- Changed the defined key-length of DES ciphers in cipher.h to include the parity bits, to prevent mistakes in copying data. (Closes ticket #33)
diff --git a/ChangeLog b/ChangeLog
index 077eac4..1355b38 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,8 @@
* Added a separate CRL entry extension parsing function
* Separated the ASN.1 parsing code from the X.509 specific parsing code.
So now there is a module that is controlled with POLARSSL_ASN1_PARSE_C.
+ * Changed the defined key-length of DES ciphers in cipher.h to include the
+ parity bits, to prevent mistakes in copying data. (Closes ticket #33)
Bugfix
* Fixed faulty HMAC-MD2 implementation. Found by dibac. (Closes
diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index 6a01732..8c94dd5 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -96,12 +96,12 @@
enum {
/** Undefined key length */
POLARSSL_KEY_LENGTH_NONE = 0,
- /** Key length, in bits, for DES keys */
- POLARSSL_KEY_LENGTH_DES = 56,
- /** Key length, in bits, for DES in two key EDE */
- POLARSSL_KEY_LENGTH_DES_EDE = 112,
- /** Key length, in bits, for DES in three-key EDE */
- POLARSSL_KEY_LENGTH_DES_EDE3 = 168,
+ /** Key length, in bits (including parity), for DES keys */
+ POLARSSL_KEY_LENGTH_DES = 64,
+ /** Key length, in bits (including parity), for DES in two key EDE */
+ POLARSSL_KEY_LENGTH_DES_EDE = 128,
+ /** Key length, in bits (including parity), for DES in three-key EDE */
+ POLARSSL_KEY_LENGTH_DES_EDE3 = 192,
/** Maximum length of any IV, in bytes */
POLARSSL_MAX_IV_LENGTH = 16,
};
@@ -150,7 +150,8 @@
/** Cipher mode (e.g. POLARSSL_MODE_CBC) */
cipher_mode_t mode;
- /** Cipher key length, in bits (default length for variable sized ciphers) */
+ /** Cipher key length, in bits (default length for variable sized ciphers)
+ * (Includes parity bits for ciphers like DES) */
unsigned int key_length;
/** Name of the cipher */