001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020 021/* 022 * @(#)UnixCrypt.java 0.9 96/11/25 023 * 024 * Copyright (c) 1996 Aki Yoshida. All rights reserved. 025 * 026 * Permission to use, copy, modify and distribute this software 027 * for non-commercial or commercial purposes and without fee is 028 * hereby granted provided that this copyright notice appears in 029 * all copies. 030 */ 031 032/** 033 * Unix crypt(3C) utility 034 * 035 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 036 * 037 * modified April 2001 038 * by Iris Van den Broeke, Daniel Deville 039 */ 040 041package org.apache.directory.shared.util; 042 043import org.apache.directory.shared.i18n.I18n; 044 045 046 /* 047 * @(#)UnixCrypt.java 0.9 96/11/25 048 * 049 * Copyright (c) 1996 Aki Yoshida. All rights reserved. 050 * 051 * Permission to use, copy, modify and distribute this software 052 * for non-commercial or commercial purposes and without fee is 053 * hereby granted provided that this copyright notice appears in 054 * all copies. 055 */ 056 057 /** 058 * Unix crypt(3C) utility 059 * 060 * @author Aki Yoshida 061 * 2001 062 * by Iris Van den Broeke, Daniel Deville 063 */ 064 065 066 /* ------------------------------------------------------------ */ 067 /** Unix Crypt. 068 * Implements the one way cryptography used by Unix systems for 069 * simple password protection. 070 * @author Greg Wilkins (gregw) 071 */ 072 public class UnixCrypt extends Object 073 { 074 075 /* (mostly) Standard DES Tables from Tom Truscott */ 076 private static final byte[] IP = { /* initial permutation */ 077 58, 50, 42, 34, 26, 18, 10, 2, 078 60, 52, 44, 36, 28, 20, 12, 4, 079 62, 54, 46, 38, 30, 22, 14, 6, 080 64, 56, 48, 40, 32, 24, 16, 8, 081 57, 49, 41, 33, 25, 17, 9, 1, 082 59, 51, 43, 35, 27, 19, 11, 3, 083 61, 53, 45, 37, 29, 21, 13, 5, 084 63, 55, 47, 39, 31, 23, 15, 7}; 085 086 /* The final permutation is the inverse of IP - no table is necessary */ 087 private static final byte[] ExpandTr = { /* expansion operation */ 088 32, 1, 2, 3, 4, 5, 089 4, 5, 6, 7, 8, 9, 090 8, 9, 10, 11, 12, 13, 091 12, 13, 14, 15, 16, 17, 092 16, 17, 18, 19, 20, 21, 093 20, 21, 22, 23, 24, 25, 094 24, 25, 26, 27, 28, 29, 095 28, 29, 30, 31, 32, 1}; 096 097 private static final byte[] PC1 = { /* permuted choice table 1 */ 098 57, 49, 41, 33, 25, 17, 9, 099 1, 58, 50, 42, 34, 26, 18, 100 10, 2, 59, 51, 43, 35, 27, 101 19, 11, 3, 60, 52, 44, 36, 102 103 63, 55, 47, 39, 31, 23, 15, 104 7, 62, 54, 46, 38, 30, 22, 105 14, 6, 61, 53, 45, 37, 29, 106 21, 13, 5, 28, 20, 12, 4}; 107 108 private static final byte[] Rotates = { /* PC1 rotation schedule */ 109 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1}; 110 111 112 private static final byte[] PC2 = { /* permuted choice table 2 */ 113 9, 18, 14, 17, 11, 24, 1, 5, 114 22, 25, 3, 28, 15, 6, 21, 10, 115 35, 38, 23, 19, 12, 4, 26, 8, 116 43, 54, 16, 7, 27, 20, 13, 2, 117 118 0, 0, 41, 52, 31, 37, 47, 55, 119 0, 0, 30, 40, 51, 45, 33, 48, 120 0, 0, 44, 49, 39, 56, 34, 53, 121 0, 0, 46, 42, 50, 36, 29, 32}; 122 123 private static final byte[][] S = { /* 48->32 bit substitution tables */ 124 /* S[1] */ 125 {14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7, 126 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8, 127 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0, 128 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13}, 129 /* S[2] */ 130 {15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10, 131 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5, 132 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15, 133 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}, 134 /* S[3] */ 135 {10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8, 136 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1, 137 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7, 138 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}, 139 /* S[4] */ 140 {7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15, 141 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9, 142 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4, 143 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}, 144 /* S[5] */ 145 {2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9, 146 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6, 147 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14, 148 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}, 149 /* S[6] */ 150 {12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11, 151 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8, 152 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6, 153 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}, 154 /* S[7] */ 155 {4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1, 156 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6, 157 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2, 158 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}, 159 /* S[8] */ 160 {13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7, 161 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2, 162 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8, 163 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}; 164 165 private static final byte[] P32Tr = { /* 32-bit permutation function */ 166 16, 7, 20, 21, 167 29, 12, 28, 17, 168 1, 15, 23, 26, 169 5, 18, 31, 10, 170 2, 8, 24, 14, 171 32, 27, 3, 9, 172 19, 13, 30, 6, 173 22, 11, 4, 25}; 174 175 private static final byte[] CIFP = { /* compressed/interleaved permutation */ 176 1, 2, 3, 4, 17, 18, 19, 20, 177 5, 6, 7, 8, 21, 22, 23, 24, 178 9, 10, 11, 12, 25, 26, 27, 28, 179 13, 14, 15, 16, 29, 30, 31, 32, 180 181 33, 34, 35, 36, 49, 50, 51, 52, 182 37, 38, 39, 40, 53, 54, 55, 56, 183 41, 42, 43, 44, 57, 58, 59, 60, 184 45, 46, 47, 48, 61, 62, 63, 64}; 185 186 private static final byte[] ITOA64 = { /* 0..63 => ascii-64 */ 187 (byte)'.',(byte) '/',(byte) '0',(byte) '1',(byte) '2',(byte) '3',(byte) '4',(byte) '5', 188 (byte)'6',(byte) '7',(byte) '8',(byte) '9',(byte) 'A',(byte) 'B',(byte) 'C',(byte) 'D', 189 (byte)'E',(byte) 'F',(byte) 'G',(byte) 'H',(byte) 'I',(byte) 'J',(byte) 'K',(byte) 'L', 190 (byte)'M',(byte) 'N',(byte) 'O',(byte) 'P',(byte) 'Q',(byte) 'R',(byte) 'S',(byte) 'T', 191 (byte)'U',(byte) 'V',(byte) 'W',(byte) 'X',(byte) 'Y',(byte) 'Z',(byte) 'a',(byte) 'b', 192 (byte)'c',(byte) 'd',(byte) 'e',(byte) 'f',(byte) 'g',(byte) 'h',(byte) 'i',(byte) 'j', 193 (byte)'k',(byte) 'l',(byte) 'm',(byte) 'n',(byte) 'o',(byte) 'p',(byte) 'q',(byte) 'r', 194 (byte)'s',(byte) 't',(byte) 'u',(byte) 'v',(byte) 'w',(byte) 'x',(byte) 'y',(byte) 'z'}; 195 196 /* ===== Tables that are initialized at run time ==================== */ 197 198 private static byte[] A64TOI = new byte[128]; /* ascii-64 => 0..63 */ 199 200 /* Initial key schedule permutation */ 201 private static long[][] PC1ROT = new long[16][16]; 202 203 /* Subsequent key schedule rotation permutations */ 204 private static long[][][] PC2ROT = new long[2][16][16]; 205 206 /* Initial permutation/expansion table */ 207 private static long[][] IE3264 = new long[8][16]; 208 209 /* Table that combines the S, P, and E operations. */ 210 private static long[][] SPE = new long[8][64]; 211 212 /* compressed/interleaved => final permutation table */ 213 private static long[][] CF6464 = new long[16][16]; 214 215 216 /* ==================================== */ 217 218 static { 219 byte[] perm = new byte[64]; 220 byte[] temp = new byte[64]; 221 222 // inverse table. 223 for (int i=0; i<64; i++) A64TOI[ITOA64[i]] = (byte)i; 224 225 // PC1ROT - bit reverse, then PC1, then Rotate, then PC2 226 for (int i=0; i<64; i++) perm[i] = (byte)0; 227 for (int i=0; i<64; i++) { 228 int k; 229 if ((k = PC2[i]) == 0) continue; 230 k += Rotates[0]-1; 231 if ((k%28) < Rotates[0]) k -= 28; 232 k = PC1[k]; 233 if (k > 0) { 234 k--; 235 k = (k|0x07) - (k&0x07); 236 k++; 237 } 238 perm[i] = (byte)k; 239 } 240 init_perm(PC1ROT, perm, 8); 241 242 // PC2ROT - PC2 inverse, then Rotate, then PC2 243 for (int j=0; j<2; j++) { 244 int k; 245 for (int i=0; i<64; i++) perm[i] = temp[i] = 0; 246 for (int i=0; i<64; i++) { 247 if ((k = PC2[i]) == 0) continue; 248 temp[k-1] = (byte)(i+1); 249 } 250 for (int i=0; i<64; i++) { 251 if ((k = PC2[i]) == 0) continue; 252 k += j; 253 if ((k%28) <= j) k -= 28; 254 perm[i] = temp[k]; 255 } 256 257 init_perm(PC2ROT[j], perm, 8); 258 } 259 260 // Bit reverse, intial permupation, expantion 261 for (int i=0; i<8; i++) { 262 for (int j=0; j<8; j++) { 263 int k = (j < 2)? 0: IP[ExpandTr[i*6+j-2]-1]; 264 if (k > 32) k -= 32; 265 else if (k > 0) k--; 266 if (k > 0) { 267 k--; 268 k = (k|0x07) - (k&0x07); 269 k++; 270 } 271 perm[i*8+j] = (byte)k; 272 } 273 } 274 275 init_perm(IE3264, perm, 8); 276 277 // Compression, final permutation, bit reverse 278 for (int i=0; i<64; i++) { 279 int k = IP[CIFP[i]-1]; 280 if (k > 0) { 281 k--; 282 k = (k|0x07) - (k&0x07); 283 k++; 284 } 285 perm[k-1] = (byte)(i+1); 286 } 287 288 init_perm(CF6464, perm, 8); 289 290 // SPE table 291 for (int i=0; i<48; i++) 292 perm[i] = P32Tr[ExpandTr[i]-1]; 293 for (int t=0; t<8; t++) { 294 for (int j=0; j<64; j++) { 295 int k = (((j >> 0) & 0x01) << 5) | (((j >> 1) & 0x01) << 3) | 296 (((j >> 2) & 0x01) << 2) | (((j >> 3) & 0x01) << 1) | 297 (((j >> 4) & 0x01) << 0) | (((j >> 5) & 0x01) << 4); 298 k = S[t][k]; 299 k = (((k >> 3) & 0x01) << 0) | (((k >> 2) & 0x01) << 1) | 300 (((k >> 1) & 0x01) << 2) | (((k >> 0) & 0x01) << 3); 301 for (int i=0; i<32; i++) temp[i] = 0; 302 for (int i=0; i<4; i++) temp[4*t+i] = (byte)((k >> i) & 0x01); 303 long kk = 0; 304 for (int i=24; --i>=0; ) kk = ((kk<<1) | 305 ((long)temp[perm[i]-1])<<32 | 306 (temp[perm[i+24]-1])); 307 308 SPE[t][j] = to_six_bit(kk); 309 } 310 } 311 } 312 313 /** 314 * You can't call the constructer. 315 */ 316 private UnixCrypt() { } 317 318 /** 319 * Returns the transposed and split code of a 24-bit code 320 * into a 4-byte code, each having 6 bits. 321 */ 322 private static int to_six_bit(int num) { 323 return (((num << 26) & 0xfc000000) | ((num << 12) & 0xfc0000) | 324 ((num >> 2) & 0xfc00) | ((num >> 16) & 0xfc)); 325 } 326 327 /** 328 * Returns the transposed and split code of two 24-bit code 329 * into two 4-byte code, each having 6 bits. 330 */ 331 private static long to_six_bit(long num) { 332 return (((num << 26) & 0xfc000000fc000000L) | ((num << 12) & 0xfc000000fc0000L) | 333 ((num >> 2) & 0xfc000000fc00L) | ((num >> 16) & 0xfc000000fcL)); 334 } 335 336 /** 337 * Returns the permutation of the given 64-bit code with 338 * the specified permutataion table. 339 */ 340 private static long perm6464(long c, long[][]p) { 341 long out = 0L; 342 for (int i=8; --i>=0; ) { 343 int t = (int)(0x00ff & c); 344 c >>= 8; 345 long tp = p[i<<1][t&0x0f]; 346 out |= tp; 347 tp = p[(i<<1)+1][t>>4]; 348 out |= tp; 349 } 350 return out; 351 } 352 353 /** 354 * Returns the permutation of the given 32-bit code with 355 * the specified permutataion table. 356 */ 357 private static long perm3264(int c, long[][]p) { 358 long out = 0L; 359 for (int i=4; --i>=0; ) { 360 int t = (0x00ff & c); 361 c >>= 8; 362 long tp = p[i<<1][t&0x0f]; 363 out |= tp; 364 tp = p[(i<<1)+1][t>>4]; 365 out |= tp; 366 } 367 return out; 368 } 369 370 /** 371 * Returns the key schedule for the given key. 372 */ 373 private static long[] des_setkey(long keyword) { 374 long K = perm6464(keyword, PC1ROT); 375 long[] KS = new long[16]; 376 KS[0] = K&~0x0303030300000000L; 377 378 for (int i=1; i<16; i++) { 379 KS[i] = K; 380 K = perm6464(K, PC2ROT[Rotates[i]-1]); 381 382 KS[i] = K&~0x0303030300000000L; 383 } 384 return KS; 385 } 386 387 /** 388 * Returns the DES encrypted code of the given word with the specified 389 * environment. 390 */ 391 private static long des_cipher(long in, int salt, int num_iter, long[] KS) { 392 salt = to_six_bit(salt); 393 long L = in; 394 long R = L; 395 L &= 0x5555555555555555L; 396 R = (R & 0xaaaaaaaa00000000L) | ((R >> 1) & 0x0000000055555555L); 397 L = ((((L << 1) | (L << 32)) & 0xffffffff00000000L) | 398 ((R | (R >> 32)) & 0x00000000ffffffffL)); 399 400 L = perm3264((int)(L>>32), IE3264); 401 R = perm3264((int)(L&0xffffffff), IE3264); 402 403 while (--num_iter >= 0) { 404 for (int loop_count=0; loop_count<8; loop_count++) { 405 long kp; 406 long B; 407 long k; 408 409 kp = KS[(loop_count<<1)]; 410 k = ((R>>32) ^ R) & salt & 0xffffffffL; 411 k |= (k<<32); 412 B = (k ^ R ^ kp); 413 414 L ^= (SPE[0][(int)((B>>58)&0x3f)] ^ SPE[1][(int)((B>>50)&0x3f)] ^ 415 SPE[2][(int)((B>>42)&0x3f)] ^ SPE[3][(int)((B>>34)&0x3f)] ^ 416 SPE[4][(int)((B>>26)&0x3f)] ^ SPE[5][(int)((B>>18)&0x3f)] ^ 417 SPE[6][(int)((B>>10)&0x3f)] ^ SPE[7][(int)((B>>2)&0x3f)]); 418 419 kp = KS[(loop_count<<1)+1]; 420 k = ((L>>32) ^ L) & salt & 0xffffffffL; 421 k |= (k<<32); 422 B = (k ^ L ^ kp); 423 424 R ^= (SPE[0][(int)((B>>58)&0x3f)] ^ SPE[1][(int)((B>>50)&0x3f)] ^ 425 SPE[2][(int)((B>>42)&0x3f)] ^ SPE[3][(int)((B>>34)&0x3f)] ^ 426 SPE[4][(int)((B>>26)&0x3f)] ^ SPE[5][(int)((B>>18)&0x3f)] ^ 427 SPE[6][(int)((B>>10)&0x3f)] ^ SPE[7][(int)((B>>2)&0x3f)]); 428 } 429 // swap L and R 430 L ^= R; 431 R ^= L; 432 L ^= R; 433 } 434 L = ((((L>>35) & 0x0f0f0f0fL) | (((L&0xffffffff)<<1) & 0xf0f0f0f0L))<<32 | 435 (((R>>35) & 0x0f0f0f0fL) | (((R&0xffffffff)<<1) & 0xf0f0f0f0L))); 436 437 L = perm6464(L, CF6464); 438 439 return L; 440 } 441 442 /** 443 * Initializes the given permutation table with the mapping table. 444 */ 445 private static void init_perm(long[][] perm, byte[] p,int chars_out) { 446 for (int k=0; k<chars_out*8; k++) { 447 448 int l = p[k] - 1; 449 if (l < 0) continue; 450 int i = l>>2; 451 l = 1<<(l&0x03); 452 for (int j=0; j<16; j++) { 453 int s = ((k&0x07)+((7-(k>>3))<<3)); 454 if ((j & l) != 0x00) perm[i][j] |= (1L<<s); 455 } 456 } 457 } 458 459 /** 460 * Encrypts String into crypt (Unix) code. 461 * @param key the key to be encrypted 462 * @param setting the salt to be used 463 * @return the encrypted String 464 */ 465 @SuppressWarnings("deprecation") 466 public static String crypt(String key, String setting) 467 { 468 long constdatablock = 0L; /* encryption constant */ 469 byte[] cryptresult = new byte[13]; /* encrypted result */ 470 long keyword = 0L; 471 /* invalid parameters! */ 472 if(key==null||setting==null) 473 return "*"; // will NOT match under ANY circumstances! 474 475 int keylen = key.length(); 476 477 for (int i=0; i<8 ; i++) { 478 keyword = (keyword << 8) | ((i < keylen)? 2*key.charAt(i): 0); 479 } 480 481 long[] KS = des_setkey(keyword); 482 483 int salt = 0; 484 for (int i=2; --i>=0;) { 485 char c = (i < setting.length())? setting.charAt(i): '.'; 486 cryptresult[i] = (byte)c; 487 salt = (salt<<6) | (0x00ff&A64TOI[c]); 488 } 489 490 long rsltblock = des_cipher(constdatablock, salt, 25, KS); 491 492 cryptresult[12] = ITOA64[(((int)rsltblock)<<2)&0x3f]; 493 rsltblock >>= 4; 494 for (int i=12; --i>=2; ) { 495 cryptresult[i] = ITOA64[((int)rsltblock)&0x3f]; 496 rsltblock >>= 6; 497 } 498 499 return new String(cryptresult, 0x00, 0, 13); 500 } 501 502 public static void main(String[] arg) 503 { 504 if (arg.length!=2) 505 { 506 System.err.println( I18n.err( I18n.ERR_04439 ) ); 507 System.exit(1); 508 } 509 510 System.err.println( I18n.err( I18n.ERR_04440, crypt(arg[0],arg[1]) ) ); 511 } 512 513 }