1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 *
9 * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
10 */
11 /**
12 @file blowfish.c
13 Implementation of the Blowfish block cipher, Tom St Denis
14 */
15 #include "tomcrypt.h"
16
17 #ifdef BLOWFISH
18
19 const struct ltc_cipher_descriptor blowfish_desc =
20 {
21 "blowfish",
22 0,
23 8, 56, 8, 16,
24 &blowfish_setup,
25 &blowfish_ecb_encrypt,
26 &blowfish_ecb_decrypt,
27 &blowfish_test,
28 &blowfish_done,
29 &blowfish_keysize,
30 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
31 };
32
33 static const ulong32 ORIG_P[16 + 2] = {
34 0x243F6A88UL, 0x85A308D3UL, 0x13198A2EUL, 0x03707344UL,
35 0xA4093822UL, 0x299F31D0UL, 0x082EFA98UL, 0xEC4E6C89UL,
36 0x452821E6UL, 0x38D01377UL, 0xBE5466CFUL, 0x34E90C6CUL,
37 0xC0AC29B7UL, 0xC97C50DDUL, 0x3F84D5B5UL, 0xB5470917UL,
38 0x9216D5D9UL, 0x8979FB1BUL
39 };
40
41 static const ulong32 ORIG_S[4][256] = {
42 { 0xD1310BA6UL, 0x98DFB5ACUL, 0x2FFD72DBUL, 0xD01ADFB7UL,
43 0xB8E1AFEDUL, 0x6A267E96UL, 0xBA7C9045UL, 0xF12C7F99UL,
44 0x24A19947UL, 0xB3916CF7UL, 0x0801F2E2UL, 0x858EFC16UL,
45 0x636920D8UL, 0x71574E69UL, 0xA458FEA3UL, 0xF4933D7EUL,
46 0x0D95748FUL, 0x728EB658UL, 0x718BCD58UL, 0x82154AEEUL,
47 0x7B54A41DUL, 0xC25A59B5UL, 0x9C30D539UL, 0x2AF26013UL,
48 0xC5D1B023UL, 0x286085F0UL, 0xCA417918UL, 0xB8DB38EFUL,
49 0x8E79DCB0UL, 0x603A180EUL, 0x6C9E0E8BUL, 0xB01E8A3EUL,
50 0xD71577C1UL, 0xBD314B27UL, 0x78AF2FDAUL, 0x55605C60UL,
51 0xE65525F3UL, 0xAA55AB94UL, 0x57489862UL, 0x63E81440UL,
52 0x55CA396AUL, 0x2AAB10B6UL, 0xB4CC5C34UL, 0x1141E8CEUL,
53 0xA15486AFUL, 0x7C72E993UL, 0xB3EE1411UL, 0x636FBC2AUL,
54 0x2BA9C55DUL, 0x741831F6UL, 0xCE5C3E16UL, 0x9B87931EUL,
55 0xAFD6BA33UL, 0x6C24CF5CUL, 0x7A325381UL, 0x28958677UL,
56 0x3B8F4898UL, 0x6B4BB9AFUL, 0xC4BFE81BUL, 0x66282193UL,
57 0x61D809CCUL, 0xFB21A991UL, 0x487CAC60UL, 0x5DEC8032UL,
58 0xEF845D5DUL, 0xE98575B1UL, 0xDC262302UL, 0xEB651B88UL,
59 0x23893E81UL, 0xD396ACC5UL, 0x0F6D6FF3UL, 0x83F44239UL,
60 0x2E0B4482UL, 0xA4842004UL, 0x69C8F04AUL, 0x9E1F9B5EUL,
61 0x21C66842UL, 0xF6E96C9AUL, 0x670C9C61UL, 0xABD388F0UL,
62 0x6A51A0D2UL, 0xD8542F68UL, 0x960FA728UL, 0xAB5133A3UL,
63 0x6EEF0B6CUL, 0x137A3BE4UL, 0xBA3BF050UL, 0x7EFB2A98UL,
64 0xA1F1651DUL, 0x39AF0176UL, 0x66CA593EUL, 0x82430E88UL,
65 0x8CEE8619UL, 0x456F9FB4UL, 0x7D84A5C3UL, 0x3B8B5EBEUL,
66 0xE06F75D8UL, 0x85C12073UL, 0x401A449FUL, 0x56C16AA6UL,
67 0x4ED3AA62UL, 0x363F7706UL, 0x1BFEDF72UL, 0x429B023DUL,
68 0x37D0D724UL, 0xD00A1248UL, 0xDB0FEAD3UL, 0x49F1C09BUL,
69 0x075372C9UL, 0x80991B7BUL, 0x25D479D8UL, 0xF6E8DEF7UL,
70 0xE3FE501AUL, 0xB6794C3BUL, 0x976CE0BDUL, 0x04C006BAUL,
71 0xC1A94FB6UL, 0x409F60C4UL, 0x5E5C9EC2UL, 0x196A2463UL,
72 0x68FB6FAFUL, 0x3E6C53B5UL, 0x1339B2EBUL, 0x3B52EC6FUL,
73 0x6DFC511FUL, 0x9B30952CUL, 0xCC814544UL, 0xAF5EBD09UL,
74 0xBEE3D004UL, 0xDE334AFDUL, 0x660F2807UL, 0x192E4BB3UL,
75 0xC0CBA857UL, 0x45C8740FUL, 0xD20B5F39UL, 0xB9D3FBDBUL,
76 0x5579C0BDUL, 0x1A60320AUL, 0xD6A100C6UL, 0x402C7279UL,
77 0x679F25FEUL, 0xFB1FA3CCUL, 0x8EA5E9F8UL, 0xDB3222F8UL,
78 0x3C7516DFUL, 0xFD616B15UL, 0x2F501EC8UL, 0xAD0552ABUL,
79 0x323DB5FAUL, 0xFD238760UL, 0x53317B48UL, 0x3E00DF82UL,
80 0x9E5C57BBUL, 0xCA6F8CA0UL, 0x1A87562EUL, 0xDF1769DBUL,
81 0xD542A8F6UL, 0x287EFFC3UL, 0xAC6732C6UL, 0x8C4F5573UL,
82 0x695B27B0UL, 0xBBCA58C8UL, 0xE1FFA35DUL, 0xB8F011A0UL,
83 0x10FA3D98UL, 0xFD2183B8UL, 0x4AFCB56CUL, 0x2DD1D35BUL,
84 0x9A53E479UL, 0xB6F84565UL, 0xD28E49BCUL, 0x4BFB9790UL,
85 0xE1DDF2DAUL, 0xA4CB7E33UL, 0x62FB1341UL, 0xCEE4C6E8UL,
86 0xEF20CADAUL, 0x36774C01UL, 0xD07E9EFEUL, 0x2BF11FB4UL,
87 0x95DBDA4DUL, 0xAE909198UL, 0xEAAD8E71UL, 0x6B93D5A0UL,
88 0xD08ED1D0UL, 0xAFC725E0UL, 0x8E3C5B2FUL, 0x8E7594B7UL,
89 0x8FF6E2FBUL, 0xF2122B64UL, 0x8888B812UL, 0x900DF01CUL,
90 0x4FAD5EA0UL, 0x688FC31CUL, 0xD1CFF191UL, 0xB3A8C1ADUL,
91 0x2F2F2218UL, 0xBE0E1777UL, 0xEA752DFEUL, 0x8B021FA1UL,
92 0xE5A0CC0FUL, 0xB56F74E8UL, 0x18ACF3D6UL, 0xCE89E299UL,
93 0xB4A84FE0UL, 0xFD13E0B7UL, 0x7CC43B81UL, 0xD2ADA8D9UL,
94 0x165FA266UL, 0x80957705UL, 0x93CC7314UL, 0x211A1477UL,
95 0xE6AD2065UL, 0x77B5FA86UL, 0xC75442F5UL, 0xFB9D35CFUL,
96 0xEBCDAF0CUL, 0x7B3E89A0UL, 0xD6411BD3UL, 0xAE1E7E49UL,
97 0x00250E2DUL, 0x2071B35EUL, 0x226800BBUL, 0x57B8E0AFUL,
98 0x2464369BUL, 0xF009B91EUL, 0x5563911DUL, 0x59DFA6AAUL,
99 0x78C14389UL, 0xD95A537FUL, 0x207D5BA2UL, 0x02E5B9C5UL,
100 0x83260376UL, 0x6295CFA9UL, 0x11C81968UL, 0x4E734A41UL,
101 0xB3472DCAUL, 0x7B14A94AUL, 0x1B510052UL, 0x9A532915UL,
102 0xD60F573FUL, 0xBC9BC6E4UL, 0x2B60A476UL, 0x81E67400UL,
103 0x08BA6FB5UL, 0x571BE91FUL, 0xF296EC6BUL, 0x2A0DD915UL,
104 0xB6636521UL, 0xE7B9F9B6UL, 0xFF34052EUL, 0xC5855664UL,
105 0x53B02D5DUL, 0xA99F8FA1UL, 0x08BA4799UL, 0x6E85076AUL },
106 { 0x4B7A70E9UL, 0xB5B32944UL, 0xDB75092EUL, 0xC4192623UL,
107 0xAD6EA6B0UL, 0x49A7DF7DUL, 0x9CEE60B8UL, 0x8FEDB266UL,
108 0xECAA8C71UL, 0x699A17FFUL, 0x5664526CUL, 0xC2B19EE1UL,
109 0x193602A5UL, 0x75094C29UL, 0xA0591340UL, 0xE4183A3EUL,
110 0x3F54989AUL, 0x5B429D65UL, 0x6B8FE4D6UL, 0x99F73FD6UL,
111 0xA1D29C07UL, 0xEFE830F5UL, 0x4D2D38E6UL, 0xF0255DC1UL,
112 0x4CDD2086UL, 0x8470EB26UL, 0x6382E9C6UL, 0x021ECC5EUL,
113 0x09686B3FUL, 0x3EBAEFC9UL, 0x3C971814UL, 0x6B6A70A1UL,
114 0x687F3584UL, 0x52A0E286UL, 0xB79C5305UL, 0xAA500737UL,
115 0x3E07841CUL, 0x7FDEAE5CUL, 0x8E7D44ECUL, 0x5716F2B8UL,
116 0xB03ADA37UL, 0xF0500C0DUL, 0xF01C1F04UL, 0x0200B3FFUL,
117 0xAE0CF51AUL, 0x3CB574B2UL, 0x25837A58UL, 0xDC0921BDUL,
118 0xD19113F9UL, 0x7CA92FF6UL, 0x94324773UL, 0x22F54701UL,
119 0x3AE5E581UL, 0x37C2DADCUL, 0xC8B57634UL, 0x9AF3DDA7UL,
120 0xA9446146UL, 0x0FD0030EUL, 0xECC8C73EUL, 0xA4751E41UL,
121 0xE238CD99UL, 0x3BEA0E2FUL, 0x3280BBA1UL, 0x183EB331UL,
122 0x4E548B38UL, 0x4F6DB908UL, 0x6F420D03UL, 0xF60A04BFUL,
123 0x2CB81290UL, 0x24977C79UL, 0x5679B072UL, 0xBCAF89AFUL,
124 0xDE9A771FUL, 0xD9930810UL, 0xB38BAE12UL, 0xDCCF3F2EUL,
125 0x5512721FUL, 0x2E6B7124UL, 0x501ADDE6UL, 0x9F84CD87UL,
126 0x7A584718UL, 0x7408DA17UL, 0xBC9F9ABCUL, 0xE94B7D8CUL,
127 0xEC7AEC3AUL, 0xDB851DFAUL, 0x63094366UL, 0xC464C3D2UL,
128 0xEF1C1847UL, 0x3215D908UL, 0xDD433B37UL, 0x24C2BA16UL,
129 0x12A14D43UL, 0x2A65C451UL, 0x50940002UL, 0x133AE4DDUL,
130 0x71DFF89EUL, 0x10314E55UL, 0x81AC77D6UL, 0x5F11199BUL,
131 0x043556F1UL, 0xD7A3C76BUL, 0x3C11183BUL, 0x5924A509UL,
132 0xF28FE6EDUL, 0x97F1FBFAUL, 0x9EBABF2CUL, 0x1E153C6EUL,
133 0x86E34570UL, 0xEAE96FB1UL, 0x860E5E0AUL, 0x5A3E2AB3UL,
134 0x771FE71CUL, 0x4E3D06FAUL, 0x2965DCB9UL, 0x99E71D0FUL,
135 0x803E89D6UL, 0x5266C825UL, 0x2E4CC978UL, 0x9C10B36AUL,
136 0xC6150EBAUL, 0x94E2EA78UL, 0xA5FC3C53UL, 0x1E0A2DF4UL,
137 0xF2F74EA7UL, 0x361D2B3DUL, 0x1939260FUL, 0x19C27960UL,
138 0x5223A708UL, 0xF71312B6UL, 0xEBADFE6EUL, 0xEAC31F66UL,
139 0xE3BC4595UL, 0xA67BC883UL, 0xB17F37D1UL, 0x018CFF28UL,
140 0xC332DDEFUL, 0xBE6C5AA5UL, 0x65582185UL, 0x68AB9802UL,
141 0xEECEA50FUL, 0xDB2F953BUL, 0x2AEF7DADUL, 0x5B6E2F84UL,
142 0x1521B628UL, 0x29076170UL, 0xECDD4775UL, 0x619F1510UL,
143 0x13CCA830UL, 0xEB61BD96UL, 0x0334FE1EUL, 0xAA0363CFUL,
144 0xB5735C90UL, 0x4C70A239UL, 0xD59E9E0BUL, 0xCBAADE14UL,
145 0xEECC86BCUL, 0x60622CA7UL, 0x9CAB5CABUL, 0xB2F3846EUL,
146 0x648B1EAFUL, 0x19BDF0CAUL, 0xA02369B9UL, 0x655ABB50UL,
147 0x40685A32UL, 0x3C2AB4B3UL, 0x319EE9D5UL, 0xC021B8F7UL,
148 0x9B540B19UL, 0x875FA099UL, 0x95F7997EUL, 0x623D7DA8UL,
149 0xF837889AUL, 0x97E32D77UL, 0x11ED935FUL, 0x16681281UL,
150 0x0E358829UL, 0xC7E61FD6UL, 0x96DEDFA1UL, 0x7858BA99UL,
151 0x57F584A5UL, 0x1B227263UL, 0x9B83C3FFUL, 0x1AC24696UL,
152 0xCDB30AEBUL, 0x532E3054UL, 0x8FD948E4UL, 0x6DBC3128UL,
153 0x58EBF2EFUL, 0x34C6FFEAUL, 0xFE28ED61UL, 0xEE7C3C73UL,
154 0x5D4A14D9UL, 0xE864B7E3UL, 0x42105D14UL, 0x203E13E0UL,
155 0x45EEE2B6UL, 0xA3AAABEAUL, 0xDB6C4F15UL, 0xFACB4FD0UL,
156 0xC742F442UL, 0xEF6ABBB5UL, 0x654F3B1DUL, 0x41CD2105UL,
157 0xD81E799EUL, 0x86854DC7UL, 0xE44B476AUL, 0x3D816250UL,
158 0xCF62A1F2UL, 0x5B8D2646UL, 0xFC8883A0UL, 0xC1C7B6A3UL,
159 0x7F1524C3UL, 0x69CB7492UL, 0x47848A0BUL, 0x5692B285UL,
160 0x095BBF00UL, 0xAD19489DUL, 0x1462B174UL, 0x23820E00UL,
161 0x58428D2AUL, 0x0C55F5EAUL, 0x1DADF43EUL, 0x233F7061UL,
162 0x3372F092UL, 0x8D937E41UL, 0xD65FECF1UL, 0x6C223BDBUL,
163 0x7CDE3759UL, 0xCBEE7460UL, 0x4085F2A7UL, 0xCE77326EUL,
164 0xA6078084UL, 0x19F8509EUL, 0xE8EFD855UL, 0x61D99735UL,
165 0xA969A7AAUL, 0xC50C06C2UL, 0x5A04ABFCUL, 0x800BCADCUL,
166 0x9E447A2EUL, 0xC3453484UL, 0xFDD56705UL, 0x0E1E9EC9UL,
167 0xDB73DBD3UL, 0x105588CDUL, 0x675FDA79UL, 0xE3674340UL,
168 0xC5C43465UL, 0x713E38D8UL, 0x3D28F89EUL, 0xF16DFF20UL,
169 0x153E21E7UL, 0x8FB03D4AUL, 0xE6E39F2BUL, 0xDB83ADF7UL },
170 { 0xE93D5A68UL, 0x948140F7UL, 0xF64C261CUL, 0x94692934UL,
171 0x411520F7UL, 0x7602D4F7UL, 0xBCF46B2EUL, 0xD4A20068UL,
172 0xD4082471UL, 0x3320F46AUL, 0x43B7D4B7UL, 0x500061AFUL,
173 0x1E39F62EUL, 0x97244546UL, 0x14214F74UL, 0xBF8B8840UL,
174 0x4D95FC1DUL, 0x96B591AFUL, 0x70F4DDD3UL, 0x66A02F45UL,
175 0xBFBC09ECUL, 0x03BD9785UL, 0x7FAC6DD0UL, 0x31CB8504UL,
176 0x96EB27B3UL, 0x55FD3941UL, 0xDA2547E6UL, 0xABCA0A9AUL,
177 0x28507825UL, 0x530429F4UL, 0x0A2C86DAUL, 0xE9B66DFBUL,
178 0x68DC1462UL, 0xD7486900UL, 0x680EC0A4UL, 0x27A18DEEUL,
179 0x4F3FFEA2UL, 0xE887AD8CUL, 0xB58CE006UL, 0x7AF4D6B6UL,
180 0xAACE1E7CUL, 0xD3375FECUL, 0xCE78A399UL, 0x406B2A42UL,
181 0x20FE9E35UL, 0xD9F385B9UL, 0xEE39D7ABUL, 0x3B124E8BUL,
182 0x1DC9FAF7UL, 0x4B6D1856UL, 0x26A36631UL, 0xEAE397B2UL,
183 0x3A6EFA74UL, 0xDD5B4332UL, 0x6841E7F7UL, 0xCA7820FBUL,
184 0xFB0AF54EUL, 0xD8FEB397UL, 0x454056ACUL, 0xBA489527UL,
185 0x55533A3AUL, 0x20838D87UL, 0xFE6BA9B7UL, 0xD096954BUL,
186 0x55A867BCUL, 0xA1159A58UL, 0xCCA92963UL, 0x99E1DB33UL,
187 0xA62A4A56UL, 0x3F3125F9UL, 0x5EF47E1CUL, 0x9029317CUL,
188 0xFDF8E802UL, 0x04272F70UL, 0x80BB155CUL, 0x05282CE3UL,
189 0x95C11548UL, 0xE4C66D22UL, 0x48C1133FUL, 0xC70F86DCUL,
190 0x07F9C9EEUL, 0x41041F0FUL, 0x404779A4UL, 0x5D886E17UL,
191 0x325F51EBUL, 0xD59BC0D1UL, 0xF2BCC18FUL, 0x41113564UL,
192 0x257B7834UL, 0x602A9C60UL, 0xDFF8E8A3UL, 0x1F636C1BUL,
193 0x0E12B4C2UL, 0x02E1329EUL, 0xAF664FD1UL, 0xCAD18115UL,
194 0x6B2395E0UL, 0x333E92E1UL, 0x3B240B62UL, 0xEEBEB922UL,
195 0x85B2A20EUL, 0xE6BA0D99UL, 0xDE720C8CUL, 0x2DA2F728UL,
196 0xD0127845UL, 0x95B794FDUL, 0x647D0862UL, 0xE7CCF5F0UL,
197 0x5449A36FUL, 0x877D48FAUL, 0xC39DFD27UL, 0xF33E8D1EUL,
198 0x0A476341UL, 0x992EFF74UL, 0x3A6F6EABUL, 0xF4F8FD37UL,
199 0xA812DC60UL, 0xA1EBDDF8UL, 0x991BE14CUL, 0xDB6E6B0DUL,
200 0xC67B5510UL, 0x6D672C37UL, 0x2765D43BUL, 0xDCD0E804UL,
201 0xF1290DC7UL, 0xCC00FFA3UL, 0xB5390F92UL, 0x690FED0BUL,
202 0x667B9FFBUL, 0xCEDB7D9CUL, 0xA091CF0BUL, 0xD9155EA3UL,
203 0xBB132F88UL, 0x515BAD24UL, 0x7B9479BFUL, 0x763BD6EBUL,
204 0x37392EB3UL, 0xCC115979UL, 0x8026E297UL, 0xF42E312DUL,
205 0x6842ADA7UL, 0xC66A2B3BUL, 0x12754CCCUL, 0x782EF11CUL,
206 0x6A124237UL, 0xB79251E7UL, 0x06A1BBE6UL, 0x4BFB6350UL,
207 0x1A6B1018UL, 0x11CAEDFAUL, 0x3D25BDD8UL, 0xE2E1C3C9UL,
208 0x44421659UL, 0x0A121386UL, 0xD90CEC6EUL, 0xD5ABEA2AUL,
209 0x64AF674EUL, 0xDA86A85FUL, 0xBEBFE988UL, 0x64E4C3FEUL,
210 0x9DBC8057UL, 0xF0F7C086UL, 0x60787BF8UL, 0x6003604DUL,
211 0xD1FD8346UL, 0xF6381FB0UL, 0x7745AE04UL, 0xD736FCCCUL,
212 0x83426B33UL, 0xF01EAB71UL, 0xB0804187UL, 0x3C005E5FUL,
213 0x77A057BEUL, 0xBDE8AE24UL, 0x55464299UL, 0xBF582E61UL,
214 0x4E58F48FUL, 0xF2DDFDA2UL, 0xF474EF38UL, 0x8789BDC2UL,
215 0x5366F9C3UL, 0xC8B38E74UL, 0xB475F255UL, 0x46FCD9B9UL,
216 0x7AEB2661UL, 0x8B1DDF84UL, 0x846A0E79UL, 0x915F95E2UL,
217 0x466E598EUL, 0x20B45770UL, 0x8CD55591UL, 0xC902DE4CUL,
218 0xB90BACE1UL, 0xBB8205D0UL, 0x11A86248UL, 0x7574A99EUL,
219 0xB77F19B6UL, 0xE0A9DC09UL, 0x662D09A1UL, 0xC4324633UL,
220 0xE85A1F02UL, 0x09F0BE8CUL, 0x4A99A025UL, 0x1D6EFE10UL,
221 0x1AB93D1DUL, 0x0BA5A4DFUL, 0xA186F20FUL, 0x2868F169UL,
222 0xDCB7DA83UL, 0x573906FEUL, 0xA1E2CE9BUL, 0x4FCD7F52UL,
223 0x50115E01UL, 0xA70683FAUL, 0xA002B5C4UL, 0x0DE6D027UL,
224 0x9AF88C27UL, 0x773F8641UL, 0xC3604C06UL, 0x61A806B5UL,
225 0xF0177A28UL, 0xC0F586E0UL, 0x006058AAUL, 0x30DC7D62UL,
226 0x11E69ED7UL, 0x2338EA63UL, 0x53C2DD94UL, 0xC2C21634UL,
227 0xBBCBEE56UL, 0x90BCB6DEUL, 0xEBFC7DA1UL, 0xCE591D76UL,
228 0x6F05E409UL, 0x4B7C0188UL, 0x39720A3DUL, 0x7C927C24UL,
229 0x86E3725FUL, 0x724D9DB9UL, 0x1AC15BB4UL, 0xD39EB8FCUL,
230 0xED545578UL, 0x08FCA5B5UL, 0xD83D7CD3UL, 0x4DAD0FC4UL,
231 0x1E50EF5EUL, 0xB161E6F8UL, 0xA28514D9UL, 0x6C51133CUL,
232 0x6FD5C7E7UL, 0x56E14EC4UL, 0x362ABFCEUL, 0xDDC6C837UL,
233 0xD79A3234UL, 0x92638212UL, 0x670EFA8EUL, 0x406000E0UL },
234 { 0x3A39CE37UL, 0xD3FAF5CFUL, 0xABC27737UL, 0x5AC52D1BUL,
235 0x5CB0679EUL, 0x4FA33742UL, 0xD3822740UL, 0x99BC9BBEUL,
236 0xD5118E9DUL, 0xBF0F7315UL, 0xD62D1C7EUL, 0xC700C47BUL,
237 0xB78C1B6BUL, 0x21A19045UL, 0xB26EB1BEUL, 0x6A366EB4UL,
238 0x5748AB2FUL, 0xBC946E79UL, 0xC6A376D2UL, 0x6549C2C8UL,
239 0x530FF8EEUL, 0x468DDE7DUL, 0xD5730A1DUL, 0x4CD04DC6UL,
240 0x2939BBDBUL, 0xA9BA4650UL, 0xAC9526E8UL, 0xBE5EE304UL,
241 0xA1FAD5F0UL, 0x6A2D519AUL, 0x63EF8CE2UL, 0x9A86EE22UL,
242 0xC089C2B8UL, 0x43242EF6UL, 0xA51E03AAUL, 0x9CF2D0A4UL,
243 0x83C061BAUL, 0x9BE96A4DUL, 0x8FE51550UL, 0xBA645BD6UL,
244 0x2826A2F9UL, 0xA73A3AE1UL, 0x4BA99586UL, 0xEF5562E9UL,
245 0xC72FEFD3UL, 0xF752F7DAUL, 0x3F046F69UL, 0x77FA0A59UL,
246 0x80E4A915UL, 0x87B08601UL, 0x9B09E6ADUL, 0x3B3EE593UL,
247 0xE990FD5AUL, 0x9E34D797UL, 0x2CF0B7D9UL, 0x022B8B51UL,
248 0x96D5AC3AUL, 0x017DA67DUL, 0xD1CF3ED6UL, 0x7C7D2D28UL,
249 0x1F9F25CFUL, 0xADF2B89BUL, 0x5AD6B472UL, 0x5A88F54CUL,
250 0xE029AC71UL, 0xE019A5E6UL, 0x47B0ACFDUL, 0xED93FA9BUL,
251 0xE8D3C48DUL, 0x283B57CCUL, 0xF8D56629UL, 0x79132E28UL,
252 0x785F0191UL, 0xED756055UL, 0xF7960E44UL, 0xE3D35E8CUL,
253 0x15056DD4UL, 0x88F46DBAUL, 0x03A16125UL, 0x0564F0BDUL,
254 0xC3EB9E15UL, 0x3C9057A2UL, 0x97271AECUL, 0xA93A072AUL,
255 0x1B3F6D9BUL, 0x1E6321F5UL, 0xF59C66FBUL, 0x26DCF319UL,
256 0x7533D928UL, 0xB155FDF5UL, 0x03563482UL, 0x8ABA3CBBUL,
257 0x28517711UL, 0xC20AD9F8UL, 0xABCC5167UL, 0xCCAD925FUL,
258 0x4DE81751UL, 0x3830DC8EUL, 0x379D5862UL, 0x9320F991UL,
259 0xEA7A90C2UL, 0xFB3E7BCEUL, 0x5121CE64UL, 0x774FBE32UL,
260 0xA8B6E37EUL, 0xC3293D46UL, 0x48DE5369UL, 0x6413E680UL,
261 0xA2AE0810UL, 0xDD6DB224UL, 0x69852DFDUL, 0x09072166UL,
262 0xB39A460AUL, 0x6445C0DDUL, 0x586CDECFUL, 0x1C20C8AEUL,
263 0x5BBEF7DDUL, 0x1B588D40UL, 0xCCD2017FUL, 0x6BB4E3BBUL,
264 0xDDA26A7EUL, 0x3A59FF45UL, 0x3E350A44UL, 0xBCB4CDD5UL,
265 0x72EACEA8UL, 0xFA6484BBUL, 0x8D6612AEUL, 0xBF3C6F47UL,
266 0xD29BE463UL, 0x542F5D9EUL, 0xAEC2771BUL, 0xF64E6370UL,
267 0x740E0D8DUL, 0xE75B1357UL, 0xF8721671UL, 0xAF537D5DUL,
268 0x4040CB08UL, 0x4EB4E2CCUL, 0x34D2466AUL, 0x0115AF84UL,
269 0xE1B00428UL, 0x95983A1DUL, 0x06B89FB4UL, 0xCE6EA048UL,
270 0x6F3F3B82UL, 0x3520AB82UL, 0x011A1D4BUL, 0x277227F8UL,
271 0x611560B1UL, 0xE7933FDCUL, 0xBB3A792BUL, 0x344525BDUL,
272 0xA08839E1UL, 0x51CE794BUL, 0x2F32C9B7UL, 0xA01FBAC9UL,
273 0xE01CC87EUL, 0xBCC7D1F6UL, 0xCF0111C3UL, 0xA1E8AAC7UL,
274 0x1A908749UL, 0xD44FBD9AUL, 0xD0DADECBUL, 0xD50ADA38UL,
275 0x0339C32AUL, 0xC6913667UL, 0x8DF9317CUL, 0xE0B12B4FUL,
276 0xF79E59B7UL, 0x43F5BB3AUL, 0xF2D519FFUL, 0x27D9459CUL,
277 0xBF97222CUL, 0x15E6FC2AUL, 0x0F91FC71UL, 0x9B941525UL,
278 0xFAE59361UL, 0xCEB69CEBUL, 0xC2A86459UL, 0x12BAA8D1UL,
279 0xB6C1075EUL, 0xE3056A0CUL, 0x10D25065UL, 0xCB03A442UL,
280 0xE0EC6E0EUL, 0x1698DB3BUL, 0x4C98A0BEUL, 0x3278E964UL,
281 0x9F1F9532UL, 0xE0D392DFUL, 0xD3A0342BUL, 0x8971F21EUL,
282 0x1B0A7441UL, 0x4BA3348CUL, 0xC5BE7120UL, 0xC37632D8UL,
283 0xDF359F8DUL, 0x9B992F2EUL, 0xE60B6F47UL, 0x0FE3F11DUL,
284 0xE54CDA54UL, 0x1EDAD891UL, 0xCE6279CFUL, 0xCD3E7E6FUL,
285 0x1618B166UL, 0xFD2C1D05UL, 0x848FD2C5UL, 0xF6FB2299UL,
286 0xF523F357UL, 0xA6327623UL, 0x93A83531UL, 0x56CCCD02UL,
287 0xACF08162UL, 0x5A75EBB5UL, 0x6E163697UL, 0x88D273CCUL,
288 0xDE966292UL, 0x81B949D0UL, 0x4C50901BUL, 0x71C65614UL,
289 0xE6C6C7BDUL, 0x327A140AUL, 0x45E1D006UL, 0xC3F27B9AUL,
290 0xC9AA53FDUL, 0x62A80F00UL, 0xBB25BFE2UL, 0x35BDD2F6UL,
291 0x71126905UL, 0xB2040222UL, 0xB6CBCF7CUL, 0xCD769C2BUL,
292 0x53113EC0UL, 0x1640E3D3UL, 0x38ABBD60UL, 0x2547ADF0UL,
293 0xBA38209CUL, 0xF746CE76UL, 0x77AFA1C5UL, 0x20756060UL,
294 0x85CBFE4EUL, 0x8AE88DD8UL, 0x7AAAF9B0UL, 0x4CF9AA7EUL,
295 0x1948C25CUL, 0x02FB8A8CUL, 0x01C36AE4UL, 0xD6EBE1F9UL,
296 0x90D4F869UL, 0xA65CDEA0UL, 0x3F09252DUL, 0xC208E69FUL,
297 0xB74E6132UL, 0xCE77E25BUL, 0x578FDFE3UL, 0x3AC372E6UL }
298 };
299
300 /**
301 Initialize the Blowfish block cipher
302 @param key The symmetric key you wish to pass
303 @param keylen The key length in bytes
304 @param num_rounds The number of rounds desired (0 for default)
305 @param skey The key in as scheduled by this function.
306 @return CRYPT_OK if successful
307 */
blowfish_setup(const unsigned char * key,int keylen,int num_rounds,symmetric_key * skey)308 int blowfish_setup(const unsigned char *key, int keylen, int num_rounds,
309 symmetric_key *skey)
310 {
311 ulong32 x, y, z, A;
312 unsigned char B[8];
313
314 LTC_ARGCHK(key != NULL);
315 LTC_ARGCHK(skey != NULL);
316
317 /* check key length */
318 if (keylen < 8 || keylen > 56) {
319 return CRYPT_INVALID_KEYSIZE;
320 }
321
322 /* check rounds */
323 if (num_rounds != 0 && num_rounds != 16) {
324 return CRYPT_INVALID_ROUNDS;
325 }
326
327 /* load in key bytes (Supplied by David Hopwood) */
328 for (x = y = 0; x < 18; x++) {
329 A = 0;
330 for (z = 0; z < 4; z++) {
331 A = (A << 8) | ((ulong32)key[y++] & 255);
332 if (y == (ulong32)keylen) {
333 y = 0;
334 }
335 }
336 skey->blowfish.K[x] = ORIG_P[x] ^ A;
337 }
338
339 /* copy sboxes */
340 for (x = 0; x < 4; x++) {
341 for (y = 0; y < 256; y++) {
342 skey->blowfish.S[x][y] = ORIG_S[x][y];
343 }
344 }
345
346 /* encrypt K array */
347 for (x = 0; x < 8; x++) {
348 B[x] = 0;
349 }
350
351 for (x = 0; x < 18; x += 2) {
352 /* encrypt it */
353 blowfish_ecb_encrypt(B, B, skey);
354 /* copy it */
355 LOAD32H(skey->blowfish.K[x], &B[0]);
356 LOAD32H(skey->blowfish.K[x+1], &B[4]);
357 }
358
359 /* encrypt S array */
360 for (x = 0; x < 4; x++) {
361 for (y = 0; y < 256; y += 2) {
362 /* encrypt it */
363 blowfish_ecb_encrypt(B, B, skey);
364 /* copy it */
365 LOAD32H(skey->blowfish.S[x][y], &B[0]);
366 LOAD32H(skey->blowfish.S[x][y+1], &B[4]);
367 }
368 }
369
370 #ifdef LTC_CLEAN_STACK
371 zeromem(B, sizeof(B));
372 #endif
373
374 return CRYPT_OK;
375 }
376
377 #ifndef __GNUC__
378 #define F(x) ((S1[byte(x,3)] + S2[byte(x,2)]) ^ S3[byte(x,1)]) + S4[byte(x,0)]
379 #else
380 #define F(x) ((skey->blowfish.S[0][byte(x,3)] + skey->blowfish.S[1][byte(x,2)]) ^ skey->blowfish.S[2][byte(x,1)]) + skey->blowfish.S[3][byte(x,0)]
381 #endif
382
383 /**
384 Encrypts a block of text with Blowfish
385 @param pt The input plaintext (8 bytes)
386 @param ct The output ciphertext (8 bytes)
387 @param skey The key as scheduled
388 @return CRYPT_OK if successful
389 */
390 #ifdef LTC_CLEAN_STACK
_blowfish_ecb_encrypt(const unsigned char * pt,unsigned char * ct,symmetric_key * skey)391 static int _blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
392 #else
393 int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
394 #endif
395 {
396 ulong32 L, R;
397 int r;
398 #ifndef __GNUC__
399 ulong32 *S1, *S2, *S3, *S4;
400 #endif
401
402 LTC_ARGCHK(pt != NULL);
403 LTC_ARGCHK(ct != NULL);
404 LTC_ARGCHK(skey != NULL);
405
406 #ifndef __GNUC__
407 S1 = skey->blowfish.S[0];
408 S2 = skey->blowfish.S[1];
409 S3 = skey->blowfish.S[2];
410 S4 = skey->blowfish.S[3];
411 #endif
412
413 /* load it */
414 LOAD32H(L, &pt[0]);
415 LOAD32H(R, &pt[4]);
416
417 /* do 16 rounds */
418 for (r = 0; r < 16; ) {
419 L ^= skey->blowfish.K[r++]; R ^= F(L);
420 R ^= skey->blowfish.K[r++]; L ^= F(R);
421 L ^= skey->blowfish.K[r++]; R ^= F(L);
422 R ^= skey->blowfish.K[r++]; L ^= F(R);
423 }
424
425 /* last keying */
426 R ^= skey->blowfish.K[17];
427 L ^= skey->blowfish.K[16];
428
429 /* store */
430 STORE32H(R, &ct[0]);
431 STORE32H(L, &ct[4]);
432
433 return CRYPT_OK;
434 }
435
436 #ifdef LTC_CLEAN_STACK
blowfish_ecb_encrypt(const unsigned char * pt,unsigned char * ct,symmetric_key * skey)437 int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
438 {
439 int err = _blowfish_ecb_encrypt(pt, ct, skey);
440 burn_stack(sizeof(ulong32) * 2 + sizeof(int));
441 return err;
442 }
443 #endif
444
445 /**
446 Decrypts a block of text with Blowfish
447 @param ct The input ciphertext (8 bytes)
448 @param pt The output plaintext (8 bytes)
449 @param skey The key as scheduled
450 @return CRYPT_OK if successful
451 */
452 #ifdef LTC_CLEAN_STACK
_blowfish_ecb_decrypt(const unsigned char * ct,unsigned char * pt,symmetric_key * skey)453 static int _blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
454 #else
455 int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
456 #endif
457 {
458 ulong32 L, R;
459 int r;
460 #ifndef __GNUC__
461 ulong32 *S1, *S2, *S3, *S4;
462 #endif
463
464 LTC_ARGCHK(pt != NULL);
465 LTC_ARGCHK(ct != NULL);
466 LTC_ARGCHK(skey != NULL);
467
468 #ifndef __GNUC__
469 S1 = skey->blowfish.S[0];
470 S2 = skey->blowfish.S[1];
471 S3 = skey->blowfish.S[2];
472 S4 = skey->blowfish.S[3];
473 #endif
474
475 /* load it */
476 LOAD32H(R, &ct[0]);
477 LOAD32H(L, &ct[4]);
478
479 /* undo last keying */
480 R ^= skey->blowfish.K[17];
481 L ^= skey->blowfish.K[16];
482
483 /* do 16 rounds */
484 for (r = 15; r > 0; ) {
485 L ^= F(R); R ^= skey->blowfish.K[r--];
486 R ^= F(L); L ^= skey->blowfish.K[r--];
487 L ^= F(R); R ^= skey->blowfish.K[r--];
488 R ^= F(L); L ^= skey->blowfish.K[r--];
489 }
490
491 /* store */
492 STORE32H(L, &pt[0]);
493 STORE32H(R, &pt[4]);
494 return CRYPT_OK;
495 }
496
497 #ifdef LTC_CLEAN_STACK
blowfish_ecb_decrypt(const unsigned char * ct,unsigned char * pt,symmetric_key * skey)498 int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
499 {
500 int err = _blowfish_ecb_decrypt(ct, pt, skey);
501 burn_stack(sizeof(ulong32) * 2 + sizeof(int));
502 return err;
503 }
504 #endif
505
506
507 /**
508 Performs a self-test of the Blowfish block cipher
509 @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled
510 */
blowfish_test(void)511 int blowfish_test(void)
512 {
513 #ifndef LTC_TEST
514 return CRYPT_NOP;
515 #else
516 int err;
517 symmetric_key key;
518 static const struct {
519 unsigned char key[8], pt[8], ct[8];
520 } tests[] = {
521 {
522 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
523 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
524 { 0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78}
525 },
526 {
527 { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
528 { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
529 { 0x51, 0x86, 0x6F, 0xD5, 0xB8, 0x5E, 0xCB, 0x8A}
530 },
531 {
532 { 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
533 { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
534 { 0x7D, 0x85, 0x6F, 0x9A, 0x61, 0x30, 0x63, 0xF2}
535 }
536 };
537 unsigned char tmp[2][8];
538 int x, y;
539
540 for (x = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
541 /* setup key */
542 if ((err = blowfish_setup(tests[x].key, 8, 16, &key)) != CRYPT_OK) {
543 return err;
544 }
545
546 /* encrypt and decrypt */
547 blowfish_ecb_encrypt(tests[x].pt, tmp[0], &key);
548 blowfish_ecb_decrypt(tmp[0], tmp[1], &key);
549
550 /* compare */
551 if ((XMEMCMP(tmp[0], tests[x].ct, 8) != 0) || (XMEMCMP(tmp[1], tests[x].pt, 8) != 0)) {
552 return CRYPT_FAIL_TESTVECTOR;
553 }
554
555 /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */
556 for (y = 0; y < 8; y++) tmp[0][y] = 0;
557 for (y = 0; y < 1000; y++) blowfish_ecb_encrypt(tmp[0], tmp[0], &key);
558 for (y = 0; y < 1000; y++) blowfish_ecb_decrypt(tmp[0], tmp[0], &key);
559 for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR;
560 }
561 return CRYPT_OK;
562 #endif
563 }
564
565 /** Terminate the context
566 @param skey The scheduled key
567 */
blowfish_done(symmetric_key * skey)568 void blowfish_done(symmetric_key *skey)
569 {
570 }
571
572 /**
573 Gets suitable key size
574 @param keysize [in/out] The length of the recommended key (in bytes). This function will store the suitable size back in this variable.
575 @return CRYPT_OK if the input key size is acceptable.
576 */
blowfish_keysize(int * keysize)577 int blowfish_keysize(int *keysize)
578 {
579 LTC_ARGCHK(keysize != NULL);
580
581 if (*keysize < 8) {
582 return CRYPT_INVALID_KEYSIZE;
583 } else if (*keysize > 56) {
584 *keysize = 56;
585 }
586 return CRYPT_OK;
587 }
588
589 #endif
590
591
592 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/blowfish.c,v $ */
593 /* $Revision: 1.12 $ */
594 /* $Date: 2006/11/08 23:01:06 $ */
595