1
0

050-Revert-Disallow-use-of-DES-encryption-functions-in-n.patch 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677
  1. From 08f5e0df46ce1ad617bcde1fd5542545397630b9 Mon Sep 17 00:00:00 2001
  2. From: Hans Dedecker <dedeckeh@gmail.com>
  3. Date: Sat, 24 Oct 2020 21:13:30 +0200
  4. Subject: Revert "Disallow use of DES encryption functions in new programs."
  5. This reverts commit b10a0accee709a5efff2fadf0b0bbb79ff0ad759.
  6. ppp still uses the encrypt functions from the libc while musl libc also
  7. provides them.
  8. ---
  9. conform/data/stdlib.h-data | 3 +
  10. conform/data/unistd.h-data | 6 ++
  11. crypt/cert.c | 26 -----
  12. crypt/crypt-entry.c | 15 ++-
  13. crypt/crypt.h | 16 +++
  14. crypt/crypt_util.c | 9 --
  15. manual/conf.texi | 2 -
  16. manual/crypt.texi | 204 +++++++++++++++++++++++++++++++++++++
  17. manual/string.texi | 82 +++++++--------
  18. posix/unistd.h | 17 +++-
  19. stdlib/stdlib.h | 6 ++
  20. sunrpc/des_crypt.c | 7 +-
  21. sunrpc/des_soft.c | 2 +-
  22. 13 files changed, 305 insertions(+), 90 deletions(-)
  23. --- a/conform/data/stdlib.h-data
  24. +++ b/conform/data/stdlib.h-data
  25. @@ -149,6 +149,9 @@ function {unsigned short int*} seed48 (u
  26. #if !defined ISO && !defined ISO99 && !defined ISO11 && !defined POSIX && !defined XPG4 && !defined XPG42 && !defined UNIX98
  27. function int setenv (const char*, const char*, int)
  28. #endif
  29. +#if !defined ISO && !defined ISO99 && !defined ISO11 && !defined POSIX && !defined POSIX2008
  30. +function void setkey (const char*)
  31. +#endif
  32. #if !defined ISO && !defined ISO99 && !defined ISO11 && !defined XPG4 && !defined POSIX && !defined POSIX2008
  33. function {char*} setstate (char*)
  34. #endif
  35. --- a/conform/data/unistd.h-data
  36. +++ b/conform/data/unistd.h-data
  37. @@ -437,6 +437,9 @@ function int chroot (const char*)
  38. function int chown (const char*, uid_t, gid_t)
  39. function int close (int)
  40. function size_t confstr (int, char*, size_t)
  41. +#if !defined POSIX && !defined POSIX2008
  42. +function {char*} crypt (const char*, const char*)
  43. +#endif
  44. #if defined XPG4 || defined XPG42 || defined UNIX98
  45. function {char*} ctermid (char*)
  46. function {char*} cuserid (char*)
  47. @@ -446,6 +449,9 @@ allow cuserid
  48. #endif
  49. function int dup (int)
  50. function int dup2 (int, int)
  51. +#if !defined POSIX && !defined POSIX2008
  52. +function void encrypt (char[64], int)
  53. +#endif
  54. function int execl (const char*, const char*, ...)
  55. function int execle (const char*, const char*, ...)
  56. function int execlp (const char*, const char*, ...)
  57. --- a/crypt/cert.c
  58. +++ b/crypt/cert.c
  59. @@ -10,22 +10,6 @@
  60. #include <stdlib.h>
  61. #include "crypt.h"
  62. -/* This file tests the deprecated setkey/encrypt interface. */
  63. -#include <shlib-compat.h>
  64. -#if TEST_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28)
  65. -
  66. -#define libcrypt_version_reference(symbol, version) \
  67. - _libcrypt_version_reference (symbol, VERSION_libcrypt_##version)
  68. -#define _libcrypt_version_reference(symbol, version) \
  69. - __libcrypt_version_reference (symbol, version)
  70. -#define __libcrypt_version_reference(symbol, version) \
  71. - __asm__ (".symver " #symbol ", " #symbol "@" #version)
  72. -
  73. -extern void setkey (const char *);
  74. -extern void encrypt (const char *, int);
  75. -libcrypt_version_reference (setkey, GLIBC_2_0);
  76. -libcrypt_version_reference (encrypt, GLIBC_2_0);
  77. -
  78. int totfails = 0;
  79. int main (int argc, char *argv[]);
  80. @@ -119,13 +103,3 @@ put8 (char *cp)
  81. printf("%02x", t);
  82. }
  83. }
  84. -
  85. -#else /* encrypt and setkey are not available. */
  86. -
  87. -int
  88. -main (void)
  89. -{
  90. - return 77; /* UNSUPPORTED */
  91. -}
  92. -
  93. -#endif
  94. --- a/crypt/crypt-entry.c
  95. +++ b/crypt/crypt-entry.c
  96. @@ -35,7 +35,6 @@
  97. #endif
  98. #include "crypt-private.h"
  99. -#include <shlib-compat.h>
  100. /* Prototypes for local functions. */
  101. #ifndef __GNU_LIBRARY__
  102. @@ -177,7 +176,17 @@ crypt (const char *key, const char *salt
  103. return __crypt_r (key, salt, &_ufc_foobar);
  104. }
  105. -#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28)
  106. +
  107. +/*
  108. + * To make fcrypt users happy.
  109. + * They don't need to call init_des.
  110. + */
  111. +#ifdef _LIBC
  112. weak_alias (crypt, fcrypt)
  113. -compat_symbol (libcrypt, fcrypt, fcrypt, GLIBC_2_0);
  114. +#else
  115. +char *
  116. +__fcrypt (const char *key, const char *salt)
  117. +{
  118. + return crypt (key, salt);
  119. +}
  120. #endif
  121. --- a/crypt/crypt.h
  122. +++ b/crypt/crypt.h
  123. @@ -36,6 +36,14 @@ __BEGIN_DECLS
  124. extern char *crypt (const char *__phrase, const char *__salt)
  125. __THROW __nonnull ((1, 2));
  126. +/* Setup DES tables according KEY. */
  127. +extern void setkey (const char *__key) __THROW __nonnull ((1));
  128. +
  129. +/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt
  130. + block in place. */
  131. +extern void encrypt (char *__glibc_block, int __edflag)
  132. + __THROW __nonnull ((1));
  133. +
  134. #ifdef __USE_GNU
  135. /* This structure provides scratch and output buffers for 'crypt_r'.
  136. @@ -63,6 +71,14 @@ struct crypt_data
  137. extern char *crypt_r (const char *__phrase, const char *__salt,
  138. struct crypt_data * __restrict __data)
  139. __THROW __nonnull ((1, 2, 3));
  140. +
  141. +extern void setkey_r (const char *__key,
  142. + struct crypt_data * __restrict __data)
  143. + __THROW __nonnull ((1, 2));
  144. +
  145. +extern void encrypt_r (char *__glibc_block, int __edflag,
  146. + struct crypt_data * __restrict __data)
  147. + __THROW __nonnull ((1, 3));
  148. #endif
  149. __END_DECLS
  150. --- a/crypt/crypt_util.c
  151. +++ b/crypt/crypt_util.c
  152. @@ -34,7 +34,6 @@
  153. #endif
  154. #include "crypt-private.h"
  155. -#include <shlib-compat.h>
  156. /* Prototypes for local functions. */
  157. #ifndef __GNU_LIBRARY__
  158. @@ -151,7 +150,6 @@ static const int sbox[8][4][16]= {
  159. }
  160. };
  161. -#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28)
  162. /*
  163. * This is the initial
  164. * permutation matrix
  165. @@ -162,7 +160,6 @@ static const int initial_perm[64] = {
  166. 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3,
  167. 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7
  168. };
  169. -#endif
  170. /*
  171. * This is the final
  172. @@ -788,7 +785,6 @@ _ufc_output_conversion_r (ufc_long v1, u
  173. __data->crypt_3_buf[13] = 0;
  174. }
  175. -#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28)
  176. /*
  177. * UNIX encrypt function. Takes a bitvector
  178. @@ -889,14 +885,12 @@ __encrypt_r (char *__block, int __edflag
  179. }
  180. }
  181. weak_alias (__encrypt_r, encrypt_r)
  182. -compat_symbol (libcrypt, encrypt_r, encrypt_r, GLIBC_2_0);
  183. void
  184. encrypt (char *__block, int __edflag)
  185. {
  186. __encrypt_r(__block, __edflag, &_ufc_foobar);
  187. }
  188. -compat_symbol (libcrypt, encrypt, encrypt, GLIBC_2_0);
  189. /*
  190. @@ -921,15 +915,12 @@ __setkey_r (const char *__key, struct cr
  191. _ufc_mk_keytab_r((char *) ktab, __data);
  192. }
  193. weak_alias (__setkey_r, setkey_r)
  194. -compat_symbol (libcrypt, setkey_r, setkey_r, GLIBC_2_0);
  195. void
  196. setkey (const char *__key)
  197. {
  198. __setkey_r(__key, &_ufc_foobar);
  199. }
  200. -compat_symbol (libcrypt, setkey, setkey, GLIBC_2_0);
  201. -#endif /* SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) */
  202. void
  203. __b64_from_24bit (char **cp, int *buflen,
  204. --- a/manual/conf.texi
  205. +++ b/manual/conf.texi
  206. @@ -780,8 +780,6 @@ Inquire about the parameter correspondin
  207. @item _SC_XOPEN_CRYPT
  208. @standards{X/Open, unistd.h}
  209. Inquire about the parameter corresponding to @code{_XOPEN_CRYPT}.
  210. -@Theglibc no longer implements the @code{_XOPEN_CRYPT} extensions,
  211. -so @samp{sysconf (_SC_XOPEN_CRYPT)} always returns @code{-1}.
  212. @item _SC_XOPEN_ENH_I18N
  213. @standards{X/Open, unistd.h}
  214. --- a/manual/crypt.texi
  215. +++ b/manual/crypt.texi
  216. @@ -16,8 +16,19 @@ subject to them, even if you do not use
  217. yourself. The restrictions vary from place to place and are changed
  218. often, so we cannot give any more specific advice than this warning.
  219. +@vindex AUTH_DES
  220. +@cindex FIPS 140-2
  221. +It also provides support for Secure RPC, and some library functions that
  222. +can be used to perform normal DES encryption. The @code{AUTH_DES}
  223. +authentication flavor in Secure RPC, as provided by @theglibc{},
  224. +uses DES and does not comply with FIPS 140-2 nor does any other use of DES
  225. +within @theglibc{}. It is recommended that Secure RPC should not be used
  226. +for systems that need to comply with FIPS 140-2 since all flavors of
  227. +encrypted authentication use normal DES.
  228. +
  229. @menu
  230. * Passphrase Storage:: One-way hashing for passphrases.
  231. +* crypt:: A one-way function for passwords.
  232. * Unpredictable Bytes:: Randomness for cryptographic purposes.
  233. @end menu
  234. @@ -190,6 +201,199 @@ unpredictable as possible; @pxref{Unpred
  235. @include genpass.c.texi
  236. @end smallexample
  237. +@node DES Encryption
  238. +@section DES Encryption
  239. +
  240. +@cindex FIPS 46-3
  241. +The Data Encryption Standard is described in the US Government Federal
  242. +Information Processing Standards (FIPS) 46-3 published by the National
  243. +Institute of Standards and Technology. The DES has been very thoroughly
  244. +analyzed since it was developed in the late 1970s, and no new
  245. +significant flaws have been found.
  246. +
  247. +However, the DES uses only a 56-bit key (plus 8 parity bits), and a
  248. +machine has been built in 1998 which can search through all possible
  249. +keys in about 6 days, which cost about US$200000; faster searches would
  250. +be possible with more money. This makes simple DES insecure for most
  251. +purposes, and NIST no longer permits new US government systems
  252. +to use simple DES.
  253. +
  254. +For serious encryption functionality, it is recommended that one of the
  255. +many free encryption libraries be used instead of these routines.
  256. +
  257. +The DES is a reversible operation which takes a 64-bit block and a
  258. +64-bit key, and produces another 64-bit block. Usually the bits are
  259. +numbered so that the most-significant bit, the first bit, of each block
  260. +is numbered 1.
  261. +
  262. +Under that numbering, every 8th bit of the key (the 8th, 16th, and so
  263. +on) is not used by the encryption algorithm itself. But the key must
  264. +have odd parity; that is, out of bits 1 through 8, and 9 through 16, and
  265. +so on, there must be an odd number of `1' bits, and this completely
  266. +specifies the unused bits.
  267. +
  268. +@deftypefun void setkey (const char *@var{key})
  269. +@standards{BSD, crypt.h}
  270. +@standards{SVID, crypt.h}
  271. +@safety{@prelim{}@mtunsafe{@mtasurace{:crypt}}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}}
  272. +@c The static buffer stores the key, making it fundamentally
  273. +@c thread-unsafe. The locking issues are only in the initialization
  274. +@c path; cancelling the initialization will leave the lock held, it
  275. +@c would otherwise repeat the initialization on the next call.
  276. +
  277. +The @code{setkey} function sets an internal data structure to be an
  278. +expanded form of @var{key}. @var{key} is specified as an array of 64
  279. +bits each stored in a @code{char}, the first bit is @code{key[0]} and
  280. +the 64th bit is @code{key[63]}. The @var{key} should have the correct
  281. +parity.
  282. +@end deftypefun
  283. +
  284. +@deftypefun void encrypt (char *@var{block}, int @var{edflag})
  285. +@standards{BSD, crypt.h}
  286. +@standards{SVID, crypt.h}
  287. +@safety{@prelim{}@mtunsafe{@mtasurace{:crypt}}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}}
  288. +@c Same issues as setkey.
  289. +
  290. +The @code{encrypt} function encrypts @var{block} if
  291. +@var{edflag} is 0, otherwise it decrypts @var{block}, using a key
  292. +previously set by @code{setkey}. The result is
  293. +placed in @var{block}.
  294. +
  295. +Like @code{setkey}, @var{block} is specified as an array of 64 bits each
  296. +stored in a @code{char}, but there are no parity bits in @var{block}.
  297. +@end deftypefun
  298. +
  299. +@deftypefun void setkey_r (const char *@var{key}, {struct crypt_data *} @var{data})
  300. +@deftypefunx void encrypt_r (char *@var{block}, int @var{edflag}, {struct crypt_data *} @var{data})
  301. +@standards{GNU, crypt.h}
  302. +@c setkey_r: @safety{@prelim{}@mtsafe{}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}}
  303. +@safety{@prelim{}@mtsafe{}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}}
  304. +
  305. +These are reentrant versions of @code{setkey} and @code{encrypt}. The
  306. +only difference is the extra parameter, which stores the expanded
  307. +version of @var{key}. Before calling @code{setkey_r} the first time,
  308. +@code{data->initialized} must be cleared to zero.
  309. +@end deftypefun
  310. +
  311. +The @code{setkey_r} and @code{encrypt_r} functions are GNU extensions.
  312. +@code{setkey}, @code{encrypt}, @code{setkey_r}, and @code{encrypt_r} are
  313. +defined in @file{crypt.h}.
  314. +
  315. +@deftypefun int ecb_crypt (char *@var{key}, char *@var{blocks}, unsigned int @var{len}, unsigned int @var{mode})
  316. +@standards{SUNRPC, rpc/des_crypt.h}
  317. +@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
  318. +
  319. +The function @code{ecb_crypt} encrypts or decrypts one or more blocks
  320. +using DES. Each block is encrypted independently.
  321. +
  322. +The @var{blocks} and the @var{key} are stored packed in 8-bit bytes, so
  323. +that the first bit of the key is the most-significant bit of
  324. +@code{key[0]} and the 63rd bit of the key is stored as the
  325. +least-significant bit of @code{key[7]}. The @var{key} should have the
  326. +correct parity.
  327. +
  328. +@var{len} is the number of bytes in @var{blocks}. It should be a
  329. +multiple of 8 (so that there are a whole number of blocks to encrypt).
  330. +@var{len} is limited to a maximum of @code{DES_MAXDATA} bytes.
  331. +
  332. +The result of the encryption replaces the input in @var{blocks}.
  333. +
  334. +The @var{mode} parameter is the bitwise OR of two of the following:
  335. +
  336. +@vtable @code
  337. +@item DES_ENCRYPT
  338. +@standards{SUNRPC, rpc/des_crypt.h}
  339. +This constant, used in the @var{mode} parameter, specifies that
  340. +@var{blocks} is to be encrypted.
  341. +
  342. +@item DES_DECRYPT
  343. +@standards{SUNRPC, rpc/des_crypt.h}
  344. +This constant, used in the @var{mode} parameter, specifies that
  345. +@var{blocks} is to be decrypted.
  346. +
  347. +@item DES_HW
  348. +@standards{SUNRPC, rpc/des_crypt.h}
  349. +This constant, used in the @var{mode} parameter, asks to use a hardware
  350. +device. If no hardware device is available, encryption happens anyway,
  351. +but in software.
  352. +
  353. +@item DES_SW
  354. +@standards{SUNRPC, rpc/des_crypt.h}
  355. +This constant, used in the @var{mode} parameter, specifies that no
  356. +hardware device is to be used.
  357. +@end vtable
  358. +
  359. +The result of the function will be one of these values:
  360. +
  361. +@vtable @code
  362. +@item DESERR_NONE
  363. +@standards{SUNRPC, rpc/des_crypt.h}
  364. +The encryption succeeded.
  365. +
  366. +@item DESERR_NOHWDEVICE
  367. +@standards{SUNRPC, rpc/des_crypt.h}
  368. +The encryption succeeded, but there was no hardware device available.
  369. +
  370. +@item DESERR_HWERROR
  371. +@standards{SUNRPC, rpc/des_crypt.h}
  372. +The encryption failed because of a hardware problem.
  373. +
  374. +@item DESERR_BADPARAM
  375. +@standards{SUNRPC, rpc/des_crypt.h}
  376. +The encryption failed because of a bad parameter, for instance @var{len}
  377. +is not a multiple of 8 or @var{len} is larger than @code{DES_MAXDATA}.
  378. +@end vtable
  379. +@end deftypefun
  380. +
  381. +@deftypefun int DES_FAILED (int @var{err})
  382. +@standards{SUNRPC, rpc/des_crypt.h}
  383. +@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
  384. +This macro returns 1 if @var{err} is a `success' result code from
  385. +@code{ecb_crypt} or @code{cbc_crypt}, and 0 otherwise.
  386. +@end deftypefun
  387. +
  388. +@deftypefun int cbc_crypt (char *@var{key}, char *@var{blocks}, unsigned int @var{len}, unsigned int @var{mode}, char *@var{ivec})
  389. +@standards{SUNRPC, rpc/des_crypt.h}
  390. +@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
  391. +
  392. +The function @code{cbc_crypt} encrypts or decrypts one or more blocks
  393. +using DES in Cipher Block Chaining mode.
  394. +
  395. +For encryption in CBC mode, each block is exclusive-ored with @var{ivec}
  396. +before being encrypted, then @var{ivec} is replaced with the result of
  397. +the encryption, then the next block is processed. Decryption is the
  398. +reverse of this process.
  399. +
  400. +This has the advantage that blocks which are the same before being
  401. +encrypted are very unlikely to be the same after being encrypted, making
  402. +it much harder to detect patterns in the data.
  403. +
  404. +Usually, @var{ivec} is set to 8 random bytes before encryption starts.
  405. +Then the 8 random bytes are transmitted along with the encrypted data
  406. +(without themselves being encrypted), and passed back in as @var{ivec}
  407. +for decryption. Another possibility is to set @var{ivec} to 8 zeroes
  408. +initially, and have the first block encrypted consist of 8 random
  409. +bytes.
  410. +
  411. +Otherwise, all the parameters are similar to those for @code{ecb_crypt}.
  412. +@end deftypefun
  413. +
  414. +@deftypefun void des_setparity (char *@var{key})
  415. +@standards{SUNRPC, rpc/des_crypt.h}
  416. +@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
  417. +
  418. +The function @code{des_setparity} changes the 64-bit @var{key}, stored
  419. +packed in 8-bit bytes, to have odd parity by altering the low bits of
  420. +each byte.
  421. +@end deftypefun
  422. +
  423. +The @code{ecb_crypt}, @code{cbc_crypt}, and @code{des_setparity}
  424. +functions and their accompanying macros are all defined in the header
  425. +@file{rpc/des_crypt.h}.
  426. +
  427. +@node Unpredictable Bytes
  428. +@section Generating Unpredictable Bytes
  429. +
  430. The next program demonstrates how to verify a passphrase. It checks a
  431. hash hardcoded into the program, because looking up real users' hashed
  432. passphrases may require special privileges (@pxref{User Database}).
  433. --- a/manual/string.texi
  434. +++ b/manual/string.texi
  435. @@ -36,8 +36,8 @@ too.
  436. for delimiters.
  437. * Erasing Sensitive Data:: Clearing memory which contains sensitive
  438. data, after it's no longer needed.
  439. -* Shuffling Bytes:: Or how to flash-cook a string.
  440. -* Obfuscating Data:: Reversibly obscuring data from casual view.
  441. +* strfry:: Function for flash-cooking a string.
  442. +* Trivial Encryption:: Obscuring data.
  443. * Encode Binary Data:: Encoding and Decoding of Binary Data.
  444. * Argz and Envz Vectors:: Null-separated string vectors.
  445. @end menu
  446. @@ -2423,73 +2423,73 @@ functionality under a different name, su
  447. systems it may be in @file{strings.h} instead.
  448. @end deftypefun
  449. -
  450. -@node Shuffling Bytes
  451. -@section Shuffling Bytes
  452. +@node strfry
  453. +@section strfry
  454. The function below addresses the perennial programming quandary: ``How do
  455. I take good data in string form and painlessly turn it into garbage?''
  456. -This is not a difficult thing to code for oneself, but the authors of
  457. -@theglibc{} wish to make it as convenient as possible.
  458. +This is actually a fairly simple task for C programmers who do not use
  459. +@theglibc{} string functions, but for programs based on @theglibc{},
  460. +the @code{strfry} function is the preferred method for
  461. +destroying string data.
  462. -To @emph{erase} data, use @code{explicit_bzero} (@pxref{Erasing
  463. -Sensitive Data}); to obfuscate it reversibly, use @code{memfrob}
  464. -(@pxref{Obfuscating Data}).
  465. +The prototype for this function is in @file{string.h}.
  466. @deftypefun {char *} strfry (char *@var{string})
  467. @standards{GNU, string.h}
  468. @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
  469. @c Calls initstate_r, time, getpid, strlen, and random_r.
  470. -@code{strfry} performs an in-place shuffle on @var{string}. Each
  471. -character is swapped to a position selected at random, within the
  472. -portion of the string starting with the character's original position.
  473. -(This is the Fisher-Yates algorithm for unbiased shuffling.)
  474. -
  475. -Calling @code{strfry} will not disturb any of the random number
  476. -generators that have global state (@pxref{Pseudo-Random Numbers}).
  477. +@code{strfry} creates a pseudorandom anagram of a string, replacing the
  478. +input with the anagram in place. For each position in the string,
  479. +@code{strfry} swaps it with a position in the string selected at random
  480. +(from a uniform distribution). The two positions may be the same.
  481. The return value of @code{strfry} is always @var{string}.
  482. @strong{Portability Note:} This function is unique to @theglibc{}.
  483. -It is declared in @file{string.h}.
  484. +
  485. @end deftypefun
  486. -@node Obfuscating Data
  487. -@section Obfuscating Data
  488. +@node Trivial Encryption
  489. +@section Trivial Encryption
  490. +@cindex encryption
  491. +
  492. +
  493. +The @code{memfrob} function converts an array of data to something
  494. +unrecognizable and back again. It is not encryption in its usual sense
  495. +since it is easy for someone to convert the encrypted data back to clear
  496. +text. The transformation is analogous to Usenet's ``Rot13'' encryption
  497. +method for obscuring offensive jokes from sensitive eyes and such.
  498. +Unlike Rot13, @code{memfrob} works on arbitrary binary data, not just
  499. +text.
  500. @cindex Rot13
  501. -The @code{memfrob} function reversibly obfuscates an array of binary
  502. -data. This is not true encryption; the obfuscated data still bears a
  503. -clear relationship to the original, and no secret key is required to
  504. -undo the obfuscation. It is analogous to the ``Rot13'' cipher used on
  505. -Usenet for obscuring offensive jokes, spoilers for works of fiction,
  506. -and so on, but it can be applied to arbitrary binary data.
  507. -
  508. -Programs that need true encryption---a transformation that completely
  509. -obscures the original and cannot be reversed without knowledge of a
  510. -secret key---should use a dedicated cryptography library, such as
  511. -@uref{https://www.gnu.org/software/libgcrypt/,,libgcrypt}.
  512. -
  513. -Programs that need to @emph{destroy} data should use
  514. -@code{explicit_bzero} (@pxref{Erasing Sensitive Data}), or possibly
  515. -@code{strfry} (@pxref{Shuffling Bytes}).
  516. +For true encryption, @xref{Cryptographic Functions}.
  517. +
  518. +This function is declared in @file{string.h}.
  519. +@pindex string.h
  520. @deftypefun {void *} memfrob (void *@var{mem}, size_t @var{length})
  521. @standards{GNU, string.h}
  522. @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
  523. -The function @code{memfrob} obfuscates @var{length} bytes of data
  524. -beginning at @var{mem}, in place. Each byte is bitwise xor-ed with
  525. -the binary pattern 00101010 (hexadecimal 0x2A). The return value is
  526. -always @var{mem}.
  527. -
  528. -@code{memfrob} a second time on the same data returns it to
  529. -its original state.
  530. +@code{memfrob} transforms (frobnicates) each byte of the data structure
  531. +at @var{mem}, which is @var{length} bytes long, by bitwise exclusive
  532. +oring it with binary 00101010. It does the transformation in place and
  533. +its return value is always @var{mem}.
  534. +
  535. +Note that @code{memfrob} a second time on the same data structure
  536. +returns it to its original state.
  537. +
  538. +This is a good function for hiding information from someone who doesn't
  539. +want to see it or doesn't want to see it very much. To really prevent
  540. +people from retrieving the information, use stronger encryption such as
  541. +that described in @xref{Cryptographic Functions}.
  542. @strong{Portability Note:} This function is unique to @theglibc{}.
  543. -It is declared in @file{string.h}.
  544. +
  545. @end deftypefun
  546. @node Encode Binary Data
  547. --- a/posix/unistd.h
  548. +++ b/posix/unistd.h
  549. @@ -107,6 +107,9 @@ __BEGIN_DECLS
  550. /* The X/Open Unix extensions are available. */
  551. #define _XOPEN_UNIX 1
  552. +/* Encryption is present. */
  553. +#define _XOPEN_CRYPT 1
  554. +
  555. /* The enhanced internationalization capabilities according to XPG4.2
  556. are present. */
  557. #define _XOPEN_ENH_I18N 1
  558. @@ -1150,17 +1153,25 @@ ssize_t copy_file_range (int __infd, __o
  559. extern int fdatasync (int __fildes);
  560. #endif /* Use POSIX199309 */
  561. -#ifdef __USE_MISC
  562. +/* XPG4.2 specifies that prototypes for the encryption functions must
  563. + be defined here. */
  564. +#ifdef __USE_XOPEN
  565. /* One-way hash PHRASE, returning a string suitable for storage in the
  566. user database. SALT selects the one-way function to use, and
  567. ensures that no two users' hashes are the same, even if they use
  568. the same passphrase. The return value points to static storage
  569. which will be overwritten by the next call to crypt. */
  570. +
  571. +/* Encrypt at most 8 characters from KEY using salt to perturb DES. */
  572. extern char *crypt (const char *__key, const char *__salt)
  573. __THROW __nonnull ((1, 2));
  574. -#endif
  575. -#ifdef __USE_XOPEN
  576. +/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt
  577. + block in place. */
  578. +extern void encrypt (char *__glibc_block, int __edflag)
  579. + __THROW __nonnull ((1));
  580. +
  581. +
  582. /* Swab pairs bytes in the first N bytes of the area pointed to by
  583. FROM and copy the result to TO. The value of TO must not be in the
  584. range [FROM - N + 1, FROM - 1]. If N is odd the first byte in FROM
  585. --- a/stdlib/stdlib.h
  586. +++ b/stdlib/stdlib.h
  587. @@ -984,6 +984,12 @@ extern int getsubopt (char **__restrict
  588. #endif
  589. +#ifdef __USE_XOPEN
  590. +/* Setup DES tables according KEY. */
  591. +extern void setkey (const char *__key) __THROW __nonnull ((1));
  592. +#endif
  593. +
  594. +
  595. /* X/Open pseudo terminal handling. */
  596. #ifdef __USE_XOPEN2KXSI
  597. --- a/sunrpc/des_crypt.c
  598. +++ b/sunrpc/des_crypt.c
  599. @@ -86,9 +86,6 @@ common_crypt (char *key, char *buf, regi
  600. return desdev == DES_SW ? DESERR_NONE : DESERR_NOHWDEVICE;
  601. }
  602. -/* Note: these cannot be excluded from the build yet, because they are
  603. - still used internally. */
  604. -
  605. /*
  606. * CBC mode encryption
  607. */
  608. @@ -105,7 +102,7 @@ cbc_crypt (char *key, char *buf, unsigne
  609. COPY8 (dp.des_ivec, ivec);
  610. return err;
  611. }
  612. -hidden_nolink (cbc_crypt, libc, GLIBC_2_1)
  613. +libc_hidden_nolink_sunrpc (cbc_crypt, GLIBC_2_1)
  614. /*
  615. * ECB mode encryption
  616. @@ -118,4 +115,4 @@ ecb_crypt (char *key, char *buf, unsigne
  617. dp.des_mode = ECB;
  618. return common_crypt (key, buf, len, mode, &dp);
  619. }
  620. -hidden_nolink (ecb_crypt, libc, GLIBC_2_1)
  621. +libc_hidden_nolink_sunrpc (ecb_crypt, GLIBC_2_1)
  622. --- a/sunrpc/des_soft.c
  623. +++ b/sunrpc/des_soft.c
  624. @@ -71,4 +71,4 @@ des_setparity (char *p)
  625. p++;
  626. }
  627. }
  628. -hidden_nolink (des_setparity, libc, GLIBC_2_1)
  629. +libc_hidden_nolink_sunrpc (des_setparity, GLIBC_2_1)