des_crypt.c revision 735564919188238196dbd0d320770dda59b38369
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * CDDL HEADER START
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * The contents of this file are subject to the terms of the
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Common Development and Distribution License (the "License").
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * You may not use this file except in compliance with the License.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * See the License for the specific language governing permissions
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * and limitations under the License.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * When distributing Covered Code, include this CDDL HEADER in each
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * If applicable, add the following below this CDDL HEADER, with the
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * fields enclosed by brackets "[]" replaced with your own identifying
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * information: Portions Copyright [yyyy] [name of copyright owner]
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * CDDL HEADER END
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Use is subject to license terms.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* All Rights Reserved */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Portions of this source code were derived from Berkeley 4.3 BSD
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * under license from the Regents of the University of California.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * des_crypt.c, DES encryption library routines
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin#define getdesfd() (cdevsw[11].d_open(0, 0) ? -1 : 0)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin#define ioctl(a, b, c) (cdevsw[11].d_ioctl(0, b, c, 0) ? -1 : 0)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin#endif /* _KERNEL */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin#endif /* sun */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int common_crypt(char *key, char *buf, size_t len,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinextern int _des_crypt(char *buf, size_t len, struct desparams *desp);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Module linkage information for the kernel.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin "des encryption",
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin "DES Kernel SW Provider"
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin#define DES3_MIN_KEY_LEN DES3_MAXBYTES /* no CKK_DES2 support */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Mechanism info structure passed to KCF during registration.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* DES_ECB */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin DES_MIN_KEY_LEN, DES_MAX_KEY_LEN, CRYPTO_KEYSIZE_UNIT_IN_BYTES},
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* DES_CBC */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin DES_MIN_KEY_LEN, DES_MAX_KEY_LEN, CRYPTO_KEYSIZE_UNIT_IN_BYTES},
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* DES3_ECB */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin DES3_MIN_KEY_LEN, DES3_MAX_KEY_LEN, CRYPTO_KEYSIZE_UNIT_IN_BYTES},
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* DES3_CBC */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin DES3_MIN_KEY_LEN, DES3_MAX_KEY_LEN, CRYPTO_KEYSIZE_UNIT_IN_BYTES}
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* operations are in-place if the output buffer is NULL */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic void des_provider_status(crypto_provider_handle_t, uint_t *);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_common_init(crypto_ctx_t *, crypto_mechanism_t *, crypto_key_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int des_common_init_ctx(des_ctx_t *, crypto_spi_ctx_template_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_mechanism_t *, crypto_key_t *, des_strength_t, int);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int des_encrypt_final(crypto_ctx_t *, crypto_data_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int des_decrypt_final(crypto_ctx_t *, crypto_data_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int des_encrypt(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int des_encrypt_update(crypto_ctx_t *, crypto_data_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int des_encrypt_atomic(crypto_provider_handle_t, crypto_session_id_t,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int des_decrypt(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int des_decrypt_update(crypto_ctx_t *, crypto_data_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int des_decrypt_atomic(crypto_provider_handle_t, crypto_session_id_t,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int des_create_ctx_template(crypto_provider_handle_t,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_mechanism_t *, crypto_key_t *, crypto_spi_ctx_template_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic int des_key_check(crypto_provider_handle_t, crypto_mechanism_t *,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic void des_POST(int *);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin "DES Software Provider",
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin sizeof (des_mech_info_tab)/sizeof (crypto_mech_info_t),
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinstatic crypto_kcf_provider_handle_t des_prov_handle = NULL;
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Register with KCF. If the registration fails, log an
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * error but do not uninstall the module, since the functionality
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * provided by misc/des should still be available.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if ((ret = crypto_register_provider(&des_prov_info,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin cmn_err(CE_WARN, "des _init: crypto_register_provider() "
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Copy 8 bytes
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin char *a = (char *)dst; \
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin char *b = (char *)src; \
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Copy multiple of 8 bytes
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin char *a = (char *)dst; \
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin char *b = (char *)src; \
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin *a++ = *b++; *a++ = *b++; *a++ = *b++; *a++ = *b++; \
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * CBC mode encryption
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chincbc_crypt(char *key, char *buf, size_t len, unsigned int mode, char *ivec)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * ECB mode encryption
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chinecb_crypt(char *key, char *buf, size_t len, unsigned int mode)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Common code to cbc_crypt() & ecb_crypt()
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chincommon_crypt(char *key, char *buf, size_t len, unsigned int mode,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ((mode & DES_DIRMASK) == DES_ENCRYPT) ? ENCRYPT : DECRYPT;
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin return (res == 0 ? DESERR_NONE : DESERR_HWERROR);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin return (desdev == DES_SW ? DESERR_NONE : DESERR_NOHWDEVICE);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Initialize key schedules for DES and DES3
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chininit_keysched(crypto_key_t *key, void *newbie, des_strength_t strength)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Only keys by value are supported by this module.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if (strength == DES && key->ck_length != DES_MAXBITS)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if (strength == DES3 && key->ck_length != DES3_MAXBITS)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Fix parity bits.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Initialize key schedule even if key is weak.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin des_parity_fix(key->ck_data, strength, corrected_key);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin des_init_keysched(corrected_key, strength, newbie);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * KCF software provider control entry points.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_provider_status(crypto_provider_handle_t provider, uint_t *status)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * KCF software provider encrypt entry points.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_common_init(crypto_ctx_t *ctx, crypto_mechanism_t *mechanism,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_key_t *key, crypto_spi_ctx_template_t template,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Only keys by value are supported by this module.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* Check mechanism type and parameter length */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* FALLTHRU */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* FALLTHRU */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if ((rv = des_common_init_ctx(des_ctx, template, mechanism, key,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* LINTED: pointer alignment */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin#endif /* _BIG_ENDIAN */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_encrypt(crypto_ctx_t *ctx, crypto_data_t *plaintext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_data_t *ciphertext, crypto_req_handle_t req)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Plaintext must be a multiple of the block size.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * This test only works for non-padded mechanisms
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * when blocksize is 2^N.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if ((plaintext->cd_length & (DES_BLOCK_LEN - 1)) != 0)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * We need to just return the length needed to store the output.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * We should not destroy the context for the following case.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if (ciphertext->cd_length < plaintext->cd_length) {
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Do an update on the specified input data.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = des_encrypt_update(ctx, plaintext, ciphertext, req);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* LINTED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_decrypt(crypto_ctx_t *ctx, crypto_data_t *ciphertext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_data_t *plaintext, crypto_req_handle_t req)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Ciphertext must be a multiple of the block size.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * This test only works for non-padded mechanisms
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * when blocksize is 2^N.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if ((ciphertext->cd_length & (DES_BLOCK_LEN - 1)) != 0)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * We need to just return the length needed to store the output.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * We should not destroy the context for the following case.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if (plaintext->cd_length < ciphertext->cd_length) {
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Do an update on the specified input data.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = des_decrypt_update(ctx, ciphertext, plaintext, req);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* LINTED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_encrypt_update(crypto_ctx_t *ctx, crypto_data_t *plaintext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_data_t *ciphertext, crypto_req_handle_t req)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* compute number of bytes that will hold the ciphertext */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin out_len = ((des_ctx_t *)ctx->cc_provider_private)->dc_remainder_len;
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* return length needed to store the output */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Do the DES update on the specified input data.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = crypto_update_iov(ctx->cc_provider_private,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin plaintext, ciphertext, des_encrypt_contiguous_blocks,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = crypto_update_uio(ctx->cc_provider_private,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin plaintext, ciphertext, des_encrypt_contiguous_blocks,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin plaintext, ciphertext, des_encrypt_contiguous_blocks,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_decrypt_update(crypto_ctx_t *ctx, crypto_data_t *ciphertext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_data_t *plaintext, crypto_req_handle_t req)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* compute number of bytes that will hold the plaintext */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin out_len = ((des_ctx_t *)ctx->cc_provider_private)->dc_remainder_len;
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* return length needed to store the output */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Do the DES update on the specified input data.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = crypto_update_iov(ctx->cc_provider_private,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ciphertext, plaintext, des_decrypt_contiguous_blocks,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = crypto_update_uio(ctx->cc_provider_private,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ciphertext, plaintext, des_decrypt_contiguous_blocks,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ciphertext, plaintext, des_decrypt_contiguous_blocks,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_encrypt_final(crypto_ctx_t *ctx, crypto_data_t *ciphertext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * There must be no unprocessed plaintext.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * This happens if the length of the last data is
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * not a multiple of the DES block length.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_decrypt_final(crypto_ctx_t *ctx, crypto_data_t *plaintext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * There must be no unprocessed ciphertext.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * This happens if the length of the last ciphertext is
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * not a multiple of the DES block length.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_encrypt_atomic(crypto_provider_handle_t provider,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_session_id_t session_id, crypto_mechanism_t *mechanism,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_key_t *key, crypto_data_t *plaintext, crypto_data_t *ciphertext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_spi_ctx_template_t template, crypto_req_handle_t req)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Plaintext must be a multiple of the block size.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * This test only works for non-padded mechanisms
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * when blocksize is 2^N.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if ((plaintext->cd_length & (DES_BLOCK_LEN - 1)) != 0)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* return length needed to store the output */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if (ciphertext->cd_length < plaintext->cd_length) {
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* Check mechanism type and parameter length */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if ((ret = des_common_init_ctx(&des_ctx, template, mechanism, key,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin strength, crypto_kmflag(req))) != CRYPTO_SUCCESS) {
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Do the update on the specified input data.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = crypto_update_iov(&des_ctx, plaintext, ciphertext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin des_encrypt_contiguous_blocks, des_copy_block64);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = crypto_update_uio(&des_ctx, plaintext, ciphertext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin des_encrypt_contiguous_blocks, des_copy_block64);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = crypto_update_mp(&des_ctx, plaintext, ciphertext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin des_encrypt_contiguous_blocks, des_copy_block64);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if (des_ctx.dc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin bzero(des_ctx.dc_keysched, des_ctx.dc_keysched_len);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin kmem_free(des_ctx.dc_keysched, des_ctx.dc_keysched_len);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* LINTED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_decrypt_atomic(crypto_provider_handle_t provider,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_session_id_t session_id, crypto_mechanism_t *mechanism,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_key_t *key, crypto_data_t *ciphertext, crypto_data_t *plaintext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_spi_ctx_template_t template, crypto_req_handle_t req)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Ciphertext must be a multiple of the block size.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * This test only works for non-padded mechanisms
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * when blocksize is 2^N.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if ((ciphertext->cd_length & (DES_BLOCK_LEN - 1)) != 0)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* return length needed to store the output */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if (plaintext->cd_length < ciphertext->cd_length) {
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* Check mechanism type and parameter length */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if ((ret = des_common_init_ctx(&des_ctx, template, mechanism, key,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin strength, crypto_kmflag(req))) != CRYPTO_SUCCESS) {
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Do the update on the specified input data.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = crypto_update_iov(&des_ctx, ciphertext, plaintext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin des_decrypt_contiguous_blocks, des_copy_block64);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = crypto_update_uio(&des_ctx, ciphertext, plaintext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin des_decrypt_contiguous_blocks, des_copy_block64);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin ret = crypto_update_mp(&des_ctx, ciphertext, plaintext,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin des_decrypt_contiguous_blocks, des_copy_block64);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if (des_ctx.dc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin bzero(des_ctx.dc_keysched, des_ctx.dc_keysched_len);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin kmem_free(des_ctx.dc_keysched, des_ctx.dc_keysched_len);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin /* LINTED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * KCF software provider context template entry points.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_create_ctx_template(crypto_provider_handle_t provider,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_mechanism_t *mechanism, crypto_key_t *key,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_spi_ctx_template_t *tmpl, size_t *tmpl_size, crypto_req_handle_t req)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if ((keysched = des_alloc_keysched(&size, strength,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Initialize key schedule. Key length information is stored
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * in the key.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if ((rv = init_keysched(key, keysched, strength)) != CRYPTO_SUCCESS) {
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if (des_ctx->dc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin bzero(des_ctx->dc_keysched, des_ctx->dc_keysched_len);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Pass it to des_keycheck() which will
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * fix it (parity bits), and check if the fixed key is weak.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_key_check(crypto_provider_handle_t pd, crypto_mechanism_t *mech,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin bcopy(key->ck_data, keydata, CRYPTO_BITS2BYTES(expectedkeylen));
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if (des_keycheck(keydata, strength, key->ck_data) == B_FALSE)
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* ARGSUSED */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chindes_common_init_ctx(des_ctx_t *des_ctx, crypto_spi_ctx_template_t *template,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin crypto_mechanism_t *mechanism, crypto_key_t *key, des_strength_t strength,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE START */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if ((keysched = des_alloc_keysched(&size, strength,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Initialize key schedule.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Key length is stored in the key.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin rv = cbc_init_ctx((cbc_ctx_t *)des_ctx, mechanism->cm_param,
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin mechanism->cm_param_len, DES_BLOCK_LEN, des_copy_block64);
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if (des_ctx->dc_flags & PROVIDER_OWNS_KEY_SCHEDULE) {
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin/* EXPORT DELETE END */
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin * Triple DES Power-Up Self-Test