From: Thorsten Blum <thorsten.blum@toblux.com>
Subject: Re: Fix typos in DES weak keys comment
To: tech@openbsd.org
Date: Sat, 25 Oct 2025 18:58:00 +0200

On 22. Oct 2025, Thorsten Blum wrote:
> Index: sys/crypto/set_key.c
> ===================================================================
> RCS file: /cvs/src/sys/crypto/set_key.c,v
> retrieving revision 1.5
> diff -u -p -r1.5 set_key.c
> --- sys/crypto/set_key.c	12 Mar 2021 10:22:46 -0000	1.5
> +++ sys/crypto/set_key.c	21 Oct 2025 11:38:57 -0000
> @@ -74,7 +74,7 @@ check_parity(des_cblock (*key))
> 	return (1);
> }
> 
> -/* Weak and semi week keys as take from
> +/* Weak and semi-weak keys as taken from
>  * %A D.W. Davies
>  * %A W.L. Price
>  * %T Security for Computer Networks

While browsing the book referenced above (available at [1]), I noticed
that some of the weak key values differ from those in the book (page 65,
figure 3.17). The patch below shows the different values. Not sure if
this is intentional or a bug.

Additionally, it appears that 'weak_keys' and des_is_weak_key() may no
longer be used. des_is_weak_key() is only called from des_set_key() when
'int des_check_key' is true, but I couldn't find any code in /usr/src
setting this variable.

Should the values be fixed, or is the code obsolete/unused and about to
be removed anyway?

Thanks,
Thorsten

[1] https://archive.org/details/securityforcompu0000davi/

Index: crypto/set_key.c
===================================================================
RCS file: /cvs/src/sys/crypto/set_key.c,v
retrieving revision 1.5
diff -u -p -r1.5 set_key.c
--- crypto/set_key.c	12 Mar 2021 10:22:46 -0000	1.5
+++ crypto/set_key.c	25 Oct 2025 15:46:45 -0000
@@ -88,8 +88,8 @@ static des_cblock weak_keys[NUM_WEAK_KEY
 	/* weak keys */
 	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
 	{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
-	{0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F},
-	{0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0},
+	{0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+	{0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
 	/* semi-weak keys */
 	{0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
 	{0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},