Stub out DES_enc_{read,write}(3)

The most terrible code in OpenSSL has its roots in libdes, which came before SSLeay. Hello, LHASH. Hello speed app. Hello DES (obviously). There are some diary-style changelog comments dating all the way back to 1990. /* This has some uglies in it but it works - even over sockets. */ Well, kind of: * - This code cannot handle non-blocking sockets. Also: /* >output is a multiple of 8 byes, if len < rnum * >we must be careful. The user must be aware that this * >routine will write more bytes than he asked for. * >The length of the buffer must be correct. * FIXED - Should be ok now 18-9-90 - eay */ Or /* This is really a bad error - very bad * It will stuff-up both ends. */ Or #ifdef _LIBC extern unsigned long time(); extern int write(); #endif I can't even... Delete, delete, delete. ok jsing
author: tb <> 2024-05-24 19:16:53 +0000
committer: tb <> 2024-05-24 19:16:53 +0000
commit: 8913e3836928202817f52432530c2d66d84d793c (patch)
tree: 9ccac8d103915b1227b95e5517a25adbda02c2bc /src/lib/libcrypto/des/enc_read.c
parent: 7d800a11109f89c463c10660e159a4f399c4b5f5 (diff)
download: openbsd-8913e3836928202817f52432530c2d66d84d793c.tar.gz
openbsd-8913e3836928202817f52432530c2d66d84d793c.tar.bz2
openbsd-8913e3836928202817f52432530c2d66d84d793c.zip
1 files changed, 13 insertions, 151 deletions
diff --git a/src/lib/libcrypto/des/enc_read.c b/src/lib/libcrypto/des/enc_read.c
index d52489e72d..35704315e1 100644
--- a/src/lib/libcrypto/des/enc_read.c
+++ b/src/lib/libcrypto/des/enc_read.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: enc_read.c,v 1.18 2024/03/29 01:47:29 joshua Exp $ */
+/* $OpenBSD: enc_read.c,v 1.19 2024/05/24 19:16:53 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -56,168 +56,30 @@
 * [including the GNU Public Licence.]
 */
-#include <errno.h>
 #include <stdio.h>
 #include <openssl/opensslconf.h>
 #include "des_local.h"
-/* This has some uglies in it but it works - even over sockets. */
-/*extern int errno;*/
-int DES_rw_mode = DES_PCBC_MODE;
 /*
- * WARNINGS:
+ * XXX - remove this file in the next major bump
- *
- *  -  The data format used by DES_enc_write() and DES_enc_read()
- *     has a cryptographic weakness: When asked to write more
- *     than MAXWRITE bytes, DES_enc_write will split the data
- *     into several chunks that are all encrypted
- *     using the same IV.  So don't use these functions unless you
- *     are sure you know what you do (in which case you might
- *     not want to use them anyway).
- *
- *  -  This code cannot handle non-blocking sockets.
- *
- *  -  This function uses an internal state and thus cannot be
- *     used on multiple files.
 */
+int DES_rw_mode = DES_PCBC_MODE;
 int
 DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
    DES_cblock *iv)
 {
-        /* data to be unencrypted */
+        return -1;
-        int net_num = 0;
-        static unsigned char *net = NULL;
-        /* extra unencrypted data
-         * for when a block of 100 comes in but is des_read one byte at
-         * a time. */
-        static unsigned char *unnet = NULL;
-        static int unnet_start = 0;
-        static int unnet_left = 0;
-        static unsigned char *tmpbuf = NULL;
-        int i;
-        long num = 0, rnum;
-        unsigned char *p;
-        if (tmpbuf == NULL) {
-                tmpbuf = malloc(BSIZE);
-                if (tmpbuf == NULL)
-                        return (-1);
-        }
-        if (net == NULL) {
-                net = malloc(BSIZE);
-                if (net == NULL)
-                        return (-1);
-        }
-        if (unnet == NULL) {
-                unnet = malloc(BSIZE);
-                if (unnet == NULL)
-                        return (-1);
-        }
-        /* left over data from last decrypt */
-        if (unnet_left != 0) {
-                if (unnet_left < len) {
-                        /* we still still need more data but will return
-                         * with the number of bytes we have - should always
-                         * check the return value */
-                        memcpy(buf, &(unnet[unnet_start]),
-                            unnet_left);
-                        /* eay 26/08/92 I had the next 2 lines
-                         * reversed :-( */
-                        i = unnet_left;
-                        unnet_start = unnet_left = 0;
-                } else {
-                        memcpy(buf, &(unnet[unnet_start]), len);
-                        unnet_start += len;
-                        unnet_left -= len;
-                        i = len;
-                }
-                return (i);
-        }
-        /* We need to get more data. */
-        if (len > MAXWRITE)
-                len = MAXWRITE;
-        /* first - get the length */
-        while (net_num < HDRSIZE) {
-                i = read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
-#ifdef EINTR
-                if ((i == -1) && (errno == EINTR))
-                        continue;
-#endif
-                if (i <= 0)
-                        return (0);
-                net_num += i;
-        }
-        /* we now have at net_num bytes in net */
-        p = net;
-        /* num=0;  */
-        n2l(p, num);
-        /* num should be rounded up to the next group of eight
-         * we make sure that we have read a multiple of 8 bytes from the net.
-         */
-        if ((num > MAXWRITE) || (num < 0)) /* error */
-                return (-1);
-        rnum = (num < 8) ? 8 : ((num + 7)/8*8);
-        net_num = 0;
-        while (net_num < rnum) {
-                i = read(fd, (void *)&(net[net_num]), rnum - net_num);
-#ifdef EINTR
-                if ((i == -1) && (errno == EINTR))
-                        continue;
-#endif
-                if (i <= 0)
-                        return (0);
-                net_num += i;
-        }
-        /* Check if there will be data left over. */
-        if (len < num) {
-                if (DES_rw_mode & DES_PCBC_MODE)
-                        DES_pcbc_encrypt(net, unnet, num, sched, iv,
-                            DES_DECRYPT);
-                else
-                        DES_cbc_encrypt(net, unnet, num, sched, iv,
-                            DES_DECRYPT);
-                memcpy(buf, unnet, len);
-                unnet_start = len;
-                unnet_left = num - len;
-                /* The following line is done because we return num
-                 * as the number of bytes read. */
-                num = len;
-        } else {
-                /* >output is a multiple of 8 byes, if len < rnum
-                 * >we must be careful.  The user must be aware that this
-                 * >routine will write more bytes than he asked for.
-                 * >The length of the buffer must be correct.
-                 * FIXED - Should be ok now 18-9-90 - eay */
-                if (len < rnum) {
-                        if (DES_rw_mode & DES_PCBC_MODE)
-                                DES_pcbc_encrypt(net, tmpbuf, num, sched, iv,
-                                    DES_DECRYPT);
-                        else
-                                DES_cbc_encrypt(net, tmpbuf, num, sched, iv,
-                                    DES_DECRYPT);
-                        /* eay 26/08/92 fix a bug that returned more
-                         * bytes than you asked for (returned len bytes :-( */
-                        memcpy(buf, tmpbuf, num);
-                } else {
-                        if (DES_rw_mode & DES_PCBC_MODE)
-                                DES_pcbc_encrypt(net, buf, num, sched, iv,
-                                    DES_DECRYPT);
-                        else
-                                DES_cbc_encrypt(net, buf, num, sched, iv,
-                                    DES_DECRYPT);
-                }
-        }
-        return num;
 }
 LCRYPTO_ALIAS(DES_enc_read);
+int
+DES_enc_write(int fd, const void *_buf, int len,
+    DES_key_schedule *sched, DES_cblock *iv)
+{
+        return -1;
+}
+LCRYPTO_ALIAS(DES_enc_write);
author	tb <>	2024-05-24 19:16:53 +0000
committer	tb <>	2024-05-24 19:16:53 +0000
commit	8913e3836928202817f52432530c2d66d84d793c (patch)
tree	9ccac8d103915b1227b95e5517a25adbda02c2bc /src/lib/libcrypto/des/enc_read.c
parent	7d800a11109f89c463c10660e159a4f399c4b5f5 (diff)
download	openbsd-8913e3836928202817f52432530c2d66d84d793c.tar.gz openbsd-8913e3836928202817f52432530c2d66d84d793c.tar.bz2 openbsd-8913e3836928202817f52432530c2d66d84d793c.zip

diff --git a/src/lib/libcrypto/des/enc_read.c b/src/lib/libcrypto/des/enc_read.c index d52489e72d..35704315e1 100644 --- a/src/lib/libcrypto/des/enc_read.c +++ b/src/lib/libcrypto/des/enc_read.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: enc_read.c,v 1.18 2024/03/29 01:47:29 joshua Exp $ */	1	/* $OpenBSD: enc_read.c,v 1.19 2024/05/24 19:16:53 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -56,168 +56,30 @@
56	* [including the GNU Public Licence.]	56	* [including the GNU Public Licence.]
57	*/	57	*/
58		58
59	#include <errno.h>
60	#include <stdio.h>	59	#include <stdio.h>
61		60
62	#include <openssl/opensslconf.h>	61	#include <openssl/opensslconf.h>
63		62
64	#include "des_local.h"	63	#include "des_local.h"
65		64
66	/* This has some uglies in it but it works - even over sockets. */
67	/extern int errno;/
68	int DES_rw_mode = DES_PCBC_MODE;
69
70	/*	65	/*
71	* WARNINGS:	66	* XXX - remove this file in the next major bump
72	*
73	* - The data format used by DES_enc_write() and DES_enc_read()
74	* has a cryptographic weakness: When asked to write more
75	* than MAXWRITE bytes, DES_enc_write will split the data
76	* into several chunks that are all encrypted
77	* using the same IV. So don't use these functions unless you
78	* are sure you know what you do (in which case you might
79	* not want to use them anyway).
80	*
81	* - This code cannot handle non-blocking sockets.
82	*
83	* - This function uses an internal state and thus cannot be
84	* used on multiple files.
85	*/	67	*/
86		68
		69	int DES_rw_mode = DES_PCBC_MODE;
		70
87	int	71	int
88	DES_enc_read(int fd, void buf, int len, DES_key_schedule sched,	72	DES_enc_read(int fd, void buf, int len, DES_key_schedule sched,
89	DES_cblock *iv)	73	DES_cblock *iv)
90	{	74	{
91	/* data to be unencrypted */	75	return -1;
92	int net_num = 0;
93	static unsigned char *net = NULL;
94	/* extra unencrypted data
95	* for when a block of 100 comes in but is des_read one byte at
96	* a time. */
97	static unsigned char *unnet = NULL;
98	static int unnet_start = 0;
99	static int unnet_left = 0;
100	static unsigned char *tmpbuf = NULL;
101	int i;
102	long num = 0, rnum;
103	unsigned char *p;
104
105	if (tmpbuf == NULL) {
106	tmpbuf = malloc(BSIZE);
107	if (tmpbuf == NULL)
108	return (-1);
109	}
110	if (net == NULL) {
111	net = malloc(BSIZE);
112	if (net == NULL)
113	return (-1);
114	}
115	if (unnet == NULL) {
116	unnet = malloc(BSIZE);
117	if (unnet == NULL)
118	return (-1);
119	}
120	/* left over data from last decrypt */
121	if (unnet_left != 0) {
122	if (unnet_left < len) {
123	/* we still still need more data but will return
124	* with the number of bytes we have - should always
125	* check the return value */
126	memcpy(buf, &(unnet[unnet_start]),
127	unnet_left);
128	/* eay 26/08/92 I had the next 2 lines
129	* reversed :-( */
130	i = unnet_left;
131	unnet_start = unnet_left = 0;
132	} else {
133	memcpy(buf, &(unnet[unnet_start]), len);
134	unnet_start += len;
135	unnet_left -= len;
136	i = len;
137	}
138	return (i);
139	}
140
141	/* We need to get more data. */
142	if (len > MAXWRITE)
143	len = MAXWRITE;
144
145	/* first - get the length */
146	while (net_num < HDRSIZE) {
147	i = read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
148	#ifdef EINTR
149	if ((i == -1) && (errno == EINTR))
150	continue;
151	#endif
152	if (i <= 0)
153	return (0);
154	net_num += i;
155	}
156
157	/* we now have at net_num bytes in net */
158	p = net;
159	/* num=0; */
160	n2l(p, num);
161	/* num should be rounded up to the next group of eight
162	* we make sure that we have read a multiple of 8 bytes from the net.
163	*/
164	if ((num > MAXWRITE) \|\| (num < 0)) /* error */
165	return (-1);
166	rnum = (num < 8) ? 8 : ((num + 7)/8*8);
167
168	net_num = 0;
169	while (net_num < rnum) {
170	i = read(fd, (void *)&(net[net_num]), rnum - net_num);
171	#ifdef EINTR
172	if ((i == -1) && (errno == EINTR))
173	continue;
174	#endif
175	if (i <= 0)
176	return (0);
177	net_num += i;
178	}
179
180	/* Check if there will be data left over. */
181	if (len < num) {
182	if (DES_rw_mode & DES_PCBC_MODE)
183	DES_pcbc_encrypt(net, unnet, num, sched, iv,
184	DES_DECRYPT);
185	else
186	DES_cbc_encrypt(net, unnet, num, sched, iv,
187	DES_DECRYPT);
188	memcpy(buf, unnet, len);
189	unnet_start = len;
190	unnet_left = num - len;
191
192	/* The following line is done because we return num
193	* as the number of bytes read. */
194	num = len;
195	} else {
196	/* >output is a multiple of 8 byes, if len < rnum
197	* >we must be careful. The user must be aware that this
198	* >routine will write more bytes than he asked for.
199	* >The length of the buffer must be correct.
200	* FIXED - Should be ok now 18-9-90 - eay */
201	if (len < rnum) {
202	if (DES_rw_mode & DES_PCBC_MODE)
203	DES_pcbc_encrypt(net, tmpbuf, num, sched, iv,
204	DES_DECRYPT);
205	else
206	DES_cbc_encrypt(net, tmpbuf, num, sched, iv,
207	DES_DECRYPT);
208
209	/* eay 26/08/92 fix a bug that returned more
210	* bytes than you asked for (returned len bytes :-( */
211	memcpy(buf, tmpbuf, num);
212	} else {
213	if (DES_rw_mode & DES_PCBC_MODE)
214	DES_pcbc_encrypt(net, buf, num, sched, iv,
215	DES_DECRYPT);
216	else
217	DES_cbc_encrypt(net, buf, num, sched, iv,
218	DES_DECRYPT);
219	}
220	}
221	return num;
222	}	76	}
223	LCRYPTO_ALIAS(DES_enc_read);	77	LCRYPTO_ALIAS(DES_enc_read);
		78
		79	int
		80	DES_enc_write(int fd, const void *_buf, int len,
		81	DES_key_schedule sched, DES_cblock iv)
		82	{
		83	return -1;
		84	}
		85	LCRYPTO_ALIAS(DES_enc_write);