1/* SPDX-License-Identifier: GPL-2.0 or BSD-3-Clause */ 2/* 3 * SunRPC GSS Kerberos 5 mechanism internal definitions 4 * 5 * Copyright (c) 2022 Oracle and/or its affiliates. 6 */ 7 8#ifndef _NET_SUNRPC_AUTH_GSS_KRB5_INTERNAL_H 9#define _NET_SUNRPC_AUTH_GSS_KRB5_INTERNAL_H 10 11/* 12 * The RFCs often specify payload lengths in bits. This helper 13 * converts a specified bit-length to the number of octets/bytes. 14 */ 15#define BITS2OCTETS(x) ((x) / 8) 16 17struct krb5_ctx; 18 19struct gss_krb5_enctype { 20 const u32 etype; /* encryption (key) type */ 21 const u32 ctype; /* checksum type */ 22 const char *name; /* "friendly" name */ 23 const char *encrypt_name; /* crypto encrypt name */ 24 const char *aux_cipher; /* aux encrypt cipher name */ 25 const char *cksum_name; /* crypto checksum name */ 26 const u16 signalg; /* signing algorithm */ 27 const u16 sealalg; /* sealing algorithm */ 28 const u32 cksumlength; /* checksum length */ 29 const u32 keyed_cksum; /* is it a keyed cksum? */ 30 const u32 keybytes; /* raw key len, in bytes */ 31 const u32 keylength; /* protocol key length, in octets */ 32 const u32 Kc_length; /* checksum subkey length, in octets */ 33 const u32 Ke_length; /* encryption subkey length, in octets */ 34 const u32 Ki_length; /* integrity subkey length, in octets */ 35 36 int (*derive_key)(const struct gss_krb5_enctype *gk5e, 37 const struct xdr_netobj *in, 38 struct xdr_netobj *out, 39 const struct xdr_netobj *label, 40 gfp_t gfp_mask); 41 u32 (*encrypt)(struct krb5_ctx *kctx, u32 offset, 42 struct xdr_buf *buf, struct page **pages); 43 u32 (*decrypt)(struct krb5_ctx *kctx, u32 offset, u32 len, 44 struct xdr_buf *buf, u32 *headskip, u32 *tailskip); 45 u32 (*get_mic)(struct krb5_ctx *kctx, struct xdr_buf *text, 46 struct xdr_netobj *token); 47 u32 (*verify_mic)(struct krb5_ctx *kctx, struct xdr_buf *message_buffer, 48 struct xdr_netobj *read_token); 49 u32 (*wrap)(struct krb5_ctx *kctx, int offset, 50 struct xdr_buf *buf, struct page **pages); 51 u32 (*unwrap)(struct krb5_ctx *kctx, int offset, int len, 52 struct xdr_buf *buf, unsigned int *slack, 53 unsigned int *align); 54}; 55 56/* krb5_ctx flags definitions */ 57#define KRB5_CTX_FLAG_INITIATOR 0x00000001 58#define KRB5_CTX_FLAG_ACCEPTOR_SUBKEY 0x00000004 59 60struct krb5_ctx { 61 int initiate; /* 1 = initiating, 0 = accepting */ 62 u32 enctype; 63 u32 flags; 64 const struct gss_krb5_enctype *gk5e; /* enctype-specific info */ 65 struct crypto_sync_skcipher *enc; 66 struct crypto_sync_skcipher *seq; 67 struct crypto_sync_skcipher *acceptor_enc; 68 struct crypto_sync_skcipher *initiator_enc; 69 struct crypto_sync_skcipher *acceptor_enc_aux; 70 struct crypto_sync_skcipher *initiator_enc_aux; 71 struct crypto_ahash *acceptor_sign; 72 struct crypto_ahash *initiator_sign; 73 struct crypto_ahash *initiator_integ; 74 struct crypto_ahash *acceptor_integ; 75 u8 Ksess[GSS_KRB5_MAX_KEYLEN]; /* session key */ 76 u8 cksum[GSS_KRB5_MAX_KEYLEN]; 77 atomic_t seq_send; 78 atomic64_t seq_send64; 79 time64_t endtime; 80 struct xdr_netobj mech_used; 81}; 82 83/* 84 * GSS Kerberos 5 mechanism Per-Message calls. 85 */ 86 87u32 gss_krb5_get_mic_v2(struct krb5_ctx *ctx, struct xdr_buf *text, 88 struct xdr_netobj *token); 89 90u32 gss_krb5_verify_mic_v2(struct krb5_ctx *ctx, struct xdr_buf *message_buffer, 91 struct xdr_netobj *read_token); 92 93u32 gss_krb5_wrap_v2(struct krb5_ctx *kctx, int offset, 94 struct xdr_buf *buf, struct page **pages); 95 96u32 gss_krb5_unwrap_v2(struct krb5_ctx *kctx, int offset, int len, 97 struct xdr_buf *buf, unsigned int *slack, 98 unsigned int *align); 99 100/* 101 * Implementation internal functions 102 */ 103 104/* Key Derivation Functions */ 105 106int krb5_derive_key_v2(const struct gss_krb5_enctype *gk5e, 107 const struct xdr_netobj *inkey, 108 struct xdr_netobj *outkey, 109 const struct xdr_netobj *label, 110 gfp_t gfp_mask); 111 112int krb5_kdf_hmac_sha2(const struct gss_krb5_enctype *gk5e, 113 const struct xdr_netobj *inkey, 114 struct xdr_netobj *outkey, 115 const struct xdr_netobj *in_constant, 116 gfp_t gfp_mask); 117 118int krb5_kdf_feedback_cmac(const struct gss_krb5_enctype *gk5e, 119 const struct xdr_netobj *inkey, 120 struct xdr_netobj *outkey, 121 const struct xdr_netobj *in_constant, 122 gfp_t gfp_mask); 123 124/** 125 * krb5_derive_key - Derive a subkey from a protocol key 126 * @kctx: Kerberos 5 context 127 * @inkey: base protocol key 128 * @outkey: OUT: derived key 129 * @usage: key usage value 130 * @seed: key usage seed (one octet) 131 * @gfp_mask: memory allocation control flags 132 * 133 * Caller sets @outkey->len to the desired length of the derived key. 134 * 135 * On success, returns 0 and fills in @outkey. A negative errno value 136 * is returned on failure. 137 */ 138static inline int krb5_derive_key(struct krb5_ctx *kctx, 139 const struct xdr_netobj *inkey, 140 struct xdr_netobj *outkey, 141 u32 usage, u8 seed, gfp_t gfp_mask) 142{ 143 const struct gss_krb5_enctype *gk5e = kctx->gk5e; 144 u8 label_data[GSS_KRB5_K5CLENGTH]; 145 struct xdr_netobj label = { 146 .len = sizeof(label_data), 147 .data = label_data, 148 }; 149 __be32 *p = (__be32 *)label_data; 150 151 *p = cpu_to_be32(usage); 152 label_data[4] = seed; 153 return gk5e->derive_key(gk5e, inkey, outkey, &label, gfp_mask); 154} 155 156void krb5_make_confounder(u8 *p, int conflen); 157 158u32 make_checksum(struct krb5_ctx *kctx, char *header, int hdrlen, 159 struct xdr_buf *body, int body_offset, u8 *cksumkey, 160 unsigned int usage, struct xdr_netobj *cksumout); 161 162u32 gss_krb5_checksum(struct crypto_ahash *tfm, char *header, int hdrlen, 163 const struct xdr_buf *body, int body_offset, 164 struct xdr_netobj *cksumout); 165 166u32 krb5_encrypt(struct crypto_sync_skcipher *key, void *iv, void *in, 167 void *out, int length); 168 169u32 krb5_decrypt(struct crypto_sync_skcipher *key, void *iv, void *in, 170 void *out, int length); 171 172int xdr_extend_head(struct xdr_buf *buf, unsigned int base, 173 unsigned int shiftlen); 174 175int gss_encrypt_xdr_buf(struct crypto_sync_skcipher *tfm, 176 struct xdr_buf *outbuf, int offset, 177 struct page **pages); 178 179int gss_decrypt_xdr_buf(struct crypto_sync_skcipher *tfm, 180 struct xdr_buf *inbuf, int offset); 181 182u32 gss_krb5_aes_encrypt(struct krb5_ctx *kctx, u32 offset, 183 struct xdr_buf *buf, struct page **pages); 184 185u32 gss_krb5_aes_decrypt(struct krb5_ctx *kctx, u32 offset, u32 len, 186 struct xdr_buf *buf, u32 *plainoffset, u32 *plainlen); 187 188u32 krb5_etm_encrypt(struct krb5_ctx *kctx, u32 offset, struct xdr_buf *buf, 189 struct page **pages); 190 191u32 krb5_etm_decrypt(struct krb5_ctx *kctx, u32 offset, u32 len, 192 struct xdr_buf *buf, u32 *headskip, u32 *tailskip); 193 194#if IS_ENABLED(CONFIG_KUNIT) 195void krb5_nfold(u32 inbits, const u8 *in, u32 outbits, u8 *out); 196const struct gss_krb5_enctype *gss_krb5_lookup_enctype(u32 etype); 197int krb5_cbc_cts_encrypt(struct crypto_sync_skcipher *cts_tfm, 198 struct crypto_sync_skcipher *cbc_tfm, u32 offset, 199 struct xdr_buf *buf, struct page **pages, 200 u8 *iv, unsigned int ivsize); 201int krb5_cbc_cts_decrypt(struct crypto_sync_skcipher *cts_tfm, 202 struct crypto_sync_skcipher *cbc_tfm, 203 u32 offset, struct xdr_buf *buf); 204u32 krb5_etm_checksum(struct crypto_sync_skcipher *cipher, 205 struct crypto_ahash *tfm, const struct xdr_buf *body, 206 int body_offset, struct xdr_netobj *cksumout); 207#endif 208 209#endif /* _NET_SUNRPC_AUTH_GSS_KRB5_INTERNAL_H */ 210