diff options
author | miod <> | 2014-07-22 18:10:48 +0000 |
---|---|---|
committer | miod <> | 2014-07-22 18:10:48 +0000 |
commit | e1bad9c63c8b2d0daeb63fd3ce71f1c5aca163a2 (patch) | |
tree | 2f115d7407c065770ac7058ec55839e660ffe29e /src/lib/libcrypto/evp/e_des3.c | |
parent | 9537b06bc09eb72b0f1edd06de4049fb515437b8 (diff) | |
download | openbsd-e1bad9c63c8b2d0daeb63fd3ce71f1c5aca163a2.tar.gz openbsd-e1bad9c63c8b2d0daeb63fd3ce71f1c5aca163a2.tar.bz2 openbsd-e1bad9c63c8b2d0daeb63fd3ce71f1c5aca163a2.zip |
Now that DES_random_key() can be trusted, use it to generate DES keys in the
EVP_CTRL_RAND_KEY method handlers, rather than generating a random odd key and
not even checking it against the weak keys list.
ok beck@
Diffstat (limited to 'src/lib/libcrypto/evp/e_des3.c')
-rw-r--r-- | src/lib/libcrypto/evp/e_des3.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c index 0f1974f6c9..5f42a0ade9 100644 --- a/src/lib/libcrypto/evp/e_des3.c +++ b/src/lib/libcrypto/evp/e_des3.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: e_des3.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */ | 1 | /* $OpenBSD: e_des3.c,v 1.17 2014/07/22 18:10:48 miod Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. | 3 | * All rights reserved. |
4 | * | 4 | * |
@@ -271,13 +271,12 @@ des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) | |||
271 | 271 | ||
272 | switch (type) { | 272 | switch (type) { |
273 | case EVP_CTRL_RAND_KEY: | 273 | case EVP_CTRL_RAND_KEY: |
274 | if (RAND_bytes(ptr, c->key_len) <= 0) | 274 | if (DES_random_key(deskey) == 0) |
275 | return 0; | ||
276 | if (c->key_len >= 16 && DES_random_key(deskey + 1) == 0) | ||
277 | return 0; | ||
278 | if (c->key_len >= 24 && DES_random_key(deskey + 2) == 0) | ||
275 | return 0; | 279 | return 0; |
276 | DES_set_odd_parity(deskey); | ||
277 | if (c->key_len >= 16) | ||
278 | DES_set_odd_parity(deskey + 1); | ||
279 | if (c->key_len >= 24) | ||
280 | DES_set_odd_parity(deskey + 2); | ||
281 | return 1; | 280 | return 1; |
282 | 281 | ||
283 | default: | 282 | default: |