00401080, 0x00000001,
0x00001081, 0x00401001, 0x00000080, 0x00400000,
0x00001081, 0x00401000, 0x00401001, 0x00000081,
0x00001000, 0x00000080, 0x00400000, 0x00401001,
0x00400081, 0x00001081, 0x00001080, 0x00000000,
0x00000080, 0x00400001, 0x00000001, 0x00400080,
0x00000000, 0x00400081, 0x00400080, 0x00001080,
0x00000081, 0x00001000, 0x00401081, 0x00400000,
0x00401080, 0x00000001, 0x00001001, 0x00401081,
0x00400001, 0x00401080, 0x00401000, 0x00001001,
/* nibble 7 */
0x08200020, 0x08208000, 0x00008020, 0x00000000,
0x08008000, 0x00200020, 0x08200000, 0x08208020,
0x00000020, 0x08000000, 0x00208000, 0x00008020,
0x00208020, 0x08008020, 0x08000020, 0x08200000,
0x00008000, 0x00208020, 0x00200020, 0x08008000,
0x08208020, 0x08000020, 0x00000000, 0x00208000,
0x08000000, 0x00200000, 0x08008020, 0x08200020,
0x00200000, 0x00008000, 0x08208000, 0x00000020,
0x00200000, 0x00008000, 0x08000020, 0x08208020,
0x00008020, 0x08000000, 0x00000000, 0x00208000,
0x08200020, 0x08008020, 0x08008000, 0x00200020,
0x08208000, 0x00000020, 0x00200020, 0x08008000,
0x08208020, 0x00200000, 0x08200000, 0x08000020,
0x00208000, 0x00008020, 0x08008020, 0x08200000,
0x00000020, 0x08208000, 0x00208020, 0x00000000,
0x08000000, 0x08200020, 0x00008000, 0x00208020};
static unsigned long skb[8][64]={
/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
0x00000000,0x00000010,0x20000000,0x20000010,
0x00010000,0x00010010,0x20010000,0x20010010,
0x00000800,0x00000810,0x20000800,0x20000810,
0x00010800,0x00010810,0x20010800,0x20010810,
0x00000020,0x00000030,0x20000020,0x20000030,
0x00010020,0x00010030,0x20010020,0x20010030,
0x00000820,0x00000830,0x20000820,0x20000830,
0x00010820,0x00010830,0x20010820,0x20010830,
0x00080000,0x00080010,0x20080000,0x20080010,
0x00090000,0x00090010,0x20090000,0x20090010,
0x00080800,0x00080810,0x20080800,0x20080810,
0x00090800,0x00090810,0x20090800,0x20090810,
0x00080020,0x00080030,0x20080020,0x20080030,
0x00090020,0x00090030,0x20090020,0x20090030,
0x00080820,0x00080830,0x20080820,0x20080830,
0x00090820,0x00090830,0x20090820,0x20090830,
/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
0x00000000,0x02000000,0x00002000,0x02002000,
0x00200000,0x02200000,0x00202000,0x02202000,
0x00000004,0x02000004,0x00002004,0x02002004,
0x00200004,0x02200004,0x00202004,0x02202004,
0x00000400,0x02000400,0x00002400,0x02002400,
0x00200400,0x02200400,0x00202400,0x02202400,
0x00000404,0x02000404,0x00002404,0x02002404,
0x00200404,0x02200404,0x00202404,0x02202404,
0x10000000,0x12000000,0x10002000,0x12002000,
0x10200000,0x12200000,0x10202000,0x12202000,
0x10000004,0x12000004,0x10002004,0x12002004,
0x10200004,0x12200004,0x10202004,0x12202004,
0x10000400,0x12000400,0x10002400,0x12002400,
0x10200400,0x12200400,0x10202400,0x12202400,
0x10000404,0x12000404,0x10002404,0x12002404,
0x10200404,0x12200404,0x10202404,0x12202404,
/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
0x00000000,0x00000001,0x00040000,0x00040001,
0x01000000,0x01000001,0x01040000,0x01040001,
0x00000002,0x00000003,0x00040002,0x00040003,
0x01000002,0x01000003,0x01040002,0x01040003,
0x00000200,0x00000201,0x00040200,0x00040201,
0x01000200,0x01000201,0x01040200,0x01040201,
0x00000202,0x00000203,0x00040202,0x00040203,
0x01000202,0x01000203,0x01040202,0x01040203,
0x08000000,0x08000001,0x08040000,0x08040001,
0x09000000,0x09000001,0x09040000,0x09040001,
0x08000002,0x08000003,0x08040002,0x08040003,
0x09000002,0x09000003,0x09040002,0x09040003,
0x08000200,0x08000201,0x08040200,0x08040201,
0x09000200,0x09000201,0x09040200,0x09040201,
0x08000202,0x08000203,0x08040202,0x08040203,
0x09000202,0x09000203,0x09040202,0x09040203,
/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
0x00000000,0x00100000,0x00000100,0x00100100,
0x00000008,0x00100008,0x00000108,0x00100108,
0x00001000,0x00101000,0x00001100,0x00101100,
0x00001008,0x00101008,0x00001108,0x00101108,
0x04000000,0x04100000,0x04000100,0x04100100,
0x04000008,0x04100008,0x04000108,0x04100108,
0x04001000,0x04101000,0x04001100,0x04101100,
0x04001008,0x04101008,0x04001108,0x04101108,
0x00020000,0x00120000,0x00020100,0x00120100,
0x00020008,0x00120008,0x00020108,0x00120108,
0x00021000,0x00121000,0x00021100,0x00121100,
0x00021008,0x00121008,0x00021108,0x00121108,
0x04020000,0x04120000,0x04020100,0x04120100,
0x04020008,0x04120008,0x04020108,0x04120108,
0x04021000,0x04121000,0x04021100,0x04121100,
0x04021008,0x04121008,0x04021108,0x04121108,
/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
0x00000000,0x10000000,0x00010000,0x10010000,
0x00000004,0x10000004,0x00010004,0x10010004,
0x20000000,0x30000000,0x20010000,0x30010000,
0x20000004,0x30000004,0x20010004,0x30010004,
0x00100000,0x10100000,0x00110000,0x10110000,
0x00100004,0x10100004,0x00110004,0x10110004,
0x20100000,0x30100000,0x20110000,0x30110000,
0x20100004,0x30100004,0x20110004,0x30110004,
0x00001000,0x10001000,0x00011000,0x10011000,
0x00001004,0x10001004,0x00011004,0x10011004,
0x20001000,0x30001000,0x20011000,0x30011000,
0x20001004,0x30001004,0x20011004,0x30011004,
0x00101000,0x10101000,0x00111000,0x10111000,
0x00101004,0x10101004,0x00111004,0x10111004,
0x20101000,0x30101000,0x20111000,0x30111000,
0x20101004,0x30101004,0x20111004,0x30111004,
/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
0x00000000,0x08000000,0x00000008,0x08000008,
0x00000400,0x08000400,0x00000408,0x08000408,
0x00020000,0x08020000,0x00020008,0x08020008,
0x00020400,0x08020400,0x00020408,0x08020408,
0x00000001,0x08000001,0x00000009,0x08000009,
0x00000401,0x08000401,0x00000409,0x08000409,
0x00020001,0x08020001,0x00020009,0x08020009,
0x00020401,0x08020401,0x00020409,0x08020409,
0x02000000,0x0A000000,0x02000008,0x0A000008,
0x02000400,0x0A000400,0x02000408,0x0A000408,
0x02020000,0x0A020000,0x02020008,0x0A020008,
0x02020400,0x0A020400,0x02020408,0x0A020408,
0x02000001,0x0A000001,0x02000009,0x0A000009,
0x02000401,0x0A000401,0x02000409,0x0A000409,
0x02020001,0x0A020001,0x02020009,0x0A020009,
0x02020401,0x0A020401,0x02020409,0x0A020409,
/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
0x00000000,0x00000100,0x00080000,0x00080100,
0x01000000,0x01000100,0x01080000,0x01080100,
0x00000010,0x00000110,0x00080010,0x00080110,
0x01000010,0x01000110,0x01080010,0x01080110,
0x00200000,0x00200100,0x00280000,0x00280100,
0x01200000,0x01200100,0x01280000,0x01280100,
0x00200010,0x00200110,0x00280010,0x00280110,
0x01200010,0x01200110,0x01280010,0x01280110,
0x00000200,0x00000300,0x00080200,0x00080300,
0x01000200,0x01000300,0x01080200,0x01080300,
0x00000210,0x00000310,0x00080210,0x00080310,
0x01000210,0x01000310,0x01080210,0x01080310,
0x00200200,0x00200300,0x00280200,0x00280300,
0x01200200,0x01200300,0x01280200,0x01280300,
0x00200210,0x00200310,0x00280210,0x00280310,
0x01200210,0x01200310,0x01280210,0x01280310,
/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
0x00000000,0x04000000,0x00040000,0x04040000,
0x00000002,0x04000002,0x00040002,0x04040002,
0x00002000,0x04002000,0x00042000,0x04042000,
0x00002002,0x04002002,0x00042002,0x04042002,
0x00000020,0x04000020,0x00040020,0x04040020,
0x00000022,0x04000022,0x00040022,0x04040022,
0x00002020,0x04002020,0x00042020,0x04042020,
0x00002022,0x04002022,0x00042022,0x04042022,
0x00000800,0x04000800,0x00040800,0x04040800,
0x00000802,0x04000802,0x00040802,0x04040802,
0x00002800,0x04002800,0x00042800,0x04042800,
0x00002802,0x04002802,0x00042802,0x04042802,
0x00000820,0x04000820,0x00040820,0x04040820,
0x00000822,0x04000822,0x00040822,0x04040822,
0x00002820,0x04002820,0x00042820,0x04042820,
0x00002822,0x04002822,0x00042822,0x04042822,
};
/* See ecb_encrypt.c for a pseudo description of these macros. */
#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
(b)^=(t),\
(a)^=((t)<<(n)))
#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
(a)=(a)^(t)^(t>>(16-(n))))\
static char shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
static int body();
static int des_set___key();
static int des_set___key(key,schedule)
des_cblock *key;
des_key_schedule schedule;
{
register unsigned long c,d,t,s;
register unsigned char *in;
register unsigned long *k;
register int i;
k=(unsigned long *)schedule;
in=(unsigned char *)key;
c2l(in,c);
c2l(in,d);
/* I now do it in 47 simple operations :-)
* Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
* for the inspiration. :-) */
PERM_OP (d,c,t,4,0x0f0f0f0f);
HPERM_OP(c,t,-2,0xcccc0000);
HPERM_OP(d,t,-2,0xcccc0000);
PERM_OP (d,c,t,1,0x55555555);
PERM_OP (c,d,t,8,0x00ff00ff);
PERM_OP (d,c,t,1,0x55555555);
d= (((d&0x000000ff)<<16)| (d&0x0000ff00) |
((d&0x00ff0000)>>16)|((c&0xf0000000)>>4));
c&=0x0fffffff;
for (i=0; i<ITERATIONS; i++)
{
if (shifts2[i])
{ c=((c>>2)|(c<<26)); d=((d>>2)|(d<<26)); }
else
{ c=((c>>1)|(c<<27)); d=((d>>1)|(d<<27)); }
c&=0x0fffffff;
d&=0x0fffffff;
/* could be a few less shifts but I am to lazy at this
* point in time to investigate */
s= skb[0][ (c )&0x3f ]|
skb[1][((c>> 6)&0x03)|((c>> 7)&0x3c)]|
skb[2][((c>>13)&0x0f)|((c>>14)&0x30)]|
skb[3][((c>>20)&0x01)|((c>>21)&0x06) |
((c>>22)&0x38)];
t= skb[4][ (d )&0x3f ]|
skb[5][((d>> 7)&0x03)|((d>> 8)&0x3c)]|
skb[6][ (d>>15)&0x3f ]|
skb[7][((d>>21)&0x0f)|((d>>22)&0x30)];
/* table contained 0213 4657 */
*(k++)=((t<<16)|(s&0x0000ffff))&0xffffffff;
s= ((s>>16)|(t&0xffff0000));
s=(s<<4)|(s>>28);
*(k++)=s&0xffffffff;
}
return(0);
}
/******************************************************************
* modified stuff for crypt.
******************************************************************/
/* The changes to this macro may help or hinder, depending on the
* compiler and the achitecture. gcc2 always seems to do well :-).
* Inspired by Dana How <how@isl.stanford.edu>
* DO NOT use the alternative version on machines with 8 byte longs.
*/
#ifdef ALT_ECB
#define D_ENCRYPT(L,R,S) \
v=(R^(R>>16)); \
u=(v&E0); \
v=(v&E1); \
u=((u^(u<<16))^R^s[S ])<<2; \
t=(v^(v<<16))^R^s[S+1]; \
t=(t>>2)|(t<<30); \
L^= \
*(unsigned long *)(des_SP+0x0100+((t )&0xfc))+ \
*(unsigned long *)(des_SP+0x0300+((t>> 8)&0xfc))+ \
*(unsigned long *)(des_SP+0x0500+((t>>16)&0xfc))+ \
*(unsigned long *)(des_SP+0x0700+((t>>24)&0xfc))+ \
*(unsigned long *)(des_SP+ ((u )&0xfc))+ \
*(unsigned long *)(des_SP+0x0200+((u>> 8)&0xfc))+ \
*(unsigned long *)(des_SP+0x0400+((u>>16)&0xfc))+ \
*(unsigned long *)(des_SP+0x0600+((u>>24)&0xfc));
#else /* original version */
#define D_ENCRYPT(L,R,S) \
v=(R^(R>>16)); \
u=(v&E0); \
v=(v&E1); \
u=(u^(u<<16))^R^s[S ]; \
t=(v^(v<<16))^R^s[S+1]; \
t=(t>>4)|(t<<28); \
L^= SPtrans[1][(t )&0x3f]| \
SPtrans[3][(t>> 8)&0x3f]| \
SPtrans[5][(t>>16)&0x3f]| \
SPtrans[7][(t>>24)&0x3f]| \
SPtrans[0][(u )&0x3f]| \
SPtrans[2][(u>> 8)&0x3f]| \
SPtrans[4][(u>>16)&0x3f]| \
SPtrans[6][(u>>24)&0x3f];
#endif
unsigned char con_salt[128]={
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,
0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A,
0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,
0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,
0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,
0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24,
0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,
0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,
0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,
0x3D,0x3E,0x3F,0x00,0x00,0x00,0x00,0x00,
};
unsigned char cov_2char[64]={
0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
};
char *crypt(buf,salt)
char *buf;
char *salt;
{
unsigned int i,j,x,y;
unsigned long Eswap0=0,Eswap1=0;
unsigned long out[2],ll;
des_cblock key;
des_key_schedule ks;
static unsigned char buff[20];
unsigned char bb[9];
unsigned char *b=bb;
unsigned char c,u;
/* eay 25/08/92
* If you call crypt("pwd","*") as often happens when you
* have * as the pwd field in /etc/passwd, the function
* returns *\0XXXXXXXXX
* The \0 makes the string look like * so the pwd "*" would
* crypt to "*". This was found when replacing the crypt in
* our shared libraries. People found that the disbled
* accounts effectivly had no passwd :-(. */
if (salt[0] == '\0') salt[0]='A';
if (salt[1] == '\0') salt[1]='A';
x=buff[0]=salt[0];
Eswap0=con_salt[x];
x=buff[1]=salt[1];
Eswap1=con_salt[x]<<4;
for (i=0; i<8; i++)
{
c= *(buf++);
if (!c) break;
key[i]=(c<<1);
}
for (; i<8; i++)
key[i]=0;
des_set___key((des_cblock *)(key),ks);
body(&out[0],&out[1],ks,Eswap0,Eswap1);
ll=out[0]; l2c(ll,b);
ll=out[1]; l2c(ll,b);
y=0;
u=0x80;
bb[8]=0;
for (i=2; i<13; i++)
{
c=0;
for (j=0; j<6; j++)
{
c<<=1;
if (bb[y] & u) c|=1;
u>>=1;
if (!u)
{
y++;
u=0x80;
}
}
buff[i]=cov_2char[c];
}
return((char *)buff);
}
static int body(out0,out1,ks,Eswap0,Eswap1)
unsigned long *out0,*out1;
des_key_schedule *ks;
unsigned long Eswap0,Eswap1;
{
register unsigned long l,r,t,u,v;
#ifdef ALT_ECB
register unsigned char *des_SP=(unsigned char *)SPtrans;
#endif
register unsigned long *s;
register int i,j;
register unsigned long E0,E1;
l=0;
r=0;
s=(unsigned long *)ks;
E0=Eswap0;
E1=Eswap1;
for (j=0; j<25; j++)
{
for (i=0; i<(ITERATIONS*2); i+=4)
{
D_ENCRYPT(l,r, i); /* 1 */
D_ENCRYPT(r,l, i+2); /* 2 */
}
t=l;
l=r;
r=t;
}
t=r;
r=(l>>1)|(l<<31);
l=(t>>1)|(t<<31);
/* clear the top bits on machines with 8byte longs */
l&=0xffffffff;
r&=0xffffffff;
PERM_OP(r,l,t, 1,0x55555555);
PERM_OP(l,r,t, 8,0x00ff00ff);
PERM_OP(r,l,t, 2,0x33333333);
PERM_OP(l,r,t,16,0x0000ffff);
PERM_OP(r,l,t, 4,0x0f0f0f0f);
*out0=l;
*out1=r;
return(0);
}

121
eBones/des/include/des.h Normal file
View file

@ -0,0 +1,121 @@
/* des.h */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: des.h,v 1.2 1994/07/19 19:22:17 g89r4222 Exp $
*/
#ifndef DES_DEFS
#define DES_DEFS
typedef unsigned char des_cblock[8];
typedef struct des_ks_struct
{
union {
des_cblock _;
/* make sure things are correct size on machines with
* 8 byte longs */
unsigned long pad[2];
} ks;
#define _ ks._
} des_key_schedule[16];
#define DES_KEY_SZ (sizeof(des_cblock))
#define DES_ENCRYPT 1
#define DES_DECRYPT 0
#define DES_CBC_MODE 0
#define DES_PCBC_MODE 1
#define C_Block des_cblock
#define Key_schedule des_key_schedule
#define ENCRYPT DES_ENCRYPT
#define DECRYPT DES_DECRYPT
#define KEY_SZ DES_KEY_SZ
#define string_to_key des_string_to_key
#define read_pw_string des_read_pw_string
#define random_key des_random_key
#define pcbc_encrypt des_pcbc_encrypt
#define set_key des_set__key
#define key_sched des_key_sched
#define ecb_encrypt des_ecb_encrypt
#define cbc_encrypt des_cbc_encrypt
#define cbc_cksum des_cbc_cksum
#define quad_cksum des_quad_cksum
/* For compatibility with the MIT lib - eay 20/05/92 */
typedef struct des_ks_struct bit_64;
extern int des_check_key; /* defaults to false */
extern int des_rw_mode; /* defaults to DES_PCBC_MODE */
/* The next line is used to disable full ANSI prototypes, if your
* compiler has problems with the prototypes, make sure this line always
* evaluates to true :-) */
#if !defined(MSDOS) && !defined(__STDC__)
#ifndef KERBEROS
int des_3ecb_encrypt();
int des_cbc_encrypt();
int des_3cbc_encrypt();
int des_cfb_encrypt();
int des_ecb_encrypt();
int des_encrypt();
int des_enc_read();
int des_enc_write();
int des_ofb_encrypt();
int des_pcbc_encrypt();
int des_random_key();
int des_read_password();
int des_read_2passwords();
int des_read_pw_string();
int des_is_weak_key();
int des_set__key();
int des_key_sched();
int des_string_to_key();
int des_string_to_2keys();
#endif
char *crypt();
unsigned long des_cbc_cksum();
unsigned long des_quad_cksum();
unsigned long des_cbc_cksum();
void des_set_odd_parity();
#else /* PROTO */
int des_3ecb_encrypt(des_cblock *input,des_cblock *output,\
des_key_schedule ks1,des_key_schedule ks2,int encrypt);
unsigned long des_cbc_cksum(des_cblock *input,des_cblock *output,\
long length,des_key_schedule schedule,des_cblock *ivec);
int des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,\
des_key_schedule schedule,des_cblock *ivec,int encrypt);
int des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,\
des_key_schedule sk1,des_key_schedule sk2,\
des_cblock *ivec1,des_cblock *ivec2,int encrypt);
int des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,\
long length,des_key_schedule schedule,des_cblock *ivec,int encrypt);
int des_ecb_encrypt(des_cblock *input,des_cblock *output,\
des_key_schedule ks,int encrypt);
int des_encrypt(unsigned long *input,unsigned long *output,
des_key_schedule ks, int encrypt);
int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,\
des_cblock *iv);
int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,\
des_cblock *iv);
char *crypt(char *buf,char *salt);
int des_ofb_encrypt(unsigned char *in,unsigned char *out,\
int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
int des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,\
des_key_schedule schedule,des_cblock *ivec,int encrypt);
unsigned long des_quad_cksum(des_cblock *input,des_cblock *output,\
long length,int out_count,des_cblock *seed);
int des_random_key(des_cblock ret);
int des_read_password(des_cblock *key,char *prompt,int verify);
int des_read_2passwords(des_cblock *key1,des_cblock *key2, \
char *prompt,int verify);
int des_read_pw_string(char *buf,int length,char *prompt,int verify);
void des_set_odd_parity(des_cblock *key);
int des_is_weak_key(des_cblock *key);
int des_set__key(des_cblock *key,des_key_schedule schedule);
int des_key_sched(des_cblock *key,des_key_schedule schedule);
int des_string_to_key(char *str,des_cblock *key);
int des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
#endif
#endif

186
eBones/des/include/des_locl.h Normal file
View file

@ -0,0 +1,186 @@
/* des_locl.h */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: des_locl.h,v 1.2 1994/07/19 19:22:18 g89r4222 Exp $
*/
#include <stdio.h>
#include "des.h"
#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
#include <string.h>
#define bcopy(b1,b2,len) memcpy(b2, b1, (size_t)(len))
#define bzero(b,len) memset(b, 0, (size_t)(len))
#define bcmp(b1,b2,len) memcmp(b1, b2, (size_t)(len))
#define index(s1,char) strchr(s1,char)
#endif
#ifdef MSDOS
#define getpid() 2
#define RAND
extern int errno;
#define PROTO
#endif
#ifdef __STDC__
#define PROTO
#endif
#ifdef RAND
#define random() rand()
#define srandom(s) srand(s)
#endif
#define ITERATIONS 16
#define HALF_ITERATIONS 8
/* used in des_read and des_write */
#define MAXWRITE (1024*16)
#define BSIZE (MAXWRITE+4)
#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
l|=((unsigned long)(*((c)++)))<< 8, \
l|=((unsigned long)(*((c)++)))<<16, \
l|=((unsigned long)(*((c)++)))<<24)
/* NOTE - c is not incremented as per c2l */
#define c2ln(c,l1,l2,n) { \
c+=n; \
l1=l2=0; \
switch (n) { \
case 8: l2|=((unsigned long)(*(--(c))))<<24; \
case 7: l2|=((unsigned long)(*(--(c))))<<16; \
case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
case 5: l2|=((unsigned long)(*(--(c)))); \
case 4: l1|=((unsigned long)(*(--(c))))<<24; \
case 3: l1|=((unsigned long)(*(--(c))))<<16; \
case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
case 1: l1|=((unsigned long)(*(--(c)))); \
} \
}
#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>>24)&0xff))
/* replacements for htonl and ntohl since I have no idea what to do
* when faced with machines with 8 byte longs. */
#define HDRSIZE 4
#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
l|=((unsigned long)(*((c)++)))<<16, \
l|=((unsigned long)(*((c)++)))<< 8, \
l|=((unsigned long)(*((c)++))))
#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
/* NOTE - c is not incremented as per l2c */
#define l2cn(l1,l2,c,n) { \
c+=n; \
switch (n) { \
case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
} \
}
/* The changes to this macro may help or hinder, depending on the
* compiler and the achitecture. gcc2 always seems to do well :-).
* Inspired by Dana How <how@isl.stanford.edu>
* DO NOT use the alternative version on machines with 8 byte longs. */
#ifdef ALT_ECB
#define D_ENCRYPT(L,R,S) \
u=((R^s[S ])<<2); \
t= R^s[S+1]; \
t=((t>>2)+(t<<30)); \
L^= \
*(unsigned long *)(des_SP+0x0100+((t )&0xfc))+ \
*(unsigned long *)(des_SP+0x0300+((t>> 8)&0xfc))+ \
*(unsigned long *)(des_SP+0x0500+((t>>16)&0xfc))+ \
*(unsigned long *)(des_SP+0x0700+((t>>24)&0xfc))+ \
*(unsigned long *)(des_SP+ ((u )&0xfc))+ \
*(unsigned long *)(des_SP+0x0200+((u>> 8)&0xfc))+ \
*(unsigned long *)(des_SP+0x0400+((u>>16)&0xfc))+ \
*(unsigned long *)(des_SP+0x0600+((u>>24)&0xfc));
#else /* original version */
#ifdef MSDOS
#define D_ENCRYPT(L,R,S) \
U.l=R^s[S+1]; \
T.s[0]=((U.s[0]>>4)|(U.s[1]<<12))&0x3f3f; \
T.s[1]=((U.s[1]>>4)|(U.s[0]<<12))&0x3f3f; \
U.l=(R^s[S ])&0x3f3f3f3f; \
L^= des_SPtrans[1][(T.c[0])]| \
des_SPtrans[3][(T.c[1])]| \
des_SPtrans[5][(T.c[2])]| \
des_SPtrans[7][(T.c[3])]| \
des_SPtrans[0][(U.c[0])]| \
des_SPtrans[2][(U.c[1])]| \
des_SPtrans[4][(U.c[2])]| \
des_SPtrans[6][(U.c[3])];
#else
#define D_ENCRYPT(L,R,S) \
u=(R^s[S ]); \
t=R^s[S+1]; \
t=((t>>4)+(t<<28)); \
L^= des_SPtrans[1][(t )&0x3f]| \
des_SPtrans[3][(t>> 8)&0x3f]| \
des_SPtrans[5][(t>>16)&0x3f]| \
des_SPtrans[7][(t>>24)&0x3f]| \
des_SPtrans[0][(u )&0x3f]| \
des_SPtrans[2][(u>> 8)&0x3f]| \
des_SPtrans[4][(u>>16)&0x3f]| \
des_SPtrans[6][(u>>24)&0x3f];
#endif
#endif
/* IP and FP
* The problem is more of a geometric problem that random bit fiddling.
0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
The output has been subject to swaps of the form
0 1 -> 3 1 but the odd and even bits have been put into
2 3 2 0
different words. The main trick is to remember that
t=((l>>size)^r)&(mask);
r^=t;
l^=(t<<size);
can be used to swap and move bits between words.
So l = 0 1 2 3 r = 16 17 18 19
4 5 6 7 20 21 22 23
8 9 10 11 24 25 26 27
12 13 14 15 28 29 30 31
becomes (for size == 2 and mask == 0x3333)
t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
6^20 7^21 -- -- 4 5 20 21 6 7 22 23
10^24 11^25 -- -- 8 9 24 25 10 11 24 25
14^28 15^29 -- -- 12 13 28 29 14 15 28 29
Thanks for hints from Richard Outerbridge - he told me IP&FP
could be done in 15 xor, 10 shifts and 5 ands.
When I finally started to think of the problem in 2D
I first got ~42 operations without xors. When I remembered
how to use xors :-) I got it to its final state.
*/
#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
(b)^=(t),\
(a)^=((t)<<(n)))

24
eBones/des/include/podd.h Normal file
View file

@ -0,0 +1,24 @@
/* podd.h */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: podd.h,v 1.2 1994/07/19 19:22:20 g89r4222 Exp $
*/
static unsigned char odd_parity[256]={
1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};

145
eBones/des/include/sk.h Normal file
View file

@ -0,0 +1,145 @@
/* sk.h */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: sk.h,v 1.2 1994/07/19 19:22:22 g89r4222 Exp $
*/
static unsigned long des_skb[8][64]={
/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
0x00000000,0x00000010,0x20000000,0x20000010,
0x00010000,0x00010010,0x20010000,0x20010010,
0x00000800,0x00000810,0x20000800,0x20000810,
0x00010800,0x00010810,0x20010800,0x20010810,
0x00000020,0x00000030,0x20000020,0x20000030,
0x00010020,0x00010030,0x20010020,0x20010030,
0x00000820,0x00000830,0x20000820,0x20000830,
0x00010820,0x00010830,0x20010820,0x20010830,
0x00080000,0x00080010,0x20080000,0x20080010,
0x00090000,0x00090010,0x20090000,0x20090010,
0x00080800,0x00080810,0x20080800,0x20080810,
0x00090800,0x00090810,0x20090800,0x20090810,
0x00080020,0x00080030,0x20080020,0x20080030,
0x00090020,0x00090030,0x20090020,0x20090030,
0x00080820,0x00080830,0x20080820,0x20080830,
0x00090820,0x00090830,0x20090820,0x20090830,
/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
0x00000000,0x02000000,0x00002000,0x02002000,
0x00200000,0x02200000,0x00202000,0x02202000,
0x00000004,0x02000004,0x00002004,0x02002004,
0x00200004,0x02200004,0x00202004,0x02202004,
0x00000400,0x02000400,0x00002400,0x02002400,
0x00200400,0x02200400,0x00202400,0x02202400,
0x00000404,0x02000404,0x00002404,0x02002404,
0x00200404,0x02200404,0x00202404,0x02202404,
0x10000000,0x12000000,0x10002000,0x12002000,
0x10200000,0x12200000,0x10202000,0x12202000,
0x10000004,0x12000004,0x10002004,0x12002004,
0x10200004,0x12200004,0x10202004,0x12202004,
0x10000400,0x12000400,0x10002400,0x12002400,
0x10200400,0x12200400,0x10202400,0x12202400,
0x10000404,0x12000404,0x10002404,0x12002404,
0x10200404,0x12200404,0x10202404,0x12202404,
/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
0x00000000,0x00000001,0x00040000,0x00040001,
0x01000000,0x01000001,0x01040000,0x01040001,
0x00000002,0x00000003,0x00040002,0x00040003,
0x01000002,0x01000003,0x01040002,0x01040003,
0x00000200,0x00000201,0x00040200,0x00040201,
0x01000200,0x01000201,0x01040200,0x01040201,
0x00000202,0x00000203,0x00040202,0x00040203,
0x01000202,0x01000203,0x01040202,0x01040203,
0x08000000,0x08000001,0x08040000,0x08040001,
0x09000000,0x09000001,0x09040000,0x09040001,
0x08000002,0x08000003,0x08040002,0x08040003,
0x09000002,0x09000003,0x09040002,0x09040003,
0x08000200,0x08000201,0x08040200,0x08040201,
0x09000200,0x09000201,0x09040200,0x09040201,
0x08000202,0x08000203,0x08040202,0x08040203,
0x09000202,0x09000203,0x09040202,0x09040203,
/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
0x00000000,0x00100000,0x00000100,0x00100100,
0x00000008,0x00100008,0x00000108,0x00100108,
0x00001000,0x00101000,0x00001100,0x00101100,
0x00001008,0x00101008,0x00001108,0x00101108,
0x04000000,0x04100000,0x04000100,0x04100100,
0x04000008,0x04100008,0x04000108,0x04100108,
0x04001000,0x04101000,0x04001100,0x04101100,
0x04001008,0x04101008,0x04001108,0x04101108,
0x00020000,0x00120000,0x00020100,0x00120100,
0x00020008,0x00120008,0x00020108,0x00120108,
0x00021000,0x00121000,0x00021100,0x00121100,
0x00021008,0x00121008,0x00021108,0x00121108,
0x04020000,0x04120000,0x04020100,0x04120100,
0x04020008,0x04120008,0x04020108,0x04120108,
0x04021000,0x04121000,0x04021100,0x04121100,
0x04021008,0x04121008,0x04021108,0x04121108,
/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
0x00000000,0x10000000,0x00010000,0x10010000,
0x00000004,0x10000004,0x00010004,0x10010004,
0x20000000,0x30000000,0x20010000,0x30010000,
0x20000004,0x30000004,0x20010004,0x30010004,
0x00100000,0x10100000,0x00110000,0x10110000,
0x00100004,0x10100004,0x00110004,0x10110004,
0x20100000,0x30100000,0x20110000,0x30110000,
0x20100004,0x30100004,0x20110004,0x30110004,
0x00001000,0x10001000,0x00011000,0x10011000,
0x00001004,0x10001004,0x00011004,0x10011004,
0x20001000,0x30001000,0x20011000,0x30011000,
0x20001004,0x30001004,0x20011004,0x30011004,
0x00101000,0x10101000,0x00111000,0x10111000,
0x00101004,0x10101004,0x00111004,0x10111004,
0x20101000,0x30101000,0x20111000,0x30111000,
0x20101004,0x30101004,0x20111004,0x30111004,
/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
0x00000000,0x08000000,0x00000008,0x08000008,
0x00000400,0x08000400,0x00000408,0x08000408,
0x00020000,0x08020000,0x00020008,0x08020008,
0x00020400,0x08020400,0x00020408,0x08020408,
0x00000001,0x08000001,0x00000009,0x08000009,
0x00000401,0x08000401,0x00000409,0x08000409,
0x00020001,0x08020001,0x00020009,0x08020009,
0x00020401,0x08020401,0x00020409,0x08020409,
0x02000000,0x0A000000,0x02000008,0x0A000008,
0x02000400,0x0A000400,0x02000408,0x0A000408,
0x02020000,0x0A020000,0x02020008,0x0A020008,
0x02020400,0x0A020400,0x02020408,0x0A020408,
0x02000001,0x0A000001,0x02000009,0x0A000009,
0x02000401,0x0A000401,0x02000409,0x0A000409,
0x02020001,0x0A020001,0x02020009,0x0A020009,
0x02020401,0x0A020401,0x02020409,0x0A020409,
/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
0x00000000,0x00000100,0x00080000,0x00080100,
0x01000000,0x01000100,0x01080000,0x01080100,
0x00000010,0x00000110,0x00080010,0x00080110,
0x01000010,0x01000110,0x01080010,0x01080110,
0x00200000,0x00200100,0x00280000,0x00280100,
0x01200000,0x01200100,0x01280000,0x01280100,
0x00200010,0x00200110,0x00280010,0x00280110,
0x01200010,0x01200110,0x01280010,0x01280110,
0x00000200,0x00000300,0x00080200,0x00080300,
0x01000200,0x01000300,0x01080200,0x01080300,
0x00000210,0x00000310,0x00080210,0x00080310,
0x01000210,0x01000310,0x01080210,0x01080310,
0x00200200,0x00200300,0x00280200,0x00280300,
0x01200200,0x01200300,0x01280200,0x01280300,
0x00200210,0x00200310,0x00280210,0x00280310,
0x01200210,0x01200310,0x01280210,0x01280310,
/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
0x00000000,0x04000000,0x00040000,0x04040000,
0x00000002,0x04000002,0x00040002,0x04040002,
0x00002000,0x04002000,0x00042000,0x04042000,
0x00002002,0x04002002,0x00042002,0x04042002,
0x00000020,0x04000020,0x00040020,0x04040020,
0x00000022,0x04000022,0x00040022,0x04040022,
0x00002020,0x04002020,0x00042020,0x04042020,
0x00002022,0x04002022,0x00042022,0x04042022,
0x00000800,0x04000800,0x00040800,0x04040800,
0x00000802,0x04000802,0x00040802,0x04040802,
0x00002800,0x04002800,0x00042800,0x04042800,
0x00002802,0x04002802,0x00042802,0x04042802,
0x00000820,0x04000820,0x00040820,0x04040820,
0x00000822,0x04000822,0x00040822,0x04040822,
0x00002820,0x04002820,0x00042820,0x04042820,
0x00002822,0x04002822,0x00042822,0x04042822,
};

151
eBones/des/include/spr.h Normal file
View file

@ -0,0 +1,151 @@
/* spr.h */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: spr.h,v 1.2 1994/07/19 19:22:23 g89r4222 Exp $
*/
static unsigned long des_SPtrans[8][64]={
/* nibble 0 */
0x00820200, 0x00020000, 0x80800000, 0x80820200,
0x00800000, 0x80020200, 0x80020000, 0x80800000,
0x80020200, 0x00820200, 0x00820000, 0x80000200,
0x80800200, 0x00800000, 0x00000000, 0x80020000,
0x00020000, 0x80000000, 0x00800200, 0x00020200,
0x80820200, 0x00820000, 0x80000200, 0x00800200,
0x80000000, 0x00000200, 0x00020200, 0x80820000,
0x00000200, 0x80800200, 0x80820000, 0x00000000,
0x00000000, 0x80820200, 0x00800200, 0x80020000,
0x00820200, 0x00020000, 0x80000200, 0x00800200,
0x80820000, 0x00000200, 0x00020200, 0x80800000,
0x80020200, 0x80000000, 0x80800000, 0x00820000,
0x80820200, 0x00020200, 0x00820000, 0x80800200,
0x00800000, 0x80000200, 0x80020000, 0x00000000,
0x00020000, 0x00800000, 0x80800200, 0x00820200,
0x80000000, 0x80820000, 0x00000200, 0x80020200,
/* nibble 1 */
0x10042004, 0x00000000, 0x00042000, 0x10040000,
0x10000004, 0x00002004, 0x10002000, 0x00042000,
0x00002000, 0x10040004, 0x00000004, 0x10002000,
0x00040004, 0x10042000, 0x10040000, 0x00000004,
0x00040000, 0x10002004, 0x10040004, 0x00002000,
0x00042004, 0x10000000, 0x00000000, 0x00040004,
0x10002004, 0x00042004, 0x10042000, 0x10000004,
0x10000000, 0x00040000, 0x00002004, 0x10042004,
0x00040004, 0x10042000, 0x10002000, 0x00042004,
0x10042004, 0x00040004, 0x10000004, 0x00000000,
0x10000000, 0x00002004, 0x00040000, 0x10040004,
0x00002000, 0x10000000, 0x00042004, 0x10002004,
0x10042000, 0x00002000, 0x00000000, 0x10000004,
0x00000004, 0x10042004, 0x00042000, 0x10040000,
0x10040004, 0x00040000, 0x00002004, 0x10002000,
0x10002004, 0x00000004, 0x10040000, 0x00042000,
/* nibble 2 */
0x41000000, 0x01010040, 0x00000040, 0x41000040,
0x40010000, 0x01000000, 0x41000040, 0x00010040,
0x01000040, 0x00010000, 0x01010000, 0x40000000,
0x41010040, 0x40000040, 0x40000000, 0x41010000,
0x00000000, 0x40010000, 0x01010040, 0x00000040,
0x40000040, 0x41010040, 0x00010000, 0x41000000,
0x41010000, 0x01000040, 0x40010040, 0x01010000,
0x00010040, 0x00000000, 0x01000000, 0x40010040,
0x01010040, 0x00000040, 0x40000000, 0x00010000,
0x40000040, 0x40010000, 0x01010000, 0x41000040,
0x00000000, 0x01010040, 0x00010040, 0x41010000,
0x40010000, 0x01000000, 0x41010040, 0x40000000,
0x40010040, 0x41000000, 0x01000000, 0x41010040,
0x00010000, 0x01000040, 0x41000040, 0x00010040,
0x01000040, 0x00000000, 0x41010000, 0x40000040,
0x41000000, 0x40010040, 0x00000040, 0x01010000,
/* nibble 3 */
0x00100402, 0x04000400, 0x00000002, 0x04100402,
0x00000000, 0x04100000, 0x04000402, 0x00100002,
0x04100400, 0x04000002, 0x04000000, 0x00000402,
0x04000002, 0x00100402, 0x00100000, 0x04000000,
0x04100002, 0x00100400, 0x00000400, 0x00000002,
0x00100400, 0x04000402, 0x04100000, 0x00000400,
0x00000402, 0x00000000, 0x00100002, 0x04100400,
0x04000400, 0x04100002, 0x04100402, 0x00100000,
0x04100002, 0x00000402, 0x00100000, 0x04000002,
0x00100400, 0x04000400, 0x00000002, 0x04100000,
0x04000402, 0x00000000, 0x00000400, 0x00100002,
0x00000000, 0x04100002, 0x04100400, 0x00000400,
0x04000000, 0x04100402, 0x00100402, 0x00100000,
0x04100402, 0x00000002, 0x04000400, 0x00100402,
0x00100002, 0x00100400, 0x04100000, 0x04000402,
0x00000402, 0x04000000, 0x04000002, 0x04100400,
/* nibble 4 */
0x02000000, 0x00004000, 0x00000100, 0x02004108,
0x02004008, 0x02000100, 0x00004108, 0x02004000,
0x00004000, 0x00000008, 0x02000008, 0x00004100,
0x02000108, 0x02004008, 0x02004100, 0x00000000,
0x00004100, 0x02000000, 0x00004008, 0x00000108,
0x02000100, 0x00004108, 0x00000000, 0x02000008,
0x00000008, 0x02000108, 0x02004108, 0x00004008,
0x02004000, 0x00000100, 0x00000108, 0x02004100,
0x02004100, 0x02000108, 0x00004008, 0x02004000,
0x00004000, 0x00000008, 0x02000008, 0x02000100,
0x02000000, 0x00004100, 0x02004108, 0x00000000,
0x00004108, 0x02000000, 0x00000100, 0x00004008,
0x02000108, 0x00000100, 0x00000000, 0x02004108,
0x02004008, 0x02004100, 0x00000108, 0x00004000,
0x00004100, 0x02004008, 0x02000100, 0x00000108,
0x00000008, 0x00004108, 0x02004000, 0x02000008,
/* nibble 5 */
0x20000010, 0x00080010, 0x00000000, 0x20080800,
0x00080010, 0x00000800, 0x20000810, 0x00080000,
0x00000810, 0x20080810, 0x00080800, 0x20000000,
0x20000800, 0x20000010, 0x20080000, 0x00080810,
0x00080000, 0x20000810, 0x20080010, 0x00000000,
0x00000800, 0x00000010, 0x20080800, 0x20080010,
0x20080810, 0x20080000, 0x20000000, 0x00000810,
0x00000010, 0x00080800, 0x00080810, 0x20000800,
0x00000810, 0x20000000, 0x20000800, 0x00080810,
0x20080800, 0x00080010, 0x00000000, 0x20000800,
0x20000000, 0x00000800, 0x20080010, 0x00080000,
0x00080010, 0x20080810, 0x00080800, 0x00000010,
0x20080810, 0x00080800, 0x00080000, 0x20000810,
0x20000010, 0x20080000, 0x00080810, 0x00000000,
0x00000800, 0x20000010, 0x20000810, 0x20080800,
0x20080000, 0x00000810, 0x00000010, 0x20080010,
/* nibble 6 */
0x00001000, 0x00000080, 0x00400080, 0x00400001,
0x00401081, 0x00001001, 0x00001080, 0x00000000,
0x00400000, 0x00400081, 0x00000081, 0x00401000,
0x00000001, 0x00401080, 0x00401000, 0x00000081,
0x00400081, 0x00001000, 0x00001001, 0x00401081,
0x00000000, 0x00400080, 0x00400001, 0x00001080,
0x00401001, 0x00001081, 0x00401080, 0x00000001,
0x00001081, 0x00401001, 0x00000080, 0x00400000,
0x00001081, 0x00401000, 0x00401001, 0x00000081,
0x00001000, 0x00000080, 0x00400000, 0x00401001,
0x00400081, 0x00001081, 0x00001080, 0x00000000,
0x00000080, 0x00400001, 0x00000001, 0x00400080,
0x00000000, 0x00400081, 0x00400080, 0x00001080,
0x00000081, 0x00001000, 0x00401081, 0x00400000,
0x00401080, 0x00000001, 0x00001001, 0x00401081,
0x00400001, 0x00401080, 0x00401000, 0x00001001,
/* nibble 7 */
0x08200020, 0x08208000, 0x00008020, 0x00000000,
0x08008000, 0x00200020, 0x08200000, 0x08208020,
0x00000020, 0x08000000, 0x00208000, 0x00008020,
0x00208020, 0x08008020, 0x08000020, 0x08200000,
0x00008000, 0x00208020, 0x00200020, 0x08008000,
0x08208020, 0x08000020, 0x00000000, 0x00208000,
0x08000000, 0x00200000, 0x08008020, 0x08200020,
0x00200000, 0x00008000, 0x08208000, 0x00000020,
0x00200000, 0x00008000, 0x08000020, 0x08208020,
0x00008020, 0x08000000, 0x00000000, 0x00208000,
0x08200020, 0x08008020, 0x08008000, 0x00200020,
0x08208000, 0x00000020, 0x00200020, 0x08008000,
0x08208020, 0x00200000, 0x08200000, 0x08000020,
0x00208000, 0x00008020, 0x08008020, 0x08200000,
0x00000020, 0x08208000, 0x00208020, 0x00000000,
0x08000000, 0x08200020, 0x00008000, 0x00208020};

72
eBones/des/ofb_enc.c Normal file
View file

@ -0,0 +1,72 @@
/* ofb_enc.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: ofb_enc.c,v 1.2 1994/07/19 19:21:59 g89r4222 Exp $
*/
#include "des_locl.h"
/* The input and output are loaded in multiples of 8 bits.
* What this means is that if you hame numbits=12 and length=2
* the first 12 bits will be retrieved from the first byte and half
* the second. The second 12 bits will come from the 3rd and half the 4th
* byte.
*/
int des_ofb_encrypt(in,out,numbits,length,schedule,ivec)
unsigned char *in,*out;
int numbits;
long length;
des_key_schedule schedule;
des_cblock *ivec;
{
register unsigned long d0,d1,v0,v1,n=(numbits+7)/8;
register unsigned long mask0,mask1;
register long l=length;
register int num=numbits;
unsigned long ti[2];
unsigned char *iv;
if (num > 64) return(0);
if (num > 32)
{
mask0=0xffffffff;
if (num >= 64)
mask1=mask0;
else
mask1=(1L<<(num-32))-1;
}
else
{
if (num == 32)
mask0=0xffffffff;
else
mask0=(1L<<num)-1;
mask1=0x00000000;
}
iv=(unsigned char *)ivec;
c2l(iv,v0);
c2l(iv,v1);
ti[0]=v0;
ti[1]=v1;
while (l-- > 0)
{
des_encrypt((unsigned long *)ti,(unsigned long *)ti,
schedule,DES_ENCRYPT);
c2ln(in,d0,d1,n);
in+=n;
d0=(d0^ti[0])&mask0;
d1=(d1^ti[1])&mask1;
l2cn(d0,d1,out,n);
out+=n;
}
v0=ti[0];
v1=ti[1];
iv=(unsigned char *)ivec;
l2c(v0,iv);
l2c(v1,iv);
v0=v1=d0=d1=ti[0]=ti[1]=0;
return(0);
}

78
eBones/des/pcbc_enc.c Normal file
View file

@ -0,0 +1,78 @@
/* pcbc_enc.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: pcbc_enc.c,v 1.2 1994/07/19 19:22:01 g89r4222 Exp $
*/
#include "des_locl.h"
int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt)
des_cblock *input;
des_cblock *output;
register long length;
des_key_schedule schedule;
des_cblock *ivec;
int encrypt;
{
register unsigned long sin0,sin1,xor0,xor1,tout0,tout1;
unsigned long tin[2],tout[2];
unsigned char *in,*out,*iv;
in=(unsigned char *)input;
out=(unsigned char *)output;
iv=(unsigned char *)ivec;
if (encrypt)
{
c2l(iv,xor0);
c2l(iv,xor1);
for (; length>0; length-=8)
{
if (length >= 8)
{
c2l(in,sin0);
c2l(in,sin1);
}
else
c2ln(in,sin0,sin1,length);
tin[0]=sin0^xor0;
tin[1]=sin1^xor1;
des_encrypt((unsigned long *)tin,(unsigned long *)tout,
schedule,encrypt);
tout0=tout[0];
tout1=tout[1];
xor0=sin0^tout[0];
xor1=sin1^tout[1];
l2c(tout0,out);
l2c(tout1,out);
}
}
else
{
c2l(iv,xor0); c2l(iv,xor1);
for (; length>0; length-=8)
{
c2l(in,sin0);
c2l(in,sin1);
tin[0]=sin0;
tin[1]=sin1;
des_encrypt((unsigned long *)tin,(unsigned long *)tout,
schedule,encrypt);
tout0=tout[0]^xor0;
tout1=tout[1]^xor1;
if (length >= 8)
{
l2c(tout0,out);
l2c(tout1,out);
}
else
l2cn(tout0,tout1,out,length);
xor0=tout0^sin0;
xor1=tout1^sin1;
}
}
tin[0]=tin[1]=tout[0]=tout[1]=0;
sin0=sin1=xor0=xor1=tout0=tout1=0;
return(0);
}

93
eBones/des/qud_cksm.c Normal file
View file

@ -0,0 +1,93 @@
/* qud_cksm.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: qud_cksm.c,v 1.2 1994/07/19 19:22:02 g89r4222 Exp $
*/
/* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer
* IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40
* This module in only based on the code in this paper and is
* almost definitely not the same as the MIT implementation.
*/
#include "des_locl.h"
/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
#define B0(a) (((unsigned long)(a)))
#define B1(a) (((unsigned long)(a))<<8)
#define B2(a) (((unsigned long)(a))<<16)
#define B3(a) (((unsigned long)(a))<<24)
/* used to scramble things a bit */
/* Got the value MIT uses via brute force :-) 2/10/90 eay */
#define NOISE ((unsigned long)83653421)
unsigned long des_quad_cksum(input,output,length,out_count,seed)
des_cblock *input;
des_cblock *output;
long length;
int out_count;
des_cblock *seed;
{
unsigned long z0,z1,t0,t1;
int i;
long l=0;
unsigned char *cp;
unsigned char *lp;
if (out_count < 1) out_count=1;
lp=(unsigned char *)output;
z0=B0((*seed)[0])|B1((*seed)[1])|B2((*seed)[2])|B3((*seed)[3]);
z1=B0((*seed)[4])|B1((*seed)[5])|B2((*seed)[6])|B3((*seed)[7]);
for (i=0; ((i<4)&&(i<out_count)); i++)
{
cp=(unsigned char *)input;
l=length;
while (l > 0)
{
if (l > 1)
{
t0= (unsigned long)(*(cp++));
t0|=(unsigned long)B1(*(cp++));
l--;
}
else
t0= (unsigned long)(*(cp++));
l--;
/* add */
t0+=z0;
t0&=0xffffffff;
t1=z1;
/* square, well sort of square */
z0=((((t0*t0)&0xffffffff)+((t1*t1)&0xffffffff))
&0xffffffff)%0x7fffffff;
z1=((t0*((t1+NOISE)&0xffffffff))&0xffffffff)%0x7fffffff;
}
if (lp != NULL)
{
/* I believe I finally have things worked out.
* The MIT library assumes that the checksum
* is one huge number and it is returned in a
* host dependant byte order.
*/
static unsigned long l=1;
static unsigned char *c=(unsigned char *)&l;
if (c[0])
{
l2c(z0,lp);
l2c(z1,lp);
}
else
{
lp=output[out_count-i-1];
l2n(z1,lp);
l2n(z0,lp);
}
}
}
return(z0);
}

45
eBones/des/rand_key.c Normal file
View file

@ -0,0 +1,45 @@
/* rand_key.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: rand_key.c,v 1.2 1994/07/19 19:22:04 g89r4222 Exp $
*/
#include "des_locl.h"
int des_random_key(ret)
des_cblock ret;
{
des_key_schedule ks;
static unsigned long c=0;
static unsigned short pid=0;
static des_cblock data={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
des_cblock key;
unsigned char *p;
unsigned long t;
#ifdef MSDOS
pid=1;
#else
if (!pid) pid=getpid();
#endif
p=key;
t=(unsigned long)time(NULL);
l2c(t,p);
t=(unsigned long)((pid)|((c++)<<16));
l2c(t,p);
des_set_odd_parity((des_cblock *)data);
des_set__key((des_cblock *)data,ks);
des_cbc_cksum((des_cblock *)key,(des_cblock *)key,
(long)sizeof(key),ks,(des_cblock *)data);
des_set_odd_parity((des_cblock *)key);
des_cbc_cksum((des_cblock *)key,(des_cblock *)key,
(long)sizeof(key),ks,(des_cblock *)data);
bcopy(key,ret,sizeof(key));
bzero(key,sizeof(key));
bzero(ks,sizeof(ks));
t=0;
return(0);
}

333
eBones/des/read_pwd.c Normal file
View file

@ -0,0 +1,333 @@
/* read_pwd.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/* 06-Apr-92 Luke Brennan Support for VMS */
/*-
* $Id: read_pwd.c,v 1.2 1994/07/19 19:22:05 g89r4222 Exp $
*/
#include "des_locl.h"
#include <string.h>
#include <signal.h>
#include <setjmp.h>
#include <sys/param.h>
#ifdef BSD
#include <pwd.h>
extern char * getpass(const char * prompt);
#endif
#ifndef VMS
#ifndef MSDOS
#ifndef _IRIX
#ifdef CRAY
#include <termio.h>
#define sgttyb termio
#define sg_flags c_lflag
#else /* !CRAY */
#include <sgtty.h>
#endif
#include <sys/ioctl.h>
#else /* _IRIX */
struct sgttyb {
char sg_ispeed; /* input speed */
char sg_ospeed; /* output speed */
char sg_erase; /* erase character */
char sg_kill; /* kill character */
short sg_flags; /* mode flags */
};
#endif
#else /* MSDOS */
#define fgets(a,b,c) noecho_fgets(a,b,c)
#ifndef NSIG
#define NSIG 32
#endif
#endif
#else /* VMS */
#include <ssdef.h>
#include <iodef.h>
#include <ttdef.h>
#include <descrip.h>
struct IOSB {
short iosb$w_value;
short iosb$w_count;
long iosb$l_info;
};
#endif
static void read_till_nl();
static int read_pw();
static void recsig();
static void pushsig();
static void popsig();
#ifdef MSDOS
static int noecho_fgets();
#endif
static void (*savsig[NSIG])();
static jmp_buf save;
int des_read_password(key,prompt,verify)
des_cblock *key;
char *prompt;
int verify;
{
int ok;
char buf[BUFSIZ],buff[BUFSIZ];
if ((ok=read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
des_string_to_key(buf,key);
bzero(buf,BUFSIZ);
bzero(buff,BUFSIZ);
return(ok);
}
int des_read_2passwords(key1,key2,prompt,verify)
des_cblock *key1;
des_cblock *key2;
char *prompt;
int verify;
{
int ok;
char buf[BUFSIZ],buff[BUFSIZ];
if ((ok=read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
des_string_to_2keys(buf,key1,key2);
bzero(buf,BUFSIZ);
bzero(buff,BUFSIZ);
return(ok);
}
#if defined(BSD)
int des_read_pw_string(buf, length, prompt, verify)
char *buf;
int length;
char * prompt;
int verify;
{
int len = MIN(_PASSWORD_LEN, length);
char * s;
int ok = 0;
fflush(stdout);
while (!ok) {
s = getpass(prompt);
strncpy(buf, s, len);
if(verify) {
printf("\nVerifying password"); fflush(stdout);
if(strncmp(getpass(prompt), buf, len) != 0) {
printf("\nVerify failure - try again\n");
fflush(stdout);
continue;
}
}
ok = 1;
buf[len-1] = '\0';
}
return (!ok);
}
#else /* BSD */
int des_read_pw_string(buf,length,prompt,verify)
char *buf;
int length;
char *prompt;
int verify;
{
char buff[BUFSIZ];
int ret;
ret=read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
bzero(buff,BUFSIZ);
return(ret);
}
#endif
static void read_till_nl(in)
FILE *in;
{
#define SIZE 4
char buf[SIZE+1];
do {
fgets(buf,SIZE,in);
} while (index(buf,'\n') == NULL);
}
/* return 0 if ok, 1 (or -1) otherwise */
static int read_pw(buf,buff,size,prompt,verify)
char *buf,*buff;
int size;
char *prompt;
int verify;
{
#ifndef VMS
#ifndef MSDOS
struct sgttyb tty_orig,tty_new;
#endif /* !MSDOS */
#else
struct IOSB iosb;
$DESCRIPTOR(terminal,"TT");
long tty_orig[3], tty_new[3];
long status;
unsigned short channel = 0;
#endif
int ok=0;
char *p;
int ps=0;
FILE *tty;
#ifndef MSDOS
if ((tty=fopen("/dev/tty","r")) == NULL)
tty=stdin;
#else /* MSDOS */
if ((tty=fopen("con","r")) == NULL)
tty=stdin;
#endif /* MSDOS */
#ifndef VMS
#ifdef TIOCGETP
if (ioctl(fileno(tty),TIOCGETP,(char *)&tty_orig) == -1)
return(-1);
bcopy(&(tty_orig),&(tty_new),sizeof(tty_orig));
#endif
#else /* VMS */
status = SYS$ASSIGN(&terminal,&channel,0,0);
if (status != SS$_NORMAL)
return(-1);
status=SYS$QIOW(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0);
if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
return(-1);
#endif
if (setjmp(save))
{
ok=0;
goto error;
}
pushsig();
ps=1;
#ifndef VMS
#ifndef MSDOS
tty_new.sg_flags &= ~ECHO;
#endif /* !MSDOS */
#ifdef TIOCSETP
if (ioctl(fileno(tty),TIOCSETP,(char *)&tty_new) == -1)
return(-1);
#endif
#else /* VMS */
tty_new[0] = tty_orig[0];
tty_new[1] = tty_orig[1] | TT$M_NOECHO;
tty_new[2] = tty_orig[2];
status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
return(-1);
#endif /* VMS */
ps=2;
fflush(stdout);
fflush(stderr);
while (!ok)
{
fputs(prompt,stderr);
fflush(stderr);
buf[0]='\0';
fgets(buf,size,tty);
if (feof(tty)) goto error;
if ((p=(char *)index(buf,'\n')) != NULL)
*p='\0';
else read_till_nl(tty);
if (verify)
{
fprintf(stderr,"\nVerifying password %s",prompt);
fflush(stderr);
buff[0]='\0';
fgets(buff,size,tty);
if (feof(tty)) goto error;
if ((p=(char *)index(buff,'\n')) != NULL)
*p='\0';
else read_till_nl(tty);
if (strcmp(buf,buff) != 0)
{
fprintf(stderr,"\nVerify failure - try again\n");
fflush(stderr);
continue;
}
}
ok=1;
}
error:
fprintf(stderr,"\n");
/* What can we do if there is an error? */
#ifndef VMS
#ifdef TIOCSETP
if (ps >= 2) ioctl(fileno(tty),TIOCSETP,(char *)&tty_orig);
#endif
#else /* VMS */
if (ps >= 2)
status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0
,tty_orig,12,0,0,0,0);
#endif /* VMS */
if (ps >= 1) popsig();
if (stdin != tty) fclose(tty);
#ifdef VMS
status = SYS$DASSGN(channel);
#endif
return(!ok);
}
static void pushsig()
{
int i;
for (i=0; i<NSIG; i++)
savsig[i]=signal(i,recsig);
}
static void popsig()
{
int i;
for (i=0; i<NSIG; i++)
signal(i,savsig[i]);
}
static void recsig()
{
longjmp(save,1);
}
#ifdef MSDOS
static int noecho_fgets(buf,size,tty)
char *buf;
int size;
FILE *tty;
{
int i;
char *p;
p=buf;
for (;;)
{
if (size == 0)
{
*p='\0';
break;
}
size--;
i=getch();
if (i == '\r') i='\n';
*(p++)=i;
if (i == '\n')
{
*p='\0';
break;
}
}
}
#endif

190
eBones/des/set_key.c Normal file
View file

@ -0,0 +1,190 @@
/* set_key.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/* set_key.c v 1.4 eay 24/9/91
* 1.4 Speed up by 400% :-)
* 1.3 added register declarations.
* 1.2 unrolled make_key_sched a bit more
* 1.1 added norm_expand_bits
* 1.0 First working version
*/
/*-
* $Id: set_key.c,v 1.2 1994/07/19 19:22:07 g89r4222 Exp $
*/
#include "des_locl.h"
#include "podd.h"
#include "sk.h"
static int check_parity();
int des_check_key=0;
void des_set_odd_parity(key)
des_cblock *key;
{
int i;
for (i=0; i<DES_KEY_SZ; i++)
(*key)[i]=odd_parity[(*key)[i]];
}
static int check_parity(key)
des_cblock *key;
{
int i;
for (i=0; i<DES_KEY_SZ; i++)
{
if ((*key)[i] != odd_parity[(*key)[i]])
return(0);
}
return(1);
}
/* Weak and semi week keys as take from
* %A D.W. Davies
* %A W.L. Price
* %T Security for Computer Networks
* %I John Wiley & Sons
* %D 1984
* Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
* (and actual cblock values).
*/
#define NUM_WEAK_KEY 16
static des_cblock weak_keys[NUM_WEAK_KEY]={
/* weak keys */
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,
0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,
0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,
/* semi-weak keys */
0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,
0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,
0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1,
0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E,
0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,
0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01,
0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE,
0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,
0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,
0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01,
0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE,
0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1};
int des_is_weak_key(key)
des_cblock *key;
{
int i;
for (i=0; i<NUM_WEAK_KEY; i++)
/* Added == 0 to comparision, I obviously don't run
* this section very often :-(, thanks to
* engineering@MorningStar.Com for the fix
* eay 93/06/29 */
if (memcmp(weak_keys[i],key,sizeof(key)) == 0) return(1);
return(0);
}
/* NOW DEFINED IN des_local.h
* See ecb_encrypt.c for a pseudo description of these macros.
* #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
* (b)^=(t),\
* (a)=((a)^((t)<<(n))))
*/
#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
(a)=(a)^(t)^(t>>(16-(n))))
static char shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
/* return 0 if key parity is odd (correct),
* return -1 if key parity error,
* return -2 if illegal weak key.
*/
int des_set__key(key,schedule)
des_cblock *key;
des_key_schedule schedule;
{
register unsigned long c,d,t,s;
register unsigned char *in;
register unsigned long *k;
register int i;
if (des_check_key)
{
if (!check_parity(key))
return(-1);
if (des_is_weak_key(key))
return(-2);
}
k=(unsigned long *)schedule;
in=(unsigned char *)key;
c2l(in,c);
c2l(in,d);
/* do PC1 in 60 simple operations */
/* PERM_OP(d,c,t,4,0x0f0f0f0f);
HPERM_OP(c,t,-2, 0xcccc0000);
HPERM_OP(c,t,-1, 0xaaaa0000);
HPERM_OP(c,t, 8, 0x00ff0000);
HPERM_OP(c,t,-1, 0xaaaa0000);
HPERM_OP(d,t,-8, 0xff000000);
HPERM_OP(d,t, 8, 0x00ff0000);
HPERM_OP(d,t, 2, 0x33330000);
d=((d&0x00aa00aa)<<7)|((d&0x55005500)>>7)|(d&0xaa55aa55);
d=(d>>8)|((c&0xf0000000)>>4);
c&=0x0fffffff; */
/* I now do it in 47 simple operations :-)
* Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
* for the inspiration. :-) */
PERM_OP (d,c,t,4,0x0f0f0f0f);
HPERM_OP(c,t,-2,0xcccc0000);
HPERM_OP(d,t,-2,0xcccc0000);
PERM_OP (d,c,t,1,0x55555555);
PERM_OP (c,d,t,8,0x00ff00ff);
PERM_OP (d,c,t,1,0x55555555);
d= (((d&0x000000ff)<<16)| (d&0x0000ff00) |
((d&0x00ff0000)>>16)|((c&0xf0000000)>>4));
c&=0x0fffffff;
for (i=0; i<ITERATIONS; i++)
{
if (shifts2[i])
{ c=((c>>2)|(c<<26)); d=((d>>2)|(d<<26)); }
else
{ c=((c>>1)|(c<<27)); d=((d>>1)|(d<<27)); }
c&=0x0fffffff;
d&=0x0fffffff;
/* could be a few less shifts but I am to lazy at this
* point in time to investigate */
s= des_skb[0][ (c )&0x3f ]|
des_skb[1][((c>> 6)&0x03)|((c>> 7)&0x3c)]|
des_skb[2][((c>>13)&0x0f)|((c>>14)&0x30)]|
des_skb[3][((c>>20)&0x01)|((c>>21)&0x06) |
((c>>22)&0x38)];
t= des_skb[4][ (d )&0x3f ]|
des_skb[5][((d>> 7)&0x03)|((d>> 8)&0x3c)]|
des_skb[6][ (d>>15)&0x3f ]|
des_skb[7][((d>>21)&0x0f)|((d>>22)&0x30)];
/* table contained 0213 4657 */
*(k++)=((t<<16)|(s&0x0000ffff))&0xffffffff;
s= ((s>>16)|(t&0xffff0000));
s=(s<<4)|(s>>28);
*(k++)=s&0xffffffff;
}
return(0);
}
int des_key_sched(key,schedule)
des_cblock *key;
des_key_schedule schedule;
{
return(des_set__key(key,schedule));
}

121
eBones/des/str2key.c Normal file
View file

@ -0,0 +1,121 @@
/* str2key.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
/*-
* $Id: str2key.c,v 1.2 1994/07/19 19:22:08 g89r4222 Exp $
*/
#include "des_locl.h"
extern int des_check_key;
int des_string_to_key(str,key)
char *str;
des_cblock *key;
{
des_key_schedule ks;
int i,length;
register unsigned char j;
bzero(key,8);
length=strlen(str);
#ifdef OLD_STR_TO_KEY
for (i=0; i<length; i++)
(*key)[i%8]^=(str[i]<<1);
#else /* MIT COMPATIBLE */
for (i=0; i<length; i++)
{
j=str[i];
if ((i%16) < 8)
(*key)[i%8]^=(j<<1);
else
{
/* Reverse the bit order 05/05/92 eay */
j=((j<<4)&0xf0)|((j>>4)&0x0f);
j=((j<<2)&0xcc)|((j>>2)&0x33);
j=((j<<1)&0xaa)|((j>>1)&0x55);
(*key)[7-(i%8)]^=j;
}
}
#endif
des_set_odd_parity((des_cblock *)key);
i=des_check_key;
des_check_key=0;
des_set__key((des_cblock *)key,ks);
des_check_key=i;
des_cbc_cksum((des_cblock *)str,(des_cblock *)key,(long)length,ks,
(des_cblock *)key);
bzero(ks,sizeof(ks));
des_set_odd_parity((des_cblock *)key);
return(0);
}
int des_string_to_2keys(str,key1,key2)
char *str;
des_cblock *key1,*key2;
{
des_key_schedule ks;
int i,length;
register unsigned char j;
bzero(key1,8);
bzero(key2,8);
length=strlen(str);
#ifdef OLD_STR_TO_KEY
if (length <= 8)
{
for (i=0; i<length; i++)
{
(*key2)[i]=(*key1)[i]=(str[i]<<1);
}
}
else
{
for (i=0; i<length; i++)
{
if ((i/8)&1)
(*key2)[i%8]^=(str[i]<<1);
else
(*key1)[i%8]^=(str[i]<<1);
}
}
#else /* MIT COMPATIBLE */
for (i=0; i<length; i++)
{
j=str[i];
if ((i%32) < 16)
{
if ((i%16) < 8)
(*key1)[i%8]^=(j<<1);
else
(*key2)[i%8]^=(j<<1);
}
else
{
j=((j<<4)&0xf0)|((j>>4)&0x0f);
j=((j<<2)&0xcc)|((j>>2)&0x33);
j=((j<<1)&0xaa)|((j>>1)&0x55);
if ((i%16) < 8)
(*key1)[7-(i%8)]^=j;
else
(*key2)[7-(i%8)]^=j;
}
}
if (length <= 8) bcopy(key1,key2,8);
#endif
des_set_odd_parity((des_cblock *)key1);
des_set_odd_parity((des_cblock *)key2);
i=des_check_key;
des_check_key=0;
des_set__key((des_cblock *)key1,ks);
des_cbc_cksum((des_cblock *)str,(des_cblock *)key1,(long)length,ks,
(des_cblock *)key1);
des_set__key((des_cblock *)key2,ks);
des_cbc_cksum((des_cblock *)str,(des_cblock *)key2,(long)length,ks,
(des_cblock *)key2);
des_check_key=i;
bzero(ks,sizeof(ks));
des_set_odd_parity(key1);
des_set_odd_parity(key2);
return(0);
}

9
eBones/des/test/Makefile Normal file
View file

@ -0,0 +1,9 @@
# from: @(#)Makefile 5.4 (Berkeley) 5/11/90
# $Id: Makefile,v 1.2 1994/07/19 19:22:28 g89r4222 Exp $
PROG= destest
CFLAGS+= -I${.CURDIR}/../include
DPADD= ${LIBDES}
LDADD= -ldes
.include <bsd.prog.mk>

365
eBones/des/test/destest.c Normal file
View file

@ -0,0 +1,365 @@
/* destest.c */
/* Copyright (C) 1993 Eric Young - see README for more details */
#include <stdio.h>
#include "des_locl.h" /* for des.h and bcopy macros */
/* tisk tisk - the test keys don't all have odd parity :-( */
/* test data */
#define NUM_TESTS 34
static unsigned char key_data[NUM_TESTS][8]={
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,
0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57,
0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E,
0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86,
0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E,
0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6,
0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE,
0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6,
0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE,
0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16,
0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F,
0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46,
0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E,
0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76,
0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07,
0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F,
0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7,
0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF,
0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6,
0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E,
0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10};
static unsigned char plain_data[NUM_TESTS][8]={
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42,
0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA,
0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72,
0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A,
0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2,
0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A,
0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2,
0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A,
0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02,
0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A,
0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32,
0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA,
0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62,
0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2,
0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA,
0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92,
0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A,
0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2,
0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A,
0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF};
static unsigned char cipher_data[NUM_TESTS][8]={
0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7,
0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58,
0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B,
0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33,
0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D,
0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD,
0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7,
0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4,
0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B,
0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71,
0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A,
0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A,
0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95,
0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B,
0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09,
0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A,
0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F,
0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88,
0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77,
0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A,
0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56,
0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56,
0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56,
0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC,
0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A,
0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41,
0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93,
0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00,
0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06,
0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7,
0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51,
0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE,
0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D,
0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2};
static unsigned char cbc_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
static unsigned char cbc_iv[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
static unsigned char cbc_data[40]="7654321 Now is the time for ";
static unsigned char cbc_ok[32]={
0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
0xac,0xd8,0xae,0xfd,0xdf,0xd8,0xa1,0xeb,
0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68,
0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
static unsigned char pcbc_ok[32]={
0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
0x6d,0xec,0xb4,0x70,0xa0,0xe5,0x6b,0x15,
0xae,0xa6,0xbf,0x61,0xed,0x7d,0x9c,0x9f,
0xf7,0x17,0x46,0x3b,0x8a,0xb3,0xcc,0x88};
static unsigned char cksum_ok[8]={
0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
static unsigned char cfb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
static unsigned char cfb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
static unsigned char cfb_buf1[24],cfb_buf2[24],cfb_tmp[8];
static unsigned char cfb_plain[24]=
{
0x4e,0x6f,0x77,0x20,0x69,0x73,
0x20,0x74,0x68,0x65,0x20,0x74,
0x69,0x6d,0x65,0x20,0x66,0x6f,
0x72,0x20,0x61,0x6c,0x6c,0x20
};
static unsigned char cfb_cipher[24]=
{
0xf3,0x1f,0xda,0x07,0x01,0x14,
0x62,0xee,0x18,0x7f,0x43,0xd8,
0x0a,0x7c,0xd9,0xb5,0xb0,0xd2,
0x90,0xda,0x6e,0x5b,0x9a,0x87
};
static unsigned char ofb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
static unsigned char ofb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
static unsigned char ofb_plain[24]=
{
0x4e,0x6f,0x77,0x20,0x69,0x73,
0x20,0x74,0x68,0x65,0x20,0x74,
0x69,0x6d,0x65,0x20,0x66,0x6f,
0x72,0x20,0x61,0x6c,0x6c,0x20
};
static unsigned char ofb_buf1[24],ofb_buf2[24],ofb_tmp[8];
static unsigned char ofb_cipher[24]=
{
0xf3,0x09,0x62,0x49,0xc7,0xf4,0x6e,0x51,
0x35,0xf2,0x4a,0x24,0x2e,0xeb,0x3d,0x3f,
0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3
};
char *malloc();
char *pt();
main()
{
int i,j;
des_cblock in,out,outin;
des_key_schedule ks;
unsigned char cbc_in[40],cbc_out[40];
unsigned long cs;
unsigned char qret[4][4];
unsigned long lqret[4];
char *str;
printf("Doing ecb\n");
for (i=0; i<NUM_TESTS; i++)
{
if ((j=key_sched((C_Block *)(key_data[i]),ks)) != 0)
printf("Key error %2d:%d\n",i+1,j);
bcopy(plain_data[i],in,8);
bzero(out,8);
bzero(outin,8);
des_ecb_encrypt((C_Block *)in,(C_Block *)out,ks,DES_ENCRYPT);
des_ecb_encrypt((C_Block *)out,(C_Block *)outin,ks,DES_DECRYPT);
if (bcmp(out,cipher_data[i],8) != 0)
{
printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]),
pt(out));
}
if (bcmp(in,outin,8) != 0)
{
printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
}
}
printf("Doing cbc\n");
if ((j=key_sched((C_Block *)cbc_key,ks)) != 0)
printf("Key error %2d:%d\n",i+1,j);
bzero(cbc_out,40);
bzero(cbc_in,40);
des_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
(long)strlen(cbc_data),ks,(C_Block *)cbc_iv,DES_ENCRYPT);
if (bcmp(cbc_out,cbc_ok,32) != 0)
printf("cbc_encrypt encrypt error\n");
des_cbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
(long)strlen(cbc_data),ks,(C_Block *)cbc_iv,DES_DECRYPT);
if (bcmp(cbc_in,cbc_data,32) != 0)
printf("cbc_encrypt decrypt error\n");
printf("Doing pcbc\n");
if ((j=key_sched((C_Block *)cbc_key,ks)) != 0)
printf("Key error %2d:%d\n",i+1,j);
bzero(cbc_out,40);
bzero(cbc_in,40);
des_pcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
(long)strlen(cbc_data),ks,(C_Block *)cbc_iv,DES_ENCRYPT);
if (bcmp(cbc_out,pcbc_ok,32) != 0)
printf("pcbc_encrypt encrypt error\n");
des_pcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
(long)strlen(cbc_data),ks,(C_Block *)cbc_iv,DES_DECRYPT);
if (bcmp(cbc_in,cbc_data,32) != 0)
printf("pcbc_encrypt decrypt error\n");
printf("Doing cfb\n");
key_sched((C_Block *)cfb_key,ks);
bcopy(cfb_iv,cfb_tmp,sizeof(cfb_iv));
des_cfb_encrypt(cfb_plain,cfb_buf1,8,(long)sizeof(cfb_plain),ks,
(C_Block *)cfb_tmp,DES_ENCRYPT);
if (bcmp(cfb_cipher,cfb_buf1,sizeof(cfb_buf1)) != 0)
printf("cfb_encrypt encrypt error\n");
bcopy(cfb_iv,cfb_tmp,sizeof(cfb_iv));
des_cfb_encrypt(cfb_buf1,cfb_buf2,8,(long)sizeof(cfb_buf1),ks,
(C_Block *)cfb_tmp,DES_DECRYPT);
if (bcmp(cfb_plain,cfb_buf2,sizeof(cfb_buf2)) != 0)
printf("cfb_encrypt decrypt error\n");
bcopy(cfb_iv,cfb_tmp,sizeof(cfb_iv));
for (i=0; i<sizeof(cfb_plain); i++)
des_cfb_encrypt(&(cfb_plain[i]),&(cfb_buf1[i]),
8,(long)1,ks,(C_Block *)cfb_tmp,DES_ENCRYPT);
if (bcmp(cfb_cipher,cfb_buf1,sizeof(cfb_buf1)) != 0)
printf("cfb_encrypt small encrypt error\n");
bcopy(cfb_iv,cfb_tmp,sizeof(cfb_iv));
for (i=0; i<sizeof(cfb_plain); i++)
des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]),
8,(long)1,ks,(C_Block *)cfb_tmp,DES_DECRYPT);
if (bcmp(cfb_plain,cfb_buf2,sizeof(cfb_buf2)) != 0)
printf("cfb_encrypt small decrypt error\n");
printf("Doing ofb\n");
key_sched((C_Block *)ofb_key,ks);
bcopy(ofb_iv,ofb_tmp,sizeof(ofb_iv));
des_ofb_encrypt(ofb_plain,ofb_buf1,64,(long)sizeof(cfb_plain)/8,ks,
(C_Block *)ofb_tmp);
if (bcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
printf("ofb_encrypt encrypt error\n");
bcopy(ofb_iv,ofb_tmp,sizeof(ofb_iv));
des_ofb_encrypt(ofb_buf1,ofb_buf2,64,(long)sizeof(ofb_buf1)/8,ks,
(C_Block *)ofb_tmp);
if (bcmp(ofb_plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
printf("ofb_encrypt decrypt error\n");
printf("Doing cbc_cksum\n");
des_cbc_cksum((C_Block *)cbc_data,(C_Block *)cbc_out,
(long)strlen(cbc_data),ks,(C_Block *)cbc_iv);
if (bcmp(cbc_out,cksum_ok,8) != 0)
printf("cbc_cksum error\n");
printf("Doing quad_cksum\n");
cs=quad_cksum((C_Block *)cbc_data,(C_Block *)qret,
(long)strlen(cbc_data),2,(C_Block *)cbc_iv);
for (i=0; i<4; i++)
{
lqret[i]=0;
bcopy(&(qret[i][0]),&(lqret[i]),4);
}
{ /* Big-endian fix */
static unsigned long l=1;
static unsigned char *c=(unsigned char *)&l;
unsigned long ll;
if (!c[0])
{
ll=lqret[0]^lqret[3];
lqret[0]^=ll;
lqret[3]^=ll;
ll=lqret[1]^lqret[2];
lqret[1]^=ll;
lqret[2]^=ll;
}
}
if (cs != 0x70d7a63a)
printf("quad_cksum error, ret %08x should be 70d7a63a\n",cs);
if (lqret[0] != 0x327eba8d)
printf("quad_cksum error, out[0] %08x is not %08x\n",
lqret[0],0x327eba8d);
if (lqret[1] != 0x201a49cc)
printf("quad_cksum error, out[1] %08x is not %08x\n",
lqret[1],0x201a49cc);
if (lqret[2] != 0x70d7a63a)
printf("quad_cksum error, out[2] %08x is not %08x\n",
lqret[2],0x70d7a63a);
if (lqret[3] != 0x501c2c26)
printf("quad_cksum error, out[3] %08x is not %08x\n",
lqret[3],0x501c2c26);
printf("input word alignment test");
for (i=0; i<4; i++)
{
printf(" %d",i);
des_cbc_encrypt((C_Block *)&(cbc_out[i]),(C_Block *)cbc_in,
(long)strlen(cbc_data),ks,(C_Block *)cbc_iv,
DES_ENCRYPT);
}
printf("\noutput word alignment test");
for (i=0; i<4; i++)
{
printf(" %d",i);
des_cbc_encrypt((C_Block *)cbc_out,(C_Block *)&(cbc_in[i]),
(long)strlen(cbc_data),ks,(C_Block *)cbc_iv,
DES_ENCRYPT);
}
printf("\n");
printf("fast crypt test ");
str=crypt("testing","ef");
if (strcmp("efGnQx2725bI2",str) != 0)
printf("fast crypt error, %x should be efGnQx2725bI2\n",str);
str=crypt("bca76;23","yA");
if (strcmp("yA1Rp/1hZXIJk",str) != 0)
printf("fast crypt error, %x should be yA1Rp/1hZXIJk\n",str);
printf("\n");
exit(0);
}
char *pt(p)
unsigned char *p;
{
char *ret;
int i;
static char *f="0123456789ABCDEF";
ret=(char *)malloc(17);
for (i=0; i<8; i++)
{
ret[i*2]=f[(p[i]>>4)&0xf];
ret[i*2+1]=f[p[i]&0xf];
}
ret[16]='\0';
return(ret);
}

10
eBones/ext_srvtab/Makefile Normal file
View file

@ -0,0 +1,10 @@
# From: @(#)Makefile 5.1 (Berkeley) 6/25/90
# $Id: Makefile,v 1.2 1994/07/19 19:22:34 g89r4222 Exp $
PROG= ext_srvtab
CFLAGS+=-DKERBEROS -I${.CURDIR}/../include
DPADD= ${LIBKDB} ${LIBKRB} ${LIBDES}
LDADD+= -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb -L${DESOBJDIR} -ldes
NOMAN= noman
.include <bsd.prog.mk>

63
eBones/ext_srvtab/ext_srvtab.8 Normal file
View file

@ -0,0 +1,63 @@
.\" from: ext_srvtab.8,v 4.2 89/07/18 16:53:18 jtkohl Exp $
.\" $Id: ext_srvtab.8,v 1.2 1994/07/19 19:27:20 g89r4222 Exp $
.\" Copyright 1989 by the Massachusetts Institute of Technology.
.\"
.\" For copying and distribution information,
.\" please see the file <Copyright.MIT>.
.\"
.TH EXT_SRVTAB 8 "Kerberos Version 4.0" "MIT Project Athena"
.SH NAME
ext_srvtab \- extract service key files from Kerberos key distribution center database
.SH SYNOPSIS
ext_srvtab [
.B \-n
] [
.B \-r realm
] [
.B hostname ...
]
.SH DESCRIPTION
.I ext_srvtab
extracts service key files from the Kerberos key distribution center
(KDC) database.
.PP
Upon execution, it prompts the user to enter the master key string for
the database. If the
.B \-n
option is specified, the master key is instead fetched from the master
key cache file.
.PP
For each
.I hostname
specified on the command line,
.I ext_srvtab
creates the service key file
.IR hostname -new-srvtab,
containing all the entries in the database with an instance field of
.I hostname.
This new file contains all the keys registered for Kerberos-mediated
service providing programs which use the
.IR krb_get_phost (3)
principal and instance conventions to run on the host
.IR hostname .
If the
.B \-r
option is specified, the realm fields in the extracted file will
match the given realm rather than the local realm.
.SH DIAGNOSTICS
.TP 20n
"verify_master_key: Invalid master key, does not match database."
The master key string entered was incorrect.
.SH FILES
.TP 20n
.IR hostname -new-srvtab
Service key file generated for
.I hostname
.TP
/kerberos/principal.pag, /kerberos/principal.dir
DBM files containing database
.TP
/.k
Master key cache file.
.SH SEE ALSO
read_service_key(3), krb_get_phost(3)

164
eBones/ext_srvtab/ext_srvtab.c Normal file
View file

@ -0,0 +1,164 @@
/*
* Copyright 1987, 1988 by the Massachusetts Institute of Technology.
*
* from: ext_srvtab.c,v 4.1 89/07/18 16:49:30 jtkohl Exp $
* $Id: ext_srvtab.c,v 1.2 1994/07/19 19:22:36 g89r4222 Exp $
*/
#ifndef lint
static char rcsid[] =
"$Id: ext_srvtab.c,v 1.2 1994/07/19 19:22:36 g89r4222 Exp $";
#endif lint
#include <stdio.h>
#include <sys/file.h>
#include <sys/types.h>
#include <sys/time.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <signal.h>
#include <des.h>
#include <krb.h>
#include <krb_db.h>
#define TRUE 1
#define FALSE 0
static C_Block master_key;
static C_Block session_key;
static Key_schedule master_key_schedule;
char progname[] = "ext_srvtab";
char realm[REALM_SZ];
main(argc, argv)
int argc;
char *argv[];
{
FILE *fout;
char fname[1024];
int fopen_errs = 0;
int arg;
Principal princs[40];
int more;
int prompt = TRUE;
register int n, i;
bzero(realm, sizeof(realm));
/* Parse commandline arguments */
if (argc < 2)
usage();
else {
for (i = 1; i < argc; i++) {
if (strcmp(argv[i], "-n") == 0)
prompt = FALSE;
else if (strcmp(argv[i], "-r") == 0) {
if (++i >= argc)
usage();
else {
strcpy(realm, argv[i]);
/*
* This is to humor the broken way commandline
* argument parsing is done. Later, this
* program ignores everything that starts with -.
*/
argv[i][0] = '-';
}
}
else if (argv[i][0] == '-')
usage();
else
if (!k_isinst(argv[i])) {
fprintf(stderr, "%s: bad instance name: %s\n",
progname, argv[i]);
usage();
}
}
}
if (kdb_get_master_key (prompt, master_key, master_key_schedule) != 0) {
fprintf (stderr, "Couldn't read master key.\n");
fflush (stderr);
exit(1);
}
if (kdb_verify_master_key (master_key, master_key_schedule, stderr) < 0) {
exit(1);
}
/* For each arg, search for instances of arg, and produce */
/* srvtab file */
if (!realm[0])
if (krb_get_lrealm(realm, 1) != KSUCCESS) {
fprintf(stderr, "%s: couldn't get local realm\n", progname);
exit(1);
}
(void) umask(077);
for (arg = 1; arg < argc; arg++) {
if (argv[arg][0] == '-')
continue;
sprintf(fname, "%s-new-srvtab", argv[arg]);
if ((fout = fopen(fname, "w")) == NULL) {
fprintf(stderr, "Couldn't create file '%s'.\n", fname);
fopen_errs++;
continue;
}
printf("Generating '%s'....\n", fname);
n = kerb_get_principal("*", argv[arg], &princs[0], 40, &more);
if (more)
fprintf(stderr, "More than 40 found...\n");
for (i = 0; i < n; i++) {
FWrite(princs[i].name, strlen(princs[i].name) + 1, 1, fout);
FWrite(princs[i].instance, strlen(princs[i].instance) + 1,
1, fout);
FWrite(realm, strlen(realm) + 1, 1, fout);
FWrite(&princs[i].key_version,
sizeof(princs[i].key_version), 1, fout);
bcopy(&princs[i].key_low, session_key, sizeof(long));
bcopy(&princs[i].key_high, session_key + sizeof(long),
sizeof(long));
kdb_encrypt_key (session_key, session_key,
master_key, master_key_schedule, DES_DECRYPT);
FWrite(session_key, sizeof session_key, 1, fout);
}
fclose(fout);
}
StampOutSecrets();
exit(fopen_errs); /* 0 errors if successful */
}
Die()
{
StampOutSecrets();
exit(1);
}
FWrite(p, size, n, f)
char *p;
int size;
int n;
FILE *f;
{
if (fwrite(p, size, n, f) != n) {
printf("Error writing output file. Terminating.\n");
Die();
}
}
StampOutSecrets()
{
bzero(master_key, sizeof master_key);
bzero(session_key, sizeof session_key);
bzero(master_key_schedule, sizeof master_key_schedule);
}
usage()
{
fprintf(stderr,
"Usage: %s [-n] [-r realm] instance [instance ...]\n", progname);
exit(1);
}

25
eBones/include/ChangeLog Normal file
View file

@ -0,0 +1,25 @@
# $Id: ChangeLog,v 1.2 1994/07/19 19:22:41 g89r4222 Exp $
Mon Mar 21 15:48:59 MET 1994 Piero Serini
* 1st port to FreeBSD
Tue Nov 29 11:52:51 1988 John T Kohl (jtkohl at lycus)
* osconf.h: add #ifdef's for SUN processors (bsd/m68k)
* conf-bsdm68k.h: new file for BSD unix/M68000-based unix boxes
Mon Sep 12 14:33:58 1988 Bill Sommerfeld (wesommer at ra)
* des_conf.h: deleted file (superceded by conf.h)
* des.h: remove #include of des_conf.h
* des.h: remove internal details (sbox structure, bit_{32,64}) from
interface.
Rename data types.
Add #defines, turned off if NCOMPAT, for compatibility with old
versions.

17
eBones/include/Makefile Normal file
View file

@ -0,0 +1,17 @@
# from: @(#)Makefile 5.1 (Berkeley) 6/25/90
# $Id: Makefile,v 1.3 1994/09/09 21:43:35 g89r4222 Exp $
FILES= des.h kadm.h kparse.h krb.h krb_db.h
# mit-copyright.h kadm_err.h krb_err.h
NOOBJ= noobj
NOMAN= noman
all include clean cleandir depend lint tags:
beforeinstall:
install -c -o ${BINOWN} -g ${BINGRP} -m 444 \
${FILES} ${DESTDIR}/usr/include/kerberosIV
.include <bsd.prog.mk>

35
eBones/include/addr_comp.h Normal file
View file

@ -0,0 +1,35 @@
/*
* Copyright 1987, 1988, 1989 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Include file for address comparison macros.
*
* from: addr_comp.h,v 4.0 89/01/23 09:57:44 jtkohl Exp $
* $Id: addr_comp.h,v 1.2 1994/07/19 19:22:44 g89r4222 Exp $
*/
#ifndef ADDR_COMP_DEFS
#define ADDR_COMP_DEFS
/*
** Look boys and girls, a big kludge
** We need to compare the two internet addresses in network byte order, not
** local byte order. This is a *really really slow way of doing that*
** But.....
** .....it works
** so we run with it
**
** long_less_than gets fed two (u_char *)'s....
*/
#define u_char_comp(x,y) \
(((x)>(y))?(1):(((x)==(y))?(0):(-1)))
#define long_less_than(x,y) \
(u_char_comp((x)[0],(y)[0])?u_char_comp((x)[0],(y)[0]): \
(u_char_comp((x)[1],(y)[1])?u_char_comp((x)[1],(y)[1]): \
(u_char_comp((x)[2],(y)[2])?u_char_comp((x)[2],(y)[2]): \
(u_char_comp((x)[3],(y)[3])))))
#endif /* ADDR_COMP_DEFS */

42
eBones/include/admin_server.h Normal file
View file

@ -0,0 +1,42 @@
/*
* Copyright 1987, 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Include file for the Kerberos administration server.
*
* from: admin_server.h,v 4.7 89/01/11 11:59:42 steiner Exp $
* $Id: admin_server.h,v 1.2 1994/07/19 19:22:47 g89r4222 Exp $
*/
#ifndef ADMIN_SERVER_DEFS
#define ADMIN_SERVER_DEFS
#define PW_SRV_VERSION 2 /* version number */
#define INSTALL_NEW_PW (1<<0) /*
* ver, cmd, name, password,
* old_pass, crypt_pass, uid
*/
#define ADMIN_NEW_PW (2<<1) /*
* ver, cmd, name, passwd,
* old_pass
* (grot), crypt_pass (grot)
*/
#define ADMIN_SET_KDC_PASSWORD (3<<1) /* ditto */
#define ADMIN_ADD_NEW_KEY (4<<1) /* ditto */
#define ADMIN_ADD_NEW_KEY_ATTR (5<<1) /*
* ver, cmd, name, passwd,
* inst, attr (grot)
*/
#define INSTALL_REPLY (1<<1) /* ver, cmd, name, password */
#define RETRY_LIMIT 1
#define TIME_OUT 30
#define USER_TIMEOUT 90
#define MAX_KPW_LEN 40
#define KADM "changepw" /* service name */
#endif /* ADMIN_SERVER_DEFS */

16
eBones/include/conf-bsd386i.h Normal file
View file

@ -0,0 +1,16 @@
/*
* Copyright 1989 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Machine-type definitions: Sun 386i using SunOS (~BSD)
*
* from: conf-bsd386i.h,v 4.0 89/12/19 13:26:55 jtkohl Exp $
* $Id: conf-bsd386i.h,v 1.2 1994/07/19 19:22:48 g89r4222 Exp $
*/
#define BITS32
#define BIG
#define LSBFIRST
#define BSDUNIX

21
eBones/include/conf-bsdapollo.h Normal file
View file

@ -0,0 +1,21 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* from: conf-bsdapollo.h,v 4.1 89/01/24 14:26:22 jtkohl Exp $
* $Id: conf-bsdapollo.h,v 1.2 1994/07/19 19:22:50 g89r4222 Exp $
*/
#define BSDUNIX
#define BITS32
#define BIG
#define MSBFIRST
#define DES_SHIFT_SHIFT
/*
* As of SR10, the C compiler claims to be __STDC__, but doesn't support
* const. Sigh.
*/
#define const

18
eBones/include/conf-bsdibm032.h Normal file
View file

@ -0,0 +1,18 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Machine-type definitions: IBM 032 (RT/PC)
*
* from: conf-bsdibm032.h,v 4.0 89/01/23 09:58:01 jtkohl Exp $
* $Id: conf-bsdibm032.h,v 1.2 1994/07/19 19:22:51 g89r4222 Exp $
*/
#define BSDUNIX
#define IBMWS
#define IBMWSASM
#define BITS32
#define BIG
#define MSBFIRST
#define MUSTALIGN

16
eBones/include/conf-bsdm68k.h Normal file
View file

@ -0,0 +1,16 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Machine-type definitions: 68000 with BSD Unix, e.g. SUN
*
* from: conf-bsdm68k.h,v 4.0 88/11/29 11:46:58 jtkohl Exp $
* $Id: conf-bsdm68k.h,v 1.2 1994/07/19 19:22:53 g89r4222 Exp $
*/
#define BITS32
#define BIG
#define MSBFIRST
#define BSDUNIX

17
eBones/include/conf-bsdsparc.h Normal file
View file

@ -0,0 +1,17 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Machine-type definitions: SPARC with BSD Unix, e.g. SUN-4
*
* from: conf-bsdsparc.h,v 4.0 89/06/02 13:04:06 jtkohl Exp $
* $Id: conf-bsdsparc.h,v 1.2 1994/07/19 19:22:54 g89r4222 Exp $
*/
#define BITS32
#define BIG
#define MSBFIRST
#define BSDUNIX
#define MUSTALIGN

16
eBones/include/conf-bsdtahoe.h Normal file
View file

@ -0,0 +1,16 @@
/*
* Copyright 1989 by the Regents of the University of California
*
* Machine Description : TAHOE.
*
* from: conf-bsdtahoe.h,v 4.0 89/08/30 11:06:53 jtkohl Exp $
* $Id: conf-bsdtahoe.h,v 1.2 1994/07/19 19:22:56 g89r4222 Exp $
*/
#define TAHOE
#define BSDUNIX
#define BITS32
#define BIG
#define MSBFIRST
#define MUSTALIGN
#define NOASM

22
eBones/include/conf-bsdvax.h Normal file
View file

@ -0,0 +1,22 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Machine-type definitions: VAX
*
* from: conf-bsdvax.h,v 4.0 89/01/23 09:58:12 jtkohl Exp $
* $Id: conf-bsdvax.h,v 1.2 1994/07/19 19:22:57 g89r4222 Exp $
*/
#define VAX
#define BITS32
#define BIG
#define LSBFIRST
#define BSDUNIX
#ifndef __STDC__
#ifndef NOASM
#define VAXASM
#endif /* no assembly */
#endif /* standard C */

15
eBones/include/conf-ibm370.h Normal file
View file

@ -0,0 +1,15 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Machine-type definitions: IBM 370
*
* from: conf-ibm370.h,v 4.0 89/01/23 09:58:19 jtkohl Exp $
* $Id: conf-ibm370.h,v 1.2 1994/07/19 19:22:59 g89r4222 Exp $
*/
/* What else? */
#define BIG
#define NONASCII
#define SHORTNAMES

16
eBones/include/conf-pc.h Normal file
View file

@ -0,0 +1,16 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Machine-type definitions: IBM PC 8086
*
* from: conf-pc.h,v 4.0 89/01/23 09:58:26 jtkohl Exp $
* $Id: conf-pc.h,v 1.2 1994/07/19 19:23:00 g89r4222 Exp $
*
*/
#define IBMPC
#define BITS16
#define CROSSMSDOS
#define LSBFIRST

15
eBones/include/conf-pyr.h Normal file
View file

@ -0,0 +1,15 @@
/*
* Copyright 1989 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Machine-type definitions: Pyramid
*
* from: conf-pyr.h,v 4.0 89/12/19 13:27:16 jtkohl Exp $
* $Id: conf-pyr.h,v 1.2 1994/07/19 19:23:02 g89r4222 Exp $
*/
#define BITS32
#define BIG
#define MSBFIRST
#define BSDUNIX

17
eBones/include/conf-ultmips2.h Normal file
View file

@ -0,0 +1,17 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Machine-type definitions: DECstation 3100 (MIPS R2000)
*
* from: conf-ultmips2.h,v 4.0 89/01/23 09:58:32 jtkohl Exp $
* $Id: conf-ultmips2.h,v 1.2 1994/07/19 19:23:03 g89r4222 Exp $
*/
#define MIPS2
#define BITS32
#define BIG
#define LSBFIRST
#define BSDUNIX
#define MUSTALIGN

73
eBones/include/conf.h Normal file
View file

@ -0,0 +1,73 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Configuration info for operating system, hardware description,
* language implementation, C library, etc.
*
* This file should be included in (almost) every file in the Kerberos
* sources, and probably should *not* be needed outside of those
* sources. (How do we deal with /usr/include/des.h and
* /usr/include/krb.h?)
*
* from: conf.h,v 4.0 89/01/23 09:58:40 jtkohl Exp $
* $Id: conf.h,v 1.2 1994/07/19 19:23:05 g89r4222 Exp $
*/
#ifndef _CONF_H_
#include "osconf.h"
#ifdef SHORTNAMES
#include "names.h"
#endif
/*
* Language implementation-specific definitions
*/
/* special cases */
#ifdef __HIGHC__
/* broken implementation of ANSI C */
#undef __STDC__
#endif
#ifndef __STDC__
#define const
#define volatile
#define signed
typedef char *pointer; /* pointer to generic data */
#define PROTOTYPE(p) ()
#else
typedef void *pointer;
#define PROTOTYPE(p) p
#endif
/* Does your compiler understand "void"? */
#ifdef notdef
#define void int
#endif
/*
* A few checks to see that necessary definitions are included.
*/
/* byte order */
#ifndef MSBFIRST
#ifndef LSBFIRST
Error: byte order not defined.
#endif
#endif
/* machine size */
#ifndef BITS16
#ifndef BITS32
Error: how big is this machine anyways?
#endif
#endif
/* end of checks */
#endif /* _CONF_H_ */

44
eBones/include/des.h Normal file
View file

@ -0,0 +1,44 @@
/*
* Copyright 1987, 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Include file for the Data Encryption Standard library.
*
* from: des.h,v 4.11 89/01/17 16:24:57 rfrench Exp $
* $Id: des.h,v 1.2 1994/07/19 19:23:06 g89r4222 Exp $
*/
/* only do the whole thing once */
#ifndef DES_DEFS
#define DES_DEFS
typedef unsigned char des_cblock[8]; /* crypto-block size */
/* Key schedule */
typedef struct des_ks_struct { des_cblock _; } des_key_schedule[16];
#define DES_KEY_SZ (sizeof(des_cblock))
#define DES_ENCRYPT 1
#define DES_DECRYPT 0
#ifndef NCOMPAT
#define C_Block des_cblock
#define Key_schedule des_key_schedule
#define ENCRYPT DES_ENCRYPT
#define DECRYPT DES_DECRYPT
#define KEY_SZ DES_KEY_SZ
#define string_to_key des_string_to_key
#define read_pw_string des_read_pw_string
#define random_key des_random_key
#define pcbc_encrypt des_pcbc_encrypt
#define key_sched des_key_sched
#define cbc_encrypt des_cbc_encrypt
#define cbc_cksum des_cbc_cksum
#define C_Block_print des_cblock_print
#define quad_cksum des_quad_cksum
typedef struct des_ks_struct bit_64;
#endif
#define des_cblock_print(x) des_cblock_print_file(x, stdout)
#endif DES_DEFS

32
eBones/include/highc.h Normal file
View file

@ -0,0 +1,32 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Known breakage in the version of Metaware's High C compiler that
* we've got available....
*
* from: highc.h,v 4.0 89/01/23 09:59:15 jtkohl Exp $
* $Id: highc.h,v 1.2 1994/07/19 19:23:08 g89r4222 Exp $
*/
#define const
/*#define volatile*/
/*
* Some builtin functions we can take advantage of for inlining....
*/
#define abs _abs
/* the _max and _min builtins accept any number of arguments */
#undef MAX
#define MAX(x,y) _max(x,y)
#undef MIN
#define MIN(x,y) _min(x,y)
/*
* I'm not sure if 65535 is a limit for this builtin, but it's
* reasonable for a string length. Or is it?
*/
/*#define strlen(s) _find_char(s,65535,0)*/
#define bzero(ptr,len) _fill_char(ptr,len,'\0')
#define bcmp(b1,b2,len) _compare(b1,b2,len)

138
eBones/include/kadm.h Normal file
View file

@ -0,0 +1,138 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Definitions for Kerberos administration server & client
*
* from: kadm.h,v 4.2 89/09/26 09:15:20 jtkohl Exp $
* $Id: kadm.h,v 1.2 1994/07/19 19:23:09 g89r4222 Exp $
*/
#ifndef KADM_DEFS
#define KADM_DEFS
/*
* kadm.h
* Header file for the fourth attempt at an admin server
* Doug Church, December 28, 1989, MIT Project Athena
*/
/* for those broken Unixes without this defined... should be in sys/param.h */
#ifndef MAXHOSTNAMELEN
#define MAXHOSTNAMELEN 64
#endif
#include <sys/types.h>
#include <netinet/in.h>
#include <krb.h>
#include <des.h>
/* The global structures for the client and server */
typedef struct {
struct sockaddr_in admin_addr;
struct sockaddr_in my_addr;
int my_addr_len;
int admin_fd; /* file descriptor for link to admin server */
char sname[ANAME_SZ]; /* the service name */
char sinst[INST_SZ]; /* the services instance */
char krbrlm[REALM_SZ];
} Kadm_Client;
typedef struct { /* status of the server, i.e the parameters */
int inter; /* Space for command line flags */
char *sysfile; /* filename of server */
} admin_params; /* Well... it's the admin's parameters */
/* Largest password length to be supported */
#define MAX_KPW_LEN 128
/* Largest packet the admin server will ever allow itself to return */
#define KADM_RET_MAX 2048
/* That's right, versions are 8 byte strings */
#define KADM_VERSTR "KADM0.0A"
#define KADM_ULOSE "KYOULOSE" /* sent back when server can't
decrypt client's msg */
#define KADM_VERSIZE strlen(KADM_VERSTR)
/* the lookups for the server instances */
#define PWSERV_NAME "changepw"
#define KADM_SNAME "kerberos_master"
#define KADM_SINST "kerberos"
/* Attributes fields constants and macros */
#define ALLOC 2
#define RESERVED 3
#define DEALLOC 4
#define DEACTIVATED 5
#define ACTIVE 6
/* Kadm_vals structure for passing db fields into the server routines */
#define FLDSZ 4
typedef struct {
u_char fields[FLDSZ]; /* The active fields in this struct */
char name[ANAME_SZ];
char instance[INST_SZ];
unsigned long key_low;
unsigned long key_high;
unsigned long exp_date;
unsigned short attributes;
unsigned char max_life;
} Kadm_vals; /* The basic values structure in Kadm */
/* Kadm_vals structure for passing db fields into the server routines */
#define FLDSZ 4
/* Need to define fields types here */
#define KADM_NAME 31
#define KADM_INST 30
#define KADM_EXPDATE 29
#define KADM_ATTR 28
#define KADM_MAXLIFE 27
#define KADM_DESKEY 26
/* To set a field entry f in a fields structure d */
#define SET_FIELD(f,d) (d[3-(f/8)]|=(1<<(f%8)))
/* To set a field entry f in a fields structure d */
#define CLEAR_FIELD(f,d) (d[3-(f/8)]&=(~(1<<(f%8))))
/* Is field f in fields structure d */
#define IS_FIELD(f,d) (d[3-(f/8)]&(1<<(f%8)))
/* Various return codes */
#define KADM_SUCCESS 0
#define WILDCARD_STR "*"
enum acl_types {
ADDACL,
GETACL,
MODACL
};
/* Various opcodes for the admin server's functions */
#define CHANGE_PW 2
#define ADD_ENT 3
#define MOD_ENT 4
#define GET_ENT 5
extern long kdb_get_master_key(); /* XXX should be in krb_db.h */
extern long kdb_verify_master_key(); /* XXX ditto */
extern long krb_mk_priv(), krb_rd_priv(); /* XXX should be in krb.h */
extern void krb_set_tkt_string(); /* XXX ditto */
extern unsigned long quad_cksum(); /* XXX should be in des.h */
/* XXX This doesn't belong here!!! */
char *malloc(), *realloc();
#ifdef POSIX
typedef void sigtype;
#else
typedef int sigtype;
#endif
#endif KADM_DEFS

36
eBones/include/kdc.h Normal file
View file

@ -0,0 +1,36 @@
/*
* Copyright 1987, 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Include file for the Kerberos Key Distribution Center.
*
* from: kdc.h,v 4.1 89/01/24 17:54:04 jon Exp $
* $Id: kdc.h,v 1.2 1994/07/19 19:23:11 g89r4222 Exp $
*/
#ifndef KDC_DEFS
#define KDC_DEFS
#define S_AD_SZ sizeof(struct sockaddr_in)
#define max(a,b) (a>b ? a : b)
#define min(a,b) (a<b ? a : b)
#define TRUE 1
#define FALSE 0
#define MKEYFILE "/etc/kerberosIV/master_key"
#define K_LOGFIL "/var/log/kpropd.log"
#define KS_LOGFIL "/var/log/kerberos_slave.log"
#define KRB_ACL "/etc/kerberosIV/kerberos.acl"
#define KRB_PROG "./kerberos"
#define ONE_MINUTE 60
#define FIVE_MINUTES (5 * ONE_MINUTE)
#define ONE_HOUR (60 * ONE_MINUTE)
#define ONE_DAY (24 * ONE_HOUR)
#define THREE_DAYS (3 * ONE_DAY)
#endif /* KDC_DEFS */

39
eBones/include/klog.h Normal file
View file

@ -0,0 +1,39 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* This file defines the types of log messages logged by klog. Each
* type of message may be selectively turned on or off.
*
* from: klog.h,v 4.7 89/01/24 17:55:07 jon Exp $
* $Id: klog.h,v 1.2 1994/07/19 19:23:12 g89r4222 Exp $
*/
#ifndef KLOG_DEFS
#define KLOG_DEFS
#define KRBLOG "/var/log/kerberos.log" /* master server */
#define KRBSLAVELOG "/var/log/kerberos_slave.log" /* master server */
#define NLOGTYPE 100 /* Maximum number of log msg types */
#define L_NET_ERR 1 /* Error in network code */
#define L_NET_INFO 2 /* Info on network activity */
#define L_KRB_PERR 3 /* Kerberos protocol errors */
#define L_KRB_PINFO 4 /* Kerberos protocol info */
#define L_INI_REQ 5 /* Request for initial ticket */
#define L_NTGT_INTK 6 /* Initial request not for TGT */
#define L_DEATH_REQ 7 /* Request for server death */
#define L_TKT_REQ 8 /* All ticket requests using a tgt */
#define L_ERR_SEXP 9 /* Service expired */
#define L_ERR_MKV 10 /* Master key version incorrect */
#define L_ERR_NKY 11 /* User's key is null */
#define L_ERR_NUN 12 /* Principal not unique */
#define L_ERR_UNK 13 /* Principal Unknown */
#define L_ALL_REQ 14 /* All requests */
#define L_APPL_REQ 15 /* Application requests (using tgt) */
#define L_KRB_PWARN 16 /* Protocol warning messages */
char *klog();
#endif /* KLOG_DEFS */

87
eBones/include/kparse.h Normal file
View file

@ -0,0 +1,87 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Include file for kparse routines.
*
* from: kparse.h,v 4.5 89/01/11 12:05:53 steiner Exp $
* $Id: kparse.h,v 1.2 1994/07/19 19:23:14 g89r4222 Exp $
*/
#ifndef KPARSE_DEFS
#define KPARSE_DEFS
/*
* values returned by fGetParameterSet()
*/
#define PS_BAD_KEYWORD -2 /* unknown or duplicate keyword */
#define PS_SYNTAX -1 /* syntax error */
#define PS_OKAY 0 /* got a complete parameter set */
#define PS_EOF 1 /* nothing more in the file */
/*
* values returned by fGetKeywordValue()
*/
#define KV_SYNTAX -2 /* syntax error */
#define KV_EOF -1 /* nothing more in the file */
#define KV_OKAY 0 /* got a keyword/value pair */
#define KV_EOL 1 /* nothing more on this line */
/*
* values returned by fGetToken()
*/
#define GTOK_BAD_QSTRING -1 /* newline found in quoted string */
#define GTOK_EOF 0 /* end of file encountered */
#define GTOK_QSTRING 1 /* quoted string */
#define GTOK_STRING 2 /* unquoted string */
#define GTOK_NUMBER 3 /* one or more digits */
#define GTOK_PUNK 4 /* punks are punctuation, newline,
* etc. */
#define GTOK_WHITE 5 /* one or more whitespace chars */
/*
* extended character classification macros
*/
#define ISOCTAL(CH) ( (CH>='0') && (CH<='7') )
#define ISQUOTE(CH) ( (CH=='\"') || (CH=='\'') || (CH=='`') )
#define ISWHITESPACE(C) ( (C==' ') || (C=='\t') )
#define ISLINEFEED(C) ( (C=='\n') || (C=='\r') || (C=='\f') )
/*
* tokens consist of any printable charcacter except comma, equal, or
* whitespace
*/
#define ISTOKENCHAR(C) ((C>040) && (C<0177) && (C != ',') && (C != '='))
/*
* the parameter table defines the keywords that will be recognized by
* fGetParameterSet, and their default values if not specified.
*/
typedef struct {
char *keyword;
char *defvalue;
char *value;
} parmtable;
#define PARMCOUNT(P) (sizeof(P)/sizeof(P[0]))
extern int LineNbr; /* current line # in parameter file */
extern char ErrorMsg[]; /*
* meaningful only when KV_SYNTAX,
* PS_SYNTAX, or PS_BAD_KEYWORD is
* returned by fGetKeywordValue or
* fGetParameterSet
*/
extern char *strsave(); /* defined in this module */
extern char *strutol(); /* defined in this module */
#endif /* KPARSE_DEFS */

376
eBones/include/krb.h Normal file
View file

@ -0,0 +1,376 @@
/*
* Copyright 1987, 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Include file for the Kerberos library.
*
* from: krb.h,v 4.26 89/08/08 17:55:25 jtkohl Exp $
* $Id: krb.h,v 1.4 1994/09/24 14:15:41 g89r4222 Exp $
*/
/* Only one time, please */
#ifndef KRB_DEFS
#define KRB_DEFS
/* Need some defs from des.h */
#include <kerberosIV/des.h>
/* Text describing error codes */
#define MAX_KRB_ERRORS 256
extern char *krb_err_txt[MAX_KRB_ERRORS];
/* These are not defined for at least SunOS 3.3 and Ultrix 2.2 */
#if defined(ULTRIX022) || (defined(SunOS) && SunOS < 40)
#define FD_ZERO(p) ((p)->fds_bits[0] = 0)
#define FD_SET(n, p) ((p)->fds_bits[0] |= (1 << (n)))
#define FD_ISSET(n, p) ((p)->fds_bits[0] & (1 << (n)))
#endif /* ULTRIX022 || SunOS */
/* General definitions */
#define KSUCCESS 0
#define KFAILURE 255
#ifdef NO_UIDGID_T
typedef unsigned short uid_t;
typedef unsigned short gid_t;
#endif /* NO_UIDGID_T */
/*
* Kerberos specific definitions
*
* KRBLOG is the log file for the kerberos master server. KRB_CONF is
* the configuration file where different host machines running master
* and slave servers can be found. KRB_MASTER is the name of the
* machine with the master database. The admin_server runs on this
* machine, and all changes to the db (as opposed to read-only
* requests, which can go to slaves) must go to it. KRB_HOST is the
* default machine * when looking for a kerberos slave server. Other
* possibilities are * in the KRB_CONF file. KRB_REALM is the name of
* the realm.
*/
#ifdef notdef
this is server - only, does not belong here;
#define KRBLOG "/etc/kerberosIV/kerberos.log"
are these used anyplace '?';
#define VX_KRB_HSTFILE "/etc/krbhst"
#define PC_KRB_HSTFILE "\\kerberos\\krbhst"
#endif
#define KRB_CONF "/etc/kerberosIV/krb.conf"
#define KRB_RLM_TRANS "/etc/kerberosIV/krb.realms"
#define KRB_MASTER "kerberos"
#define KRB_HOST KRB_MASTER
#define KRB_REALM "ATHENA.MIT.EDU"
/* The maximum sizes for aname, realm, sname, and instance +1 */
#define ANAME_SZ 40
#define REALM_SZ 40
#define SNAME_SZ 40
#define INST_SZ 40
/* include space for '.' and '@' */
#define MAX_K_NAME_SZ (ANAME_SZ + INST_SZ + REALM_SZ + 2)
#define KKEY_SZ 100
#define VERSION_SZ 1
#define MSG_TYPE_SZ 1
#define DATE_SZ 26 /* RTI date output */
#define MAX_HSTNM 100
#ifndef DEFAULT_TKT_LIFE /* allow compile-time override */
#define DEFAULT_TKT_LIFE 96 /* default lifetime for krb_mk_req
& co., 8 hrs */
#endif
/* Definition of text structure used to pass text around */
#define MAX_KTXT_LEN 1250
struct ktext {
int length; /* Length of the text */
unsigned char dat[MAX_KTXT_LEN]; /* The data itself */
unsigned long mbz; /* zero to catch runaway strings */
};
typedef struct ktext *KTEXT;
typedef struct ktext KTEXT_ST;
/* Definitions for send_to_kdc */
#define CLIENT_KRB_TIMEOUT 4 /* time between retries */
#define CLIENT_KRB_RETRY 5 /* retry this many times */
#define CLIENT_KRB_BUFLEN 512 /* max unfragmented packet */
/* Definitions for ticket file utilities */
#define R_TKT_FIL 0
#define W_TKT_FIL 1
/* Definitions for cl_get_tgt */
#ifdef PC
#define CL_GTGT_INIT_FILE "\\kerberos\\k_in_tkts"
#else
#define CL_GTGT_INIT_FILE "/etc/k_in_tkts"
#endif PC
/* Parameters for rd_ap_req */
/* Maximum alloable clock skew in seconds */
#define CLOCK_SKEW 5*60
/* Filename for readservkey */
#define KEYFILE "/etc/kerberosIV/srvtab"
/* Structure definition for rd_ap_req */
struct auth_dat {
unsigned char k_flags; /* Flags from ticket */
char pname[ANAME_SZ]; /* Principal's name */
char pinst[INST_SZ]; /* His Instance */
char prealm[REALM_SZ]; /* His Realm */
unsigned long checksum; /* Data checksum (opt) */
C_Block session; /* Session Key */
int life; /* Life of ticket */
unsigned long time_sec; /* Time ticket issued */
unsigned long address; /* Address in ticket */
KTEXT_ST reply; /* Auth reply (opt) */
};
typedef struct auth_dat AUTH_DAT;
/* Structure definition for credentials returned by get_cred */
struct credentials {
char service[ANAME_SZ]; /* Service name */
char instance[INST_SZ]; /* Instance */
char realm[REALM_SZ]; /* Auth domain */
C_Block session; /* Session key */
int lifetime; /* Lifetime */
int kvno; /* Key version number */
KTEXT_ST ticket_st; /* The ticket itself */
long issue_date; /* The issue time */
char pname[ANAME_SZ]; /* Principal's name */
char pinst[INST_SZ]; /* Principal's instance */
};
typedef struct credentials CREDENTIALS;
/* Structure definition for rd_private_msg and rd_safe_msg */
struct msg_dat {
unsigned char *app_data; /* pointer to appl data */
unsigned long app_length; /* length of appl data */
unsigned long hash; /* hash to lookup replay */
int swap; /* swap bytes? */
long time_sec; /* msg timestamp seconds */
unsigned char time_5ms; /* msg timestamp 5ms units */
};
typedef struct msg_dat MSG_DAT;
/* Location of ticket file for save_cred and get_cred */
#ifdef PC
#define TKT_FILE "\\kerberos\\ticket.ses"
#else
#define TKT_FILE tkt_string()
#define TKT_ROOT "/tmp/tkt"
#endif PC
/* Error codes returned from the KDC */
#define KDC_OK 0 /* Request OK */
#define KDC_NAME_EXP 1 /* Principal expired */
#define KDC_SERVICE_EXP 2 /* Service expired */
#define KDC_AUTH_EXP 3 /* Auth expired */
#define KDC_PKT_VER 4 /* Protocol version unknown */
#define KDC_P_MKEY_VER 5 /* Wrong master key version */
#define KDC_S_MKEY_VER 6 /* Wrong master key version */
#define KDC_BYTE_ORDER 7 /* Byte order unknown */
#define KDC_PR_UNKNOWN 8 /* Principal unknown */
#define KDC_PR_N_UNIQUE 9 /* Principal not unique */
#define KDC_NULL_KEY 10 /* Principal has null key */
#define KDC_GEN_ERR 20 /* Generic error from KDC */
/* Values returned by get_credentials */
#define GC_OK 0 /* Retrieve OK */
#define RET_OK 0 /* Retrieve OK */
#define GC_TKFIL 21 /* Can't read ticket file */
#define RET_TKFIL 21 /* Can't read ticket file */
#define GC_NOTKT 22 /* Can't find ticket or TGT */
#define RET_NOTKT 22 /* Can't find ticket or TGT */
/* Values returned by mk_ap_req */
#define MK_AP_OK 0 /* Success */
#define MK_AP_TGTEXP 26 /* TGT Expired */
/* Values returned by rd_ap_req */
#define RD_AP_OK 0 /* Request authentic */
#define RD_AP_UNDEC 31 /* Can't decode authenticator */
#define RD_AP_EXP 32 /* Ticket expired */
#define RD_AP_NYV 33 /* Ticket not yet valid */
#define RD_AP_REPEAT 34 /* Repeated request */
#define RD_AP_NOT_US 35 /* The ticket isn't for us */
#define RD_AP_INCON 36 /* Request is inconsistent */
#define RD_AP_TIME 37 /* delta_t too big */
#define RD_AP_BADD 38 /* Incorrect net address */
#define RD_AP_VERSION 39 /* protocol version mismatch */
#define RD_AP_MSG_TYPE 40 /* invalid msg type */
#define RD_AP_MODIFIED 41 /* message stream modified */
#define RD_AP_ORDER 42 /* message out of order */
#define RD_AP_UNAUTHOR 43 /* unauthorized request */
/* Values returned by get_pw_tkt */
#define GT_PW_OK 0 /* Got password changing tkt */
#define GT_PW_NULL 51 /* Current PW is null */
#define GT_PW_BADPW 52 /* Incorrect current password */
#define GT_PW_PROT 53 /* Protocol Error */
#define GT_PW_KDCERR 54 /* Error returned by KDC */
#define GT_PW_NULLTKT 55 /* Null tkt returned by KDC */
/* Values returned by send_to_kdc */
#define SKDC_OK 0 /* Response received */
#define SKDC_RETRY 56 /* Retry count exceeded */
#define SKDC_CANT 57 /* Can't send request */
/*
* Values returned by get_intkt
* (can also return SKDC_* and KDC errors)
*/
#define INTK_OK 0 /* Ticket obtained */
#define INTK_W_NOTALL 61 /* Not ALL tickets returned */
#define INTK_BADPW 62 /* Incorrect password */
#define INTK_PROT 63 /* Protocol Error */
#define INTK_ERR 70 /* Other error */
/* Values returned by get_adtkt */
#define AD_OK 0 /* Ticket Obtained */
#define AD_NOTGT 71 /* Don't have tgt */
/* Error codes returned by ticket file utilities */
#define NO_TKT_FIL 76 /* No ticket file found */
#define TKT_FIL_ACC 77 /* Couldn't access tkt file */
#define TKT_FIL_LCK 78 /* Couldn't lock ticket file */
#define TKT_FIL_FMT 79 /* Bad ticket file format */
#define TKT_FIL_INI 80 /* tf_init not called first */
/* Error code returned by kparse_name */
#define KNAME_FMT 81 /* Bad Kerberos name format */
/* Error code returned by krb_mk_safe */
#define SAFE_PRIV_ERROR -1 /* syscall error */
/*
* macros for byte swapping; also scratch space
* u_quad 0-->7, 1-->6, 2-->5, 3-->4, 4-->3, 5-->2, 6-->1, 7-->0
* u_long 0-->3, 1-->2, 2-->1, 3-->0
* u_short 0-->1, 1-->0
*/
#define swap_u_16(x) {\
unsigned long _krb_swap_tmp[4];\
swab(((char *) x) +0, ((char *) _krb_swap_tmp) +14 ,2); \
swab(((char *) x) +2, ((char *) _krb_swap_tmp) +12 ,2); \
swab(((char *) x) +4, ((char *) _krb_swap_tmp) +10 ,2); \
swab(((char *) x) +6, ((char *) _krb_swap_tmp) +8 ,2); \
swab(((char *) x) +8, ((char *) _krb_swap_tmp) +6 ,2); \
swab(((char *) x) +10,((char *) _krb_swap_tmp) +4 ,2); \
swab(((char *) x) +12,((char *) _krb_swap_tmp) +2 ,2); \
swab(((char *) x) +14,((char *) _krb_swap_tmp) +0 ,2); \
bcopy((char *)_krb_swap_tmp,(char *)x,16);\
}
#define swap_u_12(x) {\
unsigned long _krb_swap_tmp[4];\
swab(( char *) x, ((char *) _krb_swap_tmp) +10 ,2); \
swab(((char *) x) +2, ((char *) _krb_swap_tmp) +8 ,2); \
swab(((char *) x) +4, ((char *) _krb_swap_tmp) +6 ,2); \
swab(((char *) x) +6, ((char *) _krb_swap_tmp) +4 ,2); \
swab(((char *) x) +8, ((char *) _krb_swap_tmp) +2 ,2); \
swab(((char *) x) +10,((char *) _krb_swap_tmp) +0 ,2); \
bcopy((char *)_krb_swap_tmp,(char *)x,12);\
}
#define swap_C_Block(x) {\
unsigned long _krb_swap_tmp[4];\
swab(( char *) x, ((char *) _krb_swap_tmp) +6 ,2); \
swab(((char *) x) +2,((char *) _krb_swap_tmp) +4 ,2); \
swab(((char *) x) +4,((char *) _krb_swap_tmp) +2 ,2); \
swab(((char *) x) +6,((char *) _krb_swap_tmp) ,2); \
bcopy((char *)_krb_swap_tmp,(char *)x,8);\
}
#define swap_u_quad(x) {\
unsigned long _krb_swap_tmp[4];\
swab(( char *) &x, ((char *) _krb_swap_tmp) +6 ,2); \
swab(((char *) &x) +2,((char *) _krb_swap_tmp) +4 ,2); \
swab(((char *) &x) +4,((char *) _krb_swap_tmp) +2 ,2); \
swab(((char *) &x) +6,((char *) _krb_swap_tmp) ,2); \
bcopy((char *)_krb_swap_tmp,(char *)&x,8);\
}
#define swap_u_long(x) {\
unsigned long _krb_swap_tmp[4];\
swab((char *) &x, ((char *) _krb_swap_tmp) +2 ,2); \
swab(((char *) &x) +2,((char *) _krb_swap_tmp),2); \
x = _krb_swap_tmp[0]; \
}
#define swap_u_short(x) {\
unsigned short _krb_swap_sh_tmp; \
swab((char *) &x, ( &_krb_swap_sh_tmp) ,2); \
x = (unsigned short) _krb_swap_sh_tmp; \
}
/* Kerberos ticket flag field bit definitions */
#define K_FLAG_ORDER 0 /* bit 0 --> lsb */
#define K_FLAG_1 /* reserved */
#define K_FLAG_2 /* reserved */
#define K_FLAG_3 /* reserved */
#define K_FLAG_4 /* reserved */
#define K_FLAG_5 /* reserved */
#define K_FLAG_6 /* reserved */
#define K_FLAG_7 /* reserved, bit 7 --> msb */
#ifndef PC
char *tkt_string();
#endif PC
#ifdef OLDNAMES
#define krb_mk_req mk_ap_req
#define krb_rd_req rd_ap_req
#define krb_kntoln an_to_ln
#define krb_set_key set_serv_key
#define krb_get_cred get_credentials
#define krb_mk_priv mk_private_msg
#define krb_rd_priv rd_private_msg
#define krb_mk_safe mk_safe_msg
#define krb_rd_safe rd_safe_msg
#define krb_mk_err mk_appl_err_msg
#define krb_rd_err rd_appl_err_msg
#define krb_ck_repl check_replay
#define krb_get_pw_in_tkt get_in_tkt
#define krb_get_svc_in_tkt get_svc_in_tkt
#define krb_get_pw_tkt get_pw_tkt
#define krb_realmofhost krb_getrealm
#define krb_get_phost get_phost
#define krb_get_krbhst get_krbhst
#define krb_get_lrealm get_krbrlm
#endif OLDNAMES
/* Defines for krb_sendauth and krb_recvauth */
#define KOPT_DONT_MK_REQ 0x00000001 /* don't call krb_mk_req */
#define KOPT_DO_MUTUAL 0x00000002 /* do mutual auth */
#define KOPT_DONT_CANON 0x00000004 /*
* don't canonicalize inst as
* a hostname
*/
#define KRB_SENDAUTH_VLEN 8 /* length for version strings */
#ifdef ATHENA_COMPAT
#define KOPT_DO_OLDSTYLE 0x00000008 /* use the old-style protocol */
#endif ATHENA_COMPAT
#endif KRB_DEFS

29
eBones/include/krb_conf.h Normal file
View file

@ -0,0 +1,29 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* This file contains configuration information for the Kerberos library
* which is machine specific; currently, this file contains
* configuration information for the vax, the "ibm032" (RT), and the
* "PC8086" (IBM PC).
*
* Note: cross-compiled targets must appear BEFORE their corresponding
* cross-compiler host. Otherwise, both will be defined when running
* the native compiler on the programs that construct cross-compiled
* sources.
*
* from: krb_conf.h,v 4.0 89/01/23 09:59:27 jtkohl Exp $
* $Id: krb_conf.h,v 1.2 1994/07/19 19:23:18 g89r4222 Exp $
*/
#ifndef KRB_CONF_DEFS
#define KRB_CONF_DEFS
/* Byte ordering */
extern int krbONE;
#define HOST_BYTE_ORDER (* (char *) &krbONE)
#define MSB_FIRST 0 /* 68000, IBM RT/PC */
#define LSB_FIRST 1 /* Vax, PC8086 */
#endif KRB_CONF_DEFS

100
eBones/include/krb_db.h Normal file
View file

@ -0,0 +1,100 @@
/*
* Copyright 1987, 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* spm Project Athena 8/85
*
* This file defines data structures for the kerberos
* authentication/authorization database.
*
* They MUST correspond to those defined in *.rel
*
* from: krb_db.h,v 4.9 89/01/24 17:55:39 jon Exp $
* $Id: krb_db.h,v 1.2 1994/07/19 19:23:19 g89r4222 Exp $
*/
#ifndef KRB_DB_DEFS
#define KRB_DB_DEFS
#define KERB_M_NAME "K" /* Kerberos */
#define KERB_M_INST "M" /* Master */
#define KERB_DEFAULT_NAME "default"
#define KERB_DEFAULT_INST ""
#define DBM_FILE "/etc/kerberosIV/principal"
/* this also defines the number of queue headers */
#define KERB_DB_HASH_MODULO 64
/* Arguments to kerb_dbl_lock() */
#define KERB_DBL_EXCLUSIVE 1
#define KERB_DBL_SHARED 0
/* arguments to kerb_db_set_lockmode() */
#define KERB_DBL_BLOCKING 0
#define KERB_DBL_NONBLOCKING 1
/* Principal defines the structure of a principal's name */
typedef struct {
char name[ANAME_SZ];
char instance[INST_SZ];
unsigned long key_low;
unsigned long key_high;
unsigned long exp_date;
char exp_date_txt[DATE_SZ];
unsigned long mod_date;
char mod_date_txt[DATE_SZ];
unsigned short attributes;
unsigned char max_life;
unsigned char kdc_key_ver;
unsigned char key_version;
char mod_name[ANAME_SZ];
char mod_instance[INST_SZ];
char *old; /* cast to (Principal *); not in db,
* ptr to old vals */
}
Principal;
typedef struct {
long cpu;
long elapsed;
long dio;
long pfault;
long t_stamp;
long n_retrieve;
long n_replace;
long n_append;
long n_get_stat;
long n_put_stat;
}
DB_stat;
/* Dba defines the structure of a database administrator */
typedef struct {
char name[ANAME_SZ];
char instance[INST_SZ];
unsigned short attributes;
unsigned long exp_date;
char exp_date_txt[DATE_SZ];
char *old; /*
* cast to (Dba *); not in db, ptr to
* old vals
*/
}
Dba;
extern int kerb_get_principal();
extern int kerb_put_principal();
extern int kerb_db_get_stat();
extern int kerb_db_put_stat();
extern int kerb_get_dba();
extern int kerb_db_get_dba();
#endif /* KRB_DB_DEFS */

40
eBones/include/lsb_addr_comp.h Normal file
View file

@ -0,0 +1,40 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Comparison macros to emulate LSBFIRST comparison results of network
* byte-order quantities
*
* from: lsb_addr_comp.h,v 4.0 89/01/23 15:44:46 jtkohl Exp $
* $Id: lsb_addr_comp.h,v 1.2 1994/07/19 19:23:21 g89r4222 Exp $
*/
#ifndef LSB_ADDR_COMP_DEFS
#define LSB_ADDR_COMP_DEFS
#include "osconf.h"
#ifdef LSBFIRST
#define lsb_net_ulong_less(x,y) ((x < y) ? -1 : ((x > y) ? 1 : 0))
#define lsb_net_ushort_less(x,y) ((x < y) ? -1 : ((x > y) ? 1 : 0))
#else
/* MSBFIRST */
#define u_char_comp(x,y) \
(((x)>(y))?(1):(((x)==(y))?(0):(-1)))
/* This is gross, but... */
#define lsb_net_ulong_less(x, y) long_less_than((u_char *)&x, (u_char *)&y)
#define lsb_net_ushort_less(x, y) short_less_than((u_char *)&x, (u_char *)&y)
#define long_less_than(x,y) \
(u_char_comp((x)[3],(y)[3])?u_char_comp((x)[3],(y)[3]): \
(u_char_comp((x)[2],(y)[2])?u_char_comp((x)[2],(y)[2]): \
(u_char_comp((x)[1],(y)[1])?u_char_comp((x)[1],(y)[1]): \
(u_char_comp((x)[0],(y)[0])))))
#define short_less_than(x,y) \
(u_char_comp((x)[1],(y)[1])?u_char_comp((x)[1],(y)[1]): \
(u_char_comp((x)[0],(y)[0])))
#endif /* LSBFIRST */
#endif /* LSB_ADDR_COMP_DEFS */

51
eBones/include/osconf.h Normal file
View file

@ -0,0 +1,51 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Athena configuration.
*
* from: osconf.h,v 4.4 89/12/19 13:26:27 jtkohl Exp $
* $Id: osconf.h,v 1.2 1994/07/19 19:23:22 g89r4222 Exp $
*/
#ifdef tahoe
#include "conf-bsdtahoe.h"
#else /* !tahoe */
#ifdef vax
#include "conf-bsdvax.h"
#else /* !vax */
#if defined(mips) && defined(ultrix)
#include "conf-ultmips2.h"
#else /* !Ultrix MIPS-2 */
#ifdef ibm032
#include "conf-bsdibm032.h"
#else /* !ibm032 */
#ifdef apollo
#include "conf-bsdapollo.h"
#else /* !apollo */
#ifdef sun
#ifdef sparc
#include "conf-bsdsparc.h"
#else /* sun but not sparc */
#ifdef i386
#include "conf-bsd386i.h"
#else /* sun but not (sparc or 386i) */
#include "conf-bsdm68k.h"
#endif /* i386 */
#endif /* sparc */
#else /* !sun */
#ifdef pyr
#include "conf-pyr.h"
#endif /* pyr */
#endif /* sun */
#endif /* apollo */
#endif /* ibm032 */
#endif /* mips */
#endif /* vax */
#endif /* tahoe */
#if defined(__FreeBSD__) && defined(i386)
#include "conf-bsd386i.h"
#endif

28
eBones/include/passwd_server.h Normal file
View file

@ -0,0 +1,28 @@
/*
* Copyright 1987, 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Include file for password server
*
* from: passwd_server.h,v 4.6 89/01/11 15:12:22 steiner Exp $
* $Id: passwd_server.h,v 1.2 1994/07/19 19:23:24 g89r4222 Exp $
*/
#ifndef PASSWD_SERVER_DEFS
#define PASSWD_SERVER_DEFS
#define PW_SRV_VERSION 2 /* version number */
#define RETRY_LIMIT 1
#define TIME_OUT 30
#define USER_TIMEOUT 90
#define MAX_KPW_LEN 40 /* hey, seems like a good number */
#define INSTALL_NEW_PW (1<<0) /*
* ver, cmd, name, password, old_pass,
* crypt_pass, uid
*/
#define INSTALL_REPLY (1<<1) /* ver, cmd, name, password */
#endif /* PASSWD_SERVER_DEFS */

18
eBones/include/principal.h Normal file
View file

@ -0,0 +1,18 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Definitions for principal names.
*
* from: principal.h,v 4.5 89/01/11 15:15:01 steiner Exp $
* $Id: principal.h,v 1.2 1994/07/19 19:23:25 g89r4222 Exp $
*/
#ifndef PRINCIPAL_DEFS
#define PRINCIPAL_DEFS
#define NAME_LEN 39
#define INSTANCE_LEN 39
#endif /* PRINCIPAL_DEFS */

92
eBones/include/prot.h Normal file
View file

@ -0,0 +1,92 @@
/*
* Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
* of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Include file with authentication protocol information.
*
* from: prot.h,v 4.13 89/01/24 14:27:22 jtkohl Exp $
* $Id: prot.h,v 1.2 1994/07/19 19:23:27 g89r4222 Exp $
*/
#include <krb_conf.h>
#ifndef PROT_DEFS
#define PROT_DEFS
#define KRB_PORT 750 /* PC's don't have
* /etc/services */
#define KRB_PROT_VERSION 4
#define MAX_PKT_LEN 1000
#define MAX_TXT_LEN 1000
#define TICKET_GRANTING_TICKET "krbtgt"
/* Macro's to obtain various fields from a packet */
#define pkt_version(packet) (unsigned int) *(packet->dat)
#define pkt_msg_type(packet) (unsigned int) *(packet->dat+1)
#define pkt_a_name(packet) (packet->dat+2)
#define pkt_a_inst(packet) \
(packet->dat+3+strlen((char *)pkt_a_name(packet)))
#define pkt_a_realm(packet) \
(pkt_a_inst(packet)+1+strlen((char *)pkt_a_inst(packet)))
/* Macro to obtain realm from application request */
#define apreq_realm(auth) (auth->dat + 3)
#define pkt_time_ws(packet) (char *) \
(packet->dat+5+strlen((char *)pkt_a_name(packet)) + \
strlen((char *)pkt_a_inst(packet)) + \
strlen((char *)pkt_a_realm(packet)))
#define pkt_no_req(packet) (unsigned short) \
*(packet->dat+9+strlen((char *)pkt_a_name(packet)) + \
strlen((char *)pkt_a_inst(packet)) + \
strlen((char *)pkt_a_realm(packet)))
#define pkt_x_date(packet) (char *) \
(packet->dat+10+strlen((char *)pkt_a_name(packet)) + \
strlen((char *)pkt_a_inst(packet)) + \
strlen((char *)pkt_a_realm(packet)))
#define pkt_err_code(packet) ( (char *) \
(packet->dat+9+strlen((char *)pkt_a_name(packet)) + \
strlen((char *)pkt_a_inst(packet)) + \
strlen((char *)pkt_a_realm(packet))))
#define pkt_err_text(packet) \
(packet->dat+13+strlen((char *)pkt_a_name(packet)) + \
strlen((char *)pkt_a_inst(packet)) + \
strlen((char *)pkt_a_realm(packet)))
/* Routines to create and read packets may be found in prot.c */
KTEXT create_auth_reply();
KTEXT create_death_packet();
KTEXT pkt_cipher();
/* Message types , always leave lsb for byte order */
#define AUTH_MSG_KDC_REQUEST 1<<1
#define AUTH_MSG_KDC_REPLY 2<<1
#define AUTH_MSG_APPL_REQUEST 3<<1
#define AUTH_MSG_APPL_REQUEST_MUTUAL 4<<1
#define AUTH_MSG_ERR_REPLY 5<<1
#define AUTH_MSG_PRIVATE 6<<1
#define AUTH_MSG_SAFE 7<<1
#define AUTH_MSG_APPL_ERR 8<<1
#define AUTH_MSG_DIE 63<<1
/* values for kerb error codes */
#define KERB_ERR_OK 0
#define KERB_ERR_NAME_EXP 1
#define KERB_ERR_SERVICE_EXP 2
#define KERB_ERR_AUTH_EXP 3
#define KERB_ERR_PKT_VER 4
#define KERB_ERR_NAME_MAST_KEY_VER 5
#define KERB_ERR_SERV_MAST_KEY_VER 6
#define KERB_ERR_BYTE_ORDER 7
#define KERB_ERR_PRINCIPAL_UNKNOWN 8
#define KERB_ERR_PRINCIPAL_NOT_UNIQUE 9
#define KERB_ERR_NULL_KEY 10
#endif /* PROT_DEFS */

158
eBones/kadmin/kadmin.8 Normal file
View file

@ -0,0 +1,158 @@
.\" from: kadmin.8,v 4.2 89/07/25 17:20:02 jtkohl Exp $
.\" $Id: kadmin.8,v 1.2 1994/07/19 19:27:22 g89r4222 Exp $
.\" Copyright 1989 by the Massachusetts Institute of Technology.
.\"
.\" For copying and distribution information,
.\" please see the file <Copyright.MIT>.
.\"
.TH KADMIN 8 "Kerberos Version 4.0" "MIT Project Athena"
.SH NAME
kadmin \- network utility for Kerberos database administration
.SH SYNOPSIS
.B kadmin [-u user] [-r default_realm] [-m]
.SH DESCRIPTION
This utility provides a unified administration interface to
the
Kerberos
master database.
Kerberos
administrators
use
.I kadmin
to register new users and services to the master database,
and to change information about existing database entries.
For instance, an administrator can use
.I kadmin
to change a user's
Kerberos
password.
A Kerberos administrator is a user with an ``admin'' instance
whose name appears on one of the Kerberos administration access control
lists. If the \-u option is used,
.I user
will be used as the administrator instead of the local user.
If the \-r option is used,
.I default_realm
will be used as the default realm for transactions. Otherwise,
the local realm will be used by default.
If the \-m option is used, multiple requests will be permitted
on only one entry of the admin password. Some sites won't
support this option.
The
.I kadmin
program communicates over the network with the
.I kadmind
program, which runs on the machine housing the Kerberos master
database.
The
.I kadmind
creates new entries and makes modifications to the database.
When you enter the
.I kadmin
command,
the program displays a message that welcomes you and explains
how to ask for help.
Then
.I kadmin
waits for you to enter commands (which are described below).
It then asks you for your
.I admin
password before accessing the database.
Use the
.I add_new_key
(or
.I ank
for short)
command to register a new principal
with the master database.
The command requires one argument,
the principal's name. The name
given can be fully qualified using
the standard
.I name.instance@realm
convention.
You are asked to enter your
.I admin
password,
then prompted twice to enter the principal's
new password. If no realm is specified,
the local realm is used unless another was
given on the commandline with the \-r flag.
If no instance is
specified, a null instance is used. If
a realm other than the default realm is specified,
you will need to supply your admin password for
the other realm.
Use the
.I change_password (cpw)
to change a principal's
Kerberos
password.
The command requires one argument,
the principal's
name.
You are asked to enter your
.I admin
password,
then prompted twice to enter the principal's new password.
The name
given can be fully qualified using
the standard
.I name.instance@realm
convention.
Use the
.I change_admin_password (cap)
to change your
.I admin
instance password.
This command requires no arguments.
It prompts you for your old
.I admin
password, then prompts you twice to enter the new
.I admin
password. If this is your first command,
the default realm is used. Otherwise, the realm
used in the last command is used.
Use the
.I destroy_tickets (dest)
command to destroy your admin tickets explicitly.
Use the
.I list_requests (lr)
command to get a list of possible commands.
Use the
.I help
command to display
.IR kadmin's
various help messages.
If entered without an argument,
.I help
displays a general help message.
You can get detailed information on specific
.I kadmin
commands
by entering
.I help
.IR command_name .
To quit the program, type
.IR quit .
.SH BUGS
The user interface is primitive, and the command names could be better.
.SH "SEE ALSO"
kerberos(1), kadmind(8), kpasswd(1), ksrvutil(8)
.br
``A Subsystem Utilities Package for UNIX'' by Ken Raeburn
.SH AUTHORS
Jeffrey I. Schiller, MIT Project Athena
.br
Emanuel Jay Berkenbilt, MIT Project Athena

117
eBones/kadmind/kadmind.8 Normal file
View file

@ -0,0 +1,117 @@
.\" from: kadmind.8,v 4.1 89/07/25 17:28:33 jtkohl Exp $
.\" $Id: kadmind.8,v 1.2 1994/07/19 19:27:25 g89r4222 Exp $
.\" Copyright 1989 by the Massachusetts Institute of Technology.
.\"
.\" For copying and distribution information,
.\" please see the file <Copyright.MIT>.
.\"
.TH KADMIND 8 "Kerberos Version 4.0" "MIT Project Athena"
.SH NAME
kadmind \- network daemon for Kerberos database administration
.SH SYNOPSIS
.B kadmind
[
.B \-n
] [
.B \-h
] [
.B \-r realm
] [
.B \-f filename
] [
.B \-d dbname
] [
.B \-a acldir
]
.SH DESCRIPTION
.I kadmind
is the network database server for the Kerberos password-changing and
administration tools.
.PP
Upon execution, it prompts the user to enter the master key string for
the database.
.PP
If the
.B \-n
option is specified, the master key is instead fetched from the master
key cache file.
.PP
If the
.B \-r
.I realm
option is specified, the admin server will pretend that its
local realm is
.I realm
instead of the actual local realm of the host it is running on.
This makes it possible to run a server for a foreign kerberos
realm.
.PP
If the
.B \-f
.I filename
option is specified, then that file is used to hold the log information
instead of the default.
.PP
If the
.B \-d
.I dbname
option is specified, then that file is used as the database name instead
of the default.
.PP
If the
.B \-a
.I acldir
option is specified, then
.I acldir
is used as the directory in which to search for access control lists
instead of the default.
.PP
If the
.B \-h
option is specified,
.I kadmind
prints out a short summary of the permissible control arguments, and
then exits.
.PP
When performing requests on behalf of clients,
.I kadmind
checks access control lists (ACLs) to determine the authorization of the client
to perform the requested action.
Currently three distinct access types are supported:
.TP 1i
Addition
(.add ACL file). If a principal is on this list, it may add new
principals to the database.
.TP
Retrieval
(.get ACL file). If a principal is on this list, it may retrieve
database entries. NOTE: A principal's private key is never returned by
the get functions.
.TP
Modification
(.mod ACL file). If a principal is on this list, it may modify entries
in the database.
.PP
A principal is always granted authorization to change its own password.
.SH FILES
.TP 20n
/kerberos/admin_server.syslog
Default log file.
.TP
/kerberos
Default access control list directory.
.TP
admin_acl.{add,get,mod}
Access control list files (within the directory)
.TP
/kerberos/principal.pag, /kerberos/principal.dir
Default DBM files containing database
.TP
/.k
Master key cache file.
.SH "SEE ALSO"
kerberos(1), kpasswd(1), kadmin(8), acl_check(3)
.SH AUTHORS
Douglas A. Church, MIT Project Athena
.br
John T. Kohl, Project Athena/Digital Equipment Corporation

11
eBones/kdb/Makefile Normal file
View file

@ -0,0 +1,11 @@
# From: @(#)Makefile 5.1 (Berkeley) 6/25/90
# $Id: Makefile,v 1.3 1994/09/09 21:43:41 g89r4222 Exp $
SHLIB_MAJOR= 2
SHLIB_MINOR= 0
LIB= kdb
CFLAGS+=-DKERBEROS -DDEBUG -I${.CURDIR}/../include
SRCS= krb_cache.c krb_dbm.c krb_kdb_utils.c krb_lib.c print_princ.c
.include <bsd.lib.mk>

193
eBones/kdb/krb_cache.c Normal file
View file

@ -0,0 +1,193 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* This is where a cache would be implemented, if it were necessary.
*
* from: krb_cache.c,v 4.5 89/01/24 18:12:34 jon Exp $
* $Id: krb_cache.c,v 1.2 1994/07/19 19:23:35 g89r4222 Exp $
*/
#ifndef lint
static char rcsid[] =
"$Id: krb_cache.c,v 1.2 1994/07/19 19:23:35 g89r4222 Exp $";
#endif lint
#include <stdio.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/uio.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <strings.h>
#include <des.h>
#include <krb.h>
#include <krb_db.h>
extern char *strncpy();
#ifdef DEBUG
extern int debug;
extern long kerb_debug;
#endif
static init = 0;
/*
* initialization routine for cache
*/
int
kerb_cache_init()
{
init = 1;
return (0);
}
/*
* look up a principal in the cache returns number of principals found
*/
int
kerb_cache_get_principal(serv, inst, principal, max)
char *serv; /* could have wild card */
char *inst; /* could have wild card */
Principal *principal;
unsigned int max; /* max number of name structs to return */
{
int found = 0;
u_long i;
if (!init)
kerb_cache_init();
#ifdef DEBUG
if (kerb_debug & 2)
fprintf(stderr, "cache_get_principal for %s %s max = %d\n",
serv, inst, max);
#endif DEBUG
#ifdef DEBUG
if (kerb_debug & 2) {
if (found) {
fprintf(stderr, "cache get %s %s found %s %s sid = %d\n",
serv, inst, principal->name, principal->instance);
} else {
fprintf(stderr, "cache %s %s not found\n", serv,
inst);
}
}
#endif
return (found);
}
/*
* insert/replace a principal in the cache returns number of principals
* inserted
*/
int
kerb_cache_put_principal(principal, max)
Principal *principal;
unsigned int max; /* max number of principal structs to
* insert */
{
int found = 0;
u_long i;
int count = 0;
if (!init)
kerb_cache_init();
#ifdef DEBUG
if (kerb_debug & 2) {
fprintf(stderr, "kerb_cache_put_principal max = %d",
max);
}
#endif
for (i = 0; i < max; i++) {
#ifdef DEBUG
if (kerb_debug & 2)
fprintf(stderr, "\n %s %s",
principal->name, principal->instance);
#endif
/* DO IT */
count++;
principal++;
}
return count;
}
/*
* look up a dba in the cache returns number of dbas found
*/
int
kerb_cache_get_dba(serv, inst, dba, max)
char *serv; /* could have wild card */
char *inst; /* could have wild card */
Dba *dba;
unsigned int max; /* max number of name structs to return */
{
int found = 0;
u_long i;
if (!init)
kerb_cache_init();
#ifdef DEBUG
if (kerb_debug & 2)
fprintf(stderr, "cache_get_dba for %s %s max = %d\n",
serv, inst, max);
#endif
#ifdef DEBUG
if (kerb_debug & 2) {
if (found) {
fprintf(stderr, "cache get %s %s found %s %s sid = %d\n",
serv, inst, dba->name, dba->instance);
} else {
fprintf(stderr, "cache %s %s not found\n", serv, inst);
}
}
#endif
return (found);
}
/*
* insert/replace a dba in the cache returns number of dbas inserted
*/
int
kerb_cache_put_dba(dba, max)
Dba *dba;
unsigned int max; /* max number of dba structs to insert */
{
int found = 0;
u_long i;
int count = 0;
if (!init)
kerb_cache_init();
#ifdef DEBUG
if (kerb_debug & 2) {
fprintf(stderr, "kerb_cache_put_dba max = %d", max);
}
#endif
for (i = 0; i < max; i++) {
#ifdef DEBUG
if (kerb_debug & 2)
fprintf(stderr, "\n %s %s",
dba->name, dba->instance);
#endif
/* DO IT */
count++;
dba++;
}
return count;
}

1
eBones/kdb/krb_dbl.c Normal file
View file

@ -0,0 +1 @@
This file is now obsolete.

741
eBones/kdb/krb_dbm.c Normal file
View file

@ -0,0 +1,741 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* from: krb_dbm.c,v 4.9 89/04/18 16:15:13 wesommer Exp $
* $Id: krb_dbm.c,v 1.2 1994/07/19 19:23:36 g89r4222 Exp $
*/
#ifndef lint
static char rcsid[] =
"$Id: krb_dbm.c,v 1.2 1994/07/19 19:23:36 g89r4222 Exp $";
#endif lint
#if defined(__FreeBSD__)
#define NDBM
#endif
#include <stdio.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/uio.h>
#include <sys/time.h>
#include <sys/stat.h>
#include <sys/resource.h>
#include <sys/errno.h>
#include <strings.h>
#include <des.h>
#include <sys/file.h>
#ifdef NDBM
#include <ndbm.h>
#else /*NDBM*/
#include <dbm.h>
#endif /*NDBM*/
/* before krb_db.h */
#include <krb.h>
#include <krb_db.h>
#define KERB_DB_MAX_RETRY 5
#ifdef DEBUG
extern int debug;
extern long kerb_debug;
extern char *progname;
#endif
extern char *malloc();
extern int errno;
static init = 0;
static char default_db_name[] = DBM_FILE;
static char *current_db_name = default_db_name;
static void encode_princ_key(), decode_princ_key();
static void encode_princ_contents(), decode_princ_contents();
static void kerb_dbl_fini();
static int kerb_dbl_lock();
static void kerb_dbl_unlock();
static struct timeval timestamp;/* current time of request */
static int non_blocking = 0;
/*
* This module contains all of the code which directly interfaces to
* the underlying representation of the Kerberos database; this
* implementation uses a DBM or NDBM indexed "file" (actually
* implemented as two separate files) to store the relations, plus a
* third file as a semaphore to allow the database to be replaced out
* from underneath the KDC server.
*/
/*
* Locking:
*
* There are two distinct locking protocols used. One is designed to
* lock against processes (the admin_server, for one) which make
* incremental changes to the database; the other is designed to lock
* against utilities (kdb_util, kpropd) which replace the entire
* database in one fell swoop.
*
* The first locking protocol is implemented using flock() in the
* krb_dbl_lock() and krb_dbl_unlock routines.
*
* The second locking protocol is necessary because DBM "files" are
* actually implemented as two separate files, and it is impossible to
* atomically rename two files simultaneously. It assumes that the
* database is replaced only very infrequently in comparison to the time
* needed to do a database read operation.
*
* A third file is used as a "version" semaphore; the modification
* time of this file is the "version number" of the database.
* At the start of a read operation, the reader checks the version
* number; at the end of the read operation, it checks again. If the
* version number changed, or if the semaphore was nonexistant at
* either time, the reader sleeps for a second to let things
* stabilize, and then tries again; if it does not succeed after
* KERB_DB_MAX_RETRY attempts, it gives up.
*
* On update, the semaphore file is deleted (if it exists) before any
* update takes place; at the end of the update, it is replaced, with
* a version number strictly greater than the version number which
* existed at the start of the update.
*
* If the system crashes in the middle of an update, the semaphore
* file is not automatically created on reboot; this is a feature, not
* a bug, since the database may be inconsistant. Note that the
* absence of a semaphore file does not prevent another _update_ from
* taking place later. Database replacements take place automatically
* only on slave servers; a crash in the middle of an update will be
* fixed by the next slave propagation. A crash in the middle of an
* update on the master would be somewhat more serious, but this would
* likely be noticed by an administrator, who could fix the problem and
* retry the operation.
*/
/* Macros to convert ndbm names to dbm names.
* Note that dbm_nextkey() cannot be simply converted using a macro, since
* it is invoked giving the database, and nextkey() needs the previous key.
*
* Instead, all routines call "dbm_next" instead.
*/
#ifndef NDBM
typedef char DBM;
#define dbm_open(file, flags, mode) ((dbminit(file) == 0)?"":((char *)0))
#define dbm_fetch(db, key) fetch(key)
#define dbm_store(db, key, content, flag) store(key, content)
#define dbm_firstkey(db) firstkey()
#define dbm_next(db,key) nextkey(key)
#define dbm_close(db) dbmclose()
#else
#define dbm_next(db,key) dbm_nextkey(db)
#endif
/*
* Utility routine: generate name of database file.
*/
static char *gen_dbsuffix(db_name, sfx)
char *db_name;
char *sfx;
{
char *dbsuffix;
if (sfx == NULL)
sfx = ".ok";
dbsuffix = malloc (strlen(db_name) + strlen(sfx) + 1);
strcpy(dbsuffix, db_name);
strcat(dbsuffix, sfx);
return dbsuffix;
}
/*
* initialization for data base routines.
*/
kerb_db_init()
{
init = 1;
return (0);
}
/*
* gracefully shut down database--must be called by ANY program that does
* a kerb_db_init
*/
kerb_db_fini()
{
}
/*
* Set the "name" of the current database to some alternate value.
*
* Passing a null pointer as "name" will set back to the default.
* If the alternate database doesn't exist, nothing is changed.
*/
kerb_db_set_name(name)
char *name;
{
DBM *db;
if (name == NULL)
name = default_db_name;
db = dbm_open(name, 0, 0);
if (db == NULL)
return errno;
dbm_close(db);
kerb_dbl_fini();
current_db_name = name;
return 0;
}
/*
* Return the last modification time of the database.
*/
long kerb_get_db_age()
{
struct stat st;
char *okname;
long age;
okname = gen_dbsuffix(current_db_name, ".ok");
if (stat (okname, &st) < 0)
age = 0;
else
age = st.st_mtime;
free (okname);
return age;
}
/*
* Remove the semaphore file; indicates that database is currently
* under renovation.
*
* This is only for use when moving the database out from underneath
* the server (for example, during slave updates).
*/
static long kerb_start_update(db_name)
char *db_name;
{
char *okname = gen_dbsuffix(db_name, ".ok");
long age = kerb_get_db_age();
if (unlink(okname) < 0
&& errno != ENOENT) {
age = -1;
}
free (okname);
return age;
}
static long kerb_end_update(db_name, age)
char *db_name;
long age;
{
int fd;
int retval = 0;
char *new_okname = gen_dbsuffix(db_name, ".ok#");
char *okname = gen_dbsuffix(db_name, ".ok");
fd = open (new_okname, O_CREAT|O_RDWR|O_TRUNC, 0600);
if (fd < 0)
retval = errno;
else {
struct stat st;
struct timeval tv[2];
/* make sure that semaphore is "after" previous value. */
if (fstat (fd, &st) == 0
&& st.st_mtime <= age) {
tv[0].tv_sec = st.st_atime;
tv[0].tv_usec = 0;
tv[1].tv_sec = age;
tv[1].tv_usec = 0;
/* set times.. */
utimes (new_okname, tv);
fsync(fd);
}
close(fd);
if (rename (new_okname, okname) < 0)
retval = errno;
}
free (new_okname);
free (okname);
return retval;
}
static long kerb_start_read()
{
return kerb_get_db_age();
}
static long kerb_end_read(age)
u_long age;
{
if (kerb_get_db_age() != age || age == -1) {
return -1;
}
return 0;
}
/*
* Create the database, assuming it's not there.
*/
kerb_db_create(db_name)
char *db_name;
{
char *okname = gen_dbsuffix(db_name, ".ok");
int fd;
register int ret = 0;
#ifdef NDBM
DBM *db;
db = dbm_open(db_name, O_RDWR|O_CREAT|O_EXCL, 0600);
if (db == NULL)
ret = errno;
else
dbm_close(db);
#else
char *dirname = gen_dbsuffix(db_name, ".dir");
char *pagname = gen_dbsuffix(db_name, ".pag");
fd = open(dirname, O_RDWR|O_CREAT|O_EXCL, 0600);
if (fd < 0)
ret = errno;
else {
close(fd);
fd = open (pagname, O_RDWR|O_CREAT|O_EXCL, 0600);
if (fd < 0)
ret = errno;
else
close(fd);
}
if (dbminit(db_name) < 0)
ret = errno;
#endif
if (ret == 0) {
fd = open (okname, O_CREAT|O_RDWR|O_TRUNC, 0600);
if (fd < 0)
ret = errno;
close(fd);
}
return ret;
}
/*
* "Atomically" rename the database in a way that locks out read
* access in the middle of the rename.
*
* Not perfect; if we crash in the middle of an update, we don't
* necessarily know to complete the transaction the rename, but...
*/
kerb_db_rename(from, to)
char *from;
char *to;
{
char *fromdir = gen_dbsuffix (from, ".dir");
char *todir = gen_dbsuffix (to, ".dir");
char *frompag = gen_dbsuffix (from , ".pag");
char *topag = gen_dbsuffix (to, ".pag");
char *fromok = gen_dbsuffix(from, ".ok");
long trans = kerb_start_update(to);
int ok;
if ((rename (fromdir, todir) == 0)
&& (rename (frompag, topag) == 0)) {
(void) unlink (fromok);
ok = 1;
}
free (fromok);
free (fromdir);
free (todir);
free (frompag);
free (topag);
if (ok)
return kerb_end_update(to, trans);
else
return -1;
}
/*
* look up a principal in the data base returns number of principals
* found , and whether there were more than requested.
*/
kerb_db_get_principal(name, inst, principal, max, more)
char *name; /* could have wild card */
char *inst; /* could have wild card */
Principal *principal;
unsigned int max; /* max number of name structs to return */
int *more; /* where there more than 'max' tuples? */
{
int found = 0, code;
extern int errorproc();
int wildp, wildi;
datum key, contents;
char testname[ANAME_SZ], testinst[INST_SZ];
u_long trans;
int try;
DBM *db;
if (!init)
kerb_db_init(); /* initialize database routines */
for (try = 0; try < KERB_DB_MAX_RETRY; try++) {
trans = kerb_start_read();
if ((code = kerb_dbl_lock(KERB_DBL_SHARED)) != 0)
return -1;
db = dbm_open(current_db_name, O_RDONLY, 0600);
*more = 0;
#ifdef DEBUG
if (kerb_debug & 2)
fprintf(stderr,
"%s: db_get_principal for %s %s max = %d",
progname, name, inst, max);
#endif
wildp = !strcmp(name, "*");
wildi = !strcmp(inst, "*");
if (!wildi && !wildp) { /* nothing's wild */
encode_princ_key(&key, name, inst);
contents = dbm_fetch(db, key);
if (contents.dptr == NULL) {
found = 0;
goto done;
}
decode_princ_contents(&contents, principal);
#ifdef DEBUG
if (kerb_debug & 1) {
fprintf(stderr, "\t found %s %s p_n length %d t_n length %d\n",
principal->name, principal->instance,
strlen(principal->name),
strlen(principal->instance));
}
#endif
found = 1;
goto done;
}
/* process wild cards by looping through entire database */
for (key = dbm_firstkey(db); key.dptr != NULL;
key = dbm_next(db, key)) {
decode_princ_key(&key, testname, testinst);
if ((wildp || !strcmp(testname, name)) &&
(wildi || !strcmp(testinst, inst))) { /* have a match */
if (found >= max) {
*more = 1;
goto done;
} else {
found++;
contents = dbm_fetch(db, key);
decode_princ_contents(&contents, principal);
#ifdef DEBUG
if (kerb_debug & 1) {
fprintf(stderr,
"\tfound %s %s p_n length %d t_n length %d\n",
principal->name, principal->instance,
strlen(principal->name),
strlen(principal->instance));
}
#endif
principal++; /* point to next */
}
}
}
done:
kerb_dbl_unlock(); /* unlock read lock */
dbm_close(db);
if (kerb_end_read(trans) == 0)
break;
found = -1;
if (!non_blocking)
sleep(1);
}
return (found);
}
/*
* Update a name in the data base. Returns number of names
* successfully updated.
*/
kerb_db_put_principal(principal, max)
Principal *principal;
unsigned int max; /* number of principal structs to
* update */
{
int found = 0, code;
u_long i;
extern int errorproc();
datum key, contents;
DBM *db;
gettimeofday(&timestamp, NULL);
if (!init)
kerb_db_init();
if ((code = kerb_dbl_lock(KERB_DBL_EXCLUSIVE)) != 0)
return -1;
db = dbm_open(current_db_name, O_RDWR, 0600);
#ifdef DEBUG
if (kerb_debug & 2)
fprintf(stderr, "%s: kerb_db_put_principal max = %d",
progname, max);
#endif
/* for each one, stuff temps, and do replace/append */
for (i = 0; i < max; i++) {
encode_princ_contents(&contents, principal);
encode_princ_key(&key, principal->name, principal->instance);
dbm_store(db, key, contents, DBM_REPLACE);
#ifdef DEBUG
if (kerb_debug & 1) {
fprintf(stderr, "\n put %s %s\n",
principal->name, principal->instance);
}
#endif
found++;
principal++; /* bump to next struct */
}
dbm_close(db);
kerb_dbl_unlock(); /* unlock database */
return (found);
}
static void
encode_princ_key(key, name, instance)
datum *key;
char *name, *instance;
{
static char keystring[ANAME_SZ + INST_SZ];
bzero(keystring, ANAME_SZ + INST_SZ);
strncpy(keystring, name, ANAME_SZ);
strncpy(&keystring[ANAME_SZ], instance, INST_SZ);
key->dptr = keystring;
key->dsize = ANAME_SZ + INST_SZ;
}
static void
decode_princ_key(key, name, instance)
datum *key;
char *name, *instance;
{
strncpy(name, key->dptr, ANAME_SZ);
strncpy(instance, key->dptr + ANAME_SZ, INST_SZ);
name[ANAME_SZ - 1] = '\0';
instance[INST_SZ - 1] = '\0';
}
static void
encode_princ_contents(contents, principal)
datum *contents;
Principal *principal;
{
contents->dsize = sizeof(*principal);
contents->dptr = (char *) principal;
}
static void
decode_princ_contents(contents, principal)
datum *contents;
Principal *principal;
{
bcopy(contents->dptr, (char *) principal, sizeof(*principal));
}
kerb_db_get_stat(s)
DB_stat *s;
{
gettimeofday(&timestamp, NULL);
s->cpu = 0;
s->elapsed = 0;
s->dio = 0;
s->pfault = 0;
s->t_stamp = timestamp.tv_sec;
s->n_retrieve = 0;
s->n_replace = 0;
s->n_append = 0;
s->n_get_stat = 0;
s->n_put_stat = 0;
/* update local copy too */
}
kerb_db_put_stat(s)
DB_stat *s;
{
}
delta_stat(a, b, c)
DB_stat *a, *b, *c;
{
/* c = a - b then b = a for the next time */
c->cpu = a->cpu - b->cpu;
c->elapsed = a->elapsed - b->elapsed;
c->dio = a->dio - b->dio;
c->pfault = a->pfault - b->pfault;
c->t_stamp = a->t_stamp - b->t_stamp;
c->n_retrieve = a->n_retrieve - b->n_retrieve;
c->n_replace = a->n_replace - b->n_replace;
c->n_append = a->n_append - b->n_append;
c->n_get_stat = a->n_get_stat - b->n_get_stat;
c->n_put_stat = a->n_put_stat - b->n_put_stat;
bcopy(a, b, sizeof(DB_stat));
return;
}
/*
* look up a dba in the data base returns number of dbas found , and
* whether there were more than requested.
*/
kerb_db_get_dba(dba_name, dba_inst, dba, max, more)
char *dba_name; /* could have wild card */
char *dba_inst; /* could have wild card */
Dba *dba;
unsigned int max; /* max number of name structs to return */
int *more; /* where there more than 'max' tuples? */
{
*more = 0;
return (0);
}
kerb_db_iterate (func, arg)
int (*func)();
char *arg; /* void *, really */
{
datum key, contents;
Principal *principal;
int code;
DBM *db;
kerb_db_init(); /* initialize and open the database */
if ((code = kerb_dbl_lock(KERB_DBL_SHARED)) != 0)
return code;
db = dbm_open(current_db_name, O_RDONLY, 0600);
for (key = dbm_firstkey (db); key.dptr != NULL; key = dbm_next(db, key)) {
contents = dbm_fetch (db, key);
/* XXX may not be properly aligned */
principal = (Principal *) contents.dptr;
if ((code = (*func)(arg, principal)) != 0)
return code;
}
dbm_close(db);
kerb_dbl_unlock();
return 0;
}
static int dblfd = -1;
static int mylock = 0;
static int inited = 0;
static kerb_dbl_init()
{
if (!inited) {
char *filename = gen_dbsuffix (current_db_name, ".ok");
if ((dblfd = open(filename, 0)) < 0) {
fprintf(stderr, "kerb_dbl_init: couldn't open %s\n", filename);
fflush(stderr);
perror("open");
exit(1);
}
free(filename);
inited++;
}
return (0);
}
static void kerb_dbl_fini()
{
close(dblfd);
dblfd = -1;
inited = 0;
mylock = 0;
}
static int kerb_dbl_lock(mode)
int mode;
{
int flock_mode;
if (!inited)
kerb_dbl_init();
if (mylock) { /* Detect lock call when lock already
* locked */
fprintf(stderr, "Kerberos locking error (mylock)\n");
fflush(stderr);
exit(1);
}
switch (mode) {
case KERB_DBL_EXCLUSIVE:
flock_mode = LOCK_EX;
break;
case KERB_DBL_SHARED:
flock_mode = LOCK_SH;
break;
default:
fprintf(stderr, "invalid lock mode %d\n", mode);
abort();
}
if (non_blocking)
flock_mode |= LOCK_NB;
if (flock(dblfd, flock_mode) < 0)
return errno;
mylock++;
return 0;
}
static void kerb_dbl_unlock()
{
if (!mylock) { /* lock already unlocked */
fprintf(stderr, "Kerberos database lock not locked when unlocking.\n");
fflush(stderr);
exit(1);
}
if (flock(dblfd, LOCK_UN) < 0) {
fprintf(stderr, "Kerberos database lock error. (unlocking)\n");
fflush(stderr);
perror("flock");
exit(1);
}
mylock = 0;
}
int kerb_db_set_lockmode(mode)
int mode;
{
int old = non_blocking;
non_blocking = mode;
return old;
}

141
eBones/kdb/krb_kdb_utils.c Normal file
View file

@ -0,0 +1,141 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* Utility routines for Kerberos programs which directly access
* the database. This code was duplicated in too many places
* before I gathered it here.
*
* Jon Rochlis, MIT Telecom, March 1988
*
* from: krb_kdb_utils.c,v 4.1 89/07/26 11:01:12 jtkohl Exp $
* $Id: krb_kdb_utils.c,v 1.2 1994/07/19 19:23:38 g89r4222 Exp $
*/
#ifndef lint
static char rcsid[] =
"$Id: krb_kdb_utils.c,v 1.2 1994/07/19 19:23:38 g89r4222 Exp $";
#endif lint
#include <des.h>
#include <krb.h>
#include <krb_db.h>
#include <kdc.h>
#include <stdio.h>
#include <sys/file.h>
long kdb_get_master_key(prompt, master_key, master_key_sched)
int prompt;
C_Block master_key;
Key_schedule master_key_sched;
{
int kfile;
if (prompt) {
#ifdef NOENCRYPTION
placebo_read_password(master_key,
"\nEnter Kerberos master key: ", 0);
#else
des_read_password(master_key,
"\nEnter Kerberos master key: ", 0);
#endif
printf ("\n");
}
else {
kfile = open(MKEYFILE, O_RDONLY, 0600);
if (kfile < 0) {
/* oh, for com_err_ */
return (-1);
}
if (read(kfile, (char *) master_key, 8) != 8) {
return (-1);
}
close(kfile);
}
#ifndef NOENCRYPTION
key_sched(master_key,master_key_sched);
#endif
return (0);
}
/* The caller is reasponsible for cleaning up the master key and sched,
even if we can't verify the master key */
/* Returns master key version if successful, otherwise -1 */
long kdb_verify_master_key (master_key, master_key_sched, out)
C_Block master_key;
Key_schedule master_key_sched;
FILE *out; /* setting this to non-null be do output */
{
C_Block key_from_db;
Principal principal_data[1];
int n, more = 0;
long master_key_version;
/* lookup the master key version */
n = kerb_get_principal(KERB_M_NAME, KERB_M_INST, principal_data,
1 /* only one please */, &more);
if ((n != 1) || more) {
if (out != (FILE *) NULL)
fprintf(out,
"verify_master_key: %s, %d found.\n",
"Kerberos error on master key version lookup",
n);
return (-1);
}
master_key_version = (long) principal_data[0].key_version;
/* set up the master key */
if (out != (FILE *) NULL) /* should we punt this? */
fprintf(out, "Current Kerberos master key version is %d.\n",
principal_data[0].kdc_key_ver);
/*
* now use the master key to decrypt the key in the db, had better
* be the same!
*/
bcopy(&principal_data[0].key_low, key_from_db, 4);
bcopy(&principal_data[0].key_high, ((long *) key_from_db) + 1, 4);
kdb_encrypt_key (key_from_db, key_from_db,
master_key, master_key_sched, DECRYPT);
/* the decrypted database key had better equal the master key */
n = bcmp((char *) master_key, (char *) key_from_db,
sizeof(master_key));
/* this used to zero the master key here! */
bzero(key_from_db, sizeof(key_from_db));
bzero(principal_data, sizeof (principal_data));
if (n && (out != (FILE *) NULL)) {
fprintf(out, "\n\07\07verify_master_key: Invalid master key; ");
fprintf(out, "does not match database.\n");
return (-1);
}
if (out != (FILE *) NULL) {
fprintf(out, "\nMaster key entered. BEWARE!\07\07\n");
fflush(out);
}
return (master_key_version);
}
/* The old algorithm used the key schedule as the initial vector which
was byte order depedent ... */
kdb_encrypt_key (in, out, master_key, master_key_sched, e_d_flag)
C_Block in, out, master_key;
Key_schedule master_key_sched;
int e_d_flag;
{
#ifdef NOENCRYPTION
bcopy(in, out, sizeof(C_Block));
#else
pcbc_encrypt(in,out,(long)sizeof(C_Block),master_key_sched,master_key,
e_d_flag);
#endif
}

242
eBones/kdb/krb_lib.c Normal file
View file

@ -0,0 +1,242 @@
/*
* $Source: /home/CVS/src/eBones/kdb/krb_lib.c,v $
* $Author: g89r4222 $
*
* Copyright 1988 by the Massachusetts Institute of Technology.
*
* For copying and distribution information, please see the file
* <mit-copyright.h>.
*/
#ifndef lint
static char rcsid[] =
"$Id: krb_lib.c,v 1.2 1994/07/19 19:23:39 g89r4222 Exp $";
#endif lint
#include <stdio.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/uio.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <strings.h>
#include <des.h>
#include <krb.h>
#include <krb_db.h>
#ifdef DEBUG
extern int debug;
extern char *progname;
long kerb_debug;
#endif
extern char *strncpy();
extern char *ctime();
extern char *getenv();
static init = 0;
/*
* initialization routine for data base
*/
int
kerb_init()
{
#ifdef DEBUG
if (!init) {
char *dbg = getenv("KERB_DBG");
if (dbg)
sscanf(dbg, "%d", &kerb_debug);
init = 1;
}
#endif
kerb_db_init();
#ifdef CACHE
kerb_cache_init();
#endif
/* successful init, return 0, else errcode */
return (0);
}
/*
* finalization routine for database -- NOTE: MUST be called by any
* program using kerb_init. ALSO will have to be modified to finalize
* caches, if they're ever really implemented.
*/
int
kerb_fini()
{
kerb_db_fini();
}
/*
* look up a principal in the cache or data base returns number of
* principals found
*/
int
kerb_get_principal(name, inst, principal, max, more)
char *name; /* could have wild card */
char *inst; /* could have wild card */
Principal *principal;
unsigned int max; /* max number of name structs to return */
int *more; /* more tuples than room for */
{
int found = 0;
#ifdef CACHE
static int wild = 0;
#endif
if (!init)
kerb_init();
#ifdef DEBUG
if (kerb_debug & 1)
fprintf(stderr, "\n%s: kerb_get_principal for %s %s max = %d\n",
progname, name, inst, max);
#endif
/*
* if this is a request including a wild card, have to go to db
* since the cache may not be exhaustive.
*/
/* clear the principal area */
bzero((char *) principal, max * sizeof(Principal));
#ifdef CACHE
/*
* so check to see if the name contains a wildcard "*" or "?", not
* preceeded by a backslash.
*/
wild = 0;
if (index(name, '*') || index(name, '?') ||
index(inst, '*') || index(inst, '?'))
wild = 1;
if (!wild) {
/* try the cache first */
found = kerb_cache_get_principal(name, inst, principal, max, more);
if (found)
return (found);
}
#endif
/* If we didn't try cache, or it wasn't there, try db */
found = kerb_db_get_principal(name, inst, principal, max, more);
/* try to insert principal(s) into cache if it was found */
#ifdef CACHE
if (found) {
kerb_cache_put_principal(principal, found);
}
#endif
return (found);
}
/* principals */
kerb_put_principal(principal, n)
Principal *principal;
unsigned int n; /* number of principal structs to write */
{
long time();
struct tm *tp, *localtime();
/* set mod date */
principal->mod_date = time((long *)0);
/* and mod date string */
tp = localtime(&principal->mod_date);
(void) sprintf(principal->mod_date_txt, "%4d-%2d-%2d",
tp->tm_year > 1900 ? tp->tm_year : tp->tm_year + 1900,
tp->tm_mon + 1, tp->tm_mday); /* January is 0, not 1 */
#ifdef DEBUG
if (kerb_debug & 1) {
int i;
fprintf(stderr, "\nkerb_put_principal...");
for (i = 0; i < n; i++) {
krb_print_principal(&principal[i]);
}
}
#endif
/* write database */
if (kerb_db_put_principal(principal, n) < 0) {
#ifdef DEBUG
if (kerb_debug & 1)
fprintf(stderr, "\n%s: kerb_db_put_principal err", progname);
/* watch out for cache */
#endif
return -1;
}
#ifdef CACHE
/* write cache */
if (!kerb_cache_put_principal(principal, n)) {
#ifdef DEBUG
if (kerb_debug & 1)
fprintf(stderr, "\n%s: kerb_cache_put_principal err", progname);
#endif
return -1;
}
#endif
return 0;
}
int
kerb_get_dba(name, inst, dba, max, more)
char *name; /* could have wild card */
char *inst; /* could have wild card */
Dba *dba;
unsigned int max; /* max number of name structs to return */
int *more; /* more tuples than room for */
{
int found = 0;
#ifdef CACHE
static int wild = 0;
#endif
if (!init)
kerb_init();
#ifdef DEBUG
if (kerb_debug & 1)
fprintf(stderr, "\n%s: kerb_get_dba for %s %s max = %d\n",
progname, name, inst, max);
#endif
/*
* if this is a request including a wild card, have to go to db
* since the cache may not be exhaustive.
*/
/* clear the dba area */
bzero((char *) dba, max * sizeof(Dba));
#ifdef CACHE
/*
* so check to see if the name contains a wildcard "*" or "?", not
* preceeded by a backslash.
*/
wild = 0;
if (index(name, '*') || index(name, '?') ||
index(inst, '*') || index(inst, '?'))
wild = 1;
if (!wild) {
/* try the cache first */
found = kerb_cache_get_dba(name, inst, dba, max, more);
if (found)
return (found);
}
#endif
/* If we didn't try cache, or it wasn't there, try db */
found = kerb_db_get_dba(name, inst, dba, max, more);
#ifdef CACHE
/* try to insert dba(s) into cache if it was found */
if (found) {
kerb_cache_put_dba(dba, found);
}
#endif
return (found);
}

50
eBones/kdb/print_princ.c Normal file
View file

@ -0,0 +1,50 @@
/*
* Copyright 1988 by the Massachusetts Institute of Technology.
* For copying and distribution information, please see the file
* <Copyright.MIT>.
*
* from: $Header: /home/CVS/src/eBones/kdb/print_princ.c,v 1.2 1994/07/19 19:23:41 g89r4222 Exp $
* $Id: print_princ.c,v 1.2 1994/07/19 19:23:41 g89r4222 Exp $
*/
#ifndef lint
static char rcsid[] =
"$Id: print_princ.c,v 1.2 1994/07/19 19:23:41 g89r4222 Exp $";
#endif lint
#include <stdio.h>
#include <sys/types.h>
#include <sys/time.h>
#include <strings.h>
#include <krb.h>
#include <krb_db.h>
extern int debug;
extern char *strncpy();
extern char *ctime();
extern struct tm *localtime();
struct tm *time_p;
long kerb_debug;
krb_print_principal(a_n)
Principal *a_n;
{
/* run-time database does not contain string versions */
time_p = localtime(&(a_n->exp_date));
fprintf(stderr,
"\n%s %s expires %4d-%2d-%2d %2d:%2d, max_life %d*5 = %d min attr 0x%02x",
a_n->name, a_n->instance,
time_p->tm_year > 1900 ? time_p->tm_year : time_p->tm_year + 1900,
time_p->tm_mon + 1, time_p->tm_mday,
time_p->tm_hour, time_p->tm_min,
a_n->max_life, 5 * a_n->max_life, a_n->attributes);
fprintf(stderr,
"\n\tkey_ver %d k_low 0x%08x k_high 0x%08x akv %d exists %d\n",
a_n->key_version, a_n->key_low, a_n->key_high,
a_n->kdc_key_ver, a_n->old);
fflush(stderr);
}

8
eBones/kdb_destroy/Makefile Normal file
View file

@ -0,0 +1,8 @@
# From: @(#)Makefile 5.1 (Berkeley) 6/25/90
# $Id: Makefile,v 1.2 1994/07/19 19:23:46 g89r4222 Exp $
PROG= kdb_destroy
CFLAGS+=-DKERBEROS -DDEBUG -I${.CURDIR}/../include
NOMAN= noman
.include <bsd.prog.mk>

Some files were not shown because too many files have changed in this diff Show more