Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 14 Jan 2013 13:02:17 +0100
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: KWallet / bad_blowfish (was: Feature freeze)

On 01/14/2013 10:47 AM, magnum wrote:
> KWallet is in, so now let's wrap it up for release.

The commit also added bad_blowfish.h and bad_blowfish_plug.c, without
any explanation what's bad about it.
Does KWallet use an incorrect blowfish implementation? Does "bad" mean
that it is just a Q&D implementation with poor performance? No idea.

But it looks like we now have 4 copies of the same thing:

(unstable-jumbo)src $ git grep -C 1 0x71126905
BF_std.c-                       0xc9aa53fd, 0x62a80f00, 0xbb25bfe2,
0x35bdd2f6,
BF_std.c:                       0x71126905, 0xb2040222, 0xb6cbcf7c,
0xcd769c2b,
BF_std.c-                       0x53113ec0, 0x1640e3d3, 0x38abbd60,
0x2547adf0,
--
bad_blowfish.h-    0x45e1d006, 0xc3f27b9a, 0xc9aa53fd, 0x62a80f00,
0xbb25bfe2, 0x35bdd2f6,
bad_blowfish.h:    0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b,
0x53113ec0, 0x1640e3d3,
bad_blowfish.h-    0x38abbd60, 0x2547adf0, 0xba38209c, 0xf746ce76,
0x77afa1c5, 0x20756060,
--
bf_tab.h-    0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6,
bf_tab.h:    0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b,
bf_tab.h-    0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0,
--
opencl_bf_std.c-                        0xc9aa53fd, 0x62a80f00,
0xbb25bfe2, 0x35bdd2f6,
opencl_bf_std.c:                        0x71126905, 0xb2040222,
0xb6cbcf7c, 0xcd769c2b,
opencl_bf_std.c-                        0x53113ec0, 0x1640e3d3,
0x38abbd60, 0x2547adf0,


May be this is indeed necessary, but I have no idea why.

Frank

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ