SUNRPC: Remove krb5_derive_key_v1()

author Chuck Lever <chuck.lever@oracle.com>

Thu, 29 Jun 2023 17:51:06 +0000 (13:51 -0400)

committer Chuck Lever <chuck.lever@oracle.com>

Tue, 29 Aug 2023 21:45:22 +0000 (17:45 -0400)
author Chuck Lever <chuck.lever@oracle.com>
Thu, 29 Jun 2023 17:51:06 +0000 (13:51 -0400)
committer Chuck Lever <chuck.lever@oracle.com>
Tue, 29 Aug 2023 21:45:22 +0000 (17:45 -0400)
diff --git a/net/sunrpc/auth_gss/gss_krb5_internal.h b/net/sunrpc/auth_gss/gss_krb5_internal.h

index 3471a57..c1aea06 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_internal.h
+++ b/net/sunrpc/auth_gss/gss_krb5_internal.h
@@ -104,12 +104,6 @@ u32 gss_krb5_unwrap_v2(struct krb5_ctx *kctx, int offset, int len,
  
  /* Key Derivation Functions */
  
-int krb5_derive_key_v1(const struct gss_krb5_enctype *gk5e,
-                      const struct xdr_netobj *inkey,
-                      struct xdr_netobj *outkey,
-                      const struct xdr_netobj *label,
-                      gfp_t gfp_mask);
-
  int krb5_derive_key_v2(const struct gss_krb5_enctype *gk5e,
                        const struct xdr_netobj *inkey,
                        struct xdr_netobj *outkey,
diff --git a/net/sunrpc/auth_gss/gss_krb5_keys.c b/net/sunrpc/auth_gss/gss_krb5_keys.c

index 5347fe1..06d8ee0 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_keys.c
+++ b/net/sunrpc/auth_gss/gss_krb5_keys.c
@@ -222,90 +222,6 @@ err_return:
         return ret;
  }
  
-#define smask(step) ((1<<step)-1)
-#define pstep(x, step) (((x)&smask(step))^(((x)>>step)&smask(step)))
-#define parity_char(x) pstep(pstep(pstep((x), 4), 2), 1)
-
-static void mit_des_fixup_key_parity(u8 key[8])
-{
-       int i;
-       for (i = 0; i < 8; i++) {
-               key[i] &= 0xfe;
-               key[i] |= 1^parity_char(key[i]);
-       }
-}
-
-static int krb5_random_to_key_v1(const struct gss_krb5_enctype *gk5e,
-                                struct xdr_netobj *randombits,
-                                struct xdr_netobj *key)
-{
-       int i, ret = -EINVAL;
-
-       if (key->len != 24) {
-               dprintk("%s: key->len is %d\n", __func__, key->len);
-               goto err_out;
-       }
-       if (randombits->len != 21) {
-               dprintk("%s: randombits->len is %d\n",
-                       __func__, randombits->len);
-               goto err_out;
-       }
-
-       /* take the seven bytes, move them around into the top 7 bits of the
-          8 key bytes, then compute the parity bits.  Do this three times. */
-
-       for (i = 0; i < 3; i++) {
-               memcpy(key->data + i*8, randombits->data + i*7, 7);
-               key->data[i*8+7] = (((key->data[i*8]&1)<<1) |
-                                   ((key->data[i*8+1]&1)<<2) |
-                                   ((key->data[i*8+2]&1)<<3) |
-                                   ((key->data[i*8+3]&1)<<4) |
-                                   ((key->data[i*8+4]&1)<<5) |
-                                   ((key->data[i*8+5]&1)<<6) |
-                                   ((key->data[i*8+6]&1)<<7));
-
-               mit_des_fixup_key_parity(key->data + i*8);
-       }
-       ret = 0;
-err_out:
-       return ret;
-}
-
-/**
- * krb5_derive_key_v1 - Derive a subkey for an RFC 3961 enctype
- * @gk5e: Kerberos 5 enctype profile
- * @inkey: base protocol key
- * @outkey: OUT: derived key
- * @label: subkey usage label
- * @gfp_mask: memory allocation control flags
- *
- * Caller sets @outkey->len to the desired length of the derived key.
- *
- * On success, returns 0 and fills in @outkey. A negative errno value
- * is returned on failure.
- */
-int krb5_derive_key_v1(const struct gss_krb5_enctype *gk5e,
-                      const struct xdr_netobj *inkey,
-                      struct xdr_netobj *outkey,
-                      const struct xdr_netobj *label,
-                      gfp_t gfp_mask)
-{
-       struct xdr_netobj inblock;
-       int ret;
-
-       inblock.len = gk5e->keybytes;
-       inblock.data = kmalloc(inblock.len, gfp_mask);
-       if (!inblock.data)
-               return -ENOMEM;
-
-       ret = krb5_DK(gk5e, inkey, inblock.data, label, gfp_mask);
-       if (!ret)
-               ret = krb5_random_to_key_v1(gk5e, &inblock, outkey);
-
-       kfree_sensitive(inblock.data);
-       return ret;
-}
-
  /*
   * This is the identity function, with some sanity checking.
   */
author	Chuck Lever <chuck.lever@oracle.com>
	Thu, 29 Jun 2023 17:51:06 +0000 (13:51 -0400)
committer	Chuck Lever <chuck.lever@oracle.com>
	Tue, 29 Aug 2023 21:45:22 +0000 (17:45 -0400)
net/sunrpc/auth_gss/gss_krb5_internal.h		patch \| blob \| history
net/sunrpc/auth_gss/gss_krb5_keys.c		patch \| blob \| history