linux/include/linux/sunrpc/gss_krb5.h

/*
 *  Adapted from MIT Kerberos 5-1.2.1 lib/include/krb5.h,
 *  lib/gssapi/krb5/gssapiP_krb5.h, and others
 *
 *  Copyright (c) 2000-2008 The Regents of the University of Michigan.
 *  All rights reserved.
 *
 *  Andy Adamson   <[email protected]>
 *  Bruce Fields   <[email protected]>
 */

/*
 * Copyright 1995 by the Massachusetts Institute of Technology.
 * All Rights Reserved.
 *
 * Export of this software from the United States of America may
 *   require a specific license from the United States Government.
 *   It is the responsibility of any person or organization contemplating
 *   export to obtain such a license before exporting.
 *
 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
 * distribute this software and its documentation for any purpose and
 * without fee is hereby granted, provided that the above copyright
 * notice appear in all copies and that both that copyright notice and
 * this permission notice appear in supporting documentation, and that
 * the name of M.I.T. not be used in advertising or publicity pertaining
 * to distribution of the software without specific, written prior
 * permission.  Furthermore if you modify this software you must label
 * your software as modified software and not distribute it in such a
 * fashion that it might be confused with the original M.I.T. software.
 * M.I.T. makes no representations about the suitability of
 * this software for any purpose.  It is provided "as is" without express
 * or implied warranty.
 *
 */

#ifndef _LINUX_SUNRPC_GSS_KRB5_H
#define _LINUX_SUNRPC_GSS_KRB5_H

#include <crypto/skcipher.h>
#include <linux/sunrpc/auth_gss.h>
#include <linux/sunrpc/gss_err.h>
#include <linux/sunrpc/gss_asn1.h>

/* Length of constant used in key derivation */
#define GSS_KRB5_K5CLENGTH

/* Maximum key length (in bytes) for the supported crypto algorithms */
#define GSS_KRB5_MAX_KEYLEN

/* Maximum checksum function output for the supported enctypes */
#define GSS_KRB5_MAX_CKSUM_LEN

/* Maximum blocksize for the supported crypto algorithms */
#define GSS_KRB5_MAX_BLOCKSIZE

/* The length of the Kerberos GSS token header */
#define GSS_KRB5_TOK_HDR_LEN

#define KG_TOK_MIC_MSG
#define KG_TOK_WRAP_MSG

#define KG2_TOK_INITIAL
#define KG2_TOK_RESPONSE
#define KG2_TOK_MIC
#define KG2_TOK_WRAP

#define KG2_TOKEN_FLAG_SENTBYACCEPTOR
#define KG2_TOKEN_FLAG_SEALED
#define KG2_TOKEN_FLAG_ACCEPTORSUBKEY

#define KG2_RESP_FLAG_ERROR
#define KG2_RESP_FLAG_DELEG_OK

enum sgn_alg {};
enum seal_alg {};

/*
 * These values are assigned by IANA and published via the
 * subregistry at the link below:
 *
 * https://www.iana.org/assignments/kerberos-parameters/kerberos-parameters.xhtml#kerberos-parameters-2
 */
#define CKSUMTYPE_CRC32
#define CKSUMTYPE_RSA_MD4
#define CKSUMTYPE_RSA_MD4_DES
#define CKSUMTYPE_DESCBC
#define CKSUMTYPE_RSA_MD5
#define CKSUMTYPE_RSA_MD5_DES
#define CKSUMTYPE_NIST_SHA
#define CKSUMTYPE_HMAC_SHA1_DES3
#define CKSUMTYPE_HMAC_SHA1_96_AES128
#define CKSUMTYPE_HMAC_SHA1_96_AES256
#define CKSUMTYPE_CMAC_CAMELLIA128
#define CKSUMTYPE_CMAC_CAMELLIA256
#define CKSUMTYPE_HMAC_SHA256_128_AES128
#define CKSUMTYPE_HMAC_SHA384_192_AES256
#define CKSUMTYPE_HMAC_MD5_ARCFOUR

/* from gssapi_err_krb5.h */
#define KG_CCACHE_NOMATCH
#define KG_KEYTAB_NOMATCH
#define KG_TGT_MISSING
#define KG_NO_SUBKEY
#define KG_CONTEXT_ESTABLISHED
#define KG_BAD_SIGN_TYPE
#define KG_BAD_LENGTH
#define KG_CTX_INCOMPLETE
#define KG_CONTEXT
#define KG_CRED
#define KG_ENC_DESC
#define KG_BAD_SEQ
#define KG_EMPTY_CCACHE
#define KG_NO_CTYPES

/* per Kerberos v5 protocol spec crypto types from the wire. 
 * these get mapped to linux kernel crypto routines.  
 *
 * These values are assigned by IANA and published via the
 * subregistry at the link below:
 *
 * https://www.iana.org/assignments/kerberos-parameters/kerberos-parameters.xhtml#kerberos-parameters-1
 */
#define ENCTYPE_NULL
#define ENCTYPE_DES_CBC_CRC
#define ENCTYPE_DES_CBC_MD4
#define ENCTYPE_DES_CBC_MD5
#define ENCTYPE_DES_CBC_RAW
/* XXX deprecated? */
#define ENCTYPE_DES3_CBC_SHA
#define ENCTYPE_DES3_CBC_RAW
#define ENCTYPE_DES_HMAC_SHA1
#define ENCTYPE_DES3_CBC_SHA1
#define ENCTYPE_AES128_CTS_HMAC_SHA1_96
#define ENCTYPE_AES256_CTS_HMAC_SHA1_96
#define ENCTYPE_AES128_CTS_HMAC_SHA256_128
#define ENCTYPE_AES256_CTS_HMAC_SHA384_192
#define ENCTYPE_ARCFOUR_HMAC
#define ENCTYPE_ARCFOUR_HMAC_EXP
#define ENCTYPE_CAMELLIA128_CTS_CMAC
#define ENCTYPE_CAMELLIA256_CTS_CMAC
#define ENCTYPE_UNKNOWN

/*
 * Constants used for key derivation
 */
/* for 3DES */
#define KG_USAGE_SEAL
#define KG_USAGE_SIGN
#define KG_USAGE_SEQ

/* from rfc3961 */
#define KEY_USAGE_SEED_CHECKSUM
#define KEY_USAGE_SEED_ENCRYPTION
#define KEY_USAGE_SEED_INTEGRITY

/* from rfc4121 */
#define KG_USAGE_ACCEPTOR_SEAL
#define KG_USAGE_ACCEPTOR_SIGN
#define KG_USAGE_INITIATOR_SEAL
#define KG_USAGE_INITIATOR_SIGN

#endif /* _LINUX_SUNRPC_GSS_KRB5_H */