1 /* 2 * Copyright 2001-2003 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 #pragma ident "%Z%%M% %I% %E% SMI" 7 8 /* 9 * Copyright (C) 1998 by the FundsXpress, INC. 10 * 11 * All rights reserved. 12 * 13 * Export of this software from the United States of America may require 14 * a specific license from the United States Government. It is the 15 * responsibility of any person or organization contemplating export to 16 * obtain such a license before exporting. 17 * 18 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 19 * distribute this software and its documentation for any purpose and 20 * without fee is hereby granted, provided that the above copyright 21 * notice appear in all copies and that both that copyright notice and 22 * this permission notice appear in supporting documentation, and that 23 * the name of FundsXpress. not be used in advertising or publicity pertaining 24 * to distribution of the software without specific, written prior 25 * permission. FundsXpress makes no representations about the suitability of 26 * this software for any purpose. It is provided "as is" without express 27 * or implied warranty. 28 * 29 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 30 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 31 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 32 */ 33 34 #include <k5-int.h> 35 #include <old.h> 36 37 void 38 krb5_old_encrypt_length(enc, hash, inputlen, length) 39 krb5_const struct krb5_enc_provider *enc; 40 krb5_const struct krb5_hash_provider *hash; 41 size_t inputlen; 42 size_t *length; 43 { 44 size_t blocksize, hashsize; 45 46 (*(enc->block_size))(&blocksize); 47 (*(hash->hash_size))(&hashsize); 48 49 *length = krb5_roundup(blocksize+hashsize+inputlen, blocksize); 50 } 51 52 /*ARGSUSED*/ 53 krb5_error_code 54 krb5_old_encrypt(context, enc, hash, key, usage, ivec, input, output) 55 krb5_context context; 56 krb5_const struct krb5_enc_provider *enc; 57 krb5_const struct krb5_hash_provider *hash; 58 krb5_const krb5_keyblock *key; 59 krb5_keyusage usage; 60 krb5_const krb5_data *ivec; 61 krb5_const krb5_data *input; 62 krb5_data *output; 63 { 64 krb5_error_code ret; 65 size_t blocksize, hashsize, enclen; 66 krb5_data datain, crcivec; 67 int real_ivec; 68 69 (*(enc->block_size))(&blocksize); 70 (*(hash->hash_size))(&hashsize); 71 72 krb5_old_encrypt_length(enc, hash, input->length, &enclen); 73 74 if (output->length < enclen) 75 return(KRB5_BAD_MSIZE); 76 77 output->length = enclen; 78 79 /* fill in confounded, padded, plaintext buffer with zero checksum */ 80 81 (void) memset(output->data, 0, output->length); 82 83 datain.length = blocksize; 84 datain.data = (char *) output->data; 85 86 if ((ret = krb5_c_random_make_octets(context, &datain))) 87 return(ret); 88 89 (void) memcpy(output->data+blocksize+hashsize, input->data, input->length); 90 91 /* compute the checksum */ 92 93 datain.length = hashsize; 94 datain.data = output->data+blocksize; 95 96 if ((ret = ((*(hash->hash))(context, 1, output, &datain)))) 97 goto cleanup; 98 99 /* encrypt it */ 100 101 /* XXX this is gross, but I don't have much choice */ 102 if ((key->enctype == ENCTYPE_DES_CBC_CRC) && (ivec == 0)) { 103 crcivec.length = key->length; 104 crcivec.data = (char *) key->contents; 105 ivec = &crcivec; 106 real_ivec = 0; 107 } else 108 real_ivec = 1; 109 110 if ((ret = ((*(enc->encrypt))(context, key, ivec, output, output)))) 111 goto cleanup; 112 113 /* update ivec */ 114 if (real_ivec && ivec != NULL && ivec->length == blocksize) 115 (void) memcpy(ivec->data, output->data + output->length - blocksize, 116 blocksize); 117 cleanup: 118 if (ret) 119 (void) memset(output->data, 0, output->length); 120 121 return(ret); 122 } 123