SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync with OpenBSD -current

Browse source
This commit is contained in:
purplerain 2024-05-25 16:20:32 +00:00
parent 332472a19d
commit 3af7aba2fd
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
15 changed files with 68 additions and 442 deletions
Download patch file Download diff file Expand all files Collapse all files

21
lib/libcrypto/des/des_local.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: des_local.h,v 1.2 2023/07/08 07:11:07 beck Exp $ */
/* $OpenBSD: des_local.h,v 1.3 2024/05/24 19:21:58 tb Exp $ */
/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -73,11 +73,6 @@
__BEGIN_HIDDEN_DECLS
#define ITERATIONS 16
#define HALF_ITERATIONS 8
/* used in des_read and des_write */
#define MAXWRITE (1024*16)
#define BSIZE (MAXWRITE+4)
#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
l|=((DES_LONG)(*((c)++)))<< 8L, \
@ -105,20 +100,6 @@ __BEGIN_HIDDEN_DECLS
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
*((c)++)=(unsigned char)(((l)>>24L)&0xff))
/* replacements for htonl and ntohl since I have no idea what to do
* when faced with machines with 8 byte longs. */
#define HDRSIZE 4
#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
l|=((DES_LONG)(*((c)++)))<<16L, \
l|=((DES_LONG)(*((c)++)))<< 8L, \
l|=((DES_LONG)(*((c)++))))
#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
*((c)++)=(unsigned char)(((l)>>16L)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
/* NOTE - c is not incremented as per l2c */
#define l2cn(l1,l2,c,n) { \
c+=n; \

164
lib/libcrypto/des/enc_read.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: enc_read.c,v 1.18 2024/03/29 01:47:29 joshua Exp $ */
/* $OpenBSD: enc_read.c,v 1.19 2024/05/24 19:16:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -56,168 +56,30 @@
* [including the GNU Public Licence.]
*/
#include <errno.h>
#include <stdio.h>
#include <openssl/opensslconf.h>
#include "des_local.h"
/* This has some uglies in it but it works - even over sockets. */
/*extern int errno;*/
int DES_rw_mode = DES_PCBC_MODE;
/*
* WARNINGS:
*
* - The data format used by DES_enc_write() and DES_enc_read()
* has a cryptographic weakness: When asked to write more
* than MAXWRITE bytes, DES_enc_write will split the data
* into several chunks that are all encrypted
* using the same IV. So don't use these functions unless you
* are sure you know what you do (in which case you might
* not want to use them anyway).
*
* - This code cannot handle non-blocking sockets.
*
* - This function uses an internal state and thus cannot be
* used on multiple files.
* XXX - remove this file in the next major bump
*/
int DES_rw_mode = DES_PCBC_MODE;
int
DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
DES_cblock *iv)
{
/* data to be unencrypted */
int net_num = 0;
static unsigned char *net = NULL;
/* extra unencrypted data
* for when a block of 100 comes in but is des_read one byte at
* a time. */
static unsigned char *unnet = NULL;
static int unnet_start = 0;
static int unnet_left = 0;
static unsigned char *tmpbuf = NULL;
int i;
long num = 0, rnum;
unsigned char *p;
if (tmpbuf == NULL) {
tmpbuf = malloc(BSIZE);
if (tmpbuf == NULL)
return (-1);
}
if (net == NULL) {
net = malloc(BSIZE);
if (net == NULL)
return (-1);
}
if (unnet == NULL) {
unnet = malloc(BSIZE);
if (unnet == NULL)
return (-1);
}
/* left over data from last decrypt */
if (unnet_left != 0) {
if (unnet_left < len) {
/* we still still need more data but will return
* with the number of bytes we have - should always
* check the return value */
memcpy(buf, &(unnet[unnet_start]),
unnet_left);
/* eay 26/08/92 I had the next 2 lines
* reversed :-( */
i = unnet_left;
unnet_start = unnet_left = 0;
} else {
memcpy(buf, &(unnet[unnet_start]), len);
unnet_start += len;
unnet_left -= len;
i = len;
}
return (i);
}
/* We need to get more data. */
if (len > MAXWRITE)
len = MAXWRITE;
/* first - get the length */
while (net_num < HDRSIZE) {
i = read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
#ifdef EINTR
if ((i == -1) && (errno == EINTR))
continue;
#endif
if (i <= 0)
return (0);
net_num += i;
}
/* we now have at net_num bytes in net */
p = net;
/* num=0; */
n2l(p, num);
/* num should be rounded up to the next group of eight
* we make sure that we have read a multiple of 8 bytes from the net.
*/
if ((num > MAXWRITE) || (num < 0)) /* error */
return (-1);
rnum = (num < 8) ? 8 : ((num + 7)/8*8);
net_num = 0;
while (net_num < rnum) {
i = read(fd, (void *)&(net[net_num]), rnum - net_num);
#ifdef EINTR
if ((i == -1) && (errno == EINTR))
continue;
#endif
if (i <= 0)
return (0);
net_num += i;
}
/* Check if there will be data left over. */
if (len < num) {
if (DES_rw_mode & DES_PCBC_MODE)
DES_pcbc_encrypt(net, unnet, num, sched, iv,
DES_DECRYPT);
else
DES_cbc_encrypt(net, unnet, num, sched, iv,
DES_DECRYPT);
memcpy(buf, unnet, len);
unnet_start = len;
unnet_left = num - len;
/* The following line is done because we return num
* as the number of bytes read. */
num = len;
} else {
/* >output is a multiple of 8 byes, if len < rnum
* >we must be careful. The user must be aware that this
* >routine will write more bytes than he asked for.
* >The length of the buffer must be correct.
* FIXED - Should be ok now 18-9-90 - eay */
if (len < rnum) {
if (DES_rw_mode & DES_PCBC_MODE)
DES_pcbc_encrypt(net, tmpbuf, num, sched, iv,
DES_DECRYPT);
else
DES_cbc_encrypt(net, tmpbuf, num, sched, iv,
DES_DECRYPT);
/* eay 26/08/92 fix a bug that returned more
* bytes than you asked for (returned len bytes :-( */
memcpy(buf, tmpbuf, num);
} else {
if (DES_rw_mode & DES_PCBC_MODE)
DES_pcbc_encrypt(net, buf, num, sched, iv,
DES_DECRYPT);
else
DES_cbc_encrypt(net, buf, num, sched, iv,
DES_DECRYPT);
}
}
return num;
return -1;
}
LCRYPTO_ALIAS(DES_enc_read);
int
DES_enc_write(int fd, const void *_buf, int len,
DES_key_schedule *sched, DES_cblock *iv)
{
return -1;
}
LCRYPTO_ALIAS(DES_enc_write);

168
lib/libcrypto/des/enc_writ.c
View file

@ -1,168 +0,0 @@
/* $OpenBSD: enc_writ.c,v 1.18 2024/03/29 01:47:29 joshua Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <openssl/opensslconf.h>
#include "des_local.h"
/*
* WARNINGS:
*
* - The data format used by DES_enc_write() and DES_enc_read()
* has a cryptographic weakness: When asked to write more
* than MAXWRITE bytes, DES_enc_write will split the data
* into several chunks that are all encrypted
* using the same IV. So don't use these functions unless you
* are sure you know what you do (in which case you might
* not want to use them anyway).
*
* - This code cannot handle non-blocking sockets.
*/
int
DES_enc_write(int fd, const void *_buf, int len,
DES_key_schedule *sched, DES_cblock *iv)
{
#ifdef _LIBC
extern unsigned long time();
extern int write();
#endif
const unsigned char *buf = _buf;
long rnum;
int i, j, k, outnum;
static unsigned char *outbuf = NULL;
unsigned char shortbuf[8];
unsigned char *p;
const unsigned char *cp;
static int start = 1;
if (outbuf == NULL) {
outbuf = malloc(BSIZE + HDRSIZE);
if (outbuf == NULL)
return (-1);
}
/* If we are sending less than 8 bytes, the same char will look
* the same if we don't pad it out with random bytes */
if (start) {
start = 0;
}
/* lets recurse if we want to send the data in small chunks */
if (len > MAXWRITE) {
j = 0;
for (i = 0; i < len; i += k) {
k = DES_enc_write(fd, &(buf[i]),
((len - i) > MAXWRITE) ? MAXWRITE : (len - i),
sched, iv);
if (k < 0)
return (k);
else
j += k;
}
return (j);
}
/* write length first */
p = outbuf;
l2n(len, p);
/* pad short strings */
if (len < 8) {
cp = shortbuf;
memcpy(shortbuf, buf, len);
arc4random_buf(shortbuf + len, 8 - len);
rnum = 8;
} else {
cp = buf;
rnum = ((len + 7)/8*8); /* round up to nearest eight */
}
if (DES_rw_mode & DES_PCBC_MODE)
DES_pcbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len,
sched, iv, DES_ENCRYPT);
else
DES_cbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len,
sched, iv, DES_ENCRYPT);
/* output */
outnum = rnum + HDRSIZE;
for (j = 0; j < outnum; j += i) {
/* eay 26/08/92 I was not doing writing from where we
* got up to. */
i = write(fd, (void *)&(outbuf[j]), outnum - j);
if (i == -1) {
#ifdef EINTR
if (errno == EINTR)
i = 0;
else
#endif
/* This is really a bad error - very bad
* It will stuff-up both ends. */
return (-1);
}
}
return (len);
}
LCRYPTO_ALIAS(DES_enc_write);