1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ |
2 | /* RxRPC key type |
3 | * |
4 | * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. |
5 | * Written by David Howells (dhowells@redhat.com) |
6 | */ |
7 | |
8 | #ifndef _KEYS_RXRPC_TYPE_H |
9 | #define _KEYS_RXRPC_TYPE_H |
10 | |
11 | #include <linux/key.h> |
12 | |
13 | /* |
14 | * key type for AF_RXRPC keys |
15 | */ |
16 | extern struct key_type key_type_rxrpc; |
17 | |
18 | extern struct key *rxrpc_get_null_key(const char *); |
19 | |
20 | /* |
21 | * RxRPC key for Kerberos IV (type-2 security) |
22 | */ |
23 | struct rxkad_key { |
24 | u32 vice_id; |
25 | u32 start; /* time at which ticket starts */ |
26 | u32 expiry; /* time at which ticket expires */ |
27 | u32 kvno; /* key version number */ |
28 | u8 primary_flag; /* T if key for primary cell for this user */ |
29 | u16 ticket_len; /* length of ticket[] */ |
30 | u8 session_key[8]; /* DES session key */ |
31 | u8 ticket[]; /* the encrypted ticket */ |
32 | }; |
33 | |
34 | /* |
35 | * list of tokens attached to an rxrpc key |
36 | */ |
37 | struct rxrpc_key_token { |
38 | u16 security_index; /* RxRPC header security index */ |
39 | bool no_leak_key; /* Don't copy the key to userspace */ |
40 | struct rxrpc_key_token *next; /* the next token in the list */ |
41 | union { |
42 | struct rxkad_key *kad; |
43 | }; |
44 | }; |
45 | |
46 | /* |
47 | * structure of raw payloads passed to add_key() or instantiate key |
48 | */ |
49 | struct rxrpc_key_data_v1 { |
50 | u16 security_index; |
51 | u16 ticket_length; |
52 | u32 expiry; /* time_t */ |
53 | u32 kvno; |
54 | u8 session_key[8]; |
55 | u8 ticket[]; |
56 | }; |
57 | |
58 | /* |
59 | * AF_RXRPC key payload derived from XDR format |
60 | * - based on openafs-1.4.10/src/auth/afs_token.xg |
61 | */ |
62 | #define AFSTOKEN_LENGTH_MAX 16384 /* max payload size */ |
63 | #define AFSTOKEN_STRING_MAX 256 /* max small string length */ |
64 | #define AFSTOKEN_DATA_MAX 64 /* max small data length */ |
65 | #define AFSTOKEN_CELL_MAX 64 /* max cellname length */ |
66 | #define AFSTOKEN_MAX 8 /* max tokens per payload */ |
67 | #define AFSTOKEN_BDATALN_MAX 16384 /* max big data length */ |
68 | #define AFSTOKEN_RK_TIX_MAX 12000 /* max RxKAD ticket size */ |
69 | #define AFSTOKEN_GK_KEY_MAX 64 /* max GSSAPI key size */ |
70 | #define AFSTOKEN_GK_TOKEN_MAX 16384 /* max GSSAPI token size */ |
71 | |
72 | /* |
73 | * Truncate a time64_t to the range from 1970 to 2106 as in the network |
74 | * protocol. |
75 | */ |
76 | static inline u32 rxrpc_time64_to_u32(time64_t time) |
77 | { |
78 | if (time < 0) |
79 | return 0; |
80 | |
81 | if (time > UINT_MAX) |
82 | return UINT_MAX; |
83 | |
84 | return (u32)time; |
85 | } |
86 | |
87 | /* |
88 | * Extend u32 back to time64_t using the same 1970-2106 range. |
89 | */ |
90 | static inline time64_t rxrpc_u32_to_time64(u32 time) |
91 | { |
92 | return (time64_t)time; |
93 | } |
94 | |
95 | #endif /* _KEYS_RXRPC_TYPE_H */ |
96 | |