17c478bd9Sstevel@tonic-gate /*
2159d09a2SMark Phalan  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
37c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
47c478bd9Sstevel@tonic-gate  */
57c478bd9Sstevel@tonic-gate 
67c478bd9Sstevel@tonic-gate 
77c478bd9Sstevel@tonic-gate /*
87c478bd9Sstevel@tonic-gate  * Copyright (C) 1998 by the FundsXpress, INC.
9*55fea89dSDan Cross  *
107c478bd9Sstevel@tonic-gate  * All rights reserved.
11*55fea89dSDan Cross  *
127c478bd9Sstevel@tonic-gate  * Export of this software from the United States of America may require
137c478bd9Sstevel@tonic-gate  * a specific license from the United States Government.  It is the
147c478bd9Sstevel@tonic-gate  * responsibility of any person or organization contemplating export to
157c478bd9Sstevel@tonic-gate  * obtain such a license before exporting.
16*55fea89dSDan Cross  *
177c478bd9Sstevel@tonic-gate  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
187c478bd9Sstevel@tonic-gate  * distribute this software and its documentation for any purpose and
197c478bd9Sstevel@tonic-gate  * without fee is hereby granted, provided that the above copyright
207c478bd9Sstevel@tonic-gate  * notice appear in all copies and that both that copyright notice and
217c478bd9Sstevel@tonic-gate  * this permission notice appear in supporting documentation, and that
227c478bd9Sstevel@tonic-gate  * the name of FundsXpress. not be used in advertising or publicity pertaining
237c478bd9Sstevel@tonic-gate  * to distribution of the software without specific, written prior
247c478bd9Sstevel@tonic-gate  * permission.  FundsXpress makes no representations about the suitability of
257c478bd9Sstevel@tonic-gate  * this software for any purpose.  It is provided "as is" without express
267c478bd9Sstevel@tonic-gate  * or implied warranty.
27*55fea89dSDan Cross  *
287c478bd9Sstevel@tonic-gate  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
297c478bd9Sstevel@tonic-gate  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
307c478bd9Sstevel@tonic-gate  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
317c478bd9Sstevel@tonic-gate  */
327c478bd9Sstevel@tonic-gate 
33159d09a2SMark Phalan #include "k5-int.h"
34159d09a2SMark Phalan #include "old.h"
357c478bd9Sstevel@tonic-gate 
367c478bd9Sstevel@tonic-gate void
krb5_old_encrypt_length(const struct krb5_enc_provider * enc,const struct krb5_hash_provider * hash,size_t inputlen,size_t * length)37505d05c7Sgtb krb5_old_encrypt_length(const struct krb5_enc_provider *enc,
38505d05c7Sgtb 			const struct krb5_hash_provider *hash,
39505d05c7Sgtb 			size_t inputlen,
40505d05c7Sgtb 			size_t *length)
417c478bd9Sstevel@tonic-gate {
427c478bd9Sstevel@tonic-gate     size_t blocksize, hashsize;
437c478bd9Sstevel@tonic-gate 
44505d05c7Sgtb     blocksize = enc->block_size;
45505d05c7Sgtb     hashsize = hash->hashsize;
467c478bd9Sstevel@tonic-gate 
477c478bd9Sstevel@tonic-gate     *length = krb5_roundup(blocksize+hashsize+inputlen, blocksize);
487c478bd9Sstevel@tonic-gate }
497c478bd9Sstevel@tonic-gate 
507c478bd9Sstevel@tonic-gate /*ARGSUSED*/
517c478bd9Sstevel@tonic-gate krb5_error_code
krb5_old_encrypt(krb5_context context,const struct krb5_enc_provider * enc,const struct krb5_hash_provider * hash,const krb5_keyblock * key,krb5_keyusage usage,const krb5_data * ivec,const krb5_data * input,krb5_data * output)52505d05c7Sgtb krb5_old_encrypt(krb5_context context,
53159d09a2SMark Phalan 		 const struct krb5_enc_provider *enc,
54159d09a2SMark Phalan 		 const struct krb5_hash_provider *hash,
55159d09a2SMark Phalan 		 const krb5_keyblock *key,
56159d09a2SMark Phalan 		 krb5_keyusage usage,
57159d09a2SMark Phalan 		 const krb5_data *ivec,
58159d09a2SMark Phalan 		 const krb5_data *input,
59159d09a2SMark Phalan 		 krb5_data *output)
607c478bd9Sstevel@tonic-gate {
617c478bd9Sstevel@tonic-gate     krb5_error_code ret;
627c478bd9Sstevel@tonic-gate     size_t blocksize, hashsize, enclen;
637c478bd9Sstevel@tonic-gate     krb5_data datain, crcivec;
647c478bd9Sstevel@tonic-gate     int real_ivec;
657c478bd9Sstevel@tonic-gate 
66505d05c7Sgtb     blocksize = enc->block_size;
67505d05c7Sgtb     hashsize = hash->hashsize;
687c478bd9Sstevel@tonic-gate 
697c478bd9Sstevel@tonic-gate     krb5_old_encrypt_length(enc, hash, input->length, &enclen);
707c478bd9Sstevel@tonic-gate 
717c478bd9Sstevel@tonic-gate     if (output->length < enclen)
727c478bd9Sstevel@tonic-gate 	return(KRB5_BAD_MSIZE);
737c478bd9Sstevel@tonic-gate 
747c478bd9Sstevel@tonic-gate     output->length = enclen;
757c478bd9Sstevel@tonic-gate 
767c478bd9Sstevel@tonic-gate     /* fill in confounded, padded, plaintext buffer with zero checksum */
777c478bd9Sstevel@tonic-gate 
787c478bd9Sstevel@tonic-gate     (void) memset(output->data, 0, output->length);
797c478bd9Sstevel@tonic-gate 
807c478bd9Sstevel@tonic-gate     datain.length = blocksize;
817c478bd9Sstevel@tonic-gate     datain.data = (char *) output->data;
827c478bd9Sstevel@tonic-gate 
837c478bd9Sstevel@tonic-gate     if ((ret = krb5_c_random_make_octets(context, &datain)))
847c478bd9Sstevel@tonic-gate 	return(ret);
857c478bd9Sstevel@tonic-gate     (void) memcpy(output->data+blocksize+hashsize, input->data, input->length);
867c478bd9Sstevel@tonic-gate 
877c478bd9Sstevel@tonic-gate     /* compute the checksum */
887c478bd9Sstevel@tonic-gate 
897c478bd9Sstevel@tonic-gate     datain.length = hashsize;
907c478bd9Sstevel@tonic-gate     datain.data = output->data+blocksize;
917c478bd9Sstevel@tonic-gate 
927c478bd9Sstevel@tonic-gate     if ((ret = ((*(hash->hash))(context, 1, output, &datain))))
937c478bd9Sstevel@tonic-gate 	goto cleanup;
94159d09a2SMark Phalan 
957c478bd9Sstevel@tonic-gate     /* encrypt it */
967c478bd9Sstevel@tonic-gate 
977c478bd9Sstevel@tonic-gate     /* XXX this is gross, but I don't have much choice */
987c478bd9Sstevel@tonic-gate     if ((key->enctype == ENCTYPE_DES_CBC_CRC) && (ivec == 0)) {
997c478bd9Sstevel@tonic-gate 	crcivec.length = key->length;
1007c478bd9Sstevel@tonic-gate 	crcivec.data = (char *) key->contents;
1017c478bd9Sstevel@tonic-gate 	ivec = &crcivec;
1027c478bd9Sstevel@tonic-gate 	real_ivec = 0;
1037c478bd9Sstevel@tonic-gate     } else
1047c478bd9Sstevel@tonic-gate 	real_ivec = 1;
1057c478bd9Sstevel@tonic-gate 
106159d09a2SMark Phalan     if ((ret = ((*(enc->encrypt))(context, key, ivec, output, output))))
1077c478bd9Sstevel@tonic-gate 	goto cleanup;
1087c478bd9Sstevel@tonic-gate 
1097c478bd9Sstevel@tonic-gate     /* update ivec */
1107c478bd9Sstevel@tonic-gate     if (real_ivec && ivec != NULL && ivec->length == blocksize)
1117c478bd9Sstevel@tonic-gate 	(void) memcpy(ivec->data, output->data + output->length - blocksize,
1127c478bd9Sstevel@tonic-gate 	       blocksize);
1137c478bd9Sstevel@tonic-gate cleanup:
1147c478bd9Sstevel@tonic-gate     if (ret)
1157c478bd9Sstevel@tonic-gate 	(void) memset(output->data, 0, output->length);
1167c478bd9Sstevel@tonic-gate 
1177c478bd9Sstevel@tonic-gate     return(ret);
1187c478bd9Sstevel@tonic-gate }
119