[mirror_ubuntu-zesty-kernel.git] / fs / cifs / smbencrypt.c

/*
   Unix SMB/Netbios implementation.
   Version 1.9.
   SMB parameters and setup
   Copyright (C) Andrew Tridgell 1992-2000
   Copyright (C) Luke Kenneth Casson Leighton 1996-2000
   Modified by Jeremy Allison 1995.
   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
   Modified by Steve French (sfrench@us.ibm.com) 2002-2003

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/

#include <crypto/skcipher.h>
#include <linux/module.h>
#include <linux/slab.h>
#include <linux/fs.h>
#include <linux/string.h>
#include <linux/kernel.h>
#include <linux/random.h>
#include "cifs_fs_sb.h"
#include "cifs_unicode.h"
#include "cifspdu.h"
#include "cifsglob.h"
#include "cifs_debug.h"
#include "cifsproto.h"

#ifndef false
#define false 0
#endif
#ifndef true
#define true 1
#endif

/* following came from the other byteorder.h to avoid include conflicts */
#define CVAL(buf,pos) (((unsigned char *)(buf))[pos])
#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8)
#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((__u16)(val)))

static void
str_to_key(unsigned char *str, unsigned char *key)
{
	int i;

	key[0] = str[0] >> 1;
	key[1] = ((str[0] & 0x01) << 6) | (str[1] >> 2);
	key[2] = ((str[1] & 0x03) << 5) | (str[2] >> 3);
	key[3] = ((str[2] & 0x07) << 4) | (str[3] >> 4);
	key[4] = ((str[3] & 0x0F) << 3) | (str[4] >> 5);
	key[5] = ((str[4] & 0x1F) << 2) | (str[5] >> 6);
	key[6] = ((str[5] & 0x3F) << 1) | (str[6] >> 7);
	key[7] = str[6] & 0x7F;
	for (i = 0; i < 8; i++)
		key[i] = (key[i] << 1);
}

static int
smbhash(unsigned char *out, const unsigned char *in, unsigned char *key)
{
	int rc;
	unsigned char key2[8];
	struct crypto_skcipher *tfm_des;
	struct scatterlist sgin, sgout;
	struct skcipher_request *req;

	str_to_key(key, key2);

	tfm_des = crypto_alloc_skcipher("ecb(des)", 0, CRYPTO_ALG_ASYNC);
	if (IS_ERR(tfm_des)) {
		rc = PTR_ERR(tfm_des);
		cifs_dbg(VFS, "could not allocate des crypto API\n");
		goto smbhash_err;
	}

	req = skcipher_request_alloc(tfm_des, GFP_KERNEL);
	if (!req) {
		rc = -ENOMEM;
		cifs_dbg(VFS, "could not allocate des crypto API\n");
		goto smbhash_free_skcipher;
	}

	crypto_skcipher_setkey(tfm_des, key2, 8);

	sg_init_one(&sgin, in, 8);
	sg_init_one(&sgout, out, 8);

	skcipher_request_set_callback(req, 0, NULL, NULL);
	skcipher_request_set_crypt(req, &sgin, &sgout, 8, NULL);

	rc = crypto_skcipher_encrypt(req);
	if (rc)
		cifs_dbg(VFS, "could not encrypt crypt key rc: %d\n", rc);

	skcipher_request_free(req);

smbhash_free_skcipher:
	crypto_free_skcipher(tfm_des);
smbhash_err:
	return rc;
}

static int
E_P16(unsigned char *p14, unsigned char *p16)
{
	int rc;
	unsigned char sp8[8] =
	    { 0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 };

	rc = smbhash(p16, sp8, p14);
	if (rc)
		return rc;
	rc = smbhash(p16 + 8, sp8, p14 + 7);
	return rc;
}

static int
E_P24(unsigned char *p21, const unsigned char *c8, unsigned char *p24)
{
	int rc;

	rc = smbhash(p24, c8, p21);
	if (rc)
		return rc;
	rc = smbhash(p24 + 8, c8, p21 + 7);
	if (rc)
		return rc;
	rc = smbhash(p24 + 16, c8, p21 + 14);
	return rc;
}

/* produce a md4 message digest from data of length n bytes */
int
mdfour(unsigned char *md4_hash, unsigned char *link_str, int link_len)
{
	int rc;
	unsigned int size;
	struct crypto_shash *md4;
	struct sdesc *sdescmd4;

	md4 = crypto_alloc_shash("md4", 0, 0);
	if (IS_ERR(md4)) {
		rc = PTR_ERR(md4);
		cifs_dbg(VFS, "%s: Crypto md4 allocation error %d\n",
			 __func__, rc);
		return rc;
	}
	size = sizeof(struct shash_desc) + crypto_shash_descsize(md4);
	sdescmd4 = kmalloc(size, GFP_KERNEL);
	if (!sdescmd4) {
		rc = -ENOMEM;
		goto mdfour_err;
	}
	sdescmd4->shash.tfm = md4;
	sdescmd4->shash.flags = 0x0;

	rc = crypto_shash_init(&sdescmd4->shash);
	if (rc) {
		cifs_dbg(VFS, "%s: Could not init md4 shash\n", __func__);
		goto mdfour_err;
	}
	rc = crypto_shash_update(&sdescmd4->shash, link_str, link_len);
	if (rc) {
		cifs_dbg(VFS, "%s: Could not update with link_str\n", __func__);
		goto mdfour_err;
	}
	rc = crypto_shash_final(&sdescmd4->shash, md4_hash);
	if (rc)
		cifs_dbg(VFS, "%s: Could not generate md4 hash\n", __func__);

mdfour_err:
	crypto_free_shash(md4);
	kfree(sdescmd4);

	return rc;
}

/*
   This implements the X/Open SMB password encryption
   It takes a password, a 8 byte "crypt key" and puts 24 bytes of
   encrypted password into p24 */
/* Note that password must be uppercased and null terminated */
int
SMBencrypt(unsigned char *passwd, const unsigned char *c8, unsigned char *p24)
{
	int rc;
	unsigned char p14[14], p16[16], p21[21];

	memset(p14, '\0', 14);
	memset(p16, '\0', 16);
	memset(p21, '\0', 21);

	memcpy(p14, passwd, 14);
	rc = E_P16(p14, p16);
	if (rc)
		return rc;

	memcpy(p21, p16, 16);
	rc = E_P24(p21, c8, p24);

	return rc;
}

/*
 * Creates the MD4 Hash of the users password in NT UNICODE.
 */

int
E_md4hash(const unsigned char *passwd, unsigned char *p16,
	const struct nls_table *codepage)
{
	int rc;
	int len;
	__le16 wpwd[129];

	/* Password cannot be longer than 128 characters */
	if (passwd) /* Password must be converted to NT unicode */
		len = cifs_strtoUTF16(wpwd, passwd, 128, codepage);
	else {
		len = 0;
		*wpwd = 0; /* Ensure string is null terminated */
	}

	rc = mdfour(p16, (unsigned char *) wpwd, len * sizeof(__le16));
	memzero_explicit(wpwd, sizeof(wpwd));

	return rc;
}

/* Does the NT MD4 hash then des encryption. */
int
SMBNTencrypt(unsigned char *passwd, unsigned char *c8, unsigned char *p24,
		const struct nls_table *codepage)
{
	int rc;
	unsigned char p16[16], p21[21];

	memset(p16, '\0', 16);
	memset(p21, '\0', 21);

	rc = E_md4hash(passwd, p16, codepage);
	if (rc) {
		cifs_dbg(FYI, "%s Can't generate NT hash, error: %d\n",
			 __func__, rc);
		return rc;
	}
	memcpy(p21, p16, 16);
	rc = E_P24(p21, c8, p24);
	return rc;
}
Commit	Line	Data
790fe579	1	/*
1da177e4 LT	2	Unix SMB/Netbios implementation.
	3	Version 1.9.
	4	SMB parameters and setup
	5	Copyright (C) Andrew Tridgell 1992-2000
	6	Copyright (C) Luke Kenneth Casson Leighton 1996-2000
	7	Modified by Jeremy Allison 1995.
	8	Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
	9	Modified by Steve French (sfrench@us.ibm.com) 2002-2003
50c2f753	10
1da177e4 LT	11	This program is free software; you can redistribute it and/or modify
	12	it under the terms of the GNU General Public License as published by
	13	the Free Software Foundation; either version 2 of the License, or
	14	(at your option) any later version.
50c2f753	15
1da177e4 LT	16	This program is distributed in the hope that it will be useful,
	17	but WITHOUT ANY WARRANTY; without even the implied warranty of
	18	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	19	GNU General Public License for more details.
50c2f753	20
1da177e4 LT	21	You should have received a copy of the GNU General Public License
	22	along with this program; if not, write to the Free Software
	23	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
	24	*/
	25
9651ddba	26	#include <crypto/skcipher.h>
1da177e4	27	#include <linux/module.h>
5a0e3ad6	28	#include <linux/slab.h>
1da177e4 LT	29	#include <linux/fs.h>
	30	#include <linux/string.h>
	31	#include <linux/kernel.h>
	32	#include <linux/random.h>
2baa2682	33	#include "cifs_fs_sb.h"
1da177e4 LT	34	#include "cifs_unicode.h"
1da177e4 LT	35	#include "cifspdu.h"
3979877e	36	#include "cifsglob.h"
1da177e4	37	#include "cifs_debug.h"
ee2c9258	38	#include "cifsproto.h"
1da177e4	39
4b18f2a9 SF	40	#ifndef false
4b18f2a9 SF	41	#define false 0
1da177e4	42	#endif
4b18f2a9 SF	43	#ifndef true
4b18f2a9 SF	44	#define true 1
1da177e4 LT	45	#endif
	46
	47	/* following came from the other byteorder.h to avoid include conflicts */
	48	#define CVAL(buf,pos) (((unsigned char *)(buf))[pos])
	49	#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8)
	50	#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((__u16)(val)))
	51
43988d76 SF	52	static void
	53	str_to_key(unsigned char str, unsigned char key)
	54	{
	55	int i;
	56
	57	key[0] = str[0] >> 1;
	58	key[1] = ((str[0] & 0x01) << 6) \| (str[1] >> 2);
	59	key[2] = ((str[1] & 0x03) << 5) \| (str[2] >> 3);
	60	key[3] = ((str[2] & 0x07) << 4) \| (str[3] >> 4);
	61	key[4] = ((str[3] & 0x0F) << 3) \| (str[4] >> 5);
	62	key[5] = ((str[4] & 0x1F) << 2) \| (str[5] >> 6);
	63	key[6] = ((str[5] & 0x3F) << 1) \| (str[6] >> 7);
	64	key[7] = str[6] & 0x7F;
	65	for (i = 0; i < 8; i++)
	66	key[i] = (key[i] << 1);
	67	}
	68
	69	static int
	70	smbhash(unsigned char out, const unsigned char in, unsigned char *key)
	71	{
	72	int rc;
	73	unsigned char key2[8];
9651ddba	74	struct crypto_skcipher *tfm_des;
43988d76	75	struct scatterlist sgin, sgout;
9651ddba	76	struct skcipher_request *req;
43988d76 SF	77
	78	str_to_key(key, key2);
	79
9651ddba	80	tfm_des = crypto_alloc_skcipher("ecb(des)", 0, CRYPTO_ALG_ASYNC);
43988d76 SF	81	if (IS_ERR(tfm_des)) {
43988d76 SF	82	rc = PTR_ERR(tfm_des);
f96637be	83	cifs_dbg(VFS, "could not allocate des crypto API\n");
43988d76 SF	84	goto smbhash_err;
	85	}
	86
9651ddba HX	87	req = skcipher_request_alloc(tfm_des, GFP_KERNEL);
	88	if (!req) {
	89	rc = -ENOMEM;
	90	cifs_dbg(VFS, "could not allocate des crypto API\n");
	91	goto smbhash_free_skcipher;
	92	}
43988d76	93
9651ddba	94	crypto_skcipher_setkey(tfm_des, key2, 8);
43988d76 SF	95
	96	sg_init_one(&sgin, in, 8);
	97	sg_init_one(&sgout, out, 8);
	98
9651ddba HX	99	skcipher_request_set_callback(req, 0, NULL, NULL);
	100	skcipher_request_set_crypt(req, &sgin, &sgout, 8, NULL);
	101
	102	rc = crypto_skcipher_encrypt(req);
e4fb0edb	103	if (rc)
f96637be	104	cifs_dbg(VFS, "could not encrypt crypt key rc: %d\n", rc);
43988d76	105
9651ddba HX	106	skcipher_request_free(req);
	107
	108	smbhash_free_skcipher:
	109	crypto_free_skcipher(tfm_des);
43988d76 SF	110	smbhash_err:
	111	return rc;
	112	}
	113
	114	static int
	115	E_P16(unsigned char p14, unsigned char p16)
	116	{
	117	int rc;
	118	unsigned char sp8[8] =
	119	{ 0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 };
	120
	121	rc = smbhash(p16, sp8, p14);
	122	if (rc)
	123	return rc;
	124	rc = smbhash(p16 + 8, sp8, p14 + 7);
	125	return rc;
	126	}
	127
	128	static int
	129	E_P24(unsigned char p21, const unsigned char c8, unsigned char *p24)
	130	{
	131	int rc;
	132
	133	rc = smbhash(p24, c8, p21);
	134	if (rc)
	135	return rc;
	136	rc = smbhash(p24 + 8, c8, p21 + 7);
	137	if (rc)
	138	return rc;
	139	rc = smbhash(p24 + 16, c8, p21 + 14);
	140	return rc;
	141	}
	142
ee2c9258 SP	143	/* produce a md4 message digest from data of length n bytes */
	144	int
	145	mdfour(unsigned char md4_hash, unsigned char link_str, int link_len)
	146	{
	147	int rc;
	148	unsigned int size;
	149	struct crypto_shash *md4;
	150	struct sdesc *sdescmd4;
	151
	152	md4 = crypto_alloc_shash("md4", 0, 0);
	153	if (IS_ERR(md4)) {
ffeb414a	154	rc = PTR_ERR(md4);
f96637be JP	155	cifs_dbg(VFS, "%s: Crypto md4 allocation error %d\n",
f96637be JP	156	__func__, rc);
ffeb414a	157	return rc;
ee2c9258 SP	158	}
	159	size = sizeof(struct shash_desc) + crypto_shash_descsize(md4);
	160	sdescmd4 = kmalloc(size, GFP_KERNEL);
	161	if (!sdescmd4) {
	162	rc = -ENOMEM;
ee2c9258 SP	163	goto mdfour_err;
	164	}
	165	sdescmd4->shash.tfm = md4;
	166	sdescmd4->shash.flags = 0x0;
	167
	168	rc = crypto_shash_init(&sdescmd4->shash);
	169	if (rc) {
f96637be	170	cifs_dbg(VFS, "%s: Could not init md4 shash\n", __func__);
ee2c9258 SP	171	goto mdfour_err;
ee2c9258 SP	172	}
14cae324 SP	173	rc = crypto_shash_update(&sdescmd4->shash, link_str, link_len);
14cae324 SP	174	if (rc) {
f96637be	175	cifs_dbg(VFS, "%s: Could not update with link_str\n", __func__);
14cae324 SP	176	goto mdfour_err;
14cae324 SP	177	}
ee2c9258	178	rc = crypto_shash_final(&sdescmd4->shash, md4_hash);
14cae324	179	if (rc)
f96637be	180	cifs_dbg(VFS, "%s: Could not generate md4 hash\n", __func__);
1da177e4	181
ee2c9258 SP	182	mdfour_err:
	183	crypto_free_shash(md4);
	184	kfree(sdescmd4);
	185
	186	return rc;
	187	}
	188
1da177e4 LT	189	/*
1da177e4 LT	190	This implements the X/Open SMB password encryption
790fe579	191	It takes a password, a 8 byte "crypt key" and puts 24 bytes of
1da177e4 LT	192	encrypted password into p24 */
1da177e4 LT	193	/* Note that password must be uppercased and null terminated */
43988d76	194	int
4e53a3fb	195	SMBencrypt(unsigned char passwd, const unsigned char c8, unsigned char *p24)
1da177e4	196	{
43988d76 SF	197	int rc;
43988d76 SF	198	unsigned char p14[14], p16[16], p21[21];
1da177e4	199
1da177e4	200	memset(p14, '\0', 14);
43988d76 SF	201	memset(p16, '\0', 16);
43988d76 SF	202	memset(p21, '\0', 21);
1da177e4	203
43988d76 SF	204	memcpy(p14, passwd, 14);
	205	rc = E_P16(p14, p16);
	206	if (rc)
	207	return rc;
1da177e4	208
43988d76 SF	209	memcpy(p21, p16, 16);
43988d76 SF	210	rc = E_P24(p21, c8, p24);
50c2f753	211
43988d76	212	return rc;
1da177e4 LT	213	}
1da177e4 LT	214
790fe579	215	/*
1da177e4 LT	216	* Creates the MD4 Hash of the users password in NT UNICODE.
	217	*/
	218
ee2c9258	219	int
9ef5992e SP	220	E_md4hash(const unsigned char passwd, unsigned char p16,
9ef5992e SP	221	const struct nls_table *codepage)
1da177e4	222	{
ee2c9258	223	int rc;
1da177e4	224	int len;
9c32c63b	225	__le16 wpwd[129];
1da177e4 LT	226
1da177e4 LT	227	/* Password cannot be longer than 128 characters */
9ef5992e	228	if (passwd) /* Password must be converted to NT unicode */
acbbb76a	229	len = cifs_strtoUTF16(wpwd, passwd, 128, codepage);
9ef5992e	230	else {
1da177e4	231	len = 0;
9ef5992e SP	232	wpwd = 0; / Ensure string is null terminated */
9ef5992e SP	233	}
1da177e4	234
9c32c63b	235	rc = mdfour(p16, (unsigned char ) wpwd, len sizeof(__le16));
f99dbfa4	236	memzero_explicit(wpwd, sizeof(wpwd));
ee2c9258 SP	237
ee2c9258 SP	238	return rc;
1da177e4 LT	239	}
1da177e4 LT	240
1da177e4	241	/* Does the NT MD4 hash then des encryption. */
ee2c9258	242	int
9ef5992e SP	243	SMBNTencrypt(unsigned char passwd, unsigned char c8, unsigned char *p24,
9ef5992e SP	244	const struct nls_table *codepage)
1da177e4	245	{
ee2c9258	246	int rc;
43988d76	247	unsigned char p16[16], p21[21];
1da177e4	248
43988d76	249	memset(p16, '\0', 16);
1da177e4 LT	250	memset(p21, '\0', 21);
1da177e4 LT	251
9ef5992e	252	rc = E_md4hash(passwd, p16, codepage);
ee2c9258	253	if (rc) {
f96637be JP	254	cifs_dbg(FYI, "%s Can't generate NT hash, error: %d\n",
f96637be JP	255	__func__, rc);
ee2c9258 SP	256	return rc;
ee2c9258 SP	257	}
43988d76 SF	258	memcpy(p21, p16, 16);
43988d76 SF	259	rc = E_P24(p21, c8, p24);
ee2c9258	260	return rc;
1da177e4	261	}