github.com/timstclair/heapster@v0.20.0-alpha1/Godeps/_workspace/src/golang.org/x/crypto/blowfish/block.go

github.com/timstclair/heapster@v0.20.0-alpha1/Godeps/_workspace/src/golang.org/x/crypto/blowfish/block.go (about)

     1  // Copyright 2010 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package blowfish
     6  
     7  // getNextWord returns the next big-endian uint32 value from the byte slice
     8  // at the given position in a circular manner, updating the position.
     9  func getNextWord(b []byte, pos *int) uint32 {
    10  	var w uint32
    11  	j := *pos
    12  	for i := 0; i < 4; i++ {
    13  		w = w<<8 | uint32(b[j])
    14  		j++
    15  		if j >= len(b) {
    16  			j = 0
    17  		}
    18  	}
    19  	*pos = j
    20  	return w
    21  }
    22  
    23  // ExpandKey performs a key expansion on the given *Cipher. Specifically, it
    24  // performs the Blowfish algorithm's key schedule which sets up the *Cipher's
    25  // pi and substitution tables for calls to Encrypt. This is used, primarily,
    26  // by the bcrypt package to reuse the Blowfish key schedule during its
    27  // set up. It's unlikely that you need to use this directly.
    28  func ExpandKey(key []byte, c *Cipher) {
    29  	j := 0
    30  	for i := 0; i < 18; i++ {
    31  		// Using inlined getNextWord for performance.
    32  		var d uint32
    33  		for k := 0; k < 4; k++ {
    34  			d = d<<8 | uint32(key[j])
    35  			j++
    36  			if j >= len(key) {
    37  				j = 0
    38  			}
    39  		}
    40  		c.p[i] ^= d
    41  	}
    42  
    43  	var l, r uint32
    44  	for i := 0; i < 18; i += 2 {
    45  		l, r = encryptBlock(l, r, c)
    46  		c.p[i], c.p[i+1] = l, r
    47  	}
    48  
    49  	for i := 0; i < 256; i += 2 {
    50  		l, r = encryptBlock(l, r, c)
    51  		c.s0[i], c.s0[i+1] = l, r
    52  	}
    53  	for i := 0; i < 256; i += 2 {
    54  		l, r = encryptBlock(l, r, c)
    55  		c.s1[i], c.s1[i+1] = l, r
    56  	}
    57  	for i := 0; i < 256; i += 2 {
    58  		l, r = encryptBlock(l, r, c)
    59  		c.s2[i], c.s2[i+1] = l, r
    60  	}
    61  	for i := 0; i < 256; i += 2 {
    62  		l, r = encryptBlock(l, r, c)
    63  		c.s3[i], c.s3[i+1] = l, r
    64  	}
    65  }
    66  
    67  // This is similar to ExpandKey, but folds the salt during the key
    68  // schedule. While ExpandKey is essentially expandKeyWithSalt with an all-zero
    69  // salt passed in, reusing ExpandKey turns out to be a place of inefficiency
    70  // and specializing it here is useful.
    71  func expandKeyWithSalt(key []byte, salt []byte, c *Cipher) {
    72  	j := 0
    73  	for i := 0; i < 18; i++ {
    74  		c.p[i] ^= getNextWord(key, &j)
    75  	}
    76  
    77  	j = 0
    78  	var l, r uint32
    79  	for i := 0; i < 18; i += 2 {
    80  		l ^= getNextWord(salt, &j)
    81  		r ^= getNextWord(salt, &j)
    82  		l, r = encryptBlock(l, r, c)
    83  		c.p[i], c.p[i+1] = l, r
    84  	}
    85  
    86  	for i := 0; i < 256; i += 2 {
    87  		l ^= getNextWord(salt, &j)
    88  		r ^= getNextWord(salt, &j)
    89  		l, r = encryptBlock(l, r, c)
    90  		c.s0[i], c.s0[i+1] = l, r
    91  	}
    92  
    93  	for i := 0; i < 256; i += 2 {
    94  		l ^= getNextWord(salt, &j)
    95  		r ^= getNextWord(salt, &j)
    96  		l, r = encryptBlock(l, r, c)
    97  		c.s1[i], c.s1[i+1] = l, r
    98  	}
    99  
   100  	for i := 0; i < 256; i += 2 {
   101  		l ^= getNextWord(salt, &j)
   102  		r ^= getNextWord(salt, &j)
   103  		l, r = encryptBlock(l, r, c)
   104  		c.s2[i], c.s2[i+1] = l, r
   105  	}
   106  
   107  	for i := 0; i < 256; i += 2 {
   108  		l ^= getNextWord(salt, &j)
   109  		r ^= getNextWord(salt, &j)
   110  		l, r = encryptBlock(l, r, c)
   111  		c.s3[i], c.s3[i+1] = l, r
   112  	}
   113  }
   114  
   115  func encryptBlock(l, r uint32, c *Cipher) (uint32, uint32) {
   116  	xl, xr := l, r
   117  	xl ^= c.p[0]
   118  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[1]
   119  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[2]
   120  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[3]
   121  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[4]
   122  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[5]
   123  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[6]
   124  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[7]
   125  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[8]
   126  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[9]
   127  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[10]
   128  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[11]
   129  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[12]
   130  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[13]
   131  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[14]
   132  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[15]
   133  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[16]
   134  	xr ^= c.p[17]
   135  	return xr, xl
   136  }
   137  
   138  func decryptBlock(l, r uint32, c *Cipher) (uint32, uint32) {
   139  	xl, xr := l, r
   140  	xl ^= c.p[17]
   141  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[16]
   142  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[15]
   143  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[14]
   144  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[13]
   145  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[12]
   146  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[11]
   147  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[10]
   148  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[9]
   149  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[8]
   150  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[7]
   151  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[6]
   152  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[5]
   153  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[4]
   154  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[3]
   155  	xr ^= ((c.s0[byte(xl>>24)] + c.s1[byte(xl>>16)]) ^ c.s2[byte(xl>>8)]) + c.s3[byte(xl)] ^ c.p[2]
   156  	xl ^= ((c.s0[byte(xr>>24)] + c.s1[byte(xr>>16)]) ^ c.s2[byte(xr>>8)]) + c.s3[byte(xr)] ^ c.p[1]
   157  	xr ^= c.p[0]
   158  	return xr, xl
   159  }