I recently got a reason to compare Blowfish algorithms. I compared the outputs from DI Management and PHP mcrypt . I could not get them to agree.
This led me to an interesting pursuit. According to this publication on Bruce Schneier's website, there was an error with the sign extension in the early versions of Blowfish code, and it would seem that the DI Control Code implements a pre-task report code.
In the blog, the error report says, in particular,
bfinit(char *key,int keybytes)
{
unsigned long data;
...
j=0;
...
data=0;
for(k=0;k<4;k++){
data=(data<<8)|key[j];
j+=1;
if(j==keybytes)
j=0;
}
...
}
It suffocates whenever the most significant bit of key [j] is "1". For example, if the key [j] = 0x80, key [j] signed by char is a character expanded to 0xffffff80 before it has ORed with data.
blf_Initialise basBlowfish.bas
wData = &H0
For k = 0 To 3
wData = uw_ShiftLeftBy8(wData) Or aKey(j)
j = j + 1
If j >= nKeyBytes Then j = 0
C:
data<<=8;
data|=(unsigned long)key[j]&0xff;
VB6
wData = uw_ShiftLeftBy8(wData)
wData = wData Or ( aKey(j) And &HFF )
, , , , , , :
wData = uw_ShiftLeftBy8(wData)
wData = wData Or (aKey(j) And &HFF)
wDCheck = uw_ShiftLeftBy8(wData) Or aKey(j)
Debug.Assert wData = wDCheck
aKey (j) 255, .
? , ?
, , DI, , ( , - .)