From: Chuck Lever chuck.lever@oracle.com
Hoist the name of the aux_cipher into struct gss_krb5_enctype to prepare for obscuring the encryption keys just after they are derived.
Tested-by: Scott Mayhew smayhew@redhat.com Signed-off-by: Chuck Lever chuck.lever@oracle.com --- include/linux/sunrpc/gss_krb5.h | 1 + net/sunrpc/auth_gss/gss_krb5_mech.c | 50 ++++++++++++++++++----------------- 2 files changed, 26 insertions(+), 25 deletions(-)
diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h index f0fac1e69731..34d54714c6a3 100644 --- a/include/linux/sunrpc/gss_krb5.h +++ b/include/linux/sunrpc/gss_krb5.h @@ -61,6 +61,7 @@ struct gss_krb5_enctype { const u32 ctype; /* checksum type */ const char *name; /* "friendly" name */ const char *encrypt_name; /* crypto encrypt name */ + const char *aux_cipher; /* aux encrypt cipher name */ const char *cksum_name; /* crypto checksum name */ const u16 signalg; /* signing algorithm */ const u16 sealalg; /* sealing algorithm */ diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c index b982c9d495f2..afa6a692ccdd 100644 --- a/net/sunrpc/auth_gss/gss_krb5_mech.c +++ b/net/sunrpc/auth_gss/gss_krb5_mech.c @@ -78,6 +78,7 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = { .ctype = CKSUMTYPE_HMAC_SHA1_96_AES128, .name = "aes128-cts", .encrypt_name = "cts(cbc(aes))", + .aux_cipher = "cbc(aes)", .cksum_name = "hmac(sha1)", .encrypt = krb5_encrypt, .decrypt = krb5_decrypt, @@ -99,6 +100,7 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = { .ctype = CKSUMTYPE_HMAC_SHA1_96_AES256, .name = "aes256-cts", .encrypt_name = "cts(cbc(aes))", + .aux_cipher = "cbc(aes)", .cksum_name = "hmac(sha1)", .encrypt = krb5_encrypt, .decrypt = krb5_decrypt, @@ -373,6 +375,13 @@ context_derive_keys_new(struct krb5_ctx *ctx, gfp_t gfp_mask) ctx->initiator_seal); if (ctx->initiator_enc == NULL) goto out_err; + if (ctx->gk5e->aux_cipher) { + ctx->initiator_enc_aux = + context_v2_alloc_cipher(ctx, ctx->gk5e->aux_cipher, + ctx->initiator_seal); + if (ctx->initiator_enc_aux == NULL) + goto out_free; + }
/* acceptor seal encryption */ set_cdata(cdata, KG_USAGE_ACCEPTOR_SEAL, KEY_USAGE_SEED_ENCRYPTION); @@ -381,13 +390,20 @@ context_derive_keys_new(struct krb5_ctx *ctx, gfp_t gfp_mask) if (err) { dprintk("%s: Error %d deriving acceptor_seal key\n", __func__, err); - goto out_free_initiator_enc; + goto out_free; } ctx->acceptor_enc = context_v2_alloc_cipher(ctx, ctx->gk5e->encrypt_name, ctx->acceptor_seal); if (ctx->acceptor_enc == NULL) - goto out_free_initiator_enc; + goto out_free; + if (ctx->gk5e->aux_cipher) { + ctx->acceptor_enc_aux = + context_v2_alloc_cipher(ctx, ctx->gk5e->aux_cipher, + ctx->acceptor_seal); + if (ctx->acceptor_enc_aux == NULL) + goto out_free; + }
/* initiator sign checksum */ set_cdata(cdata, KG_USAGE_INITIATOR_SIGN, KEY_USAGE_SEED_CHECKSUM); @@ -396,7 +412,7 @@ context_derive_keys_new(struct krb5_ctx *ctx, gfp_t gfp_mask) if (err) { dprintk("%s: Error %d deriving initiator_sign key\n", __func__, err); - goto out_free_acceptor_enc; + goto out_free; }
/* acceptor sign checksum */ @@ -406,7 +422,7 @@ context_derive_keys_new(struct krb5_ctx *ctx, gfp_t gfp_mask) if (err) { dprintk("%s: Error %d deriving acceptor_sign key\n", __func__, err); - goto out_free_acceptor_enc; + goto out_free; }
/* initiator seal integrity */ @@ -416,7 +432,7 @@ context_derive_keys_new(struct krb5_ctx *ctx, gfp_t gfp_mask) if (err) { dprintk("%s: Error %d deriving initiator_integ key\n", __func__, err); - goto out_free_acceptor_enc; + goto out_free; }
/* acceptor seal integrity */ @@ -426,31 +442,15 @@ context_derive_keys_new(struct krb5_ctx *ctx, gfp_t gfp_mask) if (err) { dprintk("%s: Error %d deriving acceptor_integ key\n", __func__, err); - goto out_free_acceptor_enc; - } - - switch (ctx->enctype) { - case ENCTYPE_AES128_CTS_HMAC_SHA1_96: - case ENCTYPE_AES256_CTS_HMAC_SHA1_96: - ctx->initiator_enc_aux = - context_v2_alloc_cipher(ctx, "cbc(aes)", - ctx->initiator_seal); - if (ctx->initiator_enc_aux == NULL) - goto out_free_acceptor_enc; - ctx->acceptor_enc_aux = - context_v2_alloc_cipher(ctx, "cbc(aes)", - ctx->acceptor_seal); - if (ctx->acceptor_enc_aux == NULL) { - crypto_free_sync_skcipher(ctx->initiator_enc_aux); - goto out_free_acceptor_enc; - } + goto out_free; }
return 0;
-out_free_acceptor_enc: +out_free: + crypto_free_sync_skcipher(ctx->acceptor_enc_aux); crypto_free_sync_skcipher(ctx->acceptor_enc); -out_free_initiator_enc: + crypto_free_sync_skcipher(ctx->initiator_enc_aux); crypto_free_sync_skcipher(ctx->initiator_enc); out_err: return -EINVAL;