From: Richard Levitte <levitte@openssl.org>
Date: Tue, 5 Feb 2002 15:05:42 +0000 (+0000)
Subject: Apply one patch from Assar Westerlund <assar@sics.se>:
X-Git-Tag: OpenSSL-engine-0_9_6c^2^2~40
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=c31bbf1e68b7e677a3de0b60e361a041d8771dd6;hp=5e68f8ce1535f7d34a8431a332f6343cf637d499

Apply one patch from Assar Westerlund <assar@sics.se>:

The following patch makes sure that string2key does not use weak DES
keys (then making them non-weak by xor:ing with 0xF0).
---

diff --git a/crypto/des/str2key.c b/crypto/des/str2key.c
index f69bef3a6e..70f1d83e07 100644
--- a/crypto/des/str2key.c
+++ b/crypto/des/str2key.c
@@ -86,7 +86,9 @@ void DES_string_to_key(const char *str, DES_cblock *key)
 		}
 #endif
 	DES_set_odd_parity(key);
-	DES_set_key_unchecked(key,&ks);
+	if(DES_is_weak_key(key))
+	    (*key)[7] ^= 0xF0;
+	DES_set_key(key,&ks);
 	DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key);
 	memset(&ks,0,sizeof(ks));
 	DES_set_odd_parity(key);
@@ -145,9 +147,13 @@ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
 #endif
 	DES_set_odd_parity(key1);
 	DES_set_odd_parity(key2);
-	DES_set_key_unchecked(key1,&ks);
+	if(DES_is_weak_key(key1))
+	    (*key1)[7] ^= 0xF0;
+	DES_set_key(key1,&ks);
 	DES_cbc_cksum((const unsigned char*)str,key1,length,&ks,key1);
-	DES_set_key_unchecked(key2,&ks);
+	if(DES_is_weak_key(key2))
+	    (*key2)[7] ^= 0xF0;
+	DES_set_key(key2,&ks);
 	DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2);
 	memset(&ks,0,sizeof(ks));
 	DES_set_odd_parity(key1);