I've been working on integrating TCFS into NetBSD's kernel. Currently I have a stand-alone package that builds an LKM that works. The NetBSD people asked me to use the extant crypto code in the kernel, and both TCFS's and NetBSD's came from SSLeay. I had to make only one minor change to it (changing a param to des_ecb_encrypt from a pointer to a struct to the struct itself). So I just added a "*" to deref it.
So I was somewhat surprised when I ran the in-kernel version and found it couldn't read the files on disk created by the LKM. I wrote a little test routine that I compiled with/against the LKM's [older] SSL DES implementation, then I compiled it with/against the in-kernel [newer] stuff, and found that their data differed. So I wanted to see if it was in the key scheduling or the ciphering, so I removed the calls to encryption. The key schedules it generates are different. As a matter of fact, I found that merely linking with the ciphering code seemed to change the key schedule ever-so-slightly. I think I must be doing something wrong in C, have a pointer pointing somewhere it shouldn't be, etc. But -Wall doesn't show any problems. Neither does lint. So: 1) Did SSLeay/OpenSSL change the behavior of DES? 2) Can you see a problem in my little test code below? Sorry if I'm missing something obvious. #include <stdio.h> #include <stdlib.h> #include <err.h> #include "des.h" int main() { #define KEY "012345678012345678012345678012345678" const char key[] = KEY; const char *kptr = key; des_key_schedule ks; int i, j; #ifdef NETBSD_SETKEY des_set_key_unchecked ((des_cblock *)kptr, ks); /* or w/o unchecked */ #else des_set_key ((des_cblock *)kptr, ks); #endif for (j = 0; j<(sizeof(des_key_schedule)/sizeof(struct des_ks_struct)); j++) { #ifdef NETBSD_SETKEY for (i = 0; i < sizeof(des_cblock); i++) printf("%02x", ks[j].ks.cblock[ i]); #else for (i = 0; i < sizeof(des_cblock); i++) printf("%02x", ks[j].ks._[i]); #endif printf("\n"); exit(0); } --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]