[openssl] master update

[Dr. Paul Dale]

The branch master has been updated
       via  6450ea27ffdc22194f27e90796ce5538af2d81e2 (commit)
      from  af5e63e1e3300f784f302a5d3309bf673cc08894 (commit)


- Log -----------------------------------------------------------------
commit 6450ea27ffdc22194f27e90796ce5538af2d81e2
Author: Tomas Mraz <tomas at openssl.org>
Date:   Mon Nov 1 08:39:21 2021 +0100

    DES_set_key(): return values as DES_set_key_checked() but always set
    
    This avoids using accidentally uninitialized key schedule in
    applications that use DES_set_key() not expecting it to check the key
    which is the default on OpenSSL <= 1.1.1
    
    Fixes #16859
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16944)

-----------------------------------------------------------------------

Summary of changes:
 crypto/des/set_key.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
index 9510dc2c6a..ce7fb901f0 100644
--- a/crypto/des/set_key.c
+++ b/crypto/des/set_key.c
@@ -279,9 +279,17 @@ static const DES_LONG des_skb[8][64] = {
      }
 };
 
+/* Return values as DES_set_key_checked() but always set the key */
 int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
 {
-    return DES_set_key_checked(key, schedule);
+    int ret = 0;
+
+    if (!DES_check_key_parity(key))
+        ret = -1;
+    if (DES_is_weak_key(key))
+        ret = -2;
+    DES_set_key_unchecked(key, schedule);
+    return ret;
 }
 
 /*-