Consolidate blowfish code.

Requested by tb@
author: jsing <> 2024-03-27 11:24:15 +0000
committer: jsing <> 2024-03-27 11:24:15 +0000
commit: e333d9e70e8e1f3a91303e95e5541bc99a649c73 (patch)
tree: 25fd2e6c6ce66cbe42a81228ebd582722502c7ff /src/lib
parent: aeccd86b593fda3b76aa590b49519a661b121928 (diff)
download: openbsd-e333d9e70e8e1f3a91303e95e5541bc99a649c73.tar.gz
openbsd-e333d9e70e8e1f3a91303e95e5541bc99a649c73.tar.bz2
openbsd-e333d9e70e8e1f3a91303e95e5541bc99a649c73.zip
6 files changed, 381 insertions, 639 deletions
diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile
index 4ea8d0c2ad..606dc61792 100644
--- a/src/lib/libcrypto/Makefile
+++ b/src/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.176 2024/03/27 11:12:08 jsing Exp $
+# $OpenBSD: Makefile,v 1.177 2024/03/27 11:24:15 jsing Exp $
 LIB=    crypto
 LIBREBUILD=y
@@ -142,11 +142,7 @@ SRCS+= x_x509.c
 SRCS+= x_x509a.c
 # bf/
-SRCS+= bf_cfb64.c
+SRCS+= blowfish.c
-SRCS+= bf_ecb.c
-SRCS+= bf_enc.c
-SRCS+= bf_ofb64.c
-SRCS+= bf_skey.c
 # bio/
 SRCS+= b_dump.c
diff --git a/src/lib/libcrypto/bf/bf_cfb64.c b/src/lib/libcrypto/bf/bf_cfb64.c
deleted file mode 100644
index 87dccae263..0000000000
--- a/src/lib/libcrypto/bf/bf_cfb64.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* $OpenBSD: bf_cfb64.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <openssl/blowfish.h>
-#include "bf_local.h"
-/*
- * The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void
-BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-    const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt)
-{
-        BF_LONG v0, v1, t;
-        int n= *num;
-        long l = length;
-        BF_LONG ti[2];
-        unsigned char *iv, c, cc;
-        iv = (unsigned char *)ivec;
-        if (encrypt) {
-                while (l--) {
-                        if (n == 0) {
-                                n2l(iv, v0);
-                                ti[0] = v0;
-                                n2l(iv, v1);
-                                ti[1] = v1;
-                                BF_encrypt((BF_LONG *)ti, schedule);
-                                iv = (unsigned char *)ivec;
-                                t = ti[0];
-                                l2n(t, iv);
-                                t = ti[1];
-                                l2n(t, iv);
-                                iv = (unsigned char *)ivec;
-                        }
-                        c= *(in++)^iv[n];
-                        *(out++) = c;
-                        iv[n] = c;
-                        n = (n + 1)&0x07;
-                }
-        } else {
-                while (l--) {
-                        if (n == 0) {
-                                n2l(iv, v0);
-                                ti[0] = v0;
-                                n2l(iv, v1);
-                                ti[1] = v1;
-                                BF_encrypt((BF_LONG *)ti, schedule);
-                                iv = (unsigned char *)ivec;
-                                t = ti[0];
-                                l2n(t, iv);
-                                t = ti[1];
-                                l2n(t, iv);
-                                iv = (unsigned char *)ivec;
-                        }
-                        cc= *(in++);
-                        c = iv[n];
-                        iv[n] = cc;
-                        *(out++) = c^cc;
-                        n = (n + 1)&0x07;
-                }
-        }
-        v0 = v1 = ti[0] = ti[1] = t=c = cc = 0;
-        *num = n;
-}
diff --git a/src/lib/libcrypto/bf/bf_ecb.c b/src/lib/libcrypto/bf/bf_ecb.c
deleted file mode 100644
index eda6f193b3..0000000000
--- a/src/lib/libcrypto/bf/bf_ecb.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* $OpenBSD: bf_ecb.c,v 1.10 2023/07/28 10:35:14 tb Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <openssl/blowfish.h>
-#include <openssl/opensslv.h>
-#include "bf_local.h"
-/*
- * Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
- * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
- * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
- */
-void
-BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
-    const BF_KEY *key, int encrypt)
-{
-        BF_LONG l, d[2];
-        n2l(in, l);
-        d[0] = l;
-        n2l(in, l);
-        d[1] = l;
-        if (encrypt)
-                BF_encrypt(d, key);
-        else
-                BF_decrypt(d, key);
-        l = d[0];
-        l2n(l, out);
-        l = d[1];
-        l2n(l, out);
-        l = d[0] = d[1] = 0;
-}
diff --git a/src/lib/libcrypto/bf/bf_enc.c b/src/lib/libcrypto/bf/bf_enc.c
deleted file mode 100644
index bbefe7d526..0000000000
--- a/src/lib/libcrypto/bf/bf_enc.c
+++ /dev/null
@@ -1,304 +0,0 @@
-/* $OpenBSD: bf_enc.c,v 1.9 2022/11/26 16:08:51 tb Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <openssl/blowfish.h>
-#include "bf_local.h"
-/*
- * Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
- * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
- * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
- */
-#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
-#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
-to modify the code.
-#endif
-void
-BF_encrypt(BF_LONG *data, const BF_KEY *key)
-{
-#ifndef BF_PTR2
-        BF_LONG l, r;
-        const BF_LONG *p, *s;
-        p = key->P;
-        s = &(key->S[0]);
-        l = data[0];
-        r = data[1];
-        l ^= p[0];
-        BF_ENC(r, l,s, p[1]);
-        BF_ENC(l, r,s, p[2]);
-        BF_ENC(r, l,s, p[3]);
-        BF_ENC(l, r,s, p[4]);
-        BF_ENC(r, l,s, p[5]);
-        BF_ENC(l, r,s, p[6]);
-        BF_ENC(r, l,s, p[7]);
-        BF_ENC(l, r,s, p[8]);
-        BF_ENC(r, l,s, p[9]);
-        BF_ENC(l, r,s, p[10]);
-        BF_ENC(r, l,s, p[11]);
-        BF_ENC(l, r,s, p[12]);
-        BF_ENC(r, l,s, p[13]);
-        BF_ENC(l, r,s, p[14]);
-        BF_ENC(r, l,s, p[15]);
-        BF_ENC(l, r,s, p[16]);
-#if BF_ROUNDS == 20
-        BF_ENC(r, l,s, p[17]);
-        BF_ENC(l, r,s, p[18]);
-        BF_ENC(r, l,s, p[19]);
-        BF_ENC(l, r,s, p[20]);
-#endif
-        r ^= p[BF_ROUNDS + 1];
-        data[1] = l&0xffffffffL;
-        data[0] = r&0xffffffffL;
-#else
-        BF_LONG l, r,t, *k;
-        l = data[0];
-        r = data[1];
-        k = (BF_LONG*)key;
-        l ^= k[0];
-        BF_ENC(r, l, k, 1);
-        BF_ENC(l, r, k, 2);
-        BF_ENC(r, l, k, 3);
-        BF_ENC(l, r, k, 4);
-        BF_ENC(r, l, k, 5);
-        BF_ENC(l, r, k, 6);
-        BF_ENC(r, l, k, 7);
-        BF_ENC(l, r, k, 8);
-        BF_ENC(r, l, k, 9);
-        BF_ENC(l, r,k, 10);
-        BF_ENC(r, l,k, 11);
-        BF_ENC(l, r,k, 12);
-        BF_ENC(r, l,k, 13);
-        BF_ENC(l, r,k, 14);
-        BF_ENC(r, l,k, 15);
-        BF_ENC(l, r,k, 16);
-#if BF_ROUNDS == 20
-        BF_ENC(r, l,k, 17);
-        BF_ENC(l, r,k, 18);
-        BF_ENC(r, l,k, 19);
-        BF_ENC(l, r,k, 20);
-#endif
-        r ^= k[BF_ROUNDS + 1];
-        data[1] = l&0xffffffffL;
-        data[0] = r&0xffffffffL;
-#endif
-}
-#ifndef BF_DEFAULT_OPTIONS
-void
-BF_decrypt(BF_LONG *data, const BF_KEY *key)
-{
-#ifndef BF_PTR2
-        BF_LONG l, r;
-        const BF_LONG *p, *s;
-        p = key->P;
-        s = &(key->S[0]);
-        l = data[0];
-        r = data[1];
-        l ^= p[BF_ROUNDS + 1];
-#if BF_ROUNDS == 20
-        BF_ENC(r, l,s, p[20]);
-        BF_ENC(l, r,s, p[19]);
-        BF_ENC(r, l,s, p[18]);
-        BF_ENC(l, r,s, p[17]);
-#endif
-        BF_ENC(r, l,s, p[16]);
-        BF_ENC(l, r,s, p[15]);
-        BF_ENC(r, l,s, p[14]);
-        BF_ENC(l, r,s, p[13]);
-        BF_ENC(r, l,s, p[12]);
-        BF_ENC(l, r,s, p[11]);
-        BF_ENC(r, l,s, p[10]);
-        BF_ENC(l, r,s, p[9]);
-        BF_ENC(r, l,s, p[8]);
-        BF_ENC(l, r,s, p[7]);
-        BF_ENC(r, l,s, p[6]);
-        BF_ENC(l, r,s, p[5]);
-        BF_ENC(r, l,s, p[4]);
-        BF_ENC(l, r,s, p[3]);
-        BF_ENC(r, l,s, p[2]);
-        BF_ENC(l, r,s, p[1]);
-        r ^= p[0];
-        data[1] = l&0xffffffffL;
-        data[0] = r&0xffffffffL;
-#else
-        BF_LONG l, r,t, *k;
-        l = data[0];
-        r = data[1];
-        k = (BF_LONG *)key;
-        l ^= k[BF_ROUNDS + 1];
-#if BF_ROUNDS == 20
-        BF_ENC(r, l,k, 20);
-        BF_ENC(l, r,k, 19);
-        BF_ENC(r, l,k, 18);
-        BF_ENC(l, r,k, 17);
-#endif
-        BF_ENC(r, l,k, 16);
-        BF_ENC(l, r,k, 15);
-        BF_ENC(r, l,k, 14);
-        BF_ENC(l, r,k, 13);
-        BF_ENC(r, l,k, 12);
-        BF_ENC(l, r,k, 11);
-        BF_ENC(r, l,k, 10);
-        BF_ENC(l, r, k, 9);
-        BF_ENC(r, l, k, 8);
-        BF_ENC(l, r, k, 7);
-        BF_ENC(r, l, k, 6);
-        BF_ENC(l, r, k, 5);
-        BF_ENC(r, l, k, 4);
-        BF_ENC(l, r, k, 3);
-        BF_ENC(r, l, k, 2);
-        BF_ENC(l, r, k, 1);
-        r ^= k[0];
-        data[1] = l&0xffffffffL;
-        data[0] = r&0xffffffffL;
-#endif
-}
-void
-BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-    const BF_KEY *schedule, unsigned char *ivec, int encrypt)
-{
-        BF_LONG tin0, tin1;
-        BF_LONG tout0, tout1, xor0, xor1;
-        long l = length;
-        BF_LONG tin[2];
-        if (encrypt) {
-                n2l(ivec, tout0);
-                n2l(ivec, tout1);
-                ivec -= 8;
-                for (l -= 8; l >= 0; l -= 8) {
-                        n2l(in, tin0);
-                        n2l(in, tin1);
-                        tin0 ^= tout0;
-                        tin1 ^= tout1;
-                        tin[0] = tin0;
-                        tin[1] = tin1;
-                        BF_encrypt(tin, schedule);
-                        tout0 = tin[0];
-                        tout1 = tin[1];
-                        l2n(tout0, out);
-                        l2n(tout1, out);
-                }
-                if (l != -8) {
-                        n2ln(in, tin0, tin1, l + 8);
-                        tin0 ^= tout0;
-                        tin1 ^= tout1;
-                        tin[0] = tin0;
-                        tin[1] = tin1;
-                        BF_encrypt(tin, schedule);
-                        tout0 = tin[0];
-                        tout1 = tin[1];
-                        l2n(tout0, out);
-                        l2n(tout1, out);
-                }
-                l2n(tout0, ivec);
-                l2n(tout1, ivec);
-        } else {
-                n2l(ivec, xor0);
-                n2l(ivec, xor1);
-                ivec -= 8;
-                for (l -= 8; l >= 0; l -= 8) {
-                        n2l(in, tin0);
-                        n2l(in, tin1);
-                        tin[0] = tin0;
-                        tin[1] = tin1;
-                        BF_decrypt(tin, schedule);
-                        tout0 = tin[0]^xor0;
-                        tout1 = tin[1]^xor1;
-                        l2n(tout0, out);
-                        l2n(tout1, out);
-                        xor0 = tin0;
-                        xor1 = tin1;
-                }
-                if (l != -8) {
-                        n2l(in, tin0);
-                        n2l(in, tin1);
-                        tin[0] = tin0;
-                        tin[1] = tin1;
-                        BF_decrypt(tin, schedule);
-                        tout0 = tin[0]^xor0;
-                        tout1 = tin[1]^xor1;
-                        l2nn(tout0, tout1, out, l + 8);
-                        xor0 = tin0;
-                        xor1 = tin1;
-                }
-                l2n(xor0, ivec);
-                l2n(xor1, ivec);
-        }
-        tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
-        tin[0] = tin[1] = 0;
-}
-#endif
diff --git a/src/lib/libcrypto/bf/bf_ofb64.c b/src/lib/libcrypto/bf/bf_ofb64.c
deleted file mode 100644
index 8fe2478263..0000000000
--- a/src/lib/libcrypto/bf/bf_ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* $OpenBSD: bf_ofb64.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <openssl/blowfish.h>
-#include "bf_local.h"
-/*
- * The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void
-BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-    const BF_KEY *schedule, unsigned char *ivec, int *num)
-{
-        BF_LONG v0, v1, t;
-        int n= *num;
-        long l = length;
-        unsigned char d[8];
-        char *dp;
-        BF_LONG ti[2];
-        unsigned char *iv;
-        int save = 0;
-        iv = (unsigned char *)ivec;
-        n2l(iv, v0);
-        n2l(iv, v1);
-        ti[0] = v0;
-        ti[1] = v1;
-        dp = (char *)d;
-        l2n(v0, dp);
-        l2n(v1, dp);
-        while (l--) {
-                if (n == 0) {
-                        BF_encrypt((BF_LONG *)ti, schedule);
-                        dp = (char *)d;
-                        t = ti[0];
-                        l2n(t, dp);
-                        t = ti[1];
-                        l2n(t, dp);
-                        save++;
-                }
-                *(out++)= *(in++)^d[n];
-                n = (n + 1)&0x07;
-        }
-        if (save) {
-                v0 = ti[0];
-                v1 = ti[1];
-                iv = (unsigned char *)ivec;
-                l2n(v0, iv);
-                l2n(v1, iv);
-        }
-        t = v0 = v1 = ti[0] = ti[1] = 0;
-        *num = n;
-}
diff --git a/src/lib/libcrypto/bf/bf_skey.c b/src/lib/libcrypto/bf/blowfish.c
index cc31034f18..4fa8a563f1 100644
--- a/src/lib/libcrypto/bf/bf_skey.c
+++ b/src/lib/libcrypto/bf/blowfish.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bf_skey.c,v 1.17 2022/11/26 16:08:51 tb Exp $ */
+/* $OpenBSD: blowfish.c,v 1.1 2024/03/27 11:24:15 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -56,14 +56,23 @@
 * [including the GNU Public Licence.]
 */
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
 #include <openssl/blowfish.h>
+#include <string.h>
 #include "bf_local.h"
+/*
+ * Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
+ * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
+ * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
+ */
+#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
+#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
+to modify the code.
+#endif
 static const BF_KEY bf_init = {
        .P = {
                0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
@@ -333,6 +342,370 @@ static const BF_KEY bf_init = {
 };
 void
+BF_encrypt(BF_LONG *data, const BF_KEY *key)
+{
+#ifndef BF_PTR2
+        BF_LONG l, r;
+        const BF_LONG *p, *s;
+        p = key->P;
+        s = &(key->S[0]);
+        l = data[0];
+        r = data[1];
+        l ^= p[0];
+        BF_ENC(r, l,s, p[1]);
+        BF_ENC(l, r,s, p[2]);
+        BF_ENC(r, l,s, p[3]);
+        BF_ENC(l, r,s, p[4]);
+        BF_ENC(r, l,s, p[5]);
+        BF_ENC(l, r,s, p[6]);
+        BF_ENC(r, l,s, p[7]);
+        BF_ENC(l, r,s, p[8]);
+        BF_ENC(r, l,s, p[9]);
+        BF_ENC(l, r,s, p[10]);
+        BF_ENC(r, l,s, p[11]);
+        BF_ENC(l, r,s, p[12]);
+        BF_ENC(r, l,s, p[13]);
+        BF_ENC(l, r,s, p[14]);
+        BF_ENC(r, l,s, p[15]);
+        BF_ENC(l, r,s, p[16]);
+#if BF_ROUNDS == 20
+        BF_ENC(r, l,s, p[17]);
+        BF_ENC(l, r,s, p[18]);
+        BF_ENC(r, l,s, p[19]);
+        BF_ENC(l, r,s, p[20]);
+#endif
+        r ^= p[BF_ROUNDS + 1];
+        data[1] = l&0xffffffffL;
+        data[0] = r&0xffffffffL;
+#else
+        BF_LONG l, r,t, *k;
+        l = data[0];
+        r = data[1];
+        k = (BF_LONG*)key;
+        l ^= k[0];
+        BF_ENC(r, l, k, 1);
+        BF_ENC(l, r, k, 2);
+        BF_ENC(r, l, k, 3);
+        BF_ENC(l, r, k, 4);
+        BF_ENC(r, l, k, 5);
+        BF_ENC(l, r, k, 6);
+        BF_ENC(r, l, k, 7);
+        BF_ENC(l, r, k, 8);
+        BF_ENC(r, l, k, 9);
+        BF_ENC(l, r,k, 10);
+        BF_ENC(r, l,k, 11);
+        BF_ENC(l, r,k, 12);
+        BF_ENC(r, l,k, 13);
+        BF_ENC(l, r,k, 14);
+        BF_ENC(r, l,k, 15);
+        BF_ENC(l, r,k, 16);
+#if BF_ROUNDS == 20
+        BF_ENC(r, l,k, 17);
+        BF_ENC(l, r,k, 18);
+        BF_ENC(r, l,k, 19);
+        BF_ENC(l, r,k, 20);
+#endif
+        r ^= k[BF_ROUNDS + 1];
+        data[1] = l&0xffffffffL;
+        data[0] = r&0xffffffffL;
+#endif
+}
+#ifndef BF_DEFAULT_OPTIONS
+void
+BF_decrypt(BF_LONG *data, const BF_KEY *key)
+{
+#ifndef BF_PTR2
+        BF_LONG l, r;
+        const BF_LONG *p, *s;
+        p = key->P;
+        s = &(key->S[0]);
+        l = data[0];
+        r = data[1];
+        l ^= p[BF_ROUNDS + 1];
+#if BF_ROUNDS == 20
+        BF_ENC(r, l,s, p[20]);
+        BF_ENC(l, r,s, p[19]);
+        BF_ENC(r, l,s, p[18]);
+        BF_ENC(l, r,s, p[17]);
+#endif
+        BF_ENC(r, l,s, p[16]);
+        BF_ENC(l, r,s, p[15]);
+        BF_ENC(r, l,s, p[14]);
+        BF_ENC(l, r,s, p[13]);
+        BF_ENC(r, l,s, p[12]);
+        BF_ENC(l, r,s, p[11]);
+        BF_ENC(r, l,s, p[10]);
+        BF_ENC(l, r,s, p[9]);
+        BF_ENC(r, l,s, p[8]);
+        BF_ENC(l, r,s, p[7]);
+        BF_ENC(r, l,s, p[6]);
+        BF_ENC(l, r,s, p[5]);
+        BF_ENC(r, l,s, p[4]);
+        BF_ENC(l, r,s, p[3]);
+        BF_ENC(r, l,s, p[2]);
+        BF_ENC(l, r,s, p[1]);
+        r ^= p[0];
+        data[1] = l&0xffffffffL;
+        data[0] = r&0xffffffffL;
+#else
+        BF_LONG l, r,t, *k;
+        l = data[0];
+        r = data[1];
+        k = (BF_LONG *)key;
+        l ^= k[BF_ROUNDS + 1];
+#if BF_ROUNDS == 20
+        BF_ENC(r, l,k, 20);
+        BF_ENC(l, r,k, 19);
+        BF_ENC(r, l,k, 18);
+        BF_ENC(l, r,k, 17);
+#endif
+        BF_ENC(r, l,k, 16);
+        BF_ENC(l, r,k, 15);
+        BF_ENC(r, l,k, 14);
+        BF_ENC(l, r,k, 13);
+        BF_ENC(r, l,k, 12);
+        BF_ENC(l, r,k, 11);
+        BF_ENC(r, l,k, 10);
+        BF_ENC(l, r, k, 9);
+        BF_ENC(r, l, k, 8);
+        BF_ENC(l, r, k, 7);
+        BF_ENC(r, l, k, 6);
+        BF_ENC(l, r, k, 5);
+        BF_ENC(r, l, k, 4);
+        BF_ENC(l, r, k, 3);
+        BF_ENC(r, l, k, 2);
+        BF_ENC(l, r, k, 1);
+        r ^= k[0];
+        data[1] = l&0xffffffffL;
+        data[0] = r&0xffffffffL;
+#endif
+}
+void
+BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+    const BF_KEY *schedule, unsigned char *ivec, int encrypt)
+{
+        BF_LONG tin0, tin1;
+        BF_LONG tout0, tout1, xor0, xor1;
+        long l = length;
+        BF_LONG tin[2];
+        if (encrypt) {
+                n2l(ivec, tout0);
+                n2l(ivec, tout1);
+                ivec -= 8;
+                for (l -= 8; l >= 0; l -= 8) {
+                        n2l(in, tin0);
+                        n2l(in, tin1);
+                        tin0 ^= tout0;
+                        tin1 ^= tout1;
+                        tin[0] = tin0;
+                        tin[1] = tin1;
+                        BF_encrypt(tin, schedule);
+                        tout0 = tin[0];
+                        tout1 = tin[1];
+                        l2n(tout0, out);
+                        l2n(tout1, out);
+                }
+                if (l != -8) {
+                        n2ln(in, tin0, tin1, l + 8);
+                        tin0 ^= tout0;
+                        tin1 ^= tout1;
+                        tin[0] = tin0;
+                        tin[1] = tin1;
+                        BF_encrypt(tin, schedule);
+                        tout0 = tin[0];
+                        tout1 = tin[1];
+                        l2n(tout0, out);
+                        l2n(tout1, out);
+                }
+                l2n(tout0, ivec);
+                l2n(tout1, ivec);
+        } else {
+                n2l(ivec, xor0);
+                n2l(ivec, xor1);
+                ivec -= 8;
+                for (l -= 8; l >= 0; l -= 8) {
+                        n2l(in, tin0);
+                        n2l(in, tin1);
+                        tin[0] = tin0;
+                        tin[1] = tin1;
+                        BF_decrypt(tin, schedule);
+                        tout0 = tin[0]^xor0;
+                        tout1 = tin[1]^xor1;
+                        l2n(tout0, out);
+                        l2n(tout1, out);
+                        xor0 = tin0;
+                        xor1 = tin1;
+                }
+                if (l != -8) {
+                        n2l(in, tin0);
+                        n2l(in, tin1);
+                        tin[0] = tin0;
+                        tin[1] = tin1;
+                        BF_decrypt(tin, schedule);
+                        tout0 = tin[0]^xor0;
+                        tout1 = tin[1]^xor1;
+                        l2nn(tout0, tout1, out, l + 8);
+                        xor0 = tin0;
+                        xor1 = tin1;
+                }
+                l2n(xor0, ivec);
+                l2n(xor1, ivec);
+        }
+        tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+        tin[0] = tin[1] = 0;
+}
+/*
+ * The input and output encrypted as though 64bit cfb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void
+BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
+    const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt)
+{
+        BF_LONG v0, v1, t;
+        int n= *num;
+        long l = length;
+        BF_LONG ti[2];
+        unsigned char *iv, c, cc;
+        iv = (unsigned char *)ivec;
+        if (encrypt) {
+                while (l--) {
+                        if (n == 0) {
+                                n2l(iv, v0);
+                                ti[0] = v0;
+                                n2l(iv, v1);
+                                ti[1] = v1;
+                                BF_encrypt((BF_LONG *)ti, schedule);
+                                iv = (unsigned char *)ivec;
+                                t = ti[0];
+                                l2n(t, iv);
+                                t = ti[1];
+                                l2n(t, iv);
+                                iv = (unsigned char *)ivec;
+                        }
+                        c= *(in++)^iv[n];
+                        *(out++) = c;
+                        iv[n] = c;
+                        n = (n + 1)&0x07;
+                }
+        } else {
+                while (l--) {
+                        if (n == 0) {
+                                n2l(iv, v0);
+                                ti[0] = v0;
+                                n2l(iv, v1);
+                                ti[1] = v1;
+                                BF_encrypt((BF_LONG *)ti, schedule);
+                                iv = (unsigned char *)ivec;
+                                t = ti[0];
+                                l2n(t, iv);
+                                t = ti[1];
+                                l2n(t, iv);
+                                iv = (unsigned char *)ivec;
+                        }
+                        cc= *(in++);
+                        c = iv[n];
+                        iv[n] = cc;
+                        *(out++) = c^cc;
+                        n = (n + 1)&0x07;
+                }
+        }
+        v0 = v1 = ti[0] = ti[1] = t=c = cc = 0;
+        *num = n;
+}
+void
+BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+    const BF_KEY *key, int encrypt)
+{
+        BF_LONG l, d[2];
+        n2l(in, l);
+        d[0] = l;
+        n2l(in, l);
+        d[1] = l;
+        if (encrypt)
+                BF_encrypt(d, key);
+        else
+                BF_decrypt(d, key);
+        l = d[0];
+        l2n(l, out);
+        l = d[1];
+        l2n(l, out);
+        l = d[0] = d[1] = 0;
+}
+/*
+ * The input and output encrypted as though 64bit ofb mode is being
+ * used.  The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void
+BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
+    const BF_KEY *schedule, unsigned char *ivec, int *num)
+{
+        BF_LONG v0, v1, t;
+        int n= *num;
+        long l = length;
+        unsigned char d[8];
+        char *dp;
+        BF_LONG ti[2];
+        unsigned char *iv;
+        int save = 0;
+        iv = (unsigned char *)ivec;
+        n2l(iv, v0);
+        n2l(iv, v1);
+        ti[0] = v0;
+        ti[1] = v1;
+        dp = (char *)d;
+        l2n(v0, dp);
+        l2n(v1, dp);
+        while (l--) {
+                if (n == 0) {
+                        BF_encrypt((BF_LONG *)ti, schedule);
+                        dp = (char *)d;
+                        t = ti[0];
+                        l2n(t, dp);
+                        t = ti[1];
+                        l2n(t, dp);
+                        save++;
+                }
+                *(out++)= *(in++)^d[n];
+                n = (n + 1)&0x07;
+        }
+        if (save) {
+                v0 = ti[0];
+                v1 = ti[1];
+                iv = (unsigned char *)ivec;
+                l2n(v0, iv);
+                l2n(v1, iv);
+        }
+        t = v0 = v1 = ti[0] = ti[1] = 0;
+        *num = n;
+}
+void
 BF_set_key(BF_KEY *key, int len, const unsigned char *data)
 {
        int i;
@@ -385,3 +758,4 @@ BF_set_key(BF_KEY *key, int len, const unsigned char *data)
                p[i + 1] = in[1];
        }
 }
+#endif
author	jsing <>	2024-03-27 11:24:15 +0000
committer	jsing <>	2024-03-27 11:24:15 +0000
commit	e333d9e70e8e1f3a91303e95e5541bc99a649c73 (patch)
tree	25fd2e6c6ce66cbe42a81228ebd582722502c7ff /src/lib
parent	aeccd86b593fda3b76aa590b49519a661b121928 (diff)
download	openbsd-e333d9e70e8e1f3a91303e95e5541bc99a649c73.tar.gz openbsd-e333d9e70e8e1f3a91303e95e5541bc99a649c73.tar.bz2 openbsd-e333d9e70e8e1f3a91303e95e5541bc99a649c73.zip