Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * linux/net/sunrpc/gss_krb5_crypto.c | |
3 | * | |
4 | * Copyright (c) 2000 The Regents of the University of Michigan. | |
5 | * All rights reserved. | |
6 | * | |
7 | * Andy Adamson <andros@umich.edu> | |
8 | * Bruce Fields <bfields@umich.edu> | |
9 | */ | |
10 | ||
11 | /* | |
12 | * Copyright (C) 1998 by the FundsXpress, INC. | |
13 | * | |
14 | * All rights reserved. | |
15 | * | |
16 | * Export of this software from the United States of America may require | |
17 | * a specific license from the United States Government. It is the | |
18 | * responsibility of any person or organization contemplating export to | |
19 | * obtain such a license before exporting. | |
20 | * | |
21 | * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and | |
22 | * distribute this software and its documentation for any purpose and | |
23 | * without fee is hereby granted, provided that the above copyright | |
24 | * notice appear in all copies and that both that copyright notice and | |
25 | * this permission notice appear in supporting documentation, and that | |
26 | * the name of FundsXpress. not be used in advertising or publicity pertaining | |
27 | * to distribution of the software without specific, written prior | |
28 | * permission. FundsXpress makes no representations about the suitability of | |
29 | * this software for any purpose. It is provided "as is" without express | |
30 | * or implied warranty. | |
31 | * | |
32 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR | |
33 | * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED | |
34 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. | |
35 | */ | |
36 | ||
37 | #include <linux/types.h> | |
38 | #include <linux/mm.h> | |
39 | #include <linux/slab.h> | |
378f058c | 40 | #include <linux/scatterlist.h> |
1da177e4 LT |
41 | #include <linux/crypto.h> |
42 | #include <linux/highmem.h> | |
43 | #include <linux/pagemap.h> | |
44 | #include <linux/sunrpc/gss_krb5.h> | |
45 | ||
46 | #ifdef RPC_DEBUG | |
47 | # define RPCDBG_FACILITY RPCDBG_AUTH | |
48 | #endif | |
49 | ||
50 | u32 | |
51 | krb5_encrypt( | |
378c6697 | 52 | struct crypto_blkcipher *tfm, |
1da177e4 LT |
53 | void * iv, |
54 | void * in, | |
55 | void * out, | |
56 | int length) | |
57 | { | |
58 | u32 ret = -EINVAL; | |
59 | struct scatterlist sg[1]; | |
60 | u8 local_iv[16] = {0}; | |
378c6697 | 61 | struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv }; |
1da177e4 LT |
62 | |
63 | dprintk("RPC: krb5_encrypt: input data:\n"); | |
64 | print_hexl((u32 *)in, length, 0); | |
65 | ||
378c6697 | 66 | if (length % crypto_blkcipher_blocksize(tfm) != 0) |
1da177e4 LT |
67 | goto out; |
68 | ||
378c6697 | 69 | if (crypto_blkcipher_ivsize(tfm) > 16) { |
1da177e4 | 70 | dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n", |
378c6697 | 71 | crypto_blkcipher_ivsize(tfm)); |
1da177e4 LT |
72 | goto out; |
73 | } | |
74 | ||
75 | if (iv) | |
378c6697 | 76 | memcpy(local_iv, iv, crypto_blkcipher_ivsize(tfm)); |
1da177e4 LT |
77 | |
78 | memcpy(out, in, length); | |
6df5b9f4 | 79 | sg_set_buf(sg, out, length); |
1da177e4 | 80 | |
378c6697 | 81 | ret = crypto_blkcipher_encrypt_iv(&desc, sg, sg, length); |
1da177e4 LT |
82 | |
83 | dprintk("RPC: krb5_encrypt: output data:\n"); | |
84 | print_hexl((u32 *)out, length, 0); | |
85 | out: | |
86 | dprintk("RPC: krb5_encrypt returns %d\n",ret); | |
87 | return(ret); | |
88 | } | |
89 | ||
90 | EXPORT_SYMBOL(krb5_encrypt); | |
91 | ||
92 | u32 | |
93 | krb5_decrypt( | |
378c6697 | 94 | struct crypto_blkcipher *tfm, |
1da177e4 LT |
95 | void * iv, |
96 | void * in, | |
97 | void * out, | |
98 | int length) | |
99 | { | |
100 | u32 ret = -EINVAL; | |
101 | struct scatterlist sg[1]; | |
102 | u8 local_iv[16] = {0}; | |
378c6697 | 103 | struct blkcipher_desc desc = { .tfm = tfm, .info = local_iv }; |
1da177e4 LT |
104 | |
105 | dprintk("RPC: krb5_decrypt: input data:\n"); | |
106 | print_hexl((u32 *)in, length, 0); | |
107 | ||
378c6697 | 108 | if (length % crypto_blkcipher_blocksize(tfm) != 0) |
1da177e4 LT |
109 | goto out; |
110 | ||
378c6697 | 111 | if (crypto_blkcipher_ivsize(tfm) > 16) { |
1da177e4 | 112 | dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n", |
378c6697 | 113 | crypto_blkcipher_ivsize(tfm)); |
1da177e4 LT |
114 | goto out; |
115 | } | |
116 | if (iv) | |
378c6697 | 117 | memcpy(local_iv,iv, crypto_blkcipher_ivsize(tfm)); |
1da177e4 LT |
118 | |
119 | memcpy(out, in, length); | |
6df5b9f4 | 120 | sg_set_buf(sg, out, length); |
1da177e4 | 121 | |
378c6697 | 122 | ret = crypto_blkcipher_decrypt_iv(&desc, sg, sg, length); |
1da177e4 LT |
123 | |
124 | dprintk("RPC: krb5_decrypt: output_data:\n"); | |
125 | print_hexl((u32 *)out, length, 0); | |
126 | out: | |
127 | dprintk("RPC: gss_k5decrypt returns %d\n",ret); | |
128 | return(ret); | |
129 | } | |
130 | ||
131 | EXPORT_SYMBOL(krb5_decrypt); | |
132 | ||
f7b3af64 BF |
133 | static int |
134 | process_xdr_buf(struct xdr_buf *buf, int offset, int len, | |
135 | int (*actor)(struct scatterlist *, void *), void *data) | |
136 | { | |
137 | int i, page_len, thislen, page_offset, ret = 0; | |
138 | struct scatterlist sg[1]; | |
139 | ||
140 | if (offset >= buf->head[0].iov_len) { | |
141 | offset -= buf->head[0].iov_len; | |
142 | } else { | |
143 | thislen = buf->head[0].iov_len - offset; | |
144 | if (thislen > len) | |
145 | thislen = len; | |
378f058c | 146 | sg_set_buf(sg, buf->head[0].iov_base + offset, thislen); |
f7b3af64 BF |
147 | ret = actor(sg, data); |
148 | if (ret) | |
149 | goto out; | |
150 | offset = 0; | |
151 | len -= thislen; | |
152 | } | |
153 | if (len == 0) | |
154 | goto out; | |
155 | ||
156 | if (offset >= buf->page_len) { | |
157 | offset -= buf->page_len; | |
158 | } else { | |
159 | page_len = buf->page_len - offset; | |
160 | if (page_len > len) | |
161 | page_len = len; | |
162 | len -= page_len; | |
163 | page_offset = (offset + buf->page_base) & (PAGE_CACHE_SIZE - 1); | |
164 | i = (offset + buf->page_base) >> PAGE_CACHE_SHIFT; | |
165 | thislen = PAGE_CACHE_SIZE - page_offset; | |
166 | do { | |
167 | if (thislen > page_len) | |
168 | thislen = page_len; | |
169 | sg->page = buf->pages[i]; | |
170 | sg->offset = page_offset; | |
171 | sg->length = thislen; | |
172 | ret = actor(sg, data); | |
173 | if (ret) | |
174 | goto out; | |
175 | page_len -= thislen; | |
176 | i++; | |
177 | page_offset = 0; | |
178 | thislen = PAGE_CACHE_SIZE; | |
179 | } while (page_len != 0); | |
180 | offset = 0; | |
181 | } | |
182 | if (len == 0) | |
183 | goto out; | |
184 | ||
185 | if (offset < buf->tail[0].iov_len) { | |
186 | thislen = buf->tail[0].iov_len - offset; | |
187 | if (thislen > len) | |
188 | thislen = len; | |
378f058c | 189 | sg_set_buf(sg, buf->tail[0].iov_base + offset, thislen); |
f7b3af64 BF |
190 | ret = actor(sg, data); |
191 | len -= thislen; | |
192 | } | |
193 | if (len != 0) | |
194 | ret = -EINVAL; | |
195 | out: | |
196 | return ret; | |
197 | } | |
198 | ||
199 | static int | |
200 | checksummer(struct scatterlist *sg, void *data) | |
201 | { | |
202 | struct crypto_tfm *tfm = (struct crypto_tfm *)data; | |
203 | ||
204 | crypto_digest_update(tfm, sg, 1); | |
205 | ||
206 | return 0; | |
207 | } | |
208 | ||
1da177e4 LT |
209 | /* checksum the plaintext data and hdrlen bytes of the token header */ |
210 | s32 | |
211 | make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body, | |
14ae162c | 212 | int body_offset, struct xdr_netobj *cksum) |
1da177e4 LT |
213 | { |
214 | char *cksumname; | |
215 | struct crypto_tfm *tfm = NULL; /* XXX add to ctx? */ | |
216 | struct scatterlist sg[1]; | |
1da177e4 LT |
217 | |
218 | switch (cksumtype) { | |
219 | case CKSUMTYPE_RSA_MD5: | |
220 | cksumname = "md5"; | |
221 | break; | |
222 | default: | |
223 | dprintk("RPC: krb5_make_checksum:" | |
224 | " unsupported checksum %d", cksumtype); | |
d4a30e7e | 225 | return GSS_S_FAILURE; |
1da177e4 | 226 | } |
eb6f1160 | 227 | if (!(tfm = crypto_alloc_tfm(cksumname, CRYPTO_TFM_REQ_MAY_SLEEP))) |
d4a30e7e | 228 | return GSS_S_FAILURE; |
1da177e4 | 229 | cksum->len = crypto_tfm_alg_digestsize(tfm); |
1da177e4 LT |
230 | |
231 | crypto_digest_init(tfm); | |
378f058c | 232 | sg_set_buf(sg, header, hdrlen); |
1da177e4 | 233 | crypto_digest_update(tfm, sg, 1); |
14ae162c BF |
234 | process_xdr_buf(body, body_offset, body->len - body_offset, |
235 | checksummer, tfm); | |
1da177e4 | 236 | crypto_digest_final(tfm, cksum->data); |
573dbd95 | 237 | crypto_free_tfm(tfm); |
d4a30e7e | 238 | return 0; |
1da177e4 LT |
239 | } |
240 | ||
241 | EXPORT_SYMBOL(make_checksum); | |
14ae162c BF |
242 | |
243 | struct encryptor_desc { | |
244 | u8 iv[8]; /* XXX hard-coded blocksize */ | |
378c6697 | 245 | struct blkcipher_desc desc; |
14ae162c BF |
246 | int pos; |
247 | struct xdr_buf *outbuf; | |
248 | struct page **pages; | |
249 | struct scatterlist infrags[4]; | |
250 | struct scatterlist outfrags[4]; | |
251 | int fragno; | |
252 | int fraglen; | |
253 | }; | |
254 | ||
255 | static int | |
256 | encryptor(struct scatterlist *sg, void *data) | |
257 | { | |
258 | struct encryptor_desc *desc = data; | |
259 | struct xdr_buf *outbuf = desc->outbuf; | |
260 | struct page *in_page; | |
261 | int thislen = desc->fraglen + sg->length; | |
262 | int fraglen, ret; | |
263 | int page_pos; | |
264 | ||
265 | /* Worst case is 4 fragments: head, end of page 1, start | |
266 | * of page 2, tail. Anything more is a bug. */ | |
267 | BUG_ON(desc->fragno > 3); | |
268 | desc->infrags[desc->fragno] = *sg; | |
269 | desc->outfrags[desc->fragno] = *sg; | |
270 | ||
271 | page_pos = desc->pos - outbuf->head[0].iov_len; | |
272 | if (page_pos >= 0 && page_pos < outbuf->page_len) { | |
273 | /* pages are not in place: */ | |
274 | int i = (page_pos + outbuf->page_base) >> PAGE_CACHE_SHIFT; | |
275 | in_page = desc->pages[i]; | |
276 | } else { | |
277 | in_page = sg->page; | |
278 | } | |
279 | desc->infrags[desc->fragno].page = in_page; | |
280 | desc->fragno++; | |
281 | desc->fraglen += sg->length; | |
282 | desc->pos += sg->length; | |
283 | ||
284 | fraglen = thislen & 7; /* XXX hardcoded blocksize */ | |
285 | thislen -= fraglen; | |
286 | ||
287 | if (thislen == 0) | |
288 | return 0; | |
289 | ||
378c6697 HX |
290 | ret = crypto_blkcipher_encrypt_iv(&desc->desc, desc->outfrags, |
291 | desc->infrags, thislen); | |
14ae162c BF |
292 | if (ret) |
293 | return ret; | |
294 | if (fraglen) { | |
295 | desc->outfrags[0].page = sg->page; | |
296 | desc->outfrags[0].offset = sg->offset + sg->length - fraglen; | |
297 | desc->outfrags[0].length = fraglen; | |
298 | desc->infrags[0] = desc->outfrags[0]; | |
299 | desc->infrags[0].page = in_page; | |
300 | desc->fragno = 1; | |
301 | desc->fraglen = fraglen; | |
302 | } else { | |
303 | desc->fragno = 0; | |
304 | desc->fraglen = 0; | |
305 | } | |
306 | return 0; | |
307 | } | |
308 | ||
309 | int | |
378c6697 HX |
310 | gss_encrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf, |
311 | int offset, struct page **pages) | |
14ae162c BF |
312 | { |
313 | int ret; | |
314 | struct encryptor_desc desc; | |
315 | ||
378c6697 | 316 | BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0); |
14ae162c BF |
317 | |
318 | memset(desc.iv, 0, sizeof(desc.iv)); | |
378c6697 HX |
319 | desc.desc.tfm = tfm; |
320 | desc.desc.info = desc.iv; | |
321 | desc.desc.flags = 0; | |
14ae162c BF |
322 | desc.pos = offset; |
323 | desc.outbuf = buf; | |
324 | desc.pages = pages; | |
325 | desc.fragno = 0; | |
326 | desc.fraglen = 0; | |
327 | ||
328 | ret = process_xdr_buf(buf, offset, buf->len - offset, encryptor, &desc); | |
329 | return ret; | |
330 | } | |
331 | ||
332 | EXPORT_SYMBOL(gss_encrypt_xdr_buf); | |
333 | ||
334 | struct decryptor_desc { | |
335 | u8 iv[8]; /* XXX hard-coded blocksize */ | |
378c6697 | 336 | struct blkcipher_desc desc; |
14ae162c BF |
337 | struct scatterlist frags[4]; |
338 | int fragno; | |
339 | int fraglen; | |
340 | }; | |
341 | ||
342 | static int | |
343 | decryptor(struct scatterlist *sg, void *data) | |
344 | { | |
345 | struct decryptor_desc *desc = data; | |
346 | int thislen = desc->fraglen + sg->length; | |
347 | int fraglen, ret; | |
348 | ||
349 | /* Worst case is 4 fragments: head, end of page 1, start | |
350 | * of page 2, tail. Anything more is a bug. */ | |
351 | BUG_ON(desc->fragno > 3); | |
352 | desc->frags[desc->fragno] = *sg; | |
353 | desc->fragno++; | |
354 | desc->fraglen += sg->length; | |
355 | ||
356 | fraglen = thislen & 7; /* XXX hardcoded blocksize */ | |
357 | thislen -= fraglen; | |
358 | ||
359 | if (thislen == 0) | |
360 | return 0; | |
361 | ||
378c6697 HX |
362 | ret = crypto_blkcipher_decrypt_iv(&desc->desc, desc->frags, |
363 | desc->frags, thislen); | |
14ae162c BF |
364 | if (ret) |
365 | return ret; | |
366 | if (fraglen) { | |
367 | desc->frags[0].page = sg->page; | |
368 | desc->frags[0].offset = sg->offset + sg->length - fraglen; | |
369 | desc->frags[0].length = fraglen; | |
370 | desc->fragno = 1; | |
371 | desc->fraglen = fraglen; | |
372 | } else { | |
373 | desc->fragno = 0; | |
374 | desc->fraglen = 0; | |
375 | } | |
376 | return 0; | |
377 | } | |
378 | ||
379 | int | |
378c6697 HX |
380 | gss_decrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *buf, |
381 | int offset) | |
14ae162c BF |
382 | { |
383 | struct decryptor_desc desc; | |
384 | ||
385 | /* XXXJBF: */ | |
378c6697 | 386 | BUG_ON((buf->len - offset) % crypto_blkcipher_blocksize(tfm) != 0); |
14ae162c BF |
387 | |
388 | memset(desc.iv, 0, sizeof(desc.iv)); | |
378c6697 HX |
389 | desc.desc.tfm = tfm; |
390 | desc.desc.info = desc.iv; | |
391 | desc.desc.flags = 0; | |
14ae162c BF |
392 | desc.fragno = 0; |
393 | desc.fraglen = 0; | |
394 | return process_xdr_buf(buf, offset, buf->len - offset, decryptor, &desc); | |
395 | } | |
396 | ||
397 | EXPORT_SYMBOL(gss_decrypt_xdr_buf); |