2
0

VERSION 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412
  1. Fixed the weak key values which were wrong :-(
  2. Defining SIGACTION causes sigaction() to be used instead of signal().
  3. SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it
  4. can cause problems. This should hopefully not affect normal
  5. applications.
  6. Version 4.04
  7. Fixed a few tests in destest. Also added x86 assember for
  8. des_ncbc_encrypt() which is the standard cbc mode function.
  9. This makes a very very large performace difference.
  10. Ariel Glenn ariel@columbia.edu reports that the terminal
  11. 'turn echo off' can return (errno == EINVAL) under solaris
  12. when redirection is used. So I now catch that as well as ENOTTY.
  13. Version 4.03
  14. Left a static out of enc_write.c, which caused to buffer to be
  15. continiously malloc()ed. Does anyone use these functions? I keep
  16. on feeling like removing them since I only had these in there
  17. for a version of kerberised login. Anyway, this was pointed out
  18. by Theo de Raadt <deraadt@cvs.openbsd.org>
  19. The 'n' bit ofb code was wrong, it was not shifting the shift
  20. register. It worked correctly for n == 64. Thanks to
  21. Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out.
  22. Version 4.02
  23. I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)'
  24. when checking for weak keys which is wrong :-(, pointed out by
  25. Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
  26. Version 4.01
  27. Even faster inner loop in the DES assembler for x86 and a modification
  28. for IP/FP which is faster on x86. Both of these changes are
  29. from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. His
  30. changes make the assembler run %40 faster on a pentium. This is just
  31. a case of getting the instruction sequence 'just right'.
  32. All credit to 'Svend' :-)
  33. Quite a few special x86 'make' targets.
  34. A libdes-l (lite) distribution.
  35. Version 4.00
  36. After a bit of a pause, I'll up the major version number since this
  37. is mostly a performace release. I've added x86 assembler and
  38. added more options for performance. A %28 speedup for gcc
  39. on a pentium and the assembler is a %50 speedup.
  40. MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
  41. Run des_opts to work out which options should be used.
  42. DES_RISC1/DES_RISC2 use alternative inner loops which use
  43. more registers but should give speedups on any CPU that does
  44. dual issue (pentium). DES_UNROLL unrolls the inner loop,
  45. which costs in code size.
  46. Version 3.26
  47. I've finally removed one of the shifts in D_ENCRYPT. This
  48. meant I've changed the des_SPtrans table (spr.h), the set_key()
  49. function and some things in des_enc.c. This has definitly
  50. made things faster :-). I've known about this one for some
  51. time but I've been too lazy to follow it up :-).
  52. Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
  53. instead of L^=((..)|(..)|(..).. This should save a register at
  54. least.
  55. Assember for x86. The file to replace is des_enc.c, which is replaced
  56. by one of the assembler files found in asm. Look at des/asm/readme
  57. for more info.
  58. /* Modification to fcrypt so it can be compiled to support
  59. HPUX 10.x's long password format, define -DLONGCRYPT to use this.
  60. Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
  61. SIGWINCH case put in des_read_passwd() so the function does not
  62. 'exit' if this function is recieved.
  63. Version 3.25 17/07/96
  64. Modified read_pwd.c so that stdin can be read if not a tty.
  65. Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
  66. des_init_random_number_generator() shortened due to VMS linker
  67. limits.
  68. Added RSA's DESX cbc mode. It is a form of cbc encryption, with 2
  69. 8 byte quantites xored before and after encryption.
  70. des_xcbc_encryption() - the name is funny to preserve the des_
  71. prefix on all functions.
  72. Version 3.24 20/04/96
  73. The DES_PTR macro option checked and used by SSLeay configuration
  74. Version 3.23 11/04/96
  75. Added DES_LONG. If defined to 'unsigned int' on the DEC Alpha,
  76. it gives a %20 speedup :-)
  77. Fixed the problem with des.pl under perl5. The patches were
  78. sent by Ed Kubaitis (ejk@uiuc.edu).
  79. if fcrypt.c, changed values to handle illegal salt values the way
  80. normal crypt() implementations do. Some programs apparently use
  81. them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
  82. Version 3.22 29/11/95
  83. Bug in des(1), an error with the uuencoding stuff when the
  84. 'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
  85. for the patch.
  86. Version 3.21 22/11/95
  87. After some emailing back and forth with
  88. Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
  89. and in a future version I will probably put in some of the
  90. optimisation he suggested for use with the DES_USE_PTR option.
  91. Extra routines from Mark Murray <mark@grondar.za> for use in
  92. freeBSD. They mostly involve random number generation for use
  93. with kerberos. They involve evil machine specific system calls
  94. etc so I would normally suggest pushing this stuff into the
  95. application and/or using RAND_seed()/RAND_bytes() if you are
  96. using this DES library as part of SSLeay.
  97. Redone the read_pw() function so that it is cleaner and
  98. supports termios, thanks to Sameer Parekh <sameer@c2.org>
  99. for the initial patches for this.
  100. Renamed 3ecb_encrypt() to ecb3_encrypt(). This has been
  101. done just to make things more consistent.
  102. I have also now added triple DES versions of cfb and ofb.
  103. Version 3.20
  104. Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
  105. my des_random_seed() function was only copying 4 bytes of the
  106. passed seed into the init structure. It is now fixed to copy 8.
  107. My own suggestion is to used something like MD5 :-)
  108. Version 3.19
  109. While looking at my code one day, I though, why do I keep on
  110. calling des_encrypt(in,out,ks,enc) when every function that
  111. calls it has in and out the same. So I dropped the 'out'
  112. parameter, people should not be using this function.
  113. Version 3.18 30/08/95
  114. Fixed a few bit with the distribution and the filenames.
  115. 3.17 had been munged via a move to DOS and back again.
  116. NO CODE CHANGES
  117. Version 3.17 14/07/95
  118. Fixed ede3 cbc which I had broken in 3.16. I have also
  119. removed some unneeded variables in 7-8 of the routines.
  120. Version 3.16 26/06/95
  121. Added des_encrypt2() which does not use IP/FP, used by triple
  122. des routines. Tweaked things a bit elsewhere. %13 speedup on
  123. sparc and %6 on a R4400 for ede3 cbc mode.
  124. Version 3.15 06/06/95
  125. Added des_ncbc_encrypt(), it is des_cbc mode except that it is
  126. 'normal' and copies the new iv value back over the top of the
  127. passed parameter.
  128. CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
  129. the iv. THIS WILL BREAK EXISTING CODE, but since this function
  130. only new, I feel I can change it, not so with des_cbc_encrypt :-(.
  131. I need to update the documentation.
  132. Version 3.14 31/05/95
  133. New release upon the world, as part of my SSL implementation.
  134. New copyright and usage stuff. Basically free for all to use
  135. as long as you say it came from me :-)
  136. Version 3.13 31/05/95
  137. A fix in speed.c, if HZ is not defined, I set it to 100.0
  138. which is reasonable for most unixes except SunOS 4.x.
  139. I now have a #ifdef sun but timing for SunOS 4.x looked very
  140. good :-(. At my last job where I used SunOS 4.x, it was
  141. defined to be 60.0 (look at the old INSTALL documentation), at
  142. the last release had it changed to 100.0 since I now work with
  143. Solaris2 and SVR4 boxes.
  144. Thanks to Rory Chisholm <rchishol@math.ethz.ch> for pointing this
  145. one out.
  146. Version 3.12 08/05/95
  147. As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
  148. my D_ENCRYPT macro in crypt() had an un-necessary variable.
  149. It has been removed.
  150. Version 3.11 03/05/95
  151. Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
  152. and one iv. It is a standard and I needed it for my SSL code.
  153. It makes more sense to use this for triple DES than
  154. 3cbc_encrypt(). I have also added (or should I say tested :-)
  155. cfb64_encrypt() which is cfb64 but it will encrypt a partial
  156. number of bytes - 3 bytes in 3 bytes out. Again this is for
  157. my SSL library, as a form of encryption to use with SSL
  158. telnet.
  159. Version 3.10 22/03/95
  160. Fixed a bug in 3cbc_encrypt() :-(. When making repeated calls
  161. to cbc3_encrypt, the 2 iv values that were being returned to
  162. be used in the next call were reversed :-(.
  163. Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
  164. this error.
  165. Version 3.09 01/02/95
  166. Fixed des_random_key to far more random, it was rather feeble
  167. with regards to picking the initial seed. The problem was
  168. pointed out by Olaf Kirch <okir@monad.swb.de>.
  169. Version 3.08 14/12/94
  170. Added Makefile.PL so libdes can be built into perl5.
  171. Changed des_locl.h so RAND is always defined.
  172. Version 3.07 05/12/94
  173. Added GNUmake and stuff so the library can be build with
  174. glibc.
  175. Version 3.06 30/08/94
  176. Added rpc_enc.c which contains _des_crypt. This is for use in
  177. secure_rpc v 4.0
  178. Finally fixed the cfb_enc problems.
  179. Fixed a few parameter parsing bugs in des (-3 and -b), thanks
  180. to Rob McMillan <R.McMillan@its.gu.edu.au>
  181. Version 3.05 21/04/94
  182. for unsigned long l; gcc does not produce ((l>>34) == 0)
  183. This causes bugs in cfb_enc.
  184. Thanks to Hadmut Danisch <danisch@ira.uka.de>
  185. Version 3.04 20/04/94
  186. Added a version number to des.c and libdes.a
  187. Version 3.03 12/01/94
  188. Fixed a bug in non zero iv in 3cbc_enc.
  189. Version 3.02 29/10/93
  190. I now work in a place where there are 6+ architectures and 14+
  191. OS versions :-).
  192. Fixed TERMIO definition so the most sys V boxes will work :-)
  193. Release upon comp.sources.misc
  194. Version 3.01 08/10/93
  195. Added des_3cbc_encrypt()
  196. Version 3.00 07/10/93
  197. Fixed up documentation.
  198. quad_cksum definitely compatible with MIT's now.
  199. Version 2.30 24/08/93
  200. Triple DES now defaults to triple cbc but can do triple ecb
  201. with the -b flag.
  202. Fixed some MSDOS uuen/uudecoding problems, thanks to
  203. Added prototypes.
  204. Version 2.22 29/06/93
  205. Fixed a bug in des_is_weak_key() which stopped it working :-(
  206. thanks to engineering@MorningStar.Com.
  207. Version 2.21 03/06/93
  208. des(1) with no arguments gives quite a bit of help.
  209. Added -c (generate ckecksum) flag to des(1).
  210. Added -3 (triple DES) flag to des(1).
  211. Added cfb and ofb routines to the library.
  212. Version 2.20 11/03/93
  213. Added -u (uuencode) flag to des(1).
  214. I have been playing with byte order in quad_cksum to make it
  215. compatible with MIT's version. All I can say is avid this
  216. function if possible since MIT's output is endian dependent.
  217. Version 2.12 14/10/92
  218. Added MSDOS specific macro in ecb_encrypt which gives a %70
  219. speed up when the code is compiled with turbo C.
  220. Version 2.11 12/10/92
  221. Speedup in set_key (recoding of PC-1)
  222. I now do it in 47 simple operations, down from 60.
  223. Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
  224. for motivating me to look for a faster system :-)
  225. The speedup is probably less that 1% but it is still 13
  226. instructions less :-).
  227. Version 2.10 06/10/92
  228. The code now works on the 64bit ETA10 and CRAY without modifications or
  229. #defines. I believe the code should work on any machine that
  230. defines long, int or short to be 8 bytes long.
  231. Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
  232. for helping me fix the code to run on 64bit machines (he had
  233. access to an ETA10).
  234. Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
  235. for testing the routines on a CRAY.
  236. read_password.c has been renamed to read_passwd.c
  237. string_to_key.c has been renamed to string2key.c
  238. Version 2.00 14/09/92
  239. Made mods so that the library should work on 64bit CPU's.
  240. Removed all my uchar and ulong defs. To many different
  241. versions of unix define them in their header files in too many
  242. different combinations :-)
  243. IRIX - Sillicon Graphics mods (mostly in read_password.c).
  244. Thanks to Andrew Daviel (advax@erich.triumf.ca)
  245. Version 1.99 26/08/92
  246. Fixed a bug or 2 in enc_read.c
  247. Fixed a bug in enc_write.c
  248. Fixed a pseudo bug in fcrypt.c (very obscure).
  249. Version 1.98 31/07/92
  250. Support for the ETA10. This is a strange machine that defines
  251. longs and ints as 8 bytes and shorts as 4 bytes.
  252. Since I do evil things with long * that assume that they are 4
  253. bytes. Look in the Makefile for the option to compile for
  254. this machine. quad_cksum appears to have problems but I
  255. will don't have the time to fix it right now, and this is not
  256. a function that uses DES and so will not effect the main uses
  257. of the library.
  258. Version 1.97 20/05/92 eay
  259. Fixed the Imakefile and made some changes to des.h to fix some
  260. problems when building this package with Kerberos v 4.
  261. Version 1.96 18/05/92 eay
  262. Fixed a small bug in string_to_key() where problems could
  263. occur if des_check_key was set to true and the string
  264. generated a weak key.
  265. Patch2 posted to comp.sources.misc
  266. Version 1.95 13/05/92 eay
  267. Added an alternative version of the D_ENCRYPT macro in
  268. ecb_encrypt and fcrypt. Depending on the compiler, one version or the
  269. other will be faster. This was inspired by
  270. Dana How <how@isl.stanford.edu>, and her pointers about doing the
  271. *(ulong *)((uchar *)ptr+(value&0xfc))
  272. vs
  273. ptr[value&0x3f]
  274. to stop the C compiler doing a <<2 to convert the long array index.
  275. Version 1.94 05/05/92 eay
  276. Fixed an incompatibility between my string_to_key and the MIT
  277. version. When the key is longer than 8 chars, I was wrapping
  278. with a different method. To use the old version, define
  279. OLD_STR_TO_KEY in the makefile. Thanks to
  280. viktor@newsu.shearson.com (Viktor Dukhovni).
  281. Version 1.93 28/04/92 eay
  282. Fixed the VMS mods so that echo is now turned off in
  283. read_password. Thanks again to brennan@coco.cchs.su.oz.AU.
  284. MSDOS support added. The routines can be compiled with
  285. Turbo C (v2.0) and MSC (v5.1). Make sure MSDOS is defined.
  286. Patch1 posted to comp.sources.misc
  287. Version 1.92 13/04/92 eay
  288. Changed D_ENCRYPT so that the rotation of R occurs outside of
  289. the loop. This required rotating all the longs in sp.h (now
  290. called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
  291. speed.c has been changed so it will work without SIGALRM. If
  292. times(3) is not present it will try to use ftime() instead.
  293. Version 1.91 08/04/92 eay
  294. Added -E/-D options to des(1) so it can use string_to_key.
  295. Added SVR4 mods suggested by witr@rwwa.COM
  296. Added VMS mods suggested by brennan@coco.cchs.su.oz.AU. If
  297. anyone knows how to turn of tty echo in VMS please tell me or
  298. implement it yourself :-).
  299. Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
  300. does not like IN/OUT being used.
  301. Libdes posted to comp.sources.misc
  302. Version 1.9 24/03/92 eay
  303. Now contains a fast small crypt replacement.
  304. Added des(1) command.
  305. Added des_rw_mode so people can use cbc encryption with
  306. enc_read and enc_write.
  307. Version 1.8 15/10/91 eay
  308. Bug in cbc_cksum.
  309. Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
  310. one out.
  311. Version 1.7 24/09/91 eay
  312. Fixed set_key :-)
  313. set_key is 4 times faster and takes less space.
  314. There are a few minor changes that could be made.
  315. Version 1.6 19/09/1991 eay
  316. Finally go IP and FP finished.
  317. Now I need to fix set_key.
  318. This version is quite a bit faster that 1.51
  319. Version 1.52 15/06/1991 eay
  320. 20% speedup in ecb_encrypt by changing the E bit selection
  321. to use 2 32bit words. This also required modification of the
  322. sp table. There is still a way to speedup the IP and IP-1
  323. (hints from outer@sq.com) still working on this one :-(.
  324. Version 1.51 07/06/1991 eay
  325. Faster des_encrypt by loop unrolling
  326. Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
  327. Version 1.50 28/05/1991 eay
  328. Optimised the code a bit more for the sparc. I have improved the
  329. speed of the inner des_encrypt by speeding up the initial and
  330. final permutations.
  331. Version 1.40 23/10/1990 eay
  332. Fixed des_random_key, it did not produce a random key :-(
  333. Version 1.30 2/10/1990 eay
  334. Have made des_quad_cksum the same as MIT's, the full package
  335. should be compatible with MIT's
  336. Have tested on a DECstation 3100
  337. Still need to fix des_set_key (make it faster).
  338. Does des_cbc_encrypts at 70.5k/sec on a 3100.
  339. Version 1.20 18/09/1990 eay
  340. Fixed byte order dependencies.
  341. Fixed (I hope) all the word alignment problems.
  342. Speedup in des_ecb_encrypt.
  343. Version 1.10 11/09/1990 eay
  344. Added des_enc_read and des_enc_write.
  345. Still need to fix des_quad_cksum.
  346. Still need to document des_enc_read and des_enc_write.
  347. Version 1.00 27/08/1990 eay