to see a pure-Tcl implementation of a DES (just 56-bit encryption) go [L1 ].
Read about DES in the Handbook of Applied Cryptography [L2 ] Chapter 7:[L3 ]
This can/should go into the tcllib.
to encrypt do:
package require des DES::GetKey -encrypt <password> encryptKeysArray # or DES::GetKey -encryptVNC <password> encryptKeysArray set encryptedBlock [DES::DoBlock <PlainText8ByteBlock> encryptKeysArray] ...
to decrypt do:
package require des DES::GetKey -decrypt <password> decryptKeysArray set plainText [DES::DoBlock <Encrypted8ByteBlock> decryptKeysArray] ...
I did a pure-tcl implementation of Eric Young's fast version some years ago. The recent developement of TkVNC (pure-Tcl as well) and the missing authentication, leads me to release the code. Unfortunately, I recognize that the VNC implementation generates the key vector out of the key/password slightly different. So I reimplemented another, more readable version, whichs allows standard and VNC mode easily to be switched. I still have the old version around.
PT writes: This would be a fine addition to tcllib although to add this we need a file of tests to ensure that it is working correctly. I gave this a try and for Tcl 8.4.1 on Win98 I unfortunately get
DES::GetKey -encrypt sekret K set e [DES::DesBlock "01234567" K] integer value too large to represent
The error comes from the binary format I* ...
Jochen Loewer: your example works for me in Tcl8.0 and Tcl8.3. Do you have a 64bit Tcl8.4? Need to read the 8.4 man pages for 'binary'.
Pascal Scheffers: Nice work! Before adding this to tcllib, though, it would be reasonably important to not only provide methods for ECB, but also for CBC, CFB and OFB. As these last are the ones actually used by most protocols. And while you're at it maybe 2-key 3des. EBC is very interesting for academic purposes, but should be avoided if possible - if only this ends up in tcllib a lot of people will have a Warm, Fuzzy, False Sense of Security when they start using ECB encryption. Normal users should have a higher level interface.
package require des
DES::GetKey -encrypt <password> encryptKeysArray
set myPlainText {An arbitrary amount of text you would normally use}
set myCipherText [DES::DoOFB $myPlainText encryptKeysArray]Have you run the code against a DES test set?