SUNRPC: Remove ->encrypt and ->decrypt methods from struct gss_krb5_enctype

author Chuck Lever <chuck.lever@oracle.com>

Sun, 15 Jan 2023 17:21:58 +0000 (12:21 -0500)

committer Chuck Lever <chuck.lever@oracle.com>

Mon, 20 Feb 2023 14:20:41 +0000 (09:20 -0500)
author Chuck Lever <chuck.lever@oracle.com>
Sun, 15 Jan 2023 17:21:58 +0000 (12:21 -0500)
committer Chuck Lever <chuck.lever@oracle.com>
Mon, 20 Feb 2023 14:20:41 +0000 (09:20 -0500)
diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h

index 68ae0c3d4cf7238ecc550fcf40d1328651f6c2aa..a0646df12beb228a7198c147b5beb76c1445968b 100644 (file)
--- a/include/linux/sunrpc/gss_krb5.h
+++ b/include/linux/sunrpc/gss_krb5.h
@@ -69,12 +69,6 @@ struct gss_krb5_enctype {
         const u32               keyed_cksum;    /* is it a keyed cksum? */
         const u32               keybytes;       /* raw key len, in bytes */
         const u32               keylength;      /* final key len, in bytes */
-       u32 (*encrypt) (struct crypto_sync_skcipher *tfm,
-                       void *iv, void *in, void *out,
-                       int length);            /* encryption function */
-       u32 (*decrypt) (struct crypto_sync_skcipher *tfm,
-                       void *iv, void *in, void *out,
-                       int length);            /* decryption function */
         int (*import_ctx)(struct krb5_ctx *ctx, gfp_t gfp_mask);
         u32 (*mk_key) (const struct gss_krb5_enctype *gk5e,
                        struct xdr_netobj *in,
@@ -243,14 +237,6 @@ make_checksum(struct krb5_ctx *kctx, char *header, int hdrlen,
                 struct xdr_buf *body, int body_offset, u8 *cksumkey,
                 unsigned int usage, struct xdr_netobj *cksumout);
  
-u32
-krb5_encrypt(struct crypto_sync_skcipher *key,
-            void *iv, void *in, void *out, int length);
-
-u32
-krb5_decrypt(struct crypto_sync_skcipher *key,
-            void *iv, void *in, void *out, int length); 
-
  int
  gss_encrypt_xdr_buf(struct crypto_sync_skcipher *tfm, struct xdr_buf *outbuf,
                     int offset, struct page **pages);
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c

index 098faaf02fe663099bb6f4d346199b78763fe12a..c5845fdda527e57eb14ae57b5c71f21f47b59b0d 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
@@ -82,6 +82,22 @@ void krb5_make_confounder(u8 *p, int conflen)
         get_random_bytes(p, conflen);
  }
  
+/**
+ * krb5_encrypt - simple encryption of an RPCSEC GSS payload
+ * @tfm: initialized cipher transform
+ * @iv: pointer to an IV
+ * @in: plaintext to encrypt
+ * @out: OUT: ciphertext
+ * @length: length of input and output buffers, in bytes
+ *
+ * @iv may be NULL to force the use of an all-zero IV.
+ * The buffer containing the IV must be as large as the
+ * cipher's ivsize.
+ *
+ * Return values:
+ *   %0: @in successfully encrypted into @out
+ *   negative errno: @in not encrypted
+ */
  u32
  krb5_encrypt(
         struct crypto_sync_skcipher *tfm,
@@ -121,6 +137,22 @@ out:
         return ret;
  }
  
+/**
+ * krb5_decrypt - simple decryption of an RPCSEC GSS payload
+ * @tfm: initialized cipher transform
+ * @iv: pointer to an IV
+ * @in: ciphertext to decrypt
+ * @out: OUT: plaintext
+ * @length: length of input and output buffers, in bytes
+ *
+ * @iv may be NULL to force the use of an all-zero IV.
+ * The buffer containing the IV must be as large as the
+ * cipher's ivsize.
+ *
+ * Return values:
+ *   %0: @in successfully decrypted into @out
+ *   negative errno: @in not decrypted
+ */
  u32
  krb5_decrypt(
       struct crypto_sync_skcipher *tfm,
@@ -234,8 +266,8 @@ make_checksum(struct krb5_ctx *kctx, char *header, int hdrlen,
  
         switch (kctx->gk5e->ctype) {
         case CKSUMTYPE_RSA_MD5:
-               err = kctx->gk5e->encrypt(kctx->seq, NULL, checksumdata,
-                                         checksumdata, checksumlen);
+               err = krb5_encrypt(kctx->seq, NULL, checksumdata,
+                                  checksumdata, checksumlen);
                 if (err)
                         goto out;
                 memcpy(cksumout->data,
diff --git a/net/sunrpc/auth_gss/gss_krb5_internal.h b/net/sunrpc/auth_gss/gss_krb5_internal.h

index 04d2781e2ce28c0009539b74df906efb76259612..a4b752af69519d69415d5321f50177a73f768919 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_internal.h
+++ b/net/sunrpc/auth_gss/gss_krb5_internal.h
@@ -44,4 +44,10 @@ u32 gss_krb5_checksum(struct crypto_ahash *tfm, char *header, int hdrlen,
                       const struct xdr_buf *body, int body_offset,
                       struct xdr_netobj *cksumout);
  
+u32 krb5_encrypt(struct crypto_sync_skcipher *key, void *iv, void *in,
+                void *out, int length);
+
+u32 krb5_decrypt(struct crypto_sync_skcipher *key, void *iv, void *in,
+                void *out, int length);
+
  #endif /* _NET_SUNRPC_AUTH_GSS_KRB5_INTERNAL_H */
diff --git a/net/sunrpc/auth_gss/gss_krb5_keys.c b/net/sunrpc/auth_gss/gss_krb5_keys.c

index 554cfd23f2889df388117222d006929d7ea54ad9..a7c6866dad96222a2205578fe14600c3cd7da4af 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_keys.c
+++ b/net/sunrpc/auth_gss/gss_krb5_keys.c
@@ -61,6 +61,8 @@
  #include <linux/sunrpc/xdr.h>
  #include <linux/lcm.h>
  
+#include "gss_krb5_internal.h"
+
  #if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
  # define RPCDBG_FACILITY        RPCDBG_AUTH
  #endif
@@ -195,8 +197,8 @@ u32 krb5_derive_key(const struct gss_krb5_enctype *gk5e,
  
         n = 0;
         while (n < keybytes) {
-               (*(gk5e->encrypt))(cipher, NULL, inblock.data,
-                                  outblock.data, inblock.len);
+               krb5_encrypt(cipher, NULL, inblock.data, outblock.data,
+                            inblock.len);
  
                 if ((keybytes - n) <= outblock.len) {
                         memcpy(rawkey + n, outblock.data, (keybytes - n));
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c

index 9ddc6fc7077fdb38b6e900760179d3560e52d681..47c065aa4a14aa06384230642ffae70c58ef4c1b 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -48,8 +48,6 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
           .name = "des-cbc-crc",
           .encrypt_name = "cbc(des)",
           .cksum_name = "md5",
-         .encrypt = krb5_encrypt,
-         .decrypt = krb5_decrypt,
           .import_ctx = gss_krb5_import_ctx_des,
           .mk_key = NULL,
           .get_mic = gss_krb5_get_mic_v1,
@@ -72,8 +70,6 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
           .name = "des3-hmac-sha1",
           .encrypt_name = "cbc(des3_ede)",
           .cksum_name = "hmac(sha1)",
-         .encrypt = krb5_encrypt,
-         .decrypt = krb5_decrypt,
           .import_ctx = gss_krb5_import_ctx_v1,
           .mk_key = gss_krb5_des3_make_key,
           .get_mic = gss_krb5_get_mic_v1,
@@ -100,8 +96,6 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
           .encrypt_name = "cts(cbc(aes))",
           .aux_cipher = "cbc(aes)",
           .cksum_name = "hmac(sha1)",
-         .encrypt = krb5_encrypt,
-         .decrypt = krb5_decrypt,
           .import_ctx = gss_krb5_import_ctx_v2,
           .mk_key = gss_krb5_aes_make_key,
           .encrypt_v2 = gss_krb5_aes_encrypt,
@@ -129,8 +123,6 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
           .encrypt_name = "cts(cbc(aes))",
           .aux_cipher = "cbc(aes)",
           .cksum_name = "hmac(sha1)",
-         .encrypt = krb5_encrypt,
-         .decrypt = krb5_decrypt,
           .import_ctx = gss_krb5_import_ctx_v2,
           .mk_key = gss_krb5_aes_make_key,
           .encrypt_v2 = gss_krb5_aes_encrypt,
diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c

index 3200b971a814faa749f44b7c177b39e56e6e874f..1babc3474e102a6852de2ef85147a2ef3297353f 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c
+++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c
@@ -35,6 +35,8 @@
  #include <linux/types.h>
  #include <linux/sunrpc/gss_krb5.h>
  
+#include "gss_krb5_internal.h"
+
  #if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
  # define RPCDBG_FACILITY        RPCDBG_AUTH
  #endif
author	Chuck Lever <chuck.lever@oracle.com>
	Sun, 15 Jan 2023 17:21:58 +0000 (12:21 -0500)
committer	Chuck Lever <chuck.lever@oracle.com>
	Mon, 20 Feb 2023 14:20:41 +0000 (09:20 -0500)
include/linux/sunrpc/gss_krb5.h		patch \| blob \| history
net/sunrpc/auth_gss/gss_krb5_crypto.c		patch \| blob \| history
net/sunrpc/auth_gss/gss_krb5_internal.h		patch \| blob \| history
net/sunrpc/auth_gss/gss_krb5_keys.c		patch \| blob \| history
net/sunrpc/auth_gss/gss_krb5_mech.c		patch \| blob \| history
net/sunrpc/auth_gss/gss_krb5_seqnum.c		patch \| blob \| history