hare

The Hare programming language
git clone https://git.torresjrjr.com/hare.git
Log | Files | Refs | README | LICENSE
commit 0499af1ede1150b52295750dccf512d3680ba62b
parent 3ab74eae7ce96e14e13695da7b957b116d9fcdb6
Author: Drew DeVault <sir@cmpwn.com>
Date:   Wed, 27 Apr 2022 17:54:00 +0200

crypto::blowfish: fix salted initialization

Signed-off-by: Drew DeVault <sir@cmpwn.com>

Diffstat:

Mcrypto/blowfish/+test.ha | 51+++++++++++++++++++++++++++++++++++++++++++++++++++


Mcrypto/blowfish/blowfish.ha | 18++++++++++++++----


2 files changed, 65 insertions(+), 4 deletions(-)

diff --git a/crypto/blowfish/+test.ha b/crypto/blowfish/+test.ha
@@ -145,3 +145,54 @@ const cipher_vectors: [_][8]u8 = [
 		assert(bytes::equal(clear, buf));
 	};
 };
+
+const salted_vectors: [_][8]u8 = [
+	[0x0c, 0x82, 0x3b, 0x7b, 0x8d, 0x01, 0x4b, 0x7e],
+	[0xd1, 0xe1, 0x93, 0xf0, 0x70, 0xa6, 0xdb, 0x12],
+	[0xfc, 0x5e, 0xba, 0xde, 0xcb, 0xf8, 0x59, 0xad],
+	[0x8a, 0x0c, 0x76, 0xe7, 0xdd, 0x2c, 0xd3, 0xa8],
+	[0x2c, 0xcb, 0x7b, 0xee, 0xac, 0x7b, 0x7f, 0xf8],
+	[0xbb, 0xf6, 0x30, 0x6f, 0xe1, 0x5d, 0x62, 0xbf],
+	[0x97, 0x1e, 0xc1, 0x3d, 0x3d, 0xe0, 0x11, 0xe9],
+	[0x06, 0xd7, 0x4d, 0xb1, 0x80, 0xa3, 0xb1, 0x38],
+	[0x67, 0xa1, 0xa9, 0x75, 0x0e, 0x5b, 0xc6, 0xb4],
+	[0x51, 0x0f, 0x33, 0x0e, 0x4f, 0x67, 0xd2, 0x0c],
+	[0xf1, 0x73, 0x7e, 0xd8, 0x44, 0xea, 0xdb, 0xe5],
+	[0x14, 0x0e, 0x16, 0xce, 0x7f, 0x4a, 0x9c, 0x7b],
+	[0x4b, 0xfe, 0x43, 0xfd, 0xbf, 0x36, 0x04, 0x47],
+	[0xb1, 0xeb, 0x3e, 0x15, 0x36, 0xa7, 0xbb, 0xe2],
+	[0x6d, 0x0b, 0x41, 0xdd, 0x00, 0x98, 0x0b, 0x19],
+	[0xd3, 0xce, 0x45, 0xce, 0x1d, 0x56, 0xb7, 0xfc],
+	[0xd9, 0xf0, 0xfd, 0xda, 0xc0, 0x23, 0xb7, 0x93],
+	[0x4c, 0x6f, 0xa1, 0xe4, 0x0c, 0xa8, 0xca, 0x57],
+	[0xe6, 0x2f, 0x28, 0xa7, 0x0c, 0x94, 0x0d, 0x08],
+	[0x8f, 0xe3, 0xf0, 0xb6, 0x29, 0xe3, 0x44, 0x03],
+	[0xff, 0x98, 0xdd, 0x04, 0x45, 0xb4, 0x6d, 0x1f],
+	[0x9e, 0x45, 0x4d, 0x18, 0x40, 0x53, 0xdb, 0xef],
+	[0xb7, 0x3b, 0xef, 0x29, 0xbe, 0xa8, 0x13, 0x71],
+	[0x02, 0x54, 0x55, 0x41, 0x8e, 0x04, 0xfc, 0xad],
+	[0x6a, 0x0a, 0xee, 0x7c, 0x10, 0xd9, 0x19, 0xfe],
+	[0x0a, 0x22, 0xd9, 0x41, 0xcc, 0x23, 0x87, 0x13],
+	[0x6e, 0xff, 0x1f, 0xff, 0x36, 0x17, 0x9c, 0xbe],
+	[0x79, 0xad, 0xb7, 0x40, 0xf4, 0x9f, 0x51, 0xa6],
+	[0x97, 0x81, 0x99, 0xa4, 0xde, 0x9e, 0x9f, 0xb6],
+	[0x12, 0x19, 0x7a, 0x28, 0xd0, 0xdc, 0xcc, 0x92],
+	[0x81, 0xda, 0x60, 0x1e, 0x0e, 0xdd, 0x65, 0x56],
+	[0x7d, 0x76, 0x20, 0xb2, 0x73, 0xc9, 0x9e, 0xee],
+];
+
+@test fn salted() void = {
+	let key: [32]u8 = [0...];
+	let salt: [32]u8 = [0...];
+	for (let i = 0z; i < len(key); i += 1) {
+		key[i] = i: u8;
+		salt[i] = i: u8 + 32;
+	};
+	for (let i = 0z; i < len(salted_vectors); i += 1) {
+		let bf = new();
+		init_salt(&bf, key, salt[..i]);
+		let buf: [8]u8 = [0...];
+		cipher::encrypt(&bf, buf, buf);
+		assert(bytes::equal(buf, salted_vectors[i]));
+	};
+};
diff --git a/crypto/blowfish/blowfish.ha b/crypto/blowfish/blowfish.ha
@@ -66,6 +66,11 @@ fn init_vector(c: *state, l: *u32, r: *u32, vec: []u32) void = {
 
 // Performs salted key expansion for a Blowfish cipher.
 export fn init_salt(c: *state, key: []u8, salt: []u8) void = {
+	if (len(salt) == 0) {
+		init(c, key);
+		return;
+	};
+
 	assert(len(key) > 0 && len(key) <= 56, "Invalid blowfish key size");
 	let j = 0z;
 	for (let i = 0z; i < 18; i += 1) {
@@ -93,6 +98,8 @@ fn init_vector_salt(
 		*l ^= getword(salt, j);
 		*r ^= getword(salt, j);
 		const v = encrypt(c, *l, *r);
+		*l = v.0;
+		*r = v.1;
 		vec[i] = *l;
 		vec[i+1] = *r;
 	};
@@ -196,10 +203,13 @@ fn decrypt(c: *state, l: u32, r: u32) (u32, u32) = {
 // buffer.
 fn getword(b: []u8, i: *size) u32 = {
 	let j = *i;
-	const w = endian::begetu32(b[j..j+4]);
-	j += 4;
-	if (j >= len(b)) {
-		j = 0;
+	let w = 0u32;
+	for (let i = 0; i < 4; i += 1) {
+		w = w<<8 | b[j]: u32;
+		j += 1;
+		if (j >= len(b)) {
+			j = 0;
+		};
 	};
 	*i = j;
 	return w;