1Version 4.01 14/01/97 2 Even faster inner loop in the DES assember for x86 and a modification 3 for IP/FP which is faster on x86. Both of these changes are 4 from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. His 5 changes make the assember run %40 faster on a pentium. This is just 6 a case of getting the instruction sequence 'just right'. 7 All credit to 'Svend' :-) 8 Quite a few special x86 'make' targets. 9 A libdes-l (lite) distribution. 10 11Version 4.00 12 After a bit of a pause, I'll up the major version number since this 13 is mostly a performace release. I've added x86 assember and 14 added more options for performance. A %28 speedup for gcc 15 on a pentium and the assember is a %50 speedup. 16 MIPS CPU's, sparc and Alpha are the main CPU's with speedups. 17 Run des_opts to work out which options should be used. 18 DES_RISC1/DES_RISC2 use alternative inner loops which use 19 more registers but should give speedups on any CPU that does 20 dual issue (pentium). DES_UNROLL unrolls the inner loop, 21 which costs in code size. 22 23Version 3.26 24 I've finally removed one of the shifts in D_ENCRYPT. This 25 meant I've changed the des_SPtrans table (spr.h), the set_key() 26 function and some things in des_enc.c. This has definitly 27 made things faster :-). I've known about this one for some 28 time but I've been too lazy to follow it up :-). 29 Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^.. 30 instead of L^=((..)|(..)|(..).. This should save a register at 31 least. 32 Assember for x86. The file to replace is des_enc.c, which is replaced 33 by one of the assember files found in asm. Look at des/asm/readme 34 for more info. 35 36 /* Modification to fcrypt so it can be compiled to support 37 HPUX 10.x's long password format, define -DLONGCRYPT to use this. 38 Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */ 39 40 SIGWINCH case put in des_read_passwd() so the function does not 41 'exit' if this function is recieved. 42 43Version 3.25 17/07/96 44 Modified read_pwd.c so that stdin can be read if not a tty. 45 Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches. 46 des_init_random_number_generator() shortened due to VMS linker 47 limits. 48 Added RSA's DESX cbc mode. It is a form of cbc encryption, with 2 49 8 byte quantites xored before and after encryption. 50 des_xcbc_encryption() - the name is funny to preserve the des_ 51 prefix on all functions. 52 53Version 3.24 20/04/96 54 The DES_PTR macro option checked and used by SSLeay configuration 55 56Version 3.23 11/04/96 57 Added DES_LONG. If defined to 'unsigned int' on the DEC Alpha, 58 it gives a %20 speedup :-) 59 Fixed the problem with des.pl under perl5. The patches were 60 sent by Ed Kubaitis (ejk@uiuc.edu). 61 if fcrypt.c, changed values to handle illegal salt values the way 62 normal crypt() implementations do. Some programs apparently use 63 them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se> 64 65Version 3.22 29/11/95 66 Bug in des(1), an error with the uuencoding stuff when the 67 'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au> 68 for the patch. 69 70Version 3.21 22/11/95 71 After some emailing back and forth with 72 Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things 73 and in a future version I will probably put in some of the 74 optimisation he suggested for use with the DES_USE_PTR option. 75 Extra routines from Mark Murray <mark@grondar.za> for use in 76 freeBSD. They mostly involve random number generation for use 77 with kerberos. They involve evil machine specific system calls 78 etc so I would normally suggest pushing this stuff into the 79 application and/or using RAND_seed()/RAND_bytes() if you are 80 using this DES library as part of SSLeay. 81 Redone the read_pw() function so that it is cleaner and 82 supports termios, thanks to Sameer Parekh <sameer@c2.org> 83 for the initial patches for this. 84 Renamed 3ecb_encrypt() to ecb3_encrypt(). This has been 85 done just to make things more consistent. 86 I have also now added triple DES versions of cfb and ofb. 87 88Version 3.20 89 Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com, 90 my des_random_seed() function was only copying 4 bytes of the 91 passed seed into the init structure. It is now fixed to copy 8. 92 My own suggestion is to used something like MD5 :-) 93 94Version 3.19 95 While looking at my code one day, I though, why do I keep on 96 calling des_encrypt(in,out,ks,enc) when every function that 97 calls it has in and out the same. So I dropped the 'out' 98 parameter, people should not be using this function. 99 100Version 3.18 30/08/95 101 Fixed a few bit with the distribution and the filenames. 102 3.17 had been munged via a move to DOS and back again. 103 NO CODE CHANGES 104 105Version 3.17 14/07/95 106 Fixed ede3 cbc which I had broken in 3.16. I have also 107 removed some unneeded variables in 7-8 of the routines. 108 109Version 3.16 26/06/95 110 Added des_encrypt2() which does not use IP/FP, used by triple 111 des routines. Tweaked things a bit elsewhere. %13 speedup on 112 sparc and %6 on a R4400 for ede3 cbc mode. 113 114Version 3.15 06/06/95 115 Added des_ncbc_encrypt(), it is des_cbc mode except that it is 116 'normal' and copies the new iv value back over the top of the 117 passed parameter. 118 CHANGED des_ede3_cbc_encrypt() so that it too now overwrites 119 the iv. THIS WILL BREAK EXISTING CODE, but since this function 120 only new, I feel I can change it, not so with des_cbc_encrypt :-(. 121 I need to update the documentation. 122 123Version 3.14 31/05/95 124 New release upon the world, as part of my SSL implementation. 125 New copyright and usage stuff. Basically free for all to use 126 as long as you say it came from me :-) 127 128Version 3.13 31/05/95 129 A fix in speed.c, if HZ is not defined, I set it to 100.0 130 which is reasonable for most unixes except SunOS 4.x. 131 I now have a #ifdef sun but timing for SunOS 4.x looked very 132 good :-(. At my last job where I used SunOS 4.x, it was 133 defined to be 60.0 (look at the old INSTALL documentation), at 134 the last release had it changed to 100.0 since I now work with 135 Solaris2 and SVR4 boxes. 136 Thanks to Rory Chisholm <rchishol@math.ethz.ch> for pointing this 137 one out. 138 139Version 3.12 08/05/95 140 As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>, 141 my D_ENCRYPT macro in crypt() had an un-necessary variable. 142 It has been removed. 143 144Version 3.11 03/05/95 145 Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys 146 and one iv. It is a standard and I needed it for my SSL code. 147 It makes more sense to use this for triple DES than 148 3cbc_encrypt(). I have also added (or should I say tested :-) 149 cfb64_encrypt() which is cfb64 but it will encrypt a partial 150 number of bytes - 3 bytes in 3 bytes out. Again this is for 151 my SSL library, as a form of encryption to use with SSL 152 telnet. 153 154Version 3.10 22/03/95 155 Fixed a bug in 3cbc_encrypt() :-(. When making repeated calls 156 to cbc3_encrypt, the 2 iv values that were being returned to 157 be used in the next call were reversed :-(. 158 Many thanks to Bill Wade <wade@Stoner.COM> for pointing out 159 this error. 160 161Version 3.09 01/02/95 162 Fixed des_random_key to far more random, it was rather feeble 163 with regards to picking the initial seed. The problem was 164 pointed out by Olaf Kirch <okir@monad.swb.de>. 165 166Version 3.08 14/12/94 167 Added Makefile.PL so libdes can be built into perl5. 168 Changed des_locl.h so RAND is always defined. 169 170Version 3.07 05/12/94 171 Added GNUmake and stuff so the library can be build with 172 glibc. 173 174Version 3.06 30/08/94 175 Added rpc_enc.c which contains _des_crypt. This is for use in 176 secure_rpc v 4.0 177 Finally fixed the cfb_enc problems. 178 Fixed a few parameter parsing bugs in des (-3 and -b), thanks 179 to Rob McMillan <R.McMillan@its.gu.edu.au> 180 181Version 3.05 21/04/94 182 for unsigned long l; gcc does not produce ((l>>34) == 0) 183 This causes bugs in cfb_enc. 184 Thanks to Hadmut Danisch <danisch@ira.uka.de> 185 186Version 3.04 20/04/94 187 Added a version number to des.c and libdes.a 188 189Version 3.03 12/01/94 190 Fixed a bug in non zero iv in 3cbc_enc. 191 192Version 3.02 29/10/93 193 I now work in a place where there are 6+ architectures and 14+ 194 OS versions :-). 195 Fixed TERMIO definition so the most sys V boxes will work :-) 196 197Release upon comp.sources.misc 198Version 3.01 08/10/93 199 Added des_3cbc_encrypt() 200 201Version 3.00 07/10/93 202 Fixed up documentation. 203 quad_cksum definitely compatible with MIT's now. 204 205Version 2.30 24/08/93 206 Triple DES now defaults to triple cbc but can do triple ecb 207 with the -b flag. 208 Fixed some MSDOS uuen/uudecoding problems, thanks to 209 Added prototypes. 210 211Version 2.22 29/06/93 212 Fixed a bug in des_is_weak_key() which stopped it working :-( 213 thanks to engineering@MorningStar.Com. 214 215Version 2.21 03/06/93 216 des(1) with no arguments gives quite a bit of help. 217 Added -c (generate ckecksum) flag to des(1). 218 Added -3 (triple DES) flag to des(1). 219 Added cfb and ofb routines to the library. 220 221Version 2.20 11/03/93 222 Added -u (uuencode) flag to des(1). 223 I have been playing with byte order in quad_cksum to make it 224 compatible with MIT's version. All I can say is avid this 225 function if possible since MIT's output is endian dependent. 226 227Version 2.12 14/10/92 228 Added MSDOS specific macro in ecb_encrypt which gives a %70 229 speed up when the code is compiled with turbo C. 230 231Version 2.11 12/10/92 232 Speedup in set_key (recoding of PC-1) 233 I now do it in 47 simple operations, down from 60. 234 Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov) 235 for motivating me to look for a faster system :-) 236 The speedup is probably less that 1% but it is still 13 237 instructions less :-). 238 239Version 2.10 06/10/92 240 The code now works on the 64bit ETA10 and CRAY without modifications or 241 #defines. I believe the code should work on any machine that 242 defines long, int or short to be 8 bytes long. 243 Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu) 244 for helping me fix the code to run on 64bit machines (he had 245 access to an ETA10). 246 Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov> 247 for testing the routines on a CRAY. 248 read_password.c has been renamed to read_passwd.c 249 string_to_key.c has been renamed to string2key.c 250 251Version 2.00 14/09/92 252 Made mods so that the library should work on 64bit CPU's. 253 Removed all my uchar and ulong defs. To many different 254 versions of unix define them in their header files in too many 255 different combinations :-) 256 IRIX - Sillicon Graphics mods (mostly in read_password.c). 257 Thanks to Andrew Daviel (advax@erich.triumf.ca) 258 259Version 1.99 26/08/92 260 Fixed a bug or 2 in enc_read.c 261 Fixed a bug in enc_write.c 262 Fixed a pseudo bug in fcrypt.c (very obscure). 263 264Version 1.98 31/07/92 265 Support for the ETA10. This is a strange machine that defines 266 longs and ints as 8 bytes and shorts as 4 bytes. 267 Since I do evil things with long * that assume that they are 4 268 bytes. Look in the Makefile for the option to compile for 269 this machine. quad_cksum appears to have problems but I 270 will don't have the time to fix it right now, and this is not 271 a function that uses DES and so will not effect the main uses 272 of the library. 273 274Version 1.97 20/05/92 eay 275 Fixed the Imakefile and made some changes to des.h to fix some 276 problems when building this package with Kerberos v 4. 277 278Version 1.96 18/05/92 eay 279 Fixed a small bug in string_to_key() where problems could 280 occur if des_check_key was set to true and the string 281 generated a weak key. 282 283Patch2 posted to comp.sources.misc 284Version 1.95 13/05/92 eay 285 Added an alternative version of the D_ENCRYPT macro in 286 ecb_encrypt and fcrypt. Depending on the compiler, one version or the 287 other will be faster. This was inspired by 288 Dana How <how@isl.stanford.edu>, and her pointers about doing the 289 *(ulong *)((uchar *)ptr+(value&0xfc)) 290 vs 291 ptr[value&0x3f] 292 to stop the C compiler doing a <<2 to convert the long array index. 293 294Version 1.94 05/05/92 eay 295 Fixed an incompatibility between my string_to_key and the MIT 296 version. When the key is longer than 8 chars, I was wrapping 297 with a different method. To use the old version, define 298 OLD_STR_TO_KEY in the makefile. Thanks to 299 viktor@newsu.shearson.com (Viktor Dukhovni). 300 301Version 1.93 28/04/92 eay 302 Fixed the VMS mods so that echo is now turned off in 303 read_password. Thanks again to brennan@coco.cchs.su.oz.AU. 304 MSDOS support added. The routines can be compiled with 305 Turbo C (v2.0) and MSC (v5.1). Make sure MSDOS is defined. 306 307Patch1 posted to comp.sources.misc 308Version 1.92 13/04/92 eay 309 Changed D_ENCRYPT so that the rotation of R occurs outside of 310 the loop. This required rotating all the longs in sp.h (now 311 called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM> 312 speed.c has been changed so it will work without SIGALRM. If 313 times(3) is not present it will try to use ftime() instead. 314 315Version 1.91 08/04/92 eay 316 Added -E/-D options to des(1) so it can use string_to_key. 317 Added SVR4 mods suggested by witr@rwwa.COM 318 Added VMS mods suggested by brennan@coco.cchs.su.oz.AU. If 319 anyone knows how to turn of tty echo in VMS please tell me or 320 implement it yourself :-). 321 Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS 322 does not like IN/OUT being used. 323 324Libdes posted to comp.sources.misc 325Version 1.9 24/03/92 eay 326 Now contains a fast small crypt replacement. 327 Added des(1) command. 328 Added des_rw_mode so people can use cbc encryption with 329 enc_read and enc_write. 330 331Version 1.8 15/10/91 eay 332 Bug in cbc_cksum. 333 Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this 334 one out. 335 336Version 1.7 24/09/91 eay 337 Fixed set_key :-) 338 set_key is 4 times faster and takes less space. 339 There are a few minor changes that could be made. 340 341Version 1.6 19/09/1991 eay 342 Finally go IP and FP finished. 343 Now I need to fix set_key. 344 This version is quite a bit faster that 1.51 345 346Version 1.52 15/06/1991 eay 347 20% speedup in ecb_encrypt by changing the E bit selection 348 to use 2 32bit words. This also required modification of the 349 sp table. There is still a way to speedup the IP and IP-1 350 (hints from outer@sq.com) still working on this one :-(. 351 352Version 1.51 07/06/1991 eay 353 Faster des_encrypt by loop unrolling 354 Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu) 355 356Version 1.50 28/05/1991 eay 357 Optimised the code a bit more for the sparc. I have improved the 358 speed of the inner des_encrypt by speeding up the initial and 359 final permutations. 360 361Version 1.40 23/10/1990 eay 362 Fixed des_random_key, it did not produce a random key :-( 363 364Version 1.30 2/10/1990 eay 365 Have made des_quad_cksum the same as MIT's, the full package 366 should be compatible with MIT's 367 Have tested on a DECstation 3100 368 Still need to fix des_set_key (make it faster). 369 Does des_cbc_encrypts at 70.5k/sec on a 3100. 370 371Version 1.20 18/09/1990 eay 372 Fixed byte order dependencies. 373 Fixed (I hope) all the word alignment problems. 374 Speedup in des_ecb_encrypt. 375 376Version 1.10 11/09/1990 eay 377 Added des_enc_read and des_enc_write. 378 Still need to fix des_quad_cksum. 379 Still need to document des_enc_read and des_enc_write. 380 381Version 1.00 27/08/1990 eay 382 383