• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
2  *
3  * LibTomCrypt is a library that provides various cryptographic
4  * algorithms in a highly modular and flexible manner.
5  *
6  * The library is free for all purposes without any express
7  * guarantee it works.
8  *
9  * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
10  */
11 /**
12   @file blowfish.c
13   Implementation of the Blowfish block cipher, Tom St Denis
14 */
15 #include "tomcrypt.h"
16 
17 #ifdef BLOWFISH
18 
19 const struct ltc_cipher_descriptor blowfish_desc =
20 {
21     "blowfish",
22     0,
23     8, 56, 8, 16,
24     &blowfish_setup,
25     &blowfish_ecb_encrypt,
26     &blowfish_ecb_decrypt,
27     &blowfish_test,
28     &blowfish_done,
29     &blowfish_keysize,
30     NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
31 };
32 
33 static const ulong32 ORIG_P[16 + 2] = {
34         0x243F6A88UL, 0x85A308D3UL, 0x13198A2EUL, 0x03707344UL,
35         0xA4093822UL, 0x299F31D0UL, 0x082EFA98UL, 0xEC4E6C89UL,
36         0x452821E6UL, 0x38D01377UL, 0xBE5466CFUL, 0x34E90C6CUL,
37         0xC0AC29B7UL, 0xC97C50DDUL, 0x3F84D5B5UL, 0xB5470917UL,
38         0x9216D5D9UL, 0x8979FB1BUL
39 };
40 
41 static const ulong32 ORIG_S[4][256] = {
42     {   0xD1310BA6UL, 0x98DFB5ACUL, 0x2FFD72DBUL, 0xD01ADFB7UL,
43         0xB8E1AFEDUL, 0x6A267E96UL, 0xBA7C9045UL, 0xF12C7F99UL,
44         0x24A19947UL, 0xB3916CF7UL, 0x0801F2E2UL, 0x858EFC16UL,
45         0x636920D8UL, 0x71574E69UL, 0xA458FEA3UL, 0xF4933D7EUL,
46         0x0D95748FUL, 0x728EB658UL, 0x718BCD58UL, 0x82154AEEUL,
47         0x7B54A41DUL, 0xC25A59B5UL, 0x9C30D539UL, 0x2AF26013UL,
48         0xC5D1B023UL, 0x286085F0UL, 0xCA417918UL, 0xB8DB38EFUL,
49         0x8E79DCB0UL, 0x603A180EUL, 0x6C9E0E8BUL, 0xB01E8A3EUL,
50         0xD71577C1UL, 0xBD314B27UL, 0x78AF2FDAUL, 0x55605C60UL,
51         0xE65525F3UL, 0xAA55AB94UL, 0x57489862UL, 0x63E81440UL,
52         0x55CA396AUL, 0x2AAB10B6UL, 0xB4CC5C34UL, 0x1141E8CEUL,
53         0xA15486AFUL, 0x7C72E993UL, 0xB3EE1411UL, 0x636FBC2AUL,
54         0x2BA9C55DUL, 0x741831F6UL, 0xCE5C3E16UL, 0x9B87931EUL,
55         0xAFD6BA33UL, 0x6C24CF5CUL, 0x7A325381UL, 0x28958677UL,
56         0x3B8F4898UL, 0x6B4BB9AFUL, 0xC4BFE81BUL, 0x66282193UL,
57         0x61D809CCUL, 0xFB21A991UL, 0x487CAC60UL, 0x5DEC8032UL,
58         0xEF845D5DUL, 0xE98575B1UL, 0xDC262302UL, 0xEB651B88UL,
59         0x23893E81UL, 0xD396ACC5UL, 0x0F6D6FF3UL, 0x83F44239UL,
60         0x2E0B4482UL, 0xA4842004UL, 0x69C8F04AUL, 0x9E1F9B5EUL,
61         0x21C66842UL, 0xF6E96C9AUL, 0x670C9C61UL, 0xABD388F0UL,
62         0x6A51A0D2UL, 0xD8542F68UL, 0x960FA728UL, 0xAB5133A3UL,
63         0x6EEF0B6CUL, 0x137A3BE4UL, 0xBA3BF050UL, 0x7EFB2A98UL,
64         0xA1F1651DUL, 0x39AF0176UL, 0x66CA593EUL, 0x82430E88UL,
65         0x8CEE8619UL, 0x456F9FB4UL, 0x7D84A5C3UL, 0x3B8B5EBEUL,
66         0xE06F75D8UL, 0x85C12073UL, 0x401A449FUL, 0x56C16AA6UL,
67         0x4ED3AA62UL, 0x363F7706UL, 0x1BFEDF72UL, 0x429B023DUL,
68         0x37D0D724UL, 0xD00A1248UL, 0xDB0FEAD3UL, 0x49F1C09BUL,
69         0x075372C9UL, 0x80991B7BUL, 0x25D479D8UL, 0xF6E8DEF7UL,
70         0xE3FE501AUL, 0xB6794C3BUL, 0x976CE0BDUL, 0x04C006BAUL,
71         0xC1A94FB6UL, 0x409F60C4UL, 0x5E5C9EC2UL, 0x196A2463UL,
72         0x68FB6FAFUL, 0x3E6C53B5UL, 0x1339B2EBUL, 0x3B52EC6FUL,
73         0x6DFC511FUL, 0x9B30952CUL, 0xCC814544UL, 0xAF5EBD09UL,
74         0xBEE3D004UL, 0xDE334AFDUL, 0x660F2807UL, 0x192E4BB3UL,
75         0xC0CBA857UL, 0x45C8740FUL, 0xD20B5F39UL, 0xB9D3FBDBUL,
76         0x5579C0BDUL, 0x1A60320AUL, 0xD6A100C6UL, 0x402C7279UL,
77         0x679F25FEUL, 0xFB1FA3CCUL, 0x8EA5E9F8UL, 0xDB3222F8UL,
78         0x3C7516DFUL, 0xFD616B15UL, 0x2F501EC8UL, 0xAD0552ABUL,
79         0x323DB5FAUL, 0xFD238760UL, 0x53317B48UL, 0x3E00DF82UL,
80         0x9E5C57BBUL, 0xCA6F8CA0UL, 0x1A87562EUL, 0xDF1769DBUL,
81         0xD542A8F6UL, 0x287EFFC3UL, 0xAC6732C6UL, 0x8C4F5573UL,
82         0x695B27B0UL, 0xBBCA58C8UL, 0xE1FFA35DUL, 0xB8F011A0UL,
83         0x10FA3D98UL, 0xFD2183B8UL, 0x4AFCB56CUL, 0x2DD1D35BUL,
84         0x9A53E479UL, 0xB6F84565UL, 0xD28E49BCUL, 0x4BFB9790UL,
85         0xE1DDF2DAUL, 0xA4CB7E33UL, 0x62FB1341UL, 0xCEE4C6E8UL,
86         0xEF20CADAUL, 0x36774C01UL, 0xD07E9EFEUL, 0x2BF11FB4UL,
87         0x95DBDA4DUL, 0xAE909198UL, 0xEAAD8E71UL, 0x6B93D5A0UL,
88         0xD08ED1D0UL, 0xAFC725E0UL, 0x8E3C5B2FUL, 0x8E7594B7UL,
89         0x8FF6E2FBUL, 0xF2122B64UL, 0x8888B812UL, 0x900DF01CUL,
90         0x4FAD5EA0UL, 0x688FC31CUL, 0xD1CFF191UL, 0xB3A8C1ADUL,
91         0x2F2F2218UL, 0xBE0E1777UL, 0xEA752DFEUL, 0x8B021FA1UL,
92         0xE5A0CC0FUL, 0xB56F74E8UL, 0x18ACF3D6UL, 0xCE89E299UL,
93         0xB4A84FE0UL, 0xFD13E0B7UL, 0x7CC43B81UL, 0xD2ADA8D9UL,
94         0x165FA266UL, 0x80957705UL, 0x93CC7314UL, 0x211A1477UL,
95         0xE6AD2065UL, 0x77B5FA86UL, 0xC75442F5UL, 0xFB9D35CFUL,
96         0xEBCDAF0CUL, 0x7B3E89A0UL, 0xD6411BD3UL, 0xAE1E7E49UL,
97         0x00250E2DUL, 0x2071B35EUL, 0x226800BBUL, 0x57B8E0AFUL,
98         0x2464369BUL, 0xF009B91EUL, 0x5563911DUL, 0x59DFA6AAUL,
99         0x78C14389UL, 0xD95A537FUL, 0x207D5BA2UL, 0x02E5B9C5UL,
100         0x83260376UL, 0x6295CFA9UL, 0x11C81968UL, 0x4E734A41UL,
101         0xB3472DCAUL, 0x7B14A94AUL, 0x1B510052UL, 0x9A532915UL,
102         0xD60F573FUL, 0xBC9BC6E4UL, 0x2B60A476UL, 0x81E67400UL,
103         0x08BA6FB5UL, 0x571BE91FUL, 0xF296EC6BUL, 0x2A0DD915UL,
104         0xB6636521UL, 0xE7B9F9B6UL, 0xFF34052EUL, 0xC5855664UL,
105         0x53B02D5DUL, 0xA99F8FA1UL, 0x08BA4799UL, 0x6E85076AUL   },
106     {   0x4B7A70E9UL, 0xB5B32944UL, 0xDB75092EUL, 0xC4192623UL,
107         0xAD6EA6B0UL, 0x49A7DF7DUL, 0x9CEE60B8UL, 0x8FEDB266UL,
108         0xECAA8C71UL, 0x699A17FFUL, 0x5664526CUL, 0xC2B19EE1UL,
109         0x193602A5UL, 0x75094C29UL, 0xA0591340UL, 0xE4183A3EUL,
110         0x3F54989AUL, 0x5B429D65UL, 0x6B8FE4D6UL, 0x99F73FD6UL,
111         0xA1D29C07UL, 0xEFE830F5UL, 0x4D2D38E6UL, 0xF0255DC1UL,
112         0x4CDD2086UL, 0x8470EB26UL, 0x6382E9C6UL, 0x021ECC5EUL,
113         0x09686B3FUL, 0x3EBAEFC9UL, 0x3C971814UL, 0x6B6A70A1UL,
114         0x687F3584UL, 0x52A0E286UL, 0xB79C5305UL, 0xAA500737UL,
115         0x3E07841CUL, 0x7FDEAE5CUL, 0x8E7D44ECUL, 0x5716F2B8UL,
116         0xB03ADA37UL, 0xF0500C0DUL, 0xF01C1F04UL, 0x0200B3FFUL,
117         0xAE0CF51AUL, 0x3CB574B2UL, 0x25837A58UL, 0xDC0921BDUL,
118         0xD19113F9UL, 0x7CA92FF6UL, 0x94324773UL, 0x22F54701UL,
119         0x3AE5E581UL, 0x37C2DADCUL, 0xC8B57634UL, 0x9AF3DDA7UL,
120         0xA9446146UL, 0x0FD0030EUL, 0xECC8C73EUL, 0xA4751E41UL,
121         0xE238CD99UL, 0x3BEA0E2FUL, 0x3280BBA1UL, 0x183EB331UL,
122         0x4E548B38UL, 0x4F6DB908UL, 0x6F420D03UL, 0xF60A04BFUL,
123         0x2CB81290UL, 0x24977C79UL, 0x5679B072UL, 0xBCAF89AFUL,
124         0xDE9A771FUL, 0xD9930810UL, 0xB38BAE12UL, 0xDCCF3F2EUL,
125         0x5512721FUL, 0x2E6B7124UL, 0x501ADDE6UL, 0x9F84CD87UL,
126         0x7A584718UL, 0x7408DA17UL, 0xBC9F9ABCUL, 0xE94B7D8CUL,
127         0xEC7AEC3AUL, 0xDB851DFAUL, 0x63094366UL, 0xC464C3D2UL,
128         0xEF1C1847UL, 0x3215D908UL, 0xDD433B37UL, 0x24C2BA16UL,
129         0x12A14D43UL, 0x2A65C451UL, 0x50940002UL, 0x133AE4DDUL,
130         0x71DFF89EUL, 0x10314E55UL, 0x81AC77D6UL, 0x5F11199BUL,
131         0x043556F1UL, 0xD7A3C76BUL, 0x3C11183BUL, 0x5924A509UL,
132         0xF28FE6EDUL, 0x97F1FBFAUL, 0x9EBABF2CUL, 0x1E153C6EUL,
133         0x86E34570UL, 0xEAE96FB1UL, 0x860E5E0AUL, 0x5A3E2AB3UL,
134         0x771FE71CUL, 0x4E3D06FAUL, 0x2965DCB9UL, 0x99E71D0FUL,
135         0x803E89D6UL, 0x5266C825UL, 0x2E4CC978UL, 0x9C10B36AUL,
136         0xC6150EBAUL, 0x94E2EA78UL, 0xA5FC3C53UL, 0x1E0A2DF4UL,
137         0xF2F74EA7UL, 0x361D2B3DUL, 0x1939260FUL, 0x19C27960UL,
138         0x5223A708UL, 0xF71312B6UL, 0xEBADFE6EUL, 0xEAC31F66UL,
139         0xE3BC4595UL, 0xA67BC883UL, 0xB17F37D1UL, 0x018CFF28UL,
140         0xC332DDEFUL, 0xBE6C5AA5UL, 0x65582185UL, 0x68AB9802UL,
141         0xEECEA50FUL, 0xDB2F953BUL, 0x2AEF7DADUL, 0x5B6E2F84UL,
142         0x1521B628UL, 0x29076170UL, 0xECDD4775UL, 0x619F1510UL,
143         0x13CCA830UL, 0xEB61BD96UL, 0x0334FE1EUL, 0xAA0363CFUL,
144         0xB5735C90UL, 0x4C70A239UL, 0xD59E9E0BUL, 0xCBAADE14UL,
145         0xEECC86BCUL, 0x60622CA7UL, 0x9CAB5CABUL, 0xB2F3846EUL,
146         0x648B1EAFUL, 0x19BDF0CAUL, 0xA02369B9UL, 0x655ABB50UL,
147         0x40685A32UL, 0x3C2AB4B3UL, 0x319EE9D5UL, 0xC021B8F7UL,
148         0x9B540B19UL, 0x875FA099UL, 0x95F7997EUL, 0x623D7DA8UL,
149         0xF837889AUL, 0x97E32D77UL, 0x11ED935FUL, 0x16681281UL,
150         0x0E358829UL, 0xC7E61FD6UL, 0x96DEDFA1UL, 0x7858BA99UL,
151         0x57F584A5UL, 0x1B227263UL, 0x9B83C3FFUL, 0x1AC24696UL,
152         0xCDB30AEBUL, 0x532E3054UL, 0x8FD948E4UL, 0x6DBC3128UL,
153         0x58EBF2EFUL, 0x34C6FFEAUL, 0xFE28ED61UL, 0xEE7C3C73UL,
154         0x5D4A14D9UL, 0xE864B7E3UL, 0x42105D14UL, 0x203E13E0UL,
155         0x45EEE2B6UL, 0xA3AAABEAUL, 0xDB6C4F15UL, 0xFACB4FD0UL,
156         0xC742F442UL, 0xEF6ABBB5UL, 0x654F3B1DUL, 0x41CD2105UL,
157         0xD81E799EUL, 0x86854DC7UL, 0xE44B476AUL, 0x3D816250UL,
158         0xCF62A1F2UL, 0x5B8D2646UL, 0xFC8883A0UL, 0xC1C7B6A3UL,
159         0x7F1524C3UL, 0x69CB7492UL, 0x47848A0BUL, 0x5692B285UL,
160         0x095BBF00UL, 0xAD19489DUL, 0x1462B174UL, 0x23820E00UL,
161         0x58428D2AUL, 0x0C55F5EAUL, 0x1DADF43EUL, 0x233F7061UL,
162         0x3372F092UL, 0x8D937E41UL, 0xD65FECF1UL, 0x6C223BDBUL,
163         0x7CDE3759UL, 0xCBEE7460UL, 0x4085F2A7UL, 0xCE77326EUL,
164         0xA6078084UL, 0x19F8509EUL, 0xE8EFD855UL, 0x61D99735UL,
165         0xA969A7AAUL, 0xC50C06C2UL, 0x5A04ABFCUL, 0x800BCADCUL,
166         0x9E447A2EUL, 0xC3453484UL, 0xFDD56705UL, 0x0E1E9EC9UL,
167         0xDB73DBD3UL, 0x105588CDUL, 0x675FDA79UL, 0xE3674340UL,
168         0xC5C43465UL, 0x713E38D8UL, 0x3D28F89EUL, 0xF16DFF20UL,
169         0x153E21E7UL, 0x8FB03D4AUL, 0xE6E39F2BUL, 0xDB83ADF7UL   },
170     {   0xE93D5A68UL, 0x948140F7UL, 0xF64C261CUL, 0x94692934UL,
171         0x411520F7UL, 0x7602D4F7UL, 0xBCF46B2EUL, 0xD4A20068UL,
172         0xD4082471UL, 0x3320F46AUL, 0x43B7D4B7UL, 0x500061AFUL,
173         0x1E39F62EUL, 0x97244546UL, 0x14214F74UL, 0xBF8B8840UL,
174         0x4D95FC1DUL, 0x96B591AFUL, 0x70F4DDD3UL, 0x66A02F45UL,
175         0xBFBC09ECUL, 0x03BD9785UL, 0x7FAC6DD0UL, 0x31CB8504UL,
176         0x96EB27B3UL, 0x55FD3941UL, 0xDA2547E6UL, 0xABCA0A9AUL,
177         0x28507825UL, 0x530429F4UL, 0x0A2C86DAUL, 0xE9B66DFBUL,
178         0x68DC1462UL, 0xD7486900UL, 0x680EC0A4UL, 0x27A18DEEUL,
179         0x4F3FFEA2UL, 0xE887AD8CUL, 0xB58CE006UL, 0x7AF4D6B6UL,
180         0xAACE1E7CUL, 0xD3375FECUL, 0xCE78A399UL, 0x406B2A42UL,
181         0x20FE9E35UL, 0xD9F385B9UL, 0xEE39D7ABUL, 0x3B124E8BUL,
182         0x1DC9FAF7UL, 0x4B6D1856UL, 0x26A36631UL, 0xEAE397B2UL,
183         0x3A6EFA74UL, 0xDD5B4332UL, 0x6841E7F7UL, 0xCA7820FBUL,
184         0xFB0AF54EUL, 0xD8FEB397UL, 0x454056ACUL, 0xBA489527UL,
185         0x55533A3AUL, 0x20838D87UL, 0xFE6BA9B7UL, 0xD096954BUL,
186         0x55A867BCUL, 0xA1159A58UL, 0xCCA92963UL, 0x99E1DB33UL,
187         0xA62A4A56UL, 0x3F3125F9UL, 0x5EF47E1CUL, 0x9029317CUL,
188         0xFDF8E802UL, 0x04272F70UL, 0x80BB155CUL, 0x05282CE3UL,
189         0x95C11548UL, 0xE4C66D22UL, 0x48C1133FUL, 0xC70F86DCUL,
190         0x07F9C9EEUL, 0x41041F0FUL, 0x404779A4UL, 0x5D886E17UL,
191         0x325F51EBUL, 0xD59BC0D1UL, 0xF2BCC18FUL, 0x41113564UL,
192         0x257B7834UL, 0x602A9C60UL, 0xDFF8E8A3UL, 0x1F636C1BUL,
193         0x0E12B4C2UL, 0x02E1329EUL, 0xAF664FD1UL, 0xCAD18115UL,
194         0x6B2395E0UL, 0x333E92E1UL, 0x3B240B62UL, 0xEEBEB922UL,
195         0x85B2A20EUL, 0xE6BA0D99UL, 0xDE720C8CUL, 0x2DA2F728UL,
196         0xD0127845UL, 0x95B794FDUL, 0x647D0862UL, 0xE7CCF5F0UL,
197         0x5449A36FUL, 0x877D48FAUL, 0xC39DFD27UL, 0xF33E8D1EUL,
198         0x0A476341UL, 0x992EFF74UL, 0x3A6F6EABUL, 0xF4F8FD37UL,
199         0xA812DC60UL, 0xA1EBDDF8UL, 0x991BE14CUL, 0xDB6E6B0DUL,
200         0xC67B5510UL, 0x6D672C37UL, 0x2765D43BUL, 0xDCD0E804UL,
201         0xF1290DC7UL, 0xCC00FFA3UL, 0xB5390F92UL, 0x690FED0BUL,
202         0x667B9FFBUL, 0xCEDB7D9CUL, 0xA091CF0BUL, 0xD9155EA3UL,
203         0xBB132F88UL, 0x515BAD24UL, 0x7B9479BFUL, 0x763BD6EBUL,
204         0x37392EB3UL, 0xCC115979UL, 0x8026E297UL, 0xF42E312DUL,
205         0x6842ADA7UL, 0xC66A2B3BUL, 0x12754CCCUL, 0x782EF11CUL,
206         0x6A124237UL, 0xB79251E7UL, 0x06A1BBE6UL, 0x4BFB6350UL,
207         0x1A6B1018UL, 0x11CAEDFAUL, 0x3D25BDD8UL, 0xE2E1C3C9UL,
208         0x44421659UL, 0x0A121386UL, 0xD90CEC6EUL, 0xD5ABEA2AUL,
209         0x64AF674EUL, 0xDA86A85FUL, 0xBEBFE988UL, 0x64E4C3FEUL,
210         0x9DBC8057UL, 0xF0F7C086UL, 0x60787BF8UL, 0x6003604DUL,
211         0xD1FD8346UL, 0xF6381FB0UL, 0x7745AE04UL, 0xD736FCCCUL,
212         0x83426B33UL, 0xF01EAB71UL, 0xB0804187UL, 0x3C005E5FUL,
213         0x77A057BEUL, 0xBDE8AE24UL, 0x55464299UL, 0xBF582E61UL,
214         0x4E58F48FUL, 0xF2DDFDA2UL, 0xF474EF38UL, 0x8789BDC2UL,
215         0x5366F9C3UL, 0xC8B38E74UL, 0xB475F255UL, 0x46FCD9B9UL,
216         0x7AEB2661UL, 0x8B1DDF84UL, 0x846A0E79UL, 0x915F95E2UL,
217         0x466E598EUL, 0x20B45770UL, 0x8CD55591UL, 0xC902DE4CUL,
218         0xB90BACE1UL, 0xBB8205D0UL, 0x11A86248UL, 0x7574A99EUL,
219         0xB77F19B6UL, 0xE0A9DC09UL, 0x662D09A1UL, 0xC4324633UL,
220         0xE85A1F02UL, 0x09F0BE8CUL, 0x4A99A025UL, 0x1D6EFE10UL,
221         0x1AB93D1DUL, 0x0BA5A4DFUL, 0xA186F20FUL, 0x2868F169UL,
222         0xDCB7DA83UL, 0x573906FEUL, 0xA1E2CE9BUL, 0x4FCD7F52UL,
223         0x50115E01UL, 0xA70683FAUL, 0xA002B5C4UL, 0x0DE6D027UL,
224         0x9AF88C27UL, 0x773F8641UL, 0xC3604C06UL, 0x61A806B5UL,
225         0xF0177A28UL, 0xC0F586E0UL, 0x006058AAUL, 0x30DC7D62UL,
226         0x11E69ED7UL, 0x2338EA63UL, 0x53C2DD94UL, 0xC2C21634UL,
227         0xBBCBEE56UL, 0x90BCB6DEUL, 0xEBFC7DA1UL, 0xCE591D76UL,
228         0x6F05E409UL, 0x4B7C0188UL, 0x39720A3DUL, 0x7C927C24UL,
229         0x86E3725FUL, 0x724D9DB9UL, 0x1AC15BB4UL, 0xD39EB8FCUL,
230         0xED545578UL, 0x08FCA5B5UL, 0xD83D7CD3UL, 0x4DAD0FC4UL,
231         0x1E50EF5EUL, 0xB161E6F8UL, 0xA28514D9UL, 0x6C51133CUL,
232         0x6FD5C7E7UL, 0x56E14EC4UL, 0x362ABFCEUL, 0xDDC6C837UL,
233         0xD79A3234UL, 0x92638212UL, 0x670EFA8EUL, 0x406000E0UL  },
234     {   0x3A39CE37UL, 0xD3FAF5CFUL, 0xABC27737UL, 0x5AC52D1BUL,
235         0x5CB0679EUL, 0x4FA33742UL, 0xD3822740UL, 0x99BC9BBEUL,
236         0xD5118E9DUL, 0xBF0F7315UL, 0xD62D1C7EUL, 0xC700C47BUL,
237         0xB78C1B6BUL, 0x21A19045UL, 0xB26EB1BEUL, 0x6A366EB4UL,
238         0x5748AB2FUL, 0xBC946E79UL, 0xC6A376D2UL, 0x6549C2C8UL,
239         0x530FF8EEUL, 0x468DDE7DUL, 0xD5730A1DUL, 0x4CD04DC6UL,
240         0x2939BBDBUL, 0xA9BA4650UL, 0xAC9526E8UL, 0xBE5EE304UL,
241         0xA1FAD5F0UL, 0x6A2D519AUL, 0x63EF8CE2UL, 0x9A86EE22UL,
242         0xC089C2B8UL, 0x43242EF6UL, 0xA51E03AAUL, 0x9CF2D0A4UL,
243         0x83C061BAUL, 0x9BE96A4DUL, 0x8FE51550UL, 0xBA645BD6UL,
244         0x2826A2F9UL, 0xA73A3AE1UL, 0x4BA99586UL, 0xEF5562E9UL,
245         0xC72FEFD3UL, 0xF752F7DAUL, 0x3F046F69UL, 0x77FA0A59UL,
246         0x80E4A915UL, 0x87B08601UL, 0x9B09E6ADUL, 0x3B3EE593UL,
247         0xE990FD5AUL, 0x9E34D797UL, 0x2CF0B7D9UL, 0x022B8B51UL,
248         0x96D5AC3AUL, 0x017DA67DUL, 0xD1CF3ED6UL, 0x7C7D2D28UL,
249         0x1F9F25CFUL, 0xADF2B89BUL, 0x5AD6B472UL, 0x5A88F54CUL,
250         0xE029AC71UL, 0xE019A5E6UL, 0x47B0ACFDUL, 0xED93FA9BUL,
251         0xE8D3C48DUL, 0x283B57CCUL, 0xF8D56629UL, 0x79132E28UL,
252         0x785F0191UL, 0xED756055UL, 0xF7960E44UL, 0xE3D35E8CUL,
253         0x15056DD4UL, 0x88F46DBAUL, 0x03A16125UL, 0x0564F0BDUL,
254         0xC3EB9E15UL, 0x3C9057A2UL, 0x97271AECUL, 0xA93A072AUL,
255         0x1B3F6D9BUL, 0x1E6321F5UL, 0xF59C66FBUL, 0x26DCF319UL,
256         0x7533D928UL, 0xB155FDF5UL, 0x03563482UL, 0x8ABA3CBBUL,
257         0x28517711UL, 0xC20AD9F8UL, 0xABCC5167UL, 0xCCAD925FUL,
258         0x4DE81751UL, 0x3830DC8EUL, 0x379D5862UL, 0x9320F991UL,
259         0xEA7A90C2UL, 0xFB3E7BCEUL, 0x5121CE64UL, 0x774FBE32UL,
260         0xA8B6E37EUL, 0xC3293D46UL, 0x48DE5369UL, 0x6413E680UL,
261         0xA2AE0810UL, 0xDD6DB224UL, 0x69852DFDUL, 0x09072166UL,
262         0xB39A460AUL, 0x6445C0DDUL, 0x586CDECFUL, 0x1C20C8AEUL,
263         0x5BBEF7DDUL, 0x1B588D40UL, 0xCCD2017FUL, 0x6BB4E3BBUL,
264         0xDDA26A7EUL, 0x3A59FF45UL, 0x3E350A44UL, 0xBCB4CDD5UL,
265         0x72EACEA8UL, 0xFA6484BBUL, 0x8D6612AEUL, 0xBF3C6F47UL,
266         0xD29BE463UL, 0x542F5D9EUL, 0xAEC2771BUL, 0xF64E6370UL,
267         0x740E0D8DUL, 0xE75B1357UL, 0xF8721671UL, 0xAF537D5DUL,
268         0x4040CB08UL, 0x4EB4E2CCUL, 0x34D2466AUL, 0x0115AF84UL,
269         0xE1B00428UL, 0x95983A1DUL, 0x06B89FB4UL, 0xCE6EA048UL,
270         0x6F3F3B82UL, 0x3520AB82UL, 0x011A1D4BUL, 0x277227F8UL,
271         0x611560B1UL, 0xE7933FDCUL, 0xBB3A792BUL, 0x344525BDUL,
272         0xA08839E1UL, 0x51CE794BUL, 0x2F32C9B7UL, 0xA01FBAC9UL,
273         0xE01CC87EUL, 0xBCC7D1F6UL, 0xCF0111C3UL, 0xA1E8AAC7UL,
274         0x1A908749UL, 0xD44FBD9AUL, 0xD0DADECBUL, 0xD50ADA38UL,
275         0x0339C32AUL, 0xC6913667UL, 0x8DF9317CUL, 0xE0B12B4FUL,
276         0xF79E59B7UL, 0x43F5BB3AUL, 0xF2D519FFUL, 0x27D9459CUL,
277         0xBF97222CUL, 0x15E6FC2AUL, 0x0F91FC71UL, 0x9B941525UL,
278         0xFAE59361UL, 0xCEB69CEBUL, 0xC2A86459UL, 0x12BAA8D1UL,
279         0xB6C1075EUL, 0xE3056A0CUL, 0x10D25065UL, 0xCB03A442UL,
280         0xE0EC6E0EUL, 0x1698DB3BUL, 0x4C98A0BEUL, 0x3278E964UL,
281         0x9F1F9532UL, 0xE0D392DFUL, 0xD3A0342BUL, 0x8971F21EUL,
282         0x1B0A7441UL, 0x4BA3348CUL, 0xC5BE7120UL, 0xC37632D8UL,
283         0xDF359F8DUL, 0x9B992F2EUL, 0xE60B6F47UL, 0x0FE3F11DUL,
284         0xE54CDA54UL, 0x1EDAD891UL, 0xCE6279CFUL, 0xCD3E7E6FUL,
285         0x1618B166UL, 0xFD2C1D05UL, 0x848FD2C5UL, 0xF6FB2299UL,
286         0xF523F357UL, 0xA6327623UL, 0x93A83531UL, 0x56CCCD02UL,
287         0xACF08162UL, 0x5A75EBB5UL, 0x6E163697UL, 0x88D273CCUL,
288         0xDE966292UL, 0x81B949D0UL, 0x4C50901BUL, 0x71C65614UL,
289         0xE6C6C7BDUL, 0x327A140AUL, 0x45E1D006UL, 0xC3F27B9AUL,
290         0xC9AA53FDUL, 0x62A80F00UL, 0xBB25BFE2UL, 0x35BDD2F6UL,
291         0x71126905UL, 0xB2040222UL, 0xB6CBCF7CUL, 0xCD769C2BUL,
292         0x53113EC0UL, 0x1640E3D3UL, 0x38ABBD60UL, 0x2547ADF0UL,
293         0xBA38209CUL, 0xF746CE76UL, 0x77AFA1C5UL, 0x20756060UL,
294         0x85CBFE4EUL, 0x8AE88DD8UL, 0x7AAAF9B0UL, 0x4CF9AA7EUL,
295         0x1948C25CUL, 0x02FB8A8CUL, 0x01C36AE4UL, 0xD6EBE1F9UL,
296         0x90D4F869UL, 0xA65CDEA0UL, 0x3F09252DUL, 0xC208E69FUL,
297         0xB74E6132UL, 0xCE77E25BUL, 0x578FDFE3UL, 0x3AC372E6UL  }
298 };
299 
300  /**
301     Initialize the Blowfish block cipher
302     @param key The symmetric key you wish to pass
303     @param keylen The key length in bytes
304     @param num_rounds The number of rounds desired (0 for default)
305     @param skey The key in as scheduled by this function.
306     @return CRYPT_OK if successful
307  */
blowfish_setup(const unsigned char * key,int keylen,int num_rounds,symmetric_key * skey)308 int blowfish_setup(const unsigned char *key, int keylen, int num_rounds,
309                    symmetric_key *skey)
310 {
311    ulong32 x, y, z, A;
312    unsigned char B[8];
313 
314    LTC_ARGCHK(key != NULL);
315    LTC_ARGCHK(skey != NULL);
316 
317    /* check key length */
318    if (keylen < 8 || keylen > 56) {
319       return CRYPT_INVALID_KEYSIZE;
320    }
321 
322    /* check rounds */
323    if (num_rounds != 0 && num_rounds != 16) {
324       return CRYPT_INVALID_ROUNDS;
325    }
326 
327    /* load in key bytes (Supplied by David Hopwood) */
328    for (x = y = 0; x < 18; x++) {
329        A = 0;
330        for (z = 0; z < 4; z++) {
331            A = (A << 8) | ((ulong32)key[y++] & 255);
332            if (y == (ulong32)keylen) {
333               y = 0;
334            }
335        }
336        skey->blowfish.K[x] = ORIG_P[x] ^ A;
337    }
338 
339    /* copy sboxes */
340    for (x = 0; x < 4; x++) {
341        for (y = 0; y < 256; y++) {
342            skey->blowfish.S[x][y] = ORIG_S[x][y];
343        }
344    }
345 
346    /* encrypt K array */
347    for (x = 0; x < 8; x++) {
348        B[x] = 0;
349    }
350 
351    for (x = 0; x < 18; x += 2) {
352        /* encrypt it */
353        blowfish_ecb_encrypt(B, B, skey);
354        /* copy it */
355        LOAD32H(skey->blowfish.K[x], &B[0]);
356        LOAD32H(skey->blowfish.K[x+1], &B[4]);
357    }
358 
359    /* encrypt S array */
360    for (x = 0; x < 4; x++) {
361        for (y = 0; y < 256; y += 2) {
362           /* encrypt it */
363           blowfish_ecb_encrypt(B, B, skey);
364           /* copy it */
365           LOAD32H(skey->blowfish.S[x][y], &B[0]);
366           LOAD32H(skey->blowfish.S[x][y+1], &B[4]);
367        }
368    }
369 
370 #ifdef LTC_CLEAN_STACK
371    zeromem(B, sizeof(B));
372 #endif
373 
374    return CRYPT_OK;
375 }
376 
377 #ifndef __GNUC__
378 #define F(x) ((S1[byte(x,3)] + S2[byte(x,2)]) ^ S3[byte(x,1)]) + S4[byte(x,0)]
379 #else
380 #define F(x) ((skey->blowfish.S[0][byte(x,3)] + skey->blowfish.S[1][byte(x,2)]) ^ skey->blowfish.S[2][byte(x,1)]) + skey->blowfish.S[3][byte(x,0)]
381 #endif
382 
383 /**
384   Encrypts a block of text with Blowfish
385   @param pt The input plaintext (8 bytes)
386   @param ct The output ciphertext (8 bytes)
387   @param skey The key as scheduled
388   @return CRYPT_OK if successful
389 */
390 #ifdef LTC_CLEAN_STACK
_blowfish_ecb_encrypt(const unsigned char * pt,unsigned char * ct,symmetric_key * skey)391 static int _blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
392 #else
393 int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
394 #endif
395 {
396    ulong32 L, R;
397    int r;
398 #ifndef __GNUC__
399    ulong32 *S1, *S2, *S3, *S4;
400 #endif
401 
402     LTC_ARGCHK(pt   != NULL);
403     LTC_ARGCHK(ct   != NULL);
404     LTC_ARGCHK(skey != NULL);
405 
406 #ifndef __GNUC__
407     S1 = skey->blowfish.S[0];
408     S2 = skey->blowfish.S[1];
409     S3 = skey->blowfish.S[2];
410     S4 = skey->blowfish.S[3];
411 #endif
412 
413    /* load it */
414    LOAD32H(L, &pt[0]);
415    LOAD32H(R, &pt[4]);
416 
417    /* do 16 rounds */
418    for (r = 0; r < 16; ) {
419       L ^= skey->blowfish.K[r++];  R ^= F(L);
420       R ^= skey->blowfish.K[r++];  L ^= F(R);
421       L ^= skey->blowfish.K[r++];  R ^= F(L);
422       R ^= skey->blowfish.K[r++];  L ^= F(R);
423    }
424 
425    /* last keying */
426    R ^= skey->blowfish.K[17];
427    L ^= skey->blowfish.K[16];
428 
429    /* store */
430    STORE32H(R, &ct[0]);
431    STORE32H(L, &ct[4]);
432 
433    return CRYPT_OK;
434 }
435 
436 #ifdef LTC_CLEAN_STACK
blowfish_ecb_encrypt(const unsigned char * pt,unsigned char * ct,symmetric_key * skey)437 int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
438 {
439     int err = _blowfish_ecb_encrypt(pt, ct, skey);
440     burn_stack(sizeof(ulong32) * 2 + sizeof(int));
441     return err;
442 }
443 #endif
444 
445 /**
446   Decrypts a block of text with Blowfish
447   @param ct The input ciphertext (8 bytes)
448   @param pt The output plaintext (8 bytes)
449   @param skey The key as scheduled
450   @return CRYPT_OK if successful
451 */
452 #ifdef LTC_CLEAN_STACK
_blowfish_ecb_decrypt(const unsigned char * ct,unsigned char * pt,symmetric_key * skey)453 static int _blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
454 #else
455 int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
456 #endif
457 {
458    ulong32 L, R;
459    int r;
460 #ifndef __GNUC__
461    ulong32 *S1, *S2, *S3, *S4;
462 #endif
463 
464     LTC_ARGCHK(pt   != NULL);
465     LTC_ARGCHK(ct   != NULL);
466     LTC_ARGCHK(skey != NULL);
467 
468 #ifndef __GNUC__
469     S1 = skey->blowfish.S[0];
470     S2 = skey->blowfish.S[1];
471     S3 = skey->blowfish.S[2];
472     S4 = skey->blowfish.S[3];
473 #endif
474 
475    /* load it */
476    LOAD32H(R, &ct[0]);
477    LOAD32H(L, &ct[4]);
478 
479    /* undo last keying */
480    R ^= skey->blowfish.K[17];
481    L ^= skey->blowfish.K[16];
482 
483    /* do 16 rounds */
484    for (r = 15; r > 0; ) {
485       L ^= F(R); R ^= skey->blowfish.K[r--];
486       R ^= F(L); L ^= skey->blowfish.K[r--];
487       L ^= F(R); R ^= skey->blowfish.K[r--];
488       R ^= F(L); L ^= skey->blowfish.K[r--];
489    }
490 
491    /* store */
492    STORE32H(L, &pt[0]);
493    STORE32H(R, &pt[4]);
494    return CRYPT_OK;
495 }
496 
497 #ifdef LTC_CLEAN_STACK
blowfish_ecb_decrypt(const unsigned char * ct,unsigned char * pt,symmetric_key * skey)498 int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
499 {
500     int err = _blowfish_ecb_decrypt(ct, pt, skey);
501     burn_stack(sizeof(ulong32) * 2 + sizeof(int));
502     return err;
503 }
504 #endif
505 
506 
507 /**
508   Performs a self-test of the Blowfish block cipher
509   @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled
510 */
blowfish_test(void)511 int blowfish_test(void)
512 {
513  #ifndef LTC_TEST
514     return CRYPT_NOP;
515  #else
516    int err;
517    symmetric_key key;
518    static const struct {
519           unsigned char key[8], pt[8], ct[8];
520    } tests[] = {
521        {
522            { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
523            { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
524            { 0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78}
525        },
526        {
527            { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
528            { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
529            { 0x51, 0x86, 0x6F, 0xD5, 0xB8, 0x5E, 0xCB, 0x8A}
530        },
531        {
532            { 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
533            { 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
534            { 0x7D, 0x85, 0x6F, 0x9A, 0x61, 0x30, 0x63, 0xF2}
535        }
536    };
537    unsigned char tmp[2][8];
538    int x, y;
539 
540    for (x = 0; x < (int)(sizeof(tests) / sizeof(tests[0])); x++) {
541       /* setup key */
542       if ((err = blowfish_setup(tests[x].key, 8, 16, &key)) != CRYPT_OK) {
543          return err;
544       }
545 
546       /* encrypt and decrypt */
547       blowfish_ecb_encrypt(tests[x].pt, tmp[0], &key);
548       blowfish_ecb_decrypt(tmp[0], tmp[1], &key);
549 
550       /* compare */
551       if ((XMEMCMP(tmp[0], tests[x].ct, 8) != 0) || (XMEMCMP(tmp[1], tests[x].pt, 8) != 0)) {
552          return CRYPT_FAIL_TESTVECTOR;
553       }
554 
555       /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */
556       for (y = 0; y < 8; y++) tmp[0][y] = 0;
557       for (y = 0; y < 1000; y++) blowfish_ecb_encrypt(tmp[0], tmp[0], &key);
558       for (y = 0; y < 1000; y++) blowfish_ecb_decrypt(tmp[0], tmp[0], &key);
559       for (y = 0; y < 8; y++) if (tmp[0][y] != 0) return CRYPT_FAIL_TESTVECTOR;
560    }
561    return CRYPT_OK;
562  #endif
563 }
564 
565 /** Terminate the context
566    @param skey    The scheduled key
567 */
blowfish_done(symmetric_key * skey)568 void blowfish_done(symmetric_key *skey)
569 {
570 }
571 
572 /**
573   Gets suitable key size
574   @param keysize [in/out] The length of the recommended key (in bytes).  This function will store the suitable size back in this variable.
575   @return CRYPT_OK if the input key size is acceptable.
576 */
blowfish_keysize(int * keysize)577 int blowfish_keysize(int *keysize)
578 {
579    LTC_ARGCHK(keysize != NULL);
580 
581    if (*keysize < 8) {
582       return CRYPT_INVALID_KEYSIZE;
583    } else if (*keysize > 56) {
584       *keysize = 56;
585    }
586    return CRYPT_OK;
587 }
588 
589 #endif
590 
591 
592 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/blowfish.c,v $ */
593 /* $Revision: 1.12 $ */
594 /* $Date: 2006/11/08 23:01:06 $ */
595