Page MenuHomeFreeBSD

Stop using des_cblock * for arguments to DES functions.
ClosedPublic

Authored by jhb on Aug 24 2019, 12:11 AM.

Details

Summary

This amounts to a char ** since it is a char[8] *. Evil casts mostly
resolved the fact that what was actually passed in were plain char *.
Instead, change the DES functions to use 'unsigned char *' for keys
and for input and output buffers.

Test Plan
  • amd64 GENERIC builds, waiting for a tinderbox to finish

Diff Detail

Lint
Lint OK
Unit
No Unit Test Coverage
Build Status
Buildable 26057
Build 24600: arc lint + arc unit

Event Timeline

jhb created this revision.Aug 24 2019, 12:11 AM
imp accepted this revision.Aug 24 2019, 12:23 AM

Looks sane to me. Thanks for digging to the bottom of this rathole...

This revision is now accepted and ready to land.Aug 24 2019, 12:23 AM
cem accepted this revision.Aug 24 2019, 1:37 AM

Bit sad to be fixing DES in 2019 but unfortunately, this looks correct to me...

sys/crypto/des/des_setkey.c
70–88

These routines must have been totally broken before?

jhb added inline comments.Aug 26 2019, 4:52 PM
sys/crypto/des/des_setkey.c
70–88

It would seem so unless code actually invoked them correctly (which is doubtful). I think the kgssapi code was using these but using a bogus cast such that they probably didn't work. Probably would have panicked if you used plain DES with kgssapi it looks like.

This revision was automatically updated to reflect the committed changes.