diff options
| author | hshoexer <> | 2004-02-13 10:05:44 +0000 |
|---|---|---|
| committer | hshoexer <> | 2004-02-13 10:05:44 +0000 |
| commit | 1617c4271e2064de608b1d25e4d8b49ea0b00007 (patch) | |
| tree | 43b0daa1c67f3741165f9daf7852ed118370b9ba | |
| parent | 890ac6c07f8f31aa4c90f8eb9b5c2eab59c8c7e6 (diff) | |
| download | openbsd-1617c4271e2064de608b1d25e4d8b49ea0b00007.tar.gz openbsd-1617c4271e2064de608b1d25e4d8b49ea0b00007.tar.bz2 openbsd-1617c4271e2064de608b1d25e4d8b49ea0b00007.zip | |
Cleanup and shrink ACSS_KEY a bit. Thus crank library minor.
Change cipher modes to more generic names and add an additional mode.
ok deraadt@ markus@
| -rw-r--r-- | src/lib/libcrypto/acss/acss.h | 13 | ||||
| -rw-r--r-- | src/lib/libcrypto/acss/acss_enc.c | 26 | ||||
| -rw-r--r-- | src/lib/libcrypto/evp/e_acss.c | 4 | ||||
| -rw-r--r-- | src/lib/libssl/crypto/shlib_version | 2 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/acss/acss.h | 13 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/acss/acss_enc.c | 26 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/evp/e_acss.c | 4 |
7 files changed, 49 insertions, 39 deletions
diff --git a/src/lib/libcrypto/acss/acss.h b/src/lib/libcrypto/acss/acss.h index 2e33c78837..476339fb9e 100644 --- a/src/lib/libcrypto/acss/acss.h +++ b/src/lib/libcrypto/acss/acss.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: acss.h,v 1.2 2004/01/23 19:23:33 hshoexer Exp $ */ | 1 | /* $OpenBSD: acss.h,v 1.3 2004/02/13 10:05:44 hshoexer Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2004 The OpenBSD project | 3 | * Copyright (c) 2004 The OpenBSD project |
| 4 | * | 4 | * |
| @@ -26,10 +26,10 @@ | |||
| 26 | #define ACSS_KEYSIZE 5 | 26 | #define ACSS_KEYSIZE 5 |
| 27 | 27 | ||
| 28 | /* modes of acss */ | 28 | /* modes of acss */ |
| 29 | #define ACSS_AUTHENTICATE 0 | 29 | #define ACSS_MODE0 0 |
| 30 | #define ACSS_SESSIONKEY 1 | 30 | #define ACSS_MODE1 1 |
| 31 | #define ACSS_TITLEKEY 2 | 31 | #define ACSS_MODE2 2 |
| 32 | #define ACSS_DATA 3 | 32 | #define ACSS_MODE3 3 |
| 33 | 33 | ||
| 34 | typedef struct acss_key_st { | 34 | typedef struct acss_key_st { |
| 35 | unsigned int lfsr17; /* current state of lfsrs */ | 35 | unsigned int lfsr17; /* current state of lfsrs */ |
| @@ -37,9 +37,8 @@ typedef struct acss_key_st { | |||
| 37 | unsigned int lfsrsum; | 37 | unsigned int lfsrsum; |
| 38 | unsigned char seed[ACSS_KEYSIZE]; | 38 | unsigned char seed[ACSS_KEYSIZE]; |
| 39 | unsigned char data[ACSS_KEYSIZE]; | 39 | unsigned char data[ACSS_KEYSIZE]; |
| 40 | int encrypt; /* XXX make these bit flags? */ | 40 | int encrypt; |
| 41 | int mode; | 41 | int mode; |
| 42 | int seeded; | ||
| 43 | } ACSS_KEY; | 42 | } ACSS_KEY; |
| 44 | 43 | ||
| 45 | void acss_setkey(ACSS_KEY *, const unsigned char *, int, int); | 44 | void acss_setkey(ACSS_KEY *, const unsigned char *, int, int); |
diff --git a/src/lib/libcrypto/acss/acss_enc.c b/src/lib/libcrypto/acss/acss_enc.c index 9278af3578..829830bc54 100644 --- a/src/lib/libcrypto/acss/acss_enc.c +++ b/src/lib/libcrypto/acss/acss_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: acss_enc.c,v 1.3 2004/01/23 19:23:33 hshoexer Exp $ */ | 1 | /* $OpenBSD: acss_enc.c,v 1.4 2004/02/13 10:05:44 hshoexer Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2004 The OpenBSD project | 3 | * Copyright (c) 2004 The OpenBSD project |
| 4 | * | 4 | * |
| @@ -95,7 +95,7 @@ static unsigned char sboxenc[] = { | |||
| 95 | * lfsr17: polynomial of degree 17, primitive modulo 2 (listed in Schneier) | 95 | * lfsr17: polynomial of degree 17, primitive modulo 2 (listed in Schneier) |
| 96 | * x^15 + x + 1 | 96 | * x^15 + x + 1 |
| 97 | * lfsr25: polynomial of degree 25, not know if primitive modulo 2 | 97 | * lfsr25: polynomial of degree 25, not know if primitive modulo 2 |
| 98 | * x^13 + x^5 + x^4 + x^1 + 1 | 98 | * x^13 + x^5 + x^4 + x + 1 |
| 99 | * | 99 | * |
| 100 | * Output bits are discarded, instead the feedback bits are added to produce | 100 | * Output bits are discarded, instead the feedback bits are added to produce |
| 101 | * the cipher stream. Depending on the mode, feedback bytes may be inverted | 101 | * the cipher stream. Depending on the mode, feedback bytes may be inverted |
| @@ -145,24 +145,30 @@ acss(ACSS_KEY *key, unsigned long len, const unsigned char *in, | |||
| 145 | 145 | ||
| 146 | /* addition */ | 146 | /* addition */ |
| 147 | switch (key->mode) { | 147 | switch (key->mode) { |
| 148 | case ACSS_SESSIONKEY: | 148 | case ACSS_MODE3: |
| 149 | key->lfsrsum = key->lfsr17 >> 9; | 149 | key->lfsrsum = 0xff & ~(key->lfsr17 >> 9); |
| 150 | key->lfsrsum += key->lfsr25 >> 17; | 150 | key->lfsrsum += 0xff & ~(key->lfsr25 >> 17); |
| 151 | break; | 151 | break; |
| 152 | case ACSS_TITLEKEY: | 152 | case ACSS_MODE2: |
| 153 | key->lfsrsum = key->lfsr17 >> 9; | 153 | key->lfsrsum = key->lfsr17 >> 9; |
| 154 | key->lfsrsum += 0xff & ~(key->lfsr25 >> 17); | 154 | key->lfsrsum += 0xff & ~(key->lfsr25 >> 17); |
| 155 | break; | 155 | break; |
| 156 | case ACSS_AUTHENTICATE: | 156 | case ACSS_MODE1: |
| 157 | case ACSS_DATA: | ||
| 158 | default: | ||
| 159 | key->lfsrsum = 0xff & ~(key->lfsr17 >> 9); | 157 | key->lfsrsum = 0xff & ~(key->lfsr17 >> 9); |
| 160 | key->lfsrsum += key->lfsr25 >> 17; | 158 | key->lfsrsum += key->lfsr25 >> 17; |
| 161 | break; | 159 | break; |
| 160 | case ACSS_MODE0: | ||
| 161 | default: | ||
| 162 | key->lfsrsum = key->lfsr17 >> 9; | ||
| 163 | key->lfsrsum += key->lfsr25 >> 17; | ||
| 164 | break; | ||
| 162 | } | 165 | } |
| 163 | key->lfsrsum += (lfsrsumtmp >> 8); | 166 | key->lfsrsum += (lfsrsumtmp >> 8); |
| 164 | 167 | ||
| 165 | if (key->encrypt) { | 168 | if (in == (unsigned char *)0) |
| 169 | /* generate only a keystream */ | ||
| 170 | out[i] = key->lfsrsum & 0xff; | ||
| 171 | else if (key->encrypt) { | ||
| 166 | out[i] = sboxenc[(in[i] ^ key->lfsrsum) & 0xff]; | 172 | out[i] = sboxenc[(in[i] ^ key->lfsrsum) & 0xff]; |
| 167 | } else { | 173 | } else { |
| 168 | out[i] = (sboxdec[in[i]] ^ key->lfsrsum) & 0xff; | 174 | out[i] = (sboxdec[in[i]] ^ key->lfsrsum) & 0xff; |
diff --git a/src/lib/libcrypto/evp/e_acss.c b/src/lib/libcrypto/evp/e_acss.c index f4e55f1030..a16b85c627 100644 --- a/src/lib/libcrypto/evp/e_acss.c +++ b/src/lib/libcrypto/evp/e_acss.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $Id: e_acss.c,v 1.1 2004/01/23 16:58:43 hshoexer Exp $ */ | 1 | /* $Id: e_acss.c,v 1.2 2004/02/13 10:05:44 hshoexer Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2004 The OpenBSD project | 3 | * Copyright (c) 2004 The OpenBSD project |
| 4 | * | 4 | * |
| @@ -58,7 +58,7 @@ static int | |||
| 58 | acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 58 | acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 59 | const unsigned char *iv, int enc) | 59 | const unsigned char *iv, int enc) |
| 60 | { | 60 | { |
| 61 | acss_setkey(&data(ctx)->ks,key,enc,ACSS_DATA); | 61 | acss_setkey(&data(ctx)->ks,key,enc,ACSS_MODE1); |
| 62 | return 1; | 62 | return 1; |
| 63 | } | 63 | } |
| 64 | 64 | ||
diff --git a/src/lib/libssl/crypto/shlib_version b/src/lib/libssl/crypto/shlib_version index bab3bd7a1b..c6fa1d0271 100644 --- a/src/lib/libssl/crypto/shlib_version +++ b/src/lib/libssl/crypto/shlib_version | |||
| @@ -1,2 +1,2 @@ | |||
| 1 | major=10 | 1 | major=10 |
| 2 | minor=2 | 2 | minor=3 |
diff --git a/src/lib/libssl/src/crypto/acss/acss.h b/src/lib/libssl/src/crypto/acss/acss.h index 2e33c78837..476339fb9e 100644 --- a/src/lib/libssl/src/crypto/acss/acss.h +++ b/src/lib/libssl/src/crypto/acss/acss.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: acss.h,v 1.2 2004/01/23 19:23:33 hshoexer Exp $ */ | 1 | /* $OpenBSD: acss.h,v 1.3 2004/02/13 10:05:44 hshoexer Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2004 The OpenBSD project | 3 | * Copyright (c) 2004 The OpenBSD project |
| 4 | * | 4 | * |
| @@ -26,10 +26,10 @@ | |||
| 26 | #define ACSS_KEYSIZE 5 | 26 | #define ACSS_KEYSIZE 5 |
| 27 | 27 | ||
| 28 | /* modes of acss */ | 28 | /* modes of acss */ |
| 29 | #define ACSS_AUTHENTICATE 0 | 29 | #define ACSS_MODE0 0 |
| 30 | #define ACSS_SESSIONKEY 1 | 30 | #define ACSS_MODE1 1 |
| 31 | #define ACSS_TITLEKEY 2 | 31 | #define ACSS_MODE2 2 |
| 32 | #define ACSS_DATA 3 | 32 | #define ACSS_MODE3 3 |
| 33 | 33 | ||
| 34 | typedef struct acss_key_st { | 34 | typedef struct acss_key_st { |
| 35 | unsigned int lfsr17; /* current state of lfsrs */ | 35 | unsigned int lfsr17; /* current state of lfsrs */ |
| @@ -37,9 +37,8 @@ typedef struct acss_key_st { | |||
| 37 | unsigned int lfsrsum; | 37 | unsigned int lfsrsum; |
| 38 | unsigned char seed[ACSS_KEYSIZE]; | 38 | unsigned char seed[ACSS_KEYSIZE]; |
| 39 | unsigned char data[ACSS_KEYSIZE]; | 39 | unsigned char data[ACSS_KEYSIZE]; |
| 40 | int encrypt; /* XXX make these bit flags? */ | 40 | int encrypt; |
| 41 | int mode; | 41 | int mode; |
| 42 | int seeded; | ||
| 43 | } ACSS_KEY; | 42 | } ACSS_KEY; |
| 44 | 43 | ||
| 45 | void acss_setkey(ACSS_KEY *, const unsigned char *, int, int); | 44 | void acss_setkey(ACSS_KEY *, const unsigned char *, int, int); |
diff --git a/src/lib/libssl/src/crypto/acss/acss_enc.c b/src/lib/libssl/src/crypto/acss/acss_enc.c index 9278af3578..829830bc54 100644 --- a/src/lib/libssl/src/crypto/acss/acss_enc.c +++ b/src/lib/libssl/src/crypto/acss/acss_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: acss_enc.c,v 1.3 2004/01/23 19:23:33 hshoexer Exp $ */ | 1 | /* $OpenBSD: acss_enc.c,v 1.4 2004/02/13 10:05:44 hshoexer Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2004 The OpenBSD project | 3 | * Copyright (c) 2004 The OpenBSD project |
| 4 | * | 4 | * |
| @@ -95,7 +95,7 @@ static unsigned char sboxenc[] = { | |||
| 95 | * lfsr17: polynomial of degree 17, primitive modulo 2 (listed in Schneier) | 95 | * lfsr17: polynomial of degree 17, primitive modulo 2 (listed in Schneier) |
| 96 | * x^15 + x + 1 | 96 | * x^15 + x + 1 |
| 97 | * lfsr25: polynomial of degree 25, not know if primitive modulo 2 | 97 | * lfsr25: polynomial of degree 25, not know if primitive modulo 2 |
| 98 | * x^13 + x^5 + x^4 + x^1 + 1 | 98 | * x^13 + x^5 + x^4 + x + 1 |
| 99 | * | 99 | * |
| 100 | * Output bits are discarded, instead the feedback bits are added to produce | 100 | * Output bits are discarded, instead the feedback bits are added to produce |
| 101 | * the cipher stream. Depending on the mode, feedback bytes may be inverted | 101 | * the cipher stream. Depending on the mode, feedback bytes may be inverted |
| @@ -145,24 +145,30 @@ acss(ACSS_KEY *key, unsigned long len, const unsigned char *in, | |||
| 145 | 145 | ||
| 146 | /* addition */ | 146 | /* addition */ |
| 147 | switch (key->mode) { | 147 | switch (key->mode) { |
| 148 | case ACSS_SESSIONKEY: | 148 | case ACSS_MODE3: |
| 149 | key->lfsrsum = key->lfsr17 >> 9; | 149 | key->lfsrsum = 0xff & ~(key->lfsr17 >> 9); |
| 150 | key->lfsrsum += key->lfsr25 >> 17; | 150 | key->lfsrsum += 0xff & ~(key->lfsr25 >> 17); |
| 151 | break; | 151 | break; |
| 152 | case ACSS_TITLEKEY: | 152 | case ACSS_MODE2: |
| 153 | key->lfsrsum = key->lfsr17 >> 9; | 153 | key->lfsrsum = key->lfsr17 >> 9; |
| 154 | key->lfsrsum += 0xff & ~(key->lfsr25 >> 17); | 154 | key->lfsrsum += 0xff & ~(key->lfsr25 >> 17); |
| 155 | break; | 155 | break; |
| 156 | case ACSS_AUTHENTICATE: | 156 | case ACSS_MODE1: |
| 157 | case ACSS_DATA: | ||
| 158 | default: | ||
| 159 | key->lfsrsum = 0xff & ~(key->lfsr17 >> 9); | 157 | key->lfsrsum = 0xff & ~(key->lfsr17 >> 9); |
| 160 | key->lfsrsum += key->lfsr25 >> 17; | 158 | key->lfsrsum += key->lfsr25 >> 17; |
| 161 | break; | 159 | break; |
| 160 | case ACSS_MODE0: | ||
| 161 | default: | ||
| 162 | key->lfsrsum = key->lfsr17 >> 9; | ||
| 163 | key->lfsrsum += key->lfsr25 >> 17; | ||
| 164 | break; | ||
| 162 | } | 165 | } |
| 163 | key->lfsrsum += (lfsrsumtmp >> 8); | 166 | key->lfsrsum += (lfsrsumtmp >> 8); |
| 164 | 167 | ||
| 165 | if (key->encrypt) { | 168 | if (in == (unsigned char *)0) |
| 169 | /* generate only a keystream */ | ||
| 170 | out[i] = key->lfsrsum & 0xff; | ||
| 171 | else if (key->encrypt) { | ||
| 166 | out[i] = sboxenc[(in[i] ^ key->lfsrsum) & 0xff]; | 172 | out[i] = sboxenc[(in[i] ^ key->lfsrsum) & 0xff]; |
| 167 | } else { | 173 | } else { |
| 168 | out[i] = (sboxdec[in[i]] ^ key->lfsrsum) & 0xff; | 174 | out[i] = (sboxdec[in[i]] ^ key->lfsrsum) & 0xff; |
diff --git a/src/lib/libssl/src/crypto/evp/e_acss.c b/src/lib/libssl/src/crypto/evp/e_acss.c index f4e55f1030..a16b85c627 100644 --- a/src/lib/libssl/src/crypto/evp/e_acss.c +++ b/src/lib/libssl/src/crypto/evp/e_acss.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $Id: e_acss.c,v 1.1 2004/01/23 16:58:43 hshoexer Exp $ */ | 1 | /* $Id: e_acss.c,v 1.2 2004/02/13 10:05:44 hshoexer Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2004 The OpenBSD project | 3 | * Copyright (c) 2004 The OpenBSD project |
| 4 | * | 4 | * |
| @@ -58,7 +58,7 @@ static int | |||
| 58 | acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 58 | acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 59 | const unsigned char *iv, int enc) | 59 | const unsigned char *iv, int enc) |
| 60 | { | 60 | { |
| 61 | acss_setkey(&data(ctx)->ks,key,enc,ACSS_DATA); | 61 | acss_setkey(&data(ctx)->ks,key,enc,ACSS_MODE1); |
| 62 | return 1; | 62 | return 1; |
| 63 | } | 63 | } |
| 64 | 64 | ||