bsd/nfs/nfs_gss.c

172  * is 128 bytes or greater, then it uses two bytes, three bytes
174  * separate from the data, the size is always the same: 35 bytes (0x23).
177  * field may be two, three or four bytes.
644 		nfsm_chain_add_32(error, &nmc_tmp, random());	// confounder bytes 1-4
645 		nfsm_chain_add_32(error, &nmc_tmp, random());	// confounder bytes 4-8
659 		 * needs to be padded either by 4 bytes or 8 bytes.
814 		 * - length of seq num + results (4 bytes)
815 		 * - sequence number (4 bytes)
816 		 * - results (variable bytes)
818 		 * - checksum of seqnum + results (37 bytes)
874 		 * - wrap token (37-40 bytes)
875 		 * - confounder (8 bytes)
876 		 * - sequence number (4 bytes)
983 		 * The arglen includes 8 bytes of confounder and 4 bytes of seqnum.
984 		 * Finally, we remove between 4 and 8 bytes of encryption padding
1652 			printf("nfs_gss_clnt_gssd_upcall: could not allocate %d bytes\n", otokenlen);
2510 			 * - length of seq num + call args (4 bytes)
2511 			 * - sequence number (4 bytes)
2512 			 * - call args (variable bytes)
2514 			 * - checksum of seqnum + call args (37 bytes)
2566 			 * - wrap token (37-40 bytes)
2567 			 * - confounder (8 bytes)
2568 			 * - sequence number (4 bytes)
2723 		nfsm_chain_add_32(error, nmc, random());	// confounder bytes 1-4
2724 		nfsm_chain_add_32(error, nmc, random());	// confounder bytes 5-8
2786 		 * needs to be padded either by 4 bytes or 8 bytes.
3064 			printf("nfs_gss_svc_gssd_upcall: could not allocate %d bytes\n", otokenlen);
3351 	 * The alg string encodes the bytes to represent either
3360 	 * of sequence number followed by 4 bytes of direction
3526  * Return the number of bytes in an mbuf chain.
3605 	int left, bytes;
3611 	 * Logically prepend the first 8 bytes of the algorithm
3619 	 * we've done len bytes.
3635 		bytes = left < len ? left : len;
3636 		if (bytes > 0)
3637 			gss_digest_Update(&context, ptr, bytes);
3638 		len -= bytes;
3684 	 * Logically prepend the first 8 bytes of the MIC
3718 	 * we've done len bytes.
3736 		 * DES or DES3 CBC has to encrypt 8 bytes at a time.
3737 		 * If the number of bytes to be encrypted in this
3738 		 * mbuf isn't some multiple of 8 bytes, encrypt all
3740 		 * bytes with enough from the next mbuf to make up