lib:crypto: Add GKDI module with some constants

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/lib/crypto/gkdi.c b/lib/crypto/gkdi.c
new file mode 100644 (file)
index 0000000..e049cf9
--- /dev/null
+++ b/lib/crypto/gkdi.c
@@ -0,0 +1,21 @@
+/*
+   Unix SMB/CIFS implementation.
+   Group Key Distribution Protocol functions
+
+   Copyright (C) Catalyst.Net Ltd 2023
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+#include "lib/crypto/gkdi.h"

diff --git a/lib/crypto/gkdi.h b/lib/crypto/gkdi.h
new file mode 100644 (file)
index 0000000..b6c18a8
--- /dev/null
+++ b/lib/crypto/gkdi.h
@@ -0,0 +1,32 @@
+/*
+   Unix SMB/CIFS implementation.
+   Group Key Distribution Protocol functions
+
+   Copyright (C) Catalyst.Net Ltd 2023
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+#ifndef LIB_CRYPTO_GKDI_H
+#define LIB_CRYPTO_GKDI_H
+
+#include <stdint.h>
+
+static const int gkdi_l1_key_iteration = 32;
+static const int gkdi_l2_key_iteration = 32;
+
+static const int64_t gkdi_key_cycle_duration = 360000000000;
+static const int64_t gkdi_max_clock_skew = 3000000000;
+
+#endif /* LIB_CRYPTO_GKDI_H */

diff --git a/lib/crypto/wscript b/lib/crypto/wscript
index 23017fbd63764c64b096f5ade1045947bb953d2d..d39e7cbc8cb6718232050c8eac9118b9e8704499 100644 (file)
--- a/lib/crypto/wscript
+++ b/lib/crypto/wscript
@@ -27,6 +27,9 @@ def build(bld):
                         LIBCRYPTO
                         ''')
 
+    bld.SAMBA_SUBSYSTEM('gkdi',
+                        source='gkdi.c')
+
     bld.SAMBA_PYTHON('python_crypto',
                      source='py_crypto.c',
                      deps='gnutls talloc LIBCLI_AUTH',