158 gss_wrap_kerberos_v1(struct krb5_ctx *kctx, int offset,  in gss_wrap_kerberos_v1()  argument
171 	u32			conflen = kctx->gk5e->conflen;  in gss_wrap_kerberos_v1()
177 	blocksize = crypto_blkcipher_blocksize(kctx->enc);  in gss_wrap_kerberos_v1()
182 	headlen = g_token_size(&kctx->mech_used,  in gss_wrap_kerberos_v1()
183 		GSS_KRB5_TOK_HDR_LEN + kctx->gk5e->cksumlength + plainlen) -  in gss_wrap_kerberos_v1()
193 	g_make_token_header(&kctx->mech_used,  in gss_wrap_kerberos_v1()
195 				kctx->gk5e->cksumlength + plainlen, &ptr);  in gss_wrap_kerberos_v1()
202 	msg_start = ptr + GSS_KRB5_TOK_HDR_LEN + kctx->gk5e->cksumlength;  in gss_wrap_kerberos_v1()
209 	*(__le16 *)(ptr + 2) = cpu_to_le16(kctx->gk5e->signalg);  in gss_wrap_kerberos_v1()
210 	*(__le16 *)(ptr + 4) = cpu_to_le16(kctx->gk5e->sealalg);  in gss_wrap_kerberos_v1()
216 	if (kctx->gk5e->keyed_cksum)  in gss_wrap_kerberos_v1()
217 		cksumkey = kctx->cksum;  in gss_wrap_kerberos_v1()
224 	if (make_checksum(kctx, ptr, 8, buf, offset + headlen - conflen,  in gss_wrap_kerberos_v1()
232 	seq_send = kctx->seq_send++;  in gss_wrap_kerberos_v1()
237 	if ((krb5_make_seq_num(kctx, kctx->seq, kctx->initiate ? 0 : 0xff,  in gss_wrap_kerberos_v1()
241 	if (kctx->enctype == ENCTYPE_ARCFOUR_HMAC) {  in gss_wrap_kerberos_v1()
244 		cipher = crypto_alloc_blkcipher(kctx->gk5e->encrypt_name, 0,  in gss_wrap_kerberos_v1()
249 		krb5_rc4_setup_enc_key(kctx, cipher, seq_send);  in gss_wrap_kerberos_v1()
257 		if (gss_encrypt_xdr_buf(kctx->enc, buf,  in gss_wrap_kerberos_v1()
262 	return (kctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE;  in gss_wrap_kerberos_v1()
266 gss_unwrap_kerberos_v1(struct krb5_ctx *kctx, int offset, struct xdr_buf *buf)  in gss_unwrap_kerberos_v1()  argument
281 	u32			conflen = kctx->gk5e->conflen;  in gss_unwrap_kerberos_v1()
288 	if (g_verify_token_header(&kctx->mech_used, &bodysize, &ptr,  in gss_unwrap_kerberos_v1()
301 	if (signalg != kctx->gk5e->signalg)  in gss_unwrap_kerberos_v1()
305 	if (sealalg != kctx->gk5e->sealalg)  in gss_unwrap_kerberos_v1()
315 	crypt_offset = ptr + (GSS_KRB5_TOK_HDR_LEN + kctx->gk5e->cksumlength) -  in gss_unwrap_kerberos_v1()
321 	if (krb5_get_seq_num(kctx, ptr + GSS_KRB5_TOK_HDR_LEN,  in gss_unwrap_kerberos_v1()
325 	if ((kctx->initiate && direction != 0xff) ||  in gss_unwrap_kerberos_v1()
326 	    (!kctx->initiate && direction != 0))  in gss_unwrap_kerberos_v1()
329 	if (kctx->enctype == ENCTYPE_ARCFOUR_HMAC) {  in gss_unwrap_kerberos_v1()
333 		cipher = crypto_alloc_blkcipher(kctx->gk5e->encrypt_name, 0,  in gss_unwrap_kerberos_v1()
338 		krb5_rc4_setup_enc_key(kctx, cipher, seqnum);  in gss_unwrap_kerberos_v1()
345 		if (gss_decrypt_xdr_buf(kctx->enc, buf, crypt_offset))  in gss_unwrap_kerberos_v1()
349 	if (kctx->gk5e->keyed_cksum)  in gss_unwrap_kerberos_v1()
350 		cksumkey = kctx->cksum;  in gss_unwrap_kerberos_v1()
354 	if (make_checksum(kctx, ptr, 8, buf, crypt_offset,  in gss_unwrap_kerberos_v1()
359 						kctx->gk5e->cksumlength))  in gss_unwrap_kerberos_v1()
366 	if (now > kctx->endtime)  in gss_unwrap_kerberos_v1()
374 	blocksize = crypto_blkcipher_blocksize(kctx->enc);  in gss_unwrap_kerberos_v1()
375 	data_start = ptr + (GSS_KRB5_TOK_HDR_LEN + kctx->gk5e->cksumlength) +  in gss_unwrap_kerberos_v1()
440 gss_wrap_kerberos_v2(struct krb5_ctx *kctx, u32 offset,  in gss_wrap_kerberos_v2()  argument
453 	if (kctx->gk5e->encrypt_v2 == NULL)  in gss_wrap_kerberos_v2()
465 	if ((kctx->flags & KRB5_CTX_FLAG_INITIATOR) == 0)  in gss_wrap_kerberos_v2()
467 	if ((kctx->flags & KRB5_CTX_FLAG_ACCEPTOR_SUBKEY) != 0)  in gss_wrap_kerberos_v2()
476 	blocksize = crypto_blkcipher_blocksize(kctx->acceptor_enc);  in gss_wrap_kerberos_v2()
483 	*be64ptr = cpu_to_be64(kctx->seq_send64++);  in gss_wrap_kerberos_v2()
486 	err = (*kctx->gk5e->encrypt_v2)(kctx, offset, buf, pages);  in gss_wrap_kerberos_v2()
491 	return (kctx->endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE;  in gss_wrap_kerberos_v2()
495 gss_unwrap_kerberos_v2(struct krb5_ctx *kctx, int offset, struct xdr_buf *buf)  in gss_unwrap_kerberos_v2()  argument
509 	if (kctx->gk5e->decrypt_v2 == NULL)  in gss_unwrap_kerberos_v2()
518 	if ((!kctx->initiate && (flags & KG2_TOKEN_FLAG_SENTBYACCEPTOR)) ||  in gss_unwrap_kerberos_v2()
519 	    (kctx->initiate && !(flags & KG2_TOKEN_FLAG_SENTBYACCEPTOR)))  in gss_unwrap_kerberos_v2()
541 	err = (*kctx->gk5e->decrypt_v2)(kctx, offset, buf,  in gss_unwrap_kerberos_v2()
567 	if (now > kctx->endtime)  in gss_unwrap_kerberos_v2()
594 	struct krb5_ctx	*kctx = gctx->internal_ctx_id;  in gss_wrap_kerberos()  local
596 	switch (kctx->enctype) {  in gss_wrap_kerberos()
602 		return gss_wrap_kerberos_v1(kctx, offset, buf, pages);  in gss_wrap_kerberos()
605 		return gss_wrap_kerberos_v2(kctx, offset, buf, pages);  in gss_wrap_kerberos()
612 	struct krb5_ctx	*kctx = gctx->internal_ctx_id;  in gss_unwrap_kerberos()  local
614 	switch (kctx->enctype) {  in gss_unwrap_kerberos()
620 		return gss_unwrap_kerberos_v1(kctx, offset, buf);  in gss_unwrap_kerberos()
623 		return gss_unwrap_kerberos_v2(kctx, offset, buf);  in gss_unwrap_kerberos()