59,3 → 59,64 |
} |
#define pike_des3_set_encrypt_key pike_des3_set_key |
#define pike_des3_set_decrypt_key pike_des3_set_key |
--- a/src/post_modules/Nettle/cipher.c |
+++ b/src/post_modules/Nettle/cipher.c |
@@ -1093,23 +1093,11 @@ pike_des_set_key(void *c, |
|
if (!des_set_key(ctx, (const uint8_t *)key)) |
{ |
- switch (ctx->status) |
- { |
- case DES_WEAK_KEY: |
if (force) |
/* Use key anyway */ |
- ctx->status = DES_OK; |
+ ; |
else |
Pike_error("DES_INFO: Key is weak.\n"); |
- break; |
- |
- case DES_BAD_PARITY: |
- /* FIXME: I don't think this should be visible in the user |
- * interface, the parity bits should just be ignored. */ |
- Pike_error("DES_INFO: Key has bad parity.\n"); |
- default: |
- Pike_error("DES_INFO: Unexpected error, please send a bug report.\n"); |
- } |
} |
} |
|
@@ -1355,28 +1343,15 @@ pike_des3_set_key(void *c, |
break; |
} |
|
- /* The hack of resetting ctx->status to use a weak key doesn't |
- * currently work with nettle's des3_set_key function. So we set the |
- * individual keys by ourself. */ |
- for (i = 0; i<3; i++, key += DES_KEY_SIZE) |
- if (!des_set_key(&ctx->des[i], (const uint8_t *)key)) |
- switch (ctx->des[i].status) |
- { |
- case DES_WEAK_KEY: |
+ /* Since Nettle 2.1 has removed the status field and simply returns |
+ zero if the key is weak, we can simply call des3_set_key */ |
+ if (!des3_set_key(ctx, (const uint8_t *)key)) { |
if (force) |
/* Use key anyway */ |
- ctx->des[i].status = DES_OK; |
+ ; |
else |
Pike_error("DES3_INFO: Key is weak.\n"); |
- break; |
- |
- case DES_BAD_PARITY: |
- /* FIXME: I don't think this should be visible in the user |
- * interface, the parity bits should just be ignored. */ |
- Pike_error("DES3_INFO: Key has bad parity.\n"); |
- default: |
- Pike_error("DES3_INFO: Unexpected error, please send a bug report.\n"); |
- } |
+ } |
} |
#define pike_des3_set_encrypt_key pike_des3_set_key |
#define pike_des3_set_decrypt_key pike_des3_set_key |