1/* 2 * Blowfish block cipher 3 * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de> 4 * All rights reserved. 5 * 6 * Implementation advice by David Mazieres <dm@lcs.mit.edu>. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 18 unchanged lines hidden (view full) --- 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34#include <sys/cdefs.h> |
35__FBSDID("$FreeBSD: head/secure/lib/libcrypt/blowfish.c 91754 2002-03-06 17:18:09Z markm $"); |
36 37/* 38 * This code is derived from section 14.3 and the given source 39 * in section V of Applied Cryptography, second edition. 40 * Blowfish is an unpatented fast block cipher designed by 41 * Bruce Schneier. 42 */ 43 --- 4 unchanged lines hidden (view full) --- 48#if 0 49#include <stdio.h> /* used for debugging */ 50#include <string.h> 51#endif 52 53#include <sys/types.h> 54#include "blowfish.h" 55 |
56/* Function for Feistel Networks */ 57 |
58#define _F(s, x) ((((s)[ (((x)>>24)&0xFF)] \ |
59 + (s)[0x100 + (((x)>>16)&0xFF)]) \ 60 ^ (s)[0x200 + (((x)>> 8)&0xFF)]) \ 61 + (s)[0x300 + ( (x) &0xFF)]) 62 |
63#define BLFRND(s, p, i, j, n) (i ^= _F(s, j) ^ (p)[n]) |
64 65void |
66Blowfish_encipher(blf_ctx *c, u_int32_t *xl, u_int32_t *xr) |
67{ 68 u_int32_t Xl; 69 u_int32_t Xr; 70 u_int32_t *s = c->S[0]; 71 u_int32_t *p = c->P; 72 73 Xl = *xl; 74 Xr = *xr; --- 8 unchanged lines hidden (view full) --- 83 BLFRND(s, p, Xr, Xl, 13); BLFRND(s, p, Xl, Xr, 14); 84 BLFRND(s, p, Xr, Xl, 15); BLFRND(s, p, Xl, Xr, 16); 85 86 *xl = Xr ^ p[17]; 87 *xr = Xl; 88} 89 90void |
91Blowfish_decipher(blf_ctx *c, u_int32_t *xl, u_int32_t *xr) |
92{ 93 u_int32_t Xl; 94 u_int32_t Xr; 95 u_int32_t *s = c->S[0]; 96 u_int32_t *p = c->P; 97 98 Xl = *xl; 99 Xr = *xr; --- 8 unchanged lines hidden (view full) --- 108 BLFRND(s, p, Xr, Xl, 4); BLFRND(s, p, Xl, Xr, 3); 109 BLFRND(s, p, Xr, Xl, 2); BLFRND(s, p, Xl, Xr, 1); 110 111 *xl = Xr ^ p[0]; 112 *xr = Xl; 113} 114 115void |
116Blowfish_initstate(blf_ctx *c) |
117{ 118 119/* P-box and S-box tables initialized with digits of Pi */ 120 121 const blf_ctx initstate = 122 123 { { 124 { --- 55 unchanged lines hidden (view full) --- 180 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, 181 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, 182 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5, 183 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, 184 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, 185 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, 186 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, 187 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, |
188 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a}, |
189 { 190 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, 191 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, 192 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, 193 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, 194 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, 195 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, 196 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e, --- 48 unchanged lines hidden (view full) --- 245 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061, 246 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, 247 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, 248 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, 249 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, 250 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9, 251 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, 252 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, |
253 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7}, |
254 { 255 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, 256 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, 257 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, 258 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, 259 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, 260 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504, 261 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, --- 48 unchanged lines hidden (view full) --- 310 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62, 311 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, 312 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, 313 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, 314 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, 315 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4, 316 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, 317 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, |
318 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0}, |
319 { 320 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, 321 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, 322 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, 323 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, 324 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, 325 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, 326 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, --- 48 unchanged lines hidden (view full) --- 375 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, 376 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, 377 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, 378 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, 379 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, 380 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, 381 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9, 382 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, |
383 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6} |
384 }, 385 { 386 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 387 0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89, 388 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c, 389 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, 390 0x9216d5d9, 0x8979fb1b 391 } }; 392 393 *c = initstate; 394 395} 396 |
397u_int32_t |
398Blowfish_stream2word(const u_int8_t *data, u_int16_t databytes, 399 u_int16_t *current) |
400{ 401 u_int8_t i; 402 u_int16_t j; 403 u_int32_t temp; 404 405 temp = 0x00000000; 406 j = *current; 407 408 for (i = 0; i < 4; i++, j++) { 409 if (j >= databytes) 410 j = 0; 411 temp = (temp << 8) | data[j]; 412 } 413 414 *current = j; 415 return temp; 416} 417 |
418void 419Blowfish_expand0state(blf_ctx *c, const u_int8_t *key, u_int16_t keybytes) |
420{ 421 u_int16_t i; 422 u_int16_t j; 423 u_int16_t k; 424 u_int32_t temp; 425 u_int32_t datal; 426 u_int32_t datar; 427 --- 20 unchanged lines hidden (view full) --- 448 449 c->S[i][k] = datal; 450 c->S[i][k + 1] = datar; 451 } 452 } 453} 454 455 |
456void 457Blowfish_expandstate(blf_ctx *c, const u_int8_t *data, u_int16_t databytes, |
458 const u_int8_t *key, u_int16_t keybytes) |
459{ 460 u_int16_t i; 461 u_int16_t j; 462 u_int16_t k; 463 u_int32_t temp; 464 u_int32_t datal; 465 u_int32_t datar; 466 --- 24 unchanged lines hidden (view full) --- 491 492 c->S[i][k] = datal; 493 c->S[i][k + 1] = datar; 494 } 495 } 496 497} 498 |
499void 500blf_key(blf_ctx *c, const u_int8_t *k, u_int16_t len) |
501{ 502 /* Initalize S-boxes and subkeys with Pi */ 503 Blowfish_initstate(c); 504 505 /* Transform S-boxes and subkeys with key */ 506 Blowfish_expand0state(c, k, len); 507} 508 |
509void 510blf_enc(blf_ctx *c, u_int32_t *data, u_int16_t blocks) |
511{ 512 u_int32_t *d; 513 u_int16_t i; 514 515 d = data; 516 for (i = 0; i < blocks; i++) { 517 Blowfish_encipher(c, d, d + 1); 518 d += 2; 519 } 520} 521 |
522void 523blf_dec(blf_ctx *c, u_int32_t *data, u_int16_t blocks) |
524{ 525 u_int32_t *d; 526 u_int16_t i; 527 528 d = data; 529 for (i = 0; i < blocks; i++) { 530 Blowfish_decipher(c, d, d + 1); 531 d += 2; 532 } 533} 534 |
535void 536blf_ecb_encrypt(blf_ctx *c, u_int8_t *data, u_int32_t len) |
537{ 538 u_int32_t l, r; 539 u_int32_t i; 540 541 for (i = 0; i < len; i += 8) { 542 l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 543 r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 544 Blowfish_encipher(c, &l, &r); --- 4 unchanged lines hidden (view full) --- 549 data[4] = r >> 24 & 0xff; 550 data[5] = r >> 16 & 0xff; 551 data[6] = r >> 8 & 0xff; 552 data[7] = r & 0xff; 553 data += 8; 554 } 555} 556 |
557void 558blf_ecb_decrypt(blf_ctx *c, u_int8_t *data, u_int32_t len) |
559{ 560 u_int32_t l, r; 561 u_int32_t i; 562 563 for (i = 0; i < len; i += 8) { 564 l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 565 r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 566 Blowfish_decipher(c, &l, &r); --- 4 unchanged lines hidden (view full) --- 571 data[4] = r >> 24 & 0xff; 572 data[5] = r >> 16 & 0xff; 573 data[6] = r >> 8 & 0xff; 574 data[7] = r & 0xff; 575 data += 8; 576 } 577} 578 |
579void 580blf_cbc_encrypt(blf_ctx *c, u_int8_t *iv, u_int8_t *data, u_int32_t len) |
581{ 582 u_int32_t l, r; 583 u_int32_t i, j; 584 585 for (i = 0; i < len; i += 8) { 586 for (j = 0; j < 8; j++) 587 data[j] ^= iv[j]; 588 l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; --- 7 unchanged lines hidden (view full) --- 596 data[5] = r >> 16 & 0xff; 597 data[6] = r >> 8 & 0xff; 598 data[7] = r & 0xff; 599 iv = data; 600 data += 8; 601 } 602} 603 |
604void 605blf_cbc_decrypt(blf_ctx *c, u_int8_t *iva, u_int8_t *data, u_int32_t len) |
606{ 607 u_int32_t l, r; 608 u_int8_t *iv; 609 u_int32_t i, j; 610 611 iv = data + len - 16; 612 data = data + len - 8; 613 for (i = len - 8; i >= 8; i -= 8) { --- 42 unchanged lines hidden (view full) --- 656{ 657 658 blf_ctx c; 659 char key[] = "AAAAA"; 660 char key2[] = "abcdefghijklmnopqrstuvwxyz"; 661 662 u_int32_t data[10]; 663 u_int32_t data2[] = |
664 {0x424c4f57L, 0x46495348L}; |
665 666 u_int16_t i; 667 668 /* First test */ 669 for (i = 0; i < 10; i++) 670 data[i] = i; 671 672 blf_key(&c, (u_int8_t *) key, 5); --- 15 unchanged lines hidden --- |