Page MenuHomeFreeBSD

Stop using des_cblock * for arguments to DES functions.
ClosedPublic

Authored by jhb on Aug 24 2019, 12:11 AM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Mar 14, 10:25 AM
Unknown Object (File)
Thu, Mar 14, 10:25 AM
Unknown Object (File)
Thu, Mar 14, 10:21 AM
Unknown Object (File)
Sun, Mar 10, 11:45 PM
Unknown Object (File)
Jan 6 2024, 7:47 AM
Unknown Object (File)
Jan 6 2024, 7:47 AM
Unknown Object (File)
Jan 6 2024, 7:42 AM
Unknown Object (File)
Jan 3 2024, 3:59 PM
Subscribers
None

Details

Summary

This amounts to a char ** since it is a char[8] *. Evil casts mostly
resolved the fact that what was actually passed in were plain char *.
Instead, change the DES functions to use 'unsigned char *' for keys
and for input and output buffers.

Test Plan
  • amd64 GENERIC builds, waiting for a tinderbox to finish

Diff Detail

Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 26057
Build 24600: arc lint + arc unit

Event Timeline

Looks sane to me. Thanks for digging to the bottom of this rathole...

This revision is now accepted and ready to land.Aug 24 2019, 12:23 AM

Bit sad to be fixing DES in 2019 but unfortunately, this looks correct to me...

sys/crypto/des/des_setkey.c
70–88

These routines must have been totally broken before?

sys/crypto/des/des_setkey.c
70–88

It would seem so unless code actually invoked them correctly (which is doubtful). I think the kgssapi code was using these but using a bogus cast such that they probably didn't work. Probably would have panicked if you used plain DES with kgssapi it looks like.