This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH 3/4] Deprecate DES encryption functions.

On Tue, May 8, 2018 at 10:33 AM, Florian Weimer <fweimer@redhat.com> wrote:
> On 05/06/2018 07:51 PM, Zack Weinberg wrote:
>
>> +* The functions 'encrypt', 'encrypt_r', 'setkey', 'setkey_r',
>> 'cbc_crypt',
>> +  'ecb_crypt', and 'des_setparity' are deprecated.  They encrypt and
>> decrypt
>> +  data with the DES block cipher, which is no longer considered secure.
>> +  Also, encrypt, encrypt_r, setkey, and setkey_r require awkward pre- and
>> +  post-processing of the encryption key and data to be encrypted, and
>> +  encrypt and setkey are not thread-safe.  Software that still uses these
>> +  functions should switch to a modern cryptography library, such as
>> GnuTLS.
>
> GNUTLS is no longer part of the GNU project.  You should recommend libgcrypt
> instead.

Thanks, I didn't know that.  Will change.  libgcrypt is also a better
suggestion because it's a cryptography library first, rather than a
TLS protocol client first.

zw
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]