[9fans] encryption routines for il

[9fans] encryption routines for il

[Paul]

> I am looking at installing Pace Willisson's Unix based Authentication
> server on my BSDI box (thanks to Russ Cox for letting me know about
> it).
> 
> If anyone outside the US has implemented compatible versions of the
> missing encryption routines, please let me know.

I probably should mention that BSD/OS 3.0 includes support for
the Plan 9 bootp requests.

The basic code that puts out the bootp request is:

        strcpy((char *)bp->bp_vend, "p9  ");
        strcat((char *)bp->bp_vend, inet_ntoa(hp->subnet_mask));
        strcat((char *)bp->bp_vend, " ");
        strcat((char *)bp->bp_vend, inet_ntoa(hp->swap_server));
        strcat((char *)bp->bp_vend, " ");
        strcat((char *)bp->bp_vend, inet_ntoa(hp->nis_server->addr[0]));
        strcat((char *)bp->bp_vend, " ");
        strcat((char *)bp->bp_vend, inet_ntoa(hp->gateway->addr[0]));

(Please don't complain about using strcat, this was a quick hack and it
 does the job.  I probably should have used snprintf, but it is not worth
 changing it at this point.)

The fields for these entries are:

	sm	netmask, as expected
	sw	"swap server" is really your 9fs file server
	ds	dns server, as expected (only first address used)
	gw	gateway, as expected (only first address used)

				-Paul Borman
				 prb@bsdi.com

[9fans] encryption routines for il

[Paul]

> From: forsyth@caldo.demon.co.uk
> 
> >>        strcat((char *)bp->bp_vend, inet_ntoa(hp->nis_server->addr[0]));
> >>	ds	dns server, as expected (only first address used)
> 
> note that plan 9 takes this field as auth server (the system will fetch
> the dns data, if needed, from /lib/ndb/local)

Ah, thanks for pointing that out!  You can tell it has been a while since
I played with that.  (My auth server and dns server have the same IP
address so when I looked back at my bootptab file, which was still
set up for my Plan 9 terminal, I saw it as DNS.  But it does work, honest!

				-Paul

[9fans] encryption routines for il

[forsyth]

>>        strcat((char *)bp->bp_vend, inet_ntoa(hp->nis_server->addr[0]));
>>	ds	dns server, as expected (only first address used)

note that plan 9 takes this field as auth server (the system will fetch
the dns data, if needed, from /lib/ndb/local)

[9fans] encryption routines for il

[Digby]

>
>Take Pace's il.tar.gz, make des.c a null file, and then
>use the following encrypt.c:
>
Great - thanks! I was hoping that there wasn't anything
strange in Plan9's algorithm.

I'll give it a try.

Regards,
DigbyT
-- 
Digby R. S. Tarvin                                              digbyt@acm.org
http://www.cthulhu.dircon.co.uk

[9fans] encryption routines for il

[forsyth]

>>I probably should mention that BSD/OS 3.0 includes support for
>>the Plan 9 bootp requests.

thank you.

[9fans] encryption routines for il

[Russ]

Take Pace's il.tar.gz, make des.c a null file, and then
use the following encrypt.c:

(The inspiration and almost all of the code for this came from Kenji Arisawa.)

#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#define DESKEYLEN 7
#define NAMELEN 22
typedef unsigned char uchar;

uchar a[8] = { 128, 64, 32, 16, 8, 4, 2, 1 };

/*  get bit status at the bit position n of string s
    char s[8]
    int n: 0 .. 63
*/
int strbit(char *s, int n)
{   int q,m;
    q = n / 8;
    m = n % 8;
    return (s[q] & a[m]?1:0);
}

/*  uchar s[8]
    uchar x[1]
    */
uchar s2b(uchar *s)
{   int i;
    uchar x;
    x = 0;
    for(i = 0; i < 8; i++) if(s[i]) x |= a[i];
    return x;
}

/*  uchar s[8]
    uchar x[1]
    */
void b2s(uchar x, uchar *s)
{   int i;
    for(i = 0; i < 8; i++) s[i] = 0;
    for(i = 0; i < 8; i++) if(x & a[i]) s[i] = 1;
}

/* uchar s[64], x[8] */
void blk2str(uchar *x, uchar *s)
{   int i;
    for(i = 0; i < 8; i++) b2s(x[i],&s[8*i]);
}

/* uchar s[64], x[8] */
void str2blk(uchar *s, uchar *x)
{   int i;
    for(i = 0; i < 8; i++) x[i] = s2b(&s[8*i]);
}

/* Plan9 encrypt
   uchar key[7]    --- deskey
   uchar t[8]     --- target(des cypher block)
 */
void des(uchar *key, uchar *t)
{   int i,j;
    char s[64],u[64];
    for(j = 0; j < 8; j++){
        for(i = 0; i < 7; i++) s[8*j + i] = strbit(key, 7*j + i);
        s[8*j + 7] = 0;
    }
    setkey(s);
    blk2str(t,u);
    encrypt(u,0); /* encrypt */
    str2blk(u,t);
}

void
plan9_encrypt(uchar *key, uchar *t, int len)
{
	des(key, t);
}

This doesn't work under Linux.  Don't complain to me.

Russ

[9fans] encryption routines for il

[Digby]

I am looking at installing Pace Willisson's Unix based Authentication
server on my BSDI box (thanks to Russ Cox for letting me know about
it).

If anyone outside the US has implemented compatible versions of the
missing encryption routines, please let me know.

Thanks,
DigbyT
-- 
Digby R. S. Tarvin                                              digbyt@acm.org
http://www.cthulhu.dircon.co.uk