284 				   struct ceph_x_authorizer *au)  in ceph_x_build_authorizer()  argument
295 	     ceph_entity_type_name(th->service), au);  in ceph_x_build_authorizer()
297 	ceph_crypto_key_destroy(&au->session_key);  in ceph_x_build_authorizer()
298 	ret = ceph_crypto_key_clone(&au->session_key, &th->session_key);  in ceph_x_build_authorizer()
305 	if (au->buf && au->buf->alloc_len < maxlen) {  in ceph_x_build_authorizer()
306 		ceph_buffer_put(au->buf);  in ceph_x_build_authorizer()
307 		au->buf = NULL;  in ceph_x_build_authorizer()
309 	if (!au->buf) {  in ceph_x_build_authorizer()
310 		au->buf = ceph_buffer_new(maxlen, GFP_NOFS);  in ceph_x_build_authorizer()
311 		if (!au->buf) {  in ceph_x_build_authorizer()
312 			ceph_crypto_key_destroy(&au->session_key);  in ceph_x_build_authorizer()
316 	au->service = th->service;  in ceph_x_build_authorizer()
317 	au->secret_id = th->secret_id;  in ceph_x_build_authorizer()
319 	msg_a = au->buf->vec.iov_base;  in ceph_x_build_authorizer()
335 	end = au->buf->vec.iov_base + au->buf->vec.iov_len;  in ceph_x_build_authorizer()
337 	get_random_bytes(&au->nonce, sizeof(au->nonce));  in ceph_x_build_authorizer()
339 	msg_b.nonce = cpu_to_le64(au->nonce);  in ceph_x_build_authorizer()
340 	ret = ceph_x_encrypt(&au->session_key, &msg_b, sizeof(msg_b),  in ceph_x_build_authorizer()
345 	au->buf->vec.iov_len = p - au->buf->vec.iov_base;  in ceph_x_build_authorizer()
346 	dout(" built authorizer nonce %llx len %d\n", au->nonce,  in ceph_x_build_authorizer()
347 	     (int)au->buf->vec.iov_len);  in ceph_x_build_authorizer()
348 	BUG_ON(au->buf->vec.iov_len > maxlen);  in ceph_x_build_authorizer()
352 	ceph_buffer_put(au->buf);  in ceph_x_build_authorizer()
353 	au->buf = NULL;  in ceph_x_build_authorizer()
548 	struct ceph_x_authorizer *au;  in ceph_x_create_authorizer()  local
556 	au = kzalloc(sizeof(*au), GFP_NOFS);  in ceph_x_create_authorizer()
557 	if (!au)  in ceph_x_create_authorizer()
560 	ret = ceph_x_build_authorizer(ac, th, au);  in ceph_x_create_authorizer()
562 		kfree(au);  in ceph_x_create_authorizer()
566 	auth->authorizer = (struct ceph_authorizer *) au;  in ceph_x_create_authorizer()
567 	auth->authorizer_buf = au->buf->vec.iov_base;  in ceph_x_create_authorizer()
568 	auth->authorizer_buf_len = au->buf->vec.iov_len;  in ceph_x_create_authorizer()
569 	auth->authorizer_reply_buf = au->reply_buf;  in ceph_x_create_authorizer()
570 	auth->authorizer_reply_buf_len = sizeof (au->reply_buf);  in ceph_x_create_authorizer()
581 	struct ceph_x_authorizer *au;  in ceph_x_update_authorizer()  local
588 	au = (struct ceph_x_authorizer *)auth->authorizer;  in ceph_x_update_authorizer()
589 	if (au->secret_id < th->secret_id) {  in ceph_x_update_authorizer()
591 		     au->service, au->secret_id, th->secret_id);  in ceph_x_update_authorizer()
592 		return ceph_x_build_authorizer(ac, th, au);  in ceph_x_update_authorizer()
600 	struct ceph_x_authorizer *au = (void *)a;  in ceph_x_verify_authorizer_reply()  local
604 	void *p = au->reply_buf;  in ceph_x_verify_authorizer_reply()
605 	void *end = p + sizeof(au->reply_buf);  in ceph_x_verify_authorizer_reply()
607 	ret = ceph_x_decrypt(&au->session_key, &p, end, &preply, sizeof(reply));  in ceph_x_verify_authorizer_reply()
613 	if (au->nonce + 1 != le64_to_cpu(reply.nonce_plus_one))  in ceph_x_verify_authorizer_reply()
618 	     au->nonce, le64_to_cpu(reply.nonce_plus_one), ret);  in ceph_x_verify_authorizer_reply()
625 	struct ceph_x_authorizer *au = (void *)a;  in ceph_x_destroy_authorizer()  local
627 	ceph_crypto_key_destroy(&au->session_key);  in ceph_x_destroy_authorizer()
628 	ceph_buffer_put(au->buf);  in ceph_x_destroy_authorizer()
629 	kfree(au);  in ceph_x_destroy_authorizer()
673 static int calcu_signature(struct ceph_x_authorizer *au,  in calcu_signature()  argument
682 	ret = ceph_x_encrypt(&au->session_key, &tmp, sizeof(tmp),  in calcu_signature()