1 /* 2 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 /* 7 * Copyright 1995 by Richard P. Basch. All Rights Reserved. 8 * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. 9 * 10 * Export of this software from the United States of America may 11 * require a specific license from the United States Government. 12 * It is the responsibility of any person or organization contemplating 13 * export to obtain such a license before exporting. 14 * 15 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 16 * distribute this software and its documentation for any purpose and 17 * without fee is hereby granted, provided that the above copyright 18 * notice appear in all copies and that both that copyright notice and 19 * this permission notice appear in supporting documentation, and that 20 * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used 21 * in advertising or publicity pertaining to distribution of the software 22 * without specific, written prior permission. Richard P. Basch, 23 * Lehman Brothers and M.I.T. make no representations about the suitability 24 * of this software for any purpose. It is provided "as is" without 25 * express or implied warranty. 26 */ 27 28 #include "des_int.h" 29 30 /* 31 * Triple-DES CBC encryption mode. 32 */ 33 #ifndef _KERNEL 34 int 35 mit_des3_cbc_encrypt(krb5_context context, const mit_des_cblock *in, mit_des_cblock *out, 36 unsigned long length, krb5_keyblock *key, 37 const mit_des_cblock ivec, int encrypt) 38 { 39 int ret = KRB5_PROG_ETYPE_NOSUPP; 40 /* EXPORT DELETE START */ 41 KRB5_MECH_TO_PKCS algos; 42 CK_MECHANISM mechanism; 43 CK_RV rv; 44 /* For the Key Object */ 45 ret = 0; 46 47 if ((rv = get_algo(key->enctype, &algos)) != CKR_OK) { 48 KRB5_LOG0(KRB5_ERR, "failure to get algo id in function " 49 "mit_des3_cbc_encrypt."); 50 ret = PKCS_ERR; 51 goto cleanup; 52 } 53 54 rv = init_key_uef(krb_ctx_hSession(context), key); 55 if (rv != CKR_OK) { 56 KRB5_LOG(KRB5_ERR, "init_key_uef failed in " 57 "mit_des3_cbc_encrypt: rv = 0x%0x", rv); 58 ret = PKCS_ERR; 59 goto cleanup; 60 } 61 62 mechanism.mechanism = algos.enc_algo; 63 mechanism.pParameter = (void*)ivec; 64 if (ivec != NULL) 65 mechanism.ulParameterLen = sizeof(mit_des_cblock); 66 else 67 mechanism.ulParameterLen = 0; 68 69 if (encrypt) 70 rv = C_EncryptInit(krb_ctx_hSession(context), &mechanism, key->hKey); 71 else 72 rv = C_DecryptInit(krb_ctx_hSession(context), &mechanism, key->hKey); 73 74 if (rv != CKR_OK) { 75 KRB5_LOG(KRB5_ERR, "C_EncryptInit/C_DecryptInit failed in " 76 "mit_des3_cbc_encrypt: rv = 0x%x", rv); 77 ret = PKCS_ERR; 78 goto cleanup; 79 } 80 81 if (encrypt) 82 rv = C_Encrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in, 83 (CK_ULONG)length, (CK_BYTE_PTR)out, 84 (CK_ULONG_PTR)&length); 85 else 86 rv = C_Decrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in, 87 (CK_ULONG)length, (CK_BYTE_PTR)out, 88 (CK_ULONG_PTR)&length); 89 90 if (rv != CKR_OK) { 91 KRB5_LOG(KRB5_ERR, 92 "C_Encrypt/C_Decrypt failed in mit_des3_cbc_encrypt: " 93 "rv = 0x%x", rv); 94 ret = PKCS_ERR; 95 } 96 cleanup: 97 98 final_cleanup: 99 if (ret) 100 (void) memset(out, 0, length); 101 102 /* EXPORT DELETE END */ 103 KRB5_LOG(KRB5_INFO, "mit_des3_cbc_encrypt() end ret=%d\n", ret); 104 return(ret); 105 } 106 107 #else 108 #include <sys/crypto/api.h> 109 110 /* ARGSUSED */ 111 int 112 mit_des3_cbc_encrypt(krb5_context context, 113 const mit_des_cblock *in, 114 mit_des_cblock *out, 115 unsigned long length, krb5_keyblock *key, 116 const mit_des_cblock ivec, int encrypt) 117 { 118 int ret = KRB5_PROG_ETYPE_NOSUPP; 119 /* EXPORT DELETE START */ 120 krb5_data ivdata; 121 122 KRB5_LOG(KRB5_INFO, "mit_des3_cbc_encrypt() start encrypt=%d", encrypt); 123 124 ivdata.data = (char *)ivec; 125 ivdata.length = sizeof(mit_des_cblock); 126 127 ret = k5_ef_crypto((const char *)in, (char *)out, 128 length, key, &ivdata, encrypt); 129 130 /* EXPORT DELETE END */ 131 KRB5_LOG(KRB5_INFO, "mit_des3_cbc_encrypt() end retval=%d", ret); 132 return(ret); 133 } 134 #endif /* !_KERNEL */ 135