mirror of
https://github.com/torvalds/linux
synced 2024-10-15 07:47:34 +00:00
SUNRPC: Remove krb5_derive_key_v1()
This function is no longer used. Reviewed-by: Jeff Layton <jlayton@kernel.org> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
This commit is contained in:
parent
ec596aaf9b
commit
6964629f4c
|
@ -104,12 +104,6 @@ u32 gss_krb5_unwrap_v2(struct krb5_ctx *kctx, int offset, int len,
|
|||
|
||||
/* Key Derivation Functions */
|
||||
|
||||
int krb5_derive_key_v1(const struct gss_krb5_enctype *gk5e,
|
||||
const struct xdr_netobj *inkey,
|
||||
struct xdr_netobj *outkey,
|
||||
const struct xdr_netobj *label,
|
||||
gfp_t gfp_mask);
|
||||
|
||||
int krb5_derive_key_v2(const struct gss_krb5_enctype *gk5e,
|
||||
const struct xdr_netobj *inkey,
|
||||
struct xdr_netobj *outkey,
|
||||
|
|
|
@ -222,90 +222,6 @@ static int krb5_DK(const struct gss_krb5_enctype *gk5e,
|
|||
return ret;
|
||||
}
|
||||
|
||||
#define smask(step) ((1<<step)-1)
|
||||
#define pstep(x, step) (((x)&smask(step))^(((x)>>step)&smask(step)))
|
||||
#define parity_char(x) pstep(pstep(pstep((x), 4), 2), 1)
|
||||
|
||||
static void mit_des_fixup_key_parity(u8 key[8])
|
||||
{
|
||||
int i;
|
||||
for (i = 0; i < 8; i++) {
|
||||
key[i] &= 0xfe;
|
||||
key[i] |= 1^parity_char(key[i]);
|
||||
}
|
||||
}
|
||||
|
||||
static int krb5_random_to_key_v1(const struct gss_krb5_enctype *gk5e,
|
||||
struct xdr_netobj *randombits,
|
||||
struct xdr_netobj *key)
|
||||
{
|
||||
int i, ret = -EINVAL;
|
||||
|
||||
if (key->len != 24) {
|
||||
dprintk("%s: key->len is %d\n", __func__, key->len);
|
||||
goto err_out;
|
||||
}
|
||||
if (randombits->len != 21) {
|
||||
dprintk("%s: randombits->len is %d\n",
|
||||
__func__, randombits->len);
|
||||
goto err_out;
|
||||
}
|
||||
|
||||
/* take the seven bytes, move them around into the top 7 bits of the
|
||||
8 key bytes, then compute the parity bits. Do this three times. */
|
||||
|
||||
for (i = 0; i < 3; i++) {
|
||||
memcpy(key->data + i*8, randombits->data + i*7, 7);
|
||||
key->data[i*8+7] = (((key->data[i*8]&1)<<1) |
|
||||
((key->data[i*8+1]&1)<<2) |
|
||||
((key->data[i*8+2]&1)<<3) |
|
||||
((key->data[i*8+3]&1)<<4) |
|
||||
((key->data[i*8+4]&1)<<5) |
|
||||
((key->data[i*8+5]&1)<<6) |
|
||||
((key->data[i*8+6]&1)<<7));
|
||||
|
||||
mit_des_fixup_key_parity(key->data + i*8);
|
||||
}
|
||||
ret = 0;
|
||||
err_out:
|
||||
return ret;
|
||||
}
|
||||
|
||||
/**
|
||||
* krb5_derive_key_v1 - Derive a subkey for an RFC 3961 enctype
|
||||
* @gk5e: Kerberos 5 enctype profile
|
||||
* @inkey: base protocol key
|
||||
* @outkey: OUT: derived key
|
||||
* @label: subkey usage label
|
||||
* @gfp_mask: memory allocation control flags
|
||||
*
|
||||
* Caller sets @outkey->len to the desired length of the derived key.
|
||||
*
|
||||
* On success, returns 0 and fills in @outkey. A negative errno value
|
||||
* is returned on failure.
|
||||
*/
|
||||
int krb5_derive_key_v1(const struct gss_krb5_enctype *gk5e,
|
||||
const struct xdr_netobj *inkey,
|
||||
struct xdr_netobj *outkey,
|
||||
const struct xdr_netobj *label,
|
||||
gfp_t gfp_mask)
|
||||
{
|
||||
struct xdr_netobj inblock;
|
||||
int ret;
|
||||
|
||||
inblock.len = gk5e->keybytes;
|
||||
inblock.data = kmalloc(inblock.len, gfp_mask);
|
||||
if (!inblock.data)
|
||||
return -ENOMEM;
|
||||
|
||||
ret = krb5_DK(gk5e, inkey, inblock.data, label, gfp_mask);
|
||||
if (!ret)
|
||||
ret = krb5_random_to_key_v1(gk5e, &inblock, outkey);
|
||||
|
||||
kfree_sensitive(inblock.data);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* This is the identity function, with some sanity checking.
|
||||
*/
|
||||
|
|
Loading…
Reference in a new issue