1 |
/* |
2 |
The Malete project - the Z39.2/Z39.50 database framework of OpenIsis. |
3 |
Version 0.9.x (patchlevel see file Version) |
4 |
Copyright (C) 2001-2004 by Erik Grziwotz, erik@openisis.org |
5 |
|
6 |
This library is free software; you can redistribute it and/or |
7 |
modify it under the terms of the GNU Lesser General Public |
8 |
License as published by the Free Software Foundation; either |
9 |
version 2.1 of the License, or (at your option) any later version. |
10 |
|
11 |
This library is distributed in the hope that it will be useful, |
12 |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
14 |
See the GNU Lesser General Public License for more details. |
15 |
|
16 |
You should have received a copy of the GNU Lesser General Public |
17 |
License along with this library; if not, write to the Free Software |
18 |
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
19 |
|
20 |
see README for more information |
21 |
|
22 |
THIS IS NOT a proper or required part of Malete. |
23 |
The crypto code is borrowed -- with heavy modifications -- from: |
24 |
|
25 |
SHA1 spec at http://ietf.org/rfc/rfc3174.txt |
26 |
(originally at http://www.itl.nist.gov/fipspubs/fip180-1.htm) |
27 |
SHA1_Transform (not much diff to RFC 3174) from |
28 |
* SHA-1 in C |
29 |
* By Steve Reid <steve@edmweb.com> |
30 |
* 100% Public Domain |
31 |
once distributed |
32 |
* Copyright (c) 1999 Scriptics Corporation. |
33 |
as |
34 |
* exampleA.c -- |
35 |
at ftp://tcl.activestate.com/pub/tcl/examples/tea/sampleextension-0.2.tar.gz |
36 |
|
37 |
The blowfish is basically as described by it's inventor Bruce Schneier |
38 |
in http://www.schneier.com/paper-blowfish-fse.html |
39 |
(c.f. Applied Cryptography http://www.schneier.com/book-applied-toc.html) |
40 |
and available at http://www.schneier.com/blowfish.html |
41 |
|
42 |
Some code was copied from Paul Kocher's LGPLed implementation |
43 |
available at http://www.schneier.com/code/bfsh-koc.zip |
44 |
|
45 |
EOH */ |
46 |
|
47 |
/* |
48 |
$Id: crypto.c,v 1.4 2004/09/29 12:48:16 kripke Exp $ |
49 |
malete crypto utilities for Tcl |
50 |
*/ |
51 |
|
52 |
#include <tcl.h> |
53 |
/* #include <tclInt.h> tclByteArrayType */ |
54 |
extern Tcl_ObjType tclByteArrayType; |
55 |
|
56 |
#if defined( __sparc__ ) || defined( __ppc__ ) |
57 |
# define CPU_BIG_ENDIAN |
58 |
#endif |
59 |
|
60 |
#include <string.h> /* memcpy/set :( */ |
61 |
|
62 |
/* so here goes license.terms accompanying exampleA.c by Scriptics: |
63 |
This software is copyrighted by the Scriptics Corporation, and other |
64 |
parties. The following terms apply to all files associated with the |
65 |
software unless explicitly disclaimed in individual files. |
66 |
|
67 |
The authors hereby grant permission to use, copy, modify, distribute, |
68 |
and license this software and its documentation for any purpose, provided |
69 |
that existing copyright notices are retained in all copies and that this |
70 |
notice is included verbatim in any distributions. No written agreement, |
71 |
license, or royalty fee is required for any of the authorized uses. |
72 |
Modifications to this software may be copyrighted by their authors |
73 |
and need not follow the licensing terms described here, provided that |
74 |
the new terms are clearly indicated on the first page of each file where |
75 |
they apply. |
76 |
|
77 |
IN NO EVENT SHALL THE AUTHORS OR DISTRIBUTORS BE LIABLE TO ANY PARTY |
78 |
FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES |
79 |
ARISING OUT OF THE USE OF THIS SOFTWARE, ITS DOCUMENTATION, OR ANY |
80 |
DERIVATIVES THEREOF, EVEN IF THE AUTHORS HAVE BEEN ADVISED OF THE |
81 |
POSSIBILITY OF SUCH DAMAGE. |
82 |
|
83 |
THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ANY WARRANTIES, |
84 |
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, |
85 |
FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. THIS SOFTWARE |
86 |
IS PROVIDED ON AN "AS IS" BASIS, AND THE AUTHORS AND DISTRIBUTORS HAVE |
87 |
NO OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR |
88 |
MODIFICATIONS. |
89 |
|
90 |
GOVERNMENT USE: If you are acquiring this software on behalf of the |
91 |
U.S. government, the Government shall have only "Restricted Rights" |
92 |
in the software and related documentation as defined in the Federal |
93 |
Acquisition Regulations (FARs) in Clause 52.227.19 (c) (2). If you |
94 |
are acquiring the software on behalf of the Department of Defense, the |
95 |
software shall be classified as "Commercial Computer Software" and the |
96 |
Government shall have only "Restricted Rights" as defined in Clause |
97 |
252.227-7013 (c) (1) of DFARs. Notwithstanding the foregoing, the |
98 |
authors grant the U.S. Government and others acting in its behalf |
99 |
permission to use and distribute the software in accordance with the |
100 |
terms specified in this license. |
101 |
*/ |
102 |
|
103 |
/* |
104 |
* SHA-1 in C |
105 |
* By Steve Reid <steve@edmweb.com> |
106 |
* 100% Public Domain |
107 |
* |
108 |
* Test Vectors (from FIPS PUB 180-1) |
109 |
* "abc" |
110 |
* A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D |
111 |
* "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" |
112 |
* 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1 |
113 |
* A million repetitions of "a" |
114 |
* 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F |
115 |
try malete::sha1 [string repeat a 1000000] |
116 |
*/ |
117 |
|
118 |
|
119 |
/* |
120 |
sha1 string [state] |
121 |
*/ |
122 |
static int sha1Cmd ( |
123 |
ClientData ignore, Tcl_Interp *ip, int objc, Tcl_Obj* const objv[] |
124 |
) { |
125 |
/* SHA1 initialization constants */ |
126 |
unsigned A = 0x67452301, B = 0xEFCDAB89, |
127 |
C = 0x98BADCFE, D = 0x10325476, E = 0xC3D2E1F0; |
128 |
unsigned l[16]; |
129 |
Tcl_WideUInt ll; |
130 |
char ret[64]; /* 40 len \0 */ |
131 |
char *bytes; |
132 |
int len, state = 0, add = 0; |
133 |
|
134 |
(void) ignore; |
135 |
switch ( objc ) { |
136 |
case 3: /* state */ |
137 |
state = 1; |
138 |
bytes = Tcl_GetStringFromObj(objv[2], &len); /* MUST be proper string */ |
139 |
if ( len /* init from previous state */ |
140 |
&& 6 != sscanf(bytes, "%8x%8x%8x%8x%8x %d", &A,&B,&C,&D,&E,&add) |
141 |
) { /* sorrry for using sscanf ! */ |
142 |
Tcl_SetResult(ip, "bad state", TCL_STATIC); |
143 |
return TCL_ERROR; |
144 |
} |
145 |
case 2: |
146 |
break; |
147 |
default: |
148 |
Tcl_AppendResult(ip, "usage: ", Tcl_GetString(objv[0]), " string", 0); |
149 |
return TCL_ERROR; |
150 |
} |
151 |
|
152 |
bytes = (&tclByteArrayType == objv[1]->typePtr) |
153 |
? (char*)Tcl_GetByteArrayFromObj(objv[1], &len) |
154 |
: Tcl_GetStringFromObj(objv[1], &len); |
155 |
ll = ((Tcl_WideUInt)(add+len)) << 3; /* bitcount */ |
156 |
|
157 |
if ( !len || 63&len ) /* close */ |
158 |
state = 0; |
159 |
else if (state) |
160 |
state = add+len; |
161 |
for (; len > -9; bytes += 64, len -= 64) { |
162 |
if ( 64 <= len ) /* fits */ |
163 |
memcpy(l, bytes, 64); |
164 |
else { |
165 |
memset(l, 0, 64); /* lazy pad */ |
166 |
if ( 0 <= len ) { /* previous block was fully used */ |
167 |
if ( 0 < len ) |
168 |
memcpy(l, bytes, len); |
169 |
else if (state) /* return current unclosed A-E state */ |
170 |
break; |
171 |
((unsigned char*)l)[len] = 0x80; /* always pad binary 10000000 */ |
172 |
} |
173 |
if ( 56 > len ) { /* room for the count (after pad) */ |
174 |
#ifdef CPU_BIG_ENDIAN |
175 |
((Tcl_WideUInt*)l)[7] = ll; |
176 |
#else |
177 |
char *d = (char*)(l+14), *s = (char*)&ll, *e = s+8; |
178 |
do *d++ = *--e; while (e > s); |
179 |
#endif |
180 |
state = 0; /* closed */ |
181 |
} |
182 |
} |
183 |
/* SHA1_Transform */ { |
184 |
register unsigned int a=A, b=B, c=C, d=D, e=E; |
185 |
|
186 |
#define Rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) |
187 |
/* |
188 |
* Blk0() and Blk() perform the initial expand. |
189 |
* I got the idea of expanding during the round function from SSLeay |
190 |
*/ |
191 |
#ifdef CPU_BIG_ENDIAN |
192 |
# define Blk0(i) l[i] |
193 |
#else |
194 |
# define Blk0(i) (l[i] = (Rol(l[i],24)&0xFF00FF00) \ |
195 |
|(Rol(l[i],8)&0x00FF00FF)) |
196 |
#endif |
197 |
#define Blk(i) (l[i&15] = Rol(l[(i+13)&15]^l[(i+8)&15] \ |
198 |
^l[(i+2)&15]^l[i&15],1)) |
199 |
/* |
200 |
* (R0+R1), R2, R3, R4 are the different operations used in SHA1 |
201 |
*/ |
202 |
#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+Blk0(i)+0x5A827999+Rol(v,5);w=Rol(w,30); |
203 |
#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+Blk(i)+0x5A827999+Rol(v,5);w=Rol(w,30); |
204 |
#define R2(v,w,x,y,z,i) z+=(w^x^y)+Blk(i)+0x6ED9EBA1+Rol(v,5);w=Rol(w,30); |
205 |
#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+Blk(i)+0x8F1BBCDC+Rol(v,5);w=Rol(w,30); |
206 |
#define R4(v,w,x,y,z,i) z+=(w^x^y)+Blk(i)+0xCA62C1D6+Rol(v,5);w=Rol(w,30); |
207 |
|
208 |
/* |
209 |
* 4 rounds of 20 operations each. Loop unrolled. |
210 |
*/ |
211 |
|
212 |
R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); |
213 |
R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); |
214 |
R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11); |
215 |
R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15); |
216 |
R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19); |
217 |
R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23); |
218 |
R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27); |
219 |
R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31); |
220 |
R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35); |
221 |
R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39); |
222 |
R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43); |
223 |
R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47); |
224 |
R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51); |
225 |
R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55); |
226 |
R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59); |
227 |
R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63); |
228 |
R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67); |
229 |
R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); |
230 |
R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); |
231 |
R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); |
232 |
|
233 |
/* |
234 |
* Add the working vars back into context.state[] |
235 |
*/ |
236 |
|
237 |
A += a; |
238 |
B += b; |
239 |
C += c; |
240 |
D += d; |
241 |
E += e; |
242 |
}} |
243 |
memset(l, 0, 64); /* wipe traces */ |
244 |
|
245 |
/* this always prints a big-endian representation */ |
246 |
if ( state ) |
247 |
sprintf(ret, "%08x%08x%08x%08x%08x %d", A,B,C,D,E, state); |
248 |
else |
249 |
sprintf(ret, "%08x%08x%08x%08x%08x", A,B,C,D,E); |
250 |
Tcl_SetResult(ip, ret, TCL_VOLATILE); |
251 |
return TCL_OK; |
252 |
} /* sha1Cmd */ |
253 |
|
254 |
|
255 |
|
256 |
/* |
257 |
blowfish.c: C implementation of the Blowfish algorithm. |
258 |
|
259 |
Copyright (C) 1997 by Paul Kocher |
260 |
|
261 |
This library is free software; you can redistribute it and/or |
262 |
modify it under the terms of the GNU Lesser General Public |
263 |
License as published by the Free Software Foundation; either |
264 |
version 2.1 of the License, or (at your option) any later version. |
265 |
This library is distributed in the hope that it will be useful, |
266 |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
267 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
268 |
Lesser General Public License for more details. |
269 |
You should have received a copy of the GNU Lesser General Public |
270 |
License along with this library; if not, write to the Free Software |
271 |
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
272 |
|
273 |
|
274 |
|
275 |
|
276 |
COMMENTS ON USING THIS CODE: |
277 |
|
278 |
Normal usage is as follows: |
279 |
[1] Allocate a BFish. (It may be too big for the stack.) |
280 |
[2] Call Blowfish_Init with a pointer to your BFish, a pointer to |
281 |
the key, and the number of bytes in the key. |
282 |
[3] To encrypt a 64-bit block, call Blowfish_Encrypt with a pointer to |
283 |
BFish, a pointer to the 32-bit left half of the plaintext |
284 |
and a pointer to the 32-bit right half. The plaintext will be |
285 |
overwritten with the ciphertext. |
286 |
[4] Decryption is the same as encryption except that the plaintext and |
287 |
ciphertext are reversed. |
288 |
|
289 |
Warning #1: The code does not check key lengths. (Caveat encryptor.) |
290 |
Warning #2: Beware that Blowfish keys repeat such that "ab" = "abab". |
291 |
Warning #3: It is normally a good idea to zeroize the BFish before |
292 |
freeing it. |
293 |
Warning #4: Endianness conversions are the responsibility of the caller. |
294 |
(To encrypt bytes on a little-endian platforms, you'll probably want |
295 |
to swap bytes around instead of just casting.) |
296 |
Warning #5: Make sure to use a reasonable mode of operation for your |
297 |
application. (If you don't know what CBC mode is, see Warning #7.) |
298 |
Warning #6: This code is susceptible to timing attacks. |
299 |
Warning #7: Security engineering is risky and non-intuitive. Have someone |
300 |
check your work. If you don't know what you are doing, get help. |
301 |
|
302 |
|
303 |
This is code is fast enough for most applications, but is not optimized for |
304 |
speed. |
305 |
|
306 |
If you require this code under a license other than LGPL, please ask. (I |
307 |
can be located using your favorite search engine.) Unfortunately, I do not |
308 |
have time to provide unpaid support for everyone who uses this code. |
309 |
|
310 |
-- Paul Kocher |
311 |
*/ |
312 |
|
313 |
|
314 |
|
315 |
typedef struct { |
316 |
unsigned S[4][256]; |
317 |
unsigned P[18]; |
318 |
} BFish; |
319 |
|
320 |
|
321 |
static const BFish BFishInit = { |
322 |
{{ |
323 |
0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7, |
324 |
0xB8E1AFED, 0x6A267E96, 0xBA7C9045, 0xF12C7F99, |
325 |
0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16, |
326 |
0x636920D8, 0x71574E69, 0xA458FEA3, 0xF4933D7E, |
327 |
0x0D95748F, 0x728EB658, 0x718BCD58, 0x82154AEE, |
328 |
0x7B54A41D, 0xC25A59B5, 0x9C30D539, 0x2AF26013, |
329 |
0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF, |
330 |
0x8E79DCB0, 0x603A180E, 0x6C9E0E8B, 0xB01E8A3E, |
331 |
0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60, |
332 |
0xE65525F3, 0xAA55AB94, 0x57489862, 0x63E81440, |
333 |
0x55CA396A, 0x2AAB10B6, 0xB4CC5C34, 0x1141E8CE, |
334 |
0xA15486AF, 0x7C72E993, 0xB3EE1411, 0x636FBC2A, |
335 |
0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E, |
336 |
0xAFD6BA33, 0x6C24CF5C, 0x7A325381, 0x28958677, |
337 |
0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193, |
338 |
0x61D809CC, 0xFB21A991, 0x487CAC60, 0x5DEC8032, |
339 |
0xEF845D5D, 0xE98575B1, 0xDC262302, 0xEB651B88, |
340 |
0x23893E81, 0xD396ACC5, 0x0F6D6FF3, 0x83F44239, |
341 |
0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E, |
342 |
0x21C66842, 0xF6E96C9A, 0x670C9C61, 0xABD388F0, |
343 |
0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3, |
344 |
0x6EEF0B6C, 0x137A3BE4, 0xBA3BF050, 0x7EFB2A98, |
345 |
0xA1F1651D, 0x39AF0176, 0x66CA593E, 0x82430E88, |
346 |
0x8CEE8619, 0x456F9FB4, 0x7D84A5C3, 0x3B8B5EBE, |
347 |
0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6, |
348 |
0x4ED3AA62, 0x363F7706, 0x1BFEDF72, 0x429B023D, |
349 |
0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B, |
350 |
0x075372C9, 0x80991B7B, 0x25D479D8, 0xF6E8DEF7, |
351 |
0xE3FE501A, 0xB6794C3B, 0x976CE0BD, 0x04C006BA, |
352 |
0xC1A94FB6, 0x409F60C4, 0x5E5C9EC2, 0x196A2463, |
353 |
0x68FB6FAF, 0x3E6C53B5, 0x1339B2EB, 0x3B52EC6F, |
354 |
0x6DFC511F, 0x9B30952C, 0xCC814544, 0xAF5EBD09, |
355 |
0xBEE3D004, 0xDE334AFD, 0x660F2807, 0x192E4BB3, |
356 |
0xC0CBA857, 0x45C8740F, 0xD20B5F39, 0xB9D3FBDB, |
357 |
0x5579C0BD, 0x1A60320A, 0xD6A100C6, 0x402C7279, |
358 |
0x679F25FE, 0xFB1FA3CC, 0x8EA5E9F8, 0xDB3222F8, |
359 |
0x3C7516DF, 0xFD616B15, 0x2F501EC8, 0xAD0552AB, |
360 |
0x323DB5FA, 0xFD238760, 0x53317B48, 0x3E00DF82, |
361 |
0x9E5C57BB, 0xCA6F8CA0, 0x1A87562E, 0xDF1769DB, |
362 |
0xD542A8F6, 0x287EFFC3, 0xAC6732C6, 0x8C4F5573, |
363 |
0x695B27B0, 0xBBCA58C8, 0xE1FFA35D, 0xB8F011A0, |
364 |
0x10FA3D98, 0xFD2183B8, 0x4AFCB56C, 0x2DD1D35B, |
365 |
0x9A53E479, 0xB6F84565, 0xD28E49BC, 0x4BFB9790, |
366 |
0xE1DDF2DA, 0xA4CB7E33, 0x62FB1341, 0xCEE4C6E8, |
367 |
0xEF20CADA, 0x36774C01, 0xD07E9EFE, 0x2BF11FB4, |
368 |
0x95DBDA4D, 0xAE909198, 0xEAAD8E71, 0x6B93D5A0, |
369 |
0xD08ED1D0, 0xAFC725E0, 0x8E3C5B2F, 0x8E7594B7, |
370 |
0x8FF6E2FB, 0xF2122B64, 0x8888B812, 0x900DF01C, |
371 |
0x4FAD5EA0, 0x688FC31C, 0xD1CFF191, 0xB3A8C1AD, |
372 |
0x2F2F2218, 0xBE0E1777, 0xEA752DFE, 0x8B021FA1, |
373 |
0xE5A0CC0F, 0xB56F74E8, 0x18ACF3D6, 0xCE89E299, |
374 |
0xB4A84FE0, 0xFD13E0B7, 0x7CC43B81, 0xD2ADA8D9, |
375 |
0x165FA266, 0x80957705, 0x93CC7314, 0x211A1477, |
376 |
0xE6AD2065, 0x77B5FA86, 0xC75442F5, 0xFB9D35CF, |
377 |
0xEBCDAF0C, 0x7B3E89A0, 0xD6411BD3, 0xAE1E7E49, |
378 |
0x00250E2D, 0x2071B35E, 0x226800BB, 0x57B8E0AF, |
379 |
0x2464369B, 0xF009B91E, 0x5563911D, 0x59DFA6AA, |
380 |
0x78C14389, 0xD95A537F, 0x207D5BA2, 0x02E5B9C5, |
381 |
0x83260376, 0x6295CFA9, 0x11C81968, 0x4E734A41, |
382 |
0xB3472DCA, 0x7B14A94A, 0x1B510052, 0x9A532915, |
383 |
0xD60F573F, 0xBC9BC6E4, 0x2B60A476, 0x81E67400, |
384 |
0x08BA6FB5, 0x571BE91F, 0xF296EC6B, 0x2A0DD915, |
385 |
0xB6636521, 0xE7B9F9B6, 0xFF34052E, 0xC5855664, |
386 |
0x53B02D5D, 0xA99F8FA1, 0x08BA4799, 0x6E85076A, |
387 |
}, { |
388 |
0x4B7A70E9, 0xB5B32944, 0xDB75092E, 0xC4192623, |
389 |
0xAD6EA6B0, 0x49A7DF7D, 0x9CEE60B8, 0x8FEDB266, |
390 |
0xECAA8C71, 0x699A17FF, 0x5664526C, 0xC2B19EE1, |
391 |
0x193602A5, 0x75094C29, 0xA0591340, 0xE4183A3E, |
392 |
0x3F54989A, 0x5B429D65, 0x6B8FE4D6, 0x99F73FD6, |
393 |
0xA1D29C07, 0xEFE830F5, 0x4D2D38E6, 0xF0255DC1, |
394 |
0x4CDD2086, 0x8470EB26, 0x6382E9C6, 0x021ECC5E, |
395 |
0x09686B3F, 0x3EBAEFC9, 0x3C971814, 0x6B6A70A1, |
396 |
0x687F3584, 0x52A0E286, 0xB79C5305, 0xAA500737, |
397 |
0x3E07841C, 0x7FDEAE5C, 0x8E7D44EC, 0x5716F2B8, |
398 |
0xB03ADA37, 0xF0500C0D, 0xF01C1F04, 0x0200B3FF, |
399 |
0xAE0CF51A, 0x3CB574B2, 0x25837A58, 0xDC0921BD, |
400 |
0xD19113F9, 0x7CA92FF6, 0x94324773, 0x22F54701, |
401 |
0x3AE5E581, 0x37C2DADC, 0xC8B57634, 0x9AF3DDA7, |
402 |
0xA9446146, 0x0FD0030E, 0xECC8C73E, 0xA4751E41, |
403 |
0xE238CD99, 0x3BEA0E2F, 0x3280BBA1, 0x183EB331, |
404 |
0x4E548B38, 0x4F6DB908, 0x6F420D03, 0xF60A04BF, |
405 |
0x2CB81290, 0x24977C79, 0x5679B072, 0xBCAF89AF, |
406 |
0xDE9A771F, 0xD9930810, 0xB38BAE12, 0xDCCF3F2E, |
407 |
0x5512721F, 0x2E6B7124, 0x501ADDE6, 0x9F84CD87, |
408 |
0x7A584718, 0x7408DA17, 0xBC9F9ABC, 0xE94B7D8C, |
409 |
0xEC7AEC3A, 0xDB851DFA, 0x63094366, 0xC464C3D2, |
410 |
0xEF1C1847, 0x3215D908, 0xDD433B37, 0x24C2BA16, |
411 |
0x12A14D43, 0x2A65C451, 0x50940002, 0x133AE4DD, |
412 |
0x71DFF89E, 0x10314E55, 0x81AC77D6, 0x5F11199B, |
413 |
0x043556F1, 0xD7A3C76B, 0x3C11183B, 0x5924A509, |
414 |
0xF28FE6ED, 0x97F1FBFA, 0x9EBABF2C, 0x1E153C6E, |
415 |
0x86E34570, 0xEAE96FB1, 0x860E5E0A, 0x5A3E2AB3, |
416 |
0x771FE71C, 0x4E3D06FA, 0x2965DCB9, 0x99E71D0F, |
417 |
0x803E89D6, 0x5266C825, 0x2E4CC978, 0x9C10B36A, |
418 |
0xC6150EBA, 0x94E2EA78, 0xA5FC3C53, 0x1E0A2DF4, |
419 |
0xF2F74EA7, 0x361D2B3D, 0x1939260F, 0x19C27960, |
420 |
0x5223A708, 0xF71312B6, 0xEBADFE6E, 0xEAC31F66, |
421 |
0xE3BC4595, 0xA67BC883, 0xB17F37D1, 0x018CFF28, |
422 |
0xC332DDEF, 0xBE6C5AA5, 0x65582185, 0x68AB9802, |
423 |
0xEECEA50F, 0xDB2F953B, 0x2AEF7DAD, 0x5B6E2F84, |
424 |
0x1521B628, 0x29076170, 0xECDD4775, 0x619F1510, |
425 |
0x13CCA830, 0xEB61BD96, 0x0334FE1E, 0xAA0363CF, |
426 |
0xB5735C90, 0x4C70A239, 0xD59E9E0B, 0xCBAADE14, |
427 |
0xEECC86BC, 0x60622CA7, 0x9CAB5CAB, 0xB2F3846E, |
428 |
0x648B1EAF, 0x19BDF0CA, 0xA02369B9, 0x655ABB50, |
429 |
0x40685A32, 0x3C2AB4B3, 0x319EE9D5, 0xC021B8F7, |
430 |
0x9B540B19, 0x875FA099, 0x95F7997E, 0x623D7DA8, |
431 |
0xF837889A, 0x97E32D77, 0x11ED935F, 0x16681281, |
432 |
0x0E358829, 0xC7E61FD6, 0x96DEDFA1, 0x7858BA99, |
433 |
0x57F584A5, 0x1B227263, 0x9B83C3FF, 0x1AC24696, |
434 |
0xCDB30AEB, 0x532E3054, 0x8FD948E4, 0x6DBC3128, |
435 |
0x58EBF2EF, 0x34C6FFEA, 0xFE28ED61, 0xEE7C3C73, |
436 |
0x5D4A14D9, 0xE864B7E3, 0x42105D14, 0x203E13E0, |
437 |
0x45EEE2B6, 0xA3AAABEA, 0xDB6C4F15, 0xFACB4FD0, |
438 |
0xC742F442, 0xEF6ABBB5, 0x654F3B1D, 0x41CD2105, |
439 |
0xD81E799E, 0x86854DC7, 0xE44B476A, 0x3D816250, |
440 |
0xCF62A1F2, 0x5B8D2646, 0xFC8883A0, 0xC1C7B6A3, |
441 |
0x7F1524C3, 0x69CB7492, 0x47848A0B, 0x5692B285, |
442 |
0x095BBF00, 0xAD19489D, 0x1462B174, 0x23820E00, |
443 |
0x58428D2A, 0x0C55F5EA, 0x1DADF43E, 0x233F7061, |
444 |
0x3372F092, 0x8D937E41, 0xD65FECF1, 0x6C223BDB, |
445 |
0x7CDE3759, 0xCBEE7460, 0x4085F2A7, 0xCE77326E, |
446 |
0xA6078084, 0x19F8509E, 0xE8EFD855, 0x61D99735, |
447 |
0xA969A7AA, 0xC50C06C2, 0x5A04ABFC, 0x800BCADC, |
448 |
0x9E447A2E, 0xC3453484, 0xFDD56705, 0x0E1E9EC9, |
449 |
0xDB73DBD3, 0x105588CD, 0x675FDA79, 0xE3674340, |
450 |
0xC5C43465, 0x713E38D8, 0x3D28F89E, 0xF16DFF20, |
451 |
0x153E21E7, 0x8FB03D4A, 0xE6E39F2B, 0xDB83ADF7, |
452 |
}, { |
453 |
0xE93D5A68, 0x948140F7, 0xF64C261C, 0x94692934, |
454 |
0x411520F7, 0x7602D4F7, 0xBCF46B2E, 0xD4A20068, |
455 |
0xD4082471, 0x3320F46A, 0x43B7D4B7, 0x500061AF, |
456 |
0x1E39F62E, 0x97244546, 0x14214F74, 0xBF8B8840, |
457 |
0x4D95FC1D, 0x96B591AF, 0x70F4DDD3, 0x66A02F45, |
458 |
0xBFBC09EC, 0x03BD9785, 0x7FAC6DD0, 0x31CB8504, |
459 |
0x96EB27B3, 0x55FD3941, 0xDA2547E6, 0xABCA0A9A, |
460 |
0x28507825, 0x530429F4, 0x0A2C86DA, 0xE9B66DFB, |
461 |
0x68DC1462, 0xD7486900, 0x680EC0A4, 0x27A18DEE, |
462 |
0x4F3FFEA2, 0xE887AD8C, 0xB58CE006, 0x7AF4D6B6, |
463 |
0xAACE1E7C, 0xD3375FEC, 0xCE78A399, 0x406B2A42, |
464 |
0x20FE9E35, 0xD9F385B9, 0xEE39D7AB, 0x3B124E8B, |
465 |
0x1DC9FAF7, 0x4B6D1856, 0x26A36631, 0xEAE397B2, |
466 |
0x3A6EFA74, 0xDD5B4332, 0x6841E7F7, 0xCA7820FB, |
467 |
0xFB0AF54E, 0xD8FEB397, 0x454056AC, 0xBA489527, |
468 |
0x55533A3A, 0x20838D87, 0xFE6BA9B7, 0xD096954B, |
469 |
0x55A867BC, 0xA1159A58, 0xCCA92963, 0x99E1DB33, |
470 |
0xA62A4A56, 0x3F3125F9, 0x5EF47E1C, 0x9029317C, |
471 |
0xFDF8E802, 0x04272F70, 0x80BB155C, 0x05282CE3, |
472 |
0x95C11548, 0xE4C66D22, 0x48C1133F, 0xC70F86DC, |
473 |
0x07F9C9EE, 0x41041F0F, 0x404779A4, 0x5D886E17, |
474 |
0x325F51EB, 0xD59BC0D1, 0xF2BCC18F, 0x41113564, |
475 |
0x257B7834, 0x602A9C60, 0xDFF8E8A3, 0x1F636C1B, |
476 |
0x0E12B4C2, 0x02E1329E, 0xAF664FD1, 0xCAD18115, |
477 |
0x6B2395E0, 0x333E92E1, 0x3B240B62, 0xEEBEB922, |
478 |
0x85B2A20E, 0xE6BA0D99, 0xDE720C8C, 0x2DA2F728, |
479 |
0xD0127845, 0x95B794FD, 0x647D0862, 0xE7CCF5F0, |
480 |
0x5449A36F, 0x877D48FA, 0xC39DFD27, 0xF33E8D1E, |
481 |
0x0A476341, 0x992EFF74, 0x3A6F6EAB, 0xF4F8FD37, |
482 |
0xA812DC60, 0xA1EBDDF8, 0x991BE14C, 0xDB6E6B0D, |
483 |
0xC67B5510, 0x6D672C37, 0x2765D43B, 0xDCD0E804, |
484 |
0xF1290DC7, 0xCC00FFA3, 0xB5390F92, 0x690FED0B, |
485 |
0x667B9FFB, 0xCEDB7D9C, 0xA091CF0B, 0xD9155EA3, |
486 |
0xBB132F88, 0x515BAD24, 0x7B9479BF, 0x763BD6EB, |
487 |
0x37392EB3, 0xCC115979, 0x8026E297, 0xF42E312D, |
488 |
0x6842ADA7, 0xC66A2B3B, 0x12754CCC, 0x782EF11C, |
489 |
0x6A124237, 0xB79251E7, 0x06A1BBE6, 0x4BFB6350, |
490 |
0x1A6B1018, 0x11CAEDFA, 0x3D25BDD8, 0xE2E1C3C9, |
491 |
0x44421659, 0x0A121386, 0xD90CEC6E, 0xD5ABEA2A, |
492 |
0x64AF674E, 0xDA86A85F, 0xBEBFE988, 0x64E4C3FE, |
493 |
0x9DBC8057, 0xF0F7C086, 0x60787BF8, 0x6003604D, |
494 |
0xD1FD8346, 0xF6381FB0, 0x7745AE04, 0xD736FCCC, |
495 |
0x83426B33, 0xF01EAB71, 0xB0804187, 0x3C005E5F, |
496 |
0x77A057BE, 0xBDE8AE24, 0x55464299, 0xBF582E61, |
497 |
0x4E58F48F, 0xF2DDFDA2, 0xF474EF38, 0x8789BDC2, |
498 |
0x5366F9C3, 0xC8B38E74, 0xB475F255, 0x46FCD9B9, |
499 |
0x7AEB2661, 0x8B1DDF84, 0x846A0E79, 0x915F95E2, |
500 |
0x466E598E, 0x20B45770, 0x8CD55591, 0xC902DE4C, |
501 |
0xB90BACE1, 0xBB8205D0, 0x11A86248, 0x7574A99E, |
502 |
0xB77F19B6, 0xE0A9DC09, 0x662D09A1, 0xC4324633, |
503 |
0xE85A1F02, 0x09F0BE8C, 0x4A99A025, 0x1D6EFE10, |
504 |
0x1AB93D1D, 0x0BA5A4DF, 0xA186F20F, 0x2868F169, |
505 |
0xDCB7DA83, 0x573906FE, 0xA1E2CE9B, 0x4FCD7F52, |
506 |
0x50115E01, 0xA70683FA, 0xA002B5C4, 0x0DE6D027, |
507 |
0x9AF88C27, 0x773F8641, 0xC3604C06, 0x61A806B5, |
508 |
0xF0177A28, 0xC0F586E0, 0x006058AA, 0x30DC7D62, |
509 |
0x11E69ED7, 0x2338EA63, 0x53C2DD94, 0xC2C21634, |
510 |
0xBBCBEE56, 0x90BCB6DE, 0xEBFC7DA1, 0xCE591D76, |
511 |
0x6F05E409, 0x4B7C0188, 0x39720A3D, 0x7C927C24, |
512 |
0x86E3725F, 0x724D9DB9, 0x1AC15BB4, 0xD39EB8FC, |
513 |
0xED545578, 0x08FCA5B5, 0xD83D7CD3, 0x4DAD0FC4, |
514 |
0x1E50EF5E, 0xB161E6F8, 0xA28514D9, 0x6C51133C, |
515 |
0x6FD5C7E7, 0x56E14EC4, 0x362ABFCE, 0xDDC6C837, |
516 |
0xD79A3234, 0x92638212, 0x670EFA8E, 0x406000E0, |
517 |
}, { |
518 |
0x3A39CE37, 0xD3FAF5CF, 0xABC27737, 0x5AC52D1B, |
519 |
0x5CB0679E, 0x4FA33742, 0xD3822740, 0x99BC9BBE, |
520 |
0xD5118E9D, 0xBF0F7315, 0xD62D1C7E, 0xC700C47B, |
521 |
0xB78C1B6B, 0x21A19045, 0xB26EB1BE, 0x6A366EB4, |
522 |
0x5748AB2F, 0xBC946E79, 0xC6A376D2, 0x6549C2C8, |
523 |
0x530FF8EE, 0x468DDE7D, 0xD5730A1D, 0x4CD04DC6, |
524 |
0x2939BBDB, 0xA9BA4650, 0xAC9526E8, 0xBE5EE304, |
525 |
0xA1FAD5F0, 0x6A2D519A, 0x63EF8CE2, 0x9A86EE22, |
526 |
0xC089C2B8, 0x43242EF6, 0xA51E03AA, 0x9CF2D0A4, |
527 |
0x83C061BA, 0x9BE96A4D, 0x8FE51550, 0xBA645BD6, |
528 |
0x2826A2F9, 0xA73A3AE1, 0x4BA99586, 0xEF5562E9, |
529 |
0xC72FEFD3, 0xF752F7DA, 0x3F046F69, 0x77FA0A59, |
530 |
0x80E4A915, 0x87B08601, 0x9B09E6AD, 0x3B3EE593, |
531 |
0xE990FD5A, 0x9E34D797, 0x2CF0B7D9, 0x022B8B51, |
532 |
0x96D5AC3A, 0x017DA67D, 0xD1CF3ED6, 0x7C7D2D28, |
533 |
0x1F9F25CF, 0xADF2B89B, 0x5AD6B472, 0x5A88F54C, |
534 |
0xE029AC71, 0xE019A5E6, 0x47B0ACFD, 0xED93FA9B, |
535 |
0xE8D3C48D, 0x283B57CC, 0xF8D56629, 0x79132E28, |
536 |
0x785F0191, 0xED756055, 0xF7960E44, 0xE3D35E8C, |
537 |
0x15056DD4, 0x88F46DBA, 0x03A16125, 0x0564F0BD, |
538 |
0xC3EB9E15, 0x3C9057A2, 0x97271AEC, 0xA93A072A, |
539 |
0x1B3F6D9B, 0x1E6321F5, 0xF59C66FB, 0x26DCF319, |
540 |
0x7533D928, 0xB155FDF5, 0x03563482, 0x8ABA3CBB, |
541 |
0x28517711, 0xC20AD9F8, 0xABCC5167, 0xCCAD925F, |
542 |
0x4DE81751, 0x3830DC8E, 0x379D5862, 0x9320F991, |
543 |
0xEA7A90C2, 0xFB3E7BCE, 0x5121CE64, 0x774FBE32, |
544 |
0xA8B6E37E, 0xC3293D46, 0x48DE5369, 0x6413E680, |
545 |
0xA2AE0810, 0xDD6DB224, 0x69852DFD, 0x09072166, |
546 |
0xB39A460A, 0x6445C0DD, 0x586CDECF, 0x1C20C8AE, |
547 |
0x5BBEF7DD, 0x1B588D40, 0xCCD2017F, 0x6BB4E3BB, |
548 |
0xDDA26A7E, 0x3A59FF45, 0x3E350A44, 0xBCB4CDD5, |
549 |
0x72EACEA8, 0xFA6484BB, 0x8D6612AE, 0xBF3C6F47, |
550 |
0xD29BE463, 0x542F5D9E, 0xAEC2771B, 0xF64E6370, |
551 |
0x740E0D8D, 0xE75B1357, 0xF8721671, 0xAF537D5D, |
552 |
0x4040CB08, 0x4EB4E2CC, 0x34D2466A, 0x0115AF84, |
553 |
0xE1B00428, 0x95983A1D, 0x06B89FB4, 0xCE6EA048, |
554 |
0x6F3F3B82, 0x3520AB82, 0x011A1D4B, 0x277227F8, |
555 |
0x611560B1, 0xE7933FDC, 0xBB3A792B, 0x344525BD, |
556 |
0xA08839E1, 0x51CE794B, 0x2F32C9B7, 0xA01FBAC9, |
557 |
0xE01CC87E, 0xBCC7D1F6, 0xCF0111C3, 0xA1E8AAC7, |
558 |
0x1A908749, 0xD44FBD9A, 0xD0DADECB, 0xD50ADA38, |
559 |
0x0339C32A, 0xC6913667, 0x8DF9317C, 0xE0B12B4F, |
560 |
0xF79E59B7, 0x43F5BB3A, 0xF2D519FF, 0x27D9459C, |
561 |
0xBF97222C, 0x15E6FC2A, 0x0F91FC71, 0x9B941525, |
562 |
0xFAE59361, 0xCEB69CEB, 0xC2A86459, 0x12BAA8D1, |
563 |
0xB6C1075E, 0xE3056A0C, 0x10D25065, 0xCB03A442, |
564 |
0xE0EC6E0E, 0x1698DB3B, 0x4C98A0BE, 0x3278E964, |
565 |
0x9F1F9532, 0xE0D392DF, 0xD3A0342B, 0x8971F21E, |
566 |
0x1B0A7441, 0x4BA3348C, 0xC5BE7120, 0xC37632D8, |
567 |
0xDF359F8D, 0x9B992F2E, 0xE60B6F47, 0x0FE3F11D, |
568 |
0xE54CDA54, 0x1EDAD891, 0xCE6279CF, 0xCD3E7E6F, |
569 |
0x1618B166, 0xFD2C1D05, 0x848FD2C5, 0xF6FB2299, |
570 |
0xF523F357, 0xA6327623, 0x93A83531, 0x56CCCD02, |
571 |
0xACF08162, 0x5A75EBB5, 0x6E163697, 0x88D273CC, |
572 |
0xDE966292, 0x81B949D0, 0x4C50901B, 0x71C65614, |
573 |
0xE6C6C7BD, 0x327A140A, 0x45E1D006, 0xC3F27B9A, |
574 |
0xC9AA53FD, 0x62A80F00, 0xBB25BFE2, 0x35BDD2F6, |
575 |
0x71126905, 0xB2040222, 0xB6CBCF7C, 0xCD769C2B, |
576 |
0x53113EC0, 0x1640E3D3, 0x38ABBD60, 0x2547ADF0, |
577 |
0xBA38209C, 0xF746CE76, 0x77AFA1C5, 0x20756060, |
578 |
0x85CBFE4E, 0x8AE88DD8, 0x7AAAF9B0, 0x4CF9AA7E, |
579 |
0x1948C25C, 0x02FB8A8C, 0x01C36AE4, 0xD6EBE1F9, |
580 |
0x90D4F869, 0xA65CDEA0, 0x3F09252D, 0xC208E69F, |
581 |
0xB74E6132, 0xCE77E25B, 0x578FDFE3, 0x3AC372E6 |
582 |
}}, |
583 |
{ |
584 |
0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344, |
585 |
0xA4093822, 0x299F31D0, 0x082EFA98, 0xEC4E6C89, |
586 |
0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C, |
587 |
0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917, |
588 |
0x9216D5D9, 0x8979FB1B |
589 |
}}; |
590 |
|
591 |
|
592 |
|
593 |
/* enc/dec one 8byte block |
594 |
Blowfish is defined in terms of two 32bit numbers ("left" and "right") |
595 |
At least the paper http://www.schneier.com/paper-blowfish-fse.html |
596 |
says nothing about byte order ("Divide x into two 32-bit halves"). |
597 |
Our preset P and S are already defined as numbers, which is fine. |
598 |
So we leave input/output byte swapping to the outer layer. |
599 |
*/ |
600 |
static void bfish ( BFish *ctx, unsigned *block, int dec ) |
601 |
{ |
602 |
/* slow and sloppy version |
603 |
See Eric Young's implementation in openssl for how to speed things up |
604 |
*/ |
605 |
union { |
606 |
unsigned u; |
607 |
unsigned char b[4]; |
608 |
} l, r; |
609 |
enum { /* byte indexes, A=MSB .. D=LSB */ |
610 |
#ifdef CPU_BIG_ENDIAN |
611 |
A,B,C,D |
612 |
#else |
613 |
D,C,B,A |
614 |
#endif |
615 |
}; |
616 |
const unsigned *a = ctx->S[0], *b = ctx->S[1], *c = ctx->S[2], *d = ctx->S[3]; |
617 |
#define F(x) (((a[x.b[A]] + b[x.b[B]]) ^ c[x.b[C]]) + d[x.b[D]]) |
618 |
unsigned *P, *E; |
619 |
int step; |
620 |
|
621 |
l.u = block[0]; |
622 |
r.u = block[1]; |
623 |
if ( dec ) { |
624 |
E = ctx->P + 1; |
625 |
P = E + 16; |
626 |
step = -1; |
627 |
} else { |
628 |
P = ctx->P; |
629 |
E = P + 16; |
630 |
step = 1; |
631 |
} |
632 |
|
633 |
do { /* two per rep to at least avoid the swapping w/o too much code */ |
634 |
l.u ^= *P; |
635 |
r.u ^= F(l); |
636 |
|
637 |
r.u ^= *(P += step); |
638 |
l.u ^= F(r); |
639 |
} while (E != (P += step)); |
640 |
|
641 |
block[1] = l.u ^ E[0]; |
642 |
block[0] = r.u ^ E[step]; |
643 |
l.u = r.u = 0; |
644 |
} /* bfish */ |
645 |
|
646 |
|
647 |
static void bfishInit (BFish *ctx, unsigned char *key, int keyLen) |
648 |
{ |
649 |
int i, j, k; |
650 |
unsigned data, block[2]; |
651 |
|
652 |
*ctx = BFishInit; |
653 |
|
654 |
for (j = i = 0; i < 18; ++i) { |
655 |
for (data = 0, k = 0; k < 4; ++k) { |
656 |
/* http://www.schneier.com/blowfish-bug.txt */ |
657 |
data = (data << 8) | key[j]; |
658 |
if (++j >= keyLen) |
659 |
j = 0; |
660 |
} |
661 |
ctx->P[i] ^= data; |
662 |
} |
663 |
|
664 |
block[0] = block[1] = 0; |
665 |
for (i = 0; i < 18; i += 2) { |
666 |
bfish(ctx, block, 0); |
667 |
ctx->P[i] = block[0]; |
668 |
ctx->P[i + 1] = block[1]; |
669 |
} |
670 |
for (i = 0; i < 4; ++i) |
671 |
for (j = 0; j < 256; j += 2) { |
672 |
bfish(ctx, block, 0); |
673 |
ctx->S[i][j] = block[0]; |
674 |
ctx->S[i][j + 1] = block[1]; |
675 |
} |
676 |
data = block[0] = block[1] = 0; |
677 |
} |
678 |
|
679 |
/* return !0 iff we had a bad key (duplicate in S-box) */ |
680 |
static int bfishChkkey (BFish *ctx) |
681 |
{ |
682 |
int i; |
683 |
for (i = 0; i < 4; ++i) { |
684 |
unsigned *s = ctx->S[i], *p=s+1, *e=s+256, *q; |
685 |
do { |
686 |
unsigned t = *p; |
687 |
for (q = p; s < q--; ) |
688 |
if ( t == *q ) |
689 |
return 1; |
690 |
} while (e > ++p); |
691 |
} |
692 |
return 0; |
693 |
} |
694 |
|
695 |
|
696 |
typedef struct { |
697 |
BFish bfish; |
698 |
int bin; /* ciphertext uses ByteArrayObject */ |
699 |
int swap; /* do swapping */ |
700 |
Tcl_WideUInt ev; /* encrypting vector/last cipher block */ |
701 |
Tcl_WideUInt dv; /* decrypting " */ |
702 |
} BfCd; |
703 |
|
704 |
static void bfishFree ( ClientData self ) |
705 |
{ |
706 |
memset(self, 0, sizeof(BfCd)); |
707 |
Tcl_Free((char*)self); |
708 |
} |
709 |
|
710 |
/* |
711 |
blowfish encrypt|decrypt [options] key data |
712 |
blowfish open [options] key command |
713 |
command encrypt|decrypt data |
714 |
command close |
715 |
|
716 |
does blowfish in CBC mode: every input block is XORed with the |
717 |
previous cipher clock before being encrypted. |
718 |
Applications should prefix every stream with an initialization vector. |
719 |
|
720 |
Options: |
721 |
-string (default) decrypt to strings |
722 |
-binary decrypt to ByteArray |
723 |
encrypt always creates ByteArrays, and input is used as is |
724 |
-encvector|-decvector <iv> use initialization vector for enc/dec |
725 |
(must be as of printf %08X%08X, left, right) |
726 |
-native|-littleendian|-bigendian|-swap byte order to use |
727 |
(default: -bigendian) |
728 |
|
729 |
Although I really hate the ByteArrayObj, because the conversion is braindead, |
730 |
I use it, because the conversion is braindead :( |
731 |
|
732 |
*/ |
733 |
static int bfishCmd ( |
734 |
ClientData self, Tcl_Interp *ip, int objc, Tcl_Obj* const objv[] |
735 |
) { |
736 |
static const char *commandnames[] |
737 |
= {"encrypt", "decrypt", "open", "close", 0}; |
738 |
enum { CMD_ENC, CMD_DEC, CMD_OPEN, CMD_CLOSE }; |
739 |
static const char *optnames[] = {"-string", "-binary", |
740 |
"-encvector", "-decvector", |
741 |
"-native", "-littleendian", "-bigendian", "-swap", 0}; |
742 |
enum { OPT_STR/*must be 0*/, OPT_BIN, |
743 |
OPT_EV, OPT_DV, |
744 |
OPT_NAT, OPT_LE, OPT_BE, OPT_SWAP }; |
745 |
BfCd tmp, *bf; |
746 |
int cmd, len, blocks; |
747 |
char *bytes; |
748 |
Tcl_WideUInt *out; |
749 |
Tcl_Obj *data, *ret; |
750 |
unsigned *u, *e; |
751 |
|
752 |
if ( 2 > objc ) |
753 |
goto badargs; |
754 |
if ( Tcl_GetIndexFromObj(ip, objv[1], commandnames, "command", 0, &cmd) ) |
755 |
return TCL_ERROR; |
756 |
if ( self && CMD_OPEN != cmd ) { |
757 |
bf = (BfCd *)self; |
758 |
if ( CMD_CLOSE == cmd ) { /* ignore args - close */ |
759 |
Tcl_DeleteCommand(ip, Tcl_GetString(objv[0])); |
760 |
return TCL_OK; |
761 |
} |
762 |
if ( 3 > objc ) |
763 |
goto badargs; |
764 |
data = objv[2]; |
765 |
} else { /* new context */ |
766 |
int bin = OPT_STR, swap = OPT_BE; |
767 |
unsigned vec[4] = {0,0,0,0}, *leri; |
768 |
if ( CMD_CLOSE == cmd ) |
769 |
goto badargs; |
770 |
if ( 4 > objc ) |
771 |
goto badargs; |
772 |
if ( 4 < objc ) { |
773 |
int i, opt; |
774 |
for ( i=2; i<objc-2; i++ ) { |
775 |
if ( Tcl_GetIndexFromObj(ip, objv[i], optnames, "option", 0, &opt) ) |
776 |
return TCL_ERROR; |
777 |
switch (opt) { |
778 |
case OPT_STR: |
779 |
case OPT_BIN: |
780 |
bin = opt; |
781 |
break; |
782 |
case OPT_EV: |
783 |
case OPT_DV: |
784 |
leri = OPT_EV == opt ? vec : vec+2; |
785 |
if ( i == objc-3 |
786 |
|| !(bytes = Tcl_GetStringFromObj(objv[++i],&len)) |
787 |
|| 16 != len |
788 |
|| 2 != sscanf(bytes,"%8X%8X", leri, leri+1) |
789 |
) { |
790 |
Tcl_SetResult(ip, "bad vector", TCL_STATIC); |
791 |
return TCL_ERROR; |
792 |
} |
793 |
break; |
794 |
case OPT_NAT: |
795 |
case OPT_LE: |
796 |
case OPT_BE: |
797 |
case OPT_SWAP: |
798 |
swap = opt; |
799 |
break; |
800 |
} |
801 |
} |
802 |
} |
803 |
bytes = Tcl_GetStringFromObj(objv[objc-2], &len); |
804 |
data = objv[objc-1]; |
805 |
bf = CMD_OPEN == cmd ? (BfCd*)Tcl_Alloc(sizeof(*bf)) : &tmp; |
806 |
bfishInit(&bf->bfish, (unsigned char*)bytes, len); |
807 |
bf->bin = bin; |
808 |
bf->swap = OPT_SWAP == swap || |
809 |
#ifdef CPU_BIG_ENDIAN |
810 |
OPT_LE |
811 |
#else |
812 |
OPT_BE |
813 |
#endif |
814 |
== swap; |
815 |
#define SWAP32(x) \ |
816 |
(((0xff&x)<<24)|((0xff00&x)<<8)|(0xff00&(x>>8))|(0xff&(x>>24))) |
817 |
/* |
818 |
sscanf reads in iv ints as from BE repr to native, which we want. |
819 |
need to fixup, if external is not BE. |
820 |
*/ |
821 |
if ( |
822 |
#ifndef CPU_BIG_ENDIAN |
823 |
! |
824 |
#endif |
825 |
bf->swap |
826 |
) /* swap the init vec's ints, too */ |
827 |
for (e=vec, u=vec+4; e < u--; ) *u = SWAP32(*u); |
828 |
((int*)&bf->ev)[0] = vec[0]; |
829 |
((int*)&bf->ev)[1] = vec[1]; |
830 |
((int*)&bf->dv)[0] = vec[2]; |
831 |
((int*)&bf->dv)[1] = vec[3]; |
832 |
if ( CMD_OPEN == cmd ) { |
833 |
Tcl_CreateObjCommand(ip, Tcl_GetString(data), bfishCmd, |
834 |
(ClientData)bf, bfishFree); |
835 |
Tcl_SetIntObj(Tcl_GetObjResult(ip), bfishChkkey(&bf->bfish)); |
836 |
return TCL_OK; |
837 |
} |
838 |
} |
839 |
/* now cmd is enc (0) or dec */ |
840 |
|
841 |
bytes = (cmd || &tclByteArrayType == data->typePtr) |
842 |
? (char*)Tcl_GetByteArrayFromObj(data, &len) /* decode or enc from binary */ |
843 |
: Tcl_GetStringFromObj(data, &len); |
844 |
if ( !len ) |
845 |
return TCL_OK; |
846 |
if ( cmd && (7 & len) ) { |
847 |
Tcl_SetResult(ip, "bad cipher len", TCL_STATIC); |
848 |
return TCL_ERROR; |
849 |
} |
850 |
blocks = (len+7)>>3; |
851 |
ret = Tcl_GetObjResult(ip); |
852 |
if ( !cmd || bf->bin ) { /* encode or dec to binary */ |
853 |
out = (Tcl_WideUInt*)Tcl_SetByteArrayLength(ret, blocks<<3); |
854 |
} else { |
855 |
Tcl_SetObjLength(ret, blocks<<3); |
856 |
out = (Tcl_WideUInt*)Tcl_GetString(ret); |
857 |
} |
858 |
out[blocks - 1] = 0; /* pad input */ |
859 |
memcpy(out, bytes, len); |
860 |
if ( bf->swap ) { |
861 |
u = (unsigned*)out; |
862 |
e = u+(blocks<<1); |
863 |
do *u = SWAP32(*u); while ( e > ++u ); |
864 |
u = (unsigned*)out; |
865 |
} else u=e=0; /* just to please the compiler */ |
866 |
if ( cmd ) |
867 |
for ( ;blocks--; out++ ) { |
868 |
Tcl_WideUInt ciph = *out; |
869 |
bfish(&bf->bfish, (unsigned*)out, 1); |
870 |
*out ^= bf->dv; |
871 |
bf->dv = ciph; |
872 |
} |
873 |
else |
874 |
for ( ;blocks--; out++ ) { |
875 |
*out ^= bf->ev; |
876 |
bfish(&bf->bfish, (unsigned*)out, 0); |
877 |
bf->ev = *out; |
878 |
} |
879 |
if ( bf->swap ) |
880 |
do *u = SWAP32(*u); while ( e > ++u ); |
881 |
|
882 |
return TCL_OK; |
883 |
badargs: |
884 |
Tcl_AppendResult(ip, "usage: ", Tcl_GetString(objv[0]), |
885 |
" encode|decode|open|close options...", 0); |
886 |
return TCL_ERROR; |
887 |
} /* bfishCmd */ |
888 |
|
889 |
|
890 |
int cryptoInit(Tcl_Interp *interp) |
891 |
{ |
892 |
Tcl_CreateObjCommand(interp, "::malete::sha1", sha1Cmd, 0, 0); |
893 |
Tcl_CreateObjCommand(interp, "::malete::blowfish", bfishCmd, 0, 0); |
894 |
|
895 |
return TCL_OK; |
896 |
} |