this breaks on i386 with LLVM 22's more restrictive checks as the types
of the variable pointed to don't match (the functions want DES_LONG *,
which is an unsigned long on i386). change to passing pointers to DES_LONG
instead, fixing i386, and a noop on other archs. ok tb@
clang-22 considers pointer mismatches between unsigned long * and
unsigned long long * as fatal errors. Make the errors non-fatal until
I nuderstand what it takes to appease the compiler. Said errors
shouldn't matter anyway given that said types are always the same size
on riscv64 anyway. make test agrees.
Some performance increases are visible for eg chacha or AES on this
Spacemit k1, but more efforts are needed to unlock performance
improvements gated behind riscv_hwprobe checks.
Attacks on the Marvin attack were too aggressive and 0.35 disabled the
widely used PKCS#1 v1.5 padding outright, when only decryption is
problematic due to the padding oracle. Signing is fine and required for
many things, among other things TLS and DNSSEC.
Version 0.35 disabled PKCS#1 v1.5 padding entirely to mitigate the
Marvin attack. However, the Marvin attack only affects PKCS#1 v1.5
decryption (padding oracle), not signatures. Version 0.38 re-enables
use_pkcs1_padding() for use with sign() and verify(), while keeping it
disabled for encrypt() and decrypt(). PKCS1_OAEP should be used for
encryption and either PKCS1_PSS or PKCS1 can be used for signing.
https://metacpan.org/pod/Crypt::OpenSSL::RSA
Switch from hand-rolled memset(3) and memcpy(3) to the ones in libc.
The versions inherited from libdes abuse unsigned char * for void *
and [-Wincompatible-pointer-types] is now an error:
md5.c:400:14: error: incompatible pointer types passing 'unsigned char (*)[65]' to parameter of type 'POINTER' (aka 'unsigned char *') [-Wincompatible-pointer-types]
Switching POINTER to void * causes other problems.
sthen