Lines Matching refs:ki
125 #define HASHLEN(ki) (((ki)->hash_len > MAX_DIGEST) ? \
126 (panic("nfs_gss.c:%d ki->hash_len is invalid = %d\n", __LINE__, (ki)->hash_len), MAX_DIGEST) : (ki)->hash_len)
128 #define HASHLEN(ki) (((ki)->hash_len > MAX_DIGEST) ? \
129 (printf("nfs_gss.c:%d ki->hash_len is invalid = %d\n", __LINE__, (ki)->hash_len), MAX_DIGEST) : (ki)->hash_len)
158 #define ALG_MIC(ki) (((ki)->type == NFS_GSS_1DES) ? krb5_mic : krb5_mic3)
159 #define ALG_WRAP(ki) (((ki)->type == NFS_GSS_1DES) ? krb5_wrap : krb5_wrap3)
206 static int nfs_gss_token_get(gss_key_info *ki, u_char *, u_char *, int, uint32_t *, u_char *);
207 static int nfs_gss_token_put(gss_key_info *ki, u_char *, u_char *, int, int, u_char *);
428 gss_key_info *ki;
490 ki = &cp->gss_clnt_kinfo;
561 nfs_gss_cksum_chain(ki, nmc, ALG_MIC(ki), offset, 0, cksum);
563 toklen = nfs_gss_token_put(ki, ALG_MIC(ki), tokbuf, 1, 0, cksum);
593 nfs_gss_cksum_chain(ki, nmc, ALG_MIC(ki), start, len, cksum);
596 toklen = nfs_gss_token_put(ki, ALG_MIC(ki), tokbuf, 1, 0, cksum);
634 nfs_gss_cksum_chain(ki, &nmc_tmp, ALG_WRAP(ki), 0, len, cksum);
637 toklen = nfs_gss_token_put(ki, ALG_WRAP(ki), tokbuf, 1, len, cksum);
647 nfs_gss_encrypt_chain(ki, &nmc_tmp, 0, len, DES_ENCRYPT);
685 gss_key_info *ki = &cp->gss_clnt_kinfo;
730 if (verflen != KRB5_SZ_TOKEN(ki->hash_len))
740 error = nfs_gss_token_get(ki, ALG_MIC(ki), tokbuf, 0, NULL, cksum1);
750 nfs_gss_cksum_rep(ki, gsp->gss_seqnum, cksum2);
751 if (bcmp(cksum1, cksum2, HASHLEN(ki)) == 0)
790 nfs_gss_cksum_chain(ki, nmc, ALG_MIC(ki), start, reslen, cksum1);
814 if (cksumlen != KRB5_SZ_TOKEN(ki->hash_len)) {
821 error = nfs_gss_token_get(ki, ALG_MIC(ki), tokbuf, 0, NULL, cksum2);
826 if (bcmp(cksum1, cksum2, HASHLEN(ki)) != 0) {
848 nfsm_chain_get_opaque(error, nmc, KRB5_SZ_TOKMAX(ki->hash_len), tokbuf);
851 error = nfs_gss_token_get(ki, ALG_WRAP(ki), tokbuf, 0,
860 nfs_gss_encrypt_chain(ki, nmc, start, reslen, DES_DECRYPT);
863 nfs_gss_cksum_chain(ki, nmc, ALG_WRAP(ki), start, reslen, cksum2);
866 if (bcmp(cksum1, cksum2, HASHLEN(ki)) != 0) {
983 gss_key_info *ki = &cp->gss_clnt_kinfo;
1067 nfs_gss_cksum_rep(ki, cp->gss_clnt_seqwin, cksum1);
1073 error = nfs_gss_token_get(ki, ALG_MIC(ki), cp->gss_clnt_verf, 0,
1078 if (error || bcmp(cksum1, cksum2, HASHLEN(ki)) != 0) {
1947 gss_key_info *ki;
2027 ki = &cp->gss_svc_kinfo;
2049 nfs_gss_cksum_chain(ki, nmc, ALG_MIC(ki), 0, 0, cksum1);
2063 if (flavor != RPCSEC_GSS || verflen != KRB5_SZ_TOKEN(ki->hash_len))
2070 error = nfs_gss_token_get(ki, ALG_MIC(ki), tokbuf, 1,
2075 if (bcmp(cksum1, cksum2, HASHLEN(ki)) != 0) {
2124 nfs_gss_cksum_chain(ki, nmc, ALG_MIC(ki), start, arglen, cksum1);
2145 if (cksumlen != KRB5_SZ_TOKEN(ki->hash_len)) {
2152 error = nfs_gss_token_get(ki, ALG_MIC(ki), tokbuf, 1,
2156 if (error || bcmp(cksum1, cksum2, HASHLEN(ki)) != 0) {
2178 nfsm_chain_get_opaque(error, nmc, KRB5_SZ_TOKMAX(ki->hash_len), tokbuf);
2181 error = nfs_gss_token_get(ki, ALG_WRAP(ki), tokbuf, 1,
2190 nfs_gss_encrypt_chain(ki, nmc, start, arglen, DES_DECRYPT);
2193 nfs_gss_cksum_chain(ki, nmc, ALG_WRAP(ki), start, arglen, cksum2);
2196 if (bcmp(cksum1, cksum2, HASHLEN(ki)) != 0) {
2255 gss_key_info *ki;
2258 ki = &cp->gss_svc_kinfo;
2278 nfs_gss_cksum_rep(ki, cp->gss_svc_seqwin, cksum);
2280 nfs_gss_cksum_rep(ki, nd->nd_gss_seqnum, cksum);
2285 toklen = nfs_gss_token_put(ki, ALG_MIC(ki), tokbuf, 0, 0, cksum);
2347 gss_key_info *ki = &cp->gss_svc_kinfo;
2374 nfs_gss_cksum_mchain(ki, results, ALG_MIC(ki), 0, reslen, cksum);
2377 toklen = nfs_gss_token_put(ki, ALG_MIC(ki), tokbuf, 0, 0, cksum);
2399 nfs_gss_cksum_mchain(ki, results, ALG_WRAP(ki), 0, reslen, cksum);
2402 toklen = nfs_gss_token_put(ki, ALG_WRAP(ki), tokbuf, 0, reslen, cksum);
2411 nfs_gss_encrypt_mchain(ki, results, 0, reslen, DES_ENCRYPT);
2909 gss_key_info *ki,
2928 toklen = KRB5_SZ_MECH + KRB5_SZ_ALG + KRB5_SZ_SEQ + HASHLEN(ki);
2970 gss_des_crypt(ki, (des_cblock *) plain, (des_cblock *) p, 8,
2980 bcopy(cksum, p, HASHLEN(ki));
2981 p += HASHLEN(ki);
3048 gss_key_info *ki,
3090 gss_des_crypt(ki, (des_cblock *)p, (des_cblock *) plain, 8,
3108 bcopy(p, cksum, HASHLEN(ki));
3109 p += HASHLEN(ki);
3188 gss_key_info *ki,
3200 gss_digest_Init(&context, ki);
3245 gss_key_info *ki,
3260 return (nfs_gss_cksum_mchain(ki, nmc->nmc_mhead, alg, offset, len, cksum));
3268 nfs_gss_cksum_rep(gss_key_info *ki, uint32_t seqnum, u_char *cksum)
3273 gss_digest_Init(&context, ki);
3279 gss_digest_Update(&context, ALG_MIC(ki), KRB5_SZ_ALG);
3293 gss_key_info *ki,
3340 gss_des_crypt(ki, (des_cblock *) ptr, (des_cblock *) ptr,
3350 gss_des_crypt(ki, (des_cblock *) tmp, (des_cblock *) tmp, 8,
3364 gss_key_info *ki,
3378 return (nfs_gss_encrypt_mchain(ki, nmc->nmc_mhead, offset, len, encrypt));
3386 gss_digest_Init(GSS_DIGEST_CTX *ctx, gss_key_info *ki)
3388 ctx->type = ki->type;
3389 switch (ki->type) {
3390 case NFS_GSS_1DES: MD5_DESCBC_Init(&ctx->m_ctx, &ki->ks_u.des.gss_sched);
3392 case NFS_GSS_3DES: HMAC_SHA1_DES3KD_Init(&ctx->h_ctx, ki->ks_u.des3.ckey, 0);
3395 printf("gss_digest_Init: Unknown key info type %d\n", ki->type);
3422 gss_des_crypt(gss_key_info *ki, des_cblock *in, des_cblock *out,
3425 switch (ki->type) {
3429 &ki->ks_u.des.gss_sched_Ke :
3430 &ki->ks_u.des.gss_sched);
3436 des3_cbc_encrypt(in, out, len, &ki->ks_u.des3.gss_sched, iv, retiv, encrypt);
3442 gss_key_init(gss_key_info *ki, uint32_t skeylen)
3448 ki->keybytes = skeylen;
3451 ki->type = NFS_GSS_1DES;
3452 ki->hash_len = MD5_DESCBC_DIGEST_LENGTH;
3453 ki->ks_u.des.key = (des_cblock *)ki->skey;
3454 rc = des_cbc_key_sched(ki->ks_u.des.key, &ki->ks_u.des.gss_sched);
3457 for (i = 0; i < ki->keybytes; i++)
3458 k[0][i] = 0xf0 ^ (*ki->ks_u.des.key)[i];
3459 rc = des_cbc_key_sched(&k[0], &ki->ks_u.des.gss_sched_Ke);
3462 ki->type = NFS_GSS_3DES;
3463 ki->hash_len = SHA_DIGEST_LENGTH;
3464 ki->ks_u.des3.key = (des_cblock (*)[3])ki->skey;
3465 des3_derive_key(*ki->ks_u.des3.key, ki->ks_u.des3.ckey,
3467 rc = des3_cbc_key_sched(*ki->ks_u.des3.key, &ki->ks_u.des3.gss_sched);