This repository was archived by the owner on Oct 29, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathx99.c
More file actions
78 lines (72 loc) · 2.69 KB
/
x99.c
File metadata and controls
78 lines (72 loc) · 2.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
/*
* $Id$
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*
* For alternative licensing terms, contact licensing@tri-dsystems.com.
*
* Copyright 2001,2002 Google, Inc.
* Copyright 2005,2007 TRI-D Systems, Inc.
*/
#include "ident.h"
RCSID("$Id$")
#include <string.h>
#include <sys/types.h>
#include <openssl/des.h>
#include "extern.h"
#include "otp.h" /* OTP_MAX_CHALLENGE_LEN */
/*
* The ANSI X9.9 MAC algorithm is:
* 1. Perform a CBC mode DES encryption of the plaintext. The last plaintext
* block must be zero padded.
* 2. The MAC is the most significant 32 bits of the last cipherblock.
*
* Most tokens support a max of an 8 character challenge, but at least one
* (CRYPTOCard RB-1) supports performing the full CBC mode encryption
* of an arbitrary length challenge. So we don't limit ourselves
* to just an ECB mode encryption.
*
* This routine returns the entire 64 bit last cipherblock, at least one sync
* mode needs this (and ANSI X9.9 states that the MAC can be 48, and 64 bit
* MACs should be supported). Returns 0 on success, non-zero otherwise.
*/
int
x99_mac(const unsigned char *input, size_t len, unsigned char output[8],
const unsigned char *key)
{
des_key_schedule ks;
des_cblock ivec;
des_cblock l_output[OTP_MAX_CHALLENGE_LEN / sizeof(des_cblock)];
int rc;
/*
* Setup and verify the key.
* This may be a bit expensive to do every time, but it
* makes more sense for calling functions to deal with
* the key itself, rather than the schedule. In practice,
* I don't think this will amount to much, but I haven't
* actually profiled it.
* TODO: store in user_t after generating
*/
if ((rc = des_set_key_checked((const_des_cblock *) key, ks)) != 0) {
mlog(LOG_ERR, "%s: DES key %s",
__func__, rc == -1 ? "has incorrect parity" : "is weak");
return -1;
}
(void) memset(ivec, 0, sizeof(ivec));
des_cbc_encrypt(input, (unsigned char *) l_output, len,
ks, &ivec, DES_ENCRYPT);
(void) memcpy(output, l_output[(len - 1) / 8], 8);
return 0;
}