Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
* Makeconfig (all-subdirs): Add 'crypt' subdirectory. * sysdeps/unix/…
…sysv/linux/configure.in (inhibit_glue): Don't complain if there is no crypt add-on. * crypt/configure: Removed. * crypt/crypt.texi: Update documentation of US export restrictions to match the 14 Jan 2000 regulations. 2000-02-28 Geoff Keating <geoffk@cygnus.com> * Makeconfig (all-subdirs): Add 'crypt' subdirectory. * sysdeps/unix/sysv/linux/configure.in (inhibit_glue): Don't complain if there is no crypt add-on. * crypt/configure: Removed. * crypt/crypt.texi: Update documentation of US export restrictions to match the 14 Jan 2000 regulations. 2000-02-28 Geoff Keating <geoffk@cygnus.com> * crypt: New subdirectory, merged in from the crypt add-on.
- Loading branch information
Geoff Keating
committed
Feb 29, 2000
1 parent
178f833
commit 63f791d
Showing
31 changed files
with
3,815 additions
and
36 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
crypt add-on version 2.1 by Michael Glad and others |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
1998-12-25 Geoff Keating <geoffk@ozemail.com.au> | ||
|
||
* sysdeps/unix/ufc-crypt.h: Use <stdint.h>. | ||
|
||
* configure: Delete the code dealing with building the add-on | ||
outside glibc, as this doesn't work. | ||
|
||
1998-12-10 Geoff Keating <geoffk@ozemail.com.au> | ||
|
||
* sysdeps/unix/crypt-entry.c: Don't include "patchlevel.h". | ||
|
||
* sysdeps/unix/crypt.h: Move __crypt_r, __setkey_r, __encrypt_r to... | ||
* sysdeps/unix/crypt-private.h: ...here. | ||
|
||
* sysdeps/unix/crypt.h: Add __restrict to the structure parameters. | ||
* sysdeps/unix/crypt-private.h: Likewise. Also add const to | ||
first parameter of _ufc_mk_keytab_r. | ||
* sysdeps/unix/crypt.c: Update prototypes. | ||
* sysdeps/unix/crypt-entry.c: Likewise. | ||
* sysdeps/unix/crypt_util.c: Likewise. | ||
|
||
* sysdeps/unix/crypt-entry.c (crypt): Use __crypt_r not crypt_r. | ||
|
||
ChangeLog starts here, with version 2.0.96. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
# Copyright (C) 1996 Free Software Foundation, Inc. | ||
# This file is part of the GNU C Library. | ||
|
||
# The GNU C Library is free software; you can redistribute it and/or | ||
# modify it under the terms of the GNU Library General Public License as | ||
# published by the Free Software Foundation; either version 2 of the | ||
# License, or (at your option) any later version. | ||
|
||
# The GNU C Library is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
# Library General Public License for more details. | ||
|
||
# You should have received a copy of the GNU Library General Public | ||
# License along with the GNU C Library; see the file COPYING.LIB. If not, | ||
# write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, | ||
# Boston, MA 02111-1307, USA. | ||
|
||
# | ||
# Sub-makefile for DES crypt portion of the library. | ||
# | ||
subdir := crypt | ||
|
||
tests = cert | ||
|
||
include ../Makeconfig | ||
|
||
rpath-dirs += md5-crypt | ||
|
||
include ../Rules | ||
|
||
ifeq ($(build-shared),yes) | ||
$(objpfx)cert: $(common-objpfx)md5-crypt/libcrypt.so$(libcrypt.so-version) | ||
else | ||
$(objpfx)cert: $(common-objpfx)md5-crypt/libcrypt.a | ||
endif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
This is the distribution tar file for the cryptography add-on to the | ||
GNU C library. For the version number, see the file "Banner". | ||
|
||
The add-on is not included in the main distribution of the GNU C | ||
library because some governments, most notably those of France, | ||
Russia, and the US, have very restrictive rules governing the | ||
distribution and use of encryption software. Please read the node | ||
"Legal Problems" in the manual for more details. | ||
|
||
In particular, the US does not allow export of this software without a | ||
licence, including via the Internet. So please do not download it | ||
from the main FSF FTP site at ftp.gnu.org if you are outside | ||
the US. This software was completely developed outside the US. | ||
|
||
To install the add-on, unpack the tar file in the top level of the GNU | ||
C library distribution. Then build GNU C library like this: | ||
|
||
configure --enable-add-ons | ||
make | ||
make install | ||
|
||
It is not presently possible to add the add-on to the GNU C library | ||
without recompiling the GNU C library. | ||
|
||
The additional functionality provided by the add-on consists of: | ||
|
||
* DES-based crypt(). This is only for backwards compatibility; | ||
for new installations the MD5-based crypt(), provided with the main | ||
GNU C library distribution, should be used instead. | ||
|
||
* The AUTH_DES RPC authentication method. In a given situation, this | ||
may be more or less secure than the AUTH_UNIX authentication method | ||
which is provided with the main GNU C library distribution. | ||
|
||
* User-visible DES encryption routines. Note that DES by itself is | ||
not now considered a very secure encryption method. | ||
|
||
The add-on also includes a manual, the file "crypt.texi". The manual | ||
will be integrated with the GNU C library manual when the GNU C | ||
library is installed. | ||
|
||
Report bugs in this library (or its manual) in the same way as for the | ||
GNU C library; that is, using the `glibcbug' shell script to send | ||
e-mail to <bugs@gnu.org>. Simply run this shell script and fill in | ||
the information. Nevertheless you can still send bug reports to | ||
<bug-glibc@gnu.org> as normal electronic mails. | ||
|
||
The add-on is free software. See the file COPYING.LIB for copying | ||
conditions. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,135 @@ | ||
The following is the README for UFC-crypt, with those portions deleted | ||
that are known to be incorrect for the implementation used with the | ||
GNU C library. | ||
|
||
|
||
UFC-crypt: ultra fast 'crypt' implementation | ||
============================================ | ||
|
||
@(#)README 2.27 11 Sep 1996 | ||
|
||
Design goals/non goals: | ||
---------------------- | ||
|
||
- Crypt implementation plugin compatible with crypt(3)/fcrypt. | ||
|
||
- High performance when used for password cracking. | ||
|
||
- Portable to most 32/64 bit machines. | ||
|
||
- Startup time/mixed salt performance not critical. | ||
|
||
Features of the implementation: | ||
------------------------------ | ||
|
||
- On most machines, UFC-crypt runs 30-60 times faster than crypt(3) when | ||
invoked repeated times with the same salt and varying passwords. | ||
|
||
- With mostly constant salts, performance is about two to three times | ||
that of the default fcrypt implementation shipped with Alec | ||
Muffets 'Crack' password cracker. For instructions on how to | ||
plug UFC-crypt into 'Crack', see below. | ||
|
||
- With alternating salts, performance is only about twice | ||
that of crypt(3). | ||
|
||
- Requires 165 kb for tables. | ||
|
||
Author & licensing etc | ||
---------------------- | ||
|
||
UFC-crypt is created by Michael Glad, email: glad@daimi.aau.dk, and has | ||
been donated to the Free Software Foundation, Inc. It is covered by the | ||
GNU library license version 2, see the file 'COPYING.LIB'. | ||
|
||
NOTES FOR USERS OUTSIDE THE US: | ||
------------------------------ | ||
|
||
The US government limits the export of DES based software/hardware. | ||
This software is written in Aarhus, Denmark. It can therefore be retrieved | ||
from ftp sites outside the US without breaking US law. Please do not | ||
ftp it from american sites. | ||
|
||
Benchmark table: | ||
--------------- | ||
|
||
The table shows how many operations per second UFC-crypt can | ||
do on various machines. | ||
|
||
|--------------|-------------------------------------------| | ||
|Machine | SUN* SUN* HP* DecStation HP | | ||
| | 3/50 ELC 9000/425e 3100 9000/720 | | ||
|--------------|-------------------------------------------| | ||
| Crypt(3)/sec | 4.6 30 15 25 57 | | ||
| Ufc/sec | 220 990 780 1015 3500 | | ||
|--------------|-------------------------------------------| | ||
| Speedup | 48 30 52 40 60 | | ||
|--------------|-------------------------------------------| | ||
|
||
*) Compiled using special assembly language support module. | ||
|
||
It seems as if performance is limited by CPU bus and data cache capacity. | ||
This also makes the benchmarks debatable compared to a real test with | ||
UFC-crypt wired into Crack. However, the table gives an outline of | ||
what can be expected. | ||
|
||
Optimizations: | ||
------------- | ||
|
||
Here are the optimizations used relative to an ordinary implementation | ||
such as the one said to be used in crypt(3). | ||
|
||
Major optimizations | ||
******************* | ||
|
||
- Keep data packed as bits in integer variables -- allows for | ||
fast permutations & parallel xor's in CPU hardware. | ||
|
||
- Let adjacent final & initial permutations collapse. | ||
|
||
- Keep working data in 'E expanded' format all the time. | ||
|
||
- Implement DES 'f' function mostly by table lookup | ||
|
||
- Calculate the above function on 12 bit basis rather than 6 | ||
as would be the most natural. | ||
|
||
- Implement setup routines so that performance is limited by the DES | ||
inner loops only. | ||
|
||
- Instead of doing salting in the DES inner loops, modify the above tables | ||
each time a new salt is seen. According to the BSD crypt code this is | ||
ugly :-) | ||
|
||
Minor (dirty) optimizations | ||
*************************** | ||
|
||
- combine iterations of DES inner loop so that DES only loops | ||
8 times. This saves a lot of variable swapping. | ||
|
||
- Implement key access by a walking pointer rather than coding | ||
as array indexing. | ||
|
||
- As described, the table based f function uses a 3 dimensional array: | ||
|
||
sb ['number of 12 bit segment']['12 bit index']['48 bit half index'] | ||
|
||
Code the routine with 4 (one dimensional) vectors. | ||
|
||
- Design the internal data format & uglify the DES loops so that | ||
the compiler does not need to do bit shifts when indexing vectors. | ||
|
||
Revision history | ||
**************** | ||
|
||
UFC patchlevel 0: base version; released to alt.sources on Sep 24 1991 | ||
UFC patchlevel 1: patch released to alt.sources on Sep 27 1991. | ||
No longer rebuilds sb tables when seeing a new salt. | ||
UFC-crypt pl0: Essentially UFC pl 1. Released to comp.sources.misc | ||
on Oct 22 1991. | ||
UFC-crypt pl1: Released to comp.sources.misc in march 1992 | ||
* setkey/encrypt routines added | ||
* added validation/benchmarking programs | ||
* reworked keyschedule setup code | ||
* memory demands reduced | ||
* 64 bit support added |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,112 @@ | ||
|
||
/* | ||
* This crypt(3) validation program shipped with UFC-crypt | ||
* is derived from one distributed with Phil Karns PD DES package. | ||
* | ||
* @(#)cert.c 1.8 11 Aug 1996 | ||
*/ | ||
|
||
#include <stdio.h> | ||
#include "crypt.h" | ||
|
||
int totfails = 0; | ||
|
||
#if __STDC__ - 0 | ||
int main (int argc, char *argv[]); | ||
void get8 (char *cp); | ||
void put8 (char *cp); | ||
void good_bye (void) __attribute__ ((noreturn)); | ||
#else | ||
void get8(), put8(); | ||
#endif | ||
|
||
void good_bye () | ||
{ | ||
if(totfails == 0) { | ||
printf("Passed DES validation suite\n"); | ||
exit(0); | ||
} else { | ||
printf("%d failures during DES validation suite!!!\n", totfails); | ||
exit(1); | ||
} | ||
} | ||
|
||
int | ||
main(argc, argv) | ||
int argc; | ||
char *argv[]; | ||
{ | ||
char key[64],plain[64],cipher[64],answer[64]; | ||
int i; | ||
int test; | ||
int fail; | ||
|
||
for(test=0;!feof(stdin);test++){ | ||
|
||
get8(key); | ||
printf(" K: "); put8(key); | ||
setkey(key); | ||
|
||
get8(plain); | ||
printf(" P: "); put8(plain); | ||
|
||
get8(answer); | ||
printf(" C: "); put8(answer); | ||
|
||
for(i=0;i<64;i++) | ||
cipher[i] = plain[i]; | ||
encrypt(cipher, 0); | ||
|
||
for(i=0;i<64;i++) | ||
if(cipher[i] != answer[i]) | ||
break; | ||
fail = 0; | ||
if(i != 64){ | ||
printf(" Encrypt FAIL"); | ||
fail++; totfails++; | ||
} | ||
|
||
encrypt(cipher, 1); | ||
|
||
for(i=0;i<64;i++) | ||
if(cipher[i] != plain[i]) | ||
break; | ||
if(i != 64){ | ||
printf(" Decrypt FAIL"); | ||
fail++; totfails++; | ||
} | ||
|
||
if(fail == 0) | ||
printf(" OK"); | ||
printf("\n"); | ||
} | ||
good_bye(); | ||
} | ||
void | ||
get8(cp) | ||
char *cp; | ||
{ | ||
int i,j,t; | ||
|
||
for(i=0;i<8;i++){ | ||
scanf("%2x",&t); | ||
if(feof(stdin)) | ||
good_bye(); | ||
for(j=0; j<8 ; j++) { | ||
*cp++ = (t & (0x01 << (7-j))) != 0; | ||
} | ||
} | ||
} | ||
void | ||
put8(cp) | ||
char *cp; | ||
{ | ||
int i,j,t; | ||
|
||
for(i=0;i<8;i++){ | ||
t = 0; | ||
for(j = 0; j<8; j++) | ||
t = (t<<1) | *cp++; | ||
printf("%02x", t); | ||
} | ||
} |
Oops, something went wrong.