osbzr
/
com
项目红包剩余9514,下一贡献奖励5%,即 476个红包
Watch 15
Star 7
Wiki 捐赠
本站源代码
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branch: gamification
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'gamification'
${ noResults }
com/vendor/golang.org/x/crypto/blowfish/block.go

160 lines
6.0KB
Raw Permalink Blame History 

  1. // Copyright 2010 The Go Authors. All rights reserved.

  2. // Use of this source code is governed by a BSD-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package blowfish

  6. 

  7. // getNextWord returns the next big-endian uint32 value from the byte slice

  8. // at the given position in a circular manner, updating the position.

  9. func getNextWord(b []byte, pos *int) uint32 {

  10. 	var w uint32

  11. 	j := *pos

  12. 	for i := 0; i < 4; i++ {

  13. 		w = w<<8 | uint32(b[j])

  14. 		j++

  15. 		if j >= len(b) {

  16. 			j = 0

  17. 		}

  18. 	}

  19. 	*pos = j

  20. 	return w

  21. }

  22. 

  23. // ExpandKey performs a key expansion on the given *Cipher. Specifically, it

  24. // performs the Blowfish algorithm's key schedule which sets up the *Cipher's

  25. // pi and substitution tables for calls to Encrypt. This is used, primarily,

  26. // by the bcrypt package to reuse the Blowfish key schedule during its

  27. // set up. It's unlikely that you need to use this directly.

  28. func ExpandKey(key []byte, c *Cipher) {

  29. 	j := 0

  30. 	for i := 0; i < 18; i++ {

  31. 		// Using inlined getNextWord for performance.

  32. 		var d uint32

  33. 		for k := 0; k < 4; k++ {

  34. 			d = d<<8 | uint32(key[j])

  35. 			j++

  36. 			if j >= len(key) {

  37. 				j = 0

  38. 			}

  39. 		}

  40. 		c.p[i] ^= d

  41. 	}

  42. 

  43. 	var l, r uint32

  44. 	for i := 0; i < 18; i += 2 {

  45. 		l, r = encryptBlock(l, r, c)

  46. 		c.p[i], c.p[i+1] = l, r

  47. 	}

  48. 

  49. 	for i := 0; i < 256; i += 2 {

  50. 		l, r = encryptBlock(l, r, c)

  51. 		c.s0[i], c.s0[i+1] = l, r

  52. 	}

  53. 	for i := 0; i < 256; i += 2 {

  54. 		l, r = encryptBlock(l, r, c)

  55. 		c.s1[i], c.s1[i+1] = l, r

  56. 	}

  57. 	for i := 0; i < 256; i += 2 {

  58. 		l, r = encryptBlock(l, r, c)

  59. 		c.s2[i], c.s2[i+1] = l, r

  60. 	}

  61. 	for i := 0; i < 256; i += 2 {

  62. 		l, r = encryptBlock(l, r, c)

  63. 		c.s3[i], c.s3[i+1] = l, r

  64. 	}

  65. }

  66. 

  67. // This is similar to ExpandKey, but folds the salt during the key

  68. // schedule. While ExpandKey is essentially expandKeyWithSalt with an all-zero

  69. // salt passed in, reusing ExpandKey turns out to be a place of inefficiency

  70. // and specializing it here is useful.

  71. func expandKeyWithSalt(key []byte, salt []byte, c *Cipher) {

  72. 	j := 0

  73. 	for i := 0; i < 18; i++ {

  74. 		c.p[i] ^= getNextWord(key, &j)

  75. 	}

  76. 

  77. 	j = 0

  78. 	var l, r uint32

  79. 	for i := 0; i < 18; i += 2 {

  80. 		l ^= getNextWord(salt, &j)

  81. 		r ^= getNextWord(salt, &j)

  82. 		l, r = encryptBlock(l, r, c)

  83. 		c.p[i], c.p[i+1] = l, r

  84. 	}

  85. 

  86. 	for i := 0; i < 256; i += 2 {

  87. 		l ^= getNextWord(salt, &j)

  88. 		r ^= getNextWord(salt, &j)

  89. 		l, r = encryptBlock(l, r, c)

  90. 		c.s0[i], c.s0[i+1] = l, r

  91. 	}

  92. 

  93. 	for i := 0; i < 256; i += 2 {

  94. 		l ^= getNextWord(salt, &j)

  95. 		r ^= getNextWord(salt, &j)

  96. 		l, r = encryptBlock(l, r, c)

  97. 		c.s1[i], c.s1[i+1] = l, r

  98. 	}

  99. 

  100. 	for i := 0; i < 256; i += 2 {

  101. 		l ^= getNextWord(salt, &j)

  102. 		r ^= getNextWord(salt, &j)

  103. 		l, r = encryptBlock(l, r, c)

  104. 		c.s2[i], c.s2[i+1] = l, r

  105. 	}

  106. 

  107. 	for i := 0; i < 256; i += 2 {

  108. 		l ^= getNextWord(salt, &j)

  109. 		r ^= getNextWord(salt, &j)

  110. 		l, r = encryptBlock(l, r, c)

  111. 		c.s3[i], c.s3[i+1] = l, r

  112. 	}

  113. }

  114. 

  115. func encryptBlock(l, r uint32, c *Cipher) (uint32, uint32) {

  116. 	xl, xr := l, r

  117. 	xl ^= c.p[0]

  118. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[1]

  119. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[2]

  120. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[3]

  121. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[4]

  122. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[5]

  123. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[6]

  124. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[7]

  125. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[8]

  126. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[9]

  127. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[10]

  128. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[11]

  129. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[12]

  130. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[13]

  131. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[14]

  132. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[15]

  133. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[16]

  134. 	xr ^= c.p[17]

  135. 	return xr, xl

  136. }

  137. 

  138. func decryptBlock(l, r uint32, c *Cipher) (uint32, uint32) {

  139. 	xl, xr := l, r

  140. 	xl ^= c.p[17]

  141. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[16]

  142. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[15]

  143. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[14]

  144. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[13]

  145. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[12]

  146. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[11]

  147. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[10]

  148. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[9]

  149. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[8]

  150. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[7]

  151. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[6]

  152. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[5]

  153. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[4]

  154. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[3]

  155. 	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[2]

  156. 	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[1]

  157. 	xr ^= c.p[0]

  158. 	return xr, xl

  159. }
上海开阖软件有限公司 沪ICP备12045867号-1