From cf6f4718e8008b64598d62f6bc3fbd3a99698381 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Wed, 4 Jan 2017 09:59:53 -0700 Subject: [PATCH] add public function to check if a DES key is weak --- src/ssl.c | 143 ++++++++++++++++++++++++------------------ wolfssl/openssl/des.h | 2 + 2 files changed, 84 insertions(+), 61 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 5e275ab96..e5bb736e4 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -17873,7 +17873,7 @@ int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes, return -2; } else { - word32 i, mask, mask2; + word32 i; word32 sz = sizeof(WOLFSSL_DES_key_schedule); /* sanity check before call to DES_check */ @@ -17898,66 +17898,7 @@ int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes, } } - /* check is not weak. Weak key list from Nist - "Recommendation for the Triple - Data Encryption Algorithm - (TDEA) Block Cipher" */ - mask = 0x01010101; mask2 = 0x01010101; - if (DES_check(mask, mask2, *key)) { - WOLFSSL_MSG("Weak key found"); - return -2; - } - - mask = 0xFEFEFEFE; mask2 = 0xFEFEFEFE; - if (DES_check(mask, mask2, *key)) { - WOLFSSL_MSG("Weak key found"); - return -2; - } - - mask = 0xE0E0E0E0; mask2 = 0xF1F1F1F1; - if (DES_check(mask, mask2, *key)) { - WOLFSSL_MSG("Weak key found"); - return -2; - } - - mask = 0x1F1F1F1F; mask2 = 0x0E0E0E0E; - if (DES_check(mask, mask2, *key)) { - WOLFSSL_MSG("Weak key found"); - return -2; - } - - /* semi-weak *key check (list from same Nist paper) */ - mask = 0x011F011F; mask2 = 0x010E010E; - if (DES_check(mask, mask2, *key) || - DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { - WOLFSSL_MSG("Weak key found"); - return -2; - } - - mask = 0x01E001E0; mask2 = 0x01F101F1; - if (DES_check(mask, mask2, *key) || - DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { - WOLFSSL_MSG("Weak key found"); - return -2; - } - - mask = 0x01FE01FE; mask2 = 0x01FE01FE; - if (DES_check(mask, mask2, *key) || - DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { - WOLFSSL_MSG("Weak key found"); - return -2; - } - - mask = 0x1FE01FE0; mask2 = 0x0EF10EF1; - if (DES_check(mask, mask2, *key) || - DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { - WOLFSSL_MSG("Weak key found"); - return -2; - } - - mask = 0x1FFE1FFE; mask2 = 0x0EFE0EFE; - if (DES_check(mask, mask2, *key) || - DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { + if (wolfSSL_DES_is_weak_key(key) == 1) { WOLFSSL_MSG("Weak key found"); return -2; } @@ -17970,6 +17911,86 @@ int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes, } +/* check is not weak. Weak key list from Nist "Recommendation for the Triple + * Data Encryption Algorithm (TDEA) Block Cipher" + * + * returns 1 if is weak 0 if not + */ +int wolfSSL_DES_is_weak_key(WOLFSSL_const_DES_cblock* key) +{ + word32 mask, mask2; + + WOLFSSL_ENTER("wolfSSL_DES_is_weak_key"); + + if (key == NULL) { + WOLFSSL_MSG("NULL key passed in"); + return 1; + } + + mask = 0x01010101; mask2 = 0x01010101; + if (DES_check(mask, mask2, *key)) { + WOLFSSL_MSG("Weak key found"); + return 1; + } + + mask = 0xFEFEFEFE; mask2 = 0xFEFEFEFE; + if (DES_check(mask, mask2, *key)) { + WOLFSSL_MSG("Weak key found"); + return 1; + } + + mask = 0xE0E0E0E0; mask2 = 0xF1F1F1F1; + if (DES_check(mask, mask2, *key)) { + WOLFSSL_MSG("Weak key found"); + return 1; + } + + mask = 0x1F1F1F1F; mask2 = 0x0E0E0E0E; + if (DES_check(mask, mask2, *key)) { + WOLFSSL_MSG("Weak key found"); + return 1; + } + + /* semi-weak *key check (list from same Nist paper) */ + mask = 0x011F011F; mask2 = 0x010E010E; + if (DES_check(mask, mask2, *key) || + DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { + WOLFSSL_MSG("Weak key found"); + return 1; + } + + mask = 0x01E001E0; mask2 = 0x01F101F1; + if (DES_check(mask, mask2, *key) || + DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { + WOLFSSL_MSG("Weak key found"); + return 1; + } + + mask = 0x01FE01FE; mask2 = 0x01FE01FE; + if (DES_check(mask, mask2, *key) || + DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { + WOLFSSL_MSG("Weak key found"); + return 1; + } + + mask = 0x1FE01FE0; mask2 = 0x0EF10EF1; + if (DES_check(mask, mask2, *key) || + DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { + WOLFSSL_MSG("Weak key found"); + return 1; + } + + mask = 0x1FFE1FFE; mask2 = 0x0EFE0EFE; + if (DES_check(mask, mask2, *key) || + DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) { + WOLFSSL_MSG("Weak key found"); + return 1; + } + + return 0; +} + + void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* myDes, WOLFSSL_DES_key_schedule* key) { diff --git a/wolfssl/openssl/des.h b/wolfssl/openssl/des.h index 1636b3f72..74ee7538e 100644 --- a/wolfssl/openssl/des.h +++ b/wolfssl/openssl/des.h @@ -53,6 +53,7 @@ enum { }; +WOLFSSL_API int wolfSSL_DES_is_weak_key(WOLFSSL_const_DES_cblock* key); WOLFSSL_API int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes, WOLFSSL_DES_key_schedule* key); WOLFSSL_API int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes, @@ -86,6 +87,7 @@ typedef WOLFSSL_const_DES_cblock const_DES_cblock; typedef WOLFSSL_DES_key_schedule DES_key_schedule; #define DES_check_key(x) /* Define WOLFSSL_CHECK_DESKEY to check key */ +#define DES_is_weak_key wolfSSL_DES_is_weak_key #define DES_set_key wolfSSL_DES_set_key #define DES_set_key_checked wolfSSL_DES_set_key_checked #define DES_set_key_unchecked wolfSSL_DES_set_key_unchecked