The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)

[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/kgssapi/krb5/kcrypto.h

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10  
    1 /*-
    2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
    3  *
    4  * Copyright (c) 2008 Isilon Inc http://www.isilon.com/
    5  * Authors: Doug Rabson <dfr@rabson.org>
    6  * Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
    7  *
    8  * Redistribution and use in source and binary forms, with or without
    9  * modification, are permitted provided that the following conditions
   10  * are met:
   11  * 1. Redistributions of source code must retain the above copyright
   12  *    notice, this list of conditions and the following disclaimer.
   13  * 2. Redistributions in binary form must reproduce the above copyright
   14  *    notice, this list of conditions and the following disclaimer in the
   15  *    documentation and/or other materials provided with the distribution.
   16  *
   17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   18  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   19  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   20  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   21  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   22  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   23  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   24  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   25  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   26  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   27  * SUCH DAMAGE.
   28  *
   29  * $FreeBSD$
   30  */
   31 
   32 #include <sys/_iovec.h>
   33 
   34 #define ETYPE_NULL              0
   35 #define ETYPE_DES_CBC_CRC       1
   36 #define ETYPE_DES_CBC_MD4       2
   37 #define ETYPE_DES_CBC_MD5       3
   38 #define ETYPE_DES3_CBC_MD5      5
   39 #define ETYPE_OLD_DES3_CBC_SHA1 7
   40 #define ETYPE_DES3_CBC_SHA1     16
   41 #define ETYPE_AES128_CTS_HMAC_SHA1_96 17
   42 #define ETYPE_AES256_CTS_HMAC_SHA1_96 18
   43 #define ETYPE_ARCFOUR_HMAC_MD5  23
   44 #define ETYPE_ARCFOUR_HMAC_MD5_56 24
   45 
   46 /*
   47  * Key usages for des3-cbc-sha1 tokens
   48  */
   49 #define KG_USAGE_SEAL           22
   50 #define KG_USAGE_SIGN           23
   51 #define KG_USAGE_SEQ            24
   52 
   53 /*
   54  * Key usages for RFC4121 tokens
   55  */
   56 #define KG_USAGE_ACCEPTOR_SEAL  22
   57 #define KG_USAGE_ACCEPTOR_SIGN  23
   58 #define KG_USAGE_INITIATOR_SEAL 24
   59 #define KG_USAGE_INITIATOR_SIGN 25
   60 
   61 struct krb5_key_state;
   62 
   63 typedef void init_func(struct krb5_key_state *ks);
   64 typedef void destroy_func(struct krb5_key_state *ks);
   65 typedef void set_key_func(struct krb5_key_state *ks, const void *in);
   66 typedef void random_to_key_func(struct krb5_key_state *ks, const void *in);
   67 typedef void encrypt_func(const struct krb5_key_state *ks,
   68     struct mbuf *inout, size_t skip, size_t len, void *ivec, size_t ivlen);
   69 typedef void checksum_func(const struct krb5_key_state *ks, int usage,
   70     struct mbuf *inout, size_t skip, size_t inlen, size_t outlen);
   71 
   72 struct krb5_encryption_class {
   73         const char              *ec_name;
   74         int                     ec_type;
   75         int                     ec_flags;
   76 #define EC_DERIVED_KEYS         1
   77         size_t                  ec_blocklen;
   78         size_t                  ec_msgblocklen;
   79         size_t                  ec_checksumlen;
   80         size_t                  ec_keybits;     /* key length in bits */
   81         size_t                  ec_keylen;      /* size of key in memory */
   82         init_func               *ec_init;
   83         destroy_func            *ec_destroy;
   84         set_key_func            *ec_set_key;
   85         random_to_key_func      *ec_random_to_key;
   86         encrypt_func            *ec_encrypt;
   87         encrypt_func            *ec_decrypt;
   88         checksum_func           *ec_checksum;
   89 };
   90 
   91 struct krb5_key_state {
   92         const struct krb5_encryption_class *ks_class;
   93         volatile u_int          ks_refs;
   94         void                    *ks_key;
   95         void                    *ks_priv;
   96 };
   97 
   98 extern struct krb5_encryption_class krb5_aes128_encryption_class;
   99 extern struct krb5_encryption_class krb5_aes256_encryption_class;
  100 
  101 static __inline void
  102 krb5_set_key(struct krb5_key_state *ks, const void *keydata)
  103 {
  104 
  105         ks->ks_class->ec_set_key(ks, keydata);
  106 }
  107 
  108 static __inline void
  109 krb5_random_to_key(struct krb5_key_state *ks, const void *keydata)
  110 {
  111 
  112         ks->ks_class->ec_random_to_key(ks, keydata);
  113 }
  114 
  115 static __inline void
  116 krb5_encrypt(const struct krb5_key_state *ks, struct mbuf *inout,
  117     size_t skip, size_t len, void *ivec, size_t ivlen)
  118 {
  119 
  120         ks->ks_class->ec_encrypt(ks, inout, skip, len, ivec, ivlen);
  121 }
  122 
  123 static __inline void
  124 krb5_decrypt(const struct krb5_key_state *ks, struct mbuf *inout,
  125     size_t skip, size_t len, void *ivec, size_t ivlen)
  126 {
  127 
  128         ks->ks_class->ec_decrypt(ks, inout, skip, len, ivec, ivlen);
  129 }
  130 
  131 static __inline void
  132 krb5_checksum(const struct krb5_key_state *ks, int usage,
  133     struct mbuf *inout, size_t skip, size_t inlen, size_t outlen)
  134 {
  135 
  136         ks->ks_class->ec_checksum(ks, usage, inout, skip, inlen, outlen);
  137 }
  138 
  139 extern struct krb5_encryption_class *
  140         krb5_find_encryption_class(int etype);
  141 extern struct krb5_key_state *
  142         krb5_create_key(const struct krb5_encryption_class *ec);
  143 extern void krb5_free_key(struct krb5_key_state *ks);
  144 extern struct krb5_key_state *
  145         krb5_derive_key(struct krb5_key_state *inkey,
  146             void *constant, size_t constantlen);
  147 extern struct krb5_key_state *
  148         krb5_get_encryption_key(struct krb5_key_state *basekey, int usage);
  149 extern struct krb5_key_state *
  150         krb5_get_integrity_key(struct krb5_key_state *basekey, int usage);
  151 extern struct krb5_key_state *
  152         krb5_get_checksum_key(struct krb5_key_state *basekey, int usage);

Cache object: e6b0c9589337b2e01a79d8295c9e06b0

[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.