Disable Weak cipher check for DES KCV

Jan Bilek jan.bilek at eftlab.com.au
Wed Jan 22 23:57:02 CET 2020

I love it! Let me know if we can support this somehow from our side.


On 2020-01-23 07:09:02+10:00 Jussi Kivilinna wrote:


On 9.1.2020 3.57, Jan Bilek wrote:
> Hi Jussi,
> No problem and thanks for coming back on my email.
> You are right - "all KCV algorithms I managed to find encrypt zero input block with the actual key as key" - except cases where the key is a weak key. While this might sound ridiculous there are many cases like this - in production as well as in test environments. E.g. Thales HSM default-load key-set works with some weak keys and while doing symmetric crypto we need to support those as well (in testing / dev environments Thales HSM is almost always loaded with a default key set so crypto can be reproduced and validated).
> Hope it makes better sense now.

Ok. I guess for such testing use-case, we could add new gcry_cipher_ctl command to allow weak-keys on cipher object. After command is given to cipher object, setkey would still return weak-key error code, but otherwise setup algorithm for encryption/decryption. Usage would be like this:

 err = gcry_cipher_open(&handle, algo, mode, 0)
 assert(err == 0)
 err = gcry_cipher_ctl(handle, GCRYCTL_ALLOW_WEAK_KEY, NULL, 1)
 assert(err == 0)
 err = gcry_cipher_setkey(handle, weak_key_buf, weak_key_len)
 assert(err == GPG_ERR_WEAK_KEY)
 err = gcry_cipher_encrypt(handle, out, outlen, in, inlen)
 assert(err == 0)
 err = gcry_cipher_close(handle)
 assert(err == 0)


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20200122/1bf844c2/attachment.html>

More information about the Gcrypt-devel mailing list