Did SSLeay/OpenSSL change its DES implementation?

VaX#n8 vax at carolina.rr.com
Mon May 17 04:17:29 EDT 2004

I've been working on integrating TCFS into NetBSD's kernel.
Currently I have a stand-alone package that builds an LKM that works.
The NetBSD people asked me to use the extant crypto code in the kernel,
and both TCFS's and NetBSD's came from SSLeay.  I had to make only one
minor change to it (changing a param to des_ecb_encrypt from a pointer
to a struct to the struct itself).  So I just added a "*" to deref it.

So I was somewhat surprised when I ran the in-kernel version and found
it couldn't read the files on disk created by the LKM.  I wrote a little
test routine that I compiled with/against the LKM's [older] SSL DES
implementation, then I compiled it with/against the in-kernel [newer] stuff,
and found that their data differed.  So I wanted to see if it was in the
key scheduling or the ciphering, so I removed the calls to encryption.
The key schedules it generates are different.  As a matter of fact, I
found that merely linking with the ciphering code seemed to change the
key schedule ever-so-slightly.  I think I must be doing something wrong
in C, have a pointer pointing somewhere it shouldn't be, etc.  But -Wall
doesn't show any problems.  Neither does lint.

1) Did SSLeay/OpenSSL change the behavior of DES?
2) Can you see a problem in my little test code below?
   Sorry if I'm missing something obvious.

#include <stdio.h>
#include <stdlib.h>
#include <err.h>

#include "des.h"

int main() {
#define KEY "012345678012345678012345678012345678"
        const char key[] = KEY;
        const char *kptr = key;
        des_key_schedule ks;
        int i, j;

        des_set_key_unchecked ((des_cblock *)kptr, ks); /* or w/o unchecked */
        des_set_key ((des_cblock *)kptr, ks);

for (j = 0; j<(sizeof(des_key_schedule)/sizeof(struct des_ks_struct)); j++) {
        for (i = 0; i < sizeof(des_cblock); i++) printf("%02x", ks[j].ks.cblock[
        for (i = 0; i < sizeof(des_cblock); i++) printf("%02x", ks[j].ks._[i]);


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list