Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_vim / b58a4b938c4bc7e0499700859bd7abba9acc5b11 / . / src / blowfish.c
blob: ce499579132c0f918f818f52b390ecac9851d994 [file] [log] [blame]
Bram Moolenaaredf3f972016-08-29 22:49:24 +0200[diff] [blame]1/* vi:set ts=8 sts=4 sw=4 noet:
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]2 *
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]3 * VIM - Vi IMproved by Bram Moolenaar
4 *
5 * Do ":help uganda" in Vim to read copying and usage conditions.
6 * Do ":help credits" in Vim to see a list of people who contributed.
7 * See README.txt for an overview of the Vim source code.
8 *
Bram Moolenaar4d504a32014-02-11 15:23:32 +0100[diff] [blame]9 * Blowfish encryption for Vim; in Blowfish cipher feedback mode.
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]10 * Contributed by Mohsin Ahmed, http://www.cs.albany.edu/~mosh
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]11 * Based on http://www.schneier.com/blowfish.html by Bruce Schneier.
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]12 *
13 * There are two variants:
14 * - The old one "blowfish" has a flaw which makes it much easier to crack the
15 * key. To see this, make a text file with one line of 1000 "x" characters
16 * and write it encrypted. Use "xxd" to inspect the bytes in the file. You
17 * will see that a block of 8 bytes repeats 8 times.
18 * - The new one "blowfish2" is better. It uses an 8 byte CFB to avoid the
19 * repeats.
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]20 */
21
22#include "vim.h"
23
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]24#if defined(FEAT_CRYPT) || defined(PROTO)
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]25
26#define ARRAY_LENGTH(A) (sizeof(A)/sizeof(A[0]))
27
28#define BF_BLOCK 8
Bram Moolenaar04c9baf2010-06-01 23:37:39 +0200[diff] [blame]29#define BF_BLOCK_MASK 7
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]30#define BF_MAX_CFB_LEN (8 * BF_BLOCK)
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]31
32typedef union {
Bram Moolenaarfa7584c2010-05-19 21:57:45 +0200[diff] [blame]33 UINT32_T ul[2];
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]34 char_u uc[8];
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]35} block8;
36
Bram Moolenaar4f974752019-02-17 17:44:42 +0100[diff] [blame]37#if defined(MSWIN)
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]38 /* MS-Windows is always little endian */
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]39#else
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]40# ifdef HAVE_CONFIG_H
Bram Moolenaar3f7d0902016-11-12 21:13:42 +0100[diff] [blame]41 /* in configure.ac AC_C_BIGENDIAN() defines WORDS_BIGENDIAN when needed */
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]42# else
43 error!
44 Please change this code to define WORDS_BIGENDIAN for big-endian machines.
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]45# endif
46#endif
47
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]48/* The state of encryption, referenced by cryptstate_T. */
49typedef struct {
50 UINT32_T pax[18]; /* P-array */
51 UINT32_T sbx[4][256]; /* S-boxes */
52 int randbyte_offset;
53 int update_offset;
54 char_u cfb_buffer[BF_MAX_CFB_LEN]; /* up to 64 bytes used */
55 int cfb_len; /* size of cfb_buffer actually used */
56} bf_state_T;
57
58
Bram Moolenaar4a9b19a2010-05-18 21:17:10 +0200[diff] [blame]59/* Blowfish code */
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]60static UINT32_T pax_init[18] = {
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]61 0x243f6a88u, 0x85a308d3u, 0x13198a2eu,
62 0x03707344u, 0xa4093822u, 0x299f31d0u,
63 0x082efa98u, 0xec4e6c89u, 0x452821e6u,
64 0x38d01377u, 0xbe5466cfu, 0x34e90c6cu,
65 0xc0ac29b7u, 0xc97c50ddu, 0x3f84d5b5u,
66 0xb5470917u, 0x9216d5d9u, 0x8979fb1bu
67};
68
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]69static UINT32_T sbx_init[4][256] = {
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]70 {0xd1310ba6u, 0x98dfb5acu, 0x2ffd72dbu, 0xd01adfb7u,
71 0xb8e1afedu, 0x6a267e96u, 0xba7c9045u, 0xf12c7f99u,
72 0x24a19947u, 0xb3916cf7u, 0x0801f2e2u, 0x858efc16u,
73 0x636920d8u, 0x71574e69u, 0xa458fea3u, 0xf4933d7eu,
74 0x0d95748fu, 0x728eb658u, 0x718bcd58u, 0x82154aeeu,
75 0x7b54a41du, 0xc25a59b5u, 0x9c30d539u, 0x2af26013u,
76 0xc5d1b023u, 0x286085f0u, 0xca417918u, 0xb8db38efu,
77 0x8e79dcb0u, 0x603a180eu, 0x6c9e0e8bu, 0xb01e8a3eu,
78 0xd71577c1u, 0xbd314b27u, 0x78af2fdau, 0x55605c60u,
79 0xe65525f3u, 0xaa55ab94u, 0x57489862u, 0x63e81440u,
80 0x55ca396au, 0x2aab10b6u, 0xb4cc5c34u, 0x1141e8ceu,
81 0xa15486afu, 0x7c72e993u, 0xb3ee1411u, 0x636fbc2au,
82 0x2ba9c55du, 0x741831f6u, 0xce5c3e16u, 0x9b87931eu,
83 0xafd6ba33u, 0x6c24cf5cu, 0x7a325381u, 0x28958677u,
84 0x3b8f4898u, 0x6b4bb9afu, 0xc4bfe81bu, 0x66282193u,
85 0x61d809ccu, 0xfb21a991u, 0x487cac60u, 0x5dec8032u,
86 0xef845d5du, 0xe98575b1u, 0xdc262302u, 0xeb651b88u,
87 0x23893e81u, 0xd396acc5u, 0x0f6d6ff3u, 0x83f44239u,
88 0x2e0b4482u, 0xa4842004u, 0x69c8f04au, 0x9e1f9b5eu,
89 0x21c66842u, 0xf6e96c9au, 0x670c9c61u, 0xabd388f0u,
90 0x6a51a0d2u, 0xd8542f68u, 0x960fa728u, 0xab5133a3u,
91 0x6eef0b6cu, 0x137a3be4u, 0xba3bf050u, 0x7efb2a98u,
92 0xa1f1651du, 0x39af0176u, 0x66ca593eu, 0x82430e88u,
93 0x8cee8619u, 0x456f9fb4u, 0x7d84a5c3u, 0x3b8b5ebeu,
94 0xe06f75d8u, 0x85c12073u, 0x401a449fu, 0x56c16aa6u,
95 0x4ed3aa62u, 0x363f7706u, 0x1bfedf72u, 0x429b023du,
96 0x37d0d724u, 0xd00a1248u, 0xdb0fead3u, 0x49f1c09bu,
97 0x075372c9u, 0x80991b7bu, 0x25d479d8u, 0xf6e8def7u,
98 0xe3fe501au, 0xb6794c3bu, 0x976ce0bdu, 0x04c006bau,
99 0xc1a94fb6u, 0x409f60c4u, 0x5e5c9ec2u, 0x196a2463u,
100 0x68fb6fafu, 0x3e6c53b5u, 0x1339b2ebu, 0x3b52ec6fu,
101 0x6dfc511fu, 0x9b30952cu, 0xcc814544u, 0xaf5ebd09u,
102 0xbee3d004u, 0xde334afdu, 0x660f2807u, 0x192e4bb3u,
103 0xc0cba857u, 0x45c8740fu, 0xd20b5f39u, 0xb9d3fbdbu,
104 0x5579c0bdu, 0x1a60320au, 0xd6a100c6u, 0x402c7279u,
105 0x679f25feu, 0xfb1fa3ccu, 0x8ea5e9f8u, 0xdb3222f8u,
106 0x3c7516dfu, 0xfd616b15u, 0x2f501ec8u, 0xad0552abu,
107 0x323db5fau, 0xfd238760u, 0x53317b48u, 0x3e00df82u,
108 0x9e5c57bbu, 0xca6f8ca0u, 0x1a87562eu, 0xdf1769dbu,
109 0xd542a8f6u, 0x287effc3u, 0xac6732c6u, 0x8c4f5573u,
110 0x695b27b0u, 0xbbca58c8u, 0xe1ffa35du, 0xb8f011a0u,
111 0x10fa3d98u, 0xfd2183b8u, 0x4afcb56cu, 0x2dd1d35bu,
112 0x9a53e479u, 0xb6f84565u, 0xd28e49bcu, 0x4bfb9790u,
113 0xe1ddf2dau, 0xa4cb7e33u, 0x62fb1341u, 0xcee4c6e8u,
114 0xef20cadau, 0x36774c01u, 0xd07e9efeu, 0x2bf11fb4u,
115 0x95dbda4du, 0xae909198u, 0xeaad8e71u, 0x6b93d5a0u,
116 0xd08ed1d0u, 0xafc725e0u, 0x8e3c5b2fu, 0x8e7594b7u,
117 0x8ff6e2fbu, 0xf2122b64u, 0x8888b812u, 0x900df01cu,
118 0x4fad5ea0u, 0x688fc31cu, 0xd1cff191u, 0xb3a8c1adu,
119 0x2f2f2218u, 0xbe0e1777u, 0xea752dfeu, 0x8b021fa1u,
120 0xe5a0cc0fu, 0xb56f74e8u, 0x18acf3d6u, 0xce89e299u,
121 0xb4a84fe0u, 0xfd13e0b7u, 0x7cc43b81u, 0xd2ada8d9u,
122 0x165fa266u, 0x80957705u, 0x93cc7314u, 0x211a1477u,
123 0xe6ad2065u, 0x77b5fa86u, 0xc75442f5u, 0xfb9d35cfu,
124 0xebcdaf0cu, 0x7b3e89a0u, 0xd6411bd3u, 0xae1e7e49u,
125 0x00250e2du, 0x2071b35eu, 0x226800bbu, 0x57b8e0afu,
126 0x2464369bu, 0xf009b91eu, 0x5563911du, 0x59dfa6aau,
127 0x78c14389u, 0xd95a537fu, 0x207d5ba2u, 0x02e5b9c5u,
128 0x83260376u, 0x6295cfa9u, 0x11c81968u, 0x4e734a41u,
129 0xb3472dcau, 0x7b14a94au, 0x1b510052u, 0x9a532915u,
130 0xd60f573fu, 0xbc9bc6e4u, 0x2b60a476u, 0x81e67400u,
131 0x08ba6fb5u, 0x571be91fu, 0xf296ec6bu, 0x2a0dd915u,
132 0xb6636521u, 0xe7b9f9b6u, 0xff34052eu, 0xc5855664u,
133 0x53b02d5du, 0xa99f8fa1u, 0x08ba4799u, 0x6e85076au},
134 {0x4b7a70e9u, 0xb5b32944u, 0xdb75092eu, 0xc4192623u,
135 0xad6ea6b0u, 0x49a7df7du, 0x9cee60b8u, 0x8fedb266u,
136 0xecaa8c71u, 0x699a17ffu, 0x5664526cu, 0xc2b19ee1u,
137 0x193602a5u, 0x75094c29u, 0xa0591340u, 0xe4183a3eu,
138 0x3f54989au, 0x5b429d65u, 0x6b8fe4d6u, 0x99f73fd6u,
139 0xa1d29c07u, 0xefe830f5u, 0x4d2d38e6u, 0xf0255dc1u,
140 0x4cdd2086u, 0x8470eb26u, 0x6382e9c6u, 0x021ecc5eu,
141 0x09686b3fu, 0x3ebaefc9u, 0x3c971814u, 0x6b6a70a1u,
142 0x687f3584u, 0x52a0e286u, 0xb79c5305u, 0xaa500737u,
143 0x3e07841cu, 0x7fdeae5cu, 0x8e7d44ecu, 0x5716f2b8u,
144 0xb03ada37u, 0xf0500c0du, 0xf01c1f04u, 0x0200b3ffu,
145 0xae0cf51au, 0x3cb574b2u, 0x25837a58u, 0xdc0921bdu,
146 0xd19113f9u, 0x7ca92ff6u, 0x94324773u, 0x22f54701u,
147 0x3ae5e581u, 0x37c2dadcu, 0xc8b57634u, 0x9af3dda7u,
148 0xa9446146u, 0x0fd0030eu, 0xecc8c73eu, 0xa4751e41u,
149 0xe238cd99u, 0x3bea0e2fu, 0x3280bba1u, 0x183eb331u,
150 0x4e548b38u, 0x4f6db908u, 0x6f420d03u, 0xf60a04bfu,
151 0x2cb81290u, 0x24977c79u, 0x5679b072u, 0xbcaf89afu,
152 0xde9a771fu, 0xd9930810u, 0xb38bae12u, 0xdccf3f2eu,
153 0x5512721fu, 0x2e6b7124u, 0x501adde6u, 0x9f84cd87u,
154 0x7a584718u, 0x7408da17u, 0xbc9f9abcu, 0xe94b7d8cu,
155 0xec7aec3au, 0xdb851dfau, 0x63094366u, 0xc464c3d2u,
156 0xef1c1847u, 0x3215d908u, 0xdd433b37u, 0x24c2ba16u,
157 0x12a14d43u, 0x2a65c451u, 0x50940002u, 0x133ae4ddu,
158 0x71dff89eu, 0x10314e55u, 0x81ac77d6u, 0x5f11199bu,
159 0x043556f1u, 0xd7a3c76bu, 0x3c11183bu, 0x5924a509u,
160 0xf28fe6edu, 0x97f1fbfau, 0x9ebabf2cu, 0x1e153c6eu,
161 0x86e34570u, 0xeae96fb1u, 0x860e5e0au, 0x5a3e2ab3u,
162 0x771fe71cu, 0x4e3d06fau, 0x2965dcb9u, 0x99e71d0fu,
163 0x803e89d6u, 0x5266c825u, 0x2e4cc978u, 0x9c10b36au,
164 0xc6150ebau, 0x94e2ea78u, 0xa5fc3c53u, 0x1e0a2df4u,
165 0xf2f74ea7u, 0x361d2b3du, 0x1939260fu, 0x19c27960u,
166 0x5223a708u, 0xf71312b6u, 0xebadfe6eu, 0xeac31f66u,
167 0xe3bc4595u, 0xa67bc883u, 0xb17f37d1u, 0x018cff28u,
168 0xc332ddefu, 0xbe6c5aa5u, 0x65582185u, 0x68ab9802u,
169 0xeecea50fu, 0xdb2f953bu, 0x2aef7dadu, 0x5b6e2f84u,
170 0x1521b628u, 0x29076170u, 0xecdd4775u, 0x619f1510u,
171 0x13cca830u, 0xeb61bd96u, 0x0334fe1eu, 0xaa0363cfu,
172 0xb5735c90u, 0x4c70a239u, 0xd59e9e0bu, 0xcbaade14u,
173 0xeecc86bcu, 0x60622ca7u, 0x9cab5cabu, 0xb2f3846eu,
174 0x648b1eafu, 0x19bdf0cau, 0xa02369b9u, 0x655abb50u,
175 0x40685a32u, 0x3c2ab4b3u, 0x319ee9d5u, 0xc021b8f7u,
176 0x9b540b19u, 0x875fa099u, 0x95f7997eu, 0x623d7da8u,
177 0xf837889au, 0x97e32d77u, 0x11ed935fu, 0x16681281u,
178 0x0e358829u, 0xc7e61fd6u, 0x96dedfa1u, 0x7858ba99u,
179 0x57f584a5u, 0x1b227263u, 0x9b83c3ffu, 0x1ac24696u,
180 0xcdb30aebu, 0x532e3054u, 0x8fd948e4u, 0x6dbc3128u,
181 0x58ebf2efu, 0x34c6ffeau, 0xfe28ed61u, 0xee7c3c73u,
182 0x5d4a14d9u, 0xe864b7e3u, 0x42105d14u, 0x203e13e0u,
183 0x45eee2b6u, 0xa3aaabeau, 0xdb6c4f15u, 0xfacb4fd0u,
184 0xc742f442u, 0xef6abbb5u, 0x654f3b1du, 0x41cd2105u,
185 0xd81e799eu, 0x86854dc7u, 0xe44b476au, 0x3d816250u,
186 0xcf62a1f2u, 0x5b8d2646u, 0xfc8883a0u, 0xc1c7b6a3u,
187 0x7f1524c3u, 0x69cb7492u, 0x47848a0bu, 0x5692b285u,
188 0x095bbf00u, 0xad19489du, 0x1462b174u, 0x23820e00u,
189 0x58428d2au, 0x0c55f5eau, 0x1dadf43eu, 0x233f7061u,
190 0x3372f092u, 0x8d937e41u, 0xd65fecf1u, 0x6c223bdbu,
191 0x7cde3759u, 0xcbee7460u, 0x4085f2a7u, 0xce77326eu,
192 0xa6078084u, 0x19f8509eu, 0xe8efd855u, 0x61d99735u,
193 0xa969a7aau, 0xc50c06c2u, 0x5a04abfcu, 0x800bcadcu,
194 0x9e447a2eu, 0xc3453484u, 0xfdd56705u, 0x0e1e9ec9u,
195 0xdb73dbd3u, 0x105588cdu, 0x675fda79u, 0xe3674340u,
196 0xc5c43465u, 0x713e38d8u, 0x3d28f89eu, 0xf16dff20u,
197 0x153e21e7u, 0x8fb03d4au, 0xe6e39f2bu, 0xdb83adf7u},
198 {0xe93d5a68u, 0x948140f7u, 0xf64c261cu, 0x94692934u,
199 0x411520f7u, 0x7602d4f7u, 0xbcf46b2eu, 0xd4a20068u,
200 0xd4082471u, 0x3320f46au, 0x43b7d4b7u, 0x500061afu,
201 0x1e39f62eu, 0x97244546u, 0x14214f74u, 0xbf8b8840u,
202 0x4d95fc1du, 0x96b591afu, 0x70f4ddd3u, 0x66a02f45u,
203 0xbfbc09ecu, 0x03bd9785u, 0x7fac6dd0u, 0x31cb8504u,
204 0x96eb27b3u, 0x55fd3941u, 0xda2547e6u, 0xabca0a9au,
205 0x28507825u, 0x530429f4u, 0x0a2c86dau, 0xe9b66dfbu,
206 0x68dc1462u, 0xd7486900u, 0x680ec0a4u, 0x27a18deeu,
207 0x4f3ffea2u, 0xe887ad8cu, 0xb58ce006u, 0x7af4d6b6u,
208 0xaace1e7cu, 0xd3375fecu, 0xce78a399u, 0x406b2a42u,
209 0x20fe9e35u, 0xd9f385b9u, 0xee39d7abu, 0x3b124e8bu,
210 0x1dc9faf7u, 0x4b6d1856u, 0x26a36631u, 0xeae397b2u,
211 0x3a6efa74u, 0xdd5b4332u, 0x6841e7f7u, 0xca7820fbu,
212 0xfb0af54eu, 0xd8feb397u, 0x454056acu, 0xba489527u,
213 0x55533a3au, 0x20838d87u, 0xfe6ba9b7u, 0xd096954bu,
214 0x55a867bcu, 0xa1159a58u, 0xcca92963u, 0x99e1db33u,
215 0xa62a4a56u, 0x3f3125f9u, 0x5ef47e1cu, 0x9029317cu,
216 0xfdf8e802u, 0x04272f70u, 0x80bb155cu, 0x05282ce3u,
217 0x95c11548u, 0xe4c66d22u, 0x48c1133fu, 0xc70f86dcu,
218 0x07f9c9eeu, 0x41041f0fu, 0x404779a4u, 0x5d886e17u,
219 0x325f51ebu, 0xd59bc0d1u, 0xf2bcc18fu, 0x41113564u,
220 0x257b7834u, 0x602a9c60u, 0xdff8e8a3u, 0x1f636c1bu,
221 0x0e12b4c2u, 0x02e1329eu, 0xaf664fd1u, 0xcad18115u,
222 0x6b2395e0u, 0x333e92e1u, 0x3b240b62u, 0xeebeb922u,
223 0x85b2a20eu, 0xe6ba0d99u, 0xde720c8cu, 0x2da2f728u,
224 0xd0127845u, 0x95b794fdu, 0x647d0862u, 0xe7ccf5f0u,
225 0x5449a36fu, 0x877d48fau, 0xc39dfd27u, 0xf33e8d1eu,
226 0x0a476341u, 0x992eff74u, 0x3a6f6eabu, 0xf4f8fd37u,
227 0xa812dc60u, 0xa1ebddf8u, 0x991be14cu, 0xdb6e6b0du,
228 0xc67b5510u, 0x6d672c37u, 0x2765d43bu, 0xdcd0e804u,
229 0xf1290dc7u, 0xcc00ffa3u, 0xb5390f92u, 0x690fed0bu,
230 0x667b9ffbu, 0xcedb7d9cu, 0xa091cf0bu, 0xd9155ea3u,
231 0xbb132f88u, 0x515bad24u, 0x7b9479bfu, 0x763bd6ebu,
232 0x37392eb3u, 0xcc115979u, 0x8026e297u, 0xf42e312du,
233 0x6842ada7u, 0xc66a2b3bu, 0x12754cccu, 0x782ef11cu,
234 0x6a124237u, 0xb79251e7u, 0x06a1bbe6u, 0x4bfb6350u,
235 0x1a6b1018u, 0x11caedfau, 0x3d25bdd8u, 0xe2e1c3c9u,
236 0x44421659u, 0x0a121386u, 0xd90cec6eu, 0xd5abea2au,
237 0x64af674eu, 0xda86a85fu, 0xbebfe988u, 0x64e4c3feu,
238 0x9dbc8057u, 0xf0f7c086u, 0x60787bf8u, 0x6003604du,
239 0xd1fd8346u, 0xf6381fb0u, 0x7745ae04u, 0xd736fcccu,
240 0x83426b33u, 0xf01eab71u, 0xb0804187u, 0x3c005e5fu,
241 0x77a057beu, 0xbde8ae24u, 0x55464299u, 0xbf582e61u,
242 0x4e58f48fu, 0xf2ddfda2u, 0xf474ef38u, 0x8789bdc2u,
243 0x5366f9c3u, 0xc8b38e74u, 0xb475f255u, 0x46fcd9b9u,
244 0x7aeb2661u, 0x8b1ddf84u, 0x846a0e79u, 0x915f95e2u,
245 0x466e598eu, 0x20b45770u, 0x8cd55591u, 0xc902de4cu,
246 0xb90bace1u, 0xbb8205d0u, 0x11a86248u, 0x7574a99eu,
247 0xb77f19b6u, 0xe0a9dc09u, 0x662d09a1u, 0xc4324633u,
248 0xe85a1f02u, 0x09f0be8cu, 0x4a99a025u, 0x1d6efe10u,
249 0x1ab93d1du, 0x0ba5a4dfu, 0xa186f20fu, 0x2868f169u,
250 0xdcb7da83u, 0x573906feu, 0xa1e2ce9bu, 0x4fcd7f52u,
251 0x50115e01u, 0xa70683fau, 0xa002b5c4u, 0x0de6d027u,
252 0x9af88c27u, 0x773f8641u, 0xc3604c06u, 0x61a806b5u,
253 0xf0177a28u, 0xc0f586e0u, 0x006058aau, 0x30dc7d62u,
254 0x11e69ed7u, 0x2338ea63u, 0x53c2dd94u, 0xc2c21634u,
255 0xbbcbee56u, 0x90bcb6deu, 0xebfc7da1u, 0xce591d76u,
256 0x6f05e409u, 0x4b7c0188u, 0x39720a3du, 0x7c927c24u,
257 0x86e3725fu, 0x724d9db9u, 0x1ac15bb4u, 0xd39eb8fcu,
258 0xed545578u, 0x08fca5b5u, 0xd83d7cd3u, 0x4dad0fc4u,
259 0x1e50ef5eu, 0xb161e6f8u, 0xa28514d9u, 0x6c51133cu,
260 0x6fd5c7e7u, 0x56e14ec4u, 0x362abfceu, 0xddc6c837u,
261 0xd79a3234u, 0x92638212u, 0x670efa8eu, 0x406000e0u},
262 {0x3a39ce37u, 0xd3faf5cfu, 0xabc27737u, 0x5ac52d1bu,
263 0x5cb0679eu, 0x4fa33742u, 0xd3822740u, 0x99bc9bbeu,
264 0xd5118e9du, 0xbf0f7315u, 0xd62d1c7eu, 0xc700c47bu,
265 0xb78c1b6bu, 0x21a19045u, 0xb26eb1beu, 0x6a366eb4u,
266 0x5748ab2fu, 0xbc946e79u, 0xc6a376d2u, 0x6549c2c8u,
267 0x530ff8eeu, 0x468dde7du, 0xd5730a1du, 0x4cd04dc6u,
268 0x2939bbdbu, 0xa9ba4650u, 0xac9526e8u, 0xbe5ee304u,
269 0xa1fad5f0u, 0x6a2d519au, 0x63ef8ce2u, 0x9a86ee22u,
270 0xc089c2b8u, 0x43242ef6u, 0xa51e03aau, 0x9cf2d0a4u,
271 0x83c061bau, 0x9be96a4du, 0x8fe51550u, 0xba645bd6u,
272 0x2826a2f9u, 0xa73a3ae1u, 0x4ba99586u, 0xef5562e9u,
273 0xc72fefd3u, 0xf752f7dau, 0x3f046f69u, 0x77fa0a59u,
274 0x80e4a915u, 0x87b08601u, 0x9b09e6adu, 0x3b3ee593u,
275 0xe990fd5au, 0x9e34d797u, 0x2cf0b7d9u, 0x022b8b51u,
276 0x96d5ac3au, 0x017da67du, 0xd1cf3ed6u, 0x7c7d2d28u,
277 0x1f9f25cfu, 0xadf2b89bu, 0x5ad6b472u, 0x5a88f54cu,
278 0xe029ac71u, 0xe019a5e6u, 0x47b0acfdu, 0xed93fa9bu,
279 0xe8d3c48du, 0x283b57ccu, 0xf8d56629u, 0x79132e28u,
280 0x785f0191u, 0xed756055u, 0xf7960e44u, 0xe3d35e8cu,
281 0x15056dd4u, 0x88f46dbau, 0x03a16125u, 0x0564f0bdu,
282 0xc3eb9e15u, 0x3c9057a2u, 0x97271aecu, 0xa93a072au,
283 0x1b3f6d9bu, 0x1e6321f5u, 0xf59c66fbu, 0x26dcf319u,
284 0x7533d928u, 0xb155fdf5u, 0x03563482u, 0x8aba3cbbu,
285 0x28517711u, 0xc20ad9f8u, 0xabcc5167u, 0xccad925fu,
286 0x4de81751u, 0x3830dc8eu, 0x379d5862u, 0x9320f991u,
287 0xea7a90c2u, 0xfb3e7bceu, 0x5121ce64u, 0x774fbe32u,
288 0xa8b6e37eu, 0xc3293d46u, 0x48de5369u, 0x6413e680u,
289 0xa2ae0810u, 0xdd6db224u, 0x69852dfdu, 0x09072166u,
290 0xb39a460au, 0x6445c0ddu, 0x586cdecfu, 0x1c20c8aeu,
291 0x5bbef7ddu, 0x1b588d40u, 0xccd2017fu, 0x6bb4e3bbu,
292 0xdda26a7eu, 0x3a59ff45u, 0x3e350a44u, 0xbcb4cdd5u,
293 0x72eacea8u, 0xfa6484bbu, 0x8d6612aeu, 0xbf3c6f47u,
294 0xd29be463u, 0x542f5d9eu, 0xaec2771bu, 0xf64e6370u,
295 0x740e0d8du, 0xe75b1357u, 0xf8721671u, 0xaf537d5du,
296 0x4040cb08u, 0x4eb4e2ccu, 0x34d2466au, 0x0115af84u,
297 0xe1b00428u, 0x95983a1du, 0x06b89fb4u, 0xce6ea048u,
298 0x6f3f3b82u, 0x3520ab82u, 0x011a1d4bu, 0x277227f8u,
299 0x611560b1u, 0xe7933fdcu, 0xbb3a792bu, 0x344525bdu,
300 0xa08839e1u, 0x51ce794bu, 0x2f32c9b7u, 0xa01fbac9u,
301 0xe01cc87eu, 0xbcc7d1f6u, 0xcf0111c3u, 0xa1e8aac7u,
302 0x1a908749u, 0xd44fbd9au, 0xd0dadecbu, 0xd50ada38u,
303 0x0339c32au, 0xc6913667u, 0x8df9317cu, 0xe0b12b4fu,
304 0xf79e59b7u, 0x43f5bb3au, 0xf2d519ffu, 0x27d9459cu,
305 0xbf97222cu, 0x15e6fc2au, 0x0f91fc71u, 0x9b941525u,
306 0xfae59361u, 0xceb69cebu, 0xc2a86459u, 0x12baa8d1u,
307 0xb6c1075eu, 0xe3056a0cu, 0x10d25065u, 0xcb03a442u,
308 0xe0ec6e0eu, 0x1698db3bu, 0x4c98a0beu, 0x3278e964u,
309 0x9f1f9532u, 0xe0d392dfu, 0xd3a0342bu, 0x8971f21eu,
310 0x1b0a7441u, 0x4ba3348cu, 0xc5be7120u, 0xc37632d8u,
311 0xdf359f8du, 0x9b992f2eu, 0xe60b6f47u, 0x0fe3f11du,
312 0xe54cda54u, 0x1edad891u, 0xce6279cfu, 0xcd3e7e6fu,
313 0x1618b166u, 0xfd2c1d05u, 0x848fd2c5u, 0xf6fb2299u,
314 0xf523f357u, 0xa6327623u, 0x93a83531u, 0x56cccd02u,
315 0xacf08162u, 0x5a75ebb5u, 0x6e163697u, 0x88d273ccu,
316 0xde966292u, 0x81b949d0u, 0x4c50901bu, 0x71c65614u,
317 0xe6c6c7bdu, 0x327a140au, 0x45e1d006u, 0xc3f27b9au,
318 0xc9aa53fdu, 0x62a80f00u, 0xbb25bfe2u, 0x35bdd2f6u,
319 0x71126905u, 0xb2040222u, 0xb6cbcf7cu, 0xcd769c2bu,
320 0x53113ec0u, 0x1640e3d3u, 0x38abbd60u, 0x2547adf0u,
321 0xba38209cu, 0xf746ce76u, 0x77afa1c5u, 0x20756060u,
322 0x85cbfe4eu, 0x8ae88dd8u, 0x7aaaf9b0u, 0x4cf9aa7eu,
323 0x1948c25cu, 0x02fb8a8cu, 0x01c36ae4u, 0xd6ebe1f9u,
324 0x90d4f869u, 0xa65cdea0u, 0x3f09252du, 0xc208e69fu,
325 0xb74e6132u, 0xce77e25bu, 0x578fdfe3u, 0x3ac372e6u
326 }
327};
328
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]329#define F1(i) \
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]330 xl ^= bfs->pax[i]; \
331 xr ^= ((bfs->sbx[0][xl >> 24] + \
332 bfs->sbx[1][(xl & 0xFF0000) >> 16]) ^ \
333 bfs->sbx[2][(xl & 0xFF00) >> 8]) + \
334 bfs->sbx[3][xl & 0xFF];
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]335
336#define F2(i) \
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]337 xr ^= bfs->pax[i]; \
338 xl ^= ((bfs->sbx[0][xr >> 24] + \
339 bfs->sbx[1][(xr & 0xFF0000) >> 16]) ^ \
340 bfs->sbx[2][(xr & 0xFF00) >> 8]) + \
341 bfs->sbx[3][xr & 0xFF];
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]342
343 static void
Bram Moolenaar7454a062016-01-30 15:14:10 +0100[diff] [blame]344bf_e_block(
345 bf_state_T *bfs,
346 UINT32_T *p_xl,
347 UINT32_T *p_xr)
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]348{
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]349 UINT32_T temp;
350 UINT32_T xl = *p_xl;
351 UINT32_T xr = *p_xr;
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]352
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]353 F1(0) F2(1)
354 F1(2) F2(3)
355 F1(4) F2(5)
356 F1(6) F2(7)
357 F1(8) F2(9)
358 F1(10) F2(11)
359 F1(12) F2(13)
360 F1(14) F2(15)
361 xl ^= bfs->pax[16];
362 xr ^= bfs->pax[17];
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]363 temp = xl;
364 xl = xr;
365 xr = temp;
366 *p_xl = xl;
367 *p_xr = xr;
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]368}
369
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]370
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]371#ifdef WORDS_BIGENDIAN
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]372# define htonl2(x) \
373 x = ((((x) & 0xffL) << 24) | (((x) & 0xff00L) << 8) | \
374 (((x) & 0xff0000L) >> 8) | (((x) & 0xff000000L) >> 24))
375#else
376# define htonl2(x)
377#endif
378
379 static void
Bram Moolenaar7454a062016-01-30 15:14:10 +0100[diff] [blame]380bf_e_cblock(
381 bf_state_T *bfs,
382 char_u *block)
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]383{
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]384 block8 bk;
385
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]386 memcpy(bk.uc, block, 8);
387 htonl2(bk.ul[0]);
388 htonl2(bk.ul[1]);
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]389 bf_e_block(bfs, &bk.ul[0], &bk.ul[1]);
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]390 htonl2(bk.ul[0]);
391 htonl2(bk.ul[1]);
392 memcpy(block, bk.uc, 8);
393}
394
Bram Moolenaar80794b12010-06-13 05:20:42 +0200[diff] [blame]395/*
396 * Initialize the crypt method using "password" as the encryption key and
397 * "salt[salt_len]" as the salt.
398 */
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]399 static void
Bram Moolenaar7454a062016-01-30 15:14:10 +0100[diff] [blame]400bf_key_init(
401 bf_state_T *bfs,
402 char_u *password,
403 char_u *salt,
404 int salt_len)
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]405{
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]406 int i, j, keypos = 0;
Bram Moolenaar2f70a342011-02-25 14:42:45 +0100[diff] [blame]407 unsigned u;
Bram Moolenaarfa7584c2010-05-19 21:57:45 +0200[diff] [blame]408 UINT32_T val, data_l, data_r;
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]409 char_u *key;
410 int keylen;
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]411
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]412 /* Process the key 1001 times.
Bram Moolenaar80794b12010-06-13 05:20:42 +0200[diff] [blame]413 * See http://en.wikipedia.org/wiki/Key_strengthening. */
414 key = sha256_key(password, salt, salt_len);
415 for (i = 0; i < 1000; i++)
Bram Moolenaarcc448b32010-07-14 16:52:17 +0200[diff] [blame]416 key = sha256_key(key, salt, salt_len);
Bram Moolenaar80794b12010-06-13 05:20:42 +0200[diff] [blame]417
418 /* Convert the key from 64 hex chars to 32 binary chars. */
419 keylen = (int)STRLEN(key) / 2;
Bram Moolenaar56be9502010-06-06 14:20:26 +0200[diff] [blame]420 if (keylen == 0)
421 {
Bram Moolenaarf9e3e092019-01-13 23:38:42 +0100[diff] [blame]422 iemsg(_("E831: bf_key_init() called with empty password"));
Bram Moolenaar56be9502010-06-06 14:20:26 +0200[diff] [blame]423 return;
424 }
Bram Moolenaar80794b12010-06-13 05:20:42 +0200[diff] [blame]425 for (i = 0; i < keylen; i++)
426 {
Bram Moolenaar2f70a342011-02-25 14:42:45 +0100[diff] [blame]427 sscanf((char *)&key[i * 2], "%2x", &u);
428 key[i] = u;
Bram Moolenaar80794b12010-06-13 05:20:42 +0200[diff] [blame]429 }
430
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]431 /* Use "key" to initialize the P-array ("pax") and S-boxes ("sbx") of
432 * Blowfish. */
433 mch_memmove(bfs->sbx, sbx_init, 4 * 4 * 256);
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]434
435 for (i = 0; i < 18; ++i)
436 {
437 val = 0;
438 for (j = 0; j < 4; ++j)
Bram Moolenaar823a1652010-05-16 23:02:33 +0200[diff] [blame]439 val = (val << 8) | key[keypos++ % keylen];
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]440 bfs->pax[i] = pax_init[i] ^ val;
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]441 }
442
443 data_l = data_r = 0;
444 for (i = 0; i < 18; i += 2)
445 {
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]446 bf_e_block(bfs, &data_l, &data_r);
447 bfs->pax[i + 0] = data_l;
448 bfs->pax[i + 1] = data_r;
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]449 }
450
451 for (i = 0; i < 4; ++i)
452 {
453 for (j = 0; j < 256; j += 2)
454 {
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]455 bf_e_block(bfs, &data_l, &data_r);
456 bfs->sbx[i][j + 0] = data_l;
457 bfs->sbx[i][j + 1] = data_r;
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]458 }
459 }
460}
461
462/*
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]463 * Blowfish self-test for corrupted tables or instructions.
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]464 */
465 static int
Bram Moolenaar7454a062016-01-30 15:14:10 +0100[diff] [blame]466bf_check_tables(
467 UINT32_T pax[18],
468 UINT32_T sbx[4][256],
469 UINT32_T val)
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]470{
471 int i, j;
Bram Moolenaarfa7584c2010-05-19 21:57:45 +0200[diff] [blame]472 UINT32_T c = 0;
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]473
474 for (i = 0; i < 18; i++)
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]475 c ^= pax[i];
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]476 for (i = 0; i < 4; i++)
477 for (j = 0; j < 256; j++)
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]478 c ^= sbx[i][j];
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]479 return c == val;
480}
481
482typedef struct {
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]483 char_u password[64];
Bram Moolenaar80794b12010-06-13 05:20:42 +0200[diff] [blame]484 char_u salt[9];
485 char_u plaintxt[9];
486 char_u cryptxt[9];
487 char_u badcryptxt[9]; /* cryptxt when big/little endian is wrong */
Bram Moolenaarfa7584c2010-05-19 21:57:45 +0200[diff] [blame]488 UINT32_T keysum;
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]489} struct_bf_test_data;
490
Bram Moolenaar4a9b19a2010-05-18 21:17:10 +0200[diff] [blame]491/*
492 * Assert bf(password, plaintxt) is cryptxt.
493 * Assert csum(pax sbx(password)) is keysum.
494 */
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]495static struct_bf_test_data bf_test_data[] = {
496 {
497 "password",
Bram Moolenaar80794b12010-06-13 05:20:42 +0200[diff] [blame]498 "salt",
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]499 "plaintxt",
Bram Moolenaar80794b12010-06-13 05:20:42 +0200[diff] [blame]500 "\xad\x3d\xfa\x7f\xe8\xea\x40\xf6", /* cryptxt */
501 "\x72\x50\x3b\x38\x10\x60\x22\xa7", /* badcryptxt */
502 0x56701b5du /* keysum */
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]503 },
504};
505
506/*
507 * Return FAIL when there is something wrong with blowfish encryption.
508 */
509 static int
Bram Moolenaar7454a062016-01-30 15:14:10 +0100[diff] [blame]510bf_self_test(void)
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]511{
512 int i, bn;
513 int err = 0;
514 block8 bk;
Bram Moolenaarfa7584c2010-05-19 21:57:45 +0200[diff] [blame]515 UINT32_T ui = 0xffffffffUL;
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]516 bf_state_T state;
517
518 vim_memset(&state, 0, sizeof(bf_state_T));
519 state.cfb_len = BF_MAX_CFB_LEN;
Bram Moolenaarfa7584c2010-05-19 21:57:45 +0200[diff] [blame]520
521 /* We can't simply use sizeof(UINT32_T), it would generate a compiler
522 * warning. */
523 if (ui != 0xffffffffUL || ui + 1 != 0) {
524 err++;
Bram Moolenaarf9e3e092019-01-13 23:38:42 +0100[diff] [blame]525 emsg(_("E820: sizeof(uint32_t) != 4"));
Bram Moolenaarfa7584c2010-05-19 21:57:45 +0200[diff] [blame]526 }
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]527
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]528 if (!bf_check_tables(pax_init, sbx_init, 0x6ffa520a))
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]529 err++;
530
531 bn = ARRAY_LENGTH(bf_test_data);
532 for (i = 0; i < bn; i++)
533 {
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]534 bf_key_init(&state, (char_u *)(bf_test_data[i].password),
Bram Moolenaarcc448b32010-07-14 16:52:17 +0200[diff] [blame]535 bf_test_data[i].salt,
Bram Moolenaar80794b12010-06-13 05:20:42 +0200[diff] [blame]536 (int)STRLEN(bf_test_data[i].salt));
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]537 if (!bf_check_tables(state.pax, state.sbx, bf_test_data[i].keysum))
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]538 err++;
539
540 /* Don't modify bf_test_data[i].plaintxt, self test is idempotent. */
541 memcpy(bk.uc, bf_test_data[i].plaintxt, 8);
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]542 bf_e_cblock(&state, bk.uc);
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]543 if (memcmp(bk.uc, bf_test_data[i].cryptxt, 8) != 0)
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]544 {
545 if (err == 0 && memcmp(bk.uc, bf_test_data[i].badcryptxt, 8) == 0)
Bram Moolenaarf9e3e092019-01-13 23:38:42 +0100[diff] [blame]546 emsg(_("E817: Blowfish big/little endian use wrong"));
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]547 err++;
Bram Moolenaar0bbabe82010-05-17 20:32:55 +0200[diff] [blame]548 }
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]549 }
550
551 return err > 0 ? FAIL : OK;
552}
553
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]554/*
555 * CFB: Cipher Feedback Mode.
556 */
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]557
558/*
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]559 * Initialize with seed "seed[seed_len]".
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]560 */
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]561 static void
Bram Moolenaar7454a062016-01-30 15:14:10 +0100[diff] [blame]562bf_cfb_init(
563 bf_state_T *bfs,
564 char_u *seed,
565 int seed_len)
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]566{
567 int i, mi;
568
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]569 bfs->randbyte_offset = bfs->update_offset = 0;
570 vim_memset(bfs->cfb_buffer, 0, bfs->cfb_len);
571 if (seed_len > 0)
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]572 {
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]573 mi = seed_len > bfs->cfb_len ? seed_len : bfs->cfb_len;
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]574 for (i = 0; i < mi; i++)
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]575 bfs->cfb_buffer[i % bfs->cfb_len] ^= seed[i % seed_len];
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]576 }
577}
578
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]579#define BF_CFB_UPDATE(bfs, c) { \
580 bfs->cfb_buffer[bfs->update_offset] ^= (char_u)c; \
581 if (++bfs->update_offset == bfs->cfb_len) \
582 bfs->update_offset = 0; \
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]583}
584
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]585#define BF_RANBYTE(bfs, t) { \
586 if ((bfs->randbyte_offset & BF_BLOCK_MASK) == 0) \
587 bf_e_cblock(bfs, &(bfs->cfb_buffer[bfs->randbyte_offset])); \
588 t = bfs->cfb_buffer[bfs->randbyte_offset]; \
589 if (++bfs->randbyte_offset == bfs->cfb_len) \
590 bfs->randbyte_offset = 0; \
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]591}
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]592
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]593/*
594 * Encrypt "from[len]" into "to[len]".
595 * "from" and "to" can be equal to encrypt in place.
596 */
597 void
Bram Moolenaar7454a062016-01-30 15:14:10 +0100[diff] [blame]598crypt_blowfish_encode(
599 cryptstate_T *state,
600 char_u *from,
601 size_t len,
602 char_u *to)
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]603{
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]604 bf_state_T *bfs = state->method_state;
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]605 size_t i;
606 int ztemp, t;
607
608 for (i = 0; i < len; ++i)
609 {
610 ztemp = from[i];
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]611 BF_RANBYTE(bfs, t);
612 BF_CFB_UPDATE(bfs, ztemp);
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]613 to[i] = t ^ ztemp;
614 }
615}
616
617/*
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]618 * Decrypt "from[len]" into "to[len]".
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]619 */
620 void
Bram Moolenaar7454a062016-01-30 15:14:10 +0100[diff] [blame]621crypt_blowfish_decode(
622 cryptstate_T *state,
623 char_u *from,
624 size_t len,
625 char_u *to)
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]626{
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]627 bf_state_T *bfs = state->method_state;
628 size_t i;
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]629 int t;
630
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]631 for (i = 0; i < len; ++i)
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]632 {
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]633 BF_RANBYTE(bfs, t);
634 to[i] = from[i] ^ t;
635 BF_CFB_UPDATE(bfs, to[i]);
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]636 }
637}
638
Bram Moolenaar6ee96582019-04-27 22:06:37 +0200[diff] [blame]639 int
Bram Moolenaar7454a062016-01-30 15:14:10 +0100[diff] [blame]640crypt_blowfish_init(
641 cryptstate_T *state,
642 char_u* key,
643 char_u* salt,
644 int salt_len,
645 char_u* seed,
646 int seed_len)
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]647{
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]648 bf_state_T *bfs = (bf_state_T *)alloc_clear(sizeof(bf_state_T));
Bram Moolenaarbbd6afe2010-06-02 20:32:23 +0200[diff] [blame]649
Bram Moolenaar6ee96582019-04-27 22:06:37 +0200[diff] [blame]650 if (bfs == NULL)
651 return FAIL;
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]652 state->method_state = bfs;
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]653
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]654 /* "blowfish" uses a 64 byte buffer, causing it to repeat 8 byte groups 8
655 * times. "blowfish2" uses a 8 byte buffer to avoid repeating. */
656 bfs->cfb_len = state->method_nr == CRYPT_M_BF ? BF_MAX_CFB_LEN : BF_BLOCK;
Bram Moolenaara8ffcbb2010-06-21 06:15:46 +0200[diff] [blame]657
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]658 if (blowfish_self_test() == FAIL)
Bram Moolenaar6ee96582019-04-27 22:06:37 +0200[diff] [blame]659 return FAIL;
Bram Moolenaara8ffcbb2010-06-21 06:15:46 +0200[diff] [blame]660
Bram Moolenaar8f4ac012014-08-10 13:38:34 +0200[diff] [blame]661 bf_key_init(bfs, key, salt, salt_len);
662 bf_cfb_init(bfs, seed, seed_len);
Bram Moolenaar6ee96582019-04-27 22:06:37 +0200[diff] [blame]663
664 return OK;
Bram Moolenaara8ffcbb2010-06-21 06:15:46 +0200[diff] [blame]665}
666
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]667/*
668 * Run a test to check if the encryption works as expected.
669 * Give an error and return FAIL when not.
670 */
671 int
Bram Moolenaar7454a062016-01-30 15:14:10 +0100[diff] [blame]672blowfish_self_test(void)
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]673{
674 if (sha256_self_test() == FAIL)
675 {
Bram Moolenaarf9e3e092019-01-13 23:38:42 +0100[diff] [blame]676 emsg(_("E818: sha256 test failed"));
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]677 return FAIL;
678 }
679 if (bf_self_test() == FAIL)
680 {
Bram Moolenaarf9e3e092019-01-13 23:38:42 +0100[diff] [blame]681 emsg(_("E819: Blowfish test failed"));
Bram Moolenaar40e6a712010-05-16 22:32:54 +0200[diff] [blame]682 return FAIL;
683 }
684 return OK;
685}
686
687#endif /* FEAT_CRYPT */