1 /*
2 * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
5
6 #pragma ident "%Z%%M% %I% %E% SMI"
7
8 #include <des_int.h>
9 #include <sys/crypto/api.h>
10
11 #include <sys/callb.h>
12 #include <sys/uio.h>
13 #include <sys/cmn_err.h>
14
15 int
k5_ef_crypto(const char * in,char * out,long length,krb5_keyblock * key,const krb5_data * ivec,int encrypt_flag)16 k5_ef_crypto(const char *in, char *out,
17 long length, krb5_keyblock *key,
18 const krb5_data *ivec, int encrypt_flag)
19 {
20 int rv = CRYPTO_FAILED;
21
22 crypto_mechanism_t mech;
23 crypto_data_t d1, d2;
24
25 ASSERT(in != NULL);
26 ASSERT(out != NULL);
27 ASSERT(key != NULL);
28 ASSERT(key->contents != NULL);
29
30 bzero(&d1, sizeof (d1));
31 bzero(&d2, sizeof (d2));
32
33 d1.cd_format = CRYPTO_DATA_RAW;
34 d1.cd_offset = 0;
35 d1.cd_length = length;
36 d1.cd_raw.iov_base = (char *)in;
37 d1.cd_raw.iov_len = length;
38
39 d2.cd_format = CRYPTO_DATA_RAW;
40 d2.cd_offset = 0;
41 d2.cd_length = length;
42 d2.cd_raw.iov_base = (char *)out;
43 d2.cd_raw.iov_len = length;
44
45 mech.cm_type = key->kef_mt;
46 if (mech.cm_type == CRYPTO_MECH_INVALID) {
47 KRB5_LOG(KRB5_ERR,
48 "k5_ef_crypto - invalid crypto mech type: 0x%llx",
49 (long long)key->kef_mt);
50 return (CRYPTO_FAILED);
51 }
52
53 if (ivec != NULL) {
54 mech.cm_param_len = ivec->length;
55 mech.cm_param = (char *)ivec->data;
56 } else {
57 mech.cm_param_len = 0;
58 mech.cm_param = NULL;
59 }
60
61 if (encrypt_flag)
62 rv = crypto_encrypt(&mech, &d1,
63 &key->kef_key,
64 key->key_tmpl,
65 (in != out ? &d2 : NULL),
66 NULL);
67 else
68 rv = crypto_decrypt(&mech, &d1,
69 &key->kef_key,
70 key->key_tmpl,
71 (in != out ? &d2 : NULL),
72 NULL);
73
74 if (rv != CRYPTO_SUCCESS) {
75 KRB5_LOG1(KRB5_ERR,
76 "k5_ef_crypto: %s error: rv = 0x%08x",
77 (encrypt_flag ? "encrypt" : "decrypt"),
78 rv);
79 return (CRYPTO_FAILED);
80 }
81
82 return (0);
83 }
84