xref: /dflybsd-src/contrib/cvs-1.12/src/scramble.c (revision 86d7f5d305c6adaa56ff4582ece9859d73106103) 
1*86d7f5d3SJohn Marino /*
2*86d7f5d3SJohn Marino  * Trivially encode strings to protect them from innocent eyes (i.e.,
3*86d7f5d3SJohn Marino  * inadvertent password compromises, like a network administrator
4*86d7f5d3SJohn Marino  * who's watching packets for legitimate reasons and accidentally sees
5*86d7f5d3SJohn Marino  * the password protocol go by).
6*86d7f5d3SJohn Marino  *
7*86d7f5d3SJohn Marino  * This is NOT secure encryption.
8*86d7f5d3SJohn Marino  *
9*86d7f5d3SJohn Marino  * It would be tempting to encode the password according to username
10*86d7f5d3SJohn Marino  * and repository, so that the same password would encode to a
11*86d7f5d3SJohn Marino  * different string when used with different usernames and/or
12*86d7f5d3SJohn Marino  * repositories.  However, then users would not be able to cut and
13*86d7f5d3SJohn Marino  * paste passwords around.  They're not supposed to anyway, but we all
14*86d7f5d3SJohn Marino  * know they will, and there's no reason to make it harder for them if
15*86d7f5d3SJohn Marino  * we're not trying to provide real security anyway.
16*86d7f5d3SJohn Marino  */
17*86d7f5d3SJohn Marino 
18*86d7f5d3SJohn Marino /* Set this to test as a standalone program. */
19*86d7f5d3SJohn Marino /* #define DIAGNOSTIC */
20*86d7f5d3SJohn Marino 
21*86d7f5d3SJohn Marino #ifndef DIAGNOSTIC
22*86d7f5d3SJohn Marino #include "cvs.h"
23*86d7f5d3SJohn Marino #else /* ! DIAGNOSTIC */
24*86d7f5d3SJohn Marino /* cvs.h won't define this for us */
25*86d7f5d3SJohn Marino #define AUTH_CLIENT_SUPPORT
26*86d7f5d3SJohn Marino #define xmalloc malloc
27*86d7f5d3SJohn Marino /* Use "gcc -fwritable-strings". */
28*86d7f5d3SJohn Marino #include <stdio.h>
29*86d7f5d3SJohn Marino #include <stdio.h>
30*86d7f5d3SJohn Marino #include <string.h>
31*86d7f5d3SJohn Marino #endif /* ! DIAGNOSTIC */
32*86d7f5d3SJohn Marino 
33*86d7f5d3SJohn Marino #if defined(AUTH_CLIENT_SUPPORT) || defined(AUTH_SERVER_SUPPORT)
34*86d7f5d3SJohn Marino 
35*86d7f5d3SJohn Marino /* Map characters to each other randomly and symmetrically, A <--> B.
36*86d7f5d3SJohn Marino  *
37*86d7f5d3SJohn Marino  * We divide the ASCII character set into 3 domains: control chars (0
38*86d7f5d3SJohn Marino  * thru 31), printing chars (32 through 126), and "meta"-chars (127
39*86d7f5d3SJohn Marino  * through 255).  The control chars map _to_ themselves, the printing
40*86d7f5d3SJohn Marino  * chars map _among_ themselves, and the meta chars map _among_
41*86d7f5d3SJohn Marino  * themselves.  Why is this thus?
42*86d7f5d3SJohn Marino  *
43*86d7f5d3SJohn Marino  * No character in any of these domains maps to a character in another
44*86d7f5d3SJohn Marino  * domain, because I'm not sure what characters are valid in
45*86d7f5d3SJohn Marino  * passwords, or what tools people are likely to use to cut and paste
46*86d7f5d3SJohn Marino  * them.  It seems prudent not to introduce control or meta chars,
47*86d7f5d3SJohn Marino  * unless the user introduced them first.  And having the control
48*86d7f5d3SJohn Marino  * chars all map to themselves insures that newline and
49*86d7f5d3SJohn Marino  * carriage-return are safely handled.
50*86d7f5d3SJohn Marino  */
51*86d7f5d3SJohn Marino 
52*86d7f5d3SJohn Marino static unsigned char
53*86d7f5d3SJohn Marino shifts[] = {
54*86d7f5d3SJohn Marino     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
55*86d7f5d3SJohn Marino    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
56*86d7f5d3SJohn Marino   114,120, 53, 79, 96,109, 72,108, 70, 64, 76, 67,116, 74, 68, 87,
57*86d7f5d3SJohn Marino   111, 52, 75,119, 49, 34, 82, 81, 95, 65,112, 86,118,110,122,105,
58*86d7f5d3SJohn Marino    41, 57, 83, 43, 46,102, 40, 89, 38,103, 45, 50, 42,123, 91, 35,
59*86d7f5d3SJohn Marino   125, 55, 54, 66,124,126, 59, 47, 92, 71,115, 78, 88,107,106, 56,
60*86d7f5d3SJohn Marino    36,121,117,104,101,100, 69, 73, 99, 63, 94, 93, 39, 37, 61, 48,
61*86d7f5d3SJohn Marino    58,113, 32, 90, 44, 98, 60, 51, 33, 97, 62, 77, 84, 80, 85,223,
62*86d7f5d3SJohn Marino   225,216,187,166,229,189,222,188,141,249,148,200,184,136,248,190,
63*86d7f5d3SJohn Marino   199,170,181,204,138,232,218,183,255,234,220,247,213,203,226,193,
64*86d7f5d3SJohn Marino   174,172,228,252,217,201,131,230,197,211,145,238,161,179,160,212,
65*86d7f5d3SJohn Marino   207,221,254,173,202,146,224,151,140,196,205,130,135,133,143,246,
66*86d7f5d3SJohn Marino   192,159,244,239,185,168,215,144,139,165,180,157,147,186,214,176,
67*86d7f5d3SJohn Marino   227,231,219,169,175,156,206,198,129,164,150,210,154,177,134,127,
68*86d7f5d3SJohn Marino   182,128,158,208,162,132,167,209,149,241,153,251,237,236,171,195,
69*86d7f5d3SJohn Marino   243,233,253,240,194,250,191,155,142,137,245,235,163,242,178,152 };
70*86d7f5d3SJohn Marino 
71*86d7f5d3SJohn Marino 
72*86d7f5d3SJohn Marino /* SCRAMBLE and DESCRAMBLE work like this:
73*86d7f5d3SJohn Marino  *
74*86d7f5d3SJohn Marino  * scramble(STR) returns SCRM, a scrambled copy of STR.  SCRM[0] is a
75*86d7f5d3SJohn Marino  * single letter indicating the scrambling method.  As of this
76*86d7f5d3SJohn Marino  * writing, the only valid method is 'A', but check the code for more
77*86d7f5d3SJohn Marino  * up-to-date information.  The copy will have been allocated with
78*86d7f5d3SJohn Marino  * xmalloc().
79*86d7f5d3SJohn Marino  *
80*86d7f5d3SJohn Marino  * descramble(SCRM) returns STR, again in its own xmalloc'd space.
81*86d7f5d3SJohn Marino  * descramble() uses SCRM[0] to determine which method of unscrambling
82*86d7f5d3SJohn Marino  * to use.  If it does not recognize the method, it dies with error.
83*86d7f5d3SJohn Marino  */
84*86d7f5d3SJohn Marino 
85*86d7f5d3SJohn Marino /* Return a xmalloc'd, scrambled version of STR. */
86*86d7f5d3SJohn Marino char *
scramble(char * str)87*86d7f5d3SJohn Marino scramble (char *str)
88*86d7f5d3SJohn Marino {
89*86d7f5d3SJohn Marino     int i;
90*86d7f5d3SJohn Marino     char *s;
91*86d7f5d3SJohn Marino 
92*86d7f5d3SJohn Marino     /* +2 to hold the 'A' prefix that indicates which version of
93*86d7f5d3SJohn Marino        scrambling this is (the first, obviously, since we only do one
94*86d7f5d3SJohn Marino        kind of scrambling so far), and then the '\0' of course.  */
95*86d7f5d3SJohn Marino     s = (char *) xmalloc (strlen (str) + 2);
96*86d7f5d3SJohn Marino 
97*86d7f5d3SJohn Marino     /* Scramble (TM) version prefix. */
98*86d7f5d3SJohn Marino     s[0] = 'A';
99*86d7f5d3SJohn Marino     strcpy (s + 1, str);
100*86d7f5d3SJohn Marino 
101*86d7f5d3SJohn Marino     for (i = 1; s[i]; i++)
102*86d7f5d3SJohn Marino 	s[i] = shifts[(unsigned char)(s[i])];
103*86d7f5d3SJohn Marino 
104*86d7f5d3SJohn Marino     return s;
105*86d7f5d3SJohn Marino }
106*86d7f5d3SJohn Marino 
107*86d7f5d3SJohn Marino /* Decode the string in place. */
108*86d7f5d3SJohn Marino char *
descramble(char * str)109*86d7f5d3SJohn Marino descramble (char *str)
110*86d7f5d3SJohn Marino {
111*86d7f5d3SJohn Marino     char *s;
112*86d7f5d3SJohn Marino     int i;
113*86d7f5d3SJohn Marino 
114*86d7f5d3SJohn Marino     /* For now we can only handle one kind of scrambling.  In the future
115*86d7f5d3SJohn Marino        there may be other kinds, and this `if' will become a `switch'.  */
116*86d7f5d3SJohn Marino     if (str[0] != 'A')
117*86d7f5d3SJohn Marino #ifndef DIAGNOSTIC
118*86d7f5d3SJohn Marino 	error (1, 0, "descramble: unknown scrambling method");
119*86d7f5d3SJohn Marino #else  /* DIAGNOSTIC */
120*86d7f5d3SJohn Marino     {
121*86d7f5d3SJohn Marino 	fprintf (stderr, "descramble: unknown scrambling method\n", str);
122*86d7f5d3SJohn Marino 	fflush (stderr);
123*86d7f5d3SJohn Marino 	exit (EXIT_FAILURE);
124*86d7f5d3SJohn Marino     }
125*86d7f5d3SJohn Marino #endif  /* DIAGNOSTIC */
126*86d7f5d3SJohn Marino 
127*86d7f5d3SJohn Marino     /* Method `A' is symmetrical, so scramble again to decrypt. */
128*86d7f5d3SJohn Marino     s = scramble (str + 1);
129*86d7f5d3SJohn Marino 
130*86d7f5d3SJohn Marino     /* Shift the whole string one char to the left, pushing the unwanted
131*86d7f5d3SJohn Marino        'A' off the left end.  Safe, because s is null-terminated. */
132*86d7f5d3SJohn Marino     for (i = 0; s[i]; i++)
133*86d7f5d3SJohn Marino 	s[i] = s[i + 1];
134*86d7f5d3SJohn Marino 
135*86d7f5d3SJohn Marino     return s;
136*86d7f5d3SJohn Marino }
137*86d7f5d3SJohn Marino 
138*86d7f5d3SJohn Marino #endif /* (AUTH_CLIENT_SUPPORT || AUTH_SERVER_SUPPORT) from top of file */
139*86d7f5d3SJohn Marino 
140*86d7f5d3SJohn Marino #ifdef DIAGNOSTIC
141*86d7f5d3SJohn Marino int
main(int argc,char ** argv)142*86d7f5d3SJohn Marino main( int argc, char **argv )
143*86d7f5d3SJohn Marino {
144*86d7f5d3SJohn Marino     int i;
145*86d7f5d3SJohn Marino     char *e, *m, biggie[256];
146*86d7f5d3SJohn Marino 
147*86d7f5d3SJohn Marino     char *cleartexts[5];
148*86d7f5d3SJohn Marino     cleartexts[0] = "first";
149*86d7f5d3SJohn Marino     cleartexts[1] = "the second";
150*86d7f5d3SJohn Marino     cleartexts[2] = "this is the third";
151*86d7f5d3SJohn Marino     cleartexts[3] = "$#% !!\\3";
152*86d7f5d3SJohn Marino     cleartexts[4] = biggie;
153*86d7f5d3SJohn Marino 
154*86d7f5d3SJohn Marino     /* Set up the most important test string: */
155*86d7f5d3SJohn Marino     /* Can't have a real ASCII zero in the string, because we want to
156*86d7f5d3SJohn Marino        use printf, so we substitute the character zero. */
157*86d7f5d3SJohn Marino     biggie[0] = '0';
158*86d7f5d3SJohn Marino     /* The rest of the string gets straight ascending ASCII. */
159*86d7f5d3SJohn Marino     for (i = 1; i < 256; i++)
160*86d7f5d3SJohn Marino 	biggie[i] = i;
161*86d7f5d3SJohn Marino 
162*86d7f5d3SJohn Marino     /* Test all the strings. */
163*86d7f5d3SJohn Marino     for (i = 0; i < 5; i++)
164*86d7f5d3SJohn Marino     {
165*86d7f5d3SJohn Marino 	printf ("clear%d: %s\n", i, cleartexts[i]);
166*86d7f5d3SJohn Marino 	e = scramble (cleartexts[i]);
167*86d7f5d3SJohn Marino 	printf ("scram%d: %s\n", i, e);
168*86d7f5d3SJohn Marino 	m = descramble (e);
169*86d7f5d3SJohn Marino 	free (e);
170*86d7f5d3SJohn Marino 	printf ("clear%d: %s\n\n", i, m);
171*86d7f5d3SJohn Marino 	free (m);
172*86d7f5d3SJohn Marino     }
173*86d7f5d3SJohn Marino 
174*86d7f5d3SJohn Marino     fflush (stdout);
175*86d7f5d3SJohn Marino     return 0;
176*86d7f5d3SJohn Marino }
177*86d7f5d3SJohn Marino #endif /* DIAGNOSTIC */
178*86d7f5d3SJohn Marino 
179*86d7f5d3SJohn Marino /*
180*86d7f5d3SJohn Marino  * ;;; The Emacs Lisp that did the dirty work ;;;
181*86d7f5d3SJohn Marino  * (progn
182*86d7f5d3SJohn Marino  *
183*86d7f5d3SJohn Marino  *   ;; Helper func.
184*86d7f5d3SJohn Marino  *   (defun random-elt (lst)
185*86d7f5d3SJohn Marino  *     (let* ((len (length lst))
186*86d7f5d3SJohn Marino  *            (rnd (random len)))
187*86d7f5d3SJohn Marino  *       (nth rnd lst)))
188*86d7f5d3SJohn Marino  *
189*86d7f5d3SJohn Marino  *   ;; A list of all characters under 127, each appearing once.
190*86d7f5d3SJohn Marino  *   (setq non-meta-chars
191*86d7f5d3SJohn Marino  *         (let ((i 0)
192*86d7f5d3SJohn Marino  *               (l nil))
193*86d7f5d3SJohn Marino  *           (while (< i 127)
194*86d7f5d3SJohn Marino  *             (setq l (cons i l)
195*86d7f5d3SJohn Marino  *                   i (1+ i)))
196*86d7f5d3SJohn Marino  *           l))
197*86d7f5d3SJohn Marino  *
198*86d7f5d3SJohn Marino  *   ;; A list of all characters 127 and above, each appearing once.
199*86d7f5d3SJohn Marino  *   (setq meta-chars
200*86d7f5d3SJohn Marino  *         (let ((i 127)
201*86d7f5d3SJohn Marino  *               (l nil))
202*86d7f5d3SJohn Marino  *           (while (< i 256)
203*86d7f5d3SJohn Marino  *             (setq l (cons i l)
204*86d7f5d3SJohn Marino  *                   i (1+ i)))
205*86d7f5d3SJohn Marino  *           l))
206*86d7f5d3SJohn Marino  *
207*86d7f5d3SJohn Marino  *   ;; A vector that will hold the chars in a random order.
208*86d7f5d3SJohn Marino  *   (setq scrambled-chars (make-vector 256 0))
209*86d7f5d3SJohn Marino  *
210*86d7f5d3SJohn Marino  *   ;; These characters should map to themselves.
211*86d7f5d3SJohn Marino  *   (let ((i 0))
212*86d7f5d3SJohn Marino  *     (while (< i 32)
213*86d7f5d3SJohn Marino  *       (aset scrambled-chars i i)
214*86d7f5d3SJohn Marino  *       (setq non-meta-chars (delete i non-meta-chars)
215*86d7f5d3SJohn Marino  *             i (1+ i))))
216*86d7f5d3SJohn Marino  *
217*86d7f5d3SJohn Marino  *   ;; Assign random (but unique) values, within the non-meta chars.
218*86d7f5d3SJohn Marino  *   (let ((i 32))
219*86d7f5d3SJohn Marino  *     (while (< i 127)
220*86d7f5d3SJohn Marino  *       (let ((ch (random-elt non-meta-chars)))
221*86d7f5d3SJohn Marino  *         (if (= 0 (aref scrambled-chars i))
222*86d7f5d3SJohn Marino  *             (progn
223*86d7f5d3SJohn Marino  *               (aset scrambled-chars i ch)
224*86d7f5d3SJohn Marino  *               (aset scrambled-chars ch i)
225*86d7f5d3SJohn Marino  *               (setq non-meta-chars (delete ch non-meta-chars)
226*86d7f5d3SJohn Marino  *                     non-meta-chars (delete i non-meta-chars))))
227*86d7f5d3SJohn Marino  *         (setq i (1+ i)))))
228*86d7f5d3SJohn Marino  *
229*86d7f5d3SJohn Marino  *   ;; Assign random (but unique) values, within the non-meta chars.
230*86d7f5d3SJohn Marino  *   (let ((i 127))
231*86d7f5d3SJohn Marino  *     (while (< i 256)
232*86d7f5d3SJohn Marino  *       (let ((ch (random-elt meta-chars)))
233*86d7f5d3SJohn Marino  *         (if (= 0 (aref scrambled-chars i))
234*86d7f5d3SJohn Marino  *             (progn
235*86d7f5d3SJohn Marino  *               (aset scrambled-chars i ch)
236*86d7f5d3SJohn Marino  *               (aset scrambled-chars ch i)
237*86d7f5d3SJohn Marino  *               (setq meta-chars (delete ch meta-chars)
238*86d7f5d3SJohn Marino  *                     meta-chars (delete i meta-chars))))
239*86d7f5d3SJohn Marino  *         (setq i (1+ i)))))
240*86d7f5d3SJohn Marino  *
241*86d7f5d3SJohn Marino  *   ;; Now use the `scrambled-chars' vector to get your C array.
242*86d7f5d3SJohn Marino  *   )
243*86d7f5d3SJohn Marino  */
244