aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorKevin Coffman <kwc@citi.umich.edu>2010-03-17 13:03:05 -0400
committerTrond Myklebust <Trond.Myklebust@netapp.com>2010-05-14 15:09:20 -0400
commit5af46547ec451918f3ba51efe59b317d33adf701 (patch)
tree0878529858a5ded9224e633dd13b431e6b69e28c /include/linux
parent1dbd9029f3024d058da1cf6c6658c28aac2e4e1c (diff)
gss_krb5: Use confounder length in wrap code
All encryption types use a confounder at the beginning of the wrap token. In all encryption types except arcfour-hmac, the confounder is the same as the blocksize. arcfour-hmac has a blocksize of one, but uses an eight byte confounder. Add an entry to the crypto framework definitions for the confounder length and change the wrap/unwrap code to use the confounder length rather than assuming it is always the blocksize. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/sunrpc/gss_krb5.h3
1 files changed, 3 insertions, 0 deletions
diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h
index d840856edecc..79f6ac2492f5 100644
--- a/include/linux/sunrpc/gss_krb5.h
+++ b/include/linux/sunrpc/gss_krb5.h
@@ -64,6 +64,9 @@ struct gss_krb5_enctype {
64 const u16 signalg; /* signing algorithm */ 64 const u16 signalg; /* signing algorithm */
65 const u16 sealalg; /* sealing algorithm */ 65 const u16 sealalg; /* sealing algorithm */
66 const u32 blocksize; /* encryption blocksize */ 66 const u32 blocksize; /* encryption blocksize */
67 const u32 conflen; /* confounder length
68 (normally the same as
69 the blocksize) */
67 const u32 cksumlength; /* checksum length */ 70 const u32 cksumlength; /* checksum length */
68 const u32 keyed_cksum; /* is it a keyed cksum? */ 71 const u32 keyed_cksum; /* is it a keyed cksum? */
69 const u32 keybytes; /* raw key len, in bytes */ 72 const u32 keybytes; /* raw key len, in bytes */