/contrib/cvs/src/scramble.c

https://bitbucket.org/freebsd/freebsd-head/ · C · 245 lines · 92 code · 24 blank · 129 comment · 7 complexity · f3dccc6afd10bcd5f629e6191f9b35d2 MD5 · raw file

  1. /*
  2. * Trivially encode strings to protect them from innocent eyes (i.e.,
  3. * inadvertent password compromises, like a network administrator
  4. * who's watching packets for legitimate reasons and accidentally sees
  5. * the password protocol go by).
  6. *
  7. * This is NOT secure encryption.
  8. *
  9. * It would be tempting to encode the password according to username
  10. * and repository, so that the same password would encode to a
  11. * different string when used with different usernames and/or
  12. * repositories. However, then users would not be able to cut and
  13. * paste passwords around. They're not supposed to anyway, but we all
  14. * know they will, and there's no reason to make it harder for them if
  15. * we're not trying to provide real security anyway.
  16. */
  17. /* Set this to test as a standalone program. */
  18. /* #define DIAGNOSTIC */
  19. #ifndef DIAGNOSTIC
  20. #include "cvs.h"
  21. #else /* ! DIAGNOSTIC */
  22. /* cvs.h won't define this for us */
  23. #define AUTH_CLIENT_SUPPORT
  24. #define xmalloc malloc
  25. /* Use "gcc -fwritable-strings". */
  26. #include <stdio.h>
  27. #include <stdio.h>
  28. #include <string.h>
  29. #endif /* ! DIAGNOSTIC */
  30. #if defined(AUTH_CLIENT_SUPPORT) || defined(AUTH_SERVER_SUPPORT)
  31. /* Map characters to each other randomly and symmetrically, A <--> B.
  32. *
  33. * We divide the ASCII character set into 3 domains: control chars (0
  34. * thru 31), printing chars (32 through 126), and "meta"-chars (127
  35. * through 255). The control chars map _to_ themselves, the printing
  36. * chars map _among_ themselves, and the meta chars map _among_
  37. * themselves. Why is this thus?
  38. *
  39. * No character in any of these domains maps to a character in another
  40. * domain, because I'm not sure what characters are legal in
  41. * passwords, or what tools people are likely to use to cut and paste
  42. * them. It seems prudent not to introduce control or meta chars,
  43. * unless the user introduced them first. And having the control
  44. * chars all map to themselves insures that newline and
  45. * carriage-return are safely handled.
  46. */
  47. static unsigned char
  48. shifts[] = {
  49. 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
  50. 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
  51. 114,120, 53, 79, 96,109, 72,108, 70, 64, 76, 67,116, 74, 68, 87,
  52. 111, 52, 75,119, 49, 34, 82, 81, 95, 65,112, 86,118,110,122,105,
  53. 41, 57, 83, 43, 46,102, 40, 89, 38,103, 45, 50, 42,123, 91, 35,
  54. 125, 55, 54, 66,124,126, 59, 47, 92, 71,115, 78, 88,107,106, 56,
  55. 36,121,117,104,101,100, 69, 73, 99, 63, 94, 93, 39, 37, 61, 48,
  56. 58,113, 32, 90, 44, 98, 60, 51, 33, 97, 62, 77, 84, 80, 85,223,
  57. 225,216,187,166,229,189,222,188,141,249,148,200,184,136,248,190,
  58. 199,170,181,204,138,232,218,183,255,234,220,247,213,203,226,193,
  59. 174,172,228,252,217,201,131,230,197,211,145,238,161,179,160,212,
  60. 207,221,254,173,202,146,224,151,140,196,205,130,135,133,143,246,
  61. 192,159,244,239,185,168,215,144,139,165,180,157,147,186,214,176,
  62. 227,231,219,169,175,156,206,198,129,164,150,210,154,177,134,127,
  63. 182,128,158,208,162,132,167,209,149,241,153,251,237,236,171,195,
  64. 243,233,253,240,194,250,191,155,142,137,245,235,163,242,178,152 };
  65. /* SCRAMBLE and DESCRAMBLE work like this:
  66. *
  67. * scramble(STR) returns SCRM, a scrambled copy of STR. SCRM[0] is a
  68. * single letter indicating the scrambling method. As of this
  69. * writing, the only legal method is 'A', but check the code for more
  70. * up-to-date information. The copy will have been allocated with
  71. * xmalloc().
  72. *
  73. * descramble(SCRM) returns STR, again in its own xmalloc'd space.
  74. * descramble() uses SCRM[0] to determine which method of unscrambling
  75. * to use. If it does not recognize the method, it dies with error.
  76. */
  77. /* Return a xmalloc'd, scrambled version of STR. */
  78. char *
  79. scramble (str)
  80. char *str;
  81. {
  82. int i;
  83. char *s;
  84. /* +2 to hold the 'A' prefix that indicates which version of
  85. scrambling this is (the first, obviously, since we only do one
  86. kind of scrambling so far), and then the '\0' of course. */
  87. s = (char *) xmalloc (strlen (str) + 2);
  88. /* Scramble (TM) version prefix. */
  89. s[0] = 'A';
  90. strcpy (s + 1, str);
  91. for (i = 1; s[i]; i++)
  92. s[i] = shifts[(unsigned char)(s[i])];
  93. return s;
  94. }
  95. /* Decode the string in place. */
  96. char *
  97. descramble (str)
  98. char *str;
  99. {
  100. char *s;
  101. int i;
  102. /* For now we can only handle one kind of scrambling. In the future
  103. there may be other kinds, and this `if' will become a `switch'. */
  104. if (str[0] != 'A')
  105. #ifndef DIAGNOSTIC
  106. error (1, 0, "descramble: unknown scrambling method");
  107. #else /* DIAGNOSTIC */
  108. {
  109. fprintf (stderr, "descramble: unknown scrambling method\n", str);
  110. fflush (stderr);
  111. exit (EXIT_FAILURE);
  112. }
  113. #endif /* DIAGNOSTIC */
  114. /* Method `A' is symmetrical, so scramble again to decrypt. */
  115. s = scramble (str + 1);
  116. /* Shift the whole string one char to the left, pushing the unwanted
  117. 'A' off the left end. Safe, because s is null-terminated. */
  118. for (i = 0; s[i]; i++)
  119. s[i] = s[i + 1];
  120. return s;
  121. }
  122. #endif /* (AUTH_CLIENT_SUPPORT || AUTH_SERVER_SUPPORT) from top of file */
  123. #ifdef DIAGNOSTIC
  124. int
  125. main ()
  126. {
  127. int i;
  128. char *e, *m, biggie[256];
  129. char *cleartexts[5];
  130. cleartexts[0] = "first";
  131. cleartexts[1] = "the second";
  132. cleartexts[2] = "this is the third";
  133. cleartexts[3] = "$#% !!\\3";
  134. cleartexts[4] = biggie;
  135. /* Set up the most important test string: */
  136. /* Can't have a real ASCII zero in the string, because we want to
  137. use printf, so we substitute the character zero. */
  138. biggie[0] = '0';
  139. /* The rest of the string gets straight ascending ASCII. */
  140. for (i = 1; i < 256; i++)
  141. biggie[i] = i;
  142. /* Test all the strings. */
  143. for (i = 0; i < 5; i++)
  144. {
  145. printf ("clear%d: %s\n", i, cleartexts[i]);
  146. e = scramble (cleartexts[i]);
  147. printf ("scram%d: %s\n", i, e);
  148. m = descramble (e);
  149. free (e);
  150. printf ("clear%d: %s\n\n", i, m);
  151. free (m);
  152. }
  153. fflush (stdout);
  154. return 0;
  155. }
  156. #endif /* DIAGNOSTIC */
  157. /*
  158. * ;;; The Emacs Lisp that did the dirty work ;;;
  159. * (progn
  160. *
  161. * ;; Helper func.
  162. * (defun random-elt (lst)
  163. * (let* ((len (length lst))
  164. * (rnd (random len)))
  165. * (nth rnd lst)))
  166. *
  167. * ;; A list of all characters under 127, each appearing once.
  168. * (setq non-meta-chars
  169. * (let ((i 0)
  170. * (l nil))
  171. * (while (< i 127)
  172. * (setq l (cons i l)
  173. * i (1+ i)))
  174. * l))
  175. *
  176. * ;; A list of all characters 127 and above, each appearing once.
  177. * (setq meta-chars
  178. * (let ((i 127)
  179. * (l nil))
  180. * (while (< i 256)
  181. * (setq l (cons i l)
  182. * i (1+ i)))
  183. * l))
  184. *
  185. * ;; A vector that will hold the chars in a random order.
  186. * (setq scrambled-chars (make-vector 256 0))
  187. *
  188. * ;; These characters should map to themselves.
  189. * (let ((i 0))
  190. * (while (< i 32)
  191. * (aset scrambled-chars i i)
  192. * (setq non-meta-chars (delete i non-meta-chars)
  193. * i (1+ i))))
  194. *
  195. * ;; Assign random (but unique) values, within the non-meta chars.
  196. * (let ((i 32))
  197. * (while (< i 127)
  198. * (let ((ch (random-elt non-meta-chars)))
  199. * (if (= 0 (aref scrambled-chars i))
  200. * (progn
  201. * (aset scrambled-chars i ch)
  202. * (aset scrambled-chars ch i)
  203. * (setq non-meta-chars (delete ch non-meta-chars)
  204. * non-meta-chars (delete i non-meta-chars))))
  205. * (setq i (1+ i)))))
  206. *
  207. * ;; Assign random (but unique) values, within the non-meta chars.
  208. * (let ((i 127))
  209. * (while (< i 256)
  210. * (let ((ch (random-elt meta-chars)))
  211. * (if (= 0 (aref scrambled-chars i))
  212. * (progn
  213. * (aset scrambled-chars i ch)
  214. * (aset scrambled-chars ch i)
  215. * (setq meta-chars (delete ch meta-chars)
  216. * meta-chars (delete i meta-chars))))
  217. * (setq i (1+ i)))))
  218. *
  219. * ;; Now use the `scrambled-chars' vector to get your C array.
  220. * )
  221. */