fips_des_util.c revision b5a2d8455dfa3190fc977c4bec53e91c99012767
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#define _DES_FIPS_POST
#ifndef _KERNEL
#include <stdlib.h>
#include <string.h>
#include <strings.h>
#include <stdio.h>
#include <security/cryptoki.h>
#include <cryptoutil.h>
#include "softCrypt.h"
#else
#define _DES_IMPL
#include <des/des_impl.h>
#endif
#ifndef _KERNEL
/*
* Allocate context for the DES encryption or decryption operation, and
* generate DES or DES3 key schedule to speed up the operation.
*/
{
if (soft_des_ctx == NULL) {
return (NULL);
}
/* Allocate key schedule for DES or DES3 based on key type. */
return (NULL);
}
} else {
return (NULL);
}
}
/* Save Initialization Vector (IV) in the context. */
/* Allocate a context for DES cipher-block chaining. */
return (NULL);
}
}
return (soft_des_ctx);
}
/*
* Free the DES context.
*/
void
{
}
}
#else
static void
{
/* LINTED: pointer alignment */
} else {
#ifdef _BIG_ENDIAN
#else
#endif /* _BIG_ENDIAN */
}
}
{
int rv = CRYPTO_SUCCESS;
void *keysched;
switch (mech_type) {
case DES_ECB_MECH_INFO_TYPE:
/* FALLTHRU */
case DES_CBC_MECH_INFO_TYPE:
break;
case DES3_ECB_MECH_INFO_TYPE:
/* FALLTHRU */
case DES3_CBC_MECH_INFO_TYPE:
break;
default:
return (NULL);
}
return (NULL);
/*
* Initialize key schedule.
* Key length is stored in the key.
*/
}
switch (mech_type) {
case DES_CBC_MECH_INFO_TYPE:
case DES3_CBC_MECH_INFO_TYPE:
/* Save Initialization Vector (IV) in the context. */
break;
case DES_ECB_MECH_INFO_TYPE:
case DES3_ECB_MECH_INFO_TYPE:
}
if (rv != CRYPTO_SUCCESS) {
}
}
return (des_ctx);
}
void
{
}
}
}
#endif
/*
* fips_des_encrypt()
*
* Arguments:
* soft_des_ctx: pointer to DES context
* in_buf: pointer to the input data to be encrypted
* ulDataLen: length of the input data
* out_buf: pointer to the output data after encryption
* pulEncryptedLen: pointer to the length of the output data
* mechanism: CKM_DES_ECB, CKM_DES3_ECB, CKM_DES_CBC, CKM_DES3_CBC
*
* Description:
* This function calls the corresponding DES low-level encrypt
* routine based on the mechanism.
*
*/
#ifndef _KERNEL
#else
int
#endif
{
int rc = 0;
/*
* DES only takes input length that is a multiple of blocksize
* with the mechanism CKM_DES<n>_ECB or CKM_DES<n>_CBC.
*/
if ((ulDataLen % DES_BLOCK_LEN) != 0) {
return (CKR_DATA_LEN_RANGE);
}
/*
* For non-padding mode, the output length will
* be same as the input length.
*/
/*
* Begin Encryption now.
*/
switch (mechanism) {
case CKM_DES_ECB:
case CKM_DES3_ECB:
{
ulong_t i;
for (i = 0; i < out_len; i += DES_BLOCK_LEN) {
tmp_outbuf = &out_buf[i];
/* Crunch one block of data for DES. */
#ifndef _KERNEL
(void) des_crunch_block(
else
(void) des3_crunch_block(
#else
if (mechanism == DES_ECB_MECH_INFO_TYPE)
else
#endif
}
break;
}
case CKM_DES_CBC:
case CKM_DES3_CBC:
{
/* Encrypt multiple blocks of data. */
#ifndef _KERNEL
#else
#endif
if (rc != 0)
goto encrypt_failed;
if (rc == 0) {
break;
}
*pulEncryptedLen = 0;
return (CKR_DEVICE_ERROR);
}
} /* end switch */
return (rv);
}
/*
* fips_des_decrypt()
*
* Arguments:
* soft_des_ctx: pointer to DES context
* in_buf: pointer to the input data to be decrypted
* ulEncryptedLen: length of the input data
* out_buf: pointer to the output data
* pulDataLen: pointer to the length of the output data
* mechanism: CKM_DES_ECB, CKM_DES3_ECB, CKM_DES_CBC, CKM_DES3_CBC
*
* Description:
* This function calls the corresponding DES low-level decrypt
* function based on the mechanism.
*
*/
#ifndef _KERNEL
#else
int
#endif
{
int rc = 0;
/*
* DES only takes input length that is a multiple of 8 bytes
* with the mechanism CKM_DES<n>_ECB, CKM_DES<n>_CBC or
* CKM_DES<n>_CBC_PAD.
*/
if ((ulEncryptedLen % DES_BLOCK_LEN) != 0) {
return (CKR_DATA_LEN_RANGE);
}
/* Set output length same as input length. */
/*
* Begin Decryption.
*/
switch (mechanism) {
case CKM_DES_ECB:
case CKM_DES3_ECB:
{
ulong_t i;
for (i = 0; i < out_len; i += DES_BLOCK_LEN) {
tmp_outbuf = &out_buf[i];
/* Crunch one block of data for DES. */
#ifndef _KERNEL
(void) des_crunch_block(
else
(void) des3_crunch_block(
#else
if (mechanism == DES_ECB_MECH_INFO_TYPE)
else
#endif
}
*pulDataLen = out_len;
break;
}
case CKM_DES_CBC:
case CKM_DES3_CBC:
{
/* Decrypt multiple blocks of data. */
#ifndef _KERNEL
#else
#endif
if (rc != 0)
goto decrypt_failed;
*pulDataLen = out_len;
if (rc == 0)
break;
*pulDataLen = 0;
return (CKR_DEVICE_ERROR);
}
} /* end switch */
return (rv);
}
/*
* DES3 Power-On SelfTest(s).
*/
int
fips_des3_post(void)
{
/* DES3 Known Key. */
/* DES3-CBC Known Initialization Vector (64-bits). */
/* DES3 Known Plaintext (64-bits). */
/* DES3 Known Ciphertext (64-bits). */
static uint8_t des3_ecb_known_ciphertext[] = {
0x17, 0x0d, 0x1f, 0x13, 0xd3, 0xa0, 0x3a, 0x63
};
static uint8_t des3_cbc_known_ciphertext[] = {
0x7f, 0x62, 0x44, 0xb3, 0xf8, 0x77, 0xf8, 0xf8
};
/* DES3 variables. */
#ifdef _KERNEL
#else
#endif
int rv;
/*
* DES3 ECB Known Answer Encryption Test
*/
#ifdef _KERNEL
#else
#endif
if (des3_context == NULL)
return (CKR_HOST_MEMORY);
#ifdef _KERNEL
#else
#endif
if ((rv != CRYPTO_SUCCESS) ||
FIPS_DES3_ENCRYPT_LENGTH) != 0))
return (CKR_DEVICE_ERROR);
/*
* DES3 ECB Known Answer Decryption Test
*/
#ifdef _KERNEL
#else
#endif
if (des3_context == NULL)
return (CKR_HOST_MEMORY);
#ifdef _KERNEL
#else
#endif
if ((rv != CRYPTO_SUCCESS) ||
FIPS_DES3_DECRYPT_LENGTH) != 0))
return (CKR_DEVICE_ERROR);
/*
* DES3 CBC Known Answer Encryption Test
*/
#ifdef _KERNEL
#else
#endif
if (des3_context == NULL)
return (CKR_HOST_MEMORY);
#ifdef _KERNEL
#else
#endif
if ((rv != CRYPTO_SUCCESS) ||
FIPS_DES3_ENCRYPT_LENGTH) != 0))
return (CKR_DEVICE_ERROR);
/*
* DES3 CBC Known Answer Decryption Test
*/
#ifdef _KERNEL
#else
#endif
if (des3_context == NULL)
return (CKR_HOST_MEMORY);
#ifdef _KERNEL
#else
#endif
if ((rv != CRYPTO_SUCCESS) ||
FIPS_DES3_DECRYPT_LENGTH) != 0))
return (CKR_DEVICE_ERROR);
return (CKR_OK);
}