View Issue Details

IDProjectCategoryView StatusLast Update
0003397Ham Radio DeluxeBugpublic2019-11-08 02:32
ReporterK7ZCZAssigned ToK7ZCZ 
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version6.6.0.237 
Target VersionFixed in Version6.7.0.244 
Summary0003397: HRD includes unused, obsolete implementation of Blowfish encryption library
DescriptionThe HRDStation library builds blowfish.cpp, which is a very old copy of the Blowfish encryption library.

The NIST says that Blowfish (and other 64-bit key ciphers) are "mostly unsafe" and shouldn't be used: https://controlgap.com/blog/nist-moves-on-sweet32/

This code is only used by the HRDManager -- the old license server. Thing is, HRDStation ships with the client-side code. The BlowFish implementation should be removed.



Steps To Reproducesee Blowfish.cpp in the HRDStation project
TagsNo tags attached.
ModuleSW License Mgmt
Sub-ModuleSW License Client
Testing N/A

Relationships

related to 0003400 closedK7ZCZ remove HRDManager and HRDManagerService from project 

Activities

K7ZCZ

2019-10-20 15:28

administrator   ~0008881

removed with this checkin:
https://hrdsoftware.visualstudio.com/HRD/_versionControl/changeset/5226

WA9PIE

2019-10-29 16:28

administrator   ~0009082

Taken as validated

Issue History

Date Modified Username Field Change
2019-07-21 07:22 K7ZCZ New Issue
2019-10-20 15:26 K7ZCZ Relationship added related to 0003400
2019-10-20 15:28 K7ZCZ Assigned To => K7ZCZ
2019-10-20 15:28 K7ZCZ Status new => resolved
2019-10-20 15:28 K7ZCZ Resolution open => fixed
2019-10-20 15:28 K7ZCZ Note Added: 0008881
2019-10-29 15:52 K7ZCZ Fixed in Version => 6.7.0.239
2019-10-29 16:28 WA9PIE Status resolved => closed
2019-10-29 16:28 WA9PIE Testing Not Started => N/A
2019-10-29 16:28 WA9PIE Note Added: 0009082
2019-11-08 02:10 WA9PIE Fixed in Version 6.7.0.239 => 6.7.0.244
2019-11-08 02:32 WA9PIE Project 3 - Current Dev List => Ham Radio Deluxe