├── .github └── workflows │ └── libbcrypt.yml ├── include └── bcrypt.h ├── CMakeLists.txt ├── .gitignore ├── test └── main.cpp ├── src ├── openbsd.h ├── node_blf.h ├── bcrypt.cpp └── blowfish.cpp ├── README.md └── LICENSE /.github/workflows/libbcrypt.yml: -------------------------------------------------------------------------------- 1 | name: libbcrypt 2 | 3 | on: [push, pull_request] 4 | 5 | jobs: 6 | build: 7 | runs-on: ubuntu-latest 8 | steps: 9 | - uses: actions/checkout@v1 10 | - name: make 11 | run: make 12 | - name: make test 13 | run: make test 14 | -------------------------------------------------------------------------------- /include/bcrypt.h: -------------------------------------------------------------------------------- 1 | #ifndef BCRYPT_H 2 | #define BCRYPT_H 3 | 4 | #include 5 | 6 | namespace bcrypt { 7 | 8 | std::string generateHash(const std::string & password , unsigned rounds = 10 ); 9 | 10 | bool validatePassword(const std::string & password, const std::string & hash); 11 | 12 | } 13 | 14 | #endif // BCRYPT_H 15 | -------------------------------------------------------------------------------- /CMakeLists.txt: -------------------------------------------------------------------------------- 1 | cmake_minimum_required(VERSION 3.2) 2 | 3 | option(BUILD_TESTS "Build test programs" OFF) 4 | 5 | project(bcrypt) 6 | 7 | set(CMAKE_CXX_STANDARD 11) 8 | 9 | add_library(bcrypt src/bcrypt.cpp src/blowfish.cpp) 10 | target_include_directories(bcrypt PRIVATE src/) 11 | target_include_directories(bcrypt PUBLIC include/) 12 | 13 | if(BUILD_TESTS) 14 | add_executable(test test/main.cpp) 15 | target_link_libraries(test PRIVATE bcrypt) 16 | endif() 17 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Prerequisites 2 | *.d 3 | 4 | # Compiled Object files 5 | *.slo 6 | *.lo 7 | *.o 8 | *.obj 9 | 10 | # Precompiled Headers 11 | *.gch 12 | *.pch 13 | 14 | # Compiled Dynamic libraries 15 | *.so 16 | *.dylib 17 | *.dll 18 | 19 | # Fortran module files 20 | *.mod 21 | *.smod 22 | 23 | # Compiled Static libraries 24 | *.lai 25 | *.la 26 | *.a 27 | *.lib 28 | 29 | # Executables 30 | *.exe 31 | *.out 32 | *.app 33 | bin 34 | obj 35 | 36 | # IDE Files 37 | *.layout 38 | *.vscode 39 | 40 | build/ 41 | .cache/ 42 | 43 | -------------------------------------------------------------------------------- /test/main.cpp: -------------------------------------------------------------------------------- 1 | #include "bcrypt.h" 2 | #include 3 | #include 4 | 5 | 6 | int main() 7 | { 8 | 9 | std::string password = "top_secret"; 10 | 11 | std::string hash = bcrypt::generateHash(password); 12 | std::cout << "Hash: " << hash << std::endl; 13 | 14 | hash=bcrypt::generateHash(password); 15 | std::cout << "Hash: " << hash << std::endl; 16 | 17 | std::cout << "\"" << password << "\" : " << bcrypt::validatePassword(password,hash) << std::endl; 18 | std::cout << "\"wrong\" : " << bcrypt::validatePassword("wrong",hash) << std::endl; 19 | 20 | return 0; 21 | } 22 | -------------------------------------------------------------------------------- /src/openbsd.h: -------------------------------------------------------------------------------- 1 | #ifndef ARC4RANDOM_H_INCLUDED 2 | #define ARC4RANDOM_H_INCLUDED 3 | 4 | #include /* srand, rand */ 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include 11 | 12 | inline 13 | void arc4random_buf(void *buf, size_t nbytes) 14 | { 15 | for( size_t n = 0; n < nbytes; ++ n) 16 | ((char*)(buf))[n] = rand() %256; 17 | } 18 | 19 | inline 20 | void arc4random_init(void) 21 | { 22 | struct timeval tv; 23 | gettimeofday(&tv, 0); 24 | // this is not very good, but we lack a portable non-blocking API 25 | srand( ((unsigned int) tv.tv_usec) ^ (unsigned int)getpid()); 26 | } 27 | 28 | 29 | #endif // ARC4RANDOM_H_INCLUDED 30 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Bcrypt.cpp 2 | A C++ wrapper around [bcrypt](https://en.wikipedia.org/wiki/Bcrypt) (origin: Open BSD) password hashing 3 | 4 | 5 | ## How to use 6 | 7 | Here an example how to use this wrapper class 8 | 9 | ```cpp 10 | #include "bcrypt.h" 11 | #include 12 | #include 13 | 14 | 15 | int main() 16 | { 17 | 18 | std::string password = "top_secret"; 19 | 20 | std::string hash = bcrypt::generateHash(password); 21 | 22 | std::cout << "Hash: " << hash << std::endl; 23 | 24 | std::cout << "\"" << password << "\" : " << bcrypt::validatePassword(password,hash) << std::endl; 25 | std::cout << "\"wrong\" : " << bcrypt::validatePassword("wrong",hash) << std::endl; 26 | 27 | return 0; 28 | } 29 | 30 | ``` 31 | 32 | output: 33 | 34 | ``` 35 | Hash: $2b$10$9ngimRxnytdaWoCd4NKPneEb/9dW24/B830XpS8TbExVeGKbukYbG 36 | "top_secret" : 1 37 | "wrong" : 0 38 | ``` 39 | 40 | You can check the hash online at [https://bcrypt-generator.com](https://bcrypt-generator.com/) 41 | 42 | Former version used Open BSD as origin. Since the hash output was not fully compatible to common web services 43 | we now use source from [node.bcrypt](https://github.com/kelektiv/node.bcrypt.js). 44 | 45 | But also the web services might differ each other, so just use the hashes generated by this library internally 46 | in your application. 47 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | BSD 4-Clause License 2 | 3 | Copyright (c) 2019, Christoph Hilchenbach 4 | All rights reserved. 5 | 6 | Redistribution and use in source and binary forms, with or without 7 | modification, are permitted provided that the following conditions 8 | are met: 9 | 1. Redistributions of source code must retain the above copyright 10 | notice, this list of conditions and the following disclaimer. 11 | 2. Redistributions in binary form must reproduce the above copyright 12 | notice, this list of conditions and the following disclaimer in the 13 | documentation and/or other materials provided with the distribution. 14 | 3. All advertising materials mentioning features or use of this software 15 | must display the following acknowledgement: 16 | This product includes software developed by Niels Provos. 17 | 4. The name of the author may not be used to endorse or promote products 18 | derived from this software without specific prior written permission. 19 | 20 | THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 21 | IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 22 | OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 23 | IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 25 | NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 29 | THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | -------------------------------------------------------------------------------- /src/node_blf.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: blf.h,v 1.7 2007/03/14 17:59:41 grunk Exp $ */ 2 | /* 3 | * Blowfish - a fast block cipher designed by Bruce Schneier 4 | * 5 | * Copyright 1997 Niels Provos 6 | * All rights reserved. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in the 15 | * documentation and/or other materials provided with the distribution. 16 | * 3. All advertising materials mentioning features or use of this software 17 | * must display the following acknowledgement: 18 | * This product includes software developed by Niels Provos. 19 | * 4. The name of the author may not be used to endorse or promote products 20 | * derived from this software without specific prior written permission. 21 | * 22 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 23 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 26 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | */ 33 | 34 | #ifndef _NODE_BLF_H_ 35 | #define _NODE_BLF_H_ 36 | 37 | #include 38 | 39 | /* Solaris compatibility */ 40 | #ifdef __sun 41 | #define u_int8_t uint8_t 42 | #define u_int16_t uint16_t 43 | #define u_int32_t uint32_t 44 | #define u_int64_t uint64_t 45 | #endif 46 | 47 | #ifdef _WIN32 48 | #define u_int8_t unsigned __int8 49 | #define u_int16_t unsigned __int16 50 | #define u_int32_t unsigned __int32 51 | #define u_int64_t unsigned __int64 52 | #endif 53 | 54 | /* Windows ssize_t compatibility */ 55 | #if defined(_WIN32) || defined(_WIN64) 56 | # if defined(_WIN64) 57 | typedef __int64 LONG_PTR; 58 | # else 59 | typedef long LONG_PTR; 60 | # endif 61 | typedef LONG_PTR SSIZE_T; 62 | typedef SSIZE_T ssize_t; 63 | #endif 64 | 65 | /* z/OS compatibility */ 66 | #ifdef __MVS__ 67 | typedef unsigned char u_int8_t; 68 | typedef unsigned short u_int16_t; 69 | typedef unsigned int u_int32_t; 70 | typedef unsigned long long u_int64_t; 71 | #endif 72 | 73 | #define BCRYPT_VERSION '2' 74 | #define BCRYPT_MAXSALT 16 /* Precomputation is just so nice */ 75 | #define BCRYPT_BLOCKS 6 /* Ciphertext blocks */ 76 | #define BCRYPT_MINROUNDS 16 /* we have log2(rounds) in salt */ 77 | 78 | /* Schneier specifies a maximum key length of 56 bytes. 79 | * This ensures that every key bit affects every cipher 80 | * bit. However, the subkeys can hold up to 72 bytes. 81 | * Warning: For normal blowfish encryption only 56 bytes 82 | * of the key affect all cipherbits. 83 | */ 84 | 85 | #define BLF_N 16 /* Number of Subkeys */ 86 | #define BLF_MAXKEYLEN ((BLF_N-2)*4) /* 448 bits */ 87 | #define BLF_MAXUTILIZED ((BLF_N+2)*4) /* 576 bits */ 88 | 89 | #define _PASSWORD_LEN 128 /* max length, not counting NUL */ 90 | #define _SALT_LEN 32 /* max length */ 91 | 92 | /* Blowfish context */ 93 | typedef struct BlowfishContext { 94 | u_int32_t S[4][256]; /* S-Boxes */ 95 | u_int32_t P[BLF_N + 2]; /* Subkeys */ 96 | } blf_ctx; 97 | 98 | /* Raw access to customized Blowfish 99 | * blf_key is just: 100 | * Blowfish_initstate( state ) 101 | * Blowfish_expand0state( state, key, keylen ) 102 | */ 103 | 104 | void Blowfish_encipher(blf_ctx *, u_int32_t *, u_int32_t *); 105 | void Blowfish_decipher(blf_ctx *, u_int32_t *, u_int32_t *); 106 | void Blowfish_initstate(blf_ctx *); 107 | void Blowfish_expand0state(blf_ctx *, const u_int8_t *, u_int16_t); 108 | void Blowfish_expandstate 109 | (blf_ctx *, const u_int8_t *, u_int16_t, const u_int8_t *, u_int16_t); 110 | 111 | /* Standard Blowfish */ 112 | 113 | void blf_key(blf_ctx *, const u_int8_t *, u_int16_t); 114 | void blf_enc(blf_ctx *, u_int32_t *, u_int16_t); 115 | void blf_dec(blf_ctx *, u_int32_t *, u_int16_t); 116 | 117 | void blf_ecb_encrypt(blf_ctx *, u_int8_t *, u_int32_t); 118 | void blf_ecb_decrypt(blf_ctx *, u_int8_t *, u_int32_t); 119 | 120 | void blf_cbc_encrypt(blf_ctx *, u_int8_t *, u_int8_t *, u_int32_t); 121 | void blf_cbc_decrypt(blf_ctx *, u_int8_t *, u_int8_t *, u_int32_t); 122 | 123 | /* Converts u_int8_t to u_int32_t */ 124 | u_int32_t Blowfish_stream2word(const u_int8_t *, u_int16_t , u_int16_t *); 125 | 126 | /* bcrypt functions*/ 127 | void bcrypt_gensalt(char, u_int8_t, u_int8_t*, char *); 128 | void node_bcrypt(const char *, size_t key_len, const char *, char *); 129 | void encode_salt(char *, u_int8_t *, char, u_int16_t, u_int8_t); 130 | u_int32_t bcrypt_get_rounds(const char *); 131 | 132 | #endif -------------------------------------------------------------------------------- /src/bcrypt.cpp: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: bcrypt.c,v 1.31 2014/03/22 23:02:03 tedu Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 1997 Niels Provos 5 | * 6 | * Permission to use, copy, modify, and distribute this software for any 7 | * purpose with or without fee is hereby granted, provided that the above 8 | * copyright notice and this permission notice appear in all copies. 9 | * 10 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 | */ 18 | 19 | /* This password hashing algorithm was designed by David Mazieres 20 | * and works as follows: 21 | * 22 | * 1. state := InitState () 23 | * 2. state := ExpandKey (state, salt, password) 24 | * 3. REPEAT rounds: 25 | * state := ExpandKey (state, 0, password) 26 | * state := ExpandKey (state, 0, salt) 27 | * 4. ctext := "OrpheanBeholderScryDoubt" 28 | * 5. REPEAT 64: 29 | * ctext := Encrypt_ECB (state, ctext); 30 | * 6. RETURN Concatenate (salt, ctext); 31 | * 32 | */ 33 | 34 | #include 35 | #include 36 | #include 37 | #include 38 | #include 39 | 40 | #include "node_blf.h" 41 | 42 | #include "bcrypt.h" 43 | #include "openbsd.h" 44 | 45 | #ifdef _WIN32 46 | #define snprintf _snprintf 47 | #endif 48 | 49 | //#if !defined(__APPLE__) && !defined(__MACH__) 50 | //#include "bsd/stdlib.h" 51 | //#endif 52 | 53 | /* This implementation is adaptable to current computing power. 54 | * You can have up to 2^31 rounds which should be enough for some 55 | * time to come. 56 | */ 57 | 58 | static void encode_base64(u_int8_t *, u_int8_t *, u_int16_t); 59 | static void decode_base64(u_int8_t *, u_int16_t, u_int8_t *); 60 | 61 | const static char* error = ":"; 62 | 63 | const static u_int8_t Base64Code[] = 64 | "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; 65 | 66 | const static u_int8_t index_64[128] = { 67 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 68 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 69 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 70 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 71 | 255, 255, 255, 255, 255, 255, 0, 1, 54, 55, 72 | 56, 57, 58, 59, 60, 61, 62, 63, 255, 255, 73 | 255, 255, 255, 255, 255, 2, 3, 4, 5, 6, 74 | 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 75 | 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 76 | 255, 255, 255, 255, 255, 255, 28, 29, 30, 77 | 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 78 | 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 79 | 51, 52, 53, 255, 255, 255, 255, 255 80 | }; 81 | #define CHAR64(c) ( (c) > 127 ? 255 : index_64[(c)]) 82 | 83 | static void 84 | decode_base64(u_int8_t *buffer, u_int16_t len, u_int8_t *data) 85 | { 86 | u_int8_t *bp = buffer; 87 | u_int8_t *p = data; 88 | u_int8_t c1, c2, c3, c4; 89 | while (bp < buffer + len) { 90 | c1 = CHAR64(*p); 91 | c2 = CHAR64(*(p + 1)); 92 | 93 | /* Invalid data */ 94 | if (c1 == 255 || c2 == 255) 95 | break; 96 | 97 | *bp++ = (c1 << 2) | ((c2 & 0x30) >> 4); 98 | if (bp >= buffer + len) 99 | break; 100 | 101 | c3 = CHAR64(*(p + 2)); 102 | if (c3 == 255) 103 | break; 104 | 105 | *bp++ = ((c2 & 0x0f) << 4) | ((c3 & 0x3c) >> 2); 106 | if (bp >= buffer + len) 107 | break; 108 | 109 | c4 = CHAR64(*(p + 3)); 110 | if (c4 == 255) 111 | break; 112 | *bp++ = ((c3 & 0x03) << 6) | c4; 113 | 114 | p += 4; 115 | } 116 | } 117 | 118 | void 119 | encode_salt(char *salt, u_int8_t *csalt, char minor, u_int16_t clen, u_int8_t logr) 120 | { 121 | salt[0] = '$'; 122 | salt[1] = BCRYPT_VERSION; 123 | salt[2] = minor; 124 | salt[3] = '$'; 125 | 126 | // Max rounds are 31 127 | snprintf(salt + 4, 4, "%2.2u$", logr & 0x001F); 128 | 129 | encode_base64((u_int8_t *) salt + 7, csalt, clen); 130 | } 131 | 132 | 133 | /* Generates a salt for this version of crypt. 134 | Since versions may change. Keeping this here 135 | seems sensible. 136 | from: http://mail-index.netbsd.org/tech-crypto/2002/05/24/msg000204.html 137 | */ 138 | void 139 | bcrypt_gensalt(char minor, u_int8_t log_rounds, u_int8_t *seed, char *gsalt) 140 | { 141 | if (log_rounds < 4) 142 | log_rounds = 4; 143 | else if (log_rounds > 31) 144 | log_rounds = 31; 145 | 146 | encode_salt(gsalt, seed, minor, BCRYPT_MAXSALT, log_rounds); 147 | } 148 | 149 | /* We handle $Vers$log2(NumRounds)$salt+passwd$ 150 | i.e. $2$04$iwouldntknowwhattosayetKdJ6iFtacBqJdKe6aW7ou */ 151 | 152 | void 153 | node_bcrypt(const char *key, size_t key_len, const char *salt, char *encrypted) 154 | { 155 | blf_ctx state; 156 | u_int32_t rounds, i, k; 157 | u_int16_t j; 158 | u_int8_t salt_len, logr, minor; 159 | u_int8_t ciphertext[4 * BCRYPT_BLOCKS+1] = "OrpheanBeholderScryDoubt"; 160 | u_int8_t csalt[BCRYPT_MAXSALT]; 161 | u_int32_t cdata[BCRYPT_BLOCKS]; 162 | int n; 163 | 164 | /* Discard "$" identifier */ 165 | salt++; 166 | 167 | if (*salt > BCRYPT_VERSION) { 168 | /* How do I handle errors ? Return ':' */ 169 | strcpy(encrypted, error); 170 | return; 171 | } 172 | 173 | /* Check for minor versions */ 174 | if (salt[1] != '$') { 175 | switch (salt[1]) { 176 | case 'a': /* 'ab' should not yield the same as 'abab' */ 177 | case 'b': /* cap input length at 72 bytes */ 178 | minor = salt[1]; 179 | salt++; 180 | break; 181 | default: 182 | strcpy(encrypted, error); 183 | return; 184 | } 185 | } else 186 | minor = 0; 187 | 188 | /* Discard version + "$" identifier */ 189 | salt += 2; 190 | 191 | if (salt[2] != '$') { 192 | /* Out of sync with passwd entry */ 193 | strcpy(encrypted, error); 194 | return; 195 | } 196 | 197 | /* Computer power doesn't increase linear, 2^x should be fine */ 198 | n = atoi(salt); 199 | if (n > 31 || n < 0) { 200 | strcpy(encrypted, error); 201 | return; 202 | } 203 | logr = (u_int8_t)n; 204 | if ((rounds = (u_int32_t) 1 << logr) < BCRYPT_MINROUNDS) { 205 | strcpy(encrypted, error); 206 | return; 207 | } 208 | 209 | /* Discard num rounds + "$" identifier */ 210 | salt += 3; 211 | 212 | if (strlen(salt) * 3 / 4 < BCRYPT_MAXSALT) { 213 | strcpy(encrypted, error); 214 | return; 215 | } 216 | 217 | /* We dont want the base64 salt but the raw data */ 218 | decode_base64(csalt, BCRYPT_MAXSALT, (u_int8_t *) salt); 219 | salt_len = BCRYPT_MAXSALT; 220 | if (minor <= 'a') 221 | key_len = (u_int8_t)(key_len + (minor >= 'a' ? 1 : 0)); 222 | else 223 | { 224 | /* cap key_len at the actual maximum supported 225 | * length here to avoid integer wraparound */ 226 | if (key_len > 72) 227 | key_len = 72; 228 | key_len++; /* include the NUL */ 229 | } 230 | 231 | 232 | /* Setting up S-Boxes and Subkeys */ 233 | Blowfish_initstate(&state); 234 | Blowfish_expandstate(&state, csalt, salt_len, 235 | (u_int8_t *) key, key_len); 236 | for (k = 0; k < rounds; k++) { 237 | Blowfish_expand0state(&state, (u_int8_t *) key, key_len); 238 | Blowfish_expand0state(&state, csalt, salt_len); 239 | } 240 | 241 | /* This can be precomputed later */ 242 | j = 0; 243 | for (i = 0; i < BCRYPT_BLOCKS; i++) 244 | cdata[i] = Blowfish_stream2word(ciphertext, 4 * BCRYPT_BLOCKS, &j); 245 | 246 | /* Now do the encryption */ 247 | for (k = 0; k < 64; k++) 248 | blf_enc(&state, cdata, BCRYPT_BLOCKS / 2); 249 | 250 | for (i = 0; i < BCRYPT_BLOCKS; i++) { 251 | ciphertext[4 * i + 3] = cdata[i] & 0xff; 252 | cdata[i] = cdata[i] >> 8; 253 | ciphertext[4 * i + 2] = cdata[i] & 0xff; 254 | cdata[i] = cdata[i] >> 8; 255 | ciphertext[4 * i + 1] = cdata[i] & 0xff; 256 | cdata[i] = cdata[i] >> 8; 257 | ciphertext[4 * i + 0] = cdata[i] & 0xff; 258 | } 259 | 260 | i = 0; 261 | encrypted[i++] = '$'; 262 | encrypted[i++] = BCRYPT_VERSION; 263 | if (minor) 264 | encrypted[i++] = minor; 265 | encrypted[i++] = '$'; 266 | 267 | snprintf(encrypted + i, 4, "%2.2u$", logr & 0x001F); 268 | 269 | encode_base64((u_int8_t *) encrypted + i + 3, csalt, BCRYPT_MAXSALT); 270 | encode_base64((u_int8_t *) encrypted + strlen(encrypted), ciphertext, 271 | 4 * BCRYPT_BLOCKS - 1); 272 | memset(&state, 0, sizeof(state)); 273 | memset(ciphertext, 0, sizeof(ciphertext)); 274 | memset(csalt, 0, sizeof(csalt)); 275 | memset(cdata, 0, sizeof(cdata)); 276 | } 277 | 278 | u_int32_t bcrypt_get_rounds(const char * hash) 279 | { 280 | /* skip past the leading "$" */ 281 | if (!hash || *(hash++) != '$') return 0; 282 | 283 | /* skip past version */ 284 | if (0 == (*hash++)) return 0; 285 | if (*hash && *hash != '$') hash++; 286 | if (*hash++ != '$') return 0; 287 | 288 | return atoi(hash); 289 | } 290 | 291 | static void 292 | encode_base64(u_int8_t *buffer, u_int8_t *data, u_int16_t len) 293 | { 294 | u_int8_t *bp = buffer; 295 | u_int8_t *p = data; 296 | u_int8_t c1, c2; 297 | while (p < data + len) { 298 | c1 = *p++; 299 | *bp++ = Base64Code[(c1 >> 2)]; 300 | c1 = (c1 & 0x03) << 4; 301 | if (p >= data + len) { 302 | *bp++ = Base64Code[c1]; 303 | break; 304 | } 305 | c2 = *p++; 306 | c1 |= (c2 >> 4) & 0x0f; 307 | *bp++ = Base64Code[c1]; 308 | c1 = (c2 & 0x0f) << 2; 309 | if (p >= data + len) { 310 | *bp++ = Base64Code[c1]; 311 | break; 312 | } 313 | c2 = *p++; 314 | c1 |= (c2 >> 6) & 0x03; 315 | *bp++ = Base64Code[c1]; 316 | *bp++ = Base64Code[c2 & 0x3f]; 317 | } 318 | *bp = '\0'; 319 | } 320 | 321 | std::string bcrypt::generateHash(const std::string &password, unsigned int rounds) { 322 | char salt[_SALT_LEN]; 323 | 324 | unsigned char seed[17]{}; 325 | arc4random_init(); 326 | 327 | arc4random_buf(seed, 16); 328 | 329 | bcrypt_gensalt('b', rounds, seed, salt); 330 | 331 | std::string hash(61, '\0'); 332 | node_bcrypt(password.c_str(), password.size(), salt, &hash[0]); 333 | hash.resize(60); 334 | return hash; 335 | } 336 | 337 | bool bcrypt::validatePassword(const std::string &password, const std::string &hash) { 338 | std::string got(61, '\0'); 339 | node_bcrypt(password.c_str(), password.size(), hash.c_str(), &got[0]); 340 | got.resize(60); 341 | return hash == got; 342 | } 343 | -------------------------------------------------------------------------------- /src/blowfish.cpp: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: blowfish.c,v 1.18 2004/11/02 17:23:26 hshoexer Exp $ */ 2 | /* 3 | * Blowfish block cipher for OpenBSD 4 | * Copyright 1997 Niels Provos 5 | * All rights reserved. 6 | * 7 | * Implementation advice by David Mazieres . 8 | * 9 | * Redistribution and use in source and binary forms, with or without 10 | * modification, are permitted provided that the following conditions 11 | * are met: 12 | * 1. Redistributions of source code must retain the above copyright 13 | * notice, this list of conditions and the following disclaimer. 14 | * 2. Redistributions in binary form must reproduce the above copyright 15 | * notice, this list of conditions and the following disclaimer in the 16 | * documentation and/or other materials provided with the distribution. 17 | * 3. All advertising materials mentioning features or use of this software 18 | * must display the following acknowledgement: 19 | * This product includes software developed by Niels Provos. 20 | * 4. The name of the author may not be used to endorse or promote products 21 | * derived from this software without specific prior written permission. 22 | * 23 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 24 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 27 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 28 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 29 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 30 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 31 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 32 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 | */ 34 | 35 | /* 36 | * This code is derived from section 14.3 and the given source 37 | * in section V of Applied Cryptography, second edition. 38 | * Blowfish is an unpatented fast block cipher designed by 39 | * Bruce Schneier. 40 | */ 41 | 42 | #include "node_blf.h" 43 | 44 | #undef inline 45 | #ifdef __GNUC__ 46 | #define inline __inline 47 | #else /* !__GNUC__ */ 48 | #define inline 49 | #endif /* !__GNUC__ */ 50 | 51 | /* Function for Feistel Networks */ 52 | 53 | #define F(s, x) ((((s)[ (((x)>>24)&0xFF)] \ 54 | + (s)[0x100 + (((x)>>16)&0xFF)]) \ 55 | ^ (s)[0x200 + (((x)>> 8)&0xFF)]) \ 56 | + (s)[0x300 + ( (x) &0xFF)]) 57 | 58 | #define BLFRND(s,p,i,j,n) (i ^= F(s,j) ^ (p)[n]) 59 | 60 | void 61 | Blowfish_encipher(blf_ctx *c, u_int32_t *xl, u_int32_t *xr) 62 | { 63 | u_int32_t Xl; 64 | u_int32_t Xr; 65 | u_int32_t *s = c->S[0]; 66 | u_int32_t *p = c->P; 67 | 68 | Xl = *xl; 69 | Xr = *xr; 70 | 71 | Xl ^= p[0]; 72 | BLFRND(s, p, Xr, Xl, 1); BLFRND(s, p, Xl, Xr, 2); 73 | BLFRND(s, p, Xr, Xl, 3); BLFRND(s, p, Xl, Xr, 4); 74 | BLFRND(s, p, Xr, Xl, 5); BLFRND(s, p, Xl, Xr, 6); 75 | BLFRND(s, p, Xr, Xl, 7); BLFRND(s, p, Xl, Xr, 8); 76 | BLFRND(s, p, Xr, Xl, 9); BLFRND(s, p, Xl, Xr, 10); 77 | BLFRND(s, p, Xr, Xl, 11); BLFRND(s, p, Xl, Xr, 12); 78 | BLFRND(s, p, Xr, Xl, 13); BLFRND(s, p, Xl, Xr, 14); 79 | BLFRND(s, p, Xr, Xl, 15); BLFRND(s, p, Xl, Xr, 16); 80 | 81 | *xl = Xr ^ p[17]; 82 | *xr = Xl; 83 | } 84 | 85 | void 86 | Blowfish_decipher(blf_ctx *c, u_int32_t *xl, u_int32_t *xr) 87 | { 88 | u_int32_t Xl; 89 | u_int32_t Xr; 90 | u_int32_t *s = c->S[0]; 91 | u_int32_t *p = c->P; 92 | 93 | Xl = *xl; 94 | Xr = *xr; 95 | 96 | Xl ^= p[17]; 97 | BLFRND(s, p, Xr, Xl, 16); BLFRND(s, p, Xl, Xr, 15); 98 | BLFRND(s, p, Xr, Xl, 14); BLFRND(s, p, Xl, Xr, 13); 99 | BLFRND(s, p, Xr, Xl, 12); BLFRND(s, p, Xl, Xr, 11); 100 | BLFRND(s, p, Xr, Xl, 10); BLFRND(s, p, Xl, Xr, 9); 101 | BLFRND(s, p, Xr, Xl, 8); BLFRND(s, p, Xl, Xr, 7); 102 | BLFRND(s, p, Xr, Xl, 6); BLFRND(s, p, Xl, Xr, 5); 103 | BLFRND(s, p, Xr, Xl, 4); BLFRND(s, p, Xl, Xr, 3); 104 | BLFRND(s, p, Xr, Xl, 2); BLFRND(s, p, Xl, Xr, 1); 105 | 106 | *xl = Xr ^ p[0]; 107 | *xr = Xl; 108 | } 109 | 110 | void 111 | Blowfish_initstate(blf_ctx *c) 112 | { 113 | /* P-box and S-box tables initialized with digits of Pi */ 114 | 115 | static const blf_ctx initstate = 116 | { { 117 | { 118 | 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 119 | 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, 120 | 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16, 121 | 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, 122 | 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee, 123 | 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, 124 | 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, 125 | 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e, 126 | 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60, 127 | 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, 128 | 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce, 129 | 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a, 130 | 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, 131 | 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677, 132 | 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193, 133 | 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, 134 | 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88, 135 | 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239, 136 | 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, 137 | 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0, 138 | 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3, 139 | 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, 140 | 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88, 141 | 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe, 142 | 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, 143 | 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d, 144 | 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b, 145 | 0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, 146 | 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba, 147 | 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463, 148 | 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, 149 | 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09, 150 | 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3, 151 | 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, 152 | 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279, 153 | 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8, 154 | 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, 155 | 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82, 156 | 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db, 157 | 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, 158 | 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0, 159 | 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b, 160 | 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, 161 | 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8, 162 | 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4, 163 | 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, 164 | 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7, 165 | 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c, 166 | 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, 167 | 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1, 168 | 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299, 169 | 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, 170 | 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477, 171 | 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf, 172 | 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, 173 | 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, 174 | 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, 175 | 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5, 176 | 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, 177 | 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, 178 | 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, 179 | 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, 180 | 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, 181 | 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a}, 182 | { 183 | 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, 184 | 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, 185 | 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, 186 | 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, 187 | 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, 188 | 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, 189 | 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e, 190 | 0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1, 191 | 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737, 192 | 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, 193 | 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff, 194 | 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd, 195 | 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, 196 | 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7, 197 | 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41, 198 | 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, 199 | 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf, 200 | 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af, 201 | 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, 202 | 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87, 203 | 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c, 204 | 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, 205 | 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16, 206 | 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd, 207 | 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, 208 | 0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509, 209 | 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e, 210 | 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, 211 | 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f, 212 | 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a, 213 | 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, 214 | 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960, 215 | 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66, 216 | 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28, 217 | 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802, 218 | 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84, 219 | 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, 220 | 0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf, 221 | 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14, 222 | 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, 223 | 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50, 224 | 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7, 225 | 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, 226 | 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281, 227 | 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99, 228 | 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, 229 | 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128, 230 | 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73, 231 | 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, 232 | 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0, 233 | 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105, 234 | 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, 235 | 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3, 236 | 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285, 237 | 0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00, 238 | 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061, 239 | 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, 240 | 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, 241 | 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, 242 | 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, 243 | 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9, 244 | 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, 245 | 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, 246 | 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7}, 247 | { 248 | 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, 249 | 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, 250 | 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, 251 | 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, 252 | 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, 253 | 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504, 254 | 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, 255 | 0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb, 256 | 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee, 257 | 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, 258 | 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42, 259 | 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b, 260 | 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, 261 | 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb, 262 | 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527, 263 | 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, 264 | 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33, 265 | 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c, 266 | 0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3, 267 | 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc, 268 | 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17, 269 | 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, 270 | 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b, 271 | 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115, 272 | 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, 273 | 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728, 274 | 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0, 275 | 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, 276 | 0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37, 277 | 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d, 278 | 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, 279 | 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b, 280 | 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3, 281 | 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, 282 | 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d, 283 | 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c, 284 | 0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350, 285 | 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9, 286 | 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a, 287 | 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, 288 | 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d, 289 | 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc, 290 | 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, 291 | 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61, 292 | 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2, 293 | 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, 294 | 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2, 295 | 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c, 296 | 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, 297 | 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633, 298 | 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10, 299 | 0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169, 300 | 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52, 301 | 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027, 302 | 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, 303 | 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62, 304 | 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, 305 | 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, 306 | 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, 307 | 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, 308 | 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4, 309 | 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, 310 | 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, 311 | 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0}, 312 | { 313 | 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, 314 | 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, 315 | 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, 316 | 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, 317 | 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, 318 | 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, 319 | 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, 320 | 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22, 321 | 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4, 322 | 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, 323 | 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9, 324 | 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59, 325 | 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, 326 | 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51, 327 | 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28, 328 | 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, 329 | 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b, 330 | 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28, 331 | 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, 332 | 0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd, 333 | 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a, 334 | 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, 335 | 0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb, 336 | 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f, 337 | 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, 338 | 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32, 339 | 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680, 340 | 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166, 341 | 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae, 342 | 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb, 343 | 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, 344 | 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47, 345 | 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370, 346 | 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, 347 | 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84, 348 | 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048, 349 | 0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8, 350 | 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd, 351 | 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9, 352 | 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, 353 | 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38, 354 | 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f, 355 | 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, 356 | 0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525, 357 | 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1, 358 | 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, 359 | 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964, 360 | 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e, 361 | 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, 362 | 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d, 363 | 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f, 364 | 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, 365 | 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02, 366 | 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc, 367 | 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, 368 | 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, 369 | 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, 370 | 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, 371 | 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, 372 | 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, 373 | 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, 374 | 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9, 375 | 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, 376 | 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6} 377 | }, 378 | { 379 | 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 380 | 0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89, 381 | 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c, 382 | 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, 383 | 0x9216d5d9, 0x8979fb1b 384 | } }; 385 | 386 | *c = initstate; 387 | } 388 | 389 | u_int32_t 390 | Blowfish_stream2word(const u_int8_t *data, u_int16_t databytes, 391 | u_int16_t *current) 392 | { 393 | u_int8_t i; 394 | u_int16_t j; 395 | u_int32_t temp; 396 | 397 | temp = 0x00000000; 398 | j = *current; 399 | 400 | for (i = 0; i < 4; i++, j++) { 401 | if (j >= databytes) 402 | j = 0; 403 | temp = (temp << 8) | data[j]; 404 | } 405 | 406 | *current = j; 407 | return temp; 408 | } 409 | 410 | void 411 | Blowfish_expand0state(blf_ctx *c, const u_int8_t *key, u_int16_t keybytes) 412 | { 413 | u_int16_t i; 414 | u_int16_t j; 415 | u_int16_t k; 416 | u_int32_t temp; 417 | u_int32_t datal; 418 | u_int32_t datar; 419 | 420 | j = 0; 421 | for (i = 0; i < BLF_N + 2; i++) { 422 | /* Extract 4 int8 to 1 int32 from keystream */ 423 | temp = Blowfish_stream2word(key, keybytes, &j); 424 | c->P[i] = c->P[i] ^ temp; 425 | } 426 | 427 | j = 0; 428 | datal = 0x00000000; 429 | datar = 0x00000000; 430 | for (i = 0; i < BLF_N + 2; i += 2) { 431 | Blowfish_encipher(c, &datal, &datar); 432 | 433 | c->P[i] = datal; 434 | c->P[i + 1] = datar; 435 | } 436 | 437 | for (i = 0; i < 4; i++) { 438 | for (k = 0; k < 256; k += 2) { 439 | Blowfish_encipher(c, &datal, &datar); 440 | 441 | c->S[i][k] = datal; 442 | c->S[i][k + 1] = datar; 443 | } 444 | } 445 | } 446 | 447 | 448 | void 449 | Blowfish_expandstate(blf_ctx *c, const u_int8_t *data, u_int16_t databytes, 450 | const u_int8_t *key, u_int16_t keybytes) 451 | { 452 | u_int16_t i; 453 | u_int16_t j; 454 | u_int16_t k; 455 | u_int32_t temp; 456 | u_int32_t datal; 457 | u_int32_t datar; 458 | 459 | j = 0; 460 | for (i = 0; i < BLF_N + 2; i++) { 461 | /* Extract 4 int8 to 1 int32 from keystream */ 462 | temp = Blowfish_stream2word(key, keybytes, &j); 463 | c->P[i] = c->P[i] ^ temp; 464 | } 465 | 466 | j = 0; 467 | datal = 0x00000000; 468 | datar = 0x00000000; 469 | for (i = 0; i < BLF_N + 2; i += 2) { 470 | datal ^= Blowfish_stream2word(data, databytes, &j); 471 | datar ^= Blowfish_stream2word(data, databytes, &j); 472 | Blowfish_encipher(c, &datal, &datar); 473 | 474 | c->P[i] = datal; 475 | c->P[i + 1] = datar; 476 | } 477 | 478 | for (i = 0; i < 4; i++) { 479 | for (k = 0; k < 256; k += 2) { 480 | datal ^= Blowfish_stream2word(data, databytes, &j); 481 | datar ^= Blowfish_stream2word(data, databytes, &j); 482 | Blowfish_encipher(c, &datal, &datar); 483 | 484 | c->S[i][k] = datal; 485 | c->S[i][k + 1] = datar; 486 | } 487 | } 488 | 489 | } 490 | 491 | void 492 | blf_key(blf_ctx *c, const u_int8_t *k, u_int16_t len) 493 | { 494 | /* Initialize S-boxes and subkeys with Pi */ 495 | Blowfish_initstate(c); 496 | 497 | /* Transform S-boxes and subkeys with key */ 498 | Blowfish_expand0state(c, k, len); 499 | } 500 | 501 | void 502 | blf_enc(blf_ctx *c, u_int32_t *data, u_int16_t blocks) 503 | { 504 | u_int32_t *d; 505 | u_int16_t i; 506 | 507 | d = data; 508 | for (i = 0; i < blocks; i++) { 509 | Blowfish_encipher(c, d, d + 1); 510 | d += 2; 511 | } 512 | } 513 | 514 | void 515 | blf_dec(blf_ctx *c, u_int32_t *data, u_int16_t blocks) 516 | { 517 | u_int32_t *d; 518 | u_int16_t i; 519 | 520 | d = data; 521 | for (i = 0; i < blocks; i++) { 522 | Blowfish_decipher(c, d, d + 1); 523 | d += 2; 524 | } 525 | } 526 | 527 | void 528 | blf_ecb_encrypt(blf_ctx *c, u_int8_t *data, u_int32_t len) 529 | { 530 | u_int32_t l, r; 531 | u_int32_t i; 532 | 533 | for (i = 0; i < len; i += 8) { 534 | l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 535 | r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 536 | Blowfish_encipher(c, &l, &r); 537 | data[0] = l >> 24 & 0xff; 538 | data[1] = l >> 16 & 0xff; 539 | data[2] = l >> 8 & 0xff; 540 | data[3] = l & 0xff; 541 | data[4] = r >> 24 & 0xff; 542 | data[5] = r >> 16 & 0xff; 543 | data[6] = r >> 8 & 0xff; 544 | data[7] = r & 0xff; 545 | data += 8; 546 | } 547 | } 548 | 549 | void 550 | blf_ecb_decrypt(blf_ctx *c, u_int8_t *data, u_int32_t len) 551 | { 552 | u_int32_t l, r; 553 | u_int32_t i; 554 | 555 | for (i = 0; i < len; i += 8) { 556 | l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 557 | r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 558 | Blowfish_decipher(c, &l, &r); 559 | data[0] = l >> 24 & 0xff; 560 | data[1] = l >> 16 & 0xff; 561 | data[2] = l >> 8 & 0xff; 562 | data[3] = l & 0xff; 563 | data[4] = r >> 24 & 0xff; 564 | data[5] = r >> 16 & 0xff; 565 | data[6] = r >> 8 & 0xff; 566 | data[7] = r & 0xff; 567 | data += 8; 568 | } 569 | } 570 | 571 | void 572 | blf_cbc_encrypt(blf_ctx *c, u_int8_t *iv, u_int8_t *data, u_int32_t len) 573 | { 574 | u_int32_t l, r; 575 | u_int32_t i, j; 576 | 577 | for (i = 0; i < len; i += 8) { 578 | for (j = 0; j < 8; j++) 579 | data[j] ^= iv[j]; 580 | l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 581 | r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 582 | Blowfish_encipher(c, &l, &r); 583 | data[0] = l >> 24 & 0xff; 584 | data[1] = l >> 16 & 0xff; 585 | data[2] = l >> 8 & 0xff; 586 | data[3] = l & 0xff; 587 | data[4] = r >> 24 & 0xff; 588 | data[5] = r >> 16 & 0xff; 589 | data[6] = r >> 8 & 0xff; 590 | data[7] = r & 0xff; 591 | iv = data; 592 | data += 8; 593 | } 594 | } 595 | 596 | void 597 | blf_cbc_decrypt(blf_ctx *c, u_int8_t *iva, u_int8_t *data, u_int32_t len) 598 | { 599 | u_int32_t l, r; 600 | u_int8_t *iv; 601 | u_int32_t i, j; 602 | 603 | iv = data + len - 16; 604 | data = data + len - 8; 605 | for (i = len - 8; i >= 8; i -= 8) { 606 | l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 607 | r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 608 | Blowfish_decipher(c, &l, &r); 609 | data[0] = l >> 24 & 0xff; 610 | data[1] = l >> 16 & 0xff; 611 | data[2] = l >> 8 & 0xff; 612 | data[3] = l & 0xff; 613 | data[4] = r >> 24 & 0xff; 614 | data[5] = r >> 16 & 0xff; 615 | data[6] = r >> 8 & 0xff; 616 | data[7] = r & 0xff; 617 | for (j = 0; j < 8; j++) 618 | data[j] ^= iv[j]; 619 | iv -= 8; 620 | data -= 8; 621 | } 622 | l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 623 | r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 624 | Blowfish_decipher(c, &l, &r); 625 | data[0] = l >> 24 & 0xff; 626 | data[1] = l >> 16 & 0xff; 627 | data[2] = l >> 8 & 0xff; 628 | data[3] = l & 0xff; 629 | data[4] = r >> 24 & 0xff; 630 | data[5] = r >> 16 & 0xff; 631 | data[6] = r >> 8 & 0xff; 632 | data[7] = r & 0xff; 633 | for (j = 0; j < 8; j++) 634 | data[j] ^= iva[j]; 635 | } 636 | 637 | #if 0 638 | void 639 | report(u_int32_t data[], u_int16_t len) 640 | { 641 | u_int16_t i; 642 | for (i = 0; i < len; i += 2) 643 | printf("Block %0hd: %08lx %08lx.\n", 644 | i / 2, data[i], data[i + 1]); 645 | } 646 | void 647 | main(void) 648 | { 649 | 650 | blf_ctx c; 651 | char key[] = "AAAAA"; 652 | char key2[] = "abcdefghijklmnopqrstuvwxyz"; 653 | 654 | u_int32_t data[10]; 655 | u_int32_t data2[] = 656 | {0x424c4f57l, 0x46495348l}; 657 | 658 | u_int16_t i; 659 | 660 | /* First test */ 661 | for (i = 0; i < 10; i++) 662 | data[i] = i; 663 | 664 | blf_key(&c, (u_int8_t *) key, 5); 665 | blf_enc(&c, data, 5); 666 | blf_dec(&c, data, 1); 667 | blf_dec(&c, data + 2, 4); 668 | printf("Should read as 0 - 9.\n"); 669 | report(data, 10); 670 | 671 | /* Second test */ 672 | blf_key(&c, (u_int8_t *) key2, strlen(key2)); 673 | blf_enc(&c, data2, 1); 674 | printf("\nShould read as: 0x324ed0fe 0xf413a203.\n"); 675 | report(data2, 2); 676 | blf_dec(&c, data2, 1); 677 | report(data2, 2); 678 | } 679 | #endif --------------------------------------------------------------------------------