OpenBSD manual page server

Manual Page Search Parameters

BLOWFISH(3) Library Functions Manual BLOWFISH(3)

blf_key, blf_enc, blf_dec, blf_ecb_encrypt, blf_ecb_decrypt, blf_cbc_encrypt, blf_cbc_decryptBlowfish encryption

#include <blf.h>

void
blf_key(blf_ctx *state, const u_int8_t *key, u_int16_t keylen);

void
blf_enc(blf_ctx *state, u_int32_t *data, u_int16_t blocks);

void
blf_dec(blf_ctx *state, u_int32_t *data, u_int16_t blocks);

void
blf_ecb_encrypt(blf_ctx *state, u_int8_t *data, u_int32_t datalen);

void
blf_ecb_decrypt(blf_ctx *state, u_int8_t *data, u_int32_t datalen);

void
blf_cbc_encrypt(blf_ctx *state, u_int8_t *iv, u_int8_t *data, u_int32_t datalen);

void
blf_cbc_decrypt(blf_ctx *state, u_int8_t *iv, u_int8_t *data, u_int32_t datalen);

is a fast unpatented block cipher designed by Bruce Schneier. It basically consists of a 16-round Feistel network. The block size is 64 bits and the maximum key size is 448 bits.

The () function initializes the 4 8-bit S-boxes and the 18 Subkeys with the hexadecimal digits of Pi. The key is used for further randomization. The first argument to () is the initialized state derived from blf_key(). The stream of 32-bit words is encrypted in Electronic Codebook Mode (ECB) and blocks is the number of 64-bit blocks in the stream. () is used for decrypting Blowfish encrypted blocks.

The functions () and () are used for encrypting and decrypting octet streams in ECB mode. The functions () and () are used for encrypting and decrypting octet streams in Cipherblock Chaining Mode (CBC). For these functions datalen specifies the number of octets of data to encrypt or decrypt. It must be a multiple of 8 (64-bit block). The initialisation vector iv points to an 8-byte buffer.

passwd(1), crypt(3), passwd(5)

Niels Provos ⟨provos@physnet.uni-hamburg.de⟩

May 31, 2007 OpenBSD-5.3