]>
Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * fs/cifs/cifsencrypt.c | |
3 | * | |
12b3b8ff | 4 | * Copyright (C) International Business Machines Corp., 2005,2006 |
1da177e4 LT |
5 | * Author(s): Steve French (sfrench@us.ibm.com) |
6 | * | |
7 | * This library is free software; you can redistribute it and/or modify | |
8 | * it under the terms of the GNU Lesser General Public License as published | |
9 | * by the Free Software Foundation; either version 2.1 of the License, or | |
10 | * (at your option) any later version. | |
11 | * | |
12 | * This library is distributed in the hope that it will be useful, | |
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See | |
15 | * the GNU Lesser General Public License for more details. | |
16 | * | |
17 | * You should have received a copy of the GNU Lesser General Public License | |
18 | * along with this library; if not, write to the Free Software | |
19 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
20 | */ | |
21 | ||
22 | #include <linux/fs.h> | |
5a0e3ad6 | 23 | #include <linux/slab.h> |
1da177e4 | 24 | #include "cifspdu.h" |
ffdd6e4d | 25 | #include "cifsglob.h" |
1da177e4 LT |
26 | #include "cifs_debug.h" |
27 | #include "md5.h" | |
28 | #include "cifs_unicode.h" | |
29 | #include "cifsproto.h" | |
9fbc5908 | 30 | #include "ntlmssp.h" |
7c7b25bc | 31 | #include <linux/ctype.h> |
6d027cfd | 32 | #include <linux/random.h> |
1da177e4 | 33 | |
ffdd6e4d | 34 | /* Calculate and return the CIFS signature based on the mac key and SMB PDU */ |
1da177e4 LT |
35 | /* the 16 byte signature must be allocated by the caller */ |
36 | /* Note we only use the 1st eight bytes */ | |
ffdd6e4d | 37 | /* Note that the smb header signature field on input contains the |
1da177e4 LT |
38 | sequence number before this function is called */ |
39 | ||
40 | extern void mdfour(unsigned char *out, unsigned char *in, int n); | |
41 | extern void E_md4hash(const unsigned char *passwd, unsigned char *p16); | |
4e53a3fb | 42 | extern void SMBencrypt(unsigned char *passwd, const unsigned char *c8, |
ffdd6e4d | 43 | unsigned char *p24); |
50c2f753 | 44 | |
ffdd6e4d | 45 | static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, |
9fbc5908 | 46 | struct TCP_Server_Info *server, char *signature) |
1da177e4 | 47 | { |
56234e27 SF |
48 | int rc = 0; |
49 | struct { | |
50 | struct shash_desc shash; | |
51 | char ctx[crypto_shash_descsize(server->ntlmssp.md5)]; | |
52 | } sdesc; | |
1da177e4 | 53 | |
9fbc5908 | 54 | if (cifs_pdu == NULL || server == NULL || signature == NULL) |
1da177e4 LT |
55 | return -EINVAL; |
56 | ||
56234e27 SF |
57 | sdesc.shash.tfm = server->ntlmssp.md5; |
58 | sdesc.shash.flags = 0x0; | |
9fbc5908 | 59 | |
56234e27 | 60 | rc = crypto_shash_init(&sdesc.shash); |
9fbc5908 | 61 | if (rc) { |
56234e27 | 62 | cERROR(1, "could not initialize master crypto API hmacmd5\n"); |
9fbc5908 SF |
63 | return rc; |
64 | } | |
65 | ||
66 | if (server->secType == RawNTLMSSP) | |
56234e27 | 67 | crypto_shash_update(&sdesc.shash, |
9fbc5908 SF |
68 | server->session_key.data.ntlmv2.key, |
69 | CIFS_NTLMV2_SESSKEY_SIZE); | |
70 | else | |
56234e27 | 71 | crypto_shash_update(&sdesc.shash, |
9fbc5908 SF |
72 | (char *)&server->session_key.data, |
73 | server->session_key.len); | |
74 | ||
56234e27 | 75 | crypto_shash_update(&sdesc.shash, |
9fbc5908 SF |
76 | cifs_pdu->Protocol, cifs_pdu->smb_buf_length); |
77 | ||
56234e27 | 78 | rc = crypto_shash_final(&sdesc.shash, signature); |
b609f06a | 79 | |
56234e27 | 80 | return 0; |
1da177e4 LT |
81 | } |
82 | ||
9fbc5908 | 83 | |
ffdd6e4d SF |
84 | int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, |
85 | __u32 *pexpected_response_sequence_number) | |
1da177e4 LT |
86 | { |
87 | int rc = 0; | |
88 | char smb_signature[20]; | |
89 | ||
ffdd6e4d | 90 | if ((cifs_pdu == NULL) || (server == NULL)) |
1da177e4 LT |
91 | return -EINVAL; |
92 | ||
ffdd6e4d | 93 | if ((cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) == 0) |
1da177e4 LT |
94 | return rc; |
95 | ||
96 | spin_lock(&GlobalMid_Lock); | |
50c2f753 SF |
97 | cifs_pdu->Signature.Sequence.SequenceNumber = |
98 | cpu_to_le32(server->sequence_number); | |
1da177e4 | 99 | cifs_pdu->Signature.Sequence.Reserved = 0; |
50c2f753 | 100 | |
ad009ac9 SF |
101 | *pexpected_response_sequence_number = server->sequence_number++; |
102 | server->sequence_number++; | |
1da177e4 LT |
103 | spin_unlock(&GlobalMid_Lock); |
104 | ||
9fbc5908 | 105 | rc = cifs_calculate_signature(cifs_pdu, server, smb_signature); |
ffdd6e4d | 106 | if (rc) |
1da177e4 LT |
107 | memset(cifs_pdu->Signature.SecuritySignature, 0, 8); |
108 | else | |
109 | memcpy(cifs_pdu->Signature.SecuritySignature, smb_signature, 8); | |
110 | ||
111 | return rc; | |
112 | } | |
113 | ||
ffdd6e4d | 114 | static int cifs_calc_signature2(const struct kvec *iov, int n_vec, |
9fbc5908 | 115 | struct TCP_Server_Info *server, char *signature) |
84afc29b | 116 | { |
e9917a00 | 117 | int i; |
56234e27 SF |
118 | int rc = 0; |
119 | struct { | |
120 | struct shash_desc shash; | |
121 | char ctx[crypto_shash_descsize(server->ntlmssp.md5)]; | |
122 | } sdesc; | |
84afc29b | 123 | |
9fbc5908 | 124 | if (iov == NULL || server == NULL || signature == NULL) |
e9917a00 | 125 | return -EINVAL; |
84afc29b | 126 | |
56234e27 SF |
127 | sdesc.shash.tfm = server->ntlmssp.md5; |
128 | sdesc.shash.flags = 0x0; | |
9fbc5908 | 129 | |
56234e27 | 130 | rc = crypto_shash_init(&sdesc.shash); |
9fbc5908 | 131 | if (rc) { |
56234e27 | 132 | cERROR(1, "could not initialize master crypto API hmacmd5\n"); |
9fbc5908 SF |
133 | return rc; |
134 | } | |
135 | ||
136 | if (server->secType == RawNTLMSSP) | |
56234e27 | 137 | crypto_shash_update(&sdesc.shash, |
9fbc5908 SF |
138 | server->session_key.data.ntlmv2.key, |
139 | CIFS_NTLMV2_SESSKEY_SIZE); | |
140 | else | |
56234e27 | 141 | crypto_shash_update(&sdesc.shash, |
9fbc5908 SF |
142 | (char *)&server->session_key.data, |
143 | server->session_key.len); | |
144 | ||
50c2f753 | 145 | for (i = 0; i < n_vec; i++) { |
745542e2 JL |
146 | if (iov[i].iov_len == 0) |
147 | continue; | |
ffdd6e4d | 148 | if (iov[i].iov_base == NULL) { |
56234e27 | 149 | cERROR(1, "null iovec entry"); |
e9917a00 | 150 | return -EIO; |
745542e2 | 151 | } |
ffdd6e4d | 152 | /* The first entry includes a length field (which does not get |
e9917a00 | 153 | signed that occupies the first 4 bytes before the header */ |
ffdd6e4d | 154 | if (i == 0) { |
63d2583f | 155 | if (iov[0].iov_len <= 8) /* cmd field at offset 9 */ |
e9917a00 | 156 | break; /* nothing to sign or corrupt header */ |
56234e27 | 157 | crypto_shash_update(&sdesc.shash, |
9fbc5908 | 158 | iov[i].iov_base + 4, iov[i].iov_len - 4); |
e9917a00 | 159 | } else |
56234e27 | 160 | crypto_shash_update(&sdesc.shash, |
9fbc5908 | 161 | iov[i].iov_base, iov[i].iov_len); |
e9917a00 | 162 | } |
84afc29b | 163 | |
56234e27 | 164 | rc = crypto_shash_final(&sdesc.shash, signature); |
84afc29b | 165 | |
56234e27 | 166 | return 0; |
84afc29b SF |
167 | } |
168 | ||
ffdd6e4d | 169 | int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, |
63d2583f | 170 | __u32 *pexpected_response_sequence_number) |
84afc29b SF |
171 | { |
172 | int rc = 0; | |
173 | char smb_signature[20]; | |
ffdd6e4d | 174 | struct smb_hdr *cifs_pdu = iov[0].iov_base; |
84afc29b | 175 | |
ffdd6e4d | 176 | if ((cifs_pdu == NULL) || (server == NULL)) |
84afc29b SF |
177 | return -EINVAL; |
178 | ||
ffdd6e4d | 179 | if ((cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) == 0) |
84afc29b SF |
180 | return rc; |
181 | ||
ffdd6e4d SF |
182 | spin_lock(&GlobalMid_Lock); |
183 | cifs_pdu->Signature.Sequence.SequenceNumber = | |
84afc29b | 184 | cpu_to_le32(server->sequence_number); |
ffdd6e4d | 185 | cifs_pdu->Signature.Sequence.Reserved = 0; |
84afc29b | 186 | |
ffdd6e4d SF |
187 | *pexpected_response_sequence_number = server->sequence_number++; |
188 | server->sequence_number++; | |
189 | spin_unlock(&GlobalMid_Lock); | |
84afc29b | 190 | |
9fbc5908 | 191 | rc = cifs_calc_signature2(iov, n_vec, server, smb_signature); |
ffdd6e4d SF |
192 | if (rc) |
193 | memset(cifs_pdu->Signature.SecuritySignature, 0, 8); | |
194 | else | |
195 | memcpy(cifs_pdu->Signature.SecuritySignature, smb_signature, 8); | |
84afc29b | 196 | |
ffdd6e4d | 197 | return rc; |
84afc29b SF |
198 | } |
199 | ||
b609f06a | 200 | int cifs_verify_signature(struct smb_hdr *cifs_pdu, |
9fbc5908 | 201 | struct TCP_Server_Info *server, |
ffdd6e4d | 202 | __u32 expected_sequence_number) |
1da177e4 | 203 | { |
9fbc5908 | 204 | int rc; |
1da177e4 LT |
205 | char server_response_sig[8]; |
206 | char what_we_think_sig_should_be[20]; | |
207 | ||
9fbc5908 | 208 | if (cifs_pdu == NULL || server == NULL) |
1da177e4 LT |
209 | return -EINVAL; |
210 | ||
211 | if (cifs_pdu->Command == SMB_COM_NEGOTIATE) | |
212 | return 0; | |
213 | ||
214 | if (cifs_pdu->Command == SMB_COM_LOCKING_ANDX) { | |
50c2f753 | 215 | struct smb_com_lock_req *pSMB = |
ffdd6e4d SF |
216 | (struct smb_com_lock_req *)cifs_pdu; |
217 | if (pSMB->LockType & LOCKING_ANDX_OPLOCK_RELEASE) | |
1da177e4 LT |
218 | return 0; |
219 | } | |
220 | ||
50c2f753 SF |
221 | /* BB what if signatures are supposed to be on for session but |
222 | server does not send one? BB */ | |
223 | ||
1da177e4 | 224 | /* Do not need to verify session setups with signature "BSRSPYL " */ |
50c2f753 | 225 | if (memcmp(cifs_pdu->Signature.SecuritySignature, "BSRSPYL ", 8) == 0) |
b6b38f70 JP |
226 | cFYI(1, "dummy signature received for smb command 0x%x", |
227 | cifs_pdu->Command); | |
1da177e4 LT |
228 | |
229 | /* save off the origiginal signature so we can modify the smb and check | |
230 | its signature against what the server sent */ | |
50c2f753 | 231 | memcpy(server_response_sig, cifs_pdu->Signature.SecuritySignature, 8); |
1da177e4 | 232 | |
50c2f753 SF |
233 | cifs_pdu->Signature.Sequence.SequenceNumber = |
234 | cpu_to_le32(expected_sequence_number); | |
1da177e4 LT |
235 | cifs_pdu->Signature.Sequence.Reserved = 0; |
236 | ||
9fbc5908 | 237 | rc = cifs_calculate_signature(cifs_pdu, server, |
1da177e4 LT |
238 | what_we_think_sig_should_be); |
239 | ||
50c2f753 | 240 | if (rc) |
1da177e4 LT |
241 | return rc; |
242 | ||
50c2f753 SF |
243 | /* cifs_dump_mem("what we think it should be: ", |
244 | what_we_think_sig_should_be, 16); */ | |
1da177e4 | 245 | |
50c2f753 | 246 | if (memcmp(server_response_sig, what_we_think_sig_should_be, 8)) |
1da177e4 LT |
247 | return -EACCES; |
248 | else | |
249 | return 0; | |
250 | ||
251 | } | |
252 | ||
253 | /* We fill in key by putting in 40 byte array which was allocated by caller */ | |
9fbc5908 | 254 | int cifs_calculate_session_key(struct session_key *key, const char *rn, |
b609f06a | 255 | const char *password) |
1da177e4 LT |
256 | { |
257 | char temp_key[16]; | |
258 | if ((key == NULL) || (rn == NULL)) | |
259 | return -EINVAL; | |
260 | ||
261 | E_md4hash(password, temp_key); | |
b609f06a SF |
262 | mdfour(key->data.ntlm, temp_key, 16); |
263 | memcpy(key->data.ntlm+16, rn, CIFS_SESS_KEY_SIZE); | |
264 | key->len = 40; | |
1da177e4 LT |
265 | return 0; |
266 | } | |
267 | ||
7c7b25bc | 268 | #ifdef CONFIG_CIFS_WEAK_PW_HASH |
4e53a3fb JL |
269 | void calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt, |
270 | char *lnm_session_key) | |
7c7b25bc SF |
271 | { |
272 | int i; | |
273 | char password_with_pad[CIFS_ENCPWD_SIZE]; | |
274 | ||
275 | memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); | |
4e53a3fb JL |
276 | if (password) |
277 | strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE); | |
278 | ||
04912d6a | 279 | if (!encrypt && global_secflags & CIFSSEC_MAY_PLNTXT) { |
4e53a3fb JL |
280 | memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE); |
281 | memcpy(lnm_session_key, password_with_pad, | |
282 | CIFS_ENCPWD_SIZE); | |
283 | return; | |
284 | } | |
bdc4bf6e | 285 | |
7c7b25bc SF |
286 | /* calculate old style session key */ |
287 | /* calling toupper is less broken than repeatedly | |
288 | calling nls_toupper would be since that will never | |
289 | work for UTF8, but neither handles multibyte code pages | |
290 | but the only alternative would be converting to UCS-16 (Unicode) | |
291 | (using a routine something like UniStrupr) then | |
292 | uppercasing and then converting back from Unicode - which | |
293 | would only worth doing it if we knew it were utf8. Basically | |
294 | utf8 and other multibyte codepages each need their own strupper | |
295 | function since a byte at a time will ont work. */ | |
296 | ||
ef571cad | 297 | for (i = 0; i < CIFS_ENCPWD_SIZE; i++) |
7c7b25bc | 298 | password_with_pad[i] = toupper(password_with_pad[i]); |
7c7b25bc | 299 | |
4e53a3fb JL |
300 | SMBencrypt(password_with_pad, cryptkey, lnm_session_key); |
301 | ||
7c7b25bc SF |
302 | /* clear password before we return/free memory */ |
303 | memset(password_with_pad, 0, CIFS_ENCPWD_SIZE); | |
304 | } | |
305 | #endif /* CIFS_WEAK_PW_HASH */ | |
306 | ||
50c2f753 SF |
307 | static int calc_ntlmv2_hash(struct cifsSesInfo *ses, |
308 | const struct nls_table *nls_cp) | |
a8ee0344 SF |
309 | { |
310 | int rc = 0; | |
311 | int len; | |
9fbc5908 | 312 | char nt_hash[CIFS_NTHASH_SIZE]; |
50c2f753 SF |
313 | wchar_t *user; |
314 | wchar_t *domain; | |
9fbc5908 | 315 | wchar_t *server; |
56234e27 SF |
316 | struct { |
317 | struct shash_desc shash; | |
318 | char ctx[crypto_shash_descsize(ses->server->ntlmssp.hmacmd5)]; | |
319 | } sdesc; | |
a8ee0344 SF |
320 | |
321 | /* calculate md4 hash of password */ | |
322 | E_md4hash(ses->password, nt_hash); | |
323 | ||
56234e27 SF |
324 | sdesc.shash.tfm = ses->server->ntlmssp.hmacmd5; |
325 | sdesc.shash.flags = 0x0; | |
326 | ||
9fbc5908 SF |
327 | crypto_shash_setkey(ses->server->ntlmssp.hmacmd5, nt_hash, |
328 | CIFS_NTHASH_SIZE); | |
329 | ||
56234e27 | 330 | rc = crypto_shash_init(&sdesc.shash); |
9fbc5908 | 331 | if (rc) { |
56234e27 | 332 | cERROR(1, "could not initialize master crypto API hmacmd5\n"); |
9fbc5908 SF |
333 | return rc; |
334 | } | |
a8ee0344 SF |
335 | |
336 | /* convert ses->userName to unicode and uppercase */ | |
1717ffc5 SF |
337 | len = strlen(ses->userName); |
338 | user = kmalloc(2 + (len * 2), GFP_KERNEL); | |
56234e27 | 339 | if (user == NULL) |
1717ffc5 | 340 | goto calc_exit_2; |
8f2376ad | 341 | len = cifs_strtoUCS((__le16 *)user, ses->userName, len, nls_cp); |
1717ffc5 | 342 | UniStrupr(user); |
9fbc5908 | 343 | |
56234e27 | 344 | crypto_shash_update(&sdesc.shash, (char *)user, 2 * len); |
a8ee0344 SF |
345 | |
346 | /* convert ses->domainName to unicode and uppercase */ | |
50c2f753 | 347 | if (ses->domainName) { |
1717ffc5 | 348 | len = strlen(ses->domainName); |
a8ee0344 | 349 | |
50c2f753 | 350 | domain = kmalloc(2 + (len * 2), GFP_KERNEL); |
56234e27 | 351 | if (domain == NULL) |
1717ffc5 | 352 | goto calc_exit_1; |
8f2376ad CG |
353 | len = cifs_strtoUCS((__le16 *)domain, ses->domainName, len, |
354 | nls_cp); | |
b609f06a SF |
355 | /* the following line was removed since it didn't work well |
356 | with lower cased domain name that passed as an option. | |
357 | Maybe converting the domain name earlier makes sense */ | |
358 | /* UniStrupr(domain); */ | |
a8ee0344 | 359 | |
56234e27 | 360 | crypto_shash_update(&sdesc.shash, (char *)domain, 2 * len); |
50c2f753 | 361 | |
1717ffc5 | 362 | kfree(domain); |
9fbc5908 SF |
363 | } else if (ses->serverName) { |
364 | len = strlen(ses->serverName); | |
365 | ||
366 | server = kmalloc(2 + (len * 2), GFP_KERNEL); | |
56234e27 | 367 | if (server == NULL) |
9fbc5908 SF |
368 | goto calc_exit_1; |
369 | len = cifs_strtoUCS((__le16 *)server, ses->serverName, len, | |
370 | nls_cp); | |
371 | /* the following line was removed since it didn't work well | |
372 | with lower cased domain name that passed as an option. | |
373 | Maybe converting the domain name earlier makes sense */ | |
374 | /* UniStrupr(domain); */ | |
375 | ||
56234e27 | 376 | crypto_shash_update(&sdesc.shash, (char *)server, 2 * len); |
9fbc5908 SF |
377 | |
378 | kfree(server); | |
1717ffc5 SF |
379 | } |
380 | calc_exit_1: | |
381 | kfree(user); | |
382 | calc_exit_2: | |
50c2f753 | 383 | /* BB FIXME what about bytes 24 through 40 of the signing key? |
1717ffc5 | 384 | compare with the NTLM example */ |
56234e27 | 385 | rc = crypto_shash_final(&sdesc.shash, ses->server->ntlmv2_hash); |
a8ee0344 SF |
386 | |
387 | return rc; | |
388 | } | |
389 | ||
9fbc5908 SF |
390 | static int |
391 | find_domain_name(struct cifsSesInfo *ses) | |
392 | { | |
393 | int rc = 0; | |
394 | unsigned int attrsize; | |
395 | unsigned int type; | |
396 | unsigned char *blobptr; | |
397 | struct ntlmssp2_name *attrptr; | |
398 | ||
399 | if (ses->server->tiblob) { | |
400 | blobptr = ses->server->tiblob; | |
401 | attrptr = (struct ntlmssp2_name *) blobptr; | |
402 | ||
403 | while ((type = attrptr->type) != 0) { | |
404 | blobptr += 2; /* advance attr type */ | |
405 | attrsize = attrptr->length; | |
406 | blobptr += 2; /* advance attr size */ | |
407 | if (type == NTLMSSP_AV_NB_DOMAIN_NAME) { | |
408 | if (!ses->domainName) { | |
409 | ses->domainName = | |
410 | kmalloc(attrptr->length + 1, | |
411 | GFP_KERNEL); | |
412 | if (!ses->domainName) | |
413 | return -ENOMEM; | |
414 | cifs_from_ucs2(ses->domainName, | |
415 | (__le16 *)blobptr, | |
416 | attrptr->length, | |
417 | attrptr->length, | |
418 | load_nls_default(), false); | |
419 | } | |
420 | } | |
421 | blobptr += attrsize; /* advance attr value */ | |
422 | attrptr = (struct ntlmssp2_name *) blobptr; | |
423 | } | |
424 | } else { | |
425 | ses->server->tilen = 2 * sizeof(struct ntlmssp2_name); | |
426 | ses->server->tiblob = kmalloc(ses->server->tilen, GFP_KERNEL); | |
427 | if (!ses->server->tiblob) { | |
428 | ses->server->tilen = 0; | |
429 | cERROR(1, "Challenge target info allocation failure"); | |
430 | return -ENOMEM; | |
431 | } | |
432 | memset(ses->server->tiblob, 0x0, ses->server->tilen); | |
433 | attrptr = (struct ntlmssp2_name *) ses->server->tiblob; | |
434 | attrptr->type = cpu_to_le16(NTLMSSP_DOMAIN_TYPE); | |
435 | } | |
436 | ||
437 | return rc; | |
438 | } | |
439 | ||
440 | static int | |
441 | CalcNTLMv2_response(const struct TCP_Server_Info *server, | |
442 | char *v2_session_response) | |
6d027cfd | 443 | { |
a8ee0344 | 444 | int rc; |
56234e27 SF |
445 | struct { |
446 | struct shash_desc shash; | |
447 | char ctx[crypto_shash_descsize(server->ntlmssp.hmacmd5)]; | |
448 | } sdesc; | |
9fbc5908 | 449 | |
56234e27 SF |
450 | sdesc.shash.tfm = server->ntlmssp.hmacmd5; |
451 | sdesc.shash.flags = 0x0; | |
9fbc5908 SF |
452 | |
453 | crypto_shash_setkey(server->ntlmssp.hmacmd5, server->ntlmv2_hash, | |
454 | CIFS_HMAC_MD5_HASH_SIZE); | |
455 | ||
56234e27 | 456 | rc = crypto_shash_init(&sdesc.shash); |
9fbc5908 | 457 | if (rc) { |
56234e27 | 458 | cERROR(1, "could not initialize master crypto API hmacmd5\n"); |
9fbc5908 SF |
459 | return rc; |
460 | } | |
461 | ||
462 | memcpy(v2_session_response + CIFS_SERVER_CHALLENGE_SIZE, | |
463 | server->cryptKey, CIFS_SERVER_CHALLENGE_SIZE); | |
56234e27 | 464 | crypto_shash_update(&sdesc.shash, |
9fbc5908 SF |
465 | v2_session_response + CIFS_SERVER_CHALLENGE_SIZE, |
466 | sizeof(struct ntlmv2_resp) - CIFS_SERVER_CHALLENGE_SIZE); | |
467 | ||
468 | if (server->tilen) | |
56234e27 | 469 | crypto_shash_update(&sdesc.shash, |
9fbc5908 SF |
470 | server->tiblob, server->tilen); |
471 | ||
56234e27 | 472 | rc = crypto_shash_final(&sdesc.shash, v2_session_response); |
9fbc5908 SF |
473 | |
474 | return rc; | |
475 | } | |
476 | ||
477 | int | |
478 | setup_ntlmv2_rsp(struct cifsSesInfo *ses, char *resp_buf, | |
479 | const struct nls_table *nls_cp) | |
480 | { | |
481 | int rc = 0; | |
50c2f753 | 482 | struct ntlmv2_resp *buf = (struct ntlmv2_resp *)resp_buf; |
56234e27 SF |
483 | struct { |
484 | struct shash_desc shash; | |
485 | char ctx[crypto_shash_descsize(ses->server->ntlmssp.hmacmd5)]; | |
486 | } sdesc; | |
6d027cfd SF |
487 | |
488 | buf->blob_signature = cpu_to_le32(0x00000101); | |
489 | buf->reserved = 0; | |
490 | buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME)); | |
1717ffc5 | 491 | get_random_bytes(&buf->client_chal, sizeof(buf->client_chal)); |
6d027cfd | 492 | buf->reserved2 = 0; |
9fbc5908 SF |
493 | |
494 | if (!ses->domainName) { | |
495 | rc = find_domain_name(ses); | |
496 | if (rc) { | |
497 | cERROR(1, "could not get domain/server name rc %d", rc); | |
498 | return rc; | |
499 | } | |
500 | } | |
a8ee0344 | 501 | |
6d027cfd | 502 | /* calculate buf->ntlmv2_hash */ |
1717ffc5 | 503 | rc = calc_ntlmv2_hash(ses, nls_cp); |
9fbc5908 SF |
504 | if (rc) { |
505 | cERROR(1, "could not get v2 hash rc %d", rc); | |
506 | return rc; | |
507 | } | |
508 | rc = CalcNTLMv2_response(ses->server, resp_buf); | |
509 | if (rc) { | |
b6b38f70 | 510 | cERROR(1, "could not get v2 hash rc %d", rc); |
9fbc5908 SF |
511 | return rc; |
512 | } | |
513 | ||
514 | crypto_shash_setkey(ses->server->ntlmssp.hmacmd5, | |
515 | ses->server->ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); | |
516 | ||
56234e27 SF |
517 | sdesc.shash.tfm = ses->server->ntlmssp.hmacmd5; |
518 | sdesc.shash.flags = 0x0; | |
519 | ||
520 | rc = crypto_shash_init(&sdesc.shash); | |
9fbc5908 | 521 | if (rc) { |
56234e27 | 522 | cERROR(1, "could not initialize master crypto API hmacmd5\n"); |
9fbc5908 SF |
523 | return rc; |
524 | } | |
525 | ||
56234e27 | 526 | crypto_shash_update(&sdesc.shash, resp_buf, CIFS_HMAC_MD5_HASH_SIZE); |
b609f06a | 527 | |
56234e27 | 528 | rc = crypto_shash_final(&sdesc.shash, |
9fbc5908 | 529 | ses->server->session_key.data.ntlmv2.key); |
b609f06a | 530 | |
9fbc5908 SF |
531 | memcpy(&ses->server->session_key.data.ntlmv2.resp, resp_buf, |
532 | sizeof(struct ntlmv2_resp)); | |
533 | ses->server->session_key.len = 16 + sizeof(struct ntlmv2_resp); | |
534 | ||
535 | return rc; | |
6d027cfd SF |
536 | } |
537 | ||
9fbc5908 SF |
538 | int |
539 | calc_seckey(struct TCP_Server_Info *server) | |
1da177e4 | 540 | { |
9fbc5908 SF |
541 | int rc; |
542 | unsigned char sec_key[CIFS_NTLMV2_SESSKEY_SIZE]; | |
543 | struct crypto_blkcipher *tfm_arc4; | |
544 | struct scatterlist sgin, sgout; | |
545 | struct blkcipher_desc desc; | |
546 | ||
547 | get_random_bytes(sec_key, CIFS_NTLMV2_SESSKEY_SIZE); | |
548 | ||
549 | tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", | |
550 | 0, CRYPTO_ALG_ASYNC); | |
551 | if (!tfm_arc4 || IS_ERR(tfm_arc4)) { | |
552 | cERROR(1, "could not allocate " "master crypto API arc4\n"); | |
553 | return 1; | |
554 | } | |
555 | ||
556 | crypto_blkcipher_setkey(tfm_arc4, | |
557 | server->session_key.data.ntlmv2.key, CIFS_CPHTXT_SIZE); | |
558 | sg_init_one(&sgin, sec_key, CIFS_CPHTXT_SIZE); | |
559 | sg_init_one(&sgout, server->ntlmssp.ciphertext, CIFS_CPHTXT_SIZE); | |
560 | rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, CIFS_CPHTXT_SIZE); | |
561 | ||
562 | if (!rc) | |
563 | memcpy(server->session_key.data.ntlmv2.key, | |
564 | sec_key, CIFS_NTLMV2_SESSKEY_SIZE); | |
1da177e4 | 565 | |
9fbc5908 | 566 | crypto_free_blkcipher(tfm_arc4); |
1da177e4 | 567 | |
9fbc5908 SF |
568 | return 0; |
569 | } | |
570 | ||
571 | void | |
572 | cifs_crypto_shash_release(struct TCP_Server_Info *server) | |
573 | { | |
574 | if (server->ntlmssp.md5) | |
575 | crypto_free_shash(server->ntlmssp.md5); | |
576 | ||
577 | if (server->ntlmssp.hmacmd5) | |
578 | crypto_free_shash(server->ntlmssp.hmacmd5); | |
579 | } | |
580 | ||
581 | int | |
582 | cifs_crypto_shash_allocate(struct TCP_Server_Info *server) | |
583 | { | |
584 | server->ntlmssp.hmacmd5 = crypto_alloc_shash("hmac(md5)", 0, 0); | |
585 | if (!server->ntlmssp.hmacmd5 || | |
586 | IS_ERR(server->ntlmssp.hmacmd5)) { | |
56234e27 | 587 | cERROR(1, "could not allocate master crypto API hmacmd5\n"); |
9fbc5908 SF |
588 | return 1; |
589 | } | |
590 | ||
591 | server->ntlmssp.md5 = crypto_alloc_shash("md5", 0, 0); | |
592 | if (!server->ntlmssp.md5 || IS_ERR(server->ntlmssp.md5)) { | |
56234e27 SF |
593 | crypto_free_shash(server->ntlmssp.hmacmd5); |
594 | cERROR(1, "could not allocate master crypto API md5\n"); | |
595 | return 1; | |
2d20ca83 | 596 | } |
2d20ca83 | 597 | |
9fbc5908 | 598 | return 0; |
1da177e4 | 599 | } |