1/* 2 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6#pragma ident "%Z%%M% %I% %E% SMI" 7 8#include <des_int.h> 9#include <sys/crypto/api.h> 10 11#include <sys/callb.h> 12#include <sys/uio.h> 13#include <sys/cmn_err.h> 14 15int 16k5_ef_crypto(const char *in, char *out, 17 long length, krb5_keyblock *key, 18 const krb5_data *ivec, int encrypt_flag) 19{ 20 int rv = CRYPTO_FAILED; 21 22 crypto_mechanism_t mech; 23 crypto_data_t d1, d2; 24 25 ASSERT(in != NULL); 26 ASSERT(out != NULL); 27 ASSERT(key != NULL); 28 ASSERT(key->contents != NULL); 29 30 bzero(&d1, sizeof (d1)); 31 bzero(&d2, sizeof (d2)); 32 33 d1.cd_format = CRYPTO_DATA_RAW; 34 d1.cd_offset = 0; 35 d1.cd_length = length; 36 d1.cd_raw.iov_base = (char *)in; 37 d1.cd_raw.iov_len = length; 38 39 d2.cd_format = CRYPTO_DATA_RAW; 40 d2.cd_offset = 0; 41 d2.cd_length = length; 42 d2.cd_raw.iov_base = (char *)out; 43 d2.cd_raw.iov_len = length; 44 45 mech.cm_type = key->kef_mt; 46 if (mech.cm_type == CRYPTO_MECH_INVALID) { 47 KRB5_LOG(KRB5_ERR, 48 "k5_ef_crypto - invalid crypto mech type: 0x%llx", 49 (long long)key->kef_mt); 50 return (CRYPTO_FAILED); 51 } 52 53 if (ivec != NULL) { 54 mech.cm_param_len = ivec->length; 55 mech.cm_param = (char *)ivec->data; 56 } else { 57 mech.cm_param_len = 0; 58 mech.cm_param = NULL; 59 } 60 61 if (encrypt_flag) 62 rv = crypto_encrypt(&mech, &d1, 63 &key->kef_key, 64 key->key_tmpl, 65 (in != out ? &d2 : NULL), 66 NULL); 67 else 68 rv = crypto_decrypt(&mech, &d1, 69 &key->kef_key, 70 key->key_tmpl, 71 (in != out ? &d2 : NULL), 72 NULL); 73 74 if (rv != CRYPTO_SUCCESS) { 75 KRB5_LOG1(KRB5_ERR, 76 "k5_ef_crypto: %s error: rv = 0x%08x", 77 (encrypt_flag ? "encrypt" : "decrypt"), 78 rv); 79 return (CRYPTO_FAILED); 80 } 81 82 return (0); 83} 84