Ejemplo n.º 1
0
/*
 * Long passwords, i.e 9 characters or more.
 */
static void
afs_transarc_StringToKey (char *str, char *cell, DES_cblock *key)
{
    DES_key_schedule schedule;
    DES_cblock temp_key;
    DES_cblock ivec;
    char password[512];
    int  passlen;

    strncpy (password, str, sizeof(password));
    password[sizeof(password)-1] = '\0';
    if ((passlen = strlen (password)) < sizeof(password)-1)
        strncat (password, cell, sizeof(password)-passlen);
    if ((passlen = strlen(password)) > sizeof(password)) passlen = sizeof(password);

    memcpy(&ivec, "kerberos", 8);
    memcpy(&temp_key, "kerberos", 8);
    des_fixup_key_parity (&temp_key);
    DES_key_sched (&temp_key, &schedule);
    DES_cbc_cksum ((unsigned char *)password, &ivec, passlen, &schedule, &ivec);

    memcpy(&temp_key, &ivec, 8);
    des_fixup_key_parity (&temp_key);
    DES_key_sched (&temp_key, &schedule);
    DES_cbc_cksum ((unsigned char *)password, key, passlen, &schedule, &ivec);

    des_fixup_key_parity (key);
}
Ejemplo n.º 2
0
/*
 * des_random_key: create a random des key
 *
 * You should call des_set_random_number_generater_seed at least
 * once before this routine is called.  If you haven't, I'll try
 * to add a little randomness to the start point anyway.  Yes,
 * it recurses.  Deal with it.
 *
 * Notes: the returned key has correct parity and is guarenteed not
 *        to be a weak des key.  Des_generate_random_block is used to
 *        provide the random bits.
 */
int
des_random_key(des_cblock key)
{
    LOCK_INIT;
    if (!is_inited) {
	des_init_random_number_generator(key);
    }
    UNLOCK_INIT;
    do {
	des_generate_random_block(key);
	des_fixup_key_parity(key);
    } while (des_is_weak_key(key));

    return (0);
}
Ejemplo n.º 3
0
/*
 * Short passwords, i.e 8 characters or less.
 */
static void
afs_cmu_StringToKey (char *str, char *cell, DES_cblock *key)
{
    char  password[8+1];	/* crypt is limited to 8 chars anyway */
    int   i;
    int   passlen;

    strncpy (password, cell, 8);
    password[8] = '\0';
    passlen = strlen (str);
    if (passlen > 8) passlen = 8;

    for (i=0; i<passlen; i++)
        password[i] = str[i] ^ cell[i];	/* make sure cell is zero padded */

    for (i=0; i<8; i++)
        if (password[i] == '\0') password[i] = 'X';

    /* crypt only considers the first 8 characters of password but for some
       reason returns eleven characters of result (plus the two salt chars). */
#ifdef KRB4_USE_SYSTEM_CRYPT
    strncpy((char *)key, crypt(password, "p1") + 2, sizeof(DES_cblock));
#else
/* Use OpenSSL's DES_crypt() */
    strncpy((char *)key, DES_crypt(password, "p1") + 2, sizeof(DES_cblock));
#endif

    /* parity is inserted into the LSB so leftshift each byte up one bit.  This
       allows ascii characters with a zero MSB to retain as much significance
       as possible. */
    {   char *keybytes = (char *)key;
        unsigned int temp;

        for (i = 0; i < 8; i++) {
            temp = (unsigned int) keybytes[i];
            keybytes[i] = (unsigned char) (temp << 1);
        }
    }
    des_fixup_key_parity (key);
}
Ejemplo n.º 4
0
/*
 * convert an arbitrary length string to a DES key
 */
void
des_string_to_key(char *str, register des_cblock * key)
{
    register char *in_str;
    register unsigned temp, i, j;
    register afs_int32 length;
    unsigned char *k_p;
    int forward;
    register char *p_char;
    char k_char[64];
    des_key_schedule key_sked;

    in_str = str;
    forward = 1;
    p_char = k_char;
    length = strlen(str);

    /* init key array for bits */
    memset(k_char, 0, sizeof(k_char));

#ifdef DEBUG
    if (des_debug)
	fprintf(stdout,
		"\n\ninput str length = %d  string = %s\nstring = 0x ",
		length, str);
#endif

    /* get next 8 bytes, strip parity, xor */
    for (i = 1; i <= length; i++) {
	/* get next input key byte */
	temp = (unsigned int)*str++;
#ifdef DEBUG
	if (des_debug)
	    fprintf(stdout, "%02x ", temp & 0xff);
#endif
	/* loop through bits within byte, ignore parity */
	for (j = 0; j <= 6; j++) {
	    if (forward)
		*p_char++ ^= (int)temp & 01;
	    else
		*--p_char ^= (int)temp & 01;
	    temp = temp >> 1;
	} while (--j > 0);

	/* check and flip direction */
	if ((i % 8) == 0)
	    forward = !forward;
    }

    /* now stuff into the key des_cblock, and force odd parity */
    p_char = k_char;
    k_p = (unsigned char *)key;

    for (i = 0; i <= 7; i++) {
	temp = 0;
	for (j = 0; j <= 6; j++)
	    temp |= *p_char++ << (1 + j);
	*k_p++ = (unsigned char)temp;
    }

    /* fix key parity */
    des_fixup_key_parity(key);

    /* Now one-way encrypt it with the folded key */
    (void)des_key_sched(key, key_sked);
    (void)des_cbc_cksum((des_cblock *) in_str, key, length, key_sked, key);
    /* erase key_sked */
    memset((char *)key_sked, 0, sizeof(key_sked));

    /* now fix up key parity again */
    des_fixup_key_parity(key);

    if (des_debug)
	fprintf(stdout, "\nResulting string_to_key = 0x%lx 0x%lx\n",
		*((afs_uint32 *) key), *((afs_uint32 *) key + 1));
}