Filter
Top Products
Chapter 3 Key Info Types 249
KI_DES8
KI_DES8
Purpose:
This KI allows you to specify an 8-byte key used by the DES algorithm. The key object
will satisfy the DES parity requirement. Unlike
KI_DES8Strong, it does not check
against known DES weak keys. See the section “DES Weak Keys” in the
User’s
Manual
.
Type of information this allows you to use:
an 8-byte value for a DES key where the information stored in the key object must be
DES-parity adjusted according to FIPS 46-1. Crypto-C treats the least significant bit of
each byte of the key data as the DES parity adjustment bit.
Format of info supplied to B_SetKeyInfo:
pointer to an unsigned char array that holds the 8-byte DES key. The key is DES
parity adjusted when it is copied to the key object.
For added security, it is prudent to check the proposed key data against known byte
sequences that produce weak DES keys before calling
B_SetKeyInfo. See the section
“DES Weak Keys” in the
User’s Manual
.
Format of info returned by B_GetKeyInfo:
pointer to an unsigned char array that holds the 8-byte DES key that is DES parity
adjusted.
Can get this info type if key object already has:
KI_DES8, KI_Item (if the length of the ITEM is 8 and the data's DES parity is correct),
or
KI_8Byte (if the DES parity is correct).
Notes:
It is more secure to use KI_DES8Strong instead of KI_DES8. When you call
B_SetAlgorithmInfo with KI_DES8Strong, Crypto-C checks the key against a list of
known weak keys and returns an error if the resulting key would be weak. See the
section “DES Weak Keys” in the
User’s Manual
.