Use openssl implementation of DES_is_weak_key on non-Windows, and add unit test.

This commit is contained in:
Trevor Bentley
2017-10-23 12:33:44 +02:00
parent 27933eaff8
commit 935e05485a
2 changed files with 17 additions and 2 deletions
+4 -2
View File
@@ -322,9 +322,8 @@ EXIT:
return rc;
}
// TREV TODO: use openssl's implementation when available
bool yk_des_is_weak_key(const unsigned char *key, const size_t cb_key) {
#ifdef _WINDOWS
/* defined weak keys, borrowed from openssl to be consistent across platforms */
static const unsigned char weak_keys[][DES_LEN_DES] = {
/* weak keys */
@@ -377,6 +376,9 @@ bool yk_des_is_weak_key(const unsigned char *key, const size_t cb_key) {
}
return false;
#else
return DES_is_weak_key((const_DES_cblock *)key);
#endif
}
prng_rc _ykpiv_prng_generate(unsigned char *buffer, const size_t cb_req) {