[PATCH] xcrypt.3: warn folks not to use these functions

public inbox for linux-man@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] xcrypt.3: warn folks not to use these functions
@ 2017-06-14 17:03 Jason A. Donenfeld
       [not found] ` <20170614170351.19509-1-Jason-OnJsPKxuuEcAvxtiuMwx3w@public.gmane.org>
  0 siblings, 1 reply; 4+ messages in thread
From: Jason A. Donenfeld @ 2017-06-14 17:03 UTC (permalink / raw)
  To: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w
  Cc: linux-man-u79uwXL29TY76Z2rM5mHXA, Jason A. Donenfeld

There is not an acceptable reason to use these functions ever in new code.
For example, just observe the implementation of the KDF:

	/*
	 * Turn password into DES key
	 */
	void
	passwd2des_internal (char *pw, char *key)
	{
	  int i;

	  memset (key, 0, 8);
	  for (i = 0; *pw && i < 8; ++i)
	    key[i] ^= *pw++ << 1;

	  des_setparity (key);
	}

This kind of nonsense isn't okay in the year 2017. Therefore, we
enlighten our poor users.

Signed-off-by: Jason A. Donenfeld <Jason-OnJsPKxuuEcAvxtiuMwx3w@public.gmane.org>
---
 man3/xcrypt.3 | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/man3/xcrypt.3 b/man3/xcrypt.3
index 956df55ba..6bc882549 100644
--- a/man3/xcrypt.3
+++ b/man3/xcrypt.3
@@ -22,6 +22,10 @@ xencrypt, xdecrypt, passwd2des \- RFS password encryption
 .sp
 .BI "int xdecrypt(char *" secret ", char *" passwd ");"
 .SH DESCRIPTION
+.BR WARNING :
+Do not use these functions in new code. They do not achieve
+any type of acceptable cryptographic security guarantees.
+.LP
 The function
 .BR passwd2des ()
 takes a character string
-- 
2.13.1

--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply related	[flat|nested] 4+ messages in thread

[parent not found: <20170614170351.19509-1-Jason-OnJsPKxuuEcAvxtiuMwx3w@public.gmane.org>]

* Re: [PATCH] xcrypt.3: warn folks not to use these functions
       [not found] ` <20170614170351.19509-1-Jason-OnJsPKxuuEcAvxtiuMwx3w@public.gmane.org>
@ 2017-06-14 17:08   ` walter harms
       [not found]     ` <59416DA2.2070900-fPG8STNUNVg@public.gmane.org>
  0 siblings, 1 reply; 4+ messages in thread
From: walter harms @ 2017-06-14 17:08 UTC (permalink / raw)
  To: Jason A. Donenfeld
  Cc: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w,
	linux-man-u79uwXL29TY76Z2rM5mHXA



Am 14.06.2017 19:03, schrieb Jason A. Donenfeld:
> There is not an acceptable reason to use these functions ever in new code.
> For example, just observe the implementation of the KDF:
> 
> 	/*
> 	 * Turn password into DES key
> 	 */
> 	void
> 	passwd2des_internal (char *pw, char *key)
> 	{
> 	  int i;
> 
> 	  memset (key, 0, 8);
> 	  for (i = 0; *pw && i < 8; ++i)
> 	    key[i] ^= *pw++ << 1;
> 
> 	  des_setparity (key);
> 	}
> 
> This kind of nonsense isn't okay in the year 2017. Therefore, we
> enlighten our poor users.
> 
> Signed-off-by: Jason A. Donenfeld <Jason-OnJsPKxuuEcAvxtiuMwx3w@public.gmane.org>
> ---
>  man3/xcrypt.3 | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/man3/xcrypt.3 b/man3/xcrypt.3
> index 956df55ba..6bc882549 100644
> --- a/man3/xcrypt.3
> +++ b/man3/xcrypt.3
> @@ -22,6 +22,10 @@ xencrypt, xdecrypt, passwd2des \- RFS password encryption
>  .sp
>  .BI "int xdecrypt(char *" secret ", char *" passwd ");"
>  .SH DESCRIPTION
> +.BR WARNING :
> +Do not use these functions in new code. They do not achieve
> +any type of acceptable cryptographic security guarantees.
> +.LP

It would be helpful to mention an alternativ.

re,
 wh


>  The function
>  .BR passwd2des ()
>  takes a character string




--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 4+ messages in thread

[parent not found: <59416DA2.2070900-fPG8STNUNVg@public.gmane.org>]

* Re: [PATCH] xcrypt.3: warn folks not to use these functions
       [not found]     ` <59416DA2.2070900-fPG8STNUNVg@public.gmane.org>
@ 2017-06-14 17:12       ` Jason A. Donenfeld
  0 siblings, 0 replies; 4+ messages in thread
From: Jason A. Donenfeld @ 2017-06-14 17:12 UTC (permalink / raw)
  To: wharms-fPG8STNUNVg
  Cc: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w,
	linux-man-u79uwXL29TY76Z2rM5mHXA

On Wed, Jun 14, 2017 at 7:08 PM, walter harms <wharms-fPG8STNUNVg@public.gmane.org> wrote:
> It would be helpful to mention an alternativ.

People who find this are presumably planning on using DES with this
horrible KDF. Are you recommending that I mention an entirely
different cryptosystem for people to use? Seeing as the libcs haven't
been stupid enough to entirely implement new cryptosystems and all
associated functions for many years, there's not a clear man page I
can just point to. I could rattle off some random primitives and
constructions that are good to use, but the devil is always in the
details, and people will still probably do it wrong.

I think a "stop, go away" might be the best approach here.
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH] xcrypt.3: warn folks not to use these functions
@ 2017-06-14 16:37 Jason A. Donenfeld
  0 siblings, 0 replies; 4+ messages in thread
From: Jason A. Donenfeld @ 2017-06-14 16:37 UTC (permalink / raw)
  To: linux-man-u79uwXL29TY76Z2rM5mHXA,
	linux-api-u79uwXL29TY76Z2rM5mHXA, jann-XZ1E9jl8jIdeoWH0uzbU5w
  Cc: Jason A. Donenfeld

There is not an acceptable reason to use these functions ever in new code.
For example, just observe the implementation of the KDF:

	/*
	 * Turn password into DES key
	 */
	void
	passwd2des_internal (char *pw, char *key)
	{
	  int i;

	  memset (key, 0, 8);
	  for (i = 0; *pw && i < 8; ++i)
	    key[i] ^= *pw++ << 1;

	  des_setparity (key);
	}

This kind of nonsense isn't okay in the year 2017. Therefore, we
enlighten our poor users.

Signed-off-by: Jason A. Donenfeld <Jason-OnJsPKxuuEcAvxtiuMwx3w@public.gmane.org>
---
 man3/xcrypt.3 | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/man3/xcrypt.3 b/man3/xcrypt.3
index 956df55ba..6bc882549 100644
--- a/man3/xcrypt.3
+++ b/man3/xcrypt.3
@@ -22,6 +22,10 @@ xencrypt, xdecrypt, passwd2des \- RFS password encryption
 .sp
 .BI "int xdecrypt(char *" secret ", char *" passwd ");"
 .SH DESCRIPTION
+.BR WARNING :
+Do not use these functions in new code. They do not achieve
+any type of acceptable cryptographic security guarantees.
+.LP
 The function
 .BR passwd2des ()
 takes a character string
-- 
2.13.1

--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply related	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2017-06-14 17:12 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-06-14 17:03 [PATCH] xcrypt.3: warn folks not to use these functions Jason A. Donenfeld
     [not found] ` <20170614170351.19509-1-Jason-OnJsPKxuuEcAvxtiuMwx3w@public.gmane.org>
2017-06-14 17:08   ` walter harms
     [not found]     ` <59416DA2.2070900-fPG8STNUNVg@public.gmane.org>
2017-06-14 17:12       ` Jason A. Donenfeld
  -- strict thread matches above, loose matches on Subject: below --
2017-06-14 16:37 Jason A. Donenfeld

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox