Am Montag, 24. April 2017, 08:16:50 CEST schrieb Stephan Müller: Hi Gilad,
> > > > int __des3_ede_setkey(u32 *expkey, u32 *flags, const u8 *key, > > > > unsigned int keylen) > > > > However, this does not check that k1 == k3. In this case DES3 > > becomes 2DES (2-keys TDEA), the use of which was dropped post 2015 > > by NIST Special Publication 800-131A*. > > It is correct that the RFC wants at least a 2key 3DES. And it is correct > that SP800-131A mandates 3key 3DES post 2015. All I am saying is that FIPS > 140-2 does *not* require a technical verification of the 3 keys being not > identical. One side note: we had discussed a patch to this function in the past, see [1]. [1] https://patchwork.kernel.org/patch/8293441/ Ciao Stephan
