2 * fs/cifs/cifsencrypt.c
4 * Copyright (C) International Business Machines Corp., 2005,2013
5 * Author(s): Steve French (sfrench@us.ibm.com)
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 #include <linux/slab.h>
26 #include "cifs_debug.h"
27 #include "cifs_unicode.h"
28 #include "cifsproto.h"
30 #include <linux/ctype.h>
31 #include <linux/random.h>
32 #include <linux/highmem.h>
35 cifs_crypto_shash_md5_allocate(struct TCP_Server_Info
*server
)
40 if (server
->secmech
.sdescmd5
!= NULL
)
41 return 0; /* already allocated */
43 server
->secmech
.md5
= crypto_alloc_shash("md5", 0, 0);
44 if (IS_ERR(server
->secmech
.md5
)) {
45 cifs_dbg(VFS
, "could not allocate crypto md5\n");
46 rc
= PTR_ERR(server
->secmech
.md5
);
47 server
->secmech
.md5
= NULL
;
51 size
= sizeof(struct shash_desc
) +
52 crypto_shash_descsize(server
->secmech
.md5
);
53 server
->secmech
.sdescmd5
= kmalloc(size
, GFP_KERNEL
);
54 if (!server
->secmech
.sdescmd5
) {
55 crypto_free_shash(server
->secmech
.md5
);
56 server
->secmech
.md5
= NULL
;
59 server
->secmech
.sdescmd5
->shash
.tfm
= server
->secmech
.md5
;
60 server
->secmech
.sdescmd5
->shash
.flags
= 0x0;
66 * Calculate and return the CIFS signature based on the mac key and SMB PDU.
67 * The 16 byte signature must be allocated by the caller. Note we only use the
68 * 1st eight bytes and that the smb header signature field on input contains
69 * the sequence number before this function is called. Also, this function
70 * should be called with the server->srv_mutex held.
72 static int cifs_calc_signature(struct smb_rqst
*rqst
,
73 struct TCP_Server_Info
*server
, char *signature
)
77 struct kvec
*iov
= rqst
->rq_iov
;
78 int n_vec
= rqst
->rq_nvec
;
80 if (iov
== NULL
|| signature
== NULL
|| server
== NULL
)
83 if (!server
->secmech
.sdescmd5
) {
84 rc
= cifs_crypto_shash_md5_allocate(server
);
86 cifs_dbg(VFS
, "%s: Can't alloc md5 crypto\n", __func__
);
91 rc
= crypto_shash_init(&server
->secmech
.sdescmd5
->shash
);
93 cifs_dbg(VFS
, "%s: Could not init md5\n", __func__
);
97 rc
= crypto_shash_update(&server
->secmech
.sdescmd5
->shash
,
98 server
->session_key
.response
, server
->session_key
.len
);
100 cifs_dbg(VFS
, "%s: Could not update with response\n", __func__
);
104 for (i
= 0; i
< n_vec
; i
++) {
105 if (iov
[i
].iov_len
== 0)
107 if (iov
[i
].iov_base
== NULL
) {
108 cifs_dbg(VFS
, "null iovec entry\n");
111 /* The first entry includes a length field (which does not get
112 signed that occupies the first 4 bytes before the header */
114 if (iov
[0].iov_len
<= 8) /* cmd field at offset 9 */
115 break; /* nothing to sign or corrupt header */
117 crypto_shash_update(&server
->secmech
.sdescmd5
->shash
,
118 iov
[i
].iov_base
+ 4, iov
[i
].iov_len
- 4);
121 crypto_shash_update(&server
->secmech
.sdescmd5
->shash
,
122 iov
[i
].iov_base
, iov
[i
].iov_len
);
125 cifs_dbg(VFS
, "%s: Could not update with payload\n",
131 /* now hash over the rq_pages array */
132 for (i
= 0; i
< rqst
->rq_npages
; i
++) {
135 cifs_rqst_page_to_kvec(rqst
, i
, &p_iov
);
136 crypto_shash_update(&server
->secmech
.sdescmd5
->shash
,
137 p_iov
.iov_base
, p_iov
.iov_len
);
138 kunmap(rqst
->rq_pages
[i
]);
141 rc
= crypto_shash_final(&server
->secmech
.sdescmd5
->shash
, signature
);
143 cifs_dbg(VFS
, "%s: Could not generate md5 hash\n", __func__
);
148 /* must be called with server->srv_mutex held */
149 int cifs_sign_rqst(struct smb_rqst
*rqst
, struct TCP_Server_Info
*server
,
150 __u32
*pexpected_response_sequence_number
)
153 char smb_signature
[20];
154 struct smb_hdr
*cifs_pdu
= (struct smb_hdr
*)rqst
->rq_iov
[0].iov_base
;
156 if ((cifs_pdu
== NULL
) || (server
== NULL
))
159 if (!(cifs_pdu
->Flags2
& SMBFLG2_SECURITY_SIGNATURE
) ||
160 server
->tcpStatus
== CifsNeedNegotiate
)
163 if (!server
->session_estab
) {
164 memcpy(cifs_pdu
->Signature
.SecuritySignature
, "BSRSPYL", 8);
168 cifs_pdu
->Signature
.Sequence
.SequenceNumber
=
169 cpu_to_le32(server
->sequence_number
);
170 cifs_pdu
->Signature
.Sequence
.Reserved
= 0;
172 *pexpected_response_sequence_number
= ++server
->sequence_number
;
173 ++server
->sequence_number
;
175 rc
= cifs_calc_signature(rqst
, server
, smb_signature
);
177 memset(cifs_pdu
->Signature
.SecuritySignature
, 0, 8);
179 memcpy(cifs_pdu
->Signature
.SecuritySignature
, smb_signature
, 8);
184 int cifs_sign_smbv(struct kvec
*iov
, int n_vec
, struct TCP_Server_Info
*server
,
185 __u32
*pexpected_response_sequence
)
187 struct smb_rqst rqst
= { .rq_iov
= iov
,
190 return cifs_sign_rqst(&rqst
, server
, pexpected_response_sequence
);
193 /* must be called with server->srv_mutex held */
194 int cifs_sign_smb(struct smb_hdr
*cifs_pdu
, struct TCP_Server_Info
*server
,
195 __u32
*pexpected_response_sequence_number
)
199 iov
.iov_base
= cifs_pdu
;
200 iov
.iov_len
= be32_to_cpu(cifs_pdu
->smb_buf_length
) + 4;
202 return cifs_sign_smbv(&iov
, 1, server
,
203 pexpected_response_sequence_number
);
206 int cifs_verify_signature(struct smb_rqst
*rqst
,
207 struct TCP_Server_Info
*server
,
208 __u32 expected_sequence_number
)
211 char server_response_sig
[8];
212 char what_we_think_sig_should_be
[20];
213 struct smb_hdr
*cifs_pdu
= (struct smb_hdr
*)rqst
->rq_iov
[0].iov_base
;
215 if (cifs_pdu
== NULL
|| server
== NULL
)
218 if (!server
->session_estab
)
221 if (cifs_pdu
->Command
== SMB_COM_LOCKING_ANDX
) {
222 struct smb_com_lock_req
*pSMB
=
223 (struct smb_com_lock_req
*)cifs_pdu
;
224 if (pSMB
->LockType
& LOCKING_ANDX_OPLOCK_RELEASE
)
228 /* BB what if signatures are supposed to be on for session but
229 server does not send one? BB */
231 /* Do not need to verify session setups with signature "BSRSPYL " */
232 if (memcmp(cifs_pdu
->Signature
.SecuritySignature
, "BSRSPYL ", 8) == 0)
233 cifs_dbg(FYI
, "dummy signature received for smb command 0x%x\n",
236 /* save off the origiginal signature so we can modify the smb and check
237 its signature against what the server sent */
238 memcpy(server_response_sig
, cifs_pdu
->Signature
.SecuritySignature
, 8);
240 cifs_pdu
->Signature
.Sequence
.SequenceNumber
=
241 cpu_to_le32(expected_sequence_number
);
242 cifs_pdu
->Signature
.Sequence
.Reserved
= 0;
244 mutex_lock(&server
->srv_mutex
);
245 rc
= cifs_calc_signature(rqst
, server
, what_we_think_sig_should_be
);
246 mutex_unlock(&server
->srv_mutex
);
251 /* cifs_dump_mem("what we think it should be: ",
252 what_we_think_sig_should_be, 16); */
254 if (memcmp(server_response_sig
, what_we_think_sig_should_be
, 8))
261 /* first calculate 24 bytes ntlm response and then 16 byte session key */
262 int setup_ntlm_response(struct cifs_ses
*ses
, const struct nls_table
*nls_cp
)
265 unsigned int temp_len
= CIFS_SESS_KEY_SIZE
+ CIFS_AUTH_RESP_SIZE
;
266 char temp_key
[CIFS_SESS_KEY_SIZE
];
271 ses
->auth_key
.response
= kmalloc(temp_len
, GFP_KERNEL
);
272 if (!ses
->auth_key
.response
)
275 ses
->auth_key
.len
= temp_len
;
277 rc
= SMBNTencrypt(ses
->password
, ses
->server
->cryptkey
,
278 ses
->auth_key
.response
+ CIFS_SESS_KEY_SIZE
, nls_cp
);
280 cifs_dbg(FYI
, "%s Can't generate NTLM response, error: %d\n",
285 rc
= E_md4hash(ses
->password
, temp_key
, nls_cp
);
287 cifs_dbg(FYI
, "%s Can't generate NT hash, error: %d\n",
292 rc
= mdfour(ses
->auth_key
.response
, temp_key
, CIFS_SESS_KEY_SIZE
);
294 cifs_dbg(FYI
, "%s Can't generate NTLM session key, error: %d\n",
300 #ifdef CONFIG_CIFS_WEAK_PW_HASH
301 int calc_lanman_hash(const char *password
, const char *cryptkey
, bool encrypt
,
302 char *lnm_session_key
)
306 char password_with_pad
[CIFS_ENCPWD_SIZE
];
308 memset(password_with_pad
, 0, CIFS_ENCPWD_SIZE
);
310 strncpy(password_with_pad
, password
, CIFS_ENCPWD_SIZE
);
312 if (!encrypt
&& global_secflags
& CIFSSEC_MAY_PLNTXT
) {
313 memcpy(lnm_session_key
, password_with_pad
,
318 /* calculate old style session key */
319 /* calling toupper is less broken than repeatedly
320 calling nls_toupper would be since that will never
321 work for UTF8, but neither handles multibyte code pages
322 but the only alternative would be converting to UCS-16 (Unicode)
323 (using a routine something like UniStrupr) then
324 uppercasing and then converting back from Unicode - which
325 would only worth doing it if we knew it were utf8. Basically
326 utf8 and other multibyte codepages each need their own strupper
327 function since a byte at a time will ont work. */
329 for (i
= 0; i
< CIFS_ENCPWD_SIZE
; i
++)
330 password_with_pad
[i
] = toupper(password_with_pad
[i
]);
332 rc
= SMBencrypt(password_with_pad
, cryptkey
, lnm_session_key
);
336 #endif /* CIFS_WEAK_PW_HASH */
338 /* Build a proper attribute value/target info pairs blob.
339 * Fill in netbios and dns domain name and workstation name
340 * and client time (total five av pairs and + one end of fields indicator.
341 * Allocate domain name which gets freed when session struct is deallocated.
344 build_avpair_blob(struct cifs_ses
*ses
, const struct nls_table
*nls_cp
)
347 unsigned int size
= 2 * sizeof(struct ntlmssp2_name
);
348 char *defdmname
= "WORKGROUP";
349 unsigned char *blobptr
;
350 struct ntlmssp2_name
*attrptr
;
352 if (!ses
->domainName
) {
353 ses
->domainName
= kstrdup(defdmname
, GFP_KERNEL
);
354 if (!ses
->domainName
)
358 dlen
= strlen(ses
->domainName
);
361 * The length of this blob is two times the size of a
362 * structure (av pair) which holds name/size
363 * ( for NTLMSSP_AV_NB_DOMAIN_NAME followed by NTLMSSP_AV_EOL ) +
364 * unicode length of a netbios domain name
366 ses
->auth_key
.len
= size
+ 2 * dlen
;
367 ses
->auth_key
.response
= kzalloc(ses
->auth_key
.len
, GFP_KERNEL
);
368 if (!ses
->auth_key
.response
) {
369 ses
->auth_key
.len
= 0;
373 blobptr
= ses
->auth_key
.response
;
374 attrptr
= (struct ntlmssp2_name
*) blobptr
;
377 * As defined in MS-NTLM 3.3.2, just this av pair field
378 * is sufficient as part of the temp
380 attrptr
->type
= cpu_to_le16(NTLMSSP_AV_NB_DOMAIN_NAME
);
381 attrptr
->length
= cpu_to_le16(2 * dlen
);
382 blobptr
= (unsigned char *)attrptr
+ sizeof(struct ntlmssp2_name
);
383 cifs_strtoUTF16((__le16
*)blobptr
, ses
->domainName
, dlen
, nls_cp
);
388 /* Server has provided av pairs/target info in the type 2 challenge
389 * packet and we have plucked it and stored within smb session.
390 * We parse that blob here to find netbios domain name to be used
391 * as part of ntlmv2 authentication (in Target String), if not already
392 * specified on the command line.
393 * If this function returns without any error but without fetching
394 * domain name, authentication may fail against some server but
395 * may not fail against other (those who are not very particular
396 * about target string i.e. for some, just user name might suffice.
399 find_domain_name(struct cifs_ses
*ses
, const struct nls_table
*nls_cp
)
401 unsigned int attrsize
;
403 unsigned int onesize
= sizeof(struct ntlmssp2_name
);
404 unsigned char *blobptr
;
405 unsigned char *blobend
;
406 struct ntlmssp2_name
*attrptr
;
408 if (!ses
->auth_key
.len
|| !ses
->auth_key
.response
)
411 blobptr
= ses
->auth_key
.response
;
412 blobend
= blobptr
+ ses
->auth_key
.len
;
414 while (blobptr
+ onesize
< blobend
) {
415 attrptr
= (struct ntlmssp2_name
*) blobptr
;
416 type
= le16_to_cpu(attrptr
->type
);
417 if (type
== NTLMSSP_AV_EOL
)
419 blobptr
+= 2; /* advance attr type */
420 attrsize
= le16_to_cpu(attrptr
->length
);
421 blobptr
+= 2; /* advance attr size */
422 if (blobptr
+ attrsize
> blobend
)
424 if (type
== NTLMSSP_AV_NB_DOMAIN_NAME
) {
425 if (!attrsize
|| attrsize
>= CIFS_MAX_DOMAINNAME_LEN
)
427 if (!ses
->domainName
) {
429 kmalloc(attrsize
+ 1, GFP_KERNEL
);
430 if (!ses
->domainName
)
432 cifs_from_utf16(ses
->domainName
,
433 (__le16
*)blobptr
, attrsize
, attrsize
,
438 blobptr
+= attrsize
; /* advance attr value */
444 static int calc_ntlmv2_hash(struct cifs_ses
*ses
, char *ntlmv2_hash
,
445 const struct nls_table
*nls_cp
)
449 char nt_hash
[CIFS_NTHASH_SIZE
];
454 if (!ses
->server
->secmech
.sdeschmacmd5
) {
455 cifs_dbg(VFS
, "%s: can't generate ntlmv2 hash\n", __func__
);
459 /* calculate md4 hash of password */
460 E_md4hash(ses
->password
, nt_hash
, nls_cp
);
462 rc
= crypto_shash_setkey(ses
->server
->secmech
.hmacmd5
, nt_hash
,
465 cifs_dbg(VFS
, "%s: Could not set NT Hash as a key\n", __func__
);
469 rc
= crypto_shash_init(&ses
->server
->secmech
.sdeschmacmd5
->shash
);
471 cifs_dbg(VFS
, "%s: could not init hmacmd5\n", __func__
);
475 /* convert ses->user_name to unicode */
476 len
= ses
->user_name
? strlen(ses
->user_name
) : 0;
477 user
= kmalloc(2 + (len
* 2), GFP_KERNEL
);
484 len
= cifs_strtoUTF16(user
, ses
->user_name
, len
, nls_cp
);
487 memset(user
, '\0', 2);
490 rc
= crypto_shash_update(&ses
->server
->secmech
.sdeschmacmd5
->shash
,
491 (char *)user
, 2 * len
);
494 cifs_dbg(VFS
, "%s: Could not update with user\n", __func__
);
498 /* convert ses->domainName to unicode and uppercase */
499 if (ses
->domainName
) {
500 len
= strlen(ses
->domainName
);
502 domain
= kmalloc(2 + (len
* 2), GFP_KERNEL
);
503 if (domain
== NULL
) {
507 len
= cifs_strtoUTF16((__le16
*)domain
, ses
->domainName
, len
,
510 crypto_shash_update(&ses
->server
->secmech
.sdeschmacmd5
->shash
,
511 (char *)domain
, 2 * len
);
514 cifs_dbg(VFS
, "%s: Could not update with domain\n",
518 } else if (ses
->serverName
) {
519 len
= strlen(ses
->serverName
);
521 server
= kmalloc(2 + (len
* 2), GFP_KERNEL
);
522 if (server
== NULL
) {
526 len
= cifs_strtoUTF16((__le16
*)server
, ses
->serverName
, len
,
529 crypto_shash_update(&ses
->server
->secmech
.sdeschmacmd5
->shash
,
530 (char *)server
, 2 * len
);
533 cifs_dbg(VFS
, "%s: Could not update with server\n",
539 rc
= crypto_shash_final(&ses
->server
->secmech
.sdeschmacmd5
->shash
,
542 cifs_dbg(VFS
, "%s: Could not generate md5 hash\n", __func__
);
548 CalcNTLMv2_response(const struct cifs_ses
*ses
, char *ntlmv2_hash
)
551 struct ntlmv2_resp
*ntlmv2
= (struct ntlmv2_resp
*)
552 (ses
->auth_key
.response
+ CIFS_SESS_KEY_SIZE
);
553 unsigned int hash_len
;
555 /* The MD5 hash starts at challenge_key.key */
556 hash_len
= ses
->auth_key
.len
- (CIFS_SESS_KEY_SIZE
+
557 offsetof(struct ntlmv2_resp
, challenge
.key
[0]));
559 if (!ses
->server
->secmech
.sdeschmacmd5
) {
560 cifs_dbg(VFS
, "%s: can't generate ntlmv2 hash\n", __func__
);
564 rc
= crypto_shash_setkey(ses
->server
->secmech
.hmacmd5
,
565 ntlmv2_hash
, CIFS_HMAC_MD5_HASH_SIZE
);
567 cifs_dbg(VFS
, "%s: Could not set NTLMV2 Hash as a key\n",
572 rc
= crypto_shash_init(&ses
->server
->secmech
.sdeschmacmd5
->shash
);
574 cifs_dbg(VFS
, "%s: could not init hmacmd5\n", __func__
);
578 if (ses
->server
->negflavor
== CIFS_NEGFLAVOR_EXTENDED
)
579 memcpy(ntlmv2
->challenge
.key
,
580 ses
->ntlmssp
->cryptkey
, CIFS_SERVER_CHALLENGE_SIZE
);
582 memcpy(ntlmv2
->challenge
.key
,
583 ses
->server
->cryptkey
, CIFS_SERVER_CHALLENGE_SIZE
);
584 rc
= crypto_shash_update(&ses
->server
->secmech
.sdeschmacmd5
->shash
,
585 ntlmv2
->challenge
.key
, hash_len
);
587 cifs_dbg(VFS
, "%s: Could not update with response\n", __func__
);
591 /* Note that the MD5 digest over writes anon.challenge_key.key */
592 rc
= crypto_shash_final(&ses
->server
->secmech
.sdeschmacmd5
->shash
,
593 ntlmv2
->ntlmv2_hash
);
595 cifs_dbg(VFS
, "%s: Could not generate md5 hash\n", __func__
);
600 static int crypto_hmacmd5_alloc(struct TCP_Server_Info
*server
)
605 /* check if already allocated */
606 if (server
->secmech
.sdeschmacmd5
)
609 server
->secmech
.hmacmd5
= crypto_alloc_shash("hmac(md5)", 0, 0);
610 if (IS_ERR(server
->secmech
.hmacmd5
)) {
611 cifs_dbg(VFS
, "could not allocate crypto hmacmd5\n");
612 rc
= PTR_ERR(server
->secmech
.hmacmd5
);
613 server
->secmech
.hmacmd5
= NULL
;
617 size
= sizeof(struct shash_desc
) +
618 crypto_shash_descsize(server
->secmech
.hmacmd5
);
619 server
->secmech
.sdeschmacmd5
= kmalloc(size
, GFP_KERNEL
);
620 if (!server
->secmech
.sdeschmacmd5
) {
621 crypto_free_shash(server
->secmech
.hmacmd5
);
622 server
->secmech
.hmacmd5
= NULL
;
625 server
->secmech
.sdeschmacmd5
->shash
.tfm
= server
->secmech
.hmacmd5
;
626 server
->secmech
.sdeschmacmd5
->shash
.flags
= 0x0;
632 setup_ntlmv2_rsp(struct cifs_ses
*ses
, const struct nls_table
*nls_cp
)
637 struct ntlmv2_resp
*ntlmv2
;
638 char ntlmv2_hash
[16];
639 unsigned char *tiblob
= NULL
; /* target info blob */
641 if (ses
->server
->negflavor
== CIFS_NEGFLAVOR_EXTENDED
) {
642 if (!ses
->domainName
) {
643 rc
= find_domain_name(ses
, nls_cp
);
645 cifs_dbg(VFS
, "error %d finding domain name\n",
647 goto setup_ntlmv2_rsp_ret
;
651 rc
= build_avpair_blob(ses
, nls_cp
);
653 cifs_dbg(VFS
, "error %d building av pair blob\n", rc
);
654 goto setup_ntlmv2_rsp_ret
;
658 baselen
= CIFS_SESS_KEY_SIZE
+ sizeof(struct ntlmv2_resp
);
659 tilen
= ses
->auth_key
.len
;
660 tiblob
= ses
->auth_key
.response
;
662 ses
->auth_key
.response
= kmalloc(baselen
+ tilen
, GFP_KERNEL
);
663 if (!ses
->auth_key
.response
) {
665 ses
->auth_key
.len
= 0;
666 goto setup_ntlmv2_rsp_ret
;
668 ses
->auth_key
.len
+= baselen
;
670 ntlmv2
= (struct ntlmv2_resp
*)
671 (ses
->auth_key
.response
+ CIFS_SESS_KEY_SIZE
);
672 ntlmv2
->blob_signature
= cpu_to_le32(0x00000101);
673 ntlmv2
->reserved
= 0;
674 /* Must be within 5 minutes of the server */
675 ntlmv2
->time
= cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME
));
676 get_random_bytes(&ntlmv2
->client_chal
, sizeof(ntlmv2
->client_chal
));
677 ntlmv2
->reserved2
= 0;
679 memcpy(ses
->auth_key
.response
+ baselen
, tiblob
, tilen
);
681 rc
= crypto_hmacmd5_alloc(ses
->server
);
683 cifs_dbg(VFS
, "could not crypto alloc hmacmd5 rc %d\n", rc
);
684 goto setup_ntlmv2_rsp_ret
;
687 /* calculate ntlmv2_hash */
688 rc
= calc_ntlmv2_hash(ses
, ntlmv2_hash
, nls_cp
);
690 cifs_dbg(VFS
, "could not get v2 hash rc %d\n", rc
);
691 goto setup_ntlmv2_rsp_ret
;
694 /* calculate first part of the client response (CR1) */
695 rc
= CalcNTLMv2_response(ses
, ntlmv2_hash
);
697 cifs_dbg(VFS
, "Could not calculate CR1 rc: %d\n", rc
);
698 goto setup_ntlmv2_rsp_ret
;
701 /* now calculate the session key for NTLMv2 */
702 rc
= crypto_shash_setkey(ses
->server
->secmech
.hmacmd5
,
703 ntlmv2_hash
, CIFS_HMAC_MD5_HASH_SIZE
);
705 cifs_dbg(VFS
, "%s: Could not set NTLMV2 Hash as a key\n",
707 goto setup_ntlmv2_rsp_ret
;
710 rc
= crypto_shash_init(&ses
->server
->secmech
.sdeschmacmd5
->shash
);
712 cifs_dbg(VFS
, "%s: Could not init hmacmd5\n", __func__
);
713 goto setup_ntlmv2_rsp_ret
;
716 rc
= crypto_shash_update(&ses
->server
->secmech
.sdeschmacmd5
->shash
,
718 CIFS_HMAC_MD5_HASH_SIZE
);
720 cifs_dbg(VFS
, "%s: Could not update with response\n", __func__
);
721 goto setup_ntlmv2_rsp_ret
;
724 rc
= crypto_shash_final(&ses
->server
->secmech
.sdeschmacmd5
->shash
,
725 ses
->auth_key
.response
);
727 cifs_dbg(VFS
, "%s: Could not generate md5 hash\n", __func__
);
729 setup_ntlmv2_rsp_ret
:
736 calc_seckey(struct cifs_ses
*ses
)
739 struct crypto_blkcipher
*tfm_arc4
;
740 struct scatterlist sgin
, sgout
;
741 struct blkcipher_desc desc
;
742 unsigned char sec_key
[CIFS_SESS_KEY_SIZE
]; /* a nonce */
744 get_random_bytes(sec_key
, CIFS_SESS_KEY_SIZE
);
746 tfm_arc4
= crypto_alloc_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC
);
747 if (IS_ERR(tfm_arc4
)) {
748 rc
= PTR_ERR(tfm_arc4
);
749 cifs_dbg(VFS
, "could not allocate crypto API arc4\n");
755 rc
= crypto_blkcipher_setkey(tfm_arc4
, ses
->auth_key
.response
,
758 cifs_dbg(VFS
, "%s: Could not set response as a key\n",
763 sg_init_one(&sgin
, sec_key
, CIFS_SESS_KEY_SIZE
);
764 sg_init_one(&sgout
, ses
->ntlmssp
->ciphertext
, CIFS_CPHTXT_SIZE
);
766 rc
= crypto_blkcipher_encrypt(&desc
, &sgout
, &sgin
, CIFS_CPHTXT_SIZE
);
768 cifs_dbg(VFS
, "could not encrypt session key rc: %d\n", rc
);
769 crypto_free_blkcipher(tfm_arc4
);
773 /* make secondary_key/nonce as session key */
774 memcpy(ses
->auth_key
.response
, sec_key
, CIFS_SESS_KEY_SIZE
);
775 /* and make len as that of session key only */
776 ses
->auth_key
.len
= CIFS_SESS_KEY_SIZE
;
778 crypto_free_blkcipher(tfm_arc4
);
784 cifs_crypto_shash_release(struct TCP_Server_Info
*server
)
786 if (server
->secmech
.cmacaes
) {
787 crypto_free_shash(server
->secmech
.cmacaes
);
788 server
->secmech
.cmacaes
= NULL
;
791 if (server
->secmech
.hmacsha256
) {
792 crypto_free_shash(server
->secmech
.hmacsha256
);
793 server
->secmech
.hmacsha256
= NULL
;
796 if (server
->secmech
.md5
) {
797 crypto_free_shash(server
->secmech
.md5
);
798 server
->secmech
.md5
= NULL
;
801 if (server
->secmech
.hmacmd5
) {
802 crypto_free_shash(server
->secmech
.hmacmd5
);
803 server
->secmech
.hmacmd5
= NULL
;
806 kfree(server
->secmech
.sdesccmacaes
);
807 server
->secmech
.sdesccmacaes
= NULL
;
808 kfree(server
->secmech
.sdeschmacsha256
);
809 server
->secmech
.sdeschmacsha256
= NULL
;
810 kfree(server
->secmech
.sdeschmacmd5
);
811 server
->secmech
.sdeschmacmd5
= NULL
;
812 kfree(server
->secmech
.sdescmd5
);
813 server
->secmech
.sdescmd5
= NULL
;