DES3: Move "Two-key 3DES" support into DES.c instead of customizing tomcrypt_des.c

author: Dwayne Litzenberger <dlitz@dlitz.net> 2014-06-22 19:50:22 -0700
committer: Dwayne Litzenberger <dlitz@dlitz.net> 2014-06-22 19:50:22 -0700
commit: 33859d41784c85a64da5b6cf8856f086b2c77b8f (patch)
tree: bf419f08a68a007ae7d6826ea2dab70b1f302159
parent: 8271a21c3eda83f425f9cc5ec26c825c25771af7 (diff)
download: pycrypto-33859d41784c85a64da5b6cf8856f086b2c77b8f.tar.gz
2 files changed, 20 insertions, 14 deletions
diff --git a/src/DES.c b/src/DES.c
index 65171fb..c5c2416 100644
--- a/src/DES.c
+++ b/src/DES.c
@@ -71,7 +71,23 @@ static void block_init(block_state *self, unsigned char *key, int keylen)
 {
     int rc;
 #ifdef PCT_DES3_MODULE
-    rc = des3_setup(key, keylen, 0, &self->sk);
+    int i;
+    unsigned char keybuf[24];
+    if (keylen == 16) {
+        /* "Two-key 3DES" mode, where the 3DES key is K1,K2,K1 */
+        for (i = 0; i < 16; i++) {
+            keybuf[i] = key[i];
+        }
+        for (i = 0; i < 8; i++) {
+            keybuf[i+16] = key[i];
+        }
+        rc = des3_setup(keybuf, 24, 0, &self->sk);
+        for (i = 0; i < 24; i++) {  /* TODO: securely zeroize this */
+            keybuf[i] = 0;
+        }
+    } else {
+        rc = des3_setup(key, keylen, 0, &self->sk);
+    }
 #else
     rc = des_setup(key, keylen, 0, &self->sk);
 #endif
diff --git a/src/libtom/tomcrypt_des.c b/src/libtom/tomcrypt_des.c
index a9a4839..3cdc13f 100644
--- a/src/libtom/tomcrypt_des.c
+++ b/src/libtom/tomcrypt_des.c
@@ -1562,27 +1562,17 @@ static int des3_setup(const unsigned char *key, int keylen, int num_rounds, symm
         return CRYPT_INVALID_ROUNDS;
     }
 
-    if (keylen != 24 && keylen != 16) {
+    if (keylen != 24) {
         return CRYPT_INVALID_KEYSIZE;
     }
 
     deskey(key,    EN0, skey->des3.ek[0]);
     deskey(key+8,  DE1, skey->des3.ek[1]);
-    if (keylen == 24) {
-        deskey(key+16, EN0, skey->des3.ek[2]);
-    } else {
-        /* two-key 3DES: K3=K1 */
-        deskey(key, EN0, skey->des3.ek[2]);
-    }
+    deskey(key+16, EN0, skey->des3.ek[2]);
 
     deskey(key,    DE1, skey->des3.dk[2]);
     deskey(key+8,  EN0, skey->des3.dk[1]);
-    if (keylen == 24) {
-        deskey(key+16, DE1, skey->des3.dk[0]);
-    } else {
-        /* two-key 3DES: K3=K1 */
-        deskey(key, DE1, skey->des3.dk[0]);
-    }
+    deskey(key+16, DE1, skey->des3.dk[0]);
 
     return CRYPT_OK;
 }
author	Dwayne Litzenberger <dlitz@dlitz.net>	2014-06-22 19:50:22 -0700
committer	Dwayne Litzenberger <dlitz@dlitz.net>	2014-06-22 19:50:22 -0700
commit	33859d41784c85a64da5b6cf8856f086b2c77b8f (patch)
tree	bf419f08a68a007ae7d6826ea2dab70b1f302159
parent	8271a21c3eda83f425f9cc5ec26c825c25771af7 (diff)
download	pycrypto-33859d41784c85a64da5b6cf8856f086b2c77b8f.tar.gz