diff options
author | jsing <> | 2024-03-27 11:24:15 +0000 |
---|---|---|
committer | jsing <> | 2024-03-27 11:24:15 +0000 |
commit | e333d9e70e8e1f3a91303e95e5541bc99a649c73 (patch) | |
tree | 25fd2e6c6ce66cbe42a81228ebd582722502c7ff /src/lib/libcrypto/bf/blowfish.c | |
parent | aeccd86b593fda3b76aa590b49519a661b121928 (diff) | |
download | openbsd-e333d9e70e8e1f3a91303e95e5541bc99a649c73.tar.gz openbsd-e333d9e70e8e1f3a91303e95e5541bc99a649c73.tar.bz2 openbsd-e333d9e70e8e1f3a91303e95e5541bc99a649c73.zip |
Consolidate blowfish code.
Requested by tb@
Diffstat (limited to '')
-rw-r--r-- | src/lib/libcrypto/bf/blowfish.c (renamed from src/lib/libcrypto/bf/bf_skey.c) | 384 |
1 files changed, 379 insertions, 5 deletions
diff --git a/src/lib/libcrypto/bf/bf_skey.c b/src/lib/libcrypto/bf/blowfish.c index cc31034f18..4fa8a563f1 100644 --- a/src/lib/libcrypto/bf/bf_skey.c +++ b/src/lib/libcrypto/bf/blowfish.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: bf_skey.c,v 1.17 2022/11/26 16:08:51 tb Exp $ */ | 1 | /* $OpenBSD: blowfish.c,v 1.1 2024/03/27 11:24:15 jsing Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. | 3 | * All rights reserved. |
4 | * | 4 | * |
@@ -56,14 +56,23 @@ | |||
56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
57 | */ | 57 | */ |
58 | 58 | ||
59 | #include <stdio.h> | ||
60 | #include <string.h> | ||
61 | |||
62 | #include <openssl/crypto.h> | ||
63 | #include <openssl/blowfish.h> | 59 | #include <openssl/blowfish.h> |
64 | 60 | ||
61 | #include <string.h> | ||
62 | |||
65 | #include "bf_local.h" | 63 | #include "bf_local.h" |
66 | 64 | ||
65 | /* | ||
66 | * Blowfish as implemented from 'Blowfish: Springer-Verlag paper' | ||
67 | * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, | ||
68 | * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) | ||
69 | */ | ||
70 | |||
71 | #if (BF_ROUNDS != 16) && (BF_ROUNDS != 20) | ||
72 | #error If you set BF_ROUNDS to some value other than 16 or 20, you will have \ | ||
73 | to modify the code. | ||
74 | #endif | ||
75 | |||
67 | static const BF_KEY bf_init = { | 76 | static const BF_KEY bf_init = { |
68 | .P = { | 77 | .P = { |
69 | 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L, | 78 | 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L, |
@@ -333,6 +342,370 @@ static const BF_KEY bf_init = { | |||
333 | }; | 342 | }; |
334 | 343 | ||
335 | void | 344 | void |
345 | BF_encrypt(BF_LONG *data, const BF_KEY *key) | ||
346 | { | ||
347 | #ifndef BF_PTR2 | ||
348 | BF_LONG l, r; | ||
349 | const BF_LONG *p, *s; | ||
350 | |||
351 | p = key->P; | ||
352 | s = &(key->S[0]); | ||
353 | l = data[0]; | ||
354 | r = data[1]; | ||
355 | |||
356 | l ^= p[0]; | ||
357 | BF_ENC(r, l,s, p[1]); | ||
358 | BF_ENC(l, r,s, p[2]); | ||
359 | BF_ENC(r, l,s, p[3]); | ||
360 | BF_ENC(l, r,s, p[4]); | ||
361 | BF_ENC(r, l,s, p[5]); | ||
362 | BF_ENC(l, r,s, p[6]); | ||
363 | BF_ENC(r, l,s, p[7]); | ||
364 | BF_ENC(l, r,s, p[8]); | ||
365 | BF_ENC(r, l,s, p[9]); | ||
366 | BF_ENC(l, r,s, p[10]); | ||
367 | BF_ENC(r, l,s, p[11]); | ||
368 | BF_ENC(l, r,s, p[12]); | ||
369 | BF_ENC(r, l,s, p[13]); | ||
370 | BF_ENC(l, r,s, p[14]); | ||
371 | BF_ENC(r, l,s, p[15]); | ||
372 | BF_ENC(l, r,s, p[16]); | ||
373 | #if BF_ROUNDS == 20 | ||
374 | BF_ENC(r, l,s, p[17]); | ||
375 | BF_ENC(l, r,s, p[18]); | ||
376 | BF_ENC(r, l,s, p[19]); | ||
377 | BF_ENC(l, r,s, p[20]); | ||
378 | #endif | ||
379 | r ^= p[BF_ROUNDS + 1]; | ||
380 | |||
381 | data[1] = l&0xffffffffL; | ||
382 | data[0] = r&0xffffffffL; | ||
383 | #else | ||
384 | BF_LONG l, r,t, *k; | ||
385 | |||
386 | l = data[0]; | ||
387 | r = data[1]; | ||
388 | k = (BF_LONG*)key; | ||
389 | |||
390 | l ^= k[0]; | ||
391 | BF_ENC(r, l, k, 1); | ||
392 | BF_ENC(l, r, k, 2); | ||
393 | BF_ENC(r, l, k, 3); | ||
394 | BF_ENC(l, r, k, 4); | ||
395 | BF_ENC(r, l, k, 5); | ||
396 | BF_ENC(l, r, k, 6); | ||
397 | BF_ENC(r, l, k, 7); | ||
398 | BF_ENC(l, r, k, 8); | ||
399 | BF_ENC(r, l, k, 9); | ||
400 | BF_ENC(l, r,k, 10); | ||
401 | BF_ENC(r, l,k, 11); | ||
402 | BF_ENC(l, r,k, 12); | ||
403 | BF_ENC(r, l,k, 13); | ||
404 | BF_ENC(l, r,k, 14); | ||
405 | BF_ENC(r, l,k, 15); | ||
406 | BF_ENC(l, r,k, 16); | ||
407 | #if BF_ROUNDS == 20 | ||
408 | BF_ENC(r, l,k, 17); | ||
409 | BF_ENC(l, r,k, 18); | ||
410 | BF_ENC(r, l,k, 19); | ||
411 | BF_ENC(l, r,k, 20); | ||
412 | #endif | ||
413 | r ^= k[BF_ROUNDS + 1]; | ||
414 | |||
415 | data[1] = l&0xffffffffL; | ||
416 | data[0] = r&0xffffffffL; | ||
417 | #endif | ||
418 | } | ||
419 | |||
420 | #ifndef BF_DEFAULT_OPTIONS | ||
421 | |||
422 | void | ||
423 | BF_decrypt(BF_LONG *data, const BF_KEY *key) | ||
424 | { | ||
425 | #ifndef BF_PTR2 | ||
426 | BF_LONG l, r; | ||
427 | const BF_LONG *p, *s; | ||
428 | |||
429 | p = key->P; | ||
430 | s = &(key->S[0]); | ||
431 | l = data[0]; | ||
432 | r = data[1]; | ||
433 | |||
434 | l ^= p[BF_ROUNDS + 1]; | ||
435 | #if BF_ROUNDS == 20 | ||
436 | BF_ENC(r, l,s, p[20]); | ||
437 | BF_ENC(l, r,s, p[19]); | ||
438 | BF_ENC(r, l,s, p[18]); | ||
439 | BF_ENC(l, r,s, p[17]); | ||
440 | #endif | ||
441 | BF_ENC(r, l,s, p[16]); | ||
442 | BF_ENC(l, r,s, p[15]); | ||
443 | BF_ENC(r, l,s, p[14]); | ||
444 | BF_ENC(l, r,s, p[13]); | ||
445 | BF_ENC(r, l,s, p[12]); | ||
446 | BF_ENC(l, r,s, p[11]); | ||
447 | BF_ENC(r, l,s, p[10]); | ||
448 | BF_ENC(l, r,s, p[9]); | ||
449 | BF_ENC(r, l,s, p[8]); | ||
450 | BF_ENC(l, r,s, p[7]); | ||
451 | BF_ENC(r, l,s, p[6]); | ||
452 | BF_ENC(l, r,s, p[5]); | ||
453 | BF_ENC(r, l,s, p[4]); | ||
454 | BF_ENC(l, r,s, p[3]); | ||
455 | BF_ENC(r, l,s, p[2]); | ||
456 | BF_ENC(l, r,s, p[1]); | ||
457 | r ^= p[0]; | ||
458 | |||
459 | data[1] = l&0xffffffffL; | ||
460 | data[0] = r&0xffffffffL; | ||
461 | #else | ||
462 | BF_LONG l, r,t, *k; | ||
463 | |||
464 | l = data[0]; | ||
465 | r = data[1]; | ||
466 | k = (BF_LONG *)key; | ||
467 | |||
468 | l ^= k[BF_ROUNDS + 1]; | ||
469 | #if BF_ROUNDS == 20 | ||
470 | BF_ENC(r, l,k, 20); | ||
471 | BF_ENC(l, r,k, 19); | ||
472 | BF_ENC(r, l,k, 18); | ||
473 | BF_ENC(l, r,k, 17); | ||
474 | #endif | ||
475 | BF_ENC(r, l,k, 16); | ||
476 | BF_ENC(l, r,k, 15); | ||
477 | BF_ENC(r, l,k, 14); | ||
478 | BF_ENC(l, r,k, 13); | ||
479 | BF_ENC(r, l,k, 12); | ||
480 | BF_ENC(l, r,k, 11); | ||
481 | BF_ENC(r, l,k, 10); | ||
482 | BF_ENC(l, r, k, 9); | ||
483 | BF_ENC(r, l, k, 8); | ||
484 | BF_ENC(l, r, k, 7); | ||
485 | BF_ENC(r, l, k, 6); | ||
486 | BF_ENC(l, r, k, 5); | ||
487 | BF_ENC(r, l, k, 4); | ||
488 | BF_ENC(l, r, k, 3); | ||
489 | BF_ENC(r, l, k, 2); | ||
490 | BF_ENC(l, r, k, 1); | ||
491 | r ^= k[0]; | ||
492 | |||
493 | data[1] = l&0xffffffffL; | ||
494 | data[0] = r&0xffffffffL; | ||
495 | #endif | ||
496 | } | ||
497 | |||
498 | void | ||
499 | BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, | ||
500 | const BF_KEY *schedule, unsigned char *ivec, int encrypt) | ||
501 | { | ||
502 | BF_LONG tin0, tin1; | ||
503 | BF_LONG tout0, tout1, xor0, xor1; | ||
504 | long l = length; | ||
505 | BF_LONG tin[2]; | ||
506 | |||
507 | if (encrypt) { | ||
508 | n2l(ivec, tout0); | ||
509 | n2l(ivec, tout1); | ||
510 | ivec -= 8; | ||
511 | for (l -= 8; l >= 0; l -= 8) { | ||
512 | n2l(in, tin0); | ||
513 | n2l(in, tin1); | ||
514 | tin0 ^= tout0; | ||
515 | tin1 ^= tout1; | ||
516 | tin[0] = tin0; | ||
517 | tin[1] = tin1; | ||
518 | BF_encrypt(tin, schedule); | ||
519 | tout0 = tin[0]; | ||
520 | tout1 = tin[1]; | ||
521 | l2n(tout0, out); | ||
522 | l2n(tout1, out); | ||
523 | } | ||
524 | if (l != -8) { | ||
525 | n2ln(in, tin0, tin1, l + 8); | ||
526 | tin0 ^= tout0; | ||
527 | tin1 ^= tout1; | ||
528 | tin[0] = tin0; | ||
529 | tin[1] = tin1; | ||
530 | BF_encrypt(tin, schedule); | ||
531 | tout0 = tin[0]; | ||
532 | tout1 = tin[1]; | ||
533 | l2n(tout0, out); | ||
534 | l2n(tout1, out); | ||
535 | } | ||
536 | l2n(tout0, ivec); | ||
537 | l2n(tout1, ivec); | ||
538 | } else { | ||
539 | n2l(ivec, xor0); | ||
540 | n2l(ivec, xor1); | ||
541 | ivec -= 8; | ||
542 | for (l -= 8; l >= 0; l -= 8) { | ||
543 | n2l(in, tin0); | ||
544 | n2l(in, tin1); | ||
545 | tin[0] = tin0; | ||
546 | tin[1] = tin1; | ||
547 | BF_decrypt(tin, schedule); | ||
548 | tout0 = tin[0]^xor0; | ||
549 | tout1 = tin[1]^xor1; | ||
550 | l2n(tout0, out); | ||
551 | l2n(tout1, out); | ||
552 | xor0 = tin0; | ||
553 | xor1 = tin1; | ||
554 | } | ||
555 | if (l != -8) { | ||
556 | n2l(in, tin0); | ||
557 | n2l(in, tin1); | ||
558 | tin[0] = tin0; | ||
559 | tin[1] = tin1; | ||
560 | BF_decrypt(tin, schedule); | ||
561 | tout0 = tin[0]^xor0; | ||
562 | tout1 = tin[1]^xor1; | ||
563 | l2nn(tout0, tout1, out, l + 8); | ||
564 | xor0 = tin0; | ||
565 | xor1 = tin1; | ||
566 | } | ||
567 | l2n(xor0, ivec); | ||
568 | l2n(xor1, ivec); | ||
569 | } | ||
570 | tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; | ||
571 | tin[0] = tin[1] = 0; | ||
572 | } | ||
573 | |||
574 | /* | ||
575 | * The input and output encrypted as though 64bit cfb mode is being | ||
576 | * used. The extra state information to record how much of the | ||
577 | * 64bit block we have used is contained in *num; | ||
578 | */ | ||
579 | |||
580 | void | ||
581 | BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, | ||
582 | const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt) | ||
583 | { | ||
584 | BF_LONG v0, v1, t; | ||
585 | int n= *num; | ||
586 | long l = length; | ||
587 | BF_LONG ti[2]; | ||
588 | unsigned char *iv, c, cc; | ||
589 | |||
590 | iv = (unsigned char *)ivec; | ||
591 | if (encrypt) { | ||
592 | while (l--) { | ||
593 | if (n == 0) { | ||
594 | n2l(iv, v0); | ||
595 | ti[0] = v0; | ||
596 | n2l(iv, v1); | ||
597 | ti[1] = v1; | ||
598 | BF_encrypt((BF_LONG *)ti, schedule); | ||
599 | iv = (unsigned char *)ivec; | ||
600 | t = ti[0]; | ||
601 | l2n(t, iv); | ||
602 | t = ti[1]; | ||
603 | l2n(t, iv); | ||
604 | iv = (unsigned char *)ivec; | ||
605 | } | ||
606 | c= *(in++)^iv[n]; | ||
607 | *(out++) = c; | ||
608 | iv[n] = c; | ||
609 | n = (n + 1)&0x07; | ||
610 | } | ||
611 | } else { | ||
612 | while (l--) { | ||
613 | if (n == 0) { | ||
614 | n2l(iv, v0); | ||
615 | ti[0] = v0; | ||
616 | n2l(iv, v1); | ||
617 | ti[1] = v1; | ||
618 | BF_encrypt((BF_LONG *)ti, schedule); | ||
619 | iv = (unsigned char *)ivec; | ||
620 | t = ti[0]; | ||
621 | l2n(t, iv); | ||
622 | t = ti[1]; | ||
623 | l2n(t, iv); | ||
624 | iv = (unsigned char *)ivec; | ||
625 | } | ||
626 | cc= *(in++); | ||
627 | c = iv[n]; | ||
628 | iv[n] = cc; | ||
629 | *(out++) = c^cc; | ||
630 | n = (n + 1)&0x07; | ||
631 | } | ||
632 | } | ||
633 | v0 = v1 = ti[0] = ti[1] = t=c = cc = 0; | ||
634 | *num = n; | ||
635 | } | ||
636 | |||
637 | void | ||
638 | BF_ecb_encrypt(const unsigned char *in, unsigned char *out, | ||
639 | const BF_KEY *key, int encrypt) | ||
640 | { | ||
641 | BF_LONG l, d[2]; | ||
642 | |||
643 | n2l(in, l); | ||
644 | d[0] = l; | ||
645 | n2l(in, l); | ||
646 | d[1] = l; | ||
647 | if (encrypt) | ||
648 | BF_encrypt(d, key); | ||
649 | else | ||
650 | BF_decrypt(d, key); | ||
651 | l = d[0]; | ||
652 | l2n(l, out); | ||
653 | l = d[1]; | ||
654 | l2n(l, out); | ||
655 | l = d[0] = d[1] = 0; | ||
656 | } | ||
657 | |||
658 | /* | ||
659 | * The input and output encrypted as though 64bit ofb mode is being | ||
660 | * used. The extra state information to record how much of the | ||
661 | * 64bit block we have used is contained in *num; | ||
662 | */ | ||
663 | void | ||
664 | BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, | ||
665 | const BF_KEY *schedule, unsigned char *ivec, int *num) | ||
666 | { | ||
667 | BF_LONG v0, v1, t; | ||
668 | int n= *num; | ||
669 | long l = length; | ||
670 | unsigned char d[8]; | ||
671 | char *dp; | ||
672 | BF_LONG ti[2]; | ||
673 | unsigned char *iv; | ||
674 | int save = 0; | ||
675 | |||
676 | iv = (unsigned char *)ivec; | ||
677 | n2l(iv, v0); | ||
678 | n2l(iv, v1); | ||
679 | ti[0] = v0; | ||
680 | ti[1] = v1; | ||
681 | dp = (char *)d; | ||
682 | l2n(v0, dp); | ||
683 | l2n(v1, dp); | ||
684 | while (l--) { | ||
685 | if (n == 0) { | ||
686 | BF_encrypt((BF_LONG *)ti, schedule); | ||
687 | dp = (char *)d; | ||
688 | t = ti[0]; | ||
689 | l2n(t, dp); | ||
690 | t = ti[1]; | ||
691 | l2n(t, dp); | ||
692 | save++; | ||
693 | } | ||
694 | *(out++)= *(in++)^d[n]; | ||
695 | n = (n + 1)&0x07; | ||
696 | } | ||
697 | if (save) { | ||
698 | v0 = ti[0]; | ||
699 | v1 = ti[1]; | ||
700 | iv = (unsigned char *)ivec; | ||
701 | l2n(v0, iv); | ||
702 | l2n(v1, iv); | ||
703 | } | ||
704 | t = v0 = v1 = ti[0] = ti[1] = 0; | ||
705 | *num = n; | ||
706 | } | ||
707 | |||
708 | void | ||
336 | BF_set_key(BF_KEY *key, int len, const unsigned char *data) | 709 | BF_set_key(BF_KEY *key, int len, const unsigned char *data) |
337 | { | 710 | { |
338 | int i; | 711 | int i; |
@@ -385,3 +758,4 @@ BF_set_key(BF_KEY *key, int len, const unsigned char *data) | |||
385 | p[i + 1] = in[1]; | 758 | p[i + 1] = in[1]; |
386 | } | 759 | } |
387 | } | 760 | } |
761 | #endif | ||