Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/sys/kgssapi/krb5/kcrypto.h
39507 views
1
/*-

2
 * SPDX-License-Identifier: BSD-2-Clause

3
 *

4
 * Copyright (c) 2008 Isilon Inc http://www.isilon.com/

5
 * Authors: Doug Rabson <[email protected]>

6
 * Developed with Red Inc: Alfred Perlstein <[email protected]>

7
 *

8
 * Redistribution and use in source and binary forms, with or without

9
 * modification, are permitted provided that the following conditions

10
 * are met:

11
 * 1. Redistributions of source code must retain the above copyright

12
 *    notice, this list of conditions and the following disclaimer.

13
 * 2. Redistributions in binary form must reproduce the above copyright

14
 *    notice, this list of conditions and the following disclaimer in the

15
 *    documentation and/or other materials provided with the distribution.

16
 *

17
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

18
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

19
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

20
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

21
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

22
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

23
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

24
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

25
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

26
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

27
 * SUCH DAMAGE.

28
 */

29


30
#include <sys/_iovec.h>

31


32
#define ETYPE_NULL		0

33
#define ETYPE_DES_CBC_CRC	1

34
#define ETYPE_DES_CBC_MD4	2

35
#define ETYPE_DES_CBC_MD5	3

36
#define ETYPE_DES3_CBC_MD5	5

37
#define ETYPE_OLD_DES3_CBC_SHA1	7

38
#define ETYPE_DES3_CBC_SHA1	16

39
#define ETYPE_AES128_CTS_HMAC_SHA1_96 17

40
#define ETYPE_AES256_CTS_HMAC_SHA1_96 18

41
#define ETYPE_ARCFOUR_HMAC_MD5	23

42
#define ETYPE_ARCFOUR_HMAC_MD5_56 24

43


44
/*

45
 * Key usages for des3-cbc-sha1 tokens

46
 */

47
#define KG_USAGE_SEAL		22

48
#define KG_USAGE_SIGN		23

49
#define KG_USAGE_SEQ		24

50


51
/*

52
 * Key usages for RFC4121 tokens

53
 */

54
#define KG_USAGE_ACCEPTOR_SEAL	22

55
#define KG_USAGE_ACCEPTOR_SIGN	23

56
#define KG_USAGE_INITIATOR_SEAL	24

57
#define KG_USAGE_INITIATOR_SIGN	25

58


59
struct krb5_key_state;

60


61
typedef void init_func(struct krb5_key_state *ks);

62
typedef void destroy_func(struct krb5_key_state *ks);

63
typedef void set_key_func(struct krb5_key_state *ks, const void *in);

64
typedef void random_to_key_func(struct krb5_key_state *ks, const void *in);

65
typedef void encrypt_func(const struct krb5_key_state *ks,

66
    struct mbuf *inout, size_t skip, size_t len, void *ivec, size_t ivlen);

67
typedef void checksum_func(const struct krb5_key_state *ks, int usage,

68
    struct mbuf *inout, size_t skip, size_t inlen, size_t outlen);

69


70
struct krb5_encryption_class {

71
	const char		*ec_name;

72
	int			ec_type;

73
	int			ec_flags;

74
#define EC_DERIVED_KEYS		1

75
	size_t			ec_blocklen;

76
	size_t			ec_msgblocklen;

77
	size_t			ec_checksumlen;

78
	size_t			ec_keybits;	/* key length in bits */

79
	size_t			ec_keylen;	/* size of key in memory */

80
	init_func		*ec_init;

81
	destroy_func		*ec_destroy;

82
	set_key_func		*ec_set_key;

83
	random_to_key_func	*ec_random_to_key;

84
	encrypt_func		*ec_encrypt;

85
	encrypt_func		*ec_decrypt;

86
	checksum_func		*ec_checksum;

87
};

88


89
struct krb5_key_state {

90
	const struct krb5_encryption_class *ks_class;

91
	volatile u_int		ks_refs;

92
	void			*ks_key;

93
	void			*ks_priv;

94
};

95


96
extern struct krb5_encryption_class krb5_aes128_encryption_class;

97
extern struct krb5_encryption_class krb5_aes256_encryption_class;

98


99
static __inline void

100
krb5_set_key(struct krb5_key_state *ks, const void *keydata)

101
{

102


103
	ks->ks_class->ec_set_key(ks, keydata);

104
}

105


106
static __inline void

107
krb5_random_to_key(struct krb5_key_state *ks, const void *keydata)

108
{

109


110
	ks->ks_class->ec_random_to_key(ks, keydata);

111
}

112


113
static __inline void

114
krb5_encrypt(const struct krb5_key_state *ks, struct mbuf *inout,

115
    size_t skip, size_t len, void *ivec, size_t ivlen)

116
{

117


118
	ks->ks_class->ec_encrypt(ks, inout, skip, len, ivec, ivlen);

119
}

120


121
static __inline void

122
krb5_decrypt(const struct krb5_key_state *ks, struct mbuf *inout,

123
    size_t skip, size_t len, void *ivec, size_t ivlen)

124
{

125


126
	ks->ks_class->ec_decrypt(ks, inout, skip, len, ivec, ivlen);

127
}

128


129
static __inline void

130
krb5_checksum(const struct krb5_key_state *ks, int usage,

131
    struct mbuf *inout, size_t skip, size_t inlen, size_t outlen)

132
{

133


134
	ks->ks_class->ec_checksum(ks, usage, inout, skip, inlen, outlen);

135
}

136


137
extern struct krb5_encryption_class *

138
	krb5_find_encryption_class(int etype);

139
extern struct krb5_key_state *

140
	krb5_create_key(const struct krb5_encryption_class *ec);

141
extern void krb5_free_key(struct krb5_key_state *ks);

142
extern struct krb5_key_state *

143
	krb5_derive_key(struct krb5_key_state *inkey,

144
	    void *constant, size_t constantlen);

145
extern struct krb5_key_state *

146
	krb5_get_encryption_key(struct krb5_key_state *basekey, int usage);

147
extern struct krb5_key_state *

148
	krb5_get_integrity_key(struct krb5_key_state *basekey, int usage);

149
extern struct krb5_key_state *

150
	krb5_get_checksum_key(struct krb5_key_state *basekey, int usage);

151


152