100 lines
2.2 KiB
C
100 lines
2.2 KiB
C
/* $NetBSD: authencrypt.c,v 1.1.1.2 2000/04/22 14:52:55 simonb Exp $ */
|
|
|
|
/*
|
|
* DES interface for rsaref2.0
|
|
*
|
|
* These routines implement an interface for the RSA Laboratories
|
|
* implementation of the Data Encryption Standard (DES) algorithm
|
|
* operating in Cipher-Block Chaining (CBC) mode. This algorithm is
|
|
* included in the rsaref2.0 package available from RSA in the US and
|
|
* foreign countries. Further information is available at www.rsa.com.
|
|
*/
|
|
|
|
#include "ntp_machine.h"
|
|
|
|
#ifdef HAVE_CONFIG_H
|
|
#include <config.h>
|
|
#endif
|
|
|
|
#ifdef DES
|
|
#include "ntp_types.h"
|
|
#include "ntp_fp.h"
|
|
#include "ntp_string.h"
|
|
#include "global.h"
|
|
#include "des.h"
|
|
#include "ntp_stdlib.h"
|
|
|
|
#define BLOCK_OCTETS 8 /* message digest size */
|
|
#define MAXTPKT 128 /* max packet size */
|
|
|
|
|
|
/*
|
|
* DESauthencrypt - generate DES-CBC message authenticator
|
|
*
|
|
* Returns length of authenticator field.
|
|
*/
|
|
int
|
|
DESauthencrypt(
|
|
u_char *key, /* key pointer */
|
|
u_int32 *pkt, /* packet pointer */
|
|
int length /* packet length */
|
|
)
|
|
{
|
|
DES_CBC_CTX ctx;
|
|
u_int32 tpkt[MAXTPKT];
|
|
u_int32 work[2];
|
|
int i, j;
|
|
|
|
/*
|
|
* DES-CBC with zero IV. Note the encrypted text is discarded.
|
|
*/
|
|
work[0] = work[1] = 0;
|
|
DES_CBCInit(&ctx, key, (u_char *)work, 1);
|
|
DES_CBCUpdate(&ctx, (u_char *)tpkt, (u_char *)pkt,
|
|
(u_int)length);
|
|
i = length / 4 + 1;
|
|
j = i - 3;
|
|
pkt[i++] = (u_int32)htonl(tpkt[j++]);
|
|
pkt[i] = (u_int32)htonl(tpkt[j]);
|
|
return (BLOCK_OCTETS + 4);
|
|
}
|
|
|
|
|
|
/*
|
|
* DESauthdecrypt - verify DES message authenticator
|
|
*
|
|
* Returns one if authenticator valid, zero if invalid.
|
|
*/
|
|
int
|
|
DESauthdecrypt(
|
|
u_char *key, /* key pointer */
|
|
u_int32 *pkt, /* packet pointer */
|
|
int length, /* packet length */
|
|
int size /* size of MAC field */
|
|
)
|
|
{
|
|
DES_CBC_CTX ctx;
|
|
u_int32 tpkt[MAXTPKT];
|
|
u_int32 work[2];
|
|
int i, j;
|
|
|
|
/*
|
|
* DES-CBC with zero IV. Note the encrypted text is discarded.
|
|
*/
|
|
if (size != BLOCK_OCTETS + 4)
|
|
return (0);
|
|
work[0] = work[1] = 0;
|
|
DES_CBCInit (&ctx, key, (u_char *)work, 1);
|
|
DES_CBCUpdate (&ctx, (u_char *)tpkt, (u_char *)pkt,
|
|
(u_int)length);
|
|
i = length / 4 + 1;
|
|
j = i - 3;
|
|
if ((u_int32)ntohl(pkt[i++]) == tpkt[j++] &&
|
|
(u_int32)ntohl(pkt[i]) == tpkt[j])
|
|
return (1);
|
|
return (0);
|
|
}
|
|
#else
|
|
int authencrypt_bs;
|
|
#endif /* DES */
|