SUNRPC: Switch wrap token decryption to crypto/krb5

Replace the per-enctype .decrypt callbacks (gss_krb5_aes_decrypt
and krb5_etm_decrypt) with a single gss_krb5_aead_decrypt()
wrapper that delegates to crypto_krb5_decrypt().

The new wrapper builds a scatterlist covering the secured
region (confounder through checksum), passes it to the AEAD
decrypt operation, and derives the confounder and checksum
lengths from the data offset and length that
crypto_krb5_decrypt() reports. The caller's token header
verification and buffer adjustment logic is unchanged.

Assisted-by: Claude:claude-opus-4-6
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Acked-by: Anna Schumaker <anna.schumaker@hammerspace.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
index 85425d4a28c23bff30e0605dbb29f7f257a9869b..31c2c86b873fca726ebdc4e36e1d773956d03f3e 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
@@ -1050,3 +1050,56 @@ gss_krb5_aead_encrypt(struct krb5_ctx *kctx, u32 offset,
 
        return GSS_S_COMPLETE;
 }
+
+/**
+ * gss_krb5_aead_decrypt - Decrypt a wrap token using crypto/krb5
+ * @kctx: Kerberos context
+ * @offset: byte offset of the GSS token header in @buf
+ * @len: total length of the GSS token
+ * @buf: ciphertext buffer, decrypted in-place
+ * @headskip: OUT: confounder length, in octets
+ * @tailskip: OUT: checksum length, in octets
+ *
+ * Return values:
+ *   %GSS_S_COMPLETE: Decryption and integrity verification succeeded
+ *   %GSS_S_BAD_SIG: Integrity checksum did not match
+ *   %GSS_S_DEFECTIVE_TOKEN: Token is malformed or truncated
+ *   %GSS_S_FAILURE: Decryption failed
+ */
+u32
+gss_krb5_aead_decrypt(struct krb5_ctx *kctx, u32 offset, u32 len,
+                     struct xdr_buf *buf, u32 *headskip, u32 *tailskip)
+{
+       const struct krb5_enctype *krb5 = kctx->krb5e;
+       struct crypto_aead *aead = kctx->initiate ?
+               kctx->acceptor_enc_aead : kctx->initiator_enc_aead;
+       unsigned int sec_offset, sec_len;
+       size_t data_offset, data_len;
+       struct scatterlist sg[XDR_BUF_TO_SG_NENTS];
+       struct scatterlist *sg_overflow = NULL;
+       int nsg, ret;
+
+       /* Secured region starts after the GSS token header */
+       sec_offset = offset + GSS_KRB5_TOK_HDR_LEN;
+       if (len < sec_offset)
+               return GSS_S_DEFECTIVE_TOKEN;
+       sec_len = len - sec_offset;
+
+       nsg = xdr_buf_to_sg_alloc(buf, sec_offset, sec_len,
+                                 sg, ARRAY_SIZE(sg),
+                                 &sg_overflow, GFP_NOFS);
+       if (nsg < 0)
+               return GSS_S_FAILURE;
+
+       data_offset = 0;
+       data_len = sec_len;
+       ret = crypto_krb5_decrypt(krb5, aead, sg, nsg,
+                                 &data_offset, &data_len);
+       kfree(sg_overflow);
+       if (ret < 0)
+               return gss_krb5_errno_to_status(ret);
+
+       *headskip = data_offset;
+       *tailskip = sec_len - data_offset - data_len;
+       return GSS_S_COMPLETE;
+}

diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
index 6cd7eb20335033a1b08d89639179aca4a2d5a76a..66372e152c3bba28c21d2e3b7d11158d76900f94 100644 (file)
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -44,7 +44,7 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
          .cksum_name = "hmac(sha1)",
          .derive_key = krb5_derive_key_v2,
          .encrypt = gss_krb5_aead_encrypt,
-         .decrypt = gss_krb5_aes_decrypt,
+         .decrypt = gss_krb5_aead_decrypt,
 
          .get_mic = gss_krb5_get_mic_v2,
          .verify_mic = gss_krb5_verify_mic_v2,
@@ -73,7 +73,7 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
          .cksum_name = "hmac(sha1)",
          .derive_key = krb5_derive_key_v2,
          .encrypt = gss_krb5_aead_encrypt,
-         .decrypt = gss_krb5_aes_decrypt,
+         .decrypt = gss_krb5_aead_decrypt,
 
          .get_mic = gss_krb5_get_mic_v2,
          .verify_mic = gss_krb5_verify_mic_v2,
@@ -167,7 +167,7 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
 
                .derive_key     = krb5_kdf_hmac_sha2,
                .encrypt        = gss_krb5_aead_encrypt,
-               .decrypt        = krb5_etm_decrypt,
+               .decrypt        = gss_krb5_aead_decrypt,
 
                .get_mic        = gss_krb5_get_mic_v2,
                .verify_mic     = gss_krb5_verify_mic_v2,
@@ -193,7 +193,7 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
 
                .derive_key     = krb5_kdf_hmac_sha2,
                .encrypt        = gss_krb5_aead_encrypt,
-               .decrypt        = krb5_etm_decrypt,
+               .decrypt        = gss_krb5_aead_decrypt,
 
                .get_mic        = gss_krb5_get_mic_v2,
                .verify_mic     = gss_krb5_verify_mic_v2,