Rev 123 | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
117 | holmgren | 1 | --- a/src/post_modules/Nettle/cipher.cmod |
2 | +++ b/src/post_modules/Nettle/cipher.cmod |
||
3 | @@ -572,23 +572,11 @@ pike_des_set_key(void *c, |
||
4 | |||
5 | if (!des_set_key(ctx, (const uint8_t *)key)) |
||
6 | { |
||
7 | - switch (ctx->status) |
||
8 | - { |
||
9 | - case DES_WEAK_KEY: |
||
10 | if (force) |
||
11 | /* Use key anyway */ |
||
12 | - ctx->status = DES_OK; |
||
13 | + ; |
||
14 | else |
||
15 | Pike_error("DES_INFO: Key is weak.\n"); |
||
16 | - break; |
||
17 | - |
||
18 | - case DES_BAD_PARITY: |
||
19 | - /* FIXME: I don't think this should be visible in the user |
||
20 | - * interface, the parity bits should just be ignored. */ |
||
21 | - Pike_error("DES_INFO: Key has bad parity.\n"); |
||
22 | - default: |
||
23 | - Pike_error("DES_INFO: Unexpected error, please send a bug report.\n"); |
||
24 | - } |
||
25 | } |
||
26 | } |
||
27 | |||
28 | @@ -742,28 +730,15 @@ pike_des3_set_key(void *c, |
||
29 | break; |
||
30 | } |
||
31 | |||
32 | - /* The hack of resetting ctx->status to use a weak key doesn't |
||
33 | - * currently work with nettle's des3_set_key function. So we set the |
||
34 | - * individual keys by ourself. */ |
||
35 | - for (i = 0; i<3; i++, key += DES_KEY_SIZE) |
||
36 | - if (!des_set_key(&ctx->des[i], (const uint8_t *)key)) |
||
37 | - switch (ctx->des[i].status) |
||
38 | - { |
||
39 | - case DES_WEAK_KEY: |
||
40 | + /* Since Nettle 2.1 has removed the status field and simply returns |
||
41 | + zero if the key is weak, we can simply call des3_set_key */ |
||
42 | + if (!des3_set_key(ctx, (const uint8_t *)key)) { |
||
43 | if (force) |
||
44 | /* Use key anyway */ |
||
45 | - ctx->des[i].status = DES_OK; |
||
46 | + ; |
||
47 | else |
||
48 | Pike_error("DES3_INFO: Key is weak.\n"); |
||
49 | - break; |
||
50 | - |
||
51 | - case DES_BAD_PARITY: |
||
52 | - /* FIXME: I don't think this should be visible in the user |
||
53 | - * interface, the parity bits should just be ignored. */ |
||
54 | - Pike_error("DES3_INFO: Key has bad parity.\n"); |
||
55 | - default: |
||
56 | - Pike_error("DES3_INFO: Unexpected error, please send a bug report.\n"); |
||
57 | - } |
||
58 | + } |
||
59 | } |
||
60 | #define pike_des3_set_encrypt_key pike_des3_set_key |
||
61 | #define pike_des3_set_decrypt_key pike_des3_set_key |
||
123 | holmgren | 62 | --- a/src/post_modules/Nettle/cipher.c |
63 | +++ b/src/post_modules/Nettle/cipher.c |
||
64 | @@ -1093,23 +1093,11 @@ pike_des_set_key(void *c, |
||
65 | |||
66 | if (!des_set_key(ctx, (const uint8_t *)key)) |
||
67 | { |
||
68 | - switch (ctx->status) |
||
69 | - { |
||
70 | - case DES_WEAK_KEY: |
||
71 | if (force) |
||
72 | /* Use key anyway */ |
||
73 | - ctx->status = DES_OK; |
||
74 | + ; |
||
75 | else |
||
76 | Pike_error("DES_INFO: Key is weak.\n"); |
||
77 | - break; |
||
78 | - |
||
79 | - case DES_BAD_PARITY: |
||
80 | - /* FIXME: I don't think this should be visible in the user |
||
81 | - * interface, the parity bits should just be ignored. */ |
||
82 | - Pike_error("DES_INFO: Key has bad parity.\n"); |
||
83 | - default: |
||
84 | - Pike_error("DES_INFO: Unexpected error, please send a bug report.\n"); |
||
85 | - } |
||
86 | } |
||
87 | } |
||
88 | |||
89 | @@ -1355,28 +1343,15 @@ pike_des3_set_key(void *c, |
||
90 | break; |
||
91 | } |
||
92 | |||
93 | - /* The hack of resetting ctx->status to use a weak key doesn't |
||
94 | - * currently work with nettle's des3_set_key function. So we set the |
||
95 | - * individual keys by ourself. */ |
||
96 | - for (i = 0; i<3; i++, key += DES_KEY_SIZE) |
||
97 | - if (!des_set_key(&ctx->des[i], (const uint8_t *)key)) |
||
98 | - switch (ctx->des[i].status) |
||
99 | - { |
||
100 | - case DES_WEAK_KEY: |
||
101 | + /* Since Nettle 2.1 has removed the status field and simply returns |
||
102 | + zero if the key is weak, we can simply call des3_set_key */ |
||
103 | + if (!des3_set_key(ctx, (const uint8_t *)key)) { |
||
104 | if (force) |
||
105 | /* Use key anyway */ |
||
106 | - ctx->des[i].status = DES_OK; |
||
107 | + ; |
||
108 | else |
||
109 | Pike_error("DES3_INFO: Key is weak.\n"); |
||
110 | - break; |
||
111 | - |
||
112 | - case DES_BAD_PARITY: |
||
113 | - /* FIXME: I don't think this should be visible in the user |
||
114 | - * interface, the parity bits should just be ignored. */ |
||
115 | - Pike_error("DES3_INFO: Key has bad parity.\n"); |
||
116 | - default: |
||
117 | - Pike_error("DES3_INFO: Unexpected error, please send a bug report.\n"); |
||
118 | - } |
||
119 | + } |
||
120 | } |
||
121 | #define pike_des3_set_encrypt_key pike_des3_set_key |
||
122 | #define pike_des3_set_decrypt_key pike_des3_set_key |