1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34#include <crypto/skcipher.h>
35#include <linux/types.h>
36#include <linux/sunrpc/gss_krb5.h>
37
38#if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
39# define RPCDBG_FACILITY RPCDBG_AUTH
40#endif
41
42s32
43krb5_make_seq_num(struct krb5_ctx *kctx,
44 struct crypto_sync_skcipher *key,
45 int direction,
46 u32 seqnum,
47 unsigned char *cksum, unsigned char *buf)
48{
49 unsigned char *plain;
50 s32 code;
51
52 plain = kmalloc(8, GFP_NOFS);
53 if (!plain)
54 return -ENOMEM;
55
56 plain[0] = (unsigned char) (seqnum & 0xff);
57 plain[1] = (unsigned char) ((seqnum >> 8) & 0xff);
58 plain[2] = (unsigned char) ((seqnum >> 16) & 0xff);
59 plain[3] = (unsigned char) ((seqnum >> 24) & 0xff);
60
61 plain[4] = direction;
62 plain[5] = direction;
63 plain[6] = direction;
64 plain[7] = direction;
65
66 code = krb5_encrypt(key, cksum, plain, buf, 8);
67 kfree(plain);
68 return code;
69}
70
71s32
72krb5_get_seq_num(struct krb5_ctx *kctx,
73 unsigned char *cksum,
74 unsigned char *buf,
75 int *direction, u32 *seqnum)
76{
77 s32 code;
78 unsigned char *plain;
79 struct crypto_sync_skcipher *key = kctx->seq;
80
81 dprintk("RPC: krb5_get_seq_num:\n");
82
83 plain = kmalloc(8, GFP_NOFS);
84 if (!plain)
85 return -ENOMEM;
86
87 if ((code = krb5_decrypt(key, cksum, buf, plain, 8)))
88 goto out;
89
90 if ((plain[4] != plain[5]) || (plain[4] != plain[6]) ||
91 (plain[4] != plain[7])) {
92 code = (s32)KG_BAD_SEQ;
93 goto out;
94 }
95
96 *direction = plain[4];
97
98 *seqnum = ((plain[0]) |
99 (plain[1] << 8) | (plain[2] << 16) | (plain[3] << 24));
100
101out:
102 kfree(plain);
103 return code;
104}
105