Linux 2.6.24.5
[linux/fpc-iii.git] / net / sunrpc / auth_gss / gss_krb5_crypto.c
blob0dd792338fa96298bb523812e10ff81ebf4a7480
1 /*
2 * linux/net/sunrpc/gss_krb5_crypto.c
4 * Copyright (c) 2000 The Regents of the University of Michigan.
5 * All rights reserved.
7 * Andy Adamson <andros@umich.edu>
8 * Bruce Fields <bfields@umich.edu>
9 */
12 * Copyright (C) 1998 by the FundsXpress, INC.
14 * All rights reserved.
16 * Export of this software from the United States of America may require
17 * a specific license from the United States Government. It is the
18 * responsibility of any person or organization contemplating export to
19 * obtain such a license before exporting.
21 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
22 * distribute this software and its documentation for any purpose and
23 * without fee is hereby granted, provided that the above copyright
24 * notice appear in all copies and that both that copyright notice and
25 * this permission notice appear in supporting documentation, and that
26 * the name of FundsXpress. not be used in advertising or publicity pertaining
27 * to distribution of the software without specific, written prior
28 * permission. FundsXpress makes no representations about the suitability of
29 * this software for any purpose. It is provided "as is" without express
30 * or implied warranty.
32 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
33 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
34 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
37 #include <linux/err.h>
38 #include <linux/types.h>
39 #include <linux/mm.h>
40 #include <linux/slab.h>
41 #include <linux/scatterlist.h>
42 #include <linux/crypto.h>
43 #include <linux/highmem.h>
44 #include <linux/pagemap.h>
45 #include <linux/sunrpc/gss_krb5.h>
46 #include <linux/sunrpc/xdr.h>
48 #ifdef RPC_DEBUG
49 # define RPCDBG_FACILITY RPCDBG_AUTH
50 #endif
52 u32
53 krb5_encrypt(
54 struct crypto_blkcipher *tfm,
55 void * iv,
56 void * in,
57 void * out,
58 int length)
60 u32 ret = -EINVAL;
61 struct scatterlist sg[1];
62 u8 local_iv[16] = {0};
63 struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv };
65 if (length % crypto_blkcipher_blocksize(tfm) != 0)
66 goto out;
68 if (crypto_blkcipher_ivsize(tfm) > 16) {
69 dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n",
70 crypto_blkcipher_ivsize(tfm));
71 goto out;
74 if (iv)
75 memcpy(local_iv, iv, crypto_blkcipher_ivsize(tfm));
77 memcpy(out, in, length);
78 sg_init_one(sg, out, length);
80 ret = crypto_blkcipher_encrypt_iv(&desc, sg, sg, length);
81 out:
82 dprintk("RPC: krb5_encrypt returns %d\n", ret);
83 return ret;
86 EXPORT_SYMBOL(krb5_encrypt);
88 u32
89 krb5_decrypt(
90 struct crypto_blkcipher *tfm,
91 void * iv,
92 void * in,
93 void * out,
94 int length)
96 u32 ret = -EINVAL;
97 struct scatterlist sg[1];
98 u8 local_iv[16] = {0};
99 struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv };
101 if (length % crypto_blkcipher_blocksize(tfm) != 0)
102 goto out;
104 if (crypto_blkcipher_ivsize(tfm) > 16) {
105 dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n",
106 crypto_blkcipher_ivsize(tfm));
107 goto out;
109 if (iv)
110 memcpy(local_iv,iv, crypto_blkcipher_ivsize(tfm));
112 memcpy(out, in, length);
113 sg_init_one(sg, out, length);
115 ret = crypto_blkcipher_decrypt_iv(&desc, sg, sg, length);
116 out:
117 dprintk("RPC: gss_k5decrypt returns %d\n",ret);
118 return ret;
121 EXPORT_SYMBOL(krb5_decrypt);
123 static int
124 checksummer(struct scatterlist *sg, void *data)
126 struct hash_desc *desc = data;
128 return crypto_hash_update(desc, sg, sg->length);
131 /* checksum the plaintext data and hdrlen bytes of the token header */
133 make_checksum(char *cksumname, char *header, int hdrlen, struct xdr_buf *body,
134 int body_offset, struct xdr_netobj *cksum)
136 struct hash_desc desc; /* XXX add to ctx? */
137 struct scatterlist sg[1];
138 int err;
140 desc.tfm = crypto_alloc_hash(cksumname, 0, CRYPTO_ALG_ASYNC);
141 if (IS_ERR(desc.tfm))
142 return GSS_S_FAILURE;
143 cksum->len = crypto_hash_digestsize(desc.tfm);
144 desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
146 err = crypto_hash_init(&desc);
147 if (err)
148 goto out;
149 sg_init_one(sg, header, hdrlen);
150 err = crypto_hash_update(&desc, sg, hdrlen);
151 if (err)
152 goto out;
153 err = xdr_process_buf(body, body_offset, body->len - body_offset,
154 checksummer, &desc);
155 if (err)
156 goto out;
157 err = crypto_hash_final(&desc, cksum->data);
159 out:
160 crypto_free_hash(desc.tfm);
161 return err ? GSS_S_FAILURE : 0;
164 EXPORT_SYMBOL(make_checksum);
166 struct encryptor_desc {
167 u8 iv[8]; /* XXX hard-coded blocksize */
168 struct blkcipher_desc desc;
169 int pos;
170 struct xdr_buf *outbuf;
171 struct page **pages;
172 struct scatterlist infrags[4];
173 struct scatterlist outfrags[4];
174 int fragno;
175 int fraglen;
178 static int
179 encryptor(struct scatterlist *sg, void *data)
181 struct encryptor_desc *desc = data;
182 struct xdr_buf *outbuf = desc->outbuf;
183 struct page *in_page;
184 int thislen = desc->fraglen + sg->length;
185 int fraglen, ret;
186 int page_pos;
188 /* Worst case is 4 fragments: head, end of page 1, start
189 * of page 2, tail. Anything more is a bug. */
190 BUG_ON(desc->fragno > 3);
192 page_pos = desc->pos - outbuf->head[0].iov_len;
193 if (page_pos >= 0 && page_pos < outbuf->page_len) {
194 /* pages are not in place: */
195 int i = (page_pos + outbuf->page_base) >> PAGE_CACHE_SHIFT;
196 in_page = desc->pages[i];
197 } else {
198 in_page = sg_page(sg);
200 sg_set_page(&desc->infrags[desc->fragno], in_page, sg->length,
201 sg->offset);
202 sg_set_page(&desc->outfrags[desc->fragno], sg_page(sg), sg->length,
203 sg->offset);
204 desc->fragno++;
205 desc->fraglen += sg->length;
206 desc->pos += sg->length;
208 fraglen = thislen & 7; /* XXX hardcoded blocksize */
209 thislen -= fraglen;
211 if (thislen == 0)
212 return 0;
214 sg_mark_end(&desc->infrags[desc->fragno - 1]);
215 sg_mark_end(&desc->outfrags[desc->fragno - 1]);
217 ret = crypto_blkcipher_encrypt_iv(&desc->desc, desc->outfrags,
218 desc->infrags, thislen);
219 if (ret)
220 return ret;
222 sg_init_table(desc->infrags, 4);
223 sg_init_table(desc->outfrags, 4);
225 if (fraglen) {
226 sg_set_page(&desc->outfrags[0], sg_page(sg), fraglen,
227 sg->offset + sg->length - fraglen);
228 desc->infrags[0] = desc->outfrags[0];
229 sg_assign_page(&desc->infrags[0], in_page);
230 desc->fragno = 1;
231 desc->fraglen = fraglen;
232 } else {
233 desc->fragno = 0;
234 desc->fraglen = 0;
236 return 0;
240 gss_encrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf,
241 int offset, struct page **pages)
243 int ret;
244 struct encryptor_desc desc;
246 BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0);
248 memset(desc.iv, 0, sizeof(desc.iv));
249 desc.desc.tfm = tfm;
250 desc.desc.info = desc.iv;
251 desc.desc.flags = 0;
252 desc.pos = offset;
253 desc.outbuf = buf;
254 desc.pages = pages;
255 desc.fragno = 0;
256 desc.fraglen = 0;
258 sg_init_table(desc.infrags, 4);
259 sg_init_table(desc.outfrags, 4);
261 ret = xdr_process_buf(buf, offset, buf->len - offset, encryptor, &desc);
262 return ret;
265 EXPORT_SYMBOL(gss_encrypt_xdr_buf);
267 struct decryptor_desc {
268 u8 iv[8]; /* XXX hard-coded blocksize */
269 struct blkcipher_desc desc;
270 struct scatterlist frags[4];
271 int fragno;
272 int fraglen;
275 static int
276 decryptor(struct scatterlist *sg, void *data)
278 struct decryptor_desc *desc = data;
279 int thislen = desc->fraglen + sg->length;
280 int fraglen, ret;
282 /* Worst case is 4 fragments: head, end of page 1, start
283 * of page 2, tail. Anything more is a bug. */
284 BUG_ON(desc->fragno > 3);
285 sg_set_page(&desc->frags[desc->fragno], sg_page(sg), sg->length,
286 sg->offset);
287 desc->fragno++;
288 desc->fraglen += sg->length;
290 fraglen = thislen & 7; /* XXX hardcoded blocksize */
291 thislen -= fraglen;
293 if (thislen == 0)
294 return 0;
296 sg_mark_end(&desc->frags[desc->fragno - 1]);
298 ret = crypto_blkcipher_decrypt_iv(&desc->desc, desc->frags,
299 desc->frags, thislen);
300 if (ret)
301 return ret;
303 sg_init_table(desc->frags, 4);
305 if (fraglen) {
306 sg_set_page(&desc->frags[0], sg_page(sg), fraglen,
307 sg->offset + sg->length - fraglen);
308 desc->fragno = 1;
309 desc->fraglen = fraglen;
310 } else {
311 desc->fragno = 0;
312 desc->fraglen = 0;
314 return 0;
318 gss_decrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf,
319 int offset)
321 struct decryptor_desc desc;
323 /* XXXJBF: */
324 BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0);
326 memset(desc.iv, 0, sizeof(desc.iv));
327 desc.desc.tfm = tfm;
328 desc.desc.info = desc.iv;
329 desc.desc.flags = 0;
330 desc.fragno = 0;
331 desc.fraglen = 0;
333 sg_init_table(desc.frags, 4);
335 return xdr_process_buf(buf, offset, buf->len - offset, decryptor, &desc);
338 EXPORT_SYMBOL(gss_decrypt_xdr_buf);