17c478bd9Sstevel@tonic-gate /*
2*159d09a2SMark Phalan  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
37c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
47c478bd9Sstevel@tonic-gate  */
57c478bd9Sstevel@tonic-gate 
67c478bd9Sstevel@tonic-gate 
77c478bd9Sstevel@tonic-gate /*
87c478bd9Sstevel@tonic-gate  * des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode
97c478bd9Sstevel@tonic-gate  */
10*159d09a2SMark Phalan #include "des_int.h"
117c478bd9Sstevel@tonic-gate 
127c478bd9Sstevel@tonic-gate /*
137c478bd9Sstevel@tonic-gate  * This routine performs DES cipher-block-chaining checksum operation,
147c478bd9Sstevel@tonic-gate  * a.k.a.  Message Authentication Code.  It ALWAYS encrypts from input
157c478bd9Sstevel@tonic-gate  * to a single 64 bit output MAC checksum.
167c478bd9Sstevel@tonic-gate  *
177c478bd9Sstevel@tonic-gate  * The key schedule is passed as an arg, as well as the cleartext or
187c478bd9Sstevel@tonic-gate  * ciphertext. The cleartext and ciphertext should be in host order.
197c478bd9Sstevel@tonic-gate  *
207c478bd9Sstevel@tonic-gate  * NOTE-- the output is ALWAYS 8 bytes long.  If not enough space was
217c478bd9Sstevel@tonic-gate  * provided, your program will get trashed.
227c478bd9Sstevel@tonic-gate  *
237c478bd9Sstevel@tonic-gate  * The input is null padded, at the end (highest addr), to an integral
247c478bd9Sstevel@tonic-gate  * multiple of eight bytes.
257c478bd9Sstevel@tonic-gate  */
267c478bd9Sstevel@tonic-gate unsigned long
mit_des_cbc_cksum(krb5_context context,const krb5_octet * in,krb5_octet * out,unsigned long length,krb5_keyblock * key,const krb5_octet * ivec)277c478bd9Sstevel@tonic-gate mit_des_cbc_cksum(krb5_context context,
28*159d09a2SMark Phalan 	const krb5_octet *in, krb5_octet *out,
29*159d09a2SMark Phalan 	unsigned long length, krb5_keyblock *key,
30*159d09a2SMark Phalan 	const krb5_octet  *ivec)
317c478bd9Sstevel@tonic-gate {
327c478bd9Sstevel@tonic-gate 	krb5_error_code ret = 0;
337c478bd9Sstevel@tonic-gate 	krb5_data input;
347c478bd9Sstevel@tonic-gate 	krb5_data output;
357c478bd9Sstevel@tonic-gate 	krb5_data ivecdata;
367c478bd9Sstevel@tonic-gate 
377c478bd9Sstevel@tonic-gate 	input.data = (char *)in;
387c478bd9Sstevel@tonic-gate 	input.length = length;
397c478bd9Sstevel@tonic-gate 	output.data = (char *)out;
407c478bd9Sstevel@tonic-gate 	output.length = MIT_DES_BLOCK_LENGTH;
417c478bd9Sstevel@tonic-gate 	ivecdata.data = (char *)ivec;
427c478bd9Sstevel@tonic-gate 	ivecdata.length = MIT_DES_BLOCK_LENGTH;
437c478bd9Sstevel@tonic-gate 
447c478bd9Sstevel@tonic-gate 	ret = k5_ef_mac(context, key, &ivecdata,
457c478bd9Sstevel@tonic-gate 		(const krb5_data *)&input, &output);
467c478bd9Sstevel@tonic-gate 
477c478bd9Sstevel@tonic-gate 	return (ret);
487c478bd9Sstevel@tonic-gate }
49