static struct sk_crypt_type sk_crypt_types[] = {
[SK_CRYPT_AES256_CTR] = {
- .cht_name = "ctr(aes)",
- .cht_bytes = 32,
+ .sct_name = "ctr(aes)",
+ .sct_bytes = 32,
},
};
-/*
static struct sk_hmac_type sk_hmac_types[] = {
[SK_HMAC_SHA256] = {
- .cht_name = "sha256",
- .cht_bytes = 32,
+ .sht_name = "hmac(sha256)",
+ .sht_bytes = 32,
},
[SK_HMAC_SHA512] = {
- .cht_name = "sha512",
- .cht_bytes = 64,
+ .sht_name = "hmac(sha512)",
+ .sht_bytes = 64,
},
-};*/
+};
#ifdef _NEW_BUILD_
# include "lgss_utils.h"
printerr(0, "Invalid version\n");
return -1;
}
- if ((config->skc_hmac_alg != CFS_HASH_ALG_SHA256) &&
- (config->skc_hmac_alg != CFS_HASH_ALG_SHA512)) {
+ if (config->skc_hmac_alg >= SK_HMAC_MAX) {
printerr(0, "Invalid HMAC algorithm\n");
return -1;
}
*
* \retval EVP_MD
*/
-static inline const EVP_MD *sk_hash_to_evp_md(enum cfs_crypto_hash_alg alg)
+static inline const EVP_MD *sk_hash_to_evp_md(enum sk_hmac_alg alg)
{
switch (alg) {
- case CFS_HASH_ALG_SHA256:
+ case SK_HMAC_SHA256:
return EVP_sha256();
- case CFS_HASH_ALG_SHA512:
+ case SK_HMAC_SHA512:
return EVP_sha512();
default:
return EVP_md_null();
* If the size is smaller it will take copy the first N bytes necessary to
* fill the derived key. */
int sk_kdf(gss_buffer_desc *derived_key , gss_buffer_desc *origin_key,
- gss_buffer_desc *key_binding_bufs, int numbufs,
- enum cfs_crypto_hash_alg hmac_alg)
+ gss_buffer_desc *key_binding_bufs, int numbufs, int hmac_alg)
{
size_t remain;
size_t bytes;
return rc;
}
- if (cfs_crypto_hash_digestsize(hmac_alg) != tmp_hash.length) {
+ if (sk_hmac_types[hmac_alg].sht_bytes != tmp_hash.length) {
free(tmp_hash.value);
return -EINVAL;
}
gss_buffer_desc bufs[5];
int rc = -1;
- session_key->length = sk_crypt_types[kctx->skc_crypt_alg].cht_bytes;
+ session_key->length = sk_crypt_types[kctx->skc_crypt_alg].sct_bytes;
session_key->value = malloc(session_key->length);
if (!session_key->value) {
printerr(0, "Failed to allocate memory for session key\n");
char *integrity = "Integrity";
int rc;
- hmac_key->length = cfs_crypto_hash_digestsize(kctx->skc_hmac_alg);
+ hmac_key->length = sk_hmac_types[kctx->skc_hmac_alg].sht_bytes;
hmac_key->value = malloc(hmac_key->length);
if (!hmac_key->value)
return -ENOMEM;
if ((skc->sc_flags & LGSS_SVC_PRIV) == 0)
return 0;
- encrypt_key->length = cfs_crypto_hash_digestsize(kctx->skc_hmac_alg);
+ encrypt_key->length = sk_crypt_types[kctx->skc_crypt_alg].sct_bytes;
encrypt_key->value = malloc(encrypt_key->length);
if (!encrypt_key->value)
return -ENOMEM;