Re: [CryptoAPI-devel] musings...

[Herbert V. R. <hv...@hv...>]

On Sat, 2002-03-02 at 01:58, Kyle McMartin wrote:
> - looked into the rc5 "bug" and the rc5 paper by rivest. i can see
> the problem, but am agast at how to attack it properly, as it seems
> (from the paper) that the value of "c" is needed later. i assume
> this is because the key is stored in a c-element array.

finally I found the bug report...! :-)

btw, what's wrong with the patch below, which was attached to the bug
report...


 #define w      32      /* word size, in bits */
 #define r      16      /* rounds */
 #define b      16      /* minimum key size in bytes */
-#define c      8       /* same for 128,  192 and 256 bits key */
+#define max_c  8       /* same for 128,  192 and 256 bits key */
 #define t      34      /* size of table S, t =3D 2 * (r + 1) */
=20
 /* RC5 encryption */
@@ -81,11 +81,12 @@
 {
        u4byte *in_key =3D (u32 *)key;
        u4byte *out_key =3D cx->keyinfo;          /* S */
-       u32 i, j, k, A, B, L[c];
+       u32 i, j, k, A, B, L[max_c], c;
=20
        if (key_len < b || key_len > (2 * b))
                return -1;
=20
+       c =3D key_len / (w/8);
        key_len *=3D 8;
=20
        /* init L */


--=20
Herbert Valerio Riedel       /    Phone: (EUROPE) +43-1-58801-18840
Email: hv...@hv...       /    Finger hv...@gn... for GnuPG Public Key
GnuPG Key Fingerprint: 7BB9 2D6C D485 CE64 4748  5F65 4981 E064 883F
4142