The copyright notice and disclaimer at the top of RIPEMD.c says:
Copyright (c) Katholieke Universiteit Leuven 1996, All Rights Reserved
The Katholieke Universiteit Leuven makes no representations concerning
either the merchantability of this software or the suitability of this
software for any particular purpose. It is provided "as is" without
express or implied warranty of any kind. These notices must be retained
in any copies of any part of this documentation and/or software.
To me, it seems as though the software was intended to be freely distributed,
as long as the notice and disclaimer are included. However, no such
permission is explicitly granted, so I am removing the module (without looking
at its contents).
There are three things that, when combined, produce exploitably-weak random
number generation reminiscent of the infamous Debian libssl fiasco
(CVE-2008-0166):
1. Microsoft Windows
2. A long-standing bug in PyCrypto's setup.py that omits the "winrandom"
module from the build procedure, causing RandomPool to be seeded weakly
when it is instantiated.
3. A tendency among PyCrypto's users to (incorrectly) treat RandomPool as
a portable substitute for reading from /dev/urandom. RandomPool was
never intended as a complete RNG, but I have seen several cases where
it has been treated as one. (See footnote.)
This commit provides a quick fix for #2. Future work will attempt to fix#3 by
providing users with a "works out-of-the-box" random number generation API.
Fixing #1 probably won't happen any time soon, though reports of the initial
success of Windows Vista suggest that Microsoft may be working hard on the
problem.
Footnote:
For more information about the misuse of RandomPool, see:
http://lists.dlitz.net/pipermail/pycrypto/2008q3/000000.htmlhttp://www.lag.net/pipermail/paramiko/2008-January/000599.htmlhttp://www.lag.net/pipermail/paramiko/2008-April/000678.htmlhttps://bugs.launchpad.net/pycrypto/+bug/249765
The module exclusion code introduced in commit
eba017d3b0 would fail if the last element of the
list returned by find_package_modules() matched an entry in the EXCLUDE_PY
list.
Robey Pointer made an earlier commit that purported to do this
(20092c5511), but he forgot to include the C
code, and it never ended up being published.
The RC5 implementation looks pretty buggy. It crashes if we give it one-byte
keys, and the last few test vectors from RFC 2040 fail.
Maybe I implemented something wrong, but I don't see where.
Three cheers for patented algorithms! Hip hip, hooray! ;-P
[project @ 2003-02-28 16:40:46 by akuchling]
-pedantic produces an irritating warning about 'long long' not being ANSI; remove the switch to silence it
