[PATCH] xcrypt.3: warn folks not to use these functions

[PATCH] xcrypt.3: warn folks not to use these functions

[Jason A. Donenfeld]

There is not an acceptable reason to use these functions ever in new code.
For example, just observe the implementation of the KDF:

	/*
	 * Turn password into DES key
	 */
	void
	passwd2des_internal (char *pw, char *key)
	{
	  int i;

	  memset (key, 0, 8);
	  for (i = 0; *pw && i < 8; ++i)
	    key[i] ^= *pw++ << 1;

	  des_setparity (key);
	}

This kind of nonsense isn't okay in the year 2017. Therefore, we
enlighten our poor users.

Signed-off-by: Jason A. Donenfeld <Jason-OnJsPKxuuEcAvxtiuMwx3w@public.gmane.org>
---
 man3/xcrypt.3 | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/man3/xcrypt.3 b/man3/xcrypt.3
index 956df55ba..6bc882549 100644
--- a/man3/xcrypt.3
+++ b/man3/xcrypt.3
@@ -22,6 +22,10 @@ xencrypt, xdecrypt, passwd2des \- RFS password encryption
 .sp
 .BI "int xdecrypt(char *" secret ", char *" passwd ");"
 .SH DESCRIPTION
+.BR WARNING :
+Do not use these functions in new code. They do not achieve
+any type of acceptable cryptographic security guarantees.
+.LP
 The function
 .BR passwd2des ()
 takes a character string
-- 
2.13.1

--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] xcrypt.3: warn folks not to use these functions

[Jason A. Donenfeld]

There is not an acceptable reason to use these functions ever in new code.
For example, just observe the implementation of the KDF:

	/*
	 * Turn password into DES key
	 */
	void
	passwd2des_internal (char *pw, char *key)
	{
	  int i;

	  memset (key, 0, 8);
	  for (i = 0; *pw && i < 8; ++i)
	    key[i] ^= *pw++ << 1;

	  des_setparity (key);
	}

This kind of nonsense isn't okay in the year 2017. Therefore, we
enlighten our poor users.

Signed-off-by: Jason A. Donenfeld <Jason-OnJsPKxuuEcAvxtiuMwx3w@public.gmane.org>
---
 man3/xcrypt.3 | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/man3/xcrypt.3 b/man3/xcrypt.3
index 956df55ba..6bc882549 100644
--- a/man3/xcrypt.3
+++ b/man3/xcrypt.3
@@ -22,6 +22,10 @@ xencrypt, xdecrypt, passwd2des \- RFS password encryption
 .sp
 .BI "int xdecrypt(char *" secret ", char *" passwd ");"
 .SH DESCRIPTION
+.BR WARNING :
+Do not use these functions in new code. They do not achieve
+any type of acceptable cryptographic security guarantees.
+.LP
 The function
 .BR passwd2des ()
 takes a character string
-- 
2.13.1

--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] xcrypt.3: warn folks not to use these functions

[walter harms]

Am 14.06.2017 19:03, schrieb Jason A. Donenfeld:
> There is not an acceptable reason to use these functions ever in new code.
> For example, just observe the implementation of the KDF:
> 
> 	/*
> 	 * Turn password into DES key
> 	 */
> 	void
> 	passwd2des_internal (char *pw, char *key)
> 	{
> 	  int i;
> 
> 	  memset (key, 0, 8);
> 	  for (i = 0; *pw && i < 8; ++i)
> 	    key[i] ^= *pw++ << 1;
> 
> 	  des_setparity (key);
> 	}
> 
> This kind of nonsense isn't okay in the year 2017. Therefore, we
> enlighten our poor users.
> 
> Signed-off-by: Jason A. Donenfeld <Jason-OnJsPKxuuEcAvxtiuMwx3w@public.gmane.org>
> ---
>  man3/xcrypt.3 | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/man3/xcrypt.3 b/man3/xcrypt.3
> index 956df55ba..6bc882549 100644
> --- a/man3/xcrypt.3
> +++ b/man3/xcrypt.3
> @@ -22,6 +22,10 @@ xencrypt, xdecrypt, passwd2des \- RFS password encryption
>  .sp
>  .BI "int xdecrypt(char *" secret ", char *" passwd ");"
>  .SH DESCRIPTION
> +.BR WARNING :
> +Do not use these functions in new code. They do not achieve
> +any type of acceptable cryptographic security guarantees.
> +.LP

It would be helpful to mention an alternativ.

re,
 wh


>  The function
>  .BR passwd2des ()
>  takes a character string




--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] xcrypt.3: warn folks not to use these functions

[Jason A. Donenfeld]

On Wed, Jun 14, 2017 at 7:08 PM, walter harms <wharms-fPG8STNUNVg@public.gmane.org> wrote:
> It would be helpful to mention an alternativ.

People who find this are presumably planning on using DES with this
horrible KDF. Are you recommending that I mention an entirely
different cryptosystem for people to use? Seeing as the libcs haven't
been stupid enough to entirely implement new cryptosystems and all
associated functions for many years, there's not a clear man page I
can just point to. I could rattle off some random primitives and
constructions that are good to use, but the devil is always in the
details, and people will still probably do it wrong.

I think a "stop, go away" might be the best approach here.
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html