1 /* $OpenBSD: blowfish.c,v 1.3 2024/03/29 02:37:20 joshua Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59 #include <openssl/blowfish.h>
60
61 #include <string.h>
62
63 #include "bf_local.h"
64
65 /*
66 * Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
67 * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
68 * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
69 */
70
71 #if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
72 #error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
73 to modify the code.
74 #endif
75
76 static const BF_KEY bf_init = {
77 .P = {
78 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
79 0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L,
80 0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL,
81 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
82 0x9216d5d9L, 0x8979fb1b
83 },
84 .S = {
85 0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L,
86 0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L,
87 0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L,
88 0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL,
89 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL,
90 0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L,
91 0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL,
92 0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL,
93 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L,
94 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L,
95 0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL,
96 0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL,
97 0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL,
98 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L,
99 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L,
100 0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L,
101 0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L,
102 0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L,
103 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL,
104 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L,
105 0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L,
106 0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L,
107 0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L,
108 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL,
109 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L,
110 0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL,
111 0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL,
112 0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L,
113 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL,
114 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L,
115 0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL,
116 0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L,
117 0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L,
118 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL,
119 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L,
120 0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L,
121 0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL,
122 0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L,
123 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL,
124 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L,
125 0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L,
126 0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL,
127 0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L,
128 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L,
129 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L,
130 0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L,
131 0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L,
132 0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL,
133 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL,
134 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L,
135 0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L,
136 0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L,
137 0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L,
138 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL,
139 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L,
140 0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL,
141 0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL,
142 0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L,
143 0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L,
144 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L,
145 0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L,
146 0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L,
147 0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L,
148 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL,
149 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L,
150 0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L,
151 0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L,
152 0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL,
153 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L,
154 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L,
155 0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL,
156 0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L,
157 0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L,
158 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L,
159 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL,
160 0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL,
161 0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L,
162 0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L,
163 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L,
164 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L,
165 0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL,
166 0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL,
167 0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL,
168 0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L,
169 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL,
170 0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L,
171 0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L,
172 0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL,
173 0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL,
174 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L,
175 0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL,
176 0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L,
177 0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL,
178 0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL,
179 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L,
180 0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L,
181 0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L,
182 0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L,
183 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L,
184 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L,
185 0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L,
186 0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL,
187 0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L,
188 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL,
189 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L,
190 0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L,
191 0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L,
192 0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L,
193 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L,
194 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L,
195 0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L,
196 0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L,
197 0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L,
198 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L,
199 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L,
200 0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L,
201 0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L,
202 0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L,
203 0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L,
204 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L,
205 0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL,
206 0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL,
207 0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L,
208 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL,
209 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L,
210 0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L,
211 0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L,
212 0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L,
213 0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L,
214 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L,
215 0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL,
216 0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L,
217 0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L,
218 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L,
219 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL,
220 0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL,
221 0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL,
222 0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L,
223 0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L,
224 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL,
225 0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L,
226 0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL,
227 0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L,
228 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL,
229 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L,
230 0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL,
231 0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L,
232 0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL,
233 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L,
234 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L,
235 0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL,
236 0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L,
237 0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L,
238 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L,
239 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L,
240 0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL,
241 0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L,
242 0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL,
243 0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L,
244 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL,
245 0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L,
246 0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL,
247 0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL,
248 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL,
249 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L,
250 0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L,
251 0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL,
252 0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL,
253 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL,
254 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL,
255 0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL,
256 0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L,
257 0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L,
258 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L,
259 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L,
260 0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL,
261 0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL,
262 0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L,
263 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L,
264 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L,
265 0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L,
266 0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L,
267 0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L,
268 0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L,
269 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L,
270 0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L,
271 0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L,
272 0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL,
273 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L,
274 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL,
275 0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L,
276 0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L,
277 0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL,
278 0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL,
279 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL,
280 0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L,
281 0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L,
282 0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L,
283 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L,
284 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L,
285 0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L,
286 0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L,
287 0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L,
288 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L,
289 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L,
290 0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L,
291 0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L,
292 0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL,
293 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL,
294 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L,
295 0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL,
296 0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL,
297 0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL,
298 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L,
299 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL,
300 0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL,
301 0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L,
302 0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L,
303 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L,
304 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L,
305 0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL,
306 0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL,
307 0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L,
308 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L,
309 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L,
310 0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL,
311 0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L,
312 0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L,
313 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L,
314 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL,
315 0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L,
316 0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L,
317 0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L,
318 0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL,
319 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL,
320 0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L,
321 0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L,
322 0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L,
323 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L,
324 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL,
325 0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L,
326 0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL,
327 0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL,
328 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L,
329 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L,
330 0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL,
331 0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L,
332 0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL,
333 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L,
334 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL,
335 0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L,
336 0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L,
337 0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL,
338 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L,
339 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL,
340 0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L,
341 }
342 };
343
344 void
BF_encrypt(BF_LONG * data,const BF_KEY * key)345 BF_encrypt(BF_LONG *data, const BF_KEY *key)
346 {
347 BF_LONG l, r;
348 const BF_LONG *p, *s;
349
350 p = key->P;
351 s = &(key->S[0]);
352 l = data[0];
353 r = data[1];
354
355 l ^= p[0];
356 BF_ENC(r, l,s, p[1]);
357 BF_ENC(l, r,s, p[2]);
358 BF_ENC(r, l,s, p[3]);
359 BF_ENC(l, r,s, p[4]);
360 BF_ENC(r, l,s, p[5]);
361 BF_ENC(l, r,s, p[6]);
362 BF_ENC(r, l,s, p[7]);
363 BF_ENC(l, r,s, p[8]);
364 BF_ENC(r, l,s, p[9]);
365 BF_ENC(l, r,s, p[10]);
366 BF_ENC(r, l,s, p[11]);
367 BF_ENC(l, r,s, p[12]);
368 BF_ENC(r, l,s, p[13]);
369 BF_ENC(l, r,s, p[14]);
370 BF_ENC(r, l,s, p[15]);
371 BF_ENC(l, r,s, p[16]);
372 #if BF_ROUNDS == 20
373 BF_ENC(r, l,s, p[17]);
374 BF_ENC(l, r,s, p[18]);
375 BF_ENC(r, l,s, p[19]);
376 BF_ENC(l, r,s, p[20]);
377 #endif
378 r ^= p[BF_ROUNDS + 1];
379
380 data[1] = l&0xffffffffL;
381 data[0] = r&0xffffffffL;
382 }
383 LCRYPTO_ALIAS(BF_encrypt);
384
385 #ifndef BF_DEFAULT_OPTIONS
386
387 void
BF_decrypt(BF_LONG * data,const BF_KEY * key)388 BF_decrypt(BF_LONG *data, const BF_KEY *key)
389 {
390 BF_LONG l, r;
391 const BF_LONG *p, *s;
392
393 p = key->P;
394 s = &(key->S[0]);
395 l = data[0];
396 r = data[1];
397
398 l ^= p[BF_ROUNDS + 1];
399 #if BF_ROUNDS == 20
400 BF_ENC(r, l,s, p[20]);
401 BF_ENC(l, r,s, p[19]);
402 BF_ENC(r, l,s, p[18]);
403 BF_ENC(l, r,s, p[17]);
404 #endif
405 BF_ENC(r, l,s, p[16]);
406 BF_ENC(l, r,s, p[15]);
407 BF_ENC(r, l,s, p[14]);
408 BF_ENC(l, r,s, p[13]);
409 BF_ENC(r, l,s, p[12]);
410 BF_ENC(l, r,s, p[11]);
411 BF_ENC(r, l,s, p[10]);
412 BF_ENC(l, r,s, p[9]);
413 BF_ENC(r, l,s, p[8]);
414 BF_ENC(l, r,s, p[7]);
415 BF_ENC(r, l,s, p[6]);
416 BF_ENC(l, r,s, p[5]);
417 BF_ENC(r, l,s, p[4]);
418 BF_ENC(l, r,s, p[3]);
419 BF_ENC(r, l,s, p[2]);
420 BF_ENC(l, r,s, p[1]);
421 r ^= p[0];
422
423 data[1] = l&0xffffffffL;
424 data[0] = r&0xffffffffL;
425 }
426 LCRYPTO_ALIAS(BF_decrypt);
427
428 void
BF_cbc_encrypt(const unsigned char * in,unsigned char * out,long length,const BF_KEY * schedule,unsigned char * ivec,int encrypt)429 BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
430 const BF_KEY *schedule, unsigned char *ivec, int encrypt)
431 {
432 BF_LONG tin0, tin1;
433 BF_LONG tout0, tout1, xor0, xor1;
434 long l = length;
435 BF_LONG tin[2];
436
437 if (encrypt) {
438 n2l(ivec, tout0);
439 n2l(ivec, tout1);
440 ivec -= 8;
441 for (l -= 8; l >= 0; l -= 8) {
442 n2l(in, tin0);
443 n2l(in, tin1);
444 tin0 ^= tout0;
445 tin1 ^= tout1;
446 tin[0] = tin0;
447 tin[1] = tin1;
448 BF_encrypt(tin, schedule);
449 tout0 = tin[0];
450 tout1 = tin[1];
451 l2n(tout0, out);
452 l2n(tout1, out);
453 }
454 if (l != -8) {
455 n2ln(in, tin0, tin1, l + 8);
456 tin0 ^= tout0;
457 tin1 ^= tout1;
458 tin[0] = tin0;
459 tin[1] = tin1;
460 BF_encrypt(tin, schedule);
461 tout0 = tin[0];
462 tout1 = tin[1];
463 l2n(tout0, out);
464 l2n(tout1, out);
465 }
466 l2n(tout0, ivec);
467 l2n(tout1, ivec);
468 } else {
469 n2l(ivec, xor0);
470 n2l(ivec, xor1);
471 ivec -= 8;
472 for (l -= 8; l >= 0; l -= 8) {
473 n2l(in, tin0);
474 n2l(in, tin1);
475 tin[0] = tin0;
476 tin[1] = tin1;
477 BF_decrypt(tin, schedule);
478 tout0 = tin[0]^xor0;
479 tout1 = tin[1]^xor1;
480 l2n(tout0, out);
481 l2n(tout1, out);
482 xor0 = tin0;
483 xor1 = tin1;
484 }
485 if (l != -8) {
486 n2l(in, tin0);
487 n2l(in, tin1);
488 tin[0] = tin0;
489 tin[1] = tin1;
490 BF_decrypt(tin, schedule);
491 tout0 = tin[0]^xor0;
492 tout1 = tin[1]^xor1;
493 l2nn(tout0, tout1, out, l + 8);
494 xor0 = tin0;
495 xor1 = tin1;
496 }
497 l2n(xor0, ivec);
498 l2n(xor1, ivec);
499 }
500 tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
501 tin[0] = tin[1] = 0;
502 }
503 LCRYPTO_ALIAS(BF_cbc_encrypt);
504
505 /*
506 * The input and output encrypted as though 64bit cfb mode is being
507 * used. The extra state information to record how much of the
508 * 64bit block we have used is contained in *num;
509 */
510
511 void
BF_cfb64_encrypt(const unsigned char * in,unsigned char * out,long length,const BF_KEY * schedule,unsigned char * ivec,int * num,int encrypt)512 BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
513 const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt)
514 {
515 BF_LONG v0, v1, t;
516 int n= *num;
517 long l = length;
518 BF_LONG ti[2];
519 unsigned char *iv, c, cc;
520
521 iv = (unsigned char *)ivec;
522 if (encrypt) {
523 while (l--) {
524 if (n == 0) {
525 n2l(iv, v0);
526 ti[0] = v0;
527 n2l(iv, v1);
528 ti[1] = v1;
529 BF_encrypt((BF_LONG *)ti, schedule);
530 iv = (unsigned char *)ivec;
531 t = ti[0];
532 l2n(t, iv);
533 t = ti[1];
534 l2n(t, iv);
535 iv = (unsigned char *)ivec;
536 }
537 c= *(in++)^iv[n];
538 *(out++) = c;
539 iv[n] = c;
540 n = (n + 1)&0x07;
541 }
542 } else {
543 while (l--) {
544 if (n == 0) {
545 n2l(iv, v0);
546 ti[0] = v0;
547 n2l(iv, v1);
548 ti[1] = v1;
549 BF_encrypt((BF_LONG *)ti, schedule);
550 iv = (unsigned char *)ivec;
551 t = ti[0];
552 l2n(t, iv);
553 t = ti[1];
554 l2n(t, iv);
555 iv = (unsigned char *)ivec;
556 }
557 cc= *(in++);
558 c = iv[n];
559 iv[n] = cc;
560 *(out++) = c^cc;
561 n = (n + 1)&0x07;
562 }
563 }
564 v0 = v1 = ti[0] = ti[1] = t=c = cc = 0;
565 *num = n;
566 }
567 LCRYPTO_ALIAS(BF_cfb64_encrypt);
568
569 void
BF_ecb_encrypt(const unsigned char * in,unsigned char * out,const BF_KEY * key,int encrypt)570 BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
571 const BF_KEY *key, int encrypt)
572 {
573 BF_LONG l, d[2];
574
575 n2l(in, l);
576 d[0] = l;
577 n2l(in, l);
578 d[1] = l;
579 if (encrypt)
580 BF_encrypt(d, key);
581 else
582 BF_decrypt(d, key);
583 l = d[0];
584 l2n(l, out);
585 l = d[1];
586 l2n(l, out);
587 l = d[0] = d[1] = 0;
588 }
589 LCRYPTO_ALIAS(BF_ecb_encrypt);
590
591 /*
592 * The input and output encrypted as though 64bit ofb mode is being
593 * used. The extra state information to record how much of the
594 * 64bit block we have used is contained in *num;
595 */
596 void
BF_ofb64_encrypt(const unsigned char * in,unsigned char * out,long length,const BF_KEY * schedule,unsigned char * ivec,int * num)597 BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
598 const BF_KEY *schedule, unsigned char *ivec, int *num)
599 {
600 BF_LONG v0, v1, t;
601 int n= *num;
602 long l = length;
603 unsigned char d[8];
604 char *dp;
605 BF_LONG ti[2];
606 unsigned char *iv;
607 int save = 0;
608
609 iv = (unsigned char *)ivec;
610 n2l(iv, v0);
611 n2l(iv, v1);
612 ti[0] = v0;
613 ti[1] = v1;
614 dp = (char *)d;
615 l2n(v0, dp);
616 l2n(v1, dp);
617 while (l--) {
618 if (n == 0) {
619 BF_encrypt((BF_LONG *)ti, schedule);
620 dp = (char *)d;
621 t = ti[0];
622 l2n(t, dp);
623 t = ti[1];
624 l2n(t, dp);
625 save++;
626 }
627 *(out++)= *(in++)^d[n];
628 n = (n + 1)&0x07;
629 }
630 if (save) {
631 v0 = ti[0];
632 v1 = ti[1];
633 iv = (unsigned char *)ivec;
634 l2n(v0, iv);
635 l2n(v1, iv);
636 }
637 t = v0 = v1 = ti[0] = ti[1] = 0;
638 *num = n;
639 }
640 LCRYPTO_ALIAS(BF_ofb64_encrypt);
641
642 void
BF_set_key(BF_KEY * key,int len,const unsigned char * data)643 BF_set_key(BF_KEY *key, int len, const unsigned char *data)
644 {
645 int i;
646 BF_LONG *p, ri, in[2];
647 const unsigned char *d, *end;
648
649 memcpy(key, &bf_init, sizeof(BF_KEY));
650 p = key->P;
651
652 if (len > ((BF_ROUNDS + 2)*4))
653 len = (BF_ROUNDS + 2)*4;
654
655 d = data;
656 end = &(data[len]);
657 for (i = 0; i < (BF_ROUNDS + 2); i++) {
658 ri= *(d++);
659 if (d >= end)
660 d = data;
661
662 ri <<= 8;
663 ri |= *(d++);
664 if (d >= end)
665 d = data;
666
667 ri <<= 8;
668 ri |= *(d++);
669 if (d >= end)
670 d = data;
671
672 ri <<= 8;
673 ri |= *(d++);
674 if (d >= end)
675 d = data;
676
677 p[i]^=ri;
678 }
679
680 in[0] = 0L;
681 in[1] = 0L;
682 for (i = 0; i < (BF_ROUNDS + 2); i += 2) {
683 BF_encrypt(in, key);
684 p[i ] = in[0];
685 p[i + 1] = in[1];
686 }
687
688 p = key->S;
689 for (i = 0; i < 4*256; i += 2) {
690 BF_encrypt(in, key);
691 p[i ] = in[0];
692 p[i + 1] = in[1];
693 }
694 }
695 LCRYPTO_ALIAS(BF_set_key);
696 #endif
697