repair DES on LP64. past code did not interoperate with non-LP64, due to

incorrect computed results.
remove unnecessary #ifdef/#define.  sync with kame.

sys/crypto/des/des.h

@@ -1,5 +1,5 @@
-/*	$NetBSD: des.h,v 1.1.1.1 2000/06/14 19:45:35 thorpej Exp $	*/
-/*	$KAME: des.h,v 1.4 2000/06/14 10:41:17 itojun Exp $	*/
+/*	$NetBSD: des.h,v 1.2 2000/08/31 07:33:04 itojun Exp $	*/
+/*	$KAME: des.h,v 1.5 2000/08/31 07:27:26 itojun Exp $	*/
 
 /* lib/des/des.h */
 /* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
@@ -55,11 +55,8 @@
 extern "C" {
 #endif
 
-/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
- * %20 speed up (longs are 8 bytes, int's are 4). */
-#ifndef DES_LONG
-#define DES_LONG unsigned long
-#endif
+/* must be 32bit quantity */
+#define DES_LONG u_int32_t
 
 typedef unsigned char des_cblock[8];
 typedef struct des_ks_struct
@@ -83,196 +80,29 @@ typedef struct des_ks_struct
 #define DES_CBC_MODE	0
 #define DES_PCBC_MODE	1
 
-#define des_ecb2_encrypt(i,o,k1,k2,e) \
-	des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-	des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-	des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-	des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-#define C_Block des_cblock
-#define Key_schedule des_key_schedule
-#ifdef KERBEROS
-#define ENCRYPT DES_ENCRYPT
-#define DECRYPT DES_DECRYPT
-#endif
-#define KEY_SZ DES_KEY_SZ
-#define string_to_key des_string_to_key
-#define read_pw_string des_read_pw_string
-#define random_key des_random_key
-#define pcbc_encrypt des_pcbc_encrypt
-#define set_key des_set_key
-#define key_sched des_key_sched
-#define ecb_encrypt des_ecb_encrypt
-#define cbc_encrypt des_cbc_encrypt
-#define ncbc_encrypt des_ncbc_encrypt
-#define xcbc_encrypt des_xcbc_encrypt
-#define cbc_cksum des_cbc_cksum
-#define quad_cksum des_quad_cksum
-
-/* For compatibility with the MIT lib - eay 20/05/92 */
-typedef des_key_schedule bit_64;
-#define des_fixup_key_parity des_set_odd_parity
-#define des_check_key_parity check_parity
-
 extern int des_check_key;	/* defaults to false */
-extern int des_rw_mode;		/* defaults to DES_PCBC_MODE */
 
 /* The next line is used to disable full ANSI prototypes, if your
  * compiler has problems with the prototypes, make sure this line always
  * evaluates to true :-) */
-#if defined(MSDOS) || defined(__STDC__)
-#undef NOPROTO
-#endif
-#ifndef NOPROTO
-char *des_options(void);
-void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
-	des_key_schedule ks1,des_key_schedule ks2,
-	des_key_schedule ks3, int enc);
-DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
-	long length,des_key_schedule schedule,des_cblock *ivec);
-/*
-void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
-	des_key_schedule schedule,des_cblock *ivec,int enc);
-*/
-int des_cbc_encrypt(struct mbuf *, size_t, size_t,
-	des_key_schedule schedule,des_cblock *ivec, int enc);
-void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
-	des_key_schedule schedule,des_cblock *ivec,int enc);
-void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
-	des_key_schedule schedule,des_cblock *ivec,
-	des_cblock *inw,des_cblock *outw,int enc);
-void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
-	des_key_schedule sk1,des_key_schedule sk2,
-	des_cblock *ivec1,des_cblock *ivec2,int enc);
-extern int des_3cbc_process(struct mbuf *, size_t, size_t,
-	des_key_schedule *schedule, des_cblock *ivec, int mode);
-void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
-	long length,des_key_schedule schedule,des_cblock *ivec,int enc);
-void des_ecb_encrypt(des_cblock *input,des_cblock *output,
-	des_key_schedule ks,int enc);
-void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
-void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
-void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output,
-	long length, des_key_schedule ks1, des_key_schedule ks2,
-	des_key_schedule ks3, des_cblock *ivec, int enc);
-void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
-	long length, des_key_schedule ks1, des_key_schedule ks2,
-	des_key_schedule ks3, des_cblock *ivec, int *num, int encrypt);
-void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
-	long length, des_key_schedule ks1, des_key_schedule ks2,
-	des_key_schedule ks3, des_cblock *ivec, int *num);
+char *des_options __P((void));
+struct mbuf;
+int des_cbc_encrypt __P((struct mbuf *, size_t, size_t,
+	des_key_schedule, des_cblock *, int));
+void des_3cbc_encrypt __P((des_cblock *, des_cblock *, long,
+	des_key_schedule, des_key_schedule,
+	des_cblock *, des_cblock *, int));
+extern int des_3cbc_process __P((struct mbuf *, size_t, size_t,
+	des_key_schedule *, des_cblock *, int));
+void des_ecb_encrypt __P((des_cblock *, des_cblock *,
+	des_key_schedule, int));
+void des_encrypt __P((DES_LONG *, des_key_schedule, int));
+void des_encrypt2 __P((DES_LONG *, des_key_schedule, int));
 
-int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
-	des_cblock *iv);
-int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
-	des_cblock *iv);
-#ifdef PERL5
-char *des_crypt(const char *buf,const char *salt);
-#else
-/* some stupid compilers complain because I have declared char instead
- * of const char */
-#if 1
-char *crypt(const char *buf,const char *salt);
-#else
-char *crypt();
-#endif
-#endif
-void des_ofb_encrypt(unsigned char *in,unsigned char *out,
-	int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
-void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
-	des_key_schedule schedule,des_cblock *ivec,int enc);
-DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
-	long length,int out_count,des_cblock *seed);
-void des_random_seed(des_cblock key);
-void des_random_key(des_cblock ret);
-int des_read_password(des_cblock *key,char *prompt,int verify);
-int des_read_2passwords(des_cblock *key1,des_cblock *key2,
-	char *prompt,int verify);
-int des_read_pw_string(char *buf,int length,char *prompt,int verify);
-void des_set_odd_parity(des_cblock *key);
-int des_is_weak_key(des_cblock *key);
-int des_set_key(des_cblock *key,des_key_schedule schedule);
-int des_key_sched(des_cblock *key,des_key_schedule schedule);
-void des_string_to_key(char *str,des_cblock *key);
-void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
-void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
-void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
-	des_key_schedule schedule, des_cblock *ivec, int *num);
-
-/* Extra functions from Mark Murray <mark@grondar.za> */
-/*
-void des_cblock_print_file(des_cblock *cb, FILE *fp);
-*/
-/* The following functions are not in the normal unix build or the
- * SSLeay build.  When using the SSLeay build, use RAND_seed()
- * and RAND_bytes() instead. */
-int des_new_random_key(des_cblock *key);
-void des_init_random_number_generator(des_cblock *key);
-void des_set_random_generator_seed(des_cblock *key);
-void des_set_sequence_number(des_cblock new_sequence_number);
-void des_generate_random_block(des_cblock *block);
-
-#else
-
-char *des_options();
-void des_ecb3_encrypt();
-DES_LONG des_cbc_cksum();
-void des_cbc_encrypt();
-void des_ncbc_encrypt();
-void des_xcbc_encrypt();
-void des_3cbc_encrypt();
-void des_cfb_encrypt();
-void des_ede3_cfb64_encrypt();
-void des_ede3_ofb64_encrypt();
-void des_ecb_encrypt();
-void des_encrypt();
-void des_encrypt2();
-void des_ede3_cbc_encrypt();
-int des_enc_read();
-int des_enc_write();
-#ifdef PERL5
-char *des_crypt();
-#else
-char *crypt();
-#endif
-void des_ofb_encrypt();
-void des_pcbc_encrypt();
-DES_LONG des_quad_cksum();
-void des_random_seed();
-void des_random_key();
-int des_read_password();
-int des_read_2passwords();
-int des_read_pw_string();
-void des_set_odd_parity();
-int des_is_weak_key();
-int des_set_key();
-int des_key_sched();
-void des_string_to_key();
-void des_string_to_2keys();
-void des_cfb64_encrypt();
-void des_ofb64_encrypt();
-
-/* Extra functions from Mark Murray <mark@grondar.za> */
-void des_cblock_print_file();
-/* The following functions are not in the normal unix build or the
- * SSLeay build.  When using the SSLeay build, use RAND_seed()
- * and RAND_bytes() instead. */
-#ifdef FreeBSD
-int des_new_random_key();
-void des_init_random_number_generator();
-void des_set_random_generator_seed();
-void des_set_sequence_number();
-void des_generate_random_block();
-#endif
-
-#endif
+void des_set_odd_parity __P((des_cblock *));
+int des_is_weak_key __P((des_cblock *));
+int des_set_key __P((des_cblock *, des_key_schedule));
+int des_key_sched __P((des_cblock *, des_key_schedule));
 
 #ifdef  __cplusplus
 }

sys/crypto/des/des_3cbc.c

@@ -1,5 +1,5 @@
-/*	$NetBSD: des_3cbc.c,v 1.1.1.1 2000/06/14 19:45:35 thorpej Exp $	*/
-/*	$KAME: des_3cbc.c,v 1.4 2000/06/14 10:41:17 itojun Exp $	*/
+/*	$NetBSD: des_3cbc.c,v 1.2 2000/08/31 07:33:04 itojun Exp $	*/
+/*	$KAME: des_3cbc.c,v 1.5 2000/08/31 07:27:26 itojun Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -32,6 +32,11 @@
 /*
  * based on sys/crypto/des/des_cbc.c, rewrote by Tomomi Suzuki
  */
+
+#include <sys/param.h>
+#include <sys/malloc.h>
+#include <sys/systm.h>
+#include <sys/mbuf.h>
 #include <crypto/des/des_locl.h>
 
 #define panic(x)	do { printf(x); return EINVAL; } while (0)

sys/crypto/des/des_cbc.c

@@ -1,5 +1,5 @@
-/*	$NetBSD: des_cbc.c,v 1.1.1.1 2000/06/14 19:45:35 thorpej Exp $	*/
-/*	$KAME: des_cbc.c,v 1.4 2000/06/14 10:41:17 itojun Exp $	*/
+/*	$NetBSD: des_cbc.c,v 1.2 2000/08/31 07:33:04 itojun Exp $	*/
+/*	$KAME: des_cbc.c,v 1.5 2000/08/31 07:27:27 itojun Exp $	*/
 
 /*
  * heavily modified by Yoshifumi Nishida <nishida@sfc.wide.ad.jp>.
@@ -53,6 +53,10 @@
  * [including the GNU Public Licence.]
  */
 
+#include <sys/param.h>
+#include <sys/malloc.h>
+#include <sys/systm.h>
+#include <sys/mbuf.h>
 #include <crypto/des/des_locl.h>
 
 #define panic(x) do {printf(x); return EINVAL;} while (0)

sys/crypto/des/des_ecb.c

@@ -1,5 +1,5 @@
-/*	$NetBSD: des_ecb.c,v 1.1.1.1 2000/06/14 19:45:35 thorpej Exp $	*/
-/*	$KAME: des_ecb.c,v 1.3 2000/03/27 04:36:33 sumikawa Exp $	*/
+/*	$NetBSD: des_ecb.c,v 1.2 2000/08/31 07:33:05 itojun Exp $	*/
+/*	$KAME: des_ecb.c,v 1.4 2000/08/31 07:27:27 itojun Exp $	*/
 
 /* crypto/des/ecb_enc.c */
 /* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
@@ -48,6 +48,9 @@
  * [including the GNU Public Licence.]
  */
 
+#include <sys/param.h>
+#include <sys/malloc.h>
+#include <sys/systm.h>
 #include <crypto/des/des_locl.h>
 #include <crypto/des/spr.h>
 

sys/crypto/des/des_locl.h

@@ -1,5 +1,5 @@
-/*	$NetBSD: des_locl.h,v 1.1.1.1 2000/06/14 19:45:35 thorpej Exp $	*/
-/*	$KAME: des_locl.h,v 1.4 2000/03/27 04:43:46 sumikawa Exp $	*/
+/*	$NetBSD: des_locl.h,v 1.2 2000/08/31 07:33:05 itojun Exp $	*/
+/*	$KAME: des_locl.h,v 1.5 2000/08/31 07:27:27 itojun Exp $	*/
 
 /* lib/des/des_locl.h */
 /* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
@@ -55,83 +55,19 @@
  * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
  */
 
-#include <sys/param.h>
-#include <sys/malloc.h>
-#include <sys/mbuf.h>
-#include <sys/systm.h>
-
 #ifndef HEADER_DES_LOCL_H
 #define HEADER_DES_LOCL_H
 
-#if defined(WIN32) || defined(WIN16)
-#ifndef MSDOS
-#define MSDOS
-#endif
-#endif
-
-/*
-#include <stdio.h>
-#include <stdlib.h>
-#ifndef MSDOS
-#include <unistd.h>
-#endif
-*/
 #include <crypto/des/des.h>
 
-/* the following is tweaked from a config script, that is why it is a
- * protected undef/define */
-#ifndef DES_PTR
 #undef DES_PTR
-#endif
 
-#ifdef MSDOS		/* Visual C++ 2.1 (Windows NT/95) */
-#include <stdlib.h>
-#include <errno.h>
-#include <time.h>
-#include <io.h>
-#ifndef RAND
-#define RAND
-#endif
-#undef NOPROTO
-#endif
-
-#if !defined(_KERNEL) && (defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS))
-#ifndef __NetBSD__
-#include <string.h>
-#endif
-#endif
-
-#ifdef __NetBSD__
 #include <sys/systm.h>
-#endif
-
-#ifndef RAND
-#define RAND
-#endif
-
-#ifdef linux
-#undef RAND
-#endif
-
-#ifdef MSDOS
-#define getpid() 2
-#define RAND
-#undef NOPROTO
-#endif
-
-#if defined(NOCONST)
-#define const
-#endif
 
 #ifdef __STDC__
 #undef NOPROTO
 #endif
 
-#ifdef RAND
-#define srandom(s) srand(s)
-#define random rand
-#endif
-
 #define ITERATIONS 16
 #define HALF_ITERATIONS 8
 
@@ -194,11 +130,7 @@
 				} \
 			}
 
-#if defined(WIN32)
-#define	ROTATE(a,n)	(_lrotr(a,n))
-#else
 #define	ROTATE(a,n)	(((a)>>(n))+((a)<<(32-(n))))
-#endif
 
 /* The changes to this macro may help or hinder, depending on the
  * compiler and the achitecture.  gcc2 always seems to do well :-).
@@ -313,36 +245,3 @@
 	PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
 	}
 #endif
-
-
-/*
-#define mbuf2char(i_mbuf, i_index, in) \
-	{					\
-	register int	i;			\	
-	struct	mbuf	*m;			\	
-	char		*buf;			\
-	m = i_mbuf;				\
-	for (i = 0; i < 8; i ++){		\
-		if (i_index + i == m->m_len){	\
-			m = m->m_next;		\
-		}				\
-		buf = mtod(m, char *);		\
-		in[i] = *(buf + i);		\
-	}
-
-
-#define char2mbuf(o_mbuf, o_index, out) \
-	{					\
-	register int	i;			\	
-	struct	mbuf	*m;			\	
-	char		*buf;			\
-	m = o_mbuf;				\
-	for (i = 0; i < 8; i ++){		\
-		if (i_index + i == m->m_len){	\
-			m = m->m_next;		\
-		}				\
-		buf = mtod(m, char *);		\
-		*(buf + i) = out[i];		\
-	}
-*/
-

sys/crypto/des/des_setkey.c

@@ -1,5 +1,5 @@
-/*	$NetBSD: des_setkey.c,v 1.1.1.1 2000/06/14 19:45:36 thorpej Exp $	*/
-/*	$KAME: des_setkey.c,v 1.3 2000/03/27 04:36:33 sumikawa Exp $	*/
+/*	$NetBSD: des_setkey.c,v 1.2 2000/08/31 07:33:05 itojun Exp $	*/
+/*	$KAME: des_setkey.c,v 1.4 2000/08/31 07:27:27 itojun Exp $	*/
 
 /* crypto/des/set_key.c */
 /* Copyright (C) 1995-1996 Eric Young (eay@mincom.oz.au)
@@ -55,15 +55,14 @@
  * 1.1 added norm_expand_bits
  * 1.0 First working version
  */
+#include <sys/param.h>
+#include <sys/malloc.h>
+#include <sys/systm.h>
 #include <crypto/des/des_locl.h>
 #include <crypto/des/podd.h>
 #include <crypto/des/sk.h>
 
-#ifndef NOPROTO
-static int check_parity(des_cblock (*key));
-#else
-static int check_parity();
-#endif
+static int check_parity __P((des_cblock (*)));
 
 int des_check_key=0;
 

sys/netinet6/esp_core.c

@@ -1,5 +1,5 @@
-/*	$NetBSD: esp_core.c,v 1.6 2000/08/30 14:58:33 itojun Exp $	*/
-/*	$KAME: esp_core.c,v 1.36 2000/08/30 14:56:10 itojun Exp $	*/
+/*	$NetBSD: esp_core.c,v 1.7 2000/08/31 07:33:05 itojun Exp $	*/
+/*	$KAME: esp_core.c,v 1.37 2000/08/31 07:27:26 itojun Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -264,7 +264,7 @@ esp_descbc_mature(sav)
 	}
 
 	/* weak key check */
-	if (des_is_weak_key((C_Block *)_KEYBUF(sav->key_enc))) {
+	if (des_is_weak_key((des_cblock *)_KEYBUF(sav->key_enc))) {
 		ipseclog((LOG_ERR,
 		    "esp_descbc_mature: weak key was passed.\n"));
 		return 1;
@@ -294,7 +294,7 @@ esp_des_schedule(algo, sav)
 	struct secasvar *sav;
 {
 
-	if (des_key_sched((C_Block *)_KEYBUF(sav->key_enc),
+	if (des_key_sched((des_cblock *)_KEYBUF(sav->key_enc),
 	    *(des_key_schedule *)sav->sched))
 		return EINVAL;
 	else
@@ -371,9 +371,9 @@ esp_cbc_mature(sav)
 	switch (sav->alg_enc) {
 	case SADB_EALG_3DESCBC:
 		/* weak key check */
-		if (des_is_weak_key((C_Block *)_KEYBUF(sav->key_enc))
-		 || des_is_weak_key((C_Block *)(_KEYBUF(sav->key_enc) + 8))
-		 || des_is_weak_key((C_Block *)(_KEYBUF(sav->key_enc) + 16))) {
+		if (des_is_weak_key((des_cblock *)_KEYBUF(sav->key_enc)) ||
+		    des_is_weak_key((des_cblock *)(_KEYBUF(sav->key_enc) + 8)) ||
+		    des_is_weak_key((des_cblock *)(_KEYBUF(sav->key_enc) + 16))) {
 			ipseclog((LOG_ERR,
 			    "esp_cbc_mature %s: weak key was passed.\n",
 			    algo->name));
@@ -480,7 +480,7 @@ esp_3des_schedule(algo, sav)
 	p = (des_key_schedule *)sav->sched;
 	k = _KEYBUF(sav->key_enc);
 	for (i = 0; i < 3; i++) {
-		error = des_key_sched((C_Block *)(k + 8 * i), p[i]);
+		error = des_key_sched((des_cblock *)(k + 8 * i), p[i]);
 		if (error)
 			return EINVAL;
 	}