[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Kevin Coffman] Proposal to export gssapi context

Umich has approached MIT asking  for a private API for their in-kernel GSSAPI implementation to use.

Ideally we'd like to get to a point where Heimdal could implement the
same API.

As such we're seeking comments from the Heimdal community.

Brought to krbdev...

The kernel implementation of rpcsec_gss used for NFSv4 requires context
information be negotiated in user-land and then passed down for use in the
kernel.  gss_export_context() exports the context as an opaque object which
cannot be used for this purpose.  We are proposing three new APIs.  One is
to restrict the encryption types negotiated in user-land to the set that the
kernel can use.  The other two are to export context information into a
usable structure, and then free that structure.

Comments, suggestions, welcome.

 * krb5_gss-set_allowable_enctypes can be called after
 * gss_acquire_cred(), but before gss_init_sec_context(),
 * to restrict the set of enctypes which will be negotiated
 * to those in the provided array.
krb5_gss_set_allowable_enctypes(OM_uint32 *minor_status, 
				gss_cred_id_t cred,
				int num_ktypes,
				krb5_enctype *ktypes);

 * Structure version numbers.  Bit-field representing versions of
 * struct gss_krb5_lucid_context.  See notes in the
 * krb5_gss_export_lucid_sec_context() description for version
 * number handling.
#define GSS_C_LUCID_CONTEXT_VERSION_1		0x00000001

typedef struct gss_krb5_lucid_context {
	OM_int32	version;	/* Structure version number */
	OM_int32	initiate;	/* Are we the initiator? */
	int		sign_alg;	/* signing algorthm */
	int		seal_alg;	/* seal/encrypt algorthm */
	OM_int32	endtime;	/* expiration time of context */
	OM_uint64 (?)	sequence;	/* local (sender) sequence number */
	gss_OID		mech_used;	/* Mechanism */	
	gss_krb5_lucid_key_t	enc_key;	/* Encrypting key info */
	gss_krb5_lucid_key_t	seq_key;	/* Subkey info */

	 * The following are added in the MIT 1.3.2 code for CFX,
	 * I assume we'll want/need them eventually

	OM_int32	protocol;
			/* 0 = rfc1964, 1 = draft-ietf-krb-wg-gssapi-cfx-01 */
	OM_int32	cksumtype;	/* "main" subkey checksum type */
	gss_krb5_lucid_key_t	acceptor_subkey;
	OM_int32	acceptor_subkey_cksumtype;	
} gss_krb5_lucid_context_t;

typedef struct gss_krb5_lucid_key {
	OM_int32	type;		/* key encryption type */
	OM_int32	length;		/* length of key data */
	void *		data;		/* actual key data */
} gss_krb5_lucid_key_t;

 * Returns a non-opaque (lucid) version of the internal context
 * information.  
 * Note that context_handle must not be used again by the caller
 * after this call.  The GSS implementation is free to release any
 * resources associated with the original context.  It is up to the
 * GSS implementation whether it returns pointers to existing data,
 * or copies of the data.  The caller should treat the returned
 * context as read-only.
 * The caller must call krb5_gss_free_lucid_context() to free
 * the context and allocated resources when it is finished with it.
 * 'versions' is a bitfield describing which version(s) of lucid
 * context are understood by the caller.  The highest version
 * understood by both the caller and the GSS implementation must
 * be returned.  The caller can determine which version of the
 * structure was actually returned by the version field of the
 * returned structure.
 * If there are no common versions, an error should be returned.
 * (XXX Need error definition(s))

krb5_gss_export_lucid_sec_context(OM_uint32 *minor_status,
				  gss_ctx_id_t *context_handle,
				  OM_int32 versions,
				  gss_krb5_lucid_context_t **kctx);

 * Frees the allocated storage associated with an
 * exported struct gss_krb5_lucid_context.
krb5_gss_free_lucid_context(OM_uint32 *minor_status,
			    gss_krb5_lucid_context_t *kctx);
krbdev mailing list             krbdev@mit.edu