Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!sun-barr!decwrl!shelby!SRC.DEC.COM!saltzer
From: saltzer@SRC.DEC.COM (Jerome H Saltzer)
Newsgroups: comp.protocols.kerberos
Subject: Re:
Message-ID: <8912191828.AA15605@jumbo>
Date: 19 Dec 89 18:28:00 GMT
References: <8912191532.AA16028@ATHENA.MIT.EDU>
Sender: daemon@shelby.Stanford.EDU
Organization: The Internet
Lines: 34


>   I've just recieved a copy of the kerberos source and got everything
> to compile ok (on my 386i 4.01), but the encrypt testing program (verify)
> failed on all tests. The documentation tells me that it needs to work
> before I can go on but doesn't offer any ideas as to how to fix it. 
> 
>    If anyone has seen this problem or can offer me some advise as to
> how to fix the Des code for my system, please do.
> 
>     Tim Drake   E-Mail:

I would guess that the problem is in the bit/byte order and word 
length specifications.  I suppose that the 386 is more like a PC 
than it is like an RT or a VAX, even if you run BSD Unix on it.

The DES sources were originally designed to allow adjustment for 
byte order and word length, and the first implementation of the 
algorithm was checked out on an 8086 processor (an IBM PC), so you 
should be able to get it to work, albeit with a bit of 
experimentation.  The last time I looked, the parameters were 
automatically set for the PC architecture when you ran the compilation 
with #IFDEF PC8086, but there was some rearrangement in progress 
that might have broken that feature.  The relevant parameters were 
in the file "des_conf.h".

I believe that the appropriate architectural parameter settings for 
the 8086 (and therefore they may also work on the 386) were:

#define     BITS16
#define     LSBFIRST
#define     IBMPC

                                Jerry Saltzer