diff --git a/lib/ykpiv.c b/lib/ykpiv.c index ea927db..655c16c 100644 --- a/lib/ykpiv.c +++ b/lib/ykpiv.c @@ -421,15 +421,15 @@ ykpiv_rc ykpiv_set_mgmkey(ykpiv_state *state, const unsigned char *new_key) { for(i = 0; i < 3; i++) { const_DES_cblock key_tmp; - DES_key_schedule ks_tmp; - int ret; memcpy(key_tmp, new_key + i * 8, 8); - ret = DES_set_key_checked(&key_tmp, &ks_tmp); - if(ret != 0) { + DES_set_odd_parity(&key_tmp); + if(DES_is_weak_key(&key_tmp) != 0) { if(state->verbose) { fprintf(stderr, "Won't set new key '"); dump_hex(new_key + i * 8, 8); - fprintf(stderr, "' since it's %s.\n", ret == -1 ? "got odd parity" : "weak"); + fprintf(stderr, "' since it's weak (with parity the key is: "); + dump_hex(key_tmp, 8); + fprintf(stderr, ").\n"); } return YKPIV_GENERIC_ERROR; }