// SPDX-License-Identifier: LGPL-2.1 /* * * Encryption and hashing operations relating to NTLM, NTLMv2. See MS-NLMP * for more detailed information * * Copyright (C) International Business Machines Corp., 2005,2013 * Author(s): Steve French ([email protected]) * */ #include <linux/fs.h> #include <linux/slab.h> #include "cifspdu.h" #include "cifsglob.h" #include "cifs_debug.h" #include "cifs_unicode.h" #include "cifsproto.h" #include "ntlmssp.h" #include <linux/ctype.h> #include <linux/random.h> #include <linux/highmem.h> #include <linux/fips.h> #include "../common/arc4.h" #include <crypto/aead.h> /* * Hash data from a BVEC-type iterator. */ static int cifs_shash_bvec(const struct iov_iter *iter, ssize_t maxsize, struct shash_desc *shash) { … } /* * Hash data from a KVEC-type iterator. */ static int cifs_shash_kvec(const struct iov_iter *iter, ssize_t maxsize, struct shash_desc *shash) { … } /* * Hash data from an XARRAY-type iterator. */ static ssize_t cifs_shash_xarray(const struct iov_iter *iter, ssize_t maxsize, struct shash_desc *shash) { … } /* * Pass the data from an iterator into a hash. */ static int cifs_shash_iter(const struct iov_iter *iter, size_t maxsize, struct shash_desc *shash) { … } int __cifs_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server, char *signature, struct shash_desc *shash) { … } /* * Calculate and return the CIFS signature based on the mac key and SMB PDU. * The 16 byte signature must be allocated by the caller. Note we only use the * 1st eight bytes and that the smb header signature field on input contains * the sequence number before this function is called. Also, this function * should be called with the server->srv_mutex held. */ static int cifs_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server, char *signature) { … } /* must be called with server->srv_mutex held */ int cifs_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server, __u32 *pexpected_response_sequence_number) { … } int cifs_sign_smbv(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, __u32 *pexpected_response_sequence) { … } /* must be called with server->srv_mutex held */ int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server, __u32 *pexpected_response_sequence_number) { … } int cifs_verify_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server, __u32 expected_sequence_number) { … } /* Build a proper attribute value/target info pairs blob. * Fill in netbios and dns domain name and workstation name * and client time (total five av pairs and + one end of fields indicator. * Allocate domain name which gets freed when session struct is deallocated. */ static int build_avpair_blob(struct cifs_ses *ses, const struct nls_table *nls_cp) { … } /* Server has provided av pairs/target info in the type 2 challenge * packet and we have plucked it and stored within smb session. * We parse that blob here to find netbios domain name to be used * as part of ntlmv2 authentication (in Target String), if not already * specified on the command line. * If this function returns without any error but without fetching * domain name, authentication may fail against some server but * may not fail against other (those who are not very particular * about target string i.e. for some, just user name might suffice. */ static int find_domain_name(struct cifs_ses *ses, const struct nls_table *nls_cp) { … } /* Server has provided av pairs/target info in the type 2 challenge * packet and we have plucked it and stored within smb session. * We parse that blob here to find the server given timestamp * as part of ntlmv2 authentication (or local current time as * default in case of failure) */ static __le64 find_timestamp(struct cifs_ses *ses) { … } static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash, const struct nls_table *nls_cp) { … } static int CalcNTLMv2_response(const struct cifs_ses *ses, char *ntlmv2_hash) { … } int setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp) { … } int calc_seckey(struct cifs_ses *ses) { … } void cifs_crypto_secmech_release(struct TCP_Server_Info *server) { … }
Codebase Browser
linux