From: Ben Kaduk <kaduk@mit.edu>
Date: Fri, 13 Dec 2013 21:17:54 +0000 (-0500)
Subject: Export a few krb5 routines for rxgk
X-Git-Tag: openafs-devel-1_9_0~597
X-Git-Url: https://git.openafs.org/?p=openafs.git;a=commitdiff_plain;h=348dc87bb2eeb66d1e683dc91ee36724ee18f1af

Export a few krb5 routines for rxgk

We need oafs_h_krb5_generate_random_block when generating random
keys and oafs_h_krb5_crypto_fx_cf2 for CombineTokens.
Having oafs_h_krb5_crypto_prf_length proves very convenient for
key derivation of transport keys, so move it to the public header
and export it.
oafs_h_krb5_enctype_keysize is needed so that we can tell whether or not we
need to pass through random_to_key() when making rxgk_keys.
oafs_h_krb5_random_to_key is needed for that random_to_key() operation.

Change-Id: Ia34c8028b07df203b3885157e2d46c6bb512f608
Reviewed-on: https://gerrit.openafs.org/10936
Reviewed-by: Chas Williams <3chas3@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
---

diff --git a/src/crypto/rfc3961/krb5_locl.h b/src/crypto/rfc3961/krb5_locl.h
index 5e9d46b..e7166fa 100644
--- a/src/crypto/rfc3961/krb5_locl.h
+++ b/src/crypto/rfc3961/krb5_locl.h
@@ -193,7 +193,6 @@ typedef struct krb5_crypto_iov {
 #define krb5_crypto_getpadsize _oafs_h_krb5_crypto_getpadsize
 #define krb5_crypto_length _oafs_h_krb5_crypto_length
 #define krb5_crypto_length_iov _oafs_h_krb5_crypto_length_iov
-#define krb5_crypto_prf_length _oafs_h_krb5_crypto_prf_length
 #define krb5_decrypt_EncryptedData _oafs_h_krb5_decrypt_EncryptedData
 #define krb5_decrypt_iov_ivec _oafs_h_krb5_decrypt_iov_ivec
 #define krb5_decrypt_ivec _oafs_h_krb5_decrypt_ivec
@@ -206,7 +205,6 @@ typedef struct krb5_crypto_iov {
 #define _krb5_enctype_arcfour_hmac_md5 _oafs_h__krb5_enctype_arcfour_hmac_md5
 #define krb5_enctype_disable _oafs_h_krb5_enctype_disable
 #define krb5_enctype_enable _oafs_h_krb5_enctype_enable
-#define krb5_enctype_keysize _oafs_h_krb5_enctype_keysize
 #define krb5_enctype_to_keytype _oafs_h_krb5_enctype_to_keytype
 #define krb5_enctype_to_string _oafs_h_krb5_enctype_to_string
 #define krb5_generate_random_keyblock _oafs_h_krb5_generate_random_keyblock
@@ -254,9 +252,6 @@ krb5_error_code krb5_derive_key(krb5_context context, const krb5_keyblock *key,
 				krb5_enctype etype, const void *constant,
 				size_t constant_len,
 				krb5_keyblock **derived_key);
-krb5_error_code krb5_enctype_keysize(krb5_context context,
-				     krb5_enctype type,
-				     size_t *keysize);
 krb5_ssize_t _krb5_put_int(void *buffer, unsigned long value, size_t size);
 void krb5_data_zero(krb5_data *p);
 krb5_error_code krb5_data_copy(krb5_data *p, const void *data, size_t len);
diff --git a/src/crypto/rfc3961/liboafs_rfc3961.la.sym b/src/crypto/rfc3961/liboafs_rfc3961.la.sym
index fb39106..d63e892 100644
--- a/src/crypto/rfc3961/liboafs_rfc3961.la.sym
+++ b/src/crypto/rfc3961/liboafs_rfc3961.la.sym
@@ -4,14 +4,17 @@ oafs_h_krb5_copy_keyblock
 oafs_h_krb5_copy_keyblock_contents
 oafs_h_krb5_create_checksum
 oafs_h_krb5_crypto_destroy
+oafs_h_krb5_crypto_fx_cf2
 oafs_h_krb5_crypto_init
 oafs_h_krb5_crypto_overhead
 oafs_h_krb5_crypto_prf
+oafs_h_krb5_crypto_prf_length
 oafs_h_krb5_data_alloc
 oafs_h_krb5_data_free
 oafs_h_krb5_decrypt
 oafs_h_krb5_encrypt
 oafs_h_krb5_enctype_keybits
+oafs_h_krb5_enctype_keysize
 oafs_h_krb5_enctype_valid
 oafs_h_krb5_free_context
 oafs_h_krb5_free_keyblock
@@ -19,4 +22,6 @@ oafs_h_krb5_free_keyblock_contents
 oafs_h_krb5_init_context
 oafs_h_krb5_keyblock_get_enctype
 oafs_h_krb5_keyblock_init
+oafs_h_krb5_random_to_key
 oafs_h_krb5_verify_checksum
+oafs_h_krb5_generate_random_block
diff --git a/src/crypto/rfc3961/rfc3961.h b/src/crypto/rfc3961/rfc3961.h
index 2656f9b..057b380 100644
--- a/src/crypto/rfc3961/rfc3961.h
+++ b/src/crypto/rfc3961/rfc3961.h
@@ -103,6 +103,7 @@ typedef int krb5_enctype;
 #define krb5_encrypt oafs_h_krb5_encrypt
 #define krb5_decrypt oafs_h_krb5_decrypt
 #define krb5_enctype_keybits oafs_h_krb5_enctype_keybits
+#define krb5_enctype_keysize oafs_h_krb5_enctype_keysize
 #define krb5_data_free oafs_h_krb5_data_free
 #define krb5_data_alloc oafs_h_krb5_data_alloc
 #define krb5_keyblock_init oafs_h_krb5_keyblock_init
@@ -144,6 +145,9 @@ krb5_error_code krb5_decrypt(krb5_context context,
 krb5_error_code krb5_enctype_keybits(krb5_context context,
 				     krb5_enctype type,
 				     size_t *keybits);
+krb5_error_code krb5_enctype_keysize(krb5_context context,
+				     krb5_enctype type,
+				     size_t *keysize);
 
 void krb5_data_free(krb5_data *p);
 
@@ -153,6 +157,7 @@ void krb5_free_keyblock_contents(krb5_context context,
 				 krb5_keyblock *keyblock);
 
 #define krb5_crypto_prf oafs_h_krb5_crypto_prf
+#define krb5_crypto_prf_length oafs_h_krb5_crypto_prf_length
 #define krb5_crypto_fx_cf2 oafs_h_krb5_crypto_fx_cf2
 #define krb5_generate_random_block oafs_h_krb5_generate_random_block
 #define krb5_random_to_key oafs_h_krb5_random_to_key
@@ -163,6 +168,10 @@ krb5_error_code krb5_crypto_prf(krb5_context context,
 				const krb5_data *input,
 				krb5_data *output);
 
+krb5_error_code krb5_crypto_prf_length(krb5_context context,
+				       krb5_enctype type,
+				       size_t *length);
+
 krb5_error_code krb5_crypto_fx_cf2(krb5_context context,
 				   const krb5_crypto crypto1,
 				   const krb5_crypto crypto2,