Page MenuHomeFreeBSD

Stop using des_cblock * for arguments to DES functions.
ClosedPublic

Authored by jhb on Aug 24 2019, 12:11 AM.

Details

Summary

This amounts to a char ** since it is a char[8] *. Evil casts mostly
resolved the fact that what was actually passed in were plain char *.
Instead, change the DES functions to use 'unsigned char *' for keys
and for input and output buffers.

Test Plan
  • amd64 GENERIC builds, waiting for a tinderbox to finish

Diff Detail

Lint
Lint OK
Unit
No Unit Test Coverage
Build Status
Buildable 26057
Build 24600: arc lint + arc unit

Event Timeline

Looks sane to me. Thanks for digging to the bottom of this rathole...

This revision is now accepted and ready to land.Aug 24 2019, 12:23 AM

Bit sad to be fixing DES in 2019 but unfortunately, this looks correct to me...

sys/crypto/des/des_setkey.c
70–88

These routines must have been totally broken before?

sys/crypto/des/des_setkey.c
70–88

It would seem so unless code actually invoked them correctly (which is doubtful). I think the kgssapi code was using these but using a bogus cast such that they probably didn't work. Probably would have panicked if you used plain DES with kgssapi it looks like.