#ifndef HEADER_DES_H
#define HEADER_DES_H
-#ifdef __cplusplus
-extern "C" {
+#ifdef OPENSSL_NO_DES
+#error DES is disabled.
#endif
-#ifdef NO_DES
-#error DES is disabled.
+#ifdef _KERBEROS_DES_H
+#error <openssl/des.h> replaces <kerberos/des.h>.
#endif
-#include <stdio.h>
#include <openssl/opensslconf.h> /* DES_LONG */
#include <openssl/e_os2.h> /* OPENSSL_EXTERN */
-#ifdef VMS
-#undef des_init_random_number_generator
-#define des_init_random_number_generator des_init_random_num_generator
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+#ifdef __cplusplus
+extern "C" {
#endif
typedef unsigned char des_cblock[8];
typedef /* const */ unsigned char const_des_cblock[8];
/* With "const", gcc 2.8.1 on Solaris thinks that des_cblock *
- * and const_des_cblock * are incompatible pointer types.
- * I haven't seen that warning on other systems ... I'll look
- * what the standard says. */
-
+ * and const_des_cblock * are incompatible pointer types. */
-typedef struct des_ks_struct
+typedef struct des_ks
+ {
+ union
{
- union {
- des_cblock cblock;
- /* make sure things are correct size on machines with
- * 8 byte longs */
- DES_LONG deslong[2];
- } ks;
- int weak_key;
- } des_key_schedule[16];
+ des_cblock cblock;
+ /* make sure things are correct size on machines with
+ * 8 byte longs */
+ DES_LONG deslong[2];
+ } ks[16];
+ } des_key_schedule;
#define DES_KEY_SZ (sizeof(des_cblock))
#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-#define Key_schedule des_key_schedule
-#ifdef KERBEROS
-#define ENCRYPT DES_ENCRYPT
-#define DECRYPT DES_DECRYPT
-#endif
-#define KEY_SZ DES_KEY_SZ
-#define string_to_key des_string_to_key
-#define read_pw_string des_read_pw_string
-#define random_key des_random_key
-#define pcbc_encrypt des_pcbc_encrypt
-#define set_key des_set_key
-#define key_sched des_key_sched
-#define ecb_encrypt des_ecb_encrypt
-#define cbc_encrypt des_cbc_encrypt
-#define ncbc_encrypt des_ncbc_encrypt
-#define xcbc_encrypt des_xcbc_encrypt
-#define cbc_cksum des_cbc_cksum
-#define quad_cksum des_quad_cksum
-
-/* For compatibility with the MIT lib - eay 20/05/92 */
-typedef des_key_schedule bit_64;
-#define des_fixup_key_parity des_set_odd_parity
-#define des_check_key_parity check_parity
-
-OPENSSL_EXTERN int des_check_key; /* defaults to false */
-OPENSSL_EXTERN int des_rw_mode; /* defaults to DES_PCBC_MODE */
-OPENSSL_EXTERN int des_set_weak_key_flag; /* set the weak key flag */
+OPENSSL_DECLARE_GLOBAL(int,des_check_key); /* defaults to false */
+#define des_check_key OPENSSL_GLOBAL_REF(des_check_key)
+OPENSSL_DECLARE_GLOBAL(int,des_rw_mode); /* defaults to DES_PCBC_MODE */
+#define des_rw_mode OPENSSL_GLOBAL_REF(des_rw_mode)
const char *des_options(void);
void des_ecb3_encrypt(const_des_cblock *input, des_cblock *output,
- des_key_schedule ks1,des_key_schedule ks2,
- des_key_schedule ks3, int enc);
+ des_key_schedule *ks1,des_key_schedule *ks2,
+ des_key_schedule *ks3, int enc);
DES_LONG des_cbc_cksum(const unsigned char *input,des_cblock *output,
- long length,des_key_schedule schedule,
+ long length,des_key_schedule *schedule,
const_des_cblock *ivec);
+/* des_cbc_encrypt does not update the IV! Use des_ncbc_encrypt instead. */
void des_cbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,des_key_schedule schedule,des_cblock *ivec,
+ long length,des_key_schedule *schedule,des_cblock *ivec,
int enc);
void des_ncbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,des_key_schedule schedule,des_cblock *ivec,
+ long length,des_key_schedule *schedule,des_cblock *ivec,
int enc);
void des_xcbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,des_key_schedule schedule,des_cblock *ivec,
+ long length,des_key_schedule *schedule,des_cblock *ivec,
const_des_cblock *inw,const_des_cblock *outw,int enc);
void des_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
- long length,des_key_schedule schedule,des_cblock *ivec,
+ long length,des_key_schedule *schedule,des_cblock *ivec,
int enc);
void des_ecb_encrypt(const_des_cblock *input,des_cblock *output,
- des_key_schedule ks,int enc);
-void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
-void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
-void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
- des_key_schedule ks2, des_key_schedule ks3);
-void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
- des_key_schedule ks2, des_key_schedule ks3);
+ des_key_schedule *ks,int enc);
+
+/* This is the DES encryption function that gets called by just about
+ every other DES routine in the library. You should not use this
+ function except to implement 'modes' of DES. I say this because the
+ functions that call this routine do the conversion from 'char *' to
+ long, and this needs to be done to make sure 'non-aligned' memory
+ access do not occur. The characters are loaded 'little endian'.
+ Data is a pointer to 2 unsigned long's and ks is the
+ des_key_schedule to use. enc, is non zero specifies encryption,
+ zero if decryption. */
+void des_encrypt1(DES_LONG *data,des_key_schedule *ks, int enc);
+
+/* This functions is the same as des_encrypt1() except that the DES
+ initial permutation (IP) and final permutation (FP) have been left
+ out. As for des_encrypt1(), you should not use this function.
+ It is used by the routines in the library that implement triple DES.
+ IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
+ as des_encrypt1() des_encrypt1() des_encrypt1() except faster :-). */
+void des_encrypt2(DES_LONG *data,des_key_schedule *ks, int enc);
+
+void des_encrypt3(DES_LONG *data, des_key_schedule *ks1,
+ des_key_schedule *ks2, des_key_schedule *ks3);
+void des_decrypt3(DES_LONG *data, des_key_schedule *ks1,
+ des_key_schedule *ks2, des_key_schedule *ks3);
void des_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output,
long length,
- des_key_schedule ks1,des_key_schedule ks2,
- des_key_schedule ks3,des_cblock *ivec,int enc);
+ des_key_schedule *ks1,des_key_schedule *ks2,
+ des_key_schedule *ks3,des_cblock *ivec,int enc);
void des_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out,
long length,
- des_key_schedule ks1,des_key_schedule ks2,
- des_key_schedule ks3,
+ des_key_schedule *ks1,des_key_schedule *ks2,
+ des_key_schedule *ks3,
des_cblock *ivec1,des_cblock *ivec2,
int enc);
void des_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
- long length,des_key_schedule ks1,
- des_key_schedule ks2,des_key_schedule ks3,
+ long length,des_key_schedule *ks1,
+ des_key_schedule *ks2,des_key_schedule *ks3,
des_cblock *ivec,int *num,int enc);
void des_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
- long length,des_key_schedule ks1,
- des_key_schedule ks2,des_key_schedule ks3,
+ long length,des_key_schedule *ks1,
+ des_key_schedule *ks2,des_key_schedule *ks3,
des_cblock *ivec,int *num);
void des_xwhite_in2out(const_des_cblock *des_key,const_des_cblock *in_white,
des_cblock *out_white);
-int des_enc_read(int fd,void *buf,int len,des_key_schedule sched,
+int des_enc_read(int fd,void *buf,int len,des_key_schedule *sched,
des_cblock *iv);
-int des_enc_write(int fd,const void *buf,int len,des_key_schedule sched,
+int des_enc_write(int fd,const void *buf,int len,des_key_schedule *sched,
des_cblock *iv);
char *des_fcrypt(const char *buf,const char *salt, char *ret);
char *des_crypt(const char *buf,const char *salt);
char *crypt(const char *buf,const char *salt);
#endif
void des_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
- long length,des_key_schedule schedule,des_cblock *ivec);
+ long length,des_key_schedule *schedule,des_cblock *ivec);
void des_pcbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,des_key_schedule schedule,des_cblock *ivec,
+ long length,des_key_schedule *schedule,des_cblock *ivec,
int enc);
DES_LONG des_quad_cksum(const unsigned char *input,des_cblock output[],
long length,int out_count,des_cblock *seed);
void des_random_seed(des_cblock *key);
-void des_random_key(des_cblock *ret);
-int des_read_password(des_cblock *key,const char *prompt,int verify);
-int des_read_2passwords(des_cblock *key1,des_cblock *key2,
- const char *prompt,int verify);
-int des_read_pw_string(char *buf,int length,const char *prompt,int verify);
+int des_random_key(des_cblock *ret);
void des_set_odd_parity(des_cblock *key);
+int des_check_key_parity(const_des_cblock *key);
int des_is_weak_key(const_des_cblock *key);
-int des_set_key(const_des_cblock *key,des_key_schedule schedule);
-int des_key_sched(const_des_cblock *key,des_key_schedule schedule);
+/* des_set_key (= set_key = des_key_sched = key_sched) calls
+ * des_set_key_checked if global variable des_check_key is set,
+ * des_set_key_unchecked otherwise. */
+int des_set_key(const_des_cblock *key,des_key_schedule *schedule);
+int des_key_sched(const_des_cblock *key,des_key_schedule *schedule);
+int des_set_key_checked(const_des_cblock *key,des_key_schedule *schedule);
+void des_set_key_unchecked(const_des_cblock *key,des_key_schedule *schedule);
void des_string_to_key(const char *str,des_cblock *key);
void des_string_to_2keys(const char *str,des_cblock *key1,des_cblock *key2);
void des_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
- des_key_schedule schedule,des_cblock *ivec,int *num,
+ des_key_schedule *schedule,des_cblock *ivec,int *num,
int enc);
void des_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
- des_key_schedule schedule,des_cblock *ivec,int *num);
-int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
-
-/* Extra functions from Mark Murray <mark@grondar.za> */
-void des_cblock_print_file(const_des_cblock *cb, FILE *fp);
-
-#ifdef FreeBSD
-/* The following functions are not in the normal unix build or the
- * SSLeay build. When using the SSLeay build, use RAND_seed()
- * and RAND_bytes() instead. */
-int des_new_random_key(des_cblock *key);
-void des_init_random_number_generator(des_cblock *key);
-void des_set_random_generator_seed(des_cblock *key);
-void des_set_sequence_number(des_cblock new_sequence_number);
-void des_generate_random_block(des_cblock *block);
+ des_key_schedule *schedule,des_cblock *ivec,int *num);
+/* The following definitions provide compatibility with the MIT Kerberos
+ * library. The des_key_schedule structure is not binary compatible. */
+
+#define _KERBEROS_DES_H
+
+#define KRBDES_ENCRYPT DES_ENCRYPT
+#define KRBDES_DECRYPT DES_DECRYPT
+
+#ifdef KERBEROS
+# define ENCRYPT DES_ENCRYPT
+# define DECRYPT DES_DECRYPT
+#endif
+
+#ifndef NCOMPAT
+# define C_Block des_cblock
+# define Key_schedule des_key_schedule
+# define KEY_SZ DES_KEY_SZ
+# define string_to_key des_string_to_key
+# define read_pw_string des_read_pw_string
+# define random_key des_random_key
+# define pcbc_encrypt des_pcbc_encrypt
+# define set_key des_set_key
+# define key_sched des_key_sched
+# define ecb_encrypt des_ecb_encrypt
+# define cbc_encrypt des_cbc_encrypt
+# define ncbc_encrypt des_ncbc_encrypt
+# define xcbc_encrypt des_xcbc_encrypt
+# define cbc_cksum des_cbc_cksum
+# define quad_cksum des_quad_cksum
+# define check_parity des_check_key_parity
#endif
+#define des_fixup_key_parity des_set_odd_parity
+
#ifdef __cplusplus
}
#endif