afs_int32
rxkad_DecryptPacket(const struct rx_connection *conn,
const fc_KeySchedule * schedule,
const fc_InitializationVector * ivec, const int inlen,
struct rx_packet *packet)
{
afs_uint32 xor[2];
struct rx_securityClass *obj;
struct rxkad_cprivate *tp; /* s & c have type at same offset */
char *data;
int i, tlen, len;
len = inlen;
obj = rx_SecurityObjectOf(conn);
tp = (struct rxkad_cprivate *)obj->privateData;
ADD_RXKAD_STATS(bytesDecrypted[rxkad_TypeIndex(tp->type)],len);
memcpy((void *)xor, (void *)ivec, sizeof(xor));
for (i = 0; len; i++) {
data = rx_data(packet, i, tlen);
if (!data || !tlen)
break;
tlen = MIN(len, tlen);
fc_cbc_encrypt(data, data, tlen, *schedule, xor, DECRYPT);
len -= tlen;
}
/* Do this if packet checksums are ever enabled (below), but
* current version just passes zero
afs_int32 cksum;
cksum = ntohl(rx_GetInt32(packet, 1));
*/
return 0;
}
afs_int32
rxkad_EncryptPacket(const struct rx_connection * conn,
const fc_KeySchedule * schedule,
const fc_InitializationVector * ivec, const int inlen,
struct rx_packet * packet)
{
afs_uint32 xor[2];
struct rx_securityClass *obj;
struct rxkad_cprivate *tp; /* s & c have type at same offset */
char *data;
int i, tlen, len;
len = inlen;
obj = rx_SecurityObjectOf(conn);
tp = (struct rxkad_cprivate *)obj->privateData;
ADD_RXKAD_STATS(bytesEncrypted[rxkad_TypeIndex(tp->type)],len);
/*
* afs_int32 cksum;
* cksum = htonl(0);
* * Future option to add cksum here, but for now we just put 0
*/
rx_PutInt32(packet, 1 * sizeof(afs_int32), 0);
memcpy((void *)xor, (void *)ivec, sizeof(xor));
for (i = 0; len; i++) {
data = rx_data(packet, i, tlen);
if (!data || !tlen)
break;
tlen = MIN(len, tlen);
fc_cbc_encrypt(data, data, tlen, *schedule, xor, ENCRYPT);
len -= tlen;
}
return 0;
}
/*!
* \brief So that intermittent failures that cause connections to die
* don't kill whole ubik connection, refresh them when the connection is in
* error.
*/
struct rx_connection *
ubik_RefreshConn(struct rx_connection *tc)
{
afs_uint32 host;
u_short port;
u_short service;
struct rx_securityClass *sc;
int si;
struct rx_connection *newTc;
host = rx_HostOf(rx_PeerOf(tc));
port = rx_PortOf(rx_PeerOf(tc));
service = rx_ServiceIdOf(tc);
sc = rx_SecurityObjectOf(tc);
si = rx_SecurityClassOf(tc);
/*
* destroy old one after creating new one so that refCount on security
* object cannot reach zero.
*/
newTc = rx_NewConnection(host, port, service, sc, si);
rx_DestroyConnection(tc);
return newTc;
}
