xref: /illumos-gate/usr/src/uts/common/gssapi/mechs/krb5/crypto/decrypt.c (revision 2a6e99a0f1f7d22c0396e8b2ce9b9babbd1056cf)
1 /*
2  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 /*
7  * Copyright (C) 1998 by the FundsXpress, INC.
8  *
9  * All rights reserved.
10  *
11  * Export of this software from the United States of America may require
12  * a specific license from the United States Government.  It is the
13  * responsibility of any person or organization contemplating export to
14  * obtain such a license before exporting.
15  *
16  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
17  * distribute this software and its documentation for any purpose and
18  * without fee is hereby granted, provided that the above copyright
19  * notice appear in all copies and that both that copyright notice and
20  * this permission notice appear in supporting documentation, and that
21  * the name of FundsXpress. not be used in advertising or publicity pertaining
22  * to distribution of the software without specific, written prior
23  * permission.  FundsXpress makes no representations about the suitability of
24  * this software for any purpose.  It is provided "as is" without express
25  * or implied warranty.
26  *
27  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
28  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
29  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
30  */
31 
32 #include "k5-int.h"
33 #include "etypes.h"
34 
35 /*ARGSUSED*/
36 krb5_error_code KRB5_CALLCONV
37 krb5_c_decrypt(krb5_context context, const krb5_keyblock *key,
38 	       krb5_keyusage usage, const krb5_data *ivec,
39 	       const krb5_enc_data *input, krb5_data *output)
40 {
41     int i;
42     krb5_error_code ret = 0;
43 
44     for (i=0; i<krb5_enctypes_length; i++) {
45 	if (krb5_enctypes_list[i].etype == key->enctype)
46 	    break;
47     }
48 
49     if (i == krb5_enctypes_length)
50 	return(KRB5_BAD_ENCTYPE);
51 
52     if ((input->enctype != ENCTYPE_UNKNOWN) &&
53 	(krb5_enctypes_list[i].etype != input->enctype))
54 	return(KRB5_BAD_ENCTYPE);
55 
56 /* Solaris Kerberos */
57 #ifdef _KERNEL
58     context->kef_cipher_mt = krb5_enctypes_list[i].kef_cipher_mt;
59     context->kef_hash_mt = krb5_enctypes_list[i].kef_hash_mt;
60     if (key->kef_key.ck_data == NULL)
61       ret = init_key_kef(context->kef_cipher_mt, (krb5_keyblock *)key);
62     if (ret)
63 	    return(ret);
64 
65 #else
66     if ((ret = init_key_uef(krb_ctx_hSession(context), (krb5_keyblock *)key)))
67 	return (ret);
68 
69 #endif /* _KERNEL */
70 
71     /* Solaris Kerberos */
72     return((*(krb5_enctypes_list[i].decrypt))
73 	   (context, krb5_enctypes_list[i].enc, krb5_enctypes_list[i].hash,
74 	    key, usage, ivec, &input->ciphertext, output));
75 }
76