LXR linux/drivers/staging/lustre/lustre/ptlrpc/gss/gss

   1/*
   2 * Modifications for Lustre
   3 *
   4 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
   5 *
   6 * Author: Eric Mei <ericm@clusterfs.com>
   7 */
   8
   9/*
  10 *  linux/include/linux/sunrpc/gss_krb5_types.h
  11 *
  12 *  Adapted from MIT Kerberos 5-1.2.1 lib/include/krb5.h,
  13 *  lib/gssapi/krb5/gssapiP_krb5.h, and others
  14 *
  15 *  Copyright (c) 2000 The Regents of the University of Michigan.
  16 *  All rights reserved.
  17 *
  18 *  Andy Adamson   <andros@umich.edu>
  19 *  Bruce Fields   <bfields@umich.edu>
  20 */
  21
  22/*
  23 * Copyright 1995 by the Massachusetts Institute of Technology.
  24 * All Rights Reserved.
  25 *
  26 * Export of this software from the United States of America may
  27 *   require a specific license from the United States Government.
  28 *   It is the responsibility of any person or organization contemplating
  29 *   export to obtain such a license before exporting.
  30 *
  31 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  32 * distribute this software and its documentation for any purpose and
  33 * without fee is hereby granted, provided that the above copyright
  34 * notice appear in all copies and that both that copyright notice and
  35 * this permission notice appear in supporting documentation, and that
  36 * the name of M.I.T. not be used in advertising or publicity pertaining
  37 * to distribution of the software without specific, written prior
  38 * permission.  Furthermore if you modify this software you must label
  39 * your software as modified software and not distribute it in such a
  40 * fashion that it might be confused with the original M.I.T. software.
  41 * M.I.T. makes no representations about the suitability of
  42 * this software for any purpose.  It is provided "as is" without express
  43 * or implied warranty.
  44 *
  45 */
  46
  47#ifndef PTLRPC_GSS_KRB5_H
  48#define PTLRPC_GSS_KRB5_H
  49
  50/*
  51 * RFC 4142
  52 */
  53
  54#define KG_USAGE_ACCEPTOR_SEAL    22
  55#define KG_USAGE_ACCEPTOR_SIGN    23
  56#define KG_USAGE_INITIATOR_SEAL  24
  57#define KG_USAGE_INITIATOR_SIGN  25
  58
  59#define KG_TOK_MIC_MSG            0x0404
  60#define KG_TOK_WRAP_MSG          0x0504
  61
  62#define FLAG_SENDER_IS_ACCEPTOR  0x01
  63#define FLAG_WRAP_CONFIDENTIAL    0x02
  64#define FLAG_ACCEPTOR_SUBKEY        0x04
  65
  66struct krb5_header {
  67        __u16      kh_tok_id;      /* token id */
  68        __u8        kh_flags;       /* acceptor flags */
  69        __u8        kh_filler;      /* 0xff */
  70        __u16      kh_ec;         /* extra count */
  71        __u16      kh_rrc;       /* right rotation count */
  72        __u64      kh_seq;       /* sequence number */
  73        __u8        kh_cksum[0];    /* checksum */
  74};
  75
  76struct krb5_keyblock {
  77        rawobj_t                 kb_key;
  78        struct ll_crypto_cipher *kb_tfm;
  79};
  80
  81struct krb5_ctx {
  82        unsigned int        kc_initiate:1,
  83                                kc_cfx:1,
  84                                kc_seed_init:1,
  85                                kc_have_acceptor_subkey:1;
  86        __s32              kc_endtime;
  87        __u8                kc_seed[16];
  88        __u64              kc_seq_send;
  89        __u64              kc_seq_recv;
  90        __u32              kc_enctype;
  91        struct krb5_keyblock    kc_keye;        /* encryption */
  92        struct krb5_keyblock    kc_keyi;        /* integrity */
  93        struct krb5_keyblock    kc_keyc;        /* checksum */
  94        rawobj_t                kc_mech_used;
  95};
  96
  97enum sgn_alg {
  98        SGN_ALG_DES_MAC_MD5        = 0x0000,
  99        SGN_ALG_MD2_5            = 0x0001,
 100        SGN_ALG_DES_MAC        = 0x0002,
 101        SGN_ALG_3                    = 0x0003, /* not published */
 102        SGN_ALG_HMAC_MD5              = 0x0011, /* microsoft w2k; no support */
 103        SGN_ALG_HMAC_SHA1_DES3_KD     = 0x0004
 104};
 105
 106enum seal_alg {
 107        SEAL_ALG_NONE            = 0xffff,
 108        SEAL_ALG_DES              = 0x0000,
 109        SEAL_ALG_1                  = 0x0001, /* not published */
 110        SEAL_ALG_MICROSOFT_RC4  = 0x0010, /* microsoft w2k; no support */
 111        SEAL_ALG_DES3KD        = 0x0002
 112};
 113
 114#define CKSUMTYPE_CRC32          0x0001
 115#define CKSUMTYPE_RSA_MD4              0x0002
 116#define CKSUMTYPE_RSA_MD4_DES      0x0003
 117#define CKSUMTYPE_DESCBC                0x0004
 118/* des-mac-k */
 119/* rsa-md4-des-k */
 120#define CKSUMTYPE_RSA_MD5              0x0007
 121#define CKSUMTYPE_RSA_MD5_DES      0x0008
 122#define CKSUMTYPE_NIST_SHA            0x0009
 123#define CKSUMTYPE_HMAC_SHA1_DES3        0x000c
 124#define CKSUMTYPE_HMAC_SHA1_96_AES128   0x000f
 125#define CKSUMTYPE_HMAC_SHA1_96_AES256   0x0010
 126#define CKSUMTYPE_HMAC_MD5_ARCFOUR      -138
 127
 128/* from gssapi_err_krb5.h */
 129#define KG_CCACHE_NOMATCH                       (39756032L)
 130#define KG_KEYTAB_NOMATCH                       (39756033L)
 131#define KG_TGT_MISSING                     (39756034L)
 132#define KG_NO_SUBKEY                         (39756035L)
 133#define KG_CONTEXT_ESTABLISHED             (39756036L)
 134#define KG_BAD_SIGN_TYPE                         (39756037L)
 135#define KG_BAD_LENGTH                       (39756038L)
 136#define KG_CTX_INCOMPLETE                       (39756039L)
 137#define KG_CONTEXT                             (39756040L)
 138#define KG_CRED                           (39756041L)
 139#define KG_ENC_DESC                           (39756042L)
 140#define KG_BAD_SEQ                             (39756043L)
 141#define KG_EMPTY_CCACHE                   (39756044L)
 142#define KG_NO_CTYPES                         (39756045L)
 143
 144/* per Kerberos v5 protocol spec crypto types from the wire.
 145 * these get mapped to linux kernel crypto routines.
 146 */
 147#define ENCTYPE_NULL        0x0000
 148#define ENCTYPE_DES_CBC_CRC     0x0001  /* DES cbc mode with CRC-32 */
 149#define ENCTYPE_DES_CBC_MD4     0x0002  /* DES cbc mode with RSA-MD4 */
 150#define ENCTYPE_DES_CBC_MD5     0x0003  /* DES cbc mode with RSA-MD5 */
 151#define ENCTYPE_DES_CBC_RAW     0x0004  /* DES cbc mode raw */
 152/* XXX deprecated? */
 153#define ENCTYPE_DES3_CBC_SHA    0x0005  /* DES-3 cbc mode with NIST-SHA */
 154#define ENCTYPE_DES3_CBC_RAW    0x0006  /* DES-3 cbc mode raw */
 155#define ENCTYPE_DES_HMAC_SHA1   0x0008
 156#define ENCTYPE_DES3_CBC_SHA1   0x0010
 157#define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011
 158#define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012
 159#define ENCTYPE_ARCFOUR_HMAC    0x0017
 160#define ENCTYPE_ARCFOUR_HMAC_EXP 0x0018
 161#define ENCTYPE_UNKNOWN  0x01ff
 162
 163#endif /* PTLRPC_GSS_KRB5_H */
 164