Daniel P. Berrangé <berra...@redhat.com> writes:
> Currently the crypto layer exposes support for a 'des-rfb'
> algorithm which is just normal single-DES, with the bits
> in each key byte reversed. This special key munging is
> required by the RFB protocol password authentication
> mechanism.
>
> Since the crypto layer is generic shared code, it makes
> more sense to do the key byte munging in the VNC server
> code, and expose normal single-DES support.
>
> Signed-off-by: Daniel P. Berrangé <berra...@redhat.com>
> ---
[...]
> diff --git a/qapi/crypto.json b/qapi/crypto.json
> index 7116ae9a46..6b3fadabac 100644
> --- a/qapi/crypto.json
> +++ b/qapi/crypto.json
> @@ -66,7 +66,7 @@
> # @aes-128: AES with 128 bit / 16 byte keys
> # @aes-192: AES with 192 bit / 24 byte keys
> # @aes-256: AES with 256 bit / 32 byte keys
> -# @des-rfb: RFB specific variant of single DES. Do not use except in VNC.
> +# @des: DES with 56 bit / 8 byte keys. Do not use except in VNC.
> # @3des: 3DES(EDE) with 192 bit / 24 byte keys (since 2.9)
> # @cast5-128: Cast5 with 128 bit / 16 byte keys
> # @serpent-128: Serpent with 128 bit / 16 byte keys
> @@ -80,7 +80,7 @@
> { 'enum': 'QCryptoCipherAlgorithm',
> 'prefix': 'QCRYPTO_CIPHER_ALG',
> 'data': ['aes-128', 'aes-192', 'aes-256',
> - 'des-rfb', '3des',
> + 'des', '3des',
> 'cast5-128',
> 'serpent-128', 'serpent-192', 'serpent-256',
> 'twofish-128', 'twofish-192', 'twofish-256']}
Is enum value "des-rfb" part of any external interface?
[...]
