2 * FreeSec: libcrypt for NetBSD
4 * Copyright (c) 1994 David Burren
7 * Adapted for FreeBSD-2.0 by Geoffrey M. Rehmet
8 * this file should now *only* export crypt(), in order to make
9 * binaries of libcrypt exportable from the USA
11 * Adapted for FreeBSD-4.0 by Mark R V Murray
12 * this file should now *only* export crypt_des(), in order to make
13 * a module that can be optionally included in libcrypt.
15 * Redistribution and use in source and binary forms, with or without
16 * modification, are permitted provided that the following conditions
18 * 1. Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
20 * 2. Redistributions in binary form must reproduce the above copyright
21 * notice, this list of conditions and the following disclaimer in the
22 * documentation and/or other materials provided with the distribution.
23 * 3. Neither the name of the author nor the names of other contributors
24 * may be used to endorse or promote products derived from this software
25 * without specific prior written permission.
27 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
28 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
29 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
30 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
39 * $FreeBSD: src/secure/lib/libcrypt/crypt-des.c,v 1.12 1999/09/20 12:39:20 markm Exp $
41 * This is an original implementation of the DES and the crypt(3) interfaces
42 * by David Burren <davidb@werj.com.au>.
44 * An excellent reference on the underlying algorithm (and related
47 * B. Schneier, Applied Cryptography: protocols, algorithms,
48 * and source code in C, John Wiley & Sons, 1994.
50 * Note that in that book's description of DES the lookups for the initial,
51 * pbox, and final permutations are inverted (this has been brought to the
52 * attention of the author). A list of errata for this book has been
53 * posted to the sci.crypt newsgroup by the author and is available for FTP.
55 * ARCHITECTURE ASSUMPTIONS:
56 * It is assumed that the 8-byte arrays passed by reference can be
57 * addressed as arrays of u_int32_t's (ie. the CPU is not picky about
60 #include <sys/types.h>
61 #include <sys/param.h>
66 /* We can't always assume gcc */
72 static u_char IP[64] = {
73 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4,
74 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8,
75 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3,
76 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7
79 static u_char inv_key_perm[64];
80 static u_char u_key_perm[56];
81 static u_char key_perm[56] = {
82 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18,
83 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36,
84 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22,
85 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4
88 static u_char key_shifts[16] = {
89 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
92 static u_char inv_comp_perm[56];
93 static u_char comp_perm[48] = {
94 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10,
95 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2,
96 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48,
97 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32
101 * No E box is used, as it's replaced by some ANDs, shifts, and ORs.
104 static u_char u_sbox[8][64];
105 static u_char sbox[8][64] = {
107 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
108 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
109 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
110 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13
113 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
114 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
115 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
116 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9
119 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
120 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
121 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
122 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12
125 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
126 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
127 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
128 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14
131 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
132 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
133 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
134 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3
137 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
138 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
139 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
140 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13
143 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
144 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
145 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
146 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12
149 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
150 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
151 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
152 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11
156 static u_char un_pbox[32];
157 static u_char pbox[32] = {
158 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
159 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
162 static u_int32_t bits32[32] =
164 0x80000000, 0x40000000, 0x20000000, 0x10000000,
165 0x08000000, 0x04000000, 0x02000000, 0x01000000,
166 0x00800000, 0x00400000, 0x00200000, 0x00100000,
167 0x00080000, 0x00040000, 0x00020000, 0x00010000,
168 0x00008000, 0x00004000, 0x00002000, 0x00001000,
169 0x00000800, 0x00000400, 0x00000200, 0x00000100,
170 0x00000080, 0x00000040, 0x00000020, 0x00000010,
171 0x00000008, 0x00000004, 0x00000002, 0x00000001
174 static u_char bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 };
176 static u_int32_t saltbits;
177 static long old_salt;
178 static u_int32_t *bits28, *bits24;
179 static u_char init_perm[64], final_perm[64];
180 static u_int32_t en_keysl[16], en_keysr[16];
181 static u_int32_t de_keysl[16], de_keysr[16];
182 static int des_initialised = 0;
183 static u_char m_sbox[4][4096];
184 static u_int32_t psbox[4][256];
185 static u_int32_t ip_maskl[8][256], ip_maskr[8][256];
186 static u_int32_t fp_maskl[8][256], fp_maskr[8][256];
187 static u_int32_t key_perm_maskl[8][128], key_perm_maskr[8][128];
188 static u_int32_t comp_maskl[8][128], comp_maskr[8][128];
189 static u_int32_t old_rawkey0, old_rawkey1;
191 static u_char ascii64[] =
192 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
193 /* 0000000000111111111122222222223333333333444444444455555555556666 */
194 /* 0123456789012345678901234567890123456789012345678901234567890123 */
197 ascii_to_bin(char ch)
202 return(ch - 'a' + 38);
206 return(ch - 'A' + 12);
217 int i, j, b, k, inbit, obit;
218 u_int32_t *p, *il, *ir, *fl, *fr;
220 old_rawkey0 = old_rawkey1 = 0L;
223 bits24 = (bits28 = bits32 + 4) + 4;
226 * Invert the S-boxes, reordering the input bits.
228 for (i = 0; i < 8; i++)
229 for (j = 0; j < 64; j++) {
230 b = (j & 0x20) | ((j & 1) << 4) | ((j >> 1) & 0xf);
231 u_sbox[i][j] = sbox[i][b];
235 * Convert the inverted S-boxes into 4 arrays of 8 bits.
236 * Each will handle 12 bits of the S-box input.
238 for (b = 0; b < 4; b++)
239 for (i = 0; i < 64; i++)
240 for (j = 0; j < 64; j++)
241 m_sbox[b][(i << 6) | j] =
242 (u_sbox[(b << 1)][i] << 4) |
243 u_sbox[(b << 1) + 1][j];
246 * Set up the initial & final permutations into a useful form, and
247 * initialise the inverted key permutation.
249 for (i = 0; i < 64; i++) {
250 init_perm[final_perm[i] = IP[i] - 1] = i;
251 inv_key_perm[i] = 255;
255 * Invert the key permutation and initialise the inverted key
256 * compression permutation.
258 for (i = 0; i < 56; i++) {
259 u_key_perm[i] = key_perm[i] - 1;
260 inv_key_perm[key_perm[i] - 1] = i;
261 inv_comp_perm[i] = 255;
265 * Invert the key compression permutation.
267 for (i = 0; i < 48; i++) {
268 inv_comp_perm[comp_perm[i] - 1] = i;
272 * Set up the OR-mask arrays for the initial and final permutations,
273 * and for the key initial and compression permutations.
275 for (k = 0; k < 8; k++) {
276 for (i = 0; i < 256; i++) {
277 *(il = &ip_maskl[k][i]) = 0L;
278 *(ir = &ip_maskr[k][i]) = 0L;
279 *(fl = &fp_maskl[k][i]) = 0L;
280 *(fr = &fp_maskr[k][i]) = 0L;
281 for (j = 0; j < 8; j++) {
284 if ((obit = init_perm[inbit]) < 32)
287 *ir |= bits32[obit-32];
288 if ((obit = final_perm[inbit]) < 32)
291 *fr |= bits32[obit - 32];
295 for (i = 0; i < 128; i++) {
296 *(il = &key_perm_maskl[k][i]) = 0L;
297 *(ir = &key_perm_maskr[k][i]) = 0L;
298 for (j = 0; j < 7; j++) {
300 if (i & bits8[j + 1]) {
301 if ((obit = inv_key_perm[inbit]) == 255)
306 *ir |= bits28[obit - 28];
309 *(il = &comp_maskl[k][i]) = 0L;
310 *(ir = &comp_maskr[k][i]) = 0L;
311 for (j = 0; j < 7; j++) {
313 if (i & bits8[j + 1]) {
314 if ((obit=inv_comp_perm[inbit]) == 255)
319 *ir |= bits24[obit - 24];
326 * Invert the P-box permutation, and convert into OR-masks for
327 * handling the output of the S-box arrays setup above.
329 for (i = 0; i < 32; i++)
330 un_pbox[pbox[i] - 1] = i;
332 for (b = 0; b < 4; b++)
333 for (i = 0; i < 256; i++) {
334 *(p = &psbox[b][i]) = 0L;
335 for (j = 0; j < 8; j++) {
337 *p |= bits32[un_pbox[8 * b + j]];
345 setup_salt(long salt)
347 u_int32_t obit, saltbit;
350 if (salt == old_salt)
357 for (i = 0; i < 24; i++) {
366 des_setkey(const char *key)
368 u_int32_t k0, k1, rawkey0, rawkey1;
371 if (!des_initialised)
374 rawkey0 = ntohl(*(u_int32_t *) key);
375 rawkey1 = ntohl(*(u_int32_t *) (key + 4));
377 if ((rawkey0 | rawkey1)
378 && rawkey0 == old_rawkey0
379 && rawkey1 == old_rawkey1) {
381 * Already setup for this key.
382 * This optimisation fails on a zero key (which is weak and
383 * has bad parity anyway) in order to simplify the starting
388 old_rawkey0 = rawkey0;
389 old_rawkey1 = rawkey1;
392 * Do key permutation and split into two 28-bit subkeys.
394 k0 = key_perm_maskl[0][rawkey0 >> 25]
395 | key_perm_maskl[1][(rawkey0 >> 17) & 0x7f]
396 | key_perm_maskl[2][(rawkey0 >> 9) & 0x7f]
397 | key_perm_maskl[3][(rawkey0 >> 1) & 0x7f]
398 | key_perm_maskl[4][rawkey1 >> 25]
399 | key_perm_maskl[5][(rawkey1 >> 17) & 0x7f]
400 | key_perm_maskl[6][(rawkey1 >> 9) & 0x7f]
401 | key_perm_maskl[7][(rawkey1 >> 1) & 0x7f];
402 k1 = key_perm_maskr[0][rawkey0 >> 25]
403 | key_perm_maskr[1][(rawkey0 >> 17) & 0x7f]
404 | key_perm_maskr[2][(rawkey0 >> 9) & 0x7f]
405 | key_perm_maskr[3][(rawkey0 >> 1) & 0x7f]
406 | key_perm_maskr[4][rawkey1 >> 25]
407 | key_perm_maskr[5][(rawkey1 >> 17) & 0x7f]
408 | key_perm_maskr[6][(rawkey1 >> 9) & 0x7f]
409 | key_perm_maskr[7][(rawkey1 >> 1) & 0x7f];
411 * Rotate subkeys and do compression permutation.
414 for (round = 0; round < 16; round++) {
417 shifts += key_shifts[round];
419 t0 = (k0 << shifts) | (k0 >> (28 - shifts));
420 t1 = (k1 << shifts) | (k1 >> (28 - shifts));
422 de_keysl[15 - round] =
423 en_keysl[round] = comp_maskl[0][(t0 >> 21) & 0x7f]
424 | comp_maskl[1][(t0 >> 14) & 0x7f]
425 | comp_maskl[2][(t0 >> 7) & 0x7f]
426 | comp_maskl[3][t0 & 0x7f]
427 | comp_maskl[4][(t1 >> 21) & 0x7f]
428 | comp_maskl[5][(t1 >> 14) & 0x7f]
429 | comp_maskl[6][(t1 >> 7) & 0x7f]
430 | comp_maskl[7][t1 & 0x7f];
432 de_keysr[15 - round] =
433 en_keysr[round] = comp_maskr[0][(t0 >> 21) & 0x7f]
434 | comp_maskr[1][(t0 >> 14) & 0x7f]
435 | comp_maskr[2][(t0 >> 7) & 0x7f]
436 | comp_maskr[3][t0 & 0x7f]
437 | comp_maskr[4][(t1 >> 21) & 0x7f]
438 | comp_maskr[5][(t1 >> 14) & 0x7f]
439 | comp_maskr[6][(t1 >> 7) & 0x7f]
440 | comp_maskr[7][t1 & 0x7f];
446 do_des( u_int32_t l_in, u_int32_t r_in, u_int32_t *l_out, u_int32_t *r_out, int count)
449 * l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format.
451 u_int32_t l, r, *kl, *kr, *kl1, *kr1;
452 u_int32_t f, r48l, r48r;
457 } else if (count > 0) {
473 * Do initial permutation (IP).
475 l = ip_maskl[0][l_in >> 24]
476 | ip_maskl[1][(l_in >> 16) & 0xff]
477 | ip_maskl[2][(l_in >> 8) & 0xff]
478 | ip_maskl[3][l_in & 0xff]
479 | ip_maskl[4][r_in >> 24]
480 | ip_maskl[5][(r_in >> 16) & 0xff]
481 | ip_maskl[6][(r_in >> 8) & 0xff]
482 | ip_maskl[7][r_in & 0xff];
483 r = ip_maskr[0][l_in >> 24]
484 | ip_maskr[1][(l_in >> 16) & 0xff]
485 | ip_maskr[2][(l_in >> 8) & 0xff]
486 | ip_maskr[3][l_in & 0xff]
487 | ip_maskr[4][r_in >> 24]
488 | ip_maskr[5][(r_in >> 16) & 0xff]
489 | ip_maskr[6][(r_in >> 8) & 0xff]
490 | ip_maskr[7][r_in & 0xff];
501 * Expand R to 48 bits (simulate the E-box).
503 r48l = ((r & 0x00000001) << 23)
504 | ((r & 0xf8000000) >> 9)
505 | ((r & 0x1f800000) >> 11)
506 | ((r & 0x01f80000) >> 13)
507 | ((r & 0x001f8000) >> 15);
509 r48r = ((r & 0x0001f800) << 7)
510 | ((r & 0x00001f80) << 5)
511 | ((r & 0x000001f8) << 3)
512 | ((r & 0x0000001f) << 1)
513 | ((r & 0x80000000) >> 31);
515 * Do salting for crypt() and friends, and
516 * XOR with the permuted key.
518 f = (r48l ^ r48r) & saltbits;
522 * Do sbox lookups (which shrink it back to 32 bits)
523 * and do the pbox permutation at the same time.
525 f = psbox[0][m_sbox[0][r48l >> 12]]
526 | psbox[1][m_sbox[1][r48l & 0xfff]]
527 | psbox[2][m_sbox[2][r48r >> 12]]
528 | psbox[3][m_sbox[3][r48r & 0xfff]];
530 * Now that we've permuted things, complete f().
540 * Do final permutation (inverse of IP).
542 *l_out = fp_maskl[0][l >> 24]
543 | fp_maskl[1][(l >> 16) & 0xff]
544 | fp_maskl[2][(l >> 8) & 0xff]
545 | fp_maskl[3][l & 0xff]
546 | fp_maskl[4][r >> 24]
547 | fp_maskl[5][(r >> 16) & 0xff]
548 | fp_maskl[6][(r >> 8) & 0xff]
549 | fp_maskl[7][r & 0xff];
550 *r_out = fp_maskr[0][l >> 24]
551 | fp_maskr[1][(l >> 16) & 0xff]
552 | fp_maskr[2][(l >> 8) & 0xff]
553 | fp_maskr[3][l & 0xff]
554 | fp_maskr[4][r >> 24]
555 | fp_maskr[5][(r >> 16) & 0xff]
556 | fp_maskr[6][(r >> 8) & 0xff]
557 | fp_maskr[7][r & 0xff];
562 des_cipher(const char *in, char *out, long salt, int count)
564 const uint32_t *in32;
565 uint32_t l_out, r_out, rawl, rawr, *out32;
568 if (!des_initialised)
573 in32 = (const uint32_t *)in;
574 out32 = (uint32_t *)out;
576 rawl = ntohl(*in32++);
579 retval = do_des(rawl, rawr, &l_out, &r_out, count);
581 *out32++ = htonl(l_out);
582 *out32 = htonl(r_out);
587 crypt_des(const char *key, const char *setting)
590 u_int32_t count, salt, l, r0, r1, keybuf[2];
592 static u_char output[21];
594 if (!des_initialised)
599 * Copy the key, shifting each character up by one bit
600 * and padding with zeros.
602 q = (u_char *) keybuf;
603 while (q - (u_char *) keybuf - 8) {
608 if (des_setkey((u_char *) keybuf))
611 if (*setting == _PASSWORD_EFMT1) {
614 * setting - underscore, 4 bytes of count, 4 bytes of salt
615 * key - unlimited characters
617 for (i = 1, count = 0L; i < 5; i++)
618 count |= ascii_to_bin(setting[i]) << (i - 1) * 6;
620 for (i = 5, salt = 0L; i < 9; i++)
621 salt |= ascii_to_bin(setting[i]) << (i - 5) * 6;
625 * Encrypt the key with itself.
627 if (des_cipher((u_char*)keybuf, (u_char*)keybuf, 0L, 1))
630 * And XOR with the next 8 characters of the key.
632 q = (u_char *) keybuf;
633 while (q - (u_char *) keybuf - 8 && *key)
636 if (des_setkey((u_char *) keybuf))
639 strncpy(output, setting, 9);
642 * Double check that we weren't given a short setting.
643 * If we were, the above code will probably have created
644 * weird values for count and salt, but we don't really care.
645 * Just make sure the output string doesn't have an extra
649 p = output + strlen(output);
653 * setting - 2 bytes of salt
654 * key - up to 8 characters
658 salt = (ascii_to_bin(setting[1]) << 6)
659 | ascii_to_bin(setting[0]);
661 output[0] = setting[0];
663 * If the encrypted password that the salt was extracted from
664 * is only 1 character long, the salt will be corrupted. We
665 * need to ensure that the output string doesn't have an extra
668 output[1] = setting[1] ? setting[1] : output[0];
676 if (do_des(0L, 0L, &r0, &r1, count))
679 * Now encode the result...
682 *p++ = ascii64[(l >> 18) & 0x3f];
683 *p++ = ascii64[(l >> 12) & 0x3f];
684 *p++ = ascii64[(l >> 6) & 0x3f];
685 *p++ = ascii64[l & 0x3f];
687 l = (r0 << 16) | ((r1 >> 16) & 0xffff);
688 *p++ = ascii64[(l >> 18) & 0x3f];
689 *p++ = ascii64[(l >> 12) & 0x3f];
690 *p++ = ascii64[(l >> 6) & 0x3f];
691 *p++ = ascii64[l & 0x3f];
694 *p++ = ascii64[(l >> 12) & 0x3f];
695 *p++ = ascii64[(l >> 6) & 0x3f];
696 *p++ = ascii64[l & 0x3f];
projects / dragonfly.git / blob