Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
awilliam
GitHub Repository: awilliam/linux-vfio
 Path: blob/master/net/sunrpc/auth_gss/gss_krb5_seqnum.c
15112 views
1
/*

2
 *  linux/net/sunrpc/gss_krb5_seqnum.c

3
 *

4
 *  Adapted from MIT Kerberos 5-1.2.1 lib/gssapi/krb5/util_seqnum.c

5
 *

6
 *  Copyright (c) 2000 The Regents of the University of Michigan.

7
 *  All rights reserved.

8
 *

9
 *  Andy Adamson   <[email protected]>

10
 */

11


12
/*

13
 * Copyright 1993 by OpenVision Technologies, Inc.

14
 *

15
 * Permission to use, copy, modify, distribute, and sell this software

16
 * and its documentation for any purpose is hereby granted without fee,

17
 * provided that the above copyright notice appears in all copies and

18
 * that both that copyright notice and this permission notice appear in

19
 * supporting documentation, and that the name of OpenVision not be used

20
 * in advertising or publicity pertaining to distribution of the software

21
 * without specific, written prior permission. OpenVision makes no

22
 * representations about the suitability of this software for any

23
 * purpose.  It is provided "as is" without express or implied warranty.

24
 *

25
 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,

26
 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO

27
 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR

28
 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF

29
 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR

30
 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR

31
 * PERFORMANCE OF THIS SOFTWARE.

32
 */

33


34
#include <linux/types.h>

35
#include <linux/sunrpc/gss_krb5.h>

36
#include <linux/crypto.h>

37


38
#ifdef RPC_DEBUG

39
# define RPCDBG_FACILITY        RPCDBG_AUTH

40
#endif

41


42
static s32

43
krb5_make_rc4_seq_num(struct krb5_ctx *kctx, int direction, s32 seqnum,

44
		      unsigned char *cksum, unsigned char *buf)

45
{

46
	struct crypto_blkcipher *cipher;

47
	unsigned char plain[8];

48
	s32 code;

49


50
	dprintk("RPC:       %s:\n", __func__);

51
	cipher = crypto_alloc_blkcipher(kctx->gk5e->encrypt_name, 0,

52
					CRYPTO_ALG_ASYNC);

53
	if (IS_ERR(cipher))

54
		return PTR_ERR(cipher);

55


56
	plain[0] = (unsigned char) ((seqnum >> 24) & 0xff);

57
	plain[1] = (unsigned char) ((seqnum >> 16) & 0xff);

58
	plain[2] = (unsigned char) ((seqnum >> 8) & 0xff);

59
	plain[3] = (unsigned char) ((seqnum >> 0) & 0xff);

60
	plain[4] = direction;

61
	plain[5] = direction;

62
	plain[6] = direction;

63
	plain[7] = direction;

64


65
	code = krb5_rc4_setup_seq_key(kctx, cipher, cksum);

66
	if (code)

67
		goto out;

68


69
	code = krb5_encrypt(cipher, cksum, plain, buf, 8);

70
out:

71
	crypto_free_blkcipher(cipher);

72
	return code;

73
}

74
s32

75
krb5_make_seq_num(struct krb5_ctx *kctx,

76
		struct crypto_blkcipher *key,

77
		int direction,

78
		u32 seqnum,

79
		unsigned char *cksum, unsigned char *buf)

80
{

81
	unsigned char plain[8];

82


83
	if (kctx->enctype == ENCTYPE_ARCFOUR_HMAC)

84
		return krb5_make_rc4_seq_num(kctx, direction, seqnum,

85
					     cksum, buf);

86


87
	plain[0] = (unsigned char) (seqnum & 0xff);

88
	plain[1] = (unsigned char) ((seqnum >> 8) & 0xff);

89
	plain[2] = (unsigned char) ((seqnum >> 16) & 0xff);

90
	plain[3] = (unsigned char) ((seqnum >> 24) & 0xff);

91


92
	plain[4] = direction;

93
	plain[5] = direction;

94
	plain[6] = direction;

95
	plain[7] = direction;

96


97
	return krb5_encrypt(key, cksum, plain, buf, 8);

98
}

99


100
static s32

101
krb5_get_rc4_seq_num(struct krb5_ctx *kctx, unsigned char *cksum,

102
		     unsigned char *buf, int *direction, s32 *seqnum)

103
{

104
	struct crypto_blkcipher *cipher;

105
	unsigned char plain[8];

106
	s32 code;

107


108
	dprintk("RPC:       %s:\n", __func__);

109
	cipher = crypto_alloc_blkcipher(kctx->gk5e->encrypt_name, 0,

110
					CRYPTO_ALG_ASYNC);

111
	if (IS_ERR(cipher))

112
		return PTR_ERR(cipher);

113


114
	code = krb5_rc4_setup_seq_key(kctx, cipher, cksum);

115
	if (code)

116
		goto out;

117


118
	code = krb5_decrypt(cipher, cksum, buf, plain, 8);

119
	if (code)

120
		goto out;

121


122
	if ((plain[4] != plain[5]) || (plain[4] != plain[6])

123
				   || (plain[4] != plain[7])) {

124
		code = (s32)KG_BAD_SEQ;

125
		goto out;

126
	}

127


128
	*direction = plain[4];

129


130
	*seqnum = ((plain[0] << 24) | (plain[1] << 16) |

131
					(plain[2] << 8) | (plain[3]));

132
out:

133
	crypto_free_blkcipher(cipher);

134
	return code;

135
}

136


137
s32

138
krb5_get_seq_num(struct krb5_ctx *kctx,

139
	       unsigned char *cksum,

140
	       unsigned char *buf,

141
	       int *direction, u32 *seqnum)

142
{

143
	s32 code;

144
	unsigned char plain[8];

145
	struct crypto_blkcipher *key = kctx->seq;

146


147
	dprintk("RPC:       krb5_get_seq_num:\n");

148


149
	if (kctx->enctype == ENCTYPE_ARCFOUR_HMAC)

150
		return krb5_get_rc4_seq_num(kctx, cksum, buf,

151
					    direction, seqnum);

152


153
	if ((code = krb5_decrypt(key, cksum, buf, plain, 8)))

154
		return code;

155


156
	if ((plain[4] != plain[5]) || (plain[4] != plain[6]) ||

157
	    (plain[4] != plain[7]))

158
		return (s32)KG_BAD_SEQ;

159


160
	*direction = plain[4];

161


162
	*seqnum = ((plain[0]) |

163
		   (plain[1] << 8) | (plain[2] << 16) | (plain[3] << 24));

164


165
	return 0;

166
}

167


168