2 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
8 * Copyright (c) 1990 Dennis Ferguson. All rights reserved.
10 * Commercial use is permitted only if products which are derived from
11 * or include this software are made available for purchase and/or use
12 * in Canada. Otherwise, redistribution and use in source and binary
13 * forms are permitted.
17 * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode
22 * des_cbc_encrypt - {en,de}crypt a stream in CBC mode
25 /* SUNW14resync - sparcv9 cc complained about lack of object init */
27 const mit_des_cblock mit_des_zeroblock
= {0, 0, 0, 0, 0, 0, 0, 0};
29 #undef mit_des_cbc_encrypt
33 mit_des_cbc_encrypt(context
, in
, out
, length
, key
, ivec
, encrypt
)
35 const mit_des_cblock
*in
;
42 krb5_error_code ret
= KRB5_PROG_ETYPE_NOSUPP
;
43 KRB5_MECH_TO_PKCS algos
;
44 CK_MECHANISM mechanism
;
46 /* For the Key Object */
49 if ((rv
= get_algo(key
->enctype
, &algos
)) != CKR_OK
) {
50 KRB5_LOG0(KRB5_ERR
, "failure to get algo id in function "
51 "mit_des_cbc_encrypt.");
56 rv
= init_key_uef(krb_ctx_hSession(context
), key
);
58 KRB5_LOG(KRB5_ERR
, "init_key_uef failed in "
59 "mit_des_cbc_encrypt: rv = 0x%x", rv
);
64 mechanism
.mechanism
= algos
.enc_algo
;
65 mechanism
.pParameter
= ivec
;
67 mechanism
.ulParameterLen
= MIT_DES_BLOCK_LENGTH
;
69 mechanism
.ulParameterLen
= 0;
72 rv
= C_EncryptInit(krb_ctx_hSession(context
), &mechanism
, key
->hKey
);
74 rv
= C_DecryptInit(krb_ctx_hSession(context
), &mechanism
, key
->hKey
);
77 KRB5_LOG(KRB5_ERR
, "C_EncryptInit/C_DecryptInit failed in "
78 "mit_des_cbc_encrypt: rv = 0x%x", rv
);
84 rv
= C_Encrypt(krb_ctx_hSession(context
), (CK_BYTE_PTR
)in
,
85 (CK_ULONG
)length
, (CK_BYTE_PTR
)out
,
86 (CK_ULONG_PTR
)&length
);
88 rv
= C_Decrypt(krb_ctx_hSession(context
), (CK_BYTE_PTR
)in
,
89 (CK_ULONG
)length
, (CK_BYTE_PTR
)out
,
90 (CK_ULONG_PTR
)&length
);
94 "C_Encrypt/C_Decrypt failed in mit_des_cbc_encrypt: "
102 (void) memset(out
, 0, length
);
104 KRB5_LOG(KRB5_INFO
, "mit_des_cbc_encrypt() end retval=%d", ret
);
111 * This routine performs DES cipher-block-chaining operation, either
112 * encrypting from cleartext to ciphertext, if encrypt != 0 or
113 * decrypting from ciphertext to cleartext, if encrypt == 0.
115 * The key schedule is passed as an arg, as well as the cleartext or
116 * ciphertext. The cleartext and ciphertext should be in host order.
118 * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not
119 * enough space was provided, your program will get trashed.
121 * For encryption, the cleartext string is null padded, at the end, to
122 * an integral multiple of eight bytes.
124 * For decryption, the ciphertext will be used in integral multiples
125 * of 8 bytes, but only the first "length" bytes returned into the
131 mit_des_cbc_encrypt(krb5_context context
,
132 const mit_des_cblock
*in
,
134 long length
, krb5_keyblock
*key
,
135 mit_des_cblock ivec
, int encrypt
)
137 int ret
= KRB5_PROG_ETYPE_NOSUPP
;
141 KRB5_LOG(KRB5_INFO
, "mit_des_cbc_encrypt() start encrypt=%d", encrypt
);
143 ivdata
.data
= (char *)ivec
;
144 ivdata
.length
= sizeof(mit_des_cblock
);
146 ret
= k5_ef_crypto((const char *)in
,
147 (char *)out
, length
, key
, &ivdata
, encrypt
);
149 KRB5_LOG(KRB5_INFO
, "mit_des_cbc_encrypt() end retval=%d", ret
);
152 #endif /* !_KERNEL */