LXR linux/net/sunrpc/auth_gss/gss_krb5

   1/*
   2 *  linux/net/sunrpc/gss_krb5_seqnum.c
   3 *
   4 *  Adapted from MIT Kerberos 5-1.2.1 lib/gssapi/krb5/util_seqnum.c
   5 *
   6 *  Copyright (c) 2000 The Regents of the University of Michigan.
   7 *  All rights reserved.
   8 *
   9 *  Andy Adamson   <andros@umich.edu>
  10 */
  11
  12/*
  13 * Copyright 1993 by OpenVision Technologies, Inc.
  14 *
  15 * Permission to use, copy, modify, distribute, and sell this software
  16 * and its documentation for any purpose is hereby granted without fee,
  17 * provided that the above copyright notice appears in all copies and
  18 * that both that copyright notice and this permission notice appear in
  19 * supporting documentation, and that the name of OpenVision not be used
  20 * in advertising or publicity pertaining to distribution of the software
  21 * without specific, written prior permission. OpenVision makes no
  22 * representations about the suitability of this software for any
  23 * purpose.  It is provided "as is" without express or implied warranty.
  24 *
  25 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
  26 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
  27 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
  28 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
  29 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
  30 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  31 * PERFORMANCE OF THIS SOFTWARE.
  32 */
  33
  34#include <crypto/skcipher.h>
  35#include <linux/types.h>
  36#include <linux/sunrpc/gss_krb5.h>
  37
  38#if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
  39# define RPCDBG_FACILITY        RPCDBG_AUTH
  40#endif
  41
  42s32
  43krb5_make_seq_num(struct krb5_ctx *kctx,
  44                struct crypto_sync_skcipher *key,
  45                int direction,
  46                u32 seqnum,
  47                unsigned char *cksum, unsigned char *buf)
  48{
  49        unsigned char *plain;
  50        s32 code;
  51
  52        plain = kmalloc(8, GFP_NOFS);
  53        if (!plain)
  54                return -ENOMEM;
  55
  56        plain[0] = (unsigned char) (seqnum & 0xff);
  57        plain[1] = (unsigned char) ((seqnum >> 8) & 0xff);
  58        plain[2] = (unsigned char) ((seqnum >> 16) & 0xff);
  59        plain[3] = (unsigned char) ((seqnum >> 24) & 0xff);
  60
  61        plain[4] = direction;
  62        plain[5] = direction;
  63        plain[6] = direction;
  64        plain[7] = direction;
  65
  66        code = krb5_encrypt(key, cksum, plain, buf, 8);
  67        kfree(plain);
  68        return code;
  69}
  70
  71s32
  72krb5_get_seq_num(struct krb5_ctx *kctx,
  73               unsigned char *cksum,
  74               unsigned char *buf,
  75               int *direction, u32 *seqnum)
  76{
  77        s32 code;
  78        unsigned char *plain;
  79        struct crypto_sync_skcipher *key = kctx->seq;
  80
  81        dprintk("RPC:       krb5_get_seq_num:\n");
  82
  83        plain = kmalloc(8, GFP_NOFS);
  84        if (!plain)
  85                return -ENOMEM;
  86
  87        if ((code = krb5_decrypt(key, cksum, buf, plain, 8)))
  88                goto out;
  89
  90        if ((plain[4] != plain[5]) || (plain[4] != plain[6]) ||
  91            (plain[4] != plain[7])) {
  92                code = (s32)KG_BAD_SEQ;
  93                goto out;
  94        }
  95
  96        *direction = plain[4];
  97
  98        *seqnum = ((plain[0]) |
  99                   (plain[1] << 8) | (plain[2] << 16) | (plain[3] << 24));
 100
 101out:
 102        kfree(plain);
 103        return code;
 104}
 105