There is not an acceptable reason to use these functions ever in new code.
For example, just observe the implementation of the KDF:
/*
* Turn password into DES key
*/
void
passwd2des_internal (char *pw, char *key)
{
int i;
memset (key, 0, 8);
for (i = 0; *pw && i < 8; ++i)
key[i] ^= *pw++ << 1;
des_setparity (key);
}
This kind of nonsense isn't okay in the year 2017. Therefore, we
enlighten our poor users.
Signed-off-by: Jason A. Donenfeld <Jason@xxxxxxxxx>
---
man3/xcrypt.3 | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/man3/xcrypt.3 b/man3/xcrypt.3
index 956df55ba..6bc882549 100644
--- a/man3/xcrypt.3
+++ b/man3/xcrypt.3
@@ -22,6 +22,10 @@ xencrypt, xdecrypt, passwd2des \- RFS password encryption
.sp
.BI "int xdecrypt(char *" secret ", char *" passwd ");"
.SH DESCRIPTION
+.BR WARNING :
+Do not use these functions in new code. They do not achieve
+any type of acceptable cryptographic security guarantees.
+.LP
The function
.BR passwd2des ()
takes a character string
--
2.13.1
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
