23 */
24
25 /* SUNW14resync - sparcv9 cc complained about lack of object init */
26 /* = all zero */
27 const mit_des_cblock mit_des_zeroblock = {0, 0, 0, 0, 0, 0, 0, 0};
28
29 #undef mit_des_cbc_encrypt
30
31 #ifndef _KERNEL
32 int
33 mit_des_cbc_encrypt(context, in, out, length, key, ivec, encrypt)
34 krb5_context context;
35 const mit_des_cblock *in;
36 mit_des_cblock *out;
37 long length;
38 krb5_keyblock *key;
39 mit_des_cblock ivec;
40 int encrypt;
41 {
42 krb5_error_code ret = KRB5_PROG_ETYPE_NOSUPP;
43 /* EXPORT DELETE START */
44 KRB5_MECH_TO_PKCS algos;
45 CK_MECHANISM mechanism;
46 CK_RV rv;
47 /* For the Key Object */
48
49 ret = 0;
50 if ((rv = get_algo(key->enctype, &algos)) != CKR_OK) {
51 KRB5_LOG0(KRB5_ERR, "failure to get algo id in function "
52 "mit_des_cbc_encrypt.");
53 ret = PKCS_ERR;
54 goto cleanup;
55 }
56
57 rv = init_key_uef(krb_ctx_hSession(context), key);
58 if (rv != CKR_OK) {
59 KRB5_LOG(KRB5_ERR, "init_key_uef failed in "
60 "mit_des_cbc_encrypt: rv = 0x%x", rv);
61 ret = PKCS_ERR;
62 goto cleanup;
63 }
85 rv = C_Encrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in,
86 (CK_ULONG)length, (CK_BYTE_PTR)out,
87 (CK_ULONG_PTR)&length);
88 else
89 rv = C_Decrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in,
90 (CK_ULONG)length, (CK_BYTE_PTR)out,
91 (CK_ULONG_PTR)&length);
92
93 if (rv != CKR_OK) {
94 KRB5_LOG(KRB5_ERR,
95 "C_Encrypt/C_Decrypt failed in mit_des_cbc_encrypt: "
96 "rv = 0x%x", rv);
97 ret = PKCS_ERR;
98 }
99 cleanup:
100
101 final_cleanup:
102 if (ret)
103 (void) memset(out, 0, length);
104
105 /* EXPORT DELETE END */
106 KRB5_LOG(KRB5_INFO, "mit_des_cbc_encrypt() end retval=%d", ret);
107
108 return(ret);
109 }
110 #else
111
112 /*
113 * This routine performs DES cipher-block-chaining operation, either
114 * encrypting from cleartext to ciphertext, if encrypt != 0 or
115 * decrypting from ciphertext to cleartext, if encrypt == 0.
116 *
117 * The key schedule is passed as an arg, as well as the cleartext or
118 * ciphertext. The cleartext and ciphertext should be in host order.
119 *
120 * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
121 * enough space was provided, your program will get trashed.
122 *
123 * For encryption, the cleartext string is null padded, at the end, to
124 * an integral multiple of eight bytes.
125 *
126 * For decryption, the ciphertext will be used in integral multiples
127 * of 8 bytes, but only the first "length" bytes returned into the
128 * cleartext.
129 */
130
131 /* ARGSUSED */
132 int
133 mit_des_cbc_encrypt(krb5_context context,
134 const mit_des_cblock *in,
135 mit_des_cblock *out,
136 long length, krb5_keyblock *key,
137 mit_des_cblock ivec, int encrypt)
138 {
139 int ret = KRB5_PROG_ETYPE_NOSUPP;
140 /* EXPORT DELETE START */
141 krb5_data ivdata;
142 ret = 0;
143
144 KRB5_LOG(KRB5_INFO, "mit_des_cbc_encrypt() start encrypt=%d", encrypt);
145
146 ivdata.data = (char *)ivec;
147 ivdata.length = sizeof(mit_des_cblock);
148
149 ret = k5_ef_crypto((const char *)in,
150 (char *)out, length, key, &ivdata, encrypt);
151
152 /* EXPORT DELETE END */
153 KRB5_LOG(KRB5_INFO, "mit_des_cbc_encrypt() end retval=%d", ret);
154 return(ret);
155 }
156 #endif /* !_KERNEL */
|
23 */
24
25 /* SUNW14resync - sparcv9 cc complained about lack of object init */
26 /* = all zero */
27 const mit_des_cblock mit_des_zeroblock = {0, 0, 0, 0, 0, 0, 0, 0};
28
29 #undef mit_des_cbc_encrypt
30
31 #ifndef _KERNEL
32 int
33 mit_des_cbc_encrypt(context, in, out, length, key, ivec, encrypt)
34 krb5_context context;
35 const mit_des_cblock *in;
36 mit_des_cblock *out;
37 long length;
38 krb5_keyblock *key;
39 mit_des_cblock ivec;
40 int encrypt;
41 {
42 krb5_error_code ret = KRB5_PROG_ETYPE_NOSUPP;
43 KRB5_MECH_TO_PKCS algos;
44 CK_MECHANISM mechanism;
45 CK_RV rv;
46 /* For the Key Object */
47
48 ret = 0;
49 if ((rv = get_algo(key->enctype, &algos)) != CKR_OK) {
50 KRB5_LOG0(KRB5_ERR, "failure to get algo id in function "
51 "mit_des_cbc_encrypt.");
52 ret = PKCS_ERR;
53 goto cleanup;
54 }
55
56 rv = init_key_uef(krb_ctx_hSession(context), key);
57 if (rv != CKR_OK) {
58 KRB5_LOG(KRB5_ERR, "init_key_uef failed in "
59 "mit_des_cbc_encrypt: rv = 0x%x", rv);
60 ret = PKCS_ERR;
61 goto cleanup;
62 }
84 rv = C_Encrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in,
85 (CK_ULONG)length, (CK_BYTE_PTR)out,
86 (CK_ULONG_PTR)&length);
87 else
88 rv = C_Decrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in,
89 (CK_ULONG)length, (CK_BYTE_PTR)out,
90 (CK_ULONG_PTR)&length);
91
92 if (rv != CKR_OK) {
93 KRB5_LOG(KRB5_ERR,
94 "C_Encrypt/C_Decrypt failed in mit_des_cbc_encrypt: "
95 "rv = 0x%x", rv);
96 ret = PKCS_ERR;
97 }
98 cleanup:
99
100 final_cleanup:
101 if (ret)
102 (void) memset(out, 0, length);
103
104 KRB5_LOG(KRB5_INFO, "mit_des_cbc_encrypt() end retval=%d", ret);
105
106 return(ret);
107 }
108 #else
109
110 /*
111 * This routine performs DES cipher-block-chaining operation, either
112 * encrypting from cleartext to ciphertext, if encrypt != 0 or
113 * decrypting from ciphertext to cleartext, if encrypt == 0.
114 *
115 * The key schedule is passed as an arg, as well as the cleartext or
116 * ciphertext. The cleartext and ciphertext should be in host order.
117 *
118 * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
119 * enough space was provided, your program will get trashed.
120 *
121 * For encryption, the cleartext string is null padded, at the end, to
122 * an integral multiple of eight bytes.
123 *
124 * For decryption, the ciphertext will be used in integral multiples
125 * of 8 bytes, but only the first "length" bytes returned into the
126 * cleartext.
127 */
128
129 /* ARGSUSED */
130 int
131 mit_des_cbc_encrypt(krb5_context context,
132 const mit_des_cblock *in,
133 mit_des_cblock *out,
134 long length, krb5_keyblock *key,
135 mit_des_cblock ivec, int encrypt)
136 {
137 int ret = KRB5_PROG_ETYPE_NOSUPP;
138 krb5_data ivdata;
139 ret = 0;
140
141 KRB5_LOG(KRB5_INFO, "mit_des_cbc_encrypt() start encrypt=%d", encrypt);
142
143 ivdata.data = (char *)ivec;
144 ivdata.length = sizeof(mit_des_cblock);
145
146 ret = k5_ef_crypto((const char *)in,
147 (char *)out, length, key, &ivdata, encrypt);
148
149 KRB5_LOG(KRB5_INFO, "mit_des_cbc_encrypt() end retval=%d", ret);
150 return(ret);
151 }
152 #endif /* !_KERNEL */
|