220 	struct krb5_ctx *ctx, struct crypto_blkcipher **res)  in get_key()  argument
248 	*res = crypto_alloc_blkcipher(ctx->gk5e->encrypt_name, 0,  in get_key()
252 			"crypto algorithm %s\n", ctx->gk5e->encrypt_name);  in get_key()
258 			"crypto algorithm %s\n", ctx->gk5e->encrypt_name);  in get_key()
275 gss_import_v1_context(const void *p, const void *end, struct krb5_ctx *ctx)  in gss_import_v1_context()  argument
279 	p = simple_get_bytes(p, end, &ctx->initiate, sizeof(ctx->initiate));  in gss_import_v1_context()
284 	ctx->enctype = ENCTYPE_DES_CBC_RAW;  in gss_import_v1_context()
286 	ctx->gk5e = get_gss_krb5_enctype(ctx->enctype);  in gss_import_v1_context()
287 	if (ctx->gk5e == NULL) {  in gss_import_v1_context()
315 	p = simple_get_bytes(p, end, &ctx->endtime, sizeof(ctx->endtime));  in gss_import_v1_context()
318 	p = simple_get_bytes(p, end, &ctx->seq_send, sizeof(ctx->seq_send));  in gss_import_v1_context()
321 	p = simple_get_netobj(p, end, &ctx->mech_used);  in gss_import_v1_context()
324 	p = get_key(p, end, ctx, &ctx->enc);  in gss_import_v1_context()
327 	p = get_key(p, end, ctx, &ctx->seq);  in gss_import_v1_context()
338 	crypto_free_blkcipher(ctx->seq);  in gss_import_v1_context()
340 	crypto_free_blkcipher(ctx->enc);  in gss_import_v1_context()
342 	kfree(ctx->mech_used.data);  in gss_import_v1_context()
348 context_v2_alloc_cipher(struct krb5_ctx *ctx, const char *cname, u8 *key)  in context_v2_alloc_cipher()  argument
358 	if (crypto_blkcipher_setkey(cp, key, ctx->gk5e->keylength)) {  in context_v2_alloc_cipher()
378 context_derive_keys_des3(struct krb5_ctx *ctx, gfp_t gfp_mask)  in context_derive_keys_des3()  argument
387 	keyin.data = ctx->Ksess;  in context_derive_keys_des3()
388 	keyin.len = ctx->gk5e->keylength;  in context_derive_keys_des3()
389 	keyout.len = ctx->gk5e->keylength;  in context_derive_keys_des3()
392 	ctx->seq = context_v2_alloc_cipher(ctx, ctx->gk5e->encrypt_name,  in context_derive_keys_des3()
393 					   ctx->Ksess);  in context_derive_keys_des3()
394 	if (ctx->seq == NULL)  in context_derive_keys_des3()
397 	ctx->enc = context_v2_alloc_cipher(ctx, ctx->gk5e->encrypt_name,  in context_derive_keys_des3()
398 					   ctx->Ksess);  in context_derive_keys_des3()
399 	if (ctx->enc == NULL)  in context_derive_keys_des3()
404 	keyout.data = ctx->cksum;  in context_derive_keys_des3()
405 	err = krb5_derive_key(ctx->gk5e, &keyin, &keyout, &c, gfp_mask);  in context_derive_keys_des3()
415 	crypto_free_blkcipher(ctx->enc);  in context_derive_keys_des3()
417 	crypto_free_blkcipher(ctx->seq);  in context_derive_keys_des3()
428 context_derive_keys_rc4(struct krb5_ctx *ctx)  in context_derive_keys_rc4()  argument
441 	hmac = crypto_alloc_hash(ctx->gk5e->cksum_name, 0, CRYPTO_ALG_ASYNC);  in context_derive_keys_rc4()
444 			__func__, PTR_ERR(hmac), ctx->gk5e->cksum_name);  in context_derive_keys_rc4()
449 	err = crypto_hash_setkey(hmac, ctx->Ksess, ctx->gk5e->keylength);  in context_derive_keys_rc4()
463 	err = crypto_hash_digest(&desc, sg, slen, ctx->cksum);  in context_derive_keys_rc4()
469 	ctx->enc = crypto_alloc_blkcipher(ctx->gk5e->encrypt_name, 0,  in context_derive_keys_rc4()
471 	if (IS_ERR(ctx->enc)) {  in context_derive_keys_rc4()
472 		err = PTR_ERR(ctx->enc);  in context_derive_keys_rc4()
476 	ctx->seq = crypto_alloc_blkcipher(ctx->gk5e->encrypt_name, 0,  in context_derive_keys_rc4()
478 	if (IS_ERR(ctx->seq)) {  in context_derive_keys_rc4()
479 		crypto_free_blkcipher(ctx->enc);  in context_derive_keys_rc4()
480 		err = PTR_ERR(ctx->seq);  in context_derive_keys_rc4()
496 context_derive_keys_new(struct krb5_ctx *ctx, gfp_t gfp_mask)  in context_derive_keys_new()  argument
505 	keyin.data = ctx->Ksess;  in context_derive_keys_new()
506 	keyin.len = ctx->gk5e->keylength;  in context_derive_keys_new()
507 	keyout.len = ctx->gk5e->keylength;  in context_derive_keys_new()
511 	keyout.data = ctx->initiator_seal;  in context_derive_keys_new()
512 	err = krb5_derive_key(ctx->gk5e, &keyin, &keyout, &c, gfp_mask);  in context_derive_keys_new()
518 	ctx->initiator_enc = context_v2_alloc_cipher(ctx,  in context_derive_keys_new()
519 						     ctx->gk5e->encrypt_name,  in context_derive_keys_new()
520 						     ctx->initiator_seal);  in context_derive_keys_new()
521 	if (ctx->initiator_enc == NULL)  in context_derive_keys_new()
526 	keyout.data = ctx->acceptor_seal;  in context_derive_keys_new()
527 	err = krb5_derive_key(ctx->gk5e, &keyin, &keyout, &c, gfp_mask);  in context_derive_keys_new()
533 	ctx->acceptor_enc = context_v2_alloc_cipher(ctx,  in context_derive_keys_new()
534 						    ctx->gk5e->encrypt_name,  in context_derive_keys_new()
535 						    ctx->acceptor_seal);  in context_derive_keys_new()
536 	if (ctx->acceptor_enc == NULL)  in context_derive_keys_new()
541 	keyout.data = ctx->initiator_sign;  in context_derive_keys_new()
542 	err = krb5_derive_key(ctx->gk5e, &keyin, &keyout, &c, gfp_mask);  in context_derive_keys_new()
551 	keyout.data = ctx->acceptor_sign;  in context_derive_keys_new()
552 	err = krb5_derive_key(ctx->gk5e, &keyin, &keyout, &c, gfp_mask);  in context_derive_keys_new()
561 	keyout.data = ctx->initiator_integ;  in context_derive_keys_new()
562 	err = krb5_derive_key(ctx->gk5e, &keyin, &keyout, &c, gfp_mask);  in context_derive_keys_new()
571 	keyout.data = ctx->acceptor_integ;  in context_derive_keys_new()
572 	err = krb5_derive_key(ctx->gk5e, &keyin, &keyout, &c, gfp_mask);  in context_derive_keys_new()
579 	switch (ctx->enctype) {  in context_derive_keys_new()
582 		ctx->initiator_enc_aux =  in context_derive_keys_new()
583 			context_v2_alloc_cipher(ctx, "cbc(aes)",  in context_derive_keys_new()
584 						ctx->initiator_seal);  in context_derive_keys_new()
585 		if (ctx->initiator_enc_aux == NULL)  in context_derive_keys_new()
587 		ctx->acceptor_enc_aux =  in context_derive_keys_new()
588 			context_v2_alloc_cipher(ctx, "cbc(aes)",  in context_derive_keys_new()
589 						ctx->acceptor_seal);  in context_derive_keys_new()
590 		if (ctx->acceptor_enc_aux == NULL) {  in context_derive_keys_new()
591 			crypto_free_blkcipher(ctx->initiator_enc_aux);  in context_derive_keys_new()
599 	crypto_free_blkcipher(ctx->acceptor_enc);  in context_derive_keys_new()
601 	crypto_free_blkcipher(ctx->initiator_enc);  in context_derive_keys_new()
607 gss_import_v2_context(const void *p, const void *end, struct krb5_ctx *ctx,  in gss_import_v2_context()  argument
612 	p = simple_get_bytes(p, end, &ctx->flags, sizeof(ctx->flags));  in gss_import_v2_context()
615 	ctx->initiate = ctx->flags & KRB5_CTX_FLAG_INITIATOR;  in gss_import_v2_context()
617 	p = simple_get_bytes(p, end, &ctx->endtime, sizeof(ctx->endtime));  in gss_import_v2_context()
620 	p = simple_get_bytes(p, end, &ctx->seq_send64, sizeof(ctx->seq_send64));  in gss_import_v2_context()
624 	ctx->seq_send = ctx->seq_send64;  in gss_import_v2_context()
625 	if (ctx->seq_send64 != ctx->seq_send) {  in gss_import_v2_context()
627 			(unsigned long)ctx->seq_send64, ctx->seq_send);  in gss_import_v2_context()
631 	p = simple_get_bytes(p, end, &ctx->enctype, sizeof(ctx->enctype));  in gss_import_v2_context()
635 	if (ctx->enctype == ENCTYPE_DES3_CBC_SHA1)  in gss_import_v2_context()
636 		ctx->enctype = ENCTYPE_DES3_CBC_RAW;  in gss_import_v2_context()
637 	ctx->gk5e = get_gss_krb5_enctype(ctx->enctype);  in gss_import_v2_context()
638 	if (ctx->gk5e == NULL) {  in gss_import_v2_context()
640 			ctx->enctype);  in gss_import_v2_context()
644 	keylen = ctx->gk5e->keylength;  in gss_import_v2_context()
646 	p = simple_get_bytes(p, end, ctx->Ksess, keylen);  in gss_import_v2_context()
655 	ctx->mech_used.data = kmemdup(gss_kerberos_mech.gm_oid.data,  in gss_import_v2_context()
657 	if (unlikely(ctx->mech_used.data == NULL)) {  in gss_import_v2_context()
661 	ctx->mech_used.len = gss_kerberos_mech.gm_oid.len;  in gss_import_v2_context()
663 	switch (ctx->enctype) {  in gss_import_v2_context()
665 		return context_derive_keys_des3(ctx, gfp_mask);  in gss_import_v2_context()
667 		return context_derive_keys_rc4(ctx);  in gss_import_v2_context()
670 		return context_derive_keys_new(ctx, gfp_mask);  in gss_import_v2_context()
686 	struct  krb5_ctx *ctx;  in gss_import_sec_context_kerberos()  local
689 	ctx = kzalloc(sizeof(*ctx), gfp_mask);  in gss_import_sec_context_kerberos()
690 	if (ctx == NULL)  in gss_import_sec_context_kerberos()
694 		ret = gss_import_v1_context(p, end, ctx);  in gss_import_sec_context_kerberos()
696 		ret = gss_import_v2_context(p, end, ctx, gfp_mask);  in gss_import_sec_context_kerberos()
699 		ctx_id->internal_ctx_id = ctx;  in gss_import_sec_context_kerberos()
701 			*endtime = ctx->endtime;  in gss_import_sec_context_kerberos()
703 		kfree(ctx);  in gss_import_sec_context_kerberos()