blowfish.c

在卡片上管理密码的工具。密码被标注并集体加密存储在卡片上。因此这是一个安全存储密码的方法

    0xE60B6F47,0x0FE3F11D,0xE54CDA54,0x1EDAD891,0xCE6279CF,0xCD3E7E6F,
    0x1618B166,0xFD2C1D05,0x848FD2C5,0xF6FB2299,0xF523F357,0xA6327623,
    0x93A83531,0x56CCCD02,0xACF08162,0x5A75EBB5,0x6E163697,0x88D273CC,
    0xDE966292,0x81B949D0,0x4C50901B,0x71C65614,0xE6C6C7BD,0x327A140A,
    0x45E1D006,0xC3F27B9A,0xC9AA53FD,0x62A80F00,0xBB25BFE2,0x35BDD2F6,
    0x71126905,0xB2040222,0xB6CBCF7C,0xCD769C2B,0x53113EC0,0x1640E3D3,
    0x38ABBD60,0x2547ADF0,0xBA38209C,0xF746CE76,0x77AFA1C5,0x20756060,
    0x85CBFE4E,0x8AE88DD8,0x7AAAF9B0,0x4CF9AA7E,0x1948C25C,0x02FB8A8C,
    0x01C36AE4,0xD6EBE1F9,0x90D4F869,0xA65CDEA0,0x3F09252D,0xC208E69F,
    0xB74E6132,0xCE77E25B,0x578FDFE3,0x3AC372E6 };

static const u32 ps[BLOWFISH_ROUNDS+2] = {
    0x243F6A88,0x85A308D3,0x13198A2E,0x03707344,0xA4093822,0x299F31D0,
    0x082EFA98,0xEC4E6C89,0x452821E6,0x38D01377,0xBE5466CF,0x34E90C6C,
    0xC0AC29B7,0xC97C50DD,0x3F84D5B5,0xB5470917,0x9216D5D9,0x8979FB1B };



#if BLOWFISH_ROUNDS != 16
static inline u32
function_F( BLOWFISH_context *bc, u32 x )
{
    u16 a, b, c, d;

  #ifdef BIG_ENDIAN_HOST
    a = ((u8*)&x)[0];
    b = ((u8*)&x)[1];
    c = ((u8*)&x)[2];
    d = ((u8*)&x)[3];
  #else
    a = ((u8*)&x)[3];
    b = ((u8*)&x)[2];
    c = ((u8*)&x)[1];
    d = ((u8*)&x)[0];
  #endif

    return ((bc->s0[a] + bc->s1[b]) ^ bc->s2[c] ) + bc->s3[d];
}
#endif

#ifdef BIG_ENDIAN_HOST
  #define F(x) ((( s0[((u8*)&x)[0]] + s1[((u8*)&x)[1]])	 \
		   ^ s2[((u8*)&x)[2]]) + s3[((u8*)&x)[3]] )
#else
  #define F(x) ((( s0[((u8*)&x)[3]] + s1[((u8*)&x)[2]])	 \
		   ^ s2[((u8*)&x)[1]]) + s3[((u8*)&x)[0]] )
#endif
#define R(l,r,i)  do { l ^= p[i]; r ^= F(l); } while(0)


static void
encrypt(  BLOWFISH_context *bc, u32 *ret_xl, u32 *ret_xr )
{
  #if BLOWFISH_ROUNDS == 16
    u32 xl, xr, *s0, *s1, *s2, *s3, *p;

    xl = *ret_xl;
    xr = *ret_xr;
    p = bc->p;
    s0 = bc->s0;
    s1 = bc->s1;
    s2 = bc->s2;
    s3 = bc->s3;

    R( xl, xr,	0);
    R( xr, xl,	1);
    R( xl, xr,	2);
    R( xr, xl,	3);
    R( xl, xr,	4);
    R( xr, xl,	5);
    R( xl, xr,	6);
    R( xr, xl,	7);
    R( xl, xr,	8);
    R( xr, xl,	9);
    R( xl, xr, 10);
    R( xr, xl, 11);
    R( xl, xr, 12);
    R( xr, xl, 13);
    R( xl, xr, 14);
    R( xr, xl, 15);

    xl ^= p[BLOWFISH_ROUNDS];
    xr ^= p[BLOWFISH_ROUNDS+1];

    *ret_xl = xr;
    *ret_xr = xl;

  #else
    u32 xl, xr, temp, *p;
    int i;

    xl = *ret_xl;
    xr = *ret_xr;
    p = bc->p;

    for(i=0; i < BLOWFISH_ROUNDS; i++ ) {
	xl ^= p[i];
	xr ^= function_F(bc, xl);
	temp = xl;
	xl = xr;
	xr = temp;
    }
    temp = xl;
    xl = xr;
    xr = temp;

    xr ^= p[BLOWFISH_ROUNDS];
    xl ^= p[BLOWFISH_ROUNDS+1];

    *ret_xl = xl;
    *ret_xr = xr;
  #endif
}

void
encrypt_block( BLOWFISH_context *bc, u8 *outbuf, u8 *inbuf )
{
    u32 d1, d2;

    d1 = inbuf[0] << 24 | inbuf[1] << 16 | inbuf[2] << 8 | inbuf[3];
    d2 = inbuf[4] << 24 | inbuf[5] << 16 | inbuf[6] << 8 | inbuf[7];
    encrypt( bc, &d1, &d2 );
    outbuf[0] = (d1 >> 24) & 0xff;
    outbuf[1] = (d1 >> 16) & 0xff;
    outbuf[2] = (d1 >>	8) & 0xff;
    outbuf[3] =  d1	   & 0xff;
    outbuf[4] = (d2 >> 24) & 0xff;
    outbuf[5] = (d2 >> 16) & 0xff;
    outbuf[6] = (d2 >>	8) & 0xff;
    outbuf[7] =  d2	   & 0xff;
}

void
bf_setkey( BLOWFISH_context *c, u8 *key, unsigned keylen )
{
    int i, j;
    u32 data, datal, datar;

    for(i=0; i < BLOWFISH_ROUNDS+2; i++ )
	c->p[i] = ps[i];
    for(i=0; i < 256; i++ ) {
	c->s0[i] = ks0[i];
	c->s1[i] = ks1[i];
	c->s2[i] = ks2[i];
	c->s3[i] = ks3[i];
    }

    for(i=j=0; i < BLOWFISH_ROUNDS+2; i++ ) {
      #ifdef BIG_ENDIAN_HOST
	((u8*)&data)[0] = key[j];
	((u8*)&data)[1] = key[(j+1)%keylen];
	((u8*)&data)[2] = key[(j+2)%keylen];
	((u8*)&data)[3] = key[(j+3)%keylen];
      #else
	((u8*)&data)[3] = key[j];
	((u8*)&data)[2] = key[(j+1)%keylen];
	((u8*)&data)[1] = key[(j+2)%keylen];
	((u8*)&data)[0] = key[(j+3)%keylen];
      #endif
	c->p[i] ^= data;
	j = (j+4) % keylen;
    }

    datal = datar = 0;
    for(i=0; i < BLOWFISH_ROUNDS+2; i += 2 ) {
	encrypt( c, &datal, &datar );
	c->p[i]   = datal;
	c->p[i+1] = datar;
    }
    for(i=0; i < 256; i += 2 )	{
	encrypt( c, &datal, &datar );
	c->s0[i]   = datal;
	c->s0[i+1] = datar;
    }
    for(i=0; i < 256; i += 2 )	{
	encrypt( c, &datal, &datar );
	c->s1[i]   = datal;
	c->s1[i+1] = datar;
    }
    for(i=0; i < 256; i += 2 )	{
	encrypt( c, &datal, &datar );
	c->s2[i]   = datal;
	c->s2[i+1] = datar;
    }
    for(i=0; i < 256; i += 2 )	{
	encrypt( c, &datal, &datar );
	c->s3[i]   = datal;
	c->s3[i+1] = datar;
    }


    /* Check for weak key.  A weak key is a key in which a value in */
    /* the P-array (here c) occurs more than once per table.	    */
    for(i=0; i < 255; i++ ) {
	for( j=i+1; j < 256; j++) {
	    if( (c->s0[i] == c->s0[j]) || (c->s1[i] == c->s1[j]) ||
		(c->s2[i] == c->s2[j]) || (c->s3[i] == c->s3[j]) )
		return;
	}
    }

}

void
blowfish_wipe( BLOWFISH_context *bc ) {
  int i;

  for (i = 0; i < 256; i++)
    bc->s0[i] = bc->s1[i] = bc->s2[i] = bc->s3[i] = 0;

  for (i = 0; i < BLOWFISH_ROUNDS + 2; i++)
    bc->p[i] = 0;
}