Commit ca54f896 authored by J. Bruce Fields's avatar J. Bruce Fields Committed by Trond Myklebust

rpcgss: simplify make_checksum

We're doing some pointless translation between krb5 constants and kernel
crypto string names.

Also clean up some related spkm3 code as necessary.
Signed-off-by: default avatarJ. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
parent 2818bf81
...@@ -116,7 +116,7 @@ enum seal_alg { ...@@ -116,7 +116,7 @@ enum seal_alg {
#define ENCTYPE_UNKNOWN 0x01ff #define ENCTYPE_UNKNOWN 0x01ff
s32 s32
make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body, make_checksum(char *, char *header, int hdrlen, struct xdr_buf *body,
int body_offset, struct xdr_netobj *cksum); int body_offset, struct xdr_netobj *cksum);
u32 gss_get_mic_kerberos(struct gss_ctx *, struct xdr_buf *, u32 gss_get_mic_kerberos(struct gss_ctx *, struct xdr_buf *,
......
...@@ -130,23 +130,13 @@ checksummer(struct scatterlist *sg, void *data) ...@@ -130,23 +130,13 @@ checksummer(struct scatterlist *sg, void *data)
/* checksum the plaintext data and hdrlen bytes of the token header */ /* checksum the plaintext data and hdrlen bytes of the token header */
s32 s32
make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body, make_checksum(char *cksumname, char *header, int hdrlen, struct xdr_buf *body,
int body_offset, struct xdr_netobj *cksum) int body_offset, struct xdr_netobj *cksum)
{ {
char *cksumname;
struct hash_desc desc; /* XXX add to ctx? */ struct hash_desc desc; /* XXX add to ctx? */
struct scatterlist sg[1]; struct scatterlist sg[1];
int err; int err;
switch (cksumtype) {
case CKSUMTYPE_RSA_MD5:
cksumname = "md5";
break;
default:
dprintk("RPC: krb5_make_checksum:"
" unsupported checksum %d", cksumtype);
return GSS_S_FAILURE;
}
desc.tfm = crypto_alloc_hash(cksumname, 0, CRYPTO_ALG_ASYNC); desc.tfm = crypto_alloc_hash(cksumname, 0, CRYPTO_ALG_ASYNC);
if (IS_ERR(desc.tfm)) if (IS_ERR(desc.tfm))
return GSS_S_FAILURE; return GSS_S_FAILURE;
......
...@@ -108,7 +108,7 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text, ...@@ -108,7 +108,7 @@ gss_get_mic_kerberos(struct gss_ctx *gss_ctx, struct xdr_buf *text,
*(__be16 *)(krb5_hdr + 2) = htons(SGN_ALG_DES_MAC_MD5); *(__be16 *)(krb5_hdr + 2) = htons(SGN_ALG_DES_MAC_MD5);
memset(krb5_hdr + 4, 0xff, 4); memset(krb5_hdr + 4, 0xff, 4);
if (make_checksum(CKSUMTYPE_RSA_MD5, krb5_hdr, 8, text, 0, &md5cksum)) if (make_checksum("md5", krb5_hdr, 8, text, 0, &md5cksum))
goto out_err; goto out_err;
if (krb5_encrypt(ctx->seq, NULL, md5cksum.data, if (krb5_encrypt(ctx->seq, NULL, md5cksum.data,
......
...@@ -114,8 +114,7 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx, ...@@ -114,8 +114,7 @@ gss_verify_mic_kerberos(struct gss_ctx *gss_ctx,
if (signalg != SGN_ALG_DES_MAC_MD5) if (signalg != SGN_ALG_DES_MAC_MD5)
goto out; goto out;
ret = make_checksum(CKSUMTYPE_RSA_MD5, ptr - 2, 8, ret = make_checksum("md5", ptr - 2, 8, message_buffer, 0, &md5cksum);
message_buffer, 0, &md5cksum);
if (ret) if (ret)
goto out; goto out;
......
...@@ -176,7 +176,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset, ...@@ -176,7 +176,7 @@ gss_wrap_kerberos(struct gss_ctx *ctx, int offset,
/* XXXJBF: UGH!: */ /* XXXJBF: UGH!: */
tmp_pages = buf->pages; tmp_pages = buf->pages;
buf->pages = pages; buf->pages = pages;
if (make_checksum(CKSUMTYPE_RSA_MD5, krb5_hdr, 8, buf, if (make_checksum("md5", krb5_hdr, 8, buf,
offset + headlen - blocksize, &md5cksum)) offset + headlen - blocksize, &md5cksum))
goto out_err; goto out_err;
buf->pages = tmp_pages; buf->pages = tmp_pages;
...@@ -272,7 +272,7 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf) ...@@ -272,7 +272,7 @@ gss_unwrap_kerberos(struct gss_ctx *ctx, int offset, struct xdr_buf *buf)
ptr + 22 - (unsigned char *)buf->head[0].iov_base)) ptr + 22 - (unsigned char *)buf->head[0].iov_base))
goto out; goto out;
ret = make_checksum(CKSUMTYPE_RSA_MD5, ptr - 2, 8, buf, ret = make_checksum("md5", ptr - 2, 8, buf,
ptr + 22 - (unsigned char *)buf->head[0].iov_base, &md5cksum); ptr + 22 - (unsigned char *)buf->head[0].iov_base, &md5cksum);
if (ret) if (ret)
goto out; goto out;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment