des_ssh1_setiv not setting the IV ?
Seth Arnold
sarnold at wirex.com
Tue Nov 13 12:47:54 EST 2001
Greetings;
I've been reading the OpenSSH source code and have a question about the
des_ssh1_setiv function in cipher.c. (cut-n-pasted here from cipher.c
v1.47) :
static void
des_ssh1_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
{
memset(cc->u.des.iv, 0, sizeof(cc->u.des.iv));
}
This doesn't use the *iv parameter. Compare with:
static void
des3_setiv(CipherContext *cc, const u_char *iv, u_int ivlen)
{
memset(cc->u.des3.iv1, 0, sizeof(cc->u.des3.iv1));
memset(cc->u.des3.iv2, 0, sizeof(cc->u.des3.iv2));
memset(cc->u.des3.iv3, 0, sizeof(cc->u.des3.iv3));
if (iv == NULL)
return;
memcpy(cc->u.des3.iv3, (char *)iv, 8);
}
which *does* use the *iv parameter. (Though, not quite how I expected it
to be used.. :)
I'll be the first to admit that I don't know the OpenSSH architecture,
but this appears to be an oversight that would go un-noticed until
someone wanted a non-zero IV .. how often does that happen? Is this a
known issue, for compatibility?
Have I missed something else entirely? :)
Thanks :)
--
The Bill of Rights: 7 out of 10 rights haven't been sold yet! Contact
your congressman for details how *you* can buy one today!
More information about the openssh-unix-dev
mailing list