From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 28712 invoked by alias); 29 Sep 2011 22:37:05 -0000 Received: (qmail 28573 invoked by uid 22791); 29 Sep 2011 22:37:04 -0000 X-SWARE-Spam-Status: No, hits=-2.8 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 X-Spam-Check-By: sourceware.org Received: from localhost (HELO sourceware.org) (127.0.0.1) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Thu, 29 Sep 2011 22:36:50 +0000 From: "pierce.lopez at gmail dot com" To: glibc-bugs@sources.redhat.com Subject: [Bug libc/13236] New: des_setparity() clears high bits Date: Thu, 29 Sep 2011 22:37:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: libc X-Bugzilla-Keywords: X-Bugzilla-Severity: minor X-Bugzilla-Who: pierce.lopez at gmail dot com X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: drepper.fsp at gmail dot com X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: Message-ID: X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org X-SW-Source: 2011-09/txt/msg00149.txt.bz2 http://sourceware.org/bugzilla/show_bug.cgi?id=13236 Bug #: 13236 Summary: des_setparity() clears high bits Product: glibc Version: 2.14 Status: NEW Severity: minor Priority: P2 Component: libc AssignedTo: drepper.fsp@gmail.com ReportedBy: pierce.lopez@gmail.com Classification: Unclassified I actually encountered this in 2.13 on my debian-testing workstation, but looked in the code in git branch releases/2.14/master and it is clearly there and appears intentional (sunrpc/des_soft.c) I guess this is somewhat of a question rather than a pure bug report - why do we want to only handle ascii keys in des_setparity()? And why do we not have this aspect mentioned in the man pages, either from the linux man pages project or from gnu? A quote from the latter: https://www.gnu.org/software/libc/manual/html_node/DES-Encryption.html The function des_setparity changes the 64-bit key, stored packed in 8-bit bytes, to have odd parity by altering the low bits of each byte. But if you look at the code, in addition to altering the low bit of each byte, it clears the high bit of each byte. For now I'm just using the openssl DES_set_odd_parity() which does what I expect (along with openssl des encryption instead of ecb_encrypt()) and with which I can successfully create NT responses in MS-CHAP authentications. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.