src - OpenBSD base system

diff options


context:
space:
mode:

author	Markus Friedl <markus@cvs.openbsd.org>	2003-12-26 10:04:50 +0000
committer	Markus Friedl <markus@cvs.openbsd.org>	2003-12-26 10:04:50 +0000
commit	ac5246212226814e8b03e7512be199dac32a532c (patch)
tree	e7b5164341a69fd13b7b3b9ee5cdcee7df6bb47a /sys/crypto
parent	90be396b80c572ac188b368f01a78bd5d1ae84c1 (diff)

- use 1/2 space for rijndael context in ipsec

- rijndael_set_key_enc_only() sets up context for encryption only - rijndael_set_key() always sets up full context - rijndaelKeySetupDec() gets back original protoype - uvm: use _enc_only() interface with hshoexer@, ok deraadt@

Diffstat (limited to 'sys/crypto')

-rw-r--r--

sys/crypto/rijndael.c

-rw-r--r--

sys/crypto/rijndael.h

-rw-r--r--

sys/crypto/xform.c

3 files changed, 27 insertions, 30 deletions

diff --git a/sys/crypto/rijndael.c b/sys/crypto/rijndael.c
index ee85a04b0cf..5be52bf1c21 100644
--- a/sys/crypto/rijndael.c
+++ b/sys/crypto/rijndael.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: rijndael.c,v 1.12 2002/07/10 17:53:54 deraadt Exp $ */

+/* $OpenBSD: rijndael.c,v 1.13 2003/12/26 10:04:49 markus Exp $ */

/**

* rijndael-alg-fst.c

@@ -809,17 +809,13 @@ static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int

* @return the number of rounds for the given cipher key size.

static int

-rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits,

- int have_encrypt) {

+rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) {

int Nr, i, j;

u32 temp;

- if (have_encrypt) {

- Nr = have_encrypt;

- } else {

- /* expand the cipher key: */

- Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits);

- }

+ /* expand the cipher key: */

+ Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits);

/* invert the order of the round keys: */

for (i = 0, j = 4*Nr; i < j; i += 4, j -= 4) {

temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;

@@ -1216,18 +1212,21 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16

PUTU32(pt + 12, s3);

}

+/* setup key context for encryption only */

void

-rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits, int encrypt)

+rijndael_set_key_enc_only(rijndael_ctx *ctx, u_char *key, int bits)

{

ctx->Nr = rijndaelKeySetupEnc(ctx->ek, key, bits);

- if (encrypt) {

- ctx->decrypt = 0;

- memset(ctx->dk, 0, sizeof(ctx->dk));

- } else {

- ctx->decrypt = 1;

- memcpy(ctx->dk, ctx->ek, sizeof(ctx->dk));

- rijndaelKeySetupDec(ctx->dk, key, bits, ctx->Nr);

- }

+ ctx->enc_only = 1;

+/* setup key context for both encryption and decryption */

+void

+rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits)

+ ctx->Nr = rijndaelKeySetupEnc(ctx->ek, key, bits);

+ rijndaelKeySetupDec(ctx->dk, key, bits);

+ ctx->enc_only = 0;

}

void

diff --git a/sys/crypto/rijndael.h b/sys/crypto/rijndael.h
index d8cae07c7f6..6cfb3813dad 100644
--- a/sys/crypto/rijndael.h
+++ b/sys/crypto/rijndael.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: rijndael.h,v 1.7 2001/12/19 17:42:24 markus Exp $ */

+/* $OpenBSD: rijndael.h,v 1.8 2003/12/26 10:04:49 markus Exp $ */

/**

* rijndael-alg-fst.h

@@ -38,13 +38,14 @@ typedef unsigned int u32;

/* The structure for key information */

typedef struct {

- int decrypt;

+ int enc_only; /* context contains only encrypt schedule */

int Nr; /* key-length-dependent number of rounds */

u32 ek[4*(MAXNR + 1)]; /* encrypt key schedule */

u32 dk[4*(MAXNR + 1)]; /* decrypt key schedule */

} rijndael_ctx;

-void rijndael_set_key(rijndael_ctx *, u_char *, int, int);

+void rijndael_set_key(rijndael_ctx *, u_char *, int);

+void rijndael_set_key_enc_only(rijndael_ctx *, u_char *, int);

void rijndael_decrypt(rijndael_ctx *, u_char *, u_char *);

void rijndael_encrypt(rijndael_ctx *, u_char *, u_char *);

diff --git a/sys/crypto/xform.c b/sys/crypto/xform.c
index 2cb796491de..2bad4c89428 100644
--- a/sys/crypto/xform.c
+++ b/sys/crypto/xform.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: xform.c,v 1.23 2003/07/24 08:03:19 itojun Exp $ */

+/* $OpenBSD: xform.c,v 1.24 2003/12/26 10:04:49 markus Exp $ */

* The authors of this code are John Ioannidis (ji@tla.org),

* Angelos D. Keromytis (kermit@csd.uch.gr) and

@@ -441,25 +441,22 @@ rijndael128_encrypt(caddr_t key, u_int8_t *blk)

void

rijndael128_decrypt(caddr_t key, u_int8_t *blk)

{

- rijndael_decrypt(((rijndael_ctx *) key) + 1, (u_char *) blk,

- (u_char *) blk);

+ rijndael_decrypt((rijndael_ctx *) key, (u_char *) blk, (u_char *) blk);

}

void

rijndael128_setkey(u_int8_t **sched, u_int8_t *key, int len)

{

- MALLOC(*sched, u_int8_t *, 2 * sizeof(rijndael_ctx), M_CRYPTO_DATA,

+ MALLOC(*sched, u_int8_t *, sizeof(rijndael_ctx), M_CRYPTO_DATA,

M_WAITOK);

- bzero(*sched, 2 * sizeof(rijndael_ctx));

- rijndael_set_key((rijndael_ctx *) *sched, (u_char *) key, len * 8, 1);

- rijndael_set_key(((rijndael_ctx *) *sched) + 1, (u_char *) key,

- len * 8, 0);

+ bzero(*sched, sizeof(rijndael_ctx));

+ rijndael_set_key((rijndael_ctx *) *sched, (u_char *) key, len * 8);

}

void

rijndael128_zerokey(u_int8_t **sched)

{

- bzero(*sched, 2 * sizeof(rijndael_ctx));

+ bzero(*sched, sizeof(rijndael_ctx));

FREE(*sched, M_CRYPTO_DATA);

*sched = NULL;

}