This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/13236] New: des_setparity() clears high bits
- From: "pierce.lopez at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: Thu, 29 Sep 2011 22:36:30 +0000
- Subject: [Bug libc/13236] New: des_setparity() clears high bits
- Auto-submitted: auto-generated
http://sourceware.org/bugzilla/show_bug.cgi?id=13236
Bug #: 13236
Summary: des_setparity() clears high bits
Product: glibc
Version: 2.14
Status: NEW
Severity: minor
Priority: P2
Component: libc
AssignedTo: drepper.fsp@gmail.com
ReportedBy: pierce.lopez@gmail.com
Classification: Unclassified
I actually encountered this in 2.13 on my debian-testing workstation, but
looked in the code in git branch releases/2.14/master and it is clearly there
and appears intentional (sunrpc/des_soft.c)
I guess this is somewhat of a question rather than a pure bug report - why do
we want to only handle ascii keys in des_setparity()? And why do we not have
this aspect mentioned in the man pages, either from the linux man pages project
or from gnu? A quote from the latter:
https://www.gnu.org/software/libc/manual/html_node/DES-Encryption.html
The function des_setparity changes the 64-bit key, stored packed in 8-bit
bytes, to have odd parity by altering the low bits of each byte.
But if you look at the code, in addition to altering the low bit of each byte,
it clears the high bit of each byte.
For now I'm just using the openssl DES_set_odd_parity() which does what I
expect (along with openssl des encryption instead of ecb_encrypt()) and with
which I can successfully create NT responses in MS-CHAP authentications.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.