commit 1f87fb68969c96e77fa0736b79ad275ecebb7b66
author Paul Bakker <p.j.bakker@polarssl.org> Sat Jan 15 17:32:24 2011 +0000
committer Paul Bakker <p.j.bakker@polarssl.org> Sat Jan 15 17:32:24 2011 +0000
tree b229ddeed5cb05477fec7e9e2d31e70adbbdc065
parent f92d7a8c81bf2a42e55148eb891e13f331e5800b

 - Support for DES weak keys and parity bits added

include/polarssl/des.h

diff --git a/include/polarssl/des.h b/include/polarssl/des.h
index f9778df..0542329 100644
--- a/include/polarssl/des.h
+++ b/include/polarssl/des.h
@@ -32,6 +32,8 @@
 
 #define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH               -0x0C00
 
+#define DES_KEY_SIZE    8
+
 /**
  * \brief          DES context structure
  */
@@ -57,6 +59,34 @@
 #endif
 
 /**
+ * \brief          Set key parity on the given key to odd.
+ *
+ *                 DES keys are 56 bits long, but each byte is padded with
+ *                 a parity bit to allow verification.
+ *
+ * \param key      8-byte secret key
+ */
+void des_key_set_parity( unsigned char key[DES_KEY_SIZE] );
+
+/**
+ * \brief          Check that key parity on the given key is odd.
+ *
+ *                 DES keys are 56 bits long, but each byte is padded with
+ *                 a parity bit to allow verification.
+ *
+ * \param key      8-byte secret key
+ */
+int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] );
+
+
+/**
+ * \brief          Check that key is not a weak or semi-weak DES key
+ *
+ * \param key      8-byte secret key
+ */
+int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] );
+
+/**
  * \brief          DES key schedule (56-bit, encryption)
  *
  * \param ctx      DES context to be initialized
@@ -64,7 +94,7 @@
  *
  * \return         0
  */
-int des_setkey_enc( des_context *ctx, const unsigned char key[8] );
+int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] );
 
 /**
  * \brief          DES key schedule (56-bit, decryption)
@@ -74,7 +104,7 @@
  *
  * \return         0
  */
-int des_setkey_dec( des_context *ctx, const unsigned char key[8] );
+int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] );
 
 /**
  * \brief          Triple-DES key schedule (112-bit, encryption)
@@ -84,7 +114,7 @@
  *
  * \return         0
  */
-int des3_set2key_enc( des3_context *ctx, const unsigned char key[16] );
+int des3_set2key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] );
 
 /**
  * \brief          Triple-DES key schedule (112-bit, decryption)
@@ -94,7 +124,7 @@
  *
  * \return         0
  */
-int des3_set2key_dec( des3_context *ctx, const unsigned char key[16] );
+int des3_set2key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] );
 
 /**
  * \brief          Triple-DES key schedule (168-bit, encryption)
@@ -104,7 +134,7 @@
  *
  * \return         0
  */
-int des3_set3key_enc( des3_context *ctx, const unsigned char key[24] );
+int des3_set3key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] );
 
 /**
  * \brief          Triple-DES key schedule (168-bit, decryption)
@@ -114,7 +144,7 @@
  *
  * \return         0
  */
-int des3_set3key_dec( des3_context *ctx, const unsigned char key[24] );
+int des3_set3key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] );
 
 /**
  * \brief          DES-ECB block encryption/decryption