On Tue, 2019-01-15 at 14:51 +0100, Florian Weimer wrote:
> * Simo Sorce:
> 
> > On Tue, 2019-01-15 at 10:39 +0100, Florian Weimer wrote:
> > > * Ben Cotton:
> > > 
> > > > Remove real functionality from encrypt, encrypt_r, setkey, setkey_r,
> > > > and fcrypt from the libxcrypt.so.1 compatibility library and let those
> > > > functions set "errno" to "ENOSYS" when invoked.
> > > 
> > > encrypt rewrites its argument in place, so this will leave the argument
> > > unencrypted.  This does not seem a good idea, even if it's just DES.
> > 
> > Maybe encrypt with AES and return an error anyway ?
> 
> It's still only got a 56-bit key.  AES would only make dictionary
> attacks easier because there are more efficient AES implementations than
> DES implementations.

You could use a random key, but yeah if you need to simply make it
inoperable just overwrite with random.

> Maybe the stub implementation should just overwrite the argument with
> zeros.

I wouldn't overwrite with zeros because then it is clear the encryption
failed and if it is used in non-orthodox ways could give an attacker a
way to exploit the zeroing.

(for example if someone uses it to encrypt a password, instead of
hashing it and then compare to some stored value, then zeroing might be
a bad choice as all invocations will always return the same value and
would always compare "right")

Simo.

-- 
Simo Sorce
Sr. Principal Software Engineer
Red Hat, Inc

_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org

Reply via email to