bf_enc.c revision 59191
155714Skris/* crypto/bf/bf_enc.c */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 855714Skris * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1555714Skris * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 2255714Skris * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 3755714Skris * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4055714Skris * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 5255714Skris * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5755714Skris */ 5855714Skris 5955714Skris#include <openssl/blowfish.h> 6055714Skris#include "bf_locl.h" 6155714Skris 6255714Skris/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper' 6359191Skris * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, 6455714Skris * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) 6555714Skris */ 6655714Skris 6755714Skris#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20) 6855714Skris#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \ 6955714Skristo modify the code. 7055714Skris#endif 7155714Skris 7259191Skrisvoid BF_encrypt(BF_LONG *data, const BF_KEY *key) 7355714Skris { 7455714Skris#ifndef BF_PTR2 7559191Skris register BF_LONG l,r; 7659191Skris const register BF_LONG *p,*s; 7755714Skris 7855714Skris p=key->P; 7955714Skris s= &(key->S[0]); 8055714Skris l=data[0]; 8155714Skris r=data[1]; 8255714Skris 8355714Skris l^=p[0]; 8455714Skris BF_ENC(r,l,s,p[ 1]); 8555714Skris BF_ENC(l,r,s,p[ 2]); 8655714Skris BF_ENC(r,l,s,p[ 3]); 8755714Skris BF_ENC(l,r,s,p[ 4]); 8855714Skris BF_ENC(r,l,s,p[ 5]); 8955714Skris BF_ENC(l,r,s,p[ 6]); 9055714Skris BF_ENC(r,l,s,p[ 7]); 9155714Skris BF_ENC(l,r,s,p[ 8]); 9255714Skris BF_ENC(r,l,s,p[ 9]); 9355714Skris BF_ENC(l,r,s,p[10]); 9455714Skris BF_ENC(r,l,s,p[11]); 9555714Skris BF_ENC(l,r,s,p[12]); 9655714Skris BF_ENC(r,l,s,p[13]); 9755714Skris BF_ENC(l,r,s,p[14]); 9855714Skris BF_ENC(r,l,s,p[15]); 9955714Skris BF_ENC(l,r,s,p[16]); 10055714Skris#if BF_ROUNDS == 20 10155714Skris BF_ENC(r,l,s,p[17]); 10255714Skris BF_ENC(l,r,s,p[18]); 10355714Skris BF_ENC(r,l,s,p[19]); 10455714Skris BF_ENC(l,r,s,p[20]); 10555714Skris#endif 10655714Skris r^=p[BF_ROUNDS+1]; 10755714Skris 10855714Skris data[1]=l&0xffffffffL; 10955714Skris data[0]=r&0xffffffffL; 11055714Skris#else 11155714Skris register BF_LONG l,r,t,*k; 11255714Skris 11355714Skris l=data[0]; 11455714Skris r=data[1]; 11555714Skris k=(BF_LONG*)key; 11655714Skris 11755714Skris l^=k[0]; 11855714Skris BF_ENC(r,l,k, 1); 11955714Skris BF_ENC(l,r,k, 2); 12055714Skris BF_ENC(r,l,k, 3); 12155714Skris BF_ENC(l,r,k, 4); 12255714Skris BF_ENC(r,l,k, 5); 12355714Skris BF_ENC(l,r,k, 6); 12455714Skris BF_ENC(r,l,k, 7); 12555714Skris BF_ENC(l,r,k, 8); 12655714Skris BF_ENC(r,l,k, 9); 12755714Skris BF_ENC(l,r,k,10); 12855714Skris BF_ENC(r,l,k,11); 12955714Skris BF_ENC(l,r,k,12); 13055714Skris BF_ENC(r,l,k,13); 13155714Skris BF_ENC(l,r,k,14); 13255714Skris BF_ENC(r,l,k,15); 13355714Skris BF_ENC(l,r,k,16); 13455714Skris#if BF_ROUNDS == 20 13555714Skris BF_ENC(r,l,k,17); 13655714Skris BF_ENC(l,r,k,18); 13755714Skris BF_ENC(r,l,k,19); 13855714Skris BF_ENC(l,r,k,20); 13955714Skris#endif 14055714Skris r^=k[BF_ROUNDS+1]; 14155714Skris 14255714Skris data[1]=l&0xffffffffL; 14355714Skris data[0]=r&0xffffffffL; 14455714Skris#endif 14555714Skris } 14655714Skris 14755714Skris#ifndef BF_DEFAULT_OPTIONS 14855714Skris 14959191Skrisvoid BF_decrypt(BF_LONG *data, const BF_KEY *key) 15055714Skris { 15155714Skris#ifndef BF_PTR2 15259191Skris register BF_LONG l,r; 15359191Skris const register BF_LONG *p,*s; 15455714Skris 15555714Skris p=key->P; 15655714Skris s= &(key->S[0]); 15755714Skris l=data[0]; 15855714Skris r=data[1]; 15955714Skris 16055714Skris l^=p[BF_ROUNDS+1]; 16155714Skris#if BF_ROUNDS == 20 16255714Skris BF_ENC(r,l,s,p[20]); 16355714Skris BF_ENC(l,r,s,p[19]); 16455714Skris BF_ENC(r,l,s,p[18]); 16555714Skris BF_ENC(l,r,s,p[17]); 16655714Skris#endif 16755714Skris BF_ENC(r,l,s,p[16]); 16855714Skris BF_ENC(l,r,s,p[15]); 16955714Skris BF_ENC(r,l,s,p[14]); 17055714Skris BF_ENC(l,r,s,p[13]); 17155714Skris BF_ENC(r,l,s,p[12]); 17255714Skris BF_ENC(l,r,s,p[11]); 17355714Skris BF_ENC(r,l,s,p[10]); 17455714Skris BF_ENC(l,r,s,p[ 9]); 17555714Skris BF_ENC(r,l,s,p[ 8]); 17655714Skris BF_ENC(l,r,s,p[ 7]); 17755714Skris BF_ENC(r,l,s,p[ 6]); 17855714Skris BF_ENC(l,r,s,p[ 5]); 17955714Skris BF_ENC(r,l,s,p[ 4]); 18055714Skris BF_ENC(l,r,s,p[ 3]); 18155714Skris BF_ENC(r,l,s,p[ 2]); 18255714Skris BF_ENC(l,r,s,p[ 1]); 18355714Skris r^=p[0]; 18455714Skris 18555714Skris data[1]=l&0xffffffffL; 18655714Skris data[0]=r&0xffffffffL; 18755714Skris#else 18855714Skris register BF_LONG l,r,t,*k; 18955714Skris 19055714Skris l=data[0]; 19155714Skris r=data[1]; 19255714Skris k=(BF_LONG *)key; 19355714Skris 19455714Skris l^=k[BF_ROUNDS+1]; 19555714Skris#if BF_ROUNDS == 20 19655714Skris BF_ENC(r,l,k,20); 19755714Skris BF_ENC(l,r,k,19); 19855714Skris BF_ENC(r,l,k,18); 19955714Skris BF_ENC(l,r,k,17); 20055714Skris#endif 20155714Skris BF_ENC(r,l,k,16); 20255714Skris BF_ENC(l,r,k,15); 20355714Skris BF_ENC(r,l,k,14); 20455714Skris BF_ENC(l,r,k,13); 20555714Skris BF_ENC(r,l,k,12); 20655714Skris BF_ENC(l,r,k,11); 20755714Skris BF_ENC(r,l,k,10); 20855714Skris BF_ENC(l,r,k, 9); 20955714Skris BF_ENC(r,l,k, 8); 21055714Skris BF_ENC(l,r,k, 7); 21155714Skris BF_ENC(r,l,k, 6); 21255714Skris BF_ENC(l,r,k, 5); 21355714Skris BF_ENC(r,l,k, 4); 21455714Skris BF_ENC(l,r,k, 3); 21555714Skris BF_ENC(r,l,k, 2); 21655714Skris BF_ENC(l,r,k, 1); 21755714Skris r^=k[0]; 21855714Skris 21955714Skris data[1]=l&0xffffffffL; 22055714Skris data[0]=r&0xffffffffL; 22155714Skris#endif 22255714Skris } 22355714Skris 22459191Skrisvoid BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, 22559191Skris const BF_KEY *schedule, unsigned char *ivec, int encrypt) 22655714Skris { 22755714Skris register BF_LONG tin0,tin1; 22855714Skris register BF_LONG tout0,tout1,xor0,xor1; 22955714Skris register long l=length; 23055714Skris BF_LONG tin[2]; 23155714Skris 23255714Skris if (encrypt) 23355714Skris { 23459191Skris n2l(ivec,tout0); 23559191Skris n2l(ivec,tout1); 23659191Skris ivec-=8; 23755714Skris for (l-=8; l>=0; l-=8) 23855714Skris { 23955714Skris n2l(in,tin0); 24055714Skris n2l(in,tin1); 24155714Skris tin0^=tout0; 24255714Skris tin1^=tout1; 24355714Skris tin[0]=tin0; 24455714Skris tin[1]=tin1; 24559191Skris BF_encrypt(tin,schedule); 24655714Skris tout0=tin[0]; 24755714Skris tout1=tin[1]; 24855714Skris l2n(tout0,out); 24955714Skris l2n(tout1,out); 25055714Skris } 25155714Skris if (l != -8) 25255714Skris { 25355714Skris n2ln(in,tin0,tin1,l+8); 25455714Skris tin0^=tout0; 25555714Skris tin1^=tout1; 25655714Skris tin[0]=tin0; 25755714Skris tin[1]=tin1; 25859191Skris BF_encrypt(tin,schedule); 25955714Skris tout0=tin[0]; 26055714Skris tout1=tin[1]; 26155714Skris l2n(tout0,out); 26255714Skris l2n(tout1,out); 26355714Skris } 26459191Skris l2n(tout0,ivec); 26559191Skris l2n(tout1,ivec); 26655714Skris } 26755714Skris else 26855714Skris { 26959191Skris n2l(ivec,xor0); 27059191Skris n2l(ivec,xor1); 27159191Skris ivec-=8; 27255714Skris for (l-=8; l>=0; l-=8) 27355714Skris { 27455714Skris n2l(in,tin0); 27555714Skris n2l(in,tin1); 27655714Skris tin[0]=tin0; 27755714Skris tin[1]=tin1; 27859191Skris BF_decrypt(tin,schedule); 27955714Skris tout0=tin[0]^xor0; 28055714Skris tout1=tin[1]^xor1; 28155714Skris l2n(tout0,out); 28255714Skris l2n(tout1,out); 28355714Skris xor0=tin0; 28455714Skris xor1=tin1; 28555714Skris } 28655714Skris if (l != -8) 28755714Skris { 28855714Skris n2l(in,tin0); 28955714Skris n2l(in,tin1); 29055714Skris tin[0]=tin0; 29155714Skris tin[1]=tin1; 29259191Skris BF_decrypt(tin,schedule); 29355714Skris tout0=tin[0]^xor0; 29455714Skris tout1=tin[1]^xor1; 29555714Skris l2nn(tout0,tout1,out,l+8); 29655714Skris xor0=tin0; 29755714Skris xor1=tin1; 29855714Skris } 29959191Skris l2n(xor0,ivec); 30059191Skris l2n(xor1,ivec); 30155714Skris } 30255714Skris tin0=tin1=tout0=tout1=xor0=xor1=0; 30355714Skris tin[0]=tin[1]=0; 30455714Skris } 30555714Skris 30655714Skris#endif 307