diff options
| author | miod <> | 2014-07-22 18:10:48 +0000 |
|---|---|---|
| committer | miod <> | 2014-07-22 18:10:48 +0000 |
| commit | 8e384f2a8538561af8b66a3122653dcc0c6fc6e4 (patch) | |
| tree | 2f115d7407c065770ac7058ec55839e660ffe29e /src | |
| parent | ae3ddac8a2c0327ef4ee78740df590f055b72097 (diff) | |
| download | openbsd-8e384f2a8538561af8b66a3122653dcc0c6fc6e4.tar.gz openbsd-8e384f2a8538561af8b66a3122653dcc0c6fc6e4.tar.bz2 openbsd-8e384f2a8538561af8b66a3122653dcc0c6fc6e4.zip | |
Now that DES_random_key() can be trusted, use it to generate DES keys in the
EVP_CTRL_RAND_KEY method handlers, rather than generating a random odd key and
not even checking it against the weak keys list.
ok beck@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/evp/e_des.c | 9 | ||||
| -rw-r--r-- | src/lib/libcrypto/evp/e_des3.c | 13 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/evp/e_des.c | 9 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/evp/e_des3.c | 13 |
4 files changed, 20 insertions, 24 deletions
diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c index 0a32d2adb9..7a9fa2d515 100644 --- a/src/lib/libcrypto/evp/e_des.c +++ b/src/lib/libcrypto/evp/e_des.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_des.c,v 1.11 2014/07/11 08:44:48 jsing Exp $ */ | 1 | /* $OpenBSD: e_des.c,v 1.12 2014/07/22 18:10:48 miod Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -80,8 +80,8 @@ des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |||
| 80 | const unsigned char *in, size_t inl) | 80 | const unsigned char *in, size_t inl) |
| 81 | { | 81 | { |
| 82 | BLOCK_CIPHER_ecb_loop() | 82 | BLOCK_CIPHER_ecb_loop() |
| 83 | DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), | 83 | DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), |
| 84 | ctx->cipher_data, ctx->encrypt); | 84 | ctx->cipher_data, ctx->encrypt); |
| 85 | return 1; | 85 | return 1; |
| 86 | } | 86 | } |
| 87 | 87 | ||
| @@ -220,9 +220,8 @@ des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) | |||
| 220 | { | 220 | { |
| 221 | switch (type) { | 221 | switch (type) { |
| 222 | case EVP_CTRL_RAND_KEY: | 222 | case EVP_CTRL_RAND_KEY: |
| 223 | if (RAND_bytes(ptr, 8) <= 0) | 223 | if (DES_random_key((DES_cblock *)ptr) == 0) |
| 224 | return 0; | 224 | return 0; |
| 225 | DES_set_odd_parity((DES_cblock *)ptr); | ||
| 226 | return 1; | 225 | return 1; |
| 227 | 226 | ||
| 228 | default: | 227 | default: |
diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c index 0f1974f6c9..5f42a0ade9 100644 --- a/src/lib/libcrypto/evp/e_des3.c +++ b/src/lib/libcrypto/evp/e_des3.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_des3.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */ | 1 | /* $OpenBSD: e_des3.c,v 1.17 2014/07/22 18:10:48 miod Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -271,13 +271,12 @@ des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) | |||
| 271 | 271 | ||
| 272 | switch (type) { | 272 | switch (type) { |
| 273 | case EVP_CTRL_RAND_KEY: | 273 | case EVP_CTRL_RAND_KEY: |
| 274 | if (RAND_bytes(ptr, c->key_len) <= 0) | 274 | if (DES_random_key(deskey) == 0) |
| 275 | return 0; | ||
| 276 | if (c->key_len >= 16 && DES_random_key(deskey + 1) == 0) | ||
| 277 | return 0; | ||
| 278 | if (c->key_len >= 24 && DES_random_key(deskey + 2) == 0) | ||
| 275 | return 0; | 279 | return 0; |
| 276 | DES_set_odd_parity(deskey); | ||
| 277 | if (c->key_len >= 16) | ||
| 278 | DES_set_odd_parity(deskey + 1); | ||
| 279 | if (c->key_len >= 24) | ||
| 280 | DES_set_odd_parity(deskey + 2); | ||
| 281 | return 1; | 280 | return 1; |
| 282 | 281 | ||
| 283 | default: | 282 | default: |
diff --git a/src/lib/libssl/src/crypto/evp/e_des.c b/src/lib/libssl/src/crypto/evp/e_des.c index 0a32d2adb9..7a9fa2d515 100644 --- a/src/lib/libssl/src/crypto/evp/e_des.c +++ b/src/lib/libssl/src/crypto/evp/e_des.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_des.c,v 1.11 2014/07/11 08:44:48 jsing Exp $ */ | 1 | /* $OpenBSD: e_des.c,v 1.12 2014/07/22 18:10:48 miod Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -80,8 +80,8 @@ des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |||
| 80 | const unsigned char *in, size_t inl) | 80 | const unsigned char *in, size_t inl) |
| 81 | { | 81 | { |
| 82 | BLOCK_CIPHER_ecb_loop() | 82 | BLOCK_CIPHER_ecb_loop() |
| 83 | DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), | 83 | DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i), |
| 84 | ctx->cipher_data, ctx->encrypt); | 84 | ctx->cipher_data, ctx->encrypt); |
| 85 | return 1; | 85 | return 1; |
| 86 | } | 86 | } |
| 87 | 87 | ||
| @@ -220,9 +220,8 @@ des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) | |||
| 220 | { | 220 | { |
| 221 | switch (type) { | 221 | switch (type) { |
| 222 | case EVP_CTRL_RAND_KEY: | 222 | case EVP_CTRL_RAND_KEY: |
| 223 | if (RAND_bytes(ptr, 8) <= 0) | 223 | if (DES_random_key((DES_cblock *)ptr) == 0) |
| 224 | return 0; | 224 | return 0; |
| 225 | DES_set_odd_parity((DES_cblock *)ptr); | ||
| 226 | return 1; | 225 | return 1; |
| 227 | 226 | ||
| 228 | default: | 227 | default: |
diff --git a/src/lib/libssl/src/crypto/evp/e_des3.c b/src/lib/libssl/src/crypto/evp/e_des3.c index 0f1974f6c9..5f42a0ade9 100644 --- a/src/lib/libssl/src/crypto/evp/e_des3.c +++ b/src/lib/libssl/src/crypto/evp/e_des3.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_des3.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */ | 1 | /* $OpenBSD: e_des3.c,v 1.17 2014/07/22 18:10:48 miod Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -271,13 +271,12 @@ des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) | |||
| 271 | 271 | ||
| 272 | switch (type) { | 272 | switch (type) { |
| 273 | case EVP_CTRL_RAND_KEY: | 273 | case EVP_CTRL_RAND_KEY: |
| 274 | if (RAND_bytes(ptr, c->key_len) <= 0) | 274 | if (DES_random_key(deskey) == 0) |
| 275 | return 0; | ||
| 276 | if (c->key_len >= 16 && DES_random_key(deskey + 1) == 0) | ||
| 277 | return 0; | ||
| 278 | if (c->key_len >= 24 && DES_random_key(deskey + 2) == 0) | ||
| 275 | return 0; | 279 | return 0; |
| 276 | DES_set_odd_parity(deskey); | ||
| 277 | if (c->key_len >= 16) | ||
| 278 | DES_set_odd_parity(deskey + 1); | ||
| 279 | if (c->key_len >= 24) | ||
| 280 | DES_set_odd_parity(deskey + 2); | ||
| 281 | return 1; | 280 | return 1; |
| 282 | 281 | ||
| 283 | default: | 282 | default: |