linux/fs/cifs/cifsencrypt.c
<<
>>
Prefs
   1/*
   2 *   fs/cifs/cifsencrypt.c
   3 *
   4 *   Copyright (C) International Business Machines  Corp., 2005,2006
   5 *   Author(s): Steve French (sfrench@us.ibm.com)
   6 *
   7 *   This library is free software; you can redistribute it and/or modify
   8 *   it under the terms of the GNU Lesser General Public License as published
   9 *   by the Free Software Foundation; either version 2.1 of the License, or
  10 *   (at your option) any later version.
  11 *
  12 *   This library is distributed in the hope that it will be useful,
  13 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  14 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
  15 *   the GNU Lesser General Public License for more details.
  16 *
  17 *   You should have received a copy of the GNU Lesser General Public License
  18 *   along with this library; if not, write to the Free Software
  19 *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  20 */
  21
  22#include <linux/fs.h>
  23#include <linux/slab.h>
  24#include "cifspdu.h"
  25#include "cifsglob.h"
  26#include "cifs_debug.h"
  27#include "cifs_unicode.h"
  28#include "cifsproto.h"
  29#include "ntlmssp.h"
  30#include <linux/ctype.h>
  31#include <linux/random.h>
  32
  33/*
  34 * Calculate and return the CIFS signature based on the mac key and SMB PDU.
  35 * The 16 byte signature must be allocated by the caller. Note we only use the
  36 * 1st eight bytes and that the smb header signature field on input contains
  37 * the sequence number before this function is called. Also, this function
  38 * should be called with the server->srv_mutex held.
  39 */
  40static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu,
  41                                struct TCP_Server_Info *server, char *signature)
  42{
  43        int rc;
  44
  45        if (cifs_pdu == NULL || signature == NULL || server == NULL)
  46                return -EINVAL;
  47
  48        if (!server->secmech.sdescmd5) {
  49                cERROR(1, "%s: Can't generate signature\n", __func__);
  50                return -1;
  51        }
  52
  53        rc = crypto_shash_init(&server->secmech.sdescmd5->shash);
  54        if (rc) {
  55                cERROR(1, "%s: Oould not init md5\n", __func__);
  56                return rc;
  57        }
  58
  59        crypto_shash_update(&server->secmech.sdescmd5->shash,
  60                server->session_key.response, server->session_key.len);
  61
  62        crypto_shash_update(&server->secmech.sdescmd5->shash,
  63                cifs_pdu->Protocol, cifs_pdu->smb_buf_length);
  64
  65        rc = crypto_shash_final(&server->secmech.sdescmd5->shash, signature);
  66
  67        return 0;
  68}
  69
  70/* must be called with server->srv_mutex held */
  71int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server,
  72                  __u32 *pexpected_response_sequence_number)
  73{
  74        int rc = 0;
  75        char smb_signature[20];
  76
  77        if ((cifs_pdu == NULL) || (server == NULL))
  78                return -EINVAL;
  79
  80        if ((cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) == 0)
  81                return rc;
  82
  83        cifs_pdu->Signature.Sequence.SequenceNumber =
  84                        cpu_to_le32(server->sequence_number);
  85        cifs_pdu->Signature.Sequence.Reserved = 0;
  86
  87        *pexpected_response_sequence_number = server->sequence_number++;
  88        server->sequence_number++;
  89
  90        rc = cifs_calculate_signature(cifs_pdu, server, smb_signature);
  91        if (rc)
  92                memset(cifs_pdu->Signature.SecuritySignature, 0, 8);
  93        else
  94                memcpy(cifs_pdu->Signature.SecuritySignature, smb_signature, 8);
  95
  96        return rc;
  97}
  98
  99static int cifs_calc_signature2(const struct kvec *iov, int n_vec,
 100                                struct TCP_Server_Info *server, char *signature)
 101{
 102        int i;
 103        int rc;
 104
 105        if (iov == NULL || signature == NULL || server == NULL)
 106                return -EINVAL;
 107
 108        if (!server->secmech.sdescmd5) {
 109                cERROR(1, "%s: Can't generate signature\n", __func__);
 110                return -1;
 111        }
 112
 113        rc = crypto_shash_init(&server->secmech.sdescmd5->shash);
 114        if (rc) {
 115                cERROR(1, "%s: Oould not init md5\n", __func__);
 116                return rc;
 117        }
 118
 119        crypto_shash_update(&server->secmech.sdescmd5->shash,
 120                server->session_key.response, server->session_key.len);
 121
 122        for (i = 0; i < n_vec; i++) {
 123                if (iov[i].iov_len == 0)
 124                        continue;
 125                if (iov[i].iov_base == NULL) {
 126                        cERROR(1, "null iovec entry");
 127                        return -EIO;
 128                }
 129                /* The first entry includes a length field (which does not get
 130                   signed that occupies the first 4 bytes before the header */
 131                if (i == 0) {
 132                        if (iov[0].iov_len <= 8) /* cmd field at offset 9 */
 133                                break; /* nothing to sign or corrupt header */
 134                        crypto_shash_update(&server->secmech.sdescmd5->shash,
 135                                iov[i].iov_base + 4, iov[i].iov_len - 4);
 136                } else
 137                        crypto_shash_update(&server->secmech.sdescmd5->shash,
 138                                iov[i].iov_base, iov[i].iov_len);
 139        }
 140
 141        rc = crypto_shash_final(&server->secmech.sdescmd5->shash, signature);
 142
 143        return rc;
 144}
 145
 146/* must be called with server->srv_mutex held */
 147int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server,
 148                   __u32 *pexpected_response_sequence_number)
 149{
 150        int rc = 0;
 151        char smb_signature[20];
 152        struct smb_hdr *cifs_pdu = iov[0].iov_base;
 153
 154        if ((cifs_pdu == NULL) || (server == NULL))
 155                return -EINVAL;
 156
 157        if ((cifs_pdu->Flags2 & SMBFLG2_SECURITY_SIGNATURE) == 0)
 158                return rc;
 159
 160        cifs_pdu->Signature.Sequence.SequenceNumber =
 161                                cpu_to_le32(server->sequence_number);
 162        cifs_pdu->Signature.Sequence.Reserved = 0;
 163
 164        *pexpected_response_sequence_number = server->sequence_number++;
 165        server->sequence_number++;
 166
 167        rc = cifs_calc_signature2(iov, n_vec, server, smb_signature);
 168        if (rc)
 169                memset(cifs_pdu->Signature.SecuritySignature, 0, 8);
 170        else
 171                memcpy(cifs_pdu->Signature.SecuritySignature, smb_signature, 8);
 172
 173        return rc;
 174}
 175
 176int cifs_verify_signature(struct smb_hdr *cifs_pdu,
 177                          struct TCP_Server_Info *server,
 178                          __u32 expected_sequence_number)
 179{
 180        unsigned int rc;
 181        char server_response_sig[8];
 182        char what_we_think_sig_should_be[20];
 183
 184        if (cifs_pdu == NULL || server == NULL)
 185                return -EINVAL;
 186
 187        if (cifs_pdu->Command == SMB_COM_NEGOTIATE)
 188                return 0;
 189
 190        if (cifs_pdu->Command == SMB_COM_LOCKING_ANDX) {
 191                struct smb_com_lock_req *pSMB =
 192                        (struct smb_com_lock_req *)cifs_pdu;
 193            if (pSMB->LockType & LOCKING_ANDX_OPLOCK_RELEASE)
 194                        return 0;
 195        }
 196
 197        /* BB what if signatures are supposed to be on for session but
 198           server does not send one? BB */
 199
 200        /* Do not need to verify session setups with signature "BSRSPYL "  */
 201        if (memcmp(cifs_pdu->Signature.SecuritySignature, "BSRSPYL ", 8) == 0)
 202                cFYI(1, "dummy signature received for smb command 0x%x",
 203                        cifs_pdu->Command);
 204
 205        /* save off the origiginal signature so we can modify the smb and check
 206                its signature against what the server sent */
 207        memcpy(server_response_sig, cifs_pdu->Signature.SecuritySignature, 8);
 208
 209        cifs_pdu->Signature.Sequence.SequenceNumber =
 210                                        cpu_to_le32(expected_sequence_number);
 211        cifs_pdu->Signature.Sequence.Reserved = 0;
 212
 213        mutex_lock(&server->srv_mutex);
 214        rc = cifs_calculate_signature(cifs_pdu, server,
 215                what_we_think_sig_should_be);
 216        mutex_unlock(&server->srv_mutex);
 217
 218        if (rc)
 219                return rc;
 220
 221/*      cifs_dump_mem("what we think it should be: ",
 222                      what_we_think_sig_should_be, 16); */
 223
 224        if (memcmp(server_response_sig, what_we_think_sig_should_be, 8))
 225                return -EACCES;
 226        else
 227                return 0;
 228
 229}
 230
 231/* first calculate 24 bytes ntlm response and then 16 byte session key */
 232int setup_ntlm_response(struct cifsSesInfo *ses)
 233{
 234        int rc = 0;
 235        unsigned int temp_len = CIFS_SESS_KEY_SIZE + CIFS_AUTH_RESP_SIZE;
 236        char temp_key[CIFS_SESS_KEY_SIZE];
 237
 238        if (!ses)
 239                return -EINVAL;
 240
 241        ses->auth_key.response = kmalloc(temp_len, GFP_KERNEL);
 242        if (!ses->auth_key.response) {
 243                cERROR(1, "NTLM can't allocate (%u bytes) memory", temp_len);
 244                return -ENOMEM;
 245        }
 246        ses->auth_key.len = temp_len;
 247
 248        rc = SMBNTencrypt(ses->password, ses->server->cryptkey,
 249                        ses->auth_key.response + CIFS_SESS_KEY_SIZE);
 250        if (rc) {
 251                cFYI(1, "%s Can't generate NTLM response, error: %d",
 252                        __func__, rc);
 253                return rc;
 254        }
 255
 256        rc = E_md4hash(ses->password, temp_key);
 257        if (rc) {
 258                cFYI(1, "%s Can't generate NT hash, error: %d", __func__, rc);
 259                return rc;
 260        }
 261
 262        rc = mdfour(ses->auth_key.response, temp_key, CIFS_SESS_KEY_SIZE);
 263        if (rc)
 264                cFYI(1, "%s Can't generate NTLM session key, error: %d",
 265                        __func__, rc);
 266
 267        return rc;
 268}
 269
 270#ifdef CONFIG_CIFS_WEAK_PW_HASH
 271void calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,
 272                        char *lnm_session_key)
 273{
 274        int i;
 275        char password_with_pad[CIFS_ENCPWD_SIZE];
 276
 277        memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
 278        if (password)
 279                strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
 280
 281        if (!encrypt && global_secflags & CIFSSEC_MAY_PLNTXT) {
 282                memset(lnm_session_key, 0, CIFS_SESS_KEY_SIZE);
 283                memcpy(lnm_session_key, password_with_pad,
 284                        CIFS_ENCPWD_SIZE);
 285                return;
 286        }
 287
 288        /* calculate old style session key */
 289        /* calling toupper is less broken than repeatedly
 290        calling nls_toupper would be since that will never
 291        work for UTF8, but neither handles multibyte code pages
 292        but the only alternative would be converting to UCS-16 (Unicode)
 293        (using a routine something like UniStrupr) then
 294        uppercasing and then converting back from Unicode - which
 295        would only worth doing it if we knew it were utf8. Basically
 296        utf8 and other multibyte codepages each need their own strupper
 297        function since a byte at a time will ont work. */
 298
 299        for (i = 0; i < CIFS_ENCPWD_SIZE; i++)
 300                password_with_pad[i] = toupper(password_with_pad[i]);
 301
 302        SMBencrypt(password_with_pad, cryptkey, lnm_session_key);
 303
 304        /* clear password before we return/free memory */
 305        memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
 306}
 307#endif /* CIFS_WEAK_PW_HASH */
 308
 309/* Build a proper attribute value/target info pairs blob.
 310 * Fill in netbios and dns domain name and workstation name
 311 * and client time (total five av pairs and + one end of fields indicator.
 312 * Allocate domain name which gets freed when session struct is deallocated.
 313 */
 314static int
 315build_avpair_blob(struct cifsSesInfo *ses, const struct nls_table *nls_cp)
 316{
 317        unsigned int dlen;
 318        unsigned int wlen;
 319        unsigned int size = 6 * sizeof(struct ntlmssp2_name);
 320        __le64  curtime;
 321        char *defdmname = "WORKGROUP";
 322        unsigned char *blobptr;
 323        struct ntlmssp2_name *attrptr;
 324
 325        if (!ses->domainName) {
 326                ses->domainName = kstrdup(defdmname, GFP_KERNEL);
 327                if (!ses->domainName)
 328                        return -ENOMEM;
 329        }
 330
 331        dlen = strlen(ses->domainName);
 332        wlen = strlen(ses->server->hostname);
 333
 334        /* The length of this blob is a size which is
 335         * six times the size of a structure which holds name/size +
 336         * two times the unicode length of a domain name +
 337         * two times the unicode length of a server name +
 338         * size of a timestamp (which is 8 bytes).
 339         */
 340        ses->auth_key.len = size + 2 * (2 * dlen) + 2 * (2 * wlen) + 8;
 341        ses->auth_key.response = kzalloc(ses->auth_key.len, GFP_KERNEL);
 342        if (!ses->auth_key.response) {
 343                ses->auth_key.len = 0;
 344                cERROR(1, "Challenge target info allocation failure");
 345                return -ENOMEM;
 346        }
 347
 348        blobptr = ses->auth_key.response;
 349        attrptr = (struct ntlmssp2_name *) blobptr;
 350
 351        attrptr->type = cpu_to_le16(NTLMSSP_AV_NB_DOMAIN_NAME);
 352        attrptr->length = cpu_to_le16(2 * dlen);
 353        blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
 354        cifs_strtoUCS((__le16 *)blobptr, ses->domainName, dlen, nls_cp);
 355
 356        blobptr += 2 * dlen;
 357        attrptr = (struct ntlmssp2_name *) blobptr;
 358
 359        attrptr->type = cpu_to_le16(NTLMSSP_AV_NB_COMPUTER_NAME);
 360        attrptr->length = cpu_to_le16(2 * wlen);
 361        blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
 362        cifs_strtoUCS((__le16 *)blobptr, ses->server->hostname, wlen, nls_cp);
 363
 364        blobptr += 2 * wlen;
 365        attrptr = (struct ntlmssp2_name *) blobptr;
 366
 367        attrptr->type = cpu_to_le16(NTLMSSP_AV_DNS_DOMAIN_NAME);
 368        attrptr->length = cpu_to_le16(2 * dlen);
 369        blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
 370        cifs_strtoUCS((__le16 *)blobptr, ses->domainName, dlen, nls_cp);
 371
 372        blobptr += 2 * dlen;
 373        attrptr = (struct ntlmssp2_name *) blobptr;
 374
 375        attrptr->type = cpu_to_le16(NTLMSSP_AV_DNS_COMPUTER_NAME);
 376        attrptr->length = cpu_to_le16(2 * wlen);
 377        blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
 378        cifs_strtoUCS((__le16 *)blobptr, ses->server->hostname, wlen, nls_cp);
 379
 380        blobptr += 2 * wlen;
 381        attrptr = (struct ntlmssp2_name *) blobptr;
 382
 383        attrptr->type = cpu_to_le16(NTLMSSP_AV_TIMESTAMP);
 384        attrptr->length = cpu_to_le16(sizeof(__le64));
 385        blobptr = (unsigned char *)attrptr + sizeof(struct ntlmssp2_name);
 386        curtime = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME));
 387        memcpy(blobptr, &curtime, sizeof(__le64));
 388
 389        return 0;
 390}
 391
 392/* Server has provided av pairs/target info in the type 2 challenge
 393 * packet and we have plucked it and stored within smb session.
 394 * We parse that blob here to find netbios domain name to be used
 395 * as part of ntlmv2 authentication (in Target String), if not already
 396 * specified on the command line.
 397 * If this function returns without any error but without fetching
 398 * domain name, authentication may fail against some server but
 399 * may not fail against other (those who are not very particular
 400 * about target string i.e. for some, just user name might suffice.
 401 */
 402static int
 403find_domain_name(struct cifsSesInfo *ses, const struct nls_table *nls_cp)
 404{
 405        unsigned int attrsize;
 406        unsigned int type;
 407        unsigned int onesize = sizeof(struct ntlmssp2_name);
 408        unsigned char *blobptr;
 409        unsigned char *blobend;
 410        struct ntlmssp2_name *attrptr;
 411
 412        if (!ses->auth_key.len || !ses->auth_key.response)
 413                return 0;
 414
 415        blobptr = ses->auth_key.response;
 416        blobend = blobptr + ses->auth_key.len;
 417
 418        while (blobptr + onesize < blobend) {
 419                attrptr = (struct ntlmssp2_name *) blobptr;
 420                type = le16_to_cpu(attrptr->type);
 421                if (type == NTLMSSP_AV_EOL)
 422                        break;
 423                blobptr += 2; /* advance attr type */
 424                attrsize = le16_to_cpu(attrptr->length);
 425                blobptr += 2; /* advance attr size */
 426                if (blobptr + attrsize > blobend)
 427                        break;
 428                if (type == NTLMSSP_AV_NB_DOMAIN_NAME) {
 429                        if (!attrsize)
 430                                break;
 431                        if (!ses->domainName) {
 432                                ses->domainName =
 433                                        kmalloc(attrsize + 1, GFP_KERNEL);
 434                                if (!ses->domainName)
 435                                                return -ENOMEM;
 436                                cifs_from_ucs2(ses->domainName,
 437                                        (__le16 *)blobptr, attrsize, attrsize,
 438                                        nls_cp, false);
 439                                break;
 440                        }
 441                }
 442                blobptr += attrsize; /* advance attr  value */
 443        }
 444
 445        return 0;
 446}
 447
 448static int calc_ntlmv2_hash(struct cifsSesInfo *ses, char *ntlmv2_hash,
 449                            const struct nls_table *nls_cp)
 450{
 451        int rc = 0;
 452        int len;
 453        char nt_hash[CIFS_NTHASH_SIZE];
 454        wchar_t *user;
 455        wchar_t *domain;
 456        wchar_t *server;
 457
 458        if (!ses->server->secmech.sdeschmacmd5) {
 459                cERROR(1, "calc_ntlmv2_hash: can't generate ntlmv2 hash\n");
 460                return -1;
 461        }
 462
 463        /* calculate md4 hash of password */
 464        E_md4hash(ses->password, nt_hash);
 465
 466        crypto_shash_setkey(ses->server->secmech.hmacmd5, nt_hash,
 467                                CIFS_NTHASH_SIZE);
 468
 469        rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
 470        if (rc) {
 471                cERROR(1, "calc_ntlmv2_hash: could not init hmacmd5\n");
 472                return rc;
 473        }
 474
 475        /* convert ses->user_name to unicode and uppercase */
 476        len = strlen(ses->user_name);
 477        user = kmalloc(2 + (len * 2), GFP_KERNEL);
 478        if (user == NULL) {
 479                cERROR(1, "calc_ntlmv2_hash: user mem alloc failure\n");
 480                rc = -ENOMEM;
 481                goto calc_exit_2;
 482        }
 483        len = cifs_strtoUCS((__le16 *)user, ses->user_name, len, nls_cp);
 484        UniStrupr(user);
 485
 486        crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
 487                                (char *)user, 2 * len);
 488
 489        /* convert ses->domainName to unicode and uppercase */
 490        if (ses->domainName) {
 491                len = strlen(ses->domainName);
 492
 493                domain = kmalloc(2 + (len * 2), GFP_KERNEL);
 494                if (domain == NULL) {
 495                        cERROR(1, "calc_ntlmv2_hash: domain mem alloc failure");
 496                        rc = -ENOMEM;
 497                        goto calc_exit_1;
 498                }
 499                len = cifs_strtoUCS((__le16 *)domain, ses->domainName, len,
 500                                        nls_cp);
 501                crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
 502                                        (char *)domain, 2 * len);
 503                kfree(domain);
 504        } else if (ses->serverName) {
 505                len = strlen(ses->serverName);
 506
 507                server = kmalloc(2 + (len * 2), GFP_KERNEL);
 508                if (server == NULL) {
 509                        cERROR(1, "calc_ntlmv2_hash: server mem alloc failure");
 510                        rc = -ENOMEM;
 511                        goto calc_exit_1;
 512                }
 513                len = cifs_strtoUCS((__le16 *)server, ses->serverName, len,
 514                                        nls_cp);
 515                crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
 516                                        (char *)server, 2 * len);
 517                kfree(server);
 518        }
 519
 520        rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
 521                                        ntlmv2_hash);
 522
 523calc_exit_1:
 524        kfree(user);
 525calc_exit_2:
 526        return rc;
 527}
 528
 529static int
 530CalcNTLMv2_response(const struct cifsSesInfo *ses, char *ntlmv2_hash)
 531{
 532        int rc;
 533        unsigned int offset = CIFS_SESS_KEY_SIZE + 8;
 534
 535        if (!ses->server->secmech.sdeschmacmd5) {
 536                cERROR(1, "calc_ntlmv2_hash: can't generate ntlmv2 hash\n");
 537                return -1;
 538        }
 539
 540        crypto_shash_setkey(ses->server->secmech.hmacmd5,
 541                                ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE);
 542
 543        rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
 544        if (rc) {
 545                cERROR(1, "CalcNTLMv2_response: could not init hmacmd5");
 546                return rc;
 547        }
 548
 549        if (ses->server->secType == RawNTLMSSP)
 550                memcpy(ses->auth_key.response + offset,
 551                        ses->ntlmssp->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);
 552        else
 553                memcpy(ses->auth_key.response + offset,
 554                        ses->server->cryptkey, CIFS_SERVER_CHALLENGE_SIZE);
 555        crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
 556                ses->auth_key.response + offset, ses->auth_key.len - offset);
 557
 558        rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
 559                ses->auth_key.response + CIFS_SESS_KEY_SIZE);
 560
 561        return rc;
 562}
 563
 564
 565int
 566setup_ntlmv2_rsp(struct cifsSesInfo *ses, const struct nls_table *nls_cp)
 567{
 568        int rc;
 569        int baselen;
 570        unsigned int tilen;
 571        struct ntlmv2_resp *buf;
 572        char ntlmv2_hash[16];
 573        unsigned char *tiblob = NULL; /* target info blob */
 574
 575        if (ses->server->secType == RawNTLMSSP) {
 576                if (!ses->domainName) {
 577                        rc = find_domain_name(ses, nls_cp);
 578                        if (rc) {
 579                                cERROR(1, "error %d finding domain name", rc);
 580                                goto setup_ntlmv2_rsp_ret;
 581                        }
 582                }
 583        } else {
 584                rc = build_avpair_blob(ses, nls_cp);
 585                if (rc) {
 586                        cERROR(1, "error %d building av pair blob", rc);
 587                        goto setup_ntlmv2_rsp_ret;
 588                }
 589        }
 590
 591        baselen = CIFS_SESS_KEY_SIZE + sizeof(struct ntlmv2_resp);
 592        tilen = ses->auth_key.len;
 593        tiblob = ses->auth_key.response;
 594
 595        ses->auth_key.response = kmalloc(baselen + tilen, GFP_KERNEL);
 596        if (!ses->auth_key.response) {
 597                rc = ENOMEM;
 598                ses->auth_key.len = 0;
 599                cERROR(1, "%s: Can't allocate auth blob", __func__);
 600                goto setup_ntlmv2_rsp_ret;
 601        }
 602        ses->auth_key.len += baselen;
 603
 604        buf = (struct ntlmv2_resp *)
 605                        (ses->auth_key.response + CIFS_SESS_KEY_SIZE);
 606        buf->blob_signature = cpu_to_le32(0x00000101);
 607        buf->reserved = 0;
 608        buf->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME));
 609        get_random_bytes(&buf->client_chal, sizeof(buf->client_chal));
 610        buf->reserved2 = 0;
 611
 612        memcpy(ses->auth_key.response + baselen, tiblob, tilen);
 613
 614        /* calculate ntlmv2_hash */
 615        rc = calc_ntlmv2_hash(ses, ntlmv2_hash, nls_cp);
 616        if (rc) {
 617                cERROR(1, "could not get v2 hash rc %d", rc);
 618                goto setup_ntlmv2_rsp_ret;
 619        }
 620
 621        /* calculate first part of the client response (CR1) */
 622        rc = CalcNTLMv2_response(ses, ntlmv2_hash);
 623        if (rc) {
 624                cERROR(1, "Could not calculate CR1  rc: %d", rc);
 625                goto setup_ntlmv2_rsp_ret;
 626        }
 627
 628        /* now calculate the session key for NTLMv2 */
 629        crypto_shash_setkey(ses->server->secmech.hmacmd5,
 630                ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE);
 631
 632        rc = crypto_shash_init(&ses->server->secmech.sdeschmacmd5->shash);
 633        if (rc) {
 634                cERROR(1, "%s: Could not init hmacmd5\n", __func__);
 635                goto setup_ntlmv2_rsp_ret;
 636        }
 637
 638        crypto_shash_update(&ses->server->secmech.sdeschmacmd5->shash,
 639                ses->auth_key.response + CIFS_SESS_KEY_SIZE,
 640                CIFS_HMAC_MD5_HASH_SIZE);
 641
 642        rc = crypto_shash_final(&ses->server->secmech.sdeschmacmd5->shash,
 643                ses->auth_key.response);
 644
 645setup_ntlmv2_rsp_ret:
 646        kfree(tiblob);
 647
 648        return rc;
 649}
 650
 651int
 652calc_seckey(struct cifsSesInfo *ses)
 653{
 654        int rc;
 655        struct crypto_blkcipher *tfm_arc4;
 656        struct scatterlist sgin, sgout;
 657        struct blkcipher_desc desc;
 658        unsigned char sec_key[CIFS_SESS_KEY_SIZE]; /* a nonce */
 659
 660        get_random_bytes(sec_key, CIFS_SESS_KEY_SIZE);
 661
 662        tfm_arc4 = crypto_alloc_blkcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC);
 663        if (IS_ERR(tfm_arc4)) {
 664                rc = PTR_ERR(tfm_arc4);
 665                cERROR(1, "could not allocate crypto API arc4\n");
 666                return rc;
 667        }
 668
 669        desc.tfm = tfm_arc4;
 670
 671        crypto_blkcipher_setkey(tfm_arc4, ses->auth_key.response,
 672                                        CIFS_SESS_KEY_SIZE);
 673
 674        sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE);
 675        sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE);
 676
 677        rc = crypto_blkcipher_encrypt(&desc, &sgout, &sgin, CIFS_CPHTXT_SIZE);
 678        if (rc) {
 679                cERROR(1, "could not encrypt session key rc: %d\n", rc);
 680                crypto_free_blkcipher(tfm_arc4);
 681                return rc;
 682        }
 683
 684        /* make secondary_key/nonce as session key */
 685        memcpy(ses->auth_key.response, sec_key, CIFS_SESS_KEY_SIZE);
 686        /* and make len as that of session key only */
 687        ses->auth_key.len = CIFS_SESS_KEY_SIZE;
 688
 689        crypto_free_blkcipher(tfm_arc4);
 690
 691        return 0;
 692}
 693
 694void
 695cifs_crypto_shash_release(struct TCP_Server_Info *server)
 696{
 697        if (server->secmech.md5)
 698                crypto_free_shash(server->secmech.md5);
 699
 700        if (server->secmech.hmacmd5)
 701                crypto_free_shash(server->secmech.hmacmd5);
 702
 703        kfree(server->secmech.sdeschmacmd5);
 704
 705        kfree(server->secmech.sdescmd5);
 706}
 707
 708int
 709cifs_crypto_shash_allocate(struct TCP_Server_Info *server)
 710{
 711        int rc;
 712        unsigned int size;
 713
 714        server->secmech.hmacmd5 = crypto_alloc_shash("hmac(md5)", 0, 0);
 715        if (IS_ERR(server->secmech.hmacmd5)) {
 716                cERROR(1, "could not allocate crypto hmacmd5\n");
 717                return PTR_ERR(server->secmech.hmacmd5);
 718        }
 719
 720        server->secmech.md5 = crypto_alloc_shash("md5", 0, 0);
 721        if (IS_ERR(server->secmech.md5)) {
 722                cERROR(1, "could not allocate crypto md5\n");
 723                rc = PTR_ERR(server->secmech.md5);
 724                goto crypto_allocate_md5_fail;
 725        }
 726
 727        size = sizeof(struct shash_desc) +
 728                        crypto_shash_descsize(server->secmech.hmacmd5);
 729        server->secmech.sdeschmacmd5 = kmalloc(size, GFP_KERNEL);
 730        if (!server->secmech.sdeschmacmd5) {
 731                cERROR(1, "cifs_crypto_shash_allocate: can't alloc hmacmd5\n");
 732                rc = -ENOMEM;
 733                goto crypto_allocate_hmacmd5_sdesc_fail;
 734        }
 735        server->secmech.sdeschmacmd5->shash.tfm = server->secmech.hmacmd5;
 736        server->secmech.sdeschmacmd5->shash.flags = 0x0;
 737
 738
 739        size = sizeof(struct shash_desc) +
 740                        crypto_shash_descsize(server->secmech.md5);
 741        server->secmech.sdescmd5 = kmalloc(size, GFP_KERNEL);
 742        if (!server->secmech.sdescmd5) {
 743                cERROR(1, "cifs_crypto_shash_allocate: can't alloc md5\n");
 744                rc = -ENOMEM;
 745                goto crypto_allocate_md5_sdesc_fail;
 746        }
 747        server->secmech.sdescmd5->shash.tfm = server->secmech.md5;
 748        server->secmech.sdescmd5->shash.flags = 0x0;
 749
 750        return 0;
 751
 752crypto_allocate_md5_sdesc_fail:
 753        kfree(server->secmech.sdeschmacmd5);
 754
 755crypto_allocate_hmacmd5_sdesc_fail:
 756        crypto_free_shash(server->secmech.md5);
 757
 758crypto_allocate_md5_fail:
 759        crypto_free_shash(server->secmech.hmacmd5);
 760
 761        return rc;
 762}
 763