155714Skris Fixed the weak key values which were wrong :-( 255714Skris Defining SIGACTION causes sigaction() to be used instead of signal(). 355714Skris SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it 455714Skris can cause problems. This should hopefully not affect normal 555714Skris applications. 655714Skris 755714SkrisVersion 4.04 855714Skris Fixed a few tests in destest. Also added x86 assember for 955714Skris des_ncbc_encrypt() which is the standard cbc mode function. 1055714Skris This makes a very very large performace difference. 1155714Skris Ariel Glenn ariel@columbia.edu reports that the terminal 1255714Skris 'turn echo off' can return (errno == EINVAL) under solaris 1355714Skris when redirection is used. So I now catch that as well as ENOTTY. 1455714Skris 1555714Skris 1655714SkrisVersion 4.03 1755714Skris Left a static out of enc_write.c, which caused to buffer to be 1855714Skris continiously malloc()ed. Does anyone use these functions? I keep 1955714Skris on feeling like removing them since I only had these in there 2055714Skris for a version of kerberised login. Anyway, this was pointed out 2155714Skris by Theo de Raadt <deraadt@cvs.openbsd.org> 2255714Skris The 'n' bit ofb code was wrong, it was not shifting the shift 2355714Skris register. It worked correctly for n == 64. Thanks to 2455714Skris Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out. 2555714Skris 2655714SkrisVersion 4.02 2755714Skris I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)' 2855714Skris when checking for weak keys which is wrong :-(, pointed out by 2955714Skris Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>. 3055714Skris 3155714SkrisVersion 4.01 3255714Skris Even faster inner loop in the DES assembler for x86 and a modification 3355714Skris for IP/FP which is faster on x86. Both of these changes are 3455714Skris from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. His 3555714Skris changes make the assembler run %40 faster on a pentium. This is just 3655714Skris a case of getting the instruction sequence 'just right'. 3755714Skris All credit to 'Svend' :-) 3855714Skris Quite a few special x86 'make' targets. 3955714Skris A libdes-l (lite) distribution. 4055714Skris 4155714SkrisVersion 4.00 4255714Skris After a bit of a pause, I'll up the major version number since this 4355714Skris is mostly a performace release. I've added x86 assembler and 4455714Skris added more options for performance. A %28 speedup for gcc 4555714Skris on a pentium and the assembler is a %50 speedup. 4655714Skris MIPS CPU's, sparc and Alpha are the main CPU's with speedups. 4755714Skris Run des_opts to work out which options should be used. 4855714Skris DES_RISC1/DES_RISC2 use alternative inner loops which use 4955714Skris more registers but should give speedups on any CPU that does 5055714Skris dual issue (pentium). DES_UNROLL unrolls the inner loop, 5155714Skris which costs in code size. 5255714Skris 5355714SkrisVersion 3.26 5455714Skris I've finally removed one of the shifts in D_ENCRYPT. This 5555714Skris meant I've changed the des_SPtrans table (spr.h), the set_key() 5655714Skris function and some things in des_enc.c. This has definitly 5755714Skris made things faster :-). I've known about this one for some 5855714Skris time but I've been too lazy to follow it up :-). 5955714Skris Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^.. 6055714Skris instead of L^=((..)|(..)|(..).. This should save a register at 6155714Skris least. 6255714Skris Assember for x86. The file to replace is des_enc.c, which is replaced 6355714Skris by one of the assembler files found in asm. Look at des/asm/readme 6455714Skris for more info. 6555714Skris 6655714Skris /* Modification to fcrypt so it can be compiled to support 6755714Skris HPUX 10.x's long password format, define -DLONGCRYPT to use this. 6855714Skris Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */ 6955714Skris 7055714Skris SIGWINCH case put in des_read_passwd() so the function does not 7155714Skris 'exit' if this function is recieved. 7255714Skris 7355714SkrisVersion 3.25 17/07/96 7455714Skris Modified read_pwd.c so that stdin can be read if not a tty. 7555714Skris Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches. 7655714Skris des_init_random_number_generator() shortened due to VMS linker 7755714Skris limits. 7855714Skris Added RSA's DESX cbc mode. It is a form of cbc encryption, with 2 7955714Skris 8 byte quantites xored before and after encryption. 8055714Skris des_xcbc_encryption() - the name is funny to preserve the des_ 8155714Skris prefix on all functions. 8255714Skris 8355714SkrisVersion 3.24 20/04/96 8455714Skris The DES_PTR macro option checked and used by SSLeay configuration 8555714Skris 8655714SkrisVersion 3.23 11/04/96 8755714Skris Added DES_LONG. If defined to 'unsigned int' on the DEC Alpha, 8855714Skris it gives a %20 speedup :-) 8955714Skris Fixed the problem with des.pl under perl5. The patches were 9055714Skris sent by Ed Kubaitis (ejk@uiuc.edu). 9155714Skris if fcrypt.c, changed values to handle illegal salt values the way 9255714Skris normal crypt() implementations do. Some programs apparently use 9355714Skris them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se> 9455714Skris 9555714SkrisVersion 3.22 29/11/95 9655714Skris Bug in des(1), an error with the uuencoding stuff when the 9755714Skris 'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au> 9855714Skris for the patch. 9955714Skris 10055714SkrisVersion 3.21 22/11/95 10155714Skris After some emailing back and forth with 10255714Skris Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things 10355714Skris and in a future version I will probably put in some of the 10455714Skris optimisation he suggested for use with the DES_USE_PTR option. 10555714Skris Extra routines from Mark Murray <mark@grondar.za> for use in 10655714Skris freeBSD. They mostly involve random number generation for use 10755714Skris with kerberos. They involve evil machine specific system calls 10855714Skris etc so I would normally suggest pushing this stuff into the 10955714Skris application and/or using RAND_seed()/RAND_bytes() if you are 11055714Skris using this DES library as part of SSLeay. 11155714Skris Redone the read_pw() function so that it is cleaner and 11255714Skris supports termios, thanks to Sameer Parekh <sameer@c2.org> 11355714Skris for the initial patches for this. 11455714Skris Renamed 3ecb_encrypt() to ecb3_encrypt(). This has been 11555714Skris done just to make things more consistent. 11655714Skris I have also now added triple DES versions of cfb and ofb. 11755714Skris 11855714SkrisVersion 3.20 11955714Skris Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com, 12055714Skris my des_random_seed() function was only copying 4 bytes of the 12155714Skris passed seed into the init structure. It is now fixed to copy 8. 12255714Skris My own suggestion is to used something like MD5 :-) 12355714Skris 12455714SkrisVersion 3.19 12555714Skris While looking at my code one day, I though, why do I keep on 12655714Skris calling des_encrypt(in,out,ks,enc) when every function that 12755714Skris calls it has in and out the same. So I dropped the 'out' 12855714Skris parameter, people should not be using this function. 12955714Skris 13055714SkrisVersion 3.18 30/08/95 13155714Skris Fixed a few bit with the distribution and the filenames. 13255714Skris 3.17 had been munged via a move to DOS and back again. 13355714Skris NO CODE CHANGES 13455714Skris 13555714SkrisVersion 3.17 14/07/95 13655714Skris Fixed ede3 cbc which I had broken in 3.16. I have also 13755714Skris removed some unneeded variables in 7-8 of the routines. 13855714Skris 13955714SkrisVersion 3.16 26/06/95 14055714Skris Added des_encrypt2() which does not use IP/FP, used by triple 14155714Skris des routines. Tweaked things a bit elsewhere. %13 speedup on 14255714Skris sparc and %6 on a R4400 for ede3 cbc mode. 14355714Skris 14455714SkrisVersion 3.15 06/06/95 14555714Skris Added des_ncbc_encrypt(), it is des_cbc mode except that it is 14655714Skris 'normal' and copies the new iv value back over the top of the 14755714Skris passed parameter. 14855714Skris CHANGED des_ede3_cbc_encrypt() so that it too now overwrites 14955714Skris the iv. THIS WILL BREAK EXISTING CODE, but since this function 15055714Skris only new, I feel I can change it, not so with des_cbc_encrypt :-(. 15155714Skris I need to update the documentation. 15255714Skris 15355714SkrisVersion 3.14 31/05/95 15455714Skris New release upon the world, as part of my SSL implementation. 15555714Skris New copyright and usage stuff. Basically free for all to use 15655714Skris as long as you say it came from me :-) 15755714Skris 15855714SkrisVersion 3.13 31/05/95 15955714Skris A fix in speed.c, if HZ is not defined, I set it to 100.0 16055714Skris which is reasonable for most unixes except SunOS 4.x. 16155714Skris I now have a #ifdef sun but timing for SunOS 4.x looked very 16255714Skris good :-(. At my last job where I used SunOS 4.x, it was 16355714Skris defined to be 60.0 (look at the old INSTALL documentation), at 16455714Skris the last release had it changed to 100.0 since I now work with 16555714Skris Solaris2 and SVR4 boxes. 16655714Skris Thanks to Rory Chisholm <rchishol@math.ethz.ch> for pointing this 16755714Skris one out. 16855714Skris 16955714SkrisVersion 3.12 08/05/95 17055714Skris As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>, 17155714Skris my D_ENCRYPT macro in crypt() had an un-necessary variable. 17255714Skris It has been removed. 17355714Skris 17455714SkrisVersion 3.11 03/05/95 17555714Skris Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys 17655714Skris and one iv. It is a standard and I needed it for my SSL code. 17755714Skris It makes more sense to use this for triple DES than 17855714Skris 3cbc_encrypt(). I have also added (or should I say tested :-) 17955714Skris cfb64_encrypt() which is cfb64 but it will encrypt a partial 18055714Skris number of bytes - 3 bytes in 3 bytes out. Again this is for 18155714Skris my SSL library, as a form of encryption to use with SSL 18255714Skris telnet. 18355714Skris 18455714SkrisVersion 3.10 22/03/95 18555714Skris Fixed a bug in 3cbc_encrypt() :-(. When making repeated calls 18655714Skris to cbc3_encrypt, the 2 iv values that were being returned to 18755714Skris be used in the next call were reversed :-(. 18855714Skris Many thanks to Bill Wade <wade@Stoner.COM> for pointing out 18955714Skris this error. 19055714Skris 19155714SkrisVersion 3.09 01/02/95 19255714Skris Fixed des_random_key to far more random, it was rather feeble 19355714Skris with regards to picking the initial seed. The problem was 19455714Skris pointed out by Olaf Kirch <okir@monad.swb.de>. 19555714Skris 19655714SkrisVersion 3.08 14/12/94 19755714Skris Added Makefile.PL so libdes can be built into perl5. 19855714Skris Changed des_locl.h so RAND is always defined. 19955714Skris 20055714SkrisVersion 3.07 05/12/94 20155714Skris Added GNUmake and stuff so the library can be build with 20255714Skris glibc. 20355714Skris 20455714SkrisVersion 3.06 30/08/94 20555714Skris Added rpc_enc.c which contains _des_crypt. This is for use in 20655714Skris secure_rpc v 4.0 20755714Skris Finally fixed the cfb_enc problems. 20855714Skris Fixed a few parameter parsing bugs in des (-3 and -b), thanks 20955714Skris to Rob McMillan <R.McMillan@its.gu.edu.au> 21055714Skris 21155714SkrisVersion 3.05 21/04/94 21255714Skris for unsigned long l; gcc does not produce ((l>>34) == 0) 21355714Skris This causes bugs in cfb_enc. 21455714Skris Thanks to Hadmut Danisch <danisch@ira.uka.de> 21555714Skris 21655714SkrisVersion 3.04 20/04/94 21755714Skris Added a version number to des.c and libdes.a 21855714Skris 21955714SkrisVersion 3.03 12/01/94 22055714Skris Fixed a bug in non zero iv in 3cbc_enc. 22155714Skris 22255714SkrisVersion 3.02 29/10/93 22355714Skris I now work in a place where there are 6+ architectures and 14+ 22455714Skris OS versions :-). 22555714Skris Fixed TERMIO definition so the most sys V boxes will work :-) 22655714Skris 22755714SkrisRelease upon comp.sources.misc 22855714SkrisVersion 3.01 08/10/93 22955714Skris Added des_3cbc_encrypt() 23055714Skris 23155714SkrisVersion 3.00 07/10/93 23255714Skris Fixed up documentation. 23355714Skris quad_cksum definitely compatible with MIT's now. 23455714Skris 23555714SkrisVersion 2.30 24/08/93 23655714Skris Triple DES now defaults to triple cbc but can do triple ecb 23755714Skris with the -b flag. 23855714Skris Fixed some MSDOS uuen/uudecoding problems, thanks to 23955714Skris Added prototypes. 24055714Skris 24155714SkrisVersion 2.22 29/06/93 24255714Skris Fixed a bug in des_is_weak_key() which stopped it working :-( 24355714Skris thanks to engineering@MorningStar.Com. 24455714Skris 24555714SkrisVersion 2.21 03/06/93 24655714Skris des(1) with no arguments gives quite a bit of help. 24755714Skris Added -c (generate ckecksum) flag to des(1). 24855714Skris Added -3 (triple DES) flag to des(1). 24955714Skris Added cfb and ofb routines to the library. 25055714Skris 25155714SkrisVersion 2.20 11/03/93 25255714Skris Added -u (uuencode) flag to des(1). 25355714Skris I have been playing with byte order in quad_cksum to make it 25455714Skris compatible with MIT's version. All I can say is avid this 25555714Skris function if possible since MIT's output is endian dependent. 25655714Skris 25755714SkrisVersion 2.12 14/10/92 25855714Skris Added MSDOS specific macro in ecb_encrypt which gives a %70 25955714Skris speed up when the code is compiled with turbo C. 26055714Skris 26155714SkrisVersion 2.11 12/10/92 26255714Skris Speedup in set_key (recoding of PC-1) 26355714Skris I now do it in 47 simple operations, down from 60. 26455714Skris Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov) 26555714Skris for motivating me to look for a faster system :-) 26655714Skris The speedup is probably less that 1% but it is still 13 26755714Skris instructions less :-). 26855714Skris 26955714SkrisVersion 2.10 06/10/92 27055714Skris The code now works on the 64bit ETA10 and CRAY without modifications or 27155714Skris #defines. I believe the code should work on any machine that 27255714Skris defines long, int or short to be 8 bytes long. 27355714Skris Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu) 27455714Skris for helping me fix the code to run on 64bit machines (he had 27555714Skris access to an ETA10). 27655714Skris Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov> 27755714Skris for testing the routines on a CRAY. 27855714Skris read_password.c has been renamed to read_passwd.c 27955714Skris string_to_key.c has been renamed to string2key.c 28055714Skris 28155714SkrisVersion 2.00 14/09/92 28255714Skris Made mods so that the library should work on 64bit CPU's. 28355714Skris Removed all my uchar and ulong defs. To many different 28455714Skris versions of unix define them in their header files in too many 28555714Skris different combinations :-) 28655714Skris IRIX - Sillicon Graphics mods (mostly in read_password.c). 28755714Skris Thanks to Andrew Daviel (advax@erich.triumf.ca) 28855714Skris 28955714SkrisVersion 1.99 26/08/92 29055714Skris Fixed a bug or 2 in enc_read.c 29155714Skris Fixed a bug in enc_write.c 29255714Skris Fixed a pseudo bug in fcrypt.c (very obscure). 29355714Skris 29455714SkrisVersion 1.98 31/07/92 29555714Skris Support for the ETA10. This is a strange machine that defines 29655714Skris longs and ints as 8 bytes and shorts as 4 bytes. 29755714Skris Since I do evil things with long * that assume that they are 4 29855714Skris bytes. Look in the Makefile for the option to compile for 29955714Skris this machine. quad_cksum appears to have problems but I 30055714Skris will don't have the time to fix it right now, and this is not 30155714Skris a function that uses DES and so will not effect the main uses 30255714Skris of the library. 30355714Skris 30455714SkrisVersion 1.97 20/05/92 eay 30555714Skris Fixed the Imakefile and made some changes to des.h to fix some 30655714Skris problems when building this package with Kerberos v 4. 30755714Skris 30855714SkrisVersion 1.96 18/05/92 eay 30955714Skris Fixed a small bug in string_to_key() where problems could 31055714Skris occur if des_check_key was set to true and the string 31155714Skris generated a weak key. 31255714Skris 31355714SkrisPatch2 posted to comp.sources.misc 31455714SkrisVersion 1.95 13/05/92 eay 31555714Skris Added an alternative version of the D_ENCRYPT macro in 31655714Skris ecb_encrypt and fcrypt. Depending on the compiler, one version or the 31755714Skris other will be faster. This was inspired by 31855714Skris Dana How <how@isl.stanford.edu>, and her pointers about doing the 31955714Skris *(ulong *)((uchar *)ptr+(value&0xfc)) 32055714Skris vs 32155714Skris ptr[value&0x3f] 32255714Skris to stop the C compiler doing a <<2 to convert the long array index. 32355714Skris 32455714SkrisVersion 1.94 05/05/92 eay 32555714Skris Fixed an incompatibility between my string_to_key and the MIT 32655714Skris version. When the key is longer than 8 chars, I was wrapping 32755714Skris with a different method. To use the old version, define 32855714Skris OLD_STR_TO_KEY in the makefile. Thanks to 32955714Skris viktor@newsu.shearson.com (Viktor Dukhovni). 33055714Skris 33155714SkrisVersion 1.93 28/04/92 eay 33255714Skris Fixed the VMS mods so that echo is now turned off in 33355714Skris read_password. Thanks again to brennan@coco.cchs.su.oz.AU. 33455714Skris MSDOS support added. The routines can be compiled with 33555714Skris Turbo C (v2.0) and MSC (v5.1). Make sure MSDOS is defined. 33655714Skris 33755714SkrisPatch1 posted to comp.sources.misc 33855714SkrisVersion 1.92 13/04/92 eay 33955714Skris Changed D_ENCRYPT so that the rotation of R occurs outside of 34055714Skris the loop. This required rotating all the longs in sp.h (now 34155714Skris called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM> 34255714Skris speed.c has been changed so it will work without SIGALRM. If 34355714Skris times(3) is not present it will try to use ftime() instead. 34455714Skris 34555714SkrisVersion 1.91 08/04/92 eay 34655714Skris Added -E/-D options to des(1) so it can use string_to_key. 34755714Skris Added SVR4 mods suggested by witr@rwwa.COM 34855714Skris Added VMS mods suggested by brennan@coco.cchs.su.oz.AU. If 34955714Skris anyone knows how to turn of tty echo in VMS please tell me or 35055714Skris implement it yourself :-). 35155714Skris Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS 35255714Skris does not like IN/OUT being used. 35355714Skris 35455714SkrisLibdes posted to comp.sources.misc 35555714SkrisVersion 1.9 24/03/92 eay 35655714Skris Now contains a fast small crypt replacement. 35755714Skris Added des(1) command. 35855714Skris Added des_rw_mode so people can use cbc encryption with 35955714Skris enc_read and enc_write. 36055714Skris 36155714SkrisVersion 1.8 15/10/91 eay 36255714Skris Bug in cbc_cksum. 36355714Skris Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this 36455714Skris one out. 36555714Skris 36655714SkrisVersion 1.7 24/09/91 eay 36755714Skris Fixed set_key :-) 36855714Skris set_key is 4 times faster and takes less space. 36955714Skris There are a few minor changes that could be made. 37055714Skris 37155714SkrisVersion 1.6 19/09/1991 eay 37255714Skris Finally go IP and FP finished. 37355714Skris Now I need to fix set_key. 37455714Skris This version is quite a bit faster that 1.51 37555714Skris 37655714SkrisVersion 1.52 15/06/1991 eay 37755714Skris 20% speedup in ecb_encrypt by changing the E bit selection 37855714Skris to use 2 32bit words. This also required modification of the 37955714Skris sp table. There is still a way to speedup the IP and IP-1 38055714Skris (hints from outer@sq.com) still working on this one :-(. 38155714Skris 38255714SkrisVersion 1.51 07/06/1991 eay 38355714Skris Faster des_encrypt by loop unrolling 38455714Skris Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu) 38555714Skris 38655714SkrisVersion 1.50 28/05/1991 eay 38755714Skris Optimised the code a bit more for the sparc. I have improved the 38855714Skris speed of the inner des_encrypt by speeding up the initial and 38955714Skris final permutations. 39055714Skris 39155714SkrisVersion 1.40 23/10/1990 eay 39255714Skris Fixed des_random_key, it did not produce a random key :-( 39355714Skris 39455714SkrisVersion 1.30 2/10/1990 eay 39555714Skris Have made des_quad_cksum the same as MIT's, the full package 39655714Skris should be compatible with MIT's 39755714Skris Have tested on a DECstation 3100 39855714Skris Still need to fix des_set_key (make it faster). 39955714Skris Does des_cbc_encrypts at 70.5k/sec on a 3100. 40055714Skris 40155714SkrisVersion 1.20 18/09/1990 eay 40255714Skris Fixed byte order dependencies. 40355714Skris Fixed (I hope) all the word alignment problems. 40455714Skris Speedup in des_ecb_encrypt. 40555714Skris 40655714SkrisVersion 1.10 11/09/1990 eay 40755714Skris Added des_enc_read and des_enc_write. 40855714Skris Still need to fix des_quad_cksum. 40955714Skris Still need to document des_enc_read and des_enc_write. 41055714Skris 41155714SkrisVersion 1.00 27/08/1990 eay 41255714Skris 413