diff options
-rw-r--r-- | src/DES.c | 18 | ||||
-rw-r--r-- | src/libtom/tomcrypt_des.c | 16 |
2 files changed, 20 insertions, 14 deletions
@@ -71,7 +71,23 @@ static void block_init(block_state *self, unsigned char *key, int keylen) { int rc; #ifdef PCT_DES3_MODULE - rc = des3_setup(key, keylen, 0, &self->sk); + int i; + unsigned char keybuf[24]; + if (keylen == 16) { + /* "Two-key 3DES" mode, where the 3DES key is K1,K2,K1 */ + for (i = 0; i < 16; i++) { + keybuf[i] = key[i]; + } + for (i = 0; i < 8; i++) { + keybuf[i+16] = key[i]; + } + rc = des3_setup(keybuf, 24, 0, &self->sk); + for (i = 0; i < 24; i++) { /* TODO: securely zeroize this */ + keybuf[i] = 0; + } + } else { + rc = des3_setup(key, keylen, 0, &self->sk); + } #else rc = des_setup(key, keylen, 0, &self->sk); #endif diff --git a/src/libtom/tomcrypt_des.c b/src/libtom/tomcrypt_des.c index a9a4839..3cdc13f 100644 --- a/src/libtom/tomcrypt_des.c +++ b/src/libtom/tomcrypt_des.c @@ -1562,27 +1562,17 @@ static int des3_setup(const unsigned char *key, int keylen, int num_rounds, symm return CRYPT_INVALID_ROUNDS; } - if (keylen != 24 && keylen != 16) { + if (keylen != 24) { return CRYPT_INVALID_KEYSIZE; } deskey(key, EN0, skey->des3.ek[0]); deskey(key+8, DE1, skey->des3.ek[1]); - if (keylen == 24) { - deskey(key+16, EN0, skey->des3.ek[2]); - } else { - /* two-key 3DES: K3=K1 */ - deskey(key, EN0, skey->des3.ek[2]); - } + deskey(key+16, EN0, skey->des3.ek[2]); deskey(key, DE1, skey->des3.dk[2]); deskey(key+8, EN0, skey->des3.dk[1]); - if (keylen == 24) { - deskey(key+16, DE1, skey->des3.dk[0]); - } else { - /* two-key 3DES: K3=K1 */ - deskey(key, DE1, skey->des3.dk[0]); - } + deskey(key+16, DE1, skey->des3.dk[0]); return CRYPT_OK; } |