-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: SoftHSM 2.x develop
-
Fix Version/s: None
-
Component/s: PKCS#11 Interface
-
Labels:None
A 64-bits DES key is composed by 8 bytes, each byte containing 7 bits from an RNG and 1 parity bit. The parity bit is never set.
A DES key generation should perform random generation only for the key material (ie 56 bits) ; it is done in SymmetricAlgorithm::generateKey under the assumption key.getBitLen () = 56.
Then key.setKeyBits (keyBits) should copy the 56 random bits and set the 8 parity bits.
In DESKey::setKeyBits, it is checked wether the supplied bit length is equal to the key length (the variable expectedLen = 8 bytes) rather than keylen-parityBitsNumber/8. Furthermore, the key is built directly from the supplied random bits, without any parity bits.