On Tue, Jul 06, 2021 at 10:59:17AM +0100, Daniel P. Berrangé wrote:
> Currently the crypto layer exposes support for a 'des-rfb'
> algorithm which is just normal single-DES, with the bits
> in each key byte reversed. This special key munging is
> required by the RFB protocol password authentication
> mechanism.
>
> Since the crypto layer is generic shared code, it makes
> more sense to do the key byte munging in the VNC server
> code, and expose normal single-DES support.
>
> Signed-off-by: Daniel P. Berrangé <berra...@redhat.com>
I agree with Markus' suggestion to enhance the commit message.
> +++ b/tests/unit/test-crypto-cipher.c
> @@ -155,28 +155,28 @@ static QCryptoCipherTestData test_data[] = {
> * in single AES block, and gives identical
> * ciphertext in ECB and CBC modes
> */
> - .path = "/crypto/cipher/des-rfb-ecb-56-one-block",
> - .alg = QCRYPTO_CIPHER_ALG_DES_RFB,
> + .path = "/crypto/cipher/des-ecb-56-one-block",
> + .alg = QCRYPTO_CIPHER_ALG_DES,
> .mode = QCRYPTO_CIPHER_MODE_ECB,
> - .key = "0123456789abcdef",
> + .key = "80c4a2e691d5b3f7",
> .plaintext = "70617373776f7264",
> .ciphertext = "73fa80b66134e403",
> },
This is a rather cute way to avoid recomputing the canonical
.ciphertext due to the change in bit ordering.
Reviewed-by: Eric Blake <ebl...@redhat.com>
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
