SUNRPC: Support the Camellia enctypes

RFC 6803 defines two encryption types that use Camellia ciphers (RFC
3713) and CMAC digests. Implement support for those in SunRPC's GSS
Kerberos 5 mechanism.

There has not been an explicit request to support these enctypes.
However, this new set of enctypes provides a good alternative to the
AES-SHA1 enctypes that are to be deprecated at some point.

As this implementation is still a "beta", the default is to not
build it automatically.

Tested-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h
index 8ff397b5c04b508be2eb0d03a2c1c950e1969f11..cbb6c81928902d5d4a8eae2ed44f9fac8667497a 100644 (file)
--- a/include/linux/sunrpc/gss_krb5.h
+++ b/include/linux/sunrpc/gss_krb5.h
@@ -176,6 +176,8 @@ enum seal_alg {
 #define CKSUMTYPE_HMAC_SHA1_DES3       0x000c
 #define CKSUMTYPE_HMAC_SHA1_96_AES128   0x000f
 #define CKSUMTYPE_HMAC_SHA1_96_AES256   0x0010
+#define CKSUMTYPE_CMAC_CAMELLIA128     0x0011
+#define CKSUMTYPE_CMAC_CAMELLIA256     0x0012
 #define CKSUMTYPE_HMAC_SHA256_128_AES128       0x0013
 #define CKSUMTYPE_HMAC_SHA384_192_AES256       0x0014
 #define CKSUMTYPE_HMAC_MD5_ARCFOUR      -138 /* Microsoft md5 hmac cksumtype */
@@ -220,6 +222,8 @@ enum seal_alg {
 #define ENCTYPE_AES256_CTS_HMAC_SHA384_192     0x0014
 #define ENCTYPE_ARCFOUR_HMAC            0x0017
 #define ENCTYPE_ARCFOUR_HMAC_EXP        0x0018
+#define ENCTYPE_CAMELLIA128_CTS_CMAC   0x0019
+#define ENCTYPE_CAMELLIA256_CTS_CMAC   0x001A
 #define ENCTYPE_UNKNOWN         0x01ff
 
 /*

diff --git a/net/sunrpc/Kconfig b/net/sunrpc/Kconfig
index 420b4027998650b0c6b593eceeb5a3461d1b3755..b8e1819a8dd0fb56d2198366a8daf9610c014bcf 100644 (file)
--- a/net/sunrpc/Kconfig
+++ b/net/sunrpc/Kconfig
@@ -80,6 +80,19 @@ config RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA1
          SHA-1 digests. These include aes128-cts-hmac-sha1-96 and
          aes256-cts-hmac-sha1-96.
 
+config RPCSEC_GSS_KRB5_ENCTYPES_CAMELLIA
+       bool "Enable Kerberos encryption types based on Camellia and CMAC"
+       depends on RPCSEC_GSS_KRB5
+       depends on CRYPTO_CBC && CRYPTO_CTS && CRYPTO_CAMELLIA
+       depends on CRYPTO_CMAC
+       default n
+       select RPCSEC_GSS_KRB5_CRYPTOSYSTEM
+       help
+         Choose Y to enable the use of Kerberos 5 encryption types
+         that utilize Camellia ciphers (RFC 3713) and CMAC digests
+         (NIST Special Publication 800-38B). These include
+         camellia128-cts-cmac and camellia256-cts-cmac.
+
 config RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA2
        bool "Enable Kerberos enctypes based on AES and SHA-2"
        depends on RPCSEC_GSS_KRB5

diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
index 97a365608233d8adc6c12118dec403d7bad4ca3a..4e7cb49a06dee153a285c16be2377a88abbd71ca 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -147,6 +147,61 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
        },
 #endif
 
+#if defined(CONFIG_RPCSEC_GSS_KRB5_ENCTYPES_CAMELLIA)
+       /*
+        * Camellia-128 with CMAC (RFC 6803)
+        */
+       {
+               .etype          = ENCTYPE_CAMELLIA128_CTS_CMAC,
+               .ctype          = CKSUMTYPE_CMAC_CAMELLIA128,
+               .name           = "camellia128-cts-cmac",
+               .encrypt_name   = "cts(cbc(camellia))",
+               .aux_cipher     = "cbc(camellia)",
+               .cksum_name     = "cmac(camellia)",
+               .cksumlength    = BITS2OCTETS(128),
+               .keyed_cksum    = 1,
+               .keylength      = BITS2OCTETS(128),
+               .Kc_length      = BITS2OCTETS(128),
+               .Ke_length      = BITS2OCTETS(128),
+               .Ki_length      = BITS2OCTETS(128),
+
+               .import_ctx     = gss_krb5_import_ctx_v2,
+               .encrypt        = gss_krb5_aes_encrypt,
+               .decrypt        = gss_krb5_aes_decrypt,
+
+               .get_mic        = gss_krb5_get_mic_v2,
+               .verify_mic     = gss_krb5_verify_mic_v2,
+               .wrap           = gss_krb5_wrap_v2,
+               .unwrap         = gss_krb5_unwrap_v2,
+       },
+       /*
+        * Camellia-256 with CMAC (RFC 6803)
+        */
+       {
+               .etype          = ENCTYPE_CAMELLIA256_CTS_CMAC,
+               .ctype          = CKSUMTYPE_CMAC_CAMELLIA256,
+               .name           = "camellia256-cts-cmac",
+               .encrypt_name   = "cts(cbc(camellia))",
+               .aux_cipher     = "cbc(camellia)",
+               .cksum_name     = "cmac(camellia)",
+               .cksumlength    = BITS2OCTETS(128),
+               .keyed_cksum    = 1,
+               .keylength      = BITS2OCTETS(256),
+               .Kc_length      = BITS2OCTETS(256),
+               .Ke_length      = BITS2OCTETS(256),
+               .Ki_length      = BITS2OCTETS(256),
+
+               .import_ctx     = gss_krb5_import_ctx_v2,
+               .encrypt        = gss_krb5_aes_encrypt,
+               .decrypt        = gss_krb5_aes_decrypt,
+
+               .get_mic        = gss_krb5_get_mic_v2,
+               .verify_mic     = gss_krb5_verify_mic_v2,
+               .wrap           = gss_krb5_wrap_v2,
+               .unwrap         = gss_krb5_unwrap_v2,
+       },
+#endif
+
 #if defined(CONFIG_RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA2)
        /*
         * AES-128 with SHA-256 (RFC 8009)