appendix-b.html

Wiley - Applied Cryptography, Protocols, Algorthms, and Source Code in C

#endif

kboxinit(gost_ctx *c)
{
        int i;

        byte k8[16] = {14,  4, 13,  1,  2, 15, 11,  8,  3, 10,  6,
                       12,  5,  9,  0,  7 };

        byte k7[16] = {15,  1,  8, 14,  6, 11,  3,  4,  9,  7,  2,
                       13, 12,  0,  5, 10 };
        byte k6[16] = {10,  0,  9, 14,  6,  3, 15,  5,  1, 13, 12,
                        7, 11,  4,  2,  8 };
        byte k5[16] = { 7, 13, 14,  3,  0,  6,  9, 10,  1,  2,  8,
                        5, 11, 12,  4, 15 };
        byte k4[16] = { 2, 12,  4,  1,  7, 10, 11,  6,  8,  5,  3,
                       15, 13,  0, 14,  9 };
        byte k3[16] = {12,  1, 10, 15,  9,  2,  6,  8,  0, 13,  3,
                        4, 14,  7,  5, 11 };
        byte k2[16] = { 4, 11,  2, 14, 15,  0,  8, 13,  3, 12,  9,
                        7,  5, 10,  6,  1 };
        byte k1[16] = {13,  2,  8,  4,  6, 15, 11,  1, 10,  9,  3,
                       14,  5,  0, 12,  7 };

     for (i = 0; i < 256; i++) {
                c–>k87[i] = k8[i >> 4] << 4 | k7[i &amp 15];
                c–>k65[i] = k6[i >> 4] << 4 | k5[i &amp 15];
                c–>k43[i] = k4[i >> 4] << 4 | k3[i &amp 15];
                c–>k21[i] = k2[i >> 4] << 4 | k1[i &amp 15];
     }
}

static word32
f(gost_ctx *c,word32 x)
{
        x = c–>k87[x>>24 &amp 255] << 24 | c–>k65[x>>16 &amp 255] << 16 |
            c–>k43[x>> 8 &amp 255] <<  8 | c–>k21[x &amp 255];

     /* Rotate left 11 bits */
     return x<<11 | x>>(32–11);
}

void gostcrypt(gost_ctx *c, word32 *d){
     register word32 n1, n2; /* As named in the GOST */

        n1 = d[0];
        n2 = d[1];

     /* Instead of swapping halves, swap names each round */
        n2 ^= f(c,n1+c–>k[0]); n1 ^= f(c,n2+c–>k[1]);
        n2 ^= f(c,n1+c–>k[2]); n1 ^= f(c,n2+c–>k[3]);
        n2 ^= f(c,n1+c–>k[4]); n1 ^= f(c,n2+c–>k[5]);
        n2 ^= f(c,n1+c–>k[6]); n1 ^= f(c,n2+c–>k[7]);

        n2 ^= f(c,n1+c–>k[0]); n1 ^= f(c,n2+c–>k[1]);
        n2 ^= f(c,n1+c–>k[2]); n1 ^= f(c,n2+c–>k[3]);
        n2 ^= f(c,n1+c–>k[4]); n1 ^= f(c,n2+c–>k[5]);
        n2 ^= f(c,n1+c–>k[6]); n1 ^= f(c,n2+c–>k[7]);

        n2 ^= f(c,n1+c–>k[0]); n1 ^= f(c,n2+c–>k[1]);
        n2 ^= f(c,n1+c–>k[2]); n1 ^= f(c,n2+c–>k[3]);
        n2 ^= f(c,n1+c–>k[4]); n1 ^= f(c,n2+c–>k[5]);
        n2 ^= f(c,n1+c–>k[6]); n1 ^= f(c,n2+c–>k[7]);

        n2 ^= f(c,n1+c–>k[7]); n1 ^= f(c,n2+c–>k[6]);
        n2 ^= f(c,n1+c–>k[5]); n1 ^= f(c,n2+c–>k[4]);
        n2 ^= f(c,n1+c–>k[3]); n1 ^= f(c,n2+c–>k[2]);
        n2 ^= f(c,n1+c–>k[1]); n1 ^= f(c,n2+c–>k[0]);

        d[0] = n2; d[1] = n1;
}

void
gostdecrypt(gost_ctx *c, u4 *d){
     register word32 n1, n2; /* As named in the GOST */

        n1 = d[0]; n2 = d[1];

        n2 ^= f(c,n1+c–>k[0]); n1 ^= f(c,n2+c–>k[1]);
        n2 ^= f(c,n1+c–>k[2]); n1 ^= f(c,n2+c–>k[3]);
        n2 ^= f(c,n1+c–>k[4]); n1 ^= f(c,n2+c–>k[5]);
        n2 ^= f(c,n1+c–>k[6]); n1 ^= f(c,n2+c–>k[7]);

        n2 ^= f(c,n1+c–>k[7]); n1 ^= f(c,n2+c–>k[6]);
        n2 ^= f(c,n1+c–>k[5]); n1 ^= f(c,n2+c–>k[4]);
        n2 ^= f(c,n1+c–>k[3]); n1 ^= f(c,n2+c–>k[2]);
        n2 ^= f(c,n1+c–>k[1]); n1 ^= f(c,n2+c–>k[0]);

        n2 ^= f(c,n1+c–>k[7]); n1 ^= f(c,n2+c–>k[6]);
        n2 ^= f(c,n1+c–>k[5]); n1 ^= f(c,n2+c–>k[4]);
        n2 ^= f(c,n1+c–>k[3]); n1 ^= f(c,n2+c–>k[2]);
        n2 ^= f(c,n1+c–>k[1]); n1 ^= f(c,n2+c–>k[0]);

        n2 ^= f(c,n1+c–>k[7]); n1 ^= f(c,n2+c–>k[6]);
        n2 ^= f(c,n1+c–>k[5]); n1 ^= f(c,n2+c–>k[4]);
        n2 ^= f(c,n1+c–>k[3]); n1 ^= f(c,n2+c–>k[2]);
        n2 ^= f(c,n1+c–>k[1]); n1 ^= f(c,n2+c–>k[0]);

        d[0] = n2; d[1] = n1;
}
void gost_enc(gost_ctx *c, u4 *d, int blocks){
        int i;

        for(i=0;i<blocks;i++){
                gostcrypt(c,d);
                d+=2;
        }
}

void gost_dec(gost_ctx *c, u4 *d, int blocks){
        int i;

        for(i=0;i<blocks;i++){
                gostdecrypt(c,d);
                d+=2;
        }
}

void gost_key(gost_ctx *c, u4 *k){
        int i;
        for(i=0;i<8;i++) c–>k[i]=k[i];
}

void gost_init(gost_ctx *c){
        kboxinit(c);
}

void gost_destroy(gost_ctx *c){
        int i;
        for(i=0;i<8;i++) c–>k[i]=0;
}

void main(void){
        gost_ctx gc;
        u4 k[8],data[10];
        int i;

        /* Initialize GOST context. */
        gost_init(&ampgc);

        /* Prepare key––a simple key should be OK, with this many rounds! */
        for(i=0;i<8;i++) k[i] = i;
        gost_key(&ampgc,k);

        /* Try some test vectors. */
        data[0] = 0; data[1] = 0;
        gostcrypt(&ampgc,data);
        printf(“Enc of zero vector:  %08lx %08lx\n”,data[0],data[1]);
        gostcrypt(&ampgc,data);
        printf(“Enc of above:        %08lx %08lx\n”,data[0],data[1]);
        data[0] = 0xffffffff; data[1] = 0xffffffff;
        gostcrypt(&ampgc,data);
        printf(“Enc of ones vector:  %08lx %08lx\n”,data[0],data[1]);
        gostcrypt(&ampgc,data);
        printf(“Enc of above:        %08lx %08lx\n”,data[0],data[1]);

        /* Does gost_dec() properly reverse gost_enc()?  Do
           we deal OK with single–block lengths passed in gost_dec()?
           Do we deal OK with different lengths passed in? */

        /* Init data */
        for(i=0;i<10;i++) data[i]=i;
        /* Encrypt data as 5 blocks. */

        gost_enc(&ampgc,data,5);
        /* Display encrypted data. */

        for(i=0;i<10;i+=2) printf(“Block %02d = %08lx %08lx\n”,
                                 i/2,data[i],data[i+1]);

        /* Decrypt in different sized chunks. */
        gost_dec(&ampgc,data,1);
        gost_dec(&ampgc,data+2,4);
        printf(“\n”);

        /* Display decrypted data. */
        for(i=0;i<10;i+=2) printf(“Block %02d = %08lx %08lx\n”,
                                 i/2,data[i],data[i+1]);

        gost_destroy(&ampgc);
}
</PRE>
<!-- END CODE //-->
<H3><A NAME="Heading5"></A><FONT COLOR="#000077">BLOWFISH</FONT></H3>
<!-- CODE //-->
<PRE>
#include &lt;math.h&gt;
#include &lt;stdio.h&gt;
#include &lt;stdlib.h&gt;
#include &lt;time.h&gt;

#ifdef little_endian   /* Eg: Intel */
   #include &lt;alloc.h&gt;
#endif

#include &lt;ctype.h&gt;

#ifdef little_endian   /* Eg: Intel */
   #include &lt;dir.h&gt;
   #include &lt;bios.h&gt;
#endif

#ifdef big_endian
   #include &lt;Types.h&gt;
#endif

typedef struct {
        unsigned long S[4][256],P[18];
} blf_ctx;

#define MAXKEYBYTES 56          /* 448 bits */
// #define little_endian 1              /* Eg: Intel */
#define big_endian 1            /* Eg: Motorola */

void Blowfish_encipher(blf_ctx *,unsigned long *xl, unsigned long *xr);
void Blowfish_decipher(blf_ctx *,unsigned long *xl, unsigned long *xr);

#define N               16
#define noErr            0
#define DATAERROR         &#150;1
#define KEYBYTES         8

FILE*         SubkeyFile;

unsigned long F(blf_ctx *bc, unsigned long x)
{
   unsigned short a;
   unsigned short b;
   unsigned short c;
   unsigned short d;
   unsigned long  y;
   d = x &amp 0&#215;00FF;
   x &gt;&gt;= 8;
   c = x &amp 0&#215;00FF;
   x &gt;&gt;= 8;
   b = x &amp 0&#215;00FF;
   x &gt;&gt;= 8;
   a = x &amp 0&#215;00FF;
   //y = ((S[0][a] &#43; S[1][b]) ^ S[2][c]) &#43; S[3][d];
   y = bc&#150;&gt;S[0][a] &#43; bc&#150;&gt;S[1][b];
   y = y ^ bc&#150;&gt;S[2][c];
   y = y &#43; bc&#150;&gt;S[3][d];

   return y;
}

void Blowfish_encipher(blf_ctx *c,unsigned long *xl, unsigned long *xr)
{
   unsigned long  Xl;
   unsigned long  Xr;
   unsigned long  temp;
   short          i;

   Xl = *xl;
   Xr = *xr;

   for (i = 0; i &lt; N; &#43;&#43;i) {
      Xl = Xl ^ c&#150;&gt;P[i];
      Xr = F(c,Xl) ^ Xr;

      temp = Xl;
      Xl = Xr;
      Xr = temp;
   }

   temp = Xl;
   Xl = Xr;
   Xr = temp;

   Xr = Xr ^ c&#150;&gt;P[N];
   Xl = Xl ^ c&#150;&gt;P[N &#43; 1];

   *xl = Xl;
   *xr = Xr;
}

void Blowfish_decipher(blf_ctx *c, unsigned long *xl, unsigned long *xr)
{
   unsigned long  Xl;
   unsigned long  Xr;
   unsigned long  temp;
   short          i;

   Xl = *xl;
   Xr = *xr;
   for (i = N &#43; 1; i &gt; 1; &#150;&#150;i) {
      Xl = Xl ^ c&#150;&gt;P[i];
      Xr = F(c,Xl) ^ Xr;

      /* Exchange Xl and Xr */
      temp = Xl;
      Xl = Xr;
      Xr = temp;
   }

   /* Exchange Xl and Xr */
   temp = Xl;
   Xl = Xr;
   Xr = temp;

   Xr = Xr ^ c&#150;&gt;P[1];
   Xl = Xl ^ c&#150;&gt;P[0];

   *xl = Xl;
   *xr = Xr;
}

short InitializeBlowfish(blf_ctx *c, char key[], short keybytes)
{
   short          i;
   short          j;
   short          k;
   short          error;
   short          numread;
   unsigned long  data;
   unsigned long  datal;
   unsigned long  datar;

unsigned long ks0[] = {
0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 0xb8e1afed, 0x6a267e96,
0xba7c9045, 0xf12c7f99, 0x24a19947, 0xb3916cf7, 0&#215;0801f2e2, 0x858efc16,
0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, 0&#215;0d95748f, 0x728eb658,
0x718bcd58, 0x82154aee, 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013,
0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, 0x8e79dcb0, 0x603a180e,
0x6c9e0e8b, 0xb01e8a3e, 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60,
0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, 0x55ca396a, 0x2aab10b6,
0xb4cc5c34, 0x1141e8ce, 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a,
0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, 0xafd6ba33, 0x6c24cf5c,
0x7a325381, 0x28958677, 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193,
0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, 0xef845d5d, 0xe98575b1,
0xdc262302, 0xeb651b88, 0x23893e81, 0xd396acc5, 0&#215;0f6d6ff3, 0x83f44239,
0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, 0x21c66842, 0xf6e96c9a,
0x670c9c61, 0xabd388f0, 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3,
0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, 0xa1f1651d, 0x39af0176,
0x66ca593e, 0x82430e88, 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe,
0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, 0x4ed3aa62, 0x363f7706,
0x1bfedf72, 0x429b023d, 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b,
0&#215;075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, 0xe3fe501a, 0xb6794c3b,
0x976ce0bd, 0&#215;04c006ba, 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2