![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to quad_cksum.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / des|
Return to quad_cksum.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / kerberosIV / des |
1.1 ! root 1: /* ! 2: * $Source: /afs/athena.mit.edu/astaff/project/kerberos/src/lib/des/RCS/quad_cksum.c,v $ ! 3: * $Author: jtkohl $ ! 4: * ! 5: * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute ! 6: * of Technology. ! 7: * ! 8: * For copying and distribution information, please see the file ! 9: * <mit-copyright.h>. ! 10: * ! 11: * Quadratic Congruential Manipulation Dectection Code ! 12: * ! 13: * ref: "Message Authentication" ! 14: * R.R. Jueneman, S. M. Matyas, C.H. Meyer ! 15: * IEEE Communications Magazine, ! 16: * Sept 1985 Vol 23 No 9 p 29-40 ! 17: * ! 18: * This routine, part of the Athena DES library built for the Kerberos ! 19: * authentication system, calculates a manipulation detection code for ! 20: * a message. It is a much faster alternative to the DES-checksum ! 21: * method. No guarantees are offered for its security. Refer to the ! 22: * paper noted above for more information ! 23: * ! 24: * Implementation for 4.2bsd ! 25: * by S.P. Miller Project Athena/MIT ! 26: */ ! 27: ! 28: /* ! 29: * Algorithm (per paper): ! 30: * define: ! 31: * message to be composed of n m-bit blocks X1,...,Xn ! 32: * optional secret seed S in block X1 ! 33: * MDC in block Xn+1 ! 34: * prime modulus N ! 35: * accumulator Z ! 36: * initial (secret) value of accumulator C ! 37: * N, C, and S are known at both ends ! 38: * C and , optionally, S, are hidden from the end users ! 39: * then ! 40: * (read array references as subscripts over time) ! 41: * Z[0] = c; ! 42: * for i = 1...n ! 43: * Z[i] = (Z[i+1] + X[i])**2 modulo N ! 44: * X[n+1] = Z[n] = MDC ! 45: * ! 46: * Then pick ! 47: * N = 2**31 -1 ! 48: * m = 16 ! 49: * iterate 4 times over plaintext, also use Zn ! 50: * from iteration j as seed for iteration j+1, ! 51: * total MDC is then a 128 bit array of the four ! 52: * Zn; ! 53: * ! 54: * return the last Zn and optionally, all ! 55: * four as output args. ! 56: * ! 57: * Modifications: ! 58: * To inhibit brute force searches of the seed space, this ! 59: * implementation is modified to have ! 60: * Z = 64 bit accumulator ! 61: * C = 64 bit C seed ! 62: * N = 2**63 - 1 ! 63: * S = S seed is not implemented here ! 64: * arithmetic is not quite real double integer precision, since we ! 65: * cant get at the carry or high order results from multiply, ! 66: * but nontheless is 64 bit arithmetic. ! 67: */ ! 68: ! 69: #ifndef lint ! 70: static char rcsid_quad_cksum_c[] = ! 71: "$Id: quad_cksum.c,v 4.13 90/01/02 13:46:34 jtkohl Exp $"; ! 72: #endif lint ! 73: ! 74: #include <mit-copyright.h> ! 75: ! 76: /* System include files */ ! 77: #include <stdio.h> ! 78: #include <errno.h> ! 79: ! 80: /* Application include files */ ! 81: #include <des.h> ! 82: #include "des_internal.h" ! 83: /* Definitions for byte swapping */ ! 84: ! 85: #ifdef LSBFIRST ! 86: #ifdef MUSTALIGN ! 87: static unsigned long vaxtohl(); ! 88: static unsigned short vaxtohs(); ! 89: #else /* ! MUSTALIGN */ ! 90: #define vaxtohl(x) *((unsigned long *)(x)) ! 91: #define vaxtohs(x) *((unsigned short *)(x)) ! 92: #endif /* MUSTALIGN */ ! 93: #else /* !LSBFIRST */ ! 94: static unsigned long four_bytes_vax_to_nets(); ! 95: #define vaxtohl(x) four_bytes_vax_to_nets((char *)(x)) ! 96: static unsigned short two_bytes_vax_to_nets(); ! 97: #define vaxtohs(x) two_bytes_vax_to_nets((char *)(x)) ! 98: #endif ! 99: ! 100: /* Externals */ ! 101: extern char *errmsg(); ! 102: extern int errno; ! 103: extern int des_debug; ! 104: ! 105: /*** Routines ***************************************************** */ ! 106: ! 107: unsigned long ! 108: des_quad_cksum(in,out,length,out_count,c_seed) ! 109: des_cblock *c_seed; /* secret seed, 8 bytes */ ! 110: unsigned char *in; /* input block */ ! 111: unsigned long *out; /* optional longer output */ ! 112: int out_count; /* number of iterations */ ! 113: long length; /* original length in bytes */ ! 114: { ! 115: ! 116: /* ! 117: * this routine both returns the low order of the final (last in ! 118: * time) 32bits of the checksum, and if "out" is not a null ! 119: * pointer, a longer version, up to entire 32 bytes of the ! 120: * checksum is written unto the address pointed to. ! 121: */ ! 122: ! 123: register unsigned long z; ! 124: register unsigned long z2; ! 125: register unsigned long x; ! 126: register unsigned long x2; ! 127: register unsigned char *p; ! 128: register long len; ! 129: register int i; ! 130: ! 131: /* use all 8 bytes of seed */ ! 132: ! 133: z = vaxtohl(c_seed); ! 134: z2 = vaxtohl((char *)c_seed+4); ! 135: if (out == NULL) ! 136: out_count = 1; /* default */ ! 137: ! 138: /* This is repeated n times!! */ ! 139: for (i = 1; i <=4 && i<= out_count; i++) { ! 140: len = length; ! 141: p = in; ! 142: while (len) { ! 143: if (len > 1) { ! 144: x = (z + vaxtohs(p)); ! 145: p += 2; ! 146: len -= 2; ! 147: } ! 148: else { ! 149: x = (z + *(char *)p++); ! 150: len = 0; ! 151: } ! 152: x2 = z2; ! 153: z = ((x * x) + (x2 * x2)) % 0x7fffffff; ! 154: z2 = (x * (x2+83653421)) % 0x7fffffff; /* modulo */ ! 155: if (des_debug & 8) ! 156: printf("%d %d\n",z,z2); ! 157: } ! 158: ! 159: if (out != NULL) { ! 160: *out++ = z; ! 161: *out++ = z2; ! 162: } ! 163: } ! 164: /* return final z value as 32 bit version of checksum */ ! 165: return z; ! 166: } ! 167: #ifdef MSBFIRST ! 168: ! 169: static unsigned short two_bytes_vax_to_nets(p) ! 170: char *p; ! 171: { ! 172: union { ! 173: char pieces[2]; ! 174: unsigned short result; ! 175: } short_conv; ! 176: ! 177: short_conv.pieces[0] = p[1]; ! 178: short_conv.pieces[1] = p[0]; ! 179: return(short_conv.result); ! 180: } ! 181: ! 182: static unsigned long four_bytes_vax_to_nets(p) ! 183: char *p; ! 184: { ! 185: static union { ! 186: char pieces[4]; ! 187: unsigned long result; ! 188: } long_conv; ! 189: ! 190: long_conv.pieces[0] = p[3]; ! 191: long_conv.pieces[1] = p[2]; ! 192: long_conv.pieces[2] = p[1]; ! 193: long_conv.pieces[3] = p[0]; ! 194: return(long_conv.result); ! 195: } ! 196: ! 197: #endif ! 198: #ifdef LSBFIRST ! 199: #ifdef MUSTALIGN ! 200: static unsigned long vaxtohl(x) ! 201: char *x; ! 202: { ! 203: unsigned long val; ! 204: bcopy(x, (char *)&val, sizeof(val)); ! 205: return(val); ! 206: } ! 207: ! 208: static unsigned short vaxtohs(x) ! 209: char *x; ! 210: { ! 211: unsigned short val; ! 212: bcopy(x, (char *)&val, sizeof(val)); ! 213: return(val); ! 214: } ! 215: #endif /* MUSTALIGN */ ! 216: #endif /* LSBFIRST */
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.