search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Complete the renaming to TuxOnIce with function names, vars etc.
[linux-2.6/suspend2-head.git] / net / sunrpc / auth_gss / gss_krb5_crypto.c
blobf441aa0b26dcebb879daea6b2c3e42eccd0584bb
1 /*
2 * linux/net/sunrpc/gss_krb5_crypto.c
3 *
4 * Copyright (c) 2000 The Regents of the University of Michigan.
5 * All rights reserved.
6 *
7 * Andy Adamson <andros@umich.edu>
8 * Bruce Fields <bfields@umich.edu>
9 */
10
11 /*
12 * Copyright (C) 1998 by the FundsXpress, INC.
13 *
14 * All rights reserved.
15 *
16 * Export of this software from the United States of America may require
17 * a specific license from the United States Government. It is the
18 * responsibility of any person or organization contemplating export to
19 * obtain such a license before exporting.
20 *
21 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
22 * distribute this software and its documentation for any purpose and
23 * without fee is hereby granted, provided that the above copyright
24 * notice appear in all copies and that both that copyright notice and
25 * this permission notice appear in supporting documentation, and that
26 * the name of FundsXpress. not be used in advertising or publicity pertaining
27 * to distribution of the software without specific, written prior
28 * permission. FundsXpress makes no representations about the suitability of
29 * this software for any purpose. It is provided "as is" without express
30 * or implied warranty.
31 *
32 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
33 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
34 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
35 */
36
37 #include <linux/err.h>
38 #include <linux/types.h>
39 #include <linux/mm.h>
40 #include <linux/slab.h>
41 #include <linux/scatterlist.h>
42 #include <linux/crypto.h>
43 #include <linux/highmem.h>
44 #include <linux/pagemap.h>
45 #include <linux/sunrpc/gss_krb5.h>
46 #include <linux/sunrpc/xdr.h>
47
48 #ifdef RPC_DEBUG
49 # define RPCDBG_FACILITY RPCDBG_AUTH
50 #endif
51
52 u32
53 krb5_encrypt(
54 struct crypto_blkcipher *tfm,
55 void * iv,
56 void * in,
57 void * out,
58 int length)
59 {
60 u32 ret = -EINVAL;
61 struct scatterlist sg[1];
62 u8 local_iv[16] = {0};
63 struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv };
64
65 if (length % crypto_blkcipher_blocksize(tfm) != 0)
66 goto out;
67
68 if (crypto_blkcipher_ivsize(tfm) > 16) {
69 dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n",
70 crypto_blkcipher_ivsize(tfm));
71 goto out;
72 }
73
74 if (iv)
75 memcpy(local_iv, iv, crypto_blkcipher_ivsize(tfm));
76
77 memcpy(out, in, length);
78 sg_set_buf(sg, out, length);
79
80 ret = crypto_blkcipher_encrypt_iv(&desc, sg, sg, length);
81 out:
82 dprintk("RPC: krb5_encrypt returns %d\n", ret);
83 return ret;
84 }
85
86 EXPORT_SYMBOL(krb5_encrypt);
87
88 u32
89 krb5_decrypt(
90 struct crypto_blkcipher *tfm,
91 void * iv,
92 void * in,
93 void * out,
94 int length)
95 {
96 u32 ret = -EINVAL;
97 struct scatterlist sg[1];
98 u8 local_iv[16] = {0};
99 struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv };
100
101 if (length % crypto_blkcipher_blocksize(tfm) != 0)
102 goto out;
103
104 if (crypto_blkcipher_ivsize(tfm) > 16) {
105 dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n",
106 crypto_blkcipher_ivsize(tfm));
107 goto out;
108 }
109 if (iv)
110 memcpy(local_iv,iv, crypto_blkcipher_ivsize(tfm));
111
112 memcpy(out, in, length);
113 sg_set_buf(sg, out, length);
114
115 ret = crypto_blkcipher_decrypt_iv(&desc, sg, sg, length);
116 out:
117 dprintk("RPC: gss_k5decrypt returns %d\n",ret);
118 return ret;
119 }
120
121 EXPORT_SYMBOL(krb5_decrypt);
122
123 static int
124 checksummer(struct scatterlist *sg, void *data)
125 {
126 struct hash_desc *desc = data;
127
128 return crypto_hash_update(desc, sg, sg->length);
129 }
130
131 /* checksum the plaintext data and hdrlen bytes of the token header */
132 s32
133 make_checksum(char *cksumname, char *header, int hdrlen, struct xdr_buf *body,
134 int body_offset, struct xdr_netobj *cksum)
135 {
136 struct hash_desc desc; /* XXX add to ctx? */
137 struct scatterlist sg[1];
138 int err;
139
140 desc.tfm = crypto_alloc_hash(cksumname, 0, CRYPTO_ALG_ASYNC);
141 if (IS_ERR(desc.tfm))
142 return GSS_S_FAILURE;
143 cksum->len = crypto_hash_digestsize(desc.tfm);
144 desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
145
146 err = crypto_hash_init(&desc);
147 if (err)
148 goto out;
149 sg_set_buf(sg, header, hdrlen);
150 err = crypto_hash_update(&desc, sg, hdrlen);
151 if (err)
152 goto out;
153 err = xdr_process_buf(body, body_offset, body->len - body_offset,
154 checksummer, &desc);
155 if (err)
156 goto out;
157 err = crypto_hash_final(&desc, cksum->data);
158
159 out:
160 crypto_free_hash(desc.tfm);
161 return err ? GSS_S_FAILURE : 0;
162 }
163
164 EXPORT_SYMBOL(make_checksum);
165
166 struct encryptor_desc {
167 u8 iv[8]; /* XXX hard-coded blocksize */
168 struct blkcipher_desc desc;
169 int pos;
170 struct xdr_buf *outbuf;
171 struct page **pages;
172 struct scatterlist infrags[4];
173 struct scatterlist outfrags[4];
174 int fragno;
175 int fraglen;
176 };
177
178 static int
179 encryptor(struct scatterlist *sg, void *data)
180 {
181 struct encryptor_desc *desc = data;
182 struct xdr_buf *outbuf = desc->outbuf;
183 struct page *in_page;
184 int thislen = desc->fraglen + sg->length;
185 int fraglen, ret;
186 int page_pos;
187
188 /* Worst case is 4 fragments: head, end of page 1, start
189 * of page 2, tail. Anything more is a bug. */
190 BUG_ON(desc->fragno > 3);
191 desc->infrags[desc->fragno] = *sg;
192 desc->outfrags[desc->fragno] = *sg;
193
194 page_pos = desc->pos - outbuf->head[0].iov_len;
195 if (page_pos >= 0 && page_pos < outbuf->page_len) {
196 /* pages are not in place: */
197 int i = (page_pos + outbuf->page_base) >> PAGE_CACHE_SHIFT;
198 in_page = desc->pages[i];
199 } else {
200 in_page = sg->page;
201 }
202 desc->infrags[desc->fragno].page = in_page;
203 desc->fragno++;
204 desc->fraglen += sg->length;
205 desc->pos += sg->length;
206
207 fraglen = thislen & 7; /* XXX hardcoded blocksize */
208 thislen -= fraglen;
209
210 if (thislen == 0)
211 return 0;
212
213 ret = crypto_blkcipher_encrypt_iv(&desc->desc, desc->outfrags,
214 desc->infrags, thislen);
215 if (ret)
216 return ret;
217 if (fraglen) {
218 desc->outfrags[0].page = sg->page;
219 desc->outfrags[0].offset = sg->offset + sg->length - fraglen;
220 desc->outfrags[0].length = fraglen;
221 desc->infrags[0] = desc->outfrags[0];
222 desc->infrags[0].page = in_page;
223 desc->fragno = 1;
224 desc->fraglen = fraglen;
225 } else {
226 desc->fragno = 0;
227 desc->fraglen = 0;
228 }
229 return 0;
230 }
231
232 int
233 gss_encrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf,
234 int offset, struct page **pages)
235 {
236 int ret;
237 struct encryptor_desc desc;
238
239 BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0);
240
241 memset(desc.iv, 0, sizeof(desc.iv));
242 desc.desc.tfm = tfm;
243 desc.desc.info = desc.iv;
244 desc.desc.flags = 0;
245 desc.pos = offset;
246 desc.outbuf = buf;
247 desc.pages = pages;
248 desc.fragno = 0;
249 desc.fraglen = 0;
250
251 ret = xdr_process_buf(buf, offset, buf->len - offset, encryptor, &desc);
252 return ret;
253 }
254
255 EXPORT_SYMBOL(gss_encrypt_xdr_buf);
256
257 struct decryptor_desc {
258 u8 iv[8]; /* XXX hard-coded blocksize */
259 struct blkcipher_desc desc;
260 struct scatterlist frags[4];
261 int fragno;
262 int fraglen;
263 };
264
265 static int
266 decryptor(struct scatterlist *sg, void *data)
267 {
268 struct decryptor_desc *desc = data;
269 int thislen = desc->fraglen + sg->length;
270 int fraglen, ret;
271
272 /* Worst case is 4 fragments: head, end of page 1, start
273 * of page 2, tail. Anything more is a bug. */
274 BUG_ON(desc->fragno > 3);
275 desc->frags[desc->fragno] = *sg;
276 desc->fragno++;
277 desc->fraglen += sg->length;
278
279 fraglen = thislen & 7; /* XXX hardcoded blocksize */
280 thislen -= fraglen;
281
282 if (thislen == 0)
283 return 0;
284
285 ret = crypto_blkcipher_decrypt_iv(&desc->desc, desc->frags,
286 desc->frags, thislen);
287 if (ret)
288 return ret;
289 if (fraglen) {
290 desc->frags[0].page = sg->page;
291 desc->frags[0].offset = sg->offset + sg->length - fraglen;
292 desc->frags[0].length = fraglen;
293 desc->fragno = 1;
294 desc->fraglen = fraglen;
295 } else {
296 desc->fragno = 0;
297 desc->fraglen = 0;
298 }
299 return 0;
300 }
301
302 int
303 gss_decrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf,
304 int offset)
305 {
306 struct decryptor_desc desc;
307
308 /* XXXJBF: */
309 BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0);
310
311 memset(desc.iv, 0, sizeof(desc.iv));
312 desc.desc.tfm = tfm;
313 desc.desc.info = desc.iv;
314 desc.desc.flags = 0;
315 desc.fragno = 0;
316 desc.fraglen = 0;
317 return xdr_process_buf(buf, offset, buf->len - offset, decryptor, &desc);
318 }
319
320 EXPORT_SYMBOL(gss_decrypt_xdr_buf);
Software Suspend 2 for Linus's 2.6 head (mirror)