├── .gitignore ├── src ├── safebfuns.h ├── bcrypt.h ├── safebfuns.c ├── ggentropy.h ├── main.c ├── ggentropy.c ├── blf.h ├── bcrypt.c └── blowfish.c ├── Makefile ├── tune.lua ├── rockspec ├── bcrypt-1.0-1.rockspec ├── bcrypt-1.1-1.rockspec ├── bcrypt-1.2-1.rockspec ├── bcrypt-1.3-1.rockspec ├── bcrypt-2.2-1.rockspec ├── bcrypt-2.3-1.rockspec ├── bcrypt-1.3-2.rockspec ├── bcrypt-1.4-1.rockspec ├── bcrypt-1.5-1.rockspec ├── bcrypt-2.0-1.rockspec ├── bcrypt-2.1-1.rockspec ├── bcrypt-2.1-2.rockspec ├── bcrypt-2.1-3.rockspec ├── bcrypt-2.1-4.rockspec ├── bcrypt-2.1-5.rockspec ├── bcrypt-2.1-6.rockspec └── bcrypt-2.3-2.rockspec ├── README.md ├── test-digest.lua └── LICENSE /.gitignore: -------------------------------------------------------------------------------- 1 | /lua-bcrypt.* 2 | /src/*.obj 3 | 4 | /bcrypt.so 5 | /src/*.o 6 | -------------------------------------------------------------------------------- /src/safebfuns.h: -------------------------------------------------------------------------------- 1 | /* Public domain */ 2 | 3 | #pragma once 4 | 5 | #include 6 | 7 | void explicit_bzero( void * buf, size_t n ); 8 | int timingsafe_bcmp( const void * b1, const void * b2, size_t n ); 9 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | luarocks make CFLAGS="-O2 -fPIC -Wall -Wextra" --no-install 3 | 4 | debug: 5 | luarocks make CFLAGS="-fPIC -g -Wall -Wextra" --no-install 6 | 7 | clean: 8 | rm -f bcrypt.so lua-bcrypt.so src/*.o 9 | -------------------------------------------------------------------------------- /src/bcrypt.h: -------------------------------------------------------------------------------- 1 | #pragma once 2 | 3 | #include 4 | 5 | #define _PASSWORD_LEN 128 6 | 7 | int bcrypt_newhash(const char *, int, char *, size_t); 8 | int bcrypt_checkpass(const char *, const char *); 9 | -------------------------------------------------------------------------------- /tune.lua: -------------------------------------------------------------------------------- 1 | #! /usr/bin/lua 2 | 3 | local bcrypt = require( "bcrypt" ) 4 | 5 | function bcrypt.tune( t ) 6 | local SAMPLES = 10 7 | local rounds = 5 8 | 9 | while true do 10 | local total = 0 11 | 12 | for i = 1, SAMPLES do 13 | local start = os.clock() 14 | bcrypt.digest( "asdf", rounds ) 15 | local delta = os.clock() - start 16 | 17 | total = total + delta 18 | end 19 | 20 | if ( total / SAMPLES ) * 1000 >= t then 21 | return rounds - 1 22 | end 23 | 24 | rounds = rounds + 1 25 | end 26 | end 27 | 28 | print( bcrypt.tune( 250 ) ) 29 | -------------------------------------------------------------------------------- /rockspec/bcrypt-1.0-1.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "1.0-1" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v1.0", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "MIT", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | install = { 26 | lib = { 27 | [ "bcrypt" ] = "bcrypt.so", 28 | }, 29 | }, 30 | } 31 | -------------------------------------------------------------------------------- /rockspec/bcrypt-1.1-1.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "1.1-1" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v1.1", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "MIT", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | install = { 26 | lib = { 27 | [ "bcrypt" ] = "bcrypt.so", 28 | }, 29 | }, 30 | } 31 | -------------------------------------------------------------------------------- /rockspec/bcrypt-1.2-1.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "1.2-1" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v1.2", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "MIT", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | install = { 26 | lib = { 27 | [ "bcrypt" ] = "bcrypt.so", 28 | }, 29 | }, 30 | } 31 | -------------------------------------------------------------------------------- /rockspec/bcrypt-1.3-1.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "1.3-1" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v1.3", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "MIT", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | install = { 26 | lib = { 27 | [ "bcrypt" ] = "bcrypt.so", 28 | }, 29 | }, 30 | } 31 | -------------------------------------------------------------------------------- /rockspec/bcrypt-2.2-1.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "2.2-1" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v2.2-1", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "ISC", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "builtin", 22 | modules = { 23 | bcrypt = { 24 | "src/main.c", 25 | "src/bcrypt.c", 26 | "src/blowfish.c", 27 | "src/ggentropy.c", 28 | "src/safebfuns.c", 29 | } 30 | }, 31 | } 32 | -------------------------------------------------------------------------------- /rockspec/bcrypt-2.3-1.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "2.3-1" 3 | 4 | source = { 5 | url = "git+https://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v2.3-1", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "ISC", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "builtin", 22 | modules = { 23 | bcrypt = { 24 | "src/main.c", 25 | "src/bcrypt.c", 26 | "src/blowfish.c", 27 | "src/ggentropy.c", 28 | "src/safebfuns.c", 29 | } 30 | }, 31 | } 32 | -------------------------------------------------------------------------------- /rockspec/bcrypt-1.3-2.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "1.3-1" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v1.3", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "MIT", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | build_variables = { 26 | LUA_INCDIR = "$(LUA_INCDIR)", 27 | }, 28 | 29 | install = { 30 | lib = { 31 | [ "bcrypt" ] = "bcrypt.so", 32 | }, 33 | }, 34 | } 35 | -------------------------------------------------------------------------------- /rockspec/bcrypt-1.4-1.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "1.4-1" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v1.4", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "MIT", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | build_variables = { 26 | LUA_INCDIR = "$(LUA_INCDIR)", 27 | }, 28 | 29 | install = { 30 | lib = { 31 | [ "bcrypt" ] = "bcrypt.so", 32 | }, 33 | }, 34 | } 35 | -------------------------------------------------------------------------------- /rockspec/bcrypt-1.5-1.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "1.5-1" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v1.5", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "MIT", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | build_variables = { 26 | LUA_INCDIR = "$(LUA_INCDIR)", 27 | }, 28 | 29 | install = { 30 | lib = { 31 | [ "bcrypt" ] = "bcrypt.so", 32 | }, 33 | }, 34 | } 35 | -------------------------------------------------------------------------------- /rockspec/bcrypt-2.0-1.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "2.0-1" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v2.0", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "ISC", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | build_variables = { 26 | LUA_INCDIR = "$(LUA_INCDIR)", 27 | }, 28 | 29 | install = { 30 | lib = { 31 | [ "bcrypt" ] = "bcrypt.so", 32 | }, 33 | }, 34 | } 35 | -------------------------------------------------------------------------------- /rockspec/bcrypt-2.1-1.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "2.1-1" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v2.1", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "ISC", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | build_variables = { 26 | LUA_INCDIR = "$(LUA_INCDIR)", 27 | }, 28 | 29 | install = { 30 | lib = { 31 | [ "bcrypt" ] = "bcrypt.so", 32 | }, 33 | }, 34 | } 35 | -------------------------------------------------------------------------------- /rockspec/bcrypt-2.1-2.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "2.1-2" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v2.1-2", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "ISC", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | build_variables = { 26 | LUA_INCDIR = "$(LUA_INCDIR)", 27 | }, 28 | 29 | install = { 30 | lib = { 31 | [ "bcrypt" ] = "bcrypt.so", 32 | }, 33 | }, 34 | } 35 | -------------------------------------------------------------------------------- /rockspec/bcrypt-2.1-3.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "2.1-3" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v2.1-3", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "ISC", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | build_variables = { 26 | LUA_INCDIR = "$(LUA_INCDIR)", 27 | }, 28 | 29 | install = { 30 | lib = { 31 | [ "bcrypt" ] = "bcrypt.so", 32 | }, 33 | }, 34 | } 35 | -------------------------------------------------------------------------------- /rockspec/bcrypt-2.1-4.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "2.1-4" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v2.1-4", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "ISC", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | build_variables = { 26 | LUA_INCDIR = "$(LUA_INCDIR)", 27 | }, 28 | 29 | install = { 30 | lib = { 31 | [ "bcrypt" ] = "bcrypt.so", 32 | }, 33 | }, 34 | } 35 | -------------------------------------------------------------------------------- /rockspec/bcrypt-2.1-5.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "2.1-5" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v2.1-5", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "ISC", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | build_variables = { 26 | LUA_INCDIR = "$(LUA_INCDIR)", 27 | }, 28 | 29 | install = { 30 | lib = { 31 | [ "bcrypt" ] = "bcrypt.so", 32 | }, 33 | }, 34 | } 35 | -------------------------------------------------------------------------------- /rockspec/bcrypt-2.1-6.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "2.1-6" 3 | 4 | source = { 5 | url = "git://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v2.1-6", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "ISC", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | build = { 21 | type = "make", 22 | 23 | install_pass = false, 24 | 25 | build_variables = { 26 | LUA_INCDIR = "$(LUA_INCDIR)", 27 | }, 28 | 29 | install = { 30 | lib = { 31 | [ "bcrypt" ] = "bcrypt.so", 32 | }, 33 | }, 34 | } 35 | -------------------------------------------------------------------------------- /rockspec/bcrypt-2.3-2.rockspec: -------------------------------------------------------------------------------- 1 | package = "bcrypt" 2 | version = "2.3-2" 3 | 4 | source = { 5 | url = "git+https://github.com/mikejsavage/lua-bcrypt.git", 6 | tag = "v2.3-2", 7 | } 8 | 9 | description = { 10 | summary = "A Lua wrapper for bcrypt", 11 | homepage = "http://github.com/mikejsavage/lua-bcrypt", 12 | license = "ISC", 13 | maintainer = "Mike Savage", 14 | } 15 | 16 | dependencies = { 17 | "lua >= 5.1", 18 | } 19 | 20 | local srcs = { 21 | "src/main.c", 22 | "src/bcrypt.c", 23 | "src/blowfish.c", 24 | "src/ggentropy.c", 25 | "src/safebfuns.c", 26 | } 27 | 28 | build = { 29 | type = "builtin", 30 | modules = { [ "lua-bcrypt" ] = srcs }, 31 | platforms = { 32 | unix = { modules = { bcrypt = srcs } }, 33 | }, 34 | } 35 | -------------------------------------------------------------------------------- /src/safebfuns.c: -------------------------------------------------------------------------------- 1 | /* Public domain */ 2 | 3 | #include 4 | 5 | #if defined( _MSC_VER ) 6 | #pragma optimize( "", off ) 7 | #elif defined( __clang__ ) 8 | #pragma clang optimize off 9 | #elif defined( __GNUC__ ) 10 | #pragma GCC optimize ( "O0" ) 11 | #else 12 | #error new compiler 13 | #endif 14 | 15 | void explicit_bzero( void * buf, size_t n ) { 16 | volatile char * volbuf = ( volatile char * ) buf; 17 | 18 | size_t i; 19 | for( i = 0; i < n; i++ ) { 20 | volbuf[ i ] = 0; 21 | } 22 | } 23 | 24 | int timingsafe_bcmp( const void * b1, const void * b2, size_t n ) { 25 | const unsigned char * p1 = b1; 26 | const unsigned char * p2 = b2; 27 | int result = 0; 28 | 29 | size_t i; 30 | for( i = 0; i < n; i++ ) { 31 | result |= p1[ i ] ^ p2[ i ]; 32 | } 33 | 34 | return result != 0; 35 | } 36 | -------------------------------------------------------------------------------- /src/ggentropy.h: -------------------------------------------------------------------------------- 1 | /* 2 | * ggentropy 3 | * 4 | * Copyright (c) 2019 Michael Savage 5 | * 6 | * Permission to use, copy, modify, and distribute this software for any 7 | * purpose with or without fee is hereby granted, provided that the above 8 | * copyright notice and this permission notice appear in all copies. 9 | * 10 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 | */ 18 | 19 | #pragma once 20 | 21 | #include 22 | #include 23 | 24 | bool ggentropy( void * buf, size_t n ); 25 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | A Lua wrapper for OpenBSD's bcrypt. 2 | 3 | 4 | Requirements 5 | ------------ 6 | 7 | lua >= 5.1 8 | 9 | 10 | Installation 11 | ------------ 12 | 13 | ``` 14 | $ luarocks install bcrypt 15 | ``` 16 | 17 | 18 | Usage 19 | ----- 20 | 21 | ```lua 22 | local bcrypt = require("lua-bcrypt") 23 | 24 | -- Bigger numbers here will make your digest exponentially harder to compute 25 | local log_rounds = 9 26 | 27 | local digest = bcrypt.digest("password", log_rounds) 28 | assert(bcrypt.verify("password", digest)) 29 | ``` 30 | 31 | 32 | `require("bcrypt")` vs `require("lua-bcrypt")` 33 | ---------------------------------------------- 34 | 35 | Before lua-bcrypt 2.3-2 you had to use `require("bcrypt")`. I will never drop 36 | support for this so you don't need to modify existing software unless you also 37 | want it to run on Windows. 38 | 39 | Windows has a system DLL called bcrypt.dll and the name clash makes 40 | `require("bcrypt")` not work. If you want your software to run on Windows you 41 | must use `require("lua-bcrypt")` 42 | 43 | 44 | Security concerns 45 | ----------------- 46 | 47 | Lua will keep plaintext passwords around in memory as part of its string 48 | interning mechanism. As far as I'm aware, there's nothing I can do about this. 49 | 50 | 51 | Tuning 52 | ------ 53 | 54 | If you would like to automatically tune the number of rounds to your hardware, 55 | you can include a function like: 56 | 57 | ```lua 58 | function bcrypt.tune(t) 59 | local SAMPLES = 10 60 | local rounds = 5 61 | 62 | while true do 63 | local total = 0 64 | 65 | for i = 1, SAMPLES do 66 | local start = os.clock() 67 | bcrypt.digest("asdf", rounds) 68 | local delta = os.clock() - start 69 | 70 | total = total + delta 71 | end 72 | 73 | if (total / SAMPLES) * 1000 >= t then 74 | return rounds - 1 75 | end 76 | 77 | rounds = rounds + 1 78 | end 79 | end 80 | ``` 81 | 82 | This function returns the largest load factor such that 83 | `bcrypt.digest(str, work)` takes less than `t` milliseconds. 84 | -------------------------------------------------------------------------------- /src/main.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2021, Michael Savage 3 | * 4 | * Permission to use, copy, modify, and/or distribute this software for any 5 | * purpose with or without fee is hereby granted, provided that the above 6 | * copyright notice and this permission notice appear in all copies. 7 | * 8 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 11 | * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 13 | * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 14 | * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 | */ 16 | 17 | #include 18 | #include 19 | #include 20 | 21 | #include "bcrypt.h" 22 | 23 | #ifndef luaL_newlib 24 | #define luaL_newlib( L, l ) ( lua_newtable( L ), luaL_register( L, NULL, l ) ) 25 | #endif 26 | 27 | static int luabcrypt_digest( lua_State * L ) { 28 | const char * password = luaL_checkstring( L, 1 ); 29 | int log_rounds = lua_tointeger( L, 2 ); 30 | 31 | char hash[ _PASSWORD_LEN ]; 32 | int rv = bcrypt_newhash( password, log_rounds, hash, sizeof( hash ) ); 33 | if( rv != 0 ) { 34 | lua_pushliteral( L, "bcrypt_newhash failed" ); 35 | return lua_error( L ); 36 | } 37 | 38 | lua_pushstring( L, hash ); 39 | 40 | return 1; 41 | } 42 | 43 | static int luabcrypt_verify( lua_State * L ) { 44 | const char * password = luaL_checkstring( L, 1 ); 45 | const char * goodhash = luaL_checkstring( L, 2 ); 46 | 47 | int ok = bcrypt_checkpass( password, goodhash ) == 0; 48 | lua_pushboolean( L, ok ); 49 | 50 | return 1; 51 | } 52 | 53 | static const struct luaL_Reg luabcrypt_lib[] = { 54 | { "digest", luabcrypt_digest }, 55 | { "verify", luabcrypt_verify }, 56 | 57 | { NULL, NULL } 58 | }; 59 | 60 | LUALIB_API int luaopen_bcrypt( lua_State * L ) { 61 | luaL_newlib( L, luabcrypt_lib ); 62 | return 1; 63 | } 64 | -------------------------------------------------------------------------------- /src/ggentropy.c: -------------------------------------------------------------------------------- 1 | /* 2 | * ggentropy v1.0 3 | * 4 | * Copyright (c) 2021 Michael Savage 5 | * 6 | * Permission to use, copy, modify, and distribute this software for any 7 | * purpose with or without fee is hereby granted, provided that the above 8 | * copyright notice and this permission notice appear in all copies. 9 | * 10 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 | */ 18 | 19 | #if defined( _WIN32 ) 20 | # define PLATFORM_WINDOWS 1 21 | 22 | #elif defined( __linux__ ) 23 | # define PLATFORM_LINUX 1 24 | 25 | #elif defined( __APPLE__ ) 26 | # define PLATFORM_HAS_ARC4RANDOM 1 27 | 28 | #elif defined( __FreeBSD__ ) || defined( __OpenBSD__ ) || defined( __NetBSD__ ) 29 | # define PLATFORM_HAS_ARC4RANDOM 1 30 | 31 | #else 32 | # error new platform 33 | #endif 34 | 35 | #include 36 | #include 37 | #include 38 | 39 | #if PLATFORM_WINDOWS 40 | 41 | #pragma comment( lib, "bcrypt.lib" ) 42 | 43 | #define WIN32_LEAN_AND_MEAN 44 | #include 45 | #include 46 | 47 | bool ggentropy( void * buf, size_t n ) { 48 | assert( n <= 256 ); 49 | return !FAILED( BCryptGenRandom( NULL, ( PUCHAR ) buf, n, BCRYPT_USE_SYSTEM_PREFERRED_RNG ) ); 50 | } 51 | 52 | #elif PLATFORM_LINUX 53 | 54 | #include 55 | #include 56 | 57 | bool ggentropy( void * buf, size_t n ) { 58 | assert( n <= 256 ); 59 | int ok = syscall( SYS_getrandom, buf, n, 0 ); 60 | return ok >= 0 && ( size_t ) ok == n; 61 | } 62 | 63 | #elif PLATFORM_HAS_ARC4RANDOM 64 | 65 | #include 66 | 67 | bool ggentropy( void * buf, size_t n ) { 68 | assert( n <= 256 ); 69 | arc4random_buf( buf, n ); 70 | return true; 71 | } 72 | 73 | #else 74 | #error new platform 75 | #endif 76 | -------------------------------------------------------------------------------- /test-digest.lua: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env lua 2 | 3 | for entry in package.cpath:gmatch( "[^;]+" ) do 4 | if entry:sub( 1, 2 ) == "./" then 5 | package.cpath = entry 6 | break 7 | end 8 | end 9 | 10 | local bcrypt = require( "lua-bcrypt" ) 11 | 12 | -- some test inputs, mostly taken from john the ripper 13 | local tests = { 14 | { 15 | "$2b$04$TnjywYklQbbZjdjBgBoA4e9G7RJt9blgMgsCvUvus4Iv4TENB5nHy", 16 | "test" 17 | }, 18 | { 19 | "$2b$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW", 20 | "U*U" 21 | }, 22 | { 23 | "$2b$05$CCCCCCCCCCCCCCCCCCCCC.VGOzA784oUp/Z0DY336zx7pLYAy0lwK", 24 | "U*U*" 25 | }, 26 | { 27 | "$2b$05$XXXXXXXXXXXXXXXXXXXXXOAcXxm9kjPGEMsLznoKqmqw7tc8WCx4a", 28 | "U*U*U" 29 | }, 30 | { 31 | "$2b$05$CCCCCCCCCCCCCCCCCCCCC.7uG0VCzI2bS7j6ymqJi9CdcdxiRTWNy", 32 | "" 33 | }, 34 | { 35 | "$2b$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq", 36 | "\\xa3" 37 | }, 38 | { 39 | "$2b$05$/OK.fbVrR/bpIqNJ5ianF.nRht2l/HRhr6zmCp9vYUvvsqynflf9e", 40 | "\\xff\\xa3345" 41 | }, 42 | { 43 | "$2b$05$/OK.fbVrR/bpIqNJ5ianF.6IflQkJytoRVc1yuaNtHfiuq.FRlSIS", 44 | "\\xa3ab" 45 | }, 46 | { 47 | "$2b$05$abcdefghijklmnopqrstuu5s2v8.iXieOjg/.AySBTTZIIVFJeBui", 48 | "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789chars after 72 are ignored" 49 | }, 50 | { 51 | "$2b$05$/OK.fbVrR/bpIqNJ5ianF.swQOIzjOiJ9GHEPuhEkvqrUyvWhEMx6", 52 | "\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaa\\xaachars after 72 are ignored as usual" 53 | }, 54 | { 55 | "$2b$05$/OK.fbVrR/bpIqNJ5ianF.R9xrDjiycxMbQE2bp.vgqlYpW5wx2yy", 56 | "\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55\\xaa\\x55" 57 | }, 58 | { 59 | "$2b$05$CCCCCCCCCCCCCCCCCCCCC.7uG0VCzI2bS7j6ymqJi9CdcdxiRTWNy", 60 | "" 61 | }, 62 | { 63 | "$2b$05$/OK.fbVrR/bpIqNJ5ianF.9tQZzcJfm3uj2NvJ/n5xkhpqLrMpWCe", 64 | "\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff\\x55\\xaa\\xff" 65 | }, 66 | } 67 | 68 | for _, test in pairs( tests ) do 69 | local key = test[ 2 ]:gsub( "\\x([%l%d][%l%d])", function( hex ) 70 | return string.char( tonumber( hex, 16 ) ) 71 | end ) 72 | 73 | assert( bcrypt.verify( key, test[ 1 ] ) ) 74 | assert( bcrypt.verify( key, bcrypt.digest( key, 5 ) ) ) 75 | end 76 | 77 | print( "Tests passed!" ) 78 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2021, Michael Savage 2 | 3 | Permission to use, copy, modify, and/or distribute this software for any 4 | purpose with or without fee is hereby granted, provided that the above 5 | copyright notice and this permission notice appear in all copies. 6 | 7 | THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 8 | WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 | MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 10 | SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 12 | OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 13 | CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 | 15 | --- 16 | 17 | Copyright (c) 2014 Ted Unangst 18 | Copyright (c) 1997 Niels Provos 19 | 20 | Permission to use, copy, modify, and distribute this software for any 21 | purpose with or without fee is hereby granted, provided that the above 22 | copyright notice and this permission notice appear in all copies. 23 | 24 | THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 25 | WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 26 | MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 27 | ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 28 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 29 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 30 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 31 | 32 | --- 33 | 34 | Copyright 1997 Niels Provos 35 | All rights reserved. 36 | 37 | Implementation advice by David Mazieres . 38 | 39 | Redistribution and use in source and binary forms, with or without 40 | modification, are permitted provided that the following conditions 41 | are met: 42 | 1. Redistributions of source code must retain the above copyright 43 | notice, this list of conditions and the following disclaimer. 44 | 2. Redistributions in binary form must reproduce the above copyright 45 | notice, this list of conditions and the following disclaimer in the 46 | documentation and/or other materials provided with the distribution. 47 | 3. The name of the author may not be used to endorse or promote products 48 | derived from this software without specific prior written permission. 49 | 50 | THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 51 | IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 52 | OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 53 | IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 54 | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 55 | NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 56 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 57 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 58 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 59 | THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 60 | -------------------------------------------------------------------------------- /src/blf.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: blf.h,v 1.8 2021/11/29 01:04:45 djm Exp $ */ 2 | /* 3 | * Blowfish - a fast block cipher designed by Bruce Schneier 4 | * 5 | * Copyright 1997 Niels Provos 6 | * All rights reserved. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in the 15 | * documentation and/or other materials provided with the distribution. 16 | * 3. The name of the author may not be used to endorse or promote products 17 | * derived from this software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 24 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 28 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 | */ 30 | 31 | #include 32 | 33 | #ifndef _BLF_H_ 34 | #define _BLF_H_ 35 | 36 | /* Schneier specifies a maximum key length of 56 bytes. 37 | * This ensures that every key bit affects every cipher 38 | * bit. However, the subkeys can hold up to 72 bytes. 39 | * Warning: For normal blowfish encryption only 56 bytes 40 | * of the key affect all cipherbits. 41 | */ 42 | 43 | #define BLF_N 16 /* Number of Subkeys */ 44 | #define BLF_MAXKEYLEN ((BLF_N-2)*4) /* 448 bits */ 45 | #define BLF_MAXUTILIZED ((BLF_N+2)*4) /* 576 bits */ 46 | 47 | /* Blowfish context */ 48 | typedef struct BlowfishContext { 49 | uint32_t S[4][256]; /* S-Boxes */ 50 | uint32_t P[BLF_N + 2]; /* Subkeys */ 51 | } blf_ctx; 52 | 53 | /* Raw access to customized Blowfish 54 | * blf_key is just: 55 | * Blowfish_initstate( state ) 56 | * Blowfish_expand0state( state, key, keylen ) 57 | */ 58 | 59 | void Blowfish_encipher(blf_ctx *, uint32_t *, uint32_t *); 60 | void Blowfish_decipher(blf_ctx *, uint32_t *, uint32_t *); 61 | void Blowfish_initstate(blf_ctx *); 62 | void Blowfish_expand0state(blf_ctx *, const uint8_t *, uint16_t); 63 | void Blowfish_expandstate 64 | (blf_ctx *, const uint8_t *, uint16_t, const uint8_t *, uint16_t); 65 | 66 | /* Standard Blowfish */ 67 | 68 | void blf_key(blf_ctx *, const uint8_t *, uint16_t); 69 | void blf_enc(blf_ctx *, uint32_t *, uint16_t); 70 | void blf_dec(blf_ctx *, uint32_t *, uint16_t); 71 | 72 | void blf_ecb_encrypt(blf_ctx *, uint8_t *, uint32_t); 73 | void blf_ecb_decrypt(blf_ctx *, uint8_t *, uint32_t); 74 | 75 | void blf_cbc_encrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t); 76 | void blf_cbc_decrypt(blf_ctx *, uint8_t *, uint8_t *, uint32_t); 77 | 78 | /* Converts uint8_t to uint32_t */ 79 | uint32_t Blowfish_stream2word(const uint8_t *, uint16_t , uint16_t *); 80 | 81 | #endif 82 | -------------------------------------------------------------------------------- /src/bcrypt.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: bcrypt.c,v 1.58 2020/07/06 13:33:05 pirofti Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2014 Ted Unangst 5 | * Copyright (c) 1997 Niels Provos 6 | * 7 | * Permission to use, copy, modify, and distribute this software for any 8 | * purpose with or without fee is hereby granted, provided that the above 9 | * copyright notice and this permission notice appear in all copies. 10 | * 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 | */ 19 | /* This password hashing algorithm was designed by David Mazieres 20 | * and works as follows: 21 | * 22 | * 1. state := InitState () 23 | * 2. state := ExpandKey (state, salt, password) 24 | * 3. REPEAT rounds: 25 | * state := ExpandKey (state, 0, password) 26 | * state := ExpandKey (state, 0, salt) 27 | * 4. ctext := "OrpheanBeholderScryDoubt" 28 | * 5. REPEAT 64: 29 | * ctext := Encrypt_ECB (state, ctext); 30 | * 6. RETURN Concatenate (salt, ctext); 31 | * 32 | */ 33 | 34 | #include 35 | #include 36 | #include 37 | #include 38 | #include 39 | #include 40 | 41 | #include "blf.h" 42 | #include "ggentropy.h" 43 | #include "safebfuns.h" 44 | 45 | /* This implementation is adaptable to current computing power. 46 | * You can have up to 2^31 rounds which should be enough for some 47 | * time to come. 48 | */ 49 | 50 | #define BCRYPT_VERSION '2' 51 | #define BCRYPT_MAXSALT 16 /* Precomputation is just so nice */ 52 | #define BCRYPT_WORDS 6 /* Ciphertext words */ 53 | #define BCRYPT_MINLOGROUNDS 4 /* we have log2(rounds) in salt */ 54 | 55 | #define BCRYPT_SALTSPACE (7 + (BCRYPT_MAXSALT * 4 + 2) / 3 + 1) 56 | #define BCRYPT_HASHSPACE 61 57 | 58 | char *bcrypt_gensalt(uint8_t); 59 | 60 | static int encode_base64(char *, const uint8_t *, size_t); 61 | static int decode_base64(uint8_t *, size_t, const char *); 62 | 63 | /* 64 | * Generates a salt for this version of crypt. 65 | */ 66 | static int 67 | bcrypt_initsalt(int log_rounds, uint8_t *salt, size_t saltbuflen) 68 | { 69 | uint8_t csalt[BCRYPT_MAXSALT]; 70 | 71 | if (saltbuflen < BCRYPT_SALTSPACE) { 72 | errno = EINVAL; 73 | return -1; 74 | } 75 | 76 | if (!ggentropy(csalt, sizeof(csalt))) { 77 | return -1; 78 | } 79 | 80 | if (log_rounds < 4) 81 | log_rounds = 4; 82 | else if (log_rounds > 31) 83 | log_rounds = 31; 84 | 85 | snprintf(salt, saltbuflen, "$2b$%2.2u$", log_rounds); 86 | encode_base64(salt + 7, csalt, sizeof(csalt)); 87 | 88 | return 0; 89 | } 90 | 91 | /* 92 | * the core bcrypt function 93 | */ 94 | static int 95 | bcrypt_hashpass(const char *key, const char *salt, char *encrypted, 96 | size_t encryptedlen) 97 | { 98 | blf_ctx state; 99 | uint32_t rounds, i, k; 100 | uint16_t j; 101 | size_t key_len; 102 | uint8_t salt_len, logr, minor; 103 | uint8_t ciphertext[4 * BCRYPT_WORDS] = "OrpheanBeholderScryDoubt"; 104 | uint8_t csalt[BCRYPT_MAXSALT]; 105 | uint32_t cdata[BCRYPT_WORDS]; 106 | 107 | if (encryptedlen < BCRYPT_HASHSPACE) 108 | goto inval; 109 | 110 | /* Check and discard "$" identifier */ 111 | if (salt[0] != '$') 112 | goto inval; 113 | salt += 1; 114 | 115 | if (salt[0] != BCRYPT_VERSION) 116 | goto inval; 117 | 118 | /* Check for minor versions */ 119 | switch ((minor = salt[1])) { 120 | case 'a': 121 | key_len = (uint8_t)(strlen(key) + 1); 122 | break; 123 | case 'b': 124 | /* strlen() returns a size_t, but the function calls 125 | * below result in implicit casts to a narrower integer 126 | * type, so cap key_len at the actual maximum supported 127 | * length here to avoid integer wraparound */ 128 | key_len = strlen(key); 129 | if (key_len > 72) 130 | key_len = 72; 131 | key_len++; /* include the NUL */ 132 | break; 133 | default: 134 | goto inval; 135 | } 136 | if (salt[2] != '$') 137 | goto inval; 138 | /* Discard version + "$" identifier */ 139 | salt += 3; 140 | 141 | /* Check and parse num rounds */ 142 | if (!isdigit((unsigned char)salt[0]) || 143 | !isdigit((unsigned char)salt[1]) || salt[2] != '$') 144 | goto inval; 145 | logr = (salt[1] - '0') + ((salt[0] - '0') * 10); 146 | if (logr < BCRYPT_MINLOGROUNDS || logr > 31) 147 | goto inval; 148 | /* Computer power doesn't increase linearly, 2^x should be fine */ 149 | rounds = 1U << logr; 150 | 151 | /* Discard num rounds + "$" identifier */ 152 | salt += 3; 153 | 154 | if (strlen(salt) * 3 / 4 < BCRYPT_MAXSALT) 155 | goto inval; 156 | 157 | /* We dont want the base64 salt but the raw data */ 158 | if (decode_base64(csalt, BCRYPT_MAXSALT, salt)) 159 | goto inval; 160 | salt_len = BCRYPT_MAXSALT; 161 | 162 | /* Setting up S-Boxes and Subkeys */ 163 | Blowfish_initstate(&state); 164 | Blowfish_expandstate(&state, csalt, salt_len, 165 | (uint8_t *) key, key_len); 166 | for (k = 0; k < rounds; k++) { 167 | Blowfish_expand0state(&state, (uint8_t *) key, key_len); 168 | Blowfish_expand0state(&state, csalt, salt_len); 169 | } 170 | 171 | /* This can be precomputed later */ 172 | j = 0; 173 | for (i = 0; i < BCRYPT_WORDS; i++) 174 | cdata[i] = Blowfish_stream2word(ciphertext, 4 * BCRYPT_WORDS, &j); 175 | 176 | /* Now do the encryption */ 177 | for (k = 0; k < 64; k++) 178 | blf_enc(&state, cdata, BCRYPT_WORDS / 2); 179 | 180 | for (i = 0; i < BCRYPT_WORDS; i++) { 181 | ciphertext[4 * i + 3] = cdata[i] & 0xff; 182 | cdata[i] = cdata[i] >> 8; 183 | ciphertext[4 * i + 2] = cdata[i] & 0xff; 184 | cdata[i] = cdata[i] >> 8; 185 | ciphertext[4 * i + 1] = cdata[i] & 0xff; 186 | cdata[i] = cdata[i] >> 8; 187 | ciphertext[4 * i + 0] = cdata[i] & 0xff; 188 | } 189 | 190 | 191 | snprintf(encrypted, 8, "$2%c$%2.2u$", minor, logr); 192 | encode_base64(encrypted + 7, csalt, BCRYPT_MAXSALT); 193 | encode_base64(encrypted + 7 + 22, ciphertext, 4 * BCRYPT_WORDS - 1); 194 | explicit_bzero(&state, sizeof(state)); 195 | explicit_bzero(ciphertext, sizeof(ciphertext)); 196 | explicit_bzero(csalt, sizeof(csalt)); 197 | explicit_bzero(cdata, sizeof(cdata)); 198 | return 0; 199 | 200 | inval: 201 | errno = EINVAL; 202 | return -1; 203 | } 204 | 205 | /* 206 | * user friendly functions 207 | */ 208 | int 209 | bcrypt_newhash(const char *pass, int log_rounds, char *hash, size_t hashlen) 210 | { 211 | char salt[BCRYPT_SALTSPACE]; 212 | 213 | if (bcrypt_initsalt(log_rounds, salt, sizeof(salt)) != 0) 214 | return -1; 215 | 216 | if (bcrypt_hashpass(pass, salt, hash, hashlen) != 0) 217 | return -1; 218 | 219 | explicit_bzero(salt, sizeof(salt)); 220 | return 0; 221 | } 222 | 223 | int 224 | bcrypt_checkpass(const char *pass, const char *goodhash) 225 | { 226 | char hash[BCRYPT_HASHSPACE]; 227 | 228 | if (bcrypt_hashpass(pass, goodhash, hash, sizeof(hash)) != 0) 229 | return -1; 230 | if (strlen(hash) != strlen(goodhash) || 231 | timingsafe_bcmp(hash, goodhash, strlen(goodhash)) != 0) { 232 | errno = EACCES; 233 | return -1; 234 | } 235 | 236 | explicit_bzero(hash, sizeof(hash)); 237 | return 0; 238 | } 239 | 240 | /* 241 | * internal utilities 242 | */ 243 | static const uint8_t Base64Code[] = 244 | "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; 245 | 246 | static const uint8_t index_64[128] = { 247 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 248 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 249 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 250 | 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 251 | 255, 255, 255, 255, 255, 255, 0, 1, 54, 55, 252 | 56, 57, 58, 59, 60, 61, 62, 63, 255, 255, 253 | 255, 255, 255, 255, 255, 2, 3, 4, 5, 6, 254 | 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 255 | 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 256 | 255, 255, 255, 255, 255, 255, 28, 29, 30, 257 | 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 258 | 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 259 | 51, 52, 53, 255, 255, 255, 255, 255 260 | }; 261 | #define CHAR64(c) ( (c) > 127 ? 255 : index_64[(c)]) 262 | 263 | /* 264 | * read buflen (after decoding) bytes of data from b64data 265 | */ 266 | static int 267 | decode_base64(uint8_t *buffer, size_t len, const char *b64data) 268 | { 269 | uint8_t *bp = buffer; 270 | const uint8_t *p = b64data; 271 | uint8_t c1, c2, c3, c4; 272 | 273 | while (bp < buffer + len) { 274 | c1 = CHAR64(*p); 275 | /* Invalid data */ 276 | if (c1 == 255) 277 | return -1; 278 | 279 | c2 = CHAR64(*(p + 1)); 280 | if (c2 == 255) 281 | return -1; 282 | 283 | *bp++ = (c1 << 2) | ((c2 & 0x30) >> 4); 284 | if (bp >= buffer + len) 285 | break; 286 | 287 | c3 = CHAR64(*(p + 2)); 288 | if (c3 == 255) 289 | return -1; 290 | 291 | *bp++ = ((c2 & 0x0f) << 4) | ((c3 & 0x3c) >> 2); 292 | if (bp >= buffer + len) 293 | break; 294 | 295 | c4 = CHAR64(*(p + 3)); 296 | if (c4 == 255) 297 | return -1; 298 | *bp++ = ((c3 & 0x03) << 6) | c4; 299 | 300 | p += 4; 301 | } 302 | return 0; 303 | } 304 | 305 | /* 306 | * Turn len bytes of data into base64 encoded data. 307 | * This works without = padding. 308 | */ 309 | static int 310 | encode_base64(char *b64buffer, const uint8_t *data, size_t len) 311 | { 312 | uint8_t *bp = b64buffer; 313 | const uint8_t *p = data; 314 | uint8_t c1, c2; 315 | 316 | while (p < data + len) { 317 | c1 = *p++; 318 | *bp++ = Base64Code[(c1 >> 2)]; 319 | c1 = (c1 & 0x03) << 4; 320 | if (p >= data + len) { 321 | *bp++ = Base64Code[c1]; 322 | break; 323 | } 324 | c2 = *p++; 325 | c1 |= (c2 >> 4) & 0x0f; 326 | *bp++ = Base64Code[c1]; 327 | c1 = (c2 & 0x0f) << 2; 328 | if (p >= data + len) { 329 | *bp++ = Base64Code[c1]; 330 | break; 331 | } 332 | c2 = *p++; 333 | c1 |= (c2 >> 6) & 0x03; 334 | *bp++ = Base64Code[c1]; 335 | *bp++ = Base64Code[c2 & 0x3f]; 336 | } 337 | *bp = '\0'; 338 | return 0; 339 | } 340 | -------------------------------------------------------------------------------- /src/blowfish.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: blowfish.c,v 1.20 2021/11/29 01:04:45 djm Exp $ */ 2 | /* 3 | * Blowfish block cipher for OpenBSD 4 | * Copyright 1997 Niels Provos 5 | * All rights reserved. 6 | * 7 | * Implementation advice by David Mazieres . 8 | * 9 | * Redistribution and use in source and binary forms, with or without 10 | * modification, are permitted provided that the following conditions 11 | * are met: 12 | * 1. Redistributions of source code must retain the above copyright 13 | * notice, this list of conditions and the following disclaimer. 14 | * 2. Redistributions in binary form must reproduce the above copyright 15 | * notice, this list of conditions and the following disclaimer in the 16 | * documentation and/or other materials provided with the distribution. 17 | * 3. The name of the author may not be used to endorse or promote products 18 | * derived from this software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 21 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 22 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 23 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 25 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 29 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | */ 31 | 32 | /* 33 | * This code is derived from section 14.3 and the given source 34 | * in section V of Applied Cryptography, second edition. 35 | * Blowfish is an unpatented fast block cipher designed by 36 | * Bruce Schneier. 37 | */ 38 | 39 | #include 40 | 41 | #include "blf.h" 42 | 43 | #undef inline 44 | #ifdef __GNUC__ 45 | #define inline __inline 46 | #else /* !__GNUC__ */ 47 | #define inline 48 | #endif /* !__GNUC__ */ 49 | 50 | /* Function for Feistel Networks */ 51 | 52 | #define F(s, x) ((((s)[ (((x)>>24)&0xFF)] \ 53 | + (s)[0x100 + (((x)>>16)&0xFF)]) \ 54 | ^ (s)[0x200 + (((x)>> 8)&0xFF)]) \ 55 | + (s)[0x300 + ( (x) &0xFF)]) 56 | 57 | #define BLFRND(s,p,i,j,n) (i ^= F(s,j) ^ (p)[n]) 58 | 59 | void 60 | Blowfish_encipher(blf_ctx *c, uint32_t *xl, uint32_t *xr) 61 | { 62 | uint32_t Xl; 63 | uint32_t Xr; 64 | uint32_t *s = c->S[0]; 65 | uint32_t *p = c->P; 66 | 67 | Xl = *xl; 68 | Xr = *xr; 69 | 70 | Xl ^= p[0]; 71 | BLFRND(s, p, Xr, Xl, 1); BLFRND(s, p, Xl, Xr, 2); 72 | BLFRND(s, p, Xr, Xl, 3); BLFRND(s, p, Xl, Xr, 4); 73 | BLFRND(s, p, Xr, Xl, 5); BLFRND(s, p, Xl, Xr, 6); 74 | BLFRND(s, p, Xr, Xl, 7); BLFRND(s, p, Xl, Xr, 8); 75 | BLFRND(s, p, Xr, Xl, 9); BLFRND(s, p, Xl, Xr, 10); 76 | BLFRND(s, p, Xr, Xl, 11); BLFRND(s, p, Xl, Xr, 12); 77 | BLFRND(s, p, Xr, Xl, 13); BLFRND(s, p, Xl, Xr, 14); 78 | BLFRND(s, p, Xr, Xl, 15); BLFRND(s, p, Xl, Xr, 16); 79 | 80 | *xl = Xr ^ p[17]; 81 | *xr = Xl; 82 | } 83 | 84 | void 85 | Blowfish_decipher(blf_ctx *c, uint32_t *xl, uint32_t *xr) 86 | { 87 | uint32_t Xl; 88 | uint32_t Xr; 89 | uint32_t *s = c->S[0]; 90 | uint32_t *p = c->P; 91 | 92 | Xl = *xl; 93 | Xr = *xr; 94 | 95 | Xl ^= p[17]; 96 | BLFRND(s, p, Xr, Xl, 16); BLFRND(s, p, Xl, Xr, 15); 97 | BLFRND(s, p, Xr, Xl, 14); BLFRND(s, p, Xl, Xr, 13); 98 | BLFRND(s, p, Xr, Xl, 12); BLFRND(s, p, Xl, Xr, 11); 99 | BLFRND(s, p, Xr, Xl, 10); BLFRND(s, p, Xl, Xr, 9); 100 | BLFRND(s, p, Xr, Xl, 8); BLFRND(s, p, Xl, Xr, 7); 101 | BLFRND(s, p, Xr, Xl, 6); BLFRND(s, p, Xl, Xr, 5); 102 | BLFRND(s, p, Xr, Xl, 4); BLFRND(s, p, Xl, Xr, 3); 103 | BLFRND(s, p, Xr, Xl, 2); BLFRND(s, p, Xl, Xr, 1); 104 | 105 | *xl = Xr ^ p[0]; 106 | *xr = Xl; 107 | } 108 | 109 | void 110 | Blowfish_initstate(blf_ctx *c) 111 | { 112 | /* P-box and S-box tables initialized with digits of Pi */ 113 | 114 | static const blf_ctx initstate = 115 | { { 116 | { 117 | 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 118 | 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, 119 | 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16, 120 | 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, 121 | 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee, 122 | 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, 123 | 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, 124 | 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e, 125 | 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60, 126 | 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, 127 | 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce, 128 | 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a, 129 | 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, 130 | 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677, 131 | 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193, 132 | 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, 133 | 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88, 134 | 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239, 135 | 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, 136 | 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0, 137 | 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3, 138 | 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, 139 | 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88, 140 | 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe, 141 | 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, 142 | 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d, 143 | 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b, 144 | 0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, 145 | 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba, 146 | 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463, 147 | 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, 148 | 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09, 149 | 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3, 150 | 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, 151 | 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279, 152 | 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8, 153 | 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, 154 | 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82, 155 | 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db, 156 | 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, 157 | 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0, 158 | 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b, 159 | 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, 160 | 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8, 161 | 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4, 162 | 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, 163 | 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7, 164 | 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c, 165 | 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, 166 | 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1, 167 | 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299, 168 | 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, 169 | 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477, 170 | 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf, 171 | 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, 172 | 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, 173 | 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, 174 | 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5, 175 | 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, 176 | 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, 177 | 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, 178 | 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, 179 | 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, 180 | 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a}, 181 | { 182 | 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, 183 | 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, 184 | 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, 185 | 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, 186 | 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, 187 | 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, 188 | 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e, 189 | 0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1, 190 | 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737, 191 | 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, 192 | 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff, 193 | 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd, 194 | 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, 195 | 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7, 196 | 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41, 197 | 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, 198 | 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf, 199 | 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af, 200 | 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, 201 | 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87, 202 | 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c, 203 | 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, 204 | 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16, 205 | 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd, 206 | 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, 207 | 0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509, 208 | 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e, 209 | 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, 210 | 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f, 211 | 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a, 212 | 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, 213 | 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960, 214 | 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66, 215 | 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28, 216 | 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802, 217 | 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84, 218 | 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, 219 | 0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf, 220 | 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14, 221 | 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, 222 | 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50, 223 | 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7, 224 | 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, 225 | 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281, 226 | 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99, 227 | 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, 228 | 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128, 229 | 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73, 230 | 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, 231 | 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0, 232 | 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105, 233 | 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, 234 | 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3, 235 | 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285, 236 | 0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00, 237 | 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061, 238 | 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, 239 | 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, 240 | 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, 241 | 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, 242 | 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9, 243 | 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, 244 | 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, 245 | 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7}, 246 | { 247 | 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, 248 | 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, 249 | 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, 250 | 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, 251 | 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, 252 | 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504, 253 | 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, 254 | 0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb, 255 | 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee, 256 | 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, 257 | 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42, 258 | 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b, 259 | 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, 260 | 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb, 261 | 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527, 262 | 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, 263 | 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33, 264 | 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c, 265 | 0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3, 266 | 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc, 267 | 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17, 268 | 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, 269 | 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b, 270 | 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115, 271 | 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, 272 | 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728, 273 | 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0, 274 | 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, 275 | 0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37, 276 | 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d, 277 | 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, 278 | 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b, 279 | 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3, 280 | 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, 281 | 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d, 282 | 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c, 283 | 0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350, 284 | 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9, 285 | 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a, 286 | 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, 287 | 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d, 288 | 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc, 289 | 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, 290 | 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61, 291 | 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2, 292 | 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, 293 | 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2, 294 | 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c, 295 | 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, 296 | 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633, 297 | 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10, 298 | 0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169, 299 | 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52, 300 | 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027, 301 | 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, 302 | 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62, 303 | 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, 304 | 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, 305 | 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, 306 | 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, 307 | 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4, 308 | 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, 309 | 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, 310 | 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0}, 311 | { 312 | 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, 313 | 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, 314 | 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, 315 | 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, 316 | 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, 317 | 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, 318 | 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, 319 | 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22, 320 | 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4, 321 | 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, 322 | 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9, 323 | 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59, 324 | 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, 325 | 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51, 326 | 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28, 327 | 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, 328 | 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b, 329 | 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28, 330 | 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, 331 | 0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd, 332 | 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a, 333 | 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, 334 | 0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb, 335 | 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f, 336 | 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, 337 | 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32, 338 | 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680, 339 | 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166, 340 | 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae, 341 | 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb, 342 | 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, 343 | 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47, 344 | 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370, 345 | 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, 346 | 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84, 347 | 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048, 348 | 0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8, 349 | 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd, 350 | 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9, 351 | 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, 352 | 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38, 353 | 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f, 354 | 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, 355 | 0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525, 356 | 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1, 357 | 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, 358 | 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964, 359 | 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e, 360 | 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, 361 | 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d, 362 | 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f, 363 | 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, 364 | 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02, 365 | 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc, 366 | 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, 367 | 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, 368 | 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, 369 | 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, 370 | 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, 371 | 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, 372 | 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, 373 | 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9, 374 | 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, 375 | 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6} 376 | }, 377 | { 378 | 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 379 | 0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89, 380 | 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c, 381 | 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, 382 | 0x9216d5d9, 0x8979fb1b 383 | } }; 384 | 385 | *c = initstate; 386 | } 387 | 388 | uint32_t 389 | Blowfish_stream2word(const uint8_t *data, uint16_t databytes, 390 | uint16_t *current) 391 | { 392 | uint8_t i; 393 | uint16_t j; 394 | uint32_t temp; 395 | 396 | temp = 0x00000000; 397 | j = *current; 398 | 399 | for (i = 0; i < 4; i++, j++) { 400 | if (j >= databytes) 401 | j = 0; 402 | temp = (temp << 8) | data[j]; 403 | } 404 | 405 | *current = j; 406 | return temp; 407 | } 408 | 409 | void 410 | Blowfish_expand0state(blf_ctx *c, const uint8_t *key, uint16_t keybytes) 411 | { 412 | uint16_t i; 413 | uint16_t j; 414 | uint16_t k; 415 | uint32_t temp; 416 | uint32_t datal; 417 | uint32_t datar; 418 | 419 | j = 0; 420 | for (i = 0; i < BLF_N + 2; i++) { 421 | /* Extract 4 int8 to 1 int32 from keystream */ 422 | temp = Blowfish_stream2word(key, keybytes, &j); 423 | c->P[i] = c->P[i] ^ temp; 424 | } 425 | 426 | j = 0; 427 | datal = 0x00000000; 428 | datar = 0x00000000; 429 | for (i = 0; i < BLF_N + 2; i += 2) { 430 | Blowfish_encipher(c, &datal, &datar); 431 | 432 | c->P[i] = datal; 433 | c->P[i + 1] = datar; 434 | } 435 | 436 | for (i = 0; i < 4; i++) { 437 | for (k = 0; k < 256; k += 2) { 438 | Blowfish_encipher(c, &datal, &datar); 439 | 440 | c->S[i][k] = datal; 441 | c->S[i][k + 1] = datar; 442 | } 443 | } 444 | } 445 | 446 | 447 | void 448 | Blowfish_expandstate(blf_ctx *c, const uint8_t *data, uint16_t databytes, 449 | const uint8_t *key, uint16_t keybytes) 450 | { 451 | uint16_t i; 452 | uint16_t j; 453 | uint16_t k; 454 | uint32_t temp; 455 | uint32_t datal; 456 | uint32_t datar; 457 | 458 | j = 0; 459 | for (i = 0; i < BLF_N + 2; i++) { 460 | /* Extract 4 int8 to 1 int32 from keystream */ 461 | temp = Blowfish_stream2word(key, keybytes, &j); 462 | c->P[i] = c->P[i] ^ temp; 463 | } 464 | 465 | j = 0; 466 | datal = 0x00000000; 467 | datar = 0x00000000; 468 | for (i = 0; i < BLF_N + 2; i += 2) { 469 | datal ^= Blowfish_stream2word(data, databytes, &j); 470 | datar ^= Blowfish_stream2word(data, databytes, &j); 471 | Blowfish_encipher(c, &datal, &datar); 472 | 473 | c->P[i] = datal; 474 | c->P[i + 1] = datar; 475 | } 476 | 477 | for (i = 0; i < 4; i++) { 478 | for (k = 0; k < 256; k += 2) { 479 | datal ^= Blowfish_stream2word(data, databytes, &j); 480 | datar ^= Blowfish_stream2word(data, databytes, &j); 481 | Blowfish_encipher(c, &datal, &datar); 482 | 483 | c->S[i][k] = datal; 484 | c->S[i][k + 1] = datar; 485 | } 486 | } 487 | 488 | } 489 | 490 | void 491 | blf_key(blf_ctx *c, const uint8_t *k, uint16_t len) 492 | { 493 | /* Initialize S-boxes and subkeys with Pi */ 494 | Blowfish_initstate(c); 495 | 496 | /* Transform S-boxes and subkeys with key */ 497 | Blowfish_expand0state(c, k, len); 498 | } 499 | 500 | void 501 | blf_enc(blf_ctx *c, uint32_t *data, uint16_t blocks) 502 | { 503 | uint32_t *d; 504 | uint16_t i; 505 | 506 | d = data; 507 | for (i = 0; i < blocks; i++) { 508 | Blowfish_encipher(c, d, d + 1); 509 | d += 2; 510 | } 511 | } 512 | 513 | void 514 | blf_dec(blf_ctx *c, uint32_t *data, uint16_t blocks) 515 | { 516 | uint32_t *d; 517 | uint16_t i; 518 | 519 | d = data; 520 | for (i = 0; i < blocks; i++) { 521 | Blowfish_decipher(c, d, d + 1); 522 | d += 2; 523 | } 524 | } 525 | 526 | void 527 | blf_ecb_encrypt(blf_ctx *c, uint8_t *data, uint32_t len) 528 | { 529 | uint32_t l, r; 530 | uint32_t i; 531 | 532 | for (i = 0; i < len; i += 8) { 533 | l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 534 | r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 535 | Blowfish_encipher(c, &l, &r); 536 | data[0] = l >> 24 & 0xff; 537 | data[1] = l >> 16 & 0xff; 538 | data[2] = l >> 8 & 0xff; 539 | data[3] = l & 0xff; 540 | data[4] = r >> 24 & 0xff; 541 | data[5] = r >> 16 & 0xff; 542 | data[6] = r >> 8 & 0xff; 543 | data[7] = r & 0xff; 544 | data += 8; 545 | } 546 | } 547 | 548 | void 549 | blf_ecb_decrypt(blf_ctx *c, uint8_t *data, uint32_t len) 550 | { 551 | uint32_t l, r; 552 | uint32_t i; 553 | 554 | for (i = 0; i < len; i += 8) { 555 | l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 556 | r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 557 | Blowfish_decipher(c, &l, &r); 558 | data[0] = l >> 24 & 0xff; 559 | data[1] = l >> 16 & 0xff; 560 | data[2] = l >> 8 & 0xff; 561 | data[3] = l & 0xff; 562 | data[4] = r >> 24 & 0xff; 563 | data[5] = r >> 16 & 0xff; 564 | data[6] = r >> 8 & 0xff; 565 | data[7] = r & 0xff; 566 | data += 8; 567 | } 568 | } 569 | 570 | void 571 | blf_cbc_encrypt(blf_ctx *c, uint8_t *iv, uint8_t *data, uint32_t len) 572 | { 573 | uint32_t l, r; 574 | uint32_t i, j; 575 | 576 | for (i = 0; i < len; i += 8) { 577 | for (j = 0; j < 8; j++) 578 | data[j] ^= iv[j]; 579 | l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 580 | r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 581 | Blowfish_encipher(c, &l, &r); 582 | data[0] = l >> 24 & 0xff; 583 | data[1] = l >> 16 & 0xff; 584 | data[2] = l >> 8 & 0xff; 585 | data[3] = l & 0xff; 586 | data[4] = r >> 24 & 0xff; 587 | data[5] = r >> 16 & 0xff; 588 | data[6] = r >> 8 & 0xff; 589 | data[7] = r & 0xff; 590 | iv = data; 591 | data += 8; 592 | } 593 | } 594 | 595 | void 596 | blf_cbc_decrypt(blf_ctx *c, uint8_t *iva, uint8_t *data, uint32_t len) 597 | { 598 | uint32_t l, r; 599 | uint8_t *iv; 600 | uint32_t i, j; 601 | 602 | iv = data + len - 16; 603 | data = data + len - 8; 604 | for (i = len - 8; i >= 8; i -= 8) { 605 | l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 606 | r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 607 | Blowfish_decipher(c, &l, &r); 608 | data[0] = l >> 24 & 0xff; 609 | data[1] = l >> 16 & 0xff; 610 | data[2] = l >> 8 & 0xff; 611 | data[3] = l & 0xff; 612 | data[4] = r >> 24 & 0xff; 613 | data[5] = r >> 16 & 0xff; 614 | data[6] = r >> 8 & 0xff; 615 | data[7] = r & 0xff; 616 | for (j = 0; j < 8; j++) 617 | data[j] ^= iv[j]; 618 | iv -= 8; 619 | data -= 8; 620 | } 621 | l = data[0] << 24 | data[1] << 16 | data[2] << 8 | data[3]; 622 | r = data[4] << 24 | data[5] << 16 | data[6] << 8 | data[7]; 623 | Blowfish_decipher(c, &l, &r); 624 | data[0] = l >> 24 & 0xff; 625 | data[1] = l >> 16 & 0xff; 626 | data[2] = l >> 8 & 0xff; 627 | data[3] = l & 0xff; 628 | data[4] = r >> 24 & 0xff; 629 | data[5] = r >> 16 & 0xff; 630 | data[6] = r >> 8 & 0xff; 631 | data[7] = r & 0xff; 632 | for (j = 0; j < 8; j++) 633 | data[j] ^= iva[j]; 634 | } 635 | --------------------------------------------------------------------------------