// SPDX-License-Identifier: GPL-2.0-or-later
/* GSSAPI-based RxRPC security
*
* Copyright (C) 2025 Red Hat, Inc. All Rights Reserved.
* Written by David Howells (dhowells@redhat.com)
*/
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
#include <linux/net.h>
#include <linux/skbuff.h>
#include <linux/slab.h>
#include <linux/key-type.h>
#include "ar-internal.h"
#include "rxgk_common.h"
/*
* Parse the information from a server key
*/
static int rxgk_preparse_server_key(struct key_preparsed_payload *prep)
{
const struct krb5_enctype *krb5;
struct krb5_buffer *server_key = (void *)&prep->payload.data[2];
unsigned int service, sec_class, kvno, enctype;
int n = 0;
_enter("%zu", prep->datalen);
if (sscanf(prep->orig_description, "%u:%u:%u:%u%n",
&service, &sec_class, &kvno, &enctype, &n) != 4)
return -EINVAL;
if (prep->orig_description[n])
return -EINVAL;
krb5 = crypto_krb5_find_enctype(enctype);
if (!krb5)
return -ENOPKG;
prep->payload.data[0] = (struct krb5_enctype *)krb5;
if (prep->datalen != krb5->key_len)
return -EKEYREJECTED;
server_key->len = prep->datalen;
server_key->data = kmemdup(prep->data, prep->datalen, GFP_KERNEL);
if (!server_key->data)
return -ENOMEM;
_leave(" = 0");
return 0;
}
static void rxgk_free_server_key(union key_payload *payload)
{
struct krb5_buffer *server_key