1 /*- 2 * Copyright (c) 1989 The Regents of the University of California. 3 * All rights reserved. 4 * 5 * %sccs.include.redist.c% 6 */ 7 8 #ifndef lint 9 static char sccsid[] = "@(#)des_rw.c 5.6 (Berkeley) 09/27/90"; 10 #endif /* not lint */ 11 12 #if defined(KERBEROS) && defined(CRYPT) 13 #include <sys/param.h> 14 #include <kerberosIV/des.h> 15 #include <kerberosIV/krb.h> 16 17 extern long random(); 18 static unsigned char des_inbuf[10240], storage[10240], *store_ptr; 19 static bit_64 *key; 20 static u_char *key_schedule; 21 22 /* 23 * NB: These routines will not function properly if NBIO 24 * is set 25 */ 26 27 /* 28 * des_set_key 29 * 30 * Set des encryption/decryption key for use by the des_read and 31 * des_write routines 32 * 33 * The inkey parameter is actually the DES initial vector, 34 * and the insched is the DES Key unwrapped for faster decryption 35 */ 36 37 void 38 des_set_key(inkey, insched) 39 bit_64 *inkey; 40 u_char *insched; 41 { 42 key = inkey; 43 key_schedule = insched; 44 } 45 46 void 47 des_clear_key() 48 { 49 bzero((char *) key, sizeof(C_Block)); 50 bzero((char *) key_schedule, sizeof(Key_schedule)); 51 } 52 53 54 int 55 des_read(fd, buf, len) 56 int fd; 57 register char *buf; 58 int len; 59 { 60 int nreturned = 0; 61 long net_len, rd_len; 62 int nstored = 0; 63 64 if (nstored >= len) { 65 (void) bcopy(store_ptr, buf, len); 66 store_ptr += len; 67 nstored -= len; 68 return(len); 69 } else if (nstored) { 70 (void) bcopy(store_ptr, buf, nstored); 71 nreturned += nstored; 72 buf += nstored; 73 len -= nstored; 74 nstored = 0; 75 } 76 77 if (krb_net_read(fd, &net_len, sizeof(net_len)) != sizeof(net_len)) { 78 /* XXX can't read enough, pipe 79 must have closed */ 80 return(0); 81 } 82 net_len = ntohl(net_len); 83 if (net_len <= 0 || net_len > sizeof(des_inbuf)) { 84 /* preposterous length; assume out-of-sync; only 85 recourse is to close connection, so return 0 */ 86 return(0); 87 } 88 /* the writer tells us how much real data we are getting, but 89 we need to read the pad bytes (8-byte boundary) */ 90 rd_len = roundup(net_len, 8); 91 if (krb_net_read(fd, des_inbuf, rd_len) != rd_len) { 92 /* pipe must have closed, return 0 */ 93 return(0); 94 } 95 (void) des_pcbc_encrypt(des_inbuf, /* inbuf */ 96 storage, /* outbuf */ 97 net_len, /* length */ 98 key_schedule, /* DES key */ 99 key, /* IV */ 100 DECRYPT); /* direction */ 101 102 if(net_len < 8) 103 store_ptr = storage + 8 - net_len; 104 else 105 store_ptr = storage; 106 107 nstored = net_len; 108 if (nstored > len) { 109 (void) bcopy(store_ptr, buf, len); 110 nreturned += len; 111 store_ptr += len; 112 nstored -= len; 113 } else { 114 (void) bcopy(store_ptr, buf, nstored); 115 nreturned += nstored; 116 nstored = 0; 117 } 118 119 return(nreturned); 120 } 121 122 static unsigned char des_outbuf[10240]; /* > longest write */ 123 124 int 125 des_write(fd, buf, len) 126 int fd; 127 char *buf; 128 int len; 129 { 130 static int seeded = 0; 131 static char garbage_buf[8]; 132 long net_len, garbage; 133 134 if(len < 8) { 135 if(!seeded) { 136 seeded = 1; 137 srandom((int) time((long *)0)); 138 } 139 garbage = random(); 140 /* insert random garbage */ 141 (void) bcopy(&garbage, garbage_buf, MIN(sizeof(long),8)); 142 /* this "right-justifies" the data in the buffer */ 143 (void) bcopy(buf, garbage_buf + 8 - len, len); 144 } 145 /* pcbc_encrypt outputs in 8-byte (64 bit) increments */ 146 147 (void) des_pcbc_encrypt((len < 8) ? garbage_buf : buf, 148 des_outbuf, 149 (len < 8) ? 8 : len, 150 key_schedule, /* DES key */ 151 key, /* IV */ 152 ENCRYPT); 153 154 /* tell the other end the real amount, but send an 8-byte padded 155 packet */ 156 net_len = htonl(len); 157 (void) write(fd, &net_len, sizeof(net_len)); 158 (void) write(fd, des_outbuf, roundup(len,8)); 159 return(len); 160 } 161 #endif /* KERBEROS && CRYPT */ 162