LU-9073 gss: remove newer kernel support

[fs/lustre-release.git] / lustre / utils / gss / sk_utils.c

diff --git a/lustre/utils/gss/sk_utils.c b/lustre/utils/gss/sk_utils.c
index a0d71ac..c25a8eb 100644 (file)
--- a/lustre/utils/gss/sk_utils.c
+++ b/lustre/utils/gss/sk_utils.c
@@ -48,22 +48,21 @@
 
 static struct sk_crypt_type sk_crypt_types[] = {
        [SK_CRYPT_AES256_CTR] = {
-               .cht_name = "ctr(aes)",
-               .cht_bytes = 32,
+               .sct_name = "ctr(aes)",
+               .sct_bytes = 32,
        },
 };
 
-/*
 static struct sk_hmac_type sk_hmac_types[] = {
        [SK_HMAC_SHA256] = {
-               .cht_name = "sha256",
-               .cht_bytes = 32,
+               .sht_name = "hmac(sha256)",
+               .sht_bytes = 32,
        },
        [SK_HMAC_SHA512] = {
-               .cht_name = "sha512",
-               .cht_bytes = 64,
+               .sht_name = "hmac(sha512)",
+               .sht_bytes = 64,
        },
-};*/
+};
 
 #ifdef _NEW_BUILD_
 # include "lgss_utils.h"
@@ -370,8 +369,7 @@ int sk_validate_config(const struct sk_keyfile_config *config)
                printerr(0, "Invalid version\n");
                return -1;
        }
-       if ((config->skc_hmac_alg != CFS_HASH_ALG_SHA256) &&
-           (config->skc_hmac_alg != CFS_HASH_ALG_SHA512)) {
+       if (config->skc_hmac_alg >= SK_HMAC_MAX) {
                printerr(0, "Invalid HMAC algorithm\n");
                return -1;
        }
@@ -784,12 +782,12 @@ uint32_t sk_gen_params(struct sk_cred *skc)
  *
  * \retval             EVP_MD
  */
-static inline const EVP_MD *sk_hash_to_evp_md(enum cfs_crypto_hash_alg alg)
+static inline const EVP_MD *sk_hash_to_evp_md(enum sk_hmac_alg alg)
 {
        switch (alg) {
-       case CFS_HASH_ALG_SHA256:
+       case SK_HMAC_SHA256:
                return EVP_sha256();
-       case CFS_HASH_ALG_SHA512:
+       case SK_HMAC_SHA512:
                return EVP_sha512();
        default:
                return EVP_md_null();
@@ -974,8 +972,7 @@ void sk_free_cred(struct sk_cred *skc)
  * If the size is smaller it will take copy the first N bytes necessary to
  * fill the derived key. */
 int sk_kdf(gss_buffer_desc *derived_key , gss_buffer_desc *origin_key,
-          gss_buffer_desc *key_binding_bufs, int numbufs,
-          enum cfs_crypto_hash_alg hmac_alg)
+          gss_buffer_desc *key_binding_bufs, int numbufs, int hmac_alg)
 {
        size_t remain;
        size_t bytes;
@@ -1007,7 +1004,7 @@ int sk_kdf(gss_buffer_desc *derived_key , gss_buffer_desc *origin_key,
                        return rc;
                }
 
-               if (cfs_crypto_hash_digestsize(hmac_alg) != tmp_hash.length) {
+               if (sk_hmac_types[hmac_alg].sht_bytes != tmp_hash.length) {
                        free(tmp_hash.value);
                        return -EINVAL;
                }
@@ -1039,7 +1036,7 @@ int sk_session_kdf(struct sk_cred *skc, lnet_nid_t client_nid,
        gss_buffer_desc bufs[5];
        int rc = -1;
 
-       session_key->length = sk_crypt_types[kctx->skc_crypt_alg].cht_bytes;
+       session_key->length = sk_crypt_types[kctx->skc_crypt_alg].sct_bytes;
        session_key->value = malloc(session_key->length);
        if (!session_key->value) {
                printerr(0, "Failed to allocate memory for session key\n");
@@ -1097,7 +1094,7 @@ int sk_compute_keys(struct sk_cred *skc)
        char *integrity = "Integrity";
        int rc;
 
-       hmac_key->length = cfs_crypto_hash_digestsize(kctx->skc_hmac_alg);
+       hmac_key->length = sk_hmac_types[kctx->skc_hmac_alg].sht_bytes;
        hmac_key->value = malloc(hmac_key->length);
        if (!hmac_key->value)
                return -ENOMEM;
@@ -1113,7 +1110,7 @@ int sk_compute_keys(struct sk_cred *skc)
        if ((skc->sc_flags & LGSS_SVC_PRIV) == 0)
                return 0;
 
-       encrypt_key->length = cfs_crypto_hash_digestsize(kctx->skc_hmac_alg);
+       encrypt_key->length = sk_crypt_types[kctx->skc_crypt_alg].sct_bytes;
        encrypt_key->value = malloc(encrypt_key->length);
        if (!encrypt_key->value)
                return -ENOMEM;