17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 547c883c7Sdinak * Common Development and Distribution License (the "License"). 647c883c7Sdinak * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*d288ba74SAnthony Scarpino * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate #include <pthread.h> 277c478bd9Sstevel@tonic-gate #include <security/cryptoki.h> 287c478bd9Sstevel@tonic-gate #include "softGlobal.h" 297c478bd9Sstevel@tonic-gate #include "softSession.h" 307c478bd9Sstevel@tonic-gate #include "softObject.h" 317c478bd9Sstevel@tonic-gate #include "softOps.h" 327c478bd9Sstevel@tonic-gate 337c478bd9Sstevel@tonic-gate 347c478bd9Sstevel@tonic-gate CK_RV 357c478bd9Sstevel@tonic-gate C_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 367c478bd9Sstevel@tonic-gate CK_OBJECT_HANDLE hKey) 377c478bd9Sstevel@tonic-gate { 387c478bd9Sstevel@tonic-gate 397c478bd9Sstevel@tonic-gate CK_RV rv; 407c478bd9Sstevel@tonic-gate soft_session_t *session_p; 417c478bd9Sstevel@tonic-gate soft_object_t *key_p; 427c478bd9Sstevel@tonic-gate boolean_t lock_held = B_FALSE; 437c478bd9Sstevel@tonic-gate 447c478bd9Sstevel@tonic-gate if (!softtoken_initialized) 457c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED); 467c478bd9Sstevel@tonic-gate 477c478bd9Sstevel@tonic-gate /* Obtain the session pointer. */ 487c478bd9Sstevel@tonic-gate rv = handle2session(hSession, &session_p); 497c478bd9Sstevel@tonic-gate if (rv != CKR_OK) 507c478bd9Sstevel@tonic-gate return (rv); 517c478bd9Sstevel@tonic-gate 527c478bd9Sstevel@tonic-gate if (pMechanism == NULL) { 537c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD; 547c478bd9Sstevel@tonic-gate goto clean_exit; 557c478bd9Sstevel@tonic-gate } 567c478bd9Sstevel@tonic-gate 577c478bd9Sstevel@tonic-gate /* Obtain the object pointer. */ 587c478bd9Sstevel@tonic-gate HANDLE2OBJECT(hKey, key_p, rv); 597c478bd9Sstevel@tonic-gate if (rv != CKR_OK) 607c478bd9Sstevel@tonic-gate goto clean_exit; 617c478bd9Sstevel@tonic-gate 627c478bd9Sstevel@tonic-gate /* Check to see if key object allows for encryption. */ 637c478bd9Sstevel@tonic-gate if (!(key_p->bool_attr_mask & ENCRYPT_BOOL_ON)) { 64*d288ba74SAnthony Scarpino rv = CKR_KEY_FUNCTION_NOT_PERMITTED; 657c478bd9Sstevel@tonic-gate goto clean_exit1; 667c478bd9Sstevel@tonic-gate } 677c478bd9Sstevel@tonic-gate 687c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex); 697c478bd9Sstevel@tonic-gate lock_held = B_TRUE; 707c478bd9Sstevel@tonic-gate 717c478bd9Sstevel@tonic-gate /* Check to see if encrypt operation is already active. */ 727c478bd9Sstevel@tonic-gate if (session_p->encrypt.flags & CRYPTO_OPERATION_ACTIVE) { 737c478bd9Sstevel@tonic-gate /* free the memory to avoid memory leak */ 747c478bd9Sstevel@tonic-gate soft_crypt_cleanup(session_p, B_TRUE, lock_held); 757c478bd9Sstevel@tonic-gate } 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate /* 787c478bd9Sstevel@tonic-gate * This active flag will remain ON until application calls either 797c478bd9Sstevel@tonic-gate * C_Encrypt or C_EncryptFinal to actually obtain the final piece 807c478bd9Sstevel@tonic-gate * of ciphertext. 817c478bd9Sstevel@tonic-gate */ 827c478bd9Sstevel@tonic-gate session_p->encrypt.flags = CRYPTO_OPERATION_ACTIVE; 837c478bd9Sstevel@tonic-gate 847c478bd9Sstevel@tonic-gate (void) pthread_mutex_unlock(&session_p->session_mutex); 857c478bd9Sstevel@tonic-gate lock_held = B_FALSE; 867c478bd9Sstevel@tonic-gate 877c478bd9Sstevel@tonic-gate rv = soft_encrypt_init(session_p, pMechanism, key_p); 887c478bd9Sstevel@tonic-gate 897c478bd9Sstevel@tonic-gate if (rv != CKR_OK) { 907c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex); 917c478bd9Sstevel@tonic-gate session_p->encrypt.flags &= ~CRYPTO_OPERATION_ACTIVE; 927c478bd9Sstevel@tonic-gate lock_held = B_TRUE; 937c478bd9Sstevel@tonic-gate } 947c478bd9Sstevel@tonic-gate 957c478bd9Sstevel@tonic-gate clean_exit1: 967c478bd9Sstevel@tonic-gate OBJ_REFRELE(key_p); 977c478bd9Sstevel@tonic-gate clean_exit: 987c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held); 997c478bd9Sstevel@tonic-gate return (rv); 1007c478bd9Sstevel@tonic-gate } 1017c478bd9Sstevel@tonic-gate 1027c478bd9Sstevel@tonic-gate 1037c478bd9Sstevel@tonic-gate CK_RV 1047c478bd9Sstevel@tonic-gate C_Encrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, 1057c478bd9Sstevel@tonic-gate CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen) 1067c478bd9Sstevel@tonic-gate { 1077c478bd9Sstevel@tonic-gate 1087c478bd9Sstevel@tonic-gate CK_RV rv; 1097c478bd9Sstevel@tonic-gate soft_session_t *session_p; 1107c478bd9Sstevel@tonic-gate boolean_t lock_held = B_FALSE; 1117c478bd9Sstevel@tonic-gate 1127c478bd9Sstevel@tonic-gate if (!softtoken_initialized) 1137c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED); 1147c478bd9Sstevel@tonic-gate 1157c478bd9Sstevel@tonic-gate /* Obtain the session pointer. */ 1167c478bd9Sstevel@tonic-gate rv = handle2session(hSession, &session_p); 1177c478bd9Sstevel@tonic-gate if (rv != CKR_OK) 1187c478bd9Sstevel@tonic-gate return (rv); 1197c478bd9Sstevel@tonic-gate 12047c883c7Sdinak /* 12147c883c7Sdinak * Only check if input buffer is null. How to handle zero input 12247c883c7Sdinak * length depends on the mechanism in use. For secret key mechanisms, 12347c883c7Sdinak * unpadded ones yield zero length output, but padded ones always 12447c883c7Sdinak * result in greater than zero length output. 12547c883c7Sdinak */ 1267c478bd9Sstevel@tonic-gate if (pData == NULL) { 1277c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD; 1287c478bd9Sstevel@tonic-gate goto clean_exit; 1297c478bd9Sstevel@tonic-gate } 1307c478bd9Sstevel@tonic-gate 1317c478bd9Sstevel@tonic-gate /* 1327c478bd9Sstevel@tonic-gate * Only check if pulEncryptedDataLen is NULL. 1337c478bd9Sstevel@tonic-gate * No need to check if pEncryptedData is NULL because 1347c478bd9Sstevel@tonic-gate * application might just ask for the length of buffer to hold 1357c478bd9Sstevel@tonic-gate * the ciphertext. 1367c478bd9Sstevel@tonic-gate */ 1377c478bd9Sstevel@tonic-gate if (pulEncryptedDataLen == NULL) { 1387c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD; 1397c478bd9Sstevel@tonic-gate goto clean_exit; 1407c478bd9Sstevel@tonic-gate } 1417c478bd9Sstevel@tonic-gate 1427c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex); 1437c478bd9Sstevel@tonic-gate lock_held = B_TRUE; 1447c478bd9Sstevel@tonic-gate 1457c478bd9Sstevel@tonic-gate /* Application must call C_EncryptInit before calling C_Encrypt. */ 1467c478bd9Sstevel@tonic-gate if (!(session_p->encrypt.flags & CRYPTO_OPERATION_ACTIVE)) { 1477c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held); 1487c478bd9Sstevel@tonic-gate return (CKR_OPERATION_NOT_INITIALIZED); 1497c478bd9Sstevel@tonic-gate } 1507c478bd9Sstevel@tonic-gate 1517c478bd9Sstevel@tonic-gate /* 1527c478bd9Sstevel@tonic-gate * C_Encrypt must be called without intervening C_EncryptUpdate 1537c478bd9Sstevel@tonic-gate * calls. 1547c478bd9Sstevel@tonic-gate */ 1557c478bd9Sstevel@tonic-gate if (session_p->encrypt.flags & CRYPTO_OPERATION_UPDATE) { 1567c478bd9Sstevel@tonic-gate /* 1577c478bd9Sstevel@tonic-gate * C_Encrypt can not be used to terminate a multi-part 1587c478bd9Sstevel@tonic-gate * operation, so we'll leave the active encrypt operation 1597c478bd9Sstevel@tonic-gate * flag on and let the application continue with the 1607c478bd9Sstevel@tonic-gate * encrypt update operation. 1617c478bd9Sstevel@tonic-gate */ 1627c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held); 1637c478bd9Sstevel@tonic-gate return (CKR_FUNCTION_FAILED); 1647c478bd9Sstevel@tonic-gate } 1657c478bd9Sstevel@tonic-gate 1667c478bd9Sstevel@tonic-gate (void) pthread_mutex_unlock(&session_p->session_mutex); 1677c478bd9Sstevel@tonic-gate lock_held = B_FALSE; 1687c478bd9Sstevel@tonic-gate 1697c478bd9Sstevel@tonic-gate rv = soft_encrypt(session_p, pData, ulDataLen, pEncryptedData, 1707c478bd9Sstevel@tonic-gate pulEncryptedDataLen); 1717c478bd9Sstevel@tonic-gate 1727c478bd9Sstevel@tonic-gate if ((rv == CKR_BUFFER_TOO_SMALL) || 1737c478bd9Sstevel@tonic-gate (pEncryptedData == NULL && rv == CKR_OK)) { 1747c478bd9Sstevel@tonic-gate /* 1757c478bd9Sstevel@tonic-gate * We will not terminate the active encrypt operation flag, 1767c478bd9Sstevel@tonic-gate * when the application-supplied buffer is too small, or 1777c478bd9Sstevel@tonic-gate * the application asks for the length of buffer to hold 1787c478bd9Sstevel@tonic-gate * the ciphertext. 1797c478bd9Sstevel@tonic-gate */ 1807c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held); 1817c478bd9Sstevel@tonic-gate return (rv); 1827c478bd9Sstevel@tonic-gate } 1837c478bd9Sstevel@tonic-gate 1847c478bd9Sstevel@tonic-gate clean_exit: 1854c21f043Sizick /* Clear context, free key, and release session counter */ 1864c21f043Sizick soft_crypt_cleanup(session_p, B_TRUE, B_FALSE); 1877c478bd9Sstevel@tonic-gate return (rv); 1887c478bd9Sstevel@tonic-gate } 1897c478bd9Sstevel@tonic-gate 1907c478bd9Sstevel@tonic-gate 1917c478bd9Sstevel@tonic-gate CK_RV 1927c478bd9Sstevel@tonic-gate C_EncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, 1937c478bd9Sstevel@tonic-gate CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, 1947c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulEncryptedPartLen) 1957c478bd9Sstevel@tonic-gate { 1967c478bd9Sstevel@tonic-gate 1977c478bd9Sstevel@tonic-gate CK_RV rv; 1987c478bd9Sstevel@tonic-gate soft_session_t *session_p; 1997c478bd9Sstevel@tonic-gate boolean_t lock_held = B_FALSE; 2007c478bd9Sstevel@tonic-gate 2017c478bd9Sstevel@tonic-gate if (!softtoken_initialized) 2027c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED); 2037c478bd9Sstevel@tonic-gate 2047c478bd9Sstevel@tonic-gate /* Obtain the session pointer. */ 2057c478bd9Sstevel@tonic-gate rv = handle2session(hSession, &session_p); 2067c478bd9Sstevel@tonic-gate if (rv != CKR_OK) 2077c478bd9Sstevel@tonic-gate return (rv); 2087c478bd9Sstevel@tonic-gate 20947c883c7Sdinak /* 21047c883c7Sdinak * Only check if input buffer is null. How to handle zero input 21147c883c7Sdinak * length depends on the mechanism in use. For secret key mechanisms, 21247c883c7Sdinak * unpadded ones yeild zero length output, but padded ones always 21347c883c7Sdinak * result in greater than zero length output. 21447c883c7Sdinak */ 2157c478bd9Sstevel@tonic-gate if (pPart == NULL) { 2167c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD; 2177c478bd9Sstevel@tonic-gate goto clean_exit; 2187c478bd9Sstevel@tonic-gate } 2197c478bd9Sstevel@tonic-gate 2207c478bd9Sstevel@tonic-gate /* 2217c478bd9Sstevel@tonic-gate * Only check if pulEncryptedPartLen is NULL. 2227c478bd9Sstevel@tonic-gate * No need to check if pEncryptedPart is NULL because 2237c478bd9Sstevel@tonic-gate * application might just ask for the length of buffer to hold 2247c478bd9Sstevel@tonic-gate * the ciphertext. 2257c478bd9Sstevel@tonic-gate */ 2267c478bd9Sstevel@tonic-gate if (pulEncryptedPartLen == NULL) { 2277c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD; 2287c478bd9Sstevel@tonic-gate goto clean_exit; 2297c478bd9Sstevel@tonic-gate } 2307c478bd9Sstevel@tonic-gate 2317c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex); 2327c478bd9Sstevel@tonic-gate lock_held = B_TRUE; 2337c478bd9Sstevel@tonic-gate 2347c478bd9Sstevel@tonic-gate /* 2357c478bd9Sstevel@tonic-gate * Application must call C_EncryptInit before calling 2367c478bd9Sstevel@tonic-gate * C_EncryptUpdate. 2377c478bd9Sstevel@tonic-gate */ 2387c478bd9Sstevel@tonic-gate if (!(session_p->encrypt.flags & CRYPTO_OPERATION_ACTIVE)) { 2397c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held); 2407c478bd9Sstevel@tonic-gate return (CKR_OPERATION_NOT_INITIALIZED); 2417c478bd9Sstevel@tonic-gate } 2427c478bd9Sstevel@tonic-gate 2437c478bd9Sstevel@tonic-gate session_p->encrypt.flags |= CRYPTO_OPERATION_UPDATE; 2447c478bd9Sstevel@tonic-gate 2457c478bd9Sstevel@tonic-gate (void) pthread_mutex_unlock(&session_p->session_mutex); 2467c478bd9Sstevel@tonic-gate lock_held = B_FALSE; 2477c478bd9Sstevel@tonic-gate 2487c478bd9Sstevel@tonic-gate rv = soft_encrypt_update(session_p, pPart, ulPartLen, 2497c478bd9Sstevel@tonic-gate pEncryptedPart, pulEncryptedPartLen); 2507c478bd9Sstevel@tonic-gate 2517c478bd9Sstevel@tonic-gate /* 2527c478bd9Sstevel@tonic-gate * If CKR_OK or CKR_BUFFER_TOO_SMALL, don't terminate the 2537c478bd9Sstevel@tonic-gate * current encryption operation. 2547c478bd9Sstevel@tonic-gate */ 2557c478bd9Sstevel@tonic-gate if ((rv == CKR_OK) || (rv == CKR_BUFFER_TOO_SMALL)) { 2567c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held); 2577c478bd9Sstevel@tonic-gate return (rv); 2587c478bd9Sstevel@tonic-gate } 2597c478bd9Sstevel@tonic-gate 2607c478bd9Sstevel@tonic-gate clean_exit: 2617c478bd9Sstevel@tonic-gate /* 2627c478bd9Sstevel@tonic-gate * After an error occurred, terminate the current encrypt 2637c478bd9Sstevel@tonic-gate * operation by resetting the active and update flags. 2647c478bd9Sstevel@tonic-gate */ 2657c478bd9Sstevel@tonic-gate soft_crypt_cleanup(session_p, B_TRUE, lock_held); 2667c478bd9Sstevel@tonic-gate 2677c478bd9Sstevel@tonic-gate return (rv); 2687c478bd9Sstevel@tonic-gate } 2697c478bd9Sstevel@tonic-gate 2707c478bd9Sstevel@tonic-gate 2717c478bd9Sstevel@tonic-gate CK_RV 2727c478bd9Sstevel@tonic-gate C_EncryptFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastEncryptedPart, 2737c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulLastEncryptedPartLen) 2747c478bd9Sstevel@tonic-gate { 2757c478bd9Sstevel@tonic-gate 2767c478bd9Sstevel@tonic-gate CK_RV rv; 2777c478bd9Sstevel@tonic-gate soft_session_t *session_p; 2787c478bd9Sstevel@tonic-gate boolean_t lock_held = B_FALSE; 2797c478bd9Sstevel@tonic-gate 2807c478bd9Sstevel@tonic-gate if (!softtoken_initialized) 2817c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED); 2827c478bd9Sstevel@tonic-gate 2837c478bd9Sstevel@tonic-gate /* Obtain the session pointer. */ 2847c478bd9Sstevel@tonic-gate rv = handle2session(hSession, &session_p); 2857c478bd9Sstevel@tonic-gate if (rv != CKR_OK) 2867c478bd9Sstevel@tonic-gate return (rv); 2877c478bd9Sstevel@tonic-gate 2887c478bd9Sstevel@tonic-gate if (pulLastEncryptedPartLen == NULL) { 2897c478bd9Sstevel@tonic-gate rv = CKR_ARGUMENTS_BAD; 2907c478bd9Sstevel@tonic-gate goto clean_exit; 2917c478bd9Sstevel@tonic-gate } 2927c478bd9Sstevel@tonic-gate 2937c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex); 2947c478bd9Sstevel@tonic-gate lock_held = B_TRUE; 2957c478bd9Sstevel@tonic-gate 2967c478bd9Sstevel@tonic-gate /* 2977c478bd9Sstevel@tonic-gate * Application must call C_EncryptInit before calling 2987c478bd9Sstevel@tonic-gate * C_EncryptFinal. 2997c478bd9Sstevel@tonic-gate */ 3007c478bd9Sstevel@tonic-gate if (!(session_p->encrypt.flags & CRYPTO_OPERATION_ACTIVE)) { 3017c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held); 3027c478bd9Sstevel@tonic-gate return (CKR_OPERATION_NOT_INITIALIZED); 3037c478bd9Sstevel@tonic-gate } 3047c478bd9Sstevel@tonic-gate 3057c478bd9Sstevel@tonic-gate (void) pthread_mutex_unlock(&session_p->session_mutex); 3067c478bd9Sstevel@tonic-gate lock_held = B_FALSE; 3077c478bd9Sstevel@tonic-gate 3087c478bd9Sstevel@tonic-gate rv = soft_encrypt_final(session_p, pLastEncryptedPart, 3097c478bd9Sstevel@tonic-gate pulLastEncryptedPartLen); 3107c478bd9Sstevel@tonic-gate 3117c478bd9Sstevel@tonic-gate if ((rv == CKR_BUFFER_TOO_SMALL) || 3127c478bd9Sstevel@tonic-gate (pLastEncryptedPart == NULL && rv == CKR_OK)) { 3137c478bd9Sstevel@tonic-gate /* 3147c478bd9Sstevel@tonic-gate * We will not terminate the active encrypt operation flag, 3157c478bd9Sstevel@tonic-gate * when the application-supplied buffer is too small, or 3167c478bd9Sstevel@tonic-gate * the application asks for the length of buffer to hold 3177c478bd9Sstevel@tonic-gate * the ciphertext. 3187c478bd9Sstevel@tonic-gate */ 3197c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held); 3207c478bd9Sstevel@tonic-gate return (rv); 3217c478bd9Sstevel@tonic-gate } 3227c478bd9Sstevel@tonic-gate 3237c478bd9Sstevel@tonic-gate /* Terminates the active encrypt operation. */ 3247c478bd9Sstevel@tonic-gate (void) pthread_mutex_lock(&session_p->session_mutex); 3257c478bd9Sstevel@tonic-gate session_p->encrypt.flags = 0; 3267c478bd9Sstevel@tonic-gate lock_held = B_TRUE; 3277c478bd9Sstevel@tonic-gate SES_REFRELE(session_p, lock_held); 3287c478bd9Sstevel@tonic-gate 3297c478bd9Sstevel@tonic-gate return (rv); 3307c478bd9Sstevel@tonic-gate 3317c478bd9Sstevel@tonic-gate clean_exit: 3327c478bd9Sstevel@tonic-gate /* Terminates the active encrypt operation. */ 3337c478bd9Sstevel@tonic-gate soft_crypt_cleanup(session_p, B_TRUE, lock_held); 3347c478bd9Sstevel@tonic-gate 3357c478bd9Sstevel@tonic-gate return (rv); 3367c478bd9Sstevel@tonic-gate } 337