The choices of unsigned types made in the OpenBSD implementation
prevents the initial problem (sign-extension of a signed char value with
the topmost bit set) from happening.
Miod
On Mon, Apr 25, 2011 at 03:48:32PM -0400, Paul DeBruicker wrote:
on line 409 of blowfish.c [1] the OpenBSD version may
differ from the recommendation of the reference version posted at
Bruce Schneier's website [2].
[...]
I am no expert and do not know whether or not the bug mentioned in
[3]
On 04/25/2011 05:15 PM, Andreas Gunnarsson wrote:
The problem described in [3] is due to key being stored as char, which
may be signed. The code in [1] uses u_int8_t which is unsigned and
therefore not sign extended. So [1] does not have this problem.
/usr/src/sys/crypto/blf.c is also OK.
3 matches
Mail list logo
