From 1617c4271e2064de608b1d25e4d8b49ea0b00007 Mon Sep 17 00:00:00 2001 From: hshoexer <> Date: Fri, 13 Feb 2004 10:05:44 +0000 Subject: Cleanup and shrink ACSS_KEY a bit. Thus crank library minor. Change cipher modes to more generic names and add an additional mode. ok deraadt@ markus@ --- src/lib/libcrypto/acss/acss.h | 13 ++++++------- src/lib/libcrypto/acss/acss_enc.c | 26 ++++++++++++++++---------- src/lib/libcrypto/evp/e_acss.c | 4 ++-- src/lib/libssl/crypto/shlib_version | 2 +- src/lib/libssl/src/crypto/acss/acss.h | 13 ++++++------- src/lib/libssl/src/crypto/acss/acss_enc.c | 26 ++++++++++++++++---------- src/lib/libssl/src/crypto/evp/e_acss.c | 4 ++-- 7 files changed, 49 insertions(+), 39 deletions(-) diff --git a/src/lib/libcrypto/acss/acss.h b/src/lib/libcrypto/acss/acss.h index 2e33c78837..476339fb9e 100644 --- a/src/lib/libcrypto/acss/acss.h +++ b/src/lib/libcrypto/acss/acss.h @@ -1,4 +1,4 @@ -/* $OpenBSD: acss.h,v 1.2 2004/01/23 19:23:33 hshoexer Exp $ */ +/* $OpenBSD: acss.h,v 1.3 2004/02/13 10:05:44 hshoexer Exp $ */ /* * Copyright (c) 2004 The OpenBSD project * @@ -26,10 +26,10 @@ #define ACSS_KEYSIZE 5 /* modes of acss */ -#define ACSS_AUTHENTICATE 0 -#define ACSS_SESSIONKEY 1 -#define ACSS_TITLEKEY 2 -#define ACSS_DATA 3 +#define ACSS_MODE0 0 +#define ACSS_MODE1 1 +#define ACSS_MODE2 2 +#define ACSS_MODE3 3 typedef struct acss_key_st { unsigned int lfsr17; /* current state of lfsrs */ @@ -37,9 +37,8 @@ typedef struct acss_key_st { unsigned int lfsrsum; unsigned char seed[ACSS_KEYSIZE]; unsigned char data[ACSS_KEYSIZE]; - int encrypt; /* XXX make these bit flags? */ + int encrypt; int mode; - int seeded; } ACSS_KEY; void acss_setkey(ACSS_KEY *, const unsigned char *, int, int); diff --git a/src/lib/libcrypto/acss/acss_enc.c b/src/lib/libcrypto/acss/acss_enc.c index 9278af3578..829830bc54 100644 --- a/src/lib/libcrypto/acss/acss_enc.c +++ b/src/lib/libcrypto/acss/acss_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: acss_enc.c,v 1.3 2004/01/23 19:23:33 hshoexer Exp $ */ +/* $OpenBSD: acss_enc.c,v 1.4 2004/02/13 10:05:44 hshoexer Exp $ */ /* * Copyright (c) 2004 The OpenBSD project * @@ -95,7 +95,7 @@ static unsigned char sboxenc[] = { * lfsr17: polynomial of degree 17, primitive modulo 2 (listed in Schneier) * x^15 + x + 1 * lfsr25: polynomial of degree 25, not know if primitive modulo 2 - * x^13 + x^5 + x^4 + x^1 + 1 + * x^13 + x^5 + x^4 + x + 1 * * Output bits are discarded, instead the feedback bits are added to produce * the cipher stream. Depending on the mode, feedback bytes may be inverted @@ -145,24 +145,30 @@ acss(ACSS_KEY *key, unsigned long len, const unsigned char *in, /* addition */ switch (key->mode) { - case ACSS_SESSIONKEY: - key->lfsrsum = key->lfsr17 >> 9; - key->lfsrsum += key->lfsr25 >> 17; + case ACSS_MODE3: + key->lfsrsum = 0xff & ~(key->lfsr17 >> 9); + key->lfsrsum += 0xff & ~(key->lfsr25 >> 17); break; - case ACSS_TITLEKEY: + case ACSS_MODE2: key->lfsrsum = key->lfsr17 >> 9; key->lfsrsum += 0xff & ~(key->lfsr25 >> 17); break; - case ACSS_AUTHENTICATE: - case ACSS_DATA: - default: + case ACSS_MODE1: key->lfsrsum = 0xff & ~(key->lfsr17 >> 9); key->lfsrsum += key->lfsr25 >> 17; break; + case ACSS_MODE0: + default: + key->lfsrsum = key->lfsr17 >> 9; + key->lfsrsum += key->lfsr25 >> 17; + break; } key->lfsrsum += (lfsrsumtmp >> 8); - if (key->encrypt) { + if (in == (unsigned char *)0) + /* generate only a keystream */ + out[i] = key->lfsrsum & 0xff; + else if (key->encrypt) { out[i] = sboxenc[(in[i] ^ key->lfsrsum) & 0xff]; } else { out[i] = (sboxdec[in[i]] ^ key->lfsrsum) & 0xff; diff --git a/src/lib/libcrypto/evp/e_acss.c b/src/lib/libcrypto/evp/e_acss.c index f4e55f1030..a16b85c627 100644 --- a/src/lib/libcrypto/evp/e_acss.c +++ b/src/lib/libcrypto/evp/e_acss.c @@ -1,4 +1,4 @@ -/* $Id: e_acss.c,v 1.1 2004/01/23 16:58:43 hshoexer Exp $ */ +/* $Id: e_acss.c,v 1.2 2004/02/13 10:05:44 hshoexer Exp $ */ /* * Copyright (c) 2004 The OpenBSD project * @@ -58,7 +58,7 @@ static int acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - acss_setkey(&data(ctx)->ks,key,enc,ACSS_DATA); + acss_setkey(&data(ctx)->ks,key,enc,ACSS_MODE1); return 1; } diff --git a/src/lib/libssl/crypto/shlib_version b/src/lib/libssl/crypto/shlib_version index bab3bd7a1b..c6fa1d0271 100644 --- a/src/lib/libssl/crypto/shlib_version +++ b/src/lib/libssl/crypto/shlib_version @@ -1,2 +1,2 @@ major=10 -minor=2 +minor=3 diff --git a/src/lib/libssl/src/crypto/acss/acss.h b/src/lib/libssl/src/crypto/acss/acss.h index 2e33c78837..476339fb9e 100644 --- a/src/lib/libssl/src/crypto/acss/acss.h +++ b/src/lib/libssl/src/crypto/acss/acss.h @@ -1,4 +1,4 @@ -/* $OpenBSD: acss.h,v 1.2 2004/01/23 19:23:33 hshoexer Exp $ */ +/* $OpenBSD: acss.h,v 1.3 2004/02/13 10:05:44 hshoexer Exp $ */ /* * Copyright (c) 2004 The OpenBSD project * @@ -26,10 +26,10 @@ #define ACSS_KEYSIZE 5 /* modes of acss */ -#define ACSS_AUTHENTICATE 0 -#define ACSS_SESSIONKEY 1 -#define ACSS_TITLEKEY 2 -#define ACSS_DATA 3 +#define ACSS_MODE0 0 +#define ACSS_MODE1 1 +#define ACSS_MODE2 2 +#define ACSS_MODE3 3 typedef struct acss_key_st { unsigned int lfsr17; /* current state of lfsrs */ @@ -37,9 +37,8 @@ typedef struct acss_key_st { unsigned int lfsrsum; unsigned char seed[ACSS_KEYSIZE]; unsigned char data[ACSS_KEYSIZE]; - int encrypt; /* XXX make these bit flags? */ + int encrypt; int mode; - int seeded; } ACSS_KEY; void acss_setkey(ACSS_KEY *, const unsigned char *, int, int); diff --git a/src/lib/libssl/src/crypto/acss/acss_enc.c b/src/lib/libssl/src/crypto/acss/acss_enc.c index 9278af3578..829830bc54 100644 --- a/src/lib/libssl/src/crypto/acss/acss_enc.c +++ b/src/lib/libssl/src/crypto/acss/acss_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: acss_enc.c,v 1.3 2004/01/23 19:23:33 hshoexer Exp $ */ +/* $OpenBSD: acss_enc.c,v 1.4 2004/02/13 10:05:44 hshoexer Exp $ */ /* * Copyright (c) 2004 The OpenBSD project * @@ -95,7 +95,7 @@ static unsigned char sboxenc[] = { * lfsr17: polynomial of degree 17, primitive modulo 2 (listed in Schneier) * x^15 + x + 1 * lfsr25: polynomial of degree 25, not know if primitive modulo 2 - * x^13 + x^5 + x^4 + x^1 + 1 + * x^13 + x^5 + x^4 + x + 1 * * Output bits are discarded, instead the feedback bits are added to produce * the cipher stream. Depending on the mode, feedback bytes may be inverted @@ -145,24 +145,30 @@ acss(ACSS_KEY *key, unsigned long len, const unsigned char *in, /* addition */ switch (key->mode) { - case ACSS_SESSIONKEY: - key->lfsrsum = key->lfsr17 >> 9; - key->lfsrsum += key->lfsr25 >> 17; + case ACSS_MODE3: + key->lfsrsum = 0xff & ~(key->lfsr17 >> 9); + key->lfsrsum += 0xff & ~(key->lfsr25 >> 17); break; - case ACSS_TITLEKEY: + case ACSS_MODE2: key->lfsrsum = key->lfsr17 >> 9; key->lfsrsum += 0xff & ~(key->lfsr25 >> 17); break; - case ACSS_AUTHENTICATE: - case ACSS_DATA: - default: + case ACSS_MODE1: key->lfsrsum = 0xff & ~(key->lfsr17 >> 9); key->lfsrsum += key->lfsr25 >> 17; break; + case ACSS_MODE0: + default: + key->lfsrsum = key->lfsr17 >> 9; + key->lfsrsum += key->lfsr25 >> 17; + break; } key->lfsrsum += (lfsrsumtmp >> 8); - if (key->encrypt) { + if (in == (unsigned char *)0) + /* generate only a keystream */ + out[i] = key->lfsrsum & 0xff; + else if (key->encrypt) { out[i] = sboxenc[(in[i] ^ key->lfsrsum) & 0xff]; } else { out[i] = (sboxdec[in[i]] ^ key->lfsrsum) & 0xff; diff --git a/src/lib/libssl/src/crypto/evp/e_acss.c b/src/lib/libssl/src/crypto/evp/e_acss.c index f4e55f1030..a16b85c627 100644 --- a/src/lib/libssl/src/crypto/evp/e_acss.c +++ b/src/lib/libssl/src/crypto/evp/e_acss.c @@ -1,4 +1,4 @@ -/* $Id: e_acss.c,v 1.1 2004/01/23 16:58:43 hshoexer Exp $ */ +/* $Id: e_acss.c,v 1.2 2004/02/13 10:05:44 hshoexer Exp $ */ /* * Copyright (c) 2004 The OpenBSD project * @@ -58,7 +58,7 @@ static int acss_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc) { - acss_setkey(&data(ctx)->ks,key,enc,ACSS_DATA); + acss_setkey(&data(ctx)->ks,key,enc,ACSS_MODE1); return 1; } -- cgit v1.2.3-55-g6feb