Added comments to des_enc_{read,write} functions warning about their

cryptographic weakness (IV reuse).

diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c
index 265e9ca36fbf67a8e3e58dd2ee795602d3cfb354..3e5ac09875b86d0d90cdbbdba247f80a8dbd5b2e 100644 (file)
--- a/crypto/des/enc_read.c
+++ b/crypto/des/enc_read.c
@@ -65,6 +65,25 @@
 /*extern int errno;*/
 int des_rw_mode=DES_PCBC_MODE;
 
+
+/*
+ * WARNINGS:
+ *
+ *  -  The data format used by des_enc_write() and des_enc_read()
+ *     has a cryptographic weakness: When asked to write more
+ *     than MAXWRITE bytes, des_enc_write will split the data
+ *     into several chunks that are all encrypted
+ *     using the same IV.  So don't use these functions unless you
+ *     are sure you know what you do (in which case you might
+ *     not want to use them anyway).
+ *
+ *  -  This code cannot handle non-blocking sockets.
+ *
+ *  -  This function uses an internal state and thus cannot be
+ *     used on multiple files.
+ */
+
+
 int des_enc_read(fd, buf, len, sched, iv)
 int fd;
 char *buf;

diff --git a/crypto/des/enc_writ.c b/crypto/des/enc_writ.c
index 96537ef58466b4cab7755a90d26cfca8ae0b4197..d40dc273c072eb4b009b32be2acdb681a43b19c4 100644 (file)
--- a/crypto/des/enc_writ.c
+++ b/crypto/des/enc_writ.c
@@ -62,6 +62,20 @@
 #include "cryptlib.h"
 #include "des_locl.h"
 
+/*
+ * WARNINGS:
+ *
+ *  -  The data format used by des_enc_write() and des_enc_read()
+ *     has a cryptographic weakness: When asked to write more
+ *     than MAXWRITE bytes, des_enc_write will split the data
+ *     into several chunks that are all encrypted
+ *     using the same IV.  So don't use these functions unless you
+ *     are sure you know what you do (in which case you might
+ *     not want to use them anyway).
+ *
+ *  -  This code cannot handle non-blocking sockets.
+ */
+
 int des_enc_write(fd, buf, len, sched, iv)
 int fd;
 const char *buf;