SUNRPC: Add KDF-HMAC-SHA2

The RFC 8009 encryption types use a different key derivation function than the RFC 3962 encryption types. The new key derivation function is defined in Section 3 of RFC 8009. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
author: Chuck Lever <chuck.lever@oracle.com> 2023-01-15 12:22:49 -0500
committer: Chuck Lever <chuck.lever@oracle.com> 2023-02-20 09:20:43 -0500
commit: ae2e4d2bae0007b040e8327f123911c0a6b24d68 (patch)
tree: ee15ad5b77a9f66d38473ed61e07488aca91905e /net/sunrpc/auth_gss/gss_krb5_mech.c
parent: a40cf7530d3104793f9361e69e84ada7960724f2 (diff)
download: linux-ae2e4d2bae0007b040e8327f123911c0a6b24d68.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
index 1951867f3fa817..b55897cac459cf 100644
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -166,6 +166,7 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
 		.Ki_length	= BITS2OCTETS(128),
 
 		.import_ctx	= gss_krb5_import_ctx_v2,
+		.derive_key	= krb5_kdf_hmac_sha2,
 
 		.get_mic	= gss_krb5_get_mic_v2,
 		.verify_mic	= gss_krb5_verify_mic_v2,
@@ -190,6 +191,7 @@ static const struct gss_krb5_enctype supported_gss_krb5_enctypes[] = {
 		.Ki_length	= BITS2OCTETS(192),
 
 		.import_ctx	= gss_krb5_import_ctx_v2,
+		.derive_key	= krb5_kdf_hmac_sha2,
 
 		.get_mic	= gss_krb5_get_mic_v2,
 		.verify_mic	= gss_krb5_verify_mic_v2,
author	Chuck Lever <chuck.lever@oracle.com>	2023-01-15 12:22:49 -0500
committer	Chuck Lever <chuck.lever@oracle.com>	2023-02-20 09:20:43 -0500
commit	ae2e4d2bae0007b040e8327f123911c0a6b24d68 (patch)
tree	ee15ad5b77a9f66d38473ed61e07488aca91905e /net/sunrpc/auth_gss/gss_krb5_mech.c
parent	a40cf7530d3104793f9361e69e84ada7960724f2 (diff)
download	linux-ae2e4d2bae0007b040e8327f123911c0a6b24d68.tar.gz