gss_krb5: Use confounder length in wrap code

All encryption types use a confounder at the beginning of the
wrap token.  In all encryption types except arcfour-hmac, the
confounder is the same as the blocksize.  arcfour-hmac has a
blocksize of one, but uses an eight byte confounder.

Add an entry to the crypto framework definitions for the
confounder length and change the wrap/unwrap code to use
the confounder length rather than assuming it is always
the blocksize.

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

1 files changed, 3 insertions, 0 deletions

diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h
index d840856edecc..79f6ac2492f5 100644
--- a/include/linux/sunrpc/gss_krb5.h
+++ b/include/linux/sunrpc/gss_krb5.h
@@ -64,6 +64,9 @@ struct gss_krb5_enctype {
         const u16               signalg;        /* signing algorithm */
         const u16               sealalg;        /* sealing algorithm */
         const u32               blocksize;      /* encryption blocksize */
+        const u32               conflen;        /* confounder length
+                                                   (normally the same as
+                                                   the blocksize) */
         const u32               cksumlength;    /* checksum length */
         const u32               keyed_cksum;    /* is it a keyed cksum? */
         const u32               keybytes;       /* raw key len, in bytes */