* Simo Sorce: > On Tue, 2019-01-15 at 10:39 +0100, Florian Weimer wrote: >> * Ben Cotton: >> >> > Remove real functionality from encrypt, encrypt_r, setkey, setkey_r, >> > and fcrypt from the libxcrypt.so.1 compatibility library and let those >> > functions set "errno" to "ENOSYS" when invoked. >> >> encrypt rewrites its argument in place, so this will leave the argument >> unencrypted. This does not seem a good idea, even if it's just DES. > > Maybe encrypt with AES and return an error anyway ?
It's still only got a 56-bit key. AES would only make dictionary attacks easier because there are more efficient AES implementations than DES implementations. Maybe the stub implementation should just overwrite the argument with zeros. Thanks, Florian _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
