Gitiles
Code Review Sign In
android-review.linaro.org / kernel / hikey-linaro / bf7ef8f2d57cd1f5f1846dd58ff9309efad58252 / . / include / keys / rxrpc-type.h
blob: 5de0673f333b7ca86df00a3f930d5d7005560e53 [file] [log] [blame]
David Howells17926a72007-04-26 15:48:28 -0700[diff] [blame]1/* RxRPC key type
2 *
3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12#ifndef _KEYS_RXRPC_TYPE_H
13#define _KEYS_RXRPC_TYPE_H
14
15#include <linux/key.h>
16
17/*
18 * key type for AF_RXRPC keys
19 */
20extern struct key_type key_type_rxrpc;
21
David Howells76181c12007-10-16 23:29:46 -0700[diff] [blame]22extern struct key *rxrpc_get_null_key(const char *);
23
David Howells33941282009-09-14 01:17:35 +0000[diff] [blame]24/*
25 * RxRPC key for Kerberos IV (type-2 security)
26 */
27struct rxkad_key {
28 u32 vice_id;
29 u32 start; /* time at which ticket starts */
30 u32 expiry; /* time at which ticket expires */
31 u32 kvno; /* key version number */
32 u8 primary_flag; /* T if key for primary cell for this user */
33 u16 ticket_len; /* length of ticket[] */
34 u8 session_key[8]; /* DES session key */
35 u8 ticket[0]; /* the encrypted ticket */
36};
37
38/*
David Howells994551532009-09-14 01:17:46 +0000[diff] [blame]39 * Kerberos 5 principal
40 * name/name/name@realm
41 */
42struct krb5_principal {
43 u8 n_name_parts; /* N of parts of the name part of the principal */
44 char **name_parts; /* parts of the name part of the principal */
45 char *realm; /* parts of the realm part of the principal */
46};
47
48/*
49 * Kerberos 5 tagged data
50 */
51struct krb5_tagged_data {
52 /* for tag value, see /usr/include/krb5/krb5.h
53 * - KRB5_AUTHDATA_* for auth data
David Howells965475a2016-06-14 10:29:44 +0100[diff] [blame]54 * -
David Howells994551532009-09-14 01:17:46 +0000[diff] [blame]55 */
David Howells4e36a952009-09-16 00:01:13 -0700[diff] [blame]56 s32 tag;
57 u32 data_len;
David Howells994551532009-09-14 01:17:46 +0000[diff] [blame]58 u8 *data;
59};
60
61/*
62 * RxRPC key for Kerberos V (type-5 security)
63 */
64struct rxk5_key {
David Howells4e36a952009-09-16 00:01:13 -0700[diff] [blame]65 u64 authtime; /* time at which auth token generated */
66 u64 starttime; /* time at which auth token starts */
67 u64 endtime; /* time at which auth token expired */
68 u64 renew_till; /* time to which auth token can be renewed */
69 s32 is_skey; /* T if ticket is encrypted in another ticket's
David Howells994551532009-09-14 01:17:46 +0000[diff] [blame]70 * skey */
David Howells4e36a952009-09-16 00:01:13 -0700[diff] [blame]71 s32 flags; /* mask of TKT_FLG_* bits (krb5/krb5.h) */
David Howells994551532009-09-14 01:17:46 +0000[diff] [blame]72 struct krb5_principal client; /* client principal name */
73 struct krb5_principal server; /* server principal name */
David Howells4e36a952009-09-16 00:01:13 -0700[diff] [blame]74 u16 ticket_len; /* length of ticket */
75 u16 ticket2_len; /* length of second ticket */
David Howells994551532009-09-14 01:17:46 +0000[diff] [blame]76 u8 n_authdata; /* number of authorisation data elements */
77 u8 n_addresses; /* number of addresses */
78 struct krb5_tagged_data session; /* session data; tag is enctype */
79 struct krb5_tagged_data *addresses; /* addresses */
80 u8 *ticket; /* krb5 ticket */
81 u8 *ticket2; /* second krb5 ticket, if related to ticket (via
82 * DUPLICATE-SKEY or ENC-TKT-IN-SKEY) */
83 struct krb5_tagged_data *authdata; /* authorisation data */
84};
85
86/*
David Howells33941282009-09-14 01:17:35 +0000[diff] [blame]87 * list of tokens attached to an rxrpc key
88 */
89struct rxrpc_key_token {
90 u16 security_index; /* RxRPC header security index */
91 struct rxrpc_key_token *next; /* the next token in the list */
92 union {
93 struct rxkad_key *kad;
David Howells994551532009-09-14 01:17:46 +0000[diff] [blame]94 struct rxk5_key *k5;
David Howells33941282009-09-14 01:17:35 +0000[diff] [blame]95 };
96};
97
98/*
99 * structure of raw payloads passed to add_key() or instantiate key
100 */
101struct rxrpc_key_data_v1 {
David Howells33941282009-09-14 01:17:35 +0000[diff] [blame]102 u16 security_index;
103 u16 ticket_length;
104 u32 expiry; /* time_t */
105 u32 kvno;
106 u8 session_key[8];
107 u8 ticket[0];
108};
109
110/*
111 * AF_RXRPC key payload derived from XDR format
112 * - based on openafs-1.4.10/src/auth/afs_token.xg
113 */
114#define AFSTOKEN_LENGTH_MAX 16384 /* max payload size */
David Howells994551532009-09-14 01:17:46 +0000[diff] [blame]115#define AFSTOKEN_STRING_MAX 256 /* max small string length */
116#define AFSTOKEN_DATA_MAX 64 /* max small data length */
David Howells33941282009-09-14 01:17:35 +0000[diff] [blame]117#define AFSTOKEN_CELL_MAX 64 /* max cellname length */
118#define AFSTOKEN_MAX 8 /* max tokens per payload */
David Howells994551532009-09-14 01:17:46 +0000[diff] [blame]119#define AFSTOKEN_BDATALN_MAX 16384 /* max big data length */
David Howells33941282009-09-14 01:17:35 +0000[diff] [blame]120#define AFSTOKEN_RK_TIX_MAX 12000 /* max RxKAD ticket size */
121#define AFSTOKEN_GK_KEY_MAX 64 /* max GSSAPI key size */
122#define AFSTOKEN_GK_TOKEN_MAX 16384 /* max GSSAPI token size */
123#define AFSTOKEN_K5_COMPONENTS_MAX 16 /* max K5 components */
124#define AFSTOKEN_K5_NAME_MAX 128 /* max K5 name length */
125#define AFSTOKEN_K5_REALM_MAX 64 /* max K5 realm name length */
126#define AFSTOKEN_K5_TIX_MAX 16384 /* max K5 ticket size */
127#define AFSTOKEN_K5_ADDRESSES_MAX 16 /* max K5 addresses */
128#define AFSTOKEN_K5_AUTHDATA_MAX 16 /* max K5 pieces of auth data */
129
Robert P. J. Daydd89db12008-04-21 22:43:55 +0000[diff] [blame]130#endif /* _KEYS_RXRPC_TYPE_H */