Re: cvs commit: openssl/crypto/des Makefile.ssl cbc_cksm.ccfb64ede.c cfb64enc.c cfb_enc.c des.h des_enc.c des_locl.h destest.cecb3_enc.c ecb_enc.c ede_cbcm_enc.c enc_read.c enc_writ.c fcrypt.cfcrypt_b.c ncbc_enc.c ofb64ede.c ofb64enc.c ofb_enc.c pcbc_enc.crpc_enc.c set_key.c str2key.c xcbc_enc.c

[Bodo Moeller]

On Tue, Jul 31, 2001 at 01:49:24PM -0400, Jeffrey Altman wrote:

>>> Please be very careful with the changes that are made to DES.  The DES
>>> structures and functions from OpenSSL were originally designed by Eric
>>> to be compatible with the MIT Kerberos DES implementation.  This has
>>> allowed applications such as C-Kermit to implement both Kerberos and
>>> SSL/TLS (as is needed for Telnet and SSH) by using only the OpenSSL
>>> DES implementation.  Changes that result in name conflicts or data
>>> structure conflicts will be a serious problem for application that
>>> require both Kerberos and SSL/TLS.

> When linking the app to both Kerberos IV and OpenSSL there is a
> conflict between the libdes.a from MIT and libcrypto.a from OpenSSL
> since they both implement the same functions.  So what I have done in
> the past is link to libkrb4.a and libcrypto.a instead of libdes.a.
> Since they implemented identical data structures and the function
> calls were the same, the OpenSSL DES routines would simply just work.

In SSLeay, des_key_schedule looked like this:


typedef unsigned char des_cblock[8];
typedef struct des_ks_struct
        {
        union   {
                des_cblock _;
                /* make sure things are correct size on machines with
                 * 8 byte longs */
                DES_LONG pad[2];
                } ks;
        } des_key_schedule[16];



With the current OpenSSL CVS state, it looks like this (if
OPENBSD_DEV_CRYPTO is not defined):

typedef struct des_ks
    {
    union
        {
        des_cblock cblock;
        /* make sure things are correct size on machines with
         * 8 byte longs */
        DES_LONG deslong[2];
        } ks[16];
    } des_key_schedule;


So local 'des_key_schedule' variables should still have the same size
and representation.  Also pointer passed to functions such as
des_set_key() will still look the same internally (although this is
not guaranteed by the C standard).



-- 
Bodo M�ller <[EMAIL PROTECTED]>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]