des3_ede_setkey now ignores unused bits (often used for parity)
when comparing keys to report weak combinations.
---
crypto/des_generic.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/des_generic.c b/crypto/des_generic.c
index 24d7f93..d9a81d8 100644
--- a/crypto/des_generic.c
+++ b/crypto/des_generic.c
@@ -821,8 +821,8 @@ static int des3_ede_setkey(struct crypto_tfm *tfm, const u8
*key,
u32 *expkey = dctx->expkey;
u32 *flags = &tfm->crt_flags;
- if (unlikely(!((K[0] ^ K[2]) | (K[1] ^ K[3])) ||
- !((K[2] ^ K[4]) | (K[3] ^ K[5]))) &&
+ if (unlikely(!(((K[0] ^ K[2]) | (K[1] ^ K[3])) & 0xfefefefe) ||
+ !(((K[2] ^ K[4]) | (K[3] ^ K[5])) & 0xfefefefe)) &&
(*flags & CRYPTO_TFM_REQ_WEAK_KEY))
{
*flags |= CRYPTO_TFM_RES_WEAK_KEY;
--
1.6.0.6
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
