2 * linux/net/sunrpc/gss_krb5_seqnum.c
4 * Adapted from MIT Kerberos 5-1.2.1 lib/gssapi/krb5/util_seqnum.c
6 * Copyright (c) 2000 The Regents of the University of Michigan.
13 * Copyright 1993 by OpenVision Technologies, Inc.
15 * Permission to use, copy, modify, distribute, and sell this software
16 * and its documentation for any purpose is hereby granted without fee,
17 * provided that the above copyright notice appears in all copies and
18 * that both that copyright notice and this permission notice appear in
19 * supporting documentation, and that the name of OpenVision not be used
20 * in advertising or publicity pertaining to distribution of the software
21 * without specific, written prior permission. OpenVision makes no
22 * representations about the suitability of this software for any
23 * purpose. It is provided "as is" without express or implied warranty.
25 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
26 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
27 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
28 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
29 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
30 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
31 * PERFORMANCE OF THIS SOFTWARE.
34 #include <linux/types.h>
35 #include <linux/sunrpc/gss_krb5.h>
36 #include <linux/crypto.h>
38 #if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
39 # define RPCDBG_FACILITY RPCDBG_AUTH
43 krb5_make_rc4_seq_num(struct krb5_ctx *kctx, int direction, s32 seqnum,
44 unsigned char *cksum, unsigned char *buf)
46 struct crypto_blkcipher *cipher;
47 unsigned char plain[8];
50 dprintk("RPC: %s:\n", __func__);
51 cipher = crypto_alloc_blkcipher(kctx->gk5e->encrypt_name, 0,
54 return PTR_ERR(cipher);
56 plain[0] = (unsigned char) ((seqnum >> 24) & 0xff);
57 plain[1] = (unsigned char) ((seqnum >> 16) & 0xff);
58 plain[2] = (unsigned char) ((seqnum >> 8) & 0xff);
59 plain[3] = (unsigned char) ((seqnum >> 0) & 0xff);
65 code = krb5_rc4_setup_seq_key(kctx, cipher, cksum);
69 code = krb5_encrypt(cipher, cksum, plain, buf, 8);
71 crypto_free_blkcipher(cipher);
75 krb5_make_seq_num(struct krb5_ctx *kctx,
76 struct crypto_blkcipher *key,
79 unsigned char *cksum, unsigned char *buf)
81 unsigned char plain[8];
83 if (kctx->enctype == ENCTYPE_ARCFOUR_HMAC)
84 return krb5_make_rc4_seq_num(kctx, direction, seqnum,
87 plain[0] = (unsigned char) (seqnum & 0xff);
88 plain[1] = (unsigned char) ((seqnum >> 8) & 0xff);
89 plain[2] = (unsigned char) ((seqnum >> 16) & 0xff);
90 plain[3] = (unsigned char) ((seqnum >> 24) & 0xff);
97 return krb5_encrypt(key, cksum, plain, buf, 8);
101 krb5_get_rc4_seq_num(struct krb5_ctx *kctx, unsigned char *cksum,
102 unsigned char *buf, int *direction, s32 *seqnum)
104 struct crypto_blkcipher *cipher;
105 unsigned char plain[8];
108 dprintk("RPC: %s:\n", __func__);
109 cipher = crypto_alloc_blkcipher(kctx->gk5e->encrypt_name, 0,
112 return PTR_ERR(cipher);
114 code = krb5_rc4_setup_seq_key(kctx, cipher, cksum);
118 code = krb5_decrypt(cipher, cksum, buf, plain, 8);
122 if ((plain[4] != plain[5]) || (plain[4] != plain[6])
123 || (plain[4] != plain[7])) {
124 code = (s32)KG_BAD_SEQ;
128 *direction = plain[4];
130 *seqnum = ((plain[0] << 24) | (plain[1] << 16) |
131 (plain[2] << 8) | (plain[3]));
133 crypto_free_blkcipher(cipher);
138 krb5_get_seq_num(struct krb5_ctx *kctx,
139 unsigned char *cksum,
141 int *direction, u32 *seqnum)
144 unsigned char plain[8];
145 struct crypto_blkcipher *key = kctx->seq;
147 dprintk("RPC: krb5_get_seq_num:\n");
149 if (kctx->enctype == ENCTYPE_ARCFOUR_HMAC)
150 return krb5_get_rc4_seq_num(kctx, cksum, buf,
153 if ((code = krb5_decrypt(key, cksum, buf, plain, 8)))
156 if ((plain[4] != plain[5]) || (plain[4] != plain[6]) ||
157 (plain[4] != plain[7]))
158 return (s32)KG_BAD_SEQ;
160 *direction = plain[4];
162 *seqnum = ((plain[0]) |
163 (plain[1] << 8) | (plain[2] << 16) | (plain[3] << 24));
projects / linux.git / blob