[PATCH 17/28] gss_krb5: import functionality to derive keys into the kernel
J. Bruce Fields
bfields at fieldses.org
Mon Mar 31 19:09:51 EDT 2008
On Mon, Mar 31, 2008 at 01:25:21PM -0400, Kevin Coffman wrote:
> On Mon, Mar 31, 2008 at 11:54 AM, Chuck Lever <chuck.lever at oracle.com> wrote:
> >
> > On Mar 31, 2008, at 10:32 AM, Kevin Coffman wrote:
> > > struct krb5_ctx {
> > > @@ -146,6 +152,25 @@ extern struct xdr_netobj krb5_oid;
> > > #define ENCTYPE_DES3_CBC_SHA1 0x0010
> > > #define ENCTYPE_UNKNOWN 0x01ff
> > >
> > > +/*
> > > + * Constants used for key derivation
> > > + */
> > > +/* for 3DES */
> > > +#define KG_USAGE_SEAL 22
> > > +#define KG_USAGE_SIGN 23
> > > +#define KG_USAGE_SEQ 24
> > > +
> > > +/* from rfc3961 */
> > > +#define KEY_USAGE_SEED_CHECKSUM 0x99
> > > +#define KEY_USAGE_SEED_ENCRYPTION 0xAA
> > > +#define KEY_USAGE_SEED_INTEGRITY 0x55
> > > +
> > > +/* from rfc4121 */
> > > +#define KG_USAGE_ACCEPTOR_SEAL 22
> > > +#define KG_USAGE_ACCEPTOR_SIGN 23
> > > +#define KG_USAGE_INITIATOR_SEAL 24
> > > +#define KG_USAGE_INITIATOR_SIGN 25
> > > +
> >
> > I like adding parentheses around integers as a defensive coding tactic.
>
> O.K.
Absent a specific example of a problem that would solve, that looks like
just visual clutter to me.
--b.
More information about the NFSv4
mailing list