Print this page
3882 remove xmod & friends
Split |
Close |
Expand all |
Collapse all |
--- old/usr/src/uts/common/gssapi/mechs/krb5/crypto/des/f_cbc.c
+++ new/usr/src/uts/common/gssapi/mechs/krb5/crypto/des/f_cbc.c
1 1 /*
2 2 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
3 3 * Use is subject to license terms.
4 4 */
5 5
6 6
7 7 /*
8 8 * Copyright (c) 1990 Dennis Ferguson. All rights reserved.
9 9 *
10 10 * Commercial use is permitted only if products which are derived from
11 11 * or include this software are made available for purchase and/or use
12 12 * in Canada. Otherwise, redistribution and use in source and binary
13 13 * forms are permitted.
14 14 */
15 15
16 16 /*
17 17 * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
18 18 */
19 19 #include "des_int.h"
20 20
21 21 /*
22 22 * des_cbc_encrypt - {en,de}crypt a stream in CBC mode
23 23 */
24 24
25 25 /* SUNW14resync - sparcv9 cc complained about lack of object init */
26 26 /* = all zero */
27 27 const mit_des_cblock mit_des_zeroblock = {0, 0, 0, 0, 0, 0, 0, 0};
28 28
29 29 #undef mit_des_cbc_encrypt
30 30
31 31 #ifndef _KERNEL
32 32 int
↓ open down ↓ |
32 lines elided |
↑ open up ↑ |
33 33 mit_des_cbc_encrypt(context, in, out, length, key, ivec, encrypt)
34 34 krb5_context context;
35 35 const mit_des_cblock *in;
36 36 mit_des_cblock *out;
37 37 long length;
38 38 krb5_keyblock *key;
39 39 mit_des_cblock ivec;
40 40 int encrypt;
41 41 {
42 42 krb5_error_code ret = KRB5_PROG_ETYPE_NOSUPP;
43 -/* EXPORT DELETE START */
44 43 KRB5_MECH_TO_PKCS algos;
45 44 CK_MECHANISM mechanism;
46 45 CK_RV rv;
47 46 /* For the Key Object */
48 47
49 48 ret = 0;
50 49 if ((rv = get_algo(key->enctype, &algos)) != CKR_OK) {
51 50 KRB5_LOG0(KRB5_ERR, "failure to get algo id in function "
52 51 "mit_des_cbc_encrypt.");
53 52 ret = PKCS_ERR;
54 53 goto cleanup;
55 54 }
56 55
57 56 rv = init_key_uef(krb_ctx_hSession(context), key);
58 57 if (rv != CKR_OK) {
59 58 KRB5_LOG(KRB5_ERR, "init_key_uef failed in "
60 59 "mit_des_cbc_encrypt: rv = 0x%x", rv);
61 60 ret = PKCS_ERR;
62 61 goto cleanup;
63 62 }
64 63
65 64 mechanism.mechanism = algos.enc_algo;
66 65 mechanism.pParameter = ivec;
67 66 if (ivec != NULL)
68 67 mechanism.ulParameterLen = MIT_DES_BLOCK_LENGTH;
69 68 else
70 69 mechanism.ulParameterLen = 0;
71 70
72 71 if (encrypt)
73 72 rv = C_EncryptInit(krb_ctx_hSession(context), &mechanism, key->hKey);
74 73 else
75 74 rv = C_DecryptInit(krb_ctx_hSession(context), &mechanism, key->hKey);
76 75
77 76 if (rv != CKR_OK) {
78 77 KRB5_LOG(KRB5_ERR, "C_EncryptInit/C_DecryptInit failed in "
79 78 "mit_des_cbc_encrypt: rv = 0x%x", rv);
80 79 ret = PKCS_ERR;
81 80 goto cleanup;
82 81 }
83 82
84 83 if (encrypt)
85 84 rv = C_Encrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in,
86 85 (CK_ULONG)length, (CK_BYTE_PTR)out,
87 86 (CK_ULONG_PTR)&length);
88 87 else
89 88 rv = C_Decrypt(krb_ctx_hSession(context), (CK_BYTE_PTR)in,
90 89 (CK_ULONG)length, (CK_BYTE_PTR)out,
91 90 (CK_ULONG_PTR)&length);
92 91
93 92 if (rv != CKR_OK) {
94 93 KRB5_LOG(KRB5_ERR,
↓ open down ↓ |
41 lines elided |
↑ open up ↑ |
95 94 "C_Encrypt/C_Decrypt failed in mit_des_cbc_encrypt: "
96 95 "rv = 0x%x", rv);
97 96 ret = PKCS_ERR;
98 97 }
99 98 cleanup:
100 99
101 100 final_cleanup:
102 101 if (ret)
103 102 (void) memset(out, 0, length);
104 103
105 -/* EXPORT DELETE END */
106 104 KRB5_LOG(KRB5_INFO, "mit_des_cbc_encrypt() end retval=%d", ret);
107 105
108 106 return(ret);
109 107 }
110 108 #else
111 109
112 110 /*
113 111 * This routine performs DES cipher-block-chaining operation, either
114 112 * encrypting from cleartext to ciphertext, if encrypt != 0 or
115 113 * decrypting from ciphertext to cleartext, if encrypt == 0.
116 114 *
117 115 * The key schedule is passed as an arg, as well as the cleartext or
118 116 * ciphertext. The cleartext and ciphertext should be in host order.
119 117 *
120 118 * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
121 119 * enough space was provided, your program will get trashed.
122 120 *
123 121 * For encryption, the cleartext string is null padded, at the end, to
124 122 * an integral multiple of eight bytes.
125 123 *
126 124 * For decryption, the ciphertext will be used in integral multiples
127 125 * of 8 bytes, but only the first "length" bytes returned into the
128 126 * cleartext.
129 127 */
↓ open down ↓ |
14 lines elided |
↑ open up ↑ |
130 128
131 129 /* ARGSUSED */
132 130 int
133 131 mit_des_cbc_encrypt(krb5_context context,
134 132 const mit_des_cblock *in,
135 133 mit_des_cblock *out,
136 134 long length, krb5_keyblock *key,
137 135 mit_des_cblock ivec, int encrypt)
138 136 {
139 137 int ret = KRB5_PROG_ETYPE_NOSUPP;
140 -/* EXPORT DELETE START */
141 138 krb5_data ivdata;
142 139 ret = 0;
143 140
144 141 KRB5_LOG(KRB5_INFO, "mit_des_cbc_encrypt() start encrypt=%d", encrypt);
145 142
146 143 ivdata.data = (char *)ivec;
147 144 ivdata.length = sizeof(mit_des_cblock);
148 145
149 146 ret = k5_ef_crypto((const char *)in,
150 147 (char *)out, length, key, &ivdata, encrypt);
151 148
152 -/* EXPORT DELETE END */
153 149 KRB5_LOG(KRB5_INFO, "mit_des_cbc_encrypt() end retval=%d", ret);
154 150 return(ret);
155 151 }
156 152 #endif /* !_KERNEL */
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX