17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate * CDDL HEADER START
37c478bd9Sstevel@tonic-gate *
47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the
547c883c7Sdinak * Common Development and Distribution License (the "License").
647c883c7Sdinak * You may not use this file except in compliance with the License.
77c478bd9Sstevel@tonic-gate *
87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions
117c478bd9Sstevel@tonic-gate * and limitations under the License.
127c478bd9Sstevel@tonic-gate *
137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bd9Sstevel@tonic-gate *
197c478bd9Sstevel@tonic-gate * CDDL HEADER END
207c478bd9Sstevel@tonic-gate */
217c478bd9Sstevel@tonic-gate /*
22d288ba74SAnthony Scarpino * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
237c478bd9Sstevel@tonic-gate * Use is subject to license terms.
24*fb261280SJason King *
25*fb261280SJason King * Copyright (c) 2018, Joyent, Inc.
267c478bd9Sstevel@tonic-gate */
277c478bd9Sstevel@tonic-gate
287c478bd9Sstevel@tonic-gate #include <pthread.h>
297c478bd9Sstevel@tonic-gate #include <security/cryptoki.h>
307c478bd9Sstevel@tonic-gate #include "softGlobal.h"
317c478bd9Sstevel@tonic-gate #include "softSession.h"
327c478bd9Sstevel@tonic-gate #include "softObject.h"
337c478bd9Sstevel@tonic-gate #include "softOps.h"
347c478bd9Sstevel@tonic-gate
357c478bd9Sstevel@tonic-gate
367c478bd9Sstevel@tonic-gate CK_RV
C_EncryptInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)377c478bd9Sstevel@tonic-gate C_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
387c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hKey)
397c478bd9Sstevel@tonic-gate {
407c478bd9Sstevel@tonic-gate
417c478bd9Sstevel@tonic-gate CK_RV rv;
427c478bd9Sstevel@tonic-gate soft_session_t *session_p;
437c478bd9Sstevel@tonic-gate soft_object_t *key_p;
447c478bd9Sstevel@tonic-gate boolean_t lock_held = B_FALSE;
457c478bd9Sstevel@tonic-gate
467c478bd9Sstevel@tonic-gate if (!softtoken_initialized)
477c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED);
487c478bd9Sstevel@tonic-gate
497c478bd9Sstevel@tonic-gate /* Obtain the session pointer. */
507c478bd9Sstevel@tonic-gate rv = handle2session(hSession, &session_p);
517c478bd9Sstevel@tonic-gate if (rv != CKR_OK)
527c478bd9Sstevel@tonic-gate return (rv);
537c478bd9Sstevel@tonic-gate
547c478bd9Sstevel@tonic-gate if (pMechanism == NULL) {
557c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD;
567c478bd9Sstevel@tonic-gate goto clean_exit;
577c478bd9Sstevel@tonic-gate }
587c478bd9Sstevel@tonic-gate
597c478bd9Sstevel@tonic-gate /* Obtain the object pointer. */
607c478bd9Sstevel@tonic-gate HANDLE2OBJECT(hKey, key_p, rv);
617c478bd9Sstevel@tonic-gate if (rv != CKR_OK)
627c478bd9Sstevel@tonic-gate goto clean_exit;
637c478bd9Sstevel@tonic-gate
647c478bd9Sstevel@tonic-gate /* Check to see if key object allows for encryption. */
657c478bd9Sstevel@tonic-gate if (!(key_p->bool_attr_mask & ENCRYPT_BOOL_ON)) {
66d288ba74SAnthony Scarpino rv = CKR_KEY_FUNCTION_NOT_PERMITTED;
677c478bd9Sstevel@tonic-gate goto clean_exit1;
687c478bd9Sstevel@tonic-gate }
697c478bd9Sstevel@tonic-gate
707c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex);
717c478bd9Sstevel@tonic-gate lock_held = B_TRUE;
727c478bd9Sstevel@tonic-gate
737c478bd9Sstevel@tonic-gate /* Check to see if encrypt operation is already active. */
747c478bd9Sstevel@tonic-gate if (session_p->encrypt.flags & CRYPTO_OPERATION_ACTIVE) {
757c478bd9Sstevel@tonic-gate /* free the memory to avoid memory leak */
767c478bd9Sstevel@tonic-gate soft_crypt_cleanup(session_p, B_TRUE, lock_held);
777c478bd9Sstevel@tonic-gate }
787c478bd9Sstevel@tonic-gate
797c478bd9Sstevel@tonic-gate /*
807c478bd9Sstevel@tonic-gate * This active flag will remain ON until application calls either
817c478bd9Sstevel@tonic-gate * C_Encrypt or C_EncryptFinal to actually obtain the final piece
827c478bd9Sstevel@tonic-gate * of ciphertext.
837c478bd9Sstevel@tonic-gate */
847c478bd9Sstevel@tonic-gate session_p->encrypt.flags = CRYPTO_OPERATION_ACTIVE;
857c478bd9Sstevel@tonic-gate
867c478bd9Sstevel@tonic-gate (void) pthread_mutex_unlock(&session_p->session_mutex);
877c478bd9Sstevel@tonic-gate lock_held = B_FALSE;
887c478bd9Sstevel@tonic-gate
897c478bd9Sstevel@tonic-gate rv = soft_encrypt_init(session_p, pMechanism, key_p);
907c478bd9Sstevel@tonic-gate
917c478bd9Sstevel@tonic-gate if (rv != CKR_OK) {
927c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex);
937c478bd9Sstevel@tonic-gate session_p->encrypt.flags &= ~CRYPTO_OPERATION_ACTIVE;
947c478bd9Sstevel@tonic-gate lock_held = B_TRUE;
957c478bd9Sstevel@tonic-gate }
967c478bd9Sstevel@tonic-gate
977c478bd9Sstevel@tonic-gate clean_exit1:
987c478bd9Sstevel@tonic-gate OBJ_REFRELE(key_p);
997c478bd9Sstevel@tonic-gate clean_exit:
1007c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held);
1017c478bd9Sstevel@tonic-gate return (rv);
1027c478bd9Sstevel@tonic-gate }
1037c478bd9Sstevel@tonic-gate
1047c478bd9Sstevel@tonic-gate
1057c478bd9Sstevel@tonic-gate CK_RV
C_Encrypt(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pData,CK_ULONG ulDataLen,CK_BYTE_PTR pEncryptedData,CK_ULONG_PTR pulEncryptedDataLen)1067c478bd9Sstevel@tonic-gate C_Encrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
1077c478bd9Sstevel@tonic-gate CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen)
1087c478bd9Sstevel@tonic-gate {
1097c478bd9Sstevel@tonic-gate
1107c478bd9Sstevel@tonic-gate CK_RV rv;
1117c478bd9Sstevel@tonic-gate soft_session_t *session_p;
1127c478bd9Sstevel@tonic-gate boolean_t lock_held = B_FALSE;
1137c478bd9Sstevel@tonic-gate
1147c478bd9Sstevel@tonic-gate if (!softtoken_initialized)
1157c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED);
1167c478bd9Sstevel@tonic-gate
1177c478bd9Sstevel@tonic-gate /* Obtain the session pointer. */
1187c478bd9Sstevel@tonic-gate rv = handle2session(hSession, &session_p);
1197c478bd9Sstevel@tonic-gate if (rv != CKR_OK)
1207c478bd9Sstevel@tonic-gate return (rv);
1217c478bd9Sstevel@tonic-gate
12247c883c7Sdinak /*
123*fb261280SJason King * How to handle zero input length depends on the mechanism in use.
124*fb261280SJason King * For secret key mechanisms, unpadded ones yield zero length output,
125*fb261280SJason King * but padded ones always result in greater than zero length output.
12647c883c7Sdinak */
127*fb261280SJason King if (pData == NULL && ulDataLen != 0) {
1287c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD;
1297c478bd9Sstevel@tonic-gate goto clean_exit;
1307c478bd9Sstevel@tonic-gate }
1317c478bd9Sstevel@tonic-gate
1327c478bd9Sstevel@tonic-gate /*
1337c478bd9Sstevel@tonic-gate * Only check if pulEncryptedDataLen is NULL.
1347c478bd9Sstevel@tonic-gate * No need to check if pEncryptedData is NULL because
1357c478bd9Sstevel@tonic-gate * application might just ask for the length of buffer to hold
1367c478bd9Sstevel@tonic-gate * the ciphertext.
1377c478bd9Sstevel@tonic-gate */
1387c478bd9Sstevel@tonic-gate if (pulEncryptedDataLen == NULL) {
1397c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD;
1407c478bd9Sstevel@tonic-gate goto clean_exit;
1417c478bd9Sstevel@tonic-gate }
1427c478bd9Sstevel@tonic-gate
1437c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex);
1447c478bd9Sstevel@tonic-gate lock_held = B_TRUE;
1457c478bd9Sstevel@tonic-gate
1467c478bd9Sstevel@tonic-gate /* Application must call C_EncryptInit before calling C_Encrypt. */
1477c478bd9Sstevel@tonic-gate if (!(session_p->encrypt.flags & CRYPTO_OPERATION_ACTIVE)) {
1487c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held);
1497c478bd9Sstevel@tonic-gate return (CKR_OPERATION_NOT_INITIALIZED);
1507c478bd9Sstevel@tonic-gate }
1517c478bd9Sstevel@tonic-gate
1527c478bd9Sstevel@tonic-gate /*
1537c478bd9Sstevel@tonic-gate * C_Encrypt must be called without intervening C_EncryptUpdate
1547c478bd9Sstevel@tonic-gate * calls.
1557c478bd9Sstevel@tonic-gate */
1567c478bd9Sstevel@tonic-gate if (session_p->encrypt.flags & CRYPTO_OPERATION_UPDATE) {
1577c478bd9Sstevel@tonic-gate /*
1587c478bd9Sstevel@tonic-gate * C_Encrypt can not be used to terminate a multi-part
1597c478bd9Sstevel@tonic-gate * operation, so we'll leave the active encrypt operation
1607c478bd9Sstevel@tonic-gate * flag on and let the application continue with the
1617c478bd9Sstevel@tonic-gate * encrypt update operation.
1627c478bd9Sstevel@tonic-gate */
1637c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held);
1647c478bd9Sstevel@tonic-gate return (CKR_FUNCTION_FAILED);
1657c478bd9Sstevel@tonic-gate }
1667c478bd9Sstevel@tonic-gate
1677c478bd9Sstevel@tonic-gate (void) pthread_mutex_unlock(&session_p->session_mutex);
1687c478bd9Sstevel@tonic-gate lock_held = B_FALSE;
1697c478bd9Sstevel@tonic-gate
1707c478bd9Sstevel@tonic-gate rv = soft_encrypt(session_p, pData, ulDataLen, pEncryptedData,
1717c478bd9Sstevel@tonic-gate pulEncryptedDataLen);
1727c478bd9Sstevel@tonic-gate
1737c478bd9Sstevel@tonic-gate if ((rv == CKR_BUFFER_TOO_SMALL) ||
1747c478bd9Sstevel@tonic-gate (pEncryptedData == NULL && rv == CKR_OK)) {
1757c478bd9Sstevel@tonic-gate /*
1767c478bd9Sstevel@tonic-gate * We will not terminate the active encrypt operation flag,
1777c478bd9Sstevel@tonic-gate * when the application-supplied buffer is too small, or
1787c478bd9Sstevel@tonic-gate * the application asks for the length of buffer to hold
1797c478bd9Sstevel@tonic-gate * the ciphertext.
1807c478bd9Sstevel@tonic-gate */
1817c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held);
1827c478bd9Sstevel@tonic-gate return (rv);
1837c478bd9Sstevel@tonic-gate }
1847c478bd9Sstevel@tonic-gate
1857c478bd9Sstevel@tonic-gate clean_exit:
1864c21f043Sizick /* Clear context, free key, and release session counter */
1874c21f043Sizick soft_crypt_cleanup(session_p, B_TRUE, B_FALSE);
1887c478bd9Sstevel@tonic-gate return (rv);
1897c478bd9Sstevel@tonic-gate }
1907c478bd9Sstevel@tonic-gate
1917c478bd9Sstevel@tonic-gate
1927c478bd9Sstevel@tonic-gate CK_RV
C_EncryptUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,CK_ULONG ulPartLen,CK_BYTE_PTR pEncryptedPart,CK_ULONG_PTR pulEncryptedPartLen)1937c478bd9Sstevel@tonic-gate C_EncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1947c478bd9Sstevel@tonic-gate CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1957c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulEncryptedPartLen)
1967c478bd9Sstevel@tonic-gate {
1977c478bd9Sstevel@tonic-gate
1987c478bd9Sstevel@tonic-gate CK_RV rv;
1997c478bd9Sstevel@tonic-gate soft_session_t *session_p;
2007c478bd9Sstevel@tonic-gate boolean_t lock_held = B_FALSE;
2017c478bd9Sstevel@tonic-gate
2027c478bd9Sstevel@tonic-gate if (!softtoken_initialized)
2037c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED);
2047c478bd9Sstevel@tonic-gate
2057c478bd9Sstevel@tonic-gate /* Obtain the session pointer. */
2067c478bd9Sstevel@tonic-gate rv = handle2session(hSession, &session_p);
2077c478bd9Sstevel@tonic-gate if (rv != CKR_OK)
2087c478bd9Sstevel@tonic-gate return (rv);
2097c478bd9Sstevel@tonic-gate
21047c883c7Sdinak /*
21147c883c7Sdinak * Only check if input buffer is null. How to handle zero input
21247c883c7Sdinak * length depends on the mechanism in use. For secret key mechanisms,
21347c883c7Sdinak * unpadded ones yeild zero length output, but padded ones always
21447c883c7Sdinak * result in greater than zero length output.
21547c883c7Sdinak */
2167c478bd9Sstevel@tonic-gate if (pPart == NULL) {
2177c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD;
2187c478bd9Sstevel@tonic-gate goto clean_exit;
2197c478bd9Sstevel@tonic-gate }
2207c478bd9Sstevel@tonic-gate
2217c478bd9Sstevel@tonic-gate /*
2227c478bd9Sstevel@tonic-gate * Only check if pulEncryptedPartLen is NULL.
2237c478bd9Sstevel@tonic-gate * No need to check if pEncryptedPart is NULL because
2247c478bd9Sstevel@tonic-gate * application might just ask for the length of buffer to hold
2257c478bd9Sstevel@tonic-gate * the ciphertext.
2267c478bd9Sstevel@tonic-gate */
2277c478bd9Sstevel@tonic-gate if (pulEncryptedPartLen == NULL) {
2287c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD;
2297c478bd9Sstevel@tonic-gate goto clean_exit;
2307c478bd9Sstevel@tonic-gate }
2317c478bd9Sstevel@tonic-gate
2327c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex);
2337c478bd9Sstevel@tonic-gate lock_held = B_TRUE;
2347c478bd9Sstevel@tonic-gate
2357c478bd9Sstevel@tonic-gate /*
2367c478bd9Sstevel@tonic-gate * Application must call C_EncryptInit before calling
2377c478bd9Sstevel@tonic-gate * C_EncryptUpdate.
2387c478bd9Sstevel@tonic-gate */
2397c478bd9Sstevel@tonic-gate if (!(session_p->encrypt.flags & CRYPTO_OPERATION_ACTIVE)) {
2407c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held);
2417c478bd9Sstevel@tonic-gate return (CKR_OPERATION_NOT_INITIALIZED);
2427c478bd9Sstevel@tonic-gate }
2437c478bd9Sstevel@tonic-gate
2447c478bd9Sstevel@tonic-gate session_p->encrypt.flags |= CRYPTO_OPERATION_UPDATE;
2457c478bd9Sstevel@tonic-gate
2467c478bd9Sstevel@tonic-gate (void) pthread_mutex_unlock(&session_p->session_mutex);
2477c478bd9Sstevel@tonic-gate lock_held = B_FALSE;
2487c478bd9Sstevel@tonic-gate
2497c478bd9Sstevel@tonic-gate rv = soft_encrypt_update(session_p, pPart, ulPartLen,
2507c478bd9Sstevel@tonic-gate pEncryptedPart, pulEncryptedPartLen);
2517c478bd9Sstevel@tonic-gate
2527c478bd9Sstevel@tonic-gate /*
2537c478bd9Sstevel@tonic-gate * If CKR_OK or CKR_BUFFER_TOO_SMALL, don't terminate the
2547c478bd9Sstevel@tonic-gate * current encryption operation.
2557c478bd9Sstevel@tonic-gate */
2567c478bd9Sstevel@tonic-gate if ((rv == CKR_OK) || (rv == CKR_BUFFER_TOO_SMALL)) {
2577c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held);
2587c478bd9Sstevel@tonic-gate return (rv);
2597c478bd9Sstevel@tonic-gate }
2607c478bd9Sstevel@tonic-gate
2617c478bd9Sstevel@tonic-gate clean_exit:
2627c478bd9Sstevel@tonic-gate /*
2637c478bd9Sstevel@tonic-gate * After an error occurred, terminate the current encrypt
2647c478bd9Sstevel@tonic-gate * operation by resetting the active and update flags.
2657c478bd9Sstevel@tonic-gate */
2667c478bd9Sstevel@tonic-gate soft_crypt_cleanup(session_p, B_TRUE, lock_held);
2677c478bd9Sstevel@tonic-gate
2687c478bd9Sstevel@tonic-gate return (rv);
2697c478bd9Sstevel@tonic-gate }
2707c478bd9Sstevel@tonic-gate
2717c478bd9Sstevel@tonic-gate
2727c478bd9Sstevel@tonic-gate CK_RV
C_EncryptFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pLastEncryptedPart,CK_ULONG_PTR pulLastEncryptedPartLen)2737c478bd9Sstevel@tonic-gate C_EncryptFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastEncryptedPart,
2747c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulLastEncryptedPartLen)
2757c478bd9Sstevel@tonic-gate {
2767c478bd9Sstevel@tonic-gate
2777c478bd9Sstevel@tonic-gate CK_RV rv;
2787c478bd9Sstevel@tonic-gate soft_session_t *session_p;
2797c478bd9Sstevel@tonic-gate boolean_t lock_held = B_FALSE;
2807c478bd9Sstevel@tonic-gate
2817c478bd9Sstevel@tonic-gate if (!softtoken_initialized)
2827c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED);
2837c478bd9Sstevel@tonic-gate
2847c478bd9Sstevel@tonic-gate /* Obtain the session pointer. */
2857c478bd9Sstevel@tonic-gate rv = handle2session(hSession, &session_p);
2867c478bd9Sstevel@tonic-gate if (rv != CKR_OK)
2877c478bd9Sstevel@tonic-gate return (rv);
2887c478bd9Sstevel@tonic-gate
2897c478bd9Sstevel@tonic-gate if (pulLastEncryptedPartLen == NULL) {
2907c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD;
2917c478bd9Sstevel@tonic-gate goto clean_exit;
2927c478bd9Sstevel@tonic-gate }
2937c478bd9Sstevel@tonic-gate
2947c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex);
2957c478bd9Sstevel@tonic-gate lock_held = B_TRUE;
2967c478bd9Sstevel@tonic-gate
2977c478bd9Sstevel@tonic-gate /*
2987c478bd9Sstevel@tonic-gate * Application must call C_EncryptInit before calling
2997c478bd9Sstevel@tonic-gate * C_EncryptFinal.
3007c478bd9Sstevel@tonic-gate */
3017c478bd9Sstevel@tonic-gate if (!(session_p->encrypt.flags & CRYPTO_OPERATION_ACTIVE)) {
3027c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held);
3037c478bd9Sstevel@tonic-gate return (CKR_OPERATION_NOT_INITIALIZED);
3047c478bd9Sstevel@tonic-gate }
3057c478bd9Sstevel@tonic-gate
3067c478bd9Sstevel@tonic-gate (void) pthread_mutex_unlock(&session_p->session_mutex);
3077c478bd9Sstevel@tonic-gate lock_held = B_FALSE;
3087c478bd9Sstevel@tonic-gate
3097c478bd9Sstevel@tonic-gate rv = soft_encrypt_final(session_p, pLastEncryptedPart,
3107c478bd9Sstevel@tonic-gate pulLastEncryptedPartLen);
3117c478bd9Sstevel@tonic-gate
3127c478bd9Sstevel@tonic-gate if ((rv == CKR_BUFFER_TOO_SMALL) ||
3137c478bd9Sstevel@tonic-gate (pLastEncryptedPart == NULL && rv == CKR_OK)) {
3147c478bd9Sstevel@tonic-gate /*
3157c478bd9Sstevel@tonic-gate * We will not terminate the active encrypt operation flag,
3167c478bd9Sstevel@tonic-gate * when the application-supplied buffer is too small, or
3177c478bd9Sstevel@tonic-gate * the application asks for the length of buffer to hold
3187c478bd9Sstevel@tonic-gate * the ciphertext.
3197c478bd9Sstevel@tonic-gate */
3207c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held);
3217c478bd9Sstevel@tonic-gate return (rv);
3227c478bd9Sstevel@tonic-gate }
3237c478bd9Sstevel@tonic-gate
3247c478bd9Sstevel@tonic-gate /* Terminates the active encrypt operation. */
3257c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex);
3267c478bd9Sstevel@tonic-gate session_p->encrypt.flags = 0;
3277c478bd9Sstevel@tonic-gate lock_held = B_TRUE;
3287c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held);
3297c478bd9Sstevel@tonic-gate
3307c478bd9Sstevel@tonic-gate return (rv);
3317c478bd9Sstevel@tonic-gate
3327c478bd9Sstevel@tonic-gate clean_exit:
3337c478bd9Sstevel@tonic-gate /* Terminates the active encrypt operation. */
3347c478bd9Sstevel@tonic-gate soft_crypt_cleanup(session_p, B_TRUE, lock_held);
3357c478bd9Sstevel@tonic-gate
3367c478bd9Sstevel@tonic-gate return (rv);
3377c478bd9Sstevel@tonic-gate }
338