hawq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m..@apache.org
Subject [63/70] incubator-hawq git commit: HAWQ-1007. Add the pgcrypto code into hawq
Date Thu, 08 Sep 2016 02:08:36 GMT
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto.patch
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto.patch b/contrib/pgcrypto.patch
deleted file mode 100644
index 9663fab..0000000
--- a/contrib/pgcrypto.patch
+++ /dev/null
@@ -1,287 +0,0 @@
-diff --git a/contrib/pgcrypto/Makefile b/contrib/pgcrypto/Makefile
-index dadec95..cfae9c9 100644
---- a/contrib/pgcrypto/Makefile
-+++ b/contrib/pgcrypto/Makefile
-@@ -26,7 +26,9 @@ MODULE_big	= pgcrypto
- OBJS		= $(SRCS:.c=.o)
- 
- EXTENSION = pgcrypto
--DATA = pgcrypto--1.0.sql pgcrypto--unpackaged--1.0.sql
-+DATA_built  = pgcrypto.sql
-+#DATA = pgcrypto--1.0.sql pgcrypto--unpackaged--1.0.sql
-+DATA = uninstall_pgcrypto.sql
- 
- REGRESS = init md5 sha1 hmac-md5 hmac-sha1 blowfish rijndael \
- 	$(CF_TESTS) \
-@@ -41,8 +43,8 @@ PG_CONFIG = pg_config
- PGXS := $(shell $(PG_CONFIG) --pgxs)
- include $(PGXS)
- else
--subdir = contrib/pgcrypto
--top_builddir = ../..
-+subdir = depends/thirdparty/postgresql/contrib/pgcrypto
-+top_builddir = ../../../../..
- include $(top_builddir)/src/Makefile.global
- include $(top_srcdir)/contrib/contrib-global.mk
- endif
-diff --git a/contrib/pgcrypto/pgcrypto.sql.in b/contrib/pgcrypto/pgcrypto.sql.in
-new file mode 100644
-index 0000000..8388e86
---- /dev/null
-+++ b/contrib/pgcrypto/pgcrypto.sql.in
-@@ -0,0 +1,203 @@
-+/* $PostgreSQL: pgsql/contrib/pgcrypto/pgcrypto.sql.in,v 1.15 2007/11/13 04:24:28 momjian Exp $ */
-+
-+-- Adjust this setting to control where the objects get created.
-+SET search_path = public;
-+
-+CREATE OR REPLACE FUNCTION digest(text, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pg_digest'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION digest(bytea, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pg_digest'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION hmac(text, text, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pg_hmac'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION hmac(bytea, bytea, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pg_hmac'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION crypt(text, text)
-+RETURNS text
-+AS 'MODULE_PATHNAME', 'pg_crypt'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION gen_salt(text)
-+RETURNS text
-+AS 'MODULE_PATHNAME', 'pg_gen_salt'
-+LANGUAGE C VOLATILE STRICT;
-+
-+CREATE OR REPLACE FUNCTION gen_salt(text, int4)
-+RETURNS text
-+AS 'MODULE_PATHNAME', 'pg_gen_salt_rounds'
-+LANGUAGE C VOLATILE STRICT;
-+
-+CREATE OR REPLACE FUNCTION encrypt(bytea, bytea, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pg_encrypt'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION decrypt(bytea, bytea, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pg_decrypt'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION encrypt_iv(bytea, bytea, bytea, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pg_encrypt_iv'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION decrypt_iv(bytea, bytea, bytea, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pg_decrypt_iv'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION gen_random_bytes(int4)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pg_random_bytes'
-+LANGUAGE 'C' VOLATILE STRICT;
-+
-+--
-+-- pgp_sym_encrypt(data, key)
-+--
-+CREATE OR REPLACE FUNCTION pgp_sym_encrypt(text, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_sym_encrypt_text'
-+LANGUAGE C STRICT;
-+
-+CREATE OR REPLACE FUNCTION pgp_sym_encrypt_bytea(bytea, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_sym_encrypt_bytea'
-+LANGUAGE C STRICT;
-+
-+--
-+-- pgp_sym_encrypt(data, key, args)
-+--
-+CREATE OR REPLACE FUNCTION pgp_sym_encrypt(text, text, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_sym_encrypt_text'
-+LANGUAGE C STRICT;
-+
-+CREATE OR REPLACE FUNCTION pgp_sym_encrypt_bytea(bytea, text, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_sym_encrypt_bytea'
-+LANGUAGE C STRICT;
-+
-+--
-+-- pgp_sym_decrypt(data, key)
-+--
-+CREATE OR REPLACE FUNCTION pgp_sym_decrypt(bytea, text)
-+RETURNS text
-+AS 'MODULE_PATHNAME', 'pgp_sym_decrypt_text'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION pgp_sym_decrypt_bytea(bytea, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_sym_decrypt_bytea'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+--
-+-- pgp_sym_decrypt(data, key, args)
-+--
-+CREATE OR REPLACE FUNCTION pgp_sym_decrypt(bytea, text, text)
-+RETURNS text
-+AS 'MODULE_PATHNAME', 'pgp_sym_decrypt_text'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION pgp_sym_decrypt_bytea(bytea, text, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_sym_decrypt_bytea'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+--
-+-- pgp_pub_encrypt(data, key)
-+--
-+CREATE OR REPLACE FUNCTION pgp_pub_encrypt(text, bytea)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_pub_encrypt_text'
-+LANGUAGE C STRICT;
-+
-+CREATE OR REPLACE FUNCTION pgp_pub_encrypt_bytea(bytea, bytea)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_pub_encrypt_bytea'
-+LANGUAGE C STRICT;
-+
-+--
-+-- pgp_pub_encrypt(data, key, args)
-+--
-+CREATE OR REPLACE FUNCTION pgp_pub_encrypt(text, bytea, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_pub_encrypt_text'
-+LANGUAGE C STRICT;
-+
-+CREATE OR REPLACE FUNCTION pgp_pub_encrypt_bytea(bytea, bytea, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_pub_encrypt_bytea'
-+LANGUAGE C STRICT;
-+
-+--
-+-- pgp_pub_decrypt(data, key)
-+--
-+CREATE OR REPLACE FUNCTION pgp_pub_decrypt(bytea, bytea)
-+RETURNS text
-+AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_text'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION pgp_pub_decrypt_bytea(bytea, bytea)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_bytea'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+--
-+-- pgp_pub_decrypt(data, key, psw)
-+--
-+CREATE OR REPLACE FUNCTION pgp_pub_decrypt(bytea, bytea, text)
-+RETURNS text
-+AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_text'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION pgp_pub_decrypt_bytea(bytea, bytea, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_bytea'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+--
-+-- pgp_pub_decrypt(data, key, psw, arg)
-+--
-+CREATE OR REPLACE FUNCTION pgp_pub_decrypt(bytea, bytea, text, text)
-+RETURNS text
-+AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_text'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION pgp_pub_decrypt_bytea(bytea, bytea, text, text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pgp_pub_decrypt_bytea'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+--
-+-- PGP key ID
-+--
-+CREATE OR REPLACE FUNCTION pgp_key_id(bytea)
-+RETURNS text
-+AS 'MODULE_PATHNAME', 'pgp_key_id_w'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+--
-+-- pgp armor
-+--
-+CREATE OR REPLACE FUNCTION armor(bytea)
-+RETURNS text
-+AS 'MODULE_PATHNAME', 'pg_armor'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-+CREATE OR REPLACE FUNCTION dearmor(text)
-+RETURNS bytea
-+AS 'MODULE_PATHNAME', 'pg_dearmor'
-+LANGUAGE C IMMUTABLE STRICT;
-+
-diff --git a/contrib/pgcrypto/uninstall_pgcrypto.sql b/contrib/pgcrypto/uninstall_pgcrypto.sql
-new file mode 100644
-index 0000000..a2891f6
---- /dev/null
-+++ b/contrib/pgcrypto/uninstall_pgcrypto.sql
-@@ -0,0 +1,46 @@
-+/* $PostgreSQL: pgsql/contrib/pgcrypto/uninstall_pgcrypto.sql,v 1.4 2007/11/13 04:24:28 momjian Exp $ */
-+
-+-- Adjust this setting to control where the objects get dropped.
-+SET search_path = public;
-+
-+DROP FUNCTION digest(text, text);
-+DROP FUNCTION digest(bytea, text);
-+
-+DROP FUNCTION hmac(text, text, text);
-+DROP FUNCTION hmac(bytea, bytea, text);
-+
-+DROP FUNCTION crypt(text, text);
-+DROP FUNCTION gen_salt(text);
-+DROP FUNCTION gen_salt(text, int4);
-+
-+DROP FUNCTION encrypt(bytea, bytea, text);
-+DROP FUNCTION decrypt(bytea, bytea, text);
-+DROP FUNCTION encrypt_iv(bytea, bytea, bytea, text);
-+DROP FUNCTION decrypt_iv(bytea, bytea, bytea, text);
-+
-+DROP FUNCTION gen_random_bytes(int4);
-+
-+DROP FUNCTION pgp_sym_encrypt(text, text);
-+DROP FUNCTION pgp_sym_encrypt_bytea(bytea, text);
-+DROP FUNCTION pgp_sym_encrypt(text, text, text);
-+DROP FUNCTION pgp_sym_encrypt_bytea(bytea, text, text);
-+DROP FUNCTION pgp_sym_decrypt(bytea, text);
-+DROP FUNCTION pgp_sym_decrypt_bytea(bytea, text);
-+DROP FUNCTION pgp_sym_decrypt(bytea, text, text);
-+DROP FUNCTION pgp_sym_decrypt_bytea(bytea, text, text);
-+
-+DROP FUNCTION pgp_pub_encrypt(text, bytea);
-+DROP FUNCTION pgp_pub_encrypt_bytea(bytea, bytea);
-+DROP FUNCTION pgp_pub_encrypt(text, bytea, text);
-+DROP FUNCTION pgp_pub_encrypt_bytea(bytea, bytea, text);
-+DROP FUNCTION pgp_pub_decrypt(bytea, bytea);
-+DROP FUNCTION pgp_pub_decrypt_bytea(bytea, bytea);
-+DROP FUNCTION pgp_pub_decrypt(bytea, bytea, text);
-+DROP FUNCTION pgp_pub_decrypt_bytea(bytea, bytea, text);
-+DROP FUNCTION pgp_pub_decrypt(bytea, bytea, text, text);
-+DROP FUNCTION pgp_pub_decrypt_bytea(bytea, bytea, text, text);
-+
-+DROP FUNCTION pgp_key_id(bytea);
-+DROP FUNCTION armor(bytea);
-+DROP FUNCTION dearmor(text);
-+

http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/.gitignore
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/.gitignore b/contrib/pgcrypto/.gitignore
new file mode 100644
index 0000000..dc533ee
--- /dev/null
+++ b/contrib/pgcrypto/.gitignore
@@ -0,0 +1,5 @@
+# Generated subdirectories
+/log/
+/results/
+/tmp_check/
+pgcrypto.sql

http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/Makefile
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/Makefile b/contrib/pgcrypto/Makefile
new file mode 100644
index 0000000..b7cb3a6
--- /dev/null
+++ b/contrib/pgcrypto/Makefile
@@ -0,0 +1,66 @@
+# contrib/pgcrypto/Makefile
+
+INT_SRCS = md5.c sha1.c sha2.c internal.c internal-sha2.c blf.c rijndael.c \
+		fortuna.c random.c pgp-mpi-internal.c imath.c
+INT_TESTS = sha2
+
+OSSL_SRCS = openssl.c pgp-mpi-openssl.c
+OSSL_TESTS = sha2 des 3des cast5
+
+ZLIB_TST = pgp-compression
+ZLIB_OFF_TST = pgp-zlib-DISABLED
+
+CF_SRCS = $(if $(subst no,,$(with_openssl)), $(OSSL_SRCS), $(INT_SRCS))
+CF_TESTS = $(if $(subst no,,$(with_openssl)), $(OSSL_TESTS), $(INT_TESTS))
+CF_PGP_TESTS = $(if $(subst no,,$(with_zlib)), $(ZLIB_TST), $(ZLIB_OFF_TST))
+
+SRCS		= pgcrypto.c px.c px-hmac.c px-crypt.c \
+		crypt-gensalt.c crypt-blowfish.c crypt-des.c \
+		crypt-md5.c $(CF_SRCS) \
+		mbuf.c pgp.c pgp-armor.c pgp-cfb.c pgp-compress.c \
+		pgp-decrypt.c pgp-encrypt.c pgp-info.c pgp-mpi.c \
+		pgp-pubdec.c pgp-pubenc.c pgp-pubkey.c pgp-s2k.c \
+		pgp-pgsql.c
+
+MODULE_big	= pgcrypto
+OBJS		= $(SRCS:.c=.o)
+
+EXTENSION = pgcrypto
+DATA_built  = pgcrypto.sql
+#DATA = pgcrypto--1.0.sql pgcrypto--unpackaged--1.0.sql
+DATA = uninstall_pgcrypto.sql
+
+REGRESS = init md5 sha1 hmac-md5 hmac-sha1 blowfish rijndael \
+	$(CF_TESTS) \
+	crypt-des crypt-md5 crypt-blowfish crypt-xdes \
+	pgp-armor pgp-decrypt pgp-encrypt $(CF_PGP_TESTS) \
+	pgp-pubkey-decrypt pgp-pubkey-encrypt pgp-info
+
+EXTRA_CLEAN = gen-rtab
+
+ifdef USE_PGXS
+PG_CONFIG = pg_config
+PGXS := $(shell $(PG_CONFIG) --pgxs)
+include $(PGXS)
+else
+subdir = contrib/pgcrypto
+top_builddir = ../..
+include $(top_builddir)/src/Makefile.global
+include $(top_srcdir)/contrib/contrib-global.mk
+endif
+
+# Add libraries that pgcrypto depends (or might depend) on into the
+# shared library link.  (The order in which you list them here doesn't
+# matter.)
+SHLIB_LINK += $(filter -lcrypto -lz, $(LIBS))
+ifeq ($(PORTNAME), win32)
+SHLIB_LINK += $(filter -leay32, $(LIBS))
+# those must be at the end
+SHLIB_LINK += -lwsock32 -lws2_32
+endif
+
+rijndael.o: rijndael.tbl
+
+rijndael.tbl:
+	$(CC) $(CPPFLAGS) $(CFLAGS) -DPRINT_TABS rijndael.c -o gen-rtab
+	./gen-rtab > rijndael.tbl

http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/blf.c
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/blf.c b/contrib/pgcrypto/blf.c
new file mode 100644
index 0000000..f8a2c63
--- /dev/null
+++ b/contrib/pgcrypto/blf.c
@@ -0,0 +1,499 @@
+/*
+ * Butchered version of sshblowf.c from putty-0.59.
+ *
+ * contrib/pgcrypto/blf.c
+ */
+
+/*
+ * PuTTY is copyright 1997-2007 Simon Tatham.
+ *
+ * Portions copyright Robert de Bath, Joris van Rantwijk, Delian
+ * Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry,
+ * Justin Bradford, Ben Harris, Malcolm Smith, Ahmad Khalifa, Markus
+ * Kuhn, and CORE SDI S.A.
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation files
+ * (the "Software"), to deal in the Software without restriction,
+ * including without limitation the rights to use, copy, modify, merge,
+ * publish, distribute, sublicense, and/or sell copies of the Software,
+ * and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE
+ * FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
+ * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+/*
+ * Blowfish implementation for PuTTY.
+ *
+ * Coded from scratch from the algorithm description.
+ */
+
+#include "postgres.h"
+#include "blf.h"
+
+#define GET_32BIT_MSB_FIRST(p) ( \
+	((p)[0] << 24) | ((p)[1] << 16) | ((p)[2] << 8) | ((p)[3]) )
+
+#define PUT_32BIT_MSB_FIRST(p, v) do { \
+	(p)[0] = v >> 24; \
+	(p)[1] = v >> 16; \
+	(p)[2] = v >> 8; \
+	(p)[3] = v; \
+} while (0)
+
+/*
+ * The Blowfish init data: hex digits of the fractional part of pi.
+ * (ie pi as a hex fraction is 3.243F6A8885A308D3...)
+ */
+static const uint32 parray[] = {
+	0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344, 0xA4093822, 0x299F31D0,
+	0x082EFA98, 0xEC4E6C89, 0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C,
+	0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917, 0x9216D5D9, 0x8979FB1B,
+};
+
+static const uint32 sbox0[] = {
+	0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7, 0xB8E1AFED, 0x6A267E96,
+	0xBA7C9045, 0xF12C7F99, 0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16,
+	0x636920D8, 0x71574E69, 0xA458FEA3, 0xF4933D7E, 0x0D95748F, 0x728EB658,
+	0x718BCD58, 0x82154AEE, 0x7B54A41D, 0xC25A59B5, 0x9C30D539, 0x2AF26013,
+	0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF, 0x8E79DCB0, 0x603A180E,
+	0x6C9E0E8B, 0xB01E8A3E, 0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60,
+	0xE65525F3, 0xAA55AB94, 0x57489862, 0x63E81440, 0x55CA396A, 0x2AAB10B6,
+	0xB4CC5C34, 0x1141E8CE, 0xA15486AF, 0x7C72E993, 0xB3EE1411, 0x636FBC2A,
+	0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E, 0xAFD6BA33, 0x6C24CF5C,
+	0x7A325381, 0x28958677, 0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193,
+	0x61D809CC, 0xFB21A991, 0x487CAC60, 0x5DEC8032, 0xEF845D5D, 0xE98575B1,
+	0xDC262302, 0xEB651B88, 0x23893E81, 0xD396ACC5, 0x0F6D6FF3, 0x83F44239,
+	0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E, 0x21C66842, 0xF6E96C9A,
+	0x670C9C61, 0xABD388F0, 0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3,
+	0x6EEF0B6C, 0x137A3BE4, 0xBA3BF050, 0x7EFB2A98, 0xA1F1651D, 0x39AF0176,
+	0x66CA593E, 0x82430E88, 0x8CEE8619, 0x456F9FB4, 0x7D84A5C3, 0x3B8B5EBE,
+	0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6, 0x4ED3AA62, 0x363F7706,
+	0x1BFEDF72, 0x429B023D, 0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B,
+	0x075372C9, 0x80991B7B, 0x25D479D8, 0xF6E8DEF7, 0xE3FE501A, 0xB6794C3B,
+	0x976CE0BD, 0x04C006BA, 0xC1A94FB6, 0x409F60C4, 0x5E5C9EC2, 0x196A2463,
+	0x68FB6FAF, 0x3E6C53B5, 0x1339B2EB, 0x3B52EC6F, 0x6DFC511F, 0x9B30952C,
+	0xCC814544, 0xAF5EBD09, 0xBEE3D004, 0xDE334AFD, 0x660F2807, 0x192E4BB3,
+	0xC0CBA857, 0x45C8740F, 0xD20B5F39, 0xB9D3FBDB, 0x5579C0BD, 0x1A60320A,
+	0xD6A100C6, 0x402C7279, 0x679F25FE, 0xFB1FA3CC, 0x8EA5E9F8, 0xDB3222F8,
+	0x3C7516DF, 0xFD616B15, 0x2F501EC8, 0xAD0552AB, 0x323DB5FA, 0xFD238760,
+	0x53317B48, 0x3E00DF82, 0x9E5C57BB, 0xCA6F8CA0, 0x1A87562E, 0xDF1769DB,
+	0xD542A8F6, 0x287EFFC3, 0xAC6732C6, 0x8C4F5573, 0x695B27B0, 0xBBCA58C8,
+	0xE1FFA35D, 0xB8F011A0, 0x10FA3D98, 0xFD2183B8, 0x4AFCB56C, 0x2DD1D35B,
+	0x9A53E479, 0xB6F84565, 0xD28E49BC, 0x4BFB9790, 0xE1DDF2DA, 0xA4CB7E33,
+	0x62FB1341, 0xCEE4C6E8, 0xEF20CADA, 0x36774C01, 0xD07E9EFE, 0x2BF11FB4,
+	0x95DBDA4D, 0xAE909198, 0xEAAD8E71, 0x6B93D5A0, 0xD08ED1D0, 0xAFC725E0,
+	0x8E3C5B2F, 0x8E7594B7, 0x8FF6E2FB, 0xF2122B64, 0x8888B812, 0x900DF01C,
+	0x4FAD5EA0, 0x688FC31C, 0xD1CFF191, 0xB3A8C1AD, 0x2F2F2218, 0xBE0E1777,
+	0xEA752DFE, 0x8B021FA1, 0xE5A0CC0F, 0xB56F74E8, 0x18ACF3D6, 0xCE89E299,
+	0xB4A84FE0, 0xFD13E0B7, 0x7CC43B81, 0xD2ADA8D9, 0x165FA266, 0x80957705,
+	0x93CC7314, 0x211A1477, 0xE6AD2065, 0x77B5FA86, 0xC75442F5, 0xFB9D35CF,
+	0xEBCDAF0C, 0x7B3E89A0, 0xD6411BD3, 0xAE1E7E49, 0x00250E2D, 0x2071B35E,
+	0x226800BB, 0x57B8E0AF, 0x2464369B, 0xF009B91E, 0x5563911D, 0x59DFA6AA,
+	0x78C14389, 0xD95A537F, 0x207D5BA2, 0x02E5B9C5, 0x83260376, 0x6295CFA9,
+	0x11C81968, 0x4E734A41, 0xB3472DCA, 0x7B14A94A, 0x1B510052, 0x9A532915,
+	0xD60F573F, 0xBC9BC6E4, 0x2B60A476, 0x81E67400, 0x08BA6FB5, 0x571BE91F,
+	0xF296EC6B, 0x2A0DD915, 0xB6636521, 0xE7B9F9B6, 0xFF34052E, 0xC5855664,
+	0x53B02D5D, 0xA99F8FA1, 0x08BA4799, 0x6E85076A,
+};
+
+static const uint32 sbox1[] = {
+	0x4B7A70E9, 0xB5B32944, 0xDB75092E, 0xC4192623, 0xAD6EA6B0, 0x49A7DF7D,
+	0x9CEE60B8, 0x8FEDB266, 0xECAA8C71, 0x699A17FF, 0x5664526C, 0xC2B19EE1,
+	0x193602A5, 0x75094C29, 0xA0591340, 0xE4183A3E, 0x3F54989A, 0x5B429D65,
+	0x6B8FE4D6, 0x99F73FD6, 0xA1D29C07, 0xEFE830F5, 0x4D2D38E6, 0xF0255DC1,
+	0x4CDD2086, 0x8470EB26, 0x6382E9C6, 0x021ECC5E, 0x09686B3F, 0x3EBAEFC9,
+	0x3C971814, 0x6B6A70A1, 0x687F3584, 0x52A0E286, 0xB79C5305, 0xAA500737,
+	0x3E07841C, 0x7FDEAE5C, 0x8E7D44EC, 0x5716F2B8, 0xB03ADA37, 0xF0500C0D,
+	0xF01C1F04, 0x0200B3FF, 0xAE0CF51A, 0x3CB574B2, 0x25837A58, 0xDC0921BD,
+	0xD19113F9, 0x7CA92FF6, 0x94324773, 0x22F54701, 0x3AE5E581, 0x37C2DADC,
+	0xC8B57634, 0x9AF3DDA7, 0xA9446146, 0x0FD0030E, 0xECC8C73E, 0xA4751E41,
+	0xE238CD99, 0x3BEA0E2F, 0x3280BBA1, 0x183EB331, 0x4E548B38, 0x4F6DB908,
+	0x6F420D03, 0xF60A04BF, 0x2CB81290, 0x24977C79, 0x5679B072, 0xBCAF89AF,
+	0xDE9A771F, 0xD9930810, 0xB38BAE12, 0xDCCF3F2E, 0x5512721F, 0x2E6B7124,
+	0x501ADDE6, 0x9F84CD87, 0x7A584718, 0x7408DA17, 0xBC9F9ABC, 0xE94B7D8C,
+	0xEC7AEC3A, 0xDB851DFA, 0x63094366, 0xC464C3D2, 0xEF1C1847, 0x3215D908,
+	0xDD433B37, 0x24C2BA16, 0x12A14D43, 0x2A65C451, 0x50940002, 0x133AE4DD,
+	0x71DFF89E, 0x10314E55, 0x81AC77D6, 0x5F11199B, 0x043556F1, 0xD7A3C76B,
+	0x3C11183B, 0x5924A509, 0xF28FE6ED, 0x97F1FBFA, 0x9EBABF2C, 0x1E153C6E,
+	0x86E34570, 0xEAE96FB1, 0x860E5E0A, 0x5A3E2AB3, 0x771FE71C, 0x4E3D06FA,
+	0x2965DCB9, 0x99E71D0F, 0x803E89D6, 0x5266C825, 0x2E4CC978, 0x9C10B36A,
+	0xC6150EBA, 0x94E2EA78, 0xA5FC3C53, 0x1E0A2DF4, 0xF2F74EA7, 0x361D2B3D,
+	0x1939260F, 0x19C27960, 0x5223A708, 0xF71312B6, 0xEBADFE6E, 0xEAC31F66,
+	0xE3BC4595, 0xA67BC883, 0xB17F37D1, 0x018CFF28, 0xC332DDEF, 0xBE6C5AA5,
+	0x65582185, 0x68AB9802, 0xEECEA50F, 0xDB2F953B, 0x2AEF7DAD, 0x5B6E2F84,
+	0x1521B628, 0x29076170, 0xECDD4775, 0x619F1510, 0x13CCA830, 0xEB61BD96,
+	0x0334FE1E, 0xAA0363CF, 0xB5735C90, 0x4C70A239, 0xD59E9E0B, 0xCBAADE14,
+	0xEECC86BC, 0x60622CA7, 0x9CAB5CAB, 0xB2F3846E, 0x648B1EAF, 0x19BDF0CA,
+	0xA02369B9, 0x655ABB50, 0x40685A32, 0x3C2AB4B3, 0x319EE9D5, 0xC021B8F7,
+	0x9B540B19, 0x875FA099, 0x95F7997E, 0x623D7DA8, 0xF837889A, 0x97E32D77,
+	0x11ED935F, 0x16681281, 0x0E358829, 0xC7E61FD6, 0x96DEDFA1, 0x7858BA99,
+	0x57F584A5, 0x1B227263, 0x9B83C3FF, 0x1AC24696, 0xCDB30AEB, 0x532E3054,
+	0x8FD948E4, 0x6DBC3128, 0x58EBF2EF, 0x34C6FFEA, 0xFE28ED61, 0xEE7C3C73,
+	0x5D4A14D9, 0xE864B7E3, 0x42105D14, 0x203E13E0, 0x45EEE2B6, 0xA3AAABEA,
+	0xDB6C4F15, 0xFACB4FD0, 0xC742F442, 0xEF6ABBB5, 0x654F3B1D, 0x41CD2105,
+	0xD81E799E, 0x86854DC7, 0xE44B476A, 0x3D816250, 0xCF62A1F2, 0x5B8D2646,
+	0xFC8883A0, 0xC1C7B6A3, 0x7F1524C3, 0x69CB7492, 0x47848A0B, 0x5692B285,
+	0x095BBF00, 0xAD19489D, 0x1462B174, 0x23820E00, 0x58428D2A, 0x0C55F5EA,
+	0x1DADF43E, 0x233F7061, 0x3372F092, 0x8D937E41, 0xD65FECF1, 0x6C223BDB,
+	0x7CDE3759, 0xCBEE7460, 0x4085F2A7, 0xCE77326E, 0xA6078084, 0x19F8509E,
+	0xE8EFD855, 0x61D99735, 0xA969A7AA, 0xC50C06C2, 0x5A04ABFC, 0x800BCADC,
+	0x9E447A2E, 0xC3453484, 0xFDD56705, 0x0E1E9EC9, 0xDB73DBD3, 0x105588CD,
+	0x675FDA79, 0xE3674340, 0xC5C43465, 0x713E38D8, 0x3D28F89E, 0xF16DFF20,
+	0x153E21E7, 0x8FB03D4A, 0xE6E39F2B, 0xDB83ADF7,
+};
+
+static const uint32 sbox2[] = {
+	0xE93D5A68, 0x948140F7, 0xF64C261C, 0x94692934, 0x411520F7, 0x7602D4F7,
+	0xBCF46B2E, 0xD4A20068, 0xD4082471, 0x3320F46A, 0x43B7D4B7, 0x500061AF,
+	0x1E39F62E, 0x97244546, 0x14214F74, 0xBF8B8840, 0x4D95FC1D, 0x96B591AF,
+	0x70F4DDD3, 0x66A02F45, 0xBFBC09EC, 0x03BD9785, 0x7FAC6DD0, 0x31CB8504,
+	0x96EB27B3, 0x55FD3941, 0xDA2547E6, 0xABCA0A9A, 0x28507825, 0x530429F4,
+	0x0A2C86DA, 0xE9B66DFB, 0x68DC1462, 0xD7486900, 0x680EC0A4, 0x27A18DEE,
+	0x4F3FFEA2, 0xE887AD8C, 0xB58CE006, 0x7AF4D6B6, 0xAACE1E7C, 0xD3375FEC,
+	0xCE78A399, 0x406B2A42, 0x20FE9E35, 0xD9F385B9, 0xEE39D7AB, 0x3B124E8B,
+	0x1DC9FAF7, 0x4B6D1856, 0x26A36631, 0xEAE397B2, 0x3A6EFA74, 0xDD5B4332,
+	0x6841E7F7, 0xCA7820FB, 0xFB0AF54E, 0xD8FEB397, 0x454056AC, 0xBA489527,
+	0x55533A3A, 0x20838D87, 0xFE6BA9B7, 0xD096954B, 0x55A867BC, 0xA1159A58,
+	0xCCA92963, 0x99E1DB33, 0xA62A4A56, 0x3F3125F9, 0x5EF47E1C, 0x9029317C,
+	0xFDF8E802, 0x04272F70, 0x80BB155C, 0x05282CE3, 0x95C11548, 0xE4C66D22,
+	0x48C1133F, 0xC70F86DC, 0x07F9C9EE, 0x41041F0F, 0x404779A4, 0x5D886E17,
+	0x325F51EB, 0xD59BC0D1, 0xF2BCC18F, 0x41113564, 0x257B7834, 0x602A9C60,
+	0xDFF8E8A3, 0x1F636C1B, 0x0E12B4C2, 0x02E1329E, 0xAF664FD1, 0xCAD18115,
+	0x6B2395E0, 0x333E92E1, 0x3B240B62, 0xEEBEB922, 0x85B2A20E, 0xE6BA0D99,
+	0xDE720C8C, 0x2DA2F728, 0xD0127845, 0x95B794FD, 0x647D0862, 0xE7CCF5F0,
+	0x5449A36F, 0x877D48FA, 0xC39DFD27, 0xF33E8D1E, 0x0A476341, 0x992EFF74,
+	0x3A6F6EAB, 0xF4F8FD37, 0xA812DC60, 0xA1EBDDF8, 0x991BE14C, 0xDB6E6B0D,
+	0xC67B5510, 0x6D672C37, 0x2765D43B, 0xDCD0E804, 0xF1290DC7, 0xCC00FFA3,
+	0xB5390F92, 0x690FED0B, 0x667B9FFB, 0xCEDB7D9C, 0xA091CF0B, 0xD9155EA3,
+	0xBB132F88, 0x515BAD24, 0x7B9479BF, 0x763BD6EB, 0x37392EB3, 0xCC115979,
+	0x8026E297, 0xF42E312D, 0x6842ADA7, 0xC66A2B3B, 0x12754CCC, 0x782EF11C,
+	0x6A124237, 0xB79251E7, 0x06A1BBE6, 0x4BFB6350, 0x1A6B1018, 0x11CAEDFA,
+	0x3D25BDD8, 0xE2E1C3C9, 0x44421659, 0x0A121386, 0xD90CEC6E, 0xD5ABEA2A,
+	0x64AF674E, 0xDA86A85F, 0xBEBFE988, 0x64E4C3FE, 0x9DBC8057, 0xF0F7C086,
+	0x60787BF8, 0x6003604D, 0xD1FD8346, 0xF6381FB0, 0x7745AE04, 0xD736FCCC,
+	0x83426B33, 0xF01EAB71, 0xB0804187, 0x3C005E5F, 0x77A057BE, 0xBDE8AE24,
+	0x55464299, 0xBF582E61, 0x4E58F48F, 0xF2DDFDA2, 0xF474EF38, 0x8789BDC2,
+	0x5366F9C3, 0xC8B38E74, 0xB475F255, 0x46FCD9B9, 0x7AEB2661, 0x8B1DDF84,
+	0x846A0E79, 0x915F95E2, 0x466E598E, 0x20B45770, 0x8CD55591, 0xC902DE4C,
+	0xB90BACE1, 0xBB8205D0, 0x11A86248, 0x7574A99E, 0xB77F19B6, 0xE0A9DC09,
+	0x662D09A1, 0xC4324633, 0xE85A1F02, 0x09F0BE8C, 0x4A99A025, 0x1D6EFE10,
+	0x1AB93D1D, 0x0BA5A4DF, 0xA186F20F, 0x2868F169, 0xDCB7DA83, 0x573906FE,
+	0xA1E2CE9B, 0x4FCD7F52, 0x50115E01, 0xA70683FA, 0xA002B5C4, 0x0DE6D027,
+	0x9AF88C27, 0x773F8641, 0xC3604C06, 0x61A806B5, 0xF0177A28, 0xC0F586E0,
+	0x006058AA, 0x30DC7D62, 0x11E69ED7, 0x2338EA63, 0x53C2DD94, 0xC2C21634,
+	0xBBCBEE56, 0x90BCB6DE, 0xEBFC7DA1, 0xCE591D76, 0x6F05E409, 0x4B7C0188,
+	0x39720A3D, 0x7C927C24, 0x86E3725F, 0x724D9DB9, 0x1AC15BB4, 0xD39EB8FC,
+	0xED545578, 0x08FCA5B5, 0xD83D7CD3, 0x4DAD0FC4, 0x1E50EF5E, 0xB161E6F8,
+	0xA28514D9, 0x6C51133C, 0x6FD5C7E7, 0x56E14EC4, 0x362ABFCE, 0xDDC6C837,
+	0xD79A3234, 0x92638212, 0x670EFA8E, 0x406000E0,
+};
+
+static const uint32 sbox3[] = {
+	0x3A39CE37, 0xD3FAF5CF, 0xABC27737, 0x5AC52D1B, 0x5CB0679E, 0x4FA33742,
+	0xD3822740, 0x99BC9BBE, 0xD5118E9D, 0xBF0F7315, 0xD62D1C7E, 0xC700C47B,
+	0xB78C1B6B, 0x21A19045, 0xB26EB1BE, 0x6A366EB4, 0x5748AB2F, 0xBC946E79,
+	0xC6A376D2, 0x6549C2C8, 0x530FF8EE, 0x468DDE7D, 0xD5730A1D, 0x4CD04DC6,
+	0x2939BBDB, 0xA9BA4650, 0xAC9526E8, 0xBE5EE304, 0xA1FAD5F0, 0x6A2D519A,
+	0x63EF8CE2, 0x9A86EE22, 0xC089C2B8, 0x43242EF6, 0xA51E03AA, 0x9CF2D0A4,
+	0x83C061BA, 0x9BE96A4D, 0x8FE51550, 0xBA645BD6, 0x2826A2F9, 0xA73A3AE1,
+	0x4BA99586, 0xEF5562E9, 0xC72FEFD3, 0xF752F7DA, 0x3F046F69, 0x77FA0A59,
+	0x80E4A915, 0x87B08601, 0x9B09E6AD, 0x3B3EE593, 0xE990FD5A, 0x9E34D797,
+	0x2CF0B7D9, 0x022B8B51, 0x96D5AC3A, 0x017DA67D, 0xD1CF3ED6, 0x7C7D2D28,
+	0x1F9F25CF, 0xADF2B89B, 0x5AD6B472, 0x5A88F54C, 0xE029AC71, 0xE019A5E6,
+	0x47B0ACFD, 0xED93FA9B, 0xE8D3C48D, 0x283B57CC, 0xF8D56629, 0x79132E28,
+	0x785F0191, 0xED756055, 0xF7960E44, 0xE3D35E8C, 0x15056DD4, 0x88F46DBA,
+	0x03A16125, 0x0564F0BD, 0xC3EB9E15, 0x3C9057A2, 0x97271AEC, 0xA93A072A,
+	0x1B3F6D9B, 0x1E6321F5, 0xF59C66FB, 0x26DCF319, 0x7533D928, 0xB155FDF5,
+	0x03563482, 0x8ABA3CBB, 0x28517711, 0xC20AD9F8, 0xABCC5167, 0xCCAD925F,
+	0x4DE81751, 0x3830DC8E, 0x379D5862, 0x9320F991, 0xEA7A90C2, 0xFB3E7BCE,
+	0x5121CE64, 0x774FBE32, 0xA8B6E37E, 0xC3293D46, 0x48DE5369, 0x6413E680,
+	0xA2AE0810, 0xDD6DB224, 0x69852DFD, 0x09072166, 0xB39A460A, 0x6445C0DD,
+	0x586CDECF, 0x1C20C8AE, 0x5BBEF7DD, 0x1B588D40, 0xCCD2017F, 0x6BB4E3BB,
+	0xDDA26A7E, 0x3A59FF45, 0x3E350A44, 0xBCB4CDD5, 0x72EACEA8, 0xFA6484BB,
+	0x8D6612AE, 0xBF3C6F47, 0xD29BE463, 0x542F5D9E, 0xAEC2771B, 0xF64E6370,
+	0x740E0D8D, 0xE75B1357, 0xF8721671, 0xAF537D5D, 0x4040CB08, 0x4EB4E2CC,
+	0x34D2466A, 0x0115AF84, 0xE1B00428, 0x95983A1D, 0x06B89FB4, 0xCE6EA048,
+	0x6F3F3B82, 0x3520AB82, 0x011A1D4B, 0x277227F8, 0x611560B1, 0xE7933FDC,
+	0xBB3A792B, 0x344525BD, 0xA08839E1, 0x51CE794B, 0x2F32C9B7, 0xA01FBAC9,
+	0xE01CC87E, 0xBCC7D1F6, 0xCF0111C3, 0xA1E8AAC7, 0x1A908749, 0xD44FBD9A,
+	0xD0DADECB, 0xD50ADA38, 0x0339C32A, 0xC6913667, 0x8DF9317C, 0xE0B12B4F,
+	0xF79E59B7, 0x43F5BB3A, 0xF2D519FF, 0x27D9459C, 0xBF97222C, 0x15E6FC2A,
+	0x0F91FC71, 0x9B941525, 0xFAE59361, 0xCEB69CEB, 0xC2A86459, 0x12BAA8D1,
+	0xB6C1075E, 0xE3056A0C, 0x10D25065, 0xCB03A442, 0xE0EC6E0E, 0x1698DB3B,
+	0x4C98A0BE, 0x3278E964, 0x9F1F9532, 0xE0D392DF, 0xD3A0342B, 0x8971F21E,
+	0x1B0A7441, 0x4BA3348C, 0xC5BE7120, 0xC37632D8, 0xDF359F8D, 0x9B992F2E,
+	0xE60B6F47, 0x0FE3F11D, 0xE54CDA54, 0x1EDAD891, 0xCE6279CF, 0xCD3E7E6F,
+	0x1618B166, 0xFD2C1D05, 0x848FD2C5, 0xF6FB2299, 0xF523F357, 0xA6327623,
+	0x93A83531, 0x56CCCD02, 0xACF08162, 0x5A75EBB5, 0x6E163697, 0x88D273CC,
+	0xDE966292, 0x81B949D0, 0x4C50901B, 0x71C65614, 0xE6C6C7BD, 0x327A140A,
+	0x45E1D006, 0xC3F27B9A, 0xC9AA53FD, 0x62A80F00, 0xBB25BFE2, 0x35BDD2F6,
+	0x71126905, 0xB2040222, 0xB6CBCF7C, 0xCD769C2B, 0x53113EC0, 0x1640E3D3,
+	0x38ABBD60, 0x2547ADF0, 0xBA38209C, 0xF746CE76, 0x77AFA1C5, 0x20756060,
+	0x85CBFE4E, 0x8AE88DD8, 0x7AAAF9B0, 0x4CF9AA7E, 0x1948C25C, 0x02FB8A8C,
+	0x01C36AE4, 0xD6EBE1F9, 0x90D4F869, 0xA65CDEA0, 0x3F09252D, 0xC208E69F,
+	0xB74E6132, 0xCE77E25B, 0x578FDFE3, 0x3AC372E6,
+};
+
+#define Fprime(a,b,c,d) ( ( (S0[a] + S1[b]) ^ S2[c] ) + S3[d] )
+#define F(x) Fprime( ((x>>24)&0xFF), ((x>>16)&0xFF), ((x>>8)&0xFF), (x&0xFF) )
+#define ROUND(n) ( xL ^= P[n], t = xL, xL = F(xL) ^ xR, xR = t )
+
+static void
+blowfish_encrypt(uint32 xL, uint32 xR, uint32 *output,
+				 BlowfishContext *ctx)
+{
+	uint32	   *S0 = ctx->S0;
+	uint32	   *S1 = ctx->S1;
+	uint32	   *S2 = ctx->S2;
+	uint32	   *S3 = ctx->S3;
+	uint32	   *P = ctx->P;
+	uint32		t;
+
+	ROUND(0);
+	ROUND(1);
+	ROUND(2);
+	ROUND(3);
+	ROUND(4);
+	ROUND(5);
+	ROUND(6);
+	ROUND(7);
+	ROUND(8);
+	ROUND(9);
+	ROUND(10);
+	ROUND(11);
+	ROUND(12);
+	ROUND(13);
+	ROUND(14);
+	ROUND(15);
+	xL ^= P[16];
+	xR ^= P[17];
+
+	output[0] = xR;
+	output[1] = xL;
+}
+
+static void
+blowfish_decrypt(uint32 xL, uint32 xR, uint32 *output,
+				 BlowfishContext *ctx)
+{
+	uint32	   *S0 = ctx->S0;
+	uint32	   *S1 = ctx->S1;
+	uint32	   *S2 = ctx->S2;
+	uint32	   *S3 = ctx->S3;
+	uint32	   *P = ctx->P;
+	uint32		t;
+
+	ROUND(17);
+	ROUND(16);
+	ROUND(15);
+	ROUND(14);
+	ROUND(13);
+	ROUND(12);
+	ROUND(11);
+	ROUND(10);
+	ROUND(9);
+	ROUND(8);
+	ROUND(7);
+	ROUND(6);
+	ROUND(5);
+	ROUND(4);
+	ROUND(3);
+	ROUND(2);
+	xL ^= P[1];
+	xR ^= P[0];
+
+	output[0] = xR;
+	output[1] = xL;
+}
+
+void
+blowfish_encrypt_cbc(uint8 *blk, int len, BlowfishContext *ctx)
+{
+	uint32		xL,
+				xR,
+				out[2],
+				iv0,
+				iv1;
+
+	Assert((len & 7) == 0);
+
+	iv0 = ctx->iv0;
+	iv1 = ctx->iv1;
+
+	while (len > 0)
+	{
+		xL = GET_32BIT_MSB_FIRST(blk);
+		xR = GET_32BIT_MSB_FIRST(blk + 4);
+		iv0 ^= xL;
+		iv1 ^= xR;
+		blowfish_encrypt(iv0, iv1, out, ctx);
+		iv0 = out[0];
+		iv1 = out[1];
+		PUT_32BIT_MSB_FIRST(blk, iv0);
+		PUT_32BIT_MSB_FIRST(blk + 4, iv1);
+		blk += 8;
+		len -= 8;
+	}
+
+	ctx->iv0 = iv0;
+	ctx->iv1 = iv1;
+}
+
+void
+blowfish_decrypt_cbc(uint8 *blk, int len, BlowfishContext *ctx)
+{
+	uint32		xL,
+				xR,
+				out[2],
+				iv0,
+				iv1;
+
+	Assert((len & 7) == 0);
+
+	iv0 = ctx->iv0;
+	iv1 = ctx->iv1;
+
+	while (len > 0)
+	{
+		xL = GET_32BIT_MSB_FIRST(blk);
+		xR = GET_32BIT_MSB_FIRST(blk + 4);
+		blowfish_decrypt(xL, xR, out, ctx);
+		iv0 ^= out[0];
+		iv1 ^= out[1];
+		PUT_32BIT_MSB_FIRST(blk, iv0);
+		PUT_32BIT_MSB_FIRST(blk + 4, iv1);
+		iv0 = xL;
+		iv1 = xR;
+		blk += 8;
+		len -= 8;
+	}
+
+	ctx->iv0 = iv0;
+	ctx->iv1 = iv1;
+}
+
+void
+blowfish_encrypt_ecb(uint8 *blk, int len, BlowfishContext *ctx)
+{
+	uint32		xL,
+				xR,
+				out[2];
+
+	Assert((len & 7) == 0);
+
+	while (len > 0)
+	{
+		xL = GET_32BIT_MSB_FIRST(blk);
+		xR = GET_32BIT_MSB_FIRST(blk + 4);
+		blowfish_encrypt(xL, xR, out, ctx);
+		PUT_32BIT_MSB_FIRST(blk, out[0]);
+		PUT_32BIT_MSB_FIRST(blk + 4, out[1]);
+		blk += 8;
+		len -= 8;
+	}
+}
+
+void
+blowfish_decrypt_ecb(uint8 *blk, int len, BlowfishContext *ctx)
+{
+	uint32		xL,
+				xR,
+				out[2];
+
+	Assert((len & 7) == 0);
+
+	while (len > 0)
+	{
+		xL = GET_32BIT_MSB_FIRST(blk);
+		xR = GET_32BIT_MSB_FIRST(blk + 4);
+		blowfish_decrypt(xL, xR, out, ctx);
+		PUT_32BIT_MSB_FIRST(blk, out[0]);
+		PUT_32BIT_MSB_FIRST(blk + 4, out[1]);
+		blk += 8;
+		len -= 8;
+	}
+}
+
+void
+blowfish_setkey(BlowfishContext *ctx,
+				const uint8 *key, short keybytes)
+{
+	uint32	   *S0 = ctx->S0;
+	uint32	   *S1 = ctx->S1;
+	uint32	   *S2 = ctx->S2;
+	uint32	   *S3 = ctx->S3;
+	uint32	   *P = ctx->P;
+	uint32		str[2];
+	int			i;
+
+	Assert(keybytes > 0 && keybytes <= (448 / 8));
+
+	for (i = 0; i < 18; i++)
+	{
+		P[i] = parray[i];
+		P[i] ^= ((uint32) key[(i * 4 + 0) % keybytes]) << 24;
+		P[i] ^= ((uint32) key[(i * 4 + 1) % keybytes]) << 16;
+		P[i] ^= ((uint32) key[(i * 4 + 2) % keybytes]) << 8;
+		P[i] ^= ((uint32) key[(i * 4 + 3) % keybytes]);
+	}
+
+	for (i = 0; i < 256; i++)
+	{
+		S0[i] = sbox0[i];
+		S1[i] = sbox1[i];
+		S2[i] = sbox2[i];
+		S3[i] = sbox3[i];
+	}
+
+	str[0] = str[1] = 0;
+
+	for (i = 0; i < 18; i += 2)
+	{
+		blowfish_encrypt(str[0], str[1], str, ctx);
+		P[i] = str[0];
+		P[i + 1] = str[1];
+	}
+
+	for (i = 0; i < 256; i += 2)
+	{
+		blowfish_encrypt(str[0], str[1], str, ctx);
+		S0[i] = str[0];
+		S0[i + 1] = str[1];
+	}
+	for (i = 0; i < 256; i += 2)
+	{
+		blowfish_encrypt(str[0], str[1], str, ctx);
+		S1[i] = str[0];
+		S1[i + 1] = str[1];
+	}
+	for (i = 0; i < 256; i += 2)
+	{
+		blowfish_encrypt(str[0], str[1], str, ctx);
+		S2[i] = str[0];
+		S2[i + 1] = str[1];
+	}
+	for (i = 0; i < 256; i += 2)
+	{
+		blowfish_encrypt(str[0], str[1], str, ctx);
+		S3[i] = str[0];
+		S3[i + 1] = str[1];
+	}
+}
+
+void
+blowfish_setiv(BlowfishContext *ctx, const uint8 *iv)
+{
+	ctx->iv0 = GET_32BIT_MSB_FIRST(iv);
+	ctx->iv1 = GET_32BIT_MSB_FIRST(iv + 4);
+}

http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/blf.h
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/blf.h b/contrib/pgcrypto/blf.h
new file mode 100644
index 0000000..84aba37
--- /dev/null
+++ b/contrib/pgcrypto/blf.h
@@ -0,0 +1,46 @@
+/* contrib/pgcrypto/blf.h */
+/*
+ * PuTTY is copyright 1997-2007 Simon Tatham.
+ *
+ * Portions copyright Robert de Bath, Joris van Rantwijk, Delian
+ * Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry,
+ * Justin Bradford, Ben Harris, Malcolm Smith, Ahmad Khalifa, Markus
+ * Kuhn, and CORE SDI S.A.
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation files
+ * (the "Software"), to deal in the Software without restriction,
+ * including without limitation the rights to use, copy, modify, merge,
+ * publish, distribute, sublicense, and/or sell copies of the Software,
+ * and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE
+ * FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
+ * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+typedef struct
+{
+	uint32		S0[256],
+				S1[256],
+				S2[256],
+				S3[256],
+				P[18];
+	uint32		iv0,
+				iv1;			/* for CBC mode */
+} BlowfishContext;
+
+void		blowfish_setkey(BlowfishContext *ctx, const uint8 *key, short keybytes);
+void		blowfish_setiv(BlowfishContext *ctx, const uint8 *iv);
+void		blowfish_encrypt_cbc(uint8 *blk, int len, BlowfishContext *ctx);
+void		blowfish_decrypt_cbc(uint8 *blk, int len, BlowfishContext *ctx);
+void		blowfish_encrypt_ecb(uint8 *blk, int len, BlowfishContext *ctx);
+void		blowfish_decrypt_ecb(uint8 *blk, int len, BlowfishContext *ctx);

http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/crypt-blowfish.c
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/crypt-blowfish.c b/contrib/pgcrypto/crypt-blowfish.c
new file mode 100644
index 0000000..b49747d
--- /dev/null
+++ b/contrib/pgcrypto/crypt-blowfish.c
@@ -0,0 +1,735 @@
+/*
+ * contrib/pgcrypto/crypt-blowfish.c
+ *
+ * This code comes from John the Ripper password cracker, with reentrant
+ * and crypt(3) interfaces added, but optimizations specific to password
+ * cracking removed.
+ *
+ * Written by Solar Designer <solar at openwall.com> in 1998-2002 and
+ * placed in the public domain.
+ *
+ * There's absolutely no warranty.
+ *
+ * It is my intent that you should be able to use this on your system,
+ * as a part of a software package, or anywhere else to improve security,
+ * ensure compatibility, or for any other purpose. I would appreciate
+ * it if you give credit where it is due and keep your modifications in
+ * the public domain as well, but I don't require that in order to let
+ * you place this code and any modifications you make under a license
+ * of your choice.
+ *
+ * This implementation is compatible with OpenBSD bcrypt.c (version 2a)
+ * by Niels Provos <provos at citi.umich.edu>, and uses some of his
+ * ideas.  The password hashing algorithm was designed by David Mazieres
+ * <dm at lcs.mit.edu>.
+ *
+ * There's a paper on the algorithm that explains its design decisions:
+ *
+ *	http://www.usenix.org/events/usenix99/provos.html
+ *
+ * Some of the tricks in BF_ROUND might be inspired by Eric Young's
+ * Blowfish library (I can't be sure if I would think of something if I
+ * hadn't seen his code).
+ */
+
+#include "postgres.h"
+
+#include "px-crypt.h"
+
+#ifdef __i386__
+#define BF_ASM				0	/* 1 */
+#define BF_SCALE			1
+#elif defined(__x86_64__) || defined(__alpha__) || defined(__hppa__)
+#define BF_ASM				0
+#define BF_SCALE			1
+#else
+#define BF_ASM				0
+#define BF_SCALE			0
+#endif
+
+typedef unsigned int BF_word;
+typedef signed int BF_word_signed;
+
+/* Number of Blowfish rounds, this is also hardcoded into a few places */
+#define BF_N				16
+
+typedef BF_word BF_key[BF_N + 2];
+
+typedef struct
+{
+	BF_word		S[4][0x100];
+	BF_key		P;
+} BF_ctx;
+
+/*
+ * Magic IV for 64 Blowfish encryptions that we do at the end.
+ * The string is "OrpheanBeholderScryDoubt" on big-endian.
+ */
+static BF_word BF_magic_w[6] = {
+	0x4F727068, 0x65616E42, 0x65686F6C,
+	0x64657253, 0x63727944, 0x6F756274
+};
+
+/*
+ * P-box and S-box tables initialized with digits of Pi.
+ */
+static BF_ctx BF_init_state = {
+	{
+		{
+			0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7,
+			0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99,
+			0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16,
+			0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e,
+			0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee,
+			0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013,
+			0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef,
+			0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e,
+			0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60,
+			0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440,
+			0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce,
+			0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a,
+			0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e,
+			0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677,
+			0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193,
+			0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032,
+			0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88,
+			0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239,
+			0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e,
+			0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0,
+			0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3,
+			0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98,
+			0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88,
+			0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe,
+			0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6,
+			0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d,
+			0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b,
+			0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7,
+			0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba,
+			0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463,
+			0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f,
+			0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09,
+			0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3,
+			0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb,
+			0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279,
+			0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8,
+			0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab,
+			0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82,
+			0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db,
+			0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573,
+			0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0,
+			0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b,
+			0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790,
+			0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8,
+			0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4,
+			0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0,
+			0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7,
+			0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c,
+			0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad,
+			0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1,
+			0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299,
+			0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9,
+			0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477,
+			0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf,
+			0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49,
+			0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af,
+			0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa,
+			0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5,
+			0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41,
+			0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915,
+			0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400,
+			0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915,
+			0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664,
+			0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a
+		}, {
+			0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623,
+			0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266,
+			0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1,
+			0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e,
+			0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6,
+			0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1,
+			0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e,
+			0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1,
+			0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737,
+			0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8,
+			0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff,
+			0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd,
+			0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701,
+			0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7,
+			0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41,
+			0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331,
+			0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf,
+			0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af,
+			0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e,
+			0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87,
+			0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c,
+			0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2,
+			0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16,
+			0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd,
+			0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b,
+			0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509,
+			0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e,
+			0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3,
+			0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f,
+			0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a,
+			0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4,
+			0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960,
+			0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66,
+			0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28,
+			0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802,
+			0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84,
+			0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510,
+			0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf,
+			0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14,
+			0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e,
+			0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50,
+			0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7,
+			0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8,
+			0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281,
+			0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99,
+			0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696,
+			0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128,
+			0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73,
+			0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0,
+			0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0,
+			0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105,
+			0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250,
+			0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3,
+			0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285,
+			0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00,
+			0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061,
+			0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb,
+			0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e,
+			0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735,
+			0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc,
+			0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9,
+			0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340,
+			0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20,
+			0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7
+		}, {
+			0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934,
+			0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068,
+			0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af,
+			0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840,
+			0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45,
+			0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504,
+			0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a,
+			0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb,
+			0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee,
+			0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6,
+			0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42,
+			0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b,
+			0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2,
+			0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb,
+			0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527,
+			0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b,
+			0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33,
+			0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c,
+			0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3,
+			0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc,
+			0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17,
+			0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564,
+			0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b,
+			0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115,
+			0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922,
+			0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728,
+			0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0,
+			0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e,
+			0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37,
+			0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d,
+			0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804,
+			0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b,
+			0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3,
+			0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb,
+			0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d,
+			0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c,
+			0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350,
+			0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9,
+			0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a,
+			0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe,
+			0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d,
+			0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc,
+			0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f,
+			0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61,
+			0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2,
+			0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9,
+			0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2,
+			0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c,
+			0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e,
+			0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633,
+			0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10,
+			0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169,
+			0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52,
+			0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027,
+			0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5,
+			0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62,
+			0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634,
+			0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76,
+			0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24,
+			0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc,
+			0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4,
+			0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c,
+			0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837,
+			0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0
+		}, {
+			0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b,
+			0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe,
+			0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b,
+			0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4,
+			0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8,
+			0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6,
+			0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304,
+			0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22,
+			0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4,
+			0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6,
+			0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9,
+			0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59,
+			0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593,
+			0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51,
+			0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28,
+			0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c,
+			0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b,
+			0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28,
+			0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c,
+			0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd,
+			0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a,
+			0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319,
+			0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb,
+			0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f,
+			0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991,
+			0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32,
+			0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680,
+			0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166,
+			0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae,
+			0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb,
+			0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5,
+			0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47,
+			0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370,
+			0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d,
+			0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84,
+			0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048,
+			0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8,
+			0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd,
+			0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9,
+			0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7,
+			0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38,
+			0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f,
+			0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c,
+			0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525,
+			0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1,
+			0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442,
+			0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964,
+			0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e,
+			0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8,
+			0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d,
+			0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f,
+			0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299,
+			0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02,
+			0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc,
+			0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614,
+			0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a,
+			0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6,
+			0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b,
+			0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0,
+			0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060,
+			0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e,
+			0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9,
+			0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f,
+			0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6
+		}
+	}, {
+		0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344,
+		0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89,
+		0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c,
+		0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917,
+		0x9216d5d9, 0x8979fb1b
+	}
+};
+
+static unsigned char BF_itoa64[64 + 1] =
+"./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+
+static unsigned char BF_atoi64[0x60] = {
+	64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 0, 1,
+	54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 64, 64, 64, 64, 64,
+	64, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
+	17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 64, 64, 64, 64, 64,
+	64, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42,
+	43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 64, 64, 64, 64, 64
+};
+
+#define BF_safe_atoi64(dst, src) \
+do { \
+	tmp = (unsigned char)(src); \
+	if ((unsigned int)(tmp -= 0x20) >= 0x60) return -1; \
+	tmp = BF_atoi64[tmp]; \
+	if (tmp > 63) return -1; \
+	(dst) = tmp; \
+} while (0)
+
+static int
+BF_decode(BF_word *dst, const char *src, int size)
+{
+	unsigned char *dptr = (unsigned char *) dst;
+	unsigned char *end = dptr + size;
+	const unsigned char *sptr = (const unsigned char *) src;
+	unsigned int tmp,
+				c1,
+				c2,
+				c3,
+				c4;
+
+	do
+	{
+		BF_safe_atoi64(c1, *sptr++);
+		BF_safe_atoi64(c2, *sptr++);
+		*dptr++ = (c1 << 2) | ((c2 & 0x30) >> 4);
+		if (dptr >= end)
+			break;
+
+		BF_safe_atoi64(c3, *sptr++);
+		*dptr++ = ((c2 & 0x0F) << 4) | ((c3 & 0x3C) >> 2);
+		if (dptr >= end)
+			break;
+
+		BF_safe_atoi64(c4, *sptr++);
+		*dptr++ = ((c3 & 0x03) << 6) | c4;
+	} while (dptr < end);
+
+	return 0;
+}
+
+static void
+BF_encode(char *dst, const BF_word *src, int size)
+{
+	const unsigned char *sptr = (const unsigned char *) src;
+	const unsigned char *end = sptr + size;
+	unsigned char *dptr = (unsigned char *) dst;
+	unsigned int c1,
+				c2;
+
+	do
+	{
+		c1 = *sptr++;
+		*dptr++ = BF_itoa64[c1 >> 2];
+		c1 = (c1 & 0x03) << 4;
+		if (sptr >= end)
+		{
+			*dptr++ = BF_itoa64[c1];
+			break;
+		}
+
+		c2 = *sptr++;
+		c1 |= c2 >> 4;
+		*dptr++ = BF_itoa64[c1];
+		c1 = (c2 & 0x0f) << 2;
+		if (sptr >= end)
+		{
+			*dptr++ = BF_itoa64[c1];
+			break;
+		}
+
+		c2 = *sptr++;
+		c1 |= c2 >> 6;
+		*dptr++ = BF_itoa64[c1];
+		*dptr++ = BF_itoa64[c2 & 0x3f];
+	} while (sptr < end);
+}
+
+static void
+BF_swap(BF_word *x, int count)
+{
+	/* Swap on little-endian hardware, else do nothing */
+#ifndef WORDS_BIGENDIAN
+	BF_word		tmp;
+
+	do
+	{
+		tmp = *x;
+		tmp = (tmp << 16) | (tmp >> 16);
+		*x++ = ((tmp & 0x00FF00FF) << 8) | ((tmp >> 8) & 0x00FF00FF);
+	} while (--count);
+#endif
+}
+
+#if BF_SCALE
+/* Architectures which can shift addresses left by 2 bits with no extra cost */
+#define BF_ROUND(L, R, N) \
+	tmp1 = (L) & 0xFF; \
+	tmp2 = (L) >> 8; \
+	tmp2 &= 0xFF; \
+	tmp3 = (L) >> 16; \
+	tmp3 &= 0xFF; \
+	tmp4 = (L) >> 24; \
+	tmp1 = data.ctx.S[3][tmp1]; \
+	tmp2 = data.ctx.S[2][tmp2]; \
+	tmp3 = data.ctx.S[1][tmp3]; \
+	tmp3 += data.ctx.S[0][tmp4]; \
+	tmp3 ^= tmp2; \
+	(R) ^= data.ctx.P[(N) + 1]; \
+	tmp3 += tmp1; \
+	(R) ^= tmp3;
+#else
+/* Architectures with no complicated addressing modes supported */
+#define BF_INDEX(S, i) \
+	(*((BF_word *)(((unsigned char *)(S)) + (i))))
+#define BF_ROUND(L, R, N) \
+	tmp1 = (L) & 0xFF; \
+	tmp1 <<= 2; \
+	tmp2 = (L) >> 6; \
+	tmp2 &= 0x3FC; \
+	tmp3 = (L) >> 14; \
+	tmp3 &= 0x3FC; \
+	tmp4 = (L) >> 22; \
+	tmp4 &= 0x3FC; \
+	tmp1 = BF_INDEX(data.ctx.S[3], tmp1); \
+	tmp2 = BF_INDEX(data.ctx.S[2], tmp2); \
+	tmp3 = BF_INDEX(data.ctx.S[1], tmp3); \
+	tmp3 += BF_INDEX(data.ctx.S[0], tmp4); \
+	tmp3 ^= tmp2; \
+	(R) ^= data.ctx.P[(N) + 1]; \
+	tmp3 += tmp1; \
+	(R) ^= tmp3;
+#endif
+
+/*
+ * Encrypt one block, BF_N is hardcoded here.
+ */
+#define BF_ENCRYPT \
+	L ^= data.ctx.P[0]; \
+	BF_ROUND(L, R, 0); \
+	BF_ROUND(R, L, 1); \
+	BF_ROUND(L, R, 2); \
+	BF_ROUND(R, L, 3); \
+	BF_ROUND(L, R, 4); \
+	BF_ROUND(R, L, 5); \
+	BF_ROUND(L, R, 6); \
+	BF_ROUND(R, L, 7); \
+	BF_ROUND(L, R, 8); \
+	BF_ROUND(R, L, 9); \
+	BF_ROUND(L, R, 10); \
+	BF_ROUND(R, L, 11); \
+	BF_ROUND(L, R, 12); \
+	BF_ROUND(R, L, 13); \
+	BF_ROUND(L, R, 14); \
+	BF_ROUND(R, L, 15); \
+	tmp4 = R; \
+	R = L; \
+	L = tmp4 ^ data.ctx.P[BF_N + 1];
+
+#if BF_ASM
+
+extern void _BF_body_r(BF_ctx *ctx);
+
+#define BF_body() \
+	_BF_body_r(&data.ctx);
+#else
+
+#define BF_body() \
+	L = R = 0; \
+	ptr = data.ctx.P; \
+	do { \
+		ptr += 2; \
+		BF_ENCRYPT; \
+		*(ptr - 2) = L; \
+		*(ptr - 1) = R; \
+	} while (ptr < &data.ctx.P[BF_N + 2]); \
+\
+	ptr = data.ctx.S[0]; \
+	do { \
+		ptr += 2; \
+		BF_ENCRYPT; \
+		*(ptr - 2) = L; \
+		*(ptr - 1) = R; \
+	} while (ptr < &data.ctx.S[3][0xFF]);
+#endif
+
+static void
+BF_set_key(const char *key, BF_key expanded, BF_key initial,
+		   int sign_extension_bug)
+{
+	const char *ptr = key;
+	int			i,
+				j;
+	BF_word		tmp;
+
+	for (i = 0; i < BF_N + 2; i++)
+	{
+		tmp = 0;
+		for (j = 0; j < 4; j++)
+		{
+			tmp <<= 8;
+			if (sign_extension_bug)
+				tmp |= (BF_word_signed) (signed char) *ptr;
+			else
+				tmp |= (unsigned char) *ptr;
+
+			if (!*ptr)
+				ptr = key;
+			else
+				ptr++;
+		}
+
+		expanded[i] = tmp;
+		initial[i] = BF_init_state.P[i] ^ tmp;
+	}
+}
+
+char *
+_crypt_blowfish_rn(const char *key, const char *setting,
+				   char *output, int size)
+{
+	struct
+	{
+		BF_ctx		ctx;
+		BF_key		expanded_key;
+		union
+		{
+			BF_word		salt[4];
+			BF_word		output[6];
+		}			binary;
+	}			data;
+	BF_word		L,
+				R;
+	BF_word		tmp1,
+				tmp2,
+				tmp3,
+				tmp4;
+	BF_word    *ptr;
+	BF_word		count;
+	int			i;
+
+	if (size < 7 + 22 + 31 + 1)
+		return NULL;
+
+	if (setting[0] != '$' ||
+		setting[1] != '2' ||
+		(setting[2] != 'a' && setting[2] != 'x') ||
+		setting[3] != '$' ||
+		setting[4] < '0' || setting[4] > '3' ||
+		setting[5] < '0' || setting[5] > '9' ||
+		(setting[4] == '3' && setting[5] > '1') ||
+		setting[6] != '$')
+	{
+		return NULL;
+	}
+
+	count = (BF_word) 1 << ((setting[4] - '0') * 10 + (setting[5] - '0'));
+	if (count < 16 || BF_decode(data.binary.salt, &setting[7], 16))
+	{
+		memset(data.binary.salt, 0, sizeof(data.binary.salt));
+		return NULL;
+	}
+	BF_swap(data.binary.salt, 4);
+
+	BF_set_key(key, data.expanded_key, data.ctx.P, setting[2] == 'x');
+
+	memcpy(data.ctx.S, BF_init_state.S, sizeof(data.ctx.S));
+
+	L = R = 0;
+	for (i = 0; i < BF_N + 2; i += 2)
+	{
+		L ^= data.binary.salt[i & 2];
+		R ^= data.binary.salt[(i & 2) + 1];
+		BF_ENCRYPT;
+		data.ctx.P[i] = L;
+		data.ctx.P[i + 1] = R;
+	}
+
+	ptr = data.ctx.S[0];
+	do
+	{
+		ptr += 4;
+		L ^= data.binary.salt[(BF_N + 2) & 3];
+		R ^= data.binary.salt[(BF_N + 3) & 3];
+		BF_ENCRYPT;
+		*(ptr - 4) = L;
+		*(ptr - 3) = R;
+
+		L ^= data.binary.salt[(BF_N + 4) & 3];
+		R ^= data.binary.salt[(BF_N + 5) & 3];
+		BF_ENCRYPT;
+		*(ptr - 2) = L;
+		*(ptr - 1) = R;
+	} while (ptr < &data.ctx.S[3][0xFF]);
+
+	do
+	{
+		data.ctx.P[0] ^= data.expanded_key[0];
+		data.ctx.P[1] ^= data.expanded_key[1];
+		data.ctx.P[2] ^= data.expanded_key[2];
+		data.ctx.P[3] ^= data.expanded_key[3];
+		data.ctx.P[4] ^= data.expanded_key[4];
+		data.ctx.P[5] ^= data.expanded_key[5];
+		data.ctx.P[6] ^= data.expanded_key[6];
+		data.ctx.P[7] ^= data.expanded_key[7];
+		data.ctx.P[8] ^= data.expanded_key[8];
+		data.ctx.P[9] ^= data.expanded_key[9];
+		data.ctx.P[10] ^= data.expanded_key[10];
+		data.ctx.P[11] ^= data.expanded_key[11];
+		data.ctx.P[12] ^= data.expanded_key[12];
+		data.ctx.P[13] ^= data.expanded_key[13];
+		data.ctx.P[14] ^= data.expanded_key[14];
+		data.ctx.P[15] ^= data.expanded_key[15];
+		data.ctx.P[16] ^= data.expanded_key[16];
+		data.ctx.P[17] ^= data.expanded_key[17];
+
+		BF_body();
+
+		tmp1 = data.binary.salt[0];
+		tmp2 = data.binary.salt[1];
+		tmp3 = data.binary.salt[2];
+		tmp4 = data.binary.salt[3];
+		data.ctx.P[0] ^= tmp1;
+		data.ctx.P[1] ^= tmp2;
+		data.ctx.P[2] ^= tmp3;
+		data.ctx.P[3] ^= tmp4;
+		data.ctx.P[4] ^= tmp1;
+		data.ctx.P[5] ^= tmp2;
+		data.ctx.P[6] ^= tmp3;
+		data.ctx.P[7] ^= tmp4;
+		data.ctx.P[8] ^= tmp1;
+		data.ctx.P[9] ^= tmp2;
+		data.ctx.P[10] ^= tmp3;
+		data.ctx.P[11] ^= tmp4;
+		data.ctx.P[12] ^= tmp1;
+		data.ctx.P[13] ^= tmp2;
+		data.ctx.P[14] ^= tmp3;
+		data.ctx.P[15] ^= tmp4;
+		data.ctx.P[16] ^= tmp1;
+		data.ctx.P[17] ^= tmp2;
+
+		BF_body();
+	} while (--count);
+
+	for (i = 0; i < 6; i += 2)
+	{
+		L = BF_magic_w[i];
+		R = BF_magic_w[i + 1];
+
+		count = 64;
+		do
+		{
+			BF_ENCRYPT;
+		} while (--count);
+
+		data.binary.output[i] = L;
+		data.binary.output[i + 1] = R;
+	}
+
+	memcpy(output, setting, 7 + 22 - 1);
+	output[7 + 22 - 1] = BF_itoa64[(int)
+						 BF_atoi64[(int) setting[7 + 22 - 1] - 0x20] & 0x30];
+
+/* This has to be bug-compatible with the original implementation, so
+ * only encode 23 of the 24 bytes. :-) */
+	BF_swap(data.binary.output, 6);
+	BF_encode(&output[7 + 22], data.binary.output, 23);
+	output[7 + 22 + 31] = '\0';
+
+/* Overwrite the most obvious sensitive data we have on the stack. Note
+ * that this does not guarantee there's no sensitive data left on the
+ * stack and/or in registers; I'm not aware of portable code that does. */
+	memset(&data, 0, sizeof(data));
+
+	return output;
+}

http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/crypt-des.c
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/crypt-des.c b/contrib/pgcrypto/crypt-des.c
new file mode 100644
index 0000000..cc2e76a
--- /dev/null
+++ b/contrib/pgcrypto/crypt-des.c
@@ -0,0 +1,774 @@
+/*
+ * FreeSec: libcrypt for NetBSD
+ *
+ * contrib/pgcrypto/crypt-des.c
+ *
+ * Copyright (c) 1994 David Burren
+ * All rights reserved.
+ *
+ * Adapted for FreeBSD-2.0 by Geoffrey M. Rehmet
+ *	this file should now *only* export crypt(), in order to make
+ *	binaries of libcrypt exportable from the USA
+ *
+ * Adapted for FreeBSD-4.0 by Mark R V Murray
+ *	this file should now *only* export crypt_des(), in order to make
+ *	a module that can be optionally included in libcrypt.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *	  notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *	  notice, this list of conditions and the following disclaimer in the
+ *	  documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the author nor the names of other contributors
+ *	  may be used to endorse or promote products derived from this software
+ *	  without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.	IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD: src/secure/lib/libcrypt/crypt-des.c,v 1.12 1999/09/20 12:39:20 markm Exp $
+ *
+ * This is an original implementation of the DES and the crypt(3) interfaces
+ * by David Burren <davidb@werj.com.au>.
+ *
+ * An excellent reference on the underlying algorithm (and related
+ * algorithms) is:
+ *
+ *	B. Schneier, Applied Cryptography: protocols, algorithms,
+ *	and source code in C, John Wiley & Sons, 1994.
+ *
+ * Note that in that book's description of DES the lookups for the initial,
+ * pbox, and final permutations are inverted (this has been brought to the
+ * attention of the author).  A list of errata for this book has been
+ * posted to the sci.crypt newsgroup by the author and is available for FTP.
+ *
+ * ARCHITECTURE ASSUMPTIONS:
+ *	It is assumed that the 8-byte arrays passed by reference can be
+ *	addressed as arrays of uint32's (ie. the CPU is not picky about
+ *	alignment).
+ */
+
+#include "postgres.h"
+
+#include "px-crypt.h"
+
+/* for ntohl/htonl */
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#define _PASSWORD_EFMT1 '_'
+
+static const char _crypt_a64[] =
+"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+static uint8 IP[64] = {
+	58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4,
+	62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8,
+	57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3,
+	61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7
+};
+
+static uint8 inv_key_perm[64];
+static uint8 u_key_perm[56];
+static uint8 key_perm[56] = {
+	57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18,
+	10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36,
+	63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22,
+	14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4
+};
+
+static uint8 key_shifts[16] = {
+	1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
+};
+
+static uint8 inv_comp_perm[56];
+static uint8 comp_perm[48] = {
+	14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10,
+	23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2,
+	41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48,
+	44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32
+};
+
+/*
+ *	No E box is used, as it's replaced by some ANDs, shifts, and ORs.
+ */
+
+static uint8 u_sbox[8][64];
+static uint8 sbox[8][64] = {
+	{
+		14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
+		0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
+		4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
+		15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13
+	},
+	{
+		15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
+		3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
+		0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
+		13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9
+	},
+	{
+		10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
+		13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
+		13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
+		1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12
+	},
+	{
+		7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
+		13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
+		10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
+		3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14
+	},
+	{
+		2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
+		14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
+		4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
+		11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3
+	},
+	{
+		12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
+		10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
+		9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
+		4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13
+	},
+	{
+		4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
+		13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
+		1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
+		6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12
+	},
+	{
+		13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
+		1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
+		7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
+		2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11
+	}
+};
+
+static uint8 un_pbox[32];
+static uint8 pbox[32] = {
+	16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10,
+	2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25
+};
+
+static uint32 _crypt_bits32[32] =
+{
+	0x80000000, 0x40000000, 0x20000000, 0x10000000,
+	0x08000000, 0x04000000, 0x02000000, 0x01000000,
+	0x00800000, 0x00400000, 0x00200000, 0x00100000,
+	0x00080000, 0x00040000, 0x00020000, 0x00010000,
+	0x00008000, 0x00004000, 0x00002000, 0x00001000,
+	0x00000800, 0x00000400, 0x00000200, 0x00000100,
+	0x00000080, 0x00000040, 0x00000020, 0x00000010,
+	0x00000008, 0x00000004, 0x00000002, 0x00000001
+};
+
+static uint8 _crypt_bits8[8] = {0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01};
+
+static uint32 saltbits;
+static long old_salt;
+static uint32 *bits28,
+		   *bits24;
+static uint8 init_perm[64],
+			final_perm[64];
+static uint32 en_keysl[16],
+			en_keysr[16];
+static uint32 de_keysl[16],
+			de_keysr[16];
+static int	des_initialised = 0;
+static uint8 m_sbox[4][4096];
+static uint32 psbox[4][256];
+static uint32 ip_maskl[8][256],
+			ip_maskr[8][256];
+static uint32 fp_maskl[8][256],
+			fp_maskr[8][256];
+static uint32 key_perm_maskl[8][128],
+			key_perm_maskr[8][128];
+static uint32 comp_maskl[8][128],
+			comp_maskr[8][128];
+static uint32 old_rawkey0,
+			old_rawkey1;
+
+static inline int
+ascii_to_bin(char ch)
+{
+	if (ch > 'z')
+		return (0);
+	if (ch >= 'a')
+		return (ch - 'a' + 38);
+	if (ch > 'Z')
+		return (0);
+	if (ch >= 'A')
+		return (ch - 'A' + 12);
+	if (ch > '9')
+		return (0);
+	if (ch >= '.')
+		return (ch - '.');
+	return (0);
+}
+
+static void
+des_init(void)
+{
+	int			i,
+				j,
+				b,
+				k,
+				inbit,
+				obit;
+	uint32	   *p,
+			   *il,
+			   *ir,
+			   *fl,
+			   *fr;
+
+	old_rawkey0 = old_rawkey1 = 0L;
+	saltbits = 0L;
+	old_salt = 0L;
+	bits24 = (bits28 = _crypt_bits32 + 4) + 4;
+
+	/*
+	 * Invert the S-boxes, reordering the input bits.
+	 */
+	for (i = 0; i < 8; i++)
+		for (j = 0; j < 64; j++)
+		{
+			b = (j & 0x20) | ((j & 1) << 4) | ((j >> 1) & 0xf);
+			u_sbox[i][j] = sbox[i][b];
+		}
+
+	/*
+	 * Convert the inverted S-boxes into 4 arrays of 8 bits. Each will handle
+	 * 12 bits of the S-box input.
+	 */
+	for (b = 0; b < 4; b++)
+		for (i = 0; i < 64; i++)
+			for (j = 0; j < 64; j++)
+				m_sbox[b][(i << 6) | j] =
+					(u_sbox[(b << 1)][i] << 4) |
+					u_sbox[(b << 1) + 1][j];
+
+	/*
+	 * Set up the initial & final permutations into a useful form, and
+	 * initialise the inverted key permutation.
+	 */
+	for (i = 0; i < 64; i++)
+	{
+		init_perm[final_perm[i] = IP[i] - 1] = i;
+		inv_key_perm[i] = 255;
+	}
+
+	/*
+	 * Invert the key permutation and initialise the inverted key compression
+	 * permutation.
+	 */
+	for (i = 0; i < 56; i++)
+	{
+		u_key_perm[i] = key_perm[i] - 1;
+		inv_key_perm[key_perm[i] - 1] = i;
+		inv_comp_perm[i] = 255;
+	}
+
+	/*
+	 * Invert the key compression permutation.
+	 */
+	for (i = 0; i < 48; i++)
+		inv_comp_perm[comp_perm[i] - 1] = i;
+
+	/*
+	 * Set up the OR-mask arrays for the initial and final permutations, and
+	 * for the key initial and compression permutations.
+	 */
+	for (k = 0; k < 8; k++)
+	{
+		for (i = 0; i < 256; i++)
+		{
+			*(il = &ip_maskl[k][i]) = 0L;
+			*(ir = &ip_maskr[k][i]) = 0L;
+			*(fl = &fp_maskl[k][i]) = 0L;
+			*(fr = &fp_maskr[k][i]) = 0L;
+			for (j = 0; j < 8; j++)
+			{
+				inbit = 8 * k + j;
+				if (i & _crypt_bits8[j])
+				{
+					if ((obit = init_perm[inbit]) < 32)
+						*il |= _crypt_bits32[obit];
+					else
+						*ir |= _crypt_bits32[obit - 32];
+					if ((obit = final_perm[inbit]) < 32)
+						*fl |= _crypt_bits32[obit];
+					else
+						*fr |= _crypt_bits32[obit - 32];
+				}
+			}
+		}
+		for (i = 0; i < 128; i++)
+		{
+			*(il = &key_perm_maskl[k][i]) = 0L;
+			*(ir = &key_perm_maskr[k][i]) = 0L;
+			for (j = 0; j < 7; j++)
+			{
+				inbit = 8 * k + j;
+				if (i & _crypt_bits8[j + 1])
+				{
+					if ((obit = inv_key_perm[inbit]) == 255)
+						continue;
+					if (obit < 28)
+						*il |= bits28[obit];
+					else
+						*ir |= bits28[obit - 28];
+				}
+			}
+			*(il = &comp_maskl[k][i]) = 0L;
+			*(ir = &comp_maskr[k][i]) = 0L;
+			for (j = 0; j < 7; j++)
+			{
+				inbit = 7 * k + j;
+				if (i & _crypt_bits8[j + 1])
+				{
+					if ((obit = inv_comp_perm[inbit]) == 255)
+						continue;
+					if (obit < 24)
+						*il |= bits24[obit];
+					else
+						*ir |= bits24[obit - 24];
+				}
+			}
+		}
+	}
+
+	/*
+	 * Invert the P-box permutation, and convert into OR-masks for handling
+	 * the output of the S-box arrays setup above.
+	 */
+	for (i = 0; i < 32; i++)
+		un_pbox[pbox[i] - 1] = i;
+
+	for (b = 0; b < 4; b++)
+		for (i = 0; i < 256; i++)
+		{
+			*(p = &psbox[b][i]) = 0L;
+			for (j = 0; j < 8; j++)
+			{
+				if (i & _crypt_bits8[j])
+					*p |= _crypt_bits32[un_pbox[8 * b + j]];
+			}
+		}
+
+	des_initialised = 1;
+}
+
+static void
+setup_salt(long salt)
+{
+	uint32		obit,
+				saltbit;
+	int			i;
+
+	if (salt == old_salt)
+		return;
+	old_salt = salt;
+
+	saltbits = 0L;
+	saltbit = 1;
+	obit = 0x800000;
+	for (i = 0; i < 24; i++)
+	{
+		if (salt & saltbit)
+			saltbits |= obit;
+		saltbit <<= 1;
+		obit >>= 1;
+	}
+}
+
+static int
+des_setkey(const char *key)
+{
+	uint32		k0,
+				k1,
+				rawkey0,
+				rawkey1;
+	int			shifts,
+				round;
+
+	if (!des_initialised)
+		des_init();
+
+	rawkey0 = ntohl(*(const uint32 *) key);
+	rawkey1 = ntohl(*(const uint32 *) (key + 4));
+
+	if ((rawkey0 | rawkey1)
+		&& rawkey0 == old_rawkey0
+		&& rawkey1 == old_rawkey1)
+	{
+		/*
+		 * Already setup for this key. This optimisation fails on a zero key
+		 * (which is weak and has bad parity anyway) in order to simplify the
+		 * starting conditions.
+		 */
+		return (0);
+	}
+	old_rawkey0 = rawkey0;
+	old_rawkey1 = rawkey1;
+
+	/*
+	 * Do key permutation and split into two 28-bit subkeys.
+	 */
+	k0 = key_perm_maskl[0][rawkey0 >> 25]
+		| key_perm_maskl[1][(rawkey0 >> 17) & 0x7f]
+		| key_perm_maskl[2][(rawkey0 >> 9) & 0x7f]
+		| key_perm_maskl[3][(rawkey0 >> 1) & 0x7f]
+		| key_perm_maskl[4][rawkey1 >> 25]
+		| key_perm_maskl[5][(rawkey1 >> 17) & 0x7f]
+		| key_perm_maskl[6][(rawkey1 >> 9) & 0x7f]
+		| key_perm_maskl[7][(rawkey1 >> 1) & 0x7f];
+	k1 = key_perm_maskr[0][rawkey0 >> 25]
+		| key_perm_maskr[1][(rawkey0 >> 17) & 0x7f]
+		| key_perm_maskr[2][(rawkey0 >> 9) & 0x7f]
+		| key_perm_maskr[3][(rawkey0 >> 1) & 0x7f]
+		| key_perm_maskr[4][rawkey1 >> 25]
+		| key_perm_maskr[5][(rawkey1 >> 17) & 0x7f]
+		| key_perm_maskr[6][(rawkey1 >> 9) & 0x7f]
+		| key_perm_maskr[7][(rawkey1 >> 1) & 0x7f];
+
+	/*
+	 * Rotate subkeys and do compression permutation.
+	 */
+	shifts = 0;
+	for (round = 0; round < 16; round++)
+	{
+		uint32		t0,
+					t1;
+
+		shifts += key_shifts[round];
+
+		t0 = (k0 << shifts) | (k0 >> (28 - shifts));
+		t1 = (k1 << shifts) | (k1 >> (28 - shifts));
+
+		de_keysl[15 - round] =
+			en_keysl[round] = comp_maskl[0][(t0 >> 21) & 0x7f]
+			| comp_maskl[1][(t0 >> 14) & 0x7f]
+			| comp_maskl[2][(t0 >> 7) & 0x7f]
+			| comp_maskl[3][t0 & 0x7f]
+			| comp_maskl[4][(t1 >> 21) & 0x7f]
+			| comp_maskl[5][(t1 >> 14) & 0x7f]
+			| comp_maskl[6][(t1 >> 7) & 0x7f]
+			| comp_maskl[7][t1 & 0x7f];
+
+		de_keysr[15 - round] =
+			en_keysr[round] = comp_maskr[0][(t0 >> 21) & 0x7f]
+			| comp_maskr[1][(t0 >> 14) & 0x7f]
+			| comp_maskr[2][(t0 >> 7) & 0x7f]
+			| comp_maskr[3][t0 & 0x7f]
+			| comp_maskr[4][(t1 >> 21) & 0x7f]
+			| comp_maskr[5][(t1 >> 14) & 0x7f]
+			| comp_maskr[6][(t1 >> 7) & 0x7f]
+			| comp_maskr[7][t1 & 0x7f];
+	}
+	return (0);
+}
+
+static int
+do_des(uint32 l_in, uint32 r_in, uint32 *l_out, uint32 *r_out, int count)
+{
+	/*
+	 * l_in, r_in, l_out, and r_out are in pseudo-"big-endian" format.
+	 */
+	uint32		l,
+				r,
+			   *kl,
+			   *kr,
+			   *kl1,
+			   *kr1;
+	uint32		f,
+				r48l,
+				r48r;
+	int			round;
+
+	if (count == 0)
+		return (1);
+	else if (count > 0)
+	{
+		/*
+		 * Encrypting
+		 */
+		kl1 = en_keysl;
+		kr1 = en_keysr;
+	}
+	else
+	{
+		/*
+		 * Decrypting
+		 */
+		count = -count;
+		kl1 = de_keysl;
+		kr1 = de_keysr;
+	}
+
+	/*
+	 * Do initial permutation (IP).
+	 */
+	l = ip_maskl[0][l_in >> 24]
+		| ip_maskl[1][(l_in >> 16) & 0xff]
+		| ip_maskl[2][(l_in >> 8) & 0xff]
+		| ip_maskl[3][l_in & 0xff]
+		| ip_maskl[4][r_in >> 24]
+		| ip_maskl[5][(r_in >> 16) & 0xff]
+		| ip_maskl[6][(r_in >> 8) & 0xff]
+		| ip_maskl[7][r_in & 0xff];
+	r = ip_maskr[0][l_in >> 24]
+		| ip_maskr[1][(l_in >> 16) & 0xff]
+		| ip_maskr[2][(l_in >> 8) & 0xff]
+		| ip_maskr[3][l_in & 0xff]
+		| ip_maskr[4][r_in >> 24]
+		| ip_maskr[5][(r_in >> 16) & 0xff]
+		| ip_maskr[6][(r_in >> 8) & 0xff]
+		| ip_maskr[7][r_in & 0xff];
+
+	while (count--)
+	{
+		/*
+		 * Do each round.
+		 */
+		kl = kl1;
+		kr = kr1;
+		round = 16;
+		while (round--)
+		{
+			/*
+			 * Expand R to 48 bits (simulate the E-box).
+			 */
+			r48l = ((r & 0x00000001) << 23)
+				| ((r & 0xf8000000) >> 9)
+				| ((r & 0x1f800000) >> 11)
+				| ((r & 0x01f80000) >> 13)
+				| ((r & 0x001f8000) >> 15);
+
+			r48r = ((r & 0x0001f800) << 7)
+				| ((r & 0x00001f80) << 5)
+				| ((r & 0x000001f8) << 3)
+				| ((r & 0x0000001f) << 1)
+				| ((r & 0x80000000) >> 31);
+
+			/*
+			 * Do salting for crypt() and friends, and XOR with the permuted
+			 * key.
+			 */
+			f = (r48l ^ r48r) & saltbits;
+			r48l ^= f ^ *kl++;
+			r48r ^= f ^ *kr++;
+
+			/*
+			 * Do sbox lookups (which shrink it back to 32 bits) and do the
+			 * pbox permutation at the same time.
+			 */
+			f = psbox[0][m_sbox[0][r48l >> 12]]
+				| psbox[1][m_sbox[1][r48l & 0xfff]]
+				| psbox[2][m_sbox[2][r48r >> 12]]
+				| psbox[3][m_sbox[3][r48r & 0xfff]];
+
+			/*
+			 * Now that we've permuted things, complete f().
+			 */
+			f ^= l;
+			l = r;
+			r = f;
+		}
+		r = l;
+		l = f;
+	}
+
+	/*
+	 * Do final permutation (inverse of IP).
+	 */
+	*l_out = fp_maskl[0][l >> 24]
+		| fp_maskl[1][(l >> 16) & 0xff]
+		| fp_maskl[2][(l >> 8) & 0xff]
+		| fp_maskl[3][l & 0xff]
+		| fp_maskl[4][r >> 24]
+		| fp_maskl[5][(r >> 16) & 0xff]
+		| fp_maskl[6][(r >> 8) & 0xff]
+		| fp_maskl[7][r & 0xff];
+	*r_out = fp_maskr[0][l >> 24]
+		| fp_maskr[1][(l >> 16) & 0xff]
+		| fp_maskr[2][(l >> 8) & 0xff]
+		| fp_maskr[3][l & 0xff]
+		| fp_maskr[4][r >> 24]
+		| fp_maskr[5][(r >> 16) & 0xff]
+		| fp_maskr[6][(r >> 8) & 0xff]
+		| fp_maskr[7][r & 0xff];
+	return (0);
+}
+
+static int
+des_cipher(const char *in, char *out, long salt, int count)
+{
+	uint32		buffer[2];
+	uint32		l_out,
+				r_out,
+				rawl,
+				rawr;
+	int			retval;
+
+	if (!des_initialised)
+		des_init();
+
+	setup_salt(salt);
+
+	/* copy data to avoid assuming input is word-aligned */
+	memcpy(buffer, in, sizeof(buffer));
+
+	rawl = ntohl(buffer[0]);
+	rawr = ntohl(buffer[1]);
+
+	retval = do_des(rawl, rawr, &l_out, &r_out, count);
+
+	buffer[0] = htonl(l_out);
+	buffer[1] = htonl(r_out);
+
+	/* copy data to avoid assuming output is word-aligned */
+	memcpy(out, buffer, sizeof(buffer));
+
+	return (retval);
+}
+
+char *
+px_crypt_des(const char *key, const char *setting)
+{
+	int			i;
+	uint32		count,
+				salt,
+				l,
+				r0,
+				r1,
+				keybuf[2];
+	char	   *p;
+	uint8	   *q;
+	static char output[21];
+
+	if (!des_initialised)
+		des_init();
+
+
+	/*
+	 * Copy the key, shifting each character up by one bit and padding with
+	 * zeros.
+	 */
+	q = (uint8 *) keybuf;
+	while (q - (uint8 *) keybuf - 8)
+	{
+		*q++ = *key << 1;
+		if (*key != '\0')
+			key++;
+	}
+	if (des_setkey((char *) keybuf))
+		return (NULL);
+
+#ifndef DISABLE_XDES
+	if (*setting == _PASSWORD_EFMT1)
+	{
+		/*
+		 * "new"-style: setting - underscore, 4 bytes of count, 4 bytes of
+		 * salt key - unlimited characters
+		 */
+		for (i = 1, count = 0L; i < 5; i++)
+			count |= ascii_to_bin(setting[i]) << (i - 1) * 6;
+
+		for (i = 5, salt = 0L; i < 9; i++)
+			salt |= ascii_to_bin(setting[i]) << (i - 5) * 6;
+
+		while (*key)
+		{
+			/*
+			 * Encrypt the key with itself.
+			 */
+			if (des_cipher((char *) keybuf, (char *) keybuf, 0L, 1))
+				return (NULL);
+
+			/*
+			 * And XOR with the next 8 characters of the key.
+			 */
+			q = (uint8 *) keybuf;
+			while (q - (uint8 *) keybuf - 8 && *key)
+				*q++ ^= *key++ << 1;
+
+			if (des_setkey((char *) keybuf))
+				return (NULL);
+		}
+		strncpy(output, setting, 9);
+
+		/*
+		 * Double check that we weren't given a short setting. If we were, the
+		 * above code will probably have created weird values for count and
+		 * salt, but we don't really care. Just make sure the output string
+		 * doesn't have an extra NUL in it.
+		 */
+		output[9] = '\0';
+		p = output + strlen(output);
+	}
+	else
+#endif   /* !DISABLE_XDES */
+	{
+		/*
+		 * "old"-style: setting - 2 bytes of salt key - up to 8 characters
+		 */
+		count = 25;
+
+		salt = (ascii_to_bin(setting[1]) << 6)
+			| ascii_to_bin(setting[0]);
+
+		output[0] = setting[0];
+
+		/*
+		 * If the encrypted password that the salt was extracted from is only
+		 * 1 character long, the salt will be corrupted.  We need to ensure
+		 * that the output string doesn't have an extra NUL in it!
+		 */
+		output[1] = setting[1] ? setting[1] : output[0];
+
+		p = output + 2;
+	}
+	setup_salt(salt);
+
+	/*
+	 * Do it.
+	 */
+	if (do_des(0L, 0L, &r0, &r1, count))
+		return (NULL);
+
+	/*
+	 * Now encode the result...
+	 */
+	l = (r0 >> 8);
+	*p++ = _crypt_a64[(l >> 18) & 0x3f];
+	*p++ = _crypt_a64[(l >> 12) & 0x3f];
+	*p++ = _crypt_a64[(l >> 6) & 0x3f];
+	*p++ = _crypt_a64[l & 0x3f];
+
+	l = (r0 << 16) | ((r1 >> 16) & 0xffff);
+	*p++ = _crypt_a64[(l >> 18) & 0x3f];
+	*p++ = _crypt_a64[(l >> 12) & 0x3f];
+	*p++ = _crypt_a64[(l >> 6) & 0x3f];
+	*p++ = _crypt_a64[l & 0x3f];
+
+	l = r1 << 2;
+	*p++ = _crypt_a64[(l >> 12) & 0x3f];
+	*p++ = _crypt_a64[(l >> 6) & 0x3f];
+	*p++ = _crypt_a64[l & 0x3f];
+	*p = 0;
+
+	return (output);
+}

http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/crypt-gensalt.c
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/crypt-gensalt.c b/contrib/pgcrypto/crypt-gensalt.c
new file mode 100644
index 0000000..ec2e0fa
--- /dev/null
+++ b/contrib/pgcrypto/crypt-gensalt.c
@@ -0,0 +1,187 @@
+/*
+ * Written by Solar Designer and placed in the public domain.
+ * See crypt_blowfish.c for more information.
+ *
+ * contrib/pgcrypto/crypt-gensalt.c
+ *
+ * This file contains salt generation functions for the traditional and
+ * other common crypt(3) algorithms, except for bcrypt which is defined
+ * entirely in crypt_blowfish.c.
+ *
+ * Put bcrypt generator also here as crypt-blowfish.c
+ * may not be compiled always.		  -- marko
+ */
+
+#include "postgres.h"
+
+#include "px-crypt.h"
+
+typedef unsigned int BF_word;
+
+static unsigned char _crypt_itoa64[64 + 1] =
+"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+char *
+_crypt_gensalt_traditional_rn(unsigned long count,
+				  const char *input, int size, char *output, int output_size)
+{
+	if (size < 2 || output_size < 2 + 1 || (count && count != 25))
+	{
+		if (output_size > 0)
+			output[0] = '\0';
+		return NULL;
+	}
+
+	output[0] = _crypt_itoa64[(unsigned int) input[0] & 0x3f];
+	output[1] = _crypt_itoa64[(unsigned int) input[1] & 0x3f];
+	output[2] = '\0';
+
+	return output;
+}
+
+char *
+_crypt_gensalt_extended_rn(unsigned long count,
+				  const char *input, int size, char *output, int output_size)
+{
+	unsigned long value;
+
+/* Even iteration counts make it easier to detect weak DES keys from a look
+ * at the hash, so they should be avoided */
+	if (size < 3 || output_size < 1 + 4 + 4 + 1 ||
+		(count && (count > 0xffffff || !(count & 1))))
+	{
+		if (output_size > 0)
+			output[0] = '\0';
+		return NULL;
+	}
+
+	if (!count)
+		count = 725;
+
+	output[0] = '_';
+	output[1] = _crypt_itoa64[count & 0x3f];
+	output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
+	output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
+	output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
+	value = (unsigned long) (unsigned char) input[0] |
+		((unsigned long) (unsigned char) input[1] << 8) |
+		((unsigned long) (unsigned char) input[2] << 16);
+	output[5] = _crypt_itoa64[value & 0x3f];
+	output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
+	output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
+	output[8] = _crypt_itoa64[(value >> 18) & 0x3f];
+	output[9] = '\0';
+
+	return output;
+}
+
+char *
+_crypt_gensalt_md5_rn(unsigned long count,
+				  const char *input, int size, char *output, int output_size)
+{
+	unsigned long value;
+
+	if (size < 3 || output_size < 3 + 4 + 1 || (count && count != 1000))
+	{
+		if (output_size > 0)
+			output[0] = '\0';
+		return NULL;
+	}
+
+	output[0] = '$';
+	output[1] = '1';
+	output[2] = '$';
+	value = (unsigned long) (unsigned char) input[0] |
+		((unsigned long) (unsigned char) input[1] << 8) |
+		((unsigned long) (unsigned char) input[2] << 16);
+	output[3] = _crypt_itoa64[value & 0x3f];
+	output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
+	output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
+	output[6] = _crypt_itoa64[(value >> 18) & 0x3f];
+	output[7] = '\0';
+
+	if (size >= 6 && output_size >= 3 + 4 + 4 + 1)
+	{
+		value = (unsigned long) (unsigned char) input[3] |
+			((unsigned long) (unsigned char) input[4] << 8) |
+			((unsigned long) (unsigned char) input[5] << 16);
+		output[7] = _crypt_itoa64[value & 0x3f];
+		output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
+		output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
+		output[10] = _crypt_itoa64[(value >> 18) & 0x3f];
+		output[11] = '\0';
+	}
+
+	return output;
+}
+
+
+
+static unsigned char BF_itoa64[64 + 1] =
+"./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+
+static void
+BF_encode(char *dst, const BF_word *src, int size)
+{
+	const unsigned char *sptr = (const unsigned char *) src;
+	const unsigned char *end = sptr + size;
+	unsigned char *dptr = (unsigned char *) dst;
+	unsigned int c1,
+				c2;
+
+	do
+	{
+		c1 = *sptr++;
+		*dptr++ = BF_itoa64[c1 >> 2];
+		c1 = (c1 & 0x03) << 4;
+		if (sptr >= end)
+		{
+			*dptr++ = BF_itoa64[c1];
+			break;
+		}
+
+		c2 = *sptr++;
+		c1 |= c2 >> 4;
+		*dptr++ = BF_itoa64[c1];
+		c1 = (c2 & 0x0f) << 2;
+		if (sptr >= end)
+		{
+			*dptr++ = BF_itoa64[c1];
+			break;
+		}
+
+		c2 = *sptr++;
+		c1 |= c2 >> 6;
+		*dptr++ = BF_itoa64[c1];
+		*dptr++ = BF_itoa64[c2 & 0x3f];
+	} while (sptr < end);
+}
+
+char *
+_crypt_gensalt_blowfish_rn(unsigned long count,
+				  const char *input, int size, char *output, int output_size)
+{
+	if (size < 16 || output_size < 7 + 22 + 1 ||
+		(count && (count < 4 || count > 31)))
+	{
+		if (output_size > 0)
+			output[0] = '\0';
+		return NULL;
+	}
+
+	if (!count)
+		count = 5;
+
+	output[0] = '$';
+	output[1] = '2';
+	output[2] = 'a';
+	output[3] = '$';
+	output[4] = '0' + count / 10;
+	output[5] = '0' + count % 10;
+	output[6] = '$';
+
+	BF_encode(&output[7], (const BF_word *) input, 16);
+	output[7 + 22] = '\0';
+
+	return output;
+}

http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/801100ed/contrib/pgcrypto/crypt-md5.c
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/crypt-md5.c b/contrib/pgcrypto/crypt-md5.c
new file mode 100644
index 0000000..6c7a2b3
--- /dev/null
+++ b/contrib/pgcrypto/crypt-md5.c
@@ -0,0 +1,163 @@
+/*
+ * File imported from FreeBSD, original by Poul-Henning Kamp.
+ *
+ * $FreeBSD: src/lib/libcrypt/crypt-md5.c,v 1.5 1999/12/17 20:21:45 peter Exp $
+ *
+ * contrib/pgcrypto/crypt-md5.c
+ */
+
+#include "postgres.h"
+
+#include "px.h"
+#include "px-crypt.h"
+
+#define MD5_SIZE 16
+
+static const char _crypt_a64[] =
+"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+static void
+_crypt_to64(char *s, unsigned long v, int n)
+{
+	while (--n >= 0)
+	{
+		*s++ = _crypt_a64[v & 0x3f];
+		v >>= 6;
+	}
+}
+
+/*
+ * UNIX password
+ */
+
+char *
+px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)
+{
+	static char *magic = "$1$"; /* This string is magic for this algorithm.
+								 * Having it this way, we can get better
+								 * later on */
+	static char *p;
+	static const char *sp,
+			   *ep;
+	unsigned char final[MD5_SIZE];
+	int			sl,
+				pl,
+				i;
+	PX_MD	   *ctx,
+			   *ctx1;
+	int			err;
+	unsigned long l;
+
+	if (!passwd || dstlen < 120)
+		return NULL;
+
+	/* Refine the Salt first */
+	sp = salt;
+
+	/* If it starts with the magic string, then skip that */
+	if (strncmp(sp, magic, strlen(magic)) == 0)
+		sp += strlen(magic);
+
+	/* It stops at the first '$', max 8 chars */
+	for (ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++)
+		continue;
+
+	/* get the length of the true salt */
+	sl = ep - sp;
+
+	/* */
+	err = px_find_digest("md5", &ctx);
+	if (err)
+		return NULL;
+	err = px_find_digest("md5", &ctx1);
+
+	/* The password first, since that is what is most unknown */
+	px_md_update(ctx, (const uint8 *) pw, strlen(pw));
+
+	/* Then our magic string */
+	px_md_update(ctx, (uint8 *) magic, strlen(magic));
+
+	/* Then the raw salt */
+	px_md_update(ctx, (const uint8 *) sp, sl);
+
+	/* Then just as many characters of the MD5(pw,salt,pw) */
+	px_md_update(ctx1, (const uint8 *) pw, strlen(pw));
+	px_md_update(ctx1, (const uint8 *) sp, sl);
+	px_md_update(ctx1, (const uint8 *) pw, strlen(pw));
+	px_md_finish(ctx1, final);
+	for (pl = strlen(pw); pl > 0; pl -= MD5_SIZE)
+		px_md_update(ctx, final, pl > MD5_SIZE ? MD5_SIZE : pl);
+
+	/* Don't leave anything around in vm they could use. */
+	memset(final, 0, sizeof final);
+
+	/* Then something really weird... */
+	for (i = strlen(pw); i; i >>= 1)
+		if (i & 1)
+			px_md_update(ctx, final, 1);
+		else
+			px_md_update(ctx, (const uint8 *) pw, 1);
+
+	/* Now make the output string */
+	strcpy(passwd, magic);
+	strncat(passwd, sp, sl);
+	strcat(passwd, "$");
+
+	px_md_finish(ctx, final);
+
+	/*
+	 * and now, just to make sure things don't run too fast On a 60 Mhz
+	 * Pentium this takes 34 msec, so you would need 30 seconds to build a
+	 * 1000 entry dictionary...
+	 */
+	for (i = 0; i < 1000; i++)
+	{
+		px_md_reset(ctx1);
+		if (i & 1)
+			px_md_update(ctx1, (const uint8 *) pw, strlen(pw));
+		else
+			px_md_update(ctx1, final, MD5_SIZE);
+
+		if (i % 3)
+			px_md_update(ctx1, (const uint8 *) sp, sl);
+
+		if (i % 7)
+			px_md_update(ctx1, (const uint8 *) pw, strlen(pw));
+
+		if (i & 1)
+			px_md_update(ctx1, final, MD5_SIZE);
+		else
+			px_md_update(ctx1, (const uint8 *) pw, strlen(pw));
+		px_md_finish(ctx1, final);
+	}
+
+	p = passwd + strlen(passwd);
+
+	l = (final[0] << 16) | (final[6] << 8) | final[12];
+	_crypt_to64(p, l, 4);
+	p += 4;
+	l = (final[1] << 16) | (final[7] << 8) | final[13];
+	_crypt_to64(p, l, 4);
+	p += 4;
+	l = (final[2] << 16) | (final[8] << 8) | final[14];
+	_crypt_to64(p, l, 4);
+	p += 4;
+	l = (final[3] << 16) | (final[9] << 8) | final[15];
+	_crypt_to64(p, l, 4);
+	p += 4;
+	l = (final[4] << 16) | (final[10] << 8) | final[5];
+	_crypt_to64(p, l, 4);
+	p += 4;
+	l = final[11];
+	_crypt_to64(p, l, 2);
+	p += 2;
+	*p = '\0';
+
+	/* Don't leave anything around in vm they could use. */
+	memset(final, 0, sizeof final);
+
+	px_md_free(ctx1);
+	px_md_free(ctx);
+
+	return passwd;
+}



Mime
View raw message