Hello folks,
On Tue, 4 Jul 2006, George Danchev wrote:
> Date: Tue, 04 Jul 2006 12:55:12 +0300
> From: George Danchev <[EMAIL PROTECTED]>
> To: Alexander Schmehl <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
> Subject: Re: shc -- #335278 broken packaging -- non-DD NMU prepared
>
> On Saturday 01 July 2006 20:06, Alexander Schmehl wrote:
> > Hi!
> >
> > * George Danchev <[EMAIL PROTECTED]> [060701 15:20]:
> > > I hope that Alexander Schmehl is still willing to check it out and
> > > upload. Should anything still to be corrented I'm willing to do so. The
> > > new RC4 implementation is documented in debian/copyright, along with the
> > > match script as well (that were the points Alexnder raised in his last
> > > reviewing).
> >
> > Currently I'm on the road without my gpg-key, so I can't upload anythign
> > right now. I'll be back on Tuesday evening / wednesday morning will
> > check it then (if I don't forget it, might be a got idea to send me an
> > reminder ;)
>
> Unfortunately I face a break with the new GPL'ed ARC4 implementation. The
> patch for that implementation for shc 3.7 along with some rc4 tests is found
> at:
Please, do not use the shc 3.7 rc4 implementation. It has a
problem. In rc4, the global jndx = 0; is reset to 0 for each chuck of data
encrypted. It must not be done so, jndx = 0; must be set only at
initialization (in state_0).
This bug was fixed in shc 3.8.
As you have seen, I have implemented the initialization stage with
two functions, not one (stte_0 and key). The reason is that I want to be
able to apply more than one password, using key fuction several times.
/* 3.8.5 */
851 stte_0();
852 key(pswd, pswd_z);
...
862 key(chk1, chk1_z);
...
867 if (indx && key_with_file(kwsh)) {
...
875 key(chk2, chk2_z);
One stte_0 but four key calls. One is key_with_file which makes
the rest of the encryption to depend on some signature of a given file.
This is the reason of the message (and the method to detect)
"shell has changed!".
(( You cannot make the change:
-" key(control, sizeof(control));",
+" key(\"control\", sizeof(control));",
because it changes totally the pretended behaviour ))
In shc-3.8.3.diff your implementation of key do not remember the
last index exchanged (kndx) and do not uses len to bound k[] indexing to
its real length.
>
> http://crustytoothpaste.ath.cx/~bmc/files/free/crypto.pax.bz2
>
> I still need to resolve why strcmp(TEXT_chk2, chk2) is put there, which
> succeeds causing the following break:
As I have already stated, key_with_file (and the ability to use
key _incrementally_ several times) permits to make the encryption
dependent on some details of a given file. So the decryption of chk2
will change if the signature of the given file changes, in other words
if the "shell has changed!".
Perhaps my implementation of arc4 is more add-hoc than yours, but,
please, I see no reason to break the described behaviour.
Thanks.
>
> $ ./shc -f test.csh
> $ ./test.csh.x
> $ ./test.csh.x: No such file or directory: shell has changed!
>
> I attached a similar patch for shc 3.8.3, but the following occurs with the
> above test.csh test:
> $./test.csh.x
> $./test.csh.x: location has changed!
>
>
--
Saludos
Fran
---------------------------------------------------------------------
Francisco Rosales García <[EMAIL PROTECTED]> TEL: +34 91 336 73 80
http://www.datsi.fi.upm.es/~frosal FAX: +34 91 336 73 73
Departamento de Arquitectura y Tecnología de Sistemas Informáticos.
Facultad de Informática. Universidad Politécnica de Madrid. España.
