Results 1 to 12 of 12

Thread: DES - ASM to C

  1. #1
    hermanocabral
    Guest

    DES - ASM to C

    hello guys,

    a friend of mine gave me a code and i want to rewrite it in C ansi, but there are some asm code in the criptography section of the code.

    I was wondering if anyone can take a look at the code and give me a clue on what it does and how it does, because i suck in assembly


    here is the code: http://cpp.enisoc.com/pastebin/7611


    thanks in advance!
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    hermanocabral
    Guest
    lol to that signature... lmao
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #3
    Naides is Nobody
    Join Date
    Jan 2002
    Location
    Planet Earth
    Posts
    1,647
    If you do not have a lot of experience in ASM, My suggestion would be to search the DES algorithm elements in the web and implement it using C, or the language that you are most familiar with, right from scratch.

    It would certainly take a shorter time than sifting and reverse eninieering through lines and lines of asm code.

    The asm implemntation you posted was probably done in the name of efficiency, minimizing the number of CPU cycles, but this should not be of much concern in the initial steps of the learning curve.

    Once you understand the elements of DES crypt and decrypt, the ASM code will start to make sense.

    You will see that each segment of the asm code is a named _inline function which represent a discrete step in DES implementation.
    Last edited by naides; August 29th, 2006 at 21:10.

  4. #4
    hermanocabral
    Guest
    thanks for your suggestion, im going to accept it.

    but a problem came to me right now: in this implementation, can be some change particular to that implementation that will change the results of any data encripted with this asm code?

    eg. Using someones implementation of DES in C to chyper this string "abc" return the value 10. Using this asm implementation to chyper the same string returns the value 15.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    Why would you want to go from Asm to C anyway?

    I see more sense in the opposite direction, but...

    I think the discrepancy is because the C implementation is encrypting the null terminator as well.

  6. #6
    Naides is Nobody
    Join Date
    Jan 2002
    Location
    Planet Earth
    Posts
    1,647
    Quote Originally Posted by hermanocabral

    eg. Using someones implementation of DES in C to chyper this string "abc" return the value 10. Using this asm implementation to chyper the same string returns the value 15.

    No. The results should be the same, if the algo is accurately implemented, be it in JAVA, PERL, ASM, BASIC, or by hand using paper and pencil.

    By the way, If you search DES in wiki, someone at MIT coded a Java program that illustrate the DES principle step by step, in a visual fashion.
    Quite didactic and useful IMHO.

  7. #7

    Question wow...

    hard to understand for beginer like me....
    .: Allow Me To Learning :.

  8. #8
    hermanocabral
    Guest
    Quote Originally Posted by LLXX
    Why would you want to go from Asm to C anyway?

    I see more sense in the opposite direction, but...

    I think the discrepancy is because the C implementation is encrypting the null terminator as well.
    i wanna go from asm to c because i dont understand asm... is more simple to me to maintain a code in C then to maintain it in asm...

    what do you mean by encrypting the null terminator? you mean the \0?


    Quote Originally Posted by naides
    No. The results should be the same, if the algo is accurately implemented, be it in JAVA, PERL, ASM, BASIC, or by hand using paper and pencil.

    By the way, If you search DES in wiki, someone at MIT coded a Java program that illustrate the DES principle step by step, in a visual fashion.
    Quite didactic and useful IMHO.
    i followed your suggestion... and indeed the asm code seems to make more sense to me now, after a whole night of DES study... now i can understand things a little better...

    i need more help now with some lines of the code, like:

    mov ecx, spr[800h][eax]
    mov eax, spr[0C00h][eax]

    what in gods name is spr[800h] [eax]? looks like a cast (lol) to me...

    and:
    cmp edx, offset dword_61D77C+32*4
    mov buf, edx
    jl loc_45D6C2
    jmp loc_45D81C

    i know what cmp, jl and jmp does, but i dont know what are those things in bold...

    and those:
    loc_45D76D: ; CODE XREF: sub_45D5C0+F3j

    these are like gotos??
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #9
    Naides is Nobody
    Join Date
    Jan 2002
    Location
    Planet Earth
    Posts
    1,647
    These lines of assembler you post are _inline code from a C program, which is a partcular "dialect" of assembler. This "hybrid" C/ASM code interpreted by the C compiler and further translated into more pure Assembly instructions. the kind code you will see in a disassembly, which is what we are used to deal with in this board. Anyway


    Quote Originally Posted by hermanocabral

    i need more help now with some lines of the code, like:

    mov ecx, spr[800h][eax]

    spr[800h] means Stack Pointer 800, and [eax] is the index:

    There is an array in the stack whose base ([0]th element] is located at the [800h], an address in the stack (Which is usually pointed by EBP). [eax]th dword is being moved to ecx.

    in "pure Assembler":

    mov ecx, dwordptr[ebp +800 + eax]



    mov eax, spr[0C00h][eax]

    in pure assembler:

    mov eax, dwordptr[ebp +0C00 + eax]


    what in gods name is spr[800h] [eax]? looks like a cast (lol) to me...

    More of the same, See above

    and:
    cmp edx, offset dword_61D77C+32*4

    edx is compared to a dword, which is part of structure that is not in the stack, but in the global memory. its address is calculated by adding 32*4 to a base address 61D77C(in hex)

    mov buf, edx

    This is where C code is somewhat mixed with asm code: buf is a local variable that C tracks. When it gets tranlated to pure assembly, it would have no name but some address like [EBP-2C]. buf is just the SYMBOL that repressents the address of a local variable in the stack, a local variable in memory.


    jl loc_45D6C2
    jmp loc_45D81C



    i know what cmp, jl and jmp does, but i dont know what are those things in bold...

    loc_45D6C2 are addresses in the code segment, where the next instruction to be executed is located if the jump takes place. The code flow changes. Yes, it is reminiscent of the GOTO instruction of BASIC and C

    and those are comments, labels:
    loc_45D76D: ; CODE XREF: sub_45D5C0+F3j

    loc_45D76D: gets jumped to by the instruction located at the subroutine that starts at 45D5C0, from an instruction located F3 hex (243 dec) bytes after the begining of the Sub.

    these are like gotos??

    They are cross references. ; CODE XREF: sub_45D5C0+F3j are comments not instructions
    Last edited by naides; August 30th, 2006 at 14:56.

  10. #10
    hermanocabral
    Guest
    Quote Originally Posted by naides
    mov ecx, spr[800h][eax]

    spr[800h] means Stack Pointer 800, and [eax] is the index:

    There is an array in the stack whose base ([0]th element] is located at the [800h], an address in the stack (Which is usually pointed by EBP). [eax]th dword is being moved to ecx.
    how does he know where the stack pointer is?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  11. #11
    Naides is Nobody
    Join Date
    Jan 2002
    Location
    Planet Earth
    Posts
    1,647
    Thre are two CPU registers that usually keep track of the stack: ESP and EBP.

    The addresses of stack varibles are calculated as offsets to these registers:

    The Extended Stack Pointer ESP and the Extended Base Pointer EBP.

    Positive displacements [EBP+ 800] point to variables that were present before the subroutine started. Negative Displacements [EBP-0C] point to local (auto) variables that will disapear whn the subroutine returns. For a cranky but more detailed explanation, see

    http://www.woodmann.com/forum/showthread.php?t=5849&highlight=ascend+code

  12. #12
    hi,

    Code:
    I was wondering if anyone can take a look at the code and give me a clue on what it does and how it does, because i suck in assembly
    maybe consider forgetting that "source" at all and rewrite it from a specification or use free source available. if you want to know what it does, that should be self explaining after knowing what DES does:

    http://www.abisoft.net/des.html

    there is plenty of source on the net:
    http://www.thefreecountry.com/sourcecode/encryption.shtml

    have it in javascript and perl 8)
    http://www.tero.co.uk/des/code.php

    hope that helps,

    0xf001

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •