Crypt::Blowfish has a method called keysize() that is supposed to return the 
key size in bytes, but it returns zero instead. The Crypt::Blowfish 2.09 
documentation claims that the maximum key size is 56 bytes. Crypt::CBC checks 
whether blowfish is in use, and if so sets the keysize to 56 bytes. There is 
nothing in the Crypt::Blowfish documentation that indicates that a size of 
112 bytes will work.

Since Crypt::Blowfish doesn't return the keysize from the keysize() method, I 
can only rely on the documentation to tell me what its desired keysize is.

Lincoln

On Saturday 13 August 2005 02:55 pm, Gan Uesli Starling wrote:
> There is a mystery regarding 56- vs 112-byte keys in Blowfish
> via Perl on NetBSD. I can't test it at present on Win32 as the
> PPM server at Univ. Winnipeg seems to be down. Attached is
> a short Perl script which exemplifies the mystery with an easy
> toggle for both cases.
>
> Affected NetBSD version is:
> NetBSD 2.0.2 (GENERIC) #0: Wed Mar 23 08:53:42 UTC 2005
>
> Affected Perl module packages are:
> perl-5.8.6nb6 Practical Extraction and Report Language
> p5-Crypt-Blowfish-2.09nb1
> p5-Crypt-CBC-2.08nb1
>
> Full details are embeded within the attached Perl script. Copy it to
> anywhere, chmod it 755 and run it.
>
> My question is whether this be a NetBSD package bug or a
> Perl module bug or what?
>
> Respectfully,
>
> Gan Starling
> Kalamazoo MI

-- 
Lincoln D. Stein
Cold Spring Harbor Laboratory
1 Bungtown Road
Cold Spring Harbor, NY 11724
FOR URGENT MESSAGES & SCHEDULING, 
PLEASE CONTACT MY ASSISTANT, 
SANDRA MICHELSEN, AT michelse@cshl.edu