Encrypted line changes on each run .
Werner Koch
wk at gnupg.org
Fri Aug 1 09:14:28 CEST 2008
On Thu, 31 Jul 2008 22:51, mashrom.head at gmail.com said:
> I wrote a small application to understand ARCFOUR use .
Hust a few comments on the code:
> plain_text = ( char * ) malloc ( size_of_plain_text );
> out = ( char * ) malloc ( size_of_buffers );
> deout = ( char * ) malloc ( size_of_buffers );
Please don't cast thye result of a malloc; Fro ages malloc returned a
void pinter which has been introduced to get rid of such casts. Note
that C and C++ are different languages.
> //Just null all
>
> for ( i = 0 ;i < size_of_buffers; i++ )
> {
> out[i] = '0';
> deout[i] = '0';
> }
memset (out, 0, size_of_buffers);
memset (deout, 0, size_of_buffers);
is easier to understand.
> err = gcry_cipher_open ( &handle2,
> GCRY_CIPHER_ARCFOUR,GCRY_CIPHER_MODE_STREAM,0 );
> err = gcry_cipher_open ( &handle,
> GCRY_CIPHER_ARCFOUR,GCRY_CIPHER_MODE_STREAM,0 );
>
> if ( err )
That is a severe bug - you wont catch an error from handle2. Fix is:
err = gcry_cipher_open ( &handle2, GCRY_CIPHER_ARCFOUR,
GCRY_CIPHER_MODE_STREAM, 0 );
if (!err)
err = gcry_cipher_open ( &handle, GCRY_CIPHER_ARCFOUR,
GCRY_CIPHER_MODE_STREAM, 0 );
if (err)
{
....
> err = gcry_cipher_setkey ( handle , key ,256 );
> err = gcry_cipher_setkey ( handle2 , key,256 );
Same here.
> write2 ( "/tmp/encrypt",out,size_of_buffers );
> for ( i = 0 ;i < size_of_buffers; i++ )
> out[i] = '0';
Use memset for clarity.
> read2 ( "/tmp/encrypt",out,size_of_buffers );
> err = gcry_cipher_encrypt ( handle2,
> ( unsigned char * ) deout,
> size_of_buffers, ( const unsigned char * ) out,size_of_buffers );
I guess you wanted to use gcry_cipher_decrypt.
And again: Do not use Arcfour if you do not understand all the subtle
gotchas to use Arcfour in a secure way.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gcrypt-devel
mailing list