]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blame - fs/cifs/cifsencrypt.c
projects / mirror_ubuntu-zesty-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
NTLM auth and sign - Define crypto hash functions and create and send keys needed...
[mirror_ubuntu-zesty-kernel.git] / fs / cifs / cifsencrypt.c
CommitLineData
1da177e4
LT		 1/*
2 * fs/cifs/cifsencrypt.c
3 *
12b3b8ff 4 * Copyright (C) International Business Machines Corp., 2005,2006
1da177e4
LT		 5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21
22#include <linux/fs.h>
5a0e3ad6 23#include <linux/slab.h>
1da177e4 24#include "cifspdu.h"
ffdd6e4d 25#include "cifsglob.h"
1da177e4
LT		 26#include "cifs_debug.h"
27#include "md5.h"
28#include "cifs_unicode.h"
29#include "cifsproto.h"
2b149f11 30#include "ntlmssp.h"
7c7b25bc 31#include <linux/ctype.h>
6d027cfd 32#include <linux/random.h>
1da177e4 33
ffdd6e4d 34/* Calculate and return the CIFS signature based on the mac key and SMB PDU */
1da177e4
LT		 35/* the 16 byte signature must be allocated by the caller */
36/* Note we only use the 1st eight bytes */
ffdd6e4d 37/* Note that the smb header signature field on input contains the
1da177e4
LT		 38 sequence number before this function is called */
39
40extern void mdfour(unsigned char *out, unsigned char *in, int n);
41extern void E_md4hash(const unsigned char *passwd, unsigned char *p16);
4e53a3fb 42extern void SMBencrypt(unsigned char *passwd, const unsigned char *c8,
ffdd6e4d 43 unsigned char *p24);
50c2f753 44
ffdd6e4d 45static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu,
21e73393 46 struct TCP_Server_Info *server, char *signature)
1da177e4 47{
c8e56f1f 48 struct MD5Context context;
1da177e4 49
21e73393 50 if (cifs_pdu == NULL || signature == NULL || server == NULL)
1da177e4
LT		 51 return -EINVAL;
52
c8e56f1f 53 cifs_MD5_init(&context);
21e73393
SP		 54 cifs_MD5_update(&context, server->session_key.response,
55 server->session_key.len);
c8e56f1f 56 cifs_MD5_update(&context, cifs_pdu->Protocol, cifs_pdu->smb_buf_length);
b609f06a 57
c8e56f1f 58 cifs_MD5_final(signature, &context);
56234e27 59 return 0;
1da177e4
LT		 60}
61
ffdd6e4d
SF		 62int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server,
63 __u32 *pexpected_response_sequence_number)
1da177e4
LT		 64{
65 int rc = 0;
66 char smb_signature[20];
67
ffdd6e4d 68 if ((cifs_pdu == NULL) || (server == NULL))
1da177e4
LT		 69 return -EINVAL;
70
ffdd6e4d 71 if ((cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) == 0)
1da177e4
LT		 72 return rc;
73
74 spin_lock(&GlobalMid_Lock);
50c2f753
SF		 75 cifs_pdu->Signature.Sequence.SequenceNumber =
76 cpu_to_le32(server->sequence_number);
1da177e4 77 cifs_pdu->Signature.Sequence.Reserved = 0;
50c2f753 78
ad009ac9
SF		 79 *pexpected_response_sequence_number = server->sequence_number++;
80 server->sequence_number++;
1da177e4
LT		 81 spin_unlock(&GlobalMid_Lock);
82
21e73393 83 rc = cifs_calculate_signature(cifs_pdu, server, smb_signature);
ffdd6e4d 84 if (rc)
1da177e4
LT		 85 memset(cifs_pdu->Signature.SecuritySignature, 0, 8);
86 else
87 memcpy(cifs_pdu->Signature.SecuritySignature, smb_signature, 8);
88
89 return rc;
90}
91
ffdd6e4d 92static int cifs_calc_signature2(const struct kvec *iov, int n_vec,
21e73393 93 struct TCP_Server_Info *server, char *signature)
84afc29b 94{
c8e56f1f 95 struct MD5Context context;
e9917a00 96 int i;
84afc29b 97
21e73393 98 if (iov == NULL || signature == NULL || server == NULL)
e9917a00 99 return -EINVAL;
84afc29b 100
c8e56f1f 101 cifs_MD5_init(&context);
21e73393
SP		 102 cifs_MD5_update(&context, server->session_key.response,
103 server->session_key.len);
50c2f753 104 for (i = 0; i < n_vec; i++) {
745542e2
JL		 105 if (iov[i].iov_len == 0)
106 continue;
ffdd6e4d 107 if (iov[i].iov_base == NULL) {
56234e27 108 cERROR(1, "null iovec entry");
e9917a00 109 return -EIO;
745542e2 110 }
ffdd6e4d 111 /* The first entry includes a length field (which does not get
e9917a00 112 signed that occupies the first 4 bytes before the header */
ffdd6e4d 113 if (i == 0) {
63d2583f 114 if (iov[0].iov_len <= 8) /* cmd field at offset 9 */
e9917a00 115 break; /* nothing to sign or corrupt header */
c8e56f1f
SF		 116 cifs_MD5_update(&context, iov[0].iov_base+4,
117 iov[0].iov_len-4);
e9917a00 118 } else
c8e56f1f 119 cifs_MD5_update(&context, iov[i].iov_base, iov[i].iov_len);
e9917a00 120 }
84afc29b 121
c8e56f1f 122 cifs_MD5_final(signature, &context);
84afc29b 123
56234e27 124 return 0;
84afc29b
SF		 125}
126
c8e56f1f 127
ffdd6e4d 128int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server,
63d2583f 129 __u32 *pexpected_response_sequence_number)
84afc29b
SF		 130{
131 int rc = 0;
132 char smb_signature[20];
ffdd6e4d 133 struct smb_hdr *cifs_pdu = iov[0].iov_base;
84afc29b 134
ffdd6e4d 135 if ((cifs_pdu == NULL) || (server == NULL))
84afc29b
SF		 136 return -EINVAL;
137
ffdd6e4d 138 if ((cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) == 0)
84afc29b
SF		 139 return rc;
140
ffdd6e4d
SF		 141 spin_lock(&GlobalMid_Lock);
142 cifs_pdu->Signature.Sequence.SequenceNumber =
84afc29b 143 cpu_to_le32(server->sequence_number);
ffdd6e4d 144 cifs_pdu->Signature.Sequence.Reserved = 0;
84afc29b 145
ffdd6e4d
SF		 146 *pexpected_response_sequence_number = server->sequence_number++;
147 server->sequence_number++;
148 spin_unlock(&GlobalMid_Lock);
84afc29b 149
21e73393 150 rc = cifs_calc_signature2(iov, n_vec, server, smb_signature);
ffdd6e4d
SF		 151 if (rc)
152 memset(cifs_pdu->Signature.SecuritySignature, 0, 8);
153 else
154 memcpy(cifs_pdu->Signature.SecuritySignature, smb_signature, 8);
84afc29b 155
ffdd6e4d 156 return rc;
84afc29b
SF		 157}
158
b609f06a 159int cifs_verify_signature(struct smb_hdr *cifs_pdu,
21e73393 160 struct TCP_Server_Info *server,
ffdd6e4d 161 __u32 expected_sequence_number)
1da177e4 162{
c8e56f1f 163 unsigned int rc;
1da177e4
LT		 164 char server_response_sig[8];
165 char what_we_think_sig_should_be[20];
166
21e73393 167 if (cifs_pdu == NULL || server == NULL)
1da177e4
LT		 168 return -EINVAL;
169
170 if (cifs_pdu->Command == SMB_COM_NEGOTIATE)
171 return 0;
172
173 if (cifs_pdu->Command == SMB_COM_LOCKING_ANDX) {
50c2f753 174 struct smb_com_lock_req *pSMB =
ffdd6e4d
SF		 175 (struct smb_com_lock_req *)cifs_pdu;
176 if (pSMB->LockType & LOCKING_ANDX_OPLOCK_RELEASE)
1da177e4
LT		 177 return 0;
178 }
179
50c2f753
SF		 180 /* BB what if signatures are supposed to be on for session but
181 server does not send one? BB */
182
1da177e4 183 /* Do not need to verify session setups with signature "BSRSPYL " */
50c2f753 184 if (memcmp(cifs_pdu->Signature.SecuritySignature, "BSRSPYL ", 8) == 0)
b6b38f70
JP		 185 cFYI(1, "dummy signature received for smb command 0x%x",
186 cifs_pdu->Command);
1da177e4
LT		 187
188 /* save off the origiginal signature so we can modify the smb and check
189 its signature against what the server sent */
50c2f753 190 memcpy(server_response_sig, cifs_pdu->Signature.SecuritySignature, 8);
1da177e4 191
50c2f753
SF		 192 cifs_pdu->Signature.Sequence.SequenceNumber =
193 cpu_to_le32(expected_sequence_number);
1da177e4
LT		 194 cifs_pdu->Signature.Sequence.Reserved = 0;
195
21e73393 196 rc = cifs_calculate_signature(cifs_pdu, server,
1da177e4
LT		 197 what_we_think_sig_should_be);
198
50c2f753 199 if (rc)
1da177e4
LT		 200 return rc;
201
50c2f753
SF		 202/* cifs_dump_mem("what we think it should be: ",
203 what_we_think_sig_should_be, 16); */
1da177e4 204
50c2f753 205 if (memcmp(server_response_sig, what_we_think_sig_should_be, 8))
1da177e4
LT		 206 return -EACCES;
207 else
208 return 0;
209
210}
211
21e73393
SP		 212/* first calculate 24 bytes ntlm response and then 16 byte session key */
213int setup_ntlm_response(struct cifsSesInfo *ses)
1da177e4 214{
21e73393
SP		 215 unsigned int temp_len = CIFS_SESS_KEY_SIZE + CIFS_AUTH_RESP_SIZE;
216 char temp_key[CIFS_SESS_KEY_SIZE];
217
218 if (!ses)
1da177e4
LT		 219 return -EINVAL;
220
21e73393
SP		 221 ses->auth_key.response = kmalloc(temp_len, GFP_KERNEL);
222 if (!ses->auth_key.response) {
223 cERROR(1, "NTLM can't allocate (%u bytes) memory", temp_len);
224 return -ENOMEM;
225 }
226 ses->auth_key.len = temp_len;
227
228 SMBNTencrypt(ses->password, ses->cryptKey,
229 ses->auth_key.response + CIFS_SESS_KEY_SIZE);
230
231 E_md4hash(ses->password, temp_key);
232 mdfour(ses->auth_key.response, temp_key, CIFS_SESS_KEY_SIZE);
233
1da177e4
LT		 234 return 0;
235}
236
7c7b25bc 237#ifdef CONFIG_CIFS_WEAK_PW_HASH
4e53a3fb
JL		 238void calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,
239 char *lnm_session_key)
7c7b25bc
SF		 240{
241 int i;
242 char password_with_pad[CIFS_ENCPWD_SIZE];
243
244 memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
4e53a3fb
JL		 245 if (password)
246 strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
247
04912d6a 248 if (!encrypt && global_secflags & CIFSSEC_MAY_PLNTXT) {
4e53a3fb
JL		 249 memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE);
250 memcpy(lnm_session_key, password_with_pad,
251 CIFS_ENCPWD_SIZE);
252 return;
253 }
bdc4bf6e 254
7c7b25bc
SF		 255 /* calculate old style session key */
256 /* calling toupper is less broken than repeatedly
257 calling nls_toupper would be since that will never
258 work for UTF8, but neither handles multibyte code pages
259 but the only alternative would be converting to UCS-16 (Unicode)
260 (using a routine something like UniStrupr) then
261 uppercasing and then converting back from Unicode - which
262 would only worth doing it if we knew it were utf8. Basically
263 utf8 and other multibyte codepages each need their own strupper
264 function since a byte at a time will ont work. */
265
ef571cad 266 for (i = 0; i < CIFS_ENCPWD_SIZE; i++)
7c7b25bc 267 password_with_pad[i] = toupper(password_with_pad[i]);
7c7b25bc 268
4e53a3fb
JL		 269 SMBencrypt(password_with_pad, cryptkey, lnm_session_key);
270
7c7b25bc
SF		 271 /* clear password before we return/free memory */
272 memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
273}
274#endif /* CIFS_WEAK_PW_HASH */
275
9daa42e2
SP		 276/* Build a proper attribute value/target info pairs blob.
277 * Fill in netbios and dns domain name and workstation name
278 * and client time (total five av pairs and + one end of fields indicator.
279 * Allocate domain name which gets freed when session struct is deallocated.
2b149f11
SP		 280 */
281static int
9daa42e2 282build_avpair_blob(struct cifsSesInfo *ses, const struct nls_table *nls_cp)
2b149f11 283{
9daa42e2
SP		 284 unsigned int dlen;
285 unsigned int wlen;
286 unsigned int size = 6 * sizeof(struct ntlmssp2_name);
287 __le64 curtime;
288 char *defdmname = "WORKGROUP";
289 unsigned char *blobptr;
2b149f11
SP		 290 struct ntlmssp2_name *attrptr;
291
9daa42e2
SP		 292 if (!ses->domainName) {
293 ses->domainName = kstrdup(defdmname, GFP_KERNEL);
294 if (!ses->domainName)
295 return -ENOMEM;
296 }
297
298 dlen = strlen(ses->domainName);
299 wlen = strlen(ses->server->hostname);
300
301 /* The length of this blob is a size which is
302 * six times the size of a structure which holds name/size +
303 * two times the unicode length of a domain name +
304 * two times the unicode length of a server name +
305 * size of a timestamp (which is 8 bytes).
306 */
307 ses->tilen = size + 2 * (2 * dlen) + 2 * (2 * wlen) + 8;
2b149f11
SP		 308 ses->tiblob = kzalloc(ses->tilen, GFP_KERNEL);
309 if (!ses->tiblob) {
310 ses->tilen = 0;
311 cERROR(1, "Challenge target info allocation failure");
312 return -ENOMEM;
313 }
9daa42e2
SP		 314
315 blobptr = ses->tiblob;
316 attrptr = (struct ntlmssp2_name *) blobptr;
317
318 attrptr->type = cpu_to_le16(NTLMSSP_AV_NB_DOMAIN_NAME);
319 attrptr->length = cpu_to_le16(2 * dlen);
320 blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
321 cifs_strtoUCS((__le16 *)blobptr, ses->domainName, dlen, nls_cp);
322
323 blobptr += 2 * dlen;
324 attrptr = (struct ntlmssp2_name *) blobptr;
325
326 attrptr->type = cpu_to_le16(NTLMSSP_AV_NB_COMPUTER_NAME);
327 attrptr->length = cpu_to_le16(2 * wlen);
328 blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
329 cifs_strtoUCS((__le16 *)blobptr, ses->server->hostname, wlen, nls_cp);
330
331 blobptr += 2 * wlen;
332 attrptr = (struct ntlmssp2_name *) blobptr;
333
334 attrptr->type = cpu_to_le16(NTLMSSP_AV_DNS_DOMAIN_NAME);
335 attrptr->length = cpu_to_le16(2 * dlen);
336 blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
337 cifs_strtoUCS((__le16 *)blobptr, ses->domainName, dlen, nls_cp);
338
339 blobptr += 2 * dlen;
340 attrptr = (struct ntlmssp2_name *) blobptr;
341
342 attrptr->type = cpu_to_le16(NTLMSSP_AV_DNS_COMPUTER_NAME);
343 attrptr->length = cpu_to_le16(2 * wlen);
344 blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
345 cifs_strtoUCS((__le16 *)blobptr, ses->server->hostname, wlen, nls_cp);
346
347 blobptr += 2 * wlen;
348 attrptr = (struct ntlmssp2_name *) blobptr;
349
350 attrptr->type = cpu_to_le16(NTLMSSP_AV_TIMESTAMP);
351 attrptr->length = cpu_to_le16(sizeof(__le64));
352 blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
353 curtime = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME));
354 memcpy(blobptr, &curtime, sizeof(__le64));
2b149f11
SP		 355
356 return 0;
357}
358
359/* Server has provided av pairs/target info in the type 2 challenge
360 * packet and we have plucked it and stored within smb session.
361 * We parse that blob here to find netbios domain name to be used
362 * as part of ntlmv2 authentication (in Target String), if not already
363 * specified on the command line.
364 * If this function returns without any error but without fetching
365 * domain name, authentication may fail against some server but
366 * may not fail against other (those who are not very particular
367 * about target string i.e. for some, just user name might suffice.
368 */
369static int
370find_domain_name(struct cifsSesInfo *ses)
371{
372 unsigned int attrsize;
373 unsigned int type;
374 unsigned int onesize = sizeof(struct ntlmssp2_name);
375 unsigned char *blobptr;
376 unsigned char *blobend;
377 struct ntlmssp2_name *attrptr;
378
379 if (!ses->tilen || !ses->tiblob)
380 return 0;
381
382 blobptr = ses->tiblob;
383 blobend = ses->tiblob + ses->tilen;
384
385 while (blobptr + onesize < blobend) {
386 attrptr = (struct ntlmssp2_name *) blobptr;
387 type = le16_to_cpu(attrptr->type);
388 if (type == NTLMSSP_AV_EOL)
389 break;
390 blobptr += 2; /* advance attr type */
391 attrsize = le16_to_cpu(attrptr->length);
392 blobptr += 2; /* advance attr size */
393 if (blobptr + attrsize > blobend)
394 break;
395 if (type == NTLMSSP_AV_NB_DOMAIN_NAME) {
396 if (!attrsize)
397 break;
398 if (!ses->domainName) {
ccc46a74 399 struct nls_table *default_nls;
2b149f11
SP		 400 ses->domainName =
401 kmalloc(attrsize + 1, GFP_KERNEL);
402 if (!ses->domainName)
403 return -ENOMEM;
ccc46a74 404 default_nls = load_nls_default();
2b149f11
SP		 405 cifs_from_ucs2(ses->domainName,
406 (__le16 *)blobptr, attrsize, attrsize,
ccc46a74
JL		 407 default_nls, false);
408 unload_nls(default_nls);
2b149f11
SP		 409 break;
410 }
411 }
412 blobptr += attrsize; /* advance attr value */
413 }
414
415 return 0;
416}
417
50c2f753
SF		 418static int calc_ntlmv2_hash(struct cifsSesInfo *ses,
419 const struct nls_table *nls_cp)
a8ee0344
SF		 420{
421 int rc = 0;
422 int len;
c8e56f1f
SF		 423 char nt_hash[16];
424 struct HMACMD5Context *pctxt;
50c2f753
SF		 425 wchar_t *user;
426 wchar_t *domain;
a8ee0344 427
c8e56f1f 428 pctxt = kmalloc(sizeof(struct HMACMD5Context), GFP_KERNEL);
a8ee0344 429
c8e56f1f
SF		 430 if (pctxt == NULL)
431 return -ENOMEM;
56234e27 432
c8e56f1f
SF		 433 /* calculate md4 hash of password */
434 E_md4hash(ses->password, nt_hash);
9fbc5908 435
c8e56f1f
SF		 436 /* convert Domainname to unicode and uppercase */
437 hmac_md5_init_limK_to_64(nt_hash, 16, pctxt);
a8ee0344
SF		 438
439 /* convert ses->userName to unicode and uppercase */
1717ffc5
SF		 440 len = strlen(ses->userName);
441 user = kmalloc(2 + (len * 2), GFP_KERNEL);
56234e27 442 if (user == NULL)
1717ffc5 443 goto calc_exit_2;
8f2376ad 444 len = cifs_strtoUCS((__le16 *)user, ses->userName, len, nls_cp);
1717ffc5 445 UniStrupr(user);
c8e56f1f 446 hmac_md5_update((char *)user, 2*len, pctxt);
a8ee0344
SF		 447
448 /* convert ses->domainName to unicode and uppercase */
50c2f753 449 if (ses->domainName) {
1717ffc5 450 len = strlen(ses->domainName);
a8ee0344 451
50c2f753 452 domain = kmalloc(2 + (len * 2), GFP_KERNEL);
56234e27 453 if (domain == NULL)
1717ffc5 454 goto calc_exit_1;
8f2376ad
CG		 455 len = cifs_strtoUCS((__le16 *)domain, ses->domainName, len,
456 nls_cp);
b609f06a
SF		 457 /* the following line was removed since it didn't work well
458 with lower cased domain name that passed as an option.
459 Maybe converting the domain name earlier makes sense */
460 /* UniStrupr(domain); */
a8ee0344 461
c8e56f1f 462 hmac_md5_update((char *)domain, 2*len, pctxt);
50c2f753 463
1717ffc5
SF		 464 kfree(domain);
465 }
466calc_exit_1:
467 kfree(user);
468calc_exit_2:
50c2f753 469 /* BB FIXME what about bytes 24 through 40 of the signing key?
1717ffc5 470 compare with the NTLM example */
5d0d2882 471 hmac_md5_final(ses->ntlmv2_hash, pctxt);
9fbc5908 472
c8e56f1f 473 kfree(pctxt);
9fbc5908
SF		 474 return rc;
475}
476
2b149f11 477int
21e73393 478setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp)
9fbc5908 479{
c8e56f1f 480 int rc;
21e73393
SP		 481 int baselen;
482 struct ntlmv2_resp *buf;
c8e56f1f 483 struct HMACMD5Context context;
6d027cfd 484
2b149f11
SP		 485 if (ses->server->secType == RawNTLMSSP) {
486 if (!ses->domainName) {
487 rc = find_domain_name(ses);
488 if (rc) {
489 cERROR(1, "error %d finding domain name", rc);
490 goto setup_ntlmv2_rsp_ret;
491 }
492 }
493 } else {
9daa42e2 494 rc = build_avpair_blob(ses, nls_cp);
2b149f11
SP		 495 if (rc) {
496 cERROR(1, "error %d building av pair blob", rc);
497 return rc;
498 }
499 }
a8ee0344 500
21e73393
SP		 501 baselen = CIFS_SESS_KEY_SIZE + sizeof(struct ntlmv2_resp);
502 ses->auth_key.len = baselen + ses->tilen;
503 ses->auth_key.response = kmalloc(ses->auth_key.len, GFP_KERNEL);
504 if (!ses->auth_key.response) {
505 rc = ENOMEM;
506 cERROR(1, "%s: Can't allocate auth blob", __func__);
507 goto setup_ntlmv2_rsp_ret;
508 }
509
510 buf = (struct ntlmv2_resp *)
511 (ses->auth_key.response + CIFS_SESS_KEY_SIZE);
512 buf->blob_signature = cpu_to_le32(0x00000101);
513 buf->reserved = 0;
514 buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME));
515 get_random_bytes(&buf->client_chal, sizeof(buf->client_chal));
516 buf->reserved2 = 0;
517
518 memcpy(ses->auth_key.response + baselen, ses->tiblob, ses->tilen);
519
6d027cfd 520 /* calculate buf->ntlmv2_hash */
1717ffc5 521 rc = calc_ntlmv2_hash(ses, nls_cp);
2b149f11 522 if (rc) {
b6b38f70 523 cERROR(1, "could not get v2 hash rc %d", rc);
2b149f11
SP		 524 goto setup_ntlmv2_rsp_ret;
525 }
21e73393 526 CalcNTLMv2_response(ses);
b609f06a 527
5d0d2882
SP		 528 /* now calculate the session key for NTLMv2 */
529 hmac_md5_init_limK_to_64(ses->ntlmv2_hash, 16, &context);
21e73393
SP		 530 hmac_md5_update(ses->auth_key.response + CIFS_SESS_KEY_SIZE,
531 16, &context);
532 hmac_md5_final(ses->auth_key.response, &context);
2b149f11
SP		 533
534 return 0;
535
536setup_ntlmv2_rsp_ret:
537 kfree(ses->tiblob);
538 ses->tiblob = NULL;
539 ses->tilen = 0;
540
541 return rc;
6d027cfd
SF		 542}
543
d2b91521
SP		 544int
545calc_seckey(struct cifsSesInfo *ses)
546{
547 int rc;
548 struct crypto_blkcipher *tfm_arc4;
549 struct scatterlist sgin, sgout;
550 struct blkcipher_desc desc;
551 unsigned char sec_key[CIFS_SESS_KEY_SIZE]; /* a nonce */
552
553 get_random_bytes(sec_key, CIFS_SESS_KEY_SIZE);
554
555 tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
556 if (!tfm_arc4 || IS_ERR(tfm_arc4)) {
557 cERROR(1, "could not allocate crypto API arc4\n");
558 return PTR_ERR(tfm_arc4);
559 }
560
561 desc.tfm = tfm_arc4;
562
563 crypto_blkcipher_setkey(tfm_arc4, ses->auth_key.response,
564 CIFS_SESS_KEY_SIZE);
565
566 sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE);
567 sg_init_one(&sgout, ses->ntlmssp.ciphertext, CIFS_CPHTXT_SIZE);
568
569 rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, CIFS_CPHTXT_SIZE);
570 if (rc) {
571 cERROR(1, "could not encrypt session key rc: %d\n", rc);
572 crypto_free_blkcipher(tfm_arc4);
573 return rc;
574 }
575
576 /* make secondary_key/nonce as session key */
577 memcpy(ses->auth_key.response, sec_key, CIFS_SESS_KEY_SIZE);
578 /* and make len as that of session key only */
579 ses->auth_key.len = CIFS_SESS_KEY_SIZE;
580
581 crypto_free_blkcipher(tfm_arc4);
582
583 return 0;
584}
585
586void
587cifs_crypto_shash_release(struct TCP_Server_Info *server)
588{
589 if (server->secmech.md5)
590 crypto_free_shash(server->secmech.md5);
591
592 if (server->secmech.hmacmd5)
593 crypto_free_shash(server->secmech.hmacmd5);
594
595 kfree(server->secmech.sdeschmacmd5);
596
597 kfree(server->secmech.sdescmd5);
598}
599
600int
601cifs_crypto_shash_allocate(struct TCP_Server_Info *server)
602{
603 int rc;
604 unsigned int size;
605
606 server->secmech.hmacmd5 = crypto_alloc_shash("hmac(md5)", 0, 0);
607 if (!server->secmech.hmacmd5 ||
608 IS_ERR(server->secmech.hmacmd5)) {
609 cERROR(1, "could not allocate crypto hmacmd5\n");
610 return PTR_ERR(server->secmech.hmacmd5);
611 }
612
613 server->secmech.md5 = crypto_alloc_shash("md5", 0, 0);
614 if (!server->secmech.md5 || IS_ERR(server->secmech.md5)) {
615 cERROR(1, "could not allocate crypto md5\n");
616 rc = PTR_ERR(server->secmech.md5);
617 goto crypto_allocate_md5_fail;
618 }
619
620 size = sizeof(struct shash_desc) +
621 crypto_shash_descsize(server->secmech.hmacmd5);
622 server->secmech.sdeschmacmd5 = kmalloc(size, GFP_KERNEL);
623 if (!server->secmech.sdeschmacmd5) {
624 cERROR(1, "cifs_crypto_shash_allocate: can't alloc hmacmd5\n");
625 rc = -ENOMEM;
626 goto crypto_allocate_hmacmd5_sdesc_fail;
627 }
628 server->secmech.sdeschmacmd5->shash.tfm = server->secmech.hmacmd5;
629 server->secmech.sdeschmacmd5->shash.flags = 0x0;
630
631
632 size = sizeof(struct shash_desc) +
633 crypto_shash_descsize(server->secmech.md5);
634 server->secmech.sdescmd5 = kmalloc(size, GFP_KERNEL);
635 if (!server->secmech.sdescmd5) {
636 cERROR(1, "cifs_crypto_shash_allocate: can't alloc md5\n");
637 rc = -ENOMEM;
638 goto crypto_allocate_md5_sdesc_fail;
639 }
640 server->secmech.sdescmd5->shash.tfm = server->secmech.md5;
641 server->secmech.sdescmd5->shash.flags = 0x0;
642
643 return 0;
644
645crypto_allocate_md5_sdesc_fail:
646 kfree(server->secmech.sdeschmacmd5);
647
648crypto_allocate_hmacmd5_sdesc_fail:
649 crypto_free_shash(server->secmech.md5);
650
651crypto_allocate_md5_fail:
652 crypto_free_shash(server->secmech.hmacmd5);
653
654 return rc;
655}
656
21e73393 657void CalcNTLMv2_response(const struct cifsSesInfo *ses)
9fbc5908 658{
21e73393 659 unsigned int offset = CIFS_SESS_KEY_SIZE + 8;
c8e56f1f 660 struct HMACMD5Context context;
21e73393 661
c8e56f1f 662 /* rest of v2 struct already generated */
21e73393 663 memcpy(ses->auth_key.response + offset, ses->cryptKey, 8);
5d0d2882 664 hmac_md5_init_limK_to_64(ses->ntlmv2_hash, 16, &context);
9fbc5908 665
21e73393
SP		 666 hmac_md5_update(ses->auth_key.response + offset,
667 ses->auth_key.len - offset, &context);
2b149f11 668
21e73393 669 hmac_md5_final(ses->auth_key.response + CIFS_SESS_KEY_SIZE, &context);
1da177e4 670}
ubuntu-zesty-kernel mirror