17c478bd9Sstevel@tonic-gate /*
2*159d09a2SMark Phalan * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
37c478bd9Sstevel@tonic-gate * Use is subject to license terms.
47c478bd9Sstevel@tonic-gate */
57c478bd9Sstevel@tonic-gate
67c478bd9Sstevel@tonic-gate
77c478bd9Sstevel@tonic-gate /*
87c478bd9Sstevel@tonic-gate * des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode
97c478bd9Sstevel@tonic-gate */
10*159d09a2SMark Phalan #include "des_int.h"
117c478bd9Sstevel@tonic-gate
127c478bd9Sstevel@tonic-gate /*
137c478bd9Sstevel@tonic-gate * This routine performs DES cipher-block-chaining checksum operation,
147c478bd9Sstevel@tonic-gate * a.k.a. Message Authentication Code. It ALWAYS encrypts from input
157c478bd9Sstevel@tonic-gate * to a single 64 bit output MAC checksum.
167c478bd9Sstevel@tonic-gate *
177c478bd9Sstevel@tonic-gate * The key schedule is passed as an arg, as well as the cleartext or
187c478bd9Sstevel@tonic-gate * ciphertext. The cleartext and ciphertext should be in host order.
197c478bd9Sstevel@tonic-gate *
207c478bd9Sstevel@tonic-gate * NOTE-- the output is ALWAYS 8 bytes long. If not enough space was
217c478bd9Sstevel@tonic-gate * provided, your program will get trashed.
227c478bd9Sstevel@tonic-gate *
237c478bd9Sstevel@tonic-gate * The input is null padded, at the end (highest addr), to an integral
247c478bd9Sstevel@tonic-gate * multiple of eight bytes.
257c478bd9Sstevel@tonic-gate */
267c478bd9Sstevel@tonic-gate unsigned long
mit_des_cbc_cksum(krb5_context context,const krb5_octet * in,krb5_octet * out,unsigned long length,krb5_keyblock * key,const krb5_octet * ivec)277c478bd9Sstevel@tonic-gate mit_des_cbc_cksum(krb5_context context,
28*159d09a2SMark Phalan const krb5_octet *in, krb5_octet *out,
29*159d09a2SMark Phalan unsigned long length, krb5_keyblock *key,
30*159d09a2SMark Phalan const krb5_octet *ivec)
317c478bd9Sstevel@tonic-gate {
327c478bd9Sstevel@tonic-gate krb5_error_code ret = 0;
337c478bd9Sstevel@tonic-gate krb5_data input;
347c478bd9Sstevel@tonic-gate krb5_data output;
357c478bd9Sstevel@tonic-gate krb5_data ivecdata;
367c478bd9Sstevel@tonic-gate
377c478bd9Sstevel@tonic-gate input.data = (char *)in;
387c478bd9Sstevel@tonic-gate input.length = length;
397c478bd9Sstevel@tonic-gate output.data = (char *)out;
407c478bd9Sstevel@tonic-gate output.length = MIT_DES_BLOCK_LENGTH;
417c478bd9Sstevel@tonic-gate ivecdata.data = (char *)ivec;
427c478bd9Sstevel@tonic-gate ivecdata.length = MIT_DES_BLOCK_LENGTH;
437c478bd9Sstevel@tonic-gate
447c478bd9Sstevel@tonic-gate ret = k5_ef_mac(context, key, &ivecdata,
457c478bd9Sstevel@tonic-gate (const krb5_data *)&input, &output);
467c478bd9Sstevel@tonic-gate
477c478bd9Sstevel@tonic-gate return (ret);
487c478bd9Sstevel@tonic-gate }
49