Print this page
first pass


  20  * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
  21  * in advertising or publicity pertaining to distribution of the software
  22  * without specific, written prior permission.  Richard P. Basch,
  23  * Lehman Brothers and M.I.T. make no representations about the suitability
  24  * of this software for any purpose.  It is provided "as is" without
  25  * express or implied warranty.
  26  */
  27 
  28 #include "des_int.h"
  29 
  30 /*
  31  * Triple-DES CBC encryption mode.
  32  */
  33 #ifndef _KERNEL
  34 int
  35 mit_des3_cbc_encrypt(krb5_context context, const mit_des_cblock *in, mit_des_cblock *out,
  36                      unsigned long length, krb5_keyblock *key,
  37                      const mit_des_cblock ivec, int encrypt)
  38 {
  39     int ret = KRB5_PROG_ETYPE_NOSUPP;
  40 /* EXPORT DELETE START */
  41     KRB5_MECH_TO_PKCS algos;
  42     CK_MECHANISM mechanism;
  43     CK_RV rv;
  44     /* For the Key Object */
  45     ret = 0;
  46 
  47     if ((rv = get_algo(key->enctype, &algos)) != CKR_OK) {
  48         KRB5_LOG0(KRB5_ERR, "failure to get algo id in function "
  49             "mit_des3_cbc_encrypt.");
  50         ret = PKCS_ERR;
  51         goto cleanup;
  52     }
  53 
  54     rv = init_key_uef(krb_ctx_hSession(context), key);
  55     if (rv != CKR_OK) {
  56         KRB5_LOG(KRB5_ERR, "init_key_uef failed in "
  57             "mit_des3_cbc_encrypt: rv = 0x%0x", rv);
  58         ret = PKCS_ERR;
  59         goto cleanup;
  60     }


  82         rv = C_Encrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in,
  83             (CK_ULONG)length, (CK_BYTE_PTR)out,
  84             (CK_ULONG_PTR)&length);
  85     else
  86         rv = C_Decrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in,
  87             (CK_ULONG)length, (CK_BYTE_PTR)out,
  88             (CK_ULONG_PTR)&length);
  89 
  90     if (rv != CKR_OK) {
  91             KRB5_LOG(KRB5_ERR,
  92                 "C_Encrypt/C_Decrypt failed in mit_des3_cbc_encrypt: "
  93                 "rv = 0x%x", rv);
  94             ret = PKCS_ERR;
  95     }
  96 cleanup:
  97 
  98 final_cleanup:
  99     if (ret)
 100         (void) memset(out, 0, length);
 101 
 102 /* EXPORT DELETE END */
 103     KRB5_LOG(KRB5_INFO, "mit_des3_cbc_encrypt() end ret=%d\n", ret); 
 104     return(ret);
 105 }
 106 
 107 #else
 108 #include <sys/crypto/api.h>
 109 
 110 /* ARGSUSED */
 111 int
 112 mit_des3_cbc_encrypt(krb5_context context,
 113         const mit_des_cblock *in,
 114         mit_des_cblock *out,
 115         unsigned long length, krb5_keyblock *key,
 116         const mit_des_cblock ivec, int encrypt)
 117 {
 118         int ret = KRB5_PROG_ETYPE_NOSUPP;
 119 /* EXPORT DELETE START */
 120         krb5_data ivdata;
 121 
 122         KRB5_LOG(KRB5_INFO, "mit_des3_cbc_encrypt() start encrypt=%d", encrypt);
 123 
 124         ivdata.data = (char *)ivec;
 125         ivdata.length = sizeof(mit_des_cblock);
 126 
 127         ret = k5_ef_crypto((const char *)in, (char *)out,
 128                         length, key, &ivdata, encrypt);
 129 
 130 /* EXPORT DELETE END */
 131         KRB5_LOG(KRB5_INFO, "mit_des3_cbc_encrypt() end retval=%d", ret);
 132         return(ret);
 133 }
 134 #endif /* !_KERNEL */


  20  * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used
  21  * in advertising or publicity pertaining to distribution of the software
  22  * without specific, written prior permission.  Richard P. Basch,
  23  * Lehman Brothers and M.I.T. make no representations about the suitability
  24  * of this software for any purpose.  It is provided "as is" without
  25  * express or implied warranty.
  26  */
  27 
  28 #include "des_int.h"
  29 
  30 /*
  31  * Triple-DES CBC encryption mode.
  32  */
  33 #ifndef _KERNEL
  34 int
  35 mit_des3_cbc_encrypt(krb5_context context, const mit_des_cblock *in, mit_des_cblock *out,
  36                      unsigned long length, krb5_keyblock *key,
  37                      const mit_des_cblock ivec, int encrypt)
  38 {
  39     int ret = KRB5_PROG_ETYPE_NOSUPP;

  40     KRB5_MECH_TO_PKCS algos;
  41     CK_MECHANISM mechanism;
  42     CK_RV rv;
  43     /* For the Key Object */
  44     ret = 0;
  45 
  46     if ((rv = get_algo(key->enctype, &algos)) != CKR_OK) {
  47         KRB5_LOG0(KRB5_ERR, "failure to get algo id in function "
  48             "mit_des3_cbc_encrypt.");
  49         ret = PKCS_ERR;
  50         goto cleanup;
  51     }
  52 
  53     rv = init_key_uef(krb_ctx_hSession(context), key);
  54     if (rv != CKR_OK) {
  55         KRB5_LOG(KRB5_ERR, "init_key_uef failed in "
  56             "mit_des3_cbc_encrypt: rv = 0x%0x", rv);
  57         ret = PKCS_ERR;
  58         goto cleanup;
  59     }


  81         rv = C_Encrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in,
  82             (CK_ULONG)length, (CK_BYTE_PTR)out,
  83             (CK_ULONG_PTR)&length);
  84     else
  85         rv = C_Decrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in,
  86             (CK_ULONG)length, (CK_BYTE_PTR)out,
  87             (CK_ULONG_PTR)&length);
  88 
  89     if (rv != CKR_OK) {
  90             KRB5_LOG(KRB5_ERR,
  91                 "C_Encrypt/C_Decrypt failed in mit_des3_cbc_encrypt: "
  92                 "rv = 0x%x", rv);
  93             ret = PKCS_ERR;
  94     }
  95 cleanup:
  96 
  97 final_cleanup:
  98     if (ret)
  99         (void) memset(out, 0, length);
 100 

 101     KRB5_LOG(KRB5_INFO, "mit_des3_cbc_encrypt() end ret=%d\n", ret); 
 102     return(ret);
 103 }
 104 
 105 #else
 106 #include <sys/crypto/api.h>
 107 
 108 /* ARGSUSED */
 109 int
 110 mit_des3_cbc_encrypt(krb5_context context,
 111         const mit_des_cblock *in,
 112         mit_des_cblock *out,
 113         unsigned long length, krb5_keyblock *key,
 114         const mit_des_cblock ivec, int encrypt)
 115 {
 116         int ret = KRB5_PROG_ETYPE_NOSUPP;

 117         krb5_data ivdata;
 118 
 119         KRB5_LOG(KRB5_INFO, "mit_des3_cbc_encrypt() start encrypt=%d", encrypt);
 120 
 121         ivdata.data = (char *)ivec;
 122         ivdata.length = sizeof(mit_des_cblock);
 123 
 124         ret = k5_ef_crypto((const char *)in, (char *)out,
 125                         length, key, &ivdata, encrypt);
 126 

 127         KRB5_LOG(KRB5_INFO, "mit_des3_cbc_encrypt() end retval=%d", ret);
 128         return(ret);
 129 }
 130 #endif /* !_KERNEL */