From 5e18aed4362568644153d7dadd5f76560f4403f9 Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Tue, 15 Nov 2011 15:38:45 +0000
Subject: [PATCH]  - Changed the defined key-length of DES ciphers in cipher.h
 to include the parity bits, to prevent mistakes in copying data. (Closes
 ticket #33)

---
 ChangeLog                 |  2 ++
 include/polarssl/cipher.h | 15 ++++++++-------
 2 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 077eac4f6..1355b38fc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,8 @@ Changes
    * Added a separate CRL entry extension parsing function
    * Separated the ASN.1 parsing code from the X.509 specific parsing code.
      So now there is a module that is controlled with POLARSSL_ASN1_PARSE_C.
+   * Changed the defined key-length of DES ciphers in cipher.h to include the
+     parity bits, to prevent mistakes in copying data. (Closes ticket #33)
 
 Bugfix
    * Fixed faulty HMAC-MD2 implementation. Found by dibac. (Closes
diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index 6a0173220..8c94dd5f9 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -96,12 +96,12 @@ typedef enum {
 enum {
     /** Undefined key length */
     POLARSSL_KEY_LENGTH_NONE = 0,
-    /** Key length, in bits, for DES keys */
-    POLARSSL_KEY_LENGTH_DES  = 56,
-    /** Key length, in bits, for DES in two key EDE */
-    POLARSSL_KEY_LENGTH_DES_EDE = 112,
-    /** Key length, in bits, for DES in three-key EDE */
-    POLARSSL_KEY_LENGTH_DES_EDE3 = 168,
+    /** Key length, in bits (including parity), for DES keys */
+    POLARSSL_KEY_LENGTH_DES  = 64,
+    /** Key length, in bits (including parity), for DES in two key EDE */
+    POLARSSL_KEY_LENGTH_DES_EDE = 128,
+    /** Key length, in bits (including parity), for DES in three-key EDE */
+    POLARSSL_KEY_LENGTH_DES_EDE3 = 192,
     /** Maximum length of any IV, in bytes */
     POLARSSL_MAX_IV_LENGTH = 16,
 };
@@ -150,7 +150,8 @@ typedef struct {
     /** Cipher mode (e.g. POLARSSL_MODE_CBC) */
     cipher_mode_t mode;
 
-    /** Cipher key length, in bits (default length for variable sized ciphers) */
+    /** Cipher key length, in bits (default length for variable sized ciphers)
+     *  (Includes parity bits for ciphers like DES) */
     unsigned int key_length;
 
     /** Name of the cipher */