Commit | Line | Data |
---|---|---|
2874c5fd | 1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ |
17926a79 DH |
2 | /* RxRPC key type |
3 | * | |
4 | * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. | |
5 | * Written by David Howells (dhowells@redhat.com) | |
17926a79 DH |
6 | */ |
7 | ||
8 | #ifndef _KEYS_RXRPC_TYPE_H | |
9 | #define _KEYS_RXRPC_TYPE_H | |
10 | ||
11 | #include <linux/key.h> | |
12 | ||
13 | /* | |
14 | * key type for AF_RXRPC keys | |
15 | */ | |
16 | extern struct key_type key_type_rxrpc; | |
17 | ||
76181c13 DH |
18 | extern struct key *rxrpc_get_null_key(const char *); |
19 | ||
33941284 DH |
20 | /* |
21 | * RxRPC key for Kerberos IV (type-2 security) | |
22 | */ | |
23 | struct rxkad_key { | |
24 | u32 vice_id; | |
25 | u32 start; /* time at which ticket starts */ | |
26 | u32 expiry; /* time at which ticket expires */ | |
27 | u32 kvno; /* key version number */ | |
28 | u8 primary_flag; /* T if key for primary cell for this user */ | |
29 | u16 ticket_len; /* length of ticket[] */ | |
30 | u8 session_key[8]; /* DES session key */ | |
18bdc20b | 31 | u8 ticket[]; /* the encrypted ticket */ |
33941284 DH |
32 | }; |
33 | ||
34 | /* | |
35 | * list of tokens attached to an rxrpc key | |
36 | */ | |
37 | struct rxrpc_key_token { | |
38 | u16 security_index; /* RxRPC header security index */ | |
d2ae4e91 | 39 | bool no_leak_key; /* Don't copy the key to userspace */ |
33941284 DH |
40 | struct rxrpc_key_token *next; /* the next token in the list */ |
41 | union { | |
42 | struct rxkad_key *kad; | |
43 | }; | |
44 | }; | |
45 | ||
46 | /* | |
47 | * structure of raw payloads passed to add_key() or instantiate key | |
48 | */ | |
49 | struct rxrpc_key_data_v1 { | |
33941284 DH |
50 | u16 security_index; |
51 | u16 ticket_length; | |
52 | u32 expiry; /* time_t */ | |
53 | u32 kvno; | |
54 | u8 session_key[8]; | |
18bdc20b | 55 | u8 ticket[]; |
33941284 DH |
56 | }; |
57 | ||
58 | /* | |
59 | * AF_RXRPC key payload derived from XDR format | |
60 | * - based on openafs-1.4.10/src/auth/afs_token.xg | |
61 | */ | |
62 | #define AFSTOKEN_LENGTH_MAX 16384 /* max payload size */ | |
99455153 DH |
63 | #define AFSTOKEN_STRING_MAX 256 /* max small string length */ |
64 | #define AFSTOKEN_DATA_MAX 64 /* max small data length */ | |
33941284 DH |
65 | #define AFSTOKEN_CELL_MAX 64 /* max cellname length */ |
66 | #define AFSTOKEN_MAX 8 /* max tokens per payload */ | |
99455153 | 67 | #define AFSTOKEN_BDATALN_MAX 16384 /* max big data length */ |
33941284 DH |
68 | #define AFSTOKEN_RK_TIX_MAX 12000 /* max RxKAD ticket size */ |
69 | #define AFSTOKEN_GK_KEY_MAX 64 /* max GSSAPI key size */ | |
70 | #define AFSTOKEN_GK_TOKEN_MAX 16384 /* max GSSAPI token size */ | |
33941284 | 71 | |
10674a03 BW |
72 | /* |
73 | * Truncate a time64_t to the range from 1970 to 2106 as in the network | |
74 | * protocol. | |
75 | */ | |
76 | static inline u32 rxrpc_time64_to_u32(time64_t time) | |
77 | { | |
78 | if (time < 0) | |
79 | return 0; | |
80 | ||
81 | if (time > UINT_MAX) | |
82 | return UINT_MAX; | |
83 | ||
84 | return (u32)time; | |
85 | } | |
86 | ||
87 | /* | |
88 | * Extend u32 back to time64_t using the same 1970-2106 range. | |
89 | */ | |
90 | static inline time64_t rxrpc_u32_to_time64(u32 time) | |
91 | { | |
92 | return (time64_t)time; | |
93 | } | |
94 | ||
dd89db1d | 95 | #endif /* _KEYS_RXRPC_TYPE_H */ |