1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
|
/* SPDX-License-Identifier: GPL-2.0 or BSD-3-Clause */
/*
* SunRPC GSS Kerberos 5 mechanism internal definitions
*
* Copyright (c) 2022 Oracle and/or its affiliates.
*/
#ifndef _NET_SUNRPC_AUTH_GSS_KRB5_INTERNAL_H
#define _NET_SUNRPC_AUTH_GSS_KRB5_INTERNAL_H
/*
* The RFCs often specify payload lengths in bits. This helper
* converts a specified bit-length to the number of octets/bytes.
*/
#define BITS2OCTETS(x) ((x) / 8)
struct krb5_ctx;
struct gss_krb5_enctype {
const u32 etype; /* encryption (key) type */
const u32 ctype; /* checksum type */
const char *name; /* "friendly" name */
const char *encrypt_name; /* crypto encrypt name */
const char *aux_cipher; /* aux encrypt cipher name */
const char *cksum_name; /* crypto checksum name */
const u16 signalg; /* signing algorithm */
const u16 sealalg; /* sealing algorithm */
const u32 cksumlength; /* checksum length */
const u32 keyed_cksum; /* is it a keyed cksum? */
const u32 keybytes; /* raw key len, in bytes */
const u32 keylength; /* protocol key length, in octets */
const u32 Kc_length; /* checksum subkey length, in octets */
const u32 Ke_length; /* encryption subkey length, in octets */
const u32 Ki_length; /* integrity subkey length, in octets */
int (*derive_key)(const struct gss_krb5_enctype *gk5e,
const struct xdr_netobj *in,
struct xdr_netobj *out,
const struct xdr_netobj *label,
gfp_t gfp_mask);
u32 (*encrypt)(struct krb5_ctx *kctx, u32 offset,
struct xdr_buf *buf, struct page **pages);
u32 (*decrypt)(struct krb5_ctx *kctx, u32 offset, u32 len,
struct xdr_buf *buf, u32 *headskip, u32 *tailskip);
u32 (*get_mic)(struct krb5_ctx *kctx, struct xdr_buf *text,
struct xdr_netobj *token);
u32 (*verify_mic)(struct krb5_ctx *kctx, struct xdr_buf *message_buffer,
struct xdr_netobj *read_token);
u32 (*wrap)(struct krb5_ctx *kctx, int offset,
struct xdr_buf *buf, struct page **pages);
u32 (*unwrap)(struct krb5_ctx *kctx, int offset, int len,
struct xdr_buf *buf, unsigned int *slack,
unsigned int *align);
};
/* krb5_ctx flags definitions */
#define KRB5_CTX_FLAG_INITIATOR 0x00000001
#define KRB5_CTX_FLAG_ACCEPTOR_SUBKEY 0x00000004
struct krb5_ctx {
int initiate; /* 1 = initiating, 0 = accepting */
u32 enctype;
u32 flags;
const struct gss_krb5_enctype *gk5e; /* enctype-specific info */
struct crypto_sync_skcipher *enc;
struct crypto_sync_skcipher *seq;
struct crypto_sync_skcipher *acceptor_enc;
struct crypto_sync_skcipher *initiator_enc;
struct crypto_sync_skcipher *acceptor_enc_aux;
struct crypto_sync_skcipher *initiator_enc_aux;
struct crypto_ahash *acceptor_sign;
struct crypto_ahash *initiator_sign;
struct crypto_ahash *initiator_integ;
struct crypto_ahash *acceptor_integ;
u8 Ksess[GSS_KRB5_MAX_KEYLEN]; /* session key */
u8 cksum[GSS_KRB5_MAX_KEYLEN];
atomic_t seq_send;
atomic64_t seq_send64;
time64_t endtime;
struct xdr_netobj mech_used;
};
/*
* GSS Kerberos 5 mechanism Per-Message calls.
*/
u32 gss_krb5_get_mic_v2(struct krb5_ctx *ctx, struct xdr_buf *text,
struct xdr_netobj *token);
u32 gss_krb5_verify_mic_v2(struct krb5_ctx *ctx, struct xdr_buf *message_buffer,
struct xdr_netobj *read_token);
u32 gss_krb5_wrap_v2(struct krb5_ctx *kctx, int offset,
struct xdr_buf *buf, struct page **pages);
u32 gss_krb5_unwrap_v2(struct krb5_ctx *kctx, int offset, int len,
struct xdr_buf *buf, unsigned int *slack,
unsigned int *align);
/*
* Implementation internal functions
*/
/* Key Derivation Functions */
int krb5_derive_key_v2(const struct gss_krb5_enctype *gk5e,
const struct xdr_netobj *inkey,
struct xdr_netobj *outkey,
const struct xdr_netobj *label,
gfp_t gfp_mask);
int krb5_kdf_hmac_sha2(const struct gss_krb5_enctype *gk5e,
const struct xdr_netobj *inkey,
struct xdr_netobj *outkey,
const struct xdr_netobj *in_constant,
gfp_t gfp_mask);
int krb5_kdf_feedback_cmac(const struct gss_krb5_enctype *gk5e,
const struct xdr_netobj *inkey,
struct xdr_netobj *outkey,
const struct xdr_netobj *in_constant,
gfp_t gfp_mask);
/**
* krb5_derive_key - Derive a subkey from a protocol key
* @kctx: Kerberos 5 context
* @inkey: base protocol key
* @outkey: OUT: derived key
* @usage: key usage value
* @seed: key usage seed (one octet)
* @gfp_mask: memory allocation control flags
*
* Caller sets @outkey->len to the desired length of the derived key.
*
* On success, returns 0 and fills in @outkey. A negative errno value
* is returned on failure.
*/
static inline int krb5_derive_key(struct krb5_ctx *kctx,
const struct xdr_netobj *inkey,
struct xdr_netobj *outkey,
u32 usage, u8 seed, gfp_t gfp_mask)
{
const struct gss_krb5_enctype *gk5e = kctx->gk5e;
u8 label_data[GSS_KRB5_K5CLENGTH];
struct xdr_netobj label = {
.len = sizeof(label_data),
.data = label_data,
};
__be32 *p = (__be32 *)label_data;
*p = cpu_to_be32(usage);
label_data[4] = seed;
return gk5e->derive_key(gk5e, inkey, outkey, &label, gfp_mask);
}
void krb5_make_confounder(u8 *p, int conflen);
u32 make_checksum(struct krb5_ctx *kctx, char *header, int hdrlen,
struct xdr_buf *body, int body_offset, u8 *cksumkey,
unsigned int usage, struct xdr_netobj *cksumout);
u32 gss_krb5_checksum(struct crypto_ahash *tfm, char *header, int hdrlen,
const struct xdr_buf *body, int body_offset,
struct xdr_netobj *cksumout);
u32 krb5_encrypt(struct crypto_sync_skcipher *key, void *iv, void *in,
void *out, int length);
u32 krb5_decrypt(struct crypto_sync_skcipher *key, void *iv, void *in,
void *out, int length);
int xdr_extend_head(struct xdr_buf *buf, unsigned int base,
unsigned int shiftlen);
int gss_encrypt_xdr_buf(struct crypto_sync_skcipher *tfm,
struct xdr_buf *outbuf, int offset,
struct page **pages);
int gss_decrypt_xdr_buf(struct crypto_sync_skcipher *tfm,
struct xdr_buf *inbuf, int offset);
u32 gss_krb5_aes_encrypt(struct krb5_ctx *kctx, u32 offset,
struct xdr_buf *buf, struct page **pages);
u32 gss_krb5_aes_decrypt(struct krb5_ctx *kctx, u32 offset, u32 len,
struct xdr_buf *buf, u32 *plainoffset, u32 *plainlen);
u32 krb5_etm_encrypt(struct krb5_ctx *kctx, u32 offset, struct xdr_buf *buf,
struct page **pages);
u32 krb5_etm_decrypt(struct krb5_ctx *kctx, u32 offset, u32 len,
struct xdr_buf *buf, u32 *headskip, u32 *tailskip);
#if IS_ENABLED(CONFIG_KUNIT)
void krb5_nfold(u32 inbits, const u8 *in, u32 outbits, u8 *out);
const struct gss_krb5_enctype *gss_krb5_lookup_enctype(u32 etype);
int krb5_cbc_cts_encrypt(struct crypto_sync_skcipher *cts_tfm,
struct crypto_sync_skcipher *cbc_tfm, u32 offset,
struct xdr_buf *buf, struct page **pages,
u8 *iv, unsigned int ivsize);
int krb5_cbc_cts_decrypt(struct crypto_sync_skcipher *cts_tfm,
struct crypto_sync_skcipher *cbc_tfm,
u32 offset, struct xdr_buf *buf);
u32 krb5_etm_checksum(struct crypto_sync_skcipher *cipher,
struct crypto_ahash *tfm, const struct xdr_buf *body,
int body_offset, struct xdr_netobj *cksumout);
#endif
#endif /* _NET_SUNRPC_AUTH_GSS_KRB5_INTERNAL_H */
|