-/* Single DES CBC - used by nfs_gss */
-int des_cbc_key_sched(des_cblock *key, des_cbc_key_schedule *ks)
-{
- const struct ccmode_cbc *enc = g_crypto_funcs->ccdes_cbc_encrypt;
- const struct ccmode_cbc *dec = g_crypto_funcs->ccdes_cbc_decrypt;
-
- /* Make sure the context size for the mode fits in the one we have */
- if((enc->size>sizeof(ks->enc)) || (dec->size>sizeof(ks->dec)))
- panic("%s: inconsistent size for DES-CBC context", __FUNCTION__);
-
-
- cccbc_init(enc, ks->enc, CCDES_KEY_SIZE, key);
- cccbc_init(dec, ks->dec, CCDES_KEY_SIZE, key);
-
- /* The old DES interface could return -1 or -2 for weak keys and wrong parity,
- but this was disabled all the time, so we never fail here */
- return 0;
-}
-
-/* this is normally only called with length an 8 bytes multiple */
-void
-des_cbc_encrypt(des_cblock *in, des_cblock *out, int32_t length,
- des_cbc_key_schedule *ks, des_cblock *iv, des_cblock *retiv, int encrypt)
-{
- const struct ccmode_cbc *cbc = encrypt?g_crypto_funcs->ccdes_cbc_encrypt:g_crypto_funcs->ccdes_cbc_decrypt;
- cccbc_ctx *ctx = encrypt ? ks->enc : ks->dec;
- int nblocks;
- cccbc_iv_decl(cbc->block_size, ctx_iv);
-
- assert(length%8==0);
- nblocks=length/8;
-
- /* set the iv */
- cccbc_set_iv(cbc, ctx_iv, iv);
-
- cccbc_update(cbc, ctx, ctx_iv, nblocks, in, out);
-
- /* copy back iv */
- if(retiv)
- memcpy(retiv, ctx_iv, 8);
-}
-
-/* Triple DES CBC - used by nfs_gss */
-int des3_cbc_key_sched(des_cblock *key, des3_cbc_key_schedule *ks)
-{
- const struct ccmode_cbc *enc = g_crypto_funcs->cctdes_cbc_encrypt;
- const struct ccmode_cbc *dec = g_crypto_funcs->cctdes_cbc_decrypt;
-
- /* Make sure the context size for the mode fits in the one we have */
- if((enc->size>sizeof(ks->enc)) || (dec->size>sizeof(ks->dec)))
- panic("%s: inconsistent size for 3DES-CBC context", __FUNCTION__);
-
- cccbc_init(enc, ks->enc, CCDES_KEY_SIZE*3, key);
- cccbc_init(dec, ks->dec, CCDES_KEY_SIZE*3, key);
-
- /* The old DES interface could return -1 or -2 for weak keys and wrong parity,
- but this was disabled all the time, so we never fail here */
- return 0;
-}
-
-/* this is normally only called with length an 8 bytes multiple */
-void
-des3_cbc_encrypt(des_cblock *in, des_cblock *out, int32_t length,
- des3_cbc_key_schedule *ks, des_cblock *iv, des_cblock *retiv, int encrypt)
-{
- const struct ccmode_cbc *cbc = encrypt?g_crypto_funcs->cctdes_cbc_encrypt:g_crypto_funcs->cctdes_cbc_decrypt;
- cccbc_ctx *ctx = encrypt ? ks->enc : ks->dec;
- int nblocks;
- cccbc_iv_decl(cbc->block_size, ctx_iv);
-
- assert(length%8==0);
- nblocks=length/8;
-
- /* set the iv */
- cccbc_set_iv(cbc, ctx_iv, iv);
-
- cccbc_update(cbc, ctx, ctx_iv, nblocks, in, out);
-
- /* copy back iv */
- if(retiv)
- memcpy(retiv, ctx_iv, 8);
-}
-
-
-/*
- * DES MAC implemented according to FIPS 113
- * http://www.itl.nist.gov/fipspubs/fip113.htm
- * Only full blocks.
- * Used by nfs-gss
- */
-void
-des_cbc_cksum(des_cblock *in, des_cblock *out,
- int len, des_cbc_key_schedule *ks)
-{
- const struct ccmode_cbc *cbc = g_crypto_funcs->ccdes_cbc_encrypt;
- int nblocks;
- des_cblock cksum;
- cccbc_iv_decl(cbc->block_size, ctx_iv);
-
- assert(len%8==0);
- nblocks=len/8;
-
- cccbc_set_iv(cbc, ctx_iv, NULL);
- while(nblocks--) {
- cccbc_update(cbc, ks->enc, ctx_iv, 1, in++, cksum);
- }
- memcpy(out, cksum, sizeof(des_cblock));
-}
-
-
projects / apple / xnu.git / blobdiff