1 /* 2 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 #pragma ident "%Z%%M% %I% %E% SMI" 7 8 /* 9 * Copyright (C) 1998 by the FundsXpress, INC. 10 * 11 * All rights reserved. 12 * 13 * Export of this software from the United States of America may require 14 * a specific license from the United States Government. It is the 15 * responsibility of any person or organization contemplating export to 16 * obtain such a license before exporting. 17 * 18 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 19 * distribute this software and its documentation for any purpose and 20 * without fee is hereby granted, provided that the above copyright 21 * notice appear in all copies and that both that copyright notice and 22 * this permission notice appear in supporting documentation, and that 23 * the name of FundsXpress. not be used in advertising or publicity pertaining 24 * to distribution of the software without specific, written prior 25 * permission. FundsXpress makes no representations about the suitability of 26 * this software for any purpose. It is provided "as is" without express 27 * or implied warranty. 28 * 29 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 30 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 31 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 32 */ 33 34 #include <k5-int.h> 35 #include <old.h> 36 37 void 38 krb5_old_encrypt_length(const struct krb5_enc_provider *enc, 39 const struct krb5_hash_provider *hash, 40 size_t inputlen, 41 size_t *length) 42 { 43 size_t blocksize, hashsize; 44 45 blocksize = enc->block_size; 46 hashsize = hash->hashsize; 47 48 *length = krb5_roundup(blocksize+hashsize+inputlen, blocksize); 49 } 50 51 /*ARGSUSED*/ 52 krb5_error_code 53 krb5_old_encrypt(krb5_context context, 54 krb5_const struct krb5_enc_provider *enc, 55 krb5_const struct krb5_hash_provider *hash, 56 krb5_const krb5_keyblock *key, 57 krb5_keyusage usage, 58 krb5_const krb5_data *ivec, 59 krb5_const krb5_data *input, 60 krb5_data *output) 61 { 62 krb5_error_code ret; 63 size_t blocksize, hashsize, enclen; 64 krb5_data datain, crcivec; 65 int real_ivec; 66 67 blocksize = enc->block_size; 68 hashsize = hash->hashsize; 69 70 krb5_old_encrypt_length(enc, hash, input->length, &enclen); 71 72 if (output->length < enclen) 73 return(KRB5_BAD_MSIZE); 74 75 output->length = enclen; 76 77 /* fill in confounded, padded, plaintext buffer with zero checksum */ 78 79 (void) memset(output->data, 0, output->length); 80 81 datain.length = blocksize; 82 datain.data = (char *) output->data; 83 84 if ((ret = krb5_c_random_make_octets(context, &datain))) 85 return(ret); 86 87 (void) memcpy(output->data+blocksize+hashsize, input->data, input->length); 88 89 /* compute the checksum */ 90 91 datain.length = hashsize; 92 datain.data = output->data+blocksize; 93 94 if ((ret = ((*(hash->hash))(context, 1, output, &datain)))) 95 goto cleanup; 96 97 /* encrypt it */ 98 99 /* XXX this is gross, but I don't have much choice */ 100 if ((key->enctype == ENCTYPE_DES_CBC_CRC) && (ivec == 0)) { 101 crcivec.length = key->length; 102 crcivec.data = (char *) key->contents; 103 ivec = &crcivec; 104 real_ivec = 0; 105 } else 106 real_ivec = 1; 107 108 if ((ret = ((*(enc->encrypt))(context, key, ivec, output, output)))) 109 goto cleanup; 110 111 /* update ivec */ 112 if (real_ivec && ivec != NULL && ivec->length == blocksize) 113 (void) memcpy(ivec->data, output->data + output->length - blocksize, 114 blocksize); 115 cleanup: 116 if (ret) 117 (void) memset(output->data, 0, output->length); 118 119 return(ret); 120 } 121