Journal Sloppy's Journal: Dumbly named constants 2
When you're looking at the docs for a cipher library, and one of the block feedback modes is called MODE_PGP, you just ass/u/me that using this mode, will cause the cipher to use OpenPGP's weirdo variation on Cipher FeedBack, right? Right?
But I kept getting nonsense outta my decrypter. Is my session key messed up? Nope. Was I actually supposed to fill in the IV with something other than zeros? Nope, the spec is clear. Ok, let's look at GnuPG's source and see how it does things. Yeah, ok, your code looks like it does the same thing as mine. Eh, maybe the cipher just has a bug. Let's try testing with the same library's Blowfish instead of AES. Nope, that doesn't work either. Finally I check the damn cipher library's source code, and I don't understand what the MODE_PGP stuff is trying to do. So I check RFC2440 again, to make sure I understand what I'm looking for. Then I check the source again. I don't get it -- I see no relationship at all.
Gee, dude, thanks for calling it MODE_PGP when it obviously has nothing to do with PGP. I only wasted two nights on this...
Debugging crypto is no fun! (Score:2)
Re:Debugging crypto is no fun! (Score:2)
A dumber constant still, however, has to be an elderly Visual Basic engineering calculation application, in which there was a constant named PI - with a value along the lines of 3.14279 - which was then used as pi in some trig approximations. Since it had been written as a bespoke job for a client, who demanded source code - which was provided in an encrypted ZIP file, no