1998-12-21 10:56:39 +00:00
|
|
|
; Don't even think of reading this code
|
|
|
|
; It was automatically generated by bf-586.pl
|
|
|
|
; Which is a perl program used to generate the x86 assember for
|
|
|
|
; any of elf, a.out, BSDI,Win32, or Solaris
|
|
|
|
; eric <eay@cryptsoft.com>
|
|
|
|
;
|
|
|
|
TITLE bf-586.asm
|
|
|
|
.486
|
|
|
|
.model FLAT
|
|
|
|
_TEXT SEGMENT
|
|
|
|
PUBLIC _BF_encrypt
|
|
|
|
|
|
|
|
_BF_encrypt PROC NEAR
|
|
|
|
;
|
|
|
|
push ebp
|
|
|
|
push ebx
|
|
|
|
mov ebx, DWORD PTR 12[esp]
|
|
|
|
mov ebp, DWORD PTR 16[esp]
|
|
|
|
push esi
|
|
|
|
push edi
|
|
|
|
; Load the 2 words
|
|
|
|
mov edi, DWORD PTR [ebx]
|
|
|
|
mov esi, DWORD PTR 4[ebx]
|
|
|
|
xor eax, eax
|
|
|
|
mov ebx, DWORD PTR [ebp]
|
|
|
|
xor ecx, ecx
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 0
|
|
|
|
mov edx, DWORD PTR 4[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 1
|
|
|
|
mov edx, DWORD PTR 8[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 2
|
|
|
|
mov edx, DWORD PTR 12[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 3
|
|
|
|
mov edx, DWORD PTR 16[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 4
|
|
|
|
mov edx, DWORD PTR 20[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 5
|
|
|
|
mov edx, DWORD PTR 24[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 6
|
|
|
|
mov edx, DWORD PTR 28[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 7
|
|
|
|
mov edx, DWORD PTR 32[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 8
|
|
|
|
mov edx, DWORD PTR 36[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 9
|
|
|
|
mov edx, DWORD PTR 40[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 10
|
|
|
|
mov edx, DWORD PTR 44[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 11
|
|
|
|
mov edx, DWORD PTR 48[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 12
|
|
|
|
mov edx, DWORD PTR 52[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 13
|
|
|
|
mov edx, DWORD PTR 56[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 14
|
|
|
|
mov edx, DWORD PTR 60[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 15
|
|
|
|
mov edx, DWORD PTR 64[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
; Load parameter 0 (16) enc=1
|
|
|
|
mov eax, DWORD PTR 20[esp]
|
|
|
|
xor edi, ebx
|
|
|
|
mov edx, DWORD PTR 68[ebp]
|
|
|
|
xor esi, edx
|
|
|
|
mov DWORD PTR 4[eax],edi
|
|
|
|
mov DWORD PTR [eax],esi
|
|
|
|
pop edi
|
|
|
|
pop esi
|
|
|
|
pop ebx
|
|
|
|
pop ebp
|
|
|
|
ret
|
|
|
|
_BF_encrypt ENDP
|
|
|
|
_TEXT ENDS
|
|
|
|
_TEXT SEGMENT
|
|
|
|
PUBLIC _BF_decrypt
|
|
|
|
|
|
|
|
_BF_decrypt PROC NEAR
|
|
|
|
;
|
|
|
|
push ebp
|
|
|
|
push ebx
|
|
|
|
mov ebx, DWORD PTR 12[esp]
|
|
|
|
mov ebp, DWORD PTR 16[esp]
|
|
|
|
push esi
|
|
|
|
push edi
|
|
|
|
; Load the 2 words
|
|
|
|
mov edi, DWORD PTR [ebx]
|
|
|
|
mov esi, DWORD PTR 4[ebx]
|
|
|
|
xor eax, eax
|
|
|
|
mov ebx, DWORD PTR 68[ebp]
|
|
|
|
xor ecx, ecx
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 16
|
|
|
|
mov edx, DWORD PTR 64[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 15
|
|
|
|
mov edx, DWORD PTR 60[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 14
|
|
|
|
mov edx, DWORD PTR 56[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 13
|
|
|
|
mov edx, DWORD PTR 52[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 12
|
|
|
|
mov edx, DWORD PTR 48[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 11
|
|
|
|
mov edx, DWORD PTR 44[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 10
|
|
|
|
mov edx, DWORD PTR 40[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 9
|
|
|
|
mov edx, DWORD PTR 36[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 8
|
|
|
|
mov edx, DWORD PTR 32[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 7
|
|
|
|
mov edx, DWORD PTR 28[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 6
|
|
|
|
mov edx, DWORD PTR 24[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 5
|
|
|
|
mov edx, DWORD PTR 20[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 4
|
|
|
|
mov edx, DWORD PTR 16[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 3
|
|
|
|
mov edx, DWORD PTR 12[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor edi, ebx
|
|
|
|
;
|
|
|
|
; Round 2
|
|
|
|
mov edx, DWORD PTR 8[ebp]
|
|
|
|
mov ebx, edi
|
|
|
|
xor esi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, edi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
xor eax, eax
|
|
|
|
xor esi, ebx
|
|
|
|
;
|
|
|
|
; Round 1
|
|
|
|
mov edx, DWORD PTR 4[ebp]
|
|
|
|
mov ebx, esi
|
|
|
|
xor edi, edx
|
|
|
|
shr ebx, 16
|
|
|
|
mov edx, esi
|
|
|
|
mov al, bh
|
|
|
|
and ebx, 255
|
|
|
|
mov cl, dh
|
|
|
|
and edx, 255
|
|
|
|
mov eax, DWORD PTR 72[eax*4+ebp]
|
|
|
|
mov ebx, DWORD PTR 1096[ebx*4+ebp]
|
|
|
|
add ebx, eax
|
|
|
|
mov eax, DWORD PTR 2120[ecx*4+ebp]
|
|
|
|
xor ebx, eax
|
|
|
|
mov edx, DWORD PTR 3144[edx*4+ebp]
|
|
|
|
add ebx, edx
|
|
|
|
; Load parameter 0 (1) enc=0
|
|
|
|
mov eax, DWORD PTR 20[esp]
|
|
|
|
xor edi, ebx
|
|
|
|
mov edx, DWORD PTR [ebp]
|
|
|
|
xor esi, edx
|
|
|
|
mov DWORD PTR 4[eax],edi
|
|
|
|
mov DWORD PTR [eax],esi
|
|
|
|
pop edi
|
|
|
|
pop esi
|
|
|
|
pop ebx
|
|
|
|
pop ebp
|
|
|
|
ret
|
|
|
|
_BF_decrypt ENDP
|
|
|
|
_TEXT ENDS
|
|
|
|
_TEXT SEGMENT
|
|
|
|
PUBLIC _BF_cbc_encrypt
|
|
|
|
|
|
|
|
_BF_cbc_encrypt PROC NEAR
|
|
|
|
;
|
|
|
|
push ebp
|
|
|
|
push ebx
|
|
|
|
push esi
|
|
|
|
push edi
|
|
|
|
mov ebp, DWORD PTR 28[esp]
|
|
|
|
; getting iv ptr from parameter 4
|
|
|
|
mov ebx, DWORD PTR 36[esp]
|
|
|
|
mov esi, DWORD PTR [ebx]
|
|
|
|
mov edi, DWORD PTR 4[ebx]
|
|
|
|
push edi
|
|
|
|
push esi
|
|
|
|
push edi
|
|
|
|
push esi
|
|
|
|
mov ebx, esp
|
|
|
|
mov esi, DWORD PTR 36[esp]
|
|
|
|
mov edi, DWORD PTR 40[esp]
|
|
|
|
; getting encrypt flag from parameter 5
|
|
|
|
mov ecx, DWORD PTR 56[esp]
|
|
|
|
; get and push parameter 3
|
|
|
|
mov eax, DWORD PTR 48[esp]
|
|
|
|
push eax
|
|
|
|
push ebx
|
|
|
|
cmp ecx, 0
|
|
|
|
jz $L000decrypt
|
|
|
|
and ebp, 4294967288
|
|
|
|
mov eax, DWORD PTR 8[esp]
|
|
|
|
mov ebx, DWORD PTR 12[esp]
|
|
|
|
jz $L001encrypt_finish
|
|
|
|
L002encrypt_loop:
|
|
|
|
mov ecx, DWORD PTR [esi]
|
|
|
|
mov edx, DWORD PTR 4[esi]
|
|
|
|
xor eax, ecx
|
|
|
|
xor ebx, edx
|
|
|
|
bswap eax
|
|
|
|
bswap ebx
|
|
|
|
mov DWORD PTR 8[esp],eax
|
|
|
|
mov DWORD PTR 12[esp],ebx
|
|
|
|
call _BF_encrypt
|
|
|
|
mov eax, DWORD PTR 8[esp]
|
|
|
|
mov ebx, DWORD PTR 12[esp]
|
|
|
|
bswap eax
|
|
|
|
bswap ebx
|
|
|
|
mov DWORD PTR [edi],eax
|
|
|
|
mov DWORD PTR 4[edi],ebx
|
|
|
|
add esi, 8
|
|
|
|
add edi, 8
|
|
|
|
sub ebp, 8
|
|
|
|
jnz L002encrypt_loop
|
|
|
|
$L001encrypt_finish:
|
|
|
|
mov ebp, DWORD PTR 52[esp]
|
|
|
|
and ebp, 7
|
|
|
|
jz $L003finish
|
|
|
|
xor ecx, ecx
|
|
|
|
xor edx, edx
|
|
|
|
mov ebp, DWORD PTR $L004cbc_enc_jmp_table[ebp*4]
|
|
|
|
jmp ebp
|
|
|
|
L005ej7:
|
|
|
|
mov dh, BYTE PTR 6[esi]
|
|
|
|
shl edx, 8
|
|
|
|
L006ej6:
|
|
|
|
mov dh, BYTE PTR 5[esi]
|
|
|
|
L007ej5:
|
|
|
|
mov dl, BYTE PTR 4[esi]
|
|
|
|
L008ej4:
|
|
|
|
mov ecx, DWORD PTR [esi]
|
|
|
|
jmp $L009ejend
|
|
|
|
L010ej3:
|
|
|
|
mov ch, BYTE PTR 2[esi]
|
|
|
|
shl ecx, 8
|
|
|
|
L011ej2:
|
|
|
|
mov ch, BYTE PTR 1[esi]
|
|
|
|
L012ej1:
|
|
|
|
mov cl, BYTE PTR [esi]
|
|
|
|
$L009ejend:
|
|
|
|
xor eax, ecx
|
|
|
|
xor ebx, edx
|
|
|
|
bswap eax
|
|
|
|
bswap ebx
|
|
|
|
mov DWORD PTR 8[esp],eax
|
|
|
|
mov DWORD PTR 12[esp],ebx
|
|
|
|
call _BF_encrypt
|
|
|
|
mov eax, DWORD PTR 8[esp]
|
|
|
|
mov ebx, DWORD PTR 12[esp]
|
|
|
|
bswap eax
|
|
|
|
bswap ebx
|
|
|
|
mov DWORD PTR [edi],eax
|
|
|
|
mov DWORD PTR 4[edi],ebx
|
|
|
|
jmp $L003finish
|
|
|
|
$L000decrypt:
|
|
|
|
and ebp, 4294967288
|
|
|
|
mov eax, DWORD PTR 16[esp]
|
|
|
|
mov ebx, DWORD PTR 20[esp]
|
|
|
|
jz $L013decrypt_finish
|
|
|
|
L014decrypt_loop:
|
|
|
|
mov eax, DWORD PTR [esi]
|
|
|
|
mov ebx, DWORD PTR 4[esi]
|
|
|
|
bswap eax
|
|
|
|
bswap ebx
|
|
|
|
mov DWORD PTR 8[esp],eax
|
|
|
|
mov DWORD PTR 12[esp],ebx
|
|
|
|
call _BF_decrypt
|
|
|
|
mov eax, DWORD PTR 8[esp]
|
|
|
|
mov ebx, DWORD PTR 12[esp]
|
|
|
|
bswap eax
|
|
|
|
bswap ebx
|
|
|
|
mov ecx, DWORD PTR 16[esp]
|
|
|
|
mov edx, DWORD PTR 20[esp]
|
|
|
|
xor ecx, eax
|
|
|
|
xor edx, ebx
|
|
|
|
mov eax, DWORD PTR [esi]
|
|
|
|
mov ebx, DWORD PTR 4[esi]
|
|
|
|
mov DWORD PTR [edi],ecx
|
|
|
|
mov DWORD PTR 4[edi],edx
|
|
|
|
mov DWORD PTR 16[esp],eax
|
|
|
|
mov DWORD PTR 20[esp],ebx
|
|
|
|
add esi, 8
|
|
|
|
add edi, 8
|
|
|
|
sub ebp, 8
|
|
|
|
jnz L014decrypt_loop
|
|
|
|
$L013decrypt_finish:
|
|
|
|
mov ebp, DWORD PTR 52[esp]
|
|
|
|
and ebp, 7
|
|
|
|
jz $L003finish
|
|
|
|
mov eax, DWORD PTR [esi]
|
|
|
|
mov ebx, DWORD PTR 4[esi]
|
|
|
|
bswap eax
|
|
|
|
bswap ebx
|
|
|
|
mov DWORD PTR 8[esp],eax
|
|
|
|
mov DWORD PTR 12[esp],ebx
|
|
|
|
call _BF_decrypt
|
|
|
|
mov eax, DWORD PTR 8[esp]
|
|
|
|
mov ebx, DWORD PTR 12[esp]
|
|
|
|
bswap eax
|
|
|
|
bswap ebx
|
|
|
|
mov ecx, DWORD PTR 16[esp]
|
|
|
|
mov edx, DWORD PTR 20[esp]
|
|
|
|
xor ecx, eax
|
|
|
|
xor edx, ebx
|
|
|
|
mov eax, DWORD PTR [esi]
|
|
|
|
mov ebx, DWORD PTR 4[esi]
|
|
|
|
L015dj7:
|
|
|
|
ror edx, 16
|
|
|
|
mov BYTE PTR 6[edi],dl
|
|
|
|
shr edx, 16
|
|
|
|
L016dj6:
|
|
|
|
mov BYTE PTR 5[edi],dh
|
|
|
|
L017dj5:
|
|
|
|
mov BYTE PTR 4[edi],dl
|
|
|
|
L018dj4:
|
|
|
|
mov DWORD PTR [edi],ecx
|
|
|
|
jmp $L019djend
|
|
|
|
L020dj3:
|
|
|
|
ror ecx, 16
|
|
|
|
mov BYTE PTR 2[edi],cl
|
|
|
|
shl ecx, 16
|
|
|
|
L021dj2:
|
|
|
|
mov BYTE PTR 1[esi],ch
|
|
|
|
L022dj1:
|
|
|
|
mov BYTE PTR [esi], cl
|
|
|
|
$L019djend:
|
|
|
|
jmp $L003finish
|
|
|
|
$L003finish:
|
|
|
|
mov ecx, DWORD PTR 60[esp]
|
|
|
|
add esp, 24
|
|
|
|
mov DWORD PTR [ecx],eax
|
|
|
|
mov DWORD PTR 4[ecx],ebx
|
|
|
|
pop edi
|
|
|
|
pop esi
|
|
|
|
pop ebx
|
|
|
|
pop ebp
|
|
|
|
ret
|
|
|
|
$L004cbc_enc_jmp_table:
|
|
|
|
DD 0
|
|
|
|
DD L012ej1
|
|
|
|
DD L011ej2
|
|
|
|
DD L010ej3
|
|
|
|
DD L008ej4
|
|
|
|
DD L007ej5
|
|
|
|
DD L006ej6
|
|
|
|
DD L005ej7
|
|
|
|
L023cbc_dec_jmp_table:
|
|
|
|
DD 0
|
|
|
|
DD L022dj1
|
|
|
|
DD L021dj2
|
|
|
|
DD L020dj3
|
|
|
|
DD L018dj4
|
|
|
|
DD L017dj5
|
|
|
|
DD L016dj6
|
|
|
|
DD L015dj7
|
|
|
|
_BF_cbc_encrypt ENDP
|
|
|
|
_TEXT ENDS
|
|
|
|
END
|