Index: head/bin/ed/ed.1 =================================================================== --- head/bin/ed/ed.1 (revision 313328) +++ head/bin/ed/ed.1 (revision 313329) @@ -1,1005 +1,1001 @@ .\" $FreeBSD$ -.Dd October 2, 2016 +.Dd February 5, 2017 .Dt ED 1 .Os .Sh NAME .Nm ed , .Nm red .Nd text editor .Sh SYNOPSIS .Nm .Op Fl .Op Fl sx .Op Fl p Ar string .Op Ar file .Nm red .Op Fl .Op Fl sx .Op Fl p Ar string .Op Ar file .Sh DESCRIPTION The .Nm utility is a line-oriented text editor. It is used to create, display, modify and otherwise manipulate text files. When invoked as .Nm red , the editor runs in .Qq restricted mode, in which the only difference is that the editor restricts the use of filenames which start with .Ql \&! (interpreted as shell commands by .Nm ) or contain a .Ql \&/ . Note that editing outside of the current directory is only prohibited if the user does not have write access to the current directory. If a user has write access to the current directory, then symbolic links can be created in the current directory, in which case .Nm red will not stop the user from editing the file that the symbolic link points to. .Pp If invoked with a .Ar file argument, then a copy of .Ar file is read into the editor's buffer. Changes are made to this copy and not directly to .Ar file itself. Upon quitting .Nm , any changes not explicitly saved with a .Em w command are lost. .Pp Editing is done in two distinct modes: .Em command and .Em input . When first invoked, .Nm is in command mode. In this mode commands are read from the standard input and executed to manipulate the contents of the editor buffer. A typical command might look like: .Pp .Sm off .Cm ,s No / Em old Xo .No / Em new .No / Cm g .Xc .Sm on .Pp which replaces all occurrences of the string .Em old with .Em new . .Pp When an input command, such as .Em a (append), .Em i (insert) or .Em c (change), is given, .Nm enters input mode. This is the primary means of adding text to a file. In this mode, no commands are available; instead, the standard input is written directly to the editor buffer. Lines consist of text up to and including a .Em newline character. Input mode is terminated by entering a single period .Pq Em .\& on a line. .Pp All .Nm commands operate on whole lines or ranges of lines; e.g., the .Em d command deletes lines; the .Em m command moves lines, and so on. It is possible to modify only a portion of a line by means of replacement, as in the example above. However even here, the .Em s command is applied to whole lines at a time. .Pp In general, .Nm commands consist of zero or more line addresses, followed by a single character command and possibly additional parameters; i.e., commands have the structure: .Pp .Sm off .Xo .Op Ar address Op , Ar address .Ar command Op Ar parameters .Xc .Sm on .Pp The address(es) indicate the line or range of lines to be affected by the command. If fewer addresses are given than the command accepts, then default addresses are supplied. .Sh OPTIONS The following options are available: .Bl -tag -width indent .It Fl s Suppress diagnostics. This should be used if .Nm Ns 's standard input is from a script. .It Fl x Prompt for an encryption key to be used in subsequent reads and writes (see the .Em x command). .It Fl p Ar string Specify a command prompt. This may be toggled on and off with the .Em P command. .It Ar file Specify the name of a file to read. If .Ar file is prefixed with a bang (!), then it is interpreted as a shell command. In this case, what is read is the standard output of .Ar file executed via .Xr sh 1 . To read a file whose name begins with a bang, prefix the name with a backslash (\\). The default filename is set to .Ar file only if it is not prefixed with a bang. .El .Sh LINE ADDRESSING An address represents the number of a line in the buffer. The .Nm utility maintains a .Em current address which is typically supplied to commands as the default address when none is specified. When a file is first read, the current address is set to the last line of the file. In general, the current address is set to the last line affected by a command. .Pp A line address is constructed from one of the bases in the list below, optionally followed by a numeric offset. The offset may include any combination of digits, operators (i.e., .Em + , .Em - and .Em ^ ) and whitespace. Addresses are read from left to right, and their values are computed relative to the current address. .Pp One exception to the rule that addresses represent line numbers is the address .Em 0 (zero). This means "before the first line," and is legal wherever it makes sense. .Pp An address range is two addresses separated either by a comma or semi-colon. The value of the first address in a range cannot exceed the value of the second. If only one address is given in a range, then the second address is set to the given address. If an .Em n Ns -tuple of addresses is given where .Em "n\ >\ 2" , then the corresponding range is determined by the last two addresses in the .Em n Ns -tuple . If only one address is expected, then the last address is used. .Pp Each address in a comma-delimited range is interpreted relative to the current address. In a semi-colon-delimited range, the first address is used to set the current address, and the second address is interpreted relative to the first. .Pp The following address symbols are recognized: .Bl -tag -width indent .It . The current line (address) in the buffer. .It $ The last line in the buffer. .It n The .Em n Ns th line in the buffer where .Em n is a number in the range .Em [0,$] . .It - or ^ The previous line. This is equivalent to .Em -1 and may be repeated with cumulative effect. .It -n or ^n The .Em n Ns th previous line, where .Em n is a non-negative number. .It + The next line. This is equivalent to .Em +1 and may be repeated with cumulative effect. .It +n The .Em n Ns th next line, where .Em n is a non-negative number. .It , or % The first through last lines in the buffer. This is equivalent to the address range .Em 1,$ . .It ; The current through last lines in the buffer. This is equivalent to the address range .Em .,$ . .It /re/ The next line containing the regular expression .Em re . The search wraps to the beginning of the buffer and continues down to the current line, if necessary. // repeats the last search. .It ?re? The previous line containing the regular expression .Em re . The search wraps to the end of the buffer and continues up to the current line, if necessary. ?? repeats the last search. .It 'lc The line previously marked by a .Em k (mark) command, where .Em lc is a lower case letter. .El .Sh REGULAR EXPRESSIONS Regular expressions are patterns used in selecting text. For example, the command: .Pp .Sm off .Cm g No / Em string Xo .No / .Xc .Sm on .Pp prints all lines containing .Em string . Regular expressions are also used by the .Em s command for selecting old text to be replaced with new. .Pp In addition to a specifying string literals, regular expressions can represent classes of strings. Strings thus represented are said to be matched by the corresponding regular expression. If it is possible for a regular expression to match several strings in a line, then the left-most longest match is the one selected. .Pp The following symbols are used in constructing regular expressions: .Bl -tag -width indent .It c Any character .Em c not listed below, including .Ql \&{ , .Ql \&} , .Ql \&( , .Ql \&) , .Ql < and .Ql > , matches itself. .It Pf \e c Any backslash-escaped character .Em c , except for .Ql \&{ , .Ql \&} , .Ql \&( , .Ql \&) , .Ql < and .Ql > , matches itself. .It . Match any single character. .It Op char-class Match any single character in .Em char-class . To include a .Ql \&] in .Em char-class , it must be the first character. A range of characters may be specified by separating the end characters of the range with a .Ql - , e.g., .Ql a-z specifies the lower case characters. The following literal expressions can also be used in .Em char-class to specify sets of characters: .Pp .Bl -column "[:alnum:]" "[:cntrl:]" "[:lower:]" "[:xdigit:]" -compact .It [:alnum:] Ta [:cntrl:] Ta [:lower:] Ta [:space:] .It [:alpha:] Ta [:digit:] Ta [:print:] Ta [:upper:] .It [:blank:] Ta [:graph:] Ta [:punct:] Ta [:xdigit:] .El .Pp If .Ql - appears as the first or last character of .Em char-class , then it matches itself. All other characters in .Em char-class match themselves. .Pp Patterns in .Em char-class of the form: .Pp .Bl -item -compact -offset 2n .It .Op \&. Ns Ar col-elm Ns .\& or, .It .Op = Ns Ar col-elm Ns = .El .Pp where .Ar col-elm is a .Em collating element are interpreted according to the current locale settings (not currently supported). See .Xr regex 3 and .Xr re_format 7 for an explanation of these constructs. .It Op ^char-class Match any single character, other than newline, not in .Em char-class . .Em Char-class is defined as above. .It ^ If .Em ^ is the first character of a regular expression, then it anchors the regular expression to the beginning of a line. Otherwise, it matches itself. .It $ If .Em $ is the last character of a regular expression, it anchors the regular expression to the end of a line. Otherwise, it matches itself. .It Pf \e < Anchor the single character regular expression or subexpression immediately following it to the beginning of a word. (This may not be available) .It Pf \e > Anchor the single character regular expression or subexpression immediately following it to the end of a word. (This may not be available) .It Pf \e (re\e) Define a subexpression .Em re . Subexpressions may be nested. A subsequent backreference of the form .Pf \e Em n , where .Em n is a number in the range [1,9], expands to the text matched by the .Em n Ns th subexpression. For example, the regular expression .Ql \e(.*\e)\e1 matches any string consisting of identical adjacent substrings. Subexpressions are ordered relative to their left delimiter. .It * Match the single character regular expression or subexpression immediately preceding it zero or more times. If .Em * is the first character of a regular expression or subexpression, then it matches itself. The .Em * operator sometimes yields unexpected results. For example, the regular expression .Ql b* matches the beginning of the string .Ql abbb (as opposed to the substring .Ql bbb ) , since a null match is the only left-most match. .It \e{n,m\e} or \e{n,\e} or \e{n\e} Match the single character regular expression or subexpression immediately preceding it at least .Em n and at most .Em m times. If .Em m is omitted, then it matches at least .Em n times. If the comma is also omitted, then it matches exactly .Em n times. .El .Pp Additional regular expression operators may be defined depending on the particular .Xr regex 3 implementation. .Sh COMMANDS All .Nm commands are single characters, though some require additional parameters. If a command's parameters extend over several lines, then each line except for the last must be terminated with a backslash (\\). .Pp In general, at most one command is allowed per line. However, most commands accept a print suffix, which is any of .Em p (print), .Em l (list), or .Em n (enumerate), to print the last line affected by the command. .Pp An interrupt (typically ^C) has the effect of aborting the current command and returning the editor to command mode. .Pp The .Nm utility recognizes the following commands. The commands are shown together with the default address or address range supplied if none is specified (in parenthesis). .Bl -tag -width indent .It (.)a Append text to the buffer after the addressed line. Text is entered in input mode. The current address is set to last line entered. .It (.,.)c Change lines in the buffer. The addressed lines are deleted from the buffer, and text is appended in their place. Text is entered in input mode. The current address is set to last line entered. .It (.,.)d Delete the addressed lines from the buffer. If there is a line after the deleted range, then the current address is set to this line. Otherwise the current address is set to the line before the deleted range. .It e Ar file Edit .Ar file , and sets the default filename. If .Ar file is not specified, then the default filename is used. Any lines in the buffer are deleted before the new file is read. The current address is set to the last line read. .It e Ar !command Edit the standard output of .Ar !command , (see .Ar !command below). The default filename is unchanged. Any lines in the buffer are deleted before the output of .Ar command is read. The current address is set to the last line read. .It E Ar file Edit .Ar file unconditionally. This is similar to the .Em e command, except that unwritten changes are discarded without warning. The current address is set to the last line read. .It f Ar file Set the default filename to .Ar file . If .Ar file is not specified, then the default unescaped filename is printed. .It (1,$)g/re/command-list Apply .Ar command-list to each of the addressed lines matching a regular expression .Ar re . The current address is set to the line currently matched before .Ar command-list is executed. At the end of the .Em g command, the current address is set to the last line affected by .Ar command-list . .Pp Each command in .Ar command-list must be on a separate line, and every line except for the last must be terminated by a backslash (\\). Any commands are allowed, except for .Em g , .Em G , .Em v , and .Em V . A newline alone in .Ar command-list is equivalent to a .Em p command. .It (1,$)G/re/ Interactively edit the addressed lines matching a regular expression .Ar re . For each matching line, the line is printed, the current address is set, and the user is prompted to enter a .Ar command-list . At the end of the .Em G command, the current address is set to the last line affected by (the last) .Ar command-list . .Pp The format of .Ar command-list is the same as that of the .Em g command. A newline alone acts as a null command list. A single .Ql & repeats the last non-null command list. .It H Toggle the printing of error explanations. By default, explanations are not printed. It is recommended that ed scripts begin with this command to aid in debugging. .It h Print an explanation of the last error. .It (.)i Insert text in the buffer before the current line. Text is entered in input mode. The current address is set to the last line entered. .It (.,.+1)j Join the addressed lines. The addressed lines are deleted from the buffer and replaced by a single line containing their joined text. The current address is set to the resultant line. .It (.)klc Mark a line with a lower case letter .Em lc . The line can then be addressed as .Em 'lc (i.e., a single quote followed by .Em lc ) in subsequent commands. The mark is not cleared until the line is deleted or otherwise modified. .It (.,.)l Print the addressed lines unambiguously. If a single line fills more than one screen (as might be the case when viewing a binary file, for instance), a .Dq Li --More-- prompt is printed on the last line. The .Nm utility waits until the RETURN key is pressed before displaying the next screen. The current address is set to the last line printed. .It (.,.)m(.) Move lines in the buffer. The addressed lines are moved to after the right-hand destination address, which may be the address .Em 0 (zero). The current address is set to the last line moved. .It (.,.)n Print the addressed lines along with their line numbers. The current address is set to the last line printed. .It (.,.)p Print the addressed lines. The current address is set to the last line printed. .It P Toggle the command prompt on and off. Unless a prompt was specified by with command-line option .Fl p Ar string , the command prompt is by default turned off. .It q Quit .Nm . .It Q Quit .Nm unconditionally. This is similar to the .Em q command, except that unwritten changes are discarded without warning. .It ($)r Ar file Read .Ar file to after the addressed line. If .Ar file is not specified, then the default filename is used. If there was no default filename prior to the command, then the default filename is set to .Ar file . Otherwise, the default filename is unchanged. The current address is set to the last line read. .It ($)r Ar !command Read to after the addressed line the standard output of .Ar !command , (see the .Ar !command below). The default filename is unchanged. The current address is set to the last line read. .It (.,.)s/re/replacement/ .It (.,.)s/re/replacement/g .It (.,.)s/re/replacement/n Replace text in the addressed lines matching a regular expression .Ar re with .Ar replacement . By default, only the first match in each line is replaced. If the .Em g (global) suffix is given, then every match to be replaced. The .Em n suffix, where .Em n is a positive number, causes only the .Em n Ns th match to be replaced. It is an error if no substitutions are performed on any of the addressed lines. The current address is set the last line affected. .Pp .Ar \&Re and .Ar replacement may be delimited by any character other than space and newline (see the .Em s command below). If one or two of the last delimiters is omitted, then the last line affected is printed as though the print suffix .Em p were specified. .Pp An unescaped .Ql & in .Ar replacement is replaced by the currently matched text. The character sequence .Em \em , where .Em m is a number in the range [1,9], is replaced by the .Em m th backreference expression of the matched text. If .Ar replacement consists of a single .Ql % , then .Ar replacement from the last substitution is used. Newlines may be embedded in .Ar replacement if they are escaped with a backslash (\\). .It (.,.)s Repeat the last substitution. This form of the .Em s command accepts a count suffix .Em n , or any combination of the characters .Em r , .Em g , and .Em p . If a count suffix .Em n is given, then only the .Em n Ns th match is replaced. The .Em r suffix causes the regular expression of the last search to be used instead of the that of the last substitution. The .Em g suffix toggles the global suffix of the last substitution. The .Em p suffix toggles the print suffix of the last substitution The current address is set to the last line affected. .It (.,.)t(.) Copy (i.e., transfer) the addressed lines to after the right-hand destination address, which may be the address .Em 0 (zero). The current address is set to the last line copied. .It u Undo the last command and restores the current address to what it was before the command. The global commands .Em g , .Em G , .Em v , and .Em V . are treated as a single command by undo. .Em u is its own inverse. .It (1,$)v/re/command-list Apply .Ar command-list to each of the addressed lines not matching a regular expression .Ar re . This is similar to the .Em g command. .It (1,$)V/re/ Interactively edit the addressed lines not matching a regular expression .Ar re . This is similar to the .Em G command. .It (1,$)w Ar file Write the addressed lines to .Ar file . Any previous contents of .Ar file is lost without warning. If there is no default filename, then the default filename is set to .Ar file , otherwise it is unchanged. If no filename is specified, then the default filename is used. The current address is unchanged. .It (1,$)wq Ar file Write the addressed lines to .Ar file , and then executes a .Em q command. .It (1,$)w Ar !command Write the addressed lines to the standard input of .Ar !command , (see the .Em !command below). The default filename and current address are unchanged. .It (1,$)W Ar file Append the addressed lines to the end of .Ar file . This is similar to the .Em w command, expect that the previous contents of file is not clobbered. The current address is unchanged. .It x Prompt for an encryption key which is used in subsequent reads and writes. If a newline alone is entered as the key, then encryption is turned off. Otherwise, echoing is disabled while a key is read. -Encryption/decryption is done using the -.Xr bdes 1 -algorithm. .It Pf (.+1)z n Scroll .Ar n lines at a time starting at addressed line. If .Ar n is not specified, then the current window size is used. The current address is set to the last line printed. .It !command Execute .Ar command via .Xr sh 1 . If the first character of .Ar command is .Ql \&! , then it is replaced by text of the previous .Ar !command . The .Nm utility does not process .Ar command for backslash (\\) escapes. However, an unescaped .Em % is replaced by the default filename. When the shell returns from execution, a .Ql \&! is printed to the standard output. The current line is unchanged. .It ($)= Print the line number of the addressed line. .It (.+1)newline Print the addressed line, and sets the current address to that line. .El .Sh FILES .Bl -tag -width /tmp/ed.* -compact .It Pa /tmp/ed.* buffer file .It Pa ed.hup the file to which .Nm attempts to write the buffer if the terminal hangs up .El .Sh DIAGNOSTICS When an error occurs, .Nm prints a .Ql \&? and either returns to command mode or exits if its input is from a script. An explanation of the last error can be printed with the .Em h (help) command. .Pp Since the .Em g (global) command masks any errors from failed searches and substitutions, it can be used to perform conditional operations in scripts; e.g., .Pp .Sm off .Cm g No / Em old Xo .No / Cm s .No // Em new .No / .Xc .Sm on .Pp replaces any occurrences of .Em old with .Em new . If the .Em u (undo) command occurs in a global command list, then the command list is executed only once. .Pp If diagnostics are not disabled, attempting to quit .Nm or edit another file before writing a modified buffer results in an error. If the command is entered a second time, it succeeds, but any changes to the buffer are lost. .Sh SEE ALSO -.Xr bdes 1 , .Xr sed 1 , .Xr sh 1 , .Xr vi 1 , .Xr regex 3 .Pp USD:12-13 .Rs .%A B. W. Kernighan .%A P. J. Plauger .%B Software Tools in Pascal .%O Addison-Wesley .%D 1981 .Re .Sh LIMITATIONS The .Nm utility processes .Ar file arguments for backslash escapes, i.e., in a filename, any characters preceded by a backslash (\\) are interpreted literally. .Pp If a text (non-binary) file is not terminated by a newline character, then .Nm appends one on reading/writing it. In the case of a binary file, .Nm does not append a newline on reading/writing. .Pp per line overhead: 4 ints .Sh HISTORY An .Nm command appeared in .At v1 . .Sh BUGS The .Nm utility does not recognize multibyte characters. Index: head/secure/usr.bin/bdes/bdes.1 =================================================================== --- head/secure/usr.bin/bdes/bdes.1 (revision 313328) +++ head/secure/usr.bin/bdes/bdes.1 (nonexistent) @@ -1,390 +0,0 @@ -.\" Copyright (c) 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" This code is derived from software contributed to Berkeley by -.\" Matt Bishop of Dartmouth College. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)bdes.1 8.1 (Berkeley) 6/29/93 -.\" $FreeBSD$ -.\" -.Dd September 20, 2013 -.Dt BDES 1 -.Os -.Sh NAME -.Nm bdes -.Nd "encrypt / decrypt using the Data Encryption Standard (DES)" -.Sh SYNOPSIS -.Nm -.Op Fl abdp -.Op Fl F Ar N -.Op Fl f Ar N -.Op Fl k Ar key -.Op Fl m Ar N -.Op Fl o Ar N -.Op Fl v Ar vector -.Sh DESCRIPTION -.Bf -symbolic -The DES cipher should no longer be considered secure. -Please consider using a more modern alternative. -.Ef -.Pp -The -.Nm -utility implements all -.Tn DES -modes of operation described in -.%T "FIPS PUB 81" , -including alternative cipher feedback mode and both authentication -modes. -The -.Nm -utility reads from the standard input -and writes to the standard output. -By default, -the input is encrypted -using cipher block chaining (CBC) mode. -Using the same key -for encryption and decryption -preserves plain text. -.Pp -All modes but the electronic code book (ECB) mode -require an initialization vector; -if none is supplied, -the zero vector is used. -If no -.Ar key -is specified on the command line, -the user is prompted for one (see -.Xr getpass 3 -for more details). -.Pp -The options are as follows: -.Bl -tag -width indent -.It Fl a -The key and initialization vector strings -are to be taken as -.Tn ASCII , -suppressing the special interpretation given to leading -.Dq Li 0X , -.Dq Li 0x , -.Dq Li 0B , -and -.Dq Li 0b -characters. -This flag applies to -.Em both -the key and initialization vector. -.It Fl b -Use ECB mode. -.It Fl d -Decrypt the input. -.It Fl F Ar N -Use -.Ar N Ns \-bit -alternative CFB mode. -Currently -.Ar N -must be a multiple of 7 -between 7 and 56 inclusive -(this does not conform to the alternative CFB mode specification). -.It Fl f Ar N -Use -.Ar N Ns \-bit -CFB mode. -Currently -.Ar N -must be a multiple of 8 between 8 and 64 inclusive (this does not conform -to the standard CFB mode specification). -.It Fl k Ar key -Use -.Ar key -as the cryptographic key. -.It Fl m Ar N -Compute a message authentication code (MAC) of -.Ar N -bits on the input. -The value of -.Ar N -must be between 1 and 64 inclusive; if -.Ar N -is not a multiple of 8, -enough 0 bits will be added -to pad the MAC length -to the nearest multiple of 8. -Only the MAC is output. -MACs are only available -in CBC mode -or in CFB mode. -.It Fl o Ar N -Use -.Ar N Ns \-bit -output feedback (OFB) mode. -Currently -.Ar N -must be a multiple of 8 between 8 and 64 inclusive (this does not conform -to the OFB mode specification). -.It Fl p -Disable the resetting of the parity bit. -This flag forces -the parity bit of the key -to be used as typed, -rather than making -each character be of odd parity. -It is used only if the key is given in -.Tn ASCII . -.It Fl v Ar vector -Set the initialization vector to -.Ar vector ; -the vector is interpreted in the same way as the key. -The vector is ignored in ECB mode. -.El -.Pp -The key and initialization vector -are taken as sequences of -.Tn ASCII -characters which are then mapped -into their bit representations. -If either begins with -.Dq Li 0X -or -.Dq Li 0x , -that one is taken -as a sequence of hexadecimal digits -indicating the bit pattern; -if either begins with -.Dq Li 0B -or -.Dq Li 0b , -that one is taken -as a sequence of binary digits -indicating the bit pattern. -In either case, -only the leading 64 bits -of the key or initialization vector -are used, -and if fewer than 64 bits are provided, -enough 0 bits are appended -to pad the key to 64 bits. -.Pp -According to the -.Tn DES -standard, -the low-order bit of each character -in the key string is deleted. -Since most -.Tn ASCII -representations -set the high-order bit to 0, -simply deleting the low-order bit -effectively reduces the size of the key space -from 2^56 to 2^48 keys. -To prevent this, -the high-order bit must be a function -depending in part upon the low-order bit; -so, -the high-order bit is set -to whatever value gives odd parity. -This preserves the key space size. -Note this resetting of the parity bit is -.Em not -done if the key -is given in binary or hex, -and can be disabled for -.Tn ASCII -keys as well. -.Sh IMPLEMENTATION NOTES -For implementors wishing to write -software compatible with this program, -the following notes are provided. -This software is believed -to be compatible with the implementation -of the data encryption standard -distributed by Sun Microsystems, Inc. -.Pp -In the ECB and CBC modes, -plaintext is encrypted in units of 64 bits -(8 bytes, also called a block). -To ensure that the plaintext file -is encrypted correctly, -.Nm -will (internally) append from 1 to 8 bytes, -the last byte containing an integer -stating how many bytes of that final block -are from the plaintext file, -and encrypt the resulting block. -Hence, -when decrypting, -the last block may contain from 0 to 7 characters -present in the plaintext file, -and the last byte tells how many. -Note that if during decryption -the last byte of the file -does not contain an integer between 0 and 7, -either the file has been corrupted -or an incorrect key has been given. -A similar mechanism is used -for the OFB and CFB modes, -except that those -simply require the length of the input -to be a multiple of the mode size, -and the final byte contains an integer -between 0 and one less than the number -of bytes being used as the mode. -(This was another reason -that the mode size must be -a multiple of 8 for those modes.) -.Pp -Unlike Sun's implementation, -unused bytes of that last block -are not filled with random data, -but instead contain -what was in those byte positions -in the preceding block. -This is quicker and more portable, -and does not weaken the encryption significantly. -.Pp -If the key is entered in -.Tn ASCII , -the parity bits of the key characters -are set so that each key character -is of odd parity. -Unlike Sun's implementation, -it is possible to enter binary or hexadecimal -keys on the command line, -and if this is done, -the parity bits are -.Em not -reset. -This allows testing -using arbitrary bit patterns as keys. -.Pp -The Sun implementation -always uses an initialization vector of 0 -(that is, all zeroes). -By default, -.Nm -does too, -but this may be changed -from the command line. -.Sh SEE ALSO -.Xr getpass 3 -.Rs -.%T "Data Encryption Standard" -.%R "Federal Information Processing Standard #46" -.%Q "National Bureau of Standards, U.S. Department of Commerce, Washington DC" -.%D "January 1977" -.Re -.Rs -.%T "DES Modes of Operation" -.%R "Federal Information Processing Standard #81" -.%Q "National Bureau of Standards, U.S. Department of Commerce, Washington DC" -.%D "December 1980" -.Re -.Rs -.%A "Dorothy Denning" -.%B "Cryptography and Data Security" -.%Q "Addison-Wesley Publishing Co., Reading, MA" -.%D 1982 -.Re -.Rs -.%A "Matt Bishop" -.%T "Implementation Notes on bdes(1)" -.%R "Technical Report PCS-TR-91-158" -.%Q "Department of Mathematics and Computer Science, Dartmouth College, Hanover, NH 03755" -.%D "April 1991" -.Re -.Sh DISCLAIMER -.Bd -literal -THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. -.Ed -.Sh BUGS -As the key or key schedule -is stored in memory, -the encryption can be -compromised if memory is readable. -Additionally, -programs which display programs' arguments -may compromise the key and initialization vector, -if they are specified on the command line. -To avoid this -.Nm -overwrites its arguments, -however, -the obvious race -cannot currently be avoided. -.Pp -Certain specific keys -should be avoided -because they introduce -potential weaknesses; -these keys, -called the -.Em weak -and -.Em semiweak -keys, are (in hex notation, where -.Ar p -is either 0 or 1, and -.Ar P -is either -.Ql e -or -.Ql f ) : -.Bl -column "0x0p0p0p0p0p0p0p0p" -offset indent -.It "0x0p0p0p0p0p0p0p0p 0x0p1P0p1P0p0P0p0P" -.It "0x0pep0pep0pfp0pfp 0x0pfP0pfP0pfP0pfP" -.It "0x1P0p1P0p0P0p0P0p 0x1P1P1P1P0P0P0P0P" -.It "0x1Pep1Pep0Pfp0Pfp 0x1PfP1PfP0PfP0PfP" -.It "0xep0pep0pfp0pfp0p 0xep1Pep1pfp0Pfp0P" -.It "0xepepepepepepepep 0xepfPepfPfpfPfpfP" -.It "0xfP0pfP0pfP0pfP0p 0xfP1PfP1PfP0PfP0P" -.It "0xfPepfPepfPepfPep 0xfPfPfPfPfPfPfPfP" -.El -.Pp -This is inherent in the -.Tn DES -algorithm; -see -.Rs -.%A Moore -.%A Simmons -.%T "Cycle structure of the DES with weak and semi-weak keys" -.%B "Advances in Cryptology \- Crypto '86 Proceedings" -.%Q "Springer-Verlag New York" -.%D 1987 -.%P "pp. 9-32" -.Re Property changes on: head/secure/usr.bin/bdes/bdes.1 ___________________________________________________________________ Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Index: head/secure/usr.bin/bdes/Makefile.depend =================================================================== --- head/secure/usr.bin/bdes/Makefile.depend (revision 313328) +++ head/secure/usr.bin/bdes/Makefile.depend (nonexistent) @@ -1,19 +0,0 @@ -# $FreeBSD$ -# Autogenerated - do NOT edit! - -DIRDEPS = \ - gnu/lib/csu \ - gnu/lib/libgcc \ - include \ - include/xlocale \ - lib/${CSU_DIR} \ - lib/libc \ - lib/libcompiler_rt \ - secure/lib/libcrypto \ - - -.include - -.if ${DEP_RELDIR} == ${_DEP_RELDIR} -# local dependencies - needed for -jN in clean tree -.endif Property changes on: head/secure/usr.bin/bdes/Makefile.depend ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/secure/usr.bin/bdes/bdes.c =================================================================== --- head/secure/usr.bin/bdes/bdes.c (revision 313328) +++ head/secure/usr.bin/bdes/bdes.c (nonexistent) @@ -1,1005 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Matt Bishop of Dartmouth College. - * - * The United States Government has rights in this work pursuant - * to contract no. NAG 2-680 between the National Aeronautics and - * Space Administration and Dartmouth College. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifndef lint -static const char copyright[] = -"@(#) Copyright (c) 1991, 1993\n\ - The Regents of the University of California. All rights reserved.\n"; -#endif /* not lint */ - -#ifndef lint -#if 0 -static char sccsid[] = "@(#)bdes.c 8.1 (Berkeley) 6/6/93"; -#endif -#endif /* not lint */ - -/* - * BDES -- DES encryption package for Berkeley Software Distribution 4.4 - * options: - * -a key is in ASCII - * -b use ECB (electronic code book) mode - * -d invert (decrypt) input - * -f b use b-bit CFB (cipher feedback) mode - * -F b use b-bit CFB (cipher feedback) alternative mode - * -k key use key as the cryptographic key - * -m b generate a MAC of length b - * -o b use b-bit OFB (output feedback) mode - * -p don't reset the parity bit - * -v v use v as the initialization vector (ignored for ECB) - * note: the last character of the last block is the integer indicating - * how many characters of that block are to be output - * - * Author: Matt Bishop - * Department of Mathematics and Computer Science - * Dartmouth College - * Hanover, NH 03755 - * Email: Matt.Bishop@dartmouth.edu - * ...!decvax!dartvax!Matt.Bishop - * - * See Technical Report PCS-TR91-158, Department of Mathematics and Computer - * Science, Dartmouth College, for a detailed description of the implemen- - * tation and differences between it and Sun's. The DES is described in - * FIPS PUB 46, and the modes in FIPS PUB 81 (see either the manual page - * or the technical report for a complete reference). - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include -#include -#include -#include -#include -#include - -#include - -/* - * BSD and System V systems offer special library calls that do - * block moves and fills, so if possible we take advantage of them - */ -#define MEMCPY(dest,src,len) bcopy((src),(dest),(len)) -#define MEMZERO(dest,len) bzero((dest),(len)) - -#define DES_XFORM(buf) \ - DES_ecb_encrypt(buf, buf, &schedule, \ - mode == MODE_ENCRYPT ? DES_ENCRYPT : DES_DECRYPT); - -/* - * this does an error-checking write - */ -#define READ(buf, n) fread(buf, sizeof(char), n, stdin) -#define WRITE(buf,n) \ - if (fwrite(buf, sizeof(char), n, stdout) != n) \ - warnx("fwrite error at %d", n); - -/* - * global variables and related macros - */ -#define KEY_DEFAULT 0 /* interpret radix of key from key */ -#define KEY_ASCII 1 /* key is in ASCII characters */ -int keybase = KEY_DEFAULT; /* how to interpret the key */ - -enum { /* encrypt, decrypt, authenticate */ - MODE_ENCRYPT, MODE_DECRYPT, MODE_AUTHENTICATE -} mode = MODE_ENCRYPT; - -enum { /* ecb, cbc, cfb, cfba, ofb? */ - ALG_ECB, ALG_CBC, ALG_CFB, ALG_OFB, ALG_CFBA -} alg = ALG_CBC; - -DES_cblock ivec; /* initialization vector */ - -char bits[] = { /* used to extract bits from a char */ - '\200', '\100', '\040', '\020', '\010', '\004', '\002', '\001' -}; - -int inverse; /* 0 to encrypt, 1 to decrypt */ -int macbits = -1; /* number of bits in authentication */ -int fbbits = -1; /* number of feedback bits */ -int pflag; /* 1 to preserve parity bits */ - -DES_key_schedule schedule; /* expanded DES key */ - -static void ecbenc(void); -static void ecbdec(void); -static void cbcenc(void); -static void cbcdec(void); -static void cfbenc(void); -static void cfbdec(void); -static void cfbaenc(void); -static void cfbadec(void); -static void ofbenc(void); -static void ofbdec(void); - -static void cbcauth(void); -static void cfbauth(void); - -static void cvtkey(DES_cblock, char *); -static int setbits(char *, int); -static void makekey(DES_cblock *); -static int tobinhex(char, int); - -static void usage(void); - -int -main(int argc, char *argv[]) -{ - extern char *optarg; /* argument to option if any */ - int i; /* counter in a for loop */ - char *p; /* used to obtain the key */ - DES_cblock msgbuf; /* I/O buffer */ - int kflag; /* command-line encryption key */ - - setproctitle("-"); /* Hide command-line arguments */ - - /* initialize the initialization vector */ - MEMZERO(ivec, 8); - - /* process the argument list */ - kflag = 0; - while ((i = getopt(argc, argv, "abdF:f:k:m:o:pv:")) != -1) - switch(i) { - case 'a': /* key is ASCII */ - keybase = KEY_ASCII; - break; - case 'b': /* use ECB mode */ - alg = ALG_ECB; - break; - case 'd': /* decrypt */ - mode = MODE_DECRYPT; - break; - case 'F': /* use alternative CFB mode */ - alg = ALG_CFBA; - if ((fbbits = setbits(optarg, 7)) > 56 || fbbits == 0) - errx(1, "-F: number must be 1-56 inclusive"); - else if (fbbits == -1) - errx(1, "-F: number must be a multiple of 7"); - break; - case 'f': /* use CFB mode */ - alg = ALG_CFB; - if ((fbbits = setbits(optarg, 8)) > 64 || fbbits == 0) - errx(1, "-f: number must be 1-64 inclusive"); - else if (fbbits == -1) - errx(1, "-f: number must be a multiple of 8"); - break; - case 'k': /* encryption key */ - kflag = 1; - cvtkey(msgbuf, optarg); - break; - case 'm': /* number of bits for MACing */ - mode = MODE_AUTHENTICATE; - if ((macbits = setbits(optarg, 1)) > 64) - errx(1, "-m: number must be 0-64 inclusive"); - break; - case 'o': /* use OFB mode */ - alg = ALG_OFB; - if ((fbbits = setbits(optarg, 8)) > 64 || fbbits == 0) - errx(1, "-o: number must be 1-64 inclusive"); - else if (fbbits == -1) - errx(1, "-o: number must be a multiple of 8"); - break; - case 'p': /* preserve parity bits */ - pflag = 1; - break; - case 'v': /* set initialization vector */ - cvtkey(ivec, optarg); - break; - default: /* error */ - usage(); - } - - if (!kflag) { - /* - * if the key's not ASCII, assume it is - */ - keybase = KEY_ASCII; - /* - * get the key - */ - p = getpass("Enter key: "); - /* - * copy it, nul-padded, into the key area - */ - cvtkey(msgbuf, p); - } - - makekey(&msgbuf); - inverse = (alg == ALG_CBC || alg == ALG_ECB) && mode == MODE_DECRYPT; - - switch(alg) { - case ALG_CBC: - switch(mode) { - case MODE_AUTHENTICATE: /* authenticate using CBC mode */ - cbcauth(); - break; - case MODE_DECRYPT: /* decrypt using CBC mode */ - cbcdec(); - break; - case MODE_ENCRYPT: /* encrypt using CBC mode */ - cbcenc(); - break; - } - break; - case ALG_CFB: - switch(mode) { - case MODE_AUTHENTICATE: /* authenticate using CFB mode */ - cfbauth(); - break; - case MODE_DECRYPT: /* decrypt using CFB mode */ - cfbdec(); - break; - case MODE_ENCRYPT: /* encrypt using CFB mode */ - cfbenc(); - break; - } - break; - case ALG_CFBA: - switch(mode) { - case MODE_AUTHENTICATE: /* authenticate using CFBA mode */ - errx(1, "can't authenticate with CFBA mode"); - break; - case MODE_DECRYPT: /* decrypt using CFBA mode */ - cfbadec(); - break; - case MODE_ENCRYPT: /* encrypt using CFBA mode */ - cfbaenc(); - break; - } - break; - case ALG_ECB: - switch(mode) { - case MODE_AUTHENTICATE: /* authenticate using ECB mode */ - errx(1, "can't authenticate with ECB mode"); - break; - case MODE_DECRYPT: /* decrypt using ECB mode */ - ecbdec(); - break; - case MODE_ENCRYPT: /* encrypt using ECB mode */ - ecbenc(); - break; - } - break; - case ALG_OFB: - switch(mode) { - case MODE_AUTHENTICATE: /* authenticate using OFB mode */ - errx(1, "can't authenticate with OFB mode"); - break; - case MODE_DECRYPT: /* decrypt using OFB mode */ - ofbdec(); - break; - case MODE_ENCRYPT: /* encrypt using OFB mode */ - ofbenc(); - break; - } - break; - } - return (0); -} - -/* - * map a hex character to an integer - */ -static int -tobinhex(char c, int radix) -{ - switch(c) { - case '0': return(0x0); - case '1': return(0x1); - case '2': return(radix > 2 ? 0x2 : -1); - case '3': return(radix > 3 ? 0x3 : -1); - case '4': return(radix > 4 ? 0x4 : -1); - case '5': return(radix > 5 ? 0x5 : -1); - case '6': return(radix > 6 ? 0x6 : -1); - case '7': return(radix > 7 ? 0x7 : -1); - case '8': return(radix > 8 ? 0x8 : -1); - case '9': return(radix > 9 ? 0x9 : -1); - case 'A': case 'a': return(radix > 10 ? 0xa : -1); - case 'B': case 'b': return(radix > 11 ? 0xb : -1); - case 'C': case 'c': return(radix > 12 ? 0xc : -1); - case 'D': case 'd': return(radix > 13 ? 0xd : -1); - case 'E': case 'e': return(radix > 14 ? 0xe : -1); - case 'F': case 'f': return(radix > 15 ? 0xf : -1); - } - /* - * invalid character - */ - return(-1); -} - -/* - * convert the key to a bit pattern - */ -static void -cvtkey(DES_cblock obuf, char *ibuf) -{ - int i, j; /* counter in a for loop */ - int nbuf[64]; /* used for hex/key translation */ - - /* - * just switch on the key base - */ - switch(keybase) { - case KEY_ASCII: /* ascii to integer */ - (void)strncpy(obuf, ibuf, 8); - return; - case KEY_DEFAULT: /* tell from context */ - /* - * leading '0x' or '0X' == hex key - */ - if (ibuf[0] == '0' && (ibuf[1] == 'x' || ibuf[1] == 'X')) { - ibuf = &ibuf[2]; - /* - * now translate it, bombing on any illegal hex digit - */ - for (i = 0; ibuf[i] && i < 16; i++) - if ((nbuf[i] = tobinhex(ibuf[i], 16)) == -1) - warnx("bad hex digit in key"); - while (i < 16) - nbuf[i++] = 0; - for (i = 0; i < 8; i++) - obuf[i] = - ((nbuf[2*i]&0xf)<<4) | (nbuf[2*i+1]&0xf); - /* preserve parity bits */ - pflag = 1; - return; - } - /* - * leading '0b' or '0B' == binary key - */ - if (ibuf[0] == '0' && (ibuf[1] == 'b' || ibuf[1] == 'B')) { - ibuf = &ibuf[2]; - /* - * now translate it, bombing on any illegal binary digit - */ - for (i = 0; ibuf[i] && i < 16; i++) - if ((nbuf[i] = tobinhex(ibuf[i], 2)) == -1) - warnx("bad binary digit in key"); - while (i < 64) - nbuf[i++] = 0; - for (i = 0; i < 8; i++) - for (j = 0; j < 8; j++) - obuf[i] = (obuf[i]<<1)|nbuf[8*i+j]; - /* preserve parity bits */ - pflag = 1; - return; - } - /* - * no special leader -- ASCII - */ - (void)strncpy(obuf, ibuf, 8); - } -} - -/* - * convert an ASCII string into a decimal number: - * 1. must be between 0 and 64 inclusive - * 2. must be a valid decimal number - * 3. must be a multiple of mult - */ -static int -setbits(char *s, int mult) -{ - char *p; /* pointer in a for loop */ - int n = 0; /* the integer collected */ - - /* - * skip white space - */ - while (isspace(*s)) - s++; - /* - * get the integer - */ - for (p = s; *p; p++) { - if (isdigit(*p)) - n = n * 10 + *p - '0'; - else { - warnx("bad decimal digit in MAC length"); - } - } - /* - * be sure it's a multiple of mult - */ - return((n % mult != 0) ? -1 : n); -} - -/***************** - * DES FUNCTIONS * - *****************/ -/* - * This sets the DES key and (if you're using the deszip version) - * the direction of the transformation. This uses the Sun - * to map the 64-bit key onto the 56 bits that the key schedule - * generation routines use: the old way, which just uses the user- - * supplied 64 bits as is, and the new way, which resets the parity - * bit to be the same as the low-order bit in each character. The - * new way generates a greater variety of key schedules, since many - * systems set the parity (high) bit of each character to 0, and the - * DES ignores the low order bit of each character. - */ -static void -makekey(DES_cblock *buf) -{ - int i, j; /* counter in a for loop */ - int par; /* parity counter */ - - /* - * if the parity is not preserved, flip it - */ - if (!pflag) { - for (i = 0; i < 8; i++) { - par = 0; - for (j = 1; j < 8; j++) - if ((bits[j] & (*buf)[i]) != 0) - par++; - if ((par & 0x01) == 0x01) - (*buf)[i] &= 0x7f; - else - (*buf)[i] = ((*buf)[i] & 0x7f) | 0x80; - } - } - - DES_set_odd_parity(buf); - DES_set_key(buf, &schedule); -} - -/* - * This encrypts using the Electronic Code Book mode of DES - */ -static void -ecbenc(void) -{ - int n; /* number of bytes actually read */ - int bn; /* block number */ - DES_cblock msgbuf; /* I/O buffer */ - - for (bn = 0; (n = READ(msgbuf, 8)) == 8; bn++) { - /* - * do the transformation - */ - DES_XFORM(&msgbuf); - WRITE(&msgbuf, 8); - } - /* - * at EOF or last block -- in either case, the last byte contains - * the character representation of the number of bytes in it - */ - bn++; - MEMZERO(&msgbuf[n], 8 - n); - msgbuf[7] = n; - DES_XFORM(&msgbuf); - WRITE(&msgbuf, 8); - -} - -/* - * This decrypts using the Electronic Code Book mode of DES - */ -static void -ecbdec(void) -{ - int n; /* number of bytes actually read */ - int c; /* used to test for EOF */ - int bn; /* block number */ - DES_cblock msgbuf; /* I/O buffer */ - - for (bn = 1; (n = READ(msgbuf, 8)) == 8; bn++) { - /* - * do the transformation - */ - DES_XFORM(&msgbuf); - /* - * if the last one, handle it specially - */ - if ((c = getchar()) == EOF) { - n = msgbuf[7]; - if (n < 0 || n > 7) - warnx("decryption failed (block corrupt) at %d", - bn); - } - else - (void)ungetc(c, stdin); - WRITE(msgbuf, n); - } - if (n > 0) - warnx("decryption failed (incomplete block) at %d", bn); -} - -/* - * This encrypts using the Cipher Block Chaining mode of DES - */ -static void -cbcenc(void) -{ - int n; /* number of bytes actually read */ - int bn; /* block number */ - DES_cblock msgbuf; /* I/O buffer */ - - /* - * do the transformation - */ - for (bn = 1; (n = READ(msgbuf, 8)) == 8; bn++) { - for (n = 0; n < 8; n++) - msgbuf[n] ^= ivec[n]; - DES_XFORM(&msgbuf); - MEMCPY(ivec, msgbuf, 8); - WRITE(msgbuf, 8); - } - /* - * at EOF or last block -- in either case, the last byte contains - * the character representation of the number of bytes in it - */ - bn++; - MEMZERO(&msgbuf[n], 8 - n); - msgbuf[7] = n; - for (n = 0; n < 8; n++) - msgbuf[n] ^= ivec[n]; - DES_XFORM(&msgbuf); - WRITE(msgbuf, 8); - -} - -/* - * This decrypts using the Cipher Block Chaining mode of DES - */ -static void -cbcdec(void) -{ - int n; /* number of bytes actually read */ - DES_cblock msgbuf; /* I/O buffer */ - DES_cblock ibuf; /* temp buffer for initialization vector */ - int c; /* used to test for EOF */ - int bn; /* block number */ - - for (bn = 0; (n = READ(msgbuf, 8)) == 8; bn++) { - /* - * do the transformation - */ - MEMCPY(ibuf, msgbuf, 8); - DES_XFORM(&msgbuf); - for (c = 0; c < 8; c++) - msgbuf[c] ^= ivec[c]; - MEMCPY(ivec, ibuf, 8); - /* - * if the last one, handle it specially - */ - if ((c = getchar()) == EOF) { - n = msgbuf[7]; - if (n < 0 || n > 7) - warnx("decryption failed (block corrupt) at %d", - bn); - } - else - (void)ungetc(c, stdin); - WRITE(msgbuf, n); - } - if (n > 0) - warnx("decryption failed (incomplete block) at %d", bn); -} - -/* - * This authenticates using the Cipher Block Chaining mode of DES - */ -static void -cbcauth(void) -{ - int n, j; /* number of bytes actually read */ - DES_cblock msgbuf; /* I/O buffer */ - DES_cblock encbuf; /* encryption buffer */ - - /* - * do the transformation - * note we DISCARD the encrypted block; - * we only care about the last one - */ - while ((n = READ(msgbuf, 8)) == 8) { - for (n = 0; n < 8; n++) - encbuf[n] = msgbuf[n] ^ ivec[n]; - DES_XFORM(&encbuf); - MEMCPY(ivec, encbuf, 8); - } - /* - * now compute the last one, right padding with '\0' if need be - */ - if (n > 0) { - MEMZERO(&msgbuf[n], 8 - n); - for (n = 0; n < 8; n++) - encbuf[n] = msgbuf[n] ^ ivec[n]; - DES_XFORM(&encbuf); - } - /* - * drop the bits - * we write chars until fewer than 7 bits, - * and then pad the last one with 0 bits - */ - for (n = 0; macbits > 7; n++, macbits -= 8) - (void)putchar(encbuf[n]); - if (macbits > 0) { - msgbuf[0] = 0x00; - for (j = 0; j < macbits; j++) - msgbuf[0] |= encbuf[n] & bits[j]; - (void)putchar(msgbuf[0]); - } -} - -/* - * This encrypts using the Cipher FeedBack mode of DES - */ -static void -cfbenc(void) -{ - int n; /* number of bytes actually read */ - int nbytes; /* number of bytes to read */ - int bn; /* block number */ - char ibuf[8]; /* input buffer */ - DES_cblock msgbuf; /* encryption buffer */ - - /* - * do things in bytes, not bits - */ - nbytes = fbbits / 8; - /* - * do the transformation - */ - for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) { - MEMCPY(msgbuf, ivec, 8); - DES_XFORM(&msgbuf); - for (n = 0; n < 8 - nbytes; n++) - ivec[n] = ivec[n+nbytes]; - for (n = 0; n < nbytes; n++) - ivec[8 - nbytes + n] = ibuf[n] ^ msgbuf[n]; - WRITE(&ivec[8 - nbytes], nbytes); - } - /* - * at EOF or last block -- in either case, the last byte contains - * the character representation of the number of bytes in it - */ - bn++; - MEMZERO(&ibuf[n], nbytes - n); - ibuf[nbytes - 1] = n; - MEMCPY(msgbuf, ivec, 8); - DES_XFORM(&msgbuf); - for (n = 0; n < nbytes; n++) - ibuf[n] ^= msgbuf[n]; - WRITE(ibuf, nbytes); -} - -/* - * This decrypts using the Cipher Block Chaining mode of DES - */ -static void -cfbdec(void) -{ - int n; /* number of bytes actually read */ - int c; /* used to test for EOF */ - int nbytes; /* number of bytes to read */ - int bn; /* block number */ - char ibuf[8]; /* input buffer */ - char obuf[8]; /* output buffer */ - DES_cblock msgbuf; /* encryption buffer */ - - /* - * do things in bytes, not bits - */ - nbytes = fbbits / 8; - /* - * do the transformation - */ - for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) { - MEMCPY(msgbuf, ivec, 8); - DES_XFORM(&msgbuf); - for (c = 0; c < 8 - nbytes; c++) - ivec[c] = ivec[c + nbytes]; - for (c = 0; c < nbytes; c++) { - ivec[8 - nbytes + c] = ibuf[c]; - obuf[c] = ibuf[c] ^ msgbuf[c]; - } - /* - * if the last one, handle it specially - */ - if ((c = getchar()) == EOF) { - n = obuf[nbytes-1]; - if (n < 0 || n > nbytes-1) - warnx("decryption failed (block corrupt) at %d", - bn); - } - else - (void)ungetc(c, stdin); - WRITE(obuf, n); - } - if (n > 0) - warnx("decryption failed (incomplete block) at %d", bn); -} - -/* - * This encrypts using the alternative Cipher FeedBack mode of DES - */ -static void -cfbaenc(void) -{ - int n; /* number of bytes actually read */ - int nbytes; /* number of bytes to read */ - int bn; /* block number */ - char ibuf[8]; /* input buffer */ - char obuf[8]; /* output buffer */ - DES_cblock msgbuf; /* encryption buffer */ - - /* - * do things in bytes, not bits - */ - nbytes = fbbits / 7; - /* - * do the transformation - */ - for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) { - MEMCPY(msgbuf, ivec, 8); - DES_XFORM(&msgbuf); - for (n = 0; n < 8 - nbytes; n++) - ivec[n] = ivec[n + nbytes]; - for (n = 0; n < nbytes; n++) - ivec[8 - nbytes + n] = (ibuf[n] ^ msgbuf[n]) | 0x80; - for (n = 0; n < nbytes; n++) - obuf[n] = ivec[8 - nbytes + n] & 0x7f; - WRITE(obuf, nbytes); - } - /* - * at EOF or last block -- in either case, the last byte contains - * the character representation of the number of bytes in it - */ - bn++; - MEMZERO(&ibuf[n], nbytes - n); - ibuf[nbytes - 1] = ('0' + n)|0200; - MEMCPY(msgbuf, ivec, 8); - DES_XFORM(&msgbuf); - for (n = 0; n < nbytes; n++) - ibuf[n] ^= msgbuf[n]; - WRITE(ibuf, nbytes); -} - -/* - * This decrypts using the alternative Cipher Block Chaining mode of DES - */ -static void -cfbadec(void) -{ - int n; /* number of bytes actually read */ - int c; /* used to test for EOF */ - int nbytes; /* number of bytes to read */ - int bn; /* block number */ - char ibuf[8]; /* input buffer */ - char obuf[8]; /* output buffer */ - DES_cblock msgbuf; /* encryption buffer */ - - /* - * do things in bytes, not bits - */ - nbytes = fbbits / 7; - /* - * do the transformation - */ - for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) { - MEMCPY(msgbuf, ivec, 8); - DES_XFORM(&msgbuf); - for (c = 0; c < 8 - nbytes; c++) - ivec[c] = ivec[c + nbytes]; - for (c = 0; c < nbytes; c++) { - ivec[8 - nbytes + c] = ibuf[c] | 0x80; - obuf[c] = (ibuf[c] ^ msgbuf[c]) & 0x7f; - } - /* - * if the last one, handle it specially - */ - if ((c = getchar()) == EOF) { - if ((n = (obuf[nbytes-1] - '0')) < 0 - || n > nbytes-1) - warnx("decryption failed (block corrupt) at %d", - bn); - } - else - (void)ungetc(c, stdin); - WRITE(obuf, n); - } - if (n > 0) - warnx("decryption failed (incomplete block) at %d", bn); -} - - -/* - * This encrypts using the Output FeedBack mode of DES - */ -static void -ofbenc(void) -{ - int n; /* number of bytes actually read */ - int c; /* used to test for EOF */ - int nbytes; /* number of bytes to read */ - int bn; /* block number */ - char ibuf[8]; /* input buffer */ - char obuf[8]; /* output buffer */ - DES_cblock msgbuf; /* encryption buffer */ - - /* - * do things in bytes, not bits - */ - nbytes = fbbits / 8; - /* - * do the transformation - */ - for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) { - MEMCPY(msgbuf, ivec, 8); - DES_XFORM(&msgbuf); - for (n = 0; n < 8 - nbytes; n++) - ivec[n] = ivec[n + nbytes]; - for (n = 0; n < nbytes; n++) { - ivec[8 - nbytes + n] = msgbuf[n]; - obuf[n] = ibuf[n] ^ msgbuf[n]; - } - WRITE(obuf, nbytes); - } - /* - * at EOF or last block -- in either case, the last byte contains - * the character representation of the number of bytes in it - */ - bn++; - MEMZERO(&ibuf[n], nbytes - n); - ibuf[nbytes - 1] = n; - MEMCPY(msgbuf, ivec, 8); - DES_XFORM(&msgbuf); - for (c = 0; c < nbytes; c++) - ibuf[c] ^= msgbuf[c]; - WRITE(ibuf, nbytes); -} - -/* - * This decrypts using the Output Block Chaining mode of DES - */ -static void -ofbdec(void) -{ - int n; /* number of bytes actually read */ - int c; /* used to test for EOF */ - int nbytes; /* number of bytes to read */ - int bn; /* block number */ - char ibuf[8]; /* input buffer */ - char obuf[8]; /* output buffer */ - DES_cblock msgbuf; /* encryption buffer */ - - /* - * do things in bytes, not bits - */ - nbytes = fbbits / 8; - /* - * do the transformation - */ - for (bn = 1; (n = READ(ibuf, nbytes)) == nbytes; bn++) { - MEMCPY(msgbuf, ivec, 8); - DES_XFORM(&msgbuf); - for (c = 0; c < 8 - nbytes; c++) - ivec[c] = ivec[c + nbytes]; - for (c = 0; c < nbytes; c++) { - ivec[8 - nbytes + c] = msgbuf[c]; - obuf[c] = ibuf[c] ^ msgbuf[c]; - } - /* - * if the last one, handle it specially - */ - if ((c = getchar()) == EOF) { - n = obuf[nbytes-1]; - if (n < 0 || n > nbytes-1) - warnx("decryption failed (block corrupt) at %d", - bn); - } - else - (void)ungetc(c, stdin); - /* - * dump it - */ - WRITE(obuf, n); - } - if (n > 0) - warnx("decryption failed (incomplete block) at %d", bn); -} - -/* - * This authenticates using the Cipher FeedBack mode of DES - */ -static void -cfbauth(void) -{ - int n, j; /* number of bytes actually read */ - int nbytes; /* number of bytes to read */ - char ibuf[8]; /* input buffer */ - DES_cblock msgbuf; /* encryption buffer */ - - /* - * do things in bytes, not bits - */ - nbytes = fbbits / 8; - /* - * do the transformation - */ - while ((n = READ(ibuf, nbytes)) == nbytes) { - MEMCPY(msgbuf, ivec, 8); - DES_XFORM(&msgbuf); - for (n = 0; n < 8 - nbytes; n++) - ivec[n] = ivec[n + nbytes]; - for (n = 0; n < nbytes; n++) - ivec[8 - nbytes + n] = ibuf[n] ^ msgbuf[n]; - } - /* - * at EOF or last block -- in either case, the last byte contains - * the character representation of the number of bytes in it - */ - MEMZERO(&ibuf[n], nbytes - n); - ibuf[nbytes - 1] = '0' + n; - MEMCPY(msgbuf, ivec, 8); - DES_XFORM(&msgbuf); - for (n = 0; n < nbytes; n++) - ibuf[n] ^= msgbuf[n]; - /* - * drop the bits - * we write chars until fewer than 7 bits, - * and then pad the last one with 0 bits - */ - for (n = 0; macbits > 7; n++, macbits -= 8) - (void)putchar(msgbuf[n]); - if (macbits > 0) { - msgbuf[0] = 0x00; - for (j = 0; j < macbits; j++) - msgbuf[0] |= msgbuf[n] & bits[j]; - (void)putchar(msgbuf[0]); - } -} - -/* - * message about usage - */ -static void -usage(void) -{ - (void)fprintf(stderr, "%s\n", -"usage: bdes [-abdp] [-F N] [-f N] [-k key] [-m N] [-o N] [-v vector]"); - exit(1); -} Property changes on: head/secure/usr.bin/bdes/bdes.c ___________________________________________________________________ Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Index: head/secure/usr.bin/bdes/bdes.ps =================================================================== --- head/secure/usr.bin/bdes/bdes.ps (revision 313328) +++ head/secure/usr.bin/bdes/bdes.ps (nonexistent) @@ -1,2946 +0,0 @@ -%! -%%BoundingBox: (atend) -%%Pages: (atend) -%%DocumentFonts: (atend) -%%EndComments -% -% FrameMaker PostScript Prolog 2.0, for use with FrameMaker 2.0 -% Copyright (c) 1986,87,89 by Frame Technology, Inc. All rights reserved. -% -% Known Problems: -% Due to bugs in Transcript, the 'PS-Adobe-' is omitted from line 1 -% $FreeBSD$ -/FMversion (2.0) def -% Set up Color vs. Black-and-White - /FMPrintInColor systemdict /colorimage known def -% Uncomment this line to force b&w on color printer -% /FMPrintInColor false def -/FrameDict 190 dict def -systemdict /errordict known not {/errordict 10 dict def - errordict /rangecheck {stop} put} if -% The readline in 23.0 doesn't recognize cr's as nl's on AppleTalk -FrameDict /tmprangecheck errordict /rangecheck get put -errordict /rangecheck {FrameDict /bug true put} put -FrameDict /bug false put -mark -% Some PS machines read past the CR, so keep the following 3 lines together! -currentfile 5 string readline -00 -0000000000 -cleartomark -errordict /rangecheck FrameDict /tmprangecheck get put -FrameDict /bug get { - /readline { - /gstring exch def - /gfile exch def - /gindex 0 def - { - gfile read pop - dup 10 eq {exit} if - dup 13 eq {exit} if - gstring exch gindex exch put - /gindex gindex 1 add def - } loop - pop - gstring 0 gindex getinterval true - } def - } if -/FMVERSION { - FMversion ne { - /Times-Roman findfont 18 scalefont setfont - 100 100 moveto - (FrameMaker version does not match postscript_prolog!) - dup = - show showpage - } if - } def -/FMLOCAL { - FrameDict begin - 0 def - end - } def - /gstring FMLOCAL - /gfile FMLOCAL - /gindex FMLOCAL - /orgxfer FMLOCAL - /orgproc FMLOCAL - /organgle FMLOCAL - /orgfreq FMLOCAL - /yscale FMLOCAL - /xscale FMLOCAL - /manualfeed FMLOCAL - /paperheight FMLOCAL - /paperwidth FMLOCAL -/FMDOCUMENT { - array /FMfonts exch def - /#copies exch def - FrameDict begin - 0 ne dup {setmanualfeed} if - /manualfeed exch def - /paperheight exch def - /paperwidth exch def - setpapername - manualfeed {true} {papersize} ifelse - {manualpapersize} {false} ifelse - {desperatepapersize} if - /yscale exch def - /xscale exch def - currenttransfer cvlit /orgxfer exch def - currentscreen cvlit /orgproc exch def - /organgle exch def /orgfreq exch def - end - } def - /pagesave FMLOCAL - /orgmatrix FMLOCAL - /landscape FMLOCAL -/FMBEGINPAGE { - FrameDict begin - /pagesave save def - 3.86 setmiterlimit - /landscape exch 0 ne def - landscape { - 90 rotate 0 exch neg translate pop - } - {pop pop} - ifelse - xscale yscale scale - /orgmatrix matrix def - gsave - } def -/FMENDPAGE { - grestore - pagesave restore - end - showpage - } def -/FMDEFINEFONT { - FrameDict begin - findfont - ReEncode - 2 index exch - definefont exch - scalefont - FMfonts 3 1 roll - put - end - } bind def -/FMNORMALIZEGRAPHICS { - newpath - 0.0 0.0 moveto - 1 setlinewidth - 0 setlinecap - 0 0 0 sethsbcolor - 0 setgray - } bind def - /fx FMLOCAL - /fy FMLOCAL - /fh FMLOCAL - /fw FMLOCAL - /llx FMLOCAL - /lly FMLOCAL - /urx FMLOCAL - /ury FMLOCAL -/FMBEGINEPSF { - end - /FMEPSF save def - /showpage {} def - FMNORMALIZEGRAPHICS - [/fy /fx /fh /fw /ury /urx /lly /llx] {exch def} forall - fx fy translate - rotate - fw urx llx sub div fh ury lly sub div scale - llx neg lly neg translate - } bind def -/FMENDEPSF { - FMEPSF restore - FrameDict begin - } bind def -FrameDict begin -/setmanualfeed { -%%BeginFeature *ManualFeed True - statusdict /manualfeed true put -%%EndFeature - } def -/max {2 copy lt {exch} if pop} bind def -/min {2 copy gt {exch} if pop} bind def -/inch {72 mul} def -/pagedimen { - paperheight sub abs 16 lt exch - paperwidth sub abs 16 lt and - {/papername exch def} {pop} ifelse - } def - /papersizedict FMLOCAL -/setpapername { - /papersizedict 14 dict def - papersizedict begin - /papername /unknown def - /Letter 8.5 inch 11.0 inch pagedimen - /LetterSmall 7.68 inch 10.16 inch pagedimen - /Tabloid 11.0 inch 17.0 inch pagedimen - /Ledger 17.0 inch 11.0 inch pagedimen - /Legal 8.5 inch 14.0 inch pagedimen - /Statement 5.5 inch 8.5 inch pagedimen - /Executive 7.5 inch 10.0 inch pagedimen - /A3 11.69 inch 16.5 inch pagedimen - /A4 8.26 inch 11.69 inch pagedimen - /A4Small 7.47 inch 10.85 inch pagedimen - /B4 10.125 inch 14.33 inch pagedimen - /B5 7.16 inch 10.125 inch pagedimen - end - } def -/papersize { - papersizedict begin - /Letter {lettertray} def - /LetterSmall {lettertray lettersmall} def - /Tabloid {11x17tray} def - /Ledger {ledgertray} def - /Legal {legaltray} def - /Statement {statementtray} def - /Executive {executivetray} def - /A3 {a3tray} def - /A4 {a4tray} def - /A4Small {a4tray a4small} def - /B4 {b4tray} def - /B5 {b5tray} def - /unknown {unknown} def - papersizedict dup papername known {papername} {/unknown} ifelse get - end - /FMdicttop countdictstack 1 add def - statusdict begin stopped end - countdictstack -1 FMdicttop {pop end} for - } def -/manualpapersize { - papersizedict begin - /Letter {letter} def - /LetterSmall {lettersmall} def - /Tabloid {11x17} def - /Ledger {ledger} def - /Legal {legal} def - /Statement {statement} def - /Executive {executive} def - /A3 {a3} def - /A4 {a4} def - /A4Small {a4small} def - /B4 {b4} def - /B5 {b5} def - /unknown {unknown} def - papersizedict dup papername known {papername} {/unknown} ifelse get - end - stopped - } def -/desperatepapersize { - statusdict /setpageparams known - { - paperwidth paperheight 0 1 - statusdict begin - {setpageparams} stopped pop - end - } if - } def -/savematrix { - orgmatrix currentmatrix pop - } bind def -/restorematrix { - orgmatrix setmatrix - } bind def -/dmatrix matrix def -/dpi 72 0 dmatrix defaultmatrix dtransform - dup mul exch dup mul add sqrt def -/freq dpi 18.75 div 8 div round dup 0 eq {pop 1} if 8 mul dpi exch div def -/sangle 1 0 dmatrix defaultmatrix dtransform exch atan def -/DiacriticEncoding [ -/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef -/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef -/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef -/.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef -/.notdef /.notdef /.notdef /.notdef /space /exclam /quotedbl -/numbersign /dollar /percent /ampersand /quotesingle /parenleft -/parenright /asterisk /plus /comma /hyphen /period /slash /zero /one -/two /three /four /five /six /seven /eight /nine /colon /semicolon -/less /equal /greater /question /at /A /B /C /D /E /F /G /H /I /J /K -/L /M /N /O /P /Q /R /S /T /U /V /W /X /Y /Z /bracketleft /backslash -/bracketright /asciicircum /underscore /grave /a /b /c /d /e /f /g /h -/i /j /k /l /m /n /o /p /q /r /s /t /u /v /w /x /y /z /braceleft /bar -/braceright /asciitilde /.notdef /Adieresis /Aring /Ccedilla /Eacute -/Ntilde /Odieresis /Udieresis /aacute /agrave /acircumflex /adieresis -/atilde /aring /ccedilla /eacute /egrave /ecircumflex /edieresis -/iacute /igrave /icircumflex /idieresis /ntilde /oacute /ograve -/ocircumflex /odieresis /otilde /uacute /ugrave /ucircumflex -/udieresis /dagger /.notdef /cent /sterling /section /bullet -/paragraph /germandbls /registered /copyright /trademark /acute -/dieresis /.notdef /AE /Oslash /.notdef /.notdef /.notdef /.notdef -/yen /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef -/ordfeminine /ordmasculine /.notdef /ae /oslash /questiondown -/exclamdown /logicalnot /.notdef /florin /.notdef /.notdef -/guillemotleft /guillemotright /ellipsis /.notdef /Agrave /Atilde -/Otilde /OE /oe /endash /emdash /quotedblleft /quotedblright -/quoteleft /quoteright /.notdef /.notdef /ydieresis /Ydieresis -/fraction /currency /guilsinglleft /guilsinglright /fi /fl /daggerdbl -/periodcentered /quotesinglbase /quotedblbase /perthousand -/Acircumflex /Ecircumflex /Aacute /Edieresis /Egrave /Iacute -/Icircumflex /Idieresis /Igrave /Oacute /Ocircumflex /.notdef /Ograve -/Uacute /Ucircumflex /Ugrave /dotlessi /circumflex /tilde /macron -/breve /dotaccent /ring /cedilla /hungarumlaut /ogonek /caron -] def -/ReEncode { - dup - length - dict begin - { - 1 index /FID ne - {def} - {pop pop} ifelse - } forall - Encoding StandardEncoding eq - { - /Encoding DiacriticEncoding def - }if - currentdict - end - } bind def -/graymode true def - /bwidth FMLOCAL - /bpside FMLOCAL - /bstring FMLOCAL - /onbits FMLOCAL - /offbits FMLOCAL - /xindex FMLOCAL - /yindex FMLOCAL - /x FMLOCAL - /y FMLOCAL -/setpattern { - /bwidth exch def - /bpside exch def - /bstring exch def - /onbits 0 def /offbits 0 def - freq sangle landscape {90 add} if - {/y exch def - /x exch def - /xindex x 1 add 2 div bpside mul cvi def - /yindex y 1 add 2 div bpside mul cvi def - bstring yindex bwidth mul xindex 8 idiv add get - 1 7 xindex 8 mod sub bitshift and 0 ne - {/onbits onbits 1 add def 1} - {/offbits offbits 1 add def 0} - ifelse - } - setscreen - {} settransfer - offbits offbits onbits add div FMsetgray - /graymode false def - } bind def -/grayness { - FMsetgray - graymode not { - /graymode true def - orgxfer cvx settransfer - orgfreq organgle orgproc cvx setscreen - } if - } bind def - /HUE FMLOCAL - /SAT FMLOCAL - /BRIGHT FMLOCAL - /Colors FMLOCAL -FMPrintInColor - - { - /HUE 0 def - /SAT 0 def - /BRIGHT 0 def - % array of arrays Hue and Sat values for the separations [HUE BRIGHT] - /Colors - [[0 0 ] % black - [0 0 ] % white - [0.00 1.0] % red - [0.37 1.0] % green - [0.60 1.0] % blue - [0.50 1.0] % cyan - [0.83 1.0] % magenta - [0.16 1.0] % comment / yellow - ] def - - /BEGINBITMAPCOLOR { - BITMAPCOLOR} def - /BEGINBITMAPCOLORc { - BITMAPCOLORc} def - /K { - Colors exch get dup - 0 get /HUE exch store - 1 get /BRIGHT exch store - HUE 0 eq BRIGHT 0 eq and - {1.0 SAT sub setgray} - {HUE SAT BRIGHT sethsbcolor} - ifelse - } def - /FMsetgray { - /SAT exch 1.0 exch sub store - HUE 0 eq BRIGHT 0 eq and - {1.0 SAT sub setgray} - {HUE SAT BRIGHT sethsbcolor} - ifelse - } bind def - } - - { - /BEGINBITMAPCOLOR { - BITMAPGRAY} def - /BEGINBITMAPCOLORc { - BITMAPGRAYc} def - /FMsetgray {setgray} bind def - /K { - pop - } def - } -ifelse -/normalize { - transform round exch round exch itransform - } bind def -/dnormalize { - dtransform round exch round exch idtransform - } bind def -/lnormalize { - 0 dtransform exch cvi 2 idiv 2 mul 1 add exch idtransform pop - } bind def -/H { - lnormalize setlinewidth - } bind def -/Z { - setlinecap - } bind def -/X { - fillprocs exch get exec - } bind def -/V { - gsave eofill grestore - } bind def -/N { - stroke - } bind def -/M {newpath moveto} bind def -/E {lineto} bind def -/D {curveto} bind def -/O {closepath} bind def - /n FMLOCAL -/L { - /n exch def - newpath - normalize - moveto - 2 1 n {pop normalize lineto} for - } bind def -/Y { - L - closepath - } bind def - /x1 FMLOCAL - /x2 FMLOCAL - /y1 FMLOCAL - /y2 FMLOCAL - /rad FMLOCAL -/R { - /y2 exch def - /x2 exch def - /y1 exch def - /x1 exch def - x1 y1 - x2 y1 - x2 y2 - x1 y2 - 4 Y - } bind def -/RR { - /rad exch def - normalize - /y2 exch def - /x2 exch def - normalize - /y1 exch def - /x1 exch def - newpath - x1 y1 rad add moveto - x1 y2 x2 y2 rad arcto - x2 y2 x2 y1 rad arcto - x2 y1 x1 y1 rad arcto - x1 y1 x1 y2 rad arcto - closepath - 16 {pop} repeat - } bind def -/C { - grestore - gsave - R - clip - } bind def -/U { - grestore - gsave - } bind def -/F { - FMfonts exch get - setfont - } bind def -/T { - moveto show - } bind def -/RF { - rotate - 0 ne {-1 1 scale} if - } bind def -/TF { - gsave - moveto - RF - show - grestore - } bind def -/P { - moveto - 0 32 3 2 roll widthshow - } bind def -/PF { - gsave - moveto - RF - 0 32 3 2 roll widthshow - grestore - } bind def -/S { - moveto - 0 exch ashow - } bind def -/SF { - gsave - moveto - RF - 0 exch ashow - grestore - } bind def -/B { - moveto - 0 32 4 2 roll 0 exch awidthshow - } bind def -/BF { - gsave - moveto - RF - 0 32 4 2 roll 0 exch awidthshow - grestore - } bind def - /x FMLOCAL - /y FMLOCAL - /dx FMLOCAL - /dy FMLOCAL - /dl FMLOCAL - /t FMLOCAL - /t2 FMLOCAL - /Cos FMLOCAL - /Sin FMLOCAL - /r FMLOCAL -/W { - dnormalize - /dy exch def - /dx exch def - normalize - /y exch def - /x exch def - /dl dx dx mul dy dy mul add sqrt def - dl 0.0 gt { - /t currentlinewidth def - savematrix - /Cos dx dl div def - /Sin dy dl div def - /r [Cos Sin Sin neg Cos 0.0 0.0] def - /t2 t 2.5 mul 3.5 max def - newpath - x y translate - r concat - 0.0 0.0 moveto - dl t 2.7 mul sub 0.0 rlineto - stroke - restorematrix - x dx add y dy add translate - r concat - t 0.67 mul setlinewidth - t 1.61 mul neg 0.0 translate - 0.0 0.0 moveto - t2 1.7 mul neg t2 2.0 div moveto - 0.0 0.0 lineto - t2 1.7 mul neg t2 2.0 div neg lineto - stroke - t setlinewidth - restorematrix - } if - } bind def -/G { - gsave - newpath - normalize translate 0.0 0.0 moveto - dnormalize scale - 0.0 0.0 1.0 5 3 roll arc - closepath fill - grestore - } bind def -/A { - gsave - savematrix - newpath - 2 index 2 div add exch 3 index 2 div sub exch - normalize 2 index 2 div sub exch 3 index 2 div add exch - translate - scale - 0.0 0.0 1.0 5 3 roll arc - restorematrix - stroke - grestore - } bind def - /x FMLOCAL - /y FMLOCAL - /w FMLOCAL - /h FMLOCAL - /xx FMLOCAL - /yy FMLOCAL - /ww FMLOCAL - /hh FMLOCAL - /FMsaveobject FMLOCAL - /FMoptop FMLOCAL - /FMdicttop FMLOCAL -/BEGINPRINTCODE { - /FMdicttop countdictstack 1 add def - /FMoptop count 4 sub def - /FMsaveobject save def - userdict begin - /showpage {} def - FMNORMALIZEGRAPHICS - 3 index neg 3 index neg translate - } bind def -/ENDPRINTCODE { - count -1 FMoptop {pop pop} for - countdictstack -1 FMdicttop {pop end} for - FMsaveobject restore - } bind def -/gn { - 0 - { 46 mul - cf read pop - 32 sub - dup 46 lt {exit} if - 46 sub add - } loop - add - } bind def - /str FMLOCAL -/cfs { - /str sl string def - 0 1 sl 1 sub {str exch val put} for - str def - } bind def -/ic [ - 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0223 - 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0223 - 0 - {0 hx} {1 hx} {2 hx} {3 hx} {4 hx} {5 hx} {6 hx} {7 hx} {8 hx} {9 hx} - {10 hx} {11 hx} {12 hx} {13 hx} {14 hx} {15 hx} {16 hx} {17 hx} {18 hx} - {19 hx} {gn hx} {0} {1} {2} {3} {4} {5} {6} {7} {8} {9} {10} {11} {12} - {13} {14} {15} {16} {17} {18} {19} {gn} {0 wh} {1 wh} {2 wh} {3 wh} - {4 wh} {5 wh} {6 wh} {7 wh} {8 wh} {9 wh} {10 wh} {11 wh} {12 wh} - {13 wh} {14 wh} {gn wh} {0 bl} {1 bl} {2 bl} {3 bl} {4 bl} {5 bl} {6 bl} - {7 bl} {8 bl} {9 bl} {10 bl} {11 bl} {12 bl} {13 bl} {14 bl} {gn bl} - {0 fl} {1 fl} {2 fl} {3 fl} {4 fl} {5 fl} {6 fl} {7 fl} {8 fl} {9 fl} - {10 fl} {11 fl} {12 fl} {13 fl} {14 fl} {gn fl} - ] def - /sl FMLOCAL - /val FMLOCAL - /ws FMLOCAL - /im FMLOCAL - /bs FMLOCAL - /cs FMLOCAL - /len FMLOCAL - /pos FMLOCAL -/ms { - /sl exch def - /val 255 def - /ws cfs - /im cfs - /val 0 def - /bs cfs - /cs cfs - } bind def -400 ms -/ip { - is - 0 - cf cs readline pop - { ic exch get exec - add - } forall - pop - - } bind def -/wh { - /len exch def - /pos exch def - ws 0 len getinterval im pos len getinterval copy pop - pos len - } bind def -/bl { - /len exch def - /pos exch def - bs 0 len getinterval im pos len getinterval copy pop - pos len - } bind def -/s1 1 string def -/fl { - /len exch def - /pos exch def - /val cf s1 readhexstring pop 0 get def - pos 1 pos len add 1 sub {im exch val put} for - pos len - } bind def -/hx { - 3 copy getinterval - cf exch readhexstring pop pop - } bind def - /h FMLOCAL - /w FMLOCAL - /d FMLOCAL - /lb FMLOCAL - /bitmapsave FMLOCAL - /is FMLOCAL - /cf FMLOCAL -/wbytes { - dup - 8 eq {pop} {1 eq {7 add 8 idiv} {3 add 4 idiv} ifelse} ifelse - } bind def -/BEGINBITMAPBWc { - 1 {} COMMONBITMAPc - } bind def -/BEGINBITMAPGRAYc { - 8 {} COMMONBITMAPc - } bind def -/BEGINBITMAP2BITc { - 2 {} COMMONBITMAPc - } bind def -/COMMONBITMAPc { - /r exch def - /d exch def - gsave - translate rotate scale /h exch def /w exch def - /lb w d wbytes def - sl lb lt {lb ms} if - /bitmapsave save def - r - /is im 0 lb getinterval def - ws 0 lb getinterval is copy pop - /cf currentfile def - w h d [w 0 0 h neg 0 h] - {ip} image - bitmapsave restore - grestore - } bind def -/BEGINBITMAPBW { - 1 {} COMMONBITMAP - } bind def -/BEGINBITMAPGRAY { - 8 {} COMMONBITMAP - } bind def -/BEGINBITMAP2BIT { - 2 {} COMMONBITMAP - } bind def -/COMMONBITMAP { - /r exch def - /d exch def - gsave - translate rotate scale /h exch def /w exch def - /bitmapsave save def - r - /is w d wbytes string def - /cf currentfile def - w h d [w 0 0 h neg 0 h] - {cf is readhexstring pop} image - bitmapsave restore - grestore - } bind def - /proc1 FMLOCAL - /proc2 FMLOCAL - /newproc FMLOCAL -/Fmcc { - /proc2 exch cvlit def - /proc1 exch cvlit def - /newproc proc1 length proc2 length add array def - newproc 0 proc1 putinterval - newproc proc1 length proc2 putinterval - newproc cvx -} bind def -/ngrayt 256 array def -/nredt 256 array def -/nbluet 256 array def -/ngreent 256 array def - /gryt FMLOCAL - /blut FMLOCAL - /grnt FMLOCAL - /redt FMLOCAL - /indx FMLOCAL - /cynu FMLOCAL - /magu FMLOCAL - /yelu FMLOCAL - /k FMLOCAL - /u FMLOCAL -/colorsetup { - currentcolortransfer - /gryt exch def - /blut exch def - /grnt exch def - /redt exch def - 0 1 255 { - /indx exch def - /cynu 1 red indx get 255 div sub def - /magu 1 green indx get 255 div sub def - /yelu 1 blue indx get 255 div sub def - /k cynu magu min yelu min def - /u k currentundercolorremoval exec def - nredt indx 1 0 cynu u sub max sub redt exec put - ngreent indx 1 0 magu u sub max sub grnt exec put - nbluet indx 1 0 yelu u sub max sub blut exec put - ngrayt indx 1 k currentblackgeneration exec sub gryt exec put - } for - {255 mul cvi nredt exch get} - {255 mul cvi ngreent exch get} - {255 mul cvi nbluet exch get} - {255 mul cvi ngrayt exch get} - setcolortransfer - {pop 0} setundercolorremoval - {} setblackgeneration - } bind def - /tran FMLOCAL -/fakecolorsetup { - /tran 256 string def - 0 1 255 {/indx exch def - tran indx - red indx get 77 mul - green indx get 151 mul - blue indx get 28 mul - add add 256 idiv put} for - currenttransfer - {255 mul cvi tran exch get 255.0 div} - exch Fmcc settransfer -} bind def -/BITMAPCOLOR { - /d 8 def - gsave - translate rotate scale /h exch def /w exch def - /bitmapsave save def - colorsetup - /is w d wbytes string def - /cf currentfile def - w h d [w 0 0 h neg 0 h] - {cf is readhexstring pop} {is} {is} true 3 colorimage - bitmapsave restore - grestore - } bind def -/BITMAPCOLORc { - /d 8 def - gsave - translate rotate scale /h exch def /w exch def - /lb w d wbytes def - sl lb lt {lb ms} if - /bitmapsave save def - colorsetup - /is im 0 lb getinterval def - ws 0 lb getinterval is copy pop - /cf currentfile def - w h d [w 0 0 h neg 0 h] - {ip} {is} {is} true 3 colorimage - bitmapsave restore - grestore - } bind def -/BITMAPGRAY { - 8 {fakecolorsetup} COMMONBITMAP - } bind def -/BITMAPGRAYc { - 8 {fakecolorsetup} COMMONBITMAPc - } bind def -/ENDBITMAP { - } bind def -end -%%EndProlog -%%BeginSetup -(2.0) FMVERSION -1 1 612 792 0 1 16 FMDOCUMENT -/fillprocs 32 array def -fillprocs 0 { 0.000000 grayness } put -fillprocs 1 { 0.100000 grayness } put -fillprocs 2 { 0.300000 grayness } put -fillprocs 3 { 0.500000 grayness } put -fillprocs 4 { 0.700000 grayness } put -fillprocs 5 { 0.900000 grayness } put -fillprocs 6 { 0.970000 grayness } put -fillprocs 7 { 1.000000 grayness } put -fillprocs 8 {<0f87c3e1f0783c1e> 8 1 setpattern } put -fillprocs 9 {<0f1e3c78f0e1c387> 8 1 setpattern } put -fillprocs 10 { 8 1 setpattern } put -fillprocs 11 { 8 1 setpattern } put -fillprocs 12 {<8142241818244281> 8 1 setpattern } put -fillprocs 13 {<8040201008040201> 8 1 setpattern } put -fillprocs 14 {<03060c183060c081> 8 1 setpattern } put -fillprocs 15 {} put -fillprocs 16 { 1.000000 grayness } put -fillprocs 17 { 0.900000 grayness } put -fillprocs 18 { 0.700000 grayness } put -fillprocs 19 { 0.500000 grayness } put -fillprocs 20 { 0.300000 grayness } put -fillprocs 21 { 0.100000 grayness } put -fillprocs 22 { 0.030000 grayness } put -fillprocs 23 { 0.000000 grayness } put -fillprocs 24 { 8 1 setpattern } put -fillprocs 25 { 8 1 setpattern } put -fillprocs 26 {<3333333333333333> 8 1 setpattern } put -fillprocs 27 {<0000ffff0000ffff> 8 1 setpattern } put -fillprocs 28 {<7ebddbe7e7dbbd7e> 8 1 setpattern } put -fillprocs 29 {<7fbfdfeff7fbfdfe> 8 1 setpattern } put -fillprocs 30 { 8 1 setpattern } put -fillprocs 31 {} put -%%EndSetup -0 12 /Helvetica-Bold FMDEFINEFONT -1 12 /Helvetica-BoldOblique FMDEFINEFONT -%%Page: "-1" 1 -%%BeginPaperSize: Letter -%%EndPaperSize -612 792 0 FMBEGINPAGE -144 144 468 396 R -7 X -0 K -V -0 F -0 X -1.2 (IMPLEMENT) 178.34 388 S -1.2 (A) 258.88 388 S -1.2 (TION NOTES ON ) 267.85 388 S -1 F -1.2 (bdes) 382.61 388 S -0 F -1.2 (\0501\051) 415.4 388 S -1.2 (Matt Bishop) 265.09 338 S -1.2 (T) 197.74 288 S -1.2 (echnical Report PCS-TR91-158) 205.38 288 S -FMENDPAGE -%%EndPage: "-1" 2 -%%Page: "0" 2 -612 792 0 FMBEGINPAGE -72 72 540 720 R -7 X -0 K -V -FMENDPAGE -%%EndPage: "0" 3 -0 12 /Times-Roman FMDEFINEFONT -1 18 /Times-Bold FMDEFINEFONT -2 18 /Times-BoldItalic FMDEFINEFONT -3 12 /Times-Italic FMDEFINEFONT -4 12 /Times-Bold FMDEFINEFONT -5 10 /Times-Roman FMDEFINEFONT -6 12 /Courier FMDEFINEFONT -7 12 /Courier-Oblique FMDEFINEFONT -8 12 /ZapfDingbats FMDEFINEFONT -9 12 /Symbol FMDEFINEFONT -10 12 /Courier-Bold FMDEFINEFONT -%%Page: "1" 3 -612 792 0 FMBEGINPAGE -72 745.99 540 756 R -7 X -0 K -V -72 32.69 540 42.7 R -V -0 F -0 X -(Page 1 of 11) 479.71 34.7 T -72 72 540 720 R -7 X -V -1 F -0 X -(Implementation Notes on ) 179.84 708 T -2 F -(bdes) 378.21 708 T -1 F -(\0501\051) 411.19 708 T -0 F -( ) 432.17 708 T -3 F -(Matt Bishop) 276.51 676 T -0 F -(Department of Mathematics and Computer Science) 182.92 656 T -(Dartmouth College) 259.86 642 T -(Hanover) 257.45 628 T -(, NH 03755) 298.26 628 T -3 F -(ABSTRACT) 277.68 602 T -0 F -0.27 (This note describes the implementation of ) 108 582 P -3 F -0.27 (bdes) 314.13 582 P -0 F -0.27 (, the \336le encryption program being) 336.12 582 P -0.36 (distributed in the 4.4 release of the Berkeley Software Distribution. It implements) 108 568 P -(all modes of the Data Encryption Standard program.) 108 554 T -4 F -(1. Intr) 72 528 T -(oduction) 104.43 528 T -0 F --0.09 (The Data Encryption Standard is a standard endorsed by the federal government. It is con-) 108 504 P --0.56 (siderably stronger than the algorithm used by the ) 72 484 P -5 F --0.47 (UNIX) 305.36 484 P -0 F --0.56 (\252 ) 330.34 484 P -3 F --0.56 (crypt) 344.53 484 P -0 F --0.56 (\0501\051 program, and therefore is a more) 369.18 484 P -0.11 (suitable candidate for protecting information, especially information contained in ) 72 464 P -5 F -0.09 (ASCII) 466.05 464 P -0 F -0.11 ( \336les. The) 492.14 464 P --0.65 (program ) 72 444 P -3 F --0.65 (bdes) 114.99 444 P -0 F --0.65 (\0501\051 implements the DES and all of its modes, including the two authentication modes.) 136.97 444 P --0.59 (Because others may wish to write software compatible with this program, this note presents) 108 420 P --0.04 (the layout of the encrypted \336les produced by ) 72 400 P -3 F --0.04 (bdes) 288.86 400 P -0 F --0.04 ( as well as internal details relevant to the imple-) 310.85 400 P --0.15 (mentation. Whereever possible and appropriate, the description of the ) 72 380 P -3 F --0.15 (des) 408.04 380 P -0 F --0.15 (\0501\051 program given in [4]) 424.03 380 P --0.2 (has been followed; thus, ) 72 360 P -3 F --0.2 (bdes) 190.77 360 P -0 F --0.2 ( is completely compatible with that program. However) 212.75 360 P --0.2 (, ) 473.33 360 P -3 F --0.2 (bdes) 479.12 360 P -0 F --0.2 ( also of-) 501.11 360 P -(fers several extensions to ) 72 340 T -3 F -(des) 195.9 340 T -0 F -( that are not compatible, and these will be explicitly pointed out.) 211.89 340 T --0.14 (In this note, strings typed as shown will be in ) 108 316 P -6 F --0.34 (Courier Roman font) 326.78 316 P -0 F --0.14 (, and strings to be) 455.62 316 P --0.42 (chosen by the user will be in ) 72 296 P -7 F --1 (Courier Oblique font) 209.32 296 P -0 F --0.42 (. The space character \050) 351.24 296 P -5 F --0.35 (ASCII) 457.79 296 P -0 F --0.42 ( <) 483.88 296 P -5 F --0.35 (SP) 493.23 296 P -0 F --0.42 (>, octal) 504.34 296 P --0.43 (40, decimal 32, hex 20\051 will be represented as \322) 72 276 P -8 F --0.47 (z) 296.98 276 P -0 F --0.43 (\323 and the newline character \050) 301.96 276 P -5 F --0.35 (ASCII) 438.03 276 P -0 F --0.43 ( <) 464.13 276 P -5 F --0.35 (NL) 473.46 276 P -0 F --0.43 (>, octal 12,) 486.79 276 P --0.05 (decimal 10, hex a\051 as \322) 72 256 P -9 F --0.05 (\277) 181.65 256 P -0 F --0.05 (\323. Because it is often more convenient to represent arbitrary characters as) 189.54 256 P -1.13 (a sequence of hexadecimal digits, that representation will often be used; these digits will be in) 72 236 P -10 F -(Courier Bold font) 72 216 T -0 F -( with spaces often inserted for readability) 194.33 216 T -(.) 392.07 216 T -4 F -(2. Overview and Use) 72 184 T -3 F --0.39 (Bdes) 108 160 P -0 F --0.39 ( implements the Data Encryption Standard algorithm in software, and enables the user) 131.32 160 P --0.61 (to encrypt data using any of the four modes of operation of the DES \050Electronic Code Book, Cipher) 72 140 P -72 72 540 720 C -72 72 540 117 C -72 72 549 108 R -7 X -0 K -V -5 F -0 X -(This work is based on work funded by grant NAG2-680 from the National -Aeronautics and Space Administration to ) 72 101.33 T -(Dartmouth College.) 72 89.33 T -(UNIX is a Registered T) 72 77.33 T -(rademark of A) 166.58 77.33 T -(T&T Bell Laboratories.) 223.75 77.33 T -72 72 540 720 C -0 0 612 792 C -72 126 225 126 2 L -7 X -0 K -V -0.5 H -2 Z -0 X -N -FMENDPAGE -%%EndPage: "1" 4 -%%Page: "2" 4 -612 792 0 FMBEGINPAGE -72 745.99 540 756 R -7 X -0 K -V -72 32.69 540 42.7 R -V -0 F -0 X -(Page 2 of 11) 479.71 34.7 T -72 72 540 720 R -7 X -V -0 X -0.31 (Block Chaining, ) 72 712 P -3 F -0.31 (k) 154.25 712 P -0 F -0.31 (-bit Cipher Feed Back, and ) 159.58 712 P -3 F -0.31 (k) 293.71 712 P -0 F -0.31 (-bit Output Feed Back\051 as well as the Alternate ) 299.04 712 P -3 F -0.31 (k) 530.68 712 P -0 F -0.31 (-) 536.01 712 P --0.04 (bit Cipher Feed Back mode. Further) 72 692 P --0.04 (, ) 244.52 692 P -3 F --0.04 (bdes) 250.48 692 P -0 F --0.04 ( supports message authentication code generation based) 272.46 692 P -(on both the Cipher Block Chaining mode and the ) 72 672 T -3 F -(k) 310.86 672 T -0 F -(-bit Cipher Feed Back mode.) 316.19 672 T -0.07 (By default, ) 108 648 P -3 F -0.07 (bdes) 164.43 648 P -0 F -0.07 ( encrypts an input \336le using Cipher Block Chaining mode, and is invoked) 186.41 648 P --0.4 (as a \336lter) 72 628 P --0.4 (. The key may be speci\336ed either on the command line or may be typed to the prompt. So,) 114.51 628 P -(if the input \336le ) 72 608 T -7 F -(inputf) 145.96 608 T -(ile) 189.14 608 T -0 F -( contains the message) 210.73 608 T -6 F -(a) 253.9 584 T -8 F -(z) 261.1 584 T -6 F -(test) 266.07 584 T -8 F -(z) 294.86 584 T -6 F -(message) 299.83 584 T -9 F -(\277) 350.21 584 T -0 F -(then the following command encrypts it using the key ) 72 560 T -6 F -(abcdefgh) 333.5 560 T -0 F -(:) 391.07 560 T -6 F -(bdes -k abcdefgh < ) 158.48 536 T -7 F -(inputf) 295.21 536 T -(ile) 338.38 536 T -6 F -( > ) 359.97 536 T -7 F -(outputf) 381.56 536 T -(ile) 431.93 536 T -0 F -(The option ) 72 512 T -4 F -(-k) 127.3 512 T -0 F -( indicates the next ar) 137.96 512 T -(gument is the key) 237.01 512 T -(. Now ) 321.17 512 T -7 F -(outputf) 353.48 512 T -(ile) 403.86 512 T -0 F -( contains) 425.45 512 T -10 F -(16 0e eb af 68 a0 d0 19 f1 a2 9b 31 0d 8a 01 c3) 136.89 488 T -0 F -0.06 (Other modes are speci\336ed using command-line options, as is control of the way the key is) 108 464 P -(interpreted. The next sections contain several examples, and the Appendix has the manual page.) 72 444 T -4 F -(3. Keys and Parity) 72 412 T -0 F -0.58 (The key consists of 64 bits, and may be presented in any of hex, binary) 108 388 P -0.58 (, or as a string of) 456.48 388 P -5 F -0.12 (ASCII) 72 368 P -0 F -0.14 ( characters. If the key is given in hex or binary) 98.1 368 P -0.14 (, it is used as is with no changes. However) 322.21 368 P -0.14 (, if) 526.53 368 P --0.27 (the key is given in ) 72 348 P -5 F --0.23 (ASCII) 161.59 348 P -0 F --0.27 (, a delicate problem arises: by convention, the parity bit is usually set to 0.) 187.69 348 P --0.47 (This high-order bit is generally ignored by applications; but the DES -does not do so. Instead, it dis-) 72 328 P --0.14 (cards the low-order bit, ef) 72 308 P --0.14 (fectively reducing the size of the space of possible keys from 2) 195.44 308 P -5 F --0.12 (56) 495.97 312.8 P -0 F --0.14 ( to 2) 505.97 308 P -5 F --0.12 (48) 527.01 312.8 P -0 F --0.14 (.) 537 308 P --0.46 ( T) 108 284 P --0.46 (o preserve the size of the key space, the value of the parity bit must be related to the value) 117.03 284 P --0.09 (in the low-order bit, so the program sets the high-order bit to make each character in the key be of) 72 264 P --0.7 (odd parity) 72 244 P --0.7 (. \050Note that the initial value of the parity bit is ) 119.49 244 P -3 F --0.7 (not) 334.99 244 P -0 F --0.7 ( used in this computation.\051 For example,) 350.31 244 P -(if the key is ) 72 224 T -6 F -(abcdefgh) 131.29 224 T -0 F -(, the actual key bits used are determined as follows:) 188.86 224 T -5 F -(ASCII) 99 200 T -0 F -( key) 125.1 200 T -6 F -(a) 243 200 T -(b) 279 200 T -(c) 315 200 T -(d) 351 200 T -(e) 387 200 T -(f) 423 200 T -(g) 459 200 T -(h) 495 200 T -5 F -(ASCII) 99 180 T -0 F -( key bits \050hex\051) 125.1 180 T -10 F -(61) 243 180 T -(62) 279 180 T -(63) 315 180 T -(64) 351 180 T -(65) 387 180 T -(66) 423 180 T -(67) 459 180 T -(68) 495 180 T -0 F -(parity) 99 160 T -(odd) 243 160 T -(odd) 279 160 T -(even) 315 160 T -(odd) 351 160 T -(even) 387 160 T -(even) 423 160 T -(odd) 459 160 T -(odd) 495 160 T -(key bits used \050hex\051) 99 140 T -10 F -(61) 243 140 T -(62) 279 140 T -(e3) 315 140 T -(64) 351 140 T -(e5) 387 140 T -(e6) 423 140 T -(67) 459 140 T -(68) 495 140 T -0 F -0.18 (This convention \050as opposed to requiring even parity) 108 120 P -0.18 (, or simply copying the low-order bit) 362 120 P --0.41 (to the high-order bit\051 was chosen to provide compatibility with the encryption program ) 72 100 P -3 F --0.41 (des) 486.77 100 P -0 F --0.41 ( distrib-) 502.76 100 P --0.52 (uted by Sun Microsystems, Inc. [4]. Whether the key is entered on the command line or on the key-) 72 80 P -FMENDPAGE -%%EndPage: "2" 5 -%%Page: "3" 5 -612 792 0 FMBEGINPAGE -72 745.99 540 756 R -7 X -0 K -V -72 32.69 540 42.7 R -V -0 F -0 X -(Page 3 of 11) 479.71 34.7 T -72 72 540 720 R -7 X -V -0 X -1.89 (board, by default it is processed into the same key schedule generated by Sun\325) 72 712 P -1.89 (s ) 471.02 712 P -3 F -1.89 (des) 480.58 712 P -0 F -1.89 (, so \336les) 496.56 712 P -(encrypted on a Sun can be decrypted using ) 72 692 T -3 F -(bdes) 280.51 692 T -0 F -( \050and vice versa\051.) 302.49 692 T --0.3 (If the user does not wish to use the Sun convention, the option \320) 108 668 P -4 F --0.3 (p) 411.9 668 P -0 F --0.3 ( will disable the parity bit) 418.57 668 P --0.62 (changing; with it, the parity bit is that of the character typed. This -is useful when the key is a known) 72 648 P -5 F -(ASCII) 72 628 T -0 F -( string and the \336le was encrypted on a system which does not alter parity bits.) 98.1 628 T --0.24 (A key may be represented as a bit vector) 108 604 P --0.24 (, rather than an ) 300.74 604 P -5 F --0.2 (ASCII) 374.7 604 P -0 F --0.24 ( string, in one of two ways. It) 400.8 604 P -0.19 (may be represented as a string of up to 16 hexadecimal digits; if fewer than 16 are given, the key) 72 584 P -0.16 (is right \336lled with 0 bits. Or) 72 564 P -0.16 (, it may be represented as a string of up to 64 binary digits, and again) 206.11 564 P -0.15 (if fewer than 64 are given, the key is right-\336lled with 0 bits. Bit -vector keys must be given on the) 72 544 P -0.51 (command line, and must begin with the characters ) 72 524 P -6 F -1.24 (0x) 320.28 524 P -0 F -0.51 ( or ) 334.67 524 P -6 F -1.24 (0X) 351.69 524 P -0 F -0.51 ( \050for hexadecimal\051 or ) 366.08 524 P -6 F -1.24 (0b) 472.71 524 P -0 F -0.51 ( or ) 487.1 524 P -6 F -1.24 (0B) 504.12 524 P -0 F -0.51 ( \050for) 518.51 524 P -(binary\051. For example, all of the following strings generate the same key schedule:) 72 504 T -5 F -(ASCII) 72 480 T -0 F -( key) 98.1 480 T -6 F -(abcdefgh) 180 480 T -0 F -(hexadecimal key) 72 460 T -6 F -(0x6162e364e5e66768) 180 460 T -0 F -(binary key) 72 440 T -6 F -(0b0110000101100010111000110110100011100101111000-) 180 440 T -(1100110011101101000) 180 420 T -0 F --0.14 ( Note that giving the key on the command line as ) 108 396 P -6 F --0.34 (0x6162636465666768) 345.27 396 P -0 F --0.14 ( will ) 474.8 396 P -3 F --0.14 (not) 499.17 396 P -0 F --0.14 ( reset) 514.5 396 P -0.25 (the parity bits, because it is interpreted as a sequence of hex digits, not ) 72 376 P -5 F -0.21 (ASCII) 416.58 376 P -0 F -0.25 ( characters. The dif-) 442.68 376 P -0.69 (ference in interpretation is that here the user can specify all bits of the key exactly) 72 356 P -0.69 (, whereas \050on) 474.34 356 P -0.25 (most terminals\051 it is not possible to control how the parity bit of ) 72 336 P -5 F -0.21 (ASCII) 384.76 336 P -0 F -0.25 ( characters is set. On some) 410.85 336 P -0.36 (systems, it is possible to use a \322Meta\323 key to set the parity bit for an ) 72 316 P -5 F -0.3 (ASCII) 407.23 316 P -0 F -0.36 ( character; should this) 433.33 316 P --0.3 (be the case and the user desire ) 72 296 P -3 F --0.3 (bdes) 218.09 296 P -0 F --0.3 ( not to reset the parity bit, the option ) 240.07 296 P -4 F --0.3 (\320p) 415.25 296 P -0 F --0.3 ( will force the parity bit) 427.92 296 P -(to be used as typed.) 72 276 T -4 F -(4. Encryption Output Repr) 72 244 T -(esentation) 211.05 244 T -0 F -0.01 (All modes of the DES output ciphertext in blocks; the size of the block is 64 bits \0508 bytes\051) 108 220 P --0.25 (for ECB and CBC modes, and ) 72 200 P -3 F --0.25 (k) 218.74 200 P -0 F --0.25 ( bits for the ) 224.07 200 P -3 F --0.25 (k) 281.02 200 P -0 F --0.25 (-bit CFB and OFB modes, and there are as many out-) 286.35 200 P --0.5 (put blocks as input blocks. However) 72 180 P --0.5 (, as the length of the input is usually not a multiple of the block) 243.55 180 P --0.35 (size, some padding is necessary; but as padding must be done by appending characters, these char-) 72 160 P -0.29 (acters must be distinguished from the input characters somehow) 72 140 P -0.29 (. The mechanism used is that the) 381.35 140 P -0.31 (last character of the \050decrypted\051 last block is the -\050integer\051 number of characters from the input in) 72 120 P -(the last block.) 72 100 T -FMENDPAGE -%%EndPage: "3" 6 -%%Page: "4" 6 -612 792 0 FMBEGINPAGE -72 745.99 540 756 R -7 X -0 K -V -72 32.69 540 42.7 R -V -0 F -0 X -(Page 4 of 11) 479.71 34.7 T -72 72 540 720 R -7 X -V -0 X --0.59 (For example, suppose ) 108 712 P -7 F --1.41 (inputf) 214.16 712 P --1.41 (ile) 257.34 712 P -0 F --0.59 ( contains \322) 278.93 712 P -6 F --1.41 (This) 329.04 712 P -8 F --0.65 (z) 357.83 712 P -6 F --1.41 (is) 362.8 712 P -8 F --0.65 (z) 377.2 712 P -6 F --1.41 (a) 382.17 712 P -8 F --0.65 (z) 389.37 712 P -6 F --1.41 (test) 394.35 712 P -9 F --0.59 (\277) 423.13 712 P -0 F --0.59 (\323, and it is encrypted in) 431.02 712 P -(CBC mode using the key \322) 72 692 T -6 F -(abcdef#@) 200.93 692 T -0 F -(\323 and the initialization vector ) 258.5 692 T -6 F -(0x0) 401.4 692 T -0 F -(; the command is) 422.99 692 T -6 F -(bdes -k abcdef#@ < ) 158.48 668 T -7 F -(inputf) 295.21 668 T -(ile) 338.38 668 T -6 F -( > ) 359.97 668 T -7 F -(outputf) 381.56 668 T -(ile) 431.93 668 T -0 F -(as CBC is the default encryption mode and ) 72 644 T -6 F -(0x0) 281.2 644 T -0 F -( the default initialization vector:) 302.79 644 T -(text) 72 620 T -6 F -(T) 117 620 T -(h) 144 620 T -(i) 171 620 T -(s) 198 620 T -8 F -(z) 225 620 T -6 F -(i) 252 620 T -(s) 279 620 T -8 F -(z) 306 620 T -6 F -(a) 333 620 T -8 F -(z) 360 620 T -6 F -(t) 387 620 T -(e) 414 620 T -(s) 441 620 T -(t) 468 620 T -9 F -(\277) 495 620 T -0 F -(hex) 72 600 T -10 F -(54) 117 600 T -(68) 144 600 T -(69) 171 600 T -(73) 198 600 T -(20) 225 600 T -(69) 252 600 T -(73) 279 600 T -(20) 306 600 T -(61) 333 600 T -(20) 360 600 T -(74) 387 600 T -(65) 414 600 T -(73) 441 600 T -(74) 468 600 T -(0a) 495 600 T -0 F -(input) 72 580 T -10 F -(54) 117 580 T -(68) 144 580 T -(69) 171 580 T -(73) 198 580 T -(20) 225 580 T -(69) 252 580 T -(73) 279 580 T -(20) 306 580 T -(61) 333 580 T -(20) 360 580 T -(74) 387 580 T -(65) 414 580 T -(73) 441 580 T -(74) 468 580 T -(0a) 495 580 T -(07) 522 580 T -0 F -(output) 72 560 T -10 F -(a5) 117 560 T -(5f) 144 560 T -(81) 171 560 T -(53) 198 560 T -(51) 225 560 T -(98) 252 560 T -(47) 279 560 T -(02) 306 560 T -(db) 333 560 T -(5a) 360 560 T -(c5) 387 560 T -(fe) 414 560 T -(50) 441 560 T -(3d) 468 560 T -(40) 495 560 T -(ce) 522 560 T -0 F -0.04 (Notice that the text is 15 characters long, so there are 7 bytes following the last full block.) 108 540 P -3 F -0.22 (Bdes) 72 520 P -0 F -0.22 ( pads this to a full block by appending one byte containing the ) 95.32 520 P -5 F -0.19 (ASCII) 399.67 520 P -0 F -0.22 ( character with numeric) 425.77 520 P -(value 7 \050the ) 72 500 T -5 F -(ASCII) 131.62 500 T -0 F -( character <) 157.71 500 T -5 F -(BEL) 214.42 500 T -0 F -(>\051. The result is then encrypted.) 233.3 500 T -0.44 (As another example, suppose ) 108 476 P -7 F -1.07 (inputf) 253.34 476 P -1.07 (ile) 296.52 476 P -0 F -0.44 ( contains \322) 318.11 476 P -6 F -1.07 (test) 370.29 476 P -0 F -0.44 (\323, and it is encrypted in ECB) 399.08 476 P -(mode using the key \322) 72 456 T -6 F -(abcdef#@) 173.93 456 T -0 F -(\323; the command is) 231.5 456 T -6 F -(bdes -b \320k abcdef#@ < ) 147.69 432 T -7 F -(inputf) 306 432 T -(ile) 349.18 432 T -6 F -( > ) 370.76 432 T -7 F -(outputf) 392.35 432 T -(ile) 442.73 432 T -0 F -(because the option ) 72 408 T -4 F -(\320b) 164.26 408 T -0 F -( signi\336es ECB mode:) 176.93 408 T -(text) 72 384 T -6 F -(t) 144 384 T -(e) 171 384 T -(s) 198 384 T -(t) 225 384 T -0 F -(hex) 72 364 T -10 F -(74) 144 364 T -(65) 171 364 T -(73) 198 364 T -(74) 225 364 T -0 F -(input) 72 344 T -10 F -(74) 144 344 T -(65) 171 344 T -(73) 198 344 T -(74) 225 344 T -(00) 252 344 T -(00) 279 344 T -(00) 306 344 T -(04) 333 344 T -0 F -(output) 72 324 T -10 F -(0d) 144 324 T -(8a) 171 324 T -(6e) 198 324 T -(57) 225 324 T -(9c) 252 324 T -(8f) 279 324 T -(27) 306 324 T -(5d) 333 324 T -0 F --0.31 (Finally) 108 304 P --0.31 (, if the length of the message is indeed a multiple of the block size, an extra block of) 141.21 304 P -0.83 (all 0 bits is added. Suppose ) 72 284 P -7 F -1.99 (inputf) 210.57 284 P -1.99 (ile) 253.74 284 P -0 F -0.83 ( contains \322) 275.33 284 P -6 F -1.99 (test) 328.28 284 P -9 F -0.83 (\277) 357.07 284 P -0 F -0.83 (\323, and it is encrypted in 40-bit CFB) 364.96 284 P -1.51 (mode using the key \322) 72 264 P -6 F -3.62 (abcdef#@) 179.96 264 P -0 F -1.51 (\323 and the initialization vector ) 237.53 264 P -6 F -3.62 (0x0123456789abcdef) 387.97 264 P -0 F -1.51 (; the) 517.5 264 P -(command is) 72 244 T -6 F --0.99 (bdes -f40 -v0x0123456789abcdef -kabcdef#@ < ) 72 220 P -7 F --0.99 (inputf) 383.67 220 P --0.99 (ile) 426.85 220 P -6 F --0.99 ( > ) 448.43 220 P -7 F --0.99 (outputf) 468.04 220 P --0.99 (ile) 518.41 220 P -0 F -0.16 (because the option ) 72 196 P -4 F -0.16 (\320f40 ) 164.75 196 P -0 F -0.16 (signi\336es 40-bit CFB mode, and ) 189.89 196 P -4 F -0.16 (-v0x01234566789abcdef) 343.96 196 P -0 F -0.16 ( sets the initial-) 465.89 196 P -(ization vector \050note that spaces between the option and its ar) 72 176 T -(gument are optional\051:) 361.57 176 T -(text) 72 152 T -6 F -(t) 144 152 T -(e) 171 152 T -(s) 198 152 T -(t) 225 152 T -9 F -(\277) 252 152 T -0 F -(hex) 72 132 T -10 F -(74) 144 132 T -(65) 171 132 T -(73) 198 132 T -(74) 225 132 T -(0a) 252 132 T -0 F -(input) 72 112 T -10 F -(74) 144 112 T -(65) 171 112 T -(73) 198 112 T -(74) 225 112 T -(0a) 252 112 T -(00) 279 112 T -(00) 306 112 T -(00) 333 112 T -(00) 360 112 T -(00) 387 112 T -0 F -(output) 72 92 T -10 F -(e2) 144 92 T -(c2) 171 92 T -(69) 198 92 T -(a4) 225 92 T -(5b) 252 92 T -(3c) 279 92 T -(3d) 306 92 T -(b3) 333 92 T -(f5) 360 92 T -(3c) 387 92 T -FMENDPAGE -%%EndPage: "4" 7 -1 12 /Times-BoldItalic FMDEFINEFONT -2 14 /Symbol FMDEFINEFONT -%%Page: "5" 7 -612 792 0 FMBEGINPAGE -72 745.99 540 756 R -7 X -0 K -V -72 32.69 540 42.7 R -V -0 F -0 X -(Page 5 of 11) 479.71 34.7 T -72 72 540 720 R -7 X -V -0 X -(Note here the block size is 40 bits \0505 bytes\051, not 64 bits \0508 bytes\051.) 108 712 T --0.4 (This technique allows complete compatibility with Sun\325) 108 688 P --0.4 (s ) 374.11 688 P -3 F --0.4 (des) 381.37 688 P -0 F --0.4 ( program. In Sun\325) 397.36 688 P --0.4 (s implemen-) 480.77 688 P -0.02 (tation, padding is done with random bytes rather than bytes containing all zero bits. Cryptograph-) 72 668 P -0.85 (ically) 72 648 P -0.85 (, this makes no dif) 97.87 648 P -0.85 (ference, as the DES is a suf) 189.32 648 P -0.85 (\336ciently good random cipher to obscure the) 325.74 648 P -(input \050see for example [2], Chapter 6\051, and known plaintext attacks are very dif) 72 628 T -(\336cult [1].) 451.82 628 T -4 F -(5. Differ) 72 596 T -(ences Between the Standard CFB and OFB Modes and ) 114.41 596 T -1 F -(bdes) 397.26 596 T -0 F --0.11 (The UNIX operating system treats all \336les as streams of 8-bit bytes. In order to implement) 108 572 P --0.08 (the CFB and OFB modes properly) 72 552 P --0.08 (, it would be necessary to read ) 235.74 552 P -3 F --0.08 (k) 383.74 552 P -0 F --0.08 ( bits from the \336le, where ) 389.07 552 P -3 F --0.08 (k) 509.51 552 P -0 F --0.08 ( is an) 514.84 552 P -0.98 (integer between 1 and 64 inclusive. However) 72 532 P -0.98 (, this would require considerable buf) 294.22 532 P -0.98 (fering and be) 474.77 532 P -0.23 (quite inef) 72 512 P -0.23 (\336cient and prohibitively slow) 117.65 512 P -0.23 (. For these reasons, the current implementation of ) 258.48 512 P -3 F -0.23 (bdes) 501.48 512 P -0 F -0.23 ( re-) 523.46 512 P -0.47 (quires that ) 72 492 P -3 F -0.47 (k) 126.23 492 P -0 F -0.47 ( be a multiple of 8, so that an integral number of bytes will always be read from the) 131.56 492 P -(\336le. Other than this change, this mode is implemented as described in [3].) 72 472 T --0.58 (A similar observation holds for the alternate CFB mode described in [3]. Here, only the low) 108 448 P -0.23 (7 bits of each byte are signi\336cant, and hence the parameter ) 72 428 P -3 F -0.23 (k) 358.95 428 P -0 F -0.23 ( is an integer from 1 to 56 inclusive;) 364.28 428 P -(bdes requires k to be a multiple of 7. The high-order bit is retained for encryption and decryption,) 72 408 T -(but output \050whether from encryption or decryption\051 always has the high-order bit set to zero.) 72 388 T -4 F -(6. Message Authentication Code Modes) 72 356 T -0 F -0.57 (The Data Encryption Standard provides two modes of authentication, each providing be-) 108 332 P -1.27 (tween 1 and 64 bits of authentication data. In both cases an ) 72 312 P -3 F -1.27 (n) 373.32 312 P -0 F -1.27 (-bit message authentication code) 379.32 312 P -0.62 (\050MAC\051 is generated, where 1) 72 292 P -2 F -0.73 ( ) 214.71 292 P -9 F -0.62 (\243) 218.94 292 P -0 F -0.62 ( ) 225.52 292 P -3 F -0.62 (n) 229.15 292 P -0 F -0.62 ( ) 235.14 292 P -9 F -0.62 (\243) 238.76 292 P -0 F -0.62 ( 64. The \336rst is based on the CBC encryption mode, and the) 245.35 292 P -(second on CFB mode. Both work the same.) 72 272 T -0.13 (First, the \336le is padded to a multiple of the block size by appending enough zero bits. It is) 108 248 P --0.16 (then encrypted using the standard CBC \050or CFB\051 algorithm, but -all encrypted text is discarded ex-) 72 228 P --0.44 (cept for the last block. The ) 72 208 P -3 F --0.44 (n) 200.9 208 P -0 F --0.44 ( leading bits of the last block are used as the MAC. Note that the block) 206.9 208 P -(size constrains the number of bits available as the MAC.) 72 188 T -0.71 (The implementation allows the user to specify that the MAC is to be computed in either) 108 164 P --0.01 (CBC or CFB mode, and the user can specify any number of bits from 1 to 64 inclusive. However) 72 144 P --0.01 (,) 537 144 P --0.11 (because the UNIX operating system can only output bits in multiples of 8, if the number of bits of) 72 124 P --0.08 (MAC is not a multiple of 8, the MAC will be right-padded with the minimum number of zero bits) 72 104 P --0.31 (necessary to make the MAC length be a multiple of 8. However) 72 84 P --0.31 (, note that as the standard \050[3], Ap-) 374.6 84 P -FMENDPAGE -%%EndPage: "5" 8 -%%Page: "6" 8 -612 792 0 FMBEGINPAGE -72 745.99 540 756 R -7 X -0 K -V -72 32.69 540 42.7 R -V -0 F -0 X -(Page 6 of 11) 479.71 34.7 T -72 72 540 720 R -7 X -V -0 X --0.14 (pendix F\051 requires an incomplete \336nal block be right-padded with -zeroes, the technique of forcing) 72 712 P -(the last octet to contain the number of bytes in the message is ) 72 692 T -3 F -(not) 369.47 692 T -0 F -( used here.) 384.8 692 T --0.39 (For example, suppose ) 108 668 P -7 F --0.94 (inputf) 214.76 668 P --0.94 (ile) 257.93 668 P -0 F --0.39 ( contains \322) 279.52 668 P -6 F --0.94 (This) 330.04 668 P -8 F --0.43 (z) 358.82 668 P -6 F --0.94 (is) 363.8 668 P -8 F --0.43 (z) 378.19 668 P -6 F --0.94 (a) 383.17 668 P -8 F --0.43 (z) 390.36 668 P -6 F --0.94 (test) 395.34 668 P -9 F --0.39 (\277) 424.13 668 P -0 F --0.39 (\323, and a 64-bit MAC is) 432.02 668 P --0.73 (to be generated using CBC mode, the key \322) 72 648 P -6 F --1.74 (abcdef#@) 274.39 648 P -0 F --0.73 (\323 and the initialization vector ) 331.96 648 P -6 F --1.74 (0x0) 471.23 648 P -0 F --0.73 (; the com-) 492.82 648 P -(mand is) 72 628 T -6 F -(bdes -m 64 -k abcdef#@ < ) 136.89 604 T -7 F -(inputf) 316.79 604 T -(ile) 359.97 604 T -6 F -( > ) 381.56 604 T -7 F -(outputf) 403.15 604 T -(ile) 453.52 604 T -0 F -(as CBC is the default encryption mode and ) 72 580 T -6 F -(0x0) 281.2 580 T -0 F -( the default initialization vector:) 302.79 580 T -(text) 72 556 T -6 F -(T) 117 556 T -(h) 144 556 T -(i) 171 556 T -(s) 198 556 T -8 F -(z) 225 556 T -6 F -(i) 252 556 T -(s) 279 556 T -8 F -(z) 306 556 T -6 F -(a) 333 556 T -8 F -(z) 360 556 T -6 F -(t) 387 556 T -(e) 414 556 T -(s) 441 556 T -(t) 468 556 T -9 F -(\277) 495 556 T -0 F -(hex) 72 536 T -10 F -(54) 117 536 T -(68) 144 536 T -(69) 171 536 T -(73) 198 536 T -(20) 225 536 T -(69) 252 536 T -(73) 279 536 T -(20) 306 536 T -(61) 333 536 T -(20) 360 536 T -(74) 387 536 T -(65) 414 536 T -(73) 441 536 T -(74) 468 536 T -(0a) 495 536 T -0 F -(input) 72 516 T -10 F -(54) 117 516 T -(68) 144 516 T -(69) 171 516 T -(73) 198 516 T -(20) 225 516 T -(69) 252 516 T -(73) 279 516 T -(20) 306 516 T -(61) 333 516 T -(20) 360 516 T -(74) 387 516 T -(65) 414 516 T -(73) 441 516 T -(74) 468 516 T -(0a) 495 516 T -(00) 522 516 T -0 F -(output) 72 496 T -10 F -(43) 117 496 T -(18) 144 496 T -(de) 171 496 T -(74) 198 496 T -(24) 225 496 T -(a9) 252 496 T -(65) 279 496 T -(d1) 306 496 T -0 F -0.04 (Notice that the text is 15 characters long, so there are 7 bytes following the last full block.) 108 476 P -3 F -(Bdes) 72 456 T -0 F -( pads this to a full block by appending a zero-\336lled byte. The result is then encrypted and the) 95.32 456 T -(last block of output is used as the MAC.) 72 436 T -0.06 (As another example, suppose we used the same text, and wanted a 36-bit MAC to be gen-) 108 412 P -6.91 (erated using 40-bit CFB mode, the key \322) 72 392 P -6 F -16.58 (abcdef#@) 314.9 392 P -0 F -6.91 (\323 and the initialization vector) 372.47 392 P -6 F -(0x0123456789abcdef) 72 372 T -0 F -(; the command is) 201.53 372 T -6 F -(bdes -m 36 -f 40 -v 0x0123456789abcdef < ) 79.32 348 T -7 F -(inputf) 374.36 348 T -(ile) 417.54 348 T -6 F -( > ) 439.13 348 T -7 F -(outputf) 460.71 348 T -(ile) 511.09 348 T -0 F --0.19 (where ) 72 324 P -4 F --0.19 (\320m 36) 104.11 324 P -0 F --0.19 ( is the option to generate a 36-bit MAC, ) 134.91 324 P -4 F --0.19 (\320f 40) 327.79 324 P -0 F --0.19 ( indicates 40-bit CFB is to be used, and) 352.58 324 P -4 F --0.31 (\320v 0x123456789abcdef) 72 304 P -0 F --0.31 ( sets the initialization vector) 186.62 304 P --0.31 (. Note that, as the key is not given on the com-) 319.95 304 P -(mand line, the user will be prompted for it. It gives:) 72 284 T -(text) 72 260 T -6 F -(T) 117 260 T -(h) 144 260 T -(i) 171 260 T -(s) 198 260 T -8 F -(z) 225 260 T -6 F -(i) 252 260 T -(s) 279 260 T -8 F -(z) 306 260 T -6 F -(a) 333 260 T -8 F -(z) 360 260 T -6 F -(t) 387 260 T -(e) 414 260 T -(s) 441 260 T -(t) 468 260 T -9 F -(\277) 495 260 T -0 F -(hex) 72 240 T -10 F -(54) 117 240 T -(68) 144 240 T -(69) 171 240 T -(73) 198 240 T -(20) 225 240 T -(69) 252 240 T -(73) 279 240 T -(20) 306 240 T -(61) 333 240 T -(20) 360 240 T -(74) 387 240 T -(65) 414 240 T -(73) 441 240 T -(74) 468 240 T -(0a) 495 240 T -0 F -(input) 72 220 T -10 F -(54) 117 220 T -(68) 144 220 T -(69) 171 220 T -(73) 198 220 T -(20) 225 220 T -(69) 252 220 T -(73) 279 220 T -(20) 306 220 T -(61) 333 220 T -(20) 360 220 T -(74) 387 220 T -(65) 414 220 T -(73) 441 220 T -(74) 468 220 T -(0a) 495 220 T -0 F -(output) 72 200 T -10 F -(2b) 117 200 T -(18) 144 200 T -(68) 171 200 T -(2d) 198 200 T -(60) 225 200 T -0 F -0.19 (Note that the MAC is padded on the right by four zero bits to produce \336ve characters that) 108 180 P -(can be output.) 72 160 T -4 F -(7. Differ) 72 128 T -(ences Between ) 114.41 128 T -1 F -(bdes) 191.01 128 T -4 F -( and Sun\325) 212.99 128 T -(s DES Implementation) 261.88 128 T -0 F -0.02 (The program ) 108 104 P -3 F -0.02 (bdes) 173.33 104 P -0 F -0.02 ( is designed to be completely compatible with Sun Microsystems, Inc.\325) 195.31 104 P -0.02 (s) 535.33 104 P -0.57 (implementation of the Data Encryption Standard, called ) 72 84 P -3 F -0.57 (des) 347.14 84 P -0 F -0.57 ( and described in [4]. Thus, \336les en-) 363.13 84 P -FMENDPAGE -%%EndPage: "6" 9 -%%Page: "7" 9 -612 792 0 FMBEGINPAGE -72 745.99 540 756 R -7 X -0 K -V -72 32.69 540 42.7 R -V -0 F -0 X -(Page 7 of 11) 479.71 34.7 T -72 72 540 720 R -7 X -V -0 X -0.44 (crypted using ) 72 712 P -3 F -0.44 (des) 140.84 712 P -0 F -0.44 ( can be decrypted using ) 156.83 712 P -3 F -0.44 (bdes) 275.29 712 P -0 F -0.44 (, and vice versa, provided modes common to both) 297.27 712 P --0.34 (are used. However) 72 692 P --0.34 (, ) 160.41 692 P -3 F --0.34 (bdes) 166.06 692 P -0 F --0.34 ( does not allow \336les to be named on the command line, nor does it support) 188.05 692 P --0.68 (hardware devices \050and so the ) 72 672 P -4 F --0.68 (-s) 210.83 672 P -0 F --0.68 ( and ) 219.49 672 P -4 F --0.68 (-f) 241.45 672 P -0 F --0.68 ( options of Sun\325) 249.44 672 P --0.68 (s ) 323.71 672 P -3 F --0.68 (des) 330.7 672 P -0 F --0.68 ( are not available\051. Further) 346.69 672 P --0.68 (, as encryption) 471.07 672 P --0.05 (is the default, the Sun ) 72 652 P -3 F --0.05 (des) 179.01 652 P -0 F --0.05 ( ) 195 652 P -4 F --0.05 (-e) 197.95 652 P -0 F --0.05 ( option is not recognized. As the manual page to ) 207.27 652 P -3 F --0.05 (bdes) 441.6 652 P -0 F --0.05 ( is in the appen-) 463.59 652 P -(dix, these dif) 72 632 T -(ferences will not be elaborated upon further) 134.08 632 T -(.) 343.24 632 T -0.44 (Sun\325) 108 608 P -0.44 (s ) 130 608 P -3 F -0.44 (des) 138.1 608 P -0 F -0.44 ( supports the use of special-purpose hardware to encrypt and decrypt. Although) 154.09 608 P -3 F -1.33 (bdes) 72 588 P -0 F -1.33 ( does not directly support the use of such hardware, it uses the library routine ) 93.98 588 P -3 F -1.33 (encrypt) 487.05 588 P -0 F -1.33 (\0503\051,) 523.02 588 P --0.09 (which may) 72 568 P --0.09 (. Hardware support was not included directly to support as lar) 124.1 568 P --0.09 (ge a number of platforms) 419.11 568 P -(as possible with installers needing to know as little about the hardware as possible.) 72 548 T --0.08 (Sun\325) 108 524 P --0.08 (s ) 130 524 P -3 F --0.08 (des) 137.58 524 P -0 F --0.08 ( supports only the CBC and ECB encryption modes; ) 153.57 524 P -3 F --0.08 (bdes) 407.07 524 P -0 F --0.08 ( supports all modes de-) 429.05 524 P -0.26 (scribed in [3] \050although CFB and OFB are not completely supported\051 as well as both CBC-based) 72 504 P -(and CFB-based MACs.) 72 484 T -0.15 (Although input with length not a multiple of the block size is handled in the same way by) 108 460 P --0.47 (both ) 72 440 P -3 F --0.47 (des) 95.85 440 P -0 F --0.47 ( and ) 111.84 440 P -3 F --0.47 (bdes) 134.21 440 P -0 F --0.47 (, dif) 156.19 440 P --0.47 (ferent values of the padding bytes are used in all but the last byte of the input.) 174.82 440 P -(Where ) 72 420 T -3 F -(bdes) 106.96 420 T -0 F -( puts zero bytes, ) 128.94 420 T -3 F -(des) 209.89 420 T -0 F -( puts bytes containing random values. The reason for Sun\325) 225.87 420 T -(s doing) 505.02 420 T -0.47 (so is to prevent a known plaintext attack on the \336le should an -attacker determine that the input\325) 72 400 P -0.47 (s) 535.33 400 P --0.29 (length were a multiple of the block size. W) 72 380 P --0.29 (ith ) 276.05 380 P -3 F --0.29 (bdes) 291.43 380 P -0 F --0.29 (, the plaintext contents of the last block of input) 313.41 380 P -0.31 (for such a \336le is known \050a block with all bits zero\051. W) 72 360 P -0.31 (ith ) 333.99 360 P -3 F -0.31 (des) 349.96 360 P -0 F -0.31 (, the plaintext contents of that block) 365.95 360 P -0.73 (are not known. Cryptanalytically) 72 340 P -0.73 (, given the information about the strength of the DES currently) 231.29 340 P -0.2 (known, it is widely believed that known plaintext attacks are infeasible -\050see for example [1]\051 and) 72 320 P -1.86 (so initializing and invoking the pseudorandom number generator seems unnecessary) 72 300 P -1.86 (. But this) 492.63 300 P -(means that ciphertexts produced from a plaintext by ) 72 280 T -3 F -(bdes) 324.48 280 T -0 F -( and ) 346.47 280 T -3 F -(des) 369.78 280 T -0 F -( will dif) 385.77 280 T -(fer in the last block.) 423.54 280 T -4 F -(Refer) 72 248 T -(ences) 100.41 248 T -0 F -([1]) 72 224 T -0.37 (D. Denning, \322The Data Encryption Standard: Fifteen Y) 108 224 P -0.37 (ears of Public Scrutiny) 374.87 224 P -0.37 (,\323 ) 484.8 224 P -3 F -0.37 (Pr) 496.49 224 P -0.37 (oceed-) 508.04 224 P --0.47 (ings of the Sixth Annual Computer Security Applications Confer) 108 204 P --0.47 (ence) 411.65 204 P -0 F --0.47 ( pp. x\320xv \050Dec. 1990\051.) 433.62 204 P -([2]) 72 180 T -(A. Konheim, ) 108 180 T -3 F -(Cryptography: A Primer) 173.29 180 T -0 F -(, John W) 291.4 180 T -(iley and Sons, Inc., New Y) 333.9 180 T -(ork, NY \0501981\051.) 461.94 180 T -([3]) 72 156 T -3 F -0.63 (DES Modes of Operation) 108 156 P -0 F -0.63 (, Federal Information Processing Standards Publication 81, Na-) 231.47 156 P --0.07 (tional Bureau of Standards, U.S. Department of Commerce, W) 108 136 P --0.07 (ashington, DC \050Dec. 1980\051.) 407.62 136 P -([4]) 72 112 T -3 F -(UNIX User) 108 112 T -(\325) 162.74 112 T -(s Manual) 165.18 112 T -0 F -(, Sun Microsystems Inc., Mountain V) 210.16 112 T -(iew) 390 112 T -(, CA \050Mar) 406.54 112 T -(. 1988\051.) 455.51 112 T -4 F -(Appendix. The UNIX System Manual Page for ) 72 80 T -1 F -(bdes) 313.2 80 T -FMENDPAGE -%%EndPage: "7" 10 -1 11 /Times-Bold FMDEFINEFONT -%%Page: "8" 10 -612 792 0 FMBEGINPAGE -72 745.99 540 756 R -7 X -0 K -V -72 32.69 540 42.7 R -V -0 F -0 X -(Page 8 of 11) 479.71 34.7 T -72 72 540 720 R -7 X -V -1 F -0 X -(NAME) 72 712.67 T -0 F -(bdes - encrypt/decrypt using the Data Encryption Standard) 108 689 T -1 F -(SYNOPSIS) 72 663.67 T -4 F -(bdes) 108 640 T -0 F -( [) 131.33 640 T -3 F -( ) 138.32 640 T -4 F -(-abdp) 141.32 640 T -0 F -( ] [ ) 171.31 640 T -4 F -(-F) 188.3 640 T -0 F -( ) 199.62 640 T -3 F -(b) 202.62 640 T -0 F -( ] [ ) 208.61 640 T -4 F -(-f) 225.6 640 T -0 F -( ) 233.58 640 T -3 F -(b) 236.58 640 T -0 F -( ] [ ) 242.58 640 T -4 F -(-k) 259.56 640 T -0 F -( ) 270.22 640 T -3 F -(key) 273.22 640 T -0 F -( ] [ ) 289.2 640 T -4 F -(-m) 306.18 640 T -0 F -( ) 320.16 640 T -3 F -(b) 323.16 640 T -0 F -( ] [ ) 329.16 640 T -4 F -(-o) 346.14 640 T -0 F -( ) 356.13 640 T -3 F -(b) 359.13 640 T -0 F -( ] [ ) 365.13 640 T -4 F -(-v) 382.11 640 T -0 F -( ) 392.1 640 T -3 F -(vector) 395.1 640 T -0 F -( ]) 425.07 640 T -1 F -(DESCRIPTION) 72 614.67 T -3 F --0.69 (Bdes) 108 591 P -0 F --0.69 ( reads from the standard input and writes on the standard output. It implements all DES) 131.32 591 P --0.09 (modes of operation described in FIPS PUB 81 including alternative cipher feedback mode) 108 577 P -0.74 (and both authentication modes. All modes but the electronic code book mode require an) 108 563 P --0.14 (initialization vector; if none is supplied, the zero vector is used. T) 108 549 P --0.14 (o protect the key and ini-) 420.44 549 P -0.29 (tialization vector from being read by) 108 535 P -3 F -0.29 ( ps) 284.98 535 P -0 F -0.29 (\0501\051, ) 298.94 535 P -3 F -0.29 (bdes ) 319.21 535 P -0 F -0.29 (hides its ar) 344.48 535 P -0.29 (guments on entry) 396.81 535 P -0.29 (. If no ) 479.89 535 P -3 F -0.29 (key ) 512.74 535 P -0 F -0.29 (is) 532 535 P --0.61 (given, one is requested from the controlling terminal if that can be opened, or from the stan-) 108 521 P -(dard input if not.) 108 507 T --0.17 (The key and initialization vector are taken as sequences of ) 108 489 P -5 F --0.14 (ASCII) 389.38 489 P -0 F --0.17 ( characters which are then) 415.48 489 P --0.35 (mapped into their bit representations. If either begins with -\3240x\325 or \3240X\325, that one is taken as) 108 475 P -1.02 (a sequence of hexadecimal digits indicating the bit pattern; if either begins with \3240b\325 or) 108 461 P --0.73 (\3240B\325, that one is taken as a sequence of binary digits -indicating the bit pattern. In either case,) 108 447 P --0.37 (only the leading 64 bits of the key or initialization vector are used, and if fewer than 64 bits) 108 433 P -0.35 (are provided, enough 0 bits are appended to pad the key to 64 bits. Note that if the key is) 108 419 P -0.03 (not entered on the command line, it is interpreted in the same way) 108 405 P -0.03 (, because with 4.4 BSD,) 424.31 405 P --0.36 (the password reading function ) 108 391 P -3 F --0.36 (getpass) 254.45 391 P -0 F --0.36 (\0503\051 allows enough characters for either hex or binary) 290.43 391 P -(keys to be entered.) 108 377 T -0.04 (According to the DES standard, the low-order bit of each character in the key string is de-) 108 359 P --0.18 (leted. Since most ) 108 345 P -5 F --0.15 (ASCII) 192.75 345 P -0 F --0.18 ( representations set the high-order bit to 0, simply deleting the low-) 218.84 345 P --0.29 (order bit ef) 108 331 P --0.29 (fectively reduces the size of the key space from 2) 160.49 331 P -5 F --0.24 (56) 394.67 335.8 P -0 F --0.29 ( to 2) 404.67 331 P -5 F --0.24 (48) 425.41 335.8 P -0 F --0.29 ( keys. T) 435.4 331 P --0.29 (o prevent this,) 472.29 331 P --0.46 (the high-order bit must be a function depending in part upon the low-order bit; so, the high-) 108 317 P -0.11 (order bit is set to whatever value gives odd parity) 108 303 P -0.11 (. This preserves the key space size. Note) 345.05 303 P -(this resetting of the parity bit is ) 108 289 T -3 F -(not) 260.92 289 T -0 F -( done if the key is given in binary or hex.) 276.24 289 T --0.38 (By default, the standard input is encrypted using cipher block chaining mode and is written) 108 271 P -0.18 (to the standard output. Using the same key for encryption and decryption preserves plain-) 108 257 P -(text, so) 108 243 T -( bdes ) 225.81 225 T -3 F -(key) 253.79 225 T -0 F -( < plaintext | bdes \320i ) 269.77 225 T -3 F -(key) 370.21 225 T -0 F -( ) 386.19 225 T -(is a very expensive equivalent of ) 108 201 T -3 F -(cat) 268.54 201 T -0 F -(\0501\051.) 283.2 201 T -(Options are:) 108 183 T -( ) 108 165 T -4 F -(\320a) 111 165 T -0 F --0.75 (The key and initialization vector strings are to be taken as ) 144 165 P -5 F --0.62 (ASCII) 415.89 165 P -0 F --0.75 ( suppressing the spe-) 441.98 165 P -0.3 (cial interpretation given to leading \3240x\325, \3240X\325, \3240b\325, -and \3240B\325 characters. Note this) 144 151 P -(\337ag applies to ) 144 137 T -3 F -(both) 214.29 137 T -0 F -( the key and initialization vector) 235.62 137 T -(.) 389.85 137 T -4 F -(\320b) 108 119 T -0 F -(Use electronic code book mode.) 144 119 T -4 F -(\320d) 108 101 T -0 F -(Decrypt the input.) 144 101 T -FMENDPAGE -%%EndPage: "8" 11 -%%Page: "9" 11 -612 792 0 FMBEGINPAGE -72 745.99 540 756 R -7 X -0 K -V -72 32.69 540 42.7 R -V -0 F -0 X -(Page 9 of 11) 479.71 34.7 T -72 72 540 720 R -7 X -V -4 F -0 X -(\320f) 108 712 T -0 F -( ) 117.99 712 T -3 F -(b) 120.99 712 T -0 F --0.29 (Use ) 144 712 P -3 F --0.29 (b) 165.36 712 P -0 F --0.29 (-bit cipher feedback mode. Currently ) 171.35 712 P -3 F --0.29 (b) 350.42 712 P -0 F --0.29 ( must be a multiple of 8 between 8 and) 356.42 712 P -(64 inclusive \050this does not conform to the standard CFB mode speci\336cation\051.) 144 698 T -4 F -(\320F) 108 680 T -0 F -( ) 121.32 680 T -3 F -(b) 124.32 680 T -0 F --0.29 (Use ) 144 680 P -3 F --0.29 (b) 165.36 680 P -0 F --0.29 (-bit alternative cipher feedback mode. Currently ) 171.36 680 P -3 F --0.29 (b) 403.77 680 P -0 F --0.29 ( must be a multiple of 7 be-) 409.77 680 P --0.12 (tween 7 and 56 inclusive \050this does not conform to the alternative CFB mode spec-) 144 666 P -(i\336cation\051.) 144 652 T -4 F -(\320k) 108 634 T -0 F -( ) 120.67 634 T -3 F -(key) 123.66 634 T -0 F -0.37 (Use the string ) 144 616 P -3 F -0.37 (key) 214.74 616 P -0 F -0.37 ( as the cryptographic key) 230.72 616 P -0.37 (. If this ar) 352.01 616 P -0.37 (gument is not given, the user) 399.54 616 P -(will be prompted for the key) 144 602 T -(.) 280.12 602 T -4 F -(\320m) 108 584 T -0 F -( ) 123.99 584 T -3 F -(b) 126.99 584 T -0 F -0.71 (Compute a message authentication code \050MAC\051 of ) 144 584 P -3 F -0.71 (b) 395.78 584 P -0 F -0.71 ( bits on the input. ) 401.77 584 P -3 F -0.71 (b) 491.94 584 P -0 F -0.71 ( must be) 497.94 584 P -0.11 (between 1 and 64 inclusive; if ) 144 570 P -3 F -0.11 (b) 291.87 570 P -0 F -0.11 ( is not a multiple of 8, enough 0 bits will be added) 297.86 570 P --0.44 (to pad the MAC length to the nearest multiple of 8. Only the MAC is output. MACs) 144 556 P -(are only available in cipher block chaining mode or in cipher feedback mode.) 144 542 T -4 F -(\320o) 108 524 T -0 F -( ) 119.99 524 T -3 F -(b) 122.99 524 T -0 F --0.34 (Use ) 144 524 P -3 F --0.34 (b) 165.31 524 P -0 F --0.34 (-bit output feedback mode. Currently ) 171.31 524 P -3 F --0.34 (b) 350.83 524 P -0 F --0.34 ( must be a multiple of 8 between 8 and) 356.83 524 P -(64 inclusive \050this does not conform to the OFB mode speci\336cation\051.) 144 510 T -4 F -(\320p) 108 492 T -0 F --0.14 (Disable the resetting of the parity bit. This \337ag forces the parity bit of the key to be) 144 492 P -0.03 (used as typed, rather than making each character be of odd parity) 144 478 P -0.03 (. It is used only if) 455.91 478 P -(the key is given in ) 144 464 T -5 F -(ASCII) 234.95 464 T -0 F -(.) 261.04 464 T -4 F -(\320v) 108 446 T -0 F -( ) 119.99 446 T -3 F -(vector) 122.99 446 T -0 F --0.5 (Set the initialization vector to ) 144 428 P -3 F --0.5 (v) 286.44 428 P -0 F --0.5 (; the vector is interpreted in the same way as the key) 291.76 428 P --0.5 (.) 537 428 P -(The vector is ignored in electronic codebook mode.) 144 414 T --0.55 (The DES is considered a very strong cryptosystem, and other than table lookup attacks, key) 108 396 P -0.24 (search attacks, and Hellman\325) 108 382 P -0.24 (s time-memory tradeof) 246.61 382 P -0.24 (f \050all of which are very expensive and) 356.8 382 P -0.66 (time-consuming\051, no cryptanalytic methods for breaking the DES are known in the open) 108 368 P -0.33 (literature. No doubt the choice of keys and key security are the most vulnerable aspect of) 108 354 P -3 F -(bdes) 108 340 T -0 F -(.) 129.98 340 T -4 F -(IMPLEMENT) 72 314 T -(A) 146.41 314 T -(TION NOTES) 154.18 314 T -0 F -0.57 (For implementors wishing to write software compatible with this program, the following) 108 290 P --0.23 (notes are provided. This software is completely compatible with the implementation of the) 108 276 P -(data encryption standard distributed by Sun Microsystems, Inc.) 108 262 T -0.11 (In the ECB and CBC modes, plaintext is encrypted in units of 64 bits \0508 bytes, also called) 108 244 P -0.52 (a block\051. T) 108 230 P -0.52 (o ensure that the plaintext \336le is encrypted correctly) 160.49 230 P -0.52 (, ) 413.01 230 P -3 F -0.52 (bdes ) 419.53 230 P -0 F -0.52 (will \050internally\051 ap-) 445.03 230 P -0.29 (pend from 1 to 8 bytes, the last byte containing an integer stating how many bytes of that) 108 216 P --0.71 (\336nal block are from the plaintext \336le, and encrypt the resulting block. Hence, when decrypt-) 108 202 P -0.27 (ing, the last block may contain from 0 to 7 characters present in the plaintext \336le, and the) 108 188 P --0.59 (last byte tells how many) 108 174 P --0.59 (. Note that if during decryption the last byte of the \336le does not con-) 221.46 174 P -0.41 (tain an integer between 0 and 7, either the \336le has been corrupted or an incorrect key has) 108 160 P -0.48 (been given. A similar mechanism is used for the OFB and CFB modes, except that those) 108 146 P -0.26 (simply require the length of the input to be a multiple of the mode size, and the \336nal byte) 108 132 P --0.73 (contains an integer between 0 and one less than the number of bytes being used as the mode.) 108 118 P -(\050This was another reason that the mode size must be a multiple of 8 for those modes.\051) 108 104 T -FMENDPAGE -%%EndPage: "9" 12 -%%Page: "10" 12 -612 792 0 FMBEGINPAGE -72 745.99 540 756 R -7 X -0 K -V -72 32.69 540 42.7 R -V -0 F -0 X -(Page 10 of 11) 473.71 34.7 T -72 72 540 720 R -7 X -V -0 X -0.94 (Unlike Sun\325) 108 712 P -0.94 (s implementation, unused bytes of that last block are not \336lled with random) 166.58 712 P -0.57 (data, but instead contain what was in those byte positions in the preceding block. This is) 108 698 P -(quicker and more portable, and does not weaken the encryption signi\336cantly) 108 684 T -(.) 473.95 684 T -0.36 (If the key is entered in ) 108 666 P -5 F -0.3 (ASCII) 220.76 666 P -0 F -0.36 (, the parity bits of the key characters are set so that each key) 246.85 666 P -1.03 (character is of odd parity) 108 652 P -1.03 (. Unlike Sun\325) 231.23 652 P -1.03 (s implementation, it is possible to enter binary or) 296.92 652 P --0.57 (hexadecimal keys on the command line, and if this is done, the parity bits are ) 108 638 P -3 F --0.57 (not ) 472.85 638 P -0 F --0.57 (reset. This) 490.61 638 P -(allows testing using arbitrary bit patterns as keys.) 108 624 T -0.64 (The Sun implementation always uses an initialization vector of 0 \050that is, all zeroes\051. By) 108 606 P -(default, ) 108 592 T -3 F -(bdes ) 147.3 592 T -0 F -(does too, but this may be changed from the command line.) 172.29 592 T -4 F -(FILES) 72 566 T -0 F -(/dev/tty) 108 542 T -(controlling terminal for typed key) 180 542 T -4 F -(SEE ALSO) 72 516 T -3 F -(crypt) 108 492 T -0 F -(\0501\051, ) 132.65 492 T -3 F -(crypt) 152.63 492 T -0 F -(\0503\051) 177.27 492 T -3 F --0.4 (Data Encryption Standar) 108 474 P --0.4 (d) 228.02 474 P -0 F --0.4 (, Federal Information Processing Standard #46, National Bureau) 234.02 474 P -(of Standards, U.S. Department of Commerce, W) 108 460 T -(ashington DC \050Jan. 1977\051.) 340.2 460 T -3 F -0.16 (DES) 108 442 P -0 F -0.16 ( ) 129.98 442 P -3 F -0.16 (Modes of Operation, ) 133.15 442 P -0 F -0.16 (Federal Information Processing Standard #81, National Bureau) 236.24 442 P -(of Standards, U.S. Department of Commerce, W) 108 428 T -(ashington DC \050Dec. 1980\051.) 340.2 428 T -2.75 (Dorothy Denning, ) 108 410 P -3 F -2.75 (Cryptography and Data Security) 203.77 410 P -0 F -2.75 (, Addison-W) 368.8 410 P -2.75 (esley Publishing Co.,) 432.55 410 P -(Reading, MA \2511982.) 108 396 T --0.19 ( Matt Bishop, \322Implementation Notes on ) 108 378 P -3 F --0.19 (bdes) 305.76 378 P -0 F --0.19 (\0501\051\323, T) 327.75 378 P --0.19 (echnical Report PCS-TR-91-158, De-) 359.35 378 P -0.34 (partment of Mathematics and Computer Science, Dartmouth College, Hanover) 108 364 P -0.34 (, NH \050Apr) 488.01 364 P -0.34 (.) 537 364 P -(1991\051.) 108 350 T -4 F -(CAUTION) 72 324 T -0 F --0.55 (Certain speci\336c keys should be avoided because they introduce potential weaknesses; these) 108 300 P --0.44 (keys, called the ) 108 286 P -3 F --0.44 (weak) 183.95 286 P -0 F --0.44 ( and ) 208.6 286 P -3 F --0.44 (semiweak) 231.03 286 P -0 F --0.44 ( keys, are \050in hex notation, where ) 277.66 286 P -6 F --1.06 (p) 437.45 286 P -0 F --0.44 ( is either ) 444.64 286 P -6 F --1.06 (0) 487.63 286 P -0 F --0.44 ( or ) 494.82 286 P -6 F --1.06 (1) 509.93 286 P -0 F --0.44 (, and) 517.12 286 P -6 F -(P) 108 272 T -0 F -( is either ) 115.2 272 T -6 F -(e) 159.5 272 T -0 F -( or ) 166.7 272 T -6 F -(f) 182.68 272 T -0 F -(\051:) 189.88 272 T -6 F -(0x0p0p0p0p0p0p0p0p) 144 254 T -(0x0p1P0p1P0p0P0p0P) 360 254 T -(0x0pep0pep0pfp0pfp) 144 236 T -(0x0pfP0pfP0pfP0pfP) 360 236 T -(0x1P0p1P0p0P0p0P0p) 144 218 T -(0x1P1P1P1P0P0P0P0P) 360 218 T -(0x1Pep1Pep0Pfp0Pfp) 144 200 T -(0x1PfP1PfP0PfP0PfP) 360 200 T -(0xep0pep0pfp0pfp0p) 144 182 T -(0xep1Pep1pfp0Pfp0P) 360 182 T -(0xepepepepepepepep) 144 164 T -(0xepfPepfPfpfPfpfP) 360 164 T -(0xfP0pfP0pfP0pfP0p) 144 146 T -(0xfP1PfP1PfP0PfP0P) 360 146 T -(0xfPepfPepfPepfPep) 144 128 T -(0xfPfPfPfPfPfPfPfP) 360 128 T -0 F -0.13 (The weakness of these keys is inherent in the DES algorithm \050see for example Moore and) 108 110 P --0.57 (Simmons, \322Cycle structure of the DES with weak and semi-weak keys,\323) 108 96 P -3 F --0.57 ( Advances in Cryp-) 449.43 96 P -(tology \320 Crypto \32486 Pr) 108 82 T -(oceedings) 216.83 82 T -0 F -(, Springer) 264.79 82 T -(-V) 311.85 82 T -(erlag New Y) 323.17 82 T -(ork, \2511987, pp. 9-32\051.) 383.25 82 T -FMENDPAGE -%%EndPage: "10" 13 -%%Page: "11" 13 -612 792 0 FMBEGINPAGE -72 745.99 540 756 R -7 X -0 K -V -72 32.69 540 42.7 R -V -0 F -0 X -(Page 11 of 11) 473.71 34.7 T -72 72 540 720 R -7 X -V -4 F -0 X -(BUGS) 72 712 T -0 F --0.18 (There is a controversy raging over whether the DES will still be secure in a few years. The) 108 688 P -0.31 (advent of special-purpose hardware could reduce the cost of any of the methods of attack) 108 674 P -(named above so that they are no longer computationally infeasible.) 108 660 T -0.32 (Programs which display programs\325 ar) 108 642 P -0.32 (guments may compromise the key and initialization) 289.59 642 P -0.76 (vector if they are speci\336ed on the command line. T) 108 628 P -0.76 (o avoid this ) 358.46 628 P -3 F -0.76 (bdes) 419.7 628 P -0 F -0.76 ( overwrites its ar) 441.68 628 P -0.76 (gu-) 524.01 628 P -(ments. However) 108 614 T -(, the obvious race cannot currently be avoided.) 186.12 614 T -0.25 (As the key or key schedule is kept in memory throughout the run of this program, the en-) 108 596 P -(cryption can be compromised if memory is readable.) 108 582 T --0.4 (There is no warranty of merchantability nor any warranty of \336tness for a particular purpose) 108 564 P -0.05 (nor any other warranty) 108 550 P -0.05 (, either express or implied, as to the accuracy of the enclosed mate-) 216.95 550 P -(rials or as to their suitability for any particular purpose.) 108 536 T --0.06 (Accordingly) 108 518 P --0.06 (, the user assumes full responsibility for their use. Further) 167.18 518 P --0.06 (, the author assumes) 442.93 518 P --0.25 (no obligation to furnish any assistance of any kind whatsoever) 108 504 P --0.25 (, or to furnish any additional) 404.69 504 P -(information or documentation.) 108 490 T -4 F -(AUTHOR) 72 464 T -0 F --0.54 (Matt Bishop, Department of Mathematics and Computer Science, Bradley Hall, Dartmouth) 108 440 P -(College, Hanover) 108 426 T -(, NH 03755) 192.12 426 T -(Electronic mail addresses:) 108 408 T -(Internet: Matt.Bishop@dartmouth.edu) 108 390 T -(UUCP: decvax!dartvax!Matt.Bishop) 108 372 T -FMENDPAGE -%%EndPage: "11" 14 -%%Trailer -%%BoundingBox: 0 0 612 792 -%%Pages: 13 1 -%%DocumentFonts: Helvetica-Bold -%%+ Helvetica-BoldOblique -%%+ Times-Roman -%%+ Times-Bold -%%+ Times-BoldItalic -%%+ Times-Italic -%%+ Courier -%%+ Courier-Oblique -%%+ ZapfDingbats -%%+ Symbol -%%+ Courier-Bold Property changes on: head/secure/usr.bin/bdes/bdes.ps ___________________________________________________________________ Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Index: head/secure/usr.bin/bdes/Makefile =================================================================== --- head/secure/usr.bin/bdes/Makefile (revision 313328) +++ head/secure/usr.bin/bdes/Makefile (nonexistent) @@ -1,10 +0,0 @@ -# @(#)Makefile 8.1 (Berkeley) 6/6/93 -# $FreeBSD$ - -PROG= bdes - -WARNS?= 2 - -LIBADD= crypto - -.include Property changes on: head/secure/usr.bin/bdes/Makefile ___________________________________________________________________ Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Index: head/secure/usr.bin/Makefile =================================================================== --- head/secure/usr.bin/Makefile (revision 313328) +++ head/secure/usr.bin/Makefile (revision 313329) @@ -1,19 +1,19 @@ # $FreeBSD$ .include SUBDIR= .if ${MK_OPENSSL} != "no" -SUBDIR+=bdes openssl +SUBDIR+=openssl .if ${MK_OPENSSH} != "no" SUBDIR+=scp sftp ssh ssh-add ssh-agent ssh-keygen ssh-keyscan .endif .endif .if ${MK_TESTS} != "no" SUBDIR+=tests .endif SUBDIR_PARALLEL= .include Index: head/usr.bin/Makefile =================================================================== --- head/usr.bin/Makefile (revision 313328) +++ head/usr.bin/Makefile (revision 313329) @@ -1,311 +1,310 @@ # From: @(#)Makefile 8.3 (Berkeley) 1/7/94 # $FreeBSD$ .include # XXX MISSING: deroff diction graph learn plot # spell spline struct xsend # XXX Use GNU versions: diff ld patch -# Moved to secure: bdes # SUBDIR= alias \ apply \ asa \ awk \ banner \ basename \ brandelf \ bsdcat \ bsdiff \ bzip2 \ bzip2recover \ cap_mkdb \ chat \ chpass \ cksum \ cmp \ col \ colldef \ colrm \ column \ comm \ compress \ cpuset \ csplit \ ctlstat \ cut \ dirname \ du \ elf2aout \ elfdump \ enigma \ env \ expand \ false \ fetch \ find \ fmt \ fold \ fstat \ fsync \ gcore \ gencat \ getconf \ getent \ getopt \ grep \ gzip \ head \ hexdump \ id \ ident \ ipcrm \ ipcs \ join \ jot \ keylogin \ keylogout \ killall \ ktrace \ ktrdump \ lam \ lastcomm \ ldd \ leave \ less \ lessecho \ lesskey \ limits \ locale \ localedef \ lock \ lockf \ logger \ login \ logins \ logname \ look \ lorder \ lsvfs \ lzmainfo \ m4 \ mandoc \ mesg \ minigzip \ ministat \ mkdep \ mkfifo \ mkimg \ mklocale \ mktemp \ mkuzip \ mt \ ncal \ netstat \ newgrp \ nfsstat \ nice \ nl \ numactl \ nohup \ opieinfo \ opiekey \ opiepasswd \ pagesize \ passwd \ paste \ patch \ pathchk \ perror \ pr \ printenv \ printf \ proccontrol \ procstat \ protect \ rctl \ renice \ resizewin \ rev \ revoke \ rpcinfo \ rs \ rup \ rusers \ rwall \ script \ sdiff \ sed \ send-pr \ seq \ shar \ showmount \ sockstat \ soelim \ sort \ split \ stat \ stdbuf \ su \ systat \ tabs \ tail \ tar \ tcopy \ tee \ time \ timeout \ tip \ top \ touch \ tput \ tr \ true \ truncate \ tset \ tsort \ tty \ uname \ unexpand \ uniq \ unzip \ units \ unvis \ uudecode \ uuencode \ vis \ vmstat \ w \ wall \ wc \ what \ whereis \ which \ whois \ write \ xargs \ xinstall \ xo \ xz \ xzdec \ yes # NB: keep these sorted by MK_* knobs SUBDIR.${MK_AT}+= at SUBDIR.${MK_ATM}+= atm SUBDIR.${MK_BLUETOOTH}+= bluetooth SUBDIR.${MK_BSD_CPIO}+= cpio SUBDIR.${MK_CALENDAR}+= calendar SUBDIR.${MK_CLANG}+= clang SUBDIR.${MK_DIALOG}+= dpv SUBDIR.${MK_EE}+= ee SUBDIR.${MK_FILE}+= file SUBDIR.${MK_FINGER}+= finger SUBDIR.${MK_FTP}+= ftp SUBDIR.${MK_GAMES}+= caesar SUBDIR.${MK_GAMES}+= factor SUBDIR.${MK_GAMES}+= fortune SUBDIR.${MK_GAMES}+= grdc SUBDIR.${MK_GAMES}+= morse SUBDIR.${MK_GAMES}+= number SUBDIR.${MK_GAMES}+= pom SUBDIR.${MK_GAMES}+= primes SUBDIR.${MK_GAMES}+= random .if ${MK_GPL_DTC} != "yes" .if ${COMPILER_FEATURES:Mc++11} SUBDIR+= dtc .endif .endif SUBDIR.${MK_GROFF}+= vgrind SUBDIR.${MK_HESIOD}+= hesinfo SUBDIR.${MK_ICONV}+= iconv SUBDIR.${MK_ICONV}+= mkcsmapper SUBDIR.${MK_ICONV}+= mkesdb SUBDIR.${MK_ISCSI}+= iscsictl SUBDIR.${MK_KDUMP}+= kdump SUBDIR.${MK_KDUMP}+= truss SUBDIR.${MK_KERBEROS_SUPPORT}+= compile_et SUBDIR.${MK_LDNS_UTILS}+= drill SUBDIR.${MK_LDNS_UTILS}+= host SUBDIR.${MK_LOCATE}+= locate # XXX msgs? SUBDIR.${MK_MAIL}+= biff SUBDIR.${MK_MAIL}+= from SUBDIR.${MK_MAIL}+= mail SUBDIR.${MK_MAIL}+= msgs SUBDIR.${MK_MAKE}+= bmake SUBDIR.${MK_MAN_UTILS}+= catman .if ${MK_MANDOCDB} == "no" # AND SUBDIR.${MK_MAN_UTILS}+= makewhatis .endif SUBDIR.${MK_MAN_UTILS}+= man SUBDIR.${MK_NETCAT}+= nc SUBDIR.${MK_NIS}+= ypcat SUBDIR.${MK_NIS}+= ypmatch SUBDIR.${MK_NIS}+= ypwhich SUBDIR.${MK_OPENSSH}+= ssh-copy-id SUBDIR.${MK_OPENSSL}+= bc SUBDIR.${MK_OPENSSL}+= chkey SUBDIR.${MK_OPENSSL}+= dc SUBDIR.${MK_OPENSSL}+= newkey SUBDIR.${MK_QUOTAS}+= quota SUBDIR.${MK_RCMDS}+= rlogin SUBDIR.${MK_RCMDS}+= rsh SUBDIR.${MK_RCMDS}+= ruptime SUBDIR.${MK_RCMDS}+= rwho SUBDIR.${MK_SENDMAIL}+= vacation SUBDIR.${MK_TALK}+= talk SUBDIR.${MK_TELNET}+= telnet SUBDIR.${MK_TESTS}+= tests SUBDIR.${MK_TEXTPROC}+= checknr SUBDIR.${MK_TEXTPROC}+= colcrt SUBDIR.${MK_TEXTPROC}+= ul SUBDIR.${MK_TFTP}+= tftp SUBDIR.${MK_TOOLCHAIN}+= addr2line SUBDIR.${MK_TOOLCHAIN}+= ar SUBDIR.${MK_TOOLCHAIN}+= c89 SUBDIR.${MK_TOOLCHAIN}+= c99 SUBDIR.${MK_TOOLCHAIN}+= ctags SUBDIR.${MK_TOOLCHAIN}+= cxxfilt SUBDIR.${MK_TOOLCHAIN}+= elfcopy SUBDIR.${MK_TOOLCHAIN}+= file2c # ARM64TODO gprof does not build # RISCVTODO gprof does not build .if ${MACHINE_ARCH} != "aarch64" && ${MACHINE_CPUARCH} != "riscv" SUBDIR.${MK_TOOLCHAIN}+= gprof .endif SUBDIR.${MK_TOOLCHAIN}+= indent SUBDIR.${MK_TOOLCHAIN}+= lex SUBDIR.${MK_TOOLCHAIN}+= mkstr SUBDIR.${MK_TOOLCHAIN}+= nm SUBDIR.${MK_TOOLCHAIN}+= readelf SUBDIR.${MK_TOOLCHAIN}+= rpcgen SUBDIR.${MK_TOOLCHAIN}+= unifdef SUBDIR.${MK_TOOLCHAIN}+= size SUBDIR.${MK_TOOLCHAIN}+= strings .if ${MACHINE_ARCH} != "aarch64" # ARM64TODO xlint does not build SUBDIR.${MK_TOOLCHAIN}+= xlint .endif SUBDIR.${MK_TOOLCHAIN}+= xstr SUBDIR.${MK_TOOLCHAIN}+= yacc SUBDIR.${MK_VI}+= vi SUBDIR.${MK_VT}+= vtfontcvt SUBDIR.${MK_USB}+= usbhidaction SUBDIR.${MK_USB}+= usbhidctl SUBDIR.${MK_UTMPX}+= last .if ${MK_CXX} != "no" SUBDIR.${MK_UTMPX}+= users .endif SUBDIR.${MK_UTMPX}+= who SUBDIR.${MK_SVN}+= svn SUBDIR.${MK_SVNLITE}+= svn .include SUBDIR:= ${SUBDIR:O:u} SUBDIR_PARALLEL= .include Index: head/usr.bin/enigma/enigma.1 =================================================================== --- head/usr.bin/enigma/enigma.1 (revision 313328) +++ head/usr.bin/enigma/enigma.1 (revision 313329) @@ -1,132 +1,130 @@ .\" .\" enigma (aka. crypt) man page written by Joerg Wunsch. .\" .\" Since enigma itself is distributed in the Public Domain, this file .\" is also. .\" .\" $FreeBSD$ .\" " -.Dd May 14, 2004 +.Dd February 5, 2017 .Dt ENIGMA 1 .Os .Sh NAME .Nm enigma , .Nm crypt .Nd very simple file encryption .Sh SYNOPSIS .Nm .Op Fl s .Op Fl k .Op Ar password .Nm crypt .Op Fl s .Op Fl k .Op Ar password .Sh DESCRIPTION The .Nm utility, also known as .Nm crypt is a .Em very simple encryption program, working on a .Dq secret-key basis. It operates as a filter, i.e., it encrypts or decrypts a stream of data from standard input, and writes the result to standard output. Since its operation is fully symmetrical, feeding the encrypted data stream again through the engine (using the same secret key) will decrypt it. .Pp There are several ways to provide the secret key to the program. By default, the program prompts the user on the controlling terminal for the key, using .Xr getpass 3 . This is the only safe way of providing it. .Pp Alternatively, the key can be provided as the sole command-line argument .Ar password when starting the program. Obviously, this way the key can easily be spotted by other users running .Xr ps 1 . As yet another alternative, .Nm can be given the option .Fl k , and it will take the key from the environment variable .Ev CrYpTkEy . While this at a first glance seems to be more secure than the previous option, it actually is not since environment variables can also be examined with .Xr ps 1 . Thus this option is mainly provided for compatibility with other implementations of .Nm . .Pp When specifying the option .Fl s , .Nm modifies the encryption engine in a way that is supposed to make it a little more secure, but incompatible with other implementations. .Pp .Ss Warning The cryptographic value of .Nm is rather small. This program is only provided here for compatibility with other operating systems that also provide an implementation (usually called .Xr crypt 1 there). For real encryption, refer to -.Xr bdes 1 , .Xr openssl 1 , .Xr pgp 1 Pq Pa ports/security/pgp , or .Xr gpg 1 Pq Pa ports/security/gnupg . However, restrictions for exporting, importing or using such tools might exist in some countries, so those stronger programs are not being shipped as part of the operating system by default. .Sh ENVIRONMENT .Bl -tag -offset indent -width ".Ev CrYpTkEy" .It Ev CrYpTkEy used to obtain the secret key when option .Fl k has been given .El .Sh EXAMPLES .Bd -literal -offset indent man enigma | enigma > encrypted Enter key: (XXX \(em key not echoed) .Ed .Pp This will create an encrypted form of this man page, and store it in the file .Pa encrypted . .Bd -literal -offset indent enigma XXX < encrypted .Ed .Pp This displays the previously created file on the terminal. .Sh SEE ALSO -.Xr bdes 1 , .Xr gpg 1 , .Xr openssl 1 , .Xr pgp 1 , .Xr ps 1 , .Xr getpass 3 .Sh HISTORY Implementations of .Nm crypt are very common among .Ux operating systems. This implementation has been taken from the .Em Cryptbreakers Workbench which is in the public domain.