1 /* 2 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 #include <des_int.h> 7 #include <sys/crypto/api.h> 8 9 #include <sys/callb.h> 10 #include <sys/uio.h> 11 #include <sys/cmn_err.h> 12 13 int 14 k5_ef_crypto(const char *in, char *out, 15 long length, krb5_keyblock *key, 16 const krb5_data *ivec, int encrypt_flag) 17 { 18 int rv = CRYPTO_FAILED; 19 20 crypto_mechanism_t mech; 21 crypto_data_t d1, d2; 22 23 ASSERT(in != NULL); 24 ASSERT(out != NULL); 25 ASSERT(key != NULL); 26 ASSERT(key->contents != NULL); 27 28 bzero(&d1, sizeof (d1)); 29 bzero(&d2, sizeof (d2)); 30 31 d1.cd_format = CRYPTO_DATA_RAW; 32 d1.cd_offset = 0; 33 d1.cd_length = length; 34 d1.cd_raw.iov_base = (char *)in; 35 d1.cd_raw.iov_len = length; 36 37 d2.cd_format = CRYPTO_DATA_RAW; 38 d2.cd_offset = 0; 39 d2.cd_length = length; 40 d2.cd_raw.iov_base = (char *)out; 41 d2.cd_raw.iov_len = length; 42 43 mech.cm_type = key->kef_mt; 44 if (mech.cm_type == CRYPTO_MECH_INVALID) { 45 KRB5_LOG(KRB5_ERR, 46 "k5_ef_crypto - invalid crypto mech type: 0x%llx", 47 (long long)key->kef_mt); 48 return (CRYPTO_FAILED); 49 } 50 51 if (ivec != NULL) { 52 mech.cm_param_len = ivec->length; 53 mech.cm_param = (char *)ivec->data; 54 } else { 55 mech.cm_param_len = 0; 56 mech.cm_param = NULL; 57 } 58 59 if (encrypt_flag) 60 rv = crypto_encrypt(&mech, &d1, 61 &key->kef_key, 62 key->key_tmpl, 63 (in != out ? &d2 : NULL), 64 NULL); 65 else 66 rv = crypto_decrypt(&mech, &d1, 67 &key->kef_key, 68 key->key_tmpl, 69 (in != out ? &d2 : NULL), 70 NULL); 71 72 if (rv != CRYPTO_SUCCESS) { 73 KRB5_LOG1(KRB5_ERR, 74 "k5_ef_crypto: %s error: rv = 0x%08x", 75 (encrypt_flag ? "encrypt" : "decrypt"), 76 rv); 77 return (CRYPTO_FAILED); 78 } 79 80 return (0); 81 } 82