#ifndef HEADER_DES_H
#define HEADER_DES_H
-#ifdef __cplusplus
-extern "C" {
+#ifdef OPENSSL_NO_DES
+#error DES is disabled.
#endif
-#ifdef NO_DES
-#error DES is disabled.
+#ifdef _KERBEROS_DES_H
+#error <openssl/des.h> replaces <kerberos/des.h>.
#endif
-#include <stdio.h>
#include <openssl/opensslconf.h> /* DES_LONG */
#include <openssl/e_os2.h> /* OPENSSL_EXTERN */
-#ifdef VMS
-#undef des_init_random_number_generator
-#define des_init_random_number_generator des_init_random_num_generator
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+#ifdef __cplusplus
+extern "C" {
#endif
typedef unsigned char des_cblock[8];
-typedef const unsigned char const_des_cblock[8];
+typedef /* const */ unsigned char const_des_cblock[8];
+/* With "const", gcc 2.8.1 on Solaris thinks that des_cblock *
+ * and const_des_cblock * are incompatible pointer types. */
typedef struct des_ks_struct
{
union {
- des_cblock _;
+ des_cblock cblock;
/* make sure things are correct size on machines with
* 8 byte longs */
- DES_LONG pad[2];
+ DES_LONG deslong[2];
} ks;
-#if defined _
-# error "_ is defined, but some strange definition the DES library cannot handle that."
-#endif
-#define _ ks._
int weak_key;
} des_key_schedule[16];
#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-#define C_Block des_cblock
-#define Key_schedule des_key_schedule
-#ifdef KERBEROS
-#define ENCRYPT DES_ENCRYPT
-#define DECRYPT DES_DECRYPT
-#endif
-#define KEY_SZ DES_KEY_SZ
-#define string_to_key des_string_to_key
-#define read_pw_string des_read_pw_string
-#define random_key des_random_key
-#define pcbc_encrypt des_pcbc_encrypt
-#define set_key des_set_key
-#define key_sched des_key_sched
-#define ecb_encrypt des_ecb_encrypt
-#define cbc_encrypt des_cbc_encrypt
-#define ncbc_encrypt des_ncbc_encrypt
-#define xcbc_encrypt des_xcbc_encrypt
-#define cbc_cksum des_cbc_cksum
-#define quad_cksum des_quad_cksum
-
-/* For compatibility with the MIT lib - eay 20/05/92 */
-typedef des_key_schedule bit_64;
-#define des_fixup_key_parity des_set_odd_parity
-#define des_check_key_parity check_parity
-
-OPENSSL_EXTERN int des_check_key; /* defaults to false */
-OPENSSL_EXTERN int des_rw_mode; /* defaults to DES_PCBC_MODE */
-OPENSSL_EXTERN int des_set_weak_key_flag; /* set the weak key flag */
+OPENSSL_DECLARE_GLOBAL(int,des_check_key); /* defaults to false */
+#define des_check_key OPENSSL_GLOBAL_REF(des_check_key)
+OPENSSL_DECLARE_GLOBAL(int,des_rw_mode); /* defaults to DES_PCBC_MODE */
+#define des_rw_mode OPENSSL_GLOBAL_REF(des_rw_mode)
const char *des_options(void);
void des_ecb3_encrypt(const_des_cblock *input, des_cblock *output,
DES_LONG des_cbc_cksum(const unsigned char *input,des_cblock *output,
long length,des_key_schedule schedule,
const_des_cblock *ivec);
+/* des_cbc_encrypt does not update the IV! Use des_ncbc_encrypt instead. */
void des_cbc_encrypt(const unsigned char *input,unsigned char *output,
long length,des_key_schedule schedule,des_cblock *ivec,
int enc);
int enc);
void des_ecb_encrypt(const_des_cblock *input,des_cblock *output,
des_key_schedule ks,int enc);
-void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
+
+/* This is the DES encryption function that gets called by just about
+ every other DES routine in the library. You should not use this
+ function except to implement 'modes' of DES. I say this because the
+ functions that call this routine do the conversion from 'char *' to
+ long, and this needs to be done to make sure 'non-aligned' memory
+ access do not occur. The characters are loaded 'little endian'.
+ Data is a pointer to 2 unsigned long's and ks is the
+ des_key_schedule to use. enc, is non zero specifies encryption,
+ zero if decryption. */
+void des_encrypt1(DES_LONG *data,des_key_schedule ks, int enc);
+
+/* This functions is the same as des_encrypt1() except that the DES
+ initial permutation (IP) and final permutation (FP) have been left
+ out. As for des_encrypt1(), you should not use this function.
+ It is used by the routines in the library that implement triple DES.
+ IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
+ as des_encrypt1() des_encrypt1() des_encrypt1() except faster :-). */
void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
+
void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
des_key_schedule ks2, des_key_schedule ks3);
void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
int des_enc_write(int fd,const void *buf,int len,des_key_schedule sched,
des_cblock *iv);
char *des_fcrypt(const char *buf,const char *salt, char *ret);
-#if defined(PERL5) || defined(__FreeBSD__)
char *des_crypt(const char *buf,const char *salt);
-#else
-/* some stupid compilers complain because I have declared char instead
- * of const char */
-#ifdef HEADER_DES_LOCL_H
+#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT)
char *crypt(const char *buf,const char *salt);
-#else
-char *crypt();
-#endif
#endif
void des_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
long length,des_key_schedule schedule,des_cblock *ivec);
DES_LONG des_quad_cksum(const unsigned char *input,des_cblock output[],
long length,int out_count,des_cblock *seed);
void des_random_seed(des_cblock *key);
-void des_random_key(des_cblock *ret);
+int des_random_key(des_cblock *ret);
int des_read_password(des_cblock *key,const char *prompt,int verify);
int des_read_2passwords(des_cblock *key1,des_cblock *key2,
const char *prompt,int verify);
int des_read_pw_string(char *buf,int length,const char *prompt,int verify);
void des_set_odd_parity(des_cblock *key);
+int des_check_key_parity(const_des_cblock *key);
int des_is_weak_key(const_des_cblock *key);
+/* des_set_key (= set_key = des_key_sched = key_sched) calls
+ * des_set_key_checked if global variable des_check_key is set,
+ * des_set_key_unchecked otherwise. */
int des_set_key(const_des_cblock *key,des_key_schedule schedule);
int des_key_sched(const_des_cblock *key,des_key_schedule schedule);
+int des_set_key_checked(const_des_cblock *key,des_key_schedule schedule);
+void des_set_key_unchecked(const_des_cblock *key,des_key_schedule schedule);
void des_string_to_key(const char *str,des_cblock *key);
void des_string_to_2keys(const char *str,des_cblock *key1,des_cblock *key2);
void des_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
des_key_schedule schedule,des_cblock *ivec,int *num);
int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
-/* Extra functions from Mark Murray <mark@grondar.za> */
-void des_cblock_print_file(const_des_cblock *cb, FILE *fp);
+/* The following definitions provide compatibility with the MIT Kerberos
+ * library. The des_key_schedule structure is not binary compatible. */
+
+#define _KERBEROS_DES_H
+
+#define KRBDES_ENCRYPT DES_ENCRYPT
+#define KRBDES_DECRYPT DES_DECRYPT
-#ifdef FreeBSD
-/* The following functions are not in the normal unix build or the
- * SSLeay build. When using the SSLeay build, use RAND_seed()
- * and RAND_bytes() instead. */
-int des_new_random_key(des_cblock *key);
-void des_init_random_number_generator(des_cblock *key);
-void des_set_random_generator_seed(des_cblock *key);
-void des_set_sequence_number(des_cblock new_sequence_number);
-void des_generate_random_block(des_cblock *block);
+#ifdef KERBEROS
+# define ENCRYPT DES_ENCRYPT
+# define DECRYPT DES_DECRYPT
+#endif
+
+#ifndef NCOMPAT
+# define C_Block des_cblock
+# define Key_schedule des_key_schedule
+# define KEY_SZ DES_KEY_SZ
+# define string_to_key des_string_to_key
+# define read_pw_string des_read_pw_string
+# define random_key des_random_key
+# define pcbc_encrypt des_pcbc_encrypt
+# define set_key des_set_key
+# define key_sched des_key_sched
+# define ecb_encrypt des_ecb_encrypt
+# define cbc_encrypt des_cbc_encrypt
+# define ncbc_encrypt des_ncbc_encrypt
+# define xcbc_encrypt des_xcbc_encrypt
+# define cbc_cksum des_cbc_cksum
+# define quad_cksum des_quad_cksum
+# define check_parity des_check_key_parity
#endif
+typedef des_key_schedule bit_64;
+#define des_fixup_key_parity des_set_odd_parity
+
#ifdef __cplusplus
}
#endif