From 029d0a842cd8a317375b31145383409491d345e7 Mon Sep 17 00:00:00 2001 From: jsing Date: Wed, 27 Mar 2024 11:24:15 +0000 Subject: [PATCH] Consolidate blowfish code. Requested by tb@ --- lib/libcrypto/Makefile | 8 +- lib/libcrypto/bf/bf_cfb64.c | 124 ------- lib/libcrypto/bf/bf_ecb.c | 89 ----- lib/libcrypto/bf/bf_enc.c | 304 ---------------- lib/libcrypto/bf/bf_ofb64.c | 111 ------ lib/libcrypto/bf/{bf_skey.c => blowfish.c} | 384 ++++++++++++++++++++- 6 files changed, 381 insertions(+), 639 deletions(-) delete mode 100644 lib/libcrypto/bf/bf_cfb64.c delete mode 100644 lib/libcrypto/bf/bf_ecb.c delete mode 100644 lib/libcrypto/bf/bf_enc.c delete mode 100644 lib/libcrypto/bf/bf_ofb64.c rename lib/libcrypto/bf/{bf_skey.c => blowfish.c} (71%) diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index 4ea8d0c2ad3..606dc617925 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.176 2024/03/27 11:12:08 jsing Exp $ +# $OpenBSD: Makefile,v 1.177 2024/03/27 11:24:15 jsing Exp $ LIB= crypto LIBREBUILD=y @@ -142,11 +142,7 @@ SRCS+= x_x509.c SRCS+= x_x509a.c # bf/ -SRCS+= bf_cfb64.c -SRCS+= bf_ecb.c -SRCS+= bf_enc.c -SRCS+= bf_ofb64.c -SRCS+= bf_skey.c +SRCS+= blowfish.c # bio/ SRCS+= b_dump.c diff --git a/lib/libcrypto/bf/bf_cfb64.c b/lib/libcrypto/bf/bf_cfb64.c deleted file mode 100644 index 87dccae2639..00000000000 --- a/lib/libcrypto/bf/bf_cfb64.c +++ /dev/null @@ -1,124 +0,0 @@ -/* $OpenBSD: bf_cfb64.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include "bf_local.h" - -/* - * The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void -BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt) -{ - BF_LONG v0, v1, t; - int n= *num; - long l = length; - BF_LONG ti[2]; - unsigned char *iv, c, cc; - - iv = (unsigned char *)ivec; - if (encrypt) { - while (l--) { - if (n == 0) { - n2l(iv, v0); - ti[0] = v0; - n2l(iv, v1); - ti[1] = v1; - BF_encrypt((BF_LONG *)ti, schedule); - iv = (unsigned char *)ivec; - t = ti[0]; - l2n(t, iv); - t = ti[1]; - l2n(t, iv); - iv = (unsigned char *)ivec; - } - c= *(in++)^iv[n]; - *(out++) = c; - iv[n] = c; - n = (n + 1)&0x07; - } - } else { - while (l--) { - if (n == 0) { - n2l(iv, v0); - ti[0] = v0; - n2l(iv, v1); - ti[1] = v1; - BF_encrypt((BF_LONG *)ti, schedule); - iv = (unsigned char *)ivec; - t = ti[0]; - l2n(t, iv); - t = ti[1]; - l2n(t, iv); - iv = (unsigned char *)ivec; - } - cc= *(in++); - c = iv[n]; - iv[n] = cc; - *(out++) = c^cc; - n = (n + 1)&0x07; - } - } - v0 = v1 = ti[0] = ti[1] = t=c = cc = 0; - *num = n; -} diff --git a/lib/libcrypto/bf/bf_ecb.c b/lib/libcrypto/bf/bf_ecb.c deleted file mode 100644 index eda6f193b37..00000000000 --- a/lib/libcrypto/bf/bf_ecb.c +++ /dev/null @@ -1,89 +0,0 @@ -/* $OpenBSD: bf_ecb.c,v 1.10 2023/07/28 10:35:14 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include "bf_local.h" - -/* - * Blowfish as implemented from 'Blowfish: Springer-Verlag paper' - * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, - * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) - */ - -void -BF_ecb_encrypt(const unsigned char *in, unsigned char *out, - const BF_KEY *key, int encrypt) -{ - BF_LONG l, d[2]; - - n2l(in, l); - d[0] = l; - n2l(in, l); - d[1] = l; - if (encrypt) - BF_encrypt(d, key); - else - BF_decrypt(d, key); - l = d[0]; - l2n(l, out); - l = d[1]; - l2n(l, out); - l = d[0] = d[1] = 0; -} diff --git a/lib/libcrypto/bf/bf_enc.c b/lib/libcrypto/bf/bf_enc.c deleted file mode 100644 index bbefe7d526c..00000000000 --- a/lib/libcrypto/bf/bf_enc.c +++ /dev/null @@ -1,304 +0,0 @@ -/* $OpenBSD: bf_enc.c,v 1.9 2022/11/26 16:08:51 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include "bf_local.h" - -/* - * Blowfish as implemented from 'Blowfish: Springer-Verlag paper' - * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, - * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) - */ - -#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20) -#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \ -to modify the code. -#endif - -void -BF_encrypt(BF_LONG *data, const BF_KEY *key) -{ -#ifndef BF_PTR2 - BF_LONG l, r; - const BF_LONG *p, *s; - - p = key->P; - s = &(key->S[0]); - l = data[0]; - r = data[1]; - - l ^= p[0]; - BF_ENC(r, l,s, p[1]); - BF_ENC(l, r,s, p[2]); - BF_ENC(r, l,s, p[3]); - BF_ENC(l, r,s, p[4]); - BF_ENC(r, l,s, p[5]); - BF_ENC(l, r,s, p[6]); - BF_ENC(r, l,s, p[7]); - BF_ENC(l, r,s, p[8]); - BF_ENC(r, l,s, p[9]); - BF_ENC(l, r,s, p[10]); - BF_ENC(r, l,s, p[11]); - BF_ENC(l, r,s, p[12]); - BF_ENC(r, l,s, p[13]); - BF_ENC(l, r,s, p[14]); - BF_ENC(r, l,s, p[15]); - BF_ENC(l, r,s, p[16]); -#if BF_ROUNDS == 20 - BF_ENC(r, l,s, p[17]); - BF_ENC(l, r,s, p[18]); - BF_ENC(r, l,s, p[19]); - BF_ENC(l, r,s, p[20]); -#endif - r ^= p[BF_ROUNDS + 1]; - - data[1] = l&0xffffffffL; - data[0] = r&0xffffffffL; -#else - BF_LONG l, r,t, *k; - - l = data[0]; - r = data[1]; - k = (BF_LONG*)key; - - l ^= k[0]; - BF_ENC(r, l, k, 1); - BF_ENC(l, r, k, 2); - BF_ENC(r, l, k, 3); - BF_ENC(l, r, k, 4); - BF_ENC(r, l, k, 5); - BF_ENC(l, r, k, 6); - BF_ENC(r, l, k, 7); - BF_ENC(l, r, k, 8); - BF_ENC(r, l, k, 9); - BF_ENC(l, r,k, 10); - BF_ENC(r, l,k, 11); - BF_ENC(l, r,k, 12); - BF_ENC(r, l,k, 13); - BF_ENC(l, r,k, 14); - BF_ENC(r, l,k, 15); - BF_ENC(l, r,k, 16); -#if BF_ROUNDS == 20 - BF_ENC(r, l,k, 17); - BF_ENC(l, r,k, 18); - BF_ENC(r, l,k, 19); - BF_ENC(l, r,k, 20); -#endif - r ^= k[BF_ROUNDS + 1]; - - data[1] = l&0xffffffffL; - data[0] = r&0xffffffffL; -#endif -} - -#ifndef BF_DEFAULT_OPTIONS - -void -BF_decrypt(BF_LONG *data, const BF_KEY *key) -{ -#ifndef BF_PTR2 - BF_LONG l, r; - const BF_LONG *p, *s; - - p = key->P; - s = &(key->S[0]); - l = data[0]; - r = data[1]; - - l ^= p[BF_ROUNDS + 1]; -#if BF_ROUNDS == 20 - BF_ENC(r, l,s, p[20]); - BF_ENC(l, r,s, p[19]); - BF_ENC(r, l,s, p[18]); - BF_ENC(l, r,s, p[17]); -#endif - BF_ENC(r, l,s, p[16]); - BF_ENC(l, r,s, p[15]); - BF_ENC(r, l,s, p[14]); - BF_ENC(l, r,s, p[13]); - BF_ENC(r, l,s, p[12]); - BF_ENC(l, r,s, p[11]); - BF_ENC(r, l,s, p[10]); - BF_ENC(l, r,s, p[9]); - BF_ENC(r, l,s, p[8]); - BF_ENC(l, r,s, p[7]); - BF_ENC(r, l,s, p[6]); - BF_ENC(l, r,s, p[5]); - BF_ENC(r, l,s, p[4]); - BF_ENC(l, r,s, p[3]); - BF_ENC(r, l,s, p[2]); - BF_ENC(l, r,s, p[1]); - r ^= p[0]; - - data[1] = l&0xffffffffL; - data[0] = r&0xffffffffL; -#else - BF_LONG l, r,t, *k; - - l = data[0]; - r = data[1]; - k = (BF_LONG *)key; - - l ^= k[BF_ROUNDS + 1]; -#if BF_ROUNDS == 20 - BF_ENC(r, l,k, 20); - BF_ENC(l, r,k, 19); - BF_ENC(r, l,k, 18); - BF_ENC(l, r,k, 17); -#endif - BF_ENC(r, l,k, 16); - BF_ENC(l, r,k, 15); - BF_ENC(r, l,k, 14); - BF_ENC(l, r,k, 13); - BF_ENC(r, l,k, 12); - BF_ENC(l, r,k, 11); - BF_ENC(r, l,k, 10); - BF_ENC(l, r, k, 9); - BF_ENC(r, l, k, 8); - BF_ENC(l, r, k, 7); - BF_ENC(r, l, k, 6); - BF_ENC(l, r, k, 5); - BF_ENC(r, l, k, 4); - BF_ENC(l, r, k, 3); - BF_ENC(r, l, k, 2); - BF_ENC(l, r, k, 1); - r ^= k[0]; - - data[1] = l&0xffffffffL; - data[0] = r&0xffffffffL; -#endif -} - -void -BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int encrypt) -{ - BF_LONG tin0, tin1; - BF_LONG tout0, tout1, xor0, xor1; - long l = length; - BF_LONG tin[2]; - - if (encrypt) { - n2l(ivec, tout0); - n2l(ivec, tout1); - ivec -= 8; - for (l -= 8; l >= 0; l -= 8) { - n2l(in, tin0); - n2l(in, tin1); - tin0 ^= tout0; - tin1 ^= tout1; - tin[0] = tin0; - tin[1] = tin1; - BF_encrypt(tin, schedule); - tout0 = tin[0]; - tout1 = tin[1]; - l2n(tout0, out); - l2n(tout1, out); - } - if (l != -8) { - n2ln(in, tin0, tin1, l + 8); - tin0 ^= tout0; - tin1 ^= tout1; - tin[0] = tin0; - tin[1] = tin1; - BF_encrypt(tin, schedule); - tout0 = tin[0]; - tout1 = tin[1]; - l2n(tout0, out); - l2n(tout1, out); - } - l2n(tout0, ivec); - l2n(tout1, ivec); - } else { - n2l(ivec, xor0); - n2l(ivec, xor1); - ivec -= 8; - for (l -= 8; l >= 0; l -= 8) { - n2l(in, tin0); - n2l(in, tin1); - tin[0] = tin0; - tin[1] = tin1; - BF_decrypt(tin, schedule); - tout0 = tin[0]^xor0; - tout1 = tin[1]^xor1; - l2n(tout0, out); - l2n(tout1, out); - xor0 = tin0; - xor1 = tin1; - } - if (l != -8) { - n2l(in, tin0); - n2l(in, tin1); - tin[0] = tin0; - tin[1] = tin1; - BF_decrypt(tin, schedule); - tout0 = tin[0]^xor0; - tout1 = tin[1]^xor1; - l2nn(tout0, tout1, out, l + 8); - xor0 = tin0; - xor1 = tin1; - } - l2n(xor0, ivec); - l2n(xor1, ivec); - } - tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; - tin[0] = tin[1] = 0; -} - -#endif diff --git a/lib/libcrypto/bf/bf_ofb64.c b/lib/libcrypto/bf/bf_ofb64.c deleted file mode 100644 index 8fe24782634..00000000000 --- a/lib/libcrypto/bf/bf_ofb64.c +++ /dev/null @@ -1,111 +0,0 @@ -/* $OpenBSD: bf_ofb64.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include "bf_local.h" - -/* - * The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void -BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num) -{ - BF_LONG v0, v1, t; - int n= *num; - long l = length; - unsigned char d[8]; - char *dp; - BF_LONG ti[2]; - unsigned char *iv; - int save = 0; - - iv = (unsigned char *)ivec; - n2l(iv, v0); - n2l(iv, v1); - ti[0] = v0; - ti[1] = v1; - dp = (char *)d; - l2n(v0, dp); - l2n(v1, dp); - while (l--) { - if (n == 0) { - BF_encrypt((BF_LONG *)ti, schedule); - dp = (char *)d; - t = ti[0]; - l2n(t, dp); - t = ti[1]; - l2n(t, dp); - save++; - } - *(out++)= *(in++)^d[n]; - n = (n + 1)&0x07; - } - if (save) { - v0 = ti[0]; - v1 = ti[1]; - iv = (unsigned char *)ivec; - l2n(v0, iv); - l2n(v1, iv); - } - t = v0 = v1 = ti[0] = ti[1] = 0; - *num = n; -} diff --git a/lib/libcrypto/bf/bf_skey.c b/lib/libcrypto/bf/blowfish.c similarity index 71% rename from lib/libcrypto/bf/bf_skey.c rename to lib/libcrypto/bf/blowfish.c index cc31034f182..4fa8a563f16 100644 --- a/lib/libcrypto/bf/bf_skey.c +++ b/lib/libcrypto/bf/blowfish.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bf_skey.c,v 1.17 2022/11/26 16:08:51 tb Exp $ */ +/* $OpenBSD: blowfish.c,v 1.1 2024/03/27 11:24:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -56,14 +56,23 @@ * [including the GNU Public Licence.] */ -#include -#include - -#include #include +#include + #include "bf_local.h" +/* + * Blowfish as implemented from 'Blowfish: Springer-Verlag paper' + * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, + * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) + */ + +#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20) +#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \ +to modify the code. +#endif + static const BF_KEY bf_init = { .P = { 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L, @@ -332,6 +341,370 @@ static const BF_KEY bf_init = { } }; +void +BF_encrypt(BF_LONG *data, const BF_KEY *key) +{ +#ifndef BF_PTR2 + BF_LONG l, r; + const BF_LONG *p, *s; + + p = key->P; + s = &(key->S[0]); + l = data[0]; + r = data[1]; + + l ^= p[0]; + BF_ENC(r, l,s, p[1]); + BF_ENC(l, r,s, p[2]); + BF_ENC(r, l,s, p[3]); + BF_ENC(l, r,s, p[4]); + BF_ENC(r, l,s, p[5]); + BF_ENC(l, r,s, p[6]); + BF_ENC(r, l,s, p[7]); + BF_ENC(l, r,s, p[8]); + BF_ENC(r, l,s, p[9]); + BF_ENC(l, r,s, p[10]); + BF_ENC(r, l,s, p[11]); + BF_ENC(l, r,s, p[12]); + BF_ENC(r, l,s, p[13]); + BF_ENC(l, r,s, p[14]); + BF_ENC(r, l,s, p[15]); + BF_ENC(l, r,s, p[16]); +#if BF_ROUNDS == 20 + BF_ENC(r, l,s, p[17]); + BF_ENC(l, r,s, p[18]); + BF_ENC(r, l,s, p[19]); + BF_ENC(l, r,s, p[20]); +#endif + r ^= p[BF_ROUNDS + 1]; + + data[1] = l&0xffffffffL; + data[0] = r&0xffffffffL; +#else + BF_LONG l, r,t, *k; + + l = data[0]; + r = data[1]; + k = (BF_LONG*)key; + + l ^= k[0]; + BF_ENC(r, l, k, 1); + BF_ENC(l, r, k, 2); + BF_ENC(r, l, k, 3); + BF_ENC(l, r, k, 4); + BF_ENC(r, l, k, 5); + BF_ENC(l, r, k, 6); + BF_ENC(r, l, k, 7); + BF_ENC(l, r, k, 8); + BF_ENC(r, l, k, 9); + BF_ENC(l, r,k, 10); + BF_ENC(r, l,k, 11); + BF_ENC(l, r,k, 12); + BF_ENC(r, l,k, 13); + BF_ENC(l, r,k, 14); + BF_ENC(r, l,k, 15); + BF_ENC(l, r,k, 16); +#if BF_ROUNDS == 20 + BF_ENC(r, l,k, 17); + BF_ENC(l, r,k, 18); + BF_ENC(r, l,k, 19); + BF_ENC(l, r,k, 20); +#endif + r ^= k[BF_ROUNDS + 1]; + + data[1] = l&0xffffffffL; + data[0] = r&0xffffffffL; +#endif +} + +#ifndef BF_DEFAULT_OPTIONS + +void +BF_decrypt(BF_LONG *data, const BF_KEY *key) +{ +#ifndef BF_PTR2 + BF_LONG l, r; + const BF_LONG *p, *s; + + p = key->P; + s = &(key->S[0]); + l = data[0]; + r = data[1]; + + l ^= p[BF_ROUNDS + 1]; +#if BF_ROUNDS == 20 + BF_ENC(r, l,s, p[20]); + BF_ENC(l, r,s, p[19]); + BF_ENC(r, l,s, p[18]); + BF_ENC(l, r,s, p[17]); +#endif + BF_ENC(r, l,s, p[16]); + BF_ENC(l, r,s, p[15]); + BF_ENC(r, l,s, p[14]); + BF_ENC(l, r,s, p[13]); + BF_ENC(r, l,s, p[12]); + BF_ENC(l, r,s, p[11]); + BF_ENC(r, l,s, p[10]); + BF_ENC(l, r,s, p[9]); + BF_ENC(r, l,s, p[8]); + BF_ENC(l, r,s, p[7]); + BF_ENC(r, l,s, p[6]); + BF_ENC(l, r,s, p[5]); + BF_ENC(r, l,s, p[4]); + BF_ENC(l, r,s, p[3]); + BF_ENC(r, l,s, p[2]); + BF_ENC(l, r,s, p[1]); + r ^= p[0]; + + data[1] = l&0xffffffffL; + data[0] = r&0xffffffffL; +#else + BF_LONG l, r,t, *k; + + l = data[0]; + r = data[1]; + k = (BF_LONG *)key; + + l ^= k[BF_ROUNDS + 1]; +#if BF_ROUNDS == 20 + BF_ENC(r, l,k, 20); + BF_ENC(l, r,k, 19); + BF_ENC(r, l,k, 18); + BF_ENC(l, r,k, 17); +#endif + BF_ENC(r, l,k, 16); + BF_ENC(l, r,k, 15); + BF_ENC(r, l,k, 14); + BF_ENC(l, r,k, 13); + BF_ENC(r, l,k, 12); + BF_ENC(l, r,k, 11); + BF_ENC(r, l,k, 10); + BF_ENC(l, r, k, 9); + BF_ENC(r, l, k, 8); + BF_ENC(l, r, k, 7); + BF_ENC(r, l, k, 6); + BF_ENC(l, r, k, 5); + BF_ENC(r, l, k, 4); + BF_ENC(l, r, k, 3); + BF_ENC(r, l, k, 2); + BF_ENC(l, r, k, 1); + r ^= k[0]; + + data[1] = l&0xffffffffL; + data[0] = r&0xffffffffL; +#endif +} + +void +BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, + const BF_KEY *schedule, unsigned char *ivec, int encrypt) +{ + BF_LONG tin0, tin1; + BF_LONG tout0, tout1, xor0, xor1; + long l = length; + BF_LONG tin[2]; + + if (encrypt) { + n2l(ivec, tout0); + n2l(ivec, tout1); + ivec -= 8; + for (l -= 8; l >= 0; l -= 8) { + n2l(in, tin0); + n2l(in, tin1); + tin0 ^= tout0; + tin1 ^= tout1; + tin[0] = tin0; + tin[1] = tin1; + BF_encrypt(tin, schedule); + tout0 = tin[0]; + tout1 = tin[1]; + l2n(tout0, out); + l2n(tout1, out); + } + if (l != -8) { + n2ln(in, tin0, tin1, l + 8); + tin0 ^= tout0; + tin1 ^= tout1; + tin[0] = tin0; + tin[1] = tin1; + BF_encrypt(tin, schedule); + tout0 = tin[0]; + tout1 = tin[1]; + l2n(tout0, out); + l2n(tout1, out); + } + l2n(tout0, ivec); + l2n(tout1, ivec); + } else { + n2l(ivec, xor0); + n2l(ivec, xor1); + ivec -= 8; + for (l -= 8; l >= 0; l -= 8) { + n2l(in, tin0); + n2l(in, tin1); + tin[0] = tin0; + tin[1] = tin1; + BF_decrypt(tin, schedule); + tout0 = tin[0]^xor0; + tout1 = tin[1]^xor1; + l2n(tout0, out); + l2n(tout1, out); + xor0 = tin0; + xor1 = tin1; + } + if (l != -8) { + n2l(in, tin0); + n2l(in, tin1); + tin[0] = tin0; + tin[1] = tin1; + BF_decrypt(tin, schedule); + tout0 = tin[0]^xor0; + tout1 = tin[1]^xor1; + l2nn(tout0, tout1, out, l + 8); + xor0 = tin0; + xor1 = tin1; + } + l2n(xor0, ivec); + l2n(xor1, ivec); + } + tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; + tin[0] = tin[1] = 0; +} + +/* + * The input and output encrypted as though 64bit cfb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ + +void +BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, + const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt) +{ + BF_LONG v0, v1, t; + int n= *num; + long l = length; + BF_LONG ti[2]; + unsigned char *iv, c, cc; + + iv = (unsigned char *)ivec; + if (encrypt) { + while (l--) { + if (n == 0) { + n2l(iv, v0); + ti[0] = v0; + n2l(iv, v1); + ti[1] = v1; + BF_encrypt((BF_LONG *)ti, schedule); + iv = (unsigned char *)ivec; + t = ti[0]; + l2n(t, iv); + t = ti[1]; + l2n(t, iv); + iv = (unsigned char *)ivec; + } + c= *(in++)^iv[n]; + *(out++) = c; + iv[n] = c; + n = (n + 1)&0x07; + } + } else { + while (l--) { + if (n == 0) { + n2l(iv, v0); + ti[0] = v0; + n2l(iv, v1); + ti[1] = v1; + BF_encrypt((BF_LONG *)ti, schedule); + iv = (unsigned char *)ivec; + t = ti[0]; + l2n(t, iv); + t = ti[1]; + l2n(t, iv); + iv = (unsigned char *)ivec; + } + cc= *(in++); + c = iv[n]; + iv[n] = cc; + *(out++) = c^cc; + n = (n + 1)&0x07; + } + } + v0 = v1 = ti[0] = ti[1] = t=c = cc = 0; + *num = n; +} + +void +BF_ecb_encrypt(const unsigned char *in, unsigned char *out, + const BF_KEY *key, int encrypt) +{ + BF_LONG l, d[2]; + + n2l(in, l); + d[0] = l; + n2l(in, l); + d[1] = l; + if (encrypt) + BF_encrypt(d, key); + else + BF_decrypt(d, key); + l = d[0]; + l2n(l, out); + l = d[1]; + l2n(l, out); + l = d[0] = d[1] = 0; +} + +/* + * The input and output encrypted as though 64bit ofb mode is being + * used. The extra state information to record how much of the + * 64bit block we have used is contained in *num; + */ +void +BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, + const BF_KEY *schedule, unsigned char *ivec, int *num) +{ + BF_LONG v0, v1, t; + int n= *num; + long l = length; + unsigned char d[8]; + char *dp; + BF_LONG ti[2]; + unsigned char *iv; + int save = 0; + + iv = (unsigned char *)ivec; + n2l(iv, v0); + n2l(iv, v1); + ti[0] = v0; + ti[1] = v1; + dp = (char *)d; + l2n(v0, dp); + l2n(v1, dp); + while (l--) { + if (n == 0) { + BF_encrypt((BF_LONG *)ti, schedule); + dp = (char *)d; + t = ti[0]; + l2n(t, dp); + t = ti[1]; + l2n(t, dp); + save++; + } + *(out++)= *(in++)^d[n]; + n = (n + 1)&0x07; + } + if (save) { + v0 = ti[0]; + v1 = ti[1]; + iv = (unsigned char *)ivec; + l2n(v0, iv); + l2n(v1, iv); + } + t = v0 = v1 = ti[0] = ti[1] = 0; + *num = n; +} + void BF_set_key(BF_KEY *key, int len, const unsigned char *data) { @@ -385,3 +758,4 @@ BF_set_key(BF_KEY *key, int len, const unsigned char *data) p[i + 1] = in[1]; } } +#endif -- 2.20.1