[unix-history] / lib / libcrypt / krb_des.c

/*-
 * Copyright (c) 1991 The Regents of the University of California.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *	This product includes software developed by the University of
 *	California, Berkeley and its contributors.
 * 4. Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#ifndef lint
static char sccsid[] = "@(#)krb_des.c	5.1 (Berkeley) 2/28/91";
#endif /* not lint */

/*
 * Copyright (C) 1990 by the Massachusetts Institute of Technology
 *
 * Export of this software from the United States of America is assumed
 * to require a specific license from the United States Government.
 * It is the responsibility of any person or organization contemplating
 * export to obtain such a license before exporting.
 *
 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
 * distribute this software and its documentation for any purpose and
 * without fee is hereby granted, provided that the above copyright
 * notice appear in all copies and that both that copyright notice and
 * this permission notice appear in supporting documentation, and that
 * the name of M.I.T. not be used in advertising or publicity pertaining
 * to distribution of the software without specific, written prior
 * permission.  M.I.T. makes no representations about the suitability of
 * this software for any purpose.  It is provided "as is" without express
 * or implied warranty.
 */

#if	defined(AUTHENTICATE) && defined(ENCRYPT) && defined(KRBDES_ENCRYPT)
#include <arpa/telnet.h>
#include <stdio.h>
#ifdef	__STDC__
#include <stdlib.h>
#endif

#include "encrypt.h"
#include "key-proto.h"
#include "misc-proto.h"

extern encrypt_debug_mode;

static Block krbdes_key = { 0 };
static Schedule krbdes_sched = { 0 };
static Block input_feed = { 0 };
static Block output_feed = { 0 };
static Block temp_feed = { 0 };

static unsigned char str_feed[64] = { IAC, SB, TELOPT_ENCRYPT,
				      ENCRYPT_IS,
				      ENCTYPE_KRBDES, };

	void
krbdes_init(server)
	int server;
{
	bzero((void *)krbdes_key, sizeof(Block));
	bzero((void *)krbdes_sched, sizeof(Schedule));
	bzero((void *)input_feed, sizeof(Block));
	bzero((void *)output_feed, sizeof(Block));
}

#define	KRBDES_FEED_INIT	1
#define	KRBDES_FEED_VRFY	2
#define	KRBDES_FEED_FAIL	3
#define	KRBDES_FEED_OK		4
#define	KRBDES_FEED_VRFY_FAIL	5

/*
 * Returns:
 *	-1: some error.  Negotiation is done, encryption not ready.
 *	 0: Successful, initial negotiation all done.
 *	 1: successful, negotiation not done yet.
 *	 2: Not yet.  Other things (like getting the key from
 *	    Kerberos) have to happen before we can continue.
 */


#define	NOT_YET		2
#define	IN_PROGRESS	1
#define	SUCCESS		0
#define	FAILED		-1

int state[2] = { NOT_YET, NOT_YET };
#define	ENCRYPT_STATE 0
#define	DECRYPT_STATE 1

/*
 * This is where we keep track of the fact that there has been a
 * call to krbdes_start(), but we haven't gotten a valid key from
 * kerberos, so that when (if) it does come in, we can continue with
 * the initial encryption startup.
 */
static int need_start;

	int
krbdes_start(dir, server)
	int dir;
	int server;
{ 
	Block b;
	int x;
	unsigned char *p;

	switch (dir) {
	case DIR_DECRYPT:
		/*
		 * This is simply a request to have the other side
		 * start output (our input).  He will negotiate a
		 * feed so we need not look for it.
		 */
		if (!VALIDKEY(krbdes_key))
			return(state[DECRYPT_STATE]);
		if (state[DECRYPT_STATE] == NOT_YET)
			state[DECRYPT_STATE] = IN_PROGRESS;
		return(state[DECRYPT_STATE]);

	case DIR_ENCRYPT:
		if (!VALIDKEY(krbdes_key)) {
			need_start = 1;
			return(state[ENCRYPT_STATE]);
		}
		if (state[ENCRYPT_STATE] == IN_PROGRESS)
			return(IN_PROGRESS);
		if (VALIDKEY(output_feed))
			return(SUCCESS);
		if (encrypt_debug_mode)
			printf("Creating new feed\r\n");
		/*
		 * Create a random feed and send it over encrypted.
		 * The other side will decrypt it, xor in 'KRBDES'
		 * and then recrypt it and send it back.
		 */
		des_new_random_key(temp_feed);
		des_ecb_encrypt(temp_feed, b, krbdes_sched, 1);
		str_feed[3] = ENCRYPT_IS;
		p = str_feed + 5;
		*p++ = KRBDES_FEED_INIT;
		for (x = 0; x < sizeof(Block); ++x) {
			if ((*p++ = b[x]) == IAC)
				*p++ = IAC;
		}
		*p++ = IAC;
		*p++ = SE;
		printsub('>', &str_feed[2], p - &str_feed[2]);
		net_write(str_feed, p - str_feed);
		temp_feed[0] ^= 'K';
		temp_feed[1] ^= 'R';
		temp_feed[2] ^= 'B';
		temp_feed[3] ^= 'D';
		temp_feed[4] ^= 'E';
		temp_feed[5] ^= 'S';
		state[ENCRYPT_STATE] = IN_PROGRESS;
		return(IN_PROGRESS);
	default:
		return(FAILED);
	}
}

/*
 * Returns:
 *	-1: some error.  Negotiation is done, encryption not ready.
 *	 0: Successful, initial negotiation all done.
 *	 1: successful, negotiation not done yet.
 */

	int
krbdes_is(data, cnt)
	unsigned char *data;
	int cnt;
{
	int x;
	unsigned char *p;
	unsigned char *why = 0;
	Block b;

	if (cnt-- < 1) {
		why = (unsigned char *)"Bad IS suboption";
		goto failure;
	}

	switch (*data++) {
	case KRBDES_FEED_INIT:
		if (cnt != sizeof(Block)) {
			if (encrypt_debug_mode)
				printf("Use Feed failed on size\r\n");
			why = (unsigned char *)"Bad block size";
			goto failure;
		}
		if (!VALIDKEY(krbdes_key)) {
			if (encrypt_debug_mode)
				printf("Use Feed failed on key\r\n");
			why = (unsigned char *)"Invalid key";
			goto failure;
		}
		if (encrypt_debug_mode)
			printf("Have a Use Feed\r\n");

		bcopy((void *)data, (void *)b, sizeof(Block));
		des_ecb_encrypt(b, input_feed, krbdes_sched, 0);

		input_feed[0] ^= 'K';
		input_feed[1] ^= 'R';
		input_feed[2] ^= 'B';
		input_feed[3] ^= 'D';
		input_feed[4] ^= 'E';
		input_feed[5] ^= 'S';

		des_ecb_encrypt(input_feed, b, krbdes_sched, 1);
		str_feed[3] = ENCRYPT_REPLY;
		p = str_feed + 5;
		*p++ = KRBDES_FEED_VRFY;
		for (x = 0; x < sizeof(Block); ++x) {
			if ((*p++ = b[x]) == IAC)
				*p++ = IAC;
		}
		*p++ = IAC;
		*p++ = SE;
		printsub('>', &str_feed[2], p - &str_feed[2]);
		net_write(str_feed, p - str_feed);
		if (encrypt_debug_mode)
			printf("Initializing Decrypt stream\r\n");
		key_stream_init(krbdes_key, input_feed, DIR_DECRYPT);
		state[DECRYPT_STATE] = IN_PROGRESS;
		return(IN_PROGRESS);

	case KRBDES_FEED_OK:
		state[DECRYPT_STATE] = SUCCESS;
		return(SUCCESS);

	case KRBDES_FEED_FAIL:
		state[DECRYPT_STATE] = FAILED;
		return(FAILED);

	default:
		if (encrypt_debug_mode) {
			printf("Unknown option type: %d\r\n", data[-1]);
			printd(data, cnt);
			printf("\r\n");
		}
		why = (unsigned char *)"Unknown sub-suboption";
	failure:
		/*
		 * We failed.  Send an empty KRBDES_FEED_VRFY option
		 * to the other side so it will know that things
		 * failed.
		 */
		str_feed[3] = ENCRYPT_REPLY;
		p = str_feed + 5;
		*p++ = KRBDES_FEED_VRFY_FAIL;
		if (why) {
			while (*why) {
				if ((*p++ = *why++) == IAC)
					*p++ = IAC;
			}
		}
		*p++ = IAC;
		*p++ = SE;
		printsub('>', &str_feed[2], p - &str_feed[2]);
		net_write(str_feed, p - str_feed);
		state[DECRYPT_STATE] = FAILED;
		return(FAILED);
	}
}

/*
 * Returns:
 *	-1: some error.  Negotiation is done, encryption not ready.
 *	 0: Successful, initial negotiation all done.
 *	 1: successful, negotiation not done yet.
 */

	int
krbdes_reply(data, cnt)
	unsigned char *data;
	int cnt;
{
	int x;
	unsigned char *p;
	unsigned char *why = 0;
	Block b;

	if (cnt-- < 1) {
		why = (unsigned char *)"Bad REPLY suboption";
		goto failure;
	}

	switch (*data++) {
	case KRBDES_FEED_VRFY:
		if (cnt != sizeof(Block)) {
			if (encrypt_debug_mode)
				printf("Have Feed failed on size\r\n");
			why = (unsigned char *)"Bad block size";
			goto failure;
		}
		if (!VALIDKEY(krbdes_key)) {
			if (encrypt_debug_mode)
				printf("Have Feed failed on key\r\n");
			why = (unsigned char *)"Invalid key";
			goto failure;
		}
		if (encrypt_debug_mode)
			printf("Have a Test Feed\r\n");

		bcopy((void *)data, (void *)b, sizeof(Block));
		des_ecb_encrypt(b, output_feed, krbdes_sched, 0);
		if (!SAMEKEY(output_feed, temp_feed)) {
			if (encrypt_debug_mode)
				printf("Have Feed failed on challange\r\n");
			bzero((void *)output_feed, sizeof(Block));
			why = (unsigned char*)"Challange decrypt failed";
			goto failure;
		}
		if (encrypt_debug_mode)
			printf("Initializing Encrypt stream\r\n");
		key_stream_init(krbdes_key, output_feed, DIR_ENCRYPT);

		str_feed[3] = ENCRYPT_IS;
		p = str_feed + 5;
		*p++ = KRBDES_FEED_OK;
		*p++ = IAC;
		*p++ = SE;
		printsub('>', &str_feed[2], p - &str_feed[2]);
		net_write(str_feed, p - str_feed);
		state[ENCRYPT_STATE] = SUCCESS;
		return(SUCCESS);

	default:
		if (encrypt_debug_mode) {
			printf("Unknown option type: %d\r\n", data[-1]);
			printd(data, cnt);
			printf("\r\n");
		}
		why = (unsigned char *)"Unknown sub-suboption";
	failure:
		str_feed[3] = ENCRYPT_IS;
		p = str_feed + 5;
		*p++ = KRBDES_FEED_FAIL;
		if (why) {
			while (*why) {
				if ((*p++ = *why++) == IAC)
					*p++ = IAC;
			}
		}
		*p++ = IAC;
		*p++ = SE;
		printsub('>', &str_feed[2], p - &str_feed[2]);
		net_write(str_feed, p - str_feed);
		state[ENCRYPT_STATE] = FAILED;
		return(FAILED);
	}
}

	void
krbdes_encrypt(s, c)
	unsigned char *s;
	int c;
{
	while (c-- > 0) {
		*s = key_stream(DIR_ENCRYPT, *s);
		++s;
	}
}

	int
krbdes_decrypt(c)
	int c;
{
	return(key_stream(DIR_DECRYPT, c));
#ifdef	ndef

	if (c == -1) {
		++use;
		return(0);
	}
	if (use) {
		use = 0;
	} else {
		last = key_stream(DIR_DECRYPT, c);
	}

	return(last ^ c);
#endif
}

	void
krbdes_session(key, server)
	Session_Key *key;
	int server;
{
	static once = 1;

	if (!key || key->type != SK_DES) {
		if (encrypt_debug_mode)
			printf("Can't set krbdes's session key (%d != %d)\r\n",
				key ? key->type : -1, SK_DES);
		return;
	}
	bcopy((void *)key->data, (void *)krbdes_key, sizeof(Block));
	if (once) {
		des_set_random_generator_seed(krbdes_key);
		once = 0;
	}
	des_key_sched(krbdes_key, krbdes_sched);
	/*
	 * Now look to see if krbdes_start() was was waiting for
	 * the key to show up.  If so, go ahead an call it now
	 * that we have the key.
	 */
	if (need_start) {
		krbdes_start(DIR_ENCRYPT, server);
		need_start = 0;
	}
}

	void
krbdes_printsub(data, cnt, buf, buflen)
	unsigned char *data, *buf;
	int cnt, buflen;
{
	char lbuf[32];
	register int i;
	char *cp;

	buf[buflen-1] = '\0';		/* make sure it's NULL terminated */
	buflen -= 1;

	switch(data[2]) {
	case KRBDES_FEED_OK:
		cp = "FEED_OK";
		goto common1;
	case KRBDES_FEED_FAIL:
		cp = "FEED_FAIL";
	common1:
		for (; (buflen > 0) && (*buf = *cp++); buf++)
			buflen--;
		if (cnt > 3) {
			if (buflen <= 0)
				break;
			*buf++ = ' ';
			if (--buflen <= 0)
				break;
			*buf++ = '"';
			for (i = 3; i < cnt && buflen > 0; i++, buflen--)
				*buf++ = data[i];
			if (buflen <= 0)
				break;
			*buf++ = '"';
			--buflen;
		}
		if (buflen <= 0)
			break;
		*buf++ = '\0';
		break;
		
	case KRBDES_FEED_INIT:
		cp = "FEED_INIT ";
		goto common2;

	case KRBDES_FEED_VRFY:
		cp = "FEED_VRFY ";
		goto common2;

	default:
		sprintf(lbuf, " %d (unknown)", data[2]);
		cp = lbuf;
	common2:
		for (; (buflen > 0) && (*buf = *cp++); buf++)
			buflen--;
		for (i = 3; i < cnt; i++) {
			sprintf(lbuf, " %d", data[i]);
			for (cp = lbuf; (buflen > 0) && (*buf = *cp++); buf++)
				buflen--;
		}
		break;
	}
}

static	Block stream_output[2];
static	Block stream_feed[2];
static	Schedule stream_sched[2];
static	int stream_index[2];

	void
key_stream_init(key, seed, dir)
	Block key;
	Block seed;
	int dir;
{
	des_key_sched(key, stream_sched[--dir]);
	bcopy((void *)seed, (void *)stream_output[dir], sizeof(Block));
	stream_index[dir] = sizeof(Block);
}

	unsigned char
key_stream(dir, data)
	int dir;
	int data;	/* data de/encrypting */
{
	int index;

	if (data == -1) {
		/* Backpeddle */
		if (stream_index[--dir])
			--stream_index[dir];
		return(0);
	}
	if ((index = stream_index[--dir]++) == sizeof(Block)) {
		Block b;
		des_ecb_encrypt(stream_output[dir],
				b,
				stream_sched[dir], 1);
		bcopy((void *)b, (void *)stream_feed[dir], sizeof(Block));
		stream_index[dir] = 1;	/* Next time will be 1 */
		index = 0;		/* But now use 0 */
	}

	/*
	 * On encryption, we store (feed ^ data) which is cypher
	 * On decryption we store (data) which is cypher
	 */
	if (dir == DIR_DECRYPT)
		return(stream_output[dir][index] =
		        (stream_feed[dir][index] ^ data));
	else
		return((stream_output[dir][index] = data) ^
		          stream_feed[dir][index]);
}
#endif
Commit	Line	Data
15637ed4 RG	1	/*-
	2	* Copyright (c) 1991 The Regents of the University of California.
	3	* All rights reserved.
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions
	7	* are met:
	8	* 1. Redistributions of source code must retain the above copyright
	9	* notice, this list of conditions and the following disclaimer.
	10	* 2. Redistributions in binary form must reproduce the above copyright
	11	* notice, this list of conditions and the following disclaimer in the
	12	* documentation and/or other materials provided with the distribution.
	13	* 3. All advertising materials mentioning features or use of this software
	14	* must display the following acknowledgement:
	15	* This product includes software developed by the University of
	16	* California, Berkeley and its contributors.
	17	* 4. Neither the name of the University nor the names of its contributors
	18	* may be used to endorse or promote products derived from this software
	19	* without specific prior written permission.
	20	*
	21	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	22	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	23	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	24	* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	25	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	26	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	27	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	28	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	29	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	30	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	31	* SUCH DAMAGE.
	32	*/
	33
	34	#ifndef lint
	35	static char sccsid[] = "@(#)krb_des.c 5.1 (Berkeley) 2/28/91";
	36	#endif /* not lint */
	37
	38	/*
	39	* Copyright (C) 1990 by the Massachusetts Institute of Technology
	40	*
	41	* Export of this software from the United States of America is assumed
	42	* to require a specific license from the United States Government.
	43	* It is the responsibility of any person or organization contemplating
	44	* export to obtain such a license before exporting.
	45	*
	46	* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
	47	* distribute this software and its documentation for any purpose and
	48	* without fee is hereby granted, provided that the above copyright
	49	* notice appear in all copies and that both that copyright notice and
	50	* this permission notice appear in supporting documentation, and that
	51	* the name of M.I.T. not be used in advertising or publicity pertaining
	52	* to distribution of the software without specific, written prior
	53	* permission. M.I.T. makes no representations about the suitability of
	54	* this software for any purpose. It is provided "as is" without express
	55	* or implied warranty.
	56	*/
	57
	58	#if defined(AUTHENTICATE) && defined(ENCRYPT) && defined(KRBDES_ENCRYPT)
	59	#include <arpa/telnet.h>
	60	#include <stdio.h>
	61	#ifdef __STDC__
	62	#include <stdlib.h>
	63	#endif
	64
65	#include "encrypt.h"
66	#include "key-proto.h"
67	#include "misc-proto.h"
68
69	extern encrypt_debug_mode;
70
71	static Block krbdes_key = { 0 };
72	static Schedule krbdes_sched = { 0 };
73	static Block input_feed = { 0 };
74	static Block output_feed = { 0 };
75	static Block temp_feed = { 0 };
76
77	static unsigned char str_feed[64] = { IAC, SB, TELOPT_ENCRYPT,
78	ENCRYPT_IS,
79	ENCTYPE_KRBDES, };
80
81	void
82	krbdes_init(server)
83	int server;
84	{
85	bzero((void *)krbdes_key, sizeof(Block));
86	bzero((void *)krbdes_sched, sizeof(Schedule));
87	bzero((void *)input_feed, sizeof(Block));
88	bzero((void *)output_feed, sizeof(Block));
89	}
90
91	#define KRBDES_FEED_INIT 1
92	#define KRBDES_FEED_VRFY 2
93	#define KRBDES_FEED_FAIL 3
94	#define KRBDES_FEED_OK 4
95	#define KRBDES_FEED_VRFY_FAIL 5
96
97	/*
98	* Returns:
99	* -1: some error. Negotiation is done, encryption not ready.
100	* 0: Successful, initial negotiation all done.
101	* 1: successful, negotiation not done yet.
102	* 2: Not yet. Other things (like getting the key from
103	* Kerberos) have to happen before we can continue.
104	*/
105
106
107	#define NOT_YET 2
108	#define IN_PROGRESS 1
109	#define SUCCESS 0
110	#define FAILED -1
111
112	int state[2] = { NOT_YET, NOT_YET };
113	#define ENCRYPT_STATE 0
114	#define DECRYPT_STATE 1
115
116	/*
117	* This is where we keep track of the fact that there has been a
118	* call to krbdes_start(), but we haven't gotten a valid key from
119	* kerberos, so that when (if) it does come in, we can continue with
120	* the initial encryption startup.
121	*/
122	static int need_start;
123
124	int
125	krbdes_start(dir, server)
126	int dir;
127	int server;
128	{
129	Block b;
130	int x;
131	unsigned char *p;
132
133	switch (dir) {
134	case DIR_DECRYPT:
135	/*
136	* This is simply a request to have the other side
137	* start output (our input). He will negotiate a
138	* feed so we need not look for it.
139	*/
140	if (!VALIDKEY(krbdes_key))
141	return(state[DECRYPT_STATE]);
142	if (state[DECRYPT_STATE] == NOT_YET)
143	state[DECRYPT_STATE] = IN_PROGRESS;
144	return(state[DECRYPT_STATE]);
145
146	case DIR_ENCRYPT:
147	if (!VALIDKEY(krbdes_key)) {
148	need_start = 1;
149	return(state[ENCRYPT_STATE]);
150	}
151	if (state[ENCRYPT_STATE] == IN_PROGRESS)
152	return(IN_PROGRESS);
153	if (VALIDKEY(output_feed))
154	return(SUCCESS);
155	if (encrypt_debug_mode)
156	printf("Creating new feed\r\n");
157	/*
158	* Create a random feed and send it over encrypted.
159	* The other side will decrypt it, xor in 'KRBDES'
160	* and then recrypt it and send it back.
161	*/
162	des_new_random_key(temp_feed);
163	des_ecb_encrypt(temp_feed, b, krbdes_sched, 1);
164	str_feed[3] = ENCRYPT_IS;
165	p = str_feed + 5;
166	*p++ = KRBDES_FEED_INIT;
167	for (x = 0; x < sizeof(Block); ++x) {
168	if ((*p++ = b[x]) == IAC)
169	*p++ = IAC;
170	}
171	*p++ = IAC;
172	*p++ = SE;
173	printsub('>', &str_feed[2], p - &str_feed[2]);
174	net_write(str_feed, p - str_feed);
175	temp_feed[0] ^= 'K';
176	temp_feed[1] ^= 'R';
177	temp_feed[2] ^= 'B';
178	temp_feed[3] ^= 'D';
179	temp_feed[4] ^= 'E';
180	temp_feed[5] ^= 'S';
181	state[ENCRYPT_STATE] = IN_PROGRESS;
182	return(IN_PROGRESS);
183	default:
184	return(FAILED);
185	}
186	}
187
188	/*
189	* Returns:
190	* -1: some error. Negotiation is done, encryption not ready.
191	* 0: Successful, initial negotiation all done.
192	* 1: successful, negotiation not done yet.
193	*/
194
195	int
196	krbdes_is(data, cnt)
197	unsigned char *data;
198	int cnt;
199	{
200	int x;
201	unsigned char *p;
202	unsigned char *why = 0;
203	Block b;
204
205	if (cnt-- < 1) {
206	why = (unsigned char *)"Bad IS suboption";
207	goto failure;
208	}
209
210	switch (*data++) {
211	case KRBDES_FEED_INIT:
212	if (cnt != sizeof(Block)) {
213	if (encrypt_debug_mode)
214	printf("Use Feed failed on size\r\n");
215	why = (unsigned char *)"Bad block size";
216	goto failure;
217	}
218	if (!VALIDKEY(krbdes_key)) {
219	if (encrypt_debug_mode)
220	printf("Use Feed failed on key\r\n");
221	why = (unsigned char *)"Invalid key";
222	goto failure;
223	}
224	if (encrypt_debug_mode)
225	printf("Have a Use Feed\r\n");
226
227	bcopy((void )data, (void )b, sizeof(Block));
228	des_ecb_encrypt(b, input_feed, krbdes_sched, 0);
229
230	input_feed[0] ^= 'K';
231	input_feed[1] ^= 'R';
232	input_feed[2] ^= 'B';
233	input_feed[3] ^= 'D';
234	input_feed[4] ^= 'E';
235	input_feed[5] ^= 'S';
236
237	des_ecb_encrypt(input_feed, b, krbdes_sched, 1);
238	str_feed[3] = ENCRYPT_REPLY;
239	p = str_feed + 5;
240	*p++ = KRBDES_FEED_VRFY;
241	for (x = 0; x < sizeof(Block); ++x) {
242	if ((*p++ = b[x]) == IAC)
243	*p++ = IAC;
244	}
245	*p++ = IAC;
246	*p++ = SE;
247	printsub('>', &str_feed[2], p - &str_feed[2]);
248	net_write(str_feed, p - str_feed);
249	if (encrypt_debug_mode)
250	printf("Initializing Decrypt stream\r\n");
251	key_stream_init(krbdes_key, input_feed, DIR_DECRYPT);
252	state[DECRYPT_STATE] = IN_PROGRESS;
253	return(IN_PROGRESS);
254
255	case KRBDES_FEED_OK:
256	state[DECRYPT_STATE] = SUCCESS;
257	return(SUCCESS);
258
259	case KRBDES_FEED_FAIL:
260	state[DECRYPT_STATE] = FAILED;
261	return(FAILED);
262
263	default:
264	if (encrypt_debug_mode) {
265	printf("Unknown option type: %d\r\n", data[-1]);
266	printd(data, cnt);
267	printf("\r\n");
268	}
269	why = (unsigned char *)"Unknown sub-suboption";
270	failure:
271	/*
272	* We failed. Send an empty KRBDES_FEED_VRFY option
273	* to the other side so it will know that things
274	* failed.
275	*/
276	str_feed[3] = ENCRYPT_REPLY;
277	p = str_feed + 5;
278	*p++ = KRBDES_FEED_VRFY_FAIL;
279	if (why) {
280	while (*why) {
281	if ((p++ = why++) == IAC)
282	*p++ = IAC;
283	}
284	}
285	*p++ = IAC;
286	*p++ = SE;
287	printsub('>', &str_feed[2], p - &str_feed[2]);
288	net_write(str_feed, p - str_feed);
289	state[DECRYPT_STATE] = FAILED;
290	return(FAILED);
291	}
292	}
293
294	/*
295	* Returns:
296	* -1: some error. Negotiation is done, encryption not ready.
297	* 0: Successful, initial negotiation all done.
298	* 1: successful, negotiation not done yet.
299	*/
300
301	int
302	krbdes_reply(data, cnt)
303	unsigned char *data;
304	int cnt;
305	{
306	int x;
307	unsigned char *p;
308	unsigned char *why = 0;
309	Block b;
310
311	if (cnt-- < 1) {
312	why = (unsigned char *)"Bad REPLY suboption";
313	goto failure;
314	}
315
316	switch (*data++) {
317	case KRBDES_FEED_VRFY:
318	if (cnt != sizeof(Block)) {
319	if (encrypt_debug_mode)
320	printf("Have Feed failed on size\r\n");
321	why = (unsigned char *)"Bad block size";
322	goto failure;
323	}
324	if (!VALIDKEY(krbdes_key)) {
325	if (encrypt_debug_mode)
326	printf("Have Feed failed on key\r\n");
327	why = (unsigned char *)"Invalid key";
328	goto failure;
329	}
330	if (encrypt_debug_mode)
331	printf("Have a Test Feed\r\n");
332
333	bcopy((void )data, (void )b, sizeof(Block));
334	des_ecb_encrypt(b, output_feed, krbdes_sched, 0);
335	if (!SAMEKEY(output_feed, temp_feed)) {
336	if (encrypt_debug_mode)
337	printf("Have Feed failed on challange\r\n");
338	bzero((void *)output_feed, sizeof(Block));
339	why = (unsigned char*)"Challange decrypt failed";
340	goto failure;
341	}
342	if (encrypt_debug_mode)
343	printf("Initializing Encrypt stream\r\n");
344	key_stream_init(krbdes_key, output_feed, DIR_ENCRYPT);
345
346	str_feed[3] = ENCRYPT_IS;
347	p = str_feed + 5;
348	*p++ = KRBDES_FEED_OK;
349	*p++ = IAC;
350	*p++ = SE;
351	printsub('>', &str_feed[2], p - &str_feed[2]);
352	net_write(str_feed, p - str_feed);
353	state[ENCRYPT_STATE] = SUCCESS;
354	return(SUCCESS);
355
356	default:
357	if (encrypt_debug_mode) {
358	printf("Unknown option type: %d\r\n", data[-1]);
359	printd(data, cnt);
360	printf("\r\n");
361	}
362	why = (unsigned char *)"Unknown sub-suboption";
363	failure:
364	str_feed[3] = ENCRYPT_IS;
365	p = str_feed + 5;
366	*p++ = KRBDES_FEED_FAIL;
367	if (why) {
368	while (*why) {
369	if ((p++ = why++) == IAC)
370	*p++ = IAC;
371	}
372	}
373	*p++ = IAC;
374	*p++ = SE;
375	printsub('>', &str_feed[2], p - &str_feed[2]);
376	net_write(str_feed, p - str_feed);
377	state[ENCRYPT_STATE] = FAILED;
378	return(FAILED);
379	}
380	}
381
382	void
383	krbdes_encrypt(s, c)
384	unsigned char *s;
385	int c;
386	{
387	while (c-- > 0) {
388	s = key_stream(DIR_ENCRYPT, s);
389	++s;
390	}
391	}
392
393	int
394	krbdes_decrypt(c)
395	int c;
396	{
397	return(key_stream(DIR_DECRYPT, c));
398	#ifdef ndef
399
400	if (c == -1) {
401	++use;
402	return(0);
403	}
404	if (use) {
405	use = 0;
406	} else {
407	last = key_stream(DIR_DECRYPT, c);
408	}
409
410	return(last ^ c);
411	#endif
412	}
413
414	void
415	krbdes_session(key, server)
416	Session_Key *key;
417	int server;
418	{
419	static once = 1;
420
421	if (!key \|\| key->type != SK_DES) {
422	if (encrypt_debug_mode)
423	printf("Can't set krbdes's session key (%d != %d)\r\n",
424	key ? key->type : -1, SK_DES);
425	return;
426	}
427	bcopy((void )key->data, (void )krbdes_key, sizeof(Block));
428	if (once) {
429	des_set_random_generator_seed(krbdes_key);
430	once = 0;
431	}
432	des_key_sched(krbdes_key, krbdes_sched);
433	/*
434	* Now look to see if krbdes_start() was was waiting for
435	* the key to show up. If so, go ahead an call it now
436	* that we have the key.
437	*/
438	if (need_start) {
439	krbdes_start(DIR_ENCRYPT, server);
440	need_start = 0;
441	}
442	}
443
444	void
445	krbdes_printsub(data, cnt, buf, buflen)
446	unsigned char data, buf;
447	int cnt, buflen;
448	{
449	char lbuf[32];
450	register int i;
451	char *cp;
452
453	buf[buflen-1] = '\0'; /* make sure it's NULL terminated */
454	buflen -= 1;
455
456	switch(data[2]) {
457	case KRBDES_FEED_OK:
458	cp = "FEED_OK";
459	goto common1;
460	case KRBDES_FEED_FAIL:
461	cp = "FEED_FAIL";
462	common1:
463	for (; (buflen > 0) && (buf = cp++); buf++)
464	buflen--;
465	if (cnt > 3) {
466	if (buflen <= 0)
467	break;
468	*buf++ = ' ';
469	if (--buflen <= 0)
470	break;
471	*buf++ = '"';
472	for (i = 3; i < cnt && buflen > 0; i++, buflen--)
473	*buf++ = data[i];
474	if (buflen <= 0)
475	break;
476	*buf++ = '"';
477	--buflen;
478	}
479	if (buflen <= 0)
480	break;
481	*buf++ = '\0';
482	break;
483
484	case KRBDES_FEED_INIT:
485	cp = "FEED_INIT ";
486	goto common2;
487
488	case KRBDES_FEED_VRFY:
489	cp = "FEED_VRFY ";
490	goto common2;
491
492	default:
493	sprintf(lbuf, " %d (unknown)", data[2]);
494	cp = lbuf;
495	common2:
496	for (; (buflen > 0) && (buf = cp++); buf++)
497	buflen--;
498	for (i = 3; i < cnt; i++) {
499	sprintf(lbuf, " %d", data[i]);
500	for (cp = lbuf; (buflen > 0) && (buf = cp++); buf++)
501	buflen--;
502	}
503	break;
504	}
505	}
506
507	static Block stream_output[2];
508	static Block stream_feed[2];
509	static Schedule stream_sched[2];
510	static int stream_index[2];
511
512	void
513	key_stream_init(key, seed, dir)
514	Block key;
515	Block seed;
516	int dir;
517	{
518	des_key_sched(key, stream_sched[--dir]);
519	bcopy((void )seed, (void )stream_output[dir], sizeof(Block));
520	stream_index[dir] = sizeof(Block);
521	}
522
523	unsigned char
524	key_stream(dir, data)
525	int dir;
526	int data; /* data de/encrypting */
527	{
528	int index;
529
530	if (data == -1) {
531	/* Backpeddle */
532	if (stream_index[--dir])
533	--stream_index[dir];
534	return(0);
535	}
536	if ((index = stream_index[--dir]++) == sizeof(Block)) {
537	Block b;
538	des_ecb_encrypt(stream_output[dir],
539	b,
540	stream_sched[dir], 1);
541	bcopy((void )b, (void )stream_feed[dir], sizeof(Block));
542	stream_index[dir] = 1; /* Next time will be 1 */
543	index = 0; /* But now use 0 */
544	}
545
546	/*
547	* On encryption, we store (feed ^ data) which is cypher
548	* On decryption we store (data) which is cypher
549	*/
550	if (dir == DIR_DECRYPT)
551	return(stream_output[dir][index] =
552	(stream_feed[dir][index] ^ data));
553	else
554	return((stream_output[dir][index] = data) ^
555	stream_feed[dir][index]);
556	}
557	#endif