3 files changed, 14 insertions, 321 deletions
diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile
index 39997b0886..564dc01169 100644
--- a/src/lib/libcrypto/Makefile
+++ b/src/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.194 2024/04/25 16:14:00 tb Exp $
+# $OpenBSD: Makefile,v 1.195 2024/05/24 19:16:53 tb Exp $
 LIB=    crypto
 LIBREBUILD=y
@@ -264,7 +264,6 @@ SRCS+= ecb3_enc.c
 SRCS+= ecb_enc.c
 SRCS+= ede_cbcm_enc.c
 SRCS+= enc_read.c
-SRCS+= enc_writ.c
 SRCS+= fcrypt.c
 SRCS+= fcrypt_b.c
 SRCS+= ofb64ede.c
diff --git a/src/lib/libcrypto/des/enc_read.c b/src/lib/libcrypto/des/enc_read.c
index d52489e72d..35704315e1 100644
--- a/src/lib/libcrypto/des/enc_read.c
+++ b/src/lib/libcrypto/des/enc_read.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: enc_read.c,v 1.18 2024/03/29 01:47:29 joshua Exp $ */
+/* $OpenBSD: enc_read.c,v 1.19 2024/05/24 19:16:53 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -56,168 +56,30 @@
 * [including the GNU Public Licence.]
 */
-#include <errno.h>
 #include <stdio.h>
 #include <openssl/opensslconf.h>
 #include "des_local.h"
-/* This has some uglies in it but it works - even over sockets. */
-/*extern int errno;*/
-int DES_rw_mode = DES_PCBC_MODE;
 /*
- * WARNINGS:
+ * XXX - remove this file in the next major bump
- *
- *  -  The data format used by DES_enc_write() and DES_enc_read()
- *     has a cryptographic weakness: When asked to write more
- *     than MAXWRITE bytes, DES_enc_write will split the data
- *     into several chunks that are all encrypted
- *     using the same IV.  So don't use these functions unless you
- *     are sure you know what you do (in which case you might
- *     not want to use them anyway).
- *
- *  -  This code cannot handle non-blocking sockets.
- *
- *  -  This function uses an internal state and thus cannot be
- *     used on multiple files.
 */
+int DES_rw_mode = DES_PCBC_MODE;
 int
 DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
    DES_cblock *iv)
 {
-        /* data to be unencrypted */
+        return -1;
-        int net_num = 0;
-        static unsigned char *net = NULL;
-        /* extra unencrypted data
-         * for when a block of 100 comes in but is des_read one byte at
-         * a time. */
-        static unsigned char *unnet = NULL;
-        static int unnet_start = 0;
-        static int unnet_left = 0;
-        static unsigned char *tmpbuf = NULL;
-        int i;
-        long num = 0, rnum;
-        unsigned char *p;
-        if (tmpbuf == NULL) {
-                tmpbuf = malloc(BSIZE);
-                if (tmpbuf == NULL)
-                        return (-1);
-        }
-        if (net == NULL) {
-                net = malloc(BSIZE);
-                if (net == NULL)
-                        return (-1);
-        }
-        if (unnet == NULL) {
-                unnet = malloc(BSIZE);
-                if (unnet == NULL)
-                        return (-1);
-        }
-        /* left over data from last decrypt */
-        if (unnet_left != 0) {
-                if (unnet_left < len) {
-                        /* we still still need more data but will return
-                         * with the number of bytes we have - should always
-                         * check the return value */
-                        memcpy(buf, &(unnet[unnet_start]),
-                            unnet_left);
-                        /* eay 26/08/92 I had the next 2 lines
-                         * reversed :-( */
-                        i = unnet_left;
-                        unnet_start = unnet_left = 0;
-                } else {
-                        memcpy(buf, &(unnet[unnet_start]), len);
-                        unnet_start += len;
-                        unnet_left -= len;
-                        i = len;
-                }
-                return (i);
-        }
-        /* We need to get more data. */
-        if (len > MAXWRITE)
-                len = MAXWRITE;
-        /* first - get the length */
-        while (net_num < HDRSIZE) {
-                i = read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
-#ifdef EINTR
-                if ((i == -1) && (errno == EINTR))
-                        continue;
-#endif
-                if (i <= 0)
-                        return (0);
-                net_num += i;
-        }
-        /* we now have at net_num bytes in net */
-        p = net;
-        /* num=0;  */
-        n2l(p, num);
-        /* num should be rounded up to the next group of eight
-         * we make sure that we have read a multiple of 8 bytes from the net.
-         */
-        if ((num > MAXWRITE) || (num < 0)) /* error */
-                return (-1);
-        rnum = (num < 8) ? 8 : ((num + 7)/8*8);
-        net_num = 0;
-        while (net_num < rnum) {
-                i = read(fd, (void *)&(net[net_num]), rnum - net_num);
-#ifdef EINTR
-                if ((i == -1) && (errno == EINTR))
-                        continue;
-#endif
-                if (i <= 0)
-                        return (0);
-                net_num += i;
-        }
-        /* Check if there will be data left over. */
-        if (len < num) {
-                if (DES_rw_mode & DES_PCBC_MODE)
-                        DES_pcbc_encrypt(net, unnet, num, sched, iv,
-                            DES_DECRYPT);
-                else
-                        DES_cbc_encrypt(net, unnet, num, sched, iv,
-                            DES_DECRYPT);
-                memcpy(buf, unnet, len);
-                unnet_start = len;
-                unnet_left = num - len;
-                /* The following line is done because we return num
-                 * as the number of bytes read. */
-                num = len;
-        } else {
-                /* >output is a multiple of 8 byes, if len < rnum
-                 * >we must be careful.  The user must be aware that this
-                 * >routine will write more bytes than he asked for.
-                 * >The length of the buffer must be correct.
-                 * FIXED - Should be ok now 18-9-90 - eay */
-                if (len < rnum) {
-                        if (DES_rw_mode & DES_PCBC_MODE)
-                                DES_pcbc_encrypt(net, tmpbuf, num, sched, iv,
-                                    DES_DECRYPT);
-                        else
-                                DES_cbc_encrypt(net, tmpbuf, num, sched, iv,
-                                    DES_DECRYPT);
-                        /* eay 26/08/92 fix a bug that returned more
-                         * bytes than you asked for (returned len bytes :-( */
-                        memcpy(buf, tmpbuf, num);
-                } else {
-                        if (DES_rw_mode & DES_PCBC_MODE)
-                                DES_pcbc_encrypt(net, buf, num, sched, iv,
-                                    DES_DECRYPT);
-                        else
-                                DES_cbc_encrypt(net, buf, num, sched, iv,
-                                    DES_DECRYPT);
-                }
-        }
-        return num;
 }
 LCRYPTO_ALIAS(DES_enc_read);
+int
+DES_enc_write(int fd, const void *_buf, int len,
+    DES_key_schedule *sched, DES_cblock *iv)
+{
+        return -1;
+}
+LCRYPTO_ALIAS(DES_enc_write);
diff --git a/src/lib/libcrypto/des/enc_writ.c b/src/lib/libcrypto/des/enc_writ.c
deleted file mode 100644
index 39c6139360..0000000000
--- a/src/lib/libcrypto/des/enc_writ.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/* $OpenBSD: enc_writ.c,v 1.18 2024/03/29 01:47:29 joshua Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <openssl/opensslconf.h>
-#include "des_local.h"
-/*
- * WARNINGS:
- *
- *  -  The data format used by DES_enc_write() and DES_enc_read()
- *     has a cryptographic weakness: When asked to write more
- *     than MAXWRITE bytes, DES_enc_write will split the data
- *     into several chunks that are all encrypted
- *     using the same IV.  So don't use these functions unless you
- *     are sure you know what you do (in which case you might
- *     not want to use them anyway).
- *
- *  -  This code cannot handle non-blocking sockets.
- */
-int
-DES_enc_write(int fd, const void *_buf, int len,
-    DES_key_schedule *sched, DES_cblock *iv)
-{
-#ifdef _LIBC
-        extern unsigned long time();
-        extern int write();
-#endif
-        const unsigned char *buf = _buf;
-        long rnum;
-        int i, j, k, outnum;
-        static unsigned char *outbuf = NULL;
-        unsigned char shortbuf[8];
-        unsigned char *p;
-        const unsigned char *cp;
-        static int start = 1;
-        if (outbuf == NULL) {
-                outbuf = malloc(BSIZE + HDRSIZE);
-                if (outbuf == NULL)
-                        return (-1);
-        }
-        /* If we are sending less than 8 bytes, the same char will look
-         * the same if we don't pad it out with random bytes */
-        if (start) {
-                start = 0;
-        }
-        /* lets recurse if we want to send the data in small chunks */
-        if (len > MAXWRITE) {
-                j = 0;
-                for (i = 0; i < len; i += k) {
-                        k = DES_enc_write(fd, &(buf[i]),
-                            ((len - i) > MAXWRITE) ? MAXWRITE : (len - i),
-                            sched, iv);
-                        if (k < 0)
-                                return (k);
-                        else
-                                j += k;
-                }
-                return (j);
-        }
-        /* write length first */
-        p = outbuf;
-        l2n(len, p);
-        /* pad short strings */
-        if (len < 8) {
-                cp = shortbuf;
-                memcpy(shortbuf, buf, len);
-                arc4random_buf(shortbuf + len, 8 - len);
-                rnum = 8;
-        } else {
-                cp = buf;
-                rnum = ((len + 7)/8*8); /* round up to nearest eight */
-        }
-        if (DES_rw_mode & DES_PCBC_MODE)
-                DES_pcbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len,
-                    sched, iv, DES_ENCRYPT);
-        else
-                DES_cbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len,
-                    sched, iv, DES_ENCRYPT);
-        /* output */
-        outnum = rnum + HDRSIZE;
-        for (j = 0; j < outnum; j += i) {
-                /* eay 26/08/92 I was not doing writing from where we
-                 * got up to. */
-                i = write(fd, (void *)&(outbuf[j]), outnum - j);
-                if (i == -1) {
-#ifdef EINTR
-                        if (errno == EINTR)
-                                i = 0;
-                        else
-#endif
-                                /* This is really a bad error - very bad
-                                 * It will stuff-up both ends. */
-                                return (-1);
-                }
-        }
-        return (len);
-}
-LCRYPTO_ALIAS(DES_enc_write);

diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile index 39997b0886..564dc01169 100644 --- a/src/lib/libcrypto/Makefile +++ b/src/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.194 2024/04/25 16:14:00 tb Exp $	1	# $OpenBSD: Makefile,v 1.195 2024/05/24 19:16:53 tb Exp $
2		2
3	LIB= crypto	3	LIB= crypto
4	LIBREBUILD=y	4	LIBREBUILD=y
@@ -264,7 +264,6 @@ SRCS+= ecb3_enc.c
264	SRCS+= ecb_enc.c	264	SRCS+= ecb_enc.c
265	SRCS+= ede_cbcm_enc.c	265	SRCS+= ede_cbcm_enc.c
266	SRCS+= enc_read.c	266	SRCS+= enc_read.c
267	SRCS+= enc_writ.c
268	SRCS+= fcrypt.c	267	SRCS+= fcrypt.c
269	SRCS+= fcrypt_b.c	268	SRCS+= fcrypt_b.c
270	SRCS+= ofb64ede.c	269	SRCS+= ofb64ede.c


diff --git a/src/lib/libcrypto/des/enc_read.c b/src/lib/libcrypto/des/enc_read.c index d52489e72d..35704315e1 100644 --- a/src/lib/libcrypto/des/enc_read.c +++ b/src/lib/libcrypto/des/enc_read.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: enc_read.c,v 1.18 2024/03/29 01:47:29 joshua Exp $ */	1	/* $OpenBSD: enc_read.c,v 1.19 2024/05/24 19:16:53 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -56,168 +56,30 @@
56	* [including the GNU Public Licence.]	56	* [including the GNU Public Licence.]
57	*/	57	*/
58		58
59	#include <errno.h>
60	#include <stdio.h>	59	#include <stdio.h>
61		60
62	#include <openssl/opensslconf.h>	61	#include <openssl/opensslconf.h>
63		62
64	#include "des_local.h"	63	#include "des_local.h"
65		64
66	/* This has some uglies in it but it works - even over sockets. */
67	/extern int errno;/
68	int DES_rw_mode = DES_PCBC_MODE;
69
70	/*	65	/*
71	* WARNINGS:	66	* XXX - remove this file in the next major bump
72	*
73	* - The data format used by DES_enc_write() and DES_enc_read()
74	* has a cryptographic weakness: When asked to write more
75	* than MAXWRITE bytes, DES_enc_write will split the data
76	* into several chunks that are all encrypted
77	* using the same IV. So don't use these functions unless you
78	* are sure you know what you do (in which case you might
79	* not want to use them anyway).
80	*
81	* - This code cannot handle non-blocking sockets.
82	*
83	* - This function uses an internal state and thus cannot be
84	* used on multiple files.
85	*/	67	*/
86		68
		69	int DES_rw_mode = DES_PCBC_MODE;
		70
87	int	71	int
88	DES_enc_read(int fd, void buf, int len, DES_key_schedule sched,	72	DES_enc_read(int fd, void buf, int len, DES_key_schedule sched,
89	DES_cblock *iv)	73	DES_cblock *iv)
90	{	74	{
91	/* data to be unencrypted */	75	return -1;
92	int net_num = 0;
93	static unsigned char *net = NULL;
94	/* extra unencrypted data
95	* for when a block of 100 comes in but is des_read one byte at
96	* a time. */
97	static unsigned char *unnet = NULL;
98	static int unnet_start = 0;
99	static int unnet_left = 0;
100	static unsigned char *tmpbuf = NULL;
101	int i;
102	long num = 0, rnum;
103	unsigned char *p;
104
105	if (tmpbuf == NULL) {
106	tmpbuf = malloc(BSIZE);
107	if (tmpbuf == NULL)
108	return (-1);
109	}
110	if (net == NULL) {
111	net = malloc(BSIZE);
112	if (net == NULL)
113	return (-1);
114	}
115	if (unnet == NULL) {
116	unnet = malloc(BSIZE);
117	if (unnet == NULL)
118	return (-1);
119	}
120	/* left over data from last decrypt */
121	if (unnet_left != 0) {
122	if (unnet_left < len) {
123	/* we still still need more data but will return
124	* with the number of bytes we have - should always
125	* check the return value */
126	memcpy(buf, &(unnet[unnet_start]),
127	unnet_left);
128	/* eay 26/08/92 I had the next 2 lines
129	* reversed :-( */
130	i = unnet_left;
131	unnet_start = unnet_left = 0;
132	} else {
133	memcpy(buf, &(unnet[unnet_start]), len);
134	unnet_start += len;
135	unnet_left -= len;
136	i = len;
137	}
138	return (i);
139	}
140
141	/* We need to get more data. */
142	if (len > MAXWRITE)
143	len = MAXWRITE;
144
145	/* first - get the length */
146	while (net_num < HDRSIZE) {
147	i = read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
148	#ifdef EINTR
149	if ((i == -1) && (errno == EINTR))
150	continue;
151	#endif
152	if (i <= 0)
153	return (0);
154	net_num += i;
155	}
156
157	/* we now have at net_num bytes in net */
158	p = net;
159	/* num=0; */
160	n2l(p, num);
161	/* num should be rounded up to the next group of eight
162	* we make sure that we have read a multiple of 8 bytes from the net.
163	*/
164	if ((num > MAXWRITE) \|\| (num < 0)) /* error */
165	return (-1);
166	rnum = (num < 8) ? 8 : ((num + 7)/8*8);
167
168	net_num = 0;
169	while (net_num < rnum) {
170	i = read(fd, (void *)&(net[net_num]), rnum - net_num);
171	#ifdef EINTR
172	if ((i == -1) && (errno == EINTR))
173	continue;
174	#endif
175	if (i <= 0)
176	return (0);
177	net_num += i;
178	}
179
180	/* Check if there will be data left over. */
181	if (len < num) {
182	if (DES_rw_mode & DES_PCBC_MODE)
183	DES_pcbc_encrypt(net, unnet, num, sched, iv,
184	DES_DECRYPT);
185	else
186	DES_cbc_encrypt(net, unnet, num, sched, iv,
187	DES_DECRYPT);
188	memcpy(buf, unnet, len);
189	unnet_start = len;
190	unnet_left = num - len;
191
192	/* The following line is done because we return num
193	* as the number of bytes read. */
194	num = len;
195	} else {
196	/* >output is a multiple of 8 byes, if len < rnum
197	* >we must be careful. The user must be aware that this
198	* >routine will write more bytes than he asked for.
199	* >The length of the buffer must be correct.
200	* FIXED - Should be ok now 18-9-90 - eay */
201	if (len < rnum) {
202	if (DES_rw_mode & DES_PCBC_MODE)
203	DES_pcbc_encrypt(net, tmpbuf, num, sched, iv,
204	DES_DECRYPT);
205	else
206	DES_cbc_encrypt(net, tmpbuf, num, sched, iv,
207	DES_DECRYPT);
208
209	/* eay 26/08/92 fix a bug that returned more
210	* bytes than you asked for (returned len bytes :-( */
211	memcpy(buf, tmpbuf, num);
212	} else {
213	if (DES_rw_mode & DES_PCBC_MODE)
214	DES_pcbc_encrypt(net, buf, num, sched, iv,
215	DES_DECRYPT);
216	else
217	DES_cbc_encrypt(net, buf, num, sched, iv,
218	DES_DECRYPT);
219	}
220	}
221	return num;
222	}	76	}
223	LCRYPTO_ALIAS(DES_enc_read);	77	LCRYPTO_ALIAS(DES_enc_read);
		78
		79	int
		80	DES_enc_write(int fd, const void *_buf, int len,
		81	DES_key_schedule sched, DES_cblock iv)
		82	{
		83	return -1;
		84	}
		85	LCRYPTO_ALIAS(DES_enc_write);


diff --git a/src/lib/libcrypto/des/enc_writ.c b/src/lib/libcrypto/des/enc_writ.c deleted file mode 100644 index 39c6139360..0000000000 --- a/src/lib/libcrypto/des/enc_writ.c +++ /dev/null
@@ -1,168 +0,0 @@
1	/* $OpenBSD: enc_writ.c,v 1.18 2024/03/29 01:47:29 joshua Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	#include <errno.h>
60	#include <stdio.h>
61	#include <stdlib.h>
62	#include <time.h>
63
64	#include <openssl/opensslconf.h>
65
66	#include "des_local.h"
67
68	/*
69	* WARNINGS:
70	*
71	* - The data format used by DES_enc_write() and DES_enc_read()
72	* has a cryptographic weakness: When asked to write more
73	* than MAXWRITE bytes, DES_enc_write will split the data
74	* into several chunks that are all encrypted
75	* using the same IV. So don't use these functions unless you
76	* are sure you know what you do (in which case you might
77	* not want to use them anyway).
78	*
79	* - This code cannot handle non-blocking sockets.
80	*/
81
82	int
83	DES_enc_write(int fd, const void *_buf, int len,
84	DES_key_schedule sched, DES_cblock iv)
85	{
86	#ifdef _LIBC
87	extern unsigned long time();
88	extern int write();
89	#endif
90	const unsigned char *buf = _buf;
91	long rnum;
92	int i, j, k, outnum;
93	static unsigned char *outbuf = NULL;
94	unsigned char shortbuf[8];
95	unsigned char *p;
96	const unsigned char *cp;
97	static int start = 1;
98
99	if (outbuf == NULL) {
100	outbuf = malloc(BSIZE + HDRSIZE);
101	if (outbuf == NULL)
102	return (-1);
103	}
104	/* If we are sending less than 8 bytes, the same char will look
105	* the same if we don't pad it out with random bytes */
106	if (start) {
107	start = 0;
108	}
109
110	/* lets recurse if we want to send the data in small chunks */
111	if (len > MAXWRITE) {
112	j = 0;
113	for (i = 0; i < len; i += k) {
114	k = DES_enc_write(fd, &(buf[i]),
115	((len - i) > MAXWRITE) ? MAXWRITE : (len - i),
116	sched, iv);
117	if (k < 0)
118	return (k);
119	else
120	j += k;
121	}
122	return (j);
123	}
124
125	/* write length first */
126	p = outbuf;
127	l2n(len, p);
128
129	/* pad short strings */
130	if (len < 8) {
131	cp = shortbuf;
132	memcpy(shortbuf, buf, len);
133	arc4random_buf(shortbuf + len, 8 - len);
134	rnum = 8;
135	} else {
136	cp = buf;
137	rnum = ((len + 7)/88); / round up to nearest eight */
138	}
139
140	if (DES_rw_mode & DES_PCBC_MODE)
141	DES_pcbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len,
142	sched, iv, DES_ENCRYPT);
143	else
144	DES_cbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len,
145	sched, iv, DES_ENCRYPT);
146
147	/* output */
148	outnum = rnum + HDRSIZE;
149
150	for (j = 0; j < outnum; j += i) {
151	/* eay 26/08/92 I was not doing writing from where we
152	* got up to. */
153	i = write(fd, (void *)&(outbuf[j]), outnum - j);
154	if (i == -1) {
155	#ifdef EINTR
156	if (errno == EINTR)
157	i = 0;
158	else
159	#endif
160	/* This is really a bad error - very bad
161	* It will stuff-up both ends. */
162	return (-1);
163	}
164	}
165
166	return (len);
167	}
168	LCRYPTO_ALIAS(DES_enc_write);