1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/* RxRPC key type
3 *
4 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.com)
6 */
7
8#ifndef _KEYS_RXRPC_TYPE_H
9#define _KEYS_RXRPC_TYPE_H
10
11#include <linux/key.h>
12
13/*
14 * key type for AF_RXRPC keys
15 */
16extern struct key_type key_type_rxrpc;
17
18extern struct key *rxrpc_get_null_key(const char *);
19
20/*
21 * RxRPC key for Kerberos IV (type-2 security)
22 */
23struct rxkad_key {
24 u32 vice_id;
25 u32 start; /* time at which ticket starts */
26 u32 expiry; /* time at which ticket expires */
27 u32 kvno; /* key version number */
28 u8 primary_flag; /* T if key for primary cell for this user */
29 u16 ticket_len; /* length of ticket[] */
30 u8 session_key[8]; /* DES session key */
31 u8 ticket[]; /* the encrypted ticket */
32};
33
34/*
35 * list of tokens attached to an rxrpc key
36 */
37struct rxrpc_key_token {
38 u16 security_index; /* RxRPC header security index */
39 bool no_leak_key; /* Don't copy the key to userspace */
40 struct rxrpc_key_token *next; /* the next token in the list */
41 union {
42 struct rxkad_key *kad;
43 };
44};
45
46/*
47 * structure of raw payloads passed to add_key() or instantiate key
48 */
49struct rxrpc_key_data_v1 {
50 u16 security_index;
51 u16 ticket_length;
52 u32 expiry; /* time_t */
53 u32 kvno;
54 u8 session_key[8];
55 u8 ticket[];
56};
57
58/*
59 * AF_RXRPC key payload derived from XDR format
60 * - based on openafs-1.4.10/src/auth/afs_token.xg
61 */
62#define AFSTOKEN_LENGTH_MAX 16384 /* max payload size */
63#define AFSTOKEN_STRING_MAX 256 /* max small string length */
64#define AFSTOKEN_DATA_MAX 64 /* max small data length */
65#define AFSTOKEN_CELL_MAX 64 /* max cellname length */
66#define AFSTOKEN_MAX 8 /* max tokens per payload */
67#define AFSTOKEN_BDATALN_MAX 16384 /* max big data length */
68#define AFSTOKEN_RK_TIX_MAX 12000 /* max RxKAD ticket size */
69#define AFSTOKEN_GK_KEY_MAX 64 /* max GSSAPI key size */
70#define AFSTOKEN_GK_TOKEN_MAX 16384 /* max GSSAPI token size */
71
72/*
73 * Truncate a time64_t to the range from 1970 to 2106 as in the network
74 * protocol.
75 */
76static inline u32 rxrpc_time64_to_u32(time64_t time)
77{
78 if (time < 0)
79 return 0;
80
81 if (time > UINT_MAX)
82 return UINT_MAX;
83
84 return (u32)time;
85}
86
87/*
88 * Extend u32 back to time64_t using the same 1970-2106 range.
89 */
90static inline time64_t rxrpc_u32_to_time64(u32 time)
91{
92 return (time64_t)time;
93}
94
95#endif /* _KEYS_RXRPC_TYPE_H */
96

source code of linux/include/keys/rxrpc-type.h