Am Dienstag, den 15.01.2019, 15:20 +0100 schrieb Florian Weimer: > * Simo Sorce: > > > > Maybe the stub implementation should just overwrite the argument > > > with > > > zeros. > > > > I wouldn't overwrite with zeros because then it is clear the > > encryption > > failed and if it is used in non-orthodox ways could give an attacker > > a > > way to exploit the zeroing. > > > > (for example if someone uses it to encrypt a password, instead of > > hashing it and then compare to some stored value, then zeroing might > > be > > a bad choice as all invocations will always return the same value > > and > > would always compare "right") > > That's a fair point. Overwriting with random data seems better. > (There's precedent for doing that on decryption failures, too.) > > Thanks, > Florian
Thanks for the thoughts and a easy solution, guys! I've updated the
description and documentation of the proposal accordingly:
> The encrypt{,_r} function will - for security reasons - additionally
> overwrite the data-block argument with random data.
Björn
signature.asc
Description: This is a digitally signed message part
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
