[Cryptography] [cryptography] Underhanded Crypto

Tom Mitchell mitch at niftyegg.com
Mon Dec 1 21:01:26 EST 2014


On Sat, Nov 29, 2014 at 8:24 PM, Abe Singer <abe at oyvay.nu> wrote:

> On Fri, Nov 28, 2014 at 11:59:07PM +1300, Peter Gutmann wrote:
> > ianG <iang at iang.org> writes:
> >
> > It's not really "giving it a shot" in my case, it's taking crypto
> > implementation mistakes so



> .....chop....
> Heck, just run the source through lint and blindly fix anything it finds,
> like use of uninitialized variables.
>

Yes....and....

Well lint is a bit long in the tooth ... but modern compilers
have checkers and optional flags like ansii &  pedantic that are stricter
than lint
ever was in a productive way.

We also have two modern compilers (gcc and llvm) and identical code that
passes
both without tricks is often better than the ./configure tangles we see
today.
BSD, Solaris, HPUX and SGI MIPS compilers exist....

Step one is to beautify the code pile so all the indents and eye candy are
the same.   That can be done one file at a time and code reviewers can
run the same beautifier and diff/ cmp to validate that no hidden changes
exist.

If you cannot get a group to settle on and accept beautifier and format
changes
then the code base has a larger problem.

Static code analysis could follow.   Many issues seen by static tools are
hard to understand but in the end are good and simplify.   A thirty day
evaluation
will make a believer of some but not all.

As for beautifiers.... It pays to use them.   Any code you wish to review
can prove easier to review if you tidy it before looking.

My pet complaint is optional { }'s   removing options is a good thing.










-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141201/56e217b5/attachment.html>


More information about the cryptography mailing list